Change signature of witnessed_by and delegating_from for custom hashers

ucan-wg · May 26, 2023 · 204c41b · 204c41b
1 parent b3cd436
commit 204c41b
Show file tree

Hide file tree

Showing 5 changed files with 25 additions and 35 deletions.
diff --git a/ucan/src/builder.rs b/ucan/src/builder.rs
@@ -112,8 +112,6 @@ where
     facts: Vec<Value>,
     proofs: Vec<String>,
     add_nonce: bool,
-
-    hasher: Code,
 }
 
 impl<'a, K> Default for UcanBuilder<'a, K>
@@ -142,8 +140,6 @@ where
             facts: Vec::new(),
             proofs: Vec::new(),
             add_nonce: false,
-
-            hasher: UcanBuilder::<K>::default_hasher(),
         }
     }
 }
@@ -207,8 +203,10 @@ where
     /// Includes a UCAN in the list of proofs for the UCAN to be built.
     /// Note that the proof's audience must match this UCAN's issuer
     /// or else the proof chain will be invalidated!
-    pub fn witnessed_by(mut self, authority: &Ucan) -> Self {
-        match authority.to_cid(self.hasher) {
+    /// The proof is encoded into a [Cid], hashed via the [UcanBuilder::default_hasher()]
+    /// algorithm, unless one is provided.
+    pub fn witnessed_by(mut self, authority: &Ucan, hasher: Option<Code>) -> Self {
+        match authority.to_cid(hasher.unwrap_or_else(|| UcanBuilder::<K>::default_hasher())) {
             Ok(proof) => self.proofs.push(proof.to_string()),
             Err(error) => warn!("Failed to add authority to proofs: {}", error),
         }
@@ -228,9 +226,11 @@ where
     }
 
     /// Delegate all capabilities from a given proof to the audience of the UCAN
-    /// you're building
-    pub fn delegating_from(mut self, authority: &Ucan) -> Self {
-        match authority.to_cid(self.hasher) {
+    /// you're building.
+    /// The proof is encoded into a [Cid], hashed via the [UcanBuilder::default_hasher()]
+    /// algorithm, unless one is provided.
+    pub fn delegating_from(mut self, authority: &Ucan, hasher: Option<Code>) -> Self {
+        match authority.to_cid(hasher.unwrap_or_else(|| UcanBuilder::<K>::default_hasher())) {
             Ok(proof) => {
                 self.proofs.push(proof.to_string());
                 let proof_index = self.proofs.len() - 1;
@@ -251,14 +251,6 @@ where
         self
     }
 
-    /// When encoding proofs as a [Cid], use `hasher`. Must be called before
-    /// methods that utilize the encoding, e.g. `delegating_from()` and
-    /// `witnessed_by()`. Uses `UcanBuilder::default_hasher()` by default.
-    pub fn with_hasher(mut self, hasher: Code) -> Self {
-        self.hasher = hasher;
-        self
-    }
-
     /// Returns the default hasher ([Code::Blake3_256]) used for [Cid] encodings.
     pub fn default_hasher() -> Code {
         Code::Blake3_256

diff --git a/ucan/src/tests/attenuation.rs b/ucan/src/tests/attenuation.rs
@@ -40,7 +40,7 @@ pub async fn it_works_with_a_simple_example() {
         .issued_by(&identities.bob_key)
         .for_audience(identities.mallory_did.as_str())
         .with_lifetime(50)
-        .witnessed_by(&leaf_ucan)
+        .witnessed_by(&leaf_ucan, None)
         .claiming_capability(&send_email_as_alice)
         .build()
         .unwrap()
@@ -99,7 +99,7 @@ pub async fn it_reports_the_first_issuer_in_the_chain_as_originator() {
         .issued_by(&identities.bob_key)
         .for_audience(identities.mallory_did.as_str())
         .with_lifetime(50)
-        .witnessed_by(&leaf_ucan)
+        .witnessed_by(&leaf_ucan, None)
         .claiming_capability(&send_email_as_bob)
         .build()
         .unwrap()
@@ -172,8 +172,8 @@ pub async fn it_finds_the_right_proof_chain_for_the_originator() {
         .issued_by(&identities.mallory_key)
         .for_audience(identities.alice_did.as_str())
         .with_lifetime(50)
-        .witnessed_by(&leaf_ucan_alice)
-        .witnessed_by(&leaf_ucan_bob)
+        .witnessed_by(&leaf_ucan_alice, None)
+        .witnessed_by(&leaf_ucan_bob, None)
         .claiming_capability(&send_email_as_alice)
         .claiming_capability(&send_email_as_bob)
         .build()
@@ -262,8 +262,8 @@ pub async fn it_reports_all_chain_options() {
         .issued_by(&identities.mallory_key)
         .for_audience(identities.alice_did.as_str())
         .with_lifetime(50)
-        .witnessed_by(&leaf_ucan_alice)
-        .witnessed_by(&leaf_ucan_bob)
+        .witnessed_by(&leaf_ucan_alice, None)
+        .witnessed_by(&leaf_ucan_bob, None)
         .claiming_capability(&send_email_as_alice)
         .build()
         .unwrap()

diff --git a/ucan/src/tests/builder.rs b/ucan/src/tests/builder.rs
@@ -127,7 +127,7 @@ async fn it_prevents_duplicate_proofs() {
         .issued_by(&identities.bob_key)
         .for_audience(identities.mallory_did.as_str())
         .with_lifetime(30)
-        .witnessed_by(&ucan)
+        .witnessed_by(&ucan, None)
         .claiming_capability(&attenuated_cap_1)
         .claiming_capability(&attenuated_cap_2)
         .build()
@@ -152,7 +152,6 @@ pub async fn it_can_use_custom_hasher() {
     let mut did_parser = DidParser::new(SUPPORTED_KEYS);
 
     let leaf_ucan = UcanBuilder::default()
-        .with_hasher(Code::Blake2b256)
         .issued_by(&identities.alice_key)
         .for_audience(identities.bob_did.as_str())
         .with_lifetime(60)
@@ -163,12 +162,11 @@ pub async fn it_can_use_custom_hasher() {
         .unwrap();
 
     let delegated_token = UcanBuilder::default()
-        .with_hasher(Code::Blake2b256)
         .issued_by(&identities.alice_key)
         .issued_by(&identities.bob_key)
         .for_audience(identities.mallory_did.as_str())
         .with_lifetime(50)
-        .witnessed_by(&leaf_ucan)
+        .witnessed_by(&leaf_ucan, Some(Code::Blake2b256))
         .build()
         .unwrap()
         .sign()

diff --git a/ucan/src/tests/chain.rs b/ucan/src/tests/chain.rs
@@ -33,7 +33,7 @@ pub async fn it_decodes_deep_ucan_chains() {
         .issued_by(&identities.bob_key)
         .for_audience(identities.mallory_did.as_str())
         .with_lifetime(50)
-        .witnessed_by(&leaf_ucan)
+        .witnessed_by(&leaf_ucan, None)
         .build()
         .unwrap()
         .sign()
@@ -80,7 +80,7 @@ pub async fn it_fails_with_incorrect_chaining() {
         .issued_by(&identities.alice_key)
         .for_audience(identities.mallory_did.as_str())
         .with_lifetime(50)
-        .witnessed_by(&leaf_ucan)
+        .witnessed_by(&leaf_ucan, None)
         .build()
         .unwrap()
         .sign()
@@ -122,7 +122,7 @@ pub async fn it_can_be_instantiated_by_cid() {
         .issued_by(&identities.bob_key)
         .for_audience(identities.mallory_did.as_str())
         .with_lifetime(50)
-        .witnessed_by(&leaf_ucan)
+        .witnessed_by(&leaf_ucan, None)
         .build()
         .unwrap()
         .sign()
@@ -181,8 +181,8 @@ pub async fn it_can_handle_multiple_leaves() {
         .issued_by(&identities.bob_key)
         .for_audience(identities.alice_did.as_str())
         .with_lifetime(50)
-        .witnessed_by(&leaf_ucan_1)
-        .witnessed_by(&leaf_ucan_2)
+        .witnessed_by(&leaf_ucan_1, None)
+        .witnessed_by(&leaf_ucan_2, None)
         .build()
         .unwrap()
         .sign()
@@ -226,7 +226,7 @@ pub async fn it_can_use_a_custom_timestamp_to_validate_a_ucan() {
         .issued_by(&identities.bob_key)
         .for_audience(identities.mallory_did.as_str())
         .with_lifetime(50)
-        .witnessed_by(&leaf_ucan)
+        .witnessed_by(&leaf_ucan, None)
         .build()
         .unwrap()
         .sign()

diff --git a/ucan/src/tests/helpers.rs b/ucan/src/tests/helpers.rs
@@ -47,8 +47,8 @@ pub async fn scaffold_ucan_builder(identities: &Identities) -> Result<UcanBuilde
         .issued_by(&identities.mallory_key)
         .for_audience(identities.alice_did.as_str())
         .with_expiration(1664232146010)
-        .witnessed_by(&leaf_ucan_alice)
-        .witnessed_by(&leaf_ucan_bob)
+        .witnessed_by(&leaf_ucan_alice, None)
+        .witnessed_by(&leaf_ucan_bob, None)
         .claiming_capability(&send_email_as_alice)
         .claiming_capability(&send_email_as_bob);