vc

package
v0.1.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 3, 2024 License: Apache-2.0 Imports: 8 Imported by: 0

Documentation

Overview

Example

Demonstrates how to create, sign, and verify a Verifiable Credential using the vc package.

package main

import (
	"fmt"

	"github.com/abaxxtech/abaxx-id-go/pkg/dids/didjwk"
	"github.com/abaxxtech/abaxx-id-go/pkg/vc"
)

func main() {
	// create sample issuer and subject DIDs
	issuer, err := didjwk.Create()
	if err != nil {
		panic(err)
	}

	subject, err := didjwk.Create()
	if err != nil {
		panic(err)
	}

	// creation
	claims := vc.Claims{"id": subject.URI, "name": "John Doe"}
	cred := vc.Create(claims)

	// signing
	vcJWT, err := cred.Sign(issuer)
	if err != nil {
		panic(err)
	}

	// verification
	decoded, err := vc.Verify[vc.Claims](vcJWT)
	if err != nil {
		panic(err)
	}

	fmt.Println(decoded.VC.CredentialSubject["name"])
}
Output:

John Doe
Example (Mixed)

Demonstrates how to use a mix of strongly typed and untyped credential subjects with the vc package.

package main

import (
	"fmt"

	"github.com/abaxxtech/abaxx-id-go/pkg/dids/didjwk"
	"github.com/abaxxtech/abaxx-id-go/pkg/vc"
)

type KnownCustomerClaims struct {
	ID   string `json:"id"`
	Name string `json:"name"`
}

func (c KnownCustomerClaims) GetID() string {
	return c.ID
}

func (c *KnownCustomerClaims) SetID(id string) {
	c.ID = id
}

func main() {
	issuer, err := didjwk.Create()
	if err != nil {
		panic(err)
	}

	subject, err := didjwk.Create()
	if err != nil {
		panic(err)
	}

	claims := KnownCustomerClaims{ID: subject.URI, Name: "John Doe"}
	cred := vc.Create(&claims)

	vcJWT, err := cred.Sign(issuer)
	if err != nil {
		panic(err)
	}

	decoded, err := vc.Verify[vc.Claims](vcJWT)
	if err != nil {
		panic(err)
	}

	fmt.Println(decoded.VC.CredentialSubject["name"])
}
Output:

John Doe
Example (StronglyTyped)

Demonstrates how to use a strongly typed credential subject

package main

import (
	"fmt"

	"github.com/abaxxtech/abaxx-id-go/pkg/dids/didjwk"
	"github.com/abaxxtech/abaxx-id-go/pkg/vc"
)

type KnownCustomerClaims struct {
	ID   string `json:"id"`
	Name string `json:"name"`
}

func (c KnownCustomerClaims) GetID() string {
	return c.ID
}

func (c *KnownCustomerClaims) SetID(id string) {
	c.ID = id
}

func main() {
	issuer, err := didjwk.Create()
	if err != nil {
		panic(err)
	}

	subject, err := didjwk.Create()
	if err != nil {
		panic(err)
	}

	claims := KnownCustomerClaims{ID: subject.URI, Name: "John Doe"}
	cred := vc.Create(&claims)

	vcJWT, err := cred.Sign(issuer)
	if err != nil {
		panic(err)
	}

	decoded, err := vc.Verify[*KnownCustomerClaims](vcJWT)
	if err != nil {
		panic(err)
	}

	fmt.Println(decoded.VC.CredentialSubject.Name)
}
Output:

John Doe

Index

Examples

Constants

View Source
const (
	BaseContext = "https://www.w3.org/2018/credentials/v1"
	BaseType    = "VerifiableCredential"
)

these constants are defined in the W3C Verifiable Credential Data Model specification for:

Variables

This section is empty.

Functions

This section is empty.

Types

type Claims

type Claims map[string]any

Claims is a type alias for a map[string]any that can be used to represent the claims of a Verifiable Credential when the structure of the claims is not known at compile time.

func (Claims) GetID

func (c Claims) GetID() string

GetID returns the id of the CredentialSubject. used to set the sub claim of a vc-jwt in [vcjwt.Sign]

func (Claims) SetID

func (c Claims) SetID(id string)

SetID sets the id of the CredentialSubject. used to set the sub claim of a vc-jwt in [vcjwt.Verify]

type CreateOption

type CreateOption func(*createOptions)

CreateOption is the return type of all Option functions that can be passed to Create

func Contexts

func Contexts(contexts ...string) CreateOption

Contexts can be used to add additional contexts to the Verifiable Credential created by Create

func Evidences

func Evidences(evidence ...Evidence) CreateOption

Evidences can be used to set the evidence array of the Verifiable Credential created by Create

func ExpirationDate

func ExpirationDate(expirationDate time.Time) CreateOption

ExpirationDate can be used to set the expiration date of the Verifiable Credential created by Create

func ID

func ID(id string) CreateOption

ID can be used to override the default ID generated by Create

func IssuanceDate

func IssuanceDate(issuanceDate time.Time) CreateOption

IssuanceDate can be used to override the default issuance date generated by Create

func Schemas

func Schemas(schemas ...string) CreateOption

Schemas can be used to include JSON Schemas within the Verifiable Credential created by Create more information can be found here

func Types

func Types(types ...string) CreateOption

Types can be used to add additional types to the Verifiable Credential created by Create

type CredentialSchema

type CredentialSchema struct {
	Type string `json:"type"`
	ID   string `json:"id"`
}

CredentialSchema represents the credentialSchema property of a Verifiable Credential. more information can be found here

type CredentialSubject

type CredentialSubject interface {
	GetID() string
	SetID(id string)
}

CredentialSubject is implemented by any type that can be used as the CredentialSubject of a Verifiable Credential.

Note

The VC Data Model specification states that id is not a required field for CredentialSubject. However, we've chosen to require it in order to necessitate that all credential's include a subject as we were unable to find a use case where a credential would not be issued to a single subject. Further, the spec states that vc-jwt requires the sub be set to the id of the CredentialSubject which becomes difficult to assert while also providing the ability to leverage strongly typed claims.

type DataModel

type DataModel[T CredentialSubject] struct {
	Context           []string           `json:"@context"`                   // https://www.w3.org/TR/vc-data-model/#contexts
	Type              []string           `json:"type"`                       // https://www.w3.org/TR/vc-data-model/#dfn-type
	Issuer            string             `json:"issuer"`                     // https://www.w3.org/TR/vc-data-model/#issuer
	CredentialSubject T                  `json:"credentialSubject"`          // https://www.w3.org/TR/vc-data-model/#credential-subject
	ID                string             `json:"id,omitempty"`               // https://www.w3.org/TR/vc-data-model/#identifiers
	IssuanceDate      string             `json:"issuanceDate"`               // https://www.w3.org/TR/vc-data-model/#issuance-date
	ExpirationDate    string             `json:"expirationDate,omitempty"`   // https://www.w3.org/TR/vc-data-model/#expiration
	CredentialSchema  []CredentialSchema `json:"credentialSchema,omitempty"` // https://www.w3.org/TR/vc-data-model-2.0/#data-schemas
	Evidence          []Evidence         `json:"evidence,omitempty"`         // https://www.w3.org/TR/vc-data-model/#evidence
}

DataModel represents the W3C Verifiable Credential Data Model defined here

func Create

func Create[T CredentialSubject](claims T, opts ...CreateOption) DataModel[T]

Create returns a new Verifiable Credential with the provided claims and options. if no options are provided, the following defaults will be used:

Note

Any additional contexts or types provided will be appended to the defaults in order to remain conformant with the W3C Verifiable Credential Data Model specification

Example

Demonstrates how to create a Verifiable Credential

package main

import (
	"encoding/json"
	"fmt"

	"github.com/abaxxtech/abaxx-id-go/pkg/vc"
)

func main() {
	claims := vc.Claims{"name": "John Doe"}
	cred := vc.Create(claims)

	bytes, err := json.MarshalIndent(cred, "", "  ")
	if err != nil {
		panic(err)
	}

	fmt.Println(string(bytes))
}
Output:

Example (Options)

Demonstrates how to create a Verifiable Credential with options

package main

import (
	"encoding/json"
	"fmt"
	"time"

	"github.com/abaxxtech/abaxx-id-go/pkg/vc"
)

func main() {
	claims := vc.Claims{"id": "1234"}
	issuanceDate := time.Now().UTC().Add(10 * time.Hour)
	expirationDate := issuanceDate.Add(30 * time.Hour)

	cred := vc.Create(
		claims,
		vc.ID("thecustomid"),
		vc.Contexts("https://nocontextisbestcontext.gov"),
		vc.Types("StreetCredential"),
		vc.IssuanceDate(issuanceDate),
		vc.ExpirationDate(expirationDate),
	)

	bytes, err := json.MarshalIndent(cred, "", "  ")
	if err != nil {
		panic(err)
	}

	fmt.Println(string(bytes))
}
Output:

func (DataModel[T]) Sign

func (vc DataModel[T]) Sign(bearerDID did.BearerDID, opts ...jwt.SignOpt) (string, error)

Sign returns a signed JWT conformant with the vc-jwt format. sets the provided vc as value of the "vc" claim in the jwt. It returns the signed jwt and an error if the signing fails.

type DecodedVCJWT

type DecodedVCJWT[T CredentialSubject] struct {
	JWT jwt.Decoded
	VC  DataModel[T]
}

DecodedVCJWT represents a decoded vc-jwt. It contains the decoded jwt and decoded vc data model

func Decode

func Decode[T CredentialSubject](vcJWT string) (DecodedVCJWT[T], error)

Decode decodes a vc-jwt as per the spec and returns DecodedVCJWT.

Note

This function uses certain fields from the jwt claims to eagrly populate the vc model as described in the encoding section of the spec. The jwt fields will clobber any values that exist in the vc model. While the jwt claims should match the counterpart values in the vc model, it's possible that they don't but there would be no way to know if they don't match given that they're overwritten.

func Verify

func Verify[T CredentialSubject](vcJWT string) (DecodedVCJWT[T], error)

Verify decodes and verifies the vc-jwt. It checks for the presence of required fields and verifies the jwt. It returns the decoded vc-jwt and the verification result.

func (DecodedVCJWT[T]) Verify

func (vcjwt DecodedVCJWT[T]) Verify() error

Verify verifies the decoded vc-jwt. It checks for the presence of required fields and verifies the jwt.

type Evidence

type Evidence struct {
	ID   string `json:"id,omitempty"`
	Type string `json:"type,omitempty"`
	// todo is `AdditionalFields` the right name?
	AdditionalFields map[string]interface{}
}

Evidence represents the evidence property of a Verifiable Credential.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL