feat: implement PoH credential refresh function#202
Conversation
gryaele
force-pushed
the
elenagryaznova-pop-3497-implement-calling-refresh-credential-code-in-oxide-from
branch
from
52c01bd to
6ffc062
Compare
…fresh-credential-code-in-oxide-from
|
@codex review |
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 061b99681e
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| impl TfhPopIssuer { | ||
| /// Create a new TFH POP issuer with the specified base URL | ||
| #[uniffi::constructor] | ||
| #[must_use] | ||
| pub fn new(environment: &Environment) -> Self { |
There was a problem hiding this comment.
TfhPopIssuer is declared as a #[derive(uniffi::Object)], but this impl block is not annotated with #[uniffi::export]. As written, UniFFI will not generate callable bindings for new or refresh_pop_credential, so foreign-language clients cannot use the POP issuer even though it is publicly re-exported.
Useful? React with 👍 / 👎.
| let mut request = self.client.post(url).multipart(multipart_form); | ||
|
|
There was a problem hiding this comment.
This request path uses a bare reqwest::Client request builder without any timeout or retry policy, so transient network issues can cause indefinite waits or one-shot failures. Other issuer/network paths in this crate use http_request::Request (with timeout and retry handling), so this introduces a reliability regression specifically for POP refresh in flaky network conditions.
Useful? React with 👍 / 👎.
|
@codex review |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 061b99681e
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| Self { | ||
| base_url, | ||
| client: Client::new(), | ||
| } |
There was a problem hiding this comment.
The POP issuer builds a plain reqwest::Client and uses it for send() without any timeout configuration, so a slow or stalled /api/v1/refresh connection can hang this call indefinitely in production. This is a reliability regression versus the existing Request helper used by other issuer/network paths (which applies a 5s timeout and retries), so POP refresh can block user flows under transient network faults.
Useful? React with 👍 / 👎.
There was a problem hiding this comment.
thanks, timeout added
thomas-waite
left a comment
thomas-waite
left a comment
There was a problem hiding this comment.
Seems fine to me from a mobile perspective apart from we need docs/explanation of what the headers passed to this are
| //! Credential issuers for World ID. | ||
|
|
||
| mod tfh_nfc; | ||
| mod tfh_pop; |
There was a problem hiding this comment.
the pop credential isn't issued by tfh. this should just be called mod proof_of_human. generally also the credential has been renamed to Proof of Human, so naming should reflect that everywhere
| /// Returns error on network failure or invalid response. | ||
| pub async fn refresh_pop_credential( | ||
| &self, | ||
| multipart_form: Form, |
There was a problem hiding this comment.
I believe we wouldn't be able to call refresh_pop_credential from other languages bindings because reqwest::multipart::Form doesn't have bindings.
There was a problem hiding this comment.
hmm well if the form is constructed in Rust elsewhere it may work. Likely this is compiling because Form is wrapped in an Arc internally and can pass between foreign/Rust boundaries. but this may be fragile, perhaps accepting raw bytes of the body instead?
…fresh-credential-code-in-oxide-from
There was a problem hiding this comment.
Looks fine to me. Lets wait for @Dzejkop's review before we go ahead with merging. He's the expert for the multipart-form Rust question
|
|
||
| #[uniffi::export] | ||
| impl ProofOfHumanIssuer { | ||
| /// Create a new TFH POP issuer with the specified base URL |
There was a problem hiding this comment.
It's called Proof of Human everywhere now, so POP should be POH
paolodamico
changed the title
paolodamico
changed the title
|
|
||
| Self { | ||
| base_url, | ||
| client: Client::new(), |
There was a problem hiding this comment.
IIRC with the introduction of NFC we introduced a module for HTTP requests, that will handle things like user agent headers, retries and timeouts
There was a problem hiding this comment.
yes, I saw that one, unfortunately it doesn't have multipart option
| let refresh_credentials_response = | ||
| serde_json::from_str::<RefreshCredentialsResponse>(&response_text) | ||
| .map_err(|e| WalletKitError::SerializationError { | ||
| error: format!("Failed to parse POP refresh response: {e}"), |
There was a problem hiding this comment.
This may be confusing because SerializationError is an internal error from a Rust object, but this is an error from the HTTP response. I'd still propagate a network error
paolodamico
deleted the
elenagryaznova-pop-3497-implement-calling-refresh-credential-code-in-oxide-from
branch
3 participants
This pull request introduces a new credential issuer for Proof of Personhood (POP) in the
walletkit-corepackage, adds the required dependencies, and exposes the new issuer for use.New POP issuer and API client:
tfh_popinwalletkit-core/src/issuers/, implementing theProofOfHumanIssuerAPI client to interact with the POP credential refresh endpoint. This includes a method to refresh credentials, error handling, and response parsing.ProofOfHumanIssuerin the issuer module's public API, making it available for use elsewhere in the codebase.Dependency updates:
reqwest(withjson,multipart, andrustls-tlsfeatures) to both the rootCargo.tomlandwalletkit-core/Cargo.tomlto support HTTP requests and multipart form data needed for the POP issuer. [1] [2]