forked from animo/openid4vc-playground
-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Signed-off-by: Timo Glastra <[email protected]>
- Loading branch information
1 parent
06baa03
commit 279abe4
Showing
11 changed files
with
330 additions
and
309 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,69 @@ | ||
import type { DifPresentationExchangeDefinitionV2 } from '@credo-ts/core' | ||
import { pidMdocInputDescriptor, pidSdJwtInputDescriptor } from './util' | ||
|
||
export const animoVerifier = { | ||
presentationRequests: [ | ||
{ | ||
id: '4db74328-9e94-49bb-97b7-bbfcb2d11a06', | ||
name: 'PID - Name and age verification (vc+sd-jwt)', | ||
purpose: 'We need to verify your name and age', | ||
input_descriptors: [ | ||
pidSdJwtInputDescriptor({ | ||
fields: ['given_name', 'family_name', 'age_equal_or_over.21'], | ||
}), | ||
], | ||
}, | ||
{ | ||
id: '1e5fe154-183c-4bf5-b2c8-caa2264f1c99', | ||
name: 'PID - City verification (vc+sd-jwt)', | ||
purpose: 'We need to verify your city', | ||
input_descriptors: [ | ||
pidSdJwtInputDescriptor({ | ||
fields: ['place_of_birth.locality', 'adress.locality'], | ||
}), | ||
], | ||
}, | ||
{ | ||
id: 'f64dc30a-bcd7-48e8-b065-2bc3c7fc9588', | ||
name: 'PID - Age in year and birth family name verification (vc+sd-jwt)', | ||
purpose: 'We need to verify your name and age', | ||
input_descriptors: [ | ||
pidSdJwtInputDescriptor({ | ||
fields: ['age_in_years', 'birth_family_name'], | ||
}), | ||
], | ||
}, | ||
{ | ||
id: '5db54e62-d19d-495a-9d1d-58fac1f89a4d', | ||
name: 'PID - Name and age verification (mso_mdoc)', | ||
purpose: 'We need to verify your name and age', | ||
input_descriptors: [ | ||
pidMdocInputDescriptor({ | ||
fields: ['given_name', 'family_name', 'age_over_21'], | ||
}), | ||
], | ||
}, | ||
{ | ||
id: '8e80930c-6110-407a-a415-04791be81a35', | ||
name: 'PID - City verification (mso_mdoc)', | ||
purpose: 'We need to verify your city', | ||
input_descriptors: [ | ||
pidMdocInputDescriptor({ | ||
fields: ['birth_place', 'resident_city'], | ||
}), | ||
], | ||
}, | ||
{ | ||
id: '7df77c25-01bb-47ac-8778-454cb1031fe5', | ||
name: 'PID - Age in year and birth family name verification (mso_mdoc)', | ||
purpose: 'We need to verify your name and age', | ||
input_descriptors: [ | ||
pidMdocInputDescriptor({ | ||
fields: ['age_in_years', 'family_name_birth'], | ||
}), | ||
], | ||
}, | ||
], | ||
} as const satisfies { | ||
presentationRequests: Array<DifPresentationExchangeDefinitionV2> | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
import type { DifPresentationExchangeDefinitionV2 } from '@credo-ts/core' | ||
import { animoVerifier } from './animo' | ||
import { sixtVerifier } from './sixt' | ||
|
||
export const verifiers = [animoVerifier, sixtVerifier] | ||
export const allDefinitions = verifiers.flatMap((v): DifPresentationExchangeDefinitionV2[] => v.presentationRequests) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,39 @@ | ||
import type { DifPresentationExchangeDefinitionV2 } from '@credo-ts/core' | ||
import { mobileDriversLicenseMdoc, mobileDriversLicenseSdJwt } from '../issuers/infrastruktur' | ||
import { mdocInputDescriptor, pidMdocInputDescriptor, pidSdJwtInputDescriptor, sdJwtInputDescriptor } from './util' | ||
|
||
export const sixtVerifier = { | ||
presentationRequests: [ | ||
{ | ||
id: '1ad8ea6e-ec51-4e14-b316-dd76a6275480', | ||
name: 'PID and MDL - Rent a Car (vc+sd-jwt)', | ||
purpose: 'To secure your car reservations and finalize the transaction, we require the following attributes', | ||
input_descriptors: [ | ||
sdJwtInputDescriptor({ | ||
vcts: [mobileDriversLicenseSdJwt.vct], | ||
fields: ['document_number', 'portrait', 'issue_date', 'expiry_date', 'issuing_country', 'issuing_authority'], | ||
}), | ||
pidSdJwtInputDescriptor({ | ||
fields: ['given_name', 'family_name', 'birthdate'], | ||
}), | ||
], | ||
}, | ||
{ | ||
id: '479ada7f-fff1-4f4a-ba0b-f0e7a8dbab04', | ||
name: 'PID and MDL - Rent a Car (vc+sd-jwt/mso_mdoc)', | ||
purpose: 'To secure your car reservations and finalize the transaction, we require the following attributes', | ||
input_descriptors: [ | ||
mdocInputDescriptor({ | ||
doctype: mobileDriversLicenseMdoc.doctype, | ||
namespace: mobileDriversLicenseMdoc.doctype, | ||
fields: ['document_number', 'issue_date', 'expiry_date', 'issuing_country', 'issuing_authority'], | ||
}), | ||
pidSdJwtInputDescriptor({ | ||
fields: ['given_name', 'family_name', 'birthdate'], | ||
}), | ||
], | ||
}, | ||
], | ||
} as const satisfies { | ||
presentationRequests: Array<DifPresentationExchangeDefinitionV2> | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,92 @@ | ||
import type { DifPresentationExchangeDefinitionV2 } from '@credo-ts/core' | ||
|
||
export function sdJwtInputDescriptor({ | ||
vcts, | ||
fields, | ||
issuers, | ||
}: { | ||
vcts: string[] | ||
fields: string[] | ||
issuers?: string[] | ||
}): DifPresentationExchangeDefinitionV2['input_descriptors'][number] { | ||
return { | ||
id: crypto.randomUUID(), | ||
format: { | ||
'vc+sd-jwt': { | ||
'sd-jwt_alg_values': ['ES256'], | ||
'kb-jwt_alg_values': ['ES256'], | ||
}, | ||
}, | ||
constraints: { | ||
limit_disclosure: 'required', | ||
fields: [ | ||
...fields.map((field) => ({ | ||
path: [`$.${field}`], | ||
})), | ||
{ | ||
path: ['$.vct'], | ||
filter: { | ||
type: 'string', | ||
enum: vcts, | ||
}, | ||
}, | ||
issuers | ||
? { | ||
path: ['$.iss'], | ||
filter: { | ||
type: 'string', | ||
enum: issuers, | ||
}, | ||
} | ||
: undefined, | ||
].filter((f): f is Exclude<typeof f, undefined> => f !== undefined), | ||
}, | ||
} | ||
} | ||
|
||
export function mdocInputDescriptor({ | ||
doctype, | ||
namespace, | ||
fields, | ||
}: { | ||
doctype: string | ||
namespace: string | ||
fields: string[] | ||
}): DifPresentationExchangeDefinitionV2['input_descriptors'][number] { | ||
return { | ||
id: doctype, | ||
format: { | ||
mso_mdoc: { | ||
alg: ['ES256'], | ||
}, | ||
}, | ||
constraints: { | ||
limit_disclosure: 'required', | ||
fields: [ | ||
...fields.map((field) => ({ | ||
path: [`$['${namespace}']['${field}']`], | ||
intent_to_retain: false, | ||
})), | ||
].filter((f): f is Exclude<typeof f, undefined> => f !== undefined), | ||
}, | ||
} | ||
} | ||
|
||
export function pidMdocInputDescriptor({ fields }: { fields: string[] }) { | ||
return mdocInputDescriptor({ | ||
fields, | ||
doctype: 'eu.europa.ec.eudi.pid.1', | ||
namespace: 'eu.europa.ec.eudi.pid.1', | ||
}) | ||
} | ||
export function pidSdJwtInputDescriptor({ fields }: { fields: string[] }) { | ||
return sdJwtInputDescriptor({ | ||
fields, | ||
vcts: ['https://example.bmi.bund.de/credential/pid/1.0', 'urn:eu.europa.ec.eudi:pid:1'], | ||
issuers: [ | ||
'https://demo.pid-issuer.bundesdruckerei.de/c', | ||
'https://demo.pid-issuer.bundesdruckerei.de/c1', | ||
'https://demo.pid-issuer.bundesdruckerei.de/b1', | ||
], | ||
}) | ||
} |
Oops, something went wrong.