Improve error logging for x5c#141
Open
giovanni-riela wants to merge 10 commits into
Open
Conversation
giovanni-riela
force-pushed
the
feature/WLEO-1115-x5c-log
branch
from
18732f3 to
ec056a8
Compare
Contributor
There was a problem hiding this comment.
Pull request overview
This PR improves diagnostics around Wallet Attestation generation/signing (especially x5c handling) by threading tagged loggers through attestation-related functions, and it updates DCQL/VP-token logic to account for Wallet Attestation during V1.0 flows while refining DCQL failure reporting.
Changes:
- Add/propagate tagged loggers through wallet attestation loading and wallet-provider entity configuration signing.
- Extend credential/DCQL parsing to recognize Wallet Attestation credentials and include Wallet Attestation in DCQL validation inputs for V1.0 VP-token building.
- Improve DCQL failure-cause formatting to reduce noise and provide clearer per-stage failure details.
Reviewed changes
Copilot reviewed 10 out of 10 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
| tests/unit/wallet-attestation.unit.spec.ts | Pass a quiet tagged logger into loadAttestation calls. |
| src/types/credential.ts | Extend CredentialWithKey.typ to include oauth-client-attestation+jwt. |
| src/step/presentation/authorization-request-step.ts | Pass walletAttestation into buildVpToken. |
| src/step/issuance/authorize-step.ts | Pass walletAttestation into buildVpToken (currently via cast). |
| src/servers/wp-server.ts | Provide a tagged logger when building WP entity configuration. |
| src/orchestrator/wallet-presentation-orchestrator-flow.ts | Pass a tagged logger into loadAttestation. |
| src/orchestrator/wallet-issuance-orchestrator-flow.ts | Pass a tagged logger into loadAttestation. |
| src/logic/vpToken.ts | Add WA injection into DCQL credential list for V1.0 and introduce WA parsing helper. |
| src/logic/dcql.ts | Add WA parsing branch and refine DCQL failure reporting. |
| src/functions/load-attestation.ts | Add logger parameters and emit debug logs during signing/attestation creation. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
+183
to
+187
| return { | ||
| claims: claims as DcqlSdJwtVcCredential["claims"], | ||
| credential_format: "dc+sd-jwt", | ||
| cryptographic_holder_binding: true, | ||
| vct: "urn:eudi:pid:it:1", |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Motivation and Context
This PR enhances the diagnostic capabilities of the conformance test suite by improving logging during the wallet attestation and metadata generation processes, with a specific focus on x5c certificate
loading and signing. Additionally, it addresses a limitation in the V1.0 presentation flow where Wallet Attestation was not being correctly evaluated during DCQL-based credential selection. By treating
Wallet Attestation as a valid credential during validation and refining DCQL failure reporting, this update ensures more accurate test results and easier troubleshooting for federation-based flows.
JIRA Ticket: WLEO-1115