From f1f74877ba9e3d3d02c73fe746e5fb12a646322b Mon Sep 17 00:00:00 2001
From: vbasiuk <volodymyr.basiuck@gmail.com>
Date: Thu, 18 Jan 2024 19:45:50 +0200
Subject: [PATCH] pass resolveOptions

---
 verifiable/credential.go        | 15 ++++++++++++---
 verifiable/credential_status.go | 14 ++++++++++----
 verifiable/credential_test.go   |  6 +++---
 verifiable/status_direct.go     |  2 +-
 4 files changed, 26 insertions(+), 11 deletions(-)

diff --git a/verifiable/credential.go b/verifiable/credential.go
index 6468d2b..0067173 100644
--- a/verifiable/credential.go
+++ b/verifiable/credential.go
@@ -74,7 +74,16 @@ func (vc *W3CCredential) VerifyProof(proofType ProofType, didResolver DIDResolve
 			return err
 		}
 
-		return verifyBJJSignatureProof(proof, coreClaim, didResolver, verifyConfig)
+		var userDID *w3c.DID
+		credSubjID, ok := vc.CredentialSubject["id"]
+		if ok {
+			credSubjString := fmt.Sprintf("%v", credSubjID)
+			userDID, err = w3c.ParseDID(credSubjString)
+			if err != nil {
+				return err
+			}
+		}
+		return verifyBJJSignatureProof(proof, coreClaim, didResolver, userDID, verifyConfig)
 	case Iden3SparseMerkleTreeProofType:
 		var proof Iden3SparseMerkleTreeProof
 		err = json.Unmarshal(credProofBytes, &proof)
@@ -87,7 +96,7 @@ func (vc *W3CCredential) VerifyProof(proofType ProofType, didResolver DIDResolve
 	}
 }
 
-func verifyBJJSignatureProof(proof BJJSignatureProof2021, coreClaim *core.Claim, didResolver DIDResolver, verifyConfig W3CProofVerificationConfig) error {
+func verifyBJJSignatureProof(proof BJJSignatureProof2021, coreClaim *core.Claim, didResolver DIDResolver, userDID *w3c.DID, verifyConfig W3CProofVerificationConfig) error {
 	// issuer claim
 	authClaim := &core.Claim{}
 	err := authClaim.FromHex(proof.IssuerData.AuthCoreClaim)
@@ -161,7 +170,7 @@ func verifyBJJSignatureProof(proof BJJSignatureProof2021, coreClaim *core.Claim,
 		}
 	}
 
-	_, err = ValidateCredentialStatus(proof.IssuerData.CredentialStatus, coreClaim.GetRevocationNonce(), verifyConfig.StatusResolverRegistry)
+	_, err = ValidateCredentialStatus(proof.IssuerData.CredentialStatus, coreClaim.GetRevocationNonce(), verifyConfig.StatusResolverRegistry, issuerDID, userDID)
 	if err != nil {
 		return err
 	}
diff --git a/verifiable/credential_status.go b/verifiable/credential_status.go
index 123fccd..4518a51 100644
--- a/verifiable/credential_status.go
+++ b/verifiable/credential_status.go
@@ -6,13 +6,14 @@ import (
 	"fmt"
 	"math/big"
 
+	"github.com/iden3/go-iden3-core/v2/w3c"
 	"github.com/iden3/go-iden3-crypto/poseidon"
 	"github.com/iden3/go-merkletree-sql/v2"
 	"github.com/pkg/errors"
 )
 
-func ValidateCredentialStatus(credStatus any, revNonce uint64, credStatusResolverRegistry *CredentialStatusResolverRegistry) (RevocationStatus, error) {
-	revocationStatus, err := resolveRevStatus(credStatus, credStatusResolverRegistry)
+func ValidateCredentialStatus(credStatus any, revNonce uint64, credStatusResolverRegistry *CredentialStatusResolverRegistry, issuerDID, userDID *w3c.DID) (RevocationStatus, error) {
+	revocationStatus, err := resolveRevStatus(credStatus, credStatusResolverRegistry, issuerDID, userDID)
 	if err != nil {
 		return revocationStatus, err
 	}
@@ -45,7 +46,7 @@ func ValidateCredentialStatus(credStatus any, revNonce uint64, credStatusResolve
 	return revocationStatus, nil
 }
 
-func resolveRevStatus(status any, credStatusResolverRegistry *CredentialStatusResolverRegistry) (out RevocationStatus, err error) {
+func resolveRevStatus(status any, credStatusResolverRegistry *CredentialStatusResolverRegistry, issuerDID, userDID *w3c.DID) (out RevocationStatus, err error) {
 	var statusType CredentialStatusType
 	var credentialStatusTyped CredentialStatus
 
@@ -76,7 +77,12 @@ func resolveRevStatus(status any, credStatusResolverRegistry *CredentialStatusRe
 	if err != nil {
 		return out, err
 	}
-	return resolver.Resolve(context.Background(), credentialStatusTyped)
+
+	resolveOpts := CredentialStatusResolveOptions{
+		IssuerDID: issuerDID,
+		UserDID:   userDID,
+	}
+	return resolver.Resolve(context.Background(), credentialStatusTyped, &resolveOpts)
 }
 
 // marshal/unmarshal object from one type to other
diff --git a/verifiable/credential_test.go b/verifiable/credential_test.go
index f01c288..896b6c2 100644
--- a/verifiable/credential_test.go
+++ b/verifiable/credential_test.go
@@ -14,7 +14,7 @@ import (
 
 type test1Resolver struct{}
 
-func (test1Resolver) Resolve(context context.Context, status CredentialStatus) (out RevocationStatus, err error) {
+func (test1Resolver) Resolve(context context.Context, status CredentialStatus, opts *CredentialStatusResolveOptions) (out RevocationStatus, err error) {
 	statusJSON := `{"issuer":{"state":"34824a8e1defc326f935044e32e9f513377dbfc031d79475a0190830554d4409","rootOfRoots":"37eabc712cdaa64793561b16b8143f56f149ad1b0c35297a1b125c765d1c071e","claimsTreeRoot":"4436ea12d352ddb84d2ac7a27bbf7c9f1bfc7d3ff69f3e6cf4348f424317fd0b","revocationTreeRoot":"0000000000000000000000000000000000000000000000000000000000000000"},"mtp":{"existence":false,"siblings":[]}}`
 	var rs RevocationStatus
 	_ = json.Unmarshal([]byte(statusJSON), &rs)
@@ -105,7 +105,7 @@ func TestW3CCredential_ValidateBJJSignatureProof(t *testing.T) {
 
 type test2Resolver struct{}
 
-func (test2Resolver) Resolve(context context.Context, status CredentialStatus) (out RevocationStatus, err error) {
+func (test2Resolver) Resolve(context context.Context, status CredentialStatus, opts *CredentialStatusResolveOptions) (out RevocationStatus, err error) {
 	statusJSON := `{"issuer":{"state":"da6184809dbad90ccc52bb4dbfe2e8ff3f516d87c74d75bcc68a67101760b817","rootOfRoots":"0000000000000000000000000000000000000000000000000000000000000000","claimsTreeRoot":"aec50251fdc67959254c74ab4f2e746a7cd1c6f494c8ac028d655dfbccea430e","revocationTreeRoot":"0000000000000000000000000000000000000000000000000000000000000000"},"mtp":{"existence":false,"siblings":[]}}`
 	var rs RevocationStatus
 	_ = json.Unmarshal([]byte(statusJSON), &rs)
@@ -301,7 +301,7 @@ func TestW3CCredential_ValidateIden3SparseMerkleTreeProof(t *testing.T) {
 
 type test3Resolver struct{}
 
-func (test3Resolver) Resolve(context context.Context, status CredentialStatus) (out RevocationStatus, err error) {
+func (test3Resolver) Resolve(context context.Context, status CredentialStatus, opts *CredentialStatusResolveOptions) (out RevocationStatus, err error) {
 	statusJSON := `{"issuer":{"state":"96161f3fbbdd68c72bc430dae474e27b157586b33b9fbf4a3f07d75ce275570f","rootOfRoots":"eaa48e4a7d3fe2fabbd939c7df1048c3f647a9a7c9dfadaae836ec78ba673229","claimsTreeRoot":"d9597e2fef206c9821f2425e513a68c8c793bc93c9216fb883fedaaf72abf51c","revocationTreeRoot":"0000000000000000000000000000000000000000000000000000000000000000"},"mtp":{"existence":false,"siblings":[]}}`
 	var rs RevocationStatus
 	_ = json.Unmarshal([]byte(statusJSON), &rs)
diff --git a/verifiable/status_direct.go b/verifiable/status_direct.go
index 92f7888..0550d47 100644
--- a/verifiable/status_direct.go
+++ b/verifiable/status_direct.go
@@ -15,7 +15,7 @@ type IssuerResolver struct {
 
 const limitReaderBytes = 16 * 1024
 
-func (IssuerResolver) Resolve(context context.Context, credentialStatus CredentialStatus) (out RevocationStatus, err error) {
+func (IssuerResolver) Resolve(context context.Context, credentialStatus CredentialStatus, opts *CredentialStatusResolveOptions) (out RevocationStatus, err error) {
 	httpReq, err := http.NewRequestWithContext(context, http.MethodGet, credentialStatus.ID,
 		http.NoBody)
 	if err != nil {