//! Generated by `trust-tasks-codegen` — do not edit by hand.
//!
//! Spec slug: `vta/credentials/issue`. Version: `0.1`.
#[allow(unused_imports)]
use serde::{Deserialize, Serialize};
/// Error types.
pub mod error {
/// Error from a `TryFrom` or `FromStr` implementation.
pub struct ConversionError(::std::borrow::Cow<'static, str>);
impl ::std::error::Error for ConversionError {}
impl ::std::fmt::Display for ConversionError {
fn fmt(
&self,
f: &mut ::std::fmt::Formatter<'_>,
) -> Result<(), ::std::fmt::Error> {
::std::fmt::Display::fmt(&self.0, f)
}
}
impl ::std::fmt::Debug for ConversionError {
fn fmt(
&self,
f: &mut ::std::fmt::Formatter<'_>,
) -> Result<(), ::std::fmt::Error> {
::std::fmt::Debug::fmt(&self.0, f)
}
}
impl From<&'static str> for ConversionError {
fn from(value: &'static str) -> Self {
Self(value.into())
}
}
impl From<String> for ConversionError {
fn from(value: String) -> Self {
Self(value.into())
}
}
}
///Vendor-namespaced extension object per SPEC.md §4.5.1. Each immediate key MUST be a reverse-DNS namespace; structure under each namespace is opaque to the framework.
///
/// <details><summary>JSON schema</summary>
///
/// ```json
///{
/// "title": "Ext",
/// "description": "Vendor-namespaced extension object per SPEC.md §4.5.1. Each immediate key MUST be a reverse-DNS namespace; structure under each namespace is opaque to the framework.",
/// "type": "object",
/// "minProperties": 1,
/// "additionalProperties": true,
/// "propertyNames": {
/// "pattern": "^[a-z][a-z0-9-]*(\\.[a-z0-9-]+)+$"
/// }
///}
/// ```
/// </details>
#[derive(::serde::Deserialize, ::serde::Serialize, Clone, Debug)]
#[serde(transparent)]
pub struct Ext(pub ::std::collections::HashMap<ExtKey, ::serde_json::Value>);
impl ::std::ops::Deref for Ext {
type Target = ::std::collections::HashMap<ExtKey, ::serde_json::Value>;
fn deref(&self) -> &::std::collections::HashMap<ExtKey, ::serde_json::Value> {
&self.0
}
}
impl ::std::convert::From<Ext>
for ::std::collections::HashMap<ExtKey, ::serde_json::Value> {
fn from(value: Ext) -> Self {
value.0
}
}
impl ::std::convert::From<::std::collections::HashMap<ExtKey, ::serde_json::Value>>
for Ext {
fn from(value: ::std::collections::HashMap<ExtKey, ::serde_json::Value>) -> Self {
Self(value)
}
}
///`ExtKey`
///
/// <details><summary>JSON schema</summary>
///
/// ```json
///{
/// "type": "string",
/// "pattern": "^[a-z][a-z0-9-]*(\\.[a-z0-9-]+)+$"
///}
/// ```
/// </details>
#[derive(::serde::Serialize, Clone, Debug, Eq, Hash, Ord, PartialEq, PartialOrd)]
#[serde(transparent)]
pub struct ExtKey(::std::string::String);
impl ::std::ops::Deref for ExtKey {
type Target = ::std::string::String;
fn deref(&self) -> &::std::string::String {
&self.0
}
}
impl ::std::convert::From<ExtKey> for ::std::string::String {
fn from(value: ExtKey) -> Self {
value.0
}
}
impl ::std::str::FromStr for ExtKey {
type Err = self::error::ConversionError;
fn from_str(
value: &str,
) -> ::std::result::Result<Self, self::error::ConversionError> {
static PATTERN: ::std::sync::LazyLock<::regress::Regex> = ::std::sync::LazyLock::new(||
{ ::regress::Regex::new("^[a-z][a-z0-9-]*(\\.[a-z0-9-]+)+$").unwrap() });
if PATTERN.find(value).is_none() {
return Err(
"doesn't match pattern \"^[a-z][a-z0-9-]*(\\.[a-z0-9-]+)+$\"".into(),
);
}
Ok(Self(value.to_string()))
}
}
impl ::std::convert::TryFrom<&str> for ExtKey {
type Error = self::error::ConversionError;
fn try_from(
value: &str,
) -> ::std::result::Result<Self, self::error::ConversionError> {
value.parse()
}
}
impl ::std::convert::TryFrom<&::std::string::String> for ExtKey {
type Error = self::error::ConversionError;
fn try_from(
value: &::std::string::String,
) -> ::std::result::Result<Self, self::error::ConversionError> {
value.parse()
}
}
impl ::std::convert::TryFrom<::std::string::String> for ExtKey {
type Error = self::error::ConversionError;
fn try_from(
value: ::std::string::String,
) -> ::std::result::Result<Self, self::error::ConversionError> {
value.parse()
}
}
impl<'de> ::serde::Deserialize<'de> for ExtKey {
fn deserialize<D>(deserializer: D) -> ::std::result::Result<Self, D::Error>
where
D: ::serde::Deserializer<'de>,
{
::std::string::String::deserialize(deserializer)?
.parse()
.map_err(|e: self::error::ConversionError| {
<D::Error as ::serde::de::Error>::custom(e.to_string())
})
}
}
///`Payload`
///
/// <details><summary>JSON schema</summary>
///
/// ```json
///{
/// "$id": "https://trusttasks.org/spec/vta/credentials/issue/0.1",
/// "title": "Payload",
/// "type": "object",
/// "required": [
/// "claims",
/// "holder",
/// "validitySeconds"
/// ],
/// "properties": {
/// "claims": {
/// "description": "The scoped claims to attest — the share's scope. Opaque to the framework; non-empty.",
/// "type": "object",
/// "minProperties": 1
/// },
/// "credentialType": {
/// "description": "Additional credential type beyond VerifiableCredential (e.g. ScopedShareCredential).",
/// "type": "string"
/// },
/// "ext": {
/// "description": "Ecosystem-defined extension members per SPEC.md §4.5.1.",
/// "$ref": "#/definitions/Ext"
/// },
/// "holder": {
/// "description": "DID of the credential's subject/holder (becomes credentialSubject.id).",
/// "type": "string",
/// "pattern": "^did:"
/// },
/// "purpose": {
/// "description": "Optional human-readable rationale, recorded for audit.",
/// "type": "string"
/// },
/// "validitySeconds": {
/// "description": "Credential lifetime in seconds from issuance. The issuer MAY cap this.",
/// "type": "integer",
/// "minimum": 1.0
/// }
/// },
/// "additionalProperties": false
///}
/// ```
/// </details>
#[derive(::serde::Deserialize, ::serde::Serialize, Clone, Debug)]
#[serde(deny_unknown_fields)]
pub struct Payload {
///The scoped claims to attest — the share's scope. Opaque to the framework; non-empty.
pub claims: ::serde_json::Map<::std::string::String, ::serde_json::Value>,
///Additional credential type beyond VerifiableCredential (e.g. ScopedShareCredential).
#[serde(
rename = "credentialType",
default,
skip_serializing_if = "::std::option::Option::is_none"
)]
pub credential_type: ::std::option::Option<::std::string::String>,
///Ecosystem-defined extension members per SPEC.md §4.5.1.
#[serde(default, skip_serializing_if = "::std::option::Option::is_none")]
pub ext: ::std::option::Option<Ext>,
///DID of the credential's subject/holder (becomes credentialSubject.id).
pub holder: PayloadHolder,
///Optional human-readable rationale, recorded for audit.
#[serde(default, skip_serializing_if = "::std::option::Option::is_none")]
pub purpose: ::std::option::Option<::std::string::String>,
///Credential lifetime in seconds from issuance. The issuer MAY cap this.
#[serde(rename = "validitySeconds")]
pub validity_seconds: ::std::num::NonZeroU64,
}
///DID of the credential's subject/holder (becomes credentialSubject.id).
///
/// <details><summary>JSON schema</summary>
///
/// ```json
///{
/// "description": "DID of the credential's subject/holder (becomes credentialSubject.id).",
/// "type": "string",
/// "pattern": "^did:"
///}
/// ```
/// </details>
#[derive(::serde::Serialize, Clone, Debug, Eq, Hash, Ord, PartialEq, PartialOrd)]
#[serde(transparent)]
pub struct PayloadHolder(::std::string::String);
impl ::std::ops::Deref for PayloadHolder {
type Target = ::std::string::String;
fn deref(&self) -> &::std::string::String {
&self.0
}
}
impl ::std::convert::From<PayloadHolder> for ::std::string::String {
fn from(value: PayloadHolder) -> Self {
value.0
}
}
impl ::std::str::FromStr for PayloadHolder {
type Err = self::error::ConversionError;
fn from_str(
value: &str,
) -> ::std::result::Result<Self, self::error::ConversionError> {
static PATTERN: ::std::sync::LazyLock<::regress::Regex> = ::std::sync::LazyLock::new(||
{ ::regress::Regex::new("^did:").unwrap() });
if PATTERN.find(value).is_none() {
return Err("doesn't match pattern \"^did:\"".into());
}
Ok(Self(value.to_string()))
}
}
impl ::std::convert::TryFrom<&str> for PayloadHolder {
type Error = self::error::ConversionError;
fn try_from(
value: &str,
) -> ::std::result::Result<Self, self::error::ConversionError> {
value.parse()
}
}
impl ::std::convert::TryFrom<&::std::string::String> for PayloadHolder {
type Error = self::error::ConversionError;
fn try_from(
value: &::std::string::String,
) -> ::std::result::Result<Self, self::error::ConversionError> {
value.parse()
}
}
impl ::std::convert::TryFrom<::std::string::String> for PayloadHolder {
type Error = self::error::ConversionError;
fn try_from(
value: ::std::string::String,
) -> ::std::result::Result<Self, self::error::ConversionError> {
value.parse()
}
}
impl<'de> ::serde::Deserialize<'de> for PayloadHolder {
fn deserialize<D>(deserializer: D) -> ::std::result::Result<Self, D::Error>
where
D: ::serde::Deserializer<'de>,
{
::std::string::String::deserialize(deserializer)?
.parse()
.map_err(|e: self::error::ConversionError| {
<D::Error as ::serde::de::Error>::custom(e.to_string())
})
}
}
///The success response to a vta/credentials/issue request. Carried in a Trust Task document whose type is https://trusttasks.org/spec/vta/credentials/issue/0.1#response.
///
/// <details><summary>JSON schema</summary>
///
/// ```json
///{
/// "title": "Response",
/// "description": "The success response to a vta/credentials/issue request. Carried in a Trust Task document whose type is https://trusttasks.org/spec/vta/credentials/issue/0.1#response.",
/// "type": "object",
/// "required": [
/// "credential",
/// "credentialId",
/// "expiresAt"
/// ],
/// "properties": {
/// "credential": {
/// "description": "The issued Verifiable Credential (W3C VC Data Model 2.0), signed by the issuing context's key.",
/// "type": "object"
/// },
/// "credentialId": {
/// "description": "Stable identifier for the issued credential — the handle for revocation and audit.",
/// "type": "string"
/// },
/// "expiresAt": {
/// "description": "When the credential's validUntil falls due.",
/// "type": "string",
/// "format": "date-time"
/// },
/// "ext": {
/// "description": "Ecosystem-defined extension members per SPEC.md §4.5.1.",
/// "$ref": "#/definitions/Ext"
/// }
/// },
/// "additionalProperties": false,
/// "$anchor": "response"
///}
/// ```
/// </details>
#[derive(::serde::Deserialize, ::serde::Serialize, Clone, Debug)]
#[serde(deny_unknown_fields)]
pub struct Response {
///The issued Verifiable Credential (W3C VC Data Model 2.0), signed by the issuing context's key.
pub credential: ::serde_json::Map<::std::string::String, ::serde_json::Value>,
///Stable identifier for the issued credential — the handle for revocation and audit.
#[serde(rename = "credentialId")]
pub credential_id: ::std::string::String,
///When the credential's validUntil falls due.
#[serde(rename = "expiresAt")]
pub expires_at: ::chrono::DateTime<::chrono::offset::Utc>,
///Ecosystem-defined extension members per SPEC.md §4.5.1.
#[serde(default, skip_serializing_if = "::std::option::Option::is_none")]
pub ext: ::std::option::Option<Ext>,
}
impl crate::Payload for Payload {
const TYPE_URI: &'static str = "https://trusttasks.org/spec/vta/credentials/issue/0.1";
const IS_PROOF_REQUIRED: bool = true;
const IS_RECIPIENT_REQUIRED: bool = true;
}
impl crate::Payload for Response {
const TYPE_URI: &'static str = "https://trusttasks.org/spec/vta/credentials/issue/0.1#response";
const IS_PROOF_REQUIRED: bool = true;
const IS_RECIPIENT_REQUIRED: bool = true;
}
#[cfg(feature = "validate")]
impl crate::validate::ValidatedPayload for Payload {
const SCHEMA_JSON: &'static str = "{\n \"$defs\": {\n \"Ext\": {\n \"additionalProperties\": true,\n \"description\": \"Vendor-namespaced extension object per SPEC.md §4.5.1. Each immediate key MUST be a reverse-DNS namespace; structure under each namespace is opaque to the framework.\",\n \"minProperties\": 1,\n \"propertyNames\": {\n \"pattern\": \"^[a-z][a-z0-9-]*(\\\\.[a-z0-9-]+)+$\"\n },\n \"title\": \"Ext\",\n \"type\": \"object\"\n },\n \"Response\": {\n \"$anchor\": \"response\",\n \"additionalProperties\": false,\n \"description\": \"The success response to a vta/credentials/issue request. Carried in a Trust Task document whose type is https://trusttasks.org/spec/vta/credentials/issue/0.1#response.\",\n \"properties\": {\n \"credential\": {\n \"description\": \"The issued Verifiable Credential (W3C VC Data Model 2.0), signed by the issuing context's key.\",\n \"type\": \"object\"\n },\n \"credentialId\": {\n \"description\": \"Stable identifier for the issued credential — the handle for revocation and audit.\",\n \"type\": \"string\"\n },\n \"expiresAt\": {\n \"description\": \"When the credential's validUntil falls due.\",\n \"format\": \"date-time\",\n \"type\": \"string\"\n },\n \"ext\": {\n \"$ref\": \"#/$defs/Ext\",\n \"description\": \"Ecosystem-defined extension members per SPEC.md §4.5.1.\"\n }\n },\n \"required\": [\n \"credentialId\",\n \"credential\",\n \"expiresAt\"\n ],\n \"title\": \"VTA Credentials Issue — response payload\",\n \"type\": \"object\"\n }\n },\n \"$id\": \"https://trusttasks.org/spec/vta/credentials/issue/0.1\",\n \"$schema\": \"https://json-schema.org/draft/2020-12/schema\",\n \"additionalProperties\": false,\n \"properties\": {\n \"claims\": {\n \"description\": \"The scoped claims to attest — the share's scope. Opaque to the framework; non-empty.\",\n \"minProperties\": 1,\n \"type\": \"object\"\n },\n \"credentialType\": {\n \"description\": \"Additional credential type beyond VerifiableCredential (e.g. ScopedShareCredential).\",\n \"type\": \"string\"\n },\n \"ext\": {\n \"$ref\": \"#/$defs/Ext\",\n \"description\": \"Ecosystem-defined extension members per SPEC.md §4.5.1.\"\n },\n \"holder\": {\n \"description\": \"DID of the credential's subject/holder (becomes credentialSubject.id).\",\n \"pattern\": \"^did:\",\n \"type\": \"string\"\n },\n \"purpose\": {\n \"description\": \"Optional human-readable rationale, recorded for audit.\",\n \"type\": \"string\"\n },\n \"validitySeconds\": {\n \"description\": \"Credential lifetime in seconds from issuance. The issuer MAY cap this.\",\n \"minimum\": 1,\n \"type\": \"integer\"\n }\n },\n \"required\": [\n \"holder\",\n \"claims\",\n \"validitySeconds\"\n ],\n \"title\": \"VTA Credentials Issue — payload\",\n \"type\": \"object\"\n}\n";
}
#[cfg(test)]
mod conformance {
//! Round-trip tests harvested from the spec's `spec.md`,
//! plus a `rejects_invalid_examples` test for any fixtures
//! in `payload.invalid-examples.json` (validate feature).
#[test]
fn request_example_1() {
const JSON: &str = "{\n \"id\": \"9c2f1a7e-3b44-4e9a-8c21-0f5b2d6a1e90\",\n \"type\": \"https://trusttasks.org/spec/vta/credentials/issue/0.1\",\n \"issuer\": \"did:web:vta.example\",\n \"recipient\": \"did:web:vta.example\",\n \"issuedAt\": \"2026-06-24T10:00:00Z\",\n \"payload\": {\n \"holder\": \"did:key:z6Mkwork-domain-agent\",\n \"credentialType\": \"ScopedShareCredential\",\n \"claims\": {\n \"share\": {\n \"from\": \"finance\",\n \"fields\": [\"invoiceTotal\", \"dueDate\"]\n }\n },\n \"validitySeconds\": 3600,\n \"purpose\": \"Let the work domain reference this month's invoice total.\"\n },\n \"proof\": {\n \"type\": \"DataIntegrityProof\",\n \"cryptosuite\": \"eddsa-jcs-2022\",\n \"verificationMethod\": \"did:web:vta.example#key-1\",\n \"created\": \"2026-06-24T10:00:00Z\",\n \"proofPurpose\": \"assertionMethod\",\n \"proofValue\": \"z3kg...\"\n }\n}\n";
let doc: crate::TrustTask<super::Payload> = serde_json::from_str(JSON)
.expect("deserialize request example");
let rendered = serde_json::to_value(&doc).expect("re-serialize");
let expected: serde_json::Value = serde_json::from_str(JSON)
.expect("re-parse expected");
assert_eq!(rendered, expected, "request example failed round-trip");
}
#[test]
fn response_example_1() {
const JSON: &str = "{\n \"id\": \"1b7d4c90-5e21-4a83-b1f6-2c9e7a30d845\",\n \"type\": \"https://trusttasks.org/spec/vta/credentials/issue/0.1#response\",\n \"issuer\": \"did:web:vta.example\",\n \"recipient\": \"did:web:vta.example\",\n \"issuedAt\": \"2026-06-24T10:00:01Z\",\n \"threadId\": \"9c2f1a7e-3b44-4e9a-8c21-0f5b2d6a1e90\",\n \"payload\": {\n \"credentialId\": \"urn:uuid:c0ffee00-1234-4abc-9def-0123456789ab\",\n \"expiresAt\": \"2026-06-24T11:00:01Z\",\n \"credential\": {\n \"@context\": [\"https://www.w3.org/ns/credentials/v2\"],\n \"id\": \"urn:uuid:c0ffee00-1234-4abc-9def-0123456789ab\",\n \"type\": [\"VerifiableCredential\", \"ScopedShareCredential\"],\n \"issuer\": \"did:web:vta.example\",\n \"validFrom\": \"2026-06-24T10:00:01Z\",\n \"validUntil\": \"2026-06-24T11:00:01Z\",\n \"credentialSubject\": {\n \"id\": \"did:key:z6Mkwork-domain-agent\",\n \"share\": { \"from\": \"finance\", \"fields\": [\"invoiceTotal\", \"dueDate\"] }\n },\n \"proof\": { \"type\": \"DataIntegrityProof\", \"cryptosuite\": \"eddsa-jcs-2022\", \"proofValue\": \"z...\" }\n }\n }\n}\n";
let doc: crate::TrustTask<super::Response> = serde_json::from_str(JSON)
.expect("deserialize response example");
let rendered = serde_json::to_value(&doc).expect("re-serialize");
let expected: serde_json::Value = serde_json::from_str(JSON)
.expect("re-parse expected");
assert_eq!(rendered, expected, "response example failed round-trip");
}
}