log registration and demo update

Signed-off-by: pstlouis <[email protected]>
decentralized-identity · Jan 9, 2025 · c225980 · c225980
1 parent e7978a4
commit c225980
Show file tree

Hide file tree

Showing 7 changed files with 206 additions and 179 deletions.
diff --git a/demo/README.md b/demo/README.md
@@ -16,8 +16,8 @@ You will need a docker installation, curl, jq and a bash shell.
 
 Once this is all checked, you can clone the repo, move to the demo repository and start the services:
 ```bash
-git clone https://github.com/OpSecId/trustdidweb-server-py.git
-cd trustdidweb-server-py/demo/ && ./manage start
+git clone https://github.com/identity-foundation/didwebvh-server-py.git
+cd didwebvh-server-py/demo/ && ./manage start
 
 ```
 
@@ -32,7 +32,7 @@ curl -H Host:agent.docker.localhost \
 ```
 
 *You can visit the following pages in your browser*
-- http://agent.docker.localhost
+- http://agent.docker.localhost/api/doc
 - http://server.docker.localhost/docs
 
 ## Create a DID
@@ -43,153 +43,78 @@ DID web requires a public endpoint to be globally resolveable. For this demo, we
 
 This demo also serves as an introduction to Data Integrity proof sets.
 
+At any time, you can reset this demo with the `./manage restart` command.
+
 ### Request a did namespace and identifier
 ```bash
-namespace='demo'
-identifier='issuer'
-curl -H Host:server.docker.localhost \
-    http://127.0.0.1?namespace=$namespace&identifier=$identifier | jq .
-```
-```json
-{
-  "document": {
-    "@context": [
-      "https://www.w3.org/ns/did/v1"
-    ],
-    "id": "did:web:server.docker.localhost:demo:issuer"
-  },
-  "options": {
-    "type": "DataIntegrityProof",
-    "cryptosuite": "eddsa-jcs-2022",
-    "proofPurpose": "authentication",
-    "created": "2024-09-06T20:57:52+00:00",
-    "expires": "2024-09-06T21:07:52+00:00",
-    "domain": "server.docker.localhost",
-    "challenge": "de96aa5e-3c6d-55d7-9ef7-77dd98cabf96"
-  }
-}
+DID_REQUEST=$(curl -H Host:server.docker.localhost \
+    'http://127.0.0.1?namespace=demo&identifier=issuer' | jq .)
+
+DID_DOCUMENT=$(echo $DID_REQUEST | jq .didDocument)
+PROOF_OPTIONS=$(echo $DID_REQUEST | jq .proofOptions)
+
 ```
-From this point on, you have 10 minutes to complete the rest of this demo before the proof configuration is expired. You can restart at any moment with the `./manage restart` command.
 
-## Create a new verification Method
-Open the browser and register a new verification method with the agent.
-- http://issuer.docker.localhost/api/doc#/wallet/post_keys
+The proof options generated have a 10 minutes validity period, after which you will need to request a new set of options.
 
-Here's a sample request you can copy into the OpenAPI interface.
+## Create an update key for this did
+```bash
+# http://agent.docker.localhost/api/doc#/wallet/post_wallet_keys
 
-```json
-{
-    "kid": "did:web:server.docker.localhost:demo:issuer#key-01"
-}
-```
+UPDATE_KEY=$(curl -X 'POST' -H Host:agent.docker.localhost \
+  'http://127.0.0.1/wallet/keys' \
+  -d '{}' | jq -r .multikey)
+CONTROLLER_VERIFICATION_METHOD="did:key:$UPDATE_KEY#$UPDATE_KEY"
 
-## Create and sign the did document
-Create your DID document, adding the verification method created at the previous step. Also add an `authentication` and `assertionMethod` relationship to this verification method.
-```json
-{
-    "@context": [
-      "https://www.w3.org/ns/did/v1"
-    ],
-    "id": "did:web:server.docker.localhost:demo:issuer",
-    "authentication": ["did:web:server.docker.localhost:demo:issuer#key-01"],
-    "assertionMethod": ["did:web:server.docker.localhost:demo:issuer#key-01"],
-    "verificationMethod": [
-        {
-            "id": "did:web:server.docker.localhost:demo:issuer#key-01",
-            "type": "MultiKey",
-            "controller": "did:web:server.docker.localhost:demo:issuer",
-            "publicKeyMultibase": "z6MkgKA7yrw5kYSiDuQFcye4bMaJpcfHFry3Bx45pdWh3s8i"
-        }
-    ],
-}
 ```
+
+## Sign the did document
+You can optionally add information to your did document containing the content you want to publish. Refer to the did core spec to get familiar with such features. For this demo, we will leave it as is.
+
 Sign with the proof options obtained from step 1.
-- http://issuer.docker.localhost/api/doc#/wallet/post_wallet_di_add_proof
-
-See below for a template to use as your request body.
-- *You will need to use the options you obtained since there's an expiration of 10 minutes and a unique challenge was created.*
-- *Also, you will need to add the verificationMethod you created.*
-```json
-{
-  "document": {
-        "@context": [
-          "https://www.w3.org/ns/did/v1"
-        ],
-        "id": "did:web:server.docker.localhost:demo:issuer",
-        "authentication": ["did:web:server.docker.localhost:demo:issuer#key-01"],
-        "assertionMethod": ["did:web:server.docker.localhost:demo:issuer#key-01"],
-        "verificationMethod": [
-            {
-                "id": "did:web:server.docker.localhost:demo:issuer#key-01",
-                "type": "MultiKey",
-                "controller": "did:web:server.docker.localhost:demo:issuer",
-                "publicKeyMultibase": "z6MkgKA7yrw5kYSiDuQFcye4bMaJpcfHFry3Bx45pdWh3s8i"
-            }
-        ]
-    },
-  "options": {
-    "type": "DataIntegrityProof",
-    "cryptosuite": "eddsa-jcs-2022",
-    "proofPurpose": "authentication",
-    "created": "⚠️",
-    "expires": "⚠️",
-    "domain": "server.docker.localhost",
-    "challenge": "⚠️",
-    "verificationMethod": "did:key:⚠️#⚠️"
-  }
-}
+```bash
+# http://issuer.docker.localhost/api/doc#/wallet/post_wallet_di_add_proof
+
+# Add verificationMethod to the proof options
+CONTROLLER_PROOF_OPTIONS=$(jq '. += {"verificationMethod": "'"$CONTROLLER_VERIFICATION_METHOD"'"}' <<< "$PROOF_OPTIONS")
+
+# Construct the payload for the request
+PAYLOAD=$(cat <<EOF 
+{"document": $DID_DOCUMENT, "options": $CONTROLLER_PROOF_OPTIONS}
+EOF
+)
+
+# Request a signature on the did document
+SIGNED_DID_DOC=$(curl -X 'POST' -H Host:agent.docker.localhost \
+  -H 'Content-Type: application/json' \
+  'http://127.0.0.1/vc/di/add-proof' \
+  -d ''"$PAYLOAD"'' | jq .securedDocument)
 
 ```
 
 ## Request an endorser signature
 Request an endorser signature on the signed did document.
-- http://endorser.docker.localhost/api/doc#/wallet/post_wallet_di_add_proof
-
-See below for a template to use as your request body.
-- *Again, you will need to use the options you obtained since there's an expiration of 10 minutes and a unique challenge was created.*
-- *Also, you will need to add the `verificationMethod` from the endorser, which is derived from the server's root did: `did:web:server.docker.localhost#key-01`. This has been provisioned on the endorser agent during startup.*
-```json
-{
-  "document": {
-        "@context": [
-          "https://www.w3.org/ns/did/v1"
-        ],
-        "id": "did:web:server.docker.localhost:demo:issuer",
-        "authentication": ["did:web:server.docker.localhost:demo:issuer#key-01"],
-        "assertionMethod": ["did:web:server.docker.localhost:demo:issuer#key-01"],
-        "verificationMethod": [
-            {
-                "id": "did:web:server.docker.localhost:demo:issuer#key-01",
-                "type": "MultiKey",
-                "controller": "did:web:server.docker.localhost:demo:issuer",
-                "publicKeyMultibase": "z6MkgKA7yrw5kYSiDuQFcye4bMaJpcfHFry3Bx45pdWh3s8i"
-            }
-        ],
-        "proof": [
-          {
-            "type": "DataIntegrityProof",
-            "cryptosuite": "eddsa-jcs-2022",
-            "proofPurpose": "authentication",
-            "verificationMethod": "did:key:⚠️#⚠️",
-            "created": "⚠️",
-            "expires": "⚠️",
-            "domain": "server.docker.localhost",
-            "challenge": "⚠️",
-            "proofValue": "z3GBx56nXZDead55EXi85tLyeXiS2oTa3SEkQYtgiqGANE6k4GxZXFNs1Uh7tdAA2tsgo8HarkZs8YrCwuA8biQaj"
-          }
-        ]
-    },
-  "options": {
-    "type": "DataIntegrityProof",
-    "cryptosuite": "eddsa-jcs-2022",
-    "proofPurpose": "authentication",
-    "verificationMethod": "did:key:z6MkgKA7yrw5kYSiDuQFcye4bMaJpcfHFry3Bx45pdWh3s8i#z6MkgKA7yrw5kYSiDuQFcye4bMaJpcfHFry3Bx45pdWh3s8i ",
-    "created": "⚠️",
-    "expires": "⚠️",
-    "domain": "server.docker.localhost",
-    "challenge": "⚠️"
-  }
-}
+
+```bash
+# http://issuer.docker.localhost/api/doc#/wallet/post_wallet_di_add_proof
+
+# Change verificationMethod to the proof options
+ENDORSER_KEY='z6MkgKA7yrw5kYSiDuQFcye4bMaJpcfHFry3Bx45pdWh3s8i'
+ENDORSER_VERIFICATION_METHOD="did:key:$ENDORSER_KEY#$ENDORSER_KEY"
+ENDORSER_PROOF_OPTIONS=$(jq '. += {"verificationMethod": "'"$ENDORSER_VERIFICATION_METHOD"'"}' <<< "$PROOF_OPTIONS")
+
+# Construct the payload for the request
+PAYLOAD=$(cat <<EOF 
+{"document": $SIGNED_DID_DOC, "options": $ENDORSER_PROOF_OPTIONS}
+EOF
+)
+
+# Request a signature on the did document
+ENDORSED_DID_DOC=$(curl -X 'POST' -H Host:agent.docker.localhost \
+  -H 'Content-Type: application/json' \
+  'http://127.0.0.1/vc/di/add-proof' \
+  -d ''"$PAYLOAD"'' | jq .securedDocument)
+
 ```
 
 ## Send the request back to the server
@@ -200,8 +125,32 @@ If you completed the steps properly and within 10 minutes, your DID will now be
 
 If you get an error, try restarting the demo using the `./manage restart` command.
 
+```bash
+# Construct the payload for the request
+PAYLOAD=$(cat <<EOF 
+{"didDocument": $ENDORSED_DID_DOC}
+EOF
+)
+
+# Request a signature on the did document
+curl -X 'POST' -H Host:server.docker.localhost \
+  -H 'Content-Type: application/json' \
+  'http://127.0.0.1/' \
+  -d ''"$PAYLOAD"'' | jq .
+
+```
 
 ## Resolve (locally) your new DID
 ```bash
 curl -H Host:server.docker.localhost http://127.0.0.1/demo/issuer/did.json | jq .
 ```
+
+## Initialise the DID Log
+
+```bash
+LOG_ENTRY=$(curl -H Host:server.docker.localhost http://127.0.0.1/demo/issuer | jq .logEntry)
+PAYLOAD=$(cat <<EOF 
+{"document": $LOG_ENTRY, "options": $CONTROLLER_PROOF_OPTIONS}
+EOF
+)
+```
diff --git a/demo/register.sh b/demo/register.sh
@@ -0,0 +1,79 @@
+#! /bin/bash
+
+DID_REQUEST=$(curl -H Host:server.docker.localhost \
+    'http://127.0.0.1?namespace=demo&identifier=issuer' | jq .)
+
+DID_DOCUMENT=$(echo $DID_REQUEST | jq .didDocument)
+PROOF_OPTIONS=$(echo $DID_REQUEST | jq .proofOptions)
+UPDATE_KEY=$(curl -X 'POST' -H Host:agent.docker.localhost \
+  'http://127.0.0.1/wallet/keys' \
+  -d '{}' | jq -r .multikey)
+CONTROLLER_VERIFICATION_METHOD="did:key:$UPDATE_KEY#$UPDATE_KEY"
+
+# Add verificationMethod to the proof options
+CONTROLLER_PROOF_OPTIONS=$(jq '. += {"verificationMethod": "'"$CONTROLLER_VERIFICATION_METHOD"'"}' <<< "$PROOF_OPTIONS")
+
+# Construct the payload for the request
+PAYLOAD=$(cat <<EOF 
+{"document": $DID_DOCUMENT, "options": $CONTROLLER_PROOF_OPTIONS}
+EOF
+)
+
+# Request a signature on the did document
+SIGNED_DID_DOC=$(curl -X 'POST' -H Host:agent.docker.localhost \
+  -H 'Content-Type: application/json' \
+  'http://127.0.0.1/vc/di/add-proof' \
+  -d ''"$PAYLOAD"'' | jq .securedDocument)
+
+ENDORSER_KEY='z6MkgKA7yrw5kYSiDuQFcye4bMaJpcfHFry3Bx45pdWh3s8i'
+ENDORSER_VERIFICATION_METHOD="did:key:$ENDORSER_KEY#$ENDORSER_KEY"
+ENDORSER_PROOF_OPTIONS=$(jq '. += {"verificationMethod": "'"$ENDORSER_VERIFICATION_METHOD"'"}' <<< "$PROOF_OPTIONS")
+
+# Construct the payload for the request
+PAYLOAD=$(cat <<EOF 
+{"document": $SIGNED_DID_DOC, "options": $ENDORSER_PROOF_OPTIONS}
+EOF
+)
+
+# Request a signature on the did document
+ENDORSED_DID_DOC=$(curl -X 'POST' -H Host:agent.docker.localhost \
+  -H 'Content-Type: application/json' \
+  'http://127.0.0.1/vc/di/add-proof' \
+  -d ''"$PAYLOAD"'' | jq .securedDocument)
+
+# Construct the payload for the request
+PAYLOAD=$(cat <<EOF 
+{"didDocument": $ENDORSED_DID_DOC}
+EOF
+)
+
+# Request a signature on the did document
+curl -X 'POST' -H Host:server.docker.localhost \
+  -H 'Content-Type: application/json' \
+  'http://127.0.0.1/' \
+  -d ''"$PAYLOAD"'' | jq .
+
+
+curl -H Host:server.docker.localhost http://127.0.0.1/demo/issuer/did.json | jq .
+
+LOG_ENTRY=$(curl -H Host:server.docker.localhost http://127.0.0.1/demo/issuer | jq .logEntry)
+CONTROLLER_PROOF_OPTIONS=$(jq 'del(.challenge)' <<< "$CONTROLLER_PROOF_OPTIONS")
+CONTROLLER_PROOF_OPTIONS=$(jq 'del(.domain)' <<< "$CONTROLLER_PROOF_OPTIONS")
+CONTROLLER_PROOF_OPTIONS=$(jq 'del(.expires)' <<< "$CONTROLLER_PROOF_OPTIONS")
+PAYLOAD=$(cat <<EOF 
+{"document": $LOG_ENTRY, "options": $CONTROLLER_PROOF_OPTIONS}
+EOF
+)
+SIGNED_LOG_ENTRY=$(curl -X 'POST' -H Host:agent.docker.localhost \
+  -H 'Content-Type: application/json' \
+  'http://127.0.0.1/vc/di/add-proof' \
+  -d ''"$PAYLOAD"'' | jq .securedDocument)
+
+PAYLOAD=$(cat <<EOF 
+{"logEntry": $SIGNED_LOG_ENTRY}
+EOF
+)
+curl -X 'POST' -H Host:server.docker.localhost \
+  -H 'Content-Type: application/json' \
+  'http://127.0.0.1/demo/issuer' \
+  -d ''"$PAYLOAD"'' | jq .
diff --git a/server/app/__init__.py b/server/app/__init__.py
@@ -1,6 +1,6 @@
 from fastapi import FastAPI, APIRouter
 from fastapi.responses import JSONResponse
-from app.routers import identifiers, resolvers
+from app.routers import identifiers
 from config import settings
 
 app = FastAPI(title=settings.PROJECT_TITLE, version=settings.PROJECT_VERSION)
@@ -14,6 +14,5 @@ async def server_status():
 
 
 api_router.include_router(identifiers.router)
-api_router.include_router(resolvers.router)
 
 app.include_router(api_router)
diff --git a/server/app/models/did_document.py b/server/app/models/did_document.py
@@ -139,4 +139,4 @@ def id_validator(cls, value):
 
 
 class SecuredDidDocument(DidDocument):
-    proof: Union[DataIntegrityProof, List[DataIntegrityProof]] = Field(None)
+    proof: Union[DataIntegrityProof, List[DataIntegrityProof]] = Field()
Original file line number	Diff line number	Diff line change
Expand Up		@@ -139,4 +139,4 @@ def id_validator(cls, value):


		class SecuredDidDocument(DidDocument):
		proof: Union[DataIntegrityProof, List[DataIntegrityProof]] = Field(None)
		proof: Union[DataIntegrityProof, List[DataIntegrityProof]] = Field()