From ff760f5ccf8442b97d250b519e8c4fdd908a93cd Mon Sep 17 00:00:00 2001 From: Pat Losoponkul Date: Thu, 13 Jun 2024 12:17:33 +0700 Subject: [PATCH 01/13] chore: cleanup unused println Signed-off-by: Pat Losoponkul --- .../oid4vci/service/OIDCCredentialIssuerService.scala | 1 - .../oid4vci/domain/OIDCCredentialIssuerServiceSpec.scala | 7 ------- 2 files changed, 8 deletions(-) diff --git a/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/oid4vci/service/OIDCCredentialIssuerService.scala b/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/oid4vci/service/OIDCCredentialIssuerService.scala index 24d4ee974b..41efe8b1e8 100644 --- a/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/oid4vci/service/OIDCCredentialIssuerService.scala +++ b/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/oid4vci/service/OIDCCredentialIssuerService.scala @@ -95,7 +95,6 @@ case class OIDCCredentialIssuerServiceImpl( ) .mapError(InvalidProof.apply) _ <- verifiedJwtSignature.toZIO.mapError(InvalidProof.apply) - _ <- ZIO.succeed(println(s"JWT proof is verified: ${jwt.value}")) } yield true } diff --git a/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/oid4vci/domain/OIDCCredentialIssuerServiceSpec.scala b/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/oid4vci/domain/OIDCCredentialIssuerServiceSpec.scala index 5b51457132..1b7ac3a8d0 100644 --- a/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/oid4vci/domain/OIDCCredentialIssuerServiceSpec.scala +++ b/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/oid4vci/domain/OIDCCredentialIssuerServiceSpec.scala @@ -80,14 +80,7 @@ object OIDCCredentialIssuerServiceSpec MockDIDNonSecretStorage.getPrismDidWalletIdExpectation(issuerDidData.id, WalletId.default) private def buildJwtProof(nonce: String, aud: UUID, iat: Int) = { - import org.bouncycastle.util.encoders.Hex - val longFormDid = PrismDID.buildLongFormFromOperation(holderOp) - - val encodedKey = Hex.toHexString(holderKp.privateKey.getEncoded) - println(s"Private Key: $encodedKey") - println("Long Form DID: " + longFormDid.toString) - makeJwtProof(longFormDid, nonce, aud, iat, holderKp.privateKey) } From 7b673bfe08be489724b5970d546674ef9976ab38 Mon Sep 17 00:00:00 2001 From: Pat Losoponkul Date: Thu, 13 Jun 2024 12:23:11 +0700 Subject: [PATCH 02/13] chore: fix imports Signed-off-by: Pat Losoponkul --- .../oid4vci/domain/Openid4VCIProofJwtOps.scala | 3 +-- .../service/OIDCCredentialIssuerService.scala | 12 +++++++++--- .../identus/pollux/vc/jwt/JWTVerification.scala | 3 +-- 3 files changed, 11 insertions(+), 7 deletions(-) diff --git a/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/oid4vci/domain/Openid4VCIProofJwtOps.scala b/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/oid4vci/domain/Openid4VCIProofJwtOps.scala index ec849e0e9d..92e05c75c4 100644 --- a/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/oid4vci/domain/Openid4VCIProofJwtOps.scala +++ b/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/oid4vci/domain/Openid4VCIProofJwtOps.scala @@ -5,8 +5,7 @@ import org.hyperledger.identus.castor.core.model.did.{DID, LongFormPrismDID, Pri import org.hyperledger.identus.pollux.vc.jwt.{DidResolver, JWT} import org.hyperledger.identus.pollux.vc.jwt.JwtSignerImplicits.* import org.hyperledger.identus.shared.crypto.Secp256k1PrivateKey -import zio.Task -import zio.ZIO +import zio.{Task, ZIO} import java.util.UUID import scala.jdk.CollectionConverters.* diff --git a/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/oid4vci/service/OIDCCredentialIssuerService.scala b/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/oid4vci/service/OIDCCredentialIssuerService.scala index 41efe8b1e8..4434179fb4 100644 --- a/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/oid4vci/service/OIDCCredentialIssuerService.scala +++ b/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/oid4vci/service/OIDCCredentialIssuerService.scala @@ -8,9 +8,15 @@ import org.hyperledger.identus.oid4vci.domain.IssuanceSession import org.hyperledger.identus.oid4vci.http.* import org.hyperledger.identus.oid4vci.storage.IssuanceSessionStorage import org.hyperledger.identus.pollux.core.service.CredentialService -import org.hyperledger.identus.pollux.vc.jwt.{Issuer, JWT, JWTVerification, JwtCredential, W3cCredentialPayload} -import org.hyperledger.identus.pollux.vc.jwt.DID as PolluxDID -import org.hyperledger.identus.pollux.vc.jwt.DidResolver +import org.hyperledger.identus.pollux.vc.jwt.{ + DID as PolluxDID, + DidResolver, + Issuer, + JWT, + JWTVerification, + JwtCredential, + W3cCredentialPayload +} import org.hyperledger.identus.shared.models.{WalletAccessContext, WalletId} import zio.* diff --git a/pollux/vc-jwt/src/main/scala/org/hyperledger/identus/pollux/vc/jwt/JWTVerification.scala b/pollux/vc-jwt/src/main/scala/org/hyperledger/identus/pollux/vc/jwt/JWTVerification.scala index 9f4f5e1409..4d017a7613 100644 --- a/pollux/vc-jwt/src/main/scala/org/hyperledger/identus/pollux/vc/jwt/JWTVerification.scala +++ b/pollux/vc-jwt/src/main/scala/org/hyperledger/identus/pollux/vc/jwt/JWTVerification.scala @@ -11,8 +11,7 @@ import io.circe.generic.auto.* import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo import org.bouncycastle.crypto.params.Ed25519PublicKeyParameters import org.bouncycastle.crypto.util.SubjectPublicKeyInfoFactory -import org.hyperledger.identus.castor.core.model.did.PrismDID -import org.hyperledger.identus.castor.core.model.did.VerificationRelationship +import org.hyperledger.identus.castor.core.model.did.{PrismDID, VerificationRelationship} import org.hyperledger.identus.shared.crypto.Ed25519PublicKey import pdi.jwt.* import zio.* From 07a464cec222a4c487b0731ce1c93ca307410a68 Mon Sep 17 00:00:00 2001 From: Pat Losoponkul Date: Thu, 13 Jun 2024 12:38:50 +0700 Subject: [PATCH 03/13] chore: cleanup unused classes Signed-off-by: Pat Losoponkul --- .../domain/Openid4VCIProofJwtOps.scala | 4 +- .../oid4vci/service/NonceService.scala | 42 ------------------- .../oid4vci/storage/NonceStorage.scala | 9 ---- .../OIDCCredentialIssuerServiceSpec.scala | 7 +--- .../identus/pollux/vc/jwt/DidJWT.scala | 10 +---- .../pollux/vc/jwt/JWTVerification.scala | 6 +-- 6 files changed, 6 insertions(+), 72 deletions(-) delete mode 100644 cloud-agent/service/server/src/main/scala/org/hyperledger/identus/oid4vci/service/NonceService.scala delete mode 100644 cloud-agent/service/server/src/main/scala/org/hyperledger/identus/oid4vci/storage/NonceStorage.scala diff --git a/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/oid4vci/domain/Openid4VCIProofJwtOps.scala b/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/oid4vci/domain/Openid4VCIProofJwtOps.scala index 92e05c75c4..c26698506e 100644 --- a/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/oid4vci/domain/Openid4VCIProofJwtOps.scala +++ b/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/oid4vci/domain/Openid4VCIProofJwtOps.scala @@ -1,8 +1,8 @@ package org.hyperledger.identus.oid4vci.domain import com.nimbusds.jose.{JOSEObjectType, JWSAlgorithm, JWSHeader, JWSObject, JWSSigner, Payload} -import org.hyperledger.identus.castor.core.model.did.{DID, LongFormPrismDID, PrismDID} -import org.hyperledger.identus.pollux.vc.jwt.{DidResolver, JWT} +import org.hyperledger.identus.castor.core.model.did.{DID, LongFormPrismDID} +import org.hyperledger.identus.pollux.vc.jwt.JWT import org.hyperledger.identus.pollux.vc.jwt.JwtSignerImplicits.* import org.hyperledger.identus.shared.crypto.Secp256k1PrivateKey import zio.{Task, ZIO} diff --git a/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/oid4vci/service/NonceService.scala b/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/oid4vci/service/NonceService.scala deleted file mode 100644 index 90f28058de..0000000000 --- a/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/oid4vci/service/NonceService.scala +++ /dev/null @@ -1,42 +0,0 @@ -package org.hyperledger.identus.oid4vci.service - -import org.hyperledger.identus.oid4vci.service.NonceService.NonceGenerator -import zio.Task - -import java.time.Instant -import scala.collection.concurrent.TrieMap - -trait NonceService { - def generateNonce()(implicit gen: NonceGenerator): String = gen() - def validateNonce(nonce: String): Task[Boolean] - def storeNonce(nonce: String, expireAt: Long): Task[Unit] -} - -object NonceService { - type NonceGenerator = () => String - given randomUUID: NonceGenerator = () => java.util.UUID.randomUUID().toString -} - -case class InMemoryNonceService() extends NonceService { - import zio.{Task, ZIO} - private case class NonceRecord(nonce: String, expireAt: Long, fired: Boolean = false) - - private val nonces: TrieMap[String, NonceRecord] = TrieMap.empty - - override def validateNonce(nonce: String): Task[Boolean] = { - nonces.get(nonce) match { - case None => - ZIO.succeed(false) - case Some(n) if !n.fired && n.expireAt > Instant.now().toEpochMilli => - nonces.replace(nonce, n, n.copy(fired = true)) - ZIO.succeed(true) - } - } - - override def storeNonce(nonce: String, expireAt: Long): Task[Unit] = { - nonces.putIfAbsent(nonce, NonceRecord(nonce, expireAt)) match { - case Some(_) => ZIO.fail(new RuntimeException(s"Nonce $nonce already exists")) - case None => ZIO.succeed(()) - } - } -} diff --git a/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/oid4vci/storage/NonceStorage.scala b/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/oid4vci/storage/NonceStorage.scala deleted file mode 100644 index 23137db6b7..0000000000 --- a/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/oid4vci/storage/NonceStorage.scala +++ /dev/null @@ -1,9 +0,0 @@ -package org.hyperledger.identus.oid4vci.storage - -trait NonceStorage { - def getNonce(nonceExpiresAt: Long): String - def storeNonce(nonce: String): Unit - def hasNonce(nonce: String): Boolean - def removeNonce(nonce: String): Unit - -} diff --git a/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/oid4vci/domain/OIDCCredentialIssuerServiceSpec.scala b/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/oid4vci/domain/OIDCCredentialIssuerServiceSpec.scala index 1b7ac3a8d0..ac26d00b86 100644 --- a/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/oid4vci/domain/OIDCCredentialIssuerServiceSpec.scala +++ b/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/oid4vci/domain/OIDCCredentialIssuerServiceSpec.scala @@ -1,7 +1,6 @@ package org.hyperledger.identus.oid4vci.domain import com.nimbusds.jose.* -import com.nimbusds.jose.jwk.* import org.hyperledger.identus.agent.walletapi.memory.GenericSecretStorageInMemory import org.hyperledger.identus.agent.walletapi.service.{ManagedDIDService, MockManagedDIDService} import org.hyperledger.identus.agent.walletapi.storage.{DIDNonSecretStorage, MockDIDNonSecretStorage} @@ -58,7 +57,7 @@ object OIDCCredentialIssuerServiceSpec validateProofSpec ) - private val (issuerOp, issuerKp, issuerDidMetadata, issuerDidData) = + private val (_, issuerKp, issuerDidMetadata, issuerDidData) = MockDIDService.createDID(VerificationRelationship.AssertionMethod) private val (holderOp, holderKp, holderDidMetadata, holderDidData) = @@ -67,9 +66,6 @@ object OIDCCredentialIssuerServiceSpec private val holderDidServiceExpectations = MockDIDService.resolveDIDExpectation(holderDidMetadata, holderDidData) - private val holderManagedDIDServiceExpectations = - MockManagedDIDService.javaKeyPairWithDIDExpectation(holderKp) - private val issuerDidServiceExpectations = MockDIDService.resolveDIDExpectation(issuerDidMetadata, issuerDidData) @@ -97,7 +93,6 @@ object OIDCCredentialIssuerServiceSpec }.provideSomeLayer( holderDidServiceExpectations.toLayer ++ MockManagedDIDService.empty ++ - // holderManagedDIDServiceExpectations.toLayer ++ MockDIDNonSecretStorage.empty >+> layers ) ) diff --git a/pollux/vc-jwt/src/main/scala/org/hyperledger/identus/pollux/vc/jwt/DidJWT.scala b/pollux/vc-jwt/src/main/scala/org/hyperledger/identus/pollux/vc/jwt/DidJWT.scala index 731f56f4c0..d5d00d4eb8 100644 --- a/pollux/vc-jwt/src/main/scala/org/hyperledger/identus/pollux/vc/jwt/DidJWT.scala +++ b/pollux/vc-jwt/src/main/scala/org/hyperledger/identus/pollux/vc/jwt/DidJWT.scala @@ -1,18 +1,12 @@ package org.hyperledger.identus.pollux.vc.jwt import com.nimbusds.jose.{JOSEObjectType, JWSAlgorithm, JWSHeader} -import com.nimbusds.jose.crypto.{ECDSASigner, ECDSAVerifier, Ed25519Signer} +import com.nimbusds.jose.crypto.{ECDSASigner, Ed25519Signer} import com.nimbusds.jose.crypto.bc.BouncyCastleProviderSingleton import com.nimbusds.jose.jwk.{Curve, ECKey, OctetKeyPair} import com.nimbusds.jwt.{JWTClaimsSet, SignedJWT} import io.circe.* -import org.hyperledger.identus.shared.crypto.{ - Ed25519KeyPair, - Ed25519PrivateKey, - Ed25519PublicKey, - Secp256k1PrivateKey, - Secp256k1PublicKey -} +import org.hyperledger.identus.shared.crypto.{Ed25519KeyPair, Secp256k1PrivateKey} import zio.* import java.security.* diff --git a/pollux/vc-jwt/src/main/scala/org/hyperledger/identus/pollux/vc/jwt/JWTVerification.scala b/pollux/vc-jwt/src/main/scala/org/hyperledger/identus/pollux/vc/jwt/JWTVerification.scala index 4d017a7613..3e6fdb2a72 100644 --- a/pollux/vc-jwt/src/main/scala/org/hyperledger/identus/pollux/vc/jwt/JWTVerification.scala +++ b/pollux/vc-jwt/src/main/scala/org/hyperledger/identus/pollux/vc/jwt/JWTVerification.scala @@ -8,18 +8,14 @@ import com.nimbusds.jose.JWSVerifier import com.nimbusds.jwt.SignedJWT import io.circe import io.circe.generic.auto.* -import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo -import org.bouncycastle.crypto.params.Ed25519PublicKeyParameters -import org.bouncycastle.crypto.util.SubjectPublicKeyInfoFactory import org.hyperledger.identus.castor.core.model.did.{PrismDID, VerificationRelationship} import org.hyperledger.identus.shared.crypto.Ed25519PublicKey import pdi.jwt.* import zio.* import zio.prelude.* -import java.security.{KeyFactory, PublicKey} import java.security.interfaces.{ECPublicKey, EdECPublicKey} -import java.security.spec.X509EncodedKeySpec +import java.security.PublicKey import scala.util.{Failure, Success, Try} object JWTVerification { From b521dde4ad404144a9997dc1f11575a9b052df1e Mon Sep 17 00:00:00 2001 From: Pat Losoponkul Date: Thu, 13 Jun 2024 14:54:45 +0700 Subject: [PATCH 04/13] chore: revert disabled java linters Signed-off-by: Pat Losoponkul --- .mega-linter.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/.mega-linter.yml b/.mega-linter.yml index 52fbf26e7d..8bdeef5477 100644 --- a/.mega-linter.yml +++ b/.mega-linter.yml @@ -27,9 +27,6 @@ DISABLE_LINTERS: - PYTHON_MYPY - PYTHON_PYRIGHT - PYTHON_RUFF - # TODO: revert before merging to `main`. Disabled to ease the development of keycloak extension - - JAVA_CHECKSTYLE - - JAVA_PMD DISABLE_ERRORS_LINTERS: - KOTLIN_KTLINT From 1b7e1597a5857332808599a56c17f033bd42400d Mon Sep 17 00:00:00 2001 From: Pat Losoponkul Date: Thu, 13 Jun 2024 14:57:02 +0700 Subject: [PATCH 05/13] feat: validate claims against schemaId Signed-off-by: Pat Losoponkul --- .../service/OIDCCredentialIssuerService.scala | 39 +++++++++++++++---- 1 file changed, 32 insertions(+), 7 deletions(-) diff --git a/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/oid4vci/service/OIDCCredentialIssuerService.scala b/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/oid4vci/service/OIDCCredentialIssuerService.scala index 4434179fb4..60ad0a73e4 100644 --- a/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/oid4vci/service/OIDCCredentialIssuerService.scala +++ b/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/oid4vci/service/OIDCCredentialIssuerService.scala @@ -7,7 +7,11 @@ import org.hyperledger.identus.castor.core.model.did.{DID, PrismDID, Verificatio import org.hyperledger.identus.oid4vci.domain.IssuanceSession import org.hyperledger.identus.oid4vci.http.* import org.hyperledger.identus.oid4vci.storage.IssuanceSessionStorage +import org.hyperledger.identus.pollux.core.model.schema.CredentialSchema import org.hyperledger.identus.pollux.core.service.CredentialService +import org.hyperledger.identus.pollux.core.service.OID4VCIIssuerMetadataService +import org.hyperledger.identus.pollux.core.service.OID4VCIIssuerMetadataServiceError +import org.hyperledger.identus.pollux.core.service.URIDereferencer import org.hyperledger.identus.pollux.vc.jwt.{ DID as PolluxDID, DidResolver, @@ -73,6 +77,16 @@ object OIDCCredentialIssuerService { case class DIDResolutionError(message: String) extends Error + case class CredentialConfigurationNotFound(issuerId: UUID, credentialConfigurationId: String) extends Error { + override def message: String = + s"Credential configuration with id $credentialConfigurationId not found for issuer $issuerId" + } + + case class CredentialSchemaError(cause: org.hyperledger.identus.pollux.core.model.error.CredentialSchemaError) + extends Error { + override def message: String = cause.message + } + case class ServiceError(message: String) extends Error case class UnexpectedError(cause: Throwable) extends Error { @@ -84,8 +98,10 @@ object OIDCCredentialIssuerService { case class OIDCCredentialIssuerServiceImpl( didNonSecretStorage: DIDNonSecretStorage, credentialService: CredentialService, + issuerMetadataService: OID4VCIIssuerMetadataService, issuanceSessionStorage: IssuanceSessionStorage, - didResolver: DidResolver + didResolver: DidResolver, + uriDereferencer: URIDereferencer, ) extends OIDCCredentialIssuerService { import OIDCCredentialIssuerService.Error @@ -116,7 +132,7 @@ case class OIDCCredentialIssuerServiceImpl( claims: zio.json.ast.Json, credentialIdentifier: Option[String], credentialDefinition: CredentialDefinition - ): IO[OIDCCredentialIssuerService.Error, JWT] = { + ): IO[Error, JWT] = { for { wac <- didNonSecretStorage .getPrismDidWalletId(issuingDID) @@ -186,7 +202,7 @@ case class OIDCCredentialIssuerServiceImpl( override def getIssuanceSessionByIssuerState( issuerState: String - ): IO[OIDCCredentialIssuerService.Error, IssuanceSession] = + ): IO[Error, IssuanceSession] = issuanceSessionStorage .getByIssuerState(issuerState) .mapError(e => ServiceError(s"Failed to get issuance session: ${e.message}")) @@ -198,9 +214,17 @@ case class OIDCCredentialIssuerServiceImpl( credentialConfigurationId: String, issuingDID: PrismDID, claims: zio.json.ast.Json - ): ZIO[WalletAccessContext, OIDCCredentialIssuerService.Error, CredentialOffer] = - // TODO: validate claims with credential schema + ): ZIO[WalletAccessContext, Error, CredentialOffer] = for { + schemaId <- issuerMetadataService + .getCredentialConfigurationById(issuerId, credentialConfigurationId) + .mapError { case _: OID4VCIIssuerMetadataServiceError.CredentialConfigurationNotFound => + CredentialConfigurationNotFound(issuerId, credentialConfigurationId) + } + .map(_.schemaId) + _ <- CredentialSchema + .validateJWTCredentialSubject(schemaId.toString(), simpleZioToCirce(claims).noSpaces, uriDereferencer) + .mapError(e => CredentialSchemaError(e)) session <- buildNewIssuanceSession(issuerId, issuingDID, claims) _ <- issuanceSessionStorage .start(session) @@ -252,8 +276,9 @@ case class OIDCCredentialIssuerServiceImpl( object OIDCCredentialIssuerServiceImpl { val layer: URLayer[ - DIDNonSecretStorage & CredentialService & IssuanceSessionStorage & DidResolver, + DIDNonSecretStorage & CredentialService & IssuanceSessionStorage & DidResolver & URIDereferencer & + OID4VCIIssuerMetadataService, OIDCCredentialIssuerService ] = - ZLayer.fromFunction(OIDCCredentialIssuerServiceImpl(_, _, _, _)) + ZLayer.fromFunction(OIDCCredentialIssuerServiceImpl(_, _, _, _, _, _)) } From db249ac812403f856eb49eab1218481dff76e7b7 Mon Sep 17 00:00:00 2001 From: Pat Losoponkul Date: Thu, 13 Jun 2024 15:06:27 +0700 Subject: [PATCH 06/13] docs: update example readme Signed-off-by: Pat Losoponkul --- examples/st-oid4vci/README.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/examples/st-oid4vci/README.md b/examples/st-oid4vci/README.md index d12cac6eda..85b357d0a3 100644 --- a/examples/st-oid4vci/README.md +++ b/examples/st-oid4vci/README.md @@ -25,10 +25,9 @@ sbt docker:publishLocal ### 1. Spin up the agent stack with pre-configured Keycloak ```bash -docker-compose up --build +docker-compose up ``` -This builds a custom Keycloak image with OID4VCI plugin. The Keycloak UI is available at `http://localhost:9980` and the admin username is `admin` with password `admin`. ### 2. Run the issuance demo script From 459efe87e35db96e4c90fa86497651882d84b991 Mon Sep 17 00:00:00 2001 From: Pat Losoponkul Date: Thu, 13 Jun 2024 15:20:15 +0700 Subject: [PATCH 07/13] test: update example script to comply with schema Signed-off-by: Pat Losoponkul --- examples/st-oid4vci/demo.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/examples/st-oid4vci/demo.py b/examples/st-oid4vci/demo.py index 760e7c6ebb..0a1b97121e 100755 --- a/examples/st-oid4vci/demo.py +++ b/examples/st-oid4vci/demo.py @@ -87,6 +87,7 @@ def prepare_issuer(): "type": "object", "properties": { "firstName": {"type": "string"}, + "degree": {"type": "string"}, "grade": {"type": "number"}, }, "required": ["firstName", "grade"], @@ -269,7 +270,7 @@ def holder_get_credential(credential_endpoint: str, token_response): # step 1: Issuer create CredentialOffer credential_offer_uri = issuer_create_credential_offer( - {"degree": "ChemicalEngineering", "gpa": "3.00"} + {"firstName": "Alice", "degree": "ChemicalEngineering", "grade": 3.2} ) # step 2: Issuer present QR code container CredentialOffer URI From dc350bf81e4bd148d2d2c8001ce22713ff6c8139 Mon Sep 17 00:00:00 2001 From: Pat Losoponkul Date: Thu, 13 Jun 2024 16:09:36 +0700 Subject: [PATCH 08/13] test: make tests compile Signed-off-by: Pat Losoponkul --- .../service/OIDCCredentialIssuerService.scala | 10 +-- .../OIDCCredentialIssuerServiceSpec.scala | 10 +-- .../MockOID4VCIIssuerMetadataService.scala | 72 +++++++++++++++++++ 3 files changed, 84 insertions(+), 8 deletions(-) create mode 100644 pollux/core/src/main/scala/org/hyperledger/identus/pollux/core/service/MockOID4VCIIssuerMetadataService.scala diff --git a/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/oid4vci/service/OIDCCredentialIssuerService.scala b/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/oid4vci/service/OIDCCredentialIssuerService.scala index 60ad0a73e4..04abcca1d9 100644 --- a/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/oid4vci/service/OIDCCredentialIssuerService.scala +++ b/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/oid4vci/service/OIDCCredentialIssuerService.scala @@ -8,10 +8,12 @@ import org.hyperledger.identus.oid4vci.domain.IssuanceSession import org.hyperledger.identus.oid4vci.http.* import org.hyperledger.identus.oid4vci.storage.IssuanceSessionStorage import org.hyperledger.identus.pollux.core.model.schema.CredentialSchema -import org.hyperledger.identus.pollux.core.service.CredentialService -import org.hyperledger.identus.pollux.core.service.OID4VCIIssuerMetadataService -import org.hyperledger.identus.pollux.core.service.OID4VCIIssuerMetadataServiceError -import org.hyperledger.identus.pollux.core.service.URIDereferencer +import org.hyperledger.identus.pollux.core.service.{ + CredentialService, + OID4VCIIssuerMetadataService, + OID4VCIIssuerMetadataServiceError, + URIDereferencer +} import org.hyperledger.identus.pollux.vc.jwt.{ DID as PolluxDID, DidResolver, diff --git a/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/oid4vci/domain/OIDCCredentialIssuerServiceSpec.scala b/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/oid4vci/domain/OIDCCredentialIssuerServiceSpec.scala index ac26d00b86..4758b2c5f4 100644 --- a/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/oid4vci/domain/OIDCCredentialIssuerServiceSpec.scala +++ b/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/oid4vci/domain/OIDCCredentialIssuerServiceSpec.scala @@ -33,11 +33,11 @@ object OIDCCredentialIssuerServiceSpec with Openid4VCIProofJwtOps { val layers: URLayer[ - DIDService & ManagedDIDService & DIDNonSecretStorage, + DIDService & ManagedDIDService & DIDNonSecretStorage & OID4VCIIssuerMetadataService, CredentialService & CredentialDefinitionService & OIDCCredentialIssuerService ] = ZLayer.makeSome[ - DIDService & ManagedDIDService & DIDNonSecretStorage, + DIDService & ManagedDIDService & DIDNonSecretStorage & OID4VCIIssuerMetadataService, CredentialService & CredentialDefinitionService & OIDCCredentialIssuerService ]( InMemoryIssuanceSessionService.layer, @@ -93,7 +93,8 @@ object OIDCCredentialIssuerServiceSpec }.provideSomeLayer( holderDidServiceExpectations.toLayer ++ MockManagedDIDService.empty ++ - MockDIDNonSecretStorage.empty >+> layers + MockDIDNonSecretStorage.empty ++ + MockOID4VCIIssuerMetadataService.empty >+> layers ) ) @@ -134,7 +135,8 @@ object OIDCCredentialIssuerServiceSpec }.provideSomeLayer( issuerDidServiceExpectations.toLayer ++ issuerManagedDIDServiceExpectations.toLayer ++ - getIssuerPrismDidWalletIdExpectation.toLayer >+> layers + getIssuerPrismDidWalletIdExpectation.toLayer ++ + MockOID4VCIIssuerMetadataService.empty >+> layers ) ) } diff --git a/pollux/core/src/main/scala/org/hyperledger/identus/pollux/core/service/MockOID4VCIIssuerMetadataService.scala b/pollux/core/src/main/scala/org/hyperledger/identus/pollux/core/service/MockOID4VCIIssuerMetadataService.scala new file mode 100644 index 0000000000..92aba94206 --- /dev/null +++ b/pollux/core/src/main/scala/org/hyperledger/identus/pollux/core/service/MockOID4VCIIssuerMetadataService.scala @@ -0,0 +1,72 @@ +package org.hyperledger.identus.pollux.core.service + +import org.hyperledger.identus.pollux.core.model.oid4vci.CredentialConfiguration +import org.hyperledger.identus.pollux.core.model.oid4vci.CredentialIssuer +import org.hyperledger.identus.pollux.core.model.CredentialFormat +import org.hyperledger.identus.shared.models.WalletAccessContext +import zio.* +import zio.mock.{Expectation, Mock, Proxy} +import zio.test.Assertion + +import java.net.URL +import java.util.UUID + +object MockOID4VCIIssuerMetadataService extends Mock[OID4VCIIssuerMetadataService] { + + import OID4VCIIssuerMetadataServiceError.* + + object GetCredentialConfigurationById + extends Effect[ + (UUID, String), + CredentialConfigurationNotFound, + CredentialConfiguration + ] + + override val compose: URLayer[mock.Proxy, OID4VCIIssuerMetadataService] = ZLayer { + ZIO.serviceWith[Proxy] { proxy => + new OID4VCIIssuerMetadataService { + override def getCredentialIssuer(issuerId: UUID): IO[IssuerIdNotFound, CredentialIssuer] = + ZIO.die(NotImplementedError()) + + override def createCredentialIssuer(issuer: CredentialIssuer): URIO[WalletAccessContext, CredentialIssuer] = + ZIO.die(NotImplementedError()) + + override def getCredentialIssuers: URIO[WalletAccessContext, Seq[CredentialIssuer]] = + ZIO.die(NotImplementedError()) + + override def updateCredentialIssuer( + issuerId: UUID, + authorizationServer: Option[URL] = None, + authorizationServerClientId: Option[String] = None, + authorizationServerClientSecret: Option[String] = None + ): ZIO[WalletAccessContext, IssuerIdNotFound, CredentialIssuer] = ZIO.die(NotImplementedError()) + + override def deleteCredentialIssuer(issuerId: UUID): ZIO[WalletAccessContext, IssuerIdNotFound, Unit] = + ZIO.die(NotImplementedError()) + + override def createCredentialConfiguration( + issuerId: UUID, + format: CredentialFormat, + configurationId: String, + schemaId: String + ): ZIO[WalletAccessContext, InvalidSchemaId | UnsupportedCredentialFormat, CredentialConfiguration] = + ZIO.die(NotImplementedError()) + + override def getCredentialConfigurations( + issuerId: UUID + ): IO[IssuerIdNotFound, Seq[CredentialConfiguration]] = ZIO.die(NotImplementedError()) + + override def getCredentialConfigurationById( + issuerId: UUID, + configurationId: String + ): ZIO[WalletAccessContext, CredentialConfigurationNotFound, CredentialConfiguration] = + ZIO.die(NotImplementedError()) + + override def deleteCredentialConfiguration( + issuerId: UUID, + configurationId: String, + ): ZIO[WalletAccessContext, CredentialConfigurationNotFound, Unit] = ZIO.die(NotImplementedError()) + } + } + } +} From dd1b39cf6d85fdf52b3c3436a65a521ff139e243 Mon Sep 17 00:00:00 2001 From: Pat Losoponkul Date: Thu, 13 Jun 2024 16:18:58 +0700 Subject: [PATCH 09/13] style: fix and fmt Signed-off-by: Pat Losoponkul --- .../oid4vci/domain/OIDCCredentialIssuerServiceSpec.scala | 4 ++-- .../pollux/core/service/CredentialServiceImpl.scala | 7 +------ .../core/service/MockOID4VCIIssuerMetadataService.scala | 6 ++---- 3 files changed, 5 insertions(+), 12 deletions(-) diff --git a/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/oid4vci/domain/OIDCCredentialIssuerServiceSpec.scala b/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/oid4vci/domain/OIDCCredentialIssuerServiceSpec.scala index 4758b2c5f4..44c6d45358 100644 --- a/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/oid4vci/domain/OIDCCredentialIssuerServiceSpec.scala +++ b/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/oid4vci/domain/OIDCCredentialIssuerServiceSpec.scala @@ -53,7 +53,7 @@ object OIDCCredentialIssuerServiceSpec ) override def spec = suite("CredentialServiceImpl")( - OIDCCredentialIssuerServiceSpec, + oid4vciCredentialIssuerServiceSpec, validateProofSpec ) @@ -98,7 +98,7 @@ object OIDCCredentialIssuerServiceSpec ) ) - private val OIDCCredentialIssuerServiceSpec = + private val oid4vciCredentialIssuerServiceSpec = suite("Simple JWT credential issuance")( test("should issue a JWT credential") { for { diff --git a/pollux/core/src/main/scala/org/hyperledger/identus/pollux/core/service/CredentialServiceImpl.scala b/pollux/core/src/main/scala/org/hyperledger/identus/pollux/core/service/CredentialServiceImpl.scala index 8e53ba4982..7cff964e9a 100644 --- a/pollux/core/src/main/scala/org/hyperledger/identus/pollux/core/service/CredentialServiceImpl.scala +++ b/pollux/core/src/main/scala/org/hyperledger/identus/pollux/core/service/CredentialServiceImpl.scala @@ -6,12 +6,7 @@ import io.circe.Json import org.hyperledger.identus.agent.walletapi.model.{ManagedDIDState, PublicationState} import org.hyperledger.identus.agent.walletapi.service.ManagedDIDService import org.hyperledger.identus.agent.walletapi.storage.GenericSecretStorage -import org.hyperledger.identus.castor.core.model.did.{ - CanonicalPrismDID, - EllipticCurve, - PrismDID, - VerificationRelationship -} +import org.hyperledger.identus.castor.core.model.did.{CanonicalPrismDID, PrismDID, VerificationRelationship} import org.hyperledger.identus.castor.core.service.DIDService import org.hyperledger.identus.mercury.model.* import org.hyperledger.identus.mercury.protocol.issuecredential.* diff --git a/pollux/core/src/main/scala/org/hyperledger/identus/pollux/core/service/MockOID4VCIIssuerMetadataService.scala b/pollux/core/src/main/scala/org/hyperledger/identus/pollux/core/service/MockOID4VCIIssuerMetadataService.scala index 92aba94206..c3fd0c5770 100644 --- a/pollux/core/src/main/scala/org/hyperledger/identus/pollux/core/service/MockOID4VCIIssuerMetadataService.scala +++ b/pollux/core/src/main/scala/org/hyperledger/identus/pollux/core/service/MockOID4VCIIssuerMetadataService.scala @@ -1,12 +1,10 @@ package org.hyperledger.identus.pollux.core.service -import org.hyperledger.identus.pollux.core.model.oid4vci.CredentialConfiguration -import org.hyperledger.identus.pollux.core.model.oid4vci.CredentialIssuer +import org.hyperledger.identus.pollux.core.model.oid4vci.{CredentialConfiguration, CredentialIssuer} import org.hyperledger.identus.pollux.core.model.CredentialFormat import org.hyperledger.identus.shared.models.WalletAccessContext import zio.* -import zio.mock.{Expectation, Mock, Proxy} -import zio.test.Assertion +import zio.mock.{Mock, Proxy} import java.net.URL import java.util.UUID From 63d1e624030d7fa7388a586a0e8c692668399b57 Mon Sep 17 00:00:00 2001 From: Pat Losoponkul Date: Thu, 13 Jun 2024 17:27:33 +0700 Subject: [PATCH 10/13] test: add schema validation test when creating offer Signed-off-by: Pat Losoponkul --- .../OIDCCredentialIssuerServiceSpec.scala | 94 ++++++++++++++++--- .../MockOID4VCIIssuerMetadataService.scala | 12 ++- 2 files changed, 94 insertions(+), 12 deletions(-) diff --git a/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/oid4vci/domain/OIDCCredentialIssuerServiceSpec.scala b/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/oid4vci/domain/OIDCCredentialIssuerServiceSpec.scala index 44c6d45358..b273cd95aa 100644 --- a/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/oid4vci/domain/OIDCCredentialIssuerServiceSpec.scala +++ b/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/oid4vci/domain/OIDCCredentialIssuerServiceSpec.scala @@ -9,6 +9,8 @@ import org.hyperledger.identus.castor.core.service.{DIDService, MockDIDService} import org.hyperledger.identus.oid4vci.http.{ClaimDescriptor, CredentialDefinition, Localization} import org.hyperledger.identus.oid4vci.service.{OIDCCredentialIssuerService, OIDCCredentialIssuerServiceImpl} import org.hyperledger.identus.oid4vci.storage.InMemoryIssuanceSessionService +import org.hyperledger.identus.pollux.core.model.oid4vci.CredentialConfiguration +import org.hyperledger.identus.pollux.core.model.CredentialFormat import org.hyperledger.identus.pollux.core.repository.{ CredentialRepository, CredentialRepositoryInMemory, @@ -16,6 +18,7 @@ import org.hyperledger.identus.pollux.core.repository.{ } import org.hyperledger.identus.pollux.core.service.* import org.hyperledger.identus.pollux.vc.jwt.PrismDidResolver +import org.hyperledger.identus.shared.models.WalletAccessContext import org.hyperledger.identus.shared.models.WalletId import zio.{Clock, Random, URLayer, ZIO, ZLayer} import zio.json.* @@ -24,6 +27,8 @@ import zio.mock.MockSpecDefault import zio.test.* import zio.test.Assertion.* +import java.net.URI +import java.time.Instant import java.util.UUID import scala.util.Try @@ -72,9 +77,19 @@ object OIDCCredentialIssuerServiceSpec private val issuerManagedDIDServiceExpectations = MockManagedDIDService.javaKeyPairWithDIDExpectation(issuerKp) - private val getIssuerPrismDidWalletIdExpectation = + private val getIssuerPrismDidWalletIdExpectations = MockDIDNonSecretStorage.getPrismDidWalletIdExpectation(issuerDidData.id, WalletId.default) + private val getCredentialConfigurationExpectations = + MockOID4VCIIssuerMetadataService.getCredentialConfigurationByIdExpectations( + CredentialConfiguration( + configurationId = "DrivingLicense", + format = CredentialFormat.JWT, + schemaId = URI("resource:///vc-schema-example.json"), + createdAt = Instant.EPOCH + ) + ) + private def buildJwtProof(nonce: String, aud: UUID, iat: Int) = { val longFormDid = PrismDID.buildLongFormFromOperation(holderOp) makeJwtProof(longFormDid, nonce, aud, iat, holderKp.privateKey) @@ -90,11 +105,12 @@ object OIDCCredentialIssuerServiceSpec jwt = buildJwtProof(nonce, aud, iat) result <- credentialIssuer.verifyJwtProof(jwt) } yield assert(result)(equalTo(true)) - }.provideSomeLayer( - holderDidServiceExpectations.toLayer ++ - MockManagedDIDService.empty ++ - MockDIDNonSecretStorage.empty ++ - MockOID4VCIIssuerMetadataService.empty >+> layers + }.provide( + holderDidServiceExpectations.toLayer, + MockManagedDIDService.empty, + MockDIDNonSecretStorage.empty, + MockOID4VCIIssuerMetadataService.empty, + layers ) ) @@ -132,11 +148,67 @@ object OIDCCredentialIssuerServiceSpec // assert(jwtObject.getHeader.getKeyID)(equalTo(issuerDidData.id.toString)) && //TODO: add key ID to the header assert(jwtObject.getHeader.getAlgorithm)(equalTo(JWSAlgorithm.ES256K)) && assert(name)(equalTo("Alice")) - }.provideSomeLayer( - issuerDidServiceExpectations.toLayer ++ - issuerManagedDIDServiceExpectations.toLayer ++ - getIssuerPrismDidWalletIdExpectation.toLayer ++ - MockOID4VCIIssuerMetadataService.empty >+> layers + }.provide( + issuerDidServiceExpectations.toLayer, + issuerManagedDIDServiceExpectations.toLayer, + getIssuerPrismDidWalletIdExpectations.toLayer, + MockOID4VCIIssuerMetadataService.empty, + layers + ), + test("create credential-offer with valid claims") { + val wac = ZLayer.succeed(WalletAccessContext(WalletId.random)) + val claims = Json( + "credentialSubject" -> Json.Obj( + "emailAddress" -> Json.Str("alice@example.com"), + "givenName" -> Json.Str("Alice"), + "familyName" -> Json.Str("Wonderland"), + "dateOfIssuance" -> Json.Str("2000-01-01T10:00:00Z"), + "drivingLicenseID" -> Json.Str("12345"), + "drivingClass" -> Json.Num(5), + ) + ) + for { + oidcCredentialIssuerService <- ZIO.service[OIDCCredentialIssuerService] + exit <- oidcCredentialIssuerService + .createCredentialOffer( + URI("http://example.com").toURL(), + UUID.randomUUID(), + "DrivingLicense", + issuerDidData.id, + claims, + ) + .provide(wac) + .exit + } yield assert(exit)(succeeds(anything)) + }.provide( + MockDIDService.empty, + MockManagedDIDService.empty, + MockDIDNonSecretStorage.empty, + getCredentialConfigurationExpectations.toLayer, + layers + ), + test("reject credential-offer when created with invalid claims") { + val wac = ZLayer.succeed(WalletAccessContext(WalletId.random)) + val claims = Json("credentialSubject" -> Json.Obj("emailAddress" -> Json.Str("alice@example.com"))) + for { + oidcCredentialIssuerService <- ZIO.service[OIDCCredentialIssuerService] + exit <- oidcCredentialIssuerService + .createCredentialOffer( + URI("http://example.com").toURL(), + UUID.randomUUID(), + "DrivingLicense", + issuerDidData.id, + claims, + ) + .provide(wac) + .exit + } yield assert(exit)(fails(anything)) + }.provide( + MockDIDService.empty, + MockManagedDIDService.empty, + MockDIDNonSecretStorage.empty, + getCredentialConfigurationExpectations.toLayer, + layers ) ) } diff --git a/pollux/core/src/main/scala/org/hyperledger/identus/pollux/core/service/MockOID4VCIIssuerMetadataService.scala b/pollux/core/src/main/scala/org/hyperledger/identus/pollux/core/service/MockOID4VCIIssuerMetadataService.scala index c3fd0c5770..37548a6692 100644 --- a/pollux/core/src/main/scala/org/hyperledger/identus/pollux/core/service/MockOID4VCIIssuerMetadataService.scala +++ b/pollux/core/src/main/scala/org/hyperledger/identus/pollux/core/service/MockOID4VCIIssuerMetadataService.scala @@ -5,6 +5,8 @@ import org.hyperledger.identus.pollux.core.model.CredentialFormat import org.hyperledger.identus.shared.models.WalletAccessContext import zio.* import zio.mock.{Mock, Proxy} +import zio.mock.Expectation +import zio.test.Assertion import java.net.URL import java.util.UUID @@ -58,7 +60,7 @@ object MockOID4VCIIssuerMetadataService extends Mock[OID4VCIIssuerMetadataServic issuerId: UUID, configurationId: String ): ZIO[WalletAccessContext, CredentialConfigurationNotFound, CredentialConfiguration] = - ZIO.die(NotImplementedError()) + proxy(GetCredentialConfigurationById, issuerId, configurationId) override def deleteCredentialConfiguration( issuerId: UUID, @@ -67,4 +69,12 @@ object MockOID4VCIIssuerMetadataService extends Mock[OID4VCIIssuerMetadataServic } } } + + def getCredentialConfigurationByIdExpectations( + configuration: CredentialConfiguration + ): Expectation[OID4VCIIssuerMetadataService] = + GetCredentialConfigurationById( + assertion = Assertion.anything, + result = Expectation.value(configuration) + ) } From 289a0ba98e2484ab5e399ecca9c312e22df7cad6 Mon Sep 17 00:00:00 2001 From: Pat Losoponkul Date: Thu, 13 Jun 2024 17:35:55 +0700 Subject: [PATCH 11/13] test: assert failure error type Signed-off-by: Pat Losoponkul --- .../oid4vci/domain/OIDCCredentialIssuerServiceSpec.scala | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/oid4vci/domain/OIDCCredentialIssuerServiceSpec.scala b/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/oid4vci/domain/OIDCCredentialIssuerServiceSpec.scala index b273cd95aa..88c338dd5a 100644 --- a/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/oid4vci/domain/OIDCCredentialIssuerServiceSpec.scala +++ b/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/oid4vci/domain/OIDCCredentialIssuerServiceSpec.scala @@ -189,7 +189,7 @@ object OIDCCredentialIssuerServiceSpec ), test("reject credential-offer when created with invalid claims") { val wac = ZLayer.succeed(WalletAccessContext(WalletId.random)) - val claims = Json("credentialSubject" -> Json.Obj("emailAddress" -> Json.Str("alice@example.com"))) + val claims = Json("credentialSubject" -> Json.Obj("foo" -> Json.Str("bar"))) for { oidcCredentialIssuerService <- ZIO.service[OIDCCredentialIssuerService] exit <- oidcCredentialIssuerService @@ -202,7 +202,7 @@ object OIDCCredentialIssuerServiceSpec ) .provide(wac) .exit - } yield assert(exit)(fails(anything)) + } yield assert(exit)(failsWithA[OIDCCredentialIssuerService.Errors.CredentialSchemaError]) }.provide( MockDIDService.empty, MockManagedDIDService.empty, From 51c76d7d311e4a75d60f1dbd7c3f58b6d319ab33 Mon Sep 17 00:00:00 2001 From: Pat Losoponkul Date: Thu, 13 Jun 2024 17:38:06 +0700 Subject: [PATCH 12/13] style: fix and fmt Signed-off-by: Pat Losoponkul --- .../oid4vci/domain/OIDCCredentialIssuerServiceSpec.scala | 3 +-- .../pollux/core/service/MockOID4VCIIssuerMetadataService.scala | 3 +-- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/oid4vci/domain/OIDCCredentialIssuerServiceSpec.scala b/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/oid4vci/domain/OIDCCredentialIssuerServiceSpec.scala index 88c338dd5a..01d63d3ebc 100644 --- a/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/oid4vci/domain/OIDCCredentialIssuerServiceSpec.scala +++ b/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/oid4vci/domain/OIDCCredentialIssuerServiceSpec.scala @@ -18,8 +18,7 @@ import org.hyperledger.identus.pollux.core.repository.{ } import org.hyperledger.identus.pollux.core.service.* import org.hyperledger.identus.pollux.vc.jwt.PrismDidResolver -import org.hyperledger.identus.shared.models.WalletAccessContext -import org.hyperledger.identus.shared.models.WalletId +import org.hyperledger.identus.shared.models.{WalletAccessContext, WalletId} import zio.{Clock, Random, URLayer, ZIO, ZLayer} import zio.json.* import zio.json.ast.Json diff --git a/pollux/core/src/main/scala/org/hyperledger/identus/pollux/core/service/MockOID4VCIIssuerMetadataService.scala b/pollux/core/src/main/scala/org/hyperledger/identus/pollux/core/service/MockOID4VCIIssuerMetadataService.scala index 37548a6692..05e8fa9ce0 100644 --- a/pollux/core/src/main/scala/org/hyperledger/identus/pollux/core/service/MockOID4VCIIssuerMetadataService.scala +++ b/pollux/core/src/main/scala/org/hyperledger/identus/pollux/core/service/MockOID4VCIIssuerMetadataService.scala @@ -4,8 +4,7 @@ import org.hyperledger.identus.pollux.core.model.oid4vci.{CredentialConfiguratio import org.hyperledger.identus.pollux.core.model.CredentialFormat import org.hyperledger.identus.shared.models.WalletAccessContext import zio.* -import zio.mock.{Mock, Proxy} -import zio.mock.Expectation +import zio.mock.{Expectation, Mock, Proxy} import zio.test.Assertion import java.net.URL From 819060f15e89fa76f0ca6172fc16c1587978d8bd Mon Sep 17 00:00:00 2001 From: Pat Losoponkul Date: Thu, 13 Jun 2024 18:06:43 +0700 Subject: [PATCH 13/13] test: assert session issuer_state Signed-off-by: Pat Losoponkul --- .../oid4vci/domain/OIDCCredentialIssuerServiceSpec.scala | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/oid4vci/domain/OIDCCredentialIssuerServiceSpec.scala b/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/oid4vci/domain/OIDCCredentialIssuerServiceSpec.scala index 01d63d3ebc..6f1f4aa90d 100644 --- a/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/oid4vci/domain/OIDCCredentialIssuerServiceSpec.scala +++ b/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/oid4vci/domain/OIDCCredentialIssuerServiceSpec.scala @@ -168,7 +168,7 @@ object OIDCCredentialIssuerServiceSpec ) for { oidcCredentialIssuerService <- ZIO.service[OIDCCredentialIssuerService] - exit <- oidcCredentialIssuerService + offer <- oidcCredentialIssuerService .createCredentialOffer( URI("http://example.com").toURL(), UUID.randomUUID(), @@ -177,8 +177,9 @@ object OIDCCredentialIssuerServiceSpec claims, ) .provide(wac) - .exit - } yield assert(exit)(succeeds(anything)) + issuerState = offer.grants.get.authorization_code.issuer_state.get + session <- oidcCredentialIssuerService.getIssuanceSessionByIssuerState(issuerState) + } yield assert(session.claims)(equalTo(claims)) }.provide( MockDIDService.empty, MockManagedDIDService.empty,