Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Check for new "derivationOrigin" field in id_alias (#65)
# Motivation Fix issue raised here: https://dfinity.atlassian.net/browse/FOLLOW-1651 which is already merged in II: dfinity/internet-identity#2664 # Changes * Add parameter `expected_derivation_origin` to `AliasTuple` and to verify functions. Use the new param to check the claims of the id alias credential. # Tests There were some hidden dependencies among tests and constants used. For example, the expiration was the same in all the credentials. * I created new variables and scoped the dependencies within the test if possible. * I kept some JWS because they are hard to replicate and there was no need to redo again. Those are the ones that use a local IC root key. * I added new JWS with the new id_alias used for most of the tests. * I added two new tests. One to check that a wrong derivation origin raises an error and another one that the verification fails with the old JWS. # Todos - [x] Add entry to changelog (if necessary).
- Loading branch information