ARCHIVE/rippled
1
0
Fork 0
mirror of https://github.com/XRPLF/rippled.git synced 2025-12-06 17:27:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

Introduce Credentials support (XLS-70d): (#5103)

Browse Source 
Amendment:
    - Credentials
    
    New Transactions:
    - CredentialCreate
    - CredentialAccept
    - CredentialDelete
    
    Modified Transactions:
    - DepositPreauth
    - Payment
    - EscrowFinish
    - PaymentChannelClaim
    - AccountDelete
    
    New Object:
    - Credential

    Modified Object:
    - DepositPreauth
    
    API updates:
    - ledger_entry
    - account_objects
    - ledger_data
    - deposit_authorized
    
    Read full spec: https://github.com/XRPLF/XRPL-Standards/tree/master/XLS-0070d-credentials
This commit is contained in:
Olek
2024-11-06 17:05:03 -05:00
committed by GitHub
parent c5c0e70e23
commit 8e827e32ac
62 changed files with 5491 additions and 217 deletions
Download Patch File Download Diff File Expand all files Collapse all files

351
src/test/rpc/DepositAuthorized_test.cpp
View File

@@ -31,13 +31,22 @@ public:
depositAuthArgs(
jtx::Account const& source,
jtx::Account const& dest,
std::string const& ledger = "")
std::string const& ledger = "",
std::vector<std::string> const& credentials = {})
{
Json::Value args{Json::objectValue};
args[jss::source_account] = source.human();
args[jss::destination_account] = dest.human();
if (!ledger.empty())
args[jss::ledger_index] = ledger;
if (!credentials.empty())
{
auto& arr(args[jss::credentials] = Json::arrayValue);
for (auto const& s : credentials)
arr.append(s);
}
return args;
}
@@ -276,11 +285,351 @@ public:
}
}
void
checkCredentialsResponse(
Json::Value const& result,
jtx::Account const& src,
jtx::Account const& dst,
bool authorized,
std::vector<std::string> credentialIDs = {},
std::string_view error = "")
{
BEAST_EXPECT(
result[jss::status] == authorized ? jss::success : jss::error);
if (result.isMember(jss::deposit_authorized))
BEAST_EXPECT(result[jss::deposit_authorized] == authorized);
if (authorized)
BEAST_EXPECT(
result.isMember(jss::deposit_authorized) &&
(result[jss::deposit_authorized] == true));
BEAST_EXPECT(result.isMember(jss::error) == !error.empty());
if (!error.empty())
BEAST_EXPECT(result[jss::error].asString() == error);
if (authorized)
{
BEAST_EXPECT(result[jss::source_account] == src.human());
BEAST_EXPECT(result[jss::destination_account] == dst.human());
for (unsigned i = 0; i < credentialIDs.size(); ++i)
BEAST_EXPECT(result[jss::credentials][i] == credentialIDs[i]);
}
else
{
BEAST_EXPECT(result[jss::request].isObject());
auto const& request = result[jss::request];
BEAST_EXPECT(request[jss::command] == jss::deposit_authorized);
BEAST_EXPECT(request[jss::source_account] == src.human());
BEAST_EXPECT(request[jss::destination_account] == dst.human());
for (unsigned i = 0; i < credentialIDs.size(); ++i)
BEAST_EXPECT(request[jss::credentials][i] == credentialIDs[i]);
}
}
void
testCredentials()
{
using namespace jtx;
const char credType[] = "abcde";
Account const alice{"alice"};
Account const becky{"becky"};
Account const diana{"diana"};
Account const carol{"carol"};
Env env(*this);
env.fund(XRP(1000), alice, becky, carol, diana);
env.close();
// carol recognize alice
env(credentials::create(alice, carol, credType));
env.close();
// retrieve the index of the credentials
auto const jv = credentials::ledgerEntry(env, alice, carol, credType);
std::string const credIdx = jv[jss::result][jss::index].asString();
// becky sets the DepositAuth flag in the current ledger.
env(fset(becky, asfDepositAuth));
env.close();
// becky authorize any account recognized by carol to make a payment
env(deposit::authCredentials(becky, {{carol, credType}}));
env.close();
{
testcase(
"deposit_authorized with credentials failed: empty array.");
auto args = depositAuthArgs(alice, becky, "validated");
args[jss::credentials] = Json::arrayValue;
auto const jv =
env.rpc("json", "deposit_authorized", args.toStyledString());
checkCredentialsResponse(
jv[jss::result], alice, becky, false, {}, "invalidParams");
}
{
testcase(
"deposit_authorized with credentials failed: not a string "
"credentials");
auto args = depositAuthArgs(alice, becky, "validated");
args[jss::credentials] = Json::arrayValue;
args[jss::credentials].append(1);
args[jss::credentials].append(3);
auto const jv =
env.rpc("json", "deposit_authorized", args.toStyledString());
checkCredentialsResponse(
jv[jss::result], alice, becky, false, {}, "invalidParams");
}
{
testcase(
"deposit_authorized with credentials failed: not a hex string "
"credentials");
auto args = depositAuthArgs(alice, becky, "validated");
args[jss::credentials] = Json::arrayValue;
args[jss::credentials].append("hello world");
auto const jv =
env.rpc("json", "deposit_authorized", args.toStyledString());
checkCredentialsResponse(
jv[jss::result],
alice,
becky,
false,
{"hello world"},
"invalidParams");
}
{
testcase(
"deposit_authorized with credentials failed: not a credential "
"index");
auto args = depositAuthArgs(
alice,
becky,
"validated",
{"0127AB8B4B29CCDBB61AA51C0799A8A6BB80B86A9899807C11ED576AF8516"
"473"});
auto const jv =
env.rpc("json", "deposit_authorized", args.toStyledString());
checkCredentialsResponse(
jv[jss::result],
alice,
becky,
false,
{"0127AB8B4B29CCDBB61AA51C0799A8A6BB80B86A9899807C11ED576AF8516"
"473"},
"badCredentials");
}
{
testcase(
"deposit_authorized with credentials not authorized: "
"credential not accepted");
auto const jv = env.rpc(
"json",
"deposit_authorized",
depositAuthArgs(alice, becky, "validated", {credIdx})
.toStyledString());
checkCredentialsResponse(
jv[jss::result],
alice,
becky,
false,
{credIdx},
"badCredentials");
}
// alice accept credentials
env(credentials::accept(alice, carol, credType));
env.close();
{
testcase("deposit_authorized with duplicates in credentials");
auto const jv = env.rpc(
"json",
"deposit_authorized",
depositAuthArgs(alice, becky, "validated", {credIdx, credIdx})
.toStyledString());
checkCredentialsResponse(
jv[jss::result],
alice,
becky,
false,
{credIdx, credIdx},
"badCredentials");
}
{
static const std::vector<std::string> credIds = {
"18004829F915654A81B11C4AB8218D96FED67F209B58328A72314FB6EA288B"
"E4",
"28004829F915654A81B11C4AB8218D96FED67F209B58328A72314FB6EA288B"
"E4",
"38004829F915654A81B11C4AB8218D96FED67F209B58328A72314FB6EA288B"
"E4",
"48004829F915654A81B11C4AB8218D96FED67F209B58328A72314FB6EA288B"
"E4",
"58004829F915654A81B11C4AB8218D96FED67F209B58328A72314FB6EA288B"
"E4",
"68004829F915654A81B11C4AB8218D96FED67F209B58328A72314FB6EA288B"
"E4",
"78004829F915654A81B11C4AB8218D96FED67F209B58328A72314FB6EA288B"
"E4",
"88004829F915654A81B11C4AB8218D96FED67F209B58328A72314FB6EA288B"
"E4",
"98004829F915654A81B11C4AB8218D96FED67F209B58328A72314FB6EA288B"
"E4"};
assert(credIds.size() > maxCredentialsArraySize);
testcase("deposit_authorized too long credentials");
auto const jv = env.rpc(
"json",
"deposit_authorized",
depositAuthArgs(alice, becky, "validated", credIds)
.toStyledString());
checkCredentialsResponse(
jv[jss::result], alice, becky, false, credIds, "invalidParams");
}
{
testcase("deposit_authorized with credentials");
auto const jv = env.rpc(
"json",
"deposit_authorized",
depositAuthArgs(alice, becky, "validated", {credIdx})
.toStyledString());
checkCredentialsResponse(
jv[jss::result], alice, becky, true, {credIdx});
}
{
// diana recognize becky
env(credentials::create(becky, diana, credType));
env.close();
env(credentials::accept(becky, diana, credType));
env.close();
// retrieve the index of the credentials
auto jv = credentials::ledgerEntry(env, becky, diana, credType);
std::string const credBecky =
jv[jss::result][jss::index].asString();
testcase("deposit_authorized account without preauth");
jv = env.rpc(
"json",
"deposit_authorized",
depositAuthArgs(becky, alice, "validated", {credBecky})
.toStyledString());
checkCredentialsResponse(
jv[jss::result], becky, alice, true, {credBecky});
}
{
// carol recognize diana
env(credentials::create(diana, carol, credType));
env.close();
env(credentials::accept(diana, carol, credType));
env.close();
// retrieve the index of the credentials
auto jv = credentials::ledgerEntry(env, alice, carol, credType);
std::string const credDiana =
jv[jss::result][jss::index].asString();
// alice try to use credential for different account
jv = env.rpc(
"json",
"deposit_authorized",
depositAuthArgs(becky, alice, "validated", {credDiana})
.toStyledString());
checkCredentialsResponse(
jv[jss::result],
becky,
alice,
false,
{credDiana},
"badCredentials");
}
{
testcase("deposit_authorized with expired credentials");
// check expired credentials
const char credType2[] = "fghijk";
std::uint32_t const x = env.current()
->info()
.parentCloseTime.time_since_epoch()
.count() +
40;
// create credentials with expire time 40s
auto jv = credentials::create(alice, carol, credType2);
jv[sfExpiration.jsonName] = x;
env(jv);
env.close();
env(credentials::accept(alice, carol, credType2));
env.close();
jv = credentials::ledgerEntry(env, alice, carol, credType2);
std::string const credIdx2 = jv[jss::result][jss::index].asString();
// becky sets the DepositAuth flag in the current ledger.
env(fset(becky, asfDepositAuth));
env.close();
// becky authorize any account recognized by carol to make a payment
env(deposit::authCredentials(becky, {{carol, credType2}}));
env.close();
{
// this should be fine
jv = env.rpc(
"json",
"deposit_authorized",
depositAuthArgs(alice, becky, "validated", {credIdx2})
.toStyledString());
checkCredentialsResponse(
jv[jss::result], alice, becky, true, {credIdx2});
}
// increase timer by 20s
env.close();
env.close();
{
// now credentials expired
jv = env.rpc(
"json",
"deposit_authorized",
depositAuthArgs(alice, becky, "validated", {credIdx2})
.toStyledString());
checkCredentialsResponse(
jv[jss::result],
alice,
becky,
false,
{credIdx2},
"badCredentials");
}
}
}
void
run() override
{
testValid();
testErrors();
testCredentials();
}
};