various sanding everywhere towards building the tookit
This commit is contained in:
Michael Muré
@@ -102,34 +102,38 @@ func New(iss, sub did.DID, cmd command.Command, prf []cid.Cid, opts ...Option) (
|
||||
return &tkn, nil
|
||||
}
|
||||
|
||||
func (t *Token) ExecutionAllowed(loader DelegationLoader) (bool, error) {
|
||||
func (t *Token) ExecutionAllowed(loader delegation.Loader) error {
|
||||
return t.executionAllowed(loader, t.arguments)
|
||||
}
|
||||
|
||||
func (t *Token) ExecutionAllowedWithArgsHook(loader DelegationLoader, hook func(*args.Args) *args.Args) (bool, error) {
|
||||
return t.executionAllowed(loader, hook(t.arguments))
|
||||
func (t *Token) ExecutionAllowedWithArgsHook(loader delegation.Loader, hook func(args args.ReadOnly) (*args.Args, error)) error {
|
||||
newArgs, err := hook(t.arguments.ReadOnly())
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return t.executionAllowed(loader, newArgs)
|
||||
}
|
||||
|
||||
func (t *Token) executionAllowed(loader DelegationLoader, arguments *args.Args) (bool, error) {
|
||||
func (t *Token) executionAllowed(loader delegation.Loader, arguments *args.Args) error {
|
||||
delegations, err := t.loadProofs(loader)
|
||||
if err != nil {
|
||||
// All referenced delegations must be available - 4b
|
||||
return false, err
|
||||
return err
|
||||
}
|
||||
|
||||
if err := t.verifyProofs(delegations); err != nil {
|
||||
return false, err
|
||||
return err
|
||||
}
|
||||
|
||||
if err := t.verifyTimeBound(delegations); err != nil {
|
||||
return false, err
|
||||
return err
|
||||
}
|
||||
|
||||
if err := t.verifyArgs(delegations, arguments); err != nil {
|
||||
return false, err
|
||||
return err
|
||||
}
|
||||
|
||||
return true, nil
|
||||
return nil
|
||||
}
|
||||
|
||||
// Issuer returns the did.DID representing the Token's issuer.
|
||||
@@ -154,8 +158,8 @@ func (t *Token) Command() command.Command {
|
||||
|
||||
// Arguments returns the arguments to be used when the command is
|
||||
// invoked.
|
||||
func (t *Token) Arguments() *args.Args {
|
||||
return t.arguments
|
||||
func (t *Token) Arguments() args.ReadOnly {
|
||||
return t.arguments.ReadOnly()
|
||||
}
|
||||
|
||||
// Proof() returns the ordered list of cid.Cid which reference the
|
||||
@@ -225,7 +229,7 @@ func (t *Token) validate() error {
|
||||
return errs
|
||||
}
|
||||
|
||||
func (t *Token) loadProofs(loader DelegationLoader) (res []*delegation.Token, err error) {
|
||||
func (t *Token) loadProofs(loader delegation.Loader) (res []*delegation.Token, err error) {
|
||||
res = make([]*delegation.Token, len(t.proof))
|
||||
for i, c := range t.proof {
|
||||
res[i], err = loader.GetDelegation(c)
|
||||
|
||||
@@ -5,13 +5,12 @@ import (
|
||||
|
||||
"github.com/ipfs/go-cid"
|
||||
"github.com/stretchr/testify/require"
|
||||
|
||||
"github.com/ucan-wg/go-ucan/did/didtest"
|
||||
"github.com/ucan-wg/go-ucan/pkg/args"
|
||||
"github.com/ucan-wg/go-ucan/pkg/command"
|
||||
"github.com/ucan-wg/go-ucan/token/delegation/delegationtest"
|
||||
"github.com/ucan-wg/go-ucan/token/invocation"
|
||||
|
||||
"github.com/stretchr/testify/assert"
|
||||
)
|
||||
|
||||
const (
|
||||
@@ -118,7 +117,7 @@ func TestToken_ExecutionAllowed(t *testing.T) {
|
||||
})
|
||||
}
|
||||
|
||||
func test(t *testing.T, persona didtest.Persona, cmd command.Command, args *args.Args, prf []cid.Cid, opts ...invocation.Option) (bool, error) {
|
||||
func test(t *testing.T, persona didtest.Persona, cmd command.Command, args *args.Args, prf []cid.Cid, opts ...invocation.Option) error {
|
||||
t.Helper()
|
||||
|
||||
tkn, err := invocation.New(persona.DID(t), didtest.PersonaAlice.DID(t), cmd, prf, opts...)
|
||||
@@ -131,13 +130,11 @@ func test(t *testing.T, persona didtest.Persona, cmd command.Command, args *args
|
||||
}
|
||||
|
||||
func testFails(t *testing.T, expErr error, persona didtest.Persona, cmd command.Command, args *args.Args, prf []cid.Cid, opts ...invocation.Option) {
|
||||
ok, err := test(t, persona, cmd, args, prf, opts...)
|
||||
err := test(t, persona, cmd, args, prf, opts...)
|
||||
require.ErrorIs(t, err, expErr)
|
||||
assert.False(t, ok)
|
||||
}
|
||||
|
||||
func testPasses(t *testing.T, persona didtest.Persona, cmd command.Command, args *args.Args, prf []cid.Cid, opts ...invocation.Option) {
|
||||
ok, err := test(t, persona, cmd, args, prf, opts...)
|
||||
err := test(t, persona, cmd, args, prf, opts...)
|
||||
require.NoError(t, err)
|
||||
assert.True(t, ok)
|
||||
}
|
||||
|
||||
@@ -4,8 +4,6 @@ import (
|
||||
"fmt"
|
||||
"time"
|
||||
|
||||
"github.com/ipfs/go-cid"
|
||||
|
||||
"github.com/ucan-wg/go-ucan/pkg/args"
|
||||
"github.com/ucan-wg/go-ucan/pkg/policy"
|
||||
"github.com/ucan-wg/go-ucan/token/delegation"
|
||||
@@ -49,10 +47,6 @@ import (
|
||||
// a. The policy must "match" the arguments. (verifyArgs below)
|
||||
// b. The nonce (if present) is not reused. (out of scope for go-ucan)
|
||||
|
||||
type DelegationLoader interface {
|
||||
GetDelegation(cid cid.Cid) (*delegation.Token, error)
|
||||
}
|
||||
|
||||
// verifyProofs controls that the proof chain allows the invocation:
|
||||
// - principal alignment
|
||||
// - command alignment
|
||||
|
||||
Reference in New Issue
Block a user