walt-id / waltid-walletkit Goto Github PK
View Code? Open in Web Editor NEWToolkit for SSI and NFT/SBT wallets
Home Page: https://docs.walt.id
License: Apache License 2.0
Toolkit for SSI and NFT/SBT wallets
Home Page: https://docs.walt.id
License: Apache License 2.0
I noticed that each time I restart the service and try to issue a new credential, some remote requests are made to fetch Json documents defined in dids (@context). I could not look in depth at the original cause, but it looks to be related to a dependency in the jsonld-common library. This library allows to be initialized with some pre-cached content according to tests.
Being able to cache this content at startup can potential save from some "downtimes" when the remote endpoints are "down" or fix problems when running deployments with no Internet access.
It should be possible to use the Auditor API from the ssikit (VC verification, policy config, etc) in the multi-tenant context from the walletkit.
I try to generate a Issuer DID from the waltid wallet backend (last version).
The first steps works well:
But i have an error when I execute the following command:
waltid-walletkit config --as-issuer essif auth-api --did <MYDID>
The error is the following:
`walt.id SSI Kit 1.13.0-SNAPSHOT (running on Java 17.0.3+6-LTS)
[main] DEBUG id.walt.services.WaltIdServices - Creating dir-structure at: data
[main] INFO id.walt.webwallet.backend.cli.ConfigCmd - Running in context of: Issuer
EBSI Authentication API flow for DID did:ebsi:zucQiTU2Ez5NgzhwpvsXM7w running...
[main] DEBUG id.walt.services.ecosystems.essif.EssifClient - ESSIF Authorization API flow started
[main] DEBUG id.walt.services.ecosystems.essif.userwallet.UserWalletService - Loading Verifiable Authorization from HKV Store.
Exception in thread "main" com.beust.klaxon.KlaxonException: Unable to instantiate EbsiVAWrapper:
Parameter verifiableCredential: expected id.walt.services.ecosystems.essif.EbsiVa but received java.lang.String (value: eyJhbGciOiJFUzI1NksiLCJ0eXAiOiJKV1QiLCJraWQiOiJkaWQ6ZWJzaTp6cjJyV0RISHJVQ2RaQVc3d3NTYjVuUSNrZXlzLTEifQ.eyJqdGkiOiJ2YzplYnNpOmF1dGhlbnRpY2F0aW9uI2MxZWE4NzI3LTA5NWYtNDY0Mi05N2ExLTIzYjg2ZDZiMzgyNSIsInN1YiI6ImRpZDplYnNpOnp1Y1FpVFUyRXo1Tmd6aHdwdnNYTTd3IiwiaXNzIjoiZGlkOmVic2k6enIycldESEhyVUNkWkFXN3dzU2I1blEiLCJuYmYiOjE2NzM0NDc2MjYsImV4cCI6MTY4OTE3MjQyNiwiaWF0IjoxNjczNDQ3NjI2LCJ2YyI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSJdLCJpZCI6InZjOmVic2k6YXV0aGVudGljYXRpb24jYzFlYTg3MjctMDk1Zi00NjQyLTk3YTEtMjNiODZkNmIzODI1IiwidHlwZSI6WyJWZXJpZmlhYmxlQ3JlZGVudGlhbCIsIlZlcmlmaWFibGVBdXRob3Jpc2F0aW9uIl0sImlzc3VlciI6ImRpZDplYnNpOnpyMnJXREhIclVDZFpBVzd3c1NiNW5RIiwiaXNzdWFuY2VEYXRlIjoiMjAyMy0wMS0xMVQxNDozMzo0NloiLCJpc3N1ZWQiOiIyMDIzLTAxLTExVDE0OjMzOjQ2WiIsInZhbGlkRnJvbSI6IjIwMjMtMDEtMTFUMTQ6MzM6NDZaIiwiZXhwaXJhdGlvbkRhdGUiOiIyMDIzLTA3LTEyVDE0OjMzOjQ2WiIsImNyZWRlbnRpYWxTdWJqZWN0Ijp7ImlkIjoiZGlkOmVic2k6enVjUWlUVTJFejVOZ3pod3B2c1hNN3cifSwiY3JlZGVudGlhbFNjaGVtYSI6eyJpZCI6Imh0dHBzOi8vYXBpLXBpbG90LmVic2kuZXUvdHJ1c3RlZC1zY2hlbWFzLXJlZ2lzdHJ5L3YyL3NjaGVtYXMvekhNcDUyTHFKV29jbWhBOVJrem5UV3VFZWNKWG9QREt3M2tXUXA4MVlZOXBDIiwidHlwZSI6IkZ1bGxKc29uU2NoZW1hVmFsaWRhdG9yMjAyMSJ9fX0.e5mxppIVTzMpZLfOcmKkDye6waYxnyiACLTs99rv0MkoHguQy2v7FgQ4QOj3v4AaKeinq12Hs8jeb0fhwolQXQ)
argument type mismatch
at com.beust.klaxon.JsonObjectConverter.initIntoUserClass(JsonObjectConverter.kt:115)
at com.beust.klaxon.JsonObjectConverter.fromJson(JsonObjectConverter.kt:30)
at com.beust.klaxon.DefaultConverter.fromJsonObject(DefaultConverter.kt:223)
at com.beust.klaxon.DefaultConverter.fromJson(DefaultConverter.kt:40)
at com.beust.klaxon.Klaxon.fromJsonObject(Klaxon.kt:296)
at id.walt.services.ecosystems.essif.userwallet.UserWalletService.createVerifiedClaims(UserWalletService.kt:579)
at id.walt.services.ecosystems.essif.userwallet.UserWalletService.siopSession(UserWalletService.kt:217)
at id.walt.services.ecosystems.essif.userwallet.UserWalletService.requestAccessToken(UserWalletService.kt:118)
at id.walt.services.ecosystems.essif.EssifClient.authApi(EssifClient.kt:236)
at id.walt.cli.EssifAuthCommand.run(EssifCommand.kt:66)
at com.github.ajalt.clikt.parsers.Parser.parse(Parser.kt:198)
at com.github.ajalt.clikt.parsers.Parser.parse(Parser.kt:211)
at com.github.ajalt.clikt.parsers.Parser.parse(Parser.kt:211)
at com.github.ajalt.clikt.parsers.Parser.parse(Parser.kt:211)
at com.github.ajalt.clikt.parsers.Parser.parse(Parser.kt:18)
at com.github.ajalt.clikt.core.CliktCommand.parse(CliktCommand.kt:400)
at com.github.ajalt.clikt.core.CliktCommand.parse$default(CliktCommand.kt:397)
at com.github.ajalt.clikt.core.CliktCommand.main(CliktCommand.kt:415)
at com.github.ajalt.clikt.core.CliktCommand.main(CliktCommand.kt:440)
at id.walt.MainKt$main$1.invokeSuspend(Main.kt:101)
at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith(ContinuationImpl.kt:33)
at kotlinx.coroutines.DispatchedTask.run(DispatchedTask.kt:106)
at kotlinx.coroutines.EventLoopImplBase.processNextEvent(EventLoop.common.kt:284)
at kotlinx.coroutines.BlockingCoroutine.joinBlocking(Builders.kt:85)
at kotlinx.coroutines.BuildersKt__BuildersKt.runBlocking(Builders.kt:59)
at kotlinx.coroutines.BuildersKt.runBlocking(Unknown Source)
at kotlinx.coroutines.BuildersKt__BuildersKt.runBlocking$default(Builders.kt:38)
at kotlinx.coroutines.BuildersKt.runBlocking$default(Unknown Source)
at id.walt.MainKt.main(Main.kt:26)
`
When selecting ebsi method to create Issuer DID registered on EBSI it returns:
Exception in thread "main" id.walt.servicematrix.exceptions.UnimplementedServiceException: No implementation has been registered for service: id.walt.services.essif.jsonrpc.JsonRpcService
at id.walt.services.essif.jsonrpc.JsonRpcService.getImplementation(JsonRpcService.kt:87)
at id.walt.services.essif.jsonrpc.JsonRpcService.execute$suspendImpl(JsonRpcService.kt:77)
at id.walt.services.essif.jsonrpc.JsonRpcService.execute(JsonRpcService.kt)
at id.walt.services.essif.didebsi.WaltIdDidEbsiService$registerDid$1.invokeSuspend(WaltIdDidEbsiService.kt:31)
at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith(ContinuationImpl.kt:33)
at kotlinx.coroutines.DispatchedTask.run(DispatchedTask.kt:106)
at kotlinx.coroutines.EventLoopImplBase.processNextEvent(EventLoop.common.kt:277)
at kotlinx.coroutines.BlockingCoroutine.joinBlocking(Builders.kt:87)
at kotlinx.coroutines.BuildersKt__BuildersKt.runBlocking(Builders.kt:61)
at kotlinx.coroutines.BuildersKt.runBlocking(Unknown Source)
at kotlinx.coroutines.BuildersKt__BuildersKt.runBlocking$default(Builders.kt:40)
at kotlinx.coroutines.BuildersKt.runBlocking$default(Unknown Source)
at id.walt.services.essif.didebsi.WaltIdDidEbsiService.registerDid(WaltIdDidEbsiService.kt:25)
at id.walt.services.essif.didebsi.DidEbsiService.registerDid(DidEbsiService.kt:11)
at id.walt.issuer.backend.IssuerManager$initializeInteractively$1.invoke(IssuerManager.kt:138)
at id.walt.issuer.backend.IssuerManager$initializeInteractively$1.invoke(IssuerManager.kt:130)
at id.walt.services.context.WaltIdContextManager.runWith(ContextManager.kt:61)
at id.walt.issuer.backend.IssuerManager.initializeInteractively(IssuerManager.kt:130)
at id.walt.webwallet.backend.MainKt.main(Main.kt:39)
Here is my Bearer token:
eyJhbGciOiJFUzI1NksiLCJ0eXAiOiJKV1QifQ.eyJleHAiOjE2Mzk0MDg5NTksImlhdCI6MTYzOTQwODA1OSwiaXNzIjoiZGlkOmVic2k6emNHdnFnWlRIQ3Rramd0Y0tSTDdIOGsiLCJvbmJvYXJkaW5nIjoiZXUtbG9naW4iLCJ2YWxpZGF0ZWRJbmZvIjp7InZhbGlkYXRlZFVzZXIiOnsiYXNzdXJhbmNlbGV2ZWwiOiIyMCIsImF1dGhlbnRpY2F0aW9uZmFjdG9ycyI6eyIkIjp7Im51bWJlciI6IjEifSwibW9uaWtlciI6ImpvbmFzLnphbGlua2V2aWNpdXNAZWRlbGl2ZXJ5Lmx0In0sImF1dGhlbnRpY2F0aW9ubGV2ZWwiOiJCQVNJQyIsImRvbWFpbiI6ImV4dGVybmFsIiwiZG9tYWludXNlcm5hbWUiOiJuMDAybmlhZSIsImVtYWlsIjoiam9uYXMuemFsaW5rZXZpY2l1c0BlZGVsaXZlcnkubHQiLCJlbXBsb3llZXR5cGUiOiJuIiwiZmlyc3RuYW1lIjoiSm9uYXMiLCJncm91cHMiOnsiJCI6eyJudW1iZXIiOiIwIn19LCJsYXN0bmFtZSI6IsW9YWxpbmtldmnEjWl1cyIsImxvY2FsZSI6ImVuIiwibG9naW5kYXRlIjoiMjAyMS0xMi0xM1QxNjowNzozNy4xODkrMDE6MDAiLCJzc28iOiJmYWxzZSIsInN0cmVuZ3RocyI6eyIkIjp7Im51bWJlciI6IjEifSwic3RyZW5ndGgiOiJTVFJPTkcifSwidGVsZXdvcmtpbmdwcmlvcml0eSI6ImZhbHNlIiwidGlja2V0dHlwZSI6IlNFUlZJQ0UiLCJ1aWQiOiJuMDAybmlhZSIsInVzZXIiOiJuMDAybmlhZSIsInVzZXJtYW5hZ2VyIjoidWlkPWtvbmRybWosb3U9UGVvcGxlLGRjPWNvbW1pc3Npb24sZGM9ZXVyb3BhLGRjPWV1In19fQ.vWMlCV2FKqfT1p0uvfmBkEKhTPAw0yWPUUppyrLRh2pnkw5qyjNZ2H4OKQuIwZsfZjvyxZDaZVwMfesTbvcE_g
Both images
waltid/ssikit-issuer-portal:latest
https://github.com/walt-id/waltid-walletkit/blob/main/k8s/deployment-prod.yaml#L181
waltid/ssikit-verifier-portal:latest
https://github.com/walt-id/waltid-walletkit/blob/main/k8s/deployment-prod.yaml#L145
when running on kubernets are having the issue
exec /usr/sbin/nginx: exec format error
You have suddenly switched the architecture from amd64 to arm64
I try to build my own computer(window),,
I launched backend with docker...then I clone the frontend project, walllet,issue,verify, but when i try to make add credential.. there is error.
this 500 error, http://localhost:3000/api/wallet/siopv2/issuer/metadata?issuerId=walt.id
I would like to know how to fix this ..
In the scope of the signup-process a DID key should be created on the fly.
If a user wants to onboard the EBSI ecosystem (or potentially another one in future) the user should open the "settings"-page of the wallet. On the settings-page is should be possible to set a default-did (drop-down menu). In case there is no did:ebsi yet available there shoudl appear a button "Onboard EBSI", where the EBSI-onboarding flow is initiated. Once this is completed the user can set the default DID from did:key to did:ebsi.
Hi all
First of all, very great repository and interesting project! 👏 👍
Testing the API, I couldn't delete any created DID using the /issuer-api/
endpoint.
I think there is a bug in the following line: IssuerController.kt#L79
Shouldn't it be as follows:
get("{id}", documented(DidController.loadDocs().describeTenantId(), DidController::load))
delete("{id}", documented(DidController.deleteDocs().describeTenantId(), DidController::delete))
I added the load
functionality to extend the endpoint group.
To query the credential the list endpoint is used with a passed query like /api/wallet/credentials/list?id=urn:uuid:152e6f4d-134f-4f86-8eb4-28a9b70646b5
But this query is not documented so swagger so it's not possible to generate SDKs out of the definition:
Suggestion:
api/wallet/credentials/list/{id}
to fetch itCan't generate a did key
https://wallet.walt-test.cloud/settings/ecosystems/key
https://wallet.walt.id/settings/ecosystems/key
Hi team,
testing walitid-walletkit by using docker-compose, in authentification step I have a problem with this message: "Caused by: java.lang.UnsatisfiedLinkError: Unable to load library '/tmp/resource-loader10237632198594109884/armv6/libsodium.so':". Any help, thanks in advance.
The architecture of the project is very interesting. I have a question.
When I try to run all components of the web wallet demo locally using docker compose as shown in the docs, I get the following error when trying to log in to the web wallet (credentials can be anything, right?).
Using master#575d079d8191bc982b76435d63cb03d7c53d2f99 of this repo
Ubuntu 18.04
Docker version 20.10.11, build dea9396
docker-compose version 1.26.2, build eefe0d31
Is this a misconfiguration on my end or is this a known probelm?
Thankful for any help
wallet-backend_1 | [JettyServerThreadPool-32] WARN io.javalin.Javalin - Uncaught exception wallet-backend_1 | com.fasterxml.jackson.module.kotlin.MissingKotlinParameterException: Instantiation of [simple type, class id.walt.webwallet.backend.auth.UserInfo] value failed for JSON property id due to missing (therefore NULL) value for creator parameter id which is a non-nullable type wallet-backend_1 | at [Source: (String)"{}"; line: 1, column: 2] (through reference chain: id.walt.webwallet.backend.auth.UserInfo["id"]) wallet-backend_1 | at com.fasterxml.jackson.module.kotlin.KotlinValueInstantiator.createFromObjectWith(KotlinValueInstantiator.kt:121) wallet-backend_1 | at com.fasterxml.jackson.databind.deser.impl.PropertyBasedCreator.build(PropertyBasedCreator.java:202) wallet-backend_1 | at com.fasterxml.jackson.databind.deser.BeanDeserializer._deserializeUsingPropertyBased(BeanDeserializer.java:518) wallet-backend_1 | at com.fasterxml.jackson.databind.deser.BeanDeserializerBase.deserializeFromObjectUsingNonDefault(BeanDeserializerBase.java:1405) wallet-backend_1 | at com.fasterxml.jackson.databind.deser.BeanDeserializer.deserializeFromObject(BeanDeserializer.java:351) wallet-backend_1 | at com.fasterxml.jackson.databind.deser.BeanDeserializer.deserialize(BeanDeserializer.java:184) wallet-backend_1 | at com.fasterxml.jackson.databind.deser.DefaultDeserializationContext.readRootValue(DefaultDeserializationContext.java:322) wallet-backend_1 | at com.fasterxml.jackson.databind.ObjectMapper._readMapAndClose(ObjectMapper.java:4674) wallet-backend_1 | at com.fasterxml.jackson.databind.ObjectMapper.readValue(ObjectMapper.java:3629) wallet-backend_1 | at com.fasterxml.jackson.databind.ObjectMapper.readValue(ObjectMapper.java:3597) wallet-backend_1 | at io.javalin.plugin.json.JavalinJackson.fromJsonString(JavalinJackson.kt:37) wallet-backend_1 | at id.walt.webwallet.backend.rest.RestAPI$createJavalin$1$1$4.fromJsonString(RestAPI.kt:94) wallet-backend_1 | at io.javalin.http.Context.bodyAsClass(Context.kt:114) wallet-backend_1 | at id.walt.webwallet.backend.auth.AuthController.login(AuthController.kt:38) wallet-backend_1 | at id.walt.webwallet.backend.auth.AuthController$routes$1$1$3.invoke(AuthController.kt:23) wallet-backend_1 | at id.walt.webwallet.backend.auth.AuthController$routes$1$1$3.invoke(AuthController.kt:23) wallet-backend_1 | at io.javalin.plugin.openapi.dsl.OpenApiBuilder.documented$lambda-0(OpenApiBuilder.kt:23) wallet-backend_1 | at io.javalin.plugin.openapi.dsl.DocumentedHandler.handle(DocumentedHandler.kt:10) wallet-backend_1 | at id.walt.webwallet.backend.auth.JWTService.manage(JWTService.kt:51) wallet-backend_1 | at io.javalin.http.JavalinServlet.addHandler$lambda-5(JavalinServlet.kt:115) wallet-backend_1 | at io.javalin.http.JavalinServlet$service$tryBeforeAndEndpointHandlers$1.invoke(JavalinServlet.kt:44) wallet-backend_1 | at io.javalin.http.JavalinServlet$service$tryBeforeAndEndpointHandlers$1.invoke(JavalinServlet.kt:39) wallet-backend_1 | at io.javalin.http.JavalinServlet.service$tryWithExceptionMapper(JavalinServlet.kt:131) wallet-backend_1 | at io.javalin.http.JavalinServlet.service$tryBeforeAndEndpointHandlers(JavalinServlet.kt:39) wallet-backend_1 | at io.javalin.http.JavalinServlet.service(JavalinServlet.kt:87) wallet-backend_1 | at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) wallet-backend_1 | at io.javalin.jetty.JavalinJettyServlet.service(JavalinJettyServlet.kt:58) wallet-backend_1 | at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) wallet-backend_1 | at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:799) wallet-backend_1 | at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:550) wallet-backend_1 | at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233) wallet-backend_1 | at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1624)
waltid-wallet-backend/src/main/kotlin/id/walt/webwallet/backend/wallet/WalletController.kt: (126, 39): Unresolved reference: getHolder
Issuers and Verifiers should support multi-tenancy with tenant-specific configuration and context.
This command does not expose the ports:
docker run -it -p 8080:8080 waltid/ssikit-wallet-backend
However, docker-compose is working fine.
Please either fix this or remove this command from the READMe
Build and started the backend via docker as in README
docker build -t waltid/ssikit-wallet-backend .
docker run -it -p 8080:8080 waltid/ssikit-wallet-backend
Server is responding with empty responses
$ curl -v http://127.0.0.1:8080/api/swagger
* Expire in 0 ms for 6 (transfer 0x7fffbbb6bfb0)
* Trying 127.0.0.1...
* TCP_NODELAY set
* Expire in 200 ms for 4 (transfer 0x7fffbbb6bfb0)
* Connected to 127.0.0.1 (127.0.0.1) port 8080 (#0)
> GET /api/swagger HTTP/1.1
> Host: 127.0.0.1:8080
> User-Agent: curl/7.64.0
> Accept: */*
>
* Empty reply from server
* Connection #0 to host 127.0.0.1 left intact
curl: (52) Empty reply from server
Same if using docker compose from the /docker folder (nginx upstream error).
How do we need to setup a presentation request for multiple credentials (SIOPv2 flow) - e.g. present your ParticipantCredential as well as a GaiaXProviderCredential for example in one presentation. Currently we have the following request:
const baseUri = 'https://wallet.lab.gaia-x.eu/verifier-api'
const schemaUri = 'https://raw.githubusercontent.com/walt-id/waltid-ssikit-vclib/master/src/test/resources/schemas/ParticipantCredential.json'
const url = ${baseURI}/present?walletId=walt.id&schemaUri=${schemaUri}
The documentation should be updated here https://doc.walt.id/v/web-wallet/concepts/oidc/oidc-1
Would it be possible to enable clients to send a redirect URL to be used with a SIOPv2 presentation request to the wallet backend (basically passing the current verifierUri as a parameter used for the /success and /error redirects)
When calling /quick-setup/run, the issuer and verifier configs should reference the hosted wallet instead of the localhost wallet.
Example
Issuer Config Current Version
{
"issuerApiUrl": "https://issuer.walt-test.cloud/issuer-api/iss-tenant-bXvvsJ_vC6Mn",
"issuerClientName": "Walt.id Issuer Portal",
"issuerDid": "did:key:z6MkkUVGs5TJj61Wid1vFyZi5pVyANiVDDYW5uWesDHnkJUo",
"issuerUiUrl": "http://localhost:5000",
"wallets": {
"walt.id": {
"description": "walt.id web wallet",
"id": "walt.id",
"presentPath": "api/siop/initiatePresentation",
"receivePath": "api/siop/initiateIssuance",
"url": "http://localhost:3000"
}
}
}
Issuer Config New Version
{
"issuerApiUrl": "https://issuer.walt-test.cloud/issuer-api/iss-tenant-bXvvsJ_vC6Mn",
"issuerClientName": "Walt.id Issuer Portal",
"issuerDid": "did:key:z6MkkUVGs5TJj61Wid1vFyZi5pVyANiVDDYW5uWesDHnkJUo",
"issuerUiUrl": "http://localhost:5000",
"wallets": {
"walt.id": {
"description": "walt.id web wallet",
"id": "walt.id",
"presentPath": "api/siop/initiatePresentation",
"receivePath": "api/siop/initiateIssuance",
"url": "https://wallet.walt-test.cloud"
}
}
}
Implement did create for iota method.
Expose via REST API (incl. integration test)
Hello waltid team!
I am looking to have a signed participant vc returned by the wallet.
I understand it's the /api/wallet/issuance/start route that can do this.
Only I don't know what parameter to give it to make it work... can you help me please?
@mikeplotean @severinstampler
Hosting of wallet-backend, issuer- & verifier-portal at: wallet/issuer/verifier.waltid.org
Hi team,
I got some problems when running docker-compose of walletkit on Windows with the latest versions of all images: issuer-portal, wallet-portal, verifier-portal, and wallet-kit. Even though, all components launched successfully, when I click on the VC request in the Wallet portal, I always get the 400 error from Issuer.
However, when I set all these images version to v0.6.0, all the components run successfully without any problem.
Does anyone get the same problem with the latest version and have a workaround please.
Thank you
According to OID4VC specs (https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0.html) the access_token has to be sent alongside the proof of possession of the key material the issued Credential shall be bound to but only the proof is sent. There is a reason for this or is a future fix planned to be fully standard?. Below is an example of a Credential Request:
[JettyServerThreadPool-22] INFO id.walt.services.oidc.OIDC4CIService - Sending credential request to http://localhost:8000/issuer-api/oidc/credential
{"format" : "jwt_vc", "proof" : {"jwt" : "eyJraWQiOiJkaWQ6a2V5Ono2TWttdVAzMTNxczRoQ252OEdSUTVTSkxhejRkUlozQXNWWlZRb0drbXVWZHBRSiN6Nk1rbXVQMzEzcXM0aENudjhHUlE1U0pMYXo0ZFJaM0FzVlpWUW9Ha211VmRwUUoiLCJ0eXAiOiJKV1QiLCJhbGciOiJFZERTQSJ9.eyJpc3MiOiJkaWQ6a2V5Ono2TWttdVAzMTNxczRoQ252OEdSUTVTSkxhejRkUlozQXNWWlZRb0drbXVWZHBRSiIsImF1ZCI6Imh0dHA6Ly9sb2NhbGhvc3Q6ODAwMC9pc3N1ZXItYXBpL29pZGMvIiwiaWF0IjoxNjcyOTIwODQ4LCJub25jZSI6IjVmYjYwYjU4LTRlMjMtNDc4YS1iNWQyLTFhNmFkZmRjMDZmMyJ9.UzhoHaFViNqWdoNHx-lol_3G0lT03ybSJkaqGzglb4W24gtjDmILiRqxe4zX22os064cvQZOhYPkyEcKF8uiAA", "proof_type" : "jwt"}, "type" : "MedicCredential"}
Decide and implement among following options:
Functions to be added:
Create shorter verification request uris, by making use of presentation defintion by reference (presentation_definition_uri), and shorter uuids
The issuance flow seems not to work when it is started from the issuer portal:
Error
xhr.js:210 POST https://wallet.waltid.org/api/wallet/siopv2/fulfillPassiveIssuance?sessionId=78fbedcf-a0ab-4a58-b40c-0b8c752b8b10 500
Error
vue.runtime.esm.js:1897 Error: Request failed with status code 500
This happens both with the version hosted by walt.id and if I run the demo
locally. When ran locally I see the following in the backend console output:
[JettyServerThreadPool-28] ERROR OIDC4VPService - Got error response from SIOP endpoint: 404: Not found
When using the newer way of requesting the issuance from the walled the issuing
works but I assume the old way should also work. It has worked for me before
though I was then using a version that did not yet have the feature where the
wallet could request issuance.
Update issuance protocol implementation, according to
https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0.html
Hello,
I'm using the latest version. I want to generate a DID for an issuer for EBSI. Now I have the following error in the following step (the previous steps work fine:
waltid-walletkit config --as-issuer essif auth-api --did did:ebsi:z22Bp8QEiHPPuPtbEyj45zby
The error is the following:
`walt.id SSI Kit 1.13.0-SNAPSHOT (running on Java 17.0.3+6-LTS)
[main] DEBUG id.walt.services.WaltIdServices - Creating dir-structure at: data
[main] INFO id.walt.webwallet.backend.cli.ConfigCmd - Running in context of: Issuer
EBSI Authentication API flow for DID did:ebsi:z22Bp8QEiHPPuPtbEyj45zby running...
[main] DEBUG id.walt.services.ecosystems.essif.EssifClient - ESSIF Authorization API flow started
[main] DEBUG id.walt.services.ecosystems.essif.userwallet.UserWalletService - Loading Verifiable Authorization from HKV Store.
Exception in thread "main" com.beust.klaxon.KlaxonException: Unable to instantiate EbsiVAWrapper:No argument provided for a required parameter: parameter #0 verifiableCredential of fun <init>
(id.walt.services.ecosystems.essif.EbsiVa, id.walt.credentials.w3c.W3CProof?): id.walt.services.ecosystems.essif.EbsiVAWrapper
No argument provided for a required parameter: parameter #0 verifiableCredential of fun <init>
(id.walt.services.ecosystems.essif.EbsiVa, id.walt.credentials.w3c.W3CProof?): id.walt.services.ecosystems.essif.EbsiVAWrapper
at com.beust.klaxon.JsonObjectConverter.initIntoUserClass(JsonObjectConverter.kt:115)
at com.beust.klaxon.JsonObjectConverter.fromJson(JsonObjectConverter.kt:30)
at com.beust.klaxon.DefaultConverter.fromJsonObject(DefaultConverter.kt:223)
at com.beust.klaxon.DefaultConverter.fromJson(DefaultConverter.kt:40)
at com.beust.klaxon.Klaxon.fromJsonObject(Klaxon.kt:296)
at id.walt.services.ecosystems.essif.userwallet.UserWalletService.createVerifiedClaims(UserWalletService.kt:579)
at id.walt.services.ecosystems.essif.userwallet.UserWalletService.siopSession(UserWalletService.kt:217)
at id.walt.services.ecosystems.essif.userwallet.UserWalletService.requestAccessToken(UserWalletService.kt:118)
at id.walt.services.ecosystems.essif.EssifClient.authApi(EssifClient.kt:236)
at id.walt.cli.EssifAuthCommand.run(EssifCommand.kt:66)
at com.github.ajalt.clikt.parsers.Parser.parse(Parser.kt:198)
at com.github.ajalt.clikt.parsers.Parser.parse(Parser.kt:211)
at com.github.ajalt.clikt.parsers.Parser.parse(Parser.kt:211)
at com.github.ajalt.clikt.parsers.Parser.parse(Parser.kt:211)
at com.github.ajalt.clikt.parsers.Parser.parse(Parser.kt:18)
at com.github.ajalt.clikt.core.CliktCommand.parse(CliktCommand.kt:400)
at com.github.ajalt.clikt.core.CliktCommand.parse$default(CliktCommand.kt:397)
at com.github.ajalt.clikt.core.CliktCommand.main(CliktCommand.kt:415)
at com.github.ajalt.clikt.core.CliktCommand.main(CliktCommand.kt:440)
at id.walt.MainKt$main$1.invokeSuspend(Main.kt:101)
at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith(ContinuationImpl.kt:33)
at kotlinx.coroutines.DispatchedTask.run(DispatchedTask.kt:106)
at kotlinx.coroutines.EventLoopImplBase.processNextEvent(EventLoop.common.kt:284)
at kotlinx.coroutines.BlockingCoroutine.joinBlocking(Builders.kt:85)
at kotlinx.coroutines.BuildersKt__BuildersKt.runBlocking(Builders.kt:59)
at kotlinx.coroutines.BuildersKt.runBlocking(Unknown Source)
at kotlinx.coroutines.BuildersKt__BuildersKt.runBlocking$default(Builders.kt:38)
at kotlinx.coroutines.BuildersKt.runBlocking$default(Unknown Source)
at id.walt.MainKt.main(Main.kt:26)`
We need to fix the once working flow to onboard a user and issuer a VC in the scope of credential verification. The flow got broken due to the update of the various SIOP specs for credential exchange.
In the scope of this task we should:
Since we can not query the /api/wallet
directly there is no endpoint right now to request the did document via the issuer-api
.
It would be great the query it either via GET /config/did/{id}
or /config/did/doc/{id}
.
The first solution would follow the typical pattern for REST APIs, but could lead to breaking systems. So the other option would be the besser way in case there will be more GET endpoints in the future.
We need a generic function to generate QR codes that can later be used for presenting various data objects in a PNG format.
This endpoint will create the required WalletKit configurations in order to be able to use it with waltid-integrations:
did:key
for the moment)Hi 👋
When trying to request multiple VCs in one call, I noticed that only the last VC in the call is actually requested.
After digging a bit, the issue comes from the redirection that uses the same ids for the different schemas.
Example (requesting VerifiableId + proofOfResidence):
http://localhost:8080/verifier-api/present/?walletId=walt.id&schemaUri=https://raw.githubusercontent.com/walt-id/waltid-ssikit-vclib/master/src/test/resources/schemas/ProofOfResidence.json&schemaUri=https://api.preprod.ebsi.eu/trusted-schemas-registry/v1/schemas/0xb77f8516a965631b4f197ad54c65a9e2f9936ebfb76bae4906d33744dbcc60ba
Gets redirected to:
http://localhost:8080/api/wallet/siopv2/initPresentation/?response_type=id_token&response_mode=form_post&client_id=http://localhost:8081/verifier-api/verify&redirect_uri=http://localhost:8081/verifier-api/verify&scope=openid&nonce=387a2ca4-bdc3-48c3-9a30-786f3818a75d&claims={"vp_token"+:+{"presentation_definition"+:+{"format"+:+null,+"id"+:+"1",+"input_descriptors"+:+[{"constraints"+:+null,+"format"+:+null,+"group"+:+null,+"id"+:+"1",+"name"+:+null,+"purpose"+:+null,+"schema"+:+{"uri"+:+"https://raw.githubusercontent.com/walt-id/waltid-ssikit-vclib/master/src/test/resources/schemas/ProofOfResidence.json"}},+{"constraints"+:+null,+"format"+:+null,+"group"+:+null,+"id"+:+"1",+"name"+:+null,+"purpose"+:+null,+"schema"+:+{"uri"+:+"https://api.preprod.ebsi.eu/trusted-schemas-registry/v1/schemas/0xb77f8516a965631b4f197ad54c65a9e2f9936ebfb76bae4906d33744dbcc60ba"}}],+"name"+:+null,+"purpose"+:+null,+"submission_requirements"+:+null}}}&state=387a2ca4-bdc3-48c3-9a30-786f3818a75d
the claims
fields contains (notice vp_token.presentation_definition.input_descriptors[].id
are the same):
{
"vp_token": {
"presentation_definition": {
"format": null,
"id": "1",
"input_descriptors": [
{
"constraints": null,
"format": null,
"group": null,
"id": "1",
"name": null,
"purpose": null,
"schema": {
"uri": "https://raw.githubusercontent.com/walt-id/waltid-ssikit-vclib/master/src/test/resources/schemas/ProofOfResidence.json"
}
},
{
"constraints": null,
"format": null,
"group": null,
"id": "1",
"name": null,
"purpose": null,
"schema": {
"uri": "https://api.preprod.ebsi.eu/trusted-schemas-registry/v1/schemas/0xb77f8516a965631b4f197ad54c65a9e2f9936ebfb76bae4906d33744dbcc60ba"
}
}
],
"name": null,
"purpose": null,
"submission_requirements": null
}
}
}
I tried to change the second id with a MITM proxy, and it fixes the issue.
The redirection is made here:
Issue comes from here, the fix is simply to give a different id to each:
It is mapped by id, so the first VC gets erased:
Hello, I've try gradle build
and get this result on a Mac OS Ventura 13 , openjdk 11, any idea of what's wrong ?
FAILURE: Build failed with an exception.
Could not resolve all dependencies for configuration ':runtimeClasspath'.
Failed to calculate the value of task ':compileJava' property 'javaCompiler'.
> No matching toolchains found for requested specification: {languageVersion=17, vendor=any, implementation=vendor-specific}.
> No locally installed toolchains match (see https://docs.gradle.org/8.0.1/userguide/toolchains.html#sec:auto_detection) and toolchain download repositories have not been configured (see https://docs.gradle.org/8.0.1/userguide/toolchains.html#sub:download_repositories).
Run with --stacktrace option to get the stack trace.
Run with --info or --debug option to get more log output.
Run with --scan to get full insights.
BUILD FAILED in 558ms
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.