From 053c2735cd491d490040815910392b840ff82e2e Mon Sep 17 00:00:00 2001
From: peppelinux <giuseppe.demarco@unical.it>
Date: Wed, 9 Mar 2022 12:05:48 +0100
Subject: [PATCH 1/2] fix: resolve statement endpoint and trust chain on
 missing final metadata

---
 spid_cie_oidc/authority/views.py              | 46 ++++++++++++++-----
 spid_cie_oidc/entity/exceptions.py            |  4 ++
 .../entity/trust_chain_operations.py          | 10 +++-
 3 files changed, 46 insertions(+), 14 deletions(-)

diff --git a/spid_cie_oidc/authority/views.py b/spid_cie_oidc/authority/views.py
index 10993580..749b418d 100644
--- a/spid_cie_oidc/authority/views.py
+++ b/spid_cie_oidc/authority/views.py
@@ -12,6 +12,10 @@
 from spid_cie_oidc.entity.settings import HTTPC_PARAMS
 from spid_cie_oidc.entity.trust_chain_operations import get_or_create_trust_chain
 
+import logging
+
+logger = logging.getLogger(__name__)
+
 
 def fetch(request):
     if request.GET.get("iss"):
@@ -80,24 +84,42 @@ def resolve_entity_statement(request, format: str = "jose"):
     else:
         iss = get_first_self_trust_anchor()
 
-    _q = dict(sub=request.GET["sub"], trust_anchor__sub=request.GET["anchor"])
-    if request.GET.get("type", None):
-        _q["type"] = request.GET["type"]
+    _q = dict(
+        sub=request.GET["sub"], 
+        trust_anchor__sub=request.GET["anchor"],
+        is_active=True
+    )
+    entity = TrustChain.objects.filter(**_q)
 
-    entity = TrustChain.objects.filter(**_q).first()
-    if entity and not entity.is_active:
+    if not entity:
         raise Http404("entity not found.")
-    else:
-        get_or_create_trust_chain(
+    elif entity and request.GET.get("type", None):
+        _q["type"] = request.GET["type"]
+        typed_entity = entity.filter(type=request.GET["type"]).first()
+        if not typed_entity:
+            logger.warning(
+                f'Resolve statement endpoint not found for {request.GET["sub"]} '
+                f'with metadata_type {request.GET["type"]}.'
+            )
+            raise Http404("entity metadata type not found.")
+        else:
+            entity = typed_entity
+    
+    try:
+        tc_data = dict(
             httpc_params=HTTPC_PARAMS,
             # TODO
             # required_trust_marks = [],
             subject=_q["sub"],
-            trust_anchor=_q["trust_anchor__sub"],
+            trust_anchor=_q["trust_anchor__sub"]
+        )
+        if _q.get('type', None):
+            tc_data["metadata_type"] = _q['type']
+        entity = get_or_create_trust_chain(**tc_data)
+    except Exception as e:
+        logger.error(
+            f"Failed Trust Chain on resolve statement endpoint: {e}"
         )
-        entity = TrustChain.objects.filter(**_q).first()
-
-    if not entity:
         raise Http404("entity not found.")
 
     res = {
@@ -106,7 +128,7 @@ def resolve_entity_statement(request, format: str = "jose"):
         # "aud": [],
         "iat": entity.iat_as_timestamp,
         "exp": entity.exp_as_timestamp,
-        "trust_marks": [],
+        "trust_marks": entity.trust_marks,
         "metadata": entity.metadata,
     }
 
diff --git a/spid_cie_oidc/entity/exceptions.py b/spid_cie_oidc/entity/exceptions.py
index 18f3b98e..1ad20a5b 100644
--- a/spid_cie_oidc/entity/exceptions.py
+++ b/spid_cie_oidc/entity/exceptions.py
@@ -45,5 +45,9 @@ class InvalidTrustchain(ValidationError):
     pass
 
 
+class TrustchainMissingMetadata(ValidationError):
+    pass
+
+
 class InvalidEntityConfiguration(ValidationError):
     pass
diff --git a/spid_cie_oidc/entity/trust_chain_operations.py b/spid_cie_oidc/entity/trust_chain_operations.py
index 2f1cb99e..fda57c18 100644
--- a/spid_cie_oidc/entity/trust_chain_operations.py
+++ b/spid_cie_oidc/entity/trust_chain_operations.py
@@ -2,7 +2,7 @@
 
 from typing import Union
 
-from .exceptions import InvalidTrustchain
+from .exceptions import InvalidTrustchain, TrustchainMissingMetadata
 from .models import FetchedEntityStatement, TrustChain
 from .statements import EntityConfiguration, get_entity_configurations
 from .settings import HTTPC_PARAMS
@@ -161,13 +161,19 @@ def get_or_create_trust_chain(
             subject=subject,
             trust_anchor=ta_conf,
             required_trust_marks=required_trust_marks,
-            metadata_type=metadata_type,
+            metadata_type=metadata_type
         )
         if not trust_chain or not trust_chain.is_valid:
             raise InvalidTrustchain(
                 f"Trust chain for subject {subject} and "
                 f"trust_anchor {trust_anchor} is not valid"
             )
+        elif not trust_chain.final_metadata:
+            raise TrustchainMissingMetadata(
+                f"Trust chain for subject {subject} and "
+                f"trust_anchor {trust_anchor} doesn't have any "
+                f"metadata of type '{metadata_type}'"
+            )
         dumps_statements_from_trust_chain_to_db(trust_chain)
 
         tc = TrustChain.objects.filter(

From e1d8f5cace9924e29c52d6ce93ad994cedcad1e8 Mon Sep 17 00:00:00 2001
From: peppelinux <giuseppe.demarco@unical.it>
Date: Wed, 9 Mar 2022 12:06:35 +0100
Subject: [PATCH 2/2] v0.4.4

---
 spid_cie_oidc/__init__.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/spid_cie_oidc/__init__.py b/spid_cie_oidc/__init__.py
index f6b7e267..cd1ee63b 100644
--- a/spid_cie_oidc/__init__.py
+++ b/spid_cie_oidc/__init__.py
@@ -1 +1 @@
-__version__ = "0.4.3"
+__version__ = "0.4.4"