Merge pull request #14 from smartSenseSolutions/fix/duplicate-framewo…

…rk-credential

fix(IssueCredentialService): check if requested framework credential already exists

src/main/java/org/eclipse/tractusx/managedidentitywallets/service/IssuersCredentialService.java

@@ -1,6 +1,6 @@
 /*
  * *******************************************************************************
- *  Copyright (c) 2021,2023 Contributors to the Eclipse Foundation
+ *  Copyright (c) 2021,2024 Contributors to the Eclipse Foundation
  *
  *  See the NOTICE file(s) distributed with this work for additional
  *  information regarding copyright ownership.
@@ -56,7 +56,6 @@
 import org.eclipse.tractusx.ssi.lib.model.verifiable.credential.VerifiableCredentialSubject;
 import org.eclipse.tractusx.ssi.lib.model.verifiable.credential.VerifiableCredentialType;
 import org.eclipse.tractusx.ssi.lib.proof.LinkedDataProofValidation;
-import org.eclipse.tractusx.ssi.lib.proof.SignatureType;
 import org.springframework.data.domain.Page;
 import org.springframework.data.domain.PageImpl;
 import org.springframework.stereotype.Service;
@@ -68,7 +67,12 @@
 
 import java.net.http.HttpClient;
 import java.time.Instant;
-import java.util.*;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.Date;
+import java.util.List;
+import java.util.Map;
+import java.util.TreeMap;
 
 /**
  * The type Issuers credential service.
@@ -232,6 +236,10 @@ public VerifiableCredential issueFrameworkCredential(IssueFrameworkCredentialReq
         Wallet baseWallet = commonService.getWalletByIdentifier(miwSettings.authorityWalletBpn());
 
         validateAccess(callerBPN, baseWallet);
+
+        //check duplicate
+        doesFrameworkCredentialExist(holderWallet.getDid(), baseWallet.getDid(), request.getType());
+
         // get Key
         byte[] privateKeyBytes = walletKeyService.getPrivateKeyByWalletIdentifierAsBytes(baseWallet.getId());
 
@@ -459,6 +467,29 @@ private void isCredentialExit(String holderDid, String credentialType) {
         Validate.isTrue(holdersCredentialRepository.existsByHolderDidAndType(holderDid, credentialType)).launch(new DuplicateCredentialProblem("Credential of type " + credentialType + " is already exists "));
     }
 
+    /**
+     * Check if UseCaseFrameworkCredential of given type already exists for holder
+     *
+     * @param holderDid             holder's DID
+     * @param issuerDid             issuer's DID
+     * @param credentialSubjectType UseCaseFrameworkCredential type
+     */
+    private void doesFrameworkCredentialExist(String holderDid, String issuerDid, String credentialSubjectType) {
+        List<HoldersCredential> holdersCredentialList = holdersCredentialRepository.getByHolderDidAndIssuerDidAndTypeAndStored(holderDid, issuerDid, MIWVerifiableCredentialType.USE_CASE_FRAMEWORK_CONDITION, false);
+
+        if (CollectionUtils.isEmpty(holdersCredentialList)) {
+            return;
+        }
+
+        VerifiableCredentialSubject vcByCredentialSubjectType = holdersCredentialList.stream()
+                .flatMap(credential -> credential.getData().getCredentialSubject().stream())
+                .filter(credentialSubject -> credentialSubject.getOrDefault(StringPool.TYPE, "").equals(credentialSubjectType))
+                .findAny()
+                .orElse(null);
+
+        Validate.isNotNull(vcByCredentialSubjectType).launch(new DuplicateCredentialProblem("Credential of type " + credentialSubjectType + " already exists"));
+    }
+
     private boolean isSelfIssued(String holderBpn) {
         return holderBpn.equals(miwSettings.authorityWalletBpn());
     }

src/test/java/org/eclipse/tractusx/managedidentitywallets/vc/FrameworkHoldersCredentialTest.java

@@ -1,6 +1,6 @@
 /*
  * *******************************************************************************
- *  Copyright (c) 2021,2023 Contributors to the Eclipse Foundation
+ *  Copyright (c) 2021,2024 Contributors to the Eclipse Foundation
  *
  *  See the NOTICE file(s) distributed with this work for additional
  *  information regarding copyright ownership.
@@ -50,15 +50,19 @@
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.context.SpringBootTest;
 import org.springframework.boot.test.web.client.TestRestTemplate;
-import org.springframework.http.*;
+import org.springframework.http.HttpEntity;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.HttpMethod;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
 import org.springframework.test.context.ContextConfiguration;
 
 import java.util.List;
 import java.util.Map;
 import java.util.stream.Stream;
 
-@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.DEFINED_PORT, classes = {ManagedIdentityWalletsApplication.class})
-@ContextConfiguration(initializers = {TestContextInitializer.class})
+@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.DEFINED_PORT, classes = { ManagedIdentityWalletsApplication.class })
+@ContextConfiguration(initializers = { TestContextInitializer.class })
 class FrameworkHoldersCredentialTest {
     @Autowired
     private HoldersCredentialRepository holdersCredentialRepository;
@@ -108,7 +112,7 @@ void issueFrameworkCredentialWithInvalidBpnAccessTest403() throws JsonProcessing
     }
 
     @Test
-    void issueFrameWorkVCToBaseWalletTest201() throws JSONException, JsonProcessingException {
+    void issueFrameWorkVCToBaseWalletTest201() throws JSONException {
         String bpn = miwSettings.authorityWalletBpn();
         String type = "PcfCredential";
         //create wallet
@@ -137,6 +141,30 @@ void issueFrameWorkVCToBaseWalletTest201() throws JSONException, JsonProcessingE
         TestUtils.checkSummaryCredential(miwSettings.authorityWalletDid(), wallet.getDid(), holdersCredentialRepository, issuersCredentialRepository, type, oldSummaryCredentialId);
     }
 
+    @Test
+    void issueFrameWorkVCToWalletTest409() throws JSONException {
+        String bpn = TestUtils.getRandomBpmNumber();
+        String name = "Sample Wallet";
+        String baseBpn = miwSettings.authorityWalletBpn();
+
+        ResponseEntity<String> response = TestUtils.createWallet(bpn, name, restTemplate, baseBpn);
+        Assertions.assertEquals(HttpStatus.CREATED.value(), response.getStatusCode().value());
+
+        miwSettings.supportedFrameworkVCTypes().forEach(type -> {
+            ResponseEntity<String> credentialResponse;
+            IssueFrameworkCredentialRequest twinRequest = TestUtils.getIssueFrameworkCredentialRequest(bpn, type);
+
+            HttpHeaders headers = AuthenticationUtils.getValidUserHttpHeaders(miwSettings.authorityWalletBpn());
+            HttpEntity<IssueFrameworkCredentialRequest> entity = new HttpEntity<>(twinRequest, headers);
+
+            credentialResponse = restTemplate.exchange(RestURI.API_CREDENTIALS_ISSUER_FRAMEWORK, HttpMethod.POST, entity, String.class);
+            Assertions.assertEquals(HttpStatus.CREATED.value(), credentialResponse.getStatusCode().value());
+
+            credentialResponse = restTemplate.exchange(RestURI.API_CREDENTIALS_ISSUER_FRAMEWORK, HttpMethod.POST, entity, String.class);
+            Assertions.assertEquals(HttpStatus.CONFLICT.value(), credentialResponse.getStatusCode().value());
+        });
+    }
+
     @ParameterizedTest
     @MethodSource("getTypes")
     void issueFrameWorkVCTest201(IssueFrameworkCredentialRequest request) throws JsonProcessingException, JSONException {
@@ -231,4 +259,4 @@ private void validate(Wallet wallet, String type, ResponseEntity<String> respons
         //check summary credential
         TestUtils.checkSummaryCredential(miwSettings.authorityWalletDid(), wallet.getDid(), holdersCredentialRepository, issuersCredentialRepository, type, oldSummaryCredentialId);
     }
-}
+}