introduce encryptAndSign for createRedeemJwt

2026-02-06 09:56:05 +00:00 · 2025-08-27 23:29:30 +02:00 · 2025-08-27 23:29:30 +02:00 · 1d248f9e34
commit 1d248f9e34
parent f844e08c8d
1 changed files with 34 additions and 20 deletions
--- a/backend/src/graphql/resolver/TransactionLinkResolver.ts
+++ b/backend/src/graphql/resolver/TransactionLinkResolver.ts
@ -425,27 +425,41 @@ export class TransactionLinkResolver {
      alias,
      validUntil,
    })
-
-    const redeemJwtPayloadType = new RedeemJwtPayloadType(
-      senderCommunityUuid,
-      gradidoId,
-      alias ?? firstName ?? '',
-      code,
-      amount,
-      memo,
-      validUntil ?? '',
-    )
-    // TODO:encode/sign the jwt normally with the private key of the sender/home community, but interims with uuid
-    const homeCom = await getHomeCommunity()
-    if (!homeCom) {
-      throw new LogError('Home community not found')
+    try {
+      const redeemJwtPayloadType = new RedeemJwtPayloadType(
+        senderCommunityUuid,
+        gradidoId,
+        alias ?? firstName ?? '',
+        code,
+        amount,
+        memo,
+        validUntil ?? '',
+      )
+      // encode/sign the jwt with the private key of the sender/home community
+      const senderCom = await getCommunityByUuid(senderCommunityUuid)
+      if (!senderCom) {
+        throw new LogError('Sender community not found')
+      }
+      if (!senderCom.privateJwtKey) {
+        throw new LogError('Sender community privateJwtKey is not set')
+      }
+      const recipientCom = await getCommunityByUuid(recipientCommunityUuid)
+      if (!recipientCom) {
+        throw new LogError('Recipient community not found')
+      }
+      if (!recipientCom.publicJwtKey) {
+        throw new LogError('Recipient community publicJwtKey is not set')
+      }
+      const redeemJwt = await encryptAndSign(redeemJwtPayloadType, senderCom.privateJwtKey!, recipientCom.publicJwtKey!)
+      if (!redeemJwt) {
+        throw new LogError('Redeem JWT was not created successfully')
+      }
+      return redeemJwt
+    } catch (e) {
+      const errmsg = `Error on creating Redeem JWT: error=${e}`
+      methodLogger.error(errmsg)
+      throw new LogError(errmsg)
    }
-    if (!homeCom.communityUuid) {
-      throw new LogError('Home community UUID is not set')
-    }
-    const redeemJwt = await encode(redeemJwtPayloadType, homeCom.communityUuid)
-    // TODO: encrypt the payload with the public key of the target community
-    return redeemJwt
  }

  @Authorized([RIGHTS.DISBURSE_TRANSACTION_LINK])