From 1eb33d65c063f030f9fdb6033d86d6da4d261f5f Mon Sep 17 00:00:00 2001
From: wes-smith
Date: Wed, 28 Feb 2024 12:45:18 -0500
Subject: [PATCH] Add challenge endpoint.
- add challenge creation endpoint
- remove passing `options.challenge` and `options.domain` to incorrect endpoints
---
components/Challenge.yml | 65 +++++++++++++++++++++++++++
components/IssueCredentialOptions.yml | 6 ---
holder.yml | 11 ++++-
index.html | 14 +++++-
verifier.yml | 34 +++++++++++---
5 files changed, 115 insertions(+), 15 deletions(-)
create mode 100644 components/Challenge.yml
diff --git a/components/Challenge.yml b/components/Challenge.yml
new file mode 100644
index 0000000..7bccbf8
--- /dev/null
+++ b/components/Challenge.yml
@@ -0,0 +1,65 @@
+openapi: 3.0.0
+info:
+ version: "0.0.3-unstable"
+ title: VC API
+ description: This is an Experimental Open API Specification for the [VC Data Model](https://www.w3.org/TR/vc-data-model/).
+ license:
+ name: W3C Software and Document License
+ url: http://www.w3.org/Consortium/Legal/copyright-software.
+ contact:
+ name: GitHub Source Code
+ url: https://github.com/w3c-ccg/vc-api
+paths:
+components:
+ schemas:
+ CreateChallengeResult:
+ type: object
+ additionalProperties: false
+ description: Object containg a challenge
+ properties:
+ challenge:
+ type: string
+ description: The challenge value
+ ChallengeVerificationMetadata:
+ type: object
+ additionalProperties: false
+ description: Metadata about the verification of options.challenge.
+ properties:
+ verified:
+ type: string
+ description: Whether verification of the challenge was successful
+ uses:
+ type: string
+ description: The number of times options.challenge has been used
+ VerificationResultWithChallengeMetadata:
+ type: object
+ additionalProperties: false
+ description: Object summarizing a verification
+ properties:
+ checks:
+ type: array
+ description: The checks performed
+ items:
+ type: string
+ warnings:
+ type: array
+ description: Warnings
+ items:
+ type: string
+ errors:
+ type: array
+ description: Errors
+ items:
+ type: string
+ ChallengeVerificationMetadata:
+ type: object
+ additionalProperties: false
+ description: Metadata about the verification of options.challenge.
+ properties:
+ verified:
+ type: string
+ description: Whether verification of the challenge was successful
+ uses:
+ type: string
+ description: The number of times options.challenge has been used
+
diff --git a/components/IssueCredentialOptions.yml b/components/IssueCredentialOptions.yml
index 6ab404a..a5f7b4b 100644
--- a/components/IssueCredentialOptions.yml
+++ b/components/IssueCredentialOptions.yml
@@ -20,12 +20,6 @@ components:
created:
type: string
description: The date and time of the proof (with a maximum accuracy in seconds). Default current system time.
- challenge:
- type: string
- description: A challenge provided by the requesting party of the proof. For example 6e62f66e-67de-11eb-b490-ef3eeefa55f2
- domain:
- type: string
- description: The intended domain of validity for the proof. For example website.example
credentialStatus:
type: object
description: The method of credential status to issue the credential including. If omitted credential status will be included.
diff --git a/holder.yml b/holder.yml
index 46e8f77..fc6678c 100644
--- a/holder.yml
+++ b/holder.yml
@@ -268,7 +268,9 @@ paths:
content:
application/json:
schema:
- $ref: "#/components/schemas/ProvePresentationResponse"
+ oneOf:
+ - $ref: "#/components/schemas/ProvePresentationResponse"
+ - $ref: "#/components/schemas/ProvePresentationResponseWithChallengeVerificationMetadata"
"400":
description: invalid input!
"500":
@@ -501,6 +503,13 @@ components:
properties:
verifiablePresentation:
$ref: "./components/VerifiablePresentation.yml#/components/schemas/VerifiablePresentation"
+ ProvePresentationResponseWithChallengeVerificationMetadata:
+ type: object
+ properties:
+ verifiablePresentation:
+ $ref: "./components/VerifiablePresentation.yml#/components/schemas/VerifiablePresentation"
+ ChallengeVerificationMetadata:
+ $ref: "./components/Challenge.yml#/components/schemas/ChallengeVerificationMetadata"
NotifyPresentationAvailableRequest:
type: object
properties:
diff --git a/index.html b/index.html
index 6bbddaa..22ab992 100644
--- a/index.html
+++ b/index.html
@@ -701,7 +701,7 @@ Verifying
+ data-api-path="/credentials/verify /presentations/verify /challenges">
Verify Credential
@@ -721,6 +721,18 @@ Verify Presentation
data-api-endpoint="post /presentations/verify">
+
+ Create Challenge
+
+
+
+
+
+The issuer should track the number of times a challenge has been passed to an endpoint as `options.challenge`.
+
+
+
diff --git a/verifier.yml b/verifier.yml
index 78288aa..c121f8c 100644
--- a/verifier.yml
+++ b/verifier.yml
@@ -62,11 +62,13 @@ paths:
description: Parameters for verifying a verifiablePresentation.
responses:
"200":
- description: Verifiable Presentation successfully verified!
- content:
- application/json:
- schema:
- $ref: "#/components/schemas/VerifyPresentationResponse"
+ description: Verifiable Presentation successfully verified!
+ content:
+ application/json:
+ schema:
+ oneOf:
+ - $ref: "#/components/schemas/VerifyPresentationResponse"
+ - $ref: "#/components/schemas/VerifyPresentationResponseWithChallengeMetadata"
"400":
description: Invalid or malformed input
"413":
@@ -75,6 +77,22 @@ paths:
description: Request rate limit exceeded.
"500":
description: Internal Server Error
+ /challenges:
+ post:
+ summary: Passing an empty body to this endpoint creates and returns a challenge string in the response body.
+ operationId: challenge
+ description: Creates a challenge to be used as `options.challenge` in future requests.
+ responses:
+ "200":
+ description: Challenge created
+ content:
+ application/json:
+ schema:
+ $ref: "#/components/schemas/CreateChallengeResponse"
+ "400":
+ description: Invalid or malformed input
+ "500":
+ description: Internal server error
components:
securitySchemes:
$ref: "./components/SecuritySchemes.yml#/components/securitySchemes"
@@ -84,8 +102,6 @@ components:
properties:
verifiableCredential:
$ref: "./components/VerifiableCredential.yml#/components/schemas/VerifiableCredential"
- options:
- $ref: "./components/VerifyOptions.yml#/components/schemas/VerifyOptions"
VerifyCredentialResponse:
$ref: "./components/VerificationResult.yml#/components/schemas/VerificationResult"
VerifyPresentationRequest:
@@ -102,3 +118,7 @@ components:
$ref: "./components/Presentation.yml#/components/schemas/Presentation"
VerifyPresentationResponse:
$ref: "./components/VerificationResult.yml#/components/schemas/VerificationResult"
+ VerifyPresentationResponseWithChallengeMetadata:
+ $ref: "./components/Challenge.yml#/components/schemas/VerificationResultWithChallengeMetadata"
+ CreateChallengeResponse:
+ $ref: "./components/Challenge.yml#/components/schemas/CreateChallengeResult"