Skip to content

Commit ef7a74b

Browse files
committed
refactor!: select authentication signer on session creation
1 parent 898afd3 commit ef7a74b

2 files changed

Lines changed: 37 additions & 11 deletions

File tree

src/messaging/interface/session/request.ts

Lines changed: 22 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -5,14 +5,14 @@
55
* found in the LICENSE file in the root directory of this source tree.
66
*/
77

8-
import type { DidDocument, DidUrl, VerificationMethod } from '@kiltprotocol/types'
98
import * as Did from '@kiltprotocol/did'
9+
import type { DidDocument, DidUrl, SignerInterface, VerificationMethod } from '@kiltprotocol/types'
10+
import { Signers } from '@kiltprotocol/utils'
11+
import { u8aToString } from '@polkadot/util'
1012
import { randomAsHex } from '@polkadot/util-crypto'
1113
import { DecryptCallback, EncryptCallback } from '../../../types/Message.js'
12-
13-
import type { ISessionRequest, ISession, ISessionResponse } from '../../../types/index.js'
14+
import type { ISession, ISessionRequest, ISessionResponse } from '../../../types/index.js'
1415
import { KeyError } from '../../Error.js'
15-
import { u8aToString } from '@polkadot/util'
1616

1717
/**
1818
* Requests a session with a given DID document and name.
@@ -54,10 +54,12 @@ export async function verifySession(
5454
{ encryptedChallenge, nonce, encryptionKeyUri: receiverEncryptionKeyUri }: ISessionResponse,
5555
decryptCallback: DecryptCallback,
5656
encryptCallback: EncryptCallback,
57-
authenticationSigner: ISession['authenticationSigner'],
57+
signers: SignerInterface[],
5858
{
59+
didDocument,
5960
dereferenceDidUrl = Did.dereference,
6061
}: {
62+
didDocument?: DidDocument
6163
dereferenceDidUrl?: typeof Did.dereference
6264
} = {}
6365
): Promise<ISession> {
@@ -67,6 +69,21 @@ export async function verifySession(
6769
if ((encryptionKey as VerificationMethod)?.type !== 'Multikey') {
6870
throw new Error('An encryption key is required')
6971
}
72+
if (!didDocument) {
73+
didDocument = (
74+
await dereferenceDidUrl(Did.parse(encryptionKeyUri).did, {
75+
accept: 'application/did+json',
76+
})
77+
).contentStream as DidDocument
78+
}
79+
const authenticationSigner = Signers.selectSigner<SignerInterface<Signers.DidPalletSupportedAlgorithms, DidUrl>>(
80+
signers,
81+
Signers.select.byDid(didDocument, { verificationRelationship: 'authentication' }),
82+
Signers.select.verifiableOnChain()
83+
)
84+
if (!authenticationSigner) {
85+
throw new Error('a signer for the responder DID authentication method is required')
86+
}
7087

7188
const decryptedBytes = await decryptCallback({
7289
data: encryptedChallenge,

src/messaging/interface/session/response.ts

Lines changed: 15 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -5,16 +5,17 @@
55
* found in the LICENSE file in the root directory of this source tree.
66
*/
77

8-
import { DidUrl, DidDocument, VerificationMethod } from '@kiltprotocol/types'
9-
import { stringToU8a } from '@polkadot/util'
108
import * as Did from '@kiltprotocol/did'
9+
import { DidDocument, DidUrl, SignerInterface, VerificationMethod } from '@kiltprotocol/types'
10+
import { Signers } from '@kiltprotocol/utils'
11+
import { stringToU8a } from '@polkadot/util'
1112

1213
import type {
13-
ISessionRequest,
14+
DecryptCallback,
15+
EncryptCallback,
1416
ISession,
17+
ISessionRequest,
1518
ISessionResponse,
16-
EncryptCallback,
17-
DecryptCallback,
1819
} from '../../../types/index.js'
1920

2021
/**
@@ -35,7 +36,7 @@ export async function receiveSessionRequest(
3536
{ challenge, encryptionKeyUri: receiverEncryptionKeyUri }: ISessionRequest,
3637
encryptCallback: EncryptCallback,
3738
decryptCallback: DecryptCallback,
38-
authenticationSigner: ISession['authenticationSigner'],
39+
signers: SignerInterface[],
3940
{
4041
dereferenceDidUrl = Did.dereference,
4142
}: {
@@ -45,6 +46,14 @@ export async function receiveSessionRequest(
4546
if (!didDocument.keyAgreement) {
4647
throw new Error('keyAgreement is necessary')
4748
}
49+
const authenticationSigner = Signers.selectSigner<SignerInterface<Signers.DidPalletSupportedAlgorithms, DidUrl>>(
50+
signers,
51+
Signers.select.byDid(didDocument, { verificationRelationship: 'authentication' }),
52+
Signers.select.verifiableOnChain()
53+
)
54+
if (!authenticationSigner) {
55+
throw new Error('a signer for the responder DID authentication method is required')
56+
}
4857
const responseEncryptionKey: DidUrl = `${didDocument.id}${didDocument.keyAgreement?.[0]}`
4958

5059
Did.validateDid(receiverEncryptionKeyUri)

0 commit comments

Comments
 (0)