Feature/didweb

[domwoe]

Work in progress PR to add the did web capabilities to ACA-PY

• Native did:web resolver
• Serve did document under /.well-known/did.json
• Create a did document from wallet content (uses public DID and endpoint) + additional keys (e.g.) BBS+ keys can be referenced
• Connection/DID Exchange based on implicit invitation with public did:web

Multitenancy is currently not supported.
Needs cleaning and tests.
I'm not an experienced Python programmer so there might be stupid things I've done. Would be cool if someone could take a look.

Example usage:
Assumption: ACA-Py has configured a public DID, admin interface with HTTPS (e.g. via ngrok) and a BBS+ did:key

POST:  /didweb​/create-from-wallet​/{did}

{
  "verification_methods": [{
"did":"did:key:zUC71v7BaQAEpNCN9wVetcqMWtWPygSuQ2t4MJ1H9654Aio3DypS8wCd253CZ29C1CiLSMmC8MrepFYvKrvdMHBatyEoQa5pffr8HMqvRR98Vb7NtEBkpN9Ld73jyeyAqYxg8Fy", "
verification_relationships": ["assertion_method"]
}]}

will produce:

{
  "@context": "https://www.w3.org/ns/did/v1",
  "id": "did:web:478eb39f6464.ngrok.io",
  "verificationMethod": [
  {
    "id": "did:web:478eb39f6464.ngrok.io#key-1",
    "type": "Ed25519VerificationKey2018",
    "controller": "did:web:478eb39f6464.ngrok.io",
    "publicKeyBase58": "DAwrZwgMwkTVHUQ8ZYAmuvzwprDmX8vFNXzFioxrWpCA"
  },
  {
     "id": "did:web:478eb39f6464.ngrok.io#key-2",
     "type": "Bls12381G2Key2020",
     "controller": "did:web:478eb39f6464.ngrok.io",
     "publicKeyBase58": 
"n5ZJWiW1TkL9jzpoig99Db9UjQ8hN4L8UuRTfEcFRqSEpNroSGoUDd5XQ2nwUuAhJ9MK5wzqSMzxNzCWC1qs51i5cEBii2ie1i9XXCWG1dyWXKr9jRyETJdmWUEHFzoodef"
}
],
"authentication": [
"did:web:478eb39f6464.ngrok.io#key-1"
],
"assertionMethod": [
"did:web:478eb39f6464.ngrok.io#key-1",
"did:web:478eb39f6464.ngrok.io#key-2"
],
"service": [
{
"id": "did:web:478eb39f6464.ngrok.io#did-communication",
"type": "did-communication",
"serviceEndpoint": "http://host.docker.internal:8000",
"recipientKeys": [
"did:web:478eb39f6464.ngrok.io#key-1"
],
"routingKeys": [],
"priority": 0
}
]
}

served under https:478eb39f6464.ngrok.io/.well-known/did.json

[andrewwhitehead]

This is looking good so far.

I think the did:web: serving support would probably have to wait until 0.7 is released. The resolver code should probably be a separate PR, as it's useful on its own (although I think there is some shared code).

There are some changes to the connections protocol which I'd rather not touch - that one is basically frozen, with new features going into did-exchange only. I think the update to accept non-sov DIDs was also merged independently.

[domwoe]

Thanks @andrewwhitehead

I guess it's a good idea to separate the resolver part out in a new PR. I'll have a look what has changed in the base resolver since I did my implementation tomorrow.

[swcurran]

@andrewwhitehead -- when you get a chance, please review and address -- close, merge or perhaps reimplement.

[swcurran]

Closing this as this is not moving forward and I think stuff has changed in the DID resolution part of the code.