Remove default_ecosystem (#840)

cli/src/proto/sdk/options/v1/mod.rs

@@ -11,9 +11,9 @@ pub struct ServiceOptions {
     #[prost(bool, tag = "3")]
     pub server_use_tls: bool,
     /// Authentication token for SDK calls; defaults to empty string (unauthenticated)
+    ///
+    /// Default ecosystem ID to use for various SDK calls; defaults to `default`
+    /// string default_ecosystem = 5;
     #[prost(string, tag = "4")]
     pub auth_token: ::prost::alloc::string::String,
-    /// Default ecosystem ID to use for various SDK calls; defaults to `default`
-    #[prost(string, tag = "5")]
-    pub default_ecosystem: ::prost::alloc::string::String,
 }

cli/src/proto/services/provider/v1/mod.rs

@@ -106,6 +106,18 @@ pub struct WebhookConfig {
     pub status: ::prost::alloc::string::String,
 }
 #[derive(::serde::Serialize, ::serde::Deserialize, Clone, PartialEq, ::prost::Message)]
+pub struct Grant {
+    /// the urn of the resource
+    #[prost(string, tag = "1")]
+    pub resource_id: ::prost::alloc::string::String,
+    /// list of actions that are allowed
+    #[prost(string, repeated, tag = "2")]
+    pub actions: ::prost::alloc::vec::Vec<::prost::alloc::string::String>,
+    /// any child grants
+    #[prost(message, repeated, tag = "3")]
+    pub child_grants: ::prost::alloc::vec::Vec<Grant>,
+}
+#[derive(::serde::Serialize, ::serde::Deserialize, Clone, PartialEq, ::prost::Message)]
 pub struct CreateEcosystemRequest {
     /// Globally unique name for the Ecosystem. This name will be
     /// part of the ecosystem specific URLs and namespaces.
@@ -232,6 +244,65 @@ pub struct GetEventTokenResponse {
     #[prost(string, tag = "1")]
     pub token: ::prost::alloc::string::String,
 }
+/// grant permissions to a resource or path in the ecosystem
+#[derive(::serde::Serialize, ::serde::Deserialize, Clone, PartialEq, ::prost::Message)]
+pub struct GrantAuthorizationRequest {
+    /// resources are specified as a restful path: /{ecoId}/{resource type}/{resource id}. EcosystemId maybe ommited
+    #[prost(string, tag = "3")]
+    pub resource: ::prost::alloc::string::String,
+    /// action to authorize. default is "*" (all)
+    #[prost(string, tag = "4")]
+    pub action: ::prost::alloc::string::String,
+    #[prost(oneof = "grant_authorization_request::Account", tags = "1, 2")]
+    pub account: ::core::option::Option<grant_authorization_request::Account>,
+}
+/// Nested message and enum types in `GrantAuthorizationRequest`.
+pub mod grant_authorization_request {
+    #[derive(::serde::Serialize, ::serde::Deserialize, Clone, PartialEq, ::prost::Oneof)]
+    pub enum Account {
+        /// email associted with the account
+        #[prost(string, tag = "1")]
+        Email(::prost::alloc::string::String),
+        /// wallet id of the account
+        #[prost(string, tag = "2")]
+        WalletId(::prost::alloc::string::String),
+    }
+}
+#[derive(::serde::Serialize, ::serde::Deserialize, Clone, PartialEq, ::prost::Message)]
+pub struct GrantAuthorizationResponse {}
+/// revoke permissions to a resource or path in the ecosystem
+#[derive(::serde::Serialize, ::serde::Deserialize, Clone, PartialEq, ::prost::Message)]
+pub struct RevokeAuthorizationRequest {
+    /// resources are specified as a restful path: /{ecoId}/{resource type}/{resource id}. EcosystemId maybe ommited
+    #[prost(string, tag = "3")]
+    pub resource: ::prost::alloc::string::String,
+    /// action to revoke. default is "*" (all)
+    #[prost(string, tag = "4")]
+    pub action: ::prost::alloc::string::String,
+    #[prost(oneof = "revoke_authorization_request::Account", tags = "1, 2")]
+    pub account: ::core::option::Option<revoke_authorization_request::Account>,
+}
+/// Nested message and enum types in `RevokeAuthorizationRequest`.
+pub mod revoke_authorization_request {
+    #[derive(::serde::Serialize, ::serde::Deserialize, Clone, PartialEq, ::prost::Oneof)]
+    pub enum Account {
+        /// email associted with the account
+        #[prost(string, tag = "1")]
+        Email(::prost::alloc::string::String),
+        /// wallet id of the account
+        #[prost(string, tag = "2")]
+        WalletId(::prost::alloc::string::String),
+    }
+}
+#[derive(::serde::Serialize, ::serde::Deserialize, Clone, PartialEq, ::prost::Message)]
+pub struct RevokeAuthorizationResponse {}
+#[derive(::serde::Serialize, ::serde::Deserialize, Clone, PartialEq, ::prost::Message)]
+pub struct GetAuthorizationsRequest {}
+#[derive(::serde::Serialize, ::serde::Deserialize, Clone, PartialEq, ::prost::Message)]
+pub struct GetAuthorizationsResponse {
+    #[prost(message, repeated, tag = "1")]
+    pub grants: ::prost::alloc::vec::Vec<Grant>,
+}
 #[derive(::serde::Serialize, ::serde::Deserialize, Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, ::prost::Enumeration)]
 #[repr(i32)]
 pub enum ParticipantType {
@@ -318,6 +389,45 @@ pub mod provider_client {
             let path = http::uri::PathAndQuery::from_static("/services.provider.v1.Provider/UpdateEcosystem");
             self.inner.unary(request.into_request(), path, codec).await
         }
+        #[doc = " Grant authorization to ecosystem resources"]
+        pub async fn grant_authorization(
+            &mut self,
+            request: impl tonic::IntoRequest<super::GrantAuthorizationRequest>,
+        ) -> Result<tonic::Response<super::GrantAuthorizationResponse>, tonic::Status> {
+            self.inner
+                .ready()
+                .await
+                .map_err(|e| tonic::Status::new(tonic::Code::Unknown, format!("Service was not ready: {}", e.into())))?;
+            let codec = tonic::codec::ProstCodec::default();
+            let path = http::uri::PathAndQuery::from_static("/services.provider.v1.Provider/GrantAuthorization");
+            self.inner.unary(request.into_request(), path, codec).await
+        }
+        #[doc = " Revoke authorization to ecosystem resources"]
+        pub async fn revoke_authorization(
+            &mut self,
+            request: impl tonic::IntoRequest<super::RevokeAuthorizationRequest>,
+        ) -> Result<tonic::Response<super::RevokeAuthorizationResponse>, tonic::Status> {
+            self.inner
+                .ready()
+                .await
+                .map_err(|e| tonic::Status::new(tonic::Code::Unknown, format!("Service was not ready: {}", e.into())))?;
+            let codec = tonic::codec::ProstCodec::default();
+            let path = http::uri::PathAndQuery::from_static("/services.provider.v1.Provider/RevokeAuthorization");
+            self.inner.unary(request.into_request(), path, codec).await
+        }
+        #[doc = " Retreive the list of permissions for this particular account/ecosystem"]
+        pub async fn get_authorizations(
+            &mut self,
+            request: impl tonic::IntoRequest<super::GetAuthorizationsRequest>,
+        ) -> Result<tonic::Response<super::GetAuthorizationsResponse>, tonic::Status> {
+            self.inner
+                .ready()
+                .await
+                .map_err(|e| tonic::Status::new(tonic::Code::Unknown, format!("Service was not ready: {}", e.into())))?;
+            let codec = tonic::codec::ProstCodec::default();
+            let path = http::uri::PathAndQuery::from_static("/services.provider.v1.Provider/GetAuthorizations");
+            self.inner.unary(request.into_request(), path, codec).await
+        }
         #[doc = " Add a webhook endpoint to the ecosystem"]
         pub async fn add_webhook(
             &mut self,

cli/src/services/account.rs

@@ -5,7 +5,6 @@ use crate::proto::services::account::v1::login_response::Response;
 use crate::proto::services::account::v1::AuthorizeWebhookRequest;
 use crate::utils::to_value;
 use crate::{
-    dict,
     error::Error,
     grpc_channel, grpc_client, grpc_client_with_auth,
     proto::services::account::v1::{
@@ -30,7 +29,7 @@ pub(crate) fn execute(args: &Command, config: CliConfig) -> Result<Output, Error
 
 #[tokio::main]
 async fn sign_in(args: &SignInArgs, config: CliConfig) -> Result<Output, Error> {
-    let ecosystem = args.ecosystem.as_ref().map_or(config.options.default_ecosystem.clone(), |x| x.to_owned());
+    let ecosystem = args.ecosystem.as_ref().map_or("default".into(), |x| x.to_owned());
 
     let mut client = grpc_client!(AccountClient<Channel>, config.to_owned());
 

cli/src/services/config.rs

@@ -52,7 +52,6 @@ impl Default for CliConfig {
                 server_endpoint: DEFAULT_SERVER_ENDPOINT.into(),
                 server_port: DEFAULT_SERVER_PORT,
                 server_use_tls: DEFAULT_SERVER_USE_TLS,
-                default_ecosystem: "default".into(),
                 auth_token: "".into(),
             },
             defaults: None,
@@ -191,8 +190,7 @@ fn print() -> Result<Output, Error> {
         "server endpoint".into() => Item::String(config.server_endpoint),
         "server port".into() => Item::String(config.server_port.to_string()),
         "server use tls".into() => Item::String(config.server_use_tls.to_string()),
-        "auth token".into() => Item::String(config.auth_token),
-        "default ecosystem".into() => Item::String(config.default_ecosystem)
+        "auth token".into() => Item::String(config.auth_token)
     })
 }
 
@@ -210,9 +208,6 @@ fn save(args: &SdkOptionsArgs) -> Result<Output, Error> {
     if args.auth_token.is_some() {
         config.options.auth_token = args.auth_token.as_ref().unwrap().to_string();
     }
-    if args.default_ecosystem.is_some() {
-        config.options.default_ecosystem = args.default_ecosystem.as_ref().unwrap().to_string();
-    }
 
     config.save()?;
 
@@ -250,7 +245,6 @@ mod test {
             server_endpoint: "example.com".into(),
             server_port: 443,
             server_use_tls: true,
-            default_ecosystem: "default".into(),
             ..Default::default()
         };
 

dart/example/vaccine_example.dart

@@ -4,6 +4,7 @@ import 'package:path/path.dart' as path;
 import 'package:trinsic_dart/src/proto/services/account/v1/account.pbgrpc.dart';
 import 'package:trinsic_dart/src/proto/services/universal-wallet/v1/universal-wallet.pbgrpc.dart';
 import 'package:trinsic_dart/src/proto/services/verifiable-credentials/v1/verifiable-credentials.pbgrpc.dart';
+import 'package:trinsic_dart/src/trinsic_service.dart';
 import 'package:trinsic_dart/src/trinsic_util.dart';
 import 'package:trinsic_dart/trinsic.dart';
 
@@ -22,36 +23,26 @@ String vaccineCertFramePath() {
 }
 
 Future runVaccineDemo() async {
-  // createAccountService() {
-  var accountService = AccountService(trinsicConfig());
-  var account = await accountService.signIn();
+  // createService() {
+  var trinsic = TrinsicService(trinsicConfig());
   // }
 
-  // createProviderService() {
-  var providerService = ProviderService(trinsicConfig(authToken: account));
-  var ecosystem = await providerService.createEcosystem();
+  // createEcosystem() {
+  var ecosystem = await trinsic.provider().createEcosystem();
   var ecosystemId = ecosystem.ecosystem.id;
   // }
 
   // setupActors() {
   // Create 3 different profiles for each participant in the scenario
-  var allison = await accountService.signIn(
-      request: SignInRequest(ecosystemId: ecosystemId));
-  var clinic = await accountService.signIn(
-      request: SignInRequest(ecosystemId: ecosystemId));
-  var airline = await accountService.signIn(
-      request: SignInRequest(ecosystemId: ecosystemId));
+  var allison = await trinsic.account().signIn();
+  var clinic = await trinsic.account().signIn();
+  var airline = await trinsic.account().signIn();
   // }
 
-  accountService.serviceOptions.authToken = clinic;
-  var info = await accountService.getInfo();
+  trinsic.serviceOptions.authToken = clinic;
+  var info = await trinsic.account().getInfo();
   print("Account info=$info");
 
-  // createService() {
-  var walletService = WalletService(trinsicConfig(authToken: allison));
-  var credentialService = CredentialService(trinsicConfig(authToken: clinic));
-  // }
-
   // storeAndRecallProfile() {
   // Store profile for later use
   var fid = File('allison.txt');
@@ -66,8 +57,9 @@ Future runVaccineDemo() async {
   var credentialJson = await vaccineCertFile.readAsString();
 
   // issueCredential() {
-  var issueResponse =
-      await credentialService.issue(IssueRequest(documentJson: credentialJson));
+  var issueResponse = await trinsic
+      .credential()
+      .issue(IssueRequest(documentJson: credentialJson));
   // }
   var credential = issueResponse.signedDocumentJson;
   print("Credential: $credential");
@@ -76,10 +68,11 @@ Future runVaccineDemo() async {
 
   // storeCredential() {
   // Alice stores the credential in her cloud wallet.
-  walletService.serviceOptions.authToken = allison;
+  trinsic.serviceOptions.authToken = allison;
   // insertItemWallet() {
-  var insertResponse =
-      await walletService.insertItem(InsertItemRequest(itemJson: credential));
+  var insertResponse = await trinsic
+      .wallet()
+      .insertItem(InsertItemRequest(itemJson: credential));
   // }
   var itemId = insertResponse.itemId;
   // }
@@ -89,12 +82,10 @@ Future runVaccineDemo() async {
   // shareCredential() {
   // Allison shares the credential with the venue.
   // The venue has communicated with Allison the details of the credential that the require expressed as a JSON-LD frame.
-  credentialService.serviceOptions.authToken = allison;
-  walletService.serviceOptions.authToken = allison;
   var proofRequestJson = await File(vaccineCertFramePath()).readAsString();
 
   // createProof() {
-  var proofResponse = await credentialService.createProof(
+  var proofResponse = await trinsic.credential().createProof(
       CreateProofRequest(revealDocumentJson: proofRequestJson, itemId: itemId));
   // }
   var credentialProof = proofResponse.proofDocumentJson;
@@ -103,10 +94,10 @@ Future runVaccineDemo() async {
 
   // verifyCredential() {
   // The airline verifies the credential
-  credentialService.serviceOptions.authToken = airline;
-  walletService.serviceOptions.authToken = airline;
+  trinsic.serviceOptions.authToken = airline;
   // verifyProof() {
-  var verifyResult = await credentialService
+  var verifyResult = await trinsic
+      .credential()
       .verifyProof(VerifyProofRequest(proofDocumentJson: credentialProof));
   // }
   var valid = verifyResult.isValid;

dart/lib/src/account_service.dart

@@ -18,9 +18,8 @@ class AccountService extends ServiceBase {
 
   Future<String> signIn({SignInRequest? request}) async {
     request ??= SignInRequest();
-    request.ecosystemId = request.ecosystemId != ""
-        ? request.ecosystemId
-        : serviceOptions.defaultEcosystem;
+    request.ecosystemId =
+        request.ecosystemId != "" ? request.ecosystemId : "default";
     SignInResponse response = await client.signIn(request);
     var authToken =
         Base64Encoder.urlSafe().convert(response.profile.writeToBuffer());
@@ -70,9 +69,6 @@ class AccountService extends ServiceBase {
 
   Future<LoginResponse> login({LoginRequest? request}) async {
     request ??= LoginRequest();
-    request.ecosystemId = request.ecosystemId != ""
-        ? request.ecosystemId
-        : serviceOptions.defaultEcosystem;
     return await client.login(request);
   }
 

dart/lib/src/proto/sdk/options/v1/options.pb.dart

@@ -40,11 +40,6 @@ class ServiceOptions extends $pb.GeneratedMessage {
         const $core.bool.fromEnvironment('protobuf.omit_field_names')
             ? ''
             : 'authToken')
-    ..aOS(
-        5,
-        const $core.bool.fromEnvironment('protobuf.omit_field_names')
-            ? ''
-            : 'defaultEcosystem')
     ..hasRequiredFields = false;
 
   ServiceOptions._() : super();
@@ -53,7 +48,6 @@ class ServiceOptions extends $pb.GeneratedMessage {
     $core.int? serverPort,
     $core.bool? serverUseTls,
     $core.String? authToken,
-    $core.String? defaultEcosystem,
   }) {
     final _result = create();
     if (serverEndpoint != null) {
@@ -68,9 +62,6 @@ class ServiceOptions extends $pb.GeneratedMessage {
     if (authToken != null) {
       _result.authToken = authToken;
     }
-    if (defaultEcosystem != null) {
-      _result.defaultEcosystem = defaultEcosystem;
-    }
     return _result;
   }
   factory ServiceOptions.fromBuffer($core.List<$core.int> i,
@@ -147,16 +138,4 @@ class ServiceOptions extends $pb.GeneratedMessage {
   $core.bool hasAuthToken() => $_has(3);
   @$pb.TagNumber(4)
   void clearAuthToken() => clearField(4);
-
-  @$pb.TagNumber(5)
-  $core.String get defaultEcosystem => $_getSZ(4);
-  @$pb.TagNumber(5)
-  set defaultEcosystem($core.String v) {
-    $_setString(4, v);
-  }
-
-  @$pb.TagNumber(5)
-  $core.bool hasDefaultEcosystem() => $_has(4);
-  @$pb.TagNumber(5)
-  void clearDefaultEcosystem() => clearField(5);
 }

dart/lib/src/proto/sdk/options/v1/options.pbjson.dart

@@ -23,16 +23,9 @@ const ServiceOptions$json = const {
     const {'1': 'server_port', '3': 2, '4': 1, '5': 5, '10': 'serverPort'},
     const {'1': 'server_use_tls', '3': 3, '4': 1, '5': 8, '10': 'serverUseTls'},
     const {'1': 'auth_token', '3': 4, '4': 1, '5': 9, '10': 'authToken'},
-    const {
-      '1': 'default_ecosystem',
-      '3': 5,
-      '4': 1,
-      '5': 9,
-      '10': 'defaultEcosystem'
-    },
   ],
 };
 
 /// Descriptor for `ServiceOptions`. Decode as a `google.protobuf.DescriptorProto`.
 final $typed_data.Uint8List serviceOptionsDescriptor = $convert.base64Decode(
-    'Cg5TZXJ2aWNlT3B0aW9ucxInCg9zZXJ2ZXJfZW5kcG9pbnQYASABKAlSDnNlcnZlckVuZHBvaW50Eh8KC3NlcnZlcl9wb3J0GAIgASgFUgpzZXJ2ZXJQb3J0EiQKDnNlcnZlcl91c2VfdGxzGAMgASgIUgxzZXJ2ZXJVc2VUbHMSHQoKYXV0aF90b2tlbhgEIAEoCVIJYXV0aFRva2VuEisKEWRlZmF1bHRfZWNvc3lzdGVtGAUgASgJUhBkZWZhdWx0RWNvc3lzdGVt');
+    'Cg5TZXJ2aWNlT3B0aW9ucxInCg9zZXJ2ZXJfZW5kcG9pbnQYASABKAlSDnNlcnZlckVuZHBvaW50Eh8KC3NlcnZlcl9wb3J0GAIgASgFUgpzZXJ2ZXJQb3J0EiQKDnNlcnZlcl91c2VfdGxzGAMgASgIUgxzZXJ2ZXJVc2VUbHMSHQoKYXV0aF90b2tlbhgEIAEoCVIJYXV0aFRva2Vu');