Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Change client_id_scheme to a prefix #263

Merged
merged 18 commits into from
Oct 3, 2024
Merged
Show file tree
Hide file tree
Changes from 13 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 3 additions & 3 deletions diagrams/request_uri_mode_post.md
Original file line number Diff line number Diff line change
Expand Up @@ -12,9 +12,9 @@ participant "Verifier" as r
u --> r : use
activate r

r --> u: authorization request\n(client_id, request_uri, request_uri_method=post, [client_id_scheme])
r --> u: authorization request\n(client_id, request_uri, request_uri_method=post)
deactivate r
u --> w: authorization request\n(client_id, request_uri, request_uri_method=post, [client_id_scheme])
u --> w: authorization request\n(client_id, request_uri, request_uri_method=post)
activate w
w --> w: [optional. Check client_id with trust framework]
note over r,w
Expand All @@ -24,7 +24,7 @@ note over r,w
end note
w --> r: POST **request_uri** ([wallet_metadata][, wallet_nonce])
r -> r: create and sign (and optionally encrypt) request object
r --> w: **signed (optionally encrypted) request object** (client_id, client_id_scheme, wallet_nonce, nonce, \nresponse_uri, presentation_definition, state)
r --> w: **signed (optionally encrypted) request object** (client_id, wallet_nonce, nonce, \nresponse_uri, presentation_definition, state)
w -> w: authenticate and\n authorize Verifier

note over u, w: User authentication and Credential selection/confirmation
Expand Down
8 changes: 4 additions & 4 deletions diagrams/request_uri_mode_post_through_browser_api.md
Original file line number Diff line number Diff line change
Expand Up @@ -16,20 +16,20 @@ participant "Wallet" as w
u --> r : use
activate r

r -> wp: navigator.identity.get(\nprotocol="openid4vp",\nrequest="client_id,[client_id_scheme,] \nrequest_uri, request_uri_method=post, \npresentation_definition")
r -> wp: navigator.identity.get(\nprotocol="openid4vp",\nrequest="client_id, \nrequest_uri, request_uri_method=post, \npresentation_definition")

deactivate r
activate wp

wp -> ap: forward request (\norigin="example.verifier.com",\nprotocol="openid4vp",\nrequest="client_id,[client_id_scheme,] \nrequest_uri, request_uri_method=post,\n presentation_definition")
wp -> ap: forward request (\norigin="example.verifier.com",\nprotocol="openid4vp",\nrequest="client_id, \nrequest_uri, request_uri_method=post,\n presentation_definition")
deactivate wp
activate ap

ap -> ap: match wallet
ap -> u: use this wallet?
u -> ap: confirmation

ap -> w: forward request (\norigin="example.verifier.com",\nprotocol="openid4vp",\nrequest="client_id,[client_id_scheme,] \nrequest_uri, request_uri_method=post,\n presentation_definition")
ap -> w: forward request (\norigin="example.verifier.com",\nprotocol="openid4vp",\nrequest="client_id, \nrequest_uri, request_uri_method=post,\n presentation_definition")
deactivate ap

activate w
Expand All @@ -40,7 +40,7 @@ note over r,w
end note
w --> r: POST **request_uri** ([wallet_metadata][, wallet_nonce])
r -> r: create and sign (and optionally encrypt) request object
r --> w: **signed (optionally encrypted) request object** (client_id, client_id_scheme, wallet_nonce, nonce, \npresentation_definition, state)
r --> w: **signed (optionally encrypted) request object** (client_id, wallet_nonce, nonce, \npresentation_definition, state)
w -> w: authenticate and\n authorize Verifier

note over u, w: User authentication and Credential selection/confirmation
Expand Down
8 changes: 4 additions & 4 deletions diagrams/request_uri_mode_post_through_browser_api.plantuml
Original file line number Diff line number Diff line change
Expand Up @@ -16,20 +16,20 @@ participant "Wallet" as w
u --> r : use
activate r

r -> wp: navigator.identity.get(\nprotocol="openid4vp",\nrequest="client_id,[client_id_scheme,] \nrequest_uri, request_uri_method=post, \npresentation_definition")
r -> wp: navigator.identity.get(\nprotocol="openid4vp",\nrequest="client_id, \nrequest_uri, request_uri_method=post, \npresentation_definition")

deactivate r
activate wp

wp -> ap: forward request (\norigin="example.verifier.com",\nprotocol="openid4vp",\nrequest="client_id,[client_id_scheme,] \nrequest_uri, request_uri_method=post,\n presentation_definition")
wp -> ap: forward request (\norigin="example.verifier.com",\nprotocol="openid4vp",\nrequest="client_id, \nrequest_uri, request_uri_method=post,\n presentation_definition")
deactivate wp
activate ap

ap -> ap: match wallet
ap -> u: use this wallet?
u -> ap: confirmation

ap -> w: forward request (\norigin="example.verifier.com",\nprotocol="openid4vp",\nrequest="client_id,[client_id_scheme,] \nrequest_uri, request_uri_method=post,\n presentation_definition")
ap -> w: forward request (\norigin="example.verifier.com",\nprotocol="openid4vp",\nrequest="client_id, \nrequest_uri, request_uri_method=post,\n presentation_definition")
deactivate ap

activate w
Expand All @@ -40,7 +40,7 @@ note over r,w
end note
w --> r: POST **request_uri** ([wallet_metadata][, wallet_nonce])
r -> r: create and sign (and optionally encrypt) request object
r --> w: **signed (optionally encrypted) request object** (client_id, client_id_scheme, wallet_nonce, nonce, \npresentation_definition, state)
r --> w: **signed (optionally encrypted) request object** (client_id, wallet_nonce, nonce, \npresentation_definition, state)
w -> w: authenticate and\n authorize Verifier

note over u, w: User authentication and Credential selection/confirmation
Expand Down
6 changes: 3 additions & 3 deletions diagrams/signed_request_uri_through_browser_api.plantuml
Original file line number Diff line number Diff line change
Expand Up @@ -19,20 +19,20 @@ activate r
note over r,wp
Note that the signed request object contains the Verifier's origin.
end note
r -> wp: navigator.identity.get(\nprotocol="openid4vp",\nrequest="client_id,[client_id_scheme,] request")
r -> wp: navigator.identity.get(\nprotocol="openid4vp",\nrequest="client_id, request")

deactivate r
activate wp

wp -> ap: forward request (\norigin="example.verifier.com",\nprotocol="openid4vp",\nrequest="client_id,[client_id_scheme,] request")
wp -> ap: forward request (\norigin="example.verifier.com",\nprotocol="openid4vp",\nrequest="client_id, request")
deactivate wp
activate ap

ap -> ap: match wallet
ap -> u: use this wallet?
u -> ap: confirmation

ap -> w: forward request (\norigin="example.verifier.com",\nprotocol="openid4vp",\nrequest="client_id,[client_id_scheme,] request")
ap -> w: forward request (\norigin="example.verifier.com",\nprotocol="openid4vp",\nrequest="client_id, request")
deactivate ap

activate w
Expand Down
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
{
"client_id": "https://client.example.org",
"client_id_scheme": "entity_id",
"expected_origins": [
"https://origin1.example.com",
"https://origin2.example.com"
Expand Down
1 change: 0 additions & 1 deletion examples/request/request_object_client_id_did.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
{
"client_id": "did:example:123",
"client_id_scheme": "did",
"response_type": "vp_token",
"redirect_uri": "https://client.example.org/callback",
"nonce": "n-0S6_WzA2Mj",
Expand Down
2 changes: 1 addition & 1 deletion examples/response/jarm_jwt_vc_json_body.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"iss": "did:example:ebfeb1f712ebc6f1c276e12ec21",
"aud": "https://client.example.org/cb",
"aud": "redirect_uri:https://client.example.org/cb",
"exp": 1573029723,
"vp_token": "eyJhb...YMetA",
"presentation_submission": {
Expand Down
2 changes: 1 addition & 1 deletion examples/response/jwt_vp.json
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
{
"iss": "did:example:ebfeb1f712ebc6f1c276e12ec21",
"jti": "urn:uuid:3978344f-8596-4c3a-a978-8fcaba3903c5",
"aud": "https://client.example.org/cb",
"aud": "x509_san_uri:https://client.example.org/cb",
"nbf": 1541493724,
"iat": 1541493724,
"exp": 1573029723,
Expand Down
Loading