Merge branch 'main' into feat/migrate-from-circe-to-zio-json

Signed-off-by: Benjamin Voiturier <[email protected]>
hyperledger · Dec 4, 2024 · c517f9d · c517f9d
2 parents a097cb4 + c6a3e0c
commit c517f9d
Show file tree

Hide file tree

Showing 40 changed files with 580 additions and 140 deletions.
diff --git a/...scala/org/hyperledger/identus/credentialstatus/controller/http/StatusListCredential.scala b/...scala/org/hyperledger/identus/credentialstatus/controller/http/StatusListCredential.scala
@@ -165,7 +165,7 @@ object StatusListCredential {
   given stringOrCredentialIssuerDecoder: JsonDecoder[String | CredentialIssuer] =
     JsonDecoder[CredentialIssuer]
       .map(issuer => issuer: String | CredentialIssuer)
-      .orElse(JsonDecoder[String].map(schemaId => schemaId: String | CredentialIssuer))
+      .orElse(JsonDecoder[String].map(issuerId => issuerId: String | CredentialIssuer))
 
   given statusListCredentialEncoder: JsonEncoder[StatusListCredential] =
     DeriveJsonEncoder.gen[StatusListCredential]

diff --git a/...cala/org/hyperledger/identus/issue/controller/CredentialSchemaReferenceParsingLogic.scala b/...cala/org/hyperledger/identus/issue/controller/CredentialSchemaReferenceParsingLogic.scala
@@ -0,0 +1,62 @@
+package org.hyperledger.identus.issue.controller
+
+import org.hyperledger.identus.api.http.ErrorResponse
+import org.hyperledger.identus.issue.controller.http.CredentialSchemaRef as HTTPCredentialSchemaRef
+import org.hyperledger.identus.pollux.core.model.primitives.UriString
+import org.hyperledger.identus.pollux.core.model.schema.{
+  CredentialSchemaRef as DomainCredentialSchemaRef,
+  CredentialSchemaRefType
+}
+import zio.{IO, ZIO}
+
+trait CredentialSchemaReferenceParsingLogic {
+
+  // According to VCDM 1.1, the property "credentialSchema" is required to issue JWT, JSON, and JSON-LD credentials.
+  // The "id" property in the "credentialSchema" object is a URI that points to the schema of the credential.
+  // The "type" property in the "credentialSchema" object must be "JsonSchemaValidator2018".
+  // Multiple schemas are not allowed in VCDM 1.1.
+  def parseCredentialSchemaRef_VCDM1_1(
+      deprecatedSchemaIdProperty: Option[String | List[String]],
+      credentialSchemaRefOption: Option[HTTPCredentialSchemaRef]
+  ): IO[ErrorResponse, DomainCredentialSchemaRef] = {
+    credentialSchemaRefOption match {
+      case Some(csr) if csr.`type` == "JsonSchemaValidator2018" =>
+        makeDomainCredentialSchemaRef(csr.id)
+      case Some(csr) =>
+        ZIO.fail(ErrorResponse.badRequest(detail = Some(s"Invalid credentialSchema type: ${csr.`type`}.")))
+      case None =>
+        handleDeprecatedSchemaId(deprecatedSchemaIdProperty)
+          .flatMap(makeDomainCredentialSchemaRef)
+    }
+  }
+
+  def parseSchemaIdForAnonCredsModelV1(
+      deprecatedSchemaIdProperty: Option[String | List[String]],
+      schemaIdProperty: Option[String]
+  ): IO[ErrorResponse, UriString] = {
+    schemaIdProperty
+      .map(makeUriStringOrErrorResponse)
+      .getOrElse(handleDeprecatedSchemaId(deprecatedSchemaIdProperty).flatMap(makeUriStringOrErrorResponse))
+  }
+
+  private def handleDeprecatedSchemaId(
+      deprecatedSchemaIdProperty: Option[String | List[String]]
+  ): IO[ErrorResponse, String] = {
+    deprecatedSchemaIdProperty match {
+      case Some(schemaId: String) =>
+        ZIO.succeed(schemaId)
+      case Some(_: List[String]) =>
+        ZIO.fail(ErrorResponse.badRequest(detail = Some("Multiple credential schemas are not allowed.")))
+      case None =>
+        ZIO.fail(ErrorResponse.badRequest(detail = Some("Credential schema property missed.")))
+    }
+  }
+
+  private def makeDomainCredentialSchemaRef(input: String): IO[ErrorResponse, DomainCredentialSchemaRef] =
+    makeUriStringOrErrorResponse(input).map(
+      DomainCredentialSchemaRef(CredentialSchemaRefType.JsonSchemaValidator2018, _)
+    )
+
+  private def makeUriStringOrErrorResponse(input: String): IO[ErrorResponse, UriString] =
+    UriString.make(input).toZIO.mapError(uriParseError => ErrorResponse.badRequest(detail = Some(uriParseError)))
+}
diff --git a/.../server/src/main/scala/org/hyperledger/identus/issue/controller/IssueControllerImpl.scala b/.../server/src/main/scala/org/hyperledger/identus/issue/controller/IssueControllerImpl.scala
@@ -35,7 +35,8 @@ class IssueControllerImpl(
     managedDIDService: ManagedDIDService,
     appConfig: AppConfig
 ) extends IssueController
-    with ControllerHelper {
+    with ControllerHelper
+    with CredentialSchemaReferenceParsingLogic {
 
   private case class OfferContext(
       pairwiseIssuerDID: DidId,
@@ -64,16 +65,17 @@ class IssueControllerImpl(
             for {
               issuingDID <- getIssuingDidFromRequest(request)
               _ <- validatePrismDID(issuingDID, allowUnpublished = true, Role.Issuer)
+              credentialSchemaRef <- parseCredentialSchemaRef_VCDM1_1(
+                request.schemaId,
+                request.jwtVcPropertiesV1.map(_.credentialSchema)
+              )
               record <- credentialService
                 .createJWTIssueCredentialRecord(
                   pairwiseIssuerDID = offerContext.pairwiseIssuerDID,
                   pairwiseHolderDID = offerContext.pairwiseHolderDID,
                   kidIssuer = request.issuingKid,
                   thid = DidCommID(),
-                  maybeSchemaIds = request.schemaId.map {
-                    case schemaId: String        => List(schemaId)
-                    case schemaIds: List[String] => schemaIds
-                  },
+                  credentialSchemaRef = Some(credentialSchemaRef),
                   claims = request.claims,
                   validityPeriod = request.validityPeriod,
                   automaticIssuance = request.automaticIssuance.orElse(Some(true)),
@@ -88,16 +90,17 @@ class IssueControllerImpl(
             for {
               issuingDID <- getIssuingDidFromRequest(request)
               _ <- validatePrismDID(issuingDID, allowUnpublished = true, Role.Issuer)
+              credentialSchemaRef <- parseCredentialSchemaRef_VCDM1_1(
+                request.schemaId,
+                request.sdJwtVcPropertiesV1.map(_.credentialSchema)
+              )
               record <- credentialService
                 .createSDJWTIssueCredentialRecord(
                   pairwiseIssuerDID = offerContext.pairwiseIssuerDID,
                   pairwiseHolderDID = offerContext.pairwiseHolderDID,
                   kidIssuer = request.issuingKid,
                   thid = DidCommID(),
-                  maybeSchemaIds = request.schemaId.map {
-                    case schemaId: String        => List(schemaId)
-                    case schemaIds: List[String] => schemaIds
-                  },
+                  credentialSchemaRef = Option(credentialSchemaRef),
                   claims = request.claims,
                   validityPeriod = request.validityPeriod,
                   automaticIssuance = request.automaticIssuance.orElse(Some(true)),