Add match_payload method to Envelope #11
Conversation
match_payload method checks for the payoad if deserializes into the provided class type. This method is essential in order to add DSSE compatibility in in_toto. This method will provide interface similar to current in_toto's Metablock property `_type`. Which is used at various places in in_toto project to identify type of the payload. Note: This type is not payload_type of DSSE envelope. Signed-off-by: Pradyumna Krishna <git@onpy.in>
| except exceptions.DeserializationError: | ||
| return False | ||
| else: | ||
| return True |
There was a problem hiding this comment.
Why not look at self.payload_type to know which class to deserialize into?
There was a problem hiding this comment.
ITE-5 suggests that in-toto will have metadata with payload_type=application/vnd.in-toto+json and in-toto has payloads that can further classified into two types, Link and Layout.
Also, This method is common with in-toto Metablock which has only two types either link or layout.
There was a problem hiding this comment.
Oh, right, thanks for the reminder. Still, it seems unnecessary to fully deserialize the payload twice, given that we know exactly what we expect.
There was a problem hiding this comment.
Oh, right, thanks for the reminder. Still, it seems unnecessary to fully deserialize the payload twice, given that we know exactly what we expect.
I am open to other solution to this problem. There is only one case where payload was deserialized twice in a row.
There was a problem hiding this comment.
There is only one case where payload was deserialized twice in a row.
We still deserialize the full object to extract a single field, and then throw away the object even if we still need it.
I am open to other solution to this problem.
I'd like to use a similar pattern as in Metablock.from_dict. It also doesn't need to be passed a Layout or Link class in order to deserialize the passed data into its signed field, because it knows that the passed data must have a _type field, whose value must be either link or layout, so it can during deserialization just call Link.from_dict or Layout.from_dict.
And the exact same thing applies to an Envelope when in the in-toto context. The problem is that Envelope does not only exist in the in-toto context. So we need to find a way to register an in-toto specific payload parsing for a generic Envelope class. I have to think about how to best do this.
|
|
Description of the changes being introduced by the pull request:
match_payload method checks for the payoad if deserializes into
the provided class type. This method is essential in order to
add DSSE compatibility in in_toto.
This method will provide interface similar to current in_toto's
Metablock property
_type. Which is used at various places inin_toto project to identify type of the payload.
Please verify and check that the pull request fulfils the following requirements: