Skip to content

DC API pre-phase #369

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 7 commits into
base: main
Choose a base branch
from
Draft

DC API pre-phase #369

wants to merge 7 commits into from

Conversation

vafeini
Copy link
Contributor

@vafeini vafeini commented May 19, 2025

As a pre-phase before introducing DC API the following refactorings are perfomed as analyzed in #349

  • Merge functionality of RequestObjectValidator and RequestObjectResolver into one. ValidatedRequestObject model will be deprecated and the ResolvedRequestObject will be the outcome of this step
  • Deprecate support to predentation_definition_uri. Client metadata will be advertizing presentation_definition_uri_supported = false
  • The FetchedRequest hierarchy should be generalized to be a sealed hierarchy of 2 members:
    • Unsinged -> equivalent to current Plain data class
    • Signed -> is a new abstraction that merges the concerns of single-signed and multi-signed authorization request

@vafeini vafeini requested review from babisRoutis and dzarras May 19, 2025 07:56
@vafeini vafeini added this to the SiopOpenId4VP-v0.10.0 milestone May 19, 2025
@vafeini vafeini force-pushed the feat/dc_api_prephase branch 3 times, most recently from ccc94ea to 9efad0a Compare May 20, 2025 10:42
@vafeini vafeini changed the base branch from release/0.10.0 to main May 20, 2025 10:42
vafeini added 3 commits May 21, 2025 09:22
@vafeini
Merge authorization request validation and resolution into one compon…
304b673 
…ent to be executed as one step that validates and resolves the authorization request
@vafeini
Deprecate presentationDefinitionUriSupported from VPConfiguration and…
989951c 
… in wallet metadata set presentation_definition_uri_supported to false by default
@vafeini
Introduced ReceivedRequest abstraction to accommodate single and mult…
c65edb5 
…i-signed authorization requests.
@vafeini vafeini force-pushed the feat/dc_api_prephase branch from 9efad0a to c65edb5 Compare May 21, 2025 06:22
babisRoutis
babisRoutis reviewed May 23, 2025
View reviewed changes
src/main/kotlin/eu/europa/ec/eudi/openid4vp/Config.kt
Value of presentation_definition_uri_supported in wallet metadata will be set to false by default
""",
)
val presentationDefinitionUriSupported: Boolean = false,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Consider removing it from the constructor.
Alternatively, keep the constructor argument but remove the val

babisRoutis
babisRoutis requested changes May 23, 2025
View reviewed changes
Copy link
Contributor

@babisRoutis babisRoutis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just a single change for your consideration.

Create a class representating JWS in Json and change the ReceivedRequest.Signed to contain it

@vafeini
Remove indirection between spec and JwsSigned. Replaced data class Jw…
10b2607 
…sSigned with sealed interface JwsJson with 2 members, General and Flattened.
babisRoutis
babisRoutis reviewed May 30, 2025
View reviewed changes
src/main/kotlin/eu/europa/ec/eudi/openid4vp/internal/RFC7515Spec.kt
val signature: Base64UrlNoPadding,
)

@Serializable(with = Base64UrlNoPaddingSerializer::class)
Copy link
Contributor

@babisRoutis babisRoutis May 30, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Consider implementing Base64UrlNoPadding as a value class have a value attribute.
Perhaps

  • fun <T> decode( f: (ByteArray) ->T): T can be added
  • fun decode(): ByteArray = decode { it }

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Base64UrlNoPadding is already a data class with one value attribute. Do you mean to have this attribute be a ByteArray?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No i mean literally instead of data class to defined it as value class

babisRoutis
babisRoutis reviewed May 30, 2025
View reviewed changes
...n/kotlin/eu/europa/ec/eudi/openid4vp/internal/request/DefaultAuthorizationRequestResolver.kt Outdated
SignedJWT.parse("${it.header.protected}.${jwsSigned.payload}.${it.signature}")
internal fun ReceivedRequest.Signed.toSignedJwts(): List<SignedJWT> = when (jwsJson) {
is JwsJson.Flattened -> listOf(
SignedJWT.parse("${jwsJson.protected}.${jwsJson.payload}.${jwsJson.signature}"),
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nimbus provides a class that is in par withJwsJson.Flattened named JWSObject

Consider JwsJson.Flattened -> JWSObject -> SignedJWT

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

To be honest I don't see the benefit to go first to JWSObject and then to SignedJWT. JWSObject would have to be serialized to compact form and then call SignedJWT.parse() with no benefit doing that instead of calling directly SignedJWT.parse()

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I am not sure about this.

@ThreadSafe
public class SignedJWT extends JWSObject implements JWT {

SignedJWT is a JWSObject

Copy link
Contributor Author

@vafeini vafeini Jun 1, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

True but what is the benefit converting JwsJson.Flattened to JWSObject and then to SignedJWT?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@babisRoutis babisRoutis babisRoutis approved these changes

@dzarras dzarras Awaiting requested review from dzarras

Assignees
No one assigned
Labels
do not merge
Projects
None yet
Milestone
SiopOpenId4VP-v0.10.0
Development

Successfully merging this pull request may close these issues.
2 participants
@vafeini @babisRoutis