Request credential issuance using OpenID4VCI #225
Conversation
There was a problem hiding this comment.
Pull request overview
This PR implements functionality to request credential issuance using the OpenID4VCI (OpenID for Verifiable Credential Issuance) protocol. The implementation adds a new user interface for initiating credential requests, backend API support for configuration management, and proxy routing to the Nuts node's credential request endpoint.
Key Changes
- Added a new Vue.js component
RequestCredential.vuethat provides a UI for selecting credential types, wallet DIDs, and initiating credential issuance requests - Introduced a configuration endpoint (
/api/config) to expose credential profiles (credential type and issuer pairs) to the frontend - Added proxy route support for the Nuts node's
/internal/auth/v2/{subjectID}/request-credentialendpoint
Reviewed changes
Copilot reviewed 12 out of 12 changed files in this pull request and generated 9 comments.
Show a summary per file
| File | Description |
|---|---|
| web/src/index.js | Added routing configuration for the new request credential page |
| web/src/admin/credentials/RequestCredential.vue | New component implementing the credential request UI with credential type selection, wallet DID selection, and issuance initiation |
| web/src/admin/IdentityDetails.vue | Added "Request Credential" button to identity details page and fetches credential profiles from config API |
| model/model.go | Added CredentialProfile struct to define credential type and issuer pairs |
| main.go | Wired credential profiles from config into the API wrapper |
| docker-compose.yaml | Updated NUTS_URL environment variable and enabled authorization endpoint |
| deploy/admin.config.yaml | Added sample credential profile configuration |
| config.go | Added CredentialProfiles field to Config struct |
| api/proxy.go | Added proxy route for the request-credential endpoint |
| api/generated.go | Generated code for new config endpoint (updated oapi-codegen version) |
| api/api.yaml | Added OpenAPI specification for config endpoint and CredentialProfile schema |
| api/api.go | Implemented GetConfig handler to return credential profiles |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
rolandgroen
left a comment
rolandgroen
left a comment
There was a problem hiding this comment.
I'll approve this request given:
- The copilot suggestions are addressed.
- The 2 stage issuance request seems a bit redundant, the redirect on the button click could also be done with a window.location = issuanceResult.redirect_uri
| <div v-if="issuanceResult"> | ||
| <p>Credential issuance initiated successfully!</p> | ||
| <p> | ||
| <a :href="issuanceResult.redirect_uri" target="_blank" class="text-blue-600 hover:text-blue-800 underline"> |
There was a problem hiding this comment.
Why a 2 stage process and not redirect directly after the button click?
There was a problem hiding this comment.
Sort of "You are being redirected to" in-between state to let the user keep control? Or do you prefer automatic redirect (or with a timer)?
There was a problem hiding this comment.
@copilot remove the link inbetween, and automatically redirect
reinkrul
force-pushed
the
openid4vci-issuance
branch
from
79dd01e to
773a652
Compare
* Initial plan * Remove intermediate link and automatically redirect after credential issuance Co-authored-by: reinkrul <1481228+reinkrul@users.noreply.github.com> * Add URL validation for redirect_uri and remove unused status message Co-authored-by: reinkrul <1481228+reinkrul@users.noreply.github.com> * Improve error messages and add clarifying comments for URL validation Co-authored-by: reinkrul <1481228+reinkrul@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: reinkrul <1481228+reinkrul@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 12 out of 12 changed files in this pull request and generated 5 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| issueCredential() { | ||
| this.issueError = undefined | ||
| const issuerDID = this.getIssuerForType(this.selectedCredentialType) | ||
| if (!issuerDID) { | ||
| this.issueError = 'No issuer found for selected credential type' | ||
| return | ||
| } |
There was a problem hiding this comment.
The issueCredential method performs validation but doesn't validate if a credential type has been selected. If selectedCredentialType is empty, getIssuerForType will return an empty string, which will then trigger the "No issuer found" error. Consider adding explicit validation for the credential type selection with a more specific error message like "Please select a credential type".
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Fixes nuts-foundation/nuts-knooppunt#272