Feat: Oid4vc delete issuer

[shitrerohit]

What?

API to delete an OID4VC issuer.

How?

Uncommented the previous code.
Updated the service-level call for the delete-issuer module.
Added a patch to export the OpenId4VcIssuerRepository module from the OID4VC build.

Summary by CodeRabbit

• New Features
  • Added issuer deletion functionality, allowing users to remove issuers via API endpoint. The service now supports deleting issuer records by ID with appropriate confirmation messaging.

[coderabbitai]

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

📝 Walkthrough

Walkthrough

This PR exposes the OpenId4VcIssuerRepository from the credo-ts package and implements a deleteIssuer endpoint in the issuer controller and service layer that leverages this repository to delete issuers by ID.

Changes

Cohort / File(s)	Summary
Dependency Export patches/@credo-ts+openid4vc+0.6.1+001+add-export-for-issuance-repository.patch	Patch file adds OpenId4VcIssuerRepository to the public export surface of the @credo-ts/openid4vc package by importing and re-exporting it in the main index files.
Delete Issuer Feature src/controllers/openid4vc/issuers/issuer.Controller.ts, src/controllers/openid4vc/issuers/issuer.service.ts	Implements deleteIssuer endpoint and service method. Controller defines a DELETE endpoint that delegates to the service, which resolves the OpenId4VcIssuerRepository and uses its deleteById method to remove issuers by ID.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

• Fix/issuer verifier session type issues #337: Both PRs modify the issuer/controller/service architecture and OpenId4Vc integration; this PR exposes and uses OpenId4VcIssuerRepository directly while PR #337 refactors the wiring to use the module API, representing potentially conflicting approaches.

Suggested reviewers

• RinkalBhojani

Poem

🐰 A delete endpoint hops into view,
Repository exposed, now shiny and new,
Issuers vanish with one swift call,
The issuer service handles it all! ✨

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'Feat: Oid4vc delete issuer' clearly and concisely summarizes the main change: adding functionality to delete an OID4VC issuer, which is directly reflected across all modified files.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feat/oid4vc-delete-issuer

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[shitrerohit]

@coderabbitai review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In `@src/controllers/openid4vc/issuers/issuer.service.ts`:
- Around line 47-52: The deleteIssuer method currently bypasses the OpenId4VcApi
and uses OpenId4VcIssuerRepository.deleteById because the public API in
`@credo-ts/openid4vc`@0.6.1 lacks a delete method; add a concise comment above the
repository call (in deleteIssuer) stating this library limitation and warning
that repository-only deletion may leave orphaned state (issuance
sessions/credential offers) since no higher-level cleanup is performed, then
simplify the implementation by removing the .then() chain and using await
issuanceRepository.deleteById(agentReq.agent.context, issuerId) followed by
returning the success message.

🧹 Nitpick comments (3)

patches/@credo-ts+openid4vc+0.6.1+001+add-export-for-issuance-repository.patch (1)

1-33: Patch-based export is fragile and version-coupled.

This patch modifies built artifacts inside node_modules. It will silently break if @credo-ts/openid4vc is upgraded past 0.6.1 and the internal file paths or export structure change. Consider opening an upstream PR/issue to expose OpenId4VcIssuerRepository from the package's public API so this patch can eventually be removed.

src/controllers/openid4vc/issuers/issuer.Controller.ts (1)

82-92: Clarify the id parameter semantics — it differs from other endpoints.

Other endpoints in this controller use publicIssuerId (the logical/public issuer identifier), but this endpoint accepts id which maps to the internal record ID (per the JSDoc and the service's deleteById call). This inconsistency could confuse API consumers who might pass a publicIssuerId and get a "not found" error. Consider either:

1. Renaming the param to recordId to make the distinction explicit, or
2. Accepting publicIssuerId, resolving it to a record, then deleting — consistent with how the rest of the API surface works.

src/controllers/openid4vc/issuers/issuer.service.ts (1)

49-51: Minor: prefer async/await over mixing await with .then().

The current pattern is functional but inconsistent with the rest of the codebase which uses straight await.

Suggested simplification

   public async deleteIssuer(agentReq: Req, issuerId: string) {
     const issuanceRepository = agentReq.agent.dependencyManager.resolve(OpenId4VcIssuerRepository)
-    return await issuanceRepository.deleteById(agentReq.agent.context, issuerId).then(() => {
-      return { message: 'Record deleted successfully' }
-    })
+    await issuanceRepository.deleteById(agentReq.agent.context, issuerId)
+    return { message: 'Record deleted successfully' }
   }

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud