From 096b7464d81b2686aa8d49b7f87762621828e17c Mon Sep 17 00:00:00 2001
From: patlo-iog <pat.losoponkul@iohk.io>
Date: Fri, 7 Jun 2024 11:11:53 +0700
Subject: [PATCH] fix: update issuer auth server model parity (#1154)

Signed-off-by: Pat Losoponkul <pat.losoponkul@iohk.io>
---
 .../controller/CredentialIssuerController.scala   |  9 +++++++--
 .../identus/oid4vci/http/CredentialIssuer.scala   | 12 ++++++++++--
 .../OID4VCIIssuerMetadataRepository.scala         |  7 ++++++-
 .../service/OID4VCIIssuerMetadataService.scala    | 15 ++++++++++++---
 ...OID4VCIIssuerMetadataRepositorySpecSuite.scala |  9 ++++++++-
 .../JdbcOID4VCIIssuerMetadataRepository.scala     | 10 ++++++++--
 6 files changed, 51 insertions(+), 11 deletions(-)

diff --git a/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/oid4vci/controller/CredentialIssuerController.scala b/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/oid4vci/controller/CredentialIssuerController.scala
index e11b8e3083..ca1811859f 100644
--- a/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/oid4vci/controller/CredentialIssuerController.scala
+++ b/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/oid4vci/controller/CredentialIssuerController.scala
@@ -261,12 +261,17 @@ case class CredentialIssuerControllerImpl(
   ): ZIO[WalletAccessContext, ErrorResponse, CredentialIssuer] =
     for {
       maybeAuthServerUrl <- ZIO
-        .succeed(request.authorizationServer)
+        .succeed(request.authorizationServer.flatMap(_.url))
         .flatMap {
           case Some(url) => parseURL(url).asSome
           case None      => ZIO.none
         }
-      issuer <- issuerMetadataService.updateCredentialIssuer(issuerId, maybeAuthServerUrl)
+      issuer <- issuerMetadataService.updateCredentialIssuer(
+        issuerId,
+        maybeAuthServerUrl,
+        request.authorizationServer.flatMap(_.clientId),
+        request.authorizationServer.flatMap(_.clientSecret)
+      )
     } yield issuer: CredentialIssuer
 
   override def deleteCredentialIssuer(
diff --git a/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/oid4vci/http/CredentialIssuer.scala b/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/oid4vci/http/CredentialIssuer.scala
index c6224f27e7..f5cdf6f3e5 100644
--- a/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/oid4vci/http/CredentialIssuer.scala
+++ b/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/oid4vci/http/CredentialIssuer.scala
@@ -25,9 +25,17 @@ object AuthorizationServer {
   given decoder: JsonDecoder[AuthorizationServer] = DeriveJsonDecoder.gen
 }
 
-case class CredentialIssuer(id: UUID, authorizationServer: String)
+case class CredentialIssuer(id: UUID, authorizationServerUrl: String)
 
-case class PatchCredentialIssuerRequest(authorizationServer: Option[String] = None)
+case class PatchAuthorizationServer(url: Option[String], clientId: Option[String], clientSecret: Option[String])
+
+object PatchAuthorizationServer {
+  given schema: Schema[PatchAuthorizationServer] = Schema.derived
+  given encoder: JsonEncoder[PatchAuthorizationServer] = DeriveJsonEncoder.gen
+  given decoder: JsonDecoder[PatchAuthorizationServer] = DeriveJsonDecoder.gen
+}
+
+case class PatchCredentialIssuerRequest(authorizationServer: Option[PatchAuthorizationServer] = None)
 
 object PatchCredentialIssuerRequest {
   given schema: Schema[PatchCredentialIssuerRequest] = Schema.derived
diff --git a/pollux/core/src/main/scala/org/hyperledger/identus/pollux/core/repository/OID4VCIIssuerMetadataRepository.scala b/pollux/core/src/main/scala/org/hyperledger/identus/pollux/core/repository/OID4VCIIssuerMetadataRepository.scala
index 2c072fdcf9..a74d6641a7 100644
--- a/pollux/core/src/main/scala/org/hyperledger/identus/pollux/core/repository/OID4VCIIssuerMetadataRepository.scala
+++ b/pollux/core/src/main/scala/org/hyperledger/identus/pollux/core/repository/OID4VCIIssuerMetadataRepository.scala
@@ -11,7 +11,12 @@ trait OID4VCIIssuerMetadataRepository {
   def findIssuerById(issuerId: UUID): UIO[Option[CredentialIssuer]]
   def createIssuer(issuer: CredentialIssuer): URIO[WalletAccessContext, Unit]
   def findWalletIssuers: URIO[WalletAccessContext, Seq[CredentialIssuer]]
-  def updateIssuer(issuerId: UUID, authorizationServer: Option[URL] = None): URIO[WalletAccessContext, Unit]
+  def updateIssuer(
+      issuerId: UUID,
+      authorizationServer: Option[URL] = None,
+      authorizationServerClientId: Option[String] = None,
+      authorizationServerClientSecret: Option[String] = None
+  ): URIO[WalletAccessContext, Unit]
   def deleteIssuer(issuerId: UUID): URIO[WalletAccessContext, Unit]
   def createCredentialConfiguration(issuerId: UUID, config: CredentialConfiguration): URIO[WalletAccessContext, Unit]
   def findCredentialConfigurationsByIssuer(issuerId: UUID): UIO[Seq[CredentialConfiguration]]
diff --git a/pollux/core/src/main/scala/org/hyperledger/identus/pollux/core/service/OID4VCIIssuerMetadataService.scala b/pollux/core/src/main/scala/org/hyperledger/identus/pollux/core/service/OID4VCIIssuerMetadataService.scala
index 252c15669b..b563d8676e 100644
--- a/pollux/core/src/main/scala/org/hyperledger/identus/pollux/core/service/OID4VCIIssuerMetadataService.scala
+++ b/pollux/core/src/main/scala/org/hyperledger/identus/pollux/core/service/OID4VCIIssuerMetadataService.scala
@@ -61,7 +61,9 @@ trait OID4VCIIssuerMetadataService {
   def getCredentialIssuers: URIO[WalletAccessContext, Seq[CredentialIssuer]]
   def updateCredentialIssuer(
       issuerId: UUID,
-      authorizationServer: Option[URL] = None
+      authorizationServer: Option[URL] = None,
+      authorizationServerClientId: Option[String] = None,
+      authorizationServerClientSecret: Option[String] = None
   ): ZIO[WalletAccessContext, IssuerIdNotFound, CredentialIssuer]
   def deleteCredentialIssuer(issuerId: UUID): ZIO[WalletAccessContext, IssuerIdNotFound, Unit]
   def createCredentialConfiguration(
@@ -99,11 +101,18 @@ class OID4VCIIssuerMetadataServiceImpl(repository: OID4VCIIssuerMetadataReposito
 
   override def updateCredentialIssuer(
       issuerId: UUID,
-      authorizationServer: Option[URL]
+      authorizationServer: Option[URL],
+      authorizationServerClientId: Option[String],
+      authorizationServerClientSecret: Option[String]
   ): ZIO[WalletAccessContext, IssuerIdNotFound, CredentialIssuer] =
     for {
       _ <- repository
-        .updateIssuer(issuerId, authorizationServer = authorizationServer)
+        .updateIssuer(
+          issuerId = issuerId,
+          authorizationServer = authorizationServer,
+          authorizationServerClientId = authorizationServerClientId,
+          authorizationServerClientSecret = authorizationServerClientSecret
+        )
         .catchSomeDefect { case _: UnexpectedAffectedRow =>
           ZIO.fail(IssuerIdNotFound(issuerId))
         }
diff --git a/pollux/core/src/test/scala/org/hyperledger/identus/pollux/core/repository/OID4VCIIssuerMetadataRepositorySpecSuite.scala b/pollux/core/src/test/scala/org/hyperledger/identus/pollux/core/repository/OID4VCIIssuerMetadataRepositorySpecSuite.scala
index 48030953cd..26134ff767 100644
--- a/pollux/core/src/test/scala/org/hyperledger/identus/pollux/core/repository/OID4VCIIssuerMetadataRepositorySpecSuite.scala
+++ b/pollux/core/src/test/scala/org/hyperledger/identus/pollux/core/repository/OID4VCIIssuerMetadataRepositorySpecSuite.scala
@@ -98,10 +98,17 @@ object OID4VCIIssuerMetadataRepositorySpecSuite {
         authServer2 = URI.create("http://example-2.com").toURL()
         issuer = makeCredentialIssuer(authorizationServer = authServer1)
         _ <- repo.createIssuer(issuer)
-        _ <- repo.updateIssuer(issuer.id, authorizationServer = Some(authServer2))
+        _ <- repo.updateIssuer(
+          issuerId = issuer.id,
+          authorizationServer = Some(authServer2),
+          authorizationServerClientId = Some("client-2"),
+          authorizationServerClientSecret = Some("secret-2")
+        )
         updatedIssuer <- repo.findIssuerById(issuer.id).some
       } yield assert(updatedIssuer.id)(equalTo(issuer.id)) &&
         assert(updatedIssuer.authorizationServer)(equalTo(authServer2)) &&
+        assert(updatedIssuer.authorizationServerClientId)(equalTo("client-2")) &&
+        assert(updatedIssuer.authorizationServerClientSecret)(equalTo("secret-2")) &&
         assert(updatedIssuer.updatedAt)(not(equalTo(issuer.createdAt)))
     },
     test("update credential issuer with empty patch successfully") {
diff --git a/pollux/sql-doobie/src/main/scala/org/hyperledger/identus/pollux/sql/repository/JdbcOID4VCIIssuerMetadataRepository.scala b/pollux/sql-doobie/src/main/scala/org/hyperledger/identus/pollux/sql/repository/JdbcOID4VCIIssuerMetadataRepository.scala
index c095a99bd8..b43fe8f70e 100644
--- a/pollux/sql-doobie/src/main/scala/org/hyperledger/identus/pollux/sql/repository/JdbcOID4VCIIssuerMetadataRepository.scala
+++ b/pollux/sql-doobie/src/main/scala/org/hyperledger/identus/pollux/sql/repository/JdbcOID4VCIIssuerMetadataRepository.scala
@@ -86,12 +86,18 @@ class JdbcOID4VCIIssuerMetadataRepository(xa: Transactor[ContextAwareTask], xb:
 
   override def updateIssuer(
       issuerId: UUID,
-      authorizationServer: Option[URL]
+      authorizationServer: Option[URL],
+      authorizationServerClientId: Option[String],
+      authorizationServerClientSecret: Option[String]
   ): URIO[WalletAccessContext, Unit] = {
     val setFr = (now: Instant) =>
       Fragments.set(
         fr"updated_at = $now",
-        (Seq(authorizationServer.map(url => fr"authorization_server = $url")).flatten): _*
+        (Seq(
+          authorizationServer.map(url => fr"authorization_server = $url"),
+          authorizationServerClientId.map(i => fr"authorization_server_client_id = $i"),
+          authorizationServerClientSecret.map(i => fr"authorization_server_client_secret = $i")
+        ).flatten)*
       )
     val cxnIO = (setFr: Fragment) => sql"""
         |UPDATE public.issuer_metadata