Ruby Refactor and Demo Extraction (#506)

trinsic-id · Mar 24, 2022 · 1ae9cd8 · 1ae9cd8
1 parent ffec37b
commit 1ae9cd8
Show file tree

Hide file tree

Showing 14 changed files with 527 additions and 445 deletions.
diff --git a/ruby/lib/security.rb b/ruby/lib/security.rb
@@ -9,28 +9,28 @@ module Trinsic
   # Interface
   module ISecurityProvider
     def get_auth_header(account_profile, message)
-      raise "Not implemented"
+      raise 'Not implemented'
     end
   end
 
   class OberonSecurityProvider
     include ISecurityProvider
 
     def base64_binary_encode(message)
-      Base64.urlsafe_encode64(Google::Protobuf::encode(message))
+      Base64.urlsafe_encode64(Google::Protobuf.encode(message))
     end
 
     def get_auth_header(account_profile, message)
       if account_profile.protection.enabled
-        raise "The token must be unprotected before use"
+        raise 'The token must be unprotected before use'
       end
 
-      request_hash = Google::Protobuf::encode(message)
+      request_hash = Google::Protobuf.encode(message)
       request_hash = Okapi::Hashing.blake3_hash(Okapi::Hashing::V1::Blake3HashRequest.new(data: request_hash)).digest unless request_hash.length == 0 # skip hashing if empty
-      nonce = Trinsic::Common_V1::Nonce.new(timestamp: (Time.now.to_f*1000).to_int, request_hash: request_hash)
+      nonce = Trinsic::Common_V1::Nonce.new(timestamp: (Time.now.to_f * 1000).to_int, request_hash: request_hash)
       request = Okapi::Security::V1::CreateOberonProofRequest.new(token: account_profile.auth_token,
                                                                   data: account_profile.auth_data,
-                                                                  nonce: Google::Protobuf::encode(nonce))
+                                                                  nonce: Google::Protobuf.encode(nonce))
       proof = Okapi::Oberon.create_proof(request)
 
       # Convert to base-64

diff --git a/ruby/lib/services/account_service.rb b/ruby/lib/services/account_service.rb
@@ -0,0 +1,59 @@
+require 'services/service_base'
+
+module Trinsic
+  class AccountService < ServiceBase
+
+    def initialize(service_options = nil)
+      super(service_options)
+      if @service_options.server_use_tls
+        channel_creds = GRPC::Core::ChannelCredentials.new
+        @client = Account_V1::Account::Stub.new(get_url, channel_creds)
+      else
+        @client = Account_V1::Account::Stub.new(get_url, :this_channel_is_insecure)
+      end
+    end
+
+    def sign_in(request = nil)
+      request = request || Account_V1::SignInRequest.new
+      request.details = request.details || Account_V1::AccountDetails.new
+      request.ecosystem_id = request.ecosystem_id.empty? ? @service_options.default_ecosystem : request.ecosystem_id
+      auth_token = @client.sign_in(request).profile
+      encoded_profile = Base64.urlsafe_encode64(Account_V1::AccountProfile.encode(auth_token))
+      self.profile = encoded_profile
+      encoded_profile
+    end
+
+    def unprotect(profile, security_code)
+      cloned = profile.clone
+      request = Okapi::Security::V1::UnBlindOberonTokenRequest.new(token: cloned.auth_token)
+      request.blinding += [security_code]
+      result = Okapi::Oberon.unblind_token request
+      cloned.auth_token = result.token
+      cloned.protection = Account_V1::TokenProtection.new(enabled: false, method: Account_V1::ConfirmationMethod.None)
+      cloned
+    end
+
+    def protect(profile, security_code)
+      cloned = profile.clone
+      request = Okapi::Security::V1::BlindOberonTokenRequest.new(token: cloned.auth_token)
+      request.blinding += [security_code]
+      result = Okapi::Oberon.blind_token request
+      cloned.auth_token = result.token
+      cloned.protection = Account_V1::TokenProtection.new(enabled: true, method: Account_V1::ConfirmationMethod.Other)
+      cloned
+    end
+
+    def get_info
+      request = Account_V1::InfoRequest.new
+      @client.info(request, metadata: metadata(request))
+    end
+
+    def list_devices(request)
+      @client.list_devices(request, metadata: metadata(request))
+    end
+
+    def revoke_device(request)
+      @client.revoke_device(request, metadata: metadata(request))
+    end
+  end
+end
diff --git a/ruby/lib/services/credential_service.rb b/ruby/lib/services/credential_service.rb
@@ -0,0 +1,55 @@
+require 'services/service_base'
+
+module Trinsic
+  class CredentialService < ServiceBase
+
+    def initialize(service_options = nil)
+      super(service_options)
+      if @service_options.server_use_tls
+        channel_creds = GRPC::Core::ChannelCredentials.new
+        @client = Credentials_V1::VerifiableCredential::Stub.new(get_url, channel_creds)
+      else
+        @client = Credentials_V1::VerifiableCredential::Stub.new(get_url, :this_channel_is_insecure)
+      end
+    end
+
+    def issue_credential(request)
+      # Credentials_V1::IssueRequest.new(document_json: JSON.generate(document))
+      @client.issue(request, metadata: metadata(request))
+    end
+
+    def issue_from_template(request)
+      @client.issue_from_template(request, metadata: metadata(request))
+    end
+
+    def send_document(request)
+      # request = Credentials_V1::SendRequest.new(email: email, document: Common_V1::JsonPayload.new(json_string: JSON.generate(document)))
+      @client.send(request, metadata: metadata(request))
+    end
+
+    def create_proof(request)
+      # doc_json = nil
+      # doc_json = JSON.generate(document) unless document.nil?
+      # request = Credentials_V1::CreateProofRequest.new(item_id: item_id,
+      #                                                  reveal_document_json: JSON.generate(reveal_document),
+      #                                                  document_json: doc_json)
+      @client.create_proof(request, metadata: metadata(request))
+      # JSON.parse(response.proof_document_json)
+    end
+
+    def verify_proof(request)
+      # request = Credentials_V1::VerifyProofRequest.new(proof_document_json: JSON.generate(proof_document))
+      @client.verify_proof(request, metadata: metadata(request))
+    end
+
+    def check_status(request)
+      # request = Credentials_V1::CheckStatusRequest.new(credential_status_id: credential_status_id)
+      @client.check_status(request, metadata: metadata(request))
+    end
+
+    def update_status(request)
+      # request = Credentials_V1::UpdateStatusRequest.new(credential_status_id: credential_status_id, revoked: revoked)
+      @client.update_status(request, metadata: metadata(request))
+    end
+  end
+end
diff --git a/ruby/lib/services/credential_template_service.rb b/ruby/lib/services/credential_template_service.rb
@@ -0,0 +1,36 @@
+require 'services/service_base'
+
+module Trinsic
+  class CredentialTemplateService < ServiceBase
+
+    def initialize(service_options = nil)
+      super(service_options)
+      if @service_options.server_use_tls
+        channel_creds = GRPC::Core::ChannelCredentials.new
+        @client = Template_V1::CredentialTemplates::Stub.new(get_url, channel_creds)
+      else
+        @client = Template_V1::CredentialTemplates::Stub.new(get_url, :this_channel_is_insecure)
+      end
+    end
+
+    def create(request)
+      @client.create(request, metadata: metadata(request))
+    end
+
+    def get(request)
+      @client.get(request, metadata: metadata(request))
+    end
+
+    def list(request)
+      @client.list(request, metadata: metadata(request))
+    end
+
+    def search(request)
+      @client.search(request, metadata: metadata(request))
+    end
+
+    def delete(request)
+      @client.delete(request, metadata: metadata(request))
+    end
+  end
+end
diff --git a/ruby/lib/services/provider_service.rb b/ruby/lib/services/provider_service.rb
@@ -0,0 +1,46 @@
+require 'services/service_base'
+
+module Trinsic
+  class ProviderService < ServiceBase
+
+    def initialize(service_options = nil)
+      super(service_options)
+      if @service_options.server_use_tls
+        channel_creds = GRPC::Core::ChannelCredentials.new
+        @client = Provider_V1::Provider::Stub.new(get_url, channel_creds)
+      else
+        @client = Provider_V1::Provider::Stub.new(get_url, :this_channel_is_insecure)
+      end
+    end
+
+    def invite_participant(request)
+      # Ensure a field has been set
+      raise('Contact method must be set') if request.email.nil? and request.phone.nil? and request.didcomm_invitation.nil?
+
+      @client.invite(request, metadata: metadata(request))
+    end
+
+    def accept_invite(request)
+      @client.accept_invite(request, metadata: metadata(request))
+    end
+
+    def invitation_status(request)
+      # Onboarding reference ID must be set
+      raise('invitation id must be set') if request.invitation_id.nil?
+
+      @client.invitation_status(request, metadata: metadata(request))
+    end
+
+    def create_ecosystem(request)
+      @client.create_ecosystem(request, metadata: metadata(request))
+    end
+
+    # def list_ecosystems(request = nil)
+    #   if request == nil
+    #     request = Provider_V1::ListEcosystemsRequest.new
+    #   end
+    #   response = @client.list_ecosystems(request, metadata: metadata(request))
+    #   response.ecosystem
+    # end
+  end
+end
diff --git a/ruby/lib/services/service_base.rb b/ruby/lib/services/service_base.rb
@@ -0,0 +1,28 @@
+module Trinsic
+class ServiceBase
+  def initialize(service_options)
+    @service_options = service_options || trinsic_server
+    @security_provider = OberonSecurityProvider.new
+  end
+
+  def metadata(message)
+    if @service_options.nil? || @service_options.auth_token.nil?
+      raise Error, 'Cannot call authenticated endpoint: profile must be set'
+    end
+
+    { 'authorization' => @security_provider.get_auth_header(Account_V1::AccountProfile.decode(Base64.urlsafe_decode64(@service_options.auth_token)), message) }
+  end
+
+  def profile=(new_profile)
+    @service_options.auth_token = new_profile
+  end
+
+  def profile
+    @service_options.auth_token
+  end
+
+  def get_url
+    "#{@service_options.server_endpoint}:#{@service_options.server_port}"
+  end
+end
+end
diff --git a/ruby/lib/services/trust_registry_service.rb b/ruby/lib/services/trust_registry_service.rb
@@ -0,0 +1,70 @@
+require 'services/service_base'
+require 'json'
+
+module Trinsic
+  class TrustRegistryService < ServiceBase
+
+    def initialize(service_options = nil)
+      super(service_options)
+      if @service_options.server_use_tls
+        channel_creds = GRPC::Core::ChannelCredentials.new
+        @client = TrustRegistry_V1::TrustRegistry::Stub.new(get_url, channel_creds)
+      else
+        @client = TrustRegistry_V1::TrustRegistry::Stub.new(get_url, :this_channel_is_insecure)
+      end
+    end
+
+    def register_governance_framework(request)
+      # TODO - verify uri
+      # request = TrustRegistry_V1::AddFrameworkRequest.new(governance_framework: governance_framework,
+      #                                                     description: description)
+      @client.add_framework(request, metadata: metadata(request))
+    end
+
+    def remove_framework(request)
+      @client.remove_framework(request, metadata: metadata(request))
+    end
+
+    def register_issuer(request)
+      response = @client.register_issuer(request, metadata: metadata(request))
+      raise("cannot register issuer: code #{response.status}") unless response.status == :SUCCESS
+    end
+
+    def register_verifier(request)
+      response = @client.register_verifier(request, metadata: metadata(request))
+      raise("cannot register verifier: code #{response.status}") unless response.status == :SUCCESS
+    end
+
+    def unregister_issuer(request)
+      response = @client.unregister_issuer(request, metadata: metadata(request))
+      raise("cannot unregister issuer: code #{response.status}") unless response.status == :SUCCESS
+    end
+
+    def unregister_verifier(request)
+      response = @client.unregister_verifier(request, metadata: metadata(request))
+      raise("cannot unregister verifier: code #{response.status}") unless response.status == :SUCCESS
+    end
+
+    def check_issuer_status(request)
+      response = @client.check_issuer_status(request, metadata: metadata(request))
+      response.status
+    end
+
+    def check_verifier_status(request)
+      response = @client.check_verifier_status(request, metadata: metadata(request))
+      response.status
+    end
+
+    def search_registry(request = nil)
+      # request = TrustRegistry_V1::SearchRegistryRequest.new(query: query)
+      request ||= TrustRegistry_V1::SearchRegistryRequest.new
+      request.query = request.query.empty? ? "SELECT * FROM c" : request.query
+      @client.search_registry(request, metadata: metadata(request))
+      # JSON.parse(response.items_json)
+    end
+
+    def fetch_data(request)
+      @client.fetch_data(request, metadata: metadata(request))
+    end
+  end
+end
diff --git a/ruby/lib/services/wallet_service.rb b/ruby/lib/services/wallet_service.rb
@@ -0,0 +1,32 @@
+require 'services/service_base'
+
+module Trinsic
+  class WalletService < ServiceBase
+
+    def initialize(service_options = nil)
+      super(service_options)
+      if @service_options.server_use_tls
+        channel_creds = GRPC::Core::ChannelCredentials.new
+        @client = Wallet_V1::UniversalWallet::Stub.new(get_url, channel_creds)
+      else
+        @client = Wallet_V1::UniversalWallet::Stub.new(get_url, :this_channel_is_insecure)
+      end
+    end
+
+    def search(request = nil)
+      # request = Wallet_V1::SearchRequest.new(query: query)
+      request = request || Wallet_V1::SearchRequest.new
+      request.query = request.query.empty? ? "SELECT c.id, c.type, c.data FROM c" : request.query
+      @client.search(request, metadata: metadata(request))
+    end
+
+    def insert_item(request)
+      # request = Wallet_V1::InsertItemRequest.new(item_json: JSON.generate(item))
+      @client.insert_item(request, metadata: metadata(request)).item_id
+    end
+
+    def delete_item(request)
+      @client.delete_item(request, metadata: metadata(request))
+    end
+  end
+end