vck-openid/at.asitplus.wallet.lib.oidvci/CredentialIssuer

CredentialIssuer

class CredentialIssuer(authorizationService: OAuth2AuthorizationServer, issuer: Issuer, credentialSchemes: Set<ConstantIndex.CredentialScheme>, publicContext: String = "https://wallet.a-sit.at/credential-issuer", credentialEndpointPath: String = "/credential", buildIssuerCredentialDataProviderOverride: (OidcUserInfoExtended) -> IssuerCredentialDataProvider = { OAuth2IssuerCredentialDataProvider(it) })(source)

Server implementation to issue credentials using OID4VCI.

Implemented from OpenID for Verifiable Credential Issuance (https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0.html), Draft 13, 2024-02-08.

Constructors

Link copied to clipboard
constructor(authorizationService: OAuth2AuthorizationServer, issuer: Issuer, credentialSchemes: Set<ConstantIndex.CredentialScheme>, publicContext: String = "https://wallet.a-sit.at/credential-issuer", credentialEndpointPath: String = "/credential", buildIssuerCredentialDataProviderOverride: (OidcUserInfoExtended) -> IssuerCredentialDataProvider = { OAuth2IssuerCredentialDataProvider(it) })

Properties

Link copied to clipboard
val metadata: IssuerMetadata

Serve this result JSON-serialized under /.well-known/openid-credential-issuer

Functions

Link copied to clipboard
suspend fun credential(accessToken: String, params: CredentialRequestParameters): KmmResult<CredentialResponseParameters>

Verifies the accessToken to contain a token from authorizationService, verifies the proof sent by the client (must contain a nonce sent from authorizationService), and issues credentials to the client. Send the result JSON-serialized back to the client.

Link copied to clipboard
suspend fun credentialOffer(): CredentialOffer

Offer all credentialSchemes to clients. Callers may need to transport this in CredentialOfferUrlParameters to (HTTPS) clients.