fix presentation (#8)

Signed-off-by: Berend Sliedrecht <sliedrecht@berend.io>

Author: berendsliedrecht

agent/package.json

@@ -1,10 +1,10 @@
 {
   "name": "agent",
   "dependencies": {
-    "@credo-ts/askar": "^0.5.9",
-    "@credo-ts/core": "^0.5.9",
-    "@credo-ts/node": "^0.5.9",
-    "@credo-ts/openid4vc": "^0.5.9",
+    "@credo-ts/askar": "0.5.10-alpha-20240801095850",
+    "@credo-ts/core": "0.5.10-alpha-20240801095850",
+    "@credo-ts/node": "0.5.10-alpha-20240801095850",
+    "@credo-ts/openid4vc": "0.5.10-alpha-20240801095850",
     "@hyperledger/aries-askar-nodejs": "^0.2.3",
     "cors": "^2.8.5",
     "dotenv": "^16.4.5",

agent/src/endpoints.ts

@@ -99,8 +99,14 @@ apiRouter.post('/offers/receive', async (request: Request, response: Response) =
     },
   })
 
+  for (const credential of credentials) {
+    if ('compact' in credential.credential) {
+      await agent.sdJwtVc.store(credential.credential.compact as string)
+    }
+  }
+
   return response.json({
-    credentials: credentials.map((credential) => JSON.stringify(credential.credential.payload)),
+    credentials: credentials.map((credential) => credential.credential.payload),
   })
 })
 
@@ -227,7 +233,7 @@ apiRouter.post('/requests/receive', async (request: Request, response: Response)
   return response.status(serverResponse.status).json(submittedResponse)
 })
 
-apiRouter.use((error: Error, request: Request, response: Response, next: NextFunction) => {
+apiRouter.use((error: Error, _request: Request, response: Response, _next: NextFunction) => {
   console.error('Unhandled error', error)
   return response.status(500).json({
     error: error.message,

agent/src/keyMethods/setup.ts

@@ -30,6 +30,9 @@ export async function setupX509Certificate() {
     }
   }
 
+  console.log('======= X.509 Certificate ===========')
+  console.log(x509Certificate)
+
   const x509 = agent.dependencyManager.resolve(X509Api)
   await x509.addTrustedCertificate(x509Certificate)
 }

app/components/ReceiveTab.tsx

@@ -3,24 +3,28 @@ import { Button } from '@/components/ui/button'
 import { Card } from '@/components/ui/card'
 import { Label } from '@/components/ui/label'
 import { type FormEvent, useState } from 'react'
-import { receiveOffer } from '../lib/api'
+import { receiveOffer, receiveRequest } from '../lib/api'
 
 export function ReceiveTab() {
-  const [receiveCredentialOfferUri, setReceiveCredentialOfferUri] = useState<string>()
+  const [receiveCredentialOfferOrPresentationUri, setReceiveCredentialOfferUri] = useState<string>()
   const [receivedCredentials, setReceivedCredentials] = useState()
+  const [receivedPresentation, setReceivedPresentation] = useState()
 
   async function onSubmitReceiveOffer(e: FormEvent) {
     e.preventDefault()
-    if (!receiveCredentialOfferUri) return
-
-    setReceivedCredentials(await receiveOffer(receiveCredentialOfferUri))
+    if (!receiveCredentialOfferOrPresentationUri) return
+    if (receiveCredentialOfferOrPresentationUri.startsWith('openid-credential-offer://')) {
+      setReceivedCredentials(await receiveOffer(receiveCredentialOfferOrPresentationUri))
+    } else {
+      setReceivedPresentation(await receiveRequest(receiveCredentialOfferOrPresentationUri))
+    }
   }
 
   return (
     <Card className="p-6">
       <form className="space-y-4" onSubmit={onSubmitReceiveOffer}>
         <div className="space-y-2">
-          <Label htmlFor="credential-offer-uri">Credential Offer URI</Label>
+          <Label htmlFor="credential-offer-uri">Credential Offer or SIOP URI</Label>
           <textarea
             className="w-full h-20 p-2 rounded-md bg-white border border-gray-300"
             id="credential-offer-uri"
@@ -31,6 +35,8 @@ export function ReceiveTab() {
         <div className="flex justify-center items-center bg-gray-200 min-h-64 w-full rounded-md">
           {receivedCredentials ? (
             <HighLight code={JSON.stringify(receivedCredentials, null, 2)} language="json" />
+          ) : receivedPresentation ? (
+            <HighLight code={JSON.stringify(receivedPresentation, null, 2)} language="json" />
           ) : (
             <p className="text-gray-500">JSON content of the credential will be displayed here</p>
           )}

app/components/VerifyTab.tsx

@@ -61,7 +61,7 @@ export function VerifyTab() {
               limit_disclosure: 'preferred',
               fields: [
                 {
-                  path: ['$.given_name', '$.family_name', '$.address'],
+                  path: ['$.given_name'],
                 },
               ],
             },

package.json

@@ -10,7 +10,7 @@
   "pnpm": {
     "patchedDependencies": {
       "@sphereon/did-auth-siop@0.15.1-next.4": "patches/@sphereon__did-auth-siop@0.15.1-next.4.patch",
-      "@credo-ts/openid4vc@0.5.9": "patches/@credo-ts__openid4vc@0.5.9.patch"
+      "@credo-ts/openid4vc@0.5.10-alpha-20240801095850": "patches/@credo-ts__openid4vc@0.5.10-alpha-20240801095850.patch"
     }
   }
 }

patches/@credo-ts__openid4vc@0.5.10-alpha-20240801095850.patch

@@ -0,0 +1,48 @@
+diff --git a/build/shared/utils.js b/build/shared/utils.js
+index 36037ab98cf59f64b56d107aef9b2eb02b491c60..7eccc2ab99d396366299138df8d99376ca35696c 100644
+--- a/build/shared/utils.js
++++ b/build/shared/utils.js
+@@ -64,9 +64,10 @@ function getCreateJwtCallback(agentContext) {
+             return jws;
+         }
+         else if (jwtIssuer.method === 'jwk') {
+-            const key = (0, core_1.getJwkFromJson)(jwtIssuer.jwk).key;
++            const jwk = core_1.getJwkFromJson(jwtIssuer.jwk);
++            const key = jwk.key;
+             const jws = await jwsService.createJwsCompact(agentContext, {
+-                protectedHeaderOptions: jwt.header,
++                protectedHeaderOptions: Object.assign(jwt.header, { jwk, alg: jwtIssuer.alg }),
+                 payload: core_1.JwtPayload.fromJson(jwt.payload),
+                 key,
+             });
+@@ -75,7 +76,7 @@ function getCreateJwtCallback(agentContext) {
+         else if (jwtIssuer.method === 'x5c') {
+             const key = core_1.X509Service.getLeafCertificate(agentContext, { certificateChain: jwtIssuer.x5c }).publicKey;
+             const jws = await jwsService.createJwsCompact(agentContext, {
+-                protectedHeaderOptions: jwt.header,
++                protectedHeaderOptions: Object.assign(jwt.header, { jwk: undefined, alg: jwtIssuer.alg }),
+                 payload: core_1.JwtPayload.fromJson(jwt.payload),
+                 key,
+             });
+@@ -102,17 +103,19 @@ async function openIdTokenIssuerToJwtIssuer(agentContext, openId4VcTokenIssuer)
+         const leafCertificate = core_1.X509Service.getLeafCertificate(agentContext, {
+             certificateChain: openId4VcTokenIssuer.x5c,
+         });
++        const jwk = (0, core_1.getJwkFromKey)(leafCertificate.publicKey);
++        const alg = jwk.supportedSignatureAlgorithms[0]
+         if (!issuer.startsWith('https://')) {
+             throw new core_1.CredoError('The X509 certificate issuer must be a HTTPS URI.');
+         }
+         if ((_b = leafCertificate.sanUriNames) === null || _b === void 0 ? void 0 : _b.includes(issuer)) {
+-            return Object.assign(Object.assign({}, openId4VcTokenIssuer), { clientIdScheme: 'x509_san_uri' });
++            return Object.assign(Object.assign({}, openId4VcTokenIssuer), { clientIdScheme: 'x509_san_uri', alg });
+         }
+         else {
+             if (!((_c = leafCertificate.sanDnsNames) === null || _c === void 0 ? void 0 : _c.includes((0, core_1.getDomainFromUrl)(issuer)))) {
+                 throw new Error(`The 'iss' claim in the payload does not match a 'SAN-URI' or 'SAN-DNS' name in the x5c certificate.`);
+             }
+-            return Object.assign(Object.assign({}, openId4VcTokenIssuer), { clientIdScheme: 'x509_san_dns' });
++            return Object.assign(Object.assign({}, openId4VcTokenIssuer), { clientIdScheme: 'x509_san_dns', alg });
+         }
+     }
+     return openId4VcTokenIssuer;