def _retrieve_credential(petition):
aaid = petition.authorizable_attribute_id
credential = get_credential(aaid)
if not credential:
url = petition.credential_issuer_url
value = petition.credential_issuer_petition_value
blind_sign_request = zencode(CONTRACTS.CITIZEN_REQ_BLIND_SIG, keys=keys())
data = dict(
authorizable_attribute_id=aaid,
blind_sign_request=json.loads(blind_sign_request),
optional_values=[],
values=value,
)
r = requests.post(
f"{url}/credential/",
json=data,
headers={"Authorization": f"Bearer {_get_token(url)}"},
)
credential_request = json.dumps(r.json())
credential = zencode(
CONTRACTS.AGGREGATE_CREDENTIAL, keys=keys(), data=credential_request
)
save_credential(aaid, credential)
return credential
def get_credential(self):
self.sk = zencode(CONTRACTS.CITIZEN_KEYGEN)
blind_sign_request = zencode(CONTRACTS.CITIZEN_REQ_BLIND_SIG, keys=self.sk)
values = [{"name": "code", "value": AUTH_ATTR_CODE_VALID_VALUE}]
data = dict(
authorizable_attribute_id=self.aa_id,
blind_sign_request=json.loads(blind_sign_request),
values=values,
)
return self.ci_call("/credential", data=data)
def test_duplicate_sign(client):
petition = Bunch(
petition_id="petition",
credential_issuer_url="https://credentials.decodeproject.eu",
authorizable_attribute_id="aa_test",
credential_issuer_petition_value=[
{
"name": "zip_code",
"value": "08001"
},
{
"name": "email",
"value": "*****@*****.**"
},
],
)
vk = _retrieve_verification_key(petition)
credential = _retrieve_credential(petition)
petition_signature = zencode(
CONTRACTS.SIGN_PETITION,
keys=credential,
data=json.dumps(vk),
placeholders={"petition": petition.petition_id},
)
r = client.post(
f"/petitions/{petition.petition_id}/sign",
headers={"Authorization": "Bearer %s" % auth()},
json=json.loads(petition_signature),
)
assert r.status_code == 424
assert r.json()["detail"] == "Petition signature is duplicate or not valid"
def _generate_petition_object(petition, ci_uid=None):
url = petition.credential_issuer_url
if not ci_uid:
r = requests.get(f"{url.rstrip('/')}/uid")
ci_uid = r.json()["credential_issuer_id"]
issuer_verify = _retrieve_verification_key(petition)
credential = _retrieve_credential(petition)
petition_req = zencode(
CONTRACTS.CREATE_PETITION,
keys=credential,
data=json.dumps(issuer_verify),
placeholders={"petition": petition.petition_id},
)
petition = zencode(
CONTRACTS.APPROVE_PETITION, keys=json.dumps(issuer_verify), data=petition_req
)
return petition, ci_uid
def petition_signature(self):
self.get_verification_key()
return zencode(
CONTRACTS.SIGN_PETITION,
keys=self.credential,
data=json.dumps(self.verification_key),
placeholders={"petition": self.petition_id},
)
async def count(petition_id: str):
p = Petition.by_pid(petition_id)
if not p:
raise HTTPException(status_code=HTTP_404_NOT_FOUND, detail="Petition not Found")
if p.status != STATUS.CLOSED:
raise HTTPException(
status_code=HTTP_424_FAILED_DEPENDENCY, detail="Petition still open"
)
p.count = zencode(CONTRACTS.COUNT_PETITION, keys=p.tally, data=p.petition)
DBSession.commit()
return json.loads(p.count)
async def sign(petition_id: str, signature: PetitionSignature, expand: bool = False):
p = Petition.by_pid(petition_id)
if not p:
raise HTTPException(status_code=HTTP_404_NOT_FOUND, detail="Petition not Found")
try:
petition = zencode(
CONTRACTS.ADD_SIGNATURE, keys=p.petition, data=signature.json()
)
except Error as e:
debug(e)
raise HTTPException(
status_code=HTTP_424_FAILED_DEPENDENCY,
detail="Petition signature is duplicate or not valid",
)
p.petition = petition
DBSession.commit()
return p.publish(expand)
def test_sign(client):
petition = Bunch(
petition_id="petition",
credential_issuer_url="https://credentials.decodeproject.eu",
authorizable_attribute_id="aa_test",
credential_issuer_petition_value=[
{
"name": "zip_code",
"value": "08001"
},
{
"name": "email",
"value": "*****@*****.**"
},
],
)
vk = _retrieve_verification_key(petition)
credential = _retrieve_credential(petition)
petition_signature = zencode(
CONTRACTS.SIGN_PETITION,
keys=credential,
data=json.dumps(vk),
placeholders={"petition": petition.petition_id},
)
print(petition_signature)
r = client.post(
f"/petitions/{petition.petition_id}/sign",
headers={"Authorization": "Bearer %s" % auth()},
json=json.loads(petition_signature),
)
assert r.status_code == 200
p = Petition.by_pid("petition")
petition = json.loads(p.petition)
assert petition["petition"]["scores"]["pos"]["right"] != "Infinity"
assert petition["petition"]["scores"]["pos"]["left"] != "Infinity"
assert petition["petition"]["scores"]["neg"]["right"] != "Infinity"
assert petition["petition"]["scores"]["neg"]["left"] != "Infinity"
async def tally(
petition_id: str,
authorizable_attribute: TallyBody = Body(...),
expand: bool = False,
token: str = Security(security),
):
if not allowed_to_control_petition(token):
raise HTTPException(
status_code=HTTP_401_UNAUTHORIZED,
detail="Not authorized to control this petition",
)
p = Petition.by_pid(petition_id)
if not p:
raise HTTPException(status_code=HTTP_404_NOT_FOUND, detail="Petition not Found")
petition = Bunch(
petition_id=petition_id,
credential_issuer_url=p.credential_issuer_url,
authorizable_attribute_id=authorizable_attribute.authorizable_attribute_id,
)
credential = _retrieve_credential(petition)
p.tally = zencode(CONTRACTS.TALLY_PETITION, keys=credential, data=p.petition)
DBSession.commit()
return p.publish(expand)
def stress_sign_petition():
client = TestClient(api)
petition = Bunch(
petition_id="petition",
credential_issuer_url="http://*****:*****@example.com"
},
],
)
r = client.post(
"/petitions/",
json=petition,
headers={"Authorization": f"Bearer {petition_auth()}"},
)
assert r.status_code == 200
assert petition.petition_id in r.json()
vk = _retrieve_verification_key(petition)
url = petition.credential_issuer_url
value = petition.credential_issuer_petition_value
for _ in range(500):
print(f"SIGNING #{_}")
keys = zencode(CONTRACTS.CITIZEN_KEYGEN)
blind_sign_request = zencode(CONTRACTS.CITIZEN_REQ_BLIND_SIG,
keys=keys)
data = dict(
authorizable_attribute_id=AAID,
blind_sign_request=json.loads(blind_sign_request),
optional_values=[],
values=value,
)
print(data)
r = requests.post(
f"{url}/credential/",
json=data,
headers={"Authorization": f"Bearer {_get_token(url)}"},
)
credential_request = json.dumps(r.json())
credential = zencode(CONTRACTS.AGGREGATE_CREDENTIAL,
keys=keys,
data=credential_request)
petition_signature = zencode(
CONTRACTS.SIGN_PETITION,
keys=credential,
data=json.dumps(vk),
placeholders={"petition": petition.petition_id},
)
r = client.post(
f"/petitions/{petition.petition_id}/sign",
headers={"Authorization": "Bearer %s" % auth()},
json=json.loads(petition_signature),
)
assert r.status_code == 200
def aggregate_credential(self):
data = self.get_credential()
self.credential = zencode(
CONTRACTS.AGGREGATE_CREDENTIAL, keys=self.sk, data=json.dumps(data)
)
return self.credential
