Critical code review PR - Last sprint handover checklist of 0.2.0 release #43
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* [INJIMOB-1303] update readme Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com> * [INJIMOB-1303] update version to 0.1.0 Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com> * [INJIMOB-1303] update readme Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com> --------- Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com>
Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com>
* [INJIMOB-978]: add js library implementation Signed-off-by: adityankannan-tw <adityan410pm@gmail.com> * [INJIMOB-978]: add npm publish and readme changes Signed-off-by: adityankannan-tw <adityan410pm@gmail.com> * Update publish-maven-npm.yml Signed-off-by: adityankannan-tw <109274996+adityankannan-tw@users.noreply.github.com> * [INJIMOB-978]: refactor imports and exports Signed-off-by: adityankannan-tw <adityan410pm@gmail.com> * [INJIMOB-978]: add example app for js Signed-off-by: adityankannan-tw <adityan410pm@gmail.com> * [INJIMOB-978]: refactor workflows and tests Signed-off-by: adityankannan-tw <adityan410pm@gmail.com> * [INJIMOB-978]: refactor workflows and tests Signed-off-by: adityankannan-tw <adityan410pm@gmail.com> * [INJIMOB-978]: refactor workflows and tests Signed-off-by: adityankannan-tw <adityan410pm@gmail.com> * [INJIMOB-978]: add issuermeta data and proof type classes Signed-off-by: adityankannan-tw <adityan410pm@gmail.com> * [INJIMOB-978]: refactor push trigger and proof class Signed-off-by: adityankannan-tw <adityan410pm@gmail.com> * [INJIMOB-978]: add trace id for logs Signed-off-by: adityankannan-tw <adityan410pm@gmail.com> * [INJIMOB-978]: refactor logging and trace id Signed-off-by: adityankannan-tw <adityan410pm@gmail.com> --------- Signed-off-by: adityankannan-tw <adityan410pm@gmail.com> Signed-off-by: adityankannan-tw <109274996+adityankannan-tw@users.noreply.github.com> Co-authored-by: adityankannan-tw <adityan410pm@gmail.com>
Signed-off-by: Abhishek Paul <paul.apaul.abhishek.ap@gmail.com>
Signed-off-by: Abhishek Paul <paul.apaul.abhishek.ap@gmail.com>
Signed-off-by: Abhishek Paul <paul.apaul.abhishek.ap@gmail.com>
Signed-off-by: Abhishek Paul <paul.apaul.abhishek.ap@gmail.com>
Signed-off-by: Alka Prasad <prasadalka1998@gmail.com>
Signed-off-by: Abhishek Paul <paul.apaul.abhishek.ap@gmail.com>
) * [INJIMOB-1078] ADR doc for change in issuer metadata for different VC formats Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com> * [INJIMOB-1078] add mdoc VC format response parser Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com> * [INJIMOB-1078] update decision of issuer-meta-data-for-different-vc-formats adr People involved: Swati Goel, Kiruthika, Pooja Babusing Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com> * [INJIMOB-1588] modify mdoc parser logic to decode CBOR Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com> * [INJIMOB-1078] validate issuer metadata details based on VC format Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com> * [INJIMOB-1078] construct credential request for mso_mdoc format VC Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com> * [INJIMOB-1078] modify parsing of mso_mdoc vc Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com> * [INJIMOB-1078] remove unused dependencies Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com> * [INJIMOB-1078] refactor redundant code in mdoc parsing logic Other changes: - Move mdoc parsing logic to Mso mdoc credential response factory Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com> * [INJIMOB-1078] move decoding logic to encoder class Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com> * [INJIMOB-1078] add unit test for mso_mdoc credential response parsing Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com> * [INJIMOB-1078] refactor MsoMdocCredentialRequestTest to eliminate multiple assertions in one test Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com> * [INJIMOB-1078] format IssuerMetadata file Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com> * [INJIMOB-1078] rename Mdoc* to MsoMdoc* class name Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com> * [INJIMOB-1078] fix build failure with import mismatch Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com> * [INJIMOB-1078] update junit version from 4.x to 5.x Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com> * [INJIMOB-1078] update vci client version to 0.3.0-SNAPSHOT Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com> * [INJIMOB-1078] modify docType to doctype Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com> * [INJIMOB-1078] modify validator result to set set IsValid field in AddInvalidField method itself Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com> * [INJIMOB-1078] rename field isValidated to isValid Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com> --------- Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com>
Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com>
Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com>
[INJIMOB-1078] upgrade Java to version 17
* [INJIMOB-1742] update license details to MPL-2.0 in kotlin publish config Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com> * [INJIMOB-1742] update license details to MPL-2.0 in js publish config Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com> --------- Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com>
Signed-off-by: Alka Prasad <prasadalka1998@gmail.com>
… consumer app from vci client lib. (#38) * [INJIMOB-2160] send unprocessed mso_mdoc format VCs data as credentialResponse output Other changes - remove unused CBOR data processor Signed-off-by: KiruthikaJeyashankar <kiruthikavjshankar@gmail.com> * [INJIMOB-2160] add ADR for decision of credential response output Signed-off-by: KiruthikaJeyashankar <kiruthikavjshankar@gmail.com> * [INJIMOB-2160] update readme with credential response output Signed-off-by: KiruthikaJeyashankar <kiruthikavjshankar@gmail.com> * [INJIMOB-2160] update version to 0.3.0-SNAPSHOT Changes include - Credential response is sent as output from inji-vci-client lib without any processing - Consumers will be taking the responsibility of processing or parsing the credential for rendering or any other purpose as per requirement Signed-off-by: KiruthikaJeyashankar <kiruthikavjshankar@gmail.com> * [INJIMOB-2160] modify readme Signed-off-by: KiruthikaJeyashankar <kiruthikavjshankar@gmail.com> * [INJIMOB-2160] keep kotlin lib version as 0.2.0-SNAPSHOT Changes include - Credential response is sent as output from inji-vci-client lib without any processing - Consumers will be taking the responsibility of processing or parsing the credential for rendering or any other purpose as per requirement Signed-off-by: KiruthikaJeyashankar <kiruthikavjshankar@gmail.com> --------- Signed-off-by: KiruthikaJeyashankar <kiruthikavjshankar@gmail.com>
Signed-off-by: KiruthikaJeyashankar <kiruthikavjshankar@gmail.com>
* fix: js/example/package.json & js/example/package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-HTTPPROXYMIDDLEWARE-8229906 - https://snyk.io/vuln/SNYK-JS-PATHTOREGEXP-7925106 - https://snyk.io/vuln/SNYK-JS-BODYPARSER-7926860 - https://snyk.io/vuln/SNYK-JS-MICROMATCH-6838728 - https://snyk.io/vuln/SNYK-JS-COOKIE-8163060 - https://snyk.io/vuln/SNYK-JS-EXPRESS-7926867 - https://snyk.io/vuln/SNYK-JS-SEND-7926862 - https://snyk.io/vuln/SNYK-JS-SERVESTATIC-7926865 Signed-off-by: rajapandi.m <rajapandi.m@technoforte.co.in> * fix: js/package.json & js/package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-AXIOS-7361793 Signed-off-by: rajapandi.m <rajapandi.m@technoforte.co.in> --------- Signed-off-by: rajapandi.m <rajapandi.m@technoforte.co.in> Co-authored-by: snyk-bot <snyk-bot@snyk.io>
vishwa-vyom
commented
Jan 27, 2025
README.md
Outdated
| Contains OpenId4VCI specificationrelated source code and documentation | ||
| # INJI VCI Client | ||
|
|
||
| Contains OpenId4VCI specification related source code and documentation |
There was a problem hiding this comment.
Can we make this section little more eloborate to call out this is a library, it be used used by android / java application to get the functionality of OpenID4VCI interoperablity etc.. ?
There was a problem hiding this comment.
Sure @vishwa-vyom will update it
|
|
||
| ###### Exceptions | ||
|
|
||
| 1. DownloadFailedException is thrown when the credential issuer did not respond with credential response |
There was a problem hiding this comment.
When DownloadFailedException is thrown do we also have a list of error codes that a consumer app receive to take respective actions ?
There was a problem hiding this comment.
Download failed exception is thrown in
- Certify credential endpoint failure (error response is added as message)
- Common fallback
The message field of the exception holds the error message from the issuer but we do not have any predefined / extracted error codes being passed like https://github.com/mosip/vc-verifier/tree/develop/vc-verifier/kotlin#:~:text=**%20Mdoc%20Format%20VC,ERR_GENERIC
There was a problem hiding this comment.
should we document the same in this readme file ?
| 1. Format: `ldp_vc` | ||
| ``` | ||
| val issuerMetadata = IssuerMetaData( | ||
| CREDENTIAL_AUDIENCE, |
There was a problem hiding this comment.
I think CREDENTIAL_ENDPOINT and CREDENTIAL_AUDIENCE will be mostly same, we can verify this understanding and remove the audience if this is true to reduce the integration complexity.
| val issuerMetadata = IssuerMetaData( | ||
| CREDENTIAL_AUDIENCE, | ||
| CREDENTIAL_ENDPOINT, | ||
| DOWNLOAD_TIMEOUT, |
There was a problem hiding this comment.
DOWNLOAD_TIMEOUT does not natually fit into the IssuerMetaData class umbraella. We can keep this as another argument in the method.
There was a problem hiding this comment.
yes, we will handle it as part of release-0.17.0 of Inji mobile.
| ``` | ||
| val credentialResponse: CredentialResponse? = VCIClient().requestCredential( | ||
| issuerMetadata, | ||
| proof, |
There was a problem hiding this comment.
with and without proof, can we keep this as overrided method ?
also the proof generation string that is to be generated before signing can be exposed a helper method for cases where the signing handle cannot be passed inside.
| proof | ||
| ).constructRequest() | ||
| CredentialFormat.LDP_VC -> { | ||
| return validateAndConstructRequest( |
There was a problem hiding this comment.
Typical factory design pattern implementation will give out a instance, but here we can see the method invocation also happens. If there is no specific reason, we should restructure the code according to proper factory design pattern.
There was a problem hiding this comment.
agree @vishwa-vyom
@KiruthikaJeyashankar let's try it out, something like this
abstract class Factory {
abstract Factory getInstance(String format);
abstract void validate();
abstract void buildRequest();
}
class LdpVC extends Factory {
Factory getInstance(String format) {
if (format.equals("ldp_vc")) {
return new LdpVC();
}
}
public void validate() {
}
}
class MsoMdoc extends Factory {
Factory getInstance(String format) {
if (format.equals("mso_mdoc")) {
return new MsoMdoc();
}
}
public void validate() {
}
}
class VCIClient {
public void init(String format) {
Factory factory = Factory.getInstance(format);
factory.validate();
}
}
...t/src/main/java/io/mosip/vciclient/credentialResponse/types/ldpVc/LdpVcCredentialResponse.kt
Show resolved
Hide resolved
vishwa-vyom
commented
Jan 27, 2025
| import io.mosip.vciclient.credentialResponse.CredentialResponse | ||
| import io.mosip.vciclient.credentialResponse.CredentialResponseFactory | ||
|
|
||
| class MsoMdocVcCredentialResponseFactory : CredentialResponseFactory { |
There was a problem hiding this comment.
This factory class implemention another factory class is confusing. Any specific reason ?
There was a problem hiding this comment.
We will refactor the code the way mentioned here #43 (comment)
Signed-off-by: KiruthikaJeyashankar <kiruthikavjshankar@gmail.com>
* update readme Signed-off-by: KiruthikaJeyashankar <kiruthikavjshankar@gmail.com> * remove JS code for inji-vci-client Signed-off-by: KiruthikaJeyashankar <kiruthikavjshankar@gmail.com> * remove JS related push and manual workflows Signed-off-by: KiruthikaJeyashankar <kiruthikavjshankar@gmail.com> --------- Signed-off-by: KiruthikaJeyashankar <kiruthikavjshankar@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR is created just to add the review comments as part of the critical code review task of last sprint handover checklist for release of 0.2.0 version.
** THIS PR SHOULD NOT BE MERGED **