From 16c6d6080db93b5f4a86e81bdbd7a3e987728d82 Mon Sep 17 00:00:00 2001 From: jakubkoci Date: Fri, 13 May 2022 10:12:46 +0200 Subject: [PATCH] feat: add out-of-band and did exchange (#717) Signed-off-by: Jakub Koci Co-authored-by: Timo Glastra BREAKING CHANGE: the connections module has been extended with an out of band module and support for the DID Exchange protocol. Some methods have been moved to the out of band module, see [Migrating from AFJ 0.1.0 to 0.2.x](https://github.com/hyperledger/aries-framework-javascript/blob/main/docs/migration/0.1-to-0.2.md) for detailed migration instructions. --- demo/src/Alice.ts | 17 +- demo/src/Faber.ts | 6 +- demo/src/OutputClass.ts | 1 + packages/core/src/agent/Agent.ts | 40 +- packages/core/src/agent/Dispatcher.ts | 4 +- packages/core/src/agent/EnvelopeService.ts | 42 +- packages/core/src/agent/Events.ts | 1 + packages/core/src/agent/MessageReceiver.ts | 87 +- packages/core/src/agent/MessageSender.ts | 196 +++- packages/core/src/agent/TransportService.ts | 37 +- .../src/agent/__tests__/MessageSender.test.ts | 141 ++- .../agent/__tests__/TransportService.test.ts | 62 +- packages/core/src/agent/helpers.ts | 17 +- .../src/agent/models/InboundMessageContext.ts | 13 +- .../decorators/service/ServiceDecorator.ts | 16 +- packages/core/src/index.ts | 3 +- packages/core/src/logger/ConsoleLogger.ts | 18 +- packages/core/src/logger/replaceError.ts | 17 + .../__tests__/BasicMessageService.test.ts | 6 +- .../handlers/BasicMessageHandler.ts | 12 +- .../modules/connections/ConnectionEvents.ts | 4 +- .../modules/connections/ConnectionsModule.ts | 293 +++--- .../connections/DidExchangeProtocol.ts | 531 +++++++++++ .../connections/DidExchangeStateMachine.ts | 86 ++ .../__tests__/ConnectionService.test.ts | 896 +++++++----------- .../__tests__/ConnectionState.test.ts | 10 - .../connections/__tests__/helpers.test.ts | 103 ++ .../errors/DidExchangeProblemReportError.ts | 22 + .../errors/DidExchangeProblemReportReason.ts | 12 + .../src/modules/connections/errors/index.ts | 2 + .../handlers/ConnectionRequestHandler.ts | 55 +- .../handlers/ConnectionResponseHandler.ts | 56 +- .../handlers/DidExchangeCompleteHandler.ts | 49 + .../handlers/DidExchangeRequestHandler.ts | 84 ++ .../handlers/DidExchangeResponseHandler.ts | 114 +++ .../handlers/TrustPingMessageHandler.ts | 10 +- .../src/modules/connections/handlers/index.ts | 3 + .../messages/DidExchangeCompleteMessage.ts | 31 + .../DidExchangeProblemReportMessage.ts | 20 + .../messages/DidExchangeRequestMessage.ts | 65 ++ .../messages/DidExchangeResponseMessage.ts | 47 + .../src/modules/connections/messages/index.ts | 4 + .../connections/models/ConnectionState.ts | 21 +- .../connections/models/DidExchangeRole.ts | 4 + .../connections/models/DidExchangeState.ts | 16 + .../connections/models/HandshakeProtocol.ts | 4 + .../models/__tests__/ConnectionState.test.ts | 30 + .../modules/connections/models/did/DidDoc.ts | 8 +- .../models/did/__tests__/DidDoc.test.ts | 6 +- .../models/did/__tests__/diddoc.json | 12 +- .../models/did/publicKey/PublicKey.ts | 5 +- .../src/modules/connections/models/index.ts | 3 + .../repository/ConnectionRecord.ts | 87 +- .../repository/ConnectionRepository.ts | 18 - .../connections/services/ConnectionService.ts | 597 ++++++------ .../modules/connections/services/helpers.ts | 101 ++ .../modules/credentials/CredentialsModule.ts | 12 +- .../V1CredentialService.cred.test.ts | 4 +- .../V1CredentialService.offer.test.ts | 4 +- .../V2CredentialService.cred.test.ts | 4 +- .../V2CredentialService.offer.test.ts | 4 +- .../v1/handlers/V1IssueCredentialHandler.ts | 4 +- .../v1/handlers/V1OfferCredentialHandler.ts | 4 +- .../v1/handlers/V1RequestCredentialHandler.ts | 4 +- .../v2/handlers/V2IssueCredentialHandler.ts | 4 +- .../v2/handlers/V2OfferCredentialHandler.ts | 4 +- .../v2/handlers/V2RequestCredentialHandler.ts | 4 +- packages/core/src/modules/dids/DidsModule.ts | 18 +- .../dids/__tests__/keyDidDocument.test.ts | 52 + .../modules/dids/__tests__/peer-did.test.ts | 8 +- .../src/modules/dids/domain/DidDocument.ts | 82 +- .../dids/domain/__tests__/DidDocument.test.ts | 8 +- .../dids/domain/createPeerDidFromServices.ts | 73 ++ .../key-type/__tests__/bls12381g1.test.ts | 7 - .../key-type/__tests__/bls12381g1g2.test.ts | 7 - .../key-type/__tests__/bls12381g2.test.ts | 7 - .../domain/key-type/__tests__/ed25519.test.ts | 7 - .../domain/key-type/__tests__/x25519.test.ts | 7 - .../dids/domain/key-type/bls12381g1.ts | 13 - .../dids/domain/key-type/bls12381g1g2.ts | 19 - .../dids/domain/key-type/bls12381g2.ts | 13 - .../modules/dids/domain/key-type/ed25519.ts | 25 - .../domain/key-type/getSignatureKeyBase.ts | 23 - .../dids/domain/key-type/keyDidMapping.ts | 2 - .../modules/dids/domain/key-type/x25519.ts | 10 - .../src/modules/dids/domain/keyDidDocument.ts | 110 +++ ...{DidCommService.ts => DidCommV1Service.ts} | 4 +- .../dids/domain/service/DidDocumentService.ts | 4 +- .../dids/domain/service/ServiceTransformer.ts | 4 +- .../src/modules/dids/domain/service/index.ts | 4 +- packages/core/src/modules/dids/helpers.ts | 32 + .../src/modules/dids/methods/key/DidKey.ts | 6 +- ...ways encode keys according to RFCs (#733)) | 134 +++ ...connection based on invitation did (#698)) | 117 +++ .../didPeer1zQmR-did-comm-service.json | 23 + .../peer/__tests__/peerDidNumAlgo2.test.ts | 22 +- .../dids/methods/peer/peerDidNumAlgo0.ts | 10 +- .../dids/methods/peer/peerDidNumAlgo2.ts | 35 +- .../dids/methods/sov/SovDidResolver.ts | 4 +- .../src/modules/dids/repository/DidRecord.ts | 2 +- .../modules/dids/repository/DidRepository.ts | 10 +- .../dids/services/DidResolverService.ts | 13 + .../core/src/modules/oob/OutOfBandModule.ts | 675 +++++++++++++ .../core/src/modules/oob/OutOfBandService.ts | 168 ++++ .../oob/__tests__/OutOfBandMessage.test.ts | 150 +++ .../oob/__tests__/OutOfBandService.test.ts | 499 ++++++++++ .../src/modules/oob/__tests__/helpers.test.ts | 136 +++ .../oob/domain/OutOfBandDidCommService.ts | 56 ++ .../src/modules/oob/domain/OutOfBandEvents.ts | 27 + .../src/modules/oob/domain/OutOfBandRole.ts | 4 + .../src/modules/oob/domain/OutOfBandState.ts | 6 + .../handlers/HandshakeReuseAcceptedHandler.ts | 20 + .../oob/handlers/HandshakeReuseHandler.ts | 22 + .../core/src/modules/oob/handlers/index.ts | 1 + packages/core/src/modules/oob/helpers.ts | 68 ++ .../messages/HandshakeReuseAcceptedMessage.ts | 27 + .../oob/messages/HandshakeReuseMessage.ts | 26 + .../oob/messages/OutOfBandInvitation.ts | 169 ++++ .../core/src/modules/oob/messages/index.ts | 2 + .../modules/oob/repository/OutOfBandRecord.ts | 105 ++ .../oob/repository/OutOfBandRepository.ts | 14 + .../core/src/modules/oob/repository/index.ts | 2 + .../core/src/modules/proofs/ProofsModule.ts | 10 +- .../proofs/__tests__/ProofService.test.ts | 4 +- .../proofs/handlers/PresentationHandler.ts | 4 +- .../handlers/RequestPresentationHandler.ts | 4 +- .../src/modules/routing/RecipientModule.ts | 92 +- .../routing/__tests__/mediation.test.ts | 143 ++- .../__tests__/mediationRecipient.test.ts | 12 +- .../handlers/KeylistUpdateResponseHandler.ts | 2 +- .../routing/handlers/MediationDenyHandler.ts | 2 +- .../routing/handlers/MediationGrantHandler.ts | 2 +- .../handlers/MediationRequestHandler.ts | 2 +- .../migration/__tests__/backup.test.ts | 16 +- packages/core/src/types.ts | 15 +- .../utils/__tests__/JsonTransformer.test.ts | 7 +- packages/core/src/utils/uri.ts | 4 + packages/core/src/utils/validators.ts | 29 + packages/core/src/wallet/IndyWallet.ts | 5 +- packages/core/src/wallet/Wallet.ts | 10 +- packages/core/tests/TestMessage.ts | 2 +- packages/core/tests/agents.test.ts | 16 +- .../core/tests/connectionless-proofs.test.ts | 20 +- packages/core/tests/connections.test.ts | 95 +- packages/core/tests/helpers.ts | 124 +-- packages/core/tests/logger.ts | 3 +- .../tests/oob-mediation-provision.test.ts | 126 +++ packages/core/tests/oob-mediation.test.ts | 129 +++ packages/core/tests/oob.test.ts | 665 +++++++++++++ packages/core/tests/postgres.test.ts | 16 +- packages/core/tests/setup.ts | 14 +- samples/extension-module/requester.ts | 7 +- samples/extension-module/responder.ts | 4 +- samples/mediator.ts | 5 +- 154 files changed, 6944 insertions(+), 1934 deletions(-) create mode 100644 packages/core/src/logger/replaceError.ts create mode 100644 packages/core/src/modules/connections/DidExchangeProtocol.ts create mode 100644 packages/core/src/modules/connections/DidExchangeStateMachine.ts delete mode 100644 packages/core/src/modules/connections/__tests__/ConnectionState.test.ts create mode 100644 packages/core/src/modules/connections/__tests__/helpers.test.ts create mode 100644 packages/core/src/modules/connections/errors/DidExchangeProblemReportError.ts create mode 100644 packages/core/src/modules/connections/errors/DidExchangeProblemReportReason.ts create mode 100644 packages/core/src/modules/connections/handlers/DidExchangeCompleteHandler.ts create mode 100644 packages/core/src/modules/connections/handlers/DidExchangeRequestHandler.ts create mode 100644 packages/core/src/modules/connections/handlers/DidExchangeResponseHandler.ts create mode 100644 packages/core/src/modules/connections/messages/DidExchangeCompleteMessage.ts create mode 100644 packages/core/src/modules/connections/messages/DidExchangeProblemReportMessage.ts create mode 100644 packages/core/src/modules/connections/messages/DidExchangeRequestMessage.ts create mode 100644 packages/core/src/modules/connections/messages/DidExchangeResponseMessage.ts create mode 100644 packages/core/src/modules/connections/models/DidExchangeRole.ts create mode 100644 packages/core/src/modules/connections/models/DidExchangeState.ts create mode 100644 packages/core/src/modules/connections/models/HandshakeProtocol.ts create mode 100644 packages/core/src/modules/connections/models/__tests__/ConnectionState.test.ts create mode 100644 packages/core/src/modules/connections/services/helpers.ts create mode 100644 packages/core/src/modules/dids/__tests__/keyDidDocument.test.ts create mode 100644 packages/core/src/modules/dids/domain/createPeerDidFromServices.ts delete mode 100644 packages/core/src/modules/dids/domain/key-type/getSignatureKeyBase.ts create mode 100644 packages/core/src/modules/dids/domain/keyDidDocument.ts rename packages/core/src/modules/dids/domain/service/{DidCommService.ts => DidCommV1Service.ts} (87%) create mode 100644 packages/core/src/modules/dids/helpers.ts create mode 100644 packages/core/src/modules/dids/methods/peer/DidPeer.ts~73d296f6 (fix: always encode keys according to RFCs (#733)) create mode 100644 packages/core/src/modules/dids/methods/peer/__tests__/DidPeer.test.ts~9399a710 (feat: find existing connection based on invitation did (#698)) create mode 100644 packages/core/src/modules/dids/methods/peer/__tests__/__fixtures__/didPeer1zQmR-did-comm-service.json create mode 100644 packages/core/src/modules/oob/OutOfBandModule.ts create mode 100644 packages/core/src/modules/oob/OutOfBandService.ts create mode 100644 packages/core/src/modules/oob/__tests__/OutOfBandMessage.test.ts create mode 100644 packages/core/src/modules/oob/__tests__/OutOfBandService.test.ts create mode 100644 packages/core/src/modules/oob/__tests__/helpers.test.ts create mode 100644 packages/core/src/modules/oob/domain/OutOfBandDidCommService.ts create mode 100644 packages/core/src/modules/oob/domain/OutOfBandEvents.ts create mode 100644 packages/core/src/modules/oob/domain/OutOfBandRole.ts create mode 100644 packages/core/src/modules/oob/domain/OutOfBandState.ts create mode 100644 packages/core/src/modules/oob/handlers/HandshakeReuseAcceptedHandler.ts create mode 100644 packages/core/src/modules/oob/handlers/HandshakeReuseHandler.ts create mode 100644 packages/core/src/modules/oob/handlers/index.ts create mode 100644 packages/core/src/modules/oob/helpers.ts create mode 100644 packages/core/src/modules/oob/messages/HandshakeReuseAcceptedMessage.ts create mode 100644 packages/core/src/modules/oob/messages/HandshakeReuseMessage.ts create mode 100644 packages/core/src/modules/oob/messages/OutOfBandInvitation.ts create mode 100644 packages/core/src/modules/oob/messages/index.ts create mode 100644 packages/core/src/modules/oob/repository/OutOfBandRecord.ts create mode 100644 packages/core/src/modules/oob/repository/OutOfBandRepository.ts create mode 100644 packages/core/src/modules/oob/repository/index.ts create mode 100644 packages/core/src/utils/uri.ts create mode 100644 packages/core/src/utils/validators.ts create mode 100644 packages/core/tests/oob-mediation-provision.test.ts create mode 100644 packages/core/tests/oob-mediation.test.ts create mode 100644 packages/core/tests/oob.test.ts diff --git a/demo/src/Alice.ts b/demo/src/Alice.ts index 7822257b36..c46db6988b 100644 --- a/demo/src/Alice.ts +++ b/demo/src/Alice.ts @@ -27,11 +27,20 @@ export class Alice extends BaseAgent { } private async printConnectionInvite() { - const invite = await this.agent.connections.createConnection() - this.connectionRecordFaberId = invite.connectionRecord.id + const outOfBand = await this.agent.oob.createInvitation() + // FIXME: this won't work as oob doesn't create a connection immediately + const [connectionRecord] = await this.agent.connections.findAllByOutOfBandId(outOfBand.id) + if (!connectionRecord) { + throw new Error(redText(Output.NoConnectionRecordFromOutOfBand)) + } + this.connectionRecordFaberId = connectionRecord.id - console.log(Output.ConnectionLink, invite.invitation.toUrl({ domain: `http://localhost:${this.port}` }), '\n') - return invite.connectionRecord + console.log( + Output.ConnectionLink, + outOfBand.outOfBandInvitation.toUrl({ domain: `http://localhost:${this.port}` }), + '\n' + ) + return connectionRecord } private async waitForConnection() { diff --git a/demo/src/Faber.ts b/demo/src/Faber.ts index 019d751631..a99b02cac8 100644 --- a/demo/src/Faber.ts +++ b/demo/src/Faber.ts @@ -38,7 +38,11 @@ export class Faber extends BaseAgent { } private async receiveConnectionRequest(invitationUrl: string) { - return await this.agent.connections.receiveInvitationFromUrl(invitationUrl) + const { connectionRecord } = await this.agent.oob.receiveInvitationFromUrl(invitationUrl) + if (!connectionRecord) { + throw new Error(redText(Output.NoConnectionRecordFromOutOfBand)) + } + return connectionRecord } private async waitForConnection(connectionRecord: ConnectionRecord) { diff --git a/demo/src/OutputClass.ts b/demo/src/OutputClass.ts index f827c54405..3d7b9ebff3 100644 --- a/demo/src/OutputClass.ts +++ b/demo/src/OutputClass.ts @@ -6,6 +6,7 @@ export enum Color { } export enum Output { + NoConnectionRecordFromOutOfBand = `\nNo connectionRecord has been created from invitation\n`, ConnectionEstablished = `\nConnection established!`, MissingConnectionRecord = `\nNo connectionRecord ID has been set yet\n`, ConnectionLink = `\nRun 'Receive connection invitation' in Faber and paste this invitation link:\n\n`, diff --git a/packages/core/src/agent/Agent.ts b/packages/core/src/agent/Agent.ts index 62252529cf..db44ebbe3d 100644 --- a/packages/core/src/agent/Agent.ts +++ b/packages/core/src/agent/Agent.ts @@ -20,6 +20,7 @@ import { CredentialsModule } from '../modules/credentials/CredentialsModule' import { DidsModule } from '../modules/dids/DidsModule' import { DiscoverFeaturesModule } from '../modules/discover-features' import { LedgerModule } from '../modules/ledger/LedgerModule' +import { OutOfBandModule } from '../modules/oob/OutOfBandModule' import { ProofsModule } from '../modules/proofs/ProofsModule' import { MediatorModule } from '../modules/routing/MediatorModule' import { RecipientModule } from '../modules/routing/RecipientModule' @@ -61,6 +62,7 @@ export class Agent { public readonly discovery: DiscoverFeaturesModule public readonly dids: DidsModule public readonly wallet: WalletModule + public readonly oob!: OutOfBandModule public constructor( initialConfig: InitConfig, @@ -123,13 +125,14 @@ export class Agent { this.discovery = this.container.resolve(DiscoverFeaturesModule) this.dids = this.container.resolve(DidsModule) this.wallet = this.container.resolve(WalletModule) + this.oob = this.container.resolve(OutOfBandModule) // Listen for new messages (either from transports or somewhere else in the framework / extensions) this.messageSubscription = this.eventEmitter .observable(AgentEventTypes.AgentMessageReceived) .pipe( takeUntil(this.agentConfig.stop$), - concatMap((e) => this.messageReceiver.receiveMessage(e.payload.message)) + concatMap((e) => this.messageReceiver.receiveMessage(e.payload.message, { connection: e.payload.connection })) ) .subscribe() } @@ -224,7 +227,9 @@ export class Agent { // Also requests mediation ans sets as default mediator // Because this requires the connections module, we do this in the agent constructor if (mediatorConnectionsInvite) { - await this.mediationRecipient.provision(mediatorConnectionsInvite) + this.logger.debug('Provision mediation with invitation', { mediatorConnectionsInvite }) + const mediatonConnection = await this.getMediationConnection(mediatorConnectionsInvite) + await this.mediationRecipient.provision(mediatonConnection) } await this.mediationRecipient.initialize() @@ -254,7 +259,7 @@ export class Agent { } public async receiveMessage(inboundMessage: unknown, session?: TransportSession) { - await this.messageReceiver.receiveMessage(inboundMessage, session) + return await this.messageReceiver.receiveMessage(inboundMessage, { session }) } public get injectionContainer() { @@ -264,4 +269,33 @@ export class Agent { public get config() { return this.agentConfig } + + private async getMediationConnection(mediatorInvitationUrl: string) { + const outOfBandInvitation = await this.oob.parseInvitation(mediatorInvitationUrl) + const outOfBandRecord = await this.oob.findByInvitationId(outOfBandInvitation.id) + const [connection] = outOfBandRecord ? await this.connections.findAllByOutOfBandId(outOfBandRecord.id) : [] + + if (!connection) { + this.logger.debug('Mediation connection does not exist, creating connection') + // We don't want to use the current default mediator when connecting to another mediator + const routing = await this.mediationRecipient.getRouting({ useDefaultMediator: false }) + + this.logger.debug('Routing created', routing) + const { connectionRecord: newConnection } = await this.oob.receiveInvitation(outOfBandInvitation, { + routing, + }) + this.logger.debug(`Mediation invitation processed`, { outOfBandInvitation }) + + if (!newConnection) { + throw new AriesFrameworkError('No connection record to provision mediation.') + } + + return this.connections.returnWhenIsConnected(newConnection.id) + } + + if (!connection.isReady) { + return this.connections.returnWhenIsConnected(connection.id) + } + return connection + } } diff --git a/packages/core/src/agent/Dispatcher.ts b/packages/core/src/agent/Dispatcher.ts index 9cb0e0fe92..e45cbc4483 100644 --- a/packages/core/src/agent/Dispatcher.ts +++ b/packages/core/src/agent/Dispatcher.ts @@ -60,8 +60,8 @@ class Dispatcher { this.logger.error(`Error handling message with type ${message.type}`, { message: message.toJSON(), error, - senderVerkey: messageContext.senderVerkey, - recipientVerkey: messageContext.recipientVerkey, + senderKey: messageContext.senderKey?.fingerprint, + recipientKey: messageContext.recipientKey?.fingerprint, connectionId: messageContext.connection?.id, }) diff --git a/packages/core/src/agent/EnvelopeService.ts b/packages/core/src/agent/EnvelopeService.ts index 1c742f409a..1ad6d8f026 100644 --- a/packages/core/src/agent/EnvelopeService.ts +++ b/packages/core/src/agent/EnvelopeService.ts @@ -1,23 +1,25 @@ import type { Logger } from '../logger' -import type { DecryptedMessageContext, EncryptedMessage } from '../types' +import type { EncryptedMessage, PlaintextMessage } from '../types' import type { AgentMessage } from './AgentMessage' import { inject, scoped, Lifecycle } from 'tsyringe' import { InjectionSymbols } from '../constants' +import { KeyType } from '../crypto' +import { Key } from '../modules/dids' import { ForwardMessage } from '../modules/routing/messages' import { Wallet } from '../wallet/Wallet' import { AgentConfig } from './AgentConfig' export interface EnvelopeKeys { - recipientKeys: string[] - routingKeys: string[] - senderKey: string | null + recipientKeys: Key[] + routingKeys: Key[] + senderKey: Key | null } @scoped(Lifecycle.ContainerScoped) -class EnvelopeService { +export class EnvelopeService { private wallet: Wallet private logger: Logger private config: AgentConfig @@ -29,38 +31,50 @@ class EnvelopeService { } public async packMessage(payload: AgentMessage, keys: EnvelopeKeys): Promise { - const { routingKeys, senderKey } = keys - let recipientKeys = keys.recipientKeys + const { recipientKeys, routingKeys, senderKey } = keys + let recipientKeysBase58 = recipientKeys.map((key) => key.publicKeyBase58) + const routingKeysBase58 = routingKeys.map((key) => key.publicKeyBase58) + const senderKeyBase58 = senderKey && senderKey.publicKeyBase58 // pass whether we want to use legacy did sov prefix const message = payload.toJSON({ useLegacyDidSovPrefix: this.config.useLegacyDidSovPrefix }) this.logger.debug(`Pack outbound message ${message['@type']}`) - let encryptedMessage = await this.wallet.pack(message, recipientKeys, senderKey ?? undefined) + let encryptedMessage = await this.wallet.pack(message, recipientKeysBase58, senderKeyBase58 ?? undefined) // If the message has routing keys (mediator) pack for each mediator - for (const routingKey of routingKeys) { + for (const routingKeyBase58 of routingKeysBase58) { const forwardMessage = new ForwardMessage({ // Forward to first recipient key - to: recipientKeys[0], + to: recipientKeysBase58[0], message: encryptedMessage, }) - recipientKeys = [routingKey] + recipientKeysBase58 = [routingKeyBase58] this.logger.debug('Forward message created', forwardMessage) const forwardJson = forwardMessage.toJSON({ useLegacyDidSovPrefix: this.config.useLegacyDidSovPrefix }) // Forward messages are anon packed - encryptedMessage = await this.wallet.pack(forwardJson, [routingKey], undefined) + encryptedMessage = await this.wallet.pack(forwardJson, [routingKeyBase58], undefined) } return encryptedMessage } public async unpackMessage(encryptedMessage: EncryptedMessage): Promise { - return this.wallet.unpack(encryptedMessage) + const decryptedMessage = await this.wallet.unpack(encryptedMessage) + const { recipientKey, senderKey, plaintextMessage } = decryptedMessage + return { + recipientKey: recipientKey ? Key.fromPublicKeyBase58(recipientKey, KeyType.Ed25519) : undefined, + senderKey: senderKey ? Key.fromPublicKeyBase58(senderKey, KeyType.Ed25519) : undefined, + plaintextMessage, + } } } -export { EnvelopeService } +export interface DecryptedMessageContext { + plaintextMessage: PlaintextMessage + senderKey?: Key + recipientKey?: Key +} diff --git a/packages/core/src/agent/Events.ts b/packages/core/src/agent/Events.ts index cb700d57de..f6bc64a7bb 100644 --- a/packages/core/src/agent/Events.ts +++ b/packages/core/src/agent/Events.ts @@ -15,6 +15,7 @@ export interface AgentMessageReceivedEvent extends BaseEvent { type: typeof AgentEventTypes.AgentMessageReceived payload: { message: unknown + connection?: ConnectionRecord } } diff --git a/packages/core/src/agent/MessageReceiver.ts b/packages/core/src/agent/MessageReceiver.ts index 35ef9cdd26..941fd52417 100644 --- a/packages/core/src/agent/MessageReceiver.ts +++ b/packages/core/src/agent/MessageReceiver.ts @@ -1,15 +1,16 @@ import type { Logger } from '../logger' import type { ConnectionRecord } from '../modules/connections' import type { InboundTransport } from '../transport' -import type { DecryptedMessageContext, PlaintextMessage, EncryptedMessage } from '../types' +import type { PlaintextMessage, EncryptedMessage } from '../types' import type { AgentMessage } from './AgentMessage' +import type { DecryptedMessageContext } from './EnvelopeService' import type { TransportSession } from './TransportService' import { Lifecycle, scoped } from 'tsyringe' import { AriesFrameworkError } from '../error' -import { ConnectionRepository } from '../modules/connections/repository' -import { DidRepository } from '../modules/dids/repository/DidRepository' +import { ConnectionsModule } from '../modules/connections' +import { OutOfBandService } from '../modules/oob/OutOfBandService' import { ProblemReportError, ProblemReportMessage, ProblemReportReason } from '../modules/problem-reports' import { isValidJweStructure } from '../utils/JWE' import { JsonTransformer } from '../utils/JsonTransformer' @@ -32,26 +33,26 @@ export class MessageReceiver { private messageSender: MessageSender private dispatcher: Dispatcher private logger: Logger - private didRepository: DidRepository - private connectionRepository: ConnectionRepository + private connectionsModule: ConnectionsModule public readonly inboundTransports: InboundTransport[] = [] + private outOfBandService: OutOfBandService public constructor( config: AgentConfig, envelopeService: EnvelopeService, transportService: TransportService, messageSender: MessageSender, - connectionRepository: ConnectionRepository, - dispatcher: Dispatcher, - didRepository: DidRepository + connectionsModule: ConnectionsModule, + outOfBandService: OutOfBandService, + dispatcher: Dispatcher ) { this.config = config this.envelopeService = envelopeService this.transportService = transportService this.messageSender = messageSender - this.connectionRepository = connectionRepository + this.connectionsModule = connectionsModule + this.outOfBandService = outOfBandService this.dispatcher = dispatcher - this.didRepository = didRepository this.logger = this.config.logger } @@ -65,20 +66,23 @@ export class MessageReceiver { * * @param inboundMessage the message to receive and handle */ - public async receiveMessage(inboundMessage: unknown, session?: TransportSession) { + public async receiveMessage( + inboundMessage: unknown, + { session, connection }: { session?: TransportSession; connection?: ConnectionRecord } + ) { this.logger.debug(`Agent ${this.config.label} received message`) if (this.isEncryptedMessage(inboundMessage)) { await this.receiveEncryptedMessage(inboundMessage as EncryptedMessage, session) } else if (this.isPlaintextMessage(inboundMessage)) { - await this.receivePlaintextMessage(inboundMessage) + await this.receivePlaintextMessage(inboundMessage, connection) } else { throw new AriesFrameworkError('Unable to parse incoming message: unrecognized format') } } - private async receivePlaintextMessage(plaintextMessage: PlaintextMessage) { + private async receivePlaintextMessage(plaintextMessage: PlaintextMessage, connection?: ConnectionRecord) { const message = await this.transformAndValidate(plaintextMessage) - const messageContext = new InboundMessageContext(message, {}) + const messageContext = new InboundMessageContext(message, { connection }) await this.dispatcher.dispatch(messageContext) } @@ -86,13 +90,14 @@ export class MessageReceiver { const decryptedMessage = await this.decryptMessage(encryptedMessage) const { plaintextMessage, senderKey, recipientKey } = decryptedMessage - const connection = await this.findConnectionByMessageKeys(decryptedMessage) - this.logger.info( - `Received message with type '${plaintextMessage['@type']}' from connection ${connection?.id} (${connection?.theirLabel})`, + `Received message with type '${plaintextMessage['@type']}', recipient key ${recipientKey?.fingerprint} and sender key ${senderKey?.fingerprint}`, plaintextMessage ) + const connection = await this.findConnectionByMessageKeys(decryptedMessage) + const outOfBand = (recipientKey && (await this.outOfBandService.findByRecipientKey(recipientKey))) || undefined + const message = await this.transformAndValidate(plaintextMessage, connection) const messageContext = new InboundMessageContext(message, { @@ -100,8 +105,8 @@ export class MessageReceiver { // To prevent unwanted usage of unready connections. Connections can still be retrieved from // Storage if the specific protocol allows an unready connection to be used. connection: connection?.isReady ? connection : undefined, - senderVerkey: senderKey, - recipientVerkey: recipientKey, + senderKey, + recipientKey, }) // We want to save a session if there is a chance of returning outbound message via inbound transport. @@ -121,6 +126,7 @@ export class MessageReceiver { // with mediators when you don't have a public endpoint yet. session.connection = connection ?? undefined messageContext.sessionId = session.id + session.outOfBand = outOfBand this.transportService.saveSession(session) } else if (session) { // No need to wait for session to stay open if we're not actually going to respond to the message. @@ -183,46 +189,11 @@ export class MessageReceiver { // We only fetch connections that are sent in AuthCrypt mode if (!recipientKey || !senderKey) return null - let connection: ConnectionRecord | null = null - // Try to find the did records that holds the sender and recipient keys - const ourDidRecord = await this.didRepository.findByVerkey(recipientKey) - - // If both our did record and their did record is available we can find a matching did record - if (ourDidRecord) { - const theirDidRecord = await this.didRepository.findByVerkey(senderKey) - - if (theirDidRecord) { - connection = await this.connectionRepository.findSingleByQuery({ - did: ourDidRecord.id, - theirDid: theirDidRecord.id, - }) - } else { - connection = await this.connectionRepository.findSingleByQuery({ - did: ourDidRecord.id, - }) - - // If theirDidRecord was not found, and connection.theirDid is set, it means the sender is not authenticated - // to send messages to use - if (connection && connection.theirDid) { - throw new AriesFrameworkError(`Inbound message senderKey '${senderKey}' is different from connection did`) - } - } - } - - // If no connection was found, we search in the connection record, where legacy did documents are stored - if (!connection) { - connection = await this.connectionRepository.findByVerkey(recipientKey) - - // Throw error if the recipient key (ourKey) does not match the key of the connection record - if (connection && connection.theirKey !== null && connection.theirKey !== senderKey) { - throw new AriesFrameworkError( - `Inbound message senderKey '${senderKey}' is different from connection.theirKey '${connection.theirKey}'` - ) - } - } - - return connection + return this.connectionsModule.findByKeys({ + senderKey, + recipientKey, + }) } /** diff --git a/packages/core/src/agent/MessageSender.ts b/packages/core/src/agent/MessageSender.ts index 18324414a7..07b89d0410 100644 --- a/packages/core/src/agent/MessageSender.ts +++ b/packages/core/src/agent/MessageSender.ts @@ -1,5 +1,6 @@ import type { ConnectionRecord } from '../modules/connections' -import type { DidCommService, IndyAgentService } from '../modules/dids/domain/service' +import type { DidDocument, Key } from '../modules/dids' +import type { OutOfBandRecord } from '../modules/oob/repository' import type { OutboundTransport } from '../transport/OutboundTransport' import type { OutboundMessage, OutboundPackage, EncryptedMessage } from '../types' import type { AgentMessage } from './AgentMessage' @@ -12,13 +13,25 @@ import { DID_COMM_TRANSPORT_QUEUE, InjectionSymbols } from '../constants' import { ReturnRouteTypes } from '../decorators/transport/TransportDecorator' import { AriesFrameworkError } from '../error' import { Logger } from '../logger' +import { keyReferenceToKey } from '../modules/dids' +import { getKeyDidMappingByVerificationMethod } from '../modules/dids/domain/key-type' +import { DidCommV1Service, IndyAgentService } from '../modules/dids/domain/service' +import { didKeyToInstanceOfKey, verkeyToInstanceOfKey } from '../modules/dids/helpers' import { DidResolverService } from '../modules/dids/services/DidResolverService' import { MessageRepository } from '../storage/MessageRepository' import { MessageValidator } from '../utils/MessageValidator' +import { getProtocolScheme } from '../utils/uri' import { EnvelopeService } from './EnvelopeService' import { TransportService } from './TransportService' +export interface ResolvedDidCommService { + id: string + serviceEndpoint: string + recipientKeys: Key[] + routingKeys: Key[] +} + export interface TransportPriorityOptions { schemes: string[] restrictive?: boolean @@ -115,8 +128,9 @@ export class MessageSender { for await (const service of services) { this.logger.debug(`Sending outbound message to service:`, { service }) try { + const protocolScheme = getProtocolScheme(service.serviceEndpoint) for (const transport of this.outboundTransports) { - if (transport.supportedSchemes.includes(service.protocolScheme)) { + if (transport.supportedSchemes.includes(protocolScheme)) { await transport.sendMessage({ payload: encryptedMessage, endpoint: service.serviceEndpoint, @@ -160,7 +174,7 @@ export class MessageSender { transportPriority?: TransportPriorityOptions } ) { - const { connection, payload, sessionId } = outboundMessage + const { connection, outOfBand, sessionId, payload } = outboundMessage const errors: Error[] = [] this.logger.debug('Send outbound message', { @@ -174,10 +188,12 @@ export class MessageSender { session = this.transportService.findSessionById(sessionId) } if (!session) { - session = this.transportService.findSessionByConnectionId(connection.id) + // Try to send to already open session + session = + this.transportService.findSessionByConnectionId(connection.id) || + (outOfBand && this.transportService.findSessionByOutOfBandId(outOfBand.id)) } - // Try to send to already open session if (session?.inboundMessage?.hasReturnRouting(payload.threadId)) { this.logger.debug(`Found session with return routing for message '${payload.id}' (connection '${connection.id}'`) try { @@ -190,18 +206,35 @@ export class MessageSender { } // Retrieve DIDComm services - const { services, queueService } = await this.retrieveServicesByConnection(connection, options?.transportPriority) + const { services, queueService } = await this.retrieveServicesByConnection( + connection, + options?.transportPriority, + outOfBand + ) + + const ourDidDocument = await this.resolveDidDocument(connection.did) + const ourAuthenticationKeys = getAuthenticationKeys(ourDidDocument) + + // TODO We're selecting just the first authentication key. Is it ok? + // We can probably learn something from the didcomm-rust implementation, which looks at crypto compatibility to make sure the + // other party can decrypt the message. https://github.com/sicpa-dlab/didcomm-rust/blob/9a24b3b60f07a11822666dda46e5616a138af056/src/message/pack_encrypted/mod.rs#L33-L44 + // This will become more relevant when we support different encrypt envelopes. One thing to take into account though is that currently we only store the recipientKeys + // as defined in the didcomm services, while it could be for example that the first authentication key is not defined in the recipientKeys, in which case we wouldn't + // even be interoperable between two AFJ agents. So we should either pick the first key that is defined in the recipientKeys, or we should make sure to store all + // keys defined in the did document as tags so we can retrieve it, even if it's not defined in the recipientKeys. This, again, will become simpler once we use didcomm v2 + // as the `from` field in a received message will identity the did used so we don't have to store all keys in tags to be able to find the connections associated with + // an incoming message. + const [firstOurAuthenticationKey] = ourAuthenticationKeys + const shouldUseReturnRoute = !this.transportService.hasInboundEndpoint(ourDidDocument) // Loop trough all available services and try to send the message for await (const service of services) { try { - // Enable return routing if the - const shouldUseReturnRoute = !this.transportService.hasInboundEndpoint(connection.didDoc) - + // Enable return routing if the our did document does not have any inbound endpoint for given sender key await this.sendMessageToService({ message: payload, service, - senderKey: connection.verkey, + senderKey: firstOurAuthenticationKey, returnRoute: shouldUseReturnRoute, connectionId: connection.id, }) @@ -225,8 +258,8 @@ export class MessageSender { const keys = { recipientKeys: queueService.recipientKeys, - routingKeys: queueService.routingKeys || [], - senderKey: connection.verkey, + routingKeys: queueService.routingKeys, + senderKey: firstOurAuthenticationKey, } const encryptedMessage = await this.envelopeService.packMessage(payload, keys) @@ -251,8 +284,8 @@ export class MessageSender { connectionId, }: { message: AgentMessage - service: DidCommService - senderKey: string + service: ResolvedDidCommService + senderKey: Key returnRoute?: boolean connectionId?: string }) { @@ -260,11 +293,14 @@ export class MessageSender { throw new AriesFrameworkError('Agent has no outbound transport!') } - this.logger.debug(`Sending outbound message to service:`, { messageId: message.id, service }) + this.logger.debug(`Sending outbound message to service:`, { + messageId: message.id, + service: { ...service, recipientKeys: 'omitted...', routingKeys: 'omitted...' }, + }) const keys = { recipientKeys: service.recipientKeys, - routingKeys: service.routingKeys || [], + routingKeys: service.routingKeys, senderKey, } @@ -291,43 +327,92 @@ export class MessageSender { outboundPackage.endpoint = service.serviceEndpoint outboundPackage.connectionId = connectionId for (const transport of this.outboundTransports) { - if (transport.supportedSchemes.includes(service.protocolScheme)) { + const protocolScheme = getProtocolScheme(service.serviceEndpoint) + if (!protocolScheme) { + this.logger.warn('Service does not have valid protocolScheme.') + } else if (transport.supportedSchemes.includes(protocolScheme)) { await transport.sendMessage(outboundPackage) break } } } + private async retrieveServicesFromDid(did: string) { + this.logger.debug(`Resolving services for did ${did}.`) + const didDocument = await this.resolveDidDocument(did) + + const didCommServices: ResolvedDidCommService[] = [] + + // FIXME: we currently retrieve did documents for all didcomm services in the did document, and we don't have caching + // yet so this will re-trigger ledger resolves for each one. Should we only resolve the first service, then the second service, etc...? + for (const didCommService of didDocument.didCommServices) { + if (didCommService instanceof IndyAgentService) { + // IndyAgentService (DidComm v0) has keys encoded as raw publicKeyBase58 (verkeys) + didCommServices.push({ + id: didCommService.id, + recipientKeys: didCommService.recipientKeys.map(verkeyToInstanceOfKey), + routingKeys: didCommService.routingKeys?.map(verkeyToInstanceOfKey) || [], + serviceEndpoint: didCommService.serviceEndpoint, + }) + } else if (didCommService instanceof DidCommV1Service) { + // Resolve dids to DIDDocs to retrieve routingKeys + const routingKeys = [] + for (const routingKey of didCommService.routingKeys ?? []) { + const routingDidDocument = await this.resolveDidDocument(routingKey) + routingKeys.push(keyReferenceToKey(routingDidDocument, routingKey)) + } + + // Dereference recipientKeys + const recipientKeys = didCommService.recipientKeys.map((recipientKey) => + keyReferenceToKey(didDocument, recipientKey) + ) + + // DidCommV1Service has keys encoded as key references + didCommServices.push({ + id: didCommService.id, + recipientKeys, + routingKeys, + serviceEndpoint: didCommService.serviceEndpoint, + }) + } + } + + return didCommServices + } + private async retrieveServicesByConnection( connection: ConnectionRecord, - transportPriority?: TransportPriorityOptions + transportPriority?: TransportPriorityOptions, + outOfBand?: OutOfBandRecord ) { this.logger.debug(`Retrieving services for connection '${connection.id}' (${connection.theirLabel})`, { transportPriority, + connection, }) - let didCommServices: Array - - // If theirDid starts with a did: prefix it means we're using the new did syntax - // and we should use the did resolver - if (connection.theirDid?.startsWith('did:')) { - const { - didDocument, - didResolutionMetadata: { error, message }, - } = await this.didResolverService.resolve(connection.theirDid) - - if (!didDocument) { - throw new AriesFrameworkError( - `Unable to resolve did document for did '${connection.theirDid}': ${error} ${message}` - ) + let didCommServices: ResolvedDidCommService[] = [] + + if (connection.theirDid) { + this.logger.debug(`Resolving services for connection theirDid ${connection.theirDid}.`) + didCommServices = await this.retrieveServicesFromDid(connection.theirDid) + } else if (outOfBand) { + this.logger.debug(`Resolving services from out-of-band record ${outOfBand?.id}.`) + if (connection.isRequester) { + for (const service of outOfBand.outOfBandInvitation.services) { + // Resolve dids to DIDDocs to retrieve services + if (typeof service === 'string') { + didCommServices = await this.retrieveServicesFromDid(service) + } else { + // Out of band inline service contains keys encoded as did:key references + didCommServices.push({ + id: service.id, + recipientKeys: service.recipientKeys.map(didKeyToInstanceOfKey), + routingKeys: service.routingKeys?.map(didKeyToInstanceOfKey) || [], + serviceEndpoint: service.serviceEndpoint, + }) + } + } } - - didCommServices = didDocument.didCommServices - } - // Old school method, did document is stored inside the connection record - else { - // Retrieve DIDComm services - didCommServices = this.transportService.findDidCommServices(connection) } // Separate queue service out @@ -337,7 +422,7 @@ export class MessageSender { // If restrictive will remove services not listed in schemes list if (transportPriority?.restrictive) { services = services.filter((service) => { - const serviceSchema = service.protocolScheme + const serviceSchema = getProtocolScheme(service.serviceEndpoint) return transportPriority.schemes.includes(serviceSchema) }) } @@ -345,19 +430,44 @@ export class MessageSender { // If transport priority is set we will sort services by our priority if (transportPriority?.schemes) { services = services.sort(function (a, b) { - const aScheme = a.protocolScheme - const bScheme = b.protocolScheme + const aScheme = getProtocolScheme(a.serviceEndpoint) + const bScheme = getProtocolScheme(b.serviceEndpoint) return transportPriority?.schemes.indexOf(aScheme) - transportPriority?.schemes.indexOf(bScheme) }) } this.logger.debug( - `Retrieved ${services.length} services for message to connection '${connection.id}'(${connection.theirLabel})'` + `Retrieved ${services.length} services for message to connection '${connection.id}'(${connection.theirLabel})'`, + { hasQueueService: queueService !== undefined } ) return { services, queueService } } + + private async resolveDidDocument(did: string) { + const { + didDocument, + didResolutionMetadata: { error, message }, + } = await this.didResolverService.resolve(did) + + if (!didDocument) { + throw new AriesFrameworkError(`Unable to resolve did document for did '${did}': ${error} ${message}`) + } + return didDocument + } } export function isDidCommTransportQueue(serviceEndpoint: string): serviceEndpoint is typeof DID_COMM_TRANSPORT_QUEUE { return serviceEndpoint === DID_COMM_TRANSPORT_QUEUE } + +function getAuthenticationKeys(didDocument: DidDocument) { + return ( + didDocument.authentication?.map((authentication) => { + const verificationMethod = + typeof authentication === 'string' ? didDocument.dereferenceVerificationMethod(authentication) : authentication + const { getKeyFromVerificationMethod } = getKeyDidMappingByVerificationMethod(verificationMethod) + const key = getKeyFromVerificationMethod(verificationMethod) + return key + }) ?? [] + ) +} diff --git a/packages/core/src/agent/TransportService.ts b/packages/core/src/agent/TransportService.ts index ccaee2b6f5..12458f7413 100644 --- a/packages/core/src/agent/TransportService.ts +++ b/packages/core/src/agent/TransportService.ts @@ -1,6 +1,6 @@ -import type { DidDoc } from '../modules/connections/models' import type { ConnectionRecord } from '../modules/connections/repository' -import type { IndyAgentService } from '../modules/dids/domain/service' +import type { DidDocument } from '../modules/dids' +import type { OutOfBandRecord } from '../modules/oob/repository' import type { EncryptedMessage } from '../types' import type { AgentMessage } from './AgentMessage' import type { EnvelopeKeys } from './EnvelopeService' @@ -8,12 +8,10 @@ import type { EnvelopeKeys } from './EnvelopeService' import { Lifecycle, scoped } from 'tsyringe' import { DID_COMM_TRANSPORT_QUEUE } from '../constants' -import { ConnectionRole } from '../modules/connections/models' -import { DidCommService } from '../modules/dids/domain/service' @scoped(Lifecycle.ContainerScoped) export class TransportService { - private transportSessionTable: TransportSessionTable = {} + public transportSessionTable: TransportSessionTable = {} public saveSession(session: TransportSession) { this.transportSessionTable[session.id] = session @@ -23,8 +21,12 @@ export class TransportService { return Object.values(this.transportSessionTable).find((session) => session?.connection?.id === connectionId) } - public hasInboundEndpoint(didDoc: DidDoc): boolean { - return Boolean(didDoc.didCommServices.find((s) => s.serviceEndpoint !== DID_COMM_TRANSPORT_QUEUE)) + public findSessionByOutOfBandId(outOfBandId: string) { + return Object.values(this.transportSessionTable).find((session) => session?.outOfBand?.id === outOfBandId) + } + + public hasInboundEndpoint(didDocument: DidDocument): boolean { + return Boolean(didDocument.service?.find((s) => s.serviceEndpoint !== DID_COMM_TRANSPORT_QUEUE)) } public findSessionById(sessionId: string) { @@ -34,26 +36,6 @@ export class TransportService { public removeSession(session: TransportSession) { delete this.transportSessionTable[session.id] } - - public findDidCommServices(connection: ConnectionRecord): Array { - if (connection.theirDidDoc) { - return connection.theirDidDoc.didCommServices - } - - if (connection.role === ConnectionRole.Invitee && connection.invitation) { - const { invitation } = connection - if (invitation.serviceEndpoint) { - const service = new DidCommService({ - id: `${connection.id}-invitation`, - serviceEndpoint: invitation.serviceEndpoint, - recipientKeys: invitation.recipientKeys || [], - routingKeys: invitation.routingKeys || [], - }) - return [service] - } - } - return [] - } } interface TransportSessionTable { @@ -66,6 +48,7 @@ export interface TransportSession { keys?: EnvelopeKeys inboundMessage?: AgentMessage connection?: ConnectionRecord + outOfBand?: OutOfBandRecord send(encryptedMessage: EncryptedMessage): Promise close(): Promise } diff --git a/packages/core/src/agent/__tests__/MessageSender.test.ts b/packages/core/src/agent/__tests__/MessageSender.test.ts index 9db4075158..b7ae2bda0c 100644 --- a/packages/core/src/agent/__tests__/MessageSender.test.ts +++ b/packages/core/src/agent/__tests__/MessageSender.test.ts @@ -1,14 +1,17 @@ import type { ConnectionRecord } from '../../modules/connections' +import type { DidDocumentService } from '../../modules/dids' import type { MessageRepository } from '../../storage/MessageRepository' import type { OutboundTransport } from '../../transport' import type { OutboundMessage, EncryptedMessage } from '../../types' +import type { ResolvedDidCommService } from '../MessageSender' import { TestMessage } from '../../../tests/TestMessage' import { getAgentConfig, getMockConnection, mockFunction } from '../../../tests/helpers' import testLogger from '../../../tests/logger' +import { KeyType } from '../../crypto' import { ReturnRouteTypes } from '../../decorators/transport/TransportDecorator' -import { DidDocument } from '../../modules/dids' -import { DidCommService } from '../../modules/dids/domain/service/DidCommService' +import { Key, DidDocument, VerificationMethod } from '../../modules/dids' +import { DidCommV1Service } from '../../modules/dids/domain/service/DidCommV1Service' import { DidResolverService } from '../../modules/dids/services/DidResolverService' import { InMemoryMessageRepository } from '../../storage/InMemoryMessageRepository' import { EnvelopeService as EnvelopeServiceImpl } from '../EnvelopeService' @@ -22,9 +25,11 @@ jest.mock('../TransportService') jest.mock('../EnvelopeService') jest.mock('../../modules/dids/services/DidResolverService') +const logger = testLogger + const TransportServiceMock = TransportService as jest.MockedClass const DidResolverServiceMock = DidResolverService as jest.Mock -const logger = testLogger + class DummyOutboundTransport implements OutboundTransport { public start(): Promise { throw new Error('Method not implemented.') @@ -54,14 +59,19 @@ describe('MessageSender', () => { const enveloperService = new EnvelopeService() const envelopeServicePackMessageMock = mockFunction(enveloperService.packMessage) + const didResolverService = new DidResolverServiceMock() + const didResolverServiceResolveMock = mockFunction(didResolverService.resolve) + const inboundMessage = new TestMessage() inboundMessage.setReturnRouting(ReturnRouteTypes.all) + const recipientKey = Key.fromPublicKeyBase58('8HH5gYEeNc3z7PYXmd54d4x6qAfCNrqQqEB3nS7Zfu7K', KeyType.Ed25519) + const senderKey = Key.fromPublicKeyBase58('79CXkde3j8TNuMXxPdV7nLUrT2g7JAEjH5TreyVY7GEZ', KeyType.Ed25519) const session = new DummyTransportSession('session-123') session.keys = { - recipientKeys: ['verkey'], + recipientKeys: [recipientKey], routingKeys: [], - senderKey: 'senderKey', + senderKey: senderKey, } session.inboundMessage = inboundMessage session.send = jest.fn() @@ -75,31 +85,28 @@ describe('MessageSender', () => { const transportServiceFindSessionByIdMock = mockFunction(transportService.findSessionById) const transportServiceHasInboundEndpoint = mockFunction(transportService.hasInboundEndpoint) - const firstDidCommService = new DidCommService({ + const firstDidCommService = new DidCommV1Service({ id: `;indy`, serviceEndpoint: 'https://www.first-endpoint.com', - recipientKeys: ['verkey'], + recipientKeys: ['#authentication-1'], }) - const secondDidCommService = new DidCommService({ + const secondDidCommService = new DidCommV1Service({ id: `;indy`, serviceEndpoint: 'https://www.second-endpoint.com', - recipientKeys: ['verkey'], + recipientKeys: ['#authentication-1'], }) - const transportServiceFindServicesMock = mockFunction(transportService.findDidCommServices) let messageSender: MessageSender let outboundTransport: OutboundTransport let messageRepository: MessageRepository let connection: ConnectionRecord let outboundMessage: OutboundMessage - let didResolverService: DidResolverService describe('sendMessage', () => { beforeEach(() => { TransportServiceMock.mockClear() - transportServiceHasInboundEndpoint.mockReturnValue(true) + DidResolverServiceMock.mockClear() - didResolverService = new DidResolverServiceMock() outboundTransport = new DummyOutboundTransport() messageRepository = new InMemoryMessageRepository(getAgentConfig('MessageSender')) messageSender = new MessageSender( @@ -109,12 +116,23 @@ describe('MessageSender', () => { logger, didResolverService ) - connection = getMockConnection({ id: 'test-123', theirLabel: 'Test 123' }) - + connection = getMockConnection({ + id: 'test-123', + did: 'did:peer:1mydid', + theirDid: 'did:peer:1theirdid', + theirLabel: 'Test 123', + }) outboundMessage = createOutboundMessage(connection, new TestMessage()) envelopeServicePackMessageMock.mockReturnValue(Promise.resolve(encryptedMessage)) - transportServiceFindServicesMock.mockReturnValue([firstDidCommService, secondDidCommService]) + transportServiceHasInboundEndpoint.mockReturnValue(true) + + const didDocumentInstance = getMockDidDocument({ service: [firstDidCommService, secondDidCommService] }) + didResolverServiceResolveMock.mockResolvedValue({ + didDocument: didDocumentInstance, + didResolutionMetadata: {}, + didDocumentMetadata: {}, + }) }) afterEach(() => { @@ -127,7 +145,12 @@ describe('MessageSender', () => { test('throw error when there is no service or queue', async () => { messageSender.registerOutboundTransport(outboundTransport) - transportServiceFindServicesMock.mockReturnValue([]) + + didResolverServiceResolveMock.mockResolvedValue({ + didDocument: getMockDidDocument({ service: [] }), + didResolutionMetadata: {}, + didDocumentMetadata: {}, + }) await expect(messageSender.sendMessage(outboundMessage)).rejects.toThrow( `Message is undeliverable to connection test-123 (Test 123)` @@ -156,23 +179,11 @@ describe('MessageSender', () => { test("resolves the did document using the did resolver if connection.theirDid starts with 'did:'", async () => { messageSender.registerOutboundTransport(outboundTransport) - const did = 'did:peer:1exampledid' const sendMessageSpy = jest.spyOn(outboundTransport, 'sendMessage') - const resolveMock = mockFunction(didResolverService.resolve) - - connection.theirDid = did - resolveMock.mockResolvedValue({ - didDocument: new DidDocument({ - id: did, - service: [firstDidCommService, secondDidCommService], - }), - didResolutionMetadata: {}, - didDocumentMetadata: {}, - }) await messageSender.sendMessage(outboundMessage) - expect(resolveMock).toHaveBeenCalledWith(did) + expect(didResolverServiceResolveMock).toHaveBeenCalledWith(connection.theirDid) expect(sendMessageSpy).toHaveBeenCalledWith({ connectionId: 'test-123', payload: encryptedMessage, @@ -185,11 +196,7 @@ describe('MessageSender', () => { test("throws an error if connection.theirDid starts with 'did:' but the resolver can't resolve the did document", async () => { messageSender.registerOutboundTransport(outboundTransport) - const did = 'did:peer:1exampledid' - const resolveMock = mockFunction(didResolverService.resolve) - - connection.theirDid = did - resolveMock.mockResolvedValue({ + didResolverServiceResolveMock.mockResolvedValue({ didDocument: null, didResolutionMetadata: { error: 'notFound', @@ -198,7 +205,7 @@ describe('MessageSender', () => { }) await expect(messageSender.sendMessage(outboundMessage)).rejects.toThrowError( - `Unable to resolve did document for did '${did}': notFound` + `Unable to resolve did document for did '${connection.theirDid}': notFound` ) }) @@ -242,13 +249,22 @@ describe('MessageSender', () => { await messageSender.sendMessage(outboundMessage) - expect(sendMessageToServiceSpy).toHaveBeenCalledWith({ + const [[sendMessage]] = sendMessageToServiceSpy.mock.calls + + expect(sendMessage).toMatchObject({ connectionId: 'test-123', message: outboundMessage.payload, - senderKey: connection.verkey, - service: firstDidCommService, returnRoute: false, + service: { + serviceEndpoint: firstDidCommService.serviceEndpoint, + }, }) + + expect(sendMessage.senderKey.publicKeyBase58).toEqual('EoGusetSxDJktp493VCyh981nUnzMamTRjvBaHZAy68d') + expect(sendMessage.service.recipientKeys.map((key) => key.publicKeyBase58)).toEqual([ + 'EoGusetSxDJktp493VCyh981nUnzMamTRjvBaHZAy68d', + ]) + expect(sendMessageToServiceSpy).toHaveBeenCalledTimes(1) expect(sendMessageSpy).toHaveBeenCalledTimes(1) }) @@ -263,25 +279,34 @@ describe('MessageSender', () => { await messageSender.sendMessage(outboundMessage) - expect(sendMessageToServiceSpy).toHaveBeenNthCalledWith(2, { + const [, [sendMessage]] = sendMessageToServiceSpy.mock.calls + expect(sendMessage).toMatchObject({ connectionId: 'test-123', message: outboundMessage.payload, - senderKey: connection.verkey, - service: secondDidCommService, returnRoute: false, + service: { + serviceEndpoint: secondDidCommService.serviceEndpoint, + }, }) + + expect(sendMessage.senderKey.publicKeyBase58).toEqual('EoGusetSxDJktp493VCyh981nUnzMamTRjvBaHZAy68d') + expect(sendMessage.service.recipientKeys.map((key) => key.publicKeyBase58)).toEqual([ + 'EoGusetSxDJktp493VCyh981nUnzMamTRjvBaHZAy68d', + ]) + expect(sendMessageToServiceSpy).toHaveBeenCalledTimes(2) expect(sendMessageSpy).toHaveBeenCalledTimes(2) }) }) describe('sendMessageToService', () => { - const service = new DidCommService({ + const service: ResolvedDidCommService = { id: 'out-of-band', - recipientKeys: ['someKey'], + recipientKeys: [Key.fromFingerprint('z6Mkk7yqnGF3YwTrLpqrW6PGsKci7dNqh1CjnvMbzrMerSeL')], + routingKeys: [], serviceEndpoint: 'https://example.com', - }) - const senderKey = 'someVerkey' + } + const senderKey = Key.fromFingerprint('z6MkmjY8GnV5i9YTDtPETC2uUAW6ejw3nk5mXF5yci5ab7th') beforeEach(() => { outboundTransport = new DummyOutboundTransport() @@ -361,7 +386,7 @@ describe('MessageSender', () => { logger, didResolverService ) - connection = getMockConnection({ id: 'test-123' }) + connection = getMockConnection() envelopeServicePackMessageMock.mockReturnValue(Promise.resolve(encryptedMessage)) }) @@ -375,9 +400,9 @@ describe('MessageSender', () => { const endpoint = 'https://example.com' const keys = { - recipientKeys: ['service.recipientKeys'], + recipientKeys: [recipientKey], routingKeys: [], - senderKey: connection.verkey, + senderKey: senderKey, } const result = await messageSender.packMessage({ message, keys, endpoint }) @@ -389,3 +414,21 @@ describe('MessageSender', () => { }) }) }) + +function getMockDidDocument({ service }: { service: DidDocumentService[] }) { + return new DidDocument({ + id: 'did:sov:SKJVx2kn373FNgvff1SbJo', + alsoKnownAs: ['did:sov:SKJVx2kn373FNgvff1SbJo'], + controller: ['did:sov:SKJVx2kn373FNgvff1SbJo'], + verificationMethod: [], + service, + authentication: [ + new VerificationMethod({ + id: 'did:sov:SKJVx2kn373FNgvff1SbJo#authentication-1', + type: 'Ed25519VerificationKey2018', + controller: 'did:sov:LjgpST2rjsoxYegQDRm7EL', + publicKeyBase58: 'EoGusetSxDJktp493VCyh981nUnzMamTRjvBaHZAy68d', + }), + ], + }) +} diff --git a/packages/core/src/agent/__tests__/TransportService.test.ts b/packages/core/src/agent/__tests__/TransportService.test.ts index 8d3f051c8a..c16d00478b 100644 --- a/packages/core/src/agent/__tests__/TransportService.test.ts +++ b/packages/core/src/agent/__tests__/TransportService.test.ts @@ -1,68 +1,10 @@ import { getMockConnection } from '../../../tests/helpers' -import { ConnectionInvitationMessage, ConnectionRole, DidDoc } from '../../modules/connections' -import { DidCommService } from '../../modules/dids/domain/service/DidCommService' +import { DidExchangeRole } from '../../modules/connections' import { TransportService } from '../TransportService' import { DummyTransportSession } from './stubs' describe('TransportService', () => { - describe('findServices', () => { - let transportService: TransportService - let theirDidDoc: DidDoc - const testDidCommService = new DidCommService({ - id: `;indy`, - serviceEndpoint: 'https://example.com', - recipientKeys: ['verkey'], - }) - - beforeEach(() => { - theirDidDoc = new DidDoc({ - id: 'test-456', - publicKey: [], - authentication: [], - service: [testDidCommService], - }) - - transportService = new TransportService() - }) - - test(`returns empty array when there is no their DidDoc and role is ${ConnectionRole.Inviter}`, () => { - const connection = getMockConnection({ id: 'test-123', role: ConnectionRole.Inviter }) - connection.theirDidDoc = undefined - expect(transportService.findDidCommServices(connection)).toEqual([]) - }) - - test(`returns empty array when there is no their DidDoc, no invitation and role is ${ConnectionRole.Invitee}`, () => { - const connection = getMockConnection({ id: 'test-123', role: ConnectionRole.Invitee }) - connection.theirDidDoc = undefined - connection.invitation = undefined - expect(transportService.findDidCommServices(connection)).toEqual([]) - }) - - test(`returns service from their DidDoc`, () => { - const connection = getMockConnection({ id: 'test-123', theirDidDoc }) - expect(transportService.findDidCommServices(connection)).toEqual([testDidCommService]) - }) - - test(`returns service from invitation when there is no their DidDoc and role is ${ConnectionRole.Invitee}`, () => { - const invitation = new ConnectionInvitationMessage({ - label: 'test', - recipientKeys: ['verkey'], - serviceEndpoint: 'ws://invitationEndpoint.com', - }) - const connection = getMockConnection({ id: 'test-123', role: ConnectionRole.Invitee, invitation }) - connection.theirDidDoc = undefined - expect(transportService.findDidCommServices(connection)).toEqual([ - new DidCommService({ - id: 'test-123-invitation', - serviceEndpoint: 'ws://invitationEndpoint.com', - routingKeys: [], - recipientKeys: ['verkey'], - }), - ]) - }) - }) - describe('removeSession', () => { let transportService: TransportService @@ -71,7 +13,7 @@ describe('TransportService', () => { }) test(`remove session saved for a given connection`, () => { - const connection = getMockConnection({ id: 'test-123', role: ConnectionRole.Inviter }) + const connection = getMockConnection({ id: 'test-123', role: DidExchangeRole.Responder }) const session = new DummyTransportSession('dummy-session-123') session.connection = connection diff --git a/packages/core/src/agent/helpers.ts b/packages/core/src/agent/helpers.ts index c9aa0d5442..b3516a1f25 100644 --- a/packages/core/src/agent/helpers.ts +++ b/packages/core/src/agent/helpers.ts @@ -1,24 +1,26 @@ import type { ConnectionRecord } from '../modules/connections' +import type { Key } from '../modules/dids/domain/Key' +import type { OutOfBandRecord } from '../modules/oob/repository' import type { OutboundMessage, OutboundServiceMessage } from '../types' import type { AgentMessage } from './AgentMessage' - -import { IndyAgentService } from '../modules/dids' -import { DidCommService } from '../modules/dids/domain/service/DidCommService' +import type { ResolvedDidCommService } from './MessageSender' export function createOutboundMessage( connection: ConnectionRecord, - payload: T + payload: T, + outOfBand?: OutOfBandRecord ): OutboundMessage { return { connection, + outOfBand, payload, } } export function createOutboundServiceMessage(options: { payload: T - service: DidCommService - senderKey: string + service: ResolvedDidCommService + senderKey: Key }): OutboundServiceMessage { return options } @@ -27,5 +29,6 @@ export function isOutboundServiceMessage( message: OutboundMessage | OutboundServiceMessage ): message is OutboundServiceMessage { const service = (message as OutboundServiceMessage).service - return service instanceof IndyAgentService || service instanceof DidCommService + + return service !== undefined } diff --git a/packages/core/src/agent/models/InboundMessageContext.ts b/packages/core/src/agent/models/InboundMessageContext.ts index 7d920b8c0a..34ea296f49 100644 --- a/packages/core/src/agent/models/InboundMessageContext.ts +++ b/packages/core/src/agent/models/InboundMessageContext.ts @@ -1,26 +1,27 @@ import type { ConnectionRecord } from '../../modules/connections' +import type { Key } from '../../modules/dids' import type { AgentMessage } from '../AgentMessage' import { AriesFrameworkError } from '../../error' export interface MessageContextParams { connection?: ConnectionRecord - senderVerkey?: string - recipientVerkey?: string sessionId?: string + senderKey?: Key + recipientKey?: Key } export class InboundMessageContext { public message: T public connection?: ConnectionRecord - public senderVerkey?: string - public recipientVerkey?: string public sessionId?: string + public senderKey?: Key + public recipientKey?: Key public constructor(message: T, context: MessageContextParams = {}) { this.message = message - this.recipientVerkey = context.recipientVerkey - this.senderVerkey = context.senderVerkey + this.recipientKey = context.recipientKey + this.senderKey = context.senderKey this.connection = context.connection this.sessionId = context.sessionId } diff --git a/packages/core/src/decorators/service/ServiceDecorator.ts b/packages/core/src/decorators/service/ServiceDecorator.ts index da1e69a8fa..72ee1226fe 100644 --- a/packages/core/src/decorators/service/ServiceDecorator.ts +++ b/packages/core/src/decorators/service/ServiceDecorator.ts @@ -1,6 +1,8 @@ +import type { ResolvedDidCommService } from '../../agent/MessageSender' + import { IsArray, IsOptional, IsString } from 'class-validator' -import { DidCommService } from '../../modules/dids/domain/service/DidCommService' +import { verkeyToInstanceOfKey } from '../../modules/dids/helpers' import { uuid } from '../../utils/uuid' export interface ServiceDecoratorOptions { @@ -36,12 +38,12 @@ export class ServiceDecorator { @IsString() public serviceEndpoint!: string - public toDidCommService(id?: string) { - return new DidCommService({ - id: id ?? uuid(), - recipientKeys: this.recipientKeys, - routingKeys: this.routingKeys, + public get resolvedDidCommService(): ResolvedDidCommService { + return { + id: uuid(), + recipientKeys: this.recipientKeys.map(verkeyToInstanceOfKey), + routingKeys: this.routingKeys?.map(verkeyToInstanceOfKey) ?? [], serviceEndpoint: this.serviceEndpoint, - }) + } } } diff --git a/packages/core/src/index.ts b/packages/core/src/index.ts index 9f3979de9e..0f9a92449a 100644 --- a/packages/core/src/index.ts +++ b/packages/core/src/index.ts @@ -2,7 +2,6 @@ import 'reflect-metadata' export { Agent } from './agent/Agent' -export { BaseEvent } from './agent/Events' export { EventEmitter } from './agent/EventEmitter' export { Handler, HandlerInboundMessage } from './agent/Handler' export { InboundMessageContext } from './agent/models/InboundMessageContext' @@ -38,6 +37,8 @@ export * from './logger' export * from './error' export * from './wallet/error' +export * from './agent/Events' + const utils = { uuid, } diff --git a/packages/core/src/logger/ConsoleLogger.ts b/packages/core/src/logger/ConsoleLogger.ts index 5895f26ad8..f5c92d9d80 100644 --- a/packages/core/src/logger/ConsoleLogger.ts +++ b/packages/core/src/logger/ConsoleLogger.ts @@ -2,23 +2,7 @@ import { BaseLogger } from './BaseLogger' import { LogLevel } from './Logger' -/* - * The replacer parameter allows you to specify a function that replaces values with your own. We can use it to control what gets stringified. - */ -function replaceError(_: unknown, value: unknown) { - if (value instanceof Error) { - const newValue = Object.getOwnPropertyNames(value).reduce( - (obj, propName) => { - obj[propName] = (value as unknown as Record)[propName] - return obj - }, - { name: value.name } as Record - ) - return newValue - } - - return value -} +import { replaceError } from './replaceError' export class ConsoleLogger extends BaseLogger { // Map our log levels to console levels diff --git a/packages/core/src/logger/replaceError.ts b/packages/core/src/logger/replaceError.ts new file mode 100644 index 0000000000..023679e354 --- /dev/null +++ b/packages/core/src/logger/replaceError.ts @@ -0,0 +1,17 @@ +/* + * The replacer parameter allows you to specify a function that replaces values with your own. We can use it to control what gets stringified. + */ +export function replaceError(_: unknown, value: unknown) { + if (value instanceof Error) { + const newValue = Object.getOwnPropertyNames(value).reduce( + (obj, propName) => { + obj[propName] = (value as unknown as Record)[propName] + return obj + }, + { name: value.name } as Record + ) + return newValue + } + + return value +} diff --git a/packages/core/src/modules/basic-messages/__tests__/BasicMessageService.test.ts b/packages/core/src/modules/basic-messages/__tests__/BasicMessageService.test.ts index 74fe338f8a..086ed35276 100644 --- a/packages/core/src/modules/basic-messages/__tests__/BasicMessageService.test.ts +++ b/packages/core/src/modules/basic-messages/__tests__/BasicMessageService.test.ts @@ -17,7 +17,6 @@ import { BasicMessageService } from '../services' describe('BasicMessageService', () => { const mockConnectionRecord = getMockConnection({ id: 'd3849ac3-c981-455b-a1aa-a10bea6cead8', - verkey: '71X9Y1aSPK11ariWUYQCYMjSewf2Kw2JFGeygEf9uZd9', did: 'did:sov:C2SsBf5QUQpqSAQfhu3sd2', }) @@ -57,10 +56,7 @@ describe('BasicMessageService', () => { content: 'message', }) - const messageContext = new InboundMessageContext(basicMessage, { - senderVerkey: 'senderKey', - recipientVerkey: 'recipientKey', - }) + const messageContext = new InboundMessageContext(basicMessage) await basicMessageService.save(messageContext, mockConnectionRecord) diff --git a/packages/core/src/modules/basic-messages/handlers/BasicMessageHandler.ts b/packages/core/src/modules/basic-messages/handlers/BasicMessageHandler.ts index ebee4ab1f7..3e10a3cb0c 100644 --- a/packages/core/src/modules/basic-messages/handlers/BasicMessageHandler.ts +++ b/packages/core/src/modules/basic-messages/handlers/BasicMessageHandler.ts @@ -1,7 +1,6 @@ import type { Handler, HandlerInboundMessage } from '../../../agent/Handler' import type { BasicMessageService } from '../services/BasicMessageService' -import { AriesFrameworkError } from '../../../error' import { BasicMessage } from '../messages' export class BasicMessageHandler implements Handler { @@ -13,16 +12,7 @@ export class BasicMessageHandler implements Handler { } public async handle(messageContext: HandlerInboundMessage) { - const connection = messageContext.connection - - if (!connection) { - throw new AriesFrameworkError(`Connection for verkey ${messageContext.recipientVerkey} not found!`) - } - - if (!connection.theirKey) { - throw new AriesFrameworkError(`Connection with verkey ${connection.verkey} has no recipient keys.`) - } - + const connection = messageContext.assertReadyConnection() await this.basicMessageService.save(messageContext, connection) } } diff --git a/packages/core/src/modules/connections/ConnectionEvents.ts b/packages/core/src/modules/connections/ConnectionEvents.ts index e9108ccae9..327a897dda 100644 --- a/packages/core/src/modules/connections/ConnectionEvents.ts +++ b/packages/core/src/modules/connections/ConnectionEvents.ts @@ -1,5 +1,5 @@ import type { BaseEvent } from '../../agent/Events' -import type { ConnectionState } from './models/ConnectionState' +import type { DidExchangeState } from './models' import type { ConnectionRecord } from './repository/ConnectionRecord' export enum ConnectionEventTypes { @@ -10,6 +10,6 @@ export interface ConnectionStateChangedEvent extends BaseEvent { type: typeof ConnectionEventTypes.ConnectionStateChanged payload: { connectionRecord: ConnectionRecord - previousState: ConnectionState | null + previousState: DidExchangeState | null } } diff --git a/packages/core/src/modules/connections/ConnectionsModule.ts b/packages/core/src/modules/connections/ConnectionsModule.ts index ac7e7229b1..b9b4510bd8 100644 --- a/packages/core/src/modules/connections/ConnectionsModule.ts +++ b/packages/core/src/modules/connections/ConnectionsModule.ts @@ -1,4 +1,7 @@ +import type { Key } from '../dids' +import type { OutOfBandRecord } from '../oob/repository' import type { ConnectionRecord } from './repository/ConnectionRecord' +import type { Routing } from './services' import { Lifecycle, scoped } from 'tsyringe' @@ -6,144 +9,103 @@ import { AgentConfig } from '../../agent/AgentConfig' import { Dispatcher } from '../../agent/Dispatcher' import { MessageSender } from '../../agent/MessageSender' import { createOutboundMessage } from '../../agent/helpers' +import { AriesFrameworkError } from '../../error' +import { DidResolverService } from '../dids' +import { DidRepository } from '../dids/repository' +import { OutOfBandService } from '../oob/OutOfBandService' import { MediationRecipientService } from '../routing/services/MediationRecipientService' +import { DidExchangeProtocol } from './DidExchangeProtocol' import { ConnectionRequestHandler, ConnectionResponseHandler, AckMessageHandler, TrustPingMessageHandler, TrustPingResponseMessageHandler, + DidExchangeRequestHandler, + DidExchangeResponseHandler, + DidExchangeCompleteHandler, } from './handlers' -import { ConnectionInvitationMessage } from './messages' +import { HandshakeProtocol } from './models' import { ConnectionService } from './services/ConnectionService' import { TrustPingService } from './services/TrustPingService' @scoped(Lifecycle.ContainerScoped) export class ConnectionsModule { private agentConfig: AgentConfig + private didExchangeProtocol: DidExchangeProtocol private connectionService: ConnectionService + private outOfBandService: OutOfBandService private messageSender: MessageSender private trustPingService: TrustPingService private mediationRecipientService: MediationRecipientService + private didRepository: DidRepository + private didResolverService: DidResolverService public constructor( dispatcher: Dispatcher, agentConfig: AgentConfig, + didExchangeProtocol: DidExchangeProtocol, connectionService: ConnectionService, + outOfBandService: OutOfBandService, trustPingService: TrustPingService, mediationRecipientService: MediationRecipientService, + didRepository: DidRepository, + didResolverService: DidResolverService, messageSender: MessageSender ) { this.agentConfig = agentConfig + this.didExchangeProtocol = didExchangeProtocol this.connectionService = connectionService + this.outOfBandService = outOfBandService this.trustPingService = trustPingService this.mediationRecipientService = mediationRecipientService + this.didRepository = didRepository this.messageSender = messageSender + this.didResolverService = didResolverService this.registerHandlers(dispatcher) } - public async createConnection(config?: { - autoAcceptConnection?: boolean - alias?: string - mediatorId?: string - multiUseInvitation?: boolean - myLabel?: string - myImageUrl?: string - }): Promise<{ - invitation: ConnectionInvitationMessage - connectionRecord: ConnectionRecord - }> { - const myRouting = await this.mediationRecipientService.getRouting({ - mediatorId: config?.mediatorId, - useDefaultMediator: true, - }) - - const { connectionRecord: connectionRecord, message: invitation } = await this.connectionService.createInvitation({ - autoAcceptConnection: config?.autoAcceptConnection, - alias: config?.alias, - routing: myRouting, - multiUseInvitation: config?.multiUseInvitation, - myLabel: config?.myLabel, - myImageUrl: config?.myImageUrl, - }) - - return { connectionRecord, invitation } - } - - /** - * Receive connection invitation as invitee and create connection. If auto accepting is enabled - * via either the config passed in the function or the global agent config, a connection - * request message will be send. - * - * @param invitationJson json object containing the invitation to receive - * @param config config for handling of invitation - * @returns new connection record - */ - public async receiveInvitation( - invitation: ConnectionInvitationMessage, - config?: { + public async acceptOutOfBandInvitation( + outOfBandRecord: OutOfBandRecord, + config: { autoAcceptConnection?: boolean + label?: string alias?: string + imageUrl?: string mediatorId?: string + protocol: HandshakeProtocol + routing?: Routing } - ): Promise { - const routing = await this.mediationRecipientService.getRouting({ mediatorId: config?.mediatorId }) - - let connection = await this.connectionService.processInvitation(invitation, { - autoAcceptConnection: config?.autoAcceptConnection, - alias: config?.alias, - routing, - }) - // if auto accept is enabled (either on the record or the global agent config) - // we directly send a connection request - if (connection.autoAcceptConnection ?? this.agentConfig.autoAcceptConnections) { - connection = await this.acceptInvitation(connection.id) - } - return connection - } + ) { + const { protocol, label, alias, imageUrl, autoAcceptConnection } = config - /** - * Receive connection invitation as invitee encoded as url and create connection. If auto accepting is enabled - * via either the config passed in the function or the global agent config, a connection - * request message will be send. - * - * @param invitationUrl url containing a base64 encoded invitation to receive - * @param config config for handling of invitation - * @returns new connection record - */ - public async receiveInvitationFromUrl( - invitationUrl: string, - config?: { - autoAcceptConnection?: boolean - alias?: string - mediatorId?: string - } - ): Promise { - const invitation = await ConnectionInvitationMessage.fromUrl(invitationUrl) - return this.receiveInvitation(invitation, config) - } + const routing = + config.routing || (await this.mediationRecipientService.getRouting({ mediatorId: config?.mediatorId })) - /** - * Accept a connection invitation as invitee (by sending a connection request message) for the connection with the specified connection id. - * This is not needed when auto accepting of connections is enabled. - * - * @param connectionId the id of the connection for which to accept the invitation - * @returns connection record - */ - public async acceptInvitation( - connectionId: string, - config?: { - autoAcceptConnection?: boolean + let result + if (protocol === HandshakeProtocol.DidExchange) { + result = await this.didExchangeProtocol.createRequest(outOfBandRecord, { + label, + alias, + routing, + autoAcceptConnection, + }) + } else if (protocol === HandshakeProtocol.Connections) { + result = await this.connectionService.createRequest(outOfBandRecord, { + label, + alias, + imageUrl, + routing, + autoAcceptConnection, + }) + } else { + throw new AriesFrameworkError(`Unsupported handshake protocol ${protocol}.`) } - ): Promise { - const { message, connectionRecord: connectionRecord } = await this.connectionService.createRequest( - connectionId, - config - ) - const outbound = createOutboundMessage(connectionRecord, message) - await this.messageSender.sendMessage(outbound) + const { message, connectionRecord } = result + const outboundMessage = createOutboundMessage(connectionRecord, message, outOfBandRecord) + await this.messageSender.sendMessage(outboundMessage) return connectionRecord } @@ -155,11 +117,29 @@ export class ConnectionsModule { * @returns connection record */ public async acceptRequest(connectionId: string): Promise { - const { message, connectionRecord: connectionRecord } = await this.connectionService.createResponse(connectionId) + const connectionRecord = await this.connectionService.findById(connectionId) + if (!connectionRecord) { + throw new AriesFrameworkError(`Connection record ${connectionId} not found.`) + } + if (!connectionRecord.outOfBandId) { + throw new AriesFrameworkError(`Connection record ${connectionId} does not have out-of-band record.`) + } + + const outOfBandRecord = await this.outOfBandService.findById(connectionRecord.outOfBandId) + if (!outOfBandRecord) { + throw new AriesFrameworkError(`Out-of-band record ${connectionRecord.outOfBandId} not found.`) + } - const outbound = createOutboundMessage(connectionRecord, message) - await this.messageSender.sendMessage(outbound) + let outboundMessage + if (connectionRecord.protocol === HandshakeProtocol.DidExchange) { + const message = await this.didExchangeProtocol.createResponse(connectionRecord, outOfBandRecord) + outboundMessage = createOutboundMessage(connectionRecord, message) + } else { + const { message } = await this.connectionService.createResponse(connectionRecord, outOfBandRecord) + outboundMessage = createOutboundMessage(connectionRecord, message) + } + await this.messageSender.sendMessage(outboundMessage) return connectionRecord } @@ -171,13 +151,29 @@ export class ConnectionsModule { * @returns connection record */ public async acceptResponse(connectionId: string): Promise { - const { message, connectionRecord: connectionRecord } = await this.connectionService.createTrustPing(connectionId, { - responseRequested: false, - }) + const connectionRecord = await this.connectionService.getById(connectionId) - const outbound = createOutboundMessage(connectionRecord, message) - await this.messageSender.sendMessage(outbound) + let outboundMessage + if (connectionRecord.protocol === HandshakeProtocol.DidExchange) { + if (!connectionRecord.outOfBandId) { + throw new AriesFrameworkError(`Connection ${connectionRecord.id} does not have outOfBandId!`) + } + const outOfBandRecord = await this.outOfBandService.findById(connectionRecord.outOfBandId) + if (!outOfBandRecord) { + throw new AriesFrameworkError( + `OutOfBand record for connection ${connectionRecord.id} with outOfBandId ${connectionRecord.outOfBandId} not found!` + ) + } + const message = await this.didExchangeProtocol.createComplete(connectionRecord, outOfBandRecord) + outboundMessage = createOutboundMessage(connectionRecord, message) + } else { + const { message } = await this.connectionService.createTrustPing(connectionRecord, { + responseRequested: false, + }) + outboundMessage = createOutboundMessage(connectionRecord, message) + } + await this.messageSender.sendMessage(outboundMessage) return connectionRecord } @@ -225,37 +221,28 @@ export class ConnectionsModule { return this.connectionService.deleteById(connectionId) } - /** - * Find connection by verkey. - * - * @param verkey the verkey to search for - * @returns the connection record, or null if not found - * @throws {RecordDuplicateError} if multiple connections are found for the given verkey - */ - public findByVerkey(verkey: string): Promise { - return this.connectionService.findByVerkey(verkey) - } + public async findByKeys({ senderKey, recipientKey }: { senderKey: Key; recipientKey: Key }) { + const theirDidRecord = await this.didRepository.findByRecipientKey(senderKey) + if (theirDidRecord) { + const ourDidRecord = await this.didRepository.findByRecipientKey(recipientKey) + if (ourDidRecord) { + const connectionRecord = await this.connectionService.findSingleByQuery({ + did: ourDidRecord.id, + theirDid: theirDidRecord.id, + }) + if (connectionRecord && connectionRecord.isReady) return connectionRecord + } + } - /** - * Find connection by their verkey. - * - * @param verkey the verkey to search for - * @returns the connection record, or null if not found - * @throws {RecordDuplicateError} if multiple connections are found for the given verkey - */ - public findByTheirKey(verkey: string): Promise { - return this.connectionService.findByTheirKey(verkey) + this.agentConfig.logger.debug( + `No connection record found for encrypted message with recipient key ${recipientKey.fingerprint} and sender key ${senderKey.fingerprint}` + ) + + return null } - /** - * Find connection by Invitation key. - * - * @param key the invitation key to search for - * @returns the connection record, or null if not found - * @throws {RecordDuplicateError} if multiple connections are found for the given verkey - */ - public findByInvitationKey(key: string): Promise { - return this.connectionService.findByInvitationKey(key) + public async findAllByOutOfBandId(outOfBandId: string) { + return this.connectionService.findAllByOutOfBandId(outOfBandId) } /** @@ -270,13 +257,55 @@ export class ConnectionsModule { return this.connectionService.getByThreadId(threadId) } + public async findByDid(did: string): Promise { + return this.connectionService.findByTheirDid(did) + } + + public async findByInvitationDid(invitationDid: string): Promise { + return this.connectionService.findByInvitationDid(invitationDid) + } + private registerHandlers(dispatcher: Dispatcher) { dispatcher.registerHandler( - new ConnectionRequestHandler(this.connectionService, this.agentConfig, this.mediationRecipientService) + new ConnectionRequestHandler( + this.agentConfig, + this.connectionService, + this.outOfBandService, + this.mediationRecipientService, + this.didRepository + ) + ) + dispatcher.registerHandler( + new ConnectionResponseHandler( + this.agentConfig, + this.connectionService, + this.outOfBandService, + this.didResolverService + ) ) - dispatcher.registerHandler(new ConnectionResponseHandler(this.connectionService, this.agentConfig)) dispatcher.registerHandler(new AckMessageHandler(this.connectionService)) dispatcher.registerHandler(new TrustPingMessageHandler(this.trustPingService, this.connectionService)) dispatcher.registerHandler(new TrustPingResponseMessageHandler(this.trustPingService)) + + dispatcher.registerHandler( + new DidExchangeRequestHandler( + this.agentConfig, + this.didExchangeProtocol, + this.outOfBandService, + this.mediationRecipientService, + this.didRepository + ) + ) + + dispatcher.registerHandler( + new DidExchangeResponseHandler( + this.agentConfig, + this.didExchangeProtocol, + this.outOfBandService, + this.connectionService, + this.didResolverService + ) + ) + dispatcher.registerHandler(new DidExchangeCompleteHandler(this.didExchangeProtocol, this.outOfBandService)) } } diff --git a/packages/core/src/modules/connections/DidExchangeProtocol.ts b/packages/core/src/modules/connections/DidExchangeProtocol.ts new file mode 100644 index 0000000000..a3964e425e --- /dev/null +++ b/packages/core/src/modules/connections/DidExchangeProtocol.ts @@ -0,0 +1,531 @@ +import type { ResolvedDidCommService } from '../../agent/MessageSender' +import type { InboundMessageContext } from '../../agent/models/InboundMessageContext' +import type { Logger } from '../../logger' +import type { OutOfBandDidCommService } from '../oob/domain/OutOfBandDidCommService' +import type { OutOfBandRecord } from '../oob/repository' +import type { ConnectionRecord } from './repository' +import type { Routing } from './services/ConnectionService' + +import { Lifecycle, scoped } from 'tsyringe' + +import { AgentConfig } from '../../agent/AgentConfig' +import { KeyType } from '../../crypto' +import { JwsService } from '../../crypto/JwsService' +import { Attachment, AttachmentData } from '../../decorators/attachment/Attachment' +import { AriesFrameworkError } from '../../error' +import { JsonEncoder } from '../../utils/JsonEncoder' +import { JsonTransformer } from '../../utils/JsonTransformer' +import { DidDocument, Key } from '../dids' +import { DidDocumentRole } from '../dids/domain/DidDocumentRole' +import { createDidDocumentFromServices } from '../dids/domain/createPeerDidFromServices' +import { getKeyDidMappingByVerificationMethod } from '../dids/domain/key-type' +import { didKeyToInstanceOfKey, didKeyToVerkey } from '../dids/helpers' +import { DidKey } from '../dids/methods/key/DidKey' +import { getNumAlgoFromPeerDid, PeerDidNumAlgo } from '../dids/methods/peer/didPeer' +import { didDocumentJsonToNumAlgo1Did } from '../dids/methods/peer/peerDidNumAlgo1' +import { DidRecord, DidRepository } from '../dids/repository' + +import { DidExchangeStateMachine } from './DidExchangeStateMachine' +import { DidExchangeProblemReportError, DidExchangeProblemReportReason } from './errors' +import { DidExchangeCompleteMessage } from './messages/DidExchangeCompleteMessage' +import { DidExchangeRequestMessage } from './messages/DidExchangeRequestMessage' +import { DidExchangeResponseMessage } from './messages/DidExchangeResponseMessage' +import { HandshakeProtocol, DidExchangeRole, DidExchangeState } from './models' +import { ConnectionService } from './services' + +interface DidExchangeRequestParams { + label?: string + alias?: string + goal?: string + goalCode?: string + routing: Routing + autoAcceptConnection?: boolean +} + +@scoped(Lifecycle.ContainerScoped) +export class DidExchangeProtocol { + private config: AgentConfig + private connectionService: ConnectionService + private jwsService: JwsService + private didRepository: DidRepository + private logger: Logger + + public constructor( + config: AgentConfig, + connectionService: ConnectionService, + didRepository: DidRepository, + jwsService: JwsService + ) { + this.config = config + this.connectionService = connectionService + this.didRepository = didRepository + this.jwsService = jwsService + this.logger = config.logger + } + + public async createRequest( + outOfBandRecord: OutOfBandRecord, + params: DidExchangeRequestParams + ): Promise<{ message: DidExchangeRequestMessage; connectionRecord: ConnectionRecord }> { + this.logger.debug(`Create message ${DidExchangeRequestMessage.type} start`, { outOfBandRecord, params }) + + const { outOfBandInvitation } = outOfBandRecord + const { alias, goal, goalCode, routing, autoAcceptConnection } = params + + const { did, mediatorId } = routing + + // TODO: We should store only one did that we'll use to send the request message with success. + // We take just the first one for now. + const [invitationDid] = outOfBandInvitation.invitationDids + + const connectionRecord = await this.connectionService.createConnection({ + protocol: HandshakeProtocol.DidExchange, + role: DidExchangeRole.Requester, + alias, + state: DidExchangeState.InvitationReceived, + theirLabel: outOfBandInvitation.label, + multiUseInvitation: false, + did, + mediatorId, + autoAcceptConnection: outOfBandRecord.autoAcceptConnection, + outOfBandId: outOfBandRecord.id, + invitationDid, + }) + + DidExchangeStateMachine.assertCreateMessageState(DidExchangeRequestMessage.type, connectionRecord) + + // Create message + const label = params.label ?? this.config.label + const { verkey } = routing + const didDocument = await this.createPeerDidDoc(this.routingToServices(routing)) + const parentThreadId = outOfBandInvitation.id + + const message = new DidExchangeRequestMessage({ label, parentThreadId, did: didDocument.id, goal, goalCode }) + + // Create sign attachment containing didDoc + if (getNumAlgoFromPeerDid(didDocument.id) === PeerDidNumAlgo.GenesisDoc) { + const didDocAttach = await this.createSignedAttachment(didDocument, [verkey].map(didKeyToVerkey)) + message.didDoc = didDocAttach + } + + connectionRecord.did = didDocument.id + connectionRecord.threadId = message.id + + if (autoAcceptConnection !== undefined || autoAcceptConnection !== null) { + connectionRecord.autoAcceptConnection = autoAcceptConnection + } + + await this.updateState(DidExchangeRequestMessage.type, connectionRecord) + this.logger.debug(`Create message ${DidExchangeRequestMessage.type} end`, { + connectionRecord, + message, + }) + return { message, connectionRecord } + } + + public async processRequest( + messageContext: InboundMessageContext, + outOfBandRecord: OutOfBandRecord, + routing?: Routing + ): Promise { + this.logger.debug(`Process message ${DidExchangeRequestMessage.type} start`, messageContext) + + // TODO check oob role is sender + // TODO check oob state is await-response + // TODO check there is no connection record for particular oob record + + const { did, mediatorId } = routing ? routing : outOfBandRecord + if (!did) { + throw new AriesFrameworkError('Out-of-band record does not have did attribute.') + } + + const { message } = messageContext + + // Check corresponding invitation ID is the request's ~thread.pthid + // TODO Maybe we can do it in handler, but that actually does not make sense because we try to find oob by parent thread ID there. + if (!message.thread?.parentThreadId || message.thread?.parentThreadId !== outOfBandRecord.getTags().invitationId) { + throw new DidExchangeProblemReportError('Missing reference to invitation.', { + problemCode: DidExchangeProblemReportReason.RequestNotAccepted, + }) + } + + // If the responder wishes to continue the exchange, they will persist the received information in their wallet. + + if (!message.did.startsWith('did:peer:')) { + throw new DidExchangeProblemReportError( + `Message contains unsupported did ${message.did}. Supported dids are [did:peer]`, + { + problemCode: DidExchangeProblemReportReason.RequestNotAccepted, + } + ) + } + const numAlgo = getNumAlgoFromPeerDid(message.did) + if (numAlgo !== PeerDidNumAlgo.GenesisDoc) { + throw new DidExchangeProblemReportError( + `Unsupported numalgo ${numAlgo}. Supported numalgos are [${PeerDidNumAlgo.GenesisDoc}]`, + { + problemCode: DidExchangeProblemReportReason.RequestNotAccepted, + } + ) + } + + const didDocument = await this.extractDidDocument(message) + const didRecord = new DidRecord({ + id: message.did, + role: DidDocumentRole.Received, + // It is important to take the did document from the PeerDid class + // as it will have the id property + didDocument, + tags: { + // We need to save the recipientKeys, so we can find the associated did + // of a key when we receive a message from another connection. + recipientKeyFingerprints: didDocument.recipientKeys.map((key) => key.fingerprint), + }, + }) + + this.logger.debug('Saving DID record', { + id: didRecord.id, + role: didRecord.role, + tags: didRecord.getTags(), + didDocument: 'omitted...', + }) + + await this.didRepository.save(didRecord) + + const connectionRecord = await this.connectionService.createConnection({ + protocol: HandshakeProtocol.DidExchange, + role: DidExchangeRole.Responder, + state: DidExchangeState.RequestReceived, + multiUseInvitation: false, + did, + mediatorId, + autoAcceptConnection: outOfBandRecord.autoAcceptConnection, + outOfBandId: outOfBandRecord.id, + }) + connectionRecord.theirDid = message.did + connectionRecord.theirLabel = message.label + connectionRecord.threadId = message.threadId + + await this.updateState(DidExchangeRequestMessage.type, connectionRecord) + this.logger.debug(`Process message ${DidExchangeRequestMessage.type} end`, connectionRecord) + return connectionRecord + } + + public async createResponse( + connectionRecord: ConnectionRecord, + outOfBandRecord: OutOfBandRecord, + routing?: Routing + ): Promise { + this.logger.debug(`Create message ${DidExchangeResponseMessage.type} start`, connectionRecord) + DidExchangeStateMachine.assertCreateMessageState(DidExchangeResponseMessage.type, connectionRecord) + + const { did } = routing ? routing : outOfBandRecord + if (!did) { + throw new AriesFrameworkError('Out-of-band record does not have did attribute.') + } + + const { threadId } = connectionRecord + + if (!threadId) { + throw new AriesFrameworkError('Missing threadId on connection record.') + } + + let services: ResolvedDidCommService[] = [] + if (routing) { + services = this.routingToServices(routing) + } else if (outOfBandRecord) { + const inlineServices = outOfBandRecord.outOfBandInvitation.services.filter( + (service) => typeof service !== 'string' + ) as OutOfBandDidCommService[] + + services = inlineServices.map((service) => ({ + id: service.id, + serviceEndpoint: service.serviceEndpoint, + recipientKeys: service.recipientKeys.map(didKeyToInstanceOfKey), + routingKeys: service.routingKeys?.map(didKeyToInstanceOfKey) ?? [], + })) + } + + const didDocument = await this.createPeerDidDoc(services) + const message = new DidExchangeResponseMessage({ did: didDocument.id, threadId }) + + if (getNumAlgoFromPeerDid(didDocument.id) === PeerDidNumAlgo.GenesisDoc) { + const didDocAttach = await this.createSignedAttachment( + didDocument, + Array.from( + new Set( + services + .map((s) => s.recipientKeys) + .reduce((acc, curr) => acc.concat(curr), []) + .map((key) => key.publicKeyBase58) + ) + ) + ) + message.didDoc = didDocAttach + } + + connectionRecord.did = didDocument.id + + await this.updateState(DidExchangeResponseMessage.type, connectionRecord) + this.logger.debug(`Create message ${DidExchangeResponseMessage.type} end`, { connectionRecord, message }) + return message + } + + public async processResponse( + messageContext: InboundMessageContext, + outOfBandRecord: OutOfBandRecord + ): Promise { + this.logger.debug(`Process message ${DidExchangeResponseMessage.type} start`, messageContext) + const { connection: connectionRecord, message } = messageContext + + if (!connectionRecord) { + throw new AriesFrameworkError('No connection record in message context.') + } + + DidExchangeStateMachine.assertProcessMessageState(DidExchangeResponseMessage.type, connectionRecord) + + if (!message.thread?.threadId || message.thread?.threadId !== connectionRecord.threadId) { + throw new DidExchangeProblemReportError('Invalid or missing thread ID.', { + problemCode: DidExchangeProblemReportReason.ResponseNotAccepted, + }) + } + + if (!message.did.startsWith('did:peer:')) { + throw new DidExchangeProblemReportError( + `Message contains unsupported did ${message.did}. Supported dids are [did:peer]`, + { + problemCode: DidExchangeProblemReportReason.ResponseNotAccepted, + } + ) + } + const numAlgo = getNumAlgoFromPeerDid(message.did) + if (numAlgo !== PeerDidNumAlgo.GenesisDoc) { + throw new DidExchangeProblemReportError( + `Unsupported numalgo ${numAlgo}. Supported numalgos are [${PeerDidNumAlgo.GenesisDoc}]`, + { + problemCode: DidExchangeProblemReportReason.ResponseNotAccepted, + } + ) + } + + const didDocument = await this.extractDidDocument( + message, + outOfBandRecord.getRecipientKeys().map((key) => key.publicKeyBase58) + ) + const didRecord = new DidRecord({ + id: message.did, + role: DidDocumentRole.Received, + didDocument, + tags: { + // We need to save the recipientKeys, so we can find the associated did + // of a key when we receive a message from another connection. + recipientKeyFingerprints: didDocument.recipientKeys.map((key) => key.fingerprint), + }, + }) + + this.logger.debug('Saving DID record', { + id: didRecord.id, + role: didRecord.role, + tags: didRecord.getTags(), + didDocument: 'omitted...', + }) + + await this.didRepository.save(didRecord) + + connectionRecord.theirDid = message.did + + await this.updateState(DidExchangeResponseMessage.type, connectionRecord) + this.logger.debug(`Process message ${DidExchangeResponseMessage.type} end`, connectionRecord) + return connectionRecord + } + + public async createComplete( + connectionRecord: ConnectionRecord, + outOfBandRecord: OutOfBandRecord + ): Promise { + this.logger.debug(`Create message ${DidExchangeCompleteMessage.type} start`, connectionRecord) + DidExchangeStateMachine.assertCreateMessageState(DidExchangeCompleteMessage.type, connectionRecord) + + const threadId = connectionRecord.threadId + const parentThreadId = outOfBandRecord.outOfBandInvitation.id + + if (!threadId) { + throw new AriesFrameworkError(`Connection record ${connectionRecord.id} does not have 'threadId' attribute.`) + } + + if (!parentThreadId) { + throw new AriesFrameworkError( + `Connection record ${connectionRecord.id} does not have 'parentThreadId' attribute.` + ) + } + + const message = new DidExchangeCompleteMessage({ threadId, parentThreadId }) + + await this.updateState(DidExchangeCompleteMessage.type, connectionRecord) + this.logger.debug(`Create message ${DidExchangeCompleteMessage.type} end`, { connectionRecord, message }) + return message + } + + public async processComplete( + messageContext: InboundMessageContext, + outOfBandRecord: OutOfBandRecord + ): Promise { + this.logger.debug(`Process message ${DidExchangeCompleteMessage.type} start`, messageContext) + const { connection: connectionRecord, message } = messageContext + + if (!connectionRecord) { + throw new AriesFrameworkError('No connection record in message context.') + } + + DidExchangeStateMachine.assertProcessMessageState(DidExchangeCompleteMessage.type, connectionRecord) + + if (message.threadId !== connectionRecord.threadId) { + throw new DidExchangeProblemReportError('Invalid or missing thread ID.', { + problemCode: DidExchangeProblemReportReason.CompleteRejected, + }) + } + + if (!message.thread?.parentThreadId || message.thread?.parentThreadId !== outOfBandRecord.getTags().invitationId) { + throw new DidExchangeProblemReportError('Invalid or missing parent thread ID referencing to the invitation.', { + problemCode: DidExchangeProblemReportReason.CompleteRejected, + }) + } + + await this.updateState(DidExchangeCompleteMessage.type, connectionRecord) + this.logger.debug(`Process message ${DidExchangeCompleteMessage.type} end`, { connectionRecord }) + return connectionRecord + } + + private async updateState(messageType: string, connectionRecord: ConnectionRecord) { + this.logger.debug(`Updating state`, { connectionRecord }) + const nextState = DidExchangeStateMachine.nextState(messageType, connectionRecord) + return this.connectionService.updateState(connectionRecord, nextState) + } + + private async createPeerDidDoc(services: ResolvedDidCommService[]) { + const didDocument = createDidDocumentFromServices(services) + + const peerDid = didDocumentJsonToNumAlgo1Did(didDocument.toJSON()) + didDocument.id = peerDid + + const didRecord = new DidRecord({ + id: peerDid, + role: DidDocumentRole.Created, + didDocument, + tags: { + // We need to save the recipientKeys, so we can find the associated did + // of a key when we receive a message from another connection. + recipientKeyFingerprints: didDocument.recipientKeys.map((key) => key.fingerprint), + }, + }) + + this.logger.debug('Saving DID record', { + id: didRecord.id, + role: didRecord.role, + tags: didRecord.getTags(), + didDocument: 'omitted...', + }) + + await this.didRepository.save(didRecord) + this.logger.debug('Did record created.', didRecord) + return didDocument + } + + private async createSignedAttachment(didDoc: DidDocument, verkeys: string[]) { + const didDocAttach = new Attachment({ + mimeType: 'application/json', + data: new AttachmentData({ + base64: JsonEncoder.toBase64(didDoc), + }), + }) + + await Promise.all( + verkeys.map(async (verkey) => { + const key = Key.fromPublicKeyBase58(verkey, KeyType.Ed25519) + const kid = new DidKey(key).did + const payload = JsonEncoder.toBuffer(didDoc) + + const jws = await this.jwsService.createJws({ + payload, + verkey, + header: { + kid, + }, + }) + didDocAttach.addJws(jws) + }) + ) + + return didDocAttach + } + + /** + * Extracts DID document as is from request or response message attachment and verifies its signature. + * + * @param message DID request or DID response message + * @param invitationKeys array containing keys from connection invitation that could be used for signing of DID document + * @returns verified DID document content from message attachment + */ + private async extractDidDocument( + message: DidExchangeRequestMessage | DidExchangeResponseMessage, + invitationKeysBase58: string[] = [] + ): Promise { + if (!message.didDoc) { + const problemCode = + message.type === DidExchangeRequestMessage.type + ? DidExchangeProblemReportReason.RequestNotAccepted + : DidExchangeProblemReportReason.ResponseNotAccepted + throw new DidExchangeProblemReportError('DID Document attachment is missing.', { problemCode }) + } + const didDocumentAttachment = message.didDoc + const jws = didDocumentAttachment.data.jws + + if (!jws) { + const problemCode = + message.type === DidExchangeRequestMessage.type + ? DidExchangeProblemReportReason.RequestNotAccepted + : DidExchangeProblemReportReason.ResponseNotAccepted + throw new DidExchangeProblemReportError('DID Document signature is missing.', { problemCode }) + } + + const json = didDocumentAttachment.getDataAsJson() as Record + this.logger.trace('DidDocument JSON', json) + + const payload = JsonEncoder.toBuffer(json) + const { isValid, signerVerkeys } = await this.jwsService.verifyJws({ jws, payload }) + + const didDocument = JsonTransformer.fromJSON(json, DidDocument) + const didDocumentKeysBase58 = didDocument.authentication + ?.map((authentication) => { + const verificationMethod = + typeof authentication === 'string' + ? didDocument.dereferenceVerificationMethod(authentication) + : authentication + const { getKeyFromVerificationMethod } = getKeyDidMappingByVerificationMethod(verificationMethod) + const key = getKeyFromVerificationMethod(verificationMethod) + return key.publicKeyBase58 + }) + .concat(invitationKeysBase58) + + this.logger.trace('JWS verification result', { isValid, signerVerkeys, didDocumentKeysBase58 }) + + if (!isValid || !signerVerkeys.every((verkey) => didDocumentKeysBase58?.includes(verkey))) { + const problemCode = + message.type === DidExchangeRequestMessage.type + ? DidExchangeProblemReportReason.RequestNotAccepted + : DidExchangeProblemReportReason.ResponseNotAccepted + throw new DidExchangeProblemReportError('DID Document signature is invalid.', { problemCode }) + } + + return didDocument + } + + private routingToServices(routing: Routing): ResolvedDidCommService[] { + return routing.endpoints.map((endpoint, index) => ({ + id: `#inline-${index}`, + serviceEndpoint: endpoint, + recipientKeys: [Key.fromPublicKeyBase58(routing.verkey, KeyType.Ed25519)], + routingKeys: routing.routingKeys.map((routingKey) => Key.fromPublicKeyBase58(routingKey, KeyType.Ed25519)) || [], + })) + } +} diff --git a/packages/core/src/modules/connections/DidExchangeStateMachine.ts b/packages/core/src/modules/connections/DidExchangeStateMachine.ts new file mode 100644 index 0000000000..f0dde62816 --- /dev/null +++ b/packages/core/src/modules/connections/DidExchangeStateMachine.ts @@ -0,0 +1,86 @@ +import type { ConnectionRecord } from './repository' + +import { AriesFrameworkError } from '../../error' + +import { DidExchangeRequestMessage, DidExchangeResponseMessage, DidExchangeCompleteMessage } from './messages' +import { DidExchangeState, DidExchangeRole } from './models' + +export class DidExchangeStateMachine { + private static createMessageStateRules = [ + { + message: DidExchangeRequestMessage.type, + state: DidExchangeState.InvitationReceived, + role: DidExchangeRole.Requester, + nextState: DidExchangeState.RequestSent, + }, + { + message: DidExchangeResponseMessage.type, + state: DidExchangeState.RequestReceived, + role: DidExchangeRole.Responder, + nextState: DidExchangeState.ResponseSent, + }, + { + message: DidExchangeCompleteMessage.type, + state: DidExchangeState.ResponseReceived, + role: DidExchangeRole.Requester, + nextState: DidExchangeState.Completed, + }, + ] + + private static processMessageStateRules = [ + { + message: DidExchangeRequestMessage.type, + state: DidExchangeState.InvitationSent, + role: DidExchangeRole.Responder, + nextState: DidExchangeState.RequestReceived, + }, + { + message: DidExchangeResponseMessage.type, + state: DidExchangeState.RequestSent, + role: DidExchangeRole.Requester, + nextState: DidExchangeState.ResponseReceived, + }, + { + message: DidExchangeCompleteMessage.type, + state: DidExchangeState.ResponseSent, + role: DidExchangeRole.Responder, + nextState: DidExchangeState.Completed, + }, + ] + + public static assertCreateMessageState(messageType: string, record: ConnectionRecord) { + const rule = this.createMessageStateRules.find((r) => r.message === messageType) + if (!rule) { + throw new AriesFrameworkError(`Could not find create message rule for ${messageType}`) + } + if (rule.state !== record.state || rule.role !== record.role) { + throw new AriesFrameworkError( + `Record with role ${record.role} is in invalid state ${record.state} to create ${messageType}. Expected state for role ${rule.role} is ${rule.state}.` + ) + } + } + + public static assertProcessMessageState(messageType: string, record: ConnectionRecord) { + const rule = this.processMessageStateRules.find((r) => r.message === messageType) + if (!rule) { + throw new AriesFrameworkError(`Could not find create message rule for ${messageType}`) + } + if (rule.state !== record.state || rule.role !== record.role) { + throw new AriesFrameworkError( + `Record with role ${record.role} is in invalid state ${record.state} to process ${messageType}. Expected state for role ${rule.role} is ${rule.state}.` + ) + } + } + + public static nextState(messageType: string, record: ConnectionRecord) { + const rule = this.createMessageStateRules + .concat(this.processMessageStateRules) + .find((r) => r.message === messageType && r.role === record.role) + if (!rule) { + throw new AriesFrameworkError( + `Could not find create message rule for messageType ${messageType}, state ${record.state} and role ${record.role}` + ) + } + return rule.nextState + } +} diff --git a/packages/core/src/modules/connections/__tests__/ConnectionService.test.ts b/packages/core/src/modules/connections/__tests__/ConnectionService.test.ts index 0fe6d0391a..041c4ac3a3 100644 --- a/packages/core/src/modules/connections/__tests__/ConnectionService.test.ts +++ b/packages/core/src/modules/connections/__tests__/ConnectionService.test.ts @@ -1,49 +1,59 @@ import type { Wallet } from '../../../wallet/Wallet' import type { Routing } from '../services/ConnectionService' -import { getAgentConfig, getMockConnection, mockFunction } from '../../../../tests/helpers' +import { getAgentConfig, getMockConnection, getMockOutOfBand, mockFunction } from '../../../../tests/helpers' import { AgentMessage } from '../../../agent/AgentMessage' import { EventEmitter } from '../../../agent/EventEmitter' import { InboundMessageContext } from '../../../agent/models/InboundMessageContext' -import { SignatureDecorator } from '../../../decorators/signature/SignatureDecorator' +import { KeyType } from '../../../crypto' import { signData, unpackAndVerifySignatureDecorator } from '../../../decorators/signature/SignatureDecoratorUtils' import { JsonTransformer } from '../../../utils/JsonTransformer' import { uuid } from '../../../utils/uuid' import { IndyWallet } from '../../../wallet/IndyWallet' import { AckMessage, AckStatus } from '../../common' -import { DidCommService } from '../../dids/domain/service/DidCommService' +import { DidKey, IndyAgentService, Key } from '../../dids' +import { DidCommV1Service } from '../../dids/domain/service/DidCommV1Service' +import { didDocumentJsonToNumAlgo1Did } from '../../dids/methods/peer/peerDidNumAlgo1' +import { DidRepository } from '../../dids/repository' +import { OutOfBandRole } from '../../oob/domain/OutOfBandRole' +import { OutOfBandState } from '../../oob/domain/OutOfBandState' +import { ConnectionRequestMessage, ConnectionResponseMessage, TrustPingMessage } from '../messages' import { - ConnectionInvitationMessage, - ConnectionRequestMessage, - ConnectionResponseMessage, - TrustPingMessage, -} from '../messages' -import { Connection, ConnectionState, ConnectionRole, DidDoc } from '../models' -import { ConnectionRecord } from '../repository/ConnectionRecord' + Connection, + DidDoc, + EmbeddedAuthentication, + Ed25119Sig2018, + DidExchangeRole, + DidExchangeState, +} from '../models' import { ConnectionRepository } from '../repository/ConnectionRepository' import { ConnectionService } from '../services/ConnectionService' +import { convertToNewDidDocument } from '../services/helpers' jest.mock('../repository/ConnectionRepository') +jest.mock('../../dids/repository/DidRepository') const ConnectionRepositoryMock = ConnectionRepository as jest.Mock +const DidRepositoryMock = DidRepository as jest.Mock const connectionImageUrl = 'https://example.com/image.png' describe('ConnectionService', () => { - const config = getAgentConfig('ConnectionServiceTest', { + const agentConfig = getAgentConfig('ConnectionServiceTest', { endpoints: ['http://agent.com:8080'], connectionImageUrl, }) let wallet: Wallet let connectionRepository: ConnectionRepository + let didRepository: DidRepository let connectionService: ConnectionService let eventEmitter: EventEmitter let myRouting: Routing beforeAll(async () => { - wallet = new IndyWallet(config) + wallet = new IndyWallet(agentConfig) // eslint-disable-next-line @typescript-eslint/no-non-null-assertion - await wallet.createAndOpen(config.walletConfig!) + await wallet.createAndOpen(agentConfig.walletConfig!) }) afterAll(async () => { @@ -51,283 +61,107 @@ describe('ConnectionService', () => { }) beforeEach(async () => { - eventEmitter = new EventEmitter(config) + eventEmitter = new EventEmitter(agentConfig) connectionRepository = new ConnectionRepositoryMock() - connectionService = new ConnectionService(wallet, config, connectionRepository, eventEmitter) + didRepository = new DidRepositoryMock() + connectionService = new ConnectionService(wallet, agentConfig, connectionRepository, didRepository, eventEmitter) myRouting = { did: 'fakeDid', verkey: 'fakeVerkey', - endpoints: config.endpoints ?? [], + endpoints: agentConfig.endpoints ?? [], routingKeys: [], mediatorId: 'fakeMediatorId', } }) - describe('createInvitation', () => { - it('returns a connection record with values set', async () => { - expect.assertions(9) - const { connectionRecord, message } = await connectionService.createInvitation({ routing: myRouting }) - - expect(connectionRecord.type).toBe('ConnectionRecord') - expect(connectionRecord.role).toBe(ConnectionRole.Inviter) - expect(connectionRecord.state).toBe(ConnectionState.Invited) - expect(connectionRecord.autoAcceptConnection).toBeUndefined() - expect(connectionRecord.id).toEqual(expect.any(String)) - expect(connectionRecord.verkey).toEqual(expect.any(String)) - expect(connectionRecord.mediatorId).toEqual('fakeMediatorId') - expect(message.imageUrl).toBe(connectionImageUrl) - expect(connectionRecord.getTags()).toEqual( - expect.objectContaining({ - verkey: connectionRecord.verkey, - }) - ) - }) - - it('returns a connection record with invitation', async () => { - expect.assertions(1) - - const { message: invitation } = await connectionService.createInvitation({ routing: myRouting }) - - expect(invitation).toEqual( - expect.objectContaining({ - label: config.label, - recipientKeys: [expect.any(String)], - routingKeys: [], - serviceEndpoint: config.endpoints[0], - }) - ) - }) - - it('saves the connection record in the connection repository', async () => { - expect.assertions(1) - - const saveSpy = jest.spyOn(connectionRepository, 'save') - - await connectionService.createInvitation({ routing: myRouting }) - - expect(saveSpy).toHaveBeenCalledWith(expect.any(ConnectionRecord)) - }) - - it('returns a connection record with the autoAcceptConnection parameter from the config', async () => { - expect.assertions(3) - - const { connectionRecord: connectionTrue } = await connectionService.createInvitation({ - autoAcceptConnection: true, - routing: myRouting, - }) - const { connectionRecord: connectionFalse } = await connectionService.createInvitation({ - autoAcceptConnection: false, - routing: myRouting, - }) - const { connectionRecord: connectionUndefined } = await connectionService.createInvitation({ routing: myRouting }) - - expect(connectionTrue.autoAcceptConnection).toBe(true) - expect(connectionFalse.autoAcceptConnection).toBe(false) - expect(connectionUndefined.autoAcceptConnection).toBeUndefined() - }) - - it('returns a connection record with the alias parameter from the config', async () => { - expect.assertions(2) - - const { connectionRecord: aliasDefined } = await connectionService.createInvitation({ - alias: 'test-alias', - routing: myRouting, - }) - const { connectionRecord: aliasUndefined } = await connectionService.createInvitation({ routing: myRouting }) - - expect(aliasDefined.alias).toBe('test-alias') - expect(aliasUndefined.alias).toBeUndefined() - }) - - it('returns a connection record with the multiUseInvitation parameter from the config', async () => { - expect.assertions(2) - - const { connectionRecord: multiUseDefined } = await connectionService.createInvitation({ - multiUseInvitation: true, - routing: myRouting, - }) - const { connectionRecord: multiUseUndefined } = await connectionService.createInvitation({ routing: myRouting }) - - expect(multiUseDefined.multiUseInvitation).toBe(true) - // Defaults to false - expect(multiUseUndefined.multiUseInvitation).toBe(false) - }) - - it('returns a connection record with the custom label from the config', async () => { - expect.assertions(1) - - const { message: invitation } = await connectionService.createInvitation({ - routing: myRouting, - myLabel: 'custom-label', - }) - - expect(invitation).toEqual( - expect.objectContaining({ - label: 'custom-label', - recipientKeys: [expect.any(String)], - routingKeys: [], - serviceEndpoint: config.endpoints[0], - }) - ) - }) - - it('returns a connection record with the custom image url from the config', async () => { - expect.assertions(1) - - const { message: invitation } = await connectionService.createInvitation({ - routing: myRouting, - myImageUrl: 'custom-image-url', - }) - - expect(invitation).toEqual( - expect.objectContaining({ - label: config.label, - imageUrl: 'custom-image-url', - recipientKeys: [expect.any(String)], - routingKeys: [], - serviceEndpoint: config.endpoints[0], - }) - ) - }) - }) - - describe('processInvitation', () => { - it('returns a connection record containing the information from the connection invitation', async () => { - expect.assertions(12) - - const recipientKey = 'key-1' - const invitation = new ConnectionInvitationMessage({ - label: 'test label', - recipientKeys: [recipientKey], - serviceEndpoint: 'https://test.com/msg', - imageUrl: connectionImageUrl, - }) - - const connection = await connectionService.processInvitation(invitation, { routing: myRouting }) - const connectionAlias = await connectionService.processInvitation(invitation, { - alias: 'test-alias', - routing: myRouting, - }) - - expect(connection.role).toBe(ConnectionRole.Invitee) - expect(connection.state).toBe(ConnectionState.Invited) - expect(connection.autoAcceptConnection).toBeUndefined() - expect(connection.id).toEqual(expect.any(String)) - expect(connection.verkey).toEqual(expect.any(String)) - expect(connection.mediatorId).toEqual('fakeMediatorId') - expect(connection.getTags()).toEqual( - expect.objectContaining({ - verkey: connection.verkey, - invitationKey: recipientKey, - }) - ) - expect(connection.invitation).toMatchObject(invitation) - expect(connection.alias).toBeUndefined() - expect(connectionAlias.alias).toBe('test-alias') - expect(connection.theirLabel).toBe('test label') - expect(connection.imageUrl).toBe(connectionImageUrl) - }) - - it('returns a connection record with the autoAcceptConnection parameter from the config', async () => { - expect.assertions(3) - - const invitation = new ConnectionInvitationMessage({ - did: 'did:sov:test', - label: 'test label', - }) - - const connectionTrue = await connectionService.processInvitation(invitation, { - autoAcceptConnection: true, - routing: myRouting, - }) - const connectionFalse = await connectionService.processInvitation(invitation, { - autoAcceptConnection: false, - routing: myRouting, - }) - const connectionUndefined = await connectionService.processInvitation(invitation, { routing: myRouting }) - - expect(connectionTrue.autoAcceptConnection).toBe(true) - expect(connectionFalse.autoAcceptConnection).toBe(false) - expect(connectionUndefined.autoAcceptConnection).toBeUndefined() - }) - - it('returns a connection record with the alias parameter from the config', async () => { - expect.assertions(2) - - const invitation = new ConnectionInvitationMessage({ - did: 'did:sov:test', - label: 'test label', - }) - - const aliasDefined = await connectionService.processInvitation(invitation, { - alias: 'test-alias', - routing: myRouting, - }) - const aliasUndefined = await connectionService.processInvitation(invitation, { routing: myRouting }) - - expect(aliasDefined.alias).toBe('test-alias') - expect(aliasUndefined.alias).toBeUndefined() - }) - }) - describe('createRequest', () => { it('returns a connection request message containing the information from the connection record', async () => { expect.assertions(5) - const connection = getMockConnection() - mockFunction(connectionRepository.getById).mockReturnValue(Promise.resolve(connection)) - - const { connectionRecord: connectionRecord, message } = await connectionService.createRequest('test') - - expect(connectionRecord.state).toBe(ConnectionState.Requested) - expect(message.label).toBe(config.label) - expect(message.connection.did).toBe('test-did') - expect(message.connection.didDoc).toEqual(connection.didDoc) + const outOfBand = getMockOutOfBand({ state: OutOfBandState.PrepareResponse }) + const config = { routing: myRouting } + + const { connectionRecord, message } = await connectionService.createRequest(outOfBand, config) + + expect(connectionRecord.state).toBe(DidExchangeState.RequestSent) + expect(message.label).toBe(agentConfig.label) + expect(message.connection.did).toBe('fakeDid') + expect(message.connection.didDoc).toEqual( + new DidDoc({ + id: 'fakeDid', + publicKey: [ + new Ed25119Sig2018({ + id: `fakeDid#1`, + controller: 'fakeDid', + publicKeyBase58: 'fakeVerkey', + }), + ], + authentication: [ + new EmbeddedAuthentication( + new Ed25119Sig2018({ + id: `fakeDid#1`, + controller: 'fakeDid', + publicKeyBase58: 'fakeVerkey', + }) + ), + ], + service: [ + new IndyAgentService({ + id: `fakeDid#IndyAgentService`, + serviceEndpoint: agentConfig.endpoints[0], + recipientKeys: ['fakeVerkey'], + routingKeys: [], + }), + ], + }) + ) expect(message.imageUrl).toBe(connectionImageUrl) }) it('returns a connection request message containing a custom label', async () => { expect.assertions(1) - const connection = getMockConnection() - mockFunction(connectionRepository.getById).mockReturnValue(Promise.resolve(connection)) + const outOfBand = getMockOutOfBand({ state: OutOfBandState.PrepareResponse }) + const config = { label: 'Custom label', routing: myRouting } - const { message } = await connectionService.createRequest('test', { myLabel: 'custom-label' }) + const { message } = await connectionService.createRequest(outOfBand, config) - expect(message.label).toBe('custom-label') + expect(message.label).toBe('Custom label') }) it('returns a connection request message containing a custom image url', async () => { expect.assertions(1) - const connection = getMockConnection() - mockFunction(connectionRepository.getById).mockReturnValue(Promise.resolve(connection)) + const outOfBand = getMockOutOfBand({ state: OutOfBandState.PrepareResponse }) + const config = { imageUrl: 'custom-image-url', routing: myRouting } - const { message } = await connectionService.createRequest('test', { myImageUrl: 'custom-image-url' }) + const { message } = await connectionService.createRequest(outOfBand, config) expect(message.imageUrl).toBe('custom-image-url') }) - it(`throws an error when connection role is ${ConnectionRole.Inviter} and not ${ConnectionRole.Invitee}`, async () => { + it(`throws an error when out-of-band role is not ${OutOfBandRole.Receiver}`, async () => { expect.assertions(1) - mockFunction(connectionRepository.getById).mockReturnValue( - Promise.resolve(getMockConnection({ role: ConnectionRole.Inviter })) - ) - return expect(connectionService.createRequest('test')).rejects.toThrowError( - `Connection record has invalid role ${ConnectionRole.Inviter}. Expected role ${ConnectionRole.Invitee}.` + const outOfBand = getMockOutOfBand({ role: OutOfBandRole.Sender, state: OutOfBandState.PrepareResponse }) + const config = { routing: myRouting } + + return expect(connectionService.createRequest(outOfBand, config)).rejects.toThrowError( + `Invalid out-of-band record role ${OutOfBandRole.Sender}, expected is ${OutOfBandRole.Receiver}.` ) }) - const invalidConnectionStates = [ConnectionState.Requested, ConnectionState.Responded, ConnectionState.Complete] + const invalidConnectionStates = [OutOfBandState.Initial, OutOfBandState.AwaitResponse, OutOfBandState.Done] test.each(invalidConnectionStates)( - `throws an error when connection state is %s and not ${ConnectionState.Invited}`, + `throws an error when out-of-band state is %s and not ${OutOfBandState.PrepareResponse}`, (state) => { expect.assertions(1) - mockFunction(connectionRepository.getById).mockReturnValue(Promise.resolve(getMockConnection({ state }))) - return expect(connectionService.createRequest('test')).rejects.toThrowError( - `Connection record is in invalid state ${state}. Valid states are: ${ConnectionState.Invited}.` + const outOfBand = getMockOutOfBand({ state }) + const config = { routing: myRouting } + + return expect(connectionService.createRequest(outOfBand, config)).rejects.toThrowError( + `Invalid out-of-band record state ${state}, valid states are: ${OutOfBandState.PrepareResponse}.` ) } ) @@ -335,26 +169,27 @@ describe('ConnectionService', () => { describe('processRequest', () => { it('returns a connection record containing the information from the connection request', async () => { - expect.assertions(7) - - const connectionRecord = getMockConnection({ - state: ConnectionState.Invited, - verkey: 'my-key', - role: ConnectionRole.Inviter, - }) - mockFunction(connectionRepository.findByVerkey).mockReturnValue(Promise.resolve(connectionRecord)) + expect.assertions(5) const theirDid = 'their-did' - const theirVerkey = 'their-verkey' + const theirKey = Key.fromPublicKeyBase58('79CXkde3j8TNuMXxPdV7nLUrT2g7JAEjH5TreyVY7GEZ', KeyType.Ed25519) const theirDidDoc = new DidDoc({ id: theirDid, publicKey: [], - authentication: [], + authentication: [ + new EmbeddedAuthentication( + new Ed25119Sig2018({ + id: `${theirDid}#key-id`, + controller: theirDid, + publicKeyBase58: theirKey.publicKeyBase58, + }) + ), + ], service: [ - new DidCommService({ + new DidCommV1Service({ id: `${theirDid};indy`, serviceEndpoint: 'https://endpoint.com', - recipientKeys: [theirVerkey], + recipientKeys: [`${theirDid}#key-id`], }), ], }) @@ -367,63 +202,54 @@ describe('ConnectionService', () => { }) const messageContext = new InboundMessageContext(connectionRequest, { - senderVerkey: theirVerkey, - recipientVerkey: 'my-key', + senderKey: theirKey, + recipientKey: Key.fromPublicKeyBase58('8HH5gYEeNc3z7PYXmd54d4x6qAfCNrqQqEB3nS7Zfu7K', KeyType.Ed25519), }) - const processedConnection = await connectionService.processRequest(messageContext) + const outOfBand = getMockOutOfBand({ + did: 'fakeDid', + mediatorId: 'fakeMediatorId', + role: OutOfBandRole.Sender, + state: OutOfBandState.AwaitResponse, + }) + const processedConnection = await connectionService.processRequest(messageContext, outOfBand) - expect(processedConnection.state).toBe(ConnectionState.Requested) - expect(processedConnection.theirDid).toBe(theirDid) - expect(processedConnection.theirDidDoc).toEqual(theirDidDoc) - expect(processedConnection.theirKey).toBe(theirVerkey) + expect(processedConnection.state).toBe(DidExchangeState.RequestReceived) + expect(processedConnection.theirDid).toBe('did:peer:1zQmfPPbuG8vajHvYjGUW8CN5k9rLuuMmYSGBYwJqJDDUS72') expect(processedConnection.theirLabel).toBe('test-label') expect(processedConnection.threadId).toBe(connectionRequest.id) expect(processedConnection.imageUrl).toBe(connectionImageUrl) }) - it('throws an error when the connection cannot be found by verkey', async () => { - expect.assertions(1) - - const connectionRequest = new ConnectionRequestMessage({ - did: 'did', - label: 'test-label', - }) - - const messageContext = new InboundMessageContext(connectionRequest, { - recipientVerkey: 'test-verkey', - senderVerkey: 'sender-verkey', - }) - - mockFunction(connectionRepository.findByVerkey).mockReturnValue(Promise.resolve(null)) - return expect(connectionService.processRequest(messageContext)).rejects.toThrowError( - 'Unable to process connection request: connection for verkey test-verkey not found' - ) - }) - it('returns a new connection record containing the information from the connection request when multiUseInvitation is enabled on the connection', async () => { - expect.assertions(10) + expect.assertions(8) const connectionRecord = getMockConnection({ id: 'test', - state: ConnectionState.Invited, - verkey: 'my-key', - role: ConnectionRole.Inviter, + state: DidExchangeState.InvitationSent, + role: DidExchangeRole.Responder, multiUseInvitation: true, }) - mockFunction(connectionRepository.findByVerkey).mockReturnValue(Promise.resolve(connectionRecord)) const theirDid = 'their-did' - const theirVerkey = 'their-verkey' + const theirKey = Key.fromPublicKeyBase58('79CXkde3j8TNuMXxPdV7nLUrT2g7JAEjH5TreyVY7GEZ', KeyType.Ed25519) const theirDidDoc = new DidDoc({ id: theirDid, publicKey: [], - authentication: [], + authentication: [ + new EmbeddedAuthentication( + new Ed25119Sig2018({ + id: `${theirDid}#key-id`, + controller: theirDid, + publicKeyBase58: theirKey.publicKeyBase58, + }) + ), + ], service: [ - new DidCommService({ + new DidCommV1Service({ id: `${theirDid};indy`, serviceEndpoint: 'https://endpoint.com', - recipientKeys: [theirVerkey], + recipientKeys: [`${theirDid}#key-id`], }), ], }) @@ -436,107 +262,78 @@ describe('ConnectionService', () => { const messageContext = new InboundMessageContext(connectionRequest, { connection: connectionRecord, - senderVerkey: theirVerkey, - recipientVerkey: 'my-key', + senderKey: theirKey, + recipientKey: Key.fromPublicKeyBase58('8HH5gYEeNc3z7PYXmd54d4x6qAfCNrqQqEB3nS7Zfu7K', KeyType.Ed25519), }) - const processedConnection = await connectionService.processRequest(messageContext, myRouting) + const outOfBand = getMockOutOfBand({ + did: 'fakeDid', + mediatorId: 'fakeMediatorId', + role: OutOfBandRole.Sender, + state: OutOfBandState.AwaitResponse, + }) + const processedConnection = await connectionService.processRequest(messageContext, outOfBand) - expect(processedConnection.state).toBe(ConnectionState.Requested) - expect(processedConnection.theirDid).toBe(theirDid) - expect(processedConnection.theirDidDoc).toEqual(theirDidDoc) - expect(processedConnection.theirKey).toBe(theirVerkey) + expect(processedConnection.state).toBe(DidExchangeState.RequestReceived) + expect(processedConnection.theirDid).toBe('did:peer:1zQmfPPbuG8vajHvYjGUW8CN5k9rLuuMmYSGBYwJqJDDUS72') expect(processedConnection.theirLabel).toBe('test-label') expect(processedConnection.threadId).toBe(connectionRequest.id) expect(connectionRepository.save).toHaveBeenCalledTimes(1) expect(processedConnection.id).not.toBe(connectionRecord.id) expect(connectionRecord.id).toBe('test') - expect(connectionRecord.state).toBe(ConnectionState.Invited) - }) - - it(`throws an error when connection role is ${ConnectionRole.Invitee} and not ${ConnectionRole.Inviter}`, async () => { - expect.assertions(1) - - mockFunction(connectionRepository.findByVerkey).mockReturnValue( - Promise.resolve(getMockConnection({ role: ConnectionRole.Invitee })) - ) - - const inboundMessage = new InboundMessageContext(jest.fn()(), { - senderVerkey: 'senderVerkey', - recipientVerkey: 'recipientVerkey', - }) - - return expect(connectionService.processRequest(inboundMessage)).rejects.toThrowError( - `Connection record has invalid role ${ConnectionRole.Invitee}. Expected role ${ConnectionRole.Inviter}.` - ) + expect(connectionRecord.state).toBe(DidExchangeState.InvitationSent) }) - it('throws an error when the message does not contain a did doc with any recipientKeys', async () => { + it('throws an error when the message does not contain a did doc', async () => { expect.assertions(1) - const recipientVerkey = 'test-verkey' - - const connection = getMockConnection({ - role: ConnectionRole.Inviter, - verkey: recipientVerkey, - }) - - mockFunction(connectionRepository.findByVerkey).mockReturnValue(Promise.resolve(connection)) - const connectionRequest = new ConnectionRequestMessage({ did: 'did', label: 'test-label', - didDoc: new DidDoc({ - id: 'did:test', - publicKey: [], - service: [], - authentication: [], - }), }) const messageContext = new InboundMessageContext(connectionRequest, { - recipientVerkey, - senderVerkey: 'sender-verkey', + recipientKey: Key.fromPublicKeyBase58('8HH5gYEeNc3z7PYXmd54d4x6qAfCNrqQqEB3nS7Zfu7K', KeyType.Ed25519), + senderKey: Key.fromPublicKeyBase58('79CXkde3j8TNuMXxPdV7nLUrT2g7JAEjH5TreyVY7GEZ', KeyType.Ed25519), }) - return expect(connectionService.processRequest(messageContext)).rejects.toThrowError( - `Connection with id ${connection.id} has no recipient keys.` + const outOfBand = getMockOutOfBand({ role: OutOfBandRole.Sender, state: OutOfBandState.AwaitResponse }) + + return expect(connectionService.processRequest(messageContext, outOfBand)).rejects.toThrowError( + `Public DIDs are not supported yet` ) }) - it('throws an error when a request for a multi use invitation is processed without routing provided', async () => { - const connectionRecord = getMockConnection({ - state: ConnectionState.Invited, - verkey: 'my-key', - role: ConnectionRole.Inviter, - multiUseInvitation: true, - }) - mockFunction(connectionRepository.findByVerkey).mockReturnValue(Promise.resolve(connectionRecord)) + it(`throws an error when out-of-band role is not ${OutOfBandRole.Sender}`, async () => { + expect.assertions(1) - const theirDidDoc = new DidDoc({ - id: 'their-did', - publicKey: [], - authentication: [], - service: [], + const inboundMessage = new InboundMessageContext(jest.fn()(), { + recipientKey: Key.fromPublicKeyBase58('8HH5gYEeNc3z7PYXmd54d4x6qAfCNrqQqEB3nS7Zfu7K', KeyType.Ed25519), + senderKey: Key.fromPublicKeyBase58('79CXkde3j8TNuMXxPdV7nLUrT2g7JAEjH5TreyVY7GEZ', KeyType.Ed25519), }) - const connectionRequest = new ConnectionRequestMessage({ - did: 'their-did', - didDoc: theirDidDoc, - label: 'test-label', - }) + const outOfBand = getMockOutOfBand({ role: OutOfBandRole.Receiver, state: OutOfBandState.AwaitResponse }) - const messageContext = new InboundMessageContext(connectionRequest, { - connection: connectionRecord, - senderVerkey: 'their-verkey', - recipientVerkey: 'my-key', - }) - - expect(connectionService.processRequest(messageContext)).rejects.toThrowError( - 'Cannot process request for multi-use invitation without routing object. Make sure to call processRequest with the routing parameter provided.' + return expect(connectionService.processRequest(inboundMessage, outOfBand)).rejects.toThrowError( + `Invalid out-of-band record role ${OutOfBandRole.Receiver}, expected is ${OutOfBandRole.Sender}.` ) }) + + const invalidOutOfBandStates = [OutOfBandState.Initial, OutOfBandState.PrepareResponse, OutOfBandState.Done] + test.each(invalidOutOfBandStates)( + `throws an error when out-of-band state is %s and not ${OutOfBandState.AwaitResponse}`, + (state) => { + expect.assertions(1) + + const inboundMessage = new InboundMessageContext(jest.fn()(), {}) + const outOfBand = getMockOutOfBand({ role: OutOfBandRole.Sender, state }) + + return expect(connectionService.processRequest(inboundMessage, outOfBand)).rejects.toThrowError( + `Invalid out-of-band record state ${state}, valid states are: ${OutOfBandState.AwaitResponse}.` + ) + } + ) }) describe('createResponse', () => { @@ -546,54 +343,90 @@ describe('ConnectionService', () => { // Needed for signing connection~sig const { did, verkey } = await wallet.createDid() const mockConnection = getMockConnection({ - did, - verkey, - state: ConnectionState.Requested, - role: ConnectionRole.Inviter, + state: DidExchangeState.RequestReceived, + role: DidExchangeRole.Responder, tags: { threadId: 'test', }, }) - mockFunction(connectionRepository.getById).mockReturnValue(Promise.resolve(mockConnection)) - const { message, connectionRecord: connectionRecord } = await connectionService.createResponse('test') + const recipientKeys = [new DidKey(Key.fromPublicKeyBase58(verkey, KeyType.Ed25519))] + const outOfBand = getMockOutOfBand({ did, recipientKeys: recipientKeys.map((did) => did.did) }) + const mockDidDoc = new DidDoc({ + id: did, + publicKey: [ + new Ed25119Sig2018({ + id: `${did}#1`, + controller: did, + publicKeyBase58: verkey, + }), + ], + authentication: [ + new EmbeddedAuthentication( + new Ed25119Sig2018({ + id: `${did}#1`, + controller: did, + publicKeyBase58: verkey, + }) + ), + ], + service: [ + new IndyAgentService({ + id: `${did}#IndyAgentService`, + serviceEndpoint: 'http://example.com', + recipientKeys: recipientKeys.map((did) => did.key.publicKeyBase58), + routingKeys: [], + }), + ], + }) + + const { message, connectionRecord: connectionRecord } = await connectionService.createResponse( + mockConnection, + outOfBand + ) const connection = new Connection({ - did: mockConnection.did, - didDoc: mockConnection.didDoc, + did, + didDoc: mockDidDoc, }) const plainConnection = JsonTransformer.toJSON(connection) - expect(connectionRecord.state).toBe(ConnectionState.Responded) + expect(connectionRecord.state).toBe(DidExchangeState.ResponseSent) expect(await unpackAndVerifySignatureDecorator(message.connectionSig, wallet)).toEqual(plainConnection) }) - it(`throws an error when connection role is ${ConnectionRole.Invitee} and not ${ConnectionRole.Inviter}`, async () => { + it(`throws an error when connection role is ${DidExchangeRole.Requester} and not ${DidExchangeRole.Responder}`, async () => { expect.assertions(1) - mockFunction(connectionRepository.getById).mockReturnValue( - Promise.resolve( - getMockConnection({ - role: ConnectionRole.Invitee, - state: ConnectionState.Requested, - }) - ) - ) - return expect(connectionService.createResponse('test')).rejects.toThrowError( - `Connection record has invalid role ${ConnectionRole.Invitee}. Expected role ${ConnectionRole.Inviter}.` + const connection = getMockConnection({ + role: DidExchangeRole.Requester, + state: DidExchangeState.RequestReceived, + }) + const outOfBand = getMockOutOfBand() + return expect(connectionService.createResponse(connection, outOfBand)).rejects.toThrowError( + `Connection record has invalid role ${DidExchangeRole.Requester}. Expected role ${DidExchangeRole.Responder}.` ) }) - const invalidConnectionStates = [ConnectionState.Invited, ConnectionState.Responded, ConnectionState.Complete] - test.each(invalidConnectionStates)( - `throws an error when connection state is %s and not ${ConnectionState.Requested}`, + const invalidOutOfBandStates = [ + DidExchangeState.InvitationSent, + DidExchangeState.InvitationReceived, + DidExchangeState.RequestSent, + DidExchangeState.ResponseSent, + DidExchangeState.ResponseReceived, + DidExchangeState.Completed, + DidExchangeState.Abandoned, + DidExchangeState.Start, + ] + test.each(invalidOutOfBandStates)( + `throws an error when connection state is %s and not ${DidExchangeState.RequestReceived}`, async (state) => { expect.assertions(1) - mockFunction(connectionRepository.getById).mockReturnValue(Promise.resolve(getMockConnection({ state }))) - - return expect(connectionService.createResponse('test')).rejects.toThrowError( - `Connection record is in invalid state ${state}. Valid states are: ${ConnectionState.Requested}.` + const connection = getMockConnection({ state }) + const outOfBand = getMockOutOfBand() + return expect(connectionService.createResponse(connection, outOfBand)).rejects.toThrowError( + `Connection record is in invalid state ${state}. Valid states are: ${DidExchangeState.RequestReceived}.` ) } ) @@ -601,36 +434,38 @@ describe('ConnectionService', () => { describe('processResponse', () => { it('returns a connection record containing the information from the connection response', async () => { - expect.assertions(3) + expect.assertions(2) const { did, verkey } = await wallet.createDid() const { did: theirDid, verkey: theirVerkey } = await wallet.createDid() const connectionRecord = getMockConnection({ did, - verkey, - state: ConnectionState.Requested, - role: ConnectionRole.Invitee, - invitation: new ConnectionInvitationMessage({ - label: 'test', - // processResponse checks wether invitation key is same as signing key for connetion~sig - recipientKeys: [theirVerkey], - serviceEndpoint: 'test', - }), + state: DidExchangeState.RequestSent, + role: DidExchangeRole.Requester, }) - mockFunction(connectionRepository.findByVerkey).mockReturnValue(Promise.resolve(connectionRecord)) + + const theirKey = Key.fromPublicKeyBase58(theirVerkey, KeyType.Ed25519) const otherPartyConnection = new Connection({ did: theirDid, didDoc: new DidDoc({ id: theirDid, publicKey: [], - authentication: [], + authentication: [ + new EmbeddedAuthentication( + new Ed25119Sig2018({ + id: `${theirDid}#key-id`, + controller: theirDid, + publicKeyBase58: theirKey.publicKeyBase58, + }) + ), + ], service: [ - new DidCommService({ + new DidCommV1Service({ id: `${did};indy`, serviceEndpoint: 'https://endpoint.com', - recipientKeys: [theirVerkey], + recipientKeys: [`${theirDid}#key-id`], }), ], }), @@ -644,40 +479,40 @@ describe('ConnectionService', () => { connectionSig, }) + const outOfBandRecord = getMockOutOfBand({ + recipientKeys: [new DidKey(theirKey).did], + }) const messageContext = new InboundMessageContext(connectionResponse, { connection: connectionRecord, - // eslint-disable-next-line @typescript-eslint/no-non-null-assertion - senderVerkey: connectionRecord.theirKey!, - // eslint-disable-next-line @typescript-eslint/no-non-null-assertion - recipientVerkey: connectionRecord.myKey!, + senderKey: theirKey, + recipientKey: Key.fromPublicKeyBase58(verkey, KeyType.Ed25519), }) - const processedConnection = await connectionService.processResponse(messageContext) + const processedConnection = await connectionService.processResponse(messageContext, outOfBandRecord) + + // eslint-disable-next-line @typescript-eslint/no-non-null-assertion + const peerDid = didDocumentJsonToNumAlgo1Did(convertToNewDidDocument(otherPartyConnection.didDoc!).toJSON()) - expect(processedConnection.state).toBe(ConnectionState.Responded) - expect(processedConnection.theirDid).toBe(theirDid) - expect(processedConnection.theirDidDoc).toEqual(otherPartyConnection.didDoc) + expect(processedConnection.state).toBe(DidExchangeState.ResponseReceived) + expect(processedConnection.theirDid).toBe(peerDid) }) - it(`throws an error when connection role is ${ConnectionRole.Inviter} and not ${ConnectionRole.Invitee}`, async () => { + it(`throws an error when connection role is ${DidExchangeRole.Responder} and not ${DidExchangeRole.Requester}`, async () => { expect.assertions(1) - const inboundMessage = new InboundMessageContext(jest.fn()(), { - senderVerkey: 'senderVerkey', - recipientVerkey: 'recipientVerkey', + const outOfBandRecord = getMockOutOfBand() + const connectionRecord = getMockConnection({ + role: DidExchangeRole.Responder, + state: DidExchangeState.RequestSent, + }) + const messageContext = new InboundMessageContext(jest.fn()(), { + connection: connectionRecord, + recipientKey: Key.fromPublicKeyBase58('8HH5gYEeNc3z7PYXmd54d4x6qAfCNrqQqEB3nS7Zfu7K', KeyType.Ed25519), + senderKey: Key.fromPublicKeyBase58('79CXkde3j8TNuMXxPdV7nLUrT2g7JAEjH5TreyVY7GEZ', KeyType.Ed25519), }) - mockFunction(connectionRepository.findByVerkey).mockReturnValue( - Promise.resolve( - getMockConnection({ - role: ConnectionRole.Inviter, - state: ConnectionState.Requested, - }) - ) - ) - - return expect(connectionService.processResponse(inboundMessage)).rejects.toThrowError( - `Connection record has invalid role ${ConnectionRole.Inviter}. Expected role ${ConnectionRole.Invitee}.` + return expect(connectionService.processResponse(messageContext, outOfBandRecord)).rejects.toThrowError( + `Connection record has invalid role ${DidExchangeRole.Responder}. Expected role ${DidExchangeRole.Requester}.` ) }) @@ -688,23 +523,31 @@ describe('ConnectionService', () => { const { did: theirDid, verkey: theirVerkey } = await wallet.createDid() const connectionRecord = getMockConnection({ did, - verkey, - role: ConnectionRole.Invitee, - state: ConnectionState.Requested, + role: DidExchangeRole.Requester, + state: DidExchangeState.RequestSent, }) - mockFunction(connectionRepository.findByVerkey).mockReturnValue(Promise.resolve(connectionRecord)) + + const theirKey = Key.fromPublicKeyBase58(theirVerkey, KeyType.Ed25519) const otherPartyConnection = new Connection({ did: theirDid, didDoc: new DidDoc({ id: theirDid, publicKey: [], - authentication: [], + authentication: [ + new EmbeddedAuthentication( + new Ed25119Sig2018({ + id: `${theirDid}#key-id`, + controller: theirDid, + publicKeyBase58: theirKey.publicKeyBase58, + }) + ), + ], service: [ - new DidCommService({ + new DidCommV1Service({ id: `${did};indy`, serviceEndpoint: 'https://endpoint.com', - recipientKeys: [theirVerkey], + recipientKeys: [`${theirDid}#key-id`], }), ], }), @@ -717,83 +560,52 @@ describe('ConnectionService', () => { connectionSig, }) + // Recipient key `verkey` is not the same as theirVerkey which was used to sign message, + // therefore it should cause a failure. + const outOfBandRecord = getMockOutOfBand({ + recipientKeys: [new DidKey(Key.fromPublicKeyBase58(verkey, KeyType.Ed25519)).did], + }) const messageContext = new InboundMessageContext(connectionResponse, { connection: connectionRecord, - // eslint-disable-next-line @typescript-eslint/no-non-null-assertion - senderVerkey: connectionRecord.theirKey!, - // eslint-disable-next-line @typescript-eslint/no-non-null-assertion - recipientVerkey: connectionRecord.myKey!, + senderKey: theirKey, + recipientKey: Key.fromPublicKeyBase58(verkey, KeyType.Ed25519), }) - return expect(connectionService.processResponse(messageContext)).rejects.toThrowError( + return expect(connectionService.processResponse(messageContext, outOfBandRecord)).rejects.toThrowError( new RegExp( 'Connection object in connection response message is not signed with same key as recipient key in invitation' ) ) }) - it('throws an error when the connection cannot be found by verkey', async () => { + it('throws an error when the message does not contain a DID Document', async () => { expect.assertions(1) - const connectionResponse = new ConnectionResponseMessage({ - threadId: uuid(), - connectionSig: new SignatureDecorator({ - signature: '', - signatureData: '', - signatureType: '', - signer: '', - }), - }) - - const messageContext = new InboundMessageContext(connectionResponse, { - recipientVerkey: 'test-verkey', - senderVerkey: 'sender-verkey', - }) - mockFunction(connectionRepository.findByVerkey).mockReturnValue(Promise.resolve(null)) - - return expect(connectionService.processResponse(messageContext)).rejects.toThrowError( - 'Unable to process connection response: connection for verkey test-verkey not found' - ) - }) - - it('throws an error when the message does not contain a did doc with any recipientKeys', async () => { - expect.assertions(1) - - const { did, verkey } = await wallet.createDid() + const { did } = await wallet.createDid() const { did: theirDid, verkey: theirVerkey } = await wallet.createDid() const connectionRecord = getMockConnection({ did, - verkey, - state: ConnectionState.Requested, - invitation: new ConnectionInvitationMessage({ - label: 'test', - // processResponse checks wether invitation key is same as signing key for connetion~sig - recipientKeys: [theirVerkey], - serviceEndpoint: 'test', - }), + state: DidExchangeState.RequestSent, theirDid: undefined, - theirDidDoc: undefined, }) - mockFunction(connectionRepository.findByVerkey).mockReturnValue(Promise.resolve(connectionRecord)) - const otherPartyConnection = new Connection({ - did: theirDid, - }) + const theirKey = Key.fromPublicKeyBase58(theirVerkey, KeyType.Ed25519) + + const otherPartyConnection = new Connection({ did: theirDid }) const plainConnection = JsonTransformer.toJSON(otherPartyConnection) const connectionSig = await signData(plainConnection, wallet, theirVerkey) - const connectionResponse = new ConnectionResponseMessage({ - threadId: uuid(), - connectionSig, - }) + const connectionResponse = new ConnectionResponseMessage({ threadId: uuid(), connectionSig }) + const outOfBandRecord = getMockOutOfBand({ recipientKeys: [new DidKey(theirKey).did] }) const messageContext = new InboundMessageContext(connectionResponse, { - senderVerkey: 'senderVerkey', - recipientVerkey: 'recipientVerkey', + connection: connectionRecord, + recipientKey: Key.fromPublicKeyBase58('8HH5gYEeNc3z7PYXmd54d4x6qAfCNrqQqEB3nS7Zfu7K', KeyType.Ed25519), + senderKey: Key.fromPublicKeyBase58('79CXkde3j8TNuMXxPdV7nLUrT2g7JAEjH5TreyVY7GEZ', KeyType.Ed25519), }) - return expect(connectionService.processResponse(messageContext)).rejects.toThrowError( - `Connection with id ${connectionRecord.id} has no recipient keys.` + return expect(connectionService.processResponse(messageContext, outOfBandRecord)).rejects.toThrowError( + `DID Document is missing.` ) }) }) @@ -802,26 +614,31 @@ describe('ConnectionService', () => { it('returns a trust ping message', async () => { expect.assertions(2) - const mockConnection = getMockConnection({ - state: ConnectionState.Responded, - }) - mockFunction(connectionRepository.getById).mockReturnValue(Promise.resolve(mockConnection)) + const mockConnection = getMockConnection({ state: DidExchangeState.ResponseReceived }) - const { message, connectionRecord: connectionRecord } = await connectionService.createTrustPing('test') + const { message, connectionRecord: connectionRecord } = await connectionService.createTrustPing(mockConnection) - expect(connectionRecord.state).toBe(ConnectionState.Complete) + expect(connectionRecord.state).toBe(DidExchangeState.Completed) expect(message).toEqual(expect.any(TrustPingMessage)) }) - const invalidConnectionStates = [ConnectionState.Invited, ConnectionState.Requested] + const invalidConnectionStates = [ + DidExchangeState.InvitationSent, + DidExchangeState.InvitationReceived, + DidExchangeState.RequestSent, + DidExchangeState.RequestReceived, + DidExchangeState.ResponseSent, + DidExchangeState.Abandoned, + DidExchangeState.Start, + ] test.each(invalidConnectionStates)( - `throws an error when connection state is %s and not ${ConnectionState.Responded} or ${ConnectionState.Complete}`, + `throws an error when connection state is %s and not ${DidExchangeState.ResponseReceived} or ${DidExchangeState.Completed}`, (state) => { expect.assertions(1) + const connection = getMockConnection({ state }) - mockFunction(connectionRepository.getById).mockReturnValue(Promise.resolve(getMockConnection({ state }))) - return expect(connectionService.createTrustPing('test')).rejects.toThrowError( - `Connection record is in invalid state ${state}. Valid states are: ${ConnectionState.Responded}, ${ConnectionState.Complete}.` + return expect(connectionService.createTrustPing(connection)).rejects.toThrowError( + `Connection record is in invalid state ${state}. Valid states are: ${DidExchangeState.ResponseReceived}, ${DidExchangeState.Completed}.` ) } ) @@ -836,21 +653,19 @@ describe('ConnectionService', () => { threadId: 'thread-id', }) - const messageContext = new InboundMessageContext(ack, { - recipientVerkey: 'test-verkey', - }) + const messageContext = new InboundMessageContext(ack, {}) return expect(connectionService.processAck(messageContext)).rejects.toThrowError( - 'Unable to process connection ack: connection for verkey test-verkey not found' + 'Unable to process connection ack: connection for recipient key undefined not found' ) }) - it('updates the state to Completed when the state is Responded and role is Inviter', async () => { + it('updates the state to Completed when the state is ResponseSent and role is Responder', async () => { expect.assertions(1) const connection = getMockConnection({ - state: ConnectionState.Responded, - role: ConnectionRole.Inviter, + state: DidExchangeState.ResponseSent, + role: DidExchangeRole.Responder, }) const ack = new AckMessage({ @@ -858,22 +673,19 @@ describe('ConnectionService', () => { threadId: 'thread-id', }) - const messageContext = new InboundMessageContext(ack, { - recipientVerkey: 'test-verkey', - connection, - }) + const messageContext = new InboundMessageContext(ack, { connection }) const updatedConnection = await connectionService.processAck(messageContext) - expect(updatedConnection.state).toBe(ConnectionState.Complete) + expect(updatedConnection.state).toBe(DidExchangeState.Completed) }) - it('does not update the state when the state is not Responded or the role is not Inviter', async () => { + it('does not update the state when the state is not ResponseSent or the role is not Responder', async () => { expect.assertions(1) const connection = getMockConnection({ - state: ConnectionState.Responded, - role: ConnectionRole.Invitee, + state: DidExchangeState.ResponseReceived, + role: DidExchangeRole.Requester, }) const ack = new AckMessage({ @@ -881,14 +693,11 @@ describe('ConnectionService', () => { threadId: 'thread-id', }) - const messageContext = new InboundMessageContext(ack, { - recipientVerkey: 'test-verkey', - connection, - }) + const messageContext = new InboundMessageContext(ack, { connection }) const updatedConnection = await connectionService.processAck(messageContext) - expect(updatedConnection.state).toBe(ConnectionState.Responded) + expect(updatedConnection.state).toBe(DidExchangeState.ResponseReceived) }) }) @@ -897,7 +706,7 @@ describe('ConnectionService', () => { expect.assertions(1) const messageContext = new InboundMessageContext(new AgentMessage(), { - connection: getMockConnection({ state: ConnectionState.Complete }), + connection: getMockConnection({ state: DidExchangeState.Completed }), }) expect(() => connectionService.assertConnectionOrServiceDecorator(messageContext)).not.toThrow() @@ -907,7 +716,7 @@ describe('ConnectionService', () => { expect.assertions(1) const messageContext = new InboundMessageContext(new AgentMessage(), { - connection: getMockConnection({ state: ConnectionState.Invited }), + connection: getMockConnection({ state: DidExchangeState.InvitationReceived }), }) expect(() => connectionService.assertConnectionOrServiceDecorator(messageContext)).toThrowError( @@ -932,19 +741,19 @@ describe('ConnectionService', () => { it('should not throw when a fully valid connection-less input is passed', () => { expect.assertions(1) - const senderKey = 'senderKey' - const recipientKey = 'recipientKey' + const recipientKey = Key.fromPublicKeyBase58('8HH5gYEeNc3z7PYXmd54d4x6qAfCNrqQqEB3nS7Zfu7K', KeyType.Ed25519) + const senderKey = Key.fromPublicKeyBase58('79CXkde3j8TNuMXxPdV7nLUrT2g7JAEjH5TreyVY7GEZ', KeyType.Ed25519) const previousSentMessage = new AgentMessage() previousSentMessage.setService({ - recipientKeys: [recipientKey], + recipientKeys: [recipientKey.publicKeyBase58], serviceEndpoint: '', routingKeys: [], }) const previousReceivedMessage = new AgentMessage() previousReceivedMessage.setService({ - recipientKeys: [senderKey], + recipientKeys: [senderKey.publicKeyBase58], serviceEndpoint: '', routingKeys: [], }) @@ -955,10 +764,7 @@ describe('ConnectionService', () => { serviceEndpoint: '', routingKeys: [], }) - const messageContext = new InboundMessageContext(message, { - recipientVerkey: recipientKey, - senderVerkey: senderKey, - }) + const messageContext = new InboundMessageContext(message, { recipientKey, senderKey }) expect(() => connectionService.assertConnectionOrServiceDecorator(messageContext, { @@ -991,7 +797,7 @@ describe('ConnectionService', () => { it('should throw an error when previousSentMessage and recipientKey are present, but recipient key is not present in recipientKeys of previously sent message ~service decorator', () => { expect.assertions(1) - const recipientKey = 'recipientKey' + const recipientKey = Key.fromPublicKeyBase58('8HH5gYEeNc3z7PYXmd54d4x6qAfCNrqQqEB3nS7Zfu7K', KeyType.Ed25519) const previousSentMessage = new AgentMessage() previousSentMessage.setService({ @@ -1001,9 +807,7 @@ describe('ConnectionService', () => { }) const message = new AgentMessage() - const messageContext = new InboundMessageContext(message, { - recipientVerkey: recipientKey, - }) + const messageContext = new InboundMessageContext(message, { recipientKey }) expect(() => connectionService.assertConnectionOrServiceDecorator(messageContext, { @@ -1048,7 +852,7 @@ describe('ConnectionService', () => { const message = new AgentMessage() const messageContext = new InboundMessageContext(message, { - senderVerkey: senderKey, + senderKey: Key.fromPublicKeyBase58(senderKey, KeyType.Ed25519), }) expect(() => @@ -1089,24 +893,6 @@ describe('ConnectionService', () => { expect(result).toBe(expected) }) - it('findByVerkey should return value from connectionRepository.findSingleByQuery', async () => { - const expected = getMockConnection() - mockFunction(connectionRepository.findByVerkey).mockReturnValue(Promise.resolve(expected)) - const result = await connectionService.findByVerkey('verkey') - expect(connectionRepository.findByVerkey).toBeCalledWith('verkey') - - expect(result).toBe(expected) - }) - - it('findByTheirKey should return value from connectionRepository.findSingleByQuery', async () => { - const expected = getMockConnection() - mockFunction(connectionRepository.findByTheirKey).mockReturnValue(Promise.resolve(expected)) - const result = await connectionService.findByTheirKey('theirKey') - expect(connectionRepository.findByTheirKey).toBeCalledWith('theirKey') - - expect(result).toBe(expected) - }) - it('getAll should return value from connectionRepository.getAll', async () => { const expected = [getMockConnection(), getMockConnection()] diff --git a/packages/core/src/modules/connections/__tests__/ConnectionState.test.ts b/packages/core/src/modules/connections/__tests__/ConnectionState.test.ts deleted file mode 100644 index fba8caff43..0000000000 --- a/packages/core/src/modules/connections/__tests__/ConnectionState.test.ts +++ /dev/null @@ -1,10 +0,0 @@ -import { ConnectionState } from '../models/ConnectionState' - -describe('ConnectionState', () => { - test('state matches Connection 1.0 (RFC 0160) state value', () => { - expect(ConnectionState.Invited).toBe('invited') - expect(ConnectionState.Requested).toBe('requested') - expect(ConnectionState.Responded).toBe('responded') - expect(ConnectionState.Complete).toBe('complete') - }) -}) diff --git a/packages/core/src/modules/connections/__tests__/helpers.test.ts b/packages/core/src/modules/connections/__tests__/helpers.test.ts new file mode 100644 index 0000000000..3bdc2977fb --- /dev/null +++ b/packages/core/src/modules/connections/__tests__/helpers.test.ts @@ -0,0 +1,103 @@ +import { DidCommV1Service, IndyAgentService, VerificationMethod } from '../../dids' +import { + DidDoc, + Ed25119Sig2018, + EddsaSaSigSecp256k1, + EmbeddedAuthentication, + ReferencedAuthentication, + RsaSig2018, +} from '../models' +import { convertToNewDidDocument } from '../services/helpers' + +const key = new Ed25119Sig2018({ + id: 'did:sov:SKJVx2kn373FNgvff1SbJo#4', + controller: 'did:sov:SKJVx2kn373FNgvff1SbJo', + publicKeyBase58: 'EoGusetSxDJktp493VCyh981nUnzMamTRjvBaHZAy68d', +}) +const didDoc = new DidDoc({ + authentication: [ + new ReferencedAuthentication(key, 'Ed25519SignatureAuthentication2018'), + new EmbeddedAuthentication( + new Ed25119Sig2018({ + id: '#8', + controller: 'did:sov:SKJVx2kn373FNgvff1SbJo', + publicKeyBase58: '5UQ3drtEMMQXaLLmEywbciW92jZaQgRYgfuzXfonV8iz', + }) + ), + ], + id: 'did:sov:LjgpST2rjsoxYegQDRm7EL', + publicKey: [ + key, + new RsaSig2018({ + id: '#3', + controller: 'did:sov:LjgpST2rjsoxYegQDRm7EL', + publicKeyPem: '-----BEGIN PUBLIC X...', + }), + new EddsaSaSigSecp256k1({ + id: '#6', + controller: 'did:sov:LjgpST2rjsoxYegQDRm7EL', + publicKeyHex: '-----BEGIN PUBLIC A...', + }), + ], + service: [ + new IndyAgentService({ + id: 'did:sov:SKJVx2kn373FNgvff1SbJo#service-1', + serviceEndpoint: 'did:sov:SKJVx2kn373FNgvff1SbJo', + recipientKeys: ['EoGusetSxDJktp493VCyh981nUnzMamTRjvBaHZAy68d'], + routingKeys: ['EoGusetSxDJktp493VCyh981nUnzMamTRjvBaHZAy68d'], + priority: 5, + }), + new DidCommV1Service({ + id: '#service-2', + serviceEndpoint: 'https://agent.com', + recipientKeys: ['did:sov:SKJVx2kn373FNgvff1SbJo#4', '#8'], + routingKeys: [ + 'did:key:z6MktFXxTu8tHkoE1Jtqj4ApYEg1c44qmU1p7kq7QZXBtJv1#z6MktFXxTu8tHkoE1Jtqj4ApYEg1c44qmU1p7kq7QZXBtJv1', + ], + priority: 2, + }), + ], +}) + +describe('convertToNewDidDocument', () => { + test('create a new DidDocument and with authentication, publicKey and service from DidDoc', () => { + const oldDocument = didDoc + const newDocument = convertToNewDidDocument(oldDocument) + + expect(newDocument.authentication).toEqual(['#EoGusetS', '#5UQ3drtE']) + + expect(newDocument.verificationMethod).toEqual([ + new VerificationMethod({ + id: '#5UQ3drtE', + type: 'Ed25519VerificationKey2018', + controller: '#id', + publicKeyBase58: '5UQ3drtEMMQXaLLmEywbciW92jZaQgRYgfuzXfonV8iz', + }), + new VerificationMethod({ + id: '#EoGusetS', + type: 'Ed25519VerificationKey2018', + controller: '#id', + publicKeyBase58: 'EoGusetSxDJktp493VCyh981nUnzMamTRjvBaHZAy68d', + }), + ]) + + expect(newDocument.service).toEqual([ + new IndyAgentService({ + id: '#service-1', + serviceEndpoint: 'did:sov:SKJVx2kn373FNgvff1SbJo', + recipientKeys: ['EoGusetSxDJktp493VCyh981nUnzMamTRjvBaHZAy68d'], + routingKeys: ['EoGusetSxDJktp493VCyh981nUnzMamTRjvBaHZAy68d'], + priority: 5, + }), + new DidCommV1Service({ + id: '#service-2', + serviceEndpoint: 'https://agent.com', + recipientKeys: ['#EoGusetS', '#5UQ3drtE'], + routingKeys: [ + 'did:key:z6MktFXxTu8tHkoE1Jtqj4ApYEg1c44qmU1p7kq7QZXBtJv1#z6MktFXxTu8tHkoE1Jtqj4ApYEg1c44qmU1p7kq7QZXBtJv1', + ], + priority: 2, + }), + ]) + }) +}) diff --git a/packages/core/src/modules/connections/errors/DidExchangeProblemReportError.ts b/packages/core/src/modules/connections/errors/DidExchangeProblemReportError.ts new file mode 100644 index 0000000000..17bf72ad9b --- /dev/null +++ b/packages/core/src/modules/connections/errors/DidExchangeProblemReportError.ts @@ -0,0 +1,22 @@ +import type { ProblemReportErrorOptions } from '../../problem-reports' +import type { DidExchangeProblemReportReason } from './DidExchangeProblemReportReason' + +import { ProblemReportError } from '../../problem-reports' +import { DidExchangeProblemReportMessage } from '../messages' + +interface DidExchangeProblemReportErrorOptions extends ProblemReportErrorOptions { + problemCode: DidExchangeProblemReportReason +} +export class DidExchangeProblemReportError extends ProblemReportError { + public problemReport: DidExchangeProblemReportMessage + + public constructor(public message: string, { problemCode }: DidExchangeProblemReportErrorOptions) { + super(message, { problemCode }) + this.problemReport = new DidExchangeProblemReportMessage({ + description: { + en: message, + code: problemCode, + }, + }) + } +} diff --git a/packages/core/src/modules/connections/errors/DidExchangeProblemReportReason.ts b/packages/core/src/modules/connections/errors/DidExchangeProblemReportReason.ts new file mode 100644 index 0000000000..28f31dc6d4 --- /dev/null +++ b/packages/core/src/modules/connections/errors/DidExchangeProblemReportReason.ts @@ -0,0 +1,12 @@ +/** + * Connection error code in RFC 0023. + * + * @see https://github.com/hyperledger/aries-rfcs/blob/main/features/0023-did-exchange/README.md#errors + */ +export const enum DidExchangeProblemReportReason { + RequestNotAccepted = 'request_not_accepted', + RequestProcessingError = 'request_processing_error', + ResponseNotAccepted = 'response_not_accepted', + ResponseProcessingError = 'response_processing_error', + CompleteRejected = 'complete_rejected', +} diff --git a/packages/core/src/modules/connections/errors/index.ts b/packages/core/src/modules/connections/errors/index.ts index 09f2c7a53a..c745a4cdde 100644 --- a/packages/core/src/modules/connections/errors/index.ts +++ b/packages/core/src/modules/connections/errors/index.ts @@ -1,2 +1,4 @@ export * from './ConnectionProblemReportError' export * from './ConnectionProblemReportReason' +export * from './DidExchangeProblemReportError' +export * from './DidExchangeProblemReportReason' diff --git a/packages/core/src/modules/connections/handlers/ConnectionRequestHandler.ts b/packages/core/src/modules/connections/handlers/ConnectionRequestHandler.ts index 60a2ab6213..758ed3323f 100644 --- a/packages/core/src/modules/connections/handlers/ConnectionRequestHandler.ts +++ b/packages/core/src/modules/connections/handlers/ConnectionRequestHandler.ts @@ -1,51 +1,70 @@ import type { AgentConfig } from '../../../agent/AgentConfig' import type { Handler, HandlerInboundMessage } from '../../../agent/Handler' +import type { DidRepository } from '../../dids/repository' +import type { OutOfBandService } from '../../oob/OutOfBandService' import type { MediationRecipientService } from '../../routing/services/MediationRecipientService' -import type { ConnectionService, Routing } from '../services/ConnectionService' +import type { ConnectionService } from '../services/ConnectionService' import { createOutboundMessage } from '../../../agent/helpers' import { AriesFrameworkError } from '../../../error/AriesFrameworkError' import { ConnectionRequestMessage } from '../messages' export class ConnectionRequestHandler implements Handler { - private connectionService: ConnectionService private agentConfig: AgentConfig + private connectionService: ConnectionService + private outOfBandService: OutOfBandService private mediationRecipientService: MediationRecipientService + private didRepository: DidRepository public supportedMessages = [ConnectionRequestMessage] public constructor( - connectionService: ConnectionService, agentConfig: AgentConfig, - mediationRecipientService: MediationRecipientService + connectionService: ConnectionService, + outOfBandService: OutOfBandService, + mediationRecipientService: MediationRecipientService, + didRepository: DidRepository ) { - this.connectionService = connectionService this.agentConfig = agentConfig + this.connectionService = connectionService + this.outOfBandService = outOfBandService this.mediationRecipientService = mediationRecipientService + this.didRepository = didRepository } public async handle(messageContext: HandlerInboundMessage) { - if (!messageContext.recipientVerkey || !messageContext.senderVerkey) { - throw new AriesFrameworkError('Unable to process connection request without senderVerkey or recipientVerkey') + const { connection, recipientKey, senderKey } = messageContext + + if (!recipientKey || !senderKey) { + throw new AriesFrameworkError('Unable to process connection request without senderVerkey or recipientKey') + } + + const outOfBandRecord = await this.outOfBandService.findByRecipientKey(recipientKey) + + if (!outOfBandRecord) { + throw new AriesFrameworkError(`Out-of-band record for recipient key ${recipientKey.fingerprint} was not found.`) } - let connectionRecord = await this.connectionService.findByVerkey(messageContext.recipientVerkey) - if (!connectionRecord) { - throw new AriesFrameworkError(`Connection for verkey ${messageContext.recipientVerkey} not found!`) + if (connection && !outOfBandRecord.reusable) { + throw new AriesFrameworkError( + `Connection record for non-reusable out-of-band ${outOfBandRecord.id} already exists.` + ) } - let routing: Routing | undefined + const didRecord = await this.didRepository.findByRecipientKey(senderKey) + if (didRecord) { + throw new AriesFrameworkError(`Did record for sender key ${senderKey.fingerprint} already exists.`) + } - // routing object is required for multi use invitation, because we're creating a - // new keypair that possibly needs to be registered at a mediator - if (connectionRecord.multiUseInvitation) { + // TODO: Allow rotation of keys used in the invitation for new ones not only when out-of-band is reusable + let routing + if (outOfBandRecord.reusable) { routing = await this.mediationRecipientService.getRouting() } - - connectionRecord = await this.connectionService.processRequest(messageContext, routing) + const connectionRecord = await this.connectionService.processRequest(messageContext, outOfBandRecord, routing) if (connectionRecord?.autoAcceptConnection ?? this.agentConfig.autoAcceptConnections) { - const { message } = await this.connectionService.createResponse(connectionRecord.id) - return createOutboundMessage(connectionRecord, message) + const { message } = await this.connectionService.createResponse(connectionRecord, outOfBandRecord, routing) + return createOutboundMessage(connectionRecord, message, outOfBandRecord) } } } diff --git a/packages/core/src/modules/connections/handlers/ConnectionResponseHandler.ts b/packages/core/src/modules/connections/handlers/ConnectionResponseHandler.ts index c227ba4868..1cf86ae359 100644 --- a/packages/core/src/modules/connections/handlers/ConnectionResponseHandler.ts +++ b/packages/core/src/modules/connections/handlers/ConnectionResponseHandler.ts @@ -1,28 +1,74 @@ import type { AgentConfig } from '../../../agent/AgentConfig' import type { Handler, HandlerInboundMessage } from '../../../agent/Handler' +import type { DidResolverService } from '../../dids' +import type { OutOfBandService } from '../../oob/OutOfBandService' import type { ConnectionService } from '../services/ConnectionService' import { createOutboundMessage } from '../../../agent/helpers' +import { AriesFrameworkError } from '../../../error' import { ConnectionResponseMessage } from '../messages' export class ConnectionResponseHandler implements Handler { - private connectionService: ConnectionService private agentConfig: AgentConfig + private connectionService: ConnectionService + private outOfBandService: OutOfBandService + private didResolverService: DidResolverService + public supportedMessages = [ConnectionResponseMessage] - public constructor(connectionService: ConnectionService, agentConfig: AgentConfig) { - this.connectionService = connectionService + public constructor( + agentConfig: AgentConfig, + connectionService: ConnectionService, + outOfBandService: OutOfBandService, + didResolverService: DidResolverService + ) { this.agentConfig = agentConfig + this.connectionService = connectionService + this.outOfBandService = outOfBandService + this.didResolverService = didResolverService } public async handle(messageContext: HandlerInboundMessage) { - const connection = await this.connectionService.processResponse(messageContext) + const { recipientKey, senderKey, message } = messageContext + + if (!recipientKey || !senderKey) { + throw new AriesFrameworkError('Unable to process connection response without senderKey or recipientKey') + } + + const connectionRecord = await this.connectionService.getByThreadId(message.threadId) + if (!connectionRecord) { + throw new AriesFrameworkError(`Connection for thread ID ${message.threadId} not found!`) + } + + const ourDidDocument = await this.didResolverService.resolveDidDocument(connectionRecord.did) + if (!ourDidDocument) { + throw new AriesFrameworkError(`Did document for did ${connectionRecord.did} was not resolved!`) + } + + // Validate if recipient key is included in recipient keys of the did document resolved by + // connection record did + if (!ourDidDocument.recipientKeys.find((key) => key.fingerprint === recipientKey.fingerprint)) { + throw new AriesFrameworkError( + `Recipient key ${recipientKey.fingerprint} not found in did document recipient keys.` + ) + } + + const outOfBandRecord = + connectionRecord.outOfBandId && (await this.outOfBandService.findById(connectionRecord.outOfBandId)) + + if (!outOfBandRecord) { + throw new AriesFrameworkError(`Out-of-band record ${connectionRecord.outOfBandId} was not found.`) + } + + messageContext.connection = connectionRecord + // The presence of outOfBandRecord is not mandatory when the old connection invitation is used + const connection = await this.connectionService.processResponse(messageContext, outOfBandRecord) // TODO: should we only send ping message in case of autoAcceptConnection or always? // In AATH we have a separate step to send the ping. So for now we'll only do it // if auto accept is enable if (connection.autoAcceptConnection ?? this.agentConfig.autoAcceptConnections) { - const { message } = await this.connectionService.createTrustPing(connection.id, { responseRequested: false }) + const { message } = await this.connectionService.createTrustPing(connection, { responseRequested: false }) return createOutboundMessage(connection, message) } } diff --git a/packages/core/src/modules/connections/handlers/DidExchangeCompleteHandler.ts b/packages/core/src/modules/connections/handlers/DidExchangeCompleteHandler.ts new file mode 100644 index 0000000000..d3f4a6eae6 --- /dev/null +++ b/packages/core/src/modules/connections/handlers/DidExchangeCompleteHandler.ts @@ -0,0 +1,49 @@ +import type { Handler, HandlerInboundMessage } from '../../../agent/Handler' +import type { OutOfBandService } from '../../oob/OutOfBandService' +import type { DidExchangeProtocol } from '../DidExchangeProtocol' + +import { AriesFrameworkError } from '../../../error' +import { OutOfBandState } from '../../oob/domain/OutOfBandState' +import { DidExchangeCompleteMessage } from '../messages' +import { HandshakeProtocol } from '../models' + +export class DidExchangeCompleteHandler implements Handler { + private didExchangeProtocol: DidExchangeProtocol + private outOfBandService: OutOfBandService + public supportedMessages = [DidExchangeCompleteMessage] + + public constructor(didExchangeProtocol: DidExchangeProtocol, outOfBandService: OutOfBandService) { + this.didExchangeProtocol = didExchangeProtocol + this.outOfBandService = outOfBandService + } + + public async handle(messageContext: HandlerInboundMessage) { + const { connection: connectionRecord } = messageContext + + if (!connectionRecord) { + throw new AriesFrameworkError(`Connection is missing in message context`) + } + + const { protocol } = connectionRecord + if (protocol !== HandshakeProtocol.DidExchange) { + throw new AriesFrameworkError( + `Connection record protocol is ${protocol} but handler supports only ${HandshakeProtocol.DidExchange}.` + ) + } + + const { message } = messageContext + if (!message.thread?.parentThreadId) { + throw new AriesFrameworkError(`Message does not contain pthid attribute`) + } + const outOfBandRecord = await this.outOfBandService.findByInvitationId(message.thread?.parentThreadId) + + if (!outOfBandRecord) { + throw new AriesFrameworkError(`OutOfBand record for message ID ${message.thread?.parentThreadId} not found!`) + } + + if (!outOfBandRecord.reusable) { + await this.outOfBandService.updateState(outOfBandRecord, OutOfBandState.Done) + } + await this.didExchangeProtocol.processComplete(messageContext, outOfBandRecord) + } +} diff --git a/packages/core/src/modules/connections/handlers/DidExchangeRequestHandler.ts b/packages/core/src/modules/connections/handlers/DidExchangeRequestHandler.ts new file mode 100644 index 0000000000..9ffa837d70 --- /dev/null +++ b/packages/core/src/modules/connections/handlers/DidExchangeRequestHandler.ts @@ -0,0 +1,84 @@ +import type { AgentConfig } from '../../../agent/AgentConfig' +import type { Handler, HandlerInboundMessage } from '../../../agent/Handler' +import type { DidRepository } from '../../dids/repository' +import type { OutOfBandService } from '../../oob/OutOfBandService' +import type { MediationRecipientService } from '../../routing/services/MediationRecipientService' +import type { DidExchangeProtocol } from '../DidExchangeProtocol' + +import { createOutboundMessage } from '../../../agent/helpers' +import { AriesFrameworkError } from '../../../error/AriesFrameworkError' +import { OutOfBandState } from '../../oob/domain/OutOfBandState' +import { DidExchangeRequestMessage } from '../messages' + +export class DidExchangeRequestHandler implements Handler { + private didExchangeProtocol: DidExchangeProtocol + private outOfBandService: OutOfBandService + private agentConfig: AgentConfig + private mediationRecipientService: MediationRecipientService + private didRepository: DidRepository + public supportedMessages = [DidExchangeRequestMessage] + + public constructor( + agentConfig: AgentConfig, + didExchangeProtocol: DidExchangeProtocol, + outOfBandService: OutOfBandService, + mediationRecipientService: MediationRecipientService, + didRepository: DidRepository + ) { + this.agentConfig = agentConfig + this.didExchangeProtocol = didExchangeProtocol + this.outOfBandService = outOfBandService + this.mediationRecipientService = mediationRecipientService + this.didRepository = didRepository + } + + public async handle(messageContext: HandlerInboundMessage) { + const { recipientKey, senderKey, message, connection } = messageContext + + if (!recipientKey || !senderKey) { + throw new AriesFrameworkError('Unable to process connection request without senderKey or recipientKey') + } + + if (!message.thread?.parentThreadId) { + throw new AriesFrameworkError(`Message does not contain 'pthid' attribute`) + } + const outOfBandRecord = await this.outOfBandService.findByInvitationId(message.thread.parentThreadId) + + if (!outOfBandRecord) { + throw new AriesFrameworkError(`OutOfBand record for message ID ${message.thread?.parentThreadId} not found!`) + } + + if (connection && !outOfBandRecord.reusable) { + throw new AriesFrameworkError( + `Connection record for non-reusable out-of-band ${outOfBandRecord.id} already exists.` + ) + } + + const didRecord = await this.didRepository.findByRecipientKey(senderKey) + if (didRecord) { + throw new AriesFrameworkError(`Did record for sender key ${senderKey.fingerprint} already exists.`) + } + + // TODO Shouldn't we check also if the keys match the keys from oob invitation services? + + if (outOfBandRecord.state === OutOfBandState.Done) { + throw new AriesFrameworkError( + 'Out-of-band record has been already processed and it does not accept any new requests' + ) + } + + // TODO: Allow rotation of keys used in the invitation for new ones not only when out-of-band is reusable + let routing + if (outOfBandRecord.reusable) { + routing = await this.mediationRecipientService.getRouting() + } + + const connectionRecord = await this.didExchangeProtocol.processRequest(messageContext, outOfBandRecord, routing) + + if (connectionRecord?.autoAcceptConnection ?? this.agentConfig.autoAcceptConnections) { + // TODO We should add an option to not pass routing and therefore do not rotate keys and use the keys from the invitation + const message = await this.didExchangeProtocol.createResponse(connectionRecord, outOfBandRecord, routing) + return createOutboundMessage(connectionRecord, message, outOfBandRecord) + } + } +} diff --git a/packages/core/src/modules/connections/handlers/DidExchangeResponseHandler.ts b/packages/core/src/modules/connections/handlers/DidExchangeResponseHandler.ts new file mode 100644 index 0000000000..ff66579e0a --- /dev/null +++ b/packages/core/src/modules/connections/handlers/DidExchangeResponseHandler.ts @@ -0,0 +1,114 @@ +import type { AgentConfig } from '../../../agent/AgentConfig' +import type { Handler, HandlerInboundMessage } from '../../../agent/Handler' +import type { DidResolverService } from '../../dids' +import type { OutOfBandService } from '../../oob/OutOfBandService' +import type { DidExchangeProtocol } from '../DidExchangeProtocol' +import type { ConnectionService } from '../services' + +import { createOutboundMessage } from '../../../agent/helpers' +import { AriesFrameworkError } from '../../../error' +import { OutOfBandState } from '../../oob/domain/OutOfBandState' +import { DidExchangeResponseMessage } from '../messages' +import { HandshakeProtocol } from '../models' + +export class DidExchangeResponseHandler implements Handler { + private agentConfig: AgentConfig + private didExchangeProtocol: DidExchangeProtocol + private outOfBandService: OutOfBandService + private connectionService: ConnectionService + private didResolverService: DidResolverService + public supportedMessages = [DidExchangeResponseMessage] + + public constructor( + agentConfig: AgentConfig, + didExchangeProtocol: DidExchangeProtocol, + outOfBandService: OutOfBandService, + connectionService: ConnectionService, + didResolverService: DidResolverService + ) { + this.agentConfig = agentConfig + this.didExchangeProtocol = didExchangeProtocol + this.outOfBandService = outOfBandService + this.connectionService = connectionService + this.didResolverService = didResolverService + } + + public async handle(messageContext: HandlerInboundMessage) { + const { recipientKey, senderKey, message } = messageContext + + if (!recipientKey || !senderKey) { + throw new AriesFrameworkError('Unable to process connection response without sender key or recipient key') + } + + const connectionRecord = await this.connectionService.getByThreadId(message.threadId) + if (!connectionRecord) { + throw new AriesFrameworkError(`Connection for thread ID ${message.threadId} not found!`) + } + + const ourDidDocument = await this.resolveDidDocument(connectionRecord.did) + if (!ourDidDocument) { + throw new AriesFrameworkError(`Did document for did ${connectionRecord.did} was not resolved!`) + } + + // Validate if recipient key is included in recipient keys of the did document resolved by + // connection record did + if (!ourDidDocument.recipientKeys.find((key) => key.fingerprint === recipientKey.fingerprint)) { + throw new AriesFrameworkError( + `Recipient key ${recipientKey.fingerprint} not found in did document recipient keys.` + ) + } + + const { protocol } = connectionRecord + if (protocol !== HandshakeProtocol.DidExchange) { + throw new AriesFrameworkError( + `Connection record protocol is ${protocol} but handler supports only ${HandshakeProtocol.DidExchange}.` + ) + } + + if (!connectionRecord.outOfBandId) { + throw new AriesFrameworkError(`Connection ${connectionRecord.id} does not have outOfBandId!`) + } + + const outOfBandRecord = await this.outOfBandService.findById(connectionRecord.outOfBandId) + + if (!outOfBandRecord) { + throw new AriesFrameworkError( + `OutOfBand record for connection ${connectionRecord.id} with outOfBandId ${connectionRecord.outOfBandId} not found!` + ) + } + + // TODO + // + // A connection request message is the only case when I can use the connection record found + // only based on recipient key without checking that `theirKey` is equal to sender key. + // + // The question is if we should do it here in this way or rather somewhere else to keep + // responsibility of all handlers aligned. + // + messageContext.connection = connectionRecord + const connection = await this.didExchangeProtocol.processResponse(messageContext, outOfBandRecord) + + // TODO: should we only send complete message in case of autoAcceptConnection or always? + // In AATH we have a separate step to send the complete. So for now we'll only do it + // if auto accept is enable + if (connection.autoAcceptConnection ?? this.agentConfig.autoAcceptConnections) { + const message = await this.didExchangeProtocol.createComplete(connection, outOfBandRecord) + if (!outOfBandRecord.reusable) { + await this.outOfBandService.updateState(outOfBandRecord, OutOfBandState.Done) + } + return createOutboundMessage(connection, message) + } + } + + private async resolveDidDocument(did: string) { + const { + didDocument, + didResolutionMetadata: { error, message }, + } = await this.didResolverService.resolve(did) + + if (!didDocument) { + throw new AriesFrameworkError(`Unable to resolve did document for did '${did}': ${error} ${message}`) + } + return didDocument + } +} diff --git a/packages/core/src/modules/connections/handlers/TrustPingMessageHandler.ts b/packages/core/src/modules/connections/handlers/TrustPingMessageHandler.ts index 4b5c807016..6a37fee4b6 100644 --- a/packages/core/src/modules/connections/handlers/TrustPingMessageHandler.ts +++ b/packages/core/src/modules/connections/handlers/TrustPingMessageHandler.ts @@ -4,7 +4,7 @@ import type { TrustPingService } from '../services/TrustPingService' import { AriesFrameworkError } from '../../../error' import { TrustPingMessage } from '../messages' -import { ConnectionState } from '../models' +import { DidExchangeState } from '../models' export class TrustPingMessageHandler implements Handler { private trustPingService: TrustPingService @@ -17,15 +17,15 @@ export class TrustPingMessageHandler implements Handler { } public async handle(messageContext: HandlerInboundMessage) { - const { connection, recipientVerkey } = messageContext + const { connection, recipientKey } = messageContext if (!connection) { - throw new AriesFrameworkError(`Connection for verkey ${recipientVerkey} not found!`) + throw new AriesFrameworkError(`Connection for verkey ${recipientKey?.fingerprint} not found!`) } // TODO: This is better addressed in a middleware of some kind because // any message can transition the state to complete, not just an ack or trust ping - if (connection.state === ConnectionState.Responded) { - await this.connectionService.updateState(connection, ConnectionState.Complete) + if (connection.state === DidExchangeState.ResponseSent) { + await this.connectionService.updateState(connection, DidExchangeState.Completed) } return this.trustPingService.processPing(messageContext, connection) diff --git a/packages/core/src/modules/connections/handlers/index.ts b/packages/core/src/modules/connections/handlers/index.ts index 4fa2965953..09226eaf34 100644 --- a/packages/core/src/modules/connections/handlers/index.ts +++ b/packages/core/src/modules/connections/handlers/index.ts @@ -3,3 +3,6 @@ export * from './ConnectionRequestHandler' export * from './ConnectionResponseHandler' export * from './TrustPingMessageHandler' export * from './TrustPingResponseMessageHandler' +export * from './DidExchangeRequestHandler' +export * from './DidExchangeResponseHandler' +export * from './DidExchangeCompleteHandler' diff --git a/packages/core/src/modules/connections/messages/DidExchangeCompleteMessage.ts b/packages/core/src/modules/connections/messages/DidExchangeCompleteMessage.ts new file mode 100644 index 0000000000..5a8a319c68 --- /dev/null +++ b/packages/core/src/modules/connections/messages/DidExchangeCompleteMessage.ts @@ -0,0 +1,31 @@ +import { Equals } from 'class-validator' + +import { AgentMessage } from '../../../agent/AgentMessage' + +export interface DidExchangeCompleteMessageOptions { + id?: string + threadId: string + parentThreadId: string +} + +/** + * @see https://github.com/hyperledger/aries-rfcs/blob/main/features/0023-did-exchange/README.md#3-exchange-complete + */ +export class DidExchangeCompleteMessage extends AgentMessage { + public constructor(options: DidExchangeCompleteMessageOptions) { + super() + + if (options) { + this.id = options.id ?? this.generateId() + + this.setThread({ + threadId: options.threadId, + parentThreadId: options.parentThreadId, + }) + } + } + + @Equals(DidExchangeCompleteMessage.type) + public readonly type = DidExchangeCompleteMessage.type + public static readonly type = 'https://didcomm.org/didexchange/1.0/complete' +} diff --git a/packages/core/src/modules/connections/messages/DidExchangeProblemReportMessage.ts b/packages/core/src/modules/connections/messages/DidExchangeProblemReportMessage.ts new file mode 100644 index 0000000000..35ab3c9863 --- /dev/null +++ b/packages/core/src/modules/connections/messages/DidExchangeProblemReportMessage.ts @@ -0,0 +1,20 @@ +import type { ProblemReportMessageOptions } from '../../problem-reports/messages/ProblemReportMessage' + +import { Equals } from 'class-validator' + +import { ProblemReportMessage } from '../../problem-reports/messages/ProblemReportMessage' + +export type DidExchangeProblemReportMessageOptions = ProblemReportMessageOptions + +/** + * @see https://github.com/hyperledger/aries-rfcs/blob/main/features/0035-report-problem/README.md + */ +export class DidExchangeProblemReportMessage extends ProblemReportMessage { + public constructor(options: DidExchangeProblemReportMessageOptions) { + super(options) + } + + @Equals(DidExchangeProblemReportMessage.type) + public readonly type = DidExchangeProblemReportMessage.type + public static readonly type = 'https://didcomm.org/didexchange/1.0/problem-report' +} diff --git a/packages/core/src/modules/connections/messages/DidExchangeRequestMessage.ts b/packages/core/src/modules/connections/messages/DidExchangeRequestMessage.ts new file mode 100644 index 0000000000..1dad8a259e --- /dev/null +++ b/packages/core/src/modules/connections/messages/DidExchangeRequestMessage.ts @@ -0,0 +1,65 @@ +import { Expose, Type } from 'class-transformer' +import { Equals, IsOptional, IsString, ValidateNested } from 'class-validator' + +import { AgentMessage } from '../../../agent/AgentMessage' +import { Attachment } from '../../../decorators/attachment/Attachment' + +export interface DidExchangeRequestMessageOptions { + id?: string + parentThreadId: string + label: string + goalCode?: string + goal?: string + did: string +} + +/** + * Message to communicate the DID document to the other agent when creating a connection + * + * @see https://github.com/hyperledger/aries-rfcs/blob/main/features/0023-did-exchange/README.md#1-exchange-request + */ +export class DidExchangeRequestMessage extends AgentMessage { + /** + * Create new DidExchangeRequestMessage instance. + * @param options + */ + public constructor(options: DidExchangeRequestMessageOptions) { + super() + + if (options) { + this.id = options.id || this.generateId() + this.label = options.label + this.goalCode = options.goalCode + this.goal = options.goal + this.did = options.did + + this.setThread({ + threadId: this.id, + parentThreadId: options.parentThreadId, + }) + } + } + + @Equals(DidExchangeRequestMessage.type) + public readonly type = DidExchangeRequestMessage.type + public static readonly type = 'https://didcomm.org/didexchange/1.0/request' + + @IsString() + public readonly label?: string + + @Expose({ name: 'goal_code' }) + @IsOptional() + public readonly goalCode?: string + + @IsString() + @IsOptional() + public readonly goal?: string + + @IsString() + public readonly did!: string + + @Expose({ name: 'did_doc~attach' }) + @Type(() => Attachment) + @ValidateNested() + public didDoc?: Attachment +} diff --git a/packages/core/src/modules/connections/messages/DidExchangeResponseMessage.ts b/packages/core/src/modules/connections/messages/DidExchangeResponseMessage.ts new file mode 100644 index 0000000000..06cd47f679 --- /dev/null +++ b/packages/core/src/modules/connections/messages/DidExchangeResponseMessage.ts @@ -0,0 +1,47 @@ +import { Type, Expose } from 'class-transformer' +import { Equals, IsString, ValidateNested } from 'class-validator' + +import { AgentMessage } from '../../../agent/AgentMessage' +import { Attachment } from '../../../decorators/attachment/Attachment' + +export interface DidExchangeResponseMessageOptions { + id?: string + threadId: string + did: string +} + +/** + * Message part of connection protocol used to complete the connection + * + * @see https://github.com/hyperledger/aries-rfcs/blob/main/features/0023-did-exchange/README.md#2-exchange-response + */ +export class DidExchangeResponseMessage extends AgentMessage { + /** + * Create new DidExchangeResponseMessage instance. + * @param options + */ + public constructor(options: DidExchangeResponseMessageOptions) { + super() + + if (options) { + this.id = options.id || this.generateId() + this.did = options.did + + this.setThread({ + threadId: options.threadId, + }) + } + } + + @Equals(DidExchangeResponseMessage.type) + public readonly type = DidExchangeResponseMessage.type + public static readonly type = 'https://didcomm.org/didexchange/1.0/response' + + @IsString() + public readonly did!: string + + @Expose({ name: 'did_doc~attach' }) + @Type(() => Attachment) + @ValidateNested() + public didDoc?: Attachment +} diff --git a/packages/core/src/modules/connections/messages/index.ts b/packages/core/src/modules/connections/messages/index.ts index 2c3e27b80d..7507e5ed56 100644 --- a/packages/core/src/modules/connections/messages/index.ts +++ b/packages/core/src/modules/connections/messages/index.ts @@ -4,3 +4,7 @@ export * from './ConnectionResponseMessage' export * from './TrustPingMessage' export * from './TrustPingResponseMessage' export * from './ConnectionProblemReportMessage' +export * from './DidExchangeRequestMessage' +export * from './DidExchangeResponseMessage' +export * from './DidExchangeCompleteMessage' +export * from './DidExchangeProblemReportMessage' diff --git a/packages/core/src/modules/connections/models/ConnectionState.ts b/packages/core/src/modules/connections/models/ConnectionState.ts index 15071c2623..44025e3a89 100644 --- a/packages/core/src/modules/connections/models/ConnectionState.ts +++ b/packages/core/src/modules/connections/models/ConnectionState.ts @@ -1,13 +1,30 @@ +import { DidExchangeState } from './DidExchangeState' + /** * Connection states as defined in RFC 0160. * - * State 'null' from RFC is changed to 'init' - * * @see https://github.com/hyperledger/aries-rfcs/blob/master/features/0160-connection-protocol/README.md#states */ export enum ConnectionState { + Null = 'null', Invited = 'invited', Requested = 'requested', Responded = 'responded', Complete = 'complete', } + +export function rfc0160StateFromDidExchangeState(didExchangeState: DidExchangeState) { + const stateMapping = { + [DidExchangeState.Start]: ConnectionState.Null, + [DidExchangeState.Abandoned]: ConnectionState.Null, + [DidExchangeState.InvitationReceived]: ConnectionState.Invited, + [DidExchangeState.InvitationSent]: ConnectionState.Invited, + [DidExchangeState.RequestReceived]: ConnectionState.Requested, + [DidExchangeState.RequestSent]: ConnectionState.Requested, + [DidExchangeState.ResponseReceived]: ConnectionState.Responded, + [DidExchangeState.ResponseSent]: ConnectionState.Responded, + [DidExchangeState.Completed]: DidExchangeState.Completed, + } + + return stateMapping[didExchangeState] +} diff --git a/packages/core/src/modules/connections/models/DidExchangeRole.ts b/packages/core/src/modules/connections/models/DidExchangeRole.ts new file mode 100644 index 0000000000..9027757e96 --- /dev/null +++ b/packages/core/src/modules/connections/models/DidExchangeRole.ts @@ -0,0 +1,4 @@ +export const enum DidExchangeRole { + Requester = 'requester', + Responder = 'responder', +} diff --git a/packages/core/src/modules/connections/models/DidExchangeState.ts b/packages/core/src/modules/connections/models/DidExchangeState.ts new file mode 100644 index 0000000000..23decb1598 --- /dev/null +++ b/packages/core/src/modules/connections/models/DidExchangeState.ts @@ -0,0 +1,16 @@ +/** + * Connection states as defined in RFC 0023. + * + * @see https://github.com/hyperledger/aries-rfcs/blob/main/features/0023-did-exchange/README.md#state-machine-tables + */ +export const enum DidExchangeState { + Start = 'start', + InvitationSent = 'invitation-sent', + InvitationReceived = 'invitation-received', + RequestSent = 'request-sent', + RequestReceived = 'request-received', + ResponseSent = 'response-sent', + ResponseReceived = 'response-received', + Abandoned = 'abandoned', + Completed = 'completed', +} diff --git a/packages/core/src/modules/connections/models/HandshakeProtocol.ts b/packages/core/src/modules/connections/models/HandshakeProtocol.ts new file mode 100644 index 0000000000..bee2008144 --- /dev/null +++ b/packages/core/src/modules/connections/models/HandshakeProtocol.ts @@ -0,0 +1,4 @@ +export const enum HandshakeProtocol { + Connections = 'https://didcomm.org/connections/1.0', + DidExchange = 'https://didcomm.org/didexchange/1.0', +} diff --git a/packages/core/src/modules/connections/models/__tests__/ConnectionState.test.ts b/packages/core/src/modules/connections/models/__tests__/ConnectionState.test.ts new file mode 100644 index 0000000000..86860d8fff --- /dev/null +++ b/packages/core/src/modules/connections/models/__tests__/ConnectionState.test.ts @@ -0,0 +1,30 @@ +import { ConnectionState, rfc0160StateFromDidExchangeState } from '../ConnectionState' +import { DidExchangeState } from '../DidExchangeState' + +describe('ConnectionState', () => { + test('state matches Connection 1.0 (RFC 0160) state value', () => { + expect(ConnectionState.Null).toBe('null') + expect(ConnectionState.Invited).toBe('invited') + expect(ConnectionState.Requested).toBe('requested') + expect(ConnectionState.Responded).toBe('responded') + expect(ConnectionState.Complete).toBe('complete') + }) + + describe('rfc0160StateFromDidExchangeState', () => { + it('should return the connection state for all did exchanges states', () => { + expect(rfc0160StateFromDidExchangeState(DidExchangeState.Abandoned)).toEqual(ConnectionState.Null) + expect(rfc0160StateFromDidExchangeState(DidExchangeState.Start)).toEqual(ConnectionState.Null) + + expect(rfc0160StateFromDidExchangeState(DidExchangeState.InvitationReceived)).toEqual(ConnectionState.Invited) + expect(rfc0160StateFromDidExchangeState(DidExchangeState.InvitationSent)).toEqual(ConnectionState.Invited) + + expect(rfc0160StateFromDidExchangeState(DidExchangeState.RequestReceived)).toEqual(ConnectionState.Requested) + expect(rfc0160StateFromDidExchangeState(DidExchangeState.RequestSent)).toEqual(ConnectionState.Requested) + + expect(rfc0160StateFromDidExchangeState(DidExchangeState.ResponseReceived)).toEqual(ConnectionState.Responded) + expect(rfc0160StateFromDidExchangeState(DidExchangeState.ResponseReceived)).toEqual(ConnectionState.Responded) + + expect(rfc0160StateFromDidExchangeState(DidExchangeState.Completed)).toEqual(DidExchangeState.Completed) + }) + }) +}) diff --git a/packages/core/src/modules/connections/models/did/DidDoc.ts b/packages/core/src/modules/connections/models/did/DidDoc.ts index 22c7db1299..896d314221 100644 --- a/packages/core/src/modules/connections/models/did/DidDoc.ts +++ b/packages/core/src/modules/connections/models/did/DidDoc.ts @@ -5,7 +5,7 @@ import type { PublicKey } from './publicKey' import { Expose } from 'class-transformer' import { Equals, IsArray, IsString, ValidateNested } from 'class-validator' -import { ServiceTransformer, DidCommService, IndyAgentService } from '../../../dids/domain/service' +import { ServiceTransformer, DidCommV1Service, IndyAgentService } from '../../../dids/domain/service' import { AuthenticationTransformer } from './authentication' import { PublicKeyTransformer } from './publicKey' @@ -77,10 +77,10 @@ export class DidDoc { * Get all DIDComm services ordered by priority descending. This means the highest * priority will be the first entry. */ - public get didCommServices(): Array { - const didCommServiceTypes = [IndyAgentService.type, DidCommService.type] + public get didCommServices(): Array { + const didCommServiceTypes = [IndyAgentService.type, DidCommV1Service.type] const services = this.service.filter((service) => didCommServiceTypes.includes(service.type)) as Array< - IndyAgentService | DidCommService + IndyAgentService | DidCommV1Service > // Sort services based on indicated priority diff --git a/packages/core/src/modules/connections/models/did/__tests__/DidDoc.test.ts b/packages/core/src/modules/connections/models/did/__tests__/DidDoc.test.ts index 0bc087d4a6..17023d6060 100644 --- a/packages/core/src/modules/connections/models/did/__tests__/DidDoc.test.ts +++ b/packages/core/src/modules/connections/models/did/__tests__/DidDoc.test.ts @@ -1,6 +1,6 @@ import { instanceToPlain, plainToInstance } from 'class-transformer' -import { DidCommService, DidDocumentService, IndyAgentService } from '../../../../dids' +import { DidCommV1Service, DidDocumentService, IndyAgentService } from '../../../../dids' import { DidDoc } from '../DidDoc' import { ReferencedAuthentication, EmbeddedAuthentication } from '../authentication' import { Ed25119Sig2018, EddsaSaSigSecp256k1, RsaSig2018 } from '../publicKey' @@ -56,7 +56,7 @@ const didDoc = new DidDoc({ routingKeys: ['Q4zqM7aXqm7gDQkUVLng9h'], priority: 5, }), - new DidCommService({ + new DidCommV1Service({ id: '7', serviceEndpoint: 'https://agent.com/did-comm', recipientKeys: ['DADEajsDSaksLng9h'], @@ -89,7 +89,7 @@ describe('Did | DidDoc', () => { // Check Service expect(didDoc.service[0]).toBeInstanceOf(DidDocumentService) expect(didDoc.service[1]).toBeInstanceOf(IndyAgentService) - expect(didDoc.service[2]).toBeInstanceOf(DidCommService) + expect(didDoc.service[2]).toBeInstanceOf(DidCommV1Service) // Check Authentication expect(didDoc.authentication[0]).toBeInstanceOf(ReferencedAuthentication) diff --git a/packages/core/src/modules/connections/models/did/__tests__/diddoc.json b/packages/core/src/modules/connections/models/did/__tests__/diddoc.json index f0fd73f355..595fe73307 100644 --- a/packages/core/src/modules/connections/models/did/__tests__/diddoc.json +++ b/packages/core/src/modules/connections/models/did/__tests__/diddoc.json @@ -3,7 +3,7 @@ "id": "did:sov:LjgpST2rjsoxYegQDRm7EL", "publicKey": [ { - "id": "3", + "id": "#3", "type": "RsaVerificationKey2018", "controller": "did:sov:LjgpST2rjsoxYegQDRm7EL", "publicKeyPem": "-----BEGIN PUBLIC X..." @@ -15,7 +15,7 @@ "publicKeyBase58": "-----BEGIN PUBLIC 9..." }, { - "id": "6", + "id": "#6", "type": "Secp256k1VerificationKey2018", "controller": "did:sov:LjgpST2rjsoxYegQDRm7EL", "publicKeyHex": "-----BEGIN PUBLIC A..." @@ -28,7 +28,7 @@ "serviceEndpoint": "did:sov:Q4zqM7aXqm7gDQkUVLng9h" }, { - "id": "6", + "id": "#6", "type": "IndyAgent", "serviceEndpoint": "did:sov:Q4zqM7aXqm7gDQkUVLng9h", "recipientKeys": ["Q4zqM7aXqm7gDQkUVLng9h"], @@ -36,7 +36,7 @@ "priority": 5 }, { - "id": "7", + "id": "#7", "type": "did-communication", "serviceEndpoint": "https://agent.com/did-comm", "recipientKeys": ["DADEajsDSaksLng9h"], @@ -47,10 +47,10 @@ "authentication": [ { "type": "RsaSignatureAuthentication2018", - "publicKey": "3" + "publicKey": "#3" }, { - "id": "6", + "id": "#6", "type": "RsaVerificationKey2018", "controller": "did:sov:LjgpST2rjsoxYegQDRm7EL", "publicKeyPem": "-----BEGIN PUBLIC A..." diff --git a/packages/core/src/modules/connections/models/did/publicKey/PublicKey.ts b/packages/core/src/modules/connections/models/did/publicKey/PublicKey.ts index 70e55441e7..43ecfcc05f 100644 --- a/packages/core/src/modules/connections/models/did/publicKey/PublicKey.ts +++ b/packages/core/src/modules/connections/models/did/publicKey/PublicKey.ts @@ -1,4 +1,4 @@ -import { IsString } from 'class-validator' +import { IsOptional, IsString } from 'class-validator' export class PublicKey { public constructor(options: { id: string; controller: string; type: string; value?: string }) { @@ -18,5 +18,8 @@ export class PublicKey { @IsString() public type!: string + + @IsString() + @IsOptional() public value?: string } diff --git a/packages/core/src/modules/connections/models/index.ts b/packages/core/src/modules/connections/models/index.ts index 22c3a78f74..0c8dd1b360 100644 --- a/packages/core/src/modules/connections/models/index.ts +++ b/packages/core/src/modules/connections/models/index.ts @@ -1,4 +1,7 @@ export * from './Connection' export * from './ConnectionRole' export * from './ConnectionState' +export * from './DidExchangeState' +export * from './DidExchangeRole' +export * from './HandshakeProtocol' export * from './did' diff --git a/packages/core/src/modules/connections/repository/ConnectionRecord.ts b/packages/core/src/modules/connections/repository/ConnectionRecord.ts index 1f79123db6..7e9157b438 100644 --- a/packages/core/src/modules/connections/repository/ConnectionRecord.ts +++ b/packages/core/src/modules/connections/repository/ConnectionRecord.ts @@ -1,69 +1,55 @@ import type { TagsBase } from '../../../storage/BaseRecord' -import type { ConnectionRole } from '../models/ConnectionRole' - -import { Type } from 'class-transformer' +import type { HandshakeProtocol } from '../models' import { AriesFrameworkError } from '../../../error' import { BaseRecord } from '../../../storage/BaseRecord' import { uuid } from '../../../utils/uuid' -import { ConnectionInvitationMessage } from '../messages/ConnectionInvitationMessage' -import { ConnectionState } from '../models/ConnectionState' -import { DidDoc } from '../models/did/DidDoc' +import { rfc0160StateFromDidExchangeState, DidExchangeRole, DidExchangeState } from '../models' export interface ConnectionRecordProps { id?: string createdAt?: Date did: string - didDoc: DidDoc - verkey: string theirDid?: string - theirDidDoc?: DidDoc theirLabel?: string - invitation?: ConnectionInvitationMessage - state: ConnectionState - role: ConnectionRole + state: DidExchangeState + role: DidExchangeRole alias?: string autoAcceptConnection?: boolean threadId?: string tags?: CustomConnectionTags imageUrl?: string - multiUseInvitation: boolean + multiUseInvitation?: boolean mediatorId?: string errorMessage?: string + protocol?: HandshakeProtocol + outOfBandId?: string + invitationDid?: string } export type CustomConnectionTags = TagsBase export type DefaultConnectionTags = { - state: ConnectionState - role: ConnectionRole - invitationKey?: string + state: DidExchangeState + role: DidExchangeRole threadId?: string - verkey?: string - theirKey?: string mediatorId?: string did: string theirDid?: string + outOfBandId?: string } export class ConnectionRecord extends BaseRecord implements ConnectionRecordProps { - public state!: ConnectionState - public role!: ConnectionRole + public state!: DidExchangeState + public role!: DidExchangeRole - @Type(() => DidDoc) - public didDoc!: DidDoc public did!: string - public verkey!: string - @Type(() => DidDoc) - public theirDidDoc?: DidDoc public theirDid?: string public theirLabel?: string - @Type(() => ConnectionInvitationMessage) - public invitation?: ConnectionInvitationMessage public alias?: string public autoAcceptConnection?: boolean public imageUrl?: string @@ -72,6 +58,9 @@ export class ConnectionRecord public threadId?: string public mediatorId?: string public errorMessage?: string + public protocol?: HandshakeProtocol + public outOfBandId?: string + public invitationDid?: string public static readonly type = 'ConnectionRecord' public readonly type = ConnectionRecord.type @@ -83,75 +72,59 @@ export class ConnectionRecord this.id = props.id ?? uuid() this.createdAt = props.createdAt ?? new Date() this.did = props.did - this.didDoc = props.didDoc - this.verkey = props.verkey + this.invitationDid = props.invitationDid this.theirDid = props.theirDid - this.theirDidDoc = props.theirDidDoc this.theirLabel = props.theirLabel this.state = props.state this.role = props.role this.alias = props.alias this.autoAcceptConnection = props.autoAcceptConnection this._tags = props.tags ?? {} - this.invitation = props.invitation this.threadId = props.threadId this.imageUrl = props.imageUrl - this.multiUseInvitation = props.multiUseInvitation + this.multiUseInvitation = props.multiUseInvitation || false this.mediatorId = props.mediatorId this.errorMessage = props.errorMessage + this.protocol = props.protocol + this.outOfBandId = props.outOfBandId } } public getTags() { - const invitationKey = (this.invitation?.recipientKeys && this.invitation.recipientKeys[0]) || undefined - return { ...this._tags, state: this.state, role: this.role, - invitationKey, threadId: this.threadId, - verkey: this.verkey, - theirKey: this.theirKey || undefined, mediatorId: this.mediatorId, did: this.did, theirDid: this.theirDid, + outOfBandId: this.outOfBandId, + invitationDid: this.invitationDid, } } - public get myKey() { - const [service] = this.didDoc?.didCommServices ?? [] - - if (!service) { - return null - } - - return service.recipientKeys[0] + public get isRequester() { + return this.role === DidExchangeRole.Requester } - public get theirKey() { - const [service] = this.theirDidDoc?.didCommServices ?? [] - - if (!service) { - return null - } - - return service.recipientKeys[0] + public get rfc0160State() { + return rfc0160StateFromDidExchangeState(this.state) } public get isReady() { - return [ConnectionState.Responded, ConnectionState.Complete].includes(this.state) + return this.state && [DidExchangeState.Completed, DidExchangeState.ResponseSent].includes(this.state) } public assertReady() { if (!this.isReady) { throw new AriesFrameworkError( - `Connection record is not ready to be used. Expected ${ConnectionState.Responded} or ${ConnectionState.Complete}, found invalid state ${this.state}` + `Connection record is not ready to be used. Expected ${DidExchangeState.ResponseSent}, ${DidExchangeState.ResponseReceived} or ${DidExchangeState.Completed}, found invalid state ${this.state}` ) } } - public assertState(expectedStates: ConnectionState | ConnectionState[]) { + public assertState(expectedStates: DidExchangeState | DidExchangeState[]) { if (!Array.isArray(expectedStates)) { expectedStates = [expectedStates] } @@ -163,7 +136,7 @@ export class ConnectionRecord } } - public assertRole(expectedRole: ConnectionRole) { + public assertRole(expectedRole: DidExchangeRole) { if (this.role !== expectedRole) { throw new AriesFrameworkError(`Connection record has invalid role ${this.role}. Expected role ${expectedRole}.`) } diff --git a/packages/core/src/modules/connections/repository/ConnectionRepository.ts b/packages/core/src/modules/connections/repository/ConnectionRepository.ts index 051d891db2..6f0470d739 100644 --- a/packages/core/src/modules/connections/repository/ConnectionRepository.ts +++ b/packages/core/src/modules/connections/repository/ConnectionRepository.ts @@ -19,24 +19,6 @@ export class ConnectionRepository extends Repository { }) } - public findByVerkey(verkey: string): Promise { - return this.findSingleByQuery({ - verkey, - }) - } - - public findByTheirKey(verkey: string): Promise { - return this.findSingleByQuery({ - theirKey: verkey, - }) - } - - public findByInvitationKey(key: string): Promise { - return this.findSingleByQuery({ - invitationKey: key, - }) - } - public getByThreadId(threadId: string): Promise { return this.getSingleByQuery({ threadId }) } diff --git a/packages/core/src/modules/connections/services/ConnectionService.ts b/packages/core/src/modules/connections/services/ConnectionService.ts index 7492ee7215..df0f52ed48 100644 --- a/packages/core/src/modules/connections/services/ConnectionService.ts +++ b/packages/core/src/modules/connections/services/ConnectionService.ts @@ -2,6 +2,9 @@ import type { AgentMessage } from '../../../agent/AgentMessage' import type { InboundMessageContext } from '../../../agent/models/InboundMessageContext' import type { Logger } from '../../../logger' import type { AckMessage } from '../../common' +import type { DidDocument } from '../../dids' +import type { OutOfBandDidCommService } from '../../oob/domain/OutOfBandDidCommService' +import type { OutOfBandRecord } from '../../oob/repository' import type { ConnectionStateChangedEvent } from '../ConnectionEvents' import type { ConnectionProblemReportMessage } from '../messages' import type { CustomConnectionTags } from '../repository/ConnectionRecord' @@ -18,32 +21,44 @@ import { AriesFrameworkError } from '../../../error' import { JsonTransformer } from '../../../utils/JsonTransformer' import { MessageValidator } from '../../../utils/MessageValidator' import { Wallet } from '../../../wallet/Wallet' -import { IndyAgentService } from '../../dids/domain/service' +import { Key, IndyAgentService } from '../../dids' +import { DidDocumentRole } from '../../dids/domain/DidDocumentRole' +import { didKeyToVerkey } from '../../dids/helpers' +import { didDocumentJsonToNumAlgo1Did } from '../../dids/methods/peer/peerDidNumAlgo1' +import { DidRepository, DidRecord } from '../../dids/repository' +import { OutOfBandRole } from '../../oob/domain/OutOfBandRole' +import { OutOfBandState } from '../../oob/domain/OutOfBandState' import { ConnectionEventTypes } from '../ConnectionEvents' import { ConnectionProblemReportError, ConnectionProblemReportReason } from '../errors' +import { ConnectionRequestMessage, ConnectionResponseMessage, TrustPingMessage } from '../messages' import { - ConnectionInvitationMessage, - ConnectionRequestMessage, - ConnectionResponseMessage, - TrustPingMessage, -} from '../messages' -import { + DidExchangeRole, + DidExchangeState, Connection, - ConnectionState, - ConnectionRole, DidDoc, Ed25119Sig2018, - authenticationTypes, - ReferencedAuthentication, + EmbeddedAuthentication, + HandshakeProtocol, } from '../models' import { ConnectionRecord } from '../repository/ConnectionRecord' import { ConnectionRepository } from '../repository/ConnectionRepository' +import { convertToNewDidDocument } from './helpers' + +export interface ConnectionRequestParams { + label?: string + imageUrl?: string + alias?: string + routing: Routing + autoAcceptConnection?: boolean +} + @scoped(Lifecycle.ContainerScoped) export class ConnectionService { private wallet: Wallet private config: AgentConfig private connectionRepository: ConnectionRepository + private didRepository: DidRepository private eventEmitter: EventEmitter private logger: Logger @@ -51,253 +66,204 @@ export class ConnectionService { @inject(InjectionSymbols.Wallet) wallet: Wallet, config: AgentConfig, connectionRepository: ConnectionRepository, + didRepository: DidRepository, eventEmitter: EventEmitter ) { this.wallet = wallet this.config = config this.connectionRepository = connectionRepository + this.didRepository = didRepository this.eventEmitter = eventEmitter this.logger = config.logger } /** - * Create a new connection record containing a connection invitation message + * Create a connection request message for a given out-of-band. * - * @param config config for creation of connection and invitation - * @returns new connection record + * @param outOfBandRecord out-of-band record for which to create a connection request + * @param config config for creation of connection request + * @returns outbound message containing connection request */ - public async createInvitation(config: { - routing: Routing - autoAcceptConnection?: boolean - alias?: string - multiUseInvitation?: boolean - myLabel?: string - myImageUrl?: string - }): Promise> { - // TODO: public did - const connectionRecord = await this.createConnection({ - role: ConnectionRole.Inviter, - state: ConnectionState.Invited, - alias: config?.alias, - routing: config.routing, - autoAcceptConnection: config?.autoAcceptConnection, - multiUseInvitation: config.multiUseInvitation ?? false, - }) - const { didDoc } = connectionRecord - const [service] = didDoc.didCommServices - const invitation = new ConnectionInvitationMessage({ - label: config?.myLabel ?? this.config.label, - recipientKeys: service.recipientKeys, - serviceEndpoint: service.serviceEndpoint, - routingKeys: service.routingKeys, - imageUrl: config?.myImageUrl ?? this.config.connectionImageUrl, - }) + public async createRequest( + outOfBandRecord: OutOfBandRecord, + config: ConnectionRequestParams + ): Promise> { + this.logger.debug(`Create message ${ConnectionRequestMessage.type} start`, outOfBandRecord) + outOfBandRecord.assertRole(OutOfBandRole.Receiver) + outOfBandRecord.assertState(OutOfBandState.PrepareResponse) - connectionRecord.invitation = invitation + // TODO check there is no connection record for particular oob record - await this.connectionRepository.update(connectionRecord) + const { outOfBandInvitation } = outOfBandRecord - this.eventEmitter.emit({ - type: ConnectionEventTypes.ConnectionStateChanged, - payload: { - connectionRecord: connectionRecord, - previousState: null, - }, - }) + const { did, mediatorId } = config.routing + const didDoc = this.createDidDoc(config.routing) - return { connectionRecord: connectionRecord, message: invitation } - } + // TODO: We should store only one did that we'll use to send the request message with success. + // We take just the first one for now. + const [invitationDid] = outOfBandInvitation.invitationDids - /** - * Process a received invitation message. This will not accept the invitation - * or send an invitation request message. It will only create a connection record - * with all the information about the invitation stored. Use {@link ConnectionService.createRequest} - * after calling this function to create a connection request. - * - * @param invitation the invitation message to process - * @returns new connection record. - */ - public async processInvitation( - invitation: ConnectionInvitationMessage, - config: { - routing: Routing - autoAcceptConnection?: boolean - alias?: string - } - ): Promise { const connectionRecord = await this.createConnection({ - role: ConnectionRole.Invitee, - state: ConnectionState.Invited, + protocol: HandshakeProtocol.Connections, + role: DidExchangeRole.Requester, + state: DidExchangeState.InvitationReceived, + theirLabel: outOfBandInvitation.label, alias: config?.alias, - theirLabel: invitation.label, + did, + mediatorId, autoAcceptConnection: config?.autoAcceptConnection, - routing: config.routing, - invitation, - imageUrl: invitation.imageUrl, - tags: { - invitationKey: invitation.recipientKeys && invitation.recipientKeys[0], - }, multiUseInvitation: false, + outOfBandId: outOfBandRecord.id, + invitationDid, }) - await this.connectionRepository.update(connectionRecord) - this.eventEmitter.emit({ - type: ConnectionEventTypes.ConnectionStateChanged, - payload: { - connectionRecord: connectionRecord, - previousState: null, - }, - }) - - return connectionRecord - } - - /** - * Create a connection request message for the connection with the specified connection id. - * - * @param connectionId the id of the connection for which to create a connection request - * @param config config for creation of connection request - * @returns outbound message containing connection request - */ - public async createRequest( - connectionId: string, - config: { - myLabel?: string - myImageUrl?: string - autoAcceptConnection?: boolean - } = {} - ): Promise> { - const connectionRecord = await this.connectionRepository.getById(connectionId) - connectionRecord.assertState(ConnectionState.Invited) - connectionRecord.assertRole(ConnectionRole.Invitee) + const { did: peerDid } = await this.createDid({ + role: DidDocumentRole.Created, + didDocument: convertToNewDidDocument(didDoc), + }) - const { myLabel, myImageUrl, autoAcceptConnection } = config + const { label, imageUrl, autoAcceptConnection } = config const connectionRequest = new ConnectionRequestMessage({ - label: myLabel ?? this.config.label, + label: label ?? this.config.label, did: connectionRecord.did, - didDoc: connectionRecord.didDoc, - imageUrl: myImageUrl ?? this.config.connectionImageUrl, + didDoc, + imageUrl: imageUrl ?? this.config.connectionImageUrl, }) if (autoAcceptConnection !== undefined || autoAcceptConnection !== null) { connectionRecord.autoAcceptConnection = config?.autoAcceptConnection } - connectionRecord.autoAcceptConnection = config?.autoAcceptConnection - await this.updateState(connectionRecord, ConnectionState.Requested) + connectionRecord.did = peerDid + connectionRecord.threadId = connectionRequest.id + await this.updateState(connectionRecord, DidExchangeState.RequestSent) return { - connectionRecord: connectionRecord, + connectionRecord, message: connectionRequest, } } - /** - * Process a received connection request message. This will not accept the connection request - * or send a connection response message. It will only update the existing connection record - * with all the new information from the connection request message. Use {@link ConnectionService.createResponse} - * after calling this function to create a connection response. - * - * @param messageContext the message context containing a connection request message - * @returns updated connection record - */ public async processRequest( messageContext: InboundMessageContext, + outOfBandRecord: OutOfBandRecord, routing?: Routing ): Promise { - const { message, recipientVerkey, senderVerkey } = messageContext + this.logger.debug(`Process message ${ConnectionRequestMessage.type} start`, messageContext) + outOfBandRecord.assertRole(OutOfBandRole.Sender) + outOfBandRecord.assertState(OutOfBandState.AwaitResponse) - if (!recipientVerkey || !senderVerkey) { - throw new AriesFrameworkError('Unable to process connection request without senderVerkey or recipientVerkey') - } + // TODO check there is no connection record for particular oob record - let connectionRecord = await this.findByVerkey(recipientVerkey) - if (!connectionRecord) { - throw new AriesFrameworkError( - `Unable to process connection request: connection for verkey ${recipientVerkey} not found` - ) + const { did, mediatorId } = routing ? routing : outOfBandRecord + if (!did) { + throw new AriesFrameworkError('Out-of-band record does not have did attribute.') } - connectionRecord.assertState(ConnectionState.Invited) - connectionRecord.assertRole(ConnectionRole.Inviter) + const { message } = messageContext if (!message.connection.didDoc) { throw new ConnectionProblemReportError('Public DIDs are not supported yet', { problemCode: ConnectionProblemReportReason.RequestNotAccepted, }) } - // Create new connection if using a multi use invitation - if (connectionRecord.multiUseInvitation) { - if (!routing) { - throw new AriesFrameworkError( - 'Cannot process request for multi-use invitation without routing object. Make sure to call processRequest with the routing parameter provided.' - ) - } + const connectionRecord = await this.createConnection({ + protocol: HandshakeProtocol.Connections, + role: DidExchangeRole.Responder, + state: DidExchangeState.RequestReceived, + multiUseInvitation: false, + did, + mediatorId, + autoAcceptConnection: outOfBandRecord.autoAcceptConnection, + }) - connectionRecord = await this.createConnection({ - role: connectionRecord.role, - state: connectionRecord.state, - multiUseInvitation: false, - routing, - autoAcceptConnection: connectionRecord.autoAcceptConnection, - invitation: connectionRecord.invitation, - tags: connectionRecord.getTags(), - }) - } + const { did: peerDid } = await this.createDid({ + role: DidDocumentRole.Received, + didDocument: convertToNewDidDocument(message.connection.didDoc), + }) - connectionRecord.theirDidDoc = message.connection.didDoc + connectionRecord.theirDid = peerDid connectionRecord.theirLabel = message.label connectionRecord.threadId = message.id - connectionRecord.theirDid = message.connection.did connectionRecord.imageUrl = message.imageUrl + connectionRecord.outOfBandId = outOfBandRecord.id - if (!connectionRecord.theirKey) { - throw new AriesFrameworkError(`Connection with id ${connectionRecord.id} has no recipient keys.`) - } - - await this.updateState(connectionRecord, ConnectionState.Requested) + await this.connectionRepository.update(connectionRecord) + this.eventEmitter.emit({ + type: ConnectionEventTypes.ConnectionStateChanged, + payload: { + connectionRecord, + previousState: null, + }, + }) + this.logger.debug(`Process message ${ConnectionRequestMessage.type} end`, connectionRecord) return connectionRecord } /** * Create a connection response message for the connection with the specified connection id. * - * @param connectionId the id of the connection for which to create a connection response + * @param connectionRecord the connection for which to create a connection response * @returns outbound message containing connection response */ public async createResponse( - connectionId: string + connectionRecord: ConnectionRecord, + outOfBandRecord: OutOfBandRecord, + routing?: Routing ): Promise> { - const connectionRecord = await this.connectionRepository.getById(connectionId) + this.logger.debug(`Create message ${ConnectionResponseMessage.type} start`, connectionRecord) + connectionRecord.assertState(DidExchangeState.RequestReceived) + connectionRecord.assertRole(DidExchangeRole.Responder) + + const { did } = routing ? routing : outOfBandRecord + if (!did) { + throw new AriesFrameworkError('Out-of-band record does not have did attribute.') + } + + const didDoc = routing + ? this.createDidDoc(routing) + : this.createDidDocFromServices( + did, + Key.fromFingerprint(outOfBandRecord.getTags().recipientKeyFingerprints[0]).publicKeyBase58, + outOfBandRecord.outOfBandInvitation.services.filter( + (s): s is OutOfBandDidCommService => typeof s !== 'string' + ) + ) - connectionRecord.assertState(ConnectionState.Requested) - connectionRecord.assertRole(ConnectionRole.Inviter) + const { did: peerDid } = await this.createDid({ + role: DidDocumentRole.Created, + didDocument: convertToNewDidDocument(didDoc), + }) const connection = new Connection({ - did: connectionRecord.did, - didDoc: connectionRecord.didDoc, + did, + didDoc, }) const connectionJson = JsonTransformer.toJSON(connection) if (!connectionRecord.threadId) { - throw new AriesFrameworkError(`Connection record with id ${connectionId} does not have a thread id`) + throw new AriesFrameworkError(`Connection record with id ${connectionRecord.id} does not have a thread id`) } - // Use invitationKey by default, fall back to verkey - const signingKey = (connectionRecord.getTag('invitationKey') as string) ?? connectionRecord.verkey + const signingKey = Key.fromFingerprint(outOfBandRecord.getTags().recipientKeyFingerprints[0]).publicKeyBase58 const connectionResponse = new ConnectionResponseMessage({ threadId: connectionRecord.threadId, connectionSig: await signData(connectionJson, this.wallet, signingKey), }) - await this.updateState(connectionRecord, ConnectionState.Responded) + connectionRecord.did = peerDid + await this.updateState(connectionRecord, DidExchangeState.ResponseSent) + this.logger.debug(`Create message ${ConnectionResponseMessage.type} end`, { + connectionRecord, + message: connectionResponse, + }) return { - connectionRecord: connectionRecord, + connectionRecord, message: connectionResponse, } } @@ -312,24 +278,22 @@ export class ConnectionService { * @returns updated connection record */ public async processResponse( - messageContext: InboundMessageContext + messageContext: InboundMessageContext, + outOfBandRecord: OutOfBandRecord ): Promise { - const { message, recipientVerkey, senderVerkey } = messageContext + this.logger.debug(`Process message ${ConnectionResponseMessage.type} start`, messageContext) + const { connection: connectionRecord, message, recipientKey, senderKey } = messageContext - if (!recipientVerkey || !senderVerkey) { - throw new AriesFrameworkError('Unable to process connection request without senderVerkey or recipientVerkey') + if (!recipientKey || !senderKey) { + throw new AriesFrameworkError('Unable to process connection request without senderKey or recipientKey') } - const connectionRecord = await this.findByVerkey(recipientVerkey) - if (!connectionRecord) { - throw new AriesFrameworkError( - `Unable to process connection response: connection for verkey ${recipientVerkey} not found` - ) + throw new AriesFrameworkError('No connection record in message context.') } - connectionRecord.assertState(ConnectionState.Requested) - connectionRecord.assertRole(ConnectionRole.Invitee) + connectionRecord.assertState(DidExchangeState.RequestSent) + connectionRecord.assertRole(DidExchangeRole.Requester) let connectionJson = null try { @@ -340,15 +304,22 @@ export class ConnectionService { problemCode: ConnectionProblemReportReason.RequestProcessingError, }) } + throw error } const connection = JsonTransformer.fromJSON(connectionJson, Connection) - await MessageValidator.validate(connection) + try { + await MessageValidator.validate(connection) + } catch (error) { + throw new Error(error) + } // Per the Connection RFC we must check if the key used to sign the connection~sig is the same key // as the recipient key(s) in the connection invitation message const signerVerkey = message.connectionSig.signer - const invitationKey = connectionRecord.getTags().invitationKey + + const invitationKey = Key.fromFingerprint(outOfBandRecord.getTags().recipientKeyFingerprints[0]).publicKeyBase58 + if (signerVerkey !== invitationKey) { throw new ConnectionProblemReportError( `Connection object in connection response message is not signed with same key as recipient key in invitation expected='${invitationKey}' received='${signerVerkey}'`, @@ -356,15 +327,19 @@ export class ConnectionService { ) } - connectionRecord.theirDid = connection.did - connectionRecord.theirDidDoc = connection.didDoc - connectionRecord.threadId = message.threadId - - if (!connectionRecord.theirKey) { - throw new AriesFrameworkError(`Connection with id ${connectionRecord.id} has no recipient keys.`) + if (!connection.didDoc) { + throw new AriesFrameworkError('DID Document is missing.') } - await this.updateState(connectionRecord, ConnectionState.Responded) + const { did: peerDid } = await this.createDid({ + role: DidDocumentRole.Received, + didDocument: convertToNewDidDocument(connection.didDoc), + }) + + connectionRecord.theirDid = peerDid + connectionRecord.threadId = message.threadId + + await this.updateState(connectionRecord, DidExchangeState.ResponseReceived) return connectionRecord } @@ -374,17 +349,15 @@ export class ConnectionService { * By default a trust ping message should elicit a response. If this is not desired the * `config.responseRequested` property can be set to `false`. * - * @param connectionId the id of the connection for which to create a trust ping message + * @param connectionRecord the connection for which to create a trust ping message * @param config the config for the trust ping message * @returns outbound message containing trust ping message */ public async createTrustPing( - connectionId: string, + connectionRecord: ConnectionRecord, config: { responseRequested?: boolean; comment?: string } = {} ): Promise> { - const connectionRecord = await this.connectionRepository.getById(connectionId) - - connectionRecord.assertState([ConnectionState.Responded, ConnectionState.Complete]) + connectionRecord.assertState([DidExchangeState.ResponseReceived, DidExchangeState.Completed]) // TODO: // - create ack message @@ -392,12 +365,12 @@ export class ConnectionService { const trustPing = new TrustPingMessage(config) // Only update connection record and emit an event if the state is not already 'Complete' - if (connectionRecord.state !== ConnectionState.Complete) { - await this.updateState(connectionRecord, ConnectionState.Complete) + if (connectionRecord.state !== DidExchangeState.Completed) { + await this.updateState(connectionRecord, DidExchangeState.Completed) } return { - connectionRecord: connectionRecord, + connectionRecord, message: trustPing, } } @@ -410,18 +383,18 @@ export class ConnectionService { * @returns updated connection record */ public async processAck(messageContext: InboundMessageContext): Promise { - const { connection, recipientVerkey } = messageContext + const { connection, recipientKey } = messageContext if (!connection) { throw new AriesFrameworkError( - `Unable to process connection ack: connection for verkey ${recipientVerkey} not found` + `Unable to process connection ack: connection for recipient key ${recipientKey?.fingerprint} not found` ) } // TODO: This is better addressed in a middleware of some kind because // any message can transition the state to complete, not just an ack or trust ping - if (connection.state === ConnectionState.Responded && connection.role === ConnectionRole.Inviter) { - await this.updateState(connection, ConnectionState.Complete) + if (connection.state === DidExchangeState.ResponseSent && connection.role === DidExchangeRole.Responder) { + await this.updateState(connection, DidExchangeState.Completed) } return connection @@ -437,24 +410,35 @@ export class ConnectionService { public async processProblemReport( messageContext: InboundMessageContext ): Promise { - const { message: connectionProblemReportMessage, recipientVerkey, senderVerkey } = messageContext + const { message: connectionProblemReportMessage, recipientKey, senderKey } = messageContext - this.logger.debug(`Processing connection problem report for verkey ${recipientVerkey}`) + this.logger.debug(`Processing connection problem report for verkey ${recipientKey?.fingerprint}`) - if (!recipientVerkey) { - throw new AriesFrameworkError('Unable to process connection problem report without recipientVerkey') + if (!recipientKey) { + throw new AriesFrameworkError('Unable to process connection problem report without recipientKey') } - const connectionRecord = await this.findByVerkey(recipientVerkey) + let connectionRecord + const ourDidRecords = await this.didRepository.findAllByRecipientKey(recipientKey) + for (const ourDidRecord of ourDidRecords) { + connectionRecord = await this.findByOurDid(ourDidRecord.id) + } if (!connectionRecord) { throw new AriesFrameworkError( - `Unable to process connection problem report: connection for verkey ${recipientVerkey} not found` + `Unable to process connection problem report: connection for recipient key ${recipientKey.fingerprint} not found` ) } - if (connectionRecord.theirKey && connectionRecord.theirKey !== senderVerkey) { - throw new AriesFrameworkError("Sender verkey doesn't match verkey of connection record") + const theirDidRecord = connectionRecord.theirDid && (await this.didRepository.findById(connectionRecord.theirDid)) + if (!theirDidRecord) { + throw new AriesFrameworkError(`Did record with id ${connectionRecord.theirDid} not found.`) + } + + if (senderKey) { + if (!theirDidRecord?.getTags().recipientKeyFingerprints?.includes(senderKey.fingerprint)) { + throw new AriesFrameworkError("Sender key doesn't match key of connection record") + } } connectionRecord.errorMessage = `${connectionProblemReportMessage.description.code} : ${connectionProblemReportMessage.description.en}` @@ -492,21 +476,20 @@ export class ConnectionService { type: message.type, }) + const recipientKey = messageContext.recipientKey && messageContext.recipientKey.publicKeyBase58 + const senderKey = messageContext.senderKey && messageContext.senderKey.publicKeyBase58 + if (previousSentMessage) { // If we have previously sent a message, it is not allowed to receive an OOB/unpacked message - if (!messageContext.recipientVerkey) { + if (!recipientKey) { throw new AriesFrameworkError( 'Cannot verify service without recipientKey on incoming message (received unpacked message)' ) } // Check if the inbound message recipient key is present - // in the recipientKeys of previously sent message ~service decorator() - - if ( - !previousSentMessage?.service || - !previousSentMessage.service.recipientKeys.includes(messageContext.recipientVerkey) - ) { + // in the recipientKeys of previously sent message ~service decorator + if (!previousSentMessage?.service || !previousSentMessage.service.recipientKeys.includes(recipientKey)) { throw new AriesFrameworkError( 'Previously sent message ~service recipientKeys does not include current received message recipient key' ) @@ -515,7 +498,7 @@ export class ConnectionService { if (previousReceivedMessage) { // If we have previously received a message, it is not allowed to receive an OOB/unpacked/AnonCrypt message - if (!messageContext.senderVerkey) { + if (!senderKey) { throw new AriesFrameworkError( 'Cannot verify service without senderKey on incoming message (received AnonCrypt or unpacked message)' ) @@ -523,11 +506,7 @@ export class ConnectionService { // Check if the inbound message sender key is present // in the recipientKeys of previously received message ~service decorator - - if ( - !previousReceivedMessage.service || - !previousReceivedMessage.service.recipientKeys.includes(messageContext.senderVerkey) - ) { + if (!previousReceivedMessage.service || !previousReceivedMessage.service.recipientKeys.includes(senderKey)) { throw new AriesFrameworkError( 'Previously received message ~service recipientKeys does not include current received message sender key' ) @@ -535,13 +514,13 @@ export class ConnectionService { } // If message is received unpacked/, we need to make sure it included a ~service decorator - if (!message.service && !messageContext.recipientVerkey) { + if (!message.service && !recipientKey) { throw new AriesFrameworkError('Message recipientKey must have ~service decorator') } } } - public async updateState(connectionRecord: ConnectionRecord, newState: ConnectionState) { + public async updateState(connectionRecord: ConnectionRecord, newState: DidExchangeState) { const previousState = connectionRecord.state connectionRecord.state = newState await this.connectionRepository.update(connectionRecord) @@ -549,7 +528,7 @@ export class ConnectionService { this.eventEmitter.emit({ type: ConnectionEventTypes.ConnectionStateChanged, payload: { - connectionRecord: connectionRecord, + connectionRecord, previousState, }, }) @@ -600,37 +579,8 @@ export class ConnectionService { return this.connectionRepository.delete(connectionRecord) } - /** - * Find connection by verkey. - * - * @param verkey the verkey to search for - * @returns the connection record, or null if not found - * @throws {RecordDuplicateError} if multiple connections are found for the given verkey - */ - public findByVerkey(verkey: string): Promise { - return this.connectionRepository.findByVerkey(verkey) - } - - /** - * Find connection by their verkey. - * - * @param verkey the verkey to search for - * @returns the connection record, or null if not found - * @throws {RecordDuplicateError} if multiple connections are found for the given verkey - */ - public findByTheirKey(verkey: string): Promise { - return this.connectionRepository.findByTheirKey(verkey) - } - - /** - * Find connection by invitation key. - * - * @param key the invitation key to search for - * @returns the connection record, or null if not found - * @throws {RecordDuplicateError} if multiple connections are found for the given verkey - */ - public findByInvitationKey(key: string): Promise { - return this.connectionRepository.findByInvitationKey(key) + public async findSingleByQuery(query: { did: string; theirDid: string }) { + return this.connectionRepository.findSingleByQuery(query) } /** @@ -645,19 +595,84 @@ export class ConnectionService { return this.connectionRepository.getByThreadId(threadId) } - private async createConnection(options: { - role: ConnectionRole - state: ConnectionState - invitation?: ConnectionInvitationMessage + public async findByTheirDid(did: string): Promise { + return this.connectionRepository.findSingleByQuery({ theirDid: did }) + } + + public async findByOurDid(did: string): Promise { + return this.connectionRepository.findSingleByQuery({ did }) + } + + public async findAllByOutOfBandId(outOfBandId: string) { + return this.connectionRepository.findByQuery({ outOfBandId }) + } + + public async findByInvitationDid(invitationDid: string) { + return this.connectionRepository.findByQuery({ invitationDid }) + } + + public async createConnection(options: { + role: DidExchangeRole + state: DidExchangeState alias?: string - routing: Routing + did: string + mediatorId?: string theirLabel?: string autoAcceptConnection?: boolean multiUseInvitation: boolean tags?: CustomConnectionTags imageUrl?: string + protocol?: HandshakeProtocol + outOfBandId?: string + invitationDid?: string }): Promise { - const { endpoints, did, verkey, routingKeys, mediatorId } = options.routing + const connectionRecord = new ConnectionRecord({ + did: options.did, + state: options.state, + role: options.role, + tags: options.tags, + alias: options.alias, + theirLabel: options.theirLabel, + autoAcceptConnection: options.autoAcceptConnection, + imageUrl: options.imageUrl, + multiUseInvitation: options.multiUseInvitation, + mediatorId: options.mediatorId, + protocol: options.protocol, + outOfBandId: options.outOfBandId, + invitationDid: options.invitationDid, + }) + await this.connectionRepository.save(connectionRecord) + return connectionRecord + } + + private async createDid({ role, didDocument }: { role: DidDocumentRole; didDocument: DidDocument }) { + const peerDid = didDocumentJsonToNumAlgo1Did(didDocument.toJSON()) + didDocument.id = peerDid + const didRecord = new DidRecord({ + id: peerDid, + role, + didDocument, + tags: { + // We need to save the recipientKeys, so we can find the associated did + // of a key when we receive a message from another connection. + recipientKeyFingerprints: didDocument.recipientKeys.map((key) => key.fingerprint), + }, + }) + + this.logger.debug('Saving DID record', { + id: didRecord.id, + role: didRecord.role, + tags: didRecord.getTags(), + didDocument: 'omitted...', + }) + + await this.didRepository.save(didRecord) + this.logger.debug('Did record created.', didRecord) + return { did: peerDid, didDocument } + } + + private createDidDoc(routing: Routing) { + const { endpoints, did, verkey, routingKeys } = routing const publicKey = new Ed25119Sig2018({ id: `${did}#1`, @@ -665,6 +680,10 @@ export class ConnectionService { publicKeyBase58: verkey, }) + // TODO: abstract the second parameter for ReferencedAuthentication away. This can be + // inferred from the publicKey class instance + const auth = new EmbeddedAuthentication(publicKey) + // IndyAgentService is old service type const services = endpoints.map( (endpoint, index) => @@ -678,40 +697,48 @@ export class ConnectionService { }) ) - // TODO: abstract the second parameter for ReferencedAuthentication away. This can be - // inferred from the publicKey class instance - const auth = new ReferencedAuthentication(publicKey, authenticationTypes[publicKey.type]) - - const didDoc = new DidDoc({ + return new DidDoc({ id: did, authentication: [auth], service: services, publicKey: [publicKey], }) + } - const connectionRecord = new ConnectionRecord({ - did, - didDoc, - verkey, - state: options.state, - role: options.role, - tags: options.tags, - invitation: options.invitation, - alias: options.alias, - theirLabel: options.theirLabel, - autoAcceptConnection: options.autoAcceptConnection, - imageUrl: options.imageUrl, - multiUseInvitation: options.multiUseInvitation, - mediatorId, + private createDidDocFromServices(did: string, recipientKey: string, services: OutOfBandDidCommService[]) { + const publicKey = new Ed25119Sig2018({ + id: `${did}#1`, + controller: did, + publicKeyBase58: recipientKey, }) - await this.connectionRepository.save(connectionRecord) - return connectionRecord + // TODO: abstract the second parameter for ReferencedAuthentication away. This can be + // inferred from the publicKey class instance + const auth = new EmbeddedAuthentication(publicKey) + + // IndyAgentService is old service type + const service = services.map( + (service, index) => + new IndyAgentService({ + id: `${did}#IndyAgentService`, + serviceEndpoint: service.serviceEndpoint, + recipientKeys: [recipientKey], + routingKeys: service.routingKeys?.map(didKeyToVerkey), + priority: index, + }) + ) + + return new DidDoc({ + id: did, + authentication: [auth], + service, + publicKey: [publicKey], + }) } public async returnWhenIsConnected(connectionId: string, timeoutMs = 20000): Promise { const isConnected = (connection: ConnectionRecord) => { - return connection.id === connectionId && connection.state === ConnectionState.Complete + return connection.id === connectionId && connection.state === DidExchangeState.Completed } const observable = this.eventEmitter.observable( diff --git a/packages/core/src/modules/connections/services/helpers.ts b/packages/core/src/modules/connections/services/helpers.ts new file mode 100644 index 0000000000..13dd81ba89 --- /dev/null +++ b/packages/core/src/modules/connections/services/helpers.ts @@ -0,0 +1,101 @@ +import type { DidDocument } from '../../dids' +import type { DidDoc, PublicKey } from '../models' + +import { KeyType } from '../../../crypto' +import { AriesFrameworkError } from '../../../error' +import { IndyAgentService, DidCommV1Service, Key, DidDocumentBuilder } from '../../dids' +import { getEd25519VerificationMethod } from '../../dids/domain/key-type/ed25519' +import { didDocumentJsonToNumAlgo1Did } from '../../dids/methods/peer/peerDidNumAlgo1' +import { EmbeddedAuthentication } from '../models' + +export function convertToNewDidDocument(didDoc: DidDoc): DidDocument { + const didDocumentBuilder = new DidDocumentBuilder('') + + const oldIdNewIdMapping: { [key: string]: string } = {} + + didDoc.authentication.forEach((auth) => { + const { publicKey: pk } = auth + + // did:peer did documents can only use referenced keys. + if (pk.type === 'Ed25519VerificationKey2018' && pk.value) { + const ed25519VerificationMethod = convertPublicKeyToVerificationMethod(pk) + + const oldKeyId = normalizeId(pk.id) + oldIdNewIdMapping[oldKeyId] = ed25519VerificationMethod.id + didDocumentBuilder.addAuthentication(ed25519VerificationMethod.id) + + // Only the auth is embedded, we also need to add the key to the verificationMethod + // for referenced authentication this should already be the case + if (auth instanceof EmbeddedAuthentication) { + didDocumentBuilder.addVerificationMethod(ed25519VerificationMethod) + } + } + }) + + didDoc.publicKey.forEach((pk) => { + if (pk.type === 'Ed25519VerificationKey2018' && pk.value) { + const ed25519VerificationMethod = convertPublicKeyToVerificationMethod(pk) + + const oldKeyId = normalizeId(pk.id) + oldIdNewIdMapping[oldKeyId] = ed25519VerificationMethod.id + didDocumentBuilder.addVerificationMethod(ed25519VerificationMethod) + } + }) + + didDoc.didCommServices.forEach((service) => { + const serviceId = normalizeId(service.id) + + // For didcommv1, we need to replace the old id with the new ones + if (service instanceof DidCommV1Service) { + const recipientKeys = service.recipientKeys.map((keyId) => { + const oldKeyId = normalizeId(keyId) + return oldIdNewIdMapping[oldKeyId] + }) + + service = new DidCommV1Service({ + id: serviceId, + recipientKeys, + serviceEndpoint: service.serviceEndpoint, + routingKeys: service.routingKeys, + accept: service.accept, + priority: service.priority, + }) + } else if (service instanceof IndyAgentService) { + service = new IndyAgentService({ + id: serviceId, + recipientKeys: service.recipientKeys, + serviceEndpoint: service.serviceEndpoint, + routingKeys: service.routingKeys, + priority: service.priority, + }) + } + + didDocumentBuilder.addService(service) + }) + + const didDocument = didDocumentBuilder.build() + + const peerDid = didDocumentJsonToNumAlgo1Did(didDocument.toJSON()) + didDocument.id = peerDid + + return didDocument +} + +function normalizeId(fullId: string): `#${string}` { + const [, id] = fullId.split('#') + + return `#${id ?? fullId}` +} + +function convertPublicKeyToVerificationMethod(publicKey: PublicKey) { + if (!publicKey.value) { + throw new AriesFrameworkError(`Public key ${publicKey.id} does not have value property`) + } + const publicKeyBase58 = publicKey.value + const ed25519Key = Key.fromPublicKeyBase58(publicKeyBase58, KeyType.Ed25519) + return getEd25519VerificationMethod({ + id: `#${publicKeyBase58.slice(0, 8)}`, + key: ed25519Key, + controller: '#id', + }) +} diff --git a/packages/core/src/modules/credentials/CredentialsModule.ts b/packages/core/src/modules/credentials/CredentialsModule.ts index 7b1c1d6d53..7fa15b693d 100644 --- a/packages/core/src/modules/credentials/CredentialsModule.ts +++ b/packages/core/src/modules/credentials/CredentialsModule.ts @@ -290,8 +290,8 @@ export class CredentialsModule implements CredentialsModule { await this.messageSender.sendMessageToService({ message, - service: recipientService.toDidCommService(), - senderKey: ourService.recipientKeys[0], + service: recipientService.resolvedDidCommService, + senderKey: ourService.resolvedDidCommService.recipientKeys[0], returnRoute: true, }) @@ -404,8 +404,8 @@ export class CredentialsModule implements CredentialsModule { await this.messageSender.sendMessageToService({ message, - service: recipientService.toDidCommService(), - senderKey: ourService.recipientKeys[0], + service: recipientService.resolvedDidCommService, + senderKey: ourService.resolvedDidCommService.recipientKeys[0], returnRoute: true, }) } @@ -458,8 +458,8 @@ export class CredentialsModule implements CredentialsModule { await this.messageSender.sendMessageToService({ message, - service: recipientService.toDidCommService(), - senderKey: ourService.recipientKeys[0], + service: recipientService.resolvedDidCommService, + senderKey: ourService.resolvedDidCommService.recipientKeys[0], returnRoute: true, }) } diff --git a/packages/core/src/modules/credentials/__tests__/V1CredentialService.cred.test.ts b/packages/core/src/modules/credentials/__tests__/V1CredentialService.cred.test.ts index 2a88f46be8..06f9ba7c00 100644 --- a/packages/core/src/modules/credentials/__tests__/V1CredentialService.cred.test.ts +++ b/packages/core/src/modules/credentials/__tests__/V1CredentialService.cred.test.ts @@ -20,7 +20,7 @@ import { AriesFrameworkError, RecordNotFoundError } from '../../../error' import { DidCommMessageRepository } from '../../../storage' import { JsonEncoder } from '../../../utils/JsonEncoder' import { AckStatus } from '../../common' -import { ConnectionState } from '../../connections' +import { DidExchangeState } from '../../connections' import { IndyHolderService } from '../../indy/services/IndyHolderService' import { IndyIssuerService } from '../../indy/services/IndyIssuerService' import { IndyLedgerService } from '../../ledger/services' @@ -72,7 +72,7 @@ const MediationRecipientServiceMock = MediationRecipientService as jest.Mock { + it('should return a valid did:key did document for and x25519 key', () => { + const didKey = DidKey.fromDid(TEST_X25519_DID) + const didDocument = getDidDocumentForKey(TEST_X25519_DID, didKey.key) + + expect(JsonTransformer.toJSON(didDocument)).toMatchObject(didKeyX25519Fixture) + }) + + it('should return a valid did:key did document for and ed25519 key', () => { + const didKey = DidKey.fromDid(TEST_ED25519_DID) + const didDocument = getDidDocumentForKey(TEST_ED25519_DID, didKey.key) + + expect(JsonTransformer.toJSON(didDocument)).toMatchObject(didKeyEd25519Fixture) + }) + + it('should return a valid did:key did document for and bls12381g1 key', () => { + const didKey = DidKey.fromDid(TEST_BLS12381G1_DID) + const didDocument = getDidDocumentForKey(TEST_BLS12381G1_DID, didKey.key) + + expect(JsonTransformer.toJSON(didDocument)).toMatchObject(didKeyBls12381g1Fixture) + }) + + it('should return a valid did:key did document for and bls12381g2 key', () => { + const didKey = DidKey.fromDid(TEST_BLS12381G2_DID) + const didDocument = getDidDocumentForKey(TEST_BLS12381G2_DID, didKey.key) + + expect(JsonTransformer.toJSON(didDocument)).toMatchObject(didKeyBls12381g2Fixture) + }) + + it('should return a valid did:key did document for and bls12381g1g2 key', () => { + const didKey = DidKey.fromDid(TEST_BLS12381G1G2_DID) + const didDocument = getDidDocumentForKey(TEST_BLS12381G1G2_DID, didKey.key) + + expect(JsonTransformer.toJSON(didDocument)).toMatchObject(didKeyBls12381g1g2Fixture) + }) +}) diff --git a/packages/core/src/modules/dids/__tests__/peer-did.test.ts b/packages/core/src/modules/dids/__tests__/peer-did.test.ts index 098b16d745..79e125d5ae 100644 --- a/packages/core/src/modules/dids/__tests__/peer-did.test.ts +++ b/packages/core/src/modules/dids/__tests__/peer-did.test.ts @@ -5,7 +5,7 @@ import { KeyType } from '../../../crypto' import { IndyStorageService } from '../../../storage/IndyStorageService' import { JsonTransformer } from '../../../utils' import { IndyWallet } from '../../../wallet/IndyWallet' -import { DidCommService, DidDocument, DidDocumentBuilder, Key } from '../domain' +import { DidCommV1Service, DidDocument, DidDocumentBuilder, Key } from '../domain' import { DidDocumentRole } from '../domain/DidDocumentRole' import { convertPublicKeyToX25519, getEd25519VerificationMethod } from '../domain/key-type/ed25519' import { getX25519VerificationMethod } from '../domain/key-type/x25519' @@ -75,7 +75,7 @@ describe('peer dids', () => { // Use ed25519 did:key, which also includes the x25519 key used for didcomm const mediatorRoutingKey = `${mediatorEd25519DidKey.did}#${mediatorX25519Key.fingerprint}` - const service = new DidCommService({ + const service = new DidCommV1Service({ id: '#service-0', // Fixme: can we use relative reference (#id) instead of absolute reference here (did:example:123#id)? // We don't know the did yet @@ -117,7 +117,7 @@ describe('peer dids', () => { tags: { // We need to save the recipientKeys, so we can find the associated did // of a key when we receive a message from another connection. - recipientKeys: didDocument.recipientKeys, + recipientKeyFingerprints: didDocument.recipientKeys.map((key) => key.fingerprint), }, }) @@ -154,7 +154,7 @@ describe('peer dids', () => { tags: { // We need to save the recipientKeys, so we can find the associated did // of a key when we receive a message from another connection. - recipientKeys: didDocument.recipientKeys, + recipientKeyFingerprints: didDocument.recipientKeys.map((key) => key.fingerprint), }, }) diff --git a/packages/core/src/modules/dids/domain/DidDocument.ts b/packages/core/src/modules/dids/domain/DidDocument.ts index 502536715d..a25f132cc3 100644 --- a/packages/core/src/modules/dids/domain/DidDocument.ts +++ b/packages/core/src/modules/dids/domain/DidDocument.ts @@ -3,12 +3,22 @@ import type { DidDocumentService } from './service' import { Expose, Type } from 'class-transformer' import { IsArray, IsOptional, IsString, ValidateNested } from 'class-validator' +import { KeyType } from '../../../crypto' import { JsonTransformer } from '../../../utils/JsonTransformer' import { IsStringOrStringArray } from '../../../utils/transformers' -import { IndyAgentService, ServiceTransformer, DidCommService } from './service' +import { Key } from './Key' +import { getKeyDidMappingByVerificationMethod } from './key-type' +import { IndyAgentService, ServiceTransformer, DidCommV1Service } from './service' import { VerificationMethodTransformer, VerificationMethod, IsStringOrVerificationMethod } from './verificationMethod' +type DidPurpose = + | 'authentication' + | 'keyAgreement' + | 'assertionMethod' + | 'capabilityInvocation' + | 'capabilityDelegation' + interface DidDocumentOptions { context?: string | string[] id: string @@ -97,19 +107,43 @@ export class DidDocument { } } - public dereferenceKey(keyId: string) { + public dereferenceVerificationMethod(keyId: string) { // TODO: once we use JSON-LD we should use that to resolve references in did documents. // for now we check whether the key id ends with the keyId. // so if looking for #123 and key.id is did:key:123#123, it is valid. But #123 as key.id is also valid const verificationMethod = this.verificationMethod?.find((key) => key.id.endsWith(keyId)) if (!verificationMethod) { - throw new Error(`Unable to locate verification with id '${keyId}'`) + throw new Error(`Unable to locate verification method with id '${keyId}'`) } return verificationMethod } + public dereferenceKey(keyId: string, allowedPurposes?: DidPurpose[]) { + const allPurposes: DidPurpose[] = [ + 'authentication', + 'keyAgreement', + 'assertionMethod', + 'capabilityInvocation', + 'capabilityDelegation', + ] + + const purposes = allowedPurposes ?? allPurposes + + for (const purpose of purposes) { + for (const key of this[purpose] ?? []) { + if (typeof key === 'string' && key.endsWith(keyId)) { + return this.dereferenceVerificationMethod(key) + } else if (typeof key !== 'string' && key.id.endsWith(keyId)) { + return key + } + } + } + + throw new Error(`Unable to locate verification method with id '${keyId}' in purposes ${purposes}`) + } + /** * Returns all of the service endpoints matching the given type. * @@ -134,25 +168,49 @@ export class DidDocument { * Get all DIDComm services ordered by priority descending. This means the highest * priority will be the first entry. */ - public get didCommServices(): Array { - const didCommServiceTypes = [IndyAgentService.type, DidCommService.type] + public get didCommServices(): Array { + const didCommServiceTypes = [IndyAgentService.type, DidCommV1Service.type] const services = (this.service?.filter((service) => didCommServiceTypes.includes(service.type)) ?? []) as Array< - IndyAgentService | DidCommService + IndyAgentService | DidCommV1Service > // Sort services based on indicated priority return services.sort((a, b) => b.priority - a.priority) } - public get recipientKeys(): string[] { - // Get a `recipientKeys` entries from the did document - return this.didCommServices.reduce( - (recipientKeys, service) => recipientKeys.concat(service.recipientKeys), - [] - ) + // TODO: it would probably be easier if we add a utility to each service so we don't have to handle logic for all service types here + public get recipientKeys(): Key[] { + let recipientKeys: Key[] = [] + + for (const service of this.didCommServices) { + if (service instanceof IndyAgentService) { + recipientKeys = [ + ...recipientKeys, + ...service.recipientKeys.map((publicKeyBase58) => Key.fromPublicKeyBase58(publicKeyBase58, KeyType.Ed25519)), + ] + } else if (service instanceof DidCommV1Service) { + recipientKeys = [ + ...recipientKeys, + ...service.recipientKeys.map((recipientKey) => keyReferenceToKey(this, recipientKey)), + ] + } + } + + return recipientKeys } public toJSON() { return JsonTransformer.toJSON(this) } } + +export function keyReferenceToKey(didDocument: DidDocument, keyId: string) { + // FIXME: we allow authentication keys as historically ed25519 keys have been used in did documents + // for didcomm. In the future we should update this to only be allowed for IndyAgent and DidCommV1 services + // as didcomm v2 doesn't have this issue anymore + const verificationMethod = didDocument.dereferenceKey(keyId, ['authentication', 'keyAgreement']) + const { getKeyFromVerificationMethod } = getKeyDidMappingByVerificationMethod(verificationMethod) + const key = getKeyFromVerificationMethod(verificationMethod) + + return key +} diff --git a/packages/core/src/modules/dids/domain/__tests__/DidDocument.test.ts b/packages/core/src/modules/dids/domain/__tests__/DidDocument.test.ts index 9d1cf36599..7bcd45e1dc 100644 --- a/packages/core/src/modules/dids/domain/__tests__/DidDocument.test.ts +++ b/packages/core/src/modules/dids/domain/__tests__/DidDocument.test.ts @@ -3,7 +3,7 @@ import { MessageValidator } from '../../../../utils/MessageValidator' import didExample123Fixture from '../../__tests__/__fixtures__/didExample123.json' import didExample456Invalid from '../../__tests__/__fixtures__/didExample456Invalid.json' import { DidDocument } from '../DidDocument' -import { DidDocumentService, IndyAgentService, DidCommService } from '../service' +import { DidDocumentService, IndyAgentService, DidCommV1Service } from '../service' import { VerificationMethod } from '../verificationMethod' const didDocumentInstance = new DidDocument({ @@ -43,7 +43,7 @@ const didDocumentInstance = new DidDocument({ routingKeys: ['Q4zqM7aXqm7gDQkUVLng9h'], priority: 5, }), - new DidCommService({ + new DidCommV1Service({ id: 'did:example:123#service-3', serviceEndpoint: 'https://agent.com/did-comm', recipientKeys: ['DADEajsDSaksLng9h'], @@ -99,7 +99,7 @@ const didDocumentInstance = new DidDocument({ }) describe('Did | DidDocument', () => { - it('should correctly transforms Json to DidDoc class', () => { + it('should correctly transforms Json to DidDocument class', () => { const didDocument = JsonTransformer.fromJSON(didExample123Fixture, DidDocument) // Check other properties @@ -118,7 +118,7 @@ describe('Did | DidDocument', () => { const services = didDocument.service ?? [] expect(services[0]).toBeInstanceOf(DidDocumentService) expect(services[1]).toBeInstanceOf(IndyAgentService) - expect(services[2]).toBeInstanceOf(DidCommService) + expect(services[2]).toBeInstanceOf(DidCommV1Service) // Check Authentication const authentication = didDocument.authentication ?? [] diff --git a/packages/core/src/modules/dids/domain/createPeerDidFromServices.ts b/packages/core/src/modules/dids/domain/createPeerDidFromServices.ts new file mode 100644 index 0000000000..3fe2375a35 --- /dev/null +++ b/packages/core/src/modules/dids/domain/createPeerDidFromServices.ts @@ -0,0 +1,73 @@ +import type { ResolvedDidCommService } from '../../../agent/MessageSender' + +import { convertPublicKeyToX25519 } from '@stablelib/ed25519' + +import { KeyType } from '../../../crypto' +import { AriesFrameworkError } from '../../../error' +import { uuid } from '../../../utils/uuid' +import { DidKey } from '../methods/key' + +import { DidDocumentBuilder } from './DidDocumentBuilder' +import { Key } from './Key' +import { getEd25519VerificationMethod } from './key-type/ed25519' +import { getX25519VerificationMethod } from './key-type/x25519' +import { DidCommV1Service } from './service/DidCommV1Service' + +export function createDidDocumentFromServices(services: ResolvedDidCommService[]) { + const didDocumentBuilder = new DidDocumentBuilder('') + + // Keep track off all added key id based on the fingerprint so we can add them to the recipientKeys as references + const recipientKeyIdMapping: { [fingerprint: string]: string } = {} + + services.forEach((service, index) => { + // Get the local key reference for each of the recipient keys + const recipientKeys = service.recipientKeys.map((recipientKey) => { + // Key already added to the did document + if (recipientKeyIdMapping[recipientKey.fingerprint]) return recipientKeyIdMapping[recipientKey.fingerprint] + + if (recipientKey.keyType !== KeyType.Ed25519) { + throw new AriesFrameworkError( + `Unable to create did document from services. recipient key type ${recipientKey.keyType} is not supported. Supported key types are ${KeyType.Ed25519}` + ) + } + const x25519Key = Key.fromPublicKey(convertPublicKeyToX25519(recipientKey.publicKey), KeyType.X25519) + + const ed25519VerificationMethod = getEd25519VerificationMethod({ + id: `#${uuid()}`, + key: recipientKey, + controller: '#id', + }) + const x25519VerificationMethod = getX25519VerificationMethod({ + id: `#${uuid()}`, + key: x25519Key, + controller: '#id', + }) + + recipientKeyIdMapping[recipientKey.fingerprint] = ed25519VerificationMethod.id + + // We should not add duplicated keys for services + didDocumentBuilder.addAuthentication(ed25519VerificationMethod).addKeyAgreement(x25519VerificationMethod) + + return recipientKeyIdMapping[recipientKey.fingerprint] + }) + + // Transform all routing keys into did:key:xxx#key-id references. This will probably change for didcomm v2 + const routingKeys = service.routingKeys?.map((key) => { + const didKey = new DidKey(key) + + return `${didKey.did}#${key.fingerprint}` + }) + + didDocumentBuilder.addService( + new DidCommV1Service({ + id: service.id, + priority: index, + serviceEndpoint: service.serviceEndpoint, + recipientKeys, + routingKeys, + }) + ) + }) + + return didDocumentBuilder.build() +} diff --git a/packages/core/src/modules/dids/domain/key-type/__tests__/bls12381g1.test.ts b/packages/core/src/modules/dids/domain/key-type/__tests__/bls12381g1.test.ts index 7c2068d092..ef18f6b92e 100644 --- a/packages/core/src/modules/dids/domain/key-type/__tests__/bls12381g1.test.ts +++ b/packages/core/src/modules/dids/domain/key-type/__tests__/bls12381g1.test.ts @@ -44,13 +44,6 @@ describe('bls12381g1', () => { expect(key.prefixedPublicKey.equals(TEST_BLS12381G1_PREFIX_BYTES)).toBe(true) }) - it('should return a valid did:key did document for the did', async () => { - const key = Key.fromFingerprint(TEST_BLS12381G1_FINGERPRINT) - const didDocument = keyDidBls12381g1.getDidDocument(TEST_BLS12381G1_DID, key) - - expect(JsonTransformer.toJSON(didDocument)).toMatchObject(keyBls12381g1Fixture) - }) - it('should return a valid verification method', async () => { const key = Key.fromFingerprint(TEST_BLS12381G1_FINGERPRINT) const verificationMethods = keyDidBls12381g1.getVerificationMethods(TEST_BLS12381G1_DID, key) diff --git a/packages/core/src/modules/dids/domain/key-type/__tests__/bls12381g1g2.test.ts b/packages/core/src/modules/dids/domain/key-type/__tests__/bls12381g1g2.test.ts index 61704f7c81..c1a53d2217 100644 --- a/packages/core/src/modules/dids/domain/key-type/__tests__/bls12381g1g2.test.ts +++ b/packages/core/src/modules/dids/domain/key-type/__tests__/bls12381g1g2.test.ts @@ -55,13 +55,6 @@ describe('bls12381g1g2', () => { expect(key.prefixedPublicKey.equals(TEST_BLS12381G1G2_PREFIX_BYTES)).toBe(true) }) - it('should return a valid did:key did document for the did', async () => { - const key = Key.fromFingerprint(TEST_BLS12381G1G2_FINGERPRINT) - const didDocument = keyDidBls12381g1g2.getDidDocument(TEST_BLS12381G1G2_DID, key) - - expect(JsonTransformer.toJSON(didDocument)).toMatchObject(keyBls12381g1g2Fixture) - }) - it('should return a valid verification method', async () => { const key = Key.fromFingerprint(TEST_BLS12381G1G2_FINGERPRINT) const verificationMethods = keyDidBls12381g1g2.getVerificationMethods(TEST_BLS12381G1G2_DID, key) diff --git a/packages/core/src/modules/dids/domain/key-type/__tests__/bls12381g2.test.ts b/packages/core/src/modules/dids/domain/key-type/__tests__/bls12381g2.test.ts index 2351a9a3b2..a9f82d19a9 100644 --- a/packages/core/src/modules/dids/domain/key-type/__tests__/bls12381g2.test.ts +++ b/packages/core/src/modules/dids/domain/key-type/__tests__/bls12381g2.test.ts @@ -46,13 +46,6 @@ describe('bls12381g2', () => { expect(key.prefixedPublicKey.equals(TEST_BLS12381G2_PREFIX_BYTES)).toBe(true) }) - it('should return a valid did:key did document for the did', async () => { - const key = Key.fromFingerprint(TEST_BLS12381G2_FINGERPRINT) - const didDocument = keyDidBls12381g2.getDidDocument(TEST_BLS12381G2_DID, key) - - expect(JsonTransformer.toJSON(didDocument)).toMatchObject(keyBls12381g2Fixture) - }) - it('should return a valid verification method', async () => { const key = Key.fromFingerprint(TEST_BLS12381G2_FINGERPRINT) const verificationMethods = keyDidBls12381g2.getVerificationMethods(TEST_BLS12381G2_DID, key) diff --git a/packages/core/src/modules/dids/domain/key-type/__tests__/ed25519.test.ts b/packages/core/src/modules/dids/domain/key-type/__tests__/ed25519.test.ts index d38f96da3b..c9c9911e11 100644 --- a/packages/core/src/modules/dids/domain/key-type/__tests__/ed25519.test.ts +++ b/packages/core/src/modules/dids/domain/key-type/__tests__/ed25519.test.ts @@ -44,13 +44,6 @@ describe('ed25519', () => { expect(didKey.prefixedPublicKey.equals(TEST_ED25519_PREFIX_BYTES)).toBe(true) }) - it('should return a valid did:key did document for the did', async () => { - const key = Key.fromFingerprint(TEST_ED25519_FINGERPRINT) - const didDocument = keyDidEd25519.getDidDocument(TEST_ED25519_DID, key) - - expect(JsonTransformer.toJSON(didDocument)).toMatchObject(didKeyEd25519Fixture) - }) - it('should return a valid verification method', async () => { const key = Key.fromFingerprint(TEST_ED25519_FINGERPRINT) const verificationMethods = keyDidEd25519.getVerificationMethods(TEST_ED25519_DID, key) diff --git a/packages/core/src/modules/dids/domain/key-type/__tests__/x25519.test.ts b/packages/core/src/modules/dids/domain/key-type/__tests__/x25519.test.ts index ee4080f83f..2908c0939b 100644 --- a/packages/core/src/modules/dids/domain/key-type/__tests__/x25519.test.ts +++ b/packages/core/src/modules/dids/domain/key-type/__tests__/x25519.test.ts @@ -44,13 +44,6 @@ describe('x25519', () => { expect(didKey.prefixedPublicKey.equals(TEST_X25519_PREFIX_BYTES)).toBe(true) }) - it('should return a valid did:key did document for the did', async () => { - const key = Key.fromFingerprint(TEST_X25519_FINGERPRINT) - const didDocument = keyDidX25519.getDidDocument(TEST_X25519_DID, key) - - expect(JsonTransformer.toJSON(didDocument)).toMatchObject(didKeyX25519Fixture) - }) - it('should return a valid verification method', async () => { const key = Key.fromFingerprint(TEST_X25519_FINGERPRINT) const verificationMethods = keyDidX25519.getVerificationMethods(TEST_X25519_DID, key) diff --git a/packages/core/src/modules/dids/domain/key-type/bls12381g1.ts b/packages/core/src/modules/dids/domain/key-type/bls12381g1.ts index 18fe54bc0a..50d208d119 100644 --- a/packages/core/src/modules/dids/domain/key-type/bls12381g1.ts +++ b/packages/core/src/modules/dids/domain/key-type/bls12381g1.ts @@ -4,8 +4,6 @@ import type { KeyDidMapping } from './keyDidMapping' import { KeyType } from '../../../../crypto' import { Key } from '../Key' -import { getSignatureKeyBase } from './getSignatureKeyBase' - const VERIFICATION_METHOD_TYPE_BLS12381G1_KEY_2020 = 'Bls12381G1Key2020' export function getBls12381g1VerificationMethod(did: string, key: Key) { @@ -17,20 +15,9 @@ export function getBls12381g1VerificationMethod(did: string, key: Key) { } } -export function getBls12381g1DidDoc(did: string, key: Key) { - const verificationMethod = getBls12381g1VerificationMethod(did, key) - - return getSignatureKeyBase({ - did, - key, - verificationMethod, - }).build() -} - export const keyDidBls12381g1: KeyDidMapping = { supportedVerificationMethodTypes: [VERIFICATION_METHOD_TYPE_BLS12381G1_KEY_2020], - getDidDocument: getBls12381g1DidDoc, getVerificationMethods: (did, key) => [getBls12381g1VerificationMethod(did, key)], getKeyFromVerificationMethod: (verificationMethod: VerificationMethod) => { if ( diff --git a/packages/core/src/modules/dids/domain/key-type/bls12381g1g2.ts b/packages/core/src/modules/dids/domain/key-type/bls12381g1g2.ts index 88f84783fc..a84456e0a5 100644 --- a/packages/core/src/modules/dids/domain/key-type/bls12381g1g2.ts +++ b/packages/core/src/modules/dids/domain/key-type/bls12381g1g2.ts @@ -1,7 +1,6 @@ import type { KeyDidMapping } from './keyDidMapping' import { KeyType } from '../../../../crypto' -import { DidDocumentBuilder } from '../DidDocumentBuilder' import { Key } from '../Key' import { getBls12381g1VerificationMethod } from './bls12381g1' @@ -20,26 +19,8 @@ export function getBls12381g1g2VerificationMethod(did: string, key: Key) { return [bls12381g1VerificationMethod, bls12381g2VerificationMethod] } -export function getBls12381g1g2DidDoc(did: string, key: Key) { - const verificationMethods = getBls12381g1g2VerificationMethod(did, key) - - const didDocumentBuilder = new DidDocumentBuilder(did) - - for (const verificationMethod of verificationMethods) { - didDocumentBuilder - .addVerificationMethod(verificationMethod) - .addAuthentication(verificationMethod.id) - .addAssertionMethod(verificationMethod.id) - .addCapabilityDelegation(verificationMethod.id) - .addCapabilityInvocation(verificationMethod.id) - } - - return didDocumentBuilder.build() -} - export const keyDidBls12381g1g2: KeyDidMapping = { supportedVerificationMethodTypes: [], - getDidDocument: getBls12381g1g2DidDoc, getVerificationMethods: getBls12381g1g2VerificationMethod, getKeyFromVerificationMethod: () => { diff --git a/packages/core/src/modules/dids/domain/key-type/bls12381g2.ts b/packages/core/src/modules/dids/domain/key-type/bls12381g2.ts index 1d215b61fd..0c476e86bb 100644 --- a/packages/core/src/modules/dids/domain/key-type/bls12381g2.ts +++ b/packages/core/src/modules/dids/domain/key-type/bls12381g2.ts @@ -4,8 +4,6 @@ import type { KeyDidMapping } from './keyDidMapping' import { KeyType } from '../../../../crypto' import { Key } from '../Key' -import { getSignatureKeyBase } from './getSignatureKeyBase' - const VERIFICATION_METHOD_TYPE_BLS12381G2_KEY_2020 = 'Bls12381G2Key2020' export function getBls12381g2VerificationMethod(did: string, key: Key) { @@ -17,20 +15,9 @@ export function getBls12381g2VerificationMethod(did: string, key: Key) { } } -export function getBls12381g2DidDoc(did: string, key: Key) { - const verificationMethod = getBls12381g2VerificationMethod(did, key) - - return getSignatureKeyBase({ - did, - key, - verificationMethod, - }).build() -} - export const keyDidBls12381g2: KeyDidMapping = { supportedVerificationMethodTypes: [VERIFICATION_METHOD_TYPE_BLS12381G2_KEY_2020], - getDidDocument: getBls12381g2DidDoc, getVerificationMethods: (did, key) => [getBls12381g2VerificationMethod(did, key)], getKeyFromVerificationMethod: (verificationMethod: VerificationMethod) => { diff --git a/packages/core/src/modules/dids/domain/key-type/ed25519.ts b/packages/core/src/modules/dids/domain/key-type/ed25519.ts index 11fd98bf7c..6fe91cc67e 100644 --- a/packages/core/src/modules/dids/domain/key-type/ed25519.ts +++ b/packages/core/src/modules/dids/domain/key-type/ed25519.ts @@ -6,9 +6,6 @@ import { convertPublicKeyToX25519 } from '@stablelib/ed25519' import { KeyType } from '../../../../crypto' import { Key } from '../Key' -import { getSignatureKeyBase } from './getSignatureKeyBase' -import { getX25519VerificationMethod } from './x25519' - const VERIFICATION_METHOD_TYPE_ED25519_VERIFICATION_KEY_2018 = 'Ed25519VerificationKey2018' export function getEd25519VerificationMethod({ key, id, controller }: { id: string; key: Key; controller: string }) { @@ -20,30 +17,8 @@ export function getEd25519VerificationMethod({ key, id, controller }: { id: stri } } -export function getEd25519DidDoc(did: string, key: Key) { - const verificationMethod = getEd25519VerificationMethod({ id: `${did}#${key.fingerprint}`, key, controller: did }) - - const publicKeyX25519 = convertPublicKeyToX25519(key.publicKey) - const didKeyX25519 = Key.fromPublicKey(publicKeyX25519, KeyType.X25519) - const x25519VerificationMethod = getX25519VerificationMethod({ - id: `${did}#${didKeyX25519.fingerprint}`, - key: didKeyX25519, - controller: did, - }) - - const didDocBuilder = getSignatureKeyBase({ did, key, verificationMethod }) - - didDocBuilder - .addContext('https://w3id.org/security/suites/ed25519-2018/v1') - .addContext('https://w3id.org/security/suites/x25519-2019/v1') - .addKeyAgreement(x25519VerificationMethod) - - return didDocBuilder.build() -} - export const keyDidEd25519: KeyDidMapping = { supportedVerificationMethodTypes: [VERIFICATION_METHOD_TYPE_ED25519_VERIFICATION_KEY_2018], - getDidDocument: getEd25519DidDoc, getVerificationMethods: (did, key) => [ getEd25519VerificationMethod({ id: `${did}#${key.fingerprint}`, key, controller: did }), ], diff --git a/packages/core/src/modules/dids/domain/key-type/getSignatureKeyBase.ts b/packages/core/src/modules/dids/domain/key-type/getSignatureKeyBase.ts deleted file mode 100644 index 377c8111bd..0000000000 --- a/packages/core/src/modules/dids/domain/key-type/getSignatureKeyBase.ts +++ /dev/null @@ -1,23 +0,0 @@ -import type { Key } from '../Key' -import type { VerificationMethod } from '../verificationMethod' - -import { DidDocumentBuilder } from '../DidDocumentBuilder' - -export function getSignatureKeyBase({ - did, - key, - verificationMethod, -}: { - did: string - key: Key - verificationMethod: VerificationMethod -}) { - const keyId = `${did}#${key.fingerprint}` - - return new DidDocumentBuilder(did) - .addVerificationMethod(verificationMethod) - .addAuthentication(keyId) - .addAssertionMethod(keyId) - .addCapabilityDelegation(keyId) - .addCapabilityInvocation(keyId) -} diff --git a/packages/core/src/modules/dids/domain/key-type/keyDidMapping.ts b/packages/core/src/modules/dids/domain/key-type/keyDidMapping.ts index 760d8b40db..deafe72518 100644 --- a/packages/core/src/modules/dids/domain/key-type/keyDidMapping.ts +++ b/packages/core/src/modules/dids/domain/key-type/keyDidMapping.ts @@ -1,4 +1,3 @@ -import type { DidDocument } from '../DidDocument' import type { Key } from '../Key' import type { VerificationMethod } from '../verificationMethod' @@ -12,7 +11,6 @@ import { keyDidX25519 } from './x25519' export interface KeyDidMapping { getVerificationMethods: (did: string, key: Key) => VerificationMethod[] - getDidDocument: (did: string, key: Key) => DidDocument getKeyFromVerificationMethod(verificationMethod: VerificationMethod): Key supportedVerificationMethodTypes: string[] } diff --git a/packages/core/src/modules/dids/domain/key-type/x25519.ts b/packages/core/src/modules/dids/domain/key-type/x25519.ts index 943e2027ae..359e48b2a3 100644 --- a/packages/core/src/modules/dids/domain/key-type/x25519.ts +++ b/packages/core/src/modules/dids/domain/key-type/x25519.ts @@ -2,7 +2,6 @@ import type { VerificationMethod } from '../verificationMethod' import type { KeyDidMapping } from './keyDidMapping' import { KeyType } from '../../../../crypto' -import { DidDocumentBuilder } from '../DidDocumentBuilder' import { Key } from '../Key' const VERIFICATION_METHOD_TYPE_X25519_KEY_AGREEMENT_KEY_2019 = 'X25519KeyAgreementKey2019' @@ -16,18 +15,9 @@ export function getX25519VerificationMethod({ key, id, controller }: { id: strin } } -export function getX25519DidDoc(did: string, key: Key) { - const verificationMethod = getX25519VerificationMethod({ id: `${did}#${key.fingerprint}`, key, controller: did }) - - const document = new DidDocumentBuilder(did).addKeyAgreement(verificationMethod).build() - - return document -} - export const keyDidX25519: KeyDidMapping = { supportedVerificationMethodTypes: [VERIFICATION_METHOD_TYPE_X25519_KEY_AGREEMENT_KEY_2019], - getDidDocument: getX25519DidDoc, getVerificationMethods: (did, key) => [ getX25519VerificationMethod({ id: `${did}#${key.fingerprint}`, key, controller: did }), ], diff --git a/packages/core/src/modules/dids/domain/keyDidDocument.ts b/packages/core/src/modules/dids/domain/keyDidDocument.ts new file mode 100644 index 0000000000..b0159f3d3e --- /dev/null +++ b/packages/core/src/modules/dids/domain/keyDidDocument.ts @@ -0,0 +1,110 @@ +import type { VerificationMethod } from './verificationMethod/VerificationMethod' + +import { KeyType } from '../../../crypto' + +import { DidDocumentBuilder } from './DidDocumentBuilder' +import { Key } from './Key' +import { getBls12381g1VerificationMethod } from './key-type/bls12381g1' +import { getBls12381g1g2VerificationMethod } from './key-type/bls12381g1g2' +import { getBls12381g2VerificationMethod } from './key-type/bls12381g2' +import { convertPublicKeyToX25519, getEd25519VerificationMethod } from './key-type/ed25519' +import { getX25519VerificationMethod } from './key-type/x25519' + +const didDocumentKeyTypeMapping = { + [KeyType.Ed25519]: getEd25519DidDoc, + [KeyType.X25519]: getX25519DidDoc, + [KeyType.Bls12381g1]: getBls12381g1DidDoc, + [KeyType.Bls12381g2]: getBls12381g2DidDoc, + [KeyType.Bls12381g1g2]: getBls12381g1g2DidDoc, +} + +export function getDidDocumentForKey(did: string, key: Key) { + const getDidDocument = didDocumentKeyTypeMapping[key.keyType] + + return getDidDocument(did, key) +} + +function getBls12381g1DidDoc(did: string, key: Key) { + const verificationMethod = getBls12381g1VerificationMethod(did, key) + + return getSignatureKeyBase({ + did, + key, + verificationMethod, + }).build() +} + +function getBls12381g1g2DidDoc(did: string, key: Key) { + const verificationMethods = getBls12381g1g2VerificationMethod(did, key) + + const didDocumentBuilder = new DidDocumentBuilder(did) + + for (const verificationMethod of verificationMethods) { + didDocumentBuilder + .addVerificationMethod(verificationMethod) + .addAuthentication(verificationMethod.id) + .addAssertionMethod(verificationMethod.id) + .addCapabilityDelegation(verificationMethod.id) + .addCapabilityInvocation(verificationMethod.id) + } + + return didDocumentBuilder.build() +} + +function getEd25519DidDoc(did: string, key: Key) { + const verificationMethod = getEd25519VerificationMethod({ id: `${did}#${key.fingerprint}`, key, controller: did }) + + const publicKeyX25519 = convertPublicKeyToX25519(key.publicKey) + const didKeyX25519 = Key.fromPublicKey(publicKeyX25519, KeyType.X25519) + const x25519VerificationMethod = getX25519VerificationMethod({ + id: `${did}#${didKeyX25519.fingerprint}`, + key: didKeyX25519, + controller: did, + }) + + const didDocBuilder = getSignatureKeyBase({ did, key, verificationMethod }) + + didDocBuilder + .addContext('https://w3id.org/security/suites/ed25519-2018/v1') + .addContext('https://w3id.org/security/suites/x25519-2019/v1') + .addKeyAgreement(x25519VerificationMethod) + + return didDocBuilder.build() +} + +function getX25519DidDoc(did: string, key: Key) { + const verificationMethod = getX25519VerificationMethod({ id: `${did}#${key.fingerprint}`, key, controller: did }) + + const document = new DidDocumentBuilder(did).addKeyAgreement(verificationMethod).build() + + return document +} + +function getBls12381g2DidDoc(did: string, key: Key) { + const verificationMethod = getBls12381g2VerificationMethod(did, key) + + return getSignatureKeyBase({ + did, + key, + verificationMethod, + }).build() +} + +function getSignatureKeyBase({ + did, + key, + verificationMethod, +}: { + did: string + key: Key + verificationMethod: VerificationMethod +}) { + const keyId = `${did}#${key.fingerprint}` + + return new DidDocumentBuilder(did) + .addVerificationMethod(verificationMethod) + .addAuthentication(keyId) + .addAssertionMethod(keyId) + .addCapabilityDelegation(keyId) + .addCapabilityInvocation(keyId) +} diff --git a/packages/core/src/modules/dids/domain/service/DidCommService.ts b/packages/core/src/modules/dids/domain/service/DidCommV1Service.ts similarity index 87% rename from packages/core/src/modules/dids/domain/service/DidCommService.ts rename to packages/core/src/modules/dids/domain/service/DidCommV1Service.ts index ef26161a59..52b1a84195 100644 --- a/packages/core/src/modules/dids/domain/service/DidCommService.ts +++ b/packages/core/src/modules/dids/domain/service/DidCommV1Service.ts @@ -2,7 +2,7 @@ import { ArrayNotEmpty, IsOptional, IsString } from 'class-validator' import { DidDocumentService } from './DidDocumentService' -export class DidCommService extends DidDocumentService { +export class DidCommV1Service extends DidDocumentService { public constructor(options: { id: string serviceEndpoint: string @@ -11,7 +11,7 @@ export class DidCommService extends DidDocumentService { accept?: string[] priority?: number }) { - super({ ...options, type: DidCommService.type }) + super({ ...options, type: DidCommV1Service.type }) if (options) { this.recipientKeys = options.recipientKeys diff --git a/packages/core/src/modules/dids/domain/service/DidDocumentService.ts b/packages/core/src/modules/dids/domain/service/DidDocumentService.ts index 3114076d2f..c3fd763ec5 100644 --- a/packages/core/src/modules/dids/domain/service/DidDocumentService.ts +++ b/packages/core/src/modules/dids/domain/service/DidDocumentService.ts @@ -1,5 +1,7 @@ import { IsString } from 'class-validator' +import { getProtocolScheme } from '../../../../utils/uri' + export class DidDocumentService { public constructor(options: { id: string; serviceEndpoint: string; type: string }) { if (options) { @@ -10,7 +12,7 @@ export class DidDocumentService { } public get protocolScheme(): string { - return this.serviceEndpoint.split(':')[0] + return getProtocolScheme(this.serviceEndpoint) } @IsString() diff --git a/packages/core/src/modules/dids/domain/service/ServiceTransformer.ts b/packages/core/src/modules/dids/domain/service/ServiceTransformer.ts index 31689ac980..a47c6173d5 100644 --- a/packages/core/src/modules/dids/domain/service/ServiceTransformer.ts +++ b/packages/core/src/modules/dids/domain/service/ServiceTransformer.ts @@ -2,14 +2,14 @@ import type { ClassConstructor } from 'class-transformer' import { Transform, plainToInstance } from 'class-transformer' -import { DidCommService } from './DidCommService' +import { DidCommV1Service } from './DidCommV1Service' import { DidCommV2Service } from './DidCommV2Service' import { DidDocumentService } from './DidDocumentService' import { IndyAgentService } from './IndyAgentService' export const serviceTypes: { [key: string]: unknown | undefined } = { [IndyAgentService.type]: IndyAgentService, - [DidCommService.type]: DidCommService, + [DidCommV1Service.type]: DidCommV1Service, [DidCommV2Service.type]: DidCommV2Service, } diff --git a/packages/core/src/modules/dids/domain/service/index.ts b/packages/core/src/modules/dids/domain/service/index.ts index 83cdf99316..51fc9bc8d9 100644 --- a/packages/core/src/modules/dids/domain/service/index.ts +++ b/packages/core/src/modules/dids/domain/service/index.ts @@ -1,7 +1,7 @@ -import { DidCommService } from './DidCommService' +import { DidCommV1Service } from './DidCommV1Service' import { DidCommV2Service } from './DidCommV2Service' import { DidDocumentService } from './DidDocumentService' import { IndyAgentService } from './IndyAgentService' import { ServiceTransformer, serviceTypes } from './ServiceTransformer' -export { IndyAgentService, DidCommService, DidDocumentService, DidCommV2Service, ServiceTransformer, serviceTypes } +export { IndyAgentService, DidCommV1Service, DidDocumentService, DidCommV2Service, ServiceTransformer, serviceTypes } diff --git a/packages/core/src/modules/dids/helpers.ts b/packages/core/src/modules/dids/helpers.ts new file mode 100644 index 0000000000..2a8316a59f --- /dev/null +++ b/packages/core/src/modules/dids/helpers.ts @@ -0,0 +1,32 @@ +import { KeyType } from '../../crypto' + +import { Key } from './domain/Key' +import { DidKey } from './methods/key' + +export function didKeyToVerkey(key: string) { + if (key.startsWith('did:key')) { + const publicKeyBase58 = DidKey.fromDid(key).key.publicKeyBase58 + return publicKeyBase58 + } + return key +} + +export function verkeyToDidKey(key: string) { + if (key.startsWith('did:key')) { + return key + } + const publicKeyBase58 = key + const ed25519Key = Key.fromPublicKeyBase58(publicKeyBase58, KeyType.Ed25519) + const didKey = new DidKey(ed25519Key) + return didKey.did +} + +export function didKeyToInstanceOfKey(key: string) { + const didKey = DidKey.fromDid(key) + return didKey.key +} + +export function verkeyToInstanceOfKey(verkey: string) { + const ed25519Key = Key.fromPublicKeyBase58(verkey, KeyType.Ed25519) + return ed25519Key +} diff --git a/packages/core/src/modules/dids/methods/key/DidKey.ts b/packages/core/src/modules/dids/methods/key/DidKey.ts index 7f6fbb3c51..e2e190120d 100644 --- a/packages/core/src/modules/dids/methods/key/DidKey.ts +++ b/packages/core/src/modules/dids/methods/key/DidKey.ts @@ -1,5 +1,5 @@ import { Key } from '../../domain/Key' -import { getKeyDidMappingByKeyType } from '../../domain/key-type' +import { getDidDocumentForKey } from '../../domain/keyDidDocument' import { parseDid } from '../../domain/parse' export class DidKey { @@ -21,8 +21,6 @@ export class DidKey { } public get didDocument() { - const { getDidDocument } = getKeyDidMappingByKeyType(this.key.keyType) - - return getDidDocument(this.did, this.key) + return getDidDocumentForKey(this.did, this.key) } } diff --git a/packages/core/src/modules/dids/methods/peer/DidPeer.ts~73d296f6 (fix: always encode keys according to RFCs (#733)) b/packages/core/src/modules/dids/methods/peer/DidPeer.ts~73d296f6 (fix: always encode keys according to RFCs (#733)) new file mode 100644 index 0000000000..e73554e2a2 --- /dev/null +++ b/packages/core/src/modules/dids/methods/peer/DidPeer.ts~73d296f6 (fix: always encode keys according to RFCs (#733)) @@ -0,0 +1,134 @@ +import type { DidDocument } from '../../domain' +import type { ParsedDid } from '../../types' + +import { instanceToInstance } from 'class-transformer' + +import { JsonEncoder, MultiBaseEncoder, MultiHashEncoder } from '../../../../utils' +import { Key } from '../../domain/Key' +import { getDidDocumentForKey } from '../../domain/keyDidDocument' +import { parseDid } from '../../domain/parse' + +import { didDocumentToNumAlgo2Did, didToNumAlgo2DidDocument } from './peerDidNumAlgo2' + +const PEER_DID_REGEX = new RegExp( + '^did:peer:(([01](z)([1-9a-km-zA-HJ-NP-Z]{5,200}))|(2((.[AEVID](z)([1-9a-km-zA-HJ-NP-Z]{5,200}))+(.(S)[0-9a-zA-Z=]*)?)))$' +) + +export const enum PeerDidNumAlgo { + InceptionKeyWithoutDoc = 0, + GenesisDoc = 1, + MultipleInceptionKeyWithoutDoc = 2, +} + +function getNumAlgoFromPeerDid(did: string) { + return Number(did[9]) +} + +export class DidPeer { + private readonly parsedDid: ParsedDid + + // If numAlgo 1 is used, the did document always has a did document + private readonly _didDocument?: DidDocument + + private constructor({ didDocument, did }: { did: string; didDocument?: DidDocument }) { + const parsed = parseDid(did) + + if (!this.isValidPeerDid(did)) { + throw new Error(`Invalid peer did '${did}'`) + } + + this.parsedDid = parsed + this._didDocument = didDocument + } + + public static fromKey(key: Key) { + const did = `did:peer:0${key.fingerprint}` + return new DidPeer({ did }) + } + + public static fromDid(did: string) { + return new DidPeer({ + did, + }) + } + + public static fromDidDocument( + didDocument: DidDocument, + numAlgo?: PeerDidNumAlgo.GenesisDoc | PeerDidNumAlgo.MultipleInceptionKeyWithoutDoc + ): DidPeer { + if (!numAlgo && didDocument.id.startsWith('did:peer:')) { + numAlgo = getNumAlgoFromPeerDid(didDocument.id) + } + + if (!numAlgo) { + throw new Error( + 'Could not determine numAlgo. The did document must either have a full id property containing the numAlgo, or the numAlgo must be provided as a separate property' + ) + } + + if (numAlgo === PeerDidNumAlgo.GenesisDoc) { + // FIXME: We should do this on the JSON value of the did document, as the DidDocument class + // adds a lot of properties and default values that will mess with the hash value + // Remove id from did document as the id should be generated without an id. + const didDocumentBuffer = JsonEncoder.toBuffer({ ...didDocument.toJSON(), id: undefined }) + + const didIdentifier = MultiBaseEncoder.encode(MultiHashEncoder.encode(didDocumentBuffer, 'sha2-256'), 'base58btc') + + const did = `did:peer:1${didIdentifier}` + + return new DidPeer({ did, didDocument }) + } else if (numAlgo === PeerDidNumAlgo.MultipleInceptionKeyWithoutDoc) { + const did = didDocumentToNumAlgo2Did(didDocument) + return new DidPeer({ did }) + } else { + throw new Error(`Unsupported numAlgo: ${numAlgo}. Not all peer did methods support parsing a did document`) + } + } + + public get did() { + return this.parsedDid.did + } + + public get numAlgo(): PeerDidNumAlgo { + // numalgo is the first digit of the method specific identifier + return Number(this.parsedDid.id[0]) as PeerDidNumAlgo + } + + private get identifierWithoutNumAlgo() { + return this.parsedDid.id.substring(1) + } + + private isValidPeerDid(did: string): boolean { + const isValid = PEER_DID_REGEX.test(did) + + return isValid + } + + public get didDocument() { + // Method 1 (numAlgo 0) + if (this.numAlgo === PeerDidNumAlgo.InceptionKeyWithoutDoc) { + const key = Key.fromFingerprint(this.identifierWithoutNumAlgo) + return getDidDocumentForKey(this.parsedDid.did, key) + } + // Method 2 (numAlgo 1) + else if (this.numAlgo === PeerDidNumAlgo.GenesisDoc) { + if (!this._didDocument) { + throw new Error('No did document provided for method 1 peer did') + } + + // Clone the document, and set the id + const didDocument = instanceToInstance(this._didDocument) + didDocument.id = this.did + + return didDocument + } + // Method 3 (numAlgo 2) + else if (this.numAlgo === PeerDidNumAlgo.MultipleInceptionKeyWithoutDoc) { + const didDocument = didToNumAlgo2DidDocument(this.parsedDid.did) + + return didDocument + } + + throw new Error(`Unsupported numAlgo '${this.numAlgo}'`) + } +} diff --git a/packages/core/src/modules/dids/methods/peer/__tests__/DidPeer.test.ts~9399a710 (feat: find existing connection based on invitation did (#698)) b/packages/core/src/modules/dids/methods/peer/__tests__/DidPeer.test.ts~9399a710 (feat: find existing connection based on invitation did (#698)) new file mode 100644 index 0000000000..abc697a492 --- /dev/null +++ b/packages/core/src/modules/dids/methods/peer/__tests__/DidPeer.test.ts~9399a710 (feat: find existing connection based on invitation did (#698)) @@ -0,0 +1,117 @@ +import { JsonTransformer } from '../../../../../utils' +import didKeyBls12381g1 from '../../../__tests__/__fixtures__/didKeyBls12381g1.json' +import didKeyBls12381g1g2 from '../../../__tests__/__fixtures__/didKeyBls12381g1g2.json' +import didKeyBls12381g2 from '../../../__tests__/__fixtures__/didKeyBls12381g2.json' +import didKeyEd25519 from '../../../__tests__/__fixtures__/didKeyEd25519.json' +import didKeyX25519 from '../../../__tests__/__fixtures__/didKeyX25519.json' +import { DidDocument, Key } from '../../../domain' +import { DidPeer, PeerDidNumAlgo } from '../DidPeer' +import { outOfBandServiceToNumAlgo2Did } from '../peerDidNumAlgo2' + +import didPeer1zQmRDidCommServices from './__fixtures__/didPeer1zQmR-did-comm-service.json' +import didPeer1zQmR from './__fixtures__/didPeer1zQmR.json' +import didPeer1zQmZ from './__fixtures__/didPeer1zQmZ.json' +import didPeer2Ez6L from './__fixtures__/didPeer2Ez6L.json' + +describe('DidPeer', () => { + test('transforms a key correctly into a peer did method 0 did document', async () => { + const didDocuments = [didKeyEd25519, didKeyBls12381g1, didKeyX25519, didKeyBls12381g1g2, didKeyBls12381g2] + + for (const didDocument of didDocuments) { + const key = Key.fromFingerprint(didDocument.id.split(':')[2]) + + const didPeer = DidPeer.fromKey(key) + const expectedDidPeerDocument = JSON.parse( + JSON.stringify(didDocument).replace(new RegExp('did:key:', 'g'), 'did:peer:0') + ) + + expect(didPeer.didDocument.toJSON()).toMatchObject(expectedDidPeerDocument) + } + }) + + test('transforms a method 2 did correctly into a did document', () => { + expect(DidPeer.fromDid(didPeer2Ez6L.id).didDocument.toJSON()).toMatchObject(didPeer2Ez6L) + }) + + test('transforms a method 0 did correctly into a did document', () => { + const didDocuments = [didKeyEd25519, didKeyBls12381g1, didKeyX25519, didKeyBls12381g1g2, didKeyBls12381g2] + + for (const didDocument of didDocuments) { + const didPeer = DidPeer.fromDid(didDocument.id.replace('did:key:', 'did:peer:0')) + const expectedDidPeerDocument = JSON.parse( + JSON.stringify(didDocument).replace(new RegExp('did:key:', 'g'), 'did:peer:0') + ) + + expect(didPeer.didDocument.toJSON()).toMatchObject(expectedDidPeerDocument) + } + }) + + test('transforms a did document into a valid method 2 did', () => { + const didPeer2 = DidPeer.fromDidDocument( + JsonTransformer.fromJSON(didPeer2Ez6L, DidDocument), + PeerDidNumAlgo.MultipleInceptionKeyWithoutDoc + ) + + expect(didPeer2.did).toBe(didPeer2Ez6L.id) + }) + + test('transforms a did comm service into a valid method 2 did', () => { + const didDocument = JsonTransformer.fromJSON(didPeer1zQmRDidCommServices, DidDocument) + const peerDid = outOfBandServiceToNumAlgo2Did(didDocument.didCommServices[0]) + const peerDidInstance = DidPeer.fromDid(peerDid) + + // TODO the following `console.log` statement throws an error "TypeError: Cannot read property 'toLowerCase' + // of undefined" because of this: + // + // `service.id = `${did}#${service.type.toLowerCase()}-${serviceIndex++}`` + + // console.log(peerDidInstance.didDocument) + + expect(peerDid).toBe( + 'did:peer:2.Ez6MkpTHR8VNsBxYAAWHut2Geadd9jSwuBV8xRoAnwWsdvktH.SeyJzIjoiaHR0cHM6Ly9leGFtcGxlLmNvbS9lbmRwb2ludCJ9' + ) + expect(peerDid).toBe(peerDidInstance.did) + }) + + test('transforms a did document into a valid method 1 did', () => { + const didPeer1 = DidPeer.fromDidDocument( + JsonTransformer.fromJSON(didPeer1zQmR, DidDocument), + PeerDidNumAlgo.GenesisDoc + ) + + expect(didPeer1.did).toBe(didPeer1zQmR.id) + }) + + // FIXME: we need some input data from AFGO for this test to succeed (we create a hash of the document, so any inconsistency is fatal) + xtest('transforms a did document from aries-framework-go into a valid method 1 did', () => { + const didPeer1 = DidPeer.fromDidDocument( + JsonTransformer.fromJSON(didPeer1zQmZ, DidDocument), + PeerDidNumAlgo.GenesisDoc + ) + + expect(didPeer1.did).toBe(didPeer1zQmZ.id) + }) + + test('extracts the numAlgo from the peer did', async () => { + // NumAlgo 0 + const key = Key.fromFingerprint(didKeyEd25519.id.split(':')[2]) + const didPeerNumAlgo0 = DidPeer.fromKey(key) + + expect(didPeerNumAlgo0.numAlgo).toBe(PeerDidNumAlgo.InceptionKeyWithoutDoc) + expect(DidPeer.fromDid('did:peer:0z6Mkk7yqnGF3YwTrLpqrW6PGsKci7dNqh1CjnvMbzrMerSeL').numAlgo).toBe( + PeerDidNumAlgo.InceptionKeyWithoutDoc + ) + + // NumAlgo 1 + const peerDidNumAlgo1 = 'did:peer:1zQmZMygzYqNwU6Uhmewx5Xepf2VLp5S4HLSwwgf2aiKZuwa' + expect(DidPeer.fromDid(peerDidNumAlgo1).numAlgo).toBe(PeerDidNumAlgo.GenesisDoc) + + // NumAlgo 2 + const peerDidNumAlgo2 = + 'did:peer:2.Ez6LSbysY2xFMRpGMhb7tFTLMpeuPRaqaWM1yECx2AtzE3KCc.Vz6MkqRYqQiSgvZQdnBytw86Qbs2ZWUkGv22od935YF4s8M7V.Vz6MkgoLTnTypo3tDRwCkZXSccTPHRLhF4ZnjhueYAFpEX6vg.SeyJ0IjoiZG0iLCJzIjoiaHR0cHM6Ly9leGFtcGxlLmNvbS9lbmRwb2ludCIsInIiOlsiZGlkOmV4YW1wbGU6c29tZW1lZGlhdG9yI3NvbWVrZXkiXSwiYSI6WyJkaWRjb21tL3YyIiwiZGlkY29tbS9haXAyO2Vudj1yZmM1ODciXX0' + expect(DidPeer.fromDid(peerDidNumAlgo2).numAlgo).toBe(PeerDidNumAlgo.MultipleInceptionKeyWithoutDoc) + expect(DidPeer.fromDidDocument(JsonTransformer.fromJSON(didPeer2Ez6L, DidDocument)).numAlgo).toBe( + PeerDidNumAlgo.MultipleInceptionKeyWithoutDoc + ) + }) +}) diff --git a/packages/core/src/modules/dids/methods/peer/__tests__/__fixtures__/didPeer1zQmR-did-comm-service.json b/packages/core/src/modules/dids/methods/peer/__tests__/__fixtures__/didPeer1zQmR-did-comm-service.json new file mode 100644 index 0000000000..addf924368 --- /dev/null +++ b/packages/core/src/modules/dids/methods/peer/__tests__/__fixtures__/didPeer1zQmR-did-comm-service.json @@ -0,0 +1,23 @@ +{ + "@context": ["https://w3id.org/did/v1"], + "id": "did:peer:1zQmRYBx1pL86DrsxoJ2ZD3w42d7Ng92ErPgFsCSqg8Q1h4i", + "keyAgreement": [ + { + "id": "#6MkqRYqQiSgvZQdnBytw86Qbs2ZWUkGv22od935YF4s8M7V", + "type": "Ed25519VerificationKey2018", + "publicKeyBase58": "ByHnpUCFb1vAfh9CFZ8ZkmUZguURW8nSw889hy6rD8L7" + } + ], + "service": [ + { + "id": "#service-0", + "type": "did-communication", + "serviceEndpoint": "https://example.com/endpoint", + "recipientKeys": ["#6MkqRYqQiSgvZQdnBytw86Qbs2ZWUkGv22od935YF4s8M7V"], + "routingKeys": [ + "did:key:z6MkpTHR8VNsBxYAAWHut2Geadd9jSwuBV8xRoAnwWsdvktH#z6MkpTHR8VNsBxYAAWHut2Geadd9jSwuBV8xRoAnwWsdvktH" + ], + "accept": ["didcomm/v2", "didcomm/aip2;env=rfc587"] + } + ] +} diff --git a/packages/core/src/modules/dids/methods/peer/__tests__/peerDidNumAlgo2.test.ts b/packages/core/src/modules/dids/methods/peer/__tests__/peerDidNumAlgo2.test.ts index 3bc4f7af9c..bb1a2e7f52 100644 --- a/packages/core/src/modules/dids/methods/peer/__tests__/peerDidNumAlgo2.test.ts +++ b/packages/core/src/modules/dids/methods/peer/__tests__/peerDidNumAlgo2.test.ts @@ -1,6 +1,7 @@ import { JsonTransformer } from '../../../../../utils' +import { OutOfBandDidCommService } from '../../../../oob/domain/OutOfBandDidCommService' import { DidDocument } from '../../../domain' -import { didToNumAlgo2DidDocument, didDocumentToNumAlgo2Did } from '../peerDidNumAlgo2' +import { didToNumAlgo2DidDocument, didDocumentToNumAlgo2Did, outOfBandServiceToNumAlgo2Did } from '../peerDidNumAlgo2' import didPeer2Ez6L from './__fixtures__/didPeer2Ez6L.json' import didPeer2Ez6LMoreServices from './__fixtures__/didPeer2Ez6LMoreServices.json' @@ -23,4 +24,23 @@ describe('peerDidNumAlgo2', () => { expect(didDocumentToNumAlgo2Did(didDocument)).toBe(expectedDid) }) }) + + describe('outOfBandServiceToNumAlgo2Did', () => { + test('transforms a did comm service into a valid method 2 did', () => { + const service = new OutOfBandDidCommService({ + id: '#service-0', + serviceEndpoint: 'https://example.com/endpoint', + recipientKeys: ['did:key:z6MkqRYqQiSgvZQdnBytw86Qbs2ZWUkGv22od935YF4s8M7V'], + routingKeys: ['did:key:z6MkpTHR8VNsBxYAAWHut2Geadd9jSwuBV8xRoAnwWsdvktH'], + accept: ['didcomm/v2', 'didcomm/aip2;env=rfc587'], + }) + const peerDid = outOfBandServiceToNumAlgo2Did(service) + const peerDidDocument = didToNumAlgo2DidDocument(peerDid) + + expect(peerDid).toBe( + 'did:peer:2.SeyJzIjoiaHR0cHM6Ly9leGFtcGxlLmNvbS9lbmRwb2ludCIsInQiOiJkaWQtY29tbXVuaWNhdGlvbiIsInByaW9yaXR5IjowLCJyZWNpcGllbnRLZXlzIjpbImRpZDprZXk6ejZNa3FSWXFRaVNndlpRZG5CeXR3ODZRYnMyWldVa0d2MjJvZDkzNVlGNHM4TTdWI3o2TWtxUllxUWlTZ3ZaUWRuQnl0dzg2UWJzMlpXVWtHdjIyb2Q5MzVZRjRzOE03ViJdLCJyIjpbImRpZDprZXk6ejZNa3BUSFI4Vk5zQnhZQUFXSHV0MkdlYWRkOWpTd3VCVjh4Um9BbndXc2R2a3RII3o2TWtwVEhSOFZOc0J4WUFBV0h1dDJHZWFkZDlqU3d1QlY4eFJvQW53V3Nkdmt0SCJdLCJhIjpbImRpZGNvbW0vdjIiLCJkaWRjb21tL2FpcDI7ZW52PXJmYzU4NyJdfQ' + ) + expect(peerDid).toBe(peerDidDocument.id) + }) + }) }) diff --git a/packages/core/src/modules/dids/methods/peer/peerDidNumAlgo0.ts b/packages/core/src/modules/dids/methods/peer/peerDidNumAlgo0.ts index 11a8dcbe14..9842b99f44 100644 --- a/packages/core/src/modules/dids/methods/peer/peerDidNumAlgo0.ts +++ b/packages/core/src/modules/dids/methods/peer/peerDidNumAlgo0.ts @@ -1,15 +1,13 @@ import { Key } from '../../domain/Key' -import { getKeyDidMappingByKeyType } from '../../domain/key-type' +import { getDidDocumentForKey } from '../../domain/keyDidDocument' import { parseDid } from '../../domain/parse' import { getNumAlgoFromPeerDid, isValidPeerDid, PeerDidNumAlgo } from './didPeer' export function keyToNumAlgo0DidDocument(key: Key) { - const { getDidDocument } = getKeyDidMappingByKeyType(key.keyType) - const did = `did:peer:0${key.fingerprint}` - return getDidDocument(did, key) + return getDidDocumentForKey(did, key) } export function didToNumAlgo0DidDocument(did: string) { @@ -26,7 +24,5 @@ export function didToNumAlgo0DidDocument(did: string) { const key = Key.fromFingerprint(parsed.id.substring(1)) - const { getDidDocument } = getKeyDidMappingByKeyType(key.keyType) - - return getDidDocument(did, key) + return getDidDocumentForKey(did, key) } diff --git a/packages/core/src/modules/dids/methods/peer/peerDidNumAlgo2.ts b/packages/core/src/modules/dids/methods/peer/peerDidNumAlgo2.ts index c873a9b508..880cfd9ce4 100644 --- a/packages/core/src/modules/dids/methods/peer/peerDidNumAlgo2.ts +++ b/packages/core/src/modules/dids/methods/peer/peerDidNumAlgo2.ts @@ -1,11 +1,13 @@ import type { JsonObject } from '../../../../types' +import type { OutOfBandDidCommService } from '../../../oob/domain/OutOfBandDidCommService' import type { DidDocument, VerificationMethod } from '../../domain' import { JsonEncoder, JsonTransformer } from '../../../../utils' -import { DidDocumentService, Key } from '../../domain' +import { DidCommV1Service, DidDocumentService, Key } from '../../domain' import { DidDocumentBuilder } from '../../domain/DidDocumentBuilder' import { getKeyDidMappingByKeyType, getKeyDidMappingByVerificationMethod } from '../../domain/key-type' import { parseDid } from '../../domain/parse' +import { DidKey } from '../key' enum DidPeerPurpose { Assertion = 'A', @@ -107,7 +109,9 @@ export function didDocumentToNumAlgo2Did(didDocument: DidDocument) { if (entries === undefined) continue // Dereference all entries to full verification methods - const dereferenced = entries.map((entry) => (typeof entry === 'string' ? didDocument.dereferenceKey(entry) : entry)) + const dereferenced = entries.map((entry) => + typeof entry === 'string' ? didDocument.dereferenceVerificationMethod(entry) : entry + ) // Transform als verification methods into a fingerprint (multibase, multicodec) const encoded = dereferenced.map((entry) => { @@ -145,6 +149,33 @@ export function didDocumentToNumAlgo2Did(didDocument: DidDocument) { return did } +export function outOfBandServiceToNumAlgo2Did(service: OutOfBandDidCommService) { + // FIXME: add the key entries for the recipientKeys to the did document. + const didDocument = new DidDocumentBuilder('') + .addService( + new DidCommV1Service({ + id: service.id, + serviceEndpoint: service.serviceEndpoint, + accept: service.accept, + // FIXME: this should actually be local key references, not did:key:123#456 references + recipientKeys: service.recipientKeys.map((recipientKey) => { + const did = DidKey.fromDid(recipientKey) + return `${did.did}#${did.key.fingerprint}` + }), + // Map did:key:xxx to actual did:key:xxx#123 + routingKeys: service.routingKeys?.map((routingKey) => { + const did = DidKey.fromDid(routingKey) + return `${did.did}#${did.key.fingerprint}` + }), + }) + ) + .build() + + const did = didDocumentToNumAlgo2Did(didDocument) + + return did +} + function expandServiceAbbreviations(service: JsonObject) { const expand = (abbreviated: string) => didPeerExpansions[abbreviated] ?? abbreviated diff --git a/packages/core/src/modules/dids/methods/sov/SovDidResolver.ts b/packages/core/src/modules/dids/methods/sov/SovDidResolver.ts index 91a64f560a..e0771577df 100644 --- a/packages/core/src/modules/dids/methods/sov/SovDidResolver.ts +++ b/packages/core/src/modules/dids/methods/sov/SovDidResolver.ts @@ -8,7 +8,7 @@ import { TypedArrayEncoder } from '../../../../utils/TypedArrayEncoder' import { getFullVerkey } from '../../../../utils/did' import { DidDocumentService } from '../../domain' import { DidDocumentBuilder } from '../../domain/DidDocumentBuilder' -import { DidCommService } from '../../domain/service/DidCommService' +import { DidCommV1Service } from '../../domain/service/DidCommV1Service' import { DidCommV2Service } from '../../domain/service/DidCommV2Service' export class SovDidResolver implements DidResolver { @@ -119,7 +119,7 @@ export class SovDidResolver implements DidResolver { // If 'did-communication' included in types, add DIDComm v1 entry if (processedTypes.includes('did-communication')) { builder.addService( - new DidCommService({ + new DidCommV1Service({ id: `${parsed.did}#did-communication`, serviceEndpoint: endpoint, priority: 0, diff --git a/packages/core/src/modules/dids/repository/DidRecord.ts b/packages/core/src/modules/dids/repository/DidRecord.ts index da44474eb6..b72358b02a 100644 --- a/packages/core/src/modules/dids/repository/DidRecord.ts +++ b/packages/core/src/modules/dids/repository/DidRecord.ts @@ -17,7 +17,7 @@ export interface DidRecordProps { } interface CustomDidTags extends TagsBase { - recipientKeys?: string[] + recipientKeyFingerprints?: string[] } type DefaultDidTags = { diff --git a/packages/core/src/modules/dids/repository/DidRepository.ts b/packages/core/src/modules/dids/repository/DidRepository.ts index 226347e3c0..3acf53cae5 100644 --- a/packages/core/src/modules/dids/repository/DidRepository.ts +++ b/packages/core/src/modules/dids/repository/DidRepository.ts @@ -1,3 +1,5 @@ +import type { Key } from '../domain/Key' + import { inject, scoped, Lifecycle } from 'tsyringe' import { InjectionSymbols } from '../../../constants' @@ -12,7 +14,11 @@ export class DidRepository extends Repository { super(DidRecord, storageService) } - public findByVerkey(verkey: string) { - return this.findSingleByQuery({ recipientKeys: [verkey] }) + public findByRecipientKey(recipientKey: Key) { + return this.findSingleByQuery({ recipientKeyFingerprints: [recipientKey.fingerprint] }) + } + + public findAllByRecipientKey(recipientKey: Key) { + return this.findByQuery({ recipientKeyFingerprints: [recipientKey.fingerprint] }) } } diff --git a/packages/core/src/modules/dids/services/DidResolverService.ts b/packages/core/src/modules/dids/services/DidResolverService.ts index 4bc0ec93f4..efab110883 100644 --- a/packages/core/src/modules/dids/services/DidResolverService.ts +++ b/packages/core/src/modules/dids/services/DidResolverService.ts @@ -5,6 +5,7 @@ import type { DidResolutionOptions, DidResolutionResult, ParsedDid } from '../ty import { Lifecycle, scoped } from 'tsyringe' import { AgentConfig } from '../../../agent/AgentConfig' +import { AriesFrameworkError } from '../../../error' import { IndyLedgerService } from '../../ledger' import { parseDid } from '../domain/parse' import { KeyDidResolver } from '../methods/key/KeyDidResolver' @@ -59,6 +60,18 @@ export class DidResolverService { return resolver.resolve(parsed.did, parsed, options) } + public async resolveDidDocument(did: string) { + const { + didDocument, + didResolutionMetadata: { error, message }, + } = await this.resolve(did) + + if (!didDocument) { + throw new AriesFrameworkError(`Unable to resolve did document for did '${did}': ${error} ${message}`) + } + return didDocument + } + private findResolver(parsed: ParsedDid): DidResolver | null { return this.resolvers.find((r) => r.supportedMethods.includes(parsed.method)) ?? null } diff --git a/packages/core/src/modules/oob/OutOfBandModule.ts b/packages/core/src/modules/oob/OutOfBandModule.ts new file mode 100644 index 0000000000..4bc8fcea37 --- /dev/null +++ b/packages/core/src/modules/oob/OutOfBandModule.ts @@ -0,0 +1,675 @@ +import type { AgentMessage } from '../../agent/AgentMessage' +import type { AgentMessageReceivedEvent } from '../../agent/Events' +import type { Logger } from '../../logger' +import type { ConnectionRecord, Routing } from '../../modules/connections' +import type { PlaintextMessage } from '../../types' +import type { Key } from '../dids' +import type { HandshakeReusedEvent, OutOfBandStateChangedEvent } from './domain/OutOfBandEvents' + +import { parseUrl } from 'query-string' +import { catchError, EmptyError, first, firstValueFrom, map, of, timeout } from 'rxjs' +import { Lifecycle, scoped } from 'tsyringe' + +import { AgentConfig } from '../../agent/AgentConfig' +import { Dispatcher } from '../../agent/Dispatcher' +import { EventEmitter } from '../../agent/EventEmitter' +import { AgentEventTypes } from '../../agent/Events' +import { MessageSender } from '../../agent/MessageSender' +import { createOutboundMessage } from '../../agent/helpers' +import { ServiceDecorator } from '../../decorators/service/ServiceDecorator' +import { AriesFrameworkError } from '../../error' +import { + DidExchangeState, + HandshakeProtocol, + ConnectionInvitationMessage, + ConnectionsModule, +} from '../../modules/connections' +import { JsonTransformer } from '../../utils' +import { DidsModule } from '../dids' +import { didKeyToVerkey, verkeyToDidKey } from '../dids/helpers' +import { outOfBandServiceToNumAlgo2Did } from '../dids/methods/peer/peerDidNumAlgo2' +import { MediationRecipientService } from '../routing' + +import { OutOfBandService } from './OutOfBandService' +import { OutOfBandDidCommService } from './domain/OutOfBandDidCommService' +import { OutOfBandEventTypes } from './domain/OutOfBandEvents' +import { OutOfBandRole } from './domain/OutOfBandRole' +import { OutOfBandState } from './domain/OutOfBandState' +import { HandshakeReuseHandler } from './handlers' +import { HandshakeReuseAcceptedHandler } from './handlers/HandshakeReuseAcceptedHandler' +import { convertToNewInvitation, convertToOldInvitation } from './helpers' +import { OutOfBandInvitation } from './messages' +import { OutOfBandRecord } from './repository/OutOfBandRecord' + +const didCommProfiles = ['didcomm/aip1', 'didcomm/aip2;env=rfc19'] + +export interface CreateOutOfBandInvitationConfig { + label?: string + alias?: string + imageUrl?: string + goalCode?: string + goal?: string + handshake?: boolean + handshakeProtocols?: HandshakeProtocol[] + messages?: AgentMessage[] + multiUseInvitation?: boolean + autoAcceptConnection?: boolean + routing?: Routing +} + +export interface ReceiveOutOfBandInvitationConfig { + label?: string + alias?: string + imageUrl?: string + autoAcceptInvitation?: boolean + autoAcceptConnection?: boolean + reuseConnection?: boolean + routing?: Routing +} + +@scoped(Lifecycle.ContainerScoped) +export class OutOfBandModule { + private outOfBandService: OutOfBandService + private mediationRecipientService: MediationRecipientService + private connectionsModule: ConnectionsModule + private dids: DidsModule + private dispatcher: Dispatcher + private messageSender: MessageSender + private eventEmitter: EventEmitter + private agentConfig: AgentConfig + private logger: Logger + + public constructor( + dispatcher: Dispatcher, + agentConfig: AgentConfig, + outOfBandService: OutOfBandService, + mediationRecipientService: MediationRecipientService, + connectionsModule: ConnectionsModule, + dids: DidsModule, + messageSender: MessageSender, + eventEmitter: EventEmitter + ) { + this.dispatcher = dispatcher + this.agentConfig = agentConfig + this.logger = agentConfig.logger + this.outOfBandService = outOfBandService + this.mediationRecipientService = mediationRecipientService + this.connectionsModule = connectionsModule + this.dids = dids + this.messageSender = messageSender + this.eventEmitter = eventEmitter + this.registerHandlers(dispatcher) + } + + /** + * Creates an outbound out-of-band record containing out-of-band invitation message defined in + * Aries RFC 0434: Out-of-Band Protocol 1.1. + * + * It automatically adds all supported handshake protocols by agent to `hanshake_protocols`. You + * can modify this by setting `handshakeProtocols` in `config` parameter. If you want to create + * invitation without handhsake, you can set `handshake` to `false`. + * + * If `config` parameter contains `messages` it adds them to `requests~attach` attribute. + * + * Agent role: sender (inviter) + * + * @param config configuration of how out-of-band invitation should be created + * @returns out-of-band record + */ + public async createInvitation(config: CreateOutOfBandInvitationConfig = {}): Promise { + const multiUseInvitation = config.multiUseInvitation ?? false + const handshake = config.handshake ?? true + const customHandshakeProtocols = config.handshakeProtocols + const autoAcceptConnection = config.autoAcceptConnection ?? this.agentConfig.autoAcceptConnections + // We don't want to treat an empty array as messages being provided + const messages = config.messages && config.messages.length > 0 ? config.messages : undefined + const label = config.label ?? this.agentConfig.label + const imageUrl = config.imageUrl ?? this.agentConfig.connectionImageUrl + + if (!handshake && !messages) { + throw new AriesFrameworkError( + 'One or both of handshake_protocols and requests~attach MUST be included in the message.' + ) + } + + if (!handshake && customHandshakeProtocols) { + throw new AriesFrameworkError(`Attribute 'handshake' can not be 'false' when 'handshakeProtocols' is defined.`) + } + + // For now we disallow creating multi-use invitation with attachments. This would mean we need multi-use + // credential and presentation exchanges. + if (messages && multiUseInvitation) { + throw new AriesFrameworkError("Attribute 'multiUseInvitation' can not be 'true' when 'messages' is defined.") + } + + let handshakeProtocols + if (handshake) { + // Find supported handshake protocol preserving the order of handshake protocols defined + // by agent + if (customHandshakeProtocols) { + this.assertHandshakeProtocols(customHandshakeProtocols) + handshakeProtocols = customHandshakeProtocols + } else { + handshakeProtocols = this.getSupportedHandshakeProtocols() + } + } + + const routing = config.routing ?? (await this.mediationRecipientService.getRouting({})) + + const services = routing.endpoints.map((endpoint, index) => { + return new OutOfBandDidCommService({ + id: `#inline-${index}`, + serviceEndpoint: endpoint, + recipientKeys: [routing.verkey].map(verkeyToDidKey), + routingKeys: routing.routingKeys.map(verkeyToDidKey), + }) + }) + + const options = { + label, + goal: config.goal, + goalCode: config.goalCode, + imageUrl, + accept: didCommProfiles, + services, + handshakeProtocols, + } + const outOfBandInvitation = new OutOfBandInvitation(options) + + if (messages) { + messages.forEach((message) => { + if (message.service) { + // We can remove `~service` attribute from message. Newer OOB messages have `services` attribute instead. + message.service = undefined + } + outOfBandInvitation.addRequest(message) + }) + } + + const outOfBandRecord = new OutOfBandRecord({ + did: routing.did, + mediatorId: routing.mediatorId, + role: OutOfBandRole.Sender, + state: OutOfBandState.AwaitResponse, + outOfBandInvitation: outOfBandInvitation, + reusable: multiUseInvitation, + autoAcceptConnection, + }) + + await this.outOfBandService.save(outOfBandRecord) + this.eventEmitter.emit({ + type: OutOfBandEventTypes.OutOfBandStateChanged, + payload: { + outOfBandRecord, + previousState: null, + }, + }) + + return outOfBandRecord + } + + /** + * Creates an outbound out-of-band record in the same way how `createInvitation` method does it, + * but it also converts out-of-band invitation message to an "legacy" invitation message defined + * in RFC 0160: Connection Protocol and returns it together with out-of-band record. + * + * Agent role: sender (inviter) + * + * @param config configuration of how out-of-band invitation should be created + * @returns out-of-band record and connection invitation + */ + public async createLegacyInvitation(config: CreateOutOfBandInvitationConfig = {}) { + if (config.handshake === false) { + throw new AriesFrameworkError( + `Invalid value of handshake in config. Value is ${config.handshake}, but this method supports only 'true' or 'undefined'.` + ) + } + if ( + !config.handshakeProtocols || + (config.handshakeProtocols?.length === 1 && config.handshakeProtocols.includes(HandshakeProtocol.Connections)) + ) { + const outOfBandRecord = await this.createInvitation({ + ...config, + handshakeProtocols: [HandshakeProtocol.Connections], + }) + return { outOfBandRecord, invitation: convertToOldInvitation(outOfBandRecord.outOfBandInvitation) } + } + throw new AriesFrameworkError( + `Invalid value of handshakeProtocols in config. Value is ${config.handshakeProtocols}, but this method supports only ${HandshakeProtocol.Connections}.` + ) + } + + /** + * Parses URL, decodes invitation and calls `receiveMessage` with parsed invitation message. + * + * Agent role: receiver (invitee) + * + * @param invitationUrl url containing a base64 encoded invitation to receive + * @param config configuration of how out-of-band invitation should be processed + * @returns out-of-band record and connection record if one has been created + */ + public async receiveInvitationFromUrl(invitationUrl: string, config: ReceiveOutOfBandInvitationConfig = {}) { + const message = await this.parseInvitation(invitationUrl) + return this.receiveInvitation(message, config) + } + + /** + * Parses URL containing encoded invitation and returns invitation message. + * + * @param invitationUrl URL containing encoded invitation + * + * @returns OutOfBandInvitation + */ + public async parseInvitation(invitationUrl: string) { + const parsedUrl = parseUrl(invitationUrl).query + if (parsedUrl['oob']) { + const outOfBandInvitation = await OutOfBandInvitation.fromUrl(invitationUrl) + return outOfBandInvitation + } else if (parsedUrl['c_i'] || parsedUrl['d_m']) { + const invitation = await ConnectionInvitationMessage.fromUrl(invitationUrl) + return convertToNewInvitation(invitation) + } + throw new AriesFrameworkError( + 'InvitationUrl is invalid. It needs to contain one, and only one, of the following parameters: `oob`, `c_i` or `d_m`.' + ) + } + + /** + * Creates inbound out-of-band record and assigns out-of-band invitation message to it if the + * message is valid. It automatically passes out-of-band invitation for further processing to + * `acceptInvitation` method. If you don't want to do that you can set `autoAcceptInvitation` + * attribute in `config` parameter to `false` and accept the message later by calling + * `acceptInvitation`. + * + * It supports both OOB (Aries RFC 0434: Out-of-Band Protocol 1.1) and Connection Invitation + * (0160: Connection Protocol). + * + * Agent role: receiver (invitee) + * + * @param outOfBandInvitation + * @param config config for handling of invitation + * + * @returns out-of-band record and connection record if one has been created. + */ + public async receiveInvitation( + outOfBandInvitation: OutOfBandInvitation, + config: ReceiveOutOfBandInvitationConfig = {} + ): Promise<{ outOfBandRecord: OutOfBandRecord; connectionRecord?: ConnectionRecord }> { + const { handshakeProtocols } = outOfBandInvitation + const { routing } = config + + const autoAcceptInvitation = config.autoAcceptInvitation ?? true + const autoAcceptConnection = config.autoAcceptConnection ?? true + const reuseConnection = config.reuseConnection ?? false + const label = config.label ?? this.agentConfig.label + const alias = config.alias + const imageUrl = config.imageUrl ?? this.agentConfig.connectionImageUrl + + const messages = outOfBandInvitation.getRequests() + + if ((!handshakeProtocols || handshakeProtocols.length === 0) && (!messages || messages?.length === 0)) { + throw new AriesFrameworkError( + 'One or both of handshake_protocols and requests~attach MUST be included in the message.' + ) + } + + // Make sure we haven't processed this invitation before. + let outOfBandRecord = await this.findByInvitationId(outOfBandInvitation.id) + if (outOfBandRecord) { + throw new AriesFrameworkError( + `An out of band record with invitation ${outOfBandInvitation.id} already exists. Invitations should have a unique id.` + ) + } + + outOfBandRecord = new OutOfBandRecord({ + role: OutOfBandRole.Receiver, + state: OutOfBandState.Initial, + outOfBandInvitation: outOfBandInvitation, + autoAcceptConnection, + }) + await this.outOfBandService.save(outOfBandRecord) + this.eventEmitter.emit({ + type: OutOfBandEventTypes.OutOfBandStateChanged, + payload: { + outOfBandRecord, + previousState: null, + }, + }) + + if (autoAcceptInvitation) { + return await this.acceptInvitation(outOfBandRecord.id, { + label, + alias, + imageUrl, + autoAcceptConnection, + reuseConnection, + routing, + }) + } + + return { outOfBandRecord } + } + + /** + * Creates a connection if the out-of-band invitation message contains `handshake_protocols` + * attribute, except for the case when connection already exists and `reuseConnection` is enabled. + * + * It passes first supported message from `requests~attach` attribute to the agent, except for the + * case reuse of connection is applied when it just sends `handshake-reuse` message to existing + * connection. + * + * Agent role: receiver (invitee) + * + * @param outOfBandId + * @param config + * @returns out-of-band record and connection record if one has been created. + */ + public async acceptInvitation( + outOfBandId: string, + config: { + autoAcceptConnection?: boolean + reuseConnection?: boolean + label?: string + alias?: string + imageUrl?: string + mediatorId?: string + routing?: Routing + } + ) { + const outOfBandRecord = await this.outOfBandService.getById(outOfBandId) + + const { outOfBandInvitation } = outOfBandRecord + const { label, alias, imageUrl, autoAcceptConnection, reuseConnection, routing } = config + const { handshakeProtocols, services } = outOfBandInvitation + const messages = outOfBandInvitation.getRequests() + + const existingConnection = await this.findExistingConnection(services) + + await this.outOfBandService.updateState(outOfBandRecord, OutOfBandState.PrepareResponse) + + if (handshakeProtocols) { + this.logger.debug('Out of band message contains handshake protocols.') + + let connectionRecord + if (existingConnection && reuseConnection) { + this.logger.debug( + `Connection already exists and reuse is enabled. Reusing an existing connection with ID ${existingConnection.id}.` + ) + + if (!messages) { + this.logger.debug('Out of band message does not contain any request messages.') + const isHandshakeReuseSuccessful = await this.handleHandshakeReuse(outOfBandRecord, existingConnection) + + // Handshake reuse was successful + if (isHandshakeReuseSuccessful) { + this.logger.debug(`Handshake reuse successful. Reusing existing connection ${existingConnection.id}.`) + connectionRecord = existingConnection + } else { + // Handshake reuse failed. Not setting connection record + this.logger.debug(`Handshake reuse failed. Not using existing connection ${existingConnection.id}.`) + } + } else { + // Handshake reuse because we found a connection and we can respond directly to the message + this.logger.debug(`Reusing existing connection ${existingConnection.id}.`) + connectionRecord = existingConnection + } + } + + // If no existing connection was found, reuseConnection is false, or we didn't receive a + // handshake-reuse-accepted message we create a new connection + if (!connectionRecord) { + this.logger.debug('Connection does not exist or reuse is disabled. Creating a new connection.') + // Find first supported handshake protocol preserving the order of handshake protocols + // defined by `handshake_protocols` attribute in the invitation message + const handshakeProtocol = this.getFirstSupportedProtocol(handshakeProtocols) + connectionRecord = await this.connectionsModule.acceptOutOfBandInvitation(outOfBandRecord, { + label, + alias, + imageUrl, + autoAcceptConnection, + protocol: handshakeProtocol, + routing, + }) + } + + if (messages) { + this.logger.debug('Out of band message contains request messages.') + if (connectionRecord.isReady) { + await this.emitWithConnection(connectionRecord, messages) + } else { + // Wait until the connection is ready and then pass the messages to the agent for further processing + this.connectionsModule + .returnWhenIsConnected(connectionRecord.id) + .then((connectionRecord) => this.emitWithConnection(connectionRecord, messages)) + .catch((error) => { + if (error instanceof EmptyError) { + this.logger.warn( + `Agent unsubscribed before connection got into ${DidExchangeState.Completed} state`, + error + ) + } else { + this.logger.error('Promise waiting for the connection to be complete failed.', error) + } + }) + } + } + return { outOfBandRecord, connectionRecord } + } else if (messages) { + this.logger.debug('Out of band message contains only request messages.') + if (existingConnection) { + this.logger.debug('Connection already exists.', { connectionId: existingConnection.id }) + await this.emitWithConnection(existingConnection, messages) + } else { + await this.emitWithServices(services, messages) + } + } + return { outOfBandRecord } + } + + public async findByRecipientKey(recipientKey: Key) { + return this.outOfBandService.findByRecipientKey(recipientKey) + } + + public async findByInvitationId(invitationId: string) { + return this.outOfBandService.findByInvitationId(invitationId) + } + + /** + * Retrieve all out of bands records + * + * @returns List containing all out of band records + */ + public getAll() { + return this.outOfBandService.getAll() + } + + /** + * Retrieve a out of band record by id + * + * @param outOfBandId The out of band record id + * @throws {RecordNotFoundError} If no record is found + * @return The out of band record + * + */ + public getById(outOfBandId: string): Promise { + return this.outOfBandService.getById(outOfBandId) + } + + /** + * Find an out of band record by id + * + * @param outOfBandId the out of band record id + * @returns The out of band record or null if not found + */ + public findById(outOfBandId: string): Promise { + return this.outOfBandService.findById(outOfBandId) + } + + /** + * Delete an out of band record by id + * + * @param outOfBandId the out of band record id + */ + public async deleteById(outOfBandId: string) { + return this.outOfBandService.deleteById(outOfBandId) + } + + private assertHandshakeProtocols(handshakeProtocols: HandshakeProtocol[]) { + if (!this.areHandshakeProtocolsSupported(handshakeProtocols)) { + const supportedProtocols = this.getSupportedHandshakeProtocols() + throw new AriesFrameworkError( + `Handshake protocols [${handshakeProtocols}] are not supported. Supported protocols are [${supportedProtocols}]` + ) + } + } + + private areHandshakeProtocolsSupported(handshakeProtocols: HandshakeProtocol[]) { + const supportedProtocols = this.getSupportedHandshakeProtocols() + return handshakeProtocols.every((p) => supportedProtocols.includes(p)) + } + + private getSupportedHandshakeProtocols(): HandshakeProtocol[] { + const handshakeMessageFamilies = ['https://didcomm.org/didexchange', 'https://didcomm.org/connections'] + const handshakeProtocols = this.dispatcher.filterSupportedProtocolsByMessageFamilies(handshakeMessageFamilies) + + if (handshakeProtocols.length === 0) { + throw new AriesFrameworkError('There is no handshake protocol supported. Agent can not create a connection.') + } + + // Order protocols according to `handshakeMessageFamilies` array + const orderedProtocols = handshakeMessageFamilies + .map((messageFamily) => handshakeProtocols.find((p) => p.startsWith(messageFamily))) + .filter((item): item is string => !!item) + + return orderedProtocols as HandshakeProtocol[] + } + + private getFirstSupportedProtocol(handshakeProtocols: HandshakeProtocol[]) { + const supportedProtocols = this.getSupportedHandshakeProtocols() + const handshakeProtocol = handshakeProtocols.find((p) => supportedProtocols.includes(p)) + if (!handshakeProtocol) { + throw new AriesFrameworkError( + `Handshake protocols [${handshakeProtocols}] are not supported. Supported protocols are [${supportedProtocols}]` + ) + } + return handshakeProtocol + } + + private async findExistingConnection(services: Array) { + this.logger.debug('Searching for an existing connection for out-of-band invitation services.', { services }) + + // TODO: for each did we should look for a connection with the invitation did OR a connection with theirDid that matches the service did + for (const didOrService of services) { + // We need to check if the service is an instance of string because of limitations from class-validator + if (typeof didOrService === 'string' || didOrService instanceof String) { + // TODO await this.connectionsModule.findByTheirDid() + throw new AriesFrameworkError('Dids are not currently supported in out-of-band invitation services attribute.') + } + + const did = outOfBandServiceToNumAlgo2Did(didOrService) + const connections = await this.connectionsModule.findByInvitationDid(did) + this.logger.debug(`Retrieved ${connections.length} connections for invitation did ${did}`) + + if (connections.length === 1) { + const [firstConnection] = connections + return firstConnection + } else if (connections.length > 1) { + this.logger.warn(`There is more than one connection created from invitationDid ${did}. Taking the first one.`) + const [firstConnection] = connections + return firstConnection + } + return null + } + } + + private async emitWithConnection(connectionRecord: ConnectionRecord, messages: PlaintextMessage[]) { + const plaintextMessage = messages.find((message) => + this.dispatcher.supportedMessageTypes.find((type) => type === message['@type']) + ) + + if (!plaintextMessage) { + throw new AriesFrameworkError('There is no message in requests~attach supported by agent.') + } + + this.logger.debug(`Message with type ${plaintextMessage['@type']} can be processed.`) + + this.eventEmitter.emit({ + type: AgentEventTypes.AgentMessageReceived, + payload: { + message: plaintextMessage, + connection: connectionRecord, + }, + }) + } + + private async emitWithServices(services: Array, messages: PlaintextMessage[]) { + if (!services || services.length === 0) { + throw new AriesFrameworkError(`There are no services. We can not emit messages`) + } + + const plaintextMessage = messages.find((message) => + this.dispatcher.supportedMessageTypes.find((type) => type === message['@type']) + ) + + if (!plaintextMessage) { + throw new AriesFrameworkError('There is no message in requests~attach supported by agent.') + } + + this.logger.debug(`Message with type ${plaintextMessage['@type']} can be processed.`) + + // The framework currently supports only older OOB messages with `~service` decorator. + // TODO: support receiving messages with other services so we don't have to transform the service + // to ~service decorator + const [service] = services + + if (typeof service === 'string') { + throw new AriesFrameworkError('Dids are not currently supported in out-of-band invitation services attribute.') + } + + const serviceDecorator = new ServiceDecorator({ + recipientKeys: service.recipientKeys.map(didKeyToVerkey), + routingKeys: service.routingKeys?.map(didKeyToVerkey) || [], + serviceEndpoint: service.serviceEndpoint, + }) + + plaintextMessage['~service'] = JsonTransformer.toJSON(serviceDecorator) + this.eventEmitter.emit({ + type: AgentEventTypes.AgentMessageReceived, + payload: { + message: plaintextMessage, + }, + }) + } + + private async handleHandshakeReuse(outOfBandRecord: OutOfBandRecord, connectionRecord: ConnectionRecord) { + const reuseMessage = await this.outOfBandService.createHandShakeReuse(outOfBandRecord, connectionRecord) + + const reuseAcceptedEventPromise = firstValueFrom( + this.eventEmitter.observable(OutOfBandEventTypes.HandshakeReused).pipe( + // Find the first reuse event where the handshake reuse accepted matches the reuse message thread + // TODO: Should we store the reuse state? Maybe we can keep it in memory for now + first( + (event) => + event.payload.reuseThreadId === reuseMessage.threadId && + event.payload.outOfBandRecord.id === outOfBandRecord.id && + event.payload.connectionRecord.id === connectionRecord.id + ), + // If the event is found, we return the value true + map(() => true), + timeout(15000), + // If timeout is reached, we return false + catchError(() => of(false)) + ) + ) + + const outbound = createOutboundMessage(connectionRecord, reuseMessage) + await this.messageSender.sendMessage(outbound) + + return reuseAcceptedEventPromise + } + + private registerHandlers(dispatcher: Dispatcher) { + dispatcher.registerHandler(new HandshakeReuseHandler(this.outOfBandService)) + dispatcher.registerHandler(new HandshakeReuseAcceptedHandler(this.outOfBandService)) + } +} diff --git a/packages/core/src/modules/oob/OutOfBandService.ts b/packages/core/src/modules/oob/OutOfBandService.ts new file mode 100644 index 0000000000..1ad4aa83bb --- /dev/null +++ b/packages/core/src/modules/oob/OutOfBandService.ts @@ -0,0 +1,168 @@ +import type { InboundMessageContext } from '../../agent/models/InboundMessageContext' +import type { ConnectionRecord } from '../connections' +import type { Key } from '../dids/domain/Key' +import type { HandshakeReusedEvent, OutOfBandStateChangedEvent } from './domain/OutOfBandEvents' +import type { OutOfBandRecord } from './repository' + +import { scoped, Lifecycle } from 'tsyringe' + +import { EventEmitter } from '../../agent/EventEmitter' +import { AriesFrameworkError } from '../../error' + +import { OutOfBandEventTypes } from './domain/OutOfBandEvents' +import { OutOfBandRole } from './domain/OutOfBandRole' +import { OutOfBandState } from './domain/OutOfBandState' +import { HandshakeReuseMessage } from './messages' +import { HandshakeReuseAcceptedMessage } from './messages/HandshakeReuseAcceptedMessage' +import { OutOfBandRepository } from './repository' + +@scoped(Lifecycle.ContainerScoped) +export class OutOfBandService { + private outOfBandRepository: OutOfBandRepository + private eventEmitter: EventEmitter + + public constructor(outOfBandRepository: OutOfBandRepository, eventEmitter: EventEmitter) { + this.outOfBandRepository = outOfBandRepository + this.eventEmitter = eventEmitter + } + + public async processHandshakeReuse(messageContext: InboundMessageContext) { + const reuseMessage = messageContext.message + const parentThreadId = reuseMessage.thread?.parentThreadId + + if (!parentThreadId) { + throw new AriesFrameworkError('handshake-reuse message must have a parent thread id') + } + + const outOfBandRecord = await this.findByInvitationId(parentThreadId) + if (!outOfBandRecord) { + throw new AriesFrameworkError('No out of band record found for handshake-reuse message') + } + + // Assert + outOfBandRecord.assertRole(OutOfBandRole.Sender) + outOfBandRecord.assertState(OutOfBandState.AwaitResponse) + + const requestLength = outOfBandRecord.outOfBandInvitation.getRequests()?.length ?? 0 + if (requestLength > 0) { + throw new AriesFrameworkError('Handshake reuse should only be used when no requests are present') + } + + const reusedConnection = messageContext.assertReadyConnection() + this.eventEmitter.emit({ + type: OutOfBandEventTypes.HandshakeReused, + payload: { + reuseThreadId: reuseMessage.threadId, + connectionRecord: reusedConnection, + outOfBandRecord, + }, + }) + + // If the out of band record is not reusable we can set the state to done + if (!outOfBandRecord.reusable) { + await this.updateState(outOfBandRecord, OutOfBandState.Done) + } + + const reuseAcceptedMessage = new HandshakeReuseAcceptedMessage({ + threadId: reuseMessage.threadId, + parentThreadId, + }) + + return reuseAcceptedMessage + } + + public async processHandshakeReuseAccepted(messageContext: InboundMessageContext) { + const reuseAcceptedMessage = messageContext.message + const parentThreadId = reuseAcceptedMessage.thread?.parentThreadId + + if (!parentThreadId) { + throw new AriesFrameworkError('handshake-reuse-accepted message must have a parent thread id') + } + + const outOfBandRecord = await this.findByInvitationId(parentThreadId) + if (!outOfBandRecord) { + throw new AriesFrameworkError('No out of band record found for handshake-reuse-accepted message') + } + + // Assert + outOfBandRecord.assertRole(OutOfBandRole.Receiver) + outOfBandRecord.assertState(OutOfBandState.PrepareResponse) + + const reusedConnection = messageContext.assertReadyConnection() + + // Checks whether the connection associated with reuse accepted message matches with the connection + // associated with the reuse message. + // FIXME: not really a fan of the reuseConnectionId, but it's the only way I can think of now to get the connection + // associated with the reuse message. Maybe we can at least move it to the metadata and remove it directly afterwards? + // But this is an issue in general that has also come up for ACA-Py. How do I find the connection associated with an oob record? + // Because it doesn't work really well with connection reuse. + if (outOfBandRecord.reuseConnectionId !== reusedConnection.id) { + throw new AriesFrameworkError('handshake-reuse-accepted is not in response to a handshake-reuse message.') + } + + this.eventEmitter.emit({ + type: OutOfBandEventTypes.HandshakeReused, + payload: { + reuseThreadId: reuseAcceptedMessage.threadId, + connectionRecord: reusedConnection, + outOfBandRecord, + }, + }) + + // receiver role is never reusable, so we can set the state to done + await this.updateState(outOfBandRecord, OutOfBandState.Done) + } + + public async createHandShakeReuse(outOfBandRecord: OutOfBandRecord, connectionRecord: ConnectionRecord) { + const reuseMessage = new HandshakeReuseMessage({ parentThreadId: outOfBandRecord.outOfBandInvitation.id }) + + // Store the reuse connection id + outOfBandRecord.reuseConnectionId = connectionRecord.id + await this.outOfBandRepository.update(outOfBandRecord) + + return reuseMessage + } + + public async save(outOfBandRecord: OutOfBandRecord) { + return this.outOfBandRepository.save(outOfBandRecord) + } + + public async updateState(outOfBandRecord: OutOfBandRecord, newState: OutOfBandState) { + const previousState = outOfBandRecord.state + outOfBandRecord.state = newState + await this.outOfBandRepository.update(outOfBandRecord) + + this.eventEmitter.emit({ + type: OutOfBandEventTypes.OutOfBandStateChanged, + payload: { + outOfBandRecord, + previousState, + }, + }) + } + + public async findById(outOfBandRecordId: string) { + return this.outOfBandRepository.findById(outOfBandRecordId) + } + + public async getById(outOfBandRecordId: string) { + return this.outOfBandRepository.getById(outOfBandRecordId) + } + + public async findByInvitationId(invitationId: string) { + return this.outOfBandRepository.findSingleByQuery({ invitationId }) + } + + public async findByRecipientKey(recipientKey: Key) { + return this.outOfBandRepository.findSingleByQuery({ recipientKeyFingerprints: [recipientKey.fingerprint] }) + } + + public async getAll() { + return this.outOfBandRepository.getAll() + } + + public async deleteById(outOfBandId: string) { + const outOfBandRecord = await this.getById(outOfBandId) + return this.outOfBandRepository.delete(outOfBandRecord) + } +} diff --git a/packages/core/src/modules/oob/__tests__/OutOfBandMessage.test.ts b/packages/core/src/modules/oob/__tests__/OutOfBandMessage.test.ts new file mode 100644 index 0000000000..71ae342e84 --- /dev/null +++ b/packages/core/src/modules/oob/__tests__/OutOfBandMessage.test.ts @@ -0,0 +1,150 @@ +import type { ValidationError } from 'class-validator' + +import { JsonEncoder } from '../../../utils/JsonEncoder' +import { JsonTransformer } from '../../../utils/JsonTransformer' +import { OutOfBandInvitation } from '../messages/OutOfBandInvitation' + +describe('OutOfBandInvitation', () => { + describe('toUrl', () => { + test('encode the message into the URL containg the base64 encoded invitation as the oob query parameter', async () => { + const domain = 'https://example.com/ssi' + const json = { + '@type': 'https://didcomm.org/out-of-band/1.1/invitation', + services: ['did:sov:LjgpST2rjsoxYegQDRm7EL'], + '@id': '69212a3a-d068-4f9d-a2dd-4741bca89af3', + label: 'Faber College', + goal_code: 'issue-vc', + goal: 'To issue a Faber College Graduate credential', + handshake_protocols: ['https://didcomm.org/didexchange/1.0', 'https://didcomm.org/connections/1.0'], + } + const invitation = JsonTransformer.fromJSON(json, OutOfBandInvitation) + const invitationUrl = invitation.toUrl({ + domain, + }) + + expect(invitationUrl).toBe(`${domain}?oob=${JsonEncoder.toBase64URL(json)}`) + }) + }) + + describe('fromUrl', () => { + test('decode the URL containing the base64 encoded invitation as the oob parameter into an `OutOfBandInvitation`', async () => { + const invitationUrl = + 'http://example.com/ssi?oob=eyJAdHlwZSI6Imh0dHBzOi8vZGlkY29tbS5vcmcvb3V0LW9mLWJhbmQvMS4xL2ludml0YXRpb24iLCJAaWQiOiI2OTIxMmEzYS1kMDY4LTRmOWQtYTJkZC00NzQxYmNhODlhZjMiLCJsYWJlbCI6IkZhYmVyIENvbGxlZ2UiLCJnb2FsX2NvZGUiOiJpc3N1ZS12YyIsImdvYWwiOiJUbyBpc3N1ZSBhIEZhYmVyIENvbGxlZ2UgR3JhZHVhdGUgY3JlZGVudGlhbCIsImhhbmRzaGFrZV9wcm90b2NvbHMiOlsiaHR0cHM6Ly9kaWRjb21tLm9yZy9kaWRleGNoYW5nZS8xLjAiLCJodHRwczovL2RpZGNvbW0ub3JnL2Nvbm5lY3Rpb25zLzEuMCJdLCJzZXJ2aWNlcyI6WyJkaWQ6c292OkxqZ3BTVDJyanNveFllZ1FEUm03RUwiXX0K' + + const invitation = await OutOfBandInvitation.fromUrl(invitationUrl) + const json = JsonTransformer.toJSON(invitation) + expect(json).toEqual({ + '@type': 'https://didcomm.org/out-of-band/1.1/invitation', + '@id': '69212a3a-d068-4f9d-a2dd-4741bca89af3', + label: 'Faber College', + goal_code: 'issue-vc', + goal: 'To issue a Faber College Graduate credential', + handshake_protocols: ['https://didcomm.org/didexchange/1.0', 'https://didcomm.org/connections/1.0'], + services: ['did:sov:LjgpST2rjsoxYegQDRm7EL'], + }) + }) + }) + + describe('fromJson', () => { + test('create an instance of `OutOfBandInvitation` from JSON object', async () => { + const json = { + '@type': 'https://didcomm.org/out-of-band/1.1/invitation', + '@id': '69212a3a-d068-4f9d-a2dd-4741bca89af3', + label: 'Faber College', + goal_code: 'issue-vc', + goal: 'To issue a Faber College Graduate credential', + handshake_protocols: ['https://didcomm.org/didexchange/1.0', 'https://didcomm.org/connections/1.0'], + services: ['did:sov:LjgpST2rjsoxYegQDRm7EL'], + } + + const invitation = await OutOfBandInvitation.fromJson(json) + + expect(invitation).toBeDefined() + expect(invitation).toBeInstanceOf(OutOfBandInvitation) + }) + + test('create an instance of `OutOfBandInvitation` from JSON object with inline service', async () => { + const json = { + '@type': 'https://didcomm.org/out-of-band/1.1/invitation', + '@id': '69212a3a-d068-4f9d-a2dd-4741bca89af3', + label: 'Faber College', + goal_code: 'issue-vc', + goal: 'To issue a Faber College Graduate credential', + handshake_protocols: ['https://didcomm.org/didexchange/1.0', 'https://didcomm.org/connections/1.0'], + services: [ + { + id: '#inline', + recipientKeys: ['did:key:z6MkmjY8GnV5i9YTDtPETC2uUAW6ejw3nk5mXF5yci5ab7th'], + routingKeys: ['did:key:z6MkmjY8GnV5i9YTDtPETC2uUAW6ejw3nk5mXF5yci5ab7th'], + serviceEndpoint: 'https://example.com/ssi', + }, + ], + } + + const invitation = await OutOfBandInvitation.fromJson(json) + expect(invitation).toBeDefined() + expect(invitation).toBeInstanceOf(OutOfBandInvitation) + }) + + test('throw validation error when services attribute is empty', async () => { + const json = { + '@type': 'https://didcomm.org/out-of-band/1.1/invitation', + '@id': '69212a3a-d068-4f9d-a2dd-4741bca89af3', + label: 'Faber College', + goal_code: 'issue-vc', + goal: 'To issue a Faber College Graduate credential', + handshake_protocols: ['https://didcomm.org/didexchange/1.0', 'https://didcomm.org/connections/1.0'], + services: [], + } + + expect.assertions(1) + try { + await OutOfBandInvitation.fromJson(json) + } catch (error) { + const [firstError] = error as [ValidationError] + expect(firstError.constraints).toEqual({ arrayNotEmpty: 'services should not be empty' }) + } + }) + + test('throw validation error when incorrect service object present in services attribute', async () => { + const json = { + '@type': 'https://didcomm.org/out-of-band/1.1/invitation', + '@id': '69212a3a-d068-4f9d-a2dd-4741bca89af3', + label: 'Faber College', + goal_code: 'issue-vc', + goal: 'To issue a Faber College Graduate credential', + handshake_protocols: ['https://didcomm.org/didexchange/1.0', 'https://didcomm.org/connections/1.0'], + services: [ + { + id: '#inline', + routingKeys: ['did:sov:LjgpST2rjsoxYegQDRm7EL'], + serviceEndpoint: 'https://example.com/ssi', + }, + ], + } + + expect.assertions(1) + try { + await OutOfBandInvitation.fromJson(json) + } catch (error) { + const [firstError] = error as [ValidationError] + + expect(firstError).toMatchObject({ + children: [ + { + children: [ + { + constraints: { + arrayNotEmpty: 'recipientKeys should not be empty', + isDidKeyString: 'each value in recipientKeys must be a did:key string', + }, + }, + { constraints: { isDidKeyString: 'each value in routingKeys must be a did:key string' } }, + ], + }, + ], + }) + } + }) + }) +}) diff --git a/packages/core/src/modules/oob/__tests__/OutOfBandService.test.ts b/packages/core/src/modules/oob/__tests__/OutOfBandService.test.ts new file mode 100644 index 0000000000..9bfd317ddb --- /dev/null +++ b/packages/core/src/modules/oob/__tests__/OutOfBandService.test.ts @@ -0,0 +1,499 @@ +import type { Wallet } from '../../../wallet/Wallet' + +import { getAgentConfig, getMockConnection, getMockOutOfBand, mockFunction } from '../../../../tests/helpers' +import { EventEmitter } from '../../../agent/EventEmitter' +import { InboundMessageContext } from '../../../agent/models/InboundMessageContext' +import { KeyType } from '../../../crypto' +import { AriesFrameworkError } from '../../../error' +import { IndyWallet } from '../../../wallet/IndyWallet' +import { DidExchangeState } from '../../connections/models' +import { Key } from '../../dids' +import { OutOfBandService } from '../OutOfBandService' +import { OutOfBandEventTypes } from '../domain/OutOfBandEvents' +import { OutOfBandRole } from '../domain/OutOfBandRole' +import { OutOfBandState } from '../domain/OutOfBandState' +import { HandshakeReuseMessage } from '../messages' +import { HandshakeReuseAcceptedMessage } from '../messages/HandshakeReuseAcceptedMessage' +import { OutOfBandRepository } from '../repository' + +jest.mock('../repository/OutOfBandRepository') +const OutOfBandRepositoryMock = OutOfBandRepository as jest.Mock + +const key = Key.fromPublicKeyBase58('8HH5gYEeNc3z7PYXmd54d4x6qAfCNrqQqEB3nS7Zfu7K', KeyType.Ed25519) + +describe('OutOfBandService', () => { + const agentConfig = getAgentConfig('OutOfBandServiceTest') + let wallet: Wallet + let outOfBandRepository: OutOfBandRepository + let outOfBandService: OutOfBandService + let eventEmitter: EventEmitter + + beforeAll(async () => { + wallet = new IndyWallet(agentConfig) + // eslint-disable-next-line @typescript-eslint/no-non-null-assertion + await wallet.createAndOpen(agentConfig.walletConfig!) + }) + + afterAll(async () => { + await wallet.delete() + }) + + beforeEach(async () => { + eventEmitter = new EventEmitter(agentConfig) + outOfBandRepository = new OutOfBandRepositoryMock() + outOfBandService = new OutOfBandService(outOfBandRepository, eventEmitter) + }) + + describe('processHandshakeReuse', () => { + test('throw error when no parentThreadId is present', async () => { + const reuseMessage = new HandshakeReuseMessage({ + parentThreadId: 'parentThreadId', + }) + + reuseMessage.setThread({ + parentThreadId: undefined, + }) + + const messageContext = new InboundMessageContext(reuseMessage, { + senderKey: key, + recipientKey: key, + }) + + await expect(outOfBandService.processHandshakeReuse(messageContext)).rejects.toThrowError( + new AriesFrameworkError('handshake-reuse message must have a parent thread id') + ) + }) + + test('throw error when no out of band record is found for parentThreadId', async () => { + const reuseMessage = new HandshakeReuseMessage({ + parentThreadId: 'parentThreadId', + }) + + const messageContext = new InboundMessageContext(reuseMessage, { + senderKey: key, + recipientKey: key, + }) + + await expect(outOfBandService.processHandshakeReuse(messageContext)).rejects.toThrowError( + new AriesFrameworkError('No out of band record found for handshake-reuse message') + ) + }) + + test('throw error when role or state is incorrect ', async () => { + const reuseMessage = new HandshakeReuseMessage({ + parentThreadId: 'parentThreadId', + }) + + const messageContext = new InboundMessageContext(reuseMessage, { + senderKey: key, + recipientKey: key, + }) + + // Correct state, incorrect role + const mockOob = getMockOutOfBand({ + state: OutOfBandState.AwaitResponse, + role: OutOfBandRole.Receiver, + }) + mockFunction(outOfBandRepository.findSingleByQuery).mockResolvedValue(mockOob) + + await expect(outOfBandService.processHandshakeReuse(messageContext)).rejects.toThrowError( + new AriesFrameworkError('Invalid out-of-band record role receiver, expected is sender.') + ) + + mockOob.state = OutOfBandState.PrepareResponse + mockOob.role = OutOfBandRole.Sender + await expect(outOfBandService.processHandshakeReuse(messageContext)).rejects.toThrowError( + new AriesFrameworkError('Invalid out-of-band record state prepare-response, valid states are: await-response.') + ) + }) + + test('throw error when the out of band record has request messages ', async () => { + const reuseMessage = new HandshakeReuseMessage({ + parentThreadId: 'parentThreadId', + }) + + const messageContext = new InboundMessageContext(reuseMessage, { + senderKey: key, + recipientKey: key, + }) + + const mockOob = getMockOutOfBand({ + state: OutOfBandState.AwaitResponse, + role: OutOfBandRole.Sender, + }) + mockOob.outOfBandInvitation.addRequest(reuseMessage) + mockFunction(outOfBandRepository.findSingleByQuery).mockResolvedValue(mockOob) + + await expect(outOfBandService.processHandshakeReuse(messageContext)).rejects.toThrowError( + new AriesFrameworkError('Handshake reuse should only be used when no requests are present') + ) + }) + + test("throw error when the message context doesn't have a ready connection", async () => { + const reuseMessage = new HandshakeReuseMessage({ + parentThreadId: 'parentThreadId', + }) + + const messageContext = new InboundMessageContext(reuseMessage, { + senderKey: key, + recipientKey: key, + }) + + const mockOob = getMockOutOfBand({ + state: OutOfBandState.AwaitResponse, + role: OutOfBandRole.Sender, + }) + mockFunction(outOfBandRepository.findSingleByQuery).mockResolvedValue(mockOob) + + await expect(outOfBandService.processHandshakeReuse(messageContext)).rejects.toThrowError( + new AriesFrameworkError(`No connection associated with incoming message ${reuseMessage.type}`) + ) + }) + + test('emits handshake reused event ', async () => { + const reuseMessage = new HandshakeReuseMessage({ + parentThreadId: 'parentThreadId', + }) + + const reuseListener = jest.fn() + + const connection = getMockConnection({ state: DidExchangeState.Completed }) + const messageContext = new InboundMessageContext(reuseMessage, { + senderKey: key, + recipientKey: key, + connection, + }) + + const mockOob = getMockOutOfBand({ + state: OutOfBandState.AwaitResponse, + role: OutOfBandRole.Sender, + }) + mockFunction(outOfBandRepository.findSingleByQuery).mockResolvedValue(mockOob) + + eventEmitter.on(OutOfBandEventTypes.HandshakeReused, reuseListener) + await outOfBandService.processHandshakeReuse(messageContext) + eventEmitter.off(OutOfBandEventTypes.HandshakeReused, reuseListener) + + expect(reuseListener).toHaveBeenCalledTimes(1) + const [[reuseEvent]] = reuseListener.mock.calls + + expect(reuseEvent).toMatchObject({ + type: OutOfBandEventTypes.HandshakeReused, + payload: { + connectionRecord: connection, + outOfBandRecord: mockOob, + reuseThreadId: reuseMessage.threadId, + }, + }) + }) + + it('updates state to done if out of band record is not reusable', async () => { + const reuseMessage = new HandshakeReuseMessage({ + parentThreadId: 'parentThreadId', + }) + + const messageContext = new InboundMessageContext(reuseMessage, { + senderKey: key, + recipientKey: key, + connection: getMockConnection({ state: DidExchangeState.Completed }), + }) + + const mockOob = getMockOutOfBand({ + state: OutOfBandState.AwaitResponse, + role: OutOfBandRole.Sender, + reusable: true, + }) + mockFunction(outOfBandRepository.findSingleByQuery).mockResolvedValue(mockOob) + + const updateStateSpy = jest.spyOn(outOfBandService, 'updateState') + + // Reusable shouldn't update state + await outOfBandService.processHandshakeReuse(messageContext) + expect(updateStateSpy).not.toHaveBeenCalled() + + // Non-reusable should update state + mockOob.reusable = false + await outOfBandService.processHandshakeReuse(messageContext) + expect(updateStateSpy).toHaveBeenCalledWith(mockOob, OutOfBandState.Done) + }) + + it('returns a handshake-reuse-accepted message', async () => { + const reuseMessage = new HandshakeReuseMessage({ + parentThreadId: 'parentThreadId', + }) + + const messageContext = new InboundMessageContext(reuseMessage, { + senderKey: key, + recipientKey: key, + connection: getMockConnection({ state: DidExchangeState.Completed }), + }) + + const mockOob = getMockOutOfBand({ + state: OutOfBandState.AwaitResponse, + role: OutOfBandRole.Sender, + }) + mockFunction(outOfBandRepository.findSingleByQuery).mockResolvedValue(mockOob) + + const reuseAcceptedMessage = await outOfBandService.processHandshakeReuse(messageContext) + + expect(reuseAcceptedMessage).toBeInstanceOf(HandshakeReuseAcceptedMessage) + expect(reuseAcceptedMessage.thread).toMatchObject({ + threadId: reuseMessage.id, + parentThreadId: reuseMessage.thread?.parentThreadId, + }) + }) + }) + + describe('processHandshakeReuseAccepted', () => { + test('throw error when no parentThreadId is present', async () => { + const reuseAcceptedMessage = new HandshakeReuseAcceptedMessage({ + threadId: 'threadId', + parentThreadId: 'parentThreadId', + }) + + reuseAcceptedMessage.setThread({ + parentThreadId: undefined, + }) + + const messageContext = new InboundMessageContext(reuseAcceptedMessage, { + senderKey: key, + recipientKey: key, + }) + + await expect(outOfBandService.processHandshakeReuseAccepted(messageContext)).rejects.toThrowError( + new AriesFrameworkError('handshake-reuse-accepted message must have a parent thread id') + ) + }) + + test('throw error when no out of band record is found for parentThreadId', async () => { + const reuseAcceptedMessage = new HandshakeReuseAcceptedMessage({ + parentThreadId: 'parentThreadId', + threadId: 'threadId', + }) + + const messageContext = new InboundMessageContext(reuseAcceptedMessage, { + senderKey: key, + recipientKey: key, + }) + + await expect(outOfBandService.processHandshakeReuseAccepted(messageContext)).rejects.toThrowError( + new AriesFrameworkError('No out of band record found for handshake-reuse-accepted message') + ) + }) + + test('throw error when role or state is incorrect ', async () => { + const reuseAcceptedMessage = new HandshakeReuseAcceptedMessage({ + parentThreadId: 'parentThreadId', + threadId: 'threadId', + }) + + const messageContext = new InboundMessageContext(reuseAcceptedMessage, { + senderKey: key, + recipientKey: key, + }) + + // Correct state, incorrect role + const mockOob = getMockOutOfBand({ + state: OutOfBandState.PrepareResponse, + role: OutOfBandRole.Sender, + }) + mockFunction(outOfBandRepository.findSingleByQuery).mockResolvedValue(mockOob) + + await expect(outOfBandService.processHandshakeReuseAccepted(messageContext)).rejects.toThrowError( + new AriesFrameworkError('Invalid out-of-band record role sender, expected is receiver.') + ) + + mockOob.state = OutOfBandState.AwaitResponse + mockOob.role = OutOfBandRole.Receiver + await expect(outOfBandService.processHandshakeReuseAccepted(messageContext)).rejects.toThrowError( + new AriesFrameworkError('Invalid out-of-band record state await-response, valid states are: prepare-response.') + ) + }) + + test("throw error when the message context doesn't have a ready connection", async () => { + const reuseAcceptedMessage = new HandshakeReuseAcceptedMessage({ + parentThreadId: 'parentThreadId', + threadId: 'threadId', + }) + + const messageContext = new InboundMessageContext(reuseAcceptedMessage, { + senderKey: key, + recipientKey: key, + }) + + const mockOob = getMockOutOfBand({ + state: OutOfBandState.PrepareResponse, + role: OutOfBandRole.Receiver, + }) + mockFunction(outOfBandRepository.findSingleByQuery).mockResolvedValue(mockOob) + + await expect(outOfBandService.processHandshakeReuseAccepted(messageContext)).rejects.toThrowError( + new AriesFrameworkError(`No connection associated with incoming message ${reuseAcceptedMessage.type}`) + ) + }) + + test("throw error when the reuseConnectionId on the oob record doesn't match with the inbound message connection id", async () => { + const reuseAcceptedMessage = new HandshakeReuseAcceptedMessage({ + parentThreadId: 'parentThreadId', + threadId: 'threadId', + }) + + const messageContext = new InboundMessageContext(reuseAcceptedMessage, { + senderKey: key, + recipientKey: key, + connection: getMockConnection({ state: DidExchangeState.Completed, id: 'connectionId' }), + }) + + const mockOob = getMockOutOfBand({ + state: OutOfBandState.PrepareResponse, + role: OutOfBandRole.Receiver, + reuseConnectionId: 'anotherConnectionId', + }) + mockFunction(outOfBandRepository.findSingleByQuery).mockResolvedValue(mockOob) + + await expect(outOfBandService.processHandshakeReuseAccepted(messageContext)).rejects.toThrowError( + new AriesFrameworkError(`handshake-reuse-accepted is not in response to a handshake-reuse message.`) + ) + }) + + test('emits handshake reused event ', async () => { + const reuseAcceptedMessage = new HandshakeReuseAcceptedMessage({ + parentThreadId: 'parentThreadId', + threadId: 'threadId', + }) + + const reuseListener = jest.fn() + + const connection = getMockConnection({ state: DidExchangeState.Completed, id: 'connectionId' }) + const messageContext = new InboundMessageContext(reuseAcceptedMessage, { + senderKey: key, + recipientKey: key, + connection, + }) + + const mockOob = getMockOutOfBand({ + state: OutOfBandState.PrepareResponse, + role: OutOfBandRole.Receiver, + reuseConnectionId: 'connectionId', + }) + mockFunction(outOfBandRepository.findSingleByQuery).mockResolvedValue(mockOob) + + eventEmitter.on(OutOfBandEventTypes.HandshakeReused, reuseListener) + await outOfBandService.processHandshakeReuseAccepted(messageContext) + eventEmitter.off(OutOfBandEventTypes.HandshakeReused, reuseListener) + + expect(reuseListener).toHaveBeenCalledTimes(1) + const [[reuseEvent]] = reuseListener.mock.calls + + expect(reuseEvent).toMatchObject({ + type: OutOfBandEventTypes.HandshakeReused, + payload: { + connectionRecord: connection, + outOfBandRecord: mockOob, + reuseThreadId: reuseAcceptedMessage.threadId, + }, + }) + }) + + it('updates state to done', async () => { + const reuseAcceptedMessage = new HandshakeReuseAcceptedMessage({ + parentThreadId: 'parentThreadId', + threadId: 'threadId', + }) + + const messageContext = new InboundMessageContext(reuseAcceptedMessage, { + senderKey: key, + recipientKey: key, + connection: getMockConnection({ state: DidExchangeState.Completed, id: 'connectionId' }), + }) + + const mockOob = getMockOutOfBand({ + state: OutOfBandState.PrepareResponse, + role: OutOfBandRole.Receiver, + reusable: true, + reuseConnectionId: 'connectionId', + }) + mockFunction(outOfBandRepository.findSingleByQuery).mockResolvedValue(mockOob) + + const updateStateSpy = jest.spyOn(outOfBandService, 'updateState') + + await outOfBandService.processHandshakeReuseAccepted(messageContext) + expect(updateStateSpy).toHaveBeenCalledWith(mockOob, OutOfBandState.Done) + }) + }) + + describe('updateState', () => { + test('updates the state on the out of band record', async () => { + const mockOob = getMockOutOfBand({ + state: OutOfBandState.Initial, + }) + + await outOfBandService.updateState(mockOob, OutOfBandState.Done) + + expect(mockOob.state).toEqual(OutOfBandState.Done) + }) + + test('updates the record in the out of band repository', async () => { + const mockOob = getMockOutOfBand({ + state: OutOfBandState.Initial, + }) + + await outOfBandService.updateState(mockOob, OutOfBandState.Done) + + expect(outOfBandRepository.update).toHaveBeenCalledWith(mockOob) + }) + + test('emits an OutOfBandStateChangedEvent', async () => { + const stateChangedListener = jest.fn() + + const mockOob = getMockOutOfBand({ + state: OutOfBandState.Initial, + }) + + eventEmitter.on(OutOfBandEventTypes.OutOfBandStateChanged, stateChangedListener) + await outOfBandService.updateState(mockOob, OutOfBandState.Done) + eventEmitter.off(OutOfBandEventTypes.OutOfBandStateChanged, stateChangedListener) + + expect(stateChangedListener).toHaveBeenCalledTimes(1) + const [[stateChangedEvent]] = stateChangedListener.mock.calls + + expect(stateChangedEvent).toMatchObject({ + type: OutOfBandEventTypes.OutOfBandStateChanged, + payload: { + outOfBandRecord: mockOob, + previousState: OutOfBandState.Initial, + }, + }) + }) + }) + + describe('repository methods', () => { + it('getById should return value from outOfBandRepository.getById', async () => { + const expected = getMockOutOfBand() + mockFunction(outOfBandRepository.getById).mockReturnValue(Promise.resolve(expected)) + const result = await outOfBandService.getById(expected.id) + expect(outOfBandRepository.getById).toBeCalledWith(expected.id) + + expect(result).toBe(expected) + }) + + it('findById should return value from outOfBandRepository.findById', async () => { + const expected = getMockOutOfBand() + mockFunction(outOfBandRepository.findById).mockReturnValue(Promise.resolve(expected)) + const result = await outOfBandService.findById(expected.id) + expect(outOfBandRepository.findById).toBeCalledWith(expected.id) + + expect(result).toBe(expected) + }) + + it('getAll should return value from outOfBandRepository.getAll', async () => { + const expected = [getMockOutOfBand(), getMockOutOfBand()] + + mockFunction(outOfBandRepository.getAll).mockReturnValue(Promise.resolve(expected)) + const result = await outOfBandService.getAll() + expect(outOfBandRepository.getAll).toBeCalledWith() + + expect(result).toEqual(expect.arrayContaining(expected)) + }) + }) +}) diff --git a/packages/core/src/modules/oob/__tests__/helpers.test.ts b/packages/core/src/modules/oob/__tests__/helpers.test.ts new file mode 100644 index 0000000000..e81093276a --- /dev/null +++ b/packages/core/src/modules/oob/__tests__/helpers.test.ts @@ -0,0 +1,136 @@ +import { JsonTransformer } from '../../../utils' +import { ConnectionInvitationMessage } from '../../connections' +import { DidCommV1Service } from '../../dids' +import { convertToNewInvitation, convertToOldInvitation } from '../helpers' +import { OutOfBandInvitation } from '../messages' + +describe('convertToNewInvitation', () => { + it('should convert a connection invitation with service to an out of band invitation', () => { + const connectionInvitation = new ConnectionInvitationMessage({ + id: 'd88ff8fd-6c43-4683-969e-11a87a572cf2', + imageUrl: 'https://my-image.com', + label: 'a-label', + recipientKeys: ['8HH5gYEeNc3z7PYXmd54d4x6qAfCNrqQqEB3nS7Zfu7K'], + serviceEndpoint: 'https://my-agent.com', + routingKeys: ['6fioC1zcDPyPEL19pXRS2E4iJ46zH7xP6uSgAaPdwDrx'], + }) + + const oobInvitation = convertToNewInvitation(connectionInvitation) + + expect(oobInvitation).toMatchObject({ + id: 'd88ff8fd-6c43-4683-969e-11a87a572cf2', + imageUrl: 'https://my-image.com', + label: 'a-label', + services: [ + { + id: '#inline', + recipientKeys: ['did:key:z6MkmjY8GnV5i9YTDtPETC2uUAW6ejw3nk5mXF5yci5ab7th'], + routingKeys: ['did:key:z6Mkk7yqnGF3YwTrLpqrW6PGsKci7dNqh1CjnvMbzrMerSeL'], + serviceEndpoint: 'https://my-agent.com', + }, + ], + }) + }) + + it('should convert a connection invitation with public did to an out of band invitation', () => { + const connectionInvitation = new ConnectionInvitationMessage({ + id: 'd88ff8fd-6c43-4683-969e-11a87a572cf2', + imageUrl: 'https://my-image.com', + label: 'a-label', + did: 'did:sov:a-did', + }) + + const oobInvitation = convertToNewInvitation(connectionInvitation) + + expect(oobInvitation).toMatchObject({ + id: 'd88ff8fd-6c43-4683-969e-11a87a572cf2', + imageUrl: 'https://my-image.com', + label: 'a-label', + services: ['did:sov:a-did'], + }) + }) + + it('throws an error when no did and serviceEndpoint/routingKeys are present in the connection invitation', () => { + const connectionInvitation = JsonTransformer.fromJSON( + { + '@id': 'd88ff8fd-6c43-4683-969e-11a87a572cf2', + '@type': 'https://didcomm.org/connections/1.0/invitation', + label: 'a-label', + imageUrl: 'https://my-image.com', + }, + ConnectionInvitationMessage + ) + + expect(() => convertToNewInvitation(connectionInvitation)).toThrowError( + 'Missing required serviceEndpoint, routingKeys and/or did fields in connection invitation' + ) + }) +}) + +describe('convertToOldInvitation', () => { + it('should convert an out of band invitation with inline service to a connection invitation', () => { + const oobInvitation = new OutOfBandInvitation({ + id: 'd88ff8fd-6c43-4683-969e-11a87a572cf2', + imageUrl: 'https://my-image.com', + label: 'a-label', + services: [ + new DidCommV1Service({ + id: '#inline', + recipientKeys: ['did:key:z6MkmjY8GnV5i9YTDtPETC2uUAW6ejw3nk5mXF5yci5ab7th'], + routingKeys: ['did:key:z6Mkk7yqnGF3YwTrLpqrW6PGsKci7dNqh1CjnvMbzrMerSeL'], + serviceEndpoint: 'https://my-agent.com', + }), + ], + }) + + const connectionInvitation = convertToOldInvitation(oobInvitation) + + expect(connectionInvitation).toMatchObject({ + id: 'd88ff8fd-6c43-4683-969e-11a87a572cf2', + imageUrl: 'https://my-image.com', + label: 'a-label', + recipientKeys: ['8HH5gYEeNc3z7PYXmd54d4x6qAfCNrqQqEB3nS7Zfu7K'], + routingKeys: ['6fioC1zcDPyPEL19pXRS2E4iJ46zH7xP6uSgAaPdwDrx'], + serviceEndpoint: 'https://my-agent.com', + }) + }) + + it('should convert an out of band invitation with did service to a connection invitation', () => { + const oobInvitation = new OutOfBandInvitation({ + id: 'd88ff8fd-6c43-4683-969e-11a87a572cf2', + imageUrl: 'https://my-image.com', + label: 'a-label', + services: ['did:sov:a-did'], + }) + + const connectionInvitation = convertToOldInvitation(oobInvitation) + + expect(connectionInvitation).toMatchObject({ + id: 'd88ff8fd-6c43-4683-969e-11a87a572cf2', + imageUrl: 'https://my-image.com', + label: 'a-label', + did: 'did:sov:a-did', + }) + }) + + it('throws an error when more than service is present in the out of band invitation', () => { + const oobInvitation = new OutOfBandInvitation({ + id: 'd88ff8fd-6c43-4683-969e-11a87a572cf2', + imageUrl: 'https://my-image.com', + label: 'a-label', + services: [ + new DidCommV1Service({ + id: '#inline', + recipientKeys: ['did:key:z6MkmjY8GnV5i9YTDtPETC2uUAW6ejw3nk5mXF5yci5ab7th'], + routingKeys: ['did:key:z6Mkk7yqnGF3YwTrLpqrW6PGsKci7dNqh1CjnvMbzrMerSeL'], + serviceEndpoint: 'https://my-agent.com', + }), + 'did:sov:a-did', + ], + }) + + expect(() => convertToOldInvitation(oobInvitation)).toThrowError( + `Attribute 'services' MUST have exactly one entry. It contains 2 entries.` + ) + }) +}) diff --git a/packages/core/src/modules/oob/domain/OutOfBandDidCommService.ts b/packages/core/src/modules/oob/domain/OutOfBandDidCommService.ts new file mode 100644 index 0000000000..f351520fba --- /dev/null +++ b/packages/core/src/modules/oob/domain/OutOfBandDidCommService.ts @@ -0,0 +1,56 @@ +import type { ValidationOptions } from 'class-validator' + +import { ArrayNotEmpty, buildMessage, IsOptional, isString, IsString, ValidateBy } from 'class-validator' + +import { DidDocumentService } from '../../dids' + +export class OutOfBandDidCommService extends DidDocumentService { + public constructor(options: { + id: string + serviceEndpoint: string + recipientKeys: string[] + routingKeys?: string[] + accept?: string[] + }) { + super({ ...options, type: OutOfBandDidCommService.type }) + + if (options) { + this.recipientKeys = options.recipientKeys + this.routingKeys = options.routingKeys + this.accept = options.accept + } + } + + public static type = 'did-communication' + + @ArrayNotEmpty() + @IsDidKeyString({ each: true }) + public recipientKeys!: string[] + + @IsDidKeyString({ each: true }) + @IsOptional() + public routingKeys?: string[] + + @IsString({ each: true }) + @IsOptional() + public accept?: string[] +} + +/** + * Checks if a given value is a did:key did string + */ +function IsDidKeyString(validationOptions?: ValidationOptions): PropertyDecorator { + return ValidateBy( + { + name: 'isDidKeyString', + validator: { + validate: (value): boolean => isString(value) && value.startsWith('did:key:'), + defaultMessage: buildMessage( + (eachPrefix) => eachPrefix + '$property must be a did:key string', + validationOptions + ), + }, + }, + validationOptions + ) +} diff --git a/packages/core/src/modules/oob/domain/OutOfBandEvents.ts b/packages/core/src/modules/oob/domain/OutOfBandEvents.ts new file mode 100644 index 0000000000..a3936cc784 --- /dev/null +++ b/packages/core/src/modules/oob/domain/OutOfBandEvents.ts @@ -0,0 +1,27 @@ +import type { BaseEvent } from '../../../agent/Events' +import type { ConnectionRecord } from '../../connections' +import type { OutOfBandRecord } from '../repository' +import type { OutOfBandState } from './OutOfBandState' + +export enum OutOfBandEventTypes { + OutOfBandStateChanged = 'OutOfBandStateChanged', + HandshakeReused = 'HandshakeReused', +} + +export interface OutOfBandStateChangedEvent extends BaseEvent { + type: typeof OutOfBandEventTypes.OutOfBandStateChanged + payload: { + outOfBandRecord: OutOfBandRecord + previousState: OutOfBandState | null + } +} + +export interface HandshakeReusedEvent extends BaseEvent { + type: typeof OutOfBandEventTypes.HandshakeReused + payload: { + // We need the thread id (can be multiple reuse happening at the same time) + reuseThreadId: string + outOfBandRecord: OutOfBandRecord + connectionRecord: ConnectionRecord + } +} diff --git a/packages/core/src/modules/oob/domain/OutOfBandRole.ts b/packages/core/src/modules/oob/domain/OutOfBandRole.ts new file mode 100644 index 0000000000..fb047d46ba --- /dev/null +++ b/packages/core/src/modules/oob/domain/OutOfBandRole.ts @@ -0,0 +1,4 @@ +export const enum OutOfBandRole { + Sender = 'sender', + Receiver = 'receiver', +} diff --git a/packages/core/src/modules/oob/domain/OutOfBandState.ts b/packages/core/src/modules/oob/domain/OutOfBandState.ts new file mode 100644 index 0000000000..b127a1db24 --- /dev/null +++ b/packages/core/src/modules/oob/domain/OutOfBandState.ts @@ -0,0 +1,6 @@ +export const enum OutOfBandState { + Initial = 'initial', + AwaitResponse = 'await-response', + PrepareResponse = 'prepare-response', + Done = 'done', +} diff --git a/packages/core/src/modules/oob/handlers/HandshakeReuseAcceptedHandler.ts b/packages/core/src/modules/oob/handlers/HandshakeReuseAcceptedHandler.ts new file mode 100644 index 0000000000..41b616b443 --- /dev/null +++ b/packages/core/src/modules/oob/handlers/HandshakeReuseAcceptedHandler.ts @@ -0,0 +1,20 @@ +import type { Handler } from '../../../agent/Handler' +import type { InboundMessageContext } from '../../../agent/models/InboundMessageContext' +import type { OutOfBandService } from '../OutOfBandService' + +import { HandshakeReuseAcceptedMessage } from '../messages/HandshakeReuseAcceptedMessage' + +export class HandshakeReuseAcceptedHandler implements Handler { + public supportedMessages = [HandshakeReuseAcceptedMessage] + private outOfBandService: OutOfBandService + + public constructor(outOfBandService: OutOfBandService) { + this.outOfBandService = outOfBandService + } + + public async handle(messageContext: InboundMessageContext) { + messageContext.assertReadyConnection() + + await this.outOfBandService.processHandshakeReuseAccepted(messageContext) + } +} diff --git a/packages/core/src/modules/oob/handlers/HandshakeReuseHandler.ts b/packages/core/src/modules/oob/handlers/HandshakeReuseHandler.ts new file mode 100644 index 0000000000..632eddd96a --- /dev/null +++ b/packages/core/src/modules/oob/handlers/HandshakeReuseHandler.ts @@ -0,0 +1,22 @@ +import type { Handler } from '../../../agent/Handler' +import type { InboundMessageContext } from '../../../agent/models/InboundMessageContext' +import type { OutOfBandService } from '../OutOfBandService' + +import { createOutboundMessage } from '../../../agent/helpers' +import { HandshakeReuseMessage } from '../messages/HandshakeReuseMessage' + +export class HandshakeReuseHandler implements Handler { + public supportedMessages = [HandshakeReuseMessage] + private outOfBandService: OutOfBandService + + public constructor(outOfBandService: OutOfBandService) { + this.outOfBandService = outOfBandService + } + + public async handle(messageContext: InboundMessageContext) { + const connectionRecord = messageContext.assertReadyConnection() + const handshakeReuseAcceptedMessage = await this.outOfBandService.processHandshakeReuse(messageContext) + + return createOutboundMessage(connectionRecord, handshakeReuseAcceptedMessage) + } +} diff --git a/packages/core/src/modules/oob/handlers/index.ts b/packages/core/src/modules/oob/handlers/index.ts new file mode 100644 index 0000000000..c9edcca3d6 --- /dev/null +++ b/packages/core/src/modules/oob/handlers/index.ts @@ -0,0 +1 @@ +export * from './HandshakeReuseHandler' diff --git a/packages/core/src/modules/oob/helpers.ts b/packages/core/src/modules/oob/helpers.ts new file mode 100644 index 0000000000..b0c1a913a7 --- /dev/null +++ b/packages/core/src/modules/oob/helpers.ts @@ -0,0 +1,68 @@ +import type { OutOfBandInvitationOptions } from './messages' + +import { AriesFrameworkError } from '../../error' +import { ConnectionInvitationMessage, HandshakeProtocol } from '../connections' +import { didKeyToVerkey, verkeyToDidKey } from '../dids/helpers' + +import { OutOfBandDidCommService } from './domain/OutOfBandDidCommService' +import { OutOfBandInvitation } from './messages' + +export function convertToNewInvitation(oldInvitation: ConnectionInvitationMessage) { + let service + + if (oldInvitation.did) { + service = oldInvitation.did + } else if (oldInvitation.serviceEndpoint && oldInvitation.recipientKeys && oldInvitation.recipientKeys.length > 0) { + service = new OutOfBandDidCommService({ + id: '#inline', + recipientKeys: oldInvitation.recipientKeys?.map(verkeyToDidKey), + routingKeys: oldInvitation.routingKeys?.map(verkeyToDidKey), + serviceEndpoint: oldInvitation.serviceEndpoint, + }) + } else { + throw new Error('Missing required serviceEndpoint, routingKeys and/or did fields in connection invitation') + } + + const options: OutOfBandInvitationOptions = { + id: oldInvitation.id, + label: oldInvitation.label, + imageUrl: oldInvitation.imageUrl, + accept: ['didcomm/aip1', 'didcomm/aip2;env=rfc19'], + services: [service], + handshakeProtocols: [HandshakeProtocol.Connections], + } + + return new OutOfBandInvitation(options) +} + +export function convertToOldInvitation(newInvitation: OutOfBandInvitation) { + if (newInvitation.services.length > 1) { + throw new AriesFrameworkError( + `Attribute 'services' MUST have exactly one entry. It contains ${newInvitation.services.length} entries.` + ) + } + + const [service] = newInvitation.services + + let options + if (typeof service === 'string') { + options = { + id: newInvitation.id, + label: newInvitation.label, + did: service, + imageUrl: newInvitation.imageUrl, + } + } else { + options = { + id: newInvitation.id, + label: newInvitation.label, + recipientKeys: service.recipientKeys.map(didKeyToVerkey), + routingKeys: service.routingKeys?.map(didKeyToVerkey), + serviceEndpoint: service.serviceEndpoint, + imageUrl: newInvitation.imageUrl, + } + } + + const connectionInvitationMessage = new ConnectionInvitationMessage(options) + return connectionInvitationMessage +} diff --git a/packages/core/src/modules/oob/messages/HandshakeReuseAcceptedMessage.ts b/packages/core/src/modules/oob/messages/HandshakeReuseAcceptedMessage.ts new file mode 100644 index 0000000000..8b866b18db --- /dev/null +++ b/packages/core/src/modules/oob/messages/HandshakeReuseAcceptedMessage.ts @@ -0,0 +1,27 @@ +import { Equals } from 'class-validator' + +import { AgentMessage } from '../../../agent/AgentMessage' + +export interface HandshakeReuseAcceptedMessageOptions { + id?: string + threadId: string + parentThreadId: string +} + +export class HandshakeReuseAcceptedMessage extends AgentMessage { + public constructor(options: HandshakeReuseAcceptedMessageOptions) { + super() + + if (options) { + this.id = options.id ?? this.generateId() + this.setThread({ + threadId: options.threadId, + parentThreadId: options.parentThreadId, + }) + } + } + + @Equals(HandshakeReuseAcceptedMessage.type) + public readonly type = HandshakeReuseAcceptedMessage.type + public static readonly type = 'https://didcomm.org/out-of-band/1.1/handshake-reuse-accepted' +} diff --git a/packages/core/src/modules/oob/messages/HandshakeReuseMessage.ts b/packages/core/src/modules/oob/messages/HandshakeReuseMessage.ts new file mode 100644 index 0000000000..d42391059e --- /dev/null +++ b/packages/core/src/modules/oob/messages/HandshakeReuseMessage.ts @@ -0,0 +1,26 @@ +import { Equals } from 'class-validator' + +import { AgentMessage } from '../../../agent/AgentMessage' + +export interface HandshakeReuseMessageOptions { + id?: string + parentThreadId: string +} + +export class HandshakeReuseMessage extends AgentMessage { + public constructor(options: HandshakeReuseMessageOptions) { + super() + + if (options) { + this.id = options.id ?? this.generateId() + this.setThread({ + threadId: this.id, + parentThreadId: options.parentThreadId, + }) + } + } + + @Equals(HandshakeReuseMessage.type) + public readonly type = HandshakeReuseMessage.type + public static readonly type = 'https://didcomm.org/out-of-band/1.1/handshake-reuse' +} diff --git a/packages/core/src/modules/oob/messages/OutOfBandInvitation.ts b/packages/core/src/modules/oob/messages/OutOfBandInvitation.ts new file mode 100644 index 0000000000..0578f17a04 --- /dev/null +++ b/packages/core/src/modules/oob/messages/OutOfBandInvitation.ts @@ -0,0 +1,169 @@ +import type { PlaintextMessage } from '../../../types' +import type { HandshakeProtocol } from '../../connections' + +import { Expose, Transform, TransformationType, Type } from 'class-transformer' +import { ArrayNotEmpty, Equals, IsArray, IsInstance, IsOptional, IsUrl, ValidateNested } from 'class-validator' +import { parseUrl } from 'query-string' + +import { AgentMessage } from '../../../agent/AgentMessage' +import { Attachment, AttachmentData } from '../../../decorators/attachment/Attachment' +import { AriesFrameworkError } from '../../../error' +import { JsonEncoder } from '../../../utils/JsonEncoder' +import { JsonTransformer } from '../../../utils/JsonTransformer' +import { MessageValidator } from '../../../utils/MessageValidator' +import { IsStringOrInstance } from '../../../utils/validators' +import { outOfBandServiceToNumAlgo2Did } from '../../dids/methods/peer/peerDidNumAlgo2' +import { OutOfBandDidCommService } from '../domain/OutOfBandDidCommService' + +export interface OutOfBandInvitationOptions { + id?: string + label: string + goalCode?: string + goal?: string + accept?: string[] + handshakeProtocols?: HandshakeProtocol[] + services: Array + imageUrl?: string +} + +export class OutOfBandInvitation extends AgentMessage { + public constructor(options: OutOfBandInvitationOptions) { + super() + + if (options) { + this.id = options.id ?? this.generateId() + this.label = options.label + this.goalCode = options.goalCode + this.goal = options.goal + this.accept = options.accept + this.handshakeProtocols = options.handshakeProtocols + this.services = options.services + this.imageUrl = options.imageUrl + } + } + + public addRequest(message: AgentMessage) { + if (!this.requests) this.requests = [] + const requestAttachment = new Attachment({ + id: this.generateId(), + mimeType: 'application/json', + data: new AttachmentData({ + base64: JsonEncoder.toBase64(message.toJSON()), + }), + }) + this.requests.push(requestAttachment) + } + + public getRequests(): PlaintextMessage[] | undefined { + return this.requests?.map((request) => request.getDataAsJson()) + } + + public toUrl({ domain }: { domain: string }) { + const invitationJson = this.toJSON() + const encodedInvitation = JsonEncoder.toBase64URL(invitationJson) + const invitationUrl = `${domain}?oob=${encodedInvitation}` + return invitationUrl + } + + public static async fromUrl(invitationUrl: string) { + const parsedUrl = parseUrl(invitationUrl).query + const encodedInvitation = parsedUrl['oob'] + + if (typeof encodedInvitation === 'string') { + const invitationJson = JsonEncoder.fromBase64(encodedInvitation) + const invitation = this.fromJson(invitationJson) + + return invitation + } else { + throw new AriesFrameworkError( + 'InvitationUrl is invalid. It needs to contain one, and only one, of the following parameters; `oob`' + ) + } + } + + public static async fromJson(json: Record) { + const invitation = JsonTransformer.fromJSON(json, OutOfBandInvitation) + await MessageValidator.validate(invitation) + return invitation + } + + public get invitationDids() { + const dids = this.services.map((didOrService) => { + if (typeof didOrService === 'string') { + return didOrService + } + return outOfBandServiceToNumAlgo2Did(didOrService) + }) + return dids + } + + @Equals(OutOfBandInvitation.type) + public readonly type = OutOfBandInvitation.type + public static readonly type = `https://didcomm.org/out-of-band/1.1/invitation` + + public readonly label!: string + + @Expose({ name: 'goal_code' }) + public readonly goalCode?: string + + public readonly goal?: string + + public readonly accept?: string[] + + @Expose({ name: 'handshake_protocols' }) + public handshakeProtocols?: HandshakeProtocol[] + + @Expose({ name: 'requests~attach' }) + @Type(() => Attachment) + @IsArray() + @ValidateNested({ + each: true, + }) + @IsInstance(Attachment, { each: true }) + @IsOptional() + private requests?: Attachment[] + + @IsArray() + @ArrayNotEmpty() + @OutOfBandServiceTransformer() + @IsStringOrInstance(OutOfBandDidCommService, { each: true }) + @ValidateNested({ each: true }) + public services!: Array + + /** + * Custom property. It is not part of the RFC. + */ + @IsOptional() + @IsUrl() + public readonly imageUrl?: string +} + +/** + * Decorator that transforms authentication json to corresponding class instances + * + * @example + * class Example { + * VerificationMethodTransformer() + * private authentication: VerificationMethod + * } + */ +function OutOfBandServiceTransformer() { + return Transform(({ value, type }: { value: Array; type: TransformationType }) => { + if (type === TransformationType.PLAIN_TO_CLASS) { + return value.map((service) => { + // did + if (typeof service === 'string') return new String(service) + + // inline didcomm service + return JsonTransformer.fromJSON(service, OutOfBandDidCommService) + }) + } else if (type === TransformationType.CLASS_TO_PLAIN) { + return value.map((service) => + typeof service === 'string' || service instanceof String ? service.toString() : JsonTransformer.toJSON(service) + ) + } + + // PLAIN_TO_PLAIN + return value + }) +} diff --git a/packages/core/src/modules/oob/messages/index.ts b/packages/core/src/modules/oob/messages/index.ts new file mode 100644 index 0000000000..1849ee4f54 --- /dev/null +++ b/packages/core/src/modules/oob/messages/index.ts @@ -0,0 +1,2 @@ +export * from './OutOfBandInvitation' +export * from './HandshakeReuseMessage' diff --git a/packages/core/src/modules/oob/repository/OutOfBandRecord.ts b/packages/core/src/modules/oob/repository/OutOfBandRecord.ts new file mode 100644 index 0000000000..0b79c72040 --- /dev/null +++ b/packages/core/src/modules/oob/repository/OutOfBandRecord.ts @@ -0,0 +1,105 @@ +import type { TagsBase } from '../../../storage/BaseRecord' +import type { Key } from '../../dids' +import type { OutOfBandDidCommService } from '../domain/OutOfBandDidCommService' +import type { OutOfBandRole } from '../domain/OutOfBandRole' +import type { OutOfBandState } from '../domain/OutOfBandState' + +import { Type } from 'class-transformer' + +import { AriesFrameworkError } from '../../../error' +import { BaseRecord } from '../../../storage/BaseRecord' +import { uuid } from '../../../utils/uuid' +import { DidKey } from '../../dids' +import { OutOfBandInvitation } from '../messages' + +export interface OutOfBandRecordProps { + id?: string + createdAt?: Date + updatedAt?: Date + tags?: TagsBase + outOfBandInvitation: OutOfBandInvitation + role: OutOfBandRole + state: OutOfBandState + autoAcceptConnection?: boolean + reusable?: boolean + did?: string + mediatorId?: string + reuseConnectionId?: string +} + +type DefaultOutOfBandRecordTags = { + role: OutOfBandRole + state: OutOfBandState + invitationId: string + recipientKeyFingerprints: string[] +} + +export class OutOfBandRecord extends BaseRecord { + @Type(() => OutOfBandInvitation) + public outOfBandInvitation!: OutOfBandInvitation + public role!: OutOfBandRole + public state!: OutOfBandState + public reusable!: boolean + public autoAcceptConnection?: boolean + public did?: string + public mediatorId?: string + public reuseConnectionId?: string + + public static readonly type = 'OutOfBandRecord' + public readonly type = OutOfBandRecord.type + + public constructor(props: OutOfBandRecordProps) { + super() + + if (props) { + this.id = props.id ?? uuid() + this.createdAt = props.createdAt ?? new Date() + this.outOfBandInvitation = props.outOfBandInvitation + this.role = props.role + this.state = props.state + this.autoAcceptConnection = props.autoAcceptConnection + this.reusable = props.reusable ?? false + this.did = props.did + this.mediatorId = props.mediatorId + this.reuseConnectionId = props.reuseConnectionId + this._tags = props.tags ?? {} + } + } + + public getTags() { + return { + ...this._tags, + role: this.role, + state: this.state, + invitationId: this.outOfBandInvitation.id, + recipientKeyFingerprints: this.getRecipientKeys().map((key) => key.fingerprint), + } + } + + // TODO: this only takes into account inline didcomm services, won't work for public dids + public getRecipientKeys(): Key[] { + return this.outOfBandInvitation.services + .filter((s): s is OutOfBandDidCommService => typeof s !== 'string') + .map((s) => s.recipientKeys) + .reduce((acc, curr) => [...acc, ...curr], []) + .map((didKey) => DidKey.fromDid(didKey).key) + } + + public assertRole(expectedRole: OutOfBandRole) { + if (this.role !== expectedRole) { + throw new AriesFrameworkError(`Invalid out-of-band record role ${this.role}, expected is ${expectedRole}.`) + } + } + + public assertState(expectedStates: OutOfBandState | OutOfBandState[]) { + if (!Array.isArray(expectedStates)) { + expectedStates = [expectedStates] + } + + if (!expectedStates.includes(this.state)) { + throw new AriesFrameworkError( + `Invalid out-of-band record state ${this.state}, valid states are: ${expectedStates.join(', ')}.` + ) + } + } +} diff --git a/packages/core/src/modules/oob/repository/OutOfBandRepository.ts b/packages/core/src/modules/oob/repository/OutOfBandRepository.ts new file mode 100644 index 0000000000..2d26da222d --- /dev/null +++ b/packages/core/src/modules/oob/repository/OutOfBandRepository.ts @@ -0,0 +1,14 @@ +import { inject, scoped, Lifecycle } from 'tsyringe' + +import { InjectionSymbols } from '../../../constants' +import { Repository } from '../../../storage/Repository' +import { StorageService } from '../../../storage/StorageService' + +import { OutOfBandRecord } from './OutOfBandRecord' + +@scoped(Lifecycle.ContainerScoped) +export class OutOfBandRepository extends Repository { + public constructor(@inject(InjectionSymbols.StorageService) storageService: StorageService) { + super(OutOfBandRecord, storageService) + } +} diff --git a/packages/core/src/modules/oob/repository/index.ts b/packages/core/src/modules/oob/repository/index.ts new file mode 100644 index 0000000000..8bfa55b8dd --- /dev/null +++ b/packages/core/src/modules/oob/repository/index.ts @@ -0,0 +1,2 @@ +export * from './OutOfBandRecord' +export * from './OutOfBandRepository' diff --git a/packages/core/src/modules/proofs/ProofsModule.ts b/packages/core/src/modules/proofs/ProofsModule.ts index 80a2232ded..d0dbcd1a96 100644 --- a/packages/core/src/modules/proofs/ProofsModule.ts +++ b/packages/core/src/modules/proofs/ProofsModule.ts @@ -258,8 +258,8 @@ export class ProofsModule { await this.messageSender.sendMessageToService({ message, - service: recipientService.toDidCommService(), - senderKey: ourService.recipientKeys[0], + service: recipientService.resolvedDidCommService, + senderKey: ourService.resolvedDidCommService.recipientKeys[0], returnRoute: true, }) @@ -305,12 +305,12 @@ export class ProofsModule { // Use ~service decorator otherwise else if (proofRecord.requestMessage?.service && proofRecord.presentationMessage?.service) { const recipientService = proofRecord.presentationMessage?.service - const ourService = proofRecord.requestMessage?.service + const ourService = proofRecord.requestMessage.service await this.messageSender.sendMessageToService({ message, - service: recipientService.toDidCommService(), - senderKey: ourService.recipientKeys[0], + service: recipientService.resolvedDidCommService, + senderKey: ourService.resolvedDidCommService.recipientKeys[0], returnRoute: true, }) } diff --git a/packages/core/src/modules/proofs/__tests__/ProofService.test.ts b/packages/core/src/modules/proofs/__tests__/ProofService.test.ts index c8c1385a39..d654dd924a 100644 --- a/packages/core/src/modules/proofs/__tests__/ProofService.test.ts +++ b/packages/core/src/modules/proofs/__tests__/ProofService.test.ts @@ -7,7 +7,7 @@ import { getAgentConfig, getMockConnection, mockFunction } from '../../../../tes import { EventEmitter } from '../../../agent/EventEmitter' import { InboundMessageContext } from '../../../agent/models/InboundMessageContext' import { Attachment, AttachmentData } from '../../../decorators/attachment/Attachment' -import { ConnectionService, ConnectionState } from '../../connections' +import { ConnectionService, DidExchangeState } from '../../connections' import { IndyHolderService } from '../../indy/services/IndyHolderService' import { IndyRevocationService } from '../../indy/services/IndyRevocationService' import { IndyLedgerService } from '../../ledger/services' @@ -43,7 +43,7 @@ const connectionServiceMock = ConnectionService as jest.Mock const connection = getMockConnection({ id: '123', - state: ConnectionState.Complete, + state: DidExchangeState.Completed, }) const requestAttachment = new Attachment({ diff --git a/packages/core/src/modules/proofs/handlers/PresentationHandler.ts b/packages/core/src/modules/proofs/handlers/PresentationHandler.ts index 660254080e..c00fa139c7 100644 --- a/packages/core/src/modules/proofs/handlers/PresentationHandler.ts +++ b/packages/core/src/modules/proofs/handlers/PresentationHandler.ts @@ -46,8 +46,8 @@ export class PresentationHandler implements Handler { return createOutboundServiceMessage({ payload: message, - service: recipientService.toDidCommService(), - senderKey: ourService.recipientKeys[0], + service: recipientService.resolvedDidCommService, + senderKey: ourService.resolvedDidCommService.recipientKeys[0], }) } diff --git a/packages/core/src/modules/proofs/handlers/RequestPresentationHandler.ts b/packages/core/src/modules/proofs/handlers/RequestPresentationHandler.ts index bbedf910a6..b2df52c6d4 100644 --- a/packages/core/src/modules/proofs/handlers/RequestPresentationHandler.ts +++ b/packages/core/src/modules/proofs/handlers/RequestPresentationHandler.ts @@ -80,8 +80,8 @@ export class RequestPresentationHandler implements Handler { return createOutboundServiceMessage({ payload: message, - service: recipientService.toDidCommService(), - senderKey: ourService.recipientKeys[0], + service: recipientService.resolvedDidCommService, + senderKey: ourService.resolvedDidCommService.recipientKeys[0], }) } diff --git a/packages/core/src/modules/routing/RecipientModule.ts b/packages/core/src/modules/routing/RecipientModule.ts index 7d194fb184..6c60994e7c 100644 --- a/packages/core/src/modules/routing/RecipientModule.ts +++ b/packages/core/src/modules/routing/RecipientModule.ts @@ -4,6 +4,7 @@ import type { OutboundMessage } from '../../types' import type { ConnectionRecord } from '../connections' import type { MediationStateChangedEvent } from './RoutingEvents' import type { MediationRecord } from './index' +import type { GetRoutingOptions } from './services/MediationRecipientService' import { firstValueFrom, interval, ReplaySubject, timer } from 'rxjs' import { filter, first, takeUntil, throttleTime, timeout, tap, delayWhen } from 'rxjs/operators' @@ -17,8 +18,8 @@ import { MessageSender } from '../../agent/MessageSender' import { createOutboundMessage } from '../../agent/helpers' import { AriesFrameworkError } from '../../error' import { TransportEventTypes } from '../../transport' -import { ConnectionInvitationMessage } from '../connections' import { ConnectionService } from '../connections/services' +import { DidsModule } from '../dids' import { DiscoverFeaturesModule } from '../discover-features' import { MediatorPickupStrategy } from './MediatorPickupStrategy' @@ -38,6 +39,7 @@ export class RecipientModule { private agentConfig: AgentConfig private mediationRecipientService: MediationRecipientService private connectionService: ConnectionService + private dids: DidsModule private messageSender: MessageSender private messageReceiver: MessageReceiver private eventEmitter: EventEmitter @@ -50,6 +52,7 @@ export class RecipientModule { agentConfig: AgentConfig, mediationRecipientService: MediationRecipientService, connectionService: ConnectionService, + dids: DidsModule, messageSender: MessageSender, messageReceiver: MessageReceiver, eventEmitter: EventEmitter, @@ -58,6 +61,7 @@ export class RecipientModule { ) { this.agentConfig = agentConfig this.connectionService = connectionService + this.dids = dids this.mediationRecipientService = mediationRecipientService this.messageSender = messageSender this.messageReceiver = messageReceiver @@ -106,14 +110,15 @@ export class RecipientModule { } private async openMediationWebSocket(mediator: MediationRecord) { - const { message, connectionRecord } = await this.connectionService.createTrustPing(mediator.connectionId, { + const connection = await this.connectionService.getById(mediator.connectionId) + const { message, connectionRecord } = await this.connectionService.createTrustPing(connection, { responseRequested: false, }) const websocketSchemes = ['ws', 'wss'] - const hasWebSocketTransport = connectionRecord.theirDidDoc?.didCommServices?.some((s) => - websocketSchemes.includes(s.protocolScheme) - ) + const didDocument = connectionRecord.theirDid && (await this.dids.resolveDidDocument(connectionRecord.theirDid)) + const services = didDocument && didDocument?.didCommServices + const hasWebSocketTransport = services && services.some((s) => websocketSchemes.includes(s.protocolScheme)) if (!hasWebSocketTransport) { throw new AriesFrameworkError('Cannot open websocket to connection without websocket service endpoint') @@ -332,64 +337,33 @@ export class RecipientModule { return event.payload.mediationRecord } - public async provision(mediatorConnInvite: string) { - this.logger.debug('Provision Mediation with invitation', { invite: mediatorConnInvite }) - // Connect to mediator through provided invitation - // Also requests mediation and sets as default mediator - // Assumption: processInvitation is a URL-encoded invitation - const invitation = await ConnectionInvitationMessage.fromUrl(mediatorConnInvite) - - // Check if invitation has been used already - if (!invitation || !invitation.recipientKeys || !invitation.recipientKeys[0]) { - throw new AriesFrameworkError(`Invalid mediation invitation. Invitation must have at least one recipient key.`) - } - - let mediationRecord: MediationRecord | null = null - - const connection = await this.connectionService.findByInvitationKey(invitation.recipientKeys[0]) - if (!connection) { - this.logger.debug('Mediation Connection does not exist, creating connection') - // We don't want to use the current default mediator when connecting to another mediator - const routing = await this.mediationRecipientService.getRouting({ useDefaultMediator: false }) - - const invitationConnectionRecord = await this.connectionService.processInvitation(invitation, { - autoAcceptConnection: true, - routing, - }) - this.logger.debug('Processed mediation invitation', { - connectionId: invitationConnectionRecord, - }) - const { message, connectionRecord } = await this.connectionService.createRequest(invitationConnectionRecord.id) - const outbound = createOutboundMessage(connectionRecord, message) - await this.messageSender.sendMessage(outbound) - - const completedConnectionRecord = await this.connectionService.returnWhenIsConnected(connectionRecord.id) - this.logger.debug('Connection completed, requesting mediation') - mediationRecord = await this.requestAndAwaitGrant(completedConnectionRecord, 60000) // TODO: put timeout as a config parameter - this.logger.debug('Mediation Granted, setting as default mediator') - await this.setDefaultMediator(mediationRecord) + /** + * Requests mediation for a given connection and sets that as default mediator. + * + * @param connection connection record which will be used for mediation + * @returns mediation record + */ + public async provision(connection: ConnectionRecord) { + this.logger.debug('Connection completed, requesting mediation') + + let mediation = await this.findByConnectionId(connection.id) + if (!mediation) { + this.agentConfig.logger.info(`Requesting mediation for connection ${connection.id}`) + mediation = await this.requestAndAwaitGrant(connection, 60000) // TODO: put timeout as a config parameter + this.logger.debug('Mediation granted, setting as default mediator') + await this.setDefaultMediator(mediation) this.logger.debug('Default mediator set') - } else if (connection && !connection.isReady) { - const connectionRecord = await this.connectionService.returnWhenIsConnected(connection.id) - mediationRecord = await this.requestAndAwaitGrant(connectionRecord, 60000) // TODO: put timeout as a config parameter - await this.setDefaultMediator(mediationRecord) } else { - this.agentConfig.logger.warn('Mediator Invitation in configuration has already been used to create a connection.') - const mediator = await this.findByConnectionId(connection.id) - if (!mediator) { - this.agentConfig.logger.warn('requesting mediation over connection.') - mediationRecord = await this.requestAndAwaitGrant(connection, 60000) // TODO: put timeout as a config parameter - await this.setDefaultMediator(mediationRecord) - } else { - this.agentConfig.logger.warn( - `Mediator Invitation in configuration has already been ${ - mediator.isReady ? 'granted' : 'requested' - } mediation` - ) - } + this.agentConfig.logger.warn( + `Mediator invitation has already been ${mediation.isReady ? 'granted' : 'requested'}` + ) } - return mediationRecord + return mediation + } + + public async getRouting(options: GetRoutingOptions) { + return this.mediationRecipientService.getRouting(options) } // Register handlers for the several messages for the mediator. diff --git a/packages/core/src/modules/routing/__tests__/mediation.test.ts b/packages/core/src/modules/routing/__tests__/mediation.test.ts index a267352a87..7c77711ed0 100644 --- a/packages/core/src/modules/routing/__tests__/mediation.test.ts +++ b/packages/core/src/modules/routing/__tests__/mediation.test.ts @@ -1,3 +1,4 @@ +/* eslint-disable @typescript-eslint/no-non-null-assertion */ import type { SubjectMessage } from '../../../../../../tests/transport/SubjectInboundTransport' import { Subject } from 'rxjs' @@ -6,18 +7,22 @@ import { SubjectInboundTransport } from '../../../../../../tests/transport/Subje import { SubjectOutboundTransport } from '../../../../../../tests/transport/SubjectOutboundTransport' import { getBaseConfig, waitForBasicMessage } from '../../../../tests/helpers' import { Agent } from '../../../agent/Agent' -import { ConnectionRecord } from '../../connections' +import { ConnectionRecord, HandshakeProtocol } from '../../connections' import { MediatorPickupStrategy } from '../MediatorPickupStrategy' import { MediationState } from '../models/MediationState' -const recipientConfig = getBaseConfig('Mediation: Recipient') +const recipientConfig = getBaseConfig('Mediation: Recipient', { + indyLedgers: [], +}) const mediatorConfig = getBaseConfig('Mediation: Mediator', { autoAcceptMediationRequests: true, endpoints: ['rxjs:mediator'], + indyLedgers: [], }) const senderConfig = getBaseConfig('Mediation: Sender', { endpoints: ['rxjs:sender'], + indyLedgers: [], }) describe('mediator establishment', () => { @@ -26,12 +31,12 @@ describe('mediator establishment', () => { let senderAgent: Agent afterEach(async () => { - await recipientAgent.shutdown() - await recipientAgent.wallet.delete() - await mediatorAgent.shutdown() - await mediatorAgent.wallet.delete() - await senderAgent.shutdown() - await senderAgent.wallet.delete() + await recipientAgent?.shutdown() + await recipientAgent?.wallet.delete() + await mediatorAgent?.shutdown() + await mediatorAgent?.wallet.delete() + await senderAgent?.shutdown() + await senderAgent?.wallet.delete() }) test(`Mediation end-to-end flow @@ -58,18 +63,17 @@ describe('mediator establishment', () => { await mediatorAgent.initialize() // Create connection to use for recipient - const { - invitation: mediatorInvitation, - connectionRecord: { id: mediatorRecipientConnectionId }, - } = await mediatorAgent.connections.createConnection({ - autoAcceptConnection: true, + const mediatorOutOfBandRecord = await mediatorAgent.oob.createInvitation({ + label: 'mediator invitation', + handshake: true, + handshakeProtocols: [HandshakeProtocol.DidExchange], }) // Initialize recipient with mediation connections invitation recipientAgent = new Agent( { ...recipientConfig.config, - mediatorConnectionsInvite: mediatorInvitation.toUrl({ + mediatorConnectionsInvite: mediatorOutOfBandRecord.outOfBandInvitation.toUrl({ domain: 'https://example.com/ssi', }), mediatorPickupStrategy: MediatorPickupStrategy.PickUpV1, @@ -82,17 +86,18 @@ describe('mediator establishment', () => { const recipientMediator = await recipientAgent.mediationRecipient.findDefaultMediator() // eslint-disable-next-line @typescript-eslint/no-non-null-asserted-optional-chain, @typescript-eslint/no-non-null-assertion - const recipientMediatorConnection = await recipientAgent.connections.getById(recipientMediator?.connectionId!) + const recipientMediatorConnection = await recipientAgent.connections.getById(recipientMediator!.connectionId) expect(recipientMediatorConnection).toBeInstanceOf(ConnectionRecord) expect(recipientMediatorConnection?.isReady).toBe(true) - const mediatorRecipientConnection = await mediatorAgent.connections.getById(mediatorRecipientConnectionId) - expect(mediatorRecipientConnection.isReady).toBe(true) + const [mediatorRecipientConnection] = await mediatorAgent.connections.findAllByOutOfBandId( + mediatorOutOfBandRecord.id + ) + expect(mediatorRecipientConnection!.isReady).toBe(true) - // eslint-disable-next-line @typescript-eslint/no-non-null-assertion - expect(mediatorRecipientConnection).toBeConnectedWith(recipientMediatorConnection!) - expect(recipientMediatorConnection).toBeConnectedWith(mediatorRecipientConnection) + expect(mediatorRecipientConnection).toBeConnectedWith(recipientMediatorConnection) + expect(recipientMediatorConnection).toBeConnectedWith(mediatorRecipientConnection!) expect(recipientMediator?.state).toBe(MediationState.Granted) @@ -102,37 +107,27 @@ describe('mediator establishment', () => { senderAgent.registerInboundTransport(new SubjectInboundTransport(senderMessages)) await senderAgent.initialize() - const { - invitation: recipientInvitation, - connectionRecord: { id: recipientSenderConnectionId }, - } = await recipientAgent.connections.createConnection({ - autoAcceptConnection: true, + const recipientOutOfBandRecord = await recipientAgent.oob.createInvitation({ + label: 'mediator invitation', + handshake: true, + handshakeProtocols: [HandshakeProtocol.Connections], }) + const recipientInvitation = recipientOutOfBandRecord.outOfBandInvitation - const endpoints = mediatorConfig.config.endpoints ?? [] - expect(recipientInvitation.serviceEndpoint).toBe(endpoints[0]) - - let senderRecipientConnection = await senderAgent.connections.receiveInvitationFromUrl( - recipientInvitation.toUrl({ - domain: 'https://example.com/ssi', - }), - { - autoAcceptConnection: true, - } - ) - - const recipientSenderConnection = await recipientAgent.connections.returnWhenIsConnected( - recipientSenderConnectionId + let { connectionRecord: senderRecipientConnection } = await senderAgent.oob.receiveInvitationFromUrl( + recipientInvitation.toUrl({ domain: 'https://example.com/ssi' }) ) - senderRecipientConnection = await senderAgent.connections.getById(senderRecipientConnection.id) + senderRecipientConnection = await senderAgent.connections.returnWhenIsConnected(senderRecipientConnection!.id) + let [recipientSenderConnection] = await recipientAgent.connections.findAllByOutOfBandId(recipientOutOfBandRecord.id) expect(recipientSenderConnection).toBeConnectedWith(senderRecipientConnection) - expect(senderRecipientConnection).toBeConnectedWith(recipientSenderConnection) - - expect(recipientSenderConnection.isReady).toBe(true) + expect(senderRecipientConnection).toBeConnectedWith(recipientSenderConnection!) + expect(recipientSenderConnection!.isReady).toBe(true) expect(senderRecipientConnection.isReady).toBe(true) + recipientSenderConnection = await recipientAgent.connections.returnWhenIsConnected(recipientSenderConnection!.id) + const message = 'hello, world' await senderAgent.basicMessages.sendMessage(senderRecipientConnection.id, message) @@ -160,18 +155,19 @@ describe('mediator establishment', () => { await mediatorAgent.initialize() // Create connection to use for recipient - const { - invitation: mediatorInvitation, - connectionRecord: { id: mediatorRecipientConnectionId }, - } = await mediatorAgent.connections.createConnection({ - autoAcceptConnection: true, + const mediatorOutOfBandRecord = await mediatorAgent.oob.createInvitation({ + label: 'mediator invitation', + handshake: true, + handshakeProtocols: [HandshakeProtocol.Connections], }) // Initialize recipient with mediation connections invitation recipientAgent = new Agent( { ...recipientConfig.config, - mediatorConnectionsInvite: mediatorInvitation.toUrl({ domain: 'https://example.com/ssi' }), + mediatorConnectionsInvite: mediatorOutOfBandRecord.outOfBandInvitation.toUrl({ + domain: 'https://example.com/ssi', + }), mediatorPickupStrategy: MediatorPickupStrategy.PickUpV1, }, recipientConfig.agentDependencies @@ -181,18 +177,17 @@ describe('mediator establishment', () => { await recipientAgent.initialize() const recipientMediator = await recipientAgent.mediationRecipient.findDefaultMediator() - // eslint-disable-next-line @typescript-eslint/no-non-null-asserted-optional-chain, @typescript-eslint/no-non-null-assertion - const recipientMediatorConnection = await recipientAgent.connections.getById(recipientMediator?.connectionId!) - - expect(recipientMediatorConnection).toBeInstanceOf(ConnectionRecord) + const recipientMediatorConnection = await recipientAgent.connections.getById(recipientMediator!.connectionId) expect(recipientMediatorConnection?.isReady).toBe(true) - const mediatorRecipientConnection = await mediatorAgent.connections.getById(mediatorRecipientConnectionId) - expect(mediatorRecipientConnection.isReady).toBe(true) + const [mediatorRecipientConnection] = await mediatorAgent.connections.findAllByOutOfBandId( + mediatorOutOfBandRecord.id + ) + expect(mediatorRecipientConnection!.isReady).toBe(true) // eslint-disable-next-line @typescript-eslint/no-non-null-assertion expect(mediatorRecipientConnection).toBeConnectedWith(recipientMediatorConnection!) - expect(recipientMediatorConnection).toBeConnectedWith(mediatorRecipientConnection) + expect(recipientMediatorConnection).toBeConnectedWith(mediatorRecipientConnection!) expect(recipientMediator?.state).toBe(MediationState.Granted) @@ -201,7 +196,7 @@ describe('mediator establishment', () => { recipientAgent = new Agent( { ...recipientConfig.config, - mediatorConnectionsInvite: mediatorInvitation.toUrl({ + mediatorConnectionsInvite: mediatorOutOfBandRecord.outOfBandInvitation.toUrl({ domain: 'https://example.com/ssi', }), mediatorPickupStrategy: MediatorPickupStrategy.PickUpV1, @@ -218,35 +213,25 @@ describe('mediator establishment', () => { senderAgent.registerInboundTransport(new SubjectInboundTransport(senderMessages)) await senderAgent.initialize() - const { - invitation: recipientInvitation, - connectionRecord: { id: recipientSenderConnectionId }, - } = await recipientAgent.connections.createConnection({ - autoAcceptConnection: true, + const recipientOutOfBandRecord = await recipientAgent.oob.createInvitation({ + label: 'mediator invitation', + handshake: true, + handshakeProtocols: [HandshakeProtocol.Connections], }) + const recipientInvitation = recipientOutOfBandRecord.outOfBandInvitation - const endpoints = mediatorConfig.config.endpoints ?? [] - expect(recipientInvitation.serviceEndpoint).toBe(endpoints[0]) - - let senderRecipientConnection = await senderAgent.connections.receiveInvitationFromUrl( - recipientInvitation.toUrl({ - domain: 'https://example.com/ssi', - }), - { - autoAcceptConnection: true, - } + let { connectionRecord: senderRecipientConnection } = await senderAgent.oob.receiveInvitationFromUrl( + recipientInvitation.toUrl({ domain: 'https://example.com/ssi' }) ) - const recipientSenderConnection = await recipientAgent.connections.returnWhenIsConnected( - recipientSenderConnectionId + senderRecipientConnection = await senderAgent.connections.returnWhenIsConnected(senderRecipientConnection!.id) + const [recipientSenderConnection] = await recipientAgent.connections.findAllByOutOfBandId( + recipientOutOfBandRecord.id ) - - senderRecipientConnection = await senderAgent.connections.getById(senderRecipientConnection.id) - expect(recipientSenderConnection).toBeConnectedWith(senderRecipientConnection) - expect(senderRecipientConnection).toBeConnectedWith(recipientSenderConnection) + expect(senderRecipientConnection).toBeConnectedWith(recipientSenderConnection!) - expect(recipientSenderConnection.isReady).toBe(true) + expect(recipientSenderConnection!.isReady).toBe(true) expect(senderRecipientConnection.isReady).toBe(true) const message = 'hello, world' diff --git a/packages/core/src/modules/routing/__tests__/mediationRecipient.test.ts b/packages/core/src/modules/routing/__tests__/mediationRecipient.test.ts index 23fb4a9041..e46829ade0 100644 --- a/packages/core/src/modules/routing/__tests__/mediationRecipient.test.ts +++ b/packages/core/src/modules/routing/__tests__/mediationRecipient.test.ts @@ -8,8 +8,9 @@ import { InboundMessageContext } from '../../../agent/models/InboundMessageConte import { Attachment } from '../../../decorators/attachment/Attachment' import { AriesFrameworkError } from '../../../error' import { IndyWallet } from '../../../wallet/IndyWallet' -import { ConnectionRepository, ConnectionState } from '../../connections' +import { ConnectionRepository, DidExchangeState } from '../../connections' import { ConnectionService } from '../../connections/services/ConnectionService' +import { DidRepository } from '../../dids/repository' import { DeliveryRequestMessage, MessageDeliveryMessage, MessagesReceivedMessage, StatusMessage } from '../messages' import { MediationRole, MediationState } from '../models' import { MediationRecord, MediationRepository } from '../repository' @@ -21,6 +22,9 @@ const MediationRepositoryMock = MediationRepository as jest.Mock +jest.mock('../../dids/repository/DidRepository') +const DidRepositoryMock = DidRepository as jest.Mock + jest.mock('../../../agent/EventEmitter') const EventEmitterMock = EventEmitter as jest.Mock @@ -30,7 +34,7 @@ const MessageSenderMock = MessageSender as jest.Mock const connectionImageUrl = 'https://example.com/image.png' const mockConnection = getMockConnection({ - state: ConnectionState.Complete, + state: DidExchangeState.Completed, }) describe('MediationRecipientService', () => { @@ -41,6 +45,7 @@ describe('MediationRecipientService', () => { let wallet: Wallet let mediationRepository: MediationRepository + let didRepository: DidRepository let eventEmitter: EventEmitter let connectionService: ConnectionService let connectionRepository: ConnectionRepository @@ -61,7 +66,8 @@ describe('MediationRecipientService', () => { beforeEach(async () => { eventEmitter = new EventEmitterMock() connectionRepository = new ConnectionRepositoryMock() - connectionService = new ConnectionService(wallet, config, connectionRepository, eventEmitter) + didRepository = new DidRepositoryMock() + connectionService = new ConnectionService(wallet, config, connectionRepository, didRepository, eventEmitter) mediationRepository = new MediationRepositoryMock() messageSender = new MessageSenderMock() diff --git a/packages/core/src/modules/routing/handlers/KeylistUpdateResponseHandler.ts b/packages/core/src/modules/routing/handlers/KeylistUpdateResponseHandler.ts index 193ad60ff7..23a0c4a96f 100644 --- a/packages/core/src/modules/routing/handlers/KeylistUpdateResponseHandler.ts +++ b/packages/core/src/modules/routing/handlers/KeylistUpdateResponseHandler.ts @@ -13,7 +13,7 @@ export class KeylistUpdateResponseHandler implements Handler { public async handle(messageContext: HandlerInboundMessage) { if (!messageContext.connection) { - throw new Error(`Connection for verkey ${messageContext.recipientVerkey} not found!`) + throw new Error(`Connection for verkey ${messageContext.recipientKey} not found!`) } return await this.mediationRecipientService.processKeylistUpdateResults(messageContext) } diff --git a/packages/core/src/modules/routing/handlers/MediationDenyHandler.ts b/packages/core/src/modules/routing/handlers/MediationDenyHandler.ts index ec1413640a..fa32169a7b 100644 --- a/packages/core/src/modules/routing/handlers/MediationDenyHandler.ts +++ b/packages/core/src/modules/routing/handlers/MediationDenyHandler.ts @@ -13,7 +13,7 @@ export class MediationDenyHandler implements Handler { public async handle(messageContext: HandlerInboundMessage) { if (!messageContext.connection) { - throw new Error(`Connection for verkey ${messageContext.recipientVerkey} not found!`) + throw new Error(`Connection for verkey ${messageContext.recipientKey} not found!`) } await this.mediationRecipientService.processMediationDeny(messageContext) } diff --git a/packages/core/src/modules/routing/handlers/MediationGrantHandler.ts b/packages/core/src/modules/routing/handlers/MediationGrantHandler.ts index a5bed233ed..5706216fbb 100644 --- a/packages/core/src/modules/routing/handlers/MediationGrantHandler.ts +++ b/packages/core/src/modules/routing/handlers/MediationGrantHandler.ts @@ -13,7 +13,7 @@ export class MediationGrantHandler implements Handler { public async handle(messageContext: HandlerInboundMessage) { if (!messageContext.connection) { - throw new Error(`Connection for verkey ${messageContext.recipientVerkey} not found!`) + throw new Error(`Connection for key ${messageContext.recipientKey} not found!`) } await this.mediationRecipientService.processMediationGrant(messageContext) } diff --git a/packages/core/src/modules/routing/handlers/MediationRequestHandler.ts b/packages/core/src/modules/routing/handlers/MediationRequestHandler.ts index 67a0b4b864..9a4b90ca7c 100644 --- a/packages/core/src/modules/routing/handlers/MediationRequestHandler.ts +++ b/packages/core/src/modules/routing/handlers/MediationRequestHandler.ts @@ -18,7 +18,7 @@ export class MediationRequestHandler implements Handler { public async handle(messageContext: HandlerInboundMessage) { if (!messageContext.connection) { - throw new AriesFrameworkError(`Connection for verkey ${messageContext.recipientVerkey} not found!`) + throw new AriesFrameworkError(`Connection for verkey ${messageContext.recipientKey} not found!`) } const mediationRecord = await this.mediatorService.processMediationRequest(messageContext) diff --git a/packages/core/src/storage/migration/__tests__/backup.test.ts b/packages/core/src/storage/migration/__tests__/backup.test.ts index 92ebd421d9..b0622903ac 100644 --- a/packages/core/src/storage/migration/__tests__/backup.test.ts +++ b/packages/core/src/storage/migration/__tests__/backup.test.ts @@ -30,6 +30,15 @@ describe('UpdateAssistant | Backup', () => { beforeEach(async () => { agent = new Agent(config, agentDependencies, container) + backupPath = `${agent.config.fileSystem.basePath}/afj/migration/backup/${backupIdentifier}` + + // If tests fail it's possible the cleanup has been skipped. So remove before running tests + if (await agent.config.fileSystem.exists(backupPath)) { + unlinkSync(backupPath) + } + if (await agent.config.fileSystem.exists(`${backupPath}-error`)) { + unlinkSync(`${backupPath}-error`) + } updateAssistant = new UpdateAssistant(agent, { v0_1ToV0_2: { @@ -38,13 +47,9 @@ describe('UpdateAssistant | Backup', () => { }) await updateAssistant.initialize() - - backupPath = `${agent.config.fileSystem.basePath}/afj/migration/backup/${backupIdentifier}` }) afterEach(async () => { - unlinkSync(backupPath) - await agent.shutdown() await agent.wallet.delete() }) @@ -85,7 +90,7 @@ describe('UpdateAssistant | Backup', () => { expect((await credentialRepository.getAll()).sort((a, b) => a.id.localeCompare(b.id))).toMatchSnapshot() }) - it('should restore the backup if an error occurs backup', async () => { + it('should restore the backup if an error occurs during the update', async () => { const aliceCredentialRecordsJson = JSON.parse(aliceCredentialRecordsString) // eslint-disable-next-line @typescript-eslint/no-explicit-any @@ -134,7 +139,6 @@ describe('UpdateAssistant | Backup', () => { // Backup should exist after update expect(await fileSystem.exists(backupPath)).toBe(true) expect(await fileSystem.exists(`${backupPath}-error`)).toBe(true) - unlinkSync(`${backupPath}-error`) // Wallet should be same as when we started because of backup expect((await credentialRepository.getAll()).sort((a, b) => a.id.localeCompare(b.id))).toEqual( diff --git a/packages/core/src/types.ts b/packages/core/src/types.ts index 3524aa2eb7..a8327e36a2 100644 --- a/packages/core/src/types.ts +++ b/packages/core/src/types.ts @@ -1,9 +1,11 @@ import type { AgentMessage } from './agent/AgentMessage' +import type { ResolvedDidCommService } from './agent/MessageSender' import type { Logger } from './logger' import type { ConnectionRecord } from './modules/connections' import type { AutoAcceptCredential } from './modules/credentials/CredentialAutoAcceptType' -import type { DidCommService } from './modules/dids/domain/service/DidCommService' +import type { Key } from './modules/dids/domain/Key' import type { IndyPoolConfig } from './modules/ledger/IndyPool' +import type { OutOfBandRecord } from './modules/oob/repository' import type { AutoAcceptProof } from './modules/proofs' import type { MediatorPickupStrategy } from './modules/routing' @@ -86,22 +88,17 @@ export interface PlaintextMessage { [key: string]: unknown } -export interface DecryptedMessageContext { - plaintextMessage: PlaintextMessage - senderKey?: string - recipientKey?: string -} - export interface OutboundMessage { payload: T connection: ConnectionRecord sessionId?: string + outOfBand?: OutOfBandRecord } export interface OutboundServiceMessage { payload: T - service: DidCommService - senderKey: string + service: ResolvedDidCommService + senderKey: Key } export interface OutboundPackage { diff --git a/packages/core/src/utils/__tests__/JsonTransformer.test.ts b/packages/core/src/utils/__tests__/JsonTransformer.test.ts index 44c272f30a..71cce2e7d5 100644 --- a/packages/core/src/utils/__tests__/JsonTransformer.test.ts +++ b/packages/core/src/utils/__tests__/JsonTransformer.test.ts @@ -1,4 +1,4 @@ -import { ConnectionInvitationMessage, ConnectionRecord, DidDoc } from '../../modules/connections' +import { ConnectionInvitationMessage, ConnectionRecord } from '../../modules/connections' import { JsonTransformer } from '../JsonTransformer' describe('JsonTransformer', () => { @@ -69,12 +69,13 @@ describe('JsonTransformer', () => { expect(JsonTransformer.deserialize(jsonString, ConnectionInvitationMessage)).toEqual(invitation) }) - it('transforms JSON string to nested class instance', () => { + // TODO Use other testing object than connection because it does not contain `didDoc` anymore + it.skip('transforms JSON string to nested class instance', () => { const connectionString = `{"createdAt":"2021-06-06T10:16:02.740Z","did":"5AhYREdFcNAdxMhuFfMrG8","didDoc":{"@context":"https://w3id.org/did/v1","publicKey":[{"id":"5AhYREdFcNAdxMhuFfMrG8#1","controller":"5AhYREdFcNAdxMhuFfMrG8","type":"Ed25519VerificationKey2018","publicKeyBase58":"3GjajqxDHZfD4FCpMsA6K5mey782oVJgizapkYUTkYJC"}],"service":[{"id":"5AhYREdFcNAdxMhuFfMrG8#did-communication","serviceEndpoint":"didcomm:transport/queue","type":"did-communication","priority":1,"recipientKeys":["3GjajqxDHZfD4FCpMsA6K5mey782oVJgizapkYUTkYJC"],"routingKeys":[]},{"id":"5AhYREdFcNAdxMhuFfMrG8#IndyAgentService","serviceEndpoint":"didcomm:transport/queue","type":"IndyAgent","priority":0,"recipientKeys":["3GjajqxDHZfD4FCpMsA6K5mey782oVJgizapkYUTkYJC"],"routingKeys":[]}],"authentication":[{"publicKey":"5AhYREdFcNAdxMhuFfMrG8#1","type":"Ed25519SignatureAuthentication2018"}],"id":"5AhYREdFcNAdxMhuFfMrG8"},"verkey":"3GjajqxDHZfD4FCpMsA6K5mey782oVJgizapkYUTkYJC","state":"complete","role":"invitee","alias":"Mediator","invitation":{"@type":"https://didcomm.org/connections/1.0/invitation","@id":"f2938e83-4ea4-44ef-acb1-be2351112fec","label":"RoutingMediator02","recipientKeys":["DHf1TwnRHQdkdTUFAoSdQBPrVToNK6ULHo165Cbq7woB"],"serviceEndpoint":"https://mediator.animo.id/msg","routingKeys":[]},"theirDid":"PYYVEngpK4wsWM5aQuBQt5","theirDidDoc":{"@context":"https://w3id.org/did/v1","publicKey":[{"id":"PYYVEngpK4wsWM5aQuBQt5#1","controller":"PYYVEngpK4wsWM5aQuBQt5","type":"Ed25519VerificationKey2018","publicKeyBase58":"DHf1TwnRHQdkdTUFAoSdQBPrVToNK6ULHo165Cbq7woB"}],"service":[{"id":"PYYVEngpK4wsWM5aQuBQt5#did-communication","serviceEndpoint":"https://mediator.animo.id/msg","type":"did-communication","priority":1,"recipientKeys":["DHf1TwnRHQdkdTUFAoSdQBPrVToNK6ULHo165Cbq7woB"],"routingKeys":[]},{"id":"PYYVEngpK4wsWM5aQuBQt5#IndyAgentService","serviceEndpoint":"https://mediator.animo.id/msg","type":"IndyAgent","priority":0,"recipientKeys":["DHf1TwnRHQdkdTUFAoSdQBPrVToNK6ULHo165Cbq7woB"],"routingKeys":[]}],"authentication":[{"publicKey":"PYYVEngpK4wsWM5aQuBQt5#1","type":"Ed25519SignatureAuthentication2018"}],"id":"PYYVEngpK4wsWM5aQuBQt5"}}` const connection = JsonTransformer.deserialize(connectionString, ConnectionRecord) - expect(connection.didDoc).toBeInstanceOf(DidDoc) + // expect(connection.didDoc).toBeInstanceOf(DidDoc) }) }) }) diff --git a/packages/core/src/utils/uri.ts b/packages/core/src/utils/uri.ts new file mode 100644 index 0000000000..b25a4433fb --- /dev/null +++ b/packages/core/src/utils/uri.ts @@ -0,0 +1,4 @@ +export function getProtocolScheme(url: string) { + const [protocolScheme] = url.split(':') + return protocolScheme +} diff --git a/packages/core/src/utils/validators.ts b/packages/core/src/utils/validators.ts new file mode 100644 index 0000000000..3a822fdca9 --- /dev/null +++ b/packages/core/src/utils/validators.ts @@ -0,0 +1,29 @@ +import type { Constructor } from './mixins' +import type { ValidationOptions } from 'class-validator' + +import { isString, ValidateBy, isInstance, buildMessage } from 'class-validator' + +/** + * Checks if the value is an instance of the specified object. + */ +export function IsStringOrInstance(targetType: Constructor, validationOptions?: ValidationOptions): PropertyDecorator { + return ValidateBy( + { + name: 'isStringOrVerificationMethod', + constraints: [targetType], + validator: { + validate: (value, args): boolean => isString(value) || isInstance(value, args?.constraints[0]), + defaultMessage: buildMessage((eachPrefix, args) => { + if (args?.constraints[0]) { + return eachPrefix + `$property must be of type string or instance of ${args.constraints[0].name as string}` + } else { + return ( + eachPrefix + `isStringOrVerificationMethod decorator expects and object as value, but got falsy value.` + ) + } + }, validationOptions), + }, + }, + validationOptions + ) +} diff --git a/packages/core/src/wallet/IndyWallet.ts b/packages/core/src/wallet/IndyWallet.ts index 3c683e1ef6..3012565e0f 100644 --- a/packages/core/src/wallet/IndyWallet.ts +++ b/packages/core/src/wallet/IndyWallet.ts @@ -1,14 +1,13 @@ import type { Logger } from '../logger' import type { EncryptedMessage, - DecryptedMessageContext, WalletConfig, WalletExportImportConfig, WalletConfigRekey, KeyDerivationMethod, } from '../types' import type { Buffer } from '../utils/buffer' -import type { Wallet, DidInfo, DidConfig } from './Wallet' +import type { Wallet, DidInfo, DidConfig, UnpackedMessageContext } from './Wallet' import type { default as Indy, WalletStorageConfig } from 'indy-sdk' import { Lifecycle, scoped } from 'tsyringe' @@ -415,7 +414,7 @@ export class IndyWallet implements Wallet { } } - public async unpack(messagePackage: EncryptedMessage): Promise { + public async unpack(messagePackage: EncryptedMessage): Promise { try { const unpackedMessageBuffer = await this.indy.unpackMessage(this.handle, JsonEncoder.toBuffer(messagePackage)) const unpackedMessage = JsonEncoder.fromBuffer(unpackedMessageBuffer) diff --git a/packages/core/src/wallet/Wallet.ts b/packages/core/src/wallet/Wallet.ts index aa9debe092..649cc90a25 100644 --- a/packages/core/src/wallet/Wallet.ts +++ b/packages/core/src/wallet/Wallet.ts @@ -1,9 +1,9 @@ import type { EncryptedMessage, - DecryptedMessageContext, WalletConfig, WalletExportImportConfig, WalletConfigRekey, + PlaintextMessage, } from '../types' import type { Buffer } from '../utils/buffer' @@ -24,7 +24,7 @@ export interface Wallet { initPublicDid(didConfig: DidConfig): Promise createDid(didConfig?: DidConfig): Promise pack(payload: Record, recipientKeys: string[], senderVerkey?: string): Promise - unpack(encryptedMessage: EncryptedMessage): Promise + unpack(encryptedMessage: EncryptedMessage): Promise sign(data: Buffer, verkey: string): Promise verify(signerVerkey: string, data: Buffer, signature: Buffer): Promise generateNonce(): Promise @@ -38,3 +38,9 @@ export interface DidInfo { export interface DidConfig { seed?: string } + +export interface UnpackedMessageContext { + plaintextMessage: PlaintextMessage + senderKey?: string + recipientKey?: string +} diff --git a/packages/core/tests/TestMessage.ts b/packages/core/tests/TestMessage.ts index 299f1f6147..040e4303f7 100644 --- a/packages/core/tests/TestMessage.ts +++ b/packages/core/tests/TestMessage.ts @@ -7,5 +7,5 @@ export class TestMessage extends AgentMessage { this.id = this.generateId() } - public readonly type = 'https://didcomm.org/connections/1.0/invitation' + public type = 'https://didcomm.org/connections/1.0/invitation' } diff --git a/packages/core/tests/agents.test.ts b/packages/core/tests/agents.test.ts index 5100697f50..484d98aa4c 100644 --- a/packages/core/tests/agents.test.ts +++ b/packages/core/tests/agents.test.ts @@ -1,3 +1,4 @@ +/* eslint-disable @typescript-eslint/no-non-null-assertion */ import type { SubjectMessage } from '../../../tests/transport/SubjectInboundTransport' import type { ConnectionRecord } from '../src/modules/connections' @@ -6,6 +7,7 @@ import { Subject } from 'rxjs' import { SubjectInboundTransport } from '../../../tests/transport/SubjectInboundTransport' import { SubjectOutboundTransport } from '../../../tests/transport/SubjectOutboundTransport' import { Agent } from '../src/agent/Agent' +import { HandshakeProtocol } from '../src/modules/connections' import { waitForBasicMessage, getBaseConfig } from './helpers' @@ -48,11 +50,17 @@ describe('agents', () => { bobAgent.registerOutboundTransport(new SubjectOutboundTransport(subjectMap)) await bobAgent.initialize() - const aliceConnectionAtAliceBob = await aliceAgent.connections.createConnection() - const bobConnectionAtBobAlice = await bobAgent.connections.receiveInvitation(aliceConnectionAtAliceBob.invitation) + const aliceBobOutOfBandRecord = await aliceAgent.oob.createInvitation({ + handshakeProtocols: [HandshakeProtocol.Connections], + }) + + const { connectionRecord: bobConnectionAtBobAlice } = await bobAgent.oob.receiveInvitation( + aliceBobOutOfBandRecord.outOfBandInvitation + ) + bobConnection = await bobAgent.connections.returnWhenIsConnected(bobConnectionAtBobAlice!.id) - aliceConnection = await aliceAgent.connections.returnWhenIsConnected(aliceConnectionAtAliceBob.connectionRecord.id) - bobConnection = await bobAgent.connections.returnWhenIsConnected(bobConnectionAtBobAlice.id) + const [aliceConnectionAtAliceBob] = await aliceAgent.connections.findAllByOutOfBandId(aliceBobOutOfBandRecord.id) + aliceConnection = await aliceAgent.connections.returnWhenIsConnected(aliceConnectionAtAliceBob!.id) expect(aliceConnection).toBeConnectedWith(bobConnection) expect(bobConnection).toBeConnectedWith(aliceConnection) diff --git a/packages/core/tests/connectionless-proofs.test.ts b/packages/core/tests/connectionless-proofs.test.ts index 0eca5d09e9..c698c729fe 100644 --- a/packages/core/tests/connectionless-proofs.test.ts +++ b/packages/core/tests/connectionless-proofs.test.ts @@ -7,6 +7,7 @@ import { SubjectInboundTransport } from '../../../tests/transport/SubjectInbound import { SubjectOutboundTransport } from '../../../tests/transport/SubjectOutboundTransport' import { Agent } from '../src/agent/Agent' import { Attachment, AttachmentData } from '../src/decorators/attachment/Attachment' +import { HandshakeProtocol } from '../src/modules/connections' import { V1CredentialPreview } from '../src/modules/credentials' import { PredicateType, @@ -204,18 +205,29 @@ describe('Present Proof', () => { mediatorAgent.registerInboundTransport(new SubjectInboundTransport(mediatorMessages)) await mediatorAgent.initialize() - const faberMediationInvitation = await mediatorAgent.connections.createConnection() - const aliceMediationInvitation = await mediatorAgent.connections.createConnection() + const faberMediationOutOfBandRecord = await mediatorAgent.oob.createInvitation({ + label: 'faber invitation', + handshakeProtocols: [HandshakeProtocol.Connections], + }) + + const aliceMediationOutOfBandRecord = await mediatorAgent.oob.createInvitation({ + label: 'alice invitation', + handshakeProtocols: [HandshakeProtocol.Connections], + }) const faberConfig = getBaseConfig(`Connectionless proofs with mediator Faber-${unique}`, { autoAcceptProofs: AutoAcceptProof.Always, - mediatorConnectionsInvite: faberMediationInvitation.invitation.toUrl({ domain: 'https://example.com' }), + mediatorConnectionsInvite: faberMediationOutOfBandRecord.outOfBandInvitation.toUrl({ + domain: 'https://example.com', + }), mediatorPickupStrategy: MediatorPickupStrategy.PickUpV1, }) const aliceConfig = getBaseConfig(`Connectionless proofs with mediator Alice-${unique}`, { autoAcceptProofs: AutoAcceptProof.Always, - mediatorConnectionsInvite: aliceMediationInvitation.invitation.toUrl({ domain: 'https://example.com' }), + mediatorConnectionsInvite: aliceMediationOutOfBandRecord.outOfBandInvitation.toUrl({ + domain: 'https://example.com', + }), mediatorPickupStrategy: MediatorPickupStrategy.PickUpV1, }) diff --git a/packages/core/tests/connections.test.ts b/packages/core/tests/connections.test.ts index 3a5f57e855..e9cbe9906d 100644 --- a/packages/core/tests/connections.test.ts +++ b/packages/core/tests/connections.test.ts @@ -1,38 +1,48 @@ +/* eslint-disable @typescript-eslint/no-non-null-assertion */ import type { SubjectMessage } from '../../../tests/transport/SubjectInboundTransport' import { Subject } from 'rxjs' import { SubjectInboundTransport } from '../../../tests/transport/SubjectInboundTransport' import { SubjectOutboundTransport } from '../../../tests/transport/SubjectOutboundTransport' -import { ConnectionState } from '../src' +import { DidExchangeState, HandshakeProtocol } from '../src' import { Agent } from '../src/agent/Agent' +import { OutOfBandState } from '../src/modules/oob/domain/OutOfBandState' import { getBaseConfig } from './helpers' describe('connections', () => { let faberAgent: Agent let aliceAgent: Agent + let acmeAgent: Agent afterEach(async () => { await faberAgent.shutdown() await faberAgent.wallet.delete() await aliceAgent.shutdown() await aliceAgent.wallet.delete() + await acmeAgent.shutdown() + await acmeAgent.wallet.delete() }) - it('should be able to make multiple connections using a multi use invite', async () => { + it('one should be able to make multiple connections using a multi use invite', async () => { const faberConfig = getBaseConfig('Faber Agent Connections', { endpoints: ['rxjs:faber'], }) const aliceConfig = getBaseConfig('Alice Agent Connections', { endpoints: ['rxjs:alice'], }) + const acmeConfig = getBaseConfig('Acme Agent Connections', { + endpoints: ['rxjs:acme'], + }) const faberMessages = new Subject() const aliceMessages = new Subject() + const acmeMessages = new Subject() const subjectMap = { 'rxjs:faber': faberMessages, 'rxjs:alice': aliceMessages, + 'rxjs:acme': acmeMessages, } faberAgent = new Agent(faberConfig.config, faberConfig.agentDependencies) @@ -45,42 +55,46 @@ describe('connections', () => { aliceAgent.registerOutboundTransport(new SubjectOutboundTransport(subjectMap)) await aliceAgent.initialize() - const { - invitation, - connectionRecord: { id: faberConnectionId }, - } = await faberAgent.connections.createConnection({ + acmeAgent = new Agent(acmeConfig.config, acmeConfig.agentDependencies) + acmeAgent.registerInboundTransport(new SubjectInboundTransport(acmeMessages)) + acmeAgent.registerOutboundTransport(new SubjectOutboundTransport(subjectMap)) + await acmeAgent.initialize() + + const faberOutOfBandRecord = await faberAgent.oob.createInvitation({ + handshakeProtocols: [HandshakeProtocol.Connections], multiUseInvitation: true, }) + const invitation = faberOutOfBandRecord.outOfBandInvitation const invitationUrl = invitation.toUrl({ domain: 'https://example.com' }) - // Create first connection - let aliceFaberConnection1 = await aliceAgent.connections.receiveInvitationFromUrl(invitationUrl) - aliceFaberConnection1 = await aliceAgent.connections.returnWhenIsConnected(aliceFaberConnection1.id) - expect(aliceFaberConnection1.state).toBe(ConnectionState.Complete) + // Receive invitation first time with alice agent + let { connectionRecord: aliceFaberConnection } = await aliceAgent.oob.receiveInvitationFromUrl(invitationUrl) + aliceFaberConnection = await aliceAgent.connections.returnWhenIsConnected(aliceFaberConnection!.id) + expect(aliceFaberConnection.state).toBe(DidExchangeState.Completed) - // Create second connection - let aliceFaberConnection2 = await aliceAgent.connections.receiveInvitationFromUrl(invitationUrl) - aliceFaberConnection2 = await aliceAgent.connections.returnWhenIsConnected(aliceFaberConnection2.id) - expect(aliceFaberConnection2.state).toBe(ConnectionState.Complete) + // Receive invitation second time with acme agent + let { connectionRecord: acmeFaberConnection } = await acmeAgent.oob.receiveInvitationFromUrl(invitationUrl, { + reuseConnection: false, + }) + acmeFaberConnection = await acmeAgent.connections.returnWhenIsConnected(acmeFaberConnection!.id) + expect(acmeFaberConnection.state).toBe(DidExchangeState.Completed) - // eslint-disable-next-line @typescript-eslint/no-non-null-assertion - let faberAliceConnection1 = await faberAgent.connections.getByThreadId(aliceFaberConnection1.threadId!) - // eslint-disable-next-line @typescript-eslint/no-non-null-assertion - let faberAliceConnection2 = await faberAgent.connections.getByThreadId(aliceFaberConnection2.threadId!) + let faberAliceConnection = await faberAgent.connections.getByThreadId(aliceFaberConnection.threadId!) + let faberAcmeConnection = await faberAgent.connections.getByThreadId(acmeFaberConnection.threadId!) - faberAliceConnection1 = await faberAgent.connections.returnWhenIsConnected(faberAliceConnection1.id) - faberAliceConnection2 = await faberAgent.connections.returnWhenIsConnected(faberAliceConnection2.id) + faberAliceConnection = await faberAgent.connections.returnWhenIsConnected(faberAliceConnection.id) + faberAcmeConnection = await faberAgent.connections.returnWhenIsConnected(faberAcmeConnection.id) - expect(faberAliceConnection1).toBeConnectedWith(aliceFaberConnection1) - expect(faberAliceConnection2).toBeConnectedWith(aliceFaberConnection2) + expect(faberAliceConnection).toBeConnectedWith(aliceFaberConnection) + expect(faberAcmeConnection).toBeConnectedWith(acmeFaberConnection) - const faberConnection = await faberAgent.connections.getById(faberConnectionId) - // Expect initial connection to still be in state invited - return expect(faberConnection.state).toBe(ConnectionState.Invited) + expect(faberAliceConnection.id).not.toBe(faberAcmeConnection.id) + + return expect(faberOutOfBandRecord.state).toBe(OutOfBandState.AwaitResponse) }) - it('create multiple connections with multi use invite without inbound transport', async () => { + xit('should be able to make multiple connections using a multi use invite', async () => { const faberMessages = new Subject() const subjectMap = { 'rxjs:faber': faberMessages, @@ -102,28 +116,27 @@ describe('connections', () => { aliceAgent.registerOutboundTransport(new SubjectOutboundTransport(subjectMap)) await aliceAgent.initialize() - const { - invitation, - connectionRecord: { id: faberConnectionId }, - } = await faberAgent.connections.createConnection({ + const faberOutOfBandRecord = await faberAgent.oob.createInvitation({ + handshakeProtocols: [HandshakeProtocol.Connections], multiUseInvitation: true, }) + const invitation = faberOutOfBandRecord.outOfBandInvitation const invitationUrl = invitation.toUrl({ domain: 'https://example.com' }) // Create first connection - let aliceFaberConnection1 = await aliceAgent.connections.receiveInvitationFromUrl(invitationUrl) - aliceFaberConnection1 = await aliceAgent.connections.returnWhenIsConnected(aliceFaberConnection1.id) - expect(aliceFaberConnection1.state).toBe(ConnectionState.Complete) + let { connectionRecord: aliceFaberConnection1 } = await aliceAgent.oob.receiveInvitationFromUrl(invitationUrl) + aliceFaberConnection1 = await aliceAgent.connections.returnWhenIsConnected(aliceFaberConnection1!.id) + expect(aliceFaberConnection1.state).toBe(DidExchangeState.Completed) // Create second connection - let aliceFaberConnection2 = await aliceAgent.connections.receiveInvitationFromUrl(invitationUrl) - aliceFaberConnection2 = await aliceAgent.connections.returnWhenIsConnected(aliceFaberConnection2.id) - expect(aliceFaberConnection2.state).toBe(ConnectionState.Complete) + let { connectionRecord: aliceFaberConnection2 } = await aliceAgent.oob.receiveInvitationFromUrl(invitationUrl, { + reuseConnection: false, + }) + aliceFaberConnection2 = await aliceAgent.connections.returnWhenIsConnected(aliceFaberConnection2!.id) + expect(aliceFaberConnection2.state).toBe(DidExchangeState.Completed) - // eslint-disable-next-line @typescript-eslint/no-non-null-assertion let faberAliceConnection1 = await faberAgent.connections.getByThreadId(aliceFaberConnection1.threadId!) - // eslint-disable-next-line @typescript-eslint/no-non-null-assertion let faberAliceConnection2 = await faberAgent.connections.getByThreadId(aliceFaberConnection2.threadId!) faberAliceConnection1 = await faberAgent.connections.returnWhenIsConnected(faberAliceConnection1.id) @@ -132,8 +145,8 @@ describe('connections', () => { expect(faberAliceConnection1).toBeConnectedWith(aliceFaberConnection1) expect(faberAliceConnection2).toBeConnectedWith(aliceFaberConnection2) - const faberConnection = await faberAgent.connections.getById(faberConnectionId) - // Expect initial connection to still be in state invited - return expect(faberConnection.state).toBe(ConnectionState.Invited) + expect(faberAliceConnection1.id).not.toBe(faberAliceConnection2.id) + + return expect(faberOutOfBandRecord.state).toBe(OutOfBandState.AwaitResponse) }) }) diff --git a/packages/core/tests/helpers.ts b/packages/core/tests/helpers.ts index 271d9125db..53cd3402c1 100644 --- a/packages/core/tests/helpers.ts +++ b/packages/core/tests/helpers.ts @@ -1,3 +1,4 @@ +/* eslint-disable @typescript-eslint/no-non-null-assertion */ import type { SubjectMessage } from '../../../tests/transport/SubjectInboundTransport' import type { AutoAcceptProof, @@ -28,27 +29,31 @@ import { PresentationPreview, PresentationPreviewAttribute, PresentationPreviewPredicate, + HandshakeProtocol, + DidExchangeState, + DidExchangeRole, LogLevel, AgentConfig, AriesFrameworkError, BasicMessageEventTypes, - ConnectionInvitationMessage, ConnectionRecord, - ConnectionRole, - ConnectionState, CredentialEventTypes, CredentialState, - DidDoc, PredicateType, ProofEventTypes, ProofState, Agent, } from '../src' +import { KeyType } from '../src/crypto' import { Attachment, AttachmentData } from '../src/decorators/attachment/Attachment' import { AutoAcceptCredential } from '../src/modules/credentials/CredentialAutoAcceptType' import { CredentialProtocolVersion } from '../src/modules/credentials/CredentialProtocolVersion' import { V1CredentialPreview } from '../src/modules/credentials/protocol/v1/V1CredentialPreview' -import { DidCommService } from '../src/modules/dids' +import { DidCommV1Service, DidKey, Key } from '../src/modules/dids' +import { OutOfBandRole } from '../src/modules/oob/domain/OutOfBandRole' +import { OutOfBandState } from '../src/modules/oob/domain/OutOfBandState' +import { OutOfBandInvitation } from '../src/modules/oob/messages' +import { OutOfBandRecord } from '../src/modules/oob/repository' import { LinkedAttachment } from '../src/utils/LinkedAttachment' import { uuid } from '../src/utils/uuid' @@ -238,78 +243,89 @@ export async function waitForBasicMessage(agent: Agent, { content }: { content?: } export function getMockConnection({ - state = ConnectionState.Invited, - role = ConnectionRole.Invitee, + state = DidExchangeState.InvitationReceived, + role = DidExchangeRole.Requester, id = 'test', did = 'test-did', threadId = 'threadId', - verkey = 'key-1', - didDoc = new DidDoc({ - id: did, - publicKey: [], - authentication: [], - service: [ - new DidCommService({ - id: `${did};indy`, - serviceEndpoint: 'https://endpoint.com', - recipientKeys: [verkey], - }), - ], - }), tags = {}, theirLabel, - invitation = new ConnectionInvitationMessage({ - label: 'test', - recipientKeys: [verkey], - serviceEndpoint: 'https:endpoint.com/msg', - }), theirDid = 'their-did', - theirDidDoc = new DidDoc({ - id: theirDid, - publicKey: [], - authentication: [], - service: [ - new DidCommService({ - id: `${did};indy`, - serviceEndpoint: 'https://endpoint.com', - recipientKeys: [verkey], - }), - ], - }), multiUseInvitation = false, }: Partial = {}) { return new ConnectionRecord({ did, - didDoc, threadId, theirDid, - theirDidDoc, id, role, state, tags, - verkey, - invitation, theirLabel, multiUseInvitation, }) } -export async function makeConnection( - agentA: Agent, - agentB: Agent, - config?: { - autoAcceptConnection?: boolean - alias?: string - mediatorId?: string +export function getMockOutOfBand({ + label, + serviceEndpoint, + recipientKeys, + did, + mediatorId, + role, + state, + reusable, + reuseConnectionId, +}: { + label?: string + serviceEndpoint?: string + did?: string + mediatorId?: string + recipientKeys?: string[] + role?: OutOfBandRole + state?: OutOfBandState + reusable?: boolean + reuseConnectionId?: string +} = {}) { + const options = { + label: label ?? 'label', + accept: ['didcomm/aip1', 'didcomm/aip2;env=rfc19'], + handshakeProtocols: [HandshakeProtocol.DidExchange], + services: [ + new DidCommV1Service({ + id: `#inline-0`, + priority: 0, + serviceEndpoint: serviceEndpoint ?? 'http://example.com', + recipientKeys: recipientKeys || [ + new DidKey(Key.fromPublicKeyBase58('ByHnpUCFb1vAfh9CFZ8ZkmUZguURW8nSw889hy6rD8L7', KeyType.Ed25519)).did, + ], + routingKeys: [], + }), + ], } -) { - // eslint-disable-next-line prefer-const - let { invitation, connectionRecord: agentAConnection } = await agentA.connections.createConnection(config) - let agentBConnection = await agentB.connections.receiveInvitation(invitation) + const outOfBandInvitation = new OutOfBandInvitation(options) + const outOfBandRecord = new OutOfBandRecord({ + did: did || 'test-did', + mediatorId, + role: role || OutOfBandRole.Receiver, + state: state || OutOfBandState.Initial, + outOfBandInvitation: outOfBandInvitation, + reusable, + reuseConnectionId, + }) + return outOfBandRecord +} + +export async function makeConnection(agentA: Agent, agentB: Agent) { + const agentAOutOfBand = await agentA.oob.createInvitation({ + handshakeProtocols: [HandshakeProtocol.Connections], + }) + + let { connectionRecord: agentBConnection } = await agentB.oob.receiveInvitation(agentAOutOfBand.outOfBandInvitation) - agentAConnection = await agentA.connections.returnWhenIsConnected(agentAConnection.id) - agentBConnection = await agentB.connections.returnWhenIsConnected(agentBConnection.id) + agentBConnection = await agentB.connections.returnWhenIsConnected(agentBConnection!.id) + let [agentAConnection] = await agentA.connections.findAllByOutOfBandId(agentAOutOfBand.id) + agentAConnection = await agentA.connections.returnWhenIsConnected(agentAConnection!.id) return [agentAConnection, agentBConnection] } diff --git a/packages/core/tests/logger.ts b/packages/core/tests/logger.ts index 51c1126ccb..a8677ede59 100644 --- a/packages/core/tests/logger.ts +++ b/packages/core/tests/logger.ts @@ -7,6 +7,7 @@ import { Logger } from 'tslog' import { LogLevel } from '../src/logger' import { BaseLogger } from '../src/logger/BaseLogger' +import { replaceError } from '../src/logger/replaceError' function logToTransport(logObject: ILogObject) { appendFileSync('logs.txt', JSON.stringify(logObject) + '\n') @@ -55,7 +56,7 @@ export class TestLogger extends BaseLogger { const tsLogLevel = this.tsLogLevelMap[level] if (data) { - this.logger[tsLogLevel](message, data) + this.logger[tsLogLevel](message, JSON.parse(JSON.stringify(data, replaceError, 2))) } else { this.logger[tsLogLevel](message) } diff --git a/packages/core/tests/oob-mediation-provision.test.ts b/packages/core/tests/oob-mediation-provision.test.ts new file mode 100644 index 0000000000..9c84886099 --- /dev/null +++ b/packages/core/tests/oob-mediation-provision.test.ts @@ -0,0 +1,126 @@ +/* eslint-disable @typescript-eslint/no-non-null-assertion */ +import type { SubjectMessage } from '../../../tests/transport/SubjectInboundTransport' +import type { OutOfBandInvitation } from '../src/modules/oob/messages' + +import { Subject } from 'rxjs' + +import { SubjectInboundTransport } from '../../../tests/transport/SubjectInboundTransport' +import { SubjectOutboundTransport } from '../../../tests/transport/SubjectOutboundTransport' +import { Agent } from '../src/agent/Agent' +import { DidExchangeState, HandshakeProtocol } from '../src/modules/connections' +import { MediationState, MediatorPickupStrategy } from '../src/modules/routing' + +import { getBaseConfig, waitForBasicMessage } from './helpers' + +const faberConfig = getBaseConfig('OOB mediation provision - Faber Agent', { + endpoints: ['rxjs:faber'], +}) +const aliceConfig = getBaseConfig('OOB mediation provision - Alice Recipient Agent', { + endpoints: ['rxjs:alice'], + mediatorPickupStrategy: MediatorPickupStrategy.PickUpV1, +}) +const mediatorConfig = getBaseConfig('OOB mediation provision - Mediator Agent', { + endpoints: ['rxjs:mediator'], + autoAcceptMediationRequests: true, +}) + +describe('out of band with mediation set up with provision method', () => { + const makeConnectionConfig = { + goal: 'To make a connection', + goalCode: 'p2p-messaging', + label: 'Faber College', + handshake: true, + multiUseInvitation: false, + } + + let faberAgent: Agent + let aliceAgent: Agent + let mediatorAgent: Agent + + let mediatorOutOfBandInvitation: OutOfBandInvitation + + beforeAll(async () => { + const faberMessages = new Subject() + const aliceMessages = new Subject() + const mediatorMessages = new Subject() + const subjectMap = { + 'rxjs:faber': faberMessages, + 'rxjs:alice': aliceMessages, + 'rxjs:mediator': mediatorMessages, + } + + mediatorAgent = new Agent(mediatorConfig.config, mediatorConfig.agentDependencies) + mediatorAgent.registerInboundTransport(new SubjectInboundTransport(mediatorMessages)) + mediatorAgent.registerOutboundTransport(new SubjectOutboundTransport(subjectMap)) + await mediatorAgent.initialize() + + faberAgent = new Agent(faberConfig.config, faberConfig.agentDependencies) + faberAgent.registerInboundTransport(new SubjectInboundTransport(faberMessages)) + faberAgent.registerOutboundTransport(new SubjectOutboundTransport(subjectMap)) + await faberAgent.initialize() + + aliceAgent = new Agent(aliceConfig.config, aliceConfig.agentDependencies) + aliceAgent.registerInboundTransport(new SubjectInboundTransport(aliceMessages)) + aliceAgent.registerOutboundTransport(new SubjectOutboundTransport(subjectMap)) + const mediatorRouting = await mediatorAgent.mediationRecipient.getRouting({}) + const mediationOutOfBandRecord = await mediatorAgent.oob.createInvitation({ + ...makeConnectionConfig, + routing: mediatorRouting, + }) + mediatorOutOfBandInvitation = mediationOutOfBandRecord.outOfBandInvitation + + await aliceAgent.initialize() + let { connectionRecord } = await aliceAgent.oob.receiveInvitation(mediatorOutOfBandInvitation) + connectionRecord = await aliceAgent.connections.returnWhenIsConnected(connectionRecord!.id) + await aliceAgent.mediationRecipient.provision(connectionRecord!) + await aliceAgent.mediationRecipient.initialize() + }) + + afterAll(async () => { + await faberAgent.shutdown() + await faberAgent.wallet.delete() + await aliceAgent.shutdown() + await aliceAgent.wallet.delete() + await mediatorAgent.shutdown() + await mediatorAgent.wallet.delete() + }) + + test(`make a connection with ${HandshakeProtocol.DidExchange} on OOB invitation encoded in URL`, async () => { + // Check if mediation between Alice and Mediator has been set + const defaultMediator = await aliceAgent.mediationRecipient.findDefaultMediator() + expect(defaultMediator).not.toBeNull() + expect(defaultMediator?.state).toBe(MediationState.Granted) + + // Make a connection between Alice and Faber + const faberRouting = await faberAgent.mediationRecipient.getRouting({}) + const outOfBandRecord = await faberAgent.oob.createInvitation({ ...makeConnectionConfig, routing: faberRouting }) + const { outOfBandInvitation } = outOfBandRecord + const urlMessage = outOfBandInvitation.toUrl({ domain: 'http://example.com' }) + + let { connectionRecord: aliceFaberConnection } = await aliceAgent.oob.receiveInvitationFromUrl(urlMessage) + + aliceFaberConnection = await aliceAgent.connections.returnWhenIsConnected(aliceFaberConnection!.id) + expect(aliceFaberConnection.state).toBe(DidExchangeState.Completed) + + let [faberAliceConnection] = await faberAgent.connections.findAllByOutOfBandId(outOfBandRecord.id) + faberAliceConnection = await faberAgent.connections.returnWhenIsConnected(faberAliceConnection!.id) + expect(faberAliceConnection.state).toBe(DidExchangeState.Completed) + + expect(aliceFaberConnection).toBeConnectedWith(faberAliceConnection) + expect(faberAliceConnection).toBeConnectedWith(aliceFaberConnection) + + await aliceAgent.basicMessages.sendMessage(aliceFaberConnection.id, 'hello') + const basicMessage = await waitForBasicMessage(faberAgent, {}) + + expect(basicMessage.content).toBe('hello') + + // Test if we can call provision for the same out-of-band record, respectively connection + const reusedOutOfBandRecord = await aliceAgent.oob.findByInvitationId(mediatorOutOfBandInvitation.id) + const [reusedAliceMediatorConnection] = reusedOutOfBandRecord + ? await aliceAgent.connections.findAllByOutOfBandId(reusedOutOfBandRecord.id) + : [] + await aliceAgent.mediationRecipient.provision(reusedAliceMediatorConnection!) + const mediators = await aliceAgent.mediationRecipient.getMediators() + expect(mediators).toHaveLength(1) + }) +}) diff --git a/packages/core/tests/oob-mediation.test.ts b/packages/core/tests/oob-mediation.test.ts new file mode 100644 index 0000000000..e773740a43 --- /dev/null +++ b/packages/core/tests/oob-mediation.test.ts @@ -0,0 +1,129 @@ +/* eslint-disable @typescript-eslint/no-non-null-assertion */ +import type { SubjectMessage } from '../../../tests/transport/SubjectInboundTransport' + +import { Subject } from 'rxjs' + +import { SubjectInboundTransport } from '../../../tests/transport/SubjectInboundTransport' +import { SubjectOutboundTransport } from '../../../tests/transport/SubjectOutboundTransport' +import { Agent } from '../src/agent/Agent' +import { DidExchangeState, HandshakeProtocol } from '../src/modules/connections' +import { MediationState, MediatorPickupStrategy } from '../src/modules/routing' + +import { getBaseConfig, waitForBasicMessage } from './helpers' + +const faberConfig = getBaseConfig('OOB mediation - Faber Agent', { + endpoints: ['rxjs:faber'], +}) +const aliceConfig = getBaseConfig('OOB mediation - Alice Recipient Agent', { + endpoints: ['rxjs:alice'], + // FIXME: discover features returns that we support this protocol, but we don't support all roles + // we should return that we only support the mediator role so we don't have to explicitly declare this + mediatorPickupStrategy: MediatorPickupStrategy.PickUpV1, +}) +const mediatorConfig = getBaseConfig('OOB mediation - Mediator Agent', { + endpoints: ['rxjs:mediator'], + autoAcceptMediationRequests: true, +}) + +describe('out of band with mediation', () => { + const makeConnectionConfig = { + goal: 'To make a connection', + goalCode: 'p2p-messaging', + label: 'Faber College', + handshake: true, + multiUseInvitation: false, + } + + let faberAgent: Agent + let aliceAgent: Agent + let mediatorAgent: Agent + + beforeAll(async () => { + const faberMessages = new Subject() + const aliceMessages = new Subject() + const mediatorMessages = new Subject() + const subjectMap = { + 'rxjs:faber': faberMessages, + 'rxjs:alice': aliceMessages, + 'rxjs:mediator': mediatorMessages, + } + + faberAgent = new Agent(faberConfig.config, faberConfig.agentDependencies) + faberAgent.registerInboundTransport(new SubjectInboundTransport(faberMessages)) + faberAgent.registerOutboundTransport(new SubjectOutboundTransport(subjectMap)) + await faberAgent.initialize() + + aliceAgent = new Agent(aliceConfig.config, aliceConfig.agentDependencies) + aliceAgent.registerInboundTransport(new SubjectInboundTransport(aliceMessages)) + aliceAgent.registerOutboundTransport(new SubjectOutboundTransport(subjectMap)) + await aliceAgent.initialize() + + mediatorAgent = new Agent(mediatorConfig.config, mediatorConfig.agentDependencies) + mediatorAgent.registerInboundTransport(new SubjectInboundTransport(mediatorMessages)) + mediatorAgent.registerOutboundTransport(new SubjectOutboundTransport(subjectMap)) + await mediatorAgent.initialize() + }) + + afterAll(async () => { + await faberAgent.shutdown() + await faberAgent.wallet.delete() + await aliceAgent.shutdown() + await aliceAgent.wallet.delete() + await mediatorAgent.shutdown() + await mediatorAgent.wallet.delete() + }) + + test(`make a connection with ${HandshakeProtocol.DidExchange} on OOB invitation encoded in URL`, async () => { + // ========== Make a connection between Alice and Mediator agents ========== + const mediatorRouting = await mediatorAgent.mediationRecipient.getRouting({}) + const mediationOutOfBandRecord = await mediatorAgent.oob.createInvitation({ + ...makeConnectionConfig, + routing: mediatorRouting, + }) + const { outOfBandInvitation: mediatorOutOfBandInvitation } = mediationOutOfBandRecord + const mediatorUrlMessage = mediatorOutOfBandInvitation.toUrl({ domain: 'http://example.com' }) + + let { connectionRecord: aliceMediatorConnection } = await aliceAgent.oob.receiveInvitationFromUrl( + mediatorUrlMessage + ) + + aliceMediatorConnection = await aliceAgent.connections.returnWhenIsConnected(aliceMediatorConnection!.id) + expect(aliceMediatorConnection.state).toBe(DidExchangeState.Completed) + + let [mediatorAliceConnection] = await mediatorAgent.connections.findAllByOutOfBandId(mediationOutOfBandRecord.id) + mediatorAliceConnection = await mediatorAgent.connections.returnWhenIsConnected(mediatorAliceConnection!.id) + expect(mediatorAliceConnection.state).toBe(DidExchangeState.Completed) + + // ========== Set meadiation between Alice and Mediator agents ========== + const mediationRecord = await aliceAgent.mediationRecipient.requestAndAwaitGrant(aliceMediatorConnection) + expect(mediationRecord.state).toBe(MediationState.Granted) + + await aliceAgent.mediationRecipient.setDefaultMediator(mediationRecord) + await aliceAgent.mediationRecipient.initiateMessagePickup(mediationRecord) + const defaultMediator = await aliceAgent.mediationRecipient.findDefaultMediator() + expect(defaultMediator?.id).toBe(mediationRecord.id) + + // ========== Make a connection between Alice and Faber ========== + const faberRouting = await faberAgent.mediationRecipient.getRouting({}) + const outOfBandRecord = await faberAgent.oob.createInvitation({ ...makeConnectionConfig, routing: faberRouting }) + const { outOfBandInvitation } = outOfBandRecord + const urlMessage = outOfBandInvitation.toUrl({ domain: 'http://example.com' }) + + let { connectionRecord: aliceFaberConnection } = await aliceAgent.oob.receiveInvitationFromUrl(urlMessage) + + aliceFaberConnection = await aliceAgent.connections.returnWhenIsConnected(aliceFaberConnection!.id) + expect(aliceFaberConnection.state).toBe(DidExchangeState.Completed) + + let [faberAliceConnection] = await faberAgent.connections.findAllByOutOfBandId(outOfBandRecord.id) + faberAliceConnection = await faberAgent.connections.returnWhenIsConnected(faberAliceConnection!.id) + expect(faberAliceConnection.state).toBe(DidExchangeState.Completed) + + expect(aliceFaberConnection).toBeConnectedWith(faberAliceConnection) + expect(faberAliceConnection).toBeConnectedWith(aliceFaberConnection) + + await aliceAgent.basicMessages.sendMessage(aliceFaberConnection.id, 'hello') + const basicMessage = await waitForBasicMessage(faberAgent, {}) + + expect(basicMessage.content).toBe('hello') + }) +}) diff --git a/packages/core/tests/oob.test.ts b/packages/core/tests/oob.test.ts new file mode 100644 index 0000000000..523e80f5bb --- /dev/null +++ b/packages/core/tests/oob.test.ts @@ -0,0 +1,665 @@ +/* eslint-disable @typescript-eslint/no-non-null-assertion */ +import type { SubjectMessage } from '../../../tests/transport/SubjectInboundTransport' +import type { OfferCredentialOptions } from '../src/modules/credentials/CredentialsModuleOptions' +import type { AgentMessage, AgentMessageReceivedEvent, CredentialExchangeRecord } from '@aries-framework/core' + +import { Subject } from 'rxjs' + +import { SubjectInboundTransport } from '../../../tests/transport/SubjectInboundTransport' +import { SubjectOutboundTransport } from '../../../tests/transport/SubjectOutboundTransport' +import { Agent } from '../src/agent/Agent' +import { DidExchangeState, HandshakeProtocol } from '../src/modules/connections' +import { OutOfBandDidCommService } from '../src/modules/oob/domain/OutOfBandDidCommService' +import { OutOfBandEventTypes } from '../src/modules/oob/domain/OutOfBandEvents' +import { OutOfBandRole } from '../src/modules/oob/domain/OutOfBandRole' +import { OutOfBandState } from '../src/modules/oob/domain/OutOfBandState' +import { OutOfBandInvitation } from '../src/modules/oob/messages' +import { sleep } from '../src/utils/sleep' + +import { TestMessage } from './TestMessage' +import { getBaseConfig, prepareForIssuance } from './helpers' + +import { + AgentEventTypes, + AriesFrameworkError, + AutoAcceptCredential, + CredentialState, + V1CredentialPreview, + CredentialProtocolVersion, +} from '@aries-framework/core' // Maybe it's not bad to import from package? + +const faberConfig = getBaseConfig('Faber Agent OOB', { + endpoints: ['rxjs:faber'], +}) +const aliceConfig = getBaseConfig('Alice Agent OOB', { + endpoints: ['rxjs:alice'], +}) + +describe('out of band', () => { + const makeConnectionConfig = { + goal: 'To make a connection', + goalCode: 'p2p-messaging', + label: 'Faber College', + } + + const issueCredentialConfig = { + goal: 'To issue a credential', + goalCode: 'issue-vc', + label: 'Faber College', + handshake: false, + } + + const receiveInvitationConfig = { + autoAcceptConnection: false, + } + + let faberAgent: Agent + let aliceAgent: Agent + let credentialTemplate: OfferCredentialOptions + + beforeAll(async () => { + const faberMessages = new Subject() + const aliceMessages = new Subject() + const subjectMap = { + 'rxjs:faber': faberMessages, + 'rxjs:alice': aliceMessages, + } + + faberAgent = new Agent(faberConfig.config, faberConfig.agentDependencies) + faberAgent.registerInboundTransport(new SubjectInboundTransport(faberMessages)) + faberAgent.registerOutboundTransport(new SubjectOutboundTransport(subjectMap)) + await faberAgent.initialize() + + aliceAgent = new Agent(aliceConfig.config, aliceConfig.agentDependencies) + aliceAgent.registerInboundTransport(new SubjectInboundTransport(aliceMessages)) + aliceAgent.registerOutboundTransport(new SubjectOutboundTransport(subjectMap)) + await aliceAgent.initialize() + + const { definition } = await prepareForIssuance(faberAgent, ['name', 'age', 'profile_picture', 'x-ray']) + + credentialTemplate = { + protocolVersion: CredentialProtocolVersion.V1, + credentialFormats: { + indy: { + attributes: V1CredentialPreview.fromRecord({ + name: 'name', + age: 'age', + profile_picture: 'profile_picture', + 'x-ray': 'x-ray', + }).attributes, + credentialDefinitionId: definition.id, + }, + }, + autoAcceptCredential: AutoAcceptCredential.Never, + } + }) + + afterAll(async () => { + await faberAgent.shutdown() + await faberAgent.wallet.delete() + await aliceAgent.shutdown() + await aliceAgent.wallet.delete() + }) + + afterEach(async () => { + const credentials = await aliceAgent.credentials.getAll() + for (const credential of credentials) { + await aliceAgent.credentials.deleteById(credential.id) + } + + const connections = await faberAgent.connections.getAll() + for (const connection of connections) { + await faberAgent.connections.deleteById(connection.id) + } + + jest.resetAllMocks() + }) + + describe('createInvitation', () => { + test('throw error when there is no handshake or message', async () => { + await expect(faberAgent.oob.createInvitation({ label: 'test-connection', handshake: false })).rejects.toEqual( + new AriesFrameworkError( + 'One or both of handshake_protocols and requests~attach MUST be included in the message.' + ) + ) + }) + + test('throw error when multiUseInvitation is true and messages are provided', async () => { + await expect( + faberAgent.oob.createInvitation({ + label: 'test-connection', + messages: [{} as AgentMessage], + multiUseInvitation: true, + }) + ).rejects.toEqual( + new AriesFrameworkError("Attribute 'multiUseInvitation' can not be 'true' when 'messages' is defined.") + ) + }) + + test('handles empty messages array as no messages being passed', async () => { + await expect( + faberAgent.oob.createInvitation({ + messages: [], + handshake: false, + }) + ).rejects.toEqual( + new AriesFrameworkError( + 'One or both of handshake_protocols and requests~attach MUST be included in the message.' + ) + ) + }) + + test('create OOB record', async () => { + const outOfBandRecord = await faberAgent.oob.createInvitation(makeConnectionConfig) + // expect contains services + + expect(outOfBandRecord.autoAcceptConnection).toBe(true) + expect(outOfBandRecord.role).toBe(OutOfBandRole.Sender) + expect(outOfBandRecord.state).toBe(OutOfBandState.AwaitResponse) + expect(outOfBandRecord.reusable).toBe(false) + expect(outOfBandRecord.outOfBandInvitation.goal).toBe('To make a connection') + expect(outOfBandRecord.outOfBandInvitation.goalCode).toBe('p2p-messaging') + expect(outOfBandRecord.outOfBandInvitation.label).toBe('Faber College') + }) + + test('create OOB message only with handshake', async () => { + const { outOfBandInvitation } = await faberAgent.oob.createInvitation(makeConnectionConfig) + + // expect supported handshake protocols + expect(outOfBandInvitation.handshakeProtocols).toContain(HandshakeProtocol.DidExchange) + expect(outOfBandInvitation.getRequests()).toBeUndefined() + + // expect contains services + const [service] = outOfBandInvitation.services as OutOfBandDidCommService[] + expect(service).toMatchObject( + new OutOfBandDidCommService({ + id: expect.any(String), + serviceEndpoint: 'rxjs:faber', + recipientKeys: [expect.stringContaining('did:key:')], + routingKeys: [], + }) + ) + }) + + test('create OOB message only with requests', async () => { + const { message } = await faberAgent.credentials.createOutOfBandOffer(credentialTemplate) + const { outOfBandInvitation } = await faberAgent.oob.createInvitation({ + label: 'test-connection', + handshake: false, + messages: [message], + }) + + // expect supported handshake protocols + expect(outOfBandInvitation.handshakeProtocols).toBeUndefined() + expect(outOfBandInvitation.getRequests()).toHaveLength(1) + + // expect contains services + const [service] = outOfBandInvitation.services + expect(service).toMatchObject( + new OutOfBandDidCommService({ + id: expect.any(String), + serviceEndpoint: 'rxjs:faber', + recipientKeys: [expect.stringContaining('did:key:')], + routingKeys: [], + }) + ) + }) + + test('create OOB message with both handshake and requests', async () => { + const { message } = await faberAgent.credentials.createOutOfBandOffer(credentialTemplate) + const { outOfBandInvitation } = await faberAgent.oob.createInvitation({ + label: 'test-connection', + handshakeProtocols: [HandshakeProtocol.Connections], + messages: [message], + }) + + // expect supported handshake protocols + expect(outOfBandInvitation.handshakeProtocols).toContain(HandshakeProtocol.Connections) + expect(outOfBandInvitation.getRequests()).toHaveLength(1) + + // expect contains services + const [service] = outOfBandInvitation.services as OutOfBandDidCommService[] + expect(service).toMatchObject( + new OutOfBandDidCommService({ + id: expect.any(String), + serviceEndpoint: 'rxjs:faber', + recipientKeys: [expect.stringMatching('did:key:')], + routingKeys: [], + }) + ) + }) + + test('emits OutOfBandStateChanged event', async () => { + const eventListener = jest.fn() + + faberAgent.events.on(OutOfBandEventTypes.OutOfBandStateChanged, eventListener) + const outOfBandRecord = await faberAgent.oob.createInvitation({ + label: 'test-connection', + handshake: true, + }) + + faberAgent.events.off(OutOfBandEventTypes.OutOfBandStateChanged, eventListener) + + expect(eventListener).toHaveBeenCalledWith({ + type: OutOfBandEventTypes.OutOfBandStateChanged, + payload: { + outOfBandRecord, + previousState: null, + }, + }) + }) + }) + + describe('receiveInvitation', () => { + test('receive OOB connection invitation', async () => { + const outOfBandRecord = await faberAgent.oob.createInvitation(makeConnectionConfig) + const { outOfBandInvitation } = outOfBandRecord + + const { outOfBandRecord: receivedOutOfBandRecord, connectionRecord } = await aliceAgent.oob.receiveInvitation( + outOfBandInvitation, + { + autoAcceptInvitation: false, + autoAcceptConnection: false, + } + ) + + expect(connectionRecord).not.toBeDefined() + expect(receivedOutOfBandRecord.role).toBe(OutOfBandRole.Receiver) + expect(receivedOutOfBandRecord.state).toBe(OutOfBandState.Initial) + expect(receivedOutOfBandRecord.outOfBandInvitation).toEqual(outOfBandInvitation) + }) + + test(`make a connection with ${HandshakeProtocol.DidExchange} on OOB invitation encoded in URL`, async () => { + const outOfBandRecord = await faberAgent.oob.createInvitation(makeConnectionConfig) + const { outOfBandInvitation } = outOfBandRecord + const urlMessage = outOfBandInvitation.toUrl({ domain: 'http://example.com' }) + + // eslint-disable-next-line prefer-const + let { outOfBandRecord: receivedOutOfBandRecord, connectionRecord: aliceFaberConnection } = + await aliceAgent.oob.receiveInvitationFromUrl(urlMessage) + expect(receivedOutOfBandRecord.state).toBe(OutOfBandState.PrepareResponse) + + aliceFaberConnection = await aliceAgent.connections.returnWhenIsConnected(aliceFaberConnection!.id) + expect(aliceFaberConnection.state).toBe(DidExchangeState.Completed) + + let [faberAliceConnection] = await faberAgent.connections.findAllByOutOfBandId(outOfBandRecord!.id) + faberAliceConnection = await faberAgent.connections.returnWhenIsConnected(faberAliceConnection!.id) + expect(faberAliceConnection?.state).toBe(DidExchangeState.Completed) + + expect(aliceFaberConnection).toBeConnectedWith(faberAliceConnection!) + expect(faberAliceConnection).toBeConnectedWith(aliceFaberConnection) + }) + + test(`make a connection with ${HandshakeProtocol.Connections} based on OOB invitation encoded in URL`, async () => { + const outOfBandRecord = await faberAgent.oob.createInvitation({ + ...makeConnectionConfig, + handshakeProtocols: [HandshakeProtocol.Connections], + }) + const { outOfBandInvitation } = outOfBandRecord + const urlMessage = outOfBandInvitation.toUrl({ domain: 'http://example.com' }) + + let { connectionRecord: aliceFaberConnection } = await aliceAgent.oob.receiveInvitationFromUrl(urlMessage) + + aliceFaberConnection = await aliceAgent.connections.returnWhenIsConnected(aliceFaberConnection!.id) + expect(aliceFaberConnection.state).toBe(DidExchangeState.Completed) + + let [faberAliceConnection] = await faberAgent.connections.findAllByOutOfBandId(outOfBandRecord!.id) + faberAliceConnection = await faberAgent.connections.returnWhenIsConnected(faberAliceConnection!.id) + expect(faberAliceConnection.state).toBe(DidExchangeState.Completed) + + expect(aliceFaberConnection).toBeConnectedWith(faberAliceConnection) + expect(faberAliceConnection).toBeConnectedWith(aliceFaberConnection) + }) + + test('make a connection based on old connection invitation encoded in URL', async () => { + const { outOfBandRecord, invitation } = await faberAgent.oob.createLegacyInvitation({ + ...makeConnectionConfig, + handshakeProtocols: [HandshakeProtocol.Connections], + }) + const urlMessage = invitation.toUrl({ domain: 'http://example.com' }) + + let { connectionRecord: aliceFaberConnection } = await aliceAgent.oob.receiveInvitationFromUrl(urlMessage) + + aliceFaberConnection = await aliceAgent.connections.returnWhenIsConnected(aliceFaberConnection!.id) + let [faberAliceConnection] = await faberAgent.connections.findAllByOutOfBandId(outOfBandRecord.id) + faberAliceConnection = await faberAgent.connections.returnWhenIsConnected(faberAliceConnection!.id) + + expect(aliceFaberConnection.state).toBe(DidExchangeState.Completed) + expect(faberAliceConnection.state).toBe(DidExchangeState.Completed) + + expect(faberAliceConnection).toBeConnectedWith(aliceFaberConnection) + expect(aliceFaberConnection).toBeConnectedWith(faberAliceConnection) + }) + + test('process credential offer requests based on OOB message', async () => { + const { message } = await faberAgent.credentials.createOutOfBandOffer(credentialTemplate) + const { outOfBandInvitation } = await faberAgent.oob.createInvitation({ + ...issueCredentialConfig, + messages: [message], + }) + + const urlMessage = outOfBandInvitation.toUrl({ domain: 'http://example.com' }) + + await aliceAgent.oob.receiveInvitationFromUrl(urlMessage, receiveInvitationConfig) + + let credentials: CredentialExchangeRecord[] = [] + while (credentials.length < 1) { + credentials = await aliceAgent.credentials.getAll() + await sleep(100) + } + + expect(credentials).toHaveLength(1) + const [credential] = credentials + expect(credential.state).toBe(CredentialState.OfferReceived) + }) + + test('do not process requests when a connection is not ready', async () => { + const eventListener = jest.fn() + aliceAgent.events.on(AgentEventTypes.AgentMessageReceived, eventListener) + + const { message } = await faberAgent.credentials.createOutOfBandOffer(credentialTemplate) + const { outOfBandInvitation } = await faberAgent.oob.createInvitation({ + ...makeConnectionConfig, + messages: [message], + }) + + // First, we crate a connection but we won't accept it, therefore it won't be ready + await aliceAgent.oob.receiveInvitation(outOfBandInvitation, { autoAcceptConnection: false }) + + // Event should not be emitted because an agent must wait until the connection is ready + expect(eventListener).toHaveBeenCalledTimes(0) + + aliceAgent.events.off(AgentEventTypes.AgentMessageReceived, eventListener) + }) + + test('make a connection based on OOB invitation and process requests after the acceptation', async () => { + const { message } = await faberAgent.credentials.createOutOfBandOffer(credentialTemplate) + const outOfBandRecord = await faberAgent.oob.createInvitation({ + ...makeConnectionConfig, + messages: [message], + }) + const { outOfBandInvitation } = outOfBandRecord + + // First, we crate a connection but we won't accept it, therefore it won't be ready + const { outOfBandRecord: aliceFaberOutOfBandRecord } = await aliceAgent.oob.receiveInvitation( + outOfBandInvitation, + { + autoAcceptInvitation: false, + autoAcceptConnection: false, + } + ) + + // Accept connection invitation + let { connectionRecord: aliceFaberConnection } = await aliceAgent.oob.acceptInvitation( + aliceFaberOutOfBandRecord.id, + { + label: 'alice', + autoAcceptConnection: true, + } + ) + + // Wait until connection is ready + aliceFaberConnection = await aliceAgent.connections.returnWhenIsConnected(aliceFaberConnection!.id) + + let [faberAliceConnection] = await faberAgent.connections.findAllByOutOfBandId(outOfBandRecord!.id) + faberAliceConnection = await faberAgent.connections.returnWhenIsConnected(faberAliceConnection!.id) + expect(faberAliceConnection).toBeConnectedWith(aliceFaberConnection) + expect(aliceFaberConnection).toBeConnectedWith(faberAliceConnection) + + // The credential should be processed when connection is made. It asynchronous so it can take a moment. + let credentials: CredentialExchangeRecord[] = [] + while (credentials.length < 1) { + credentials = await aliceAgent.credentials.getAll() + await sleep(100) + } + + expect(credentials).toHaveLength(1) + const [credential] = credentials + expect(credential.state).toBe(CredentialState.OfferReceived) + }) + + test('do not create a new connection when no messages and handshake reuse succeeds', async () => { + const aliceReuseListener = jest.fn() + const faberReuseListener = jest.fn() + + // Create first connection + const outOfBandRecord = await faberAgent.oob.createInvitation(makeConnectionConfig) + let { connectionRecord: firstAliceFaberConnection } = await aliceAgent.oob.receiveInvitation( + outOfBandRecord.outOfBandInvitation + ) + firstAliceFaberConnection = await aliceAgent.connections.returnWhenIsConnected(firstAliceFaberConnection!.id) + + const [firstFaberAliceConnection] = await faberAgent.connections.findAllByOutOfBandId(outOfBandRecord.id) + + // Create second connection + const outOfBandRecord2 = await faberAgent.oob.createInvitation(makeConnectionConfig) + + // Take over the recipientKeys from the first invitation so they match when encoded + const firstInvitationService = outOfBandRecord.outOfBandInvitation.services[0] as OutOfBandDidCommService + const secondInvitationService = outOfBandRecord2.outOfBandInvitation.services[0] as OutOfBandDidCommService + secondInvitationService.recipientKeys = firstInvitationService.recipientKeys + + aliceAgent.events.on(OutOfBandEventTypes.HandshakeReused, aliceReuseListener) + faberAgent.events.on(OutOfBandEventTypes.HandshakeReused, faberReuseListener) + + const { + connectionRecord: secondAliceFaberConnection, + outOfBandRecord: { id: secondOobRecordId }, + } = await aliceAgent.oob.receiveInvitation(outOfBandRecord2.outOfBandInvitation, { reuseConnection: true }) + + aliceAgent.events.off(OutOfBandEventTypes.HandshakeReused, aliceReuseListener) + faberAgent.events.off(OutOfBandEventTypes.HandshakeReused, faberReuseListener) + await aliceAgent.connections.returnWhenIsConnected(secondAliceFaberConnection!.id) + + // There shouldn't be any connection records for this oob id, as we reused an existing one + expect((await faberAgent.connections.findAllByOutOfBandId(secondOobRecordId)).length).toBe(0) + + expect(firstAliceFaberConnection.id).toEqual(secondAliceFaberConnection?.id) + + expect(faberReuseListener).toHaveBeenCalledTimes(1) + expect(aliceReuseListener).toHaveBeenCalledTimes(1) + const [[faberEvent]] = faberReuseListener.mock.calls + const [[aliceEvent]] = aliceReuseListener.mock.calls + + const reuseThreadId = faberEvent.payload.reuseThreadId + + expect(faberEvent).toMatchObject({ + type: OutOfBandEventTypes.HandshakeReused, + payload: { + connectionRecord: { + id: firstFaberAliceConnection.id, + }, + outOfBandRecord: { + id: outOfBandRecord2.id, + }, + reuseThreadId, + }, + }) + + expect(aliceEvent).toMatchObject({ + type: OutOfBandEventTypes.HandshakeReused, + payload: { + connectionRecord: { + id: firstAliceFaberConnection.id, + }, + outOfBandRecord: { + id: secondOobRecordId, + }, + reuseThreadId, + }, + }) + }) + + test('create a new connection when connection exists and reuse is false', async () => { + const reuseListener = jest.fn() + + // Create first connection + const outOfBandRecord = await faberAgent.oob.createInvitation(makeConnectionConfig) + let { connectionRecord: firstAliceFaberConnection } = await aliceAgent.oob.receiveInvitation( + outOfBandRecord.outOfBandInvitation + ) + firstAliceFaberConnection = await aliceAgent.connections.returnWhenIsConnected(firstAliceFaberConnection!.id) + + // Create second connection + const outOfBandRecord2 = await faberAgent.oob.createInvitation(makeConnectionConfig) + + aliceAgent.events.on(OutOfBandEventTypes.HandshakeReused, reuseListener) + faberAgent.events.on(OutOfBandEventTypes.HandshakeReused, reuseListener) + + const { connectionRecord: secondAliceFaberConnection } = await aliceAgent.oob.receiveInvitation( + outOfBandRecord2.outOfBandInvitation, + { reuseConnection: false } + ) + + aliceAgent.events.off(OutOfBandEventTypes.HandshakeReused, reuseListener) + faberAgent.events.off(OutOfBandEventTypes.HandshakeReused, reuseListener) + await aliceAgent.connections.returnWhenIsConnected(secondAliceFaberConnection!.id) + + // If we're not reusing the connection, the reuse listener shouldn't be called + expect(reuseListener).not.toHaveBeenCalled() + expect(firstAliceFaberConnection.id).not.toEqual(secondAliceFaberConnection?.id) + + const faberConnections = await faberAgent.connections.getAll() + let [firstFaberAliceConnection, secondFaberAliceConnection] = faberConnections + firstFaberAliceConnection = await faberAgent.connections.returnWhenIsConnected(firstFaberAliceConnection.id) + secondFaberAliceConnection = await faberAgent.connections.returnWhenIsConnected(secondFaberAliceConnection.id) + + // expect the two connections contain the two out of band ids + expect(faberConnections.map((c) => c.outOfBandId)).toEqual( + expect.arrayContaining([outOfBandRecord.id, outOfBandRecord2.id]) + ) + + expect(faberConnections).toHaveLength(2) + expect(firstFaberAliceConnection.state).toBe(DidExchangeState.Completed) + expect(secondFaberAliceConnection.state).toBe(DidExchangeState.Completed) + }) + + test('throws an error when the invitation has already been received', async () => { + const outOfBandRecord = await faberAgent.oob.createInvitation(makeConnectionConfig) + const { outOfBandInvitation } = outOfBandRecord + + const { connectionRecord: aliceFaberConnection } = await aliceAgent.oob.receiveInvitation(outOfBandInvitation) + + // Wait until connection is ready + await aliceAgent.connections.returnWhenIsConnected(aliceFaberConnection!.id) + + const [faberAliceConnection] = await faberAgent.connections.findAllByOutOfBandId(outOfBandRecord.id) + await faberAgent.connections.returnWhenIsConnected(faberAliceConnection!.id) + + // Try to receive the invitation again + await expect(aliceAgent.oob.receiveInvitation(outOfBandInvitation)).rejects.toThrow( + new AriesFrameworkError( + `An out of band record with invitation ${outOfBandInvitation.id} already exists. Invitations should have a unique id.` + ) + ) + }) + + test('emits OutOfBandStateChanged event', async () => { + const eventListener = jest.fn() + const { outOfBandInvitation, id } = await faberAgent.oob.createInvitation(makeConnectionConfig) + + aliceAgent.events.on(OutOfBandEventTypes.OutOfBandStateChanged, eventListener) + + const { outOfBandRecord, connectionRecord } = await aliceAgent.oob.receiveInvitation(outOfBandInvitation, { + autoAcceptConnection: true, + autoAcceptInvitation: true, + }) + + // Wait for the connection to complete so we don't get wallet closed errors + await aliceAgent.connections.returnWhenIsConnected(connectionRecord!.id) + aliceAgent.events.off(OutOfBandEventTypes.OutOfBandStateChanged, eventListener) + + const [faberAliceConnection] = await faberAgent.connections.findAllByOutOfBandId(id) + await faberAgent.connections.returnWhenIsConnected(faberAliceConnection.id) + + // Receiving the invitation + expect(eventListener).toHaveBeenNthCalledWith(1, { + type: OutOfBandEventTypes.OutOfBandStateChanged, + payload: { + outOfBandRecord: expect.objectContaining({ state: OutOfBandState.Initial }), + previousState: null, + }, + }) + + // Accepting the invitation + expect(eventListener).toHaveBeenNthCalledWith(2, { + type: OutOfBandEventTypes.OutOfBandStateChanged, + payload: { + outOfBandRecord, + previousState: OutOfBandState.Initial, + }, + }) + }) + + test.skip('do not create a new connection when connection exists and multiuse is false', async () => { + const outOfBandRecord = await faberAgent.oob.createInvitation({ + ...makeConnectionConfig, + multiUseInvitation: false, + }) + const { outOfBandInvitation } = outOfBandRecord + + let { connectionRecord: firstAliceFaberConnection } = await aliceAgent.oob.receiveInvitation(outOfBandInvitation) + firstAliceFaberConnection = await aliceAgent.connections.returnWhenIsConnected(firstAliceFaberConnection!.id) + + await aliceAgent.oob.receiveInvitation(outOfBandInvitation) + + // TODO Somehow check agents throws an error or sends problem report + + let [faberAliceConnection] = await faberAgent.connections.findAllByOutOfBandId(outOfBandRecord!.id) + faberAliceConnection = await faberAgent.connections.returnWhenIsConnected(faberAliceConnection!.id) + + const faberConnections = await faberAgent.connections.getAll() + expect(faberConnections).toHaveLength(1) + expect(faberAliceConnection.state).toBe(DidExchangeState.Completed) + expect(firstAliceFaberConnection.state).toBe(DidExchangeState.Completed) + }) + + test('throw an error when handshake protocols are not supported', async () => { + const outOfBandInvitation = new OutOfBandInvitation({ label: 'test-connection', services: [] }) + const unsupportedProtocol = 'https://didcomm.org/unsupported-connections-protocol/1.0' + outOfBandInvitation.handshakeProtocols = [unsupportedProtocol as HandshakeProtocol] + + await expect(aliceAgent.oob.receiveInvitation(outOfBandInvitation, receiveInvitationConfig)).rejects.toEqual( + new AriesFrameworkError( + `Handshake protocols [${unsupportedProtocol}] are not supported. Supported protocols are [https://didcomm.org/didexchange/1.0,https://didcomm.org/connections/1.0]` + ) + ) + }) + + test('throw an error when the OOB message does not contain either handshake or requests', async () => { + const outOfBandInvitation = new OutOfBandInvitation({ label: 'test-connection', services: [] }) + + await expect(aliceAgent.oob.receiveInvitation(outOfBandInvitation, receiveInvitationConfig)).rejects.toEqual( + new AriesFrameworkError( + 'One or both of handshake_protocols and requests~attach MUST be included in the message.' + ) + ) + }) + + test('throw an error when the OOB message contains unsupported message request', async () => { + const testMessage = new TestMessage() + testMessage.type = 'https://didcomm.org/test-protocol/1.0/test-message' + const { outOfBandInvitation } = await faberAgent.oob.createInvitation({ + ...issueCredentialConfig, + messages: [testMessage], + }) + + await expect(aliceAgent.oob.receiveInvitation(outOfBandInvitation, receiveInvitationConfig)).rejects.toEqual( + new AriesFrameworkError('There is no message in requests~attach supported by agent.') + ) + }) + + test('throw an error when a did is used in the out of band message', async () => { + const { message } = await faberAgent.credentials.createOutOfBandOffer(credentialTemplate) + const { outOfBandInvitation } = await faberAgent.oob.createInvitation({ + ...issueCredentialConfig, + messages: [message], + }) + outOfBandInvitation.services = ['somedid'] + + await expect(aliceAgent.oob.receiveInvitation(outOfBandInvitation, receiveInvitationConfig)).rejects.toEqual( + new AriesFrameworkError('Dids are not currently supported in out-of-band invitation services attribute.') + ) + }) + }) +}) diff --git a/packages/core/tests/postgres.test.ts b/packages/core/tests/postgres.test.ts index eef01d175b..3a92c8ef46 100644 --- a/packages/core/tests/postgres.test.ts +++ b/packages/core/tests/postgres.test.ts @@ -1,3 +1,4 @@ +/* eslint-disable @typescript-eslint/no-non-null-assertion */ import type { SubjectMessage } from '../../../tests/transport/SubjectInboundTransport' import type { IndyPostgresStorageConfig } from '../../node/src' import type { ConnectionRecord } from '../src/modules/connections' @@ -8,6 +9,7 @@ import { SubjectInboundTransport } from '../../../tests/transport/SubjectInbound import { SubjectOutboundTransport } from '../../../tests/transport/SubjectOutboundTransport' import { loadPostgresPlugin, WalletScheme } from '../../node/src' import { Agent } from '../src/agent/Agent' +import { HandshakeProtocol } from '../src/modules/connections' import { waitForBasicMessage, getBasePostgresConfig } from './helpers' @@ -67,11 +69,17 @@ describe('postgres agents', () => { bobAgent.registerOutboundTransport(new SubjectOutboundTransport(subjectMap)) await bobAgent.initialize() - const aliceConnectionAtAliceBob = await aliceAgent.connections.createConnection() - const bobConnectionAtBobAlice = await bobAgent.connections.receiveInvitation(aliceConnectionAtAliceBob.invitation) + const aliceBobOutOfBandRecord = await aliceAgent.oob.createInvitation({ + handshakeProtocols: [HandshakeProtocol.Connections], + }) + + const { connectionRecord: bobConnectionAtBobAlice } = await bobAgent.oob.receiveInvitation( + aliceBobOutOfBandRecord.outOfBandInvitation + ) + bobConnection = await bobAgent.connections.returnWhenIsConnected(bobConnectionAtBobAlice!.id) - aliceConnection = await aliceAgent.connections.returnWhenIsConnected(aliceConnectionAtAliceBob.connectionRecord.id) - bobConnection = await bobAgent.connections.returnWhenIsConnected(bobConnectionAtBobAlice.id) + const [aliceConnectionAtAliceBob] = await aliceAgent.connections.findAllByOutOfBandId(aliceBobOutOfBandRecord.id) + aliceConnection = await aliceAgent.connections.returnWhenIsConnected(aliceConnectionAtAliceBob!.id) expect(aliceConnection).toBeConnectedWith(bobConnection) expect(bobConnection).toBeConnectedWith(aliceConnection) diff --git a/packages/core/tests/setup.ts b/packages/core/tests/setup.ts index de254bf876..a2ba1429d2 100644 --- a/packages/core/tests/setup.ts +++ b/packages/core/tests/setup.ts @@ -6,21 +6,19 @@ jest.setTimeout(120000) expect.extend({ toBeConnectedWith }) // Custom matchers which can be used to extend Jest matchers via extend, e. g. `expect.extend({ toBeConnectedWith })`. -function toBeConnectedWith(received: ConnectionRecord, connection: ConnectionRecord) { - received.assertReady() - connection.assertReady() +function toBeConnectedWith(actual: ConnectionRecord, expected: ConnectionRecord) { + actual.assertReady() + expected.assertReady() - const pass = received.theirDid === connection.did && received.theirKey === connection.verkey + const pass = actual.theirDid === expected.did if (pass) { return { - message: () => - `expected connection ${received.did}, ${received.verkey} not to be connected to with ${connection.did}, ${connection.verkey}`, + message: () => `expected connection ${actual.theirDid} not to be connected to with ${expected.did}`, pass: true, } } else { return { - message: () => - `expected connection ${received.did}, ${received.verkey} to be connected to with ${connection.did}, ${connection.verkey}`, + message: () => `expected connection ${actual.theirDid} to be connected to with ${expected.did}`, pass: false, } } diff --git a/samples/extension-module/requester.ts b/samples/extension-module/requester.ts index 1ccdb433a5..7079c01375 100644 --- a/samples/extension-module/requester.ts +++ b/samples/extension-module/requester.ts @@ -1,6 +1,6 @@ import type { DummyRecord, DummyStateChangedEvent } from './dummy' -import { Agent, ConsoleLogger, LogLevel, WsOutboundTransport } from '@aries-framework/core' +import { Agent, AriesFrameworkError, ConsoleLogger, LogLevel, WsOutboundTransport } from '@aries-framework/core' import { agentDependencies } from '@aries-framework/node' import { filter, first, firstValueFrom, map, ReplaySubject, timeout } from 'rxjs' @@ -38,7 +38,10 @@ const run = async () => { // Connect to responder using its invitation endpoint const invitationUrl = await (await agentDependencies.fetch(`http://localhost:${port}/invitation`)).text() - const connection = await agent.connections.receiveInvitationFromUrl(invitationUrl) + const { connectionRecord: connection } = await agent.oob.receiveInvitationFromUrl(invitationUrl) + if (!connection) { + throw new AriesFrameworkError('Connection record for out-of-band invitation was not created.') + } await agent.connections.returnWhenIsConnected(connection.id) // Create observable for Response Received event diff --git a/samples/extension-module/responder.ts b/samples/extension-module/responder.ts index c92b9ed43d..140f3c2a3f 100644 --- a/samples/extension-module/responder.ts +++ b/samples/extension-module/responder.ts @@ -40,8 +40,8 @@ const run = async () => { // Allow to create invitation, no other way to ask for invitation yet app.get('/invitation', async (req, res) => { - const { invitation } = await agent.connections.createConnection() - res.send(invitation.toUrl({ domain: `http://localhost:${port}/invitation` })) + const { outOfBandInvitation } = await agent.oob.createInvitation() + res.send(outOfBandInvitation.toUrl({ domain: `http://localhost:${port}/invitation` })) }) // Inject DummyModule diff --git a/samples/mediator.ts b/samples/mediator.ts index f3f23a4fe6..7be3cdce9a 100644 --- a/samples/mediator.ts +++ b/samples/mediator.ts @@ -75,10 +75,9 @@ httpInboundTransport.app.get('/invitation', async (req, res) => { const invitation = await ConnectionInvitationMessage.fromUrl(req.url) res.send(invitation.toJSON()) } else { - const { invitation } = await agent.connections.createConnection() - + const { outOfBandInvitation } = await agent.oob.createInvitation() const httpEndpoint = config.endpoints.find((e) => e.startsWith('http')) - res.send(invitation.toUrl({ domain: httpEndpoint + '/invitation' })) + res.send(outOfBandInvitation.toUrl({ domain: httpEndpoint + '/invitation' })) } })