Merge branch 'auth-agent' of https://github.com/credebl/afj-controller …

…into auth-agent

Signed-off-by: ankita_patidar <ankita.patidar@ayanworks.com>

docker-compose.yml

@@ -11,8 +11,8 @@ services:
       # also possible to set values using json
       - ./samples/cliConfig.json:/config.json
     ports:
-      - '6001:6001'
-      - '6002:6002'
+      - '4001:4001'
+      - '4002:4002'
       - '3001:3001'
     # platform: linux/amd64
     # or via command line arguments

package.json

@@ -53,6 +53,7 @@
     "body-parser": "^1.20.0",
     "cors": "^2.8.5",
     "express": "^4.18.1",
+    "express-rate-limit": "^7.1.5",
     "jsonwebtoken": "^9.0.2",
     "node-fetch": "^2.6.7",
     "reflect-metadata": "^0.1.13",

src/cliAgent.ts

@@ -21,6 +21,7 @@ import {
   Agent,
 } from '@aries-framework/core'
 import { agentDependencies, HttpInboundTransport, WsInboundTransport } from '@aries-framework/node'
+
 import { readFile } from 'fs/promises'
 
 import { setupServer } from './server'
@@ -278,7 +279,7 @@ export async function runRestAgent(restConfig: AriesRestConfig) {
   const genericRecord = await agent.genericRecords.getAll();
 
   const recordsWithToken = genericRecord.some(record => record?.content?.token);
-  if (genericRecord.length === 0 || recordsWithToken === false) {
+  if (!genericRecord.length || !recordsWithToken) {
 
     async function generateSecretKey(length: number = 32): Promise<string> {
       try {
@@ -308,6 +309,12 @@ export async function runRestAgent(restConfig: AriesRestConfig) {
     const secretKeyInfo: string = await generateSecretKey();
     // Check if the secretKey already exist in the genericRecords
 
+    // if already exist - then don't generate the secret key again
+    // Check if the JWT token already available in genericRecords - if yes, and also don't generate the JWT token
+    // instead use the existin JWT token
+    // if JWT token is not found, create/generate a new token and save in genericRecords
+    // next time, the same token should be used - instead of creating a new token on every restart event of the agent
+
     // if already exist - then don't generate the secret key again
     // Check if the JWT token already available in genericRecords - if yes, and also don't generate the JWT token
     // instead use the existin JWT token

src/controllers/credentials/SchemaController.ts

@@ -1,8 +1,6 @@
 import type { Version } from '../examples'
-import { AnonCredsError, AnonCredsApi, getUnqualifiedSchemaId, parseIndySchemaId } from '@aries-framework/anoncreds'
-// import { LedgerError } from '@aries-framework/core/build/modules/ledger/error/LedgerError'
-// import { isIndyError } from '@aries-framework/core/build/utils/indyError'
 
+import { AnonCredsError, getUnqualifiedSchemaId, parseIndySchemaId } from '@aries-framework/anoncreds'
 import { Agent, AriesFrameworkError } from '@aries-framework/core'
 import { injectable } from 'tsyringe'
 

src/controllers/proofs/ProofController.ts

@@ -183,7 +183,7 @@ export class ProofController extends Controller {
         handshakeProtocols: [HandshakeProtocol.Connections],
         messages: [proofMessage],
         autoAcceptConnection: true,
-        multiUseInvitation: true
+        multiUseInvitation: true,
       })
 
       return {
@@ -194,6 +194,13 @@ export class ProofController extends Controller {
           useDidSovPrefixWhereAllowed: this.agent.config.useDidSovPrefixWhereAllowed,
         }),
         outOfBandRecord: outOfBandRecord.toJSON(),
+        proofId: proof.proofRecord.id,
+        proofThreadId: proof.proofRecord.threadId,
+        agentId: proof.message.thread?.threadId
+          ? proof.message.thread.threadId
+          : proof.message.threadId
+          ? proof.message.threadId
+          : proof.message.id,
       }
     } catch (error) {
       return internalServerError(500, { message: `something went wrong: ${error}` })

src/controllers/types.ts

@@ -25,11 +25,10 @@ import type {
   AgentMessage,
   Routing,
   Attachment,
-  KeyType
+  KeyType,
 } from '@aries-framework/core'
 import type { DIDDocument } from 'did-resolver'
 
-
 export type TenantConfig = Pick<InitConfig, 'label' | 'connectionImageUrl'> & {
   walletConfig: Pick<WalletConfig, 'id' | 'key' | 'keyDerivationMethod'>
 }
@@ -288,7 +287,7 @@ export interface ResolvedDid {
 }
 
 export interface DidCreate {
-  keyType?:KeyType
+  keyType?: KeyType
   seed: string
   domain?: string
   method?: string

src/server.ts

@@ -17,6 +17,8 @@ import { proofEvents } from './events/ProofEvents'
 import { RegisterRoutes } from './routes/routes'
 import { setDynamicApiKey } from './authentication'
 import { SecurityMiddleware } from './securityMiddleware'
+import { rateLimit } from 'express-rate-limit';
+import { maxRateLimit, windowMs } from './utils/util'
 
 export const setupServer = async (agent: Agent, config: ServerConfig, apiKey?: string) => {
   container.registerInstance(Agent, agent)
@@ -45,6 +47,14 @@ export const setupServer = async (agent: Agent, config: ServerConfig, apiKey?: s
     return res.send(generateHTML(await import('./routes/swagger.json')))
   })
 
+  const limiter = rateLimit({
+    windowMs, // 1 second
+    max: maxRateLimit, // max 800 requests per second
+  });
+
+  // apply rate limiter to all requests
+  app.use(limiter);
+
   const securityMiddleware = new SecurityMiddleware();
   app.use(securityMiddleware.use);
   RegisterRoutes(app)

src/utils/util.ts

@@ -154,3 +154,6 @@ export const SOVRIN_STAGING_NET = `{"reqSignature":{},"txn":{"data":{"data":{"al
 const protocol = `http`
 export const BCOVRIN_REGISTER_URL = `${protocol}://test.bcovrin.vonx.io/register`
 export const INDICIO_NYM_URL = 'https://selfserve.indiciotech.io/nym'
+
+export const windowMs = 1000
+export const maxRateLimit = 800