Verifiable Claims Credential Mediator Polyfill
Clone or download

README.md

authorization.io

A part of the solution to the NASCAR login problem.

A live version of this site and a link to a demo can be found at beta.authn.io.

Background

A Credential Handler is an event handler for credential request and credential storage events. The Credential Handler API helps solve the Nascar Problem. The Credential Handler API enables websites to install Credential Handlers that can respond when users visit other websites that request or store credentials.

For example, a user may visit a website that wants them to login using OpenIdConnect, provide an OAuth Token, authenticate using a DID, or present some Verifiable Credentials. When these other websites use the Credential Handler API, the user is shown an in-browser selection screen with visual representations (e.g. icons and origin information) of only those Credential Handlers that they have been previously installed by the user and that are compatible with the website's request. Once the user makes a choice, the appropriate Credential Handler is loaded and a credential event is sent to it.

The Credential Handler receives the event via a Service Worker or, if the Credential Handler Polyfill is used, a simple page with no UI elements is loaded that uses the polyfill to receive and respond to the event.

The Credential Handler must respond to the event with a credential that fulfills the request. If necessary, the Credential Handler may open a window on its website's origin to allow the user to interact with its website prior to responding. This UI can be styled and shaped according to the website owner's brand using arbitrary JavaScript and HTML like any other webpage.

Credential Mediator

This software plays the Credential Mediator role described in Credential Handler API. It "polyfills" this role by running client-side code under a neutral third party origin. There is no "server" component to this software, it merely provides browser code that must be run in an independent third party origin to mimick the behavior that a behavior that implements the Credential Handler API would function.

Requirements

  • npm v5+
  • node v8.9+

Development

The following section explains how to setup and develop the authorization.io software on a local development machine.

Requirements

  • node.js
  • npm

Configuration

The options in the ./configs/authorization.dev.js file can be tuned to your environment as needed.

Setup

  • Install the dependencies (see below)
  • Map the authorization.localhost hostname to your localhost.

To install dependencies, do the following:

npm install

Running

Add a host alias (for example, edit /etc/hosts) to map authorization.localhost to localhost.

Run the following to start up a development server from the source directory:

node authorization.dev.js

To add more verbose debugging, use the --log-level option:

node authorization.dev.js --log-level debug

Usage

Access the server at the following URL: