add validation for issue_date and expire_date

eu-digital-identity-wallet · Apr 19, 2024 · 2a4bd2a · 2a4bd2a
1 parent 40ffe02
commit 2a4bd2a
Show file tree

Hide file tree

Showing 4 changed files with 72 additions and 14 deletions.
diff --git a/app/app_config/config_service.py b/app/app_config/config_service.py
@@ -172,6 +172,7 @@ class ConfService:
         "303": "Error obtaining attributes.",
         "304": "PID attribute(s) missing.",
         "305": "Certificate not available.",
+        "306": "Date is not in the correct format. Should be YYYY-MM-DD.",
         "401": "Missing mandatory formatter fields.",
         "501": "Missing mandatory IdP fields",
     }

diff --git a/app/route_formatter.py b/app/route_formatter.py
@@ -24,16 +24,12 @@
 """
 import logging
 
-
-from flask import (
-    Blueprint, flash, g, redirect, render_template, request, session, url_for, jsonify
-)
-
-from validate import validate_mandatory_args
-from app_config.config_service import ConfService as cfgservice
-from formatter_func import mdocFormatter,sdjwtFormatter
-
 from app_config.config_countries import ConfCountries as cfcountries
+from app_config.config_service import ConfService as cfgservice
+from flask import (Blueprint, flash, g, jsonify, redirect, render_template,
+                   request, session, url_for)
+from formatter_func import mdocFormatter, sdjwtFormatter
+from validate import validate_date_format, validate_mandatory_args
 
 # /formatter blueprint
 formatter = Blueprint('formatter', __name__, url_prefix='/formatter')
@@ -88,12 +84,23 @@ def cborformatter():
 
     if request.json['country'] not in cfcountries.supported_countries:    
         return jsonify({'error_code': 102, 'error_message': cfgservice.error_list['102'], 'mdoc': ''})
-
 
     if request.json['doctype'] == "org.iso.18013.5.1.mDL":
         (b, l) = validate_mandatory_args(request.json["data"]["org.iso.18013.5.1"], ['family_name', 'given_name', 'birth_date', 'issue_date', 'expiry_date', 'issuing_country','issuing_authority','document_number', 'portrait', 'driving_privileges', 'un_distinguishing_sign'])
     if request.json['doctype'] == "eu.europa.ec.eudiw.pid.1":
         (b, l) = validate_mandatory_args(request.json['data']["eu.europa.ec.eudiw.pid.1"], ['family_name', 'given_name', 'birth_date', 'age_over_18'])
+
+    if request.json['doctype'] == "org.iso.18013.5.1.mDL":
+        expiry_date = request.json['data']["org.iso.18013.5.1"].get('expiry_date')
+        issue_date = request.json['data']["org.iso.18013.5.1"].get('issue_date')
+
+        if expiry_date is not None:
+            if not validate_date_format(expiry_date):
+                return jsonify({'error_code': 306, 'error_message': cfgservice.error_list['306'], 'mdoc': ''})
+        if issue_date is not None:
+            if not validate_date_format(issue_date):
+                return jsonify({'error_code': 306, 'error_message': cfgservice.error_list['306'], 'mdoc': ''})
+
     if not b: # nota all mandatory args are present
         return jsonify({'error_code': 401, 'error_message': cfgservice.error_list['401'], 'mdoc': ''})
 

diff --git a/app/tests/test_route_formatter.py b/app/tests/test_route_formatter.py
@@ -121,10 +121,10 @@ def test_cbor_formatter_error_401_country():
                     "Type": "B"
                     }
                 ],
-                "expiry_date": "Fri, 25 Aug 2023 10:15:53 GMT",
+                "expiry_date": "2024-12-31",
                 "family_name": "Lima",
                 "given_name": "João",
-                "issue_date": "Wed, 26 Jul 2023 10:15:53 GMT",
+                "issue_date": "2024-01-01",
                 "issuing_authority": "IMTT-Lisboa",
                 "issuing_country": "PT",
                 "portrait": "/9j/4AAQSkZJRgABAQAAAQAB...",
@@ -158,10 +158,10 @@ def test_cbor_formatter_error_401_doctype():
                     "Type": "B"
                     }
                 ],
-                "expiry_date": "Fri, 25 Aug 2023 10:15:53 GMT",
+                "expiry_date": "2024-12-31",
                 "family_name": "Lima",
                 "given_name": "João",
-                "issue_date": "Wed, 26 Jul 2023 10:15:53 GMT",
+                "issue_date": "2024-01-01",
                 "issuing_authority": "IMTT-Lisboa",
                 "issuing_country": "PT",
                 "portrait": "/9j/4AAQSkZJRgABAQAAAQAB...",
@@ -176,6 +176,44 @@ def test_cbor_formatter_error_401_doctype():
     assert response.json()["error_message"] == "Missing mandatory formatter fields."
     assert response.json()["mdoc"] == ''
 
+#   expiry_date is not in the correct format
+def test_cbor_formatter_error_306_date_formatting():
+
+    payload_306_D = {
+        "version":"0.2",
+        "country":"PT",
+        "device_publickey": "LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUZrd0V3WUhLb1pJemowQ0FRWUlLb1pJemowREFRY0RRZ0FFOElFUUJqNENaZDNZaWZYbmpxUmx0SUlpSkQ2VwpoWkV4RWtQVWdQUnkvWXd1ZUZzSk42UGVod3F0dlUxRnoyMG5XOVpjVUxLem9LaVdnaGlOeTM4NTBBPT0KLS0tLS1FTkQgUFVCTElDIEtFWS0tLS0t",
+        "data": {
+            "org.iso.18013.5.1": {
+                "birth_date": "13-12-2000",
+                "birth_place": "Lisboa",
+                "document_number": "18923",
+                "driving_privileges": [
+                    {
+                    "ExpiryDate": "2099-12-31",
+                    "IssueDate": "2000-01-01",
+                    "Restriction": [],
+                    "Type": "B"
+                    }
+                ],
+                "expiry_date": "Fri, 25 Aug 2023 10:15:53 GMT",
+                "family_name": "Lima",
+                "given_name": "João",
+                "issue_date": "2024-01-01",
+                "issuing_authority": "IMTT-Lisboa",
+                "issuing_country": "PT",
+                "portrait": "/9j/4AAQSkZJRgABAQAAAQAB...",
+                "un_distinguishing_sign": "P"
+            }
+        }
+    }
+
+    response= requests.post(ENDPOINT, json=payload_306_D, verify=False)
+
+    assert response.json()["error_code"] == 306
+    assert response.json()["error_message"] == "Date is not in the correct format. Should be YYYY-MM-DD."
+    assert response.json()["mdoc"] == ''
+
 #   Missing field: data
 def test_cbor_formatter_error_401_data():
 

diff --git a/app/validate.py b/app/validate.py
@@ -24,6 +24,7 @@
 """
 
 import base64
+import datetime
 from flask import session
 import validators
 
@@ -224,4 +225,15 @@ def is_valid_pem_public_key(pem_key):
     except Exception as e:
         return False
 
+def validate_date_format(date):
+    """ Validate if date is in the correct format
 
+    Return: Return True or return value.
+    + If date have the correct format , return True.
+    + If date have the incorrect format, return False
+    """
+    try:
+        datetime.datetime.strptime(date, "%Y-%m-%d")
+        return True
+    except ValueError:
+        return False