search

TalaoDAO / AltMe

Talao / Altme wallet : Open source Self Sovereign Identity wallet. Multi ecosystem support : EBSI conformant. ARF EUDI wallet implementation, DIIP and more.
https://talao.io
Apache License 2.0
45 stars 13 forks source link

OIDC4VCI update deferred flow for draft 13 #2539

Closed ThierryThevenet closed 6 months ago

ThierryThevenet commented 6 months ago

We already developed the deferred flow for EBSI (Draft 11) , but the flow changed for draft 13

so this is the specific flow for draft 13, we must keep the flow for EBSI alive.

If credential endpoint response is like that below it means the issuance is deferred 

HTTP/1.1 202 Accepted
Content-Type: application/json
Cache-Control: no-store

{
  "transaction_id": "8xLOxBtZp8",
  "c_nonce": "wlbQc6pCJp",
  "c_nonce_expires_in": 86400
}

trasanction_id is NEW for draft 13. it was acceptance_token for draft 11

Wallet must display the pending card like with EBSI and wallet must store the value oftransaction_idand c_nonce

Later (maybe months later) when wallet calls back to get the credential (when user clics on the pending card), wallet must call the deferred endpoint as previous but format is a bit different

example


POST /deferred_credential HTTP/1.1
Host: server.example.com
Content-Type: **application/json**
**Authorization: BEARER czZCaGRSa3F0MzpnWDFmQmF0M2JW**

{
   "transaction_id": "8xLOxBtZp8"
}

NEW : access token is added in the header (same as for credential request) the deferred endpoint is still available in openid as previously

ThierryThevenet commented 6 months ago

OIDC4VCI Test 6 for testing DIIP profile