search

openwallet-foundation / acapy

Hyperledger Aries Cloud Agent Python (ACA-Py) is a foundation for building decentralized identity applications and services running in non-mobile environments.
https://wiki.hyperledger.org/display/aries
Apache License 2.0
408 stars 512 forks source link

Problems using the Universal Resolver #3195

Closed securedimensions closed 4 weeks ago

securedimensions commented 1 month ago

According to this pull request the aries cloud agent v1.0.0 startup parameter --universal-resolver is supposed to include DID resolving via https://dev.uniresolver.io.

There are two issues for me:

(1) Using the --universal-resolver https://dev.uniresolver.io as startup parameter requires to also use the startup parameter --universal-resolver-regex. Otherwise, the agent won't start:

2024-08-25 16:06:31,818 aries_cloudagent.commands.start ERROR Exception during startup:
Traceback (most recent call last):
  File "/usr/src/app/aries_cloudagent/commands/start.py", line 72, in init
    await startup
  File "/usr/src/app/aries_cloudagent/commands/start.py", line 28, in start_app
    await conductor.setup()
  File "/usr/src/app/aries_cloudagent/core/conductor.py", line 128, in setup
    context = await self.context_builder.build_context()
              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/app/aries_cloudagent/config/default_context.py", line 78, in build_context
    await self.load_plugins(context)
  File "/usr/src/app/aries_cloudagent/config/default_context.py", line 181, in load_plugins
    await plugin_registry.init_context(context)
  File "/usr/src/app/aries_cloudagent/core/plugin_registry.py", line 207, in init_context
    await plugin.setup(context)
  File "/usr/src/app/aries_cloudagent/resolver/__init__.py", line 56, in setup
    await universal_resolver.setup(context)
  File "/usr/src/app/aries_cloudagent/resolver/default/universal.py", line 66, in setup
    supported_did_regex = await self._get_supported_did_regex()
                          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/app/aries_cloudagent/resolver/default/universal.py", line 114, in _get_supported_did_regex
    props = await self._fetch_resolver_props()
            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/app/aries_cloudagent/resolver/default/universal.py", line 109, in _fetch_resolver_props
    raise ResolverError(
aries_cloudagent.resolver.base.ResolverError: Failed to retrieve resolver properties: <html>
<head><title>404 Not Found</title></head>
<body>
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.25.4</center>
</body>
</html>

(2) When starting the aries cloud agent 1.0.0 with --universal-resolver --universal-resolver-regex did:web:.* does start the agent but there seem to be no attempt to actually resolve DIDs via the Universal Resolver. The attempt to issue a W3C VC via OpenAPI page fails with the following error:

{
  "message": "Unknown DID: did:web:emc.spacebel.be:organisations:dlr"
}

However, the direct use of https://dev.uniresolver.io/ resolves the DID as follows:

did:web:emc.spacebel.be:organisations:dlr#z6MkwQSWK8dfis9Kp9kWUb4g2pG5iaab92PafzbgL2nN1TS1
{"kty":"OKP","crv":"Ed25519","x":"-93DZ8xtjHPn9VV4eohyXjgE0OWGnQcoJB6y8DEMB4I"}

This is the actual request to issue the W3C VC:

curl -X 'POST' \
  'http://.../vc/credentials/issue' \
  -H 'accept: application/json' \
  -H 'X-API-KEY: ...' \
  -H 'Content-Type: application/json' \
  -d '{
  "credential": {
   "@context": [
      "https://www.w3.org/2018/credentials/v1",
      {
         "data": "iana:enclosure",
         "title": "dct:title",
         "href": "@id",
         "iana": "http://www.iana.org/assignments/relation/",
         "dct": "http://purl.org/dc/terms/",
         "gj": "https://purl.org/geojson/vocab#",
         "owc": "http://www.opengis.net/ont/owc/1.0/",
         "bbox": {
            "@container": "@list",
            "@id": "gj:bbox"
         },
         "links": "@nest"
      }
   ],
   "id": "did:web:emc.spacebel.be:collections:TropForest:items:KO2_OTPF_KO2_MSC_2F_20091107T041750_20091107T041750_017498_E082_N028",
   "type": [
      "VerifiableCredential"
   ],
   "credentialSubject": {
      "id": "did:web:emc.spacebel.be:collections:TropForest:items:KO2_OTPF_KO2_MSC_2F_20091107T041750_20091107T041750_017498_E082_N028",
      "bbox": [
         81.91450641,
         27.91026471,
         82.10769379,
         28.08365828
      ],
      "links": {
         "data": [
            {
               "href": "https://tpm-ds.eo.esa.int/oads/data/Tropforest/KO2_OTPF_KO2_MSC_2F_20091107T041750_20091107T041750_017498_E082_N028.ZIP",
               "title": "Download"
            }
         ]
      }
   },
   "issuer": "did:web:emc.spacebel.be:organisations:dlr",
   "issuanceDate": "2020-08-19T21:41:50Z",
   "proof": {
      "type": "Ed25519Signature2018",
      "proofPurpose": "assertionMethod",
      "verificationMethod": "did:web:emc.spacebel.be:organisations:dlr#z6MkwQSWK8dfis9Kp9kWUb4g2pG5iaab92PafzbgL2nN1TS1"
   }
}
}'

What do I do wrong? Any help is much appreciated...

rngadam commented 1 month ago

Have you tried specifying the version of the universal resolver?

https://dev.uniresolver.io/1.0

securedimensions commented 1 month ago

No I have not. Thanks for the hint! Will try when back in the office after Sep 9th…Sent from the roadAm 28.08.2024 um 09:08 schrieb Ricky Ng-Adam @.***>: Have you tried specifying the version of the universal resolver? https://dev.uniresolver.io/1.0

—Reply to this email directly, view it on GitHub, or unsubscribe.You are receiving this because you authored the thread.Message ID: @.***>

securedimensions commented 4 weeks ago

Apologies, my fault! I should have tried dev.uniresolver.io before creating an issue. The DID did:web:emc.spacebel.be:organisations:dlr is simply not resolvable.

I've tried with another resolvable DID and it shows that either option to start the agent is vaild and identical: