Mobile components implementating OpenID4VC and OpenID4VP based on Zenroom stack and Slangroom
Mobile Zencode is a comprehensive open-source implementation of the OpenID4VC "OpenID for Verifiable Credential" and OpenID4VP "OpenID for Verifiable Presentation" protocols, designed to easily be plugged into an existing mobile application. This project is built using the Zenroom ecosystem (uses Zenroom and Slangroom), incorporating Zencode natural language smart contracts for secure, flexible, and human-readable protocol implementation.
Can be used in connetion with DIDroom_microservices
Credential Issuers use OAuth 2.0 RFC6749 Authorization Server for access. A single server can protect multiple Issuers, identified via metadata (/.well-known/openid-credential-issuer). All OAuth 2.0 Grant Types and extensions work with the credential issuance API. Unspecified aspects follow [@!RFC6749]. Some tweaks and enhancements are needed although, this extensions include:
-
New Authorization Details Type -
openid_credential
:- Conveys Credential details Wallet aims to obtain (see #authorization-details).
-
New Token Response Error Codes:
authorization_pending
andslow_down
support deferred authorization for Pre-Authorized Code grant type.
-
Client Metadata:
- Uses client metadata, introducing
credential_offer_endpoint
for Wallet to publish its Credential Offer Endpoint (see #client-metadata).
- Uses client metadata, introducing
-
Authorization Endpoint Enhancements:
- Adds
issuer_state
for issuer-initiated Credential Offer processing (see #credential-authz-request). - Introduces
wallet_issuer
anduser_hint
for Credential Issuers to request Verifiable Presentations during Authorization Request.
- Adds
-
Token Endpoint Enhancements:
- Adds optional response parameters -
c_nonce
andc_nonce_expires_in
- for nonce-based proof of possession of key material (see #token-response).
- Adds optional response parameters -
For details, refer to the full specification.
The credential issuer is the component that implements the endpoint to issue
verifiable credentials in different formats (eg. w3c-vc, iso.18013-5 aka mDL)
actually it's agnostic to the format.
API for credential issuance is comprised of the following endpoints
Mandatory
POST /credential
GET /.well-known/openid-credential-issuer
GET /.well-known/openid-configuration
Optionals
GET /credential_offer
GET /authorize
POST /batch_credential
POST /token
POST /op/par
POST /as/par
Core concepts of the issuer:
- Wallets can request one OR batch requests for one OR multiple credentials with the same access token
- Credentials can be issued syncronously or deferred
- Multiple key proof types are supported
- The same OAuth 2.0 Authorization Server can protect one or more Credential Issuers. Wallets determine the Credential Issuer's Authorization Server using the Credential Issuer's metadata
To start using all the components run the following command in the root folder
make
Then point your browser to the http://localhost:3000/docs to see all the exposed endpoints
📝 Documentation - Getting started and more.
🌱 Ecosystem - W3C-DID Dyne, Signroom, Zenroom, Didroom
🚩 Issues - Bugs end errors you encounter using {project_name}.
[] Matrix - Hanging out with the community.
🗣️ Discord - Hanging out with the community.
🪁 Telegram - Hanging out with the community.
You can start it using docker, just have to mount you static file directory
docker pull ghcr.io/forkbombeu/didroom_microservices:latest
docker run -p 3000:3000 -v public:/app/public ghcr.io/forkbombeu/didroom_microservices:latest
Please refer to DOCKER PACKAGES
Available endpoints, TBD
TBD
TBD
TBD
Copyleft 🄯 2023 by Forkbomb BV, Amsterdam
Designed, written and maintained by Puria Nafisi Azizi, Andrea D'Intino, Alberto Lerda with contributions of Matteo Cristino.
Please first take a look at the our Contributor License Agreement then
- 🔀 FORK IT
- Create your feature branch
git checkout -b feature/branch
- Commit your changes
git commit -am 'feat: New feature\ncloses #398'
- Push to the branch
git push origin feature/branch
- Create a new Pull Request
gh pr create -f
- 🙏 Thank you
Mobile Zencode
Copyleft 🄯 2023 Forkbomb BV, Amsterdam
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.