feat: FTL-17182 enable verification and consent logging in iota by de…

…fault (#424)
affinidi · Oct 21, 2024 · 42bd321 · 42bd321
1 parent fbdb43e
commit 42bd321
Show file tree

Hide file tree

Showing 5 changed files with 41 additions and 16 deletions.
diff --git a/docs/iota.md b/docs/iota.md
@@ -35,8 +35,8 @@ FLAGS
       --client-logo=<value>           Application URL of a logo, displayed in the consent page
       --client-name=<value>           Name, displayed in the consent page
       --client-origin=<value>         Domain, displayed in the consent page
-      --enable-consent-audit-log      Log consents
-      --enable-verification           Perform verification
+      --disable-consent-audit-log     Disable log consents
+      --disable-verification          Disable verification
       --response-webhook-url=<value>  Affinidi Iota Framework response webhook URL
       --token-max-age=<value>         Token expiration time in seconds
 
@@ -50,9 +50,9 @@ EXAMPLES
 
   $ affinidi iota create-config --name <value> --wallet-ari <value>
 
-  $ affinidi iota create-config --name <value> --wallet-ari <value> --enable-consent-audit-log --enable-verification --token-max-age <value> --mode websocket
+  $ affinidi iota create-config --name <value> --wallet-ari <value> --token-max-age <value> --mode websocket
 
-  $ affinidi iota create-config --name <value> --wallet-ari <value> --enable-consent-audit-log --enable-verification --token-max-age <value> --mode redirect --redirectUris <value>
+  $ affinidi iota create-config --name <value> --wallet-ari <value> --token-max-age <value> --mode redirect --redirectUris <value>
 ```
 
 _See code: [src/commands/iota/create-config.ts](https://github.com/affinidi/affinidi-cli/blob/v2.10.2/src/commands/iota/create-config.ts)_

diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -102,6 +102,9 @@
     "tslib": "^2.6.3",
     "typescript": "^5.5.3"
   },
+  "overrides": {
+    "cookie": "^0.7.0"
+  },
   "oclif": {
     "bin": "affinidi",
     "theme": "theme.json",

diff --git a/src/commands/iota/create-config.ts b/src/commands/iota/create-config.ts
@@ -4,7 +4,7 @@ import {
   CreateIotaConfigurationInputModeEnum,
 } from '@affinidi-tdk/iota-client'
 import { WalletDto, CreateWalletInput } from '@affinidi-tdk/wallets-client'
-import { input, select } from '@inquirer/prompts'
+import { input, select, confirm } from '@inquirer/prompts'
 import { ux, Flags } from '@oclif/core'
 import { CLIError } from '@oclif/core/errors'
 import z from 'zod'
@@ -54,9 +54,19 @@ export class CreateIotaConfig extends BaseCommand<typeof CreateIotaConfig> {
     }),
     'enable-verification': Flags.boolean({
       summary: 'Perform verification',
+      hidden: true,
+      deprecated: { message: 'This flag is deprecated as verification is now enabled by default.' },
+    }),
+    'disable-verification': Flags.boolean({
+      summary: 'Disable verification',
       default: false,
     }),
     'enable-consent-audit-log': Flags.boolean({
+      summary: 'Log consents',
+      hidden: true,
+      deprecated: { message: 'This flag is deprecated as consent audit logging is now enabled by default.' },
+    }),
+    'disable-consent-audit-log': Flags.boolean({
       summary: 'Log consents',
       default: false,
     }),
@@ -72,7 +82,7 @@ export class CreateIotaConfig extends BaseCommand<typeof CreateIotaConfig> {
   }
 
   public async run(): Promise<IotaConfigurationDto> {
-    const { flags } = await this.parse(CreateIotaConfig)
+    const flags = this.flags
 
     const MODE_REDIRECT = CreateIotaConfigurationInputModeEnum.Redirect
     const MODE_WEBSOCKET = CreateIotaConfigurationInputModeEnum.Websocket
@@ -98,6 +108,22 @@ export class CreateIotaConfig extends BaseCommand<typeof CreateIotaConfig> {
       if (wrongAriProvided) throw new CLIError('Wrong wallet ARI provided.')
     }
 
+    if (flags['disable-verification']) {
+      const confirmation = await confirm({
+        message: `Are you sure you want to disable credential verification?\nWe recommend cryptographically verifying the credential the user shares to ensure it is tamper-evident and authentic. Enable this option to verify the credentials automatically after the user consents to share.`,
+      })
+
+      if (!confirmation) flags['disable-verification'] = false
+    }
+
+    if (flags['disable-consent-audit-log']) {
+      const confirmation = await confirm({
+        message: `Are you sure you want to disable consent audit log?\nWe recommend enabling the Consent Audit Log to record user consent when they share their data with your application for compliance and audit purposes.`,
+      })
+
+      if (!confirmation) flags['disable-consent-audit-log'] = false
+    }
+
     if (!walletAri || wallets?.length === 0 || wrongAriProvided) {
       const walletChoices =
         wallets?.map((wallet: WalletDto) => ({
@@ -197,8 +223,8 @@ export class CreateIotaConfig extends BaseCommand<typeof CreateIotaConfig> {
         redirectUris,
       }),
       iotaResponseWebhookURL: flags['response-webhook-url'] ?? '',
-      enableVerification: flags['enable-verification'] || false,
-      enableConsentAuditLog: flags['enable-consent-audit-log'] || false,
+      enableVerification: !flags['disable-verification'],
+      enableConsentAuditLog: !flags['disable-consent-audit-log'],
       tokenMaxAge: flags['token-max-age'] ?? undefined,
       clientMetadata: {
         name: flags['client-name'] ?? '',

diff --git a/test/commands/iota/configs.test.ts b/test/commands/iota/configs.test.ts
@@ -63,7 +63,7 @@ const configurationRedirect = {
 
 describe('iota: configs commands', function () {
   describe('iota:create-config', () => {
-    it('creates a `websocket` configutation and outputs its info', async () => {
+    it('creates a `websocket` configuration and outputs its info', async () => {
       nock(AIS_URL).post('/v1/configurations').reply(200, configurationWebsocket)
       nock(CWE_URL)
         .get('/v1/wallets')
@@ -76,8 +76,6 @@ describe('iota: configs commands', function () {
         `--mode="${configurationWebsocket.mode}"`,
         `--response-webhook-url="${configurationWebsocket.iotaResponseWebhookURL}"`,
         `--token-max-age="${configurationWebsocket.tokenMaxAge}"`,
-        `--enable-verification`,
-        `--enable-consent-audit-log`,
         `--client-name="${configurationWebsocket.clientMetadata.name}"`,
         `--client-logo="${configurationWebsocket.clientMetadata.logo}"`,
         `--client-origin="${configurationWebsocket.clientMetadata.origin}"`,
@@ -113,8 +111,6 @@ describe('iota: configs commands', function () {
         `--mode="${configurationRedirect.mode}"`,
         `--redirect-uris="${configurationRedirect.redirectUris.join(' ')}"`,
         `--token-max-age="${configurationRedirect.tokenMaxAge}"`,
-        `--enable-verification`,
-        `--enable-consent-audit-log`,
         `--client-name="${configurationRedirect.clientMetadata.name}"`,
         `--client-logo="${configurationRedirect.clientMetadata.logo}"`,
         `--client-origin="${configurationRedirect.clientMetadata.origin}"`,