eclipse-edc · bscholtes1A · Jan 25, 2023 · Jan 25, 2023
diff --git a/client-cli/build.gradle.kts b/client-cli/build.gradle.kts
@@ -8,15 +8,15 @@ plugins {
 dependencies {
     api(libs.picocli.core)
     annotationProcessor(libs.picocli.codegen)
-    
+
     implementation(project(":core:identity-hub-client"))
     implementation(project(":extensions:credentials:identity-hub-credentials-jwt"))
     implementation(project(":extensions:identity-hub-verifier-jwt"))
 
+    implementation(edc.core.connector)
     implementation(edc.ext.identity.did.crypto)
     implementation(edc.spi.identity.did)
     implementation(libs.jackson.databind)
-    implementation(libs.okhttp)
     implementation(libs.nimbus.jwt)
 
     testImplementation(testFixtures(project(":spi:identity-hub-spi")))

diff --git a/client-cli/src/main/java/org/eclipse/edc/identityhub/cli/AddVerifiableCredentialCommand.java b/client-cli/src/main/java/org/eclipse/edc/identityhub/cli/AddVerifiableCredentialCommand.java
@@ -21,10 +21,17 @@
 import org.eclipse.edc.identityhub.credentials.jwt.JwtCredentialEnvelope;
 import org.eclipse.edc.identityhub.credentials.jwt.JwtCredentialFactory;
 import org.eclipse.edc.identityhub.spi.credentials.model.Credential;
+import org.eclipse.edc.identityhub.spi.credentials.model.CredentialSubject;
+import org.eclipse.edc.identityhub.spi.credentials.model.VerifiableCredential;
 import picocli.CommandLine;
 import picocli.CommandLine.Command;
 import picocli.CommandLine.ParentCommand;
 
+import java.sql.Date;
+import java.time.Instant;
+import java.time.temporal.ChronoUnit;
+import java.util.Map;
+import java.util.UUID;
 import java.util.concurrent.Callable;
 
 import static org.eclipse.edc.identityhub.cli.CryptoUtils.readEcKeyPemFile;
@@ -34,15 +41,16 @@
 class AddVerifiableCredentialCommand implements Callable<Integer> {
 
     private static final ObjectMapper MAPPER = new ObjectMapper();
+    private static final JwtCredentialFactory JWT_CREDENTIAL_FACTORY = new JwtCredentialFactory(MAPPER);
 
     @ParentCommand
     private VerifiableCredentialsCommand command;
 
     @CommandLine.Spec
     private CommandLine.Model.CommandSpec spec;
 
-    @CommandLine.Option(names = { "-c", "--verifiable-credential" }, required = true, description = "Verifiable Credential as JSON")
-    private String verifiableCredentialJson;
+    @CommandLine.Option(names = { "-c", "--claims" }, required = true, description = "Claims of the Verifiable Credential")
+    private String claims;
 
     @CommandLine.Option(names = { "-i", "--issuer" }, required = true, description = "DID of the Verifiable Credential issuer")
     private String issuer;
@@ -56,8 +64,8 @@ class AddVerifiableCredentialCommand implements Callable<Integer> {
     @Override
     public Integer call() throws Exception {
         var out = spec.commandLine().getOut();
-
-        var credential = toCredential();
+        var credentialSubject = createCredentialSubject();
+        var credential = toCredential(credentialSubject);
         var jwt = toJwt(credential);
 
         command.cli.identityHubClient.addVerifiableCredential(command.cli.hubUrl, new JwtCredentialEnvelope(jwt))
@@ -68,18 +76,34 @@ public Integer call() throws Exception {
         return 0;
     }
 
-    private Credential toCredential() {
+    private CredentialSubject createCredentialSubject() {
+        Map<String, Object> claimsMap;
         try {
-            return MAPPER.readValue(verifiableCredentialJson, Credential.class);
+            claimsMap = MAPPER.readValue(claims, Map.class);
         } catch (JsonProcessingException e) {
             throw new CliException("Error while processing request json.");
         }
+        var builder = CredentialSubject.Builder.newInstance()
+                .id(subject);
+        claimsMap.forEach(builder::claim);
+        return builder.build();
+    }
+
+    private Credential toCredential(CredentialSubject credentialSubject) {
+        return Credential.Builder.newInstance()
+                .id(UUID.randomUUID().toString())
+                .issuer(issuer)
+                .issuanceDate(Date.from(Instant.now().truncatedTo(ChronoUnit.SECONDS)))
+                .context(VerifiableCredential.DEFAULT_CONTEXT)
+                .type(VerifiableCredential.DEFAULT_TYPE)
+                .credentialSubject(credentialSubject)
+                .build();
     }
 
     private SignedJWT toJwt(Credential credential) {
         try {
             var privateKey = readEcKeyPemFile(privateKeyPemFile);
-            return JwtCredentialFactory.buildSignedJwt(credential, issuer, subject, new EcPrivateKeyWrapper(privateKey), MAPPER);
+            return JWT_CREDENTIAL_FACTORY.buildSignedJwt(credential, new EcPrivateKeyWrapper(privateKey));
         } catch (Exception e) {
             throw new CliException("Error while signing Verifiable Credential", e);
         }

diff --git a/client-cli/src/main/java/org/eclipse/edc/identityhub/cli/CryptoUtils.java b/client-cli/src/main/java/org/eclipse/edc/identityhub/cli/CryptoUtils.java
@@ -29,6 +29,9 @@ private CryptoUtils() {
 
     /**
      * Read {@link ECKey} from a PEM file.
+     *
+     * @throws IOException   if file cannot be read.
+     * @throws JOSEException if {@link ECKey} cannot be parsed from PEM.
      */
     public static ECKey readEcKeyPemFile(String file) throws IOException, JOSEException {
         var contents = readString(Path.of(file));

diff --git a/client-cli/src/main/java/org/eclipse/edc/identityhub/cli/GetSelfDescriptionCommand.java b/client-cli/src/main/java/org/eclipse/edc/identityhub/cli/GetSelfDescriptionCommand.java
diff --git a/client-cli/src/main/java/org/eclipse/edc/identityhub/cli/IdentityHubCli.java b/client-cli/src/main/java/org/eclipse/edc/identityhub/cli/IdentityHubCli.java
@@ -14,26 +14,37 @@
 
 package org.eclipse.edc.identityhub.cli;
 
-import com.fasterxml.jackson.databind.ObjectMapper;
+import dev.failsafe.RetryPolicy;
 import okhttp3.OkHttpClient;
+import okhttp3.Response;
+import org.eclipse.edc.connector.core.base.EdcHttpClientImpl;
 import org.eclipse.edc.identityhub.client.IdentityHubClientImpl;
 import org.eclipse.edc.identityhub.client.spi.IdentityHubClient;
 import org.eclipse.edc.identityhub.credentials.jwt.JwtCredentialEnvelopeTransformer;
 import org.eclipse.edc.identityhub.spi.credentials.transformer.CredentialEnvelopeTransformerRegistryImpl;
 import org.eclipse.edc.spi.monitor.ConsoleMonitor;
+import org.eclipse.edc.spi.types.TypeManager;
 import picocli.CommandLine;
 import picocli.CommandLine.Command;
 
+import java.time.temporal.ChronoUnit;
+import java.util.concurrent.TimeUnit;
+
 @Command(name = "identity-hub-cli", mixinStandardHelpOptions = true,
         description = "Client utility for MVD identity hub.",
         subcommands = {
                 VerifiableCredentialsCommand.class,
-                SelfDescriptionCommand.class
         })
 public class IdentityHubCli {
     @CommandLine.Option(names = { "-s", "--identity-hub-url" }, required = true, description = "Identity Hub URL", defaultValue = "http://localhost:8181/api/identity-hub")
     String hubUrl;
 
+    private static final int RETRIES = 3;
+    private static final int CONNECT_TIMEOUT_SECONDS = 30;
+    private static final int READ_TIMEOUT_SECONDS = 30;
+    private static final int MIN_BACKOFF_MILLIS = 500;
+    private static final int MAX_BACKOFF_MILLIS = 10000;
+
     IdentityHubClient identityHubClient;
 
     public static void main(String... args) {
@@ -53,13 +64,24 @@ private int executionStrategy(CommandLine.ParseResult parseResult) {
     }
 
     private void init() {
-        var okHttpClient = new OkHttpClient.Builder().build();
-        var objectMapper = new ObjectMapper();
+        var typeManager = new TypeManager();
         var monitor = new ConsoleMonitor();
 
+        var okHttpClient = new OkHttpClient.Builder()
+                .connectTimeout(CONNECT_TIMEOUT_SECONDS, TimeUnit.SECONDS)
+                .readTimeout(READ_TIMEOUT_SECONDS, TimeUnit.SECONDS)
+                .build();
+
+        var retryPolicy = RetryPolicy.<Response>builder()
+                .withMaxRetries(RETRIES)
+                .withBackoff(MIN_BACKOFF_MILLIS, MAX_BACKOFF_MILLIS, ChronoUnit.MILLIS)
+                .build();
+
+        var client = new EdcHttpClientImpl(okHttpClient, retryPolicy, monitor);
+
         var registry = new CredentialEnvelopeTransformerRegistryImpl();
-        registry.register(new JwtCredentialEnvelopeTransformer(objectMapper));
+        registry.register(new JwtCredentialEnvelopeTransformer(typeManager.getMapper()));
 
-        identityHubClient = new IdentityHubClientImpl(okHttpClient, objectMapper, monitor, registry);
+        identityHubClient = new IdentityHubClientImpl(client, typeManager, registry);
     }
 }
diff --git a/client-cli/src/main/java/org/eclipse/edc/identityhub/cli/SelfDescriptionCommand.java b/client-cli/src/main/java/org/eclipse/edc/identityhub/cli/SelfDescriptionCommand.java
diff --git a/client-cli/src/test/java/org/eclipse/edc/identityhub/cli/CliTestUtils.java b/client-cli/src/test/java/org/eclipse/edc/identityhub/cli/CliTestUtils.java
@@ -24,7 +24,7 @@
 import static org.eclipse.edc.identityhub.junit.testfixtures.VerifiableCredentialTestUtil.buildSignedJwt;
 
 class CliTestUtils {
-    
+
     public static final String PUBLIC_KEY_PATH = "src/test/resources/test-public-key.pem";
     public static final String PRIVATE_KEY_PATH = "src/test/resources/test-private-key.pem";
     public static final ECKey PUBLIC_KEY;
@@ -44,10 +44,9 @@ private CliTestUtils() {
 
     public static SignedJWT toJwtVerifiableCredential(Credential vc) {
         try {
-
             return buildSignedJwt(vc,
-                    "identity-hub-test-issuer",
-                    "identity-hub-test-subject",
+                    vc.getIssuer(),
+                    vc.getCredentialSubject().getId(),
                     PRIVATE_KEY);
         } catch (Exception e) {
             throw new RuntimeException(e);