Skip to content

Add demo for OID4VP In-Task Auth Extension#629

Open
AlexanderShenshin wants to merge 1 commit into
a2aproject:mainfrom
AlexanderShenshin:feature/oid4vp-in-task-auth-demo
Open

Add demo for OID4VP In-Task Auth Extension#629
AlexanderShenshin wants to merge 1 commit into
a2aproject:mainfrom
AlexanderShenshin:feature/oid4vp-in-task-auth-demo

Conversation

@AlexanderShenshin

Copy link
Copy Markdown

Description

This PR adds a demo for experimental OID4VP In-Task Authorization Extension.

We have a basic sample in extension repo itself, but we also would like to add a more comprehensive demo/sample here for better discoverability.

Signed-off-by: Alexander Shenshin <alexander.shenshin@dsr-corporation.com>

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request introduces the OID4VP In-Task Authorization Extension — Partner Discount Vouchers Demo, which showcases an Agent-to-Agent (A2A) protocol integration with OID4VP using Genkit, OpenAI, and OWF Credo. Feedback on the implementation highlights a potential unhandled promise rejection in the merchant's asynchronous event listener onVerificationStateChanged if presentation evaluation fails. It is recommended to wrap this call in a try/catch block to handle errors gracefully and prevent process crashes or hanging waiters.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.

Comment on lines +283 to +298
private async onVerificationStateChanged(event: OpenId4VcVerificationSessionStateChangedEvent): Promise<void> {
const { verificationSession } = event.payload
if (verificationSession.state !== OpenId4VcVerificationSessionState.ResponseVerified) return

const contextId = verificationSession.getTag('contextId') as string | undefined
if (!contextId) return

const result = await this.evaluatePresentation(verificationSession.id)
this.authResults.set(contextId, result)

const waiter = this.authWaiters.get(contextId)
if (waiter) {
this.authWaiters.delete(contextId)
waiter(result)
}
}

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

high

The onVerificationStateChanged method is an asynchronous event listener. If evaluatePresentation throws an error (for example, if getVerifiedAuthorizationResponse fails), the promise will reject, resulting in an unhandled promise rejection. This can crash the process or leave the waiter hanging until the timeout.\n\nWrapping the call in a try/catch block ensures that any verification errors are caught, logged, and resolved gracefully, allowing the waiter to be notified immediately instead of waiting for the full timeout.

  private async onVerificationStateChanged(event: OpenId4VcVerificationSessionStateChangedEvent): Promise<void> {\n    const { verificationSession } = event.payload\n    if (verificationSession.state !== OpenId4VcVerificationSessionState.ResponseVerified) return\n\n    const contextId = verificationSession.getTag('contextId') as string | undefined\n    if (!contextId) return\n\n    let result: AuthResult\n    try {\n      result = await this.evaluatePresentation(verificationSession.id)\n    } catch (error) {\n      console.error('[Merchant] Error evaluating presentation:', error)\n      result = { approved: false, reason: error instanceof Error ? error.message : 'verification failed' }\n    }\n\n    this.authResults.set(contextId, result)\n\n    const waiter = this.authWaiters.get(contextId)\n    if (waiter) {\n      this.authWaiters.delete(contextId)\n      waiter(result)\n    }\n  }

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant