Skip to content
This repository has been archived by the owner on Dec 12, 2024. It is now read-only.

updating KT & JS for JAR #1450

Merged
merged 6 commits into from
Jul 1, 2024
Merged

updating KT & JS for JAR #1450

merged 6 commits into from
Jul 1, 2024

Conversation

EbonyLouis
Copy link
Contributor

@EbonyLouis EbonyLouis commented Jun 25, 2024
edited
Loading

Changes

Based on this discussion:

  • KCC-Wallet: Decodes JAR, Verify the JWT, decode its payload & Process SIOP Request
  • KCC Issuer: Signs the SIOPv2 Auth Request and sends back in JAR format
  • Updated DID naming

Question / Issue

In order to sign the SIOPv2 Auth Request in Kotlin, it needs to be a JwtClaimsSet before signing. Is this okay to do or should we update Kotlin so we can sign the Auth Request when it's a JSON object ? However, it is allowed in JS. To keep it uniformed this is how its currently being done in this PR: (@KendallWeihe , @decentralgabe , @frankhinek , @tomdaffurn )

  // Sign the SIOPv2 Auth Request
  const siopRequestJwtPayload = {
    sub: issuerBearerDid.uri, // Issuer's Decentralized Identifier string
    iss: issuerBearerDid.uri, // Issuer's Decentralized Identifier string
    iat: Math.floor(Date.now() / 1000), // Issued at
    exp: Math.floor(Date.now() / 1000) + 86400, // Expiration time
    request: siopRequestPayload, // Embed the SIOP request payload 
  };

  try {
    const jwtToken = await Jwt.sign({
      signerDid: issuerBearerDid, 
      payload: siopRequestJwtPayload,
    });
  // Send the SIOPv2 Auth Request in JAR format 
    const queryString = `client_id=${encodeURIComponent(issuerBearerDid.uri)}&request=${encodeURIComponent(jwtToken)}`;
    res.send(queryString);

TO DO:

  • update KCC-Wallet-Swift, we need to update web5-swift on docs site first since JWT.verify() was introduced 2 weeks ago.

@netlify Netlify
Copy link

netlify bot commented Jun 25, 2024
edited
Loading

Deploy Preview for tbd-website-developer-new ready!

Name Link
🔨 Latest commit 829d390
🔍 Latest deploy log https://app.netlify.com/sites/tbd-website-developer-new/deploys/6682fa8eaef075000875003a
😎 Deploy Preview https://deploy-preview-1450--tbd-website-developer-new.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

@netlify Netlify
Copy link

netlify bot commented Jun 25, 2024
edited
Loading

Deploy Preview for tbd-website-developer ready!

Name Link
🔨 Latest commit 829d390
🔍 Latest deploy log https://app.netlify.com/sites/tbd-website-developer/deploys/6682fa8e7ecdb20008a48b22
😎 Deploy Preview https://deploy-preview-1450--tbd-website-developer.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

@EbonyLouis EbonyLouis mentioned this pull request Jun 25, 2024
Open
3 tasks
@EbonyLouis EbonyLouis marked this pull request as ready for review June 28, 2024 15:45
@EbonyLouis EbonyLouis merged commit 99f7daa into main Jul 1, 2024
17 checks passed
@EbonyLouis EbonyLouis deleted the JAR-kcc-update branch July 1, 2024 18:56
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@decentralgabe decentralgabe decentralgabe left review comments

@KendallWeihe KendallWeihe KendallWeihe left review comments

@angiejones angiejones angiejones approved these changes

@dayhaysoos dayhaysoos Awaiting requested review from dayhaysoos dayhaysoos is a code owner

@leordev leordev Awaiting requested review from leordev leordev is a code owner

@blackgirlbytes blackgirlbytes Awaiting requested review from blackgirlbytes blackgirlbytes is a code owner

@acekyd acekyd Awaiting requested review from acekyd acekyd is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@EbonyLouis @KendallWeihe @decentralgabe @angiejones