feat: add possibility to override sub

mishasizov-SK · Mar 22, 2024 · d3b95d3 · d3b95d3
1 parent 6a61141
commit d3b95d3
Show file tree

Hide file tree

Showing 8 changed files with 212 additions and 184 deletions.
diff --git a/api/spec/openapi.gen.go b/api/spec/openapi.gen.go
diff --git a/docs/v1/openapi.yaml b/docs/v1/openapi.yaml
@@ -1473,6 +1473,10 @@ components:
             type: boolean
             description: Override issuer.
             nullable: true
+        override_subject_did:
+          type: boolean
+          description: Override credential subject did.
+          nullable: true
         credential:
           type: object
           description: Raw Complete credential for sign and customization

diff --git a/pkg/restapi/v1/issuer/controller.go b/pkg/restapi/v1/issuer/controller.go
@@ -458,9 +458,10 @@ func (c *Controller) initiateIssuance(
 
 		if multiCredentialIssuance.Compose != nil {
 			credConfig.ComposeCredential = &oidc4ci.InitiateIssuanceComposeCredential{
-				Credential:     multiCredentialIssuance.Compose.Credential,
-				IDTemplate:     lo.FromPtr(multiCredentialIssuance.Compose.IdTemplate),
-				OverrideIssuer: lo.FromPtr(multiCredentialIssuance.Compose.OverrideIssuer),
+				Credential:         multiCredentialIssuance.Compose.Credential,
+				IDTemplate:         lo.FromPtr(multiCredentialIssuance.Compose.IdTemplate),
+				OverrideIssuer:     lo.FromPtr(multiCredentialIssuance.Compose.OverrideIssuer),
+				OverrideSubjectDID: lo.FromPtr(multiCredentialIssuance.Compose.OverrideSubjectDid),
 			}
 		}
 

diff --git a/pkg/restapi/v1/issuer/openapi.gen.go b/pkg/restapi/v1/issuer/openapi.gen.go
diff --git a/pkg/service/oidc4ci/api.go b/pkg/service/oidc4ci/api.go
@@ -112,8 +112,9 @@ type TxCredentialConfiguration struct {
 }
 
 type CredentialComposeConfiguration struct {
-	IDTemplate     string `json:"id_template"`
-	OverrideIssuer bool   `json:"override_issuer"`
+	IDTemplate         string `json:"id_template"`
+	OverrideIssuer     bool   `json:"override_issuer"`
+	OverrideSubjectDID bool   `json:"override_subject_did"`
 }
 
 // AuthorizationDetails represents the domain model for Authorization Details request.
@@ -194,9 +195,10 @@ type InitiateIssuanceCredentialConfiguration struct {
 }
 
 type InitiateIssuanceComposeCredential struct {
-	Credential     *map[string]interface{} `json:"credential,omitempty"`
-	IDTemplate     string                  `json:"id_template"`
-	OverrideIssuer bool                    `json:"override_issuer"`
+	Credential         *map[string]interface{} `json:"credential,omitempty"`
+	IDTemplate         string                  `json:"id_template"`
+	OverrideIssuer     bool                    `json:"override_issuer"`
+	OverrideSubjectDID bool                    `json:"override_subject_did"`
 }
 
 // InitiateIssuanceResponse is the response from the Issuer to the Wallet with initiate issuance URL.

diff --git a/pkg/service/oidc4ci/composer.go b/pkg/service/oidc4ci/composer.go
@@ -27,7 +27,7 @@ func (c *CredentialComposer) Compose(
 	credential *verifiable.Credential,
 	tx *Transaction,
 	txCredentialConfiguration *TxCredentialConfiguration,
-	_ *PrepareCredentialRequest,
+	prepRequest *PrepareCredentialRequest,
 ) (*verifiable.Credential, error) {
 	if txCredentialConfiguration == nil || txCredentialConfiguration.CredentialComposeConfiguration == nil {
 		return credential, nil
@@ -46,6 +46,17 @@ func (c *CredentialComposer) Compose(
 		credential = credential.WithModifiedIssuer(&verifiable.Issuer{ID: tx.DID})
 	}
 
+	if txCredentialConfiguration.CredentialComposeConfiguration.OverrideSubjectDID {
+		var newSubjects []verifiable.Subject
+		for _, s := range credential.Contents().Subject {
+			s.ID = prepRequest.DID
+
+			newSubjects = append(newSubjects, s)
+		}
+
+		credential = credential.WithModifiedSubject(newSubjects)
+	}
+
 	return credential, nil
 }
 

diff --git a/pkg/service/oidc4ci/composer_test.go b/pkg/service/oidc4ci/composer_test.go
@@ -14,7 +14,9 @@ func TestComposer(t *testing.T) {
 	t.Run("success", func(t *testing.T) {
 		srv := oidc4ci.NewCredentialComposer()
 
-		cred, err := verifiable.CreateCredential(verifiable.CredentialContents{}, verifiable.CustomFields{})
+		cred, err := verifiable.CreateCredential(verifiable.CredentialContents{
+			Subject: []verifiable.Subject{{ID: "xxx:yyy"}},
+		}, verifiable.CustomFields{})
 		assert.NoError(t, err)
 
 		resp, err := srv.Compose(
@@ -28,18 +30,22 @@ func TestComposer(t *testing.T) {
 			},
 			&oidc4ci.TxCredentialConfiguration{
 				CredentialComposeConfiguration: &oidc4ci.CredentialComposeConfiguration{
-					IDTemplate:     "hardcoded:{{.TxID}}:suffix",
-					OverrideIssuer: true,
+					IDTemplate:         "hardcoded:{{.TxID}}:suffix",
+					OverrideIssuer:     true,
+					OverrideSubjectDID: true,
 				},
 			},
-			&oidc4ci.PrepareCredentialRequest{},
+			&oidc4ci.PrepareCredentialRequest{
+				DID: "some-awesome-did",
+			},
 		)
 
 		assert.NoError(t, err)
 		assert.NotNil(t, resp)
 
 		assert.EqualValues(t, "hardcoded:some-awesome-id:suffix", resp.Contents().ID)
 		assert.EqualValues(t, "did:example:123", resp.Contents().Issuer.ID)
+		assert.EqualValues(t, "some-awesome-did", resp.Contents().Subject[0].ID)
 	})
 
 	t.Run("invalid template", func(t *testing.T) {

diff --git a/pkg/service/oidc4ci/oidc4ci_service_initiate_issuance.go b/pkg/service/oidc4ci/oidc4ci_service_initiate_issuance.go
@@ -260,8 +260,9 @@ func (s *Service) applyPreAuthFlowModifications(
 		txCredentialConfiguration.ClaimDataType = ClaimDataTypeVC
 
 		txCredentialConfiguration.CredentialComposeConfiguration = &CredentialComposeConfiguration{
-			IDTemplate:     req.ComposeCredential.IDTemplate,
-			OverrideIssuer: req.ComposeCredential.OverrideIssuer,
+			IDTemplate:         req.ComposeCredential.IDTemplate,
+			OverrideIssuer:     req.ComposeCredential.OverrideIssuer,
+			OverrideSubjectDID: req.ComposeCredential.OverrideSubjectDID,
 		}
 	}