Support more oob exchanges with attachments (#796)

* issue oob credential v2 with attachment

Signed-off-by: Philipp Etschel <[email protected]>

* refactoring to render presentation-request only. moved common code into base class.

Signed-off-by: Philipp Etschel <[email protected]>

* wired flow in the controller

Signed-off-by: Philipp Etschel <[email protected]>

* formater

Signed-off-by: Philipp Etschel <[email protected]>

* updated backend types

Signed-off-by: Philipp Etschel <[email protected]>

* added path for dif oob exchange

Signed-off-by: Philipp Etschel <[email protected]>

* renamed class

Signed-off-by: Philipp Etschel <[email protected]>

* using base cred ex record

Signed-off-by: Philipp Etschel <[email protected]>

* added maintainers.md

Signed-off-by: Philipp Etschel <[email protected]>

* new client release

Signed-off-by: Philipp Etschel <[email protected]>

* formatter

Signed-off-by: Philipp Etschel <[email protected]>

* rollback version, needs fixing the testcontainers setup

Signed-off-by: Philipp Etschel <[email protected]>

* revert part2

Signed-off-by: Philipp Etschel <[email protected]>

* updated readme and fixed swagger comments

Signed-off-by: Philipp Etschel <[email protected]>

MAINTAINERS.md

@@ -0,0 +1,8 @@
+## Maintainers
+
+### Active Maintainers
+| name               | Github                                             | Discord        |
+|--------------------|----------------------------------------------------|----------------|
+| Philipp Etschel    | [@etschelp](https://github.com/etschelp)           | etschelp#7436  |
+| Tim Schlagenhaufer | [@schlagtim](https://github.com/schlagtim)         | schlagtim#1600 |
+| Driton Goxhufi     | [@DritonGoxhufi](https://github.com/DritonGoxhufi) | Driton#1353    |

backend/business-partner-agent/pom.xml

@@ -112,7 +112,7 @@
         <dependency><!-- Overwrite for jakarta-annotations-api -->
             <groupId>org.apache.tomcat</groupId>
             <artifactId>tomcat-annotations-api</artifactId>
-            <version>10.1.0-M16</version>
+            <version>10.1.0-M17</version>
         </dependency>
 
         <!-- Logging -->
@@ -133,7 +133,7 @@
         <dependency>
             <groupId>network.idu.acapy</groupId>
             <artifactId>aries-client-python</artifactId>
-            <version>0.7.26</version>
+            <version>0.7.27</version>
         </dependency>
         <dependency>
             <groupId>org.hyperledger.business-partner-agent</groupId>
@@ -452,7 +452,7 @@
                     <plugin>
                         <groupId>org.apache.maven.plugins</groupId>
                         <artifactId>maven-resources-plugin</artifactId>
-                        <version>3.2.0</version>
+                        <version>3.3.0</version>
                         <executions>
                             <execution>
                                 <id>copy-frontend-resources</id>

backend/business-partner-agent/src/main/java/org/hyperledger/bpa/controller/AdminController.java

@@ -287,6 +287,8 @@ public HttpResponse<Void> registerEndpoints(@Body TAADigestRequest tAADigest) {
     }
 
     /**
+     * Returns true if a TAA needs to be accepted before writing to the ledger
+     *
      * @return true if endpoint registration is required
      */
     @Get("/endpoints/registrationRequired")

backend/business-partner-agent/src/main/java/org/hyperledger/bpa/controller/InvitationController.java

@@ -18,15 +18,16 @@
 package org.hyperledger.bpa.controller;
 
 import io.micronaut.http.HttpResponse;
+import io.micronaut.http.HttpStatus;
 import io.micronaut.http.MutableHttpResponse;
-import io.micronaut.http.annotation.Body;
-import io.micronaut.http.annotation.Controller;
-import io.micronaut.http.annotation.Post;
+import io.micronaut.http.annotation.*;
 import io.micronaut.scheduling.TaskExecutors;
 import io.micronaut.scheduling.annotation.ExecuteOn;
 import io.micronaut.security.annotation.Secured;
 import io.micronaut.security.rules.SecurityRule;
 import io.micronaut.validation.Validated;
+import io.swagger.v3.oas.annotations.Hidden;
+import io.swagger.v3.oas.annotations.responses.ApiResponse;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import jakarta.inject.Inject;
 import lombok.extern.slf4j.Slf4j;
@@ -35,18 +36,26 @@
 import org.hyperledger.bpa.controller.api.invitation.CheckInvitationRequest;
 import org.hyperledger.bpa.controller.api.partner.CreatePartnerInvitationRequest;
 import org.hyperledger.bpa.impl.aries.connection.ConnectionManager;
+import org.hyperledger.bpa.impl.oob.OOBCredentialOffer;
+
+import java.util.UUID;
 
 @Slf4j
-@Controller("/api/invitations")
+@Controller(InvitationController.INVITATION_CONTROLLER_BASE_URL)
 @Tag(name = "Invitation Management")
 @Validated
 @Secured(SecurityRule.IS_AUTHENTICATED)
 @ExecuteOn(TaskExecutors.IO)
 public class InvitationController {
 
+    public static final String INVITATION_CONTROLLER_BASE_URL = "/api/invitations";
+
     @Inject
     ConnectionManager cm;
 
+    @Inject
+    OOBCredentialOffer offerManager;
+
     /**
      * Check invitation (receive)
      *
@@ -82,4 +91,21 @@ public HttpResponse<APICreateInvitationResponse> requestConnectionInvitation(
         return HttpResponse.ok(cm.createConnectionInvitation(req));
     }
 
+    /**
+     * Handle OOB credential/presentation exchange with attachment step 2 - redirect
+     * with encoded attachment
+     *
+     * @param id {@link UUID}
+     * @return Redirect with encoded credential-offer/presentation-request
+     *         attachment in the location header
+     */
+    @Secured(SecurityRule.IS_ANONYMOUS)
+    @Hidden
+    @ApiResponse(responseCode = "301", description = "Redirect with encoded credential offer in the location header")
+    @Get("/oob-attachment/{id}")
+    public HttpResponse<Object> handleConnectionLess(@PathVariable UUID id) {
+        return HttpResponse.status(HttpStatus.MOVED_PERMANENTLY).header("location",
+                offerManager.handleConnectionLess(id));
+    }
+
 }

backend/business-partner-agent/src/main/java/org/hyperledger/bpa/controller/IssuerController.java

@@ -21,16 +21,13 @@
 import io.micronaut.data.model.Page;
 import io.micronaut.data.model.Pageable;
 import io.micronaut.http.HttpResponse;
-import io.micronaut.http.HttpStatus;
 import io.micronaut.http.annotation.*;
 import io.micronaut.scheduling.TaskExecutors;
 import io.micronaut.scheduling.annotation.ExecuteOn;
 import io.micronaut.security.annotation.Secured;
 import io.micronaut.security.rules.SecurityRule;
 import io.micronaut.validation.Validated;
-import io.swagger.v3.oas.annotations.Hidden;
 import io.swagger.v3.oas.annotations.Parameter;
-import io.swagger.v3.oas.annotations.responses.ApiResponse;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import jakarta.inject.Inject;
 import org.hyperledger.aries.api.issue_credential_v1.CredentialExchangeRole;
@@ -40,16 +37,14 @@
 import org.hyperledger.bpa.controller.api.issuer.*;
 import org.hyperledger.bpa.impl.aries.creddef.CredDefManager;
 import org.hyperledger.bpa.impl.aries.credential.IssuerManager;
-import org.hyperledger.bpa.impl.aries.credential.OOBCredentialOffer;
 import org.hyperledger.bpa.impl.aries.schema.SchemaService;
+import org.hyperledger.bpa.impl.oob.OOBCredentialOffer;
 
 import javax.validation.Valid;
 import java.util.List;
 import java.util.UUID;
 
-import static org.hyperledger.bpa.controller.IssuerController.ISSUER_CONTROLLER_BASE_URL;
-
-@Controller(ISSUER_CONTROLLER_BASE_URL)
+@Controller(IssuerController.ISSUER_CONTROLLER_BASE_URL)
 @Tag(name = "Credential Issuance Management")
 @Validated
 @Secured(SecurityRule.IS_AUTHENTICATED)
@@ -104,7 +99,7 @@ public HttpResponse<CredDef> createCredDef(@Body CreateCredDefRequest req) {
     }
 
     /**
-     * Delete a indy credential definition (will not delete it from the ledger)
+     * Delete an indy credential definition (will not delete it from the ledger)
      *
      * @param id {@link UUID} the cred def id
      * @return {@link HttpResponse}
@@ -142,21 +137,6 @@ public HttpResponse<APICreateInvitationResponse> issueCredentialConnectionLess(
         return HttpResponse.ok(connectionLess.issueConnectionLess(req));
     }
 
-    /**
-     * Issue OOB credential step 2 - redirect with encoded offer
-     *
-     * @param id {@link UUID}
-     * @return Redirect with encoded credential offer in the location header
-     */
-    @Secured(SecurityRule.IS_ANONYMOUS)
-    @Hidden
-    @ApiResponse(responseCode = "301", description = "Redirect with encoded credential offer in the location header")
-    @Get("/issue-credential/oob-attachment/{id}")
-    public HttpResponse<Object> handleConnectionLess(@PathVariable UUID id) {
-        return HttpResponse.status(HttpStatus.MOVED_PERMANENTLY).header("location",
-                connectionLess.handleConnectionLess(id));
-    }
-
     /**
      * List issued or received credentials
      *

backend/business-partner-agent/src/main/java/org/hyperledger/bpa/controller/ProofExchangeController.java

@@ -33,12 +33,15 @@
 import org.hyperledger.bpa.api.aries.AriesProofExchange;
 import org.hyperledger.bpa.api.exception.WrongApiUsageException;
 import org.hyperledger.bpa.config.BPAMessageSource;
+import org.hyperledger.bpa.controller.api.invitation.APICreateInvitationResponse;
 import org.hyperledger.bpa.controller.api.issuer.DeclineExchangeRequest;
 import org.hyperledger.bpa.controller.api.partner.ApproveProofRequest;
 import org.hyperledger.bpa.controller.api.partner.RequestProofRequest;
 import org.hyperledger.bpa.controller.api.partner.SendProofRequest;
 import org.hyperledger.bpa.controller.api.proof.PresentationRequestCredentialsIndy;
+import org.hyperledger.bpa.controller.api.proof.RequestOOBPresentationRequest;
 import org.hyperledger.bpa.impl.aries.proof.ProofManager;
+import org.hyperledger.bpa.impl.oob.OOBPresentationRequest;
 
 import javax.validation.Valid;
 import java.util.List;
@@ -55,12 +58,15 @@ public class ProofExchangeController {
     @Inject
     ProofManager proofM;
 
+    @Inject
+    OOBPresentationRequest oob;
+
     @Inject
     BPAMessageSource.DefaultMessageSource msg;
 
     /**
-     * Manual proof exchange flow. Get matching wallet credentials before sending or
-     * declining the proof request.
+     * Manual proof exchange flow: Get matching indy credentials before sending or
+     * declining the proof request
      *
      * @param id {@link UUID} the presentationExchangeId
      * @return list of {@link PresentationRequestCredentialsIndy}
@@ -70,13 +76,20 @@ public HttpResponse<List<PresentationRequestCredentialsIndy>> getMatchingCredent
         return HttpResponse.ok(proofM.getMatchingIndyCredentials(id));
     }
 
+    /**
+     * Manual proof exchange flow: Get matching w3c credentials before sending or
+     * declining the proof request
+     *
+     * @param id {@link UUID} the presentationExchangeId
+     * @return list of {@link PresentationRequestCredentialsIndy}
+     */
     @Get("/{id}/matching-credentials-ld")
     public HttpResponse<List<PresentationRequestCredentialsIndy>> getMatchingLDCredentials(@PathVariable UUID id) {
         return HttpResponse.ok(proofM.getMatchingLDCredentials(id));
     }
 
     /**
-     * Manual proof exchange flow. Answer ProofRequest with matching attributes
+     * Manual proof exchange flow: Answer ProofRequest with matching attributes
      *
      * @param id  {@link UUID} the presentationExchangeId
      * @param req {@link ApproveProofRequest}
@@ -89,7 +102,7 @@ public HttpResponse<Void> responseToProofRequest(@PathVariable UUID id, @Body @N
     }
 
     /**
-     * Manual proof exchange flow. Reject ProofRequest received from a partner
+     * Manual proof exchange flow: Reject ProofRequest received from a partner
      *
      * @param id  {@link UUID} the presentationExchangeId
      * @param req {@link DeclineExchangeRequest}
@@ -122,6 +135,19 @@ public HttpResponse<Void> requestProof(
         return HttpResponse.ok();
     }
 
+    /**
+     * OOB presentation request step 1 - prepares presentation request and returns
+     * URL for use within the barcode
+     *
+     * @param req {@link RequestOOBPresentationRequest}
+     * @return {@link APICreateInvitationResponse}
+     */
+    @Post("/proof-request/oob-attachment")
+    public HttpResponse<APICreateInvitationResponse> connectionLessPresentationRequest(
+            @Valid @Body RequestOOBPresentationRequest req) {
+        return HttpResponse.ok(oob.requestConnectionLess(req));
+    }
+
     /**
      * Send proof to partner
      *

backend/business-partner-agent/src/main/java/org/hyperledger/bpa/controller/ProofTemplateController.java

@@ -35,7 +35,6 @@
 
 import javax.validation.Valid;
 import java.util.List;
-import java.util.Optional;
 import java.util.Set;
 import java.util.UUID;
 import java.util.stream.Collectors;
@@ -71,12 +70,7 @@ public HttpResponse<List<ProofTemplate>> listProofTemplates() {
      */
     @Get("/{id}")
     public HttpResponse<ProofTemplate> getProofTemplateForId(@PathVariable UUID id) {
-        Optional<BPAProofTemplate> proofTemplate = proofTemplateManager.getProofTemplate(id);
-        if (proofTemplate.isPresent()) {
-            return HttpResponse.ok(proofTemplate.get().toRepresentation());
-        } else {
-            return HttpResponse.notFound();
-        }
+        return HttpResponse.ok(proofTemplateManager.findProofTemplate(id).toRepresentation());
     }
 
     /**

backend/business-partner-agent/src/main/java/org/hyperledger/bpa/controller/WalletController.java

@@ -27,7 +27,6 @@
 import io.micronaut.security.annotation.Secured;
 import io.micronaut.security.rules.SecurityRule;
 import io.micronaut.validation.Validated;
-import io.swagger.v3.oas.annotations.media.Schema;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import jakarta.inject.Inject;
 import org.hyperledger.bpa.api.CredentialType;
@@ -68,7 +67,6 @@ public class WalletController {
      * @return list of {@link MyDocumentAPI}
      */
     @Get("/document{?pc*}")
-    @Schema(implementation = Page.class)
     public HttpResponse<Page<MyDocumentAPI>> getDocuments(@Valid @Nullable PaginationCommand pc) {
         return HttpResponse.ok(docMgmt.getMyDocuments(
                 pc != null ? pc.toPageable() : Pageable.unpaged(),

backend/business-partner-agent/src/main/java/org/hyperledger/bpa/controller/api/ExchangeVersionTranslator.java

@@ -0,0 +1,36 @@
+/*
+ * Copyright (c) 2020-2022 - for information on the respective copyright owner
+ * see the NOTICE file and/or the repository at
+ * https://github.com/hyperledger-labs/business-partner-agent
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.hyperledger.bpa.controller.api;
+
+import com.fasterxml.jackson.annotation.JsonIgnore;
+import org.hyperledger.aries.api.ExchangeVersion;
+
+public interface ExchangeVersionTranslator {
+
+    ExchangeVersion getExchangeVersion();
+
+    @JsonIgnore
+    default boolean exchangeIsV1() {
+        return getExchangeVersion() == null || ExchangeVersion.V1.equals(getExchangeVersion());
+    }
+
+    @JsonIgnore
+    default boolean exchangeIsV2() {
+        return ExchangeVersion.V2.equals(getExchangeVersion());
+    }
+}

backend/business-partner-agent/src/main/java/org/hyperledger/bpa/controller/api/WebSocketMessageBody.java

@@ -20,6 +20,7 @@
 import io.micronaut.core.annotation.Nullable;
 import lombok.*;
 import org.hyperledger.bpa.api.PartnerAPI;
+import org.hyperledger.bpa.controller.api.partner.PartnerMessage;
 import org.hyperledger.bpa.persistence.model.ChatMessage;
 
 /**

backend/business-partner-agent/src/main/java/org/hyperledger/bpa/controller/api/issuer/CredEx.java

@@ -26,6 +26,7 @@
 import org.hyperledger.bpa.api.CredentialType;
 import org.hyperledger.bpa.api.PartnerAPI;
 import org.hyperledger.bpa.api.aries.SchemaAPI;
+import org.hyperledger.bpa.controller.api.ExchangeVersionTranslator;
 import org.hyperledger.bpa.persistence.model.BPACredentialExchange;
 
 import java.util.Map;
@@ -35,7 +36,7 @@
 @Builder
 @NoArgsConstructor
 @AllArgsConstructor
-public class CredEx {
+public class CredEx implements ExchangeVersionTranslator {
 
     private UUID id;
     private Long createdAt;

backend/business-partner-agent/src/main/java/org/hyperledger/bpa/controller/api/issuer/IssueCredentialRequest.java

@@ -27,6 +27,7 @@
 import lombok.experimental.SuperBuilder;
 import org.hyperledger.aries.api.ExchangeVersion;
 import org.hyperledger.bpa.api.CredentialType;
+import org.hyperledger.bpa.controller.api.ExchangeVersionTranslator;
 
 import javax.validation.constraints.NotBlank;
 import java.util.UUID;
@@ -68,17 +69,14 @@ public abstract class IssueCredentialRequest {
     @NoArgsConstructor
     @EqualsAndHashCode(callSuper = true)
     @ToString(callSuper = true)
-    public static final class IssueIndyCredentialRequest extends IssueCredentialRequest {
+    public static final class IssueIndyCredentialRequest extends IssueCredentialRequest
+            implements ExchangeVersionTranslator {
 
         @NotBlank
         private UUID credDefId;
 
         /** credential exchange api version */
         private ExchangeVersion exchangeVersion;
-
-        public boolean exchangeIsV1() {
-            return exchangeVersion == null || ExchangeVersion.V1.equals(exchangeVersion);
-        }
     }
 
     @Introspected