Skip to content

Commit

Permalink
feat(sdk): Updated authorization request DTO (trustbloc#730)
Browse files Browse the repository at this point in the history
feat: updated authorization request dto

Signed-off-by: Mykhailo Sizov <[email protected]>
  • Loading branch information
mishasizov-SK authored Feb 16, 2024
1 parent 5d18d28 commit 8b165bb
Show file tree
Hide file tree
Showing 3 changed files with 44 additions and 15 deletions.
18 changes: 12 additions & 6 deletions pkg/openid4ci/interaction.go
Original file line number Diff line number Diff line change
Expand Up @@ -153,17 +153,23 @@ func (i *interaction) instantiateCodeVerifier() error {
func (i *interaction) generateAuthorizationDetails(format string, types []string) ([]byte, error) {
// TODO: Add support for requesting multiple credentials at once (by sending an array).
// Currently we always use the first credential type specified in the offer.
authorizationDetails := &authorizationDetails{
Type: "openid_credential",
Types: types,
Format: format,
authorizationDetailsDTO := &authorizationDetails{
CredentialConfigurationID: "",
CredentialDefinition: &issuer.CredentialDefinition{
Context: nil,
CredentialSubject: nil,
Type: types,
},
Format: format,
Locations: nil,
Type: "openid_credential",
}

if i.issuerMetadata.AuthorizationServer != "" {
authorizationDetails.Locations = []string{i.issuerMetadata.CredentialIssuer}
authorizationDetailsDTO.Locations = []string{i.issuerMetadata.CredentialIssuer}
}

authorizationDetailsBytes, err := json.Marshal(authorizationDetails)
authorizationDetailsBytes, err := json.Marshal(authorizationDetailsDTO)
if err != nil {
return nil, err
}
Expand Down
12 changes: 6 additions & 6 deletions pkg/openid4ci/issuerinitiatedinteraction_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -400,9 +400,9 @@ func TestIssuerInitiatedInteraction_CreateAuthorizationURL(t *testing.T) {
authorizationURL, err := interaction.CreateAuthorizationURL("clientID", "redirectURI")
require.NoError(t, err)
require.Contains(t, authorizationURL, authorizationServerURL+
"?authorization_details=%7B%22type%22%3A%22openid_credential%22%2C%22locations"+
"%22%3A%5B%22%22%5D%2C%22types%22%3A%5B%22VerifiableCredential%22%2C%22VerifiedEmployee%22%5D%2C%22"+
"format%22%3A%22jwt_vc_json%22%7D&client_id=clientID")
"?authorization_details=%7B%22credential_definition%22%3A%7B%22type%22%3A%5B%22VerifiableCredential"+
"%22%2C%22VerifiedEmployee%22%5D%7D%2C%22format%22%3A%22jwt_vc_json%22%2C%22locations%22%3A%5B%22%2"+
"2%5D%2C%22type%22%3A%22openid_credential%22%7D&client_id=clientID")
})
t.Run("Using the OAuth Discoverable Client ID Scheme", func(t *testing.T) {
interaction := newIssuerInitiatedInteraction(t, createCredentialOfferIssuanceURI(t, server.URL, true, true))
Expand All @@ -411,9 +411,9 @@ func TestIssuerInitiatedInteraction_CreateAuthorizationURL(t *testing.T) {
openid4ci.WithOAuthDiscoverableClientIDScheme())
require.NoError(t, err)
require.Contains(t, authorizationURL, authorizationServerURL+
"?authorization_details=%7B%22type%22%3A%22openid_credential%22%2C%22locations"+
"%22%3A%5B%22%22%5D%2C%22types%22%3A%5B%22VerifiableCredential%22%2C%22VerifiedEmployee%22%5D%2C%22"+
"format%22%3A%22jwt_vc_json%22%7D&client_id=clientID")
"?authorization_details=%7B%22credential_definition%22%3A%7B%22type%22%3A%5B%22VerifiableCredential"+
"%22%2C%22VerifiedEmployee%22%5D%7D%2C%22format%22%3A%22jwt_vc_json%22%2C%22locations%22%3A%5B%22%2"+
"2%5D%2C%22type%22%3A%22openid_credential%22%7D&client_id=clientID")
})
})
t.Run("Fail to get issuer metadata", func(t *testing.T) {
Expand Down
29 changes: 26 additions & 3 deletions pkg/openid4ci/models.go
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,8 @@ package openid4ci
import (
"encoding/json"
"time"

"github.com/trustbloc/wallet-sdk/pkg/models/issuer"
)

// CredentialOffer represents the Credential Offer object as defined in
Expand All @@ -32,11 +34,32 @@ type AuthorizeResult struct {
UserPINRequired bool
}

// authorizationDetails is a model to convey the details about the Credentials the Client wants to obtain.
type authorizationDetails struct {
Type string `json:"type,omitempty"`
// REQUIRED when Format parameter is not present.
// String specifying a unique identifier of the Credential being described in the
// credential_configurations_supported map in the Credential Issuer Metadata.
// The referenced object in the credential_configurations_supported map conveys the details,
// such as the format, for issuance of the requested Credential.
// It MUST NOT be present if format parameter is present.
CredentialConfigurationID string `json:"credential_configuration_id,omitempty"`

// Object containing the detailed description of the credential type.
CredentialDefinition *issuer.CredentialDefinition `json:"credential_definition,omitempty"`

// REQUIRED when CredentialConfigurationID parameter is not present.
// String identifying the format of the Credential the Wallet needs.
// This Credential format identifier determines further claims in the authorization details object needed
// to identify the Credential type in the requested format.
// It MUST NOT be present if credential_configuration_id parameter is present.
Format string `json:"format,omitempty"`

// An array of strings that allows a client to specify the location of the resource server(s)
// allowing the Authorization Server to mint audience restricted access tokens.
Locations []string `json:"locations,omitempty"`
Types []string `json:"types,omitempty"`
Format string `json:"format,omitempty"`

// String that determines the authorization details type. MUST be set to "openid_credential" for OIDC4VC.
Type string `json:"type"`
}

// OpenIDConfig represents an issuer's OpenID configuration.
Expand Down

0 comments on commit 8b165bb

Please sign in to comment.