Added signed headers validation to /checklogin. Updated github actions

README.md

@@ -31,9 +31,14 @@ See: [reg-pilot-webapp](https://github.com/GLEIF-IT/reg-pilot-webapp)
 The verifier uses [keripy](https://github.com/WebOfTRust/keripy) for verifying the requests:
 See: [vlei-verifier](https://github.com/GLEIF-IT/vlei-verifier)
 
+### Filer
+Filer service for report uploads:
+See: [reg-pilot-filer](https://github.com/GLEIF-IT/reg-pilot-filer)
+
 ### Additional service
 * KERI Witness Network
 * vLEI Verifier
+* Reg Pilot Filer
 * KERI Agent
 
 #### REST API

setup.py

@@ -28,7 +28,7 @@
 
 setup(
     name="reg-pilot-api",
-    version="0.0.2",  # also change in src/regps/__init__.py
+    version="0.0.3",  # also change in src/regps/__init__.py
     license="Apache Software License 2.0",
     description="RegPS: Regulation Portal Service API.",
     long_description="RegPS: A Regulation Portal Service to orchestate web app, vLEI validation, etc.",
@@ -95,7 +95,7 @@
     setup_requires=[],
     entry_points={
         "console_scripts": [
-            "regps = regps.app.cli.regps:main",
+            "reg-pilot-api = regps.app.cli.regps:main",
         ]
     },
 )

src/regps/__init__.py

@@ -0,0 +1 @@
+__version__ = '0.0.3'

src/regps/app/cli/regps.py

@@ -8,11 +8,13 @@
 import logging
 import multicommand
 import regps.app.fastapi_app as fastapi_app
-import commands
+from regps import __version__
+from regps.app.cli import commands
 
 
 def main():
     parser = multicommand.create_parser(commands)
+    parser.add_argument('--version', action='version', version=f"%(prog)s {__version__}")
     args = parser.parse_args()
 
     if not hasattr(args, "handler"):

src/regps/app/fastapi_app.py

@@ -151,6 +151,7 @@ async def add_root_of_trust(
 
 @app.get("/checklogin/{aid}", response_model=CheckLoginResponse)
 async def check_login_route(
+        request: Request,
         response: Response,
         aid: str = Path(
             ...,
@@ -162,12 +163,45 @@ async def check_login_route(
                 }
             },
         ),
+        signature: str = Header(
+            openapi_examples={
+                "default": {
+                    "summary": "Default signature",
+                    "value": upload_examples["request"]["headers"]["signature"],
+                }
+            }
+        ),
+        signature_input: str = Header(
+            openapi_examples={
+                "default": {
+                    "summary": "Default signature_input",
+                    "value": upload_examples["request"]["headers"]["signature_input"],
+                }
+            }
+        ),
+        signify_resource: str = Header(
+            openapi_examples={
+                "default": {
+                    "summary": "Default signify_resource",
+                    "value": upload_examples["request"]["headers"]["signify_resource"],
+                }
+            }
+        ),
+        signify_timestamp: str = Header(
+            openapi_examples={
+                "default": {
+                    "summary": "Default signify_timestamp",
+                    "value": upload_examples["request"]["headers"]["signify_timestamp"],
+                }
+            }
+        ),
 ):
     """
     Given an AID returns information about the login
     """
     try:
         logger.info(f"CheckLogin: sending aid {aid}")
+        verify_signed_headers.process_request(request, aid)
         resp = api_controller.check_login(aid)
         lei = resp.get("lei")
         aid = resp.get("aid")
@@ -601,7 +635,7 @@ def clear_status_route(
 
 
 def main():
-    logger.info("Starting RegPS...")
+    logger.info("Starting Reg-Pilot-API")
     import uvicorn
 
     uvicorn.run(app, host="0.0.0.0", port=8000)