Initial support for revocation of Verifiable Credentials

This commit is contained in:
Daniel Armengod 2024-01-31 10:54:40 +01:00
parent 01eb3b3468
commit e7f6153c62
3 changed files with 22 additions and 3 deletions

View File

@ -440,6 +440,7 @@ class DID(models.Model):
related_name='dids',
null=True,
)
# JSON-serialized DID document
didweb_document = models.TextField()
def get_key_material(self, password):
@ -589,6 +590,7 @@ class VerificableCredential(models.Model):
on_delete=models.CASCADE,
related_name='vcredentials',
)
revocationBitmapIndex = models.AutoField()
def get_data(self, password):
if not self.data:

View File

@ -1,3 +1,4 @@
import json
import uuid
from django.conf import settings
@ -11,7 +12,7 @@ from django.shortcuts import get_object_or_404, redirect
from django.contrib.auth.mixins import LoginRequiredMixin
from django.http import HttpResponseRedirect, HttpResponse, Http404
from idhub.models import DID
from idhub.models import DID, VerificableCredential
from idhub.email.views import NotifyActivateUserByEmail
from trustchain_idhub import settings
@ -79,7 +80,20 @@ class PasswordResetConfirmView(auth_views.PasswordResetConfirmView):
def serve_did(request, did_id):
id_did = f'did:web:{settings.DOMAIN}:did-registry:{did_id}'
did = get_object_or_404(DID, did=id_did)
document = did.didweb_document
# Deserialize the base DID from JSON storage
document = json.loads(did.didweb_document)
revoked_credentials = did.verificablecredential_set.filter(status=VerificableCredential.Status.REVOKED)
revoked_credential_indexes = []
for credential in revoked_credentials:
revoked_credential_indexes.append(credential.revocationBitmapIndex)
encoded_revocation_bitmap = None # TODO
revocation_service = [{
"id": f"{id_did}#revocation",
"type": "RevocationBitmap2022",
"serviceEndpoint": f"data:application/octet-stream;base64,{encoded_revocation_bitmap}"
}]
# Serialize the DID + Revocation list in preparation for sending
document = json.dumps(document)
retval = HttpResponse(document)
retval.headers["Content-Type"] = "application/json"
return retval

View File

@ -101,7 +101,10 @@ def verify_credential(vc):
async def inner():
return await didkit.verify_credential(vc, '{"proofFormat": "ldp"}')
return asyncio.run(inner())
valid, reason = asyncio.run(inner())
if not valid:
return valid, reason
# Credential passes basic signature verification. Now check it against its schema.
def issue_verifiable_presentation(vp_template: Template, vc_list: list[str], jwk_holder: str, holder_did: str) -> str: