{ "info": { "_postman_id": "e6ed89ab-9b28-4bce-8769-59c1309f2fe8", "name": "OAuth Presentations Exchange Tutorial", "schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json" }, "item": [ { "name": "Holder gets Verifier's Token", "event": [ { "listen": "test", "script": { "exec": [ "// Token requests are expected to return a `200 Success` response code. Any", "// other response code should trigger a failure.", "pm.test(\"must return `200 Success` status\", function() {", " pm.response.to.have.status(200);", "});", "", "// The response should include an `access_token` value - this will be presented", "// to authenticated API endpoints in the `Authentication` header (see the last", "// testing code block for details on how this is persisted).", "pm.test(\"response body must include non-empty access_token\", function () {", " const { access_token } = pm.response.json()", " pm.expect(access_token).to.be.a('string').that.is.not.empty;", "});", "", "// The type of `access_token` returned by the token request is expected to be", "// `Bearer`.", "pm.test(\"response body must represent `Bearer` token\", function() {", " const { token_type } = pm.response.json()", " pm.expect(token_type).to.equal(\"Bearer\");", "});", "", "// The returned data includes an `expires_in` field that indicates time until", "// token expiration. Validate that this value is a whole number greater than", "// zero, as anything less than or equal to zero means that the `access_token`", "// is already expired.", "pm.test(\"returned token must expire in the future\", function() {", " const { expires_in } = pm.response.json()", " pm.expect(expires_in).to.be.above(0);", "});", "", "// The returned `access_token` value is persisted as a Postman collection", "// variable that can be accessed by other requests in the collection by calling", "// `pm.collectionVariables.get(\"issuer_access_token\")`.", "pm.test(\"`access_token` persisted to collectionVariables\", function() {", " const { access_token } = pm.response.json()", " pm.collectionVariables.set(\"verifier_access_token\", access_token);", "});" ], "type": "text/javascript" } } ], "request": { "auth": { "type": "noauth" }, "method": "POST", "header": [], "body": { "mode": "urlencoded", "urlencoded": [ { "key": "audience", "value": "{{VERIFIER_TOKEN_AUDIENCE}}", "type": "text" }, { "key": "client_id", "value": "{{VERIFIER_CLIENT_ID}}", "type": "text" }, { "key": "client_secret", "value": "{{VERIFIER_CLIENT_SECRET}}", "type": "text" }, { "key": "grant_type", "value": "client_credentials", "type": "text" }, { "key": "scope", "value": "{{VERIFIER_CLIENT_SCOPE}}", "type": "text" } ] }, "url": { "raw": "{{VERIFIER_TOKEN_ENDPOINT}}", "host": [ "{{VERIFIER_TOKEN_ENDPOINT}}" ] } }, "response": [] }, { "name": "Get Verifier Organization DIDs", "event": [ { "listen": "test", "script": { "exec": [ "pm.test(\"Status code is 200\", function () {", " pm.response.to.have.status(200);", "});", "", "pm.test(\"Issuer makes unauthenticated discovery of verifiers exchange endpoint. `verifier_exchange_endpoint` is persisted to collectionVariables\", function() {", " const { service } = pm.response.json().didDocument;", " pm.collectionVariables.set(\"verifier_exchange_endpoint\", service[0].serviceEndpoint);", "});", "", "" ], "type": "text/javascript" } } ], "protocolProfileBehavior": { "disabledSystemHeaders": {} }, "request": { "auth": { "type": "bearer", "bearer": [ { "key": "token", "value": "{{verifier_access_token}}", "type": "string" } ] }, "method": "GET", "header": [ { "key": "Accept", "value": "application/json", "type": "text" } ], "url": { "raw": "{{VERIFIER_API_BASE_URL}}/identifiers/{{VERIFIER_ORGANIZATION_DID_WEB}}", "host": [ "{{VERIFIER_API_BASE_URL}}" ], "path": [ "identifiers", "{{VERIFIER_ORGANIZATION_DID_WEB}}" ] } }, "response": [] }, { "name": "Presentation", "event": [ { "listen": "test", "script": { "exec": [ "", "// The expected response code for a \"Presentations Available\" request is", "// `200 Success`.", "pm.test(\"must return `200 Success` status\", function () {", " pm.response.to.have.status(200);", "});", "", "pm.test(\"Content-Type header is application/json\", () => {", " pm.expect(pm.response.headers.get('Content-Type')).to.include('application/json');", "});" ], "type": "text/javascript" } } ], "request": { "auth": { "type": "bearer", "bearer": [ { "key": "token", "value": "{{verifier_access_token}}", "type": "string" } ] }, "method": "POST", "header": [ { "key": "Accept", "value": "application/json", "type": "text" } ], "body": { "mode": "raw", "raw": "{\n \"@context\": [\n \"https://www.w3.org/2018/credentials/v1\",\n \"https://w3id.org/traceability/v1\"\n ],\n \"type\": [\n \"VerifiablePresentation\",\n \"TraceablePresentation\"\n ],\n \"verifiableCredential\": [\n {\n \"@context\": [\n \"https://www.w3.org/2018/credentials/v1\"\n ],\n \"id\": \"urn:uuid:07aa969e-b40d-4c1b-ab46-ded252003ded\",\n \"type\": [\n \"VerifiableCredential\"\n ],\n \"issuer\": \"did:key:z6MktiSzqF9kqwdU8VkdBKx56EYzXfpgnNPUAGznpicNiWfn\",\n \"issuanceDate\": \"2010-01-01T19:23:24Z\",\n \"credentialSubject\": {\n \"id\": \"did:key:z6MktiSzqF9kqwdU8VkdBKx56EYzXfpgnNPUAGznpicNiWfn\"\n },\n \"proof\": {\n \"type\": \"Ed25519Signature2018\",\n \"created\": \"2021-10-30T19:16:30Z\",\n \"verificationMethod\": \"did:key:z6MktiSzqF9kqwdU8VkdBKx56EYzXfpgnNPUAGznpicNiWfn#z6MktiSzqF9kqwdU8VkdBKx56EYzXfpgnNPUAGznpicNiWfn\",\n \"proofPurpose\": \"assertionMethod\",\n \"jws\": \"eyJhbGciOiJFZERTQSIsImI2NCI6ZmFsc2UsImNyaXQiOlsiYjY0Il19..puetBYS3pkYlYzAecBiT-WkigYAlVbslrz9wPFnk9JW4AwjrpJvcsSdZJPhZtNy_myMJUNzC_QaYyw3ni1V0BA\"\n }\n }\n ]\n}", "options": { "raw": { "language": "json" } } }, "url": { "raw": "{{verifier_exchange_endpoint}}/presentations", "host": [ "{{verifier_exchange_endpoint}}" ], "path": [ "presentations" ] } }, "response": [] } ], "event": [ { "listen": "prerequest", "script": { "type": "text/javascript", "exec": [ "pm.request.headers.add({key: 'User-Agent', value: 'W3C Traceability Interop Tests'});" ] } }, { "listen": "test", "script": { "type": "text/javascript", "exec": [ "" ] } } ], "variable": [ { "key": "credential_issuer_id", "value": "" }, { "key": "verifiable_credential", "value": "" }, { "key": "domain", "value": "" }, { "key": "challenge", "value": "" }, { "key": "verifiable_presentation", "value": "" }, { "key": "issuer_access_token", "value": "" }, { "key": "verifier_access_token", "value": "" }, { "key": "credential_verifier_id", "value": "" }, { "key": "verifier_exchange_endpoint", "value": "" }, { "key": "holder_access_token", "value": "" } ] }