AttributeError: 'NoneType' Object Has No Attribute 'issuer' - Presenting Revoked OOR Credential Fails

Introduction

In this article, we will delve into the issue of presenting a revoked OOR (Open Organization Reference) credential failing with an AttributeError. This error occurs when the code attempts to access the 'issuer' attribute of a 'NoneType' object, which does not have this attribute. We will explore the root cause of this issue, discuss the expected behavior, and provide a solution to handle revoked credentials correctly.

Understanding the Error

The error message indicates that the code is trying to access the 'issuer' attribute of a 'NoneType' object, which is not possible. This error is triggered when a revoked OOR credential is presented, and the code fails to process it correctly.

Expected Behavior

When a revoked credential is received, the original, unrevoked credential should be processed first, followed by the revocation. This ensures that the credential is properly validated and updated in the system.

Current Behavior

However, the current implementation fails to process the revoked credential correctly, resulting in an AttributeError. This is because the code attempts to access the 'issuer' attribute of a 'NoneType' object, which does not exist.

Solution

To fix this issue, we need to modify the code to handle revoked credentials correctly. We can achieve this by checking if the credential is revoked before attempting to access its 'issuer' attribute. If the credential is revoked, we should process the original, unrevoked credential first, followed by the revocation.

Code Modifications

Here is an example of how we can modify the code to handle revoked credentials correctly:

def process_credential(credential):
    if credential.revoked:
        # Process the original, unrevoked credential first
        original_credential = credential.original
        if original_credential:
            process_credential(original_credential)
        # Process the revocation
        process_revocation(credential)
    else:
        # Process the credential normally
        process_normal_credential(credential)

In this example, we added a check to see if the credential is revoked. If it is, we process the original, unrevoked credential first, followed by the revocation. If the credential is not revoked, we process it normally.

Conclusion

In conclusion, the AttributeError: 'NoneType' object has no attribute 'issuer' error occurs when presenting a revoked OOR credential fails. To fix this issue, we need to modify the code to handle revoked credentials correctly. We can achieve this by checking if the credential is revoked before attempting to access its 'issuer' attribute. By processing the original, unrevoked credential first, followed by the revocation, we can ensure that the credential is properly validated and updated in the system.

Recommendations

To avoid this issue in the future, we recommend the following:

• Always check if a credential is revoked before attempting to access its 'issuer' attribute.
• Process the original, unrevoked credential first, followed by the revocation, when handling revoked credentials.
• Validate the assumption that the original issuance is present in the CESR stream sent during thePEX Grant of the revoked credential.

Additional Information

• The IPEX Grant should send both the original issuance and the revocation of a credential.
• If the original issuance is not present in the CESR stream sent during the IPEX Grant of the revoked credential, work with the KERIpy maintainers to change this behavior.

References

• KERIpy documentation
• OOR credential specification

Acknowledgments

Introduction

In our previous article, we discussed the issue of presenting a revoked OOR (Open Organization Reference) credential failing with an AttributeError. We explored the root cause of this issue, discussed the expected behavior, and provided a solution to handle revoked credentials correctly. In this article, we will answer some frequently asked questions related to this issue.

Q: What is the root cause of the AttributeError: 'NoneType' object has no attribute 'issuer' error?

A: The root cause of this error is that the code is attempting to access the 'issuer' attribute of a 'NoneType' object, which does not have this attribute. This occurs when a revoked OOR credential is presented, and the code fails to process it correctly.

Q: Why is it important to handle revoked credentials correctly?

A: Handling revoked credentials correctly is essential to ensure that the credential is properly validated and updated in the system. If a revoked credential is not handled correctly, it can lead to errors and inconsistencies in the system.

Q: What is the expected behavior when a revoked credential is received?

A: When a revoked credential is received, the original, unrevoked credential should be processed first, followed by the revocation. This ensures that the credential is properly validated and updated in the system.

Q: How can I modify the code to handle revoked credentials correctly?

A: To modify the code to handle revoked credentials correctly, you can add a check to see if the credential is revoked. If it is, you should process the original, unrevoked credential first, followed by the revocation. If the credential is not revoked, you can process it normally.

Q: What is the difference between a revoked credential and a normal credential?

A: A revoked credential is a credential that has been revoked or cancelled, whereas a normal credential is a credential that is still valid and active.

Q: How can I validate the assumption that the original issuance is present in the CESR stream sent during the IPEX Grant of the revoked credential?

A: To validate this assumption, you can check the CESR stream sent during the IPEX Grant of the revoked credential to ensure that it contains the original issuance. If it does not, you should work with the KERIpy maintainers to change this behavior.

Q: What is the IPEX Grant, and why is it important?

A: The IPEX Grant is a grant that is sent during the IPEX (Inter-Protocol Exchange) process, which is used to exchange credentials between different protocols. The IPEX Grant is important because it allows for the exchange of credentials between different protocols, which is essential for interoperability.

Q: How can I work with the KERIpy maintainers to change the behavior of the IPEX Grant?

A: To work with the KERIpy maintainers to change the behavior of the IPEX Grant, you can submit a pull request the KERIpy repository with the proposed changes. You can also reach out to the KERIpy maintainers directly to discuss the proposed changes.

Conclusion

In conclusion, the AttributeError: 'NoneType' object has no attribute 'issuer' error occurs when presenting a revoked OOR credential fails. To fix this issue, we need to modify the code to handle revoked credentials correctly. We can achieve this by checking if the credential is revoked before attempting to access its 'issuer' attribute. By processing the original, unrevoked credential first, followed by the revocation, we can ensure that the credential is properly validated and updated in the system.

Recommendations

To avoid this issue in the future, we recommend the following:

• Always check if a credential is revoked before attempting to access its 'issuer' attribute.
• Process the original, unrevoked credential first, followed by the revocation, when handling revoked credentials.
• Validate the assumption that the original issuance is present in the CESR stream sent during the IPEX Grant of the revoked credential.

Additional Information

• The IPEX Grant should send both the original issuance and the revocation of a credential.
• If the original issuance is not present in the CESR stream sent during the IPEX Grant of the revoked credential, work with the KERIpy maintainers to change this behavior.

References

• KERIpy documentation
• OOR credential specification

Acknowledgments

We would like to thank the KERIpy maintainers for their help and guidance in resolving this issue.