Microsoft
Identity
Spec

Minimal example of DIF Presentation Exchange spec

2021-05-19 07:00

DIF Presentation Exchange is a lengthy spec that takes into account all possible use-cases, but below is a minimum that covers only MUSTs in the spec.

複雑と言われて敬遠されているDIFのPresentation Exchange規格ですが、オプションが多く、MUSTで必要な部分は最低限でした。

  1. Request
{
    "presentation_definition": {
      "id": "32f54163-7166-48f1-93d8-ff217bdb0653",
      "input_descriptors": [
        {
          "id": "ContosoUniversityCredential",
          "schema": {
            "uri": ["https://www.w3.org/2018/credentials/examples/v1/IDCardCredential"]
          }       
        }
      ]
}

A quick re-write of the spec text to make it clearer what is a MUST.

以下、規格の本文をわかりやすく書き直してみました。

The following properties are for use at the top-level of a Presentation Definition. Any properties that are not defined below MUST be ignored:

  • id - REQUIRED. The id value MUST be a unique identifier, such as a UUID.
  • input_descriptors - REQUIRED. The input_descriptors value MUST be an array of Input Descriptor Objects.

そして、

Input Descriptor Objects are composed as follows:

  • id - REQUIRED. The id value MUST be a string that does not conflict with the id of another Input Descriptor Object in the same Presentation Definition.
  • schema - REQUIRED. The schema value MUST be an array composed of objects as follows:
    • uri - REQUIRED. The uri MUST be a string consisting of a valid URI for an acceptable Claim schema.
  1. Response
"presentation_submission": {
    "id": "a30e3b91-fb77-4d22-95fa-871689c322e2",
    "definition_id": "32f54163-7166-48f1-93d8-ff217bdb0653",
    "descriptor_map": [
      {
        "id": "ContosoUniversityCredential",
        "path": "$.attestations.presentations.ContosoUniversityCredential",
        "format": "jwt_vp"
      }
    ]
  },
  "attestations": {
    "presentations": {
      "ContosoUniversityCredential": "<VP in a JWT format>"
    }
  }

A quick re-write of the spec text to make it clearer what is a MUST.

以下、規格の本文をわかりやすく書き直してみました。

The presentation_submission object MUST be included at the top-level of an Embed Target, or in the specific location described in the Embed Locations table in the Embed Target section below.

  • id - REQUIRED. The id value MUST be a unique identifier, such as a UUID.
  • definition_id - REQUIRED. The definition_id value MUST be the id value of a valid Presentation Definition.

  • descriptor_map - REQUIRED. The descriptor_map value MUST be an array of Input Descriptor Mapping Objects, composed as follows:

    • id - REQUIRED. The id value MUST be a string that matches the id property of the Input Descriptor in the Presentation Definition that this Presentation Submission is related to.

    • format - REQUIRED. The format value MUST be a string that matches one of the Claim Format Designation. This denotes the data format of the Claim.

    • path - REQUIRED. The path value MUST be a JSONPath string expression. The path property indicates the Claim submitted in relation to the identified Input Descriptor, when executed against the top-level of the object the Presentation Submission is embedded within.

たぶん、こんな感じ。意外とシンプル?