Connectionless invitations are interpreted as invalid QR when the invitation is valid and action proceeded
VikiMaiselman opened this issue · 0 comments
Description of problem
In order to perform one of the functionalities of out app, we need to create a connectionless invitation for proof request between the Mobile Wallet and the Verifier. We send a request to /out-of-band/create-invitation endpoint and the response that is successfully returned from it contains a valid (!) URL which is displayed to be scanned by the Mobile Wallet. With the current version of mobile wallet code, when the such a QR code is scanned an error is thrown that the QR is invalid. However on pressing "close"-button (X) of the scanning screen, the main screen shows that the request was successfully sent and waits for the user of the Mobile Wallet to respond as "accept" or "decline" the proof request. Pressing on "accept" also is valid. (In short, the action is done, but the user of the Mobile Wallet is confused by seeing an error that states that the QR code is invalid even when it is).
Expected behavior
The connectionless invitations should be treated as normal and not throw the error of invalid QR.
Steps to reproduce
This is how we create an out-of-bond invitation.
url = envi.get_issuer_agent_admin_url() + "/out-of-band/create-invitation?auto_accept=true"
payload = json.dumps({
"attachments": [
{
"id": pres_ex_id,
"type": "present-proof"
}
]
})
after making request a url is returned which we display as a QR to be scanned.
Solution and ### Workaround. When we scan this QR with the Mobile Wallet app, a function connectFromInvitation() from scan.tx is triggered, the function itself is defined in helpers.ts. The function throws an error if there was no connection id extracted from the invitation (but we have a connectionless invitation).
I removed throwing of this error and changed 2 places in the code to deal with data that does not have connection id. After those changes the error is not thrown on scanning connectionless invitations and the flow goes on smoothly.
Screenshots and/or log output
scan.tx (line 489)
/**
*
- @param uri a URI containing a base64 encoded connection invite in the query parameter
- @param agent an Agent instance
- @returns a connection record from parsing and receiving the invitation
*/
export const connectFromInvitation = async (uri: string, agent: Agent | undefined) => {
const invitation = await agent?.oob.parseInvitation(uri)
if (!invitation) {
throw new Error('Could not parse invitation from URL')
}
const record = await agent?.oob.receiveInvitation(invitation)
const connectionRecord = record?.connectionRecord
if (!connectionRecord?.id) {
console.log('Connection does not have an ID')
}
return connectionRecord
}
helpers.tx (line 41 - connection record is not necessary right now)
const handleInvitation = async (value: string): Promise => {
try {
const connectionRecord = await connectFromInvitation(value, agent)
navigation.getParent()?.navigate(Stacks.ConnectionStack, {
screen: Screens.Connection,
params: { connectionId: connectionRecord?.id },
})
and rootStack.tx (line 76, same issue)
// handle deeplink events
useEffect(() => {
async function handleDeepLink(deepLink: string) {
try {
// Try connection based
const connectionRecord = await connectFromInvitation(deepLink, agent)
navigation.navigate(Stacks.ConnectionStack as any, {
screen: Screens.Connection,
params: { connectionId: connectionRecord?.id },
})
} catch {}
Environment
- Occurs on iOS
Severity
- Medium