Skip to content

Commit

Permalink
feat(credential): add filter, get credentials
Browse files Browse the repository at this point in the history
  • Loading branch information
@s1fr0
s1fr0 committed Jan 24, 2023
1 parent d1afdeb commit 7566cad
Show file tree
Hide file tree
Showing 2 changed files with 47 additions and 26 deletions.
16 changes: 12 additions & 4 deletions tests/v2/test_utils_credentials.nim
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,9 +42,6 @@ procSuite "Credentials test suite":
check:
keystore.isOk()

echo keystore.get()


asyncTest "Add credential to keystore":

let filepath = "./testAppKeystore.txt"
Expand Down Expand Up @@ -144,4 +141,15 @@ procSuite "Credentials test suite":
version = "0.1")

check:
keystore.isOk()
keystore.isOk()



let creds = getMembershipCredentials(path = filepath,
password = password,
filterIdentityCredentials = @[idCredential],
filterMembershipContracts = @[contract1],
application = "test",
appIdentifier = "1234",
version = "0.1")
echo creds
57 changes: 35 additions & 22 deletions waku/v2/utils/credentials.nim
View file
Original file line number Diff line number Diff line change
Expand Up @@ -295,29 +295,42 @@ proc addMembershipCredentials*(path: string,
return ok()


proc filterCredential*(credential: var MembershipCredentials,
identityCredentials: seq[IdentityCredential] = @[],
membershipGroups: seq[MembershipGroup] = @[]): bool =
proc filterCredential*(credential: MembershipCredentials,
filterIdentityCredentials: seq[IdentityCredential],
filterMembershipContracts: seq[MembershipContract]): Option[MembershipCredentials] =

var identityFilter: bool = false
var membershipFilter: bool = false

# If filter is empty, we return the credential
if identityCredentials.len() == 0:
identityFilter = true
else:
identityFilter = true

if membershipGroups.len() == 0:
membershipFilter = true

return identityFilter and membershipFilter
# We filter by identity credentials
if filterIdentityCredentials.len() != 0:
if (credential.identityCredential in filterIdentityCredentials) == false:
return none(MembershipCredentials)

# We filter by membership groups credentials
if filterMembershipContracts.len() != 0:
# Here we keep only groups that match a contract in the filter
var membershipGroupsIntersection: seq[MembershipGroup] = @[]
# We check if we have a group in the input credential matching any contract in the filter
for membershipGroup in credential.membershipGroups:
if membershipGroup.membershipContract in filterMembershipContracts:
membershipGroupsIntersection.add(membershipGroup)

if membershipGroupsIntersection.len() != 0:
# If we have a match on some groups, we return the credential with filtered groups
return some(MembershipCredentials(identityCredential: credential.identityCredential,
membershipGroups: membershipGroupsIntersection))

else:
return none(MembershipCredentials)

# We hit this return only if
# - filterIdentityCredentials.len() == 0 and filterMembershipContracts.len() == 0 (no filter)
# - filterIdentityCredentials.len() != 0 and filterMembershipContracts.len() == 0 (filter only on identity credential)
# Indeed, filterMembershipContracts.len() != 0 will have its exclusive return based on all values of membershipGroupsIntersection.len()
return some(credential)

proc getMembershipCredentials*(path: string,
password: string,
identityCredentials: seq[IdentityCredential] = @[],
membershipGroups: seq[MembershipGroup] = @[],
filterIdentityCredentials: seq[IdentityCredential] = @[],
filterMembershipContracts: seq[MembershipContract] = @[],
application: string,
appIdentifier: string,
version: string): KeystoreResult[seq[MembershipCredentials]] =
Expand Down Expand Up @@ -349,10 +362,10 @@ proc getMembershipCredentials*(path: string,
let jsonObject = parseJson(string.fromBytes(decodedKeyfile.get()))
let keyfileMembershipCredential = to(jsonObject, MembershipCredentials)


outputMembershipCredentials.add(keyfileMembershipCredential)


let filteredCredential = filterCredential(keyfileMembershipCredential, filterIdentityCredentials, filterMembershipContracts)

if filteredCredential.isSome():
outputMembershipCredentials.add(filteredCredential.get())

# TODO: we might continue rather than return for some of these errors
except JsonParsingError:
Expand Down

0 comments on commit 7566cad

Please sign in to comment.