fix: x5c login request now also creates wallet

walt-id · Sep 13, 2024 · 416c2a0 · 416c2a0
1 parent c61d3dc
commit 416c2a0
Show file tree

Hide file tree

Showing 2 changed files with 32 additions and 4 deletions.
diff --git a/waltid-services/waltid-e2e-tests/src/test/kotlin/AuthApi.kt b/waltid-services/waltid-e2e-tests/src/test/kotlin/AuthApi.kt
@@ -206,6 +206,34 @@ class AuthApi(private val client: HttpClient) {
             )
         }
 
+        private suspend fun checkX5CLoginCreatesWallet() = test(
+            name = "/wallet-api/auth/x5c/login - validate wallet api x5c login with trustworthy subject certificate also creates wallet"
+        ) {
+            var tempClient = E2ETest.testHttpClient()
+            val keyPair = keyPairGenerator.generateKeyPair()
+            val dn = X500Name("CN=YeSubject")
+            val cert = PKIXUtils.generateSubjectCertificate(
+                rootCAPrivateKey,
+                keyPair.public,
+                nonExpiredValidFrom,
+                nonExpiredValidTo,
+                rootCADistinguishedName,
+                dn,
+            )
+            val jwkPrivateKey = PKIXUtils.javaPrivateKeyToJWKKey(keyPair.private)
+            Companion.login(
+                client = tempClient,
+                name = "/wallet-api/auth/x5c/login - wallet api x5c login with trustworthy subject certificate",
+                url = "/wallet-api/auth/x5c/login",
+                request = createX5CAccountRequest(jwkPrivateKey, cert)
+            ) {
+                tempClient = E2ETest.testHttpClient(token = it["token"]!!.jsonPrimitive.content)
+            }
+            val response = tempClient.get("/wallet-api/wallet/accounts/wallets").expectSuccess()
+            val accWalletListing = response.body<AccountWalletListing>()
+            assert( accWalletListing.wallets.isNotEmpty())
+        }
+
         suspend fun executeTestCases() {
             //register with a subject certificate that is signed by the trusted root CA
             Companion.register(
@@ -242,6 +270,7 @@ class AuthApi(private val client: HttpClient) {
                     setBody(createX5CAccountRequest(subjectJWKPrivateKey, nonTrustworthySubjectCert))
                 }.expectFailure()
             }
+            checkX5CLoginCreatesWallet()
         }
     }
 

diff --git a/...id-wallet-api/src/main/kotlin/id/walt/webwallet/service/account/x5c/X5CAccountStrategy.kt b/...id-wallet-api/src/main/kotlin/id/walt/webwallet/service/account/x5c/X5CAccountStrategy.kt
@@ -19,7 +19,7 @@ import kotlinx.uuid.generateUUID
 import org.jetbrains.exposed.sql.insert
 import org.jetbrains.exposed.sql.transactions.transaction
 
-object X5CAccountStrategy: PasswordlessAccountStrategy<X5CAccountRequest>() {
+object X5CAccountStrategy : PasswordlessAccountStrategy<X5CAccountRequest>() {
 
     private val x5cValidator = X5CValidator(ConfigManager.getConfig<TrustedCAConfig>().certificates)
 
@@ -40,9 +40,8 @@ object X5CAccountStrategy: PasswordlessAccountStrategy<X5CAccountRequest>() {
     override suspend fun authenticate(tenant: String, request: X5CAccountRequest): AuthenticatedUser {
         val thumbprint = validate(request.token)
 
-        val registeredUserId = AccountsService.getAccountByX5CId(tenant, thumbprint)?.id ?: transaction {
-            addAccount(tenant, thumbprint)
-        }
+        val registeredUserId = AccountsService.getAccountByX5CId(tenant, thumbprint)?.id ?:
+        AccountsService.register(tenant, request).getOrThrow().id
 
         return X5CAuthenticatedUser(registeredUserId)
     }