Android Wallet Integration failure

[dariocast]

I cloned the project and built it up with docker compose, and after reading the configuration specifications, I changed the urls using ngrok tool (to be able to test with a mobile wallet) in this way:

• ISSUER_PUBLICURL=NGROK_EXPOSED_URL/pid-issuer
• ISSUER_AUTHORIZATIONSERVER_PUBLICURL=NGROK_EXPOSED_URL/idp/realms/pid-issuer-realm
• ISSUER_AUTHORIZATIONSERVER_METADATA=NGROK_EXPOSED_URL/idp/realms/pid-issuer-realm/.well-known/openid-configuration
• ISSUER_AUTHORIZATIONSERVER_INTROSPECTION=NGROK_EXPOSED_URL/idp/realms/pid-issuer-realm/protocol/openid-connect/token/introspect

I was able to successfully load the frontend and retrieve a QR code for the issuance for each kind of format but the android demo wallet built from the eudi repository is unable to resolve the credential offer. The only error message I get is "If the issue persist, contact service".

[babisRoutis]

Dear @dariocast

To verify your setup you can use a simple program that is included in the VCI lib. Just clone the repository, change credential issuer to point to your set up, and run the program.

With regards to the wallet problem please note that

• Currently, only mso_mdoc credentials are supported (issuer supports also sd-jwt-vc)
• Depending on your installation, there could be a trust issue in case you use of self-signed certificates (Ktor client doesn't trust self-signed certs). If so, we could raise the issue to the wallet devs for some instructions.

[dariocast]

Thank you for the reply, I will verify with your hint on the VCI lib.

Regarding this:

• Depending on your installation, there could be a trust issue in case you use of self-signed certificates (Ktor client doesn't trust self-signed certs). If so, we could raise the issue to the wallet devs for some instructions.

I think I am in this situation. I am using the currently included certificates of the pid-issuer for haproxy and keycloak

[dariocast]

Hi, I tried the test suggested in this reply

To verify your setup you can use a simple program that is included in the VCI lib. Just clone the repository, change credential issuer to point to your set up, and run the program.

And I set the issuer to point to the local one provided by the pid-issuer repository:

private const val BASE_URL = "https://localhost/pid-issuer"

But when I run the test a content type appear to be not valid. In the specific the issuer pass a application/json while the test expect application/jwt. I attach a log of the execution with the error stack.

I do not understand if it is something related to this library or to be reported to the issuer. I am using the repositories as is, without any modification.

error_log.pdf

[babisRoutis]

Hi @dariocast

I think you are very close, actually.

Can you please make sure that you use

• in your docker compose v0.2.2 ?
• you executing the program from the VCI main branch?

Update: To be more precise, your installation works fine. The error in your logs had to do with a corner case of supporting deferred issuance. This is not applicable for PID & mDL in mso_mdoc The issue has been resolved in the v0.2.2 of the pid issuer. You should be able to verify this by just changing the docker image but keeping your settings

[dariocast]

Ok I updated to v0.2.2 (default was edge and I haven't changed it). Now the test is successful so I think the Core module works fine. I will try to use the docker container locally with something like ngrok tool to expose the endpoints in order to check if the wallet works now.