def test_read_unique_asset_endorsement_header(
client: Client,
endorser: PublicIdentity,
mocked_requests_200: respx.MockTransport,
) -> None:
"""GET request has only x-iov42-authentication header."""
asset = Asset(asset_type_id="1234567")
client.get(asset, claim=b"claim-1", endorser_id=endorser.identity_id)
assert mocked_requests_200["read_asset_endorsement"].call_count == 1
http_request, _ = mocked_requests_200["read_asset_endorsement"].calls[0]
assert "x-iov42-authentication" in [*http_request.headers]
def test_get_node_id(
client: Client,
mocked_requests_200: respx.MockTransport,
) -> None:
"""Retrieve node_id on the very first GET request."""
client.get(
Asset(asset_type_id="1234567"),
claim=b"claim-1",
endorser_id=client.identity.identity_id,
)
assert client.node_id == "node-1"
assert mocked_requests_200["read_node_info"].call_count == 1
def read_endorsement(
ctx: click.core.Context,
identity: str,
endorser_id: str,
entity_type: str,
entity_id: str,
asset_type_id: str,
claim: str,
) -> None:
"""Read specific endorsement of a claim (identity, asset type, unique asset)."""
if entity_type.lower() == "asset":
entity = Asset(asset_type_id=asset_type_id, asset_id=entity_id)
else:
raise NotImplementedError # pragma: no cover
id = _load_identity(identity)
client = Client(ctx.obj["url"], id)
response = client.get(
entity,
claim=claim.encode(),
endorser_id=endorser_id,
request_id=ctx.obj["request_id"],
)
print(f"{entity!r}")
print(f"{claim!r}")
print(f"endorser: {response.endorser_id!r}") # type: ignore[union-attr]
def test_authentication_header(
client: Client,
endorser: PublicIdentity,
mocked_requests_200: respx.MockTransport,
) -> None:
"""The x-iov42-authentication header is signed by the identity."""
asset = Asset(asset_type_id="1234567")
client.get(asset, claim=b"claim-1", endorser_id=endorser.identity_id)
http_request, _ = mocked_requests_200["read_asset_endorsement"].calls[0]
authentication = json.loads(
iov42_decode(http_request.headers["x-iov42-authentication"].encode()))
assert len(authentication) == 3
assert authentication["identityId"] == client.identity.identity_id
assert authentication[
"protocolId"] == client.identity.private_key.protocol.name
def test_authentication_header_signature(
client: Client,
endorser: PublicIdentity,
mocked_requests_200: respx.MockTransport,
) -> None:
"""Signature of x-iov42-authentication header is the signed request URL."""
asset = Asset(asset_type_id="1234567")
client.get(asset, claim=b"claim-1", endorser_id=endorser.identity_id)
http_request, _ = mocked_requests_200["read_asset_endorsement"].calls[0]
authentication = json.loads(
iov42_decode(http_request.headers["x-iov42-authentication"].encode()))
try:
content = http_request.url.raw_path
client.identity.verify_signature(authentication["signature"], content)
except InvalidSignature:
pytest.fail("Signature verification failed")
def test_node_id_cached(
client: Client,
mocked_requests_200: respx.MockTransport,
) -> None:
"""node_id is cached after the first GET request."""
client.get(
Asset(asset_type_id="1234567"),
claim=b"claim-1",
endorser_id=client.identity.identity_id,
)
client.get(
Asset(asset_type_id="1234567"),
claim=b"claim-1",
endorser_id=client.identity.identity_id,
)
assert mocked_requests_200["read_node_info"].call_count == 1
def test_read_endorsement_unique_asset(
alice_client: Client,
existing_asset: Asset,
existing_asset_claims: List[bytes],
) -> None:
"""Show how to read an endorsement against an asset claim."""
response = alice_client.get(
existing_asset,
claim=existing_asset_claims[0],
endorser_id=alice_client.identity.identity_id,
)
# What should we return here?
assert response.proof.startswith("/api/v1/proofs/")
assert response.endorser_id == alice_client.identity.identity_id # type: ignore[union-attr]
assert response.endorsement # type: ignore[union-attr]