Merge pull request WebOfTrust#234 from roots-id/serder-validation-error

Return 400 when Serder validation fails
pfeairheller · May 6, 2024 · 44cc2d8 · 44cc2d8
2 parents b74d5cc + 36fa77f
commit 44cc2d8
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 8 deletions.
diff --git a/src/keria/app/credentialing.py b/src/keria/app/credentialing.py
@@ -546,13 +546,17 @@ def on_post(self, req, rep, name):
         hab = agent.hby.habByName(name)
         if hab is None:
             raise falcon.HTTPNotFound(description="name is not a valid reference to an identifier")
-
-        creder = serdering.SerderACDC(sad=httping.getRequiredParam(body, "acdc"))
-        iserder = serdering.SerderKERI(sad=httping.getRequiredParam(body, "iss"))
-        if "ixn" in body:
-            anc = serdering.SerderKERI(sad=httping.getRequiredParam(body, "ixn"))
-        else:
-            anc = serdering.SerderKERI(sad=httping.getRequiredParam(body, "rot"))
+        try: 
+            creder = serdering.SerderACDC(sad=httping.getRequiredParam(body, "acdc"))
+            iserder = serdering.SerderKERI(sad=httping.getRequiredParam(body, "iss"))
+            if "ixn" in body:
+                anc = serdering.SerderKERI(sad=httping.getRequiredParam(body, "ixn"))
+            else:
+                anc = serdering.SerderKERI(sad=httping.getRequiredParam(body, "rot"))
+        except (kering.ValidationError, json.decoder.JSONDecodeError) as e:
+            rep.status = falcon.HTTP_400
+            rep.text = e.args[0]
+            return
 
         regk = iserder.ked['ri']
         if regk not in agent.rgy.tevers:

diff --git a/tests/app/test_credentialing.py b/tests/app/test_credentialing.py
@@ -292,7 +292,7 @@ def test_issue_credential(helpers, seeder):
         assert result.status_code == 404
         assert result.json == {'description': "name is not a valid reference to an identifier",
                                'title': '404 Not Found'}
-
+        
         result = client.simulate_post(path="/identifiers/issuer/credentials", body=json.dumps(body).encode("utf-8"))
         op = result.json
 
@@ -304,6 +304,9 @@ def test_issue_credential(helpers, seeder):
 
         assert agent.credentialer.complete(creder.said) is True
 
+        body["acdc"]["a"]["LEI"] = "ACDC10JSON000197_"
+        result = client.simulate_post(path="/identifiers/issuer/credentials", body=json.dumps(body).encode("utf-8"))
+        assert result.status_code == 400
 
 def test_credentialing_ends(helpers, seeder):
     salt = b'0123456789abcdef'