wip: partially implement jdbc issuer metadata repo

cloud-agent/service/server/src/main/scala/org/hyperledger/identus/agent/server/MainApp.scala

@@ -37,7 +37,6 @@ import org.hyperledger.identus.mercury.*
 import org.hyperledger.identus.oidc4vc.controller.CredentialIssuerControllerImpl
 import org.hyperledger.identus.oidc4vc.service.OIDCCredentialIssuerServiceImpl
 import org.hyperledger.identus.oidc4vc.storage.InMemoryIssuanceSessionService
-import org.hyperledger.identus.pollux.core.repository.InMemoryOIDC4VCIssuerMetadataRepository
 import org.hyperledger.identus.pollux.core.service.*
 import org.hyperledger.identus.pollux.core.service.verification.VcVerificationServiceImpl
 import org.hyperledger.identus.pollux.credentialdefinition.controller.CredentialDefinitionControllerImpl
@@ -46,6 +45,7 @@ import org.hyperledger.identus.pollux.credentialschema.controller.{
   CredentialSchemaControllerImpl,
   VerificationPolicyControllerImpl
 }
+import org.hyperledger.identus.pollux.sql.repository.JdbcOIDC4VCIssuerMetadataRepository
 import org.hyperledger.identus.pollux.sql.repository.{
   JdbcCredentialDefinitionRepository,
   JdbcCredentialRepository,
@@ -201,10 +201,10 @@ object MainApp extends ZIOAppDefault {
           RepoModule.polluxContextAwareTransactorLayer ++ RepoModule.polluxTransactorLayer >>> JdbcCredentialDefinitionRepository.layer,
           RepoModule.polluxContextAwareTransactorLayer ++ RepoModule.polluxTransactorLayer >>> JdbcPresentationRepository.layer,
           RepoModule.polluxContextAwareTransactorLayer >>> JdbcVerificationPolicyRepository.layer,
+          RepoModule.polluxContextAwareTransactorLayer >>> JdbcOIDC4VCIssuerMetadataRepository.layer,
           // oidc
           CredentialIssuerControllerImpl.layer,
           InMemoryIssuanceSessionService.layer,
-          InMemoryOIDC4VCIssuerMetadataRepository.layer,
           OIDC4VCIssuerMetadataServiceImpl.layer,
           OIDCCredentialIssuerServiceImpl.layer,
           // event notification service

pollux/sql-doobie/src/main/resources/sql/pollux/V20__add_issuer_metadata.sql

@@ -0,0 +1,14 @@
+CREATE TABLE public.issuer_metadata (
+    id UUID PRIMARY KEY,
+    authorization_server VARCHAR(1000) NOT NULL,
+    created_at TIMESTAMP WITH TIME ZONE NOT NULL,
+    updated_at TIMESTAMP WITH TIME ZONE NOT NULL,
+    wallet_id UUID NOT NULL
+);
+
+ALTER TABLE public.issuer_metadata
+    ENABLE ROW LEVEL SECURITY;
+
+CREATE POLICY issuer_metadata_wallet_isolation
+    ON public.issuer_metadata
+    USING (wallet_id = current_setting('app.current_wallet_id')::UUID);

pollux/sql-doobie/src/main/scala/org/hyperledger/identus/pollux/sql/repository/Implicits.scala

@@ -4,14 +4,13 @@ import doobie.util.{Get, Put}
 import org.hyperledger.identus.castor.core.model.did.{CanonicalPrismDID, PrismDID}
 import org.hyperledger.identus.pollux.core.model.*
 import org.hyperledger.identus.pollux.vc.jwt.StatusPurpose
-import org.hyperledger.identus.shared.models.WalletId
+
+import java.net.URI
+import java.net.URL
 
 given didCommIDGet: Get[DidCommID] = Get[String].map(DidCommID(_))
 given didCommIDPut: Put[DidCommID] = Put[String].contramap(_.value)
 
-given walletIdGet: Get[WalletId] = Get[String].map(WalletId.fromUUIDString)
-given walletIdPut: Put[WalletId] = Put[String].contramap(_.toString)
-
 given prismDIDGet: Get[CanonicalPrismDID] =
   Get[String].map(s => PrismDID.fromString(s).fold(e => throw RuntimeException(e), _.asCanonical))
 given prismDIDPut: Put[CanonicalPrismDID] = Put[String].contramap(_.toString)
@@ -26,3 +25,6 @@ given statusPurposePut: Put[StatusPurpose] = Put[String].contramap {
   case StatusPurpose.Revocation => StatusPurpose.Revocation.str
   case StatusPurpose.Suspension => StatusPurpose.Suspension.str
 }
+
+given urlGet: Get[URL] = Get[String].map(s => URI.create(s).toURL())
+given urlPut: Put[URL] = Put[String].contramap(_.toString())

pollux/sql-doobie/src/main/scala/org/hyperledger/identus/pollux/sql/repository/JdbcCredentialStatusListRepository.scala

@@ -10,7 +10,7 @@ import org.hyperledger.identus.castor.core.model.did.*
 import org.hyperledger.identus.pollux.core.model.*
 import org.hyperledger.identus.pollux.core.repository.CredentialStatusListRepository
 import org.hyperledger.identus.shared.db.ContextAwareTask
-import org.hyperledger.identus.shared.db.Implicits.*
+import org.hyperledger.identus.shared.db.Implicits.{*, given}
 import org.hyperledger.identus.pollux.vc.jwt.revocation.BitStringError.*
 import zio.*
 import zio.interop.catz.*

pollux/sql-doobie/src/main/scala/org/hyperledger/identus/pollux/sql/repository/JdbcOIDC4VCIssuerMetadataRepository.scala

@@ -0,0 +1,73 @@
+package org.hyperledger.identus.pollux.sql.repository
+
+import doobie.*
+import doobie.implicits.*
+import doobie.postgres.implicits.*
+import doobie.util.transactor.Transactor
+import org.hyperledger.identus.pollux.core.model.oidc4vc.CredentialConfiguration
+import org.hyperledger.identus.pollux.core.model.oidc4vc.CredentialIssuer
+import org.hyperledger.identus.pollux.core.repository.OIDC4VCIssuerMetadataRepository
+import org.hyperledger.identus.shared.db.ContextAwareTask
+import org.hyperledger.identus.shared.db.Implicits.{*, given}
+import org.hyperledger.identus.shared.models.WalletAccessContext
+import org.hyperledger.identus.shared.models.WalletId
+import zio.*
+
+import java.net.URL
+import java.util.UUID
+
+// TODO: implement all members
+class JdbcOIDC4VCIssuerMetadataRepository(xa: Transactor[ContextAwareTask]) extends OIDC4VCIssuerMetadataRepository {
+
+  override def findAllCredentialConfigurations(issuerId: UUID): UIO[Seq[CredentialConfiguration]] = ???
+
+  override def findWalletIssuers: URIO[WalletAccessContext, Seq[CredentialIssuer]] = ???
+
+  override def createIssuer(issuer: CredentialIssuer): URIO[WalletAccessContext, Unit] = {
+    val cxnIO = (walletId: WalletId) => sql"""
+        |INSERT INTO public.issuer_metadata (
+        |  id,
+        |  authorization_server,
+        |  created_at,
+        |  updated_at,
+        |  wallet_id
+        |) VALUES (
+        |  ${issuer.id},
+        |  ${issuer.authorizationServer},
+        |  ${issuer.createdAt},
+        |  ${issuer.updatedAt},
+        |  ${walletId}
+        |)
+        """.stripMargin.update
+
+    for {
+      walletId <- ZIO.serviceWith[WalletAccessContext](_.walletId)
+      _ <- cxnIO(walletId).run.transactWallet(xa).ensureOneAffectedRowOrDie
+    } yield ()
+  }
+
+  override def deleteCredentialConfiguration(
+      issuerId: UUID,
+      configurationId: String
+  ): URIO[WalletAccessContext, Unit] = ???
+
+  override def findIssuer(issuerId: UUID): UIO[Option[CredentialIssuer]] = ???
+
+  override def updateIssuer(
+      issuerId: UUID,
+      authorizationServer: Option[URL]
+  ): URIO[WalletAccessContext, CredentialIssuer] = ???
+
+  override def createCredentialConfiguration(
+      issuerId: UUID,
+      config: CredentialConfiguration
+  ): URIO[WalletAccessContext, Unit] = ???
+
+  override def deleteIssuer(issuerId: UUID): URIO[WalletAccessContext, Unit] = ???
+
+}
+
+object JdbcOIDC4VCIssuerMetadataRepository {
+  val layer: URLayer[Transactor[ContextAwareTask], OIDC4VCIssuerMetadataRepository] =
+    ZLayer.fromFunction(new JdbcOIDC4VCIssuerMetadataRepository(_))
+}

shared/core/src/main/scala/org/hyperledger/identus/shared/db/ContextAwareTask.scala

@@ -44,7 +44,7 @@ object Implicits {
 
   }
 
-  extension [Int](ma: RIO[WalletAccessContext, Int]) {
+  extension (ma: RIO[WalletAccessContext, Int]) {
     def ensureOneAffectedRowOrDie: URIO[WalletAccessContext, Unit] = ma.flatMap {
       case 1     => ZIO.unit
       case count => ZIO.fail(RuntimeException(s"Unexpected affected row count: $count"))