latest
Community
Blog
License

G2P OpenID VCI: Base

Module name

g2p_openid_vci

Module title

G2P OpenID VCI: Base

Technology base

Odoo

This repository contains an Odoo module that helps PBMS/Social Registry (SR) to issue Verifiable Credentials (VC). It provides default VC templates for SR and PBMS and adds OpenID for VCI APIs to SR and PBMS.

Functionality

This module adds g2p.openid.vci.issuers model called VC Issuer. The main fields in this VC Issuer model are given below.

Design notes

This module is designed to create any number of issuers with different combinations of parameters such as scope, credential_type, credential_format, issuer_metadata, and so on.

For example: Follow the below steps if you want to issue two different types of credentials from your registry, each of which requires the credentials to have different fields.

  1. Create two issuers, both issuer_types are Registry.

  2. Configure different credential types and scopes for both issuers.

  3. Configure both issuers' credential formats with the necessary fields in place.

  4. Modify the issuer metadata of both the issuers along with relevant metadata for the fields.

  5. Modify contexts json with different fields and different credential type for both issuers.

When a credential request is received, it will select the issuer based on the combination of scope (from auth JWT), credential type (from credential request body) (and supported_format which defaults to ldp_vc for now).

This module also uses g2p.encryption.provider (of any type) to sign the final VC. If the encryption provider is not configured on the issuer, it will use the default encryption provider.

Note:

A credential will only be issued if the sub from auth JWT exists as one of IDs in registry against a registry entry.

Guides

To learn more about Configuration, click here.

Source code

https://github.com/openg2p/openg2p-vci

Create a custom VC Issuer

This section describes the procedure for developing custom VC Issuers with the custom functionality that differ from the above Registry Credential Issuer and Beneficiary Credential Issuer.

  • Inherit g2p.openid.vci.issuers model. Add a new type to the issuer_type Selection field using selection_add. Example

    issuer_type = fields.Selection(selection_add=[("Mock", "Mock")], ondelete={"Mock": "cascade"})

  • Implement the following functions:

    • issue_vc_{issuer_type}

    • set_default_credential_type_{issuer_type}

    • set_from_static_file_{issuer_type}

  • Example:

    class BeneficiaryOpenIDVCIssuer(models.Model):
    _inherit = "g2p.openid.vci.issuers"

    issuer_type = fields.Selection(selection_add=[("Mock", "Mock")], ondelete={"Mock": "cascade"})
    
    def issue_vc_Mock(self, auth_claims, credential_request):
        ...    
    
    def set_default_credential_type_Mock(self):
        self.credential_type = "OpenG2PMockVerifiableCredential"

    def set_from_static_file_Mock(self, **kwargs):
        kwargs.setdefault("module_name", "g2p_openid_vci_mock")
        return self.set_from_static_file_Registry(**kwargs)

Configuration

  • VCI Issuers' configs can be found under Settings Menu -> VCI Issuers page.

  • VC Issuer general config properties:

  • VC Issuer Program/Beneficiary specific configs:

PreviousG2P Auth: OIDC - Reg IDNextG2P OpenID VCI: Programs

Last updated

Logo

Copyright © 2024 OpenG2P. This work is licensed under Creative Commons Attribution International LicenseCC-BY-4.0 unless otherwise noted.