From fcd11b061783d367e65d9633ee9ff26b1e11d4cb Mon Sep 17 00:00:00 2001 From: Nander Stabel Date: Wed, 8 May 2024 22:18:17 +0200 Subject: [PATCH] feat: implement `Subject` responsible for singing and verifying data (#51) --- Cargo.lock | 44 ++++++---- Cargo.toml | 2 +- .../verification/relying_party/redirect.rs | 6 +- agent_application/src/main.rs | 6 +- agent_issuance/src/credential/aggregate.rs | 11 +-- agent_issuance/src/offer/aggregate.rs | 38 ++++---- agent_secret_manager/Cargo.toml | 2 + agent_secret_manager/src/aggregate.rs | 9 +- agent_secret_manager/src/lib.rs | 3 +- agent_secret_manager/src/services.rs | 13 +-- agent_secret_manager/src/subject.rs | 86 +++++++++++++++++++ .../src/authorization_request/aggregate.rs | 6 +- .../src/connection/aggregate.rs | 7 +- agent_verification/src/services.rs | 7 +- 14 files changed, 176 insertions(+), 64 deletions(-) create mode 100644 agent_secret_manager/src/subject.rs diff --git a/Cargo.lock b/Cargo.lock index 480f300c..aeb3825d 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -172,9 +172,11 @@ dependencies = [ "agent_shared", "anyhow", "async-trait", + "base64 0.22.1", "cqrs-es", "did_manager", "futures", + "identity_iota", "log", "oid4vc-core", "serde", @@ -791,9 +793,9 @@ checksum = "9d297deb1925b89f2ccc13d7635fa0714f12c87adce1c75356b39ca9b7178567" [[package]] name = "base64" -version = "0.22.0" +version = "0.22.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9475866fec1451be56a3c2400fd081ff546538961565ccb5b7142cbd22bc7a51" +checksum = "72b3254f16251a8381aa12e40e3c4d2f0199f8c6508fbecb9d91f575e0fbb8c6" [[package]] name = "base64-url" @@ -1182,13 +1184,13 @@ checksum = "f7144d30dcf0fafbce74250a3963025d8d52177934239851c917d29f1df280c2" [[package]] name = "consumer" version = "0.1.0" -source = "git+https://git@github.com/impierce/did-manager.git?rev=11ce737#11ce737f0c8204029b70b831c1a6ed3a54d6ae15" +source = "git+https://git@github.com/impierce/did-manager.git?rev=c70c0f1#c70c0f175fdbbd4b7c4b05e466aad4969ae3b627" dependencies = [ + "did_iota", "did_jwk", "did_key", "did_web", "identity_iota", - "iota-sdk", "shared", "signature 2.2.0", "tokio", @@ -1713,10 +1715,23 @@ dependencies = [ "ssi-dids", ] +[[package]] +name = "did_iota" +version = "0.1.0" +source = "git+https://git@github.com/impierce/did-manager.git?rev=c70c0f1#c70c0f175fdbbd4b7c4b05e466aad4969ae3b627" +dependencies = [ + "identity_iota", + "identity_stronghold", + "iota-sdk", + "log", + "shared", + "tokio", +] + [[package]] name = "did_jwk" version = "0.1.0" -source = "git+https://git@github.com/impierce/did-manager.git?rev=11ce737#11ce737f0c8204029b70b831c1a6ed3a54d6ae15" +source = "git+https://git@github.com/impierce/did-manager.git?rev=c70c0f1#c70c0f175fdbbd4b7c4b05e466aad4969ae3b627" dependencies = [ "did-jwk", "identity_iota", @@ -1733,7 +1748,7 @@ dependencies = [ [[package]] name = "did_key" version = "0.1.0" -source = "git+https://git@github.com/impierce/did-manager.git?rev=11ce737#11ce737f0c8204029b70b831c1a6ed3a54d6ae15" +source = "git+https://git@github.com/impierce/did-manager.git?rev=c70c0f1#c70c0f175fdbbd4b7c4b05e466aad4969ae3b627" dependencies = [ "did-key", "did-method-key", @@ -1752,7 +1767,7 @@ dependencies = [ [[package]] name = "did_manager" version = "0.1.0" -source = "git+https://git@github.com/impierce/did-manager.git?rev=11ce737#11ce737f0c8204029b70b831c1a6ed3a54d6ae15" +source = "git+https://git@github.com/impierce/did-manager.git?rev=c70c0f1#c70c0f175fdbbd4b7c4b05e466aad4969ae3b627" dependencies = [ "consumer", "producer", @@ -1780,7 +1795,7 @@ dependencies = [ [[package]] name = "did_web" version = "0.1.0" -source = "git+https://git@github.com/impierce/did-manager.git?rev=11ce737#11ce737f0c8204029b70b831c1a6ed3a54d6ae15" +source = "git+https://git@github.com/impierce/did-manager.git?rev=c70c0f1#c70c0f175fdbbd4b7c4b05e466aad4969ae3b627" dependencies = [ "did-web", "identity_iota", @@ -5003,26 +5018,19 @@ dependencies = [ [[package]] name = "producer" version = "0.1.0" -source = "git+https://git@github.com/impierce/did-manager.git?rev=11ce737#11ce737f0c8204029b70b831c1a6ed3a54d6ae15" +source = "git+https://git@github.com/impierce/did-manager.git?rev=c70c0f1#c70c0f175fdbbd4b7c4b05e466aad4969ae3b627" dependencies = [ - "anyhow", - "async-trait", - "base64 0.22.0", - "consumer", + "did_iota", "did_jwk", "did_key", "did_web", - "futures", "identity_iota", "identity_stronghold", "iota-sdk", "iota_stronghold", "log", - "oid4vc-core", "serde", - "serde_json", "shared", - "signature 2.2.0", "url", ] @@ -6072,7 +6080,7 @@ dependencies = [ [[package]] name = "shared" version = "0.1.0" -source = "git+https://git@github.com/impierce/did-manager.git?rev=11ce737#11ce737f0c8204029b70b831c1a6ed3a54d6ae15" +source = "git+https://git@github.com/impierce/did-manager.git?rev=c70c0f1#c70c0f175fdbbd4b7c4b05e466aad4969ae3b627" dependencies = [ "identity_iota", "identity_stronghold", diff --git a/Cargo.toml b/Cargo.toml index 5c29382c..342cb865 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -17,7 +17,7 @@ edition = "2021" rust-version = "1.76.0" [workspace.dependencies] -did_manager = { git = "https://git@github.com/impierce/did-manager.git", rev = "11ce737" } +did_manager = { git = "https://git@github.com/impierce/did-manager.git", rev = "c70c0f1" } siopv2 = { git = "https://git@github.com/impierce/openid4vc.git", rev = "a932af7" } oid4vci = { git = "https://git@github.com/impierce/openid4vc.git", rev = "a932af7" } oid4vc-core = { git = "https://git@github.com/impierce/openid4vc.git", rev = "a932af7" } diff --git a/agent_api_rest/src/verification/relying_party/redirect.rs b/agent_api_rest/src/verification/relying_party/redirect.rs index 8df46dab..865ba513 100644 --- a/agent_api_rest/src/verification/relying_party/redirect.rs +++ b/agent_api_rest/src/verification/relying_party/redirect.rs @@ -64,7 +64,7 @@ pub mod tests { verification::{authorization_requests::tests::authorization_requests, relying_party::request::tests::request}, }; use agent_event_publisher_http::{EventPublisherHttp, TEST_EVENT_PUBLISHER_HTTP_CONFIG}; - use agent_secret_manager::secret_manager; + use agent_secret_manager::{secret_manager, subject::Subject}; use agent_shared::config; use agent_store::{in_memory, EventPublisher}; use agent_verification::services::test_utils::test_verification_services; @@ -108,7 +108,9 @@ pub mod tests { .unwrap(); let provider_manager = ProviderManager::new( - Arc::new(futures::executor::block_on(async { secret_manager().await })), + Arc::new(Subject { + secret_manager: secret_manager().await, + }), "did:key", ) .unwrap(); diff --git a/agent_application/src/main.rs b/agent_application/src/main.rs index 333dd791..77262c83 100644 --- a/agent_application/src/main.rs +++ b/agent_application/src/main.rs @@ -3,7 +3,7 @@ use std::{str::FromStr, sync::Arc}; use agent_api_rest::app; use agent_event_publisher_http::EventPublisherHttp; use agent_issuance::{startup_commands::startup_commands, state::initialize}; -use agent_secret_manager::secret_manager; +use agent_secret_manager::{secret_manager, subject::Subject}; use agent_shared::config; use agent_store::{in_memory, postgres, EventPublisher}; use agent_verification::services::VerificationServices; @@ -27,7 +27,9 @@ async fn main() { let default_did_method = config!("default_did_method").unwrap_or("did:key".to_string()); let verification_services = Arc::new(VerificationServices::new( - Arc::new(secret_manager().await), + Arc::new(Subject { + secret_manager: secret_manager().await, + }), // TODO: Temporary solution. Remove this once `ClientMetadata` is part of `RelyingPartyManager`. ClientMetadataResource::ClientMetadata { client_name: None, diff --git a/agent_issuance/src/credential/aggregate.rs b/agent_issuance/src/credential/aggregate.rs index 1a0f6aef..7881a126 100644 --- a/agent_issuance/src/credential/aggregate.rs +++ b/agent_issuance/src/credential/aggregate.rs @@ -3,7 +3,7 @@ use async_trait::async_trait; use cqrs_es::Aggregate; use derivative::Derivative; use jsonwebtoken::{Algorithm, Header}; -use oid4vc_core::{jwt, Subject}; +use oid4vc_core::{jwt, Subject as _}; use oid4vci::VerifiableCredentialJwt; use serde::{Deserialize, Serialize}; use serde_json::json; @@ -74,14 +74,11 @@ impl Aggregate for Credential { if self.signed.is_some() && !overwrite { return Ok(vec![]); } - let (issuer, default_did_method) = futures::executor::block_on(async { + let (issuer, default_did_method) = { let mut services = SecretManagerServices::new(None); services.init().await.unwrap(); - ( - Arc::new(services.secret_manager.unwrap()), - services.default_did_method.clone(), - ) - }); + (Arc::new(services.subject.unwrap()), services.default_did_method.clone()) + }; let issuer_did = issuer.identifier(&default_did_method).unwrap(); let signed_credential = { // TODO: Add error message here. diff --git a/agent_issuance/src/offer/aggregate.rs b/agent_issuance/src/offer/aggregate.rs index 09662baa..29b8dfb8 100644 --- a/agent_issuance/src/offer/aggregate.rs +++ b/agent_issuance/src/offer/aggregate.rs @@ -112,11 +112,11 @@ impl Aggregate for Offer { authorization_server_metadata, credential_request, } => { - let issuer = futures::executor::block_on(async { + let issuer = { let mut services = SecretManagerServices::new(None); services.init().await.unwrap(); - Arc::new(services.secret_manager.unwrap()) - }); + Arc::new(services.subject.unwrap()) + }; let credential_issuer = CredentialIssuer { subject: issuer.clone(), @@ -200,10 +200,10 @@ impl Aggregate for Offer { pub mod tests { use super::*; + use agent_secret_manager::subject::Subject; use cqrs_es::test::TestFramework; - use did_manager::SecretManager; use lazy_static::lazy_static; - use oid4vc_core::Subject; + use oid4vc_core::Subject as _; use oid4vci::{ credential_format_profiles::{ w3c_verifiable_credentials::jwt_vc_json::CredentialDefinition, CredentialFormats, Parameters, @@ -228,7 +228,7 @@ pub mod tests { *ACCESS_TOKENS.lock().unwrap() = vec![generate_random_string()].into(); *C_NONCES.lock().unwrap() = vec![generate_random_string()].into(); - let subject = subject(); + let subject = test_subject(); OfferTestFramework::with(OfferServices) .given_no_previous_events() .when(OfferCommand::CreateCredentialOffer) @@ -245,7 +245,7 @@ pub mod tests { *ACCESS_TOKENS.lock().unwrap() = vec![generate_random_string()].into(); *C_NONCES.lock().unwrap() = vec![generate_random_string()].into(); - let subject = subject(); + let subject = test_subject(); OfferTestFramework::with(OfferServices) .given(vec![OfferEvent::CredentialOfferCreated { pre_authorized_code: subject.pre_authorized_code.clone(), @@ -266,7 +266,7 @@ pub mod tests { *ACCESS_TOKENS.lock().unwrap() = vec![generate_random_string()].into(); *C_NONCES.lock().unwrap() = vec![generate_random_string()].into(); - let subject = subject(); + let subject = test_subject(); OfferTestFramework::with(OfferServices) .given(vec![ OfferEvent::CredentialOfferCreated { @@ -292,7 +292,7 @@ pub mod tests { *ACCESS_TOKENS.lock().unwrap() = vec![generate_random_string()].into(); *C_NONCES.lock().unwrap() = vec![generate_random_string()].into(); - let subject = subject(); + let subject = test_subject(); OfferTestFramework::with(OfferServices) .given(vec![ OfferEvent::CredentialOfferCreated { @@ -321,7 +321,7 @@ pub mod tests { *ACCESS_TOKENS.lock().unwrap() = vec![generate_random_string()].into(); *C_NONCES.lock().unwrap() = vec![generate_random_string()].into(); - let subject = subject(); + let subject = test_subject(); OfferTestFramework::with(OfferServices) .given(vec![ OfferEvent::CredentialOfferCreated { @@ -357,7 +357,7 @@ pub mod tests { *ACCESS_TOKENS.lock().unwrap() = vec![generate_random_string()].into(); *C_NONCES.lock().unwrap() = vec![generate_random_string()].into(); - let subject = subject(); + let subject = test_subject(); OfferTestFramework::with(OfferServices) .given(vec![ OfferEvent::CredentialOfferCreated { @@ -388,7 +388,7 @@ pub mod tests { #[derive(Clone)] struct TestSubject { - secret_manager: Arc, + subject: Arc, credential: String, access_token: String, pre_authorized_code: String, @@ -400,15 +400,15 @@ pub mod tests { pub static ref PRE_AUTHORIZED_CODES: Mutex> = Mutex::new(vec![].into()); pub static ref ACCESS_TOKENS: Mutex> = Mutex::new(vec![].into()); pub static ref C_NONCES: Mutex> = Mutex::new(vec![].into()); - static ref SUBJECT_KEY_DID: Arc = Arc::new(secret_manager()); + pub static ref SUBJECT_KEY_DID: Arc = Arc::new(subject()); pub static ref SUBJECT_IDENTIFIER_KEY_ID: String = SUBJECT_KEY_DID.identifier("did:key").unwrap(); } - fn subject() -> TestSubject { + fn test_subject() -> TestSubject { let pre_authorized_code = PRE_AUTHORIZED_CODES.lock().unwrap()[0].clone(); TestSubject { - secret_manager: SUBJECT_KEY_DID.clone(), + subject: SUBJECT_KEY_DID.clone(), credential: VERIFIABLE_CREDENTIAL_JWT.clone(), pre_authorized_code: pre_authorized_code.clone(), access_token: ACCESS_TOKENS.lock().unwrap()[0].clone(), @@ -451,8 +451,8 @@ pub mod tests { proof: Some( KeyProofType::builder() .proof_type(ProofType::Jwt) - .signer(subject.secret_manager.clone()) - .iss(subject.secret_manager.identifier("did:key").unwrap()) + .signer(subject.subject.clone()) + .iss(subject.subject.identifier("did:key").unwrap()) .aud(CREDENTIAL_ISSUER_METADATA.credential_issuer.clone()) .iat(1571324800) .exp(9999999999i64) @@ -475,11 +475,11 @@ pub mod tests { } } - fn secret_manager() -> SecretManager { + fn subject() -> Subject { futures::executor::block_on(async { let mut services = SecretManagerServices::new(None); services.init().await.unwrap(); - services.secret_manager.unwrap() + services.subject.unwrap() }) } } diff --git a/agent_secret_manager/Cargo.toml b/agent_secret_manager/Cargo.toml index 03f21fa8..0e04f243 100644 --- a/agent_secret_manager/Cargo.toml +++ b/agent_secret_manager/Cargo.toml @@ -9,9 +9,11 @@ agent_shared = { path = "../agent_shared" } anyhow = "1.0" async-trait = "0.1" +base64 = { version = "0.22.0" } cqrs-es = "0.4.2" did_manager.workspace = true futures.workspace = true +identity_iota = { version = "1.2" } log = "0.4" oid4vc-core.workspace = true serde.workspace = true diff --git a/agent_secret_manager/src/aggregate.rs b/agent_secret_manager/src/aggregate.rs index e368a8de..bb707253 100644 --- a/agent_secret_manager/src/aggregate.rs +++ b/agent_secret_manager/src/aggregate.rs @@ -28,19 +28,20 @@ impl Aggregate for AgentSecretManager { match command { SecretManagerCommand::Initialize => { let mut guard = services.lock().await; - assert!(guard.secret_manager.is_none()); + assert!(guard.subject.is_none()); guard.init().await.unwrap(); - assert!(guard.secret_manager.is_some()); + assert!(guard.subject.is_some()); Ok(vec![SecretManagerEvent::Initialized {}]) } SecretManagerCommand::EnableDidMethod { method } => { let guard = services.lock().await; - assert!(guard.secret_manager.is_some()); + assert!(guard.subject.is_some()); let result = guard - .secret_manager + .subject .as_ref() .unwrap() + .secret_manager .produce_document(method.clone()) .await; diff --git a/agent_secret_manager/src/lib.rs b/agent_secret_manager/src/lib.rs index 088c9e00..abfc6040 100644 --- a/agent_secret_manager/src/lib.rs +++ b/agent_secret_manager/src/lib.rs @@ -5,6 +5,7 @@ pub mod aggregate; pub mod commands; pub mod events; pub mod services; +pub mod subject; // TODO: find better solution for this pub async fn secret_manager() -> SecretManager { @@ -14,7 +15,7 @@ pub async fn secret_manager() -> SecretManager { match (snapshot_path, password, key_id) { (Ok(snapshot_path), Ok(password), Ok(key_id)) => { - SecretManager::load(snapshot_path, password, key_id).await.unwrap() + SecretManager::load(snapshot_path, password, key_id, None, None).await.unwrap() } (Ok(snapshot_path), Ok(password), _) => SecretManager::generate(snapshot_path, password).await.unwrap(), _ => panic!("Unable to load or generate `SecretManager`. Please make sure to set both `AGENT_SECRET_MANAGER_STRONGHOLD_PATH` and `AGENT_SECRET_MANAGER_STRONGHOLD_PASSWORD` environment variables."), diff --git a/agent_secret_manager/src/services.rs b/agent_secret_manager/src/services.rs index 9471ac87..9f5d27e8 100644 --- a/agent_secret_manager/src/services.rs +++ b/agent_secret_manager/src/services.rs @@ -1,17 +1,18 @@ +use crate::subject::Subject; use agent_shared::config; use anyhow::Result; use did_manager::SecretManager; pub struct SecretManagerServices { - pub secret_manager: Option, + pub subject: Option, pub default_did_method: String, } impl SecretManagerServices { - pub fn new(secret_manager: Option) -> Self { + pub fn new(subject: Option) -> Self { let default_did_method = config!("default_did_method").unwrap_or("did:key".to_string()); Self { - secret_manager, + subject, default_did_method, } } @@ -21,9 +22,11 @@ impl SecretManagerServices { let password = config!("stronghold_password").unwrap(); let key_id = config!("issuer_key_id").unwrap(); - let secret_manager = SecretManager::load(snapshot_path, password, key_id).await.unwrap(); + let secret_manager = SecretManager::load(snapshot_path, password, key_id, None, None) + .await + .unwrap(); - self.secret_manager.replace(secret_manager); + self.subject.replace(Subject { secret_manager }); Ok(()) } diff --git a/agent_secret_manager/src/subject.rs b/agent_secret_manager/src/subject.rs new file mode 100644 index 00000000..1df909b0 --- /dev/null +++ b/agent_secret_manager/src/subject.rs @@ -0,0 +1,86 @@ +use std::sync::Arc; + +use async_trait::async_trait; +use base64::{engine::general_purpose::URL_SAFE_NO_PAD, Engine}; +use did_manager::{DidMethod, Resolver, SecretManager}; +use futures::executor::block_on; +use identity_iota::{did::DID, document::DIDUrlQuery, verification::jwk::JwkParams}; +use oid4vc_core::{authentication::sign::ExternalSign, Sign, Verify}; + +/// Reponsible for signing and verifying data. +pub struct Subject { + pub secret_manager: SecretManager, +} + +#[async_trait] +impl Verify for Subject { + async fn public_key(&self, did_url: &str) -> anyhow::Result> { + let did_url = identity_iota::did::DIDUrl::parse(did_url).unwrap(); + + let resolver = Resolver::new().await; + + let document = resolver.resolve(did_url.did().as_str()).await.unwrap(); + + let verification_method = document + .resolve_method( + DIDUrlQuery::from(&did_url), + Some(identity_iota::verification::MethodScope::VerificationMethod), + ) + .unwrap(); + + // Try decode from `MethodData` directly, else use public JWK params. + verification_method + .data() + .try_decode() + .or_else(|_| { + verification_method + .data() + .public_key_jwk() + .and_then(|public_key_jwk| match public_key_jwk.params() { + JwkParams::Okp(okp_params) => Some(okp_params.x.as_bytes().to_vec()), + JwkParams::Ec(ec_params) => Some(ec_params.x.as_bytes().to_vec()), + _ => None, + }) + .ok_or(anyhow::anyhow!("Failed to decode public key for DID URL: {}", did_url)) + }) + .and_then(|encoded_public_key| URL_SAFE_NO_PAD.decode(encoded_public_key).map_err(Into::into)) + } +} + +#[async_trait] +impl Sign for Subject { + fn key_id(&self, subject_syntax_type: &str) -> Option { + let method: DidMethod = serde_json::from_str(&format!("{subject_syntax_type:?}")).ok()?; + + block_on(async { + self.secret_manager + .produce_document(method) + .await + .ok() + .and_then(|document| document.verification_method().first().cloned()) + .map(|first| first.id().to_string()) + }) + } + + fn sign(&self, message: &str, _subject_syntax_type: &str) -> anyhow::Result> { + Ok(block_on(async { self.secret_manager.sign(message.as_bytes()).await })?) + } + + fn external_signer(&self) -> Option> { + None + } +} + +#[async_trait] +impl oid4vc_core::Subject for Subject { + fn identifier(&self, subject_syntax_type: &str) -> anyhow::Result { + let method: DidMethod = serde_json::from_str(&format!("{subject_syntax_type:?}"))?; + + Ok(block_on(async { + self.secret_manager + .produce_document(method) + .await + .map(|document| document.id().to_string()) + })?) + } +} diff --git a/agent_verification/src/authorization_request/aggregate.rs b/agent_verification/src/authorization_request/aggregate.rs index ddd167f8..87f06b6a 100644 --- a/agent_verification/src/authorization_request/aggregate.rs +++ b/agent_verification/src/authorization_request/aggregate.rs @@ -125,10 +125,10 @@ pub mod tests { use std::str::FromStr; use agent_secret_manager::secret_manager; + use agent_secret_manager::subject::Subject; use cqrs_es::test::TestFramework; - use did_manager::SecretManager; use lazy_static::lazy_static; - use oid4vc_core::Subject; + use oid4vc_core::Subject as _; use oid4vc_core::{client_metadata::ClientMetadataResource, DidMethod, SubjectSyntaxType}; use rstest::rstest; use siopv2::authorization_request::ClientMetadataParameters; @@ -224,7 +224,7 @@ pub mod tests { } lazy_static! { - static ref VERIFIER: SecretManager = futures::executor::block_on(async { secret_manager().await }); + static ref VERIFIER: Subject = futures::executor::block_on(async { Subject { secret_manager: secret_manager().await } }); pub static ref REDIRECT_URI: url::Url = "https://my-domain.example.org/redirect".parse::().unwrap(); static ref FORM_URL_ENCODED_AUTHORIZATION_REQUEST_DID_KEY: String = "\ openid://?\ diff --git a/agent_verification/src/connection/aggregate.rs b/agent_verification/src/connection/aggregate.rs index cfa1b33f..2aa4b981 100644 --- a/agent_verification/src/connection/aggregate.rs +++ b/agent_verification/src/connection/aggregate.rs @@ -76,6 +76,7 @@ pub mod tests { use std::sync::Arc; use agent_secret_manager::secret_manager; + use agent_secret_manager::subject::Subject; use cqrs_es::test::TestFramework; use oid4vc_core::authorization_response::AuthorizationResponse; use oid4vc_manager::ProviderManager; @@ -116,7 +117,11 @@ pub mod tests { siopv2_authorization_request: &SIOPv2AuthorizationRequest, ) -> AuthorizationResponse { let provider_manager = ProviderManager::new( - Arc::new(futures::executor::block_on(async { secret_manager().await })), + Arc::new(futures::executor::block_on(async { + Subject { + secret_manager: secret_manager().await, + } + })), did_method, ) .unwrap(); diff --git a/agent_verification/src/services.rs b/agent_verification/src/services.rs index b4920ece..2fe4dc60 100644 --- a/agent_verification/src/services.rs +++ b/agent_verification/src/services.rs @@ -30,6 +30,7 @@ pub mod test_utils { use std::str::FromStr; use agent_secret_manager::secret_manager; + use agent_secret_manager::subject::Subject; use oid4vc_core::{DidMethod, SubjectSyntaxType}; use siopv2::authorization_request::ClientMetadataParameters; @@ -37,7 +38,11 @@ pub mod test_utils { pub fn test_verification_services(default_did_method: &str) -> Arc { Arc::new(VerificationServices::new( - Arc::new(futures::executor::block_on(async { secret_manager().await })), + Arc::new(futures::executor::block_on(async { + Subject { + secret_manager: secret_manager().await, + } + })), ClientMetadataResource::ClientMetadata { client_name: None, logo_uri: None,