vta_sdk/protocols/mod.rs
1pub mod acl_management;
2pub mod attestation_management;
3pub mod audit_management;
4pub mod auth;
5pub mod backup_management;
6pub mod context_management;
7pub mod credential_exchange;
8/// Issued-credential lifecycle (`spec/vta/credentials/{issue,revoke}/0.1`) —
9/// mint + revoke a VTA-signed W3C VC addressed to a holder DID.
10pub mod credentials_issuance;
11pub mod did_management;
12pub mod did_template_management;
13pub mod discovery;
14#[cfg(feature = "didcomm")]
15pub mod join_requests;
16pub mod key_management;
17/// Member-side membership-credential exchange (`members/*`) — the member → VTC
18/// reciprocal VMC and the VTC's request for it.
19pub mod members;
20/// Per-context key/value store for AI-agent memory
21/// (`spec/vta/memory/{put,list,delete}/0.1`).
22pub mod memory;
23/// Passkey-based login flow (`vta/auth/passkey-login-{start,finish}/1.0`).
24pub mod passkey_login;
25pub mod protocol_management;
26#[cfg(feature = "provision-integration")]
27pub mod provision_integration_management;
28pub mod seed_management;
29pub mod vta_management;
30
31// Standard DIDComm protocol types used across VTA/VTC services
32pub const PROBLEM_REPORT_TYPE: &str = "https://didcomm.org/report-problem/2.0/problem-report";
33pub const TRUST_PING_TYPE: &str = "https://didcomm.org/trust-ping/2.0/ping";
34pub const MESSAGE_PICKUP_STATUS_TYPE: &str = "https://didcomm.org/messagepickup/3.0/status";
35
36/// Problem-report `code` values emitted by VTA/VTC services. Kept in sync with
37/// the `affinidi_messaging_didcomm_service::problem_report::codes` taxonomy so
38/// the SDK can classify errors without depending on the server-side crate.
39pub mod problem_report_codes {
40 pub const UNAUTHORIZED: &str = "e.p.msg.unauthorized";
41 pub const BAD_REQUEST: &str = "e.p.msg.bad-request";
42 pub const NOT_FOUND: &str = "e.p.msg.not-found";
43 pub const CONFLICT: &str = "e.p.msg.conflict";
44 pub const INTERNAL: &str = "e.p.msg.internal-error";
45 /// Workspace-specific extension to the affinidi taxonomy.
46 /// Distinguishes "permission denied" (caller authenticated but
47 /// lacks the role / context / sender-identity) from
48 /// `unauthorized` (auth failed). Without this, the SDK
49 /// collapses both into `VtaError::Auth` and the CLI prints
50 /// "Token may be expired" — which is misleading when the real
51 /// problem is a privilege-laundering rejection or an ACL miss.
52 pub const FORBIDDEN: &str = "e.p.msg.forbidden";
53 /// Per the canonical `provision/integration/0.1` spec: emitted
54 /// when the caller omits `payload.context` AND the maintainer
55 /// cannot infer a unique target context from the relayer's grant
56 /// or its own contexts state. The problem-report body's `args`
57 /// carries `candidates: Vec<String>` so the relayer can surface
58 /// the list to the operator and retry with an explicit choice.
59 pub const PROVISION_CONTEXT_REQUIRED: &str = "provision/integration:context_required";
60}
61
62/// Extract code and comment from a problem-report message body.
63pub fn extract_problem_report(body: &serde_json::Value) -> (String, String) {
64 let code = body
65 .get("code")
66 .and_then(|v| v.as_str())
67 .unwrap_or("unknown")
68 .to_string();
69 let comment = body
70 .get("comment")
71 .and_then(|v| v.as_str())
72 .unwrap_or("no details provided")
73 .to_string();
74 (code, comment)
75}