feat: Update to latest aries and support for submission requirement

closes #612 Signed-off-by: talwinder50 <talwinderkaur50@gmail.com>
trustbloc · Feb 28, 2022 · e77e19a · e77e19a
1 parent f4a3138
commit e77e19a
Show file tree

Hide file tree

Showing 16 changed files with 292 additions and 90 deletions.
diff --git a/cmd/adapter-rest/go.mod b/cmd/adapter-rest/go.mod
@@ -10,7 +10,7 @@ require (
 	github.com/cenkalti/backoff v2.2.1+incompatible
 	github.com/google/uuid v1.3.0
 	github.com/gorilla/mux v1.8.0
-	github.com/hyperledger/aries-framework-go v0.1.8-0.20220209203615-cbec86033851
+	github.com/hyperledger/aries-framework-go v0.1.8-0.20220223054038-ed669027d7f3
 	github.com/hyperledger/aries-framework-go-ext/component/storage/mongodb v0.0.0-20211117223600-626fe1bae44d
 	github.com/hyperledger/aries-framework-go-ext/component/storage/mysql v0.0.0-20210909220549-ce3a2ee13e22
 	github.com/hyperledger/aries-framework-go/component/storageutil v0.0.0-20220106195936-a9d6794663ed

diff --git a/cmd/adapter-rest/go.sum b/cmd/adapter-rest/go.sum
@@ -814,8 +814,8 @@ github.com/hyperledger/aries-framework-go v0.1.7-0.20210816113201-26c0665ef2b9/g
 github.com/hyperledger/aries-framework-go v0.1.7/go.mod h1:uve8/q23AUnq4EM0vBkEr1lKZRC67q5RcaHXh0ZOt0Y=
 github.com/hyperledger/aries-framework-go v0.1.8-0.20211201185059-733a3370f501/go.mod h1:uve8/q23AUnq4EM0vBkEr1lKZRC67q5RcaHXh0ZOt0Y=
 github.com/hyperledger/aries-framework-go v0.1.8-0.20211217135421-f68d5698237a/go.mod h1:rBMOJVwyHyYbOqbb3IB/ExBkHyvFLht/W81s24GmjcE=
-github.com/hyperledger/aries-framework-go v0.1.8-0.20220209203615-cbec86033851 h1:vKeoUmoIArG4rI+8JBrHdfG9FJeOosSA8A2/eyWqViM=
-github.com/hyperledger/aries-framework-go v0.1.8-0.20220209203615-cbec86033851/go.mod h1:rBMOJVwyHyYbOqbb3IB/ExBkHyvFLht/W81s24GmjcE=
+github.com/hyperledger/aries-framework-go v0.1.8-0.20220223054038-ed669027d7f3 h1:waARdkRtU8tTQDOhsKZ1/Tdqzu3SiGw4dhho/1Y0P/4=
+github.com/hyperledger/aries-framework-go v0.1.8-0.20220223054038-ed669027d7f3/go.mod h1:rBMOJVwyHyYbOqbb3IB/ExBkHyvFLht/W81s24GmjcE=
 github.com/hyperledger/aries-framework-go-ext/component/storage/couchdb v0.0.0-20210909220549-ce3a2ee13e22/go.mod h1:FtlFhPHMyLORgrPpvWSmEQSNhLiwAQ4V6rqNPfuDj0o=
 github.com/hyperledger/aries-framework-go-ext/component/storage/mongodb v0.0.0-20210909220549-ce3a2ee13e22/go.mod h1:aiO9mXZBykIEwmgp9sSdpMuTw0P7b+ZFUltcIB9ZccY=
 github.com/hyperledger/aries-framework-go-ext/component/storage/mongodb v0.0.0-20211117223600-626fe1bae44d h1:h91rxhZkAjxcIwY08RxUTE+B8WxfiWbRHNl5X98+ziA=

diff --git a/cmd/adapter-rest/startcmd/start_test.go b/cmd/adapter-rest/startcmd/start_test.go
@@ -52,11 +52,13 @@ var cmDescData = `{
             "schema":"https://www.w3.org/2018/credentials/examples/v1"
          }
       ],
-      "input_descriptor":[
+   "presentation_definition": {
+      "input_descriptors":[
          {
             "testing":"prc_input"
          }
       ]
+     }
    }
 }`
 

diff --git a/cmd/adapter-rest/startcmd/testdata/outputdescriptors.json b/cmd/adapter-rest/startcmd/testdata/outputdescriptors.json
@@ -70,7 +70,8 @@
             }
          }
       ],
-      "input_descriptor":[
+   "presentation_definition": {
+      "input_descriptors":[
          {
             "id":"prc_input",
             "name":"Permanent Resident Card",
@@ -117,7 +118,8 @@
                ]
             }
          }
-      ],
+      ]
+      },
       "options":{
          "challenge":"508adef4-b8e0-4edf-a53d-a260371c1423",
          "domain":"9rf25a28rs96"

diff --git a/go.mod b/go.mod
@@ -10,7 +10,7 @@ require (
 	github.com/coreos/go-oidc v2.2.1+incompatible
 	github.com/google/uuid v1.3.0
 	github.com/gorilla/mux v1.8.0
-	github.com/hyperledger/aries-framework-go v0.1.8-0.20220209203615-cbec86033851
+	github.com/hyperledger/aries-framework-go v0.1.8-0.20220223054038-ed669027d7f3
 	github.com/hyperledger/aries-framework-go-ext/component/vdr/orb v0.1.4-0.20211219215001-23cd75276fdc
 	github.com/hyperledger/aries-framework-go/component/storageutil v0.0.0-20220106195936-a9d6794663ed
 	github.com/hyperledger/aries-framework-go/spi v0.0.0-20220106195936-a9d6794663ed

diff --git a/go.sum b/go.sum
@@ -809,8 +809,8 @@ github.com/hyperledger/aries-framework-go v0.1.7-0.20210816113201-26c0665ef2b9/g
 github.com/hyperledger/aries-framework-go v0.1.7/go.mod h1:uve8/q23AUnq4EM0vBkEr1lKZRC67q5RcaHXh0ZOt0Y=
 github.com/hyperledger/aries-framework-go v0.1.8-0.20211201185059-733a3370f501/go.mod h1:uve8/q23AUnq4EM0vBkEr1lKZRC67q5RcaHXh0ZOt0Y=
 github.com/hyperledger/aries-framework-go v0.1.8-0.20211217135421-f68d5698237a/go.mod h1:rBMOJVwyHyYbOqbb3IB/ExBkHyvFLht/W81s24GmjcE=
-github.com/hyperledger/aries-framework-go v0.1.8-0.20220209203615-cbec86033851 h1:vKeoUmoIArG4rI+8JBrHdfG9FJeOosSA8A2/eyWqViM=
-github.com/hyperledger/aries-framework-go v0.1.8-0.20220209203615-cbec86033851/go.mod h1:rBMOJVwyHyYbOqbb3IB/ExBkHyvFLht/W81s24GmjcE=
+github.com/hyperledger/aries-framework-go v0.1.8-0.20220223054038-ed669027d7f3 h1:waARdkRtU8tTQDOhsKZ1/Tdqzu3SiGw4dhho/1Y0P/4=
+github.com/hyperledger/aries-framework-go v0.1.8-0.20220223054038-ed669027d7f3/go.mod h1:rBMOJVwyHyYbOqbb3IB/ExBkHyvFLht/W81s24GmjcE=
 github.com/hyperledger/aries-framework-go-ext/component/storage/couchdb v0.0.0-20210909220549-ce3a2ee13e22/go.mod h1:FtlFhPHMyLORgrPpvWSmEQSNhLiwAQ4V6rqNPfuDj0o=
 github.com/hyperledger/aries-framework-go-ext/component/storage/mongodb v0.0.0-20210909220549-ce3a2ee13e22/go.mod h1:aiO9mXZBykIEwmgp9sSdpMuTw0P7b+ZFUltcIB9ZccY=
 github.com/hyperledger/aries-framework-go-ext/component/storage/mongodb v0.0.0-20211117223600-626fe1bae44d h1:h91rxhZkAjxcIwY08RxUTE+B8WxfiWbRHNl5X98+ziA=

diff --git a/pkg/memcmdescriptor/provider.go b/pkg/memcmdescriptor/provider.go
@@ -17,11 +17,9 @@ import (
 
 // CMAttachmentDescriptors defines the part of properties of credential manifest
 type CMAttachmentDescriptors struct {
-	OutputDesc []*cm.OutputDescriptor `json:"output_descriptor,omitempty"`
-	// TODO [#Issue-612] Support for submission requirement will put whole presentation_definition here
-	// instead of input_descriptor
-	InputDesc []*presexch.InputDescriptor `json:"input_descriptor,omitempty"`
-	Options   map[string]string           `json:"options,omitempty"`
+	OutputDesc             []*cm.OutputDescriptor           `json:"output_descriptor,omitempty"`
+	PresentationDefinition *presexch.PresentationDefinition `json:"presentation_definition,omitempty"`
+	Options                map[string]string                `json:"options,omitempty"`
 }
 
 // Provider provide credential attachment descriptors ops.
@@ -32,7 +30,7 @@ type Provider struct {
 // New return new provider for credential manifest descriptor provider.
 func New(cmDescriptorsFile io.Reader) (*Provider, error) {
 	p := &Provider{
-		cmDescriptors: map[string]*CMAttachmentDescriptors{},
+		cmDescriptors: make(map[string]*CMAttachmentDescriptors),
 	}
 
 	err := json.NewDecoder(cmDescriptorsFile).Decode(&p.cmDescriptors)
@@ -47,10 +45,25 @@ func New(cmDescriptorsFile io.Reader) (*Provider, error) {
 				"descriptors: %w", err)
 		}
 
-		if descriptors.InputDesc != nil {
-			presDef := presexch.PresentationDefinition{ID: uuid.NewString(), InputDescriptors: descriptors.InputDesc}
+		if descriptors.PresentationDefinition != nil {
+			var pd *presexch.PresentationDefinition
 
-			err := presDef.ValidateSchema()
+			presBytes, err := json.Marshal(descriptors.PresentationDefinition)
+			if err != nil {
+				return nil, fmt.Errorf("failed to marshal presentation "+
+					"definition: %w", err)
+			}
+
+			err = json.Unmarshal(presBytes, &pd)
+			if err != nil {
+				return nil, fmt.Errorf("failed to unmarshal presentation"+
+					"definition: %w", err)
+			}
+
+			preDef := presexch.PresentationDefinition{ID: uuid.NewString(),
+				InputDescriptors: pd.InputDescriptors}
+
+			err = preDef.ValidateSchema()
 			if err != nil {
 				return nil, fmt.Errorf("aries-framework - failed to validate input "+
 					"descriptors: %w", err)

diff --git a/pkg/memcmdescriptor/provider_test.go b/pkg/memcmdescriptor/provider_test.go
@@ -25,24 +25,27 @@ var cmOutDescData = `{
 
 // nolint:gochecknoglobals
 var cmDescData = `
-  {
+{
    "prc":{
-      "output_descriptor":[
-         {
+     "output_descriptor":[
+		{
             "id":"udc_output",
             "schema":"https://www.w3.org/2018/credentials/examples/v1"
-          }
+		}
       ],
-      "input_descriptor":[
-         {
-            "id":"prc_input",
-            "schema":[
-               {
+      "presentation_definition":{
+         "id":"8246867e-fdce-48de-a825-9d84ec16c6c9",
+         "input_descriptors":[
+            {
+               "id":"prc_input",
+               "schema":[
+                 {
                   "uri":"https://w3id.org/citizenship#PermanentResidentCard"
-               }
-            ]
-         }
-      ]
+                 }
+               ]
+            }
+         ]
+      }
    }
 }
 `
@@ -57,11 +60,13 @@ var invalidCMDescData = `
             "schema":"https://www.w3.org/2018/credentials/examples/v1"
           }
       ],
+     "presentation_definition": {
       "input_descriptor":[
          {
             "id":"prc_input"
          }
       ]
+    }
    }
 }
 `

diff --git a/pkg/restapi/issuer/operation/operations.go b/pkg/restapi/issuer/operation/operations.go
@@ -1222,25 +1222,46 @@ func (o *Operation) saveCredentialAttachmentData(thID string, credOffered creden
 
 func (o *Operation) readAndValidateCredentialApplication(msg service.DIDCommAction,
 	credManifest *cm.CredentialManifest) error {
-	// reading credential application if issuer have sent, out presentation_definition along with manifest
-	// TODO - Aries Validate signatures and proofs of credential application should be part of
-	// cm.ValidateCredentialApplicationAttachment function.
 	if credManifest.PresentationDefinition != nil {
 		applicationAttachments, err := getAttachments(msg)
 		if err != nil {
 			return fmt.Errorf("failed to get request credential attachments: %w", err)
 		}
 
-		if len(applicationAttachments) != 1 {
-			return errors.New("invalid request credential message, expected valid credential application")
+		attachmentAsMap, ok := applicationAttachments[0].Data.JSON.(map[string]interface{})
+		if !ok {
+			return errors.New("couldn't assert attachment data as a map")
 		}
 
-		err = cm.ValidateCredentialApplicationAttachment(&applicationAttachments[0], credManifest)
+		credentialApplicationBytes, err := json.MarshalIndent(attachmentAsMap, "", "	")
 		if err != nil {
-			return fmt.Errorf("failed to validate credential application attachment: %w", err)
+			return fmt.Errorf("failed to marshal credential_application object: %w", err)
 		}
 
-		return nil
+		err = o.validateCredentialApplication(credentialApplicationBytes, credManifest)
+		if err != nil {
+			return fmt.Errorf("failed to validate credential application: %w", err)
+		}
+	}
+
+	return nil
+}
+
+func (o *Operation) validateCredentialApplication(credentialApplicationBytes []byte,
+	credManifest *cm.CredentialManifest) error {
+	application, err := verifiable.ParsePresentation(credentialApplicationBytes,
+		verifiable.WithPresPublicKeyFetcher(verifiable.NewVDRKeyResolver(o.vdriRegistry).PublicKeyFetcher()),
+		verifiable.WithPresJSONLDDocumentLoader(o.jsonldDocLoader))
+	if err != nil {
+		return fmt.Errorf("failed to parse credential application: %w", err)
+	}
+	// TODO issue-#635 Figure out the way to pass the matched credentials result back to the issuer
+	_, err = cm.ValidateCredentialApplication(application, credManifest, o.jsonldDocLoader,
+		presexch.WithCredentialOptions(verifiable.WithJSONLDDocumentLoader(o.jsonldDocLoader),
+			verifiable.WithPublicKeyFetcher(verifiable.NewVDRKeyResolver(o.vdriRegistry).PublicKeyFetcher())),
+	)
+	if err != nil {
+		return fmt.Errorf("credential manifest: failed to validate credential application: %w", err)
 	}
 
 	return nil
@@ -1935,11 +1956,8 @@ func (o *Operation) readCredentialManifest(profileData *issuer.ProfileData,
 			credentialManifest.OutputDescriptors = attachmentDescriptors.OutputDesc
 		}
 
-		if attachmentDescriptors.InputDesc != nil {
-			credentialManifest.PresentationDefinition = &presexch.PresentationDefinition{
-				ID:               uuid.NewString(),
-				InputDescriptors: attachmentDescriptors.InputDesc,
-			}
+		if attachmentDescriptors.PresentationDefinition != nil {
+			credentialManifest.PresentationDefinition = attachmentDescriptors.PresentationDefinition
 		}
 	}
 

diff --git a/pkg/restapi/issuer/operation/operations_test.go b/pkg/restapi/issuer/operation/operations_test.go
@@ -75,13 +75,15 @@ var cmDescData = memcmdescriptor.CMAttachmentDescriptors{
 			Schema: "https://www.w3.org/2018/credentials/examples/v1",
 		},
 	},
-	InputDesc: []*presexch.InputDescriptor{
-		{
-			ID:    uuid.NewString(),
-			Group: []string{"A"},
-			Schema: []*presexch.Schema{{
-				URI: fmt.Sprintf("%s#%s", verifiable.ContextID, verifiable.VCType),
-			}},
+	PresentationDefinition: &presexch.PresentationDefinition{
+		InputDescriptors: []*presexch.InputDescriptor{
+			{
+				ID:    uuid.NewString(),
+				Group: []string{"A"},
+				Schema: []*presexch.Schema{{
+					URI: fmt.Sprintf("%s#%s", verifiable.ContextID, verifiable.VCType),
+				}},
+			},
 		},
 	},
 }
@@ -96,6 +98,24 @@ var cmOutputDescData = memcmdescriptor.CMAttachmentDescriptors{
 	},
 }
 
+// nolint:gochecknoglobals
+var credentialApplicationData = `{
+  "@context": [
+    "https://www.w3.org/2018/credentials/v1",
+    "https://identity.foundation/credential-manifest/application/v1"
+  ],
+  "credential_application": {
+    "id": "dc59653c-7e15-4718-80a4-46d6fb01ab7b",
+    "manifest_id": "dcc75a16-19f5-4273-84ce-4da69ee2b7fe",
+    "format": {}
+  },
+  "type": [
+    "VerifiablePresentation",
+    "CredentialApplication"
+  ],
+  "verifiableCredential": []
+}`
+
 func TestNew(t *testing.T) {
 	t.Parallel()
 
@@ -1283,8 +1303,8 @@ func TestReadManifest(t *testing.T) { // nolint:tparallel // data race
 
 		c.cmDescriptors = &mockCMDescriptorProvider{
 			createValue: &memcmdescriptor.CMAttachmentDescriptors{
-				OutputDesc: nil,
-				InputDesc:  nil,
+				OutputDesc:             nil,
+				PresentationDefinition: nil,
 			},
 			found: true,
 		}
@@ -4075,12 +4095,14 @@ func TestWACIIssuanceHandler(t *testing.T) {
 
 			// test failed to get credential manifestID from store
 			testFailure(actionCh, msg, "failed to get credential manifestID from store")
+			// Adding presentation with no crdential application attachment
+			app := createCredentialFulfillment(t, c, profile)
 			msg = service.NewDIDCommMsgMap(issuecredsvc.RequestCredentialV3{
 				Type: issuecredsvc.RequestCredentialMsgTypeV3,
 				Attachments: []decorator.AttachmentV2{
 					{ID: manifestID,
 						Data: decorator.AttachmentData{
-							JSON: &verifiable.Presentation{},
+							JSON: app,
 						}},
 				},
 			})
@@ -4092,7 +4114,7 @@ func TestWACIIssuanceHandler(t *testing.T) {
 			}))
 
 			// test read and validate cred application -> credential_application object missing from attachment
-			testFailure(actionCh, msg, "missing credential_application field")
+			testFailure(actionCh, msg, "invalid credential application, missing 'credential_application'")
 
 			application := createCredentialApplication(t, c, manifestID, profile)
 			msg = service.NewDIDCommMsgMap(issuecredsvc.RequestCredentialV3{
@@ -4108,8 +4130,8 @@ func TestWACIIssuanceHandler(t *testing.T) {
 			msg.SetID(thID)
 
 			// test credential application missing corresponding presentation submission
-			testFailure(actionCh, msg, "Credential Application attachment is "+
-				"missing a corresponding Presentation Submission")
+			testFailure(actionCh, msg, "failed to parse descriptor map: missing "+
+				"'presentation_submission' on verifiable presentation")
 
 			c.cmDescriptors = mockCMDescriptorsProvider(cmOutputDescData)
 
@@ -4143,6 +4165,22 @@ func TestWACIIssuanceHandler(t *testing.T) {
 			mockMsg.thIDerr = errors.New("thid error")
 			testFailure(actionCh, mockMsg, "failed to read threadID from request credential message")
 		})
+
+		t.Run("test validate credential application failure", func(t *testing.T) {
+			t.Parallel()
+
+			c, err := New(config(t))
+			require.NoError(t, err)
+
+			err = c.validateCredentialApplication([]byte(`{`), nil)
+			require.Error(t, err)
+			require.Contains(t, err.Error(), "failed to parse credential application:"+
+				" JSON unmarshalling of verifiable presentation")
+
+			err = c.validateCredentialApplication([]byte(credentialApplicationData), &cm.CredentialManifest{})
+			require.Error(t, err)
+			require.Contains(t, err.Error(), "credential manifest: failed to validate credential application")
+		})
 	})
 }
 
@@ -4554,13 +4592,15 @@ func prepareCMAttachmentDescriptors(manifestID, presDefID string) *memcmdescript
 				Schema: "https://www.w3.org/2018/credentials/examples/v1",
 			},
 		},
-		InputDesc: []*presexch.InputDescriptor{
-			{
-				ID:    presDefID,
-				Group: []string{"A"},
-				Schema: []*presexch.Schema{{
-					URI: fmt.Sprintf("%s#%s", verifiable.ContextID, verifiable.VCType),
-				}},
+		PresentationDefinition: &presexch.PresentationDefinition{
+			InputDescriptors: []*presexch.InputDescriptor{
+				{
+					ID:    presDefID,
+					Group: []string{"A"},
+					Schema: []*presexch.Schema{{
+						URI: fmt.Sprintf("%s#%s", verifiable.ContextID, verifiable.VCType),
+					}},
+				},
 			},
 		},
 	}