walt-id / waltid-identity Goto Github PK
View Code? Open in Web Editor NEWAll-in-one open-source identity and wallet toolkit.
License: Apache License 2.0
All-in-one open-source identity and wallet toolkit.
License: Apache License 2.0
current portal is not sending "walt-key" but the issuer-api is expecting one
Your portal https://portal.walt.id/offer?ids=BankId seems not to have this issue which would mean that build has been created by using different code than this one.
I'm working on a code sample on how to use the new identity stack to issue and verify credentials.
I can already create a VC, sign it and generate a presentation, but I couldn't yet succeed in the verification process. The signed JWT I'm generating for the VP doesn't seem to be in a good format.
It fails at JsonObject.getW3CType() with java.lang.IllegalArgumentException: No `type` supplied:
(this["type"] ?: this["vc"]?.jsonObject?.get("type") ?: this["vp"]?.jsonObject?.get("type")
In fact, the token generated does not have the expected structure.
{
"iss":null,
"sub":null,
"vc":{
"sub":"did:key:z6MkmpNWgxpZsH4SPytAJn1ezeYMEjWYEXCC2NHxm7QW9xHu",
"nbf":1704123040,
"iat":1704123100,
"jti":"urn:uuid:4a6bad4f-efd7-47a1-86fa-fd7119c59857",
"iss":"did:key:z6MkmpNWgxpZsH4SPytAJn1ezeYMEjWYEXCC2NHxm7QW9xHu",
"nonce":"ABC123DEF456GHI789JKL",
"vp":{
"@context":[
"https://www.w3.org/2018/credentials/v1"
],
"type":[
"VerifiablePresentation"
],
"id":"urn:uuid:4a6bad4f-efd7-47a1-86fa-fd7119c59857",
"holder":"did:key:z6MkmpNWgxpZsH4SPytAJn1ezeYMEjWYEXCC2NHxm7QW9xHu",
"verifiableCredential":[
{
// (…)
}
]
}
}
}
So my hypothesis is that I'm failing to generate the VP's signed JWT token. And so, my question is:
Is JwsSignatureScheme.sign() suitable for VP JWS token generation?
If so, is this structure valid for both VCs and VPs?
mapOf(
JwsOption.ISSUER to jwtOptions[JwsOption.ISSUER],
JwsOption.SUBJECT to jwtOptions[JwsOption.SUBJECT],
JwsOption.VC to data,
*(jwtOptions.entries.map { it.toPair() }.toTypedArray())
)
Last but not least, shouldn't PresentationBuilder.buildAndSign() return a String?
thanks so much and may we have a prosperous 2024
Alexandre Gomes
When fulfilling a presentation request from the verifier portal on an external device using the cross-device presentation request (QR code), the wallet on the external device redirects to the success page of the verifier portal, which is not the expected behaviour.
For a cross-device presentation, that wallet should redirect to an internal success page, or back to the main page.
For the same-device flow, the wallet should redirect back to the success page of the verifier portal.
Idea:
When generating the presentation request and the underlying session, the verifier should respond with two URLs, one for the cross-device flow and one (optional) or multiple (for each supported web wallet) for the same-device flow. The base URLs of the supported known wallets for the same device flow could be a configuration option of the verifier portal backend, or given as a request property in the verify API call.
As I just looked through the verifiable-credential lib, I noticed the W3CVC class is issuing W3C credentials as SD-JWT with the vc+sd-jwt type, which is not entirely correct.
The vc+sd-jwt credential format is NOT the same as a W3C credential issued as SD-JWT, as pointed out in the SD-JWT VC spec:
... Note: This specification does not utilize the W3C's Verifiable Credentials Data Model v1.0, v1.1, or v2.0.
Hi there,
The proper way to assign a credential identifier, according to W3C VC Data Model 2.0, is via vc.credentialSubject.id
instead of vc.id
. This adjustment is needed within the Waltid-Identity codebase, precisely at this file and line. Proposed change:
val credentialId = credentialJwt.payload["vc"]!!.jsonObject["credentialSubject"]!!.jsonObject["id"]?.jsonPrimitive?.content?.takeIf { it.isNotBlank() }
?: randomUUID()
This issue leads to a org.sqlite.SQLiteException: [SQLITE_CONSTRAINT_PRIMARYKEY] A PRIMARY KEY constraint failed (UNIQUE constraint failed: credentials.wallet, credentials.id)
error due to the credentialId
not being unique.
Although I'm capable of creating a merge request to address this simple fix, but it is so simple :)
In the did documents (did:web and did:key), the verification method id is not constructed using the key id.
This makes the other methods reference a non-existing key.
e.g. a valid document would look like this (note the verificationMethod[0].id
):
{
"id": "did:web:entra.walt.id:holder",
"verificationMethod": [
{
"id": "did:web:entra.walt.id:holder#48d8a34263cf492aa7ff61b6183e8bcf",
"type": "JsonWebKey2020",
"controller": "did:web:entra.walt.id:holder",
"publicKeyJwk": {
"kty": "EC",
"use": "sig",
"crv": "secp256k1",
"kid": "48d8a34263cf492aa7ff61b6183e8bcf",
"x": "TKaQ6sCocTDsmuj9tTR996tFXpEcS2EJN-1gOadaBvk",
"y": "0TrIYHcfC93VpEuvj-HXTnyKt0snayOMwGSJA1XiDX8"
}
}
],
"assertionMethod": [
"did:web:entra.walt.id:holder#48d8a34263cf492aa7ff61b6183e8bcf"
],
"authentication": [
"did:web:entra.walt.id:holder#48d8a34263cf492aa7ff61b6183e8bcf"
],
"capabilityInvocation": [
"did:web:entra.walt.id:holder#48d8a34263cf492aa7ff61b6183e8bcf"
],
"capabilityDelegation": [
"did:web:entra.walt.id:holder#48d8a34263cf492aa7ff61b6183e8bcf"
],
"keyAgreement": [
"did:web:entra.walt.id:holder#48d8a34263cf492aa7ff61b6183e8bcf"
]
}
SD-JWT VCs are missing disclosures on the issued JWT.
The issue is related to the VC type being wrongly set to jwt-vc-json by default, by the issuer API.
did:web documents as generated by DidService are erroneous, as the verification method #0 id does not correspond to the referenced ids of the other methods.
The document as created by the DidService is therefore not accepted by MS Entra, whereas if the method id is corrected it will be accepted:
Faulty document:
{
"id": "did:web:entra.walt.id:holder",
"verificationMethod": [
{
"id": "did:web:entra.walt.id:holder",
"type": "JsonWebKey2020",
"controller": "did:web:entra.walt.id:holder",
"publicKeyJwk": {
"kty": "EC",
"use": "sig",
"crv": "secp256k1",
"kid": "48d8a34263cf492aa7ff61b6183e8bcf",
"x": "TKaQ6sCocTDsmuj9tTR996tFXpEcS2EJN-1gOadaBvk",
"y": "0TrIYHcfC93VpEuvj-HXTnyKt0snayOMwGSJA1XiDX8"
}
}
],
"assertionMethod": [
"did:web:entra.walt.id:holder#48d8a34263cf492aa7ff61b6183e8bcf"
],
"authentication": [
"did:web:entra.walt.id:holder#48d8a34263cf492aa7ff61b6183e8bcf"
],
"capabilityInvocation": [
"did:web:entra.walt.id:holder#48d8a34263cf492aa7ff61b6183e8bcf"
],
"capabilityDelegation": [
"did:web:entra.walt.id:holder#48d8a34263cf492aa7ff61b6183e8bcf"
],
"keyAgreement": [
"did:web:entra.walt.id:holder#48d8a34263cf492aa7ff61b6183e8bcf"
]
}
Correct document:
{
"id": "did:web:entra.walt.id:holder",
"verificationMethod": [
{
"id": "did:web:entra.walt.id:holder#48d8a34263cf492aa7ff61b6183e8bcf",
"type": "JsonWebKey2020",
"controller": "did:web:entra.walt.id:holder",
"publicKeyJwk": {
"kty": "EC",
"use": "sig",
"crv": "secp256k1",
"kid": "48d8a34263cf492aa7ff61b6183e8bcf",
"x": "TKaQ6sCocTDsmuj9tTR996tFXpEcS2EJN-1gOadaBvk",
"y": "0TrIYHcfC93VpEuvj-HXTnyKt0snayOMwGSJA1XiDX8"
}
}
],
"assertionMethod": [
"did:web:entra.walt.id:holder#48d8a34263cf492aa7ff61b6183e8bcf"
],
"authentication": [
"did:web:entra.walt.id:holder#48d8a34263cf492aa7ff61b6183e8bcf"
],
"capabilityInvocation": [
"did:web:entra.walt.id:holder#48d8a34263cf492aa7ff61b6183e8bcf"
],
"capabilityDelegation": [
"did:web:entra.walt.id:holder#48d8a34263cf492aa7ff61b6183e8bcf"
],
"keyAgreement": [
"did:web:entra.walt.id:holder#48d8a34263cf492aa7ff61b6183e8bcf"
]
}
https://github.com/walt-id/waltid-identity.git
cd docker-compose && docker-compose up
Produces the following error:
ERROR: The Compose file './docker-compose.yaml' is invalid because:
Unsupported config option for services: 'verifier-api'
I am on ubuntu
At the http://{{wallet-server}}/wallet-api/wallet/{{wallet}}/exchange/useOfferRequest
endpoint, when the wallet already have a claimed VC.
org.sqlite.SQLiteException: [SQLITE_CONSTRAINT_PRIMARYKEY] A PRIMARY KEY constraint failed (UNIQUE constraint failed: credentials.wallet, credentials.id)
Shouldn't this exception be handled and friendly translated to the end user?
Have directory structure uniform across the project for frontends.
Hi Team,
I am experiencing this issue when extending the Keys class (id.walt.crypto.keys) from waltid-crypto-jvm-0.2.0.jar. The issue occurs only with the following methods since the java de-compiler adds a postfix (verifyRaw-0E7RQCE) with a dash character that Java does not support.
I would appreciate it if you could check and let me know.
Make use of value-by-reference for credentital offer and presentation definition in cross-device OpenID request urls, for more compact QR codes.
System:
Macbook pro M2
Trying to run the web-wallet and following this guide.
➜ docker-compose git:(main) ✗ docker compose up
[+] Running 0/21
⠧ vc-repo Pulling 1.7s
⠧ ingress Pulling 1.7s
⠧ web-portal 8 layers [⠀⠀⠀⠀⠀⠀⠀⠀] 0B/0B Pulling 1.7s
⠼ 661ff4d9561e Waiting 0.4s
⠼ 89059ca18a98 Waiting 0.4s
⠼ 9bb776f8ddb0 Waiting 0.4s
⠼ ef0b6390b7f1 Waiting 0.4s
⠼ a15a9d425880 Waiting 0.4s
⠼ 1e712b2c24dd Waiting 0.4s
⠼ 8c46756e133c Waiting 0.4s
⠼ 9a8e93e2029b Waiting 0.4s
⠧ verifier-api 7 layers [⠀⠀⠀⠀⠀⠀⠀] 0B/0B Pulling 1.7s
⠼ 3dd181f9be59 Pulling fs layer 0.4s
⠼ 0f838805bddf Pulling fs layer 0.4s
⠼ dfab58ae8b86 Pulling fs layer 0.4s
⠼ c6cc1bdab538 Waiting 0.4s
⠼ cc590439cbf2 Waiting 0.4s
⠼ fca4b39976e3 Waiting 0.4s
⠼ 4f4fb700ef54 Waiting 0.4s
⠦ issuer-api 1 layers [⠀] 0B/0B Pulling 1.7s
⠼ b6a121b98e02 Waiting 0.4s
no matching manifest for linux/arm64/v8 in the manifest list entries
OIDC/OAuth provider for wallet-api is currently hard-coded to local KeyCloak instance and should be configurable.
Currently, the openid4vc library provides interfaces that are more geared towards being a framework for use in the Wallet Kit than providing the necessary isolated functions as expected by the Issuer API and Verifier API, manifesting itself through needing various hacks to map outside data around the openid4vc library as to being able to run through the flows. This is currently a blocking issue for continuing with the cloud platform.
Classes and implementations thereof like OpenIDCredentialIssuer
should not be needed, and no internal representation of state should exist within the library, as this then stops adhering to the definition of library and moves towards being a not flexible enough framework. For example open class CIProvider : OpenIDCredentialIssuer( ... )
with ...
being various configuration is not flexible enough for dynamic usage as e.g. in the Cloud platform.
After the refactor, the openid4vc library should (only) provide:
-> Mainly refers to OpenIDCredentialIssuer, OpenIDCredentialWallet, and OpenIDCredentialVerifier.
End deliverable/result is a single Kotlin function (which can already serve as unit test) which contains the function calls that can run through the whole flow (Issuer
-> issues -> Wallet
-> presents -> Verifier
) by passing around the OIDC4VC data objects between functions (not doing real HTTP requests, you can make comments what HTTP endpoint would be called in that place).
I am following the guide: https://github.com/walt-id/waltid-identity/tree/main/docker-compose
to run docker compose up
docker-compose-wallet-api-1 failed to start with following error:
2024-02-09 15:08:37 19 [main] INFO id.walt.webwallet.Application - Starting walt.id wallet...
2024-02-09 15:08:37 24 [main] DEBUG id.walt.webwallet.Application - Running in path: /waltid-wallet-api/.
2024-02-09 15:08:37 25 [main] INFO id.walt.webwallet.Application - Setting up...
2024-02-09 15:08:37 835 [main] INFO id.walt.webwallet.Application - Reading configurations...
2024-02-09 15:08:37 837 [main] DEBUG id.walt.webwallet.config.ConfigManager - Loading configurations...
2024-02-09 15:08:37 842 [main] DEBUG id.walt.webwallet.config.ConfigManager - Loading configuration: "db"...
2024-02-09 15:08:38 1115 [main] DEBUG id.walt.webwallet.config.ConfigManager - Loading configuration: "tenant"...
2024-02-09 15:08:38 1157 [main] DEBUG id.walt.webwallet.config.ConfigManager - Loading configuration: "web"...
2024-02-09 15:08:38 1189 [main] DEBUG id.walt.webwallet.config.ConfigManager - Loading configuration: "push"...
2024-02-09 15:08:38 1221 [main] ERROR id.walt.webwallet.config.ConfigManager - Could not load configuration for "push": com.sksamuel.hoplite.ConfigException: Error loading config because:
2024-02-09 15:08:38
2024-02-09 15:08:38 - Could not instantiate 'id.walt.webwallet.config.PushConfig' because:
2024-02-09 15:08:38
2024-02-09 15:08:38 - 'pushPublicKey': Missing from config
2024-02-09 15:08:38
2024-02-09 15:08:38 - 'pushPrivateKey': Missing from config
2024-02-09 15:08:38
2024-02-09 15:08:38 - 'pushSubject': Missing from config
2024-02-09 15:08:38 at com.sksamuel.hoplite.ConfigLoader$returnOrThrow$1.invoke(ConfigLoader.kt:247)
2024-02-09 15:08:38 at com.sksamuel.hoplite.ConfigLoader$returnOrThrow$1.invoke(ConfigLoader.kt:244)
2024-02-09 15:08:38 at com.sksamuel.hoplite.fp.ValidatedKt.getOrElse(Validated.kt:115)
2024-02-09 15:08:38 at com.sksamuel.hoplite.ConfigLoader.returnOrThrow(ConfigLoader.kt:244)
2024-02-09 15:08:38 at com.sksamuel.hoplite.ConfigLoader.loadConfigOrThrow(ConfigLoader.kt:118)
2024-02-09 15:08:38 at id.walt.webwallet.config.ConfigManager.loadConfig(ConfigManager.kt:32)
2024-02-09 15:08:38 at id.walt.webwallet.config.ConfigManager.loadConfigs(ConfigManager.kt:87)
2024-02-09 15:08:38 at id.walt.webwallet.ApplicationKt.main(Application.kt:36)
2024-02-09 15:08:38
2024-02-09 15:08:38 1221 [main] DEBUG id.walt.webwallet.config.ConfigManager - Loading configuration: "wallet"...
2024-02-09 15:08:38 1235 [main] DEBUG id.walt.webwallet.config.ConfigManager - Loading configuration: "marketplace"...
2024-02-09 15:08:38 1294 [main] DEBUG id.walt.webwallet.config.ConfigManager - Loading configuration: "chainexplorer"...
2024-02-09 15:08:38 1327 [main] DEBUG id.walt.webwallet.config.ConfigManager - Loading configuration: "runtime"...
2024-02-09 15:08:38 1342 [main] DEBUG id.walt.webwallet.config.ConfigManager - Loading configuration: "oidc"...
2024-02-09 15:08:38 1359 [main] ERROR id.walt.webwallet.config.ConfigManager - Could not load configuration for "oidc": com.sksamuel.hoplite.ConfigException: Error loading config because:
2024-02-09 15:08:38
2024-02-09 15:08:38 - Could not instantiate 'id.walt.webwallet.config.OidcConfiguration' because:
2024-02-09 15:08:38
2024-02-09 15:08:38 - 'enableOidcLogin': Missing from config
2024-02-09 15:08:38
2024-02-09 15:08:38 - 'providerName': Missing from config
2024-02-09 15:08:38
2024-02-09 15:08:38 - 'oidcRealm': Missing from config
2024-02-09 15:08:38
2024-02-09 15:08:38 - 'oidcJwks': Missing from config
2024-02-09 15:08:38
2024-02-09 15:08:38 - 'jwksCache': Missing from config
2024-02-09 15:08:38
2024-02-09 15:08:38 - 'authorizeUrl': Missing from config
2024-02-09 15:08:38
2024-02-09 15:08:38 - 'accessTokenUrl': Missing from config
2024-02-09 15:08:38
2024-02-09 15:08:38 - 'logoutUrl': Missing from config
2024-02-09 15:08:38
2024-02-09 15:08:38 - 'clientId': Missing from config
2024-02-09 15:08:38
2024-02-09 15:08:38 - 'clientSecret': Missing from config
2024-02-09 15:08:38 at com.sksamuel.hoplite.ConfigLoader$returnOrThrow$1.invoke(ConfigLoader.kt:247)
2024-02-09 15:08:38 at com.sksamuel.hoplite.ConfigLoader$returnOrThrow$1.invoke(ConfigLoader.kt:244)
2024-02-09 15:08:38 at com.sksamuel.hoplite.fp.ValidatedKt.getOrElse(Validated.kt:115)
2024-02-09 15:08:38 at com.sksamuel.hoplite.ConfigLoader.returnOrThrow(ConfigLoader.kt:244)
2024-02-09 15:08:38 at com.sksamuel.hoplite.ConfigLoader.loadConfigOrThrow(ConfigLoader.kt:118)
2024-02-09 15:08:38 at id.walt.webwallet.config.ConfigManager.loadConfig(ConfigManager.kt:32)
2024-02-09 15:08:38 at id.walt.webwallet.config.ConfigManager.loadConfigs(ConfigManager.kt:87)
2024-02-09 15:08:38 at id.walt.webwallet.ApplicationKt.main(Application.kt:36)
2024-02-09 15:08:38
2024-02-09 15:08:38 1360 [main] DEBUG id.walt.webwallet.config.ConfigManager - Loading configuration: "logins"...
2024-02-09 15:08:38 1368 [main] ERROR id.walt.webwallet.config.ConfigManager - Could not load configuration for "logins": com.sksamuel.hoplite.ConfigException: Error loading config because:
2024-02-09 15:08:38
2024-02-09 15:08:38 - Could not instantiate 'id.walt.webwallet.config.LoginMethodsConfig' because:
2024-02-09 15:08:38
2024-02-09 15:08:38 - 'enabledLoginMethods': Missing from config
2024-02-09 15:08:38 at com.sksamuel.hoplite.ConfigLoader$returnOrThrow$1.invoke(ConfigLoader.kt:247)
2024-02-09 15:08:38 at com.sksamuel.hoplite.ConfigLoader$returnOrThrow$1.invoke(ConfigLoader.kt:244)
2024-02-09 15:08:38 at com.sksamuel.hoplite.fp.ValidatedKt.getOrElse(Validated.kt:115)
2024-02-09 15:08:38 at com.sksamuel.hoplite.ConfigLoader.returnOrThrow(ConfigLoader.kt:244)
2024-02-09 15:08:38 at com.sksamuel.hoplite.ConfigLoader.loadConfigOrThrow(ConfigLoader.kt:118)
2024-02-09 15:08:38 at id.walt.webwallet.config.ConfigManager.loadConfig(ConfigManager.kt:32)
2024-02-09 15:08:38 at id.walt.webwallet.config.ConfigManager.loadConfigs(ConfigManager.kt:87)
2024-02-09 15:08:38 at id.walt.webwallet.ApplicationKt.main(Application.kt:36)
2024-02-09 15:08:38
2024-02-09 15:08:38 1368 [main] DEBUG id.walt.webwallet.config.ConfigManager - Loading configuration: "db.sqlite"...
2024-02-09 15:08:38 1395 [main] INFO com.zaxxer.hikari.HikariDataSource - HikariPool-1 - Starting...
2024-02-09 15:08:38 1522 [main] INFO com.zaxxer.hikari.pool.HikariPool - HikariPool-1 - Added connection org.sqlite.jdbc4.JDBC4Connection@56f521c6
2024-02-09 15:08:38 1524 [main] INFO com.zaxxer.hikari.HikariDataSource - HikariPool-1 - Start completed.
2024-02-09 15:08:38 1530 [main] INFO id.walt.webwallet.db.Db - Connecting to database at "jdbc:sqlite:/waltid-wallet-api/data/data.db"...
2024-02-09 15:08:38 1581 [main] INFO Exposed - Preparing create tables statements took 22ms
2024-02-09 15:08:38 1586 [main] INFO Exposed - Executing create tables statements took 5ms
2024-02-09 15:08:38 1605 [main] INFO Exposed - Extracting table columns took 19ms
2024-02-09 15:08:38 1667 [main] INFO Exposed - Extracting primary keys took 61ms
2024-02-09 15:08:38 1668 [main] INFO Exposed - Preparing alter table statements took 82ms
2024-02-09 15:08:38 1668 [main] INFO Exposed - Executing alter table statements took 0ms
2024-02-09 15:08:38 1740 [main] INFO Exposed - Index on table 'issuers' differs only in name: in db issuers_name -> in mapping issuers_name_unique
2024-02-09 15:08:38 1741 [main] INFO Exposed - Index on table 'accounts' differs only in name: in db accounts_email -> in mapping accounts_email_unique
2024-02-09 15:08:38 1741 [main] INFO Exposed - Index on table 'web3wallets' differs only in name: in db web3wallets_address -> in mapping web3wallets_address_unique
2024-02-09 15:08:38 1741 [main] INFO Exposed - Index on table 'wallet_issuers' differs only in name: in db wallet_issuers_wallet_issuer -> in mapping wallet_issuers_wallet_issuer_unique
2024-02-09 15:08:38 1742 [main] INFO Exposed - Index on table 'oidclogins' differs only in name: in db oidclogins_oidcId -> in mapping oidclogins_oidcId_unique
2024-02-09 15:08:38 1743 [main] INFO Exposed - Checking mapping consistence took 75ms
2024-02-09 15:08:38 1758 [main] INFO id.walt.webwallet.Application - Starting web server (binding to 0.0.0.0, listening on port 7001)...
2024-02-09 15:08:38 1787 [DefaultDispatcher-worker-1] INFO ktor.application - Autoreload is disabled because the development mode is off.
2024-02-09 15:08:38 Exception in thread "main" io.ktor.server.plugins.NotFoundException: No loaded configuration: "oidc"
2024-02-09 15:08:38 at id.walt.webwallet.web.controllers.AuthControllerKt.configureSecurity(AuthController.kt:409)
2024-02-09 15:08:38 at id.walt.webwallet.ApplicationKt.configurePlugins(Application.kt:50)
2024-02-09 15:08:38 at id.walt.webwallet.ApplicationKt.module(Application.kt:62)
2024-02-09 15:08:38 at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
2024-02-09 15:08:38 at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
2024-02-09 15:08:38 at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
2024-02-09 15:08:38 at java.base/java.lang.reflect.Method.invoke(Method.java:568)
2024-02-09 15:08:38 at kotlin.reflect.jvm.internal.calls.CallerImpl$Method.callMethod(CallerImpl.kt:97)
2024-02-09 15:08:38 at kotlin.reflect.jvm.internal.calls.CallerImpl$Method$Static.call(CallerImpl.kt:106)
2024-02-09 15:08:38 at kotlin.reflect.jvm.internal.KCallableImpl.callDefaultMethod$kotlin_reflection(KCallableImpl.kt:207)
2024-02-09 15:08:38 at kotlin.reflect.jvm.internal.KCallableImpl.callBy(KCallableImpl.kt:112)
2024-02-09 15:08:38 at io.ktor.server.engine.internal.CallableUtilsKt.callFunctionWithInjection(CallableUtils.kt:119)
2024-02-09 15:08:38 at io.ktor.server.engine.internal.CallableUtilsKt.executeModuleFunction(CallableUtils.kt:36)
2024-02-09 15:08:38 at io.ktor.server.engine.ApplicationEngineEnvironmentReloading$launchModuleByName$1.invoke(ApplicationEngineEnvironmentReloading.kt:332)
2024-02-09 15:08:38 at io.ktor.server.engine.ApplicationEngineEnvironmentReloading$launchModuleByName$1.invoke(ApplicationEngineEnvironmentReloading.kt:331)
2024-02-09 15:08:38 at io.ktor.server.engine.ApplicationEngineEnvironmentReloading.avoidingDoubleStartupFor(ApplicationEngineEnvironmentReloading.kt:356)
2024-02-09 15:08:38 at io.ktor.server.engine.ApplicationEngineEnvironmentReloading.launchModuleByName(ApplicationEngineEnvironmentReloading.kt:331)
2024-02-09 15:08:38 at io.ktor.server.engine.ApplicationEngineEnvironmentReloading.access$launchModuleByName(ApplicationEngineEnvironmentReloading.kt:32)
2024-02-09 15:08:38 at io.ktor.server.engine.ApplicationEngineEnvironmentReloading$instantiateAndConfigureApplication$1.invoke(ApplicationEngineEnvironmentReloading.kt:319)
2024-02-09 15:08:38 at io.ktor.server.engine.ApplicationEngineEnvironmentReloading$instantiateAndConfigureApplication$1.invoke(ApplicationEngineEnvironmentReloading.kt:310)
2024-02-09 15:08:38 at io.ktor.server.engine.ApplicationEngineEnvironmentReloading.avoidingDoubleStartup(ApplicationEngineEnvironmentReloading.kt:338)
2024-02-09 15:08:38 at io.ktor.server.engine.ApplicationEngineEnvironmentReloading.instantiateAndConfigureApplication(ApplicationEngineEnvironmentReloading.kt:310)
2024-02-09 15:08:38 at io.ktor.server.engine.ApplicationEngineEnvironmentReloading.createApplication(ApplicationEngineEnvironmentReloading.kt:150)
2024-02-09 15:08:38 at io.ktor.server.engine.ApplicationEngineEnvironmentReloading.start(ApplicationEngineEnvironmentReloading.kt:277)
2024-02-09 15:08:38 at io.ktor.server.cio.CIOApplicationEngine$initServerJob$1$2.invokeSuspend(CIOApplicationEngine.kt:207)
2024-02-09 15:08:38 at io.ktor.server.cio.CIOApplicationEngine$initServerJob$1$2.invoke(CIOApplicationEngine.kt)
2024-02-09 15:08:38 at io.ktor.server.cio.CIOApplicationEngine$initServerJob$1$2.invoke(CIOApplicationEngine.kt)
2024-02-09 15:08:38 at kotlinx.coroutines.intrinsics.UndispatchedKt.startUndispatchedOrReturn(Undispatched.kt:78)
2024-02-09 15:08:38 at kotlinx.coroutines.BuildersKt__Builders_commonKt.withContext(Builders.common.kt:167)
2024-02-09 15:08:38 at kotlinx.coroutines.BuildersKt.withContext(Unknown Source)
2024-02-09 15:08:38 at io.ktor.server.cio.CIOApplicationEngine$initServerJob$1.invokeSuspend(CIOApplicationEngine.kt:206)
2024-02-09 15:08:38 at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith(ContinuationImpl.kt:33)
2024-02-09 15:08:38 at kotlinx.coroutines.DispatchedTask.run(DispatchedTask.kt:108)
2024-02-09 15:08:38 at kotlinx.coroutines.internal.LimitedDispatcher$Worker.run(LimitedDispatcher.kt:115)
2024-02-09 15:08:38 at kotlinx.coroutines.scheduling.TaskImpl.run(Tasks.kt:103)
2024-02-09 15:08:38 at kotlinx.coroutines.scheduling.CoroutineScheduler.runSafely(CoroutineScheduler.kt:584)
2024-02-09 15:08:38 at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.executeTask(CoroutineScheduler.kt:793)
2024-02-09 15:08:38 at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.runWorker(CoroutineScheduler.kt:697)
2024-02-09 15:08:38 at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.run(CoroutineScheduler.kt:684)
2024-02-09 15:08:38 Exception in thread "DefaultDispatcher-worker-1" io.ktor.server.plugins.NotFoundException: No loaded configuration: "oidc"
2024-02-09 15:08:38 at id.walt.webwallet.web.controllers.AuthControllerKt.configureSecurity(AuthController.kt:409)
2024-02-09 15:08:38 at id.walt.webwallet.ApplicationKt.configurePlugins(Application.kt:50)
2024-02-09 15:08:38 at id.walt.webwallet.ApplicationKt.module(Application.kt:62)
2024-02-09 15:08:38 at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
2024-02-09 15:08:38 at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
2024-02-09 15:08:38 Will use sqlite database (jdbc:sqlite:/waltid-wallet-api/data/data.db), working directory: /waltid-wallet-api/.
Version tested: v1.0.2401181053-SNAPSHOT
I think /wallet-api/auth/create
endpoint could be more specific and consistent in the failed response messages.
Take a look at these four scenarios. They all demonstrate the API call with some missing field. However, the answers vary from one call to another.
type
field omitted.Request
curl -X 'POST' \
'http://localhost:4545/wallet-api/auth/create' \
-H 'accept: */*' \
-H 'Content-Type: application/json' \
-d '{
"name": "Max Mustermann",
"email": "[email protected]",
"password": "password"}'
Response
{"exception":"true","status":"Bad Request","code":"400","message":"Polymorphic serializer was not found for missing class discriminator ('null')\nJSON input: {\"name\":\"Max Mustermann\",\"email\":\"[email protected]\",\"password\":\"password\"}"}
password
field omittedRequest
curl -X 'POST' \
'http://localhost:4545/wallet-api/auth/create' \
-H 'accept: */*' \
-H 'Content-Type: application/json' \
-d '{
"name": "Max Mustermann",
"email": "[email protected]",
"_password": "password",
"type": "email"
}'
Response
{"exception":"true","status":"Bad Request","code":"400","message":"Field 'password' is required for type with serial name 'email', but it was missing at path: $"}
email
field omittedRequest
curl -X 'POST' \
'http://localhost:4545/wallet-api/auth/create' \
-H 'accept: */*' \
-H 'Content-Type: application/json' \
-d '{
"name": "Max Mustermann",
"_email": "[email protected]",
"password": "password",
"type": "email"
}'
Response
{"exception":"true","status":"Bad Request","code":"400","message":"Field 'email' is required for type with serial name 'email', but it was missing at path: $"}
name
field omittedRequest
curl -X 'POST' \
'http://localhost:4545/wallet-api/auth/create' \
-H 'accept: */*' \
-H 'Content-Type: application/json' \
-d '{
"_name": "Max Mustermann",
"email": "[email protected]",
"password": "password",
"type": "email"
}'
Response
{"exception":"true","status":"Internal Server Error","code":"500","message":"Could not register user"}
Running the following JavaScript file using node
...
const issueUrl = `https://issuer.waltid.findy.fi/openid4vc/sdjwt/issue`
const requestBody = {
"issuanceKey": {
"type": "local",
"jwk": "{\"kty\":\"OKP\",\"d\":\"mDhpwaH6JYSrD2Bq7Cs-pzmsjlLj4EOhxyI-9DM1mFI\",\"crv\":\"Ed25519\",\"kid\":\"Vzx7l5fh56F3Pf9aR3DECU5BwfrY6ZJe05aiWYWzan8\",\"x\":\"T3T4-u1Xz3vAV2JwPNxWfs4pik_JLiArz_WTCvrCFUM\"}"
},
"issuerDid": "did:key:z6MkjoRhq1jSNJdLiruSXrFFxagqrztZaXHqHGUTKJbcNywp",
"vc": {
"@context": [
"https://www.w3.org/2018/credentials/v1",
"https://purl.imsglobal.org/spec/ob/v3p0/context.json"
],
"id": "urn:uuid:THIS WILL BE REPLACED WITH DYNAMIC DATA FUNCTION (see below)",
"type": [
"VerifiableCredential",
"OpenBadgeCredential"
],
"name": "JFF x vc-edu PlugFest 3 Interoperability",
"issuer": {
"type": [
"Profile"
],
"id": "did:key:THIS WILL BE REPLACED WITH DYNAMIC DATA FUNCTION FROM CONTEXT (see below)",
"name": "Jobs for the Future (JFF)",
"url": "https://www.jff.org/",
"image": "https://w3c-ccg.github.io/vc-ed/plugfest-1-2022/images/JFF_LogoLockup.png"
},
"issuanceDate": "2023-07-20T07:05:44Z (THIS WILL BE REPLACED BY DYNAMIC DATA FUNCTION (see below))",
"expirationDate": "WILL BE MAPPED BY DYNAMIC DATA FUNCTION (see below)",
"credentialSubject": {
"id": "did:key:123 (THIS WILL BE REPLACED BY DYNAMIC DATA FUNCTION (see below))",
"type": [
"AchievementSubject"
],
"achievement": {
"id": "urn:uuid:ac254bd5-8fad-4bb1-9d29-efd938536926",
"type": [
"Achievement"
],
"name": "JFF x vc-edu PlugFest 3 Interoperability",
"description": "This wallet supports the use of W3C Verifiable Credentials and has demonstrated interoperability during the presentation request workflow during JFF x VC-EDU PlugFest 3.",
"criteria": {
"type": "Criteria",
"narrative": "Wallet solutions providers earned this badge by demonstrating interoperability during the presentation request workflow. This includes successfully receiving a presentation request, allowing the holder to select at least two types of verifiable credentials to create a verifiable presentation, returning the presentation to the requestor, and passing verification of the presentation and the included credentials."
},
"image": {
"id": "https://w3c-ccg.github.io/vc-ed/plugfest-3-2023/images/JFF-VC-EDU-PLUGFEST3-badge-image.png",
"type": "Image"
}
}
}
}
}
const credParams = {
method: 'POST',
headers: {
"Accept": "text/plain",
"Content-Type": "application/json",
},
body: JSON.stringify(requestBody, null, 1)
}
const resp = await fetch(issueUrl, credParams)
const credentialOffer = await resp.text()
console.log(resp.status, credentialOffer)
... I get the following response:
node:internal/deps/undici/undici:11442
fetchParams.controller.controller.error(new TypeError("terminated", {
^
TypeError: terminated
at Fetch.onAborted (node:internal/deps/undici/undici:11442:53)
at Fetch.emit (node:events:514:28)
at Fetch.terminate (node:internal/deps/undici/undici:10695:14)
at fetchParams.controller.resume (node:internal/deps/undici/undici:11421:36)
at process.processTicksAndRejections (node:internal/process/task_queues:95:5) {
[cause]: Error: incorrect header check
at Zlib.zlibOnError [as onerror] (node:zlib:189:17) {
errno: -3,
code: 'Z_DATA_ERROR'
}
}
Node.js v20.5.0
If I add the following header to the fetch()
request, I get a successful response:
"Accept-Encoding": "gzip, br, identity",
Having deflate
as an acceptable encoding results to Z_DATA_ERROR
with fetch
"Accept-Encoding": "gzip, br, identity, deflate",
It seems that the deflate
encoding used by waltid-identity is not compatible with fetch
's implementation.
The API also works if the requestBody
is smaller - yielding a smaller response.
Since deflate seems to have issues in general, it would probably be best to avoid deflate altogether.
Looking at
gzip
is preferred only when content-length is below 1024 bytes. Is there a real reason for preferring deflate
on bigger payloads?Please can you support here walt-id/waltid-web-wallet#71
Despite the announcement https://walt.id/blog/p/community-stack still not able to find the source code and your currently deployed version on the cloud is broken. SignUP does not work at all
Error {"exception":"true","status":"Internal Server Error","code":"500","message":"org.sqlite.SQLiteException: [SQLITE_ERROR] SQL error or missing database (no such table: events)"}
The current JWT encoding seems to have inconsistency with the referenced W3C V1.1. and W3C V2.0 specs.
W3C V1.1 specifies the following:
nbf MUST represent issuanceDate, encoded as a UNIX timestamp (NumericDate).
So, issuanceDate (V1.1, date-time) = iat (V1.1, unix) = nbf (V1.1, unix)
in W3C V1.1 and was changed to validFrom (V2.0, date-time)
in W3C V2.0.
The current code calculates iat - 90 seconds
and also in some tests, there is a iat - 1 minute
.
For W3C V2.0 there is no explicit mentioning of nbf
anymore.
Is there someone who can counter check this finding?
OpenID Connect supports passing request parameters as signed and optionally encrypted request objects.
These request objects can be passed by value (JWT) or by reference.
Support for request objects by reference is required for MS Entra support.
https://openid.net/specs/openid-connect-core-1_0.html#JWTRequests
When a login request is issued to the Wallet API without correctly filling in the required parameters, the API returns an internal Kotlin error.
For the sake of API semantics, wouldn't it be better if we encapsulated this internal language error in an error more related to the authentication process?
[]s
Issuing a SD-JWT Credential leads to a NullPointer exception within the wallet backend.
docker-compose-wallet-backend-1 | java.lang.NullPointerException
docker-compose-wallet-backend-1 | at id.walt.webwallet.service.SSIKit2WalletService.useOfferRequest(SSIKit2WalletService.kt:442)
The problem is probably because the vc+sd-jwt
doesn't have a "vc" element within the payload.
Existing:
Suggestion:
), createCredentialEventData(credentialJwt.payload, typ)
Im trying to use the web-wallet to receive a credential im issuing in another server using waltid ssi-kit. Im getting this error:
happening on line SSIKit2WalletService.kt:447
credentialResponse: CredentialResponse(format=ldp_vc, credential={"credentialSubject":{"size":"Large","id":"did:key:z6MkmVY1aRT29HH7khh3YXoqQhfeyrtFefi8n1WCSbxbFfCz"},"credentialBranding":{"watermarkImageUrl":"https://example.edu/img/watermark.png","backgroundColor":"#7661e0"},"description":"bevis for spist kake","validFrom":"2024-01-17T16:41:52Z","type":["VerifiableCredential","KakeCredential"],"title":"Kakebevis","@context":["https://www.w3.org/2018/credentials/v1","https://mattr.global/contexts/vc-extensions/v2","https://schema.org"],"issuer":{"name":"Team Kanakas","id":"did:key:z6MkjnAh1nWKSo7nxAtUuzYZwtLaWY5oqn1iS7XGx7266HWk","logoUrl":""},"credentialStatus":{"statusPurpose":"revocation","statusListIndex":"37","id":"http://localhost/status/revocation#37","statusListCredential":"http://localhost/status/revocation","type":"StatusList2021Entry"},"issuanceDate":"2024-01-17T16:41:52Z","name":"Kakebevis","id":"urn:uuid:bf90acc3-65f0-4eb5-a71f-02ee6d92f6c5","proof":{"created":"2024-01-17T16:41:52Z","jws":"eyJiNjQiOmZhbHNlLCJjcml0IjpbImI2NCJdLCJhbGciOiJFZERTQSJ9..ZGjtgaxHAmodfuT0wJtua_NMYyVOB0nXA5oOPB4c1NoHgsXPxJjGSkHxL6lTDIMZkyo-phf6ZBzv2G4YVhQjCw","proofPurpose":"assertionMethod","type":"Ed25519Signature2018","verificationMethod":"did:key:z6MkjnAh1nWKSo7nxAtUuzYZwtLaWY5oqn1iS7XGx7266HWk#z6MkjnAh1nWKSo7nxAtUuzYZwtLaWY5oqn1iS7XGx7266HWk"},"issued":"2024-01-17T16:41:52Z","expirationDate":"2024-02-16T16:41:51Z"}, acceptanceToken=null, cNonce=null, cNonceExpiresIn=null, error=null, errorDescription=null, errorUri=null, customParameters={c_nounce_expires_in=86400, c_nounce="fGFF7UkhLa"})
wallet-backend-1 | // parse and verify credential(s)
wallet-backend-1 | java.lang.IllegalArgumentException: Element class kotlinx.serialization.json.JsonObject is not a JsonPrimitive
wallet-backend-1 | at kotlinx.serialization.json.JsonElementKt.error(JsonElement.kt:326)
wallet-backend-1 | at kotlinx.serialization.json.JsonElementKt.getJsonPrimitive(JsonElement.kt:229)
wallet-backend-1 | at id.walt.webwallet.service.SSIKit2WalletService.useOfferRequest(SSIKit2WalletService.kt:447)
This is something which should be configurable https://github.com/walt-id/waltid-identity/blob/main/waltid-web-wallet/src/main/kotlin/id/walt/webwallet/service/account/AccountsService.kt#L54C50-L54C63
Originally posted by ChangoBuitrago March 25, 2024
The waltid-wallet-api
from https://github.com/walt-id/waltid-identity/tree/main/docker-compose is not working. It appears that a setup is missing, and the documentation is outdated. I suspect there might be some missing housekeeping procedures originating from the ssi-kit?
=> Missing from config
I have attached the error log.
Thank you.
# error.log
docker-compose-wallet-api-1 | 2771 [main] DEBUG id.walt.webwallet.config.ConfigManager - Loading configuration: "db"...
docker-compose-wallet-api-1 | 3327 [main] DEBUG id.walt.webwallet.config.ConfigManager - Loading configuration: "tenant"...
docker-compose-wallet-api-1 | 3420 [main] DEBUG id.walt.webwallet.config.ConfigManager - Loading configuration: "web"...
docker-compose-wallet-api-1 | 3474 [main] DEBUG id.walt.webwallet.config.ConfigManager - Loading configuration: "push"...
docker-compose-wallet-api-1 | 3520 [main] ERROR id.walt.webwallet.config.ConfigManager - Could not load configuration for "push": com.sksamuel.hoplite.ConfigException: Error loading config because:
docker-compose-wallet-api-1 |
docker-compose-wallet-api-1 | - Could not instantiate 'id.walt.webwallet.config.PushConfig' because:
docker-compose-wallet-api-1 |
docker-compose-wallet-api-1 | - 'pushPublicKey': Missing from config
docker-compose-wallet-api-1 |
docker-compose-wallet-api-1 | - 'pushPrivateKey': Missing from config
docker-compose-wallet-api-1 |
docker-compose-wallet-api-1 | - 'pushSubject': Missing from config
docker-compose-wallet-api-1 | at com.sksamuel.hoplite.ConfigLoader$returnOrThrow$1.invoke(ConfigLoader.kt:247)
docker-compose-wallet-api-1 | at com.sksamuel.hoplite.ConfigLoader$returnOrThrow$1.invoke(ConfigLoader.kt:244)
docker-compose-wallet-api-1 | at com.sksamuel.hoplite.fp.ValidatedKt.getOrElse(Validated.kt:115)
docker-compose-wallet-api-1 | at com.sksamuel.hoplite.ConfigLoader.returnOrThrow(ConfigLoader.kt:244)
docker-compose-wallet-api-1 | at com.sksamuel.hoplite.ConfigLoader.loadConfigOrThrow(ConfigLoader.kt:118)
docker-compose-wallet-api-1 | at id.walt.webwallet.config.ConfigManager.loadConfig(ConfigManager.kt:45)
docker-compose-wallet-api-1 | at id.walt.webwallet.config.ConfigManager.loadConfigs(ConfigManager.kt:110)
docker-compose-wallet-api-1 | at id.walt.webwallet.MainKt.main(Main.kt:31)
docker-compose-wallet-api-1 |
docker-compose-wallet-api-1 | 3520 [main] DEBUG id.walt.webwallet.config.ConfigManager - Loading configuration: "wallet"...
docker-compose-wallet-api-1 | 3555 [main] DEBUG id.walt.webwallet.config.ConfigManager - Loading configuration: "marketplace"...
docker-compose-verifier-api-1 | [DefaultDispatcher-worker-3] INFO ktor.application - Application started in 0.849 seconds.
docker-compose-verifier-api-1 | [DefaultDispatcher-worker-3] INFO ktor.application - Application started: io.ktor.server.application.Application@8e7d73e
docker-compose-wallet-api-1 | 3665 [main] DEBUG id.walt.webwallet.config.ConfigManager - Loading configuration: "chainexplorer"...
docker-compose-wallet-api-1 | 3741 [main] DEBUG id.walt.webwallet.config.ConfigManager - Loading configuration: "runtime"...
docker-compose-wallet-api-1 | 3766 [main] DEBUG id.walt.webwallet.config.ConfigManager - Loading configuration: "oidc"...
docker-compose-wallet-api-1 | 3838 [main] ERROR id.walt.webwallet.config.ConfigManager - Could not load configuration for "oidc": com.sksamuel.hoplite.ConfigException: Error loading config because:
docker-compose-wallet-api-1 |
docker-compose-wallet-api-1 | - Could not instantiate 'id.walt.webwallet.config.OidcConfiguration' because:
docker-compose-wallet-api-1 |
docker-compose-wallet-api-1 | - 'keycloakUserApi': Missing from config
docker-compose-wallet-api-1 | at com.sksamuel.hoplite.ConfigLoader$returnOrThrow$1.invoke(ConfigLoader.kt:247)
docker-compose-wallet-api-1 | at com.sksamuel.hoplite.ConfigLoader$returnOrThrow$1.invoke(ConfigLoader.kt:244)
docker-compose-wallet-api-1 | at com.sksamuel.hoplite.fp.ValidatedKt.getOrElse(Validated.kt:115)
docker-compose-wallet-api-1 | at com.sksamuel.hoplite.ConfigLoader.returnOrThrow(ConfigLoader.kt:244)
docker-compose-wallet-api-1 | at com.sksamuel.hoplite.ConfigLoader.loadConfigOrThrow(ConfigLoader.kt:118)
docker-compose-wallet-api-1 | at id.walt.webwallet.config.ConfigManager.loadConfig(ConfigManager.kt:45)
docker-compose-wallet-api-1 | at id.walt.webwallet.config.ConfigManager.loadConfigs(ConfigManager.kt:110)
docker-compose-wallet-api-1 | at id.walt.webwallet.MainKt.main(Main.kt:31)
docker-compose-wallet-api-1 |
docker-compose-wallet-api-1 | 3838 [main] DEBUG id.walt.webwallet.config.ConfigManager - Loading configuration: "logins"...
docker-compose-wallet-api-1 | 3861 [main] ERROR id.walt.webwallet.config.ConfigManager - Could not load configuration for "logins": com.sksamuel.hoplite.ConfigException: Error loading config because:
docker-compose-wallet-api-1 |
docker-compose-wallet-api-1 | - Could not instantiate 'id.walt.webwallet.config.LoginMethodsConfig' because:
docker-compose-wallet-api-1 |
docker-compose-wallet-api-1 | - 'enabledLoginMethods': Missing from config
docker-compose-wallet-api-1 | at com.sksamuel.hoplite.ConfigLoader$returnOrThrow$1.invoke(ConfigLoader.kt:247)
docker-compose-wallet-api-1 | at com.sksamuel.hoplite.ConfigLoader$returnOrThrow$1.invoke(ConfigLoader.kt:244)
docker-compose-wallet-api-1 | at com.sksamuel.hoplite.fp.ValidatedKt.getOrElse(Validated.kt:115)
docker-compose-wallet-api-1 | at com.sksamuel.hoplite.ConfigLoader.returnOrThrow(ConfigLoader.kt:244)
docker-compose-wallet-api-1 | at com.sksamuel.hoplite.ConfigLoader.loadConfigOrThrow(ConfigLoader.kt:118)
docker-compose-wallet-api-1 | at id.walt.webwallet.config.ConfigManager.loadConfig(ConfigManager.kt:45)
docker-compose-wallet-api-1 | at id.walt.webwallet.config.ConfigManager.loadConfigs(ConfigManager.kt:110)
docker-compose-wallet-api-1 | at id.walt.webwallet.MainKt.main(Main.kt:31)
docker-compose-wallet-api-1 |
docker-compose-wallet-api-1 | 3861 [main] DEBUG id.walt.webwallet.config.ConfigManager - Loading configuration: "trust"...
docker-compose-wallet-api-1 | 3880 [main] ERROR id.walt.webwallet.config.ConfigManager - Could not load configuration for "trust": com.sksamuel.hoplite.ConfigException: Error loading config because:
docker-compose-wallet-api-1 |
docker-compose-wallet-api-1 | - Could not instantiate 'id.walt.webwallet.config.TrustConfig' because:
docker-compose-wallet-api-1 |
docker-compose-wallet-api-1 | - 'issuersRecord': Missing from config
docker-compose-wallet-api-1 |
docker-compose-wallet-api-1 | - 'verifiersRecord': Missing from config
docker-compose-wallet-api-1 | at com.sksamuel.hoplite.ConfigLoader$returnOrThrow$1.invoke(ConfigLoader.kt:247)
docker-compose-wallet-api-1 | at com.sksamuel.hoplite.ConfigLoader$returnOrThrow$1.invoke(ConfigLoader.kt:244)
docker-compose-wallet-api-1 | at com.sksamuel.hoplite.fp.ValidatedKt.getOrElse(Validated.kt:115)
docker-compose-wallet-api-1 | at com.sksamuel.hoplite.ConfigLoader.returnOrThrow(ConfigLoader.kt:244)
docker-compose-wallet-api-1 | at com.sksamuel.hoplite.ConfigLoader.loadConfigOrThrow(ConfigLoader.kt:118)
docker-compose-wallet-api-1 | at id.walt.webwallet.config.ConfigManager.loadConfig(ConfigManager.kt:45)
docker-compose-wallet-api-1 | at id.walt.webwallet.config.ConfigManager.loadConfigs(ConfigManager.kt:110)
docker-compose-wallet-api-1 | at id.walt.webwallet.MainKt.main(Main.kt:31)
docker-compose-wallet-api-1 |
docker-compose-wallet-api-1 | 3880 [main] DEBUG id.walt.webwallet.config.ConfigManager - Loading configuration: "rejectionreason"...
docker-compose-wallet-api-1 | 3904 [main] ERROR id.walt.webwallet.config.ConfigManager - Could not load configuration for "rejectionreason": com.sksamuel.hoplite.ConfigException: Error loading config because:
docker-compose-wallet-api-1 |
docker-compose-wallet-api-1 | - Could not instantiate 'id.walt.webwallet.config.RejectionReasonConfig' because:
docker-compose-wallet-api-1 |
docker-compose-wallet-api-1 | - 'reasons': Missing from config
docker-compose-wallet-api-1 | at com.sksamuel.hoplite.ConfigLoader$returnOrThrow$1.invoke(ConfigLoader.kt:247)
docker-compose-wallet-api-1 | at com.sksamuel.hoplite.ConfigLoader$returnOrThrow$1.invoke(ConfigLoader.kt:244)
docker-compose-wallet-api-1 | at com.sksamuel.hoplite.fp.ValidatedKt.getOrElse(Validated.kt:115)
docker-compose-wallet-api-1 | at com.sksamuel.hoplite.ConfigLoader.returnOrThrow(ConfigLoader.kt:244)
docker-compose-wallet-api-1 | at com.sksamuel.hoplite.ConfigLoader.loadConfigOrThrow(ConfigLoader.kt:118)
docker-compose-wallet-api-1 | at id.walt.webwallet.config.ConfigManager.loadConfig(ConfigManager.kt:45)
docker-compose-wallet-api-1 | at id.walt.webwallet.config.ConfigManager.loadConfigs(ConfigManager.kt:110)
docker-compose-wallet-api-1 | at id.walt.webwallet.MainKt.main(Main.kt:31)
docker-compose-wallet-api-1 |
docker-compose-wallet-api-1 | 3905 [main] DEBUG id.walt.webwallet.config.ConfigManager - Loading configuration: "oci"...
docker-compose-wallet-api-1 | 3954 [main] ERROR id.walt.webwallet.config.ConfigManager - Could not load configuration for "oci": com.sksamuel.hoplite.ConfigException: Error loading config because:
docker-compose-wallet-api-1 |
docker-compose-wallet-api-1 | - Could not instantiate 'id.walt.webwallet.config.OciKeyConfig' because:
docker-compose-wallet-api-1 |
docker-compose-wallet-api-1 | - 'tenancyOcid': Missing from config
docker-compose-wallet-api-1 |
docker-compose-wallet-api-1 | - 'userOcid': Missing from config
docker-compose-wallet-api-1 |
docker-compose-wallet-api-1 | - 'fingerprint': Missing from config
docker-compose-wallet-api-1 |
docker-compose-wallet-api-1 | - 'managementEndpoint': Missing from config
docker-compose-wallet-api-1 |
docker-compose-wallet-api-1 | - 'cryptoEndpoint': Missing from config
docker-compose-wallet-api-1 | at com.sksamuel.hoplite.ConfigLoader$returnOrThrow$1.invoke(ConfigLoader.kt:247)
docker-compose-wallet-api-1 | at com.sksamuel.hoplite.ConfigLoader$returnOrThrow$1.invoke(ConfigLoader.kt:244)
docker-compose-wallet-api-1 | at com.sksamuel.hoplite.fp.ValidatedKt.getOrElse(Validated.kt:115)
docker-compose-wallet-api-1 | at com.sksamuel.hoplite.ConfigLoader.returnOrThrow(ConfigLoader.kt:244)
docker-compose-wallet-api-1 | at com.sksamuel.hoplite.ConfigLoader.loadConfigOrThrow(ConfigLoader.kt:118)
docker-compose-wallet-api-1 | at id.walt.webwallet.config.ConfigManager.loadConfig(ConfigManager.kt:45)
docker-compose-wallet-api-1 | at id.walt.webwallet.config.ConfigManager.loadConfigs(ConfigManager.kt:110)
docker-compose-wallet-api-1 | at id.walt.webwallet.MainKt.main(Main.kt:31)
docker-compose-wallet-api-1 |
docker-compose-wallet-api-1 | 3955 [main] DEBUG id.walt.webwallet.config.ConfigManager - Loading configuration: "auth"...
docker-compose-wallet-api-1 | 3975 [main] ERROR id.walt.webwallet.config.ConfigManager - Could not load configuration for "auth": com.sksamuel.hoplite.ConfigException: Error loading config because:
docker-compose-wallet-api-1 |
docker-compose-wallet-api-1 | - Could not instantiate 'id.walt.webwallet.config.AuthConfig' because:
docker-compose-wallet-api-1 |
docker-compose-wallet-api-1 | - 'encryptionKey': Missing from config
docker-compose-wallet-api-1 |
docker-compose-wallet-api-1 | - 'signKey': Missing from config
docker-compose-wallet-api-1 |
docker-compose-wallet-api-1 | - 'tokenKey': Missing from config
docker-compose-wallet-api-1 | at com.sksamuel.hoplite.ConfigLoader$returnOrThrow$1.invoke(ConfigLoader.kt:247)
docker-compose-wallet-api-1 | at com.sksamuel.hoplite.ConfigLoader$returnOrThrow$1.invoke(ConfigLoader.kt:244)
docker-compose-wallet-api-1 | at com.sksamuel.hoplite.fp.ValidatedKt.getOrElse(Validated.kt:115)
docker-compose-wallet-api-1 | at com.sksamuel.hoplite.ConfigLoader.returnOrThrow(ConfigLoader.kt:244)
docker-compose-wallet-api-1 | at com.sksamuel.hoplite.ConfigLoader.loadConfigOrThrow(ConfigLoader.kt:118)
docker-compose-wallet-api-1 | at id.walt.webwallet.config.ConfigManager.loadConfig(ConfigManager.kt:45)
docker-compose-wallet-api-1 | at id.walt.webwallet.config.ConfigManager.loadConfigs(ConfigManager.kt:110)
docker-compose-wallet-api-1 | at id.walt.webwallet.MainKt.main(Main.kt:31)
docker-compose-wallet-api-1 |
docker-compose-wallet-api-1 | 3975 [main] DEBUG id.walt.webwallet.config.ConfigManager - Loading configuration: "db.sqlite"...
docker-compose-wallet-api-1 | 4083 [main] INFO com.zaxxer.hikari.HikariDataSource - HikariPool-1 - Starting...
```</div>
When you try to create a Cheqd DID from the Wallet (e.g. the hosted wallet https://wallet.walt.id/
) you get the following error:
{exception: "true", status: "Bad Request", code: "400",…}
code
:
"400"
exception
:
"true"
message
:
"Failed to finalize the did onboarding process.\nCheqd registrar returning \"The operation failed due to an internal error. Please try again: Error: Invalid base64 string format\""
status
:
"Bad Request"
=> Invalid base64 string format
Thank you.
Steps to reproduce:
Expected:
Actual:
We need a simple way to onboard Issuer & Verifiers to all supported ecosystems. The onboarding API should create keys based on different algorithms (local, and other KMS keys based on one interface) and create & register a corresponding DID.
When you try setting the errorRedirectUri
for a verification request, it always end up using the sucessRedirectUri
instead.
You can try your own documentation example to reproduce the error:
https://docs.oss.walt.id/verifier/api/vc-oid4vc
curl -X 'POST' \
'https://verifier.portal.walt.id/openid4vc/verify' \
-H 'accept: */*' \
-H 'authorizeBaseUrl: openid4vp://authorize' \
-H 'responseMode: direct_post' \
-H 'successRedirectUri: https://example.com/success?id=$id' \
-H 'errorRedirectUri: https://example.com/error?id=$id' \
-H 'Content-Type: application/json' \
-d '{
"request_credentials": [
"VerifiableDiploma"
]
}'
I assume the issue is in the following function verify in the file https://github.com/walt-id/waltid-identity/blob/main/waltid-verifier-api/src/main/kotlin/id/walt/verifier/oidc/VerificationUseCase.kt
Thank for your help!
Entra flow code is currently added to wallet-api as demo code in branch 27. needs to be revisisted to support conventional flow and entra flow.
We will claim the port ranges:
Check if ports available on:
in the documentation to register a did with a given key you can use register, while the right function is registerByKey
Version tested: v1.0.2401181053-SNAPSHOT
If the type
field is omitted or misspelled, the returning error message is an internal kotlinx.serialization
exception.
Wouldn't it be better to encapsulate it in a more readable, domain-specific message, as is the case with the handling of the email
and password
fields?
type
field with a difficult-to-debug messageRequest
curl -X 'POST' \
'http://localhost:4545/wallet-api/auth/login' \
-H 'accept: */*' \
-H 'Content-Type: application/json' \
-d '{
"email": "[email protected]",
"password": "password",
"type": "email_"
}
Response
{"exception":"true","status":"Bad Request","code":"400","message":"Polymorphic serializer was not found for class discriminator 'email_'\nJSON input: {\"email\":\"[email protected]\",\"password\":\"password\",\"type\":\"email_\"}"}
email
field, although imperfect, is more readable than the previous caseRequest
curl -X 'POST' \
'http://localhost:4545/wallet-api/auth/login' \
-H 'accept: */*' \
-H 'Content-Type: application/json' \
-d '{
"_email": "[email protected]",
"password": "password",
"type": "email"
}'
Response
{"exception":"true","status":"Bad Request","code":"400","message":"Field 'email' is required for type with serial name 'email', but it was missing at path: $"}
Based on the documentation:
"authorizeBaseUrl - is used to modify the start of the UR OID4VC request URL. If you are using the cross-device flow, where you will display the URL as a QR code, you can leave the value as openid4vp://authorize or if you don't know the wallet the user will be using to claim the credential. If you are using the same device flow, where you already know the user's wallet and want the user to be able to go directly to it, you can use the wallet URL path that is able to receive an OIDC request as a query parameter. Our wallet for example can receive OID4VC requests here https://wallet.walt.id/exchange/issuance."
Is the documentation outdated, or is the endpoint no longer supported? I appreciate this feature because it allows me to enhance interoperability with other wallets, which is a strong requirement for me.
Thank you for your help.
When setting up the DidService
, I want to be able to set a custom URL for the Universal Resolver & Registrar.
Today
import id.walt.did.dids.DidService
suspend fun main() {
DidService.init()
}
Future
import id.walt.did.dids.DidService
suspend fun main() {
DidService.init(UniRegistrarUrl="http://myvalue", UniResolverUrl="http://myvalue")
}
Entra badge is displayed for non Entra credentials (again)
I pulled the latest image today: waltid/waltid-web-wallet:latest
, and since the recent update, it throws the following error: waltid-web-wallet-1 exited with code 139
. Previous snapshot worked fine.
To avoid these daily issues, It would be beneficial to have a set of images tagged as stable
and update GitHub Actions/docker-compose.yaml
file to pull these images instead of the latest
tag.
Thank you for your assistance.
If you attempt to show a deleted DID using the endpoint
/wallet-api/wallet/{wallet}/dids/{did}
if that did is not found the API returns 400: BAD REQUEST
but the documentation says it returns
401: INVALID AUTHORIZATION
git clone [email protected]:walt-id/waltid-identity.git
cd waltid-identity/docker-compose
docker compose up
Version tested: v1.0.2401181053-SNAPSHOT
DB Schema fails to be created in PostgreSQL when starting the walltid-wallet-api by executing the Application.kt.
Connecting to database at "jdbc:postgresql"
Preparing create tables statements took 62ms
PSQLException: ERROR: column "tenant" is in a primary key
SQL: [ALTER TABLE accounts ALTER COLUMN tenant TYPE VARCHAR(128), ALTER COLUMN tenant DROP NOT NULL]
PostgreSQL enforces not null columns, in all columns participating in the primary key.
As a result, process finishes with exit code 1.
Looking at Accounts, the tenant although nullable, is a part of a composed primary key.
Accounts.kt
val tenant = varchar("tenant", 128).nullable()
override val primaryKey = PrimaryKey(tenant, id)
The same is also defined in AccountWalletMappings
AccountWalletMappings.kt
val tenant = varchar("tenant", 128).nullable()
override val primaryKey = PrimaryKey(tenant, accountId, wallet)
and in Web3Wallets
Web3Wallets.kt
val tenant = varchar("tenant", 128).nullable() // null = global
override val primaryKey = PrimaryKey(tenant, accountId, id)
suggestion:
One suggestion is to remove the tenant from the PrimaryKey.
This will affect all the foreignKeys pointing to tenant: WalletOperationHistories, AccountWalletPermissions, Web3Wallets, AccountIssuers and Events where the tenant reference must be removed.
An extra Unique Constraint can cover duplicate tenants
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.