Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

backport fix vdr v1 CreateDID KeyFlags #3615

Merged
merged 1 commit into from
Dec 16, 2024
Merged

backport fix vdr v1 CreateDID KeyFlags #3615

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
25 changes: 17 additions & 8 deletions docs/_static/vdr/v1.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,10 +11,12 @@ paths:
/internal/vdr/v1/did:
post:
summary: Creates a new Nuts DID
deprecated: true
description: |
The DID Document will be created according to the given request. If a combination of options is not allowed, a 400 is returned.
The default values for selfControl, assertionMethod, keyAgreement, and capabilityInvocation are true. The default for controllers is an empty list. All other options default to false.
Only a single keypair will be generated. All enabled methods will reuse the same key pair. A seperate keypair will be generated to generate the DID if SelfControl is false.
Starting with v6.0.0, the entire body will be ignored and default values will be used.
The default values are: selfControl = true, assertionMethod = true, keyAgreement = true, capabilityInvocation = true, capabilityDelegation = true, authentication = true and controllers = [].

Only a single keypair will be generated. All enabled methods will reuse the same key pair.

error returns:
* 400 - Invalid (combination of) options
Expand Down Expand Up @@ -272,7 +274,7 @@ components:
authentication:
type: boolean
description: indicates if the generated key pair can be used for authentication.
default: false
default: true
capabilityInvocation:
type: boolean
description: |
Expand All @@ -288,6 +290,17 @@ components:
type: boolean
description: indicates if the generated key pair can be used for Key agreements.
default: true
selfControl:
type: boolean
description: whether the generated DID Document can be altered with its own capabilityInvocation key.
default: true
controllers:
type: array
items:
type: string
description: |
List of DID controllers. The DID controllers are the entities that can alter the DID Document.
default: []
VerificationMethodRelationship:
properties:
assertionMethod:
Expand All @@ -313,10 +326,6 @@ components:
type: boolean
description: indicates if the generated key pair can be used for Key agreements.
default: true
selfControl:
type: boolean
description: whether the generated DID Document can be altered with its own capabilityInvocation key.
default: true
securitySchemes:
jwtBearerAuth:
type: http
Expand Down
11 changes: 11 additions & 0 deletions docs/pages/release_notes.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,17 @@
Release notes
#############

***************
Peanut (v6.0.6)
***************

Release date: 2024-12-16

- `#3610 <https://github.com/nuts-foundation/nuts-node/issues/3610>`_: Fix DID Creation with VDR V1 API.
The Body for POST /internal/vdr/v1/did is now completely ignored, defaults are used.

**Full Changelog**: https://github.com/nuts-foundation/nuts-node/compare/v6.0.5...v6.0.6

***************
Peanut (v6.0.5)
***************
Expand Down
12 changes: 3 additions & 9 deletions vdr/api/v1/api.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -125,15 +125,9 @@ func (a *Wrapper) Routes(router core.EchoRouter) {
}

// CreateDID creates a new DID Document and returns it.
func (a *Wrapper) CreateDID(ctx context.Context, request CreateDIDRequestObject) (CreateDIDResponseObject, error) {
options := didsubject.DefaultCreationOptions()

defaultKeyFlags := didnuts.DefaultKeyFlags()
keyFlags := request.Body.VerificationMethodRelationship.ToFlags(defaultKeyFlags)
if keyFlags != defaultKeyFlags {
options = options.With(keyFlags)
}
options = options.With(didsubject.NutsLegacyNamingOption{})
func (a *Wrapper) CreateDID(ctx context.Context, _ CreateDIDRequestObject) (CreateDIDResponseObject, error) {
// request body is ignored, defaults are used.
options := didsubject.DefaultCreationOptions().With(didsubject.NutsLegacyNamingOption{})

docs, _, err := a.SubjectManager.Create(ctx, options)
// if this operation leads to an error, it may return a 500
Expand Down
3 changes: 2 additions & 1 deletion vdr/api/v1/api_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ package v1
import (
"context"
"errors"
"github.com/nuts-foundation/nuts-node/core/to"
"github.com/nuts-foundation/nuts-node/storage/orm"
"github.com/nuts-foundation/nuts-node/vdr/didsubject"
"net/http"
Expand All @@ -48,7 +49,7 @@ func TestWrapper_CreateDID(t *testing.T) {

t.Run("ok - defaults", func(t *testing.T) {
ctx := newMockContext(t)
request := DIDCreateRequest{}
request := DIDCreateRequest{SelfControl: to.Ptr(false)} // SelfControl value is overwritten with default
ctx.subjectManager.EXPECT().Create(gomock.Any(), didsubject.DefaultCreationOptions().With(didsubject.NutsLegacyNamingOption{})).Return([]did.Document{*didDoc}, "subject", nil)

response, err := ctx.client.CreateDID(nil, CreateDIDRequestObject{Body: &request})
Expand Down
Loading