Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: Add missing params on Attestation Request #430

Merged
merged 2 commits into from
Oct 2, 2024
Merged

chore: Add missing params on Attestation Request #430

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
34ddadd
Add missing params on Attestation Request
grausof Oct 1, 2024
691e2f2
Apply suggestions from code review
Oct 2, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
28 changes: 27 additions & 1 deletion docs/en/wallet-attestation.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -246,7 +246,7 @@ Below a non-normative example of the ``client_data``.

**Steps 11-12**: The Wallet Instance:

* Constructs the Wallet Attestation Request in the form of a JWT. This JWT includes the ``integrity_assertion``, ``hardware_signature``, ``challenge``, ``hardware_key_tag``, and ``cnf``, and is signed using the private key of the initially generated ephemeral key pair.
* Constructs the Wallet Attestation Request in the form of a JWT. This JWT includes the ``integrity_assertion``, ``hardware_signature``, ``challenge``, ``hardware_key_tag``, ``cnf`` and other configuration related parameters (see :ref:`Table of the Wallet Attestation Request Body <table_wallet_attestation_request_claim>` below) and is signed using the private key of the initially generated ephemeral key pair.
* Submits the Wallet Attestation Request to the token endpoint of the Wallet Provider Backend.

Below an non-normative example of the Wallet Attestation Request JWT without encoding and signature applied:
Expand Down Expand Up @@ -283,6 +283,17 @@ Below an non-normative example of the Wallet Attestation Request JWT without enc
},
},
},
authorization_endpoint": "https://wallet-solution.digital-strategy.europa.eu/authorization",
"response_types_supported": [
"vp_token"
],
"response_modes_supported": [
"form_post.jwt"
],
"request_object_signing_alg_values_supported": [
"ES256"
],
"presentation_definition_uri_supported": false,
"iat": 1686645115,
"exp": 1686652315
}
Expand Down Expand Up @@ -446,6 +457,21 @@ The body of the Wallet Attestation Request JWT MUST contain:
* - **vp_formats_supported**
- JSON object with name/value pairs, identifying a Credential format supported by the Wallet.
-
* - **authorization_endpoint**
- URL of the Wallet Authorization Endpoint (custom url schema or universal link of the Wallet Instance).
-
* - **response_types_supported**
- JSON array containing a list of the OAuth 2.0 ``response_type`` values.
-
* - **response_modes_supported**
- JSON array containing a list of the OAuth 2.0 "response_mode" values that this authorization server supports.
- :rfc:`8414`
* - **request_object_signing_alg_values_supported**
- JSON array containing a list of the JWS signing algorithms (alg values) supported.
-
* - **presentation_definition_uri_supported**
- Boolean value specifying whether the Wallet Instance supports the transfer of presentation_definition by reference. MUST be set to false.
-

.. _table_wallet_attestation_claim:

Expand Down
Loading