registar dids as organization

This commit is contained in:
Cayo Puigdefabregas 2024-02-23 16:50:31 +01:00
parent 365c58d87a
commit a290b2e45c
4 changed files with 42 additions and 13 deletions

View file

@ -781,7 +781,6 @@ class DidRegisterView(Credentials, CreateView):
object = None
def form_valid(self, form):
form.instance.user = self.request.user
form.instance.set_did()
form.save()
messages.success(self.request, _('DID created successfully'))

View file

@ -16,6 +16,7 @@ from utils.idhub_ssikit import (
webdid_from_controller_key,
verify_credential,
)
from oidc4vp.models import Organization
from idhub_auth.models import User
@ -442,18 +443,24 @@ class DID(models.Model):
# JSON-serialized DID document
didweb_document = models.TextField()
def get_key_material(self):
return self.user.decrypt_data(self.key_material)
def set_key_material(self, value):
self.key_material = self.user.encrypt_data(value)
@property
def is_organization_did(self):
if not self.user:
return True
return False
def get_key_material(self):
user = self.user or self.get_organization()
return user.decrypt_data(self.key_material)
def set_key_material(self, value):
# import pdb; pdb.set_trace()
user = self.user or self.get_organization()
if not user.encrypted_sensitive_data:
user.set_encrypted_sensitive_data()
user.save()
self.key_material = user.encrypt_data(value)
def set_did(self):
new_key_material = generate_did_controller_key()
self.set_key_material(new_key_material)
@ -468,6 +475,9 @@ class DID(models.Model):
def get_key(self):
return json.loads(self.key_material)
def get_organization(self):
return Organization.objects.get(name=settings.ORGANIZATION)
class Schemas(models.Model):
type = models.CharField(max_length=250)
file_schema = models.CharField(max_length=250)

View file

@ -145,17 +145,19 @@ class User(AbstractBaseUser):
self.encrypted_sensitive_data = key_crypted
def encrypt_data(self, data):
sb = self.get_secret_box()
pw = self.decrypt_sensitive_data()
sb = self.get_secret_box(pw)
value_enc = sb.encrypt(data.encode('utf-8'))
return base64.b64encode(value_enc).decode('utf-8')
def decrypt_data(self, data):
sb = self.get_secret_box()
pw = self.decrypt_sensitive_data()
sb = self.get_secret_box(pw)
value = base64.b64decode(data.encode('utf-8'))
return sb.decrypt(value).decode('utf-8')
def get_secret_box(self):
sb_key = self.derive_key_from_password()
def get_secret_box(self, password):
sb_key = self.derive_key_from_password(password)
return secret.SecretBox(sb_key)
def change_password_key(self, new_password):

View file

@ -69,8 +69,8 @@ class Organization(models.Model):
help_text=_("Url where to send the verificable presentation"),
max_length=250
)
encrypted_sensitive_data = models.CharField(max_length=255)
salt = models.CharField(max_length=255)
encrypted_sensitive_data = models.CharField(max_length=255, default=None, null=True)
salt = models.CharField(max_length=255, default=None, null=True)
def send(self, vp, code):
"""
@ -131,6 +131,8 @@ class Organization(models.Model):
return base64.b64encode(sb.encrypt(data)).decode('utf-8')
def get_salt(self):
if not self.salt:
return ''
return base64.b64decode(self.salt.encode('utf-8'))
def set_salt(self):
@ -146,6 +148,22 @@ class Organization(models.Model):
key_crypted = self.encrypt_sensitive_data(key)
self.encrypted_sensitive_data = key_crypted
def encrypt_data(self, data):
pw = self.decrypt_sensitive_data()
sb = self.get_secret_box(pw)
value_enc = sb.encrypt(data.encode('utf-8'))
return base64.b64encode(value_enc).decode('utf-8')
def decrypt_data(self, data):
pw = self.decrypt_sensitive_data()
sb = self.get_secret_box(pw)
value = base64.b64decode(data.encode('utf-8'))
return sb.decrypt(value).decode('utf-8')
def get_secret_box(self, password):
sb_key = self.derive_key_from_password(password)
return secret.SecretBox(sb_key)
def change_password_key(self, new_password):
data = self.decrypt_sensitive_data()
sb_key = self.derive_key_from_password(new_password)