OIDC for Verifiable Credential Issuance (OID4VC) - Authorization Code Flow 1b for JWT

[essbante-io]

Short Description

Implement Phase 1 of the OID for Verifiable Credential Issuance (OID4VCI) project, focusing on the Authorization Code Flow 1b for JSON Web Tokens (JWT). This phase will enable secure and standardized issuance of verifiable credentials using the authorization code flow method.

Specification: see Authorisation flow scenario 1b (issuer initiated flow) in https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0.html

Value statement

By implementing the Authorization Code Flow 1b for JWT in the OID4VCI project, we will significantly enhance the security and standardization of our credential issuance process. This will ensure robust authentication and authorization mechanisms, providing a seamless and secure experience for issuers, verifiers, and users. We believe that for users and developers, this will give a more reliable and secure credential issuance process, and we’ll know this is true when we see:

• Successful implementation and use of the authorization code flow for credential issuance.
• Increased security and trust in the credential issuance process.

Scope

• [x] hyperledger/identus-edge-agent-sdk-ts/pull/294
• [x] hyperledger/identus-edge-agent-sdk-ts/pull/278
• [x] hyperledger/identus-edge-agent-sdk-ts/pull/277
• [x] hyperledger/identus-edge-agent-sdk-swift/pull/159
• [ ] hyperledger/identus-edge-agent-sdk-kmp/issues/210

[elribonazo]

@yshyn-iohk can u please add the Identus Cloud Agent tickets in here? thnks

[yshyn-iohk]

All cloud-agent tickets are done. There is one that @amagyar-iohk is going to close in Jira. This issue is ready to go.