fix: js trustchain verification

build.gradle.kts

@@ -92,7 +92,7 @@ fun getNpmVersion(): String {
 
 allprojects {
     group = "com.sphereon.oid.fed"
-    version = "0.4.11-SNAPSHOT"
+    version = "0.4.12-SNAPSHOT"
     val npmVersion by extra { getNpmVersion() }
 
     // Common repository configuration for all projects

modules/openid-federation-client/src/commonMain/kotlin/com/sphereon/oid/fed/client/FederationClient.kt

@@ -60,7 +60,7 @@ class FederationClient(
      * @return A [VerifyTrustChainResponse] object containing the verification result.
      */
     suspend fun trustChainVerify(
-        trustChain: List<String>,
+        trustChain: Array<String>,
         trustAnchor: String?,
         currentTime: Long?
     ): VerifyTrustChainResponse {

modules/openid-federation-client/src/commonMain/kotlin/com/sphereon/oid/fed/client/services/trustChainService/TrustChainService.kt

@@ -37,7 +37,7 @@ class TrustChainService(
      * @see <a href="https://openid.net/specs/openid-federation-1_0.html#section-10.2">OpenID Federation 1.0 - 10.2. Validating a Trust Chain</a>
      */
     suspend fun verify(
-        chain: List<String>,
+        chain: Array<String>,
         trustAnchor: String?,
         currentTime: Long? = null
     ): VerifyTrustChainResponse {
@@ -70,6 +70,7 @@ class TrustChainService(
                 // 2. Verify iat is in the past
                 val iat = statement.payload["iat"]?.jsonPrimitive?.content?.toLongOrNull()
                 logger.debug("Statement $j - Issued at (iat): $iat")
+                logger.debug("Time considered: $timeToUse")
                 if (iat == null || iat > timeToUse) {
                     logger.error("Statement $j has invalid iat: $iat")
                     return VerifyTrustChainResponse(false, "Statement at position $j has invalid iat")
@@ -207,8 +208,7 @@ class TrustChainService(
                     context = mapOf("trustChain" to trustChain.toString())
                 )
 
-                // calculate trust chain exp
-
+                // @TODO calculate trust chain exp
 
                 TrustChainResolveResponse(trustChain, error = false, errorMessage = null)
             } else {
@@ -228,7 +228,7 @@ class TrustChainService(
         cache: SimpleCache<String, String>,
         depth: Int,
         maxDepth: Int
-    ): MutableList<String>? {
+    ): Array<String>? {
         logger.debug("Building trust chain for entity: $entityIdentifier at depth: $depth")
         if (depth == maxDepth) {
             logger.debug("Maximum depth reached: $maxDepth")
@@ -291,7 +291,7 @@ class TrustChainService(
 
             if (result != null) {
                 logger.debug("Successfully built trust chain through authority: $authority")
-                return result
+                return result.toTypedArray()
             }
             logger.debug("Failed to build trust chain through authority: $authority, trying next authority")
         }
@@ -457,7 +457,7 @@ class TrustChainService(
         if (authorityEntityConfiguration.authorityHints?.isNotEmpty() == true) {
             chain.add(subordinateStatementJwt)
             val result = buildTrustChain(authority, trustAnchors, chain, cache, depth, maxDepth)
-            if (result != null) return result
+            if (result != null) return result.toMutableList()
             chain.removeLast()
         }
         return null

modules/openid-federation-client/src/commonMain/kotlin/com/sphereon/oid/fed/client/types/TrustChainResolveResponse.kt

@@ -13,7 +13,7 @@ data class TrustChainResolveResponse(
      * A list of strings representing the resolved trust chain.
      * Each string contains a JWT.
      */
-    val trustChain: List<String>? = null,
+    val trustChain: Array<String>? = null,
 
     /**
      * Indicates whether the resolve operation was successful.
@@ -24,4 +24,27 @@ data class TrustChainResolveResponse(
      * Error message in case of a failure, if any.
      */
     val errorMessage: String? = null
-)
+) {
+    override fun equals(other: Any?): Boolean {
+        if (this === other) return true
+        if (other == null || this::class != other::class) return false
+
+        other as TrustChainResolveResponse
+
+        if (error != other.error) return false
+        if (trustChain != null) {
+            if (other.trustChain == null) return false
+            if (!trustChain.contentEquals(other.trustChain)) return false
+        } else if (other.trustChain != null) return false
+        if (errorMessage != other.errorMessage) return false
+
+        return true
+    }
+
+    override fun hashCode(): Int {
+        var result = error.hashCode()
+        result = 31 * result + (trustChain?.contentHashCode() ?: 0)
+        result = 31 * result + (errorMessage?.hashCode() ?: 0)
+        return result
+    }
+}

modules/openid-federation-client/src/commonTest/kotlin/com/sphereon/oid/fed/client/services/trustChainService/TrustChainServiceTest.kt

@@ -130,7 +130,7 @@ class TrustChainServiceTest {
 
         // Test with empty chain
         val emptyChainResponse = client.trustChainVerify(
-            emptyList(),
+            emptyArray(),
             "https://oidc.registry.servizicie.interno.gov.it",
             1728346615
         )
@@ -140,7 +140,7 @@ class TrustChainServiceTest {
 
         // Test with wrong trust anchor
         val wrongAnchorResponse = client.trustChainVerify(
-            resolveResponse.trustChain ?: emptyList(),
+            resolveResponse.trustChain ?: emptyArray(),
             "https://wrong.trust.anchor",
             1728346615
         )

modules/openid-federation-client/src/jsMain/kotlin/com/sphereon/oid/fed/client/FederationClient.js.kt

@@ -75,7 +75,7 @@ class FederationClientJS(
     ): Promise<VerifyTrustChainResponse> {
         return scope.promise {
             trustChainService.verify(
-                trustChain.toList(),
+                trustChain,
                 trustAnchor,
                 currentTime?.toLong()
             )

modules/services/src/commonMain/kotlin/com/sphereon/oid/fed/services/ResolveService.kt

@@ -60,7 +60,7 @@ class ResolveService(
                 exp = (currentTime + 3600 * 24).toString(), // 24 hours expiration
                 metadata = filteredMetadata,
                 trustMarks = trustMarks,
-                trustChain = trustChainResolution.trustChain!!.toTypedArray()
+                trustChain = trustChainResolution.trustChain
             )
             logger.debug("Successfully built resolve response")
             return response