test: Add credential API tests [DEV-3238] (#442)

* feat: Add jsonld tests

* Debug

* use did list

* Use existing did in json

* assert responses

* Update format in payload

* Minor fix

* Add assertionMethod

* Add verify credential tests

* Add revocation tests

* Run tests with one worker

* fix minor issue

* Match complete responses

* Update package-lock.json

* MAke the same style for tests

---------

Co-authored-by: Ankur Banerjee <ankurdotb@users.noreply.github.com>
Co-authored-by: Andrew Nikitin <andrew.nikitin@cheqd.io>

playwright.config.ts

@@ -55,7 +55,7 @@ export default defineConfig({
 	// Github Actions runners have 2 logical CPU cores
 	// Defaults to half of the logical CPU cores available
 	// Docs: https://playwright.dev/docs/api/class-testconfig#test-config-workers
-	workers: process.env.CI ? 2 : undefined,
+	workers: process.env.CI ? 1 : undefined,
 
 	// Limit the numbers of failures to set a fail-fast strategy on CI
 	// Docs: https://playwright.dev/docs/api/class-testconfig#test-config-max-failures

src/static/swagger.json

@@ -1495,7 +1495,7 @@
             "type": "string",
             "enum": [
               "jwt",
-              "lds"
+              "jsonld"
             ],
             "example": "jwt"
           },

src/types/swagger-types.ts

@@ -61,7 +61,7 @@
  *           type: string
  *           enum:
  *             - jwt
- *             - lds
+ *             - jsonld
  *           example: jwt
  *         credentialStatus:
  *           description: Optional `credentialStatus` properties for VC revocation or suspension. Takes `statusListName` and `statusListPurpose` as inputs.

tests/e2e/constants.ts

@@ -8,7 +8,7 @@ export enum PAYLOADS_PATH {
 	CREDENTIAL = `${PAYLOAD_BASE_PATH}/credential`,
 	CREDENTIAL_STATUS = `${PAYLOAD_BASE_PATH}/credential-status`,
 	PRESENTATION = `${PAYLOAD_BASE_PATH}/presentation`,
-	
+
 }
 
 const GENERATED_BASE_PATH = './tests/e2e/generated';
@@ -19,6 +19,7 @@ export enum GENERATED_PATH {
 export enum CONTENT_TYPE {
 	APPLICATION_JSON = 'application/json',
 	APPLICATION_DID_LD_JSON = 'application/did+ld+json',
+	APPLICATION_X_WWW_FORM_URLENCODED = 'application/x-www-form-urlencoded',
 }
 
 export const DID_METHOD = 'cheqd';

tests/e2e/credential/issue-verify-flow.spec.ts

@@ -0,0 +1,101 @@
+import type { VerifiableCredential } from '@veramo/core';
+
+import { test, expect } from '@playwright/test';
+import { StatusCodes } from 'http-status-codes';
+import * as fs from 'fs';
+import { CONTENT_TYPE } from '../constants';
+
+test.use({ storageState: 'playwright/.auth/user.json' });
+
+const PAYLOADS_BASE_PATH = './tests/payloads/credential';
+
+let jwtCredential: VerifiableCredential, jsonldCredential: VerifiableCredential;
+
+test(' Issue a jwt credential', async ({ request }) => {
+	const credentialData = JSON.parse(fs.readFileSync(`${PAYLOADS_BASE_PATH}/credential-issue-jwt.json`, 'utf-8'));
+	const response = await request.post(`/credential/issue`, {
+		data: JSON.stringify(credentialData),
+		headers: {
+			'Content-Type': CONTENT_TYPE.APPLICATION_JSON,
+		},
+	});
+	jwtCredential = await response.json();
+	expect(response).toBeOK();
+	expect(response.status()).toBe(StatusCodes.OK);
+	expect(jwtCredential.proof.type).toBe('JwtProof2020');
+	expect(jwtCredential.proof).toHaveProperty('jwt');
+	expect(typeof jwtCredential.issuer === 'string' ? jwtCredential.issuer : jwtCredential.issuer.id).toBe(
+		credentialData.issuerDid
+	);
+	expect(jwtCredential.type).toContain('VerifiableCredential');
+	expect(jwtCredential.credentialSubject).toMatchObject({
+		...credentialData.attributes,
+		id: credentialData.subjectDid,
+	});
+});
+
+test(' Verify a jwt credential', async ({ request }) => {
+	const response = await request.post(`/credential/verify`, {
+		data: JSON.stringify({
+			credential: jwtCredential.proof.jwt,
+		}),
+		headers: {
+			'Content-Type': CONTENT_TYPE.APPLICATION_JSON,
+		},
+	});
+	const result = await response.json();
+	expect(response).toBeOK();
+	expect(response.status()).toBe(StatusCodes.OK);
+	expect(result.verified).toBe(true);
+});
+
+test(' Issue a jwt credential with a deactivated DID', async ({ request }) => {
+	const credentialData = JSON.parse(fs.readFileSync(`${PAYLOADS_BASE_PATH}/credential-issue-jwt.json`, 'utf-8'));
+	credentialData.issuerDid = 'did:cheqd:testnet:edce6dfb-b59c-493b-a4b8-1d16a6184349';
+	const response = await request.post(`/credential/issue`, {
+		data: JSON.stringify(credentialData),
+		headers: {
+			'Content-Type': CONTENT_TYPE.APPLICATION_JSON,
+		},
+	});
+	expect(response.status()).toBe(StatusCodes.BAD_REQUEST);
+});
+
+test(' Issue a jsonLD credential', async ({ request }) => {
+	const credentialData = JSON.parse(fs.readFileSync(`${PAYLOADS_BASE_PATH}/credential-issue-jsonld.json`, 'utf-8'));
+	const response = await request.post(`/credential/issue`, {
+		data: JSON.stringify(credentialData),
+		headers: {
+			'Content-Type': 'application/json',
+		},
+	});
+	jsonldCredential = await response.json();
+	expect(response).toBeOK();
+	expect(response.status()).toBe(StatusCodes.OK);
+	expect(jsonldCredential.proof.type).toBe('Ed25519Signature2018');
+	expect(jsonldCredential.proof).toHaveProperty('jws');
+	expect(typeof jwtCredential.issuer === 'string' ? jwtCredential.issuer : jwtCredential.issuer.id).toBe(
+		credentialData.issuerDid
+	);
+	expect(jwtCredential.type).toContain('VerifiableCredential');
+	expect(jwtCredential.credentialSubject).toMatchObject({
+		...credentialData.attributes,
+		id: credentialData.subjectDid,
+	});
+});
+
+test(' Verify a jsonld credential', async ({ request }) => {
+	const response = await request.post(`/credential/verify`, {
+		data: JSON.stringify({
+			credential: jsonldCredential,
+			fetchRemoteContexts: true,
+		}),
+		headers: {
+			'Content-Type': CONTENT_TYPE.APPLICATION_JSON,
+		},
+	});
+	const result = await response.json();
+	expect(response).toBeOK();
+	expect(response.status()).toBe(StatusCodes.OK);
+	expect(result.verified).toBe(true);
+});

tests/e2e/credential/revocation-flow.spec.ts

@@ -0,0 +1,89 @@
+import type { VerifiableCredential } from '@veramo/core';
+
+import { test, expect } from '@playwright/test';
+import { StatusCodes } from 'http-status-codes';
+import * as fs from 'fs';
+import { CONTENT_TYPE } from '../constants';
+
+test.use({ storageState: 'playwright/.auth/user.json' });
+
+const PAYLOADS_BASE_PATH = './tests/payloads/credential';
+
+let jwtCredential: VerifiableCredential;
+
+test(' Issue a jwt credential with revocation statuslist', async ({ request }) => {
+	const credentialData = JSON.parse(
+		fs.readFileSync(`${PAYLOADS_BASE_PATH}/credential-issue-jwt-revocation.json`, 'utf-8')
+	);
+	const response = await request.post(`/credential/issue`, {
+		data: JSON.stringify(credentialData),
+		headers: {
+			'Content-Type': CONTENT_TYPE.APPLICATION_JSON,
+		},
+	});
+	jwtCredential = await response.json();
+	expect(response).toBeOK();
+	expect(response.status()).toBe(StatusCodes.OK);
+	expect(jwtCredential.proof.type).toBe('JwtProof2020');
+	expect(jwtCredential.proof).toHaveProperty('jwt');
+	expect(typeof jwtCredential.issuer === 'string' ? jwtCredential.issuer : jwtCredential.issuer.id).toBe(
+		credentialData.issuerDid
+	);
+	expect(jwtCredential.type).toContain('VerifiableCredential');
+	expect(jwtCredential.credentialSubject).toMatchObject({
+		...credentialData.attributes,
+		id: credentialData.subjectDid,
+	});
+	expect(jwtCredential.credentialStatus).toMatchObject({
+		type: 'StatusList2021Entry',
+		statusPurpose: 'revocation',
+	});
+	expect(jwtCredential.credentialStatus).toHaveProperty('statusListIndex');
+	expect(jwtCredential.credentialStatus).toHaveProperty('id');
+});
+
+test(" Verify a credential's revocation status", async ({ request }) => {
+	const response = await request.post(`/credential/verify?verifyStatus=true`, {
+		data: JSON.stringify({
+			credential: jwtCredential,
+		}),
+		headers: {
+			'Content-Type': CONTENT_TYPE.APPLICATION_JSON,
+		},
+	});
+	const result = await response.json();
+	expect(response).toBeOK();
+	expect(response.status()).toBe(StatusCodes.OK);
+	expect(result.verified).toBe(true);
+	expect(result.revoked).toBe(false);
+});
+
+test(' Verify a credential status after revocation', async ({ request }) => {
+	const response = await request.post(`/credential/revoke?publish=true`, {
+		data: JSON.stringify({
+			credential: jwtCredential,
+		}),
+		headers: {
+			'Content-Type': CONTENT_TYPE.APPLICATION_JSON,
+		},
+	});
+	const result = await response.json();
+	expect(response).toBeOK();
+	expect(response.status()).toBe(StatusCodes.OK);
+	expect(result.revoked).toBe(true);
+	expect(result.published).toBe(true);
+
+	const verificationResponse = await request.post(`/credential/verify?verifyStatus=true`, {
+		data: JSON.stringify({
+			credential: jwtCredential,
+		}),
+		headers: {
+			'Content-Type': CONTENT_TYPE.APPLICATION_JSON,
+		},
+	});
+	const verificationResult = await verificationResponse.json();
+	expect(verificationResponse).toBeOK();
+	expect(verificationResponse.status()).toBe(StatusCodes.OK);
+	expect(verificationResult.verified).toBe(true);
+	expect(verificationResult.revoked).toBe(true);
+});

tests/e2e/credential/suspension-flow.spec.ts

@@ -0,0 +1,119 @@
+import type { VerifiableCredential } from '@veramo/core';
+
+import { test, expect } from '@playwright/test';
+import { StatusCodes } from 'http-status-codes';
+import * as fs from 'fs';
+import { CONTENT_TYPE } from '../constants';
+
+test.use({ storageState: 'playwright/.auth/user.json' });
+
+const PAYLOADS_BASE_PATH = './tests/payloads/credential';
+
+let jwtCredential: VerifiableCredential;
+
+test(' Issue a jwt credential with suspension statuslist', async ({ request }) => {
+	const credentialData = JSON.parse(
+		fs.readFileSync(`${PAYLOADS_BASE_PATH}/credential-issue-jwt-revocation.json`, 'utf-8')
+	);
+	credentialData.credentialStatus.statusPurpose = 'suspension';
+	const response = await request.post(`/credential/issue`, {
+		data: JSON.stringify(credentialData),
+		headers: {
+			'Content-Type': CONTENT_TYPE.APPLICATION_JSON,
+		},
+	});
+	jwtCredential = await response.json();
+	expect(response).toBeOK();
+	expect(response.status()).toBe(StatusCodes.OK);
+	expect(jwtCredential.proof.type).toBe('JwtProof2020');
+	expect(jwtCredential.proof).toHaveProperty('jwt');
+	expect(typeof jwtCredential.issuer === 'string' ? jwtCredential.issuer : jwtCredential.issuer.id).toBe(
+		credentialData.issuerDid
+	);
+	expect(jwtCredential.type).toContain('VerifiableCredential');
+	expect(jwtCredential.credentialSubject).toMatchObject({
+		...credentialData.attributes,
+		id: credentialData.subjectDid,
+	});
+	expect(jwtCredential.credentialStatus).toMatchObject({
+		type: 'StatusList2021Entry',
+		statusPurpose: 'suspension',
+	});
+	expect(jwtCredential.credentialStatus).toHaveProperty('statusListIndex');
+	expect(jwtCredential.credentialStatus).toHaveProperty('id');
+});
+
+test(" Verify a credential's suspension status", async ({ request }) => {
+	const response = await request.post(`/credential/verify?verifyStatus=true`, {
+		data: JSON.stringify({
+			credential: jwtCredential,
+		}),
+		headers: {
+			'Content-Type': CONTENT_TYPE.APPLICATION_JSON,
+		},
+	});
+	const result = await response.json();
+	expect(response).toBeOK();
+	expect(response.status()).toBe(StatusCodes.OK);
+	expect(result.verified).toBe(true);
+	expect(result.suspended).toBe(false);
+});
+
+test(' Verify a credential status after suspension', async ({ request }) => {
+	const response = await request.post(`/credential/suspend?publish=true`, {
+		data: JSON.stringify({
+			credential: jwtCredential,
+		}),
+		headers: {
+			'Content-Type': CONTENT_TYPE.APPLICATION_JSON,
+		},
+	});
+	const result = await response.json();
+	expect(response).toBeOK();
+	expect(response.status()).toBe(StatusCodes.OK);
+	expect(result.suspended).toBe(true);
+	expect(result.published).toBe(true);
+
+	const verificationResponse = await request.post(`/credential/verify?verifyStatus=true`, {
+		data: JSON.stringify({
+			credential: jwtCredential,
+		}),
+		headers: {
+			'Content-Type': CONTENT_TYPE.APPLICATION_JSON,
+		},
+	});
+	const verificationResult = await verificationResponse.json();
+	expect(verificationResponse).toBeOK();
+	expect(verificationResponse.status()).toBe(StatusCodes.OK);
+	expect(verificationResult.verified).toBe(true);
+	expect(verificationResult.suspended).toBe(true);
+});
+
+test(' Verify a credential status after reinstating', async ({ request }) => {
+	const response = await request.post(`/credential/reinstate?publish=true`, {
+		data: JSON.stringify({
+			credential: jwtCredential,
+		}),
+		headers: {
+			'Content-Type': CONTENT_TYPE.APPLICATION_JSON,
+		},
+	});
+	const result = await response.json();
+	expect(response).toBeOK();
+	expect(response.status()).toBe(StatusCodes.OK);
+	expect(result.unsuspended).toBe(true);
+
+	const verificationResponse = await request.post(`/credential/verify?verifyStatus=true`, {
+		data: JSON.stringify({
+			credential: jwtCredential,
+		}),
+		headers: {
+			'Content-Type': CONTENT_TYPE.APPLICATION_JSON,
+		},
+	});
+	const verificationResult = await verificationResponse.json();
+	expect(verificationResponse).toBeOK();
+	expect(verificationResponse.status()).toBe(StatusCodes.OK);
+	expect(verificationResult.verified).toBe(true);
+	expect(verificationResult.suspended).toBe(false);
+});