Skip to content

Commit

Permalink
feat(openid4vc-client): pre-authorized (openwallet-foundation#1243)
Browse files Browse the repository at this point in the history
This PR adds support for the `pre-authorized` OpenID for Verifiable Credentials issuance flow to the new `openid4vc-client` module.

Here are some highlights of the work:
- Allows the user to execute the entire `pre-authorized` flow by calling a single method.
- Adds a happy-flow test
    - HTTP(S) requests and responses are mocked using a network mocking library called [nock](https://github.com/nock/nock)
    - Because the JSON-LD credential that is received is expanded by the `W3cCredentialService`, I've added a few new contexts to our test document loader.
    - Not-so-happy-flow tests will be added later on. If you have any suggestions for edge cases that deserve testing, feel free to drop a comment.
- Modifies the `JwsService`
    - The `JwsService` was geared towards a very specific use case. I've generalized its API so it's usable for a wider range of applications.
    - All pre-existing tests and calls to the `JwsService` have been updated.

It's worth noting that I have had to add some `@ts-ignore` statements here and there to get around some incomplete types in the `OpenID4VCI-Client` library we're using. Once these issues have been resolved in the client library, they will be removed.

**Work funded by the government of Ontario**

---------

Signed-off-by: Karim Stekelenburg <[email protected]>
Co-authored-by: Timo Glastra <[email protected]>
  • Loading branch information
karimStekelenburg and TimoGlastra committed Mar 17, 2023
1 parent abc23b5 commit e31806e
Show file tree
Hide file tree
Showing 3 changed files with 495 additions and 423 deletions.
20 changes: 11 additions & 9 deletions packages/core/src/crypto/__tests__/JwsService.test.ts
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
import type { AgentContext } from '../../agent'
import type { Wallet } from '@aries-framework/core'
import type { Key, Wallet } from '@aries-framework/core'

import { getAgentConfig, getAgentContext } from '../../../tests/helpers'
import { DidKey } from '../../modules/dids'
Expand All @@ -16,7 +16,8 @@ describe('JwsService', () => {
let wallet: Wallet
let agentContext: AgentContext
let jwsService: JwsService

let didJwsz6MkfKey: Key
let didJwsz6MkvKey: Key
beforeAll(async () => {
const config = getAgentConfig('JwsService')
wallet = new IndyWallet(config.agentDependencies, config.logger, new SigningProviderRegistry([]))
Expand All @@ -27,6 +28,8 @@ describe('JwsService', () => {
await wallet.createAndOpen(config.walletConfig!)

jwsService = new JwsService()
didJwsz6MkfKey = await wallet.createKey({ seed: didJwsz6Mkf.SEED, keyType: KeyType.Ed25519 })
didJwsz6MkvKey = await wallet.createKey({ seed: didJwsz6Mkv.SEED, keyType: KeyType.Ed25519 })
})

afterAll(async () => {
Expand All @@ -35,18 +38,16 @@ describe('JwsService', () => {

describe('createJws', () => {
it('creates a jws for the payload with the key associated with the verkey', async () => {
const key = await wallet.createKey({ seed: didJwsz6Mkf.SEED, keyType: KeyType.Ed25519 })

const payload = JsonEncoder.toBuffer(didJwsz6Mkf.DATA_JSON)
const kid = new DidKey(key).did
const kid = new DidKey(didJwsz6MkfKey).did

const jws = await jwsService.createJws(agentContext, {
payload,
key,
key: didJwsz6MkfKey,
header: { kid },
protectedHeaderOptions: {
alg: 'EdDSA',
jwk: key.toJwk(),
jwk: didJwsz6MkfKey.toJwk(),
},
})

Expand All @@ -58,13 +59,14 @@ describe('JwsService', () => {
it('returns true if the jws signature matches the payload', async () => {
const payload = JsonEncoder.toBuffer(didJwsz6Mkf.DATA_JSON)

const { isValid, signerKeys } = await jwsService.verifyJws(agentContext, {
const { isValid, signerKeys } = await jwsService.verifyJws(agentContext, {
payload,
jws: didJwsz6Mkf.JWS_JSON,
})

expect(isValid).toBe(true)
expect(signerKeys).toEqual([didJwsz6Mkf.VERKEY])
expect(signerKeys).toEqual([didJwsz6MkfKey])
})

it('returns all verkeys that signed the jws', async () => {
Expand All @@ -76,7 +78,7 @@ describe('JwsService', () => {
})

expect(isValid).toBe(true)
expect(signerKeys).toEqual([didJwsz6Mkf.VERKEY, didJwsz6Mkv.VERKEY])
expect(signerKeys).toEqual([didJwsz6MkfKey, didJwsz6MkvKey])
})

it('returns false if the jws signature does not match the payload', async () => {
Expand Down
1 change: 0 additions & 1 deletion packages/openid4vc-client/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,6 @@
"files": [
"build"
],
"private": true,
"license": "Apache-2.0",
"publishConfig": {
"access": "public"
Expand Down
Loading

0 comments on commit e31806e

Please sign in to comment.