This PR includes a first version of the Implicit Flow. The addition consists of four major parts:
A Provider that can accept a SiopRequest and generate a SiopResponse by creating an IdToken; adding its key identifier to the header of the id_token, signing the id_token and wrap it into a SiopResponse. Secondly, it can send the SiopResponse using the redirect_uri parameter.
A RelyingParty struct which can validate a SiopResponse by validating its IdToken using a key identifier (which is extracted from the id_token) and its public key.
The Subject trait can be implemented on a custom struct representing the signing logic of a DID method. A Provider can ingest an object that implemented the Subject trait so that during generation of a SiopResponse the DID method syntax, key identifier and signing method of the specific Subject can be used.
The Validator trait can be implemented on a custom struct representing the validating logic of a DID method. The sole responsibility is that (when ingested by a RelyingParty) it can resolve the public key that is needed for validating an IdToken.
Links to any relevant issues
Fixes #5
How the change has been tested
Three unit tests are provided:
A test for Provider<MockSubject> which shows that the Provider can generate a SiopResponse correctly from a SiopRequest.
A test for RelyingParty<MockValidator> which shows that the RelyingParty can validate a SiopResponse correctly using a Validator's public key.
A test specifically for the IOTA DID method. This test shows that Provider<IotaSubject> can generate a correct SiopResponse which can be correctly validated by a RelyingParty<IotaValidator>. EDIT: will be moved to a separate repository.
Definition of Done checklist
Add an x to the boxes that are relevant to your changes.
[x] I have followed the contribution guidelines for this project
[x] I have performed a self-review of my own code
[x] I have commented my code, particularly in hard-to-understand areas
[x] I have made corresponding changes to the documentation
[x] I have added tests that prove my fix is effective or that my feature works
[x] New and existing unit tests pass locally with my changes
Description of change
This PR includes a first version of the Implicit Flow. The addition consists of four major parts:
Providerthat can accept aSiopRequestand generate aSiopResponseby creating anIdToken; adding its key identifier to the header of theid_token, signing theid_tokenand wrap it into aSiopResponse. Secondly, it can send theSiopResponseusing theredirect_uriparameter.RelyingPartystruct which can validate aSiopResponseby validating itsIdTokenusing a key identifier (which is extracted from theid_token) and its public key.Subjecttrait can be implemented on a custom struct representing the signing logic of a DID method. AProvidercan ingest an object that implemented theSubjecttrait so that during generation of aSiopResponsethe DID method syntax, key identifier and signing method of the specificSubjectcan be used.Validatortrait can be implemented on a custom struct representing the validating logic of a DID method. The sole responsibility is that (when ingested by aRelyingParty) it can resolve the public key that is needed for validating anIdToken.Links to any relevant issues
Fixes #5
How the change has been tested
Three unit tests are provided:
Provider<MockSubject>which shows that theProvidercan generate aSiopResponsecorrectly from aSiopRequest.RelyingParty<MockValidator>which shows that theRelyingPartycan validate aSiopResponsecorrectly using aValidator's public key.Provider<IotaSubject>can generate a correctSiopResponsewhich can be correctly validated by aRelyingParty<IotaValidator>. EDIT: will be moved to a separate repository.Definition of Done checklist
Add an
xto the boxes that are relevant to your changes.