From 8366b22a3d1a77dfca490b081a4eb8be4d5b8f66 Mon Sep 17 00:00:00 2001
From: Roland Groen <roland@headease.nl>
Date: Fri, 1 Nov 2024 14:07:09 +0100
Subject: [PATCH] Vc fields update (#8)

* Refactor URA credential generation and naming conventions

Updated the uraCredential function to use 'issuer' instead of 'did' for the issuer parameter and simplified the mapping of credential subjects. Also, standardized the constant naming for SAN_TYPE_OTHER_NAME to SanTypeOtherName across the codebase to ensure consistency.

* Validate UZI number before credential creation

Moved UZI number validation to check before generating uraCredential, ensuring serialNumber matches UZI number early in the process. Also removed redundant serialNumber parameter from uraCredential function.
---
 uzi_vc_issuer/ura_issuer.go | 25 +++++++++++--------------
 1 file changed, 11 insertions(+), 14 deletions(-)

diff --git a/uzi_vc_issuer/ura_issuer.go b/uzi_vc_issuer/ura_issuer.go
index 26691e2..6d7b522 100644
--- a/uzi_vc_issuer/ura_issuer.go
+++ b/uzi_vc_issuer/ura_issuer.go
@@ -110,7 +110,14 @@ func BuildUraVerifiableCredential(chain []*x509.Certificate, signingKey *rsa.Pri
 	if err != nil {
 		return nil, err
 	}
-	template, err := uraCredential(did, otherNameValue, serialNumber, subjectDID)
+	uzi, _, _, err := x509_cert.ParseUraFromOtherNameValue(otherNameValue)
+	if err != nil {
+		return nil, err
+	}
+	if uzi != serialNumber {
+		return nil, errors.New("serial number does not match UZI number")
+	}
+	template, err := uraCredential(did, otherNameValue, subjectDID)
 	if err != nil {
 		return nil, err
 	}
@@ -255,18 +262,11 @@ func convertHeaders(headers map[string]interface{}) (jws.Headers, error) {
 
 // uraCredential generates a VerifiableCredential for a given URA and UZI number, including the subject's DID.
 // It sets a 1-year expiration period from the current issuance date.
-func uraCredential(did string, otherNameValue string, serialNumber string, subjectDID string) (*vc.VerifiableCredential, error) {
+func uraCredential(issuer string, otherNameValue string, subjectDID string) (*vc.VerifiableCredential, error) {
 	exp := time.Now().Add(time.Hour * 24 * 365 * 100)
 	iat := time.Now()
-	uzi, ura, agb, err := x509_cert.ParseUraFromOtherNameValue(otherNameValue)
-	if err != nil {
-		return nil, err
-	}
-	if uzi != serialNumber {
-		return nil, errors.New("serial number does not match UZI number")
-	}
 	return &vc.VerifiableCredential{
-		Issuer:         ssi.MustParseURI(did),
+		Issuer:         ssi.MustParseURI(issuer),
 		Context:        []ssi.URI{ssi.MustParseURI("https://www.w3.org/2018/credentials/v1")},
 		Type:           []ssi.URI{ssi.MustParseURI("VerifiableCredential"), ssi.MustParseURI("UziServerCertificateCredential")},
 		ID:             func() *ssi.URI { id := ssi.MustParseURI(uuid.NewString()); return &id }(),
@@ -275,10 +275,7 @@ func uraCredential(did string, otherNameValue string, serialNumber string, subje
 		CredentialSubject: []interface{}{
 			map[string]interface{}{
 				"id":        subjectDID,
-				"uraNumber": ura,
-				"otherName": uzi,
-				"uziNumber": serialNumber,
-				"agbNumber": agb,
+				"otherName": otherNameValue,
 			},
 		},
 	}, nil