vck-openid-ktor/at.asitplus.wallet.lib.ktor.openid/OpenId4VpWallet

OpenId4VpWallet

class OpenId4VpWallet(engine: HttpClientEngine, httpClientConfig: HttpClientConfig<*>.() -> Unit? = null, keyMaterial: KeyMaterial, holderAgent: HolderAgent, randomSource: RandomSource = RandomSource.Secure)(source)

Implements the wallet side of Self-Issued OpenID Provider v2 - draft 13 and OpenID for Verifiable Presentations - draft 21

Constructors

OpenId4VpWallet

constructor(engine: HttpClientEngine, httpClientConfig: HttpClientConfig<*>.() -> Unit? = null, keyMaterial: KeyMaterial, holderAgent: HolderAgent, randomSource: RandomSource = RandomSource.Secure)

Types

AuthenticationForward

data class AuthenticationForward(val authenticationResponseResult: AuthenticationResponseResult.DcApi) : OpenId4VpWallet.AuthenticationResult

AuthenticationResult

sealed interface AuthenticationResult

AuthenticationSuccess

data class AuthenticationSuccess(val redirectUri: String? = null) : OpenId4VpWallet.AuthenticationResult

FormDataContentPlain

class FormDataContentPlain(formData: Parameters) : OutgoingContent.ByteArrayContent

Our implementation of ktor's FormDataContent, but with contentType without charset appended, so that some strict mDoc verifiers accept our authn response

Properties

openId4VpHolder

val openId4VpHolder: OpenId4VpHolder

Functions

finalizeAuthorizationResponse

suspend fun finalizeAuthorizationResponse(preparationState: AuthorizationResponsePreparationState, credentialPresentation: CredentialPresentation? = null): KmmResult<OpenId4VpWallet.AuthenticationResult>

Calls openId4VpHolder to finalize the authentication response. In case the result shall be POSTed to the verifier, we call client to do that, and return the redirect_uri of that POST (which the Wallet may open in a browser). In case the result shall be sent as a redirect to the verifier, we return that URL. In case the result shall be returned via the Digital Credentials API, an AuthenticationForward will be returned with the result to be forwarded.

getMatchingCredentials

suspend fun getMatchingCredentials(preparationState: AuthorizationResponsePreparationState): Result<CredentialMatchingResult<SubjectCredentialStore.StoreEntry>>

Exceptions may be sent to the verifier in sendAuthnErrorResponse.

sendAuthnErrorResponse

suspend fun sendAuthnErrorResponse(error: Throwable, request: RequestParametersFrom<AuthenticationRequestParameters>)

Sends an error response with the appropriate method. Returns nothing as we don't expect a useful response from the remote verifier.

startAuthorizationResponsePreparation

suspend fun startAuthorizationResponsePreparation(request: RequestParametersFrom<AuthenticationRequestParameters>): KmmResult<AuthorizationResponsePreparationState>

suspend fun startAuthorizationResponsePreparation(input: String): KmmResult<AuthorizationResponsePreparationState>

startPresentationReturningUrl

suspend fun startPresentationReturningUrl(request: RequestParametersFrom<AuthenticationRequestParameters>): KmmResult<OpenId4VpWallet.AuthenticationSuccess>