feat(sdk): didresolver - option to disable tls cert validation (#811)

Signed-off-by: Rolson Quadras <[email protected]>

cmd/wallet-sdk-gomobile/did/resolvedidopts.go

@@ -10,8 +10,9 @@ import "time"
 
 // ResolverOpts contains all optional arguments that can be passed into the ResolveDID method.
 type ResolverOpts struct {
-	resolverServerURI string
-	httpTimeout       *time.Duration
+	resolverServerURI                string
+	httpTimeout                      *time.Duration
+	disableHTTPClientTLSVerification bool
 }
 
 // NewResolverOpts returns a new ResolverOpts object.
@@ -35,3 +36,10 @@ func (c *ResolverOpts) SetHTTPTimeoutNanoseconds(timeout int64) *ResolverOpts {
 
 	return c
 }
+
+// DisableHTTPClientTLSVerify disables tls verification, should be used only for test purposes.
+func (c *ResolverOpts) DisableHTTPClientTLSVerify() *ResolverOpts {
+	c.disableHTTPClientTLSVerification = true
+
+	return c
+}

cmd/wallet-sdk-gomobile/did/resolver.go

@@ -9,6 +9,7 @@ SPDX-License-Identifier: Apache-2.0
 package did
 
 import (
+	"github.com/trustbloc/wallet-sdk/cmd/wallet-sdk-gomobile/api"
 	// helps gomobile bind api.DIDResolver interface to Resolver implementation in ios-bindings.
 	_ "github.com/trustbloc/wallet-sdk/cmd/wallet-sdk-gomobile/api"
 	"github.com/trustbloc/wallet-sdk/cmd/wallet-sdk-gomobile/wrapper"
@@ -40,6 +41,10 @@ func NewResolver(opts *ResolverOpts) (*Resolver, error) {
 		goAPIResolverOpts = append(goAPIResolverOpts, httpTimeoutOpt)
 	}
 
+	httpClient := wrapper.NewHTTPClient(opts.httpTimeout, api.Headers{}, opts.disableHTTPClientTLSVerification)
+
+	goAPIResolverOpts = append(goAPIResolverOpts, resolver.WithHTTPClient(httpClient))
+
 	didResolver, err := resolver.NewDIDResolver(goAPIResolverOpts...)
 	if err != nil {
 		return nil, wrapper.ToMobileError(err)

pkg/did/resolver/opts.go

@@ -6,11 +6,19 @@ SPDX-License-Identifier: Apache-2.0
 
 package resolver
 
-import "time"
+import (
+	"net/http"
+	"time"
+)
 
 type opts struct {
 	resolverServerURI string
 	httpTimeout       *time.Duration
+	httpClient        httpClient
+}
+
+type httpClient interface {
+	Do(req *http.Request) (*http.Response, error)
 }
 
 // An Opt is a single option for a Resolver instance.
@@ -32,6 +40,14 @@ func WithHTTPTimeout(timeout time.Duration) Opt {
 	}
 }
 
+// WithHTTPClient is an option for an OpenID4VP instance that allows a caller to specify their own HTTP client
+// implementation.
+func WithHTTPClient(httpClient httpClient) Opt {
+	return func(opts *opts) {
+		opts.httpClient = httpClient
+	}
+}
+
 func mergeOpts(options []Opt) *opts {
 	resolveOpts := &opts{}
 

pkg/did/resolver/resolver.go

@@ -17,6 +17,7 @@ import (
 	"github.com/trustbloc/did-go/method/key"
 	"github.com/trustbloc/did-go/method/web"
 	"github.com/trustbloc/did-go/vdr"
+	vdrapi "github.com/trustbloc/did-go/vdr/api"
 	longform "github.com/trustbloc/sidetree-go/pkg/vdr/sidetreelongform"
 
 	"github.com/trustbloc/wallet-sdk/pkg/api"
@@ -26,7 +27,8 @@ import (
 
 // DIDResolver is used for resolving DID using supported DID methods.
 type DIDResolver struct {
-	vdr *vdr.Registry
+	vdr        *vdr.Registry
+	httpClient httpClient
 }
 
 // NewDIDResolver returns a new DID Resolver.
@@ -79,13 +81,14 @@ func NewDIDResolver(opts ...Opt) (*DIDResolver, error) {
 	}
 
 	return &DIDResolver{
-		vdr: vdr.New(vdrOpts...),
+		vdr:        vdr.New(vdrOpts...),
+		httpClient: mergedOpts.httpClient,
 	}, nil
 }
 
 // Resolve resolves a DID.
 func (d *DIDResolver) Resolve(did string) (*didDoc.DocResolution, error) {
-	res, err := d.vdr.Resolve(did)
+	res, err := d.vdr.Resolve(did, vdrapi.WithOption(web.HTTPClientOpt, d.httpClient))
 	if err != nil {
 		return nil, walleterror.NewExecutionError(
 			diderrors.Module,