feat: check expiry of VC while VP validate support added and test cas…

…es updated
cpomorska · Jul 13, 2023 · 3c1d965 · 3c1d965
1 parent f30c4d8
commit 3c1d965
Show file tree

Hide file tree

Showing 5 changed files with 37 additions and 34 deletions.
diff --git a/src/main/java/org/eclipse/tractusx/managedidentitywallets/constant/StringPool.java b/src/main/java/org/eclipse/tractusx/managedidentitywallets/constant/StringPool.java
@@ -36,6 +36,7 @@ public class StringPool {
     public static final String VALID = "valid";
     public static final String VALIDATE_AUDIENCE = "validateAudience";
     public static final String VALIDATE_EXPIRY_DATE = "validateExpiryDate";
+    public static final String VALIDATE_JWT_EXPIRY_DATE = "validateJWTExpiryDate";
     public static final String DID_DOCUMENT = "didDocument";
     public static final String VEHICLE_DISMANTLE = "vehicleDismantle";
     public static final String CREATED_AT = "createdAt";

diff --git a/src/main/java/org/eclipse/tractusx/managedidentitywallets/service/CommonService.java b/src/main/java/org/eclipse/tractusx/managedidentitywallets/service/CommonService.java
@@ -30,8 +30,12 @@
 import org.eclipse.tractusx.managedidentitywallets.utils.CommonUtils;
 import org.eclipse.tractusx.managedidentitywallets.utils.Validate;
 import org.eclipse.tractusx.ssi.lib.exception.DidParseException;
+import org.eclipse.tractusx.ssi.lib.model.verifiable.credential.VerifiableCredential;
 import org.springframework.stereotype.Service;
 
+import java.time.Instant;
+import java.util.Map;
+
 @Service
 @Slf4j
 @RequiredArgsConstructor
@@ -61,4 +65,19 @@ public Wallet getWalletByIdentifier(String identifier) {
         return wallet;
     }
 
+    public static boolean validateExpiry(boolean withCredentialExpiryDate, VerifiableCredential verifiableCredential, Map<String, Object> response) {
+        //validate expiry date
+        boolean dateValidation = true;
+        if (withCredentialExpiryDate) {
+            Instant expirationDate = verifiableCredential.getExpirationDate();
+            if (expirationDate.isBefore(Instant.now())) {
+                dateValidation = false;
+                response.put(StringPool.VALIDATE_EXPIRY_DATE, false);
+            } else {
+                response.put(StringPool.VALIDATE_EXPIRY_DATE, true);
+            }
+        }
+        return dateValidation;
+    }
+
 }
diff --git a/...in/java/org/eclipse/tractusx/managedidentitywallets/service/IssuersCredentialService.java b/...in/java/org/eclipse/tractusx/managedidentitywallets/service/IssuersCredentialService.java
@@ -450,29 +450,14 @@ public Map<String, Object> credentialsValidation(Map<String, Object> data, boole
         Map<String, Object> response = new HashMap<>();
 
         //check expiry
-        boolean dateValidation = validateExpiry(withCredentialExpiryDate, verifiableCredential, response);
+        boolean dateValidation = commonService.validateExpiry(withCredentialExpiryDate, verifiableCredential, response);
 
         response.put(StringPool.VALID, valid && dateValidation);
         response.put("vc", verifiableCredential);
 
         return response;
     }
 
-    private static boolean validateExpiry(boolean withCredentialExpiryDate, VerifiableCredential verifiableCredential, Map<String, Object> response) {
-        //validate expiry date
-        boolean dateValidation = true;
-        if (withCredentialExpiryDate) {
-            Instant expirationDate = verifiableCredential.getExpirationDate();
-            if (expirationDate.isBefore(Instant.now())) {
-                dateValidation = false;
-                response.put(StringPool.VALIDATE_EXPIRY_DATE, false);
-            } else {
-                response.put(StringPool.VALIDATE_EXPIRY_DATE, true);
-            }
-        }
-        return dateValidation;
-    }
-
 
     private void validateAccess(String callerBpn, Wallet issuerWallet) {
         //validate BPN access, VC must be issued by base wallet

diff --git a/src/main/java/org/eclipse/tractusx/managedidentitywallets/service/PresentationService.java b/src/main/java/org/eclipse/tractusx/managedidentitywallets/service/PresentationService.java
@@ -184,10 +184,12 @@ public Map<String, Object> validatePresentation(Map<String, Object> vp, boolean
             //validate audience
             boolean validateAudience = validateAudience(audience, signedJWT);
 
-            //validate date
-            boolean validateExpiryDate = validateExpiryDate(withCredentialExpiryDate, signedJWT);
+            //validate jwt date
+            boolean validateJWTExpiryDate = validateJWTExpiryDate(signedJWT);
+            response.put(StringPool.VALIDATE_JWT_EXPIRY_DATE, validateJWTExpiryDate);
 
             boolean validCredential = true;
+            boolean validateExpiryDate = true;
             try {
                 final ObjectMapper mapper = new ObjectMapper();
                 Map<String, Object> claims = mapper.readValue(signedJWT.getPayload().toBytes(), Map.class);
@@ -197,6 +199,7 @@ public Map<String, Object> validatePresentation(Map<String, Object> vp, boolean
                 VerifiablePresentation presentation = jsonLdSerializer.deserializePresentation(new SerializedVerifiablePresentation(vpClaim));
 
                 for (VerifiableCredential credential : presentation.getVerifiableCredentials()) {
+                    validateExpiryDate = commonService.validateExpiry(withCredentialExpiryDate, credential, response);
                     if (!validateCredential(credential)) {
                         validCredential = false;
                     }
@@ -205,15 +208,12 @@ public Map<String, Object> validatePresentation(Map<String, Object> vp, boolean
                 throw new BadDataException(String.format("Validation of VP in form of JSON-LD is not supported. Invalid Json-LD: %s", e.getMessage()));
             }
 
-            response.put(StringPool.VALID, (validateSignature && validateAudience && validateExpiryDate && validCredential));
+            response.put(StringPool.VALID, (validateSignature && validateAudience && validateExpiryDate && validCredential && validateJWTExpiryDate));
 
             if (StringUtils.hasText(audience)) {
                 response.put(StringPool.VALIDATE_AUDIENCE, validateAudience);
 
             }
-            if (withCredentialExpiryDate) {
-                response.put(StringPool.VALIDATE_EXPIRY_DATE, validateExpiryDate);
-            }
 
         } else {
             throw new BadDataException("Validation of VP in form of JSON-LD is not supported");
@@ -237,19 +237,14 @@ private boolean validateSignature(SignedJWT signedJWT) {
         }
     }
 
-    private boolean validateExpiryDate(boolean withCredentialExpiryDate, SignedJWT signedJWT) {
-        if (withCredentialExpiryDate) {
-            try {
-                SignedJwtValidator jwtValidator = new SignedJwtValidator();
-                jwtValidator.validateDate(signedJWT);
-                return true;
-            } catch (Exception e) {
-                log.error("Can not expiry date ", e);
-                return false;
-            }
-
-        } else {
+    private boolean validateJWTExpiryDate(SignedJWT signedJWT) {
+        try {
+            SignedJwtValidator jwtValidator = new SignedJwtValidator();
+            jwtValidator.validateDate(signedJWT);
             return true;
+        } catch (Exception e) {
+            log.error("Can not expiry date ", e);
+            return false;
         }
     }
 

diff --git a/src/test/java/org/eclipse/tractusx/managedidentitywallets/vp/PresentationTest.java b/src/test/java/org/eclipse/tractusx/managedidentitywallets/vp/PresentationTest.java
@@ -121,6 +121,7 @@ void validateVPAsJwt() throws JsonProcessingException, DidDocumentResolverNotReg
             Assertions.assertTrue(Boolean.parseBoolean(map.get(StringPool.VALID).toString()));
             Assertions.assertFalse(map.containsKey(StringPool.VALIDATE_AUDIENCE));
             Assertions.assertFalse(map.containsKey(StringPool.VALIDATE_EXPIRY_DATE));
+            Assertions.assertFalse(map.containsKey(StringPool.VALIDATE_JWT_EXPIRY_DATE));
         }
     }
 
@@ -149,6 +150,7 @@ void validateVPAsJwtWithInvalidSignatureAndInValidAudienceAndExpiryDateValidatio
             Assertions.assertFalse(Boolean.parseBoolean(map.get(StringPool.VALID).toString()));
             Assertions.assertFalse(Boolean.parseBoolean(map.get(StringPool.VALIDATE_AUDIENCE).toString()));
             Assertions.assertFalse(Boolean.parseBoolean(map.get(StringPool.VALIDATE_EXPIRY_DATE).toString()));
+            Assertions.assertFalse(Boolean.parseBoolean(map.get(StringPool.VALIDATE_JWT_EXPIRY_DATE).toString()));
 
         }
     }
@@ -176,6 +178,7 @@ void validateVPAsJwtWithValidAudienceAndDateValidation() throws JsonProcessingEx
             Assertions.assertTrue(Boolean.parseBoolean(map.get(StringPool.VALID).toString()));
             Assertions.assertTrue(Boolean.parseBoolean(map.get(StringPool.VALIDATE_AUDIENCE).toString()));
             Assertions.assertTrue(Boolean.parseBoolean(map.get(StringPool.VALIDATE_EXPIRY_DATE).toString()));
+            Assertions.assertTrue(Boolean.parseBoolean(map.get(StringPool.VALIDATE_JWT_EXPIRY_DATE).toString()));
 
         }
     }