From 8566098f2c36a919d32b7e430f4bc59d0533cd34 Mon Sep 17 00:00:00 2001 From: Daniel Armengod Date: Mon, 27 Nov 2023 07:42:12 +0100 Subject: [PATCH] Added verify_presentation bindings and use them in verification_portal backend --- idhub/verification_portal/views.py | 7 +++++- utils/idhub_ssikit/__init__.py | 37 ++++++++++++++++++++++++++++++ 2 files changed, 43 insertions(+), 1 deletion(-) diff --git a/idhub/verification_portal/views.py b/idhub/verification_portal/views.py index df7cab2..486f4f7 100644 --- a/idhub/verification_portal/views.py +++ b/idhub/verification_portal/views.py @@ -2,6 +2,8 @@ import json from django.core.mail import send_mail from django.http import HttpResponse, HttpResponseRedirect + +from utils.idhub_ssikit import verify_presentation from .models import VPVerifyRequest from django.shortcuts import get_object_or_404 from more_itertools import flatten, unique_everseen @@ -9,7 +11,10 @@ from more_itertools import flatten, unique_everseen def verify(request): assert request.method == "POST" - # TODO: use request.POST["presentation_submission"] + # TODO: incorporate request.POST["presentation_submission"] as schema definition + (presentation_valid, _) = verify_presentation(request.POST["vp_token"]) + if not presentation_valid: + raise Exception("Failed to verify signature on the given Verifiable Presentation.") vp = json.loads(request.POST["vp_token"]) nonce = vp["nonce"] # "vr" = verification_request diff --git a/utils/idhub_ssikit/__init__.py b/utils/idhub_ssikit/__init__.py index 18a5ff2..c4ac0e3 100644 --- a/utils/idhub_ssikit/__init__.py +++ b/utils/idhub_ssikit/__init__.py @@ -72,3 +72,40 @@ def verify_credential(vc, proof_options): return didkit.verify_credential(vc, proof_options) return asyncio.run(inner()) + + +def issue_verifiable_presentation(vc_list: list[str], jwk_holder: str, holder_did: str) -> str: + async def inner(): + unsigned_vp = unsigned_vp_template.render(data) + signed_vp = await didkit.issue_presentation( + unsigned_vp, + '{"proofFormat": "ldp"}', + jwk_holder + ) + return signed_vp + + # TODO: convert from Jinja2 -> django-templates + env = Environment( + loader=FileSystemLoader("vc_templates"), + autoescape=select_autoescape() + ) + unsigned_vp_template = env.get_template("verifiable_presentation.json") + data = { + "holder_did": holder_did, + "verifiable_credential_list": "[" + ",".join(vc_list) + "]" + } + + return asyncio.run(inner()) + + +def verify_presentation(vp): + """ + Returns a (bool, str) tuple indicating whether the credential is valid. + If the boolean is true, the credential is valid and the second argument can be ignored. + If it is false, the VC is invalid and the second argument contains a JSON object with further information. + """ + async def inner(): + proof_options = '{"proofFormat": "ldp"}' + return didkit.verify_presentation(vp, proof_options) + + return asyncio.run(inner())