Skip to content

Commit

Permalink
fix: change order of get tlv2 credentials (#2664)
Browse files Browse the repository at this point in the history
* fix: reorder get tlv2

* refactor: add nil check
  • Loading branch information
clD11 authored Oct 16, 2024
1 parent e1fba49 commit 7df21e9
Show file tree
Hide file tree
Showing 3 changed files with 108 additions and 12 deletions.
6 changes: 3 additions & 3 deletions services/skus/datastore.go
Original file line number Diff line number Diff line change
Expand Up @@ -983,15 +983,15 @@ func (pg *Postgres) GetTLV2Creds(ctx context.Context, dbi sqlx.QueryerContext, o
order_id, item_id, issuer_id, blinded_creds, signed_creds,
batch_proof, public_key, valid_from, valid_to
FROM time_limited_v2_order_creds
WHERE order_id = $1 AND item_id = $2 AND request_id = $3 AND valid_to > now()`
WHERE order_id = $1 AND item_id = $2 AND request_id = $3`

creds := make([]TimeAwareSubIssuedCreds, 0)
if err := sqlx.SelectContext(ctx, dbi, &creds, q, ordID, itemID, reqID); err != nil {
return nil, err
return &TimeLimitedV2Creds{}, err
}

if len(creds) == 0 {
return nil, errNoTLV2Creds
return &TimeLimitedV2Creds{}, nil
}

result := &TimeLimitedV2Creds{
Expand Down
29 changes: 20 additions & 9 deletions services/skus/service.go
Original file line number Diff line number Diff line change
Expand Up @@ -1228,6 +1228,16 @@ func (s *Service) GetSingleUseCreds(ctx context.Context, orderID, itemID, reqID
//
// Browser's api_request_helper does not understand Go's nil slices, hence explicit empty slice is returned.
func (s *Service) GetTimeLimitedV2Creds(ctx context.Context, orderID, itemID, reqID uuid.UUID) ([]TimeAwareSubIssuedCreds, int, error) {
creds, err := s.Datastore.GetTLV2Creds(ctx, s.Datastore.RawDB(), orderID, itemID, reqID)
if err != nil {
return []TimeAwareSubIssuedCreds{}, http.StatusInternalServerError, fmt.Errorf("error getting credentials: %w", err)
}

// We found creds so filter active.
if creds != nil && len(creds.Credentials) > 0 {
return filterActiveCreds(creds.Credentials, time.Now().UTC()), http.StatusOK, nil
}

obmsg, err := s.Datastore.GetSigningOrderRequestOutboxByRequestID(ctx, s.Datastore.RawDB(), reqID)
if err != nil {
if errors.Is(err, sql.ErrNoRows) {
Expand All @@ -1242,21 +1252,22 @@ func (s *Service) GetTimeLimitedV2Creds(ctx context.Context, orderID, itemID, re
}

if obmsg.CompletedAt == nil {
// Get average of last 10 outbox messages duration as the retry after.
return []TimeAwareSubIssuedCreds{}, http.StatusAccepted, errSetRetryAfter
}

creds, err := s.Datastore.GetTLV2Creds(ctx, s.Datastore.RawDB(), orderID, itemID, reqID)
if err != nil {
if errors.Is(err, errNoTLV2Creds) {
// Credentials could be signed, but nothing to return as they are all expired.
return []TimeAwareSubIssuedCreds{}, http.StatusOK, nil
}
// We have neither credentials nor a signing request so return an error.
return []TimeAwareSubIssuedCreds{}, http.StatusInternalServerError, fmt.Errorf("error getting credentials: %w", err)
}

return []TimeAwareSubIssuedCreds{}, http.StatusInternalServerError, fmt.Errorf("error getting credentials: %w", err)
func filterActiveCreds(creds []TimeAwareSubIssuedCreds, now time.Time) []TimeAwareSubIssuedCreds {
act := make([]TimeAwareSubIssuedCreds, 0)
for i := range creds {
if creds[i].ValidTo.After(now) {
act = append(act, creds[i])
}
}

return creds.Credentials, http.StatusOK, nil
return act
}

// GetActiveCredentialSigningKey get the current active signing key for this merchant
Expand Down
85 changes: 85 additions & 0 deletions services/skus/service_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -293,6 +293,91 @@ func TestCreateOrderItem(t *testing.T) {
}
}

func TestFilterActiveCreds(t *testing.T) {
type tcGiven struct {
creds []TimeAwareSubIssuedCreds
now time.Time
}

type tcExpected struct {
activeCreds []TimeAwareSubIssuedCreds
}

type testCase struct {
name string
given tcGiven
exp tcExpected
}

tests := []testCase{
{
name: "valid_creds",
given: tcGiven{
creds: []TimeAwareSubIssuedCreds{
{
ValidTo: time.Date(2025, time.January, 20, 0, 0, 0, 0, time.UTC),
},
},
now: time.Now(),
},
exp: tcExpected{
activeCreds: []TimeAwareSubIssuedCreds{
{
ValidTo: time.Date(2025, time.January, 20, 0, 0, 0, 0, time.UTC),
},
},
},
},

{
name: "expired_creds",
given: tcGiven{
creds: []TimeAwareSubIssuedCreds{
{
ValidTo: time.Date(2020, time.January, 20, 0, 0, 0, 0, time.UTC),
},
},
now: time.Now(),
},
exp: tcExpected{
activeCreds: []TimeAwareSubIssuedCreds{},
},
},

{
name: "expired_and_active_mix",
given: tcGiven{
creds: []TimeAwareSubIssuedCreds{
{
ValidTo: time.Date(2020, time.January, 20, 0, 0, 0, 0, time.UTC),
},

{
ValidTo: time.Date(2025, time.January, 20, 0, 0, 0, 0, time.UTC),
},
},
now: time.Now(),
},
exp: tcExpected{
activeCreds: []TimeAwareSubIssuedCreds{
{
ValidTo: time.Date(2025, time.January, 20, 0, 0, 0, 0, time.UTC),
},
},
},
},
}

for i := range tests {
tc := tests[i]

t.Run(tc.name, func(t *testing.T) {
actual := filterActiveCreds(tc.given.creds, tc.given.now)
should.Equal(t, tc.exp.activeCreds, actual)
})
}
}

func mustDurationFromISO(v string) *time.Duration {
result, err := durationFromISO(v)
if err != nil {
Expand Down

0 comments on commit 7df21e9

Please sign in to comment.