Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add a verifier for token status list, as well as issuer and verifier for bitstring status list. #1

Open
wants to merge 34 commits into
base: main
Choose a base branch
from
Open

Add a verifier for token status list, as well as issuer and verifier for bitstring status list. #1

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
34 commits
Select commit Hold shift + click to select a range
f3487a1
chore: readme
dbluhm Jul 6, 2024
45f6931
feat: first attempt at verification for jwt token status list, minor …
Dec 6, 2024
e2a92bd
fix: basic jwt verifier implemented and tested
Dec 9, 2024
c4ba042
fix: create test using es256, signature verification now matches issu…
Dec 9, 2024
53372de
chore: cleanup
Dec 9, 2024
58d5de7
feat: cwb verification done and tested
Dec 9, 2024
a735835
feat: support for parsing referenced tokens
Dec 9, 2024
fec3807
chore: save progress
Dec 9, 2024
1ee324e
fix: slightly more functional nginx server
Dec 13, 2024
39cb236
fix: add nginx info
Dec 13, 2024
f4ea94a
fix: refactoring, functional web server container with correct pdm be…
Dec 13, 2024
d3f5938
fix: refactor
Dec 13, 2024
9f97f11
feat: web server now issues actual credentials
Dec 20, 2024
1cccb12
feat: verification from web server is done
Dec 20, 2024
049f9c2
feat: add helper methods to TokenStatusListVerifier for serialising a…
Dec 20, 2024
8ff624a
fix: update readme, minor refactor
Dec 20, 2024
c064ff4
feat: create initial bitstring status list issuer, actual issuance is…
Dec 22, 2024
b6a95a8
feat: implement jwt format for bitstring statuslist issuer
Dec 22, 2024
2436710
fix: minor fix
Jan 13, 2025
1d27806
feat: initial verifier for bitstring status list
Jan 14, 2025
28b9add
chore: rename tests
Jan 14, 2025
cd516c7
fix: add support for embedding proofs
Jan 16, 2025
8ebfebc
fix: tests for embedding proofs
Jan 17, 2025
d262be4
fix: bugfix, bitstring status list now supports lists with multiple-b…
Jan 18, 2025
d32c3b5
feat: add test for statusMessage feature
Jan 18, 2025
051295d
fix: add support for multibit statuses to bitstring status list
Jan 18, 2025
57df28a
fix: add test for advanced sign/verify for bitstring status list
Jan 18, 2025
3e65ff1
fix: update readme
Jan 18, 2025
a0f942a
Update README.md
Athan13 Jan 18, 2025
9399f8a
fix: refactor token status list verifier
Jan 26, 2025
31cd172
gerge branch 'feature/verifier-status-list' of github.com:Indicio-tec…
Jan 26, 2025
73a6eb2
fix: refactor bitstring status list verifier
Jan 26, 2025
ff512c2
fix: add serialization/deserialization to bitstring-status-list, fix …
Jan 26, 2025
1df4254
fix: fix docstrings
Jan 26, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -129,6 +129,7 @@ venv/
ENV/
env.bak/
venv.bak/
.vscode

# Spyder project settings
.spyderproject
Expand Down
21 changes: 21 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1 +1,22 @@
# token-status-list

This is an implementation of [Token Status List Draft 6][spec] and [Bitstring Status List](https://www.w3.org/TR/vc-bitstring-status-list/).

[spec]: https://datatracker.ietf.org/doc/html/draft-ietf-oauth-status-list-06


## Features

- Support for 1, 2, 4, and 8 bits.
- Compression as required by the Specification (ZLIB at level 9)
- Formatting, signing, and verifying Status Lists as either JWT or CWT
- A `TokenSigner` and `TokenVerifier` protocol is defined so the user can Bring Their Own Crypto implementation
- Alternatively, methods for preparing payloads and assembling payload and signature bytes into the final token is also supported.
- Two Index Allocation strategies, Linear and Random
- Linear strategy will allocate indices serially
- Random strategy will allocate indices pseudo-randomly (as the list fills, speed is favored over randomness)
- Allocators contain state that must be persisted along side the status list itself
- IssuerStatusList and Allocators are serializeable so the user can persist them to the backend of their choice
- Basic example using Nginx web server as an issuer to simulate fetching and verifying a Status List
- Run using `docker-compose up -d && pytest tests/test_web_server.py`
- Scripts that are issued, as well as other information about issuer are in `tests/test_web_server`
8 changes: 8 additions & 0 deletions docker-compose.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
services:
issuer:
build:
context: .
dockerfile: tests/test_web_server/Dockerfile
ports:
- "3001:80"
restart: unless-stopped
850 changes: 809 additions & 41 deletions pdm.lock
View file
Open in desktop

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion pyproject.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ description = "Implementation of IETF Token Status List"
authors = [
{name = "Daniel Bluhm", email = "[email protected]"},
]
dependencies = []
dependencies = ["google-auth>=2.36.0", "requests>=2.32.3", "cryptography>=44.0.0", "overloading>=0.5.0", "aiohttp>=3.11.11", "pytest-asyncio>=0.25.2"]
requires-python = ">=3.10"
readme = "README.md"
license = {text = "Apache-2.0"}
Expand Down
Loading