feat: token mgmt and removal of duplicate routes #281
Conversation
Signed-off-by: KambleSahil3 <[email protected]> Signed-off-by: Sahil Kamble <[email protected]>
Signed-off-by: Tipu_Singh <[email protected]>
Signed-off-by: Tipu_Singh <[email protected]>
Signed-off-by: Tipu_Singh <[email protected]>
Signed-off-by: Tipu_Singh <[email protected]>
Signed-off-by: Tipu_Singh <[email protected]>
Signed-off-by: Tipu_Singh <[email protected]>
Signed-off-by: Tipu_Singh <[email protected]>
Signed-off-by: Tipu_Singh <[email protected]>
Signed-off-by: Krishna Waske <[email protected]>
Signed-off-by: Krishna Waske <[email protected]>
Signed-off-by: Krishna Waske <[email protected]>
Signed-off-by: Krishna Waske <[email protected]>
Signed-off-by: Krishna Waske <[email protected]>
Signed-off-by: Krishna Waske <[email protected]>
Signed-off-by: Krishna Waske <[email protected]>
Signed-off-by: Krishna Waske <[email protected]>
Signed-off-by: Krishna Waske <[email protected]>
Signed-off-by: Krishna Waske <[email protected]>
Signed-off-by: Krishna Waske <[email protected]>
Signed-off-by: Krishna Waske <[email protected]>
Signed-off-by: Krishna Waske <[email protected]>
|
Important Review skippedAuto reviews are disabled on base/target branches other than the default branch. Please check the settings in the CodeRabbit UI or the You can disable this status message by setting the WalkthroughThis update introduces major architectural changes focused on authentication, controller agent access, and multi-tenancy. JWT-based security replaces API key authentication, and all controllers now access the agent instance from the request context rather than via dependency injection. The MultiTenancyController is drastically simplified, exposing only tenant management endpoints. Additional improvements include enhanced error handling, session cleanup, new utility exports, and extensive dependency updates. Changes
Sequence Diagram(s)sequenceDiagram
participant Client
participant ExpressApp
participant SecurityMiddleware
participant Authentication
participant Agent
participant Controller
Client->>ExpressApp: HTTP request (with JWT or API key)
ExpressApp->>SecurityMiddleware: Passes request
SecurityMiddleware->>Authentication: (Bypassed, always calls next())
ExpressApp->>Controller: Route handler (controller)
Controller->>Agent: Access via request.agent
Controller->>Authentication: For token creation/verification (JWT endpoints)
Controller-->>Client: Response
sequenceDiagram
participant Client
participant MultiTenancyController
participant Agent
participant JWT
Client->>MultiTenancyController: POST /create-tenant
MultiTenancyController->>Agent: createTenant
MultiTenancyController->>JWT: sign token with secretKey
MultiTenancyController-->>Client: { token, tenantRecord }
Client->>MultiTenancyController: POST /get-token/:tenantId
MultiTenancyController->>Agent: getTenantById, get secretKey
MultiTenancyController->>JWT: sign token
MultiTenancyController-->>Client: { token }
Possibly related PRs
Suggested labels
Suggested reviewers
Poem
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. 🪧 TipsChatThere are 3 ways to chat with CodeRabbit:
SupportNeed help? Create a ticket on our support page for assistance with any issues or questions. Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (Invoked using PR comments)
Other keywords and placeholders
CodeRabbit Configuration File (
|
Signed-off-by: Krishna Waske <[email protected]>
Signed-off-by: Krishna Waske <[email protected]>
Signed-off-by: Krishna Waske <[email protected]>
Signed-off-by: Krishna Waske <[email protected]>
✅ Actions performedReview triggered.
|
Docstrings generation was requested by @GHkrishna. * #281 (comment) The following files were modified: * `src/authentication.ts` * `src/cli.ts` * `src/cliAgent.ts` * `src/server.ts` * `src/utils/helpers.ts`
|
Note Generated docstrings for this pull request at #285 |
|
@coderabbitai full review |
✅ Actions performedFull review triggered. |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 25
🔭 Outside diff range comments (2)
src/controllers/connections/ConnectionController.ts (1)
134-147: Secure the getInvitation endpointThe
getInvitationroute (/url/:invitationId) inConnectionController.tsis missing the JWT auth decorator while all other controller methods are protected.• File: src/controllers/connections/ConnectionController.ts
• Location: immediately above line 134, before@Get('/url/:invitationId')Suggested change:
+ @Security('jwt', [SCOPES.TENANT_AGENT, SCOPES.DEDICATED_AGENT]) @Get('/url/:invitationId') public async getInvitation(@Request() request: Req, @Path('invitationId') invitationId: string) { … }If this endpoint must remain public, please add a comment clarifying the intentional exemption.
src/cli.ts (1)
57-157: Fix code formatting to comply with Prettier rules.The code has extensive formatting issues that need to be addressed to pass CI checks.
Run Prettier to automatically fix the formatting:
npm run prettier --write src/cli.tsOr apply these manual fixes for proper indentation and spacing throughout the yargs chain.
🧹 Nitpick comments (46)
src/enums/index.ts (1)
1-1: Fix formatting issue: Add newline at end of file.The barrel file structure is good for centralized enum exports, but please address the ESLint formatting error.
-export * from './enum' +export * from './enum' +src/types/index.ts (1)
1-1: Fix formatting issue: Add newline at end of file.The barrel file structure is good for centralized type exports and supports the new request type augmentation pattern. Please address the ESLint formatting error.
-export * from './request' +export * from './request' +src/errors/index.ts (1)
2-3: LGTM! Good centralization of error exports.The addition of
ApiErrorandStatusExceptionexports helps centralize error handling modules.Fix the formatting issue by adding a newline at the end of the file:
export * from './errors' export * from './ApiError' export * from './StatusException' +src/utils/helpers.ts (2)
3-3: Consider importing randomBytes from crypto/promisesFor cleaner async code, consider using the Promise-based version of randomBytes.
-import { randomBytes } from 'crypto' +import { randomBytes } from 'crypto/promises'
10-26: Simplify the generateSecretKey function implementationThe current implementation manually wraps the callback-based randomBytes in a Promise. Consider using the Promise-based version for cleaner code.
-export async function generateSecretKey(length: number = 32): Promise<string> { - // Asynchronously generate a buffer containing random values - const buffer: Buffer = await new Promise((resolve, reject) => { - randomBytes(length, (error, buf) => { - if (error) { - reject(error) - } else { - resolve(buf) - } - }) - }) - - // Convert the buffer to a hexadecimal string - const secretKey: string = buffer.toString('hex') - - return secretKey -} +export async function generateSecretKey(length: number = 32): Promise<string> { + // Asynchronously generate a buffer containing random values + const buffer = await randomBytes(length) + + // Convert the buffer to a hexadecimal string + return buffer.toString('hex') +}Fix formatting issue
Add a newline at the end of the file to comply with Prettier formatting rules.
+src/utils/index.ts (1)
1-7: LGTM - Good organization with barrel exportsThe barrel export pattern centralizes utility imports and improves code organization. However, fix the formatting issue.
export * from './webhook' +src/errors/StatusException.ts (1)
1-8: Fix formatting issues throughout the classThe StatusException class design is good - it properly extends Error and adds a useful status property. However, there are multiple indentation issues that need to be addressed.
export class StatusException extends Error { - public status: number - - public constructor(message: string, status: number) { - super(message) - this.status = status - } - } + public status: number + + public constructor(message: string, status: number) { + super(message) + this.status = status + } +}src/utils/tsyringeTsoaIocContainer.ts (1)
6-7: Consider improving type safety while maintaining flexibilityThe changes simplify the IoC container interface and align with the broader dependency injection refactor. However, using
anyreduces type safety.Consider using a more specific type if possible:
- get: <T>(controller: any): T | Promise<T> => { + get: <T>(controller: new (...args: any[]) => T): T | Promise<T> => {This would provide better type safety while maintaining the flexibility needed for the refactored architecture.
src/enums/enum.ts (1)
75-95: Fix formatting issues in the new enums.The new enums for authentication and authorization look good and align with the JWT-based authentication refactor. However, there are formatting issues that need to be addressed.
Apply this diff to fix the formatting issues:
export enum SCOPES { UNPROTECTED = 'skip', MULTITENANT_BASE_AGENT = 'Basewallet', TENANT_AGENT = 'tenant', - DEDICATED_AGENT = 'dedicated' + DEDICATED_AGENT = 'dedicated', } +src/events/WebhookEvent.ts (1)
3-8: Fix formatting issue in function parameters.The timeout mechanism is a great improvement for preventing hanging webhook requests.
Apply this diff to fix the formatting issue:
export const sendWebhookEvent = async ( webhookUrl: string, body: Record<string, unknown>, logger: Logger, - timeoutMs = 5000 + timeoutMs = 5000, ): Promise<void> => {src/types/request.d.ts (2)
5-14: Remove commented-out code for better maintainability.These commented code blocks should be removed as they add clutter and make the code harder to maintain. If this code is needed for reference, it should be preserved in version control history.
Also applies to: 29-38
17-19: Remove unusedIAgentinterface.The
IAgentinterface is defined but not used anywhere in this file or in the type augmentation.-interface IAgent { - agent: AgentType -} -src/events/CredentialEvents.ts (1)
36-42: Fix indentation issues.The code block has incorrect indentation.
- if (record?.connectionId) { - const connectionRecord = await agent.connections.findById(record.connectionId!) - body.outOfBandId = connectionRecord?.outOfBandId - } - - const data = await agent.credentials.getFormatData(record.id) - body.credentialData = data + if (record?.connectionId) { + const connectionRecord = await agent.connections.findById(record.connectionId!) + body.outOfBandId = connectionRecord?.outOfBandId + } + + const data = await agent.credentials.getFormatData(record.id) + body.credentialData = datasrc/controllers/basic-messages/BasicMessageController.ts (2)
27-27: Fix parameter formatting.Apply prettier formatting to improve readability:
- public async getBasicMessages(@Request() request: Req, @Path('connectionId') connectionId: RecordId): Promise<BasicMessageRecord[]> { + public async getBasicMessages( + @Request() request: Req, + @Path('connectionId') connectionId: RecordId, + ): Promise<BasicMessageRecord[]> {
45-45: Fix parameter formatting.Apply prettier formatting:
- public async sendMessage(@Request() request: Req, @Path('connectionId') connectionId: RecordId, @Body() body: Record<'content', string>) { + public async sendMessage( + @Request() request: Req, + @Path('connectionId') connectionId: RecordId, + @Body() body: Record<'content', string>, + ) {src/controllers/polygon/PolygonController.ts (2)
69-69: Use optional chaining for cleaner code.Apply this improvement:
- if (reason && reason.includes('insufficient') && reason.includes('funds')) { + if (reason?.includes('insufficient') && reason.includes('funds')) {
134-134: Fix parameter formatting.Apply prettier formatting:
- public async getSchemaById(@Request() request: Req, @Path('did') did: string, @Path('schemaId') schemaId: string): Promise<unknown> { + public async getSchemaById( + @Request() request: Req, + @Path('did') did: string, + @Path('schemaId') schemaId: string, + ): Promise<unknown> {src/cliAgent.ts (4)
102-102: Ensure secure API key handling.The API key is now a required configuration parameter. Ensure it's properly secured and not hardcoded.
Consider:
- Loading API keys from environment variables or secure vaults
- Implementing API key rotation mechanisms
- Adding validation for API key strength/format
238-254: Remove commented code.Since the function has been moved to
utils/helpers, the commented code should be removed to keep the codebase clean.Delete lines 238-254.
292-295: Address the TODO about concurrent message processing.The comment indicates uncertainty about enabling concurrent DIDComm message processing. This setting could impact performance and reliability.
This setting enables parallel processing of DIDComm messages, which can improve throughput but may cause race conditions. Would you like me to:
- Research the implications of this setting
- Open an issue to track proper performance testing
- Suggest configuration based on your deployment scenario
405-418: Consider more secure storage for secret keys.Storing secret keys in generic records may not provide adequate security.
Consider:
- Using a dedicated secure storage mechanism for cryptographic keys
- Encrypting the secret key before storage
- Implementing key derivation functions (KDF) instead of storing raw keys
- Adding audit logging for key generation events
eslint.config.mjs (1)
34-34: Consider enabling explicit return types for public APIs.While disabling
explicit-function-return-typeimproves DX, consider enabling it selectively for public APIs to ensure type contracts are explicit.You could use overrides to enable it only for specific directories:
{ files: ['**/controllers/**/*.ts', '**/services/**/*.ts'], rules: { '@typescript-eslint/explicit-function-return-type': 'warn' } }src/controllers/credentials/SchemaController.ts (2)
38-39: Use optional chaining for cleaner code.Simplify the condition:
- if ( - (schemBySchemaId && - schemBySchemaId?.resolutionMetadata && - schemBySchemaId?.resolutionMetadata?.error === SchemaError.NotFound) || + if ( + schemBySchemaId?.resolutionMetadata?.error === SchemaError.NotFound ||
43-43: Format long error message.Break the long line for better readability:
- throw new NotFoundError(schemBySchemaId?.resolutionMetadata?.message || `schema details with schema id "${schemaId}" not found.`) + throw new NotFoundError( + schemBySchemaId?.resolutionMetadata?.message || + `schema details with schema id "${schemaId}" not found.` + )src/controllers/connections/ConnectionController.ts (1)
5-6: Fix import order to comply with ESLint rules.The imports should be ordered with
expressbeforetsoaand../../enumsbefore../../errorHandlingService.-import { Controller, Delete, Example, Get, Path, Post, Query, Route, Tags, Security, Request } from 'tsoa' -import { Request as Req } from 'express' +import { Request as Req } from 'express' +import { Controller, Delete, Example, Get, Path, Post, Query, Route, Tags, Security, Request } from 'tsoa'-import ErrorHandlingService from '../../errorHandlingService' -import { NotFoundError } from '../../errors' -import { ConnectionRecordExample, RecordId } from '../examples' -import { SCOPES } from '../../enums' +import { SCOPES } from '../../enums' +import ErrorHandlingService from '../../errorHandlingService' +import { NotFoundError } from '../../errors' +import { ConnectionRecordExample, RecordId } from '../examples'Also applies to: 12-12
src/controllers/question-answer/QuestionAnswerController.ts (1)
6-7: Fix import order to comply with ESLint rules.Similar to other controllers, the imports should be reordered.
-import { Body, Controller, Get, Path, Post, Route, Tags, Query, Security, Example, Request } from 'tsoa' -import { Request as Req } from 'express' +import { Request as Req } from 'express' +import { Body, Controller, Get, Path, Post, Route, Tags, Query, Security, Example, Request } from 'tsoa'-import ErrorHandlingService from '../../errorHandlingService' -import { NotFoundError } from '../../errors' -import { RecordId } from '../examples' -import { SCOPES } from '../../enums' +import { SCOPES } from '../../enums' +import ErrorHandlingService from '../../errorHandlingService' +import { NotFoundError } from '../../errors' +import { RecordId } from '../examples'Also applies to: 13-13
src/controllers/credentials/CredentialDefinitionController.ts (2)
6-7: Fix import order to comply with ESLint rules.-import { Body, Controller, Example, Get, Path, Post, Route, Tags, Security, Response, Request } from 'tsoa' -import { Request as Req } from 'express' +import { Request as Req } from 'express' +import { Body, Controller, Example, Get, Path, Post, Route, Tags, Security, Response, Request } from 'tsoa'
80-82: Fix formatting and simplify boolean normalization.- credentialDefinitionRequest.endorse = credentialDefinitionRequest.endorse - ? credentialDefinitionRequest.endorse - : false + const normalizedEndorse = Boolean(credentialDefinitionRequest.endorse)Then use
normalizedEndorseinstead ofendorsethroughout the method.src/authentication.ts (4)
13-14: Remove commented codeThe commented type definition is not being used and should be removed to keep the code clean.
-// export type AgentType = Agent<RestAgentModules> | Agent<RestMultiTenantAgentModules> | TenantAgent<RestAgentModules> -
47-48: Simplify boolean expressionThe ternary operator is unnecessary for boolean values.
- const tenancy = agent!.modules.tenants ? true : false + const tenancy = !!agent!.modules.tenants
133-134: Fix typo in error message"diabled" should be "disabled".
- return Promise.reject(new StatusException(`${ErrorMessages.Unauthorized}: Multitenant routes are diabled for dedicated agent`, 401)) + return Promise.reject(new StatusException(`${ErrorMessages.Unauthorized}: Multitenant routes are disabled for dedicated agent`, 401))
156-163: Fix string quotes for consistencyUse single quotes for consistency with the codebase style.
- cachedKey = getFromCache("secret") + cachedKey = getFromCache('secret') - setInCache("secret", cachedKey) + setInCache('secret', cachedKey)src/controllers/agent/AgentController.ts (3)
2-2: Fix long import line formattingBreak the long import statement into multiple lines for better readability.
Follow the ESLint suggestion to split imports across multiple lines.
47-49: Improve error message for missing secret keyThe error message should be more descriptive to help with debugging.
if (!secretKeyInfo) { - throw new Error('secretKeyInfo not found') + throw new Error('Secret key not found in generic records. Ensure the agent is properly initialized.') }
168-168: Fix spacing in destructuringAdd proper spacing around the destructuring assignment.
- const {credential, ...credentialOptions}= credentialToVerify + const { credential, ...credentialOptions } = credentialToVerifysrc/controllers/multi-tenancy/MultiTenancyController.ts (2)
52-58: Remove commented codeThis commented code block should be removed to keep the codebase clean. If this logic might be needed later, it should be tracked in version control history or documentation.
- // Option1: logic to use tenant's secret key to generate token for tenant - // let secretKey - // await agent.modules.tenants.withTenantAgent({ tenantId }, async (tenantAgent) => { - // const genericRecord = await tenantAgent.genericRecords.getAll() - // const records = genericRecord.find((record) => record?.content?.secretKey !== undefined) - // secretKey = records?.content.secretKey as string - // })
130-138: Remove commented code in createToken methodClean up the commented code to improve readability.
- // Option1: logic to use tenant's secret key to generate token for tenant - // key = await generateSecretKey() - // await agent.modules.tenants.withTenantAgent({ tenantId }, async (tenantAgent) => { - // tenantAgent.genericRecords.save({ - // content: { - // secretKey: key, - // }, - // }) - // })src/controllers/outofband/OutOfBandController.ts (4)
21-22: Fix import order violations.The imports are not properly ordered according to ESLint rules.
expressshould come beforetsoa, and../../enumsshould come before../../errorHandlingService.Apply this diff to fix the import order:
-import { Body, Controller, Delete, Example, Get, Path, Post, Query, Route, Tags, Security, Request } from 'tsoa' -import { Request as Req } from 'express' +import { Request as Req } from 'express' +import { Body, Controller, Delete, Example, Get, Path, Post, Query, Route, Tags, Security, Request } from 'tsoa'And for the other import:
+import { SCOPES } from '../../enums' import ErrorHandlingService from '../../errorHandlingService' import { InternalServerError, NotFoundError } from '../../errors' import { ConnectionRecordExample, outOfBandInvitationExample, outOfBandRecordExample, RecordId } from '../examples' import { AcceptInvitationConfig, ReceiveInvitationByUrlProps, ReceiveInvitationProps } from '../types' -import { SCOPES } from '../../enums'Also applies to: 29-29
46-49: Fix formatting issues in query construction.The query object construction has formatting violations according to Prettier.
Apply this diff to fix the formatting:
- const query = invitationId ? { - invitationId: invitationId - } : {} + const query = invitationId + ? { + invitationId: invitationId, + } + : {}
120-123: Improve error message for better debugging context.The error message is too generic and doesn't provide helpful context about what went wrong.
Consider providing a more descriptive error message:
if (!invitationDid) { - throw new InternalServerError('Error in creating invitationDid') + throw new InternalServerError('Failed to create invitation DID: DID creation returned undefined') }
267-267: Fix formatting violations.The method signature and the method call have formatting issues according to Prettier.
Apply this diff to fix the formatting:
- public async receiveInvitationFromUrl(@Request() request: Req, @Body() invitationRequest: ReceiveInvitationByUrlProps) { + public async receiveInvitationFromUrl( + @Request() request: Req, + @Body() invitationRequest: ReceiveInvitationByUrlProps, + ) {And for the method call:
- const { outOfBandRecord, connectionRecord } = await request.agent.oob.receiveInvitationFromUrl(invitationUrl, config) + const { outOfBandRecord, connectionRecord } = await request.agent.oob.receiveInvitationFromUrl( + invitationUrl, + config, + )Also applies to: 275-275
src/controllers/credentials/CredentialController.ts (2)
18-18: Fix import order violations.The imports are not properly ordered according to ESLint rules.
Apply this diff to fix the import order:
-import { Body, Controller, Get, Path, Post, Route, Tags, Example, Query, Security, Request } from 'tsoa' -import { Request as Req } from 'express' +import { Request as Req } from 'express' +import { Body, Controller, Get, Path, Post, Route, Tags, Example, Query, Security, Request } from 'tsoa'And:
+import { SCOPES } from '../../enums' import ErrorHandlingService from '../../errorHandlingService' import { CredentialExchangeRecordExample, RecordId } from '../examples' import { OutOfBandController } from '../outofband/OutOfBandController' import { AcceptCredentialRequestOptions, ProposeCredentialOptions, AcceptCredentialProposalOptions, CredentialOfferOptions, CreateOfferOptions, AcceptCredential, CreateOfferOobOptions, ThreadId, } from '../types' -import { SCOPES } from '../../enums'Also applies to: 34-34
149-149: Fix formatting violations in method signatures.The method signatures have formatting issues according to Prettier.
Apply this diff to fix the formatting:
- public async acceptProposal(@Request() request: Req, @Body() acceptCredentialProposal: AcceptCredentialProposalOptions) { + public async acceptProposal( + @Request() request: Req, + @Body() acceptCredentialProposal: AcceptCredentialProposalOptions, + ) {And:
- public async acceptRequest(@Request() request: Req, @Body() acceptCredentialRequestOptions: AcceptCredentialRequestOptions) { + public async acceptRequest( + @Request() request: Req, + @Body() acceptCredentialRequestOptions: AcceptCredentialRequestOptions, + ) {Also applies to: 275-275
src/controllers/did/DidController.ts (3)
16-16: Fix import order violations.The imports are not properly ordered according to ESLint rules.
Apply this diff to fix the import order:
-import { Body, Controller, Example, Get, Path, Post, Route, Tags, Security, Request } from 'tsoa' -import { Request as Req } from 'express' +import { Request as Req } from 'express' +import { Body, Controller, Example, Get, Path, Post, Route, Tags, Security, Request } from 'tsoa'And:
import { DidMethod, Network, Role, SCOPES } from '../../enums' import ErrorHandlingService from '../../errorHandlingService' import { BadRequestError, InternalServerError } from '../../errors' +import { AgentType } from '../../types' import { CreateDidResponse, Did, DidRecordExample } from '../examples' import { DidCreate } from '../types' -import { AgentType } from '../../types'Also applies to: 24-24
111-111: Use consistent error handling pattern.The error message doesn't follow the pattern used elsewhere in the codebase (using BadRequestError).
if (!createDidOptions.keyType) { - throw Error('keyType is required') + throw new BadRequestError('keyType is required') }
131-131: Remove extra whitespace.There's extra whitespace that violates Prettier formatting rules.
- }) - + }) +
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
⛔ Files ignored due to path filters (1)
yarn.lockis excluded by!**/yarn.lock,!**/*.lock
📒 Files selected for processing (50)
.eslintrc.js(0 hunks).github/workflows/continuous-delivery.yml(0 hunks).github/workflows/continuous-integration.yml(1 hunks)README.md(1 hunks)bin/afj-rest.js(1 hunks)eslint.config.mjs(1 hunks)package.json(1 hunks)patches/@credo-ts+core+0.5.1+001+initial.patch(0 hunks)patches/@credo-ts+core+0.5.15+001+message-type-for-messages.patch(2 hunks)patches/@credo-ts+core+0.5.15+004+commenting validationPresentation to avoid abandoned issue.patch(2 hunks)patches/@credo-ts+core+0.5.3+002+fix-process-problem-report.patch(0 hunks)patches/@credo-ts+core+0.5.3+006+w3c-issuance-without-holder-did-negotiaton.patch(0 hunks)samples/cliConfig.json(1 hunks)src/authentication.ts(2 hunks)src/cli.ts(5 hunks)src/cliAgent.ts(12 hunks)src/controllers/agent/AgentController.ts(1 hunks)src/controllers/basic-messages/BasicMessageController.ts(3 hunks)src/controllers/connections/ConnectionController.ts(6 hunks)src/controllers/credentials/CredentialController.ts(16 hunks)src/controllers/credentials/CredentialDefinitionController.ts(5 hunks)src/controllers/credentials/SchemaController.ts(5 hunks)src/controllers/did/DidController.ts(20 hunks)src/controllers/endorser-transaction/EndorserTransactionController.ts(9 hunks)src/controllers/multi-tenancy/MultiTenancyController.ts(1 hunks)src/controllers/outofband/OutOfBandController.ts(11 hunks)src/controllers/polygon/PolygonController.ts(6 hunks)src/controllers/proofs/ProofController.ts(16 hunks)src/controllers/question-answer/QuestionAnswerController.ts(5 hunks)src/controllers/types.ts(9 hunks)src/enums/enum.ts(1 hunks)src/enums/index.ts(1 hunks)src/errors/StatusException.ts(1 hunks)src/errors/index.ts(1 hunks)src/events/CredentialEvents.ts(2 hunks)src/events/QuestionAnswerEvents.ts(1 hunks)src/events/WebhookEvent.ts(1 hunks)src/index.ts(0 hunks)src/securityMiddleware.ts(1 hunks)src/server.ts(6 hunks)src/types/index.ts(1 hunks)src/types/request.d.ts(1 hunks)src/utils/TsyringeAdapter.ts(0 hunks)src/utils/helpers.ts(1 hunks)src/utils/index.ts(1 hunks)src/utils/logger.ts(5 hunks)src/utils/tsyringeTsoaIocContainer.ts(1 hunks)tsconfig.eslint.json(1 hunks)tsconfig.json(1 hunks)tsoa.json(1 hunks)
💤 Files with no reviewable changes (7)
- .github/workflows/continuous-delivery.yml
- src/index.ts
- src/utils/TsyringeAdapter.ts
- patches/@credo-ts+core+0.5.3+006+w3c-issuance-without-holder-did-negotiaton.patch
- .eslintrc.js
- patches/@credo-ts+core+0.5.1+001+initial.patch
- patches/@credo-ts+core+0.5.3+002+fix-process-problem-report.patch
🧰 Additional context used
🧬 Code Graph Analysis (8)
src/server.ts (5)
src/cliAgent.ts (2)
RestMultiTenantAgentModules(112-112)RestAgentModules(114-114)src/utils/ServerConfig.ts (1)
ServerConfig(4-12)src/tracer.ts (1)
otelSDK(47-51)src/routes/routes.ts (1)
RegisterRoutes(1401-3945)src/errors/ApiError.ts (1)
ApiError(1-4)
src/events/CredentialEvents.ts (1)
src/utils/ServerConfig.ts (1)
ServerConfig(4-12)
src/types/request.d.ts (1)
src/cliAgent.ts (2)
RestAgentModules(114-114)RestMultiTenantAgentModules(112-112)
src/events/WebhookEvent.ts (1)
src/utils/logger.ts (1)
error(122-124)
src/cliAgent.ts (1)
src/utils/helpers.ts (1)
generateSecretKey(10-26)
src/authentication.ts (1)
src/cliAgent.ts (2)
RestMultiTenantAgentModules(112-112)RestAgentModules(114-114)
src/controllers/question-answer/QuestionAnswerController.ts (5)
src/controllers/basic-messages/BasicMessageController.ts (1)
Tags(13-54)src/controllers/connections/ConnectionController.ts (1)
Tags(14-148)src/controllers/proofs/ProofController.ts (1)
Tags(24-287)src/controllers/credentials/CredentialController.ts (1)
Tags(36-317)src/controllers/examples.ts (1)
RecordId(20-20)
src/controllers/outofband/OutOfBandController.ts (6)
src/controllers/agent/AgentController.ts (1)
Tags(15-176)src/controllers/basic-messages/BasicMessageController.ts (1)
Tags(13-54)src/controllers/connections/ConnectionController.ts (1)
Tags(14-148)src/controllers/examples.ts (1)
RecordId(20-20)src/controllers/types.ts (5)
CreateInvitationOptions(327-341)RecipientKeyOption(372-374)ReceiveInvitationProps(195-197)ReceiveInvitationByUrlProps(199-201)AcceptInvitationConfig(203-210)src/errors/errors.ts (1)
InternalServerError(100-100)
🪛 ESLint
src/enums/index.ts
[error] 1-1: Insert ⏎
(prettier/prettier)
src/types/index.ts
[error] 1-1: Insert ⏎
(prettier/prettier)
src/errors/index.ts
[error] 3-3: Insert ⏎
(prettier/prettier)
src/errors/StatusException.ts
[error] 2-2: Delete ··
(prettier/prettier)
[error] 3-3: Delete ··
(prettier/prettier)
[error] 4-4: Delete ··
(prettier/prettier)
[error] 5-5: Replace ······ with ····
(prettier/prettier)
[error] 6-6: Delete ··
(prettier/prettier)
[error] 7-7: Delete ··
(prettier/prettier)
[error] 8-8: Delete ··
(prettier/prettier)
src/utils/index.ts
[error] 7-7: Insert ⏎
(prettier/prettier)
src/utils/helpers.ts
[error] 26-26: Insert ⏎
(prettier/prettier)
src/server.ts
[error] 38-38: Insert ,
(prettier/prettier)
[error] 41-41: Unexpected console statement.
(no-console)
[error] 94-96: Replace ⏎⏎··app.use( with ··app.use
(prettier/prettier)
[error] 97-97: Insert ··
(prettier/prettier)
[error] 98-98: Replace console.log("Clean-up·tenant·sessions·2" with ··console.log('Clean-up·tenant·sessions·2'
(prettier/prettier)
[error] 98-98: Unexpected console statement.
(no-console)
[error] 99-99: Replace ···· with ······
(prettier/prettier)
[error] 100-100: Insert ··
(prettier/prettier)
[error] 102-102: Delete )
(prettier/prettier)
src/events/CredentialEvents.ts
[error] 36-36: Delete ··
(prettier/prettier)
[error] 37-37: Delete ··
(prettier/prettier)
[error] 38-38: Delete ··
(prettier/prettier)
[error] 39-39: Delete ··
(prettier/prettier)
[error] 41-41: Delete ··
(prettier/prettier)
[error] 42-42: Delete ··
(prettier/prettier)
src/enums/enum.ts
[error] 94-94: Insert ,
(prettier/prettier)
[error] 95-95: Insert ⏎
(prettier/prettier)
src/events/WebhookEvent.ts
[error] 7-7: Insert ,
(prettier/prettier)
src/controllers/credentials/SchemaController.ts
[error] 6-6: express import should occur before import of tsoa
(import/order)
[error] 43-43: Replace schemBySchemaId?.resolutionMetadata?.message·||·schema·details·with·schema·id·"${schemaId}"·not·found.`` with ⏎··········schemBySchemaId?.resolutionMetadata?.message·||·schema·details·with·schema·id·"${schemaId}"·not·found.`,⏎········`
(prettier/prettier)
src/controllers/polygon/PolygonController.ts
[error] 9-9: express import should occur before import of fs
(import/order)
[error] 14-14: ../../enums import should occur before import of ../../errorHandlingService
(import/order)
[error] 134-134: Replace @Request()·request:·Req,·@Path('did')·did:·string,·@Path('schemaId')·schemaId:·string with ⏎····@Request()·request:·Req,⏎····@Path('did')·did:·string,⏎····@Path('schemaId')·schemaId:·string,⏎··
(prettier/prettier)
src/controllers/credentials/CredentialDefinitionController.ts
[error] 7-7: express import should occur before import of tsoa
(import/order)
[error] 81-81: Delete ··
(prettier/prettier)
[error] 82-82: Delete ··
(prettier/prettier)
src/controllers/basic-messages/BasicMessageController.ts
[error] 6-6: express import should occur before import of tsoa
(import/order)
[error] 11-11: ../../enums import should occur before import of ../../errorHandlingService
(import/order)
[error] 27-27: Replace @Request()·request:·Req,·@Path('connectionId')·connectionId:·RecordId with ⏎····@Request()·request:·Req,⏎····@Path('connectionId')·connectionId:·RecordId,⏎··
(prettier/prettier)
[error] 45-45: Replace @Request()·request:·Req,·@Path('connectionId')·connectionId:·RecordId,·@Body()·body:·Record<'content',·string> with ⏎····@Request()·request:·Req,⏎····@Path('connectionId')·connectionId:·RecordId,⏎····@Body()·body:·Record<'content',·string>,⏎··
(prettier/prettier)
src/controllers/connections/ConnectionController.ts
[error] 6-6: express import should occur before import of tsoa
(import/order)
[error] 12-12: ../../enums import should occur before import of ../../errorHandlingService
(import/order)
src/authentication.ts
[error] 52-52: Delete ;
(prettier/prettier)
[error] 53-53: Insert ·
(prettier/prettier)
[error] 57-57: 'getFromCache' was used before it was defined.
(@typescript-eslint/no-use-before-define)
[error] 57-57: Replace "secret" with 'secret'
(prettier/prettier)
[error] 58-58: Delete ····
(prettier/prettier)
[error] 59-59: Insert ·
(prettier/prettier)
[error] 63-63: Delete ····
(prettier/prettier)
[error] 66-66: Delete ····
(prettier/prettier)
[error] 78-78: Unexpected console statement.
(no-console)
[error] 78-78: Replace "Error·decoding·token" with 'Error·decoding·token'
(prettier/prettier)
[error] 81-81: Delete ····
(prettier/prettier)
[error] 93-93: Replace ·········· with ········
(prettier/prettier)
[error] 118-119: Delete ⏎
(prettier/prettier)
[error] 134-134: Replace new·StatusException(${ErrorMessages.Unauthorized}:·Multitenant·routes·are·diabled·for·dedicated·agent,·401) with ⏎············new·StatusException(⏎··············${ErrorMessages.Unauthorized}:·Multitenant·routes·are·diabled·for·dedicated·agent,⏎··············401,⏎············),⏎··········
(prettier/prettier)
[error] 152-152: Insert ,
(prettier/prettier)
[error] 154-154: Delete ;
(prettier/prettier)
[error] 156-156: 'getFromCache' was used before it was defined.
(@typescript-eslint/no-use-before-define)
[error] 156-156: Replace "secret" with 'secret'
(prettier/prettier)
[error] 163-163: 'setInCache' was used before it was defined.
(@typescript-eslint/no-use-before-define)
[error] 163-163: Replace "secret" with 'secret'
(prettier/prettier)
[error] 178-178: Delete ;
(prettier/prettier)
[error] 180-180: Delete ;
(prettier/prettier)
[error] 181-181: Delete ;
(prettier/prettier)
src/cli.ts
[error] 57-57: Insert (⏎····
(prettier/prettier)
[error] 58-58: Replace ···· with ······
(prettier/prettier)
[error] 59-59: Insert ··
(prettier/prettier)
[error] 60-60: Replace ···· with ······
(prettier/prettier)
[error] 61-61: Insert ··
(prettier/prettier)
[error] 62-62: Insert ··
(prettier/prettier)
[error] 63-63: Insert ··
(prettier/prettier)
[error] 64-64: Insert ··
(prettier/prettier)
[error] 65-65: Replace ···· with ······
(prettier/prettier)
[error] 66-66: Insert ··
(prettier/prettier)
[error] 67-67: Insert ··
(prettier/prettier)
[error] 68-68: Replace ···· with ······
(prettier/prettier)
[error] 69-69: Insert ··
(prettier/prettier)
[error] 70-70: Insert ··
(prettier/prettier)
[error] 71-71: Insert ··
(prettier/prettier)
[error] 72-72: Insert ··
(prettier/prettier)
[error] 73-73: Insert ··
(prettier/prettier)
[error] 74-74: Insert ··
(prettier/prettier)
[error] 75-75: Insert ··
(prettier/prettier)
[error] 76-76: Insert ··
(prettier/prettier)
[error] 77-77: Insert ··
(prettier/prettier)
[error] 78-78: Replace ···· with ······
(prettier/prettier)
[error] 79-79: Insert ··
(prettier/prettier)
[error] 80-80: Insert ··
(prettier/prettier)
[error] 81-81: Replace ···· with ······
(prettier/prettier)
[error] 82-82: Insert ··
(prettier/prettier)
[error] 108-108: Insert ··
(prettier/prettier)
[error] 109-109: Insert ··
(prettier/prettier)
[error] 110-110: Insert ··
(prettier/prettier)
[error] 111-111: Insert ··
(prettier/prettier)
[error] 112-112: Insert ··
(prettier/prettier)
[error] 113-113: Insert ··
(prettier/prettier)
[error] 114-114: Replace ········ with ··········
(prettier/prettier)
[error] 115-115: Insert ··
(prettier/prettier)
[error] 116-116: Insert ··
(prettier/prettier)
[error] 117-117: Insert ··
(prettier/prettier)
[error] 118-118: Insert ··
(prettier/prettier)
[error] 119-119: Insert ··
(prettier/prettier)
[error] 120-120: Insert ··
(prettier/prettier)
[error] 121-121: Insert ··
(prettier/prettier)
[error] 122-122: Insert ··
(prettier/prettier)
[error] 123-123: Insert ··
(prettier/prettier)
[error] 124-124: Replace ········ with ··········
(prettier/prettier)
[error] 125-125: Insert ··
(prettier/prettier)
[error] 126-126: Insert ··
(prettier/prettier)
[error] 127-127: Replace ·········· with ············
(prettier/prettier)
[error] 128-128: Insert ··
(prettier/prettier)
[error] 129-129: Insert ··
(prettier/prettier)
[error] 130-130: Insert ··
(prettier/prettier)
[error] 131-131: Insert ··
(prettier/prettier)
[error] 132-132: Insert ··
(prettier/prettier)
[error] 133-133: Insert ··
(prettier/prettier)
[error] 134-134: Insert ··
(prettier/prettier)
[error] 135-135: Insert ··
(prettier/prettier)
[error] 136-136: Insert ··
(prettier/prettier)
[error] 137-137: Replace ·········· with ············
(prettier/prettier)
[error] 138-138: Insert ··
(prettier/prettier)
[error] 139-139: Insert ··
(prettier/prettier)
[error] 140-140: Replace ········ with ··········
(prettier/prettier)
[error] 141-141: Insert ··
(prettier/prettier)
[error] 142-142: Insert ··
(prettier/prettier)
[error] 143-143: Insert ··
(prettier/prettier)
[error] 144-144: Insert ··
(prettier/prettier)
[error] 145-145: Insert ··
(prettier/prettier)
[error] 146-146: Insert ··
(prettier/prettier)
[error] 147-147: Insert ··
(prettier/prettier)
[error] 148-148: Insert ··
(prettier/prettier)
[error] 149-149: Insert ··
(prettier/prettier)
[error] 150-150: Replace ···· with ······
(prettier/prettier)
[error] 151-151: Insert ··
(prettier/prettier)
[error] 152-152: Insert ··
(prettier/prettier)
[error] 153-153: Replace ···· with ······
(prettier/prettier)
[error] 154-154: Insert ··
(prettier/prettier)
src/controllers/question-answer/QuestionAnswerController.ts
[error] 7-7: express import should occur before import of tsoa
(import/order)
[error] 13-13: ../../enums import should occur before import of ../../errorHandlingService
(import/order)
src/controllers/agent/AgentController.ts
[error] 2-2: Replace ·AgentInfo,·AgentToken,·CustomW3cJsonLdSignCredentialOptions,·SafeW3cJsonLdVerifyCredentialOptions,·SignDataOptions,·VerifyDataOptions· with ⏎··AgentInfo,⏎··AgentToken,⏎··CustomW3cJsonLdSignCredentialOptions,⏎··SafeW3cJsonLdVerifyCredentialOptions,⏎··SignDataOptions,⏎··VerifyDataOptions,⏎
(prettier/prettier)
[error] 4-4: Replace ·Agent,·ClaimFormat,·JsonTransformer,·Key,·TypedArrayEncoder,·W3cJsonLdSignCredentialOptions,·W3cJsonLdVerifiableCredential· with ⏎··Agent,⏎··ClaimFormat,⏎··JsonTransformer,⏎··Key,⏎··TypedArrayEncoder,⏎··W3cJsonLdSignCredentialOptions,⏎··W3cJsonLdVerifiableCredential,⏎
(prettier/prettier)
[error] 6-6: express import should occur before import of tsoa
(import/order)
[error] 7-7: jsonwebtoken import should occur before import of tsoa
(import/order)
[error] 11-11: There should be at least one empty line between import groups
(import/order)
[error] 11-11: ../../enums import should occur before import of ../../errorHandlingService
(import/order)
[error] 12-12: There should be at least one empty line between import groups
(import/order)
[error] 12-12: @credo-ts/askar/build/utils/assertAskarWallet import should occur before import of @credo-ts/core
(import/order)
[error] 19-20: Delete ⏎
(prettier/prettier)
[error] 39-39: Insert ·
(prettier/prettier)
[error] 40-40: Insert ·
(prettier/prettier)
[error] 107-107: Insert ,
(prettier/prettier)
[error] 114-114: Replace await·request.agent.w3cCredentials.signCredential(credentialData with (await·request.agent.w3cCredentials.signCredential(⏎··········credentialData,⏎········)
(prettier/prettier)
[error] 165-165: Insert ,
(prettier/prettier)
[error] 168-168: Replace credential,··...credentialOptions} with ·credential,·...credentialOptions·}·
(prettier/prettier)
[error] 169-169: Replace credentialToVerify?.credential,·W3cJsonLdVerifiableCredential with ⏎········credentialToVerify?.credential,⏎········W3cJsonLdVerifiableCredential,⏎······
(prettier/prettier)
[error] 170-170: Replace credential:·transformedCredential,·...credentialOptions with ⏎········credential:·transformedCredential,⏎········...credentialOptions,⏎······
(prettier/prettier)
src/controllers/outofband/OutOfBandController.ts
[error] 22-22: express import should occur before import of tsoa
(import/order)
[error] 29-29: ../../enums import should occur before import of ../../errorHandlingService
(import/order)
[error] 46-46: Insert ⏎·······
(prettier/prettier)
[error] 47-47: Replace ········invitationId:·invitationId with ············invitationId:·invitationId,
(prettier/prettier)
[error] 48-48: Replace } with ····}⏎·······
(prettier/prettier)
[error] 267-267: Replace @Request()·request:·Req,·@Body()·invitationRequest:·ReceiveInvitationByUrlProps with ⏎····@Request()·request:·Req,⏎····@Body()·invitationRequest:·ReceiveInvitationByUrlProps,⏎··
(prettier/prettier)
[error] 275-275: Replace invitationUrl,·config with ⏎········invitationUrl,⏎········config,⏎······
(prettier/prettier)
src/controllers/proofs/ProofController.ts
[error] 11-11: express import should occur before import of tsoa
(import/order)
[error] 22-22: ../../enums import should occur before import of ../../errorHandlingService
(import/order)
[error] 40-40: Replace threadId with ·threadId·
(prettier/prettier)
[error] 224-224: Delete ·
(prettier/prettier)
src/controllers/credentials/CredentialController.ts
[error] 18-18: express import should occur before import of tsoa
(import/order)
[error] 34-34: ../../enums import should occur before import of ../../errorHandlingService
(import/order)
[error] 149-149: Replace @Request()·request:·Req,·@Body()·acceptCredentialProposal:·AcceptCredentialProposalOptions with ⏎····@Request()·request:·Req,⏎····@Body()·acceptCredentialProposal:·AcceptCredentialProposalOptions,⏎··
(prettier/prettier)
[error] 275-275: Replace @Request()·request:·Req,·@Body()·acceptCredentialRequestOptions:·AcceptCredentialRequestOptions with ⏎····@Request()·request:·Req,⏎····@Body()·acceptCredentialRequestOptions:·AcceptCredentialRequestOptions,⏎··
(prettier/prettier)
src/controllers/endorser-transaction/EndorserTransactionController.ts
[error] 10-10: express import should occur before import of tsoa
(import/order)
[error] 17-17: ../../types import should occur before import of ../types
(import/order)
[error] 24-25: Delete ⏎
(prettier/prettier)
[error] 72-72: Delete ·
(prettier/prettier)
[error] 151-151: Delete ·
(prettier/prettier)
[error] 182-182: Insert ,
(prettier/prettier)
src/controllers/did/DidController.ts
[error] 16-16: express import should occur before import of tsoa
(import/order)
[error] 24-24: ../../types import should occur before import of ../examples
(import/order)
[error] 131-131: Delete ····
(prettier/prettier)
src/controllers/multi-tenancy/MultiTenancyController.ts
[error] 12-12: express import should occur before import of jsonwebtoken
(import/order)
[error] 18-18: ../../utils import should occur before import of ../types
(import/order)
🪛 Gitleaks (8.26.0)
samples/cliConfig.json
45-45: Uncovered a JSON Web Token, which may lead to unauthorized access to web applications and sensitive user data.
(jwt)
🪛 Biome (1.9.4)
src/server.ts
[error] 108-108: void is confusing inside a union type.
Unsafe fix: Use undefined instead.
(lint/suspicious/noConfusingVoidType)
src/controllers/credentials/SchemaController.ts
[error] 38-39: Change to an optional chain.
Unsafe fix: Change to an optional chain.
(lint/complexity/useOptionalChain)
src/controllers/polygon/PolygonController.ts
[error] 69-69: Change to an optional chain.
Unsafe fix: Change to an optional chain.
(lint/complexity/useOptionalChain)
src/authentication.ts
[error] 24-24: Change to an optional chain.
Unsafe fix: Change to an optional chain.
(lint/complexity/useOptionalChain)
[error] 48-48: Unnecessary use of boolean literals in conditional expression.
Simplify your code by directly assigning the result without using a ternary operator.
If your goal is negation, you may use the logical NOT (!) or double NOT (!!) operator for clearer and concise code.
Check for more details about NOT operator.
Unsafe fix: Remove the conditional expression with
(lint/complexity/noUselessTernary)
[error] 93-93: Change to an optional chain.
Unsafe fix: Change to an optional chain.
(lint/complexity/useOptionalChain)
[error] 147-147: Unnecessary use of boolean literals in conditional expression.
Simplify your code by directly assigning the result without using a ternary operator.
If your goal is negation, you may use the logical NOT (!) or double NOT (!!) operator for clearer and concise code.
Check for more details about NOT operator.
Unsafe fix: Remove the conditional expression with
(lint/complexity/noUselessTernary)
🪛 GitHub Check: Validate
src/controllers/polygon/PolygonController.ts
[warning] 53-53:
Unexpected any. Specify a different type
[warning] 109-109:
Unexpected any. Specify a different type
[warning] 108-108:
Unexpected any. Specify a different type
src/authentication.ts
[failure] 78-78:
Replace "Error·decoding·token" with 'Error·decoding·token'
[failure] 78-78:
Unexpected console statement
[failure] 66-66:
Delete ····
[failure] 63-63:
Delete ····
[failure] 59-59:
Insert ·
[failure] 58-58:
Delete ····
[failure] 57-57:
Replace "secret" with 'secret'
[failure] 57-57:
'getFromCache' was used before it was defined
[failure] 53-53:
Insert ·
[failure] 52-52:
Delete ;
src/controllers/agent/AgentController.ts
[warning] 165-165:
Unexpected any. Specify a different type
[warning] 107-107:
Unexpected any. Specify a different type
src/controllers/proofs/ProofController.ts
[warning] 279-279:
Unexpected any. Specify a different type
src/controllers/did/DidController.ts
[warning] 108-108:
Unexpected any. Specify a different type
[warning] 388-388:
Unexpected any. Specify a different type
🪛 GitHub Actions: Continuous Integration
src/authentication.ts
[error] 52-52: Prettier formatting error: Delete ; (prettier/prettier)
🔇 Additional comments (46)
tsconfig.json (1)
16-20: LGTM! Proper TypeScript configuration for custom types.The addition of
typeRootsconfiguration correctly enables TypeScript to recognize custom type definitions from thesrc/typesdirectory, which supports the new request type augmentation pattern used throughout the refactored controllers.patches/@credo-ts+core+0.5.15+001+message-type-for-messages.patch (2)
9-9: Consider the maintenance implications of patching third-party libraries.The addition of message type tracking for debugging is useful, but patching
@credo-ts/corecreates maintenance overhead. Consider:
- Documenting this patch requirement for future library upgrades
- Exploring if this functionality could be contributed upstream to the library
- Ensuring the patch is tested thoroughly as library updates may break it
40-40: Verify PlaintextMessage.messageType requirement consistencyWe’ve made
messageTypea required field onPlaintextMessageand updated related types and builders:• patches/@credo-ts+core+0.5.15+001+message-type-for-messages.patch
– build/types.d.ts: addedmessageType: stringtoPlaintextMessage
– build/agent/EnvelopeService.js: settingforwardMessage.messageType = message['@type']
– build/modules/routing/messages/ForwardMessage.d.ts: addedmessageTypeto options and classChecks performed:
– Searched forPlaintextMessagein*.ts/*.tsx: only found the TSOA auto-generated schema insrc/routes/routes.ts, which already includesmessageTypeas required.
– No other code paths explicitly constructPlaintextMessageobjects.Please manually verify that any custom message constructors, helper functions, or tests that instantiate or assert
PlaintextMessageinclude the newmessageTypefield to prevent runtime errors.README.md (1)
134-134: LGTM! Code style improvement.The trailing comma enhances code style consistency and makes future parameter additions cleaner.
tsconfig.eslint.json (1)
7-7: LGTM! Path alias update aligns with project renaming.The change from
afj-controller/*tocredo-controller/*is consistent with the broader refactoring effort to rename the project.samples/cliConfig.json (1)
45-45: Security concern: JWT token in configuration file.The JWT token in
fileServerTokenshould not be hardcoded in configuration files, especially those committed to version control. Consider using environment variables or secure configuration management.tsoa.json (2)
13-18: LGTM! JWT security definition properly configured.The addition of JWT security definition with bearer format is correctly structured and aligns with the broader authentication refactoring mentioned in the PR objectives.
22-22: LGTM! Path notation improvement.The change to explicit relative path notation (
./src/routes) is more precise and follows best practices for path specifications.bin/afj-rest.js (1)
2-9: LGTM! Excellent modernization to ES modules with proper error handling.The conversion from synchronous
requireto asynchronousimport()is well-implemented with:
- Proper error handling and logging
- Graceful process exit on failure
- Modern ES module patterns
This improves robustness and aligns with modern JavaScript practices.
src/events/QuestionAnswerEvents.ts (1)
32-32: LGTM - Minor formatting improvementThe trailing comma addition aligns with modern JavaScript/TypeScript formatting standards and doesn't affect functionality.
src/securityMiddleware.ts (1)
8-10: Authentication coverage confirmed across all controllers
- Every controller is protected by a
@Security('jwt', …)decorator—either at the class level (e.g. QuestionAnswerController) or on individual methods.- The only
@Security('apiKey')endpoint is/agent/token, which rightly issues JWTs.src/authentication.tsimportsjsonwebtokenand callsjwt.decode/jwt.verifywhensecurityName === 'jwt', ensuring tokens are validated.No unprotected endpoints were found.
.github/workflows/continuous-integration.yml (3)
5-7: LGTM: Branch targeting updated for dual-branch strategy.The workflow now properly targets both
mainanddevelopbranches for comprehensive CI coverage.
11-11: LGTM: Concurrency group updated to match project rebranding.The concurrency group name change from
afj-controllertocredo-controlleraligns with the project rebranding.
16-16: LGTM: Infrastructure modernization with Ubuntu 24.04 and Node.js 20.The upgrade to Ubuntu 24.04 and Node.js 20 with setup-node@v4 provides better performance and security updates.
Also applies to: 22-26
patches/@credo-ts+core+0.5.15+004+commenting validationPresentation to avoid abandoned issue.patch (2)
9-11: Critical: Bypassingps.validatePresentation()Is a Security RiskDisabling the core presentation validation in
DifPresentationExchangeProofFormatServiceeffectively allows unverified or malformed presentations to pass through, which can compromise your entire credential verification flow. Before merging, please provide:• A link or clear description of the “intermittent abandoned issue” you’re working around
• An analysis of the specific security risks introduced by skippingvalidatePresentation()
• A timeline and plan for restoring proper validation (or an alternative mitigation)Instead of commenting out this call, consider opening a tracking issue and implementing proper error handling or a fallback validator so that presentations are never fully unvalidated.
23-24: No downstream usage ofVersionStringfound; change is safe.A repository-wide search for
VersionString, version-parsing functions, and version-related imports returned no matches. Relaxing this type has no impact on existing code.src/events/WebhookEvent.ts (2)
10-12: LGTM: Robust timeout mechanism with AbortController.The AbortController implementation effectively prevents hanging webhook requests and provides better control over network operations.
Also applies to: 20-21
22-32: LGTM: Enhanced error handling with proper cleanup.The improved error handling distinguishes between abort errors and other failures, with proper timeout cleanup in the finally block. The enhanced logging will help with debugging webhook issues.
src/utils/logger.ts (1)
29-35: Constructor parameter change looks good but could be breaking.The change from
serviceNameto optionalnameparameter improves flexibility. The internal logger initialization correctly uses this parameter.Note: This is a breaking change if any external code was passing a
serviceNameparameter. Ensure all usages have been updated.src/events/CredentialEvents.ts (1)
10-42: Verify impact of removing multi-tenant support.The function signature change and removal of tenant-specific logic effectively disables multi-tenant credential event handling. This could break existing multi-tenant deployments.
Ensure this aligns with the broader architectural changes mentioned in the PR summary regarding multi-tenancy simplification.
package.json (2)
42-85: Dependency updates look comprehensive.The updates include both patch and major version bumps. Ensure thorough testing has been performed, especially for:
- JWT handling with
jsonwebtoken ^9.0.2- Express v5 migration
- OpenTelemetry updates
77-77: Good choice pinning node-fetch to v2.Pinning to version 2 avoids ESM compatibility issues that come with node-fetch v3+.
src/server.ts (2)
95-103: Excellent addition of tenant session cleanup.The middleware ensures tenant sessions are properly ended after each request, preventing memory leaks in multi-tenant scenarios. The helper function correctly checks for TenantAgent instances before attempting cleanup.
Also applies to: 140-148
123-128: Good improvement to 401 error handling.The enhanced error response provides better context by conditionally including error details while maintaining security.
src/controllers/basic-messages/BasicMessageController.ts (1)
15-15: Security enhancement looks good.The migration from API key to JWT-based authentication with specific scopes improves security granularity and aligns with the PR's token management objectives.
eslint.config.mjs (1)
1-93: Well-structured ESLint configuration.The new flat config format is properly implemented with:
- Clear separation of concerns for different file types
- Comprehensive TypeScript rules
- Proper import ordering rules
- Prettier integration
src/controllers/credentials/SchemaController.ts (2)
115-115: Good formatting fix.Adding the trailing comma improves consistency and reduces diff noise in future changes.
15-127: Consistent implementation of the new authentication pattern.The SchemaController properly implements:
- JWT-based security with appropriate scopes
- Request-scoped agent access
- Proper error handling
The refactoring aligns well with the PR's token management objectives.
src/controllers/connections/ConnectionController.ts (1)
29-148: LGTM: Clean refactor to request-scoped agent access.The refactoring from
this.agenttorequest.agentis consistent throughout all methods. The JWT security scopes[SCOPES.TENANT_AGENT, SCOPES.DEDICATED_AGENT]are appropriate for connection operations, supporting both multi-tenant and dedicated agent scenarios.src/cli.ts (2)
46-46: LGTM: apiKey option supports new authentication model.The addition of the
apiKeyconfiguration option properly integrates with the new JWT-based authentication system, allowing explicit API key specification for agent initialization.Also applies to: 151-153, 201-201
33-39: Good additions for multi-tenancy and blockchain integration.The new CLI options (
admin-port,tenancy, contract addresses, wallet connection settings) properly support the enhanced multi-tenant and blockchain features mentioned in the PR objectives.Also applies to: 144-150
src/controllers/types.ts (4)
50-53: LGTM: AgentToken interface supports JWT authentication.The new
AgentTokeninterface properly represents JWT tokens issued by the agent, aligning with the shift to JWT-based authentication throughout the system.
39-39: Good: Tenant configuration naming clarified.The rename from
TenantConfigtoCustomTenantConfigimproves clarity and avoids potential naming conflicts with framework types.Also applies to: 309-309
361-361: Version type relaxation noted.The change from imported
Versiontype tostringprovides more flexibility but reduces type constraints. Ensure this aligns with the relaxed version handling in@credo-ts/core.Also applies to: 379-379
260-260: Consider reintroducing strong typing forproofFormatsRelaxing
proofFormatstoanybypasses compile-time checks across all your request interfaces. Wherever possible, use a dedicated type (for example, the existingProofFormatPayload<…, 'createRequest'>generic or derive the parameter type from your agent API) instead ofany. This ensures better safety when handling or forwarding proof format payloads.Key locations to update in
src/controllers/types.ts:
- Line 133 (CreateProofRequestOobOptions)
- Line 249 (RequestProofOptions)
- Line 260 (RequestProofProposalOptions)
- Line 269 (AcceptProofProposal)
Example diff for
CreateProofRequestOobOptions:-export interface CreateProofRequestOobOptions { - protocolVersion: string - proofFormats: any +export interface CreateProofRequestOobOptions { + protocolVersion: string + proofFormats: ProofFormatPayload<[IndyProofFormat], 'createRequest'>You can also derive the exact type from your agent’s method signature, e.g.:
type CreateRequestFormats = Parameters<Agent['proofs']['createRequest']>[0]['proofFormats']If you intentionally need a loose type (e.g., to support dynamic plugins), please document that decision and add runtime validation where these payloads are consumed.
src/controllers/question-answer/QuestionAnswerController.ts (2)
91-91: Good practice: Renamed parameter to avoid naming conflict.Renaming the parameter from
requesttobodyin thesendAnswermethod prevents confusion with the ExpressRequestobject, improving code clarity.
17-17: LGTM: Consistent refactoring to request-scoped agent access.The controller follows the same clean refactoring pattern as other controllers, with appropriate JWT scopes and consistent use of
request.agent.modules.questionAnswerfor accessing the question-answer functionality.Also applies to: 32-116
src/controllers/credentials/CredentialDefinitionController.ts (2)
38-43: Excellent: Improved error handling with enum usage.Replacing string literals with
SchemaError.NotFoundandSchemaError.UnSupportedAnonCredsMethodenums improves type safety and maintainability.
18-18: LGTM: Consistent refactoring pattern maintained.The controller successfully follows the established pattern of JWT security with appropriate scopes and request-based agent access via
request.agent.modules.anoncreds.Also applies to: 31-142
src/controllers/endorser-transaction/EndorserTransactionController.ts (2)
58-63: Good addition for multi-tenant supportThe explicit DID import with
overwrite: trueis a good addition for supporting multi-tenant flows. This ensures the DID is properly registered in the agent's context.
135-137: Good validation for generated IDsAdding explicit checks for
schemaIdandcredentialDefinitionIdprevents silent failures and makes debugging easier.Also applies to: 186-188
src/controllers/proofs/ProofController.ts (2)
40-44: Good performance improvementUsing
findAllByQuerywith a query object is more efficient than fetching all records and filtering. Remove the commented code on line 43.let proofs = await request.agent.proofs.findAllByQuery(query) - // if (threadId) proofs = proofs.filter((p) => p.threadId === threadId)
227-227: Good fix for parameter shadowingRenaming the parameter from
requesttobodyavoids shadowing the Express request object, making the code clearer.src/controllers/outofband/OutOfBandController.ts (1)
271-274: Remove or explain commented code.The link secret creation logic is commented out without any explanation. This creates confusion about whether this functionality is still needed.
Please clarify:
- Is link secret creation no longer required for this endpoint?
- If it's temporarily disabled, add a TODO comment explaining why and when it should be re-enabled
- If it's permanently removed, delete the commented code entirely
src/controllers/did/DidController.ts (2)
411-413: Remove or explain commented code.The commented code for
privateKeyparameter creates confusion about the correct approach.Please clarify:
- Is
seednow the preferred parameter overprivateKey?- If this is a temporary change, add a TODO comment explaining the context
- If this is permanent, remove the commented code entirely
39-40: Good refactoring to request-scoped agent access.The migration from injected agent to request-scoped agent access is well implemented and consistent with the architectural changes across all controllers. This improves multi-tenancy support and request isolation.
Also applies to: 64-65, 475-478
There was a problem hiding this comment.
Actionable comments posted: 8
🔭 Outside diff range comments (2)
patches/@credo-ts+core+0.5.15+001+message-type-for-messages.patch (1)
9-9: Add null checking and consider proper property initialization.The code assigns
message['@type']toforwardMessage["messageType"]without null checking. This could cause runtime issues if the@typefield is undefined or not a string.- forwardMessage["messageType"] = message['@type']; + forwardMessage["messageType"] = message['@type'] || 'unknown';Additionally, consider initializing this property in the
ForwardMessageconstructor rather than setting it dynamically after object creation for better type safety.patches/@credo-ts+core+0.5.15+004+commenting validationPresentation to avoid abandoned issue.patch (1)
9-11: Security Risk: Temporary Validation Bypass Requires Tracking
- File:
patches/@credo-ts+core+0.5.15+004+commenting validationPresentation to avoid abandoned issue.patch
• Replace the// FIXME: Commenting validatePresentation…line with a// TODO: Re-enable validatePresentation when [UPSTREAM-ISSUE-ID] is resolvedcomment.- Open and link a dedicated tracking issue to re-enable
ps.validatePresentationonce the upstream bug is fixed.- Document this exception in your CHANGELOG or SECURITY.md to ensure it isn’t forgotten.
♻️ Duplicate comments (28)
samples/cliConfig.json (1)
46-46: Sample configuration appropriately uses placeholder API key.The addition of the "apiKey" field with a placeholder value supports the new API key authentication flow introduced in this PR. As noted in previous reviews, sample configuration files appropriately contain placeholder values like "supersecret" to demonstrate expected configuration format.
src/events/CredentialEvents.ts (1)
21-43: Remove commented-out multi-tenant code.This commented code should be removed entirely. If multi-tenant support might be needed later, use a feature flag instead of leaving commented blocks.
Apply this diff to clean up the code:
- // if (event.metadata.contextCorrelationId !== 'default') { - // await agent.modules.tenants.withTenantAgent( - // { tenantId: event.metadata.contextCorrelationId }, - // async (tenantAgent) => { - // if (record?.connectionId) { - // const connectionRecord = await tenantAgent.connections.findById(record.connectionId!) - // body.outOfBandId = connectionRecord?.outOfBandId - // } - // const data = await tenantAgent.credentials.getFormatData(record.id) - // body.credentialData = data - // }, - // ) - // } - - // if (event.metadata.contextCorrelationId === 'default') { if (record?.connectionId) { const connectionRecord = await agent.connections.findById(record.connectionId!) body.outOfBandId = connectionRecord?.outOfBandId } const data = await agent.credentials.getFormatData(record.id) body.credentialData = data - // }src/server.ts (2)
96-102: Fix middleware formatting and remove debug console.log.The middleware has formatting issues and contains a debug console.log that should use the agent's logger.
Apply this diff to fix the issues:
- app.use((async (req: ExRequest, res: ExResponse, next: NextFunction) => { - res.on('finish', async () => { - console.log("Clean-up tenant sessions 2") - await endTenantSessionIfActive(req) - }) + app.use(async (req: ExRequest, res: ExResponse, next: NextFunction) => { + res.on('finish', async () => { + agent.config.logger.debug('Cleaning up tenant sessions') + await endTenantSessionIfActive(req) + }) next() - })) + })
108-108: Fix TypeScript union type issue with void.The error handler should return
Promise<ExResponse>instead of includingvoidin the union type.- app.use((async (err: unknown, req: ExRequest, res: ExResponse, next: NextFunction): Promise<ExResponse | void> => { + app.use((async (err: unknown, req: ExRequest, res: ExResponse, next: NextFunction): Promise<ExResponse> => {src/controllers/basic-messages/BasicMessageController.ts (2)
5-6: Fix import order violations.The imports don't follow the configured ESLint order rules.
Apply this diff to fix the import order:
import { Agent } from '@credo-ts/core' -import { Body, Controller, Example, Get, Path, Post, Route, Tags, Security, Request } from 'tsoa' -import { Request as Req } from 'express' +import { Request as Req } from 'express' +import { Body, Controller, Example, Get, Path, Post, Route, Tags, Security, Request } from 'tsoa' import { injectable } from 'tsyringe' +import { SCOPES } from '../../enums' import ErrorHandlingService from '../../errorHandlingService' import { BasicMessageRecordExample, RecordId } from '../examples' -import { SCOPES } from '../../enums'Also applies to: 11-11
48-49: Fix HTTP status code inconsistency.Setting status 204 (No Content) while returning data violates HTTP semantics.
Choose one of these approaches:
const basicMessageRecord = await request.agent.basicMessages.sendMessage(connectionId, body.content) -this.setStatus(204) -return basicMessageRecord +this.setStatus(201) +return basicMessageRecordOr:
const basicMessageRecord = await request.agent.basicMessages.sendMessage(connectionId, body.content) this.setStatus(204) -return basicMessageRecordsrc/controllers/polygon/PolygonController.ts (8)
8-9: Fix import order violations.Also applies to: 14-14
53-53: Replaceanywith proper type definition.
108-109: Replaceanytypes with proper definitions.
139-140: Critical: Missingawaitkeyword.
8-9: Fix import order violations.
14-14: Fix import order violations.
53-53: Replaceanywith proper type definition.
108-109: Replaceanytypes with proper definitions.src/controllers/credentials/SchemaController.ts (1)
5-6: Fix import order.src/authentication.ts (5)
52-55: Fix formatting and variable declaration- let decodedToken: jwt.JwtPayload; - if(!token) { + let decodedToken: jwt.JwtPayload + if (!token) {
78-78: Use logger instead of console.error- console.error("Error decoding token", err) + logger.error('Error decoding token', err)
15-15: Critical: Weak default API key poses security riskThe default API key
'api_key'is predictable and weak. This could allow unauthorized access if not properly configured.-let dynamicApiKey: string = 'api_key' // Initialize with a default value +// Require explicit configuration - no default +let dynamicApiKey: string | undefinedThen in
expressAuthentication, check if it's configured:if (!dynamicApiKey) { throw new Error('API key not configured. Please set it using setDynamicApiKey()') }
177-181: Move cache functions before usage to fix hoisting issuesMove these cache helper functions before the
expressAuthenticationfunction where they are used.// Move to top of file, after imports // Cache for jwt token key const cache = new Map<string, string>() export const getFromCache = (key: string) => cache.get(key) export const setInCache = (key: string, value: string) => cache.set(key, value)
144-148: Add error handling and simplify returnThe
jwt.verifyfunction can throw errors that should be handled.async function verifyToken(token: string, secretKey: string): Promise<boolean> { - const verified = jwt.verify(token, secretKey) - - return verified ? true : false + try { + jwt.verify(token, secretKey) + return true + } catch (error) { + return false + } }src/controllers/agent/AgentController.ts (3)
86-86: Remove unused path parameterThe
tenantIdpath parameter is still not used in the method implementation.
107-107: Replace 'any' type with proper type definitionsUsing 'any' type reduces type safety in the data parameter.
165-165: Remove 'any' type for better type safetyThe 'any' type in the union reduces type safety.
src/controllers/multi-tenancy/MultiTenancyController.ts (1)
28-31: Remove duplicate agent declarationThe
agentvariable is declared twice, which will cause a runtime error.src/controllers/proofs/ProofController.ts (1)
279-279: Add proper return type instead of 'any'Define a proper return type for the proof format data to improve type safety.
src/controllers/credentials/CredentialController.ts (1)
182-185: Extract duplicate link secret creation logic.The link secret creation logic is duplicated in both
createOfferOobandacceptOffermethods. This violates the DRY principle.Consider extracting this logic into a private helper method:
private async ensureLinkSecretExists(agent: AgentType): Promise<void> { const linkSecretIds = await agent.modules.anoncreds.getLinkSecretIds() if (linkSecretIds.length === 0) { await agent.modules.anoncreds.createLinkSecret() } }Then use it in both methods:
- const linkSecretIds = await request.agent.modules.anoncreds.getLinkSecretIds() - if (linkSecretIds.length === 0) { - await request.agent.modules.anoncreds.createLinkSecret() - } + await this.ensureLinkSecretExists(request.agent)Also applies to: 254-257
src/controllers/did/DidController.ts (2)
108-108: Replace 'any' type with proper type definition.Using
anytype reduces type safety and makes the code harder to maintain.The
didvariable should have a proper type:- let did: any + let did: string | undefinedAlso applies to: 132-132
388-388: Replace 'any' type with proper type definition.Using
anytype fordidDocumentreduces type safety.Import and use the proper type:
- let didDocument: any + let didDocument: DidDocument | undefinedNote: You'll need to import
DidDocumentfrom@credo-ts/core.
🧹 Nitpick comments (31)
patches/@credo-ts+core+0.5.15+001+message-type-for-messages.patch (3)
21-21: Consider making messageType optional in ForwardMessageOptions.The
messageTypeproperty is marked as required inForwardMessageOptions, which could break existing code that doesn't provide this field.- messageType: string; + messageType?: string;This would maintain backward compatibility while still enforcing the type when provided.
40-40: Fix indentation and consider making messageType optional.The indentation appears inconsistent with the surrounding code (extra spaces before
messageType).- messageType: string; + messageType?: string;This fixes the indentation and makes the property optional to maintain backward compatibility with existing
PlaintextMessageimplementations.
1-44: Consider alternatives to patching third-party libraries.Patching third-party libraries can create maintenance challenges and make updates difficult. Consider these alternatives:
- Contribute upstream: Submit these changes to the @credo-ts/core repository
- Create a wrapper: Implement a custom wrapper that adds the messageType functionality
- Use composition: Extend the existing classes with the additional functionality
If patching is necessary, ensure you have a clear upgrade strategy and document the reasons for the patch.
src/enums/index.ts (1)
1-1: Add missing newline at end of file.The barrel file structure is good for consolidating enum exports, but it's missing a newline at the end of the file as indicated by the static analysis tool.
-export * from './enum' +export * from './enum' +src/types/index.ts (1)
1-1: Good addition for centralizing request type exports.This export consolidation supports the broader architectural changes where Express Request objects are augmented with agent properties. However, there's a formatting issue that needs to be addressed.
Fix the formatting issue by adding a newline at the end:
-export * from './request' +export * from './request' +src/errors/index.ts (1)
2-3: Good centralization of error exports.Adding
ApiErrorandStatusExceptionexports centralizes error handling and supports the enhanced error handling improvements across the codebase. However, there's a formatting issue that needs to be addressed.Fix the formatting issue by adding a newline at the end:
export * from './errors' export * from './ApiError' -export * from './StatusException' +export * from './StatusException' +src/utils/helpers.ts (1)
10-26: Function works correctly, but can be simplified.The
generateSecretKeyfunction correctly generates cryptographically secure random keys. However, the Promise wrapping can be simplified using Node.js's built-in promisification.Consider this more concise implementation:
-export async function generateSecretKey(length: number = 32): Promise<string> { - // Asynchronously generate a buffer containing random values - const buffer: Buffer = await new Promise((resolve, reject) => { - randomBytes(length, (error, buf) => { - if (error) { - reject(error) - } else { - resolve(buf) - } - }) - }) - - // Convert the buffer to a hexadecimal string - const secretKey: string = buffer.toString('hex') - - return secretKey -} +import { promisify } from 'util' + +const randomBytesAsync = promisify(randomBytes) + +export async function generateSecretKey(length: number = 32): Promise<string> { + const buffer = await randomBytesAsync(length) + return buffer.toString('hex') +}src/events/WebhookEvent.ts (1)
15-15: Consider the rationale for dynamic import of fetch.The change from static to dynamic import may impact performance due to repeated dynamic imports. Consider if this is necessary or if a static import would be more appropriate.
If static import is viable, consider:
+import fetch from 'node-fetch' + export const sendWebhookEvent = async ( webhookUrl: string, body: Record<string, unknown>, logger: Logger, timeoutMs = 5000, ): Promise<void> => { const controller = new AbortController() const timeout = setTimeout(() => controller.abort(), timeoutMs) try { - const fetch = (await import('node-fetch')).default await fetch(webhookUrl, {src/types/request.d.ts (1)
5-14: Remove commented-out code for cleaner codebase.The commented-out code blocks should be removed to avoid confusion and maintain code cleanliness.
-// declare global { -// namespace Express { -// interface Request { -// user: { -// [x: string]: any -// agent: Agent<RestAgentModules> | Agent<RestMultiTenantAgentModules> | TenantAgent<RestAgentModules> -// } -// } -// } -// }Also applies to: 29-38
src/events/CredentialEvents.ts (1)
36-42: Fix indentation issues.The code has incorrect indentation that violates the project's formatting rules.
Apply this diff to fix the indentation:
- if (record?.connectionId) { - const connectionRecord = await agent.connections.findById(record.connectionId!) - body.outOfBandId = connectionRecord?.outOfBandId - } - - const data = await agent.credentials.getFormatData(record.id) - body.credentialData = data + if (record?.connectionId) { + const connectionRecord = await agent.connections.findById(record.connectionId!) + body.outOfBandId = connectionRecord?.outOfBandId + } + + const data = await agent.credentials.getFormatData(record.id) + body.credentialData = datapackage.json (2)
32-32: Consider the performance impact of building before every dev start.The
start:devscript now runsyarn buildbefore starting, which may slow down the development workflow. Consider if this is necessary for development or if a watch mode would be more appropriate.
116-119: Document the reason for version resolutions.The
resolutionsfield forces specific versions of@credo-ts/coreand@credo-ts/askar. This can help with consistency but may prevent receiving important updates.Consider adding a comment in the package.json or README explaining why these specific versions are pinned.
src/server.ts (2)
38-38: Add missing comma after parameter.- apiKey?: string + apiKey?: string,
140-148: Consider error handling in session cleanup.The
endTenantSessionIfActivefunction should handle potential errors during session cleanup to prevent unhandled promise rejections.async function endTenantSessionIfActive(request: ExRequest) { if ('agent' in request) { const agent = request?.agent if (agent instanceof TenantAgent) { - agent.config.logger.debug(`Ending tenant session for tenant:: ${agent.context.contextCorrelationId}`) - await agent.endSession() + try { + agent.config.logger.debug(`Ending tenant session for tenant: ${agent.context.contextCorrelationId}`) + await agent.endSession() + } catch (error) { + agent.config.logger.error('Failed to end tenant session', { error, tenantId: agent.context.contextCorrelationId }) + } } } }src/controllers/basic-messages/BasicMessageController.ts (1)
27-27: Fix method parameter formatting.Long parameter lists should be formatted with line breaks for better readability.
For the
getBasicMessagesmethod:- public async getBasicMessages(@Request() request: Req, @Path('connectionId') connectionId: RecordId): Promise<BasicMessageRecord[]> { + public async getBasicMessages( + @Request() request: Req, + @Path('connectionId') connectionId: RecordId, + ): Promise<BasicMessageRecord[]> {For the
sendMessagemethod:- public async sendMessage(@Request() request: Req, @Path('connectionId') connectionId: RecordId, @Body() body: Record<'content', string>) { + public async sendMessage( + @Request() request: Req, + @Path('connectionId') connectionId: RecordId, + @Body() body: Record<'content', string>, + ) {Also applies to: 45-45
src/controllers/polygon/PolygonController.ts (2)
134-134: Format method parameters across multiple lines.Apply this formatting fix for better readability:
- public async getSchemaById(@Request() request: Req, @Path('did') did: string, @Path('schemaId') schemaId: string): Promise<unknown> { + public async getSchemaById( + @Request() request: Req, + @Path('did') did: string, + @Path('schemaId') schemaId: string, + ): Promise<unknown> {
69-69: Use optional chaining for safer property access.The nested property access can be simplified using optional chaining.
Apply this diff:
- if (reason && reason.includes('insufficient') && reason.includes('funds')) { + if (reason?.includes('insufficient') && reason?.includes('funds')) {src/cliAgent.ts (1)
238-254: Remove commented-out code.The old
generateSecretKeyfunction is no longer needed since it's been moved toutils/helpers.ts.Delete lines 238-254 to keep the codebase clean.
src/controllers/types.ts (1)
260-260: Replaceanytype with proper proof format types.Using
anyforproofFormatsreduces type safety. Consider defining or importing appropriate proof format types.Define a proper type for proof formats instead of using
any:proofFormats: ProofFormatPayload<ProofFormat[], 'createProposal'>Also applies to: 269-269
src/controllers/question-answer/QuestionAnswerController.ts (1)
6-13: Fix import orderMove the
expressimport beforetsoaand../../enumsimport before../../errorHandlingServiceto follow the import order convention.-import { Body, Controller, Get, Path, Post, Route, Tags, Query, Security, Example, Request } from 'tsoa' -import { Request as Req } from 'express' +import { Request as Req } from 'express' +import { Body, Controller, Get, Path, Post, Route, Tags, Query, Security, Example, Request } from 'tsoa' import { injectable } from 'tsyringe' +import { SCOPES } from '../../enums' import ErrorHandlingService from '../../errorHandlingService' import { NotFoundError } from '../../errors' import { RecordId } from '../examples' -import { SCOPES } from '../../enums'src/controllers/connections/ConnectionController.ts (1)
5-12: Fix import order-import { Controller, Delete, Example, Get, Path, Post, Query, Route, Tags, Security, Request } from 'tsoa' -import { Request as Req } from 'express' +import { Request as Req } from 'express' +import { Controller, Delete, Example, Get, Path, Post, Query, Route, Tags, Security, Request } from 'tsoa' import { injectable } from 'tsyringe' +import { SCOPES } from '../../enums' import ErrorHandlingService from '../../errorHandlingService' import { NotFoundError } from '../../errors' import { ConnectionRecordExample, RecordId } from '../examples' -import { SCOPES } from '../../enums'src/controllers/credentials/CredentialDefinitionController.ts (3)
6-10: Fix import order-import { Body, Controller, Example, Get, Path, Post, Route, Tags, Security, Response, Request } from 'tsoa' -import { Request as Req } from 'express' +import { Request as Req } from 'express' +import { Body, Controller, Example, Get, Path, Post, Route, Tags, Security, Response, Request } from 'tsoa'
80-82: Simplify endorse flag normalization- credentialDefinitionRequest.endorse = credentialDefinitionRequest.endorse - ? credentialDefinitionRequest.endorse - : false + const endorse = credentialDefinitionRequest.endorse ?? falseThen use
endorseinstead ofcredentialDefinitionRequest.endorsein the subsequent code.
112-112: Fix typo in error message- throw new InternalServerError('Falied to register credef on ledger') + throw new InternalServerError('Failed to register credential definition on ledger')src/controllers/agent/AgentController.ts (1)
46-49: Improve error handling specificityThe error message could be more descriptive to help with debugging.
- if (!secretKeyInfo) { - throw new Error('secretKeyInfo not found') - } + if (!secretKeyInfo) { + throw new BadRequestError('Secret key not found in generic records. Ensure agent is properly initialized.') + }src/controllers/outofband/OutOfBandController.ts (1)
46-49: Simplify query object constructionThe query object can be constructed more concisely.
- const query = invitationId ? { - invitationId: invitationId - } : {} + const query = invitationId ? { invitationId } : {}src/controllers/multi-tenancy/MultiTenancyController.ts (1)
60-64: Consider security implications of shared secret keyAll tenant tokens are signed with the base wallet's secret key rather than tenant-specific keys. This means any compromise of the base wallet's secret key affects all tenants. Consider if tenant isolation requires separate keys.
Also applies to: 140-147
src/controllers/proofs/ProofController.ts (1)
43-43: Remove commented codeThe manual filtering is no longer needed since
findAllByQueryhandles it.- // if (threadId) proofs = proofs.filter((p) => p.threadId === threadId)src/controllers/credentials/CredentialController.ts (1)
17-18: Fix import order violations.The imports are not following the correct order convention.
Apply this diff to fix the import order:
-import { Body, Controller, Get, Path, Post, Route, Tags, Example, Query, Security, Request } from 'tsoa' -import { Request as Req } from 'express' +import { Request as Req } from 'express' +import { Body, Controller, Get, Path, Post, Route, Tags, Example, Query, Security, Request } from 'tsoa'And move the enums import:
+import { SCOPES } from '../../enums' import ErrorHandlingService from '../../errorHandlingService' import { CredentialExchangeRecordExample, RecordId } from '../examples' import { OutOfBandController } from '../outofband/OutOfBandController' import { AcceptCredentialRequestOptions, ProposeCredentialOptions, AcceptCredentialProposalOptions, CredentialOfferOptions, CreateOfferOptions, AcceptCredential, CreateOfferOobOptions, ThreadId, } from '../types' -import { SCOPES } from '../../enums'Also applies to: 21-21, 34-34
src/controllers/did/DidController.ts (2)
15-16: Fix import order violations.The imports are not following the correct order convention.
Apply this diff to fix the import order:
-import { Body, Controller, Example, Get, Path, Post, Route, Tags, Security, Request } from 'tsoa' -import { Request as Req } from 'express' +import { Request as Req } from 'express' +import { Body, Controller, Example, Get, Path, Post, Route, Tags, Security, Request } from 'tsoa'And reorder the type imports:
import { BadRequestError, InternalServerError } from '../../errors' +import { AgentType } from '../../types' import { CreateDidResponse, Did, DidRecordExample } from '../examples' import { DidCreate } from '../types' -import { AgentType } from '../../types'Also applies to: 22-24
131-131: Remove extra whitespace.Apply this diff to fix formatting:
- }) - - did = didPeerResponse.didState.did + }) + + did = didPeerResponse.didState.did
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
⛔ Files ignored due to path filters (1)
yarn.lockis excluded by!**/yarn.lock,!**/*.lock
📒 Files selected for processing (50)
.eslintrc.js(0 hunks).github/workflows/continuous-delivery.yml(0 hunks).github/workflows/continuous-integration.yml(1 hunks)README.md(1 hunks)bin/afj-rest.js(1 hunks)eslint.config.mjs(1 hunks)package.json(1 hunks)patches/@credo-ts+core+0.5.1+001+initial.patch(0 hunks)patches/@credo-ts+core+0.5.15+001+message-type-for-messages.patch(2 hunks)patches/@credo-ts+core+0.5.15+004+commenting validationPresentation to avoid abandoned issue.patch(2 hunks)patches/@credo-ts+core+0.5.3+002+fix-process-problem-report.patch(0 hunks)patches/@credo-ts+core+0.5.3+006+w3c-issuance-without-holder-did-negotiaton.patch(0 hunks)samples/cliConfig.json(1 hunks)src/authentication.ts(2 hunks)src/cli.ts(5 hunks)src/cliAgent.ts(12 hunks)src/controllers/agent/AgentController.ts(1 hunks)src/controllers/basic-messages/BasicMessageController.ts(3 hunks)src/controllers/connections/ConnectionController.ts(6 hunks)src/controllers/credentials/CredentialController.ts(16 hunks)src/controllers/credentials/CredentialDefinitionController.ts(5 hunks)src/controllers/credentials/SchemaController.ts(5 hunks)src/controllers/did/DidController.ts(20 hunks)src/controllers/endorser-transaction/EndorserTransactionController.ts(9 hunks)src/controllers/multi-tenancy/MultiTenancyController.ts(1 hunks)src/controllers/outofband/OutOfBandController.ts(11 hunks)src/controllers/polygon/PolygonController.ts(6 hunks)src/controllers/proofs/ProofController.ts(16 hunks)src/controllers/question-answer/QuestionAnswerController.ts(5 hunks)src/controllers/types.ts(9 hunks)src/enums/enum.ts(1 hunks)src/enums/index.ts(1 hunks)src/errors/StatusException.ts(1 hunks)src/errors/index.ts(1 hunks)src/events/CredentialEvents.ts(2 hunks)src/events/QuestionAnswerEvents.ts(1 hunks)src/events/WebhookEvent.ts(1 hunks)src/index.ts(0 hunks)src/securityMiddleware.ts(1 hunks)src/server.ts(6 hunks)src/types/index.ts(1 hunks)src/types/request.d.ts(1 hunks)src/utils/TsyringeAdapter.ts(0 hunks)src/utils/helpers.ts(1 hunks)src/utils/index.ts(1 hunks)src/utils/logger.ts(5 hunks)src/utils/tsyringeTsoaIocContainer.ts(1 hunks)tsconfig.eslint.json(1 hunks)tsconfig.json(1 hunks)tsoa.json(1 hunks)
💤 Files with no reviewable changes (7)
- .github/workflows/continuous-delivery.yml
- src/index.ts
- patches/@credo-ts+core+0.5.3+006+w3c-issuance-without-holder-did-negotiaton.patch
- patches/@credo-ts+core+0.5.1+001+initial.patch
- src/utils/TsyringeAdapter.ts
- patches/@credo-ts+core+0.5.3+002+fix-process-problem-report.patch
- .eslintrc.js
🧰 Additional context used
🧠 Learnings (1)
samples/cliConfig.json (1)
Learnt from: GHkrishna
PR: credebl/credo-controller#281
File: samples/cliConfig.json:46-46
Timestamp: 2025-07-08T07:51:37.310Z
Learning: Sample configuration files in samples/ directories appropriately contain placeholder values like "supersecret" for API keys and other secrets to demonstrate the expected configuration format.
🧬 Code Graph Analysis (8)
src/types/request.d.ts (1)
src/cliAgent.ts (2)
RestAgentModules(114-114)RestMultiTenantAgentModules(112-112)
src/events/CredentialEvents.ts (1)
src/utils/ServerConfig.ts (1)
ServerConfig(4-12)
src/events/WebhookEvent.ts (1)
src/utils/logger.ts (1)
error(122-124)
src/controllers/basic-messages/BasicMessageController.ts (2)
src/controllers/question-answer/QuestionAnswerController.ts (1)
Tags(15-117)src/controllers/examples.ts (1)
RecordId(20-20)
src/controllers/question-answer/QuestionAnswerController.ts (6)
src/controllers/outofband/OutOfBandController.ts (1)
Tags(31-328)src/controllers/basic-messages/BasicMessageController.ts (1)
Tags(13-54)src/controllers/connections/ConnectionController.ts (1)
Tags(14-148)src/controllers/credentials/CredentialController.ts (1)
Tags(36-317)src/controllers/proofs/ProofController.ts (1)
Tags(24-287)src/controllers/examples.ts (1)
RecordId(20-20)
src/cli.ts (1)
src/cliAgent.ts (1)
Transports(58-58)
src/cliAgent.ts (1)
src/utils/helpers.ts (1)
generateSecretKey(10-26)
src/authentication.ts (3)
src/utils/logger.ts (1)
TsLogger(15-129)src/cliAgent.ts (2)
RestMultiTenantAgentModules(112-112)RestAgentModules(114-114)src/errors/StatusException.ts (1)
StatusException(1-8)
🪛 ESLint
src/enums/index.ts
[error] 1-1: Insert ⏎
(prettier/prettier)
src/types/index.ts
[error] 1-1: Insert ⏎
(prettier/prettier)
src/errors/index.ts
[error] 3-3: Insert ⏎
(prettier/prettier)
src/utils/helpers.ts
[error] 26-26: Insert ⏎
(prettier/prettier)
src/errors/StatusException.ts
[error] 2-2: Delete ··
(prettier/prettier)
[error] 3-3: Delete ··
(prettier/prettier)
[error] 4-4: Delete ··
(prettier/prettier)
[error] 5-5: Replace ······ with ····
(prettier/prettier)
[error] 6-6: Delete ··
(prettier/prettier)
[error] 7-7: Delete ··
(prettier/prettier)
[error] 8-8: Delete ··
(prettier/prettier)
src/utils/index.ts
[error] 7-7: Insert ⏎
(prettier/prettier)
src/events/CredentialEvents.ts
[error] 36-36: Delete ··
(prettier/prettier)
[error] 37-37: Delete ··
(prettier/prettier)
[error] 38-38: Delete ··
(prettier/prettier)
[error] 39-39: Delete ··
(prettier/prettier)
[error] 41-41: Delete ··
(prettier/prettier)
[error] 42-42: Delete ··
(prettier/prettier)
src/events/WebhookEvent.ts
[error] 7-7: Insert ,
(prettier/prettier)
src/controllers/basic-messages/BasicMessageController.ts
[error] 6-6: express import should occur before import of tsoa
(import/order)
[error] 11-11: ../../enums import should occur before import of ../../errorHandlingService
(import/order)
[error] 27-27: Replace @Request()·request:·Req,·@Path('connectionId')·connectionId:·RecordId with ⏎····@Request()·request:·Req,⏎····@Path('connectionId')·connectionId:·RecordId,⏎··
(prettier/prettier)
[error] 45-45: Replace @Request()·request:·Req,·@Path('connectionId')·connectionId:·RecordId,·@Body()·body:·Record<'content',·string> with ⏎····@Request()·request:·Req,⏎····@Path('connectionId')·connectionId:·RecordId,⏎····@Body()·body:·Record<'content',·string>,⏎··
(prettier/prettier)
src/enums/enum.ts
[error] 94-94: Insert ,
(prettier/prettier)
[error] 95-95: Insert ⏎
(prettier/prettier)
src/controllers/question-answer/QuestionAnswerController.ts
[error] 7-7: express import should occur before import of tsoa
(import/order)
[error] 13-13: ../../enums import should occur before import of ../../errorHandlingService
(import/order)
src/controllers/polygon/PolygonController.ts
[error] 9-9: express import should occur before import of fs
(import/order)
[error] 14-14: ../../enums import should occur before import of ../../errorHandlingService
(import/order)
[error] 134-134: Replace @Request()·request:·Req,·@Path('did')·did:·string,·@Path('schemaId')·schemaId:·string with ⏎····@Request()·request:·Req,⏎····@Path('did')·did:·string,⏎····@Path('schemaId')·schemaId:·string,⏎··
(prettier/prettier)
src/cli.ts
[error] 57-57: Insert (⏎····
(prettier/prettier)
[error] 58-58: Replace ···· with ······
(prettier/prettier)
[error] 59-59: Insert ··
(prettier/prettier)
[error] 60-60: Replace ···· with ······
(prettier/prettier)
[error] 61-61: Insert ··
(prettier/prettier)
[error] 62-62: Insert ··
(prettier/prettier)
[error] 63-63: Insert ··
(prettier/prettier)
[error] 64-64: Insert ··
(prettier/prettier)
[error] 65-65: Replace ···· with ······
(prettier/prettier)
[error] 66-66: Insert ··
(prettier/prettier)
[error] 67-67: Insert ··
(prettier/prettier)
[error] 68-68: Replace ···· with ······
(prettier/prettier)
[error] 69-69: Insert ··
(prettier/prettier)
[error] 70-70: Insert ··
(prettier/prettier)
[error] 71-71: Insert ··
(prettier/prettier)
[error] 72-72: Insert ··
(prettier/prettier)
[error] 73-73: Insert ··
(prettier/prettier)
[error] 74-74: Insert ··
(prettier/prettier)
[error] 75-75: Insert ··
(prettier/prettier)
[error] 76-76: Insert ··
(prettier/prettier)
[error] 77-77: Insert ··
(prettier/prettier)
[error] 78-78: Replace ···· with ······
(prettier/prettier)
[error] 79-79: Insert ··
(prettier/prettier)
[error] 80-80: Insert ··
(prettier/prettier)
[error] 81-81: Replace ···· with ······
(prettier/prettier)
[error] 82-82: Insert ··
(prettier/prettier)
[error] 108-108: Insert ··
(prettier/prettier)
[error] 109-109: Insert ··
(prettier/prettier)
[error] 110-110: Insert ··
(prettier/prettier)
[error] 111-111: Insert ··
(prettier/prettier)
[error] 112-112: Insert ··
(prettier/prettier)
[error] 113-113: Insert ··
(prettier/prettier)
[error] 114-114: Replace ········ with ··········
(prettier/prettier)
[error] 115-115: Insert ··
(prettier/prettier)
[error] 116-116: Insert ··
(prettier/prettier)
[error] 117-117: Insert ··
(prettier/prettier)
[error] 118-118: Insert ··
(prettier/prettier)
[error] 119-119: Insert ··
(prettier/prettier)
[error] 120-120: Insert ··
(prettier/prettier)
[error] 121-121: Insert ··
(prettier/prettier)
[error] 122-122: Insert ··
(prettier/prettier)
[error] 123-123: Insert ··
(prettier/prettier)
[error] 124-124: Replace ········ with ··········
(prettier/prettier)
[error] 125-125: Insert ··
(prettier/prettier)
[error] 126-126: Insert ··
(prettier/prettier)
[error] 127-127: Replace ·········· with ············
(prettier/prettier)
[error] 128-128: Insert ··
(prettier/prettier)
[error] 129-129: Insert ··
(prettier/prettier)
[error] 130-130: Insert ··
(prettier/prettier)
[error] 131-131: Insert ··
(prettier/prettier)
[error] 132-132: Insert ··
(prettier/prettier)
[error] 133-133: Insert ··
(prettier/prettier)
[error] 134-134: Insert ··
(prettier/prettier)
[error] 135-135: Insert ··
(prettier/prettier)
[error] 136-136: Insert ··
(prettier/prettier)
[error] 137-137: Replace ·········· with ············
(prettier/prettier)
[error] 138-138: Insert ··
(prettier/prettier)
[error] 139-139: Insert ··
(prettier/prettier)
[error] 140-140: Replace ········ with ··········
(prettier/prettier)
[error] 141-141: Insert ··
(prettier/prettier)
[error] 142-142: Insert ··
(prettier/prettier)
[error] 143-143: Insert ··
(prettier/prettier)
[error] 144-144: Insert ··
(prettier/prettier)
[error] 145-145: Insert ··
(prettier/prettier)
[error] 146-146: Insert ··
(prettier/prettier)
[error] 147-147: Insert ··
(prettier/prettier)
[error] 148-148: Insert ··
(prettier/prettier)
[error] 149-149: Insert ··
(prettier/prettier)
[error] 150-150: Replace ···· with ······
(prettier/prettier)
[error] 151-151: Insert ··
(prettier/prettier)
[error] 152-152: Insert ··
(prettier/prettier)
[error] 153-153: Replace ···· with ······
(prettier/prettier)
[error] 154-154: Insert ··
(prettier/prettier)
src/controllers/credentials/SchemaController.ts
[error] 6-6: express import should occur before import of tsoa
(import/order)
[error] 43-43: Replace schemBySchemaId?.resolutionMetadata?.message·||·schema·details·with·schema·id·"${schemaId}"·not·found.`` with ⏎··········schemBySchemaId?.resolutionMetadata?.message·||·schema·details·with·schema·id·"${schemaId}"·not·found.`,⏎········`
(prettier/prettier)
src/server.ts
[error] 38-38: Insert ,
(prettier/prettier)
[error] 41-41: Unexpected console statement.
(no-console)
[error] 94-96: Replace ⏎⏎··app.use( with ··app.use
(prettier/prettier)
[error] 97-97: Insert ··
(prettier/prettier)
[error] 98-98: Replace console.log("Clean-up·tenant·sessions·2" with ··console.log('Clean-up·tenant·sessions·2'
(prettier/prettier)
[error] 98-98: Unexpected console statement.
(no-console)
[error] 99-99: Replace ···· with ······
(prettier/prettier)
[error] 100-100: Insert ··
(prettier/prettier)
[error] 102-102: Delete )
(prettier/prettier)
src/controllers/agent/AgentController.ts
[error] 2-2: Replace ·AgentInfo,·AgentToken,·CustomW3cJsonLdSignCredentialOptions,·SafeW3cJsonLdVerifyCredentialOptions,·SignDataOptions,·VerifyDataOptions· with ⏎··AgentInfo,⏎··AgentToken,⏎··CustomW3cJsonLdSignCredentialOptions,⏎··SafeW3cJsonLdVerifyCredentialOptions,⏎··SignDataOptions,⏎··VerifyDataOptions,⏎
(prettier/prettier)
[error] 4-4: Replace ·Agent,·ClaimFormat,·JsonTransformer,·Key,·TypedArrayEncoder,·W3cJsonLdSignCredentialOptions,·W3cJsonLdVerifiableCredential· with ⏎··Agent,⏎··ClaimFormat,⏎··JsonTransformer,⏎··Key,⏎··TypedArrayEncoder,⏎··W3cJsonLdSignCredentialOptions,⏎··W3cJsonLdVerifiableCredential,⏎
(prettier/prettier)
[error] 6-6: express import should occur before import of tsoa
(import/order)
[error] 7-7: jsonwebtoken import should occur before import of tsoa
(import/order)
[error] 11-11: There should be at least one empty line between import groups
(import/order)
[error] 11-11: ../../enums import should occur before import of ../../errorHandlingService
(import/order)
[error] 12-12: There should be at least one empty line between import groups
(import/order)
[error] 12-12: @credo-ts/askar/build/utils/assertAskarWallet import should occur before import of @credo-ts/core
(import/order)
[error] 19-20: Delete ⏎
(prettier/prettier)
[error] 39-39: Insert ·
(prettier/prettier)
[error] 40-40: Insert ·
(prettier/prettier)
[error] 107-107: Insert ,
(prettier/prettier)
[error] 114-114: Replace await·request.agent.w3cCredentials.signCredential(credentialData with (await·request.agent.w3cCredentials.signCredential(⏎··········credentialData,⏎········)
(prettier/prettier)
[error] 165-165: Insert ,
(prettier/prettier)
[error] 168-168: Replace credential,··...credentialOptions} with ·credential,·...credentialOptions·}·
(prettier/prettier)
[error] 169-169: Replace credentialToVerify?.credential,·W3cJsonLdVerifiableCredential with ⏎········credentialToVerify?.credential,⏎········W3cJsonLdVerifiableCredential,⏎······
(prettier/prettier)
[error] 170-170: Replace credential:·transformedCredential,·...credentialOptions with ⏎········credential:·transformedCredential,⏎········...credentialOptions,⏎······
(prettier/prettier)
src/controllers/credentials/CredentialDefinitionController.ts
[error] 7-7: express import should occur before import of tsoa
(import/order)
[error] 81-81: Delete ··
(prettier/prettier)
[error] 82-82: Delete ··
(prettier/prettier)
src/controllers/endorser-transaction/EndorserTransactionController.ts
[error] 10-10: express import should occur before import of tsoa
(import/order)
[error] 17-17: ../../types import should occur before import of ../types
(import/order)
[error] 24-25: Delete ⏎
(prettier/prettier)
[error] 72-72: Delete ·
(prettier/prettier)
[error] 151-151: Delete ·
(prettier/prettier)
[error] 182-182: Insert ,
(prettier/prettier)
src/controllers/connections/ConnectionController.ts
[error] 6-6: express import should occur before import of tsoa
(import/order)
[error] 12-12: ../../enums import should occur before import of ../../errorHandlingService
(import/order)
src/authentication.ts
[error] 52-52: Delete ;
(prettier/prettier)
[error] 53-53: Insert ·
(prettier/prettier)
[error] 57-57: 'getFromCache' was used before it was defined.
(@typescript-eslint/no-use-before-define)
[error] 57-57: Replace "secret" with 'secret'
(prettier/prettier)
[error] 58-58: Delete ····
(prettier/prettier)
[error] 59-59: Insert ·
(prettier/prettier)
[error] 63-63: Delete ····
(prettier/prettier)
[error] 66-66: Delete ····
(prettier/prettier)
[error] 78-78: Unexpected console statement.
(no-console)
[error] 78-78: Replace "Error·decoding·token" with 'Error·decoding·token'
(prettier/prettier)
[error] 81-81: Delete ····
(prettier/prettier)
[error] 93-93: Replace ·········· with ········
(prettier/prettier)
[error] 118-119: Delete ⏎
(prettier/prettier)
[error] 134-134: Replace new·StatusException(${ErrorMessages.Unauthorized}:·Multitenant·routes·are·diabled·for·dedicated·agent,·401) with ⏎············new·StatusException(⏎··············${ErrorMessages.Unauthorized}:·Multitenant·routes·are·diabled·for·dedicated·agent,⏎··············401,⏎············),⏎··········
(prettier/prettier)
[error] 152-152: Insert ,
(prettier/prettier)
[error] 154-154: Delete ;
(prettier/prettier)
[error] 156-156: 'getFromCache' was used before it was defined.
(@typescript-eslint/no-use-before-define)
[error] 156-156: Replace "secret" with 'secret'
(prettier/prettier)
[error] 163-163: 'setInCache' was used before it was defined.
(@typescript-eslint/no-use-before-define)
[error] 163-163: Replace "secret" with 'secret'
(prettier/prettier)
[error] 178-178: Delete ;
(prettier/prettier)
[error] 180-180: Delete ;
(prettier/prettier)
[error] 181-181: Delete ;
(prettier/prettier)
src/controllers/credentials/CredentialController.ts
[error] 18-18: express import should occur before import of tsoa
(import/order)
[error] 34-34: ../../enums import should occur before import of ../../errorHandlingService
(import/order)
[error] 149-149: Replace @Request()·request:·Req,·@Body()·acceptCredentialProposal:·AcceptCredentialProposalOptions with ⏎····@Request()·request:·Req,⏎····@Body()·acceptCredentialProposal:·AcceptCredentialProposalOptions,⏎··
(prettier/prettier)
[error] 275-275: Replace @Request()·request:·Req,·@Body()·acceptCredentialRequestOptions:·AcceptCredentialRequestOptions with ⏎····@Request()·request:·Req,⏎····@Body()·acceptCredentialRequestOptions:·AcceptCredentialRequestOptions,⏎··
(prettier/prettier)
src/controllers/proofs/ProofController.ts
[error] 11-11: express import should occur before import of tsoa
(import/order)
[error] 22-22: ../../enums import should occur before import of ../../errorHandlingService
(import/order)
[error] 40-40: Replace threadId with ·threadId·
(prettier/prettier)
[error] 224-224: Delete ·
(prettier/prettier)
src/controllers/multi-tenancy/MultiTenancyController.ts
[error] 12-12: express import should occur before import of jsonwebtoken
(import/order)
[error] 18-18: ../../utils import should occur before import of ../types
(import/order)
src/controllers/outofband/OutOfBandController.ts
[error] 22-22: express import should occur before import of tsoa
(import/order)
[error] 29-29: ../../enums import should occur before import of ../../errorHandlingService
(import/order)
[error] 46-46: Insert ⏎·······
(prettier/prettier)
[error] 47-47: Replace ········invitationId:·invitationId with ············invitationId:·invitationId,
(prettier/prettier)
[error] 48-48: Replace } with ····}⏎·······
(prettier/prettier)
[error] 267-267: Replace @Request()·request:·Req,·@Body()·invitationRequest:·ReceiveInvitationByUrlProps with ⏎····@Request()·request:·Req,⏎····@Body()·invitationRequest:·ReceiveInvitationByUrlProps,⏎··
(prettier/prettier)
[error] 275-275: Replace invitationUrl,·config with ⏎········invitationUrl,⏎········config,⏎······
(prettier/prettier)
src/controllers/did/DidController.ts
[error] 16-16: express import should occur before import of tsoa
(import/order)
[error] 24-24: ../../types import should occur before import of ../examples
(import/order)
[error] 131-131: Delete ····
(prettier/prettier)
🪛 Gitleaks (8.26.0)
samples/cliConfig.json
45-45: Uncovered a JSON Web Token, which may lead to unauthorized access to web applications and sensitive user data.
(jwt)
🪛 GitHub Check: Validate
src/controllers/polygon/PolygonController.ts
[warning] 53-53:
Unexpected any. Specify a different type
[warning] 109-109:
Unexpected any. Specify a different type
[warning] 108-108:
Unexpected any. Specify a different type
src/controllers/agent/AgentController.ts
[warning] 165-165:
Unexpected any. Specify a different type
[warning] 107-107:
Unexpected any. Specify a different type
src/authentication.ts
[failure] 78-78:
Replace "Error·decoding·token" with 'Error·decoding·token'
[failure] 78-78:
Unexpected console statement
[failure] 66-66:
Delete ····
[failure] 63-63:
Delete ····
[failure] 59-59:
Insert ·
[failure] 58-58:
Delete ····
[failure] 57-57:
Replace "secret" with 'secret'
[failure] 57-57:
'getFromCache' was used before it was defined
[failure] 53-53:
Insert ·
[failure] 52-52:
Delete ;
src/controllers/proofs/ProofController.ts
[warning] 279-279:
Unexpected any. Specify a different type
src/controllers/did/DidController.ts
[warning] 108-108:
Unexpected any. Specify a different type
[warning] 388-388:
Unexpected any. Specify a different type
🪛 Biome (1.9.4)
src/controllers/polygon/PolygonController.ts
[error] 69-69: Change to an optional chain.
Unsafe fix: Change to an optional chain.
(lint/complexity/useOptionalChain)
src/controllers/credentials/SchemaController.ts
[error] 38-39: Change to an optional chain.
Unsafe fix: Change to an optional chain.
(lint/complexity/useOptionalChain)
src/server.ts
[error] 108-108: void is confusing inside a union type.
Unsafe fix: Use undefined instead.
(lint/suspicious/noConfusingVoidType)
src/authentication.ts
[error] 24-24: Change to an optional chain.
Unsafe fix: Change to an optional chain.
(lint/complexity/useOptionalChain)
[error] 48-48: Unnecessary use of boolean literals in conditional expression.
Simplify your code by directly assigning the result without using a ternary operator.
If your goal is negation, you may use the logical NOT (!) or double NOT (!!) operator for clearer and concise code.
Check for more details about NOT operator.
Unsafe fix: Remove the conditional expression with
(lint/complexity/noUselessTernary)
[error] 93-93: Change to an optional chain.
Unsafe fix: Change to an optional chain.
(lint/complexity/useOptionalChain)
[error] 147-147: Unnecessary use of boolean literals in conditional expression.
Simplify your code by directly assigning the result without using a ternary operator.
If your goal is negation, you may use the logical NOT (!) or double NOT (!!) operator for clearer and concise code.
Check for more details about NOT operator.
Unsafe fix: Remove the conditional expression with
(lint/complexity/noUselessTernary)
🪛 GitHub Actions: Continuous Integration
src/authentication.ts
[error] 52-52: Prettier formatting error: Delete ; (prettier/prettier)
🔇 Additional comments (50)
README.md (1)
134-134: LGTM! Good style improvement.Adding the trailing comma improves code consistency and follows JavaScript/TypeScript best practices for multiline parameter lists.
src/events/QuestionAnswerEvents.ts (1)
32-32: Essential syntax fix.The missing comma after the callback function would cause a syntax error. This fix ensures proper function argument separation.
tsoa.json (2)
14-18: Good addition of JWT security scheme.The JWT bearer authentication configuration properly supports the new token management features mentioned in the PR objectives. The scheme is correctly defined with HTTP bearer type and JWT format.
22-22: Good path improvement.Using
"./src/routes"instead of"src/routes"makes the path explicitly relative, which is clearer and more consistent.tsconfig.json (1)
16-20: Proper TypeScript configuration for custom types.Adding the
typeRootsconfiguration correctly enables TypeScript to locate custom type definitions in thesrc/typesdirectory alongside standard type definitions.tsconfig.eslint.json (1)
7-7: LGTM! Path mapping updated correctly.The path alias update from "afj-controller/" to "credo-controller/" aligns with the broader project renaming and maintains consistent configuration across the codebase.
bin/afj-rest.js (1)
2-9: Excellent migration to ES modules with proper error handling.The change from synchronous CommonJS
requireto asynchronous ES moduleimport()is a solid improvement that:
- Aligns with modern ES module standards
- Adds proper error handling with graceful failure
- Includes appropriate logging and exit codes
- Uses correct
.jsextension for ES modulessrc/utils/index.ts (1)
1-7: LGTM! Clean barrel export pattern.This centralizes utility imports effectively, following standard TypeScript practices for module organization.
src/errors/StatusException.ts (1)
1-8: LGTM! Standard HTTP error pattern.The
StatusExceptionclass follows best practices for custom error handling with HTTP status codes. The implementation correctly extendsErrorand adds the status property.src/utils/tsyringeTsoaIocContainer.ts (1)
6-7: Refine thegetmethod’s parameter type for stronger type safetyThe current signature uses
anyfor the controller constructor, which bypasses compile-time checks and could hide errors. Sincecontainer.resolve<T>expects a class constructor (or injection token), consider a more precise constraint:- get: <T>(controller: any): T | Promise<T> => { + get: <T>(controller: new (...args: any[]) => T): T | Promise<T> => { return container.resolve<T>(controller)This enforces that
controlleris a constructible type, restoring type-safety. If you do need to accept other token types, document that exception; otherwise please update accordingly.src/securityMiddleware.ts (1)
8-10: Authentication is enforced via TSOA @Security decorators and expressAuthentication middleware– All controllers in
src/controllers/**have@Security('jwt', [SCOPES…])decorators
– Generated routes insrc/routes/routes.tswrap each endpoint withauthenticateMiddleware, which callsexpressAuthentication(implemented insrc/authentication.ts)
– JWT scopes are validated per-route, so removing the old middleware is intentional and safeNo further action required.
.github/workflows/continuous-integration.yml (3)
5-7: LGTM: Good practice to include develop branch in CI.Adding the
developbranch to both pull request and push triggers ensures proper CI coverage for the development workflow.
11-11: LGTM: Concurrency group naming updated consistently.The rename from
afj-controllertocredo-controlleraligns with the project's naming convention updates.
16-16: LGTM: Infrastructure updates are appropriate.The upgrades to Ubuntu 24.04, Node.js v20, and actions/setup-node@v4 are reasonable maintenance updates that provide newer environments and improved tooling.
Also applies to: 22-25
src/events/WebhookEvent.ts (3)
9-12: LGTM: Timeout mechanism improves reliability.The AbortController implementation with a configurable timeout (defaulting to 5 seconds) is an excellent addition to prevent webhook requests from hanging indefinitely and potentially affecting service stability.
23-29: LGTM: Enhanced error logging improves debugging.The addition of safe event type extraction and the
abortedflag in error logging provides valuable debugging information to distinguish between timeout errors and other failures.
30-32: LGTM: Proper cleanup prevents memory leaks.The
finallyblock ensures the timeout is cleared regardless of success or failure, preventing potential memory leaks from lingering timers.src/types/request.d.ts (1)
15-27: LGTM: Clean type definitions support the new architecture.The
AgentTypeunion type and Express Request interface augmentation provide strong type safety for the new request-scoped agent pattern. This is a well-structured approach that aligns with the architectural changes mentioned in the PR.src/enums/enum.ts (1)
75-95: LGTM: Well-structured enums support the new authentication system.The new enums provide clear, type-safe constants for the JWT-based authentication and authorization system. The naming conventions are consistent and the values are descriptive.
src/utils/logger.ts (1)
92-99: Verify the impact of removing thesourceattribute from telemetry.The
sourceattribute (previouslythis.serviceName) was removed from the OpenTelemetry logger emit call. This might affect log correlation and filtering in your observability platform.Do you want me to check if the
sourceattribute is used elsewhere in the telemetry setup or if this removal was intentional?src/controllers/basic-messages/BasicMessageController.ts (1)
15-17: Security configuration looks good!The migration from API key to JWT-based authentication with proper scopes improves the security posture.
src/controllers/polygon/PolygonController.ts (8)
17-17: Security scheme successfully updated to JWT with appropriate scopes.The migration from API key to JWT-based authentication with role-specific scopes enhances security and access control.
67-76: Excellent error handling improvements.Using enum values instead of string literals and providing more descriptive error messages enhances code maintainability and user experience.
Also applies to: 84-85
48-48: Agent access pattern successfully refactored.The migration from constructor-injected agent to request-scoped agent access is implemented consistently across all methods, aligning with the broader architectural changes.
Also applies to: 54-54, 62-62, 105-105, 110-110, 119-119, 121-121, 134-134, 139-139
17-17: LGTM! Security scheme updated to JWT with proper scopes.The change from
'apiKey'to'jwt'with specific scopes[SCOPES.TENANT_AGENT, SCOPES.DEDICATED_AGENT]aligns with the broader JWT authentication refactoring and improves security through role-based access control.
48-48: LGTM! Agent access pattern updated to use request context.The refactoring to access the agent from
request.agentinstead of dependency injection is consistent with the architectural changes across the codebase. This approach enables dynamic agent selection based on the request context.Also applies to: 62-62
67-67: LGTM! Improved type safety with enum usage.Replacing the string literal
'failed'withCredentialEnum.Failedenhances type safety and maintainability.
71-71: LGTM! More descriptive error messages.The error messages have been improved to provide clearer guidance to users about the specific issues encountered.
Also applies to: 84-84
105-105: LGTM! Consistent agent access pattern in estimateTransaction method.The method has been updated to use the request-based agent access pattern, maintaining consistency with other controller methods.
Also applies to: 119-121
src/cliAgent.ts (4)
55-55: Clean refactoring of secret key generation and API key configuration.Moving
generateSecretKeyto a dedicated helper module improves code organization, and the requiredapiKeyproperty aligns with the simplified authentication model.Also applies to: 102-102
293-296: Verify the implications of enabling concurrent DIDComm message processing.The TODO comment indicates uncertainty about enabling
processDidCommMessagesConcurrently. This setting could impact system behavior, especially under load.Please verify:
- The performance impact of concurrent processing on the system
- Whether any race conditions or message ordering issues could occur
- If this is truly necessary for tenant agent connections or if it should remain configurable
127-127: Wallet scheme configuration properly implemented.The addition of configurable wallet schemes with sensible defaults enhances multi-tenancy support.
Also applies to: 215-215, 227-227, 363-363, 375-375
405-418: Secret key management successfully simplified.The removal of JWT token generation in favor of API key usage with persistent secret keys streamlines the authentication flow.
eslint.config.mjs (1)
1-93: Well-structured ESLint configuration.The new flat config format with context-aware rules for different file patterns provides comprehensive linting coverage. The configuration properly enforces coding standards while allowing appropriate exceptions for test and configuration files.
src/controllers/credentials/SchemaController.ts (2)
18-18: Controller successfully migrated to JWT security and request-scoped agent access.The security scheme and agent access pattern changes are implemented consistently with the broader architectural updates.
Also applies to: 33-33, 35-35, 63-63, 92-92
43-43: Improved error message handling.Providing a fallback error message ensures users always receive meaningful feedback when schema resolution fails.
src/controllers/types.ts (2)
39-41: Type definitions properly updated for tenant configuration and token management.The
CustomTenantConfigrename clarifies the type's purpose, and the newAgentTokeninterface supports the token management functionality.Also applies to: 50-52, 309-309
361-361: Version field types appropriately relaxed to strings.Changing from the
Versiontype tostringprovides more flexibility in version formatting while maintaining compatibility.Also applies to: 379-379
src/cli.ts (1)
1-6: LGTM! Correct ESM importsThe addition of
.jsextensions to imports is the correct approach for ESM compatibility.src/controllers/question-answer/QuestionAnswerController.ts (1)
17-117: Excellent refactoring to request-scoped agent accessThe migration from constructor-injected agent to request-scoped agent access is well implemented. This pattern properly supports multi-tenancy and aligns with the JWT-based authentication system.
src/controllers/connections/ConnectionController.ts (1)
134-147: Verify security requirements for getInvitation endpointThe
getInvitationmethod lacks a@Securitydecorator while all other endpoints are protected. Is this intentional for public invitation access?If this endpoint should be publicly accessible, consider adding a comment explaining why. If not, add the appropriate security decorator:
+ @Security('jwt', [SCOPES.TENANT_AGENT, SCOPES.DEDICATED_AGENT]) @Get('/url/:invitationId') public async getInvitation(@Request() request: Req, @Path('invitationId') invitationId: string) {src/controllers/agent/AgentController.ts (1)
20-36: LGTM!The method correctly retrieves agent information from the request context with proper JWT security.
src/controllers/endorser-transaction/EndorserTransactionController.ts (3)
58-62: Good addition for multi-tenant support!The DID import with overwrite ensures proper multi-tenant flow handling.
135-137: Good validation addition!The check ensures schema creation was successful before proceeding.
181-183: Good additions for robustness!The explicit
supportRevocation: falsesetting and credential definition ID validation improve reliability.Also applies to: 186-189
src/controllers/outofband/OutOfBandController.ts (2)
120-123: Good error handling addition!The explicit check ensures the DID creation was successful before proceeding.
271-274: Clarify or remove commented codeThe link secret creation code is commented out without explanation. If this functionality is no longer needed, remove it. Otherwise, add a comment explaining why it's disabled.
src/controllers/credentials/CredentialController.ts (1)
37-37: Well-executed refactoring to JWT-based authentication.The controller has been successfully refactored to:
- Use JWT security with appropriate scopes
- Access the agent from the request context instead of constructor injection
- Maintain consistent patterns across all methods
This aligns well with the new multi-tenancy architecture.
Also applies to: 43-46, 56-56, 64-64, 81-81, 84-84, 95-95, 97-97, 112-112, 114-114, 131-131, 132-132, 149-149, 150-150, 168-168, 170-170, 178-178, 182-182, 190-190, 199-199, 209-209, 217-217, 227-227, 230-230, 252-252, 254-254, 258-258, 275-275, 277-277, 293-293, 295-295, 309-309, 311-311
src/controllers/did/DidController.ts (2)
106-137: Good implementation of Peer DID support.The new
handleDidPeermethod is well-implemented:
- Proper input validation for keyType
- Correct use of mediation routing
- Appropriate use of
MultipleInceptionKeyWithoutDocalgorithm- Consistent with other DID method handlers
This adds valuable support for Peer DIDs to the controller.
28-28: Successful refactoring to request-scoped agent access.The controller has been properly refactored to:
- Remove constructor-based agent injection
- Access agent from request context in all methods
- Use JWT-based security with appropriate scopes
- Pass agent as parameter to all private helper methods
This maintains consistency with the new authentication architecture.
Also applies to: 30-31, 39-39, 41-42, 64-64, 75-75, 79-79, 83-83, 87-87, 91-91, 139-139, 160-160, 169-169, 181-181, 188-189, 209-210, 228-228, 233-233, 240-241, 255-255, 259-260, 279-279, 284-285, 294-294, 298-298, 325-326, 338-338, 354-354, 359-359, 372-372, 379-379, 387-387, 409-414, 433-433, 441-441, 458-458, 476-476, 478-478
...s/@credo-ts+core+0.5.15+004+commenting validationPresentation to avoid abandoned issue.patch
Show resolved
Hide resolved
Signed-off-by: Krishna Waske <[email protected]>
…agent Signed-off-by: Krishna Waske <[email protected]>
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
Signed-off-by: Krishna Waske <[email protected]>
Signed-off-by: Krishna Waske <[email protected]>
Signed-off-by: Krishna Waske <[email protected]>
Signed-off-by: Krishna Waske <[email protected]>
Signed-off-by: Krishna Waske <[email protected]>
Signed-off-by: Krishna Waske <[email protected]>
Signed-off-by: Krishna Waske <[email protected]>
|
|
The quality for sonar cloud fails due to auto-generated file |
|
@GHkrishna Also check the |
| const genericRecords = await request.agent.genericRecords.getAll() | ||
| const secretKeyInfo = genericRecords.find((record) => record?.content?.secretKey !== undefined) |
There was a problem hiding this comment.
Can we use .findAllByQuery here Instead of getting all and then finding ?
| invitationId: invitationId, | ||
| } | ||
| : {} | ||
| let outOfBandRecords = await request.agent.oob.findAllByQuery(query) |
There was a problem hiding this comment.
| let outOfBandRecords = await request.agent.oob.findAllByQuery(query) | |
| const outOfBandRecords = await request.agent.oob.findAllByQuery(query) |
| let query = threadId ? { threadId } : {} | ||
| let proofs = await request.agent.proofs.findAllByQuery(query) |
There was a problem hiding this comment.
| let query = threadId ? { threadId } : {} | |
| let proofs = await request.agent.proofs.findAllByQuery(query) | |
| const query = threadId ? { threadId } : {} | |
| const proofs = await request.agent.proofs.findAllByQuery(query) |
| @Post('/create-did/:tenantId') | ||
| public async createDid(@Body() createDidOptions: DidCreate, @Path('tenantId') tenantId: string) { | ||
| let didRes | ||
| @Post('/get-token/:tenantId') |
There was a problem hiding this comment.
When will this API be used ? and by only passing tenant id we get token ?
| try { | ||
| const fetch = (await import('node-fetch')).default |
There was a problem hiding this comment.
I think it was better to keep fetch as import as earlier
| "typeRoots": [ | ||
| "@types", | ||
| "./node_modules/@types", | ||
| "src/types" // Add your custom types directory | ||
| ] |
There was a problem hiding this comment.
Why do we need this doesn't it get added automatically ?
| @@ -24,6 +24,8 @@ | |||
| "**/__tests__/*.ts", | |||
| "**/__mocks__/*.ts", | |||
| "**/build/**", | |||
| "**/*.js", | |||
|
|
||
| let cachedKey = getFromCache('secret') | ||
|
|
||
| if (!cachedKey || cachedKey == '') { |
There was a problem hiding this comment.
| if (!cachedKey || cachedKey == '') { | |
| if (!cachedKey) { |
Will this do ?
Summary by CodeRabbit
New Features
Improvements
Bug Fixes
Chores