[SPIKE] integration spike of our Admin Dashboard + Boruta

[alexfigtree]

No description provided.

[patatoid]

@alexfigtree if you need any support do not hesitate to reach out.

EDIT

Going on the discussions we had while I performed a demo of boruta, I would identify the following required updates for full integration with the administration interface, that on top of the ones discussed for credential signature:

• a hook to create a boruta backend verifiable credential on credential template save
• build and trigger an agent_credentials flow on credential sending (~30ms)
• build and add the preatuhorized code flow url in the sent email
• use boruta admin APIs to integrate the templates and misc configuration in dcc admin
• create a boruta configuration file to setup the integration
  • trigger the configuration file upload on setup

The agent credentials grant type is still edge and needs further developments to be production-ready even if the code is already designed to be so. There are also the latest drafts of OID4VCI to implement, I think there are still adjustments to be done to be compatible with more wallets.

@dmitrizagidulin

[patatoid]

I made a local proof of concept of such an integration. Here are the minimal updates I had to have a working flow from credential template update to generate the OID4VCI link to be incorporated in the emails -> https://gist.github.com/patatoid/6ac4093b547a3802606509041d02d17c

Be aware that the changes won't work as it, boruta needs updates for the integration to be working properly.

To sum up the changes:

• on credential template save
  • formatting the credential template to update a boruta backend with its own templating schema
  • obtain an access token from boruta with backend update rights
  • update the backend with the formatted credential template
• on email sending obtain an agent token to build the preauthorized code URL that is to be incorporated

Those only give an idea of the amount of work for the integration and are definitely not production-ready.

[alexfigtree]

@patatoid Thanks for working on those changes. We're currently tied up in other work for for at least the next couple of quarters, but would still like to try and re-visit this integration later in the year. In particular, if there are parts of your work that can be generalizable (Open ID integration with the wallet, for example), we'd more more open to starting there.

[patatoid]

I will work on this, thank you for considering this integration, it would be great to see things like OpenID protocols support or recommendations as verifiable credentials.

LCW would be a good candidate for an OpenID integration, it requires quite a lot of work but still can be a good opportunity. Since the stewardship went to the OWF, how do you think it is possible to start the according developments?