feat: refresh service (#1745)

* feat: basic logic for refresh * feat: credential issuer * fix: compose tests * fix: test for prepare credentials * feat: basic endpoints * feat: compile * feat: check for update * feat: steps * feat: more logic * feat: more changes * feat: refactor wallet-cli * feat: split to refresh endpoint * feat: basic split to service * feat: migrate * feat: more refactor * fix: lint * feat: base tests * fix: more tests * feat: add basic tests * fix: compose plugin * fix: apt * feat: dind * feat: more tests * feat: more tests * fix: doc loader * feat: set default refresh service * feat: more refresh tests * feat: more tests * feat: more refresh logic * feat: more tests * fix: mocks * feat: update vc
trustbloc · Aug 13, 2024 · 31e1ba6 · 31e1ba6
1 parent 3d511ee
commit 31e1ba6
Show file tree

Hide file tree

Showing 103 changed files with 5,572 additions and 1,777 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -56,14 +56,15 @@ jobs:
           verbose: true
 
   BDDTest:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-latest
     timeout-minutes: 30
     steps:
       - uses: actions/checkout@v4
       - name: Set up Go
         uses: actions/setup-go@v2
         with:
           go-version: '${{ env.GO_VERSION }}'
+      - run: sudo apt-get update && sudo apt install docker-compose -y
       - name: Run BDD tests
         run: |
           echo '127.0.0.1 file-server.trustbloc.local' | sudo tee -a /etc/hosts

diff --git a/Makefile b/Makefile
@@ -18,7 +18,7 @@ ALPINE_IMAGE 	?=alpine
 OPENSSL_IMAGE ?=frapsoft/openssl
 GOPROXY ?= https://proxy.golang.org
 
-VC_FRAMEWORK_VERSION				= 8cb417a4df0f7f7fcc18ab023c800c01c41b653f
+VC_FRAMEWORK_VERSION				= c7c2ade0e1fc839f572fbfd760ab846f3467acca
 KMS_FRAMEWORK_VERSION 				= 59c2830d27fd44f9a3a663242a4aa61544ce622e
 DID_GO_VERSION						= aa500e57d8bdf51c90c20d3a6c815fdc76f716c3
 SIDE_TREE_VERSION							= f4260aff710479ba5fa3f0c61b51d451d9041225

diff --git a/api/spec/openapi.gen.go b/api/spec/openapi.gen.go
diff --git a/cmd/vc-rest/go.mod b/cmd/vc-rest/go.mod
@@ -22,10 +22,10 @@ require (
 	github.com/spf13/cobra v1.7.0
 	github.com/stretchr/testify v1.8.4
 	github.com/trustbloc/cmdutil-go v1.0.0
-	github.com/trustbloc/did-go v1.2.1
+	github.com/trustbloc/did-go v1.2.2-0.20240812150654-c7d31e666f96
 	github.com/trustbloc/logutil-go v1.0.0
 	github.com/trustbloc/sidetree-go v1.0.1-0.20240219121130-f4260aff7104
-	github.com/trustbloc/vc-go v1.1.3-0.20240723144917-8cb417a4df0f
+	github.com/trustbloc/vc-go v1.1.3-0.20240813130343-c7c2ade0e1fc
 	github.com/trustbloc/vcs v0.0.0
 	github.com/trustbloc/vcs/component/credentialstatus v0.0.0-00010101000000-000000000000
 	github.com/trustbloc/vcs/component/echo v0.0.0-00010101000000-000000000000

diff --git a/cmd/vc-rest/go.sum b/cmd/vc-rest/go.sum
@@ -588,16 +588,16 @@ github.com/trustbloc/bbs-signature-go v1.0.2 h1:gepEsbLiZHv/vva9FKG5gF38mGtOIyGe
 github.com/trustbloc/bbs-signature-go v1.0.2/go.mod h1:xYotcXHAbcE0TO+SteW0J6XI3geQaXq4wdnXR2k+XCU=
 github.com/trustbloc/cmdutil-go v1.0.0 h1:QCe7wVEIASWmy9ZDD0l0tsQCEsX6fx+kBFX5UqCVRdk=
 github.com/trustbloc/cmdutil-go v1.0.0/go.mod h1:o/v7C1z6d/5UrjaC6GAUc1hk0XVuE3M4tpyvsMMUw5k=
-github.com/trustbloc/did-go v1.2.1 h1:SEOmPX+x2JlE6+jjjJp82yCCusoJ4/67zQ2ST6ytfSc=
-github.com/trustbloc/did-go v1.2.1/go.mod h1:packTRoBoo8DrwOE7QKsI98xXS3Vf6ovUXYD4FUAcB4=
+github.com/trustbloc/did-go v1.2.2-0.20240812150654-c7d31e666f96 h1:LpX6reFIcahgTxuDLrV9yro1gENtXQLv2NsneX5hWkc=
+github.com/trustbloc/did-go v1.2.2-0.20240812150654-c7d31e666f96/go.mod h1:packTRoBoo8DrwOE7QKsI98xXS3Vf6ovUXYD4FUAcB4=
 github.com/trustbloc/kms-go v1.1.2 h1:nAlhDoHkSyX1eQFRz/sJsdgmJuNadyX7FJEy/9ROwys=
 github.com/trustbloc/kms-go v1.1.2/go.mod h1:OKOtsLbE6W5s4mpjWkvk8XEqcmt9vTgVmDNkHELpWO0=
 github.com/trustbloc/logutil-go v1.0.0 h1:KzNs9TRbnmn+M3oYw9UkrtOjNd3ZGO8aLgfYttMypcE=
 github.com/trustbloc/logutil-go v1.0.0/go.mod h1:JlxT0oZfNKgIlSNtgc001WEeDMxlnAvOM43gNm8DQVc=
 github.com/trustbloc/sidetree-go v1.0.1-0.20240219121130-f4260aff7104 h1:0IW4muaGvhjJ4OkG6/PQG3DGf5POWxlA1wwEYsxWQ+4=
 github.com/trustbloc/sidetree-go v1.0.1-0.20240219121130-f4260aff7104/go.mod h1:3yChjB5KOT7B9eZe0W1XaIx3MNUuC1Oe9nR/GCtI1W0=
-github.com/trustbloc/vc-go v1.1.3-0.20240723144917-8cb417a4df0f h1:v/Gf89EK2vCk2uj9bK+zmoTAQiJEXH9I2p3fYBiNLrg=
-github.com/trustbloc/vc-go v1.1.3-0.20240723144917-8cb417a4df0f/go.mod h1:7GkmcXtK5FNbfxypAZAVg8eM9PVnGJ/lmQo7gQgsjKk=
+github.com/trustbloc/vc-go v1.1.3-0.20240813130343-c7c2ade0e1fc h1:6/AZPtL61aybL8FsAgZBtaq89zX4ahgRqa20aEKP1fk=
+github.com/trustbloc/vc-go v1.1.3-0.20240813130343-c7c2ade0e1fc/go.mod h1:l70VUyzJ+jAxGSlS+V8jiP5GnVcxFfV4bPxJ0grlu14=
 github.com/ugorji/go v1.1.7/go.mod h1:kZn38zHttfInRq0xu/PH0az30d+z6vm202qpg1oXVMw=
 github.com/ugorji/go v1.2.7/go.mod h1:nF9osbDWLy6bDVv/Rtoh6QgnvNDpmCalQV5urGCCS6M=
 github.com/ugorji/go/codec v1.1.7/go.mod h1:Ax+UKWsSmolVDwsd+7N3ZtXu+yMGCf907BLYF3GoBXY=

diff --git a/cmd/vc-rest/startcmd/start.go b/cmd/vc-rest/startcmd/start.go
@@ -81,6 +81,7 @@ import (
 	"github.com/trustbloc/vcs/pkg/restapi/v1/mw"
 	oidc4civ1 "github.com/trustbloc/vcs/pkg/restapi/v1/oidc4ci"
 	oidc4vpv1 "github.com/trustbloc/vcs/pkg/restapi/v1/oidc4vp"
+	"github.com/trustbloc/vcs/pkg/restapi/v1/refresh"
 	verifierv1 "github.com/trustbloc/vcs/pkg/restapi/v1/verifier"
 	"github.com/trustbloc/vcs/pkg/restapi/v1/version"
 	"github.com/trustbloc/vcs/pkg/service/clientidscheme"
@@ -90,6 +91,7 @@ import (
 	"github.com/trustbloc/vcs/pkg/service/issuecredential"
 	"github.com/trustbloc/vcs/pkg/service/oidc4ci"
 	"github.com/trustbloc/vcs/pkg/service/oidc4vp"
+	refresh2 "github.com/trustbloc/vcs/pkg/service/refresh"
 	"github.com/trustbloc/vcs/pkg/service/requestobject"
 	"github.com/trustbloc/vcs/pkg/service/trustregistry"
 	"github.com/trustbloc/vcs/pkg/service/verifycredential"
@@ -702,6 +704,11 @@ func buildEchoHandler(
 		ProfileSvc: issuerProfileSvc,
 	})
 
+	prepareCredentialSvc := issuecredential.NewPrepareCredentialService(&issuecredential.PrepareCredentialServiceConfig{
+		VcsAPIURL: conf.StartupParameters.hostURLExternal,
+		Composer:  issuecredential.NewCredentialComposer(),
+	})
+
 	oidc4ciService, err = oidc4ci.NewService(&oidc4ci.Config{
 		TransactionStore:              oidc4ciTransactionStore,
 		ClaimDataStore:                oidc4ciClaimDataStore,
@@ -720,8 +727,8 @@ func buildEchoHandler(
 		JSONSchemaValidator:           jsonSchemaValidator,
 		TrustRegistry:                 trustRegistryService,
 		AckService:                    ackService,
-		Composer:                      oidc4ci.NewCredentialComposer(),
 		DocumentLoader:                documentLoader,
+		PrepareCredential:             prepareCredentialSvc,
 	})
 	if err != nil {
 		return nil, fmt.Errorf("failed to instantiate new oidc4ci service: %w", err)
@@ -824,6 +831,30 @@ func buildEchoHandler(
 		)
 	}
 
+	var verifyPresentationSvc verifypresentation.ServiceInterface
+
+	verifyPresentationSvc = verifypresentation.New(&verifypresentation.Config{
+		VcVerifier:     verifyCredentialSvc,
+		DocumentLoader: documentLoader,
+		VDR:            conf.VDR,
+	})
+
+	if conf.IsTraceEnabled {
+		verifyPresentationSvc = verifypresentationtracing.Wrap(verifyPresentationSvc, conf.Tracer)
+	}
+
+	refreshService := refresh2.NewRefreshService(&refresh2.Config{
+		VcsAPIURL:              conf.StartupParameters.apiGatewayURL,
+		TxStore:                oidc4ciTransactionStore,
+		ClaimsStore:            oidc4ciClaimDataStore,
+		DataProtector:          claimsDataProtector,
+		PresentationVerifier:   verifyPresentationSvc,
+		CredentialIssuer:       prepareCredentialSvc,
+		IssueCredentialService: issueCredentialSvc,
+		EventPublisher:         eventSvc,
+		EventTopic:             conf.StartupParameters.issuerEventTopic,
+	})
+
 	oidc4civ1.RegisterHandlers(e, oidc4civ1.NewController(&oidc4civ1.Config{
 		OAuth2Provider:          oauthProvider,
 		StateStore:              oidc4ciStateStore,
@@ -845,6 +876,14 @@ func buildEchoHandler(
 		LDPProofParser:          oidc4civ1.NewDefaultLDPProofParser(),
 	}))
 
+	refresh.RegisterHandlers(e, refresh.NewController(&refresh.Config{
+		RefreshService:      refreshService,
+		ProfileService:      issuerProfileSvc,
+		ProofChecker:        proofChecker,
+		DocumentLoader:      documentLoader,
+		IssuerVCSPublicHost: conf.StartupParameters.hostURLExternal,
+	}))
+
 	oidc4vpv1.RegisterHandlers(e, oidc4vpv1.NewController(&oidc4vpv1.Config{
 		HTTPClient:      getHTTPClient(metricsProvider.ClientOIDC4PV1),
 		ExternalHostURL: conf.StartupParameters.hostURLExternal, // use host external as this url will be called internally
@@ -864,6 +903,7 @@ func buildEchoHandler(
 		Tracer:                         conf.Tracer,
 		OpenidIssuerConfigProvider:     openidCredentialIssuerConfigProviderSvc,
 		JSONSchemaValidator:            jsonSchemaValidator,
+		CredentialRefreshService:       refreshService,
 	}))
 
 	// Verifier Profile Management API
@@ -878,18 +918,6 @@ func buildEchoHandler(
 		return nil, err
 	}
 
-	var verifyPresentationSvc verifypresentation.ServiceInterface
-
-	verifyPresentationSvc = verifypresentation.New(&verifypresentation.Config{
-		VcVerifier:     verifyCredentialSvc,
-		DocumentLoader: documentLoader,
-		VDR:            conf.VDR,
-	})
-
-	if conf.IsTraceEnabled {
-		verifyPresentationSvc = verifypresentationtracing.Wrap(verifyPresentationSvc, conf.Tracer)
-	}
-
 	oidc4vpTxStore, err := getOIDC4VPTxStore(
 		conf.StartupParameters.transientDataParams.storeType,
 		redisClient,

diff --git a/component/credentialstatus/go.mod b/component/credentialstatus/go.mod
@@ -14,11 +14,11 @@ require (
 	github.com/piprate/json-gold v0.5.1-0.20230111113000-6ddbe6e6f19f
 	github.com/spf13/cobra v1.7.0
 	github.com/stretchr/testify v1.8.4
-	github.com/trustbloc/did-go v1.2.1
+	github.com/trustbloc/did-go v1.2.2-0.20240812150654-c7d31e666f96
 	github.com/trustbloc/kms-go v1.1.2
 	github.com/trustbloc/logutil-go v1.0.0
 	github.com/trustbloc/sidetree-go v1.0.1-0.20240219121130-f4260aff7104
-	github.com/trustbloc/vc-go v1.1.3-0.20240723144917-8cb417a4df0f
+	github.com/trustbloc/vc-go v1.1.3-0.20240813130343-c7c2ade0e1fc
 	github.com/trustbloc/vcs v0.0.0-00010101000000-000000000000
 )
 

diff --git a/component/credentialstatus/go.sum b/component/credentialstatus/go.sum
@@ -447,16 +447,16 @@ github.com/tidwall/sjson v1.2.5 h1:kLy8mja+1c9jlljvWTlSazM7cKDRfJuR/bOJhcY5NcY=
 github.com/tidwall/sjson v1.2.5/go.mod h1:Fvgq9kS/6ociJEDnK0Fk1cpYF4FIW6ZF7LAe+6jwd28=
 github.com/trustbloc/bbs-signature-go v1.0.2 h1:gepEsbLiZHv/vva9FKG5gF38mGtOIyGez7desZxiI1o=
 github.com/trustbloc/bbs-signature-go v1.0.2/go.mod h1:xYotcXHAbcE0TO+SteW0J6XI3geQaXq4wdnXR2k+XCU=
-github.com/trustbloc/did-go v1.2.1 h1:SEOmPX+x2JlE6+jjjJp82yCCusoJ4/67zQ2ST6ytfSc=
-github.com/trustbloc/did-go v1.2.1/go.mod h1:packTRoBoo8DrwOE7QKsI98xXS3Vf6ovUXYD4FUAcB4=
+github.com/trustbloc/did-go v1.2.2-0.20240812150654-c7d31e666f96 h1:LpX6reFIcahgTxuDLrV9yro1gENtXQLv2NsneX5hWkc=
+github.com/trustbloc/did-go v1.2.2-0.20240812150654-c7d31e666f96/go.mod h1:packTRoBoo8DrwOE7QKsI98xXS3Vf6ovUXYD4FUAcB4=
 github.com/trustbloc/kms-go v1.1.2 h1:nAlhDoHkSyX1eQFRz/sJsdgmJuNadyX7FJEy/9ROwys=
 github.com/trustbloc/kms-go v1.1.2/go.mod h1:OKOtsLbE6W5s4mpjWkvk8XEqcmt9vTgVmDNkHELpWO0=
 github.com/trustbloc/logutil-go v1.0.0 h1:KzNs9TRbnmn+M3oYw9UkrtOjNd3ZGO8aLgfYttMypcE=
 github.com/trustbloc/logutil-go v1.0.0/go.mod h1:JlxT0oZfNKgIlSNtgc001WEeDMxlnAvOM43gNm8DQVc=
 github.com/trustbloc/sidetree-go v1.0.1-0.20240219121130-f4260aff7104 h1:0IW4muaGvhjJ4OkG6/PQG3DGf5POWxlA1wwEYsxWQ+4=
 github.com/trustbloc/sidetree-go v1.0.1-0.20240219121130-f4260aff7104/go.mod h1:3yChjB5KOT7B9eZe0W1XaIx3MNUuC1Oe9nR/GCtI1W0=
-github.com/trustbloc/vc-go v1.1.3-0.20240723144917-8cb417a4df0f h1:v/Gf89EK2vCk2uj9bK+zmoTAQiJEXH9I2p3fYBiNLrg=
-github.com/trustbloc/vc-go v1.1.3-0.20240723144917-8cb417a4df0f/go.mod h1:7GkmcXtK5FNbfxypAZAVg8eM9PVnGJ/lmQo7gQgsjKk=
+github.com/trustbloc/vc-go v1.1.3-0.20240813130343-c7c2ade0e1fc h1:6/AZPtL61aybL8FsAgZBtaq89zX4ahgRqa20aEKP1fk=
+github.com/trustbloc/vc-go v1.1.3-0.20240813130343-c7c2ade0e1fc/go.mod h1:l70VUyzJ+jAxGSlS+V8jiP5GnVcxFfV4bPxJ0grlu14=
 github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw=
 github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc=
 github.com/valyala/fasttemplate v1.2.1 h1:TVEnxayobAdVkhQfrfes2IzOB6o+z4roRkPF52WA1u4=

diff --git a/component/event/go.mod b/component/event/go.mod
@@ -13,7 +13,7 @@ require (
 	github.com/stretchr/testify v1.8.4
 	github.com/trustbloc/cmdutil-go v1.0.0
 	github.com/trustbloc/logutil-go v1.0.0
-	github.com/trustbloc/vc-go v1.1.3-0.20240723144917-8cb417a4df0f
+	github.com/trustbloc/vc-go v1.1.3-0.20240813130343-c7c2ade0e1fc
 	github.com/trustbloc/vcs v0.0.0-00010101000000-000000000000
 	go.opentelemetry.io/otel/trace v1.22.0
 )
@@ -110,7 +110,7 @@ require (
 	github.com/tidwall/pretty v1.2.1 // indirect
 	github.com/tidwall/sjson v1.2.5 // indirect
 	github.com/trustbloc/bbs-signature-go v1.0.2 // indirect
-	github.com/trustbloc/did-go v1.2.1 // indirect
+	github.com/trustbloc/did-go v1.2.2-0.20240812150654-c7d31e666f96 // indirect
 	github.com/trustbloc/kms-go v1.1.2 // indirect
 	github.com/valyala/bytebufferpool v1.0.0 // indirect
 	github.com/valyala/fasttemplate v1.2.1 // indirect

diff --git a/component/event/go.sum b/component/event/go.sum
@@ -433,14 +433,14 @@ github.com/trustbloc/bbs-signature-go v1.0.2 h1:gepEsbLiZHv/vva9FKG5gF38mGtOIyGe
 github.com/trustbloc/bbs-signature-go v1.0.2/go.mod h1:xYotcXHAbcE0TO+SteW0J6XI3geQaXq4wdnXR2k+XCU=
 github.com/trustbloc/cmdutil-go v1.0.0 h1:QCe7wVEIASWmy9ZDD0l0tsQCEsX6fx+kBFX5UqCVRdk=
 github.com/trustbloc/cmdutil-go v1.0.0/go.mod h1:o/v7C1z6d/5UrjaC6GAUc1hk0XVuE3M4tpyvsMMUw5k=
-github.com/trustbloc/did-go v1.2.1 h1:SEOmPX+x2JlE6+jjjJp82yCCusoJ4/67zQ2ST6ytfSc=
-github.com/trustbloc/did-go v1.2.1/go.mod h1:packTRoBoo8DrwOE7QKsI98xXS3Vf6ovUXYD4FUAcB4=
+github.com/trustbloc/did-go v1.2.2-0.20240812150654-c7d31e666f96 h1:LpX6reFIcahgTxuDLrV9yro1gENtXQLv2NsneX5hWkc=
+github.com/trustbloc/did-go v1.2.2-0.20240812150654-c7d31e666f96/go.mod h1:packTRoBoo8DrwOE7QKsI98xXS3Vf6ovUXYD4FUAcB4=
 github.com/trustbloc/kms-go v1.1.2 h1:nAlhDoHkSyX1eQFRz/sJsdgmJuNadyX7FJEy/9ROwys=
 github.com/trustbloc/kms-go v1.1.2/go.mod h1:OKOtsLbE6W5s4mpjWkvk8XEqcmt9vTgVmDNkHELpWO0=
 github.com/trustbloc/logutil-go v1.0.0 h1:KzNs9TRbnmn+M3oYw9UkrtOjNd3ZGO8aLgfYttMypcE=
 github.com/trustbloc/logutil-go v1.0.0/go.mod h1:JlxT0oZfNKgIlSNtgc001WEeDMxlnAvOM43gNm8DQVc=
-github.com/trustbloc/vc-go v1.1.3-0.20240723144917-8cb417a4df0f h1:v/Gf89EK2vCk2uj9bK+zmoTAQiJEXH9I2p3fYBiNLrg=
-github.com/trustbloc/vc-go v1.1.3-0.20240723144917-8cb417a4df0f/go.mod h1:7GkmcXtK5FNbfxypAZAVg8eM9PVnGJ/lmQo7gQgsjKk=
+github.com/trustbloc/vc-go v1.1.3-0.20240813130343-c7c2ade0e1fc h1:6/AZPtL61aybL8FsAgZBtaq89zX4ahgRqa20aEKP1fk=
+github.com/trustbloc/vc-go v1.1.3-0.20240813130343-c7c2ade0e1fc/go.mod h1:l70VUyzJ+jAxGSlS+V8jiP5GnVcxFfV4bPxJ0grlu14=
 github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw=
 github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc=
 github.com/valyala/fasttemplate v1.2.1 h1:TVEnxayobAdVkhQfrfes2IzOB6o+z4roRkPF52WA1u4=

diff --git a/component/profile/reader/file/go.mod b/component/profile/reader/file/go.mod
@@ -13,7 +13,7 @@ require (
 	github.com/spf13/cobra v1.7.0
 	github.com/stretchr/testify v1.8.4
 	github.com/trustbloc/cmdutil-go v1.0.0
-	github.com/trustbloc/did-go v1.2.1
+	github.com/trustbloc/did-go v1.2.2-0.20240812150654-c7d31e666f96
 	github.com/trustbloc/kms-go v1.1.2
 	github.com/trustbloc/logutil-go v1.0.0
 	github.com/trustbloc/sidetree-go v1.0.1-0.20240219121130-f4260aff7104
@@ -120,7 +120,7 @@ require (
 	github.com/tidwall/pretty v1.2.1 // indirect
 	github.com/tidwall/sjson v1.2.5 // indirect
 	github.com/trustbloc/bbs-signature-go v1.0.2 // indirect
-	github.com/trustbloc/vc-go v1.1.3-0.20240723144917-8cb417a4df0f // indirect
+	github.com/trustbloc/vc-go v1.1.3-0.20240813130343-c7c2ade0e1fc // indirect
 	github.com/valyala/bytebufferpool v1.0.0 // indirect
 	github.com/valyala/fasttemplate v1.2.1 // indirect
 	github.com/veraison/go-cose v1.1.1-0.20240126165338-2300d5c96dbd // indirect

diff --git a/component/profile/reader/file/go.sum b/component/profile/reader/file/go.sum
@@ -451,16 +451,16 @@ github.com/trustbloc/bbs-signature-go v1.0.2 h1:gepEsbLiZHv/vva9FKG5gF38mGtOIyGe
 github.com/trustbloc/bbs-signature-go v1.0.2/go.mod h1:xYotcXHAbcE0TO+SteW0J6XI3geQaXq4wdnXR2k+XCU=
 github.com/trustbloc/cmdutil-go v1.0.0 h1:QCe7wVEIASWmy9ZDD0l0tsQCEsX6fx+kBFX5UqCVRdk=
 github.com/trustbloc/cmdutil-go v1.0.0/go.mod h1:o/v7C1z6d/5UrjaC6GAUc1hk0XVuE3M4tpyvsMMUw5k=
-github.com/trustbloc/did-go v1.2.1 h1:SEOmPX+x2JlE6+jjjJp82yCCusoJ4/67zQ2ST6ytfSc=
-github.com/trustbloc/did-go v1.2.1/go.mod h1:packTRoBoo8DrwOE7QKsI98xXS3Vf6ovUXYD4FUAcB4=
+github.com/trustbloc/did-go v1.2.2-0.20240812150654-c7d31e666f96 h1:LpX6reFIcahgTxuDLrV9yro1gENtXQLv2NsneX5hWkc=
+github.com/trustbloc/did-go v1.2.2-0.20240812150654-c7d31e666f96/go.mod h1:packTRoBoo8DrwOE7QKsI98xXS3Vf6ovUXYD4FUAcB4=
 github.com/trustbloc/kms-go v1.1.2 h1:nAlhDoHkSyX1eQFRz/sJsdgmJuNadyX7FJEy/9ROwys=
 github.com/trustbloc/kms-go v1.1.2/go.mod h1:OKOtsLbE6W5s4mpjWkvk8XEqcmt9vTgVmDNkHELpWO0=
 github.com/trustbloc/logutil-go v1.0.0 h1:KzNs9TRbnmn+M3oYw9UkrtOjNd3ZGO8aLgfYttMypcE=
 github.com/trustbloc/logutil-go v1.0.0/go.mod h1:JlxT0oZfNKgIlSNtgc001WEeDMxlnAvOM43gNm8DQVc=
 github.com/trustbloc/sidetree-go v1.0.1-0.20240219121130-f4260aff7104 h1:0IW4muaGvhjJ4OkG6/PQG3DGf5POWxlA1wwEYsxWQ+4=
 github.com/trustbloc/sidetree-go v1.0.1-0.20240219121130-f4260aff7104/go.mod h1:3yChjB5KOT7B9eZe0W1XaIx3MNUuC1Oe9nR/GCtI1W0=
-github.com/trustbloc/vc-go v1.1.3-0.20240723144917-8cb417a4df0f h1:v/Gf89EK2vCk2uj9bK+zmoTAQiJEXH9I2p3fYBiNLrg=
-github.com/trustbloc/vc-go v1.1.3-0.20240723144917-8cb417a4df0f/go.mod h1:7GkmcXtK5FNbfxypAZAVg8eM9PVnGJ/lmQo7gQgsjKk=
+github.com/trustbloc/vc-go v1.1.3-0.20240813130343-c7c2ade0e1fc h1:6/AZPtL61aybL8FsAgZBtaq89zX4ahgRqa20aEKP1fk=
+github.com/trustbloc/vc-go v1.1.3-0.20240813130343-c7c2ade0e1fc/go.mod h1:l70VUyzJ+jAxGSlS+V8jiP5GnVcxFfV4bPxJ0grlu14=
 github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw=
 github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc=
 github.com/valyala/fasttemplate v1.2.1 h1:TVEnxayobAdVkhQfrfes2IzOB6o+z4roRkPF52WA1u4=

diff --git a/component/profile/reader/file/reader_test.go b/component/profile/reader/file/reader_test.go
@@ -1,6 +1,5 @@
 /*
 Copyright Gen Digital Inc. All Rights Reserved.
-
 SPDX-License-Identifier: Apache-2.0
 */
 

diff --git a/component/wallet-cli/cmd/refresh_cmd.go b/component/wallet-cli/cmd/refresh_cmd.go
@@ -0,0 +1,100 @@
+package cmd
+
+import (
+	"context"
+	"fmt"
+	"net/http"
+	"net/url"
+
+	"github.com/henvic/httpretty"
+	"github.com/spf13/cobra"
+
+	"github.com/trustbloc/vcs/component/wallet-cli/internal/formatter"
+	"github.com/trustbloc/vcs/component/wallet-cli/pkg/refresh"
+)
+
+type refreshCommandFlags struct {
+	serviceFlags   *walletFlags
+	proxyURL       string
+	enableTracing  bool
+	walletDIDIndex int
+}
+
+func NewRefreshCmd() *cobra.Command {
+	flags := &refreshCommandFlags{
+		serviceFlags: &walletFlags{},
+	}
+
+	return &cobra.Command{
+		Use:   "refresh",
+		Short: "Refresh credential",
+		Long:  "Refresh credential",
+		RunE: func(cmd *cobra.Command, args []string) error {
+			w, svc, err := initWallet(flags.serviceFlags)
+			if err != nil {
+				return fmt.Errorf("init wallet: %w", err)
+			}
+
+			httpTransport := &http.Transport{
+				TLSClientConfig: svc.TLSConfig(),
+			}
+
+			if flags.proxyURL != "" {
+				proxyURL, parseErr := url.Parse(flags.proxyURL)
+				if parseErr != nil {
+					return fmt.Errorf("parse proxy url: %w", parseErr)
+				}
+
+				httpTransport.Proxy = http.ProxyURL(proxyURL)
+			}
+
+			httpClient := &http.Client{
+				Transport: httpTransport,
+			}
+
+			if flags.enableTracing {
+				httpLogger := &httpretty.Logger{
+					RequestHeader:   true,
+					RequestBody:     true,
+					ResponseHeader:  true,
+					ResponseBody:    true,
+					SkipSanitize:    true,
+					Colors:          true,
+					SkipRequestInfo: true,
+					Formatters:      []httpretty.Formatter{&httpretty.JSONFormatter{}, &formatter.JWTFormatter{}},
+					MaxResponseBody: 1e+7,
+				}
+
+				httpClient.Transport = httpLogger.RoundTripper(httpClient.Transport)
+			}
+			var walletDIDIndex int
+
+			if flags.walletDIDIndex != -1 {
+				walletDIDIndex = flags.walletDIDIndex
+			} else {
+				walletDIDIndex = len(w.DIDs()) - 1
+			}
+
+			provider := &oidc4vpProvider{
+				storageProvider: svc.StorageProvider(),
+				httpClient:      httpClient,
+				documentLoader:  svc.DocumentLoader(),
+				vdrRegistry:     svc.VDR(),
+				cryptoSuite:     svc.CryptoSuite(),
+				wallet:          w,
+			}
+
+			var flow *refresh.Flow
+
+			opts := []refresh.Opt{
+				refresh.WithWalletDIDIndex(walletDIDIndex),
+			}
+
+			if flow, err = refresh.NewFlow(provider, opts...); err != nil {
+				return err
+			}
+
+			return flow.Run(context.Background())
+		},
+	}
+}