refactor: use JSON-LD @context in session request messages

irma_signature.go

@@ -11,7 +11,7 @@ import (
 	"github.com/privacybydesign/gabi/big"
 )
 
-const SignedMessageLDContext = "https://irma.app/ld/signature/v2"
+const LDContextSignedMessage = "https://irma.app/ld/signature/v2"
 
 // SignedMessage is a message signed with an attribute-based signature
 // The 'realnonce' will be calculated as: SigRequest.GetNonce() = ASN1(nonce, SHA256(message), timestampSignature)

irmaclient/logs.go

@@ -135,7 +135,7 @@ func (session *session) createLogEntry(response interface{}) (*LogEntry, error)
 		request := session.request.(*irma.SignatureRequest)
 		entry.SignedMessage = []byte(request.Message)
 		entry.Timestamp = session.timestamp
-		entry.SignedMessageLDContext = irma.SignedMessageLDContext
+		entry.SignedMessageLDContext = irma.LDContextSignedMessage
 
 		fallthrough
 	case irma.ActionDisclosing:

irmago_test.go

@@ -261,7 +261,7 @@ func TestSessionRequests(t *testing.T) {
 	sigMessage := "message to be signed"
 
 	base := &DisclosureRequest{
-		BaseRequest: BaseRequest{Type: ActionDisclosing, Version: 2},
+		BaseRequest: BaseRequest{LDContext: LDContextDisclosureRequest},
 		Disclose: AttributeConDisCon{
 			AttributeDisCon{
 				AttributeCon{NewAttributeRequest("irma-demo.MijnOverheid.ageLimits.over18")},
@@ -299,8 +299,7 @@ func TestSessionRequests(t *testing.T) {
 			}`,
 			current: &DisclosureRequest{},
 			currentJson: `{
-				"type": "disclosing",
-				"v": 2,
+				"@context": "https://irma.app/ld/request/disclosure/v2",
 				"disclose": [
 					[
 						[
@@ -331,7 +330,7 @@ func TestSessionRequests(t *testing.T) {
 
 		{
 			expected: &SignatureRequest{
-				DisclosureRequest{BaseRequest{Type: ActionSigning, Version: 2}, base.Disclose, base.Labels},
+				DisclosureRequest{BaseRequest{LDContext: LDContextSignatureRequest}, base.Disclose, base.Labels},
 				sigMessage,
 			},
 			old: &SignatureRequest{},
@@ -354,8 +353,7 @@ func TestSessionRequests(t *testing.T) {
 			}`,
 			current: &SignatureRequest{},
 			currentJson: `{
-				"type": "signing",
-				"v": 2,
+				"@context": "https://irma.app/ld/request/signature/v2",
 				"disclose": [
 					[
 						[
@@ -387,7 +385,7 @@ func TestSessionRequests(t *testing.T) {
 
 		{
 			expected: &IssuanceRequest{
-				DisclosureRequest: DisclosureRequest{BaseRequest{Type: ActionIssuing, Version: 2}, base.Disclose, base.Labels},
+				DisclosureRequest: DisclosureRequest{BaseRequest{LDContext: LDContextIssuanceRequest}, base.Disclose, base.Labels},
 				Credentials: []*CredentialRequest{
 					{
 						CredentialTypeID: NewCredentialTypeIdentifier("irma-demo.MijnOverheid.root"),
@@ -418,8 +416,7 @@ func TestSessionRequests(t *testing.T) {
 			}`,
 			current: &IssuanceRequest{},
 			currentJson: `{
-				"type": "issuing",
-				"v": 2,
+				"@context": "https://irma.app/ld/request/issuance/v2",
 				"credentials": [
 					{
 						"credential": "irma-demo.MijnOverheid.root",
@@ -460,7 +457,8 @@ func TestSessionRequests(t *testing.T) {
 	for _, tst := range tests {
 		require.NoError(t, json.Unmarshal([]byte(tst.oldJson), tst.old))
 		require.NoError(t, json.Unmarshal([]byte(tst.currentJson), tst.current))
-		tst.old.Base().legacy = false
+		tst.old.Base().legacy = false // We don't care about this field differing, override it
+		tst.old.Base().Type = ""      // same
 		require.True(t, reflect.DeepEqual(tst.old, tst.expected), "Legacy %s did not unmarshal to expected value", reflect.TypeOf(tst.old).String())
 		require.True(t, reflect.DeepEqual(tst.current, tst.expected), "%s did not unmarshal to expected value", reflect.TypeOf(tst.old).String())
 

legacy.go

@@ -39,7 +39,7 @@ func (dr *LegacyDisclosureRequest) Validate() error                 { panic("not
 func (dr *LegacyDisclosureRequest) Disclosure() *DisclosureRequest  { panic("not implemented") }
 func (dr *LegacyDisclosureRequest) Identifiers() *IrmaIdentifierSet { panic("not implemented") }
 func (dr *LegacyDisclosureRequest) Base() *BaseRequest              { return &dr.BaseRequest }
-func (dr *LegacyDisclosureRequest) Action() Action                  { return dr.Type }
+func (dr *LegacyDisclosureRequest) Action() Action                  { return ActionDisclosing }
 func (dr *LegacyDisclosureRequest) Legacy() (SessionRequest, error) { return dr, nil }
 
 type LegacySignatureRequest struct {
@@ -47,6 +47,8 @@ type LegacySignatureRequest struct {
 	Message string `json:"message"`
 }
 
+func (ir *LegacySignatureRequest) Action() Action { return ActionIssuing }
+
 type LegacyIssuanceRequest struct {
 	BaseRequest
 	Credentials []*CredentialRequest       `json:"credentials"`
@@ -57,7 +59,7 @@ func (ir *LegacyIssuanceRequest) Validate() error                 { panic("not i
 func (ir *LegacyIssuanceRequest) Disclosure() *DisclosureRequest  { panic("not implemented") }
 func (ir *LegacyIssuanceRequest) Identifiers() *IrmaIdentifierSet { panic("not implemented") }
 func (ir *LegacyIssuanceRequest) Base() *BaseRequest              { return &ir.BaseRequest }
-func (ir *LegacyIssuanceRequest) Action() Action                  { return ir.Type }
+func (ir *LegacyIssuanceRequest) Action() Action                  { return ActionIssuing }
 func (ir *LegacyIssuanceRequest) Legacy() (SessionRequest, error) { return ir, nil }
 
 func convertConDisCon(cdc AttributeConDisCon, labels map[int]TranslatedString) ([]LegacyLabeledDisjunction, error) {
@@ -96,14 +98,14 @@ func convertDisjunctions(disjunctions []LegacyLabeledDisjunction) (
 	return
 }
 
-func parseVersion(bts []byte) (int, error) {
+func parseLDContext(bts []byte) (string, error) {
 	var v struct {
-		Version int `json:"v"`
+		LDContext string `json:"@context"`
 	}
 	if err := json.Unmarshal(bts, &v); err != nil {
-		return 0, err
+		return "", err
 	}
-	return v.Version, nil
+	return v.LDContext, nil
 }
 
 func checkType(typ, expected Action) error {
@@ -168,7 +170,7 @@ func (dr *DisclosureRequest) Legacy() (SessionRequest, error) {
 	}
 	return &LegacyDisclosureRequest{
 		BaseRequest: BaseRequest{
-			Type:            dr.Type,
+			Type:            ActionDisclosing,
 			Context:         dr.Context,
 			Nonce:           dr.Nonce,
 			ProtocolVersion: dr.ProtocolVersion,
@@ -178,12 +180,12 @@ func (dr *DisclosureRequest) Legacy() (SessionRequest, error) {
 }
 
 func (dr *DisclosureRequest) UnmarshalJSON(bts []byte) (err error) {
-	var version int
-	if version, err = parseVersion(bts); err != nil {
+	var ldContext string
+	if ldContext, err = parseLDContext(bts); err != nil {
 		return err
 	}
 
-	if version >= 2 {
+	if ldContext != "" {
 		type newDisclosureRequest DisclosureRequest // Same type with default JSON unmarshaler
 		var req newDisclosureRequest
 		if err = json.Unmarshal(bts, &req); err != nil {
@@ -199,7 +201,7 @@ func (dr *DisclosureRequest) UnmarshalJSON(bts []byte) (err error) {
 	}
 	dr.BaseRequest = legacy.BaseRequest
 	dr.legacy = true
-	dr.Version = 2
+	dr.LDContext = LDContextDisclosureRequest
 	dr.Disclose, dr.Labels = convertDisjunctions(legacy.Content)
 
 	return checkType(legacy.Type, ActionDisclosing)
@@ -214,7 +216,7 @@ func (sr *SignatureRequest) Legacy() (SessionRequest, error) {
 		Message: sr.Message,
 		LegacyDisclosureRequest: LegacyDisclosureRequest{
 			BaseRequest: BaseRequest{
-				Type:            sr.Type,
+				Type:            ActionSigning,
 				Context:         sr.Context,
 				Nonce:           sr.Nonce,
 				ProtocolVersion: sr.ProtocolVersion,
@@ -225,12 +227,12 @@ func (sr *SignatureRequest) Legacy() (SessionRequest, error) {
 }
 
 func (sr *SignatureRequest) UnmarshalJSON(bts []byte) (err error) {
-	var version int
-	if version, err = parseVersion(bts); err != nil {
+	var ldContext string
+	if ldContext, err = parseLDContext(bts); err != nil {
 		return err
 	}
 
-	if version >= 2 {
+	if ldContext != "" {
 		var req struct { // Identical type with default JSON unmarshaler
 			BaseRequest
 			Disclose AttributeConDisCon       `json:"disclose"`
@@ -257,7 +259,7 @@ func (sr *SignatureRequest) UnmarshalJSON(bts []byte) (err error) {
 	}
 	sr.BaseRequest = legacy.BaseRequest
 	sr.legacy = true
-	sr.Version = 2
+	sr.LDContext = LDContextSignatureRequest
 	sr.Disclose, sr.Labels = convertDisjunctions(legacy.Content)
 	sr.Message = legacy.Message
 
@@ -271,7 +273,7 @@ func (ir *IssuanceRequest) Legacy() (SessionRequest, error) {
 	}
 	return &LegacyIssuanceRequest{
 		BaseRequest: BaseRequest{
-			Type:            ir.Type,
+			Type:            ActionIssuing,
 			Context:         ir.Context,
 			Nonce:           ir.Nonce,
 			ProtocolVersion: ir.ProtocolVersion,
@@ -282,12 +284,12 @@ func (ir *IssuanceRequest) Legacy() (SessionRequest, error) {
 }
 
 func (ir *IssuanceRequest) UnmarshalJSON(bts []byte) (err error) {
-	var version int
-	if version, err = parseVersion(bts); err != nil {
+	var ldContext string
+	if ldContext, err = parseLDContext(bts); err != nil {
 		return err
 	}
 
-	if version >= 2 {
+	if ldContext != "" {
 		var req struct { // Identical type with default JSON unmarshaler
 			BaseRequest
 			Disclose    AttributeConDisCon       `json:"disclose"`
@@ -310,7 +312,7 @@ func (ir *IssuanceRequest) UnmarshalJSON(bts []byte) (err error) {
 	}
 	ir.BaseRequest = legacy.BaseRequest
 	ir.legacy = true
-	ir.Version = 2
+	ir.LDContext = LDContextIssuanceRequest
 	ir.Credentials = legacy.Credentials
 	ir.Disclose, ir.Labels = convertDisjunctions(legacy.Disclose)
 

requests.go

@@ -15,20 +15,25 @@ import (
 	"github.com/privacybydesign/irmago/internal/fs"
 )
 
+const (
+	LDContextDisclosureRequest = "https://irma.app/ld/request/disclosure/v2"
+	LDContextSignatureRequest  = "https://irma.app/ld/request/signature/v2"
+	LDContextIssuanceRequest   = "https://irma.app/ld/request/issuance/v2"
+)
+
 // BaseRequest contains the context and nonce for an IRMA session.
 type BaseRequest struct {
-	// Denotes session type, must be "disclosing", "signing" or "issuing"
-	Type Action `json:"type"`
-	// Message version. Current version is 2.
-	Version int `json:"v,omitempty"`
+	LDContext string `json:"@context,omitempty"`
 
 	// Chosen by the IRMA server during the session
 	Context         *big.Int         `json:"context,omitempty"`
 	Nonce           *big.Int         `json:"nonce,omitempty"`
 	ProtocolVersion *ProtocolVersion `json:"protocolVersion,omitempty"`
 
-	ids    *IrmaIdentifierSet // cache for Identifiers() method
-	legacy bool
+	ids *IrmaIdentifierSet // cache for Identifiers() method
+
+	legacy bool   // Whether or not this was deserialized from a legacy (pre-condiscon) request
+	Type   Action `json:"type,omitempty"` // Session type, only used in legacy code
 }
 
 // An AttributeCon is only satisfied if all of its containing attribute requests are satisfied.
@@ -384,7 +389,7 @@ func (dr *DisclosureRequest) AddSingle(attr AttributeTypeIdentifier, value *stri
 
 func NewDisclosureRequest(attrs ...AttributeTypeIdentifier) *DisclosureRequest {
 	request := &DisclosureRequest{
-		BaseRequest: BaseRequest{Type: ActionDisclosing, Version: 2},
+		BaseRequest: BaseRequest{LDContext: LDContextDisclosureRequest},
 		Labels:      map[int]TranslatedString{},
 	}
 	for _, attr := range attrs {
@@ -395,7 +400,7 @@ func NewDisclosureRequest(attrs ...AttributeTypeIdentifier) *DisclosureRequest {
 
 func NewSignatureRequest(message string, attrs ...AttributeTypeIdentifier) *SignatureRequest {
 	dr := NewDisclosureRequest(attrs...)
-	dr.Type = ActionSigning
+	dr.LDContext = LDContextSignatureRequest
 	return &SignatureRequest{
 		DisclosureRequest: *dr,
 		Message:           message,
@@ -404,7 +409,7 @@ func NewSignatureRequest(message string, attrs ...AttributeTypeIdentifier) *Sign
 
 func NewIssuanceRequest(creds []*CredentialRequest, attrs ...AttributeTypeIdentifier) *IssuanceRequest {
 	dr := NewDisclosureRequest(attrs...)
-	dr.Type = ActionIssuing
+	dr.LDContext = LDContextIssuanceRequest
 	return &IssuanceRequest{
 		DisclosureRequest: *dr,
 		Credentials:       creds,
@@ -442,7 +447,7 @@ func (dr *DisclosureRequest) Base() *BaseRequest {
 func (dr *DisclosureRequest) Action() Action { return ActionDisclosing }
 
 func (dr *DisclosureRequest) Validate() error {
-	if dr.Type != ActionDisclosing {
+	if dr.LDContext != LDContextDisclosureRequest {
 		return errors.New("Not a disclosure request")
 	}
 	if len(dr.Disclose) == 0 {
@@ -573,7 +578,7 @@ func (ir *IssuanceRequest) GetCredentialInfoList(conf *Configuration, version *P
 func (ir *IssuanceRequest) Action() Action { return ActionIssuing }
 
 func (ir *IssuanceRequest) Validate() error {
-	if ir.Type != ActionIssuing {
+	if ir.LDContext != LDContextIssuanceRequest {
 		return errors.New("Not an issuance request")
 	}
 	if len(ir.Credentials) == 0 {
@@ -611,7 +616,7 @@ func (sr *SignatureRequest) SignatureFromMessage(message interface{}, timestamp
 		nonce = bigZero
 	}
 	return &SignedMessage{
-		LDContext: SignedMessageLDContext,
+		LDContext: LDContextSignedMessage,
 		Signature: signature.Proofs,
 		Indices:   signature.Indices,
 		Nonce:     nonce,
@@ -624,7 +629,7 @@ func (sr *SignatureRequest) SignatureFromMessage(message interface{}, timestamp
 func (sr *SignatureRequest) Action() Action { return ActionSigning }
 
 func (sr *SignatureRequest) Validate() error {
-	if sr.Type != ActionSigning {
+	if sr.LDContext != LDContextSignatureRequest {
 		return errors.New("Not a signature request")
 	}
 	if sr.Message == "" {