Open etschelp opened 1 year ago
Answering a anoncred presentation request with self attested attributes only works if two conditions are met:
name
key instead of names
. As names
always requires restrictions to be set, both options are mutual exclusive.Example presentation request:
{
"connection_id": "f7c80500-8e17-4c36-bae5-7177dedc080c",
"proof_request": {
"name": "test self attested attributes",
"version": "0.1",
"requested_attributes": {
"some_iban": {
"name": "iban",
"restrictions": []
}
},
"requested_predicates": {}
}
}
Example response:
{
"requested_attributes": {},
"requested_predicates": {},
"self_attested_attributes": {
"some_iban": "1234"
}
}
The proof template only works with names
and hence has at least a restriction on the schema. So creating a template that supports self attested attributes requires reworking the proof template as well. Answering a presentation request that matches above conditions only requires minimal changes in the front and backend.
As discussed there are three places that need to be refactored here:
Json request:
{
"group0_match_from_wallet": {
"referent": "3b2f38db-6a6f-4188-96a2-b56909a1a16d",
},
"group1_self_attested": {
"selfAttestedValue": "something"
}
}
Matching request class:
@Data
@Introspected
@NoArgsConstructor
public class SendPresentationRequest {
@NotEmpty
private Map<String, SelectedReferent> selectedReferents;
public Map<UUID, Boolean> findReferents() {
return selectedReferents.values().stream()
.filter(Objects::nonNull)
.map(ref -> Map.entry(ref.getReferent(), ref.getRevealed()))
.collect(Collectors.toMap(Map.Entry::getKey, Map.Entry::getValue));
}
public Map<String, String> findSelfAttested() {
return selectedReferents.entrySet().stream()
.filter(e -> e.getValue().getReferent() == null)
.filter(e -> StringUtils.isNotEmpty(e.getValue().getSelfAttestedValue()))
.map(e -> Map.entry(e.getKey(), e.getValue().getSelfAttestedValue()))
.collect(Collectors.toMap(Map.Entry::getKey, Map.Entry::getValue));
}
@Data
@NoArgsConstructor
public static class SelectedReferent {
private UUID referent;
private Boolean revealed;
private String selfAttestedValue;
}
Plug it into the helper:
SendPresentationRequestHelper.acceptAll(presentationRequest, approve.findReferents(), approve.findSelfAttested());
Current state of implementation:
See also: https://github.com/hyperledger-labs/business-partner-agent/issues/650
In case the presentation request has no restrictions on the issuer, or issuer is holder, the request can also be answered with self attested attributes. This could be a very nice feature if we make it document based, as this avoids connecting the agent to itself to get the wallet credential.
Dif:
Either now restrictions or subject_is_issuer set.