daemon: update DID gate URL handling in JWS validation and resolution

2025-12-31 11:01:26 +08:00
4 changed files with 28 additions and 8 deletions
--- a/daemon/go.mod
+++ b/daemon/go.mod
@@ -18,7 +18,7 @@ require (
 	bytetrade.io/web3os/bfl v0.0.0-00010101000000-000000000000
 	github.com/Masterminds/semver/v3 v3.4.0
 	github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2
-	github.com/beclab/Olares/cli v0.0.0-20251219153848-63d422037cf9
+	github.com/beclab/Olares/cli v0.0.0-20251230161135-5264df60cc33
 	github.com/beclab/Olares/framework/app-service v0.0.0-20251225061130-909b7656fd70
 	github.com/containerd/containerd v1.7.29
 	github.com/distribution/distribution/v3 v3.0.0
--- a/daemon/go.sum
+++ b/daemon/go.sum
@@ -24,8 +24,8 @@ github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPd
 github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs=
 github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 h1:DklsrG3dyBCFEj5IhUbnKptjxatkF07cF2ak3yi77so=
 github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw=
-github.com/beclab/Olares/cli v0.0.0-20251219153848-63d422037cf9 h1:YNHfPra2FqsKJ5mAxSWNVIK6VyWygRyZiNwfPqiFxlg=
-github.com/beclab/Olares/cli v0.0.0-20251219153848-63d422037cf9/go.mod h1:cYPcuju2yRSp9BQjIN/CC495dDOOvVoL42r/gvFlutk=
+github.com/beclab/Olares/cli v0.0.0-20251230161135-5264df60cc33 h1:WYuUPOT/p26aCDJGJEDai1v7YM6QHiaFDusBVynnbBY=
+github.com/beclab/Olares/cli v0.0.0-20251230161135-5264df60cc33/go.mod h1:ixhzBK5XIovsRB5djk44TChsOK4wum2q4y/hZxJKlNw=
 github.com/beclab/Olares/framework/app-service v0.0.0-20251225061130-909b7656fd70 h1:U3z6m0hokD1gzl788BrUdxCbDyAjdOBBXA8ilYgn6VQ=
 github.com/beclab/Olares/framework/app-service v0.0.0-20251225061130-909b7656fd70/go.mod h1:D9wl7y3obLqXMqfubMROMgdxWAwInnKNrFC//d0nyIA=
 github.com/beclab/bfl v0.3.36 h1:PgeSPGc+XoONiwFsKq9xX8rqcL4kVM1G/ut0lYYj/js=
--- a/daemon/internel/apiserver/handlers/handler_did.go
+++ b/daemon/internel/apiserver/handlers/handler_did.go
@@ -2,8 +2,10 @@ package handlers

 import (
 	"net/http"
+	"net/url"

 	"github.com/beclab/Olares/cli/pkg/web5/jws"
+	"github.com/beclab/Olares/daemon/pkg/commands"
 	"github.com/gofiber/fiber/v2"
 	"k8s.io/klog/v2"
 )
@@ -14,8 +16,14 @@ func (h *Handlers) ResolveOlaresName(c *fiber.Ctx) error {
 		klog.Error("olaresName parameter is missing")
 		return h.ErrJSON(c, fiber.StatusBadRequest, "olaresName parameter is required")
 	}
+
 	klog.Infof("Received olaresName: %s", olaresName)
-	result, err := jws.ResolveOlaresName(olaresName)
+
+	didServiceURL, err := getDidGateURL()
+	if err != nil {
+		return h.ErrJSON(c, fiber.StatusInternalServerError, "Failed to get DID gate URL")
+	}
+	result, err := jws.ResolveOlaresName(didServiceURL, olaresName)
 	if err != nil {
 		klog.Errorf("Failed to resolve DID for %s: %v", olaresName, err)
 		return h.ErrJSON(c, fiber.StatusInternalServerError, "Failed to resolve DID")
@@ -46,7 +54,11 @@ func (h *Handlers) CheckJWS(c *fiber.Ctx) error {
 		body.Duration = int64(3 * 60 * 1000) // 3 minutes in milliseconds
 	}

-	result, err := jws.CheckJWS(body.JWS, body.Duration)
+	didServiceURL, err := getDidGateURL()
+	if err != nil {
+		return h.ErrJSON(c, fiber.StatusInternalServerError, "Failed to get DID gate URL")
+	}
+	result, err := jws.CheckJWS(didServiceURL, body.JWS, body.Duration)
 	if err != nil {
 		klog.Errorf("Failed to check JWS: %v", err)
 		return h.ErrJSON(c, fiber.StatusBadRequest, "Invalid JWS")
@@ -54,3 +66,12 @@ func (h *Handlers) CheckJWS(c *fiber.Ctx) error {

 	return h.OkJSON(c, "success", result)
 }
+
+func getDidGateURL() (string, error) {
+	didServiceURL, err := url.JoinPath(commands.OLARES_REMOTE_SERVICE, "/did/1.0/name/")
+	if err != nil {
+		klog.Errorf("failed to parse DID gate service URL: %v, Olares remote service: %s", err, commands.OLARES_REMOTE_SERVICE)
+		return "", err
+	}
+	return didServiceURL, nil
+}
--- a/daemon/pkg/utils/jws.go
+++ b/daemon/pkg/utils/jws.go
@@ -18,15 +18,14 @@ func ValidateJWS(token string) (bool, string, error) {
 		klog.Errorf("failed to parse DID gate service URL: %v, Olares remote service: %s", err, commands.OLARES_REMOTE_SERVICE)
 		return false, "", err
 	}
-	jws.DIDGateURL = didServiceURL

 	// Validate the JWS token with a 20-minute expiration time
-	checkJWS, err := jws.CheckJWS(token, 20*60*1000)
+	checkJWS, err := jws.CheckJWS(didServiceURL, token, 20*60*1000)
 	if err != nil {
 		if strings.HasPrefix(err.Error(), "timestamp") {
 			err = fmt.Errorf("%v, server time: %s", err, time.Now().UTC().Format(time.RFC3339))
 		}
-		klog.Errorf("failed to check JWS: %v, on %s", err, jws.DIDGateURL)
+		klog.Errorf("failed to check JWS: %v, on %s", err, didServiceURL)
 		return false, "", err
 	}