Skip to content

SmartFactory-KL/didwebkit

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
did
did
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 

Repository files navigation

did:web kit

A pragmatic tool to work with did:web.

Important

This is not meant to be compliant with any spec, it just works for us. Use at your own risk.

What it contains

This component has multiple parts:

  • DID & DID Document & DID Publisher
  • DID Resolver & Verifier

The first part is meant to be used to create and publish a DidDocument while the second part is to retrieve and verify a DidDocument.

Important

As stated before, this does not apply to any spec. The crypto stuff we chose just works but is probably not complete or robust.

DID

There is no struct representing a DID, as it is handled as a simple string. The main method is DidWebToUrl(did string, options ...DidUrlOption) to convert a string did into a http(s) URL. Only one option is available, being WithHttpsEnabled(bool) (which is optional and defaults to false).

DID Document

Mainly presents the CreateDidDocument(option ...DidCreateOption) method. Available options are:

Option Required Description
WithDid(string) yes Which did to put into the document
WithPublicKey(*ecdsa.PublicKey) yes Which key to use for verificationMethod
WithServices([]ServiceItem) no Services to add to the DID
WithKeyId(string) no key id to use for verification method. defaults to auth-key resulting in did#auth-key as ID of verification method

DID Publisher

To create the publisher, use pub, err := NewDidPublisher(options ...DidPublishOption) with the only mandatory option being WithDidDocument(*didDocument). Then use pub.RegisterHandlerFunc() to add the default paths for the didDocument to a http.ServeMux

DID Resolver

To create the resolver, use resolver, err := NewDidDocumentResolver(options ...DidResolverOption) with options being:

Option Required Description
WithHttpClient(*http.Client) no Http Client to use. A default client is generated when this is not provided
WithDidHttpsEnabled(bool) no Whether or not to use http for did to url. default to false

To then actually request a remote did, use resolver.RequestRemoteDidDocument(didString). This should return a didDocument to be used.

DID Verifier

Important

This is only intended for internal use, mostly within a mock dataspace. Do not use anywhere near anything productive.

The DID Verifier checks a Json Web Token using a DID and the DID Document. The JWT is expected to have:

  • a kid header containing the key-id to use
  • a alg header
  • the issuer claim to be set to the did of the caller
  • at most one signature
  • a key-id that is present within the Authentication or Assertion Method of the DID as well as the verification method

First, create a verifier using verifier := NewDidVerifier(options ...DidVerifierOption) with the only mandatory option being WithDidResolver(resolver) using a DidResolver from earlier.

To verify a token, call VerifyToken(string) with the unparsed jwt string - probably directly from an Authorization Header of the HTTP request. This method returns the verified JWT.

About

Pragmatic did web tooling

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases 1

v0.1.0 Initial Release Latest
Feb 4, 2026

Packages

No packages published

Languages