Skip to content

PDS: Implemented Get Recommended DID Credentials API #54

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
rudyfraser merged 6 commits into from
Feb 15, 2025
Merged

PDS: Implemented Get Recommended DID Credentials API #54

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
7073585
Implemented Get Recommended DID Credentials
TheRipperoni Feb 9, 2025
ab2ed33
1. Ran Clippy
TheRipperoni Feb 10, 2025
eafd3bd
- Moved model to rsky-lexicon
TheRipperoni Feb 14, 2025
c320fa7
Using ServerConfig instead of environment variable
TheRipperoni Feb 14, 2025
2d409d3
Updated key unwraps into their own helper functions. Avoids panics a…
TheRipperoni Feb 15, 2025
7e21bda
Merge remote-tracking branch 'origin/main' into getRecommendedDidCred…
TheRipperoni Feb 15, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
93 changes: 93 additions & 0 deletions rsky-pds/src/apis/com/atproto/identity/get_recommended_did_credentials.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,93 @@
use crate::account_manager::helpers::account::AvailabilityFlags;
use crate::account_manager::AccountManager;
use crate::apis::ApiError;
use crate::auth_verifier::AccessStandard;
use rocket::serde::json::Json;
use rsky_crypto::utils::encode_did_key;
use secp256k1::{Keypair, Secp256k1, SecretKey};
use std::collections::BTreeMap;
use std::env;

#[derive(Clone, Debug, PartialEq, Serialize, Deserialize)]
#[serde(rename_all = "camelCase")]
struct RecommendedService {
pub r#type: String,
pub endpoint: String,
}

#[derive(Clone, Debug, PartialEq, Serialize, Deserialize)]
#[serde(rename_all = "camelCase")]
struct VerificationMethod {
pub atproto: String,
}

#[derive(Clone, Debug, PartialEq, Serialize, Deserialize)]
#[serde(rename_all = "camelCase")]
struct GetRecommendedDidCredentialsResponse {
pub also_known_as: Vec<String>,
pub verification_methods: VerificationMethod,
pub rotation_keys: Vec<String>,
pub services: BTreeMap<String, RecommendedService>,
}

#[tracing::instrument(skip_all)]
#[rocket::get("/xrpc/com.atproto.identity.getRecommendedDidCredentials")]
pub async fn get_recommended_did_credentials(
auth: AccessStandard,
) -> Result<Json<GetRecommendedDidCredentialsResponse>, ApiError> {
let requester = auth.access.credentials.unwrap().did.unwrap();
let availability_flags = AvailabilityFlags {
include_taken_down: Some(true),
include_deactivated: Some(true),
};
let account = AccountManager::get_account(&requester, Some(availability_flags))
.await?
.expect("Account not found despite valid access");

let mut also_known_as = Vec::new();
match account.handle {
None => {}
Some(res) => {
also_known_as.push("at://".to_string() + res.as_str());
}
}

//TODO Seperate signing key logic into seperate module
let secp = Secp256k1::new();
let signing_private_key =
env::var("PDS_REPO_SIGNING_KEY_K256_PRIVATE_KEY_HEX").expect("Signing Key Missing");
let signing_secret_key =
SecretKey::from_slice(&hex::decode(signing_private_key.as_bytes()).unwrap()).unwrap();
let signing_keypair = Keypair::from_secret_key(&secp, &signing_secret_key);
let verification_methods = VerificationMethod {
atproto: encode_did_key(&signing_keypair.public_key()),
};

//TODO seperate rotation key logic into separate module
let mut rotation_keys = Vec::new();
let secp = Secp256k1::new();
let private_rotation_key =
env::var("PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX").expect("Rotation Key Missing");
let private_secret_key =
SecretKey::from_slice(&hex::decode(private_rotation_key.as_bytes()).unwrap()).unwrap();
let rotation_keypair = Keypair::from_secret_key(&secp, &private_secret_key);
rotation_keys.push(encode_did_key(&rotation_keypair.public_key()));

let mut services = BTreeMap::new();
//TODO Add handling for if this is down
let endpoint = format!("https://{}", env::var("PDS_HOSTNAME").unwrap());
services.insert(
"atproto_pds".to_string(),
RecommendedService {
r#type: "AtprotoPersonalDataServer".to_string(),
endpoint,
},
);
let response = GetRecommendedDidCredentialsResponse {
also_known_as,
verification_methods,
rotation_keys,
services,
};
Ok(Json(response))
}
1 change: 1 addition & 0 deletions rsky-pds/src/apis/com/atproto/identity/mod.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,2 +1,3 @@
pub mod get_recommended_did_credentials;
pub mod resolve_handle;
pub mod update_handle;
1 change: 1 addition & 0 deletions rsky-pds/src/main.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -242,6 +242,7 @@ async fn rocket() -> _ {
com::atproto::admin::update_subject_status::update_subject_status,
com::atproto::identity::resolve_handle::resolve_handle,
com::atproto::identity::update_handle::update_handle,
com::atproto::identity::get_recommended_did_credentials::get_recommended_did_credentials,
com::atproto::repo::apply_writes::apply_writes,
com::atproto::repo::create_record::create_record,
com::atproto::repo::delete_record::delete_record,
Expand Down