You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Now, even though the jsonld url is valid, it might occur that this url (https://www.w3.org/2018/credentials/v1) is not resolvable due to some networking issues.
When that happens, we observe the following stack trace:
...
File "/home/aries/.local/lib/python3.9/site-packages/aries_cloudagent/messaging/jsonld/routes.py", line 158, in verify
valid = await verify_credential(session, doc, verkey)
File "/home/aries/.local/lib/python3.9/site-packages/aries_cloudagent/messaging/jsonld/credential.py", line 103, in verify_credential
framed, verify_data_hex_string = create_verify_data(
File "/home/aries/.local/lib/python3.9/site-packages/aries_cloudagent/messaging/jsonld/create_verify_data.py", line 70, in create_verify_data
[expanded] = jsonld.expand(
File "/home/aries/.local/lib/python3.9/site-packages/pyld/jsonld.py", line 163, in expand
returnJsonLdProcessor().expand(input_, options)
File "/home/aries/.local/lib/python3.9/site-packages/pyld/jsonld.py", line 870, in expand
expanded = self._expand(active_ctx, None, document, options,
File "/home/aries/.local/lib/python3.9/site-packages/pyld/jsonld.py", line 2302, in _expand
active_ctx = self._process_context(
File "/home/aries/.local/lib/python3.9/site-packages/pyld/jsonld.py", line 3049, in _process_context
resolved = options['contextResolver'].resolve(active_ctx, local_ctx, options.get('base', ''))
File "/home/aries/.local/lib/python3.9/site-packages/pyld/context_resolver.py", line 58, in resolve
resolved = self._resolve_remote_context(
File "/home/aries/.local/lib/python3.9/site-packages/pyld/context_resolver.py", line 108, in _resolve_remote_context
context, remote_doc = self._fetch_context(active_ctx, url, cycles)
File "/home/aries/.local/lib/python3.9/site-packages/pyld/context_resolver.py", line 148, in _fetch_context
raise jsonld.JsonLdError(
pyld.jsonld.JsonLdError: ('Dereferencing a URL did not result in a valid JSON-LD object. Possible causes are an inaccessible URL perhaps due to a same-origin policy (ensure the server uses CORS if you are using client-side JavaScript), too many redirects, a non-JSON response, or more than one HTTP Link Header was provided for a remote context.',)
Type: jsonld.InvalidUrl
Code: loading remote context failed
Details: {'url': 'https://www.w3.org/2018/credentials/v1', 'cause': JsonLdError('Could not retrieve a JSON-LD document from the URL.')}
As you can see, a pyld.jsonld.JsonLdError was raised when trying to read the data, with message "Could not retrieve a JSON-LD document from the URL.".
However, the error goes unhandled in ACA-Py, and is reported to the client as a 500: Internal Server Error:
A ClientResponseError was caught while verifying jsonld. The error message is: 'Internal Server Error'.
It would be very helpful if the URL resolution error was instead passed back to the user, so it can be handled appropriately.
The text was updated successfully, but these errors were encountered:
From the discussions I’ve heard in the JSON-LD community, a verifier should not even be resolving the URL at runtime — for security reasons, it should be cached at build time.
Do we instead need a way to do that, and not resolve anything at this time? Or at least, limit the resolution to locally cached URLs?
When calling the verify method in the jsonld API, we might want to sign a doc that looks as follows:
Now, even though the jsonld url is valid, it might occur that this url (https://www.w3.org/2018/credentials/v1) is not resolvable due to some networking issues.
When that happens, we observe the following stack trace:
As you can see, a
pyld.jsonld.JsonLdError
was raised when trying to read the data, with message "Could not retrieve a JSON-LD document from the URL.".However, the error goes unhandled in ACA-Py, and is reported to the client as a 500: Internal Server Error:
It would be very helpful if the URL resolution error was instead passed back to the user, so it can be handled appropriately.
The text was updated successfully, but these errors were encountered: