Merge branch 'main' into feature/atl-5415-fail-securely-cors-settings

.github/workflows/release-clients.yml

@@ -24,7 +24,7 @@ jobs:
         with:
           node-version: "lts/*"
           registry-url: https://npm.pkg.github.com/
-          scope: "@input-output-hk"
+          scope: "@hyperledger-labs"
 
       - name: Setup Python
         uses: actions/setup-python@v4

CHANGELOG.md

@@ -1,3 +1,23 @@
+# [1.17.0](https://github.com/hyperledger-labs/open-enterprise-agent/compare/prism-agent-v1.16.4...prism-agent-v1.17.0) (2023-10-14)
+
+
+### Bug Fixes
+
+* change repository and name for rest api clients ([#745](https://github.com/hyperledger-labs/open-enterprise-agent/issues/745)) ([0f84e28](https://github.com/hyperledger-labs/open-enterprise-agent/commit/0f84e28c3f2800c1d73353e40620a840fbb6b93a))
+* improve performance for background jobs in multitenancy mode ([#749](https://github.com/hyperledger-labs/open-enterprise-agent/issues/749)) ([17def3f](https://github.com/hyperledger-labs/open-enterprise-agent/commit/17def3f67c1eb687560aee844aba6ff2a0bd4137))
+* **prism-agent:** agent should read DIDComm port from config ([#757](https://github.com/hyperledger-labs/open-enterprise-agent/issues/757)) ([cda908c](https://github.com/hyperledger-labs/open-enterprise-agent/commit/cda908c87cee562e6c044aa405aa82bd510cc74e))
+* **prism-agent:** configure APISIX to return CORS headers from Prism Agent endpoints ([#746](https://github.com/hyperledger-labs/open-enterprise-agent/issues/746)) ([a579aa9](https://github.com/hyperledger-labs/open-enterprise-agent/commit/a579aa95ea5c0c4950cb64b8b9adb1f56bb87eb2))
+* **prism-agent:** fix docker env variables interpolation issue ([#751](https://github.com/hyperledger-labs/open-enterprise-agent/issues/751)) ([110eb2d](https://github.com/hyperledger-labs/open-enterprise-agent/commit/110eb2df9590412b35997152d526c599edb8e7af))
+* **prism-agent:** return relevant errors on offer creation ([#754](https://github.com/hyperledger-labs/open-enterprise-agent/issues/754)) ([d36533f](https://github.com/hyperledger-labs/open-enterprise-agent/commit/d36533fe538812c9e3647bcc2383700173e4b1b7))
+* prohibit tenants to use equal or revoked api keys ([#742](https://github.com/hyperledger-labs/open-enterprise-agent/issues/742)) ([4b10c3a](https://github.com/hyperledger-labs/open-enterprise-agent/commit/4b10c3af931722a683bf55062297c3dfa1e38046))
+* upgrade vault and quill versions ([#739](https://github.com/hyperledger-labs/open-enterprise-agent/issues/739)) ([c140857](https://github.com/hyperledger-labs/open-enterprise-agent/commit/c140857df97d56ab750ec186962e5fe2bb6a6717))
+
+
+### Features
+
+* **prism-agent:** check issuing DID validity when creating a VC offer + return 'metaRetries' ([#740](https://github.com/hyperledger-labs/open-enterprise-agent/issues/740)) ([f2e2fd3](https://github.com/hyperledger-labs/open-enterprise-agent/commit/f2e2fd3d0397422be40b11644f8b84ddd3c6985f))
+* **prism-agent:** implement AnonCreds issuance flow ([#693](https://github.com/hyperledger-labs/open-enterprise-agent/issues/693)) ([9165a6f](https://github.com/hyperledger-labs/open-enterprise-agent/commit/9165a6f8fc0a11bd6c19b0bfd4dd4217ea3194d9))
+
 ## [1.16.4](https://github.com/hyperledger-labs/open-enterprise-agent/compare/prism-agent-v1.16.3...prism-agent-v1.16.4) (2023-09-29)
 
 

build.sbt

@@ -1,5 +1,5 @@
-import sbtbuildinfo.BuildInfoPlugin.autoImport.*
 import org.scoverage.coveralls.Imports.CoverallsKeys.*
+import sbtbuildinfo.BuildInfoPlugin.autoImport.*
 
 inThisBuild(
   Seq(
@@ -302,6 +302,10 @@ lazy val D_EventNotification = new {
   val baseDependencies: Seq[ModuleID] = zioDependencies
 }
 
+lazy val D_Pollux_AnonCreds = new {
+  val baseDependencies: Seq[ModuleID] = Seq(D.zio, D.zioJson)
+}
+
 lazy val D_PrismAgent = new {
 
   // Added here to make prism-crypto works.
@@ -508,6 +512,11 @@ lazy val protocolPresentProof = project
   .settings(libraryDependencies += D.munitZio)
   .dependsOn(models)
 
+lazy val vc = project
+  .in(file("mercury/mercury-library/vc"))
+  .settings(name := "mercury-verifiable-credentials")
+  .dependsOn(protocolIssueCredential, protocolPresentProof) //TODO merge those two modules into this one
+
 lazy val protocolTrustPing = project
   .in(file("mercury/mercury-library/protocol-trust-ping"))
   .settings(name := "mercury-protocol-trust-ping")
@@ -554,6 +563,7 @@ lazy val agent = project // maybe merge into models
     protocolLogin,
     protocolIssueCredential,
     protocolPresentProof,
+    vc,
     protocolConnection,
     protocolReportProblem,
     protocolTrustPing,
@@ -664,7 +674,7 @@ lazy val polluxCore = project
   .dependsOn(irisClient)
   .dependsOn(prismAgentWalletAPI)
   .dependsOn(polluxVcJWT)
-  .dependsOn(protocolIssueCredential, protocolPresentProof, resolver, agentDidcommx, eventNotification, polluxAnoncreds)
+  .dependsOn(vc, resolver, agentDidcommx, eventNotification, polluxAnoncreds)
 
 lazy val polluxDoobie = project
   .in(file("pollux/lib/sql-doobie"))
@@ -687,20 +697,16 @@ lazy val polluxAnoncreds = project
   .enablePlugins(JavaAppPackaging)
   .settings(
     name := "pollux-anoncreds",
-    Compile / unmanagedJars += baseDirectory.value / "anoncreds-java-1.0-SNAPSHOT.jar",
+    Compile / unmanagedJars += baseDirectory.value / "anoncreds-jvm-1.0-SNAPSHOT.jar",
     Compile / unmanagedResourceDirectories ++= Seq(
       baseDirectory.value / "native-lib" / "NATIVE"
     ),
+    libraryDependencies ++= D_Pollux_AnonCreds.baseDependencies
   )
 
 lazy val polluxAnoncredsTest = project
   .in(file("pollux/lib/anoncredsTest"))
-  .settings(
-    libraryDependencies ++= Seq(
-      "org.scalatest" %% "scalatest" % "3.2.15" % Test,
-      ("me.vican.jorge" %% "dijon" % "0.6.0" % Test).cross(CrossVersion.for3Use2_13)
-    ),
-  )
+  .settings(libraryDependencies ++= Seq("org.scalatest" %% "scalatest" % "3.2.15" % Test))
   .dependsOn(polluxAnoncreds % "compile->test")
 
 // #####################
@@ -752,7 +758,9 @@ lazy val prismAgentWalletAPI = project
   .settings(prismAgentConnectCommonSettings)
   .settings(
     name := "prism-agent-wallet-api",
-    libraryDependencies ++= D_PrismAgent.keyManagementDependencies ++ D_PrismAgent.postgresDependencies ++ Seq(D.zioMock)
+    libraryDependencies ++= D_PrismAgent.keyManagementDependencies ++ D_PrismAgent.postgresDependencies ++ Seq(
+      D.zioMock
+    )
   )
   .dependsOn(
     agentDidcommx,
@@ -818,6 +826,7 @@ lazy val aggregatedProjects: Seq[ProjectReference] = Seq(
   protocolRouting,
   protocolIssueCredential,
   protocolPresentProof,
+  vc,
   protocolTrustPing,
   resolver,
   agent,
@@ -828,7 +837,7 @@ lazy val aggregatedProjects: Seq[ProjectReference] = Seq(
   polluxCore,
   polluxDoobie,
   polluxAnoncreds,
-  // polluxAnoncredsTest, REMOVE THIS FOR NOW
+  polluxAnoncredsTest,
   connectCore,
   connectDoobie,
   prismAgentWalletAPI,

connect/lib/core/src/main/scala/io/iohk/atala/connect/core/repository/ConnectionRepository.scala

@@ -5,7 +5,7 @@ import io.iohk.atala.connect.core.model.ConnectionRecord.ProtocolState
 import io.iohk.atala.mercury.protocol.connection.*
 import io.iohk.atala.shared.models.WalletAccessContext
 import zio.RIO
-
+import zio.Task
 import java.util.UUID
 
 trait ConnectionRepository {
@@ -19,6 +19,12 @@ trait ConnectionRepository {
       states: ConnectionRecord.ProtocolState*
   ): RIO[WalletAccessContext, Seq[ConnectionRecord]]
 
+  def getConnectionRecordsByStatesForAllWallets(
+      ignoreWithZeroRetries: Boolean,
+      limit: Int,
+      states: ConnectionRecord.ProtocolState*
+  ): Task[Seq[ConnectionRecord]]
+
   def getConnectionRecord(recordId: UUID): RIO[WalletAccessContext, Option[ConnectionRecord]]
 
   def deleteConnectionRecord(recordId: UUID): RIO[WalletAccessContext, Int]
@@ -50,4 +56,5 @@ trait ConnectionRepository {
       recordId: UUID,
       failReason: Option[String],
   ): RIO[WalletAccessContext, Int]
+
 }

connect/lib/core/src/main/scala/io/iohk/atala/connect/core/repository/ConnectionRepositoryInMemory.scala

@@ -155,6 +155,30 @@ class ConnectionRepositoryInMemory(walletRefs: Ref[Map[WalletId, Ref[Map[UUID, C
       .getOrElse(ZIO.succeed(0))
   } yield count
 
+  def updateAfterFailForAllWallets(
+      recordId: UUID,
+      failReason: Option[String],
+  ): Task[Int] = walletRefs.get.flatMap { wallets =>
+    ZIO.foldLeft(wallets.values)(0) { (acc, walletRef) =>
+      for {
+        records <- walletRef.get
+        count <- records.get(recordId) match {
+          case Some(record) =>
+            walletRef.update { r =>
+              r.updated(
+                recordId,
+                record.copy(
+                  metaRetries = record.metaRetries - 1,
+                  metaLastFailure = failReason
+                )
+              )
+            } *> ZIO.succeed(1) // Record updated, count as 1 update
+          case None => ZIO.succeed(0) // No record updated
+        }
+      } yield acc + count
+    }
+  }
+
   override def getConnectionRecordByThreadId(thid: String): RIO[WalletAccessContext, Option[ConnectionRecord]] = {
     for {
       storeRef <- walletStoreRef
@@ -183,6 +207,27 @@ class ConnectionRepositoryInMemory(walletRefs: Ref[Map[WalletId, Ref[Map[UUID, C
       .toSeq
   }
 
+  override def getConnectionRecordsByStatesForAllWallets(
+      ignoreWithZeroRetries: Boolean,
+      limit: Int,
+      states: ConnectionRecord.ProtocolState*
+  ): Task[Seq[ConnectionRecord]] = {
+
+    for {
+      refs <- walletRefs.get
+      stores <- ZIO.foreach(refs.values.toList)(_.get)
+    } yield {
+      stores
+        .flatMap(_.values)
+        .filter { rec =>
+          (!ignoreWithZeroRetries || rec.metaRetries > 0) &&
+          states.contains(rec.protocolState)
+        }
+        .take(limit)
+        .toSeq
+    }
+  }
+
   override def createConnectionRecord(record: ConnectionRecord): RIO[WalletAccessContext, Int] = {
     for {
       _ <- for {

connect/lib/core/src/main/scala/io/iohk/atala/connect/core/service/ConnectionService.scala

@@ -53,6 +53,12 @@ trait ConnectionService {
       states: ConnectionRecord.ProtocolState*
   ): ZIO[WalletAccessContext, ConnectionServiceError, Seq[ConnectionRecord]]
 
+  def getConnectionRecordsByStatesForAllWallets(
+      ignoreWithZeroRetries: Boolean,
+      limit: Int,
+      states: ConnectionRecord.ProtocolState*
+  ): IO[ConnectionServiceError, Seq[ConnectionRecord]]
+
   def getConnectionRecord(recordId: UUID): ZIO[WalletAccessContext, ConnectionServiceError, Option[ConnectionRecord]]
 
   def getConnectionRecordByThreadId(
@@ -65,5 +71,4 @@ trait ConnectionService {
       recordId: UUID,
       failReason: Option[String]
   ): ZIO[WalletAccessContext, ConnectionServiceError, Unit]
-
 }

connect/lib/core/src/main/scala/io/iohk/atala/connect/core/service/ConnectionServiceImpl.scala

@@ -74,6 +74,18 @@ private class ConnectionServiceImpl(
     } yield records
   }
 
+  override def getConnectionRecordsByStatesForAllWallets(
+      ignoreWithZeroRetries: Boolean,
+      limit: Int,
+      states: ProtocolState*
+  ): IO[ConnectionServiceError, Seq[ConnectionRecord]] = {
+    for {
+      records <- connectionRepository
+        .getConnectionRecordsByStatesForAllWallets(ignoreWithZeroRetries, limit, states: _*)
+        .mapError(RepositoryError.apply)
+    } yield records
+  }
+
   override def getConnectionRecord(
       recordId: UUID
   ): ZIO[WalletAccessContext, ConnectionServiceError, Option[ConnectionRecord]] = {

connect/lib/core/src/main/scala/io/iohk/atala/connect/core/service/ConnectionServiceNotifier.scala

@@ -7,7 +7,7 @@ import io.iohk.atala.mercury.model.DidId
 import io.iohk.atala.mercury.protocol.connection.{ConnectionRequest, ConnectionResponse}
 import io.iohk.atala.shared.models.WalletAccessContext
 import zio.{URLayer, ZIO, ZLayer}
-
+import zio.IO
 import java.time.Duration
 import java.util.UUID
 
@@ -109,6 +109,13 @@ class ConnectionServiceNotifier(
       states: ConnectionRecord.ProtocolState*
   ): ZIO[WalletAccessContext, ConnectionServiceError, Seq[ConnectionRecord]] =
     svc.getConnectionRecordsByStates(ignoreWithZeroRetries, limit, states: _*)
+
+  override def getConnectionRecordsByStatesForAllWallets(
+      ignoreWithZeroRetries: Boolean,
+      limit: Int,
+      states: ConnectionRecord.ProtocolState*
+  ): IO[ConnectionServiceError, Seq[ConnectionRecord]] =
+    svc.getConnectionRecordsByStatesForAllWallets(ignoreWithZeroRetries, limit, states: _*)
 }
 
 object ConnectionServiceNotifier {

connect/lib/core/src/main/scala/io/iohk/atala/connect/core/service/MockConnectionService.scala

@@ -73,6 +73,12 @@ object MockConnectionService extends Mock[ConnectionService] {
           states: ConnectionRecord.ProtocolState*
       ): IO[ConnectionServiceError, Seq[ConnectionRecord]] = ???
 
+      override def getConnectionRecordsByStatesForAllWallets(
+          ignoreWithZeroRetries: Boolean,
+          limit: Int,
+          states: ConnectionRecord.ProtocolState*
+      ): IO[ConnectionServiceError, Seq[ConnectionRecord]] = ???
+
       override def getConnectionRecord(recordId: UUID): IO[ConnectionServiceError, Option[ConnectionRecord]] = ???
 
       override def getConnectionRecordByThreadId(thid: String): IO[ConnectionServiceError, Option[ConnectionRecord]] =

connect/lib/core/src/test/scala/io/iohk/atala/connect/core/repository/ConnectionRepositorySpecSuite.scala

@@ -19,7 +19,7 @@ object ConnectionRepositorySpecSuite {
 
   private def connectionRecord = ConnectionRecord(
     UUID.randomUUID,
-    Instant.ofEpochSecond(Instant.now.getEpochSecond),
+    Instant.now,
     None,
     UUID.randomUUID().toString,
     None,
@@ -395,6 +395,46 @@ object ConnectionRepositorySpecSuite {
         wallet1Record <- repo.getConnectionRecord(record.id).provide(wac1)
         wallet2Record <- repo.getConnectionRecord(record.id).provide(wac2)
       } yield assertTrue(wallet1Record.isDefined) && assertTrue(wallet2Record.isEmpty)
-    }
+    },
+    test("getConnectionRecordsByStatesForAllWallets returns correct records for all wallets") {
+      val walletId1 = WalletId.random
+      val walletId2 = WalletId.random
+      for {
+        repo <- ZIO.service[ConnectionRepository]
+
+        wac1 = ZLayer.succeed(WalletAccessContext(walletId1))
+        wac2 = ZLayer.succeed(WalletAccessContext(walletId2))
+        aRecordWallet1 = connectionRecord
+        bRecordWallet2 = connectionRecord
+        _ <- repo.createConnectionRecord(aRecordWallet1).provide(wac1)
+        _ <- repo.createConnectionRecord(bRecordWallet2).provide(wac2)
+        _ <- repo
+          .updateConnectionProtocolState(
+            aRecordWallet1.id,
+            ProtocolState.InvitationGenerated,
+            ProtocolState.ConnectionRequestReceived,
+            1
+          )
+          .provide(wac1)
+        _ <- repo
+          .updateConnectionProtocolState(
+            bRecordWallet2.id,
+            ProtocolState.InvitationGenerated,
+            ProtocolState.ConnectionResponsePending,
+            1
+          )
+          .provide(wac2)
+        allWalletRecords <- repo.getConnectionRecordsByStatesForAllWallets(
+          ignoreWithZeroRetries = true,
+          limit = 10,
+          ProtocolState.ConnectionRequestReceived,
+          ProtocolState.ConnectionResponsePending
+        )
+      } yield {
+        assertTrue(allWalletRecords.size == 2) &&
+        assertTrue(allWalletRecords.exists(_.id == aRecordWallet1.id)) &&
+        assertTrue(allWalletRecords.exists(_.id == bRecordWallet2.id))
+      }
+    },
   )
 }