-
Notifications
You must be signed in to change notification settings - Fork 7
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat(pollux): add credential abstraction
ATL-4786 Besides adding the new credential abstraction this adds the following: - Changes on Pollux to use the new abstraction - Changes on PrismAgent to use new abstraction - Changes on Sample App to for new abstraction - Adds tests for new implementation - Adds Codable to Messages - Updates error codes and documentation - Updates all documentation on new methods
- Loading branch information
1 parent
a389894
commit 2f76cc6
Showing
67 changed files
with
1,284 additions
and
945 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,10 +1,53 @@ | ||
import Foundation | ||
|
||
/// The Pollux protocol defines the set of credential operations that are used in the Atala PRISM architecture. | ||
/// Options that can be passed into various operations. | ||
public enum CredentialOperationsOptions { | ||
case schema(json: Data) // The JSON schema. | ||
case link_secret(id: String, secret: String) // A secret link. | ||
case subjectDID(DID) // The decentralized identifier of the subject. | ||
case entropy(String) // Entropy for any randomization operation. | ||
case signableKey(SignableKey) // A key that can be used for signing. | ||
case exportableKey(ExportableKey) // A key that can be exported. | ||
case custom(key: String, data: Data) // Any custom data. | ||
} | ||
|
||
/// The Pollux protocol defines a set of operations that are used in the Atala PRISM architecture. | ||
public protocol Pollux { | ||
/// Parses a JWT-encoded verifiable credential and returns a `VerifiableCredential` object representing the credential. | ||
/// - Parameter jwtString: The JWT-encoded credential to parse. | ||
/// - Throws: An error if the JWT cannot be parsed or decoded, or if the resulting verifiable credential is invalid. | ||
/// - Returns: A `VerifiableCredential` object representing the parsed credential. | ||
func parseVerifiableCredential(jwtString: String) throws -> VerifiableCredential | ||
/// Parses an encoded item and returns an object representing the parsed item. | ||
/// - Parameter data: The encoded item to parse. | ||
/// - Throws: An error if the item cannot be parsed or decoded. | ||
/// - Returns: An object representing the parsed item. | ||
func parseCredential(data: Data) throws -> Credential | ||
|
||
/// Restores a previously stored item using the provided restoration identifier and data. | ||
/// - Parameters: | ||
/// - restorationIdentifier: The identifier to use when restoring the item. | ||
/// - credentialData: The data representing the stored item. | ||
/// - Throws: An error if the item cannot be restored. | ||
/// - Returns: An object representing the restored item. | ||
func restoreCredential(restorationIdentifier: String, credentialData: Data) throws -> Credential | ||
|
||
/// Processes a request based on a provided offer message and options. | ||
/// - Parameters: | ||
/// - offerMessage: The offer message that contains the details of the request. | ||
/// - options: The options to use when processing the request. | ||
/// - Throws: An error if the request cannot be processed. | ||
/// - Returns: A string representing the result of the request process. | ||
func processCredentialRequest( | ||
offerMessage: Message, | ||
options: [CredentialOperationsOptions] | ||
) throws -> String | ||
} | ||
|
||
public extension Pollux { | ||
/// Restores a previously stored item using a `StorableCredential` instance. | ||
/// - Parameter storedCredential: The `StorableCredential` instance representing the stored item. | ||
/// - Throws: An error if the item cannot be restored. | ||
/// - Returns: An object representing the restored item. | ||
func restoreCredential(storedCredential: StorableCredential) throws -> Credential { | ||
try restoreCredential( | ||
restorationIdentifier: storedCredential.recoveryId, | ||
credentialData: storedCredential.credentialData | ||
) | ||
} | ||
} |
81 changes: 81 additions & 0 deletions
81
AtalaPrismSDK/Domain/Sources/Models/Credentials/Credential.swift
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,81 @@ | ||
import Foundation | ||
|
||
/// `Claim` represents a claim in a credential. Claims are the attributes associated with the subject of a credential. | ||
public struct Claim { | ||
/// `ClaimType` represents the type of value a `Claim` can hold. This can be a string, boolean, date, data, or number. | ||
public enum ClaimType: Comparable { | ||
case string(String) | ||
case bool(Bool) | ||
case date(Date) | ||
case data(Data) | ||
case number(Double) | ||
|
||
/// Provides comparison between two `ClaimType` instances based on their inherent values. | ||
/// - Note: This comparison is only valid for `string`, `date`, and `number` claim types. For other types, it will always return `false`. | ||
public static func < (lhs: Claim.ClaimType, rhs: Claim.ClaimType) -> Bool { | ||
switch (lhs, rhs) { | ||
case let (.string(str1), .string(str2)): | ||
return str1 < str2 | ||
case let (.date(date1), .date(date2)): | ||
return date1 < date2 | ||
case let (.number(number1), .number(number2)): | ||
return number1 < number2 | ||
default: | ||
return false | ||
} | ||
} | ||
} | ||
|
||
/// The key of the claim. | ||
public let key: String | ||
/// The value of the claim, represented as a `ClaimType`. | ||
public let value: ClaimType | ||
|
||
/// Initializes a new `Claim` with the provided key and value. | ||
/// - Parameters: | ||
/// - key: The key of the claim. | ||
/// - value: The value of the claim, represented as a `ClaimType`. | ||
public init(key: String, value: ClaimType) { | ||
self.key = key | ||
self.value = value | ||
} | ||
|
||
/// Provides the `Claim` value as a string. | ||
/// - Returns: A string representation of the claim's value. | ||
public func getValueAsString() -> String { | ||
switch value { | ||
case .string(let string): | ||
return string | ||
case .bool(let bool): | ||
return "\(bool)" | ||
case .date(let date): | ||
return date.formatted() | ||
case .data(let data): | ||
return data.base64EncodedString() | ||
case .number(let double): | ||
return "\(double)" | ||
} | ||
} | ||
} | ||
|
||
/// `Credential` is a protocol that defines the fundamental attributes of a credential. | ||
public protocol Credential { | ||
/// The identifier of the credential. | ||
var id: String { get } | ||
/// The issuer of the credential. | ||
var issuer: String { get } | ||
/// The subject of the credential. | ||
var subject: String? { get } | ||
/// The claims included in the credential. | ||
var claims: [Claim] { get } | ||
/// Additional properties associated with the credential. | ||
var properties: [String: Any] { get } | ||
} | ||
|
||
public extension Credential { | ||
/// A Boolean value indicating whether the credential is Codable. | ||
var isCodable: Bool { self is Codable } | ||
|
||
/// Returns the Codable representation of the credential. | ||
var codable: Codable? { self as? Codable } | ||
} |
21 changes: 21 additions & 0 deletions
21
AtalaPrismSDK/Domain/Sources/Models/Credentials/ProvableCredential.swift
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
import Foundation | ||
|
||
/// `ProofableCredential` is a protocol that adds provability functionality to a credential. | ||
public protocol ProvableCredential { | ||
/// Creates a presentation proof for a request message with the given options. | ||
/// | ||
/// - Parameters: | ||
/// - request: The request message for which the proof needs to be created. | ||
/// - options: The options to use when creating the proof. | ||
/// - Returns: The proof as a `String`. | ||
/// - Throws: If there is an error creating the proof. | ||
func presentation(request: Message, options: [CredentialOperationsOptions]) throws -> String | ||
} | ||
|
||
public extension Credential { | ||
/// A Boolean value indicating whether the credential is proofable. | ||
var isProofable: Bool { self is ProvableCredential } | ||
|
||
/// Returns the proofable representation of the credential. | ||
var proof: ProvableCredential? { self as? ProvableCredential } | ||
} |
36 changes: 36 additions & 0 deletions
36
AtalaPrismSDK/Domain/Sources/Models/Credentials/StorableCredential.swift
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
import Foundation | ||
|
||
/// `StorableCredential` is a protocol that provides storable properties for a credential. | ||
/// These properties are typically used for indexing or querying the credential in a storage system. | ||
public protocol StorableCredential { | ||
/// The identifier to be used for storing this credential. | ||
var storingId: String { get } | ||
/// The identifier to be used for recovering this credential. | ||
var recoveryId: String { get } | ||
/// The data representation of this credential. | ||
var credentialData: Data { get } | ||
/// The issuer that can be used as a query parameter. | ||
var queryIssuer: String? { get } | ||
/// The subject that can be used as a query parameter. | ||
var querySubject: String? { get } | ||
/// The date the credential was created that can be used as a query parameter. | ||
var queryCredentialCreated: Date? { get } | ||
/// The date the credential was last updated that can be used as a query parameter. | ||
var queryCredentialUpdated: Date? { get } | ||
/// The schema of the credential that can be used as a query parameter. | ||
var queryCredentialSchema: String? { get } | ||
/// The date until which the credential is valid that can be used as a query parameter. | ||
var queryValidUntil: Date? { get } | ||
/// The revocation status of the credential that can be used as a query parameter. | ||
var queryRevoked: Bool? { get } | ||
/// The available claims in the credential that can be used as a query parameter. | ||
var queryAvailableClaims: [String] { get } | ||
} | ||
|
||
public extension Credential { | ||
/// A Boolean value indicating whether the credential is storable. | ||
var isStorable: Bool { self is StorableCredential } | ||
|
||
/// Returns the storable representation of the credential. | ||
var storable: StorableCredential? { self as? StorableCredential } | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.