go/ucan
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

delegation: WIP harmonisation of the constructors, issuer verification

Browse Source
This commit is contained in:
Michael Muré
2024-11-20 15:59:13 +01:00
parent 5f8536e480
commit d90715d1fe
2 changed files with 15 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
token/delegation/delegation.go
View File

@@ -14,8 +14,6 @@ import (
"fmt" "fmt"
"time" "time"
"github.com/libp2p/go-libp2p/core/crypto"
"github.com/ucan-wg/go-ucan/did" "github.com/ucan-wg/go-ucan/did"
"github.com/ucan-wg/go-ucan/pkg/command" "github.com/ucan-wg/go-ucan/pkg/command"
"github.com/ucan-wg/go-ucan/pkg/meta" "github.com/ucan-wg/go-ucan/pkg/meta"
@@ -51,12 +49,7 @@ type Token struct {
// When creating a delegated token, the Issuer's (iss) DID is assembled // When creating a delegated token, the Issuer's (iss) DID is assembled
// using the public key associated with the private key sent as the first // using the public key associated with the private key sent as the first
// parameter. // parameter.
func New(privKey crypto.PrivKey, aud did.DID, cmd command.Command, pol policy.Policy, opts ...Option) (*Token, error) { func New(iss, aud did.DID, cmd command.Command, pol policy.Policy, opts ...Option) (*Token, error) {
iss, err := did.FromPrivKey(privKey)
if err != nil {
return nil, err
}
tkn := &Token{ tkn := &Token{
issuer: iss, issuer: iss,
audience: aud, audience: aud,
@@ -73,6 +66,7 @@ func New(privKey crypto.PrivKey, aud did.DID, cmd command.Command, pol policy.Po
} }
} }
var err error
if len(tkn.nonce) == 0 { if len(tkn.nonce) == 0 {
tkn.nonce, err = nonce.Generate() tkn.nonce, err = nonce.Generate()
if err != nil { if err != nil {
@@ -93,15 +87,10 @@ func New(privKey crypto.PrivKey, aud did.DID, cmd command.Command, pol policy.Po
// When creating a root token, both the Issuer's (iss) and Subject's // When creating a root token, both the Issuer's (iss) and Subject's
// (sub) DIDs are assembled from the public key associated with the // (sub) DIDs are assembled from the public key associated with the
// private key passed as the first argument. // private key passed as the first argument.
func Root(privKey crypto.PrivKey, aud did.DID, cmd command.Command, pol policy.Policy, opts ...Option) (*Token, error) { func Root(iss, aud did.DID, cmd command.Command, pol policy.Policy, opts ...Option) (*Token, error) {
sub, err := did.FromPrivKey(privKey) opts = append(opts, WithSubject(iss))
if err != nil {
return nil, err
}
opts = append(opts, WithSubject(sub)) return New(iss, aud, cmd, pol, opts...)
return New(privKey, aud, cmd, pol, opts...)
} }
// Issuer returns the did.DID representing the Token's issuer. // Issuer returns the did.DID representing the Token's issuer.

11
token/delegation/ipld.go
View File

@@ -1,6 +1,7 @@
package delegation package delegation
import ( import (
"fmt"
"io" "io"
"github.com/ipfs/go-cid" "github.com/ipfs/go-cid"
@@ -193,8 +194,16 @@ func FromIPLD(node datamodel.Node) (*Token, error) {
} }
func (t *Token) toIPLD(privKey crypto.PrivKey) (datamodel.Node, error) { func (t *Token) toIPLD(privKey crypto.PrivKey) (datamodel.Node, error) {
var sub *string // sanity check that privKey and issuer are matching
issPub, err := t.issuer.PubKey()
if err != nil {
return nil, err
}
if !issPub.Equals(privKey.GetPublic()) {
return nil, fmt.Errorf("private key doesn't match the issuer")
}
var sub *string
if t.subject != did.Undef { if t.subject != did.Undef {
s := t.subject.String() s := t.subject.String()
sub = &s sub = &s