Documentation
¶
Overview ¶
Package cm contains methods that are useful for parsing and validating the objects defined in the Credential Manifest spec: https://identity.foundation/credential-manifest.
Index ¶
- Constants
- func PresentCredentialApplication(credentialManifest *CredentialManifest, ...) (*verifiable.Presentation, error)
- func PresentCredentialFulfillment(credentialManifest *CredentialManifest, ...) (*verifiable.Presentation, error)
- func ValidateCredentialApplication(application *verifiable.Presentation, cm *CredentialManifest, ...) (map[string]*verifiable.Credential, error)
- func ValidateOutputDescriptors(descriptors []*OutputDescriptor) error
- type Color
- type CredentialApplication
- type CredentialFulfillment
- type CredentialManifest
- func (cm *CredentialManifest) ResolveCredential(descriptorID string, credential CredentialToResolveOption) (*ResolvedDescriptor, error)
- func (cm *CredentialManifest) ResolveFulfillment(fulfillment *verifiable.Presentation) ([]*ResolvedDescriptor, error)
- func (cm *CredentialManifest) UnmarshalJSON(data []byte) error
- func (cm *CredentialManifest) Validate() error
- type CredentialToResolveOption
- type DataDisplayDescriptor
- type DisplayMappingObject
- type ImageURIWithAltText
- type Issuer
- type LabeledDisplayMappingObject
- type OutputDescriptor
- type OutputDescriptorMap
- type PresentCredentialApplicationOpt
- type PresentCredentialFulfillmentOpt
- type ResolvedDescriptor
- type ResolvedProperty
- type Schema
- type Styles
Constants ¶
const ( // CredentialApplicationAttachmentFormat defines the format type of Credential Application when used as an // attachment in the WACI issuance flow. // Refer to https://identity.foundation/waci-presentation-exchange/#issuance-2 for more info. CredentialApplicationAttachmentFormat = "dif/credential-manifest/application@v1.0" // CredentialApplicationPresentationContext defines the context type of Credential Application when used as part of // a presentation attachment in the WACI issuance flow. // Refer to https://identity.foundation/waci-presentation-exchange/#issuance-2 for more info. CredentialApplicationPresentationContext = "https://identity.foundation/credential-manifest/application/v1" )
const ( // CredentialFulfillmentAttachmentFormat defines the format type of Credential Fulfillment when used as an // attachment in the WACI issuance flow. // Refer to https://identity.foundation/waci-presentation-exchange/#issuance-2 for more info. CredentialFulfillmentAttachmentFormat = "dif/credential-manifest/fulfillment@v1.0" // CredentialFulfillmentPresentationContext defines the context type of Credential Fulfillment when used as part of // a presentation attachment in the WACI issuance flow. // Refer to https://identity.foundation/waci-presentation-exchange/#issuance-2 for more info. CredentialFulfillmentPresentationContext = "https://identity.foundation/credential-manifest/fulfillment/v1" )
const CredentialManifestAttachmentFormat = "dif/credential-manifest/manifest@v1.0"
CredentialManifestAttachmentFormat defines the format type of Credential Manifest when used as an attachment in the WACI issuance flow. Refer to https://identity.foundation/waci-presentation-exchange/#issuance-2 for more info.
Variables ¶
This section is empty.
Functions ¶
func PresentCredentialApplication ¶
func PresentCredentialApplication(credentialManifest *CredentialManifest, opts ...PresentCredentialApplicationOpt) (*verifiable.Presentation, error)
PresentCredentialApplication creates a minimal Presentation (without proofs) with Credential Application data based on credentialManifest. The WithExistingPresentationForPresentCredentialFulfillment can be used to add the Credential Application data to an existing Presentation object instead. If the "https://identity.foundation/presentation-exchange/submission/v1" context is found, it will be replaced with the "https://identity.foundation/credential-manifest/application/v1" context. Note that any existing proofs are not updated. Note also the following assumptions/limitations of this method:
- The format of all claims in the Presentation Submission are assumed to be ldp_vp and will be set as such.
- The format for the Credential Application object will be set to match the format from the Credential Manifest exactly. If a caller wants to use a smaller subset of the Credential Manifest's format, then they will have to set it manually.
- The location of the Verifiable Credentials is assumed to be an array at the root under a field called "verifiableCredential".
- The Verifiable Credentials in the presentation is assumed to be in the same order as the Output Descriptors in the Credential Manifest.
func PresentCredentialFulfillment ¶
func PresentCredentialFulfillment(credentialManifest *CredentialManifest, opts ...PresentCredentialFulfillmentOpt) (*verifiable.Presentation, error)
PresentCredentialFulfillment creates a basic Presentation (without proofs) with Credential Fulfillment data based on credentialManifest. The WithExistingPresentationForPresentCredentialFulfillment can be used to add the Credential Fulfillment data to an existing Presentation object instead. Note that any existing proofs are not updated. Note also the following assumptions/limitations of this method:
- The format of all credentials is assumed to be ldp_vc.
- The location of the Verifiable Credentials is assumed to be an array at the root under a field called "verifiableCredential".
- The Verifiable Credentials in the presentation is assumed to be in the same order as the Output Descriptors in the Credential Manifest.
func ValidateCredentialApplication ¶
func ValidateCredentialApplication(application *verifiable.Presentation, cm *CredentialManifest, contextLoader ld.DocumentLoader, options ...presexch.MatchOption) (map[string]*verifiable.Credential, error)
ValidateCredentialApplication validates credential application presentation by validating presentation submission against presentation definition from given credential manifest. Proof of all individual credential can also be validated by using options.
func ValidateOutputDescriptors ¶
func ValidateOutputDescriptors(descriptors []*OutputDescriptor) error
ValidateOutputDescriptors checks the given slice of OutputDescriptors to ensure that they are valid (per the spec) when placed together within a single Credential Manifest. To pass validation, the following two conditions must be satisfied: 1. Each OutputDescriptor must have a unique ID. 2. Each OutputDescriptor must also have valid contents. See the validateOutputDescriptor function for details.
Types ¶
type Color ¶
type Color struct {
Color string `json:"color"` // RGB hex code
}
Color represents a single color in RGB hex code format.
type CredentialApplication ¶
type CredentialApplication struct {
ID string `json:"id,omitempty"`
// The value of this property MUST be the ID of a valid Credential Manifest.
ManifestID string `json:"manifest_id,omitempty"`
// Must be a subset of the format property of the CredentialManifest that this CredentialApplication is related to
Format presexch.Format `json:"format,omitempty"`
}
CredentialApplication represents a credential_application object as defined in https://identity.foundation/credential-manifest/#credential-application. Note that the term "Credential Application" is overloaded in the spec - a "Credential Application" may be referring to one of two different, but related, concepts. A "Credential Application" can be the object defined below, which is intended to be embedded in an envelope like a Verifiable Presentation. Additionally, when that envelope contains the object defined below under a field named "credential_application", then that envelope itself can be called a "Credential Application". The larger "envelope version" of a Credential Application may also have a sibling presentation_submission object within the envelope, as demonstrated by the PresentCredentialApplication method. See https://github.com/decentralized-identity/credential-manifest/issues/73 for more information about this name overloading.
func UnmarshalAndValidateAgainstCredentialManifest ¶
func UnmarshalAndValidateAgainstCredentialManifest(credentialApplicationBytes []byte, cm *CredentialManifest) (CredentialApplication, error)
UnmarshalAndValidateAgainstCredentialManifest unmarshals the credentialApplicationBytes into a CredentialApplication object (performing verification in the process), and after that verifies that the Credential Application is valid against the given Credential Manifest. It's simply a convenience method that allows you to unmarshal and perform validation against a Credential Manifest in one call.
func (*CredentialApplication) UnmarshalJSON ¶
func (ca *CredentialApplication) UnmarshalJSON(data []byte) error
UnmarshalJSON is the custom unmarshal function gets called automatically when the standard json.Unmarshal is called. It also ensures that the given data is a valid CredentialApplication object per the specification.
func (*CredentialApplication) ValidateAgainstCredentialManifest ¶
func (ca *CredentialApplication) ValidateAgainstCredentialManifest(cm *CredentialManifest) error
ValidateAgainstCredentialManifest verifies that the Credential Application is valid against the given Credential Manifest.
type CredentialFulfillment ¶
type CredentialFulfillment struct {
ID string `json:"id,omitempty"`
ManifestID string `json:"manifest_id,omitempty"`
OutputDescriptorMappingObjects []OutputDescriptorMap `json:"descriptor_map,omitempty"`
}
CredentialFulfillment represents a Credential Fulfillment object as defined in https://identity.foundation/credential-manifest/#credential-fulfillment.
func (*CredentialFulfillment) ResolveDescriptorMaps ¶
func (cf *CredentialFulfillment) ResolveDescriptorMaps(jsonDataFromAttachment interface{}, parseCredentialOpts ...verifiable.CredentialOpt) ([]verifiable.Credential, error)
ResolveDescriptorMaps resolves Verifiable Credentials based on this Credential Fulfillment's descriptor maps. This function looks at each OutputDescriptorMap's path property and checks for that path in the given JSON data, which is expected to be from the attachment of an Issue Credential message (i.e. issuecredential.IssueCredentialV3.Attachments[i].Data.JSON). See the TestCredentialFulfillment_ResolveDescriptorMap method for examples. If a VC is found at that path's location, then it is added to the array of VCs that will be returned by this method. Once all OutputDescriptorMaps are done being scanned, the array of VCs will be returned.
func (*CredentialFulfillment) UnmarshalJSON ¶
func (cf *CredentialFulfillment) UnmarshalJSON(data []byte) error
UnmarshalJSON is the custom unmarshal function gets called automatically when the standard json.Unmarshal is called. It also ensures that the given data is a valid CredentialFulfillment object per the specification.
type CredentialManifest ¶
type CredentialManifest struct {
ID string `json:"id,omitempty"`
Version string `json:"version,omitempty"`
Issuer Issuer `json:"issuer,omitempty"`
OutputDescriptors []*OutputDescriptor `json:"output_descriptors,omitempty"`
Format presexch.Format `json:"format,omitempty"`
PresentationDefinition *presexch.PresentationDefinition `json:"presentation_definition,omitempty"`
}
CredentialManifest represents a Credential Manifest object as defined in https://identity.foundation/credential-manifest/#credential-manifest-2.
func (*CredentialManifest) ResolveCredential ¶
func (cm *CredentialManifest) ResolveCredential(descriptorID string, credential CredentialToResolveOption) (*ResolvedDescriptor, error)
ResolveCredential resolved given credential and returns results.
func (*CredentialManifest) ResolveFulfillment ¶
func (cm *CredentialManifest) ResolveFulfillment(fulfillment *verifiable.Presentation) ([]*ResolvedDescriptor, error)
ResolveFulfillment resolves given credential fulfillment and returns results. Currently supporting only 'ldp_vc' format of fulfillment credentials.
func (*CredentialManifest) UnmarshalJSON ¶
func (cm *CredentialManifest) UnmarshalJSON(data []byte) error
UnmarshalJSON is the custom unmarshal function gets called automatically when the standard json.Unmarshal is called. It also ensures that the given data is a valid CredentialManifest object per the specification.
func (*CredentialManifest) Validate ¶
func (cm *CredentialManifest) Validate() error
Validate ensures that this CredentialManifest is valid as per the spec. Note that this function is automatically called when unmarshalling a []byte into a CredentialManifest.
type CredentialToResolveOption ¶
type CredentialToResolveOption func(opts *resolveCredOpts)
CredentialToResolveOption is option to provide credential to resolve manifest.
func CredentialToResolve ¶
func CredentialToResolve(credential *verifiable.Credential) CredentialToResolveOption
CredentialToResolve to provide verifiable credential instance to resolve.
func RawCredentialToResolve ¶
func RawCredentialToResolve(raw json.RawMessage) CredentialToResolveOption
RawCredentialToResolve to provide raw JSON bytes of verifiable credential to resolve.
type DataDisplayDescriptor ¶
type DataDisplayDescriptor struct {
Title DisplayMappingObject `json:"title,omitempty"`
Subtitle DisplayMappingObject `json:"subtitle,omitempty"`
Description DisplayMappingObject `json:"description,omitempty"`
Properties []LabeledDisplayMappingObject `json:"properties,omitempty"`
}
DataDisplayDescriptor represents a Data Display Descriptor as defined in https://identity.foundation/credential-manifest/wallet-rendering/#data-display.
type DisplayMappingObject ¶
type DisplayMappingObject struct {
Text string `json:"text,omitempty"`
Paths []string `json:"path,omitempty"`
Schema Schema `json:"schema,omitempty"`
Fallback string `json:"fallback,omitempty"`
}
DisplayMappingObject represents a Display Mapping Object as defined in https://identity.foundation/credential-manifest/wallet-rendering/#display-mapping-object There are two possibilities here: If the text field is used, then schema is not needed. If the path field is used, then schema is required. TODO (#3045) Support for JSONPath bracket notation.
type ImageURIWithAltText ¶
type ImageURIWithAltText struct {
URI string `json:"uri,omitempty"`
Alt string `json:"alt,omitempty"`
}
ImageURIWithAltText represents a URI that points to an image along with the alt text for it.
type Issuer ¶
type Issuer struct {
ID string `json:"id,omitempty"` // Must be a valid URI
Name string `json:"name,omitempty"`
Styles Styles `json:"styles,omitempty"`
}
Issuer represents the issuer object defined in https://identity.foundation/credential-manifest/#general-composition.
type LabeledDisplayMappingObject ¶
type LabeledDisplayMappingObject struct {
DisplayMappingObject
Label string `json:"label,omitempty"`
}
LabeledDisplayMappingObject is a DisplayMappingObject with an additional Label field. They are used for the dynamic Properties array in a DataDisplayDescriptor.
type OutputDescriptor ¶
type OutputDescriptor struct {
ID string `json:"id,omitempty"`
Schema string `json:"schema,omitempty"`
Name string `json:"name,omitempty"`
Description string `json:"description,omitempty"`
Display DataDisplayDescriptor `json:"display,omitempty"`
Styles Styles `json:"styles,omitempty"`
}
OutputDescriptor represents an Output Descriptor object as defined in https://identity.foundation/credential-manifest/#output-descriptor.
type OutputDescriptorMap ¶
type OutputDescriptorMap presexch.InputDescriptorMapping
OutputDescriptorMap represents an Output Descriptor Mapping Object as defined in https://identity.foundation/credential-manifest/#credential-fulfillment. It has the same format as the InputDescriptorMapping object from the presexch package, but has a different meaning here.
type PresentCredentialApplicationOpt ¶
type PresentCredentialApplicationOpt func(opts *presentCredentialApplicationOpts)
PresentCredentialApplicationOpt is an option for the PresentCredentialApplication method.
func WithExistingPresentationForPresentCredentialApplication ¶
func WithExistingPresentationForPresentCredentialApplication( presentation *verifiable.Presentation) PresentCredentialApplicationOpt
WithExistingPresentationForPresentCredentialApplication is an option for the PresentCredentialApplication method that allows Credential Application data to be added to an existing Presentation (turning it into a Credential Application in the process). The existing Presentation should not already have Credential Application data.
type PresentCredentialFulfillmentOpt ¶
type PresentCredentialFulfillmentOpt func(opts *presentCredentialFulfillmentOpts)
PresentCredentialFulfillmentOpt is an option for the PresentCredentialFulfillment method.
func WithExistingPresentationForPresentCredentialFulfillment ¶
func WithExistingPresentationForPresentCredentialFulfillment( presentation *verifiable.Presentation) PresentCredentialFulfillmentOpt
WithExistingPresentationForPresentCredentialFulfillment is an option for the PresentCredentialFulfillment method that allows Credential Fulfillment data to be added to an existing Presentation. The existing Presentation should not already have Credential Fulfillment data.
type ResolvedDescriptor ¶
type ResolvedDescriptor struct {
DescriptorID string `json:"descriptor_id,omitempty"`
Title string `json:"title,omitempty"`
Subtitle string `json:"subtitle,omitempty"`
Description string `json:"description,omitempty"`
Styles Styles `json:"styles,omitempty"`
Properties []*ResolvedProperty `json:"properties,omitempty"`
}
ResolvedDescriptor typically represents results of resolving manifests by credential fulfillment. typically represents a DataDisplayDescriptor that's had its various "template" fields resolved into concrete values based on a Verifiable Credential.
type ResolvedProperty ¶
type ResolvedProperty struct {
Schema Schema `json:"schema,omitempty"`
Label string `json:"label,omitempty"`
Value interface{} `json:"value,omitempty"`
}
ResolvedProperty contains resolved result for each resolved property.
type Schema ¶
type Schema struct {
Type string `json:"type,omitempty"` // MUST be here
Format string `json:"format,omitempty"` // MAY be here if the Type is "string".
}
Schema represents Type and (optional) Format information for a DisplayMappingObject that uses the Paths field, as defined in https://identity.foundation/credential-manifest/wallet-rendering/#using-path.
type Styles ¶
type Styles struct {
Thumbnail ImageURIWithAltText `json:"thumbnail,omitempty"`
Hero ImageURIWithAltText `json:"hero,omitempty"`
Background Color `json:"background,omitempty"`
Text Color `json:"text,omitempty"`
}
Styles represents an Entity Styles object as defined in https://identity.foundation/credential-manifest/wallet-rendering/#entity-styles.
Source Files