DCQL credential queries #206
Conversation
13484be to
b5e3812
Compare
openid-data-classes/src/commonMain/kotlin/at/asitplus/openid/dcql/DCQLQuery.kt
Outdated
Show resolved
Hide resolved
| if(credentialSetQuery.required) { | ||
| throw IllegalArgumentException("Required credential set query is not satisfiable.", it) | ||
| if (credentialSetQuery.required) { | ||
| throw IllegalArgumentException( |
There was a problem hiding this comment.
Please refactor into one line
There was a problem hiding this comment.
Suggestions please, autoformat breaks this otherwise?
There was a problem hiding this comment.
Not when your margin is at 120, as it is throughout the code base
| * see [createAuthnRequest] | ||
| */ | ||
| @Suppress("DEPRECATION") | ||
| suspend fun prepareAuthnRequest( |
There was a problem hiding this comment.
Why do we need this function in addition to createAuthnRequest()?
There was a problem hiding this comment.
It's not this function itself that's necessary, but the corresponding submitAuthnRequest.
Presentation definitions/dcql queries allow rich configurations, which the current api does not support
We therefore need a way to feed the adjusted auth request to the state map which is later used when receiving a presentation to link it to the original request.
Especially with DCQL, when verifying a presentation we need to know the corresponding credential format, which can only be deduced from the original request.
This function just prevents unnecessarily adding values to the state map
There was a problem hiding this comment.
Okay, but then the existing createAuthnRequest() method should call this new method, because the code is the partly the same, right?
But we could build a DCQL Query from the RequestOptions in this class, right? At least something like now for presentation definition: Type, format, attributes
vck/src/commonMain/kotlin/at/asitplus/wallet/lib/agent/VerifiablePresentationFactory.kt
Outdated
Show resolved
Hide resolved
b5e3812 to
237d7a5
Compare
| @@ -86,13 +116,13 @@ interface Holder { | |||
| * @param pathAuthorizationValidator Provides the user of this library with a way to enforce | |||
| * authorization rules. | |||
| */ | |||
| @Deprecated("Replace with more general implementation due to increasing number of presentation mechanisms") | |||
There was a problem hiding this comment.
Can we migrate the existing calls from test code, or should this better be done in a second PR?
There was a problem hiding this comment.
In a separate refactor would be good, a lot of tests are affected
c00a611 to
2efe7ab
Compare
There was a problem hiding this comment.
Smashing!
I'm trusting @nodh on the functional and architectural correctness on this one, but I do have a change request.
| @@ -14,6 +14,8 @@ enum class CredentialFormatEnum(val text: String) { | |||
| JSON_LD("ldp_vc"), | |||
| MSO_MDOC("mso_mdoc"); | |||
|
|
|||
| fun coerce() = if(this == VC_SD_JWT) DC_SD_JWT else this | |||
There was a problem hiding this comment.
I'd prefer to have proper API docs on this function and have CredentialFormat, VC_SD_JWT, and DC_SD_JWT mention it too, or maybe even have a format constant that encompasses both. one hierarchy level above and mark the existing ones with a proper deprecation annotation. If we go for the latter approach, we won't need any coerce-function at all
No description provided.