From 31f1f51ae50ab049828fda4354e9575e140e1844 Mon Sep 17 00:00:00 2001 From: Andrii Holovko Date: Wed, 20 Nov 2024 16:47:26 +0200 Subject: [PATCH] fix(sdk): return error when no embedded proof in requested credential (#829) Signed-off-by: Andrii Holovko --- cmd/wallet-sdk-gomobile/go.mod | 2 +- cmd/wallet-sdk-gomobile/go.sum | 4 +- .../verifiable/parsecredential_test.go | 5 ++- go.mod | 2 +- go.sum | 4 +- .../issuerinitiatedinteraction_test.go | 43 +++++++++++++++++- .../sample_credential_response_jsonld.json | 44 +++++++++++++++++++ pkg/openid4vp/openid4vp_test.go | 4 +- test/integration/attestation/go.mod | 2 +- test/integration/attestation/go.sum | 4 +- test/integration/go.mod | 2 +- test/integration/go.sum | 4 +- test/integration/trustregistry/go.mod | 2 +- test/integration/trustregistry/go.sum | 4 +- 14 files changed, 108 insertions(+), 18 deletions(-) create mode 100644 pkg/openid4ci/testdata/sample_credential_response_jsonld.json diff --git a/cmd/wallet-sdk-gomobile/go.mod b/cmd/wallet-sdk-gomobile/go.mod index 91e1f2b7..e0635455 100644 --- a/cmd/wallet-sdk-gomobile/go.mod +++ b/cmd/wallet-sdk-gomobile/go.mod @@ -17,7 +17,7 @@ require ( github.com/stretchr/testify v1.8.3 github.com/trustbloc/did-go v1.3.1-0.20241021165331-5721a3ff7396 github.com/trustbloc/kms-go v1.1.3-0.20241001141623-8d9510c6bb88 - github.com/trustbloc/vc-go v1.2.1-0.20241031140324-d25fb970e6f5 + github.com/trustbloc/vc-go v1.2.1-0.20241119140508-59af0e10bdcc github.com/trustbloc/wallet-sdk v0.0.0-00010101000000-000000000000 ) diff --git a/cmd/wallet-sdk-gomobile/go.sum b/cmd/wallet-sdk-gomobile/go.sum index 42be9f51..5137f5a3 100644 --- a/cmd/wallet-sdk-gomobile/go.sum +++ b/cmd/wallet-sdk-gomobile/go.sum @@ -155,8 +155,8 @@ github.com/trustbloc/kms-go v1.1.3-0.20241001141623-8d9510c6bb88 h1:k3KNf9tE4TBV github.com/trustbloc/kms-go v1.1.3-0.20241001141623-8d9510c6bb88/go.mod h1:OKOtsLbE6W5s4mpjWkvk8XEqcmt9vTgVmDNkHELpWO0= github.com/trustbloc/sidetree-go v1.1.0 h1:ZNCtYTut5MHVXJR26FvOPSo8uCGDR0YTNeA155s/QIo= github.com/trustbloc/sidetree-go v1.1.0/go.mod h1:IQ1iX/gLe/YL+M6kzenc5Oi14uzaYqfL7KgMyNuSGvI= -github.com/trustbloc/vc-go v1.2.1-0.20241031140324-d25fb970e6f5 h1:p3dmAih8yucca6pLMeRwjzHHcX1k5g4KbreH329doBw= -github.com/trustbloc/vc-go v1.2.1-0.20241031140324-d25fb970e6f5/go.mod h1:3/GbrzF7phN+SxBTZaUBS6VxnoxpXGBUjjk3Eg4ImUk= +github.com/trustbloc/vc-go v1.2.1-0.20241119140508-59af0e10bdcc h1:hw0PseUDqXeXTJV/yeHYBteiU3f8BMMGVE9GfozygZw= +github.com/trustbloc/vc-go v1.2.1-0.20241119140508-59af0e10bdcc/go.mod h1:3/GbrzF7phN+SxBTZaUBS6VxnoxpXGBUjjk3Eg4ImUk= github.com/veraison/go-cose v1.1.1-0.20240126165338-2300d5c96dbd h1:QhdCHSW1/oosJbzBTEYLU6xcKxXbQzzqFnhCtW2UWbA= github.com/veraison/go-cose v1.1.1-0.20240126165338-2300d5c96dbd/go.mod h1:D1wnviyjdmcF8AO5Y9kVGU6OGuvXUMGiE0Auo/fYRYo= github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= diff --git a/cmd/wallet-sdk-gomobile/verifiable/parsecredential_test.go b/cmd/wallet-sdk-gomobile/verifiable/parsecredential_test.go index d7a8e2ff..577fcfb4 100644 --- a/cmd/wallet-sdk-gomobile/verifiable/parsecredential_test.go +++ b/cmd/wallet-sdk-gomobile/verifiable/parsecredential_test.go @@ -25,7 +25,10 @@ var universityDegreeCredentialWithoutName string func TestParse(t *testing.T) { t.Run("Success - default options", func(t *testing.T) { - universityDegreeVC, err := verifiable.ParseCredential(universityDegreeCredential, nil) + opts := verifiable.NewOpts() + opts.DisableProofCheck() + + universityDegreeVC, err := verifiable.ParseCredential(universityDegreeCredential, opts) require.NoError(t, err) require.Equal(t, "http://example.edu/credentials/1872", universityDegreeVC.VC.Contents().ID) }) diff --git a/go.mod b/go.mod index d1a49673..3ad2b028 100644 --- a/go.mod +++ b/go.mod @@ -18,7 +18,7 @@ require ( github.com/trustbloc/did-go v1.3.1-0.20241021165331-5721a3ff7396 github.com/trustbloc/kms-go v1.1.3-0.20241001141623-8d9510c6bb88 github.com/trustbloc/sidetree-go v1.1.0 - github.com/trustbloc/vc-go v1.2.1-0.20241031140324-d25fb970e6f5 + github.com/trustbloc/vc-go v1.2.1-0.20241119140508-59af0e10bdcc golang.org/x/oauth2 v0.13.0 ) diff --git a/go.sum b/go.sum index 852079eb..23b3c4e4 100644 --- a/go.sum +++ b/go.sum @@ -152,8 +152,8 @@ github.com/trustbloc/kms-go v1.1.3-0.20241001141623-8d9510c6bb88 h1:k3KNf9tE4TBV github.com/trustbloc/kms-go v1.1.3-0.20241001141623-8d9510c6bb88/go.mod h1:OKOtsLbE6W5s4mpjWkvk8XEqcmt9vTgVmDNkHELpWO0= github.com/trustbloc/sidetree-go v1.1.0 h1:ZNCtYTut5MHVXJR26FvOPSo8uCGDR0YTNeA155s/QIo= github.com/trustbloc/sidetree-go v1.1.0/go.mod h1:IQ1iX/gLe/YL+M6kzenc5Oi14uzaYqfL7KgMyNuSGvI= -github.com/trustbloc/vc-go v1.2.1-0.20241031140324-d25fb970e6f5 h1:p3dmAih8yucca6pLMeRwjzHHcX1k5g4KbreH329doBw= -github.com/trustbloc/vc-go v1.2.1-0.20241031140324-d25fb970e6f5/go.mod h1:3/GbrzF7phN+SxBTZaUBS6VxnoxpXGBUjjk3Eg4ImUk= +github.com/trustbloc/vc-go v1.2.1-0.20241119140508-59af0e10bdcc h1:hw0PseUDqXeXTJV/yeHYBteiU3f8BMMGVE9GfozygZw= +github.com/trustbloc/vc-go v1.2.1-0.20241119140508-59af0e10bdcc/go.mod h1:3/GbrzF7phN+SxBTZaUBS6VxnoxpXGBUjjk3Eg4ImUk= github.com/veraison/go-cose v1.1.1-0.20240126165338-2300d5c96dbd h1:QhdCHSW1/oosJbzBTEYLU6xcKxXbQzzqFnhCtW2UWbA= github.com/veraison/go-cose v1.1.1-0.20240126165338-2300d5c96dbd/go.mod h1:D1wnviyjdmcF8AO5Y9kVGU6OGuvXUMGiE0Auo/fYRYo= github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= diff --git a/pkg/openid4ci/issuerinitiatedinteraction_test.go b/pkg/openid4ci/issuerinitiatedinteraction_test.go index a41c1a11..9224f752 100644 --- a/pkg/openid4ci/issuerinitiatedinteraction_test.go +++ b/pkg/openid4ci/issuerinitiatedinteraction_test.go @@ -59,6 +59,9 @@ var ( //go:embed testdata/sample_credential_response_batch.json sampleCredentialResponseBatch []byte + //go:embed testdata/sample_credential_response_jsonld.json + sampleCredentialResponseJSONLD []byte + //go:embed testdata/sample_issuer_metadata.json sampleIssuerMetadata string @@ -1919,6 +1922,32 @@ func TestIssuerInitiatedInteraction_RequestCredential(t *testing.T) { }) } +func TestIssuerInitiatedInteraction_RequestCredential_NoProofFound(t *testing.T) { + issuerServerHandler := &mockIssuerServerHandler{ + t: t, + credentialResponse: sampleCredentialResponseJSONLD, + httpStatusCode: http.StatusOK, + } + + server := httptest.NewServer(issuerServerHandler) + defer server.Close() + + issuerServerHandler.issuerMetadata = strings.ReplaceAll(sampleIssuerMetadata, serverURLPlaceholder, server.URL) + + interaction := newIssuerInitiatedInteraction(t, createCredentialOfferIssuanceURI(t, server.URL, false, true), + enableVCProofChecks()) + + credentials, err := interaction.RequestCredentialWithPreAuth( + &jwtSignerMock{ + keyID: mockKeyID, + }, + openid4ci.WithPIN("1234"), + ) + + require.ErrorContains(t, err, "proof not found") + require.Len(t, credentials, 0) +} + func TestIssuerInitiatedInteraction_GrantTypes(t *testing.T) { issuerServerHandler := &mockIssuerServerHandler{ t: t, @@ -2100,11 +2129,23 @@ func TestIssuerInitiatedInteraction_IssuerTrustInfo(t *testing.T) { }) } -func newIssuerInitiatedInteraction(t *testing.T, requestURI string) *openid4ci.IssuerInitiatedInteraction { +type clientConfigOpt func(*openid4ci.ClientConfig) + +func enableVCProofChecks() clientConfigOpt { + return func(config *openid4ci.ClientConfig) { + config.DisableVCProofChecks = false + } +} + +func newIssuerInitiatedInteraction(t *testing.T, requestURI string, opts ...clientConfigOpt) *openid4ci.IssuerInitiatedInteraction { t.Helper() config := getTestClientConfig(t) + for _, opt := range opts { + opt(config) + } + interaction, err := openid4ci.NewIssuerInitiatedInteraction(requestURI, config) require.NoError(t, err) require.NotNil(t, interaction) diff --git a/pkg/openid4ci/testdata/sample_credential_response_jsonld.json b/pkg/openid4ci/testdata/sample_credential_response_jsonld.json new file mode 100644 index 00000000..c3a331c4 --- /dev/null +++ b/pkg/openid4ci/testdata/sample_credential_response_jsonld.json @@ -0,0 +1,44 @@ +{ + "format": "ldp_vc", + "credential": { + "@context": [ + "https://www.w3.org/ns/credentials/v2", + "https://www.w3.org/ns/credentials/examples/v2" + ], + "id": "http://example.edu/credentials/1872", + "type": [ + "VerifiableCredential", + "AlumniCredential" + ], + "issuer": { + "id": "did:example:76e12ec712ebc6f1c221ebfeb1f", + "name": "Example University", + "image": "data:image/png;base64,iVBOR" + }, + "validFrom": "2010-01-01T19:23:24Z", + "credentialSubject": { + "id": "did:example:ebfeb1f712ebc6f1c276e12ec21", + "alumniOf": { + "id": "did:example:c276e12ec21ebfeb1f712ebc6f1", + "name": [ + { + "value": "Example University", + "lang": "en" + }, + { + "value": "Exemple d'Université", + "lang": "fr" + } + ] + } + }, + "termsOfUse": { + "type": "TrustFrameworkPolicy", + "trustFramework": "Employment&Life", + "policyId": "https://policy.example/policies/125", + "legalBasis": "professional qualifications directive" + } + }, + "c_nonce": "fGFF7UkhLa", + "c_nonce_expires_in": 86400 +} \ No newline at end of file diff --git a/pkg/openid4vp/openid4vp_test.go b/pkg/openid4vp/openid4vp_test.go index 822a3852..22a96c06 100644 --- a/pkg/openid4vp/openid4vp_test.go +++ b/pkg/openid4vp/openid4vp_test.go @@ -524,7 +524,9 @@ func TestOpenID4VP_PresentCredential(t *testing.T) { Fields: []*presexch.Field{{ Path: []string{"$.credentialSubject.taxResidency", "$.vc.credentialSubject.taxResidency"}, Filter: &presexch.Filter{ - Type: &strType, + FilterItem: presexch.FilterItem{ + Type: &strType, + }, }, }}, }, diff --git a/test/integration/attestation/go.mod b/test/integration/attestation/go.mod index 20ef76f1..d2c58455 100644 --- a/test/integration/attestation/go.mod +++ b/test/integration/attestation/go.mod @@ -14,7 +14,7 @@ require ( github.com/trustbloc/cmdutil-go v1.0.0 github.com/trustbloc/did-go v1.3.1-0.20241021165331-5721a3ff7396 github.com/trustbloc/kms-go v1.1.3-0.20241001141623-8d9510c6bb88 - github.com/trustbloc/vc-go v1.2.1-0.20241031140324-d25fb970e6f5 + github.com/trustbloc/vc-go v1.2.1-0.20241119140508-59af0e10bdcc github.com/trustbloc/wallet-sdk v0.0.0-00010101000000-000000000000 ) diff --git a/test/integration/attestation/go.sum b/test/integration/attestation/go.sum index ae019c4d..acedf44b 100644 --- a/test/integration/attestation/go.sum +++ b/test/integration/attestation/go.sum @@ -155,8 +155,8 @@ github.com/trustbloc/logutil-go v0.0.0-20221124174025-c46110e3ea42 h1:Mzg9wvEoUI github.com/trustbloc/logutil-go v0.0.0-20221124174025-c46110e3ea42/go.mod h1:HRaXVV1caceumbDBwLO3ByiCcAc18KwrNvZ7JQBvDIQ= github.com/trustbloc/sidetree-go v1.1.0 h1:ZNCtYTut5MHVXJR26FvOPSo8uCGDR0YTNeA155s/QIo= github.com/trustbloc/sidetree-go v1.1.0/go.mod h1:IQ1iX/gLe/YL+M6kzenc5Oi14uzaYqfL7KgMyNuSGvI= -github.com/trustbloc/vc-go v1.2.1-0.20241031140324-d25fb970e6f5 h1:p3dmAih8yucca6pLMeRwjzHHcX1k5g4KbreH329doBw= -github.com/trustbloc/vc-go v1.2.1-0.20241031140324-d25fb970e6f5/go.mod h1:3/GbrzF7phN+SxBTZaUBS6VxnoxpXGBUjjk3Eg4ImUk= +github.com/trustbloc/vc-go v1.2.1-0.20241119140508-59af0e10bdcc h1:hw0PseUDqXeXTJV/yeHYBteiU3f8BMMGVE9GfozygZw= +github.com/trustbloc/vc-go v1.2.1-0.20241119140508-59af0e10bdcc/go.mod h1:3/GbrzF7phN+SxBTZaUBS6VxnoxpXGBUjjk3Eg4ImUk= github.com/veraison/go-cose v1.1.1-0.20240126165338-2300d5c96dbd h1:QhdCHSW1/oosJbzBTEYLU6xcKxXbQzzqFnhCtW2UWbA= github.com/veraison/go-cose v1.1.1-0.20240126165338-2300d5c96dbd/go.mod h1:D1wnviyjdmcF8AO5Y9kVGU6OGuvXUMGiE0Auo/fYRYo= github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= diff --git a/test/integration/go.mod b/test/integration/go.mod index 7313a554..3bdb8bfe 100644 --- a/test/integration/go.mod +++ b/test/integration/go.mod @@ -14,7 +14,7 @@ require ( github.com/trustbloc/cmdutil-go v0.0.0-20221125151303-09d42adcc811 github.com/trustbloc/did-go v1.3.1-0.20241021165331-5721a3ff7396 github.com/trustbloc/logutil-go v1.0.0-rc1 - github.com/trustbloc/vc-go v1.2.1-0.20241031140324-d25fb970e6f5 + github.com/trustbloc/vc-go v1.2.1-0.20241119140508-59af0e10bdcc github.com/trustbloc/wallet-sdk v0.0.0-00010101000000-000000000000 github.com/trustbloc/wallet-sdk/cmd/wallet-sdk-gomobile v0.0.0-00010101000000-000000000000 go.uber.org/zap v1.23.0 diff --git a/test/integration/go.sum b/test/integration/go.sum index a23c7f75..7654ce1c 100644 --- a/test/integration/go.sum +++ b/test/integration/go.sum @@ -165,8 +165,8 @@ github.com/trustbloc/logutil-go v1.0.0-rc1 h1:rRJbvgQfrlUfyej+mY0nuQJymGqjRW4oZE github.com/trustbloc/logutil-go v1.0.0-rc1/go.mod h1:JlxT0oZfNKgIlSNtgc001WEeDMxlnAvOM43gNm8DQVc= github.com/trustbloc/sidetree-go v1.1.0 h1:ZNCtYTut5MHVXJR26FvOPSo8uCGDR0YTNeA155s/QIo= github.com/trustbloc/sidetree-go v1.1.0/go.mod h1:IQ1iX/gLe/YL+M6kzenc5Oi14uzaYqfL7KgMyNuSGvI= -github.com/trustbloc/vc-go v1.2.1-0.20241031140324-d25fb970e6f5 h1:p3dmAih8yucca6pLMeRwjzHHcX1k5g4KbreH329doBw= -github.com/trustbloc/vc-go v1.2.1-0.20241031140324-d25fb970e6f5/go.mod h1:3/GbrzF7phN+SxBTZaUBS6VxnoxpXGBUjjk3Eg4ImUk= +github.com/trustbloc/vc-go v1.2.1-0.20241119140508-59af0e10bdcc h1:hw0PseUDqXeXTJV/yeHYBteiU3f8BMMGVE9GfozygZw= +github.com/trustbloc/vc-go v1.2.1-0.20241119140508-59af0e10bdcc/go.mod h1:3/GbrzF7phN+SxBTZaUBS6VxnoxpXGBUjjk3Eg4ImUk= github.com/veraison/go-cose v1.1.1-0.20240126165338-2300d5c96dbd h1:QhdCHSW1/oosJbzBTEYLU6xcKxXbQzzqFnhCtW2UWbA= github.com/veraison/go-cose v1.1.1-0.20240126165338-2300d5c96dbd/go.mod h1:D1wnviyjdmcF8AO5Y9kVGU6OGuvXUMGiE0Auo/fYRYo= github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= diff --git a/test/integration/trustregistry/go.mod b/test/integration/trustregistry/go.mod index dbb1ded4..aaba389f 100644 --- a/test/integration/trustregistry/go.mod +++ b/test/integration/trustregistry/go.mod @@ -49,7 +49,7 @@ require ( github.com/trustbloc/bbs-signature-go v1.0.2 // indirect github.com/trustbloc/did-go v1.3.1-0.20241021165331-5721a3ff7396 // indirect github.com/trustbloc/kms-go v1.1.3-0.20241001141623-8d9510c6bb88 // indirect - github.com/trustbloc/vc-go v1.2.1-0.20241031140324-d25fb970e6f5 // indirect + github.com/trustbloc/vc-go v1.2.1-0.20241119140508-59af0e10bdcc // indirect github.com/veraison/go-cose v1.1.1-0.20240126165338-2300d5c96dbd // indirect github.com/x448/float16 v0.8.4 // indirect github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect diff --git a/test/integration/trustregistry/go.sum b/test/integration/trustregistry/go.sum index b4848fb8..0850afa4 100644 --- a/test/integration/trustregistry/go.sum +++ b/test/integration/trustregistry/go.sum @@ -126,8 +126,8 @@ github.com/trustbloc/did-go v1.3.1-0.20241021165331-5721a3ff7396 h1:z9x5gLgDeUtc github.com/trustbloc/did-go v1.3.1-0.20241021165331-5721a3ff7396/go.mod h1:L5m4TVlPwe7VN5FRrANPMg6EJN8wIlthC8CvossDZVI= github.com/trustbloc/kms-go v1.1.3-0.20241001141623-8d9510c6bb88 h1:k3KNf9tE4TBVdpEtImmZIbUWFZRoL/96GPR7FSqCr9k= github.com/trustbloc/kms-go v1.1.3-0.20241001141623-8d9510c6bb88/go.mod h1:OKOtsLbE6W5s4mpjWkvk8XEqcmt9vTgVmDNkHELpWO0= -github.com/trustbloc/vc-go v1.2.1-0.20241031140324-d25fb970e6f5 h1:p3dmAih8yucca6pLMeRwjzHHcX1k5g4KbreH329doBw= -github.com/trustbloc/vc-go v1.2.1-0.20241031140324-d25fb970e6f5/go.mod h1:3/GbrzF7phN+SxBTZaUBS6VxnoxpXGBUjjk3Eg4ImUk= +github.com/trustbloc/vc-go v1.2.1-0.20241119140508-59af0e10bdcc h1:hw0PseUDqXeXTJV/yeHYBteiU3f8BMMGVE9GfozygZw= +github.com/trustbloc/vc-go v1.2.1-0.20241119140508-59af0e10bdcc/go.mod h1:3/GbrzF7phN+SxBTZaUBS6VxnoxpXGBUjjk3Eg4ImUk= github.com/veraison/go-cose v1.1.1-0.20240126165338-2300d5c96dbd h1:QhdCHSW1/oosJbzBTEYLU6xcKxXbQzzqFnhCtW2UWbA= github.com/veraison/go-cose v1.1.1-0.20240126165338-2300d5c96dbd/go.mod h1:D1wnviyjdmcF8AO5Y9kVGU6OGuvXUMGiE0Auo/fYRYo= github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM=