CredentialTypeRepository

[keesgeluk]

Features

• CredentialTypeRepository in Identity library
• Self signed documents in wallet using the CredentialTypeRepository

Fixes #401

It's a good idea to open an issue first for discussion.

• [x ] Tests pass

[mitrejcevski]

Seems all good to me.

I realized that in the SelfSignedDetailsFragment a migration to Compose to build the UI will make it much simpler, but that's outside of the scope of this PR, it should be done separately.

[davidz25]

The only big comment I have is how we're handling "complex" types.

Also, I would like to see this code being used in the confirmation prompt (AuthConfirmationFragment.kt function stringValueFor) and the reader.

I also note there are no unit tests at all for the library code... any ideas what kind of tests we could add there?

[davidz25]

I'm guessing ComplexType is a way to easily support editable driving_privileges from the "Add self-signed document" UI? So, I think that's clearly desirable although I also think we actually don't need it (most users of the "Add self-signed document" won't really edit e.g. driving_privileges). Some thoughts.

First, I think it should be done in a way so it doesn't "leak" into this system... because the main goal of this system isn't really to support "Add self-signed document" UIs. No, the main goal of the system is to support wallets which need to render consent dialogs and readers which need to render "what to request?" dialogs. It's also a goal to support issuance systems but those systems will pull data from an existing System of Record and they'll know how to craft e.g. driving_privileges.

So I think we should simply just have it be object Complex : CredentialAttributeType() which is a signal that none of STRING, NUMBER, DATE, DATE_TIME, PICTURE, BOOLEAN, StringOptions, IntegerOptions apply and the app need special handling if it wants to produce or consume data from that attribute. And then move all the complex processing of the actual type (e.g. driving_privileges) into the wallet app itself... I think that could probably be done in a pretty nice way and without the implicit relationships we have here with e.g. DrivingPrivilege.vehicle_category_code

[keesgeluk]

For example the VehicleRegistration almost does not make sense without complex types. Even the personal data is part of complex types. So I think it should be desirable to have the complete data model in the CredentialTypeRepository and not only the root elements. Also to have a user friendly name for the presentation of the document in a reader app. Maybe the complex type definitions could be a separated list e.g.

class MdocNamespace(
    val namespace: String,
    val dataElements: List<MdocDataElement>
    val complexTypeDefinitions: List<MdocChildElement> // or another type with the identifier splitted in typeName and elementName (instead of the dot in the identifier)
)

In this way you can use the dataElements in the context of "What to request" and the complexTypeDefinitions for presentation purposes.

[davidz25]

As discussed in the call today, I think it's a problem with those (VehicleRegistration and Vaccination) data models if the data is all in complex data-types... this is because complex data types makes Selective Disclosure more difficult... none of those data models are standardized btw, and my guess is that standards committees would call this out and flatten some of the data so it works better with Selective Discloure.

So I think the way forward is to have the definition of complex data elements as part of the "Add self-signed document" UI in the application.

[keesgeluk]

Ok, just moved the complex types to the holder app. Can this be merged?

[davidz25]

I really like how nice and simple SampleDataProvider is!

[keesgeluk]

Changed the AuthConfirmationFragment.kt code. Is it ok to create another pull request for the usage of the CredentialTypeRepository in the reader app?

[davidz25]

Changed the AuthConfirmationFragment.kt code. Is it ok to create another pull request for the usage of the CredentialTypeRepository in the reader app?

Yes, that's fine!

[davidz25]

One more round, this is just a bunch of minor changes, nothing major, looks great!

[davidz25]

Basically just nits left about documentation. Sorry for being a stickler but since this is going into a library used by multiple different downstreams this is kinda important.

[davidz25]

This shouldn't be a singleton (generally not a good idea for libraries).

[keesgeluk]

Changed to normal class and added a singleton instance on the HolderApp

[davidz25]

Nit: Whitespace! Generally, each documented item should have a short succinct one-liner (ideally less than 60 characters), then longer text in separate paragraphs. Use blank lines to separate paragraphs, e.g.

/**
 * Short succinct explanation of something.
 * 
 * Longer paragraph, bla bla bla
 *
 * @param foo also whitespaces before params.
 */

Also elsewhere.

[keesgeluk]

Done

[davidz25]

I think you are missing brackets around com.android.identity.credentialtype.knowntypes and addCredentialType(). Also elsewhere.

[keesgeluk]

Done

[davidz25]

Nit: Don't forget periods after each sentence.

[keesgeluk]

Done

[davidz25]

Nit: "or" instead of "our" in the last sentence. Also missing initial short sentence (see other comment on CredentialTypeRepository.

[keesgeluk]

Done

[davidz25]

This is helpful but it's a lot of data and I'm concerned some downstream consumers will not like it. Please move to knowntypes package so it'll be easier to split into a separate identity-knowntypes library in some point in the future (to save space).

[keesgeluk]

Done

[davidz25]

LGTM, thanks!