fix: duplicate attributes in proof request (#1092)

* fix: duplicate attributes issue in proof request

Signed-off-by: pranalidhanavade <[email protected]>

* added common validator function file for common validations

Signed-off-by: pranalidhanavade <[email protected]>

* added error messages in common file

Signed-off-by: pranalidhanavade <[email protected]>

* resolved comments on PR

Signed-off-by: pranalidhanavade <[email protected]>

* resolved comments on PR

Signed-off-by: pranalidhanavade <[email protected]>

* fix: resolve comments on PR

Signed-off-by: pranalidhanavade <[email protected]>

---------

Signed-off-by: pranalidhanavade <[email protected]>

Author: pranalidhanavade

apps/api-gateway/src/agent-service/agent-service.controller.ts

@@ -41,7 +41,7 @@ import { CustomExceptionFilter } from 'apps/api-gateway/common/exception-handler
 import { Roles } from '../authz/decorators/roles.decorator';
 import { OrgRoles } from 'libs/org-roles/enums';
 import { OrgRolesGuard } from '../authz/guards/org-roles.guard';
-import { validateDid } from '@credebl/common/did.validator';
+import { Validator } from '@credebl/common/validator';
 import { CreateWalletDto } from './dto/create-wallet.dto';
 import { CreateNewDidDto } from './dto/create-new-did.dto';
 import { AgentSpinupValidator, TrimStringParamPipe } from '@credebl/common/cast.helper';
@@ -223,7 +223,7 @@ export class AgentController {
     @User() user: user,
     @Res() res: Response
   ): Promise<Response> {
-    await validateDid(createDidDto);
+    Validator.validateDid(createDidDto);
 
     if (createDidDto.seed && seedLength !== createDidDto.seed.length) {
       this.logger.error(`seed must be at most 32 characters.`);

apps/api-gateway/src/cloud-wallet/cloud-wallet.controller.ts

@@ -14,7 +14,7 @@ import { AuthGuard } from '@nestjs/passport';
 import { User } from '../authz/decorators/user.decorator';
 // eslint-disable-next-line @typescript-eslint/no-unused-vars
 import { user } from '@prisma/client';
-import { validateDid } from '@credebl/common/did.validator';
+import { Validator } from '@credebl/common/validator';
 import { CommonConstants } from '@credebl/common/common.constant';
 import { UserRoleGuard } from '../authz/guards/user-role.guard';
 import { AcceptProofRequestDto } from './dtos/accept-proof-request.dto';
@@ -267,7 +267,7 @@ export class CloudWalletController {
     @User() user: user,
     @Res() res: Response
   ): Promise<Response> {
-    await validateDid(createDidDto);
+    Validator.validateDid(createDidDto);
     const {email, id} = user;
     createDidDto.email = email;
     createDidDto.userId = id;

apps/api-gateway/src/verification/verification.controller.ts

@@ -36,6 +36,7 @@ import { API_Version, ProofRequestType, SortFields } from './enum/verification.e
 // eslint-disable-next-line @typescript-eslint/no-unused-vars
 import { user } from '@prisma/client';
 import { TrimStringParamPipe } from '@credebl/common/cast.helper';
+import { Validator } from '@credebl/common/validator';
 
 @UseFilters(CustomExceptionFilter)
 @Controller()
@@ -193,19 +194,10 @@ export class VerificationController {
         if (requestType === ProofRequestType.PRESENTATIONEXCHANGE && !requestProof.presentationDefinition) {
                 throw new BadRequestException(`type: ${requestType} requires presentationDefinition`);
         }
-        if (requestProof.proofFormats) {
-            const attributeArray = [];
-        for (const attrData of requestProof.proofFormats.indy.attributes) {
-          if (0 === attributeArray.length) {
-            attributeArray.push(Object.values(attrData)[0]);
-          } else if (!attributeArray.includes(Object.values(attrData)[0])) {
-            attributeArray.push(Object.values(attrData)[0]);
-          } else {
-            throw new BadRequestException('Please provide unique attribute names');
-          }           
-
-        }
-        }
+        
+        if (requestType === ProofRequestType.INDY) {        
+                Validator.validateIndyProofAttributes(requestProof.proofFormats.indy.attributes);
+          }
         const version = API_Version.version_neutral;
         requestProof.version = version;
         requestProof.orgId = orgId;
@@ -255,19 +247,12 @@ export class VerificationController {
     if (requestTypeV1 === ProofRequestType.PRESENTATIONEXCHANGE && !requestProof.presentationDefinition) {
             throw new BadRequestException(`type: ${requestTypeV1} requires presentationDefinition`);
     }
-        if (requestProof.proofFormats) {
-            const attributeArrayV1 = [];
-        for (const attrData of requestProof.proofFormats.indy.attributes) {
-          if (0 === attributeArrayV1.length) {
-            attributeArrayV1.push(Object.values(attrData)[0]);
-          } else if (!attributeArrayV1.includes(Object.values(attrData)[0])) {
-            attributeArrayV1.push(Object.values(attrData)[0]);
-          } else {
-            throw new BadRequestException('Please provide unique attribute names');
-          }           
 
-        }
-        }
+    
+    if (requestTypeV1 === ProofRequestType.INDY) {        
+        Validator.validateIndyProofAttributes(requestProof.proofFormats.indy.attributes);
+      }
+
         const version = API_Version.VERSION_1; 
         requestProof.version = version;
         requestProof.orgId = orgId;

apps/verification/src/interfaces/verification.interface.ts

@@ -1,7 +1,7 @@
 import { AutoAccept } from '@credebl/enum/enum';
 import { IUserRequest } from '@credebl/user-request/user-request.interface';
 
-interface IProofRequestAttribute {
+export interface IProofRequestAttribute {
     attributeName?: string;
     attributeNames?:string[];
     condition?: string;

libs/common/src/did.validator.ts

@@ -257,7 +257,16 @@ export const ResponseMessages = {
       failedOrganization: 'Failed to fetch organization agent type details',
       promiseReject: 'One or more promises were rejected.',
       orgAgentNotFound: 'Org agent type not found',
-      walletDoesNotExists: 'Organization wallet does not exists'
+      walletDoesNotExists: 'Organization wallet does not exists',
+      requiredDomain: 'Domain is required for Web method',
+      requiredNetwork: 'Network is required',
+      keyType: 'Only ed25519 key type is supported',
+      keyTypeWeb : 'Only ed25519 and bls12381g2 key type is supported',
+      requiredEndorserDid: 'Role or endorser DID is required',
+      requiredPrivateKey: 'Privatekey is required for polygon method',
+      privateKeyLength: 'Private key must be exactly 64 characters long',
+      requiredSeed: 'Seed is required'
+
     }
   },
   connection: {
@@ -354,7 +363,8 @@ export const ResponseMessages = {
       batchEmailSend: 'Unable to send email in batches',
       emailSend: 'Unable to send email to the user',
       verificationRecordsNotFound: 'Verification records does not exists',
-      removeVerificationData: 'First you have to remove verification data'
+      removeVerificationData: 'First you have to remove verification data',
+      uniqueAttributes:'Please provide unique attribute names'
     }
   },
 

libs/common/src/response-messages/index.ts

@@ -0,0 +1,66 @@
+import { DidMethod } from '@credebl/enum/enum';
+import { IDidCreate } from './interfaces/did.interface';
+import { BadRequestException } from '@nestjs/common';
+import { ResponseMessages } from './response-messages';
+import { IProofRequestAttribute } from 'apps/verification/src/interfaces/verification.interface';
+
+
+export class Validator {
+
+    static validateDid(createDid: IDidCreate): void {
+        const errors = [];
+    
+        switch (true) {
+            case DidMethod.WEB === createDid.method && !createDid.domain:
+                errors.push(ResponseMessages.agent.error.requiredDomain);
+                break;    
+            case (createDid.method === DidMethod.INDY || createDid.method === DidMethod.POLYGON) && !createDid.network:
+                errors.push(ResponseMessages.agent.error.requiredNetwork);
+                break;
+            case (createDid.method === DidMethod.INDY || createDid.method === DidMethod.POLYGON) && 'ed25519' !== createDid.keyType:
+                errors.push(ResponseMessages.agent.error.keyType);
+                break;
+            case (createDid.method === DidMethod.WEB || createDid.method === DidMethod.KEY) && !('ed25519' === createDid.keyType || 'bls12381g2' === createDid.keyType):
+                errors.push(ResponseMessages.agent.error.keyTypeWeb);
+                break;
+            case DidMethod.INDY === createDid.method && !(createDid.role || createDid.endorserDid):
+                errors.push(ResponseMessages.agent.error.requiredEndorserDid);
+                break;
+            case DidMethod.POLYGON === createDid.method && !createDid.privatekey:
+                errors.push(ResponseMessages.agent.error.requiredPrivateKey);
+                break;
+            case DidMethod.POLYGON === createDid.method && createDid.privatekey && 64 !== createDid.privatekey.length:
+                errors.push(ResponseMessages.agent.error.privateKeyLength);
+                break;
+            case (DidMethod.INDY === createDid.method || DidMethod.KEY === createDid.method || DidMethod.WEB === createDid.method) && (!createDid.seed):
+                errors.push(ResponseMessages.agent.error.requiredSeed);
+                break;
+            default:
+                break;
+        }
+    
+        if (0 < errors.length) {
+            throw new BadRequestException(errors);
+        }
+    }
+    
+    static validateIndyProofAttributes(attributes: IProofRequestAttribute[]): void {
+        const seenAttributes = new Map();
+
+        for (const attribute of attributes) {
+            const key = attribute.schemaId || attribute.credDefId 
+                ? `${attribute.schemaId || ''}:${attribute.credDefId || ''}`
+                : 'default';
+
+            if (!seenAttributes.has(key)) {
+                seenAttributes.set(key, new Set());
+            }
+
+            const attributeNames = seenAttributes.get(key);
+            if (attributeNames.has(attribute.attributeName)) {
+                throw new BadRequestException(ResponseMessages.verification.error.uniqueAttributes);
+            }
+            attributeNames.add(attribute.attributeName);
+        }
+    }
+}