From 625299b6e6d1e682dfab415b0444ea1551137c2f Mon Sep 17 00:00:00 2001 From: mikeplotean Date: Tue, 12 Sep 2023 13:28:59 +0300 Subject: [PATCH] authorize method --- .../conformance/CredentialIssuanceFlow.kt | 99 ++++++++++++++++++- .../ecosystems/essif/conformance/Test.kt | 2 +- .../AccreditAndAuthorizeTests.kt | 2 +- ...rifiableAuthorisationForTrustChainToTIR.kt | 2 +- ...estVerifiableAuthorisationForTrustChain.kt | 2 +- ...otTrustedAccreditationOrganizationTests.kt | 2 +- ...bleAccreditationToAccreditForSubAccount.kt | 2 +- ...iableAccreditationToAttestForSubAccount.kt | 2 +- ...ableAuthorisationToOnboardForSubAccount.kt | 2 +- ...rVerifiableAccreditationToAccreditToTIR.kt | 2 +- ...equestVerifiableAccreditationToAccredit.kt | 2 +- .../tao/RevokeAccreditationsForSubAccount.kt | 2 +- .../TrustedAccreditationOrganizationTests.kt | 2 +- .../ti/AccreditationAsTrustedIssuer.kt | 2 +- .../ti/IssuerAndRevoke.kt | 2 +- .../accreditandauthorize/ti/Onboarding.kt | 4 +- .../ti/TrustedIssuerTests.kt | 2 +- 17 files changed, 113 insertions(+), 20 deletions(-) diff --git a/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/CredentialIssuanceFlow.kt b/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/CredentialIssuanceFlow.kt index 68881b89..3c619e4b 100644 --- a/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/CredentialIssuanceFlow.kt +++ b/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/CredentialIssuanceFlow.kt @@ -1,15 +1,95 @@ package id.walt.services.ecosystems.essif.conformance +import com.beust.klaxon.Klaxon +import id.walt.crypto.KeyAlgorithm +import id.walt.model.DidMethod +import id.walt.servicematrix.ServiceMatrix +import id.walt.services.WaltIdServices +import id.walt.services.did.DidEbsiCreateOptions +import id.walt.services.did.DidService +import id.walt.services.jwt.JwtService +import id.walt.services.key.KeyService +import io.ktor.client.* +import io.ktor.client.plugins.contentnegotiation.* +import io.ktor.client.plugins.logging.* +import io.ktor.client.request.* +import io.ktor.client.statement.* +import io.ktor.serialization.kotlinx.json.* +import kotlinx.coroutines.runBlocking +import kotlinx.serialization.json.Json +import java.util.* + object CredentialIssuanceFlow { - fun getCredential(type: String) { - val queryParams = authorizeRequest() + const val authorizationServer = "https://conformance-test.ebsi.eu/conformance/v3/auth-mock" + const val authorizationEndpoint = "https://conformance-test.ebsi.eu/conformance/v3/auth-mock/authorize" + const val credentialIssuer = "https://conformance-test.ebsi.eu/conformance/v3/issuer-mock" + + private val klaxon = Klaxon() + private val http = HttpClient { + install(ContentNegotiation) { + json(Json { ignoreUnknownKeys = true }) + } + if (WaltIdServices.httpLogging) { + install(Logging) { + logger = Logger.DEFAULT + level = LogLevel.ALL + } + } + } + + suspend fun getCredential(type: String) { + val queryParams = authorizeRequest(type) val idTokenParams = directPostIdTokenRequest() val authToken = authTokenRequest() val jwtCredential = credentialRequest() decodeCredential(jwtCredential) } - private fun authorizeRequest() {} + /*private */suspend fun authorizeRequest(credential: String): String { + // create keys (ES256 & ES256k) + val key = KeyService.getService().generate(KeyAlgorithm.ECDSA_Secp256k1) + // create did + val did = DidService.create(DidMethod.ebsi, key.id, DidEbsiCreateOptions(version = 1)) + // client-id + val clientId = "https://conformance-test.ebsi.eu/conformance/v3/client-mock/$did" + val scope = "openid" + val clientMetadata = getClientMetadata(clientId) + val authorizationDetails = listOf(getAuthorizationDetails(getCredentialRequestedTypesList(credential), credentialIssuer)) + val queryParams = mapOf( + "scope" to scope, + "client_id" to clientId, + "client_metadata" to clientMetadata, + "redirect_uri" to "$clientId/code-cb", + "response_type" to "code", + "state" to UUID.randomUUID().toString(), + "authorization_details" to authorizationDetails, + //TODO:??? +// "code_challenge" to "", +// "code_challenge_method" to "", +// "issuer_state" to "", + ) + val jwtPayload = mapOf( + "client_metadata" to clientMetadata, + "authorization_details" to authorizationDetails + ).plus(queryParams) + .plus(mapOf( + "iss" to clientId, + "aud" to credentialIssuer + )) + // TODO: set issuer, set audience + val requestParam = JwtService.getService().sign(key.id, klaxon.toJsonString(jwtPayload)) + val authResponse = http.get(authorizationEndpoint){ + url{ + queryParams.forEach{ + parameters.append(it.key, klaxon.toJsonString(it.value)) + } + parameters.append("request", requestParam) + } + } + //TODO: parse response + val parseResponse = authResponse.bodyAsText() + return parseResponse + } private fun directPostIdTokenRequest() {} private fun authTokenRequest() {} private fun credentialRequest(): String { @@ -26,4 +106,17 @@ object CredentialIssuanceFlow { else -> {} } }.plus(type) + + private fun getClientMetadata(clientId: String) = mapOf( + "redirect_uris" to listOf("$clientId/code-cb"), + "jwks_uri" to "$clientId/jwks", + "authorization_endpoint" to "$clientId/authorize" + ) + + private fun getAuthorizationDetails(credentialTypes: List, credentialIssuer: String) = mapOf( + "type" to "openid_credential", + "format" to "jwt_vc", + "types" to credentialTypes, + "locations" to listOf(credentialIssuer), + ) } diff --git a/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/Test.kt b/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/Test.kt index e3984621..b4c7c4a5 100644 --- a/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/Test.kt +++ b/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/Test.kt @@ -1,5 +1,5 @@ package id.walt.services.ecosystems.essif.conformance interface Test { - fun run() + suspend fun run() } diff --git a/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/AccreditAndAuthorizeTests.kt b/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/AccreditAndAuthorizeTests.kt index caccc6d6..b8694dc0 100644 --- a/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/AccreditAndAuthorizeTests.kt +++ b/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/AccreditAndAuthorizeTests.kt @@ -6,7 +6,7 @@ import id.walt.services.ecosystems.essif.conformance.accreditandauthorize.tao.Tr import id.walt.services.ecosystems.essif.conformance.accreditandauthorize.ti.TrustedIssuerTests object AccreditAndAuthorizeTests : Test { - override fun run() { + override suspend fun run() { TrustedIssuerTests.run() TrustedAccreditationOrganizationTests.run() RootTrustedAccreditationOrganizationTests.run() diff --git a/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/rtao/RegisterVerifiableAuthorisationForTrustChainToTIR.kt b/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/rtao/RegisterVerifiableAuthorisationForTrustChainToTIR.kt index 2355884e..63d96bb7 100644 --- a/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/rtao/RegisterVerifiableAuthorisationForTrustChainToTIR.kt +++ b/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/rtao/RegisterVerifiableAuthorisationForTrustChainToTIR.kt @@ -3,7 +3,7 @@ package id.walt.services.ecosystems.essif.conformance.accreditandauthorize.rtao import id.walt.services.ecosystems.essif.conformance.Test object RegisterVerifiableAuthorisationForTrustChainToTIR : Test { - override fun run() { + override suspend fun run() { TODO("Not yet implemented") } } diff --git a/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/rtao/RequestVerifiableAuthorisationForTrustChain.kt b/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/rtao/RequestVerifiableAuthorisationForTrustChain.kt index 19b89e08..ec3e8b4c 100644 --- a/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/rtao/RequestVerifiableAuthorisationForTrustChain.kt +++ b/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/rtao/RequestVerifiableAuthorisationForTrustChain.kt @@ -3,7 +3,7 @@ package id.walt.services.ecosystems.essif.conformance.accreditandauthorize.rtao import id.walt.services.ecosystems.essif.conformance.Test object RequestVerifiableAuthorisationForTrustChain : Test { - override fun run() { + override suspend fun run() { TODO("Not yet implemented") } } diff --git a/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/rtao/RootTrustedAccreditationOrganizationTests.kt b/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/rtao/RootTrustedAccreditationOrganizationTests.kt index 1203efef..d521ce6a 100644 --- a/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/rtao/RootTrustedAccreditationOrganizationTests.kt +++ b/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/rtao/RootTrustedAccreditationOrganizationTests.kt @@ -3,7 +3,7 @@ package id.walt.services.ecosystems.essif.conformance.accreditandauthorize.rtao import id.walt.services.ecosystems.essif.conformance.Test object RootTrustedAccreditationOrganizationTests : Test { - override fun run() { + override suspend fun run() { RequestVerifiableAuthorisationForTrustChain.run() RegisterVerifiableAuthorisationForTrustChainToTIR.run() } diff --git a/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/tao/IssueVerifiableAccreditationToAccreditForSubAccount.kt b/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/tao/IssueVerifiableAccreditationToAccreditForSubAccount.kt index ea3a9c5e..726c5365 100644 --- a/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/tao/IssueVerifiableAccreditationToAccreditForSubAccount.kt +++ b/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/tao/IssueVerifiableAccreditationToAccreditForSubAccount.kt @@ -3,7 +3,7 @@ package id.walt.services.ecosystems.essif.conformance.accreditandauthorize.tao import id.walt.services.ecosystems.essif.conformance.Test object IssueVerifiableAccreditationToAccreditForSubAccount : Test { - override fun run() { + override suspend fun run() { TODO("Not yet implemented") } } diff --git a/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/tao/IssueVerifiableAccreditationToAttestForSubAccount.kt b/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/tao/IssueVerifiableAccreditationToAttestForSubAccount.kt index 455d6657..86ad55f7 100644 --- a/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/tao/IssueVerifiableAccreditationToAttestForSubAccount.kt +++ b/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/tao/IssueVerifiableAccreditationToAttestForSubAccount.kt @@ -3,7 +3,7 @@ package id.walt.services.ecosystems.essif.conformance.accreditandauthorize.tao import id.walt.services.ecosystems.essif.conformance.Test object IssueVerifiableAccreditationToAttestForSubAccount : Test { - override fun run() { + override suspend fun run() { TODO("Not yet implemented") } } diff --git a/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/tao/IssueVerifiableAuthorisationToOnboardForSubAccount.kt b/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/tao/IssueVerifiableAuthorisationToOnboardForSubAccount.kt index a55a3dbb..aec966e2 100644 --- a/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/tao/IssueVerifiableAuthorisationToOnboardForSubAccount.kt +++ b/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/tao/IssueVerifiableAuthorisationToOnboardForSubAccount.kt @@ -3,7 +3,7 @@ package id.walt.services.ecosystems.essif.conformance.accreditandauthorize.tao import id.walt.services.ecosystems.essif.conformance.Test object IssueVerifiableAuthorisationToOnboardForSubAccount : Test { - override fun run() { + override suspend fun run() { TODO("Not yet implemented") } } diff --git a/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/tao/RegisterVerifiableAccreditationToAccreditToTIR.kt b/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/tao/RegisterVerifiableAccreditationToAccreditToTIR.kt index b0281da2..b2a87f0f 100644 --- a/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/tao/RegisterVerifiableAccreditationToAccreditToTIR.kt +++ b/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/tao/RegisterVerifiableAccreditationToAccreditToTIR.kt @@ -3,7 +3,7 @@ package id.walt.services.ecosystems.essif.conformance.accreditandauthorize.tao import id.walt.services.ecosystems.essif.conformance.Test object RegisterVerifiableAccreditationToAccreditToTIR : Test { - override fun run() { + override suspend fun run() { TODO("Not yet implemented") } } diff --git a/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/tao/RequestVerifiableAccreditationToAccredit.kt b/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/tao/RequestVerifiableAccreditationToAccredit.kt index 4061f96f..653e8388 100644 --- a/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/tao/RequestVerifiableAccreditationToAccredit.kt +++ b/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/tao/RequestVerifiableAccreditationToAccredit.kt @@ -4,7 +4,7 @@ import id.walt.services.ecosystems.essif.conformance.CredentialIssuanceFlow import id.walt.services.ecosystems.essif.conformance.Test object RequestVerifiableAccreditationToAccredit : Test { - override fun run() { + override suspend fun run() { val credential = CredentialIssuanceFlow.getCredential("VerifiableAccreditationToAccredit") TODO("Not yet implemented") } diff --git a/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/tao/RevokeAccreditationsForSubAccount.kt b/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/tao/RevokeAccreditationsForSubAccount.kt index 82276940..189afd9e 100644 --- a/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/tao/RevokeAccreditationsForSubAccount.kt +++ b/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/tao/RevokeAccreditationsForSubAccount.kt @@ -3,7 +3,7 @@ package id.walt.services.ecosystems.essif.conformance.accreditandauthorize.tao import id.walt.services.ecosystems.essif.conformance.Test object RevokeAccreditationsForSubAccount : Test { - override fun run() { + override suspend fun run() { TODO("Not yet implemented") } } diff --git a/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/tao/TrustedAccreditationOrganizationTests.kt b/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/tao/TrustedAccreditationOrganizationTests.kt index ef56e3b6..760e8b68 100644 --- a/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/tao/TrustedAccreditationOrganizationTests.kt +++ b/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/tao/TrustedAccreditationOrganizationTests.kt @@ -3,7 +3,7 @@ package id.walt.services.ecosystems.essif.conformance.accreditandauthorize.tao import id.walt.services.ecosystems.essif.conformance.Test object TrustedAccreditationOrganizationTests : Test { - override fun run() { + override suspend fun run() { RequestVerifiableAccreditationToAccredit.run() RegisterVerifiableAccreditationToAccreditToTIR.run() IssueVerifiableAuthorisationToOnboardForSubAccount.run() diff --git a/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/ti/AccreditationAsTrustedIssuer.kt b/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/ti/AccreditationAsTrustedIssuer.kt index 8a944991..9bd75057 100644 --- a/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/ti/AccreditationAsTrustedIssuer.kt +++ b/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/ti/AccreditationAsTrustedIssuer.kt @@ -3,7 +3,7 @@ package id.walt.services.ecosystems.essif.conformance.accreditandauthorize.ti import id.walt.services.ecosystems.essif.conformance.Test object AccreditationAsTrustedIssuer: Test { - override fun run() { + override suspend fun run() { TODO("Not yet implemented") } } diff --git a/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/ti/IssuerAndRevoke.kt b/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/ti/IssuerAndRevoke.kt index 91c582b6..b0b4639b 100644 --- a/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/ti/IssuerAndRevoke.kt +++ b/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/ti/IssuerAndRevoke.kt @@ -3,7 +3,7 @@ package id.walt.services.ecosystems.essif.conformance.accreditandauthorize.ti import id.walt.services.ecosystems.essif.conformance.Test object IssuerAndRevoke: Test { - override fun run() { + override suspend fun run() { TODO("Not yet implemented") } } diff --git a/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/ti/Onboarding.kt b/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/ti/Onboarding.kt index 822945b0..fe1b2a4b 100644 --- a/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/ti/Onboarding.kt +++ b/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/ti/Onboarding.kt @@ -5,13 +5,13 @@ import id.walt.services.ecosystems.essif.conformance.CredentialIssuanceFlow import id.walt.services.ecosystems.essif.conformance.Test object Onboarding : Test { - override fun run() { + override suspend fun run() { ConformanceLog.log("Onboarding") requestCredential() registerDidDocument("") } - fun requestCredential() { + suspend fun requestCredential() { ConformanceLog.log("Request VerifiableAuthorisationToOnboard") val credential = CredentialIssuanceFlow.getCredential("VerifiableAuthorizationToOnboard") } diff --git a/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/ti/TrustedIssuerTests.kt b/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/ti/TrustedIssuerTests.kt index 67e06e07..90dfd23b 100644 --- a/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/ti/TrustedIssuerTests.kt +++ b/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/ti/TrustedIssuerTests.kt @@ -3,7 +3,7 @@ package id.walt.services.ecosystems.essif.conformance.accreditandauthorize.ti import id.walt.services.ecosystems.essif.conformance.Test object TrustedIssuerTests : Test { - override fun run() { + override suspend fun run() { Onboarding.run() AccreditationAsTrustedIssuer.run() IssuerAndRevoke.run()