From 5b159b467852246d07c46c3a9f35500f11ebc7d5 Mon Sep 17 00:00:00 2001 From: Krishna Waske Date: Tue, 12 Aug 2025 14:02:33 +0530 Subject: [PATCH 1/5] fix: agent tenant auth health (#300) * fix: auto-generate files Signed-off-by: Krishna Waske * fix: auth with tenant scopes Signed-off-by: Krishna Waske --------- Signed-off-by: Krishna Waske --- src/authentication.ts | 4 ++-- src/routes/routes.ts | 4 ++-- src/routes/swagger.json | 6 ++++-- 3 files changed, 8 insertions(+), 6 deletions(-) diff --git a/src/authentication.ts b/src/authentication.ts index 01207fa1..c9004794 100644 --- a/src/authentication.ts +++ b/src/authentication.ts @@ -97,8 +97,8 @@ export async function expressAuthentication(request: Request, securityName: stri } if (role === AgentRole.RestTenantAgent) { // Logic if the token is of tenant agent - if (scopes && scopes?.includes(SCOPES.MULTITENANT_BASE_AGENT)) { - logger.debug('Tenants cannot manage tenants') + if (scopes && !scopes?.includes(SCOPES.TENANT_AGENT)) { + logger.debug('Tenants cannot access this route') return Promise.reject(new StatusException(ErrorMessages.Unauthorized, 401)) } else { // Auth: tenant agent diff --git a/src/routes/routes.ts b/src/routes/routes.ts index 62c08949..2a30e20a 100644 --- a/src/routes/routes.ts +++ b/src/routes/routes.ts @@ -1464,7 +1464,7 @@ export function RegisterRoutes(app: Router) { const argsPolygon_createKeyPair: Record = { }; app.post('/polygon/create-keys', - authenticateMiddleware([{"jwt":["tenant","dedicated"]}]), + authenticateMiddleware([{"jwt":["tenant","dedicated","Basewallet"]}]), ...(fetchMiddlewares(Polygon)), ...(fetchMiddlewares(Polygon.prototype.createKeyPair)), @@ -1538,7 +1538,7 @@ export function RegisterRoutes(app: Router) { estimateTransactionRequest: {"in":"body","name":"estimateTransactionRequest","required":true,"ref":"DidOperationOptions"}, }; app.post('/polygon/estimate-transaction', - authenticateMiddleware([{"jwt":["tenant","dedicated"]}]), + authenticateMiddleware([{"jwt":["tenant","dedicated","Basewallet"]}]), ...(fetchMiddlewares(Polygon)), ...(fetchMiddlewares(Polygon.prototype.estimateTransaction)), diff --git a/src/routes/swagger.json b/src/routes/swagger.json index 44bce21e..b1ae2ef3 100644 --- a/src/routes/swagger.json +++ b/src/routes/swagger.json @@ -3335,7 +3335,8 @@ { "jwt": [ "tenant", - "dedicated" + "dedicated", + "Basewallet" ] } ], @@ -3417,7 +3418,8 @@ { "jwt": [ "tenant", - "dedicated" + "dedicated", + "Basewallet" ] } ], From eabc7789f872b485cb36c2a8081dd5c19c56ad36 Mon Sep 17 00:00:00 2001 From: sujitaw Date: Fri, 29 Aug 2025 13:09:27 +0530 Subject: [PATCH 2/5] fix: Non wallet badge issuance error due to datatype check on api (#306) * fix/non wallet badge issuance error Signed-off-by: Sujit * fix/suggested change for type any to be replaced with unknown Signed-off-by: Sujit --------- Signed-off-by: Sujit --- src/controllers/agent/AgentController.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/controllers/agent/AgentController.ts b/src/controllers/agent/AgentController.ts index fc23310d..3c8b4fa9 100644 --- a/src/controllers/agent/AgentController.ts +++ b/src/controllers/agent/AgentController.ts @@ -118,7 +118,7 @@ export class AgentController extends Controller { @Request() request: Req, @Query('storeCredential') storeCredential: boolean, @Query('dataTypeToSign') dataTypeToSign: 'rawData' | 'jsonLd', - @Body() data: CustomW3cJsonLdSignCredentialOptions | SignDataOptions, + @Body() data: CustomW3cJsonLdSignCredentialOptions | SignDataOptions | unknown, ) { try { // JSON-LD VC Signing From c7daf19b6f8b984f87e0b763524163846f091572 Mon Sep 17 00:00:00 2001 From: sujitaw Date: Mon, 1 Sep 2025 21:23:12 +0530 Subject: [PATCH 3/5] fix/verify credentials api Signed-off-by: sujitaw --- src/controllers/agent/AgentController.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/controllers/agent/AgentController.ts b/src/controllers/agent/AgentController.ts index 3c8b4fa9..4c6218a2 100644 --- a/src/controllers/agent/AgentController.ts +++ b/src/controllers/agent/AgentController.ts @@ -178,7 +178,7 @@ export class AgentController extends Controller { @Post('/credential/verify') public async verifyCredential( @Request() request: Req, - @Body() credentialToVerify: SafeW3cJsonLdVerifyCredentialOptions, + @Body() credentialToVerify: SafeW3cJsonLdVerifyCredentialOptions | any, ) { try { const { credential, ...credentialOptions } = credentialToVerify From a2dd44e9d5630e4dbcfdf5c3a79a0601366cef4f Mon Sep 17 00:00:00 2001 From: sujitaw Date: Mon, 1 Sep 2025 22:10:36 +0530 Subject: [PATCH 4/5] fix/verify credentials api (#308) Signed-off-by: sujitaw --- src/controllers/agent/AgentController.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/controllers/agent/AgentController.ts b/src/controllers/agent/AgentController.ts index 3c8b4fa9..4c6218a2 100644 --- a/src/controllers/agent/AgentController.ts +++ b/src/controllers/agent/AgentController.ts @@ -178,7 +178,7 @@ export class AgentController extends Controller { @Post('/credential/verify') public async verifyCredential( @Request() request: Req, - @Body() credentialToVerify: SafeW3cJsonLdVerifyCredentialOptions, + @Body() credentialToVerify: SafeW3cJsonLdVerifyCredentialOptions | any, ) { try { const { credential, ...credentialOptions } = credentialToVerify From aa38e9dddc03e1cd17a05ff484bc58df73433b1c Mon Sep 17 00:00:00 2001 From: sujitaw Date: Mon, 1 Sep 2025 22:55:05 +0530 Subject: [PATCH 5/5] Third-Party DCO Remediation Commit for sujitaw On behalf of sujitaw , I, sujitaw , hereby add my Signed-off-by to this commit: eabc7789f872b485cb36c2a8081dd5c19c56ad36 Signed-off-by: sujitaw --- src/controllers/agent/AgentController.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/controllers/agent/AgentController.ts b/src/controllers/agent/AgentController.ts index 4c6218a2..cb203190 100644 --- a/src/controllers/agent/AgentController.ts +++ b/src/controllers/agent/AgentController.ts @@ -160,7 +160,7 @@ export class AgentController extends Controller { } if (!keyToUse) { - throw new Error('Unable to construct signing key.') + throw new Error('Unable to construct signing key. ') } const signature = await request.agent.context.wallet.sign({