From 697a14c5f0377afb8f836cde9ff3956121247780 Mon Sep 17 00:00:00 2001
From: Mircea Nistor <mirceanis@gmail.com>
Date: Thu, 16 Mar 2023 15:52:17 +0100
Subject: [PATCH] fix(cli): fix `credential verify` command for JWT credentials
 (#1148)

---
 packages/cli/src/credential.ts                | 13 ++++---------
 packages/credential-w3c/src/action-handler.ts |  6 ++++--
 2 files changed, 8 insertions(+), 11 deletions(-)

diff --git a/packages/cli/src/credential.ts b/packages/cli/src/credential.ts
index b39dff1db..f72f138ff 100644
--- a/packages/cli/src/credential.ts
+++ b/packages/cli/src/credential.ts
@@ -179,19 +179,14 @@ credential
     } else {
       raw = await readStdin()
     }
-    let credentialAsJSON: any
+    let parsedCredential: any
     try {
-      credentialAsJSON = json5.parse(raw)
+      parsedCredential = json5.parse(raw)
     } catch (e: any) {
-      credentialAsJSON = {
-        proof: {
-          type: 'JwtProof2020',
-          jwt: raw,
-        },
-      } as any
+      parsedCredential = raw
     }
     try {
-      const result = await agent.verifyCredential({ credential: credentialAsJSON })
+      const result = await agent.verifyCredential({ credential: parsedCredential })
       if (result.verified === true) {
         console.log('Credential was verified successfully.')
       } else {
diff --git a/packages/credential-w3c/src/action-handler.ts b/packages/credential-w3c/src/action-handler.ts
index 3654539c0..fe5a2f987 100644
--- a/packages/credential-w3c/src/action-handler.ts
+++ b/packages/credential-w3c/src/action-handler.ts
@@ -291,7 +291,7 @@ export class CredentialPlugin implements IAgentPlugin {
         verifiedCredential = verificationResult.verifiableCredential
 
         // if credential was presented with other fields, make sure those fields match what's in the JWT
-        if (typeof credential !== 'string') {
+        if (typeof credential !== 'string' && credential.proof.type === 'JwtProof2020') {
           const credentialCopy = JSON.parse(JSON.stringify(credential))
           delete credentialCopy.proof.jwt
 
@@ -300,7 +300,9 @@ export class CredentialPlugin implements IAgentPlugin {
 
           if (canonicalize(credentialCopy) !== canonicalize(verifiedCopy)) {
             verificationResult.verified = false
-            verificationResult.error = new Error('Credential does not match JWT')
+            verificationResult.error = new Error(
+              'invalid_credential: Credential JSON does not match JWT payload',
+            )
           }
         }
       } catch (e: any) {