fix: Anoncreds schemas and validation

Signed-off-by: DaevMithran <[email protected]>
openwallet-foundation · Dec 11, 2024 · 074adc2 · 074adc2
1 parent 4559704
commit 074adc2
Show file tree

Hide file tree

Showing 5 changed files with 84 additions and 52 deletions.
diff --git a/acapy_agent/messaging/valid.py b/acapy_agent/messaging/valid.py
@@ -363,16 +363,20 @@ def __init__(self):
 
 
 class AnoncredsDID(Regexp):
-    """Validate value against indy DID."""
+    """Validate value against anoncreds DID."""
+
+    METHOD = r"([a-zA-Z0-9_]+)"
+    NETWORK = r"(:[a-zA-Z0-9_.%-]+)?"  # Optional network
+    METHOD_ID = r"([a-zA-Z0-9_.%-]+(:[a-zA-Z0-9_.%-]+)*)"
 
     EXAMPLE = "did:(method):WgWxqztrNooG92RXvxSTWv"
-    PATTERN = re.compile("^(did:[a-z]:.+$)?$")
+    PATTERN = re.compile(rf"^did:{METHOD}{NETWORK}:{METHOD_ID}")
 
     def __init__(self):
         """Initialize the instance."""
 
         super().__init__(
-            IndyDID.PATTERN,
+            DIDValidation.PATTERN,
             error="Value {input} is not an decentralized identifier (DID)",
         )
 
@@ -381,14 +385,17 @@ class DIDValidation(Regexp):
     """Validate value against any valid DID spec."""
 
     METHOD = r"([a-zA-Z0-9_]+)"
+    NETWORK = r"(:[a-zA-Z0-9_.%-]+)?"  # Optional network
     METHOD_ID = r"([a-zA-Z0-9_.%-]+(:[a-zA-Z0-9_.%-]+)*)"
     PARAMS = r"((;[a-zA-Z0-9_.:%-]+=[a-zA-Z0-9_.:%-]*)*)"
     PATH = r"(\/[^#?]*)?"
     QUERY = r"([?][^#]*)?"
     FRAGMENT = r"(\#.*)?$"
 
     EXAMPLE = "did:peer:WgWxqztrNooG92RXvxSTWv"
-    PATTERN = re.compile(rf"^did:{METHOD}:{METHOD_ID}{PARAMS}{PATH}{QUERY}{FRAGMENT}$")
+    PATTERN = re.compile(
+        rf"^did:{METHOD}{NETWORK}:{METHOD_ID}{PARAMS}{PATH}{QUERY}{FRAGMENT}$"
+    )
 
     def __init__(self):
         """Initialize the instance."""
@@ -485,7 +492,7 @@ def __init__(self):
         """Initialize the instance."""
 
         super().__init__(
-            IndyCredDefId.PATTERN,
+            AnoncredsCredDefId.PATTERN,
             error="Value {input} is not an anoncreds credential definition identifier",
         )
 
@@ -530,7 +537,7 @@ def __init__(self):
         """Initialize the instance."""
 
         super().__init__(
-            IndySchemaId.PATTERN,
+            AnoncredsSchemaId.PATTERN,
             error="Value {input} is not an anoncreds schema identifier",
         )
 

diff --git a/acapy_agent/revocation/routes.py b/acapy_agent/revocation/routes.py
@@ -32,12 +32,12 @@
 from ..messaging.models.openapi import OpenAPISchema
 from ..messaging.responder import BaseResponder
 from ..messaging.valid import (
-    INDY_CRED_DEF_ID_EXAMPLE,
-    INDY_CRED_DEF_ID_VALIDATE,
+    ANONCREDS_CRED_DEF_ID_EXAMPLE,
+    ANONCREDS_CRED_DEF_ID_VALIDATE,
     INDY_CRED_REV_ID_EXAMPLE,
     INDY_CRED_REV_ID_VALIDATE,
-    INDY_REV_REG_ID_EXAMPLE,
-    INDY_REV_REG_ID_VALIDATE,
+    ANONCREDS_REV_REG_ID_EXAMPLE,
+    ANONCREDS_REV_REG_ID_VALIDATE,
     INDY_REV_REG_SIZE_EXAMPLE,
     INDY_REV_REG_SIZE_VALIDATE,
     UUID4_EXAMPLE,
@@ -86,10 +86,10 @@ class RevRegCreateRequestSchema(OpenAPISchema):
     """Request schema for revocation registry creation request."""
 
     credential_definition_id = fields.Str(
-        validate=INDY_CRED_DEF_ID_VALIDATE,
+        validate=ANONCREDS_CRED_DEF_ID_VALIDATE,
         metadata={
             "description": "Credential definition identifier",
-            "example": INDY_CRED_DEF_ID_EXAMPLE,
+            "example": ANONCREDS_CRED_DEF_ID_EXAMPLE,
         },
     )
     max_cred_num = fields.Int(
@@ -143,10 +143,10 @@ def validate_fields(self, data, **kwargs):
 
     rev_reg_id = fields.Str(
         required=False,
-        validate=INDY_REV_REG_ID_VALIDATE,
+        validate=ANONCREDS_REV_REG_ID_VALIDATE,
         metadata={
             "description": "Revocation registry identifier",
-            "example": INDY_REV_REG_ID_EXAMPLE,
+            "example": ANONCREDS_REV_REG_ID_EXAMPLE,
         },
     )
     cred_rev_id = fields.Str(
@@ -182,18 +182,18 @@ def validate_fields(self, data, **kwargs):
 
     rev_reg_id = fields.Str(
         required=False,
-        validate=INDY_REV_REG_ID_VALIDATE,
+        validate=ANONCREDS_REV_REG_ID_VALIDATE,
         metadata={
             "description": "Revocation registry identifier",
-            "example": INDY_REV_REG_ID_EXAMPLE,
+            "example": ANONCREDS_REV_REG_ID_EXAMPLE,
         },
     )
     cred_def_id = fields.Str(
         required=False,
-        validate=INDY_CRED_DEF_ID_VALIDATE,
+        validate=ANONCREDS_CRED_DEF_ID_VALIDATE,
         metadata={
             "description": "Credential definition identifier",
-            "example": INDY_CRED_DEF_ID_EXAMPLE,
+            "example": ANONCREDS_CRED_DEF_ID_EXAMPLE,
         },
     )
 
@@ -270,7 +270,7 @@ class PublishRevocationsSchema(OpenAPISchema):
 
     rrid2crid = fields.Dict(
         required=False,
-        keys=fields.Str(metadata={"example": INDY_REV_REG_ID_EXAMPLE}),
+        keys=fields.Str(metadata={"example": ANONCREDS_REV_REG_ID_EXAMPLE}),
         values=fields.List(
             fields.Str(
                 validate=INDY_CRED_REV_ID_VALIDATE,
@@ -303,7 +303,7 @@ class ClearPendingRevocationsRequestSchema(OpenAPISchema):
 
     purge = fields.Dict(
         required=False,
-        keys=fields.Str(metadata={"example": INDY_REV_REG_ID_EXAMPLE}),
+        keys=fields.Str(metadata={"example": ANONCREDS_REV_REG_ID_EXAMPLE}),
         values=fields.List(
             fields.Str(
                 validate=INDY_CRED_REV_ID_VALIDATE,
@@ -383,10 +383,10 @@ class RevRegsCreatedSchema(OpenAPISchema):
 
     rev_reg_ids = fields.List(
         fields.Str(
-            validate=INDY_REV_REG_ID_VALIDATE,
+            validate=ANONCREDS_REV_REG_ID_VALIDATE,
             metadata={
                 "description": "Revocation registry identifiers",
-                "example": INDY_REV_REG_ID_EXAMPLE,
+                "example": ANONCREDS_REV_REG_ID_EXAMPLE,
             },
         )
     )
@@ -401,7 +401,7 @@ class RevRegUpdateTailsFileUriSchema(OpenAPISchema):
             "description": "Public URI to the tails file",
             "example": (
                 "http://192.168.56.133:6543/revocation/registry/"
-                f"{INDY_REV_REG_ID_EXAMPLE}/tails-file"
+                f"{ANONCREDS_REV_REG_ID_EXAMPLE}/tails-file"
             ),
         },
     )
@@ -412,10 +412,10 @@ class RevRegsCreatedQueryStringSchema(OpenAPISchema):
 
     cred_def_id = fields.Str(
         required=False,
-        validate=INDY_CRED_DEF_ID_VALIDATE,
+        validate=ANONCREDS_CRED_DEF_ID_VALIDATE,
         metadata={
             "description": "Credential definition identifier",
-            "example": INDY_CRED_DEF_ID_EXAMPLE,
+            "example": ANONCREDS_CRED_DEF_ID_EXAMPLE,
         },
     )
     state = fields.Str(
@@ -452,10 +452,10 @@ class RevRegIdMatchInfoSchema(OpenAPISchema):
 
     rev_reg_id = fields.Str(
         required=True,
-        validate=INDY_REV_REG_ID_VALIDATE,
+        validate=ANONCREDS_REV_REG_ID_VALIDATE,
         metadata={
             "description": "Revocation Registry identifier",
-            "example": INDY_REV_REG_ID_EXAMPLE,
+            "example": ANONCREDS_REV_REG_ID_EXAMPLE,
         },
     )
 
@@ -465,10 +465,10 @@ class RevocationCredDefIdMatchInfoSchema(OpenAPISchema):
 
     cred_def_id = fields.Str(
         required=True,
-        validate=INDY_CRED_DEF_ID_VALIDATE,
+        validate=ANONCREDS_CRED_DEF_ID_VALIDATE,
         metadata={
             "description": "Credential definition identifier",
-            "example": INDY_CRED_DEF_ID_EXAMPLE,
+            "example": ANONCREDS_CRED_DEF_ID_EXAMPLE,
         },
     )
 

diff --git a/acapy_agent/revocation_anoncreds/routes.py b/acapy_agent/revocation_anoncreds/routes.py
@@ -38,12 +38,12 @@
 from ..ledger.multiple_ledger.base_manager import BaseMultipleLedgerManager
 from ..messaging.models.openapi import OpenAPISchema
 from ..messaging.valid import (
-    INDY_CRED_DEF_ID_EXAMPLE,
-    INDY_CRED_DEF_ID_VALIDATE,
+    ANONCREDS_CRED_DEF_ID_EXAMPLE,
+    ANONCREDS_CRED_DEF_ID_VALIDATE,
     INDY_CRED_REV_ID_EXAMPLE,
     INDY_CRED_REV_ID_VALIDATE,
-    INDY_REV_REG_ID_EXAMPLE,
-    INDY_REV_REG_ID_VALIDATE,
+    ANONCREDS_REV_REG_ID_EXAMPLE,
+    ANONCREDS_REV_REG_ID_VALIDATE,
     UUID4_EXAMPLE,
     UUID4_VALIDATE,
     WHOLE_NUM_EXAMPLE,
@@ -99,10 +99,10 @@ def validate_fields(self, data, **kwargs):
 
     rev_reg_id = fields.Str(
         required=False,
-        validate=INDY_REV_REG_ID_VALIDATE,
+        validate=ANONCREDS_REV_REG_ID_VALIDATE,
         metadata={
             "description": "Revocation registry identifier",
-            "example": INDY_REV_REG_ID_EXAMPLE,
+            "example": ANONCREDS_REV_REG_ID_EXAMPLE,
         },
     )
     cred_rev_id = fields.Str(
@@ -138,18 +138,18 @@ def validate_fields(self, data, **kwargs):
 
     rev_reg_id = fields.Str(
         required=False,
-        validate=INDY_REV_REG_ID_VALIDATE,
+        validate=ANONCREDS_REV_REG_ID_VALIDATE,
         metadata={
             "description": "Revocation registry identifier",
-            "example": INDY_REV_REG_ID_EXAMPLE,
+            "example": ANONCREDS_REV_REG_ID_EXAMPLE,
         },
     )
     cred_def_id = fields.Str(
         required=False,
-        validate=INDY_CRED_DEF_ID_VALIDATE,
+        validate=ANONCREDS_CRED_DEF_ID_VALIDATE,
         metadata={
             "description": "Credential definition identifier",
-            "example": INDY_CRED_DEF_ID_EXAMPLE,
+            "example": ANONCREDS_CRED_DEF_ID_EXAMPLE,
         },
     )
 
@@ -215,10 +215,10 @@ class RevRegsCreatedSchemaAnoncreds(OpenAPISchema):
 
     rev_reg_ids = fields.List(
         fields.Str(
-            validate=INDY_REV_REG_ID_VALIDATE,
+            validate=ANONCREDS_REV_REG_ID_VALIDATE,
             metadata={
                 "description": "Revocation registry identifiers",
-                "example": INDY_REV_REG_ID_EXAMPLE,
+                "example": ANONCREDS_REV_REG_ID_EXAMPLE,
             },
         )
     )
@@ -233,7 +233,7 @@ class RevRegUpdateTailsFileUriSchema(OpenAPISchema):
             "description": "Public URI to the tails file",
             "example": (
                 "http://192.168.56.133:6543/revocation/registry/"
-                f"{INDY_REV_REG_ID_EXAMPLE}/tails-file"
+                f"{ANONCREDS_REV_REG_ID_EXAMPLE}/tails-file"
             ),
         },
     )
@@ -244,10 +244,10 @@ class RevRegsCreatedQueryStringSchema(OpenAPISchema):
 
     cred_def_id = fields.Str(
         required=False,
-        validate=INDY_CRED_DEF_ID_VALIDATE,
+        validate=ANONCREDS_CRED_DEF_ID_VALIDATE,
         metadata={
             "description": "Credential definition identifier",
-            "example": INDY_CRED_DEF_ID_EXAMPLE,
+            "example": ANONCREDS_CRED_DEF_ID_EXAMPLE,
         },
     )
     state = fields.Str(
@@ -284,10 +284,10 @@ class RevRegIdMatchInfoSchema(OpenAPISchema):
 
     rev_reg_id = fields.Str(
         required=True,
-        validate=INDY_REV_REG_ID_VALIDATE,
+        validate=ANONCREDS_REV_REG_ID_VALIDATE,
         metadata={
             "description": "Revocation Registry identifier",
-            "example": INDY_REV_REG_ID_EXAMPLE,
+            "example": ANONCREDS_REV_REG_ID_EXAMPLE,
         },
     )
 
@@ -297,10 +297,10 @@ class RevocationCredDefIdMatchInfoSchema(OpenAPISchema):
 
     cred_def_id = fields.Str(
         required=True,
-        validate=INDY_CRED_DEF_ID_VALIDATE,
+        validate=ANONCREDS_CRED_DEF_ID_VALIDATE,
         metadata={
             "description": "Credential definition identifier",
-            "example": INDY_CRED_DEF_ID_EXAMPLE,
+            "example": ANONCREDS_CRED_DEF_ID_EXAMPLE,
         },
     )
 
@@ -348,7 +348,7 @@ class PublishRevocationsSchemaAnoncreds(OpenAPISchema):
 
     rrid2crid = fields.Dict(
         required=False,
-        keys=fields.Str(metadata={"example": INDY_REV_REG_ID_EXAMPLE}),
+        keys=fields.Str(metadata={"example": ANONCREDS_REV_REG_ID_EXAMPLE}),
         values=fields.List(
             fields.Str(
                 validate=INDY_CRED_REV_ID_VALIDATE,
@@ -368,7 +368,7 @@ class PublishRevocationsResultSchemaAnoncreds(OpenAPISchema):
 
     rrid2crid = fields.Dict(
         required=False,
-        keys=fields.Str(metadata={"example": INDY_REV_REG_ID_EXAMPLE}),
+        keys=fields.Str(metadata={"example": ANONCREDS_REV_REG_ID_EXAMPLE}),
         values=fields.List(
             fields.Str(
                 validate=INDY_CRED_REV_ID_VALIDATE,

diff --git a/acapy_agent/wallet/did_method.py b/acapy_agent/wallet/did_method.py
@@ -97,6 +97,13 @@ def holder_defined_did(self) -> HolderDefinedDid:
     holder_defined_did=HolderDefinedDid.NO,
 )
 
+CHEQD = DIDMethod(
+    name="cheqd",
+    key_types=[ED25519],
+    rotation=True,
+    holder_defined_did=HolderDefinedDid.ALLOWED,
+)
+
 
 class DIDMethods:
     """DID Method class specifying DID methods with supported key types."""
@@ -110,6 +117,7 @@ def __init__(self) -> None:
             PEER2.method_name: PEER2,
             PEER4.method_name: PEER4,
             TDW.method_name: TDW,
+            CHEQD.method_name: CHEQD,
         }
 
     def registered(self, method: str) -> bool:

diff --git a/acapy_agent/wallet/routes.py b/acapy_agent/wallet/routes.py
@@ -70,7 +70,17 @@
 )
 from .base import BaseWallet
 from .did_info import DIDInfo
-from .did_method import KEY, PEER2, PEER4, SOV, DIDMethod, DIDMethods, HolderDefinedDid
+from .did_method import (
+    KEY,
+    PEER2,
+    PEER4,
+    SOV,
+    DIDMethod,
+    DIDMethods,
+    HolderDefinedDid,
+    CHEQD,
+    TDW,
+)
 from .did_posture import DIDPosture
 from .error import WalletError, WalletNotFoundError
 from .key_type import BLS12381G2, ED25519, KeyTypes
@@ -312,7 +322,14 @@ class DIDListQueryStringSchema(OpenAPISchema):
     method = fields.Str(
         required=False,
         validate=validate.OneOf(
-            [KEY.method_name, SOV.method_name, PEER2.method_name, PEER4.method_name]
+            [
+                KEY.method_name,
+                SOV.method_name,
+                TDW.method_name,
+                CHEQD.method_name,
+                PEER2.method_name,
+                PEER4.method_name,
+            ]
         ),
         metadata={
             "example": KEY.method_name,