Misc Open Badge related improvements [fix]

hoijui · Nov 21, 2023 · 7568e5e · 7568e5e
1 parent a2df8cb
commit 7568e5e
Show file tree

Hide file tree

Showing 3 changed files with 31 additions and 25 deletions.
diff --git a/ob_gen b/ob_gen
@@ -96,7 +96,19 @@ PROJECT_HOSTING_BASE_URL="https://osegermany.gitlab.io/ohloom"
 
 mkdir -p "$out_dir"
 
-RECIPIENT_IDENTITY_CLEAR="$RECIPIENT_URL"
+# TODO Choose one of these two - really, we need URL though for the projects; right?
+# RECIPIENT_TYPE="url"
+RECIPIENT_TYPE="email"
+if [ "$RECIPIENT_TYPE" = "url" ]
+then
+	RECIPIENT_IDENTITY_CLEAR="$RECIPIENT_URL"
+elif [ "$RECIPIENT_TYPE" = "email" ]
+then
+	RECIPIENT_IDENTITY_CLEAR="[email protected]" # TODO FIXME Use a real value
+else
+	>&2 echo "ERROR: Not yet supported recipient type: '$RECIPIENT_TYPE'!"
+	exit 5
+fi
 VARIABLES_FILE="$out_dir/assertion-gen.vars.txt"
 OB_HOSTING_BASE="https://raw.githubusercontent.com/hoijui/osh-tool/master/resources/open-badge-examples/compliance-signed"
 OB_LOCAL_BASE="$SCRIPT_DIR/resources/open-badge-examples/compliance-signed"
@@ -107,6 +119,7 @@ PRIV_KEY_DER="$KEY_FILE_BASE.x509.priv.der"
 CERT="$KEY_FILE_BASE.x509.cert.pem"
 PUB_KEY="$KEY_FILE_BASE.x509.pub.pem"
 KEY_JSON="$KEY_FILE_BASE.json"
+KEY_ID="$OB_HOSTING_BASE/$(basename "$KEY_JSON")"
 # TODO Choose one of these two
 # TODO FIXME Currently, `ring` (the rust library we use for parsing keys) failes loading ECDSA keys generated with OpenSSL, while it works with those generated by the rust library `rcgen`. OpenSSL itsself seems to do fine with both ... :/
 # ALG="es256"
@@ -138,6 +151,7 @@ SAMPLE_BAGDE_IMAGE="$IMGS_LOCAL_BASE/osh-tool-sample-badge-signed.$IMG_EXT"
 #SOURCE_IMAGE="$COMPLIANCE_BADGE"
 SOURCE_IMAGE="$SAMPLE_BAGDE_IMAGE"
 BAKED_IMAGE="$out_dir/assertion-gen-baked.$IMG_EXT"
+BAKED_IMAGE_URL="$PROJECT_HOSTING_BASE_URL/$(basename "$BAKED_IMAGE")"
 
 if (( $(echo "$COMPLIANCE_FACTOR < $COMPLIANCE_FACTOR_MIN" | bc -l) ))
 then
@@ -146,19 +160,23 @@ then
 fi
 
 cat > "$VARIABLES_FILE" << EOF
+ISSUER_ID="$OB_HOSTING_BASE/issuer.json"
+KEY_ID="$KEY_ID"
 BADGE_CLASS_ID="$OB_HOSTING_BASE/badge-class.json"
 ASSERTION_ID="$ASSERTION_HOSTING_URL"
 PROJECT_NAME="$PROJECT_NAME"
+RECIPIENT_TYPE="$RECIPIENT_TYPE"
 RECIPIENT_SALT="$RECIPIENT_SALT"
 RECIPIENT_IDENTITY_HASH="sha256\\\$$(printf '%s%s' "$RECIPIENT_IDENTITY_CLEAR" "$RECIPIENT_SALT" | sha256sum - | sed -e 's/ .*//')"
-EVIDENCE_1="$OSH_TOOL_REPORT_JSON_URL"
-EVIDENCE_2="$OSH_TOOL_REPORT_HTML_URL"
-EVIDENCE_3="$OSH_TOOL_REPORT_MD_URL"
-EVIDENCE_4="COMPLIANCE_FACTOR=$COMPLIANCE_FACTOR"
+BAKED_IMAGE_URL="$BAKED_IMAGE_URL"
+EVIDENCE_1='"'"$OSH_TOOL_REPORT_JSON_URL"'"'
+EVIDENCE_2='"'"$OSH_TOOL_REPORT_HTML_URL"'"'
+EVIDENCE_3='"'"$OSH_TOOL_REPORT_MD_URL"'"'
 DATE_ISSUED_ON="$(date --iso-8601=seconds)"
 DATE_EXPIRES="$(date --iso-8601=seconds --date="2099-12-30")"
 COMPLIANCE_PERCENT="$(yq r "$OSH_TOOL_REPORT_JSON" 'stats.ratings.compliance.percent')"
 EOF
+#EVIDENCE_4="{ \"compliance-factor\": \"$COMPLIANCE_FACTOR\" }"
 
 if $force || ! [ -e "$PRIV_KEY_DER" ]
 then
@@ -260,17 +278,6 @@ then
 	sed -i -e 's|.*"publicKeyPem":.*|'"$pkp_line"'|' "$KEY_JSON"
 fi
 
-# rsa=false
-# if $rsa
-# then
-# openssl genpkey -algorithm RSA -outform DER -out "$PRIV_KEY_DER" -pkeyopt rsa_keygen_bits:4096
-# 	ALG="rs256"
-# else
-# 	# openssl ecparam -outform DER -noout -out "$PRIV_KEY_DER" -name prime256v1 -genkey
-# 	openssl genpkey -algorithm ECDSA -outform DER -out "$PRIV_KEY_DER" -pkeyopt ec_paramgen_curve:prime256v1
-# 	ALG="es256"
-# fi
-
 repvar \
     --variables-file "$VARIABLES_FILE" \
     < "$ASSERTION_TEMPLATE_PATH" \

diff --git a/resources/open-badge-examples/compliance-signed/assertion-1.json b/resources/open-badge-examples/compliance-signed/assertion-1.json
@@ -11,7 +11,7 @@
   },
   "verification": {
     "type": "SignedBadge",
-    "creator": "https://raw.githubusercontent.com/hoijui/osh-tool/master/resources/open-badge-examples/compliance-signed/issuer.json"
+    "creator": "https://raw.githubusercontent.com/hoijui/osh-tool/master/resources/open-badge-examples/compliance-signed/issuer-key.json"
   },
   "image": "https://raw.githubusercontent.com/hoijui/osh-tool/master/resources/open-badge-examples/compliance-signed/assertion-1-badge-baked.svg",
   "evidence": [

diff --git a/resources/open-badge-examples/compliance-signed/assertion-TEMPLATE.json b/resources/open-badge-examples/compliance-signed/assertion-TEMPLATE.json
@@ -2,23 +2,22 @@
   "@context": "https://w3id.org/openbadges/v2",
   "type": "Assertion",
   "id": "${ASSERTION_ID}",
-  "badge": "https://raw.githubusercontent.com/hoijui/osh-tool/master/resources/open-badge-examples/compliance-signed/badge-class.json",
+  "badge": "${BADGE_CLASS_ID}",
   "recipient": {
-    "type": "url",
+    "type": "${RECIPIENT_TYPE}",
     "identity": "${RECIPIENT_IDENTITY_HASH}",
     "hashed": true,
     "salt": "${RECIPIENT_SALT}"
   },
   "verification": {
     "type": "SignedBadge",
-    "creator": "https://raw.githubusercontent.com/hoijui/osh-tool/master/resources/open-badge-examples/compliance-signed/issuer.json"
+    "creator": "${KEY_ID}"
   },
-  "image": "https://raw.githubusercontent.com/hoijui/osh-tool/master/resources/open-badge-examples/compliance-signed/assertion-gen-baked.svg",
+  "image": "${BAKED_IMAGE_URL}",
   "evidence": [
-    "${EVIDENCE_1}",
-    "${EVIDENCE_2}",
-    "${EVIDENCE_3}",
-    "${EVIDENCE_4}"
+    ${EVIDENCE_1},
+    ${EVIDENCE_2},
+    ${EVIDENCE_3}
   ],
   "narrative": "The osh-tool was run on _${PROJECT_NAME}_, which achieved a total OSH(-tool) compliance of `${COMPLIANCE_PERCENT}`. See the evidence for further details.",
   "issuedOn": "${DATE_ISSUED_ON}",