Skip to content

Commit

Permalink
Enable optional client attestation in oid4vp (#162)
Browse files Browse the repository at this point in the history
* enable optional client attestation in oid4vp

Signed-off-by: Sebastian Bickerle <[email protected]>

* removed custom scheme check on HaipAuthorizationRequestUri.cs

Signed-off-by: Sebastian Bickerle <[email protected]>

---------

Signed-off-by: Sebastian Bickerle <[email protected]>
  • Loading branch information
ntsbs authored Aug 21, 2024
1 parent 912ad59 commit 2b677b4
Show file tree
Hide file tree
Showing 8 changed files with 25 additions and 10 deletions.
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
using LanguageExt;
using static System.String;

namespace WalletFramework.Oid4Vc.Oid4Vci.AuthFlow.Models;
namespace WalletFramework.Oid4Vc.ClientAttestation;

public record ClientAttestationPopDetails
{
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,6 @@
namespace WalletFramework.Oid4Vc.Oid4Vci.AuthFlow.Models;
using WalletFramework.Oid4Vc.Oid4Vci.AuthFlow.Models;

namespace WalletFramework.Oid4Vc.ClientAttestation;

public record CombinedWalletAttestation
{
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
namespace WalletFramework.Oid4Vc.ClientAttestation;

public static class HttpClientExtensions
{
public static void AddClientAttestationPopHeader(this HttpClient client, CombinedWalletAttestation clientAttestation)
{
client.DefaultRequestHeaders.Add("OAuth-Client-Attestation", clientAttestation.WalletInstanceAttestationJwt);
client.DefaultRequestHeaders.Add("OAuth-Client-Attestation-PoP", clientAttestation.WalletInstanceAttestationPopJwt);
}
}
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
using WalletFramework.Core.Functional;
using WalletFramework.Core.Functional.Errors;

namespace WalletFramework.Oid4Vc.Oid4Vci.AuthFlow.Models;
namespace WalletFramework.Oid4Vc.ClientAttestation;

public struct WalletInstanceAttestationJwt
{
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
namespace WalletFramework.Oid4Vc.Oid4Vci.AuthFlow.Models;
namespace WalletFramework.Oid4Vc.ClientAttestation;

public struct WalletInstanceAttestationPopJwt
{
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -25,9 +25,6 @@ public class HaipAuthorizationRequestUri
/// <exception cref="InvalidOperationException"></exception>
public static HaipAuthorizationRequestUri FromUri(Uri uri)
{
if (uri.Scheme is not ("haip" or "openid4vp" or "mdoc-openid4vp"))
throw new InvalidOperationException("Invalid Scheme. Must be haip or openid4vp");

var request = uri.GetQueryParam("request_uri");
if (string.IsNullOrEmpty(request))
throw new InvalidOperationException("HAIP requires request_uri parameter");
Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
using WalletFramework.Oid4Vc.Oid4Vp.Models;

using WalletFramework.Oid4Vc.ClientAttestation;
namespace WalletFramework.Oid4Vc.Oid4Vp.Services;

/// <summary>
Expand All @@ -22,10 +23,12 @@ public interface IOid4VpClientService
/// </summary>
/// <param name="authorizationRequest"></param>
/// <param name="selectedCredentials"></param>
/// <param name="combinedWalletAttestation"></param>
/// <returns>
/// A task representing the asynchronous operation. The task result contains the Callback Url of the Authorization Response if present.
/// </returns>
Task<Uri?> SendAuthorizationResponseAsync(
AuthorizationRequest authorizationRequest,
IEnumerable<SelectedCredential> selectedCredentials);
IEnumerable<SelectedCredential> selectedCredentials,
CombinedWalletAttestation? combinedWalletAttestation = null);
}
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@
using LanguageExt;
using Microsoft.Extensions.Logging;
using SD_JWT.Models;
using WalletFramework.Oid4Vc.ClientAttestation;
using WalletFramework.Core.Credentials.Abstractions;
using WalletFramework.Core.Functional;
using WalletFramework.MdocLib;
Expand All @@ -10,7 +11,6 @@
using WalletFramework.MdocLib.Elements;
using WalletFramework.MdocLib.Security;
using WalletFramework.MdocVc;
using WalletFramework.Oid4Vc.Oid4Vci.Abstractions;
using WalletFramework.Oid4Vc.Oid4Vci.CredConfiguration.Models;
using WalletFramework.Oid4Vc.Oid4Vp.Models;
using WalletFramework.Oid4Vc.Oid4Vp.PresentationExchange.Services;
Expand Down Expand Up @@ -82,7 +82,8 @@ public Oid4VpClientService(
/// <inheritdoc />
public async Task<Uri?> SendAuthorizationResponseAsync(
AuthorizationRequest authorizationRequest,
IEnumerable<SelectedCredential> selectedCredentials)
IEnumerable<SelectedCredential> selectedCredentials,
CombinedWalletAttestation? clientAttestation = null)
{
var credentials = selectedCredentials.ToList();

Expand Down Expand Up @@ -171,6 +172,8 @@ from path in field.Path.Select(path => path.TrimStart('$', '.'))

var httpClient = _httpClientFactory.CreateClient();
httpClient.DefaultRequestHeaders.Clear();
if (clientAttestation is not null)
httpClient.AddClientAttestationPopHeader(clientAttestation);

var json = SerializeObject(authorizationResponse);
var nameValueCollection = DeserializeObject<Dictionary<string, string>>(json)!.ToList();
Expand Down

0 comments on commit 2b677b4

Please sign in to comment.