11910639746

Committed 19 Nov 2024 10:02AM UTC coverage: 48.659% (-0.2%) from 48.809%

Build # 11910639746

Build Type

Committed by

Commit Message

Merge branch 'main' into fix/proof-presentation-request

Pull Request Pull Request #1453: fix: proof presentation request

Run Details

26 of 95 new or added lines in 3 files covered. (27.37%)

312 existing lines in 73 files now uncovered.

8075 of 16595 relevant lines covered (48.66%)

0.49 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

80.82

/pollux/core/src/main/scala/org/hyperledger/identus/pollux/core/model/schema/CredentialSchema.scala

package org.hyperledger.identus.pollux.core.model.schema

import org.hyperledger.identus.pollux.core.model.error.CredentialSchemaError
import org.hyperledger.identus.pollux.core.model.error.CredentialSchemaError.*
import org.hyperledger.identus.pollux.core.model.schema.`type`.{
  AnoncredSchemaType,
  CredentialJsonSchemaType,
  CredentialSchemaType
}
import org.hyperledger.identus.pollux.core.model.schema.`type`.anoncred.AnoncredSchemaSerDesV1
import org.hyperledger.identus.pollux.core.model.ResourceResolutionMethod
import org.hyperledger.identus.shared.http.UriResolver
import org.hyperledger.identus.shared.json.{JsonSchemaValidator, JsonSchemaValidatorImpl}
import zio.*
import zio.json.*
import zio.json.ast.Json

import java.net.URI
import java.time.{OffsetDateTime, ZoneOffset}
import java.util.UUID

type Schema = zio.json.ast.Json

/** @param guid
  *   Globally unique identifier of the CredentialSchema object It's calculated as a UUID from string that contains the
  *   following fields: author, id and version
  * @param id
  *   Locally unique identifier of the CredentialSchema. It is UUID When the version of the credential schema changes
  *   this `id` keeps the same value
  * @param name
  *   Human readable name of the CredentialSchema
  * @param version
  *   Version of the CredentialSchema
  * @param author
  *   DID of the CredentialSchema's author
  * @param authored
  *   Datetime stamp of the schema creation
  * @param tags
  *   Tags of the CredentialSchema used for convenient lookup
  * @param description
  *   Human readable description of the schema
  * @param schema
  *   Internal schema object that depends on concrete implementation For W3C JsonSchema it is a JsonSchema object For
  *   AnonCreds schema is a AnonCreds schema
  */
case class CredentialSchema(
    guid: UUID,
    id: UUID,
    name: String,
    version: String,
    author: String,
    authored: OffsetDateTime,
    tags: Seq[String],
    description: String,
    `type`: String,
    resolutionMethod: ResourceResolutionMethod,
    schema: Schema
) {
  def longId = CredentialSchema.makeLongId(author, id, version)
}

object CredentialSchema {

  def makeLongId(author: String, id: UUID, version: String) =
    s"$author/${id.toString}?version=${version}"

  def makeGUID(author: String, id: UUID, version: String) =
    UUID.nameUUIDFromBytes(makeLongId(author, id, version).getBytes)

  def make(in: Input, resolutionMethod: ResourceResolutionMethod): UIO[CredentialSchema] = {
    for {
      id <- zio.Random.nextUUID
      cs <- make(id, in, resolutionMethod)
    } yield cs
  }
  def make(id: UUID, in: Input, resolutionMethod: ResourceResolutionMethod): UIO[CredentialSchema] = {
    for {
      ts <- zio.Clock.currentDateTime.map(
        _.atZoneSameInstant(ZoneOffset.UTC).toOffsetDateTime
      )
      guid = makeGUID(in.author, id, in.version)
    } yield CredentialSchema(
      guid = guid,
      id = id,
      name = in.name,
      version = in.version,
      author = in.author,
      authored = ts,
      tags = in.tags,
      description = in.description,
      `type` = in.`type`,
      resolutionMethod = resolutionMethod,
      schema = in.schema
    )
  }

  val defaultAgentDid = "did:prism:agent"

  case class Input(
      name: String,
      version: String,
      description: String,
      authored: Option[OffsetDateTime],
      tags: Seq[String],
      author: String = defaultAgentDid,
      `type`: String,
      schema: Schema
  )

  case class Filter(
      author: Option[String] = None,
      name: Option[String] = None,
      version: Option[String] = None,
      tags: Option[String] = None,
      resolutionMethod: ResourceResolutionMethod = ResourceResolutionMethod.http
  )

  case class FilteredEntries(entries: Seq[CredentialSchema], count: Long, totalCount: Long)

  given JsonEncoder[CredentialSchema] = DeriveJsonEncoder.gen[CredentialSchema]
  given JsonDecoder[CredentialSchema] = DeriveJsonDecoder.gen[CredentialSchema]

  def resolveJWTSchema(
      uri: URI,
      uriResolver: UriResolver
  ): IO[CredentialSchemaParsingError | SchemaDereferencingError, Json] = {
    for {
      content <- uriResolver
        .resolve(uri.toString)
        .mapError(SchemaDereferencingError(_))
      json <- ZIO
        .fromEither(content.fromJson[Json])
        .mapError(error => CredentialSchemaParsingError(error))
    } yield json
  }

  def validSchemaValidator(
      schemaId: String,
      uriResolver: UriResolver
  ): IO[InvalidURI | CredentialSchemaParsingError | SchemaDereferencingError, JsonSchemaValidator] = {
    for {
      uri <- ZIO.attempt(new URI(schemaId)).mapError(_ => InvalidURI(schemaId))
      json <- resolveJWTSchema(uri, uriResolver)
      schemaValidator <- JsonSchemaValidatorImpl
        .from(json)
        .orElse(
          ZIO
            .fromEither(json.as[CredentialSchema])
            .mapError(error => CredentialSchemaParsingError(error))
            .flatMap(cs =>
              JsonSchemaValidatorImpl.from(cs.schema).mapError(error => CredentialSchemaParsingError(error.error))
            )
        )
    } yield schemaValidator
  }

  def validateJWTCredentialSubject(
      schemaId: String,
      credentialSubject: String,
      uriResolver: UriResolver
  ): IO[
    InvalidURI | CredentialSchemaParsingError | CredentialSchemaValidationError | SchemaDereferencingError,
    Unit
  ] = {
    for {
      schemaValidator <- validSchemaValidator(schemaId, uriResolver)
      _ <- schemaValidator.validate(credentialSubject).mapError(CredentialSchemaValidationError.apply)
    } yield ()
  }

  def validateAnonCredsClaims(
      schemaId: String,
      claims: String,
      uriResolver: UriResolver
  ): IO[InvalidURI | CredentialSchemaParsingError | VCClaimsParsingError | VCClaimValidationError, Unit] = {
    for {
      content <- uriResolver.resolve(schemaId).orDieAsUnmanagedFailure
      validAttrNames <-
        AnoncredSchemaSerDesV1.schemaSerDes
          .deserialize(content)
          .mapError(error => CredentialSchemaParsingError(error.error))
          .map(_.attrNames)
      jsonClaims <- ZIO.fromEither(claims.fromJson[Json]).mapError(error => VCClaimsParsingError(error))
      _ <- jsonClaims match
        case Json.Obj(fields) =>
          ZIO.foreach(fields) {
            case (k, _) if !validAttrNames.contains(k) =>
              ZIO.fail(VCClaimValidationError(k, "Name undefined in schema"))
            case (k, Json.Str(v)) => ZIO.succeed(k -> v)
            case (k, _)           => ZIO.fail(VCClaimValidationError(k, "Value should be a string"))
          }
        case _ => ZIO.fail(VCClaimsParsingError("The JSON claims is not a JSON 'object'"))
    } yield ()
  }

  private val supportedCredentialSchemaTypes: Map[String, CredentialSchemaType] =
    IndexedSeq(CredentialJsonSchemaType, AnoncredSchemaType)
      .map(credentialSchemaType => (credentialSchemaType.`type`, credentialSchemaType))
      .toMap

  def resolveCredentialSchemaType(`type`: String): IO[UnsupportedCredentialSchemaType, CredentialSchemaType] = {
    ZIO
      .fromOption(supportedCredentialSchemaTypes.get(`type`))
      .mapError(_ => UnsupportedCredentialSchemaType(`type`))
  }

  def validateCredentialSchema(
      vcSchema: CredentialSchema
  ): IO[UnsupportedCredentialSchemaType | CredentialSchemaValidationError, Unit] = {
    for {
      resolvedSchemaType <- resolveCredentialSchemaType(vcSchema.`type`)
      _ <- resolvedSchemaType.validate(vcSchema.schema).mapError(CredentialSchemaValidationError.apply)
    } yield ()
  }

}

1	package org.hyperledger.identus.pollux.core.model.schema
2
3	import org.hyperledger.identus.pollux.core.model.error.CredentialSchemaError
4	import org.hyperledger.identus.pollux.core.model.error.CredentialSchemaError.*
5	import org.hyperledger.identus.pollux.core.model.schema.`type`.{
6	AnoncredSchemaType,
7	CredentialJsonSchemaType,
8	CredentialSchemaType
9	}
10	import org.hyperledger.identus.pollux.core.model.schema.`type`.anoncred.AnoncredSchemaSerDesV1
11	import org.hyperledger.identus.pollux.core.model.ResourceResolutionMethod
12	import org.hyperledger.identus.shared.http.UriResolver
13	import org.hyperledger.identus.shared.json.{JsonSchemaValidator, JsonSchemaValidatorImpl}
14	import zio.*
15	import zio.json.*
16	import zio.json.ast.Json
17
18	import java.net.URI
19	import java.time.{OffsetDateTime, ZoneOffset}
20	import java.util.UUID
21
22	type Schema = zio.json.ast.Json
23
24	/** @param guid
25	* Globally unique identifier of the CredentialSchema object It's calculated as a UUID from string that contains the
26	* following fields: author, id and version
27	* @param id
28	* Locally unique identifier of the CredentialSchema. It is UUID When the version of the credential schema changes
29	* this `id` keeps the same value
30	* @param name
31	* Human readable name of the CredentialSchema
32	* @param version
33	* Version of the CredentialSchema
34	* @param author
35	* DID of the CredentialSchema's author
36	* @param authored
37	* Datetime stamp of the schema creation
38	* @param tags
39	* Tags of the CredentialSchema used for convenient lookup
40	* @param description
41	* Human readable description of the schema
42	* @param schema
43	* Internal schema object that depends on concrete implementation For W3C JsonSchema it is a JsonSchema object For
44	* AnonCreds schema is a AnonCreds schema
45	*/
46	case class CredentialSchema(
47	guid: UUID,
48	id: UUID,
49	name: String,
50	version: String,
51	author: String,
52	authored: OffsetDateTime,
53	tags: Seq[String],
54	description: String,
55	`type`: String,
56	resolutionMethod: ResourceResolutionMethod,
57	schema: Schema
58	) {
59	def longId = CredentialSchema.makeLongId(author, id, version)	1✔
60	}
61
62	object CredentialSchema {
63
64	def makeLongId(author: String, id: UUID, version: String) =	1✔
65	s"$author/${id.toString}?version=${version}"	1✔
66
67	def makeGUID(author: String, id: UUID, version: String) =	1✔
68	UUID.nameUUIDFromBytes(makeLongId(author, id, version).getBytes)	1✔
69
70	def make(in: Input, resolutionMethod: ResourceResolutionMethod): UIO[CredentialSchema] = {	1✔
71	for {	1✔
72	id <- zio.Random.nextUUID	1✔
73	cs <- make(id, in, resolutionMethod)	1✔
74	} yield cs
75	}
76	def make(id: UUID, in: Input, resolutionMethod: ResourceResolutionMethod): UIO[CredentialSchema] = {	1✔
77	for {	1✔
78	ts <- zio.Clock.currentDateTime.map(	1✔
79	_.atZoneSameInstant(ZoneOffset.UTC).toOffsetDateTime	1✔
80	)
81	guid = makeGUID(in.author, id, in.version)	1✔
82	} yield CredentialSchema(	1✔
83	guid = guid,
84	id = id,
85	name = in.name,
86	version = in.version,
87	author = in.author,
88	authored = ts,
89	tags = in.tags,
90	description = in.description,	×
91	`type` = in.`type`,
92	resolutionMethod = resolutionMethod,
93	schema = in.schema
94	)
95	}
96
97	val defaultAgentDid = "did:prism:agent"
98
99	case class Input(
100	name: String,
101	version: String,
102	description: String,
103	authored: Option[OffsetDateTime],
104	tags: Seq[String],
105	author: String = defaultAgentDid,	×
106	`type`: String,
107	schema: Schema
108	)
109
110	case class Filter(
111	author: Option[String] = None,	1✔
112	name: Option[String] = None,	1✔
113	version: Option[String] = None,	1✔
114	tags: Option[String] = None,	1✔
115	resolutionMethod: ResourceResolutionMethod = ResourceResolutionMethod.http	1✔
116	)
117
118	case class FilteredEntries(entries: Seq[CredentialSchema], count: Long, totalCount: Long)
119
120	given JsonEncoder[CredentialSchema] = DeriveJsonEncoder.gen[CredentialSchema]	×
121	given JsonDecoder[CredentialSchema] = DeriveJsonDecoder.gen[CredentialSchema]	×
122
123	def resolveJWTSchema(	1✔
124	uri: URI,
125	uriResolver: UriResolver
126	): IO[CredentialSchemaParsingError \| SchemaDereferencingError, Json] = {
127	for {	1✔
128	content <- uriResolver	1✔
129	.resolve(uri.toString)	1✔
130	.mapError(SchemaDereferencingError(_))
131	json <- ZIO	1✔
132	.fromEither(content.fromJson[Json])	1✔
133	.mapError(error => CredentialSchemaParsingError(error))
134	} yield json
135	}
136
137	def validSchemaValidator(	1✔
138	schemaId: String,
139	uriResolver: UriResolver
140	): IO[InvalidURI \| CredentialSchemaParsingError \| SchemaDereferencingError, JsonSchemaValidator] = {	×
141	for {	1✔
142	uri <- ZIO.attempt(new URI(schemaId)).mapError(_ => InvalidURI(schemaId))	1✔
143	json <- resolveJWTSchema(uri, uriResolver)	1✔
144	schemaValidator <- JsonSchemaValidatorImpl	1✔
145	.from(json)	1✔
146	.orElse(
147	ZIO	×
148	.fromEither(json.as[CredentialSchema])	×
UNCOV 149	.mapError(error => CredentialSchemaParsingError(error))	×
UNCOV 150	.flatMap(cs =>	×
151	JsonSchemaValidatorImpl.from(cs.schema).mapError(error => CredentialSchemaParsingError(error.error))	×
152	)
153	)
154	} yield schemaValidator
155	}
156
157	def validateJWTCredentialSubject(	1✔
158	schemaId: String,
159	credentialSubject: String,
160	uriResolver: UriResolver
161	): IO[
162	InvalidURI \| CredentialSchemaParsingError \| CredentialSchemaValidationError \| SchemaDereferencingError,
163	Unit
164	] = {
165	for {	1✔
166	schemaValidator <- validSchemaValidator(schemaId, uriResolver)	1✔
167	_ <- schemaValidator.validate(credentialSubject).mapError(CredentialSchemaValidationError.apply)	1✔
168	} yield ()	1✔
169	}
170
171	def validateAnonCredsClaims(	1✔
172	schemaId: String,
173	claims: String,
174	uriResolver: UriResolver
175	): IO[InvalidURI \| CredentialSchemaParsingError \| VCClaimsParsingError \| VCClaimValidationError, Unit] = {
176	for {	1✔
177	content <- uriResolver.resolve(schemaId).orDieAsUnmanagedFailure	1✔
178	validAttrNames <-	1✔
179	AnoncredSchemaSerDesV1.schemaSerDes	1✔
180	.deserialize(content)
181	.mapError(error => CredentialSchemaParsingError(error.error))	×
182	.map(_.attrNames)
183	jsonClaims <- ZIO.fromEither(claims.fromJson[Json]).mapError(error => VCClaimsParsingError(error))	1✔
184	_ <- jsonClaims match	1✔
185	case Json.Obj(fields) =>	1✔
186	ZIO.foreach(fields) {	1✔
187	case (k, _) if !validAttrNames.contains(k) =>	1✔
188	ZIO.fail(VCClaimValidationError(k, "Name undefined in schema"))	×
189	case (k, Json.Str(v)) => ZIO.succeed(k -> v)	1✔
190	case (k, _) => ZIO.fail(VCClaimValidationError(k, "Value should be a string"))	×
191	}
192	case _ => ZIO.fail(VCClaimsParsingError("The JSON claims is not a JSON 'object'"))	×
193	} yield ()	1✔
194	}
195
196	private val supportedCredentialSchemaTypes: Map[String, CredentialSchemaType] =
197	IndexedSeq(CredentialJsonSchemaType, AnoncredSchemaType)	1✔
198	.map(credentialSchemaType => (credentialSchemaType.`type`, credentialSchemaType))	1✔
199	.toMap
200
201	def resolveCredentialSchemaType(`type`: String): IO[UnsupportedCredentialSchemaType, CredentialSchemaType] = {	1✔
202	ZIO	1✔
203	.fromOption(supportedCredentialSchemaTypes.get(`type`))	1✔
204	.mapError(_ => UnsupportedCredentialSchemaType(`type`))
205	}
206
207	def validateCredentialSchema(	1✔
208	vcSchema: CredentialSchema
209	): IO[UnsupportedCredentialSchemaType \| CredentialSchemaValidationError, Unit] = {
210	for {	1✔
211	resolvedSchemaType <- resolveCredentialSchemaType(vcSchema.`type`)	1✔
212	_ <- resolvedSchemaType.validate(vcSchema.schema).mapError(CredentialSchemaValidationError.apply)	1✔
213	} yield ()	1✔
214	}
215
216	}

hyperledger / identus-cloud-agent / 11910639746

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous