canic_core/api/auth/
attestation.rs1use super::AuthApi;
9use crate::{
10 dto::{
11 auth::{
12 RoleAttestationGetRequest, RoleAttestationPrepareResponse, RoleAttestationRequest,
13 SignedRoleAttestation,
14 },
15 error::Error,
16 },
17 ops::{auth::AuthOps, ic::IcOps, runtime::env::EnvOps},
18 workflow::runtime::auth::RuntimeAuthWorkflow,
19};
20
21impl AuthApi {
22 pub fn prepare_role_attestation_root(
24 request: RoleAttestationRequest,
25 ) -> Result<RoleAttestationPrepareResponse, Error> {
26 RuntimeAuthWorkflow::prepare_role_attestation_root(request).map_err(Self::map_auth_error)
27 }
28
29 pub fn get_role_attestation_root(
31 request: RoleAttestationGetRequest,
32 ) -> Result<SignedRoleAttestation, Error> {
33 EnvOps::require_root().map_err(Error::from)?;
34 AuthOps::get_role_attestation(IcOps::msg_caller(), request.payload_hash)
35 .map_err(Self::map_auth_error)
36 }
37
38 pub async fn verify_role_attestation(
40 attestation: &SignedRoleAttestation,
41 min_accepted_epoch: u64,
42 ) -> Result<(), Error> {
43 RuntimeAuthWorkflow::verify_role_attestation(attestation, min_accepted_epoch)
44 .await
45 .map_err(Self::map_auth_error)
46 }
47}