@velocitycareerlabs/server-webwallet 1.26.0-dev-build.1d30757e5 → 1.26.0-dev-build.1cce50406

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@velocitycareerlabs/server-webwallet",
-  "version": "1.26.0-dev-build.1d30757e5",
+  "version": "1.26.0-dev-build.1cce50406",
   "description": "Web Wallet application",
   "repository": "https://github.com/velocitycareerlabs/packages",
   "engines": {
@@ -33,17 +33,17 @@
     "@fastify/swagger": "^9.0.0",
     "@fastify/swagger-ui": "^5.0.0",
     "@spencejs/spence-mongo-repos": "^0.10.2",
-    "@velocitycareerlabs/migrations": "1.26.0-dev-build.1d30757e5",
-    "@verii/auth": "1.0.0-pre.1757279740",
-    "@verii/common-functions": "1.0.0-pre.1757279740",
-    "@verii/common-schemas": "1.0.0-pre.1757279740",
-    "@verii/config": "1.0.0-pre.1757279740",
-    "@verii/fastify-plugins": "1.0.0-pre.1757279740",
-    "@verii/jwt": "1.0.0-pre.1757279740",
-    "@verii/request": "1.0.0-pre.1757279740",
-    "@verii/server-provider": "1.0.0-pre.1757279740",
-    "@verii/vc-checks": "1.0.0-pre.1757279740",
-    "@verii/vnf-nodejs-wallet-sdk": "1.0.0-pre.1757279740",
+    "@velocitycareerlabs/migrations": "1.26.0-dev-build.1cce50406",
+    "@verii/auth": "1.0.0-pre.1757456926",
+    "@verii/common-functions": "1.0.0-pre.1757456926",
+    "@verii/common-schemas": "1.0.0-pre.1757456926",
+    "@verii/config": "1.0.0-pre.1757456926",
+    "@verii/fastify-plugins": "1.0.0-pre.1757456926",
+    "@verii/jwt": "1.0.0-pre.1757456926",
+    "@verii/request": "1.0.0-pre.1757456926",
+    "@verii/server-provider": "1.0.0-pre.1757456926",
+    "@verii/vc-checks": "1.0.0-pre.1757456926",
+    "@verii/vnf-nodejs-wallet-sdk": "1.0.0-pre.1757456926",
     "blueimp-md5": "2.19.0",
     "env-var": "^7.0.0",
     "fastify": "^5.0.0",
@@ -56,8 +56,8 @@
   },
   "devDependencies": {
     "@spencejs/spence-factories": "0.10.2",
-    "@verii/crypto": "1.0.0-pre.1757279740",
-    "@verii/tests-helpers": "1.0.0-pre.1757279740",
+    "@verii/crypto": "1.0.0-pre.1757456926",
+    "@verii/tests-helpers": "1.0.0-pre.1757456926",
     "dotenv": "16.6.1",
     "eslint": "8.57.1",
     "eslint-config-airbnb-base": "14.2.1",
@@ -73,5 +73,5 @@
     "nodemon": "3.1.10",
     "prettier": "2.8.8"
   },
-  "gitHead": "8981e5ec5495b0aefb2fe58de95d584941994e60"
+  "gitHead": "58afda1bd7fef44c773b88a1fd6685f2ba006c3a"
 }

package/src/controllers/disclosures/controller.js

@@ -99,15 +99,7 @@ const disclosureController = async (fastify) => {
       repos: { accounts },
       config: { careerWalletAdminAccessToken },
     }) => {
-      const { didKeyMetadatum } = await accounts.findOne({
-        filter: { userId: user.sub },
-      });
-      const didJwk =
-        didKeyMetadatum &&
-        Array.isArray(didKeyMetadatum) &&
-        didKeyMetadatum.length > 0
-          ? VCLDidJwk.fromJSON(didKeyMetadatum[0])
-          : null;
+      const didJwk = await getDidJwk(accounts, user);
 
       const presentationRequest = await vclSdk.getPresentationRequest(
         new VCLPresentationRequestDescriptor(
@@ -118,38 +110,43 @@ const disclosureController = async (fastify) => {
         )
       );
 
-      let authToken = null;
-      if (presentationRequest.feed) {
-        authToken = await vclSdk.getAuthToken(
-          new VCLAuthTokenDescriptor(presentationRequest)
+      if (!presentationRequest.feed && !body.credentials.length) {
+        throw newError.BadRequest(
+          'body/credentials must NOT have fewer than 1 items'
         );
       }
 
+      const authToken = await getAuthToken(vclSdk, presentationRequest);
+
       const { payload: presentation } = jwtDecode(
         presentationRequest.jwt.encodedJwt
       );
 
-      const submissionResult = await vclSdk.submitPresentation(
-        new VCLPresentationSubmission(presentationRequest, body.credentials),
-        authToken
-      );
+      let disclosure = {};
 
-      const { did: userDid } = await repos.accounts.findOne({
-        filter: { userId: user.sub },
-      });
+      if (body.credentials.length) {
+        const submissionResult = await vclSdk.submitPresentation(
+          new VCLPresentationSubmission(presentationRequest, body.credentials),
+          authToken
+        );
 
-      const disclosure = await repos.disclosures.insert({
-        auth0UserId: user.sub,
-        userDid,
-        presentation,
-        encodedJwt: presentationRequest.jwt.encodedJwt,
-        jti: submissionResult.jti,
-        submissionId: submissionResult.submissionId,
-        presentationDefinitionId: presentation.presentation_definition.id,
-        token: submissionResult.sessionToken.value,
-        sharedCredentials: body.credentials.map(({ id }) => id),
-        type: body.type,
-      });
+        const { did: userDid } = await repos.accounts.findOne({
+          filter: { userId: user.sub },
+        });
+
+        disclosure = await repos.disclosures.insert({
+          auth0UserId: user.sub,
+          userDid,
+          presentation,
+          encodedJwt: presentationRequest.jwt.encodedJwt,
+          jti: submissionResult.jti,
+          submissionId: submissionResult.submissionId,
+          presentationDefinitionId: presentation.presentation_definition.id,
+          token: submissionResult.sessionToken.value,
+          sharedCredentials: body.credentials.map(({ id }) => id),
+          type: body.type,
+        });
+      }
 
       if (presentationRequest.feed) {
         await repos.feeds.insert({
@@ -162,10 +159,13 @@ const disclosureController = async (fastify) => {
             presentation.presentation_definition.input_descriptors.map(
               (descriptor) => descriptor.id
             ),
+          inputDescriptors:
+            presentation.presentation_definition.input_descriptors,
+          presentationMetadata: presentation.metadata,
         });
       }
 
-      return { disclosure };
+      return { disclosure: mapDisclosureForResponse(disclosure) };
     }
   );
 
@@ -238,4 +238,47 @@ const disclosureController = async (fastify) => {
   );
 };
 
+const getAuthToken = async (vclSdk, presentationRequest) => {
+  if (presentationRequest.feed) {
+    return vclSdk.getAuthToken(new VCLAuthTokenDescriptor(presentationRequest));
+  }
+  return null;
+};
+
+const getDidJwk = async (accounts, user) => {
+  const { didKeyMetadatum } = await accounts.findOne({
+    filter: { userId: user.sub },
+  });
+
+  return didKeyMetadatum &&
+    Array.isArray(didKeyMetadatum) &&
+    didKeyMetadatum.length > 0
+    ? VCLDidJwk.fromJSON(didKeyMetadatum[0])
+    : null;
+};
+
 module.exports = disclosureController;
+
+const mapDisclosureForResponse = (disclosure) => {
+  if (disclosure == null || Object.keys(disclosure).length === 0) {
+    return {};
+  }
+
+  const toIso = (d) =>
+    d && typeof d.toISOString === 'function' ? d.toISOString() : d;
+
+  return {
+    id: disclosure.id ?? disclosure._id?.toString?.(),
+    jti: disclosure.jti,
+    submissionId: disclosure.submissionId,
+    presentationDefinitionId: disclosure.presentationDefinitionId,
+    encodedJwt: disclosure.encodedJwt,
+    presentation: disclosure.presentation,
+    token: disclosure.token,
+    sharedCredentials: disclosure.sharedCredentials,
+    type: disclosure.type,
+    feed: disclosure.feed,
+    createdAt: toIso(disclosure.createdAt),
+    updatedAt: toIso(disclosure.updatedAt),
+  };
+};

package/src/controllers/disclosures/schemas/webwallet-accept-presentation-request-body.schema.js

@@ -16,7 +16,7 @@ const webWalletAcceptPresentationRequestBodySchema = {
         },
         required: ['inputDescriptor', 'jwtVc', 'id'],
       },
-      minItems: 1,
+      minItems: 0,
     },
     type: { type: 'string', enum: ['public', 'linkedin', 'inspection'] },
   },

package/src/controllers/disclosures/schemas/webwallet-accept-presentation-response.schema.js

@@ -5,10 +5,16 @@ const webWalletAcceptPresentationResponseSchema = {
   type: 'object',
   properties: {
     disclosure: {
-      $ref: 'https://velocitycareerlabs.io/webwallet-disclosure.schema.json',
+      oneOf: [
+        {
+          $ref: 'https://velocitycareerlabs.io/webwallet-disclosure.schema.json',
+        },
+        { type: 'object', properties: {}, additionalProperties: false },
+      ],
     },
   },
   required: ['disclosure'],
+  additionalProperties: false,
 };
 
 module.exports = {

package/src/entities/feeds/orchestrators/feedsService.js

@@ -24,7 +24,7 @@ const extractDisclosureId = (presentationDefinitionId) => {
 /**
  * Create a map of disclosures grouped by disclosureId
  * @param {Array} disclosures - Array of disclosure objects
- * @returns {Object} Map with disclosureId as key and {presentationMetadata, sharedCredentials} as value
+ * @returns {Object} Map with disclosureId as key and {sharedCredentials} as value
  */
 const createDisclosureMap = (disclosures) => {
   if (!Array.isArray(disclosures)) {
@@ -40,11 +40,7 @@ const createDisclosureMap = (disclosures) => {
       return {
         ...disclosureMatched,
         [disclosureId]: {
-          presentationMetadata: disclosure.presentation?.metadata || {},
           sharedCredentials: disclosure.sharedCredentials || [],
-          inputDescriptors:
-            disclosure.presentation.presentation_definition
-              ?.input_descriptors || [],
         },
       };
     }
@@ -63,7 +59,7 @@ const createDisclosureMap = (disclosures) => {
 };
 
 /**
- * Enrich feeds with presentation metadata and shared credentials
+ * Enrich feeds with shared credentials from disclosures
  * @param {Array} feeds - Array of feed objects
  * @param {Object} disclosureMap - Map of disclosures by disclosureId
  * @returns {Array} Enriched feeds array
@@ -75,11 +71,8 @@ const enrichFeedsWithDisclosureData = (feeds, disclosureMap) => {
 
   return feeds.map((feed) => ({
     ...feed,
-    presentationMetadata:
-      disclosureMap[feed.disclosureId]?.presentationMetadata || {},
     sharedCredentials:
       disclosureMap[feed.disclosureId]?.sharedCredentials || [],
-    inputDescriptors: disclosureMap[feed.disclosureId]?.inputDescriptors || [],
   }));
 };
 

package/src/entities/feeds/repos/feeds.repo.js

@@ -17,6 +17,8 @@ module.exports = (app, _, next = () => {}) => {
         disclosureId: 1,
         inspectorDid: 1,
         credentialTypes: 1,
+        inputDescriptors: 1,
+        presentationMetadata: 1,
         createdAt: 1,
         updatedAt: 1,
         revokedAt: 1,

package/src/entities/feeds/schemas/webwallet-feed.schema.js

@@ -16,6 +16,14 @@ const webWalletFeedSchema = {
       type: 'array',
       items: { type: 'string' },
     },
+    inputDescriptors: {
+      type: 'array',
+      items: { type: 'object', additionalProperties: true },
+    },
+    presentationMetadata: {
+      type: 'object',
+      additionalProperties: true,
+    },
     createdAt: { type: 'string' },
     updatedAt: { type: 'string' },
     revokedAt: { type: 'string' },
@@ -28,6 +36,8 @@ const webWalletFeedSchema = {
     'disclosureId',
     'inspectorDid',
     'credentialTypes',
+    'inputDescriptors',
+    'presentationMetadata',
     'createdAt',
     'updatedAt',
   ],

package/test/disclosures-controller/disclosure-credentials.test.js

@@ -309,6 +309,8 @@ describe('Test disclosure credentials controller', () => {
         _id: expect.any(ObjectId),
         auth0UserId: userId,
         authToken: expect.any(Object),
+        inputDescriptors: expect.any(Object),
+        presentationMetadata: expect.any(Object),
         deeplink: inspectionDeepLink,
         disclosureId: expect.any(String),
         inspectorDid: expect.any(String),
@@ -402,7 +404,55 @@ describe('Test disclosure credentials controller', () => {
       );
     });
 
+    it('should return 200 if no credentials but feed is true', async () => {
+      const presentationRequestFeedMock = {
+        ...require('./mocks').presentationRequestMock,
+        feed: true,
+      };
+
+      vclSdk.getPresentationRequest.mockResolvedValueOnce(
+        presentationRequestFeedMock
+      );
+
+      const response = await fastify.injectJson({
+        method: 'POST',
+        url: '/disclosures/accept-presentation-request',
+        payload: {
+          link: inspectionDeepLink,
+          credentials: [],
+        },
+        headers: {
+          authorization: `Bearer ${idToken}`,
+        },
+      });
+
+      expect(response.statusCode).toBe(200);
+
+      expect(vclSdk.getAuthToken).toHaveBeenCalledTimes(1);
+
+      const savedDisclosure = await mongoDb()
+        .collection('disclosures')
+        .findOne();
+
+      expect(savedDisclosure).toBeNull();
+
+      const savedFeed = await mongoDb().collection('feeds').findOne();
+
+      expect(savedFeed).toBeTruthy();
+
+      expect(response.json).toHaveProperty('disclosure');
+    });
+
     it('should return 400 if the list of credentials is empty array', async () => {
+      const presentationRequestFeedMock = {
+        ...require('./mocks').presentationRequestMock,
+        feed: false,
+      };
+
+      vclSdk.getPresentationRequest.mockResolvedValueOnce(
+        presentationRequestFeedMock
+      );
+
       const response = await fastify.injectJson({
         method: 'POST',
         url: '/disclosures/accept-presentation-request',
@@ -420,7 +470,7 @@ describe('Test disclosure credentials controller', () => {
       expect(response.json).toEqual(
         errorResponseMatcher({
           error: 'Bad Request',
-          errorCode: 'request_validation_failed',
+          errorCode: 'web_wallet_server_error',
           message: 'body/credentials must NOT have fewer than 1 items',
           statusCode: 400,
         })

package/test/factories/feeds.js

@@ -72,6 +72,19 @@ module.exports = (app) => {
           },
           tokenType: 'Bearer',
         },
+        presentationMetadata: {
+          client_name: 'University of Massachusetts Amherst',
+          logo_uri: 'https://example.com/logo.png',
+          tos_uri: 'https://example.com/terms',
+          feed: true,
+        },
+        inputDescriptors: [
+          { id: 'certification_input_1', name: 'Certification' },
+          { id: 'license_input_1', name: 'License' },
+          { id: 'assessment_input_1', name: 'Assessment' },
+          { id: 'open_badge_input_1', name: 'Open Badge' },
+        ],
+        sharedCredentials: ['credential1', 'credential2'],
         deeplink:
           'velocity-network-devnet://inspect?request_uri=https://devagent.velocitycareerlabs.io/api/holder/v0.6/org/did:web:devregistrar.velocitynetwork.foundation:d:www.umass.edu/inspect/get-presentation-request?id=68736ac609c41e44796d040e%26inspectorDid%3Ddid%3Aweb%3Adevregistrar.velocitynetwork.foundation%3Ad%3Awww.umass.edu%26vendorOriginContext%3DAdam',
         disclosureId: '68736ac609c41e44796d040e',