chore: add method to obtain revocation status as string(s) (#4429)

* chore: add getRevocationStatus method

* DEPENDENCIES

Author: paullatzelsperger

DEPENDENCIES

@@ -291,10 +291,6 @@ maven/mavencentral/org.hamcrest/hamcrest-core/2.2, BSD-3-Clause, approved, clear
 maven/mavencentral/org.hamcrest/hamcrest/2.1, BSD-3-Clause, approved, clearlydefined
 maven/mavencentral/org.hamcrest/hamcrest/2.2, BSD-3-Clause, approved, clearlydefined
 maven/mavencentral/org.hdrhistogram/HdrHistogram/2.2.2, BSD-2-Clause AND CC0-1.0 AND CC0-1.0, approved, #14828
-maven/mavencentral/org.jacoco/org.jacoco.agent/0.8.11, EPL-2.0, approved, CQ23285
-maven/mavencentral/org.jacoco/org.jacoco.ant/0.8.11, EPL-2.0, approved, #1068
-maven/mavencentral/org.jacoco/org.jacoco.core/0.8.11, EPL-2.0, approved, CQ23283
-maven/mavencentral/org.jacoco/org.jacoco.report/0.8.11, EPL-2.0 AND Apache-2.0, approved, CQ23284
 maven/mavencentral/org.javassist/javassist/3.28.0-GA, Apache-2.0 OR LGPL-2.1-or-later OR MPL-1.1, approved, #327
 maven/mavencentral/org.javassist/javassist/3.30.2-GA, Apache-2.0 AND LGPL-2.1-or-later AND MPL-1.1, approved, #12108
 maven/mavencentral/org.jetbrains.kotlin/kotlin-stdlib-common/1.9.10, Apache-2.0, approved, #14186
@@ -326,12 +322,9 @@ maven/mavencentral/org.mockito/mockito-inline/5.2.0, MIT, approved, clearlydefin
 maven/mavencentral/org.mozilla/rhino/1.7.7.2, MPL-2.0 AND BSD-3-Clause AND ISC, approved, CQ16320
 maven/mavencentral/org.objenesis/objenesis/3.3, Apache-2.0, approved, clearlydefined
 maven/mavencentral/org.opentest4j/opentest4j/1.3.0, Apache-2.0, approved, #9713
-maven/mavencentral/org.ow2.asm/asm-commons/9.6, BSD-3-Clause, approved, #10775
 maven/mavencentral/org.ow2.asm/asm-commons/9.7, BSD-3-Clause, approved, #14075
-maven/mavencentral/org.ow2.asm/asm-tree/9.6, BSD-3-Clause, approved, #10773
 maven/mavencentral/org.ow2.asm/asm-tree/9.7, BSD-3-Clause, approved, #14073
 maven/mavencentral/org.ow2.asm/asm/9.1, BSD-3-Clause, approved, CQ23029
-maven/mavencentral/org.ow2.asm/asm/9.6, BSD-3-Clause, approved, #10776
 maven/mavencentral/org.ow2.asm/asm/9.7, BSD-3-Clause, approved, #14076
 maven/mavencentral/org.postgresql/postgresql/42.7.3, BSD-2-Clause AND Apache-2.0, approved, #11681
 maven/mavencentral/org.reflections/reflections/0.10.2, Apache-2.0 AND WTFPL, approved, clearlydefined

extensions/common/iam/verifiable-credentials/src/main/java/org/eclipse/edc/iam/verifiablecredentials/revocation/RevocationServiceRegistryImpl.java

@@ -23,6 +23,11 @@
 
 import java.util.HashMap;
 import java.util.Map;
+import java.util.Objects;
+import java.util.stream.Collectors;
+import java.util.stream.Stream;
+
+import static java.util.Optional.ofNullable;
 
 public class RevocationServiceRegistryImpl implements RevocationServiceRegistry {
     private final Map<String, RevocationListService> entries = new HashMap<>();
@@ -46,6 +51,26 @@ public Result<Void> checkValidity(VerifiableCredential credential) {
                 .orElse(Result.success());
     }
 
+    @Override
+    public Result<String> getRevocationStatus(VerifiableCredential credential) {
+        return credential.getCredentialStatus()
+                .stream()
+                .map(credentialStatus -> getRevocationStatusInternal(credentialStatus, credential))
+                .reduce((r1, r2) -> {
+                    if (r1.succeeded() && r2.succeeded()) {
+                        return Result.success(Stream.of(r1.getContent(), r2.getContent()).filter(Objects::nonNull).collect(Collectors.joining(", ")));
+                    }
+                    return r1.merge(r2);
+                })
+                .orElse(Result.success(null));
+    }
+
+    private Result<String> getRevocationStatusInternal(CredentialStatus credentialStatus, VerifiableCredential credential) {
+        return ofNullable(entries.get(credentialStatus.type()))
+                .map(service -> service.getStatusPurpose(credential))
+                .orElse(Result.success(null));
+    }
+
     private Result<Void> checkRevocation(CredentialStatus credentialStatus) {
         var service = entries.get(credentialStatus.type());
         if (service == null) {

extensions/common/iam/verifiable-credentials/src/test/java/org/eclipse/edc/iam/verifiablecredentials/RevocationServiceRegistryImplTest.java

@@ -18,6 +18,7 @@
 import org.eclipse.edc.iam.verifiablecredentials.spi.RevocationListService;
 import org.eclipse.edc.iam.verifiablecredentials.spi.TestFunctions;
 import org.eclipse.edc.iam.verifiablecredentials.spi.model.CredentialStatus;
+import org.eclipse.edc.iam.verifiablecredentials.spi.model.VerifiableCredential;
 import org.eclipse.edc.spi.result.Result;
 import org.junit.jupiter.api.Test;
 
@@ -26,6 +27,9 @@
 import static org.eclipse.edc.junit.assertions.AbstractResultAssert.assertThat;
 import static org.mockito.ArgumentMatchers.any;
 import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.times;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.verifyNoInteractions;
 import static org.mockito.Mockito.when;
 
 class RevocationServiceRegistryImplTest {
@@ -92,4 +96,72 @@ void checkValidity_allInvalid_shouldReturnFailure() {
         assertThat(registry.checkValidity(cred)).isFailed()
                 .detail().contains("test failure");
     }
+
+    @Test
+    void getRevocationStatus() {
+        var mockService = mock(RevocationListService.class);
+        registry.addService("test-type", mockService);
+        when(mockService.getStatusPurpose(any(VerifiableCredential.class))).thenReturn(Result.success(null));
+
+        var cred = TestFunctions.createCredentialBuilder().credentialStatus(new CredentialStatus("test-id", "test-type", Map.of())).build();
+        assertThat(registry.getRevocationStatus(cred)).isSucceeded();
+    }
+
+    @Test
+    void getRevocationStatus_whenNoCredentialStatus() {
+        var mockService = mock(RevocationListService.class);
+        registry.addService("test-type", mockService);
+        when(mockService.getStatusPurpose(any(VerifiableCredential.class))).thenReturn(Result.success(null));
+
+        var cred = TestFunctions.createCredentialBuilder().build();
+        assertThat(registry.checkValidity(cred)).isSucceeded();
+        verifyNoInteractions(mockService);
+    }
+
+    @Test
+    void getRevocationStatus_whenNoServiceFound_shouldReturnSuccess() {
+        var mockService = mock(RevocationListService.class);
+        registry.addService("test-type", mockService);
+
+        var cred = TestFunctions.createCredentialBuilder().build();
+        assertThat(registry.checkValidity(cred)).isSucceeded();
+        verifyNoInteractions(mockService);
+    }
+
+    @Test
+    void getRevocationStatus_oneRevoked_shouldReturnFailure() {
+        var mockService = mock(RevocationListService.class);
+        registry.addService("test-type", mockService);
+        when(mockService.getStatusPurpose(any(VerifiableCredential.class)))
+                .thenReturn(Result.success(null))
+                .thenReturn(Result.success("revocation"));
+
+        var cred = TestFunctions.createCredentialBuilder()
+                .credentialStatus(new CredentialStatus("test-id", "test-type", Map.of()))
+                .credentialStatus(new CredentialStatus("test-id", "test-type", Map.of()))
+                .build();
+
+        assertThat(registry.getRevocationStatus(cred)).isSucceeded()
+                .isEqualTo("revocation");
+        verify(mockService, times(2)).getStatusPurpose(any(VerifiableCredential.class));
+
+    }
+
+    @Test
+    void getRevocationStatus_alInvalid_shouldReturnFailure() {
+        var mockService = mock(RevocationListService.class);
+        registry.addService("test-type", mockService);
+        when(mockService.getStatusPurpose(any(VerifiableCredential.class)))
+                .thenReturn(Result.success("suspension"))
+                .thenReturn(Result.success("revocation"));
+
+        var cred = TestFunctions.createCredentialBuilder()
+                .credentialStatus(new CredentialStatus("test-id", "test-type", Map.of()))
+                .credentialStatus(new CredentialStatus("test-id", "test-type", Map.of()))
+                .build();
+
+        assertThat(registry.getRevocationStatus(cred)).isSucceeded()
+                .isEqualTo("suspension, revocation");
+        verify(mockService, times(2)).getStatusPurpose(any(VerifiableCredential.class));
+    }
 }

spi/common/verifiable-credentials-spi/src/main/java/org/eclipse/edc/iam/verifiablecredentials/spi/model/RevocationServiceRegistry.java

@@ -39,4 +39,14 @@ public interface RevocationServiceRegistry {
      * @return {@link Result#success()} if the VC does not contain a {@link CredentialStatus}, or if all {@link CredentialStatus} objects are valid (= not revoked, not suspended), {@link Result#failure(String)} otherwise.
      */
     Result<Void> checkValidity(VerifiableCredential credential);
+
+    /**
+     * Gets the revocation status of a {@link VerifiableCredential}. If no {@link RevocationListService} was registered for a particular
+     * type, the implementation must return {@link Result#success()} with a {@code null} content. If the credential does not contain any credentialStatus,
+     * the result is {@link Result#success()} as well.
+     *
+     * @param credential The VC
+     * @return {@link Result#success()} if the VC does not contain a {@link CredentialStatus}, or if all {@link CredentialStatus} objects are valid (= not revoked, not suspended), {@link Result#failure(String)} otherwise.
+     */
+    Result<String> getRevocationStatus(VerifiableCredential credential);
 }