Validate credential via zenroom

Author: jordibuj

package.json

@@ -15,6 +15,9 @@
   "dependencies": {
     "cors": "^2.8.5",
     "express": "^4.17.1",
-    "uuid": "^3.3.3"
+    "node-fetch": "^2.6.0",
+    "ramda": "^0.26.1",
+    "uuid": "^3.3.3",
+    "zenroom": "^1.0.0"
   }
 }

src/index.js

@@ -1,6 +1,6 @@
 import express from 'express';
 import cors from 'cors';
-import sessions, { newSession, getSession, verify } from './sessions';
+import sessions, { getSession, verify } from './sessions';
 
 const app = express();
 
@@ -12,24 +12,28 @@ app.get('/sessions', (req, res) => {
   res.send(sessions);
 });
 
-app.post('/new-session', (req, res) => {
-  res.send({
-    sessionId: newSession(),
-  })
-});
-
 app.get('/session/:sessionId', (req, res) => {
+  const status = getSession(req.params.sessionId);
+  console.log('getSession ', req.params.sessionId, status);
   res.send({
-    status: getSession(req.params.sessionId) || 'notfound',
+    sessionStatus: getSession(req.params.sessionId) || 'notfound',
   })
 });
 
-app.post('/verify', (req, res) => {
-  res.send({
-    status: verify(req.body),
-  })
+app.post('/verify', async (req, res) => {
+  try {
+    const verified = await verify(req.body);
+    return res.send({
+      sessionStatus: verified,
+    });
+  } catch (error) {
+    console.log('Error: ', error);
+    return res.status(412).send({
+      message: error.message,
+    });
+  }
 });
 
-app.listen(3000, () =>
-  console.log('DECODE example backend listening on port 3000!'),
+app.listen(process.env.PORT, () =>
+  console.log(`DECODE example backend listening on port ${process.env.PORT}!`),
 );

src/sessions.js

@@ -1,4 +1,7 @@
-import uuid from 'uuid/v4';
+import zenroom from 'zenroom';
+import { isNil } from 'ramda';
+import fetch from 'node-fetch';
+import verifyProof from './verify-proof.zen';
 
 const SESSION_STATUS = {
   NEW: 'new',
@@ -8,16 +11,41 @@ const SESSION_STATUS = {
 
 let sessions = {};
 
-export const newSession = () => {
-  const sessionId = uuid();
-  sessions[sessionId] = SESSION_STATUS.NEW;
-  return sessionId;
-};
-
 export const getSession = id => sessions[id];
 
-export const verify = ({ sessionId, credentials }) => {
-  console.log('args: ', sessionId, credentials);
+export const verify = async ({ sessionId, credential, optionalAttributes }) => {
+  console.log('args: ', sessionId, credential, optionalAttributes);
+  sessions[sessionId] = SESSION_STATUS.NEW;
+  if (isNil(credential)) throw new Error('credential');
+  const { authorizable_attribute_id: attributeId, value, credential_issuer_endpoint_address: credentialIssuerUrl } = credential;
+  if (isNil(attributeId)) throw new Error('attributeId');
+  if (isNil(value)) throw new Error('value');
+  if (isNil(credentialIssuerUrl)) throw new Error('credentialIssuerUrl');
+  const { proof } = value;
+  if (isNil(proof)) throw new Error('proof');
+  const credentialProof = { credential_proof: proof };
+  console.log('Attribute id: ', attributeId);
+  console.log('Credential issuer URL: ', credentialIssuerUrl);
+  console.log('Proof: ', credentialProof);
+  const uidResp = await fetch(`${credentialIssuerUrl}/uid`);
+  if (!uidResp.ok) throw new Error('no uid');
+  const { credential_issuer_id: credentialIssuerId } = await uidResp.json();
+  if (isNil(credentialIssuerId)) throw new Error('credentialIssuerId');
+  console.log('Credential issuer id: ', credentialIssuerId);
+  const verfierResp = await fetch(`${credentialIssuerUrl}/authorizable_attribute/${attributeId}`);
+  if (!verfierResp.ok) throw new Error('no verifier');
+  const { verification_key: verificationKey } = await verfierResp.json();
+  console.log('verificationKey: ', verificationKey);
+  if (isNil(verificationKey)) throw new Error('verification key');
+  zenroom
+    .success(() => console.log('Success'))
+    .error(() => { throw new Error('not verified') })
+    .script(verifyProof(credentialIssuerId))
+    .data(JSON.stringify(verificationKey))
+    .keys(credentialProof)
+    .zenroom_exec()
+    .reset();
+  sessions[sessionId] = SESSION_STATUS.VALID;
   return SESSION_STATUS.VALID;
 };
 

src/verify-proof.zen.js

@@ -0,0 +1,14 @@
+export default uniqueId => `
+ZEN:begin(0)
+
+ZEN:parse([[
+Scenario coconut: verify proof
+Given that I have a valid 'verifier' from '${uniqueId}'
+and I have a valid 'credential proof'
+When I aggregate the verifiers
+and I verify the credential proof
+Then print 'Success' 'OK' as 'string'
+]])
+
+ZEN:run()
+`;

yarn.lock

@@ -1048,7 +1048,7 @@ core-js-compat@^3.1.1:
     browserslist "^4.7.1"
     semver "^6.3.0"
 
-core-js@^3.2.1:
+core-js@^3.1.4, core-js@^3.2.1:
   version "3.3.3"
   resolved "https://registry.yarnpkg.com/core-js/-/core-js-3.3.3.tgz#b7048d3c6c1a52b5fe55a729c1d4ccdffe0891bb"
   integrity sha512-0xmD4vUJRY8nfLyV9zcpC17FtSie5STXzw+HyYw2t8IIvmDnbq7RJUULECCo+NstpJtwK9kx8S+898iyqgeUow==
@@ -2128,6 +2128,11 @@ node-environment-flags@^1.0.5:
     object.getownpropertydescriptors "^2.0.3"
     semver "^5.7.0"
 
+node-fetch@^2.6.0:
+  version "2.6.0"
+  resolved "https://registry.yarnpkg.com/node-fetch/-/node-fetch-2.6.0.tgz#e633456386d4aa55863f676a7ab0daa8fdecb0fd"
+  integrity sha512-8dG4H5ujfvFiqDmVu9fQ5bOHUC15JMjMY/Zumv26oOvvVJjM67KF8koCWIabKQ1GJIa9r2mMZscBq/TbdOcmNA==
+
 node-modules-regexp@^1.0.0:
   version "1.0.0"
   resolved "https://registry.yarnpkg.com/node-modules-regexp/-/node-modules-regexp-1.0.0.tgz#8d9dbe28964a4ac5712e9131642107c71e90ec40"
@@ -2473,6 +2478,11 @@ [email protected]:
   resolved "https://registry.yarnpkg.com/qs/-/qs-6.7.0.tgz#41dc1a015e3d581f1621776be31afb2876a9b1bc"
   integrity sha512-VCdBRNFTX1fyE7Nb6FYoURo/SPe62QCaAyzJvUjwRaIsc+NePBEniHlvxFmmX56+HZphIGtV0XeCirBtpDrTyQ==
 
+ramda@^0.26.1:
+  version "0.26.1"
+  resolved "https://registry.yarnpkg.com/ramda/-/ramda-0.26.1.tgz#8d41351eb8111c55353617fc3bbffad8e4d35d06"
+  integrity sha512-hLWjpy7EnsDBb0p+Z3B7rPi3GDeRG5ZtiI33kJhTt+ORCd38AbAIjB/9zRIUoeTbE/AVX5ZkU7m6bznsvrf8eQ==
+
 range-parser@~1.2.1:
   version "1.2.1"
   resolved "https://registry.yarnpkg.com/range-parser/-/range-parser-1.2.1.tgz#3cf37023d199e1c24d1a55b84800c2f3e6468031"
@@ -2532,7 +2542,7 @@ regenerate@^1.4.0:
   resolved "https://registry.yarnpkg.com/regenerate/-/regenerate-1.4.0.tgz#4a856ec4b56e4077c557589cae85e7a4c8869a11"
   integrity sha512-1G6jJVDWrt0rK99kBjvEtziZNCICAuvIPkSiUFIQxVP06RCVpq3dmDo2oi6ABpYaDYaTRr67BEhL8r1wgEZZKg==
 
-regenerator-runtime@^0.13.3:
+regenerator-runtime@*, regenerator-runtime@^0.13.3:
   version "0.13.3"
   resolved "https://registry.yarnpkg.com/regenerator-runtime/-/regenerator-runtime-0.13.3.tgz#7cf6a77d8f5c6f60eb73c5fc1955b2ceb01e6bf5"
   integrity sha512-naKIZz2GQ8JWh///G7L3X6LaQUAMp2lvb1rvwwsURe/VXwD6VMfr+/1NuNw3ag8v2kY1aQ/go5SNn79O9JU7yw==
@@ -3149,3 +3159,12 @@ yallist@^3.0.0, yallist@^3.0.3:
   version "3.1.1"
   resolved "https://registry.yarnpkg.com/yallist/-/yallist-3.1.1.tgz#dbb7daf9bfd8bac9ab45ebf602b8cbad0d5d08fd"
   integrity sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==
+
+zenroom@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/zenroom/-/zenroom-1.0.0.tgz#8dc863cc30f1b0e193cc5cd689c9e808e6d6e4d8"
+  integrity sha512-khZLsXUs+qL+LrN3GlL0BvwwoP6KXnkDQatLUT5+OrRmspJCkutfCAQiFSEmagyi44m9m4fi+Xta9uTVe7VDlQ==
+  dependencies:
+    "@babel/node" "^7.6.3"
+    core-js "^3.1.4"
+    regenerator-runtime "*"