Expose query params for get_credentials_by_proof_id

app/routes/verifier.py

@@ -496,19 +496,29 @@ async def delete_proof(
 )
 async def get_credentials_by_proof_id(
     proof_id: str,
+    referent: Optional[str] = None,
+    limit: Optional[int] = limit_query_parameter,
+    offset: Optional[int] = offset_query_parameter,
     auth: AcaPyAuth = Depends(acapy_auth_from_header),
 ) -> List[IndyCredPrecis]:
     """
     Get matching credentials for a presentation exchange
     ---
     This endpoint returns a list of possible credentials that the prover can use to respond to a given proof request.
 
-    The `presentation_referents` field indicates which of the fields in the proof request that credential satisfies.
+    The `presentation_referents` field (in the response) indicates which of the fields
+    in the proof request that credential satisfies.
 
     Parameters:
     ---
         proof_id: str
             The relevant proof exchange ID for the prover
+        referent: Optional str
+            The presentation_referent of the proof to match, comma separated str of presentation_referents
+        limit: Optional int
+            The number of credentials to fetch
+        offset: Optional int
+            The index to start fetching credentials from
 
     Returns:
     ---
@@ -524,7 +534,11 @@ async def get_credentials_by_proof_id(
         async with client_from_auth(auth) as aries_controller:
             bound_logger.debug("Fetching credentials for request")
             result = await verifier.get_credentials_by_proof_id(
-                controller=aries_controller, proof_id=proof_id
+                controller=aries_controller,
+                proof_id=proof_id,
+                referent=referent,
+                count=str(limit),
+                start=str(offset),
             )
     except CloudApiException as e:
         bound_logger.info("Could not get matching credentials: {}.", e)

app/services/verifier/acapy_verifier_v1.py

@@ -264,7 +264,12 @@ async def delete_proof(cls, controller: AcaPyClient, proof_id: str) -> None:
 
     @classmethod
     async def get_credentials_by_proof_id(
-        cls, controller: AcaPyClient, proof_id: str
+        cls,
+        controller: AcaPyClient,
+        proof_id: str,
+        referent: Optional[str] = None,
+        count: Optional[str] = None,
+        start: Optional[str] = None,
     ) -> List[IndyCredPrecis]:
         bound_logger = logger.bind(body={"proof_id": proof_id})
         pres_ex_id = pres_id_no_version(proof_id=proof_id)
@@ -275,6 +280,9 @@ async def get_credentials_by_proof_id(
                 logger=bound_logger,
                 acapy_call=controller.present_proof_v1_0.get_matching_credentials,
                 pres_ex_id=pres_ex_id,
+                referent=referent,
+                count=count,
+                start=start,
             )
         except CloudApiException as e:
             raise CloudApiException(

app/services/verifier/acapy_verifier_v2.py

@@ -279,7 +279,12 @@ async def delete_proof(cls, controller: AcaPyClient, proof_id: str) -> None:
 
     @classmethod
     async def get_credentials_by_proof_id(
-        cls, controller: AcaPyClient, proof_id: str
+        cls,
+        controller: AcaPyClient,
+        proof_id: str,
+        referent: Optional[str] = None,
+        count: Optional[str] = None,
+        start: Optional[str] = None,
     ) -> List[IndyCredPrecis]:
         bound_logger = logger.bind(body={"proof_id": proof_id})
         pres_ex_id = pres_id_no_version(proof_id=proof_id)
@@ -290,6 +295,9 @@ async def get_credentials_by_proof_id(
                 logger=bound_logger,
                 acapy_call=controller.present_proof_v2_0.get_matching_credentials,
                 pres_ex_id=pres_ex_id,
+                referent=referent,
+                count=count,
+                start=start,
             )
         except CloudApiException as e:
             raise CloudApiException(

app/tests/e2e/verifier/test_get_credentials_by_proof_id.py

@@ -0,0 +1,77 @@
+from typing import List
+
+import pytest
+
+from app.routes.verifier import router
+from app.tests.util.connections import AcmeAliceConnect
+from app.tests.util.verifier import send_proof_request
+from app.tests.util.webhooks import check_webhook_state
+from shared import RichAsyncClient
+from shared.models.credential_exchange import CredentialExchange
+
+VERIFIER_BASE_PATH = router.prefix
+
+
+@pytest.mark.anyio
+async def test_limit_and_offset(
+    issue_alice_creds: List[CredentialExchange],  # pylint: disable=unused-argument
+    acme_and_alice_connection: AcmeAliceConnect,
+    acme_client: RichAsyncClient,
+    alice_member_client: RichAsyncClient,
+):
+    request_body = {
+        "connection_id": acme_and_alice_connection.acme_connection_id,
+        "protocol_version": "v2",
+        "indy_proof_request": {
+            "name": "Proof Request",
+            "version": "1.0.0",
+            "requested_attributes": {
+                "0_speed_uuid": {
+                    "name": "speed",
+                },
+                "0_name_uuid": {
+                    "name": "name",
+                },
+            },
+            "requested_predicates": {},
+        },
+    }
+    send_proof_response = await send_proof_request(acme_client, request_body)
+
+    acme_proof_id = send_proof_response["proof_id"]
+    thread_id = send_proof_response["thread_id"]
+
+    alice_payload = await check_webhook_state(
+        client=alice_member_client,
+        topic="proofs",
+        state="request-received",
+        filter_map={
+            "thread_id": thread_id,
+        },
+    )
+
+    alice_proof_id = alice_payload["proof_id"]
+
+    try:
+        for limit, offset, expected_length in [
+            [1, 0, 1],
+            [3, 0, 3],
+            [4, 0, 3],
+            [1, 0, 1],
+            [1, 1, 1],
+            [1, 3, 0],
+        ]:
+            requested_credentials = (
+                await alice_member_client.get(
+                    f"{VERIFIER_BASE_PATH}/proofs/{alice_proof_id}/credentials",
+                    params={"limit": limit, "offset": offset},
+                )
+            ).json()
+
+            assert len(requested_credentials) == expected_length
+
+    finally:
+        await alice_member_client.delete(
+            f"{VERIFIER_BASE_PATH}/proofs/{alice_proof_id}"
+        )
+        await acme_client.delete(f"{VERIFIER_BASE_PATH}/proofs/{acme_proof_id}")

app/tests/services/verifier/test_verifier.py

@@ -1,13 +1,16 @@
-from unittest.mock import AsyncMock
+from unittest.mock import AsyncMock, patch
 
 import pytest
 from aries_cloudcontroller import AcaPyClient, ConnRecord, IndyCredInfo, IndyCredPrecis
+from fastapi.testclient import TestClient
 from mockito import verify, when
 from pytest_mock import MockerFixture
 
 import app.routes.verifier as test_module
 from app.dependencies.auth import AcaPyAuth
 from app.exceptions.cloudapi_exception import CloudApiException
+from app.main import app
+from app.routes.verifier import acapy_auth_from_header, get_credentials_by_proof_id
 from app.services.verifier.acapy_verifier_v1 import VerifierV1
 from app.services.verifier.acapy_verifier_v2 import VerifierV2
 from app.tests.services.verifier.utils import indy_pres_spec, sample_indy_proof_request
@@ -503,30 +506,107 @@ async def test_get_credentials_by_proof_id(
     )
     # V1
     when(VerifierV1).get_credentials_by_proof_id(
-        controller=mock_agent_controller, proof_id="v1-abcd"
+        controller=mock_agent_controller,
+        proof_id="v1-abcd",
+        referent=None,
+        count="100",
+        start="0",
     ).thenReturn(to_async([cred_precis]))
 
     result = await test_module.get_credentials_by_proof_id(
         proof_id="v1-abcd",
         auth=mock_tenant_auth,
+        referent=None,
+        limit=100,
+        offset=0,
     )
 
     assert result == [cred_precis]
     verify(VerifierV1).get_credentials_by_proof_id(
-        controller=mock_agent_controller, proof_id="v1-abcd"
+        controller=mock_agent_controller,
+        proof_id="v1-abcd",
+        referent=None,
+        count="100",
+        start="0",
     )
 
     # V2
     when(VerifierV2).get_credentials_by_proof_id(
-        controller=mock_agent_controller, proof_id="v2-abcd"
+        controller=mock_agent_controller,
+        proof_id="v2-abcd",
+        referent=None,
+        count="100",
+        start="0",
     ).thenReturn(to_async([cred_precis]))
 
     result = await test_module.get_credentials_by_proof_id(
         proof_id="v2-abcd",
         auth=mock_tenant_auth,
+        referent=None,
+        limit=100,
+        offset=0,
     )
 
     assert result == [cred_precis]
     verify(VerifierV2).get_credentials_by_proof_id(
-        controller=mock_agent_controller, proof_id="v2-abcd"
+        controller=mock_agent_controller,
+        proof_id="v2-abcd",
+        referent=None,
+        count="100",
+        start="0",
     )
+
+
+@pytest.mark.anyio
+async def test_get_credentials_by_proof_id_bad_limit():
+    client = TestClient(app)
+
+    def override_auth():
+        return "mocked_auth"
+
+    app.dependency_overrides[acapy_auth_from_header] = override_auth
+    try:
+        response = client.get(
+            "/v1/verifier/proofs/v2-abcd/credentials",
+            params={"limit": 10001, "offset": 0},
+            headers={"x-api-key": "mocked_auth"},
+        )
+        assert response.status_code == 422
+        assert response.json() == {
+            "detail": [
+                {
+                    "type": "less_than_equal",
+                    "loc": ["query", "limit"],
+                    "msg": "Input should be less than or equal to 10000",
+                    "input": "10001",
+                    "ctx": {"le": 10000},
+                }
+            ]
+        }
+    finally:
+        app.dependency_overrides.clear()
+
+
+@pytest.mark.anyio
+async def test_get_credentials_by_proof_id_with_limit_offset():
+    mock_aries_controller = AsyncMock()
+
+    with patch("app.routes.verifier.client_from_auth") as mock_client_from_auth:
+        mock_client_from_auth.return_value.__aenter__.return_value = (
+            mock_aries_controller
+        )
+
+        await get_credentials_by_proof_id(
+            proof_id="v2-abcd",
+            auth="mocked_auth",
+            referent=None,
+            limit=2,
+            offset=1,
+        )
+
+        mock_aries_controller.present_proof_v2_0.get_matching_credentials.assert_called_once_with(
+            pres_ex_id="abcd",
+            referent=None,
+            count="2",
+            start="1",
+        )