diff --git a/auth/api/iam/api_mitzxnuts.go b/auth/api/iam/api_mitzxnuts.go index ee3941025d..d8f0c67b58 100644 --- a/auth/api/iam/api_mitzxnuts.go +++ b/auth/api/iam/api_mitzxnuts.go @@ -432,6 +432,28 @@ func (r Wrapper) SearchWallet(ctx context.Context, request SearchWalletRequestOb return response, nil } +func (r Wrapper) DeleteWalletCredential(ctx context.Context, request DeleteWalletCredentialRequestObject) (DeleteWalletCredentialResponseObject, error) { + holderDid, err := did.ParseDID(request.Did) + if err != nil { + return nil, err + } + list, err := r.vcr.Wallet().List(ctx, *holderDid) + if err != nil { + return nil, err + } + for i := range list { + resolvedVC := list[i] + if resolvedVC.ID.String() == request.Id { + err = r.vcr.Wallet().Delete(ctx, *holderDid, *resolvedVC.ID) + if err != nil { + return nil, err + } + continue + } + } + return nil, nil +} + func (r Wrapper) iamClient() iam.HTTPClient { return iam.NewHTTPClient(r.strictMode, r.httpClientTimeout, r.httpClientTLS) } diff --git a/auth/api/iam/generated.go b/auth/api/iam/generated.go index bcc3c9e5e1..f5187a3cde 100644 --- a/auth/api/iam/generated.go +++ b/auth/api/iam/generated.go @@ -251,6 +251,9 @@ type ServerInterface interface { // Helper method to search the wallet. // (GET /internal/auth/v2/{did}/wallet) SearchWallet(ctx echo.Context, did string) error + // Delete a specific credential in a wallet + // (DELETE /internal/auth/v2/{did}/wallet/{id}) + DeleteWalletCredential(ctx echo.Context, did string, id string) error } // ServerInterfaceWrapper converts echo contexts to parameters. @@ -539,6 +542,32 @@ func (w *ServerInterfaceWrapper) SearchWallet(ctx echo.Context) error { return err } +// DeleteWalletCredential converts echo context to params. +func (w *ServerInterfaceWrapper) DeleteWalletCredential(ctx echo.Context) error { + var err error + // ------------- Path parameter "did" ------------- + var did string + + err = runtime.BindStyledParameterWithLocation("simple", false, "did", runtime.ParamLocationPath, ctx.Param("did"), &did) + if err != nil { + return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("Invalid format for parameter did: %s", err)) + } + + // ------------- Path parameter "id" ------------- + var id string + + err = runtime.BindStyledParameterWithLocation("simple", false, "id", runtime.ParamLocationPath, ctx.Param("id"), &id) + if err != nil { + return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("Invalid format for parameter id: %s", err)) + } + + ctx.Set(JwtBearerAuthScopes, []string{}) + + // Invoke the callback with all the unmarshaled arguments + err = w.Handler.DeleteWalletCredential(ctx, did, id) + return err +} + // This is a simple interface which specifies echo.Route addition functions which // are present on both echo.Echo and echo.Group, since we want to allow using // either of them for path registration @@ -581,6 +610,7 @@ func RegisterHandlersWithBaseURL(router EchoRouter, si ServerInterface, baseURL router.POST(baseURL+"/internal/auth/v2/accesstoken/introspect", wrapper.IntrospectAccessToken) router.POST(baseURL+"/internal/auth/v2/:did/request-access-token", wrapper.RequestAccessToken) router.GET(baseURL+"/internal/auth/v2/:did/wallet", wrapper.SearchWallet) + router.DELETE(baseURL+"/internal/auth/v2/:did/wallet/:id", wrapper.DeleteWalletCredential) } @@ -1117,6 +1147,44 @@ func (response SearchWalletdefaultApplicationProblemPlusJSONResponse) VisitSearc return json.NewEncoder(w).Encode(response.Body) } +type DeleteWalletCredentialRequestObject struct { + Did string `json:"did"` + Id string `json:"id"` +} + +type DeleteWalletCredentialResponseObject interface { + VisitDeleteWalletCredentialResponse(w http.ResponseWriter) error +} + +type DeleteWalletCredential204Response struct { +} + +func (response DeleteWalletCredential204Response) VisitDeleteWalletCredentialResponse(w http.ResponseWriter) error { + w.WriteHeader(204) + return nil +} + +type DeleteWalletCredentialdefaultApplicationProblemPlusJSONResponse struct { + Body struct { + // Detail A human-readable explanation specific to this occurrence of the problem. + Detail string `json:"detail"` + + // Status HTTP statuscode + Status float32 `json:"status"` + + // Title A short, human-readable summary of the problem type. + Title string `json:"title"` + } + StatusCode int +} + +func (response DeleteWalletCredentialdefaultApplicationProblemPlusJSONResponse) VisitDeleteWalletCredentialResponse(w http.ResponseWriter) error { + w.Header().Set("Content-Type", "application/problem+json") + w.WriteHeader(response.StatusCode) + + return json.NewEncoder(w).Encode(response.Body) +} + // StrictServerInterface represents all server handlers. type StrictServerInterface interface { // Get the OAuth2 Authorization Server metadata @@ -1161,6 +1229,9 @@ type StrictServerInterface interface { // Helper method to search the wallet. // (GET /internal/auth/v2/{did}/wallet) SearchWallet(ctx context.Context, request SearchWalletRequestObject) (SearchWalletResponseObject, error) + // Delete a specific credential in a wallet + // (DELETE /internal/auth/v2/{did}/wallet/{id}) + DeleteWalletCredential(ctx context.Context, request DeleteWalletCredentialRequestObject) (DeleteWalletCredentialResponseObject, error) } type StrictHandlerFunc = strictecho.StrictEchoHandlerFunc @@ -1568,3 +1639,29 @@ func (sh *strictHandler) SearchWallet(ctx echo.Context, did string) error { } return nil } + +// DeleteWalletCredential operation middleware +func (sh *strictHandler) DeleteWalletCredential(ctx echo.Context, did string, id string) error { + var request DeleteWalletCredentialRequestObject + + request.Did = did + request.Id = id + + handler := func(ctx echo.Context, request interface{}) (interface{}, error) { + return sh.ssi.DeleteWalletCredential(ctx.Request().Context(), request.(DeleteWalletCredentialRequestObject)) + } + for _, middleware := range sh.middlewares { + handler = middleware(handler, "DeleteWalletCredential") + } + + response, err := handler(ctx, request) + + if err != nil { + return err + } else if validResponse, ok := response.(DeleteWalletCredentialResponseObject); ok { + return validResponse.VisitDeleteWalletCredentialResponse(ctx.Response()) + } else if response != nil { + return fmt.Errorf("unexpected response type: %T", response) + } + return nil +} diff --git a/docs/_static/auth/iam.yaml b/docs/_static/auth/iam.yaml index 4c0280cd15..816d6d4f99 100644 --- a/docs/_static/auth/iam.yaml +++ b/docs/_static/auth/iam.yaml @@ -613,6 +613,7 @@ paths: * 503 - the authorizer could not be reached or returned an error tags: - auth + - wallet parameters: - name: did in: path @@ -631,6 +632,39 @@ paths: description: The Verifiable Presentations that were used to request the access token using the same encoding as used in the access token request. default: $ref: '../common/error_response.yaml' + /internal/auth/v2/{did}/wallet/{id}: + delete: + summary: Delete a specific credential in a wallet + description: | + Removes the credential from the wallet. + + error returns: + * 404 - Corresponding credential could not be found + * 500 - An error occurred while processing the request + tags: + - auth + - wallet + parameters: + - name: did + in: path + required: true + description: The did of the owner. + schema: + type: string + example: did:web:example.com:55d7a35d-d7bf-436f-80f7-3fef4077f8a8 + - name: id + in: path + required: true + description: The id of the credential. + schema: + type: string + example: did:web:example.com:55d7a35d-d7bf-436f-80f7-3fef4077f8a8#dadas + operationId: deleteWalletCredential + responses: + "204": + description: Credential was successfully deleted + default: + $ref: '../common/error_response.yaml' /internal/auth/v2/accesstoken/introspect: post: operationId: introspectAccessToken