From 1eb33d65c063f030f9fdb6033d86d6da4d261f5f Mon Sep 17 00:00:00 2001
From: wes-smith <wes.apps.2014@gmail.com>
Date: Wed, 28 Feb 2024 12:45:18 -0500
Subject: [PATCH] Add challenge endpoint.

- add challenge creation endpoint
- remove passing `options.challenge` and `options.domain` to incorrect endpoints
---
 components/Challenge.yml              | 65 +++++++++++++++++++++++++++
 components/IssueCredentialOptions.yml |  6 ---
 holder.yml                            | 11 ++++-
 index.html                            | 14 +++++-
 verifier.yml                          | 34 +++++++++++---
 5 files changed, 115 insertions(+), 15 deletions(-)
 create mode 100644 components/Challenge.yml

diff --git a/components/Challenge.yml b/components/Challenge.yml
new file mode 100644
index 0000000..7bccbf8
--- /dev/null
+++ b/components/Challenge.yml
@@ -0,0 +1,65 @@
+openapi: 3.0.0
+info:
+  version: "0.0.3-unstable"
+  title: VC API
+  description: This is an Experimental Open API Specification for the [VC Data Model](https://www.w3.org/TR/vc-data-model/).
+  license:
+    name: W3C Software and Document License
+    url: http://www.w3.org/Consortium/Legal/copyright-software.
+  contact:
+    name: GitHub Source Code
+    url: https://github.com/w3c-ccg/vc-api
+paths:
+components:
+  schemas:
+    CreateChallengeResult:
+      type: object
+      additionalProperties: false
+      description: Object containg a challenge
+      properties:
+        challenge:
+          type: string
+          description: The challenge value
+    ChallengeVerificationMetadata:
+      type: object
+      additionalProperties: false
+      description: Metadata about the verification of options.challenge.
+      properties:
+        verified:
+          type: string
+          description: Whether verification of the challenge was successful
+        uses:
+          type: string
+          description: The number of times options.challenge has been used
+    VerificationResultWithChallengeMetadata:
+      type: object
+      additionalProperties: false
+      description: Object summarizing a verification
+      properties:
+        checks:
+          type: array
+          description: The checks performed
+          items:
+            type: string
+        warnings:
+          type: array
+          description: Warnings
+          items:
+            type: string
+        errors:
+          type: array
+          description: Errors
+          items:
+            type: string
+        ChallengeVerificationMetadata:
+          type: object
+          additionalProperties: false
+          description: Metadata about the verification of options.challenge.
+          properties:
+            verified:
+              type: string
+              description: Whether verification of the challenge was successful
+            uses:
+              type: string
+              description: The number of times options.challenge has been used
+
diff --git a/components/IssueCredentialOptions.yml b/components/IssueCredentialOptions.yml
index 6ab404a..a5f7b4b 100644
--- a/components/IssueCredentialOptions.yml
+++ b/components/IssueCredentialOptions.yml
@@ -20,12 +20,6 @@ components:
         created:
           type: string
           description: The date and time of the proof (with a maximum accuracy in seconds). Default current system time.
-        challenge:
-          type: string
-          description: A challenge provided by the requesting party of the proof. For example 6e62f66e-67de-11eb-b490-ef3eeefa55f2
-        domain:
-          type: string
-          description: The intended domain of validity for the proof. For example website.example
         credentialStatus:
           type: object
           description: The method of credential status to issue the credential including. If omitted credential status will be included.
diff --git a/holder.yml b/holder.yml
index 46e8f77..fc6678c 100644
--- a/holder.yml
+++ b/holder.yml
@@ -268,7 +268,9 @@ paths:
           content:
             application/json:
               schema:
-                $ref: "#/components/schemas/ProvePresentationResponse"
+                oneOf:
+                  - $ref: "#/components/schemas/ProvePresentationResponse"
+                  - $ref: "#/components/schemas/ProvePresentationResponseWithChallengeVerificationMetadata"
         "400":
           description: invalid input!
         "500":
@@ -501,6 +503,13 @@ components:
       properties:
         verifiablePresentation:
           $ref: "./components/VerifiablePresentation.yml#/components/schemas/VerifiablePresentation"
+    ProvePresentationResponseWithChallengeVerificationMetadata:
+      type: object
+      properties:
+        verifiablePresentation:
+          $ref: "./components/VerifiablePresentation.yml#/components/schemas/VerifiablePresentation"
+        ChallengeVerificationMetadata:
+          $ref: "./components/Challenge.yml#/components/schemas/ChallengeVerificationMetadata"
     NotifyPresentationAvailableRequest:
       type: object
       properties:
diff --git a/index.html b/index.html
index 6bbddaa..22ab992 100644
--- a/index.html
+++ b/index.html
@@ -701,7 +701,7 @@ <h3>Verifying</h3>
       </p>
 
       <table class="simple api-summary-table"
-        data-api-path="/credentials/verify /presentations/verify"></table>
+        data-api-path="/credentials/verify /presentations/verify /challenges"></table>
 
       <section>
         <h4>Verify Credential</h4>
@@ -721,6 +721,18 @@ <h4>Verify Presentation</h4>
           data-api-endpoint="post /presentations/verify"></div>
       </section>
 
+      <section>
+        <h4>Create Challenge</h4>
+        <p>
+        </p>
+
+        <div class="api-detail"
+          data-api-endpoint="post /challenges"></div>
+        <p>
+The issuer should track the number of times a challenge has been passed to an endpoint as `options.challenge`.
+        </p>
+      </section>
+
     </section>
 
     <section>
diff --git a/verifier.yml b/verifier.yml
index 78288aa..c121f8c 100644
--- a/verifier.yml
+++ b/verifier.yml
@@ -62,11 +62,13 @@ paths:
         description: Parameters for verifying a verifiablePresentation.
       responses:
         "200":
-          description: Verifiable Presentation successfully verified!
-          content:
-            application/json:
-              schema:
-                $ref: "#/components/schemas/VerifyPresentationResponse"
+            description: Verifiable Presentation successfully verified!
+            content:
+              application/json:
+                schema:
+                  oneOf:
+                    - $ref: "#/components/schemas/VerifyPresentationResponse"
+                    - $ref: "#/components/schemas/VerifyPresentationResponseWithChallengeMetadata"
         "400":
           description: Invalid or malformed input
         "413":
@@ -75,6 +77,22 @@ paths:
           description: Request rate limit exceeded.
         "500":
           description: Internal Server Error
+  /challenges:
+    post:
+      summary: Passing an empty body to this endpoint creates and returns a challenge string in the response body.
+      operationId: challenge
+      description: Creates a challenge to be used as `options.challenge` in future requests.
+      responses:
+        "200":
+          description: Challenge created
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/CreateChallengeResponse"
+        "400":
+          description: Invalid or malformed input
+        "500":
+          description: Internal server error
 components:
   securitySchemes:
     $ref: "./components/SecuritySchemes.yml#/components/securitySchemes"
@@ -84,8 +102,6 @@ components:
       properties:
         verifiableCredential:
           $ref: "./components/VerifiableCredential.yml#/components/schemas/VerifiableCredential"
-        options:
-          $ref: "./components/VerifyOptions.yml#/components/schemas/VerifyOptions"
     VerifyCredentialResponse:
       $ref: "./components/VerificationResult.yml#/components/schemas/VerificationResult"
     VerifyPresentationRequest:
@@ -102,3 +118,7 @@ components:
           $ref: "./components/Presentation.yml#/components/schemas/Presentation"
     VerifyPresentationResponse:
       $ref: "./components/VerificationResult.yml#/components/schemas/VerificationResult"
+    VerifyPresentationResponseWithChallengeMetadata:
+      $ref: "./components/Challenge.yml#/components/schemas/VerificationResultWithChallengeMetadata"
+    CreateChallengeResponse:
+      $ref: "./components/Challenge.yml#/components/schemas/CreateChallengeResult"