public async Task CanCreateAndResolveCredentialDefinitionAndSchema()
{
var issuer = await Did.CreateAndStoreMyDidAsync(_issuerWallet,
new { seed = TestConstants.StewartDid }.ToJson());
var schemaName = $"Test-Schema-{Guid.NewGuid().ToString()}";
var schemaVersion = "1.0";
var schemaAttrNames = new[] { "test_attr_1", "test_attr_2" };
//Create a dummy schema
var schemaId = await _schemaService.CreateSchemaAsync(_pool, _issuerWallet, issuer.Did, schemaName, schemaVersion,
schemaAttrNames);
var credId = await _schemaService.CreateCredentialDefinitionAsync(_pool, _issuerWallet, schemaId, issuer.Did, "Tag", false, 100, new Uri("http://mock/tails"));
var credDef =
await _schemaService.LookupCredentialDefinitionAsync(_pool, credId);
var resultCredId = JObject.Parse(credDef)["id"].ToString();
Assert.Equal(credId, resultCredId);
var result = await _schemaService.LookupSchemaFromCredentialDefinitionAsync(_pool, credId);
var resultSchemaName = JObject.Parse(result)["name"].ToString();
var resultSchemaVersion = JObject.Parse(result)["version"].ToString();
Assert.Equal(schemaName, resultSchemaName);
Assert.Equal(schemaVersion, resultSchemaVersion);
var recordResult = await _schemaService.GetCredentialDefinitionAsync(_issuerWallet, credId);
Assert.Equal(schemaId, recordResult.SchemaId);
}
/// <inheritdoc />
public virtual async Task RevokeCredentialAsync(IAgentContext agentContext, string credentialId)
{
var credentialRecord = await GetAsync(agentContext, credentialId);
if (credentialRecord.State != CredentialState.Issued)
{
throw new AriesFrameworkException(ErrorCode.RecordInInvalidState,
$"Credential state was invalid. Expected '{CredentialState.Requested}', found '{credentialRecord.State}'");
}
var definition = await SchemaService.GetCredentialDefinitionAsync(agentContext.Wallet, credentialRecord.CredentialDefinitionId);
var provisioning = await ProvisioningService.GetProvisioningAsync(agentContext.Wallet);
// Check if the state machine is valid for revocation
await credentialRecord.TriggerAsync(CredentialTrigger.Revoke);
var revocationRecord = await RecordService.GetAsync <RevocationRegistryRecord>(agentContext.Wallet, credentialRecord.RevocationRegistryId);
// Revoke the credential
var tailsReader = await TailsService.OpenTailsAsync(revocationRecord.TailsFile);
var revocRegistryDeltaJson = await AnonCreds.IssuerRevokeCredentialAsync(
agentContext.Wallet,
tailsReader,
revocationRecord.Id,
credentialRecord.CredentialRevocationId);
var paymentInfo = await PaymentService.GetTransactionCostAsync(agentContext, TransactionTypes.REVOC_REG_ENTRY);
// Write the delta state on the ledger for the corresponding revocation registry
await LedgerService.SendRevocationRegistryEntryAsync(
context : agentContext,
issuerDid : provisioning.IssuerDid,
revocationRegistryDefinitionId : revocationRecord.Id,
revocationDefinitionType : "CL_ACCUM",
value : revocRegistryDeltaJson,
paymentInfo : paymentInfo);
if (paymentInfo != null)
{
await RecordService.UpdateAsync(agentContext.Wallet, paymentInfo.PaymentAddress);
}
// Update local credential record
await RecordService.UpdateAsync(agentContext.Wallet, credentialRecord);
}
/// <inheritdoc />
public async Task <(CredentialIssueMessage, CredentialRecord)> CreateCredentialAsync(IAgentContext agentContext,
string credentialId, IEnumerable <CredentialPreviewAttribute> values)
{
var credentialRecord = await GetAsync(agentContext, credentialId);
if (credentialRecord.State != CredentialState.Requested)
{
throw new AriesFrameworkException(ErrorCode.RecordInInvalidState,
$"Credential state was invalid. Expected '{CredentialState.Requested}', found '{credentialRecord.State}'");
}
if (values != null && values.Any())
{
credentialRecord.CredentialAttributesValues = values;
}
var definitionRecord =
await SchemaService.GetCredentialDefinitionAsync(agentContext.Wallet,
credentialRecord.CredentialDefinitionId);
if (credentialRecord.ConnectionId != null)
{
var connection = await ConnectionService.GetAsync(agentContext, credentialRecord.ConnectionId);
if (connection.State != ConnectionState.Connected)
{
throw new AriesFrameworkException(ErrorCode.RecordInInvalidState,
$"Connection state was invalid. Expected '{ConnectionState.Connected}', found '{connection.State}'");
}
}
var(issuedCredential, revocationRecord) = await IssueCredentialSafeAsync(agentContext, definitionRecord,
credentialRecord);
if (definitionRecord.SupportsRevocation)
{
var provisioning = await ProvisioningService.GetProvisioningAsync(agentContext.Wallet);
var paymentInfo =
await PaymentService.GetTransactionCostAsync(agentContext, TransactionTypes.REVOC_REG_ENTRY);
if (issuedCredential.RevocRegDeltaJson != null)
{
await LedgerService.SendRevocationRegistryEntryAsync(
context : agentContext,
issuerDid : provisioning.IssuerDid,
revocationRegistryDefinitionId : revocationRecord.Id,
revocationDefinitionType : "CL_ACCUM",
value : issuedCredential.RevocRegDeltaJson,
paymentInfo : paymentInfo);
}
// Store data relevant for credential revocation
credentialRecord.CredentialRevocationId = issuedCredential.RevocId;
credentialRecord.RevocationRegistryId = revocationRecord.Id;
if (paymentInfo != null)
{
await RecordService.UpdateAsync(agentContext.Wallet, paymentInfo.PaymentAddress);
}
}
await credentialRecord.TriggerAsync(CredentialTrigger.Issue);
await RecordService.UpdateAsync(agentContext.Wallet, credentialRecord);
var threadId = credentialRecord.GetTag(TagConstants.LastThreadId);
var credentialMsg = new CredentialIssueMessage(agentContext.UseMessageTypesHttps)
{
Credentials = new[]
{
new Attachment
{
Id = "libindy-cred-0",
MimeType = CredentialMimeTypes.ApplicationJsonMimeType,
Data = new AttachmentContent
{
Base64 = issuedCredential.CredentialJson
.GetUTF8Bytes()
.ToBase64String()
}
}
}
};
credentialMsg.ThreadFrom(threadId);
return(credentialMsg, credentialRecord);
}
/// <inheritdoc />
public virtual async Task IssueCredentialAsync(IAgentContext agentContext, string issuerDid, string credentialId,
Dictionary <string, string> values)
{
var credential = await GetAsync(agentContext, credentialId);
if (credential.State != CredentialState.Requested)
{
throw new AgentFrameworkException(ErrorCode.RecordInInvalidState,
$"Credential state was invalid. Expected '{CredentialState.Requested}', found '{credential.State}'");
}
var credentialCopy = credential.DeepCopy();
if (values != null && values.Count > 0)
{
credential.ValuesJson = CredentialUtils.FormatCredentialValues(values);
}
var definitionRecord =
await SchemaService.GetCredentialDefinitionAsync(agentContext.Wallet, credential.CredentialDefinitionId);
var connection = await ConnectionService.GetAsync(agentContext, credential.ConnectionId);
if (connection.State != ConnectionState.Connected)
{
throw new AgentFrameworkException(ErrorCode.RecordInInvalidState,
$"Connection state was invalid. Expected '{ConnectionState.Connected}', found '{connection.State}'");
}
string revocationRegistryId = null;
BlobStorageReader tailsReader = null;
if (definitionRecord.SupportsRevocation)
{
var revocationRecordSearch = await RecordService.SearchAsync <RevocationRegistryRecord>(
agentContext.Wallet, SearchQuery.Equal(nameof(RevocationRegistryRecord.CredentialDefinitionId), definitionRecord.Id), null, 5);
var revocationRecord = revocationRecordSearch.Single(); // TODO: Credential definition can have multiple revocation registries
revocationRegistryId = revocationRecord.Id;
tailsReader = await TailsService.OpenTailsAsync(revocationRecord.TailsFile);
}
var issuedCredential = await AnonCreds.IssuerCreateCredentialAsync(agentContext.Wallet, credential.OfferJson,
credential.RequestJson, credential.ValuesJson, revocationRegistryId, tailsReader);
if (definitionRecord.SupportsRevocation)
{
await LedgerService.SendRevocationRegistryEntryAsync(agentContext.Wallet, agentContext.Pool, issuerDid,
revocationRegistryId,
"CL_ACCUM", issuedCredential.RevocRegDeltaJson);
credential.CredentialRevocationId = issuedCredential.RevocId;
}
var msg = new CredentialMessage
{
CredentialJson = issuedCredential.CredentialJson,
RevocationRegistryId = revocationRegistryId
};
await credential.TriggerAsync(CredentialTrigger.Issue);
await RecordService.UpdateAsync(agentContext.Wallet, credential);
try
{
await MessageService.SendAsync(agentContext.Wallet, msg, connection);
}
catch (Exception e)
{
await RecordService.UpdateAsync(agentContext.Wallet, credentialCopy);
throw new AgentFrameworkException(ErrorCode.A2AMessageTransmissionError, "Failed to send credential request message", e);
}
}
/// <inheritdoc />
public virtual async Task <(CredentialMessage, CredentialRecord)> CreateCredentialAsync(IAgentContext agentContext, string issuerDid, string credentialId,
IEnumerable <CredentialPreviewAttribute> values)
{
var credential = await GetAsync(agentContext, credentialId);
if (credential.State != CredentialState.Requested)
{
throw new AgentFrameworkException(ErrorCode.RecordInInvalidState,
$"Credential state was invalid. Expected '{CredentialState.Requested}', found '{credential.State}'");
}
if (values != null && values.Any())
{
credential.CredentialAttributesValues = values;
}
var definitionRecord =
await SchemaService.GetCredentialDefinitionAsync(agentContext.Wallet, credential.CredentialDefinitionId);
var connection = await ConnectionService.GetAsync(agentContext, credential.ConnectionId);
if (connection.State != ConnectionState.Connected)
{
throw new AgentFrameworkException(ErrorCode.RecordInInvalidState,
$"Connection state was invalid. Expected '{ConnectionState.Connected}', found '{connection.State}'");
}
string revocationRegistryId = null;
BlobStorageReader tailsReader = null;
if (definitionRecord.SupportsRevocation)
{
var revocationRecordSearch = await RecordService.SearchAsync <RevocationRegistryRecord>(
agentContext.Wallet, SearchQuery.Equal(nameof(RevocationRegistryRecord.CredentialDefinitionId), definitionRecord.Id), null, 5);
var revocationRecord = revocationRecordSearch.Single(); // TODO: Credential definition can have multiple revocation registries
revocationRegistryId = revocationRecord.Id;
tailsReader = await TailsService.OpenTailsAsync(revocationRecord.TailsFile);
}
var issuedCredential = await AnonCreds.IssuerCreateCredentialAsync(agentContext.Wallet, credential.OfferJson,
credential.RequestJson, CredentialUtils.FormatCredentialValues(credential.CredentialAttributesValues), revocationRegistryId, tailsReader);
if (definitionRecord.SupportsRevocation)
{
var paymentInfo = await PaymentService.GetTransactionCostAsync(agentContext, TransactionTypes.REVOC_REG_ENTRY);
await LedgerService.SendRevocationRegistryEntryAsync(context : agentContext,
issuerDid : issuerDid,
revocationRegistryDefinitionId : revocationRegistryId,
revocationDefinitionType : "CL_ACCUM",
value : issuedCredential.RevocRegDeltaJson,
paymentInfo : paymentInfo);
credential.CredentialRevocationId = issuedCredential.RevocId;
if (paymentInfo != null)
{
await RecordService.UpdateAsync(agentContext.Wallet, paymentInfo.PaymentAddress);
}
}
await credential.TriggerAsync(CredentialTrigger.Issue);
await RecordService.UpdateAsync(agentContext.Wallet, credential);
var threadId = credential.GetTag(TagConstants.LastThreadId);
var credentialMsg = new CredentialMessage
{
CredentialJson = issuedCredential.CredentialJson,
RevocationRegistryId = revocationRegistryId
};
credentialMsg.ThreadFrom(threadId);
return(credentialMsg, credential);
}
/// <inheritdoc />
public virtual async Task IssueCredentialAsync(Pool pool, Wallet wallet, string issuerDid, string credentialId,
Dictionary <string, string> values)
{
var credentialRecord = await RecordService.GetAsync <CredentialRecord>(wallet, credentialId);
if (values != null && values.Count > 0)
{
credentialRecord.ValuesJson = CredentialUtils.FormatCredentialValues(values);
}
var definitionRecord =
await SchemaService.GetCredentialDefinitionAsync(wallet, credentialRecord.CredentialDefinitionId);
var connection = await ConnectionService.GetAsync(wallet, credentialRecord.ConnectionId);
if (credentialRecord.State != CredentialState.Requested)
{
throw new Exception(
$"Credential sate was invalid. Expected '{CredentialState.Requested}', found '{credentialRecord.State}'");
}
string revocationRegistryId = null;
BlobStorageReader tailsReader = null;
if (definitionRecord.SupportsRevocation)
{
var revocationRecordSearch = await RecordService.SearchAsync <RevocationRegistryRecord>(
wallet, new SearchRecordQuery { { TagConstants.CredentialDefinitionId, definitionRecord.DefinitionId } }, null, 1);
var revocationRecord = revocationRecordSearch.First();
revocationRegistryId = revocationRecord.RevocationRegistryId;
tailsReader = await TailsService.OpenTailsAsync(revocationRecord.TailsFile);
}
var issuedCredential = await AnonCreds.IssuerCreateCredentialAsync(wallet, credentialRecord.OfferJson,
credentialRecord.RequestJson, credentialRecord.ValuesJson, revocationRegistryId, tailsReader);
if (definitionRecord.SupportsRevocation)
{
await LedgerService.SendRevocationRegistryEntryAsync(wallet, pool, issuerDid,
revocationRegistryId,
"CL_ACCUM", issuedCredential.RevocRegDeltaJson);
credentialRecord.CredentialRevocationId = issuedCredential.RevocId;
}
var credentialDetails = new CredentialDetails
{
CredentialJson = issuedCredential.CredentialJson,
RevocationRegistryId = revocationRegistryId
};
await credentialRecord.TriggerAsync(CredentialTrigger.Issue);
await RecordService.UpdateAsync(wallet, credentialRecord);
var credential = await MessageSerializer.PackSealedAsync <CredentialMessage>(credentialDetails, wallet,
connection.MyVk,
connection.TheirVk);
credential.Type = MessageUtils.FormatDidMessageType(connection.TheirDid, MessageTypes.Credential);
await RouterService.ForwardAsync(new ForwardEnvelopeMessage
{
Content = credential.ToJson(),
Type = MessageUtils.FormatDidMessageType(connection.TheirDid, MessageTypes.Forward)
}, connection.Endpoint);
}
