@verii/server-credentialagent 1.1.0-pre.1765441856 → 1.1.0-pre.1765745740

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@verii/server-credentialagent",
-  "version": "1.1.0-pre.1765441856",
+  "version": "1.1.0-pre.1765745740",
   "description": "Credential Agent application",
   "main": "src/index.js",
   "repository": "https://github.com/LFDT-Verii/core",
@@ -40,31 +40,31 @@
     "@fastify/view": "^11.0.0",
     "@spencejs/spence-factories": "^0.10.2",
     "@spencejs/spence-mongo-repos": "^0.10.2",
-    "@verii/auth": "1.1.0-pre.1765441856",
-    "@verii/base-contract-io": "1.1.0-pre.1765441856",
-    "@verii/blockchain-functions": "1.1.0-pre.1765441856",
-    "@verii/common-fetchers": "1.1.0-pre.1765441856",
-    "@verii/common-functions": "1.1.0-pre.1765441856",
-    "@verii/common-schemas": "1.1.0-pre.1765441856",
-    "@verii/config": "1.1.0-pre.1765441856",
-    "@verii/contract-permissions": "1.1.0-pre.1765441856",
-    "@verii/crypto": "1.1.0-pre.1765441856",
-    "@verii/csv-parser": "1.1.0-pre.1765441856",
-    "@verii/db-kms": "1.1.0-pre.1765441856",
-    "@verii/did-doc": "1.1.0-pre.1765441856",
-    "@verii/fastify-plugins": "1.1.0-pre.1765441856",
-    "@verii/http-client": "1.1.0-pre.1765441856",
-    "@verii/jwt": "1.1.0-pre.1765441856",
-    "@verii/metadata-registration": "1.1.0-pre.1765441856",
-    "@verii/organizations-registry": "1.1.0-pre.1765441856",
-    "@verii/rest-queries": "1.1.0-pre.1765441856",
-    "@verii/server-provider": "1.1.0-pre.1765441856",
-    "@verii/spencer-mongo-extensions": "1.1.0-pre.1765441856",
-    "@verii/test-regexes": "1.1.0-pre.1765441856",
-    "@verii/validation": "1.1.0-pre.1765441856",
-    "@verii/vc-checks": "1.1.0-pre.1765441856",
-    "@verii/verii-issuing": "1.1.0-pre.1765441856",
-    "@verii/verii-verification": "1.1.0-pre.1765441856",
+    "@verii/auth": "1.1.0-pre.1765745740",
+    "@verii/base-contract-io": "1.1.0-pre.1765745740",
+    "@verii/blockchain-functions": "1.1.0-pre.1765745740",
+    "@verii/common-fetchers": "1.1.0-pre.1765745740",
+    "@verii/common-functions": "1.1.0-pre.1765745740",
+    "@verii/common-schemas": "1.1.0-pre.1765745740",
+    "@verii/config": "1.1.0-pre.1765745740",
+    "@verii/contract-permissions": "1.1.0-pre.1765745740",
+    "@verii/crypto": "1.1.0-pre.1765745740",
+    "@verii/csv-parser": "1.1.0-pre.1765745740",
+    "@verii/db-kms": "1.1.0-pre.1765745740",
+    "@verii/did-doc": "1.1.0-pre.1765745740",
+    "@verii/fastify-plugins": "1.1.0-pre.1765745740",
+    "@verii/http-client": "1.1.0-pre.1765745740",
+    "@verii/jwt": "1.1.0-pre.1765745740",
+    "@verii/metadata-registration": "1.1.0-pre.1765745740",
+    "@verii/organizations-registry": "1.1.0-pre.1765745740",
+    "@verii/rest-queries": "1.1.0-pre.1765745740",
+    "@verii/server-provider": "1.1.0-pre.1765745740",
+    "@verii/spencer-mongo-extensions": "1.1.0-pre.1765745740",
+    "@verii/test-regexes": "1.1.0-pre.1765745740",
+    "@verii/validation": "1.1.0-pre.1765745740",
+    "@verii/vc-checks": "1.1.0-pre.1765745740",
+    "@verii/verii-issuing": "1.1.0-pre.1765745740",
+    "@verii/verii-verification": "1.1.0-pre.1765745740",
     "ajv": "8.17.1",
     "canonicalize": "^2.1.0",
     "date-fns": "~4.1.0",
@@ -83,10 +83,10 @@
   },
   "devDependencies": {
     "@spencejs/spence-config": "0.10.2",
-    "@verii/endpoints-organizations-registrar": "1.1.0-pre.1765441856",
-    "@verii/sample-data": "1.1.0-pre.1765441856",
+    "@verii/endpoints-organizations-registrar": "1.1.0-pre.1765745740",
+    "@verii/sample-data": "1.1.0-pre.1765745740",
     "@verii/test-regexes": "0.5.0-build",
-    "@verii/tests-helpers": "1.1.0-pre.1765441856",
+    "@verii/tests-helpers": "1.1.0-pre.1765745740",
     "cheerio": "1.1.2",
     "dotenv": "16.6.1",
     "eslint": "8.57.1",
@@ -107,5 +107,5 @@
     "prettier": "2.8.8",
     "qs": "6.14.0"
   },
-  "gitHead": "65907afa06a773fbe9c544abc54c6e7fb807a427"
+  "gitHead": "46b3c80a3277ce91fff1e698ac201602b6141d18"
 }

package/src/controllers/root/controller.js

@@ -1,14 +1,14 @@
 /**
  * Copyright 2023 Velocity Team
  *
- * Licensed under the Apache License, Version 2.0 (the "License");
+ * Licensed under the Apache License, Version 2.0 (the 'License');
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
+ * distributed under the License is distributed on an 'AS IS' BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
@@ -84,16 +84,7 @@ const appRedirectController = async (fastify) => {
               inspectorDid: { type: 'array', items: { type: 'string' } },
               providers: {
                 type: 'array',
-                items: {
-                  type: 'object',
-                  properties: {
-                    name: { type: 'string' },
-                    logo: { type: 'string' },
-                    category: { type: 'string' },
-                    id: { type: 'string' },
-                  },
-                  required: ['name', 'id', 'logo', 'category'],
-                },
+                items: { type: 'string' },
               },
             },
             required: ['request_uri', 'exchange_type'],
@@ -165,13 +156,15 @@ const processingLinks = (context) => {
     },
   } = context;
 
+  const parsedProviders = parseProviders(providersItems, exchangeType);
+
   const parsedLinks = flow(
     (items) => zip(items, range(0, items.length)),
     map(([value, index]) => ({
       requestUri: value,
       vendorOriginContext: vendorOriginContextItems[index],
       inspectorDid: inspectorDidItems[index],
-      ...(providersItems ? { providers: providersItems } : {}),
+      ...(parsedProviders ? { providers: parsedProviders } : {}),
     }))
   )(requestUriItems);
 
@@ -187,7 +180,9 @@ const processingLinks = (context) => {
         appendSearchParam('request_uri', requestUri),
         appendSearchParam('inspectorDid', inspectorDid),
         appendSearchParam('vendorOriginContext', vendorOriginContext),
-        providersItem ? appendSearchParam('providers', providersItem) : identity
+        providersItem
+          ? appendSearchParam('providers', JSON.stringify(providersItem))
+          : identity
       );
 
       appendParams(deeplink);
@@ -198,6 +193,60 @@ const processingLinks = (context) => {
   return { deeplink };
 };
 
+const parseProviders = (providersItems, exchangeType) => {
+  if (exchangeType !== EXCHANGE_TYPE.claim) {
+    return null;
+  }
+
+  if (!providersItems) {
+    throw new Error.BadRequest(
+      'providers parameter is required for exchange_type = "claim.wizard"'
+    );
+  }
+
+  const normalizedProviders = Array.isArray(providersItems)
+    ? providersItems
+    : [providersItems];
+
+  let parsedProviders;
+
+  try {
+    parsedProviders = normalizedProviders.map((provider) => {
+      if (typeof provider === 'string') {
+        return JSON.parse(provider);
+      }
+      return provider;
+    });
+  } catch (error) {
+    throw new Error.BadRequest('Invalid JSON format for providers parameter');
+  }
+
+  const PROVIDERS_REQUIRED_PROPS = ['name', 'id', 'logo', 'category'];
+
+  return parsedProviders.map((item, index) => {
+    if (!item || typeof item !== 'object') {
+      throw new Error.BadRequest(
+        `Provider at index ${index} must be an object`
+      );
+    }
+
+    for (const prop of PROVIDERS_REQUIRED_PROPS) {
+      if (!item[prop] || typeof item[prop] !== 'string') {
+        throw new Error.BadRequest(
+          `Provider at index ${index} missing required property: ${prop}`
+        );
+      }
+    }
+
+    return {
+      name: item.name,
+      logo: item.logo,
+      category: item.category,
+      id: item.id,
+    };
+  });
+};
+
 // eslint-disable-next-line better-mutation/no-mutation
 appRedirectController.prefixOverride = '';
 

package/test/combined/app-redirect.test.js

@@ -218,7 +218,7 @@ describe('app redirect controller test', () => {
     expect(scriptTag.attr('data-automode')).toEqual('');
   });
 
-  it('should include vnf wallet selection mount point if claim.wizard', async () => {
+  it('should include vnf wallet selection mount point if claim.wizard with one provider', async () => {
     setupNock();
     const url =
       // eslint-disable-next-line max-len
@@ -226,7 +226,7 @@ describe('app redirect controller test', () => {
     const response = await fastify.injectJson({
       method: 'GET',
       // eslint-disable-next-line max-len
-      url: `${appRedirectUrl}?request_uri=${url}&exchange_type=claim.wizard&inspectorDid=321123providers=%5B%7B%22logo%22%3A%22https%3A//upload.wikimedia.org/wikipedia/commons/a/aa/LinkedIn_2021.svg%22%2C%22name%22%3A%22LinkedIn%22%2C%22category%22%3A%22Personal%20Records%22%2C%22id%22%3A%22a9f1063c-06b7-476a-8410-9ff6e427e637%22%7D%2C%7B%22logo%22%3A%22https%3A//logos-world.net/wp-content/uploads/2020/11/GitHub-Emblem.png%22%2C%22name%22%3A%22GitHub%22%2C%22category%22%3A%22User%20Profile%22%2C%22id%22%3A%226d3f6753-7ee6-49ee-a545-62f1b1822ae5%22%7D%5D`,
+      url: `${appRedirectUrl}?request_uri=${url}&exchange_type=claim.wizard&inspectorDid=321123&providers=%7B%22logo%22%3A%22https%3A%2F%2Fupload.wikimedia.org%2Fwikipedia%2Fcommons%2Fa%2Faa%2FLinkedIn_2021.svg%22%2C%22name%22%3A%22LinkedIn%22%2C%22category%22%3A%22Personal%20Records%22%2C%22id%22%3A%22a9f1063c-06b7-476a-8410-9ff6e427e637%22%7D`,
     });
 
     expect(response.statusCode).toEqual(200);
@@ -235,8 +235,98 @@ describe('app redirect controller test', () => {
     const scriptTag = $('html > body > #vnf-wallet-selection');
     const deeplink =
       // eslint-disable-next-line max-len
-      'velocity-test://claim.wizard?request_uri=http%3A%2F%2Flocalhost.test%2Fapi%2Fholder%2Fv0.6%2Forg%2Fdid%3Aion%3A4131209321321323123e%2Fissue%2Fget-credential-manifest%3Fexchange_id%3D5f123eab4362bb2e%26credential_types%3DPastEmploymentPosition%26id%3DsecretId&inspectorDid=321123providers%3D%5B%7B%22logo%22%3A%22https%3A%2F%2Fupload.wikimedia.org%2Fwikipedia%2Fcommons%2Fa%2Faa%2FLinkedIn_2021.svg%22%2C%22name%22%3A%22LinkedIn%22%2C%22category%22%3A%22Personal+Records%22%2C%22id%22%3A%22a9f1063c-06b7-476a-8410-9ff6e427e637%22%7D%2C%7B%22logo%22%3A%22https%3A%2F%2Flogos-world.net%2Fwp-content%2Fuploads%2F2020%2F11%2FGitHub-Emblem.png%22%2C%22name%22%3A%22GitHub%22%2C%22category%22%3A%22User+Profile%22%2C%22id%22%3A%226d3f6753-7ee6-49ee-a545-62f1b1822ae5%22%7D%5D';
+      'velocity-test://claim.wizard?request_uri=http%3A%2F%2Flocalhost.test%2Fapi%2Fholder%2Fv0.6%2Forg%2Fdid%3Aion%3A4131209321321323123e%2Fissue%2Fget-credential-manifest%3Fexchange_id%3D5f123eab4362bb2e%26credential_types%3DPastEmploymentPosition%26id%3DsecretId&inspectorDid=321123&providers=%5B%7B%22name%22%3A%22LinkedIn%22%2C%22logo%22%3A%22https%3A%2F%2Fupload.wikimedia.org%2Fwikipedia%2Fcommons%2Fa%2Faa%2FLinkedIn_2021.svg%22%2C%22category%22%3A%22Personal+Records%22%2C%22id%22%3A%22a9f1063c-06b7-476a-8410-9ff6e427e637%22%7D%5D';
     expect(scriptTag.attr('data-deeplink')).toEqual(deeplink);
     expect(scriptTag.attr('data-automode')).toEqual('');
   });
+
+  it('should throw if claim.wizard and provider is missing required properties: id', async () => {
+    setupNock();
+    const url =
+      // eslint-disable-next-line max-len
+      'http%3A%2F%2Flocalhost.test%2Fapi%2Fholder%2Fv0.6%2Forg%2Fdid%3Aion%3A4131209321321323123e%2Fissue%2Fget-credential-manifest%3Fexchange_id%3D5f123eab4362bb2e%26credential_types%3DPastEmploymentPosition%26id%3DsecretId';
+    const response = await fastify.injectJson({
+      method: 'GET',
+      // eslint-disable-next-line max-len
+      url: `${appRedirectUrl}?request_uri=${url}&exchange_type=claim.wizard&inspectorDid=321123&providers=%7B%22logo%22%3A%22https%3A%2F%2Fupload.wikimedia.org%2Fwikipedia%2Fcommons%2Fa%2Faa%2FLinkedIn_2021.svg%22%2C%22name%22%3A%22LinkedIn%22%7D`,
+    });
+
+    expect(response.statusCode).toEqual(400);
+    expect(response.json.message).toEqual(
+      'Provider at index 0 missing required property: id'
+    );
+  });
+
+  it('should throw if claim.wizard and provider is missing required properties: name', async () => {
+    setupNock();
+    const url =
+      // eslint-disable-next-line max-len
+      'http%3A%2F%2Flocalhost.test%2Fapi%2Fholder%2Fv0.6%2Forg%2Fdid%3Aion%3A4131209321321323123e%2Fissue%2Fget-credential-manifest%3Fexchange_id%3D5f123eab4362bb2e%26credential_types%3DPastEmploymentPosition%26id%3DsecretId';
+    const response = await fastify.injectJson({
+      method: 'GET',
+      // eslint-disable-next-line max-len
+      url: `${appRedirectUrl}?request_uri=${url}&exchange_type=claim.wizard&inspectorDid=321123&providers=%7B%22logo%22%3A%22https%3A%2F%2Fupload.wikimedia.org%2Fwikipedia%2Fcommons%2Fa%2Faa%2FLinkedIn_2021.svg%22%2C%22id%22%3A%22LinkedIn%22%7D`,
+    });
+
+    expect(response.statusCode).toEqual(400);
+    expect(response.json.message).toEqual(
+      'Provider at index 0 missing required property: name'
+    );
+  });
+
+  it('should throw if claim.wizard and provider is missing required properties: logo', async () => {
+    setupNock();
+    const url =
+      // eslint-disable-next-line max-len
+      'http%3A%2F%2Flocalhost.test%2Fapi%2Fholder%2Fv0.6%2Forg%2Fdid%3Aion%3A4131209321321323123e%2Fissue%2Fget-credential-manifest%3Fexchange_id%3D5f123eab4362bb2e%26credential_types%3DPastEmploymentPosition%26id%3DsecretId';
+    const response = await fastify.injectJson({
+      method: 'GET',
+      // eslint-disable-next-line max-len
+      url: `${appRedirectUrl}?request_uri=${url}&exchange_type=claim.wizard&inspectorDid=321123&providers=%7B%22name%22%3A%22LinkedIn%22%2C%22category%22%3A%22Personal%20Records%22%2C%22id%22%3A%22a9f1063c-06b7-476a-8410-9ff6e427e637%22%7D`,
+    });
+
+    expect(response.statusCode).toEqual(400);
+    expect(response.json.message).toEqual(
+      'Provider at index 0 missing required property: logo'
+    );
+  });
+
+  it('should include vnf wallet selection mount point if claim.wizard with multiple providers', async () => {
+    setupNock();
+    const url =
+      // eslint-disable-next-line max-len
+      'http%3A%2F%2Flocalhost.test%2Fapi%2Fholder%2Fv0.6%2Forg%2Fdid%3Aion%3A4131209321321323123e%2Fissue%2Fget-credential-manifest%3Fexchange_id%3D5f123eab4362bb2e%26credential_types%3DPastEmploymentPosition%26id%3DsecretId';
+    const response = await fastify.injectJson({
+      method: 'GET',
+      // eslint-disable-next-line max-len
+      url: `${appRedirectUrl}?request_uri=${url}&exchange_type=claim.wizard&inspectorDid=321123&providers=%7B%22logo%22%3A%22https%3A%2F%2Fupload.wikimedia.org%2Fwikipedia%2Fcommons%2Fa%2Faa%2FLinkedIn_2021.svg%22%2C%22name%22%3A%22LinkedIn%22%2C%22category%22%3A%22Personal%20Records%22%2C%22id%22%3A%22a9f1063c-06b7-476a-8410-9ff6e427e637%22%7D&providers=%7B%22logo%22%3A%22https%3A%2F%2Fupload.wikimedia.org%2Fwikipedia%2Fcommons%2Fa%2Faa%2FLinkedIn_2021.svg%22%2C%22name%22%3A%22LinkedIn%22%2C%22category%22%3A%22Personal%20Records%22%2C%22id%22%3A%22a9f1063c-06b7-476a-8410-9ff6e427e637%22%7D`,
+    });
+
+    expect(response.statusCode).toEqual(200);
+    const $ = cheerio.load(response.body);
+
+    const scriptTag = $('html > body > #vnf-wallet-selection');
+    const deeplink =
+      // eslint-disable-next-line max-len
+      'velocity-test://claim.wizard?request_uri=http%3A%2F%2Flocalhost.test%2Fapi%2Fholder%2Fv0.6%2Forg%2Fdid%3Aion%3A4131209321321323123e%2Fissue%2Fget-credential-manifest%3Fexchange_id%3D5f123eab4362bb2e%26credential_types%3DPastEmploymentPosition%26id%3DsecretId&inspectorDid=321123&providers=%5B%7B%22name%22%3A%22LinkedIn%22%2C%22logo%22%3A%22https%3A%2F%2Fupload.wikimedia.org%2Fwikipedia%2Fcommons%2Fa%2Faa%2FLinkedIn_2021.svg%22%2C%22category%22%3A%22Personal+Records%22%2C%22id%22%3A%22a9f1063c-06b7-476a-8410-9ff6e427e637%22%7D%2C%7B%22name%22%3A%22LinkedIn%22%2C%22logo%22%3A%22https%3A%2F%2Fupload.wikimedia.org%2Fwikipedia%2Fcommons%2Fa%2Faa%2FLinkedIn_2021.svg%22%2C%22category%22%3A%22Personal+Records%22%2C%22id%22%3A%22a9f1063c-06b7-476a-8410-9ff6e427e637%22%7D%5D';
+    expect(scriptTag.attr('data-deeplink')).toEqual(deeplink);
+    expect(scriptTag.attr('data-automode')).toEqual('');
+  });
+
+  it('should throw an error if claim.wizard and empty providers', async () => {
+    setupNock();
+    const url =
+      // eslint-disable-next-line max-len
+      'http%3A%2F%2Flocalhost.test%2Fapi%2Fholder%2Fv0.6%2Forg%2Fdid%3Aion%3A4131209321321323123e%2Fissue%2Fget-credential-manifest%3Fexchange_id%3D5f123eab4362bb2e%26credential_types%3DPastEmploymentPosition%26id%3DsecretId';
+    const response = await fastify.injectJson({
+      method: 'GET',
+      // eslint-disable-next-line max-len
+      url: `${appRedirectUrl}?request_uri=${url}&exchange_type=claim.wizard&inspectorDid=321123`,
+    });
+
+    expect(response.statusCode).toEqual(400);
+    expect(response.json.message).toEqual(
+      'providers parameter is required for exchange_type = "claim.wizard"'
+    );
+  });
 });