feat: unit tests

Signed-off-by: Mykhailo Sizov <[email protected]>

pkg/observability/tracing/wrappers/oidc4ci/oidc4ci_wrapper.go

@@ -44,8 +44,8 @@ func (w *Wrapper) InitiateIssuance(
 	span.SetAttributes(attribute.String("profile_id", profile.ID))
 	span.SetAttributes(attributeutil.JSON("initiate_issuance_request", req, attributeutil.WithRedacted("ClaimData")))
 
-	if req.ClaimData != nil {
-		span.SetAttributes(attribute.StringSlice("claim_keys", lo.Keys(req.ClaimData)))
+	if len(req.ClaimData) > 0 { //nolint:staticcheck
+		span.SetAttributes(attribute.StringSlice("claim_keys", lo.Keys(req.ClaimData))) //nolint:staticcheck
 	}
 
 	resp, err := w.svc.InitiateIssuance(ctx, req, profile)

pkg/observability/tracing/wrappers/oidc4ci/oidc4ci_wrapper_test.go

@@ -41,7 +41,7 @@ func TestWrapper_PushAuthorizationDetails(t *testing.T) {
 	ctrl := gomock.NewController(t)
 
 	svc := NewMockService(ctrl)
-	svc.EXPECT().PushAuthorizationDetails(gomock.Any(), "opState", &oidc4ci.AuthorizationDetails{}).Times(1)
+	svc.EXPECT().PushAuthorizationDetails(gomock.Any(), "opState", []*oidc4ci.AuthorizationDetails{{}}).Times(1)
 
 	w := Wrap(svc, trace.NewNoopTracerProvider().Tracer(""))
 

pkg/restapi/v1/issuer/controller.go

@@ -457,7 +457,7 @@ func (c *Controller) initiateIssuance(
 			issuanceReq.CredentialConfiguration[credentialConfigurationID] = oidc4ci.InitiateIssuanceCredentialConfiguration{
 				ClaimData:             lo.FromPtr(multiCredentialIssuance.ClaimData),
 				ClaimEndpoint:         lo.FromPtr(multiCredentialIssuance.ClaimEndpoint),
-				CredentialTemplateId:  lo.FromPtr(multiCredentialIssuance.CredentialTemplateId),
+				CredentialTemplateID:  lo.FromPtr(multiCredentialIssuance.CredentialTemplateId),
 				CredentialExpiresAt:   multiCredentialIssuance.CredentialExpiresAt,
 				CredentialName:        lo.FromPtr(multiCredentialIssuance.CredentialName),
 				CredentialDescription: lo.FromPtr(multiCredentialIssuance.CredentialDescription),
@@ -781,12 +781,17 @@ func (c *Controller) prepareCredential(
 				errors.New("credentials should not be nil"))
 		}
 
-		if err := c.validateClaims(credentialData.Credential, credentialData.CredentialTemplate, credentialData.EnforceStrictValidation); err != nil {
+		if err := c.validateClaims(
+			credentialData.Credential,
+			credentialData.CredentialTemplate,
+			credentialData.EnforceStrictValidation,
+		); err != nil {
 			return nil, resterr.NewCustomError(resterr.ClaimsValidationErr, err)
 		}
 
 		if err := validateCredentialResponseEncryption(profile, requestedCredentialResponseEncryption[index]); err != nil {
-			return nil, resterr.NewValidationError(resterr.OIDCInvalidEncryptionParameters, "credential_response_encryption", err)
+			return nil, resterr.NewValidationError(resterr.OIDCInvalidEncryptionParameters,
+				"credential_response_encryption", err)
 		}
 
 		signedCredential, err := c.signCredential(

pkg/restapi/v1/issuer/controller_test.go

@@ -810,7 +810,7 @@ func TestController_InitiateCredentialIssuance(t *testing.T) {
 						"key2": "value2",
 					},
 					ClaimEndpoint:         "https://vcs.pb.example.com/claim2",
-					CredentialTemplateId:  "templateID1",
+					CredentialTemplateID:  "templateID1",
 					CredentialExpiresAt:   now,
 					CredentialName:        "name2",
 					CredentialDescription: "description2",
@@ -819,7 +819,8 @@ func TestController_InitiateCredentialIssuance(t *testing.T) {
 		}
 
 		mockProfileSvc.EXPECT().GetProfile(profileID, profileVersion).Times(1).Return(issuerProfile, nil)
-		mockOIDC4CISvc.EXPECT().InitiateIssuance(gomock.Any(), expectedInitiateIssuanceReq, issuerProfile).Times(1).Return(resp, nil)
+		mockOIDC4CISvc.EXPECT().InitiateIssuance(gomock.Any(), expectedInitiateIssuanceReq, issuerProfile).
+			Times(1).Return(resp, nil)
 		mockEventSvc.EXPECT().Publish(gomock.Any(), spi.IssuerEventTopic, gomock.Any()).Times(0)
 
 		controller := NewController(&Config{
@@ -1296,7 +1297,8 @@ func TestController_PrepareAuthorizationRequest(t *testing.T) {
 		}
 
 		ctx := echoContext(withRequestBody([]byte(`{{`)))
-		assert.ErrorContains(t, c.PrepareAuthorizationRequest(ctx), "invalid character '{' looking for beginning of object key string")
+		assert.ErrorContains(t, c.PrepareAuthorizationRequest(ctx),
+			"invalid character '{' looking for beginning of object key string")
 	})
 
 	t.Run("invalid authorization_details.type", func(t *testing.T) {

pkg/restapi/v1/oidc4ci/controller.go

@@ -921,7 +921,7 @@ func (c *Controller) OidcCredential(e echo.Context) error { //nolint:funlen
 }
 
 // OidcBatchCredential handles OIDC batch credential request (POST /oidc/batch_credential).
-func (c *Controller) OidcBatchCredential(e echo.Context) error {
+func (c *Controller) OidcBatchCredential(e echo.Context) error { //nolint:funlen,gocognit
 	req := e.Request()
 
 	ctx, span := c.tracer.Start(req.Context(), "OidcBatchCredential")
@@ -934,7 +934,8 @@ func (c *Controller) OidcBatchCredential(e echo.Context) error {
 	}
 
 	for _, cr := range credentialReq.CredentialRequests {
-		if err := validateCredentialRequest(e, &cr); err != nil {
+		credentialRequest := cr
+		if err := validateCredentialRequest(e, &credentialRequest); err != nil {
 			return err
 		}
 	}
@@ -960,24 +961,25 @@ func (c *Controller) OidcBatchCredential(e echo.Context) error {
 
 	var did, aud string
 	for _, cr := range credentialReq.CredentialRequests {
-		did, aud, err = c.HandleProof(ar.GetClient().GetID(), &cr, session)
+		credentialRequest := cr
+		did, aud, err = c.HandleProof(ar.GetClient().GetID(), &credentialRequest, session)
 		if err != nil {
 			return fmt.Errorf("handle proof: %w", err)
 		}
 
 		prepareCredential := issuer.PrepareCredentialBase{
 			AudienceClaim:                         aud,
 			Did:                                   &did,
-			Format:                                cr.Format,
+			Format:                                credentialRequest.Format,
 			HashedToken:                           hashToken(token),
-			Types:                                 cr.Types,
+			Types:                                 credentialRequest.Types,
 			RequestedCredentialResponseEncryption: nil,
 		}
 
 		if cr.CredentialResponseEncryption != nil {
 			prepareCredential.RequestedCredentialResponseEncryption = &issuer.RequestedCredentialResponseEncryption{
-				Alg: cr.CredentialResponseEncryption.Alg,
-				Enc: cr.CredentialResponseEncryption.Enc,
+				Alg: credentialRequest.CredentialResponseEncryption.Alg,
+				Enc: credentialRequest.CredentialResponseEncryption.Enc,
 			}
 		}
 
@@ -1055,8 +1057,6 @@ func (c *Controller) OidcBatchCredential(e echo.Context) error {
 	}
 
 	return apiUtil.WriteOutput(e)(credentialResponseBatch, nil)
-
-	return nil
 }
 
 func parsePrepareCredentialErrorResponse(resp *http.Response) error {
@@ -1085,7 +1085,7 @@ func parsePrepareCredentialErrorResponse(resp *http.Response) error {
 	return finalErr
 }
 
-func validateCredentialRequest(e echo.Context, req *CredentialRequest) error {
+func validateCredentialRequest(_ echo.Context, req *CredentialRequest) error {
 	_, err := common.ValidateVCFormat(common.VCFormat(lo.FromPtr(req.Format)))
 	if err != nil {
 		return resterr.NewOIDCError(invalidRequestOIDCErr, err)

pkg/restapi/v1/util/validate.go

@@ -8,10 +8,10 @@ package util
 
 import (
 	"errors"
-	vcsverifiable "github.com/trustbloc/vcs/pkg/doc/verifiable"
 
 	"github.com/samber/lo"
 
+	vcsverifiable "github.com/trustbloc/vcs/pkg/doc/verifiable"
 	"github.com/trustbloc/vcs/pkg/restapi/resterr"
 	"github.com/trustbloc/vcs/pkg/restapi/v1/common"
 	"github.com/trustbloc/vcs/pkg/service/oidc4ci"

pkg/restapi/v1/util/validate_test.go

@@ -13,6 +13,7 @@ import (
 
 	"github.com/samber/lo"
 
+	vcsverifiable "github.com/trustbloc/vcs/pkg/doc/verifiable"
 	"github.com/trustbloc/vcs/pkg/restapi/v1/common"
 	"github.com/trustbloc/vcs/pkg/restapi/v1/util"
 	"github.com/trustbloc/vcs/pkg/service/oidc4ci"
@@ -25,7 +26,7 @@ func TestValidateAuthorizationDetails(t *testing.T) {
 	tests := []struct {
 		name          string
 		args          args
-		want          *oidc4ci.AuthorizationDetails
+		want          []*oidc4ci.AuthorizationDetails
 		wantErr       bool
 		errorContains string
 	}{
@@ -40,14 +41,30 @@ func TestValidateAuthorizationDetails(t *testing.T) {
 						CredentialDefinition:      nil,
 						Format:                    nil,
 					},
+					{
+						CredentialConfigurationId: lo.ToPtr("PermanentResidentCard"),
+						Locations:                 lo.ToPtr([]string{"https://example.com/rs1", "https://example.com/rs2"}),
+						Type:                      "openid_credential",
+						CredentialDefinition:      nil,
+						Format:                    nil,
+					},
 				},
 			},
-			want: &oidc4ci.AuthorizationDetails{
-				Type:                      "openid_credential",
-				Locations:                 []string{"https://example.com/rs1", "https://example.com/rs2"},
-				CredentialConfigurationID: "UniversityDegreeCredential",
-				Format:                    "",
-				CredentialDefinition:      nil,
+			want: []*oidc4ci.AuthorizationDetails{
+				{
+					Type:                      "openid_credential",
+					Locations:                 []string{"https://example.com/rs1", "https://example.com/rs2"},
+					CredentialConfigurationID: "UniversityDegreeCredential",
+					Format:                    "",
+					CredentialDefinition:      nil,
+				},
+				{
+					Type:                      "openid_credential",
+					Locations:                 []string{"https://example.com/rs1", "https://example.com/rs2"},
+					CredentialConfigurationID: "PermanentResidentCard",
+					Format:                    "",
+					CredentialDefinition:      nil,
+				},
 			},
 			wantErr:       false,
 			errorContains: "",
@@ -69,39 +86,51 @@ func TestValidateAuthorizationDetails(t *testing.T) {
 						},
 						Format: lo.ToPtr("jwt_vc_json"),
 					},
-				},
-			},
-			want: &oidc4ci.AuthorizationDetails{
-				Type:                      "openid_credential",
-				Locations:                 []string{"https://example.com/rs1", "https://example.com/rs2"},
-				CredentialConfigurationID: "",
-				Format:                    "jwt",
-				CredentialDefinition: &oidc4ci.CredentialDefinition{
-					Context: []string{"https://example.com/context/1", "https://example.com/context/2"},
-					CredentialSubject: map[string]interface{}{
-						"key": "value",
+					{
+						CredentialConfigurationId: nil,
+						Locations:                 lo.ToPtr([]string{"https://example.com/rs1", "https://example.com/rs2"}),
+						Type:                      "openid_credential",
+						CredentialDefinition: &common.CredentialDefinition{
+							Context: lo.ToPtr([]string{"https://example.com/context/1", "https://example.com/context/2"}),
+							CredentialSubject: lo.ToPtr(map[string]interface{}{
+								"key": "value",
+							}),
+							Type: []string{"VerifiableCredential", "PermanentResidentCard"},
+						},
+						Format: lo.ToPtr("jwt_vc_json"),
 					},
-					Type: []string{"VerifiableCredential", "UniversityDegreeCredential"},
 				},
 			},
-			wantErr:       false,
-			errorContains: "",
-		},
-		{
-			name: "Error multiple authorization details supplied",
-			args: args{
-				ad: []common.AuthorizationDetails{
-					{
-						Type: "unknown",
+			want: []*oidc4ci.AuthorizationDetails{
+				{
+					Type:                      "openid_credential",
+					Locations:                 []string{"https://example.com/rs1", "https://example.com/rs2"},
+					CredentialConfigurationID: "",
+					Format:                    vcsverifiable.OIDCFormat("jwt_vc_json"),
+					CredentialDefinition: &oidc4ci.CredentialDefinition{
+						Context: []string{"https://example.com/context/1", "https://example.com/context/2"},
+						CredentialSubject: map[string]interface{}{
+							"key": "value",
+						},
+						Type: []string{"VerifiableCredential", "UniversityDegreeCredential"},
 					},
-					{
-						Type: "unknown",
+				},
+				{
+					Type:                      "openid_credential",
+					Locations:                 []string{"https://example.com/rs1", "https://example.com/rs2"},
+					CredentialConfigurationID: "",
+					Format:                    vcsverifiable.OIDCFormat("jwt_vc_json"),
+					CredentialDefinition: &oidc4ci.CredentialDefinition{
+						Context: []string{"https://example.com/context/1", "https://example.com/context/2"},
+						CredentialSubject: map[string]interface{}{
+							"key": "value",
+						},
+						Type: []string{"VerifiableCredential", "PermanentResidentCard"},
 					},
 				},
 			},
-			want:          nil,
-			wantErr:       true,
-			errorContains: "oidc-error: only single authorization_details supported",
+			wantErr:       false,
+			errorContains: "",
 		},
 		{
 			name: "Error invalid type",

pkg/service/oidc4ci/api.go

@@ -63,9 +63,8 @@ type TransactionStore transactionStore
 
 // TransactionData is the transaction data stored in the underlying storage.
 type TransactionData struct {
-	ProfileID      profileapi.ID
-	ProfileVersion profileapi.Version
-	//CredentialFormat                   vcsverifiable.Format // Format, that represents issued VC format (JWT, LDP).
+	ProfileID                          profileapi.ID
+	ProfileVersion                     profileapi.Version
 	IsPreAuthFlow                      bool
 	PreAuthCode                        string
 	OrgID                              string
@@ -156,24 +155,24 @@ type IssuerIDPOIDCConfiguration struct {
 
 // InitiateIssuanceRequest is the request used by the Issuer to initiate the OIDC VC issuance interaction.
 type InitiateIssuanceRequest struct {
-	// Deprecated. Use CredentialConfiguration instead.
+	// Deprecated: Use CredentialConfiguration instead.
 	CredentialTemplateID      string
 	ClientInitiateIssuanceURL string
 	ClientWellKnownURL        string
-	// Deprecated. Use CredentialConfiguration instead.
+	// Deprecated: Use CredentialConfiguration instead.
 	ClaimEndpoint string
 	GrantType     string
 	ResponseType  string
 	Scope         []string
 	OpState       string
-	// Deprecated. Use CredentialConfiguration instead.
+	// Deprecated: Use CredentialConfiguration instead.
 	ClaimData       map[string]interface{}
 	UserPinRequired bool
-	// Deprecated. Use CredentialConfiguration instead.
+	// Deprecated: Use CredentialConfiguration instead.
 	CredentialExpiresAt *time.Time
-	// Deprecated. Use CredentialConfiguration instead.
+	// Deprecated: Use CredentialConfiguration instead.
 	CredentialName string
-	// Deprecated. Use CredentialConfiguration instead.
+	// Deprecated: Use CredentialConfiguration instead.
 	CredentialDescription   string
 	WalletInitiatedIssuance bool
 	// CredentialConfiguration aimed to initialise multi credential issuance.
@@ -183,7 +182,7 @@ type InitiateIssuanceRequest struct {
 type InitiateIssuanceCredentialConfiguration struct {
 	ClaimData             map[string]interface{} `json:"claim_data,omitempty"`
 	ClaimEndpoint         string                 `json:"claim_endpoint,omitempty"`
-	CredentialTemplateId  string                 `json:"credential_template_id,omitempty"`
+	CredentialTemplateID  string                 `json:"credential_template_id,omitempty"`
 	CredentialExpiresAt   *time.Time             `json:"credential_expires_at,omitempty"`
 	CredentialName        string                 `json:"credential_name,omitempty"`
 	CredentialDescription string                 `json:"credential_description,omitempty"`

pkg/service/oidc4ci/oidc4ci_acknowledgement.go

@@ -10,9 +10,10 @@ import (
 	"context"
 	"errors"
 	"fmt"
-	"github.com/google/uuid"
 	"strings"
 
+	"github.com/google/uuid"
+
 	"github.com/trustbloc/vcs/pkg/event/spi"
 )