From f74cc3e374a7c2222b078363e09475cd3cb971b0 Mon Sep 17 00:00:00 2001 From: Shailesh Patil <53746241+mineme0110@users.noreply.github.com> Date: Thu, 17 Oct 2024 11:20:01 +0100 Subject: [PATCH 01/17] test: Add integration test for conectionless issuance (#1395) Signed-off-by: mineme0110 Signed-off-by: Hyperledger Bot Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Hyperledger Bot --- .../connectionless/ConnectionLessSteps.kt | 81 +++++++++++++++++++ .../features/credential/jwt/issuance.feature | 10 +++ .../credential/sdjwt/issuance.feature | 11 +++ 3 files changed, 102 insertions(+) create mode 100644 tests/integration-tests/src/test/kotlin/steps/connectionless/ConnectionLessSteps.kt diff --git a/tests/integration-tests/src/test/kotlin/steps/connectionless/ConnectionLessSteps.kt b/tests/integration-tests/src/test/kotlin/steps/connectionless/ConnectionLessSteps.kt new file mode 100644 index 0000000000..627281d15a --- /dev/null +++ b/tests/integration-tests/src/test/kotlin/steps/connectionless/ConnectionLessSteps.kt @@ -0,0 +1,81 @@ +package steps.connectionless + +import interactions.Post +import interactions.body +import io.cucumber.java.en.* +import io.iohk.atala.automation.extensions.get +import io.iohk.atala.automation.serenity.ensure.Ensure +import net.serenitybdd.rest.SerenityRest +import net.serenitybdd.screenplay.Actor +import org.apache.http.HttpStatus.SC_CREATED +import org.apache.http.HttpStatus.SC_OK +import org.hyperledger.identus.client.models.* + +class ConnectionLessSteps { + + @When("{actor} creates a {string} credential offer invitation with {string} form DID") + fun inviterGeneratesACredentialOfferInvitation(issuer: Actor, credentialFormat: String, didForm: String) { + val claims = linkedMapOf( + "firstName" to "Automation", + "lastName" to "Execution", + "email" to "email@example.com", + ) + val did: String = if (didForm == "short") { + issuer.recall("shortFormDid") + } else { + issuer.recall("longFormDid") + } + val credentialOfferRequest = CreateIssueCredentialRecordRequest( + claims = claims, + issuingDID = did, + validityPeriod = 3600.0, + credentialFormat = credentialFormat, + automaticIssuance = false, + goalCode = "issue-vc", + goal = "To issue a Faber College Graduate credential", + ) + + issuer.attemptsTo( + Post.to("/issue-credentials/credential-offers/invitation").body(credentialOfferRequest), + ) + + val credentialRecord = SerenityRest.lastResponse().get() + + issuer.attemptsTo( + Ensure.thatTheLastResponse().statusCode().isEqualTo(SC_CREATED), + Ensure.that(credentialRecord.goalCode!!).isEqualTo("issue-vc"), + Ensure.that(credentialRecord.protocolState).isEqualTo(IssueCredentialRecord.ProtocolState.INVITATION_GENERATED), + Ensure.that(credentialRecord.role).isEqualTo(IssueCredentialRecord.Role.ISSUER), + ) + + // Acme remembers connection to send it out of band to Bob + issuer.remember("credentialRecord", credentialRecord) + issuer.remember("thid", credentialRecord.thid) + } + + @And("{actor} accepts the credential offer invitation from {actor}") + fun holderAcceptsCredentialOfferInvitation(holder: Actor, issuer: Actor) { + // Bob accepts connection using achieved out-of-band invitation + val credentialOfferInvitationRecord = issuer.recall("credentialRecord") + holder.attemptsTo( + Post.to("/issue-credentials/credential-offers/accept-invitation") + .with { + it.body( + AcceptCredentialOfferInvitation( + credentialOfferInvitationRecord.invitation?.invitationUrl?.split("=")?.getOrNull(1) + ?: throw IllegalStateException("Invalid invitation URL format"), + ), + ) + }, + ) + val holderIssueCredentialRecord = SerenityRest.lastResponse().get() + + holder.attemptsTo( + Ensure.thatTheLastResponse().statusCode().isEqualTo(SC_OK), + Ensure.that(holderIssueCredentialRecord.protocolState).isEqualTo(IssueCredentialRecord.ProtocolState.OFFER_RECEIVED), + Ensure.that(holderIssueCredentialRecord.role).isEqualTo(IssueCredentialRecord.Role.HOLDER), + ) + holder.remember("recordId", holderIssueCredentialRecord.recordId) + holder.remember("thid", holderIssueCredentialRecord.thid) + } +} diff --git a/tests/integration-tests/src/test/resources/features/credential/jwt/issuance.feature b/tests/integration-tests/src/test/resources/features/credential/jwt/issuance.feature index 2e9689f772..79b541c1f6 100644 --- a/tests/integration-tests/src/test/resources/features/credential/jwt/issuance.feature +++ b/tests/integration-tests/src/test/resources/features/credential/jwt/issuance.feature @@ -1,6 +1,7 @@ @jwt @issuance Feature: Issue JWT credential + Scenario: Issuing jwt credential with published PRISM DID Given Issuer and Holder have an existing connection And Issuer has a published DID for JWT @@ -39,3 +40,12 @@ Feature: Issue JWT credential And Holder accepts jwt credential offer And Issuer issues the credential Then Holder receives the issued credential + + Scenario: Connectionless issuance of JWT credential using OOB invitation + Given Issuer has a published DID for JWT + And Holder has an unpublished DID for JWT + When Issuer creates a "JWT" credential offer invitation with "short" form DID + And Holder accepts the credential offer invitation from Issuer + And Holder accepts jwt credential offer + And Issuer issues the credential + Then Holder receives the issued credential \ No newline at end of file diff --git a/tests/integration-tests/src/test/resources/features/credential/sdjwt/issuance.feature b/tests/integration-tests/src/test/resources/features/credential/sdjwt/issuance.feature index 29af552150..a96c24f04f 100644 --- a/tests/integration-tests/src/test/resources/features/credential/sdjwt/issuance.feature +++ b/tests/integration-tests/src/test/resources/features/credential/sdjwt/issuance.feature @@ -23,6 +23,17 @@ Feature: Issue SD-JWT credential Then Holder receives the issued credential Then Holder checks the sd-jwt credential contents with holder binding + Scenario: Connectionless issuance of sd-jwt credential with holder binding + And Issuer has a published DID for SD_JWT + And Holder has an unpublished DID for SD_JWT + When Issuer creates a "SDJWT" credential offer invitation with "short" form DID + And Holder accepts the credential offer invitation from Issuer + And Holder accepts credential offer for sd-jwt with 'auth-1' key binding + And Issuer issues the credential + Then Holder receives the issued credential + Then Holder checks the sd-jwt credential contents with holder binding + + # Scenario: Issuing sd-jwt with wrong algorithm # Given Issuer and Holder have an existing connection # When Issuer prepares a custom PRISM DID From 9b64793ee7939860973108a8b30bc0b48a840518 Mon Sep 17 00:00:00 2001 From: bvoiturier Date: Fri, 18 Oct 2024 09:44:50 +0200 Subject: [PATCH 02/17] fix: handle unsupported PIURI found in DIDComm messages accordingly (#1399) Signed-off-by: Benjamin Voiturier --- .../didcomm/controller/DIDCommControllerError.scala | 8 +++++++- .../didcomm/controller/DIDCommControllerImpl.scala | 4 ++-- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/didcomm/controller/DIDCommControllerError.scala b/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/didcomm/controller/DIDCommControllerError.scala index 5a27032b75..4c7208fda0 100644 --- a/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/didcomm/controller/DIDCommControllerError.scala +++ b/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/didcomm/controller/DIDCommControllerError.scala @@ -1,6 +1,6 @@ package org.hyperledger.identus.didcomm.controller -import org.hyperledger.identus.mercury.model.DidId +import org.hyperledger.identus.mercury.model.{DidId, PIURI} import org.hyperledger.identus.shared.models.{Failure, KeyId, StatusCode} sealed trait DIDCommControllerError extends Failure { @@ -39,4 +39,10 @@ object DIDCommControllerError { override def userFacingMessage: String = s"The Peer DID does not contain the required key: DID=${did.value}, keyId=${keyId.value}" } + + final case class UnsupportedPIURI(piuri: PIURI) extends DIDCommControllerError { + override def statusCode: StatusCode = StatusCode.UnprocessableContent + override def userFacingMessage: String = + s"The Protocol Identifier URI (URI) found in the DIDComm message is not supported: PIURI=$piuri" + } } diff --git a/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/didcomm/controller/DIDCommControllerImpl.scala b/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/didcomm/controller/DIDCommControllerImpl.scala index b910ace0f4..b13d522e03 100644 --- a/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/didcomm/controller/DIDCommControllerImpl.scala +++ b/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/didcomm/controller/DIDCommControllerImpl.scala @@ -184,8 +184,8 @@ class DIDCommControllerImpl( /* * Unknown Message */ - private val handleUnknownMessage: PartialFunction[Message, UIO[String]] = { case _ => - ZIO.succeed("Unknown Message Type") + private val handleUnknownMessage: PartialFunction[Message, IO[UnsupportedPIURI, String]] = { case msg => + ZIO.fail(UnsupportedPIURI(msg.piuri)) } } From cbd1a03a8aa91c5a5487c54046e4d9305f9d9241 Mon Sep 17 00:00:00 2001 From: Shailesh Patil Date: Tue, 22 Oct 2024 16:04:00 +0100 Subject: [PATCH 03/17] fix: Add key_id missing field (#1403) Signed-off-by: mineme0110 --- .../pollux/sql/repository/JdbcCredentialRepository.scala | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/pollux/sql-doobie/src/main/scala/org/hyperledger/identus/pollux/sql/repository/JdbcCredentialRepository.scala b/pollux/sql-doobie/src/main/scala/org/hyperledger/identus/pollux/sql/repository/JdbcCredentialRepository.scala index 151ebd9e3f..53a3296dc3 100644 --- a/pollux/sql-doobie/src/main/scala/org/hyperledger/identus/pollux/sql/repository/JdbcCredentialRepository.scala +++ b/pollux/sql-doobie/src/main/scala/org/hyperledger/identus/pollux/sql/repository/JdbcCredentialRepository.scala @@ -504,7 +504,8 @@ class JdbcCredentialRepository(xa: Transactor[ContextAwareTask], xb: Transactor[ | credential_format, | schema_uris, | credential_definition_uri, - | subject_id + | subject_id, + | key_id | FROM public.issue_credential_records | WHERE 1=1 | AND issue_credential_data IS NOT NULL From b6a895b6e8700f34926589025ac1087ddda5937c Mon Sep 17 00:00:00 2001 From: Shailesh Patil Date: Tue, 22 Oct 2024 16:18:55 +0100 Subject: [PATCH 04/17] chore: I, Shailesh Patil, retroactively sign off on these commits: (#1398) Signed-off-by: mineme0110 From d5821d0a61da99b874e23eed02856d071915535e Mon Sep 17 00:00:00 2001 From: Fabio Pinheiro Date: Thu, 24 Oct 2024 14:46:48 +0100 Subject: [PATCH 05/17] build: add job Update Dependency Graph (#1400) Signed-off-by: FabioPinheiro --- .github/sbt-dependency-submission.yml | 70 +++++++++++++++++++++++++++ project/plugins.sbt | 12 +++++ 2 files changed, 82 insertions(+) create mode 100644 .github/sbt-dependency-submission.yml diff --git a/.github/sbt-dependency-submission.yml b/.github/sbt-dependency-submission.yml new file mode 100644 index 0000000000..7a0035e185 --- /dev/null +++ b/.github/sbt-dependency-submission.yml @@ -0,0 +1,70 @@ +# See https://github.com/marketplace/actions/sbt-dependency-submission +name: Update Dependency Graph +on: + # push: + # branches: + # - master # default branch of the project + schedule: + - cron: "0 20 * * *" + workflow_dispatch: +jobs: + dependency-graph: + name: Update Dependency Graph + runs-on: ubuntu-latest # or windows-latest, or macOS-latest + steps: + - uses: actions/checkout@v3 + - name: Setup Java and Scala + uses: olafurpg/setup-scala@v14 + with: + java-version: adopt@1.11 + - name: Setup Node + uses: actions/setup-node@v3 + with: + node-version: "18" # or whatever + # - name: Setup Scala.JS + # uses: japgolly/setup-scalajs@v1 + - name: Cache sbt + uses: coursier/cache-action@v6.3 + # - name: npm install + # run: npm install + - uses: scalacenter/sbt-dependency-submission@v2 + with: + working-directory: ./ + modules-ignore: + root_3 + shared-test + polluxanoncredstest_3 + # predef_3 + # mercury-agent-didcommx_3 + # identus-cloud-agent_3 + # mercury-protocol-coordinate-mediation_3 + # pollux-sql-doobie_3 + # mercury-protocol-outofband-login_3 + # connect-sql-doobie_3 + # shared + # pollux-core_3 + # pollux-sd-jwt_3 + # shared-json + # pollux-vc-jwt_3 + # mercury-agent-core_3 + # mercury-protocol-connection_3 + # mercury-protocol-present-proof_3 + # castor-core_3 + # connect-core_3 + # mercury-protocol-trust-ping_3 + # shared-crypto + # mercury-protocol-report-problem_3 + # pollux-prex_3 + # mercury-data-models_3 + # mercury-resolver_3 + # mercury-protocol-issue-credential_3 + # pollux-anoncreds_3 + # mercury-protocol-routing-2-0_3 + # mercury-verifiable-credentials_3 + # mercury-protocol-did-exchange_3 + # mercury-protocol-revocation-notification_3 + # mercury-protocol-invitation_3 + # event-notification_3 + # prism-node-client_3 + # cloud-agent-wallet-api_3 + configs-ignore: test scala-tool scala-doc-tool diff --git a/project/plugins.sbt b/project/plugins.sbt index 92cb4d7e27..f81f6ad876 100644 --- a/project/plugins.sbt +++ b/project/plugins.sbt @@ -21,3 +21,15 @@ if (sys.env.get("GITHUB_TOKEN").isDefined) { Defaults.sbtPluginExtra(dependency, sbtV, scalaV) } } else libraryDependencies ++= Seq[ModuleID]() + +// See file in .github/workflows/sbt-dependency-submission.yml +if (sys.env.get("DEPEDABOT").isDefined) { + println(s"Adding plugin sbt-github-dependency-submission since env DEPEDABOT is defined.") + // The reason for this is that the plugin needs the variable to be defined. We don't want to have that requirement. + libraryDependencies += { + val dependency = "ch.epfl.scala" % "sbt-github-dependency-submission" % "3.1.0" + val sbtV = (pluginCrossBuild / sbtBinaryVersion).value + val scalaV = (update / scalaBinaryVersion).value + Defaults.sbtPluginExtra(dependency, sbtV, scalaV) + } +} else libraryDependencies ++= Seq[ModuleID]() From c5071d5707e8c79b450f82c0c891f77d2eb26b95 Mon Sep 17 00:00:00 2001 From: Fabio Pinheiro Date: Thu, 24 Oct 2024 15:11:06 +0100 Subject: [PATCH 06/17] build: fix Github action sbt-dependency-submission location (#1415) Signed-off-by: FabioPinheiro --- .github/{ => workflows}/sbt-dependency-submission.yml | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename .github/{ => workflows}/sbt-dependency-submission.yml (100%) diff --git a/.github/sbt-dependency-submission.yml b/.github/workflows/sbt-dependency-submission.yml similarity index 100% rename from .github/sbt-dependency-submission.yml rename to .github/workflows/sbt-dependency-submission.yml From 43b65b6af323a677730a3a2a7a23a2c49b0515ae Mon Sep 17 00:00:00 2001 From: Shailesh Patil Date: Mon, 28 Oct 2024 13:12:14 +0000 Subject: [PATCH 07/17] test: Add test connectionless verification (#1418) Signed-off-by: mineme0110 Signed-off-by: Hyperledger Bot Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Hyperledger Bot --- .../connectionless/ConnectionLessSteps.kt | 91 +++++++++++++++++++ .../credential/jwt/present_proof.feature | 7 ++ .../credential/sdjwt/present_proof.feature | 12 +++ 3 files changed, 110 insertions(+) diff --git a/tests/integration-tests/src/test/kotlin/steps/connectionless/ConnectionLessSteps.kt b/tests/integration-tests/src/test/kotlin/steps/connectionless/ConnectionLessSteps.kt index 627281d15a..24f2e281ac 100644 --- a/tests/integration-tests/src/test/kotlin/steps/connectionless/ConnectionLessSteps.kt +++ b/tests/integration-tests/src/test/kotlin/steps/connectionless/ConnectionLessSteps.kt @@ -1,5 +1,6 @@ package steps.connectionless +import com.google.gson.JsonObject import interactions.Post import interactions.body import io.cucumber.java.en.* @@ -78,4 +79,94 @@ class ConnectionLessSteps { holder.remember("recordId", holderIssueCredentialRecord.recordId) holder.remember("thid", holderIssueCredentialRecord.thid) } + + @When("{actor} creates a OOB Invitation request for JWT proof presentation") + fun verifierCreatesARequestForJwtProofPresentationOfferInvitation(verifier: Actor) { + val presentationRequest = RequestPresentationInput( + goalCode = "present-vp", + goal = "Request proof of vaccine", + options = Options( + challenge = "11c91493-01b3-4c4d-ac36-b336bab5bddf", + domain = "https://example-verifier.com", + ), + proofs = listOf( + ProofRequestAux( + schemaId = "https://schema.org/Person", + trustIssuers = listOf("did:web:atalaprism.io/users/testUser"), + ), + ), + ) + + verifier.attemptsTo( + Post.to("/present-proof/presentations/invitation").body(presentationRequest), + Ensure.thatTheLastResponse().statusCode().isEqualTo(SC_CREATED), + ) + val presentationStatus = SerenityRest.lastResponse().get() + + verifier.attemptsTo( + Ensure.thatTheLastResponse().statusCode().isEqualTo(SC_CREATED), + Ensure.that(presentationStatus.status).isEqualTo(PresentationStatus.Status.INVITATION_GENERATED), + Ensure.that(presentationStatus.role).isEqualTo(PresentationStatus.Role.VERIFIER), + ) + + verifier.remember("presentationStatus", presentationStatus) + verifier.remember("thid", presentationStatus.thid) + } + + @And("{actor} accepts the OOB invitation request for JWT proof presentation from {actor}") + fun holderAcceptsJwtProofPresentationOfferInvitation(holder: Actor, verifier: Actor) { + val verifierPresentationStatusRecord = verifier.recall("presentationStatus") + holder.attemptsTo( + Post.to("/present-proof/presentations/accept-invitation") + .with { + it.body( + AcceptRequestPresentationInvitation( + verifierPresentationStatusRecord.invitation?.invitationUrl?.split("=")?.getOrNull(1) + ?: throw IllegalStateException("Invalid invitation URL format"), + ), + ) + }, + ) + val holderPresentationStatusRecord = SerenityRest.lastResponse().get() + + holder.attemptsTo( + Ensure.thatTheLastResponse().statusCode().isEqualTo(SC_OK), + Ensure.that(holderPresentationStatusRecord.status).isEqualTo(PresentationStatus.Status.REQUEST_RECEIVED), + Ensure.that(holderPresentationStatusRecord.role).isEqualTo(PresentationStatus.Role.PROVER), + ) + holder.remember("recordId", holderPresentationStatusRecord.presentationId) + holder.remember("thid", holderPresentationStatusRecord.thid) + } + + @When("{actor} creates a OOB Invitation request for sd-jwt proof presentation requesting [{}] claims") + fun verifierCreatesARequestForSdJwtProofPresentationInvitation(verifier: Actor, keys: String) { + val claims = JsonObject() + for (key in keys.split(",")) { + claims.addProperty(key, "{}") + } + val presentationRequest = RequestPresentationInput( + options = Options( + challenge = "11c91493-01b3-4c4d-ac36-b336bab5bddf", + domain = "https://example-verifier.com", + ), + proofs = listOf(), + credentialFormat = "SDJWT", + claims = claims, + ) + + verifier.attemptsTo( + Post.to("/present-proof/presentations/invitation").body(presentationRequest), + Ensure.thatTheLastResponse().statusCode().isEqualTo(SC_CREATED), + ) + val presentationStatus = SerenityRest.lastResponse().get() + + verifier.attemptsTo( + Ensure.thatTheLastResponse().statusCode().isEqualTo(SC_CREATED), + Ensure.that(presentationStatus.status).isEqualTo(PresentationStatus.Status.INVITATION_GENERATED), + Ensure.that(presentationStatus.role).isEqualTo(PresentationStatus.Role.VERIFIER), + ) + + verifier.remember("presentationStatus", presentationStatus) + verifier.remember("thid", presentationStatus.thid) + } } diff --git a/tests/integration-tests/src/test/resources/features/credential/jwt/present_proof.feature b/tests/integration-tests/src/test/resources/features/credential/jwt/present_proof.feature index 5b0f46564c..43612873d6 100644 --- a/tests/integration-tests/src/test/resources/features/credential/jwt/present_proof.feature +++ b/tests/integration-tests/src/test/resources/features/credential/jwt/present_proof.feature @@ -25,3 +25,10 @@ Feature: Present Proof Protocol And Holder rejects the proof Then Holder sees the proof is rejected + Scenario: Connectionless Verification Holder presents jwt credential proof to verifier + Given Holder has a jwt issued credential from Issuer + When Verifier creates a OOB Invitation request for JWT proof presentation + And Holder accepts the OOB invitation request for JWT proof presentation from Verifier + And Holder receives the presentation proof request + And Holder makes the jwt presentation of the proof + Then Verifier has the proof verified \ No newline at end of file diff --git a/tests/integration-tests/src/test/resources/features/credential/sdjwt/present_proof.feature b/tests/integration-tests/src/test/resources/features/credential/sdjwt/present_proof.feature index e5d273bf37..96e8f4e961 100644 --- a/tests/integration-tests/src/test/resources/features/credential/sdjwt/present_proof.feature +++ b/tests/integration-tests/src/test/resources/features/credential/sdjwt/present_proof.feature @@ -25,6 +25,18 @@ Feature: Present SD-JWT Proof Protocol | Verifier | | Issuer | + Scenario Outline: Holder presents sd-jwt proof to + Given Holder has a sd-jwt issued credential from Issuer + When creates a OOB Invitation request for sd-jwt proof presentation requesting [firstName] claims + And Holder accepts the OOB invitation request for JWT proof presentation from + And Holder receives the presentation proof request + And Holder makes the sd-jwt presentation of the proof disclosing [firstName] claims + Then has the proof verified + Examples: + | verifier | + | Verifier | + | Issuer | + # Scenario: Holder presents sd-jwt proof with different claims from requested # Given Verifier and Holder have an existing connection # And Holder has a bound sd-jwt issued credential from Issuer From 228f07bee719229bbd74f2261f57f5454089dab7 Mon Sep 17 00:00:00 2001 From: bvoiturier Date: Tue, 29 Oct 2024 11:26:36 +0100 Subject: [PATCH 08/17] chore: upgrade to latest Tapir version (#1417) Signed-off-by: Benjamin Voiturier --- build.sbt | 12 +++++++----- .../agent/notification/WebhookPublisher.scala | 2 +- .../hyperledger/identus/agent/server/MainApp.scala | 2 +- .../agent/server/http/CustomServerInterceptors.scala | 4 ++-- .../agent/server/http/ZHttp4sBlazeServer.scala | 4 +--- .../system/controller/SystemControllerImpl.scala | 2 +- .../controller/SystemControllerTestTools.scala | 3 +-- 7 files changed, 14 insertions(+), 15 deletions(-) diff --git a/build.sbt b/build.sbt index 0df784ff60..9307ab6f20 100644 --- a/build.sbt +++ b/build.sbt @@ -61,7 +61,7 @@ lazy val V = new { // https://mvnrepository.com/artifact/io.circe/circe-core val circe = "0.14.7" - val tapir = "1.6.4" // scala-steward:off // TODO "1.10.5" + val tapir = "1.11.7" // scala-steward:off // TODO "1.10.5" val http4sBlaze = "0.23.15" // scala-steward:off // TODO "0.23.16" val typesafeConfig = "1.4.3" @@ -90,7 +90,7 @@ lazy val V = new { // [error] org.hyperledger.identus.pollux.core.model.schema.CredentialSchemaSpec val vaultDriver = "6.2.0" - val micrometer = "1.11.11" + val micrometer = "1.13.6" val nimbusJwt = "9.37.3" val keycloak = "23.0.7" // scala-steward:off //TODO 24.0.3 // update all quay.io/keycloak/keycloak @@ -114,7 +114,10 @@ lazy val D = new { val tapirPrometheusMetrics: ModuleID = "com.softwaremill.sttp.tapir" %% "tapir-prometheus-metrics" % V.tapir val micrometer: ModuleID = "io.micrometer" % "micrometer-registry-prometheus" % V.micrometer val micrometerPrometheusRegistry = "io.micrometer" % "micrometer-core" % V.micrometer - val scalaUri = "io.lemonlabs" %% "scala-uri" % V.scalaUri + val scalaUri = Seq( + "io.lemonlabs" %% "scala-uri" % V.scalaUri exclude ("org.typelevel", "cats-parse_3"), // Exclude cats-parse to avoid deps conflict + "org.typelevel" % "cats-parse_3" % "1.0.0", // Replace with version 1.0.0 + ) val zioConfig: ModuleID = "dev.zio" %% "zio-config" % V.zioConfig val zioConfigMagnolia: ModuleID = "dev.zio" %% "zio-config-magnolia" % V.zioConfig @@ -194,13 +197,12 @@ lazy val D_Shared = new { D.zioConcurrent, D.zioHttp, D.zioKafka, - D.scalaUri, D.zioPrelude, // FIXME: split shared DB stuff as subproject? D.doobieHikari, D.doobiePostgres, D.zioCatsInterop, - ) + ) ++ D.scalaUri } lazy val D_SharedJson = new { diff --git a/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/agent/notification/WebhookPublisher.scala b/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/agent/notification/WebhookPublisher.scala index c4af9c4016..4c50697e03 100644 --- a/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/agent/notification/WebhookPublisher.scala +++ b/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/agent/notification/WebhookPublisher.scala @@ -101,7 +101,7 @@ class WebhookPublisher( _ <- ZIO.logDebug(s"Sending event: $event to HTTP webhook URL: $url.") url <- ZIO.fromEither(URL.decode(url)).orDie response <- Client - .request( + .streaming( Request( url = url, method = Method.POST, diff --git a/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/agent/server/MainApp.scala b/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/agent/server/MainApp.scala index 922593389a..a8f76d1656 100644 --- a/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/agent/server/MainApp.scala +++ b/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/agent/server/MainApp.scala @@ -1,7 +1,7 @@ package org.hyperledger.identus.agent.server import com.nimbusds.jose.crypto.bc.BouncyCastleProviderSingleton -import io.micrometer.prometheus.{PrometheusConfig, PrometheusMeterRegistry} +import io.micrometer.prometheusmetrics.{PrometheusConfig, PrometheusMeterRegistry} import org.hyperledger.identus.agent.server.config.AppConfig import org.hyperledger.identus.agent.server.http.ZioHttpClient import org.hyperledger.identus.agent.server.sql.Migrations as AgentMigrations diff --git a/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/agent/server/http/CustomServerInterceptors.scala b/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/agent/server/http/CustomServerInterceptors.scala index 44ffa1cea8..8da72798ec 100644 --- a/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/agent/server/http/CustomServerInterceptors.scala +++ b/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/agent/server/http/CustomServerInterceptors.scala @@ -66,7 +66,7 @@ object CustomServerInterceptors { ) ) - def tapirDecodeFailureHandler: DecodeFailureHandler = (ctx: DecodeFailureContext) => { + def tapirDecodeFailureHandler[F[_]]: DecodeFailureHandler[F] = DecodeFailureHandler.pure[F](ctx => { /** As per the Tapir Decode Failures documentation: * @@ -100,7 +100,7 @@ object CustomServerInterceptors { ) ) case None => None - } + }) def http4sServiceErrorHandler: ServiceErrorHandler[Task] = (req: Request[Task]) => { case t: Throwable => val res = tapirDefectHandler( diff --git a/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/agent/server/http/ZHttp4sBlazeServer.scala b/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/agent/server/http/ZHttp4sBlazeServer.scala index 1293185891..bb15ac4648 100644 --- a/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/agent/server/http/ZHttp4sBlazeServer.scala +++ b/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/agent/server/http/ZHttp4sBlazeServer.scala @@ -3,15 +3,13 @@ package org.hyperledger.identus.agent.server.http import io.circe.* import io.circe.generic.semiauto.* import io.circe.syntax.* -import io.micrometer.prometheus.PrometheusMeterRegistry +import io.micrometer.prometheusmetrics.PrometheusMeterRegistry import org.http4s.* import org.http4s.blaze.server.BlazeServerBuilder import org.http4s.server.Router -import org.hyperledger.identus.api.http.ErrorResponse import org.hyperledger.identus.shared.crypto.Sha256Hash import org.hyperledger.identus.shared.json.Json import org.hyperledger.identus.system.controller.SystemEndpoints -import sttp.tapir.* import sttp.tapir.model.ServerRequest import sttp.tapir.server.http4s.ztapir.ZHttp4sServerInterpreter import sttp.tapir.server.http4s.Http4sServerOptions diff --git a/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/system/controller/SystemControllerImpl.scala b/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/system/controller/SystemControllerImpl.scala index 3e8850bc68..611d099dce 100644 --- a/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/system/controller/SystemControllerImpl.scala +++ b/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/system/controller/SystemControllerImpl.scala @@ -1,6 +1,6 @@ package org.hyperledger.identus.system.controller -import io.micrometer.prometheus.PrometheusMeterRegistry +import io.micrometer.prometheusmetrics.PrometheusMeterRegistry import org.hyperledger.identus.agent.server.buildinfo.BuildInfo import org.hyperledger.identus.api.http.{ErrorResponse, RequestContext} import org.hyperledger.identus.system.controller.http.HealthInfo diff --git a/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/system/controller/SystemControllerTestTools.scala b/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/system/controller/SystemControllerTestTools.scala index 80f15ce237..f01acea610 100644 --- a/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/system/controller/SystemControllerTestTools.scala +++ b/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/system/controller/SystemControllerTestTools.scala @@ -1,7 +1,6 @@ package org.hyperledger.identus.system.controller -import io.micrometer.prometheus.{PrometheusConfig, PrometheusMeterRegistry} -import org.hyperledger.identus.agent.server.config.AppConfig +import io.micrometer.prometheusmetrics.{PrometheusConfig, PrometheusMeterRegistry} import org.hyperledger.identus.agent.server.http.CustomServerInterceptors import org.hyperledger.identus.agent.server.SystemModule.configLayer import org.hyperledger.identus.system.controller.http.HealthInfo From 5830a7e17a72abae98faa81594421aa577eaeb24 Mon Sep 17 00:00:00 2001 From: Shailesh Patil Date: Thu, 31 Oct 2024 11:41:54 +0000 Subject: [PATCH 09/17] fix: key id for jwt and sdjwt (#1420) Signed-off-by: mineme0110 Signed-off-by: Hyperledger Bot Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Hyperledger Bot --- .../castor/core/service/MockDIDService.scala | 84 ++++++++++++------ .../OIDCCredentialIssuerServiceSpec.scala | 4 +- .../model/error/CredentialServiceError.scala | 8 +- .../core/service/CredentialServiceImpl.scala | 88 ++++++++++++------- .../CredentialRepositoryInMemory.scala | 1 + .../service/CredentialServiceImplSpec.scala | 70 +++++++++++++-- .../service/CredentialServiceSpecHelper.scala | 7 +- .../src/test/kotlin/common/DidPurpose.kt | 9 ++ .../connectionless/ConnectionLessSteps.kt | 1 + .../steps/credentials/JwtCredentialSteps.kt | 30 ++++++- .../test/kotlin/steps/did/PublishDidSteps.kt | 2 + .../features/credential/jwt/issuance.feature | 10 +++ .../features/oid4vci/issue_jwt.feature | 2 +- .../oid4vci/manage_credential_config.feature | 2 +- 14 files changed, 240 insertions(+), 78 deletions(-) diff --git a/castor/src/test/scala/org/hyperledger/identus/castor/core/service/MockDIDService.scala b/castor/src/test/scala/org/hyperledger/identus/castor/core/service/MockDIDService.scala index b911ff9a92..b4400673aa 100644 --- a/castor/src/test/scala/org/hyperledger/identus/castor/core/service/MockDIDService.scala +++ b/castor/src/test/scala/org/hyperledger/identus/castor/core/service/MockDIDService.scala @@ -38,45 +38,59 @@ object MockDIDService extends Mock[DIDService] { } } - def createDID( - verificationRelationship: VerificationRelationship + private def createDIDInternal( + verificationRelationship: VerificationRelationship, + addEd25519Key: Boolean = false ): (PrismDIDOperation.Create, Secp256k1KeyPair, DIDMetadata, DIDData) = { val masterKeyPair = Apollo.default.secp256k1.generateKeyPair val keyPair = Apollo.default.secp256k1.generateKeyPair - val createOperation = PrismDIDOperation.Create( - publicKeys = Seq( - InternalPublicKey( - id = KeyId("master-0"), - purpose = InternalKeyPurpose.Master, - publicKeyData = PublicKeyData.ECCompressedKeyData( - crv = EllipticCurve.SECP256K1, - data = Base64UrlString.fromByteArray(masterKeyPair.publicKey.getEncodedCompressed) - ) - ), - PublicKey( - id = KeyId("key-0"), - purpose = verificationRelationship, - publicKeyData = PublicKeyData.ECCompressedKeyData( - crv = EllipticCurve.SECP256K1, - data = Base64UrlString.fromByteArray(keyPair.publicKey.getEncodedCompressed) - ) - ), + val basePublicKeys = Seq( + InternalPublicKey( + id = KeyId("master-0"), + purpose = InternalKeyPurpose.Master, + publicKeyData = PublicKeyData.ECCompressedKeyData( + crv = EllipticCurve.SECP256K1, + data = Base64UrlString.fromByteArray(masterKeyPair.publicKey.getEncodedCompressed) + ) ), + PublicKey( + id = KeyId("key-0"), + purpose = verificationRelationship, + publicKeyData = PublicKeyData.ECCompressedKeyData( + crv = EllipticCurve.SECP256K1, + data = Base64UrlString.fromByteArray(keyPair.publicKey.getEncodedCompressed) + ) + ) + ) + + val publicKeys = if (addEd25519Key) { + val keyPair2 = Apollo.default.ed25519.generateKeyPair + basePublicKeys :+ PublicKey( + id = KeyId("key-1"), + purpose = verificationRelationship, + publicKeyData = PublicKeyData.ECKeyData( + crv = EllipticCurve.ED25519, + x = Base64UrlString.fromByteArray(keyPair2.publicKey.getEncoded), + y = Base64UrlString.fromByteArray(Array.emptyByteArray), + ) + ) + } else basePublicKeys + + val createOperation = PrismDIDOperation.Create( + publicKeys = publicKeys, services = Nil, context = Nil, ) val longFormDid = PrismDID.buildLongFormFromOperation(createOperation) - // val canonicalDid = longFormDid.asCanonical - val didMetadata = - DIDMetadata( - lastOperationHash = ArraySeq.from(longFormDid.stateHash.toByteArray), - canonicalId = None, // unpublished DID must not contain canonicalId - deactivated = false, // unpublished DID cannot be deactivated - created = None, // unpublished DID cannot have timestamp - updated = None // unpublished DID cannot have timestamp - ) + val didMetadata = DIDMetadata( + lastOperationHash = ArraySeq.from(longFormDid.stateHash.toByteArray), + canonicalId = None, + deactivated = false, + created = None, + updated = None + ) val didData = DIDData( id = longFormDid.asCanonical, publicKeys = createOperation.publicKeys.collect { case pk: PublicKey => pk }, @@ -87,6 +101,18 @@ object MockDIDService extends Mock[DIDService] { (createOperation, keyPair, didMetadata, didData) } + def createDIDOIDC( + verificationRelationship: VerificationRelationship + ): (PrismDIDOperation.Create, Secp256k1KeyPair, DIDMetadata, DIDData) = { + createDIDInternal(verificationRelationship, addEd25519Key = false) + } + + def createDID( + verificationRelationship: VerificationRelationship + ): (PrismDIDOperation.Create, Secp256k1KeyPair, DIDMetadata, DIDData) = { + createDIDInternal(verificationRelationship, addEd25519Key = true) + } + def resolveDIDExpectation(didMetadata: DIDMetadata, didData: DIDData): Expectation[DIDService] = MockDIDService.ResolveDID( assertion = Assertion.anything, diff --git a/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/oid4vci/domain/OIDCCredentialIssuerServiceSpec.scala b/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/oid4vci/domain/OIDCCredentialIssuerServiceSpec.scala index fb4ce6f7ab..d1a5e65584 100644 --- a/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/oid4vci/domain/OIDCCredentialIssuerServiceSpec.scala +++ b/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/oid4vci/domain/OIDCCredentialIssuerServiceSpec.scala @@ -64,10 +64,10 @@ object OIDCCredentialIssuerServiceSpec ) private val (_, issuerKp, issuerDidMetadata, issuerDidData) = - MockDIDService.createDID(VerificationRelationship.AssertionMethod) + MockDIDService.createDIDOIDC(VerificationRelationship.AssertionMethod) private val (holderOp, holderKp, holderDidMetadata, holderDidData) = - MockDIDService.createDID(VerificationRelationship.AssertionMethod) + MockDIDService.createDIDOIDC(VerificationRelationship.AssertionMethod) private val holderDidServiceExpectations = MockDIDService.resolveDIDExpectation(holderDidMetadata, holderDidData) diff --git a/pollux/core/src/main/scala/org/hyperledger/identus/pollux/core/model/error/CredentialServiceError.scala b/pollux/core/src/main/scala/org/hyperledger/identus/pollux/core/model/error/CredentialServiceError.scala index a0ffdbe944..6ad634ce42 100644 --- a/pollux/core/src/main/scala/org/hyperledger/identus/pollux/core/model/error/CredentialServiceError.scala +++ b/pollux/core/src/main/scala/org/hyperledger/identus/pollux/core/model/error/CredentialServiceError.scala @@ -120,7 +120,13 @@ object CredentialServiceError { StatusCode.NotFound, s"A key with the given purpose was not found in the DID: did=${did.toString}, purpose=${verificationRelationship.name}" ) - + final case class MultipleKeysWithSamePurposeFoundInDID( + did: PrismDID, + verificationRelationship: VerificationRelationship + ) extends CredentialServiceError( + StatusCode.BadRequest, + s"A key with the given purpose was found multiple times in the DID: did=${did.toString}, purpose=${verificationRelationship.name}" + ) final case class InvalidCredentialRequest(cause: String) extends CredentialServiceError( StatusCode.BadRequest, diff --git a/pollux/core/src/main/scala/org/hyperledger/identus/pollux/core/service/CredentialServiceImpl.scala b/pollux/core/src/main/scala/org/hyperledger/identus/pollux/core/service/CredentialServiceImpl.scala index a95e80925e..bdd741e155 100644 --- a/pollux/core/src/main/scala/org/hyperledger/identus/pollux/core/service/CredentialServiceImpl.scala +++ b/pollux/core/src/main/scala/org/hyperledger/identus/pollux/core/service/CredentialServiceImpl.scala @@ -223,7 +223,7 @@ class CredentialServiceImpl( claims = attributes, thid = thid, UUID.randomUUID().toString, - "domain", + "domain", // TODO remove the hardcoded domain IssueCredentialOfferFormat.JWT ) record <- createIssueCredentialRecord( @@ -559,8 +559,8 @@ class CredentialServiceImpl( private[this] def getKeyId( did: PrismDID, verificationRelationship: VerificationRelationship, - ellipticCurve: EllipticCurve - ): UIO[KeyId] = { + keyId: Option[KeyId] + ): UIO[PublicKey] = { for { maybeDidData <- didService .resolveDID(did) @@ -569,15 +569,25 @@ class CredentialServiceImpl( .fromOption(maybeDidData) .mapError(_ => DIDNotResolved(did)) .orDieAsUnmanagedFailure - keyId <- ZIO - .fromOption( - didData._2.publicKeys - .find(pk => pk.purpose == verificationRelationship && pk.publicKeyData.crv == ellipticCurve) - .map(_.id) - ) - .mapError(_ => KeyNotFoundInDID(did, verificationRelationship)) - .orDieAsUnmanagedFailure - } yield keyId + matchingKeys = didData._2.publicKeys.filter(pk => pk.purpose == verificationRelationship) + result <- (matchingKeys, keyId) match { + case (Seq(), _) => + ZIO.fail(KeyNotFoundInDID(did, verificationRelationship)).orDieAsUnmanagedFailure + case (Seq(singleKey), None) => + ZIO.succeed(singleKey) + case (multipleKeys, Some(kid)) => + ZIO + .fromOption(multipleKeys.find(_.id.value.endsWith(kid.value))) + .mapError(_ => KeyNotFoundInDID(did, verificationRelationship)) + .orDieAsUnmanagedFailure + case (multipleKeys, None) => + ZIO + .fail( + MultipleKeysWithSamePurposeFoundInDID(did, verificationRelationship) + ) + .orDieAsUnmanagedFailure + } + } yield result } override def getJwtIssuer( @@ -586,34 +596,46 @@ class CredentialServiceImpl( keyId: Option[KeyId] = None ): URIO[WalletAccessContext, JwtIssuer] = { for { - issuingKeyId <- getKeyId(jwtIssuerDID, verificationRelationship, EllipticCurve.SECP256K1) - ecKeyPair <- managedDIDService - .findDIDKeyPair(jwtIssuerDID.asCanonical, issuingKeyId) + issuingPublicKey <- getKeyId(jwtIssuerDID, verificationRelationship, keyId) + jwtIssuer <- managedDIDService + .findDIDKeyPair(jwtIssuerDID.asCanonical, issuingPublicKey.id) .flatMap { - case Some(keyPair: Secp256k1KeyPair) => ZIO.some(keyPair) - case _ => ZIO.none + case Some(keyPair: Secp256k1KeyPair) => { + val jwtIssuer = JwtIssuer( + jwtIssuerDID.did, + ES256KSigner(keyPair.privateKey.toJavaPrivateKey, keyId), + keyPair.publicKey.toJavaPublicKey + ) + ZIO.some(jwtIssuer) + } + case Some(keyPair: Ed25519KeyPair) => { + val jwtIssuer = JwtIssuer( + jwtIssuerDID.did, + EdSigner(keyPair, keyId), + keyPair.publicKey.toJava + ) + ZIO.some(jwtIssuer) + } + case _ => ZIO.none } - .someOrFail(KeyPairNotFoundInWallet(jwtIssuerDID, issuingKeyId, "Secp256k1")) + .someOrFail( + KeyPairNotFoundInWallet(jwtIssuerDID, issuingPublicKey.id, issuingPublicKey.publicKeyData.crv.name) + ) .orDieAsUnmanagedFailure - Secp256k1KeyPair(publicKey, privateKey) = ecKeyPair - jwtIssuer = JwtIssuer( - jwtIssuerDID.did, - ES256KSigner(privateKey.toJavaPrivateKey, keyId), - publicKey.toJavaPublicKey - ) } yield jwtIssuer } private def getEd25519SigningKeyPair( jwtIssuerDID: PrismDID, - verificationRelationship: VerificationRelationship + verificationRelationship: VerificationRelationship, + keyId: Option[KeyId] = None ): URIO[WalletAccessContext, Ed25519KeyPair] = { for { - issuingKeyId <- getKeyId(jwtIssuerDID, verificationRelationship, EllipticCurve.ED25519) + issuingPublicKey <- getKeyId(jwtIssuerDID, verificationRelationship, keyId) ed25519keyPair <- managedDIDService - .findDIDKeyPair(jwtIssuerDID.asCanonical, issuingKeyId) + .findDIDKeyPair(jwtIssuerDID.asCanonical, issuingPublicKey.id) .map(_.collect { case keyPair: Ed25519KeyPair => keyPair }) - .someOrFail(KeyPairNotFoundInWallet(jwtIssuerDID, issuingKeyId, "Ed25519")) + .someOrFail(KeyPairNotFoundInWallet(jwtIssuerDID, issuingPublicKey.id, issuingPublicKey.publicKeyData.crv.name)) .orDieAsUnmanagedFailure } yield ed25519keyPair } @@ -635,7 +657,7 @@ class CredentialServiceImpl( keyId: Option[KeyId] ): URIO[WalletAccessContext, JwtIssuer] = { for { - ed25519keyPair <- getEd25519SigningKeyPair(jwtIssuerDID, verificationRelationship) + ed25519keyPair <- getEd25519SigningKeyPair(jwtIssuerDID, verificationRelationship, keyId) } yield { JwtIssuer( jwtIssuerDID.did, @@ -1163,7 +1185,7 @@ class CredentialServiceImpl( .orElse(ZIO.dieMessage(s"Offer credential data not found in record: ${recordId.value}")) preview = offerCredentialData.body.credential_preview claims <- CredentialService.convertAttributesToJsonClaims(preview.body.attributes).orDieAsUnmanagedFailure - jwtIssuer <- getJwtIssuer(longFormPrismDID, VerificationRelationship.AssertionMethod) + jwtIssuer <- getJwtIssuer(longFormPrismDID, VerificationRelationship.AssertionMethod, record.keyId) jwtPresentation <- validateRequestCredentialDataProof(maybeOfferOptions, requestJwt) .tapError(error => credentialRepository @@ -1243,7 +1265,11 @@ class CredentialServiceImpl( case ZValidation.Success(log, header) => ZIO.succeed(header) case ZValidation.Failure(log, failure) => ZIO.fail(VCJwtHeaderParsingError(s"Extraction of JwtHeader failed ${failure.toChunk.toString}")) - ed25519KeyPair <- getEd25519SigningKeyPair(longFormPrismDID, VerificationRelationship.AssertionMethod) + ed25519KeyPair <- getEd25519SigningKeyPair( + longFormPrismDID, + VerificationRelationship.AssertionMethod, + record.keyId + ) sdJwtPrivateKey = sdjwt.IssuerPrivateKey(ed25519KeyPair.privateKey) jsonWebKey <- didResolver.resolve(jwtPresentation.iss) flatMap { case failed: DIDResolutionFailed => diff --git a/pollux/core/src/test/scala/org/hyperledger/identus/pollux/core/repository/CredentialRepositoryInMemory.scala b/pollux/core/src/test/scala/org/hyperledger/identus/pollux/core/repository/CredentialRepositoryInMemory.scala index d59c0cd30d..60664cdb29 100644 --- a/pollux/core/src/test/scala/org/hyperledger/identus/pollux/core/repository/CredentialRepositoryInMemory.scala +++ b/pollux/core/src/test/scala/org/hyperledger/identus/pollux/core/repository/CredentialRepositoryInMemory.scala @@ -269,6 +269,7 @@ class CredentialRepositoryInMemory( updatedAt = Some(Instant.now), protocolState = protocolState, subjectId = Some(subjectId), + keyId = keyId, metaRetries = maxRetries, metaLastFailure = None, ) diff --git a/pollux/core/src/test/scala/org/hyperledger/identus/pollux/core/service/CredentialServiceImplSpec.scala b/pollux/core/src/test/scala/org/hyperledger/identus/pollux/core/service/CredentialServiceImplSpec.scala index 0e15ad2d55..ab9f7b051b 100644 --- a/pollux/core/src/test/scala/org/hyperledger/identus/pollux/core/service/CredentialServiceImplSpec.scala +++ b/pollux/core/src/test/scala/org/hyperledger/identus/pollux/core/service/CredentialServiceImplSpec.scala @@ -2,6 +2,7 @@ package org.hyperledger.identus.pollux.core.service import io.circe.syntax.* import io.circe.Json +import org.bouncycastle.jce.provider.BouncyCastleProvider import org.hyperledger.identus.agent.walletapi.service.MockManagedDIDService import org.hyperledger.identus.castor.core.model.did.* import org.hyperledger.identus.castor.core.model.did.VerificationRelationship.AssertionMethod @@ -15,6 +16,7 @@ import org.hyperledger.identus.pollux.core.model.error.CredentialServiceError.* import org.hyperledger.identus.pollux.core.model.schema.CredentialDefinition import org.hyperledger.identus.pollux.core.model.IssueCredentialRecord.{ProtocolState, Role} import org.hyperledger.identus.pollux.core.service.uriResolvers.ResourceUrlResolver +import org.hyperledger.identus.pollux.core.service.CredentialServiceImplSpec.test import org.hyperledger.identus.pollux.vc.jwt.{CredentialIssuer, JWT, JwtCredential, JwtCredentialPayload} import org.hyperledger.identus.shared.models.{KeyId, UnmanagedFailureException, WalletAccessContext, WalletId} import zio.* @@ -23,10 +25,11 @@ import zio.test.* import zio.test.Assertion.* import java.nio.charset.StandardCharsets +import java.security.Security import java.util.{Base64, UUID} object CredentialServiceImplSpec extends MockSpecDefault with CredentialServiceSpecHelper { - + Security.addProvider(new BouncyCastleProvider()); override def spec = suite("CredentialServiceImpl")( singleWalletJWTCredentialSpec, singleWalletAnonCredsCredentialSpec, @@ -446,7 +449,7 @@ object CredentialServiceImplSpec extends MockSpecDefault with CredentialServiceS offer = offerCredential() subjectId = "did:prism:60821d6833158c93fde5bb6a40d69996a683bf1fa5cdf32c458395b2887597c3" offerReceivedRecord <- holderSvc.receiveCredentialOffer(offer) - _ <- holderSvc.acceptCredentialOffer(offerReceivedRecord.id, Some(subjectId), Some(KeyId("my-key-id"))) + _ <- holderSvc.acceptCredentialOffer(offerReceivedRecord.id, Some(subjectId), Some(KeyId("key-0"))) _ <- holderSvc.generateJWTCredentialRequest(offerReceivedRecord.id) _ <- holderSvc.markRequestSent(offerReceivedRecord.id) issue = issueCredential(thid = Some(offerReceivedRecord.thid)) @@ -462,7 +465,7 @@ object CredentialServiceImplSpec extends MockSpecDefault with CredentialServiceS offer = offerCredential() subjectId = "did:prism:60821d6833158c93fde5bb6a40d69996a683bf1fa5cdf32c458395b2887597c3" offerReceivedRecord <- holderSvc.receiveCredentialOffer(offer) - _ <- holderSvc.acceptCredentialOffer(offerReceivedRecord.id, Some(subjectId), Some(KeyId("my-key-id"))) + _ <- holderSvc.acceptCredentialOffer(offerReceivedRecord.id, Some(subjectId), Some(KeyId("key-0"))) _ <- holderSvc.generateJWTCredentialRequest(offerReceivedRecord.id) _ <- holderSvc.markRequestSent(offerReceivedRecord.id) issue = issueCredential(thid = Some(offerReceivedRecord.thid)) @@ -481,7 +484,7 @@ object CredentialServiceImplSpec extends MockSpecDefault with CredentialServiceS offer = offerCredential() subjectId = "did:prism:60821d6833158c93fde5bb6a40d69996a683bf1fa5cdf32c458395b2887597c3" offerReceivedRecord <- holderSvc.receiveCredentialOffer(offer) - _ <- holderSvc.acceptCredentialOffer(offerReceivedRecord.id, Some(subjectId), Some(KeyId("my-key-id"))) + _ <- holderSvc.acceptCredentialOffer(offerReceivedRecord.id, Some(subjectId), Some(KeyId("key-0"))) _ <- holderSvc.generateJWTCredentialRequest(offerReceivedRecord.id) _ <- holderSvc.markRequestSent(offerReceivedRecord.id) issue = issueCredential(thid = Some(DidCommID())) @@ -498,7 +501,62 @@ object CredentialServiceImplSpec extends MockSpecDefault with CredentialServiceS issuerSvc <- ZIO.service[CredentialService].provideSomeLayer(credentialServiceLayer) holderSvc <- ZIO.service[CredentialService].provideSomeLayer(credentialServiceLayer) // Issuer creates offer - offerCreatedRecord <- issuerSvc.createJWTIssueCredentialRecord() + offerCreatedRecord <- issuerSvc.createJWTIssueCredentialRecord(kidIssuer = Some(KeyId("key-0"))) + issuerRecordId = offerCreatedRecord.id + // Issuer sends offer + _ <- issuerSvc.markOfferSent(issuerRecordId) + msg <- ZIO.fromEither(offerCreatedRecord.offerCredentialData.get.makeMessage.asJson.as[Message]) + // Holder receives offer + offerCredential <- ZIO.fromEither(OfferCredential.readFromMessage(msg)) + offerReceivedRecord <- holderSvc.receiveCredentialOffer(offerCredential) + holderRecordId = offerReceivedRecord.id + subjectId = "did:prism:60821d6833158c93fde5bb6a40d69996a683bf1fa5cdf32c458395b2887597c3" + // Holder accepts offer + _ <- holderSvc.acceptCredentialOffer(holderRecordId, Some(subjectId), Some(KeyId("key-0"))) + // Holder generates proof + requestGeneratedRecord <- holderSvc.generateJWTCredentialRequest(offerReceivedRecord.id) + // Holder sends offer + _ <- holderSvc.markRequestSent(holderRecordId) + msg <- ZIO.fromEither(requestGeneratedRecord.requestCredentialData.get.makeMessage.asJson.as[Message]) + // Issuer receives request + requestCredential <- ZIO.fromEither(RequestCredential.readFromMessage(msg)) + requestReceivedRecord <- issuerSvc.receiveCredentialRequest(requestCredential) + // Issuer accepts request + requestAcceptedRecord <- issuerSvc.acceptCredentialRequest(issuerRecordId) + // Issuer generates credential + credentialGenerateRecord <- issuerSvc.generateJWTCredential( + issuerRecordId, + "status-list-registry" + ) + decodedJWT <- credentialGenerateRecord.issueCredentialData.get.attachments.head.data match { + case MyBase64(value) => + val ba = new String(Base64.getUrlDecoder.decode(value)) + JwtCredential.decodeJwt(JWT(ba)) + case _ => ZIO.fail("Error") + } + // Issuer sends credential + _ <- issuerSvc.markCredentialSent(issuerRecordId) + msg <- ZIO.fromEither(credentialGenerateRecord.issueCredentialData.get.makeMessage.asJson.as[Message]) + // Holder receives credential + issueCredential <- ZIO.fromEither(IssueCredential.readFromMessage(msg)) + _ <- holderSvc.receiveCredentialIssue(issueCredential) + } yield assertTrue( + decodedJWT.issuer == + CredentialIssuer( + id = decodedJWT.iss, + `type` = "Profile" + ) + ) + }.provideSomeLayer( + (holderDidServiceExpectations ++ issuerDidServiceExpectations).toLayer + ++ (holderManagedDIDServiceExpectations ++ issuerManagedDIDServiceExpectations).toLayer + ), + test("Happy flow is successfully executed with ED25519") { + for { + issuerSvc <- ZIO.service[CredentialService].provideSomeLayer(credentialServiceLayer) + holderSvc <- ZIO.service[CredentialService].provideSomeLayer(credentialServiceLayer) + // Issuer creates offer + offerCreatedRecord <- issuerSvc.createJWTIssueCredentialRecord(kidIssuer = Some(KeyId("key-1"))) issuerRecordId = offerCreatedRecord.id // Issuer sends offer _ <- issuerSvc.markOfferSent(issuerRecordId) @@ -509,7 +567,7 @@ object CredentialServiceImplSpec extends MockSpecDefault with CredentialServiceS holderRecordId = offerReceivedRecord.id subjectId = "did:prism:60821d6833158c93fde5bb6a40d69996a683bf1fa5cdf32c458395b2887597c3" // Holder accepts offer - _ <- holderSvc.acceptCredentialOffer(holderRecordId, Some(subjectId), Some(KeyId("my-key-id"))) + _ <- holderSvc.acceptCredentialOffer(holderRecordId, Some(subjectId), Some(KeyId("key-1"))) // Holder generates proof requestGeneratedRecord <- holderSvc.generateJWTCredentialRequest(offerReceivedRecord.id) // Holder sends offer diff --git a/pollux/core/src/test/scala/org/hyperledger/identus/pollux/core/service/CredentialServiceSpecHelper.scala b/pollux/core/src/test/scala/org/hyperledger/identus/pollux/core/service/CredentialServiceSpecHelper.scala index 8ae2fd6602..c8c608959f 100644 --- a/pollux/core/src/test/scala/org/hyperledger/identus/pollux/core/service/CredentialServiceSpecHelper.scala +++ b/pollux/core/src/test/scala/org/hyperledger/identus/pollux/core/service/CredentialServiceSpecHelper.scala @@ -18,7 +18,7 @@ import org.hyperledger.identus.pollux.prex.{ClaimFormat, Ldp, PresentationDefini import org.hyperledger.identus.pollux.vc.jwt.* import org.hyperledger.identus.shared.http.UriResolver import org.hyperledger.identus.shared.messaging.{MessagingService, MessagingServiceConfig, WalletIdAndRecordId} -import org.hyperledger.identus.shared.models.{WalletAccessContext, WalletId} +import org.hyperledger.identus.shared.models.{KeyId, WalletAccessContext, WalletId} import zio.* import java.util.UUID @@ -123,7 +123,8 @@ trait CredentialServiceSpecHelper { |""".stripMargin) .getOrElse(Json.Null), validityPeriod: Option[Double] = None, - automaticIssuance: Option[Boolean] = None + automaticIssuance: Option[Boolean] = None, + kidIssuer: Option[KeyId] = None ) = for { issuingDID <- ZIO.fromEither( PrismDID.buildCanonicalFromSuffix("5c2576867a5544e5ad05cdc94f02c664b99ff65c28e8b62aada767244c2199fe") @@ -131,7 +132,7 @@ trait CredentialServiceSpecHelper { record <- svc.createJWTIssueCredentialRecord( pairwiseIssuerDID = pairwiseIssuerDID, pairwiseHolderDID = pairwiseHolderDID, - kidIssuer = None, + kidIssuer = kidIssuer, thid = thid, maybeSchemaIds = maybeSchemaIds, claims = claims, diff --git a/tests/integration-tests/src/test/kotlin/common/DidPurpose.kt b/tests/integration-tests/src/test/kotlin/common/DidPurpose.kt index 7dcc6ec6e3..c4c30ca83c 100644 --- a/tests/integration-tests/src/test/kotlin/common/DidPurpose.kt +++ b/tests/integration-tests/src/test/kotlin/common/DidPurpose.kt @@ -15,6 +15,15 @@ enum class DidPurpose { override val services = mutableListOf() }, JWT { + override val publicKeys = mutableListOf( + ManagedDIDKeyTemplate("auth-1", Purpose.AUTHENTICATION, Curve.SECP256K1), + ManagedDIDKeyTemplate("auth-2", Purpose.AUTHENTICATION, Curve.ED25519), + ManagedDIDKeyTemplate("assertion-1", Purpose.ASSERTION_METHOD, Curve.SECP256K1), + ManagedDIDKeyTemplate("assertion-2", Purpose.ASSERTION_METHOD, Curve.ED25519), + ) + override val services = mutableListOf() + }, + OIDC_JWT { override val publicKeys = mutableListOf( ManagedDIDKeyTemplate("auth-1", Purpose.AUTHENTICATION, Curve.SECP256K1), ManagedDIDKeyTemplate("auth-2", Purpose.AUTHENTICATION, Curve.ED25519), diff --git a/tests/integration-tests/src/test/kotlin/steps/connectionless/ConnectionLessSteps.kt b/tests/integration-tests/src/test/kotlin/steps/connectionless/ConnectionLessSteps.kt index 24f2e281ac..ec7a49a0df 100644 --- a/tests/integration-tests/src/test/kotlin/steps/connectionless/ConnectionLessSteps.kt +++ b/tests/integration-tests/src/test/kotlin/steps/connectionless/ConnectionLessSteps.kt @@ -29,6 +29,7 @@ class ConnectionLessSteps { val credentialOfferRequest = CreateIssueCredentialRecordRequest( claims = claims, issuingDID = did, + issuingKid = "assertion-1", validityPeriod = 3600.0, credentialFormat = credentialFormat, automaticIssuance = false, diff --git a/tests/integration-tests/src/test/kotlin/steps/credentials/JwtCredentialSteps.kt b/tests/integration-tests/src/test/kotlin/steps/credentials/JwtCredentialSteps.kt index a25abc6ade..5ca7c1d96b 100644 --- a/tests/integration-tests/src/test/kotlin/steps/credentials/JwtCredentialSteps.kt +++ b/tests/integration-tests/src/test/kotlin/steps/credentials/JwtCredentialSteps.kt @@ -20,6 +20,7 @@ class JwtCredentialSteps { didForm: String, schemaGuid: String?, claims: Map, + issuingKid: String?, ) { val did: String = if (didForm == "short") { issuer.recall("shortFormDid") @@ -38,6 +39,7 @@ class JwtCredentialSteps { schemaId = schemaId?.let { listOf(it) }, claims = claims, issuingDID = did, + issuingKid = issuingKid, connectionId = issuer.recall("connection-with-${holder.name}").connectionId, validityPeriod = 3600.0, credentialFormat = "JWT", @@ -66,7 +68,17 @@ class JwtCredentialSteps { "firstName" to "FirstName", "lastName" to "LastName", ) - sendCredentialOffer(issuer, holder, format, null, claims) + sendCredentialOffer(issuer, holder, format, null, claims, "assertion-1") + saveCredentialOffer(issuer, holder) + } + + @When("{actor} offers a jwt credential to {actor} with {string} form DID using issuingKid {string}") + fun issuerOffersAJwtCredentialWithIssuingKeyId(issuer: Actor, holder: Actor, format: String, issuingKid: String?) { + val claims = linkedMapOf( + "firstName" to "FirstName", + "lastName" to "LastName", + ) + sendCredentialOffer(issuer, holder, format, null, claims, issuingKid) saveCredentialOffer(issuer, holder) } @@ -79,7 +91,7 @@ class JwtCredentialSteps { ) { val schemaGuid = issuer.recall(schema.name) val claims = schema.claims - sendCredentialOffer(issuer, holder, format, schemaGuid, claims) + sendCredentialOffer(issuer, holder, format, schemaGuid, claims, "assertion-1") saveCredentialOffer(issuer, holder) } @@ -95,7 +107,7 @@ class JwtCredentialSteps { "name" to "Name", "surname" to "Surname", ) - sendCredentialOffer(issuer, holder, format, schemaGuid, claims) + sendCredentialOffer(issuer, holder, format, schemaGuid, claims, "assertion-1") } @When("{actor} accepts jwt credential offer") @@ -103,7 +115,17 @@ class JwtCredentialSteps { val recordId = holder.recall("recordId") holder.attemptsTo( Post.to("/issue-credentials/records/$recordId/accept-offer") - .body(AcceptCredentialOfferRequest(holder.recall("longFormDid"))), + .body(AcceptCredentialOfferRequest(holder.recall("longFormDid"), holder.recall("kidSecp256K1"))), + Ensure.thatTheLastResponse().statusCode().isEqualTo(SC_OK), + ) + } + + @When("{actor} accepts jwt credential offer with keyId {string}") + fun holderAcceptsJwtCredentialOfferForJwtWithKeyId(holder: Actor, keyId: String?) { + val recordId = holder.recall("recordId") + holder.attemptsTo( + Post.to("/issue-credentials/records/$recordId/accept-offer") + .body(AcceptCredentialOfferRequest(holder.recall("longFormDid"), keyId)), Ensure.thatTheLastResponse().statusCode().isEqualTo(SC_OK), ) } diff --git a/tests/integration-tests/src/test/kotlin/steps/did/PublishDidSteps.kt b/tests/integration-tests/src/test/kotlin/steps/did/PublishDidSteps.kt index d7c3addafb..8bff650f21 100644 --- a/tests/integration-tests/src/test/kotlin/steps/did/PublishDidSteps.kt +++ b/tests/integration-tests/src/test/kotlin/steps/did/PublishDidSteps.kt @@ -70,6 +70,8 @@ class PublishDidSteps { val did = SerenityRest.lastResponse().get() actor.remember("longFormDid", managedDid.longFormDid) + actor.remember("kidSecp256K1", "auth-1") + actor.remember("kidEd25519", "auth-2") actor.remember("shortFormDid", did.did) actor.remember("didPurpose", didPurpose) actor.forget("hasPublishedDid") diff --git a/tests/integration-tests/src/test/resources/features/credential/jwt/issuance.feature b/tests/integration-tests/src/test/resources/features/credential/jwt/issuance.feature index 79b541c1f6..6258cf5fdb 100644 --- a/tests/integration-tests/src/test/resources/features/credential/jwt/issuance.feature +++ b/tests/integration-tests/src/test/resources/features/credential/jwt/issuance.feature @@ -12,6 +12,16 @@ Feature: Issue JWT credential And Issuer issues the credential Then Holder receives the issued credential + Scenario: Issuing jwt credential with published PRISM DID using Ed25519 + Given Issuer and Holder have an existing connection + And Issuer has a published DID for JWT + And Holder has an unpublished DID for JWT + When Issuer offers a jwt credential to Holder with "short" form DID using issuingKid "assertion-2" + And Holder receives the credential offer + And Holder accepts jwt credential offer with keyId "auth-2" + And Issuer issues the credential + Then Holder receives the issued credential + Scenario: Issuing jwt credential with a schema Given Issuer and Holder have an existing connection And Issuer has a published DID for JWT diff --git a/tests/integration-tests/src/test/resources/features/oid4vci/issue_jwt.feature b/tests/integration-tests/src/test/resources/features/oid4vci/issue_jwt.feature index 53d010c2c5..00c7bf2f45 100644 --- a/tests/integration-tests/src/test/resources/features/oid4vci/issue_jwt.feature +++ b/tests/integration-tests/src/test/resources/features/oid4vci/issue_jwt.feature @@ -2,7 +2,7 @@ Feature: Issue JWT Credentials using OID4VCI authorization code flow Background: - Given Issuer has a published DID for JWT + Given Issuer has a published DID for OIDC_JWT And Issuer has published STUDENT_SCHEMA schema And Issuer has an existing oid4vci issuer And Issuer has "StudentProfile" credential configuration created from STUDENT_SCHEMA diff --git a/tests/integration-tests/src/test/resources/features/oid4vci/manage_credential_config.feature b/tests/integration-tests/src/test/resources/features/oid4vci/manage_credential_config.feature index cacdeb6cdb..669fe6977e 100644 --- a/tests/integration-tests/src/test/resources/features/oid4vci/manage_credential_config.feature +++ b/tests/integration-tests/src/test/resources/features/oid4vci/manage_credential_config.feature @@ -2,7 +2,7 @@ Feature: Manage OID4VCI credential configuration Background: - Given Issuer has a published DID for JWT + Given Issuer has a published DID for OIDC_JWT And Issuer has published STUDENT_SCHEMA schema And Issuer has an existing oid4vci issuer From 3de7eb3c53e8d5cb1f1c1033bef65601b89f09a4 Mon Sep 17 00:00:00 2001 From: Fabio Pinheiro Date: Thu, 31 Oct 2024 12:18:25 +0000 Subject: [PATCH 10/17] build: add permissions for the dependency-submission (#1416) Signed-off-by: FabioPinheiro --- .github/workflows/sbt-dependency-submission.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/sbt-dependency-submission.yml b/.github/workflows/sbt-dependency-submission.yml index 7a0035e185..fb0c72ca5f 100644 --- a/.github/workflows/sbt-dependency-submission.yml +++ b/.github/workflows/sbt-dependency-submission.yml @@ -7,6 +7,11 @@ on: schedule: - cron: "0 20 * * *" workflow_dispatch: + +# Permission can be added at job level or workflow level +permissions: + contents: write # This is required to upload for the dependency-submission + jobs: dependency-graph: name: Update Dependency Graph From 9574ab6b49539e304b7645b9305ce0abea0ba312 Mon Sep 17 00:00:00 2001 From: bvoiturier Date: Mon, 4 Nov 2024 17:03:28 +0100 Subject: [PATCH 11/17] chore: rely on Tapir's default value for OpenAPI spec version (#1431) Signed-off-by: Benjamin Voiturier --- .../org/hyperledger/identus/agent/server/http/DocModels.scala | 1 - 1 file changed, 1 deletion(-) diff --git a/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/agent/server/http/DocModels.scala b/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/agent/server/http/DocModels.scala index e13321a552..96cae26a88 100644 --- a/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/agent/server/http/DocModels.scala +++ b/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/agent/server/http/DocModels.scala @@ -55,7 +55,6 @@ object DocModels { val customiseDocsModel: OpenAPI => OpenAPI = { oapi => oapi - .openapi("3.0.3") .info( Info( title = "Identus Cloud Agent API Reference", From 1c7c38e5e7e385e90ca05323f1177519e4b5aabb Mon Sep 17 00:00:00 2001 From: bvoiturier Date: Tue, 5 Nov 2024 08:23:07 +0100 Subject: [PATCH 12/17] chore: fix generated OAS version to 3.0.3 as TS generator fails with 3.1.0 (#1432) Signed-off-by: Benjamin Voiturier --- .../org/hyperledger/identus/api/util/Tapir2StaticOAS.scala | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/api/util/Tapir2StaticOAS.scala b/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/api/util/Tapir2StaticOAS.scala index 2ef8229f7b..9a8feb0a9c 100644 --- a/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/api/util/Tapir2StaticOAS.scala +++ b/cloud-agent/service/server/src/test/scala/org/hyperledger/identus/api/util/Tapir2StaticOAS.scala @@ -41,7 +41,7 @@ object Tapir2StaticOAS extends ZIOAppDefault { } yield { import sttp.apispec.openapi.circe.yaml.* val model = DocModels.customiseDocsModel(OpenAPIDocsInterpreter().toOpenAPI(allEndpoints.map(_.endpoint), "", "")) - val yaml = model.info(model.info.copy(version = args(1))).toYaml + val yaml = model.info(model.info.copy(version = args(1))).toYaml3_0_3 val path = Path.of(args.head) Using(Files.newBufferedWriter(path, StandardCharsets.UTF_8)) { writer => writer.write(yaml) } } From 94e7ec07b2724bfe6671cebe1ea461c19ea5673f Mon Sep 17 00:00:00 2001 From: Hyperledger Bot Date: Tue, 5 Nov 2024 11:32:24 +0000 Subject: [PATCH 13/17] chore(release): cut the Identus Cloud agent 1.40.0 release MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit # [1.40.0](https://github.com/hyperledger/identus-cloud-agent/compare/cloud-agent-v1.39.0...cloud-agent-v1.40.0) (2024-11-05) ### Bug Fixes * Add key_id missing field ([#1403](https://github.com/hyperledger/identus-cloud-agent/issues/1403)) ([cbd1a03](https://github.com/hyperledger/identus-cloud-agent/commit/cbd1a03a8aa91c5a5487c54046e4d9305f9d9241)) * adjust Kotlin and TypeScript HTTP client to use the `schemaId` f… ([#1388](https://github.com/hyperledger/identus-cloud-agent/issues/1388)) ([c2da492](https://github.com/hyperledger/identus-cloud-agent/commit/c2da492131e5c545b0fefb101246c48684bc9433)) * cannot reuse the same credential-offer in oid4vci ([#1361](https://github.com/hyperledger/identus-cloud-agent/issues/1361)) ([6a0a3ea](https://github.com/hyperledger/identus-cloud-agent/commit/6a0a3ea3deef712479420ac23ef58aaafa7df78a)) * handle unsupported PIURI found in DIDComm messages accordingly ([#1399](https://github.com/hyperledger/identus-cloud-agent/issues/1399)) ([9b64793](https://github.com/hyperledger/identus-cloud-agent/commit/9b64793ee7939860973108a8b30bc0b48a840518)) * key id for jwt and sdjwt ([#1420](https://github.com/hyperledger/identus-cloud-agent/issues/1420)) ([5830a7e](https://github.com/hyperledger/identus-cloud-agent/commit/5830a7e17a72abae98faa81594421aa577eaeb24)) * oas to use any schema for json ast node ([#1372](https://github.com/hyperledger/identus-cloud-agent/issues/1372)) ([95d328e](https://github.com/hyperledger/identus-cloud-agent/commit/95d328e3420d4731817a1f91c720e2833e9de362)) * oid4vci endpoints error statuses and negative input validation ([#1384](https://github.com/hyperledger/identus-cloud-agent/issues/1384)) ([65cc9a7](https://github.com/hyperledger/identus-cloud-agent/commit/65cc9a712af722f5cb3dd36e78b088c20723097b)) * Preserve Presentation Format ([#1363](https://github.com/hyperledger/identus-cloud-agent/issues/1363)) ([c18385c](https://github.com/hyperledger/identus-cloud-agent/commit/c18385c8fdbbb0e5dbde9a03e21f4600bf5e6890)) * return 404 when create credConfig on non-existing issuer ([#1379](https://github.com/hyperledger/identus-cloud-agent/issues/1379)) ([e532ba6](https://github.com/hyperledger/identus-cloud-agent/commit/e532ba604c4e8e820345226d842d3b27813f5e66)) ### Features * Add KID to the credential-offers API - ATL-7704 ([#1320](https://github.com/hyperledger/identus-cloud-agent/issues/1320)) ([56200cf](https://github.com/hyperledger/identus-cloud-agent/commit/56200cfae6f62b823a74e67eb060face2ee3ecbc)) * add presentation-exchange endpoints ([#1365](https://github.com/hyperledger/identus-cloud-agent/issues/1365)) ([49f7ab3](https://github.com/hyperledger/identus-cloud-agent/commit/49f7ab3d0473d820c37dc7f4f944cf1c2cae2a25)) * ATL-6983 ZIO Stream Kafka PoC in background jobs ([#1339](https://github.com/hyperledger/identus-cloud-agent/issues/1339)) ([19ab426](https://github.com/hyperledger/identus-cloud-agent/commit/19ab426a191eec575ffebe6a2417f3fce538969c)) * Default Backend API to Array Of Credential Schema ([#1366](https://github.com/hyperledger/identus-cloud-agent/issues/1366)) ([693dcc4](https://github.com/hyperledger/identus-cloud-agent/commit/693dcc45274044ac9bebffe2a8dbe0b85b45b452)) * Default Object As Issuer ([#1349](https://github.com/hyperledger/identus-cloud-agent/issues/1349)) ([d29eebb](https://github.com/hyperledger/identus-cloud-agent/commit/d29eebbef29773103814528c382a3000c4f3b29b)) * Implement prism anoncreds method for schemas and credential definitions ([#1385](https://github.com/hyperledger/identus-cloud-agent/issues/1385)) ([fbee055](https://github.com/hyperledger/identus-cloud-agent/commit/fbee0554bf424acf8007c9b7088cdb0654f0d6b2)) * Issuer Replace Either By Union Type ([#1374](https://github.com/hyperledger/identus-cloud-agent/issues/1374)) ([8fc2fe3](https://github.com/hyperledger/identus-cloud-agent/commit/8fc2fe3dbed8856d21c18b7fedf89454661b34d6)) * presentation_submission validation logic ([#1332](https://github.com/hyperledger/identus-cloud-agent/issues/1332)) ([f80b3c3](https://github.com/hyperledger/identus-cloud-agent/commit/f80b3c34588437b131ce872fd86f93e75dcd035f)) * Support Array Of Credential Schema ([#1351](https://github.com/hyperledger/identus-cloud-agent/issues/1351)) ([948e314](https://github.com/hyperledger/identus-cloud-agent/commit/948e3149466b327686273825ce7858adaf8d7555)) * Test JWT OBJECT as Issuer ([#1343](https://github.com/hyperledger/identus-cloud-agent/issues/1343)) ([7208d95](https://github.com/hyperledger/identus-cloud-agent/commit/7208d955b56375b0c79c20a0237df9890ecd3580)) * VC support for Array of credential Status ([#1383](https://github.com/hyperledger/identus-cloud-agent/issues/1383)) ([ad946cf](https://github.com/hyperledger/identus-cloud-agent/commit/ad946cf3f635b882d772a00b0202b957a1cb82cb)) * VCVerification API support ARRAY or OBJECT as Credential Sc… ([#1355](https://github.com/hyperledger/identus-cloud-agent/issues/1355)) ([91cb4e7](https://github.com/hyperledger/identus-cloud-agent/commit/91cb4e7f4371a651617265279a27fefe9551887c)) [skip ci] Signed-off-by: Hyperledger Bot --- CHANGELOG.md | 31 + DEPENDENCIES.md | 202 +- .../api/http/cloud-agent-openapi-spec.yaml | 2410 ++++++++++++----- infrastructure/local/.env | 2 +- package-lock.json | 4 +- package.json | 2 +- version.sbt | 2 +- 7 files changed, 1905 insertions(+), 748 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 54be3da347..95991c782b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,34 @@ +# [1.40.0](https://github.com/hyperledger/identus-cloud-agent/compare/cloud-agent-v1.39.0...cloud-agent-v1.40.0) (2024-11-05) + + +### Bug Fixes + +* Add key_id missing field ([#1403](https://github.com/hyperledger/identus-cloud-agent/issues/1403)) ([cbd1a03](https://github.com/hyperledger/identus-cloud-agent/commit/cbd1a03a8aa91c5a5487c54046e4d9305f9d9241)) +* adjust Kotlin and TypeScript HTTP client to use the `schemaId` f… ([#1388](https://github.com/hyperledger/identus-cloud-agent/issues/1388)) ([c2da492](https://github.com/hyperledger/identus-cloud-agent/commit/c2da492131e5c545b0fefb101246c48684bc9433)) +* cannot reuse the same credential-offer in oid4vci ([#1361](https://github.com/hyperledger/identus-cloud-agent/issues/1361)) ([6a0a3ea](https://github.com/hyperledger/identus-cloud-agent/commit/6a0a3ea3deef712479420ac23ef58aaafa7df78a)) +* handle unsupported PIURI found in DIDComm messages accordingly ([#1399](https://github.com/hyperledger/identus-cloud-agent/issues/1399)) ([9b64793](https://github.com/hyperledger/identus-cloud-agent/commit/9b64793ee7939860973108a8b30bc0b48a840518)) +* key id for jwt and sdjwt ([#1420](https://github.com/hyperledger/identus-cloud-agent/issues/1420)) ([5830a7e](https://github.com/hyperledger/identus-cloud-agent/commit/5830a7e17a72abae98faa81594421aa577eaeb24)) +* oas to use any schema for json ast node ([#1372](https://github.com/hyperledger/identus-cloud-agent/issues/1372)) ([95d328e](https://github.com/hyperledger/identus-cloud-agent/commit/95d328e3420d4731817a1f91c720e2833e9de362)) +* oid4vci endpoints error statuses and negative input validation ([#1384](https://github.com/hyperledger/identus-cloud-agent/issues/1384)) ([65cc9a7](https://github.com/hyperledger/identus-cloud-agent/commit/65cc9a712af722f5cb3dd36e78b088c20723097b)) +* Preserve Presentation Format ([#1363](https://github.com/hyperledger/identus-cloud-agent/issues/1363)) ([c18385c](https://github.com/hyperledger/identus-cloud-agent/commit/c18385c8fdbbb0e5dbde9a03e21f4600bf5e6890)) +* return 404 when create credConfig on non-existing issuer ([#1379](https://github.com/hyperledger/identus-cloud-agent/issues/1379)) ([e532ba6](https://github.com/hyperledger/identus-cloud-agent/commit/e532ba604c4e8e820345226d842d3b27813f5e66)) + + +### Features + +* Add KID to the credential-offers API - ATL-7704 ([#1320](https://github.com/hyperledger/identus-cloud-agent/issues/1320)) ([56200cf](https://github.com/hyperledger/identus-cloud-agent/commit/56200cfae6f62b823a74e67eb060face2ee3ecbc)) +* add presentation-exchange endpoints ([#1365](https://github.com/hyperledger/identus-cloud-agent/issues/1365)) ([49f7ab3](https://github.com/hyperledger/identus-cloud-agent/commit/49f7ab3d0473d820c37dc7f4f944cf1c2cae2a25)) +* ATL-6983 ZIO Stream Kafka PoC in background jobs ([#1339](https://github.com/hyperledger/identus-cloud-agent/issues/1339)) ([19ab426](https://github.com/hyperledger/identus-cloud-agent/commit/19ab426a191eec575ffebe6a2417f3fce538969c)) +* Default Backend API to Array Of Credential Schema ([#1366](https://github.com/hyperledger/identus-cloud-agent/issues/1366)) ([693dcc4](https://github.com/hyperledger/identus-cloud-agent/commit/693dcc45274044ac9bebffe2a8dbe0b85b45b452)) +* Default Object As Issuer ([#1349](https://github.com/hyperledger/identus-cloud-agent/issues/1349)) ([d29eebb](https://github.com/hyperledger/identus-cloud-agent/commit/d29eebbef29773103814528c382a3000c4f3b29b)) +* Implement prism anoncreds method for schemas and credential definitions ([#1385](https://github.com/hyperledger/identus-cloud-agent/issues/1385)) ([fbee055](https://github.com/hyperledger/identus-cloud-agent/commit/fbee0554bf424acf8007c9b7088cdb0654f0d6b2)) +* Issuer Replace Either By Union Type ([#1374](https://github.com/hyperledger/identus-cloud-agent/issues/1374)) ([8fc2fe3](https://github.com/hyperledger/identus-cloud-agent/commit/8fc2fe3dbed8856d21c18b7fedf89454661b34d6)) +* presentation_submission validation logic ([#1332](https://github.com/hyperledger/identus-cloud-agent/issues/1332)) ([f80b3c3](https://github.com/hyperledger/identus-cloud-agent/commit/f80b3c34588437b131ce872fd86f93e75dcd035f)) +* Support Array Of Credential Schema ([#1351](https://github.com/hyperledger/identus-cloud-agent/issues/1351)) ([948e314](https://github.com/hyperledger/identus-cloud-agent/commit/948e3149466b327686273825ce7858adaf8d7555)) +* Test JWT OBJECT as Issuer ([#1343](https://github.com/hyperledger/identus-cloud-agent/issues/1343)) ([7208d95](https://github.com/hyperledger/identus-cloud-agent/commit/7208d955b56375b0c79c20a0237df9890ecd3580)) +* VC support for Array of credential Status ([#1383](https://github.com/hyperledger/identus-cloud-agent/issues/1383)) ([ad946cf](https://github.com/hyperledger/identus-cloud-agent/commit/ad946cf3f635b882d772a00b0202b957a1cb82cb)) +* VCVerification API support ARRAY or OBJECT as Credential Sc… ([#1355](https://github.com/hyperledger/identus-cloud-agent/issues/1355)) ([91cb4e7](https://github.com/hyperledger/identus-cloud-agent/commit/91cb4e7f4371a651617265279a27fefe9551887c)) + # [1.39.0](https://github.com/hyperledger/identus-cloud-agent/compare/cloud-agent-v1.38.0...cloud-agent-v1.39.0) (2024-09-11) diff --git a/DEPENDENCIES.md b/DEPENDENCIES.md index 53eaa20778..e4a77d4083 100644 --- a/DEPENDENCIES.md +++ b/DEPENDENCIES.md @@ -9,44 +9,43 @@ Apache | [Apache 2](http://www.apache.org/licenses/LICENSE-2.0) | [io.lemonlabs Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.google.android # annotations # 4.1.1.4](http://source.android.com/) | Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0.txt) | com.google.errorprone # error_prone_annotations # 2.23.0 | Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.magnolia1_3 # magnolia_3 # 1.3.7](http://softwaremill.com/open-source) | -Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.quicklens # quicklens_3 # 1.9.6](http://softwaremill.com/open-source) | -Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.apispec # apispec-model_3 # 0.6.0](http://softwaremill.com/open-source) | -Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.apispec # asyncapi-model_3 # 0.6.0](http://softwaremill.com/open-source) | -Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.apispec # jsonschema-circe_3 # 0.6.0](http://softwaremill.com/open-source) | -Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.apispec # openapi-circe-yaml_3 # 0.6.0](http://softwaremill.com/open-source) | -Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.apispec # openapi-circe_3 # 0.6.0](http://softwaremill.com/open-source) | -Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.apispec # openapi-model_3 # 0.6.0](http://softwaremill.com/open-source) | -Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.client3 # core_3 # 3.8.16](http://softwaremill.com/open-source) | +Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.quicklens # quicklens_3 # 1.9.9](http://softwaremill.com/open-source) | +Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.apispec # apispec-model_3 # 0.11.3](http://softwaremill.com/open-source) | +Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.apispec # asyncapi-model_3 # 0.11.3](http://softwaremill.com/open-source) | +Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.apispec # jsonschema-circe_3 # 0.11.3](http://softwaremill.com/open-source) | +Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.apispec # openapi-circe-yaml_3 # 0.11.3](http://softwaremill.com/open-source) | +Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.apispec # openapi-circe_3 # 0.11.3](http://softwaremill.com/open-source) | +Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.apispec # openapi-model_3 # 0.11.3](http://softwaremill.com/open-source) | +Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.client3 # core_3 # 3.10.0](http://softwaremill.com/open-source) | Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.client3 # json-common_3 # 3.8.16](http://softwaremill.com/open-source) | Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.client3 # zio-json_3 # 3.8.16](http://softwaremill.com/open-source) | -Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.model # core_3 # 1.7.1](http://softwaremill.com/open-source) | -Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.shared # core_3 # 1.3.15](http://softwaremill.com/open-source) | -Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.shared # fs2_3 # 1.3.15](http://softwaremill.com/open-source) | -Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.shared # ws_3 # 1.3.15](http://softwaremill.com/open-source) | -Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.shared # zio_3 # 1.3.15](http://softwaremill.com/open-source) | -Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.tapir # tapir-apispec-docs_3 # 1.6.4](http://softwaremill.com/open-source) | -Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.tapir # tapir-cats-effect_3 # 1.6.4](http://softwaremill.com/open-source) | -Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.tapir # tapir-cats_3 # 1.6.4](http://softwaremill.com/open-source) | -Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.tapir # tapir-client_3 # 1.6.4](http://softwaremill.com/open-source) | -Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.tapir # tapir-core_3 # 1.6.4](http://softwaremill.com/open-source) | -Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.tapir # tapir-files_3 # 1.6.4](http://softwaremill.com/open-source) | -Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.tapir # tapir-http4s-server-zio_3 # 1.6.4](http://softwaremill.com/open-source) | -Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.tapir # tapir-http4s-server_3 # 1.6.4](http://softwaremill.com/open-source) | -Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.tapir # tapir-json-zio_3 # 1.6.4](http://softwaremill.com/open-source) | -Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.tapir # tapir-openapi-docs_3 # 1.6.4](http://softwaremill.com/open-source) | -Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.tapir # tapir-prometheus-metrics_3 # 1.6.4](http://softwaremill.com/open-source) | -Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.tapir # tapir-redoc-bundle_3 # 1.6.4](http://softwaremill.com/open-source) | -Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.tapir # tapir-redoc_3 # 1.6.4](http://softwaremill.com/open-source) | -Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.tapir # tapir-server_3 # 1.6.4](http://softwaremill.com/open-source) | -Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.tapir # tapir-sttp-client_3 # 1.6.4](http://softwaremill.com/open-source) | -Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.tapir # tapir-sttp-stub-server_3 # 1.6.4](http://softwaremill.com/open-source) | -Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.tapir # tapir-swagger-ui-bundle_3 # 1.6.4](http://softwaremill.com/open-source) | -Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.tapir # tapir-swagger-ui_3 # 1.6.4](http://softwaremill.com/open-source) | -Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.tapir # tapir-zio-http-server_3 # 1.6.4](http://softwaremill.com/open-source) | -Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.tapir # tapir-zio_3 # 1.6.4](http://softwaremill.com/open-source) | +Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.model # core_3 # 1.7.11](http://softwaremill.com/open-source) | +Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.shared # core_3 # 1.3.22](http://softwaremill.com/open-source) | +Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.shared # fs2_3 # 1.3.22](http://softwaremill.com/open-source) | +Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.shared # ws_3 # 1.3.22](http://softwaremill.com/open-source) | +Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.shared # zio_3 # 1.3.22](http://softwaremill.com/open-source) | +Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.tapir # tapir-apispec-docs_3 # 1.11.7](http://softwaremill.com/open-source) | +Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.tapir # tapir-cats-effect_3 # 1.11.7](http://softwaremill.com/open-source) | +Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.tapir # tapir-cats_3 # 1.11.7](http://softwaremill.com/open-source) | +Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.tapir # tapir-client_3 # 1.11.7](http://softwaremill.com/open-source) | +Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.tapir # tapir-core_3 # 1.11.7](http://softwaremill.com/open-source) | +Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.tapir # tapir-files_3 # 1.11.7](http://softwaremill.com/open-source) | +Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.tapir # tapir-http4s-server-zio_3 # 1.11.7](http://softwaremill.com/open-source) | +Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.tapir # tapir-http4s-server_3 # 1.11.7](http://softwaremill.com/open-source) | +Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.tapir # tapir-json-zio_3 # 1.11.7](http://softwaremill.com/open-source) | +Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.tapir # tapir-openapi-docs_3 # 1.11.7](http://softwaremill.com/open-source) | +Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.tapir # tapir-prometheus-metrics_3 # 1.11.7](http://softwaremill.com/open-source) | +Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.tapir # tapir-redoc-bundle_3 # 1.11.7](http://softwaremill.com/open-source) | +Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.tapir # tapir-redoc_3 # 1.11.7](http://softwaremill.com/open-source) | +Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.tapir # tapir-server_3 # 1.11.7](http://softwaremill.com/open-source) | +Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.tapir # tapir-sttp-client_3 # 1.11.7](http://softwaremill.com/open-source) | +Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.tapir # tapir-sttp-stub-server_3 # 1.11.7](http://softwaremill.com/open-source) | +Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.tapir # tapir-swagger-ui-bundle_3 # 1.11.7](http://softwaremill.com/open-source) | +Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.tapir # tapir-swagger-ui_3 # 1.11.7](http://softwaremill.com/open-source) | +Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.tapir # tapir-zio-http-server_3 # 1.11.7](http://softwaremill.com/open-source) | +Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.softwaremill.sttp.tapir # tapir-zio_3 # 1.11.7](http://softwaremill.com/open-source) | Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0.txt) | com.squareup.okhttp3 # okhttp # 3.14.9 | Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0.txt) | com.squareup.okio # okio # 1.17.2 | -Apache | [Apache 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [io.circe # circe-yaml_3 # 0.14.2](https://github.com/circe/circe-yaml) | Apache | [Apache 2.0](https://opensource.org/licenses/Apache-2.0) | [io.grpc # grpc-api # 1.62.2](https://github.com/grpc/grpc-java) | Apache | [Apache 2.0](https://opensource.org/licenses/Apache-2.0) | [io.grpc # grpc-api # 1.63.0](https://github.com/grpc/grpc-java) | Apache | [Apache 2.0](https://opensource.org/licenses/Apache-2.0) | [io.grpc # grpc-context # 1.63.0](https://github.com/grpc/grpc-java) | @@ -57,7 +56,6 @@ Apache | [Apache 2.0](https://opensource.org/licenses/Apache-2.0) | [io.grpc # g Apache | [Apache 2.0](https://opensource.org/licenses/Apache-2.0) | [io.grpc # grpc-stub # 1.62.2](https://github.com/grpc/grpc-java) | Apache | [Apache 2.0](https://opensource.org/licenses/Apache-2.0) | [io.grpc # grpc-util # 1.63.0](https://github.com/grpc/grpc-java) | Apache | [Apache 2.0](https://opensource.org/licenses/Apache-2.0) | [io.perfmark # perfmark-api # 0.26.0](https://github.com/perfmark/perfmark) | -Apache | [Apache 2.0](https://github.com/swagger-api/swagger-ui) | [org.webjars # swagger-ui # 5.1.3](http://webjars.org) | Apache | [Apache 2.0 License](http://www.apache.org/licenses/LICENSE-2.0.html) | [com.typesafe.scala-logging # scala-logging_3 # 3.9.5](https://github.com/lightbend/scala-logging) | Apache | [Apache License 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [io.getquill # quill-doobie_3 # 4.8.5](https://zio.dev/zio-protoquill) | Apache | [Apache License 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [io.getquill # quill-engine_3 # 4.8.4](https://zio.dev/zio-quill) | @@ -131,7 +129,9 @@ Apache | [Apache License, Version 2.0](http://www.apache.org/licenses/LICENSE-2. Apache | [Apache License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0.txt) | org.objenesis # objenesis # 3.3 | Apache | [Apache License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0.txt) | [org.yaml # snakeyaml # 2.0](https://bitbucket.org/snakeyaml/snakeyaml) | Apache | [Apache License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0.txt) | [org.yaml # snakeyaml # 2.1](https://bitbucket.org/snakeyaml/snakeyaml) | +Apache | [Apache License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0.txt) | [org.yaml # snakeyaml # 2.2](https://bitbucket.org/snakeyaml/snakeyaml) | Apache | [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0.txt) | [com.comcast # ip4s-core_3 # 3.4.0](https://github.com/Comcast/ip4s) | +Apache | [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0.txt) | [com.comcast # ip4s-core_3 # 3.6.0](https://github.com/Comcast/ip4s) | Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.geirsson # metaconfig-core_2.13 # 0.12.0](https://github.com/olafurpg/metaconfig) | Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.geirsson # metaconfig-pprint_2.13 # 0.12.0](https://github.com/olafurpg/metaconfig) | Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | [com.geirsson # metaconfig-typesafe-config_2.13 # 0.12.0](https://github.com/olafurpg/metaconfig) | @@ -150,17 +150,18 @@ Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | [dev.zio # z Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | [dev.zio # zio-config-typesafe_3 # 4.0.2](https://zio.dev/zio-config/) | Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | [dev.zio # zio-config_3 # 4.0.2](https://zio.dev/zio-config/) | Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | [dev.zio # zio-constraintless_3 # 0.3.3](https://zio.dev/zio-constraintless/) | -Apache | [Apache-2.0](https://github.com/zio/zio-http/blob/master/LICENSE) | [dev.zio # zio-http_3 # 3.0.0-RC10](https://zio.dev/zio-http) | +Apache | [Apache-2.0](https://github.com/zio/zio-http/blob/master/LICENSE) | [dev.zio # zio-http_3 # 3.0.1](https://zio.dev/zio-http) | Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | [dev.zio # zio-internal-macros_3 # 2.1.9](https://zio.dev) | -Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | [dev.zio # zio-interop-cats_3 # 23.0.0.8](https://zio.dev) | +Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | [dev.zio # zio-interop-cats_3 # 23.1.0.3](https://zio.dev) | Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | [dev.zio # zio-interop-cats_3 # 3.3.0](https://zio.dev) | -Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | [dev.zio # zio-interop-tracer_3 # 23.0.0.8](https://zio.dev) | +Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | [dev.zio # zio-interop-tracer_3 # 23.1.0.3](https://zio.dev) | Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | [dev.zio # zio-json_3 # 0.7.2](https://zio.dev/zio-json/) | Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | [dev.zio # zio-json_3 # 0.7.3](https://zio.dev/zio-json/) | +Apache | [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0.txt) | [dev.zio # zio-kafka_3 # 2.7.5](https://zio.dev/zio-kafka) | Apache | [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0.txt) | [dev.zio # zio-logging-slf4j_3 # 2.3.1](https://zio.dev/zio-logging) | Apache | [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0.txt) | [dev.zio # zio-logging_3 # 2.3.1](https://zio.dev/zio-logging) | Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | [dev.zio # zio-managed_3 # 2.0.0](https://zio.dev) | -Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | [dev.zio # zio-managed_3 # 2.0.13](https://zio.dev) | +Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | [dev.zio # zio-managed_3 # 2.1.7](https://zio.dev) | Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | [dev.zio # zio-metrics-connectors-micrometer_3 # 2.3.1](https://zio.dev/zio-metrics-connectors/) | Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | [dev.zio # zio-metrics-connectors_3 # 2.3.1](https://zio.dev/zio-metrics-connectors/) | Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | [dev.zio # zio-mock_3 # 1.0.0-RC12](https://zio.dev/zio-mock/) | @@ -185,6 +186,8 @@ Apache | [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0.txt) | [io.cir Apache | [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0.txt) | [io.circe # circe-jawn_3 # 0.14.7](https://github.com/circe/circe) | Apache | [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0.txt) | [io.circe # circe-numbers_3 # 0.14.7](https://github.com/circe/circe) | Apache | [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0.txt) | [io.circe # circe-parser_3 # 0.14.7](https://github.com/circe/circe) | +Apache | [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0.txt) | [io.circe # circe-yaml-common_3 # 0.15.1](https://github.com/circe/circe-yaml) | +Apache | [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0.txt) | [io.circe # circe-yaml_3 # 0.15.1](https://github.com/circe/circe-yaml) | Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | [io.suzaku # boopickle_3 # 1.4.0](https://github.com/suzaku-io/boopickle) | Apache | [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0.txt) | [net.java.dev.jna # jna # 5.12.1](https://github.com/java-native-access/jna) | Apache | [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0.txt) | [net.java.dev.jna # jna # 5.13.0](https://github.com/java-native-access/jna) | @@ -193,41 +196,41 @@ Apache | [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0.txt) | [org.ht Apache | [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0.txt) | [org.http4s # blaze-http_3 # 0.23.15](https://github.com/http4s/blaze) | Apache | [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0.txt) | [org.http4s # http4s-blaze-core_3 # 0.23.15](https://github.com/http4s/blaze) | Apache | [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0.txt) | [org.http4s # http4s-blaze-server_3 # 0.23.15](https://github.com/http4s/blaze) | -Apache | [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0.html) | [org.http4s # http4s-core_3 # 0.23.23](https://http4s.org/) | +Apache | [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0.html) | [org.http4s # http4s-core_3 # 0.23.28](https://http4s.org/) | Apache | [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0.txt) | [org.http4s # http4s-crypto_3 # 0.2.4](https://github.com/http4s/http4s-crypto) | -Apache | [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0.html) | [org.http4s # http4s-server_3 # 0.23.23](https://http4s.org/) | -Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # castor-core_3 # 1.39.0 | -Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # cloud-agent-wallet-api_3 # 1.39.0 | -Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # connect-core_3 # 1.39.0 | -Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # connect-sql-doobie_3 # 1.39.0 | -Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # event-notification_3 # 1.39.0 | -Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # mercury-agent-core_3 # 1.39.0 | -Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # mercury-agent-didcommx_3 # 1.39.0 | -Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # mercury-data-models_3 # 1.39.0 | -Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # mercury-protocol-connection_3 # 1.39.0 | -Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # mercury-protocol-coordinate-mediation_3 # 1.39.0 | -Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # mercury-protocol-invitation_3 # 1.39.0 | -Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # mercury-protocol-issue-credential_3 # 1.39.0 | -Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # mercury-protocol-outofband-login_3 # 1.39.0 | -Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # mercury-protocol-present-proof_3 # 1.39.0 | -Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # mercury-protocol-report-problem_3 # 1.39.0 | -Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # mercury-protocol-revocation-notification_3 # 1.39.0 | -Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # mercury-protocol-routing-2-0_3 # 1.39.0 | -Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # mercury-protocol-trust-ping_3 # 1.39.0 | -Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # mercury-resolver_3 # 1.39.0 | -Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # mercury-verifiable-credentials_3 # 1.39.0 | -Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # pollux-anoncreds_3 # 1.39.0 | -Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # pollux-core_3 # 1.39.0 | -Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # pollux-prex_3 # 1.39.0 | -Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # pollux-sd-jwt_3 # 1.39.0 | -Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # pollux-sql-doobie_3 # 1.39.0 | -Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # pollux-vc-jwt_3 # 1.39.0 | -Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # predef_3 # 1.39.0 | -Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # prism-node-client_3 # 1.39.0 | -Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # shared # 1.39.0 | -Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # shared-crypto # 1.39.0 | -Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # shared-json # 1.39.0 | -Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # shared-test # 1.39.0 | +Apache | [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0.html) | [org.http4s # http4s-server_3 # 0.23.28](https://http4s.org/) | +Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # castor-core_3 # 1.40.0 | +Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # cloud-agent-wallet-api_3 # 1.40.0 | +Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # connect-core_3 # 1.40.0 | +Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # connect-sql-doobie_3 # 1.40.0 | +Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # event-notification_3 # 1.40.0 | +Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # mercury-agent-core_3 # 1.40.0 | +Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # mercury-agent-didcommx_3 # 1.40.0 | +Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # mercury-data-models_3 # 1.40.0 | +Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # mercury-protocol-connection_3 # 1.40.0 | +Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # mercury-protocol-coordinate-mediation_3 # 1.40.0 | +Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # mercury-protocol-invitation_3 # 1.40.0 | +Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # mercury-protocol-issue-credential_3 # 1.40.0 | +Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # mercury-protocol-outofband-login_3 # 1.40.0 | +Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # mercury-protocol-present-proof_3 # 1.40.0 | +Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # mercury-protocol-report-problem_3 # 1.40.0 | +Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # mercury-protocol-revocation-notification_3 # 1.40.0 | +Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # mercury-protocol-routing-2-0_3 # 1.40.0 | +Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # mercury-protocol-trust-ping_3 # 1.40.0 | +Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # mercury-resolver_3 # 1.40.0 | +Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # mercury-verifiable-credentials_3 # 1.40.0 | +Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # pollux-anoncreds_3 # 1.40.0 | +Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # pollux-core_3 # 1.40.0 | +Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # pollux-prex_3 # 1.40.0 | +Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # pollux-sd-jwt_3 # 1.40.0 | +Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # pollux-sql-doobie_3 # 1.40.0 | +Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # pollux-vc-jwt_3 # 1.40.0 | +Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # predef_3 # 1.40.0 | +Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # prism-node-client_3 # 1.40.0 | +Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # shared # 1.40.0 | +Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # shared-crypto # 1.40.0 | +Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # shared-json # 1.40.0 | +Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | org.hyperledger # shared-test # 1.40.0 | Apache | [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0) | [org.scala-lang # scala-compiler # 2.13.13](https://www.scala-lang.org/) | Apache | [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0) | [org.scala-lang # scala-library # 2.13.12](https://www.scala-lang.org/) | Apache | [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0) | [org.scala-lang # scala-library # 2.13.13](https://www.scala-lang.org/) | @@ -245,30 +248,36 @@ Apache | [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0) | [org.scala- Apache | [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0) | [org.scala-sbt # compiler-interface # 1.9.3](https://github.com/sbt/zinc) | Apache | [Apache-2.0](https://github.com/sbt/sbt/blob/develop/LICENSE) | [org.scala-sbt # util-interface # 1.9.2](https://github.com/sbt/sbt) | Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | [org.scalameta # junit-interface # 0.7.29](https://github.com/scalameta/munit) | -Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | [org.scalameta # junit-interface # 1.0.1](https://github.com/scalameta/munit) | +Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | [org.scalameta # junit-interface # 1.0.2](https://github.com/scalameta/munit) | Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | [org.scalameta # mdoc-parser_2.13 # 2.5.2](https://github.com/scalameta/mdoc) | -Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | [org.scalameta # munit-diff_3 # 1.0.1](https://github.com/scalameta/munit) | +Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | [org.scalameta # munit-diff_3 # 1.0.2](https://github.com/scalameta/munit) | Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | [org.scalameta # munit_3 # 0.7.29](https://github.com/scalameta/munit) | -Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | [org.scalameta # munit_3 # 1.0.1](https://github.com/scalameta/munit) | +Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | [org.scalameta # munit_3 # 1.0.2](https://github.com/scalameta/munit) | Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | [org.scalameta # scalafmt-config_2.13 # 3.8.1](https://github.com/scalameta/scalafmt) | Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | [org.scalameta # scalafmt-core_2.13 # 3.8.1](https://github.com/scalameta/scalafmt) | Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | [org.scalameta # scalafmt-sysops_2.13 # 3.8.1](https://github.com/scalameta/scalafmt) | Apache | [Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0) | [org.scalatestplus # mockito-4-11_3 # 3.2.18.0](https://github.com/scalatest/scalatestplus-mockito) | Apache | [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0.txt) | [org.typelevel # case-insensitive_3 # 1.4.0](https://typelevel.org/case-insensitive) | Apache | [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0.txt) | [org.typelevel # cats-effect-kernel_3 # 3.5.2](https://github.com/typelevel/cats-effect) | +Apache | [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0.txt) | [org.typelevel # cats-effect-kernel_3 # 3.5.4](https://github.com/typelevel/cats-effect) | Apache | [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0.txt) | [org.typelevel # cats-effect-std_3 # 3.5.2](https://github.com/typelevel/cats-effect) | +Apache | [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0.txt) | [org.typelevel # cats-effect-std_3 # 3.5.4](https://github.com/typelevel/cats-effect) | Apache | [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0.txt) | [org.typelevel # cats-effect_3 # 3.5.2](https://github.com/typelevel/cats-effect) | +Apache | [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0.txt) | [org.typelevel # cats-effect_3 # 3.5.4](https://github.com/typelevel/cats-effect) | Apache | [Apache-2.0](http://www.apache.org/licenses/) | [org.typelevel # cats-mtl_3 # 1.2.1](https://typelevel.org/cats-mtl/) | -Apache | [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0.txt) | [org.typelevel # cats-mtl_3 # 1.3.0](https://typelevel.org/cats-mtl) | +Apache | [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0.txt) | [org.typelevel # cats-mtl_3 # 1.4.0](https://typelevel.org/cats-mtl) | Apache | [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0.txt) | [org.typelevel # literally_3 # 1.1.0](https://github.com/typelevel/literally) | -Apache | [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0.txt) | [org.typelevel # log4cats-core_3 # 2.6.0](https://typelevel.org/log4cats) | -Apache | [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0.txt) | [org.typelevel # log4cats-slf4j_3 # 2.6.0](https://typelevel.org/log4cats) | +Apache | [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0.txt) | [org.typelevel # log4cats-core_3 # 2.7.0](https://typelevel.org/log4cats) | +Apache | [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0.txt) | [org.typelevel # log4cats-slf4j_3 # 2.7.0](https://typelevel.org/log4cats) | Apache | [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0.txt) | [org.typelevel # paiges-core_2.13 # 0.4.3](https://typelevel.org/paiges) | +Apache | [Apache-2.0](http://localhost) | [org.webjars # swagger-ui # 5.17.14](https://www.webjars.org) | +Apache | [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0.html) | [org.xerial.snappy # snappy-java # 1.1.10.5](https://github.com/xerial/snappy-java) | Apache | [The Apache License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0.txt) | [com.ionspin.kotlin # bignum-jvm # 0.3.9](https://github.com/ionspin/kotlin-multiplatform-bignum) | Apache | [The Apache License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0.txt) | [com.zmannotes # varint # 1.0.0](https://github.com/zman2013/varint) | Apache | [The Apache License, Version 2.0](https://www.apache.org/licenses/LICENSE-2.0.txt) | [io.iohk.atala # sd-jwt-kmp-jvm # 0.1.2](https://docs.atalaprism.io/) | Apache | [The Apache License, Version 2.0](https://www.apache.org/licenses/LICENSE-2.0.txt) | [io.iohk.atala.prism.apollo # apollo-jvm # 1.3.5](https://docs.atalaprism.io/) | Apache | [The Apache License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0.txt) | [io.setl # rdf-urdna # 1.1](https://github.com/setl/rdf-urdna) | +Apache | [The Apache License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0.txt) | [org.apache.kafka # kafka-clients # 3.7.0](https://kafka.apache.org) | Apache | [The Apache License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0.txt) | [org.didcommx # didcomm # 0.3.2](https://github.com/sicpa-dlab/didcomm-jvm) | Apache | [The Apache License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0.txt) | [org.didcommx # peerdid # 0.5.0](https://github.com/sicpa-dlab/peer-did-jvm) | Apache | [The Apache License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0.txt) | [org.jetbrains.kotlin # kotlin-stdlib # 1.8.22](https://kotlinlang.org/) | @@ -309,15 +318,19 @@ Apache | [The Apache Software License, Version 2.0](http://www.apache.org/licens Apache | [The Apache Software License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0.txt) | com.twitter # hpack # 1.0.2 | Apache | [The Apache Software License, Version 2.0](https://www.apache.org/licenses/LICENSE-2.0.txt) | [com.zaxxer # HikariCP # 5.1.0](https://github.com/brettwooldridge/HikariCP) | Apache | [The Apache Software License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0.txt) | io.github.java-diff-utils # java-diff-utils # 4.12 | -Apache | [The Apache Software License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0.txt) | [io.micrometer # micrometer-commons # 1.11.11](https://github.com/micrometer-metrics/micrometer) | -Apache | [The Apache Software License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0.txt) | [io.micrometer # micrometer-core # 1.11.11](https://github.com/micrometer-metrics/micrometer) | -Apache | [The Apache Software License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0.txt) | [io.micrometer # micrometer-observation # 1.11.11](https://github.com/micrometer-metrics/micrometer) | -Apache | [The Apache Software License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0.txt) | [io.micrometer # micrometer-registry-prometheus # 1.11.11](https://github.com/micrometer-metrics/micrometer) | -Apache | [The Apache Software License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0.txt) | io.prometheus # simpleclient # 0.16.0 | -Apache | [The Apache Software License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0.txt) | io.prometheus # simpleclient_common # 0.16.0 | -Apache | [The Apache Software License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0.txt) | io.prometheus # simpleclient_tracer_common # 0.16.0 | -Apache | [The Apache Software License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0.txt) | io.prometheus # simpleclient_tracer_otel # 0.16.0 | -Apache | [The Apache Software License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0.txt) | io.prometheus # simpleclient_tracer_otel_agent # 0.16.0 | +Apache | [The Apache Software License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0.txt) | [io.micrometer # micrometer-commons # 1.13.6](https://github.com/micrometer-metrics/micrometer) | +Apache | [The Apache Software License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0.txt) | [io.micrometer # micrometer-core # 1.13.6](https://github.com/micrometer-metrics/micrometer) | +Apache | [The Apache Software License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0.txt) | [io.micrometer # micrometer-observation # 1.13.6](https://github.com/micrometer-metrics/micrometer) | +Apache | [The Apache Software License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0.txt) | [io.micrometer # micrometer-registry-prometheus # 1.13.6](https://github.com/micrometer-metrics/micrometer) | +Apache | [The Apache Software License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0.txt) | io.prometheus # prometheus-metrics-config # 1.3.1 | +Apache | [The Apache Software License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0.txt) | io.prometheus # prometheus-metrics-core # 1.3.1 | +Apache | [The Apache Software License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0.txt) | io.prometheus # prometheus-metrics-exposition-formats # 1.3.1 | +Apache | [The Apache Software License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0.txt) | io.prometheus # prometheus-metrics-model # 1.3.1 | +Apache | [The Apache Software License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0.txt) | io.prometheus # prometheus-metrics-shaded-protobuf # 1.3.1 | +Apache | [The Apache Software License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0.txt) | io.prometheus # prometheus-metrics-tracer-common # 1.3.1 | +Apache | [The Apache Software License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0.txt) | io.prometheus # prometheus-metrics-tracer-initializer # 1.3.1 | +Apache | [The Apache Software License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0.txt) | io.prometheus # prometheus-metrics-tracer-otel # 1.3.1 | +Apache | [The Apache Software License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0.txt) | io.prometheus # prometheus-metrics-tracer-otel-agent # 1.3.1 | Apache | [The Apache Software License, Version 2.0](https://www.apache.org/licenses/LICENSE-2.0.txt) | io.quarkus # quarkus-junit4-mock # 3.2.0.Final | Apache | [The Apache Software License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0.txt) | [net.minidev # accessors-smart # 2.5.0](https://urielch.github.io/) | Apache | [The Apache Software License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0.txt) | [net.minidev # json-smart # 2.5.0](https://urielch.github.io/) | @@ -334,6 +347,7 @@ Apache | [The Apache Software License, Version 2.0](https://www.apache.org/licen Apache | [The Apache Software License, Version 2.0](https://www.apache.org/licenses/LICENSE-2.0.txt) | [org.kotlincrypto.hash # sha2-jvm # 0.4.0](https://github.com/KotlinCrypto/hash/) | Apache | [The Apache Software License, Version 2.0](https://www.apache.org/licenses/LICENSE-2.0.txt) | [org.kotlincrypto.macs # hmac-jvm # 0.3.0](https://github.com/KotlinCrypto/MACs/) | Apache | [The Apache Software License, Version 2.0](https://www.apache.org/licenses/LICENSE-2.0.txt) | [org.kotlincrypto.macs # hmac-sha2-jvm # 0.3.0](https://github.com/KotlinCrypto/MACs/) | +Apache | [The Apache Software License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0.txt) | [org.lz4 # lz4-java # 1.8.0](https://github.com/lz4/lz4-java) | Apache | [the Apache License, ASL Version 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [org.scalactic # scalactic_3 # 3.2.16](http://www.scalatest.org) | Apache | [the Apache License, ASL Version 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [org.scalactic # scalactic_3 # 3.2.18](http://www.scalatest.org) | Apache | [the Apache License, ASL Version 2.0](http://www.apache.org/licenses/LICENSE-2.0) | [org.scalatest # scalatest-compatible # 3.2.16](http://www.scalatest.org) | @@ -359,6 +373,7 @@ BSD | [BSD](https://github.com/scalameta/scalameta/blob/main/LICENSE.md) | [org. BSD | [BSD](https://github.com/scalameta/scalameta/blob/main/LICENSE.md) | [org.scalameta # parsers_2.13 # 4.9.3](https://github.com/scalameta/scalameta) | BSD | [BSD](https://github.com/scalameta/scalameta/blob/main/LICENSE.md) | [org.scalameta # scalameta_2.13 # 4.9.3](https://github.com/scalameta/scalameta) | BSD | [BSD](https://github.com/scalameta/scalameta/blob/main/LICENSE.md) | [org.scalameta # trees_2.13 # 4.9.3](https://github.com/scalameta/scalameta) | +BSD | [BSD 2-Clause License](https://opensource.org/licenses/BSD-2-Clause) | [com.github.luben # zstd-jni # 1.5.5-6](https://github.com/luben/zstd-jni) | BSD | [BSD 2-Clause License](http://opensource.org/licenses/BSD-2-Clause) | com.vladsch.flexmark # flexmark # 0.62.2 | BSD | [BSD 2-Clause License](http://opensource.org/licenses/BSD-2-Clause) | com.vladsch.flexmark # flexmark-ext-anchorlink # 0.62.2 | BSD | [BSD 2-Clause License](http://opensource.org/licenses/BSD-2-Clause) | com.vladsch.flexmark # flexmark-ext-autolink # 0.62.2 | @@ -405,7 +420,9 @@ EPL | [Eclipse Public License 1.0](http://www.eclipse.org/legal/epl-v10.html) | GPL with Classpath Extension | [GNU General Public License, version 2 with the GNU Classpath Exception](https://projects.eclipse.org/license/secondary-gpl-2.0-cp) | [org.glassfish # jakarta.json # 2.0.1](https://github.com/eclipse-ee4j/jsonp) | LGPL | [GNU Lesser General Public License](http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html) | ch.qos.logback # logback-classic # 1.4.14 | LGPL | [GNU Lesser General Public License](http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html) | ch.qos.logback # logback-core # 1.4.14 | +MIT | [MIT](http://opensource.org/licenses/MIT) | [co.fs2 # fs2-core_3 # 3.11.0](https://typelevel.org/fs2) | MIT | [MIT](http://opensource.org/licenses/MIT) | [co.fs2 # fs2-core_3 # 3.9.3](https://typelevel.org/fs2) | +MIT | [MIT](http://opensource.org/licenses/MIT) | [co.fs2 # fs2-io_3 # 3.11.0](https://typelevel.org/fs2) | MIT | [MIT](http://opensource.org/licenses/MIT) | [co.fs2 # fs2-io_3 # 3.9.3](https://typelevel.org/fs2) | MIT | [MIT](http://opensource.org/licenses/MIT) | [com.github.poslegm # munit-zio_3 # 0.2.0](https://github.com/poslegm/munit-zio/) | MIT | [MIT](http://opensource.org/licenses/MIT) | [com.github.takayahilton # sql-formatter_2.13 # 1.2.1](https://github.com/takayahilton/sql-formatter) | @@ -429,12 +446,13 @@ MIT | [MIT](https://opensource.org/licenses/MIT) | [org.tpolecat # doobie-postgr MIT | [MIT](https://opensource.org/licenses/MIT) | [org.tpolecat # doobie-postgres_3 # 1.0.0-RC5](https://github.com/tpolecat/doobie) | MIT | [MIT](http://opensource.org/licenses/MIT) | [org.tpolecat # typename_3 # 1.1.0](https://github.com/tpolecat/typename) | MIT | [MIT](https://opensource.org/licenses/MIT) | [org.typelevel # cats-core_3 # 2.10.0](https://typelevel.org/cats) | +MIT | [MIT](https://opensource.org/licenses/MIT) | [org.typelevel # cats-core_3 # 2.12.0](https://typelevel.org/cats) | MIT | [MIT](https://opensource.org/licenses/MIT) | [org.typelevel # cats-free_3 # 2.10.0](https://typelevel.org/cats) | MIT | [MIT](https://opensource.org/licenses/MIT) | [org.typelevel # cats-kernel_3 # 2.10.0](https://typelevel.org/cats) | -MIT | [MIT](https://opensource.org/licenses/MIT) | [org.typelevel # cats-parse_3 # 0.3.10](https://typelevel.org/cats-parse) | -MIT | [MIT](https://opensource.org/licenses/MIT) | [org.typelevel # cats-parse_3 # 0.3.8](https://typelevel.org/cats-parse) | +MIT | [MIT](https://opensource.org/licenses/MIT) | [org.typelevel # cats-kernel_3 # 2.12.0](https://typelevel.org/cats) | +MIT | [MIT](https://opensource.org/licenses/MIT) | [org.typelevel # cats-parse_3 # 1.0.0](https://typelevel.org/cats-parse) | MIT | [MIT](http://opensource.org/licenses/MIT) | [org.typelevel # jawn-parser_3 # 1.5.1](https://github.com/typelevel/jawn) | -MIT | [MIT](http://opensource.org/licenses/MIT) | [org.typelevel # vault_3 # 3.5.0](https://typelevel.org/vault) | +MIT | [MIT](http://opensource.org/licenses/MIT) | [org.typelevel # vault_3 # 3.6.0](https://typelevel.org/vault) | MIT | [MIT License](https://github.com/multiformats/java-multiaddr/blob/master/LICENSE) | [com.github.multiformats # java-multibase # v1.1.0](https://github.com/multiformats/java-multibase) | MIT | [MIT License](http://www.opensource.org/licenses/mit-license.php) | [nl.big-o # liqp # 0.8.2](https://github.com/bkiers/Liqp) | MIT | [MIT License](http://www.opensource.org/licenses/mit-license.php) | [org.nibor.autolink # autolink # 0.6.0](https://github.com/robinst/autolink-java) | @@ -453,6 +471,6 @@ MIT | [The MIT License (MIT)](https://opensource.org/licenses/MIT) | [com.dimafe MIT | [The MIT License (MIT)](https://opensource.org/licenses/MIT) | [com.dimafeng # testcontainers-scala-jdbc_3 # 0.41.3](https://github.com/testcontainers/testcontainers-scala) | MIT | [The MIT License (MIT)](https://opensource.org/licenses/MIT) | [com.dimafeng # testcontainers-scala-postgresql_3 # 0.41.3](https://github.com/testcontainers/testcontainers-scala) | MIT | [The MIT License (MIT)](https://opensource.org/licenses/MIT) | [com.dimafeng # testcontainers-scala-vault_3 # 0.41.3](https://github.com/testcontainers/testcontainers-scala) | -Public Domain | [Public Domain, per Creative Commons CC0](http://creativecommons.org/publicdomain/zero/1.0/) | [org.hdrhistogram # HdrHistogram # 2.1.12](http://hdrhistogram.github.io/HdrHistogram/) | +Public Domain | [Public Domain, per Creative Commons CC0](http://creativecommons.org/publicdomain/zero/1.0/) | [org.hdrhistogram # HdrHistogram # 2.2.2](http://hdrhistogram.github.io/HdrHistogram/) | Public Domain | [Public Domain, per Creative Commons CC0](http://creativecommons.org/publicdomain/zero/1.0/) | [org.latencyutils # LatencyUtils # 2.0.3](http://latencyutils.github.io/LatencyUtils/) | diff --git a/cloud-agent/service/api/http/cloud-agent-openapi-spec.yaml b/cloud-agent/service/api/http/cloud-agent-openapi-spec.yaml index 89f119c860..4eff2ef288 100644 --- a/cloud-agent/service/api/http/cloud-agent-openapi-spec.yaml +++ b/cloud-agent/service/api/http/cloud-agent-openapi-spec.yaml @@ -1,7 +1,7 @@ -openapi: 3.0.3 +openapi: 3.1.0 info: title: Identus Cloud Agent API Reference - version: 1.39.0 + version: 1.40.0 description: |2 The Identus Cloud Agent API facilitates the integration and management of self-sovereign identity capabilities within applications. @@ -152,6 +152,13 @@ tags: These API keys can then be used for authorization to access specific wallets. For more detailed information related to the agent IAM and its usage, please refer to this [documentation](https://docs.atalaprism.io/docs/atala-prism/prism-cloud-agent/authentication). +- name: Presentation Exchange + description: |2 + + The __Presentation Exchange__ endpoints offers a way to manage resources related to [presentation exchange protocol](https://identity.foundation/presentation-exchange/spec/v2.1.1/). + + The verifier can create the resources such as `presentation-definition` that can be publicly referenced + in various protocols such as [OpenID for Verificable Presentation](https://openid.net/specs/openid-4-verifiable-presentations-1_0.html). servers: - url: http://localhost:8085 description: The local instance of the Cloud Agent @@ -167,7 +174,7 @@ paths: summary: Lookup credential definitions by indexed fields description: 'Lookup credential definitions by `author`, `name`, `tag` parameters and control the pagination by `offset` and `limit` parameters ' - operationId: lookupCredentialDefinitionsByQuery + operationId: lookupCredentialDefinitionsByQueryHttpUrl parameters: - name: author in: query @@ -245,11 +252,12 @@ paths: post: tags: - Credential Definition Registry - summary: Publish new definition to the definition registry + summary: Publish new definition to the definition registry, resolvable by HTTP + url description: Create the new credential definition record with metadata and internal JSON Schema on behalf of Cloud Agent. The credential definition will be signed by the keys of Cloud Agent and issued by the DID that corresponds to it. - operationId: createCredentialDefinition + operationId: createCredentialDefinitionHttpUrl requestBody: description: JSON object required for the credential definition creation content: @@ -303,13 +311,253 @@ paths: security: - apiKeyAuth: [] - jwtAuth: [] + /credential-definition-registry/definitions/did-url: + get: + tags: + - Credential Definition Registry + summary: Lookup credential definitions by indexed fields + description: 'Lookup DID url resolvable credential definitions by `author`, + `name`, `tag` parameters and control the pagination by `offset` and `limit` + parameters ' + operationId: lookupCredentialDefinitionsByQueryDidUrl + parameters: + - name: author + in: query + required: false + schema: + type: string + example: did:prism:4a5b5cf0a513e83b598bbea25cd6196746747f361a73ef77068268bc9bd732ff + - name: name + in: query + required: false + schema: + type: string + example: DrivingLicense + - name: version + in: query + required: false + schema: + type: string + example: 1.0.0 + - name: tag + in: query + required: false + schema: + type: string + example: licence + - name: offset + in: query + description: The number of items to skip before returning results. Default + is 0 if not specified. + required: false + schema: + type: integer + format: int32 + - name: limit + in: query + description: The maximum number of items to return. Defaults to 100 if not + specified. + required: false + schema: + type: integer + format: int32 + - name: order + in: query + required: false + schema: + type: string + responses: + '200': + description: Collection of CredentialDefinitions records. + content: + application/json: + schema: + $ref: '#/components/schemas/CredentialDefinitionDidUrlResponsePage' + '400': + description: Invalid request parameters + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + '422': + description: Unable to process the request + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + '500': + description: Internal server error + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + security: + - apiKeyAuth: [] + - jwtAuth: [] + post: + tags: + - Credential Definition Registry + summary: Publish new definition to the definition registry, resolvable by DID + url + description: Create the new credential definition record with metadata and internal + JSON Schema on behalf of the Cloud Agent. The credential definition will be + signed by the keys of Cloud Agent and issued by the DID that corresponds to + it. + operationId: createCredentialDefinitionDidUrl + requestBody: + description: JSON object required for the credential definition creation + content: + application/json: + schema: + $ref: '#/components/schemas/CredentialDefinitionInput' + required: true + responses: + '201': + description: The new credential definition record is successfully created + content: + application/json: + schema: + $ref: '#/components/schemas/CredentialDefinitionResponse' + '400': + description: Invalid request parameters + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + '401': + description: Unauthorized + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + '403': + description: Forbidden + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + '404': + description: Resource could not be found + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + '422': + description: Unable to process the request + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + '500': + description: Internal server error + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + security: + - apiKeyAuth: [] + - jwtAuth: [] + /credential-definition-registry/definitions/{guid}/definition: + get: + tags: + - Credential Definition Registry + summary: Fetch the inner definition field of the credential definition from + the registry by `guid` + description: Fetch the inner definition fields of the credential definition + by the unique identifier + operationId: getCredentialDefinitionInnerDefinitionByIdHttpUrl + parameters: + - name: guid + in: path + required: true + schema: + type: string + format: uuid + responses: + '200': + description: CredentialDefinition found by `guid` + content: + application/json: + schema: {} + '400': + description: Invalid request parameters + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + '404': + description: Resource could not be found + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + '422': + description: Unable to process the request + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + '500': + description: Internal server error + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /credential-definition-registry/definitions/did-url/{guid}/definition: + get: + tags: + - Credential Definition Registry + summary: Fetch the inner definition field of the credential definition from + the registry by `guid`, wrapped in an envelope + description: Fetch the inner definition fields of the credential definition + by the unique identifier, it should have been crated via DID url, otherwise + not found error is returned. + operationId: getCredentialDefinitionInnerDefinitionByIdDidUrl + parameters: + - name: guid + in: path + required: true + schema: + type: string + format: uuid + responses: + '200': + description: CredentialDefinition found by `guid` + content: + application/json: + schema: + $ref: '#/components/schemas/PrismEnvelopeResponse' + '400': + description: Invalid request parameters + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + '404': + description: Resource could not be found + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + '422': + description: Unable to process the request + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + '500': + description: Internal server error + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' /credential-definition-registry/definitions/{guid}: get: tags: - Credential Definition Registry summary: Fetch the credential definition from the registry by `guid` description: Fetch the credential definition by the unique identifier - operationId: getCredentialDefinitionById + operationId: getCredentialDefinitionByIdHttpUrl parameters: - name: guid in: path @@ -349,28 +597,30 @@ paths: application/json: schema: $ref: '#/components/schemas/ErrorResponse' - /credential-definition-registry/definitions/{guid}/definition: + /credential-definition-registry/definitions/did-url/{guid}: get: tags: - Credential Definition Registry - summary: Fetch the inner definition field of the credential definition from - the registry by `guid` - description: Fetch the inner definition fields of the credential definition - by the unique identifier - operationId: getCredentialDefinitionInnerDefinitionById + summary: Fetch the credential definition from the registry by `guid`, wrapped + in an envelope + description: Fetch the credential definition by the unique identifier, it should + have been crated via DID url, otherwise not found error is returned. + operationId: getCredentialDefinitionByIdDidUrl parameters: - name: guid in: path + description: Globally unique identifier of the credential definition record required: true schema: type: string format: uuid responses: '200': - description: CredentialDefinition found by `guid` + description: CredentialDefinition found by `guid`, wrapped in an envelope content: application/json: - schema: {} + schema: + $ref: '#/components/schemas/PrismEnvelopeResponse' '400': description: Invalid request parameters content: @@ -451,11 +701,293 @@ paths: type: string responses: '200': - description: Collection of CredentialSchema records. + description: Collection of CredentialSchema records. + content: + application/json: + schema: + $ref: '#/components/schemas/CredentialSchemaResponsePage' + '400': + description: Invalid request parameters + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + '401': + description: Unauthorized + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + '403': + description: Forbidden + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + '422': + description: Unable to process the request + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + '500': + description: Internal server error + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + security: + - apiKeyAuth: [] + - jwtAuth: [] + post: + tags: + - Schema Registry + summary: Publish new schema to the schema registry, http url resolvable + description: Create the new credential schema record with metadata and internal + JSON Schema on behalf of Cloud Agent. The credential schema will be signed + by the keys of Cloud Agent and issued by the DID that corresponds to it. + operationId: createSchema + requestBody: + description: JSON object required for the credential schema creation + content: + application/json: + schema: + $ref: '#/components/schemas/CredentialSchemaInput' + required: true + responses: + '201': + description: The new credential schema record is successfully created + content: + application/json: + schema: + $ref: '#/components/schemas/CredentialSchemaResponse' + '400': + description: Invalid request parameters + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + '401': + description: Unauthorized + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + '403': + description: Forbidden + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + '404': + description: Resource could not be found + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + '422': + description: Unable to process the request + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + '500': + description: Internal server error + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + security: + - apiKeyAuth: [] + - jwtAuth: [] + /schema-registry/schemas/did-url: + get: + tags: + - Schema Registry + summary: Lookup schemas by indexed fields + description: 'Lookup schemas by `author`, `name`, `tags` parameters and control + the pagination by `offset` and `limit` parameters ' + operationId: lookupSchemasByQueryDidUrl + parameters: + - name: author + in: query + required: false + schema: + type: string + example: did:prism:4a5b5cf0a513e83b598bbea25cd6196746747f361a73ef77068268bc9bd732ff + - name: name + in: query + required: false + schema: + type: string + example: DrivingLicense + - name: version + in: query + required: false + schema: + type: string + example: 1.0.0 + - name: tags + in: query + required: false + schema: + type: string + example: driving + - name: offset + in: query + description: The number of items to skip before returning results. Default + is 0 if not specified. + required: false + schema: + type: integer + format: int32 + - name: limit + in: query + description: The maximum number of items to return. Defaults to 100 if not + specified. + required: false + schema: + type: integer + format: int32 + - name: order + in: query + required: false + schema: + type: string + responses: + '200': + description: Collection of CredentialSchema records each wrapped in an envelope. + content: + application/json: + schema: + $ref: '#/components/schemas/CredentialSchemaDidUrlResponsePage' + '400': + description: Invalid request parameters + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + '401': + description: Unauthorized + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + '403': + description: Forbidden + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + '422': + description: Unable to process the request + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + '500': + description: Internal server error + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + security: + - apiKeyAuth: [] + - jwtAuth: [] + post: + tags: + - Schema Registry + summary: Publish new schema to the schema registry, did url resolvable + description: Create the new credential schema record with metadata and internal + JSON Schema on behalf of Cloud Agent. The credential schema will be signed + by the keys of Cloud Agent and issued by the DID that corresponds to it. + operationId: createSchemaDidUrl + requestBody: + description: JSON object required for the credential schema creation + content: + application/json: + schema: + $ref: '#/components/schemas/CredentialSchemaInput' + required: true + responses: + '201': + description: The new credential schema record is successfully created + content: + application/json: + schema: + $ref: '#/components/schemas/PrismEnvelopeResponse' + '400': + description: Invalid request parameters + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + '401': + description: Unauthorized + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + '403': + description: Forbidden + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + '404': + description: Resource could not be found + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + '422': + description: Unable to process the request + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + '500': + description: Internal server error + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + security: + - apiKeyAuth: [] + - jwtAuth: [] + /schema-registry/schemas/{id}: + put: + tags: + - Schema Registry + summary: Publish the new version of the credential schema to the schema registry + description: Publish the new version of the credential schema record with metadata + and internal JSON Schema on behalf of Cloud Agent. The credential schema will + be signed by the keys of Cloud Agent and issued by the DID that corresponds + to it. + operationId: updateSchema + parameters: + - name: id + in: path + description: A locally unique identifier to address the schema. UUID is generated + by the backend. + required: true + schema: + type: string + format: uuid + requestBody: + description: JSON object required for the credential schema update + content: + application/json: + schema: + $ref: '#/components/schemas/CredentialSchemaInput' + required: true + responses: + '200': + description: The credential schema record is successfully updated content: application/json: schema: - $ref: '#/components/schemas/CredentialSchemaResponsePage' + $ref: '#/components/schemas/CredentialSchemaResponse' '400': description: Invalid request parameters content: @@ -474,6 +1006,12 @@ paths: application/json: schema: $ref: '#/components/schemas/ErrorResponse' + '404': + description: Resource could not be found + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' '422': description: Unable to process the request content: @@ -489,28 +1027,39 @@ paths: security: - apiKeyAuth: [] - jwtAuth: [] - post: + /schema-registry/schemas/did-url/{id}: + put: tags: - Schema Registry - summary: Publish new schema to the schema registry - description: Create the new credential schema record with metadata and internal - JSON Schema on behalf of Cloud Agent. The credential schema will be signed - by the keys of Cloud Agent and issued by the DID that corresponds to it. - operationId: createSchema + summary: Publish the new version of the credential schema to the schema registry + description: Publish the new version of the credential schema record with metadata + and internal JSON Schema on behalf of Cloud Agent. The credential schema will + be signed by the keys of Cloud Agent and issued by the DID that corresponds + to it. + operationId: updateSchemaDidUrl + parameters: + - name: id + in: path + description: A locally unique identifier to address the schema. UUID is generated + by the backend. + required: true + schema: + type: string + format: uuid requestBody: - description: JSON object required for the credential schema creation + description: JSON object required for the credential schema update content: application/json: schema: $ref: '#/components/schemas/CredentialSchemaInput' required: true responses: - '201': - description: The new credential schema record is successfully created + '200': + description: The credential schema record is successfully updated content: application/json: schema: - $ref: '#/components/schemas/CredentialSchemaResponse' + $ref: '#/components/schemas/PrismEnvelopeResponse' '400': description: Invalid request parameters content: @@ -550,60 +1099,73 @@ paths: security: - apiKeyAuth: [] - jwtAuth: [] - /schema-registry/{author}/{id}: - put: + /schema-registry/schemas/{guid}/schema: + get: tags: - Schema Registry - summary: Publish the new version of the credential schema to the schema registry - description: Publish the new version of the credential schema record with metadata - and internal JSON Schema on behalf of Cloud Agent. The credential schema will - be signed by the keys of Cloud Agent and issued by the DID that corresponds - to it. - operationId: updateSchema + summary: Fetch the schema from the registry by `guid` + description: Fetch the credential schema by the unique identifier + operationId: getRawSchemaById parameters: - - name: author - in: path - description: DID of the identity which authored the credential schema. A piece - of Metadata. - required: true - schema: - type: string - - name: id + - name: guid in: path - description: A locally unique identifier to address the schema. UUID is generated - by the backend. required: true schema: type: string format: uuid - requestBody: - description: JSON object required for the credential schema update - content: - application/json: - schema: - $ref: '#/components/schemas/CredentialSchemaInput' - required: true responses: '200': - description: The credential schema record is successfully updated + description: Raw JSON response of the CredentialSchema content: application/json: - schema: - $ref: '#/components/schemas/CredentialSchemaResponse' + schema: {} '400': description: Invalid request parameters content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' - '401': - description: Unauthorized + '404': + description: Resource could not be found content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' - '403': - description: Forbidden + '422': + description: Unable to process the request + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + '500': + description: Internal server error + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /schema-registry/schemas/did-url/{guid}/schema: + get: + tags: + - Schema Registry + summary: Fetch the schema from the registry by `guid` + description: Fetch the credential schema by the unique identifier + operationId: getRawSchemaByIdDidUrl + parameters: + - name: guid + in: path + required: true + schema: + type: string + format: uuid + responses: + '200': + description: Raw JSON response of the CredentialSchema + content: + application/json: + schema: + $ref: '#/components/schemas/PrismEnvelopeResponse' + '400': + description: Invalid request parameters content: application/json: schema: @@ -626,9 +1188,6 @@ paths: application/json: schema: $ref: '#/components/schemas/ErrorResponse' - security: - - apiKeyAuth: [] - - jwtAuth: [] /schema-registry/schemas/{guid}: get: tags: @@ -675,26 +1234,28 @@ paths: application/json: schema: $ref: '#/components/schemas/ErrorResponse' - /schema-registry/schemas/{guid}/schema: + /schema-registry/schemas/did-url/{guid}: get: tags: - Schema Registry summary: Fetch the schema from the registry by `guid` description: Fetch the credential schema by the unique identifier - operationId: getRawSchemaById + operationId: getSchemaByIdDidUrl parameters: - name: guid in: path + description: Globally unique identifier of the credential schema record required: true schema: type: string format: uuid responses: '200': - description: Raw JSON response of the CredentialSchema + description: CredentialSchema found by `guid`, wrapped in an envelope content: application/json: - schema: {} + schema: + $ref: '#/components/schemas/PrismEnvelopeResponse' '400': description: Invalid request parameters content: @@ -1297,9 +1858,9 @@ paths: $ref: '#/components/schemas/DIDResolutionResult' application/did+ld+json: schema: - type: string description: Empty representation example: '' + type: string '406': description: '' content: @@ -1308,9 +1869,9 @@ paths: $ref: '#/components/schemas/DIDResolutionResult' application/did+ld+json: schema: - type: string description: Empty representation example: '' + type: string '410': description: '' content: @@ -1319,9 +1880,9 @@ paths: $ref: '#/components/schemas/DIDResolutionResult' application/did+ld+json: schema: - type: string description: Empty representation example: '' + type: string '500': description: '' content: @@ -1330,9 +1891,9 @@ paths: $ref: '#/components/schemas/DIDResolutionResult' application/did+ld+json: schema: - type: string description: Empty representation example: '' + type: string '501': description: '' content: @@ -1341,9 +1902,9 @@ paths: $ref: '#/components/schemas/DIDResolutionResult' application/did+ld+json: schema: - type: string description: Empty representation example: '' + type: string /did-registrar/dids: get: tags: @@ -2544,31 +3105,205 @@ paths: application/json: schema: $ref: '#/components/schemas/ErrorResponse' - security: - - apiKeyAuth: [] - - jwtAuth: [] - /present-proof/presentations/accept-invitation: - post: + security: + - apiKeyAuth: [] + - jwtAuth: [] + /present-proof/presentations/accept-invitation: + post: + tags: + - Present Proof + summary: Decode the invitation extract Request Presentation and Create the proof + presentation record with RequestReceived state. + description: Accept Invitation for request presentation + operationId: acceptRequestPresentationInvitation + requestBody: + description: The action to perform on the proof presentation request invitation. + content: + application/json: + schema: + $ref: '#/components/schemas/AcceptRequestPresentationInvitation' + required: true + responses: + '200': + description: The proof presentation record was successfully updated. + content: + application/json: + schema: + $ref: '#/components/schemas/PresentationStatus' + '400': + description: Invalid request parameters + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + '401': + description: Unauthorized + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + '403': + description: Forbidden + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + '404': + description: Resource could not be found + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + '422': + description: Unable to process the request + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + '500': + description: Internal server error + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + security: + - apiKeyAuth: [] + - jwtAuth: [] + /verification/credential: + post: + tags: + - Verifiable Credentials Verification + summary: Verify a set of credentials as a Verifier + description: Endpoint to verify a set of verifiable credentials as a Verifier. + operationId: verify + requestBody: + description: List of verifiable credentials to verify + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/VcVerificationRequest' + required: false + responses: + '200': + description: List of verifiable credentials verification outcomes + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/VcVerificationResponse' + '400': + description: Invalid request parameters + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + '401': + description: Unauthorized + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + '403': + description: Forbidden + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + '422': + description: Unable to process the request + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + '500': + description: Internal server error + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + security: + - apiKeyAuth: [] + - jwtAuth: [] + /presentation-exchange/presentation-definitions/{id}: + get: + tags: + - Presentation Exchange + summary: Get a presentation-definition + operationId: getPresentationDefinition + parameters: + - name: id + in: path + required: true + schema: + type: string + format: uuid + responses: + '200': + description: Presentation Definition retrieved successfully + content: + application/json: + schema: + $ref: '#/components/schemas/PresentationDefinition' + '400': + description: Invalid request parameters + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + '404': + description: Resource could not be found + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + '422': + description: Unable to process the request + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + '500': + description: Internal server error + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' + /presentation-exchange/presentation-definitions: + get: tags: - - Present Proof - summary: Decode the invitation extract Request Presentation and Create the proof - presentation record with RequestReceived state. - description: Accept Invitation for request presentation - operationId: acceptRequestPresentationInvitation - requestBody: - description: The action to perform on the proof presentation request invitation. - content: - application/json: - schema: - $ref: '#/components/schemas/AcceptRequestPresentationInvitation' - required: true + - Presentation Exchange + summary: List all presentation-definitions + description: |- + List all `presentation-definitions` in the wallet. + Return a paginated items ordered by created timestamp. + operationId: listPresentationDefinition + parameters: + - name: offset + in: query + description: The number of items to skip before returning results. Default + is 0 if not specified. + required: false + schema: + type: integer + format: int32 + - name: limit + in: query + description: The maximum number of items to return. Defaults to 100 if not + specified. + required: false + schema: + type: integer + format: int32 responses: '200': - description: The proof presentation record was successfully updated. + description: Presentation Definitions retrieved successfully content: application/json: schema: - $ref: '#/components/schemas/PresentationStatus' + $ref: '#/components/schemas/PresentationDefinitionPage' '400': description: Invalid request parameters content: @@ -2587,12 +3322,6 @@ paths: application/json: schema: $ref: '#/components/schemas/ErrorResponse' - '404': - description: Resource could not be found - content: - application/json: - schema: - $ref: '#/components/schemas/ErrorResponse' '422': description: Unable to process the request content: @@ -2608,31 +3337,27 @@ paths: security: - apiKeyAuth: [] - jwtAuth: [] - /verification/credential: post: tags: - - Verifiable Credentials Verification - summary: Verify a set of credentials as a Verifier - description: Endpoint to verify a set of verifiable credentials as a Verifier. - operationId: verify + - Presentation Exchange + summary: Create a new presentation-definition + description: |- + Create a `presentation-definition` object according to the [presentation exchange protocol](https://identity.foundation/presentation-exchange/spec/v2.1.1/). + The `POST` endpoint is restricted to the owner of the wallet. The `presentation-definition` object, however can be referenced by publicly by `id` returned in the response. + operationId: createPresentationDefinition requestBody: - description: List of verifiable credentials to verify content: application/json: schema: - type: array - items: - $ref: '#/components/schemas/VcVerificationRequest' - required: false + $ref: '#/components/schemas/CreatePresentationDefinition' + required: true responses: - '200': - description: List of verifiable credentials verification outcomes + '201': + description: Presentation Definition created successfully content: application/json: schema: - type: array - items: - $ref: '#/components/schemas/VcVerificationResponse' + $ref: '#/components/schemas/PresentationDefinition' '400': description: Invalid request parameters content: @@ -2651,6 +3376,12 @@ paths: application/json: schema: $ref: '#/components/schemas/ErrorResponse' + '404': + description: Resource could not be found + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' '422': description: Unable to process the request content: @@ -4151,6 +4882,12 @@ paths: application/json: schema: $ref: '#/components/schemas/ErrorResponse' + '409': + description: Cannot process due to conflict with current state of the resource + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponse' '422': description: Unable to process the request content: @@ -4346,50 +5083,55 @@ paths: components: schemas: AcceptConnectionInvitationRequest: + title: AcceptConnectionInvitationRequest + type: object required: - invitation - type: object properties: invitation: - type: string description: The base64-encoded raw out-of-band invitation. example: eyJAaWQiOiIzZmE4NWY2NC01NzE3LTQ1NjItYjNmYy0yYzk2M2Y2NmFmYTYiLCJAdHlwZSI6Imh0dHBzOi8vZGlkY29tbS5vcmcvbXktZmFtaWx5LzEuMC9teS1tZXNzYWdlLXR5cGUiLCJkaWQiOiJXZ1d4cXp0ck5vb0c5MlJYdnhTVFd2IiwiaW1hZ2VVcmwiOiJodHRwOi8vMTkyLjE2OC41Ni4xMDEvaW1nL2xvZ28uanBnIiwibGFiZWwiOiJCb2IiLCJyZWNpcGllbnRLZXlzIjpbIkgzQzJBVnZMTXY2Z21NTmFtM3VWQWpacGZrY0pDd0R3blpuNnozd1htcVBWIl0sInJvdXRpbmdLZXlzIjpbIkgzQzJBVnZMTXY2Z21NTmFtM3VWQWpacGZrY0pDd0R3blpuNnozd1htcVBWIl0sInNlcnZpY2VFbmRwb2ludCI6Imh0dHA6Ly8xOTIuMTY4LjU2LjEwMTo4MDIwIn0= + type: string AcceptCredentialOfferInvitation: + title: AcceptCredentialOfferInvitation + type: object required: - invitation - type: object properties: invitation: - type: string description: The base64-encoded raw invitation. example: eyJAaWQiOiIzZmE4NWY2NC01NzE3LTQ1NjItYjNmYy0yYzk2M2Y2NmFmYTYiLCJAdHlwZSI6Imh0dHBzOi8vZGlkY29tbS5vcmcvbXktZmFtaWx5LzEuMC9teS1tZXNzYWdlLXR5cGUiLCJkaWQiOiJXZ1d4cXp0ck5vb0c5MlJYdnhTVFd2IiwiaW1hZ2VVcmwiOiJodHRwOi8vMTkyLjE2OC41Ni4xMDEvaW1nL2xvZ28uanBnIiwibGFiZWwiOiJCb2IiLCJyZWNpcGllbnRLZXlzIjpbIkgzQzJBVnZMTXY2Z21NTmFtM3VWQWpacGZrY0pDd0R3blpuNnozd1htcVBWIl0sInJvdXRpbmdLZXlzIjpbIkgzQzJBVnZMTXY2Z21NTmFtM3VWQWpacGZrY0pDd0R3blpuNnozd1htcVBWIl0sInNlcnZpY2VFbmRwb2ludCI6Imh0dHA6Ly8xOTIuMTY4LjU2LjEwMTo4MDIwIn0= + type: string AcceptCredentialOfferRequest: + title: AcceptCredentialOfferRequest type: object properties: subjectId: - type: string description: |2 The short-form subject Prism DID to which the JWT verifiable credential will be issued. This parameter only applies if the offer is of type 'JWT'. example: did:prism:3bb0505d13fcb04d28a48234edb27b0d4e6d7e18a81e2c1abab58f3bbc21ce6f - keyId: type: string + keyId: description: |2 The short-form subject Prism DID to which the JWT verifiable credential will be issued. This parameter only applies if the offer is of type 'JWT'. example: did:prism:3bb0505d13fcb04d28a48234edb27b0d4e6d7e18a81e2c1abab58f3bbc21ce6f + type: string AcceptRequestPresentationInvitation: + title: AcceptRequestPresentationInvitation + type: object required: - invitation - type: object properties: invitation: - type: string description: The base64-encoded raw invitation. example: eyJAaWQiOiIzZmE4NWY2NC01NzE3LTQ1NjItYjNmYy0yYzk2M2Y2NmFmYTYiLCJAdHlwZSI6Imh0dHBzOi8vZGlkY29tbS5vcmcvbXktZmFtaWx5LzEuMC9teS1tZXNzYWdlLXR5cGUiLCJkaWQiOiJXZ1d4cXp0ck5vb0c5MlJYdnhTVFd2IiwiaW1hZ2VVcmwiOiJodHRwOi8vMTkyLjE2OC41Ni4xMDEvaW1nL2xvZ28uanBnIiwibGFiZWwiOiJCb2IiLCJyZWNpcGllbnRLZXlzIjpbIkgzQzJBVnZMTXY2Z21NTmFtM3VWQWpacGZrY0pDd0R3blpuNnozd1htcVBWIl0sInJvdXRpbmdLZXlzIjpbIkgzQzJBVnZMTXY2Z21NTmFtM3VWQWpacGZrY0pDd0R3blpuNnozd1htcVBWIl0sInNlcnZpY2VFbmRwb2ludCI6Imh0dHA6Ly8xOTIuMTY4LjU2LjEwMTo4MDIwIn0= + type: string ActionType: + title: ActionType type: string enum: - ADD_KEY @@ -4399,9 +5141,10 @@ components: - REMOVE_SERVICE - UPDATE_SERVICE AnoncredCredentialProofV1: + title: AnoncredCredentialProofV1 + type: object required: - credential - type: object properties: credential: type: string @@ -4414,15 +5157,17 @@ components: items: type: string AnoncredCredentialProofsV1: + title: AnoncredCredentialProofsV1 + description: A list of proofs from the Anoncred library, each corresponding + to a credential. type: object properties: credentialProofs: type: array items: $ref: '#/components/schemas/AnoncredCredentialProofV1' - description: A list of proofs from the Anoncred library, each corresponding - to a credential. AnoncredNonRevokedIntervalV1: + title: AnoncredNonRevokedIntervalV1 type: object properties: from: @@ -4432,13 +5177,19 @@ components: type: integer format: int32 AnoncredPresentationRequestV1: + title: AnoncredPresentationRequestV1 + description: Anoncred Presentation Request + example: AnoncredPresentationRequestV1(Map(attribute1 -> AnoncredRequestedAttributeV1(Attribute + 1,List(Map(cred_def_id -> credential_definition_id_of_attribute1)),Some(AnoncredNonRevokedIntervalV1(Some(1635734400),Some(1735734400))))),Map(predicate1 + -> AnoncredRequestedPredicateV1(Predicate 1,>=,18,List(Map(schema_id -> schema_id_of_predicate1)),Some(AnoncredNonRevokedIntervalV1(Some(1635734400),None)))),Example + Presentation Request,1234567890,1.0,None) + type: object required: - requested_attributes - requested_predicates - name - nonce - version - type: object properties: requested_attributes: $ref: '#/components/schemas/Map_AnoncredRequestedAttributeV1' @@ -4452,15 +5203,11 @@ components: type: string non_revoked: $ref: '#/components/schemas/AnoncredNonRevokedIntervalV1' - description: Anoncred Presentation Request - example: AnoncredPresentationRequestV1(Map(attribute1 -> AnoncredRequestedAttributeV1(Attribute - 1,List(Map(cred_def_id -> credential_definition_id_of_attribute1)),Some(AnoncredNonRevokedIntervalV1(Some(1635734400),Some(1735734400))))),Map(predicate1 - -> AnoncredRequestedPredicateV1(Predicate 1,>=,18,List(Map(schema_id -> schema_id_of_predicate1)),Some(AnoncredNonRevokedIntervalV1(Some(1635734400),None)))),Example - Presentation Request,1234567890,1.0,None) AnoncredRequestedAttributeV1: + title: AnoncredRequestedAttributeV1 + type: object required: - name - type: object properties: name: type: string @@ -4471,11 +5218,12 @@ components: non_revoked: $ref: '#/components/schemas/AnoncredNonRevokedIntervalV1' AnoncredRequestedPredicateV1: + title: AnoncredRequestedPredicateV1 + type: object required: - name - p_type - p_value - type: object properties: name: type: string @@ -4491,10 +5239,11 @@ components: non_revoked: $ref: '#/components/schemas/AnoncredNonRevokedIntervalV1' AnoncredsCredentialRequest: + title: AnoncredsCredentialRequest + type: object required: - format - anoncreds - type: object properties: format: $ref: '#/components/schemas/CredentialFormat' @@ -4509,34 +5258,30 @@ components: anoncreds: type: string ApiKeyAuthenticationRequest: + title: ApiKeyAuthenticationRequest + type: object required: - entityId - apiKey - type: object properties: entityId: - type: string description: The `entityId` of the entity to be updated - format: uuid example: 01234567-0000-0000-0000-000000000000 - apiKey: type: string + format: uuid + apiKey: description: The `apikey` of the entity to be updated example: dkflks3DflkFmkllnDfde - minLength: 16 + type: string maxLength: 128 - Arr: - type: object - properties: - elements: - type: array - items: {} + minLength: 16 AuthorizationServer: + title: AuthorizationServer + type: object required: - url - clientId - clientSecret - type: object properties: url: type: string @@ -4544,14 +5289,8 @@ components: type: string clientSecret: type: string - Bool: - required: - - value - type: object - properties: - value: - type: boolean ClaimDescriptor: + title: ClaimDescriptor type: object properties: mandatory: @@ -4562,7 +5301,21 @@ components: type: array items: $ref: '#/components/schemas/Localization' + ClaimFormat: + title: ClaimFormat + type: object + properties: + jwt: + $ref: '#/components/schemas/Jwt' + jwt_vc: + $ref: '#/components/schemas/Jwt' + jwt_vp: + $ref: '#/components/schemas/Jwt' + ldp: + $ref: '#/components/schemas/Ldp' Connection: + title: Connection + type: object required: - connectionId - thid @@ -4573,55 +5326,54 @@ components: - metaRetries - self - kind - type: object properties: connectionId: - type: string description: The unique identifier of the connection. - format: uuid example: 0527aea1-d131-3948-a34d-03af39aba8b4 - thid: type: string + format: uuid + thid: description: The unique identifier of the thread this connection record belongs to. The value will identical on both sides of the connection (inviter and invitee) example: 0527aea1-d131-3948-a34d-03af39aba8b4 - label: type: string + label: description: A human readable alias for the connection. example: Peter - goalCode: type: string + goalCode: description: A self-attested code the receiver may want to display to the user or use in automatically deciding what to do with the out-of-band message. example: issue-vc - goal: type: string + goal: description: A self-attested string that the receiver may want to display to the user about the context-specific goal of the out-of-band message. example: To issue a Faber College Graduate credential - myDid: type: string + myDid: description: The DID representing me as the inviter or invitee in this specific connection. example: did:peer:12345 - theirDid: type: string + theirDid: description: The DID representing the other peer as the an inviter or invitee in this specific connection. example: did:peer:67890 - role: type: string + role: description: The role played by the Prism agent in the connection flow. example: Inviter + type: string enum: - Inviter - Invitee state: - type: string description: The current state of the connection protocol execution. example: InvitationGenerated + type: string enum: - InvitationGenerated - InvitationReceived @@ -4637,128 +5389,143 @@ components: invitation: $ref: '#/components/schemas/ConnectionInvitation' createdAt: - type: string description: The date and time the connection record was created. - format: date-time example: 2022-03-10T12:00Z - updatedAt: type: string - description: The date and time the connection record was last updated. format: date-time + updatedAt: + description: The date and time the connection record was last updated. example: 2022-03-10T12:00Z + type: string + format: date-time metaRetries: - type: integer description: The maximum background processing attempts remaining for this record - format: int32 example: 5 + type: integer + format: int32 metaLastFailure: $ref: '#/components/schemas/ErrorResponse' + description: The last failure if any. + example: ErrorResponse(404,error:Error:FailureInfo,Failure Info,Some(Not + Found),error:instance:27727dd0-cd86-4d24-a23a-b9cc4eb4e848) self: - type: string description: The reference to the connection resource. example: https://atala-prism-products.io/connections/ABCD-1234 - kind: type: string + kind: description: The type of object returned. In this case a `Connection`. example: Connection + type: string ConnectionInvitation: + title: ConnectionInvitation + description: The invitation for this connection + type: object required: - id - type - from - invitationUrl - type: object properties: id: - type: string description: The unique identifier of the invitation. It should be used as parent thread ID (pthid) for the Connection Request message that follows. - format: uuid example: 0527aea1-d131-3948-a34d-03af39aba8b4 - type: type: string + format: uuid + type: description: The DIDComm Message Type URI (MTURI) the invitation message complies with. example: https://didcomm.org/out-of-band/2.0/invitation - from: type: string + from: description: The DID representing the sender to be used by recipients for future interactions. example: did:peer:1234457 - invitationUrl: type: string + invitationUrl: description: The invitation message encoded as a URL. This URL follows the Out of [Band 2.0 protocol](https://identity.foundation/didcomm-messaging/spec/v2.0/#out-of-band-messages) and can be used to generate a QR code for example. example: https://my.domain.com/path?_oob=eyJAaWQiOiIzZmE4NWY2NC01NzE3LTQ1NjItYjNmYy0yYzk2M2Y2NmFmYTYiLCJAdHlwZSI6Imh0dHBzOi8vZGlkY29tbS5vcmcvbXktZmFtaWx5LzEuMC9teS1tZXNzYWdlLXR5cGUiLCJkaWQiOiJXZ1d4cXp0ck5vb0c5MlJYdnhTVFd2IiwiaW1hZ2VVcmwiOiJodHRwOi8vMTkyLjE2OC41Ni4xMDEvaW1nL2xvZ28uanBnIiwibGFiZWwiOiJCb2IiLCJyZWNpcGllbnRLZXlzIjpbIkgzQzJBVnZMTXY2Z21NTmFtM3VWQWpacGZrY0pDd0R3blpuNnozd1htcVBWIl0sInJvdXRpbmdLZXlzIjpbIkgzQzJBVnZMTXY2Z21NTmFtM3VWQWpacGZrY0pDd0R3blpuNnozd1htcVBWIl0sInNlcnZpY2VFbmRwb2ludCI6Imh0dHA6Ly8xOTIuMTY4LjU2LjEwMTo4MDIwIn0= - description: The invitation for this connection + type: string ConnectionsPage: + title: ConnectionsPage + type: object required: - kind - self - pageOf - type: object properties: contents: - type: array - items: - $ref: '#/components/schemas/Connection' description: "\nArray of resources (Connection)\nA sequence of Connection\ \ resources representing the list of connections that the paginated response\ \ contains.\n " example: [] + type: array + items: + $ref: '#/components/schemas/Connection' kind: - type: string description: A string that identifies the type of resource being returned in the response. example: ConnectionsPage - self: type: string + self: description: The URL that uniquely identifies the resource being returned in the response. example: /cloud-agent/connections?offset=10&limit=10 - pageOf: type: string + pageOf: description: A string field indicating the type of resource that the contents field contains. example: '' - next: type: string + next: description: An optional string field containing the URL of the next page of results. If the API response does not contain any more pages, this field should be set to None. example: /cloud-agent/connections?offset=20&limit=10 - previous: type: string + previous: description: An optional string field containing the URL of the previous page of results. If the API response is the first page of results, this field should be set to None. example: /cloud-agent/connections?offset=0&limit=10 + type: string + Constraints: + title: Constraints + type: object + properties: + fields: + type: array + items: + $ref: '#/components/schemas/Field' CreateConnectionRequest: + title: CreateConnectionRequest type: object properties: label: - type: string description: A human readable alias for the connection. example: Peter - goalCode: type: string + goalCode: description: A self-attested code the receiver may want to display to the user or use in automatically deciding what to do with the out-of-band message. example: issue-vc - goal: type: string + goal: description: A self-attested string that the receiver may want to display to the user about the context-specific goal of the out-of-band message. example: To issue a Faber College Graduate credential + type: string CreateCredentialConfigurationRequest: + title: CreateCredentialConfigurationRequest + type: object required: - configurationId - format - schemaId - type: object properties: configurationId: type: string @@ -4767,9 +5534,10 @@ components: schemaId: type: string CreateCredentialIssuerRequest: + title: CreateCredentialIssuerRequest + type: object required: - authorizationServer - type: object properties: id: type: string @@ -4777,61 +5545,68 @@ components: authorizationServer: $ref: '#/components/schemas/AuthorizationServer' CreateEntityRequest: + title: CreateEntityRequest + type: object required: - name - type: object properties: id: - type: string description: The new `id` of the entity to be created. If this field is not provided, the server will generate a new UUID for the entity - format: uuid example: 00000000-0000-0000-0000-000000000000 - name: type: string + format: uuid + name: description: The new `name` of the entity to be created. If this field is not provided, the server will generate a random name for the entity example: John Doe - minLength: 1 + type: string maxLength: 128 + minLength: 1 walletId: - type: string description: The new `walletId` of the entity to be created. If this field is not provided, the server will set the default `walletId` - format: uuid example: 00000000-0000-0000-0000-000000000000 + type: string + format: uuid CreateIssueCredentialRecordRequest: + title: CreateIssueCredentialRecordRequest + type: object required: - claims - type: object + - issuingDID properties: validityPeriod: - type: number description: The validity period in seconds of the verifiable credential that will be issued. - format: double example: 3600.0 + type: number + format: double schemaId: - type: string description: |2 The URL pointing to the JSON schema that will be used for this offer (should be 'http' or 'https'). When dereferenced, the returned content should be a JSON schema compliant with the '[Draft 2020-12](https://json-schema.org/draft/2020-12/release-notes)' version of the specification. Note that this parameter only applies when the offer is of type 'JWT'. example: https://agent-host.com/cloud-agent/schema-registry/schemas/d9569cec-c81e-4779-aa86-0d5994d82676/schema + oneOf: + - type: array + items: + type: string + - type: string credentialDefinitionId: - type: string description: |2 The unique identifier (UUID) of the credential definition that will be used for this offer. It should be the identifier of a credential definition that exists in the issuer agent's database. Note that this parameter only applies when the offer is of type 'AnonCreds'. - format: uuid example: d9569cec-c81e-4779-aa86-0d5994d82676 - credentialFormat: type: string + format: uuid + credentialFormat: description: The credential format for this offer (defaults to 'JWT') example: JWT + type: string claims: description: |2 @@ -4841,21 +5616,27 @@ components: firstname: Alice lastname: Wonderland automaticIssuance: - type: boolean description: |2 Specifies whether or not the credential should be automatically generated and issued when receiving the `CredentialRequest` from the holder. If set to `false`, a manual approval by the issuer via another API call will be required for the VC to be issued. example: true + type: boolean issuingDID: - type: string description: |2 - The short-form issuer Prism DID by which the JWT verifiable credential will be issued. - Note that this parameter only applies when the offer is type 'JWT'. + The issuer Prism DID by which the verifiable credential will be issued. DID can be short for or long form. example: did:prism:3bb0505d13fcb04d28a48234edb27b0d4e6d7e18a81e2c1abab58f3bbc21ce6f - connectionId: type: string + issuingKid: + description: |2 + + Specified the key ID (kid) of the DID, it will be used to sign credential. + User should specify just the partial identifier of the key. The full id of the kid MUST be "#" + Note the cryto algorithm used with depend type of the key. + example: kid1 + type: string + connectionId: description: |2 The unique identifier of a DIDComm connection that already exists between the this issuer agent and the holder cloud or edeg agent. @@ -4863,39 +5644,43 @@ components: This connection will be used to execute the issue credential protocol. Note: connectionId is only required when the offer is from existing connection. connectionId is not required when the offer is from invitation for connectionless issuance. - format: uuid example: d9569cec-c81e-4779-aa86-0d5994d82676 - goalCode: type: string + format: uuid + goalCode: description: |2 A self-attested code the receiver may want to display to the user or use in automatically deciding what to do with the out-of-band message. goalcode is optional and can be provided when the offer is from invitation for connectionless issuance. example: issue-vc - goal: type: string + goal: description: |2 A self-attested string that the receiver may want to display to the user about the context-specific goal of the out-of-band message. goal is optional and can be provided when the offer is from invitation for connectionless issuance. example: To issue a Faber College Graduate credential + type: string CreateManagedDIDResponse: + title: CreateManagedDIDResponse + type: object required: - longFormDid - type: object properties: longFormDid: - type: string description: A long-form DID for the created DID example: did:prism:4a5b5cf0a513e83b598bbea25cd6196746747f361a73ef77068268bc9bd732ff:Cr4BCrsBElsKBmF1dGgtMRAEQk8KCXNlY3AyNTZrMRIg0opTuxu-zt6aRbT1tPniG4eu4CYsQPM3rrLzvzNiNgwaIIFTnyT2N4U7qCQ78qtWC3-p0el6Hvv8qxG5uuEw-WgMElwKB21hc3RlcjAQAUJPCglzZWNwMjU2azESIKhBU0eCOO6Vinz_8vhtFSAhYYqrkEXC8PHGxkuIUev8GiAydFHLXb7c22A1Uj_PR21NZp6BCDQqNq2xd244txRgsQ + type: string CreateManagedDidRequest: + title: CreateManagedDidRequest + type: object required: - documentTemplate - type: object properties: documentTemplate: $ref: '#/components/schemas/CreateManagedDidRequestDocumentTemplate' CreateManagedDidRequestDocumentTemplate: + title: CreateManagedDidRequestDocumentTemplate type: object properties: publicKeys: @@ -4909,60 +5694,78 @@ components: contexts: type: array items: - type: string description: The JSON-LD context describing the JSON document example: https://didcomm.org/messaging/contexts/v2 + type: string + CreatePresentationDefinition: + title: CreatePresentationDefinition + type: object + properties: + input_descriptors: + type: array + items: + $ref: '#/components/schemas/InputDescriptor' + name: + type: string + purpose: + type: string + format: + $ref: '#/components/schemas/ClaimFormat' CreateWalletRequest: + title: CreateWalletRequest + type: object required: - name - type: object properties: seed: - type: string description: A BIP32 seed encoded in hexadecimal string. It is expected to represent 64-bytes binary seed (128 hex characters). example: c9994785ce6d548134020f610b76102ca1075d3bb672a75ec8c9a27a7b8607e3b9b384e43b77bb08f8d5159651ae38b98573f7ecc79f2d7e1f1cc371ce60cf8a - name: type: string + name: description: A name of the wallet example: my-wallet-1 - minLength: 1 + type: string maxLength: 128 + minLength: 1 id: - type: string description: The unique `id` of the wallet. Randomly generated if not specified. - format: uuid example: 00000000-0000-0000-0000-000000000000 + type: string + format: uuid CreateWalletUmaPermissionRequest: + title: CreateWalletUmaPermissionRequest + type: object required: - subject - type: object properties: subject: - type: string description: The subject ID that should be granted the permission to the wallet. This can be found in the `sub` claim of a JWT token. - format: uuid example: 00000000-0000-0000-0000-000000000000 + type: string + format: uuid CreateWebhookNotification: + title: CreateWebhookNotification + type: object required: - url - type: object properties: url: - type: string description: A URL of webhook for event notification example: http://example.com + type: string customHeaders: $ref: '#/components/schemas/Map_String' CredentialConfiguration: + title: CredentialConfiguration + type: object required: - configurationId - format - scope - schemaId - createdAt - type: object properties: configurationId: type: string @@ -4976,6 +5779,7 @@ components: type: string format: date-time CredentialDefinition: + title: CredentialDefinition type: object properties: '@context': @@ -4988,7 +5792,50 @@ components: type: string credentialSubject: $ref: '#/components/schemas/Map_ClaimDescriptor' + CredentialDefinitionDidUrlResponsePage: + title: CredentialDefinitionDidUrlResponsePage + type: object + required: + - kind + - self + - pageOf + properties: + contents: + description: A sequence of CredentialDefinitionResponse objects representing + the list of credential definitions that the API response contains + example: [] + type: array + items: + $ref: '#/components/schemas/PrismEnvelopeResponse' + kind: + description: A string field indicating the type of the API response. In + this case, it will always be set to `CredentialDefinitionPage` + example: CredentialDefinitionPage + type: string + self: + description: A string field containing the URL of the current API endpoint + example: /cloud-agent/credential-definition-registry/definitions?skip=10&limit=10 + type: string + pageOf: + description: A string field indicating the type of resource that the contents + field contains + example: /cloud-agent/credential-definition-registry/definitions + type: string + next: + description: An optional string field containing the URL of the next page + of results. If the API response does not contain any more pages, this + field should be set to None. + example: /cloud-agent/credential-definition-registry/definitions?skip=20&limit=10 + type: string + previous: + description: An optional string field containing the URL of the previous + page of results. If the API response is the first page of results, this + field should be set to None. + example: /cloud-agent/credential-definition-registry/definitions?skip=0&limit=10 + type: string CredentialDefinitionInput: + title: CredentialDefinitionInput + type: object required: - name - version @@ -4997,53 +5844,54 @@ components: - schemaId - signatureType - supportRevocation - type: object properties: name: - type: string description: A human-readable name for the credential definition. A piece of Metadata. example: DrivingLicense + type: string minLength: 1 description: - type: string description: A human-readable description of the credential definition example: Simple credential definition for the driving licence verifiable credential. + type: string minLength: 1 version: - type: string description: Denotes the revision of a given Credential Definition. It should follow semantic version convention to describe the impact of the credential definition evolution. example: 1.0.0 + type: string pattern: ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$ tag: - type: string description: Token that allow to lookup and filter the credential definition records. example: licence - author: type: string + author: description: DID of the identity which authored the credential definition. A piece of Metadata. example: did:prism:4a5b5cf0a513e83b598bbea25cd6196746747f361a73ef77068268bc9bd732ff + type: string pattern: ^did:(?[a-z0-9]+(:[a-z0-9]+)*)\:(?[^#?]*)$ schemaId: - type: string description: The unique identifier of the schema used for this credential definition. example: https://agent-host.com/cloud-agent/schema-registry/schemas/d9569cec-c81e-4779-aa86-0d5994d82676 - signatureType: type: string + signatureType: description: Signature type used in the CredentialDefinition. example: CL + type: string supportRevocation: - type: boolean description: Boolean flag indicating whether revocation is supported for this CredentialDefinition. example: false + type: boolean CredentialDefinitionResponse: + title: CredentialDefinitionResponse + type: object required: - guid - id @@ -5060,62 +5908,61 @@ components: - supportRevocation - kind - self - type: object properties: guid: - type: string description: 'Globally unique id of the credential definition.It''s composed from the bytes of the string that contain the `author`, `name`, and `version` values.The string format looks like the resource identifier: `author`/`id`?version=`version`' - format: uuid example: 0527aea1-d131-3948-a34d-03af39aba8b4 - id: type: string + format: uuid + id: description: A locally unique identifier to address the credential definition. UUID is generated by the backend. example: 0527aea1-d131-3948-a34d-03af39aba8b5 - longId: type: string + longId: description: Resource id of the credential definition. Contains the `author`'s DID, `id` and `version` fields. example: did:prism:4a5b5cf0a513e83b598bbea25cd6196746747f361a73ef77068268bc9bd732ff/0527aea1-d131-3948-a34d-03af39aba8b4?version=1.0.0 - name: type: string + name: description: A human-readable name for the credential definition. A piece of Metadata. example: DrivingLicense - version: type: string + version: description: Denotes the revision of a given Credential Definition. It should follow semantic version convention to describe the impact of the credential definition evolution. example: 1.0.0 - tag: type: string + tag: description: Token that allow to lookup and filter the credential definition records. example: licence - description: type: string + description: description: A human-readable description of the credential definition example: Simple credential definition for the driving licence verifiable credential. - author: type: string + author: description: DID of the identity which authored the credential definition. A piece of Metadata. example: did:prism:4a5b5cf0a513e83b598bbea25cd6196746747f361a73ef77068268bc9bd732ff - authored: type: string + authored: description: '[RFC3339](https://www.rfc-editor.org/rfc/rfc3339) date on which the credential definition was created. A piece of Metadata.' - format: date-time example: 2022-03-10T12:00Z - schemaId: type: string + format: date-time + schemaId: description: The unique identifier of the schema used for this credential definition. example: https://agent-host.com/cloud-agent/schema-registry/schemas/d9569cec-c81e-4779-aa86-0d5994d82676 + type: string definition: description: Definition object that represents the actual definition of the credential. @@ -5131,67 +5978,69 @@ components: description: A proof that validates the correctness of the key within the context of the credential definition. signatureType: - type: string description: Signature type used in the CredentialDefinition. example: CL + type: string supportRevocation: - type: boolean description: Boolean flag indicating whether revocation is supported for this CredentialDefinition. example: false + type: boolean proof: $ref: '#/components/schemas/Proof' kind: - type: string description: A string that identifies the type of resource being returned in the response. example: CredentialDefinition - self: type: string + self: description: The URL that uniquely identifies the resource being returned in the response. example: /cloud-agent/credential-definition-registry/schemas/0527aea1-d131-3948-a34d-03af39aba8b4 + type: string CredentialDefinitionResponsePage: + title: CredentialDefinitionResponsePage + type: object required: - kind - self - pageOf - type: object properties: contents: - type: array - items: - $ref: '#/components/schemas/CredentialDefinitionResponse' description: A sequence of CredentialSchemaResponse objects representing the list of credential schemas that the API response contains example: [] + type: array + items: + $ref: '#/components/schemas/CredentialDefinitionResponse' kind: - type: string description: A string field indicating the type of the API response. In this case, it will always be set to `CredentialSchemaPage` example: CredentialSchemaPage - self: type: string + self: description: A string field containing the URL of the current API endpoint example: /cloud-agent/schema-registry/schemas?skip=10&limit=10 - pageOf: type: string + pageOf: description: A string field indicating the type of resource that the contents field contains example: /cloud-agent/schema-registry/schemas - next: type: string + next: description: An optional string field containing the URL of the next page of results. If the API response does not contain any more pages, this field should be set to None. example: /cloud-agent/schema-registry/schemas?skip=20&limit=10 - previous: type: string + previous: description: An optional string field containing the URL of the previous page of results. If the API response is the first page of results, this field should be set to None. example: /cloud-agent/schema-registry/schemas?skip=0&limit=10 + type: string CredentialErrorCode: + title: CredentialErrorCode type: string enum: - insufficient_scope @@ -5203,9 +6052,10 @@ components: - unsupported_credential_format - unsupported_credential_type CredentialErrorResponse: + title: CredentialErrorResponse + type: object required: - error - type: object properties: error: $ref: '#/components/schemas/CredentialErrorCode' @@ -5217,23 +6067,30 @@ components: type: integer format: int64 CredentialFormat: + title: CredentialFormat type: string enum: - anoncreds - jwt_vc_json - vc+sd-jwt + const: jwt_vc_json CredentialIssuer: + title: CredentialIssuer + type: object required: - id - type: object + - type properties: id: type: string + type: + type: string CredentialIssuer1: + title: CredentialIssuer + type: object required: - id - authorizationServerUrl - type: object properties: id: type: string @@ -5241,11 +6098,12 @@ components: authorizationServerUrl: type: string CredentialIssuerPage: + title: CredentialIssuerPage + type: object required: - self - kind - pageOf - type: object properties: self: type: string @@ -5262,11 +6120,12 @@ components: items: $ref: '#/components/schemas/CredentialIssuer1' CredentialOfferRequest: + title: CredentialOfferRequest + type: object required: - credentialConfigurationId - issuingDID - claims - type: object properties: credentialConfigurationId: type: string @@ -5274,13 +6133,15 @@ components: type: string claims: {} CredentialOfferResponse: + title: CredentialOfferResponse + type: object required: - credentialOffer - type: object properties: credentialOffer: type: string CredentialRequest: + title: CredentialRequest oneOf: - $ref: '#/components/schemas/AnoncredsCredentialRequest' - $ref: '#/components/schemas/JwtCredentialRequest' @@ -5290,15 +6151,17 @@ components: anoncreds: '#/components/schemas/AnoncredsCredentialRequest' jwt_vc_json: '#/components/schemas/JwtCredentialRequest' CredentialResponse: + title: CredentialResponse oneOf: - $ref: '#/components/schemas/DeferredCredentialResponse' - $ref: '#/components/schemas/ImmediateCredentialResponse' CredentialResponseEncryption: + title: CredentialResponseEncryption + type: object required: - jwk - alg - enc - type: object properties: jwk: type: string @@ -5306,38 +6169,80 @@ components: type: string enc: type: string + CredentialSchemaDidUrlResponsePage: + title: CredentialSchemaDidUrlResponsePage + type: object + required: + - kind + - self + - pageOf + properties: + contents: + description: A sequence of PrismEnvelopeResponse objects representing the + list of credential schemas wrapped in an envelope + example: [] + type: array + items: + $ref: '#/components/schemas/PrismEnvelopeResponse' + kind: + description: A string field indicating the type of the API response. In + this case, it will always be set to `CredentialSchemaPage` + example: CredentialSchemaPage + type: string + self: + description: A string field containing the URL of the current API endpoint + example: /cloud-agent/schema-registry/schemas/did-url?skip=10&limit=10 + type: string + pageOf: + description: A string field indicating the type of resource that the contents + field contains + example: /cloud-agent/schema-registry/schemas/did-url + type: string + next: + description: An optional string field containing the URL of the next page + of results. If the API response does not contain any more pages, this + field should be set to None. + example: /cloud-agent/schema-registry/schemas/did-url?skip=20&limit=10 + type: string + previous: + description: An optional string field containing the URL of the previous + page of results. If the API response is the first page of results, this + field should be set to None. + example: /cloud-agent/schema-registry/schemas/did-url?skip=0&limit=10 + type: string CredentialSchemaInput: + title: CredentialSchemaInput + type: object required: - name - version - type - schema - author - type: object properties: name: - type: string description: A human-readable name for the credential schema. A piece of Metadata. example: DrivingLicense + type: string minLength: 1 version: - type: string description: Denotes the revision of a given Credential Schema. It should follow semantic version convention to describe the impact of the schema evolution. example: 1.0.0 + type: string pattern: ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$ description: - type: string description: A human-readable description of the credential schema example: Simple credential schema for the driving licence verifiable credential. + type: string minLength: 1 type: - type: string description: This field resolves to a JSON schema with details about the schema metadata that applies to the schema. A piece of Metadata. example: https://w3c-ccg.github.io/vc-json-schemas/schema/2.0/schema.json + type: string schema: description: Valid JSON Schema where the Credential Schema data fields are defined. A piece of Metadata @@ -5369,22 +6274,24 @@ components: - drivingClass additionalProperties: false tags: - type: array - items: - type: string description: Tokens that allow to lookup and filter the credential schema records. example: - driving - licence - id + type: array + items: + type: string author: - type: string description: DID of the identity which authored the credential schema. A piece of Metadata. example: did:prism:4a5b5cf0a513e83b598bbea25cd6196746747f361a73ef77068268bc9bd732ff + type: string pattern: ^did:(?[a-z0-9]+(:[a-z0-9]+)*)\:(?[^#?]*)$ CredentialSchemaResponse: + title: CredentialSchemaResponse + type: object required: - guid - id @@ -5395,57 +6302,57 @@ components: - schema - author - authored + - resolutionMethod - kind - self - type: object properties: guid: - type: string description: 'Globally unique id of the credential schema.It''s composed from the bytes of the string that contain the `author`, `name`, and `version` values.The string format looks like the resource identifier: `author`/`id`?version=`version`' - format: uuid example: 0527aea1-d131-3948-a34d-03af39aba8b4 - id: type: string + format: uuid + id: description: A locally unique identifier to address the schema. UUID is generated by the backend. example: 0527aea1-d131-3948-a34d-03af39aba8b5 - longId: type: string + longId: description: Resource id of the credential schema. Contains the `author`'s DID, `id` and `version` fields. example: did:prism:4a5b5cf0a513e83b598bbea25cd6196746747f361a73ef77068268bc9bd732ff/0527aea1-d131-3948-a34d-03af39aba8b4?version=1.0.0 - name: type: string + name: description: A human-readable name for the credential schema. A piece of Metadata. example: DrivingLicense - version: type: string + version: description: Denotes the revision of a given Credential Schema. It should follow semantic version convention to describe the impact of the schema evolution. example: 1.0.0 + type: string tags: - type: array - items: - type: string description: Tokens that allow to lookup and filter the credential schema records. example: - driving - licence - id + type: array + items: + type: string description: - type: string description: A human-readable description of the credential schema example: Simple credential schema for the driving licence verifiable credential. - type: type: string + type: description: This field resolves to a JSON schema with details about the schema metadata that applies to the schema. A piece of Metadata. example: https://w3c-ccg.github.io/vc-json-schemas/schema/2.0/schema.json + type: string schema: description: Valid JSON Schema where the Credential Schema data fields are defined. A piece of Metadata @@ -5477,126 +6384,134 @@ components: - drivingClass additionalProperties: false author: - type: string description: DID of the identity which authored the credential schema. A piece of Metadata. example: did:prism:4a5b5cf0a513e83b598bbea25cd6196746747f361a73ef77068268bc9bd732ff - authored: type: string + authored: description: '[RFC3339](https://www.rfc-editor.org/rfc/rfc3339) date on which the credential schema was created. A piece of Metadata.' - format: date-time example: 2022-03-10T12:00Z + type: string + format: date-time proof: $ref: '#/components/schemas/Proof1' + resolutionMethod: + $ref: '#/components/schemas/ResourceResolutionMethod' kind: - type: string description: A string that identifies the type of resource being returned in the response. example: CredentialSchema - self: type: string + self: description: The URL that uniquely identifies the resource being returned in the response. example: /cloud-agent/schema-registry/schemas/0527aea1-d131-3948-a34d-03af39aba8b4 + type: string CredentialSchemaResponsePage: + title: CredentialSchemaResponsePage + type: object required: - kind - self - pageOf - type: object properties: contents: - type: array - items: - $ref: '#/components/schemas/CredentialSchemaResponse' description: A sequence of CredentialSchemaResponse objects representing the list of credential schemas that the API response contains example: [] + type: array + items: + $ref: '#/components/schemas/CredentialSchemaResponse' kind: - type: string description: A string field indicating the type of the API response. In this case, it will always be set to `CredentialSchemaPage` example: CredentialSchemaPage - self: type: string + self: description: A string field containing the URL of the current API endpoint example: /cloud-agent/schema-registry/schemas?skip=10&limit=10 - pageOf: type: string + pageOf: description: A string field indicating the type of resource that the contents field contains example: /cloud-agent/schema-registry/schemas - next: type: string + next: description: An optional string field containing the URL of the next page of results. If the API response does not contain any more pages, this field should be set to None. example: /cloud-agent/schema-registry/schemas?skip=20&limit=10 - previous: type: string + previous: description: An optional string field containing the URL of the previous page of results. If the API response is the first page of results, this field should be set to None. example: /cloud-agent/schema-registry/schemas?skip=0&limit=10 + type: string CredentialSubject: + title: CredentialSubject + description: Object containing claims specific to status list credential + type: object required: - type - statusPurpose - encodedList - type: object properties: type: - type: string description: Always equals to constnat value - StatusList2021 example: StatusList2021 + type: string statusPurpose: $ref: '#/components/schemas/StatusPurpose' encodedList: - type: string description: base64 url encoded bitstring of credential statuses example: H4sIAAAAAAAA_-3BMQEAAADCoPVPbQwfoAAAAAAAAAAAAAAAAAAAAIC3AYbSVKsAQAAA - description: Object containing claims specific to status list credential + type: string Curve: - type: string + title: Curve description: The curve name of the verification material in the DID Document. Defaults to `secp256k1` if not specified. example: Ed25519 + type: string enum: - Ed25519 - X25519 - secp256k1 CwtProof: + title: CwtProof + type: object required: - proof_type - cwt - type: object properties: proof_type: $ref: '#/components/schemas/ProofType' cwt: type: string DIDDocument: + title: DIDDocument + description: A W3C compliant Prism DID document representation. + type: object required: - id - type: object properties: '@context': type: array items: - type: string description: The JSON-LD context describing the JSON document example: https://didcomm.org/messaging/contexts/v2 + type: string id: - type: string description: |- [DID subject](https://www.w3.org/TR/did-core/#did-subject). The value must match the DID that was given to the resolver. example: did:prism:4a5b5cf0a513e83b598bbea25cd6196746747f361a73ef77068268bc9bd732ff - controller: type: string + controller: description: '[DID controller](https://www.w3.org/TR/did-core/#did-controller)' example: did:prism:4a5b5cf0a513e83b598bbea25cd6196746747f361a73ef77068268bc9bd732ff + type: string verificationMethod: type: array items: @@ -5625,77 +6540,80 @@ components: type: array items: $ref: '#/components/schemas/Service' - description: A W3C compliant Prism DID document representation. DIDDocumentMetadata: + title: DIDDocumentMetadata + description: '[DID document metadata](https://www.w3.org/TR/did-core/#did-document-metadata)' type: object properties: deactivated: - type: boolean description: If a DID has been deactivated, DID document metadata MUST include this property with the boolean value true. If a DID has not been deactivated, this property is OPTIONAL, but if included, MUST have the boolean value false. example: false + type: boolean canonicalId: - type: string description: |2 A DID in canonical form. If a DID is in long form and has been published, DID document metadata MUST contain a `canonicalId`` property with the short form DID as its value. If a DID in short form or has not been published, DID document metadata MUST NOT contain a `canonicalId` property. example: did:prism:4a5b5cf0a513e83b598bbea25cd6196746747f361a73ef77068268bc9bd732ff - versionId: type: string + versionId: description: |2 DID document metadata MUST contain a versionId property with the hash of the AtalaOperation contained in the latest valid SignedAtalaOperation that created the DID or changed the DID's internal state. example: 4a5b5cf0a513e83b598bbea25cd6196746747f361a73ef77068268bc9bd732ff - created: type: string + created: description: The timestamp of the Cardano block that contained the first valid SignedAtalaOperation with a CreateDIDOperation that created the DID. example: '2023-02-04T13:52:10Z' - updated: type: string + updated: description: The timestamp of the Cardano block that contained the latest valid SignedAtalaOperation that changed the DID's internal state. example: '2023-02-04T13:52:10Z' - description: '[DID document metadata](https://www.w3.org/TR/did-core/#did-document-metadata)' + type: string DIDOperationResponse: + title: DIDOperationResponse + type: object required: - scheduledOperation - type: object properties: scheduledOperation: $ref: '#/components/schemas/DidOperationSubmission' DIDResolutionMetadata: + title: DIDResolutionMetadata + description: '[DID resolution metadata](https://www.w3.org/TR/did-core/#did-resolution-metadata)' type: object properties: error: - type: string description: Resolution error constant according to [DID spec registries](https://www.w3.org/TR/did-spec-registries/#error) example: invalidDid - errorMessage: type: string + errorMessage: description: Resolution error message example: The initialState does not match the suffix - contentType: type: string + contentType: description: The media type of the returned DID document example: application/did+ld+json - description: '[DID resolution metadata](https://www.w3.org/TR/did-core/#did-resolution-metadata)' + type: string DIDResolutionResult: + title: DIDResolutionResult + type: object required: - '@context' - didDocumentMetadata - didResolutionMetadata - type: object properties: '@context': - type: string description: The JSON-LD context describing the JSON document example: https://didcomm.org/messaging/contexts/v2 + type: string didDocument: $ref: '#/components/schemas/DIDDocument' didDocumentMetadata: @@ -5703,22 +6621,25 @@ components: didResolutionMetadata: $ref: '#/components/schemas/DIDResolutionMetadata' DateTimeParameter: + title: DateTimeParameter + type: object required: - dateTime - parameterType - type: object properties: dateTime: - type: string description: The date and time to use for verification. - format: date-time example: '2022-03-10T12:00:00Z' + type: string + format: date-time parameterType: type: string + const: DateTimeParameter DeferredCredentialResponse: + title: DeferredCredentialResponse + type: object required: - transaction_id - type: object properties: transaction_id: type: string @@ -5728,32 +6649,37 @@ components: type: integer format: int32 DidOperationSubmission: + title: DidOperationSubmission + type: object required: - id - didRef - type: object properties: id: - type: string description: A scheduled operation ID example: 98e6a4db10e58fcc011dd8def5ce99fd8b52af39e61e5fb436dc28259139818b - didRef: type: string + didRef: description: A DID affected by the scheduled operation example: did:prism:4a5b5cf0a513e83b598bbea25cd6196746747f361a73ef77068268bc9bd732ff + type: string DidParameter: + title: DidParameter + type: object required: - did - parameterType - type: object properties: did: - type: string description: The DID (Decentralized Identifier) to use for verification. example: did:prism:issuer + type: string parameterType: type: string + const: DidParameter EntityResponse: + title: EntityResponse + type: object required: - kind - self @@ -5762,51 +6688,48 @@ components: - walletId - createdAt - updatedAt - type: object properties: kind: - type: string description: The `kind` of the entity. example: Entity - self: type: string + self: description: The `self` link of the entity. example: http://localhost:8080/cloud-agent/iam/entities/00000000-0000-0000-0000-000000000000 - id: type: string + id: description: The unique `id` of the entity - format: uuid example: 00000000-0000-0000-0000-000000000000 - name: type: string + format: uuid + name: description: The `name` of the entity. example: John Doe - walletId: type: string + walletId: description: The `walletId` owned by the entity. - format: uuid example: 00000000-0000-0000-0000-000000000000 - createdAt: type: string + format: uuid + createdAt: description: The `createdAt` timestamp of the entity. - format: date-time example: '2023-01-01T00:00:00Z' - updatedAt: type: string - description: The `updatedAt` timestamp of the entity. format: date-time + updatedAt: + description: The `updatedAt` timestamp of the entity. example: '2023-01-01T00:00:00Z' + type: string + format: date-time EntityResponsePage: + title: EntityResponsePage + type: object required: - kind - self - pageOf - type: object properties: contents: - type: array - items: - $ref: '#/components/schemas/EntityResponse' description: A sequence of CredentialSchemaResponse objects representing the list of credential schemas that the API response contains example: @@ -5817,81 +6740,105 @@ components: walletId: 00000000-0000-0000-0000-000000000000 createdAt: '2023-01-01T00:00:00Z' updatedAt: '2023-01-01T00:00:00Z' + type: array + items: + $ref: '#/components/schemas/EntityResponse' kind: - type: string description: A string field indicating the type of the API response. In this case, it will always be set to `CredentialSchemaPage` example: CredentialSchemaPage - self: type: string + self: description: A string field containing the URL of the current API endpoint example: /cloud-agent/schema-registry/schemas?skip=10&limit=10 - pageOf: type: string + pageOf: description: A string field indicating the type of resource that the contents field contains example: /cloud-agent/schema-registry/schemas - next: type: string + next: description: An optional string field containing the URL of the next page of results. If the API response does not contain any more pages, this field should be set to None. example: /cloud-agent/schema-registry/schemas?skip=20&limit=10 - previous: type: string + previous: description: An optional string field containing the URL of the previous page of results. If the API response is the first page of results, this field should be set to None. example: /cloud-agent/schema-registry/schemas?skip=0&limit=10 + type: string ErrorResponse: + title: ErrorResponse + type: object required: - status - type - title - instance - type: object properties: status: - type: integer description: The HTTP status code for this occurrence of the problem. - format: int32 example: 200 + type: integer + format: int32 type: - type: string description: A URI reference that identifies the problem type. example: https://example.org/doc/#model-MalformedEmail/ - title: type: string + title: description: A short, human-readable summary of the problem type. It does not change from occurrence to occurrence of the problem. example: Malformed email - detail: type: string + detail: description: A human-readable explanation specific to this occurrence of the problem. example: The received '{}à!è@!.b}' email does not conform to the email format - instance: type: string + instance: description: A URI reference that identifies the specific occurrence of the problem. It may or may not yield further information if dereferenced. example: The received '{}à!è@!.b}' email does not conform to the email format + type: string ExtendedErrorResponse: + title: ExtendedErrorResponse oneOf: - $ref: '#/components/schemas/CredentialErrorResponse' - $ref: '#/components/schemas/ErrorResponse' + Field: + title: Field + type: object + properties: + id: + type: string + path: + type: array + items: + type: string + name: + type: string + purpose: + type: string + filter: {} + optional: + type: boolean HealthInfo: + title: HealthInfo + type: object required: - version - type: object properties: version: - type: string description: The semantic version number of the running service example: 1.1.0 + type: string ImmediateCredentialResponse: + title: ImmediateCredentialResponse + type: object required: - credential - type: object properties: credential: type: string @@ -5900,38 +6847,58 @@ components: c_nonce_expires_in: type: integer format: int32 + InputDescriptor: + title: InputDescriptor + type: object + required: + - id + - constraints + properties: + id: + type: string + name: + type: string + purpose: + type: string + format: + $ref: '#/components/schemas/ClaimFormat' + constraints: + $ref: '#/components/schemas/Constraints' IssueCredentialOfferInvitation: + title: IssueCredentialOfferInvitation + description: The invitation for this Offer Credential + type: object required: - id - type - from - invitationUrl - type: object properties: id: - type: string description: The unique identifier of the invitation. It should be used as parent thread ID (pthid) for the Connection Request message that follows. - format: uuid example: 0527aea1-d131-3948-a34d-03af39aba8b4 - type: type: string + format: uuid + type: description: The DIDComm Message Type URI (MTURI) the invitation message complies with. example: https://didcomm.org/out-of-band/2.0/invitation - from: type: string + from: description: The DID representing the sender to be used by recipients for future interactions. example: did:peer:1234457 - invitationUrl: type: string + invitationUrl: description: The invitation message encoded as a URL. This URL follows the Out of [Band 2.0 protocol](https://identity.foundation/didcomm-messaging/spec/v2.0/#out-of-band-messages) and can be used to generate a QR code for example. example: https://my.domain.com/path?_oob=eyJpZCI6ImY5NmUzNjk5LTU5MWMtNGFlNy1iNWU2LTZlZmU2ZDI2MjU1YiIsInR5cGUiOiJodHRwczovL2RpZGNvbW0ub3JnL291dC1vZi1iYW5kLzIuMC9pbnZpdGF0aW9uIiwiZnJvbSI6ImRpZDpwZWVyOjIuRXo2TFNmc0tNZTh2U1NXa1lkWkNwbjRZVmlQRVJmZEdBaGRMQUdIZ3gyTEdKd2ZtQS5WejZNa3B3MWtTYWJCTXprQTN2NTl0UUZuaDNGdGtLeTZ4TGhMeGQ5UzZCQW9hQmcyLlNleUowSWpvaVpHMGlMQ0p6SWpwN0luVnlhU0k2SW1oMGRIQTZMeTh4T1RJdU1UWTRMakV1TXpjNk9EQTRNQzlrYVdSamIyMXRJaXdpY2lJNlcxMHNJbUVpT2xzaVpHbGtZMjl0YlM5Mk1pSmRmWDAiLCJib2R5Ijp7ImdvYWxfY29kZSI6Imlzc3VlLXZjIiwiZ29hbCI6IlRvIGlzc3VlIGEgRmFiZXIgQ29sbGVnZSBHcmFkdWF0ZSBjcmVkZW50aWFsIiwiYWNjZXB0IjpbImRpZGNvbW0vdjIiXX0sImF0dGFjaG1lbnRzIjpbeyJpZCI6IjcwY2RjOTBjLTlhOTktNGNkYS04N2ZlLTRmNGIyNTk1MTEyYSIsIm1lZGlhX3R5cGUiOiJhcHBsaWNhdGlvbi9qc29uIiwiZGF0YSI6eyJqc29uIjp7ImlkIjoiNjU1ZTlhMmMtNDhlZC00NTliLWIzZGEtNmIzNjg2NjU1NTY0IiwidHlwZSI6Imh0dHBzOi8vZGlkY29tbS5vcmcvaXNzdWUtY3JlZGVudGlhbC8zLjAvb2ZmZXItY3JlZGVudGlhbCIsImJvZHkiOnsiZ29hbF9jb2RlIjoiT2ZmZXIgQ3JlZGVudGlhbCIsImNyZWRlbnRpYWxfcHJldmlldyI6eyJ0eXBlIjoiaHR0cHM6Ly9kaWRjb21tLm9yZy9pc3N1ZS1jcmVkZW50aWFsLzMuMC9jcmVkZW50aWFsLWNyZWRlbnRpYWwiLCJib2R5Ijp7ImF0dHJpYnV0ZXMiOlt7Im5hbWUiOiJmYW1pbHlOYW1lIiwidmFsdWUiOiJXb25kZXJsYW5kIn0seyJuYW1lIjoiZ2l2ZW5OYW1lIiwidmFsdWUiOiJBbGljZSJ9LHsibmFtZSI6ImRyaXZpbmdDbGFzcyIsInZhbHVlIjoiTXc9PSIsIm1lZGlhX3R5cGUiOiJhcHBsaWNhdGlvbi9qc29uIn0seyJuYW1lIjoiZGF0ZU9mSXNzdWFuY2UiLCJ2YWx1ZSI6IjIwMjAtMTEtMTNUMjA6MjA6MzkrMDA6MDAifSx7Im5hbWUiOiJlbWFpbEFkZHJlc3MiLCJ2YWx1ZSI6ImFsaWNlQHdvbmRlcmxhbmQuY29tIn0seyJuYW1lIjoiZHJpdmluZ0xpY2Vuc2VJRCIsInZhbHVlIjoiMTIzNDUifV19fX0sImF0dGFjaG1lbnRzIjpbeyJpZCI6Ijg0MDQ2NzhiLTlhMzYtNDk4OS1hZjFkLTBmNDQ1MzQ3ZTBlMyIsIm1lZGlhX3R5cGUiOiJhcHBsaWNhdGlvbi9qc29uIiwiZGF0YSI6eyJqc29uIjp7Im9wdGlvbnMiOnsiY2hhbGxlbmdlIjoiYWQwZjQzYWQtODUzOC00MWQ0LTljYjgtMjA5NjdiYzY4NWJjIiwiZG9tYWluIjoiZG9tYWluIn0sInByZXNlbnRhdGlvbl9kZWZpbml0aW9uIjp7ImlkIjoiNzQ4ZWZhNTgtMmJjZS00NDBkLTkyMWYtMjUyMGE4NDQ2NjYzIiwiaW5wdXRfZGVzY3JpcHRvcnMiOltdLCJmb3JtYXQiOnsiand0Ijp7ImFsZyI6WyJFUzI1NksiXSwicHJvb2ZfdHlwZSI6W119fX19fSwiZm9ybWF0IjoicHJpc20vand0In1dLCJ0aGlkIjoiZjk2ZTM2OTktNTkxYy00YWU3LWI1ZTYtNmVmZTZkMjYyNTViIiwiZnJvbSI6ImRpZDpwZWVyOjIuRXo2TFNmc0tNZTh2U1NXa1lkWkNwbjRZVmlQRVJmZEdBaGRMQUdIZ3gyTEdKd2ZtQS5WejZNa3B3MWtTYWJCTXprQTN2NTl0UUZuaDNGdGtLeTZ4TGhMeGQ5UzZCQW9hQmcyLlNleUowSWpvaVpHMGlMQ0p6SWpwN0luVnlhU0k2SW1oMGRIQTZMeTh4T1RJdU1UWTRMakV1TXpjNk9EQTRNQzlrYVdSamIyMXRJaXdpY2lJNlcxMHNJbUVpT2xzaVpHbGtZMjl0YlM5Mk1pSmRmWDAifX19XSwiY3JlYXRlZF90aW1lIjoxNzI0ODUxMTM5LCJleHBpcmVzX3RpbWUiOjE3MjQ4NTE0Mzl9= - description: The invitation for this Offer Credential + type: string IssueCredentialRecord: + title: IssueCredentialRecord + type: object required: - recordId - thid @@ -5941,45 +6908,44 @@ components: - role - protocolState - metaRetries - type: object properties: recordId: - type: string description: |2 The unique identifier of the issue credential record. This identifier is internal to the agent and not shared between issuer and holder. example: 80d612dc-0ded-4ac9-90b4-1b8eabb04545 - thid: type: string + thid: description: |2 The unique identifier of the 'thread' identifying the specific issuance flow execution as a whole. This same unique 'thid' value is included in every message exchanged during the flow execution. It is shared between the issuer and the holder agents and its value identical on both sides. example: 0527aea1-d131-3948-a34d-03af39aba8b4 - credentialFormat: type: string + credentialFormat: description: The credential format for this offer. example: JWT + type: string enum: - JWT - AnonCreds subjectId: - type: string description: |2 The short-form subject Prism DID to which the JWT verifiable credential will be or has been issued. This parameter only applies if the offer is of type 'JWT' and will only exist in the cloud agent of the holder (it will be empty on the issuer side). example: did:prism:3bb0505d13fcb04d28a48234edb27b0d4e6d7e18a81e2c1abab58f3bbc21ce6f + type: string validityPeriod: - type: number description: |2 The validity period in seconds of the verifiable credential that will be issued. This parameter will only exist in the cloud agent of the issuer (it will be empty on the holder side). - format: double example: 3600.0 + type: number + format: double claims: description: |2 @@ -5988,34 +6954,34 @@ components: firstname: Alice lastname: Wonderland automaticIssuance: - type: boolean description: |2 Specifies whether or not the credential is automatically generated and issued when receiving the `CredentialRequest` from the holder. If set to `false`, a manual approval by the issuer via another API call will be required for the VC to be issued. This parameter will only exist in the cloud agent of the issuer (it will be empty on the holder side). example: true + type: boolean createdAt: - type: string description: The date and time when the issue credential record was created. + example: '2024-11-05T11:32:21.497676581Z' + type: string format: date-time - example: '2024-09-11T13:22:27.796180424Z' updatedAt: - type: string description: The date and time when the issue credential record was last updated. + type: string format: date-time role: - type: string description: The role played by the agent in the credential issuance flow. example: Issuer + type: string enum: - Issuer - Holder protocolState: - type: string description: The current state of the issue credential protocol execution. example: CredentialSent + type: string enum: - OfferPending - OfferSent @@ -6034,91 +7000,96 @@ components: - InvitationExpired - InvitationGenerated credential: - type: string description: The base64-encoded credential that was issued by the issuer agent, in 'JWT' or 'AnonCreds' format depending on the offer type. example: eyJzY2hlbWFfaWQiOiJodHRwOi8vaG9zdC5kb2NrZXIuaW50ZXJuYWw6ODA4MC9wcmlzbS1hZ2VudC9zY2hlbWEtcmVnaXN0cnkvc2NoZW1hcy8zOTZmZDE2OC02YmVmLTMyNDItYTJiNy1hNTZlYWM1MDc2OWMvc2NoZW1hIiwiY3JlZF9kZWZfaWQiOiJodHRwOi8vMTkyLjE2OC4wLjE0OjgwODAvcHJpc20tYWdlbnQvY3JlZGVudGlhbC1kZWZpbml0aW9uLXJlZ2lzdHJ5L2RlZmluaXRpb25zLzNhZmQxZWJkLWIzN2ItMzRiNC1iMWQ2LWYwMDQ5ZmU5ZmQ1Mi9kZWZpbml0aW9uIiwicmV2X3JlZ19pZCI6bnVsbCwidmFsdWVzIjp7ImdpdmVuTmFtZSI6eyJyYXciOiJBbGljZSIsImVuY29kZWQiOiIyNzAzNDY0MDAyNDExNzMzMTAzMzA2MzEyODA0NDAwNDMxODIxODQ4NjgxNjkzMTUyMDg4NjQwNTUzNTY1OTkzNDQxNzQzODc4MTUwNyJ9LCJlbWFpbEFkZHJlc3MiOnsicmF3IjoiYWxpY2VAd29uZGVybGFuZC5jb20iLCJlbmNvZGVkIjoiNzUxMDcwNDYzNDAxNjU2NzcwMTE5NDIwNzU2NDQwMDkwNjY1NDE2NjExNDg4MjI1ODkwMzM2Nzk4NjEyMDkxODY0OTI3Njg2Njk5MjQifSwiZmFtaWx5TmFtZSI6eyJyYXciOiJXb25kZXJsYW5kIiwiZW5jb2RlZCI6IjE2NzkwODQ5MzEyMzc0Nzk0NzM2ODEzMzc3NTY3MjUzODUxMzczNjA3OTcwNDczMzc3NzAxNDc3MjY5MTk0MDE5NTU3NjU0NTYyMDM1In0sImRhdGVPZklzc3VhbmNlIjp7InJhdyI6IjIwMjAtMTEtMTNUMjA6MjA6MzkrMDA6MDAiLCJlbmNvZGVkIjoiNTM4Njg1NTk1MzE3NDg0NjcwOTc1MjA4NTkwNTMwODE4MzU3NDc0MzU2MTE2MDY4NDIwNDExNDc1ODIwMDQ4NzQzNDgwNDYxNjQ2ODUifSwiZHJpdmluZ0xpY2Vuc2VJRCI6eyJyYXciOiIxMjM0NSIsImVuY29kZWQiOiIxMjM0NSJ9LCJkcml2aW5nQ2xhc3MiOnsicmF3IjoiMyIsImVuY29kZWQiOiIzIn19LCJzaWduYXR1cmUiOnsicF9jcmVkZW50aWFsIjp7Im1fMiI6IjMzNjg4ODUzNTU3NTg2MDI3MDg3OTY5ODAzMjgzMzcyNzE4Nzc5MDAzNDAzMDgwODMzMjQzNDIxMTU3MDA5NzE4MDUzMTMyNDIwODAwIiwiYSI6IjEwMjUxMTg2OTU5MTg2NDc2NDcwNzU0MTQ0MDg5NDE3MjI4OTM1Mjk0ODgxNDExMTc5ODYwNzgxODIxODY2OTcyODIyMzg1MTQ1OTcwNDA4Mzk2Mjg5OTM2NzgzNTUxMDk4NDA2MjE2MjcwNjgyNDM1ODg3NjY0OTI0MzQwMDg3NTY4MDMyNzMyMzYwMDc5MTI2ODk2MDU3NDA3MTYyMjI0NDgwODM2NTgzNjY2MzQ1MzA5NzQ0NDE5NjA0ODg5ODA1NDU3Mjc4NDE0MjgyMjA4NzIzMDIwNDQzNzk0MjM0NzU1NTgwNjA1MTE1NjU3NTQ4NjE1MTgwNTU1ODEzMjA0MzQyNjkzNjYyODQzNzY4MjQ2NDM1NjU4MjQ5MDYyMjUxMzYwNzE2MzEyNzM4MjAyMTU2NTEwNzM2NDY1ODk2NjIyNDY4MDk3OTY0OTk0NTA1NDUwMjczMzQ2Mzk4MzY4NzcxNDM3MzAzNTI2NjE0NTk4NTU4Mjg0MTAxNzk0NjYwOTAxNDMwOTI4MzY1MTk3MzA2MDIxMzQ5OTQ3MDI2MzIzMzEwOTE3MjgzODM0ODY2NzI1MzgyMDg4NDIzNDU1NzE0MDY3MTk1NDEzMDA4MzAxNTQ2MTA1NzY4NTAxNzMxNjEwMjk3MDY5ODUyNjAxMTgxMTM3OTg2NjM2MDU2MjI4MTE4NzUzMTM1NjMxMDIwNzA0MzYxODQxNTg0MjA0NzIwMDU1NjY0ODIxMTczOTA3MzYyMTQzNTQyNjk1NTExMTMxNzU3NTE0OTUxMDY2ODQ2MzIyMDAyNzYxMzg4MzIwNjkyNSIsImUiOiIyNTkzNDQ3MjMwNTUwNjIwNTk5MDcwMjU0OTE0ODA2OTc1NzE5MzgyNzc4ODk1MTUxNTIzMDYyNDk3Mjg1ODMxMDU2NjU4MDA3MTMzMDY3NTkxNDk5ODE2OTA1NTkxOTM5ODcxNDMwMTIzNjc5MTMyMDYyOTkzMjM4OTk2OTY5NDIyMTMyMzU5NTY3NDI5Mjk4MTYwMTkzMjA4MDYyNzM5NTc5MDExNDE1Njk0NDAwMjUyMTkiLCJ2IjoiMTAwODYwMTE5NjExNDQ0MjUxODg1ODcyNzA0OTEyNDQwMTQzNTA0MDEwMDQ3NzE3MzYxNzgxMjIwOTQ0OTA3OTE3ODM0NTE3NjQyOTk5MDgxMjEzMDcyNTI4NzU5NTczMzIyNDM1NjU5NzY4OTI2NzA4MjE0NTI5Njg0Njg5NTc5MjAwNzY4MDkxMTM0OTM0MzYxNDUyNzM5ODUwMjEyODc1MDUwMzg5NjkzOTMxMjEzMDg2MTUyOTM4NzA2ODc4MzQyNjIxNjQ1MTc2NDY5NTU0NDMyNTY2MDk0MDY5NjU2ODkzNDg1NjQyNDI2MTc0MjA5MjY3OTI1MDEzODkxMTU2MzAzMzY0MzUwMzgwNTUwMzQ4OTk3MDI1Nzc3NDc5NDg3ODI0NDkzNzg4MDYwNTg1NzMxMTY2NDM5OTE1MTc3ODUyNTYwNjczMjkwODA2Mjk5ODEyOTY1NjMwNDc2OTc0NzExNDY4MDE1MzY4NzM2NTc3MDEzNDE2NjE3ODc0MTc3ODgwNjMzNTc1OTAwMzQyODM5MDUxNjc4NjExNDMxMTk5Mzk3NTIzMDE5Njc0NTA3MjM0NDAzNzcyMTcxMDM3Nzg3NzUyNTMwMjIyODYyNDg5OTMzMzczMzY1MjIwNTc4MDIzNDY2NjkyMDQ4MTA0NTE0NjczMzMwMzMwNzQ1OTEyMjUzNzQ0MDQwMjI1NTM4NjMxNDk2MjY4NDM0MDk5Njk3Nzk1NTY5MDA3MTExMjQzMTg4MTc3MzUyNjE5MTUxNzk1NjEzNTAwNjg5MzUwMzQyNTk3NjA1ODY2MjUyOTYwMjQ3ODg4OTE2NDIwNDcyMDEzNDYzMTA5NTA5MjMxNDcwNjc4MDc5MDI2Mzc3MzY4NDEwNTIyODg3NDExOTIyMzE4Njk5NzA4MjkxNzI4NTg3ODgzNjExODMyMjU4MTE5MzI2ODQ5NjkxODI1MDI2MzU2NDQ1OTM1NjYxOTkyODEyNjIwNDY4MzAxMjEwMzMwNTA1NjEwMjYyNTU5MDk5NDgwNzcxMjA0NDU0ODg0MDI5ODA3MDcwOTM4NDU5OTgxNDM1NjQyNTkzNTQyODc0ODAifSwicl9jcmVkZW50aWFsIjpudWxsfSwic2lnbmF0dXJlX2NvcnJlY3RuZXNzX3Byb29mIjp7InNlIjoiMjMwNDc5NjEzNTA0MDI5NTI3NTk3NzM3MTY4NjY0OTQ5MzQwNzk1NTg1ODM5NTQ4OTI2MTEwMjQ2NzU0NzA3OTgyNjc2MDEyMjIyMTYyNzQyNTQ2Nzg4NDI3MDA4MDQ5NzIyNDMwNDgyODAyOTYyNTgxNDE2ODI2MjEzMTgwMTE4MTA4MTA1Nzg1NjA4OTg5NjEyNTU0ODMwOTE5MjU4MTI0NDgyMzUwNTQ2MTkxOTQ5NTU5ODM2NTk4NzcxMTE0MzI1NjA5MTI4MjUxMTc1MDM4NDMxNDA2NzM2NTc1MDkwMzk5ODk0MDQzMjc3MTg5MTM3MzE1NTM5NTQ2MTE3Mjk2NTM1OTMyOTQ3NDk3NTU0Mjg0NDc1NjkxNDE1NDEzMzIzNjE2OTYyNTk1NDAzMTkxMjQ4ODY2NDE1MjI0NDY2MTU2OTgyODg4OTkyNTAxNjc1NTcwNjI0MzQ2MzMyMTE0NjMzMDQ1NzUxNDg3NzU3ODM3MDA5Mzc3ODMwNTI1MTU5MjUwNjMwMjcxNjY3NDQxMDI3MTM5MjE3Nzc5ODU5MDExMjUxOTc1OTczNjY0NTc4MjMxOTk1Mzc3OTE4Mjg4MTkyNjIyMDM5NDEzMDM0ODg5MjM3Mzg2NzU4Mzg3NTcwNTMxNDc1OTQxMDU2MTg3NzUzOTEyNDA0NzkwNzQ5NzgzMTM0OTk3MDgzODk3NjE5MTczMTg3MDg1MzE1MjQ3NTM4NjU2OTcwOTE0NzI2MzM1ODA1ODY5OTk3NzI3OTc5NTUwMjIzNjkzMDA2MjcwNjIzNTc3NjM2NTIyNjIyNTY0MTE4NTMiLCJjIjoiOTM2NzQ1MDczNzcxNzQ3MjE3OTg3OTY2OTYzMDQxNzUzMTE4NDk0NDE4NDQ0NzQ1MDI3NzAyMjI3Nzk0NzU1ODQ2Mjg3ODMzMzU4NTAifSwicmV2X3JlZyI6bnVsbCwid2l0bmVzcyI6bnVsbH0= - issuingDID: type: string + issuingDID: description: |2 The short-form issuer Prism DID by which the JWT verifiable credential will be or has been issued. Note that this parameter only applies when the offer is type 'JWT'. example: did:prism:3bb0505d13fcb04d28a48234edb27b0d4e6d7e18a81e2c1abab58f3bbc21ce6f - goalCode: type: string + goalCode: description: A self-attested code the receiver may want to display to the user or use in automatically deciding what to do with the out-of-band message. example: issue-vc - goal: type: string + goal: description: A self-attested string that the receiver may want to display to the user about the context-specific goal of the out-of-band message. example: To issue a Faber College Graduate credential - myDid: type: string + myDid: description: The DID representing me as the inviter or invitee in this specific connection. example: did:peer:12345 + type: string invitation: $ref: '#/components/schemas/IssueCredentialOfferInvitation' metaRetries: - type: integer description: The maximum background processing attempts remaining for this record. - format: int32 example: 5 + type: integer + format: int32 metaLastFailure: $ref: '#/components/schemas/ErrorResponse' + description: The last failure if any. + example: ErrorResponse(404,error:Error:FailureInfo,Failure Info,Some(Not + Found),error:instance:087a52c7-4c06-48ba-870a-8f5b3b4e003f) IssueCredentialRecordPage: + title: IssueCredentialRecordPage + type: object required: - kind - self - pageOf - type: object properties: contents: - type: array - items: - $ref: '#/components/schemas/IssueCredentialRecord' description: |2 An sequence of IssueCredentialRecord resources representing the list of credential records that the paginated response contains. example: [] + type: array + items: + $ref: '#/components/schemas/IssueCredentialRecord' kind: - type: string description: A string that identifies the type of resource being returned in the response. example: Collection - self: type: string + self: description: The URL that uniquely identifies the resource being returned in the response. example: /cloud-agent/issue-credentials/records?offset=10&limit=10 - pageOf: type: string + pageOf: description: A string field indicating the type of resource that the contents field contains. example: /cloud-agent/issue-credentials/records - next: type: string + next: description: An optional string field containing the URL of the next page of results. If the API response does not contain any more pages, this field should be set to None. example: /cloud-agent/issue-credentials/records?offset=20&limit=10 - previous: type: string + previous: description: An optional string field containing the URL of the previous page of results. If the API response is the first page of results, this field should be set to None. example: /cloud-agent/issue-credentials/records?offset=0&limit=10 + type: string IssuerMetadata: + title: IssuerMetadata + type: object required: - credential_issuer - credential_endpoint - credential_configurations_supported - type: object properties: credential_issuer: type: string @@ -6130,21 +7101,19 @@ components: type: string credential_configurations_supported: $ref: '#/components/schemas/Map_SupportedCredentialConfiguration' - Json: - description: The service endpoint. Can contain multiple possible values as described - in the [Create DID operation](https://github.com/input-output-hk/prism-did-method-spec/blob/main/w3c-spec/PRISM-method.md#create-did) - example: https://example.com - oneOf: - - $ref: '#/components/schemas/Arr' - - $ref: '#/components/schemas/Bool' - - $ref: '#/components/schemas/Null' - - $ref: '#/components/schemas/Num' - - $ref: '#/components/schemas/Obj' - - $ref: '#/components/schemas/Str' + Jwt: + title: Jwt + type: object + properties: + alg: + type: array + items: + type: string JwtCredentialRequest: + title: JwtCredentialRequest + type: object required: - format - type: object properties: format: $ref: '#/components/schemas/CredentialFormat' @@ -6157,77 +7126,91 @@ components: credential_definition: $ref: '#/components/schemas/CredentialDefinition' JwtProof: + title: JwtProof + type: object required: - proof_type - jwt - type: object properties: proof_type: $ref: '#/components/schemas/ProofType' jwt: type: string + Ldp: + title: Ldp + type: object + properties: + proof_type: + type: array + items: + type: string LdpProof: + title: LdpProof + type: object required: - proof_type - vp - type: object properties: proof_type: $ref: '#/components/schemas/ProofType' vp: type: string Localization: + title: Localization + type: object required: - name - locale - type: object properties: name: type: string locale: type: string ManagedDID: + title: ManagedDID + type: object required: - did - status - type: object properties: did: - type: string description: A managed DID example: did:prism:4a5b5cf0a513e83b598bbea25cd6196746747f361a73ef77068268bc9bd732ff - longFormDid: type: string + longFormDid: description: A long-form DID. Mandatory when status is not `PUBLISHED` and optional when status is `PUBLISHED` example: did:prism:4a5b5cf0a513e83b598bbea25cd6196746747f361a73ef77068268bc9bd732ff:Cr4BCrsBElsKBmF1dGgtMRAEQk8KCXNlY3AyNTZrMRIg0opTuxu-zt6aRbT1tPniG4eu4CYsQPM3rrLzvzNiNgwaIIFTnyT2N4U7qCQ78qtWC3-p0el6Hvv8qxG5uuEw-WgMElwKB21hc3RlcjAQAUJPCglzZWNwMjU2azESIKhBU0eCOO6Vinz_8vhtFSAhYYqrkEXC8PHGxkuIUev8GiAydFHLXb7c22A1Uj_PR21NZp6BCDQqNq2xd244txRgsQ - status: type: string + status: description: |- A status indicating a publication state of a DID in the wallet (e.g. `PUBLICATION_PENDING`, `PUBLISHED`). Does not represent DID a lifecyle (e.g. `deactivated`, `recovered`, `updated`). example: CREATED + type: string ManagedDIDKeyTemplate: + title: ManagedDIDKeyTemplate + description: A key-pair template to add to DID document. + type: object required: - id - purpose - type: object properties: id: - type: string description: Identifier of a verification material in the DID Document example: key-1 + type: string purpose: $ref: '#/components/schemas/Purpose' curve: $ref: '#/components/schemas/Curve' - description: A key-pair template to add to DID document. ManagedDIDPage: + title: ManagedDIDPage + type: object required: - self - kind - pageOf - type: object properties: self: type: string @@ -6244,111 +7227,122 @@ components: items: $ref: '#/components/schemas/ManagedDID' Map_AnoncredRequestedAttributeV1: + title: Map_AnoncredRequestedAttributeV1 type: object additionalProperties: $ref: '#/components/schemas/AnoncredRequestedAttributeV1' Map_AnoncredRequestedPredicateV1: + title: Map_AnoncredRequestedPredicateV1 type: object additionalProperties: $ref: '#/components/schemas/AnoncredRequestedPredicateV1' Map_ClaimDescriptor: + title: Map_ClaimDescriptor type: object additionalProperties: $ref: '#/components/schemas/ClaimDescriptor' Map_String: + title: Map_String type: object additionalProperties: type: string Map_SupportedCredentialConfiguration: + title: Map_SupportedCredentialConfiguration type: object additionalProperties: $ref: '#/components/schemas/SupportedCredentialConfiguration' NonceRequest: + title: NonceRequest + type: object required: - issuerState - type: object properties: issuerState: type: string NonceResponse: + title: NonceResponse + type: object required: - nonce - nonceExpiresIn - type: object properties: nonce: type: string nonceExpiresIn: type: integer format: int64 - 'Null': - type: object - Num: - required: - - value - type: object - properties: - value: - type: number OOBPresentationInvitation: + title: OOBPresentationInvitation + description: The invitation for this Request Presentation + type: object required: - id - type - from - invitationUrl - type: object properties: id: - type: string description: The unique identifier of the invitation. It should be used as parent thread ID (pthid) for the Connection Request message that follows. - format: uuid example: 0527aea1-d131-3948-a34d-03af39aba8b4 - type: type: string + format: uuid + type: description: The DIDComm Message Type URI (MTURI) the invitation message complies with. example: https://didcomm.org/out-of-band/2.0/invitation - from: type: string + from: description: The DID representing the sender to be used by recipients for future interactions. example: did:peer:1234457 - invitationUrl: type: string + invitationUrl: description: The invitation message encoded as a URL. This URL follows the Out of [Band 2.0 protocol](https://identity.foundation/didcomm-messaging/spec/v2.0/#out-of-band-messages) and can be used to generate a QR code for example. example: https://my.domain.com/path?_oob=eyJpZCI6IjViMjUwMjIzLWExNDItNDRmYi1hOWJkLWU1MjBlNGI0ZjQzMiIsInR5cGUiOiJodHRwczovL2RpZGNvbW0ub3JnL291dC1vZi1iYW5kLzIuMC9pbnZpdGF0aW9uIiwiZnJvbSI6ImRpZDpwZWVyOjIuRXo2TFNkV0hWQ1BFOHc0NWZETjM4aUh0ZFJ6WGkyTFNqQmRSUjRGTmNOUm12VkNKcy5WejZNa2Z2aUI5S1F1OGlnNVZpeG1HZHM3dmdMNmoyUXNOUGFybkZaanBNQ0E5aHpQLlNleUowSWpvaVpHMGlMQ0p6SWpwN0luVnlhU0k2SW1oMGRIQTZMeTh4T1RJdU1UWTRMakV1TXpjNk9EQTNNQzlrYVdSamIyMXRJaXdpY2lJNlcxMHNJbUVpT2xzaVpHbGtZMjl0YlM5Mk1pSmRmWDAiLCJib2R5Ijp7ImdvYWxfY29kZSI6InByZXNlbnQtdnAiLCJnb2FsIjoiUmVxdWVzdCBwcm9vZiBvZiB2YWNjaW5hdGlvbiBpbmZvcm1hdGlvbiIsImFjY2VwdCI6W119LCJhdHRhY2htZW50cyI6W3siaWQiOiIyYTZmOGM4NS05ZGE3LTRkMjQtOGRhNS0wYzliZDY5ZTBiMDEiLCJtZWRpYV90eXBlIjoiYXBwbGljYXRpb24vanNvbiIsImRhdGEiOnsianNvbiI6eyJpZCI6IjI1NTI5MTBiLWI0NmMtNDM3Yy1hNDdhLTlmODQ5OWI5ZTg0ZiIsInR5cGUiOiJodHRwczovL2RpZGNvbW0uYXRhbGFwcmlzbS5pby9wcmVzZW50LXByb29mLzMuMC9yZXF1ZXN0LXByZXNlbnRhdGlvbiIsImJvZHkiOnsiZ29hbF9jb2RlIjoiUmVxdWVzdCBQcm9vZiBQcmVzZW50YXRpb24iLCJ3aWxsX2NvbmZpcm0iOmZhbHNlLCJwcm9vZl90eXBlcyI6W119LCJhdHRhY2htZW50cyI6W3siaWQiOiJiYWJiNTJmMS05NDUyLTQzOGYtYjk3MC0yZDJjOTFmZTAyNGYiLCJtZWRpYV90eXBlIjoiYXBwbGljYXRpb24vanNvbiIsImRhdGEiOnsianNvbiI6eyJvcHRpb25zIjp7ImNoYWxsZW5nZSI6IjExYzkxNDkzLTAxYjMtNGM0ZC1hYzM2LWIzMzZiYWI1YmRkZiIsImRvbWFpbiI6Imh0dHBzOi8vcHJpc20tdmVyaWZpZXIuY29tIn0sInByZXNlbnRhdGlvbl9kZWZpbml0aW9uIjp7ImlkIjoiMGNmMzQ2ZDItYWY1Ny00Y2E1LTg2Y2EtYTA1NTE1NjZlYzZmIiwiaW5wdXRfZGVzY3JpcHRvcnMiOltdfX19LCJmb3JtYXQiOiJwcmlzbS9qd3QifV0sInRoaWQiOiI1YjI1MDIyMy1hMTQyLTQ0ZmItYTliZC1lNTIwZTRiNGY0MzIiLCJmcm9tIjoiZGlkOnBlZXI6Mi5FejZMU2RXSFZDUEU4dzQ1ZkROMzhpSHRkUnpYaTJMU2pCZFJSNEZOY05SbXZWQ0pzLlZ6Nk1rZnZpQjlLUXU4aWc1Vml4bUdkczd2Z0w2ajJRc05QYXJuRlpqcE1DQTloelAuU2V5SjBJam9pWkcwaUxDSnpJanA3SW5WeWFTSTZJbWgwZEhBNkx5OHhPVEl1TVRZNExqRXVNemM2T0RBM01DOWthV1JqYjIxdElpd2ljaUk2VzEwc0ltRWlPbHNpWkdsa1kyOXRiUzkyTWlKZGZYMCJ9fX1dLCJjcmVhdGVkX3RpbWUiOjE3MjQzMzkxNDQsImV4cGlyZXNfdGltZSI6MTcyNDMzOTQ0NH0= - description: The invitation for this Request Presentation + type: string Obj: + title: Obj + description: |2 + + The set of claims to be disclosed from the issued credential. + The JSON object should comply with the schema applicable for this offer (i.e. 'schemaId' or 'credentialDefinitionId'). + example: + firstname: Alice + lastname: Wonderland type: object Options: + title: Options + description: The options to use when creating the proof presentation request + (e.g., domain, challenge). + type: object required: - challenge - domain - type: object properties: challenge: - type: string description: The challenge should be a randomly generated string. example: 11c91493-01b3-4c4d-ac36-b336bab5bddf - domain: type: string + domain: description: The domain value can be any string or URI. example: https://example-verifier.com - description: The options to use when creating the proof presentation request - (e.g., domain, challenge). + type: string ParameterizableVcVerification: + title: ParameterizableVcVerification + type: object required: - verification - type: object properties: verification: $ref: '#/components/schemas/VcVerification' + description: The type of verification to perform. parameter: $ref: '#/components/schemas/VcVerificationParameter' PatchAuthorizationServer: + title: PatchAuthorizationServer type: object properties: url: @@ -6358,50 +7352,105 @@ components: clientSecret: type: string PatchContextAction: + title: PatchContextAction type: object properties: contexts: type: array items: - type: string description: The JSON-LD context describing the JSON document example: https://didcomm.org/messaging/contexts/v2 + type: string PatchCredentialIssuerRequest: + title: PatchCredentialIssuerRequest type: object properties: authorizationServer: $ref: '#/components/schemas/PatchAuthorizationServer' + PresentCredentialRequestFormat: + title: PresentCredentialRequestFormat + description: The presentation format to display in Didcomm messages (default + to 'prism/jwt', vc+sd-jwt or anoncreds/proof-request@v1.0) + example: prism/jwt + type: string + enum: + - Anoncred + - JWT + - SDJWT + PresentationDefinition: + title: PresentationDefinition + description: '*Presentation Definition* object according to the [PresentationExchange + spec](https://identity.foundation/presentation-exchange/spec/v2.1.1/#presentation-definition)' + type: object + required: + - id + properties: + id: + type: string + input_descriptors: + type: array + items: + $ref: '#/components/schemas/InputDescriptor' + name: + type: string + purpose: + type: string + format: + $ref: '#/components/schemas/ClaimFormat' + PresentationDefinitionPage: + title: PresentationDefinitionPage + type: object + required: + - self + - kind + - pageOf + properties: + self: + type: string + kind: + type: string + pageOf: + type: string + next: + type: string + previous: + type: string + contents: + type: array + items: + $ref: '#/components/schemas/PresentationDefinition' PresentationStatus: + title: PresentationStatus + type: object required: - presentationId - thid - role - status - metaRetries - type: object properties: presentationId: - type: string description: The unique identifier of the presentation record. example: 3c6d9fa5-d277-431e-a6cb-d3956e47e610 - thid: type: string + thid: description: The unique identifier of the thread this presentation record belongs to. The value will identical on both sides of the presentation flow (verifier and prover) example: 0527aea1-d131-3948-a34d-03af39aba8b4 - role: type: string + role: description: The role played by the Prism agent in the proof presentation flow. example: Verifier + type: string enum: - Verifier - Prover status: - type: string description: The current state of the proof presentation record. example: RequestPending + type: string enum: - RequestPending - RequestSent @@ -6421,66 +7470,67 @@ components: - InvitationGenerated - InvitationReceived proofs: - type: array - items: - $ref: '#/components/schemas/ProofRequestAux' description: The type of proofs requested in the context of this proof presentation request (e.g., VC schema, trusted issuers, etc.) example: [] - data: type: array items: - type: string + $ref: '#/components/schemas/ProofRequestAux' + data: description: The list of proofs presented by the prover to the verifier. example: [] - requestData: type: array items: type: string + requestData: description: The list of request presented by the verifier to the prover. example: [] + type: array + items: + type: string connectionId: - type: string description: The unique identifier of an established connection between the verifier and the prover. example: bc528dc8-69f1-4c5a-a508-5f8019047900 - goalCode: type: string + goalCode: description: A self-attested code the receiver may want to display to the user or use in automatically deciding what to do with the out-of-band message. example: present-vp - goal: type: string + goal: description: A self-attested string that the receiver may want to display to the user about the context-specific goal of the out-of-band message. example: To verify a Peter College Graduate credential - myDid: type: string + myDid: description: The DID representing me as the inviter or invitee in this specific connection. example: did:peer:12345 + type: string invitation: $ref: '#/components/schemas/OOBPresentationInvitation' metaRetries: - type: integer description: The maximum background processing attempts remaining for this record - format: int32 example: 5 + type: integer + format: int32 metaLastFailure: $ref: '#/components/schemas/ErrorResponse' + description: The last failure if any. + example: ErrorResponse(404,error:Error:FailureInfo,Failure Info,Some(Not + Found),error:instance:68e60a0f-8e08-4264-96c8-9e6f2dd59202) PresentationStatusPage: + title: PresentationStatusPage + type: object required: - self - kind - pageOf - type: object properties: contents: - type: array - items: - $ref: '#/components/schemas/PresentationStatus' description: A sequence of Presentation objects. example: - presentationId: 938bfc23-f78d-4734-9bf3-6dccf300856f @@ -6532,31 +7582,61 @@ components: from: did:peer:veriferPeerDID1234567890 invitationUrl: http://localhost:8000/present-proof/invitation?_oob=eyJpZCI6ImU2M2JkNzQ1LWZjYzYtNGQ0My05NjgzLTY4MjUyOTNlYTgxNiIsInR5cGUiOiJodHRwczovL2RpZGNvbW0ub3JnL291dC1vZi1iYW5kLzIuMC9pbnZpdGF0aW9uIiwiZnJvbSI6ImRpZDpwZWVyOjIuRXo2TFNoOWFSQmRFQlV6WkFRSzN5VnFBRnRYS0pVMVZ1cUZlMVd1U1ZRcnRvRGROZi5WejZNa3NCWmZkc3U4UmFxWjNmdjlBdkJ0elVGd1VyaW5td0xRODFNVjVoc29td2JZLlNleUowSWpvaVpHMGlMQ0p6SWpwN0luVnlhU0k2SW1oMGRIQTZMeTh4T1RJdU1UWTRMakV1TVRrNU9qZ3dOekF2Wkdsa1kyOXRiU0lzSW5JaU9sdGRMQ0poSWpwYkltUnBaR052YlcwdmRqSWlYWDE5IiwiYm9keSI6eyJnb2FsX2NvZGUiOiJwcmVzZW50LXZwIiwiZ29hbCI6IlJlcXVlc3QgcHJvb2Ygb2YgdmFjY2luYXRpb24gaW5mb3JtYXRpb24iLCJhY2NlcHQiOltdfSwiYXR0YWNobWVudHMiOlt7ImlkIjoiZTE5ZjNkNmMtY2U2Ni00Y2EwLWI1ZWUtZDBiY2ZhOGI1MTc3IiwibWVkaWFfdHlwZSI6ImFwcGxpY2F0aW9uL2pzb24iLCJkYXRhIjp7Impzb24iOnsiaWQiOiIxYjMwYzRjZi05MmVjLTQwOTMtYWFlOC1hZDk3NmIzODljY2MiLCJ0eXBlIjoiaHR0cHM6Ly9kaWRjb21tLmF0YWxhcHJpc20uaW8vcHJlc2VudC1wcm9vZi8zLjAvcmVxdWVzdC1wcmVzZW50YXRpb24iLCJib2R5Ijp7ImdvYWxfY29kZSI6IlJlcXVlc3QgUHJvb2YgUHJlc2VudGF0aW9uIiwid2lsbF9jb25maXJtIjpmYWxzZSwicHJvb2ZfdHlwZXMiOltdfSwiYXR0YWNobWVudHMiOlt7ImlkIjoiNDBiZjcyNzUtMDNkNS00MjI1LWFlYjAtMzhhZDYyODhhMThkIiwibWVkaWFfdHlwZSI6ImFwcGxpY2F0aW9uL2pzb24iLCJkYXRhIjp7Impzb24iOnsib3B0aW9ucyI6eyJjaGFsbGVuZ2UiOiIxMWM5MTQ5My0wMWIzLTRjNGQtYWMzNi1iMzM2YmFiNWJkZGYiLCJkb21haW4iOiJodHRwczovL3ByaXNtLXZlcmlmaWVyLmNvbSJ9LCJwcmVzZW50YXRpb25fZGVmaW5pdGlvbiI6eyJpZCI6IjkyODkyMjJmLWY3ZmItNDk4Yi1iMmE0LTNlODdiNzdiMzk5ZiIsImlucHV0X2Rlc2NyaXB0b3JzIjpbXX19fSwiZm9ybWF0IjoicHJpc20vand0In1dLCJ0aGlkIjoiZTYzYmQ3NDUtZmNjNi00ZDQzLTk2ODMtNjgyNTI5M2VhODE2IiwiZnJvbSI6ImRpZDpwZWVyOjIuRXo2TFNoOWFSQmRFQlV6WkFRSzN5VnFBRnRYS0pVMVZ1cUZlMVd1U1ZRcnRvRGROZi5WejZNa3NCWmZkc3U4UmFxWjNmdjlBdkJ0elVGd1VyaW5td0xRODFNVjVoc29td2JZLlNleUowSWpvaVpHMGlMQ0p6SWpwN0luVnlhU0k2SW1oMGRIQTZMeTh4T1RJdU1UWTRMakV1TVRrNU9qZ3dOekF2Wkdsa1kyOXRiU0lzSW5JaU9sdGRMQ0poSWpwYkltUnBaR052YlcwdmRqSWlYWDE5In19fV19 metaRetries: 5 + type: array + items: + $ref: '#/components/schemas/PresentationStatus' self: - type: string description: The reference to the presentation collection itself. example: /present-proof/presentations - kind: type: string + kind: description: The type of object returned. In this case a `Collection`. example: Collection - pageOf: type: string + pageOf: description: Page number within the context of paginated response. example: 1 - next: type: string + next: description: An optional string field containing the URL of the next page of results. If the API response does not contain any more pages, this field should be set to None. example: /present-proof/presentations?offset=20&limit=10 - previous: type: string + previous: description: An optional string field containing the URL of the previous page of results. If the API response is the first page of results, this field should be set to None. example: /present-proof/presentations?offset=0&limit=10 + type: string + PrismEnvelopeResponse: + title: PrismEnvelopeResponse + type: object + required: + - resource + - url + properties: + resource: + description: JCS normalized and base64url encoded json of the resource + example: '' + type: string + url: + description: JCS normalized and base64url encoded json of the resource + example: did:prism:462c4811bf61d7de25b3baf86c5d2f0609b4debe53792d297bf612269bf8593a?resourceService=agent-base-url&resourcePath=credential-definition-registry/definitions/did-url/ef3e4135-8fcf-3ce7-b5bb-df37defc13f6?resourceHash=4074bb1a8e0ea45437ad86763cd7e12de3fe8349ef19113df773b0d65c8a9c46 + type: string Proof: + title: Proof + description: A digital signature over the Credential Definition for the sake + of asserting authorship. A piece of Metadata. + example: + type: Ed25519Signature2018 + created: '2022-03-10T12:00:00Z' + verificationMethod: did:prism:4a5b5cf0a513e83b598bbea25cd6196746747f361a73ef77068268bc9bd732ff#key-1 + proofPurpose: assertionMethod + proofValue: FiPfjknHikKmZ... + jws: eyJhbGciOiJFZERTQSIsImI2NCI6ZmFsc2UsImNyaXQiOlsiYjY0Il0sImt0eSI6Ik... + domain: prims.atala.com + type: object required: - type - created @@ -6564,49 +7644,50 @@ components: - proofPurpose - proofValue - jws - type: object properties: type: - type: string description: The type of cryptographic signature algorithm used to generate the proof. example: Ed25519Signature2018 - created: type: string + created: description: The date and time at which the proof was created, in UTC format. This field is used to ensure that the proof was generated before or at the same time as the credential definition itself. - format: date-time example: 2022-03-10T12:00Z - verificationMethod: type: string + format: date-time + verificationMethod: description: The verification method used to generate the proof. This is usually a DID and key ID combination that can be used to look up the public key needed to verify the proof. example: did:prism:4a5b5cf0a513e83b598bbea25cd6196746747f361a73ef77068268bc9bd732ff#key-1 - proofPurpose: type: string + proofPurpose: description: 'The purpose of the proof (for example: `assertionMethod`). This indicates that the proof is being used to assert that the issuer really issued this credential definition instance.' example: assertionMethod - proofValue: type: string + proofValue: description: The cryptographic signature value that was generated using the private key associated with the verification method, and which can be used to verify the proof. example: FiPfjknHikKmZ... - jws: type: string + jws: description: The JSON Web Signature (JWS) that contains the proof information. example: eyJhbGciOiJFZERTQSIsImI2NCI6ZmFsc2UsImNyaXQiOlsiYjY0Il0sImt0eSI6Ik... - domain: type: string + domain: description: It specifies the domain context within which the credential definition and proof are being used example: prims.atala.com - description: A digital signature over the Credential Definition for the sake - of asserting authorship. A piece of Metadata. + type: string + Proof1: + title: Proof + description: A digital signature over the Credential Schema for the sake of + asserting authorship. A piece of Metadata. example: type: Ed25519Signature2018 created: '2022-03-10T12:00:00Z' @@ -6615,7 +7696,7 @@ components: proofValue: FiPfjknHikKmZ... jws: eyJhbGciOiJFZERTQSIsImI2NCI6ZmFsc2UsImNyaXQiOlsiYjY0Il0sImt0eSI6Ik... domain: prims.atala.com - Proof1: + type: object required: - type - created @@ -6623,58 +7704,48 @@ components: - proofPurpose - proofValue - jws - type: object properties: type: - type: string description: The type of cryptographic signature algorithm used to generate the proof. example: Ed25519Signature2018 - created: type: string + created: description: The date and time at which the proof was created, in UTC format. This field is used to ensure that the proof was generated before or at the same time as the credential schema itself. - format: date-time example: 2022-03-10T12:00Z - verificationMethod: type: string + format: date-time + verificationMethod: description: The verification method used to generate the proof. This is usually a DID and key ID combination that can be used to look up the public key needed to verify the proof. example: did:prism:4a5b5cf0a513e83b598bbea25cd6196746747f361a73ef77068268bc9bd732ff#key-1 - proofPurpose: type: string + proofPurpose: description: 'The purpose of the proof (for example: `assertionMethod`). This indicates that the proof is being used to assert that the issuer really issued this credential schema instance.' example: assertionMethod - proofValue: type: string + proofValue: description: The cryptographic signature value that was generated using the private key associated with the verification method, and which can be used to verify the proof. example: FiPfjknHikKmZ... - jws: type: string + jws: description: The JSON Web Signature (JWS) that contains the proof information. example: eyJhbGciOiJFZERTQSIsImI2NCI6ZmFsc2UsImNyaXQiOlsiYjY0Il0sImt0eSI6Ik... - domain: type: string + domain: description: It specifies the domain context within which the credential - schema and proof are being used - example: prims.atala.com - description: A digital signature over the Credential Schema for the sake of - asserting authorship. A piece of Metadata. - example: - type: Ed25519Signature2018 - created: '2022-03-10T12:00:00Z' - verificationMethod: did:prism:4a5b5cf0a513e83b598bbea25cd6196746747f361a73ef77068268bc9bd732ff#key-1 - proofPurpose: assertionMethod - proofValue: FiPfjknHikKmZ... - jws: eyJhbGciOiJFZERTQSIsImI2NCI6ZmFsc2UsImNyaXQiOlsiYjY0Il0sImt0eSI6Ik... - domain: prims.atala.com + schema and proof are being used + example: prims.atala.com + type: string Proof2: + title: Proof oneOf: - $ref: '#/components/schemas/CwtProof' - $ref: '#/components/schemas/JwtProof' @@ -6686,31 +7757,35 @@ components: jwt: '#/components/schemas/JwtProof' ldp_vp: '#/components/schemas/LdpProof' ProofRequestAux: + title: ProofRequestAux + type: object required: - schemaId - type: object properties: schemaId: - type: string description: The unique identifier of a schema the VC should comply with. example: https://schema.org/Person + type: string trustIssuers: - type: array - items: - type: string description: One or more issuers that are trusted by the verifier emitting the proof presentation request. example: - did:web:atalaprism.io/users/testUser - did.prism:123 - did:prism:... + type: array + items: + type: string ProofType: + title: ProofType type: string enum: - cwt - jwt - ldp_vp + const: jwt ProofTypeConfiguration: + title: ProofTypeConfiguration type: object properties: proof_signing_alg_values_supported: @@ -6718,9 +7793,10 @@ components: items: type: string PublicKeyJwk: + title: PublicKeyJwk + type: object required: - kty - type: object properties: crv: type: string @@ -6731,9 +7807,10 @@ components: kty: type: string Purpose: - type: string + title: Purpose description: Purpose of the verification material in the DID Document example: authentication + type: string enum: - assertionMethod - authentication @@ -6741,60 +7818,62 @@ components: - capabilityInvocation - keyAgreement RemoveEntryById: + title: RemoveEntryById + type: object required: - id - type: object properties: id: type: string RequestPresentationAction: + title: RequestPresentationAction + type: object required: - action - type: object properties: action: - type: string description: The action to perform on the proof presentation record. example: request-accept + type: string enum: - request-accept - request-reject - presentation-accept - presentation-reject proofId: - type: array - items: - type: string description: The unique identifier of the issue credential record - and hence VC - to use as the prover accepts the presentation request. Only applicable on the prover side when the action is `request-accept`. + type: array + items: + type: string anoncredPresentationRequest: $ref: '#/components/schemas/AnoncredCredentialProofsV1' claims: $ref: '#/components/schemas/Obj' credentialFormat: - type: string description: The credential format (default to 'JWT') example: JWT + type: string RequestPresentationInput: + title: RequestPresentationInput type: object properties: goalCode: - type: string description: |2 A self-attested code the receiver may want to display to the user or use in automatically deciding what to do with the out-of-band message. goalcode is optional and can be provided when the presentation request is from invitation for connectionless verification. example: present-vp - goal: type: string + goal: description: |2 A self-attested string that the receiver may want to display to the user about the context-specific goal of the out-of-band message. goal is optional and can be provided when the presentation request is from invitation for connectionless verification. example: Request proof of vaccine - connectionId: type: string + connectionId: description: |2 The unique identifier of a DIDComm connection that already exists between the this verifier agent and the prover cloud or edeg agent. @@ -6802,41 +7881,53 @@ components: This connection will be used to execute the present proof protocol. Note: connectionId is only required when the presentation request is from existing connection. connectionId is not required when the presentation request is from invitation for connectionless issuance. - format: uuid example: d9569cec-c81e-4779-aa86-0d5994d82676 + type: string + format: uuid options: $ref: '#/components/schemas/Options' proofs: - type: array - items: - $ref: '#/components/schemas/ProofRequestAux' description: The type of proofs requested in the context of this proof presentation request (e.g., VC schema, trusted issuers, etc.) example: [] + type: array + items: + $ref: '#/components/schemas/ProofRequestAux' anoncredPresentationRequest: $ref: '#/components/schemas/AnoncredPresentationRequestV1' + presentationFormat: + $ref: '#/components/schemas/PresentCredentialRequestFormat' claims: $ref: '#/components/schemas/Obj' credentialFormat: - type: string description: The credential format (default to 'JWT') example: JWT - Revocation: - type: object + type: string + ResourceResolutionMethod: + title: ResourceResolutionMethod + description: The method used to resolve the schema. It can be either HTTP or + DID. + example: http + type: string + enum: + - did + - http Service: + title: Service + description: A service that should appear in the DID document. https://www.w3.org/TR/did-core/#services + type: object required: - id - type - serviceEndpoint - type: object properties: id: - type: string description: |- The id of the service. Requires a URI fragment when use in create / update DID. Returns the full ID (with DID prefix) when resolving DID example: service-1 + type: string type: description: Service type. Can contain multiple possible values as described in the [Create DID operation](https://github.com/input-output-hk/prism-did-method-spec/blob/main/w3c-spec/PRISM-method.md#create-did) @@ -6848,33 +7939,37 @@ components: type: string - type: string serviceEndpoint: - $ref: '#/components/schemas/Json' - description: A service that should appear in the DID document. https://www.w3.org/TR/did-core/#services + description: The service endpoint. Can contain multiple possible values + as described in the [Create DID operation](https://github.com/input-output-hk/prism-did-method-spec/blob/main/w3c-spec/PRISM-method.md#create-did) + example: https://example.com StatusListCredential: + title: StatusListCredential + type: object required: - issuer - id - issuanceDate - credentialSubject - proof - type: object properties: '@context': - type: array - items: - type: string description: List of JSON-LD contexts example: - https://www.w3.org/2018/credentials/v1 - https://w3id.org/vc/status-list/2021/v1 - type: type: array + uniqueItems: true items: type: string + type: description: List of credential types example: - VerifiableCredential - StatusList2021Credential + type: array + uniqueItems: true + items: + type: string issuer: description: DID of the issuer of status list credential example: did:prism:462c4811bf61d7de25b3baf86c5d2f0609b4debe53792d297bf612269bf8593a @@ -6882,14 +7977,14 @@ components: - $ref: '#/components/schemas/CredentialIssuer' - type: string id: - type: string description: Unique identifier of status list credential example: http://issuer-agent.com/credential-status/060a2bec-6d6f-4c1f-9414-d3c9dbd3ccc9 - issuanceDate: type: string + issuanceDate: description: Issuance timestamp of status list credential + example: '2024-11-05T11:32:21.556400758Z' + type: string format: date-time - example: '2024-09-11T13:22:27.866328096Z' credentialSubject: $ref: '#/components/schemas/CredentialSubject' proof: @@ -6904,32 +7999,29 @@ components: proofValue: zAN1rKq8npnByRqPRxhjHEkivhN8AhA8V6MqDJga1zcCUEvPDUoqJB5Rj6ZJHTCnBZ98VXTEVd1rprX2wvP1MAaTEi7Pm241qm cryptoSuite: eddsa-jcs-2022 StatusPurpose: + title: StatusPurpose description: type of status list credential, either revocation or suspension example: Revocation - oneOf: - - $ref: '#/components/schemas/Revocation' - - $ref: '#/components/schemas/Suspension' - Str: - required: - - value - type: object - properties: - value: - type: string + type: string + enum: + - Revocation + - Suspension SupportProofType: + title: SupportProofType + type: object required: - jwt - type: object properties: jwt: $ref: '#/components/schemas/ProofTypeConfiguration' SupportedCredentialConfiguration: + title: SupportedCredentialConfiguration + type: object required: - format - scope - credential_definition - proof_types_supported - type: object properties: format: $ref: '#/components/schemas/CredentialFormat' @@ -6947,30 +8039,31 @@ components: type: string proof_types_supported: $ref: '#/components/schemas/SupportProofType' - Suspension: - type: object UpdateEntityNameRequest: + title: UpdateEntityNameRequest + type: object required: - name - type: object properties: name: - type: string description: New name of the entity example: John Doe - minLength: 1 + type: string maxLength: 128 + minLength: 1 UpdateEntityWalletIdRequest: + title: UpdateEntityWalletIdRequest + type: object required: - walletId - type: object properties: walletId: - type: string description: The walletId owned by the entity - format: uuid example: 00000000-0000-0000-0000-000000000000 + type: string + format: uuid UpdateManagedDIDRequest: + title: UpdateManagedDIDRequest type: object properties: actions: @@ -6978,9 +8071,14 @@ components: items: $ref: '#/components/schemas/UpdateManagedDIDRequestAction' UpdateManagedDIDRequestAction: + title: UpdateManagedDIDRequestAction + description: |- + A list of actions to perform on DID document. + The field `addKey`, `removeKey`, `addService`, `removeService`, `updateService`, `patchContext` must corresponds to + the `actionType` specified. For example, `addKey` must be present when `actionType` is `ADD_KEY`. + type: object required: - actionType - type: object properties: actionType: $ref: '#/components/schemas/ActionType' @@ -6996,19 +8094,18 @@ components: $ref: '#/components/schemas/UpdateManagedDIDServiceAction' patchContext: $ref: '#/components/schemas/PatchContextAction' - description: |- - A list of actions to perform on DID document. - The field `addKey`, `removeKey`, `addService`, `removeService`, `updateService`, `patchContext` must corresponds to - the `actionType` specified. For example, `addKey` must be present when `actionType` is `ADD_KEY`. UpdateManagedDIDServiceAction: + title: UpdateManagedDIDServiceAction + description: A patch to existing Service. 'type' and 'serviceEndpoint' cannot + both be empty. + type: object required: - id - type: object properties: id: - type: string description: The id of the service to update example: service-1 + type: string type: description: The type of the service example: LinkedDomains @@ -7017,13 +8114,10 @@ components: items: type: string - type: string - serviceEndpoint: - $ref: '#/components/schemas/Json' - description: A patch to existing Service. 'type' and 'serviceEndpoint' cannot - both be empty. + serviceEndpoint: {} VcVerification: + title: VcVerification type: string - description: The type of verification to perform. enum: - AlgorithmVerification - AudienceCheck @@ -7038,6 +8132,7 @@ components: - SignatureVerification - SubjectVerification VcVerificationParameter: + title: VcVerificationParameter description: Optional parameter for the verification. oneOf: - $ref: '#/components/schemas/DateTimeParameter' @@ -7048,18 +8143,16 @@ components: DateTimeParameter: '#/components/schemas/DateTimeParameter' DidParameter: '#/components/schemas/DidParameter' VcVerificationRequest: + title: VcVerificationRequest + type: object required: - credential - type: object properties: credential: - type: string description: Encoded Verifiable Credential to verify example: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c + type: string verifications: - type: array - items: - $ref: '#/components/schemas/ParameterizableVcVerification' description: The list of verifications to perform on the credential. If the list is empty, all available verifications will be performed. example: @@ -7083,19 +8176,20 @@ components: - verification: AlgorithmVerification - verification: SchemaCheck - verification: SemanticCheckOfClaims + type: array + items: + $ref: '#/components/schemas/ParameterizableVcVerification' VcVerificationResponse: + title: VcVerificationResponse + type: object required: - credential - type: object properties: credential: - type: string description: Encoded Verifiable Credential that was verified. example: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c + type: string result: - type: array - items: - $ref: '#/components/schemas/VcVerificationResult' description: The list of verification results for each verification performed on the credential. example: @@ -7123,84 +8217,89 @@ components: success: true - verification: SemanticCheckOfClaims success: true + type: array + items: + $ref: '#/components/schemas/VcVerificationResult' VcVerificationResult: + title: VcVerificationResult + type: object required: - verification - success - type: object properties: verification: $ref: '#/components/schemas/VcVerification' + description: The type of verification that was performed. success: - type: boolean description: Indicates whether the verification was successful. + type: boolean VerificationMethod: + title: VerificationMethod + description: A cryptographic public key expressed in the DID document. https://www.w3.org/TR/did-core/#verification-methods + type: object required: - id - type - controller - publicKeyJwk - type: object properties: id: - type: string description: The identifier for the verification method. example: did:prism:4a5b5cf0a513e83b598bbea25cd6196746747f361a73ef77068268bc9bd732ff#key-1 - type: type: string + type: description: The type of the verification method. example: JsonWebKey2020 - controller: type: string + controller: description: The DID that controls the verification method. example: did:prism:4a5b5cf0a513e83b598bbea25cd6196746747f361a73ef77068268bc9bd732ff + type: string publicKeyJwk: $ref: '#/components/schemas/PublicKeyJwk' - description: A cryptographic public key expressed in the DID document. https://www.w3.org/TR/did-core/#verification-methods VerificationPolicyConstraint: + title: VerificationPolicyConstraint + type: object required: - schemaId - type: object properties: schemaId: - type: string description: The schema ID of the credential that is being verified. example: https://example.com/driving-license-1.0 + type: string minLength: 1 trustedIssuers: - type: array - items: - type: string description: A list of DIDs of the trusted issuers. example: - did:example:123456789abcdefghi + type: array + items: + type: string VerificationPolicyInput: + title: VerificationPolicyInput + type: object required: - name - description - type: object properties: id: - type: string description: A unique identifier to address the verification policy instance. UUID is generated by the backend. - format: uuid example: 0527aea1-d131-3948-a34d-03af39aba8b5 - name: type: string + format: uuid + name: description: A human-readable name for the verification policy. The `name` cannot be empty. example: Trusted Issuers Verification Policy + type: string minLength: 1 description: - type: string description: A human-readable description of the verification policy. example: Verification policy that checks if the credential was issued by a trusted issuer. + type: string constraints: - type: array - items: - $ref: '#/components/schemas/VerificationPolicyConstraint' description: The object that describes the constraints of the verification policy. Each constraint is a tuple of the `schemaId` and a set of DIDs of the trusted issuers. @@ -7208,7 +8307,12 @@ components: - schemaId: https://example.com/driving-license-1.0 trustedIssuers: - did:example:123456789abcdefghi + type: array + items: + $ref: '#/components/schemas/VerificationPolicyConstraint' VerificationPolicyResponse: + title: VerificationPolicyResponse + type: object required: - self - kind @@ -7218,57 +8322,53 @@ components: - description - createdAt - updatedAt - type: object properties: self: - type: string description: The URL that uniquely identifies the resource being returned in the response. example: /cloud-agent/verification/policies/0527aea1-d131-3948-a34d-03af39aba8b4 - kind: type: string + kind: description: A string that identifies the type of resource being returned in the response. example: VerificationPolicy - id: type: string + id: description: A unique identifier to address the verification policy instance. UUID is generated by the backend. - format: uuid example: 0527aea1-d131-3948-a34d-03af39aba8b5 + type: string + format: uuid nonce: - type: integer description: A number that is changed every time the verification policy is updated. - format: int32 example: 1234 + type: integer + format: int32 name: - type: string description: A human-readable name for the verification policy. The `name` cannot be empty. example: Trusted Issuers Verification Policy + type: string minLength: 1 description: - type: string description: A human-readable description of the verification policy. example: Verification policy that checks if the credential was issued by a trusted issuer. - createdAt: type: string + createdAt: description: '[RFC3339](https://www.rfc-editor.org/rfc/rfc3339) date on which the verification policy was created.' - format: date-time example: 2022-03-10T12:00Z - updatedAt: type: string + format: date-time + updatedAt: description: '[RFC3339](https://www.rfc-editor.org/rfc/rfc3339) date on which the verification policy was updated.' - format: date-time example: 2022-03-10T12:00Z + type: string + format: date-time constraints: - type: array - items: - $ref: '#/components/schemas/VerificationPolicyConstraint' description: The object that describes the constraints of the verification policy. Each constraint is a tuple of the `schemaId` and a set of DIDs of the trusted issuers. @@ -7276,44 +8376,45 @@ components: - schemaId: https://example.com/driving-license-1.0 trustedIssuers: - did:example:123456789abcdefghi + type: array + items: + $ref: '#/components/schemas/VerificationPolicyConstraint' VerificationPolicyResponsePage: + title: VerificationPolicyResponsePage + type: object required: - self - kind - pageOf - type: object properties: self: - type: string description: The URL that uniquely identifies the resource being returned in the response. example: /cloud-agent/verification/policies?name=Trusted&offset=0&limit=10 - kind: type: string + kind: description: A string that identifies the type of resource being returned in the response. example: VerificationPolicyPage - pageOf: type: string + pageOf: description: A string field indicating the type of resource that the contents field contains example: /cloud-agent/verification/policies - next: type: string + next: description: An optional string field containing the URL of the next page of results. If the API response does not contain any more pages, this field should be set to None. example: /cloud-agent/verification/policies?skip=20&limit=10 - previous: type: string + previous: description: An optional string field containing the URL of the previous page of results. If the API response is the first page of results, this field should be set to None. example: /cloud-agent/verification/policies?skip=0&limit=10 + type: string contents: - type: array - items: - $ref: '#/components/schemas/VerificationPolicyResponse' description: A sequence of VerificationPolicyResponse objects representing the list of verification policies that the paginated response contains example: @@ -7330,39 +8431,44 @@ components: - schemaId: https://example.com/driving-license-1.0 trustedIssuers: - did:example:123456789abcdefghi + type: array + items: + $ref: '#/components/schemas/VerificationPolicyResponse' WalletDetail: + title: WalletDetail + type: object required: - id - name - createdAt - updatedAt - type: object properties: id: - type: string description: A wallet ID - format: uuid example: 00000000-0000-0000-0000-000000000000 - name: type: string + format: uuid + name: description: The name of the wallet example: my-wallet-1 - createdAt: type: string + createdAt: description: The `createdAt` timestamp of the wallet. - format: date-time example: '2023-01-01T00:00:00Z' - updatedAt: type: string - description: The `updateddAt` timestamp of the wallet. format: date-time + updatedAt: + description: The `updateddAt` timestamp of the wallet. example: '2023-01-01T00:00:00Z' + type: string + format: date-time WalletDetailPage: + title: WalletDetailPage + type: object required: - self - kind - pageOf - type: object properties: self: type: string @@ -7379,35 +8485,37 @@ components: items: $ref: '#/components/schemas/WalletDetail' WebhookNotification: + title: WebhookNotification + type: object required: - id - url - customHeaders - createdAt - type: object properties: id: - type: string description: ID of webhook notification resource - format: uuid example: 00000000-0000-0000-0000-000000000000 - url: type: string + format: uuid + url: description: A URL of webhook for event notification example: http://example.com + type: string customHeaders: $ref: '#/components/schemas/Map_String' createdAt: - type: string description: A time which the webhook notification resource was created. - format: date-time example: '1970-01-01T00:00:00Z' + type: string + format: date-time WebhookNotificationPage: + title: WebhookNotificationPage + type: object required: - self - kind - pageOf - type: object properties: self: type: string diff --git a/infrastructure/local/.env b/infrastructure/local/.env index e85431101f..61994ac146 100644 --- a/infrastructure/local/.env +++ b/infrastructure/local/.env @@ -1,3 +1,3 @@ -AGENT_VERSION=1.39.0 +AGENT_VERSION=1.40.0 PRISM_NODE_VERSION=2.3.0 VAULT_DEV_ROOT_TOKEN_ID=root diff --git a/package-lock.json b/package-lock.json index 248d23f388..2f2a86c65f 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "identus-cloud-agent", - "version": "1.39.0", + "version": "1.40.0", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "identus-cloud-agent", - "version": "1.39.0", + "version": "1.40.0", "devDependencies": { "@commitlint/cli": "^19.3.0", "@commitlint/config-conventional": "^19.2.2", diff --git a/package.json b/package.json index fb2a6f920c..eabee8ec21 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "identus-cloud-agent", - "version": "1.39.0", + "version": "1.40.0", "engines": { "node": ">=16.13.0" }, diff --git a/version.sbt b/version.sbt index cd8b2f572b..a8c8ede67e 100644 --- a/version.sbt +++ b/version.sbt @@ -1 +1 @@ -ThisBuild / version := "1.39.1-SNAPSHOT" +ThisBuild / version := "1.40.1-SNAPSHOT" From 05fdf2624463227ad7b9452e52bc9d9308d3a3ad Mon Sep 17 00:00:00 2001 From: Shailesh Patil Date: Thu, 7 Nov 2024 09:47:23 +0000 Subject: [PATCH 14/17] fix: Warning on Invitation generated on Issuance (#1433) Signed-off-by: mineme0110 --- .../server/jobs/IssueBackgroundJobs.scala | 27 +++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/agent/server/jobs/IssueBackgroundJobs.scala b/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/agent/server/jobs/IssueBackgroundJobs.scala index 3cdde2853f..68c1c1d5d9 100644 --- a/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/agent/server/jobs/IssueBackgroundJobs.scala +++ b/cloud-agent/service/server/src/main/scala/org/hyperledger/identus/agent/server/jobs/IssueBackgroundJobs.scala @@ -160,6 +160,33 @@ object IssueBackgroundJobs extends BackgroundJobsHelper { val exchange = for { _ <- ZIO.logDebug(s"Running action with records => $record") _ <- record match { + case IssueCredentialRecord( + id, + _, + _, + _, + _, + _, + _, + _, + _, + Role.Issuer, + _, + _, + _, + _, + InvitationGenerated, + Some(offer), + _, + _, + _, + _, + _, + _, + _, + _, + ) => + ZIO.debug(s" Connectionless InvitationGenerated record received no processing required") *> ZIO.unit // Offer should be sent from Issuer to Holder case IssueCredentialRecord( id, From 01f0eb7681335f556cbb4a39e2edf1d669a441d8 Mon Sep 17 00:00:00 2001 From: Allain Magyar Date: Mon, 11 Nov 2024 18:42:29 -0300 Subject: [PATCH 15/17] test: add didcomm test (#1427) Signed-off-by: Allain Magyar Signed-off-by: Hyperledger Bot Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Hyperledger Bot --- .github/workflows/integration-tests.yml | 20 ++- .mega-linter.yml | 4 +- tests/didcomm-tests/docker/docker-compose.yml | 128 ++++++++++++++++++ tests/didcomm-tests/docker/initdb.js | 26 ++++ .../docker/postgres/init-script.sh | 24 ++++ .../docker/postgres/max_conns.sql | 2 + tests/didcomm-tests/docker/run.sh | 11 ++ tests/didcomm-tests/docker/stop.sh | 8 ++ tests/didcomm-tests/package.json | 14 ++ 9 files changed, 233 insertions(+), 4 deletions(-) create mode 100644 tests/didcomm-tests/docker/docker-compose.yml create mode 100644 tests/didcomm-tests/docker/initdb.js create mode 100755 tests/didcomm-tests/docker/postgres/init-script.sh create mode 100644 tests/didcomm-tests/docker/postgres/max_conns.sql create mode 100755 tests/didcomm-tests/docker/run.sh create mode 100755 tests/didcomm-tests/docker/stop.sh create mode 100644 tests/didcomm-tests/package.json diff --git a/.github/workflows/integration-tests.yml b/.github/workflows/integration-tests.yml index 813af6813e..95d786ea46 100644 --- a/.github/workflows/integration-tests.yml +++ b/.github/workflows/integration-tests.yml @@ -16,7 +16,6 @@ on: defaults: run: shell: bash - working-directory: "tests/integration-tests" permissions: checks: write @@ -58,12 +57,10 @@ jobs: - name: Build local version of Cloud Agent id: build_local_cloud_agent env: - CLOUD_AGENT_PATH: "../.." ENV_FILE: "infrastructure/local/.env" GITHUB_ACTOR: hyperledger-bot GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | - cd "${CLOUD_AGENT_PATH}" || exit 129 sbt docker:publishLocal echo "agent_version=$(cut -d'=' -f2 version.sbt | tr -d '" ')" >> "${GITHUB_OUTPUT}" echo "prism_node_version=$(grep PRISM_NODE_VERSION infrastructure/local/.env | cut -d'=' -f2 | tr -d ' ')" >> "${GITHUB_OUTPUT}" @@ -74,6 +71,7 @@ jobs: java-version: "19" - name: Run integration tests + working-directory: "tests/integration-tests" env: PRISM_NODE_VERSION: ${{ steps.build_local_cloud_agent.outputs.prism_node_version }} AGENT_VERSION: ${{ steps.build_local_cloud_agent.outputs.agent_version }} @@ -84,6 +82,7 @@ jobs: ./gradlew test --tests "IntegrationTestsRunner" - name: Make report of integration tests + working-directory: "tests/integration-tests" if: always() env: PRISM_NODE_VERSION: ${{ steps.build_local_cloud_agent.outputs.prism_node_version }} @@ -94,6 +93,7 @@ jobs: ./gradlew reports - name: Extract test results + working-directory: "tests/integration-tests" id: analyze_test_results if: github.ref_name == 'main' && always() run: | @@ -161,3 +161,17 @@ jobs: SLACK_TITLE: "Identus Cloud Agent Integration Tests: ${{ steps.analyze_test_results.outputs.conclusion }}" SLACK_USERNAME: circleci SLACK_WEBHOOK: ${{ secrets.E2E_TESTS_SLACK_WEBHOOK }} + + - uses: actions/setup-node@v4 + with: + node-version: 20 + + - name: Run didcomm tests + working-directory: "tests/didcomm-tests" + env: + AGENT_VERSION: ${{ steps.build_local_cloud_agent.outputs.agent_version }} + run: | + ./docker/run.sh "$AGENT_VERSION" + npm i + npm test + ./docker/stop.sh diff --git a/.mega-linter.yml b/.mega-linter.yml index d065f68b12..786cf36edd 100644 --- a/.mega-linter.yml +++ b/.mega-linter.yml @@ -63,5 +63,7 @@ SQL_SQL_LINT_ARGUMENTS: -d postgres --ignore-errors=postgres-invalid-alter-optio YAML_YAMLLINT_FILTER_REGEX_EXCLUDE: "infrastructure/charts/agent/*|cloud-agent/service/api/http/*|examples/*" YAML_PRETTIER_FILTER_REGEX_EXCLUDE: "infrastructure/charts/agent/*|cloud-agent/service/api/http/*|examples/*" YAML_V8R_FILTER_REGEX_EXCLUDE: "infrastructure/charts/agent/*" -JAVASCRIPT_STANDARD_FILTER_REGEX_EXCLUDE: "tests/performance-tests/agent-performance-tests-k6/src/k6chaijs.js" +JAVASCRIPT_STANDARD_FILTER_REGEX_EXCLUDE: + "tests/performance-tests/agent-performance-tests-k6/src/k6chaijs.js\ + |tests/didcomm-tests/docker/initdb.js" BASH_SHELLCHECK_FILTER_REGEX_EXCLUDE: "infrastructure/*" diff --git a/tests/didcomm-tests/docker/docker-compose.yml b/tests/didcomm-tests/docker/docker-compose.yml new file mode 100644 index 0000000000..3bb9e1bed6 --- /dev/null +++ b/tests/didcomm-tests/docker/docker-compose.yml @@ -0,0 +1,128 @@ +--- +services: + ########################## + # Database + ########################## + db: + image: postgres:13 + environment: + POSTGRES_MULTIPLE_DATABASES: "castor,pollux,connect,agent,node_db" + POSTGRES_USER: postgres + POSTGRES_PASSWORD: postgres + volumes: + - ./postgres/init-script.sh:/docker-entrypoint-initdb.d/init-script.sh + - ./postgres/max_conns.sql:/docker-entrypoint-initdb.d/max_conns.sql + healthcheck: + test: ["CMD", "pg_isready", "-U", "postgres", "-d", "agent"] + interval: 10s + timeout: 5s + retries: 5 + + ########################## + # Mediator + ########################## + mongo: + image: mongo:6.0 + command: ["--auth"] + environment: + - MONGO_INITDB_ROOT_USERNAME=admin + - MONGO_INITDB_ROOT_PASSWORD=admin + - MONGO_INITDB_DATABASE=mediator + volumes: + - ./initdb.js:/docker-entrypoint-initdb.d/initdb.js + + mediator: + network_mode: "container:didcomm-stack" + image: ghcr.io/hyperledger/identus-mediator:1.0.0 + environment: + # Creates the identity: + - KEY_AGREEMENT_D=Z6D8LduZgZ6LnrOHPrMTS6uU2u5Btsrk1SGs4fn8M7c + - KEY_AGREEMENT_X=Sr4SkIskjN_VdKTn0zkjYbhGTWArdUNE4j_DmUpnQGw + - KEY_AUTHENTICATION_D=INXCnxFEl0atLIIQYruHzGd5sUivMRyQOzu87qVerug + - KEY_AUTHENTICATION_X=MBjnXZxkMcoQVVL21hahWAw43RuAG-i64ipbeKKqwoA + - SERVICE_ENDPOINTS=http://localhost:8080;ws://localhost:8080/ws + - MONGODB_USER=admin + - MONGODB_PASSWORD=admin + - MONGODB_PROTOCOL=mongodb + - MONGODB_HOST=mongo + - MONGODB_PORT=27017 + - MONGODB_DB_NAME=mediator + depends_on: + - "mongo" + - "agent" + + ########################## + # Building-blocks + ########################## + prism-node: + image: ghcr.io/input-output-hk/prism-node:2.5.0 + environment: + NODE_PSQL_HOST: db:5432 + depends_on: + db: + condition: service_healthy + + agent: + container_name: didcomm-stack + image: ghcr.io/hyperledger/identus-cloud-agent:${CLOUD_AGENT_VERSION} + ports: + - "8080:8080" + - "8090:8090" + - "8091:8091" + environment: + CASTOR_DB_HOST: db + CASTOR_DB_PORT: 5432 + CASTOR_DB_NAME: castor + CASTOR_DB_USER: postgres + CASTOR_DB_PASSWORD: postgres + POLLUX_DB_HOST: db + POLLUX_DB_PORT: 5432 + POLLUX_DB_NAME: pollux + POLLUX_DB_USER: postgres + POLLUX_DB_PASSWORD: postgres + CONNECT_DB_HOST: db + CONNECT_DB_PORT: 5432 + CONNECT_DB_NAME: connect + CONNECT_DB_USER: postgres + CONNECT_DB_PASSWORD: postgres + AGENT_DB_HOST: db + AGENT_DB_PORT: 5432 + AGENT_DB_NAME: agent + AGENT_DB_USER: postgres + AGENT_DB_PASSWORD: postgres + AGENT_HTTP_PORT: 8090 + REST_SERVICE_URL: http://localhost:8090 + AGENT_DIDCOMM_PORT: 8091 + DIDCOMM_SERVICE_URL: http://localhost:8091 + PRISM_NODE_HOST: prism-node + PRISM_NODE_PORT: 50053 + SECRET_STORAGE_BACKEND: postgres + DEV_MODE: true + DEFAULT_WALLET_ENABLED: + DEFAULT_WALLET_SEED: + DEFAULT_WALLET_WEBHOOK_URL: + DEFAULT_WALLET_WEBHOOK_API_KEY: + DEFAULT_WALLET_AUTH_API_KEY: + GLOBAL_WEBHOOK_URL: + GLOBAL_WEBHOOK_API_KEY: + WEBHOOK_PARALLELISM: + ADMIN_TOKEN: + API_KEY_SALT: + API_KEY_ENABLED: false + API_KEY_AUTHENTICATE_AS_DEFAULT_USER: + API_KEY_AUTO_PROVISIONING: + NODE_REFRESH_AND_SUBMIT_PERIOD: + NODE_MOVE_SCHEDULED_TO_PENDING_PERIOD: + NODE_WALLET_MAX_TPS: + depends_on: + db: + condition: service_healthy + prism-node: + condition: service_started + healthcheck: + test: ["CMD", "curl", "-f", "http://localhost:8090/_system/health"] + interval: 10s + timeout: 10s + retries: 5 + extra_hosts: + - "host.docker.internal:host-gateway" diff --git a/tests/didcomm-tests/docker/initdb.js b/tests/didcomm-tests/docker/initdb.js new file mode 100644 index 0000000000..62cab0b6cf --- /dev/null +++ b/tests/didcomm-tests/docker/initdb.js @@ -0,0 +1,26 @@ +db.createUser({ + user: 'admin', + pwd: 'admin', + roles: [ + { role: 'readWrite', db: 'mediator' } + ] +}) + +const database = 'mediator' +const collectionDidAccount = 'user.account' +const collectionMessages = 'messages' +const collectionMessagesSend = 'messages.outbound' + +// The current database to use. +use(database) + +// Create collections. +db.createCollection(collectionDidAccount) +db.createCollection(collectionMessages) +db.createCollection(collectionMessagesSend) + +// create index +db.getCollection(collectionDidAccount).createIndex({ did: 1 }, { unique: true }) +// Only enforce uniqueness on non-empty arrays +db.getCollection(collectionDidAccount).createIndex({ alias: 1 }, { unique: true, partialFilterExpression: { 'alias.0': { $exists: true } } }) +db.getCollection(collectionDidAccount).createIndex({ 'messagesRef.hash': 1, 'messagesRef.recipient': 1 }) diff --git a/tests/didcomm-tests/docker/postgres/init-script.sh b/tests/didcomm-tests/docker/postgres/init-script.sh new file mode 100755 index 0000000000..58c7cd1034 --- /dev/null +++ b/tests/didcomm-tests/docker/postgres/init-script.sh @@ -0,0 +1,24 @@ +#!/bin/bash + +set -e +set -u + +function create_user_and_database() { + local database=$1 + local app_user=${database}-application-user + echo " Creating user and database '$database'" + psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" <<-EOSQL + CREATE USER "$app_user" WITH PASSWORD 'password'; + CREATE DATABASE $database; + \c $database + ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT, INSERT, UPDATE, DELETE ON TABLES TO "$app_user"; + EOSQL +} + +if [ -n "$POSTGRES_MULTIPLE_DATABASES" ]; then + echo "Multiple database creation requested: $POSTGRES_MULTIPLE_DATABASES" + for db in $(echo "$POSTGRES_MULTIPLE_DATABASES" | tr ',' ' '); do + create_user_and_database "$db" + done + echo "Multiple databases created" +fi diff --git a/tests/didcomm-tests/docker/postgres/max_conns.sql b/tests/didcomm-tests/docker/postgres/max_conns.sql new file mode 100644 index 0000000000..982b2c36ea --- /dev/null +++ b/tests/didcomm-tests/docker/postgres/max_conns.sql @@ -0,0 +1,2 @@ + +ALTER SYSTEM SET max_connections = 500; diff --git a/tests/didcomm-tests/docker/run.sh b/tests/didcomm-tests/docker/run.sh new file mode 100755 index 0000000000..9b9ec161c4 --- /dev/null +++ b/tests/didcomm-tests/docker/run.sh @@ -0,0 +1,11 @@ +#!/usr/bin/env bash + +set -e + +CLOUD_AGENT_VERSION=$1 + +PORT="$PRISM_PORT" \ + CLOUD_AGENT_VERSION="$CLOUD_AGENT_VERSION" \ + docker compose \ + -f "docker/docker-compose.yml" \ + up -d --wait diff --git a/tests/didcomm-tests/docker/stop.sh b/tests/didcomm-tests/docker/stop.sh new file mode 100755 index 0000000000..c3f7fb6865 --- /dev/null +++ b/tests/didcomm-tests/docker/stop.sh @@ -0,0 +1,8 @@ +#!/usr/bin/env bash + +set -e + +CLOUD_AGENT_VERSION="$CLOUD_AGENT_VERSION" \ + docker compose \ + -f "./docker/docker-compose.yml" \ + down -v diff --git a/tests/didcomm-tests/package.json b/tests/didcomm-tests/package.json new file mode 100644 index 0000000000..afafc14f41 --- /dev/null +++ b/tests/didcomm-tests/package.json @@ -0,0 +1,14 @@ +{ + "name": "didcomm-tests", + "version": "1.0.0", + "description": "Test suite for executing didcomm tests", + "main": "index.js", + "scripts": { + "test": "node node_modules/@amagyar-iohk/didcomm-test/dist/suite.spec.js" + }, + "author": "Allain Magyar", + "license": "ISC", + "dependencies": { + "@amagyar-iohk/didcomm-test": "^1.0.4" + } +} From b12315ca59aed8ed4290f11f5b93d817af63a019 Mon Sep 17 00:00:00 2001 From: mix irving Date: Tue, 19 Nov 2024 21:05:20 +1300 Subject: [PATCH 16/17] docs: connectionless issue (#1447) Signed-off-by: mixmix --- .../credentials/connectionless/issue.md | 450 ++++++++++++++++++ .../connectionless/present-proof.md | 0 .../{ => didcomm}/anoncreds-setup.png | Bin .../{ => didcomm}/anoncreds-setup.puml | 0 .../issue-flow.anoncreds.png} | Bin .../issue-flow.anoncreds.puml} | 0 .../issue-flow.jwt.png} | Bin .../issue-flow.jwt.puml} | 0 .../credentials/{ => didcomm}/issue.md | 28 +- .../present-proof-flow.anoncreds.png} | Bin .../present-proof-flow.anoncreds.puml} | 0 .../present-proof-flow.jwt.png} | Bin .../present-proof-flow.jwt.puml} | 0 .../{ => didcomm}/present-proof.md | 15 +- .../{oid4vci.md => oid4cv/issue.md} | 2 +- docs/docusaurus/sidebars.js | 7 +- 16 files changed, 474 insertions(+), 28 deletions(-) create mode 100644 docs/docusaurus/credentials/connectionless/issue.md create mode 100644 docs/docusaurus/credentials/connectionless/present-proof.md rename docs/docusaurus/credentials/{ => didcomm}/anoncreds-setup.png (100%) rename docs/docusaurus/credentials/{ => didcomm}/anoncreds-setup.puml (100%) rename docs/docusaurus/credentials/{anoncreds-issue-flow.png => didcomm/issue-flow.anoncreds.png} (100%) rename docs/docusaurus/credentials/{anoncreds-issue-flow.puml => didcomm/issue-flow.anoncreds.puml} (100%) rename docs/docusaurus/credentials/{issue-flow.png => didcomm/issue-flow.jwt.png} (100%) rename docs/docusaurus/credentials/{issue-flow.puml => didcomm/issue-flow.jwt.puml} (100%) rename docs/docusaurus/credentials/{ => didcomm}/issue.md (94%) rename docs/docusaurus/credentials/{anoncreds-present-proof-flow.png => didcomm/present-proof-flow.anoncreds.png} (100%) rename docs/docusaurus/credentials/{anoncreds-present-proof-flow.puml => didcomm/present-proof-flow.anoncreds.puml} (100%) rename docs/docusaurus/credentials/{present-proof-flow.png => didcomm/present-proof-flow.jwt.png} (100%) rename docs/docusaurus/credentials/{present-proof-flow.puml => didcomm/present-proof-flow.jwt.puml} (100%) rename docs/docusaurus/credentials/{ => didcomm}/present-proof.md (98%) rename docs/docusaurus/credentials/{oid4vci.md => oid4cv/issue.md} (99%) diff --git a/docs/docusaurus/credentials/connectionless/issue.md b/docs/docusaurus/credentials/connectionless/issue.md new file mode 100644 index 0000000000..fc853fc42b --- /dev/null +++ b/docs/docusaurus/credentials/connectionless/issue.md @@ -0,0 +1,450 @@ +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + +# Issue credentials (Connectionless) + +In the Identus Platform, the [Issue Credentials Protocol](/docs/concepts/glossary#issue-credential-protocol) allows you to create, retrieve, and manage issued [verifiable credentials (VCs)](/docs/concepts/glossary#verifiable-credentials) between a VC issuer and a VC holder. + +## Roles + +In the Issue Credentials Protocol, there are two roles: + +1. The [Issuer](/docs/concepts/glossary#issuer) is responsible for creating a new credential offer, sending it to a Holder, and issuing the VC once the offer is accepted. +2. The [Holder](/docs/concepts/glossary#holder) is responsible for accepting a credential offer from an issuer and receiving the VC. + +The Issuer and Holder interact with the Identus Cloud Agent API to perform the operations defined in the protocol. + + +## Prerequisites + +Before using the "Connectionless" Issuing Credentials protocol, the following conditions must be present: + + + + +1. Issuer Cloud Agents is up and running +2. The Issuer has a published PRISM DID, and the [DID document](/docs/concepts/glossary#did-document) must have at least one `assertionMethod` key for issuing credentials (see [Create DID](../../dids/create.md) and [Publish DID](../../dids/publish.md)) +3. The Holder is either another Cloud Agent or Edge Agent SDK + + + + +1. Issuer Cloud Agents is up and running +2. The Issuer has a published PRISM DID, and the [DID document](/docs/concepts/glossary#did-document) must have at least one `assertionMethod` key for issuing credentials (see [Create DID](../../dids/create.md) and [Publish DID](../../dids/publish.md)) +3. The Issuer must have created an AnonCreds Credential Definition as described [here](../../credentialdefinition/create.md). +4. The Holder is either another Cloud Agent or Edge Agent SDK + + + + +- 📌 **Note:** Currently we only support `Ed25519` curve +1. Issuer Cloud Agents is up and running +2. The Issuer has a published PRISM DID, and the [DID document](/docs/concepts/glossary#did-document) must have at least one `assertionMethod` key for issuing credentials (see [Create DID](../../dids/create.md) and [Publish DID](../../dids/publish.md)) +3. The Holder is either another Cloud Agent or Edge Agent SDK +4. The Holder must have a PRISM DID, and the DID document must have at least one `authentication` key for presenting the proof and the curve must be `Ed25519`. + + + + +## Overview + +The protocol described is a VC issuance process between an Issuer (Identus Cloud Agent) and Holder (Identus Edge Agent SDK). + +The protocol consists of the following main parts: + +1. The Issuer creates a new credential offer using the [`/issue-credentials/credential-offers/invitation`](/identus-docs/agent-api/#tag/Issue-Credentials-Protocol/operation/createCredentialOffer) endpoint, which includes information such as the schema identifier and claims. This returns a unique OOB (out-of-band) invitate code for the prospective Holder. +2. The Holder accepts the OOB invite (see SDK `acceptInvitation`) +3. The Issuer responds by sending the actual Credential Offer +4. The Holder accepts the Credential Offer +5. The Issuer sends the Verifiable Credential + +The claims provide specific information about the individual, such as their name or qualifications. + +This protocol is applicable in various real-life scenarios, such as educational credentialing, employment verification, and more. +In these scenarios, the Issuer could be a school, an employer, etc., and the Holder could be a student or an employee. +The VCs issued during this protocol could represent a diploma, a certificate of employment, etc. + +## Endpoints + +| Endpoint | Description | Role | +|--------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------|----------------| +| [`/issue-credentials/credential-offers/invitation`](/agent-api/#tag/Issue-Credentials-Protocol/operation/createCredentialOffer) | This endpoint allows you to create a new credential offer invitation | Issuer | +| [`/issue-credentials/credential-offers/accept-invitation`](/agent-api/#tag/Issue-Credentials-Protocol/operation/acceptCredentialOfferInvitation) | This endpoint allows you to accept the invitation | Holder | +| [`/issue-credentials/records`](/agent-api/#tag/Issue-Credentials-Protocol/operation/getCredentialRecords) | This endpoint allows you to retrieve a collection of all the existing credential records | Issuer, Holder | +| [`/issue-credentials/records/{recordId}`](/agent-api/#tag/Issue-Credentials-Protocol/operation/getCredentialRecord) | This endpoint allows you to retrieve a specific credential record by its `id` | Issuer, Holder | +| [`/issue-credentials/records/{recordId}/accept-offer`](/agent-api/#tag/Issue-Credentials-Protocol/operation/acceptCredentialOffer) | This endpoint allows you to accept a credential offer | Holder | +| [`/issue-credentials/records/{recordId}/issue-credential`](/agent-api/#tag/Issue-Credentials-Protocol/operation/issueCredential) | This endpoint allows you to issue a VC for a specific credential record. | Issuer | + + +:::info +Please check the full [Cloud Agent API](/agent-api) specification for more detailed information. +::: + +## Issuer interactions + +This section describes the Issuer role's available interactions with the Cloud Agent. + +### Creating a Credential Offer + +To start the process, the issuer needs to create a credential offer invitation. +To do this, make a `POST` request to the [`/issue-credentials/credential-offers/invitation`](/agent-api/#tag/Issue-Credentials-Protocol/operation/createCredentialOffer) endpoint with a JSON payload that includes the following information: + + + + +1. `claims`: The data stored in a verifiable credential. Claims get expressed in a key-value format. The claims contain the data that the issuer attests to, such as name, address, date of birth, and so on. +2. `issuingDID`: The DID referring to the issuer to issue this credential from +3. `schemaId`: An optional field that, if specified, contains a valid URL to an existing VC schema. + The Cloud Agent must be able to dereference the specified URL (i.e. fetch the VC schema content from it), in order to validate the provided claims against it. + When not specified, the claims fields is not validated and can be any valid JSON object. + Please refer to the [Create VC schema](../../schemas/create.md) doc for details on how to create a VC schema. +4. `credentialFormat`: The format of the credential that will be issued - `JWT` in this case. When not specified, the default value is `JWT`. + +:::note +The `issuingDID` property comes from completing the pre-requisite steps listed above +::: + +Once the request initiates, a new credential record for the issuer gets created with a unique ID. The state of this record is now `OfferPending`. + +```shell +# Issuer POST request to create a new credential offer +curl -X 'POST' \ + 'http://localhost:8080/cloud-agent/issue-credentials/credential-offers/invitation' \ + -H 'accept: application/json' \ + -H 'Content-Type: application/json' \ + -H "apikey: $API_KEY" \ + -d '{ + "claims": { + "emailAddress": "alice@wonderland.com", + "givenName": "Alice", + "familyName": "Wonderland", + "dateOfIssuance": "2020-11-13T20:20:39+00:00", + "drivingLicenseID": "12345", + "drivingClass": 3 + }, + "credentialFormat": "JWT", + "issuingDID": "did:prism:9f847f8bbb66c112f71d08ab39930d468ccbfe1e0e1d002be53d46c431212c26", + "schemaId": "http://localhost:8080/cloud-agent/schema-registry/schemas/3f86a73f-5b78-39c7-af77-0c16123fa9c2" + }' +``` + + + + +1. `claims`: The data stored in a verifiable credential. AnonCreds claims get expressed in a flat, "string -> string", key-value pair format. The claims contain the data that the issuer attests to, such as name, address, date of birth, and so on. +2. `issuingDID`: The DID referring to the issuer to issue this credential from +3. `credentialDefinitionId`: The unique ID of the [credential definition](../../credentialdefinition/credential-definition.md) that has been created by the issuer as a prerequisite. Please refer to the [Create AnonCreds Credential Definition](../../credentialdefinition/credential-definition.md) doc for details on how to create a credential definition. +:::note +📌 Note: If the credential definition was created via HTTP URL endpoint, then this credential definition will be referenced to that credential via HTTP URL, and if this credential definition was created via DID URL endpoint, then it will be referenced via DID URL, How to create credential definition for HTTP URL or DID URL is explained in [credential definition creation guide](../../credentialdefinition/create.md) +::: +4. `credentialFormat`: The format of the credential that will be issued - `AnonCreds` in this case. + +:::note +The `issuingDID` and `credentialDefinitionId` properties come from completing the pre-requisite steps listed above +::: + +Once the request initiates, a new credential record for the issuer gets created with a unique ID. The state of this record is now `OfferPending`. + +```shell +# Issuer POST request to create a new credential offer +curl -X 'POST' \ + 'http://localhost:8080/cloud-agent/issue-credentials/credential-offers/invitation' \ + -H 'accept: application/json' \ + -H 'Content-Type: application/json' \ + -H "apikey: $API_KEY" \ + -d '{ + "claims": { + "emailAddress": "alice@wonderland.com", + "givenName": "Alice", + "familyName": "Wonderland", + "dateOfIssuance": "2020-11-13T20:20:39+00:00", + "drivingLicenseID": "12345", + "drivingClass": "3" + }, + "credentialFormat": "AnonCreds", + "issuingDID": "did:prism:9f847f8bbb66c112f71d08ab39930d468ccbfe1e0e1d002be53d46c431212c26", + "credentialDefinitionId": "5d737816-8fe8-3492-bfe3-1b3e2b67220b" + }' +``` + + + + + +1. `claims`: The data stored in a verifiable credential. Claims get expressed in a key-value format. The claims contain the data that the issuer attests to, such as name, address, date of birth, and so on. +2. `issuingDID`: The DID referring to the issuer to issue this credential from +4. `schemaId`: An optional field that, if specified, contains a valid URL to an existing VC schema. + The Cloud Agent must be able to dereference the specified URL (i.e. fetch the VC schema content from it), in order to validate the provided claims against it. + When not specified, the claims fields is not validated and can be any valid JSON object. + Please refer to the [Create VC schema](../../schemas/create.md) doc for details on how to create a VC schema. +5. `credentialFormat`: The format of the credential that will be issued - `SDJWT` in this case. + +:::note +The `issuingDID` property comes from completing the pre-requisite steps listed above +::: + +- 📌 **Note:** Claims can also include the `exp` Expiration Time attribute, which is part of JWT claims. `exp` attribute is disclosable if specified and can have a value in epoch time (in seconds), indicating when the SDJWT credential expires for more details +[RFC5719](https://datatracker.ietf.org/doc/html/rfc7519#page-9) + +Once the request initiates, a new credential record for the issuer gets created with a unique ID. The state of this record is now `OfferPending`. + +```shell +# Issuer POST request to create a new credential offer +curl -X 'POST' \ + 'http://localhost:8080/cloud-agent/issue-credentials/credential-offers/invitation' \ + -H 'accept: application/json' \ + -H 'Content-Type: application/json' \ + -H "apikey: $API_KEY" \ + -d '{ + "claims": { + "emailAddress": "alice@wonderland.com", + "givenName": "Alice", + "familyName": "Wonderland", + "dateOfIssuance": "2020-11-13T20:20:39+00:00", + "drivingLicenseID": "12345", + "drivingClass": 3, + "exp" : 1883000000 + }, + "credentialFormat": "SDJWT", + "issuingDID": "did:prism:9f847f8bbb66c112f71d08ab39930d468ccbfe1e0e1d002be53d46c431212c26", + "schemaId": "http://localhost:8080/cloud-agent/schema-registry/schemas/3f86a73f-5b78-39c7-af77-0c16123fa9c2" + }' +``` + + + + + +### Sending the Offer to the Holder + +The next step for the Issuer is to send the OOB invite Holder (by definition, this is "out of band", so not handled by Identus). +Common ways to convey such OOB invites might be a QR code that is scanned, or via an existing channel of connection in an application. + + +### Issuing the Credential + +Once the holder has approved the offer and sent a request to the Issuer, +the Issuer will receive the request via DIDComm and update the record state to `RequestReceived.` + +The Issuer can then use the [`/issue-credentials/records/{recordId}/issue-credential`](/agent-api/#tag/Issue-Credentials-Protocol/operation/issueCredential) endpoint to issue the credential to the holder. + +```shell +# Issuer POST request to issue the credential +# make sure you have `issuer_record_id` extracted from created credential offer +# and the record achieved `RequestReceived` state +curl -X POST \ + "http://localhost:8080/cloud-agent/issue-credentials/records/$issuer_record_id/issue-credential" \ + -H "Content-Type: application/json" \ + -H "apikey: $API_KEY" +``` + +When this endpoint gets called, the state of the record will change to `CredentialPending,` and after processing, it will change to `CredentialGenerated.` + +Finally, the Issuer agent will send the credential to the holder via DIDComm, +and the state of the record will change to `CredentialSent`. +At this point, the Issuer's interactions with the holder are complete. + +```mermaid +--- +title: Issuer flow +--- +stateDiagram-v2 + [*] --> OfferPending: create credential offer (`/issue-credentials/credential-offers`) + OfferPending --> OfferSent: send offer (auto via PRISM Agent DIDComm) + OfferSent --> RequestReceived: receive request (auto via PRISM Agent DIDComm) + RequestReceived --> CredentialPending: issue credential (`/issue-credentials/records/{recordId}/issue-credential`) + CredentialPending --> CredentialGenerated: process issued credential (auto via PRISM Agent) + CredentialGenerated --> CredentialSent: send credential (auto via PRISM Agent) +``` + +## Holder interactions + +This section describes the Holder role's available interactions with the Cloud Agent. + +### Receiving the VC Offer + +The Holder will receive the offer from the Issuer via DIDComm, +and a new credential record with a unique ID gets created in the `OfferReceived` state. + +This process is automatic for the Cloud Agent. + +You could check if a new credential offer is available using [`/issue-credentials/records`](/#tag/Issue-Credentials-Protocol/operation/getCredentialRecords) request and check for any records available in `OfferReceived` state: +```shell +# Holder GET request to retrieve credential records +curl "http://localhost:8090/cloud-agent/issue-credentials/records" \ + -H "Content-Type: application/json" \ + -H "apikey: $API_KEY" +``` + + +### Approving the VC Offer + +To accept the offer, the Holder can make a `POST` request to the [`/issue-credentials/records/{recordId}/accept-offer`](/agent-api/#tag/Issue-Credentials-Protocol/operation/acceptCredentialOffer) endpoint with a JSON payload that includes the following information: + + + + +1. `holder_record_id`: The unique identifier of the issue credential record known by the holder's Cloud Agent. +2. `subjectId`: This field represents the unique identifier for the subject of the verifiable credential. It is a short-form PRISM [DID](/docs/concepts/glossary#decentralized-identifier) string, such as `did:prism:subjectIdentifier`. + +```shell +# Holder POST request to accept the credential offer +curl -X POST "http://localhost:8090/cloud-agent/issue-credentials/records/$holder_record_id/accept-offer" \ + -H 'accept: application/json' \ + -H 'Content-Type: application/json' \ + -H "apikey: $API_KEY" \ + -d '{ + "subjectId": "did:prism:subjectIdentifier" + }' +``` + + + + +1. `holder_record_id`: The unique identifier of the issue credential record known by the holder's Cloud Agent. + +```shell +# Holder POST request to accept the credential offer +curl -X POST "http://localhost:8090/cloud-agent/issue-credentials/records/$holder_record_id/accept-offer" \ + -H 'accept: application/json' \ + -H 'Content-Type: application/json' \ + -H "apikey: $API_KEY" \ + -d '{}' +``` + + + + + +1. `holder_record_id`: The unique identifier of the issue credential record known by the holder's Cloud Agent. +2. `subjectId`: This field represents the unique identifier for the subject of the verifiable credential. It is a short-form PRISM [DID](/docs/concepts/glossary#decentralized-identifier) string, such as `did:prism:subjectIdentifier`. +3. `keyId` Option parameter + 1. when keyId is not provided the SDJWT VC is not binded to Holder/Prover key + ```shell + # Holder POST request to accept the credential offer + curl -X POST "http://localhost:8090/cloud-agent/issue-credentials/records/$holder_record_id/accept-offer" \ + -H 'accept: application/json' \ + -H 'Content-Type: application/json' \ + -H "apikey: $API_KEY" \ + -d '{ + "subjectId": "did:prism:subjectIdentifier" + }' + ``` + A SD-JWT Verifiable Credential (VC) without a `cnf` key could possibly look like below + + ```json + { + "_sd": [ + "CrQe7S5kqBAHt-nMYXgc6bdt2SH5aTY1sU_M-PgkjPI", + "JzYjH4svliH0R3PyEMfeZu6Jt69u5qehZo7F7EPYlSE", + "PorFbpKuVu6xymJagvkFsFXAbRoc2JGlAUA2BA4o7cI", + "TGf4oLbgwd5JQaHyKVQZU9UdGE0w5rtDsrZzfUaomLo", + "XQ_3kPKt1XyX7KANkqVR6yZ2Va5NrPIvPYbyMvRKBMM", + "XzFrzwscM6Gn6CJDc6vVK8BkMnfG8vOSKfpPIZdAfdE", + "gbOsI4Edq2x2Kw-w5wPEzakob9hV1cRD0ATN3oQL9JM", + "jsu9yVulwQQlhFlM_3JlzMaSFzglhQG0DpfayQwLUK4" + ], + "iss": "https://issuer.example.com", + "iat": 1683000000, + "exp": 1883000000, + "sub": "user_42", + "_sd_alg": "sha-256" + } + ``` + 2. `keyId`: This is optional field but must be specified to choose which key bounds to the verifiable credential. + For more information on key-binding, [ietf-oauth-selective-disclosure-jwt](https://datatracker.ietf.org/doc/draft-ietf-oauth-selective-disclosure-jwt). + Currently, we only support the EdDSA algorithm and curve Ed25519. + The specified keyId should be of type Ed25519. + The purpose of the keyId should be authentication. + + ```shell + # Holder POST request to accept the credential offer with keyId + curl -X POST "http://localhost:8090/cloud-agent/issue-credentials/records/$holder_record_id/accept-offer" \ + -H 'accept: application/json' \ + -H 'Content-Type: application/json' \ + -H "apikey: $API_KEY" \ + -d '{ + "subjectId": "did:prism:subjectIdentifier", + "keyId": "key-1" + }' + ``` + A SD-JWT Verifiable Credential (VC) that includes a `cnf` key could possibly look like below + ```json + { + "_sd": [ + "CrQe7S5kqBAHt-nMYXgc6bdt2SH5aTY1sU_M-PgkjPI", + "JzYjH4svliH0R3PyEMfeZu6Jt69u5qehZo7F7EPYlSE", + "PorFbpKuVu6xymJagvkFsFXAbRoc2JGlAUA2BA4o7cI", + "TGf4oLbgwd5JQaHyKVQZU9UdGE0w5rtDsrZzfUaomLo", + "XQ_3kPKt1XyX7KANkqVR6yZ2Va5NrPIvPYbyMvRKBMM", + "XzFrzwscM6Gn6CJDc6vVK8BkMnfG8vOSKfpPIZdAfdE", + "gbOsI4Edq2x2Kw-w5wPEzakob9hV1cRD0ATN3oQL9JM", + "jsu9yVulwQQlhFlM_3JlzMaSFzglhQG0DpfayQwLUK4" + ], + "iss": "https://issuer.example.com", + "iat": 1683000000, + "exp": 1883000000, + "sub": "user_42", + "_sd_alg": "sha-256", + "cnf": { + "jwk": { + "kty": "EC", + "crv": "P-256", + "x": "TCAER19Zvu3OHF4j4W4vfSVoHIP1ILilDls7vCeGemc", + "y": "ZxjiWWbZMQGHVWKVQ4hbSIirsVfuecCE6t4jT9F2HZQ" + } + } + } + ``` + + + + + +This request will change the state of the record to `RequestPending`. + +### Receiving the VC Credential + +Once the Holder has approved the offer and sent a request to the Issuer, the Holder agent will process the request and send it to the Issuer agent. +The state of the Holder's record will change to `RequestSent`. + +After the Issuer has issued the credential, the Holder will receive the credential via DIDComm, and the state of the Holder's record will change to `CredentialReceived`. +This process is automatic for the Cloud Agent. + +The Holder can check the achieved credential using a GET request to [`/issue-credentials/records/{recordId}/`](/agent-api/#tag/Issue-Credentials-Protocol/operation/getCredentialRecord) endpoint. + +```mermaid +--- +title: Holder Flow +--- +stateDiagram-v2 + [*] --> OfferReceived: receive offer (auto via PRISM Agent) + OfferReceived --> RequestPending: accept offer (`/issue-credentials/records/{recordId}/accept-offer`) + RequestPending --> RequestSent: send request (auto via PRISM Agent) + RequestSent --> CredentialReceived: receive credential (auto via PRISM Agent) +``` + +## Sequence diagram + +TODO + + diff --git a/docs/docusaurus/credentials/connectionless/present-proof.md b/docs/docusaurus/credentials/connectionless/present-proof.md new file mode 100644 index 0000000000..e69de29bb2 diff --git a/docs/docusaurus/credentials/anoncreds-setup.png b/docs/docusaurus/credentials/didcomm/anoncreds-setup.png similarity index 100% rename from docs/docusaurus/credentials/anoncreds-setup.png rename to docs/docusaurus/credentials/didcomm/anoncreds-setup.png diff --git a/docs/docusaurus/credentials/anoncreds-setup.puml b/docs/docusaurus/credentials/didcomm/anoncreds-setup.puml similarity index 100% rename from docs/docusaurus/credentials/anoncreds-setup.puml rename to docs/docusaurus/credentials/didcomm/anoncreds-setup.puml diff --git a/docs/docusaurus/credentials/anoncreds-issue-flow.png b/docs/docusaurus/credentials/didcomm/issue-flow.anoncreds.png similarity index 100% rename from docs/docusaurus/credentials/anoncreds-issue-flow.png rename to docs/docusaurus/credentials/didcomm/issue-flow.anoncreds.png diff --git a/docs/docusaurus/credentials/anoncreds-issue-flow.puml b/docs/docusaurus/credentials/didcomm/issue-flow.anoncreds.puml similarity index 100% rename from docs/docusaurus/credentials/anoncreds-issue-flow.puml rename to docs/docusaurus/credentials/didcomm/issue-flow.anoncreds.puml diff --git a/docs/docusaurus/credentials/issue-flow.png b/docs/docusaurus/credentials/didcomm/issue-flow.jwt.png similarity index 100% rename from docs/docusaurus/credentials/issue-flow.png rename to docs/docusaurus/credentials/didcomm/issue-flow.jwt.png diff --git a/docs/docusaurus/credentials/issue-flow.puml b/docs/docusaurus/credentials/didcomm/issue-flow.jwt.puml similarity index 100% rename from docs/docusaurus/credentials/issue-flow.puml rename to docs/docusaurus/credentials/didcomm/issue-flow.jwt.puml diff --git a/docs/docusaurus/credentials/issue.md b/docs/docusaurus/credentials/didcomm/issue.md similarity index 94% rename from docs/docusaurus/credentials/issue.md rename to docs/docusaurus/credentials/didcomm/issue.md index ff9beeae99..dfe4a887a5 100644 --- a/docs/docusaurus/credentials/issue.md +++ b/docs/docusaurus/credentials/didcomm/issue.md @@ -3,7 +3,7 @@ import TabItem from '@theme/TabItem'; # Issue credentials (DIDComm) -In the Identus Platform, the [Issue Credentials Protocol](/docs/concepts/glossary#issue-credentials-protocol) allows you to create, retrieve, and manage issued [verifiable credentials (VCs)](/docs/concepts/glossary#verifiable-credentials) between a VC issuer and a VC holder. +In the Identus Platform, the [Issue Credentials Protocol](/docs/concepts/glossary#issue-credential-protocol) allows you to create, retrieve, and manage issued [verifiable credentials (VCs)](/docs/concepts/glossary#verifiable-credentials) between a VC issuer and a VC holder. ## Roles @@ -23,24 +23,24 @@ Before using the Issuing Credentials protocol, the following conditions must be 1. Issuer and Holder Cloud Agents up and running -2. A connection must be established between the Issuer and Holder Cloud Agents (see [Connections](../connections/connection.md)) -3. The Issuer must have a published PRISM DID, and the [DID document](/docs/concepts/glossary#did-document) must have at least one `assertionMethod` key for issuing credentials (see [Create DID](../dids/create.md) and [Publish DID](../dids/publish.md)) +2. A connection must be established between the Issuer and Holder Cloud Agents (see [Connections](../../connections/connection.md)) +3. The Issuer must have a published PRISM DID, and the [DID document](/docs/concepts/glossary#did-document) must have at least one `assertionMethod` key for issuing credentials (see [Create DID](../../dids/create.md) and [Publish DID](../../dids/publish.md)) 4. The Holder must have a PRISM DID, and the DID document must have at least one `authentication` key for presenting the proof. 1. Issuer and Holder Cloud Agents up and running -2. A connection must be established between the Issuer and Holder Cloud Agents (see [Connections](../connections/connection.md)) -3. The Issuer must have created an AnonCreds Credential Definition as described [here](../credentialdefinition/create.md). +2. A connection must be established between the Issuer and Holder Cloud Agents (see [Connections](../../connections/connection.md)) +3. The Issuer must have created an AnonCreds Credential Definition as described [here](../../credentialdefinition/create.md). - 📌 **Note:** Currently we only support `Ed25519` curve 1. Issuer and Holder Cloud Agents up and running -2. A connection must be established between the Issuer and Holder Cloud Agents (see [Connections](../connections/connection.md)) -3. The Issuer must have a published PRISM DID, and the [DID document](/docs/concepts/glossary#did-document) must have at least one `assertionMethod` key for issuing credentials and the curve must be `Ed25519` (see [Create DID](../dids/create.md) and [Publish DID](../dids/publish.md)) +2. A connection must be established between the Issuer and Holder Cloud Agents (see [Connections](../../connections/connection.md)) +3. The Issuer must have a published PRISM DID, and the [DID document](/docs/concepts/glossary#did-document) must have at least one `assertionMethod` key for issuing credentials and the curve must be `Ed25519` (see [Create DID](../../dids/create.md) and [Publish DID](../../dids/publish.md)) 4. The Holder must have a PRISM DID, and the DID document must have at least one `authentication` key for presenting the proof and the curve must be `Ed25519`. @@ -95,7 +95,7 @@ To do this, make a `POST` request to the [`/issue-credentials/credential-offers` 4. `schemaId`: An optional field that, if specified, contains a valid URL to an existing VC schema. The Cloud Agent must be able to dereference the specified URL (i.e. fetch the VC schema content from it), in order to validate the provided claims against it. When not specified, the claims fields is not validated and can be any valid JSON object. - Please refer to the [Create VC schema](../schemas/create.md) doc for details on how to create a VC schema. + Please refer to the [Create VC schema](../../schemas/create.md) doc for details on how to create a VC schema. 5. `credentialFormat`: The format of the credential that will be issued - `JWT` in this case. When not specified, the default value is `JWT`. @@ -133,9 +133,9 @@ curl -X 'POST' \ 1. `claims`: The data stored in a verifiable credential. AnonCreds claims get expressed in a flat, "string -> string", key-value pair format. The claims contain the data that the issuer attests to, such as name, address, date of birth, and so on. 2. `connectionId`: The unique ID of the connection between the holder and the issuer to offer this credential over. -3. `credentialDefinitionId`: The unique ID of the [credential definition](../credentialdefinition/credential-definition.md) that has been created by the issuer as a prerequisite. Please refer to the [Create AnonCreds Credential Definition](../credentialdefinition/credential-definition.md) doc for details on how to create a credential definition. +3. `credentialDefinitionId`: The unique ID of the [credential definition](../../credentialdefinition/credential-definition.md) that has been created by the issuer as a prerequisite. Please refer to the [Create AnonCreds Credential Definition](../../credentialdefinition/credential-definition.md) doc for details on how to create a credential definition. :::note -📌 Note: If the credential definition was created via HTTP URL endpoint, then this credential definition will be referenced to that credential via HTTP URL, and if this credential definition was created via DID URL endpoint, then it will be referenced via DID URL, How to create credential definition for HTTP URL or DID URL is explained in [credential definition creation guide](../credentialdefinition/create.md) +📌 Note: If the credential definition was created via HTTP URL endpoint, then this credential definition will be referenced to that credential via HTTP URL, and if this credential definition was created via DID URL endpoint, then it will be referenced via DID URL, How to create credential definition for HTTP URL or DID URL is explained in [credential definition creation guide](../../credentialdefinition/create.md) ::: 4. `credentialFormat`: The format of the credential that will be issued - `AnonCreds` in this case. 5. `issuingDID`: The DID referring to the issuer to issue this credential from @@ -178,7 +178,7 @@ curl -X 'POST' \ 4. `schemaId`: An optional field that, if specified, contains a valid URL to an existing VC schema. The Cloud Agent must be able to dereference the specified URL (i.e. fetch the VC schema content from it), in order to validate the provided claims against it. When not specified, the claims fields is not validated and can be any valid JSON object. - Please refer to the [Create VC schema](../schemas/create.md) doc for details on how to create a VC schema. + Please refer to the [Create VC schema](../../schemas/create.md) doc for details on how to create a VC schema. 5. `credentialFormat`: The format of the credential that will be issued - `SDJWT` in this case. @@ -435,12 +435,12 @@ The following diagram shows the end-to-end flow for an issuer to issue a VC to a -![](issue-flow.png) +![](issue-flow.jwt.png) -![](anoncreds-issue-flow.png) +![](issue-flow.anoncreds.png) - \ No newline at end of file + diff --git a/docs/docusaurus/credentials/anoncreds-present-proof-flow.png b/docs/docusaurus/credentials/didcomm/present-proof-flow.anoncreds.png similarity index 100% rename from docs/docusaurus/credentials/anoncreds-present-proof-flow.png rename to docs/docusaurus/credentials/didcomm/present-proof-flow.anoncreds.png diff --git a/docs/docusaurus/credentials/anoncreds-present-proof-flow.puml b/docs/docusaurus/credentials/didcomm/present-proof-flow.anoncreds.puml similarity index 100% rename from docs/docusaurus/credentials/anoncreds-present-proof-flow.puml rename to docs/docusaurus/credentials/didcomm/present-proof-flow.anoncreds.puml diff --git a/docs/docusaurus/credentials/present-proof-flow.png b/docs/docusaurus/credentials/didcomm/present-proof-flow.jwt.png similarity index 100% rename from docs/docusaurus/credentials/present-proof-flow.png rename to docs/docusaurus/credentials/didcomm/present-proof-flow.jwt.png diff --git a/docs/docusaurus/credentials/present-proof-flow.puml b/docs/docusaurus/credentials/didcomm/present-proof-flow.jwt.puml similarity index 100% rename from docs/docusaurus/credentials/present-proof-flow.puml rename to docs/docusaurus/credentials/didcomm/present-proof-flow.jwt.puml diff --git a/docs/docusaurus/credentials/present-proof.md b/docs/docusaurus/credentials/didcomm/present-proof.md similarity index 98% rename from docs/docusaurus/credentials/present-proof.md rename to docs/docusaurus/credentials/didcomm/present-proof.md index 280fea81c5..406f9d1cd9 100644 --- a/docs/docusaurus/credentials/present-proof.md +++ b/docs/docusaurus/credentials/didcomm/present-proof.md @@ -1,7 +1,7 @@ import Tabs from '@theme/Tabs'; import TabItem from '@theme/TabItem'; -# Present proof +# Present proof (DIDComm) The [Present Proof Protocol](/docs/concepts/glossary#present-proof-protocol) allows: - a [Verifier](/docs/concepts/glossary#verifier) to request a verifiable credential presentation from a Holder/Prover @@ -21,7 +21,7 @@ The present proof protocol has two roles: Before using the Proof Presentation protocol, the following conditions must be present: 1. Holder/Prover and Verifier Cloud Agents must be up and running -2. A connection must be established between the Holder/Prover and Verifier Cloud Agents (see [Connections](../connections/connection.md)) +2. A connection must be established between the Holder/Prover and Verifier Cloud Agents (see [Connections](../../connections/connection.md)) 3. The Holder/Prover should hold a [verifiable credential (VC)](/docs/concepts/glossary#verifiable-credential) received from an [Issuer](/docs/concepts/glossary#issuer) see [Issue](./issue.md). ## Overview @@ -323,20 +323,15 @@ stateDiagram-v2 The following diagram shows the end-to-end flow for a verifier to request and verify a proof presentation from a Holder/prover. -### JWT Present Proof Flow Diagram -![](present-proof-flow.png) -### Anoncreds Present Proof Flow Diagram -![](anoncreds-present-proof-flow.png) - -![](present-proof-flow.png) +![](present-proof-flow.jwt.png) -![](anoncreds-present-proof-flow.png) +![](present-proof-flow.anoncreds.png) - \ No newline at end of file + diff --git a/docs/docusaurus/credentials/oid4vci.md b/docs/docusaurus/credentials/oid4cv/issue.md similarity index 99% rename from docs/docusaurus/credentials/oid4vci.md rename to docs/docusaurus/credentials/oid4cv/issue.md index a84b7c7dfe..8bcf839b1c 100644 --- a/docs/docusaurus/credentials/oid4vci.md +++ b/docs/docusaurus/credentials/oid4cv/issue.md @@ -1,4 +1,4 @@ -# Issue credentials (OID4VCI) +# Issue credentials (OID4VC) [OID4VCI](/docs/concepts/glossary#oid4vci) (OpenID for Verifiable Credential Issuance) is a protocol that extends OAuth2 to issue credentials. It involves a Credential Issuer server and an Authorization server working together, diff --git a/docs/docusaurus/sidebars.js b/docs/docusaurus/sidebars.js index b746ea93f5..56d5dfca37 100644 --- a/docs/docusaurus/sidebars.js +++ b/docs/docusaurus/sidebars.js @@ -19,9 +19,10 @@ const sidebars = { description: 'Credentials tutorials' }, items: [ - 'credentials/issue', - 'credentials/oid4vci', - 'credentials/present-proof', + 'credentials/didcomm/issue', + 'credentials/connectionless/issue', + 'credentials/oid4ci/issue', + 'credentials/didcomm/present-proof', 'credentials/revocation' ] }, From b0effec9bdc48f7daad94a159c78766c6ed1c903 Mon Sep 17 00:00:00 2001 From: bvoiturier Date: Tue, 19 Nov 2024 09:25:50 +0100 Subject: [PATCH 17/17] fix: Kafka consumer not picking messages (#1441) Signed-off-by: Benjamin Voiturier --- cloud-agent/service/server/src/main/resources/logback.xml | 3 +++ .../shared/messaging/kafka/ZKafkaMessagingServiceImpl.scala | 3 ++- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/cloud-agent/service/server/src/main/resources/logback.xml b/cloud-agent/service/server/src/main/resources/logback.xml index 9121c1c22d..a91551a3d1 100644 --- a/cloud-agent/service/server/src/main/resources/logback.xml +++ b/cloud-agent/service/server/src/main/resources/logback.xml @@ -13,6 +13,9 @@ + + + diff --git a/shared/core/src/main/scala/org/hyperledger/identus/shared/messaging/kafka/ZKafkaMessagingServiceImpl.scala b/shared/core/src/main/scala/org/hyperledger/identus/shared/messaging/kafka/ZKafkaMessagingServiceImpl.scala index 9180fc4d62..14e5ab0491 100644 --- a/shared/core/src/main/scala/org/hyperledger/identus/shared/messaging/kafka/ZKafkaMessagingServiceImpl.scala +++ b/shared/core/src/main/scala/org/hyperledger/identus/shared/messaging/kafka/ZKafkaMessagingServiceImpl.scala @@ -9,6 +9,7 @@ import zio.kafka.consumer.{ ConsumerSettings as ZKConsumerSettings, Subscription as ZKSubscription } +import zio.kafka.consumer.Consumer.{AutoOffsetStrategy, OffsetRetrieval} import zio.kafka.producer.{Producer as ZKProducer, ProducerSettings as ZKProducerSettings} import zio.kafka.serde.{Deserializer as ZKDeserializer, Serializer as ZKSerializer} @@ -80,7 +81,7 @@ class ZKafkaConsumerImpl[K, V]( .withMaxPollInterval(maxPollInterval) // Should be max.poll.records x 'max processing time per record' // 'pollTimeout' default is 50 millis. This is a ZIO Kafka property. .withPollTimeout(pollTimeout) - // .withOffsetRetrieval(OffsetRetrieval.Auto(AutoOffsetStrategy.Earliest)) + .withOffsetRetrieval(OffsetRetrieval.Auto(AutoOffsetStrategy.Earliest)) .withRebalanceSafeCommits(rebalanceSafeCommits) // .withMaxRebalanceDuration(30.seconds) )