Skip to content

Connection based verification #802

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
esune merged 18 commits into from
Jul 24, 2025
Merged

Connection based verification #802

Show file tree
Hide file tree
Changes from 17 commits
Commits
Show all changes
18 commits
Select commit Hold shift + click to select a range
9f1765d
Initial POC of connection based verification
Gavinok Jul 16, 2025
6c01f3b
Applied black formatting
Gavinok Jul 16, 2025
0d65fa1
Removed assertion to ensure we didn't use oob
Gavinok Jul 16, 2025
aeb2ef9
Merge branch 'main' into connection-based-verification
Gavinok Jul 16, 2025
bdd5fc5
Added problem reports on failed connections
Gavinok Jul 16, 2025
ebc1ae3
Add connection verification testing
Gavinok Jul 17, 2025
c1eb8ec
Improve test coverage
Gavinok Jul 17, 2025
7a5d3ba
Use multi_use keyword rather than ephemeral and only delete multi_use…
Gavinok Jul 17, 2025
75c00ea
Remove NEW comments and removed depreciated create_invitation
Gavinok Jul 22, 2025
31d5aec
Fix: removed "pending-" prefix and error reporting with invi_msg_id
Gavinok Jul 22, 2025
c63cd3f
Removed pointless "assert False" that was left over from testing
Gavinok Jul 22, 2025
3357040
Remove unnecessary dependencies and group allocations in poetry.lock …
Gavinok Jul 22, 2025
e9c0029
Restore httpx dependancy
Gavinok Jul 23, 2025
23f4e53
Change logging type
Gavinok Jul 23, 2025
6c936d9
Merge branch 'main' into connection-based-verification
Gavinok Jul 23, 2025
74e5007
Corrected inconsistent expiry and creation timestamps
Gavinok Jul 23, 2025
2006162
Handle timezone aware comparison datetimes
Gavinok Jul 23, 2025
376d246
Add USE_CONNECTION_BASED_VERIFICATION to docker compose
Gavinok Jul 23, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions docker/manage
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -189,6 +189,7 @@ configureEnvironment() {
export INVITATION_LABEL=${INVITATION_LABEL:-"VC-AuthN"}
export SET_NON_REVOKED="True"
export USE_OOB_LOCAL_DID_SERVICE=${USE_OOB_LOCAL_DID_SERVICE:-"true"}
export USE_CONNECTION_BASED_VERIFICATION=${USE_CONNECTION_BASED_VERIFICATION:-"true"}
Copy link
Contributor

@loneil loneil Jul 21, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should this be in the main docker-compose yaml too?

Copy link
Contributor Author

@Gavinok Gavinok Jul 22, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I should have spotted this by testing oob again after implementing connections. Thanks for catching that

Copy link
Member

@esune esune Jul 23, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This may still need to be added to docker-compose - the diff is not showing changes on that file

export WALLET_DEEP_LINK_PREFIX=${WALLET_DEEP_LINK_PREFIX:-"bcwallet://aries_proof-request"}

# agent
Expand Down
6 changes: 6 additions & 0 deletions oidc-controller/api/authSessions/crud.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,12 @@ async def create(self, auth_session: AuthSessionCreate) -> AuthSession:
result = col.insert_one(jsonable_encoder(auth_session))
return AuthSession(**col.find_one({"_id": result.inserted_id}))

async def get_by_connection_id(self, connection_id: str) -> AuthSession | None:
"""Get auth session by connection ID for connection-based verification."""
col = self._db.get_collection(COLLECTION_NAMES.AUTH_SESSION)
result = col.find_one({"connection_id": connection_id})
return AuthSession(**result) if result else None

async def get(self, id: str) -> AuthSession:
if not PyObjectId.is_valid(id):
raise HTTPException(
Expand Down
11 changes: 7 additions & 4 deletions oidc-controller/api/authSessions/models.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
from datetime import datetime, timedelta
from datetime import datetime, timedelta, UTC
from enum import StrEnum, auto

from api.core.models import UUIDModel
Expand All @@ -17,18 +17,21 @@ class AuthSessionState(StrEnum):


class AuthSessionBase(BaseModel):
pres_exch_id: str
pres_exch_id: str | None = None # Optional for connection-based flow
expired_timestamp: datetime = Field(
default=datetime.now()
default_factory=lambda: datetime.now(UTC)
+ timedelta(seconds=settings.CONTROLLER_PRESENTATION_EXPIRE_TIME)
)
ver_config_id: str
request_parameters: dict
pyop_auth_code: str
response_url: str
presentation_request_msg: dict | None = None
connection_id: str | None = None # Track connection ID
proof_request: dict | None = None # Store proof request for later use
multi_use: bool = False # Track if connection is multi-use (default: single-use)
model_config = ConfigDict(populate_by_name=True)
created_at: datetime = Field(default_factory=datetime.utcnow)
created_at: datetime = Field(default_factory=lambda: datetime.now(UTC))


class AuthSession(AuthSessionBase, UUIDModel):
Expand Down
1 change: 1 addition & 0 deletions oidc-controller/api/authSessions/tests/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
"""AuthSession tests package."""
Loading