feat: dns resolver option (#293)

Open-Attestation · Jul 18, 2024 · 518e696 · 518e696
1 parent f72bd51
commit 518e696
Show file tree

Hide file tree

Showing 7 changed files with 52 additions and 33 deletions.
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -29,7 +29,7 @@
   "author": "",
   "license": "Apache-2.0",
   "dependencies": {
-    "@govtechsg/dnsprove": "^2.6.2",
+    "@govtechsg/dnsprove": "^2.8.0",
     "@govtechsg/open-attestation": "^6.9.0",
     "axios": "^1.6.2",
     "debug": "^4.3.1",

diff --git a/src/common/utils.ts b/src/common/utils.ts
@@ -40,7 +40,7 @@ export const getDefaultProvider = (options: VerificationBuilderOptionsWithNetwor
 
 // getProvider is a function to get an existing provider or to get a Default provider, when given the options
 export const getProvider = (options: VerificationBuilderOptions): providers.Provider => {
-  return options.provider ?? getDefaultProvider(options);
+  return options.provider ?? getDefaultProvider(options as VerificationBuilderOptionsWithNetwork);
 };
 
 /**

diff --git a/src/types/core.ts b/src/types/core.ts
@@ -1,4 +1,5 @@
 import { SignedWrappedDocument, v2, v3, WrappedDocument } from "@govtechsg/open-attestation";
+import type { CustomDnsResolver } from "@govtechsg/dnsprove";
 import { Resolver } from "did-resolver";
 import { providers } from "ethers";
 import { Reason } from "./error";
@@ -8,23 +9,36 @@ import { Reason } from "./error";
  */
 export type PromiseCallback = (promises: Promise<VerificationFragment>[]) => void;
 
-export interface VerificationBuilderOptionsWithProvider {
+export type CustomDnsResolverOption = {
+  dnsResolvers?: CustomDnsResolver[];
+};
+
+export type VerificationBuilderOptionsWithProvider = {
   provider: providers.Provider;
   resolver?: Resolver;
-}
+} & CustomDnsResolverOption;
 
-export interface VerificationBuilderOptionsWithNetwork {
+export type VerificationBuilderOptionsWithNetwork = {
   network: string;
   resolver?: Resolver;
   provider?: never;
-}
+} & CustomDnsResolverOption;
 
-export type VerificationBuilderOptions = VerificationBuilderOptionsWithProvider | VerificationBuilderOptionsWithNetwork;
+export type VerificationBuilderOptionsDnsDid = {
+  resolver?: Resolver;
+  network?: never;
+  provider?: never;
+} & CustomDnsResolverOption;
+
+export type VerificationBuilderOptions =
+  | VerificationBuilderOptionsWithProvider
+  | VerificationBuilderOptionsWithNetwork
+  | VerificationBuilderOptionsDnsDid;
 
-export interface VerifierOptions {
+export type VerifierOptions = {
   provider: providers.Provider;
   resolver?: Resolver;
-}
+} & CustomDnsResolverOption;
 
 /**
  * A verification fragment is the result of a verification

diff --git a/src/verifiers/issuerIdentity/dnsDid/dnsDidProof.ts b/src/verifiers/issuerIdentity/dnsDid/dnsDidProof.ts
@@ -1,6 +1,6 @@
 import { getData, utils, v2, v3 } from "@govtechsg/open-attestation";
-import { getDnsDidRecords } from "@govtechsg/dnsprove";
-import { VerificationFragmentType, Verifier } from "../../../types/core";
+import { CustomDnsResolver, getDnsDidRecords } from "@govtechsg/dnsprove";
+import { VerificationFragmentType, Verifier, VerifierOptions } from "../../../types/core";
 import { OpenAttestationDnsDidCode } from "../../../types/error";
 import { withCodedErrorHandler } from "../../../common/errorHandler";
 import { CodedError } from "../../../common/error";
@@ -41,11 +41,13 @@ const test: VerifierType["test"] = (document) => {
 const verifyIssuerDnsDid = async ({
   key,
   location,
+  dnsResolvers,
 }: {
   key: string;
   location: string;
+  dnsResolvers?: CustomDnsResolver[];
 }): Promise<DnsDidVerificationStatus> => {
-  const records = await getDnsDidRecords(location);
+  const records = await getDnsDidRecords(location, dnsResolvers);
   return {
     location,
     key,
@@ -54,7 +56,8 @@ const verifyIssuerDnsDid = async ({
 };
 
 const verifyV2 = async (
-  document: v2.SignedWrappedDocument
+  document: v2.SignedWrappedDocument,
+  options?: VerifierOptions
 ): Promise<OpenAttestationDnsDidIdentityProofVerificationFragment> => {
   const documentData = getData(document);
   const deferredVerificationStatus: Promise<DnsDidVerificationStatus>[] = documentData.issuers.map((issuer) => {
@@ -84,7 +87,7 @@ const verifyV2 = async (
         OpenAttestationDnsDidCode.MALFORMED_IDENTITY_PROOF,
         OpenAttestationDnsDidCode[OpenAttestationDnsDidCode.MALFORMED_IDENTITY_PROOF]
       );
-    return verifyIssuerDnsDid({ key, location });
+    return verifyIssuerDnsDid({ key, location, dnsResolvers: options?.dnsResolvers });
   });
   const verificationStatus = await Promise.all(deferredVerificationStatus);
 
@@ -111,7 +114,8 @@ const verifyV2 = async (
 };
 
 const verifyV3 = async (
-  document: v3.SignedWrappedDocument
+  document: v3.SignedWrappedDocument,
+  options?: VerifierOptions
 ): Promise<OpenAttestationDnsDidIdentityProofVerificationFragment> => {
   if (!utils.isSignedWrappedV3Document(document))
     throw new CodedError(
@@ -121,7 +125,7 @@ const verifyV3 = async (
     );
   const location = document.openAttestationMetadata.identityProof.identifier;
   const { key } = document.proof;
-  const verificationStatus = await verifyIssuerDnsDid({ key, location });
+  const verificationStatus = await verifyIssuerDnsDid({ key, location, dnsResolvers: options?.dnsResolvers });
 
   if (ValidDnsDidVerificationStatus.guard(verificationStatus)) {
     return {
@@ -144,9 +148,9 @@ const verifyV3 = async (
   };
 };
 
-const verify: VerifierType["verify"] = async (document) => {
-  if (utils.isSignedWrappedV2Document(document)) return verifyV2(document);
-  else if (utils.isSignedWrappedV3Document(document)) return verifyV3(document);
+const verify: VerifierType["verify"] = async (document, options) => {
+  if (utils.isSignedWrappedV2Document(document)) return verifyV2(document, options);
+  else if (utils.isSignedWrappedV3Document(document)) return verifyV3(document, options);
   throw new CodedError(
     "Document does not match either v2 or v3 formats. Consider using `utils.diagnose` from open-attestation to find out more.",
     OpenAttestationDnsDidCode.UNRECOGNIZED_DOCUMENT,

diff --git a/src/verifiers/issuerIdentity/dnsTxt/openAttestationDnsTxt.ts b/src/verifiers/issuerIdentity/dnsTxt/openAttestationDnsTxt.ts
@@ -28,7 +28,7 @@ const resolveIssuerIdentity = async (
   options: VerifierOptions
 ): Promise<DnsTxtVerificationStatus> => {
   const network = await options.provider.getNetwork();
-  const records = await getDocumentStoreRecords(location);
+  const records = await getDocumentStoreRecords(location, options.dnsResolvers);
   const matchingRecord = records.find(
     (record) =>
       record.addr.toLowerCase() === smartContractAddress.toLowerCase() &&

diff --git a/src/verifiers/verificationBuilder.ts b/src/verifiers/verificationBuilder.ts
@@ -32,6 +32,7 @@ export const verificationBuilder =
     const verifierOptions: VerifierOptions = {
       provider: getProvider(builderOptions),
       resolver: builderOptions.resolver,
+      dnsResolvers: builderOptions.dnsResolvers,
     };
     const promises = verifiers.map((verifier) => {
       if (verifier.test(document, verifierOptions)) {