chore: add CreateDisplayCredentialBytes

hyperledger-archives · May 9, 2023 · 7b82144 · 7b82144
1 parent 4b06af1
commit 7b82144
Show file tree

Hide file tree

Showing 2 changed files with 65 additions and 0 deletions.
diff --git a/pkg/doc/verifiable/credential_sdjwt.go b/pkg/doc/verifiable/credential_sdjwt.go
@@ -389,6 +389,56 @@ func (vc *Credential) CreateDisplayCredential( // nolint:funlen,gocyclo
 	return newVC, nil
 }
 
+// CreateDisplayCredentialBytes creates, for SD-JWT credentials, a Credential whose selective-disclosure subject fields
+// are replaced with the disclosure data.
+//
+// Options may be provided to filter the disclosures that will be included in the display credential. If a disclosure is
+// not included, the associated claim will not be present in the returned credential.
+//
+// If the calling Credential is not an SD-JWT credential, this method returns the credential itself.
+func (vc *Credential) CreateDisplayCredentialBytes( // nolint:funlen,gocyclo
+	opts ...DisplayCredentialOption,
+) ([]byte, error) {
+	options := &displayCredOpts{}
+
+	for _, opt := range opts {
+		opt(options)
+	}
+
+	if options.displayAll && len(options.displayGiven) > 0 {
+		return nil, fmt.Errorf("incompatible options provided")
+	}
+
+	if vc.SDJWTHashAlg == "" || vc.JWT == "" {
+		return vc.MarshalJSON()
+	}
+
+	credClaims, err := unmarshalJWSClaims(vc.JWT, false, nil)
+	if err != nil {
+		return nil, fmt.Errorf("unmarshal VC JWT claims: %w", err)
+	}
+
+	credClaims.refineFromJWTClaims()
+
+	useDisclosures := filterDisclosureList(vc.SDJWTDisclosures, options)
+
+	newVCObj, err := common.GetDisclosedClaims(useDisclosures, credClaims.VC)
+	if err != nil {
+		return nil, fmt.Errorf("assembling disclosed claims into vc: %w", err)
+	}
+
+	if subj, ok := newVCObj["credentialSubject"].(map[string]interface{}); ok {
+		clearEmpty(subj)
+	}
+
+	vcBytes, err := json.Marshal(&newVCObj)
+	if err != nil {
+		return nil, fmt.Errorf("marshalling vc object to JSON: %w", err)
+	}
+
+	return vcBytes, nil
+}
+
 func filterDisclosureList(disclosures []*common.DisclosureClaim, options *displayCredOpts) []*common.DisclosureClaim {
 	if options.displayAll {
 		return disclosures

diff --git a/pkg/doc/verifiable/credential_sdjwt_test.go b/pkg/doc/verifiable/credential_sdjwt_test.go
@@ -379,6 +379,21 @@ func TestCreateDisplayCredential(t *testing.T) {
 			require.Equal(t, expectedFields, subj[0].CustomFields)
 		})
 
+		t.Run("not a SD-JWT credential bytes", func(t *testing.T) {
+			vc2, err := parseTestCredential(t, []byte(jwtTestCredential))
+			require.NoError(t, err)
+
+			displayVC, err := vc2.CreateDisplayCredentialBytes(DisplayAllDisclosures())
+			require.NoError(t, err)
+			require.NotEmpty(t, displayVC)
+		})
+
+		t.Run("display all claims bytes", func(t *testing.T) {
+			displayVC, err := vc.CreateDisplayCredentialBytes(DisplayAllDisclosures())
+			require.NoError(t, err)
+			require.NotEmpty(t, displayVC)
+		})
+
 		t.Run("display no claims", func(t *testing.T) {
 			displayVC, err := vc.CreateDisplayCredential()
 			require.NoError(t, err)