LoginStrategy constructor expects the following parameters for initialisation :
- LoginStrategyOptions
- IssuerResolver
- RevokerResolver
- CredentialResolver
- verifyProof (method)
LoginStrategy accepts number of attributes (optional and non-optional).
Attributes | Allowed values | use case |
---|---|---|
claimField | string | field name which holds the claim in request |
rpcUrl | string | rpc url for the blockchain, ewc or volta |
cacheServerUrl | string | ssi-hub url |
privateKey | string | PrivateKey of the user |
ensResolvers | Resolver contract address, used to resolve RoleDefinition (RoleDefinitionREsolverV2 contract) |
|
didContractAddress | string | DID Registry contract address (ERC1056) |
ensRegistryAddress | string | ENS Contract address |
ipfsUrl | string | IPFS Gateway |
acceptedRoles | string[] | Roles needed to get authorised |
includeAllRoles | boolean | If set to true , all holder's are required for authorisation |
jwtSecret | string | Jwt secret required to encode response |
jwtSignOptions | ||
siweMessageUri | string | uri used in siwe message payload |
Addresses for deployed contracts are exported by
@energyweb/credential-governance
. One can choose the addresses based on the chain they want to operate upon.
To be able to use LoginStrategy
to authorise DIDs based on role credentials -
- one can provide one of the two values - either flag
includeAllRoles
(verifies all the role credential issued to given DID) attribute totrue
- or provide set of
acceptedRoles
(DID needs to have atleast one of the metioned role credential issued to it) while initialisingLoginStrategy
.includeAllRoles
will overrideacceptedRoles
in case both values are provided.
LoginStrategy relies on IssuerVerification
internally for verification of the roles credential.
In order to use LoginStrategy, one needs to intialise and provide :
RoleIssuerResolver
- Resolvesissuer/s
for aRoleDefinition
.RoleRevokerResolver
- Resolvesrevoker/s
for aRoleDefinition
.RoleCredentialResolver
- Resolves credentials of a holder.
It is also possible to provide own implementation of these resolvers by implementing these Interfaces
. The purpose of these resolvers are to resolve authorities responsible for issuance and revocation of these role credentials.