Open dlongley opened 1 year ago
yes this naming caused some confusion for me originally so that update would be helpful for new devs. So just to get this straight @dlongley. The web
object is describing how to "get" a WebCredential
which is by using a VerifiablePresentation
. To know how to complete that VerifiablePresentation
the VerifiablePresentationRequest
is here in this VerifiablePresentation
object?
@brianorwhatever, yes, that sounds right.
CHAPI extends the Credential Management API by defining a
WebCredential
that implements theCredential
interface (note thatCredential
is not aVerifiableCredential
but a WebIDL interface specific to the browser Credential Management API spec). This is the expected mechanism for extending that spec (otherCredential
types includeFederatedCredential
,PasswordCredential
, etc.).Each of these generates C++ (or whatever native code) when implemented directly in the browser, so the number of types of "Credentials" is bounded, unlike how it is unbounded in the Verifiable Credential ecosystem. Also, a
WebCredential
is not specific to the Verifiable Credentials ecosystem either, allowing for any kind of credential data to be handled by aCredentialHandler
. Thus, aWebCredential
has its owndataType
anddata
(properties of theWebCredential
). The former is alwaysVerifiablePresentation
when either getting or storing Verifiable Credentials, as these are transmitted via Verifiable Presentations -- and the Credential Management API's design is such that you "get" and "store" the same "type" ofCredential
. This means that you either "get" aWebCredential
that has, as its data, aVerifiablePresentation
, or you "store" one -- at that layer.Again, in a somewhat awkward fashion, this means that the
credentialRequestOptions
(again, from the core Credential Management API spec) expresses query information for specificCredential
types using the prefix for the extending types as property names:{web: {...}, federated: {...}, password: {...}}
. Therefore, when using CHAPI,web
is used -- and withinweb
, the specificdataType
is further used to continue this design pattern:web: {VerifiablePresentation: {...}}
. That does not mean that the value ofcredentialRequestOptions.web.VerifiablePresentation
is a Verifiable Presentation -- as this is not how the Credential Management API data model pattern works. It is, instead, whatever "options" are needed to be passed to find aWebCredential
ofdataType
:VerifiablePresentation
. These "options" are defined as aVerifiablePresentationRequest
, so the value is a VPR.I'll convert this into an issue and hopefully the background can be helpful in some way.
_Originally posted by @dlongley in https://github.com/credential-handler/chapi.io/pull/21#discussion_r1297415393_