From 8566098f2c36a919d32b7e430f4bc59d0533cd34 Mon Sep 17 00:00:00 2001
From: Daniel Armengod <daniel@armengod.cat>
Date: Mon, 27 Nov 2023 07:42:12 +0100
Subject: [PATCH] Added verify_presentation bindings and use them in
 verification_portal backend

---
 idhub/verification_portal/views.py |  7 +++++-
 utils/idhub_ssikit/__init__.py     | 37 ++++++++++++++++++++++++++++++
 2 files changed, 43 insertions(+), 1 deletion(-)

diff --git a/idhub/verification_portal/views.py b/idhub/verification_portal/views.py
index df7cab2..486f4f7 100644
--- a/idhub/verification_portal/views.py
+++ b/idhub/verification_portal/views.py
@@ -2,6 +2,8 @@ import json
 
 from django.core.mail import send_mail
 from django.http import HttpResponse, HttpResponseRedirect
+
+from utils.idhub_ssikit import verify_presentation
 from .models import VPVerifyRequest
 from django.shortcuts import get_object_or_404
 from more_itertools import flatten, unique_everseen
@@ -9,7 +11,10 @@ from more_itertools import flatten, unique_everseen
 
 def verify(request):
     assert request.method == "POST"
-    # TODO: use request.POST["presentation_submission"]
+    # TODO: incorporate request.POST["presentation_submission"] as schema definition
+    (presentation_valid, _) = verify_presentation(request.POST["vp_token"])
+    if not presentation_valid:
+        raise Exception("Failed to verify signature on the given Verifiable Presentation.")
     vp = json.loads(request.POST["vp_token"])
     nonce = vp["nonce"]
     # "vr" = verification_request
diff --git a/utils/idhub_ssikit/__init__.py b/utils/idhub_ssikit/__init__.py
index 18a5ff2..c4ac0e3 100644
--- a/utils/idhub_ssikit/__init__.py
+++ b/utils/idhub_ssikit/__init__.py
@@ -72,3 +72,40 @@ def verify_credential(vc, proof_options):
         return didkit.verify_credential(vc, proof_options)
 
     return asyncio.run(inner())
+
+
+def issue_verifiable_presentation(vc_list: list[str], jwk_holder: str, holder_did: str) -> str:
+    async def inner():
+        unsigned_vp = unsigned_vp_template.render(data)
+        signed_vp = await didkit.issue_presentation(
+            unsigned_vp,
+            '{"proofFormat": "ldp"}',
+            jwk_holder
+        )
+        return signed_vp
+
+    # TODO: convert from Jinja2 -> django-templates
+    env = Environment(
+        loader=FileSystemLoader("vc_templates"),
+        autoescape=select_autoescape()
+    )
+    unsigned_vp_template = env.get_template("verifiable_presentation.json")
+    data = {
+        "holder_did": holder_did,
+        "verifiable_credential_list": "[" + ",".join(vc_list) + "]"
+    }
+
+    return asyncio.run(inner())
+
+
+def verify_presentation(vp):
+    """
+    Returns a (bool, str) tuple indicating whether the credential is valid.
+    If the boolean is true, the credential is valid and the second argument can be ignored.
+    If it is false, the VC is invalid and the second argument contains a JSON object with further information.
+    """
+    async def inner():
+        proof_options = '{"proofFormat": "ldp"}'
+        return didkit.verify_presentation(vp, proof_options)
+
+    return asyncio.run(inner())