From fc7d7b4549eea9ee8e56791a86c3315156b083f4 Mon Sep 17 00:00:00 2001 From: Cayo Puigdefabregas Date: Mon, 11 Dec 2023 21:30:56 +0100 Subject: [PATCH] get roles from credential --- ereuse_devicehub/modules/oidc/views.py | 21 +++++++++++++++++---- 1 file changed, 17 insertions(+), 4 deletions(-) diff --git a/ereuse_devicehub/modules/oidc/views.py b/ereuse_devicehub/modules/oidc/views.py index 9e21d837..36f23c4b 100644 --- a/ereuse_devicehub/modules/oidc/views.py +++ b/ereuse_devicehub/modules/oidc/views.py @@ -223,17 +223,30 @@ class AllowCodeOidc4vpView(GenericMixin): def dispatch_request(self): self.vp_token = request.values.get("vp_token") - # pv= self.vp_token.split(".") - # token = json.loads(base64.b64decode(pv[1]).decode()) + pv = self.vp_token.split(".") + token = json.loads(base64.b64decode(pv[1]).decode()) headers = { 'Content-Type': 'application/json', 'Authorization': f'Bearer WALLET_INX_EBSI_PLUGIN_TOKEN' } + vcredential = token.get('vp', {}).get("verifiableCredential") + if not vcredential: + return + data = json.dumps({ "type": "VerificationRequest", - "jwtCredential": self.vp_token + "jwtCredential": vcredential }) - result = requests.post(WALLET_INX_EBSI_PLUGIN_URL, headers=headers, json=data) + result = requests.post(WALLET_INX_EBSI_PLUGIN_URL, headers=headers, data=data) + if result.status_code != 200: + return + + vps = json.loads(result.text) + if not vps.get('verified'): + return + roles = vps['credential']['credentialSubject'].get('role') + if not roles: + return return jsonify({"result": "ok"}) # if not self.code or not self.oidc: