Issuer Metadata Problem wrt OID4VCI Draft13

[vanhoanHoang]

I have pulled all tested the v0.3 release and identify that we might have a problem related to metadata defined in the OID4VCI Draft 13.

In the Draft 13, for each element in credential_configurations_supported, there must be a credential_definition object which contains type and multiple optional properties.

However, by looking at the metadata in the Issuer API, I see that there are not credential_definition object in each supported credential configuration. More specifically, below is what exposed by Issuer API

{
    "BankId_jwt_vc_json": {
      "id": "BankId_jwt_vc_json",
      "format": "jwt_vc_json",
      "cryptographic_binding_methods_supported": [
        "did"
      ],
      "cryptographic_suites_supported": [
        "EdDSA",
        "ES256",
        "ES256K",
        "RSA"
      ],
      "types": [
        "VerifiableCredential",
        "BankId"
      ]
}

while the following should be exposed instead:

{
   "BankId_jwt_vc_json":{
      "id":"BankId_jwt_vc_json",
      "format":"jwt_vc_json",
      "cryptographic_binding_methods_supported":[
         "did"
      ],
      "cryptographic_suites_supported":[
         "EdDSA",
         "ES256",
         "ES256K",
         "RSA"
      ],
      "credential_definition":{
         "types":[
            "VerifiableCredential",
            "BankId"
         ]
      }
   }
}

Can you have a look at it ?

Cheer,
Hoan

[alegomes]

Thanks so much for your report, Hoan. It's a very nice contribution. We'll tackle it as soon as possible.

[severinstampler]

@chsavvaidis when you tackle this problem, please also take into consideration, that this credential_definition parameter only is used for W3C verifiable credentials. There's a different format for ISO/mdoc and IETF/sd-jwt-vc, which we should also support. thx