Package org.keycloak.protocol.oid4vc.issuance

Class OID4VCIssuerEndpoint

java.lang.Object

org.keycloak.protocol.oid4vc.issuance.OID4VCIssuerEndpoint

public class OID4VCIssuerEndpoint
extends Object

Provides the (REST-)endpoints required for the OID4VCI protocol.

Author:

Stefan Wiedemann

Field Summary

Fields

Modifier and Type	Field	Description
static final String	CREDENTIAL_OFFER_PATH
static final String	CREDENTIAL_OFFER_URI_CODE_SCOPE
static final String	CREDENTIAL_PATH
static final String	NONCE_PATH
static final String	RESPONSE_TYPE_IMG_PNG

Constructor Summary

Constructors

Constructor	Description
OID4VCIssuerEndpoint(KeycloakSession keycloakSession)
OID4VCIssuerEndpoint(KeycloakSession session, Map<String,CredentialBuilder> credentialBuilders, AppAuthManager.BearerTokenAuthenticator authenticator, TimeProvider timeProvider, int preAuthorizedCodeLifeSpan, boolean isIgnoreScopeCheck)

Method Summary

Modifier and Type	Method	Description
jakarta.ws.rs.core.Response	getCNonce()	the OpenId4VCI nonce-endpoint
jakarta.ws.rs.core.Response	getCredentialOffer(String sessionCode)	Provides an OID4VCI compliant credentials offer
jakarta.ws.rs.core.Response	getCredentialOfferURI(String vcId, OfferUriType type, int width, int height)	Provides the URI to the OID4VCI compliant credentials offer
jakarta.ws.rs.core.Response	requestCredential(CredentialRequest credentialRequestVO)	Returns a verifiable credential

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

NONCE_PATH

public static final String NONCE_PATH

See Also:

• Constant Field Values

CREDENTIAL_PATH

public static final String CREDENTIAL_PATH

See Also:

• Constant Field Values

CREDENTIAL_OFFER_PATH

public static final String CREDENTIAL_OFFER_PATH

See Also:

• Constant Field Values

RESPONSE_TYPE_IMG_PNG

public static final String RESPONSE_TYPE_IMG_PNG

See Also:

• Constant Field Values

CREDENTIAL_OFFER_URI_CODE_SCOPE

public static final String CREDENTIAL_OFFER_URI_CODE_SCOPE

See Also:

• Constant Field Values

Constructor Details

OID4VCIssuerEndpoint

public OID4VCIssuerEndpoint(KeycloakSession session,
 Map<String,CredentialBuilder> credentialBuilders,
 AppAuthManager.BearerTokenAuthenticator authenticator,
 TimeProvider timeProvider,
 int preAuthorizedCodeLifeSpan,
 boolean isIgnoreScopeCheck)

OID4VCIssuerEndpoint

public OID4VCIssuerEndpoint(KeycloakSession keycloakSession)

Method Details

getCNonce

@POST
@Produces("application/json")
@Path("nonce")
public jakarta.ws.rs.core.Response getCNonce()

the OpenId4VCI nonce-endpoint

Returns:

a short-lived c_nonce value that must be presented in key-bound proofs at the credential endpoint.

getCredentialOfferURI

@GET
@Produces({"application/json","image/png"})
@Path("credential-offer-uri")
public jakarta.ws.rs.core.Response getCredentialOfferURI(@QueryParam("credential_configuration_id")
 String vcId,
 @QueryParam("type") @DefaultValue("uri")
 OfferUriType type,
 @QueryParam("width") @DefaultValue("200")
 int width,
 @QueryParam("height") @DefaultValue("200")
 int height)

Provides the URI to the OID4VCI compliant credentials offer

getCredentialOffer

@GET
@Produces("application/json")
@Path("credential-offer/{sessionCode}")
public jakarta.ws.rs.core.Response getCredentialOffer(@PathParam("sessionCode")
 String sessionCode)

Provides an OID4VCI compliant credentials offer

requestCredential

@POST
@Consumes("application/json")
@Produces("application/json")
@Path("credential")
public jakarta.ws.rs.core.Response requestCredential(CredentialRequest credentialRequestVO)

Returns a verifiable credential