authorize method

walt-id · Sep 12, 2023 · 625299b · 625299b
1 parent 6a43a9d
commit 625299b
Show file tree

Hide file tree

Showing 17 changed files with 113 additions and 20 deletions.
diff --git a/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/CredentialIssuanceFlow.kt b/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/CredentialIssuanceFlow.kt
@@ -1,15 +1,95 @@
 package id.walt.services.ecosystems.essif.conformance
 
+import com.beust.klaxon.Klaxon
+import id.walt.crypto.KeyAlgorithm
+import id.walt.model.DidMethod
+import id.walt.servicematrix.ServiceMatrix
+import id.walt.services.WaltIdServices
+import id.walt.services.did.DidEbsiCreateOptions
+import id.walt.services.did.DidService
+import id.walt.services.jwt.JwtService
+import id.walt.services.key.KeyService
+import io.ktor.client.*
+import io.ktor.client.plugins.contentnegotiation.*
+import io.ktor.client.plugins.logging.*
+import io.ktor.client.request.*
+import io.ktor.client.statement.*
+import io.ktor.serialization.kotlinx.json.*
+import kotlinx.coroutines.runBlocking
+import kotlinx.serialization.json.Json
+import java.util.*
+
 object CredentialIssuanceFlow {
-    fun getCredential(type: String) {
-        val queryParams = authorizeRequest()
+    const val authorizationServer = "https://conformance-test.ebsi.eu/conformance/v3/auth-mock"
+    const val authorizationEndpoint = "https://conformance-test.ebsi.eu/conformance/v3/auth-mock/authorize"
+    const val credentialIssuer = "https://conformance-test.ebsi.eu/conformance/v3/issuer-mock"
+
+    private val klaxon = Klaxon()
+    private val http = HttpClient {
+        install(ContentNegotiation) {
+            json(Json { ignoreUnknownKeys = true })
+        }
+        if (WaltIdServices.httpLogging) {
+            install(Logging) {
+                logger = Logger.DEFAULT
+                level = LogLevel.ALL
+            }
+        }
+    }
+
+    suspend fun getCredential(type: String) {
+        val queryParams = authorizeRequest(type)
         val idTokenParams = directPostIdTokenRequest()
         val authToken = authTokenRequest()
         val jwtCredential = credentialRequest()
         decodeCredential(jwtCredential)
     }
 
-    private fun authorizeRequest() {}
+    /*private */suspend fun authorizeRequest(credential: String): String {
+        // create keys (ES256 & ES256k)
+        val key = KeyService.getService().generate(KeyAlgorithm.ECDSA_Secp256k1)
+        // create did
+        val did = DidService.create(DidMethod.ebsi, key.id, DidEbsiCreateOptions(version = 1))
+        // client-id
+        val clientId = "https://conformance-test.ebsi.eu/conformance/v3/client-mock/$did"
+        val scope = "openid"
+        val clientMetadata = getClientMetadata(clientId)
+        val authorizationDetails = listOf(getAuthorizationDetails(getCredentialRequestedTypesList(credential), credentialIssuer))
+        val queryParams = mapOf(
+            "scope" to scope,
+            "client_id" to clientId,
+            "client_metadata" to clientMetadata,
+            "redirect_uri" to "$clientId/code-cb",
+            "response_type" to "code",
+            "state" to UUID.randomUUID().toString(),
+            "authorization_details" to authorizationDetails,
+            //TODO:???
+//        "code_challenge" to "",
+//        "code_challenge_method" to "",
+//        "issuer_state" to "",
+        )
+        val jwtPayload = mapOf(
+            "client_metadata" to clientMetadata,
+            "authorization_details" to authorizationDetails
+        ).plus(queryParams)
+            .plus(mapOf(
+                "iss" to clientId,
+                "aud" to credentialIssuer
+            ))
+        // TODO: set issuer, set audience
+        val requestParam = JwtService.getService().sign(key.id, klaxon.toJsonString(jwtPayload))
+        val authResponse = http.get(authorizationEndpoint){
+            url{
+                queryParams.forEach{
+                    parameters.append(it.key, klaxon.toJsonString(it.value))
+                }
+                parameters.append("request", requestParam)
+            }
+        }
+        //TODO: parse response
+        val parseResponse = authResponse.bodyAsText()
+        return parseResponse
+    }
     private fun directPostIdTokenRequest() {}
     private fun authTokenRequest() {}
     private fun credentialRequest(): String {
@@ -26,4 +106,17 @@ object CredentialIssuanceFlow {
             else -> {}
         }
     }.plus(type)
+
+    private fun getClientMetadata(clientId: String) = mapOf(
+        "redirect_uris" to listOf("$clientId/code-cb"),
+        "jwks_uri" to "$clientId/jwks",
+        "authorization_endpoint" to "$clientId/authorize"
+    )
+
+    private fun getAuthorizationDetails(credentialTypes: List<String>, credentialIssuer: String) = mapOf(
+        "type" to "openid_credential",
+        "format" to "jwt_vc",
+        "types" to credentialTypes,
+        "locations" to listOf(credentialIssuer),
+    )
 }
diff --git a/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/Test.kt b/src/main/kotlin/id/walt/services/ecosystems/essif/conformance/Test.kt
@@ -1,5 +1,5 @@
 package id.walt.services.ecosystems.essif.conformance
 
 interface Test {
-    fun run()
+    suspend fun run()
 }
diff --git a/...t/services/ecosystems/essif/conformance/accreditandauthorize/AccreditAndAuthorizeTests.kt b/...t/services/ecosystems/essif/conformance/accreditandauthorize/AccreditAndAuthorizeTests.kt
@@ -6,7 +6,7 @@ import id.walt.services.ecosystems.essif.conformance.accreditandauthorize.tao.Tr
 import id.walt.services.ecosystems.essif.conformance.accreditandauthorize.ti.TrustedIssuerTests
 
 object AccreditAndAuthorizeTests : Test {
-    override fun run() {
+    override suspend fun run() {
         TrustedIssuerTests.run()
         TrustedAccreditationOrganizationTests.run()
         RootTrustedAccreditationOrganizationTests.run()

diff --git a/...onformance/accreditandauthorize/rtao/RegisterVerifiableAuthorisationForTrustChainToTIR.kt b/...onformance/accreditandauthorize/rtao/RegisterVerifiableAuthorisationForTrustChainToTIR.kt
@@ -3,7 +3,7 @@ package id.walt.services.ecosystems.essif.conformance.accreditandauthorize.rtao
 import id.walt.services.ecosystems.essif.conformance.Test
 
 object RegisterVerifiableAuthorisationForTrustChainToTIR : Test {
-    override fun run() {
+    override suspend fun run() {
         TODO("Not yet implemented")
     }
 }
diff --git a/...ssif/conformance/accreditandauthorize/rtao/RequestVerifiableAuthorisationForTrustChain.kt b/...ssif/conformance/accreditandauthorize/rtao/RequestVerifiableAuthorisationForTrustChain.kt
@@ -3,7 +3,7 @@ package id.walt.services.ecosystems.essif.conformance.accreditandauthorize.rtao
 import id.walt.services.ecosystems.essif.conformance.Test
 
 object RequestVerifiableAuthorisationForTrustChain : Test {
-    override fun run() {
+    override suspend fun run() {
         TODO("Not yet implemented")
     }
 }
diff --git a/.../essif/conformance/accreditandauthorize/rtao/RootTrustedAccreditationOrganizationTests.kt b/.../essif/conformance/accreditandauthorize/rtao/RootTrustedAccreditationOrganizationTests.kt
@@ -3,7 +3,7 @@ package id.walt.services.ecosystems.essif.conformance.accreditandauthorize.rtao
 import id.walt.services.ecosystems.essif.conformance.Test
 
 object RootTrustedAccreditationOrganizationTests : Test {
-    override fun run() {
+    override suspend fun run() {
         RequestVerifiableAuthorisationForTrustChain.run()
         RegisterVerifiableAuthorisationForTrustChainToTIR.run()
     }

diff --git a/...nformance/accreditandauthorize/tao/IssueVerifiableAccreditationToAccreditForSubAccount.kt b/...nformance/accreditandauthorize/tao/IssueVerifiableAccreditationToAccreditForSubAccount.kt
@@ -3,7 +3,7 @@ package id.walt.services.ecosystems.essif.conformance.accreditandauthorize.tao
 import id.walt.services.ecosystems.essif.conformance.Test
 
 object IssueVerifiableAccreditationToAccreditForSubAccount : Test {
-    override fun run() {
+    override suspend fun run() {
         TODO("Not yet implemented")
     }
 }
diff --git a/...conformance/accreditandauthorize/tao/IssueVerifiableAccreditationToAttestForSubAccount.kt b/...conformance/accreditandauthorize/tao/IssueVerifiableAccreditationToAttestForSubAccount.kt
@@ -3,7 +3,7 @@ package id.walt.services.ecosystems.essif.conformance.accreditandauthorize.tao
 import id.walt.services.ecosystems.essif.conformance.Test
 
 object IssueVerifiableAccreditationToAttestForSubAccount : Test {
-    override fun run() {
+    override suspend fun run() {
         TODO("Not yet implemented")
     }
 }
diff --git a/...onformance/accreditandauthorize/tao/IssueVerifiableAuthorisationToOnboardForSubAccount.kt b/...onformance/accreditandauthorize/tao/IssueVerifiableAuthorisationToOnboardForSubAccount.kt
@@ -3,7 +3,7 @@ package id.walt.services.ecosystems.essif.conformance.accreditandauthorize.tao
 import id.walt.services.ecosystems.essif.conformance.Test
 
 object IssueVerifiableAuthorisationToOnboardForSubAccount : Test {
-    override fun run() {
+    override suspend fun run() {
         TODO("Not yet implemented")
     }
 }
diff --git a/...if/conformance/accreditandauthorize/tao/RegisterVerifiableAccreditationToAccreditToTIR.kt b/...if/conformance/accreditandauthorize/tao/RegisterVerifiableAccreditationToAccreditToTIR.kt
@@ -3,7 +3,7 @@ package id.walt.services.ecosystems.essif.conformance.accreditandauthorize.tao
 import id.walt.services.ecosystems.essif.conformance.Test
 
 object RegisterVerifiableAccreditationToAccreditToTIR : Test {
-    override fun run() {
+    override suspend fun run() {
         TODO("Not yet implemented")
     }
 }
diff --git a/...ms/essif/conformance/accreditandauthorize/tao/RequestVerifiableAccreditationToAccredit.kt b/...ms/essif/conformance/accreditandauthorize/tao/RequestVerifiableAccreditationToAccredit.kt
@@ -4,7 +4,7 @@ import id.walt.services.ecosystems.essif.conformance.CredentialIssuanceFlow
 import id.walt.services.ecosystems.essif.conformance.Test
 
 object RequestVerifiableAccreditationToAccredit : Test {
-    override fun run() {
+    override suspend fun run() {
         val credential = CredentialIssuanceFlow.getCredential("VerifiableAccreditationToAccredit")
         TODO("Not yet implemented")
     }

diff --git a/...cosystems/essif/conformance/accreditandauthorize/tao/RevokeAccreditationsForSubAccount.kt b/...cosystems/essif/conformance/accreditandauthorize/tao/RevokeAccreditationsForSubAccount.kt
@@ -3,7 +3,7 @@ package id.walt.services.ecosystems.essif.conformance.accreditandauthorize.tao
 import id.walt.services.ecosystems.essif.conformance.Test
 
 object RevokeAccreditationsForSubAccount : Test {
-    override fun run() {
+    override suspend fun run() {
         TODO("Not yet implemented")
     }
 }
diff --git a/...stems/essif/conformance/accreditandauthorize/tao/TrustedAccreditationOrganizationTests.kt b/...stems/essif/conformance/accreditandauthorize/tao/TrustedAccreditationOrganizationTests.kt
@@ -3,7 +3,7 @@ package id.walt.services.ecosystems.essif.conformance.accreditandauthorize.tao
 import id.walt.services.ecosystems.essif.conformance.Test
 
 object TrustedAccreditationOrganizationTests : Test {
-    override fun run() {
+    override suspend fun run() {
         RequestVerifiableAccreditationToAccredit.run()
         RegisterVerifiableAccreditationToAccreditToTIR.run()
         IssueVerifiableAuthorisationToOnboardForSubAccount.run()

diff --git a/...ices/ecosystems/essif/conformance/accreditandauthorize/ti/AccreditationAsTrustedIssuer.kt b/...ices/ecosystems/essif/conformance/accreditandauthorize/ti/AccreditationAsTrustedIssuer.kt
@@ -3,7 +3,7 @@ package id.walt.services.ecosystems.essif.conformance.accreditandauthorize.ti
 import id.walt.services.ecosystems.essif.conformance.Test
 
 object AccreditationAsTrustedIssuer: Test {
-    override fun run() {
+    override suspend fun run() {
         TODO("Not yet implemented")
     }
 }
diff --git a/.../id/walt/services/ecosystems/essif/conformance/accreditandauthorize/ti/IssuerAndRevoke.kt b/.../id/walt/services/ecosystems/essif/conformance/accreditandauthorize/ti/IssuerAndRevoke.kt
@@ -3,7 +3,7 @@ package id.walt.services.ecosystems.essif.conformance.accreditandauthorize.ti
 import id.walt.services.ecosystems.essif.conformance.Test
 
 object IssuerAndRevoke: Test {
-    override fun run() {
+    override suspend fun run() {
         TODO("Not yet implemented")
     }
 }
diff --git a/...otlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/ti/Onboarding.kt b/...otlin/id/walt/services/ecosystems/essif/conformance/accreditandauthorize/ti/Onboarding.kt
@@ -5,13 +5,13 @@ import id.walt.services.ecosystems.essif.conformance.CredentialIssuanceFlow
 import id.walt.services.ecosystems.essif.conformance.Test
 
 object Onboarding : Test {
-    override fun run() {
+    override suspend fun run() {
         ConformanceLog.log("Onboarding")
         requestCredential()
         registerDidDocument("")
     }
 
-    fun requestCredential() {
+    suspend fun requestCredential() {
         ConformanceLog.log("Request VerifiableAuthorisationToOnboard")
         val credential = CredentialIssuanceFlow.getCredential("VerifiableAuthorizationToOnboard")
     }

diff --git a/.../walt/services/ecosystems/essif/conformance/accreditandauthorize/ti/TrustedIssuerTests.kt b/.../walt/services/ecosystems/essif/conformance/accreditandauthorize/ti/TrustedIssuerTests.kt
@@ -3,7 +3,7 @@ package id.walt.services.ecosystems.essif.conformance.accreditandauthorize.ti
 import id.walt.services.ecosystems.essif.conformance.Test
 
 object TrustedIssuerTests : Test {
-    override fun run() {
+    override suspend fun run() {
         Onboarding.run()
         AccreditationAsTrustedIssuer.run()
         IssuerAndRevoke.run()