From 767cdfa688170e2d8e8464661bf27cb18eb492bb Mon Sep 17 00:00:00 2001
From: "georgi.michev" <georgi.michev@vereign.com>
Date: Thu, 21 Jul 2022 13:30:57 +0300
Subject: [PATCH 1/4] change Presentation.json
the file was currupted
---
src/main/resources/REST/json/Presentation.json | 16 +++++++++++++++-
1 file changed, 15 insertions(+), 1 deletion(-)
diff --git a/src/main/resources/REST/json/Presentation.json b/src/main/resources/REST/json/Presentation.json
index d4678bd4..7ae6dbef 100644
--- a/src/main/resources/REST/json/Presentation.json
+++ b/src/main/resources/REST/json/Presentation.json
@@ -17,7 +17,21 @@
"allow": true,
"id": "example/examplePolicy/1.0"
},
- "issuanceDate": "2022-07-01T11:07:57.975459274Z",
+ "issuanceDate": "2022-07-21T10:24:36.203848291Z",
+ "issuer": "did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation",
+ "type": "VerifiableCredential"
+ },
+ {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://w3id.org/security/suites/jws-2020/v1",
+ "https://www.w3.org/2018/credentials/examples/v1"
+ ],
+ "credentialSubject": {
+ "allow": true,
+ "id": "example/ProofRequestResponse/1.0"
+ },
+ "issuanceDate": "2022-07-21T10:24:36.203861194Z",
"issuer": "did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation",
"type": "VerifiableCredential"
}
--
GitLab
From 3cb42aa05d9d7bf3b083dd76b3f549d100b34cda Mon Sep 17 00:00:00 2001
From: "georgi.michev" <georgi.michev@vereign.com>
Date: Thu, 21 Jul 2022 17:38:51 +0300
Subject: [PATCH 2/4] add signer verify presentation
Signed-off-by: georgi.michev <georgi.michev@vereign.com>
---
.../REST/json/PresentationModifiedField.json | 46 +++++++++++++++++
.../api/test/core/GeneralStepDefinitions.java | 4 ++
.../tsa/signer/SignerStepDefinitions.java | 17 +++++++
.../v1/presentation/verify/POST.feature | 50 +++++++++++++++++++
4 files changed, 117 insertions(+)
create mode 100644 src/main/resources/REST/json/PresentationModifiedField.json
create mode 100644 src/test/resources/features/tsa/signer/v1/presentation/verify/POST.feature
diff --git a/src/main/resources/REST/json/PresentationModifiedField.json b/src/main/resources/REST/json/PresentationModifiedField.json
new file mode 100644
index 00000000..2d2545b2
--- /dev/null
+++ b/src/main/resources/REST/json/PresentationModifiedField.json
@@ -0,0 +1,46 @@
+{
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://w3id.org/security/suites/jws-2020/v1",
+ "https://www.w3.org/2018/credentials/examples/v1"
+ ],
+ "id": "did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation",
+ "proof": {
+ "created": "2022-07-21T14:28:09.071187173Z",
+ "jws": "eyJhbGciOiJKc29uV2ViU2lnbmF0dXJlMjAyMCIsImI2NCI6ZmFsc2UsImNyaXQiOlsiYjY0Il19..MEQCIFkavr6XpAYbdurBmQXNei-hI8WHAcnEYkZ6J3i4d3FKAiA4BtVCAixsAypaJ5dcBxn96Ju1OGfi7Kw1QRZMlMumhg",
+ "proofPurpose": "assertionMethod",
+ "type": "JsonWebSignature2020",
+ "verificationMethod": "did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation#key1"
+ },
+ "type": "VerifiablePresentation",
+ "verifiableCredential": [
+ {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://w3id.org/security/suites/jws-2020/v1",
+ "https://www.w3.org/2018/credentials/examples/v1"
+ ],
+ "credentialSubject": {
+ "allow": true,
+ "id": "example/examplePolicy/1.0"
+ },
+ "issuanceDate": "2022-07-21T10:24:36.203848291Z",
+ "issuer": "did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation",
+ "type": "VerifiableCredential"
+ },
+ {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://w3id.org/security/suites/jws-2020/v1",
+ "https://www.w3.org/2018/credentials/examples/v1"
+ ],
+ "credentialSubject": {
+ "allow": true,
+ "id": "example/ProofRequestResponse/1.0"
+ },
+ "issuanceDate": "2023-07-21T10:24:36.203861194Z",
+ "issuer": "did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation",
+ "type": "VerifiableCredential"
+ }
+ ]
+}
\ No newline at end of file
diff --git a/src/test/java/api/test/core/GeneralStepDefinitions.java b/src/test/java/api/test/core/GeneralStepDefinitions.java
index 3ace023c..4626ac7d 100644
--- a/src/test/java/api/test/core/GeneralStepDefinitions.java
+++ b/src/test/java/api/test/core/GeneralStepDefinitions.java
@@ -1464,4 +1464,8 @@ public class GeneralStepDefinitions extends BaseStepDefinitions {
assertEquals("Expected values doesn't match actual: ", expectedResultAsList, actualResultAsString);
}
+ @Then("I get the last response body and load it to the current request body")
+ public void iGetTheLastResponseBodyAndLoadItToTheCurrentRequestBody() {
+ currentRequest.setBody(getLastResponse().getBody());
+ }
}
\ No newline at end of file
diff --git a/src/test/java/api/test/rest/tsa/signer/SignerStepDefinitions.java b/src/test/java/api/test/rest/tsa/signer/SignerStepDefinitions.java
index 0bdf245d..ebdbb8ad 100644
--- a/src/test/java/api/test/rest/tsa/signer/SignerStepDefinitions.java
+++ b/src/test/java/api/test/rest/tsa/signer/SignerStepDefinitions.java
@@ -3,16 +3,25 @@ package api.test.rest.tsa.signer;
import api.test.core.BaseStepDefinitions;
import api.test.rest.RestGeneralStepDefinitions;
import api.test.rest.RestSessionContainer;
+import com.google.gson.Gson;
+import com.google.gson.JsonArray;
+import com.google.gson.JsonElement;
import core.*;
+import cucumber.api.java.en.And;
import cucumber.api.java.en.Given;
import cucumber.api.java.en.When;
+import cucumber.api.java.zh_cn.å‡å¦‚;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
+import java.util.HashMap;
+import java.util.Map;
+
public class SignerStepDefinitions extends BaseStepDefinitions {
private static final Logger logger = LogManager.getLogger(RestGeneralStepDefinitions.class.getSimpleName());
RestSessionContainer restSessionContainer;
Request currentRequest;
+ private String body;
public SignerStepDefinitions(RestSessionContainer restSessionContainer, Request currentRequest, DataContainer dataContainer) {
super(dataContainer);
@@ -59,4 +68,12 @@ public class SignerStepDefinitions extends BaseStepDefinitions {
addRequest(currentRequest);
addResponse(response);
}
+
+ @When("I verify presentation proof via TSA Signer API")
+ public void iVerifyPresentationProofViaTSASignerAPI() {
+ currentRequest.setPath("/v1/presentation/verify");
+ Response response = RestClient.post(currentRequest);
+ addRequest(currentRequest);
+ addResponse(response);
+ }
}
diff --git a/src/test/resources/features/tsa/signer/v1/presentation/verify/POST.feature b/src/test/resources/features/tsa/signer/v1/presentation/verify/POST.feature
new file mode 100644
index 00000000..4697bf4f
--- /dev/null
+++ b/src/test/resources/features/tsa/signer/v1/presentation/verify/POST.feature
@@ -0,0 +1,50 @@
+#Copyright (c) 2018 Vereign AG [https://www.vereign.com]
+#
+#This is free software: you can redistribute it and/or modify
+#it under the terms of the GNU Affero General Public License as
+#published by the Free Software Foundation, either version 3 of the
+#License, or (at your option) any later version.
+#
+#This program is distributed in the hope that it will be useful,
+#but WITHOUT ANY WARRANTY; without even the implied warranty of
+#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+#GNU Affero General Public License for more details.
+#
+#You should have received a copy of the GNU Affero General Public License
+#along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+#https://gaiax.vereign.com/tsa/signer/v1/presentation/verify
+#Author: Georgi Michev georgi.michev@vereign.com
+
+@rest @all @tsa @signer
+Feature: API - TSA - Signer presentation verify - v1/presentation/verify POST
+ As user
+ I want to verify a presentation
+ So I know it is valid
+
+ Background:
+ Given we are testing the TSA Signer Api
+
+ Scenario: TSA - verify presentation proof - Positive
+ When I load the request from json {/REST/json/Presentation.json}
+ When I create presentation proof via TSA Signer API
+ And the status code should be {200}
+ And the response is valid according to the {Signer_PresentationProof_schema.json} REST schema
+ And the field {proof.verificationMethod} has the value {did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation#key1}
+ Then I get the last response body and load it to the current request body
+ And I verify presentation proof via TSA Signer API
+ And the status code should be {200}
+ And the field {valid} has the value {true}
+
+ @negative
+ Scenario: TSA - verify presentation proof with modified field - Negative
+ When I load the request from json {/REST/json/Presentation.json}
+ When I create presentation proof via TSA Signer API
+ And the status code should be {200}
+ And the response is valid according to the {Signer_PresentationProof_schema.json} REST schema
+ And the field {proof.verificationMethod} has the value {did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation#key1}
+ Then I get the last response body and load it to the current request body
+ When I load the request from json {/REST/json/PresentationModifiedField.json}
+ And I verify presentation proof via TSA Signer API
+ And the status code should be {400}
+ And the field {message} has the value {check embedded proof: check linked data proof: ecdsa: invalid signature}
--
GitLab
From f5ed17985fb771c1c3637f928d06e3755b7c4a9a Mon Sep 17 00:00:00 2001
From: "georgi.michev" <georgi.michev@vereign.com>
Date: Mon, 25 Jul 2022 14:57:22 +0300
Subject: [PATCH 3/4] add negative test for verify signer - VP
Signed-off-by: georgi.michev <georgi.michev@vereign.com>
---
.../resources/REST/json/Presentation.json | 396 ++++++++++++++++--
.../REST/json/PresentationModifiedField.json | 46 --
.../signer/v1/presentation/proof/POST.feature | 2 +-
.../v1/presentation/verify/POST.feature | 73 +++-
4 files changed, 430 insertions(+), 87 deletions(-)
delete mode 100644 src/main/resources/REST/json/PresentationModifiedField.json
diff --git a/src/main/resources/REST/json/Presentation.json b/src/main/resources/REST/json/Presentation.json
index 7ae6dbef..59434ed3 100644
--- a/src/main/resources/REST/json/Presentation.json
+++ b/src/main/resources/REST/json/Presentation.json
@@ -1,39 +1,363 @@
{
- "@context": [
- "https://www.w3.org/2018/credentials/v1",
- "https://w3id.org/security/suites/jws-2020/v1",
- "https://www.w3.org/2018/credentials/examples/v1"
- ],
- "id": "did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation",
- "type": "VerifiablePresentation",
- "verifiableCredential": [
- {
- "@context": [
- "https://www.w3.org/2018/credentials/v1",
- "https://w3id.org/security/suites/jws-2020/v1",
- "https://www.w3.org/2018/credentials/examples/v1"
- ],
- "credentialSubject": {
- "allow": true,
- "id": "example/examplePolicy/1.0"
- },
- "issuanceDate": "2022-07-21T10:24:36.203848291Z",
- "issuer": "did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation",
- "type": "VerifiableCredential"
+ "for_proof": {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://w3id.org/security/suites/jws-2020/v1",
+ "https://www.w3.org/2018/credentials/examples/v1"
+ ],
+ "id": "did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation",
+ "type": "VerifiablePresentation",
+ "verifiableCredential": [
+ {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://w3id.org/security/suites/jws-2020/v1",
+ "https://www.w3.org/2018/credentials/examples/v1"
+ ],
+ "credentialSubject": {
+ "allow": true,
+ "id": "example/examplePolicy/1.0"
+ },
+ "issuanceDate": "2022-07-21T10:24:36.203848291Z",
+ "issuer": "did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation",
+ "type": "VerifiableCredential"
+ },
+ {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://w3id.org/security/suites/jws-2020/v1",
+ "https://www.w3.org/2018/credentials/examples/v1"
+ ],
+ "credentialSubject": {
+ "allow": true,
+ "id": "example/ProofRequestResponse/1.0"
+ },
+ "issuanceDate": "2022-07-21T10:24:36.203861194Z",
+ "issuer": "did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation",
+ "type": "VerifiableCredential"
+ }
+ ]
+ },
+ "modified_issuanceDate": {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://w3id.org/security/suites/jws-2020/v1",
+ "https://www.w3.org/2018/credentials/examples/v1"
+ ],
+ "id": "did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation",
+ "proof": {
+ "created": "2022-07-21T14:28:09.071187173Z",
+ "jws": "eyJhbGciOiJKc29uV2ViU2lnbmF0dXJlMjAyMCIsImI2NCI6ZmFsc2UsImNyaXQiOlsiYjY0Il19..MEQCIFkavr6XpAYbdurBmQXNei-hI8WHAcnEYkZ6J3i4d3FKAiA4BtVCAixsAypaJ5dcBxn96Ju1OGfi7Kw1QRZMlMumhg",
+ "proofPurpose": "assertionMethod",
+ "type": "JsonWebSignature2020",
+ "verificationMethod": "did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation#key1"
+ },
+ "type": "VerifiablePresentation",
+ "verifiableCredential": [
+ {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://w3id.org/security/suites/jws-2020/v1",
+ "https://www.w3.org/2018/credentials/examples/v1"
+ ],
+ "credentialSubject": {
+ "allow": true,
+ "id": "example/examplePolicy/1.0"
+ },
+ "issuanceDate": "2022-07-21T10:24:36.203848291Z",
+ "issuer": "did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation",
+ "type": "VerifiableCredential"
+ },
+ {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://w3id.org/security/suites/jws-2020/v1",
+ "https://www.w3.org/2018/credentials/examples/v1"
+ ],
+ "credentialSubject": {
+ "allow": true,
+ "id": "example/ProofRequestResponse/1.0"
+ },
+ "issuanceDate": "2023-07-21T10:24:36.203861194Z",
+ "issuer": "did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation",
+ "type": "VerifiableCredential"
+ }
+ ]
+ },
+ "modified_credentialSubject_1_allow": {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://w3id.org/security/suites/jws-2020/v1",
+ "https://www.w3.org/2018/credentials/examples/v1"
+ ],
+ "id": "did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation",
+ "proof": {
+ "created": "2022-07-21T14:28:09.071187173Z",
+ "jws": "eyJhbGciOiJKc29uV2ViU2lnbmF0dXJlMjAyMCIsImI2NCI6ZmFsc2UsImNyaXQiOlsiYjY0Il19..MEQCIFkavr6XpAYbdurBmQXNei-hI8WHAcnEYkZ6J3i4d3FKAiA4BtVCAixsAypaJ5dcBxn96Ju1OGfi7Kw1QRZMlMumhg",
+ "proofPurpose": "assertionMethod",
+ "type": "JsonWebSignature2020",
+ "verificationMethod": "did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation#key1"
+ },
+ "type": "VerifiablePresentation",
+ "verifiableCredential": [
+ {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://w3id.org/security/suites/jws-2020/v1",
+ "https://www.w3.org/2018/credentials/examples/v1"
+ ],
+ "credentialSubject": {
+ "allow": false,
+ "id": "example/examplePolicy/1.0"
+ },
+ "issuanceDate": "2022-07-21T10:24:36.203848291Z",
+ "issuer": "did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation",
+ "type": "VerifiableCredential"
+ },
+ {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://w3id.org/security/suites/jws-2020/v1",
+ "https://www.w3.org/2018/credentials/examples/v1"
+ ],
+ "credentialSubject": {
+ "allow": true,
+ "id": "example/ProofRequestResponse/1.0"
+ },
+ "issuanceDate": "2022-07-21T10:24:36.203861194Z",
+ "issuer": "did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation",
+ "type": "VerifiableCredential"
+ }
+ ]
+ },
+ "modified_credentialSubject_2_allow": {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://w3id.org/security/suites/jws-2020/v1",
+ "https://www.w3.org/2018/credentials/examples/v1"
+ ],
+ "id": "did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation",
+ "proof": {
+ "created": "2022-07-21T14:28:09.071187173Z",
+ "jws": "eyJhbGciOiJKc29uV2ViU2lnbmF0dXJlMjAyMCIsImI2NCI6ZmFsc2UsImNyaXQiOlsiYjY0Il19..MEQCIFkavr6XpAYbdurBmQXNei-hI8WHAcnEYkZ6J3i4d3FKAiA4BtVCAixsAypaJ5dcBxn96Ju1OGfi7Kw1QRZMlMumhg",
+ "proofPurpose": "assertionMethod",
+ "type": "JsonWebSignature2020",
+ "verificationMethod": "did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation#key1"
+ },
+ "type": "VerifiablePresentation",
+ "verifiableCredential": [
+ {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://w3id.org/security/suites/jws-2020/v1",
+ "https://www.w3.org/2018/credentials/examples/v1"
+ ],
+ "credentialSubject": {
+ "allow": true,
+ "id": "example/examplePolicy/1.0"
+ },
+ "issuanceDate": "2022-07-21T10:24:36.203848291Z",
+ "issuer": "did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation",
+ "type": "VerifiableCredential"
+ },
+ {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://w3id.org/security/suites/jws-2020/v1",
+ "https://www.w3.org/2018/credentials/examples/v1"
+ ],
+ "credentialSubject": {
+ "allow": false,
+ "id": "example/ProofRequestResponse/1.0"
+ },
+ "issuanceDate": "2022-07-21T10:24:36.203861194Z",
+ "issuer": "did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation",
+ "type": "VerifiableCredential"
+ }
+ ]
+ },
+ "modified_credentialSubject_1_ID": {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://w3id.org/security/suites/jws-2020/v1",
+ "https://www.w3.org/2018/credentials/examples/v1"
+ ],
+ "id": "did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation",
+ "proof": {
+ "created": "2022-07-21T14:28:09.071187173Z",
+ "jws": "eyJhbGciOiJKc29uV2ViU2lnbmF0dXJlMjAyMCIsImI2NCI6ZmFsc2UsImNyaXQiOlsiYjY0Il19..MEQCIFkavr6XpAYbdurBmQXNei-hI8WHAcnEYkZ6J3i4d3FKAiA4BtVCAixsAypaJ5dcBxn96Ju1OGfi7Kw1QRZMlMumhg",
+ "proofPurpose": "assertionMethod",
+ "type": "JsonWebSignature2020",
+ "verificationMethod": "did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation#key1"
},
- {
- "@context": [
- "https://www.w3.org/2018/credentials/v1",
- "https://w3id.org/security/suites/jws-2020/v1",
- "https://www.w3.org/2018/credentials/examples/v1"
- ],
- "credentialSubject": {
- "allow": true,
- "id": "example/ProofRequestResponse/1.0"
- },
- "issuanceDate": "2022-07-21T10:24:36.203861194Z",
- "issuer": "did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation",
- "type": "VerifiableCredential"
- }
- ]
+ "type": "VerifiablePresentation",
+ "verifiableCredential": [
+ {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://w3id.org/security/suites/jws-2020/v1",
+ "https://www.w3.org/2018/credentials/examples/v1"
+ ],
+ "credentialSubject": {
+ "allow": true,
+ "id": "example/examplePolicy/2.0"
+ },
+ "issuanceDate": "2022-07-21T10:24:36.203848291Z",
+ "issuer": "did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation",
+ "type": "VerifiableCredential"
+ },
+ {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://w3id.org/security/suites/jws-2020/v1",
+ "https://www.w3.org/2018/credentials/examples/v1"
+ ],
+ "credentialSubject": {
+ "allow": true,
+ "id": "example/ProofRequestResponse/1.0"
+ },
+ "issuanceDate": "2022-07-21T10:24:36.203861194Z",
+ "issuer": "did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation",
+ "type": "VerifiableCredential"
+ }
+ ]
+ },
+ "modified_credentialSubject_2_ID": {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://w3id.org/security/suites/jws-2020/v1",
+ "https://www.w3.org/2018/credentials/examples/v1"
+ ],
+ "id": "did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation",
+ "proof": {
+ "created": "2022-07-21T14:28:09.071187173Z",
+ "jws": "eyJhbGciOiJKc29uV2ViU2lnbmF0dXJlMjAyMCIsImI2NCI6ZmFsc2UsImNyaXQiOlsiYjY0Il19..MEQCIFkavr6XpAYbdurBmQXNei-hI8WHAcnEYkZ6J3i4d3FKAiA4BtVCAixsAypaJ5dcBxn96Ju1OGfi7Kw1QRZMlMumhg",
+ "proofPurpose": "assertionMethod",
+ "type": "JsonWebSignature2020",
+ "verificationMethod": "did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation#key1"
+ },
+ "type": "VerifiablePresentation",
+ "verifiableCredential": [
+ {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://w3id.org/security/suites/jws-2020/v1",
+ "https://www.w3.org/2018/credentials/examples/v1"
+ ],
+ "credentialSubject": {
+ "allow": true,
+ "id": "example/examplePolicy/1.0"
+ },
+ "issuanceDate": "2022-07-21T10:24:36.203848291Z",
+ "issuer": "did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation",
+ "type": "VerifiableCredential"
+ },
+ {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://w3id.org/security/suites/jws-2020/v1",
+ "https://www.w3.org/2018/credentials/examples/v1"
+ ],
+ "credentialSubject": {
+ "allow": true,
+ "id": "example/ProofRequestResponse/2.0"
+ },
+ "issuanceDate": "2022-07-21T10:24:36.203861194Z",
+ "issuer": "did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation",
+ "type": "VerifiableCredential"
+ }
+ ]
+ },
+ "modified_ID": {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://w3id.org/security/suites/jws-2020/v1",
+ "https://www.w3.org/2018/credentials/examples/v1"
+ ],
+ "id": "did:web:XXX.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation",
+ "proof": {
+ "created": "2022-07-21T14:28:09.071187173Z",
+ "jws": "eyJhbGciOiJKc29uV2ViU2lnbmF0dXJlMjAyMCIsImI2NCI6ZmFsc2UsImNyaXQiOlsiYjY0Il19..MEQCIFkavr6XpAYbdurBmQXNei-hI8WHAcnEYkZ6J3i4d3FKAiA4BtVCAixsAypaJ5dcBxn96Ju1OGfi7Kw1QRZMlMumhg",
+ "proofPurpose": "assertionMethod",
+ "type": "JsonWebSignature2020",
+ "verificationMethod": "did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation#key1"
+ },
+ "type": "VerifiablePresentation",
+ "verifiableCredential": [
+ {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://w3id.org/security/suites/jws-2020/v1",
+ "https://www.w3.org/2018/credentials/examples/v1"
+ ],
+ "credentialSubject": {
+ "allow": true,
+ "id": "example/examplePolicy/1.0"
+ },
+ "issuanceDate": "2022-07-21T10:24:36.203848291Z",
+ "issuer": "did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation",
+ "type": "VerifiableCredential"
+ },
+ {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://w3id.org/security/suites/jws-2020/v1",
+ "https://www.w3.org/2018/credentials/examples/v1"
+ ],
+ "credentialSubject": {
+ "allow": true,
+ "id": "example/ProofRequestResponse/1.0"
+ },
+ "issuanceDate": "2022-07-21T10:24:36.203861194Z",
+ "issuer": "did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation",
+ "type": "VerifiableCredential"
+ }
+ ]
+ },
+ "modified_proof_created": {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://w3id.org/security/suites/jws-2020/v1",
+ "https://www.w3.org/2018/credentials/examples/v1"
+ ],
+ "id": "did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation",
+ "proof": {
+ "created": "2023-07-21T14:28:09.071187173Z",
+ "jws": "eyJhbGciOiJKc29uV2ViU2lnbmF0dXJlMjAyMCIsImI2NCI6ZmFsc2UsImNyaXQiOlsiYjY0Il19..MEQCIFkavr6XpAYbdurBmQXNei-hI8WHAcnEYkZ6J3i4d3FKAiA4BtVCAixsAypaJ5dcBxn96Ju1OGfi7Kw1QRZMlMumhg",
+ "proofPurpose": "assertionMethod",
+ "type": "JsonWebSignature2020",
+ "verificationMethod": "did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation#key1"
+ },
+ "type": "VerifiablePresentation",
+ "verifiableCredential": [
+ {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://w3id.org/security/suites/jws-2020/v1",
+ "https://www.w3.org/2018/credentials/examples/v1"
+ ],
+ "credentialSubject": {
+ "allow": true,
+ "id": "example/examplePolicy/1.0"
+ },
+ "issuanceDate": "2022-07-21T10:24:36.203848291Z",
+ "issuer": "did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation",
+ "type": "VerifiableCredential"
+ },
+ {
+ "@context": [
+ "https://www.w3.org/2018/credentials/v1",
+ "https://w3id.org/security/suites/jws-2020/v1",
+ "https://www.w3.org/2018/credentials/examples/v1"
+ ],
+ "credentialSubject": {
+ "allow": true,
+ "id": "example/ProofRequestResponse/1.0"
+ },
+ "issuanceDate": "2022-07-21T10:24:36.203861194Z",
+ "issuer": "did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation",
+ "type": "VerifiableCredential"
+ }
+ ]
+ }
}
\ No newline at end of file
diff --git a/src/main/resources/REST/json/PresentationModifiedField.json b/src/main/resources/REST/json/PresentationModifiedField.json
deleted file mode 100644
index 2d2545b2..00000000
--- a/src/main/resources/REST/json/PresentationModifiedField.json
+++ /dev/null
@@ -1,46 +0,0 @@
-{
- "@context": [
- "https://www.w3.org/2018/credentials/v1",
- "https://w3id.org/security/suites/jws-2020/v1",
- "https://www.w3.org/2018/credentials/examples/v1"
- ],
- "id": "did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation",
- "proof": {
- "created": "2022-07-21T14:28:09.071187173Z",
- "jws": "eyJhbGciOiJKc29uV2ViU2lnbmF0dXJlMjAyMCIsImI2NCI6ZmFsc2UsImNyaXQiOlsiYjY0Il19..MEQCIFkavr6XpAYbdurBmQXNei-hI8WHAcnEYkZ6J3i4d3FKAiA4BtVCAixsAypaJ5dcBxn96Ju1OGfi7Kw1QRZMlMumhg",
- "proofPurpose": "assertionMethod",
- "type": "JsonWebSignature2020",
- "verificationMethod": "did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation#key1"
- },
- "type": "VerifiablePresentation",
- "verifiableCredential": [
- {
- "@context": [
- "https://www.w3.org/2018/credentials/v1",
- "https://w3id.org/security/suites/jws-2020/v1",
- "https://www.w3.org/2018/credentials/examples/v1"
- ],
- "credentialSubject": {
- "allow": true,
- "id": "example/examplePolicy/1.0"
- },
- "issuanceDate": "2022-07-21T10:24:36.203848291Z",
- "issuer": "did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation",
- "type": "VerifiableCredential"
- },
- {
- "@context": [
- "https://www.w3.org/2018/credentials/v1",
- "https://w3id.org/security/suites/jws-2020/v1",
- "https://www.w3.org/2018/credentials/examples/v1"
- ],
- "credentialSubject": {
- "allow": true,
- "id": "example/ProofRequestResponse/1.0"
- },
- "issuanceDate": "2023-07-21T10:24:36.203861194Z",
- "issuer": "did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation",
- "type": "VerifiableCredential"
- }
- ]
-}
\ No newline at end of file
diff --git a/src/test/resources/features/tsa/signer/v1/presentation/proof/POST.feature b/src/test/resources/features/tsa/signer/v1/presentation/proof/POST.feature
index 94b03ca3..31ed9b5c 100644
--- a/src/test/resources/features/tsa/signer/v1/presentation/proof/POST.feature
+++ b/src/test/resources/features/tsa/signer/v1/presentation/proof/POST.feature
@@ -26,7 +26,7 @@ Feature: API - TSA - Signer presentation proof - v1/presentation/proof POST
Given we are testing the TSA Signer Api
Scenario: TSA - create presentation proof - Positive
- When I load the request from json {/REST/json/Presentation.json}
+ When I load the REST request {Presentation.json} with profile {for_proof}
When I create presentation proof via TSA Signer API
And the status code should be {200}
And the response is valid according to the {Signer_PresentationProof_schema.json} REST schema
diff --git a/src/test/resources/features/tsa/signer/v1/presentation/verify/POST.feature b/src/test/resources/features/tsa/signer/v1/presentation/verify/POST.feature
index 4697bf4f..674b870c 100644
--- a/src/test/resources/features/tsa/signer/v1/presentation/verify/POST.feature
+++ b/src/test/resources/features/tsa/signer/v1/presentation/verify/POST.feature
@@ -26,7 +26,7 @@ Feature: API - TSA - Signer presentation verify - v1/presentation/verify POST
Given we are testing the TSA Signer Api
Scenario: TSA - verify presentation proof - Positive
- When I load the request from json {/REST/json/Presentation.json}
+ When I load the REST request {Presentation.json} with profile {for_proof}
When I create presentation proof via TSA Signer API
And the status code should be {200}
And the response is valid according to the {Signer_PresentationProof_schema.json} REST schema
@@ -37,14 +37,79 @@ Feature: API - TSA - Signer presentation verify - v1/presentation/verify POST
And the field {valid} has the value {true}
@negative
- Scenario: TSA - verify presentation proof with modified field - Negative
- When I load the request from json {/REST/json/Presentation.json}
+ Scenario: TSA - verify presentation proof with modified ID field - Negative
+ When I load the REST request {Presentation.json} with profile {for_proof}
When I create presentation proof via TSA Signer API
And the status code should be {200}
And the response is valid according to the {Signer_PresentationProof_schema.json} REST schema
And the field {proof.verificationMethod} has the value {did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation#key1}
Then I get the last response body and load it to the current request body
- When I load the request from json {/REST/json/PresentationModifiedField.json}
+ When I load the REST request {Presentation.json} with profile {modified_ID}
And I verify presentation proof via TSA Signer API
And the status code should be {400}
And the field {message} has the value {check embedded proof: check linked data proof: ecdsa: invalid signature}
+
+ @negative
+ Scenario: TSA - verify presentation proof with modified issuanceDate field - Negative
+ When I load the REST request {Presentation.json} with profile {for_proof}
+ When I create presentation proof via TSA Signer API
+ And the status code should be {200}
+ And the response is valid according to the {Signer_PresentationProof_schema.json} REST schema
+ And the field {proof.verificationMethod} has the value {did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation#key1}
+ Then I get the last response body and load it to the current request body
+ When I load the REST request {Presentation.json} with profile {modified_issuanceDate}
+ And I verify presentation proof via TSA Signer API
+ And the status code should be {400}
+ And the field {message} has the value {check embedded proof: check linked data proof: ecdsa: invalid signature}
+
+ @wip @bug-issue-signer#16 @negative
+ Scenario: TSA - verify presentation proof with modified credentialSubject.allow field - Negative
+ When I load the REST request {Presentation.json} with profile {for_proof}
+ When I create presentation proof via TSA Signer API
+ And the status code should be {200}
+ And the response is valid according to the {Signer_PresentationProof_schema.json} REST schema
+ And the field {proof.verificationMethod} has the value {did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation#key1}
+ Then I get the last response body and load it to the current request body
+ When I load the REST request {Presentation.json} with profile {modified_credentialSubject_1_allow}
+ And I verify presentation proof via TSA Signer API
+# And the status code should be {400}
+# And the field {message} has the value {check embedded proof: check linked data proof: ecdsa: invalid signature}
+
+ @wip @bug-issue-signer#16 @negative
+ Scenario: TSA - verify presentation proof with modified credentialSubject.allow field - Negative
+ When I load the REST request {Presentation.json} with profile {for_proof}
+ When I create presentation proof via TSA Signer API
+ And the status code should be {200}
+ And the response is valid according to the {Signer_PresentationProof_schema.json} REST schema
+ And the field {proof.verificationMethod} has the value {did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation#key1}
+ Then I get the last response body and load it to the current request body
+ When I load the REST request {Presentation.json} with profile {modified_credentialSubject_2_allow}
+ And I verify presentation proof via TSA Signer API
+# And the status code should be {400}
+# And the field {message} has the value {check embedded proof: check linked data proof: ecdsa: invalid signature}
+
+ @wip @bug-issue-signer#16 @negative
+ Scenario: TSA - verify presentation proof with modified credentialSubject.ID field - Negative
+ When I load the REST request {Presentation.json} with profile {for_proof}
+ When I create presentation proof via TSA Signer API
+ And the status code should be {200}
+ And the response is valid according to the {Signer_PresentationProof_schema.json} REST schema
+ And the field {proof.verificationMethod} has the value {did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation#key1}
+ Then I get the last response body and load it to the current request body
+ When I load the REST request {Presentation.json} with profile {modified_credentialSubject_1_ID}
+ And I verify presentation proof via TSA Signer API
+# And the status code should be {400}
+# And the field {message} has the value {check embedded proof: check linked data proof: ecdsa: invalid signature}
+
+ @wip @bug-issue-signer#16 @negative
+ Scenario: TSA - verify presentation proof with modified credentialSubject.ID field - Negative
+ When I load the REST request {Presentation.json} with profile {for_proof}
+ When I create presentation proof via TSA Signer API
+ And the status code should be {200}
+ And the response is valid according to the {Signer_PresentationProof_schema.json} REST schema
+ And the field {proof.verificationMethod} has the value {did:web:gaiax.vereign.com:tsa:policy:policy:example:returnDID:1.0:evaluation#key1}
+ Then I get the last response body and load it to the current request body
+ When I load the REST request {Presentation.json} with profile {modified_credentialSubject_2_ID}
+ And I verify presentation proof via TSA Signer API
+# And the status code should be {400}
+# And the field {message} has the value {check embedded proof: check linked data proof: ecdsa: invalid signature}
--
GitLab
From 5c9da73f9ab0df32403a9f473fd111698069ba65 Mon Sep 17 00:00:00 2001
From: "georgi.michev" <georgi.michev@vereign.com>
Date: Mon, 25 Jul 2022 15:27:17 +0300
Subject: [PATCH 4/4] cleanup imports
Signed-off-by: georgi.michev <georgi.michev@vereign.com>
---
src/main/java/core/ResponseContainer.java | 2 --
src/test/java/api/test/core/GeneralStepDefinitions.java | 1 -
.../api/test/rest/tsa/signer/SignerStepDefinitions.java | 9 ---------
.../java/api/test/rest/tsa/task/TaskStepDefinitions.java | 7 -------
4 files changed, 19 deletions(-)
diff --git a/src/main/java/core/ResponseContainer.java b/src/main/java/core/ResponseContainer.java
index cd35c20a..f35fdc5b 100644
--- a/src/main/java/core/ResponseContainer.java
+++ b/src/main/java/core/ResponseContainer.java
@@ -17,8 +17,6 @@ along with this program. If not, see <http://www.gnu.org/licenses/>.
package core;
-import core.*;
-
import java.util.ArrayList;
import java.util.List;
diff --git a/src/test/java/api/test/core/GeneralStepDefinitions.java b/src/test/java/api/test/core/GeneralStepDefinitions.java
index 4626ac7d..2d0e3101 100644
--- a/src/test/java/api/test/core/GeneralStepDefinitions.java
+++ b/src/test/java/api/test/core/GeneralStepDefinitions.java
@@ -27,7 +27,6 @@ import cucumber.api.java.After;
import cucumber.api.java.Before;
import cucumber.api.java.en.*;
import exceptions.RAFException;
-import org.apache.commons.collections.FactoryUtils;
import org.apache.commons.lang3.RandomStringUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.logging.log4j.LogManager;
diff --git a/src/test/java/api/test/rest/tsa/signer/SignerStepDefinitions.java b/src/test/java/api/test/rest/tsa/signer/SignerStepDefinitions.java
index ebdbb8ad..2f123591 100644
--- a/src/test/java/api/test/rest/tsa/signer/SignerStepDefinitions.java
+++ b/src/test/java/api/test/rest/tsa/signer/SignerStepDefinitions.java
@@ -3,20 +3,11 @@ package api.test.rest.tsa.signer;
import api.test.core.BaseStepDefinitions;
import api.test.rest.RestGeneralStepDefinitions;
import api.test.rest.RestSessionContainer;
-import com.google.gson.Gson;
-import com.google.gson.JsonArray;
-import com.google.gson.JsonElement;
import core.*;
-import cucumber.api.java.en.And;
-import cucumber.api.java.en.Given;
import cucumber.api.java.en.When;
-import cucumber.api.java.zh_cn.å‡å¦‚;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
-import java.util.HashMap;
-import java.util.Map;
-
public class SignerStepDefinitions extends BaseStepDefinitions {
private static final Logger logger = LogManager.getLogger(RestGeneralStepDefinitions.class.getSimpleName());
RestSessionContainer restSessionContainer;
diff --git a/src/test/java/api/test/rest/tsa/task/TaskStepDefinitions.java b/src/test/java/api/test/rest/tsa/task/TaskStepDefinitions.java
index f86a00ba..0ba5b009 100644
--- a/src/test/java/api/test/rest/tsa/task/TaskStepDefinitions.java
+++ b/src/test/java/api/test/rest/tsa/task/TaskStepDefinitions.java
@@ -3,21 +3,14 @@ package api.test.rest.tsa.task;
import api.test.core.BaseStepDefinitions;
import api.test.rest.RestGeneralStepDefinitions;
import api.test.rest.RestSessionContainer;
-import com.jayway.jsonpath.Configuration;
import com.jayway.jsonpath.JsonPath;
-import com.jayway.jsonpath.Option;
-import com.jayway.jsonpath.ReadContext;
import core.*;
import cucumber.api.java.en.And;
-import cucumber.api.java.en.Given;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import java.util.List;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
-
public class TaskStepDefinitions extends BaseStepDefinitions{
private static final Logger logger = LogManager.getLogger(RestGeneralStepDefinitions.class.getSimpleName());
RestSessionContainer restSessionContainer;
--
GitLab