def sign(credential, pvk, method="ethr"):
"""
@method str
default is is ethr
tz (tz2)
@credential is dict
return is str
Both curve secp256k1 and "alg" :"ES256K-R"
"""
if not method:
method = 'ethr'
key = ethereum_to_jwk256kr(pvk)
did = didkit.keyToDID(method, key)
vm = didkit.keyToVerificationMethod(method, key)
credential["issuer"] = did
credential["issuanceDate"] = datetime.now().strftime('%Y-%m-%dT%H:%M:%SZ')
didkit_options = {
"proofPurpose": "assertionMethod",
"verificationMethod": vm
}
return didkit.issueCredential(
#credential.__str__().replace("'", '"'),
json.dumps(credential, ensure_ascii=False),
didkit_options.__str__().replace("'", '"'),
key)
def testIssuesCredentials(self):
credential = didkit.issueCredential(
tests.credential.__str__().replace("'", '"'),
tests.verificationMethod.__str__().replace("'", '"'), tests.key)
verifyResult = json.loads(
didkit.verifyCredential(credential.__str__().replace("'", '"'),
"{\"proofPurpose\":\"assertionMethod\"}"))
self.assertEqual(len(verifyResult["errors"]), 0)
def sign(credential, pvk, did, rsa=None):
""" sign credential for did:ethr, did:tz, did:web
@method is str
ethr (default method) -> curve secp256k1 and "alg" :"ES256K-R"
tz (tz2) -> curve secp256k1 with "alg" :"ES256K-R"
web -> curve secp256k1 with "alg" :"ES256K" or RSA
@credential is dict
return is str
"""
method = did.split(':')[1]
if method == 'web' and not rsa:
key = ethereum_to_jwk256k(pvk)
vm = did + "#key-1"
elif method == 'web' and rsa:
key = jwk.JWK.from_pem(rsa.encode())
key = key.export_private()
vm = did + "#key-2"
elif method == 'ethr':
key = ethereum_to_jwk256kr(pvk)
vm = did + "#controller"
elif method == 'tz':
key = ethereum_to_jwk256kr(pvk)
vm = did + "#blockchainAccountId"
else:
logging.error('method not supported')
return None
didkit_options = {
"proofPurpose": "assertionMethod",
"verificationMethod": vm
}
signed_credential = didkit.issueCredential(
json.dumps(credential, ensure_ascii=False),
didkit_options.__str__().replace("'", '"'), key)
# verify credential before leaving
if json.loads(didkit.verifyCredential(signed_credential, '{}'))["errors"]:
logging.error('signature failed')
return None
return signed_credential
def issueCredential(request):
with open(KEY_PATH, "r") as f:
key_file = File(f)
key = json.loads(key_file.readline())
key_file.close()
location = request.META.get("HTTP_X_LOCATION", "/didkit/")
didWeb = "did:web:" + \
request.META["HTTP_HOST"] + \
':'.join(location[:-1].split('/'))
subject = request.POST.get('subject_id').__str__()
gitCoinTrustBonus = float(request.POST.get('gitCoinTrustBonus')).__str__()
issuance_date = datetime.utcnow().replace(microsecond=0)
expiration_date = issuance_date + timedelta(weeks=4)
credential = {
"@context": ["https://www.w3.org/2018/credentials/v1"],
"type": ["VerifiableCredential"],
"issuer": didWeb,
"issuanceDate": issuance_date.isoformat() + "Z",
"expirationDate": expiration_date.isoformat() + "Z",
"credentialSubject": {
"@context": [{
"gitCoinTrustBonus": {
"@id": "https://gitcoin.co/gitCoinTrustBonus",
"@type": "https://schema.org/Float"
}
}],
"id":
subject,
"gitCoinTrustBonus":
gitCoinTrustBonus,
},
}
didkit_options = {
"proofPurpose": "assertionMethod",
"verificationMethod": didWeb + "#main",
}
credential = didkit.issueCredential(
json.dumps(credential),
json.dumps(didkit_options),
json.dumps(key),
)
return json.loads(credential)
def issueCredential(request):
session_id = request.args.get("session_id")
session_data = stripe.checkout.Session.retrieve(session_id)
with open('key.jwk', "r") as f:
key = f.readline()
f.close()
did_key = request.form.get('subject_id', didkit.keyToDID("key", key))
verification_method = didkit.keyToVerificationMethod("key", key)
issuance_date = datetime.utcnow().replace(microsecond=0)
expiration_date = issuance_date + timedelta(weeks=4)
credential = {
"id":
"urn:uuid:" + uuid.uuid4().__str__(),
"@context": [
"https://www.w3.org/2018/credentials/v1",
"https://www.w3.org/2018/credentials/examples/v1",
],
"type": ["VerifiableCredential"],
"issuer":
did_key,
"issuanceDate":
issuance_date.isoformat() + "Z",
"expirationDate":
expiration_date.isoformat() + "Z",
"credentialSubject": {
"@context": [{
"email": "https://schema.org/Text"
}],
"id": "urn:uuid:" + uuid.uuid4().__str__(),
"email": session_data["customer_details"]["email"]
},
}
didkit_options = {
"proofPurpose": "assertionMethod",
"verificationMethod": verification_method,
}
credential = didkit.issueCredential(
credential.__str__().replace("'", '"'),
didkit_options.__str__().replace("'", '"'), key)
return json.loads(credential)
def sign(credential, pvk, did, rsa=None):
""" sign credential for did:ethr, did:tz, did:web
@method is str
ethr (default method) -> curve secp256k1 and "alg" :"ES256K-R"
tz (tz2) -> curve secp256k1 with "alg" :"ES256K-R"
web -> curve secp256k1 with "alg" :"ES256K" or RSA
@credential is dict
return is str
"""
method = did.split(':')[1]
if method == 'web' and not rsa:
key = ethereum_to_jwk256k(pvk)
vm = did + "#key-1"
elif method == 'web' and rsa:
key = jwk.JWK.from_pem(rsa.encode())
key = key.export_private()
#del key['kid']
vm = did + "#key-2"
else:
logging.error('method not supported')
return None
logging.info('key = %s', key)
logging.info('did = %s', did)
logging.info('vm = %s', vm)
didkit_options = {
"proofPurpose": "assertionMethod",
"verificationMethod": vm
}
return didkit.issueCredential(json.dumps(credential, ensure_ascii=False),
didkit_options.__str__().replace("'", '"'),
key)
def testRaisesOnIssueWithEmptyObjects(self):
with self.assertRaises(didkit.DIDKitException):
didkit.issueCredential("{}", "{}", "{}")
did = "did:key:" + pub_key.to_checksum_address()[2:]
did = didkit.keyToDID("ethr", key)
print("did = ", did)
verifmethod = didkit.keyToVerificationMethod("ethr", key)
print("verifimethod = ", verifmethod)
credential = {
"@context": "https://www.w3.org/2018/credentials/v1",
"type": ["VerifiableCredential"],
"issuer": did,
"issuanceDate": "2020-08-19T21:41:50Z",
"credentialSubject": {
"id": "did:example:d23dd687a7dc6787646f2eb98d0",
}
}
didkit_options = {
"proofPurpose": "assertionMethod",
"verificationMethod": verifmethod
}
credential = didkit.issueCredential(credential.__str__().replace("'", '"'),
didkit_options.__str__().replace("'", '"'),
key)
print(
didkit.verifyCredential(credential,
didkit_options.__str__().replace("'", '"')))