Skip to content

Python toolchain for building an OpenID4VP RP with a SATOSA backend compliant with the Italian Wallet implementation profile

License

Notifications You must be signed in to change notification settings

italia/eudi-wallet-it-python

Repository files navigation

eudi-wallet-it-python

CI build Python version py-versions GitHub issues Get invited Join the #spid openid

The EUDI Wallet Python toolchain is a suite of Python libraries designed to make it easy the implementation of an EUDI Wallet Relying Party according to the Italian Wallet implementation profile.

The toolchain contains the following components:

Name Description
jwk JSON Web Key (JWK) according to RFC7517.
jwt Signed and encrypted JSON Web Token (JWT) according to RFC7519, RFC7515 and RFC7516
tools.qrcode QRCodes creation
oauth2.dpop Tools for issuing and parsing DPoP artifacts, according to OAuth 2.0 Demonstrating Proof-of-Possession at the Application Layer (DPoP)
federation Trust evaluation mechanisms, according to OpenID Federation 1.0
trust Helper classes to handle both X.509 and OpenID Federation trust evaluation mechanisms
satosa.backend SATOSA Relying Party backend, according to OpenID for Verifiable Presentations
openid4vp Classes and schemas related to OpenID for Verifiable Presentations
presentation_exchange Resources related to DiF Presentation Exchange
sd_jwt Issuance and verification of SD-JWT according to Selective Disclosure for JWTs (SD-JWT)

Setup

Install enviroment and dependencies

sudo apt install python3-dev python3-pip git
sudo python3 -m pip install --upgrade pip
sudo python3 -m pip install virtualenv

Activate the environment. It's optional and up to you if you want to install in a separate env or system wide

virtualenv -p python3 env
source env/bin/activate

Install using pip:

pip install pyeudiw or pip install pyeudiw[satosa] for the satosa backend.

Install using github:

pip install git+https://github.com/italia/eudi-wallet-it-python

Optionally for generate the documentation you need to install the following packages: pip install sphinx sphinx_rtd_theme

Documentation

The API documentation is available in the githubpages, here.

In the docs/ folder there are some common example for some specific tasks.

Build the Documentation

For generate the documentaation enter in the terminal the following commands. The last argument is the exclude path, unit tests are then excluded from the API documentation.

cd docs
sphinx-apidoc -o ./source ../pyeudiw ../pyeudiw/tests
make html

Example project

The example project is a docker-compose that runs a demo composed by the following component:

  • Wordpress with SAML2 support and Bootstrap Italia template preregistered to the IAM Proxy.
  • Satosa-Saml2Spid IAM Proxy with a preconfigured OpenID4VP backend.

Please read this README to get a fully working Wordpress setup with SAML2 support.

SatoSa configuration

SaToSa is a general purpose IAM proxy solution that allows interoperability between different entities that implements different authentication protocols such as SAML2, OpenID Connect and OAuth2. This project offers a SaToSa backend to enable the OpenID4VP protocol.

There is a SaToSa distribution, created by the Developers Italia community, pre-configured to facilitate integration with the Italian National Digital Identity Systems, it is Satosa-Saml2Spid.

Please read this README any details about how to configure SaToSa with the OpenID4VP Relying Party backend.

Contribute

Your contribution is welcome, no question is useless and no answer is obvious, we need you.

Contribute as end user

Please open an issue if you've found a bug or if you want to ask some features.

Contribute as developer

Please open your Pull Requests on the dev branch. Please consider the following branches:

  • main: where we merge the code before tag a new stable release.
  • dev: where we push our code during development.
  • other-custom-name: where a new feature/contribution/bugfix will be handled, revisioned and then merged to dev branch.

Authors

  • Giuseppe De Marco
  • Thomas Chiozzi
  • Elisa Nicolussi Paolaz

Acknowledgments

  • Pasquale De Rose
  • Salvatore Laiso
  • Alessio Murru
  • Nicola Saitto

About

Python toolchain for building an OpenID4VP RP with a SATOSA backend compliant with the Italian Wallet implementation profile

Resources

License

Stars

Watchers

Forks

Packages

No packages published