feat(oid4vc): add mDoc credential processor with isomdl-uniffi#11
Open
burdettadam wants to merge 31 commits intomainfrom
Open
feat(oid4vc): add mDoc credential processor with isomdl-uniffi#11burdettadam wants to merge 31 commits intomainfrom
burdettadam wants to merge 31 commits intomainfrom
Conversation
- Refactor mso_mdoc to use isomdl-uniffi for crypto operations - Add key generation and key management routes - Add storage module for keys, certificates, and trust anchors - Add comprehensive unit tests for mDoc functionality - Add isomdl-uniffi dependency (git reference to main branch) - Add Rust toolchain and cache to CI for isomdl-uniffi compilation Signed-off-by: Adam Burdett <burdettadam@gmail.com>
- Mock context.inject_or to handle new status_handler code - Update patch from SDJWTIssuer to sd_jwt_sign after implementation change Signed-off-by: Adam Burdett <burdettadam@gmail.com>
- Mock profile.session() as proper async context manager - Use patch decorator for jwt_sign and retrieve_or_create_did_jwk - Fix indentation of assertions inside with block Signed-off-by: Adam Burdett <burdettadam@gmail.com>
- Fix error class typos: PresVerifeirError -> PresVerifierError, CredVerifeirError -> CredVerifierError - Update storage modules to catch general Exception instead of just InjectionError for graceful error handling - Preserve error messages in credential parsing failures for better debugging - Update GitHub workflow to install uniffi-bindgen for building isomdl-uniffi - Update Docker images to include Rust toolchain for building isomdl-uniffi - Set default ISOMDL_BRANCH to fix/python-build-system in integration tests All 123 mso_mdoc unit tests now passing ✅ Signed-off-by: Adam Burdett <burdettadam@gmail.com>
…for isomdl-uniffi Updated all ISOMDL_BRANCH args in docker-compose.yml from 'main' to 'fix/python-build-system' to ensure integration tests use the fixed build system that works properly in Docker containers. Signed-off-by: Adam Burdett <burdettadam@gmail.com>
Added a new integration-tests job that runs after linting-and-unit-tests job completes successfully. The integration tests: - Only run for plugins with an integration/ directory - Use Docker Compose to run end-to-end tests - Build and run test-river service for each changed plugin - Provide detailed logging if tests fail - Clean up containers after each plugin test This ensures that both unit tests and integration tests pass before PRs can be merged. Signed-off-by: Adam Burdett <burdettadam@gmail.com>
- Add support for credential_identifier parameter (OID4VCI 1.0) - Enforce mutual exclusivity between credential_identifier and format per § 7.2 - Maintain backward compatibility with draft spec format parameter - Return clear error messages for invalid request combinations Signed-off-by: Adam Burdett <burdettadam@gmail.com>
- Add token_endpoint to credential issuer metadata for draft spec clients - Fix credentials field in offer to use format (vc+sd-jwt) instead of identifier - Relax JWT proof typ header validation to accept common variants - Maintain full OID4VCI 1.0 compliance while supporting legacy clients Accepts typ values: openid4vci-proof+jwt (1.0), JWT, jwt, openid4vci-jwt (draft) Signed-off-by: Adam Burdett <burdettadam@gmail.com>
- test_oid4vci_10_metadata: verify credential_configuration_ids in metadata - test_oid4vci_10_credential_request_with_identifier: validate credential_identifier usage - test_oid4vci_10_mutual_exclusion: enforce field exclusivity per § 7.2 - test_oid4vci_10_proof_of_possession: validate JWT proof handling All tests verify compliance with OID4VCI 1.0 final specification Signed-off-by: Adam Burdett <burdettadam@gmail.com>
- Add openid_configuration to public routes exports - Register /.well-known/openid-configuration route - Enables OAuth 2.0 Authorization Server discovery per RFC 8414 - Required for OID4VCI 1.0 token endpoint discovery Signed-off-by: Adam Burdett <burdettadam@gmail.com>
- Register P256 key type for ES256 signature support - Add comprehensive logging to setup and lifecycle events - Reorganize credential processor registration - Move supported_cred_is_unique to utils module for better code organization - Remove circular dependency between oid4vc and jwt_vc_json Signed-off-by: Adam Burdett <burdettadam@gmail.com>
- Change Credo agent port to avoid conflicts - Update all test fixtures and URLs to use new port - Update docker-compose port mappings - Ensure consistent port configuration across integration tests Signed-off-by: Adam Burdett <burdettadam@gmail.com>
- Specify linux/amd64 platform for consistent builds across architectures - Update base image Dockerfile target and build context - Use isomdl-uniffi main branch instead of fix/python-build-system - Improve build reproducibility and cross-platform compatibility Signed-off-by: Adam Burdett <burdettadam@gmail.com>
- Remove isomdl-uniffi from poetry dependencies (causes build issues) - Install via platform-specific pre-built wheels from GitHub releases - Add wheels for macOS (ARM/x86), Linux, and Windows - Resolves Rust compilation requirements and improves install reliability - Update lock files to reflect dependency changes Signed-off-by: Adam Burdett <burdettadam@gmail.com>
- Use lazy % formatting in LOGGER calls per pylint rules - Fix unused kwargs parameter with underscore prefix - Replace broad Exception catch with specific TypeError/ValueError - Ensures CI linting checks pass Signed-off-by: Adam Burdett <burdettadam@gmail.com>
- Make isomdl_uniffi imports conditional in mdoc issuer and verifier modules - Add ISOMDL_AVAILABLE flag to check library availability at runtime - Add IsomdlNotAvailableError for clear error messaging when library is missing - Remove Rust toolchain and uniffi-bindgen setup from CI workflow (The uniffi-bindgen crate name was wrong and isomdl-uniffi wheels aren't available on the release yet) - Tests using isomdl_uniffi will skip gracefully when library is not installed Signed-off-by: Adam Burdett <burdettadam@gmail.com>
… Rust setup" This reverts commit 7c0ef5c. Signed-off-by: Adam Burdett <burdettadam@gmail.com>
Replace broken Rust toolchain setup with direct wheel installation from the isomdl-uniffi GitHub release. The wheel is only installed when oid4vc plugin is in the changed plugins list. - Removes rust-toolchain setup (no Cargo.toml in repo) - Removes uniffi-bindgen cargo install (wrong package name) - Uses prebuilt manylinux wheel from v0.1.0-test release Signed-off-by: Adam Burdett <burdettadam@gmail.com>
burdettadam
force-pushed
the
feat/mdoc-support
branch
from
305ae81 to
6a9c292
Compare
Signed-off-by: Adam Burdett <burdettadam@gmail.com>
Signed-off-by: Adam Burdett <burdettadam@gmail.com>
Signed-off-by: Adam Burdett <burdettadam@gmail.com>
Signed-off-by: Adam Burdett <burdettadam@gmail.com>
…ings Signed-off-by: Adam Burdett <burdettadam@gmail.com>
Signed-off-by: Adam Burdett <burdettadam@gmail.com>
Signed-off-by: Adam Burdett <burdettadam@gmail.com>
Signed-off-by: Adam Burdett <burdettadam@gmail.com>
Signed-off-by: Adam Burdett <burdettadam@gmail.com>
Signed-off-by: Adam Burdett <burdettadam@gmail.com>
Signed-off-by: Adam Burdett <burdettadam@gmail.com>
Signed-off-by: Adam Burdett <burdettadam@gmail.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Refactor mso_mdoc to use isomdl-uniffi for crypto operations.
Changes
Dependencies