Logging for prover role (#928)

* Add Bootstrap script to store a credential in the vc-auth agent

Signed-off-by: Gavin Jaeger-Freeborn <gavinfreeborn@gmail.com>

* Initial setup for testing and logging verifying vc-auth

Signed-off-by: Gavin Jaeger-Freeborn <gavinfreeborn@gmail.com>

* Static Schema Name In Bootstrap

Signed-off-by: Gavin Jaeger-Freeborn <gavinfreeborn@gmail.com>

* Split Issuer into a seperate docker compose file

Signed-off-by: Gavin Jaeger-Freeborn <gavinfreeborn@gmail.com>

* update changes to work with separate compose approach

Signed-off-by: Gavin Jaeger-Freeborn <gavinfreeborn@gmail.com>

* Schema is still dynamic but now with a static starting string

Signed-off-by: Gavin Jaeger-Freeborn <gavinfreeborn@gmail.com>

* Added prover role logging tests

Signed-off-by: Gavin Jaeger-Freeborn <gavinfreeborn@gmail.com>

* Add documentation for prover role

Signed-off-by: Gavin Jaeger-Freeborn <gavinfreeborn@gmail.com>

* Enhance mutual authentication flow and Docker configuration

- Updated Docker Compose configuration to use a new image for the issuer agent.
- Refactored logging and methods in `bootstrap-trusted-verifier.py` to implement a mutual authentication pattern between the issuer and VC-AuthN.
- Added comprehensive logging for each phase of the mutual authentication process.
- Enhanced error handling and cleanup verification for presentation records.
- Removed deprecated test logic related to prover role, focusing on the new mutual authentication approach.

Signed-off-by: Gavin Jaeger-Freeborn <gavinfreeborn@gmail.com>

* Enhance webhook handling for presentation records

- Update `post_topic` to delete presentation records for terminal states: "done", "abandoned", and "declined".
- Implement error handling for deletion failures, logging appropriate messages for both failure cases and exceptions.
- Add unit tests to verify deletion behavior for different states and ensure graceful handling of delete errors.

Signed-off-by: Gavin Jaeger-Freeborn <gavinfreeborn@gmail.com>

* Update Docker configuration and enhance cleanup verification

- Handle CONTROLLER_API_KEY being empty an empty string in the env file
- Changed issuer-aca-py Docker image to `ghcr.io/openwallet-foundation/acapy-agent:py3.12-1.4.0`.
- Removed the `ACAPY_AUTO_RESPOND_PRESENTATION_REQUEST` environment variable from the Docker configuration. Not needed for the issuer
- Improved the `configureEnvironment` function in the manage script to use better condition checks for environment variables.
- Added a new function `get_verifier_pres_ex_id` to retrieve the presentation exchange ID for the prover role in bootstrap script
- Updated the prover role test to check if the VC-AuthN presentation cleanup is successful and log appropriate messages.
- Enhanced error handling in cleanup verification process.

Signed-off-by: Gavin Jaeger-Freeborn <gavinfreeborn@gmail.com>

---------

Signed-off-by: Gavin Jaeger-Freeborn <gavinfreeborn@gmail.com>
Co-authored-by: Emiliano Suñé <emiliano.sune@gmail.com>

Author: Gavinok

README.md

@@ -12,6 +12,8 @@ Make sure to read the [best practices](/docs/BestPractices.md) to be used when p
 
 If you are upgrading from a previous release, take a look at the [migration guide](/docs/MigrationGuide.md).
 
+For information about prover-role functionality (when VC-AuthN responds to proof requests), see the [prover role logging documentation](/docs/ProverRoleLogging.md).
+
 ## Pre-requisites
 
 - A bash-compatible shell such as [Git Bash](https://git-scm.com/downloads)
@@ -105,6 +107,23 @@ curl -X 'POST' \
 
 After all these steps have been completed, you should be able to authenticate with the demo application using the "Verified Credential Access" option.
 
+## Advanced Features
+
+### Prover Role (Trusted Verifier Credentials)
+
+VC-AuthN can also act as a **prover**, holding credentials in its own wallet and responding to proof requests from external verifiers. This is useful for trusted verifier networks where VC-AuthN must prove its authorization status.
+
+For detailed information about prover-role functionality, testing, and configuration, see the [Prover Role Logging documentation](docs/ProverRoleLogging.md).
+
+**Quick Test**: To test prover-role functionality with the bootstrap script:
+```bash
+cd docker
+TEST_PROVER_ROLE=true \
+LEDGER_URL=http://test.bcovrin.vonx.io \
+TAILS_SERVER_URL=https://tails-test.vonx.io \
+./manage bootstrap
+```
+
 ## Debugging
 
 To connect a debugger to the `vc-authn` controller service, start the project using `DEBUGGER=true ./manage single-pod` and then launch the debugger.

docker/docker-compose.yaml

@@ -175,6 +175,7 @@ services:
       - ACAPY_AUTO_VERIFY_PRESENTATION=true
       - ACAPY_AUTO_RESPOND_CREDENTIAL_OFFER=true
       - ACAPY_AUTO_STORE_CREDENTIAL=true
+      - ACAPY_AUTO_RESPOND_PRESENTATION_REQUEST=true
       - ACAPY_WALLET_STORAGE_TYPE=${WALLET_TYPE}
       - ACAPY_READ_ONLY_LEDGER=true
       - ACAPY_GENESIS_TRANSACTIONS_LIST=/tmp/ledgers.yaml

docker/manage

@@ -197,13 +197,13 @@ configureEnvironment() {
 # This must be called AFTER setNgrokEndpoints to ensure URLs are properly set
 finalizeEnvironment() {
   # Controller Webhook URL: Append API Key if present
-  if [ ! -z "${CONTROLLER_API_KEY}" ] && [[ "${CONTROLLER_WEB_HOOK_URL}" != *"#"* ]]; then
+  if [ -v CONTROLLER_API_KEY ] && [ -n "${CONTROLLER_API_KEY}" ] && [[ "${CONTROLLER_WEB_HOOK_URL}" != *"#"* ]]; then
     export CONTROLLER_WEB_HOOK_URL="${CONTROLLER_WEB_HOOK_URL}#${CONTROLLER_API_KEY}"
   fi
 
   # Agent Admin Mode: Append API Key if present
   export AGENT_ADMIN_MODE="admin-insecure-mode"
-  if [ ! -z "${AGENT_ADMIN_API_KEY}" ]; then
+  if [ -v AGENT_ADMIN_API_KEY ] && [ -n "${AGENT_ADMIN_API_KEY}" ]; then
     export AGENT_ADMIN_MODE="admin-api-key ${AGENT_ADMIN_API_KEY}"
   fi