-
Notifications
You must be signed in to change notification settings - Fork 88
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OpenId4VCI interoperability fixes. #823
Conversation
data class Openid4VciTxCode( | ||
val message: String, | ||
val numeric: Boolean, | ||
val length: Int |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do we need a separate length field, or is this the length of the "message" string? What happens if there's a mismatch?
If it's not the length of the message field, please add comments indicating what each of these fields means.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Added references to the spec.
@CborSerializable | ||
data class Openid4VciTxCode( | ||
val message: String, | ||
val numeric: Boolean, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: Maybe rename to isNumeric? ...so it's obvious from the name that this is a booean...?
...If I hadn't seen that the type was Boolean, my initial guess would have been that this was a copy of "message," but as an integer rather than a string.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
credentialOffer is Openid4VciCredentialOfferPreauthorizedCode && | ||
credentialOffer.txCode != null) { | ||
val message = "<p>" + | ||
credentialOffer.txCode!!.message.replace("<", "<") + |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I see we have a htmlEscape function in AdminServlet.kt. Rather than having different hacks in different areas of the code, could we move that function to a common library/utility and reuse it here? (maybe something in identity/src/commonMain/kotlin/com/android/identity/util ?)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
60a99ed
to
80b0813
Compare
Signed-off-by: Peter Sorotokin <[email protected]>
80b0813
to
82e1bfb
Compare
Reworked how and when we deliver credential offer to the wallet server for openid4vci provisioning. Moved to the model where the credential offer always comes as the first evidence request/response for openid4vci. This also moves more responsibility to proofing flow handler (
FunkeProofingState
in our code, in particularperformPushedAuthorizationRequest
method has been moved). This makes proofing more self-contained.Manually tested with our openid4vci server and external servers. Also tested with our hardcoded issuer.