diff --git a/aries_cloudagent/wallet/routes.py b/aries_cloudagent/wallet/routes.py index d1f2a4efed..7ec93334c5 100644 --- a/aries_cloudagent/wallet/routes.py +++ b/aries_cloudagent/wallet/routes.py @@ -366,7 +366,13 @@ async def wallet_create_did(request: web.BaseRequest): info = None async with context.session() as session: did_methods = session.inject(DIDMethods) - method = did_methods.from_method(body.get("method", "")) or SOV + + method = did_methods.from_method(body.get("method", "sov")) + if not method: + raise web.HTTPForbidden( + reason=(f"method {body.get('method')} is not supported by the agent.") + ) + key_types = session.inject(KeyTypes) # set default method and key type for backwards compat key_type = ( diff --git a/aries_cloudagent/wallet/tests/test_routes.py b/aries_cloudagent/wallet/tests/test_routes.py index a6dc9e6f88..c4ac8839c1 100644 --- a/aries_cloudagent/wallet/tests/test_routes.py +++ b/aries_cloudagent/wallet/tests/test_routes.py @@ -129,6 +129,17 @@ async def test_create_did(self): ) assert result is json_response.return_value + async def test_create_did_unsupported_method(self): + self.request.json = async_mock.AsyncMock( + return_value={ + "method": "madeupmethod", + "options": {"key_type": "bls12381g2"}, + } + ) + + with self.assertRaises(test_module.web.HTTPForbidden): + await test_module.wallet_create_did(self.request) + async def test_create_did_unsupported_key_type(self): self.request.json = async_mock.AsyncMock( return_value={"method": "sov", "options": {"key_type": "bls12381g2"}}