Documentation ¶
Index ¶
- Constants
- func AreValidSubmissionRequirements(requirements []SubmissionRequirement) error
- func BuildJWTPresentationRequest(signer jwx.Signer, def PresentationDefinition, audience []string) ([]byte, error)
- func BuildPresentationRequest(signer any, pt PresentationRequestType, def PresentationDefinition, ...) ([]byte, error)
- func BuildPresentationSubmission(signer any, requester string, def PresentationDefinition, ...) ([]byte, error)
- func BuildPresentationSubmissionVP(submitter string, def PresentationDefinition, claims []NormalizedClaim) (*credential.VerifiablePresentation, error)
- func IsSupportedEmbedTarget(et EmbedTarget) bool
- func IsSupportedPresentationRequestType(rt PresentationRequestType) bool
- func IsValidDefinitionClaimFormatDesignation(format ClaimFormat) error
- func IsValidPresentationDefinition(definition PresentationDefinition) error
- func IsValidPresentationDefinitionEnvelope(definition PresentationDefinitionEnvelope) error
- func IsValidPresentationSubmission(submission PresentationSubmission) error
- func IsValidSubmissionRequirement(requirement SubmissionRequirement) error
- type ClaimFormat
- type Constraints
- type CredentialFormat
- type CredentialStatus
- type EmbedTarget
- type Field
- type Filter
- type FromOption
- type InputDescriptor
- type InputDescriptorBuilder
- func (idb *InputDescriptorBuilder) Build() (*InputDescriptor, error)
- func (idb *InputDescriptorBuilder) IsEmpty() bool
- func (idb *InputDescriptorBuilder) SetClaimFormat(format ClaimFormat) error
- func (idb *InputDescriptorBuilder) SetConstraints(constraints Constraints) error
- func (idb *InputDescriptorBuilder) SetGroup(group []string) error
- func (idb *InputDescriptorBuilder) SetName(name string) error
- func (idb *InputDescriptorBuilder) SetPurpose(purpose string) error
- type JWTFormat
- type JWTType
- type LDPType
- type LinkedDataFormat
- type NormalizedClaim
- type Preference
- type PresentationClaim
- type PresentationDefinition
- type PresentationDefinitionBuilder
- func (pdb *PresentationDefinitionBuilder) Build() (*PresentationDefinition, error)
- func (pdb *PresentationDefinitionBuilder) IsEmpty() bool
- func (pdb *PresentationDefinitionBuilder) SetClaimFormat(format ClaimFormat) error
- func (pdb *PresentationDefinitionBuilder) SetFrame(frame any) error
- func (pdb *PresentationDefinitionBuilder) SetInputDescriptors(descriptors []InputDescriptor) error
- func (pdb *PresentationDefinitionBuilder) SetName(name string) error
- func (pdb *PresentationDefinitionBuilder) SetPurpose(purpose string) error
- func (pdb *PresentationDefinitionBuilder) SetSubmissionRequirements(requirements []SubmissionRequirement) error
- type PresentationDefinitionEnvelope
- type PresentationRequestOption
- type PresentationRequestOptionType
- type PresentationRequestType
- type PresentationSubmission
- type PresentationSubmissionBuilder
- type RelationalConstraint
- type Selection
- type SubmissionDescriptor
- type SubmissionRequirement
- type VerifiedSubmissionData
Constants ¶
const ( JWT JWTFormat = "jwt" JWTVC JWTFormat = "jwt_vc" JWTVP JWTFormat = "jwt_vp" LDP LinkedDataFormat = "ldp" LDPVC LinkedDataFormat = "ldp_vc" LDPVP LinkedDataFormat = "ldp_vp" All Selection = "all" Pick Selection = "pick" Required Preference = "required" Preferred Preference = "preferred" Allowed Preference = "allowed" Disallowed Preference = "disallowed" )
const ( // JWTRequest is a wrapper for a `presentation_definition` inside a signed JWT JWTRequest PresentationRequestType = "jwt" PresentationDefinitionKey string = "presentation_definition" AudienceOption PresentationRequestOptionType = "audience" )
const ( // JWTVPTarget is an embed target where a presentation submission is represented alongside a Verifiable Presentation // in a JWT value. `presentation_submission` is a top-level claim alongside `vc` for the VP JWTVPTarget EmbedTarget = "jwt_vp" PresentationSubmissionContext string = "https://identity.foundation/presentation-exchange/submission/v1" PresentationSubmissionType string = "PresentationSubmission" )
const (
BuilderEmptyError string = "builder cannot be empty"
)
Variables ¶
This section is empty.
Functions ¶
func AreValidSubmissionRequirements ¶
func AreValidSubmissionRequirements(requirements []SubmissionRequirement) error
AreValidSubmissionRequirements validates a set of submission requirement objects against its known JSON schema
func BuildJWTPresentationRequest ¶
func BuildJWTPresentationRequest(signer jwx.Signer, def PresentationDefinition, audience []string) ([]byte, error)
BuildJWTPresentationRequest builds a JWT representation of a presentation request
func BuildPresentationRequest ¶
func BuildPresentationRequest(signer any, pt PresentationRequestType, def PresentationDefinition, opts ...PresentationRequestOption) ([]byte, error)
BuildPresentationRequest https://identity.foundation/presentation-exchange/#presentation-request used for transmitting a Presentation Definition from a holder to a verifier. Target is who the request is intended for. TODO(gabe) expand to other presentation types and signers https://github.com/cyware/ssi-sdk/issues/57
func BuildPresentationSubmission ¶
func BuildPresentationSubmission(signer any, requester string, def PresentationDefinition, claims []PresentationClaim, et EmbedTarget) ([]byte, error)
BuildPresentationSubmission constructs a submission given a presentation definition, set of claims, and an embed target format. https://identity.foundation/presentation-exchange/#presentation-submission Note: this method does not support LD cryptosuites, and prefers JWT representations. Future refactors may include an analog method for LD suites.
func BuildPresentationSubmissionVP ¶
func BuildPresentationSubmissionVP(submitter string, def PresentationDefinition, claims []NormalizedClaim) (*credential.VerifiablePresentation, error)
BuildPresentationSubmissionVP takes a presentation definition and a set of claims. According to the presentation definition, and the algorithm defined - https://identity.foundation/presentation-exchange/#input-evaluation - in the specification, a presentation submission is constructed as a Verifiable Presentation.
func IsSupportedEmbedTarget ¶
func IsSupportedEmbedTarget(et EmbedTarget) bool
func IsSupportedPresentationRequestType ¶
func IsSupportedPresentationRequestType(rt PresentationRequestType) bool
IsSupportedPresentationRequestType returns whether a given presentation request embed target is supported by this lib
func IsValidDefinitionClaimFormatDesignation ¶
func IsValidDefinitionClaimFormatDesignation(format ClaimFormat) error
IsValidDefinitionClaimFormatDesignation validates a given claim format object against its known JSON schema
func IsValidPresentationDefinition ¶
func IsValidPresentationDefinition(definition PresentationDefinition) error
IsValidPresentationDefinition validates a given presentation definition object against its known JSON schema
func IsValidPresentationDefinitionEnvelope ¶
func IsValidPresentationDefinitionEnvelope(definition PresentationDefinitionEnvelope) error
IsValidPresentationDefinitionEnvelope validates a given presentation definition envelope object against its known JSON schema
func IsValidPresentationSubmission ¶
func IsValidPresentationSubmission(submission PresentationSubmission) error
IsValidPresentationSubmission validates a given presentation submission object against its known JSON schema
func IsValidSubmissionRequirement ¶
func IsValidSubmissionRequirement(requirement SubmissionRequirement) error
IsValidSubmissionRequirement validates a submission requirement object against its known JSON schema
Types ¶
type ClaimFormat ¶
type ClaimFormat struct { JWT *JWTType `json:"jwt,omitempty" validate:"omitempty,dive"` JWTVC *JWTType `json:"jwt_vc,omitempty" validate:"omitempty,dive"` JWTVP *JWTType `json:"jwt_vp,omitempty" validate:"omitempty,dive"` LDP *LDPType `json:"ldp,omitempty" validate:"omitempty,dive"` LDPVC *LDPType `json:"ldp_vc,omitempty" validate:"omitempty,dive"` LDPVP *LDPType `json:"ldp_vp,omitempty" validate:"omitempty,dive"` }
ClaimFormat https://identity.foundation/presentation-exchange/#claim-format-designations At most one field can have non-nil
func (*ClaimFormat) AlgOrProofTypePerFormat ¶
func (cf *ClaimFormat) AlgOrProofTypePerFormat() []string
AlgOrProofTypePerFormat for a given format, return the supported alg or proof types. A nil response indicates that the format is not supported.
func (*ClaimFormat) FormatValues ¶
func (cf *ClaimFormat) FormatValues() []string
FormatValues return the string value of the associated claim format types NOTE: does not do error checking of any type.
func (*ClaimFormat) IsEmpty ¶
func (cf *ClaimFormat) IsEmpty() bool
func (*ClaimFormat) IsValid ¶
func (cf *ClaimFormat) IsValid() error
type Constraints ¶
type Constraints struct { Fields []Field `json:"fields,omitempty" validate:"omitempty,dive"` LimitDisclosure *Preference `json:"limit_disclosure,omitempty"` // https://identity.foundation/presentation-exchange/#relational-constraint-feature SubjectIsIssuer *Preference `json:"subject_is_issuer,omitempty"` IsHolder []RelationalConstraint `json:"is_holder,omitempty" validate:"omitempty,dive"` SameSubject []RelationalConstraint `json:"same_subject,omitempty"` // https://identity.foundation/presentation-exchange/#credential-status-constraint-feature Statuses *CredentialStatus `json:"statuses,omitempty"` }
type CredentialFormat ¶
type CredentialFormat string
func SupportedClaimFormats ¶
func SupportedClaimFormats() []CredentialFormat
type CredentialStatus ¶
type CredentialStatus struct { Active *struct { Directive Preference `json:"directive,omitempty"` } `json:"active,omitempty"` Suspended *struct { Directive Preference `json:"directive,omitempty"` } `json:"suspended,omitempty"` Revoked *struct { Directive Preference `json:"directive,omitempty"` } `json:"revoked,omitempty"` }
CredentialStatus https://identity.foundation/presentation-exchange/#credential-status-constraint-feature
type EmbedTarget ¶
type EmbedTarget string
EmbedTarget describes where a presentation_submission is located in an object model https://identity.foundation/presentation-exchange/#embed-targets
func GetSupportedEmbedTargets ¶
func GetSupportedEmbedTargets() []EmbedTarget
type Field ¶
type Field struct { ID string `json:"id,omitempty"` Name string `json:"name,omitempty"` Path []string `json:"path,omitempty" validate:"required"` Purpose string `json:"purpose,omitempty"` Optional bool `json:"optional,omitempty"` // https://identity.foundation/presentation-exchange/spec/v2.0.0/#retention-feature IntentToRetain bool `json:"intent_to_retain,omitempty"` // If a predicate property is present, filter must be too // https://identity.foundation/presentation-exchange/#predicate-feature Predicate *Preference `json:"predicate,omitempty"` Filter *Filter `json:"filter,omitempty"` }
type Filter ¶
type Filter struct { Type string `json:"type,omitempty"` Format string `json:"format,omitempty"` Properties any `json:"properties,omitempty"` Required []string `json:"required,omitempty"` AdditionalProperties bool `json:"additionalProperties,omitempty"` Pattern string `json:"pattern,omitempty"` Minimum any `json:"minimum,omitempty"` Maximum any `json:"maximum,omitempty"` MinLength int `json:"minLength,omitempty"` MaxLength int `json:"maxLength,omitempty"` ExclusiveMinimum any `json:"exclusiveMinimum,omitempty"` ExclusiveMaximum any `json:"exclusiveMaximum,omitempty"` Const any `json:"const,omitempty"` Enum []any `json:"enum,omitempty"` Not any `json:"not,omitempty"` AllOf any `json:"allOf,omitempty"` OneOf any `json:"oneOf,omitempty"` }
type FromOption ¶
type FromOption struct { From string `json:"from,omitempty"` FromNested []SubmissionRequirement `json:"from_nested,omitempty"` }
type InputDescriptor ¶
type InputDescriptor struct { // Must be unique within the Presentation Definition ID string `json:"id" validate:"required"` Name string `json:"name,omitempty"` // Purpose for which claim's data is being requested Purpose string `json:"purpose,omitempty"` Format *ClaimFormat `json:"format,omitempty" validate:"omitempty,dive"` Constraints *Constraints `json:"constraints" validate:"required"` // Must match a grouping strings listed in the `from` values of a submission requirement rule Group []string `json:"group,omitempty"` }
func (*InputDescriptor) IsEmpty ¶
func (id *InputDescriptor) IsEmpty() bool
func (*InputDescriptor) IsValid ¶
func (id *InputDescriptor) IsValid() error
type InputDescriptorBuilder ¶
type InputDescriptorBuilder struct {
*InputDescriptor
}
func NewInputDescriptorBuilder ¶
func NewInputDescriptorBuilder() InputDescriptorBuilder
func (*InputDescriptorBuilder) Build ¶
func (idb *InputDescriptorBuilder) Build() (*InputDescriptor, error)
func (*InputDescriptorBuilder) IsEmpty ¶
func (idb *InputDescriptorBuilder) IsEmpty() bool
func (*InputDescriptorBuilder) SetClaimFormat ¶
func (idb *InputDescriptorBuilder) SetClaimFormat(format ClaimFormat) error
func (*InputDescriptorBuilder) SetConstraints ¶
func (idb *InputDescriptorBuilder) SetConstraints(constraints Constraints) error
func (*InputDescriptorBuilder) SetGroup ¶
func (idb *InputDescriptorBuilder) SetGroup(group []string) error
func (*InputDescriptorBuilder) SetName ¶
func (idb *InputDescriptorBuilder) SetName(name string) error
func (*InputDescriptorBuilder) SetPurpose ¶
func (idb *InputDescriptorBuilder) SetPurpose(purpose string) error
type JWTFormat ¶
type JWTFormat CredentialFormat
func (JWTFormat) CredentialFormat ¶
func (f JWTFormat) CredentialFormat() CredentialFormat
type JWTType ¶
type JWTType struct {
Alg []crypto.SignatureAlgorithm `json:"alg" validate:"required"`
}
type LDPType ¶
type LDPType struct {
ProofType []cryptosuite.SignatureType `json:"proof_type" validate:"required"`
}
type LinkedDataFormat ¶
type LinkedDataFormat CredentialFormat
func (LinkedDataFormat) CredentialFormat ¶
func (f LinkedDataFormat) CredentialFormat() CredentialFormat
func (LinkedDataFormat) Ptr ¶
func (f LinkedDataFormat) Ptr() *LinkedDataFormat
func (LinkedDataFormat) String ¶
func (f LinkedDataFormat) String() string
type NormalizedClaim ¶
type NormalizedClaim struct { // id for the claim ID string // json representation of the claim Data map[string]any // claim in its original format (e.g. Verifiable Credential, token string, etc.) RawClaim any // JWT_VC, JWT_VP, LDP_VC, LDP_VP, etc. Format string // Signing algorithm used for the claim (e.g. EdDSA, ES256, PS256, etc.). // OR the Linked Data Proof Type (e.g. JsonWebSignature2020) AlgOrProofType string }
type Preference ¶
type Preference string
func (Preference) Ptr ¶
func (p Preference) Ptr() *Preference
type PresentationClaim ¶
type PresentationClaim struct { // Data Integrity Claim // If we have a Credential or Presentation value, we assume we have a LDP_VC or LDP_VP respectively Credential *credential.VerifiableCredential Presentation *credential.VerifiablePresentation LDPFormat *LinkedDataFormat // JWT claims Token *string JWTFormat *JWTFormat // The algorithm or Linked Data proof type by which the claim was signed must be present SignatureAlgorithmOrProofType string }
PresentationClaim 's may be of any claim format designation, including LD or JWT variations of VCs or VPs https://identity.foundation/presentation-exchange/#claim-format-designations This object must be constructed for each claim before processing of a Presentation Definition
func (*PresentationClaim) GetClaim ¶
func (pc *PresentationClaim) GetClaim() any
GetClaim returns the claim value as a generic type. Since PresentationClaim is a union type, the value returned is the first non-nil value in the following order: Credential, Presentation, Token
func (*PresentationClaim) GetClaimFormat ¶
func (pc *PresentationClaim) GetClaimFormat() (string, error)
GetClaimFormat returns the value of the format depending on the claim type. Since PresentationClaim is a union type. An error is returned if no value is present in any of the possible embedded types.
func (*PresentationClaim) GetClaimJSON ¶
func (pc *PresentationClaim) GetClaimJSON() (map[string]any, error)
GetClaimJSON gets the claim value and attempts to turn it into a generic go-JSON object represented by an any
func (*PresentationClaim) GetClaimValue ¶
func (pc *PresentationClaim) GetClaimValue() (any, error)
GetClaimValue returns the value of the claim as JSON. Since PresentationClaim is a union type. An error is returned if no value is present in any of the possible embedded types.
func (*PresentationClaim) IsEmpty ¶
func (pc *PresentationClaim) IsEmpty() bool
type PresentationDefinition ¶
type PresentationDefinition struct { ID string `json:"id,omitempty" validate:"required"` Name string `json:"name,omitempty"` Purpose string `json:"purpose,omitempty"` Format *ClaimFormat `json:"format,omitempty" validate:"omitempty,dive"` InputDescriptors []InputDescriptor `json:"input_descriptors" validate:"required,dive"` SubmissionRequirements []SubmissionRequirement `json:"submission_requirements,omitempty" validate:"omitempty,dive"` // https://identity.foundation/presentation-exchange/#json-ld-framing-feature Frame any `json:"frame,omitempty"` }
PresentationDefinition https://identity.foundation/presentation-exchange/#presentation-definition
func VerifyJWTPresentationRequest ¶
func VerifyJWTPresentationRequest(verifier jwx.Verifier, request []byte) (*PresentationDefinition, error)
VerifyJWTPresentationRequest verifies the signature on a JWT-based presentation request for a given verifier and then returns the parsed Presentation Definition object as a result.
func VerifyPresentationRequest ¶
func VerifyPresentationRequest(verifier any, pt PresentationRequestType, request []byte) (*PresentationDefinition, error)
VerifyPresentationRequest finds the correct verifier and parser for a given presentation request type, verifying the signature on the request, and returning the parsed Presentation Definition object.
func (*PresentationDefinition) IsEmpty ¶
func (pd *PresentationDefinition) IsEmpty() bool
func (*PresentationDefinition) IsValid ¶
func (pd *PresentationDefinition) IsValid() error
type PresentationDefinitionBuilder ¶
type PresentationDefinitionBuilder struct {
*PresentationDefinition
}
func NewPresentationDefinitionBuilder ¶
func NewPresentationDefinitionBuilder() PresentationDefinitionBuilder
func (*PresentationDefinitionBuilder) Build ¶
func (pdb *PresentationDefinitionBuilder) Build() (*PresentationDefinition, error)
func (*PresentationDefinitionBuilder) IsEmpty ¶
func (pdb *PresentationDefinitionBuilder) IsEmpty() bool
func (*PresentationDefinitionBuilder) SetClaimFormat ¶
func (pdb *PresentationDefinitionBuilder) SetClaimFormat(format ClaimFormat) error
func (*PresentationDefinitionBuilder) SetFrame ¶
func (pdb *PresentationDefinitionBuilder) SetFrame(frame any) error
func (*PresentationDefinitionBuilder) SetInputDescriptors ¶
func (pdb *PresentationDefinitionBuilder) SetInputDescriptors(descriptors []InputDescriptor) error
func (*PresentationDefinitionBuilder) SetName ¶
func (pdb *PresentationDefinitionBuilder) SetName(name string) error
func (*PresentationDefinitionBuilder) SetPurpose ¶
func (pdb *PresentationDefinitionBuilder) SetPurpose(purpose string) error
func (*PresentationDefinitionBuilder) SetSubmissionRequirements ¶
func (pdb *PresentationDefinitionBuilder) SetSubmissionRequirements(requirements []SubmissionRequirement) error
type PresentationDefinitionEnvelope ¶
type PresentationDefinitionEnvelope struct {
PresentationDefinition `json:"presentation_definition"`
}
type PresentationRequestOption ¶
type PresentationRequestOption struct { Type PresentationRequestOptionType Value any }
type PresentationRequestOptionType ¶
type PresentationRequestOptionType string
type PresentationRequestType ¶
type PresentationRequestType string
PresentationRequestType represents wrappers for Presentation Definitions submitted as requests https://identity.foundation/presentation-exchange/#presentation-request
func GetSupportedPresentationRequestTypes ¶
func GetSupportedPresentationRequestTypes() []PresentationRequestType
GetSupportedPresentationRequestTypes returns all supported presentation request embed targets
type PresentationSubmission ¶
type PresentationSubmission struct { ID string `json:"id" validate:"required"` DefinitionID string `json:"definition_id" validate:"required"` DescriptorMap []SubmissionDescriptor `json:"descriptor_map" validate:"required"` }
PresentationSubmission https://identity.foundation/presentation-exchange/#presentation-submission
func (*PresentationSubmission) IsEmpty ¶
func (ps *PresentationSubmission) IsEmpty() bool
func (*PresentationSubmission) IsValid ¶
func (ps *PresentationSubmission) IsValid() error
type PresentationSubmissionBuilder ¶
type PresentationSubmissionBuilder struct {
*PresentationSubmission
}
func NewPresentationSubmissionBuilder ¶
func NewPresentationSubmissionBuilder(definitionID string) PresentationSubmissionBuilder
func (*PresentationSubmissionBuilder) Build ¶
func (psb *PresentationSubmissionBuilder) Build() (*PresentationSubmission, error)
func (*PresentationSubmissionBuilder) IsEmpty ¶
func (psb *PresentationSubmissionBuilder) IsEmpty() bool
func (*PresentationSubmissionBuilder) SetDescriptorMap ¶
func (psb *PresentationSubmissionBuilder) SetDescriptorMap(descriptors []SubmissionDescriptor) error
type RelationalConstraint ¶
type RelationalConstraint struct { FieldID []string `json:"field_id" validate:"required"` Directive *Preference `json:"directive" validate:"required"` }
type SubmissionDescriptor ¶
type SubmissionDescriptor struct { // Must match the `id` property of the corresponding input descriptor ID string `json:"id" validate:"required"` Format string `json:"format" validate:"required"` Path string `json:"path" validate:"required"` PathNested *SubmissionDescriptor `json:"path_nested,omitempty"` }
SubmissionDescriptor is a mapping to Input Descriptor objects
type SubmissionRequirement ¶
type SubmissionRequirement struct { Rule Selection `json:"rule" validate:"required"` // Either an array of SubmissionRequirement OR a string value FromOption `validate:"required"` Name string `json:"name,omitempty"` Purpose string `json:"purpose,omitempty"` Count int `json:"count,omitempty" validate:"omitempty,min=1"` Minimum int `json:"min,omitempty"` Maximum int `json:"max,omitempty"` }
SubmissionRequirement https://identity.foundation/presentation-exchange/#presentation-definition-extensions
func (*SubmissionRequirement) IsEmpty ¶
func (sr *SubmissionRequirement) IsEmpty() bool
func (*SubmissionRequirement) IsValid ¶
func (sr *SubmissionRequirement) IsValid() error
type VerifiedSubmissionData ¶
type VerifiedSubmissionData struct { // The ID of the input descriptor that was verified InputDescriptorID string // The raw claim data that was verified – could be a JWT, or a VC, or a VP Claim any // The filtered data as a JSON string FilteredData any }
VerifiedSubmissionData is the result of a successful verification of a presentation submission corresponds to the data that was verified, and the filtered data that was used to verify it for a given input descriptor
func VerifyPresentationSubmission ¶
func VerifyPresentationSubmission(ctx context.Context, verifier any, resolver resolution.Resolver, et EmbedTarget, def PresentationDefinition, submission []byte) ([]VerifiedSubmissionData, error)
VerifyPresentationSubmission verifies a presentation submission for both signature validity and correctness with the specification. It is assumed that the caller knows the submission embed target, and the corresponding presentation definition, and has access to the public key of the signer. A DID resolution is required to resolve the DID and keys of the signer for each credential in the presentation, whose signatures also need to be verified. Note: this method does not support LD cryptosuites, and prefers JWT representations. Future refactors may include an analog method for LD suites. TODO(gabe) remove embed target, have it detected from the submission
func VerifyPresentationSubmissionVP ¶
func VerifyPresentationSubmissionVP(def PresentationDefinition, vp credential.VerifiablePresentation) ([]VerifiedSubmissionData, error)
VerifyPresentationSubmissionVP verifies whether a verifiable presentation is a valid presentation submission for a given presentation definition. No signature verification happens here.