From 671c522e8bd82bd330f014481abc82e1efa780ba Mon Sep 17 00:00:00 2001 From: Maksym Hrynenko Date: Tue, 21 May 2024 14:44:25 +0300 Subject: [PATCH 1/3] add: create identity request logging --- internal/service/api/handlers/create_identity.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/internal/service/api/handlers/create_identity.go b/internal/service/api/handlers/create_identity.go index 500cc6e..68613f4 100644 --- a/internal/service/api/handlers/create_identity.go +++ b/internal/service/api/handlers/create_identity.go @@ -74,6 +74,8 @@ func CreateIdentity(w http.ResponseWriter, r *http.Request) { "request_data": string(rawReqData), }) + log.Info("create identity request") + algorithm := signatureAlgorithm(req.Data.DocumentSOD.Algorithm) if algorithm == "" { log.WithError(fmt.Errorf("%s is not a valid algorithm", req.Data.DocumentSOD.Algorithm)).Error("failed to select signature algorithm") From ea4b1f64697ad83a052ad01dab598d67cc143b76 Mon Sep 17 00:00:00 2001 From: Maksym Hrynenko Date: Tue, 21 May 2024 20:26:43 +0300 Subject: [PATCH 2/3] add: method to prepend prefix with tag and content length; update: move ctx to the api to have access to ctx from requests folder too --- internal/service/api/{handlers => }/ctx.go | 5 +- .../service/api/handlers/create_identity.go | 15 +++--- .../service/api/handlers/get_gist_data.go | 9 ++-- .../service/api/requests/create_identity.go | 51 ++++++++++++++++++- internal/service/router.go | 15 +++--- 5 files changed, 73 insertions(+), 22 deletions(-) rename internal/service/api/{handlers => }/ctx.go (99%) diff --git a/internal/service/api/handlers/ctx.go b/internal/service/api/ctx.go similarity index 99% rename from internal/service/api/handlers/ctx.go rename to internal/service/api/ctx.go index 3c38a4b..ebd2106 100644 --- a/internal/service/api/handlers/ctx.go +++ b/internal/service/api/ctx.go @@ -1,7 +1,9 @@ -package handlers +package api import ( "context" + "net/http" + "github.com/ethereum/go-ethereum/ethclient" stateabi "github.com/iden3/contracts-abi/state/go/abi" "github.com/rarimo/passport-identity-provider/internal/config" @@ -9,7 +11,6 @@ import ( "github.com/rarimo/passport-identity-provider/internal/service/issuer" "github.com/rarimo/passport-identity-provider/internal/service/vault" "gitlab.com/distributed_lab/logan/v3" - "net/http" ) type ctxKey int diff --git a/internal/service/api/handlers/create_identity.go b/internal/service/api/handlers/create_identity.go index 68613f4..e163c7c 100644 --- a/internal/service/api/handlers/create_identity.go +++ b/internal/service/api/handlers/create_identity.go @@ -25,6 +25,7 @@ import ( "github.com/rarimo/certificate-transparency-go/x509" "github.com/rarimo/passport-identity-provider/internal/config" "github.com/rarimo/passport-identity-provider/internal/data" + "github.com/rarimo/passport-identity-provider/internal/service/api" "github.com/rarimo/passport-identity-provider/internal/service/api/requests" "github.com/rarimo/passport-identity-provider/resources" "gitlab.com/distributed_lab/ape" @@ -58,18 +59,18 @@ var algorithmsListMap = map[string]map[string]string{ func CreateIdentity(w http.ResponseWriter, r *http.Request) { req, err := requests.NewCreateIdentityRequest(r) if err != nil { - Log(r).WithError(err).Error("failed to create new create identity request") + api.Log(r).WithError(err).Error("failed to create new create identity request") ape.RenderErr(w, problems.BadRequest(err)...) return } rawReqData, err := json.Marshal(req.Data) if err != nil { - Log(r).WithError(err).Error("failed to marshal create identity request") + api.Log(r).WithError(err).Error("failed to marshal create identity request") ape.RenderErr(w, problems.InternalError()) return } - log := Log(r).WithFields(logan.F{ + log := api.Log(r).WithFields(logan.F{ "user-agent": r.Header.Get("User-Agent"), "request_data": string(rawReqData), }) @@ -116,7 +117,7 @@ func CreateIdentity(w http.ResponseWriter, r *http.Request) { return } - cfg := VerifierConfig(r) + cfg := api.VerifierConfig(r) switch algorithm { case SHA1withECDSA: @@ -170,7 +171,7 @@ func CreateIdentity(w http.ResponseWriter, r *http.Request) { return } - masterQ := MasterQ(r) + masterQ := api.MasterQ(r) claim, err := masterQ.Claim().ResetFilter(). FilterBy("user_did", req.Data.ID.String()). @@ -213,8 +214,8 @@ func CreateIdentity(w http.ResponseWriter, r *http.Request) { } var claimID string - iss := Issuer(r) - vaultClient := VaultClient(r) + iss := api.Issuer(r) + vaultClient := api.VaultClient(r) blinder, err := vaultClient.Blinder() if err != nil { diff --git a/internal/service/api/handlers/get_gist_data.go b/internal/service/api/handlers/get_gist_data.go index 9c053d2..1ad1df7 100644 --- a/internal/service/api/handlers/get_gist_data.go +++ b/internal/service/api/handlers/get_gist_data.go @@ -10,6 +10,7 @@ import ( "github.com/iden3/contracts-abi/state/go/abi" core "github.com/iden3/go-iden3-core/v2" "github.com/iden3/go-iden3-core/v2/w3c" + "github.com/rarimo/passport-identity-provider/internal/service/api" "github.com/rarimo/passport-identity-provider/internal/service/api/requests" "github.com/rarimo/passport-identity-provider/resources" "gitlab.com/distributed_lab/ape" @@ -21,12 +22,12 @@ import ( func GetGistData(w http.ResponseWriter, r *http.Request) { req, err := requests.NewGetGistDataRequest(r) if err != nil { - Log(r).WithError(err).Error("failed to parse get gist data request") + api.Log(r).WithError(err).Error("failed to parse get gist data request") ape.RenderErr(w, problems.BadRequest(err)...) return } - log := Log(r).WithFields(logan.F{ + log := api.Log(r).WithFields(logan.F{ "user-agent": r.Header.Get("User-Agent"), "user_did": req.UserDID, "block_number": req.BlockNumber, @@ -46,7 +47,7 @@ func GetGistData(w http.ResponseWriter, r *http.Request) { return } - blockNum, err := EthClient(r).BlockNumber(context.Background()) + blockNum, err := api.EthClient(r).BlockNumber(context.Background()) if err != nil { log.WithError(err).Error("failed to get block number") ape.RenderErr(w, problems.InternalError()) @@ -67,7 +68,7 @@ func GetGistData(w http.ResponseWriter, r *http.Request) { blockNum = req.BlockNumber } - stateContract := StateContract(r) + stateContract := api.StateContract(r) gistProof, err := stateContract.GetGISTProof(&bind.CallOpts{ BlockNumber: new(big.Int).SetUint64(blockNum), diff --git a/internal/service/api/requests/create_identity.go b/internal/service/api/requests/create_identity.go index 77573ff..fe655e5 100644 --- a/internal/service/api/requests/create_identity.go +++ b/internal/service/api/requests/create_identity.go @@ -3,9 +3,13 @@ package requests import ( "encoding/json" "net/http" + "strconv" + "strings" "github.com/iden3/go-iden3-core/v2/w3c" snarkTypes "github.com/iden3/go-rapidsnark/types" + "github.com/rarimo/passport-identity-provider/internal/service/api" + "gitlab.com/distributed_lab/logan/v3" "gitlab.com/distributed_lab/logan/v3/errors" ) @@ -33,9 +37,52 @@ func NewCreateIdentityRequest(r *http.Request) (CreateIdentityRequest, error) { return request, errors.Wrap(err, "failed to unmarshal") } - if request.Data.DocumentSOD.EncapsulatedContent[0:2] != "30" { - request.Data.DocumentSOD.EncapsulatedContent = "30" + request.Data.DocumentSOD.EncapsulatedContent + encapsulatedContent := PrependPrefix(request.Data.DocumentSOD.EncapsulatedContent) + if strings.Compare(encapsulatedContent, request.Data.DocumentSOD.EncapsulatedContent) != 0 { + api.Log(r).WithFields(logan.F{ + "encapsulated_content_new": encapsulatedContent, + "encapsulated_content_old": request.Data.DocumentSOD.EncapsulatedContent, + }).Info("encapsulated content update") + request.Data.DocumentSOD.EncapsulatedContent = encapsulatedContent } return request, nil } + +// PrependPrefix - сrunch before Android fix +func PrependPrefix(data string) string { + // Parse by VERSION field + subs := strings.Split(data, "0201") + + dataLength := subs[0] + + // recreate the rest of the string without length + rest := "0201" + strings.Join(subs[1:], "0201") + + restByteLen := int64(len(rest) / 2) + + actualLength := toHex(restByteLen) + + if restByteLen > 128 && restByteLen < 256 { + actualLength = "81" + actualLength + } + if restByteLen > 256 { + actualLength = "82" + actualLength + } + + data = "30" + dataLength + rest + if strings.Compare(dataLength, actualLength) != 0 { + data = "30" + actualLength + rest + } + + return data +} + +func toHex(number int64) string { + hexStr := strconv.FormatInt(number, 16) + if len(hexStr)%2 != 0 { + hexStr = "0" + hexStr + } + + return hexStr +} diff --git a/internal/service/router.go b/internal/service/router.go index 32342fa..776df33 100644 --- a/internal/service/router.go +++ b/internal/service/router.go @@ -6,6 +6,7 @@ import ( "github.com/go-chi/chi" stateabi "github.com/iden3/contracts-abi/state/go/abi" "github.com/rarimo/passport-identity-provider/internal/data/pg" + "github.com/rarimo/passport-identity-provider/internal/service/api" "github.com/rarimo/passport-identity-provider/internal/service/api/handlers" "github.com/rarimo/passport-identity-provider/internal/service/issuer" "github.com/rarimo/passport-identity-provider/internal/service/vault" @@ -39,17 +40,17 @@ func (s *service) router() chi.Router { ape.RecoverMiddleware(s.log), ape.LoganMiddleware(s.log), ape.CtxMiddleware( - handlers.CtxLog(s.log), - handlers.CtxMasterQ(pg.NewMasterQ(s.cfg.DB())), - handlers.CtxVerifierConfig(s.cfg.VerifierConfig()), - handlers.CtxStateContract(stateContract), - handlers.CtxIssuer(issuer.New( + api.CtxLog(s.log), + api.CtxMasterQ(pg.NewMasterQ(s.cfg.DB())), + api.CtxVerifierConfig(s.cfg.VerifierConfig()), + api.CtxStateContract(stateContract), + api.CtxIssuer(issuer.New( s.cfg.Log().WithField("service", "issuer"), s.cfg.IssuerConfig(), issuerLogin, issuerPassword, )), - handlers.CtxVaultClient(vaultClient), - handlers.CtxEthClient(ethCli), + api.CtxVaultClient(vaultClient), + api.CtxEthClient(ethCli), ), ) r.Route("/integrations/identity-provider-service", func(r chi.Router) { From e75eacdaac7ecf54094720c2f9decc2e4b86b954 Mon Sep 17 00:00:00 2001 From: Maksym Hrynenko Date: Wed, 22 May 2024 10:41:22 +0300 Subject: [PATCH 3/3] remove: create identity requests logging --- internal/service/api/handlers/create_identity.go | 2 -- 1 file changed, 2 deletions(-) diff --git a/internal/service/api/handlers/create_identity.go b/internal/service/api/handlers/create_identity.go index e163c7c..2eb7ff4 100644 --- a/internal/service/api/handlers/create_identity.go +++ b/internal/service/api/handlers/create_identity.go @@ -75,8 +75,6 @@ func CreateIdentity(w http.ResponseWriter, r *http.Request) { "request_data": string(rawReqData), }) - log.Info("create identity request") - algorithm := signatureAlgorithm(req.Data.DocumentSOD.Algorithm) if algorithm == "" { log.WithError(fmt.Errorf("%s is not a valid algorithm", req.Data.DocumentSOD.Algorithm)).Error("failed to select signature algorithm")