From 7acfd7b3ed53df04b878e888c8325388080f3f98 Mon Sep 17 00:00:00 2001
From: Dimitris ZARRAS <Dimitris.ZARRAS@netcompany.com>
Date: Mon, 20 Nov 2023 13:39:41 +0200
Subject: [PATCH 1/2] Remove UniqueId from PID.

---
 .../eudi/pidissuer/adapter/out/oauth/Claims.kt   |  8 --------
 .../out/pid/EncodePidInCborWithMicroService.kt   |  1 -
 .../adapter/out/pid/GetPidDataFromAuthServer.kt  |  1 -
 .../pidissuer/adapter/out/pid/IssueMsoMdocPid.kt |  5 -----
 .../pidissuer/adapter/out/pid/IssueSdJwtVcPid.kt |  2 --
 .../ec/eudi/pidissuer/adapter/out/pid/Pid.kt     | 16 ----------------
 .../pidissuer/adapter/input/web/WalletApiTest.kt |  1 -
 .../pid/EncodePidInCborWithMicroServiceTest.kt   |  1 -
 8 files changed, 35 deletions(-)

diff --git a/src/main/kotlin/eu/europa/ec/eudi/pidissuer/adapter/out/oauth/Claims.kt b/src/main/kotlin/eu/europa/ec/eudi/pidissuer/adapter/out/oauth/Claims.kt
index 0138961c..5e3172e0 100644
--- a/src/main/kotlin/eu/europa/ec/eudi/pidissuer/adapter/out/oauth/Claims.kt
+++ b/src/main/kotlin/eu/europa/ec/eudi/pidissuer/adapter/out/oauth/Claims.kt
@@ -28,14 +28,6 @@ interface IsAttribute {
 // Open ID Connect Core
 //
 
-val OidcSub: AttributeDetails by lazy {
-    AttributeDetails(
-        name = "sub",
-        mandatory = true,
-        display = mapOf(Locale.ENGLISH to "Unique Identifier"),
-    )
-}
-
 val OidcFamilyName: AttributeDetails by lazy {
     AttributeDetails(
         name = "family_name",
diff --git a/src/main/kotlin/eu/europa/ec/eudi/pidissuer/adapter/out/pid/EncodePidInCborWithMicroService.kt b/src/main/kotlin/eu/europa/ec/eudi/pidissuer/adapter/out/pid/EncodePidInCborWithMicroService.kt
index fdfbfba0..c974f35b 100644
--- a/src/main/kotlin/eu/europa/ec/eudi/pidissuer/adapter/out/pid/EncodePidInCborWithMicroService.kt
+++ b/src/main/kotlin/eu/europa/ec/eudi/pidissuer/adapter/out/pid/EncodePidInCborWithMicroService.kt
@@ -106,7 +106,6 @@ internal fun createMsoMdocReq(
                 pid.nationality?.let { put("nationalities", JsonArray(listOf(JsonPrimitive(it.value)))) }
                 put("is_over_18", pid.ageOver18)
                 pid.ageBirthYear?.let { put("age_birth_year", it.value) }
-                put("unique_id", pid.uniqueId.value)
                 put("issuance_date", pidMetaData.issuanceDate.toString())
                 put("expiry_date", pidMetaData.expiryDate.toString())
                 when (val issuingAuthority = pidMetaData.issuingAuthority) {
diff --git a/src/main/kotlin/eu/europa/ec/eudi/pidissuer/adapter/out/pid/GetPidDataFromAuthServer.kt b/src/main/kotlin/eu/europa/ec/eudi/pidissuer/adapter/out/pid/GetPidDataFromAuthServer.kt
index 73976bc0..1b130850 100644
--- a/src/main/kotlin/eu/europa/ec/eudi/pidissuer/adapter/out/pid/GetPidDataFromAuthServer.kt
+++ b/src/main/kotlin/eu/europa/ec/eudi/pidissuer/adapter/out/pid/GetPidDataFromAuthServer.kt
@@ -78,7 +78,6 @@ class GetPidDataFromAuthServer private constructor(
             birthDate = LocalDate.parse(userInfo.birthDate),
             ageOver18 = userInfo.ageOver18 ?: false,
             gender = userInfo.gender?.let { IsoGender(it) },
-            uniqueId = UniqueId(userInfo.sub),
             residentCountry = userInfo.address?.country?.let { IsoCountry(it) },
             residentState = userInfo.address?.region?.let { State(it) },
             residentPostalCode = userInfo.address?.postalCode?.let { PostalCode(it) },
diff --git a/src/main/kotlin/eu/europa/ec/eudi/pidissuer/adapter/out/pid/IssueMsoMdocPid.kt b/src/main/kotlin/eu/europa/ec/eudi/pidissuer/adapter/out/pid/IssueMsoMdocPid.kt
index dd0db6d2..324712ce 100644
--- a/src/main/kotlin/eu/europa/ec/eudi/pidissuer/adapter/out/pid/IssueMsoMdocPid.kt
+++ b/src/main/kotlin/eu/europa/ec/eudi/pidissuer/adapter/out/pid/IssueMsoMdocPid.kt
@@ -57,11 +57,6 @@ private val pidAttributes = pidNameSpace(1) to listOf(
     AttributeDetails(
         name = "age_birth_year",
     ),
-    AttributeDetails(
-        name = "unique_id",
-        mandatory = true,
-        display = mapOf(Locale.ENGLISH to "Unique Identifier"),
-    ),
     AttributeDetails(
         name = "family_name_birth",
         mandatory = false,
diff --git a/src/main/kotlin/eu/europa/ec/eudi/pidissuer/adapter/out/pid/IssueSdJwtVcPid.kt b/src/main/kotlin/eu/europa/ec/eudi/pidissuer/adapter/out/pid/IssueSdJwtVcPid.kt
index 6855092e..79dbbdf5 100644
--- a/src/main/kotlin/eu/europa/ec/eudi/pidissuer/adapter/out/pid/IssueSdJwtVcPid.kt
+++ b/src/main/kotlin/eu/europa/ec/eudi/pidissuer/adapter/out/pid/IssueSdJwtVcPid.kt
@@ -73,7 +73,6 @@ private object Attributes {
         OidcGivenName,
         OidcBirthDate,
         OidcAddressClaim.attribute,
-        OidcSub,
         OidcGender,
         OidcAssuranceNationalities,
         OidcAssuranceBirthFamilyName,
@@ -133,7 +132,6 @@ fun selectivelyDisclosed(
         exp(exp.epochSecond)
         cnf(holderPubKey)
         plain("vct", PidSdJwtVcV1.type.value)
-        sub(pid.uniqueId.value)
 
         //
         // Selectively Disclosed claims
diff --git a/src/main/kotlin/eu/europa/ec/eudi/pidissuer/adapter/out/pid/Pid.kt b/src/main/kotlin/eu/europa/ec/eudi/pidissuer/adapter/out/pid/Pid.kt
index b6a0c551..c1acdbad 100644
--- a/src/main/kotlin/eu/europa/ec/eudi/pidissuer/adapter/out/pid/Pid.kt
+++ b/src/main/kotlin/eu/europa/ec/eudi/pidissuer/adapter/out/pid/Pid.kt
@@ -25,19 +25,6 @@ value class FamilyName(val value: String)
 @JvmInline
 value class GivenName(val value: String)
 
-/**
- * A PID Provider SHALL ensure that a unique_id data element is present in the PID.
- * It SHALL contain an identifier for the PID User.
- * The value of this data element SHALL be unique and persistent.
- * This means that a specific Relying Party, if it is authorized to receive this data element,
- * SHALL always receive the same unique_id value for the same PID User from all Wallet Instances
- * issued to that PID User, either in parallel or consecutively, throughout the User’s lifetime.
- * It is up to each PID Provider to determine if the unique_id for a User is different for each Relying Party,
- * or the same for a group of Relying Parties or even for all Relying Parties.
- */
-@JvmInline
-value class UniqueId(val value: String)
-
 /**
  * An Alpha-2 country
  * code as specified in ISO 3166-1.
@@ -74,8 +61,6 @@ typealias Nationality = IsoCountry
  * minor (false).
  * @param ageBirthYear The year when the PID User was born. If unknown, approximate
  * year.
- * @param uniqueId A unique and persistent identifier for the PID User, assigned by
- * the PID Provider.
  * @param familyNameBirth First name(s), including middle name(s), of the PID User at the
  * time of birth.
  * @param givenNameBirth First name(s), including middle name(s), of the PID User at the time of birth.
@@ -99,7 +84,6 @@ data class Pid(
     val birthDate: LocalDate,
     val ageOver18: Boolean,
     val ageBirthYear: Year? = null,
-    val uniqueId: UniqueId,
     val familyNameBirth: FamilyName? = null,
     val givenNameBirth: GivenName? = null,
     val birthPlace: String? = null,
diff --git a/src/test/kotlin/eu/europa/ec/eudi/pidissuer/adapter/input/web/WalletApiTest.kt b/src/test/kotlin/eu/europa/ec/eudi/pidissuer/adapter/input/web/WalletApiTest.kt
index afdd7006..9f622269 100644
--- a/src/test/kotlin/eu/europa/ec/eudi/pidissuer/adapter/input/web/WalletApiTest.kt
+++ b/src/test/kotlin/eu/europa/ec/eudi/pidissuer/adapter/input/web/WalletApiTest.kt
@@ -306,7 +306,6 @@ internal class WalletApiTest {
                     givenName = GivenName("Firstname"),
                     birthDate = LocalDate.of(1989, Month.AUGUST, 22),
                     ageOver18 = true,
-                    uniqueId = UniqueId(UUID.randomUUID().toString()),
                 )
                 val issuingCountry = IsoCountry("GR")
                 val pidMetaData = PidMetaData(
diff --git a/src/test/kotlin/eu/europa/ec/eudi/pidissuer/adapter/out/pid/EncodePidInCborWithMicroServiceTest.kt b/src/test/kotlin/eu/europa/ec/eudi/pidissuer/adapter/out/pid/EncodePidInCborWithMicroServiceTest.kt
index 1aa75e93..96ef23b4 100644
--- a/src/test/kotlin/eu/europa/ec/eudi/pidissuer/adapter/out/pid/EncodePidInCborWithMicroServiceTest.kt
+++ b/src/test/kotlin/eu/europa/ec/eudi/pidissuer/adapter/out/pid/EncodePidInCborWithMicroServiceTest.kt
@@ -51,7 +51,6 @@ class EncodePidInCborWithMicroServiceTest {
             givenName = GivenName("javier"),
             birthDate = birthDate,
             ageOver18 = true,
-            uniqueId = UniqueId("86b73c6c-7542-4923-a986-97d2cdf7f07a"),
         )
         val pidMetaData = PidMetaData(
             issuanceDate = LocalDate.of(2023, 7, 19),

From 1d5f544f20f048b79c836389546fd50741b1d631 Mon Sep 17 00:00:00 2001
From: Dimitris ZARRAS <Dimitris.ZARRAS@netcompany.com>
Date: Mon, 20 Nov 2023 16:04:16 +0200
Subject: [PATCH 2/2] Readd OidcSub claim.

---
 .../europa/ec/eudi/pidissuer/adapter/out/oauth/Claims.kt  | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/src/main/kotlin/eu/europa/ec/eudi/pidissuer/adapter/out/oauth/Claims.kt b/src/main/kotlin/eu/europa/ec/eudi/pidissuer/adapter/out/oauth/Claims.kt
index 5e3172e0..d21a4c21 100644
--- a/src/main/kotlin/eu/europa/ec/eudi/pidissuer/adapter/out/oauth/Claims.kt
+++ b/src/main/kotlin/eu/europa/ec/eudi/pidissuer/adapter/out/oauth/Claims.kt
@@ -28,6 +28,14 @@ interface IsAttribute {
 // Open ID Connect Core
 //
 
+val OidcSub: AttributeDetails by lazy {
+    AttributeDetails(
+        name = "sub",
+        mandatory = true,
+        display = mapOf(Locale.ENGLISH to "Subject - Identifier for the End-User at the Issuer"),
+    )
+}
+
 val OidcFamilyName: AttributeDetails by lazy {
     AttributeDetails(
         name = "family_name",