Skip to content

Commit

Permalink
feat: validate issuer bpn while creating new wallet
Browse files Browse the repository at this point in the history
  • Loading branch information
@thackerronak
thackerronak committed Aug 16, 2023
1 parent ea2df7c commit 99b0117
Show file tree
Hide file tree
Showing 14 changed files with 71 additions and 71 deletions.
2 changes: 1 addition & 1 deletion build.gradle
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ dependencies {
implementation "org.springdoc:springdoc-openapi-starter-webmvc-ui:${openApiVersion}"
implementation group: 'com.smartsensesolutions', name: 'commons-dao', version: '0.0.5'
implementation 'org.liquibase:liquibase-core'
implementation 'org.eclipse.tractusx.ssi:cx-ssi-lib:0.0.14'
implementation 'org.eclipse.tractusx.ssi:cx-ssi-lib:0.0.15'

//Added explicitly to mitigate CVE 2022-1471
implementation group: 'org.yaml', name: 'snakeyaml', version: '2.0'
Expand Down
6 changes: 3 additions & 3 deletions src/main/java/org/eclipse/tractusx/managedidentitywallets/controller/WalletController.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -155,10 +155,10 @@ public class WalletController extends BaseController {
""")
})
})
@Operation(summary = "Create Wallet", description = "Permission: **add_wallets** \n\n Create a wallet and store it")
@Operation(summary = "Create Wallet", description = "Permission: **add_wallets** (The BPN of the base wallet must equal BPN of caller)\n\n Create a wallet and store it")
@PostMapping(path = RestURI.WALLETS, consumes = MediaType.APPLICATION_JSON_VALUE, produces = MediaType.APPLICATION_JSON_VALUE)
public ResponseEntity<Wallet> createWallet(@Valid @RequestBody CreateWalletRequest request) {
return ResponseEntity.status(HttpStatus.CREATED).body(service.createWallet(request));
public ResponseEntity<Wallet> createWallet(@Valid @RequestBody CreateWalletRequest request, Principal principal) {
return ResponseEntity.status(HttpStatus.CREATED).body(service.createWallet(request,getBPNFromToken(principal)));
}

/**
Expand Down
21 changes: 14 additions & 7 deletions src/main/java/org/eclipse/tractusx/managedidentitywallets/service/WalletService.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -76,6 +76,10 @@
public class WalletService extends BaseService<Wallet, Long> {


/**
* The constant BASE_WALLET_BPN_IS_NOT_MATCHING_WITH_REQUEST_BPN_FROM_TOKEN.
*/
public static final String BASE_WALLET_BPN_IS_NOT_MATCHING_WITH_REQUEST_BPN_FROM_TOKEN = "Base wallet BPN is not matching with request BPN(from token)";
private final WalletRepository walletRepository;

private final MIWSettings miwSettings;
Expand Down Expand Up @@ -195,8 +199,8 @@ public Page<Wallet> getWallets(int pageNumber, int size, String sortColumn, Stri
*/
@SneakyThrows
@Transactional(isolation = Isolation.READ_UNCOMMITTED, propagation = Propagation.REQUIRED)
public Wallet createWallet(CreateWalletRequest request) {
return createWallet(request, false);
public Wallet createWallet(CreateWalletRequest request, String callerBpn) {
return createWallet(request, false,callerBpn);
}

/**
Expand All @@ -206,8 +210,8 @@ public Wallet createWallet(CreateWalletRequest request) {
* @return the wallet
*/
@SneakyThrows
private Wallet createWallet(CreateWalletRequest request, boolean authority) {
validateCreateWallet(request);
private Wallet createWallet(CreateWalletRequest request, boolean authority, String callerBpn) {
validateCreateWallet(request,callerBpn);

//create private key pair
IKeyGenerator keyGenerator = new x21559Generator();
Expand Down Expand Up @@ -275,19 +279,22 @@ public void createAuthorityWallet() {
.name(miwSettings.authorityWalletName())
.bpn(miwSettings.authorityWalletBpn())
.build();
createWallet(request, true);
createWallet(request, true,miwSettings.authorityWalletBpn());
log.info("Authority wallet created with bpn {}", StringEscapeUtils.escapeJava(miwSettings.authorityWalletBpn()));
} else {
log.info("Authority wallet exists with bpn {}", StringEscapeUtils.escapeJava(miwSettings.authorityWalletBpn()));
}
}

private void validateCreateWallet(CreateWalletRequest request) {
private void validateCreateWallet(CreateWalletRequest request,String callerBpn) {
// check base wallet
Validate.isFalse(callerBpn.equalsIgnoreCase(miwSettings.authorityWalletBpn())).launch(new ForbiddenException(BASE_WALLET_BPN_IS_NOT_MATCHING_WITH_REQUEST_BPN_FROM_TOKEN));

// check wallet already exists
boolean exist = walletRepository.existsByBpn(request.getBpn());
if (exist) {
throw new DuplicateWalletProblem("Wallet is already exists for bpn " + request.getBpn());
}

}
@SneakyThrows
private String getPrivateKeyString(byte[] privateKeyBytes) {
Expand Down
6 changes: 5 additions & 1 deletion src/test/java/org/eclipse/tractusx/managedidentitywallets/did/DidDocumentsTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@
package org.eclipse.tractusx.managedidentitywallets.did;

import org.eclipse.tractusx.managedidentitywallets.ManagedIdentityWalletsApplication;
import org.eclipse.tractusx.managedidentitywallets.config.MIWSettings;
import org.eclipse.tractusx.managedidentitywallets.config.TestContextInitializer;
import org.eclipse.tractusx.managedidentitywallets.constant.RestURI;
import org.eclipse.tractusx.managedidentitywallets.dao.entity.Wallet;
Expand All @@ -47,6 +48,9 @@ class DidDocumentsTest {
@Autowired
private TestRestTemplate restTemplate;

@Autowired
private MIWSettings miwSettings;

@Test
void getDidDocumentInvalidBpn404() {
ResponseEntity<String> response = restTemplate.getForEntity(RestURI.DID_DOCUMENTS, String.class, UUID.randomUUID().toString());
Expand Down Expand Up @@ -85,6 +89,6 @@ private Wallet createWallet(String bpn) {
CreateWalletRequest createWalletRequest = new CreateWalletRequest();
createWalletRequest.setBpn(bpn);
createWalletRequest.setName("wallet_" + bpn);
return walletService.createWallet(createWalletRequest);
return walletService.createWallet(createWalletRequest,miwSettings.authorityWalletBpn());
}
}
4 changes: 2 additions & 2 deletions src/test/java/org/eclipse/tractusx/managedidentitywallets/utils/TestUtils.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -56,8 +56,8 @@

public class TestUtils {

public static ResponseEntity<String> createWallet(String bpn, String name, TestRestTemplate testTemplate) {
HttpHeaders headers = AuthenticationUtils.getValidUserHttpHeaders(bpn);
public static ResponseEntity<String> createWallet(String bpn, String name, TestRestTemplate testTemplate,String baseBPN) {
HttpHeaders headers = AuthenticationUtils.getValidUserHttpHeaders(baseBPN);

CreateWalletRequest request = CreateWalletRequest.builder().bpn(bpn).name(name).build();

Expand Down
2 changes: 1 addition & 1 deletion ...test/java/org/eclipse/tractusx/managedidentitywallets/vc/DeleteHoldersCredentialTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -82,7 +82,7 @@ public void setup() {
final CreateWalletRequest createWalletRequest = new CreateWalletRequest();
createWalletRequest.setBpn(tenantBpn);
createWalletRequest.setName("My Test Tenant Wallet");
final Wallet tenantWallet = walletService.createWallet(createWalletRequest);
final Wallet tenantWallet = walletService.createWallet(createWalletRequest,bpnOperator);
tenantDid = DidParser.parse(tenantWallet.getDid());
}

Expand Down
3 changes: 2 additions & 1 deletion .../java/org/eclipse/tractusx/managedidentitywallets/vc/DismantlerHoldersCredentialTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -112,9 +112,10 @@ void issueDismantlerCredentialTest201() throws JsonProcessingException, JSONExce

String bpn = UUID.randomUUID().toString();
String did = DidWebFactory.fromHostnameAndPath(miwSettings.host(), bpn).toString();
String baseBpn = miwSettings.authorityWalletBpn();

//create wallet
Wallet wallet = TestUtils.getWalletFromString(TestUtils.createWallet(bpn, bpn, restTemplate).getBody());
Wallet wallet = TestUtils.getWalletFromString(TestUtils.createWallet(bpn, bpn, restTemplate,baseBpn).getBody());
String oldSummaryCredentialId = TestUtils.getSummaryCredentialId(wallet.getDid(), holdersCredentialRepository);

ResponseEntity<String> response = issueDismantlerCredential(bpn, did);
Expand Down
3 changes: 2 additions & 1 deletion ...t/java/org/eclipse/tractusx/managedidentitywallets/vc/FrameworkHoldersCredentialTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -187,7 +187,8 @@ void issueFrameworkCredentialTest400() throws JsonProcessingException, JSONExcep

private void createAndValidateVC(String bpn, String did, String type) throws JsonProcessingException {
//create wallet
Wallet wallet = TestUtils.getWalletFromString(TestUtils.createWallet(bpn, bpn, restTemplate).getBody());
String baseBpn = miwSettings.authorityWalletBpn();
Wallet wallet = TestUtils.getWalletFromString(TestUtils.createWallet(bpn, bpn, restTemplate,baseBpn).getBody());
String oldSummaryCredentialId = TestUtils.getSummaryCredentialId(wallet.getDid(), holdersCredentialRepository);

HttpHeaders headers = AuthenticationUtils.getValidUserHttpHeaders(miwSettings.authorityWalletBpn());
Expand Down
7 changes: 4 additions & 3 deletions src/test/java/org/eclipse/tractusx/managedidentitywallets/vc/HoldersCredentialTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -304,8 +304,8 @@ void validateExpiredCredentialsWithExpiryCheckTrue() throws com.fasterxml.jackso

private Map<String, Object> issueVC() throws JsonProcessingException {
String bpn = UUID.randomUUID().toString();
HttpHeaders headers = AuthenticationUtils.getValidUserHttpHeaders(bpn);
TestUtils.createWallet(bpn, "Test", restTemplate);
String baseBpn = miwSettings.authorityWalletBpn();
TestUtils.createWallet(bpn, "Test", restTemplate,baseBpn);
ResponseEntity<String> vc = TestUtils.issueMembershipVC(restTemplate, bpn, miwSettings.authorityWalletBpn());
VerifiableCredential verifiableCredential = new VerifiableCredential(new ObjectMapper().readValue(vc.getBody(), Map.class));
Map<String, Object> map = objectMapper.readValue(verifiableCredential.toJson(), Map.class);
Expand All @@ -314,8 +314,9 @@ private Map<String, Object> issueVC() throws JsonProcessingException {


private ResponseEntity<String> issueVC(String bpn, String did, String type, HttpHeaders headers) throws JsonProcessingException {
String baseBpn = miwSettings.authorityWalletBpn();
//save wallet
TestUtils.createWallet(bpn, did, restTemplate);
TestUtils.createWallet(bpn, did, restTemplate,baseBpn);

// Create VC without proof
//VC Bulider
Expand Down
4 changes: 2 additions & 2 deletions src/test/java/org/eclipse/tractusx/managedidentitywallets/vc/IssuersCredentialTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -229,9 +229,9 @@ void issueCredentials200() throws com.fasterxml.jackson.core.JsonProcessingExcep


private ResponseEntity<String> issueVC(String bpn, String holderDid, String issuerDid, String type, HttpHeaders headers) throws JsonProcessingException {

String baseBpn = miwSettings.authorityWalletBpn();
//save wallet
TestUtils.createWallet(bpn, holderDid, restTemplate);
TestUtils.createWallet(bpn, holderDid, restTemplate,baseBpn);

// Create VC without proof
//VC Bulider
Expand Down
13 changes: 8 additions & 5 deletions .../java/org/eclipse/tractusx/managedidentitywallets/vc/MembershipHoldersCredentialTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -96,9 +96,10 @@ void issueMembershipCredentialTest403() {
void testIssueSummeryVCAfterDeleteSummaryVCFromHolderWallet() throws JsonProcessingException {
String bpn = UUID.randomUUID().toString();
String did = DidWebFactory.fromHostnameAndPath(miwSettings.host(), bpn).toString();
String baseBpn = miwSettings.authorityWalletBpn();

// create wallet, in background bpn and summary credential generated
Wallet wallet = TestUtils.getWalletFromString(TestUtils.createWallet(bpn, bpn, restTemplate).getBody());
Wallet wallet = TestUtils.getWalletFromString(TestUtils.createWallet(bpn, bpn, restTemplate,baseBpn).getBody());

List<HoldersCredential> byHolderDid = holdersCredentialRepository.getByHolderDid(did);

Expand All @@ -124,9 +125,10 @@ void testIssueSummeryVCAfterDeleteSummaryVCFromHolderWallet() throws JsonProcess
void testStoredSummaryVCTest() throws JsonProcessingException {
String bpn = UUID.randomUUID().toString();
String did = DidWebFactory.fromHostnameAndPath(miwSettings.host(), bpn).toString();
String baseBpn = miwSettings.authorityWalletBpn();

// create wallet, in background bpn and summary credential generated
Wallet wallet = TestUtils.getWalletFromString(TestUtils.createWallet(bpn, bpn, restTemplate).getBody());
Wallet wallet = TestUtils.getWalletFromString(TestUtils.createWallet(bpn, bpn, restTemplate,baseBpn).getBody());


String vc = """
Expand Down Expand Up @@ -185,10 +187,10 @@ void testStoredSummaryVCTest() throws JsonProcessingException {
@Test
void issueMembershipCredentialToBaseWalletTest400() throws JsonProcessingException {
String bpn = UUID.randomUUID().toString();
String did = DidWebFactory.fromHostnameAndPath(miwSettings.host(), bpn).toString();
String baseBpn = miwSettings.authorityWalletBpn();

// create wallet, in background bpn and summary credential generated
Wallet wallet = TestUtils.getWalletFromString(TestUtils.createWallet(bpn, bpn, restTemplate).getBody());
Wallet wallet = TestUtils.getWalletFromString(TestUtils.createWallet(bpn, bpn, restTemplate,baseBpn).getBody());

//add 2 subject in VC for testing
List<IssuersCredential> vcs = issuersCredentialRepository.getByIssuerDidAndHolderDidAndType(miwSettings.authorityWalletDid(), wallet.getDid(), MIWVerifiableCredentialType.SUMMARY_CREDENTIAL);
Expand Down Expand Up @@ -278,9 +280,10 @@ void issueMembershipCredentialToBaseWalletTest201() throws JsonProcessingExcepti
void issueMembershipCredentialTest201() throws JsonProcessingException, JSONException {

String bpn = UUID.randomUUID().toString();
String baseBpn = miwSettings.authorityWalletBpn();

//create wallet
Wallet wallet = TestUtils.getWalletFromString(TestUtils.createWallet(bpn, bpn, restTemplate).getBody());
Wallet wallet = TestUtils.getWalletFromString(TestUtils.createWallet(bpn, bpn, restTemplate,baseBpn).getBody());
String oldSummaryCredentialId = TestUtils.getSummaryCredentialId(wallet.getDid(), holdersCredentialRepository);

ResponseEntity<String> response = TestUtils.issueMembershipVC(restTemplate, bpn, miwSettings.authorityWalletBpn());
Expand Down
4 changes: 2 additions & 2 deletions src/test/java/org/eclipse/tractusx/managedidentitywallets/vc/PresentationValidationTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -94,13 +94,13 @@ public void setup() {
CreateWalletRequest createWalletRequest = new CreateWalletRequest();
createWalletRequest.setBpn(bpnTenant_1);
createWalletRequest.setName("My Test Tenant Wallet");
Wallet tenantWallet = walletService.createWallet(createWalletRequest);
Wallet tenantWallet = walletService.createWallet(createWalletRequest,bpnOperator);
tenant_1 = DidParser.parse(tenantWallet.getDid());

CreateWalletRequest createWalletRequest2 = new CreateWalletRequest();
createWalletRequest2.setBpn(bpnTenant_2);
createWalletRequest2.setName("My Test Tenant Wallet");
Wallet tenantWallet2 = walletService.createWallet(createWalletRequest2);
Wallet tenantWallet2 = walletService.createWallet(createWalletRequest2,bpnOperator);
tenant_2 = DidParser.parse(tenantWallet2.getDid());

IssueMembershipCredentialRequest issueMembershipCredentialRequest = new IssueMembershipCredentialRequest();
Expand Down
34 changes: 4 additions & 30 deletions src/test/java/org/eclipse/tractusx/managedidentitywallets/vp/PresentationTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -243,37 +243,10 @@ void createPresentationWithInvalidBPNAccess403() throws JsonProcessingException
Assertions.assertEquals(vpResponse.getStatusCode().value(), HttpStatus.NOT_FOUND.value());
}

@Test
void createPresentationWithMoreThenOneVC400() throws JsonProcessingException {
String bpn = UUID.randomUUID().toString();
String didWeb = DidWebFactory.fromHostnameAndPath(miwSettings.host(), bpn).toString();

ResponseEntity<String> response = TestUtils.createWallet(bpn, bpn, restTemplate);
Assertions.assertEquals(response.getStatusCode().value(), HttpStatus.CREATED.value());
Wallet wallet = TestUtils.getWalletFromString(response.getBody());

//get BPN credentials
List<HoldersCredential> credentials = holdersCredentialRepository.getByHolderDidAndType(wallet.getDid(), MIWVerifiableCredentialType.BPN_CREDENTIAL);
Assertions.assertFalse(credentials.isEmpty());
Map<String, Object> map = objectMapper.readValue(credentials.get(0).getData().toJson(), Map.class);

//create request
Map<String, Object> request = new HashMap<>();
request.put(StringPool.HOLDER_IDENTIFIER, wallet.getDid());
request.put(StringPool.VERIFIABLE_CREDENTIALS, List.of(map, map));

HttpHeaders headers = AuthenticationUtils.getValidUserHttpHeaders("invalid bpn");
headers.put(HttpHeaders.CONTENT_TYPE, List.of(MediaType.APPLICATION_JSON_VALUE));

HttpEntity<String> entity = new HttpEntity<>(objectMapper.writeValueAsString(request), headers);

ResponseEntity<Map> vpResponse = restTemplate.exchange(RestURI.API_PRESENTATIONS + "?asJwt={asJwt}&audience={audience}", HttpMethod.POST, entity, Map.class, true, "companyA");
Assertions.assertEquals(vpResponse.getStatusCode().value(), HttpStatus.BAD_REQUEST.value());
}

@NotNull
private Map<String, Object> getIssueVPRequest(String bpn) throws JsonProcessingException {
ResponseEntity<String> response = TestUtils.createWallet(bpn, bpn, restTemplate);
String baseBpn = miwSettings.authorityWalletBpn();
ResponseEntity<String> response = TestUtils.createWallet(bpn, bpn, restTemplate,baseBpn);
Assertions.assertEquals(response.getStatusCode().value(), HttpStatus.CREATED.value());
Wallet wallet = TestUtils.getWalletFromString(response.getBody());

Expand All @@ -291,7 +264,8 @@ private Map<String, Object> getIssueVPRequest(String bpn) throws JsonProcessingE

@NotNull
private ResponseEntity<Map> getIssueVPRequestWithShortExpiry(String bpn, String audience) throws JsonProcessingException {
ResponseEntity<String> response = TestUtils.createWallet(bpn, bpn, restTemplate);
String baseBpn = miwSettings.authorityWalletBpn();
ResponseEntity<String> response = TestUtils.createWallet(bpn, bpn, restTemplate,baseBpn);
Assertions.assertEquals(response.getStatusCode().value(), HttpStatus.CREATED.value());
Wallet wallet = TestUtils.getWalletFromString(response.getBody());

Expand Down
Loading

0 comments on commit 99b0117

Please sign in to comment.