feat(verifyVC): add verifyVC method to VC Base Service

energywebfoundation · Jul 4, 2022 · 3187e5e · 3187e5e
1 parent 901d4f8
commit 3187e5e
Show file tree

Hide file tree

Showing 11 changed files with 4,875 additions and 6,504 deletions.
diff --git a/docs/api/classes/modules_claims.ClaimsService.md b/docs/api/classes/modules_claims.ClaimsService.md
@@ -45,6 +45,7 @@ claimsService.getClaimById(claim.id);
 - [rejectClaimRequest](modules_claims.ClaimsService.md#rejectclaimrequest)
 - [revokeClaim](modules_claims.ClaimsService.md#revokeclaim)
 - [revokeMultipleClaim](modules_claims.ClaimsService.md#revokemultipleclaim)
+- [verifyVc](modules_claims.ClaimsService.md#verifyvc)
 - [create](modules_claims.ClaimsService.md#create)
 
 ## Constructors
@@ -768,6 +769,24 @@ claimsService.revokeMultipleClaim({
 
 ___
 
+### verifyVc
+
+▸ **verifyVc**(`vc`): `Promise`<`void`\>
+
+Verifies that credential was issued by authorized issuer
+
+#### Parameters
+
+| Name | Type | Description |
+| :------ | :------ | :------ |
+| `vc` | `VerifiableCredential`<`RoleCredentialSubject`\> | to be verified |
+
+#### Returns
+
+`Promise`<`void`\>
+
+___
+
 ### create
 
 ▸ `Static` **create**(`signerService`, `domainsService`, `cacheClient`, `didRegistry`, `verifiableCredentialService`): `Promise`<[`ClaimsService`](modules_claims.ClaimsService.md)\>

diff --git a/e2e/claims.service.e2e.ts b/e2e/claims.service.e2e.ts
@@ -514,7 +514,6 @@ describe('Сlaim tests', () => {
         data: roles[`${roleName2}.${root}`],
         returnSteps: false,
       });
-
       await enrolAndIssue(dynamicIssuer, staticIssuer, {
         subjectDID: dynamicIssuerDID,
         claimType: `${roleName1}.${root}`,

diff --git a/e2e/credential-revocation.e2e.ts b/e2e/credential-revocation.e2e.ts
@@ -408,4 +408,4 @@ describe('Off-chain credential revocation', () => {
       )
     ).toBeDefined();
   });
-});
+});
diff --git a/e2e/verifiable-credentials.service.e2e.ts b/e2e/verifiable-credentials.service.e2e.ts
@@ -497,4 +497,4 @@ describe('Verifiable credentials tests', () => {
       ).toEqual(issuedPresentation);
     });
   });
-});
+});
diff --git a/package-lock.json b/package-lock.json
diff --git a/src/errors/error-messages.ts b/src/errors/error-messages.ts
@@ -32,4 +32,5 @@ export enum ERROR_MESSAGES {
   REVOKE_CLAIM_MISSING_PARAMETERS = 'Revoke claim missing parameters. Required one of: claimId or claim',
   REVOKE_CLAIM_NOT_FOUND = 'Could not find claim to revoke',
   DID_DOCUMENT_NOT_UPDATED = 'DID Document was not updated',
+  PROOF_NOT_VERIFIED = 'Proof not verified',
 }
diff --git a/src/init.ts b/src/init.ts
@@ -125,4 +125,4 @@ export async function init(signerService: SignerService) {
     messagingService,
     connectToCacheServer,
   };
-}
+}
diff --git a/src/modules/claims/claims.service.ts b/src/modules/claims/claims.service.ts
@@ -1,18 +1,19 @@
 /* eslint-disable @typescript-eslint/no-unused-vars */
 import { providers, utils, Wallet } from 'ethers';
+import {
+  verifyCredential,
+} from 'didkit-wasm-node';
 import jsonwebtoken from 'jsonwebtoken';
 import { v4 } from 'uuid';
 import {
   IRoleDefinition,
   IRoleDefinitionV2,
   PreconditionType,
+  RoleCredentialSubject,
 } from '@energyweb/credential-governance';
 import {
-  CredentialResolver,
-  EthersProviderIssuerResolver,
-  IpfsCredentialResolver,
-  VCIssuerVerification,
-} from '@energyweb/vc-verification';
+  VerifiableCredential
+} from '@ew-did-registry/credentials-interface';
 import { ClaimRevocation } from '@energyweb/onchain-claims';
 import { Methods } from '@ew-did-registry/did';
 import { Algorithms } from '@ew-did-registry/jwt';
@@ -66,6 +67,12 @@ import {
   ClaimRevocationDetailsResult,
   GetClaimsByRevokerOptions,
 } from './claims.types';
+import {
+  CredentialResolver,
+  EthersProviderIssuerResolver,
+  IpfsCredentialResolver,
+  VCIssuerVerification,
+} from '@energyweb/vc-verification';
 import { DidRegistry } from '../did-registry/did-registry.service';
 import { ClaimData } from '../did-registry/did.types';
 import { compareDID, isValidDID } from '../../utils/did';
@@ -97,18 +104,22 @@ const {
 export class ClaimsService {
   private _claimManager: string;
   private _claimManagerInterface = ClaimManager__factory.createInterface();
-  private _vcIssuerVerifier: VCIssuerVerification;
   private _claimRevocation: ClaimRevocation;
-
+  private _vcIssuerVerifier: VCIssuerVerification;
+  protected verifyProof: (
+    vc: string,
+    proof_options: string
+  )  => Promise<string>
   constructor(
     private _signerService: SignerService,
     private _domainsService: DomainsService,
     private _cacheClient: CacheClient,
     private _didRegistry: DidRegistry,
-    private _verifiableCredentialService: VerifiableCredentialsServiceBase
+    private _verifiableCredentialService: VerifiableCredentialsServiceBase,
   ) {
     this._signerService.onInit(this.init.bind(this));
     this._setClaimIssuerVerifier();
+    this.verifyProof = verifyCredential;
   }
 
   static async create(
@@ -123,7 +134,7 @@ export class ClaimsService {
       domainsService,
       cacheClient,
       didRegistry,
-      verifiableCredentialService
+      verifiableCredentialService,
     );
     await service.init();
     return service;
@@ -457,7 +468,7 @@ export class ClaimsService {
     }
 
     if (registrationTypes.includes(RegistrationTypes.OffChain)) {
-      await this.verifyVcIssuer(claimData.claimType);
+      await this.verifyIssuer(claimData.claimType);
       const publicClaim: IPublicClaim = {
         did: sub,
         signer: this._signerService.did,
@@ -626,7 +637,7 @@ export class ClaimsService {
       namespace: claim.claimType,
     });
 
-    await this.verifyVcIssuer(claim.claimType);
+    await this.verifyIssuer(claim.claimType);
     await this.verifyEnrolmentPrerequisites({
       subject,
       role: claim.claimType,
@@ -1204,8 +1215,11 @@ export class ClaimsService {
    *
    * @param {String} role Registration types of the claim
    */
-  private async verifyVcIssuer(role: string): Promise<void> {
-    await this._vcIssuerVerifier.verifyIssuer(this._signerService.did, role);
+  private async verifyIssuer(role: string): Promise<void> {
+    await this._vcIssuerVerifier.verifyIssuer(
+      this._signerService.did,
+      role,
+    );
   }
 
   /**
@@ -1403,7 +1417,21 @@ export class ClaimsService {
     );
   }
 
-  /**
+    /**
+   * Verifies that credential was issued by authorized issuer
+   *
+   * @param {VerifiableCredential<RoleCredentialSubject} vc to be verified
+   */
+     async verifyVc(vc: VerifiableCredential<RoleCredentialSubject>) {
+      const issuerDID = this._signerService.did;
+      if (!await this._verifiableCredentialService.verify(vc)) {
+        throw new Error(ERROR_MESSAGES.PROOF_NOT_VERIFIED)
+      }
+       const role = vc.credentialSubject.role.namespace;
+       await this._vcIssuerVerifier.verifyIssuer(issuerDID, role);
+    }
+
+    /**
    *
    * Set the Verifier for Claim Issuance.
    *

diff --git a/src/modules/verifiable-credentials/verifiable-credentials-base.service.ts b/src/modules/verifiable-credentials/verifiable-credentials-base.service.ts
@@ -127,18 +127,17 @@ export abstract class VerifiableCredentialsServiceBase {
     vp: string,
     proof_options: string
   ): Promise<string>;
-
   constructor(
     protected readonly _signerService: SignerService,
-    protected readonly _cacheClient: CacheClient
+    protected readonly _cacheClient: CacheClient,
   ) {}
 
   // * Should be overridden by the implementation
   static async create(
     // eslint-disable-next-line @typescript-eslint/no-unused-vars
     signerService: SignerService,
     // eslint-disable-next-line @typescript-eslint/no-unused-vars
-    cacheClient: CacheClient
+    cacheClient: CacheClient,
   ): Promise<VerifiableCredentialsServiceBase> {
     throw new Error('Not implemented');
   }

diff --git a/src/modules/verifiable-credentials/verifiable-credentials-node.service.ts b/src/modules/verifiable-credentials/verifiable-credentials-node.service.ts
@@ -42,7 +42,10 @@ export class VerifiableCredentialsServiceNode extends VerifiableCredentialsServi
     proof_options: string
   ) => Promise<string>;
 
-  constructor(_signerService: SignerService, _cacheClient) {
+  constructor(
+    _signerService: SignerService,
+    _cacheClient
+  ) {
     super(_signerService, _cacheClient);
 
     this.completeIssueCredential = completeIssueCredential;
@@ -54,7 +57,10 @@ export class VerifiableCredentialsServiceNode extends VerifiableCredentialsServi
     this.verifyPresentation = verifyPresentation;
   }
 
-  static async create(signerService: SignerService, cacheClient) {
+  static async create(
+    signerService: SignerService,
+    cacheClient
+  ) {
     const service = new VerifiableCredentialsServiceNode(
       signerService,
       cacheClient

diff --git a/src/modules/verifiable-credentials/verifiable-credentials-web.service.ts b/src/modules/verifiable-credentials/verifiable-credentials-web.service.ts
@@ -43,7 +43,10 @@ export class VerifiableCredentialsServiceWeb extends VerifiableCredentialsServic
     proof_options: string
   ) => Promise<string>;
 
-  constructor(_signerService: SignerService, _cacheClient: CacheClient) {
+  constructor(
+    _signerService: SignerService,
+    _cacheClient: CacheClient
+  ) {
     super(_signerService, _cacheClient);
 
     this.completeIssueCredential = completeIssueCredential;
@@ -55,7 +58,10 @@ export class VerifiableCredentialsServiceWeb extends VerifiableCredentialsServic
     this.verifyPresentation = verifyPresentation;
   }
 
-  static async create(signerService: SignerService, cacheClient: CacheClient) {
+  static async create(
+    signerService: SignerService,
+    cacheClient: CacheClient
+  ) {
     const service = new VerifiableCredentialsServiceWeb(
       signerService,
       cacheClient
-Original file line number
+Diff line change
@@ Expand Up / @@ -408,4 +408,4 @@ describe('Off-chain credential revocation', () => { @@
           )
         ).toBeDefined();
       });
-    });
+    });