- Add support for receiving the
types
property in posted credential definitions during OID4VCI even if that does not match the served credential definition in the protocol. The property should likely betype
to match the VC data model, but a OID4VCI draft usestypes
in an example and clients have implemented this.
- Add extra oauth/openid config
/.well-known
paths to accommodate clients that have implemented against what is likely an OID4VCI draft bug.
- Fix
client_id_scheme
default check.
- Fix OID4VP defaults for
client_id
andclient_id_scheme
.
- Add
redirectUrl
feature in VC API exchanges. AredirectUrl
can now be specified in astep
to be included in the result of the step that is passed to the client. - Add optional OID4VP presentation exchange. The current implementation is largely experimental and subject to change, just as the OID4VP spec is undergoing rapid development and is in a draft stage. The current implementation was written against OID4VP draft 20 and only supports a profile of OID4VP that uses data integrity / LDP protected VPs and VCs.
- BREAKING: Update peer deps:
- Use
@bedrock/oauth2-verifier@2
. - Use
@bedrock/service-agent@8
. - Use
@bedrock/service-core@9
.
- Use
- Update test deps.
- Ensure expected
domain
matches value from VPR in exchange.
- Add
stepTemplate
feature. Steps in exchanges may be optionally specified as templates that will use the variables from the exchange.
- Fix uncaught unrejected promise bug when fetching exchange in parallel.
- Serve OpenID credential issuer metadata from
.well-known/openid-credential-issuer
in addition to the older / previously used combined metadata config URL:.well-known/oauth-authorization-server
.
- Add
vc-api delivery
andVC-API delivery + DID authn
tests to issue usinggeneric
credential template.
- Pass binding variables to jsonata
evaluate()
function.
- Add dev application identity for
vc-exchanger
.
- Fix meter usage aggregator function.
- Add GET endpoint for getting exchange information from any existing exchange, particularly useful for obtaining its current state and any user-submitted data.
- Ensure exchanges are updated when steps are completed.
- Fix missing dependencies and update old ones.
- Fix
package.json
exported files.
- Add "batch credential" endpoint support for OpenID-based VC delivery.
- Add
generateKeyPair
option toopenId.oauth2
when creating VC exchanges.
- BREAKING: Configurations must use
openId
to specify OID4VCI/OID4VC/OID4* options, notoidc4vci
. This change is incompatible with previous versions and any deployed instances must be manually upgraded. - BREAKING: The
/oidc4vci
route has been changed to/openid
. - BREAKING: Require
expectedCredentialRequests
inopenId
exchanger config options. It must be an array with one or more elements with thetype
andformat
expected. If more than one element is present, then the exchange can only be fulfilled using the "batch credential" endpoint.
- BREAKING: Update peer deps:
@bedrock/did-io
to v10.0.@bedrock/service-agent
to v7.0.@bedrock/service-core
to v8.0.
- See git history for changes.