diff --git a/src/controllers/api/accreditation.ts b/src/controllers/api/accreditation.ts index b8ca2d27..30cf865e 100644 --- a/src/controllers/api/accreditation.ts +++ b/src/controllers/api/accreditation.ts @@ -432,7 +432,7 @@ export class AccreditationController { if (result.success) { return response.status(StatusCodes.OK).json(result.data); } else { - return response.status(result.status).json({ verified: false, error: result.error }); + return response.status(result.status).json({ ...result.data, verified: false, error: result.error }); } } catch (error) { return response.status(StatusCodes.INTERNAL_SERVER_ERROR).json({ diff --git a/src/services/api/accreditation.ts b/src/services/api/accreditation.ts index 3ee6cf4d..3f5948a0 100644 --- a/src/services/api/accreditation.ts +++ b/src/services/api/accreditation.ts @@ -3,7 +3,7 @@ import type { SafeAPIResponse } from '../../types/common.js'; import { AccreditationSchemaType, DIDAccreditationTypes, VerfifiableAccreditation } from '../../types/accreditation.js'; import { isCredentialIssuerDidDeactivated } from '../helpers.js'; import { IdentityServiceStrategySetup } from '../identity/index.js'; -import type { VerificationPolicies } from '@veramo/core'; +import type { IVerifyResult, VerificationPolicies } from '@veramo/core'; import { CheqdW3CVerifiableCredential } from '../w3c-credential.js'; import { StatusCodes } from 'http-status-codes'; @@ -25,6 +25,8 @@ export class AccreditationService { let accreditationUrl = didUrl; let accreditedSubject = subjectDid; + let initialVerifyResult: IVerifyResult = { verified: false }; + while (true) { const res = await identityServiceStrategySetup.agent.resolve(accreditationUrl); @@ -34,7 +36,8 @@ export class AccreditationService { return { success: false, status: StatusCodes.NOT_FOUND, - error: `DID Url ${accreditationUrl} is not found`, + data: initialVerifyResult, + error: `Error on verifying accreditation ${accreditationUrl}: DID Url ${accreditationUrl} is not found`, }; } @@ -48,7 +51,8 @@ export class AccreditationService { return { success: false, status: StatusCodes.BAD_REQUEST, - error: `Issuer DID is deactivated`, + data: initialVerifyResult, + error: `Error on verifying accreditation ${accreditationUrl}: Issuer DID is deactivated`, }; } @@ -57,7 +61,8 @@ export class AccreditationService { return { success: false, status: StatusCodes.BAD_REQUEST, - error: `Accreditation mismatch: Expected accreditation to be linked to subject DID ${accreditedSubject}, but found it linked to DID ${accreditation.credentialSubject.id} instead.`, + data: initialVerifyResult, + error: `Error on verifying accreditation ${accreditationUrl}: Expected accreditation to be linked to subject DID ${accreditedSubject}, but found it linked to DID ${accreditation.credentialSubject.id} instead.`, }; } @@ -76,7 +81,8 @@ export class AccreditationService { return { success: false, status: StatusCodes.UNAUTHORIZED, - error: `Accreditation does not have the permissions for the given schema`, + data: initialVerifyResult, + error: `Error on verifying accreditation ${accreditationUrl}: Accreditation does not have the permissions for the given schema`, }; } @@ -89,11 +95,16 @@ export class AccreditationService { customer ); + if (!result) { + initialVerifyResult = { ...verifyResult, rootAuthorization }; + } + if (verifyResult.error) { return { success: false, status: StatusCodes.OK, - error: `verify: ${verifyResult.error.message}`, + data: initialVerifyResult, + error: `Error on verifying accreditation ${accreditationUrl}: ${verifyResult.error.message}`, }; } @@ -101,7 +112,8 @@ export class AccreditationService { return { success: false, status: StatusCodes.BAD_REQUEST, - error: `Invalid accreditation type`, + data: initialVerifyResult, + error: `Error on verifying accreditation ${accreditationUrl}: Invalid accreditation type`, }; } @@ -112,7 +124,8 @@ export class AccreditationService { return { success: false, status: StatusCodes.BAD_REQUEST, - error: `Invalid accreditation type`, + data: initialVerifyResult, + error: `Error on verifying accreditation ${accreditationUrl}: Invalid accreditation type`, }; } @@ -125,7 +138,8 @@ export class AccreditationService { return { success: false, status: StatusCodes.BAD_REQUEST, - error: `Missing parentAccreditaiton and rootAuthorization in termsOfUse for accreditation: ${accreditationUrl}`, + data: initialVerifyResult, + error: `Error on verifying accreditation ${accreditationUrl}: Missing parentAccreditaiton and rootAuthorization in termsOfUse for accreditation: ${accreditationUrl}`, }; } @@ -139,11 +153,9 @@ export class AccreditationService { if (rootAuthorization && rootAuthorization !== termsOfUse.rootAuthorization) { return { status: StatusCodes.OK, - success: true, - data: { - ...verifyResult, - verified: false, - }, + success: false, + data: initialVerifyResult, + error: `Error on verifying accreditation ${accreditationUrl}: Expected accreditation to be linked to root accreditation ${rootAuthorization}, but found it linked to DID ${termsOfUse.rootAuthorization} instead`, }; } @@ -152,9 +164,7 @@ export class AccreditationService { return { status: StatusCodes.OK, success: true, - data: { - ...verifyResult, - }, + data: initialVerifyResult, }; } } diff --git a/src/types/common.ts b/src/types/common.ts index d2b38d3d..f447be0b 100644 --- a/src/types/common.ts +++ b/src/types/common.ts @@ -8,6 +8,7 @@ export type APIErrorResponse = { success: false; status: number; error: Input; + data?: any; }; export type SafeAPIResponse = APISuccessResponse | APIErrorResponse; diff --git a/src/types/swagger-api-types.ts b/src/types/swagger-api-types.ts index 8287935d..c8ffe5fe 100644 --- a/src/types/swagger-api-types.ts +++ b/src/types/swagger-api-types.ts @@ -454,11 +454,6 @@ * documentPresence: Physical, * licenseNumber: 123AB4567 * } - * connector: - * type: string - * enum: - * - verida - * - resource * required: * - issuerDid * - subjectDid @@ -488,19 +483,23 @@ * type: string * example: did:cheqd:testnet:5efa5126-c070-420f-a9c2-d22ae6eefb92 * didUrl: - * description: Verifiable Accreditation to be verified as a VC-JWT string or a JSON object. + * description: DID Url of the Verifiable Accreditation to be verified as a VC-JWT string or a JSON object. * type: string * example: did:cheqd:testnet:7c2b990c-3d05-4ebf-91af-f4f4d0091d2e?resourceName=cheqd-issuer-logo&resourceType=CredentialArtwork * did: + * description: DID of the Verifiable Accreditation holder/subject * type: string * example: did:cheqd:testnet:7c2b990c-3d05-4ebf-91af-f4f4d0091d2e * resourceId: + * description: Unique resource identifier of the Verifiable Accreditation * type: string * example: 398cee0a-efac-4643-9f4c-74c48c72a14b * resourceName: + * description: Resource name of the Verifiable Accreditation * type: string * example: cheqd-issuer-logo * resourceType: + * description: Resource type of the Verifiable Accreditation * type: string * example: CredentialArtwork * schemas: @@ -530,19 +529,23 @@ * type: object * properties: * didUrl: - * description: Verifiable Accreditation to be verified as a VC-JWT string or a JSON object. + * description: DID Url of the Verifiable Accreditation to be verified as a VC-JWT string or a JSON object. * type: string * example: did:cheqd:testnet:7c2b990c-3d05-4ebf-91af-f4f4d0091d2e?resourceName=cheqd-issuer-logo&resourceType=CredentialArtwork * did: + * description: DID of the Verifiable Accreditation holder/subject * type: string * example: did:cheqd:testnet:7c2b990c-3d05-4ebf-91af-f4f4d0091d2e * resourceId: + * description: Unique resource identifier of the Verifiable Accreditation * type: string * example: 398cee0a-efac-4643-9f4c-74c48c72a14b * resourceName: + * description: Resource name of the Verifiable Accreditation * type: string * example: cheqd-issuer-logo * resourceType: + * description: Resource type of the Verifiable Accreditation * type: string * example: CredentialArtwork * symmetricKey: