Enhancement: add service entry for token endpoint

borisrizov-zf commented 5 months ago

Description

The service key for the credential service must be present in the DID document of all did subjects, but it is currently missing.

Acceptance Criteria

[ ] Add a service key to the DID document
[ ] The service key is a set/list of service entries
[ ] service entries consist of id, type and serviceEndpoint
[ ] The only requirement for the serviceEndpoint is to be a valid URI (the mapping and list/set variants can be omitted)
[ ] Calling the /<bpn>/did.json will include this new service entry

Additional Information

The types of service fields are described here: https://www.w3.org/TR/did-core/#services

Example service entry:

...
"service": [
{
    "id": "did:web:<miw_specific_id>#SecurityTokenService",
    "type": "SecurityTokenService",
    "serviceEndpoint": "https://<miw_host>/api/token"
},
{
    "id": "did:web:<miw_specific_id>#CredentialService",
    "type": "CredentialService",
    "serviceEndpoint": "https://<miw_host>/presentations/query"
}
],
...

hemantxpatel commented 5 months ago

Hi @borisrizov-zf , please note that serviceEndpoint should be the base url. So the end url for presentation query should look like: {serviceEndpoint}/presentations/query . If serviceEndpoint has value https://<miw_host>/api/token, then presentation query endpoint will be https://<miw_host>/api/token/presentations/query.

May be serviceEndpoint should have value https://<miw_host>/api so that presentation query endpoint looks like https://<miw_host>/api/presentations/query.

borisrizov-zf commented 5 months ago

Hi @hemantxpatel, these are two different service entries imo. One is the SecurityTokenService and one is the CredentialService. The former has the service URL /api/token and the ladder /presentations/query. That would be reasonable?

I've updated the description, to account for both.

hemantxpatel commented 5 months ago

Hi @borisrizov-zf , that's correct. Only thing is /presentations/query should not be part of the serviceEndpoint as it is appended by EDC. It should look like this:

"service": [
{
    "id": "did:web:<miw_specific_id>#SecurityTokenService",
    "type": "SecurityTokenService",
    "serviceEndpoint": "https://<miw_host>/api/token"
},
{
    "id": "did:web:<miw_specific_id>#CredentialService",
    "type": "CredentialService",
    "serviceEndpoint": "https://<miw_host>"
}
],

borisrizov-zf commented 4 months ago

@hemantxpatel Ah, thanks for the heads up, I'll update that this week.

eclipse-tractusx / managed-identity-wallet