From 3aeef7004e15e38b9d46228edba4969311554024 Mon Sep 17 00:00:00 2001 From: reinkrul Date: Fri, 15 Dec 2023 12:42:50 +0100 Subject: [PATCH] VCR: Use JWT/JSON-LD constants from go-did (#2691) --- vcr/issuer/interface.go | 7 ------- vcr/issuer/issuer.go | 6 +++--- vcr/issuer/issuer_test.go | 12 ++++++------ vcr/verifier/signature_verifier.go | 9 ++++----- 4 files changed, 13 insertions(+), 21 deletions(-) diff --git a/vcr/issuer/interface.go b/vcr/issuer/interface.go index f8c3a54324..e760cec393 100644 --- a/vcr/issuer/interface.go +++ b/vcr/issuer/interface.go @@ -85,13 +85,6 @@ type CredentialSearcher interface { SearchCredential(credentialType ssi.URI, issuer did.DID, subject *ssi.URI) ([]vc.VerifiableCredential, error) } -const ( - JSONLDCredentialFormat = vc.JSONLDCredentialProofFormat - JWTCredentialFormat = vc.JWTCredentialProofFormat - JSONLDPresentationFormat = vc.JSONLDPresentationProofFormat - JWTPresentationFormat = vc.JWTPresentationProofFormat -) - // CredentialOptions specifies options for issuing a credential. type CredentialOptions struct { // Format specifies the proof format for the issued credential. If not set, it defaults to JSON-LD. diff --git a/vcr/issuer/issuer.go b/vcr/issuer/issuer.go index ed148e2f40..e4a4693128 100644 --- a/vcr/issuer/issuer.go +++ b/vcr/issuer/issuer.go @@ -92,7 +92,7 @@ type issuer struct { // Use the public flag to pass the visibility settings to the Publisher. func (i issuer) Issue(ctx context.Context, template vc.VerifiableCredential, options CredentialOptions) (*vc.VerifiableCredential, error) { // Until further notice we don't support publishing JWT VCs, since they're not officially supported by Nuts yet. - if options.Publish && options.Format == JWTCredentialFormat { + if options.Publish && options.Format == vc.JWTCredentialProofFormat { return nil, errors.New("publishing VC JWTs is not supported") } @@ -229,13 +229,13 @@ func (i issuer) buildVC(ctx context.Context, template vc.VerifiableCredential, o } switch options.Format { - case JWTCredentialFormat: + case vc.JWTCredentialProofFormat: return vc.CreateJWTVerifiableCredential(ctx, unsignedCredential, func(ctx context.Context, claims map[string]interface{}, headers map[string]interface{}) (string, error) { return i.keyStore.SignJWT(ctx, claims, headers, key) }) case "": fallthrough - case JSONLDCredentialFormat: + case vc.JSONLDCredentialProofFormat: return i.buildJSONLDCredential(ctx, unsignedCredential, key) default: return nil, errors.New("unsupported credential proof format") diff --git a/vcr/issuer/issuer_test.go b/vcr/issuer/issuer_test.go index e70d89c998..25f6ee4854 100644 --- a/vcr/issuer/issuer_test.go +++ b/vcr/issuer/issuer_test.go @@ -86,11 +86,11 @@ func Test_issuer_buildVC(t *testing.T) { jsonldManager := jsonld.NewTestJSONLDManager(t) sut := issuer{keyResolver: keyResolverMock, jsonldManager: jsonldManager, keyStore: keyStore} - result, err := sut.buildVC(ctx, template, CredentialOptions{Format: JSONLDCredentialFormat}) + result, err := sut.buildVC(ctx, template, CredentialOptions{Format: vc.JSONLDCredentialProofFormat}) require.NoError(t, err) require.NotNil(t, result) assert.Contains(t, result.Type, credentialType, "expected vc to be of right type") - assert.Equal(t, JSONLDCredentialFormat, result.Format()) + assert.Equal(t, vc.JSONLDCredentialProofFormat, result.Format()) assert.Equal(t, issuerID.String(), result.Issuer.String(), "expected correct issuer") assert.Contains(t, result.Context, schemaOrgContext) assert.Contains(t, result.Context, vc.VCContextV1URI()) @@ -110,7 +110,7 @@ func Test_issuer_buildVC(t *testing.T) { result, err := sut.buildVC(ctx, template, CredentialOptions{}) require.NoError(t, err) require.NotNil(t, result) - assert.Equal(t, JSONLDCredentialFormat, result.Format()) + assert.Equal(t, vc.JSONLDCredentialProofFormat, result.Format()) }) }) t.Run("JWT", func(t *testing.T) { @@ -121,11 +121,11 @@ func Test_issuer_buildVC(t *testing.T) { jsonldManager := jsonld.NewTestJSONLDManager(t) sut := issuer{keyResolver: keyResolverMock, jsonldManager: jsonldManager, keyStore: keyStore} - result, err := sut.buildVC(ctx, template, CredentialOptions{Format: JWTCredentialFormat}) + result, err := sut.buildVC(ctx, template, CredentialOptions{Format: vc.JWTCredentialProofFormat}) require.NoError(t, err) require.NotNil(t, result) - assert.Equal(t, JWTCredentialFormat, result.Format()) + assert.Equal(t, vc.JWTCredentialProofFormat, result.Format()) assert.Contains(t, result.Type, credentialType, "expected vc to be of right type") assert.Contains(t, result.Context, schemaOrgContext) assert.Contains(t, result.Context, vc.VCContextV1URI()) @@ -291,7 +291,7 @@ func Test_issuer_Issue(t *testing.T) { result, err := sut.Issue(ctx, template, CredentialOptions{ Publish: true, Public: true, - Format: JWTCredentialFormat, + Format: vc.JWTCredentialProofFormat, }) require.EqualError(t, err, "publishing VC JWTs is not supported") assert.Nil(t, result) diff --git a/vcr/verifier/signature_verifier.go b/vcr/verifier/signature_verifier.go index 434fa1bf34..3ca21a8a2a 100644 --- a/vcr/verifier/signature_verifier.go +++ b/vcr/verifier/signature_verifier.go @@ -13,7 +13,6 @@ import ( "github.com/nuts-foundation/go-did/vc" "github.com/nuts-foundation/nuts-node/crypto" "github.com/nuts-foundation/nuts-node/jsonld" - "github.com/nuts-foundation/nuts-node/vcr/issuer" "github.com/nuts-foundation/nuts-node/vcr/signature" "github.com/nuts-foundation/nuts-node/vcr/signature/proof" "github.com/nuts-foundation/nuts-node/vdr/resolver" @@ -27,9 +26,9 @@ type signatureVerifier struct { // VerifySignature checks if the signature on a VP is valid at a given time func (sv *signatureVerifier) VerifySignature(credentialToVerify vc.VerifiableCredential, validateAt *time.Time) error { switch credentialToVerify.Format() { - case issuer.JSONLDCredentialFormat: + case vc.JSONLDCredentialProofFormat: return sv.jsonldProof(credentialToVerify, credentialToVerify.Issuer.String(), validateAt) - case issuer.JWTCredentialFormat: + case vc.JWTCredentialProofFormat: return sv.jwtSignature(credentialToVerify.Raw(), credentialToVerify.Issuer.String(), validateAt) default: return errors.New("unsupported credential proof format") @@ -44,9 +43,9 @@ func (sv *signatureVerifier) VerifyVPSignature(presentation vc.VerifiablePresent } switch presentation.Format() { - case issuer.JSONLDPresentationFormat: + case vc.JSONLDPresentationProofFormat: return sv.jsonldProof(presentation, signerDID.String(), validateAt) - case issuer.JWTPresentationFormat: + case vc.JWTPresentationProofFormat: return sv.jwtSignature(presentation.Raw(), signerDID.String(), validateAt) default: return errors.New("unsupported presentation proof format")