ei-nghon-phoo
commented
7 months ago Alpha comments: Participants should be able to use JWS to utilise the non-repudiation guarantees of the Mojaloop scheme.
EMS1 Beta comments: Some JWS implementation has been completed although bytewise representations of incoming messages are not passed through the processing pipeline leading to possible unintended alteration of message bodies when forwarding, thus breaking signatures. This needs addressing.
error summary
Error validating JWS error at receiver side when receiving post /quotes request call.
Sam's input
On an initial review: there seems to be quite a few discrepancies between the message sent and received. There could be many reasons for this such as: logging libraries and format used, message being parsed differently (and subsequently logged differently). The POST /quotes message in the sender and receiver seem to be very different, with focus on the message body alone: For reference, I'm copying the message from the sender service below:
{"ts":"2024-02-05T12:43:18.803Z","msg":"JWS Signing request: {\n method: 'POST',\n uri: 'https://extgw-data.dev.sanbox.wynepayhubsanbox-pre.com:443/fsp/1.0/quotes',\n headers: {\n 'content-type': 'application/vnd.interoperability.quotes+json;version=1.0',\n date: 'Mon, 05 Feb 2024 12:43:18 GMT',\n 'fspiop-source': 'wallet1',\n 'fspiop-destination': 'wallet2',\n Authorization: 'Bearer db8389d2-6f5c-33d3-95c0-a9eeea8d0fce',\n accept: 'application/vnd.interoperability.quotes+json;version=1'\n },\n body: {\n quoteId: 'fe3c2f14-0fb5-40db-8868-5271e6f67376',\n transactionId: 'e3a01935-4f1e-4ca7-a3ea-3bbda65987fd',\n amountType: 'SEND',\n amount: { currency: 'USD', amount: '100' },\n expiration: '2024-02-05T12:44:18.799Z',\n payer: { partyIdInfo: [Object], name: 'PayerFirst PayerLast' },\n payee: { partyIdInfo: [Object], personalInfo: [Object] },\n transactionType: {\n scenario: 'TRANSFER',\n subScenario: undefined,\n initiator: 'PAYER',\n initiatorType: 'CONSUMER'\n },\n note: 'test payment'\n },\here's the corresponding message from the receiver service:{"ts":"2024-02-05T12:43:21.137Z","msg":"Validating JWS","ctx":{"hostname":"wallet2-sdk-scheme-adapter-api-svc-5d48d5c5c7-xzjfz","app":"mojaloop-connector-inbound-api","component":"api","request":{"method":"POST","url":"/quotes","header":{"host":"connector.wallet2.sanboxdevk3s.dev.sanbox.wynepayhubsanbox-pre.com","ssl-client-verify":"SUCCESS","ssl-client-subject-dn":"CN=connector.wallet2.sanboxdevk3s.dev.sanbox.wynepayhubsanbox-pre.com","ssl-client-issuer-dn":"CN=wallet2.sanboxdevk3s.dev.sanbox.wynepayhubsanbox-pre.com","x-request-id":"cc8cee348bc98acb74f9ea6f46e39198","x-real-ip":"10.42.1.0","x-forwarded-for":"10.42.1.0","x-forwarded-host":"connector.wallet2.sanboxdevk3s.dev.sanbox.wynepayhubsanbox-pre.com","x-forwarded-port":"443","x-forwarded-proto":"https","x-forwarded-scheme":"https","x-scheme":"https","x-original-forwarded-for":"10.25.128.191, 10.233.82.4","content-length":"595","date":"Mon, 05 Feb 2024 12:43:18 GMT","fspiop-signature":"{\"signature\":\"3eo7OBBAVGvvABIPXs80D7UrW34IS7WQ65POd_06_vC_a-P6F03bxpbZOZooemujqYxs8Sei5S7ts6A2ucWk0IUSLt-sMKJidhIk6E-aAcrQ8SnFOtt_J2NuJ0Qco9tB0QyNYf1iKoLZ__BRlY6ItA6WOtcTpmnk-GBZKxhGPQixinCtc91n4-Wytv1SLKaTyHwmcVq4OOA-ze9DLeRV37uOxfmTsi1RNVcrGRygTf2l-F6pyEgDoGDNRDdp3N4fjfwYFhhr6LkTkWPwL4Mz1tuqqwGwniJmfsZqyEeR_FiFtdwuaygRhQxJC_kTLR6GC_yvyFcgac05bVuT2Kb5Yg\",\"protectedHeader\":\"eyJhbGciOiJSUzI1NiIsIkZTUElPUC1VUkkiOiIvcXVvdGVzIiwiRlNQSU9QLUhUVFAtTWV0aG9kIjoiUE9TVCIsIkZTUElPUC1Tb3VyY2UiOiJ3YWxsZXQxIiwiRlNQSU9QLURlc3RpbmF0aW9uIjoid2FsbGV0MiIsIkRhdGUiOiJNb24sIDA1IEZlYiAyMDI0IDEyOjQzOjE4IEdNVCJ9\"}","fspiop-http-method":"POST","fspiop-source":"wallet1","accept-encoding":"gzip, compress, deflate, br","accept":"application/vnd.interoperability.quotes+json;version=1","fspiop-destination":"wallet2","fspiop-uri":"/quotes","alg":"RS256","content-type":"application/vnd.interoperability.quotes+json;version=1.0","user-agent":"Synapse-PT-HttpComponents-NIO"}},"body":{"quoteId":"fe3c2f14-0fb5-40db-8868-5271e6f67376","transactionId":"e3a01935-4f1e-4ca7-a3ea-3bbda65987fd","payee":{"partyIdInfo":{"partyIdType":"MSISDN","partyIdentifier":"09966834795","fspId":"wallet2"},"personalInfo":{"complexName":{"firstName":"Sandi","lastName":"Soe"}}},"payer":{"partyIdInfo":{"partyIdType":"MSISDN","partyIdentifier":"09966834795","fspId":"wallet1"},"name":"PayerFirst PayerLast"},"amountType":"SEND","amount":{"currency":"USD","amount":"100"},"transactionType":{"scenario":"TRANSFER","initiator":"PAYER","initiatorType":"CONSUMER"},"expiration":"2024-02-05T12:44:18.799Z"}}}I'm noticing that certain fields are printed as just [Object], not sure if thats a logging issue / parsing issue, need to confirm this.
Also, noticing that the ordering is different of the various fields, for example when I use jsonlint on the receiver message, it has quoteId, trxId and the Payee, Payer, whereas on the other side, it has quoteId, trxId and amountType:
The encoding in terms of using quotation marks " or ' also is different from both, I wonder why that is, if both are using the same libraries etc, thats something to look into. Any one of these factors if reflected in the actual message sent and received, will cause a JWS failure because even the byte ordering matters and any change there would cause the validation to fail. The only way to have it to pass is to propagate / keep the unchanged message as it is.
Tasks