Skip to content

Commit

Permalink
feat: Added support for openid_credential_issuer/verifier
Browse files Browse the repository at this point in the history
Signed-off-by: Tom Lanser <tom@devv.nl>
Tommylans committed Dec 18, 2024
1 parent a189983 commit 9015510
Showing 5 changed files with 48 additions and 2 deletions.
2 changes: 2 additions & 0 deletions packages/core/src/metadata/entity/index.ts
Original file line number Diff line number Diff line change
@@ -4,3 +4,5 @@ export * from './oauthResource'
export * from './openIdProvider'
export * from './openIdRelyingParty'
export * from './oauthAuthorizationServer'
export * from './openIdCredentialIssuer'
export * from './openIdCredentialVerifier'
25 changes: 25 additions & 0 deletions packages/core/src/metadata/entity/openIdCredentialIssuer.ts
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
import { z } from 'zod'
import { createEntity } from './utils'

/**
*
* {@link https://openid.github.io/federation-wallet/main.html#name-wallet-architecture-entity- | OpenID Credential Issuer}
*
*/
export const openIdCredentialIssuerEntityMetadata = createEntity({
identifier: 'openid_credential_issuer',
passThroughUnknownProperties: true,
additionalValidation: {
client_registration_types_supported: z.array(z.union([z.literal('automatic'), z.literal('explicit')])),
federation_registration_endpoint: z.string().url().optional(),
request_authentication_methods_supported: z
.object({
authorization_endpoint: z.array(z.string()).optional(),
pushed_authorization_request_endpoint: z.array(z.string()).optional(),
})
.optional(),
request_authentication_signing_alg_values_supported: z.array(z.string()).optional(),
},
})

export type OpenIdCredentialIssuerMetadata = z.input<(typeof openIdCredentialIssuerEntityMetadata)['schema']>
17 changes: 17 additions & 0 deletions packages/core/src/metadata/entity/openIdCredentialVerifier.ts
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
import { z } from 'zod'
import { createEntity } from './utils'

/**
*
* {@link https://openid.github.io/federation-wallet/main.html#name-wallet-architecture-entity- | OpenID Credential Verifier }
*
*/
export const openidCredentialVerifierEntityMetadata = createEntity({
identifier: 'openid_credential_verifier',
passThroughUnknownProperties: true,
additionalValidation: {
client_registration_types: z.array(z.union([z.literal('automatic'), z.literal('explicit')])),
},
})

export type OpenIdCredentialVerifierMetadata = z.input<(typeof openidCredentialVerifierEntityMetadata)['schema']>
2 changes: 0 additions & 2 deletions packages/core/src/metadata/entity/openIdRelyingParty.ts
Original file line number Diff line number Diff line change
@@ -1,8 +1,6 @@
import { z } from 'zod'
import { createEntity } from './utils'

// TODO: In the wallet specification they are talking about a `openid_credential_verifier` property which is the exact same as the `openid_relying_party` how should we handle this?

/**
*
* {@link https://openid.net/specs/openid-federation-1_0.html#section-5.1.2-1 | openID Relying Party }
4 changes: 4 additions & 0 deletions packages/core/src/metadata/metadata.ts
Original file line number Diff line number Diff line change
@@ -5,13 +5,17 @@ import {
oauthAuthorizationServerEntityMetadata,
oauthClientEntityMetadata,
oauthResourceEntityMetadata,
openIdCredentialIssuerEntityMetadata,
openIdProviderEntityMetadata,
openidCredentialVerifierEntityMetadata,
openidRelyingPartyEntityMetadata,
} from './entity'

export const metadataSchema = z.object({
[federationEntityMetadata.identifier]: federationEntityMetadata.schema.optional(),
[openidRelyingPartyEntityMetadata.identifier]: openidRelyingPartyEntityMetadata.schema.optional(),
[openidCredentialVerifierEntityMetadata.identifier]: openidCredentialVerifierEntityMetadata.schema.optional(),
[openIdCredentialIssuerEntityMetadata.identifier]: openIdCredentialIssuerEntityMetadata.schema.optional(),
[openIdProviderEntityMetadata.identifier]: openIdProviderEntityMetadata.schema.optional(),
[oauthAuthorizationServerEntityMetadata.identifier]: oauthAuthorizationServerEntityMetadata.schema.optional(),
[oauthClientEntityMetadata.identifier]: oauthClientEntityMetadata.schema.optional(),

0 comments on commit 9015510

Please sign in to comment.