feat: return issuer uri in credential refresh response

docs/v1/openapi.yaml

@@ -1659,10 +1659,13 @@ components:
           type: string
           anyOf:
             - { }
+        issuerURI:
+          type: string
       x-tags:
         - refresh
       required:
         - verifiable_credential
+        - issuerURI
     DeprecatedComposeOIDC4CICredential:
       title: DeprecatedComposeOIDC4CICredential
       type: object

pkg/restapi/v1/refresh/controller.go

@@ -71,7 +71,8 @@ func (c *Controller) GetRefreshedCredential(
 	}
 
 	return ctx.JSON(http.StatusOK, GetRefreshedCredentialResp{
-		VerifiableCredential: resp,
+		VerifiableCredential: resp.Credential,
+		IssuerURI:            resp.IssuerURL,
 	})
 }
 

pkg/restapi/v1/refresh/controller_test.go

@@ -220,7 +220,10 @@ func TestGetRefreshedCredential(t *testing.T) {
 			Return(issuer, nil)
 
 		refreshSvc.EXPECT().GetRefreshedCredential(gomock.Any(), gomock.Any(), *issuer).
-			Return(signedRequestedCredentialsVP.Presentation.Credentials()[0], nil)
+			Return(&refresh2.GetRefreshedCredentialResponse{
+				Credential: signedRequestedCredentialsVP.Presentation.Credentials()[0],
+				IssuerURL:  "https://issuer.example.com/oidc/idp/profile-id/v1.0",
+			}, nil)
 
 		ctr := refresh.NewController(&refresh.Config{
 			ProfileService: profileSvc,

pkg/restapi/v1/refresh/interfaces.go

@@ -38,7 +38,7 @@ type CredentialRefreshService interface {
 		ctx context.Context,
 		presentation *verifiable.Presentation,
 		issuer profileapi.Issuer,
-	) (*verifiable.Credential, error)
+	) (*refresh.GetRefreshedCredentialResponse, error)
 }
 
 type ProofChecker interface {

pkg/service/refresh/refresh.go

@@ -11,6 +11,7 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
+	"net/url"
 	"time"
 
 	"github.com/davecgh/go-spew/spew"
@@ -110,7 +111,7 @@ func (s *Service) GetRefreshedCredential(
 	ctx context.Context,
 	presentation *verifiable.Presentation,
 	issuer profile.Issuer,
-) (*verifiable.Credential, error) {
+) (*GetRefreshedCredentialResponse, error) {
 	resultEvent := &Event{
 		WebHook:        issuer.WebHook,
 		ProfileID:      issuer.ID,
@@ -238,11 +239,19 @@ func (s *Service) GetRefreshedCredential(
 
 	if err != nil {
 		s.tryPublish(ctx, spi.CredentialRefreshFailed, resultEvent, string(tx.ID), err)
-	} else {
-		s.tryPublish(ctx, spi.CredentialRefreshSuccessful, resultEvent, string(tx.ID), nil)
+		return nil, err
+	}
+
+	issuerURL, _ := url.JoinPath(s.cfg.VcsAPIURL, "oidc/idp", tx.ProfileID, tx.ProfileVersion)
+
+	credentialResponse := &GetRefreshedCredentialResponse{
+		Credential: updatedCred,
+		IssuerURL:  issuerURL,
 	}
 
-	return updatedCred, err
+	s.tryPublish(ctx, spi.CredentialRefreshSuccessful, resultEvent, string(tx.ID), nil)
+
+	return credentialResponse, nil
 }
 
 func (s *Service) findCredentialTemplate(

pkg/service/refresh/refresh_test.go

@@ -178,6 +178,7 @@ func TestGetRefreshedCredential(t *testing.T) {
 			Return(errors.New("ignored"))
 
 		srv := refresh.NewRefreshService(&refresh.Config{
+			VcsAPIURL:              "https://issuer.example.com/",
 			PresentationVerifier:   verifier,
 			TxStore:                txStore,
 			ClaimsStore:            claimStore,
@@ -224,7 +225,9 @@ func TestGetRefreshedCredential(t *testing.T) {
 			Return(&issuecredential.Transaction{
 				ID: "some-id",
 				TransactionData: issuecredential.TransactionData{
-					DID: "some-did",
+					DID:            "some-did",
+					ProfileID:      "profile-id",
+					ProfileVersion: "v1.0",
 					CredentialConfiguration: []*issuecredential.TxCredentialConfiguration{
 						{
 							ClaimDataID: "some-claim-id",
@@ -268,9 +271,11 @@ func TestGetRefreshedCredential(t *testing.T) {
 				return nil, nil, nil
 			})
 
-		cred, err := srv.GetRefreshedCredential(context.TODO(), signedRequestedCredentialsVP.Presentation, targetIssuer)
+		credentialResponse, err := srv.GetRefreshedCredential(context.TODO(), signedRequestedCredentialsVP.Presentation,
+			targetIssuer)
 		assert.NoError(t, err)
-		assert.Equal(t, cred, targetCred)
+		assert.Equal(t, credentialResponse.Credential, targetCred)
+		assert.Equal(t, credentialResponse.IssuerURL, "https://issuer.example.com/oidc/idp/profile-id/v1.0")
 	})
 
 	t.Run("issue err", func(t *testing.T) {
@@ -378,9 +383,10 @@ func TestGetRefreshedCredential(t *testing.T) {
 				return nil, nil, nil
 			})
 
-		cred, err := srv.GetRefreshedCredential(context.TODO(), signedRequestedCredentialsVP.Presentation, targetIssuer)
+		credentialResponse, err := srv.GetRefreshedCredential(context.TODO(), signedRequestedCredentialsVP.Presentation,
+			targetIssuer)
 		assert.ErrorContains(t, err, "failed to issue credential")
-		assert.Nil(t, cred)
+		assert.Nil(t, credentialResponse)
 	})
 
 	t.Run("prepare err", func(t *testing.T) {
@@ -475,8 +481,9 @@ func TestGetRefreshedCredential(t *testing.T) {
 				return nil, nil, nil
 			})
 
-		cred, err := srv.GetRefreshedCredential(context.TODO(), signedRequestedCredentialsVP.Presentation, targetIssuer)
+		credentialResponse, err := srv.GetRefreshedCredential(context.TODO(), signedRequestedCredentialsVP.Presentation,
+			targetIssuer)
 		assert.ErrorContains(t, err, "failed to prepare credential")
-		assert.Nil(t, cred)
+		assert.Nil(t, credentialResponse)
 	})
 }

pkg/service/refresh/types.go

@@ -2,6 +2,7 @@ package refresh
 
 import (
 	"github.com/trustbloc/vc-go/presexch"
+	"github.com/trustbloc/vc-go/verifiable"
 
 	"github.com/trustbloc/vcs/pkg/profile"
 )
@@ -22,6 +23,11 @@ type GetRefreshStateResponse struct {
 	RefreshServiceType            ServiceType                   `json:"refreshServiceType"`
 }
 
+type GetRefreshedCredentialResponse struct {
+	Credential *verifiable.Credential
+	IssuerURL  string
+}
+
 type Event struct {
 	WebHook        string `json:"webHook,omitempty"`
 	ProfileID      string `json:"profileID,omitempty"`