def test_did():
assert DID.did().startswith(OCEAN_PREFIX)
assert len(DID.did()) - len(OCEAN_PREFIX) == 64
assert DID.did() != DID.did(), ''
_id = did_to_id(DID.did())
assert not _id.startswith(
'0x'), 'id portion of did should not have a 0x prefix.'
def test_resolve_did(publisher_ocean_instance):
# prep ddo
metadata = Metadata.get_example()
publisher = publisher_ocean_instance.main_account
original_ddo = publisher_ocean_instance.assets.create(metadata, publisher)
# happy path
did = original_ddo.did
ddo = publisher_ocean_instance.assets.resolve(did).as_dictionary()
original = original_ddo.as_dictionary()
assert ddo['publicKey'] == original['publicKey']
assert ddo['authentication'] == original['authentication']
assert ddo['service']
assert original['service']
assert ddo['service'][:-1] == original['service'][:-1]
# assert ddo == original_ddo.as_dictionary(), 'Resolved ddo does not match original.'
# Can't resolve unregistered asset
unregistered_did = DID.did()
with pytest.raises(OceanDIDNotFound):
publisher_ocean_instance.assets.resolve(unregistered_did)
# Raise error on bad did
invalid_did = "did:op:0123456789"
with pytest.raises(OceanDIDNotFound):
publisher_ocean_instance.assets.resolve(invalid_did)
def encrypt(ctx, plain_text):
ocean, account = ctx.obj['ocean'], ctx.obj['account']
doc_id = did_to_id(DID.did())
encrypted_document = ocean.secret_store.encrypt(doc_id, plain_text, account)
echo({
'docId': doc_id,
'encryptedDocument': encrypted_document
})
def test_did_to_id():
did = DID.did()
_id = did_to_id(did)
assert _id is not None and len(_id) == 64, ''
test_id = '%s' % secrets.token_hex(32)
assert did_to_id(f'{OCEAN_PREFIX}{test_id}') == test_id
assert did_to_id('did:op1:011') == '011'
assert did_to_id('did:op:0') == '0'
with pytest.raises(ValueError):
did_to_id(OCEAN_PREFIX)
assert did_to_id(f'{OCEAN_PREFIX}AB*&$#') == 'AB', ''
def test_get_resolve_url(publisher_ocean_instance):
ocean = publisher_ocean_instance
register_account = ocean.main_account
did_registry = keeper().did_registry
did = DID.did()
value_test = 'http://localhost:5000'
did_resolver = DIDResolver(keeper().did_registry)
did_registry.register(did,
b'test',
url=value_test,
account=register_account)
did_id = did_to_id(did)
url = did_resolver.get_resolve_url(Web3.toBytes(hexstr=did_id))
assert url == value_test
def test_publish(client, publisher_ocean_instance):
ocn = publisher_ocean_instance
endpoint = BaseURLs.ASSETS_URL + '/publish'
did = DID.did()
asset_id = did_to_id(did)
account = get_provider_account(ocn)
test_urls = ['url 0', 'url 1', 'url 2']
urls_json = json.dumps(test_urls)
signature = Keeper.get_instance().sign_hash(asset_id, account)
address = Web3Provider.get_web3().personal.ecRecover(asset_id, signature)
assert address.lower() == account.address.lower()
payload = {
'documentId': asset_id,
'signedDocumentId': signature,
'document': urls_json,
'publisherAddress': account.address
}
post_response = client.post(endpoint,
data=json.dumps(payload),
content_type='application/json')
encrypted_url = post_response.data.decode('utf-8')
assert encrypted_url.startswith('0x')
def setup_things():
config = ConfigProvider.get_config()
consumer_acc = get_consumer_account(config)
publisher_acc = get_publisher_account(config)
keeper = Keeper.get_instance()
service_definition_id = 'Access'
ddo = get_ddo_sample()
ddo._did = DID.did()
keeper.did_registry.register(ddo.did,
checksum=Web3Provider.get_web3().sha3(
text=ddo.metadata['base']['checksum']),
url='aquarius:5000',
account=publisher_acc,
providers=None)
registered_ddo = ddo
asset_id = registered_ddo.asset_id
service_agreement = ServiceAgreement.from_ddo(service_definition_id, ddo)
agreement_id = ServiceAgreement.create_new_agreement_id()
price = service_agreement.get_price()
access_cond_id, lock_cond_id, escrow_cond_id = \
service_agreement.generate_agreement_condition_ids(
agreement_id, asset_id, consumer_acc.address, publisher_acc.address, keeper
)
return (
keeper,
publisher_acc,
consumer_acc,
agreement_id,
asset_id,
price,
service_agreement,
(lock_cond_id, access_cond_id, escrow_cond_id),
)
def asset2():
asset = _get_asset('ddo_sample2.json')
asset._did = DID.did()
return asset
def test_get_resolve_multiple_urls(publisher_ocean_instance):
ocean = publisher_ocean_instance
register_account = ocean.main_account
did_registry = keeper().did_registry
did = DID.did()
did2 = DID.did()
did3 = DID.did()
did4 = DID.did()
did5 = DID.did()
did6 = DID.did()
did7 = DID.did()
did8 = DID.did()
did9 = DID.did()
did10 = DID.did()
value_test = 'http://localhost:5000'
value_test2 = 'http://localhost:5001'
value_test3 = 'http://localhost:5002'
value_test4 = 'http://localhost:5003'
value_test5 = 'http://localhost:5004'
value_test6 = 'http://localhost:5005'
value_test7 = 'http://localhost:5006'
value_test8 = 'http://localhost:5007'
value_test9 = 'http://localhost:5008'
value_test10 = 'http://localhost:5009'
did_resolver = DIDResolver(keeper().did_registry)
did_registry.register(did,
b'test',
url=value_test,
account=register_account)
did_registry.register(did2,
b'test',
url=value_test2,
account=register_account)
did_registry.register(did3,
b'test',
url=value_test3,
account=register_account)
did_registry.register(did4,
b'test',
url=value_test4,
account=register_account)
did_registry.register(did5,
b'test',
url=value_test5,
account=register_account)
did_registry.register(did6,
b'test',
url=value_test6,
account=register_account)
did_registry.register(did7,
b'test',
url=value_test7,
account=register_account)
did_registry.register(did8,
b'test',
url=value_test8,
account=register_account)
did_registry.register(did9,
b'test',
url=value_test9,
account=register_account)
did_registry.register(did10,
b'test',
url=value_test10,
account=register_account)
did_id = did_to_id(did)
did_id2 = did_to_id(did2)
did_id3 = did_to_id(did3)
did_id4 = did_to_id(did4)
did_id5 = did_to_id(did5)
did_id6 = did_to_id(did6)
did_id7 = did_to_id(did7)
did_id8 = did_to_id(did8)
did_id9 = did_to_id(did9)
did_id10 = did_to_id(did10)
url = did_resolver.get_resolve_url(Web3.toBytes(hexstr=did_id))
url2 = did_resolver.get_resolve_url(Web3.toBytes(hexstr=did_id2))
url3 = did_resolver.get_resolve_url(Web3.toBytes(hexstr=did_id3))
url4 = did_resolver.get_resolve_url(Web3.toBytes(hexstr=did_id4))
url5 = did_resolver.get_resolve_url(Web3.toBytes(hexstr=did_id5))
url6 = did_resolver.get_resolve_url(Web3.toBytes(hexstr=did_id6))
url7 = did_resolver.get_resolve_url(Web3.toBytes(hexstr=did_id7))
url8 = did_resolver.get_resolve_url(Web3.toBytes(hexstr=did_id8))
url9 = did_resolver.get_resolve_url(Web3.toBytes(hexstr=did_id9))
url10 = did_resolver.get_resolve_url(Web3.toBytes(hexstr=did_id10))
assert url == value_test
assert url2 == value_test2
assert url3 == value_test3
assert url4 == value_test4
assert url5 == value_test5
assert url6 == value_test6
assert url7 == value_test7
assert url8 == value_test8
assert url9 == value_test9
assert url10 == value_test10
def test_check_permissions_not_registered_did():
consumer_account = get_consumer_account(ConfigProvider.get_config())
assert not access_secret_store_condition.check_permissions(
did_to_id(DID.did()), consumer_account.address)
def create(self,
metadata,
publisher_account,
service_descriptors=None,
providers=None,
use_secret_store=True):
"""
Register an asset in both the keeper's DIDRegistry (on-chain) and in the Metadata store (
Aquarius).
:param metadata: dict conforming to the Metadata accepted by Ocean Protocol.
:param publisher_account: Account of the publisher registering this asset
:param service_descriptors: list of ServiceDescriptor tuples of length 2.
The first item must be one of ServiceTypes and the second
item is a dict of parameters and values required by the service
:param providers: list of addresses of providers of this asset (a provider is
an ethereum account that is authorized to provide asset services)
:return: DDO instance
"""
assert isinstance(
metadata,
dict), f'Expected metadata of type dict, got {type(metadata)}'
if not metadata or not Metadata.validate(metadata):
raise OceanInvalidMetadata(
'Metadata seems invalid. Please make sure'
' the required metadata values are filled in.')
# copy metadata so we don't change the original
metadata_copy = copy.deepcopy(metadata)
# Create a DDO object
did = DID.did()
logger.debug(f'Generating new did: {did}')
# Check if it's already registered first!
if did in self._get_aquarius().list_assets():
raise OceanDIDAlreadyExist(
f'Asset id {did} is already registered to another asset.')
ddo = DDO(did)
# Add public key and authentication
ddo.add_public_key(did, publisher_account.address)
ddo.add_authentication(did, PUBLIC_KEY_TYPE_RSA)
priv_key = ddo.get_private_key()
# Setup metadata service
# First replace `files` with encrypted `files`
assert metadata_copy['base'][
'files'], 'files is required in the metadata base attributes.'
assert Metadata.validate(metadata), 'metadata seems invalid.'
logger.debug('Encrypting content urls in the metadata.')
brizo = BrizoProvider.get_brizo()
if not use_secret_store:
encrypt_endpoint = brizo.get_encrypt_endpoint(self._config)
files_encrypted = brizo.encrypt_files_dict(
metadata_copy['base']['files'], encrypt_endpoint, ddo.asset_id,
publisher_account.address,
self._keeper.sign_hash(ddo.asset_id, publisher_account))
else:
files_encrypted = self._get_secret_store(publisher_account) \
.encrypt_document(
did_to_id(did),
json.dumps(metadata_copy['base']['files']),
)
metadata_copy['base']['checksum'] = ddo.generate_checksum(
did, metadata)
ddo.add_proof(metadata_copy['base']['checksum'],
publisher_account.address,
private_key=priv_key)
# only assign if the encryption worked
if files_encrypted:
logger.info(
f'Content urls encrypted successfully {files_encrypted}')
index = 0
for file in metadata_copy['base']['files']:
file['index'] = index
index = index + 1
del file['url']
metadata_copy['base']['encryptedFiles'] = files_encrypted
else:
raise AssertionError(
'Encrypting the files failed. Make sure the secret store is'
' setup properly in your config file.')
# DDO url and `Metadata` service
ddo_service_endpoint = self._get_aquarius().get_service_endpoint(did)
metadata_service_desc = ServiceDescriptor.metadata_service_descriptor(
metadata_copy, ddo_service_endpoint)
if not service_descriptors:
service_descriptors = [
ServiceDescriptor.authorization_service_descriptor(
self._config.secret_store_url)
]
brizo = BrizoProvider.get_brizo()
service_descriptors += [
ServiceDescriptor.access_service_descriptor(
metadata[MetadataBase.KEY]['price'],
brizo.get_purchase_endpoint(self._config),
brizo.get_service_endpoint(self._config), 3600,
self._keeper.escrow_access_secretstore_template.address)
]
else:
service_types = set(map(lambda x: x[0], service_descriptors))
if ServiceTypes.AUTHORIZATION not in service_types:
service_descriptors += [
ServiceDescriptor.authorization_service_descriptor(
self._config.secret_store_url)
]
else:
brizo = BrizoProvider.get_brizo()
service_descriptors += [
ServiceDescriptor.access_service_descriptor(
metadata[MetadataBase.KEY]['price'],
brizo.get_purchase_endpoint(self._config),
brizo.get_service_endpoint(self._config), 3600, self.
_keeper.escrow_access_secretstore_template.address)
]
# Add all services to ddo
service_descriptors = service_descriptors + [metadata_service_desc]
for service in ServiceFactory.build_services(did, service_descriptors):
ddo.add_service(service)
logger.debug(
f'Generated ddo and services, DID is {ddo.did},'
f' metadata service @{ddo_service_endpoint}, '
f'`Access` service purchase @{ddo.services[0].endpoints.service}.')
response = None
try:
# publish the new ddo in ocean-db/Aquarius
response = self._get_aquarius().publish_asset_ddo(ddo)
logger.debug('Asset/ddo published successfully in aquarius.')
except ValueError as ve:
raise ValueError(
f'Invalid value to publish in the metadata: {str(ve)}')
except Exception as e:
logger.error(f'Publish asset in aquarius failed: {str(e)}')
if not response:
return None
# register on-chain
self._keeper.did_registry.register(
did,
checksum=Web3Provider.get_web3().sha3(
text=metadata_copy['base']['checksum']),
url=ddo_service_endpoint,
account=publisher_account,
providers=providers)
logger.info(f'DDO with DID {did} successfully registered on chain.')
return ddo