From 0f8c1d5e8934f2cadc6d1581efb1d7768089c14b Mon Sep 17 00:00:00 2001 From: Salvatore Laiso <32564922+salvatorelaiso@users.noreply.github.com> Date: Fri, 22 Dec 2023 14:52:09 +0100 Subject: [PATCH] fix: VP format (#215) * fix: remove legacy `9999` ports from example configuration * fix: update vp_formats in example configuration Used the example provided at https://openid.github.io/oid4vc-haip-sd-jwt-vc/draft-oid4vc-haip-sd-jwt-vc.html#section-7.2.7-3 * refactor: moved `VPFormat` schema to a specific file Extracted `VPFormat` and its related schemas from `__init__.py` to a dedicated file * refactor: moved `VPFormat` schema to a specific file Extracted `VPFormat` and its related schemas from `__init__.py` to a dedicated file * fix: update `VpFormats` and its related tests * refactor: raname `vp_format.py` in `vp_formats.py` --------- Co-authored-by: Salvatore Laiso --- example/satosa/pyeudiw_backend.yaml | 15 +++++++------ .../schemas/wallet_relying_party.py | 4 ++-- pyeudiw/openid4vp/schemas/__init__.py | 13 ------------ pyeudiw/openid4vp/schemas/vp_formats.py | 21 +++++++++++++++++++ .../schemas/test_entity_configuration.py | 13 +++++++----- pyeudiw/tests/federation/test_schema.py | 13 +++++++++--- .../tests/openid4vp/schemas/test_schema.py | 12 +++++++---- pyeudiw/tests/settings.py | 12 +++++++---- 8 files changed, 66 insertions(+), 37 deletions(-) create mode 100644 pyeudiw/openid4vp/schemas/vp_formats.py diff --git a/example/satosa/pyeudiw_backend.yaml b/example/satosa/pyeudiw_backend.yaml index cb59c126..795e0565 100644 --- a/example/satosa/pyeudiw_backend.yaml +++ b/example/satosa/pyeudiw_backend.yaml @@ -4,11 +4,11 @@ name: OpenID4VP config: ui: - static_storage_url: "https://localhost:9999" + static_storage_url: "https://localhost" template_folder: "templates" # project root qrcode_template: "qr_code.html" error_template: "error.html" - error_url: "https://localhost:9999/error_page.html" + error_url: "https://localhost/error_page.html" endpoints: pre_request: '/pre-request' @@ -197,7 +197,10 @@ config: subject_type: pairwise vp_formats: - jwt_vp_json: - alg: - - EdDSA - - ES256K + vc+sd-jwt: + sd-jwt_alg_values: + - ES256 + - ES384 + kb-jwt_alg_values: + - ES256 + - ES384 diff --git a/pyeudiw/federation/schemas/wallet_relying_party.py b/pyeudiw/federation/schemas/wallet_relying_party.py index 9d0e375b..7603ee9e 100644 --- a/pyeudiw/federation/schemas/wallet_relying_party.py +++ b/pyeudiw/federation/schemas/wallet_relying_party.py @@ -2,7 +2,7 @@ from typing import Any, List from pyeudiw.jwk.schemas.jwk import JwksSchema from pydantic import BaseModel, HttpUrl, PositiveInt -from pyeudiw.openid4vp.schemas import VPFormat +from pyeudiw.openid4vp.schemas.vp_formats import VpFormats from pyeudiw.presentation_exchange.schemas.oid4vc_presentation_definition import PresentationDefinition @@ -63,4 +63,4 @@ class WalletRelyingParty(BaseModel): id_token_signed_response_alg: List[SigningAlgValuesSupported] default_acr_values: List[AcrValuesSupported] default_max_age: PositiveInt - vp_formats: VPFormat \ No newline at end of file + vp_formats: VpFormats diff --git a/pyeudiw/openid4vp/schemas/__init__.py b/pyeudiw/openid4vp/schemas/__init__.py index d3e4a5ca..e69de29b 100644 --- a/pyeudiw/openid4vp/schemas/__init__.py +++ b/pyeudiw/openid4vp/schemas/__init__.py @@ -1,13 +0,0 @@ -from enum import Enum -from typing import List -from pydantic import BaseModel - -class VPSigningAlgResponseSupported(str, Enum): - eddsa = "EdDSA" - es256k = "ES256K" - -class VPAlgorithmSchema(BaseModel): - alg: List[VPSigningAlgResponseSupported] - -class VPFormat(BaseModel): - jwt_vp_json: VPAlgorithmSchema \ No newline at end of file diff --git a/pyeudiw/openid4vp/schemas/vp_formats.py b/pyeudiw/openid4vp/schemas/vp_formats.py new file mode 100644 index 00000000..254a3a50 --- /dev/null +++ b/pyeudiw/openid4vp/schemas/vp_formats.py @@ -0,0 +1,21 @@ +from enum import Enum +from typing import List +from pydantic import BaseModel, Field + + +class Algorithms(Enum): + es256 = "ES256" + es384 = "ES384" + es512 = "ES512" + rs256 = "RS256" + rs384 = "RS384" + rs512 = "RS512" + + +class VcSdJwt(BaseModel): + sd_jwt_alg_values: List[Algorithms] = Field([], alias='sd-jwt_alg_values') + kb_jwt_alg_values: List[Algorithms] = Field([], alias='kb-jwt_alg_values') + + +class VpFormats(BaseModel): + vc_sd_jwt: VcSdJwt = Field(..., alias='vc+sd-jwt') diff --git a/pyeudiw/tests/federation/schemas/test_entity_configuration.py b/pyeudiw/tests/federation/schemas/test_entity_configuration.py index 22788490..cdaf4560 100644 --- a/pyeudiw/tests/federation/schemas/test_entity_configuration.py +++ b/pyeudiw/tests/federation/schemas/test_entity_configuration.py @@ -57,12 +57,15 @@ "https://www.spid.gov.it/SpidL2", "https://www.spid.gov.it/SpidL3" ], - "vp_formats": { - "jwt_vp_json": { - "alg": [ - "EdDSA", - "ES256K" + "vc+sd-jwt": { + "sd-jwt_alg_values": [ + "ES256", + "ES384" + ], + "kb-jwt_alg_values": [ + "ES256", + "ES384" ] } }, diff --git a/pyeudiw/tests/federation/test_schema.py b/pyeudiw/tests/federation/test_schema.py index 37559f76..fcfe5b10 100644 --- a/pyeudiw/tests/federation/test_schema.py +++ b/pyeudiw/tests/federation/test_schema.py @@ -84,9 +84,16 @@ 'id_token_encrypted_response_enc': ["A128CBC-HS256"], 'id_token_signed_response_alg': ["ES256"], 'default_max_age': 5000, - 'vp_formats': { - 'jwt_vp_json': { - 'alg': ["EdDSA"] + "vp_formats": { + "vc+sd-jwt": { + "sd-jwt_alg_values": [ + "ES256", + "ES384" + ], + "kb-jwt_alg_values": [ + "ES256", + "ES384" + ] } }, 'policy_uri': '' diff --git a/pyeudiw/tests/openid4vp/schemas/test_schema.py b/pyeudiw/tests/openid4vp/schemas/test_schema.py index 6f63e067..7f0e1c09 100644 --- a/pyeudiw/tests/openid4vp/schemas/test_schema.py +++ b/pyeudiw/tests/openid4vp/schemas/test_schema.py @@ -145,10 +145,14 @@ def test_entity_config_payload(): "https://www.spid.gov.it/SpidL3" ], "vp_formats": { - "jwt_vp_json": { - "alg": [ - "EdDSA", - "ES256K" + "vc+sd-jwt": { + "sd-jwt_alg_values": [ + "ES256", + "ES384" + ], + "kb-jwt_alg_values": [ + "ES256", + "ES384" ] } }, diff --git a/pyeudiw/tests/settings.py b/pyeudiw/tests/settings.py index 4b45172f..31b2251b 100644 --- a/pyeudiw/tests/settings.py +++ b/pyeudiw/tests/settings.py @@ -309,10 +309,14 @@ "require_auth_time": True, "subject_type": "pairwise", "vp_formats": { - "jwt_vp_json": { - "alg": [ - "EdDSA", - "ES256K" + "vc+sd-jwt": { + "sd-jwt_alg_values": [ + "ES256", + "ES384" + ], + "kb-jwt_alg_values": [ + "ES256", + "ES384" ] } }