-
Notifications
You must be signed in to change notification settings - Fork 135
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add VC support for alternative origins #2211
Conversation
This updates the frontend verifiable credentials flow to access a new `derivationOrigin` field in the VC request. The frontend then queries the specified derivation origin and checks the RP is listed as an alternative origin, as in the authentication flow. If successful, the specified derivation origin is used as the origin for the VC flow. The Verifiable Credentials e2e tests are moved to their own directory and split between base flow tests, utils, and new alternative origin tests.
src/frontend/src/test-e2e/verifiableCredentials/alternativeOrigins.test.ts
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, thanks!
@@ -4,6 +4,7 @@ import { withLoader } from "$src/components/loader"; | |||
import { showMessage } from "$src/components/message"; | |||
import { showSpinner } from "$src/components/spinner"; | |||
import { fetchDelegation } from "$src/flows/authorize/fetchDelegation"; | |||
import { validateDerivationOrigin } from "$src/flows/authorize/validateDerivationOrigin"; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
For a later PR: Given it is now used in multiple flows, this could be moved to some flow independent infrastructure place? Also the documentation in this file does not convey that it is used in multiple flows.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yep definitely! I also want to change the interface:
- the args are unnamed making it easy to swap the origins by mistake
- the validation should not be allowed to be called with an undefined derivationOrigin; handling that case should be the caller's responsibility
it's somewhere on my TODO list, but since we already pull some code from the authorize
flow elsewhere I thought this wouldn't hurt
This updates the frontend verifiable credentials flow to access a new
derivationOrigin
field in the VC request.The frontend then queries the specified derivation origin and checks the RP is listed as an alternative origin, as in the authentication flow.
If successful, the specified derivation origin is used as the origin for the VC flow.
The Verifiable Credentials e2e tests are moved to their own directory and split between base flow tests, utils, and new alternative origin tests.