feat: relocation of ctype config #78
Conversation
There was a problem hiding this comment.
Mostly nice. Makes it easier.
Not so happy with the comments (code explainers) though. They are important because this is an educational project.
Support for both chains would also be nice, or at least say that by default it only works with SocialKYC on Peregrine.
| // Here you can set which type of credential (cType) your dApp will request users to login. | ||
| // You can change it by importing a different one. | ||
| // The default is the Email CType by SocialKYC and SocialKYC as the Issuer | ||
| // Establish which cTypes our dApp accepts and which attesters we trust: | ||
|
|
There was a problem hiding this comment.
I think that all this comments could go inside the variable explainer (docs) from requestedCTypeForLogin. Maybe a bit more structured and explaining how to change the imports.
| const trustedAttestersValues = TRUSTED_ATTESTERS.split(',') | ||
| const requiredPropertiesValues = REQUIRED_PROPERTIES.split(',') | ||
|
|
||
| const requiredProperties = requiredPropertiesValues.map( | ||
| (requiredProperties) => requiredProperties | ||
| ) | ||
|
|
||
| const trustedAttesters = trustedAttestersValues.map( | ||
| (trustedAttesters) => trustedAttesters as Kilt.DidUri | ||
| ) |
There was a problem hiding this comment.
| const trustedAttestersValues = TRUSTED_ATTESTERS.split(',') | |
| const requiredPropertiesValues = REQUIRED_PROPERTIES.split(',') | |
| const requiredProperties = requiredPropertiesValues.map( | |
| (requiredProperties) => requiredProperties | |
| ) | |
| const trustedAttesters = trustedAttestersValues.map( | |
| (trustedAttesters) => trustedAttesters as Kilt.DidUri | |
| ) | |
| const trustedAttesters = TRUSTED_ATTESTERS.split(',') as Kilt.DidUri[] | |
| const requiredProperties = REQUIRED_PROPERTIES.split(',') |
| const trustedAttestersValues = TRUSTED_ATTESTERS.split(',') | ||
| const requiredPropertiesValues = REQUIRED_PROPERTIES.split(',') | ||
|
|
||
| const requiredProperties = requiredPropertiesValues.map( |
There was a problem hiding this comment.
What is this snippet of code doing exactly?
There was a problem hiding this comment.
This comment still not addressed.
There was a problem hiding this comment.
it was a experimental change to accept more than one TRUSTED_ATTESTERS which separated by a comma
| const trustedAttesters = TRUSTED_ATTESTERS.split(',').map((s)=> { | ||
| const trimmed = s.trim() | ||
| Kilt.Did.validateUri(trimmed) | ||
| return trimmed as Kilt.DidUri | ||
| }) | ||
| const requiredProperties = REQUIRED_PROPERTIES.split(',').map((s)=> s.trim()) |
There was a problem hiding this comment.
Please use variable names that describe the variable.
Maybe didUri and property?
| // Here you can set which type of credential (cType) your dApp will request users to login. | ||
| // You can change it by importing a different one. | ||
| // Establish which cTypes our dApp accepts and which attesters we trust: |
There was a problem hiding this comment.
I would replace this by adding an explainer (docs) to the variable cTypeToRequest.
Maybe something like this:
/** Establish which type of credential (cType) our dApp will request users to login,
* which properties are necessary and which attesters we trust.
*
* This is defined by the constants imported from the config.
* Modify the `env`-file to adapt it to your liking.
*/
export const cTypeToRequest: Kilt.IRequestCredentialContent = {
There was a problem hiding this comment.
Please add this and rename the variable to be in plural.
There was a problem hiding this comment.
Done at: 4868513
There was a problem hiding this comment.
This file does not include the cTypeRequest. The request is prepare on buildCredentialRequest.
Please, rename this file to cTypeToRequest.
There was a problem hiding this comment.
Can you please do this? 🙏
There was a problem hiding this comment.
Now in plural cTypesToRequest
There was a problem hiding this comment.
Done at: 4868513
backend/src/access/login.ts
Outdated
| // Check if any properties have been provided. If not, log in as 'Anonymous User'. | ||
| // If any property exists, send the object's first value as 'authenticationToken' | ||
| // to ensure login with any 'ctype'. |
There was a problem hiding this comment.
Ideally, authenticationToken does not have the plain user info, but rather something only the server can identify. How authentification tokens are made changes from website to website. Because we did not want to prescribe people how to do it, we took the simplest approach (some plain user info) and encourage people customize it afterwards.
| // Check if any properties have been provided. If not, log in as 'Anonymous User'. | |
| // If any property exists, send the object's first value as 'authenticationToken' | |
| // to ensure login with any 'ctype'. | |
| // Check if any properties have been provided. If not, send 'Anonymous User' to display on the frontend. | |
| // If any property exists, send object's first attribute value, | |
| // ensuring compatibility with any 'cType'. |
There was a problem hiding this comment.
Done at: 4fe1b4e
README.md
Outdated
| @@ -129,6 +129,23 @@ The following variables are required: | |||
| - `DAPP_DID_URI` = _This is the URI of the Kilt DID that identifies your dApp_ | |||
| - `DAPP_NAME` = _This should be a custom name for your dApp_ | |||
| - `JWT_SIGNER_SECRET` = _This is secret key (string) that signs the Json-Web-Tokens before saving them in the Cookies_ | |||
| - `CTYPE_HASH` = _This is type of credential (CType) your dApp will request from users for login_ | |||
| - `TRUSTED_ATTESTERS` = _This is the DID that identifies the attestors whose attestations are accepted_ | |||
There was a problem hiding this comment.
| - `TRUSTED_ATTESTERS` = _This is the DID that identifies the attestors whose attestations are accepted_ | |
| - `TRUSTED_ATTESTERS` = _This is a list of attesters DIDs (c.s.v.`,`). Only credentials issued by them will be considered valid_ |
There was a problem hiding this comment.
Done at: 4fe1b4e
README.md
Outdated
| @@ -129,6 +129,23 @@ The following variables are required: | |||
| - `DAPP_DID_URI` = _This is the URI of the Kilt DID that identifies your dApp_ | |||
| - `DAPP_NAME` = _This should be a custom name for your dApp_ | |||
| - `JWT_SIGNER_SECRET` = _This is secret key (string) that signs the Json-Web-Tokens before saving them in the Cookies_ | |||
| - `CTYPE_HASH` = _This is type of credential (CType) your dApp will request from users for login_ | |||
| - `TRUSTED_ATTESTERS` = _This is the DID that identifies the attestors whose attestations are accepted_ | |||
| - `REQUIRED_PROPERTIES` = _These are the required properties that identify the CType_ | |||
There was a problem hiding this comment.
| - `REQUIRED_PROPERTIES` = _These are the required properties that identify the CType_ | |
| - `REQUIRED_PROPERTIES` = _This is a subset of CType properties (c.s.v.`,`) required to be exposed on credential presentation_ |
This properties do not define the CType. They are just the properties out of the CType that we are asking for.
There was a problem hiding this comment.
Done at: 4fe1b4e
README.md
Outdated
|
|
||
| To proceed, you may select the desired credential through the CType Environment Variables listed below, allowing you to tailor the authentication process to your needs. | ||
|
|
||
| | Socail KYC | CTYPE_HASH | TRUSTED_ATTESTERS(spiritnet) | TRUSTED_ATTESTERS(peregrine) | REQUIRED_PROPERTIES | |
There was a problem hiding this comment.
The whole table just has some useful information about some recommended cTypes. I would give it an according description and also a title (via ###on markdown). Maybe "Info about example/recommended cTypes" or something like that.
Please, also signalise somehow that we only recommend SocialKYC and the types of credentials it issues.
This is also a good place to explain why the cType-hash is the same for both chains.
The first row is not great. The first column should be "Title", not "SocialKYC".
Both TRUSTED_ATTESTERS(spiritnet) and TRUSTED_ATTESTERS(peregrine) should rather be SocialKYC on Spiritnet or on SocialKYC on Peregrine.
Maybe you can first list the two SocialKYC DIDs and then add references to them on the table. Then you can leave the title Trusted Attesters. That would be more fitting, if later we decide to add an external attester to this list.
You will have to make them subtitles to be able to reference them, like this:
####SocialKYC on the Production: did:kilt:...
And then inside the table (prod. SYKC)[#SocialKYC on the Production]
And on the properties column is maybe better to include all properties and let them decide. This would make the "required" part false. But the columns name really don't need to be the name of the CONSTANTS.
There was a problem hiding this comment.
Done at: 4fe1b4e
README.md
Outdated
| @@ -129,6 +129,23 @@ The following variables are required: | |||
| - `DAPP_DID_URI` = _This is the URI of the Kilt DID that identifies your dApp_ | |||
| - `DAPP_NAME` = _This should be a custom name for your dApp_ | |||
| - `JWT_SIGNER_SECRET` = _This is secret key (string) that signs the Json-Web-Tokens before saving them in the Cookies_ | |||
| - `CTYPE_HASH` = _This is type of credential (CType) your dApp will request from users for login_ | |||
| - `TRUSTED_ATTESTERS` = _This is the DID that identifies the attestors whose attestations are accepted_ | |||
There was a problem hiding this comment.
Done at: 4fe1b4e
README.md
Outdated
| @@ -129,6 +129,23 @@ The following variables are required: | |||
| - `DAPP_DID_URI` = _This is the URI of the Kilt DID that identifies your dApp_ | |||
| - `DAPP_NAME` = _This should be a custom name for your dApp_ | |||
| - `JWT_SIGNER_SECRET` = _This is secret key (string) that signs the Json-Web-Tokens before saving them in the Cookies_ | |||
| - `CTYPE_HASH` = _This is type of credential (CType) your dApp will request from users for login_ | |||
| - `TRUSTED_ATTESTERS` = _This is the DID that identifies the attestors whose attestations are accepted_ | |||
| - `REQUIRED_PROPERTIES` = _These are the required properties that identify the CType_ | |||
There was a problem hiding this comment.
Done at: 4fe1b4e
README.md
Outdated
|
|
||
| To proceed, you may select the desired credential through the CType Environment Variables listed below, allowing you to tailor the authentication process to your needs. | ||
|
|
||
| | Socail KYC | CTYPE_HASH | TRUSTED_ATTESTERS(spiritnet) | TRUSTED_ATTESTERS(peregrine) | REQUIRED_PROPERTIES | |
There was a problem hiding this comment.
Done at: 4fe1b4e
backend/src/access/login.ts
Outdated
| // Check if any properties have been provided. If not, log in as 'Anonymous User'. | ||
| // If any property exists, send the object's first value as 'authenticationToken' | ||
| // to ensure login with any 'ctype'. |
There was a problem hiding this comment.
Done at: 4fe1b4e
This is resolved at: 8c89cc8 |
README.md
Outdated
| - `CTYPE_HASH` = _This is the type of credential (CType) your dApp will request from users for login. If you want to specify more than one CType, you can do so by adding a '/' sign between them_ | ||
| - `TRUSTED_ATTESTERS` = _This is a list of attester DIDs (CSV, separated by ','). Only credentials issued by these attesters will be considered valid. If you are using more than one CType, you can specify the trusted attesters by adding a '/' sign between them_ | ||
| - `REQUIRED_PROPERTIES` = _This is a subset of CType properties (CSV, separated by ',') required to be exposed on credential presentation. If you are using more than one CType, you can specify the required properties by adding a '/' sign between them._ |
There was a problem hiding this comment.
Thank yo 😊 really appreciated
| // Here you can set which type of credential (cType) your dApp will request users to login. | ||
| // You can change it by importing a different one. | ||
| // Establish which cTypes our dApp accepts and which attesters we trust: |
There was a problem hiding this comment.
Please add this and rename the variable to be in plural.
There was a problem hiding this comment.
Now in plural cTypesToRequest
| function imploreCtypeHash() { | ||
| console.log( | ||
| 'Please provide a name for your CTYPE_HASH inside the .env file using this constant name: \n', | ||
| `CTYPE_HASH={your CType Hash}\n`, | ||
| `If you wish to use the default Email Credential settings, please add the following line to your .env file:\n`, | ||
| `CTYPE_HASH=0x3291bb126e33b4862d421bfaa1d2f272e6cdfc4f96658988fbcffea8914bd9ac\n` | ||
| ) | ||
| } |
There was a problem hiding this comment.
| function imploreCtypeHash() { | |
| console.log( | |
| 'Please provide a name for your CTYPE_HASH inside the .env file using this constant name: \n', | |
| `CTYPE_HASH={your CType Hash}\n`, | |
| `If you wish to use the default Email Credential settings, please add the following line to your .env file:\n`, | |
| `CTYPE_HASH=0x3291bb126e33b4862d421bfaa1d2f272e6cdfc4f96658988fbcffea8914bd9ac\n` | |
| ) | |
| } | |
| function imploreCtypeHash() { | |
| console.log( | |
| 'Please provide the CType Hash(es) inside the .env file using this constant name:.\n', | |
| 'Your dApp will only accept credentials of this given Claim Type(s).', | |
| `CTYPE_HASH={CType IDs your dApp consider valid}\n`, | |
| `If you wish to use the default Email Credential settings, please add the following line to your .env file:\n`, | |
| `CTYPE_HASH=0x3291bb126e33b4862d421bfaa1d2f272e6cdfc4f96658988fbcffea8914bd9ac\n` | |
| ) | |
| } |
There was a problem hiding this comment.
Done at: 4868513
| function imploreTrustedAttesters() { | ||
| console.log( | ||
| 'Please provide a list for your Trusted Attesters inside the .env file using this constant name: \n', | ||
| `TRUSTED_ATTESTERS={lists of trusted attesters}\n`, | ||
| `If you wish to use the default Email Credential settings, please add the following line to your .env file:\n`, | ||
| `TRUSTED_ATTESTERS=did:kilt:4pehddkhEanexVTTzWAtrrfo2R7xPnePpuiJLC7shQU894aY\n` | ||
| ) | ||
| } |
There was a problem hiding this comment.
| function imploreTrustedAttesters() { | |
| console.log( | |
| 'Please provide a list for your Trusted Attesters inside the .env file using this constant name: \n', | |
| `TRUSTED_ATTESTERS={lists of trusted attesters}\n`, | |
| `If you wish to use the default Email Credential settings, please add the following line to your .env file:\n`, | |
| `TRUSTED_ATTESTERS=did:kilt:4pehddkhEanexVTTzWAtrrfo2R7xPnePpuiJLC7shQU894aY\n` | |
| ) | |
| } | |
| function imploreTrustedAttesters() { | |
| console.log( | |
| 'Please provide a list for your Trusted Attesters inside the .env file using this constant name: \n', | |
| 'Your dApp will only accept credentials issued by one of this attesters.', | |
| `TRUSTED_ATTESTERS={lists of trusted attesters}\n`, | |
| `If you wish to use the default and accept Credentials issued by SocialKYC.io on Peregrine, please add the following line to your .env file:\n`, | |
| `TRUSTED_ATTESTERS=did:kilt:4pehddkhEanexVTTzWAtrrfo2R7xPnePpuiJLC7shQU894aY\n` | |
| ) | |
| } |
There was a problem hiding this comment.
Done at: 4868513
| function imploreRequestedProperties() { | ||
| console.log( | ||
| 'Please provide a list for your Requested Properties inside the .env file using this constant name: \n', | ||
| `REQUIRED_PROPERTIES={lists of Requested Properties}\n`, | ||
| `If you wish to use the default Email Credential settings, please add the following line to your .env file:\n`, | ||
| `REQUIRED_PROPERTIES=Email\n` | ||
| ) | ||
| } |
There was a problem hiding this comment.
| function imploreRequestedProperties() { | |
| console.log( | |
| 'Please provide a list for your Requested Properties inside the .env file using this constant name: \n', | |
| `REQUIRED_PROPERTIES={lists of Requested Properties}\n`, | |
| `If you wish to use the default Email Credential settings, please add the following line to your .env file:\n`, | |
| `REQUIRED_PROPERTIES=Email\n` | |
| ) | |
| } | |
| function imploreRequestedProperties() { | |
| console.log( | |
| 'Please provide a list of Required Properties inside the .env file using this constant name: \n', | |
| `REQUIRED_PROPERTIES={lists of Properties users should be Required to disclose}\n`, | |
| `If you wish to use the default Email Credential settings, please add the following line to your .env file:\n`, | |
| `REQUIRED_PROPERTIES=Email\n` | |
| ) | |
| } |
There was a problem hiding this comment.
Done at: 4868513
README.md
Outdated
| #### SocialKYC on Spiritnet: did:kilt:4pnfkRn5UurBJTW92d9TaVLR2CqJdY4z5HPjrEbpGyBykare | ||
|
|
||
| #### SocialKYC on Peregrine: did:kilt:4pehddkhEanexVTTzWAtrrfo2R7xPnePpuiJLC7shQU894aY |
There was a problem hiding this comment.
The title and the content need to be on different lines. Right now the links on the table do not work.
There was a problem hiding this comment.
You can also add the links from the websites here, e.g. https://test.socialkyc.io and https://socialkyc.io
There was a problem hiding this comment.
Done at: 4868513
README.md
Outdated
| @@ -129,6 +122,33 @@ The following variables are required: | |||
| - `DAPP_DID_URI` = _This is the URI of the Kilt DID that identifies your dApp_ | |||
| - `DAPP_NAME` = _This should be a custom name for your dApp_ | |||
| - `JWT_SIGNER_SECRET` = _This is secret key (string) that signs the Json-Web-Tokens before saving them in the Cookies_ | |||
| - `CTYPE_HASH` = _This is the type of credential (CType) your dApp will request from users for login. If you want to specify more than one CType, you can do so by adding a '/' sign between them_ | |||
| - `TRUSTED_ATTESTERS` = _This is a list of attester DIDs (CSV, separated by ','). Only credentials issued by these attesters will be considered valid. If you are using more than one CType, you can specify the trusted attesters by adding a '/' sign between them_ | |||
There was a problem hiding this comment.
| - `TRUSTED_ATTESTERS` = _This is a list of attester DIDs (CSV, separated by ','). Only credentials issued by these attesters will be considered valid. If you are using more than one CType, you can specify the trusted attesters by adding a '/' sign between them_ | |
| - `TRUSTED_ATTESTERS` = _This is a list of attester DIDs (CSV, separated by ','). Only credentials issued by these attesters will be considered valid. If you are using more than one CType, indicate the groups of trusted attesters by respectively separating them with a '/' sign._ |
Do it similarly for the REQUIRED_PROPERTIES
There was a problem hiding this comment.
Done at: 4868513
README.md
Outdated
| @@ -129,6 +122,33 @@ The following variables are required: | |||
| - `DAPP_DID_URI` = _This is the URI of the Kilt DID that identifies your dApp_ | |||
| - `DAPP_NAME` = _This should be a custom name for your dApp_ | |||
| - `JWT_SIGNER_SECRET` = _This is secret key (string) that signs the Json-Web-Tokens before saving them in the Cookies_ | |||
| - `CTYPE_HASH` = _This is the type of credential (CType) your dApp will request from users for login. If you want to specify more than one CType, you can do so by adding a '/' sign between them_ | |||
| - `TRUSTED_ATTESTERS` = _This is a list of attester DIDs (CSV, separated by ','). Only credentials issued by these attesters will be considered valid. If you are using more than one CType, you can specify the trusted attesters by adding a '/' sign between them_ | |||
There was a problem hiding this comment.
Done at: 4868513
There was a problem hiding this comment.
Done at: 4868513
| // Here you can set which type of credential (cType) your dApp will request users to login. | ||
| // You can change it by importing a different one. | ||
| // Establish which cTypes our dApp accepts and which attesters we trust: |
There was a problem hiding this comment.
Done at: 4868513
| function imploreCtypeHash() { | ||
| console.log( | ||
| 'Please provide a name for your CTYPE_HASH inside the .env file using this constant name: \n', | ||
| `CTYPE_HASH={your CType Hash}\n`, | ||
| `If you wish to use the default Email Credential settings, please add the following line to your .env file:\n`, | ||
| `CTYPE_HASH=0x3291bb126e33b4862d421bfaa1d2f272e6cdfc4f96658988fbcffea8914bd9ac\n` | ||
| ) | ||
| } |
There was a problem hiding this comment.
Done at: 4868513
| function imploreTrustedAttesters() { | ||
| console.log( | ||
| 'Please provide a list for your Trusted Attesters inside the .env file using this constant name: \n', | ||
| `TRUSTED_ATTESTERS={lists of trusted attesters}\n`, | ||
| `If you wish to use the default Email Credential settings, please add the following line to your .env file:\n`, | ||
| `TRUSTED_ATTESTERS=did:kilt:4pehddkhEanexVTTzWAtrrfo2R7xPnePpuiJLC7shQU894aY\n` | ||
| ) | ||
| } |
There was a problem hiding this comment.
Done at: 4868513
| function imploreRequestedProperties() { | ||
| console.log( | ||
| 'Please provide a list for your Requested Properties inside the .env file using this constant name: \n', | ||
| `REQUIRED_PROPERTIES={lists of Requested Properties}\n`, | ||
| `If you wish to use the default Email Credential settings, please add the following line to your .env file:\n`, | ||
| `REQUIRED_PROPERTIES=Email\n` | ||
| ) | ||
| } |
There was a problem hiding this comment.
Done at: 4868513
fixes KILTProtocol/ticket#2911
The 'Ctype Hash' and 'Attester DID' have been moved to the .env file. Additionally, if a user does not specify one, it will automatically use the email ctype. A new ticket has been opened to list valid Ctype hashes in the readme.md file. See Ticket #3103.
How to test:
Please provide a brief step-by-step instruction.
If necessary provide information about dependencies (specific configuration, branches, database dumps, etc.)
Checklist: