Merge pull request #57 from authlete/feature/mdoc

[feature] issuance of mdoc-based verifiable credentials

Author: TakahikoKawasaki

pom.xml

@@ -14,6 +14,7 @@
 
     <authlete.java.common.version>3.88</authlete.java.common.version>
     <authlete.java.jaxrs.version>2.70</authlete.java.jaxrs.version>
+    <authlete.cbor.version>1.13</authlete.cbor.version>
     <javax.servlet-api.version>3.0.1</javax.servlet-api.version>
     <jersey.version>2.30.1</jersey.version>
     <jetty.version>9.4.27.v20200227</jetty.version>
@@ -61,6 +62,12 @@
       <version>${authlete.java.jaxrs.version}</version>
     </dependency>
 
+    <dependency>
+      <groupId>com.authlete</groupId>
+      <artifactId>cbor</artifactId>
+      <version>${authlete.cbor.version}</version>
+    </dependency>
+
     <dependency>
       <groupId>javax.servlet</groupId>
       <artifactId>javax.servlet-api</artifactId>

src/main/java/com/authlete/jaxrs/server/api/vci/AbstractCredentialEndpoint.java

@@ -39,7 +39,6 @@
 import com.authlete.jaxrs.server.vc.UnsupportedCredentialFormatException;
 import com.authlete.jaxrs.server.vc.UnsupportedCredentialTypeException;
 import com.google.gson.Gson;
-import com.google.gson.GsonBuilder;
 
 
 public abstract class AbstractCredentialEndpoint extends BaseResourceEndpoint
@@ -298,18 +297,14 @@ private OrderFormat getOrderFormat(CredentialRequestInfo info) throws Unsupporte
 
     protected String errorJson(ErrorCode errorCode, Throwable cause)
     {
-        Map<String, Object> map = new LinkedHashMap<>();
-
-        // "error"
-        map.put("error", errorCode.name());
-
-        if (cause != null)
+        if (cause == null)
         {
-            // "error_description"
-            map.put("error_description", cause.getMessage());
+            return String.format(
+                    "{%n  \"error\": \"%s\"%n}%n", errorCode.name());
         }
 
-        // The content of the error response.
-        return new GsonBuilder().setPrettyPrinting().create().toJson(map);
+        return String.format(
+                "{%n  \"error\": \"%s\",%n  \"error_description\": \"%s\"%n}%n",
+                errorCode.name(), cause.getMessage());
     }
 }

src/main/java/com/authlete/jaxrs/server/api/vci/CredentialOfferPageModel.java

@@ -58,7 +58,8 @@ public class CredentialOfferPageModel extends AuthorizationPageModel
 
 
     private static final String DEFAULT_CREDENTIALS = "[\n" +
-            "  \"IdentityCredential\"\n" +
+            "  \"IdentityCredential\",\n" +
+            "  \"mDL\"\n" +
             "]";
 
 

src/main/java/com/authlete/jaxrs/server/db/UserDao.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2016-2022 Authlete, Inc.
+ * Copyright (C) 2016-2023 Authlete, Inc.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -19,12 +19,17 @@
 
 import java.time.LocalDate;
 import java.time.ZoneOffset;
+import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Date;
 import java.util.HashMap;
+import java.util.LinkedHashMap;
+import java.util.List;
 import java.util.Map;
 import com.authlete.common.dto.Address;
 import com.authlete.common.types.User;
+import com.authlete.mdoc.constants.MDLClaimNames;
+import com.authlete.mdoc.constants.MDLConstants;
 
 
 /**
@@ -68,12 +73,65 @@ public class UserDao
                     null, null, "Inga", "Silverstone", null, null,
                     "https://example.com/inga/profile", "https://example.com/inga/me.jpg",
                     "https://example.com/inga/", "female", "America/Toronto", "en-US",
-                    "inga", "1991-11-06", toDate("2022-04-30")
-            )
+                    "inga", "1991-11-06", toDate("2022-04-30"))
+                    .setAttribute(MDLConstants.DOC_TYPE_MDL, createMDLData1004())
         );
     };
 
 
+    private static Map<String, Object> createMDLData1004()
+    {
+        // Some string claim values in the data below have the prefix "cbor:".
+        // They are interpreted by Authlete server. See the JavaDoc of the
+        // CredentialIssuanceOrder class in the authlete-java-common library
+        // for details.
+        //
+        //   CredentialIssuerOrder JavaDoc
+        //     https://authlete.github.io/authlete-java-common/com/authlete/common/dto/CredentialIssuanceOrder.html
+        //
+
+        // {
+        //   "vehicle_category_code" : "A",
+        //   "issue_date"            : "2023-01-01",
+        //   "expiry_date"           : "2043-01-01"
+        // }
+        Map<String, Object> vehicleA = new LinkedHashMap<>();
+        vehicleA.put("vehicle_category_code", "A");
+        vehicleA.put("issue_date",            "cbor:1004(\"2023-01-01\")");
+        vehicleA.put("expiry_date",           "cbor:1004(\"2043-01-01\")");
+
+        // [
+        //    vehicleA
+        // ]
+        List<Map<String, Object>> drivingPrivileges = new ArrayList<>();
+        drivingPrivileges.add(vehicleA);
+
+        // {
+        //   "family_name"        : "Silverstone",
+        //   "given_name"         : "Inga",
+        //   "birth_date"         : "1991-11-06",
+        //   "issuing_country"    : "US",
+        //   "document_number"    : "12345678",
+        //   "driving_privileges" : drivingPrivileges
+        // }
+        Map<String, Object> nameSpace = new LinkedHashMap<>();
+        nameSpace.put(MDLClaimNames.FAMILY_NAME,        "Silverstone");
+        nameSpace.put(MDLClaimNames.GIVEN_NAME,         "Inga");
+        nameSpace.put(MDLClaimNames.BIRTH_DATE,         "cbor:1004(\"1991-11-06\")");
+        nameSpace.put(MDLClaimNames.ISSUING_COUNTRY,    "US");
+        nameSpace.put(MDLClaimNames.DOCUMENT_NUMBER,    "12345678");
+        nameSpace.put(MDLClaimNames.DRIVING_PRIVILEGES, drivingPrivileges);
+
+        // {
+        //   "org.iso.18013.5.1" : nameSpace
+        // }
+        Map<String, Object> root = new LinkedHashMap<>();
+        root.put(MDLConstants.NAME_SPACE_MDL, nameSpace);
+
+        return root;
+    }
+
+
     private static Date toDate(String input)
     {
         return Date.from(LocalDate.parse(input).atStartOfDay().toInstant(ZoneOffset.UTC));

src/main/java/com/authlete/jaxrs/server/db/UserEntity.java

@@ -20,6 +20,7 @@
 import java.io.Serializable;
 import java.net.URI;
 import java.util.Date;
+import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 import com.authlete.common.dto.Address;
@@ -107,6 +108,10 @@ public class UserEntity implements User, Serializable
     private List<String> nationalities;
 
 
+    // Attributes
+    private Map<String, Object> attributes = new HashMap<>();
+
+
     /**
      * Constructor with initial values.
      */
@@ -372,12 +377,19 @@ public Object getAttribute(String attributeName)
                 return code;
 
             default:
-                // Unsupported attribute.
-                return null;
+                return attributes.get(attributeName);
         }
     }
 
 
+    public UserEntity setAttribute(String attributeName, Object attributeValue)
+    {
+        attributes.put(attributeName, attributeValue);
+
+        return this;
+    }
+
+
     public List<String> getNationalities()
     {
         return nationalities;
@@ -403,6 +415,6 @@ private static Map<String, Object> toMap(Address address)
         // This Gson instance does not serialize properties with null values.
         Gson gson = new Gson();
 
-        return (Map<String, Object>)gson.fromJson(gson.toJson(address), Map.class);
+        return gson.fromJson(gson.toJson(address), Map.class);
     }
 }

src/main/java/com/authlete/jaxrs/server/vc/AbstractOrderProcessor.java

@@ -114,6 +114,7 @@ private CredentialIssuanceOrder createOrder(
                 .setRequestIdentifier(info.getIdentifier())
                 .setCredentialPayload(payload)
                 .setIssuanceDeferred(deferred)
+                .setCredentialDuration(computeCredentialDuration())
                 ;
     }
 
@@ -167,4 +168,22 @@ protected abstract void checkPermissions(
     protected abstract Map<String, Object> collectClaims(
             OrderContext context, User user, String format,
             Map<String, Object> requestedCredential) throws VerifiableCredentialException;
+
+
+    /**
+     * Compute the credential duration in seconds.
+     *
+     * <p>
+     * The default implementation of this method returns 0, which tells
+     * Authlete to try to generate a VC that does not expire. Subclasses
+     * may override this method to set duration.
+     * </p>
+     *
+     * @return
+     *         The credential duration in seconds.
+     */
+    protected long computeCredentialDuration()
+    {
+        return 0;
+    }
 }