nevermined-io/node

Jwt subcription token is failing when you are not the owner

Closed this issue · 3 comments

eruizgar91 commented

Describe the bug

When you are not the owner of a service, and you go to the integrationDetails to check your jwt token is returning and error. This error comes from the node, when the user is not the owner and is validating the subscription.

This code in node

async getAccessToken(@Req() req, @Param('did') did: string): Promise<SubscriptionTokenDto> {
    // get subscription data
    const { contractAddress, numberNfts, endpoints, headers, owner } =
      await this.subscriptionService.validateDid(did)

    // validate that the subscription is valid
    let expiryTime: string
    if (req.user.address !== owner) {
      const isValid = await this.subscriptionService.isSubscriptionValid(
        contractAddress,
        numberNfts,
        req.user.address,
      )

      if (!isValid) {
        Logger.debug(
          `[GET /subscriptions] ${did}: user ${req.user.address} does not have access to subscription`,
        )
        throw new ForbiddenException(
          `user ${req.user.address} does not have access to subscription ${did}`,
        )
      }

      // get expiry time
      expiryTime = await this.subscriptionService.getExpirationTime(
        contractAddress,
        req.user.address,
      )
    } else

is generating this error:

[Nest] 36  - 07/19/2023, 12:57:42 PM   ERROR [ExceptionsHandler] invalid hash (argument="value", value="0xa8c0bcbbb205981f3c911d6a8db47cff8a1effe656975470541d44ddea5230c504000000", code=INVALID_ARGUMENT, version=providers/5.7.2)
Error: invalid hash (argument="value", value="0xa8c0bcbbb205981f3c911d6a8db47cff8a1effe656975470541d44ddea5230c504000000", code=INVALID_ARGUMENT, version=providers/5.7.2)
    at Logger.makeError (/node_modules/@ethersproject/logger/lib/index.js:238:21)
    at Logger.throwError (/node_modules/@ethersproject/logger/lib/index.js:247:20)
    at Logger.throwArgumentError (/node_modules/@ethersproject/logger/lib/index.js:250:21)
    at Formatter.hash (/node_modules/@ethersproject/providers/lib/formatter.js:227:27)
    at JsonRpcProvider.<anonymous> (/node_modules/@ethersproject/providers/lib/base-provider.js:2106:68)
    at step (/node_modules/@ethersproject/providers/lib/base-provider.js:48:23)
    at Object.next (/node_modules/@ethersproject/providers/lib/base-provider.js:29:53)
    at fulfilled (/node_modules/@ethersproject/providers/lib/base-provider.js:20:58)
    at runMicrotasks (<anonymous>)
    at processTicksAndRejections (node:internal/process/task_queues:96:5)
[Nest] 36  - 07/19/2023, 12:57:42 PM     LOG GET /api/v1/node/services/subscriptions/did:nv:f6198999e0e69ddfcfeb194160ada695d406b59607fb59d1403bcd3577009f71 500 3302.847 ms - 52

To Reproduce

Buy a service and go to integrationDetails

r-marques commented

what environment is this and does the user own the subscription?
also can you share the did of the service that is failing?

r-marques commented

I found the issue. I will release a hotfix asap

r-marques commented

fixed with node v1.4.1