feat(sdk): propagate trust denial reason to consumer (#779)

Signed-off-by: Rolson Quadras <[email protected]>
trustbloc · May 2, 2024 · acdebf8 · acdebf8
1 parent d3b5bd6
commit acdebf8
Show file tree

Hide file tree

Showing 6 changed files with 21 additions and 2 deletions.
diff --git a/cmd/wallet-sdk-gomobile/docs/usage.md b/cmd/wallet-sdk-gomobile/docs/usage.md
@@ -1844,7 +1844,10 @@ config.evaluatePresentationURL = evaluatePresentationURL
 val evaluationResult = Registry(config).evaluatePresentation(presentationRequest)
 
 // check if the txn is allowed
-evaluationResult!.allowed 
+evaluationResult.allowed
+
+// check txn denial reason if allowed=false
+evaluationResult.denyReason()
 
 // Get the requested attestations
 for (rInd in 0 until evaluationResult.requestedAttestationLength() ) {
@@ -1886,7 +1889,10 @@ config.evaluatePresentationURL = evaluatePresentationURL
 let evaluationResult = try TrustregistryRegistry(config)!.evaluatePresentation(presentationRequest)
 
 // check if the txn is allowed
-evaluationResult!.allowed 
+evaluationResult!.allowed
+
+// check txn denial reason if allowed=false
+evaluationResult!.denyReason()
 
 // Get the requested attestations
 for rInd in 0..<evaluationResult!.requestedAttestationLength() {

diff --git a/cmd/wallet-sdk-gomobile/trustregistry/model.go b/cmd/wallet-sdk-gomobile/trustregistry/model.go
@@ -7,6 +7,8 @@ SPDX-License-Identifier: Apache-2.0
 package trustregistry
 
 import (
+	"strings"
+
 	"github.com/trustbloc/wallet-sdk/cmd/wallet-sdk-gomobile/api"
 )
 
@@ -17,6 +19,12 @@ type EvaluationResult struct {
 	ErrorMessage              string
 	MultipleCredentialAllowed bool
 	attestationsRequired      []string
+	denyReasons               []string
+}
+
+// DenyReason check the reasons when the transaction is not allowed (=false).
+func (e *EvaluationResult) DenyReason() string {
+	return strings.Join(e.denyReasons, ", ")
 }
 
 // RequestedAttestationLength returns the number attestation requested.

diff --git a/cmd/wallet-sdk-gomobile/trustregistry/trust_registry.go b/cmd/wallet-sdk-gomobile/trustregistry/trust_registry.go
@@ -73,6 +73,7 @@ func (r *Registry) EvaluateIssuance(request *IssuanceRequest) (*EvaluationResult
 		ErrorCode:            result.ErrorCode,
 		ErrorMessage:         result.ErrorMessage,
 		attestationsRequired: attestationsRequired,
+		denyReasons:          result.DenyReasons,
 	}, nil
 }
 
@@ -114,6 +115,7 @@ func (r *Registry) EvaluatePresentation(request *PresentationRequest) (*Evaluati
 		ErrorMessage:              result.ErrorMessage,
 		attestationsRequired:      attestationsRequired,
 		MultipleCredentialAllowed: multipleCredentialAllowed,
+		denyReasons:               result.DenyReasons,
 	}, nil
 }
 

diff --git a/cmd/wallet-sdk-gomobile/trustregistry/trust_registry_test.go b/cmd/wallet-sdk-gomobile/trustregistry/trust_registry_test.go
@@ -55,6 +55,7 @@ func TestRegistry_EvaluateIssuance(t *testing.T) {
 		require.NotNil(t, result)
 		require.False(t, result.Allowed)
 		require.Equal(t, result.ErrorCode, "didForbidden")
+		require.Equal(t, result.DenyReason(), "unauthorized issuer, empty credentials")
 	})
 
 	t.Run("Invalid server URI", func(t *testing.T) {

diff --git a/pkg/trustregistry/model.go b/pkg/trustregistry/model.go
@@ -13,6 +13,7 @@ type EvaluationResult struct {
 	Allowed      bool            `json:"allowed,omitempty"`
 	ErrorCode    string          `json:"errorCode,omitempty"`
 	ErrorMessage string          `json:"errorMessage,omitempty"`
+	DenyReasons  []string        `json:"deny_reasons,omitempty"`
 	Data         *EvaluationData `json:"payload,omitempty"`
 }
 

diff --git a/pkg/trustregistry/testsupport/mockhttp.go b/pkg/trustregistry/testsupport/mockhttp.go
@@ -59,6 +59,7 @@ func HandleEvaluateIssuanceRequest(w http.ResponseWriter, r *http.Request) {
 		writeResponse(w, &trustregistry.EvaluationResult{
 			ErrorCode:    "didForbidden",
 			ErrorMessage: "Interaction with given issuer is forbidden",
+			DenyReasons:  []string{"unauthorized issuer", "empty credentials"},
 		})
 
 		return