multipaz/org.multipaz.document/DocumentUtil/managedCredentialHelper

managedCredentialHelper

suspend fun managedCredentialHelper(document: Document, domain: String, createCredential: suspend (credentialIdentifierToReplace: String?) -> Credential?, now: Instant, numCredentials: Int, maxUsesPerCredential: Int, minValidTimeMillis: Long, dryRun: Boolean): Int

A helper for managing a set of Credentials.

This helper provides a high-level way to manage credentials on a Document. Its goal is to always have a fixed number of credentials of a specific type available within the following constraints

If a credential is used more than maxUsesPerCredential times, a replacement is generated.
If a credential expires within minValidTimeMillis milliseconds, a replacement is generated.

This is all implemented on top of Credential creation and Credential.certify. The application should examine the return value and if positive, collect the not-yet-certified credentials via Document.pendingCredentials, send them to the issuer for certification, and then call Credential.certify when receiving the certification from the issuer.

Return

the number of credentials created.

Parameters

document

the document to manage credentials for.

domain

the domain to use for created credentials.

createCredential

a lambda for creating the credential which only takes in an optional parameter for a replacement credential. This must not be null if dryRun is false.

now

the time right now, used for determining which existing credentials to replace.

numCredentials

the number of credentials that should be kept.

maxUsesPerCredential

the maximum number of uses per credential.

minValidTimeMillis

requests a replacement for a credential if it expires within this window.

dryRun

don't actually create the credentials, just return how many would be created.