support sdJwt and mDoc Cred Request at once

JoTiTu · JoTiTu · commit d9aa634eb528 · 2024-07-31T13:31:22.000+02:00
Signed-off-by: Johannes Tuerk &lt;johannes.tuerk@lissi.id&gt;
diff --git a/src/WalletFramework.Oid4Vc/Oid4Vci/Abstractions/IOid4VciClientService.cs b/src/WalletFramework.Oid4Vc/Oid4Vci/Abstractions/IOid4VciClientService.cs
@@ -38,7 +38,7 @@ public interface IOid4VciClientService
     /// <returns>
     /// A list of credentials.
     /// </returns>
-    Task<Validation<OneOf<SdJwtRecord, MdocRecord>>> RequestCredential(IssuanceSession issuanceSession);
+    Task<Validation<List<OneOf<SdJwtRecord, MdocRecord>>>> RequestCredential(IssuanceSession issuanceSession);
     
     /// <summary>
     ///     Processes a credential offer
diff --git a/src/WalletFramework.Oid4Vc/Oid4Vci/Authorization/DPop/Models/DPopToken.cs b/src/WalletFramework.Oid4Vc/Oid4Vci/Authorization/DPop/Models/DPopToken.cs
@@ -4,7 +4,7 @@ namespace WalletFramework.Oid4Vc.Oid4Vci.Authorization.DPop.Models;
 
 public record DPopToken
 {
-    internal OAuthToken Token { get; }
+    internal OAuthToken Token { get; init;  }
 
     internal DPop DPop { get; }
     
diff --git a/src/WalletFramework.Oid4Vc/Oid4Vci/Authorization/Models/OAuthToken.cs b/src/WalletFramework.Oid4Vc/Oid4Vci/Authorization/Models/OAuthToken.cs
@@ -7,7 +7,7 @@ namespace WalletFramework.Oid4Vc.Oid4Vci.Authorization.Models;
 ///     Represents a successful response from the OAuth 2.0 Authorization Server containing
 ///     the issued access token and related information.
 /// </summary>
-public class OAuthToken
+public record OAuthToken
 {
     /// <summary>
     ///     Indicates if the Token Request is still pending as the Credential Issuer
diff --git a/src/WalletFramework.Oid4Vc/Oid4Vci/Implementations/Oid4VciClientService.cs b/src/WalletFramework.Oid4Vc/Oid4Vci/Implementations/Oid4VciClientService.cs
@@ -17,6 +17,7 @@
 using WalletFramework.Core.Functional;
 using WalletFramework.Core.Localization;
 using WalletFramework.MdocVc;
+using WalletFramework.Oid4Vc.Oid4Vci.Authorization.DPop.Models;
 using WalletFramework.SdJwtVc.Models.Records;
 using WalletFramework.SdJwtVc.Services.SdJwtVcHolderService;
 using static Newtonsoft.Json.JsonConvert;
@@ -217,7 +218,7 @@ public async Task<Uri> InitiateAuthFlow(Uri uri, ClientOptions clientOptions, Op
                     clientOptions,
                     validIssuerMetadata,
                     authServerMetadata,
-                    new List<CredentialConfigurationId>(){validIssuerMetadata.CredentialConfigurationsSupported.Keys.First()});
+                    validIssuerMetadata.CredentialConfigurationsSupported.Keys.ToList());
 
                 var context = await _agentProvider.GetContextAsync();
                 await _authFlowSessionStorage.StoreAsync(
@@ -271,7 +272,7 @@ select credentialOrTransactionId.Match(
                     {
                         var record = sdJwt.Decoded.ToRecord(configuration.AsT0, issuerMetadata, response.KeyId);
                         var context = await _agentProvider.GetContextAsync();
-                        await _sdJwtService.SaveAsync(context, record);
+                        await _sdJwtService.AddAsync(context, record);
                         return record;
                     },
                     async mdoc =>
@@ -302,7 +303,7 @@ from metadata in _issuerMetadataService.ProcessMetadata(offer.CredentialIssuer,
     }
 
     /// <inheritdoc />
-    public async Task<Validation<OneOf<SdJwtRecord, MdocRecord>>> RequestCredential(IssuanceSession issuanceSession)
+    public async Task<Validation<List<OneOf<SdJwtRecord, MdocRecord>>>> RequestCredential(IssuanceSession issuanceSession)
     {
         var context = await _agentProvider.GetContextAsync();
         
@@ -313,8 +314,7 @@ public async Task<Validation<OneOf<SdJwtRecord, MdocRecord>>> RequestCredential(
             .IssuerMetadata
             .CredentialConfigurationsSupported
             .Where(config => session.AuthorizationData.CredentialConfigurationIds.Contains(config.Key))
-            .Select(pair => pair.Value)
-            .First();
+            .Select(pair => pair.Value);
         
         var scope = session
             .AuthorizationData
@@ -336,37 +336,53 @@ public async Task<Validation<OneOf<SdJwtRecord, MdocRecord>>> RequestCredential(
         var token = await _tokenService.RequestToken(
             tokenRequest,
             session.AuthorizationData.AuthorizationServerMetadata);
-        
-        var validResponse = await _credentialRequestService.RequestCredentials(
-            credConfiguration,
-            session.AuthorizationData.IssuerMetadata,
-            token,
-            session.AuthorizationData.ClientOptions);
+
+        List<OneOf<SdJwtRecord, MdocRecord>> credentials = new();
+        //TODO: Make sure that it does not always request all available credConfigurations
+        foreach (var configuration in credConfiguration)
+        {
+            var validResponse = await _credentialRequestService.RequestCredentials(
+                configuration,
+                session.AuthorizationData.IssuerMetadata,
+                token,
+                session.AuthorizationData.ClientOptions);
+            
+            var result =
+                from response in validResponse
+                let cNonce = response.CNonce
+                let credentialOrTransactionId = response.CredentialOrTransactionId
+                select credentialOrTransactionId.Match(
+                    async credential => await credential.Value.Match<Task<OneOf<SdJwtRecord, MdocRecord>>>(
+                        async sdJwt =>
+                        {
+                            token = token.Match<OneOf<OAuthToken, DPopToken>>(
+                                oAuth => oAuth with { CNonce = cNonce.ToNullable()},
+                                dPop => dPop with { Token = dPop.Token with {CNonce = cNonce.ToNullable()}});
+                            
+                            var record = sdJwt.Decoded.ToRecord(configuration.AsT0, session.AuthorizationData.IssuerMetadata, response.KeyId);
+                            await _sdJwtService.AddAsync(context, record);
+                            return record;
+                        },
+                        async mdoc =>
+                        {
+                            token = token.Match<OneOf<OAuthToken, DPopToken>>(
+                                oAuth => oAuth with { CNonce = cNonce.ToNullable()},
+                                dPop => dPop with { Token = dPop.Token with {CNonce = cNonce.ToNullable()}});
+                            
+                            var displays = MdocFun.CreateMdocDisplays(configuration.AsT1);
+                            var record = mdoc.Decoded.ToRecord(displays);
+                            await _mdocStorage.Add(record);
+                            return record;
+                        }),
+                    // ReSharper disable once UnusedParameter.Local
+                    transactionId => throw new NotImplementedException());
+
+            await result.OnSuccess(async task => credentials.Add(await task));
+        }
         
         await _authFlowSessionStorage.DeleteAsync(context, session.AuthFlowSessionState);
         
-        var result =
-            from response in validResponse
-            let credentialOrTransactionId = response.CredentialOrTransactionId
-            select credentialOrTransactionId.Match(
-                async credential => await credential.Value.Match<Task<OneOf<SdJwtRecord, MdocRecord>>>(
-                    async sdJwt =>
-                    {
-                        var record = sdJwt.Decoded.ToRecord(credConfiguration.AsT0, session.AuthorizationData.IssuerMetadata, response.KeyId);
-                        await _sdJwtService.SaveAsync(context, record);
-                        return record;
-                    },
-                    async mdoc =>
-                    {
-                        var displays = MdocFun.CreateMdocDisplays(credConfiguration.AsT1);
-                        var record = mdoc.Decoded.ToRecord(displays);
-                        await _mdocStorage.Add(record);
-                        return record;
-                    }),
-                // ReSharper disable once UnusedParameter.Local
-                transactionId => throw new NotImplementedException());
-        
-        return await result.OnSuccess(task => task);
+        return credentials;
     }
 
     private static AuthorizationCodeParameters CreateAndStoreCodeChallenge()
diff --git a/src/WalletFramework.SdJwtVc/Services/SdJwtVcHolderService/ISdJwtVcHolderService.cs b/src/WalletFramework.SdJwtVc/Services/SdJwtVcHolderService/ISdJwtVcHolderService.cs
@@ -66,10 +66,18 @@ Task<List<SdJwtRecord>> ListAsync(
         int skip = 0);
 
     /// <summary>
-    ///     Stores or updates a SD-JWT record.
+    ///     Updates a SD-JWT record.
     /// </summary>
     /// <param name="context">The agent context.</param>
     /// <param name="record">The SD-JWT record to be saved</param>
     /// <returns>A task representing the asynchronous operation. The task result contains the ID of the stored JWT record.</returns>
-    Task SaveAsync(IAgentContext context, SdJwtRecord record);
+    Task UpdateAsync(IAgentContext context, SdJwtRecord record);
+    
+    /// <summary>
+    ///     Adds a SD-JWT record.
+    /// </summary>
+    /// <param name="context">The agent context.</param>
+    /// <param name="record">The SD-JWT record to be saved</param>
+    /// <returns>A task representing the asynchronous operation. The task result contains the ID of the stored JWT record.</returns>
+    Task AddAsync(IAgentContext context, SdJwtRecord record);
 }
diff --git a/src/WalletFramework.SdJwtVc/Services/SdJwtVcHolderService/SdJwtVcHolderService.cs b/src/WalletFramework.SdJwtVc/Services/SdJwtVcHolderService/SdJwtVcHolderService.cs
@@ -91,17 +91,13 @@ public Task<List<SdJwtRecord>> ListAsync(
         int skip = 0) => _recordService.SearchAsync<SdJwtRecord>(context.Wallet, query, null, count, skip);
 
     /// <inheritdoc />
-    public virtual async Task SaveAsync(IAgentContext context, SdJwtRecord record)
-    {
-        try
-        {
+    public virtual async Task AddAsync(IAgentContext context, SdJwtRecord record) => 
             await _recordService.AddAsync(context.Wallet, record);
-        }
-        catch (WalletItemAlreadyExistsException)
-        {
-            await _recordService.UpdateAsync(context.Wallet, record);
-        }
-    }
+    
+    /// <inheritdoc />
+    public virtual async Task UpdateAsync(IAgentContext context, SdJwtRecord record) => 
+        await _recordService.UpdateAsync(context.Wallet, record);
+        
 }
 
 internal static class SdJwtRecordExtensions
diff --git a/test/WalletFramework.Integration.Tests/WalletFramework.Integration.Tests/Oid4Vp/Oid4VpClientServiceTests.cs b/test/WalletFramework.Integration.Tests/WalletFramework.Integration.Tests/Oid4Vp/Oid4VpClientServiceTests.cs
@@ -83,7 +83,7 @@ public async Task CanExecuteOpenId4VpFlow()
 
         var sdJwt = new SdJwtRecord();
             
-        await _sdJwtVcHolderService.SaveAsync(_agent1!.Context, sdJwt);
+        await _sdJwtVcHolderService.AddAsync(_agent1!.Context, sdJwt);
         
         //Act
         var (authorizationRequest, credentials) =

Original file line number	Diff line number	Diff line change
`@@ -4,7 +4,7 @@ namespace WalletFramework.Oid4Vc.Oid4Vci.Authorization.DPop.Models;`
`4`	`4`
`5`	`5`	`public record DPopToken`
`6`	`6`	`{`
`7`		`- internal OAuthToken Token { get; }`
	`7`	`+ internal OAuthToken Token { get; init; }`
`8`	`8`
`9`	`9`	`internal DPop DPop { get; }`
`10`	`10`
Original file line number	Diff line number	Diff line change
`@@ -7,7 +7,7 @@ namespace WalletFramework.Oid4Vc.Oid4Vci.Authorization.Models;`
`7`	`7`	`/// Represents a successful response from the OAuth 2.0 Authorization Server containing`
`8`	`8`	`/// the issued access token and related information.`
`9`	`9`	`/// </summary>`
`10`		`-public class OAuthToken`
	`10`	`+public record OAuthToken`
`11`	`11`	`{`
`12`	`12`	`/// <summary>`
`13`	`13`	`/// Indicates if the Token Request is still pending as the Credential Issuer`