Validate rfq claims against offering

lib/src/protocol/exceptions.dart

@@ -12,6 +12,7 @@ enum TbdexExceptionCode {
   resourceSignatureMissing,
   resourceSignatureMismatch,
   resourceUnknownKind,
+  rfqClaimsInsufficient,
   rfqClaimsHashMismatch,
   rfqClaimsMissing,
   rfqOfferingIdMismatch,

lib/src/protocol/models/resource_data.dart

@@ -1,4 +1,5 @@
 import 'package:json_schema/json_schema.dart';
+import 'package:web5/web5.dart';
 
 abstract class Data {
   Map<String, dynamic> toJson() {
@@ -13,14 +14,14 @@ class OfferingData extends ResourceData {
   final String payoutUnitsPerPayinUnit;
   final PayinDetails payin;
   final PayoutDetails payout;
-  // final PresentationDefinitionV2? requiredClaims;
+  final PresentationDefinition? requiredClaims;
 
   OfferingData({
     required this.description,
     required this.payoutUnitsPerPayinUnit,
     required this.payin,
     required this.payout,
-    // this.requiredClaims,
+    this.requiredClaims,
   });
 
   factory OfferingData.fromJson(Map<String, dynamic> json) {
@@ -29,7 +30,7 @@ class OfferingData extends ResourceData {
       payoutUnitsPerPayinUnit: json['payoutUnitsPerPayinUnit'],
       payin: PayinDetails.fromJson(json['payin']),
       payout: PayoutDetails.fromJson(json['payout']),
-      // requiredClaims: json['requiredClaims'] != null ? PresentationDefinitionV2.fromJson(json['requiredClaims']) : null,
+      requiredClaims: json['requiredClaims'] != null ? PresentationDefinition.fromJson(json['requiredClaims']) : null,
     );
   }
 

lib/src/protocol/models/rfq.dart

@@ -7,6 +7,7 @@ import 'package:tbdex/src/protocol/models/message.dart';
 import 'package:tbdex/src/protocol/models/message_data.dart';
 import 'package:tbdex/src/protocol/models/offering.dart';
 import 'package:tbdex/src/protocol/validator.dart';
+import 'package:tbdex/tbdex.dart';
 import 'package:web5/web5.dart';
 
 class Rfq extends Message {
@@ -336,8 +337,28 @@ class Rfq extends Message {
       }
     }
 
-    // TODO(ethan-tbd): verify claims
-    // offering.data.requiredClaims?.forEach(verifyClaims);
+    verifyClaims(offering);
+  }
+
+  void verifyClaims(Offering offering) {
+    if (offering.data.requiredClaims == null) {
+      return;
+    }
+    final presentationDefinition = offering.data.requiredClaims!;
+
+    final credentials =
+        presentationDefinition.selectCredentials(privateData?.claims ?? []);
+
+    if (credentials.isEmpty) {
+      throw TbdexVerifyOfferingRequirementsException(
+        TbdexExceptionCode.rfqClaimsInsufficient,
+        "Rfq claims were insufficient to satisfy Offering's required claims",
+      );
+    }
+
+    for (final credential in credentials) {
+      DecodedVcJwt.decode(credential).verify();
+    }
   }
 
   factory Rfq.fromJson(Map<String, dynamic> json) {

test/helpers/test_data.dart

@@ -30,7 +30,9 @@ class TestData {
     pfiDid = await DidJwk.create(keyManager: _pfiKeyManager);
   }
 
-  static Offering getOffering() {
+  static Offering getOffering({
+    PresentationDefinition? requiredClaims,
+  }) {
     return Offering.create(
       pfiDid.uri,
       OfferingData(
@@ -57,17 +59,47 @@ class TestData {
             ),
           ],
         ),
+        requiredClaims: requiredClaims,
       ),
     );
   }
 
+  static PresentationDefinition getRequiredClaims() {
+    // From web5-spec test vectors
+    const json = r'''
+      {
+        "id": "7ce4004c-3c38-4853-968b-e411bafcd945",
+        "input_descriptors": [
+          {
+            "id": "bbdb9b7c-5754-4f46-b63b-590bada959e0",
+            "constraints": {
+              "fields": [
+                {
+                  "path": ["$.vc.type[*]"],
+                  "filter": {
+                    "type": "string",
+                    "pattern": "^YoloCredential$"
+                  }
+                }
+              ]
+            }
+          }
+        ]
+      }
+    ''';
+
+    return PresentationDefinition.fromJson(jsonDecode(json));
+  }
+
   static Rfq getRfq({
     String? offeringId,
     String? amount,
     String? payinKind,
     String? payoutKind,
     String? to,
+    List<String>? claims,
   }) {
+    claims ??= [];
     return Rfq.create(
       to ?? pfiDid.uri,
       aliceDid.uri,
@@ -92,7 +124,7 @@ class TestData {
             'cvv': '123',
           }),
         ),
-        claims: [],
+        claims: claims,
       ),
     );
   }

test/protocol/models/rfq_test.dart

@@ -7,6 +7,7 @@ import 'package:tbdex/src/protocol/models/resource.dart';
 import 'package:tbdex/src/protocol/models/rfq.dart';
 import 'package:test/test.dart';
 import 'package:typeid/typeid.dart';
+import 'package:web5/web5.dart';
 
 import '../../helpers/test_data.dart';
 
@@ -352,10 +353,52 @@ void main() async {
       });
     });
 
-    test('can verify offering requirements', () {
-      final offering = TestData.getOffering();
-      final rfq = TestData.getRfq(offeringId: offering.metadata.id);
-      expect(() => rfq.verifyOfferingRequirements(offering), returnsNormally);
+    group('verifyOfferingRequirements', () {
+      test('can verify offering requirements', () {
+        final offering = TestData.getOffering();
+        final rfq = TestData.getRfq(offeringId: offering.metadata.id);
+        expect(() => rfq.verifyOfferingRequirements(offering), returnsNormally);
+      });
+
+      test('succeeds if claims satisfy offering required claims', () async {
+        final vc = VerifiableCredential.create(
+          // this credential fulfills the offering's required claims
+          type: ['YoloCredential', 'VerifiableCredential',],
+          issuer: TestData.aliceDid.uri,
+          subject: TestData.aliceDid.uri,
+          data: {
+            'beep': 'boop',
+          },
+        );
+        final vcJwt = await vc.sign(TestData.aliceDid);
+
+        final offering =
+            TestData.getOffering(requiredClaims: TestData.getRequiredClaims());
+        final rfq =
+            TestData.getRfq(offeringId: offering.metadata.id, claims: [vcJwt]);
+
+        expect(() => rfq.verifyOfferingRequirements(offering), returnsNormally);
+      });
+
+      test('fails if offering has no required claims', () async {
+        final vc = VerifiableCredential.create(
+          // this credential fulfills the offering's required claims
+          type: ['NotYoloCredential', 'VerifiableCredential',],
+          issuer: TestData.aliceDid.uri,
+          subject: TestData.aliceDid.uri,
+          data: {
+            'beep': 'boop',
+          },
+        );
+        final vcJwt = await vc.sign(TestData.aliceDid);
+
+        final offering =
+            TestData.getOffering(requiredClaims: TestData.getRequiredClaims());
+        final rfq =
+            TestData.getRfq(offeringId: offering.metadata.id, claims: [vcJwt]);
+
+        expect(() => rfq.verifyOfferingRequirements(offering), throwsException);
+      });
     });
 
     test('should throw exception if rfq offeringId differs from offering id',