vck-openid/at.asitplus.wallet.lib.oidvci/SimpleAuthorizationService

SimpleAuthorizationService

class SimpleAuthorizationService(dataProvider: OAuth2DataProvider, credentialSchemes: Set<ConstantIndex.CredentialScheme>, codeService: CodeService = DefaultCodeService(), tokenService: TokenService = DefaultTokenService(), clientNonceService: NonceService = DefaultNonceService(), val publicContext: String = "https://wallet.a-sit.at/authorization-server", val authorizationEndpointPath: String = "/authorize", val tokenEndpointPath: String = "/token") : OAuth2AuthorizationServer(source)

Simple authorization server implementation, to be used for CredentialIssuer, when issuing credentials directly from a local dataProvider.

Implemented from OpenID for Verifiable Credential Issuance (https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0.html), Draft 13, 2024-02-08.

Constructors

Link copied to clipboard
constructor(dataProvider: OAuth2DataProvider, credentialSchemes: Set<ConstantIndex.CredentialScheme>, codeService: CodeService = DefaultCodeService(), tokenService: TokenService = DefaultTokenService(), clientNonceService: NonceService = DefaultNonceService(), publicContext: String = "https://wallet.a-sit.at/authorization-server", authorizationEndpointPath: String = "/authorize", tokenEndpointPath: String = "/token")

Properties

Link copied to clipboard
val authorizationEndpointPath: String

Used to build OAuth2AuthorizationServerMetadata.authorizationEndpoint, i.e. implementers need to forward requests to that URI (which starts with publicContext) to authorize.

Link copied to clipboard
val metadata: OAuth2AuthorizationServerMetadata

Serve this result JSON-serialized under /.well-known/openid-configuration

Link copied to clipboard
open override val publicContext: String

Used in several fields in OAuth2AuthorizationServerMetadata, to provide endpoint URLs to clients.

Link copied to clipboard
val tokenEndpointPath: String

Used to build OAuth2AuthorizationServerMetadata.tokenEndpoint, i.e. implementers need to forward requests to that URI (which starts with publicContext) to token.

Functions

Link copied to clipboard
suspend fun authorize(request: AuthenticationRequestParameters): KmmResult<AuthenticationResponseResult.Redirect>

Builds the authentication response. Send this result as HTTP Header Location in a 302 response to the client.

Link copied to clipboard
open suspend override fun getUserInfo(accessToken: String): KmmResult<OidcUserInfoExtended>

Get the OidcUserInfoExtended (holding OidcUserInfo) associated with the accessToken, that was created before at the Authorization Server.

Link copied to clipboard
open suspend override fun provideMetadata(): KmmResult<OAuth2AuthorizationServerMetadata>

Provide necessary OAuth2AuthorizationServerMetadata JSON for a client to be able to authenticate

Link copied to clipboard
open suspend override fun providePreAuthorizedCode(): String?

Provide a pre-authorized code (for flow defined in OID4VCI), to be used by the Wallet implementation to load credentials.

Link copied to clipboard
suspend fun token(params: TokenRequestParameters): KmmResult<TokenResponseParameters>

Verifies the authorization code sent by the client and issues an access token. Send this value JSON-serialized back to the client.

Link copied to clipboard
open suspend override fun verifyAndRemoveClientNonce(nonce: String): Boolean