search

International-Data-Spaces-Association / omejdn-daps

Open Source implementation of the Dynamic Attribute Provisioning Service based on http://github.com/Fraunhofer-AISEC/omejdn-server
Apache License 2.0
7 stars 10 forks source link

[Request for a feature] Dynamic claims request #32

Open anastath opened 2 years ago

anastath commented 2 years ago

Hi, I would like to ask if the 'Dynamic Claims Request' feature described in this repository is implemented in omejdn-daps repository.

If yes, are these two advisable features supported: DAPS implementations are advised to explicitly white-list any requestable claims and to check requested values as appropriate. If the requested values are checked how are they checked? Is there any cross-check mechanism to cross-check the claims of the clients?

bellebaum commented 2 years ago

Hi, sorry for the late reply. One day I should find out how to subscribe to new issues.

Yes, Omejdn is able to issue claims dynamically.

To enable a claim for a particular connector, the corresponding attribute should look like this:

- key: transportCertsSha256
  value: whatever default value you would like
  dynamic: true

There is currently no way of specifying and checking valid values. If that is something you desperately need (and you know a bit about Ruby), you might want to have a look at writing a plugin for Omejdn.