Refactored all uses of DID.key_material

2023-12-01 07:01:51 +01:00 · 2023-12-01 07:01:51 +01:00 · 20f40b43d0
parent 37dc8335a7
commit 20f40b43d0
4 changed files with 17 additions and 8 deletions
--- a/idhub/admin/views.py
+++ b/idhub/admin/views.py
@ -645,7 +645,7 @@ class DidRegisterView(Credentials, CreateView):

    def form_valid(self, form):
        form.instance.user = self.request.user
-        form.instance.set_did()
+        form.instance.set_did(self.request.session)
        form.save()
        messages.success(self.request, _('DID created successfully'))
        Event.set_EV_ORG_DID_CREATED_BY_ADMIN(form.instance)
--- a/idhub/models.py
+++ b/idhub/models.py
@ -439,9 +439,16 @@ class DID(models.Model):
            return True
        return False

-    def set_did(self):
-        self.key_material = generate_did_controller_key()
-        self.did = keydid_from_controller_key(self.key_material)
+    def set_did(self, session):
+        """
+        Generates a new DID Controller Key and derives a DID from it.
+        Because DID Controller Keys are stored encrypted using a User's Sensitive Data Encryption Key,
+        this function needs to be called in the context of a request.
+        """
+        new_key_material = generate_did_controller_key()
+        self.did = keydid_from_controller_key(new_key_material)
+        self.set_key_material(new_key_material, session)
+

    # TODO: darmengo: esta funcion solo se llama desde un fichero que sube cosas a s3 (??) Preguntar a ver que hace.
    def get_key_deprecated(self):
@ -546,7 +553,7 @@ class VerificableCredential(models.Model):
        data = json.loads(self.csv_data).items()
        return data

-    def issue(self, did):
+    def issue(self, did, session):
        if self.status == self.Status.ISSUED:
            return

@ -555,7 +562,7 @@ class VerificableCredential(models.Model):
        self.issued_on = datetime.datetime.now().astimezone(pytz.utc)
        self.data = sign_credential(
            self.render(),
-            self.issuer_did.key_material
+            self.issuer_did.get_key_material(session)
        )

    def get_context(self):
--- a/idhub/user/forms.py
+++ b/idhub/user/forms.py
@ -18,6 +18,7 @@ class RequestCredentialForm(forms.Form):

    def __init__(self, *args, **kwargs):
        self.user = kwargs.pop('user', None)
+        self.session = kwargs.pop('session', None)
        super().__init__(*args, **kwargs)
        self.fields['did'].choices = [
            (x.did, x.label) for x in DID.objects.filter(user=self.user)
@ -45,7 +46,7 @@ class RequestCredentialForm(forms.Form):
        did = did[0].did
        cred = cred[0]
        try:
-            cred.issue(did)
+            cred.issue(did, self.session)
        except Exception:
            return

--- a/idhub/user/views.py
+++ b/idhub/user/views.py
@ -128,6 +128,7 @@ class CredentialsRequestView(MyWallet, FormView):
    def get_form_kwargs(self):
        kwargs = super().get_form_kwargs()
        kwargs['user'] = self.request.user
+        kwargs['session'] = self.request.session
        return kwargs
    
    def form_valid(self, form):
@ -189,7 +190,7 @@ class DidRegisterView(MyWallet, CreateView):

    def form_valid(self, form):
        form.instance.user = self.request.user
-        form.instance.set_did()
+        form.instance.set_did(self.request.session)
        form.save()
        messages.success(self.request, _('DID created successfully'))