#209 - added support for attestation property in records

Author: thehenrytsai

README.md

@@ -3,7 +3,7 @@
 # Decentralized Web Node (DWN) SDK
 
 Code Coverage
-![Statements](https://img.shields.io/badge/statements-94%25-brightgreen.svg?style=flat) ![Branches](https://img.shields.io/badge/branches-92.19%25-brightgreen.svg?style=flat) ![Functions](https://img.shields.io/badge/functions-90.85%25-brightgreen.svg?style=flat) ![Lines](https://img.shields.io/badge/lines-94%25-brightgreen.svg?style=flat)
+![Statements](https://img.shields.io/badge/statements-94.56%25-brightgreen.svg?style=flat) ![Branches](https://img.shields.io/badge/branches-93.93%25-brightgreen.svg?style=flat) ![Functions](https://img.shields.io/badge/functions-91.51%25-brightgreen.svg?style=flat) ![Lines](https://img.shields.io/badge/lines-94.56%25-brightgreen.svg?style=flat)
 
 ## Introduction
 

json-schemas/records/records-write.json

@@ -15,6 +15,9 @@
     "contextId": {
       "type": "string"
     },
+    "attestation": {
+      "$ref": "https://identity.foundation/dwn/json-schemas/general-jws.json"
+    },
     "authorization": {
       "$ref": "https://identity.foundation/dwn/json-schemas/general-jws.json"
     },

package-lock.json

@@ -5,7 +5,7 @@ import { DidResolver } from '../did/did-resolver.js';
 import { GeneralJws } from '../jose/jws/general/types.js';
 import { GeneralJwsVerifier } from '../jose/jws/general/verifier.js';
 import { Message } from './message.js';
-import { generateCid, parseCid } from '../utils/cid.js';
+import { computeCid, parseCid } from '../utils/cid.js';
 
 type AuthorizationPayloadConstraints = {
   /** permissible properties within payload. Note that `descriptorCid` is implied and does not need to be added */
@@ -45,7 +45,7 @@ export async function validateAuthorizationIntegrity(
 
   // `descriptorCid` validation - ensure that the provided descriptorCid matches the CID of the actual message
   const providedDescriptorCid = parseCid(descriptorCid); // parseCid throws an exception if parsing fails
-  const expectedDescriptorCid = await generateCid(message.descriptor);
+  const expectedDescriptorCid = await computeCid(message.descriptor);
   if (!providedDescriptorCid.equals(expectedDescriptorCid)) {
     throw new Error(`provided descriptorCid ${providedDescriptorCid} does not match expected CID ${expectedDescriptorCid}`);
   }

src/core/auth.ts

@@ -2,10 +2,10 @@ import type { SignatureInput } from '../jose/jws/general/types.js';
 import type { BaseDecodedAuthorizationPayload, BaseMessage, Descriptor, TimestampedMessage } from './types.js';
 
 import { CID } from 'multiformats/cid';
+import { computeCid } from '../utils/cid.js';
 import { GeneralJws } from '../jose/jws/general/types.js';
 import { GeneralJwsSigner } from '../jose/jws/general/signer.js';
 import { GeneralJwsVerifier } from '../jose/jws/general/verifier.js';
-import { generateCid } from '../utils/cid.js';
 import { lexicographicalCompare } from '../utils/string.js';
 import { RecordsWriteMessage } from '../interfaces/records/types.js';
 import { validateJsonSchema } from '../validator.js';
@@ -79,7 +79,7 @@ export abstract class Message {
       delete (messageCopy as RecordsWriteMessage).encodedData;
     }
 
-    const cid = await generateCid(messageCopy);
+    const cid = await computeCid(messageCopy);
     return cid;
   }
 
@@ -128,7 +128,7 @@ export abstract class Message {
     descriptor: Descriptor,
     signatureInput: SignatureInput
   ): Promise<GeneralJws> {
-    const descriptorCid = await generateCid(descriptor);
+    const descriptorCid = await computeCid(descriptor);
 
     const authPayload: BaseDecodedAuthorizationPayload = { descriptorCid: descriptorCid.toString() };
     const authPayloadStr = JSON.stringify(authPayload);

src/core/message.ts

@@ -1,4 +1,4 @@
-import type { GeneralJws, SignatureInput } from '../jose/jws/general/types.js';
+import type { GeneralJws } from '../jose/jws/general/types.js';
 
 /**
  * Intersection type for all concrete message types.
@@ -42,7 +42,3 @@ export type DataReferencingMessage = {
 
   encodedData: string;
 };
-
-export type AuthCreateOptions = {
-  signatureInput: SignatureInput
-};

src/core/types.ts

@@ -68,7 +68,7 @@ export class Dwn {
       message = JSON.parse(requestString);
     } catch (error) {
       return new MessageReply({
-        status: { code: 400, detail: error.message }
+        status: { code: 400, detail: 'unable to JSON parse request' }
       });
     }
 
@@ -85,7 +85,7 @@ export class Dwn {
     const dwnMethod = rawMessage?.descriptor?.method;
     if (dwnInterface === undefined || dwnMethod === undefined) {
       return new MessageReply({
-        status: { code: 400, detail: `DWN interface or method is undefined` }
+        status: { code: 400, detail: `Both interface and method must be present, interface: ${dwnInterface}, method: ${dwnMethod}` }
       });
     }
 

src/dwn.ts

@@ -1,4 +1,4 @@
-import type { AuthCreateOptions } from '../../../core/types.js';
+import type { SignatureInput } from '../../../jose/jws/general/types.js';
 import type { HooksWriteDescriptor, HooksWriteMessage } from '../../hooks/types.js';
 
 import { getCurrentTimeInHighPrecision } from '../../../utils/time.js';
@@ -9,7 +9,7 @@ import { DwnInterfaceName, DwnMethodName, Message } from '../../../core/message.
 /**
  * Input to `HookssWrite.create()`.
  */
-export type HooksWriteOptions = AuthCreateOptions & {
+export type HooksWriteOptions = {
   dateCreated?: string,
   /**
    * leave as `undefined` for customer handler.
@@ -18,7 +18,8 @@ export type HooksWriteOptions = AuthCreateOptions & {
   uri?: string,
   filter: {
     method: string,
-  }
+  },
+  authorizationSignatureInput: SignatureInput;
 };
 
 /**
@@ -47,7 +48,7 @@ export class HooksWrite extends Message {
     // Error: `undefined` is not supported by the IPLD Data Model and cannot be encoded
     removeUndefinedProperties(descriptor);
 
-    const authorization = await Message.signAsAuthorization(descriptor, options.signatureInput);
+    const authorization = await Message.signAsAuthorization(descriptor, options.authorizationSignatureInput);
     const message = { descriptor, authorization };
 
     Message.validateJsonSchema(message);

src/interfaces/hooks/messages/hooks-write.ts

@@ -1,17 +1,16 @@
-import type { AuthCreateOptions } from '../../../core/types';
 import type { SignatureInput } from '../../../jose/jws/general/types';
 import type { PermissionConditions, PermissionScope } from '../types';
 import type { PermissionsGrantDescriptor, PermissionsGrantMessage } from '../types';
 
 import { CID } from 'multiformats/cid';
-import { generateCid } from '../../../utils/cid';
+import { computeCid } from '../../../utils/cid';
 import { getCurrentTimeInHighPrecision } from '../../../utils/time';
 import { v4 as uuidv4 } from 'uuid';
 
 import { DEFAULT_CONDITIONS, PermissionsRequest } from './permissions-request';
 import { DwnInterfaceName, DwnMethodName, Message } from '../../../core/message';
 
-type PermissionsGrantOptions = AuthCreateOptions & {
+type PermissionsGrantOptions = {
   dateCreated?: string;
   conditions?: PermissionConditions;
   description: string;
@@ -20,6 +19,7 @@ type PermissionsGrantOptions = AuthCreateOptions & {
   objectId?: string;
   permissionsRequestId?: string;
   scope: PermissionScope;
+  authorizationSignatureInput: SignatureInput;
 };
 
 export class PermissionsGrant extends Message {
@@ -46,7 +46,7 @@ export class PermissionsGrant extends Message {
       scope       : options.scope,
     };
 
-    const authorization = await Message.signAsAuthorization(descriptor, options.signatureInput);
+    const authorization = await Message.signAsAuthorization(descriptor, options.authorizationSignatureInput);
     const message: PermissionsGrantMessage = { descriptor, authorization };
 
     Message.validateJsonSchema(message);
@@ -58,12 +58,12 @@ export class PermissionsGrant extends Message {
   /**
    * generates a PermissionsGrant using the provided PermissionsRequest
    * @param permissionsRequest
-   * @param signatureInput - the private key and additional signature material of the grantor
+   * @param authorizationSignatureInput - the private key and additional signature material of the grantor
    * @param conditionOverrides - any conditions that the grantor may want to override
    */
   static async fromPermissionsRequest(
     permissionsRequest: PermissionsRequest,
-    signatureInput: SignatureInput,
+    authorizationSignatureInput: SignatureInput,
     conditionOverrides: Partial<PermissionConditions> = {}
   ): Promise<PermissionsGrant> {
     const conditions = { ...permissionsRequest.conditions, ...conditionOverrides };
@@ -75,33 +75,33 @@ export class PermissionsGrant extends Message {
       grantedTo            : permissionsRequest.grantedTo,
       permissionsRequestId : permissionsRequest.id,
       scope                : permissionsRequest.scope,
-      signatureInput       : signatureInput
+      authorizationSignatureInput
     });
   }
 
   /**
    * delegates the permission to the DID provided
    * @param to - the DID of the grantee
-   * @param signatureInput - the private key and additional signature material of this permission's `grantedTo`
+   * @param authorizationSignatureInput - the private key and additional signature material of this permission's `grantedTo`
    * @throws {Error} - if the permission cannot be delegated
    */
-  async delegate(to: string, signatureInput: SignatureInput): Promise<PermissionsGrant> {
+  async delegate(to: string, authorizationSignatureInput: SignatureInput): Promise<PermissionsGrant> {
     // throw an exception if the permission cannot be delegated
     if (!this.conditions.delegation) {
       throw new Error('this permission cannot be delegated');
     }
 
     // `grantedBy` of the delegated permission will be `grantedTo` of the permission being delegated because the grantee is the delegator
     const delegatedGrant = await PermissionsGrant.create({
-      conditions     : this.conditions,
-      description    : this.description,
-      grantedBy      : this.grantedTo,
-      grantedTo      : to,
-      scope          : this.scope,
-      signatureInput : signatureInput
+      conditions  : this.conditions,
+      description : this.description,
+      grantedBy   : this.grantedTo,
+      grantedTo   : to,
+      scope       : this.scope,
+      authorizationSignatureInput
     });
 
-    delegatedGrant.delegatedFrom = await generateCid(this.message);
+    delegatedGrant.delegatedFrom = await computeCid(this.message);
     delegatedGrant.delegationChain = this.message;
 
     return delegatedGrant;

src/interfaces/permissions/messages/permissions-grant.ts

@@ -1,4 +1,4 @@
-import type { AuthCreateOptions } from '../../../core/types.js';
+import type { SignatureInput } from '../../../jose/jws/general/types.js';
 import type { PermissionConditions, PermissionScope } from '../types.js';
 import type { PermissionsRequestDescriptor, PermissionsRequestMessage } from '../types.js';
 
@@ -7,14 +7,15 @@ import { v4 as uuidv4 } from 'uuid';
 import { validateAuthorizationIntegrity } from '../../../core/auth.js';
 import { DwnInterfaceName, DwnMethodName, Message } from '../../../core/message.js';
 
-type PermissionsRequestOptions = AuthCreateOptions & {
+type PermissionsRequestOptions = {
   dateCreated?: string;
   conditions?: PermissionConditions;
   description: string;
   grantedTo: string;
   grantedBy: string;
   objectId?: string;
   scope: PermissionScope;
+  authorizationSignatureInput: SignatureInput;
 };
 
 export class PermissionsRequest extends Message {
@@ -49,7 +50,7 @@ export class PermissionsRequest extends Message {
 
     Message.validateJsonSchema({ descriptor, authorization: { } });
 
-    const auth = await Message.signAsAuthorization(descriptor, options.signatureInput);
+    const auth = await Message.signAsAuthorization(descriptor, options.authorizationSignatureInput);
     const message: PermissionsRequestMessage = { descriptor, authorization: auth };
 
     return new PermissionsRequest(message);