fix RegistryDidResolver issues (#19)

Author: aparkersquare

src/main/kotlin/xyz/block/dap/DapResolver.kt

@@ -2,17 +2,34 @@ package xyz.block.dap
 
 import xyz.block.moneyaddress.MoneyAddress
 
-// This implements the DAP resolution process
-// See the [DAP spec](https://github.com/TBD54566975/dap#resolution)
+/**
+ * Resolves a Decentralized Agnostic Paytag (DAP).
+ * See the [DAP spec](https://github.com/TBD54566975/dap#resolution) for the resolution process.
+ *
+ * This wires together the RegistryResolver, RegistryDidResolver, and MoneyAddressResolver.
+ * The RegistryDidResolver will use the default configuration unless an instance is provided that
+ * is constructed with a block configuration override.
+ */
 class DapResolver(
-  private val registryResolver: RegistryResolver = RegistryResolver(),
-  private val registryDidResolver: RegistryDidResolver = RegistryDidResolver {},
-  private val moneyAddressResolver: MoneyAddressResolver = MoneyAddressResolver()
+  private val registryDidResolver: RegistryDidResolver = RegistryDidResolver(),
 ) {
+  private val registryResolver: RegistryResolver = RegistryResolver()
+  private val moneyAddressResolver: MoneyAddressResolver = MoneyAddressResolver()
+
+  /**
+   * Resolves the money addresses for a DAP.
+   * This does NOT verify the proof of the DID returned by the registry.
+   *
+   * @param dap the DAP to resolve
+   * @return the list of money addresses for the DAP
+   */
   fun resolveMoneyAddresses(dap: Dap): List<MoneyAddress> {
     val registryUrl = registryResolver.resolveRegistryUrl(dap)
-    val did = registryDidResolver.getDid(registryUrl, dap)
+    val did = registryDidResolver.getUnprovenDid(registryUrl, dap)
     val moneyAddresses = moneyAddressResolver.resolveMoneyAddresses(did)
     return moneyAddresses
   }
+
+  // TODO - either use the registryDidResolver.getProvenDid above, or add a method
+  // `resolveProvenMoneyAddresses` that verifies the proof of the DID returned by the registry
 }

src/main/kotlin/xyz/block/dap/RegistryDidResolver.kt

@@ -1,6 +1,6 @@
 package xyz.block.dap
 
-import com.fasterxml.jackson.annotation.JsonIgnore
+import com.fasterxml.jackson.annotation.JsonIgnoreProperties
 import io.ktor.client.HttpClient
 import io.ktor.client.engine.HttpClientEngine
 import io.ktor.client.engine.okhttp.OkHttp
@@ -24,38 +24,66 @@ import java.net.InetAddress
 import java.net.URL
 import java.net.UnknownHostException
 
-// This implements part of the DAP resolution process.
-// See [Resolver] for the full resolution process.
-// See the [DAP spec](https://github.com/TBD54566975/dap#resolution)
-class RegistryDidResolver(
-  configuration: RegistryDidResolverConfiguration
-) {
-  private val engine: HttpClientEngine = configuration.engine ?: OkHttp.create {
-    val appCache = Cache(File("cacheDir", "okhttpcache"), 10 * 1024 * 1024)
-    val bootstrapClient = OkHttpClient.Builder().cache(appCache).build()
+// This uses a modified version of the scheme used in web5-kt to provide customization
+// of the configuration (see `DidWeb`).
+// The difference is that we provide two overloaded functions for constructing the resolver,
+// which look like two overloaded constructors to the caller.
+// This is instead of a single function and the use of the `Default` companion object.
+// We also don't need to expose both a `RegistryDidResolver` and `RegistryDidResolverApi`.
 
-    val dns = DnsOverHttps.Builder()
-      .client(bootstrapClient)
-      .url("https://dns.quad9.net/dns-query".toHttpUrl())
-      .bootstrapDnsHosts(
-        InetAddress.getByName("9.9.9.9"),
-        InetAddress.getByName("149.112.112.112")
-      )
-      .build()
+/**
+ * A RegistryDidResolver with the default configuration.
+ */
+fun RegistryDidResolver(): RegistryDidResolver = RegistryDidResolver.default
 
-    val client = bootstrapClient.newBuilder().dns(dns).build()
-    preconfigured = client
-  }
+/**
+ * Constructs a RegistryDidResolver with the block configuration applied.
+ */
+fun RegistryDidResolver(
+  blockConfiguration: RegistryDidResolverConfiguration.() -> Unit
+): RegistryDidResolver {
+  val config = RegistryDidResolverConfiguration().apply(blockConfiguration)
+  return RegistryDidResolverImpl(config)
+}
 
-  private val client = HttpClient(engine) {
-    install(ContentNegotiation) {
-      jackson { mapper }
+// This allows the RegistryDidResolver to be sealed
+private class RegistryDidResolverImpl(
+  configuration: RegistryDidResolverConfiguration
+) : RegistryDidResolver(configuration)
+
+/**
+ * Given the URL for the DAP registry and a DAP, resolves the DID using the registry.
+ */
+sealed class RegistryDidResolver(
+  configuration: RegistryDidResolverConfiguration
+) {
+  companion object {
+    /**
+     * A singleton RegistryDidResolver with the default configuration
+     */
+    internal val default: RegistryDidResolver by lazy {
+      RegistryDidResolverImpl(RegistryDidResolverConfiguration())
     }
   }
 
-  private val mapper = Json.jsonMapper
+  /**
+   * Resolves the DAP using the registry, to retrieve the DID.
+   * Does NOT verify Any proof in the response from the registry.
+   */
+  fun getUnprovenDid(dapRegistryUrl: URL, dap: Dap): Did =
+    getDidWithProof(dapRegistryUrl, dap).did
 
-  fun getDid(dapRegistryUrl: URL, dap: Dap): Did {
+  /*
+  // TODO - implement proof verification of the DID returned by the registry
+  // TODO - What should this do if there is no proof?
+  fun getProvableDid(dapRegistryUrl: URL, dap: Dap): Did {
+    val didWithProof = getDidWithProof(dapRegistryUrl, dap)
+    // TODO - verify the proof using web5-kt
+    return didWithProof.did
+  }
+  */
+
+  internal fun getDidWithProof(dapRegistryUrl: URL, dap: Dap): DidWithProof {
     val fullUrl = URL("$dapRegistryUrl/daps/${dap.handle}")
 
     val resp: HttpResponse = try {
@@ -64,46 +92,86 @@ class RegistryDidResolver(
           contentType(ContentType.Application.Json)
         }
       }
-    } catch (e: UnknownHostException) {
-      throw RegistryDidResolutionException("Failed to reach DAP Registry", e)
+    } catch (e: Throwable) {
+      throw RegistryDidResolutionException("Error fetching DAP from registry", e)
     }
 
     val body = runBlocking { resp.bodyAsText() }
     if (!resp.status.isSuccess()) {
       throw RegistryDidResolutionException("Failed to read from DAP registry")
     }
-    val resolutionResponse = mapper.readValue(body, DapRegistryResolutionResponse::class.java)
-    // TODO - should we verify the proof here?
+    val resolutionResponse = try {
+      mapper.readValue(body, DapRegistryResolutionResponse::class.java)
+    } catch (e: Throwable) {
+      throw RegistryDidResolutionException("Failed to parse DAP registry response", e)
+    }
     if (resolutionResponse.did == null) {
       throw RegistryDidResolutionException("DAP registry did not return a DID")
     }
 
-    return Did.parse(resolutionResponse.did)
+    val did = try {
+      Did.parse(resolutionResponse.did)
+    } catch (e: Throwable) {
+      throw RegistryDidResolutionException("Failed to parse DID from DAP registry response", e)
+    }
+    return DidWithProof(did, resolutionResponse.proof)
+  }
+
+  private val engine: HttpClientEngine = configuration.engine ?: OkHttp.create {
+    val appCache = Cache(File("cacheDir", "okhttpcache"), 10 * 1024 * 1024)
+    val bootstrapClient = OkHttpClient.Builder().cache(appCache).build()
+
+    val dns = DnsOverHttps.Builder()
+      .client(bootstrapClient)
+      .url("https://dns.quad9.net/dns-query".toHttpUrl())
+      .bootstrapDnsHosts(
+        InetAddress.getByName("9.9.9.9"),
+        InetAddress.getByName("149.112.112.112")
+      )
+      .build()
+
+    val client = bootstrapClient.newBuilder().dns(dns).build()
+    preconfigured = client
+  }
+
+  private val client = HttpClient(engine) {
+    install(ContentNegotiation) {
+      jackson { mapper }
+    }
   }
+
+  private val mapper = Json.jsonMapper
 }
 
-class Proof(
+internal data class DidWithProof(
+  val did: Did,
+  val proof: Proof?
+)
+
+@JsonIgnoreProperties(ignoreUnknown = true)
+data class Proof(
   val id: String,
   val handle: String,
   val did: String,
   val domain: String,
   val signature: String
 )
 
-class DapRegistryResolutionResponse(
+@JsonIgnoreProperties(ignoreUnknown = true)
+data class DapRegistryResolutionResponse(
   val did: String?,
-  @JsonIgnore val proof: Proof?
+  val proof: Proof?
 )
 
+/**
+ * Configuration options for the [RegistryDidResolver].
+ *
+ * - [engine] is used to override the default ktor engine, which is [OkHttp].
+ */
 class RegistryDidResolverConfiguration internal constructor(
   var engine: HttpClientEngine? = null
 )
 
-fun RegistryDidResolver(configuration: RegistryDidResolverConfiguration.() -> Unit): RegistryDidResolver {
-  val config = RegistryDidResolverConfiguration().apply(configuration)
-  return RegistryDidResolver(config)
-}
-
 class RegistryDidResolutionException : Throwable {
   constructor(message: String, cause: Throwable?) : super(message, cause)
   constructor(message: String) : super(message)

src/test/kotlin/xyz/block/dap/RegistryDidResolverTest.kt

@@ -6,38 +6,117 @@ import io.ktor.http.HttpHeaders
 import io.ktor.http.HttpStatusCode
 import io.ktor.http.headersOf
 import io.ktor.utils.io.ByteReadChannel
+import org.junit.jupiter.api.assertThrows
 import web5.sdk.dids.didcore.Did
 import java.net.URL
-import kotlin.test.AfterTest
-import kotlin.test.BeforeTest
 import kotlin.test.Test
 import kotlin.test.assertEquals
 
 class RegistryDidResolverTest {
 
-  @BeforeTest
-  fun beforeTest() {
-  }
+  private val registryDidResolver = RegistryDidResolver { engine = mockEngine() }
 
-  @AfterTest
-  fun afterTest() {
+  @Test
+  fun testResolvingDidFromRegistryUrl() {
+    val did = registryDidResolver.getUnprovenDid(VALID_URL, VALID_DAP)
+    assertEquals(VALID_DID.toString(), did.toString())
   }
 
   @Test
-  fun testResolvingDidFromRegistryUrl() {
-    val engine = mockEngine()
-    val registryDidResolver = RegistryDidResolver { engine }
-    val did = registryDidResolver.getDid(VALID_URL, VALID_DAP)
+  fun testResolvingDidWithExtraFieldsFromRegistryUrl() {
+    val did = registryDidResolver.getUnprovenDid(VALID_URL, VALID_DAP_WITH_EXTRA_FIELDS)
     assertEquals(VALID_DID.toString(), did.toString())
   }
 
-  // TODO - tests for error cases
+  @Test
+  fun testResolvingDidWithProofFromRegistryUrl() {
+    val didWithProof = registryDidResolver.getDidWithProof(VALID_URL, VALID_DAP_WITH_PROOF)
+    assertEquals(VALID_DID.toString(), didWithProof.did.toString())
+    assertEquals(VALID_PROOF, didWithProof.proof)
+  }
+
+  @Test
+  fun testErrorsFetchingFromRegistry() {
+    val errorDaps = listOf(
+      UNKNOWN_DAP to "Error fetching DAP from registry",
+      EMPTY_RESPONSE_DAP to "DAP registry did not return a DID",
+      INVALID_RESPONSE_DAP to "Failed to parse DAP registry response",
+      INVALID_DID_DAP to "Failed to parse DID from DAP registry response",
+    )
+    errorDaps.forEach { (dap, expectedMessage) ->
+      val exception = assertThrows<RegistryDidResolutionException> {
+        registryDidResolver.getUnprovenDid(VALID_URL, dap)
+      }
+      assertEquals(expectedMessage, exception.message)
+    }
+  }
 
   private fun mockEngine() = MockEngine { request ->
     when (request.url.toString()) {
       "$VALID_URL/daps/${VALID_DAP.handle}" -> {
         respond(
-          content = ByteReadChannel("""{did: "$VALID_DID"}"""),
+          content = ByteReadChannel("""{"did": "$VALID_DID"}"""),
+          status = HttpStatusCode.OK,
+          headers = headersOf(HttpHeaders.ContentType, "application/json")
+        )
+      }
+
+      "$VALID_URL/daps/${VALID_DAP_WITH_PROOF.handle}" -> {
+        respond(
+          content = ByteReadChannel(
+            """
+            {
+              "did": "$VALID_DID",
+              "proof": {
+                "id": "${VALID_PROOF.id}",
+                "handle": "${VALID_PROOF.handle}",
+                "did": "${VALID_PROOF.did}",
+                "domain": "${VALID_PROOF.domain}",
+                "signature": "${VALID_PROOF.signature}",
+                "extra-field": "extra-field"
+              }
+            }
+            """.trimMargin()
+          ),
+          status = HttpStatusCode.OK,
+          headers = headersOf(HttpHeaders.ContentType, "application/json")
+        )
+      }
+
+      "$VALID_URL/daps/${VALID_DAP_WITH_EXTRA_FIELDS.handle}" -> {
+        respond(
+          content = ByteReadChannel(
+            """
+            {
+              "did": "$VALID_DID",
+              "extra-field": "extra-field"
+            }
+            """.trimMargin()
+          ),
+          status = HttpStatusCode.OK,
+          headers = headersOf(HttpHeaders.ContentType, "application/json")
+        )
+      }
+
+      "$VALID_URL/daps/${EMPTY_RESPONSE_DAP.handle}" -> {
+        respond(
+          content = ByteReadChannel("""{}"""),
+          status = HttpStatusCode.OK,
+          headers = headersOf(HttpHeaders.ContentType, "application/json")
+        )
+      }
+
+      "$VALID_URL/daps/${INVALID_RESPONSE_DAP.handle}" -> {
+        respond(
+          content = ByteReadChannel("""invalid-response"""),
+          status = HttpStatusCode.OK,
+          headers = headersOf(HttpHeaders.ContentType, "application/json")
+        )
+      }
+
+      "$VALID_URL/daps/${INVALID_DID_DAP.handle}" -> {
+        respond(
+          content = ByteReadChannel("""{"did": "invalid-did"}"""),
           status = HttpStatusCode.OK,
           headers = headersOf(HttpHeaders.ContentType, "application/json")
         )
@@ -50,6 +129,22 @@ class RegistryDidResolverTest {
   companion object {
     val VALID_URL = URL("https://didpay.me")
     val VALID_DAP = Dap("moegrammer", "didpay.me")
+    val VALID_DAP_WITH_PROOF = Dap("proof", "didpay.me")
+    val VALID_DAP_WITH_EXTRA_FIELDS = Dap("extra-field", "didpay.me")
+
     val VALID_DID = Did.parse("did:web:didpay.me:moegrammer")
+    val VALID_PROOF = Proof(
+      did = VALID_DID.toString(),
+      domain = "didpay.me",
+      handle = "moegrammer",
+      id = "reg_01j13n944betnsesdve4ewc9c7",
+      signature = "eyJhbGciOiJFZERTQSIsImtpZCI6ImRpZDp3ZWI6ZGlkcGF5Lm1lOm1vZWdyYW1tZXIjMCJ9.." +
+        "jD38MMEGR4q9mtupJZ_kNEI3RoqKhhBh3fpdkRUskhLIm0Mr3-5Egm0XflSxkFxyby3Mq8DhL71QImojWJQZCw",
+    )
+
+    val UNKNOWN_DAP = Dap("i-don't-know-you", "didpay.me")
+    val EMPTY_RESPONSE_DAP = Dap("empty-response", "didpay.me")
+    val INVALID_RESPONSE_DAP = Dap("invalid-response", "didpay.me")
+    val INVALID_DID_DAP = Dap("invalid-did", "didpay.me")
   }
 }