From 19fddeff8221e88cfb8474500c6f4c2064640fe4 Mon Sep 17 00:00:00 2001 From: PuBHARGAVI <46226958+PuBHARGAVI@users.noreply.github.com> Date: Wed, 11 Dec 2024 17:34:49 +0530 Subject: [PATCH 1/6] [INJIMOB-2538] fetch whether we should do client validation or not in VP sharing flow based on the value assigned in inji config default properties file Signed-off-by: PuBHARGAVI <46226958+PuBHARGAVI@users.noreply.github.com> --- .../main/java/io/mosip/residentapp/InjiOpenID4VPModule.java | 3 ++- ios/RNOpenID4VPModule.m | 1 + ios/RNOpenID4VPModule.swift | 3 ++- shared/openID4VP/OpenID4VP.ts | 3 +++ 4 files changed, 8 insertions(+), 2 deletions(-) diff --git a/android/app/src/main/java/io/mosip/residentapp/InjiOpenID4VPModule.java b/android/app/src/main/java/io/mosip/residentapp/InjiOpenID4VPModule.java index a4d3f9ac10..8e55e7f861 100644 --- a/android/app/src/main/java/io/mosip/residentapp/InjiOpenID4VPModule.java +++ b/android/app/src/main/java/io/mosip/residentapp/InjiOpenID4VPModule.java @@ -51,10 +51,11 @@ public void init(String appId) { @ReactMethod public void authenticateVerifier(String encodedAuthorizationRequest, ReadableArray trustedVerifiers, + Boolean clientValidation, Promise promise) { try { AuthorizationRequest authenticationResponse = openID4VP.authenticateVerifier(encodedAuthorizationRequest, - convertReadableArrayToVerifierArray(trustedVerifiers)); + convertReadableArrayToVerifierArray(trustedVerifiers), clientValidation); String authenticationResponseAsJson = gson.toJson(authenticationResponse, AuthorizationRequest.class); promise.resolve(authenticationResponseAsJson); } catch (Exception exception) { diff --git a/ios/RNOpenID4VPModule.m b/ios/RNOpenID4VPModule.m index 3d491ff41c..cf7a236cff 100644 --- a/ios/RNOpenID4VPModule.m +++ b/ios/RNOpenID4VPModule.m @@ -7,6 +7,7 @@ @interface RCT_EXTERN_MODULE(InjiOpenID4VP, NSObject) RCT_EXTERN_METHOD(authenticateVerifier:(NSString *)encodedAuthorizationRequest trustedVerifierJSON:(id)trustedVerifierJSON + clientValidation:(BOOL)clientValidation resolver:(RCTPromiseResolveBlock)resolve rejecter:(RCTPromiseRejectBlock)reject) diff --git a/ios/RNOpenID4VPModule.swift b/ios/RNOpenID4VPModule.swift index b07390da99..a44216db8f 100644 --- a/ios/RNOpenID4VPModule.swift +++ b/ios/RNOpenID4VPModule.swift @@ -19,6 +19,7 @@ class RNOpenId4VpModule: NSObject, RCTBridgeModule { @objc func authenticateVerifier(_ encodedAuthorizationRequest: String, trustedVerifierJSON: AnyObject, + clientValidation: Bool, resolver resolve: @escaping RCTPromiseResolveBlock, rejecter reject: @escaping RCTPromiseRejectBlock) { Task { @@ -36,7 +37,7 @@ class RNOpenId4VpModule: NSObject, RCTBridgeModule { return Verifier(clientId: clientId, responseUris: responseUris) } - let authenticationResponse: AuthorizationRequest = try await openID4VP!.authenticateVerifier(encodedAuthorizationRequest: encodedAuthorizationRequest, trustedVerifierJSON: trustedVerifiersList) + let authenticationResponse: AuthorizationRequest = try await openID4VP!.authenticateVerifier(encodedAuthorizationRequest: encodedAuthorizationRequest, trustedVerifierJSON: trustedVerifiersList, clientValidation: clientValidation) let response = try toJsonString(jsonObject: authenticationResponse) resolve(response) diff --git a/shared/openID4VP/OpenID4VP.ts b/shared/openID4VP/OpenID4VP.ts index e5501dbde8..c35c1b964d 100644 --- a/shared/openID4VP/OpenID4VP.ts +++ b/shared/openID4VP/OpenID4VP.ts @@ -3,6 +3,7 @@ import {__AppId} from '../GlobalVariables'; import {VC} from '../../machines/VerifiableCredential/VCMetaMachine/vc'; import {getJWT} from '../cryptoutil/cryptoUtil'; import {getJWK} from '../openId4VCI/Utils'; +import getAllConfigurations from '../api'; export const OpenID4VP_Key_Ref = 'OpenID4VP_KeyPair'; export const OpenID4VP_Proof_Algo_Type = 'RsaSignature2018'; @@ -19,10 +20,12 @@ export class OpenID4VP { encodedAuthorizationRequest: string, trustedVerifiersList: any, ) { + const config = await getAllConfigurations(); const authenticationResponse = await OpenID4VP.InjiOpenID4VP.authenticateVerifier( encodedAuthorizationRequest, trustedVerifiersList, + config.openid4vpClientValidation, ); return JSON.parse(authenticationResponse); } From 89d29578b7104d19420c7d5f4cc1c301521771cf Mon Sep 17 00:00:00 2001 From: PuBHARGAVI <46226958+PuBHARGAVI@users.noreply.github.com> Date: Wed, 11 Dec 2024 18:52:20 +0530 Subject: [PATCH 2/6] [INJIMOB-2538] convert clientValidation property from string to boolean before passing it to library Signed-off-by: PuBHARGAVI <46226958+PuBHARGAVI@users.noreply.github.com> --- shared/openID4VP/OpenID4VP.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/shared/openID4VP/OpenID4VP.ts b/shared/openID4VP/OpenID4VP.ts index c35c1b964d..6ca332cea1 100644 --- a/shared/openID4VP/OpenID4VP.ts +++ b/shared/openID4VP/OpenID4VP.ts @@ -25,7 +25,7 @@ export class OpenID4VP { await OpenID4VP.InjiOpenID4VP.authenticateVerifier( encodedAuthorizationRequest, trustedVerifiersList, - config.openid4vpClientValidation, + Boolean(config.openid4vpClientValidation), ); return JSON.parse(authenticationResponse); } From 420099107d059cdfe906ba3339696c0d0b4c6e82 Mon Sep 17 00:00:00 2001 From: PuBHARGAVI <46226958+PuBHARGAVI@users.noreply.github.com> Date: Wed, 11 Dec 2024 19:46:23 +0530 Subject: [PATCH 3/6] [INJIMOB-2538] change the logic of checking the value of clientValidation property Signed-off-by: PuBHARGAVI <46226958+PuBHARGAVI@users.noreply.github.com> --- machines/openID4VP/openID4VPMachine.typegen.ts | 8 ++++---- shared/openID4VP/OpenID4VP.ts | 4 +++- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/machines/openID4VP/openID4VPMachine.typegen.ts b/machines/openID4VP/openID4VPMachine.typegen.ts index 6c43e9ebff..6be73533dc 100644 --- a/machines/openID4VP/openID4VPMachine.typegen.ts +++ b/machines/openID4VP/openID4VPMachine.typegen.ts @@ -80,7 +80,6 @@ export interface Typegen0 { | 'setFlowType' | 'setIsFaceVerificationRetryAttempt' | 'setIsShareWithSelfie' - | 'setIsShowLoadingScreen' | 'setMiniViewShareSelectedVC' | 'setSelectedVCs' | 'setSendVPShareError' @@ -135,7 +134,6 @@ export interface Typegen0 { setFlowType: 'AUTHENTICATE'; setIsFaceVerificationRetryAttempt: 'FACE_INVALID'; setIsShareWithSelfie: 'AUTHENTICATE'; - setIsShowLoadingScreen: 'STORE_RESPONSE'; setMiniViewShareSelectedVC: 'AUTHENTICATE'; setSelectedVCs: 'ACCEPT_REQUEST' | 'VERIFY_AND_ACCEPT_REQUEST'; setSendVPShareError: 'error.platform.OpenID4VP.sendingVP:invocation[0]'; @@ -170,9 +168,11 @@ export interface Typegen0 { showFaceAuthConsentScreen: 'CONFIRM'; }; eventsCausingServices: { - fetchTrustedVerifiers: 'STORE_RESPONSE'; + fetchTrustedVerifiers: never; getAuthenticationResponse: 'done.invoke.OpenID4VP.checkKeyPair:invocation[0]'; - getKeyPair: 'done.invoke.OpenID4VP.getTrustedVerifiersList:invocation[0]'; + getKeyPair: + | 'STORE_RESPONSE' + | 'done.invoke.OpenID4VP.getTrustedVerifiersList:invocation[0]'; getSelectedKey: | 'FACE_VALID' | 'done.invoke.OpenID4VP.getKeyPairFromKeystore:invocation[0]'; diff --git a/shared/openID4VP/OpenID4VP.ts b/shared/openID4VP/OpenID4VP.ts index 6ca332cea1..bca2fa82cf 100644 --- a/shared/openID4VP/OpenID4VP.ts +++ b/shared/openID4VP/OpenID4VP.ts @@ -21,11 +21,13 @@ export class OpenID4VP { trustedVerifiersList: any, ) { const config = await getAllConfigurations(); + const validateClient = config.openid4vpClientValidation === 'true'; + const authenticationResponse = await OpenID4VP.InjiOpenID4VP.authenticateVerifier( encodedAuthorizationRequest, trustedVerifiersList, - Boolean(config.openid4vpClientValidation), + validateClient, ); return JSON.parse(authenticationResponse); } From 6f6bdbeb292111496a1efb4f269696d914ce2b32 Mon Sep 17 00:00:00 2001 From: PuBHARGAVI <46226958+PuBHARGAVI@users.noreply.github.com> Date: Thu, 12 Dec 2024 10:48:27 +0530 Subject: [PATCH 4/6] [INJIMOB-2538] rename clientValidation variable to shouldValiateClient and call verifiers api only if validation is required Signed-off-by: PuBHARGAVI <46226958+PuBHARGAVI@users.noreply.github.com> --- .../io/mosip/residentapp/InjiOpenID4VPModule.java | 4 ++-- ios/RNOpenID4VPModule.m | 2 +- ios/RNOpenID4VPModule.swift | 4 ++-- machines/openID4VP/openID4VPGuards.ts | 3 +++ machines/openID4VP/openID4VPMachine.ts | 15 +++++++++++---- machines/openID4VP/openID4VPMachine.typegen.ts | 6 +++++- shared/openID4VP/OpenID4VP.ts | 10 +++++++--- 7 files changed, 31 insertions(+), 13 deletions(-) diff --git a/android/app/src/main/java/io/mosip/residentapp/InjiOpenID4VPModule.java b/android/app/src/main/java/io/mosip/residentapp/InjiOpenID4VPModule.java index 8e55e7f861..22817704ae 100644 --- a/android/app/src/main/java/io/mosip/residentapp/InjiOpenID4VPModule.java +++ b/android/app/src/main/java/io/mosip/residentapp/InjiOpenID4VPModule.java @@ -51,11 +51,11 @@ public void init(String appId) { @ReactMethod public void authenticateVerifier(String encodedAuthorizationRequest, ReadableArray trustedVerifiers, - Boolean clientValidation, + Boolean shouldValidateClient, Promise promise) { try { AuthorizationRequest authenticationResponse = openID4VP.authenticateVerifier(encodedAuthorizationRequest, - convertReadableArrayToVerifierArray(trustedVerifiers), clientValidation); + convertReadableArrayToVerifierArray(trustedVerifiers), shouldValidateClient); String authenticationResponseAsJson = gson.toJson(authenticationResponse, AuthorizationRequest.class); promise.resolve(authenticationResponseAsJson); } catch (Exception exception) { diff --git a/ios/RNOpenID4VPModule.m b/ios/RNOpenID4VPModule.m index cf7a236cff..3186ef917f 100644 --- a/ios/RNOpenID4VPModule.m +++ b/ios/RNOpenID4VPModule.m @@ -7,7 +7,7 @@ @interface RCT_EXTERN_MODULE(InjiOpenID4VP, NSObject) RCT_EXTERN_METHOD(authenticateVerifier:(NSString *)encodedAuthorizationRequest trustedVerifierJSON:(id)trustedVerifierJSON - clientValidation:(BOOL)clientValidation + shouldValidateClient:(BOOL)shouldValidateClient resolver:(RCTPromiseResolveBlock)resolve rejecter:(RCTPromiseRejectBlock)reject) diff --git a/ios/RNOpenID4VPModule.swift b/ios/RNOpenID4VPModule.swift index a44216db8f..daaaa2996d 100644 --- a/ios/RNOpenID4VPModule.swift +++ b/ios/RNOpenID4VPModule.swift @@ -19,7 +19,7 @@ class RNOpenId4VpModule: NSObject, RCTBridgeModule { @objc func authenticateVerifier(_ encodedAuthorizationRequest: String, trustedVerifierJSON: AnyObject, - clientValidation: Bool, + shouldValidateClient: Bool, resolver resolve: @escaping RCTPromiseResolveBlock, rejecter reject: @escaping RCTPromiseRejectBlock) { Task { @@ -37,7 +37,7 @@ class RNOpenId4VpModule: NSObject, RCTBridgeModule { return Verifier(clientId: clientId, responseUris: responseUris) } - let authenticationResponse: AuthorizationRequest = try await openID4VP!.authenticateVerifier(encodedAuthorizationRequest: encodedAuthorizationRequest, trustedVerifierJSON: trustedVerifiersList, clientValidation: clientValidation) + let authenticationResponse: AuthorizationRequest = try await openID4VP!.authenticateVerifier(encodedAuthorizationRequest: encodedAuthorizationRequest, trustedVerifierJSON: trustedVerifiersList, shouldValidateClient: shouldValidateClient) let response = try toJsonString(jsonObject: authenticationResponse) resolve(response) diff --git a/machines/openID4VP/openID4VPGuards.ts b/machines/openID4VP/openID4VPGuards.ts index 8e4c4a571e..44bf84d27e 100644 --- a/machines/openID4VP/openID4VPGuards.ts +++ b/machines/openID4VP/openID4VPGuards.ts @@ -1,3 +1,4 @@ +import {isClientValidationRequired} from '../../shared/openID4VP/OpenID4VP'; import {VCShareFlowType} from '../../shared/Utils'; export const openID4VPGuards = () => { @@ -32,5 +33,7 @@ export const openID4VPGuards = () => { isFaceVerificationRetryAttempt: (context: any) => context.isFaceVerificationRetryAttempt, + + isClientValidationRequred: () => isClientValidationRequired(), }; }; diff --git a/machines/openID4VP/openID4VPMachine.ts b/machines/openID4VP/openID4VPMachine.ts index f2f47f4a1c..c0652b7ee9 100644 --- a/machines/openID4VP/openID4VPMachine.ts +++ b/machines/openID4VP/openID4VPMachine.ts @@ -54,10 +54,17 @@ export const openID4VPMachine = model.createMachine( checkFaceAuthConsent: { entry: 'getFaceAuthConsent', on: { - STORE_RESPONSE: { - actions: 'updateShowFaceAuthConsent', - target: 'getTrustedVerifiersList', - }, + STORE_RESPONSE: [ + { + cond: 'isClientValidationRequred', + actions: 'updateShowFaceAuthConsent', + target: 'getTrustedVerifiersList', + }, + { + actions: 'updateShowFaceAuthConsent', + target: 'getKeyPairFromKeystore', + }, + ], }, }, getTrustedVerifiersList: { diff --git a/machines/openID4VP/openID4VPMachine.typegen.ts b/machines/openID4VP/openID4VPMachine.typegen.ts index 6be73533dc..7656132dc3 100644 --- a/machines/openID4VP/openID4VPMachine.typegen.ts +++ b/machines/openID4VP/openID4VPMachine.typegen.ts @@ -80,6 +80,7 @@ export interface Typegen0 { | 'setFlowType' | 'setIsFaceVerificationRetryAttempt' | 'setIsShareWithSelfie' + | 'setIsShowLoadingScreen' | 'setMiniViewShareSelectedVC' | 'setSelectedVCs' | 'setSendVPShareError' @@ -95,6 +96,7 @@ export interface Typegen0 { guards: | 'hasKeyPair' | 'isAnyVCHasImage' + | 'isClientValidationRequred' | 'isFaceVerificationRetryAttempt' | 'isSelectedVCMatchingRequest' | 'isShareWithSelfie' @@ -134,6 +136,7 @@ export interface Typegen0 { setFlowType: 'AUTHENTICATE'; setIsFaceVerificationRetryAttempt: 'FACE_INVALID'; setIsShareWithSelfie: 'AUTHENTICATE'; + setIsShowLoadingScreen: 'STORE_RESPONSE'; setMiniViewShareSelectedVC: 'AUTHENTICATE'; setSelectedVCs: 'ACCEPT_REQUEST' | 'VERIFY_AND_ACCEPT_REQUEST'; setSendVPShareError: 'error.platform.OpenID4VP.sendingVP:invocation[0]'; @@ -154,6 +157,7 @@ export interface Typegen0 { | 'FACE_VALID' | 'done.invoke.OpenID4VP.checkKeyPair:invocation[0]'; isAnyVCHasImage: 'CHECK_FOR_IMAGE'; + isClientValidationRequred: 'STORE_RESPONSE'; isFaceVerificationRetryAttempt: 'FACE_INVALID'; isSelectedVCMatchingRequest: 'CHECK_SELECTED_VC'; isShareWithSelfie: @@ -168,7 +172,7 @@ export interface Typegen0 { showFaceAuthConsentScreen: 'CONFIRM'; }; eventsCausingServices: { - fetchTrustedVerifiers: never; + fetchTrustedVerifiers: 'STORE_RESPONSE'; getAuthenticationResponse: 'done.invoke.OpenID4VP.checkKeyPair:invocation[0]'; getKeyPair: | 'STORE_RESPONSE' diff --git a/shared/openID4VP/OpenID4VP.ts b/shared/openID4VP/OpenID4VP.ts index bca2fa82cf..6005d3eb41 100644 --- a/shared/openID4VP/OpenID4VP.ts +++ b/shared/openID4VP/OpenID4VP.ts @@ -20,14 +20,13 @@ export class OpenID4VP { encodedAuthorizationRequest: string, trustedVerifiersList: any, ) { - const config = await getAllConfigurations(); - const validateClient = config.openid4vpClientValidation === 'true'; + const shouldValidateClient = await isClientValidationRequired(); const authenticationResponse = await OpenID4VP.InjiOpenID4VP.authenticateVerifier( encodedAuthorizationRequest, trustedVerifiersList, - validateClient, + shouldValidateClient, ); return JSON.parse(authenticationResponse); } @@ -94,3 +93,8 @@ function createJwtPayload(vpToken: {[key: string]: any}) { holder, }; } + +export async function isClientValidationRequired() { + const config = await getAllConfigurations(); + return config.openid4vpClientValidation === 'true'; +} From 0b874ff82a2412176b2038461e0fb5e2bf7eddef Mon Sep 17 00:00:00 2001 From: PuBHARGAVI <46226958+PuBHARGAVI@users.noreply.github.com> Date: Thu, 12 Dec 2024 11:43:55 +0530 Subject: [PATCH 5/6] [INJIMOB-2538] check if client validation is needed or not as part of service instead of action Signed-off-by: PuBHARGAVI <46226958+PuBHARGAVI@users.noreply.github.com> --- machines/openID4VP/openID4VPGuards.ts | 2 +- machines/openID4VP/openID4VPMachine.ts | 11 +++++++--- .../openID4VP/openID4VPMachine.typegen.ts | 21 +++++++++++++------ machines/openID4VP/openID4VPServices.ts | 5 +++++ 4 files changed, 29 insertions(+), 10 deletions(-) diff --git a/machines/openID4VP/openID4VPGuards.ts b/machines/openID4VP/openID4VPGuards.ts index 44bf84d27e..85113ac45e 100644 --- a/machines/openID4VP/openID4VPGuards.ts +++ b/machines/openID4VP/openID4VPGuards.ts @@ -34,6 +34,6 @@ export const openID4VPGuards = () => { isFaceVerificationRetryAttempt: (context: any) => context.isFaceVerificationRetryAttempt, - isClientValidationRequred: () => isClientValidationRequired(), + isClientValidationRequred: (_, event) => event.data, }; }; diff --git a/machines/openID4VP/openID4VPMachine.ts b/machines/openID4VP/openID4VPMachine.ts index c0652b7ee9..21eae89f60 100644 --- a/machines/openID4VP/openID4VPMachine.ts +++ b/machines/openID4VP/openID4VPMachine.ts @@ -52,9 +52,15 @@ export const openID4VPMachine = model.createMachine( }, }, checkFaceAuthConsent: { - entry: 'getFaceAuthConsent', + entry: ['setIsShowLoadingScreen', 'getFaceAuthConsent'], on: { - STORE_RESPONSE: [ + STORE_RESPONSE: {target: 'checkIfClientValidationIsRequired'}, + }, + }, + checkIfClientValidationIsRequired: { + invoke: { + src: 'shouldValidateClient', + onDone: [ { cond: 'isClientValidationRequred', actions: 'updateShowFaceAuthConsent', @@ -68,7 +74,6 @@ export const openID4VPMachine = model.createMachine( }, }, getTrustedVerifiersList: { - entry: 'setIsShowLoadingScreen', invoke: { src: 'fetchTrustedVerifiers', onDone: { diff --git a/machines/openID4VP/openID4VPMachine.typegen.ts b/machines/openID4VP/openID4VPMachine.typegen.ts index 7656132dc3..5b256cbd07 100644 --- a/machines/openID4VP/openID4VPMachine.typegen.ts +++ b/machines/openID4VP/openID4VPMachine.typegen.ts @@ -8,6 +8,11 @@ export interface Typegen0 { data: unknown; __tip: 'See the XState TS docs to learn how to strongly type this.'; }; + 'done.invoke.OpenID4VP.checkIfClientValidationIsRequired:invocation[0]': { + type: 'done.invoke.OpenID4VP.checkIfClientValidationIsRequired:invocation[0]'; + data: unknown; + __tip: 'See the XState TS docs to learn how to strongly type this.'; + }; 'done.invoke.OpenID4VP.checkKeyPair:invocation[0]': { type: 'done.invoke.OpenID4VP.checkKeyPair:invocation[0]'; data: unknown; @@ -57,6 +62,7 @@ export interface Typegen0 { getKeyPair: 'done.invoke.OpenID4VP.getKeyPairFromKeystore:invocation[0]'; getSelectedKey: 'done.invoke.OpenID4VP.checkKeyPair:invocation[0]'; sendVP: 'done.invoke.OpenID4VP.sendingVP:invocation[0]'; + shouldValidateClient: 'done.invoke.OpenID4VP.checkIfClientValidationIsRequired:invocation[0]'; }; missingImplementations: { actions: @@ -107,7 +113,8 @@ export interface Typegen0 { | 'getAuthenticationResponse' | 'getKeyPair' | 'getSelectedKey' - | 'sendVP'; + | 'sendVP' + | 'shouldValidateClient'; }; eventsCausingActions: { compareAndStoreSelectedVC: 'SET_SELECTED_VC'; @@ -136,7 +143,7 @@ export interface Typegen0 { setFlowType: 'AUTHENTICATE'; setIsFaceVerificationRetryAttempt: 'FACE_INVALID'; setIsShareWithSelfie: 'AUTHENTICATE'; - setIsShowLoadingScreen: 'STORE_RESPONSE'; + setIsShowLoadingScreen: 'AUTHENTICATE'; setMiniViewShareSelectedVC: 'AUTHENTICATE'; setSelectedVCs: 'ACCEPT_REQUEST' | 'VERIFY_AND_ACCEPT_REQUEST'; setSendVPShareError: 'error.platform.OpenID4VP.sendingVP:invocation[0]'; @@ -147,7 +154,7 @@ export interface Typegen0 { shareDeclineStatus: 'CONFIRM'; storeShowFaceAuthConsent: 'FACE_VERIFICATION_CONSENT'; updateFaceCaptureBannerStatus: 'FACE_VALID'; - updateShowFaceAuthConsent: 'STORE_RESPONSE'; + updateShowFaceAuthConsent: 'done.invoke.OpenID4VP.checkIfClientValidationIsRequired:invocation[0]'; }; eventsCausingDelays: { SHARING_TIMEOUT: 'CONFIRM' | 'FACE_VALID' | 'RETRY'; @@ -157,7 +164,7 @@ export interface Typegen0 { | 'FACE_VALID' | 'done.invoke.OpenID4VP.checkKeyPair:invocation[0]'; isAnyVCHasImage: 'CHECK_FOR_IMAGE'; - isClientValidationRequred: 'STORE_RESPONSE'; + isClientValidationRequred: 'done.invoke.OpenID4VP.checkIfClientValidationIsRequired:invocation[0]'; isFaceVerificationRetryAttempt: 'FACE_INVALID'; isSelectedVCMatchingRequest: 'CHECK_SELECTED_VC'; isShareWithSelfie: @@ -172,20 +179,22 @@ export interface Typegen0 { showFaceAuthConsentScreen: 'CONFIRM'; }; eventsCausingServices: { - fetchTrustedVerifiers: 'STORE_RESPONSE'; + fetchTrustedVerifiers: 'done.invoke.OpenID4VP.checkIfClientValidationIsRequired:invocation[0]'; getAuthenticationResponse: 'done.invoke.OpenID4VP.checkKeyPair:invocation[0]'; getKeyPair: - | 'STORE_RESPONSE' + | 'done.invoke.OpenID4VP.checkIfClientValidationIsRequired:invocation[0]' | 'done.invoke.OpenID4VP.getTrustedVerifiersList:invocation[0]'; getSelectedKey: | 'FACE_VALID' | 'done.invoke.OpenID4VP.getKeyPairFromKeystore:invocation[0]'; sendVP: 'CONFIRM' | 'FACE_VALID' | 'RETRY'; + shouldValidateClient: 'STORE_RESPONSE'; }; matchesStates: | 'authenticateVerifier' | 'checkFaceAuthConsent' | 'checkIfAnySelectedVCHasImage' + | 'checkIfClientValidationIsRequired' | 'checkIfMatchingVCsHasSelectedVC' | 'checkKeyPair' | 'faceVerificationConsent' diff --git a/machines/openID4VP/openID4VPServices.ts b/machines/openID4VP/openID4VPServices.ts index 31dae30927..8234880e9c 100644 --- a/machines/openID4VP/openID4VPServices.ts +++ b/machines/openID4VP/openID4VPServices.ts @@ -3,6 +3,7 @@ import {fetchKeyPair} from '../../shared/cryptoutil/cryptoUtil'; import {hasKeyPair} from '../../shared/openId4VCI/Utils'; import { constructProofJWT, + isClientValidationRequired, OpenID4VP, OpenID4VP_Domain, OpenID4VP_Proof_Algo_Type, @@ -14,6 +15,10 @@ export const openID4VPServices = () => { return await CACHED_API.fetchTrustedVerifiersList(); }, + shouldValidateClient: async () => { + return await isClientValidationRequired(); + }, + getAuthenticationResponse: (context: any) => async () => { OpenID4VP.initialize(); const serviceRes = await OpenID4VP.authenticateVerifier( From 22f7a5e516cfbf8122be014f65a26a5cb9f40830 Mon Sep 17 00:00:00 2001 From: Abhishek Paul Date: Thu, 12 Dec 2024 13:43:17 +0530 Subject: [PATCH 6/6] [INJIMOB-2538] update Package.resolved Signed-off-by: Abhishek Paul --- .../xcshareddata/swiftpm/Package.resolved | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/ios/Inji.xcworkspace/xcshareddata/swiftpm/Package.resolved b/ios/Inji.xcworkspace/xcshareddata/swiftpm/Package.resolved index f5e06df08d..d1e192305b 100644 --- a/ios/Inji.xcworkspace/xcshareddata/swiftpm/Package.resolved +++ b/ios/Inji.xcworkspace/xcshareddata/swiftpm/Package.resolved @@ -1,5 +1,5 @@ { - "originHash" : "6b82a714050e22d309e029aaffac33f021c04aac740f661a9879441a7d414f4f", + "originHash" : "178f6c7c607eeb08b99a4966015d08339500de64791888a2e79d6b7afae53659", "pins" : [ { "identity" : "base45-swift", @@ -34,7 +34,7 @@ "location" : "https://github.com/mosip/inji-openid4vp-ios-swift", "state" : { "branch" : "develop", - "revision" : "20c1a6c314b73d303ce7c5f2b6ba94235dcb68ad" + "revision" : "10c161f4e7414e8a7b0dc2d52d3f4d8faf19b8d7" } }, { @@ -81,6 +81,15 @@ "branch" : "develop", "revision" : "96bc662cd07df051cf2357691469bba57b0217e8" } + }, + { + "identity" : "zipfoundation", + "kind" : "remoteSourceControl", + "location" : "https://github.com/weichsel/ZIPFoundation.git", + "state" : { + "revision" : "02b6abe5f6eef7e3cbd5f247c5cc24e246efcfe0", + "version" : "0.9.19" + } } ], "version" : 2