feat: ESSR authentication mode for KERIA API#335
feat: ESSR authentication mode for KERIA API#335iFergal wants to merge 18 commits intoWebOfTrust:mainfrom
Conversation
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #335 +/- ##
==========================================
+ Coverage 97.53% 99.07% +1.54%
==========================================
Files 1 1
Lines 324 326 +2
Branches 24 28 +4
==========================================
+ Hits 316 323 +7
+ Misses 8 3 -5 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
| services: | ||
| vlei-server: | ||
| image: gleif/vlei | ||
| image: gleif/vlei:0.2.0 |
There was a problem hiding this comment.
@kentbull There seems to be a problem with the latest vLEI docker image - see here: https://github.com/WebOfTrust/signify-ts/actions/runs/15855574402/job/44699896180 in Print logs section.
Server seems to be returning application/json instead of application/schema+json and it's causing KERIA to crash. (which sounds like another unhandled issue)
For now, locking it to the old version here works to get the integration tests to pass.
| if (extraHeaders) { | ||
| extraHeaders.forEach((value, key) => { | ||
| final_headers.append(key, value); | ||
| headers.append(key, value); |
There was a problem hiding this comment.
I don't see any reason to not sign extraHeaders
| body: _body, | ||
| headers: final_headers, | ||
| }); | ||
| if (!res.ok) { |
There was a problem hiding this comment.
imo signature should be verified for non 2xx responses too
| */ | ||
| async get(name: string): Promise<HabState> { | ||
| const path = `/identifiers/${encodeURIComponent(name)}`; | ||
| const path = `/identifiers/${name}`; |
There was a problem hiding this comment.
encodeURIComponent was missing everywhere else that used name in case you passed something with special characters. However, this PR switches things to use new URL(url).pathname which automatically encodes things.
1 participant
Requires a new dev release once KERIA PR merged for integration tests.
This is the corresponding PR for WebOfTrust/keria#351. This newer version now allows both signed headers like before (with some refactoring), and ESSR - defined when creating the client. The default is signed headers.
createSignedRequestalso remains.