Skip to content
GitLab
Commit 93e24c46 authored by Sietse Ringers's avatar Sietse Ringers
Browse files

feat: don't pass CredentialRequest.RevocationKey to irmaclient

parent eb7abbef
Hide whitespace changes
Inline Side-by-side
internal/servercore/handle.go
View file @ 93e24c46
......@@ -63,7 +63,20 @@ func (session *session) handleGetRequest(min, max *irma.ProtocolVersion) (irma.S
legacy.Base().ProtocolVersion = session.version
return legacy, nil
}
return session.request, nil
// In case of issuance requests, strip revocation keys from []CredentialRequest
isreq, issuing := session.request.(*irma.IssuanceRequest)
if !issuing {
return session.request, nil
}
cpy, err := copyObject(isreq)
if err != nil {
return nil, session.fail(server.ErrorUnknown, err.Error()) // TODO error type
}
for _, cred := range cpy.(*irma.IssuanceRequest).Credentials {
cred.RevocationKey = ""
}
return cpy.(*irma.IssuanceRequest), nil
}
func (session *session) handleGetStatus() (server.Status, *irma.RemoteError) {
......
internal/servercore/helpers.go
View file @ 93e24c46
......@@ -189,6 +189,18 @@ func (session *session) chooseProtocolVersion(minClient, maxClient *irma.Protoco
}
}
func copyObject(i interface{}) (interface{}, error) {
cpy := reflect.New(reflect.TypeOf(i).Elem()).Interface()
bts, err := json.Marshal(i)
if err != nil {
return nil, err
}
if err = json.Unmarshal(bts, cpy); err != nil {
return nil, err
}
return cpy, nil
}
// purgeRequest logs the request excluding any attribute values.
func purgeRequest(request irma.RequestorRequest) irma.RequestorRequest {
// We want to log as much as possible of the request, but no attribute values.
......@@ -197,9 +209,10 @@ func purgeRequest(request irma.RequestorRequest) irma.RequestorRequest {
// Ugly hack alert: the easiest way to do this seems to be to convert it to JSON and then back.
// As we do not know the precise type of request, we use reflection to create a new instance
// of the same type as request, into which we then unmarshal our copy.
cpy := reflect.New(reflect.TypeOf(request).Elem()).Interface()
bts, _ := json.Marshal(request)
_ = json.Unmarshal(bts, cpy)
cpy, err := copyObject(request)
if err != nil {
panic(err)
}
// Remove required attribute values from any attributes to be disclosed
_ = cpy.(irma.RequestorRequest).SessionRequest().Disclosure().Disclose.Iterate(
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment