VDR: Produce did:web documents

auth/api/iam/api.go

@@ -302,17 +302,15 @@ func (r Wrapper) OAuthAuthorizationServerMetadata(ctx context.Context, request O
 	return OAuthAuthorizationServerMetadata200JSONResponse(authorizationServerMetadata(*identity)), nil
 }
 
-func (r Wrapper) GetWebDID(ctx context.Context, request GetWebDIDRequestObject) (GetWebDIDResponseObject, error) {
-	baseURL := *(r.auth.PublicURL().JoinPath(apiPath))
-	// TODO: must be web DID once web DID creation and DB are implemented
-	ownDID := idToNutsDID(request.Id)
+func (r Wrapper) GetWebDID(_ context.Context, request GetWebDIDRequestObject) (GetWebDIDResponseObject, error) {
+	ownDID := r.idToDID(request.Id)
 
-	document, err := r.vdr.DeriveWebDIDDocument(ctx, baseURL, ownDID)
+	document, err := r.vdr.ResolveManaged(ownDID)
 	if err != nil {
 		if resolver.IsFunctionalResolveError(err) {
 			return GetWebDID404Response{}, nil
 		}
-		log.Logger().WithError(err).Errorf("Could not resolve Nuts DID: %s", ownDID.String())
+		log.Logger().WithError(err).Errorf("Could not resolve Web DID: %s", ownDID.String())
 		return nil, errors.New("unable to resolve DID")
 	}
 	return GetWebDID200JSONResponse(*document), nil

auth/api/iam/api_test.go

@@ -28,7 +28,6 @@ import (
 	"testing"
 
 	"github.com/labstack/echo/v4"
-	ssi "github.com/nuts-foundation/go-did"
 	"github.com/nuts-foundation/go-did/did"
 	"github.com/nuts-foundation/go-did/vc"
 	"github.com/nuts-foundation/nuts-node/audit"
@@ -99,8 +98,7 @@ func TestWrapper_OAuthAuthorizationServerMetadata(t *testing.T) {
 
 func TestWrapper_GetWebDID(t *testing.T) {
 	webDID := did.MustParseDID("did:web:example.com:iam:123")
-	publicURL := ssi.MustParseURI("https://example.com").URL
-	webDIDBaseURL := publicURL.JoinPath("/iam")
+	id := "123"
 	ctx := audit.TestContext()
 	expectedWebDIDDoc := did.Document{
 		ID: webDID,
@@ -111,27 +109,27 @@ func TestWrapper_GetWebDID(t *testing.T) {
 
 	t.Run("ok", func(t *testing.T) {
 		test := newTestClient(t)
-		test.vdr.EXPECT().DeriveWebDIDDocument(gomock.Any(), *webDIDBaseURL, nutsDID).Return(&expectedWebDIDDoc, nil)
+		test.vdr.EXPECT().ResolveManaged(webDID).Return(&expectedWebDIDDoc, nil)
 
-		response, err := test.client.GetWebDID(ctx, GetWebDIDRequestObject{nutsDID.ID})
+		response, err := test.client.GetWebDID(ctx, GetWebDIDRequestObject{id})
 
 		assert.NoError(t, err)
 		assert.Equal(t, expectedWebDIDDoc, did.Document(response.(GetWebDID200JSONResponse)))
 	})
 	t.Run("unknown DID", func(t *testing.T) {
 		test := newTestClient(t)
-		test.vdr.EXPECT().DeriveWebDIDDocument(ctx, *webDIDBaseURL, nutsDID).Return(nil, resolver.ErrNotFound)
+		test.vdr.EXPECT().ResolveManaged(webDID).Return(nil, resolver.ErrNotFound)
 
-		response, err := test.client.GetWebDID(ctx, GetWebDIDRequestObject{nutsDID.ID})
+		response, err := test.client.GetWebDID(ctx, GetWebDIDRequestObject{id})
 
 		assert.NoError(t, err)
 		assert.IsType(t, GetWebDID404Response{}, response)
 	})
 	t.Run("other error", func(t *testing.T) {
 		test := newTestClient(t)
-		test.vdr.EXPECT().DeriveWebDIDDocument(gomock.Any(), *webDIDBaseURL, nutsDID).Return(nil, errors.New("failed"))
+		test.vdr.EXPECT().ResolveManaged(webDID).Return(nil, errors.New("failed"))
 
-		response, err := test.client.GetWebDID(ctx, GetWebDIDRequestObject{nutsDID.ID})
+		response, err := test.client.GetWebDID(ctx, GetWebDIDRequestObject{id})
 
 		assert.EqualError(t, err, "unable to resolve DID")
 		assert.Nil(t, response)

cmd/root.go

@@ -23,13 +23,9 @@
 	"context"
 	"errors"
 	"fmt"
-	"github.com/nuts-foundation/nuts-node/discovery"
-	"github.com/nuts-foundation/nuts-node/vdr/resolver"
-
-	"github.com/nuts-foundation/nuts-node/golden_hammer"
-	goldenHammerCmd "github.com/nuts-foundation/nuts-node/golden_hammer/cmd"
-	"github.com/nuts-foundation/nuts-node/vdr/didnuts"
-	"github.com/nuts-foundation/nuts-node/vdr/didnuts/didstore"
+	"github.com/sirupsen/logrus"
+	"github.com/spf13/cobra"
+	"github.com/spf13/pflag"
 	"io"
 	"os"
 	"runtime/pprof"
@@ -47,9 +43,12 @@
 	"github.com/nuts-foundation/nuts-node/didman"
 	didmanAPI "github.com/nuts-foundation/nuts-node/didman/api/v1"
 	didmanCmd "github.com/nuts-foundation/nuts-node/didman/cmd"
+	"github.com/nuts-foundation/nuts-node/discovery"
 	discoveryCmd "github.com/nuts-foundation/nuts-node/discovery/cmd"
 	"github.com/nuts-foundation/nuts-node/events"
 	eventsCmd "github.com/nuts-foundation/nuts-node/events/cmd"
+	"github.com/nuts-foundation/nuts-node/golden_hammer"
+	goldenHammerCmd "github.com/nuts-foundation/nuts-node/golden_hammer/cmd"
 	httpEngine "github.com/nuts-foundation/nuts-node/http"
 	httpCmd "github.com/nuts-foundation/nuts-node/http/cmd"
 	"github.com/nuts-foundation/nuts-node/jsonld"
@@ -65,10 +64,11 @@
 	vcrCmd "github.com/nuts-foundation/nuts-node/vcr/cmd"
 	"github.com/nuts-foundation/nuts-node/vdr"
 	vdrAPI "github.com/nuts-foundation/nuts-node/vdr/api/v1"
+	vdrAPIv2 "github.com/nuts-foundation/nuts-node/vdr/api/v2"
 	vdrCmd "github.com/nuts-foundation/nuts-node/vdr/cmd"
-	"github.com/sirupsen/logrus"
-	"github.com/spf13/cobra"
-	"github.com/spf13/pflag"
+	"github.com/nuts-foundation/nuts-node/vdr/didnuts"
+	"github.com/nuts-foundation/nuts-node/vdr/didnuts/didstore"
+	"github.com/nuts-foundation/nuts-node/vdr/resolver"
 )
 
 var stdOutWriter io.Writer = os.Stdout
@@ -191,7 +191,7 @@
 	didStore := didstore.New(storageInstance.GetProvider(vdr.ModuleName))
 	eventManager := events.NewManager()
 	networkInstance := network.NewNetworkInstance(network.DefaultConfig(), didStore, cryptoInstance, eventManager, storageInstance.GetProvider(network.ModuleName), pkiInstance)
-	vdrInstance := vdr.NewVDR(cryptoInstance, networkInstance, didStore, eventManager)
+	vdrInstance := vdr.NewVDR(cryptoInstance, networkInstance, didStore, eventManager, storageInstance)
 	credentialInstance := vcr.NewVCRInstance(cryptoInstance, vdrInstance, networkInstance, jsonld, eventManager, storageInstance, pkiInstance)
 	didmanInstance := didman.NewDidmanInstance(vdrInstance, credentialInstance, jsonld)
 	discoveryInstance := discovery.New(storageInstance, credentialInstance)
@@ -209,6 +209,7 @@
 		Updater:    vdrInstance,
 		Resolver:   vdrInstance.Resolver(),
 	}})
+	system.RegisterRoutes(&vdrAPIv2.Wrapper{VDR: vdrInstance, Storage: storageInstance, Crypto: cryptoInstance})
 	system.RegisterRoutes(&vcrAPI.Wrapper{VCR: credentialInstance, ContextManager: jsonld})
 	system.RegisterRoutes(&openid4vciAPI.Wrapper{
 		VCR:           credentialInstance,

codegen/configs/vdr_v2.yaml

@@ -0,0 +1,13 @@
+package: v2
+generate:
+  echo-server: true
+  client: true
+  models: true
+  strict-server: true
+output-options:
+  skip-prune: true
+  exclude-schemas:
+  - DIDDocument
+  - DIDDocumentMetadata
+  - Service
+  - VerificationMethod

core/test.go

@@ -40,6 +40,7 @@ func TestServerConfig(template ServerConfig) ServerConfig {
 	config.Datadir = template.Datadir
 	config.Strictmode = template.Strictmode
 	config.InternalRateLimiter = template.InternalRateLimiter
+	config.URL = template.URL
 	return *config
 }
 

crypto/test.go

@@ -125,3 +125,25 @@ func (t TestKey) Public() crypto.PublicKey {
 func (t TestKey) Private() crypto.PrivateKey {
 	return t.PrivateKey
 }
+
+// TestPublicKey is a Key impl for testing purposes that only contains a public key. It can't be used for signing.
+type TestPublicKey struct {
+	Kid       string
+	PublicKey crypto.PublicKey
+}
+
+func (t TestPublicKey) Signer() crypto.Signer {
+	panic("test public key is not for signing")
+}
+
+func (t TestPublicKey) KID() string {
+	return t.Kid
+}
+
+func (t TestPublicKey) Public() crypto.PublicKey {
+	return t.PublicKey
+}
+
+func (t TestPublicKey) Private() crypto.PrivateKey {
+	panic("test public key is not for signing")
+}