search

animo / openid4vc-playground

OpenID4VC Playground for issuing SD-JWT VCs
https://openid4vc.animo.id
Apache License 2.0
8 stars 7 forks source link

Issue to Paradym wallet fails #18

Open warren-gallagher opened 7 months ago

warren-gallagher commented 7 months ago

Agent gets a NOT FOUND error when attempt to process issuance offer from Paradym Wallet. Issuer page screen shot attached.

Agent console log: pnpm dev
Debugger attached.

agent@ dev /Users/wgallagher/dev/aq/openid4vc-playground/agent tsx watch -r dotenv/config src/server.ts dotenv_config_path=.env.development

Debugger attached. Debugger attached. WARN: The '@credo-ts/cheqd' module is experimental and could have unexpected breaking changes. When using this module, make sure to use strict versions for all @credo-ts packages. WARN: The '@credo-ts/openid4vc' Issuer module is experimental and could have unexpected breaking changes. When using this module, make sure to use strict versions for all @credo-ts packages. WARN: The '@credo-ts/openid4vc' Holder module is experimental and could have unexpected breaking changes. When using this module, make sure to use strict versions for all @credo-ts packages. WARN: The '@credo-ts/openid4vc' Verifier module is experimental and could have unexpected breaking changes. When using this module, make sure to use strict versions for all @credo-ts packages. WARN: The 'DifPresentationExchangeModule' module is experimental and could have unexpected breaking changes. When using this module, make sure to use strict versions for all @credo-ts packages. WARN: The 'SdJwtVc' module is experimental and could have unexpected breaking changes. When using this module, make sure to use strict versions for all @credo-ts packages. INFO: Creating agent with config { "agentConfig": { "label": "OpenID4VC Playground", "logger": 1, "walletConfig": { "id": "openid4vc-playground", "key": "[]", "storage": {} }, "agentDependencies": true } } INFO: Initializing wallet 'openid4vc-playground' { "id": "openid4vc-playground", "key": "[]", "storage": {} } DEBUG: Wallet 'openid4vc-playground' not found DEBUG: Creating wallet 'openid4vc-playground DEBUG: Successfully created wallet 'openid4vc-playground' DEBUG: Setting current agent storage version to 0.5 TRACE: Storage upgrade record does not exist yet. Creating. INFO: Agent storage is up to date. DEBUG: Mediator routing record not loaded yet, retrieving from storage DEBUG: Mediator routing record does not exist yet, creating routing keys and record DEBUG: resolving didUrl did:key:z6MkpRSYe1WHRSmqsTheBa6rdTjyG5hJwttTcEhvgg1Kapbv DEBUG: resolving didUrl did:key:zDnaefEzJWXWBSGXXjqYc61JWWPu7saR2EL9d1qyvAy8eKvrx DEBUG: resolving didUrl did:jwk:eyJrdHkiOiJPS1AiLCJjcnYiOiJFZDI1NTE5IiwieCI6ImxCMlV1ZXZPVE02bEZ1NE43NFVOY09RWFR1aXJOa3hQU0NnNUUtdTBHZzAifQ DEBUG: resolving didUrl did:jwk:eyJrdHkiOiJFQyIsImNydiI6IlAtMjU2IiwieCI6IjNBOVY4eW5xUmNWakFEcWxmcFo5WDhtd2JldzBUdVFsZEhfUU9wa2Fkc1UiLCJ5IjoiYWYyVkh5TzRNemlFaFVlQmZvZVpWQk0tV1R5WmwtRGlNQzZfZC1zUzRNSSJ9 INFO: app listening on port 3001 WARN: [OID4VCI] Sending error response: {"error":"not_found","error_description":"Credential offer not found"} { "error": "Credential offer not found" }

Screenshot 2024-04-15 at 12 28 30 PM
warren-gallagher commented 7 months ago

Found one problem. When running the agent locally using http and accessing remotely using grok (https) the issuanceSession offer URL is prefixed with https but the configureCredentialOfferEndpoint() method in: node_mnoduels/@credo-ts/openid4vc/build/openid4vc-issuer/router/credentialOfferEndpoint.js constructs the credentialOfferUri using request.protocol which in this case will be http. Thus the Credential Offer is not found. I hacked in a fix locally so that the method does the following to determine protocol:

            let protocol = request.protocol;
            let proxyProtocol = request.get('x-forwarded-proto');
            if( proxyProtocol ) {
                protocol = proxyProtocol;
            }
            const credentialOfferUri = `${protocol}://${host}${request.originalUrl}`;

The x-forwarded-proto header is set by the proxy (in this case ngrok)

Next problem is the following:

DEBUG: resolving didUrl did:jwk:eyJrdHkiOiJPS1AiLCJjcnYiOiJFZDI1NTE5IiwieCI6InA4b2NPODBZN0tYYzBnTkhxdnhfakxGWlc0RjAwVzNVQXlHdDRrdGFKM1EifQ#0
WARN: [OID4VCI] Sending error response: {"error":"invalid_request","error_description":"Issuance session not found"} {
  "error": {
    "name": "Error",
    "stack": "Error: Issuance session not found\n    at credentialRequestToCredentialMapper (/Users/wgallagher/dev/aq/openid4vc-playground/agent/src/issuer.ts:67:33)\n    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)\n    at <anonymous> (/Users/wgallagher/dev/aq/openid4vc-playground/node_modules/.pnpm/@credo-ts+openid4vc@0.5.0_expo@50.0.3_react-native@0.73.2/node_modules/@credo-ts/openid4vc/src/openid4vc-issuer/OpenId4VcIssuerService.ts:498:27)",
    "message": "Issuance session not found"
  }
}
warren-gallagher commented 7 months ago

Got things working by upgrading to credo-ts 0.5.1 and making the following change to issuer.ts

export const credentialRequestToCredentialMapper: OpenId4VciCredentialRequestToCredentialMapper =
  async ({
    credentialsSupported,
    credentialRequest,
    issuanceSession, // WLG - Added this now that we are using credo 0.5.1
    // FIXME: it would be useful if holderBinding would include some metadata on the key type / alg used
    // for the key binding
    holderBinding,
  }) => {

// commented out the code within the body that attempts to find the issuer session by the credential request.
TimoGlastra commented 7 months ago

hey @warren-gallagher, good to hear you figured it out. As you discovered there were some things that needed to be fixed, which were fixed in 0.5.1 (i ran into the same things myself). If you already have the changes locally, I'm happy to accept a PR for it. Otherwise I can look at updating the repo in the near future