addition of c# wrapper with libs for windows and macos

.gitignore

@@ -1,7 +1,10 @@
-.vscode/settings.json
 ffi/lib
-ffi/java-idsdk/.idea
 ffi/java-idsdk/target
 ffi/java-idsdk/**/*.class
 dist/
-.idea/
+ffi/dotnet-idsdk/**/.vs
+ffi/dotnet-idsdk/**/obj
+ffi/dotnet-idsdk/**/bin
+ffi/dotnet-idsdk/**/lib
+.idea/
+.vscode

ffi/Makefile

@@ -14,14 +14,16 @@ ifeq ($(OS),Windows_NT)
 	endif
 	OS_EXT=dll
 else
-	UNAME_OS := $(shell uname -s)
-	ifeq ($(UNAME_OS),Darwin)
-		OS_FLAG=darwin
-		OS_EXT=dylib
-	endif
-	ifeq ($(UNAME_OS),Linux)
-		OS_FLAG=linux
-		OS_EXT=so
+	ifeq ($(strip $(OS_FLAG)),)
+		UNAME_OS := $(shell uname -s)
+		ifeq ($(UNAME_OS),Darwin)
+			OS_FLAG=darwin
+			OS_EXT=dylib
+		endif
+		ifeq ($(UNAME_OS),Linux)
+			OS_FLAG=linux
+			OS_EXT=so
+		endif
 	endif
 
 	UNAME_ARCH := $(shell uname -m)

ffi/README.md

@@ -4,13 +4,22 @@ FFI wrapper for iotics-identity-go
 
 ## Build
 
-`make compile`
+With `make` installed you can compile for the current platform with
+`make compile`. The script will detect the OS and ARCH and build for your system.
 
-The target should determine the platform and architecture of the current OS and build the binary library accordingly.
+If you want to override the target OS (the `GOOS` variable), define `$OS_FLAG` to the desired value.
+For example if you want to compile for an iOS target run
+`env OS_FLAG=ios make compile`
 
-Alternatively you can build your version using:
 
-`env GOOS=<os> GOARCH=<arch> go build -buildmode=c-shared -o lib/lib-iotics-id-sdk.so ./ffi_wrapper.go`
+On Windows, if you don't have `make` you can run the powershell script `build.ps1` like so:
+
+`powershell -ExecutionPolicy Bypass -File build.ps1`
+
+Alternatively you can build your version manually using the following command, 
+paying attention to setup the extension of the built library to the correct value for your OS (so, dll, dylib):
+
+`env GOOS=<$OS_FLAG> GOARCH=<$OS_ARCH> go build -buildmode=c-shared -o lib/lib-iotics-id-sdk.<$EXT> ./ffi_wrapper.go`
 
 ## Verifying goreleaser locally
 

ffi/build.ps1

@@ -0,0 +1,23 @@
+# Set the name of your Go library
+$libName = "lib-iotics-id-sdk"
+
+# Set the source file name (assuming it's in the same directory as the script)
+$sourceFile = "."
+
+# Set the output directory for compiled binaries
+$outputDirectory = ".\lib"
+
+$env:GOARCH="amd64"
+$env:CGO_ENABLED=1
+
+# Compile for Windows
+Write-Host "Compiling for Windows..."
+$env:GOOS="windows"
+go build -x -v -buildmode=c-shared -o "$outputDirectory\$libName.dll" $sourceFile
+
+if ($LASTEXITCODE -ne 0) {
+    Write-Host "Error: Compilation for Windows failed with exit code $LASTEXITCODE"
+    exit $LASTEXITCODE
+}
+
+Write-Host "Compilation completed successfully."

ffi/dotnet-idsdk/IoticsIdLib/IoticsIdLib.csproj

@@ -0,0 +1,9 @@
+<Project Sdk="Microsoft.NET.Sdk">
+  <PropertyGroup>
+    <OutputType>Exe</OutputType>
+    <TargetFramework>net8.0</TargetFramework>
+    <ImplicitUsings>enable</ImplicitUsings>
+    <Nullable>enable</Nullable>
+    <AllowUnsafeBlocks>true</AllowUnsafeBlocks>
+  </PropertyGroup>
+</Project>

ffi/dotnet-idsdk/IoticsIdLib/README.md

@@ -0,0 +1,40 @@
+# Build
+
+Go to the ffi directory and run the `Makefile` or the `build.ps1` as per README.
+
+# Run the test Application
+
+1. Copy the libraries built in this top directory. For example, for Windows `copy .\lib\*.* .\dotnet-idsdk\IoticsIdLib\` to make the libraries available to the project.  
+2. Run
+    - `dotnet clean` to clean the project (sometimes it seems you need to delete the directories `bin` and `obj` manually)
+    - `dotnet build` to build it
+    - `dotnet run <resolver address>` to run the Main method in `src\Main.cs` (you can find the resolver address from `https://<myspace>.iotics.space/index.json`)
+
+In order to distribute the project to 3rd parties you should make the binary and header files `lib-iotics-id-sdk.*` and the content of the bin directory.
+
+## Run output
+
+An example working output for the run is 
+
+    A new seed: ...69561
+    Use these mnemonics instead of remembering the seed: resist rough main ...
+    Recovered seed: ...69561
+    Agent identity: Key=agentKeyName, Id=#agentName, Did=did:iotics:iotU1N..., Seed=...69561 Resolver=https://did.dev.iotics.com
+    User identity: Key=userKeyName, Id=#userName, Did=did:iotics:iotDRfBoB..., Seed=...69561 Resolver=https://did.dev.iotics.com
+    Twin identity: Key=userKeyName, Id=#userName, Did=did:iotics:iotWTs39C..., Seed=...69561 Resolver=https://did.dev.iotics.com
+    Twin identity with CD: Key=twinKeyName, Id=#twinName, Did=did:iotics:iotB8Jq..., Seed=...69561 Resolver=https://did.dev.iotics.com
+    User delegating to agent 1: OK
+    Agent2 identity: Key=agentKeyName2, Id=#agentName2, Did=did:iotics:iotGbUU..., Seed=...a2772 Resolver=https://did.dev.iotics.com
+    Twin delegating to agent2: OK
+    Token 1: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9....ikyLncygipZ9SVw
+    Token 2: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9....gmk-cV_AX-oGJgQ
+
+Any non working output will terminate the application with a non 0 return code and an error line. Possible errors:
+
+- The resolver isn't reacheable
+
+    Error: FFI lib error: unable to create identity: Get "https://domain.resolver": dial tcp: lookup domain.resolver: no such host
+
+- Iotics Identity library not found (example for Windows OS)
+
+    Error: Exception when invoking method: Unable to load DLL 'lib-iotics-id-sdk' or one of its dependencies: The specified module could not be found. (0x8007007E)

ffi/dotnet-idsdk/IoticsIdLib/src/AgentIdentity.cs

@@ -0,0 +1,9 @@
+namespace IOTICS;
+
+public class AgentIdentity(Identity factory, string seed, string keyName, string id, string did) : PartyIdentity(factory, seed, keyName, id, did)
+{
+    public void Recreate() 
+    {
+        Factory.RecreateAgentIdentity(Seed, KeyName, Id);
+    }
+}

ffi/dotnet-idsdk/IoticsIdLib/src/Identity.cs

@@ -0,0 +1,245 @@
+using System.Net;
+
+namespace IOTICS;
+
+// Custom RuntimeException class
+public class IoticsLibException(string message) : ApplicationException(message)
+{
+}
+
+public class DelegationException(string message) : IoticsLibException(message) 
+{    
+}
+
+/** 
+Factory class for identity. 
+It takes a resolver address as discovered by https://<your_space>.iotics.space/index.json
+
+This class only exposes a subset of the methods of the IOTICS identity library, 
+specifically the functions defined in the golang ffi wrapper here
+ https://github.com/Iotic-Labs/iotics-identity-go/blob/v3/ffi/ffi_wrapper.go
+
+The full spec of the identity is here https://drive.google.com/file/d/1nlJxB08cpYStcunMyhXjOvHStWZEv4ch/view
+
+The full API is here https://github.com/Iotic-Labs/iotics-identity-go/tree/v3/pkg/api
+
+A simple usage of the API is in the file Main.cs
+
+*/
+public class Identity(string resolverAddress)
+{
+    public string ResolverAddress
+    {
+        get
+        {
+            return Tools.IsUrl(resolverAddress) ? Tools.RemoveTrailingSlash(resolverAddress) : resolverAddress;
+        }
+    }
+
+
+    /// <summary>
+    /// Creates a Seed that is then used to initialise the random number generator used to create private keys underpinning the identities.
+    /// Important: if a seed is forgotten or lost, the keys and ultimately, identities created with this shim will be lost forever.
+    /// </summary>
+    /// <returns>the seed string</returns>
+    public static string CreateDefaultSeed()
+    {
+        return Tools.InvokeGoFunction(() => IdLib.CreateDefaultSeed());
+    }
+
+    /// <summary>
+    /// Seeds can be retrieved by supplying the mnemonics to this method
+    /// </summary>
+    /// <param name="mnemonics">the mnemonics created with SeedBip39ToMnemonic</param>
+    /// <returns>a string with mnemonics separated by a space</returns>
+    public static string MnemonicBip39ToSeed(string mnemonics)
+    {
+        return Tools.InvokeGoFunction(() => IdLib.MnemonicBip39ToSeed(mnemonics));
+    }
+
+    /// <summary>
+    /// Seeds don't have to be remembered and they can be mapped to human readeable mnemonics easier to pin down or remembered.
+    /// </summary>
+    /// <param name="seed">a seed</param>
+    /// <returns>the mnemonics string separated by space</returns>
+    public static string SeedBip39ToMnemonic(string seed)
+    {
+        return Tools.InvokeGoFunction(() => IdLib.SeedBip39ToMnemonic(seed));
+    }
+
+    /// <summary>
+    /// Creates an agent identity. This is the identity that your agent application uses to interact with space. The DID of the agent is important to
+    /// configure in space for access control
+    /// Note that the agent takes a seed. For security purposes, it should be different than that of the user and possibly twins. 
+    /// An agent identity can't simply connect to a space. It must have an auth delegation from an user identity. Also, in order to control a twin, it must have control 
+    /// delegation on that twin.  
+    /// 
+    /// The call is idempotent. If called multiple times with the same arguments, it won't override the one present in the resolver.
+    /// </summary>
+    /// <param name="seed">a seed specific for this agent as created by CreateDefaultSeed</param>
+    /// <param name="cKeyName">a key name</param>
+    /// <param name="cId">a unique ID in the identity document referring the public key matching this identity</param>
+    /// <returns>a new agent identity.</returns>
+    public AgentIdentity CreateAgentIdentity(string seed, string cKeyName, string cId)
+    {
+        string did = Tools.InvokeGoFunction(() => IdLib.CreateAgentIdentity(ResolverAddress, cKeyName, Tools.EnsureHashPrefix(cId), seed));
+        return new AgentIdentity(this, seed, cKeyName, cId, did);
+    }
+
+    /// <summary>
+    /// sometimes it's easier to re-create the identity document in the resolver. Admittedly, for this wrapper, this method isn't going to do anything special 
+    /// because the agent identities are created with only a key.
+    /// *** this operation wipes out the identity in the resolver ***
+    /// </summary>
+    /// <param name="seed">a seed specific for this agent as created by CreateDefaultSeed</param>
+    /// <param name="cKeyName">a key name</param>
+    /// <param name="cId">a unique ID in the identity document referring the public key matching this identity</param>
+    /// <returns>the agent identity</returns>
+    internal AgentIdentity RecreateAgentIdentity(string seed, string cKeyName, string cId)
+    {
+        string did = Tools.InvokeGoFunction(() => IdLib.RecreateAgentIdentity(ResolverAddress, cKeyName, Tools.EnsureHashPrefix(cId), seed));
+        return new AgentIdentity(this, seed, cKeyName, cId, did);
+    }
+
+    /// <summary>
+    /// Creates a twin identity.   
+    /// 
+    /// The call is idempotent. If called multiple times with the same arguments, it won't override the one present in the resolver.
+    /// </summary>
+    /// <param name="seed">a seed specific for this twin as created by CreateDefaultSeed</param>
+    /// <param name="cKeyName">a key name</param>
+    /// <param name="cId">a unique ID in the identity document referring the public key matching this identity</param>
+    /// <returns>a new twin identity.</returns>
+    public TwinIdentity CreateTwinIdentity(string seed, string cKeyName, string cId)
+    {
+        string did = Tools.InvokeGoFunction(() => IdLib.CreateTwinIdentity(ResolverAddress, cKeyName, Tools.EnsureHashPrefix(cId), seed));
+        return new TwinIdentity(this, seed, cKeyName, cId, did);
+    }
+
+    /// <summary>
+    /// sometimes it's easier to re-create the identity document in the resolver.
+    /// *** this operation wipes out the identity of this twin in the resolver ***
+    /// </summary>
+    /// <param name="seed">a seed specific for this twin as created by CreateDefaultSeed</param>
+    /// <param name="cKeyName">a key name</param>
+    /// <param name="cId">a unique ID in the identity document referring the public key matching this identity</param>
+    /// <returns>the twin identity</returns>
+    internal TwinIdentity RecreateTwinIdentity(string seed, string cKeyName, string cId)
+    {
+        string did = Tools.InvokeGoFunction(() => IdLib.RecreateTwinIdentity(ResolverAddress, cKeyName, Tools.EnsureHashPrefix(cId), seed));
+        return new TwinIdentity(this, seed, cKeyName, cId, did);
+    }
+
+    /// <summary>
+    /// Creates a user identity. This is the identity that a user uses to authorise an agent to interact with IOTICS. 
+    /// The DID of the user identity is important to configure in space for access control.
+    /// 
+    /// Note that the method takes a seed. For security purposes, it should be different than that of the agent and possibly twins. 
+    /// A user won't connect to a space. It must delegate an agent. Without it, the agent won't be able to operate with space.
+    /// 
+    /// The call is idempotent. If called multiple times with the same arguments, it won't override the one present in the resolver.
+    /// 
+    /// NOTE: the delegations to an agent are stored in the user identity document. A user can delegate multiple agents. See `UserDelegatesAuthenticationToAgent`.
+    /// </summary>
+    /// <param name="seed">a seed specific for this user as created by CreateDefaultSeed</param>
+    /// <param name="cKeyName">a key name</param>
+    /// <param name="cId">a unique ID in the identity document referring the public key matching this identity</param>
+    /// <returns>a new user identity.</returns>
+    public UserIdentity CreateUserIdentity(string seed, string cKeyName, string cId)
+    {
+        string did = Tools.InvokeGoFunction(() => IdLib.CreateUserIdentity(ResolverAddress, cKeyName, Tools.EnsureHashPrefix(cId), seed));
+        return new UserIdentity(this, seed, cKeyName, cId, did);
+    }
+
+    /// <summary>
+    /// Recreates the identity in the resolver. It wipes out ALL delegations existing in the document.
+    /// </summary>
+    /// <param name="seed">a seed specific for this user as created by CreateDefaultSeed</param>
+    /// <param name="cKeyName">a key name</param>
+    /// <param name="cId">a unique ID in the identity document referring the public key matching this identity</param>
+    /// <returns></returns>
+    internal UserIdentity RecreateUserIdentity(string seed, string cKeyName, string cId)
+    {
+        string did = Tools.InvokeGoFunction(() => IdLib.RecreateUserIdentity(ResolverAddress, cKeyName, Tools.EnsureHashPrefix(cId), seed));
+        return new UserIdentity(this, seed, cKeyName, cId, did);
+    }
+
+
+    /// <summary>
+    /// Creates a twin identity and automatically creates the control delegation for the agent identity. 
+    /// It's a convenience method. More advanced and fine grained control methods on twin identities are not exposed in this shim
+    /// </summary>
+    /// <param name="creator">the agent creating this twin</param>
+    /// <param name="cKeyName">a key name</param>
+    /// <param name="cId">a unique ID in the identity document referring the public key matching this identity</param>
+    /// <returns>the twin identity with the delegation already setup</returns>
+    public TwinIdentity CreateTwinIdentityWithControlDelegation(AgentIdentity creator, string cKeyName, string cId)
+    {
+        string did = Tools.InvokeGoFunction(() => IdLib.CreateTwinDidWithControlDelegation(
+            ResolverAddress, creator.Did, creator.KeyName, creator.Id, creator.Seed, cKeyName, cId
+        ));
+        return new TwinIdentity(this, creator, cKeyName, cId, did);
+    }
+
+    /// <summary>
+    /// Creates a delegation from a user to an agent.
+    /// </summary>
+    /// <param name="agentIdentity">the identity of the agent being delegated</param>
+    /// <param name="userIdentity">the identity of the delegating user</param>
+    /// <param name="cDelegationName">the unique name of this delegation</param>
+    /// <returns>throws DelegationException if an error occurs</returns>
+    internal void UserDelegatesAuthenticationToAgent(
+        AgentIdentity agentIdentity,
+        UserIdentity userIdentity,
+        string cDelegationName
+    ) {
+        string? result = Tools.InvokeGoFunction(() => IdLib.UserDelegatesAuthenticationToAgent(ResolverAddress, 
+            agentIdentity.Did, agentIdentity.KeyName, Tools.EnsureHashPrefix(agentIdentity.Id), agentIdentity.Seed,
+            userIdentity.Did, userIdentity.KeyName, Tools.EnsureHashPrefix(userIdentity.Id), userIdentity.Seed,
+            Tools.EnsureHashPrefix(cDelegationName)));
+
+        if(result != null) {
+            throw new DelegationException(result);
+        }
+    }
+
+    /// <summary>
+    /// In case another agent (other than the creator) needs delegation. 
+    /// This method is of limited use at this stage since, for it to work, both keys of the principals need to be available.
+    /// It should only be sufficient for the agent to submit a proof which is a public value. 
+    /// 
+    /// </summary>
+    /// <param name="agentIdentity">the identity of the agent being delegated</param>
+    /// <param name="twinIdentity">the identity of the delegating twin</param>
+    /// <param name="cDelegationName">the unique name of this delegation</param>
+    /// <returns>throws DelegationException if an error occurs</returns>
+    internal void TwinDelegatesControlToAgent(
+        AgentIdentity agentIdentity,
+        TwinIdentity twinIdentity,
+        string cDelegationName
+    ) {
+        string? result = Tools.InvokeGoFunction(() => IdLib.TwinDelegatesControlToAgent(ResolverAddress, 
+            agentIdentity.Did, agentIdentity.KeyName, Tools.EnsureHashPrefix(agentIdentity.Id), agentIdentity.Seed,
+            twinIdentity.Did, twinIdentity.KeyName, Tools.EnsureHashPrefix(twinIdentity.Id), twinIdentity.Seed,
+            Tools.EnsureHashPrefix(cDelegationName)));
+        if(result != null) {
+            throw new DelegationException(result);
+        }
+    }
+
+    /// <summary>
+    /// creates a valid token enabling the agent to call APIs to the space.
+    /// A token is valid if the agent identity exists and if the user supplied has a valid delegation.
+    /// the duration in seconds determins the temporal validity of this token.
+    /// </summary>
+    /// <param name="agentIdentity">the agent</param>
+    /// <param name="userDid">the delegating user. if a delegation exists for this user, the call will be successful</param>
+    /// <param name="audience">the space name (unused at this stage)</param>
+    /// <param name="duration">duration in seconds</param>
+    /// <returns></returns>
+    public static string CreateAgentAuthToken(AgentIdentity agentIdentity, string userDid, string audience, long duration)
+    {
+        return Tools.InvokeGoFunction(() => IdLib.CreateAgentAuthToken(agentIdentity.Did, agentIdentity.KeyName, agentIdentity.Id, agentIdentity.Seed, userDid, audience, duration));
+    }
+
+}