search

italia / eudi-wallet-it-docs

Italian EUDI Wallet Technical Specifications
Creative Commons Zero v1.0 Universal
56 stars 20 forks source link

RP Solution - same device flow #74

Closed fmarino-ipzs closed 1 year ago

fmarino-ipzs commented 1 year ago

In the (Q)EAA Issance flow as defined in the PR #70, we require the Issuer to perform a PID presentation request to the Wallet Instance according to [OpenID4VP] following a same-device flow. In the current version of the IT Wallet specification we only have defined a cross-device authorization flow.

We should add technical details in the Same Device Flow Section.

peppelinux commented 1 year ago

I have implemented the same-device flow in the RP IAM proxy, according to OpenID4VP, here:

https://github.com/italia/eudi-wallet-it-python/blob/dev/pyeudiw/satosa/backend.py#L160

OpenID4VP says

The following non-normative example of an Authorization Request refers to the Authorization Request Object 
from above through the request_uri parameter. The Authorization Request can be displayed to 
the End-User either directly (as a link) or as a QR Code:

https://wallet.example.com?
    client_id=https%3A%2F%2Fclient.example.org%2Fcb
    &request_uri=https%3A%2F%2Fclient.example.org%2F567545564

I'll do a PR asap for enabling this in the current specs