@@ -5,19 +5,20 @@ import (
5
5
"crypto/ed25519"
6
6
"crypto/md5"
7
7
"encoding/hex"
8
+ "encoding/json"
8
9
"fmt"
9
10
"io"
11
+ "net/http"
12
+ "time"
10
13
11
14
sr25519 "github.com/ChainSafe/go-schnorrkel"
12
15
"github.com/gtank/merlin"
13
16
"github.com/pkg/errors"
14
17
"github.com/rs/zerolog/log"
15
18
)
16
19
17
- var (
18
- // ErrWorkloadNotFound error
19
- ErrWorkloadNotFound = fmt .Errorf ("workload not found" )
20
- )
20
+ // ErrWorkloadNotFound error
21
+ var ErrWorkloadNotFound = fmt .Errorf ("workload not found" )
21
22
22
23
const (
23
24
SignatureTypeEd25519 = "ed25519"
@@ -32,8 +33,10 @@ type Verifier interface {
32
33
Verify (msg []byte , sig []byte ) bool
33
34
}
34
35
35
- type Ed25519VerifyingKey []byte
36
- type Sr25519VerifyingKey []byte
36
+ type (
37
+ Ed25519VerifyingKey []byte
38
+ Sr25519VerifyingKey []byte
39
+ )
37
40
38
41
func (k Ed25519VerifyingKey ) Verify (msg []byte , sig []byte ) bool {
39
42
return ed25519 .Verify ([]byte (k ), msg , sig )
@@ -385,6 +388,11 @@ func (d *Deployment) Sign(twin uint32, sk Signer) error {
385
388
// Verify verifies user signatures is mainly used by the node
386
389
// to verify that all attached signatures are valid.
387
390
func (d * Deployment ) Verify (getter KeyGetter ) error {
391
+ // make sure the account used is verified
392
+ if getTwinVerificationState (d .TwinID ) != "VERIFIED" {
393
+ return fmt .Errorf ("user is not verified" )
394
+ }
395
+
388
396
message , err := d .ChallengeHash ()
389
397
if err != nil {
390
398
return err
@@ -617,7 +625,6 @@ func (d *Deployment) Upgrade(n *Deployment) ([]UpgradeOp, error) {
617
625
wl ,
618
626
OpUpdate ,
619
627
})
620
-
621
628
}
622
629
// other wise. we leave it untouched
623
630
}
@@ -665,3 +672,46 @@ func (o JobOperation) String() string {
665
672
return "unknown"
666
673
}
667
674
}
675
+
676
+ // getTwinVerificationState make sure the account used is verified we have the user public key in bytes(pkBytes)
677
+ func getTwinVerificationState (twinID uint32 ) (status string ) {
678
+ verificationServiceURL := "https://kyc1.gent01.dev.grid.tf/api/v1/status"
679
+ status = "FAILED"
680
+
681
+ request , err := http .NewRequest (http .MethodGet , verificationServiceURL , nil )
682
+ if err != nil {
683
+ return
684
+ }
685
+
686
+ q := request .URL .Query ()
687
+ q .Set ("twinID" , fmt .Sprint (twinID ))
688
+ request .URL .RawQuery = q .Encode ()
689
+
690
+ cl := & http.Client {
691
+ Timeout : 10 * time .Second ,
692
+ }
693
+
694
+ response , err := cl .Do (request )
695
+ if err != nil {
696
+ return
697
+ }
698
+ defer response .Body .Close ()
699
+
700
+ body , err := io .ReadAll (response .Body )
701
+ if err != nil {
702
+ return
703
+ }
704
+
705
+ bodyMap := map [string ]string {}
706
+ err = json .Unmarshal (body , & bodyMap )
707
+ if err != nil {
708
+ return
709
+ }
710
+
711
+ if response .StatusCode != http .StatusOK {
712
+ log .Error ().Msgf ("failed to verify user status: %s" , bodyMap ["error" ])
713
+ return
714
+ }
715
+
716
+ return bodyMap ["status" ]
717
+ }
0 commit comments