iotaledger · UMR1352 · Feb 19, 2024 · Feb 22, 2024 · Feb 27, 2024 · Feb 28, 2024
@@ -1,6 +1,14 @@
 # Changelog
 
-## [v1.1.0](https://github.com/iotaledger/identity.rs/tree/v1.1.0) (2024-02-06)
+## [v1.1.1](https://github.com/iotaledger/identity.rs/tree/v1.1.1) (2024-02-19)
+
+[Full Changelog](https://github.com/iotaledger/identity.rs/compare/v1.1.0...v1.1.1)
+
+### Patch
+
+- Fix compilation error caused by the roaring crate [\#1306](https://github.com/iotaledger/identity.rs/pull/1306)
+
+## [v1.1.0](https://github.com/iotaledger/identity.rs/tree/v1.1.0) (2024-02-07)
 
 [Full Changelog](https://github.com/iotaledger/identity.rs/compare/v1.0.0...v1.1.0)
 

@@ -51,7 +51,7 @@ If you want to include IOTA Identity in your project, simply add it as a depende
 
 ```toml
 [dependencies]
-identity_iota = { version = "1.1.0" }
+identity_iota = { version = "1.1.1" }
 ```
 
 To try out the [examples](https://github.com/iotaledger/identity.rs/blob/HEAD/examples), you can also do this:
@@ -85,7 +85,7 @@ version = "1.0.0"
 edition = "2021"
 
 [dependencies]
-identity_iota = {version = "1.1.0", features = ["memstore"]}
+identity_iota = { version = "1.1.1", features = ["memstore"] }
 iota-sdk = { version = "1.0.2", default-features = true, features = ["tls", "client", "stronghold"] }
 tokio = { version = "1", features = ["full"] }
 anyhow = "1.0.62"

@@ -9,15 +9,14 @@
 //!
 //! cargo run --release --example 5_create_vc
 
+use anyhow::anyhow;
 use examples::create_did;
 use examples::MemStorage;
 use identity_eddsa_verifier::EdDSAJwsVerifier;
-use identity_iota::core::Object;
-
-use identity_iota::credential::DecodedJwtCredential;
 use identity_iota::credential::Jwt;
-use identity_iota::credential::JwtCredentialValidationOptions;
-use identity_iota::credential::JwtCredentialValidator;
+use identity_iota::credential::JwtCredential;
+use identity_iota::credential::ValidableCredential;
+use identity_iota::resolver::IotaResolver;
 use identity_iota::storage::JwkDocumentExt;
 use identity_iota::storage::JwkMemStore;
 use identity_iota::storage::JwsSignatureOptions;
@@ -35,7 +34,6 @@ use identity_iota::core::FromJson;
 use identity_iota::core::Url;
 use identity_iota::credential::Credential;
 use identity_iota::credential::CredentialBuilder;
-use identity_iota::credential::FailFast;
 use identity_iota::credential::Subject;
 use identity_iota::did::DID;
 use identity_iota::iota::IotaDocument;
@@ -97,24 +95,13 @@ async fn main() -> anyhow::Result<()> {
     )
     .await?;
 
-  // Before sending this credential to the holder the issuer wants to validate that some properties
-  // of the credential satisfy their expectations.
-
-  // Validate the credential's signature using the issuer's DID Document, the credential's semantic structure,
-  // that the issuance date is not in the future and that the expiration date is not in the past:
-  let decoded_credential: DecodedJwtCredential<Object> =
-    JwtCredentialValidator::with_signature_verifier(EdDSAJwsVerifier::default())
-      .validate::<_, Object>(
-        &credential_jwt,
-        &issuer_document,
-        &JwtCredentialValidationOptions::default(),
-        FailFast::FirstError,
-      )
-      .unwrap();
+  let credential_jwt = JwtCredential::<Credential>::parse(credential_jwt)?;
+  credential_jwt.validate(&IotaResolver::new(client), &EdDSAJwsVerifier::default()).await.map_err(|_| anyhow!("oops"))?;
+  println!("{}", serde_json::to_string(&credential_jwt).unwrap());
 
   println!("VC successfully validated");
 
-  println!("Credential JSON > {:#}", decoded_credential.credential);
+  println!("Credential JSON > {:#}", credential_jwt.as_ref());
 
   Ok(())
 }
@@ -1,34 +1,34 @@
 // Copyright 2020-2024 IOTA Stiftung
 // SPDX-License-Identifier: Apache-2.0
 
+use anyhow::anyhow;
 use examples::create_did;
 use examples::random_stronghold_path;
 use examples::MemStorage;
 use examples::API_ENDPOINT;
 use identity_eddsa_verifier::EdDSAJwsVerifier;
 use identity_iota::core::FromJson;
-use identity_iota::core::Object;
+use identity_iota::core::ResolverT;
 use identity_iota::core::ToJson;
 use identity_iota::core::Url;
+use identity_iota::credential::status_list_2021::CredentialStatus;
 use identity_iota::credential::status_list_2021::StatusList2021;
 use identity_iota::credential::status_list_2021::StatusList2021Credential;
 use identity_iota::credential::status_list_2021::StatusList2021CredentialBuilder;
 use identity_iota::credential::status_list_2021::StatusList2021Entry;
+use identity_iota::credential::status_list_2021::StatusList2021Resolver;
 use identity_iota::credential::status_list_2021::StatusPurpose;
 use identity_iota::credential::Credential;
 use identity_iota::credential::CredentialBuilder;
-use identity_iota::credential::FailFast;
 use identity_iota::credential::Issuer;
 use identity_iota::credential::Jwt;
-use identity_iota::credential::JwtCredentialValidationOptions;
-use identity_iota::credential::JwtCredentialValidator;
-use identity_iota::credential::JwtCredentialValidatorUtils;
-use identity_iota::credential::JwtValidationError;
+use identity_iota::credential::JwtCredential;
 use identity_iota::credential::Status;
-use identity_iota::credential::StatusCheck;
 use identity_iota::credential::Subject;
+use identity_iota::credential::ValidableCredentialStatusExt;
 use identity_iota::did::DID;
 use identity_iota::iota::IotaDocument;
+use identity_iota::resolver::IotaResolver;
 use identity_iota::storage::JwkDocumentExt;
 use identity_iota::storage::JwkMemStore;
 use identity_iota::storage::JwsSignatureOptions;
@@ -40,6 +40,29 @@ use iota_sdk::client::Password;
 use iota_sdk::types::block::address::Address;
 use serde_json::json;
 
+struct MockStatusListClient(StatusList2021Credential);
+
+impl MockStatusListClient {
+  pub fn new(status_list: StatusList2021Credential) -> Self {
+    Self(status_list)
+  }
+  pub async fn get(&self, url: &Url) -> Option<StatusList2021Credential> {
+    if self.0.id().is_some_and(|id| id == url) {
+      Some(self.0.clone())
+    } else {
+      None
+    }
+  }
+}
+
+impl ResolverT<StatusList2021Credential> for MockStatusListClient {
+  type Error = ();
+  type Input = Url;
+  async fn fetch(&self, input: &Self::Input) -> Result<StatusList2021Credential, Self::Error> {
+    self.get(input).await.ok_or(())
+  }
+}
+
 #[tokio::main]
 async fn main() -> anyhow::Result<()> {
   // ===========================================================================
@@ -52,6 +75,9 @@ async fn main() -> anyhow::Result<()> {
     .finish()
     .await?;
 
+  let iota_resolver = IotaResolver::new(client.clone());
+  let eddsa_verifier = EdDSAJwsVerifier::default();
+
   let mut secret_manager_issuer: SecretManager = SecretManager::Stronghold(
     StrongholdSecretManager::builder()
       .password(Password::from("secure_password_1".to_owned()))
@@ -130,26 +156,15 @@ async fn main() -> anyhow::Result<()> {
     )
     .await?;
 
-  let validator: JwtCredentialValidator<EdDSAJwsVerifier> =
-    JwtCredentialValidator::with_signature_verifier(EdDSAJwsVerifier::default());
-
-  // The validator has no way of retriving the status list to check for the
-  // revocation of the credential. Let's skip that pass and perform the operation manually.
-  let mut validation_options = JwtCredentialValidationOptions::default();
-  validation_options.status = StatusCheck::SkipUnsupported;
-  // Validate the credential's signature using the issuer's DID Document.
-  validator.validate::<_, Object>(
-    &credential_jwt,
-    &issuer_document,
-    &validation_options,
-    FailFast::FirstError,
-  )?;
-  // Check manually for revocation
-  JwtCredentialValidatorUtils::check_status_with_status_list_2021(
-    &credential,
-    &status_list_credential,
-    StatusCheck::Strict,
-  )?;
+  let status_list_resolver = StatusList2021Resolver::new(MockStatusListClient::new(status_list_credential.clone()));
+
+  let jwt_credential = JwtCredential::<Credential>::parse(credential_jwt)?;
+  jwt_credential
+    .validate_with_status(&iota_resolver, &eddsa_verifier, &status_list_resolver, |state| {
+      *state == CredentialStatus::Valid
+    })
+    .await
+    .map_err(|_| anyhow!("ooops"))?;
   println!("Credential is valid.");
 
   let status_list_credential_json = status_list_credential.to_json().unwrap();
@@ -169,19 +184,14 @@ async fn main() -> anyhow::Result<()> {
   status_list_credential.set_credential_status(&mut credential, credential_index, true)?;
 
   // validate the credential and check for revocation
-  validator.validate::<_, Object>(
-    &credential_jwt,
-    &issuer_document,
-    &validation_options,
-    FailFast::FirstError,
-  )?;
-  let revocation_result = JwtCredentialValidatorUtils::check_status_with_status_list_2021(
-    &credential,
-    &status_list_credential,
-    StatusCheck::Strict,
-  );
-
-  assert!(revocation_result.is_err_and(|e| matches!(e, JwtValidationError::Revoked)));
+  let status_list_resolver = StatusList2021Resolver::new(MockStatusListClient::new(status_list_credential));
+
+  jwt_credential
+    .validate_with_status(&iota_resolver, &eddsa_verifier, &status_list_resolver, |state| {
+      *state == CredentialStatus::Valid
+    })
+    .await
+    .unwrap_err();
   println!("The credential has been successfully revoked.");
 
   Ok(())

@@ -1,14 +1,14 @@
 [package]
 name = "examples"
-version = "1.1.0"
+version = "1.1.1"
 authors = ["IOTA Stiftung"]
 edition = "2021"
 publish = false
 
 [dependencies]
 anyhow = "1.0.62"
 identity_eddsa_verifier = { path = "../identity_eddsa_verifier", default-features = false }
-identity_iota = { path = "../identity_iota", default-features = false, features = ["memstore", "domain-linkage", "revocation-bitmap", "status-list-2021"] }
+identity_iota = { path = "../identity_iota", default-features = false, features = ["memstore", "domain-linkage", "revocation-bitmap", "status-list-2021", "resolver"] }
 identity_stronghold = { path = "../identity_stronghold", default-features = false }
 iota-sdk = { version = "1.0", default-features = false, features = ["tls", "client", "stronghold"] }
 primitive-types = "0.12.1"

@@ -1,6 +1,6 @@
 [package]
 name = "identity_core"
-version = "1.1.0"
+version = "1.1.1"
 authors.workspace = true
 edition.workspace = true
 homepage.workspace = true

@@ -25,3 +25,10 @@ pub mod error;
 
 pub use self::error::Error;
 pub use self::error::Result;
+
+pub trait ResolverT<T> {
+  type Error;
+  type Input;
+
+  async fn fetch(&self, input: &Self::Input) -> std::result::Result<T, Self::Error>;
+}
@@ -1,6 +1,6 @@
 [package]
 name = "identity_credential"
-version = "1.1.0"
+version = "1.1.1"
 authors = ["IOTA Stiftung"]
 edition = "2021"
 homepage.workspace = true
@@ -14,20 +14,22 @@ description = "An implementation of the Verifiable Credentials standard."
 [dependencies]
 flate2 = { version = "1.0.28", default-features = false, features = ["rust_backend"], optional = true }
 futures = { version = "0.3", default-features = false, optional = true }
-identity_core = { version = "=1.1.0", path = "../identity_core", default-features = false }
-identity_did = { version = "=1.1.0", path = "../identity_did", default-features = false }
-identity_document = { version = "=1.1.0", path = "../identity_document", default-features = false }
-identity_verification = { version = "=1.1.0", path = "../identity_verification", default-features = false }
+identity_core = { version = "=1.1.1", path = "../identity_core", default-features = false }
+identity_did = { version = "=1.1.1", path = "../identity_did", default-features = false }
+identity_document = { version = "=1.1.1", path = "../identity_document", default-features = false }
+identity_jose = { version = "=1.1.1", path = "../identity_jose" }
+identity_verification = { version = "=1.1.1", path = "../identity_verification", default-features = false }
 indexmap = { version = "2.0", default-features = false, features = ["std", "serde"] }
 itertools = { version = "0.11", default-features = false, features = ["use_std"], optional = true }
 once_cell = { version = "1.18", default-features = false, features = ["std"] }
 reqwest = { version = "0.11", default-features = false, features = ["default-tls", "json", "stream"], optional = true }
-roaring = { version = "0.10", default-features = false, optional = true }
+roaring = { version = "0.10", default-features = false, features = ["std"], optional = true }
 sd-jwt-payload = { version = "0.2.0", default-features = false, features = ["sha"], optional = true }
 serde.workspace = true
 serde-aux = { version = "4.3.1", default-features = false, optional = true }
 serde_json.workspace = true
 serde_repr = { version = "0.1", default-features = false, optional = true }
+serde_with = "3.6.1"
 strum.workspace = true
 thiserror.workspace = true
 url = { version = "2.5", default-features = false }