aries-cloudagent-python icon indicating copy to clipboard operation
aries-cloudagent-python copied to clipboard

Published 20 hours ago verified publisher icon hyperledger

Anoncreds - support for anoncreds and askar wallets concurrently

Open jamshale opened this issue 11 months ago • 2 comments

Implements https://github.com/hyperledger/aries-cloudagent-python/issues/2807.

  1. Enables schema, cred_def and revocation endpoints for both askar and askar-anoncreds in multitenant mode. All anoncreds endpoints are prefixed with /anoncreds/. For some api marshmallow schema objects they were the same name as the existing objects which displayed a warning. I simply appended Anoncreds to the end of these objects that had conflicts.
  2. Returns 403 errors when using the wrong endpoints with message. I thought about trying to do something fancier like a middleware, but decided because it was only a small subset that it would be easier to just add a method to the top of the endpoints. In anoncreds some of the endpoints already had a profile type check and through a ValueError. I did handle this, but for consistency and to prevent unrelated errors I still added the profile check method to the top of the method.
  3. Prevent subwallets from being created that are a different type then the base wallet. For example, in the case of having the base wallet askar and trying to create a askar-anoncreds wallet it will throw a 403 and have a message. If the wallet type is empty is defaults to the base wallet.
  4. Prevents wallets from being started as an askar wallet and then trying to change the config to askar-anoncreds by using a similar flow as versioning. If the wallet-type record is empty and there is a version record (existing wallet) it will assume the wallet is askar. I'm still unsure if anything needs to happen with indy wallets. I'm having trouble installing the library to test.
  5. Updates integration tests and runs a few of the tests that touch most of the effected endpoints in multitenancy mode.
  6. Updates the faber agent in the demos.

Going to leave in draft state and target next release.

jamshale avatar Mar 05 '24 00:03 jamshale

4. I'm still unsure if anything needs to happen with indy wallets. I'm having trouble installing the library to test.

I don't think we need to do anything with Indy wallets, other than document that if someone is still running an Indy wallet they need to upgrade to Askar before upgrading ton AnonCreds. For multitenancy there is no "run Indy and Aksar in parallel" so they will need to upgrade all Indy tenants to Askar.

ianco avatar Mar 07 '24 17:03 ianco

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

sonarqubecloud[bot] avatar Mar 21 '24 15:03 sonarqubecloud[bot]