Errors in SIOP flow using Sphereom Wallet #99

flarocca · 2024-03-19T18:57:50Z

Hello! For educational and self-learning purposes I started to build my own rudimentary implementation of a Relying Party that uses SIOP protocol.
I am using the latest version of Sphereom Wallet and this demo branched off of main in parallel with my custom implementation.

The issue I am facing is on the wallet side, after scanning the QR code and getting the Auth Request, the Wallet Application shows the following error:

Unable to retrieve information.
Error: Request claims can't have 'presentation_definition' and 'presentation_definition_uri'

I started using my own implementation until I got stuck, then I turned to the Demo example, when I also got stuck with the same issue.
There seems to be a discrepancy between the SIOP Draft version the App uses and the one the Demo uses, but I am not being able to detect it.
The QR code renders this link:

openid://?request_uri=http%3A%2F%2F192.168.1.36%3A5003%2Fsiop%2Fdefinitions%2FsphereonGuest%2Fauth-requests%2F4446e50e-b54b-4293-8bfe-cbeba8722d06

And the result of that request uri looks like this:

JWT Encoded

eyJhbGciOiJFUzI1NksiLCJraWQiOiJkaWQ6andrOmV5SmhiR2NpT2lKRlV6STFOa3NpTENKMWMyVWlPaUp6YVdjaUxDSnJkSGtpT2lKRlF5SXNJbU55ZGlJNkluTmxZM0F5TlRack1TSXNJbmdpT2lJMlNsUXhNa2RLYlU1S09XVkdPWHA0TjE5SFFtMVNla1I0VGpWNmVqRXhhRkZQTW5Sc1RFVXRaV0ZSSWl3aWVTSTZJbEIxVGxab0xWZHlTaTA1YjNSTWRrcFRXRTVZVFZGcE0zbzVjakZ3Um1zNFgwOVRkRTAyYW1oeWJFVWlmUSMwIiwidHlwIjoiSldUIn0.eyJpYXQiOjE3MTA4NzE4NDYsImV4cCI6MTcxMDg3MTk2NiwicmVzcG9uc2VfdHlwZSI6InZwX3Rva2VuIiwic2NvcGUiOiJvcGVuaWQiLCJjbGllbnRfaWQiOiJkaWQ6andrOmV5SmhiR2NpT2lKRlV6STFOa3NpTENKMWMyVWlPaUp6YVdjaUxDSnJkSGtpT2lKRlF5SXNJbU55ZGlJNkluTmxZM0F5TlRack1TSXNJbmdpT2lJMlNsUXhNa2RLYlU1S09XVkdPWHA0TjE5SFFtMVNla1I0VGpWNmVqRXhhRkZQTW5Sc1RFVXRaV0ZSSWl3aWVTSTZJbEIxVGxab0xWZHlTaTA1YjNSTWRrcFRXRTVZVFZGcE0zbzVjakZ3Um1zNFgwOVRkRTAyYW1oeWJFVWlmUSIsInJlc3BvbnNlX3VyaSI6Imh0dHA6Ly8xOTIuMTY4LjEuMzY6NTAwMy9zaW9wL2RlZmluaXRpb25zL3NwaGVyZW9uR3Vlc3QvYXV0aC1yZXNwb25zZXMvNDQ0NmU1MGUtYjU0Yi00MjkzLThiZmUtY2JlYmE4NzIyZDA2IiwicmVzcG9uc2VfbW9kZSI6InBvc3QiLCJub25jZSI6ImYxOThiOWYyLWJmOWItNDA4ZS1iZDM4LTE4OWMyOTZiOWY5MSIsInN0YXRlIjoiNDQ0NmU1MGUtYjU0Yi00MjkzLThiZmUtY2JlYmE4NzIyZDA2IiwiY2xpZW50X21ldGFkYXRhIjp7ImlkX3Rva2VuX3NpZ25pbmdfYWxnX3ZhbHVlc19zdXBwb3J0ZWQiOlsiRWREU0EiLCJFUzI1NiIsIkVTMjU2SyJdLCJyZXF1ZXN0X29iamVjdF9zaWduaW5nX2FsZ192YWx1ZXNfc3VwcG9ydGVkIjpbIkVkRFNBIiwiRVMyNTYiLCJFUzI1NksiXSwicmVzcG9uc2VfdHlwZXNfc3VwcG9ydGVkIjpbImlkX3Rva2VuIl0sInNjb3Blc19zdXBwb3J0ZWQiOlsib3BlbmlkIGRpZF9hdXRobiJdLCJzdWJqZWN0X3R5cGVzX3N1cHBvcnRlZCI6WyJwYWlyd2lzZSJdLCJzdWJqZWN0X3N5bnRheF90eXBlc19zdXBwb3J0ZWQiOlsiZGlkOmlvbiIsImRpZDp3ZWIiLCJkaWQ6andrIl0sInZwX2Zvcm1hdHMiOnsiand0X3ZjIjp7ImFsZyI6WyJFZERTQSIsIkVTMjU2SyJdfSwiand0X3ZwIjp7ImFsZyI6WyJFUzI1NksiLCJFZERTQSJdfX19LCJwcmVzZW50YXRpb25fZGVmaW5pdGlvbiI6eyJpZCI6InNwaGVyZW9uR3Vlc3QiLCJwdXJwb3NlIjoiV2Ugd2FudCB0byBrbm93IHlvdXIgbmFtZSBhbmQgZS1tYWlsIGFkZHJlc3MgKHdpbGwgbm90IGJlIHN0b3JlZCkiLCJpbnB1dF9kZXNjcmlwdG9ycyI6W3siaWQiOiJjMjgzNGQwZS0zYzk1LTQ3MjEtYjIxYS00MGUzZDdlYTI1NDkiLCJuYW1lIjoiREJDIERJSVAgaW50ZXJvcCIsInB1cnBvc2UiOiJUbyBpc3N1ZSBhIG5ldyBjcmVkZW50aWFsIHlvdXIgREJDIERJSVAgR3Vlc3QgY3JlZGVudGlhbCBpcyByZXF1aXJlZC4iLCJjb25zdHJhaW50cyI6eyJmaWVsZHMiOlt7InBhdGgiOlsiJC5jcmVkZW50aWFsU3ViamVjdC5uYW1lIiwiJC52Yy5jcmVkZW50aWFsU3ViamVjdC5uYW1lIl0sImZpbHRlciI6eyJ0eXBlIjoic3RyaW5nIiwicGF0dGVybiI6Il5EQkMuKiQifX1dfX1dfSwibmJmIjoxNzEwODcxODQ2LCJqdGkiOiI3OTlmZTk5Yi0wMTM3LTQ2MjMtOTc5My0xMTQwZjcyMTZjYTEiLCJpc3MiOiJkaWQ6andrOmV5SmhiR2NpT2lKRlV6STFOa3NpTENKMWMyVWlPaUp6YVdjaUxDSnJkSGtpT2lKRlF5SXNJbU55ZGlJNkluTmxZM0F5TlRack1TSXNJbmdpT2lJMlNsUXhNa2RLYlU1S09XVkdPWHA0TjE5SFFtMVNla1I0VGpWNmVqRXhhRkZQTW5Sc1RFVXRaV0ZSSWl3aWVTSTZJbEIxVGxab0xWZHlTaTA1YjNSTWRrcFRXRTVZVFZGcE0zbzVjakZ3Um1zNFgwOVRkRTAyYW1oeWJFVWlmUSIsInN1YiI6ImRpZDpqd2s6ZXlKaGJHY2lPaUpGVXpJMU5rc2lMQ0oxYzJVaU9pSnphV2NpTENKcmRIa2lPaUpGUXlJc0ltTnlkaUk2SW5ObFkzQXlOVFpyTVNJc0luZ2lPaUkyU2xReE1rZEtiVTVLT1dWR09YcDROMTlIUW0xU2VrUjRUalY2ZWpFeGFGRlBNblJzVEVVdFpXRlJJaXdpZVNJNklsQjFUbFpvTFZkeVNpMDViM1JNZGtwVFdFNVlUVkZwTTNvNWNqRndSbXM0WDA5VGRFMDJhbWh5YkVVaWZRIn0.H_EhUZtxipr_xUqyIyt1O_bnxWuEwkCbwhPQTU9PmOFox6RYkgUQhiwh48_0yPfg_50XA6gvJEKaCMsohv4VtA

JSON Payload (header and signature skipped for convenience)

{
  "iat": 1710871846,
  "exp": 1710871966,
  "response_type": "vp_token",
  "scope": "openid",
  "client_id": "did:jwk:eyJhbGciOiJFUzI1NksiLCJ1c2UiOiJzaWciLCJrdHkiOiJFQyIsImNydiI6InNlY3AyNTZrMSIsIngiOiI2SlQxMkdKbU5KOWVGOXp4N19HQm1SekR4TjV6ejExaFFPMnRsTEUtZWFRIiwieSI6IlB1TlZoLVdySi05b3RMdkpTWE5YTVFpM3o5cjFwRms4X09TdE02amhybEUifQ",
  "response_uri": "http://192.168.1.36:5003/siop/definitions/sphereonGuest/auth-responses/4446e50e-b54b-4293-8bfe-cbeba8722d06",
  "response_mode": "post",
  "nonce": "f198b9f2-bf9b-408e-bd38-189c296b9f91",
  "state": "4446e50e-b54b-4293-8bfe-cbeba8722d06",
  "client_metadata": {
    "id_token_signing_alg_values_supported": [
      "EdDSA",
      "ES256",
      "ES256K"
    ],
    "request_object_signing_alg_values_supported": [
      "EdDSA",
      "ES256",
      "ES256K"
    ],
    "response_types_supported": [
      "id_token"
    ],
    "scopes_supported": [
      "openid did_authn"
    ],
    "subject_types_supported": [
      "pairwise"
    ],
    "subject_syntax_types_supported": [
      "did:ion",
      "did:web",
      "did:jwk"
    ],
    "vp_formats": {
      "jwt_vc": {
        "alg": [
          "EdDSA",
          "ES256K"
        ]
      },
      "jwt_vp": {
        "alg": [
          "ES256K",
          "EdDSA"
        ]
      }
    }
  },
  "presentation_definition": {
    "id": "sphereonGuest",
    "purpose": "We want to know your name and e-mail address (will not be stored)",
    "input_descriptors": [
      {
        "id": "c2834d0e-3c95-4721-b21a-40e3d7ea2549",
        "name": "DBC DIIP interop",
        "purpose": "To issue a new credential your DBC DIIP Guest credential is required.",
        "constraints": {
          "fields": [
            {
              "path": [
                "$.credentialSubject.name",
                "$.vc.credentialSubject.name"
              ],
              "filter": {
                "type": "string",
                "pattern": "^DBC.*$"
              }
            }
          ]
        }
      }
    ]
  },
  "nbf": 1710871846,
  "jti": "799fe99b-0137-4623-9793-1140f7216ca1",
  "iss": "did:jwk:eyJhbGciOiJFUzI1NksiLCJ1c2UiOiJzaWciLCJrdHkiOiJFQyIsImNydiI6InNlY3AyNTZrMSIsIngiOiI2SlQxMkdKbU5KOWVGOXp4N19HQm1SekR4TjV6ejExaFFPMnRsTEUtZWFRIiwieSI6IlB1TlZoLVdySi05b3RMdkpTWE5YTVFpM3o5cjFwRms4X09TdE02amhybEUifQ",
  "sub": "did:jwk:eyJhbGciOiJFUzI1NksiLCJ1c2UiOiJzaWciLCJrdHkiOiJFQyIsImNydiI6InNlY3AyNTZrMSIsIngiOiI2SlQxMkdKbU5KOWVGOXp4N19HQm1SekR4TjV6ejExaFFPMnRsTEUtZWFRIiwieSI6IlB1TlZoLVdySi05b3RMdkpTWE5YTVFpM3o5cjFwRms4X09TdE02amhybEUifQ"
}

As you can see, there is no such item like presentation_definition_uri in that payload, so I am not really sure where the problem is.

I would really appreciate help in solving it!
Thanks!

The text was updated successfully, but these errors were encountered:

robdefeo · 2024-10-01T14:53:09Z

Is there any update on this? It makes the demo very hard test otherwise

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Errors in SIOP flow using Sphereom Wallet #99

Errors in SIOP flow using Sphereom Wallet #99

flarocca commented Mar 19, 2024

robdefeo commented Oct 1, 2024

Errors in SIOP flow using Sphereom Wallet #99

Errors in SIOP flow using Sphereom Wallet #99

Comments

flarocca commented Mar 19, 2024

robdefeo commented Oct 1, 2024