Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: custom wallet URI scheme #578

Merged
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions charts/vc-authn-oidc/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -96,6 +96,7 @@ kubectl delete secret,pvc --selector "app.kubernetes.io/instance"=my-release
| `useOobPresentProof` | if True, the present-proof request will be provided as a an [out of band](https://github.com/hyperledger/aries-rfcs/tree/main/features/0434-outofband) invitation with a [present-proof](https://github.com/hyperledger/aries-rfcs/tree/main/features/0037-present-proof) request inside. If False, the present-proof request will be use the [service-decorator](https://github.com/hyperledger/aries-rfcs/tree/main/features/0056-service-decorator) | `false` |
| `useOobLocalDIDService` | | `false` |
| `useUrlDeepLink` | if True, will use the new encoded URL (`didcomm://?_url={redirect URL}`) redirect form of the deep link | `false` |
| `walletDeepLinkPrefix` | Custom URI scheme and host to use for deep links (`{walletDeepLinkPrefix}?c_i={connection payload`) | `bcwallet://aries_proof-request` |
| `controllerCameraRedirectUrl` | The redirect url can be a web link or the name of a template | `wallet_howto` |
| `controllerPresentationExpireTime` | The number of time in seconds a proof request will be valid for | `300` |
| `useHTTPS` | Prepend Agent and Admin URLs with `https` | `true` |
Expand Down
2 changes: 2 additions & 0 deletions charts/vc-authn-oidc/templates/deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -75,6 +75,8 @@ spec:
value: {{ .Values.useOobPresentProof | quote }}
- name: USE_URL_DEEP_LINK
value: {{ .Values.useUrlDeepLink | quote }}
- name: WALLET_DEEP_LINK_PREFIX
value: {{ .Values.walletDeepLinkPrefix }}
- name: SET_NON_REVOKED
value: {{ .Values.setNonRevoked | quote }}
- name: ACAPY_TENANCY
Expand Down
4 changes: 3 additions & 1 deletion charts/vc-authn-oidc/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -30,8 +30,10 @@ setNonRevoked: true
useOobPresentProof: false
## @param useOobLocalDIDService
useOobLocalDIDService: false
## @param useUrlDeepLink if True, will use the new encoded URL (didcomm://?_url={redirect URL}) redirect form of the deep link
## @param useUrlDeepLink if True, will use the new encoded URL (e.g. bcwallet://aries_proof-request?_url={redirect URL}) redirect form of the deep link
useUrlDeepLink: false
## @param walletDeepLinkPrefix URI scheme and host to use in deep links ((e.g. `{WALLET_DEEP_LINK_PREFIX}?c_i={connection invitation payload`))
walletDeepLinkPrefix: bcwallet://aries_proof-request
## @param controllerCameraRedirectUrl The redirect url can be a web link or the name of a template
controllerCameraRedirectUrl: wallet_howto
## @param controllerPresentationExpireTime The number of time in seconds a proof request will be valid for
Expand Down
1 change: 1 addition & 0 deletions docker/docker-compose.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,7 @@ services:
- USE_OOB_PRESENT_PROOF=${USE_OOB_PRESENT_PROOF}
- USE_OOB_LOCAL_DID_SERVICE=${USE_OOB_LOCAL_DID_SERVICE}
- USE_URL_DEEP_LINK=${USE_URL_DEEP_LINK}
- WALLET_DEEP_LINK_PREFIX=${WALLET_DEEP_LINK_PREFIX}
ports:
- ${CONTROLLER_SERVICE_PORT}:5000
- 5678:5678
Expand Down
1 change: 1 addition & 0 deletions docker/manage
Original file line number Diff line number Diff line change
Expand Up @@ -184,6 +184,7 @@ configureEnvironment() {
export USE_OOB_PRESENT_PROOF=${USE_OOB_PRESENT_PROOF:-"false"}
export USE_OOB_LOCAL_DID_SERVICE=${USE_OOB_LOCAL_DID_SERVICE:-"true"}
export USE_URL_DEEP_LINK=${USE_URL_DEEP_LINK:-"false"}
export WALLET_DEEP_LINK_PREFIX=${WALLET_DEEP_LINK_PREFIX:-"bcwallet://aries_proof-request"}

# agent
export AGENT_TENANT_MODE="${AGENT_TENANT_MODE:-single}"
Expand Down
3 changes: 2 additions & 1 deletion docs/ConfigurationGuide.md
Original file line number Diff line number Diff line change
Expand Up @@ -79,7 +79,8 @@ Several functions in VC-AuthN can be tweaked by using the following environment
| SET_NON_REVOKED | bool | if True, the `non_revoked` attributed will be added to each of the present-proof request `requested_attribute` and `requested_predicate` with 'from=0' and'to=`int(time.time())` | |
| USE_OOB_PRESENT_PROOF | bool | if True, the present-proof request will be provided as a an [out of band](https://github.com/hyperledger/aries-rfcs/tree/main/features/0434-outofband) invitation with a [present-proof](https://github.com/hyperledger/aries-rfcs/tree/main/features/0037-present-proof) request inside. If False, the present-proof request will be use the [service-decorator](https://github.com/hyperledger/aries-rfcs/tree/main/features/0056-service-decorator) | **TRUE:** BC Wallet supports our OOB Message with a minor glitch, BiFold, Lissi, Trinsic, and Estatus all read the QR code as 'Invalid' |
| USE_OOB_LOCAL_DID_SERVICE | bool | Instructs VC-AuthN to use a local DID, it must be used when the agent service is not registered on the ledger with a public DID | Use this when `ACAPY_WALLET_LOCAL_DID` is set to `true` in the agent. |
| USE_URL_DEEP_LINK | bool | If True, in Mobile mode the BC Wallet deep link will use an encoded URL (`didcomm://?_url={redirect URL}`), otherwise will use the encoded connection (`bcwallet://aries_proof-request?c_i={connection payload}`) | Default False/.. To control using the new `?_url` handler, which is not in a public release of BC Wallet yet |
| USE_URL_DEEP_LINK | bool | If True, in Mobile mode the BC Wallet deep link will use an encoded URL (`WALLET_DEEP_LINK_PREFIX?_url={redirect URL}`), otherwise will use the encoded connection invitation (`{WALLET_DEEP_LINK_PREFIX}?c_i={connection invitation payload}`) | Default False/.. To control using the new `?_url` handler, which is not in a public release of BC Wallet yet |
| WALLET_DEEP_LINK_PREFIX | string | Custom URI scheme and host to use for deep links (e.g. `{WALLET_DEEP_LINK_PREFIX}?c_i={connection invitation payload`) | Default bcwallet://aries_proof-request |
| LOG_WITH_JSON | bool | If True, logging output should printed as JSON if False it will be pretty printed. | Default behavior will print as JSON. |
| LOG_TIMESTAMP_FORMAT | string | determines the timestamp formatting used in logs | Default is "iso" |
| LOG_LEVEL | "DEBUG", "INFO", "WARNING", or "ERROR" | sets the minimum log level that will be printed to standard out | Defaults to DEBUG |
Expand Down
3 changes: 3 additions & 0 deletions oidc-controller/api/core/config.py
Original file line number Diff line number Diff line change
Expand Up @@ -222,6 +222,9 @@ class GlobalConfig(BaseSettings):
os.environ.get("USE_OOB_LOCAL_DID_SERVICE", True)
)
USE_URL_DEEP_LINK: bool = strtobool(os.environ.get("USE_URL_DEEP_LINK", False))
WALLET_DEEP_LINK_PREFIX: str = os.environ.get(
"WALLET_DEEP_LINK_PREFIX",
"bcwallet://aries_proof-request")
SET_NON_REVOKED: bool = strtobool(os.environ.get("SET_NON_REVOKED", True))

model_config = ConfigDict(case_sensitive=True)
Expand Down
3 changes: 2 additions & 1 deletion oidc-controller/api/routers/oidc.py
Original file line number Diff line number Diff line change
Expand Up @@ -168,7 +168,8 @@ async def get_authorize(request: Request, db: Database = Depends(get_db)):
)
else:
suffix = f'c_i={base64.b64encode(formated_msg.encode("utf-8")).decode("utf-8")}'
wallet_deep_link = f"bcwallet://aries_proof-request?{suffix}"
WALLET_DEEP_LINK_PREFIX = settings.WALLET_DEEP_LINK_PREFIX
wallet_deep_link = f"{WALLET_DEEP_LINK_PREFIX}?{suffix}"

# This is the payload to send to the template
data = {
Expand Down