clean up clr step #2

inspector-vc/src/main/java/org/oneedtech/inspect/vc/Credential.java

@@ -127,5 +127,6 @@ public class Credential extends GeneratedObject  {
 	
 	public static final String ID = Credential.class.getCanonicalName();
 	public static final List<ResourceType> RECOGNIZED_PAYLOAD_TYPES = List.of(SVG, PNG, JSON, JWT);
+	public static final String CREDENTIAL_KEY = "CREDENTIAL_KEY";
 		
 }

inspector-vc/src/main/java/org/oneedtech/inspect/vc/EndorsementInspector.java

@@ -5,6 +5,8 @@ import static org.oneedtech.inspect.core.probe.RunContext.Key.*;
 import static org.oneedtech.inspect.core.report.ReportUtil.onProbeException;
 import static org.oneedtech.inspect.util.code.Defensives.checkNotNull;
 import static org.oneedtech.inspect.util.json.ObjectMapperCache.Config.DEFAULT;
+import static org.oneedtech.inspect.vc.Credential.CREDENTIAL_KEY;
+import static org.oneedtech.inspect.vc.Credential.ProofType.EXTERNAL;
 
 import java.net.URI;
 import java.util.ArrayList;
@@ -25,12 +27,12 @@ import org.oneedtech.inspect.util.resource.UriResource;
 import org.oneedtech.inspect.util.resource.context.ResourceContext;
 import org.oneedtech.inspect.vc.Credential.Type;
 import org.oneedtech.inspect.vc.probe.ContextPropertyProbe;
-import org.oneedtech.inspect.vc.probe.ExpirationVerifierProbe;
+import org.oneedtech.inspect.vc.probe.EmbeddedProofProbe;
+import org.oneedtech.inspect.vc.probe.ExpirationProbe;
+import org.oneedtech.inspect.vc.probe.ExternalProofProbe;
 import org.oneedtech.inspect.vc.probe.InlineJsonSchemaProbe;
-import org.oneedtech.inspect.vc.probe.IssuanceVerifierProbe;
+import org.oneedtech.inspect.vc.probe.IssuanceProbe;
-import org.oneedtech.inspect.vc.probe.ProofVerifierProbe;
 import org.oneedtech.inspect.vc.probe.RevocationListProbe;
-import org.oneedtech.inspect.vc.probe.SignatureVerifierProbe;
 import org.oneedtech.inspect.vc.probe.TypePropertyProbe;
 
 import com.fasterxml.jackson.databind.JsonNode;
@@ -58,7 +60,7 @@ public class EndorsementInspector extends VCInspector implements SubInspector {
 		 * 
 		 */
 		
-		Credential endorsement = (Credential) checkNotNull(parentObjects.get(ENDORSEMENT_KEY));
+		Credential endorsement = (Credential) checkNotNull(parentObjects.get(CREDENTIAL_KEY));
 				
 		ObjectMapper mapper = ObjectMapperCache.get(DEFAULT);
 		JsonPathEvaluator jsonPath = new JsonPathEvaluator(mapper);
@@ -86,12 +88,12 @@ public class EndorsementInspector extends VCInspector implements SubInspector {
 									
 			//signatures, proofs
 			probeCount++;
-			if(endorsement.getJwt().isPresent()){
+			if(endorsement.getProofType() == EXTERNAL){
 				//The credential originally contained in a JWT, validate the jwt and external proof.
-				accumulator.add(new SignatureVerifierProbe().run(endorsement, ctx));
+				accumulator.add(new ExternalProofProbe().run(endorsement, ctx));
 			} else {
 				//The credential not contained in a jwt, must have an internal proof.
-				accumulator.add(new ProofVerifierProbe().run(endorsement, ctx));		
+				accumulator.add(new EmbeddedProofProbe().run(endorsement, ctx));		
 				
 			}
 			if(broken(accumulator)) return abort(ctx, accumulator, probeCount);
@@ -110,7 +112,7 @@ public class EndorsementInspector extends VCInspector implements SubInspector {
 
 			//revocation, expiration and issuance
 			for(Probe<Credential> probe : List.of(new RevocationListProbe(), 
-				new ExpirationVerifierProbe(), new IssuanceVerifierProbe())) {					
+				new ExpirationProbe(), new IssuanceProbe())) {					
 				probeCount++;
 				accumulator.add(probe.run(endorsement, ctx));
 				if(broken(accumulator)) return abort(ctx, accumulator, probeCount);
@@ -136,6 +138,4 @@ public class EndorsementInspector extends VCInspector implements SubInspector {
 		}
 	}
 	   
-	public static final String ENDORSEMENT_KEY = "ENDORSEMENT_KEY";
-   
 }

inspector-vc/src/main/java/org/oneedtech/inspect/vc/OB30Inspector.java

@@ -3,9 +3,10 @@ package org.oneedtech.inspect.vc;
 import static java.lang.Boolean.TRUE;
 import static org.oneedtech.inspect.core.Inspector.Behavior.RESET_CACHES_ON_RUN;
 import static org.oneedtech.inspect.core.report.ReportUtil.onProbeException;
+import static org.oneedtech.inspect.util.code.Defensives.*;
 import static org.oneedtech.inspect.util.json.ObjectMapperCache.Config.DEFAULT;
+import static org.oneedtech.inspect.vc.Credential.CREDENTIAL_KEY;
 import static org.oneedtech.inspect.vc.Credential.ProofType.EXTERNAL;
-import static org.oneedtech.inspect.vc.EndorsementInspector.ENDORSEMENT_KEY;
 import static org.oneedtech.inspect.vc.payload.PayloadParser.fromJwt;
 import static org.oneedtech.inspect.vc.util.JsonNodeUtil.asNodeList;
 
@@ -15,7 +16,8 @@ import java.util.List;
 import java.util.Map;
 import java.util.Optional;
 
-import org.oneedtech.inspect.core.Inspector;
+import org.oneedtech.inspect.core.SubInspector;
+import org.oneedtech.inspect.core.probe.GeneratedObject;
 import org.oneedtech.inspect.core.probe.Probe;
 import org.oneedtech.inspect.core.probe.RunContext;
 import org.oneedtech.inspect.core.probe.RunContext.Key;
@@ -25,6 +27,7 @@ import org.oneedtech.inspect.core.report.Report;
 import org.oneedtech.inspect.core.report.ReportItems;
 import org.oneedtech.inspect.schema.JsonSchemaCache;
 import org.oneedtech.inspect.schema.SchemaKey;
+import org.oneedtech.inspect.util.code.Defensives;
 import org.oneedtech.inspect.util.json.ObjectMapperCache;
 import org.oneedtech.inspect.util.resource.Resource;
 import org.oneedtech.inspect.util.resource.ResourceType;
@@ -35,12 +38,12 @@ import org.oneedtech.inspect.vc.Credential.Type;
 import org.oneedtech.inspect.vc.probe.ContextPropertyProbe;
 import org.oneedtech.inspect.vc.probe.CredentialParseProbe;
 import org.oneedtech.inspect.vc.probe.CredentialSubjectProbe;
-import org.oneedtech.inspect.vc.probe.ExpirationVerifierProbe;
+import org.oneedtech.inspect.vc.probe.ExpirationProbe;
 import org.oneedtech.inspect.vc.probe.InlineJsonSchemaProbe;
-import org.oneedtech.inspect.vc.probe.IssuanceVerifierProbe;
+import org.oneedtech.inspect.vc.probe.IssuanceProbe;
-import org.oneedtech.inspect.vc.probe.ProofVerifierProbe;
+import org.oneedtech.inspect.vc.probe.EmbeddedProofProbe;
 import org.oneedtech.inspect.vc.probe.RevocationListProbe;
-import org.oneedtech.inspect.vc.probe.SignatureVerifierProbe;
+import org.oneedtech.inspect.vc.probe.ExternalProofProbe;
 import org.oneedtech.inspect.vc.probe.TypePropertyProbe;
 import org.oneedtech.inspect.vc.util.CachingDocumentLoader;
 
@@ -52,7 +55,7 @@ import com.google.common.collect.ImmutableList;
  * A verifier for Open Badges 3.0.
  * @author mgylling
  */
-public class OB30Inspector extends VCInspector {
+public class OB30Inspector extends VCInspector implements SubInspector {
 	protected final List<Probe<Credential>> userProbes;
 	
 	protected OB30Inspector(OB30Inspector.Builder builder) {	
@@ -63,6 +66,14 @@ public class OB30Inspector extends VCInspector {
 	//https://docs.google.com/document/d/1_imUl2K-5tMib0AUxwA9CWb0Ap1b3qif0sXydih68J0/edit#
 	//https://imsglobal.github.io/openbadges-specification/ob_v3p0.html#verificaton-and-validation
 	
+	/*
+	 * This inspector supports both standalone openbadge verification, as well as verification of
+	 * AchievementCredentials embedded in e.g. CLR. 
+	 * 
+	 * When verifying a standalone AchievementCredential, call the run(Resource) method. When verifying
+	 * an embedded AchievementCredential, call the run(Resource, Map) method. 
+	 */
+	
 	@Override
 	public Report run(Resource resource) {		
 		super.check(resource);	//TODO because URIs, this should be a fetch and cache
@@ -89,11 +100,48 @@ public class OB30Inspector extends VCInspector {
 				//detect type (png, svg, json, jwt) and extract json data
 				probeCount++;
 				accumulator.add(new CredentialParseProbe().run(resource, ctx));				
-				if(broken(accumulator)) return abort(ctx, accumulator, probeCount);
+				if(broken(accumulator, true)) return abort(ctx, accumulator, probeCount);
 				
 				//we expect the above to place a generated object in the context				
 				Credential ob = ctx.getGeneratedObject(Credential.ID);
 				
+				//call the subinspector method of this
+				Report subReport = this.run(resource, Map.of(Credential.CREDENTIAL_KEY, ob));
+				probeCount += subReport.getSummary().getTotalRun();
+				accumulator.add(subReport);
+				
+				//finally, run any user-added probes
+				for(Probe<Credential> probe : userProbes) {
+					probeCount++;
+					accumulator.add(probe.run(ob, ctx));
+				}
+						
+		} catch (Exception e) {
+			accumulator.add(onProbeException(Probe.ID.NO_UNCAUGHT_EXCEPTIONS, resource, e));
+		}
+		
+		return new Report(ctx, new ReportItems(accumulator), probeCount); 
+	}
+	
+	@Override
+	public Report run(Resource resource, Map<String, GeneratedObject> parentObjects) {
+		
+		Credential ob = checkNotNull((Credential)parentObjects.get(CREDENTIAL_KEY));
+		
+		ObjectMapper mapper = ObjectMapperCache.get(DEFAULT);
+		JsonPathEvaluator jsonPath = new JsonPathEvaluator(mapper);
+		RunContext ctx = new RunContext.Builder()
+				.put(this)
+				.put(resource)
+				.put(Key.JACKSON_OBJECTMAPPER, mapper)
+				.put(Key.JSONPATH_EVALUATOR, jsonPath)
+				.build();
+		
+		List<ReportItems> accumulator = new ArrayList<>();
+		int probeCount = 0;
+		
+		try {
+		
 			//context and type properties
 			Credential.Type type = Type.OpenBadgeCredential;
 			for(Probe<JsonNode> probe : List.of(new ContextPropertyProbe(type), new TypePropertyProbe(type))) {					
@@ -111,16 +159,17 @@ public class OB30Inspector extends VCInspector {
 			}
 			
 			//credentialSubject 
+			probeCount++;
 			accumulator.add(new CredentialSubjectProbe().run(ob.getJson(), ctx));
 			
 			//signatures, proofs
 			probeCount++;
 			if(ob.getProofType() == EXTERNAL){
 				//The credential originally contained in a JWT, validate the jwt and external proof.
-					accumulator.add(new SignatureVerifierProbe().run(ob, ctx));
+				accumulator.add(new ExternalProofProbe().run(ob, ctx));
 			} else {
 				//The credential not contained in a jwt, must have an internal proof.
-					accumulator.add(new ProofVerifierProbe().run(ob, ctx));					
+				accumulator.add(new EmbeddedProofProbe().run(ob, ctx));					
 			}
 			if(broken(accumulator)) return abort(ctx, accumulator, probeCount);
 										
@@ -137,7 +186,7 @@ public class OB30Inspector extends VCInspector {
 					
 			//revocation, expiration and issuance
 			for(Probe<Credential> probe : List.of(new RevocationListProbe(), 
-						new ExpirationVerifierProbe(), new IssuanceVerifierProbe())) {					
+					new ExpirationProbe(), new IssuanceProbe())) {					
 				probeCount++;
 				accumulator.add(probe.run(ob, ctx));
 				if(broken(accumulator)) return abort(ctx, accumulator, probeCount);
@@ -150,7 +199,7 @@ public class OB30Inspector extends VCInspector {
 			for(JsonNode node : endorsements) {
 				probeCount++;
 				Credential endorsement = new Credential(resource, node);
-					accumulator.add(endorsementInspector.run(resource, Map.of(ENDORSEMENT_KEY, endorsement)));
+				accumulator.add(endorsementInspector.run(resource, Map.of(CREDENTIAL_KEY, endorsement)));
 			}	
 		
 			//embedded jwt endorsements 
@@ -160,13 +209,7 @@ public class OB30Inspector extends VCInspector {
 				String jwt = node.asText();
 				JsonNode vcNode = fromJwt(jwt, ctx);
 				Credential endorsement = new Credential(resource, vcNode, jwt);
-					accumulator.add(endorsementInspector.run(resource, Map.of(ENDORSEMENT_KEY, endorsement)));
+				accumulator.add(endorsementInspector.run(resource, Map.of(CREDENTIAL_KEY, endorsement)));
-				}
-											
-				//finally, run any user-added probes
-				for(Probe<Credential> probe : userProbes) {
-					probeCount++;
-					accumulator.add(probe.run(ob, ctx));
 			}
 			
 		} catch (Exception e) {
@@ -174,6 +217,7 @@ public class OB30Inspector extends VCInspector {
 		}
 		
 		return new Report(ctx, new ReportItems(accumulator), probeCount); 
+		
 	}
 			
 	public static class Builder extends VCInspector.Builder<OB30Inspector.Builder> {
@@ -185,5 +229,4 @@ public class OB30Inspector extends VCInspector {
 			return new OB30Inspector(this);
 		}
 	}	
-	
 }

inspector-vc/src/main/java/org/oneedtech/inspect/vc/VCInspector.java

@@ -28,11 +28,15 @@ public abstract class VCInspector extends Inspector {
 	}
 	
 	protected boolean broken(List<ReportItems> accumulator) {
-		if(getBehavior(Inspector.Behavior.VALIDATOR_FAIL_FAST) == Boolean.FALSE) {
+		return broken(accumulator, false);
+	}
+	
+	protected boolean broken(List<ReportItems> accumulator, boolean force) {
+		if(!force && getBehavior(Inspector.Behavior.VALIDATOR_FAIL_FAST) == Boolean.FALSE) {
 			return false;
 		}
 		for(ReportItems items : accumulator) {
-			if(items.contains(Outcome.FATAL, Outcome.EXCEPTION, Outcome.NOT_RUN)) return true;
+			if(items.contains(Outcome.FATAL, Outcome.EXCEPTION)) return true;
 		}
 		return false;
 	}

inspector-vc/src/main/java/org/oneedtech/inspect/vc/probe/EmbeddedProofProbe.java

@@ -18,10 +18,10 @@ import com.apicatalog.vc.processor.StatusVerifier;
 import jakarta.json.JsonObject;
 
 /**
- * A Probe that verifies a credential's proof.
+ * A Probe that verifies a credential's embedded proof.
  * @author mgylling
  */
-public class ProofVerifierProbe extends Probe<Credential> {
+public class EmbeddedProofProbe extends Probe<Credential> {
 	
 	/*
 	 * Note: using com.apicatalog Iron, we get a generic VC verifier that
@@ -32,7 +32,7 @@ public class ProofVerifierProbe extends Probe<Credential> {
 	 * (aka is not a jwt). 
 	 */
 	
-	public ProofVerifierProbe() {
+	public EmbeddedProofProbe() {
 		super(ID);
 	}
 	
@@ -71,5 +71,5 @@ public class ProofVerifierProbe extends Probe<Credential> {
 		}		
 	}
 	
-	public static final String ID = ProofVerifierProbe.class.getSimpleName(); 
+	public static final String ID = EmbeddedProofProbe.class.getSimpleName(); 
 }

inspector-vc/src/main/java/org/oneedtech/inspect/vc/probe/ExpirationProbe.java

@@ -13,9 +13,9 @@ import com.fasterxml.jackson.databind.JsonNode;
  * A Probe that verifies a credential's expiration status 
  * @author mgylling
  */
-public class ExpirationVerifierProbe extends Probe<Credential> {
+public class ExpirationProbe extends Probe<Credential> {
 	
-	public ExpirationVerifierProbe() {
+	public ExpirationProbe() {
 		super(ID);
 	}
 	
@@ -39,5 +39,5 @@ public class ExpirationVerifierProbe extends Probe<Credential> {
 		return success(ctx);
 	}
 		
-	public static final String ID = ExpirationVerifierProbe.class.getSimpleName(); 
+	public static final String ID = ExpirationProbe.class.getSimpleName(); 
 }

inspector-vc/src/main/java/org/oneedtech/inspect/vc/probe/ExternalProofProbe.java

@@ -36,12 +36,12 @@ import com.fasterxml.jackson.databind.ObjectMapper;
 import com.google.common.base.Splitter;
 
 /**
- * A Probe that verifies credential signatures 
+ * A Probe that verifies credential external proof (jwt) 
  * @author mlyon
  */
-public class SignatureVerifierProbe extends Probe<Credential> {
+public class ExternalProofProbe extends Probe<Credential> {
 	
-	public SignatureVerifierProbe() {
+	public ExternalProofProbe() {
 		super(ID);
 	}
 	
@@ -146,6 +146,6 @@ public class SignatureVerifierProbe extends Probe<Credential> {
         return responseString;
     }
 	
-	public static final String ID = SignatureVerifierProbe.class.getSimpleName();
+	public static final String ID = ExternalProofProbe.class.getSimpleName();
 
 }

inspector-vc/src/main/java/org/oneedtech/inspect/vc/probe/InlineJsonSchemaProbe.java

@@ -38,10 +38,7 @@ public class InlineJsonSchemaProbe extends Probe<JsonNode> {
 		List<ReportItems> accumulator = new ArrayList<>();
 		Set<String> ioErrors = new HashSet<>();		
 
-//		JsonPathEvaluator jsonPath = ctx.get(RunContext.Key.JSONPATH_EVALUATOR);		
+		//note - we don't get deep nested ones in e.g. EndorsementCredential 		
-//		ArrayNode nodes = jsonPath.eval("$..*[?(@.credentialSchema)]", crd.getJson());
-// 		note - we dont get deep nested ones in e.g. EndorsementCredential 
-		
 		JsonNode credentialSchemaNode = root.get("credentialSchema");
 		if(credentialSchemaNode == null) return success(ctx);
 		

inspector-vc/src/main/java/org/oneedtech/inspect/vc/probe/IssuanceProbe.java

@@ -13,9 +13,9 @@ import com.fasterxml.jackson.databind.JsonNode;
  * A Probe that verifies a credential's issuance status 
  * @author mgylling
  */
-public class IssuanceVerifierProbe extends Probe<Credential> {
+public class IssuanceProbe extends Probe<Credential> {
 	
-	public IssuanceVerifierProbe() {
+	public IssuanceProbe() {
 		super(ID);
 	}
 	
@@ -39,5 +39,5 @@ public class IssuanceVerifierProbe extends Probe<Credential> {
 		return success(ctx);
 	}	
 				
-	public static final String ID = IssuanceVerifierProbe.class.getSimpleName(); 
+	public static final String ID = IssuanceProbe.class.getSimpleName(); 
 }

inspector-vc/src/test/java/org/oneedtech/inspect/vc/OB30Tests.java

@@ -11,10 +11,10 @@ import org.oneedtech.inspect.core.probe.json.JsonSchemaProbe;
 import org.oneedtech.inspect.core.report.Report;
 import org.oneedtech.inspect.test.PrintHelper;
 import org.oneedtech.inspect.vc.probe.ContextPropertyProbe;
-import org.oneedtech.inspect.vc.probe.ExpirationVerifierProbe;
+import org.oneedtech.inspect.vc.probe.ExpirationProbe;
 import org.oneedtech.inspect.vc.probe.InlineJsonSchemaProbe;
-import org.oneedtech.inspect.vc.probe.IssuanceVerifierProbe;
+import org.oneedtech.inspect.vc.probe.IssuanceProbe;
-import org.oneedtech.inspect.vc.probe.ProofVerifierProbe;
+import org.oneedtech.inspect.vc.probe.EmbeddedProofProbe;
 import org.oneedtech.inspect.vc.probe.TypePropertyProbe;
 
 import com.google.common.collect.Iterables;
@@ -96,7 +96,7 @@ public class OB30Tests {
 			if(verbose) PrintHelper.print(report, true);
 			assertInvalid(report);
 			assertErrorCount(report, 1);
-			assertHasProbeID(report, ProofVerifierProbe.ID, true);
+			assertHasProbeID(report, EmbeddedProofProbe.ID, true);
 		});	
 	}
 	
@@ -107,7 +107,7 @@ public class OB30Tests {
 			Report report = validator.run(Samples.OB30.JSON.SIMPLE_JSON_EXPIRED.asFileResource());
 			if(verbose) PrintHelper.print(report, true);
 			assertInvalid(report);
-			assertHasProbeID(report, ExpirationVerifierProbe.ID, true);
+			assertHasProbeID(report, ExpirationProbe.ID, true);
 		});	
 	}
 	
@@ -142,7 +142,7 @@ public class OB30Tests {
 			Report report = validator.run(Samples.OB30.JSON.SIMPLE_JSON_ISSUED.asFileResource());
 			if(verbose) PrintHelper.print(report, true);
 			assertInvalid(report);
-			assertHasProbeID(report, IssuanceVerifierProbe.ID, true);
+			assertHasProbeID(report, IssuanceProbe.ID, true);
 		});	
 	}