kc-sig-fapi icon indicating copy to clipboard operation
kc-sig-fapi copied to clipboard

Published 20 hours ago verified publisher icon keycloak

Several changes based on OpenID4VCI

Open Captain-P-Goldfish opened this issue 7 months ago • 0 comments

Description

Hi we need some changes in the Keycloak because we are currently working on a protocol extension based on the FUNKEN challenge for OpenID4VCI: https://www.sprind.org/de/challenges/eudi-wallet-prototypes/

The challenge does not completely apply to the current states of the specification

  • https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0.html
  • https://openid.net/specs/openid-4-verifiable-presentations-1_0.html and therefore we need to customize some parts that will simply be custom-provider implementations.

For this I have already added a few pull-requests that are directly related to the challenge and that have blocked us in developing the customized providers:

At least one of these is a quick-fix because I am missing the time to make everything nice and clean

The changes that are a MUST for us are marked with required change

  • https://github.com/keycloak/keycloak/pull/29967 (required change)
  • https://github.com/keycloak/keycloak/pull/31077 (required change)
  • https://github.com/keycloak/keycloak/pull/31087 (required change - quick-fix)
  • https://github.com/keycloak/keycloak/pull/31000 (required change)
  • https://github.com/keycloak/keycloak/pull/30875 (required change)
  • https://github.com/keycloak/keycloak/pull/30961 (optional)
  • https://github.com/keycloak/keycloak/pull/30959 (optional)
  • https://github.com/keycloak/keycloak/pull/30920 (optional but recommeded)

there is also an issue on which a colleague of mine is currently working on. We could provide our own custom-implementaton for this but I think it is a good idea to support this natively in keycloak:

  • https://github.com/keycloak/keycloak/issues/30572
  • https://github.com/keycloak/keycloak/issues/30573

We will probably provide a few more pull-requests based on this. Would be great if the working group and core-team could support us to make at least the required changes available for keycloak 26.

Discussion

No response

Motivation

No response

Details

No response

Captain-P-Goldfish avatar Jul 10 '24 05:07 Captain-P-Goldfish