save work

2025-12-19 07:28:23 +02:00
parent 6410a6d082
commit 2eafe98d44
97 changed files with 5040 additions and 1443 deletions
--- a/src/Scanner/StellaOps.Scanner.WebService/Endpoints/ScoreReplayEndpoints.cs
+++ b/src/Scanner/StellaOps.Scanner.WebService/Endpoints/ScoreReplayEndpoints.cs
@@ -8,6 +8,7 @@
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Routing;
+using StellaOps.Scanner.Core;
 using StellaOps.Scanner.WebService.Contracts;
 using StellaOps.Scanner.WebService.Services;

@@ -85,7 +86,7 @@ internal static class ScoreReplayEndpoints
                RootHash: result.RootHash,
                BundleUri: result.BundleUri,
                ManifestHash: result.ManifestHash,
-                ReplayedAtUtc: result.ReplayedAt,
+                ReplayedAt: result.ReplayedAt,
                Deterministic: result.Deterministic));
        }
        catch (InvalidOperationException ex)
@@ -107,6 +108,8 @@ internal static class ScoreReplayEndpoints
        string scanId,
        [FromQuery] string? rootHash,
        IScoreReplayService replayService,
+        IProofBundleWriter bundleWriter,
+        IScanManifestSigner manifestSigner,
        CancellationToken cancellationToken)
    {
        if (string.IsNullOrWhiteSpace(scanId))
@@ -131,11 +134,29 @@ internal static class ScoreReplayEndpoints
            });
        }

+        bool manifestDsseValid;
+        try
+        {
+            var contents = await bundleWriter.ReadBundleAsync(bundle.BundleUri, cancellationToken).ConfigureAwait(false);
+            var verify = await manifestSigner.VerifyAsync(contents.SignedManifest, cancellationToken).ConfigureAwait(false);
+            manifestDsseValid = verify.IsValid;
+        }
+        catch (FileNotFoundException ex)
+        {
+            return Results.NotFound(new ProblemDetails
+            {
+                Title = "Bundle not found",
+                Detail = ex.Message,
+                Status = StatusCodes.Status404NotFound
+            });
+        }
+
        return Results.Ok(new ScoreBundleResponse(
            ScanId: bundle.ScanId,
            RootHash: bundle.RootHash,
            BundleUri: bundle.BundleUri,
-            CreatedAtUtc: bundle.CreatedAtUtc));
+            ManifestDsseValid: manifestDsseValid,
+            CreatedAt: bundle.CreatedAtUtc));
    }

    /// <summary>
@@ -213,14 +234,14 @@ public sealed record ScoreReplayRequest(
 /// <param name="RootHash">Root hash of the proof ledger.</param>
 /// <param name="BundleUri">URI to the proof bundle.</param>
 /// <param name="ManifestHash">Hash of the manifest used.</param>
-/// <param name="ReplayedAtUtc">When the replay was performed.</param>
+/// <param name="ReplayedAt">When the replay was performed.</param>
 /// <param name="Deterministic">Whether the replay was deterministic.</param>
 public sealed record ScoreReplayResponse(
    double Score,
    string RootHash,
    string BundleUri,
    string ManifestHash,
-    DateTimeOffset ReplayedAtUtc,
+    DateTimeOffset ReplayedAt,
    bool Deterministic);

 /// <summary>
@@ -230,7 +251,8 @@ public sealed record ScoreBundleResponse(
    string ScanId,
    string RootHash,
    string BundleUri,
-    DateTimeOffset CreatedAtUtc);
+    bool ManifestDsseValid,
+    DateTimeOffset CreatedAt);

 /// <summary>
 /// Request for bundle verification.