Merge pull request #154 from alan-turing-institute/153-fix-resolver

Fix trustchain resolver for HTTP and mobile (#153)

trustchain-api/src/api.rs

@@ -20,7 +20,7 @@ use trustchain_core::{
     vp::PresentationError,
 };
 use trustchain_ion::{
-    attest::attest_operation, attestor::IONAttestor, create::create_operation, get_ion_resolver,
+    attest::attest_operation, attestor::IONAttestor, create::create_operation, trustchain_resolver,
 };
 
 /// API for Trustchain CLI DID functionality.
@@ -146,7 +146,7 @@ pub trait TrustchainVPAPI {
         linked_data_proof_options: Option<LinkedDataProofOptions>,
         context_loader: &mut ContextLoader,
     ) -> Result<Presentation, PresentationError> {
-        let resolver = get_ion_resolver(endpoint);
+        let resolver = trustchain_resolver(endpoint);
         let attestor = IONAttestor::new(did);
         Ok(attestor
             .sign_presentation(
@@ -257,8 +257,8 @@ mod tests {
     use trustchain_core::vp::PresentationError;
     use trustchain_core::{holder::Holder, issuer::Issuer};
     use trustchain_ion::attestor::IONAttestor;
-    use trustchain_ion::get_ion_resolver;
-    use trustchain_ion::verifier::IONVerifier;
+    use trustchain_ion::trustchain_resolver;
+    use trustchain_ion::verifier::TrustchainVerifier;
 
     // The root event time of DID documents in `trustchain-ion/src/data.rs` used for unit tests and the test below.
     const ROOT_EVENT_TIME_1: u64 = 1666265405;
@@ -296,13 +296,13 @@ mod tests {
         let issuer_did = "did:ion:test:EiBVpjUxXeSRJpvj2TewlX9zNF3GKMCKWwGmKBZqF6pk_A"; // root+1
         let issuer = IONAttestor::new(issuer_did);
         let mut vc_with_proof = signed_credential(issuer).await;
-        let resolver = get_ion_resolver("http://localhost:3000/");
+        let resolver = trustchain_resolver("http://localhost:3000/");
         let mut context_loader = ContextLoader::default();
         let res = TrustchainAPI::verify_credential(
             &vc_with_proof,
             None,
             ROOT_EVENT_TIME_1,
-            &IONVerifier::new(resolver),
+            &TrustchainVerifier::new(resolver),
             &mut context_loader,
         )
         .await;
@@ -312,12 +312,12 @@ mod tests {
         vc_with_proof.expiration_date = Some(VCDateTime::try_from(now_ns()).unwrap());
 
         // Verify: expect no warnings and a signature error as VC has changed
-        let resolver = get_ion_resolver("http://localhost:3000/");
+        let resolver = trustchain_resolver("http://localhost:3000/");
         let res = TrustchainAPI::verify_credential(
             &vc_with_proof,
             None,
             ROOT_EVENT_TIME_1,
-            &IONVerifier::new(resolver),
+            &TrustchainVerifier::new(resolver),
             &mut context_loader,
         )
         .await;
@@ -339,7 +339,7 @@ mod tests {
         let holder = IONAttestor::new(holder_did);
 
         let vc_with_proof = signed_credential(issuer).await;
-        let resolver = get_ion_resolver("http://localhost:3000/");
+        let resolver = trustchain_resolver("http://localhost:3000/");
         let mut context_loader = ContextLoader::default();
 
         // let vc: Credential = serde_json::from_str(TEST_UNSIGNED_VC).unwrap();
@@ -396,7 +396,7 @@ mod tests {
             &presentation,
             None,
             ROOT_EVENT_TIME_1,
-            &IONVerifier::new(resolver),
+            &TrustchainVerifier::new(resolver),
             &mut context_loader,
         )
         .await;
@@ -413,7 +413,7 @@ mod tests {
         let issuer = IONAttestor::new(issuer_did);
 
         let vc_with_proof = signed_credential(issuer).await;
-        let resolver = get_ion_resolver("http://localhost:3000/");
+        let resolver = trustchain_resolver("http://localhost:3000/");
         let presentation = Presentation {
             verifiable_credential: Some(OneOrMany::Many(vec![CredentialOrJWT::Credential(
                 vc_with_proof,
@@ -427,7 +427,7 @@ mod tests {
                 &presentation,
                 None,
                 ROOT_EVENT_TIME_1,
-                &IONVerifier::new(resolver),
+                &TrustchainVerifier::new(resolver),
                 &mut ContextLoader::default()
             )
             .await,
@@ -437,7 +437,7 @@ mod tests {
 
     // Helper function to create a signed credential given an attesor.
     async fn signed_credential(attestor: IONAttestor) -> Credential {
-        let resolver = get_ion_resolver("http://localhost:3000/");
+        let resolver = trustchain_resolver("http://localhost:3000/");
         let vc: Credential = serde_json::from_str(TEST_UNSIGNED_VC).unwrap();
         attestor
             .sign(&vc, None, None, &resolver, &mut ContextLoader::default())

trustchain-cli/src/bin/main.rs

@@ -15,8 +15,8 @@ use trustchain_core::{vc::CredentialError, verifier::Verifier};
 use trustchain_ion::{
     attest::attest_operation,
     create::{create_operation, create_operation_mnemonic},
-    get_ion_resolver,
-    verifier::IONVerifier,
+    trustchain_resolver,
+    verifier::TrustchainVerifier,
 };
 
 fn cli() -> Command {
@@ -89,7 +89,7 @@ fn cli() -> Command {
 async fn main() -> Result<(), Box<dyn std::error::Error>> {
     let matches = cli().get_matches();
     let endpoint = cli_config().ion_endpoint.to_address();
-    let verifier = IONVerifier::new(get_ion_resolver(&endpoint));
+    let verifier = TrustchainVerifier::new(trustchain_resolver(&endpoint));
     let resolver = verifier.resolver();
     let mut context_loader = ContextLoader::default();
     match matches.subcommand() {
@@ -170,7 +170,7 @@ async fn main() -> Result<(), Box<dyn std::error::Error>> {
             }
         }
         Some(("vc", sub_matches)) => {
-            let verifier = IONVerifier::new(get_ion_resolver(&endpoint));
+            let verifier = TrustchainVerifier::new(trustchain_resolver(&endpoint));
             let resolver = verifier.resolver();
             match sub_matches.subcommand() {
                 Some(("sign", sub_matches)) => {

trustchain-ffi/src/mobile.rs

@@ -22,8 +22,8 @@ use trustchain_core::{
 };
 use trustchain_ion::{
     create::{mnemonic_to_create_and_keys, OperationDID},
-    get_ion_resolver,
-    verifier::IONVerifier,
+    trustchain_resolver_light_client,
+    verifier::TrustchainVerifier,
 };
 
 /// A speicfic error for FFI mobile making handling easier.
@@ -81,7 +81,8 @@ pub fn greet() -> String {
 pub fn did_resolve(did: String, opts: String) -> Result<String> {
     let mobile_opts: FFIConfig = opts.parse()?;
     let endpoint_opts = mobile_opts.endpoint()?;
-    let resolver = get_ion_resolver(&endpoint_opts.trustchain_endpoint().to_address());
+    let resolver =
+        trustchain_resolver_light_client(&endpoint_opts.trustchain_endpoint().to_address());
     let rt = Runtime::new().unwrap();
     rt.block_on(async {
         Ok(TrustchainAPI::resolve(&did, &resolver)
@@ -101,8 +102,8 @@ pub fn did_verify(did: String, opts: String) -> Result<String> {
     let root_event_time = trustchain_opts.root_event_time;
     let rt = Runtime::new().unwrap();
     rt.block_on(async {
-        let verifier = IONVerifier::with_endpoint(
-            get_ion_resolver(&endpoint_opts.trustchain_endpoint().to_address()),
+        let verifier = TrustchainVerifier::with_endpoint(
+            trustchain_resolver_light_client(&endpoint_opts.trustchain_endpoint().to_address()),
             endpoint_opts.trustchain_endpoint().to_address(),
         );
         Ok(TrustchainAPI::verify(&did, root_event_time, &verifier)
@@ -123,8 +124,8 @@ pub fn vc_verify_credential(credential: String, opts: String) -> Result<String>
     let credential: Credential = serde_json::from_str(&credential)?;
     let rt = Runtime::new().unwrap();
     rt.block_on(async {
-        let verifier = IONVerifier::with_endpoint(
-            get_ion_resolver(&endpoint_opts.trustchain_endpoint().to_address()),
+        let verifier = TrustchainVerifier::with_endpoint(
+            trustchain_resolver_light_client(&endpoint_opts.trustchain_endpoint().to_address()),
             endpoint_opts.trustchain_endpoint().to_address(),
         );
         let root_event_time = trustchain_opts.root_event_time;
@@ -172,7 +173,8 @@ pub fn vp_issue_presentation(
     let mut presentation: Presentation =
         serde_json::from_str(&presentation).map_err(FFIMobileError::FailedToDeserialize)?;
     let jwk: JWK = serde_json::from_str(&jwk_json)?;
-    let resolver = get_ion_resolver(&endpoint_opts.trustchain_endpoint().to_address());
+    let resolver =
+        trustchain_resolver_light_client(&endpoint_opts.trustchain_endpoint().to_address());
     let rt = Runtime::new().unwrap();
     let proof = rt
         .block_on(async {
@@ -205,8 +207,8 @@ pub fn vp_verify_presentation(presentation: String, opts: String) -> Result<()>
     // Verify presentation
     let rt = Runtime::new().unwrap();
     rt.block_on(async {
-        let verifier = IONVerifier::with_endpoint(
-            get_ion_resolver(&endpoint_opts.trustchain_endpoint().to_address()),
+        let verifier = TrustchainVerifier::with_endpoint(
+            trustchain_resolver_light_client(&endpoint_opts.trustchain_endpoint().to_address()),
             endpoint_opts.trustchain_endpoint().to_address(),
         );
         let root_event_time = trustchain_opts.root_event_time;

trustchain-http/src/issuer.rs

@@ -216,7 +216,7 @@ mod tests {
     };
     use std::{collections::HashMap, sync::Arc};
     use trustchain_core::{utils::canonicalize, verifier::Verifier};
-    use trustchain_ion::{get_ion_resolver, verifier::IONVerifier};
+    use trustchain_ion::{trustchain_resolver, verifier::TrustchainVerifier};
 
     lazy_static! {
         /// Lazy static reference to core configuration loaded from `trustchain_config.toml`.
@@ -329,7 +329,7 @@ mod tests {
         }
 
         // Test signature
-        let verifier = IONVerifier::new(get_ion_resolver("http://localhost:3000/"));
+        let verifier = TrustchainVerifier::new(trustchain_resolver("http://localhost:3000/"));
         let verify_credential_result = credential
             .verify(
                 None,

trustchain-http/src/state.rs

@@ -1,27 +1,33 @@
 use crate::root::RootCandidatesResult;
 use crate::{config::HTTPConfig, verifier::PresentationRequest};
 use chrono::NaiveDate;
+use did_ion::sidetree::HTTPSidetreeDIDResolver;
+use ssi::did_resolve::DIDResolver;
 use ssi::vc::Credential;
 use std::collections::HashMap;
 use std::sync::RwLock;
 use trustchain_core::TRUSTCHAIN_DATA;
-use trustchain_ion::resolver::Resolver;
-use trustchain_ion::{get_ion_resolver, verifier::IONVerifier, IONResolver};
+use trustchain_ion::ion::IONTest as ION;
+use trustchain_ion::trustchain_resolver;
+use trustchain_ion::verifier::TrustchainVerifier;
 
 const DEFAULT_VERIFIER_ENDPOINT: &str = "http://localhost:3000/";
 
 /// A shared app state for handlers.
-pub struct AppState {
+pub struct AppState<T = HTTPSidetreeDIDResolver<ION>>
+where
+    T: DIDResolver + Send + Sync,
+{
     pub config: HTTPConfig,
-    pub verifier: IONVerifier<IONResolver>,
+    pub verifier: TrustchainVerifier<T>,
     pub credentials: HashMap<String, Credential>,
     pub root_candidates: RwLock<HashMap<NaiveDate, RootCandidatesResult>>,
     pub presentation_requests: HashMap<String, PresentationRequest>,
 }
 
 impl AppState {
     pub fn new(config: HTTPConfig) -> Self {
-        let verifier = IONVerifier::new(Resolver::new(get_ion_resolver(DEFAULT_VERIFIER_ENDPOINT)));
+        let verifier = TrustchainVerifier::new(trustchain_resolver(DEFAULT_VERIFIER_ENDPOINT));
         let path = std::env::var(TRUSTCHAIN_DATA).expect("TRUSTCHAIN_DATA env not set.");
         let credentials: HashMap<String, Credential> = serde_json::from_reader(
             std::fs::read(std::path::Path::new(&path).join("credentials/offers/cache.json"))
@@ -51,7 +57,7 @@ impl AppState {
         credentials: HashMap<String, Credential>,
         presentation_requests: HashMap<String, PresentationRequest>,
     ) -> Self {
-        let verifier = IONVerifier::new(Resolver::new(get_ion_resolver(DEFAULT_VERIFIER_ENDPOINT)));
+        let verifier = TrustchainVerifier::new(trustchain_resolver(DEFAULT_VERIFIER_ENDPOINT));
         let root_candidates = RwLock::new(HashMap::new());
         Self {
             config,

trustchain-http/src/verifier.rs

@@ -18,7 +18,7 @@ use std::sync::Arc;
 use trustchain_api::api::TrustchainVPAPI;
 use trustchain_api::TrustchainAPI;
 use trustchain_core::verifier::{Timestamp, Verifier};
-use trustchain_ion::verifier::IONVerifier;
+use trustchain_ion::verifier::TrustchainVerifier;
 
 /// A type for presentation requests. See [VP request spec](https://w3c-ccg.github.io/vp-request-spec/)
 /// for further details.
@@ -32,7 +32,7 @@ pub trait TrustchainVerifierHTTP {
     async fn verify_presentation<T: DIDResolver + Send + Sync>(
         presentation: &Presentation,
         root_event_time: Timestamp,
-        verifier: &IONVerifier<T>,
+        verifier: &TrustchainVerifier<T>,
     ) -> Result<(), TrustchainHTTPError> {
         Ok(TrustchainAPI::verify_presentation(
             presentation,
@@ -48,7 +48,7 @@ pub trait TrustchainVerifierHTTP {
     async fn verify_credential<T: DIDResolver + Send + Sync>(
         credential: &Credential,
         root_event_time: Timestamp,
-        verifier: &IONVerifier<T>,
+        verifier: &TrustchainVerifier<T>,
     ) -> Result<(), TrustchainHTTPError> {
         let verify_credential_result = credential
             .verify(

trustchain-ion/src/attest.rs

@@ -13,7 +13,7 @@ use trustchain_core::utils::get_operations_path;
 use trustchain_core::TRUSTCHAIN_PROOF_SERVICE_ID_VALUE;
 
 use crate::controller::IONController;
-use crate::get_ion_resolver;
+use crate::trustchain_resolver;
 
 // Function to resolve a controlled DID, attest to its contents and perform an update
 // operation on the controlled DID to add the attestation proof within a service endpoint.
@@ -32,7 +32,7 @@ pub async fn attest_operation(
 
     // 1.2. Resolve controlled_did document with Trustchain resolver
     // Construct a Trustchain Resolver from a Sidetree (ION) DIDMethod.
-    let resolver = get_ion_resolver("http://localhost:3000/");
+    let resolver = trustchain_resolver("http://localhost:3000/");
 
     // Extract resolution items
     let (_, doc, doc_meta) = match resolver.resolve_as_result(controlled_did).await {

trustchain-ion/src/attestor.rs

@@ -227,7 +227,7 @@ impl Holder for IONAttestor {
 #[cfg(test)]
 mod tests {
     use super::*;
-    use crate::get_ion_resolver;
+    use crate::trustchain_resolver;
     use ssi::did::Document;
     use ssi::vc::CredentialOrJWT;
     use trustchain_core::data::{TEST_CREDENTIAL, TEST_SIGNING_KEYS, TEST_TRUSTCHAIN_DOCUMENT};
@@ -304,7 +304,7 @@ mod tests {
         init();
 
         // Resolver
-        let resolver = get_ion_resolver("http://localhost:3000/");
+        let resolver = trustchain_resolver("http://localhost:3000/");
 
         // Set-up keys and attestor
         let did = "did:example:test_attest_credential";
@@ -337,7 +337,7 @@ mod tests {
         let did = "did:ion:test:EiDMe2SFfJ_7eXVW7RF1ZHOkeu2M-Bre0ak2cXNBH0P-TQ";
 
         // Make resolver
-        let resolver = get_ion_resolver("http://localhost:3000/");
+        let resolver = trustchain_resolver("http://localhost:3000/");
 
         // 2. Load Attestor
         // Attestor
@@ -373,7 +373,7 @@ mod tests {
     #[tokio::test]
     async fn test_attest_presentation() {
         init();
-        let resolver = get_ion_resolver("http://localhost:3000/");
+        let resolver = trustchain_resolver("http://localhost:3000/");
         let issuer_did = "did:ion:test:EiBVpjUxXeSRJpvj2TewlX9zNF3GKMCKWwGmKBZqF6pk_A"; // root+1
         let holder_did = "did:ion:test:EiAtHHKFJWAk5AsM3tgCut3OiBY4ekHTf66AAjoysXL65Q"; // root+2
         let issuer = IONAttestor::new(issuer_did);