account-service: added graph key endpoints

[aramikm]

Problem

To be able to easily add graph keys we need endpoints which facilitates this operation.

Solution

implemented two new endpoints which

• Creates an encoded payload which is ready for signing
• Publishes a new graph key on chain
  closes applyItemActions (for graph encryption key management) #414

Screenshots (optional):

• new endpoints
  

• endpoint that prepared the payload to add a new graph key
  

• endpoint that submits the graph key creation

• worker logs
  

• blockchain submission
  

[mattheworris]

• Read through changes, looks good!
• Do we want to add tests for these endpoints?

🚢 it!

[JoeCap08055]

While I agree that this should be a GET operation, we need to be careful because the hex-encoded public key may be too long, depending on the web server configuration. We should either:

• confirm that the max hex-encoded key length will not break under any valid web server configuration, or
• change to a POST request and put the key in the request body (at least until there is more widespread support for the new HTTP QUERY method) (this is a common workaround for essentially "GET with a body" (see Refactor GET endpoints that use POST method to use new HTTP QUERY #219 )

[aramikm]

The public key is limited to 32 byes currently. We have new issues to enforce better verifications for apis and we have another issue to limit the request size so I think that would solve the server overload.

Query is nice but I don't think a lot of clients/proxies and ... support it out of the box right now.

[JoeCap08055]

I think this also should be in .pretttierignore

[aramikm]

It already is but I think this is dependent on the code generator.

[JoeCap08055]

.prettierignore

[aramikm]

It already is but I think this is dependent on the code generator.

[JoeCap08055]

.prettierignore

[aramikm]

same

[JoeCap08055]

Overall, looks pretty good. Left some comments inline. My biggest comment is for naming REST API endpoints. I've been trying to follow this approach. Going by that, perhaps the following endpoint names would be better, or something similar:

GET <path>/graphKeys/addKeyPayload/{key} // see my inline comment about this one; it may need to be a POST
// or
POST <path>/graphKeys/getAddKeyPayload
// (aware that getAddKeyPayload breaks the naming convention referenced, but it's a necessary evil because we have to use a POST operation to perform a GET in this scenario)

POST <path>/graphKeys // no need for any other specifier; the HTTP method & resource name tell us what the endpoint does

GET <path>/graphKeys/{msaId} // return list of all graph keys for MSA
GET <path>/graphKeys/{msaId}/{index} // get specific graph key from MSA's list of graph keys

[claireolmstead]

make sure to run format. this looks unformatted.

[aramikm]

This is generated every time we change anything in the api and I'm not sure if we need formatting on generated code. Open to know why that might be useful.

[claireolmstead]

Suggested change

	public handlePublishGraphKeyTxResult(event: Event): ItemizedPageUpdated {
	const graphKeyValues: Partial<ItemizedPageUpdated> = {};
	// Grab the event data
	if (event && this.api.events.statefulStorage.ItemizedPageUpdated.is(event)) {
	graphKeyValues.msaId = event.data.msaId.toString();
	graphKeyValues.schemaId = event.data.schemaId.toString();
	graphKeyValues.prevContentHash = event.data.prevContentHash.toString();
	graphKeyValues.currContentHash = event.data.currContentHash.toString();
	graphKeyValues.debugMsg = `New Graph Public Key Added for msaId: ${graphKeyValues.msaId} and schemaId: ${graphKeyValues.schemaId}`;
	}
	return graphKeyValues as ItemizedPageUpdated;
	}
	public handlePublishGraphKeyTxResult(event: Event): ItemizedPageUpdated {
	// Grab the event data
	if (event && this.api.events.statefulStorage.ItemizedPageUpdated.is(event)) {
	return {
	msaId: event.data.msaId.toString(),
	schemaId: event.data.schemaId.toString(),
	prevContentHash: event.data.prevContentHash.toString(),
	currContentHash: event.data.currContentHash.toString(),
	debugMsg: `New Graph Public Key Added for msaId: ${event.data.msaId} and schemaId: ${event.data.schemaId}`,
	};
	}
	throw new Error('Graph Key Tx Result Event invalid.');
	}

[aramikm]

I don't think we are handling the errors correctly for these events in general. Unfortunately throwing an error alone here will not solve that issue. I opened a new issue for this #500

[JoeCap08055]

might be nice to add some validationOptions in here, such as:

• prefixRequired: boolean
• minByteLen: number
• maxByteLen: number

Would make it easy to support different key algorithms in the future.

[aramikm]

I'll add this in the validation specific ticket.

As an unrelated note I think going forward we have to be more careful about adding new features and functionality in general. We have a lot of existing features that needs to be hardened and adding more would only make our life harder.

One question I usually like to think about is that how hard would it be for a future developer to change this to support that extra feature or data. If it is easy enough and the probability of this being changed in the near future is low enough. Usually keeping it simple and dumb might be preferable.

The best code is no code at all!

probably from somebody wise.