Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CWALL-254: Added vc validation against the schema #243

Open
wants to merge 12 commits into
base: develop
Choose a base branch
from
Open

CWALL-254: Added vc validation against the schema #243

wants to merge 12 commits into from
+4,252 −2,744

Conversation

sksadjad
Copy link
Contributor

IMPORTANT NOTE
the examples that I see from ebsi, all have some discrepancies. so I've added an option to dictate whether we want to check the vc against it's schema or not:

export type VerifyCredentialToAcceptArgs = {
  mappedCredential: MappedCredentialToAccept
  hasher?: Hasher
  verifyAgainstSchema?: boolean // newly added value
  context: RequiredContext
}

@sksadjad
feat: added validation against vc schema and test cases for validatin…
b75f952 
…g the vc against the schema plus some bugfixes. also made checking vc against the schema optional
@sksadjad sksadjad changed the title Added vc validation against the schema SPRIND-254: Added vc validation against the schema Sep 23, 2024
@sksadjad sksadjad changed the title SPRIND-254: Added vc validation against the schema CWALL-254: Added vc validation against the schema Sep 23, 2024
@nklomp
Copy link
Contributor

nklomp commented Sep 23, 2024

The logic should be the other way around. Just like how we handle expiration and credential status. When the object is present, it means the issuer values the respective feature of the VCDM. So when they issue with a schema, we should always validate, unless an option was set to not validate. So something like noSchemaValidation makes more sense. Or even nicer an enum named SchemaValidation, with values, ALWAYS, NEVER, WHEN_PRESENT. That allows you to configure from a wallet or RP perspective whether you always need schema's, whether you will not verify schema's or only when the issuer added schema's

sksadjad and others added 9 commits September 25, 2024 12:29
@sksadjad
refactor: changed the OID4VCIHolder handling the schema validation
eecfa1a
@sksadjad
refactor: moved the schema validation reference from oid4vc lib to ss…
a8e2c3e 
…i-sdk
@sksadjad
Merge branch 'refs/heads/develop' into feature/CWALL-254_basedon_from…
7aa426d 
…-funke
@sksadjad
feat: added new module CredentialValidation
6464fac
@sksadjad
feat: updated oid4vci-holder and siopv2-rp to use credential-validati…
b25b66e 
…on module for verifying credentials.
@sksadjad
feat: updated oid4vci-holder and siopv2-rp to use credential-validati…
87081e5 
…on module for verifying credentials.
@sksadjad
doc: updated README of credential-validation
e53b8fe
@nklomp
Merge remote-tracking branch 'origin/develop' into feature/CWALL-254_…
10c7c07 
…basedon_from-funke

# Conflicts:
#	packages/oid4vci-holder/src/agent/OID4VCIHolderService.ts
#	packages/siopv2-oid4vp-op-auth/src/session/functions.ts
#	pnpm-lock.yaml
@nklomp
chore: update lock
3b295ab
@nklomp nklomp changed the base branch from feature/from-funke to develop October 28, 2024 01:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@sksadjad @nklomp