Skip to content

Commit

Permalink
How-to on creating a did web (#620)
Browse files Browse the repository at this point in the history 
* How-to on creating a did web

* typo

* Apply suggestions from code review

Co-authored-by: Gabe <[email protected]>

---------

Co-authored-by: Gabe <[email protected]>
  • Loading branch information
@andresuribe87 @decentralgabe
andresuribe87 and decentralgabe authored Aug 1, 2023
1 parent d9327f3 commit ab19193
Show file tree
Hide file tree
Showing 2 changed files with 170 additions and 6 deletions.
13 changes: 7 additions & 6 deletions doc/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ which DID methods to enable, and which port to listen on. Read the docs below fo

## API Documentation

API documentation is generated using [Swagger](https://swagger.io/). The most recent API docs file [can be found here](doc/swagger.yaml), which can be pasted into the [Swagger Editor](https://editor.swagger.io/) for interaction.
API documentation is generated using [Swagger](https://swagger.io/). The most recent API docs file [can be found here](./swagger.yaml), which can be pasted into the [Swagger Editor](https://editor.swagger.io/) for interaction.

When running the service you can find API documentation at: `http://localhost:8080/swagger/index.html`

Expand All @@ -45,13 +45,14 @@ the SSI Service to get up to speed with its functionality.

| Resource | Description |
|----------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------|
| [Creating a DID](https://github.com/TBD54566975/ssi-service/blob/main/doc/howto/credential.md) | Get started with DID functionality |
| [Creating a Schema](https://github.com/TBD54566975/ssi-service/blob/main/doc/howto/schema.md) | Get started with schema functionality |
| [Issuing a Credential](https://github.com/TBD54566975/ssi-service/blob/main/doc/howto/credential.md) | Get started with credential issuance functionality |
| [Verify a Credential](https://github.com/TBD54566975/ssi-service/blob/main/doc/howto/verification.md) | Get started with credential verification functionality |
| [Revoke/Suspend a Credential](https://github.com/TBD54566975/ssi-service/blob/main/doc/howto/status.md) | Get started with credential status functionality |
| [Creating a DID](./howto/did.md) | Get started with DID functionality |
| [Creating a Schema](./howto/schema.md) | Get started with schema functionality |
| [Issuing a Credential](./howto/credential.md) | Get started with credential issuance functionality |
| [Verify a Credential](./howto/verification.md) | Get started with credential verification functionality |
| [Revoke/Suspend a Credential](./howto/status.md) | Get started with credential status functionality |
| [[TODO] Requesting and Verifying Credentials with Presentation Exchange](https://github.com/TBD54566975/ssi-service/issues/606) | Get started with Presentation Exchange functionality |
| [[TODO] Accepting Applications for and Issuing Credentials using Credential Manifest](https://github.com/TBD54566975/ssi-service/issues/606) | Get started with Credential Manifest functionality |
| [Link your DID with a Website](./howto/wellknown.md) | Get started with DID Well Known functionality |
| [Creating a DID Web Identifier](./howto/didweb.md) | Get started with did:web |


163 changes: 163 additions & 0 deletions doc/howto/didweb.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,163 @@
# How To: Create a did:web

## Background

The [did:web Method Specification)](https://w3c-ccg.github.io/did-method-web/) describes a DID method that uses an existing web domain to host and establish trust for a DID Document.

It relies on the controller of an existing domain to host a custom file with the contents of the DID Document they want to expose. The SSI Service facilitates creation of a `did:web`, which you then must update on the domain you control.

## Steps

### Prerequisites

* You control an existing domain (e.g. like https://www.tbd.website).
* You are able to host files in a path within that origin (e.g. you can host the file returned by https://www.tbd.website/.well-known/did.json).

## 1. Create a `did:web` DID

Make a `PUT` request to `/v1/dids/web`, with a request body as follows:

```json
{
"keyType": "Ed25519",
"options": {
"didWebId": "did:web:tbd.website"
}
}
```

Or if you like CURLing:

```shell
curl -X PUT 'localhost:3000/v1/dids/web' -d '{
"keyType": "Ed25519",
"options": {
"didWebId": "did:web:tbd.website"
}
}'
```

Upon success, the contents of the response should look as follows...

```json
{
"did": {
"@context": "https://www.w3.org/ns/did/v1",
"id": "did:web:tbd.website",
"verificationMethod": [
{
"id": "did:web:tbd.website",
"type": "JsonWebKey2020",
"controller": "did:web:tbd.website#owner",
"publicKeyJwk": {
"kty": "OKP",
"crv": "Ed25519",
"x": "TuAM4Ro4q5_cFMarCHmOm-1c7NaxBxvoEe7-x7K7xhw",
"alg": "EdDSA",
"kid": "did:web:tbd.website#owner"
}
}
],
"authentication": [
[
"did:web:tbd.website#owner"
]
],
"assertionMethod": [
[
"did:web:tbd.website#owner"
]
]
}
}
```

This response is an object containing a `did` property, whose value is a DID Document. This value is what needs to be hosted on your domain.

### 2. Host the created DID Document

This next step is for you to do outside of the service. You have to ensure that the URL `<domain_name>/.well-known/did.json` resolves to the content of the value of the `did` property from the response. In our example, we would have to make sure that the URL `https://tbd.website/.well-known/did.json` returns the JSON object described below:

```json
{
"@context": "https://www.w3.org/ns/did/v1",
"id": "did:web:tbd.website",
"verificationMethod": [
{
"id": "did:web:tbd.website",
"type": "JsonWebKey2020",
"controller": "did:web:tbd.website#owner",
"publicKeyJwk": {
"kty": "OKP",
"crv": "Ed25519",
"x": "TuAM4Ro4q5_cFMarCHmOm-1c7NaxBxvoEe7-x7K7xhw",
"alg": "EdDSA",
"kid": "did:web:tbd.website#owner"
}
}
],
"authentication": [
[
"did:web:tbd.website#owner"
]
],
"assertionMethod": [
[
"did:web:tbd.website#owner"
]
]
}
```

### 3. Verify the `did:web` hosted

This last step ensures that SSI Service considers the created `did:web` to be valid.

Make a `GET` request to `v1/dids/resolver/<your_did_web>`

Using CURL:

```shell
curl 'localhost:3000/v1/dids/resolver/did:web:tbd.website'
```

Upon success you will see a response such as...

```json
{
"didResolutionMetadata": {
"ContentType": "application/json"
},
"didDocument": {
"@context": "https://www.w3.org/ns/did/v1",
"id": "did:web:tbd.website",
"verificationMethod": [
{
"id": "did:web:tbd.website",
"type": "JsonWebKey2020",
"controller": "did:web:tbd.website#owner",
"publicKeyJwk": {
"kty": "OKP",
"crv": "Ed25519",
"x": "TuAM4Ro4q5_cFMarCHmOm-1c7NaxBxvoEe7-x7K7xhw",
"alg": "EdDSA",
"kid": "did:web:tbd.website#owner"
}
}
],
"authentication": [
[
"did:web:tbd.website#owner"
]
],
"assertionMethod": [
[
"did:web:tbd.website#owner"
]
]
},
"didDocumentMetadata": {}
}
```

In this case the JSON object contains a [DID Resolution Result](https://www.w3.org/TR/did-core/#did-resolution), in which the `didDocument` property has the value that was created in step 1.

0 comments on commit ab19193

Please sign in to comment.