remove calls to deprecates documentManager for new key creation (#3272)

nuts-foundation · Jul 31, 2024 · 9030c9e · 9030c9e
1 parent 4cc35fb
commit 9030c9e
Show file tree

Hide file tree

Showing 16 changed files with 173 additions and 423 deletions.
diff --git a/cmd/root.go b/cmd/root.go
@@ -209,7 +209,7 @@ func CreateSystem(shutdownCallback context.CancelFunc) *core.System {
 	system.RegisterRoutes(&core.LandingPage{})
 	system.RegisterRoutes(&cryptoAPI.Wrapper{C: cryptoInstance, K: resolver.DIDKeyResolver{Resolver: vdrInstance.Resolver()}})
 	system.RegisterRoutes(&networkAPI.Wrapper{Service: networkInstance})
-	system.RegisterRoutes(&vdrAPI.Wrapper{VDR: vdrInstance})
+	system.RegisterRoutes(&vdrAPI.Wrapper{VDR: vdrInstance, SubjectManager: vdrInstance})
 	system.RegisterRoutes(&vdrAPIv2.Wrapper{VDR: vdrInstance, SubjectManager: vdrInstance})
 	system.RegisterRoutes(&vcrAPI.Wrapper{VCR: credentialInstance, ContextManager: jsonld})
 	system.RegisterRoutes(&openid4vciAPI.Wrapper{

diff --git a/main_test.go b/main_test.go
@@ -34,6 +34,7 @@ import (
 	"github.com/nuts-foundation/nuts-node/network"
 	"github.com/nuts-foundation/nuts-node/test"
 	"github.com/nuts-foundation/nuts-node/test/pki"
+	"github.com/nuts-foundation/nuts-node/vdr"
 	v1 "github.com/nuts-foundation/nuts-node/vdr/api/v1"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
@@ -229,12 +230,16 @@ func getIntegrationTestConfig(t *testing.T, testDirectory string) (core.ServerCo
 	httpConfig.Internal.Address = fmt.Sprintf("localhost:%d", test.FreeTCPPort())
 	httpConfig.Public.Address = fmt.Sprintf("localhost:%d", test.FreeTCPPort())
 
+	vdrConfig := vdr.DefaultConfig()
+	vdrConfig.DIDMethods = []string{"nuts"}
+
 	return config, ModuleConfig{
 		Network: networkConfig,
 		Auth:    authConfig,
 		Crypto:  cryptoConfig,
 		Events:  eventsConfig,
 		HTTP:    httpConfig,
+		VDR:     vdrConfig,
 	}
 }
 
@@ -244,4 +249,5 @@ type ModuleConfig struct {
 	Crypto  crypto.Config     `koanf:"crypto"`
 	Events  events.Config     `koanf:"events"`
 	HTTP    httpEngine.Config `koanf:"http"`
+	VDR     vdr.Config        `koanf:"vdr"`
 }
diff --git a/test/node/server.go b/test/node/server.go
@@ -75,6 +75,7 @@ func StartServer(t *testing.T, configFunc ...func(internalHttpServerURL, publicH
 	t.Setenv("NUTS_EVENTS_NATS_PORT", natsPort)
 	t.Setenv("NUTS_EVENTS_NATS_HOSTNAME", "localhost")
 	t.Setenv("NUTS_URL", publicHttpServerURL)
+	t.Setenv("NUTS_VDR_DIDMETHODS", "nuts")
 
 	for _, fn := range configFunc {
 		fn(internalHttpServerURL, publicHttpServerURL)

diff --git a/vcr/test/openid4vci_integration_test.go b/vcr/test/openid4vci_integration_test.go
@@ -26,7 +26,6 @@ import (
 	"github.com/nuts-foundation/nuts-node/network/log"
 	"github.com/nuts-foundation/nuts-node/vcr/issuer"
 	"github.com/nuts-foundation/nuts-node/vcr/openid4vci"
-	"github.com/nuts-foundation/nuts-node/vdr"
 	"github.com/nuts-foundation/nuts-node/vdr/didsubject"
 	"github.com/nuts-foundation/nuts-node/vdr/resolver"
 	"github.com/stretchr/testify/assert"
@@ -42,7 +41,6 @@ import (
 	"github.com/nuts-foundation/go-did/did"
 	"github.com/nuts-foundation/go-did/vc"
 	"github.com/nuts-foundation/nuts-node/audit"
-	"github.com/nuts-foundation/nuts-node/didman"
 	"github.com/nuts-foundation/nuts-node/test"
 	"github.com/nuts-foundation/nuts-node/test/node"
 	"github.com/nuts-foundation/nuts-node/vcr"
@@ -247,17 +245,17 @@ func testCredential() vc.VerifiableCredential {
 }
 
 func registerDID(t *testing.T, system *core.System) did.DID {
-	vdrService := system.FindEngineByName("vdr").(vdr.VDR)
+	vdrService := system.FindEngineByName("vdr").(didsubject.SubjectManager)
 	ctx := audit.TestContext()
-	didDocument, _, err := vdrService.NutsDocumentManager().Create(ctx, didsubject.DefaultCreationOptions())
+	didDocument, _, err := vdrService.Create(ctx, didsubject.DefaultCreationOptions().With(didsubject.NutsLegacyNamingOption{}))
 	require.NoError(t, err)
-	return didDocument.ID
+	return didDocument[0].ID
 
 }
 
 func registerBaseURL(t *testing.T, httpServerURL string, system *core.System, id did.DID) {
-	didmanService := system.FindEngineByName("didman").(didman.Didman)
+	subjectManager := system.FindEngineByName("vdr").(didsubject.SubjectManager)
 	baseURL, _ := url.Parse(httpServerURL)
-	_, err := didmanService.AddEndpoint(audit.TestContext(), id, resolver.BaseURLServiceType, *baseURL)
+	_, err := subjectManager.CreateService(audit.TestContext(), id.String(), did.Service{Type: resolver.BaseURLServiceType, ServiceEndpoint: baseURL.String()})
 	require.NoError(t, err)
 }
diff --git a/vdr/api/v1/api.go b/vdr/api/v1/api.go
@@ -21,6 +21,7 @@ package v1
 
 import (
 	"context"
+	"errors"
 	"fmt"
 	"github.com/nuts-foundation/nuts-node/audit"
 	"github.com/nuts-foundation/nuts-node/vdr"
@@ -41,7 +42,8 @@ var _ core.ErrorStatusCodeResolver = (*Wrapper)(nil)
 
 // Wrapper is needed to connect the implementation to the echo ServiceWrapper
 type Wrapper struct {
-	VDR vdr.VDR
+	VDR            vdr.VDR
+	SubjectManager didsubject.SubjectManager
 }
 
 // ResolveStatusCode maps errors returned by this API to specific HTTP status codes.
@@ -88,10 +90,21 @@ func (a *Wrapper) AddNewVerificationMethod(ctx context.Context, request AddNewVe
 		opts = &VerificationMethodRelationship{}
 	}
 
-	vm, err := a.VDR.NutsDocumentManager().AddVerificationMethod(ctx, *d, opts.ToFlags(didnuts.DefaultKeyFlags()))
+	vms, err := a.SubjectManager.AddVerificationMethod(ctx, d.String(), opts.ToFlags(didnuts.DefaultKeyFlags()))
 	if err != nil {
 		return nil, err
 	}
+	var vm *did.VerificationMethod
+	for _, m := range vms {
+		if m.ID.DID.String() == request.Did {
+			vm = &m
+			break
+		}
+	}
+	if vm == nil {
+		return nil, fmt.Errorf("verification method added for subject: %s but not for DID: %s, do not use the V1 API for non-nuts DIDs", request.Did, request.Did)
+	}
+
 	return AddNewVerificationMethod200JSONResponse(*vm), nil
 }
 
@@ -120,12 +133,24 @@ func (a *Wrapper) CreateDID(ctx context.Context, request CreateDIDRequestObject)
 	if keyFlags != defaultKeyFlags {
 		options = options.With(keyFlags)
 	}
+	options = options.With(didsubject.NutsLegacyNamingOption{})
 
-	doc, _, err := a.VDR.NutsDocumentManager().Create(ctx, options)
+	docs, _, err := a.SubjectManager.Create(ctx, options)
 	// if this operation leads to an error, it may return a 500
 	if err != nil {
 		return nil, err
 	}
+	var doc *did.Document
+	for _, m := range docs {
+		if m.ID.Method == "nuts" {
+			doc = &m
+			break
+		}
+	}
+	if doc == nil {
+		// only happens when did:nuts is disabled but V1 API is used.
+		return nil, errors.New("no nuts DID created, did you disable did:nuts support?")
+	}
 
 	// this API returns a DIDDocument according to spec, so it may return the business object
 	return CreateDID200JSONResponse(*doc), nil
@@ -212,7 +237,7 @@ func (a *Wrapper) DeactivateDID(ctx context.Context, request DeactivateDIDReques
 	if err != nil {
 		return nil, err
 	}
-	err = a.VDR.NutsDocumentManager().Deactivate(ctx, *id)
+	err = a.SubjectManager.Deactivate(ctx, id.String())
 	if err != nil {
 		return nil, err
 	}

diff --git a/vdr/api/v1/api_test.go b/vdr/api/v1/api_test.go
@@ -49,7 +49,7 @@ func TestWrapper_CreateDID(t *testing.T) {
 	t.Run("ok - defaults", func(t *testing.T) {
 		ctx := newMockContext(t)
 		request := DIDCreateRequest{}
-		ctx.nutsDocumentManager.EXPECT().Create(gomock.Any(), didsubject.DefaultCreationOptions()).Return(didDoc, nil, nil)
+		ctx.subjectManager.EXPECT().Create(gomock.Any(), didsubject.DefaultCreationOptions().With(didsubject.NutsLegacyNamingOption{})).Return([]did.Document{*didDoc}, "subject", nil)
 
 		response, err := ctx.client.CreateDID(nil, CreateDIDRequestObject{Body: &request})
 
@@ -72,7 +72,7 @@ func TestWrapper_CreateDID(t *testing.T) {
 			SelfControl: new(bool),
 			Controllers: &controllers,
 		}
-		ctx.nutsDocumentManager.EXPECT().Create(gomock.Any(), gomock.Any()).Return(didDoc, nil, nil)
+		ctx.subjectManager.EXPECT().Create(gomock.Any(), gomock.Any()).Return([]did.Document{*didDoc}, "subject", nil)
 
 		response, err := ctx.client.CreateDID(nil, CreateDIDRequestObject{Body: &request})
 
@@ -83,7 +83,7 @@ func TestWrapper_CreateDID(t *testing.T) {
 	t.Run("error - create fails", func(t *testing.T) {
 		ctx := newMockContext(t)
 		request := DIDCreateRequest{}
-		ctx.nutsDocumentManager.EXPECT().Create(gomock.Any(), gomock.Any()).Return(nil, nil, errors.New("b00m!"))
+		ctx.subjectManager.EXPECT().Create(gomock.Any(), gomock.Any()).Return(nil, "", errors.New("b00m!"))
 
 		response, err := ctx.client.CreateDID(nil, CreateDIDRequestObject{Body: &request})
 
@@ -307,7 +307,7 @@ func TestWrapper_DeactivateDID(t *testing.T) {
 	did123, _ := did.ParseDID("did:nuts:123")
 	t.Run("ok", func(t *testing.T) {
 		ctx := newMockContext(t)
-		ctx.nutsDocumentManager.EXPECT().Deactivate(ctx.requestCtx, *did123).Return(nil)
+		ctx.subjectManager.EXPECT().Deactivate(ctx.requestCtx, did123.String()).Return(nil)
 
 		_, err := ctx.client.DeactivateDID(ctx.requestCtx, DeactivateDIDRequestObject{Did: did123.String()})
 
@@ -326,7 +326,7 @@ func TestWrapper_DeactivateDID(t *testing.T) {
 	t.Run("error - not found", func(t *testing.T) {
 		ctx := newMockContext(t)
 
-		ctx.nutsDocumentManager.EXPECT().Deactivate(ctx.requestCtx, *did123).Return(resolver.ErrNotFound)
+		ctx.subjectManager.EXPECT().Deactivate(ctx.requestCtx, did123.String()).Return(resolver.ErrNotFound)
 
 		_, err := ctx.client.DeactivateDID(ctx.requestCtx, DeactivateDIDRequestObject{Did: did123.String()})
 
@@ -336,7 +336,7 @@ func TestWrapper_DeactivateDID(t *testing.T) {
 
 	t.Run("error - document already deactivated", func(t *testing.T) {
 		ctx := newMockContext(t)
-		ctx.nutsDocumentManager.EXPECT().Deactivate(ctx.requestCtx, *did123).Return(resolver.ErrDeactivated)
+		ctx.subjectManager.EXPECT().Deactivate(ctx.requestCtx, did123.String()).Return(resolver.ErrDeactivated)
 
 		_, err := ctx.client.DeactivateDID(ctx.requestCtx, DeactivateDIDRequestObject{Did: did123.String()})
 
@@ -346,7 +346,7 @@ func TestWrapper_DeactivateDID(t *testing.T) {
 
 	t.Run("error - did not managed by this node", func(t *testing.T) {
 		ctx := newMockContext(t)
-		ctx.nutsDocumentManager.EXPECT().Deactivate(ctx.requestCtx, *did123).Return(resolver.ErrDIDNotManagedByThisNode)
+		ctx.subjectManager.EXPECT().Deactivate(ctx.requestCtx, did123.String()).Return(resolver.ErrDIDNotManagedByThisNode)
 
 		_, err := ctx.client.DeactivateDID(ctx.requestCtx, DeactivateDIDRequestObject{Did: did123.String()})
 
@@ -363,7 +363,7 @@ func TestWrapper_AddNewVerificationMethod(t *testing.T) {
 
 	t.Run("ok - without key usage", func(t *testing.T) {
 		ctx := newMockContext(t)
-		ctx.nutsDocumentManager.EXPECT().AddVerificationMethod(ctx.requestCtx, *did123, didnuts.DefaultKeyFlags()).Return(newMethod, nil)
+		ctx.subjectManager.EXPECT().AddVerificationMethod(ctx.requestCtx, did123.String(), didnuts.DefaultKeyFlags()).Return([]did.VerificationMethod{*newMethod}, nil)
 
 		response, err := ctx.client.AddNewVerificationMethod(ctx.requestCtx, AddNewVerificationMethodRequestObject{Did: did123.String()})
 
@@ -374,7 +374,7 @@ func TestWrapper_AddNewVerificationMethod(t *testing.T) {
 	t.Run("ok - with key usage", func(t *testing.T) {
 		ctx := newMockContext(t)
 		expectedKeyUsage := didnuts.DefaultKeyFlags() | orm.AuthenticationUsage | orm.CapabilityDelegationUsage
-		ctx.nutsDocumentManager.EXPECT().AddVerificationMethod(ctx.requestCtx, *did123, expectedKeyUsage).Return(newMethod, nil)
+		ctx.subjectManager.EXPECT().AddVerificationMethod(ctx.requestCtx, did123.String(), expectedKeyUsage).Return([]did.VerificationMethod{*newMethod}, nil)
 		trueBool := true
 		request := AddNewVerificationMethodJSONRequestBody{
 			Authentication:       &trueBool,
@@ -399,7 +399,7 @@ func TestWrapper_AddNewVerificationMethod(t *testing.T) {
 
 	t.Run("error - internal error", func(t *testing.T) {
 		ctx := newMockContext(t)
-		ctx.nutsDocumentManager.EXPECT().AddVerificationMethod(gomock.Any(), gomock.Any(), gomock.Any()).Return(nil, errors.New("something went wrong"))
+		ctx.subjectManager.EXPECT().AddVerificationMethod(gomock.Any(), gomock.Any(), gomock.Any()).Return(nil, errors.New("something went wrong"))
 
 		response, err := ctx.client.AddNewVerificationMethod(ctx.requestCtx, AddNewVerificationMethodRequestObject{Did: did123.String()})
 
@@ -460,6 +460,7 @@ type mockContext struct {
 	vdr                 *vdr.MockVDR
 	didResolver         *resolver.MockDIDResolver
 	nutsDocumentManager *didsubject.MockDocumentManager
+	subjectManager      *didsubject.MockSubjectManager
 	client              *Wrapper
 	requestCtx          context.Context
 }
@@ -472,7 +473,8 @@ func newMockContext(t *testing.T) mockContext {
 	vdr.EXPECT().Resolver().Return(didResolver).AnyTimes()
 	nutsDocumentManager := didsubject.NewMockDocumentManager(ctrl)
 	vdr.EXPECT().NutsDocumentManager().Return(nutsDocumentManager).AnyTimes()
-	client := &Wrapper{VDR: vdr}
+	subjectManager := didsubject.NewMockSubjectManager(ctrl)
+	client := &Wrapper{VDR: vdr, SubjectManager: subjectManager}
 	requestCtx := audit.TestContext()
 
 	return mockContext{
@@ -481,6 +483,7 @@ func newMockContext(t *testing.T) mockContext {
 		didResolver:         didResolver,
 		client:              client,
 		nutsDocumentManager: nutsDocumentManager,
+		subjectManager:      subjectManager,
 		requestCtx:          requestCtx,
 	}
 }