openid-data-classes/at.asitplus.openid.dcql/DCQLJsonClaimsQuery/executeJsonClaimsQueryAgainstCredential

executeJsonClaimsQueryAgainstCredential

fun <Credential : Any> executeJsonClaimsQueryAgainstCredential(    credentialQuery: DCQLCredentialQuery,     credential: Credential,     credentialStructureExtractor: (Credential) -> DCQLCredentialClaimStructure.JsonBasedStructure,     jsonBasedCredentialFormats: List<CredentialFormatEnum> = listOf( CredentialFormatEnum.DC_SD_JWT, CredentialFormatEnum.JWT_VC, )): KmmResult<DCQLClaimsQueryResult.JsonResult>(source)

6.3.1.1. Selecting Claims

The following rules apply for selecting claims via claims and claim_sets: If claims is absent, the Verifier requests all claims existing in the Credential. If claims is present, but claim_sets is absent, the Verifier requests all claims listed in claims. If both claims and claim_sets are present, the Verifier requests one combination of the claims listed in claim_sets. The order of the options conveyed in the claim_sets array expresses the Verifier's preference for what is returned; the Wallet MUST return the first option that it can satisfy. If the Wallet cannot satisfy any of the options, it MUST NOT return any claims.When a Claims Query contains a restriction on the values of a claim, the Wallet SHOULD NOT return the claim if its value does not match at least one of the elements in values i.e., the claim should be treated the same as if it did not exist in the Credential. Implementing this restriction may not be possible in all cases, for example, if the Wallet does not have access to the claim value before presentation or user consent or if another component routing the request to the Wallet does not have access to the claim value. Therefore, Verifiers must treat restrictions expressed using values as a best-effort way to improve user privacy, but MUST NOT rely on it for security checks.The purpose of the claim_sets syntax is to provide a way for a verifier to describe alternative ways a given credential can satisfy the request. The array ordering expresses the Verifier's preference for how to fulfill the request. The first element in the array is the most preferred and the last element in the array is the least preferred. Verifiers SHOULD use the principle of least information disclosure to influence how they order these options. For example, a proof of age request should prioritize requesting an attribute like age_over_18 over an attribute like birth_date. The claim_sets syntax is not intended to define options the user can choose from, see Section 6.3.1.3 for more information.If the Wallet cannot deliver all claims requested by the Verifier according to these rules, it MUST NOT return the respective Credential.