def test_can_revoke_delegation_proof(base_doc_issuer, valid_key_pair, get_api_call, doc_deleg_set, deleg_doc_did, deleg_name): doc = get_doc_with_keys(deleg_control=[ RegisterDelegationProof.build('#Deleg1', controller=Issuer( deleg_doc_did, '#plop2'), proof='proof', revoked=False) ], deleg_auth=[ RegisterDelegationProof.build( '#Deleg2', controller=Issuer(deleg_doc_did, '#plop2'), proof='proof', revoked=False) ], public_keys=[ RegisterPublicKey.build('#MandatoryKey', 'base58Key1', revoked=False) ], did=base_doc_issuer.did) resolver_client = ResolverClientTest(docs={base_doc_issuer.did: doc}) assert not doc_deleg_set(doc)[deleg_name].revoked api = AdvancedIdentityRegisterApi(resolver_client) get_api_call(api)(deleg_name, revoked=True, doc_owner_issuer=base_doc_issuer, doc_owner_key_pair=valid_key_pair) updated_doc = resolver_client.docs[base_doc_issuer.did] assert doc_deleg_set(updated_doc)[deleg_name].revoked
def test_can_get_issuer_from_auth_keys(auth_keys, min_doc_owner_pub_key): doc = get_doc_with_keys(auth_keys=auth_keys.values(), public_keys=[min_doc_owner_pub_key]) issuer_name = '#AuthKey2' issuer_key = RegisterDocumentHelper.get_issuer_register_key( issuer_name, doc, include_auth=True) assert issuer_key == auth_keys[issuer_name]
def test_get_issuer_from_auth_keys_returns_none_if_not_found( auth_keys, min_doc_owner_pub_key): doc = get_doc_with_keys(auth_keys=auth_keys.values(), public_keys=[min_doc_owner_pub_key]) issuer_name = '#DoesNotExist' issuer_key = RegisterDocumentHelper.get_issuer_register_key( issuer_name, doc, include_auth=True) assert not issuer_key
def test_can_get_issuer_from_auth_delegation(auth_deleg_proof, min_doc_owner_pub_key): doc = get_doc_with_keys(deleg_auth=auth_deleg_proof.values(), public_keys=[min_doc_owner_pub_key]) issuer_name = '#DelegAuthKey2' issuer_key = RegisterDocumentHelper.get_issuer_register_delegation_proof( issuer_name, doc, include_auth=True) assert issuer_key == auth_deleg_proof[issuer_name]
def test_get_issuer_from_control_delegation_returns_none_if_not_found( control_deleg_proof, min_doc_owner_pub_key): doc = get_doc_with_keys(deleg_control=control_deleg_proof.values(), public_keys=[min_doc_owner_pub_key]) issuer_name = '#DoesNotExist' issuer_key = RegisterDocumentHelper.get_issuer_register_delegation_proof( issuer_name, doc, include_auth=False) assert not issuer_key
def invalid_doc(doc_did, valid_issuer_key): return get_doc_with_keys(did=doc_did, public_keys=[ RegisterPublicKey.build( '#Key1', valid_issuer_key.public_key_base58, revoked=False), ])
def get_delegation_doc_for(controller_name: str, doc_id: str, public_base58: str) -> RegisterDocument: return get_doc_with_keys(did=doc_id, public_keys=[ RegisterPublicKey.build(controller_name, public_base58, revoked=False), ])
def get_docs_for_issuer_key_from_public_keys( doc_did: str, issuer: Issuer) -> Dict[str, RegisterDocument]: """ The issuer is directly in the current doc public keys """ doc = get_doc_with_keys(public_keys=[ RegisterPublicKey.build(issuer.name, 'base58Key1', revoked=False) ]) return {doc_did: doc}
def test_get_auth_delegation_by_controller_returns_none_if_not_found( auth_deleg_proof, min_doc_owner_pub_key): doc = get_doc_with_keys(deleg_auth=auth_deleg_proof.values(), public_keys=[min_doc_owner_pub_key]) issuer = Issuer.build('did:iotics:iotHHHHKpPGWyEC4FFo4d6oyzVVk6MXLmEgY', '#DoesNotExist') deleg_proof = RegisterDocumentHelper.get_register_delegation_proof_by_controller( issuer, doc, include_auth=True) assert not deleg_proof
def test_can_get_auth_delegation_by_controller(auth_deleg_proof, min_doc_owner_pub_key): doc = get_doc_with_keys(deleg_auth=auth_deleg_proof.values(), public_keys=[min_doc_owner_pub_key]) delegation_name = '#DelegAuthKey2' expected_deleg_proof = auth_deleg_proof[delegation_name] deleg_proof = RegisterDocumentHelper.get_register_delegation_proof_by_controller( expected_deleg_proof.controller, doc, include_auth=True) assert deleg_proof == expected_deleg_proof
def test_get_issuer_from_auth_delegation_returns_none_if_in_auth_keys_but_auth_not_included( auth_deleg_proof, min_doc_owner_pub_key): doc = get_doc_with_keys(deleg_auth=auth_deleg_proof.values(), public_keys=[min_doc_owner_pub_key]) issuer_name = '#DelegAuthKey2' assert issuer_name in doc.auth_delegation_proof issuer_key = RegisterDocumentHelper.get_issuer_register_delegation_proof( issuer_name, doc, include_auth=False) assert not issuer_key
def simple_doc(doc_did, valid_issuer_key): return get_doc_with_keys( did=doc_did, public_keys=[ RegisterPublicKey.build(valid_issuer_key.issuer.name, valid_issuer_key.public_key_base58, revoked=False) ], )
def test_get_issuer_from_auth_keys_returns_none_if_in_auth_keys_but_auth_not_included( auth_keys, min_doc_owner_pub_key): doc = get_doc_with_keys(auth_keys=auth_keys.values(), public_keys=[min_doc_owner_pub_key]) issuer_name = '#AuthKey2' assert issuer_name in doc.auth_keys issuer_key = RegisterDocumentHelper.get_issuer_register_key( issuer_name, doc, include_auth=False) assert not issuer_key
def get_docs_for_issuer_key_from_auth_delegation( doc_did: str, deleg_doc_did: str, issuer: Issuer) -> Dict[str, RegisterDocument]: """ The issuer is in the auth delegation of the provided doc And the issuer is in the auth keys of the delegation doc """ doc = get_doc_with_keys(deleg_control=[ RegisterDelegationProof.build(issuer.name, controller=Issuer( 'deleg_doc_did', '#plop'), proof='proof', revoked=False), ]) deleg_doc = get_doc_with_keys(public_keys=[ RegisterPublicKey.build(issuer.name, 'base58Key1', revoked=False) ]) return {doc_did: doc, deleg_doc_did: deleg_doc}
def doc_with_doc_deleg(valid_issuer_key, doc_did, deleg_doc_did): doc = get_doc_with_keys( did=doc_did, public_keys=[ RegisterPublicKey.build('#Key1', 'base58Key1', revoked=False) ], deleg_control=[ RegisterDelegationProof.build(valid_issuer_key.issuer.name, controller=Issuer.build( deleg_doc_did, '#plop1'), proof='aproof', revoked=False), ], ) deleg_doc = get_doc_with_keys(did=deleg_doc_did, public_keys=[ RegisterPublicKey.build( valid_issuer_key.issuer.name, valid_issuer_key.public_key_base58, revoked=False), ]) return doc, deleg_doc
def test_validate_delegation_raises_validation_error_if_public_key_not_in_deleg_controller_doc( doc_did, deleg_doc_did, valid_issuer_key, valid_key_pair_secrets): controller_name = '#AController' deleg_proof = get_delegation_register_proof( subject_key_pair_secrets=valid_key_pair_secrets, content=doc_did.encode(), p_type=DelegationProofType.DID, subject_issuer=Issuer.build(deleg_doc_did, controller_name)) deleg_doc = get_doc_with_keys(did=doc_did, public_keys=[ RegisterPublicKey.build( '#NotMatchingTheController', valid_issuer_key.public_key_base58, revoked=False), ]) resolver_client = ResolverClientTest({deleg_doc_did: deleg_doc}) with pytest.raises(IdentityInvalidDocumentDelegationError) as err_wrapper: DelegationValidation.validate_delegation(resolver_client, doc_id=doc_did, deleg_proof=deleg_proof) assert isinstance(err_wrapper.value.__cause__, IdentityValidationError)
def register_doc_and_deleg_doc( doc_did: str, deleg_doc_did: str) -> Tuple[RegisterDocument, RegisterDocument]: """ Creates a document and a delegation document with all the key combinations (See KEY_NAMES) for the "get issuer from" tests with and without delegation and with and without included authentication """ doc = get_doc_with_keys( did=doc_did, public_keys=[ RegisterPublicKey.build(KEYS_NAMES.key_only_in_doc_pub_keys, 'base58Key1', revoked=False) ], auth_keys=[ RegisterAuthenticationPublicKey.build( KEYS_NAMES.key_only_in_doc_auth_keys, 'base58Key2', revoked=False) ], deleg_control=[ RegisterDelegationProof.build( KEYS_NAMES.key_in_doc_control_deleg_and_deleg_doc_pub_keys, controller=Issuer('deleg_doc_did', '#plop1'), proof='aproof', revoked=False), RegisterDelegationProof.build( KEYS_NAMES.key_in_doc_control_deleg_and_deleg_doc_auth_keys, controller=Issuer('deleg_doc_did', '#plop2'), proof='aproof', revoked=False), RegisterDelegationProof.build( KEYS_NAMES.key_in_doc_control_deleg_and_not_in_deleg_doc, controller=Issuer('deleg_doc_did', '#plop3'), proof='aproof', revoked=False), ], deleg_auth=[ RegisterDelegationProof.build( KEYS_NAMES.key_in_doc_auth_deleg_and_deleg_doc_pub_keys, controller=Issuer('deleg_doc_did', '#plop4'), proof='aproof', revoked=False), RegisterDelegationProof.build( KEYS_NAMES.key_in_doc_auth_deleg_and_deleg_doc_auth_keys, controller=Issuer('deleg_doc_did', '#plop5'), proof='aproof', revoked=False), RegisterDelegationProof.build( KEYS_NAMES.key_in_doc_auth_deleg_and_not_in_deleg_doc, controller=Issuer('deleg_doc_did', '#plop6'), proof='aproof', revoked=False), ], ) deleg_doc = get_doc_with_keys( did=deleg_doc_did, public_keys=[ RegisterPublicKey.build( KEYS_NAMES.key_in_doc_control_deleg_and_deleg_doc_pub_keys, 'base58K11', revoked=False), RegisterPublicKey.build( KEYS_NAMES.key_in_doc_auth_deleg_and_deleg_doc_pub_keys, 'base58K12', revoked=False) ], auth_keys=[ RegisterAuthenticationPublicKey.build( KEYS_NAMES.key_in_doc_control_deleg_and_deleg_doc_auth_keys, 'base58K13', revoked=False), RegisterAuthenticationPublicKey.build( KEYS_NAMES.key_in_doc_auth_deleg_and_deleg_doc_auth_keys, 'base58K14', revoked=False) ]) return doc, deleg_doc
def test_is_issuer_in_keys_returns_true_if_issuer_in_auth_keys( public_keys, auth_keys, issuer_name, include_auth, expected_res): doc = get_doc_with_keys(public_keys.values(), auth_keys.values()) assert RegisterDocumentHelper.is_issuer_in_keys( issuer_name, doc, include_auth) == expected_res
def test_can_get_issuer_from_public_keys(public_keys): doc = get_doc_with_keys(public_keys=public_keys.values()) issuer_name = '#Key2' issuer_key = RegisterDocumentHelper.get_issuer_register_key( issuer_name, doc, include_auth=False) assert issuer_key == public_keys[issuer_name]
def test_get_issuer_from_public_keys_returns_none_if_not_found(public_keys): doc = get_doc_with_keys(public_keys=public_keys.values()) issuer_name = '#DoesNotExist' issuer_key = RegisterDocumentHelper.get_issuer_register_key( issuer_name, doc, include_auth=False) assert not issuer_key