#306 Validate data format on protocol authd writes (#320)

Diane Huxley · web-flow · commit 5fa931c59364 · 2023-04-25T14:16:05.000-07:00
* Validate data format on protocol authd writes

* Lint
diff --git a/README.md b/README.md
@@ -3,7 +3,7 @@
 # Decentralized Web Node (DWN) SDK
 
 Code Coverage
-![Statements](https://img.shields.io/badge/statements-93.99%25-brightgreen.svg?style=flat) ![Branches](https://img.shields.io/badge/branches-93.5%25-brightgreen.svg?style=flat) ![Functions](https://img.shields.io/badge/functions-91.72%25-brightgreen.svg?style=flat) ![Lines](https://img.shields.io/badge/lines-93.99%25-brightgreen.svg?style=flat)
+![Statements](https://img.shields.io/badge/statements-94.03%25-brightgreen.svg?style=flat) ![Branches](https://img.shields.io/badge/branches-93.54%25-brightgreen.svg?style=flat) ![Functions](https://img.shields.io/badge/functions-91.75%25-brightgreen.svg?style=flat) ![Lines](https://img.shields.io/badge/lines-94.03%25-brightgreen.svg?style=flat)
 
 ## Introduction
 
diff --git a/json-schemas/protocol-definition.json b/json-schemas/protocol-definition.json
@@ -17,6 +17,12 @@
           "properties": {
             "schema": {
               "type": "string"
+            },
+            "dataFormats": {
+              "type": "array",
+              "items": {
+                "type": "string"
+              }
             }
           }
         }
diff --git a/src/core/dwn-error.ts b/src/core/dwn-error.ts
@@ -20,6 +20,7 @@ export enum DwnErrorCode {
   MessageStoreDataCidMismatch = 'MessageStoreDataCidMismatch',
   MessageStoreDataNotFound = 'MessageStoreDataNotFound',
   MessageStoreDataSizeMismatch = 'MessageStoreDataSizeMismatch',
+  ProtocolAuthorizationIncorrectDataFormat = 'ProtocolAuthorizationIncorrectDataFormat',
   ProtocolAuthorizationIncorrectProtocolPath = 'ProtocolAuthorizationIncorrectProtocolPath',
   ProtocolAuthorizationInvalidSchema = 'ProtocolAuthorizationInvalidSchema',
   RecordsDecryptNoMatchingKeyDerivationScheme = 'RecordsDecryptNoMatchingKeyDerivationScheme',
diff --git a/src/core/protocol-authorization.ts b/src/core/protocol-authorization.ts
@@ -55,6 +55,12 @@ export class ProtocolAuthorization {
       recordSchemaToLabelMap
     );
 
+    ProtocolAuthorization.verifyDataFormat(
+      incomingMessage.message,
+      protocolDefinition,
+      recordSchemaToLabelMap,
+    );
+
     // verify method invoked against the allowed actions
     ProtocolAuthorization.verifyAllowedActions(
       tenant,
@@ -236,6 +242,40 @@ export class ProtocolAuthorization {
     }
   }
 
+  /**
+   * Verifies the `dataFormat` declared in the given message (if it is a RecordsWrite) matches dataFormat of the schema label
+   * in the given protocol.
+   * @throws {DwnError} if fails verification.
+   */
+  private static verifyDataFormat(
+    inboundMessage: RecordsReadMessage | RecordsWriteMessage,
+    protocolDefinition: ProtocolDefinition,
+    recordSchemaToLabelMap: Map<string, string>
+  ): void {
+    // skip verification if this is not a RecordsWrite
+    if (inboundMessage.descriptor.method !== DwnMethodName.Write) {
+      return;
+    }
+    const recordsWriteMessage = inboundMessage as RecordsWriteMessage;
+
+    const currentRecordSchema = recordsWriteMessage.descriptor.schema!;
+    const currentRecordSchemaLabel = recordSchemaToLabelMap.get(currentRecordSchema)!;
+    const expectedDataFormats = protocolDefinition.labels[currentRecordSchemaLabel].dataFormats;
+
+    // no `dataFormats` specified in protocol definition means that all dataFormats are allowed
+    if (expectedDataFormats === undefined) {
+      return;
+    }
+
+    if (!expectedDataFormats.includes(recordsWriteMessage.descriptor.dataFormat)) {
+      throw new DwnError(
+        DwnErrorCode.ProtocolAuthorizationIncorrectDataFormat,
+        `record with schema '${currentRecordSchema}' must have data format in (${expectedDataFormats}), \
+        instead has '${recordsWriteMessage.descriptor.dataFormat}'`
+      );
+    }
+  }
+
   /**
    * Verifies the actions specified in the given message matches the allowed actions in the rule set.
    * @throws {Error} if action not allowed.
diff --git a/src/interfaces/protocols/types.ts b/src/interfaces/protocols/types.ts
@@ -11,7 +11,10 @@ export type ProtocolsConfigureDescriptor = {
 
 export type ProtocolDefinition = {
   labels: {
-    [key: string]: { schema: string };
+    [key: string]: {
+      schema: string,
+      dataFormats?: string[],
+    };
   };
   records: {
     [key: string]: ProtocolRuleSet;
diff --git a/tests/interfaces/records/handlers/records-write.spec.ts b/tests/interfaces/records/handlers/records-write.spec.ts
@@ -1029,6 +1029,65 @@ describe('RecordsWriteHandler.handle()', () => {
         expect(reply.status.detail).to.contain(DwnErrorCode.ProtocolAuthorizationIncorrectProtocolPath);
       });
 
+      it('should fail authorization if given `dataFormat` is mismatching with the dataFormats in protocol definition', async () => {
+        const alice = await DidKeyResolver.generate();
+
+        const protocolDefinition = {
+          labels: {
+            image: {
+              schema      : 'https://example.com/schema',
+              dataFormats : ['image/jpeg', 'image/png']
+            }
+          },
+          records: {
+            image: {
+              allow: {
+                anyone: { to: ['write'] }
+              }
+            }
+          }
+        };
+
+        const protocol = 'https://tbd.website/decentralized-web-node/protocols/social-media';
+        const protocolConfig = await TestDataGenerator.generateProtocolsConfigure({
+          requester          : alice,
+          protocol,
+          protocolDefinition : protocolDefinition,
+        });
+
+        const protocolConfigureReply = await dwn.processMessage(alice.did, protocolConfig.message, protocolConfig.dataStream);
+        expect(protocolConfigureReply.status.code).to.equal(202);
+
+        // write record with matching dataFormat
+        const data = Encoder.stringToBytes('any data');
+        const recordsWriteMatch = await TestDataGenerator.generateRecordsWrite({
+          requester    : alice,
+          recipientDid : alice.did,
+          protocol,
+          protocolPath : 'image',
+          schema       : protocolDefinition.labels.image.schema,
+          dataFormat   : 'image/jpeg',
+          data
+        });
+        const replyMatch = await dwn.processMessage(alice.did, recordsWriteMatch.message, recordsWriteMatch.dataStream);
+        expect(replyMatch.status.code).to.equal(202);
+
+        // write record with mismatch dataFormat
+        const recordsWriteMismatch = await TestDataGenerator.generateRecordsWrite({
+          requester    : alice,
+          recipientDid : alice.did,
+          protocol,
+          protocolPath : 'image',
+          schema       : protocolDefinition.labels.image.schema,
+          dataFormat   : 'not/allowed/dataFormat',
+          data
+        });
+
+        const replyMismatch = await dwn.processMessage(alice.did, recordsWriteMismatch.message, recordsWriteMismatch.dataStream);
+        expect(replyMismatch.status.code).to.equal(401);
+        expect(replyMismatch.status.detail).to.contain(DwnErrorCode.ProtocolAuthorizationIncorrectDataFormat);
+      });
+
       it('should fail authorization if record schema is not allowed at the hierarchical level attempted for the RecordsWrite', async () => {
         const alice = await DidKeyResolver.generate();
 

Original file line number	Diff line number	Diff line change
`@@ -17,6 +17,12 @@`
`17`	`17`	`"properties": {`
`18`	`18`	`"schema": {`
`19`	`19`	`"type": "string"`
	`20`	`+ },`
	`21`	`+ "dataFormats": {`
	`22`	`+ "type": "array",`
	`23`	`+ "items": {`
	`24`	`+ "type": "string"`
	`25`	`+ }`
`20`	`26`	`}`
`21`	`27`	`}`
`22`	`28`	`}`