canic_core/api/auth/
attestation.rs1use super::AuthApi;
8use crate::{
9 dto::{
10 auth::{
11 RoleAttestationGetRequest, RoleAttestationPrepareResponse, RoleAttestationRequest,
12 SignedRoleAttestation,
13 },
14 error::Error,
15 },
16 ops::{auth::AuthOps, ic::IcOps, runtime::env::EnvOps},
17 workflow::runtime::auth::RuntimeAuthWorkflow,
18};
19
20impl AuthApi {
21 pub fn prepare_role_attestation_root(
23 request: RoleAttestationRequest,
24 ) -> Result<RoleAttestationPrepareResponse, Error> {
25 RuntimeAuthWorkflow::prepare_role_attestation_root(request).map_err(Self::map_auth_error)
26 }
27
28 pub fn get_role_attestation_root(
30 request: RoleAttestationGetRequest,
31 ) -> Result<SignedRoleAttestation, Error> {
32 EnvOps::require_root().map_err(Error::from)?;
33 AuthOps::get_role_attestation(IcOps::msg_caller(), request.payload_hash)
34 .map_err(Self::map_auth_error)
35 }
36
37 pub async fn verify_role_attestation(
39 attestation: &SignedRoleAttestation,
40 min_accepted_epoch: u64,
41 ) -> Result<(), Error> {
42 RuntimeAuthWorkflow::verify_role_attestation(attestation, min_accepted_epoch)
43 .await
44 .map_err(Self::map_auth_error)
45 }
46}