diff --git a/src/verifiers/dnsText/openAttestationDnsTxt.ts b/src/verifiers/dnsText/openAttestationDnsTxt.ts index 6a717973..6bd257ce 100644 --- a/src/verifiers/dnsText/openAttestationDnsTxt.ts +++ b/src/verifiers/dnsText/openAttestationDnsTxt.ts @@ -66,7 +66,8 @@ export const openAttestationDnsTxt: Verifier< // at least one issuer uses DNS-TXT return documentData.issuers.some(issuer => { return ( - (issuer.documentStore || issuer.tokenRegistry) && issuer.identityProof?.type === v2.IdentityProofType.DNSTxt + (issuer.documentStore || issuer.tokenRegistry || issuer.certificateStore) && + issuer.identityProof?.type === v2.IdentityProofType.DNSTxt ); }); } @@ -81,9 +82,13 @@ export const openAttestationDnsTxt: Verifier< const identities = await Promise.all( documentData.issuers.map(issuer => { if (issuer.identityProof?.type === v2.IdentityProofType.DNSTxt) { - // we expect the test function to prevent this issue => smart contract address MUST be populated - // eslint-disable-next-line @typescript-eslint/no-non-null-assertion - return resolveIssuerIdentity(issuer, (issuer.documentStore || issuer.tokenRegistry)!, options); + return resolveIssuerIdentity( + issuer, + // we expect the test function to prevent this issue => smart contract address MUST be populated + // eslint-disable-next-line @typescript-eslint/no-non-null-assertion + (issuer.documentStore || issuer.tokenRegistry || issuer.certificateStore)!, + options + ); } const skippedResponse: Identity = { status: "SKIPPED" @@ -95,7 +100,9 @@ export const openAttestationDnsTxt: Verifier< const invalidIdentity = identities.findIndex(identity => identity.status === "INVALID"); if (invalidIdentity !== -1) { const smartContractAddress = - documentData.issuers[invalidIdentity].documentStore || documentData.issuers[invalidIdentity].tokenRegistry; + documentData.issuers[invalidIdentity].documentStore || + documentData.issuers[invalidIdentity].tokenRegistry || + documentData.issuers[invalidIdentity].certificateStore; return { name, diff --git a/src/verifiers/dnsText/openAttestationDnsTxt.v2.test.ts b/src/verifiers/dnsText/openAttestationDnsTxt.v2.test.ts index f9545870..303423ae 100644 --- a/src/verifiers/dnsText/openAttestationDnsTxt.v2.test.ts +++ b/src/verifiers/dnsText/openAttestationDnsTxt.v2.test.ts @@ -60,6 +60,43 @@ describe("OpenAttestationDnsTxt v2 document", () => { } ]); }); + it("should return a valid fragment when document has valid identity and uses certificate store", async () => { + const document = { + ...documentRopstenValidWithToken, + data: { + ...documentRopstenValidWithToken.data, + issuers: [ + { + name: "2433e228-5bee-4863-9b98-2337f4f90306:string:DEMO STORE", + certificateStore: + "1d337929-6770-4a05-ace0-1f07c25c7615:string:0xe59877ac86c0310e9ddaeb627f42fdee5f793fbe", + identityProof: { + type: "1350e9f5-920b-496d-b95c-2a2793f5bff6:string:DNS-TXT", + location: "291a5524-f1c6-45f8-aebc-d691cf020fdd:string:example.tradetrust.io" + } + } + ] + } + }; + + const fragment = await verify(document, { + network: "ropsten" + }); + expect(fragment).toStrictEqual([ + { + type: "ISSUER_IDENTITY", + name: "OpenAttestationDnsTxt", + data: [ + { + location: "example.tradetrust.io", + status: "VALID", + value: "0xe59877ac86c0310e9ddaeb627f42fdee5f793fbe" + } + ], + status: "VALID" + } + ]); + }); it("should return an invalid fragment when document identity does not match", async () => { const document = { ...documentRopstenValidWithToken,