Add VC support for alternative origins #2211
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This updates the frontend verifiable credentials flow to access a new `derivationOrigin` field in the VC request. The frontend then queries the specified derivation origin and checks the RP is listed as an alternative origin, as in the authentication flow. If successful, the specified derivation origin is used as the origin for the VC flow. The Verifiable Credentials e2e tests are moved to their own directory and split between base flow tests, utils, and new alternative origin tests.
nmattia
commented
Jan 19, 2024
src/frontend/src/test-e2e/verifiableCredentials/alternativeOrigins.test.ts
Outdated
Show resolved
Hide resolved
nmattia
commented
Jan 19, 2024
frederikrothenberger
approved these changes
Jan 19, 2024
| @@ -4,6 +4,7 @@ import { withLoader } from "$src/components/loader"; | |||
| import { showMessage } from "$src/components/message"; | |||
| import { showSpinner } from "$src/components/spinner"; | |||
| import { fetchDelegation } from "$src/flows/authorize/fetchDelegation"; | |||
| import { validateDerivationOrigin } from "$src/flows/authorize/validateDerivationOrigin"; | |||
There was a problem hiding this comment.
For a later PR: Given it is now used in multiple flows, this could be moved to some flow independent infrastructure place? Also the documentation in this file does not convey that it is used in multiple flows.
There was a problem hiding this comment.
Yep definitely! I also want to change the interface:
- the args are unnamed making it easy to swap the origins by mistake
- the validation should not be allowed to be called with an undefined derivationOrigin; handling that case should be the caller's responsibility
it's somewhere on my TODO list, but since we already pull some code from the authorize flow elsewhere I thought this wouldn't hurt
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This updates the frontend verifiable credentials flow to access a new
derivationOriginfield in the VC request.The frontend then queries the specified derivation origin and checks the RP is listed as an alternative origin, as in the authentication flow.
If successful, the specified derivation origin is used as the origin for the VC flow.
The Verifiable Credentials e2e tests are moved to their own directory and split between base flow tests, utils, and new alternative origin tests.