eIDAS API function eidas_verify_credential should work on two ways:
1. No support for DID resolution.
In an initial and simpler phase, eIDAS library will delegate the DID resolution to the Agent, making the library simpler and completely independent of the DID-method used.
In this scenario the API function will need the DID Document and the function will be as shown:
Get DID from the json_credential and from did_document and check are the same
Get EIDASLink service endpoint from did_document
Retrieve the EIDAS Link json structure and check that the DID correspond to the one from did_document
Verify signature with the public key of the EIDAS Link and the proof that contains
Return VALID
2. Support for DID Resolution.
In this case, the DID resolution would be responsibility for the eIDAS Library and it will not be necessary to include the DID Document as a parameter.
eIDAS API function eidas_verify_credential should work on two ways:
1. No support for DID resolution. In an initial and simpler phase, eIDAS library will delegate the DID resolution to the Agent, making the library simpler and completely independent of the DID-method used. In this scenario the API function will need the DID Document and the function will be as shown:
def eidas_verify_credential(json_credential, did_document) -> str:The algorithm in this case would be as followed:
json_credentialand fromdid_documentand check are the sameEIDASLinkservice endpoint fromdid_documentdid_documentVALID2. Support for DID Resolution. In this case, the DID resolution would be responsibility for the eIDAS Library and it will not be necessary to include the DID Document as a parameter.
def eidas_verify_credential(json_credential, did_document = None) -> str:The algorithm in this case will add one additional step:
json_credentialEIDASLinkservice endpoint fromdid_documentdid_documentVALID