Verify Presentation

Using the verifiable credentials library to verify verifiable presentations signed as JWT (JWT-VPs).

We will be using the verifyPresentation() function on the Verifier class. The function can be configured to apply verification policies, you can find here, to the verifiable presentation, all credentials in the presentation or specific credentials as shown in the example below.

We also need to initialise the DID service so that the Verifier class can resolve the DID present in the to be verified credential. Learn more about DIDs and how they can be managed here.

Kotlin
import id.walt.credentials.verification.Verifier
import id.walt.credentials.verification.models.PolicyRequest
import id.walt.credentials.verification.policies.ExpirationDatePolicy
import id.walt.credentials.verification.policies.JwtSignaturePolicy
import id.walt.credentials.verification.policies.vp.HolderBindingPolicy
import id.walt.did.dids.DidService


suspend fun main() {
  // Initialise DID Service to be able to resolve DIDs
  DidService.minimalInit()

  val verifier = Verifier

  // JWT of the presentation to verify 
  val presentationJwt = "eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCIsImtpZCI6ImRpZDprZXk6ejZNa2hmcGNjV2JaS1J1cUZ2RkxwWmh5ZUI0WVl0VjhiSnkzN2pMNmlpRTdOZjdiI3o2TWtoZnBjY1diWktSdXFGdkZMcFpoeWVCNFlZdFY4Ykp5MzdqTDZpaUU3TmY3YiJ9.eyJzdWIiOiJkaWQ6a2V5Ono2TWtoZnBjY1diWktSdXFGdkZMcFpoeWVCNFlZdFY4Ykp5MzdqTDZpaUU3TmY3YiIsIm5iZiI6MTcwNTUwMzE2NCwiaWF0IjoxNzA1NTAzMjI0LCJqdGkiOiJ1cm46dXVpZDo5YWI2YTMzNi03MTFlLTQwMWEtOWQ3NS1mMGNkM2EzMWFkMTAiLCJpc3MiOiJkaWQ6a2V5Ono2TWtoZnBjY1diWktSdXFGdkZMcFpoeWVCNFlZdFY4Ykp5MzdqTDZpaUU3TmY3YiIsIm5vbmNlIjoiMjAzOTQwMjkzNDAiLCJ2cCI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSJdLCJ0eXBlIjpbIlZlcmlmaWFibGVQcmVzZW50YXRpb24iXSwiaWQiOiJ1cm46dXVpZDo5YWI2YTMzNi03MTFlLTQwMWEtOWQ3NS1mMGNkM2EzMWFkMTAiLCJob2xkZXIiOiJkaWQ6a2V5Ono2TWtoZnBjY1diWktSdXFGdkZMcFpoeWVCNFlZdFY4Ykp5MzdqTDZpaUU3TmY3YiIsInZlcmlmaWFibGVDcmVkZW50aWFsIjpbImV5SmhiR2NpT2lKRlpFUlRRU0lzSW10cFpDSTZJbVJwWkRwclpYazZlalpOYTNKaFVUZG1URk5HWTB4dk1tSnpORmhNTmtjelMwZE5VRmhaZDJWUWIxbFVkemhFWVVOQ1VVeFNWRlJ3SW4wLmV5SnBjM01pT2lKa2FXUTZhMlY1T25vMlRXdHlZVkUzWmt4VFJtTk1iekppY3pSWVREWkhNMHRIVFZCWVdYZGxVRzlaVkhjNFJHRkRRbEZNVWxSVWNDSXNJbk4xWWlJNkltUnBaRHByWlhrNmVqWk5hMmhtY0dOalYySmFTMUoxY1VaMlJreHdXbWg1WlVJMFdWbDBWamhpU25rek4ycE1ObWxwUlRkT1pqZGlJaXdpZG1NaU9uc2lRR052Ym5SbGVIUWlPbHNpYUhSMGNITTZMeTkzZDNjdWR6TXViM0puTHpJd01UZ3ZZM0psWkdWdWRHbGhiSE12ZGpFaUxDSm9kSFJ3Y3pvdkwzQjFjbXd1YVcxeloyeHZZbUZzTG05eVp5OXpjR1ZqTDI5aUwzWXpjREF2WTI5dWRHVjRkQzB6TGpBdU1pNXFjMjl1SWwwc0luUjVjR1VpT2xzaVZtVnlhV1pwWVdKc1pVTnlaV1JsYm5ScFlXd2lMQ0pQY0dWdVFtRmtaMlZEY21Wa1pXNTBhV0ZzSWwwc0ltTnlaV1JsYm5ScFlXeFRkV0pxWldOMElqcDdJblI1Y0dVaU9sc2lRV05vYVdWMlpXMWxiblJUZFdKcVpXTjBJbDBzSW1GamFHbGxkbVZ0Wlc1MElqcDdJbWxrSWpvaWRYSnVPblYxYVdRNllXTXlOVFJpWkRVdE9HWmhaQzAwWW1JeExUbGtNamt0Wldaa09UTTROVE0yT1RJMklpd2lkSGx3WlNJNld5SkJZMmhwWlhabGJXVnVkQ0pkTENKdVlXMWxJam9pU2taR0lIZ2dkbU10WldSMUlGQnNkV2RHWlhOMElETWdTVzUwWlhKdmNHVnlZV0pwYkdsMGVTSXNJbVJsYzJOeWFYQjBhVzl1SWpvaVZHaHBjeUIzWVd4c1pYUWdjM1Z3Y0c5eWRITWdkR2hsSUhWelpTQnZaaUJYTTBNZ1ZtVnlhV1pwWVdKc1pTQkRjbVZrWlc1MGFXRnNjeUJoYm1RZ2FHRnpJR1JsYlc5dWMzUnlZWFJsWkNCcGJuUmxjbTl3WlhKaFltbHNhWFI1SUdSMWNtbHVaeUIwYUdVZ2NISmxjMlZ1ZEdGMGFXOXVJSEpsY1hWbGMzUWdkMjl5YTJac2IzY2daSFZ5YVc1bklFcEdSaUI0SUZaRExVVkVWU0JRYkhWblJtVnpkQ0F6TGlJc0ltTnlhWFJsY21saElqcDdJblI1Y0dVaU9pSkRjbWwwWlhKcFlTSXNJbTVoY25KaGRHbDJaU0k2SWxkaGJHeGxkQ0J6YjJ4MWRHbHZibk1nY0hKdmRtbGtaWEp6SUdWaGNtNWxaQ0IwYUdseklHSmhaR2RsSUdKNUlHUmxiVzl1YzNSeVlYUnBibWNnYVc1MFpYSnZjR1Z5WVdKcGJHbDBlU0JrZFhKcGJtY2dkR2hsSUhCeVpYTmxiblJoZEdsdmJpQnlaWEYxWlhOMElIZHZjbXRtYkc5M0xpQlVhR2x6SUdsdVkyeDFaR1Z6SUhOMVkyTmxjM05tZFd4c2VTQnlaV05sYVhacGJtY2dZU0J3Y21WelpXNTBZWFJwYjI0Z2NtVnhkV1Z6ZEN3Z1lXeHNiM2RwYm1jZ2RHaGxJR2h2YkdSbGNpQjBieUJ6Wld4bFkzUWdZWFFnYkdWaGMzUWdkSGR2SUhSNWNHVnpJRzltSUhabGNtbG1hV0ZpYkdVZ1kzSmxaR1Z1ZEdsaGJITWdkRzhnWTNKbFlYUmxJR0VnZG1WeWFXWnBZV0pzWlNCd2NtVnpaVzUwWVhScGIyNHNJSEpsZEhWeWJtbHVaeUIwYUdVZ2NISmxjMlZ1ZEdGMGFXOXVJSFJ2SUhSb1pTQnlaWEYxWlhOMGIzSXNJR0Z1WkNCd1lYTnphVzVuSUhabGNtbG1hV05oZEdsdmJpQnZaaUIwYUdVZ2NISmxjMlZ1ZEdGMGFXOXVJR0Z1WkNCMGFHVWdhVzVqYkhWa1pXUWdZM0psWkdWdWRHbGhiSE11SW4wc0ltbHRZV2RsSWpwN0ltbGtJam9pYUhSMGNITTZMeTkzTTJNdFkyTm5MbWRwZEdoMVlpNXBieTkyWXkxbFpDOXdiSFZuWm1WemRDMHpMVEl3TWpNdmFXMWhaMlZ6TDBwR1JpMVdReTFGUkZVdFVFeFZSMFpGVTFRekxXSmhaR2RsTFdsdFlXZGxMbkJ1WnlJc0luUjVjR1VpT2lKSmJXRm5aU0o5ZlN3aWFXUWlPaUprYVdRNmEyVjVPbm8yVFd0elJtNWhlRFo0UTBKWFpHODJhR2htV2pkd1JYTmllV0Z4T1UxTlRtUnRRVUpUTVU1eVkwTkVXa3B5TXlKOUxDSnBaQ0k2SW5WeWJqcDFkV2xrT2pReE56ZGxNRFE0TFRsaE5HRXRORGMwWlMwNVpHTTJMV0ZsWkRSbE5qRmhOalF6T1NJc0ltbHpjM1ZsY2lJNkltUnBaRHByWlhrNmVqWk5hM05HYm1GNE5uaERRbGRrYnpab2FHWmFOM0JGYzJKNVlYRTVUVTFPWkcxQlFsTXhUbkpqUTBSYVNuSXpJaXdpYVhOemRXRnVZMlZFWVhSbElqb2lNakF5TkMwd01TMHhOMVF4TkRvMU16bzBOQzQzTmpRNE1qTmFJaXdpWlhod2FYSmhkR2x2YmtSaGRHVWlPaUl5TURJNUxUQTNMVEE1VkRFME9qVXpPalEwTGpjMk5UTTJOVm9pTENKdVlXMWxJam9pU2taR0lIZ2dkbU10WldSMUlGQnNkV2RHWlhOMElETWdTVzUwWlhKdmNHVnlZV0pwYkdsMGVTSjlmUS5BS1RsUW5INUZUb3EyZ0hHdGxoc1NscHp6TGZfdU12ZmhxbV80OWhsMTBpN0N3MnBOWkhJYjMyTi1QV2lWOFVTcmVZZmJ2MklkTC1NcGFLWF9IekNDdyJdfX0.U0MEUTd6OfCXXO3PPMnywpytEQoeCuPqkqJ2fhBQlPr0SPVAM7R9_SiFr54urKknD73YSWlZ_73gfxE0zNnxAA"


  // Policies that should be applied to Verifiable Presentation.
  val vpPolicies = listOf(
          PolicyRequest(HolderBindingPolicy())
          // other policies ...
  )

  // Global policies that are applied to ALL verifiable credentials in the Verifiable Presentation.
  val globalVcPolicies = listOf(
          PolicyRequest(JwtSignaturePolicy())
          // other policies ...
  )

  // Specify policies for specific credential types.
  val specificCredentialPolicies = mapOf(
          "OpenBadgeCredential" to listOf(PolicyRequest(ExpirationDatePolicy()))
          // other policies ...
  )

  // Context is optional and it's an empty map by default.
  val presentationContext = mapOf<String, Any>()

  // Verify the presentation
  val result = verifier.verifyPresentation(
          presentationJwt,
          vpPolicies,
          globalVcPolicies,
          specificCredentialPolicies,
          presentationContext
  )

  println(result.overallSuccess())
}

Arguments:

  • vpTokenJwt: Provide the full VP Token
  • vpPolicies: Provide the policies you'd like to run over the full VP (execute once with the VP as argument)
  • globalVcPolicies: Provide the policies you'd like to run for every VC (executed for every VC in the VP)
  • specificCredentialPolicies: Provide a mapping of a credential Type to a list of policies to run on the specific credential type
    • A specific type mapping executes the list of policies mapped for the specific type for every VC in the VP that has that specific type
  • presentationContext: Optionally provide context to the verification policies, e.g. presentationDefinition for the PresentationDefinitionPolicy, challenge to compare the required nonce, etc.
Verify CredentialOpen-Source