Skip to content

Fixes for presentation during issuance workflow. #981

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
May 2, 2025
Merged

Fixes for presentation during issuance workflow. #981

merged 1 commit into from
May 2, 2025

Conversation

sorotokin
Copy link
Contributor

Minimal PR that brings presentation-during-issuance implementation to the current spec, in particular with DCQL. (More work will follow up to integrate PresentmentModel with the ProvisioningModel, in particular to select potentially matching credential(s) more intellegently).

Testing: tested openid4vci issuance workflow with our own openid4vci server implementation.

@sorotokin sorotokin marked this pull request as ready for review May 2, 2025 20:14
davidz25
davidz25 approved these changes May 2, 2025
View reviewed changes
Copy link
Contributor

@davidz25 davidz25 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Couple of nits otherwise LGTM, thanks

server/src/main/java/org/multipaz/server/openid4vci/openid4vp.kt Outdated
)
}
putJsonArray("claims") {
// TODO: support path-based claims, e.g. ["address", "postal_code"]
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this comment can be removed here (and also in VerifierServlet.kt please)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done

server/src/main/java/org/multipaz/server/openid4vci/openid4vp.kt Outdated
@@ -176,7 +229,7 @@ private fun calcClientMetadata(publicKey: EcPublicKey): JsonObject {
}
return buildJsonObject {
put("authorization_encrypted_response_alg", "ECDH-ES")
put("authorization_encrypted_response_enc", "A128CBC-HS256")
put("authorization_encrypted_response_enc", "A128GCM")
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Algorithm.A128GCM.joseAlgorithmIdentifier might be nicer.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done

@sorotokin sorotokin force-pushed the present-during-issuance branch from aca22c6 to d4e9e93 Compare May 2, 2025 20:32
@sorotokin
Fixes for presentation during issuance workflow.
30cfe22 
Minimal PR that brings presentation-during-issuance implementation to the current spec, in particular with DCQL.
(More work will follow up to integrate PresentmentModel with the ProvisioningModel, in particular to select
potentially matching credential(s) more intellegently).

Testing: tested openid4vci issuance workflow with our own openid4vci server implementation.

Signed-off-by: Peter Sorotokin <sorotokin@gmail.com>
@sorotokin sorotokin force-pushed the present-during-issuance branch from d4e9e93 to 30cfe22 Compare May 2, 2025 20:34
@sorotokin sorotokin merged commit 0782d2d into main May 2, 2025
6 checks passed
@sorotokin sorotokin deleted the present-during-issuance branch May 2, 2025 21:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@davidz25 davidz25 davidz25 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@sorotokin @davidz25