pyeudiw 0.7.0

Python toolchain for building an OpenID4VP RP with a SATOSA backend compliant to the Italian Wallet Solution.

eudi-wallet-it-python

The EUDI Wallet Python toolchain is a suite of Python libraries designed to make it easy the implementation of an EUDI Wallet Relying Party according to the Italian Wallet implementation profile.

The toolchain contains the following components:

Name	Description
jwk	JSON Web Key (JWK) according to RFC7517.
jwt	Signed and encrypted JSON Web Token (JWT) according to RFC7519, RFC7515 and RFC7516
tools.qrcode	QRCodes creation
oauth2.dpop	Tools for issuing and parsing DPoP artifacts, according to OAuth 2.0 Demonstrating Proof-of-Possession at the Application Layer (DPoP)
federation	Trust evaluation mechanisms, according to OpenID Connect Federation 1.0
trust	Helper classes to handle both X.509 and OIDC Federation trust evaluation mechanisms
satosa.backend	SATOSA Relying Party backend, according to OpenID for Verifiable Presentations
openid4vp	Classes and schemas related to OpenID for Verifiable Presentations
presentation_exchange	Resources related to DiF Presentation Exchange
sd_jwt	Issuance and verification of SD-JWT according to Selective Disclosure for JWTs (SD-JWT)

Setup

Install enviroment and dependencies

sudo apt install python3-dev python3-pip git
sudo python3 -m pip install --upgrade pip
sudo python3 -m pip install virtualenv

Activate the environment. It's optional and up to you if you want to install in a separate env or system wide

virtualenv -p python3 env
source env/bin/activate

Install using pip:

pip install pyeudiw or pip install pyeudiw[satosa] for the satosa backend.

Install using github:

pip install git+https://github.com/italia/eudi-wallet-it-python

Usage

TBD. Here a section that points to the documentation of each single package and some common example about their usage for some specific tasks.

Name	Description
jwk	link to the API documentation .
jwt	link to the API documentation .
tools.qrcode	QRCodes creation.
oauth2.dpop	link to the API documentation .
federation	link to the API documentation .
trust	link to the API documentation .
satosa.backend	link to the API documentation .
openid4vp	link to the API documentation .
presentation_exchange	link to the API documentation .
sd_jwt	link to the API documentation .

Example project

The example project is a docker-compose that runs a demo composed by the following component:

• Wordpress with SAML2 support and Bootstrap Italia template preregistered to the IAM Proxy.
• Satosa-Saml2Spid IAM Proxy with a preconfigured OpenID4VP backend.

Please read this README to get a fully working Wordpress setup with SAML2 support.

SatoSa configuration

SaToSa is a general purpose IAM proxy solution that allows interoperability between different entities that implements different authentication protocols such as SAML2, OpenID Connect and OAuth2. This project offers a SaToSa backend to enable the OpenID4VP protocol.

Please read this README any details about how to configure SaToSa with the OpenID4VP Relying Party backend.

Contribute

Your contribution is welcome, no question is useless and no answer is obvious, we need you.

Contribute as end user

Please open an issue if you've found a bug or if you want to ask some features.

Contribute as developer

Please open your Pull Requests on the dev branch. Please consider the following branches:

• main: where we merge the code before tag a new stable release.
• dev: where we push our code during development.
• other-custom-name: where a new feature/contribution/bugfix will be handled, revisioned and then merged to dev branch.

Authors

• Giuseppe De Marco
• Pasquale De Rose
• Alessio Murru
• Salvatore Laiso
• Nicola Saitto