From cee06ff8a5f59a102583676b700f574ac9816ed1 Mon Sep 17 00:00:00 2001 From: Leon Date: Tue, 21 Jan 2020 14:12:14 +0100 Subject: [PATCH 1/2] Handle requests that specify credentials rather than attributes without crashing --- irmagobridge/session_handler.go | 96 ++++++++++++++++++++++----------- 1 file changed, 64 insertions(+), 32 deletions(-) diff --git a/irmagobridge/session_handler.go b/irmagobridge/session_handler.go index 0538e9ff..1cad10e1 100644 --- a/irmagobridge/session_handler.go +++ b/irmagobridge/session_handler.go @@ -1,6 +1,7 @@ package irmagobridge import ( + "errors" "github.com/privacybydesign/irmago" "github.com/privacybydesign/irmago/irmaclient" ) @@ -92,55 +93,86 @@ func (sh *SessionHandler) UnsatisfiableRequest(request irma.SessionRequest, sendAction(action) } +func CheckContainsCredentialIdentifiers(request *irma.DisclosureRequest) *irma.SessionError { + for _, discon := range request.Disclose { + for _, con := range discon { + for _, attrReq := range con { + if attrReq.Type.IsCredential() { + return &irma.SessionError{ + ErrorType: irma.ErrorInvalidRequest, + Err: errors.New("Request should only contain AttributeIdentifiers"), + } + } + } + } + } + return nil +} + func (sh *SessionHandler) RequestIssuancePermission(request *irma.IssuanceRequest, candidates [][][]*irma.AttributeIdentifier, serverName irma.TranslatedString, ph irmaclient.PermissionHandler) { logDebug("Handling RequestIssuancePermission") disclose := request.Disclose if disclose == nil { disclose = irma.AttributeConDisCon{} } - action := &OutgoingAction{ - "type": "IrmaSession.RequestIssuancePermission", - "sessionId": sh.sessionID, - "serverName": serverName, - "issuedCredentials": request.CredentialInfoList, - "disclosures": disclose, - "disclosuresLabels": request.Labels, - "disclosuresCandidates": candidates, + err := CheckContainsCredentialIdentifiers(request.Disclosure()) + if err != nil { + sh.Failure(err) + } else { + action := &OutgoingAction{ + "type": "IrmaSession.RequestIssuancePermission", + "sessionId": sh.sessionID, + "serverName": serverName, + "issuedCredentials": request.CredentialInfoList, + "disclosures": disclose, + "disclosuresLabels": request.Labels, + "disclosuresCandidates": candidates, + } + + sh.permissionHandler = ph + sendAction(action) } - - sh.permissionHandler = ph - sendAction(action) } func (sh *SessionHandler) RequestVerificationPermission(request *irma.DisclosureRequest, candidates [][][]*irma.AttributeIdentifier, serverName irma.TranslatedString, ph irmaclient.PermissionHandler) { logDebug("Handling RequestVerificationPermission") - action := &OutgoingAction{ - "type": "IrmaSession.RequestVerificationPermission", - "sessionId": sh.sessionID, - "serverName": serverName, - "disclosures": request.Disclose, - "disclosuresLabels": request.Labels, - "disclosuresCandidates": candidates, + err := CheckContainsCredentialIdentifiers(request) + if err != nil { + sh.Failure(err) + } else { + action := &OutgoingAction{ + "type": "IrmaSession.RequestVerificationPermission", + "sessionId": sh.sessionID, + "serverName": serverName, + "disclosures": request.Disclose, + "disclosuresLabels": request.Labels, + "disclosuresCandidates": candidates, + } + + sh.permissionHandler = ph + sendAction(action) } - - sh.permissionHandler = ph - sendAction(action) } func (sh *SessionHandler) RequestSignaturePermission(request *irma.SignatureRequest, candidates [][][]*irma.AttributeIdentifier, serverName irma.TranslatedString, ph irmaclient.PermissionHandler) { logDebug("Handling RequestSignaturePermission") - action := &OutgoingAction{ - "type": "IrmaSession.RequestSignaturePermission", - "sessionId": sh.sessionID, - "serverName": serverName, - "disclosures": request.Disclose, - "disclosuresLabels": request.Labels, - "disclosuresCandidates": candidates, - "message": request.Message, + err := CheckContainsCredentialIdentifiers(request.Disclosure()) + if err != nil { + sh.Failure(err) + } else { + action := &OutgoingAction{ + "type": "IrmaSession.RequestSignaturePermission", + "sessionId": sh.sessionID, + "serverName": serverName, + "disclosures": request.Disclose, + "disclosuresLabels": request.Labels, + "disclosuresCandidates": candidates, + "message": request.Message, + } + + sh.permissionHandler = ph + sendAction(action) } - - sh.permissionHandler = ph - sendAction(action) } func (sh *SessionHandler) RequestPin(remainingAttempts int, ph irmaclient.PinHandler) { From 7f61b02c82af156bd80510f0189899b70508c848 Mon Sep 17 00:00:00 2001 From: Leon Date: Tue, 21 Jan 2020 14:34:55 +0100 Subject: [PATCH 2/2] Eerly returns instead of if/else --- irmagobridge/session_handler.go | 76 ++++++++++++++++----------------- 1 file changed, 38 insertions(+), 38 deletions(-) diff --git a/irmagobridge/session_handler.go b/irmagobridge/session_handler.go index 1cad10e1..70643801 100644 --- a/irmagobridge/session_handler.go +++ b/irmagobridge/session_handler.go @@ -118,20 +118,20 @@ func (sh *SessionHandler) RequestIssuancePermission(request *irma.IssuanceReques err := CheckContainsCredentialIdentifiers(request.Disclosure()) if err != nil { sh.Failure(err) - } else { - action := &OutgoingAction{ - "type": "IrmaSession.RequestIssuancePermission", - "sessionId": sh.sessionID, - "serverName": serverName, - "issuedCredentials": request.CredentialInfoList, - "disclosures": disclose, - "disclosuresLabels": request.Labels, - "disclosuresCandidates": candidates, - } - - sh.permissionHandler = ph - sendAction(action) + return } + action := &OutgoingAction{ + "type": "IrmaSession.RequestIssuancePermission", + "sessionId": sh.sessionID, + "serverName": serverName, + "issuedCredentials": request.CredentialInfoList, + "disclosures": disclose, + "disclosuresLabels": request.Labels, + "disclosuresCandidates": candidates, + } + + sh.permissionHandler = ph + sendAction(action) } func (sh *SessionHandler) RequestVerificationPermission(request *irma.DisclosureRequest, candidates [][][]*irma.AttributeIdentifier, serverName irma.TranslatedString, ph irmaclient.PermissionHandler) { @@ -139,19 +139,19 @@ func (sh *SessionHandler) RequestVerificationPermission(request *irma.Disclosure err := CheckContainsCredentialIdentifiers(request) if err != nil { sh.Failure(err) - } else { - action := &OutgoingAction{ - "type": "IrmaSession.RequestVerificationPermission", - "sessionId": sh.sessionID, - "serverName": serverName, - "disclosures": request.Disclose, - "disclosuresLabels": request.Labels, - "disclosuresCandidates": candidates, - } - - sh.permissionHandler = ph - sendAction(action) + return + } + action := &OutgoingAction{ + "type": "IrmaSession.RequestVerificationPermission", + "sessionId": sh.sessionID, + "serverName": serverName, + "disclosures": request.Disclose, + "disclosuresLabels": request.Labels, + "disclosuresCandidates": candidates, } + + sh.permissionHandler = ph + sendAction(action) } func (sh *SessionHandler) RequestSignaturePermission(request *irma.SignatureRequest, candidates [][][]*irma.AttributeIdentifier, serverName irma.TranslatedString, ph irmaclient.PermissionHandler) { @@ -159,20 +159,20 @@ func (sh *SessionHandler) RequestSignaturePermission(request *irma.SignatureRequ err := CheckContainsCredentialIdentifiers(request.Disclosure()) if err != nil { sh.Failure(err) - } else { - action := &OutgoingAction{ - "type": "IrmaSession.RequestSignaturePermission", - "sessionId": sh.sessionID, - "serverName": serverName, - "disclosures": request.Disclose, - "disclosuresLabels": request.Labels, - "disclosuresCandidates": candidates, - "message": request.Message, - } - - sh.permissionHandler = ph - sendAction(action) + return } + action := &OutgoingAction{ + "type": "IrmaSession.RequestSignaturePermission", + "sessionId": sh.sessionID, + "serverName": serverName, + "disclosures": request.Disclose, + "disclosuresLabels": request.Labels, + "disclosuresCandidates": candidates, + "message": request.Message, + } + + sh.permissionHandler = ph + sendAction(action) } func (sh *SessionHandler) RequestPin(remainingAttempts int, ph irmaclient.PinHandler) {