Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: update handling of OIDC auth requests (dynamic presentation submission creation) #658

Merged
merged 8 commits into from
Jan 15, 2025
Merged
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Next Next commit
chore: update pex and fix SES errors (functionality not tested yet)
  • Loading branch information
martines3000 committed Dec 28, 2024
commit eed196eeccbd2992868d587697494d73c8939d15
4 changes: 2 additions & 2 deletions libs/oidc/client-plugin/package.json
Original file line number Diff line number Diff line change
@@ -22,7 +22,7 @@
"dependencies": {
"@blockchain-lab-um/oidc-types": "0.1.0-beta.0",
"@blockchain-lab-um/utils": "1.4.0-beta.1",
"@sphereon/pex": "^2.0.1",
"@sphereon/pex": "^3.3.3",
"@veramo/core": "6.0.0",
"@veramo/utils": "6.0.0",
"cross-fetch": "^4.0.0",
@@ -31,7 +31,7 @@
"qs": "^6.11.2"
},
"devDependencies": {
"@sphereon/ssi-types": "^0.11.0",
"@sphereon/ssi-types": "0.22.0",
"@types/qs": "^6.9.12",
"@vitest/coverage-v8": "1.6.0",
"jest-extended": "4.0.2",
22 changes: 15 additions & 7 deletions libs/oidc/client-plugin/src/agent/client-plugin.ts
Original file line number Diff line number Diff line change
@@ -17,7 +17,7 @@ import {
uint8ArrayToHex,
} from '@blockchain-lab-um/utils';
import { PEX } from '@sphereon/pex';
import type { IVerifiableCredential } from '@sphereon/ssi-types';
import type { OriginalVerifiableCredential } from '@sphereon/ssi-types';
import type { IAgentPlugin } from '@veramo/core';
import { bytesToBase64url } from '@veramo/utils';
import { fetch } from 'cross-fetch';
@@ -75,7 +75,6 @@ export class OIDCClientPlugin implements IAgentPlugin {
codeVerifier: null,
};

// FIXME: Set proxy to masca.io
public proxyUrl = 'https://masca.io/api/proxy/oidc';

readonly methods: IOIDCClientPlugin = {
@@ -593,7 +592,7 @@ export class OIDCClientPlugin implements IAgentPlugin {

public async selectCredentials(
args: SelectCredentialsArgs
): Promise<Result<IVerifiableCredential[]>> {
): Promise<Result<OriginalVerifiableCredential[]>> {
const { credentials } = args;

if (!credentials) {
@@ -607,7 +606,7 @@ export class OIDCClientPlugin implements IAgentPlugin {
return ResultObject.error('Presentation definition not found');
}

const map = new Map<string, IVerifiableCredential>();
const map = new Map<string, OriginalVerifiableCredential>();

const errors: string[] = [];

@@ -619,9 +618,18 @@ export class OIDCClientPlugin implements IAgentPlugin {
input_descriptors: [inputDescriptor],
};

const { verifiableCredential } = pex.selectFrom(
presentationDefinitionSplit,
credentials
const {
verifiableCredential,
errors: selectErrors,
warnings,
areRequiredCredentialsPresent,
} = pex.selectFrom(presentationDefinitionSplit, credentials);

// TODO: Delete debug logging
console.log(`Select errors: ${JSON.stringify(selectErrors)}`);
console.log(`Warnings: ${JSON.stringify(warnings)}`);
console.log(
`Required credentials present: ${areRequiredCredentialsPresent}`
);

if (!verifiableCredential || verifiableCredential.length === 0) {
4 changes: 2 additions & 2 deletions libs/oidc/client-plugin/src/types/IOIDCClientPlugin.ts
Original file line number Diff line number Diff line change
@@ -8,7 +8,7 @@ import type {
TokenResponse,
} from '@blockchain-lab-um/oidc-types';
import type { Result } from '@blockchain-lab-um/utils';
import type { IVerifiableCredential } from '@sphereon/ssi-types';
import type { OriginalVerifiableCredential } from '@sphereon/ssi-types';
import type { IAgentContext, IPluginMethodMap, IResolver } from '@veramo/core';

import type {
@@ -45,7 +45,7 @@ export interface IOIDCClientPlugin extends IPluginMethodMap {
): Promise<Result<AuthorizationRequest>>;
selectCredentials(
args: SelectCredentialsArgs
): Promise<Result<IVerifiableCredential[]>>;
): Promise<Result<OriginalVerifiableCredential[]>>;
createPresentationSubmission(
args: CreatePresentationSubmissionArgs
): Promise<Result<PresentationSubmission>>;
5 changes: 3 additions & 2 deletions package.json
Original file line number Diff line number Diff line change
@@ -24,7 +24,6 @@
"email": "[email protected]",
"url": "https://blockchain-lab.um.si"
},

"scripts": {
"build": "pnpm nx run-many --target=build",
"build:docker": "./scripts/build-docker.sh",
@@ -80,7 +79,9 @@
"[email protected]": "patches/[email protected]",
"@iden3/[email protected]": "patches/@[email protected]",
"[email protected]": "patches/[email protected]",
"@metamask/snaps-sdk": "patches/@metamask__snaps-sdk.patch"
"@metamask/snaps-sdk": "patches/@metamask__snaps-sdk.patch",
"@astronautlabs/jsonpath": "patches/@astronautlabs__jsonpath.patch",
"escodegen": "patches/escodegen.patch"
},
"allowNonAppliedPatches": false
}
8 changes: 5 additions & 3 deletions packages/snap/package.json
Original file line number Diff line number Diff line change
@@ -71,6 +71,7 @@
"@metamask/providers": "17.1.2",
"@metamask/snaps-sdk": "6.9.0",
"@metamask/utils": "9.3.0",
"@sphereon/pex": "3.3.3",
"@veramo/core": "6.0.0",
"@veramo/credential-eip712": "6.0.0",
"@veramo/credential-ld": "6.0.0",
@@ -101,20 +102,21 @@
},
"devDependencies": {
"@ceramicnetwork/streamid": "2.17.0",
"@metamask/snaps-cli": "6.5.0",
"@metamask/snaps-cli": "6.6.0",
"@metamask/snaps-utils": "8.4.1",
"@sphereon/ssi-types": "0.22.0",
"@types/elliptic": "^6.4.18",
"@types/jsonpath": "^0.2.4",
"@types/lodash.clonedeep": "^4.5.9",
"@types/qs": "^6.9.12",
"@types/react": "18.2.14",
"@types/react-dom": "18.2.4",
"@vitest/coverage-v8": "1.6.0",
"desm": "^1.3.1",
"esbuild": "0.21.1",
"jest-extended": "^4.0.2",
"jose": "^5.2.2",
"node-stdlib-browser": "^1.2.0",
"@types/react": "18.2.14",
"@types/react-dom": "18.2.4",
"vite": "^5.2.11",
"vite-tsconfig-paths": "^4.3.2",
"vitest": "1.6.0"
3 changes: 2 additions & 1 deletion packages/snap/snap.manifest.json
Original file line number Diff line number Diff line change
@@ -26,7 +26,7 @@
"./files/circuits/credentialAtomicQuerySigV2/circuit_final.zkey",
"./files/circuits/credentialAtomicQuerySigV2/verification_key.json"
],
"shasum": "8z+x2k7IWORaxqEwcU2DDZZDy0IhYelIz+P/nqeRBso="
"shasum": "CJh1jRfCNOwG/ze3cGV4olqblCYVvA0HhK3+V1OLsuI="
},
"initialPermissions": {
"endowment:ethereum-provider": {},
@@ -40,5 +40,6 @@
"snap_manageState": {},
"endowment:webassembly": {}
},
"platformVersion": "6.9.0",
"manifestVersion": "0.1"
}
25 changes: 18 additions & 7 deletions packages/snap/src/veramo/Veramo.service.ts
Original file line number Diff line number Diff line change
@@ -83,6 +83,7 @@ import {
} from '@veramo/key-manager';
import { KeyManagementSystem } from '@veramo/kms-local';
import { decodeCredentialToObject } from '@veramo/utils';
import type { IVerifiableCredential } from '@sphereon/ssi-types';
import { type DIDResolutionResult, Resolver } from 'did-resolver';
import {
type ProviderConfiguration,
@@ -824,7 +825,6 @@ class VeramoService {
throw new Error('presentation_definition is required');
}

// if(!credentials) {
const store = ['snap'] as AvailableCredentialStores[];

const queryResults = await VeramoService.queryCredentials({
@@ -842,13 +842,21 @@ class VeramoService {
throw new Error(selectCredentialsResult.error);
}

const decodedCredentials = selectCredentialsResult.data.map(
(credential) => decodeCredentialToObject(credential)
);
// NOTE: We filter out `JwtDecodedVerifiableCredential` | `SdJwtDecodedVerifiableCredential` types
const decodedCredentials = selectCredentialsResult.data
.map((credential) =>
typeof credential === 'string'
? (decodeCredentialToObject(credential) as IVerifiableCredential)
: credential
)
.filter(
(credential) =>
(credential as IVerifiableCredential).proof !== undefined
) as IVerifiableCredential[];

const createPresentationSubmissionResult =
await VeramoService.instance.createPresentationSubmission({
credentials: decodedCredentials as any,
credentials: decodedCredentials,
});

if (isError(createPresentationSubmissionResult)) {
@@ -861,8 +869,11 @@ class VeramoService {
await VeramoService.instance.createVerifiablePresentation({
presentation: {
holder: did,
verifiableCredential: decodedCredentials.map(
(credential) => credential.proof.jwt
// NOTE: We make an assumption that the first proof is the one we want and that it is a JWT proof
verifiableCredential: decodedCredentials.map((credential) =>
Array.isArray(credential.proof)
? (credential.proof[0].jwt as string)
: (credential.proof.jwt as string)
),
},
proofFormat: 'jwt',
Loading