issuecredential

package
v0.5.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 25, 2026 License: BSD-2-Clause Imports: 6 Imported by: 0

Documentation

Overview

Package issuecredential implements the DIDComm Issue Credential protocol 3.0.

This protocol enables issuing verifiable credentials from an issuer to a holder over DIDComm messaging.

Protocol URI: https://didcomm.org/issue-credential/3.0

Message flow:

  1. Holder sends propose-credential (optional)
  2. Issuer sends offer-credential with preview
  3. Holder sends request-credential to accept
  4. Issuer sends issue-credential with the credential
  5. Holder sends ack (optional)

See: https://github.com/hyperledger/aries-rfcs/blob/main/features/0453-issue-credential-v2/README.md

Index

Constants

View Source 
const (
	// Protocol identifier
	ProtocolURI = "https://didcomm.org/issue-credential/3.0"

	// Message types
	TypeProposeCredential = ProtocolURI + "/propose-credential"
	TypeOfferCredential   = ProtocolURI + "/offer-credential"
	TypeRequestCredential = ProtocolURI + "/request-credential"
	TypeIssueCredential   = ProtocolURI + "/issue-credential"
	TypeCredentialAck     = ProtocolURI + "/ack"
	TypeCredentialProblem = ProtocolURI + "/problem-report"

	// Attachment formats
	FormatLDProofVCDetail    = "aries/ld-proof-vc-detail@v2.0"
	FormatLDProofVC          = "aries/ld-proof-vc@v2.0"
	FormatCredentialManifest = "dif/credential-manifest@v1.0"
	FormatJWTOffer           = "jwt/credential-offer@v1.0"
	FormatJWTVC              = "jwt/vc@v1.0"
	FormatSDJWTVC            = "dc+sd-jwt"

	// Goal codes
	GoalCodeIssueVC = "aries.vc.issue"

	// Preview type
	PreviewType = "https://didcomm.org/issue-credential/3.0/credential-preview"
)

Variables

This section is empty.

Functions

func NewCredentialAck 

func NewCredentialAck(issue *message.Message) (*message.Message, error)

NewCredentialAck creates an acknowledgment for a received credential.

func NewIssueCredential 

func NewIssueCredential(request *message.Message, credential json.RawMessage, format string, opts ...IssueOption) (*message.Message, error)

NewIssueCredential creates the credential delivery message.

func NewOfferCredential 

func NewOfferCredential(from, to string, preview *Preview, credentialDetail json.RawMessage, format string, opts ...OfferOption) (*message.Message, error)

NewOfferCredential creates a new credential offer message. The credentialDetail should be a credential template or manifest (JSON).

func NewProposeCredential 

func NewProposeCredential(from, to string, preview *Preview, filter json.RawMessage, opts ...ProposeOption) (*message.Message, error)

NewProposeCredential creates a proposal from holder to issuer.

func NewRequestCredential 

func NewRequestCredential(offer *message.Message, holderBinding json.RawMessage, opts ...RequestOption) (*message.Message, error)

NewRequestCredential creates a request message accepting an offer. The holderBinding can contain key binding information for the credential.

Types

type Attachment 

type Attachment struct {
	ID        string         `json:"@id"`
	MediaType string         `json:"media_type,omitempty"`
	Format    string         `json:"format,omitempty"`
	Data      AttachmentData `json:"data"`
}

Attachment carries credential data.

type AttachmentData 

type AttachmentData struct {
	JSON   json.RawMessage `json:"json,omitempty"`
	Base64 string          `json:"base64,omitempty"`
	Links  []string        `json:"links,omitempty"`
	JWS    string          `json:"jws,omitempty"`
}

AttachmentData holds the content of an attachment.

type ConversationState 

type ConversationState struct {
	ThreadID    string
	State       State
	Role        Role
	PeerDID     string
	LastOffer   *OfferCredential
	LastRequest *RequestCredential
	Credential  json.RawMessage
}

ConversationState tracks the state of an issuance conversation.

type CredentialIssuer 

type CredentialIssuer interface {
	// IssueCredential creates a signed credential from a request.
	// Returns the credential as JSON and the format identifier.
	IssueCredential(ctx context.Context, request *RequestCredential, holderDID string) (json.RawMessage, string, error)
}

CredentialIssuer creates and signs credentials.

type CredentialPreviewBuilder 

type CredentialPreviewBuilder interface {
	// BuildPreview creates a credential preview for an offer.
	BuildPreview(ctx context.Context, credentialType string, claims map[string]any) (*Preview, error)
}

CredentialPreviewBuilder creates preview from credential data.

type CredentialStorer 

type CredentialStorer interface {
	// StoreCredential saves a received credential.
	StoreCredential(ctx context.Context, credential json.RawMessage, format string, issuerDID string) error
}

CredentialStorer stores received credentials.

type Handler 

type Handler struct {
	// contains filtered or unexported fields
}

Handler handles issue-credential protocol messages.

func NewHandler 

func NewHandler(agentDID string, opts ...HandlerOption) *Handler

NewHandler creates a new issue-credential protocol handler.

func (*Handler) CreateOffer 

func (h *Handler) CreateOffer(holderDID string, preview *Preview, credentialDetail json.RawMessage, format string, opts ...OfferOption) (*message.Message, error)

CreateOffer creates a credential offer to send to a holder. This is used by issuers to initiate credential issuance.

func (*Handler) CreateProposal 

func (h *Handler) CreateProposal(issuerDID string, preview *Preview, filter json.RawMessage, opts ...ProposeOption) (*message.Message, error)

CreateProposal creates a credential proposal to send to an issuer. This is used by holders to initiate credential issuance.

func (*Handler) GetConversation 

func (h *Handler) GetConversation(threadID string) *ConversationState

GetConversation returns the state of a conversation.

func (*Handler) Handle 

func (h *Handler) Handle(ctx context.Context, msg *message.Message) (*message.Message, error)

Handle processes an incoming issue-credential message.

func (*Handler) MessageTypes 

func (h *Handler) MessageTypes() []string

MessageTypes returns the message types this handler supports.

type HandlerOption 

type HandlerOption func(*Handler)

HandlerOption configures the handler.

func WithAutoAccept 

func WithAutoAccept() HandlerOption

WithAutoAccept enables auto-accept mode for testing. In this mode, offers are automatically accepted.

func WithCredentialIssuer 

func WithCredentialIssuer(issuer CredentialIssuer) HandlerOption

WithCredentialIssuer sets the credential issuer for issuer mode.

func WithCredentialStore 

func WithCredentialStore(store CredentialStorer) HandlerOption

WithCredentialStore sets the credential store for holder mode.

func WithIssueHandler 

func WithIssueHandler(handler func(ctx context.Context, issue *IssueCredential, msg *message.Message) (*message.Message, error)) HandlerOption

WithIssueHandler sets a custom handler for issue messages.

func WithOfferEvaluator 

func WithOfferEvaluator(evaluator OfferEvaluator) HandlerOption

WithOfferEvaluator sets the offer evaluator for holder mode.

func WithOfferHandler 

func WithOfferHandler(handler func(ctx context.Context, offer *OfferCredential, msg *message.Message) (*message.Message, error)) HandlerOption

WithOfferHandler sets a custom handler for offers.

func WithPreviewBuilder 

func WithPreviewBuilder(builder CredentialPreviewBuilder) HandlerOption

WithPreviewBuilder sets the preview builder for issuer mode.

func WithProposalHandler 

func WithProposalHandler(handler func(ctx context.Context, proposal *ProposeCredential, msg *message.Message) (*message.Message, error)) HandlerOption

WithProposalHandler sets a custom handler for proposals.

func WithRequestHandler 

func WithRequestHandler(handler func(ctx context.Context, request *RequestCredential, msg *message.Message) (*message.Message, error)) HandlerOption

WithRequestHandler sets a custom handler for requests.

type IssueCredential 

type IssueCredential struct {
	GoalCode          string       `json:"goal_code,omitempty"`
	Comment           string       `json:"comment,omitempty"`
	ReplacementID     string       `json:"replacement_id,omitempty"`
	CredentialsAttach []Attachment `json:"credentials~attach"`
}

IssueCredential delivers the credential to holder.

func ParseIssueCredential 

func ParseIssueCredential(msg *message.Message) (*IssueCredential, error)

ParseIssueCredential parses an issue message.

func (*IssueCredential) GetCredential 

func (i *IssueCredential) GetCredential() (json.RawMessage, string, error)

GetCredential extracts the credential from an issue message.

type IssueOption 

type IssueOption func(*issueConfig)

IssueOption configures issue message creation.

func WithIssueComment 

func WithIssueComment(comment string) IssueOption

WithIssueComment adds a comment.

func WithIssueGoalCode 

func WithIssueGoalCode(code string) IssueOption

WithIssueGoalCode sets the goal code.

func WithIssueReplacementID 

func WithIssueReplacementID(id string) IssueOption

WithIssueReplacementID indicates the credential being replaced.

type LDProofOptions 

type LDProofOptions struct {
	ProofType    string `json:"proofType,omitempty"`
	ProofPurpose string `json:"proofPurpose,omitempty"`
	Created      string `json:"created,omitempty"`
	Challenge    string `json:"challenge,omitempty"`
	Domain       string `json:"domain,omitempty"`
}

LDProofOptions specifies signing options for LD Proof credentials.

type LDProofVCDetail 

type LDProofVCDetail struct {
	Credential json.RawMessage `json:"credential"`
	Options    *LDProofOptions `json:"options,omitempty"`
}

LDProofVCDetail is the attachment format for W3C VC Data Integrity offers/requests.

type OfferCredential 

type OfferCredential struct {
	GoalCode          string       `json:"goal_code,omitempty"`
	Comment           string       `json:"comment,omitempty"`
	ReplacementID     string       `json:"replacement_id,omitempty"`
	CredentialPreview *Preview     `json:"credential_preview,omitempty"`
	OffersAttach      []Attachment `json:"offers~attach"`
}

OfferCredential is sent by issuer with credential details.

func ParseOfferCredential 

func ParseOfferCredential(msg *message.Message) (*OfferCredential, error)

ParseOfferCredential parses an offer message.

func (*OfferCredential) GetOfferDetail 

func (o *OfferCredential) GetOfferDetail() (json.RawMessage, string, error)

GetOfferDetail extracts the credential detail from an offer.

type OfferEvaluator 

type OfferEvaluator interface {
	// EvaluateOffer decides if the offer should be accepted.
	// Returns holder binding data (e.g., DID key binding) if accepted.
	// Returns error if offer should be rejected.
	EvaluateOffer(ctx context.Context, offer *OfferCredential, issuerDID string) (json.RawMessage, error)
}

OfferEvaluator decides whether to accept a credential offer.

type OfferOption 

type OfferOption func(*offerConfig)

OfferOption configures offer creation.

func WithOfferComment 

func WithOfferComment(comment string) OfferOption

WithOfferComment adds a human-readable comment to the offer.

func WithOfferGoalCode 

func WithOfferGoalCode(code string) OfferOption

WithOfferGoalCode sets the goal code for the offer.

func WithReplacementID 

func WithReplacementID(id string) OfferOption

WithReplacementID indicates the credential being replaced.

type Preview 

type Preview struct {
	Type       string             `json:"@type"`
	Attributes []PreviewAttribute `json:"attributes"`
}

Preview describes the credential before issuance.

func NewPreview 

func NewPreview(attributes map[string]string) *Preview

NewPreview creates a credential preview with the given attributes.

type PreviewAttribute 

type PreviewAttribute struct {
	Name     string `json:"name"`
	MimeType string `json:"mime-type,omitempty"`
	Value    string `json:"value"`
}

PreviewAttribute is a claim in the credential preview.

type ProposeCredential 

type ProposeCredential struct {
	GoalCode          string       `json:"goal_code,omitempty"`
	Comment           string       `json:"comment,omitempty"`
	CredentialPreview *Preview     `json:"credential_preview,omitempty"`
	FiltersAttach     []Attachment `json:"filters~attach,omitempty"`
}

ProposeCredential is sent by holder to initiate credential issuance.

func ParseProposeCredential 

func ParseProposeCredential(msg *message.Message) (*ProposeCredential, error)

ParseProposeCredential parses a propose message.

type ProposeOption 

type ProposeOption func(*proposeConfig)

ProposeOption configures proposal creation.

func WithProposeComment 

func WithProposeComment(comment string) ProposeOption

WithProposeComment adds a comment.

func WithProposeGoalCode 

func WithProposeGoalCode(code string) ProposeOption

WithProposeGoalCode sets the goal code.

type RequestCredential 

type RequestCredential struct {
	GoalCode       string       `json:"goal_code,omitempty"`
	Comment        string       `json:"comment,omitempty"`
	RequestsAttach []Attachment `json:"requests~attach"`
}

RequestCredential is sent by holder to accept an offer.

func ParseRequestCredential 

func ParseRequestCredential(msg *message.Message) (*RequestCredential, error)

ParseRequestCredential parses a request message.

type RequestOption 

type RequestOption func(*requestConfig)

RequestOption configures request creation.

func WithRequestComment 

func WithRequestComment(comment string) RequestOption

WithRequestComment adds a human-readable comment to the request.

func WithRequestGoalCode 

func WithRequestGoalCode(code string) RequestOption

WithRequestGoalCode sets the goal code for the request.

type Role 

type Role string

Role indicates whether this agent is issuer or holder. 

const (
	RoleIssuer Role = "issuer"
	RoleHolder Role = "holder"
)

type State 

type State string

State represents the conversation state. 

const (
	StateProposalSent       State = "proposal-sent"
	StateProposalReceived   State = "proposal-received"
	StateOfferSent          State = "offer-sent"
	StateOfferReceived      State = "offer-received"
	StateRequestSent        State = "request-sent"
	StateRequestReceived    State = "request-received"
	StateCredentialIssued   State = "credential-issued"
	StateCredentialReceived State = "credential-received"
	StateAckReceived        State = "ack-received"
	StateDone               State = "done"
	StateAbandoned          State = "abandoned"
)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.