The endpoint should return a URI that can be used to render QR code with valid Authorization Request parameters. The returned URI should look something like this
The Response Mode direct_post allows the Wallet to post the VP to the Verifier without redirects.
direct_post:
In this mode, the Authorization Response is sent to the Verifier using an HTTP POST request to an endpoint controlled by the Verifier. The Authorization Response parameters are encoded in the body using the application/x-www-form-urlencoded content type. The flow can end with an HTTP POST request from the Wallet to the Verifier, or it can end with a redirect that follows the HTTP POST request, if the Verifier responds with a redirect URI to the Wallet.
The following new Authorization Request parameter is defined to be used in conjunction with Response Mode direct_post:
response_uri:
REQUIRED when the Response Mode direct_post is used. The Response URI to which the Wallet MUST send the Authorization Response using an HTTP POST request as defined by the Response Mode direct_post. The Response URI receives all Authorization Response parameters as defined by the respective Response Type. When the response_uri parameter is present, the redirect_uri Authorization Request parameter MUST NOT be present. If the redirect_uri Authorization Request parameter is present when the Response Mode is direct_post, the Wallet MUST return an invalid_request Authorization Response error. The response_uri value MUST be a value that the client would be permitted to use as redirect_uri when following the rules defined in Section 5.7.
NOTE: It's important to read the specification before the implementation to get more context about the given scenario.
Proposed feature
This issue is a subtask of the https://github.com/hyperledger/identus/issues/16
The Verifier should support the Response Mode "direct_post"
Feature description
The endpoint should return a URI that can be used to render QR code with valid Authorization Request parameters. The returned URI should look something like this
The Response Mode
direct_postallows the Wallet to post the VP to the Verifier without redirects.direct_post: In this mode, the Authorization Response is sent to the Verifier using an HTTP POST request to an endpoint controlled by the Verifier. The Authorization Response parameters are encoded in the body using the application/x-www-form-urlencoded content type. The flow can end with an HTTP POST request from the Wallet to the Verifier, or it can end with a redirect that follows the HTTP POST request, if the Verifier responds with a redirect URI to the Wallet. The following new Authorization Request parameter is defined to be used in conjunction with Response Mode direct_post:
response_uri: REQUIRED when the Response Mode direct_post is used. The Response URI to which the Wallet MUST send the Authorization Response using an HTTP POST request as defined by the Response Mode direct_post. The Response URI receives all Authorization Response parameters as defined by the respective Response Type. When the response_uri parameter is present, the redirect_uri Authorization Request parameter MUST NOT be present. If the redirect_uri Authorization Request parameter is present when the Response Mode is direct_post, the Wallet MUST return an invalid_request Authorization Response error. The response_uri value MUST be a value that the client would be permitted to use as redirect_uri when following the rules defined in Section 5.7.
NOTE: It's important to read the specification before the implementation to get more context about the given scenario.