buildClientAttestationJwt
suspend fun JwsService.buildClientAttestationJwt(clientId: String, issuer: String, clientKey: JsonWebKey, keyType: WalletAttestationKeyType? = null, userAuthentication: WalletAttestationUserAuthentication? = null, authenticationLevel: String? = null, lifetime: Duration = 60.minutes, clockSkew: Duration = 5.minutes): JwsSigned<JsonWebToken>(source)
Client attestation JWT, issued by the backend service to a client, which can be sent to an OAuth2 Authorization Server if needed, e.g. as HTTP header OAuth-Client-Attestation, see OAuth 2.0 Attestation-Based Client Authentication
Parameters
clientId
OAuth 2.0 client ID of the wallet
issuer
a unique identifier for the entity that issued the JWT
clientKey
key to be attested, i.e. included in a ConfirmationClaim
keyType
optional key type acc. to OID4VC HAIP with SD-JWT VC to include in the ConfirmationClaim
userAuthentication
optional user authentication acc. to OID4VC HAIP with SD-JWT VC to include in the ConfirmationClaim
lifetime
validity period of the assertion (minus the clockSkew)
clockSkew
duration to subtract from Clock.System.now when setting the creation timestamp