exchange

package
v0.0.0-...-920a7e7 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 31, 2023 License: Apache-2.0 Imports: 16 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	JWT   JWTFormat = "jwt"
	JWTVC JWTFormat = "jwt_vc"
	JWTVP JWTFormat = "jwt_vp"

	LDP   LinkedDataFormat = "ldp"
	LDPVC LinkedDataFormat = "ldp_vc"
	LDPVP LinkedDataFormat = "ldp_vp"

	All  Selection = "all"
	Pick Selection = "pick"

	Required   Preference = "required"
	Preferred  Preference = "preferred"
	Allowed    Preference = "allowed"
	Disallowed Preference = "disallowed"
)
View Source 
const (
	// JWTRequest is a wrapper for a `presentation_definition` inside a signed JWT
	JWTRequest PresentationRequestType = "jwt"

	PresentationDefinitionKey string = "presentation_definition"
)
View Source 
const (
	// JWTVPTarget is an embed target where a presentation submission is represented alongside a Verifiable Presentation
	// in a JWT value. `presentation_submission` is a top-level claim alongside `vc` for the VP
	JWTVPTarget EmbedTarget = "jwt_vp"

	PresentationSubmissionContext string = "https://identity.foundation/presentation-exchange/submission/v1"
	PresentationSubmissionType    string = "PresentationSubmission"
)
View Source 
const (
	BuilderEmptyError string = "builder cannot be empty"
)

Variables

This section is empty.

Functions

func AreValidSubmissionRequirements 

func AreValidSubmissionRequirements(requirements []SubmissionRequirement) error

AreValidSubmissionRequirements validates a set of submission requirement objects against its known JSON schema

func BuildJWTPresentationRequest 

func BuildJWTPresentationRequest(signer crypto.JWTSigner, def PresentationDefinition, target string) ([]byte, error)

BuildJWTPresentationRequest builds a JWT representation of a presentation request

func BuildPresentationRequest 

func BuildPresentationRequest(signer crypto.JWTSigner, pt PresentationRequestType, def PresentationDefinition, target string) ([]byte, error)

BuildPresentationRequest https://identity.foundation/presentation-exchange/#presentation-request used for transmitting a Presentation Definition from a holder to a verifier. Target is who the request is intended for. TODO(gabe) expand to other presentation types and signers https://github.com/authnull0/ssi-sdk/issues/57

func BuildPresentationSubmission 

func BuildPresentationSubmission(signer crypto.JWTSigner, def PresentationDefinition, claims []PresentationClaim, et EmbedTarget) ([]byte, error)

BuildPresentationSubmission constructs a submission given a presentation definition, set of claims, and an embed target format. https://identity.foundation/presentation-exchange/#presentation-submission Note: this method does not support LD cryptosuites, and prefers JWT representations. Future refactors may include an analog method for LD suites.

func BuildPresentationSubmissionVP 

func BuildPresentationSubmissionVP(def PresentationDefinition, claims []NormalizedClaim) (*credential.VerifiablePresentation, error)

BuildPresentationSubmissionVP takes a presentation definition and a set of claims. According to the presentation definition, and the algorithm defined - https://identity.foundation/presentation-exchange/#input-evaluation - in the specification, a presentation submission is constructed as a Verifiable Presentation.

func IsSupportedEmbedTarget 

func IsSupportedEmbedTarget(et EmbedTarget) bool

func IsSupportedPresentationRequestType 

func IsSupportedPresentationRequestType(rt PresentationRequestType) bool

IsSupportedPresentationRequestType returns whether a given presentation request embed target is supported by this lib

func IsValidDefinitionClaimFormatDesignation 

func IsValidDefinitionClaimFormatDesignation(format ClaimFormat) error

IsValidDefinitionClaimFormatDesignation validates a given claim format object against its known JSON schema

func IsValidPresentationDefinition 

func IsValidPresentationDefinition(definition PresentationDefinition) error

IsValidPresentationDefinition validates a given presentation definition object against its known JSON schema

func IsValidPresentationDefinitionEnvelope 

func IsValidPresentationDefinitionEnvelope(definition PresentationDefinitionEnvelope) error

IsValidPresentationDefinitionEnvelope validates a given presentation definition envelope object against its known JSON schema

func IsValidPresentationSubmission 

func IsValidPresentationSubmission(submission PresentationSubmission) error

IsValidPresentationSubmission validates a given presentation submission object against its known JSON schema

func IsValidSubmissionRequirement 

func IsValidSubmissionRequirement(requirement SubmissionRequirement) error

IsValidSubmissionRequirement validates a submission requirement object against its known JSON schema

func VerifyPresentationSubmission 

func VerifyPresentationSubmission(verifier crypto.JWTVerifier, et EmbedTarget, def PresentationDefinition, submission []byte) error

VerifyPresentationSubmission verifies a presentation submission for both signature validity and correctness with the specification. It is assumed that the caller knows the submission embed target, and the corresponding presentation definition, and has access to the public key of the signer. Note: this method does not support LD cryptosuites, and prefers JWT representations. Future refactors may include an analog method for LD suites.

func VerifyPresentationSubmissionVP 

func VerifyPresentationSubmissionVP(def PresentationDefinition, vp credential.VerifiablePresentation) error

VerifyPresentationSubmissionVP verifies whether a verifiable presentation is a valid presentation submission for a given presentation definition. TODO(gabe) handle signature validation of submission claims https://github.com/authnull0/ssi-sdk/issues/71

Types

type ClaimFormat 

type ClaimFormat struct {
	JWT   *JWTType `json:"jwt,omitempty" validate:"omitempty,dive"`
	JWTVC *JWTType `json:"jwt_vc,omitempty" validate:"omitempty,dive"`
	JWTVP *JWTType `json:"jwt_vp,omitempty" validate:"omitempty,dive"`

	LDP   *LDPType `json:"ldp,omitempty" validate:"omitempty,dive"`
	LDPVC *LDPType `json:"ldp_vc,omitempty" validate:"omitempty,dive"`
	LDPVP *LDPType `json:"ldp_vp,omitempty" validate:"omitempty,dive"`
}

ClaimFormat https://identity.foundation/presentation-exchange/#claim-format-designations At most one field can have non-nil

func (*ClaimFormat) AlgOrProofTypePerFormat 

func (cf *ClaimFormat) AlgOrProofTypePerFormat() []string

AlgOrProofTypePerFormat for a given format, return the supported alg or proof types. A nil response indicates that the format is not supported.

func (*ClaimFormat) FormatValues 

func (cf *ClaimFormat) FormatValues() []string

FormatValues return the string value of the associated claim format types NOTE: does not do error checking of any type.

func (*ClaimFormat) IsEmpty 

func (cf *ClaimFormat) IsEmpty() bool

func (*ClaimFormat) IsValid 

func (cf *ClaimFormat) IsValid() error

type Constraints 

type Constraints struct {
	Fields          []Field     `json:"fields,omitempty" validate:"omitempty,dive"`
	LimitDisclosure *Preference `json:"limit_disclosure,omitempty"`

	// https://identity.foundation/presentation-exchange/#relational-constraint-feature
	SubjectIsIssuer *Preference           `json:"subject_is_issuer,omitempty"`
	IsHolder        *RelationalConstraint `json:"is_holder,omitempty" validate:"omitempty,dive"`
	SameSubject     *RelationalConstraint `json:"same_subject,omitempty"`

	// https://identity.foundation/presentation-exchange/#credential-status-constraint-feature
	Statuses *CredentialStatus `json:"statuses,omitempty"`
}

type CredentialFormat 

type CredentialFormat string

func SupportedClaimFormats 

func SupportedClaimFormats() []CredentialFormat

type CredentialStatus 

type CredentialStatus struct {
	Active *struct {
		Directive Preference `json:"directive,omitempty"`
	} `json:"active,omitempty"`

	Suspended *struct {
		Directive Preference `json:"directive,omitempty"`
	} `json:"suspended,omitempty"`

	Revoked *struct {
		Directive Preference `json:"directive,omitempty"`
	} `json:"revoked,omitempty"`
}

CredentialStatus https://identity.foundation/presentation-exchange/#credential-status-constraint-feature

type EmbedTarget 

type EmbedTarget string

EmbedTarget describes where a presentation_submission is located in an object model https://identity.foundation/presentation-exchange/#embed-targets

func GetSupportedEmbedTargets 

func GetSupportedEmbedTargets() []EmbedTarget

type Field 

type Field struct {
	ID             string   `json:"id,omitempty"`
	Name           string   `json:"name,omitempty"`
	Path           []string `json:"path,omitempty" validate:"required"`
	Purpose        string   `json:"purpose,omitempty"`
	Optional       bool     `json:"optional,omitempty"`
	IntentToRetain bool     `json:"intent_to_retain,omitempty"`
	// If a predicate property is present, filter must be too
	// https://identity.foundation/presentation-exchange/#predicate-feature
	Predicate *Preference `json:"predicate,omitempty"`
	Filter    *Filter     `json:"filter,omitempty"`
}

type Filter 

type Filter struct {
	Type                 string        `json:"type,omitempty"`
	Format               string        `json:"format,omitempty"`
	Properties           interface{}   `json:"properties,omitempty"`
	Required             []string      `json:"required,omitempty"`
	AdditionalProperties bool          `json:"additionalProperties,omitempty"`
	Pattern              string        `json:"pattern,omitempty"`
	Minimum              interface{}   `json:"minimum,omitempty"`
	Maximum              interface{}   `json:"maximum,omitempty"`
	MinLength            int           `json:"minLength,omitempty"`
	MaxLength            int           `json:"maxLength,omitempty"`
	ExclusiveMinimum     interface{}   `json:"exclusiveMinimum,omitempty"`
	ExclusiveMaximum     interface{}   `json:"exclusiveMaximum,omitempty"`
	Const                interface{}   `json:"const,omitempty"`
	Enum                 []interface{} `json:"enum,omitempty"`
	Not                  interface{}   `json:"not,omitempty"`
	AllOf                interface{}   `json:"allOf,omitempty"`
	OneOf                interface{}   `json:"oneOf,omitempty"`
}

type FromOption 

type FromOption struct {
	From       string                  `json:"from,omitempty"`
	FromNested []SubmissionRequirement `json:"from_nested,omitempty"`
}

type InputDescriptor 

type InputDescriptor struct {
	// Must be unique within the Presentation Definition
	ID   string `json:"id" validate:"required"`
	Name string `json:"name,omitempty"`
	// Purpose for which claim's data is being requested
	Purpose     string       `json:"purpose,omitempty"`
	Format      *ClaimFormat `json:"format,omitempty" validate:"omitempty,dive"`
	Constraints *Constraints `json:"constraints" validate:"required"`
	// Must match a grouping strings listed in the `from` values of a submission requirement rule
	Group []string `json:"group,omitempty"`
}

func (*InputDescriptor) IsEmpty 

func (id *InputDescriptor) IsEmpty() bool

func (*InputDescriptor) IsValid 

func (id *InputDescriptor) IsValid() error

type InputDescriptorBuilder 

type InputDescriptorBuilder struct {
	*InputDescriptor
}

func NewInputDescriptorBuilder 

func NewInputDescriptorBuilder() InputDescriptorBuilder

func (*InputDescriptorBuilder) Build 

func (idb *InputDescriptorBuilder) Build() (*InputDescriptor, error)

func (*InputDescriptorBuilder) IsEmpty 

func (idb *InputDescriptorBuilder) IsEmpty() bool

func (*InputDescriptorBuilder) SetClaimFormat 

func (idb *InputDescriptorBuilder) SetClaimFormat(format ClaimFormat) error

func (*InputDescriptorBuilder) SetConstraints 

func (idb *InputDescriptorBuilder) SetConstraints(constraints Constraints) error

func (*InputDescriptorBuilder) SetGroup 

func (idb *InputDescriptorBuilder) SetGroup(group []string) error

func (*InputDescriptorBuilder) SetName 

func (idb *InputDescriptorBuilder) SetName(name string) error

func (*InputDescriptorBuilder) SetPurpose 

func (idb *InputDescriptorBuilder) SetPurpose(purpose string) error

type JWTFormat 

type JWTFormat CredentialFormat

func (JWTFormat) CredentialFormat 

func (f JWTFormat) CredentialFormat() CredentialFormat

func (JWTFormat) Ptr 

func (f JWTFormat) Ptr() *JWTFormat

func (JWTFormat) String 

func (f JWTFormat) String() string

type JWTType 

type JWTType struct {
	Alg []crypto.SignatureAlgorithm `json:"alg" validate:"required"`
}

type LDPType 

type LDPType struct {
	ProofType []cryptosuite.SignatureType `json:"proof_type" validate:"required"`
}

type LinkedDataFormat 

type LinkedDataFormat CredentialFormat

func (LinkedDataFormat) CredentialFormat 

func (f LinkedDataFormat) CredentialFormat() CredentialFormat

func (LinkedDataFormat) Ptr 

func (f LinkedDataFormat) Ptr() *LinkedDataFormat

func (LinkedDataFormat) String 

func (f LinkedDataFormat) String() string

type NormalizedClaim 

type NormalizedClaim struct {
	// id for the claim
	ID string
	// go-json representation of the claim
	Data map[string]interface{}
	// JWT_VC, JWT_VP, LDP_VC, LDP_VP, etc.
	Format string
	// Signing algorithm used for the claim (e.g. EdDSA, ES256, PS256, etc.).
	// OR the Linked Data Proof Type (e.g. JsonWebSignature2020)
	AlgOrProofType string
}

type Preference 

type Preference string

func (Preference) Ptr 

func (p Preference) Ptr() *Preference

type PresentationClaim 

type PresentationClaim struct {
	// If we have a Credential or Presentation value, we assume we have a LDP_VC or LDP_VP respectively
	Credential   *credential.VerifiableCredential
	Presentation *credential.VerifiablePresentation
	LDPFormat    *LinkedDataFormat

	// If we have a token, we assume we have a JWT format value
	TokenJSON *string
	JWTFormat *JWTFormat

	// The algorithm or Linked Data proof type by which the claim was signed must be present
	SignatureAlgorithmOrProofType string
}

PresentationClaim 's may be of any claim format designation, including LD or JWT variations of VCs or VPs https://identity.foundation/presentation-exchange/#claim-format-designations This object must be constructed for each claim before processing of a Presentation Definition

func (*PresentationClaim) GetClaimFormat 

func (pc *PresentationClaim) GetClaimFormat() (string, error)

GetClaimFormat returns the value of the format depending on the claim type. Since PresentationClaim is a union type. An error is returned if no value is present in any of the possible embedded types.

func (*PresentationClaim) GetClaimJSON 

func (pc *PresentationClaim) GetClaimJSON() (map[string]interface{}, error)

GetClaimJSON gets the claim value and attempts to turn it into a generic go-JSON object represented by an interface{}

func (*PresentationClaim) GetClaimValue 

func (pc *PresentationClaim) GetClaimValue() (interface{}, error)

GetClaimValue returns the value of the claim, since PresentationClaim is a union type. An error is returned if no value is present in any of the possible embedded types.

func (*PresentationClaim) IsEmpty 

func (pc *PresentationClaim) IsEmpty() bool

type PresentationDefinition 

type PresentationDefinition struct {
	ID                     string                  `json:"id,omitempty" validate:"required"`
	Name                   string                  `json:"name,omitempty"`
	Purpose                string                  `json:"purpose,omitempty"`
	Format                 *ClaimFormat            `json:"format,omitempty" validate:"omitempty,dive"`
	InputDescriptors       []InputDescriptor       `json:"input_descriptors" validate:"required,dive"`
	SubmissionRequirements []SubmissionRequirement `json:"submission_requirements,omitempty" validate:"omitempty,dive"`

	// https://identity.foundation/presentation-exchange/#json-ld-framing-feature
	Frame interface{} `json:"frame,omitempty"`
}

PresentationDefinition https://identity.foundation/presentation-exchange/#presentation-definition

func VerifyJWTPresentationRequest 

func VerifyJWTPresentationRequest(verifier crypto.JWTVerifier, request []byte) (*PresentationDefinition, error)

VerifyJWTPresentationRequest verifies the signature on a JWT-based presentation request for a given verifier and then returns the parsed Presentation Definition object as a result.

func VerifyPresentationRequest 

func VerifyPresentationRequest(verifier crypto.JWTVerifier, pt PresentationRequestType, request []byte) (*PresentationDefinition, error)

VerifyPresentationRequest finds the correct verifier and parser for a given presentation request type, verifying the signature on the request, and returning the parsed Presentation Definition object.

func (*PresentationDefinition) IsEmpty 

func (pd *PresentationDefinition) IsEmpty() bool

func (*PresentationDefinition) IsValid 

func (pd *PresentationDefinition) IsValid() error

type PresentationDefinitionBuilder 

type PresentationDefinitionBuilder struct {
	*PresentationDefinition
}

func NewPresentationDefinitionBuilder 

func NewPresentationDefinitionBuilder() PresentationDefinitionBuilder

func (*PresentationDefinitionBuilder) Build 

func (pdb *PresentationDefinitionBuilder) Build() (*PresentationDefinition, error)

func (*PresentationDefinitionBuilder) IsEmpty 

func (pdb *PresentationDefinitionBuilder) IsEmpty() bool

func (*PresentationDefinitionBuilder) SetClaimFormat 

func (pdb *PresentationDefinitionBuilder) SetClaimFormat(format ClaimFormat) error

func (*PresentationDefinitionBuilder) SetFrame 

func (pdb *PresentationDefinitionBuilder) SetFrame(frame interface{}) error

func (*PresentationDefinitionBuilder) SetInputDescriptors 

func (pdb *PresentationDefinitionBuilder) SetInputDescriptors(descriptors []InputDescriptor) error

func (*PresentationDefinitionBuilder) SetName 

func (pdb *PresentationDefinitionBuilder) SetName(name string) error

func (*PresentationDefinitionBuilder) SetPurpose 

func (pdb *PresentationDefinitionBuilder) SetPurpose(purpose string) error

func (*PresentationDefinitionBuilder) SetSubmissionRequirements 

func (pdb *PresentationDefinitionBuilder) SetSubmissionRequirements(requirements []SubmissionRequirement) error

type PresentationDefinitionEnvelope 

type PresentationDefinitionEnvelope struct {
	PresentationDefinition `json:"presentation_definition"`
}

type PresentationRequestType 

type PresentationRequestType string

PresentationRequestType represents wrappers for Presentation Definitions submitted as requests https://identity.foundation/presentation-exchange/#presentation-request

func GetSupportedPresentationRequestTypes 

func GetSupportedPresentationRequestTypes() []PresentationRequestType

GetSupportedPresentationRequestTypes returns all supported presentation request embed targets

type PresentationSubmission 

type PresentationSubmission struct {
	ID            string                 `json:"id" validate:"required"`
	DefinitionID  string                 `json:"definition_id" validate:"required"`
	DescriptorMap []SubmissionDescriptor `json:"descriptor_map" validate:"required"`
}

PresentationSubmission https://identity.foundation/presentation-exchange/#presentation-submission

func (*PresentationSubmission) IsEmpty 

func (ps *PresentationSubmission) IsEmpty() bool

func (*PresentationSubmission) IsValid 

func (ps *PresentationSubmission) IsValid() error

type PresentationSubmissionBuilder 

type PresentationSubmissionBuilder struct {
	*PresentationSubmission
}

func NewPresentationSubmissionBuilder 

func NewPresentationSubmissionBuilder(definitionID string) PresentationSubmissionBuilder

func (*PresentationSubmissionBuilder) Build 

func (psb *PresentationSubmissionBuilder) Build() (*PresentationSubmission, error)

func (*PresentationSubmissionBuilder) IsEmpty 

func (psb *PresentationSubmissionBuilder) IsEmpty() bool

func (*PresentationSubmissionBuilder) SetDescriptorMap 

func (psb *PresentationSubmissionBuilder) SetDescriptorMap(descriptors []SubmissionDescriptor) error

type RelationalConstraint 

type RelationalConstraint struct {
	FieldID   string      `json:"field_id" validate:"required"`
	Directive *Preference `json:"directive" validate:"required"`
}

type Selection 

type Selection string

type SubmissionDescriptor 

type SubmissionDescriptor struct {
	// Must match the `id` property of the corresponding input descriptor
	ID         string                `json:"id" validate:"required"`
	Format     string                `json:"format" validate:"required"`
	Path       string                `json:"path" validate:"required"`
	PathNested *SubmissionDescriptor `json:"path_nested,omitempty"`
}

SubmissionDescriptor is a mapping to Input Descriptor objects

type SubmissionRequirement 

type SubmissionRequirement struct {
	Rule Selection `json:"rule" validate:"required"`
	// Either an array of SubmissionRequirement OR a string value
	FromOption `validate:"required"`

	Name    string `json:"name,omitempty"`
	Purpose string `json:"purpose,omitempty"`
	Count   int    `json:"count,omitempty" validate:"omitempty,min=1"`
	Minimum int    `json:"min,omitempty"`
	Maximum int    `json:"max,omitempty"`
}

SubmissionRequirement https://identity.foundation/presentation-exchange/#presentation-definition-extensions

func (*SubmissionRequirement) IsEmpty 

func (sr *SubmissionRequirement) IsEmpty() bool

func (*SubmissionRequirement) IsValid 

func (sr *SubmissionRequirement) IsValid() error

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.