Update Alice/Faber demo to include json-ld credentials and proofs

aries_cloudagent/protocols/issue_credential/v2_0/formats/ld_proof/handler.py

@@ -353,14 +353,20 @@ def _get_proof_purpose(
                 f"Supported  proof types are: {SUPPORTED_ISSUANCE_PROOF_PURPOSES}"
             )
 
-    async def _prepare_detail(self, detail: LDProofVCDetail) -> LDProofVCDetail:
+    async def _prepare_detail(
+        self, detail: LDProofVCDetail, holder_did: str = None
+    ) -> LDProofVCDetail:
         # Add BBS context if not present yet
         if (
             detail.options.proof_type == BbsBlsSignature2020.signature_type
             and SECURITY_CONTEXT_BBS_URL not in detail.credential.context_urls
         ):
             detail.credential.add_context(SECURITY_CONTEXT_BBS_URL)
 
+        # add holder_did as credentialSubject.id (if provided)
+        if holder_did and holder_did.startswith("did:key"):
+            detail.credential.credential_subject["id"] = holder_did
+
         return detail
 
     async def create_proposal(
@@ -410,6 +416,8 @@ async def create_request(
         self, cred_ex_record: V20CredExRecord, request_data: Mapping = None
     ) -> CredFormatAttachment:
         """Create linked data proof credential request."""
+        holder_did = request_data.get("holder_did") if request_data else None
+
         if cred_ex_record.cred_offer:
             request_data = cred_ex_record.cred_offer.attachment(
                 LDProofCredFormatHandler.format
@@ -426,7 +434,7 @@ async def create_request(
             )
 
         detail = LDProofVCDetail.deserialize(request_data)
-        detail = await self._prepare_detail(detail)
+        detail = await self._prepare_detail(detail, holder_did=holder_did)
 
         return self.get_format_data(CRED_20_REQUEST, detail.serialize())
 

aries_cloudagent/protocols/issue_credential/v2_0/routes.py

@@ -257,6 +257,12 @@ class V20CredRequestFreeSchema(AdminAPIMessageTracingSchema):
         required=False,
         example=False,
     )
+    holder_did = fields.Str(
+        description="Holder DID to substitute for the credentialSubject.id",
+        required=False,
+        allow_none=True,
+        example="did:key:ahsdkjahsdkjhaskjdhakjshdkajhsdkjahs",
+    )
 
 
 class V20CredSendRequestSchema(V20IssueCredSchemaCore):
@@ -326,6 +332,17 @@ class V20CreateFreeOfferResultSchema(OpenAPISchema):
     )
 
 
+class V20CredRequestRequestSchema(OpenAPISchema):
+    """Request schema for sending credential request message."""
+
+    holder_did = fields.Str(
+        description="Holder DID to substitute for the credentialSubject.id",
+        required=False,
+        allow_none=True,
+        example="did:key:ahsdkjahsdkjhaskjdhakjshdkajhsdkjahs",
+    )
+
+
 class V20CredIssueRequestSchema(OpenAPISchema):
     """Request schema for sending credential issue admin message."""
 
@@ -1126,6 +1143,7 @@ async def credential_exchange_send_free_request(request: web.BaseRequest):
         raise web.HTTPBadRequest(reason="Missing filter")
     auto_remove = body.get("auto_remove")
     trace_msg = body.get("trace")
+    holder_did = body.get("holder_did")
 
     conn_record = None
     cred_ex_record = None
@@ -1158,7 +1176,7 @@ async def credential_exchange_send_free_request(request: web.BaseRequest):
 
         cred_ex_record, cred_request_message = await cred_manager.create_request(
             cred_ex_record=cred_ex_record,
-            holder_did=conn_record.my_did,
+            holder_did=holder_did,
             comment=comment,
         )
 
@@ -1199,6 +1217,7 @@ async def credential_exchange_send_free_request(request: web.BaseRequest):
     summary="Send issuer a credential request",
 )
 @match_info_schema(V20CredExIdMatchInfoSchema())
+@request_schema(V20CredRequestRequestSchema())
 @response_schema(V20CredExRecordSchema(), 200, description="")
 async def credential_exchange_send_bound_request(request: web.BaseRequest):
     """
@@ -1216,6 +1235,12 @@ async def credential_exchange_send_bound_request(request: web.BaseRequest):
     context: AdminRequestContext = request["context"]
     outbound_handler = request["outbound_message_router"]
 
+    try:
+        body = await request.json() or {}
+        holder_did = body.get("holder_did")
+    except JSONDecodeError:
+        holder_did = None
+
     cred_ex_id = request.match_info["cred_ex_id"]
 
     cred_ex_record = None
@@ -1238,7 +1263,7 @@ async def credential_exchange_send_bound_request(request: web.BaseRequest):
         cred_manager = V20CredManager(context.profile)
         cred_ex_record, cred_request_message = await cred_manager.create_request(
             cred_ex_record,
-            conn_record.my_did,
+            holder_did if holder_did else conn_record.my_did,
         )
 
         result = cred_ex_record.serialize()

demo/AliceGetsAPhone.md

@@ -133,17 +133,19 @@ Note that with _Play with Docker_ it can be challenging to capture the informati
 If you are running in a _local bash shell_, navigate to [The demo directory](/demo) and run:
 
 ```bash
-TAILS_NETWORK=docker_tails-server LEDGER_URL=http://test.bcovrin.vonx.io ./run_demo faber --revocation --events
+TAILS_NETWORK=docker_tails-server LEDGER_URL=http://test.bcovrin.vonx.io ./run_demo faber --aip 10 --revocation --events
 ```
 
+(Note that we have to start faber with `--aip 10` for compatibility with mobile clients.)
+
 The `TAILS_NETWORK` parameter lets the demo script know how to connect to the tails server (which should be running in a separate shell on the same machine).
 
 #### Running in Play with Docker?
 
 If you are running in _Play with Docker_, navigate to [The demo directory](/demo) and run:
 
 ```bash
-PUBLIC_TAILS_URL=https://c4f7fbb85911.ngrok.io LEDGER_URL=http://test.bcovrin.vonx.io ./run_demo faber --revocation --events
+PUBLIC_TAILS_URL=https://c4f7fbb85911.ngrok.io LEDGER_URL=http://test.bcovrin.vonx.io ./run_demo faber --aip 10 --revocation --events
 ```
 
 The `PUBLIC_TAILS_URL` parameter lets the demo script know how to connect to the tails server. This can be running in another PWD session, or even on your local machine - the ngrok endpoint is public and will map to the correct location.