chore: remove dependencies on afgo core (#1389)

Signed-off-by: Filip Burlacu <[email protected]>
trustbloc · Aug 29, 2023 · 4bf2b41 · 4bf2b41
1 parent d45ff97
commit 4bf2b41
Show file tree

Hide file tree

Showing 18 changed files with 280 additions and 93 deletions.
diff --git a/component/wallet-cli/go.mod b/component/wallet-cli/go.mod
@@ -11,7 +11,6 @@ require (
 	github.com/golang/mock v1.6.0
 	github.com/google/uuid v1.3.0
 	github.com/henvic/httpretty v0.1.0
-	github.com/hyperledger/aries-framework-go v0.3.3-0.20230810150537-71e132ba5968
 	github.com/hyperledger/aries-framework-go-ext/component/storage/mongodb v0.0.0-20220728172020-0a8903e45149
 	github.com/hyperledger/aries-framework-go-ext/component/vdr/jwk v0.0.0-20221213152252-f0c83a5a922c
 	github.com/hyperledger/aries-framework-go-ext/component/vdr/longform v0.0.0-20221201213446-c4c1e76daa49
@@ -87,9 +86,9 @@ require (
 	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
 	github.com/hashicorp/go-retryablehttp v0.7.4 // indirect
 	github.com/hashicorp/hcl v1.0.0 // indirect
+	github.com/hyperledger/aries-framework-go v0.3.3-0.20230810150537-71e132ba5968 // indirect
 	github.com/hyperledger/aries-framework-go-ext/component/vdr/sidetree v1.0.0-rc3.0.20221104150937-07bfbe450122 // indirect
 	github.com/hyperledger/aries-framework-go/component/log v0.0.0-20230427134832-0c9969493bd3 // indirect
-	github.com/hyperledger/aries-framework-go/component/storage/edv v0.0.0-20221025204933-b807371b6f1e // indirect
 	github.com/hyperledger/fabric-amcl v0.0.0-20230602173724-9e02669dceb2 // indirect
 	github.com/hyperledger/ursa-wrapper-go v0.3.1 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect

diff --git a/component/wallet-cli/go.sum b/component/wallet-cli/go.sum
@@ -577,8 +577,6 @@ github.com/hyperledger/aries-framework-go/component/log v0.0.0-20230427134832-0c
 github.com/hyperledger/aries-framework-go/component/log v0.0.0-20230427134832-0c9969493bd3/go.mod h1:CvYs4l8X2NrrF93weLOu5RTOIJeVdoZITtjEflyuTyM=
 github.com/hyperledger/aries-framework-go/component/models v0.0.0-20230810150537-71e132ba5968 h1:W8F1CA8P/bNb92P/JMYG2nWqv0bxLL58/Q8Rw9nsNyI=
 github.com/hyperledger/aries-framework-go/component/models v0.0.0-20230810150537-71e132ba5968/go.mod h1:AJkRLmQB1/umL5GfXw/XIarGaH/XCQOL/6wlGtqdDpA=
-github.com/hyperledger/aries-framework-go/component/storage/edv v0.0.0-20221025204933-b807371b6f1e h1:/hrQfwJvHJrwV2FSmfnRp5L6yKY9DqDFqwYyb+oVuDU=
-github.com/hyperledger/aries-framework-go/component/storage/edv v0.0.0-20221025204933-b807371b6f1e/go.mod h1:ACGP1L+WeecDtyA0Mi2E1kqtPLIGrCWPSJ43q2elwX8=
 github.com/hyperledger/aries-framework-go/component/storage/leveldb v0.0.0-20221202141134-083803ecf0a3 h1:GF7p/WrgKrhq7d0d9b6nkuW/sidMOwla9Muj4g+BgSY=
 github.com/hyperledger/aries-framework-go/component/storage/leveldb v0.0.0-20221202141134-083803ecf0a3/go.mod h1:i/bnCdoiv0a9fgHQtd+EiAxmCdaJKE3JYrgDUACKgyE=
 github.com/hyperledger/aries-framework-go/component/storageutil v0.0.0-20230427134832-0c9969493bd3 h1:JGYA9l5zTlvsvfnXT9hYPpCokAjmVKX0/r7njba7OX4=

diff --git a/component/wallet-cli/pkg/walletrunner/wallet.go b/component/wallet-cli/pkg/walletrunner/wallet.go
@@ -7,15 +7,15 @@ SPDX-License-Identifier: Apache-2.0
 package walletrunner
 
 import (
-	"errors"
+	"encoding/json"
 	"fmt"
 	"strings"
+	"sync"
 	"time"
 
 	"github.com/google/uuid"
-	"github.com/hyperledger/aries-framework-go/pkg/wallet"
+	"github.com/hyperledger/aries-framework-go/component/models/verifiable"
 	"github.com/hyperledger/aries-framework-go/spi/kms"
-
 	"github.com/trustbloc/vcs/component/wallet-cli/internal/vdrutil"
 	vcs "github.com/trustbloc/vcs/pkg/doc/verifiable"
 )
@@ -31,7 +31,21 @@ const (
 	didMethodION     = "ion"
 )
 
-func (s *Service) GetWallet() *wallet.Wallet {
+// Wallet provides verifiable credential storing, fetching, and presentation definition querying.
+type Wallet interface {
+	// Open opens wallet.
+	Open(passPhrase string) string
+	// Close closes wallet.
+	Close() bool
+	// Add adds a marshalled credential to the wallet.
+	Add(content json.RawMessage) error
+	// GetAll returns all stored credentials.
+	GetAll() (map[string]json.RawMessage, error)
+	// Query runs the given presentation definition on the stored credentials.
+	Query(pdBytes []byte) ([]*verifiable.Presentation, error)
+}
+
+func (s *Service) GetWallet() Wallet {
 	return s.wallet
 }
 
@@ -69,12 +83,9 @@ func (s *Service) CreateWallet() error {
 		s.wallet = w
 	}
 
-	token, err := s.wallet.Open(wallet.WithUnlockByPassphrase(s.vcProviderConf.WalletParams.Passphrase))
-	if err != nil {
-		if !errors.Is(err, wallet.ErrAlreadyUnlocked) {
-			return fmt.Errorf("unlock wallet: %w", err)
-		}
-	}
+	var err error
+
+	token := s.wallet.Open(s.vcProviderConf.WalletParams.Passphrase)
 
 	if token != "" {
 		s.vcProviderConf.WalletParams.Token = token
@@ -134,24 +145,21 @@ func (s *Service) CreateWallet() error {
 	return nil
 }
 
-func newWallet(shouldCreate bool, userID string, passphrase string, services *ariesServices) (*wallet.Wallet, error) {
-	if shouldCreate {
-		err := wallet.CreateProfile(userID, services, wallet.WithPassphrase(passphrase))
-		if err != nil {
-			return nil, fmt.Errorf("user profile create failed: %w", err)
-		}
-	}
-
-	w, err := wallet.New(userID, services)
+func newWallet(shouldCreate bool, userID string, passphrase string, services *ariesServices) (Wallet, error) {
+	store, err := services.storageProvider.OpenStore("wallet:credential")
 	if err != nil {
-		return nil, fmt.Errorf("create wallet failed: %w", err)
+		return nil, err
 	}
 
-	return w, nil
+	return &walletImpl{
+		credStore: store,
+		ldLoader:  services.documentLoader,
+		storeLock: sync.RWMutex{},
+	}, nil
 }
 
 func (s *Service) SaveCredentialInWallet(vc []byte) error {
-	err := s.wallet.Add(s.vcProviderConf.WalletParams.Token, wallet.Credential, vc)
+	err := s.wallet.Add(vc)
 	if err != nil {
 		return fmt.Errorf("wallet add credential failed: %w", err)
 	}

diff --git a/component/wallet-cli/pkg/walletrunner/wallet_impl.go b/component/wallet-cli/pkg/walletrunner/wallet_impl.go
@@ -0,0 +1,215 @@
+/*
+Copyright Gen Digital Inc. All Rights Reserved.
+
+SPDX-License-Identifier: Apache-2.0
+*/
+
+package walletrunner
+
+import (
+	"crypto/sha256"
+	"encoding/base64"
+	"encoding/hex"
+	"encoding/json"
+	"errors"
+	"fmt"
+	"strings"
+	"sync"
+
+	"github.com/hyperledger/aries-framework-go/component/models/presexch"
+	"github.com/hyperledger/aries-framework-go/component/models/verifiable"
+	"github.com/hyperledger/aries-framework-go/spi/storage"
+	"github.com/piprate/json-gold/ld"
+)
+
+type walletImpl struct {
+	credStore storage.Store
+	ldLoader  ld.DocumentLoader
+	storeLock sync.RWMutex
+}
+
+func (w *walletImpl) Open(string) string {
+	return "token"
+}
+
+func (w *walletImpl) Close() bool {
+	return true
+}
+
+const credentialTag = "credential"
+
+func (w *walletImpl) Add(content json.RawMessage) error {
+	key, err := getContentID(content)
+	if err != nil {
+		return err
+	}
+
+	w.storeLock.Lock()
+	defer w.storeLock.Unlock()
+
+	err = w.credStore.Put(key, content, storage.Tag{Name: credentialTag})
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+type contentID struct {
+	ID string `json:"id"`
+}
+
+func getContentID(content json.RawMessage) (string, error) {
+	key, err := getJWTContentID(string(content))
+	if err == nil && strings.TrimSpace(key) != "" {
+		return key, nil
+	}
+
+	var cid contentID
+	if err := json.Unmarshal(content, &cid); err != nil {
+		return "", fmt.Errorf("failed to read content to be saved : %w", err)
+	}
+
+	key = cid.ID
+	if strings.TrimSpace(key) == "" {
+		// use document hash as key to avoid duplicates if id is missing
+		digest := sha256.Sum256(content)
+
+		key = hex.EncodeToString(digest[0:])
+	}
+
+	return key, nil
+}
+
+type hasJTI struct {
+	JTI string `json:"jti"`
+}
+
+func getJWTContentID(jwtStr string) (string, error) {
+	parts := strings.Split(unQuote(jwtStr), ".")
+	if len(parts) != 3 { // nolint: gomnd
+		return "", nil // assume not a jwt
+	}
+
+	credBytes, err := base64.RawURLEncoding.DecodeString(parts[1])
+	if err != nil {
+		return "", fmt.Errorf("decode base64 JWT data: %w", err)
+	}
+
+	cred := &hasJTI{}
+
+	err = json.Unmarshal(credBytes, cred)
+	if err != nil {
+		return "", fmt.Errorf("failed to unmarshal JWT data: %w", err)
+	}
+
+	if cred.JTI == "" {
+		return "", fmt.Errorf("JWT data has no ID")
+	}
+
+	return cred.JTI, nil
+}
+
+func unQuote(s string) string {
+	if len(s) <= 1 {
+		return s
+	}
+
+	if s[0] == '"' && s[len(s)-1] == '"' {
+		return s[1 : len(s)-1]
+	}
+
+	return s
+}
+
+func (w *walletImpl) GetAll() (map[string]json.RawMessage, error) {
+	w.storeLock.RLock()
+	defer w.storeLock.RUnlock()
+
+	iter, err := w.credStore.Query(credentialTag)
+	if err != nil {
+		return nil, err
+	}
+
+	result := make(map[string]json.RawMessage)
+
+	for {
+		ok, err := iter.Next()
+		if err != nil {
+			return nil, err
+		}
+
+		if !ok {
+			break
+		}
+
+		key, err := iter.Key()
+		if err != nil {
+			return nil, err
+		}
+
+		val, err := iter.Value()
+		if err != nil {
+			return nil, err
+		}
+
+		result[key] = val
+	}
+
+	return result, nil
+}
+
+func (w *walletImpl) Query(pdBytes []byte) ([]*verifiable.Presentation, error) {
+	vcContents, err := w.GetAll()
+	if err != nil {
+		return nil, fmt.Errorf("failed to query credentials: %w", err)
+	}
+
+	if len(vcContents) == 0 {
+		return nil, errors.New("no result found")
+	}
+
+	creds, err := parseCredentialContents(vcContents, w.ldLoader)
+	if err != nil {
+		return nil, err
+	}
+
+	var presDefinition presexch.PresentationDefinition
+
+	err = json.Unmarshal(pdBytes, &presDefinition)
+	if err != nil {
+		return nil, err
+	}
+
+	result, err := presDefinition.CreateVP(creds, w.ldLoader, verifiable.WithDisabledProofCheck(),
+		verifiable.WithJSONLDDocumentLoader(w.ldLoader))
+
+	if errors.Is(err, presexch.ErrNoCredentials) {
+		return nil, errors.New("no result found")
+	}
+
+	if err != nil {
+		return nil, err
+	}
+
+	return []*verifiable.Presentation{result}, nil
+}
+
+func parseCredentialContents(
+	raws map[string]json.RawMessage,
+	documentLoader ld.DocumentLoader,
+) ([]*verifiable.Credential, error) {
+	var result []*verifiable.Credential
+
+	for _, raw := range raws {
+		vc, err := verifiable.ParseCredential(raw, verifiable.WithDisabledProofCheck(),
+			verifiable.WithJSONLDDocumentLoader(documentLoader))
+		if err != nil {
+			return nil, err
+		}
+
+		result = append(result, vc)
+	}
+
+	return result, nil
+}
diff --git a/component/wallet-cli/pkg/walletrunner/wallet_runner.go b/component/wallet-cli/pkg/walletrunner/wallet_runner.go
@@ -36,7 +36,6 @@ import (
 	"github.com/hyperledger/aries-framework-go/component/vdr/httpbinding"
 	"github.com/hyperledger/aries-framework-go/component/vdr/key"
 	"github.com/hyperledger/aries-framework-go/component/vdr/web"
-	"github.com/hyperledger/aries-framework-go/pkg/wallet"
 	kmsapi "github.com/hyperledger/aries-framework-go/spi/kms"
 	"github.com/hyperledger/aries-framework-go/spi/secretlock"
 	"github.com/hyperledger/aries-framework-go/spi/storage"
@@ -104,7 +103,7 @@ var extraContexts = []ldcontext.Document{ //nolint:gochecknoglobals
 
 type Service struct {
 	ariesServices  *ariesServices
-	wallet         *wallet.Wallet
+	wallet         Wallet
 	vcProvider     vcprovider.VCProvider
 	vcProviderConf *vcprovider.Config
 	httpClient     *http.Client

diff --git a/component/wallet-cli/pkg/walletrunner/wallet_runner_oidc4ci.go b/component/wallet-cli/pkg/walletrunner/wallet_runner_oidc4ci.go
@@ -27,7 +27,6 @@ import (
 	"github.com/hyperledger/aries-framework-go/component/models/jwt"
 	"github.com/hyperledger/aries-framework-go/component/models/verifiable"
 	didkey "github.com/hyperledger/aries-framework-go/component/vdr/key"
-	"github.com/hyperledger/aries-framework-go/pkg/wallet"
 	"github.com/samber/lo"
 	"golang.org/x/oauth2"
 
@@ -216,7 +215,7 @@ func (s *Service) RunOIDC4CI(config *OIDC4CIConfig, hooks *Hooks) error {
 	}
 
 	s.print("Adding credential to wallet")
-	if err = s.wallet.Add(s.vcProviderConf.WalletParams.Token, wallet.Credential, b); err != nil {
+	if err = s.wallet.Add(b); err != nil {
 		return fmt.Errorf("add credential: %w", err)
 	}
 
@@ -378,7 +377,7 @@ func (s *Service) RunOIDC4CIWalletInitiated(config *OIDC4CIConfig, hooks *Hooks)
 	}
 
 	s.print("Adding credential to wallet")
-	if err = s.wallet.Add(s.vcProviderConf.WalletParams.Token, wallet.Credential, b); err != nil {
+	if err = s.wallet.Add(b); err != nil {
 		return fmt.Errorf("add credential: %w", err)
 	}
 

diff --git a/component/wallet-cli/pkg/walletrunner/wallet_runner_oidc4ci_pre_auth.go b/component/wallet-cli/pkg/walletrunner/wallet_runner_oidc4ci_pre_auth.go
@@ -19,7 +19,6 @@ import (
 	"time"
 
 	"github.com/hyperledger/aries-framework-go/component/models/verifiable"
-	"github.com/hyperledger/aries-framework-go/pkg/wallet"
 	"github.com/samber/lo"
 	"golang.org/x/oauth2"
 
@@ -133,7 +132,7 @@ func (s *Service) RunOIDC4CIPreAuth(config *OIDC4CIConfig) (*verifiable.Credenti
 
 	s.print("Adding credential to wallet")
 
-	if err = s.wallet.Add(s.vcProviderConf.WalletParams.Token, wallet.Credential, b); err != nil {
+	if err = s.wallet.Add(b); err != nil {
 		return nil, fmt.Errorf("add credential to wallet: %w", err)
 	}