Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Revocation Policy Failure with Redis Persistence #993

Open
shev-pro opened this issue Mar 19, 2025 · 2 comments
Open

Revocation Policy Failure with Redis Persistence #993

shev-pro opened this issue Mar 19, 2025 · 2 comments
Labels
bug Something isn't working

Comments

@shev-pro
Copy link
Contributor

The revocation policy (revoked-status-list) fails when using Redis as the persistence backend in the waltid-verifier service.

Steps to Reproduce

  1. Configure waltid-verifier to use Redis as the persistence backend.
  2. Execute a verification request using the provided Swagger example (Example with VP & global VC policies):
curl -X 'POST' \
  'http://127.0.0.1:7003/openid4vc/verify' \
  -H 'accept: */*' \
  -H 'authorizeBaseUrl: openid4vp://authorize' \
  -H 'responseMode: direct_post' \
  -H 'Content-Type: application/json' \
  -d '{
  "vp_policies": [
    {
      "policy": "minimum-credentials",
      "args": 2
    },
    {
      "policy": "maximum-credentials",
      "args": 100
    }
  ],
  "vc_policies": [
    "signature",
    "expired",
    "not-before",
    "revoked-status-list"
  ],
  "request_credentials": [
    {
      "format": "jwt_vc_json",
      "type": "OpenBadgeCredential"
    },
    {
      "format": "jwt_vc_json",
      "type": "VerifiableId"
    }
  ]
}'

Expected Behavior

The service should return a 200 OK response with the expected verification results.

Actual Behavior

The request fails with a 400 Bad Request error and the following exception:

{"exception":true,"id":"SerializationException","status":"Bad Request","code":"400",
"message":"Serializer for subclass 'LocationIgnorantKLogger' is not found in the polymorphic scope of 'KLogger'. 
Check if class with serial name 'LocationIgnorantKLogger' exists and serializer is registered in a corresponding SerializersModule. 
To be registered automatically, class 'LocationIgnorantKLogger' has to be '@Serializable', and the base class 'KLogger' has to be sealed and '@Serializable'."}

Environment

  • Docker Prebuilt Images
  • WaltID Identity Version: 0.12.0

Stack Trace

(Full stack trace is attached in the issue description.)
stacktrace.txt

Possible Solution

Modify the RevocationPolicy implementation to prevent the logger from being serialized:

In waltid-libraries/credentials/waltid-verification-policies/src/jvmMain/kotlin/id/walt/policies/policies/RevocationPolicy.jvm.kt, move the following logger declaration inside the functions to ensure it is re-created per invocation and excluded from serialization:

private val logger = KotlinLogging.logger {}

This adjustment ensures that the logger does not interfere with serialization when using Redis as the persistence backend.
@shev-pro shev-pro added the bug Something isn't working label Mar 19, 2025
@alegomes
Copy link
Contributor

Is it too much to ask for a PR, @shev-pro ? 🤗

@shev-pro shev-pro mentioned this issue Mar 24, 2025
Merged
@shev-pro
Copy link
Contributor Author

Here it is: PR #996. The fix turned out to be quite straightforward.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@alegomes @shev-pro