chore: fix authentication and links flow

0xPolygonID · Jul 29, 2024 · de78167 · de78167
1 parent 5627fa1
commit de78167
Show file tree

Hide file tree

Showing 5 changed files with 16 additions and 9 deletions.
diff --git a/internal/api/authentication.go b/internal/api/authentication.go
@@ -17,7 +17,7 @@ func (s *Server) AuthCallback(ctx context.Context, request AuthCallbackRequestOb
 		return AuthCallback400JSONResponse{N400JSONResponse{"Cannot proceed with empty body"}}, nil
 	}
 
-	_, err := s.identityService.Authenticate(ctx, *request.Body, request.Params.SessionID, s.cfg.APIUI.ServerURL, s.cfg.APIUI.IssuerDID)
+	_, err := s.identityService.Authenticate(ctx, *request.Body, request.Params.SessionID, s.cfg.ServerUrl)
 	if err != nil {
 		log.Error(ctx, "error authenticating", err.Error())
 		return AuthCallback500JSONResponse{}, nil

diff --git a/internal/api/links.go b/internal/api/links.go
@@ -95,7 +95,7 @@ func (s *Server) CreateLinkQrCodeCallback(ctx context.Context, request CreateLin
 		return CreateLinkQrCodeCallback400JSONResponse{N400JSONResponse{"Cannot proceed with empty body"}}, nil
 	}
 
-	arm, err := s.identityService.Authenticate(ctx, *request.Body, request.Params.SessionID, s.cfg.APIUI.ServerURL, s.cfg.APIUI.IssuerDID)
+	arm, err := s.identityService.Authenticate(ctx, *request.Body, request.Params.SessionID, s.cfg.ServerUrl)
 	if err != nil {
 		log.Error(ctx, "error authenticating", err.Error())
 		return CreateLinkQrCodeCallback500JSONResponse{}, nil
@@ -106,7 +106,7 @@ func (s *Server) CreateLinkQrCodeCallback(ctx context.Context, request CreateLin
 		log.Error(ctx, "error getting user DID", err.Error())
 		return CreateLinkQrCodeCallback400JSONResponse{N400JSONResponse{Message: "expecting a did in From"}}, nil
 	}
-	issuerDID, err := w3c.ParseDID(arm.From)
+	issuerDID, err := w3c.ParseDID(arm.To)
 	if err != nil {
 		log.Error(ctx, "error getting issuer DID", err.Error())
 		return CreateLinkQrCodeCallback400JSONResponse{N400JSONResponse{Message: "expecting a did in To"}}, nil

diff --git a/internal/api_ui/server.go b/internal/api_ui/server.go
@@ -142,7 +142,7 @@ func (s *Server) AuthCallback(ctx context.Context, request AuthCallbackRequestOb
 		return AuthCallback400JSONResponse{N400JSONResponse{"Cannot proceed with empty body"}}, nil
 	}
 
-	_, err := s.identityService.Authenticate(ctx, *request.Body, request.Params.SessionID, s.cfg.APIUI.ServerURL, s.cfg.APIUI.IssuerDID)
+	_, err := s.identityService.Authenticate(ctx, *request.Body, request.Params.SessionID, s.cfg.APIUI.ServerURL)
 	if err != nil {
 		log.Debug(ctx, "error authenticating", err.Error())
 		return AuthCallback500JSONResponse{}, nil
@@ -703,7 +703,7 @@ func (s *Server) CreateLinkQrCodeCallback(ctx context.Context, request CreateLin
 		return CreateLinkQrCodeCallback400JSONResponse{N400JSONResponse{"Cannot proceed with empty body"}}, nil
 	}
 
-	arm, err := s.identityService.Authenticate(ctx, *request.Body, request.Params.SessionID, s.cfg.APIUI.ServerURL, s.cfg.APIUI.IssuerDID)
+	arm, err := s.identityService.Authenticate(ctx, *request.Body, request.Params.SessionID, s.cfg.APIUI.ServerURL)
 	if err != nil {
 		log.Debug(ctx, "error authenticating", err.Error())
 		return CreateLinkQrCodeCallback500JSONResponse{}, nil

diff --git a/internal/core/ports/identity_service.go b/internal/core/ports/identity_service.go
@@ -47,7 +47,7 @@ type IdentityService interface {
 	GetTransactedStates(ctx context.Context) ([]domain.IdentityState, error)
 	GetStates(ctx context.Context, issuerDID w3c.DID) ([]domain.IdentityState, error)
 	CreateAuthenticationQRCode(ctx context.Context, serverURL string, issuerDID w3c.DID) (*CreateAuthenticationQRCodeResponse, error)
-	Authenticate(ctx context.Context, message string, sessionID uuid.UUID, serverURL string, issuerDID w3c.DID) (*protocol.AuthorizationResponseMessage, error)
+	Authenticate(ctx context.Context, message string, sessionID uuid.UUID, serverURL string) (*protocol.AuthorizationResponseMessage, error)
 	GetFailedState(ctx context.Context, identifier w3c.DID) (*domain.IdentityState, error)
 	PublishGenesisStateToRHS(ctx context.Context, did *w3c.DID) error
 }
diff --git a/internal/core/services/identity.go b/internal/core/services/identity.go
@@ -446,7 +446,7 @@ func (i *identity) UpdateIdentityState(ctx context.Context, state *domain.Identi
 	return err
 }
 
-func (i *identity) Authenticate(ctx context.Context, message string, sessionID uuid.UUID, serverURL string, issuerDID w3c.DID) (*protocol.AuthorizationResponseMessage, error) {
+func (i *identity) Authenticate(ctx context.Context, message string, sessionID uuid.UUID, serverURL string) (*protocol.AuthorizationResponseMessage, error) {
 	authReq, err := i.sessionManager.Get(ctx, sessionID.String())
 	if err != nil {
 		log.Warn(ctx, "authentication session not found")
@@ -459,7 +459,14 @@ func (i *identity) Authenticate(ctx context.Context, message string, sessionID u
 		return nil, err
 	}
 
-	issuerDoc := newDIDDocument(serverURL, issuerDID)
+	from := authReq.From
+	issuerDID, err := w3c.ParseDID(from)
+	if err != nil {
+		log.Error(ctx, "failed to parse issuerDID", "err", err)
+		return nil, err
+	}
+
+	issuerDoc := newDIDDocument(serverURL, *issuerDID)
 	bytesIssuerDoc, err := json.Marshal(issuerDoc)
 	if err != nil {
 		log.Error(ctx, "failed to marshal issuerDoc", "err", err)
@@ -475,7 +482,7 @@ func (i *identity) Authenticate(ctx context.Context, message string, sessionID u
 
 	conn := &domain.Connection{
 		ID:         uuid.New(),
-		IssuerDID:  issuerDID,
+		IssuerDID:  *issuerDID,
 		UserDID:    *userDID,
 		IssuerDoc:  bytesIssuerDoc,
 		UserDoc:    arm.Body.DIDDoc,