vck-openid-ktor/at.asitplus.wallet.lib.ktor.openid/OpenId4VciClient

OpenId4VciClient

class OpenId4VciClient(    openUrlExternally: suspend (String) -> Unit,     engine: HttpClientEngine,     cookiesStorage: CookiesStorage? = null,     httpClientConfig: HttpClientConfig<*>.() -> Unit? = null,     storeProvisioningContext: suspend (ProvisioningContext) -> Unit,     loadProvisioningContext: suspend () -> ProvisioningContext?,     loadClientAttestationJwt: suspend () -> String,     clientAttestationJwsService: JwsService = DefaultJwsService(DefaultCryptoService(EphemeralKeyWithoutCert())),     dpopJwsService: JwsService = DefaultJwsService(DefaultCryptoService(EphemeralKeyWithoutCert())),     val oid4vciService: WalletService = WalletService(),     storeCredential: suspend (Holder.StoreCredentialInput) -> Unit,     storeRefreshToken: suspend (RefreshTokenInfo) -> Unit)(source)

Implements the client side of OpenID for Verifiable Credential Issuance

  • , Draft 15, 2024-12-19.

Supported features:

Constructors

Link copied to clipboard
constructor(    openUrlExternally: suspend (String) -> Unit,     engine: HttpClientEngine,     cookiesStorage: CookiesStorage? = null,     httpClientConfig: HttpClientConfig<*>.() -> Unit? = null,     storeProvisioningContext: suspend (ProvisioningContext) -> Unit,     loadProvisioningContext: suspend () -> ProvisioningContext?,     loadClientAttestationJwt: suspend () -> String,     clientAttestationJwsService: JwsService = DefaultJwsService(DefaultCryptoService(EphemeralKeyWithoutCert())),     dpopJwsService: JwsService = DefaultJwsService(DefaultCryptoService(EphemeralKeyWithoutCert())),     oid4vciService: WalletService = WalletService(),     storeCredential: suspend (Holder.StoreCredentialInput) -> Unit,     storeRefreshToken: suspend (RefreshTokenInfo) -> Unit)

Properties

Link copied to clipboard
val oid4vciService: WalletService

Implements OID4VCI protocol, redirectUrl needs to be registered by the OS for this application, so redirection back from browser works, cryptoService provides proof of possession for credential key material.

Functions

Link copied to clipboard
suspend fun loadCredentialMetadata(host: String): KmmResult<Collection<CredentialIdentifierInfo>>

Loads credential metadata info from host, parses it, returns list of CredentialIdentifierInfo.

Link copied to clipboard
suspend fun loadCredentialWithOffer(    credentialOffer: CredentialOffer,     credentialIdentifierInfo: CredentialIdentifierInfo,     transactionCode: String? = null): KmmResult<Unit>

Loads a user-selected credential with pre-authorized code from the OID4VCI credential issuer

suspend fun loadCredentialWithOffer(    credentialOffer: CredentialOffer,     credentialIdentifierInfo: CredentialIdentifierInfo,     transactionCode: String? = null,     requestedAttributes: Set<NormalizedJsonPath>?): KmmResult<Unit>
Link copied to clipboard
suspend fun refreshCredential(refreshTokenInfo: RefreshTokenInfo): KmmResult<Unit>

Call to refresh a credential with a stored refresh token (that was received when issuing the credential for the first time, stored with storeRefreshToken).

Link copied to clipboard
suspend fun resumeWithAuthCode(url: String): KmmResult<Unit>

Called after getting the redirect back from the authorization server to the credential issuer.

Link copied to clipboard
suspend fun startProvisioningWithAuthRequest(credentialIssuerUrl: String, credentialIdentifierInfo: CredentialIdentifierInfo): KmmResult<Unit>

Starts the issuing process at credentialIssuerUrl. This will call openUrlExternally to perform authentication at the authorization server, typically in an external browser to show appropriate user interface. Clients need to call resumeWithAuthCode after getting the authorization code back from the authorization server, e.g. by the Wallet app getting opened (see redirectUrl at oid4vciService) after the browser being redirecting back from the authorization server.

suspend fun startProvisioningWithAuthRequest(    credentialIssuer: String,     credentialIdentifierInfo: CredentialIdentifierInfo,     requestedAttributes: Set<NormalizedJsonPath>?): KmmResult<Unit>