Merge branch 'main' into feat/atl-7271-add-schemaId-to-oidc-session

.github/workflows/auto-merge.yml

@@ -4,7 +4,7 @@ name: Auto Merge Main into Feature Branch
 
 on:
   pull_request:
-    types: [ opened, synchronize, reopened, labeled ]
+    types: [opened, synchronize, reopened, labeled]
 
 jobs:
   auto-merge:
@@ -34,13 +34,17 @@ jobs:
           git config --global user.email '${{ steps.import_gpg.outputs.email }}'
 
       - name: Fetch all branches
-        run: git fetch --all
+        run: git fetch origin
 
       - name: Checkout the feature branch
         run: git checkout ${{ github.event.pull_request.head.ref }}
 
       - name: Merge main into feature branch
-        run: git merge origin/main
+        run: git merge --squash origin/main
+
+      - name: Commit changes
+        run: git commit -S -s -m "Merge main into ${{ github.event.pull_request.head.ref }}"
+        if: success()
 
       - name: Push changes
         run: git push origin ${{ github.event.pull_request.head.ref }}
@@ -72,4 +76,4 @@ jobs:
               repo: context.repo.repo,
               issue_number: prNumber,
               body: 'The main branch cannot be merged into the feature branch without your help :cry:'
-            });            
+            });

build.sbt

@@ -122,6 +122,9 @@ lazy val D = new {
 
   val jwtCirce = "com.github.jwt-scala" %% "jwt-circe" % V.jwtCirceVersion
   val jsonCanonicalization: ModuleID = "io.github.erdtman" % "java-json-canonicalization" % "1.1"
+  val titaniumJsonLd: ModuleID = "com.apicatalog" % "titanium-json-ld" % "1.4.0"
+  val jakartaJson: ModuleID = "org.glassfish" % "jakarta.json" % "2.0.1"
+  val ironVC: ModuleID = "com.apicatalog" % "iron-verifiable-credentials" % "0.14.0"
   val scodecBits: ModuleID = "org.scodec" %% "scodec-bits" % "1.1.38"
 
   // https://mvnrepository.com/artifact/org.didcommx/didcomm/0.3.2
@@ -184,6 +187,9 @@ lazy val D_Shared = new {
       D.zioCatsInterop,
       D.zioPrelude,
       D.jsonCanonicalization,
+      D.titaniumJsonLd,
+      D.jakartaJson,
+      D.ironVC,
       D.scodecBits,
     )
 }

cloud-agent/service/server/src/main/scala/org/hyperledger/identus/agent/server/jobs/IssueBackgroundJobs.scala

@@ -615,19 +615,16 @@ object IssueBackgroundJobs extends BackgroundJobsHelper {
     aux
       .tapError(
         {
-          case walletNotFound: WalletNotFoundError =>
-            ZIO.logErrorCause(
-              s"Issue Credential- Error processing record: ${record.id}",
-              Cause.fail(walletNotFound)
-            )
+          case walletNotFound: WalletNotFoundError            => ZIO.unit
+          case CredentialServiceError.RecordNotFound(_, _)    => ZIO.unit
+          case CredentialServiceError.UnsupportedDidFormat(_) => ZIO.unit
           case ((walletAccessContext, e)) =>
             for {
               credentialService <- ZIO.service[CredentialService]
               _ <- credentialService
                 .reportProcessingFailure(record.id, Some(e.toString))
                 .provideSomeLayer(ZLayer.succeed(walletAccessContext))
             } yield ()
-
         }
       )
       .catchAll(e => ZIO.logErrorCause(s"Issue Credential - Error processing record: ${record.id} ", Cause.fail(e)))

cloud-agent/service/server/src/main/scala/org/hyperledger/identus/credentialstatus/controller/http/StatusListCredential.scala

@@ -38,9 +38,6 @@ case class StatusListCredential(
 )
 
 case class CredentialSubject(
-    @description(annotations.credentialSubject.id.description)
-    @encodedExample(annotations.credentialSubject.id.example)
-    id: String,
     @description(annotations.credentialSubject.`type`.description)
     @encodedExample(annotations.credentialSubject.`type`.example)
     `type`: String,

cloud-agent/service/server/src/main/scala/org/hyperledger/identus/didcomm/controller/DIDCommControllerImpl.scala

@@ -55,7 +55,6 @@ class DIDCommControllerImpl(
           .catchAll {
             case f: Failure                    => ZIO.fail(f)
             case _: DIDCommMessageParsingError => ZIO.fail(UnexpectedError(StatusCode.BadRequest))
-            case _: PresentationError          => ZIO.fail(UnexpectedError(StatusCode.UnprocessableContent))
           }
           .provideSomeLayer(ZLayer.succeed(msgAndContext._2))
       } yield ()

mercury/agent-didcommx/src/main/scala/org/hyperledger/identus/mercury/DidCommX.scala

@@ -20,10 +20,6 @@ class DidCommX() extends DidOps /* with DidAgent with DIDResolver */ {
     new DIDComm(UniversalDidResolver, AgentPeerService.getSecretResolverInMemory(agent))
   }
 
-  // override def id: DidId = fixme // FIXME the Secret is on org.didcommx.didcomm.model.DIDComm ...
-
-  // override def resolveDID(did: DidId): Task[DIDDoc] = UniversalDidResolver.resolveDID(did)
-
   override def packSigned(msg: Message): URIO[DidAgent, SignedMesage] = for {
     agent <- ZIO.service[DidAgent]
     params = new PackSignedParams.Builder(msg, agent.id.value).build()
@@ -39,7 +35,7 @@ class DidCommX() extends DidOps /* with DidAgent with DIDResolver */ {
     ret = didCommFor(agent).packEncrypted(params)
   } yield (ret)
 
-  // FIXME theoretically DidAgent is not needed
+  // TODO theoretically DidAgent is not needed
   override def packEncryptedAnon(msg: Message, to: DidId): URIO[DidAgent, EncryptedMessage] = for {
     agent <- ZIO.service[DidAgent]
     params = new PackEncryptedParams.Builder(msg, to.value)

mercury/agent-didcommx/src/main/scala/org/hyperledger/identus/mercury/MessagingService.scala

@@ -98,7 +98,12 @@ object MessagingService {
             finalMessage <- makeMessage(forwardMessage.asMessage) // Maybe it needs a double warping
           } yield finalMessage
         case ServiceEndpoint(uri, _, Some(routingKeys)) =>
-          ZIO.log(s"RoutingDID: $routingKeys") *> ??? // ZIO.fail(???) // FIXME no support for routingKeys
+          ZIO.log(s"RoutingDID: $routingKeys") *>
+            ZIO.fail(
+              SendMessageError(
+                RuntimeException("routingKeys is not supported at the moment")
+              )
+            )
         case s @ ServiceEndpoint(_, _, None) =>
           ZIO.logError(s"Unxpected ServiceEndpoint $s") *> ZIO.fail(
             SendMessageError(new RuntimeException(s"Unxpected ServiceEndpoint $s"))
@@ -116,11 +121,15 @@ object MessagingService {
         auxFinalMessage <- makeMessage(msg)
         MessageAndAddress(finalMessage, serviceEndpoint) = auxFinalMessage
         didCommService <- ZIO.service[DidOps]
+        to <- finalMessage.to match {
+          case Seq()            => ZIO.fail(SendMessageError(new RuntimeException("Message must have a recipient")))
+          case firstTo +: Seq() => ZIO.succeed(firstTo)
+          case all @ (firstTo +: _) =>
+            ZIO.logWarning(s"Message have multi recipients: $all") *> ZIO.succeed(firstTo)
+        }
         encryptedMessage <-
-          if (finalMessage.`type` == ForwardMessage.PIURI)
-            didCommService.packEncryptedAnon(msg = finalMessage, to = finalMessage.to.head) // TODO Head
-          else
-            didCommService.packEncrypted(msg = finalMessage, to = finalMessage.to.head) // TODO Head
+          if (finalMessage.`type` == ForwardMessage.PIURI) didCommService.packEncryptedAnon(msg = finalMessage, to = to)
+          else didCommService.packEncrypted(msg = finalMessage, to = to)
 
         _ <- ZIO.log(s"Sending a Message to '$serviceEndpoint'")
         resp <- org.hyperledger.identus.mercury.HttpClient

mercury/agent-didcommx/src/main/scala/org/hyperledger/identus/mercury/model/Conversions.scala

@@ -37,7 +37,7 @@ given Conversion[Message, org.didcommx.didcomm.message.Message] with {
     msg.to.foreach(did => aux.to(Seq(did.value).asJava))
 
     msg.pleaseAck.foreach { seq => // https://identity.foundation/didcomm-messaging/spec/#acks
-      aux.pleaseAck(true) // FIXME lib limitation the field pleaseAck MUST be a Array of string
+      aux.pleaseAck(true) // NOTE lib limitation the field pleaseAck MUST be a Array of string
     }
     msg.ack.flatMap(_.headOption).foreach(str => aux.ack(str)) // NOTE: headOption becuase DidCommx only support one ack
     msg.thid.foreach(str => aux.thid(str))

mercury/agent-didcommx/src/main/scala/org/hyperledger/identus/mercury/model/package.scala

@@ -43,7 +43,8 @@ object UnpackMessageImp {
       pleaseAck = Option(msg.getPleaseAck())
         .flatMap {
           // https://identity.foundation/didcomm-messaging/spec/#acks
-          case java.lang.Boolean.TRUE  => Some(Seq.empty) // FIXME getPleaseAck MUST return a Array
+          case java.lang.Boolean.TRUE =>
+            Some(Seq.empty) // NOTE lib limitation the field pleaseAck MUST be a Array of string
           case java.lang.Boolean.FALSE => None
         }
     )

mercury/agent/src/main/scala/org/hyperledger/identus/mercury/CoordinateMediationPrograms.scala

@@ -32,12 +32,15 @@ object CoordinateMediationPrograms {
       _ <- ZIO.log("#### Send Mediation request ####")
       link <- InvitationPrograms
         .getInvitationProgram(mediatorURL + "/oob_url")
-        .map(_.toOption) // FIXME
+        .flatMap {
+          case Left(value)  => ZIO.fail(value)
+          case Right(value) => ZIO.succeed(value)
+        }
       opsService <- ZIO.service[DidOps]
       agentService <- ZIO.service[DidAgent]
 
-      planMessage = link.map(to => replyToInvitation(agentService.id, to)).get
-      invitationFrom = link.get.from
+      planMessage = replyToInvitation(agentService.id, link)
+      invitationFrom = link.from
       _ <- ZIO.log(s"Invitation from $invitationFrom")
 
       encryptedMessage <- opsService.packEncrypted(planMessage, to = invitationFrom)

mercury/models/src/main/scala/org/hyperledger/identus/mercury/DidOps.scala

@@ -10,7 +10,7 @@ import scala.util.{Failure, Success, Try}
 trait DidOps {
   def packSigned(msg: Message): URIO[DidAgent, SignedMesage]
   def packEncrypted(msg: Message, to: DidId): URIO[DidAgent, EncryptedMessage]
-  // FIXME theoretically DidAgent is not needed for packEncryptedAnon
+  // TODO theoretically DidAgent is not needed for packEncryptedAnon
   def packEncryptedAnon(msg: Message, to: DidId): URIO[DidAgent, EncryptedMessage]
   def unpack(str: String): URIO[DidAgent, UnpackMessage]
   def unpackBase64(dataBase64: String): RIO[DidAgent, UnpackMessage] = {

mercury/protocol-issue-credential/src/main/scala/org/hyperledger/identus/mercury/protocol/issuecredential/OfferCredential.scala

@@ -81,23 +81,29 @@ object OfferCredential {
     given Decoder[Body] = deriveDecoder[Body]
   }
 
-  def makeOfferToProposeCredential(msg: Message): OfferCredential = { // TODO change msg: Message to ProposeCredential
-    val pc: ProposeCredential = ProposeCredential.readFromMessage(msg)
-
-    OfferCredential(
-      body = OfferCredential.Body(
-        goal_code = pc.body.goal_code,
-        comment = pc.body.comment,
-        replacement_id = None,
-        multiple_available = None,
-        credential_preview = pc.body.credential_preview.get, // FIXME .get
-      ),
-      attachments = pc.attachments,
-      thid = msg.thid.orElse(Some(pc.id)),
-      from = pc.to,
-      to = pc.from,
-    )
-  }
+  def makeOfferToProposeCredential(
+      msg: Message // TODO change msg: Message to ProposeCredential
+  ): Either[String, OfferCredential] =
+    ProposeCredential.readFromMessage(msg).flatMap { pc =>
+      pc.body.credential_preview match
+        case None => Left("This method expects the ProposeCredential to have a 'credential_preview' in the body")
+        case Some(credential_preview) =>
+          Right(
+            OfferCredential(
+              body = OfferCredential.Body(
+                goal_code = pc.body.goal_code,
+                comment = pc.body.comment,
+                replacement_id = None,
+                multiple_available = None,
+                credential_preview = credential_preview,
+              ),
+              attachments = pc.attachments,
+              thid = msg.thid.orElse(Some(pc.id)),
+              from = pc.to,
+              to = pc.from,
+            )
+          )
+    }
 
   def readFromMessage(message: Message): Either[String, OfferCredential] = {
     message.body.asJson.as[OfferCredential.Body] match

mercury/protocol-issue-credential/src/main/scala/org/hyperledger/identus/mercury/protocol/issuecredential/ProposeCredential.scala

@@ -79,20 +79,26 @@ object ProposeCredential {
     given Decoder[Body] = deriveDecoder[Body]
   }
 
-  def readFromMessage(message: Message): ProposeCredential = {
-    val body = message.body.asJson.as[ProposeCredential.Body].toOption.get // TODO get
-
-    ProposeCredential(
-      id = message.id,
-      `type` = message.piuri,
-      body = body,
-      attachments = message.attachments.getOrElse(Seq.empty),
-      from = message.from.get, // TODO get
-      to = {
-        assert(message.to.length == 1, "The recipient is ambiguous. Need to have only 1 recipient") // TODO return error
-        message.to.head
-      },
-    )
+  def readFromMessage(message: Message): Either[String, ProposeCredential] = {
+    message.body.asJson.as[ProposeCredential.Body] match
+      case Left(fail) => Left("Fail to parse ProposeCredential's body: " + fail.getMessage)
+      case Right(body) =>
+        message.from match
+          case None => Left("ProposeCredential MUST have the sender explicit")
+          case Some(from) =>
+            message.to match
+              case firstTo +: Seq() =>
+                Right(
+                  ProposeCredential(
+                    id = message.id,
+                    `type` = message.piuri,
+                    body = body,
+                    attachments = message.attachments.getOrElse(Seq.empty),
+                    from = from,
+                    to = firstTo,
+                  )
+                )
+              case tos => Left(s"ProposeCredential MUST have only 1 recipient instead has '${tos}'")
   }
 
 }

mercury/protocol-issue-credential/src/main/scala/org/hyperledger/identus/mercury/protocol/issuecredential/Utils.scala

@@ -9,7 +9,7 @@ private trait ReadAttachmentsUtils {
 
   def attachments: Seq[AttachmentDescriptor]
 
-  // TODO this formatName shoud be type safe
+  // TODO this formatName should be type safe
   lazy val getCredentialFormatAndCredential: Seq[(String, String, Array[Byte])] =
     attachments
       .flatMap(attachment =>

mercury/protocol-issue-credential/src/test/scala/org/hyperledger/identus/mercury/protocol/anotherclasspath/UtilsCredentialSpec.scala

@@ -102,14 +102,15 @@ class UtilsCredentialSpec extends ZSuite {
       )
       .makeMessage
 
-    val obj = ProposeCredential.readFromMessage(msg)
-
-    assertEquals(obj.getCredentialFormatAndCredential.size, 1)
-    assertEquals(
-      obj.getCredentialFormatAndCredential.map(_._2),
-      Seq(IssueCredentialProposeFormat.Unsupported(nameCredentialType).name)
-    )
-    assertEquals(obj.getCredential[TestCredentialType](nameCredentialType).headOption, Some(credential))
+    ProposeCredential.readFromMessage(msg).map { obj =>
+      assertEquals(obj.getCredentialFormatAndCredential.size, 1)
+      assertEquals(
+        obj.getCredentialFormatAndCredential.map(_._2),
+        Seq(IssueCredentialProposeFormat.Unsupported(nameCredentialType).name)
+      )
+      assertEquals(obj.getCredential[TestCredentialType](nameCredentialType).headOption, Some(credential))
+    }
+
   }
 
   test("RequestCredential encode and decode any type of Credential into the attachments") {

pollux/core/src/main/scala/org/hyperledger/identus/pollux/core/repository/CredentialStatusListRepositoryInMemory.scala

@@ -102,7 +102,6 @@ class CredentialStatusListRepositoryInMemory(
       emptyJwtCredential <- VCStatusList2021
         .build(
           vcId = s"$statusListRegistryUrl/credential-status/$id",
-          slId = "",
           revocationData = bitString,
           jwtIssuer = jwtIssuer
         )

pollux/sql-doobie/src/main/scala/org/hyperledger/identus/pollux/sql/repository/JdbcCredentialStatusListRepository.scala

@@ -92,7 +92,6 @@ class JdbcCredentialStatusListRepository(xa: Transactor[ContextAwareTask], xb: T
       emptyStatusListCredential <- VCStatusList2021
         .build(
           vcId = s"$statusListRegistryUrl/credential-status/$id",
-          slId = "",
           revocationData = bitString,
           jwtIssuer = jwtIssuer
         )