Add scope to AuthorizationCredential

[llorllale]

The AuthorizationCredential model does not indicate the resources their owner has authorized access to. This makes it impossible for the requesting party to determine which authz cred to use for each location when multiple remote credentials are to be retrieved.

The resources granted access in an authz credential are its scope - I propose this new attribute is called exactly that, scope. Further, since a single resource location may serve multiple scopes, scope should be an array.

Since we don't want to invent new scope language, we should reuse the presentation-exchange input descriptors. So, scope should be an array of input descriptor objects.

Example

{
    "@context": [
        "https://www.w3.org/2018/credentials/v1",
        "https://trustbloc.github.io/context/vc/authorization-credential-v1.jsonld"
    ],
    "type": [
        "VerifiableCredential",
        "AuthorizationCredential"
    ],
    "id": "urn:uuid:73f5b76a-d616-4e16-81ad-216cf9632394",
    "issuanceDate": "2020-08-14T20:00:06.033356825Z",
    "issuer": "urn:uuid:fb80ed43-18b0-47e1-8f70-7020164c3302",
    "credentialSubject": {
        "id": "urn:uuid:65576427-01e4-4304-957b-ce11a1a6f4e2",
        "scope": [
            {
                "schema": {
                    "uri": "https://trustbloc.github.io/context/vc/examples/credit-card-v1.jsonld"
                },
                "constraints": {}
            }
        ],
        "subjectDID": "did:peer:1zQmVYMa5Q46sL4MsYuAd5sLEkjHoxa3ajfjUArBoXqbiR7q",
        "issuerDIDDoc": {},
        "requestingPartyDIDDoc": {}
    }
}

[llorllale]

This makes it impossible for the requesting party to determine which authz cred to use for each location when multiple remote credentials are to be retrieved.

Technically true with the authZ cred as a standalone object, but the envelope it's transported in (ie. presentation-exchange submission) may link it to the input criteria.

[llorllale]

duplicate of #26