Express.js
import { finalizeOID4VPPresentation, ResponseMode } from "@vaultie/document-rails";
import express from "express";
const app = express();
// Enable handling of multipart/form-data requests.
app.use(express.urlencoded({ extended: true }));
// This route handler is used to provide the wallet with the encoded presentation request.
//
// For this example, it is assumed that your application previously invoked `createOID4VPPresentation`
// and stored the resulting identifier of the OID4VP presentation within your application-specific database.
app.get("/presentationRequest/:requestId", async (_req, res) => {
console.log("Wallet attempted to fetch a presentation request");
// This string should be fetched from your database after storing the encoded presentation request obtained from Document Rails.
const request = "eyJhbGciOiJFUzI1NiIsIng1YyI...";
// The Content-Type header is static for all presentation requests and should be set to `application/oauth-authz-req+jwt`.
res.header("Content-Type", "application/oauth-authz-req+jwt");
res.status(200);
res.send(request);
});
// This route handler is used to catch wallet presentations.
app.post("/directPost/:requestId", async (req, res) => {
console.log("Wallet finalized the OID4VP presentation");
// When using ResponseMode.DirectPost, presentations are encoded within the `vp_token` field
// of the provided request body.
//
// Your application doesn't have to handle the field itself, it should just pass it to Document Rails instead.
const vp_token = JSON.parse(req.body.vp_token);
// Finalize the OID4VP presentation by providing the wallet response to Document Rails.
try {
const { credentials } = await finalizeOID4VPPresentation(
client,
accessToken,
organizationId,
oid4vpPresentationId,
{
type: ResponseMode.DirectPost,
vp_token,
trust_registries: [/* ... */],
},
);
console.log(`Received the following credentials: ${JSON.stringify(credentials)}`);
res.status(200);
} catch (e) {
console.error(`Invalid presentation: ${e}`);
res.status(400);
}
res.send({});
});