#4067: Credential selection when multiple credential from wallet match#4137
Merged
stevenvegt merged 2 commits intomasterfrom Apr 1, 2026
Merged
#4067: Credential selection when multiple credential from wallet match#4137stevenvegt merged 2 commits intomasterfrom
stevenvegt merged 2 commits intomasterfrom
Conversation
* #4088: Extract CredentialSelector and refactor matchConstraints Introduces CredentialSelector function type and FirstMatchSelector. Refactors matchConstraints to collect all matching VCs per input descriptor, then call the selector to pick one. Match delegates to MatchWithSelector with FirstMatchSelector. No behavior change — all existing tests pass. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * #4088: Add SetCredentialSelector to PresentationSubmissionBuilder Adds SetCredentialSelector method to configure a custom CredentialSelector on the builder. Build passes it through to MatchWithSelector. Falls back to FirstMatchSelector when not set. Tests verify: custom selector picks non-first credential, default behavior preserved, selector receives all matching candidates. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * #4088: Document CredentialSelector contract, add ErrMultipleCredentials CredentialSelector doc now describes return value semantics: when to return nil (unfulfilled), ErrNoCredentials (no match), or ErrMultipleCredentials (ambiguous). Adds error propagation test. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * #4088: Soft-fail ErrNoCredentials for submission requirements compatibility When a CredentialSelector returns ErrNoCredentials, treat it as a nil selection (unfulfilled descriptor) instead of a hard failure. This allows submission requirements with pick rules (e.g., min: 0) to evaluate whether zero fulfilled descriptors is acceptable. ErrMultipleCredentials and other errors remain hard failures. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * #4120: Selection CredentialSelector — filter candidates by PD field ID values (#4121) * #4120: Selection CredentialSelector — filter candidates by PD field ID values NewSelectionSelector creates a CredentialSelector that filters candidates using named field ID values from the credential_selection API parameter. Selection keys are validated against PD field IDs at construction time. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * #4120: Simplify key validation with matchedKeys set Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * - Rename NewSelectionSelector → NewFieldSelector for clarity - Return matchConstraint errors instead of swallowing them - Simplify matchesSelections to assert string type directly - Add comment explaining constant-only matching design Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * #4121: Remove fallback parameter from NewFieldSelector Selectors are not composable — default behavior belongs in the builder. NewFieldSelector now returns (nil, nil) for unmatched descriptors, and the builder falls back to FirstMatchSelector when a selector returns (nil, nil) with candidates available. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * #4090: Wire credential_selection through API to presenter (#4122) * #4090: RED — e2e test for credential_query selection Adds a credential_query test to the RFC021 e2e flow: - Issues two NutsOrganizationCredentials with different org names - Uses credential_query to select "Second Org B.V." by name - Verifies extended introspection contains the selected organization Test correctly fails: credential_query is currently ignored, so the default PD matcher picks "Caresoft B.V." instead of "Second Org B.V." Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * #4090: Wire credential_query through API to presenter - OpenAPI spec: add credential_query to ServiceAccessTokenRequest - Regenerate types and mocks - API handler: extract credential_query, convert to dcql.CredentialQuery - Client.RequestRFC021AccessToken: accept credentialQueries parameter - Wallet.BuildSubmission: accept credentialQueries parameter - Presenter: create DCQL selector when credentialQueries is non-empty - All existing tests pass with nil for new parameter Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * #4090: Wire credential_selection through API to presenter Replace credential_query (DCQL) with credential_selection (named parameters) throughout the callstack. The API accepts a simple map[string]string mapping PD field IDs to expected values, which is propagated through the IAM client, wallet, and presenter to NewSelectionSelector. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * #4090: Fix shellcheck issues, add presenter credential_selection test - Double-quote shell variables in e2e test to prevent globbing/splitting - Use single-quoted heredoc for JSON literal - Fix empty-response check to use proper test syntax - Add unit test for buildSubmission with credential_selection Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fixup: Use renamed NewFieldSelector in presenter Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * #4122: Address review feedback - Capitalize "field id" → "field ID" in OpenAPI spec - Add godoc for credentials and credentialSelection parameters - Document default behavior when credential_selection is omitted - Add comment explaining FirstMatchSelector fallback - Add comment explaining nil credential_selection is safe (read-only) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * #4122: Remove fallback parameter from NewFieldSelector call The builder now handles the fallback to FirstMatchSelector when a selector returns (nil, nil), so the explicit fallback argument is no longer needed. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
stevenvegt
requested review from
gerardsn,
reinkrul and
woutslakhorst
as code owners
0 new issues
|
|
Coverage Impact ⬆️ Merging this pull request will increase total coverage on Modified Files with Diff Coverage (9)
🤖 Increase coverage with AI coding...🚦 See full report on Qlty Cloud » 🛟 Help
|
reinkrul
reviewed
Mar 30, 2026
reinkrul
requested changes
Mar 31, 2026
- Support all JSON scalar types (string, float64, bool) in field value matching via type switch, not just strings - Move CredentialSelector type and FirstMatchSelector to selector.go - Add test for numeric field value matching Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
reinkrul
approved these changes
Mar 31, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR closes #4067 and adds an credentian_selector parameter to the access token request so the API user is able to deterministically select a specific credential in case of more than one candidate. E.g. the PatientEnrollmentCredential with one VC per patient.
This PR contains all squashed commits from the approved PRs in the chain.