go/ucan
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: issues discovered by invocation validation tests

Browse Source
This commit is contained in:
Steve Moyer
2024-11-13 12:40:25 -05:00
parent 64b989452f
commit fc4c8f2de1
4 changed files with 7 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
did/did.go
View File

@@ -78,7 +78,7 @@ func MustParse(str string) DID {
// Defined tells if the DID is defined, not equal to Undef. // Defined tells if the DID is defined, not equal to Undef.
func (d DID) Defined() bool { func (d DID) Defined() bool {
return d.code == 0 || len(d.bytes) > 0 return d.code != 0 || len(d.bytes) > 0
} }
// PubKey returns the public key encapsulated by the did:key. // PubKey returns the public key encapsulated by the did:key.

2
token/delegation/delegation.go
View File

@@ -162,7 +162,7 @@ func (t *Token) IsValidNow() bool {
// IsValidNow verifies that the token can be used at the given time, based on expiration or "not before" fields. // IsValidNow verifies that the token can be used at the given time, based on expiration or "not before" fields.
// This does NOT do any other kind of verifications. // This does NOT do any other kind of verifications.
func (t *Token) IsValidAt(ti time.Time) bool { func (t *Token) IsValidAt(ti time.Time) bool {
if t.expiration == nil && ti.After(*t.expiration) { if t.expiration != nil && ti.After(*t.expiration) {
return false return false
} }
if t.notBefore != nil && ti.Before(*t.notBefore) { if t.notBefore != nil && ti.Before(*t.notBefore) {

6
token/invocation/invocation_test.go
View File

@@ -94,7 +94,7 @@ func TestToken_ExecutionAllowed(t *testing.T) {
args := invocationtest.EmptyArguments args := invocationtest.EmptyArguments
prf := invocationtest.Proof(t, dlg1TknCIDStr, expiredDlg0TknCIDStr, rootTknCIDStr) prf := invocationtest.Proof(t, dlg1TknCIDStr, expiredDlg0TknCIDStr, rootTknCIDStr)
testFails(t, invocation.ErrDelegationExpired, []string{"seg0"}, args, prf) testFails(t, invocation.ErrTokenInvalidNow, []string{"seg0"}, args, prf)
}) })
t.Run("fails - referenced delegation inactive", func(t *testing.T) { t.Run("fails - referenced delegation inactive", func(t *testing.T) {
@@ -102,7 +102,7 @@ func TestToken_ExecutionAllowed(t *testing.T) {
args := invocationtest.EmptyArguments args := invocationtest.EmptyArguments
prf := invocationtest.Proof(t, dlg1TknCIDStr, inactiveDlg0TknCIDStr, rootTknCIDStr) prf := invocationtest.Proof(t, dlg1TknCIDStr, inactiveDlg0TknCIDStr, rootTknCIDStr)
testFails(t, invocation.ErrDelegationInactive, []string{"seg0"}, args, prf) testFails(t, invocation.ErrTokenInvalidNow, []string{"seg0"}, args, prf)
}) })
t.Run("fails - last (or only) delegation not root", func(t *testing.T) { t.Run("fails - last (or only) delegation not root", func(t *testing.T) {
@@ -126,7 +126,7 @@ func TestToken_ExecutionAllowed(t *testing.T) {
args := invocationtest.EmptyArguments args := invocationtest.EmptyArguments
prf := invocationtest.Proof(t, dlg0TknCIDStr, rootTknCIDStr) prf := invocationtest.Proof(t, dlg0TknCIDStr, rootTknCIDStr)
testFails(t, invocation.ErrNotIssuedToInvoker, []string{"seg0"}, args, prf) testFails(t, invocation.ErrBrokenChain, []string{"seg0"}, args, prf)
}) })
} }

2
token/invocation/proof.go
View File

@@ -26,6 +26,8 @@ func (t *Token) verifyProofs(delegations []*delegation.Token) error {
aud = t.subject aud = t.subject
} }
fmt.Println("Subject:", t.subject, ", Audience:", aud)
var last *delegation.Token var last *delegation.Token
// control from the invocation to the root // control from the invocation to the root