-
Notifications
You must be signed in to change notification settings - Fork 9
/
verifier.py
391 lines (327 loc) · 12.1 KB
/
verifier.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
from typing import List, Optional
from uuid import UUID
from aries_cloudcontroller import IndyCredPrecis
from fastapi import APIRouter, Depends
from app.dependencies.acapy_clients import client_from_auth
from app.dependencies.auth import AcaPyAuth, acapy_auth_from_header
from app.exceptions import CloudApiException
from app.models.verifier import (
AcceptProofRequest,
CreateProofRequest,
RejectProofRequest,
SendProofRequest,
)
from app.util.acapy_verifier_utils import (
VerifierFacade,
assert_valid_prover,
assert_valid_verifier,
get_verifier_by_version,
)
from shared.log_config import get_logger
from shared.models.presentation_exchange import (
PresentationExchange,
Role,
State,
back_to_v1_presentation_state,
)
logger = get_logger(__name__)
router = APIRouter(prefix="/v1/verifier", tags=["verifier"])
@router.post("/create-request", response_model=PresentationExchange)
async def create_proof_request(
body: CreateProofRequest,
auth: AcaPyAuth = Depends(acapy_auth_from_header),
) -> PresentationExchange:
"""
Create proof request.
Parameters:
-----------
body: CreateProofRequest
The proof request object
Returns:
--------
presentation_exchange: PresentationExchange
The presentation exchange record
"""
bound_logger = logger.bind(body=body)
bound_logger.info("POST request received: Create proof request")
try:
verifier = get_verifier_by_version(body.protocol_version)
async with client_from_auth(auth) as aries_controller:
bound_logger.debug("Creating proof request")
result = await verifier.create_proof_request(
controller=aries_controller, create_proof_request=body
)
except Exception as e:
bound_logger.info("Could not create presentation record: {}.", e)
raise
if result:
bound_logger.info("Successfully created proof request.")
else:
bound_logger.warning("No result obtained from creating proof request.")
return result
@router.post("/send-request", response_model=PresentationExchange)
async def send_proof_request(
body: SendProofRequest,
auth: AcaPyAuth = Depends(acapy_auth_from_header),
) -> PresentationExchange:
"""
Send proof request.
Parameters:
-----------
body: SendProofRequest
The proof request object
Returns:
--------
presentation_exchange: PresentationExchange
The presentation exchange record
"""
bound_logger = logger.bind(body=body)
bound_logger.info("POST request received: Send proof request")
try:
verifier = get_verifier_by_version(body.protocol_version)
async with client_from_auth(auth) as aries_controller:
if body.connection_id:
await assert_valid_verifier(
aries_controller=aries_controller, proof_request=body
)
bound_logger.debug("Sending proof request")
result = await verifier.send_proof_request(
controller=aries_controller, send_proof_request=body
)
except CloudApiException as e:
bound_logger.info("Could not send proof request: {}", e)
raise
if result:
bound_logger.info("Successfully sent proof request.")
else:
bound_logger.warning("No result obtained from sending proof request.")
return result
@router.post("/accept-request", response_model=PresentationExchange)
async def accept_proof_request(
body: AcceptProofRequest,
auth: AcaPyAuth = Depends(acapy_auth_from_header),
) -> PresentationExchange:
"""
Accept proof request.
Parameters:
-----------
body: AcceptProofRequest
The proof request object
Returns:
--------
presentation_exchange: PresentationExchange
The presentation exchange record
"""
bound_logger = logger.bind(body=body)
bound_logger.info("POST request received: Accept proof request")
try:
verifier = get_verifier_by_version(body.proof_id)
async with client_from_auth(auth) as aries_controller:
bound_logger.debug("Get proof record")
proof_record = await verifier.get_proof_record(
controller=aries_controller, proof_id=body.proof_id
)
# If there is a connection id the proof is not connectionless
if proof_record.connection_id:
await assert_valid_prover(
aries_controller=aries_controller,
verifier=verifier,
presentation=body,
)
else:
bound_logger.warning(
"No connection associated with proof. Skip validating prover"
)
bound_logger.debug("Accepting proof record")
result = await verifier.accept_proof_request(
controller=aries_controller, accept_proof_request=body
)
except CloudApiException as e:
bound_logger.info("Could not accept proof request: {}", e)
raise
if result:
bound_logger.info("Successfully accepted proof request.")
else:
bound_logger.warning("No result obtained from accepting proof request.")
return result
@router.post("/reject-request", status_code=204)
async def reject_proof_request(
body: RejectProofRequest,
auth: AcaPyAuth = Depends(acapy_auth_from_header),
) -> None:
"""
Reject proof request.
Parameters:
-----------
body: RejectProofRequest
The proof request object
Returns:
--------
None
"""
bound_logger = logger.bind(body=body)
bound_logger.info("POST request received: Reject proof request")
try:
verifier = get_verifier_by_version(body.proof_id)
async with client_from_auth(auth) as aries_controller:
bound_logger.debug("Getting proof record")
proof_record = await verifier.get_proof_record(
controller=aries_controller, proof_id=body.proof_id
)
if proof_record.state != "request-received":
bound_logger.info(
"Proof record must be in state `request-received` to reject; had state: `{}`.",
proof_record.state,
)
raise CloudApiException(
"Record must be in state request-received to decline proof request.",
400,
)
bound_logger.debug("Rejecting proof request")
await verifier.reject_proof_request(
controller=aries_controller, reject_proof_request=body
)
except CloudApiException as e:
bound_logger.info("Could not reject request: {}.", e)
raise
bound_logger.info("Successfully rejected proof request.")
@router.get("/proofs", response_model=List[PresentationExchange])
async def get_proof_records(
auth: AcaPyAuth = Depends(acapy_auth_from_header),
connection_id: Optional[str] = None,
role: Optional[Role] = None,
state: Optional[State] = None,
thread_id: Optional[UUID] = None,
) -> List[PresentationExchange]:
"""
Get all proof records
Parameters:
----------
connection_id: Optional[str]
role: Optional[Role]: "prover", "verifier"
state: Optional[State]: "abandoned", "done", "presentation-received",
"presentation-sent", "proposal-received", "proposal-sent",
"request-received", "request-sent"
thread_id: Optional[UUID]
Returns:
--------
presentation_exchange_list: [PresentationExchange]
The list of presentation exchange records
"""
logger.info("GET request received: Get all proof records")
try:
async with client_from_auth(auth) as aries_controller:
logger.debug("Fetching v1 proof records")
v1_records = await VerifierFacade.v1.value.get_proof_records(
controller=aries_controller,
connection_id=connection_id,
role=role,
state=back_to_v1_presentation_state(state) if state else None,
thread_id=str(thread_id) if thread_id else None,
)
logger.debug("Fetching v2 proof records")
v2_records = await VerifierFacade.v2.value.get_proof_records(
controller=aries_controller,
connection_id=connection_id,
role=role,
state=state,
thread_id=str(thread_id) if thread_id else None,
)
except CloudApiException as e:
logger.info("Could not fetch proof records: {}.", e)
raise
result = v1_records + v2_records
if result:
logger.info("Successfully fetched v1 and v2 records.")
else:
logger.info("No v1 or v2 records returned.")
return result
@router.get("/proofs/{proof_id}", response_model=PresentationExchange)
async def get_proof_record(
proof_id: str,
auth: AcaPyAuth = Depends(acapy_auth_from_header),
) -> PresentationExchange:
"""
Get a specific proof record
Parameters:
----------
proof_id: str
The proof ID
Returns:
--------
presentation_exchange_record: PresentationExchange
The of presentation exchange record for the proof ID
"""
bound_logger = logger.bind(body={"proof_id": proof_id})
bound_logger.info("GET request received: Get proof record by id")
try:
verifier = get_verifier_by_version(version_candidate=proof_id)
async with client_from_auth(auth) as aries_controller:
bound_logger.debug("Fetching proof record")
result = await verifier.get_proof_record(
controller=aries_controller, proof_id=proof_id
)
except CloudApiException as e:
logger.info("Could not fetch proof record: {}.", e)
raise
if result:
bound_logger.info("Successfully fetched proof record.")
else:
bound_logger.info("No record returned.")
return result
@router.delete("/proofs/{proof_id}", status_code=204)
async def delete_proof(
proof_id: str,
auth: AcaPyAuth = Depends(acapy_auth_from_header),
) -> None:
"""
Delete proofs record for proof_id (pres_ex_id including prepending version hint 'v1-' or 'v2-')
Parameters:
----------
proof_id: str
The proof ID - starting with v1- or v2-
Returns:
--------
None
"""
bound_logger = logger.bind(body={"proof_id": proof_id})
bound_logger.info("DELETE request received: Delete proof record by id")
try:
verifier = get_verifier_by_version(version_candidate=proof_id)
async with client_from_auth(auth) as aries_controller:
bound_logger.debug("Deleting proof record")
await verifier.delete_proof(controller=aries_controller, proof_id=proof_id)
except CloudApiException as e:
bound_logger.info("Could not delete proof record: {}.", e)
raise
bound_logger.info("Successfully deleted proof record.")
@router.get("/proofs/{proof_id}/credentials", response_model=List[IndyCredPrecis])
async def get_credentials_by_proof_id(
proof_id: str,
auth: AcaPyAuth = Depends(acapy_auth_from_header),
) -> List[IndyCredPrecis]:
"""
Get matching credentials for presentation exchange
Parameters:
----------
proof_id: str
The proof ID
Returns:
--------
presentation_exchange_list: [IndyCredPrecis]
The list of Indy presentation credentials
"""
bound_logger = logger.bind(body={"proof_id": proof_id})
bound_logger.info("GET request received: Get credentials for a proof request")
try:
verifier = get_verifier_by_version(version_candidate=proof_id)
async with client_from_auth(auth) as aries_controller:
bound_logger.debug("Fetching credentials for request")
result = await verifier.get_credentials_by_proof_id(
controller=aries_controller, proof_id=proof_id
)
except CloudApiException as e:
bound_logger.info("Could not get matching credentials: {}.", e)
raise
bound_logger.info("Successfully fetched credentials for proof request.")
return result