From 01a6cd03c0df3e8d0dff46131aa86ef5eae20946 Mon Sep 17 00:00:00 2001 From: przydatek Date: Tue, 12 Mar 2024 14:04:15 +0100 Subject: [PATCH] Update spec on VC issuer's derivation_origin (#2357) --- demos/vc_issuer/src/main.rs | 2 +- demos/vc_issuer/tests/issue_credential.rs | 2 +- docs/vc-spec.md | 11 +++++++---- 3 files changed, 9 insertions(+), 6 deletions(-) diff --git a/demos/vc_issuer/src/main.rs b/demos/vc_issuer/src/main.rs index e28354f8c4..59c75cde3a 100644 --- a/demos/vc_issuer/src/main.rs +++ b/demos/vc_issuer/src/main.rs @@ -101,7 +101,7 @@ impl Storable for IssuerConfig { impl Default for IssuerConfig { fn default() -> Self { - let derivation_origin = format!("https://{}.ic0.app", ic_cdk::id().to_text()); + let derivation_origin = format!("https://{}.icp0.io", ic_cdk::id().to_text()); Self { ic_root_key_raw: extract_raw_root_pk_from_der(IC_ROOT_PK_DER) .expect("failed to extract raw root pk from der"), diff --git a/demos/vc_issuer/tests/issue_credential.rs b/demos/vc_issuer/tests/issue_credential.rs index 82ea1772ee..67a589e88a 100644 --- a/demos/vc_issuer/tests/issue_credential.rs +++ b/demos/vc_issuer/tests/issue_credential.rs @@ -340,7 +340,7 @@ fn should_fail_vc_consent_message_if_missing_required_argument() { fn should_return_derivation_origin() { let env = env(); let canister_id = install_canister(&env, VC_ISSUER_WASM.clone()); - let frontend_hostname = format!("https://{}.ic0.app", canister_id.to_text()); + let frontend_hostname = format!("https://{}.icp0.io", canister_id.to_text()); let req = DerivationOriginRequest { frontend_hostname }; let response = api::derivation_origin(&env, canister_id, principal_1(), &req) .expect("API call failed") diff --git a/docs/vc-spec.md b/docs/vc-spec.md index 4b570176a4..7db032c9c7 100644 --- a/docs/vc-spec.md +++ b/docs/vc-spec.md @@ -98,11 +98,14 @@ credential by an issuer, and this happens by approving a human-readable consent Identity provider uses a VC-extension of [ICRC-21](https://github.com/dfinity/wg-identity-authentication/blob/main/topics/icrc_21_consent_msg.md), and requests the consent message via `Icrc21VcConsentMessageRequest`, Upon successful response idenity provider displays the consent message from `Icrc21ConsentInfo` to the user. -### 2: Derivation Origin (optional) +### 2: Derivation Origin + +The issuer must implement also `derivation_origin`-API, which allows for taking the advantage +of the [Alternative Derivation Origins](https://internetcomputer.org/docs/current/references/ii-spec#alternative-frontend-origins)-feature. +`derivation_origin` is called by the identity provider to obtain an URL to be used as the derivation origin +for user's principal. If an issuer doesn't use the _Alternative Derivation Origins_-feature, +the function should return just the default value, namely the canister's URL: `https://.icp0.io`. -If an issuer wants to take advantage of the [Alternative Derivation Origins](https://internetcomputer.org/docs/current/references/ii-spec#alternative-frontend-origins)-feature, -it must implement `derivation_origin`-API, which then is called by the identity provider to -obtain an URL to be used as the derivation origin for user's principal. ```candid service: { derivation_origin : (DerivationOriginRequest) ->