Altme's documentation
  • 🧾Introduction
    • 📋What is Self Sovereign Identity ?
    • 🕵️Altme solution suite is made up of 3 components
      • 🗂️Altme Wallet
      • 📇Altme Saas
      • 📇Altme Web3 issuer
    • 🗂️Give an Identity to your crypto wallet
    • 🛠️Technical considerations
  • ☁️Altme Saas
    • Quick start
      • ⬇️Download Altme Wallet from Apple or Google store
      • 📁Get more credentials in your wallet
      • 🔒Connect to the Altme Saas platform to setup a SSI verifier
      • 📲Integration in your app
    • Beacon integration
      • 🖥️Overview
      • 🏅Verify the age of your users (+13, +18) in a dApp
      • 📲Receive the Verifier data with a webhook in your backend
      • 🪙On-chain and off-chain access with TezID
      • 💾Verify other data with other credentials
      • 📇Issue a Welcome card in a dApp
      • ✅Check user data of your Issuer (no code)
      • ✅Check user data of your Issuer with a webhook
      • 🕵️Under the hood : the process flow of a Beacon Verifier
    • OpenID integration
      • 🖥️Overview
      • 1️Example 1 with an “implicit flow” with no code
      • 1️Example 1 with an “authorization code flow” in Python
    • EBSII integration
  • 🗂️Alme Wallet
    • Protocols overview
      • 🔑Collecting a verifiable credential
      • 🔑Requesting a verifiable presentation
    • Credential offer protocol
      • 🧘‍♀️Motivation
      • 📖Issuer implementation
    • 🖥️Credential manifest of the credential offer protocol
    • 💰Wallet rendering
      • 📝Input descriptors
    • Presentation request query types
      • 🧘‍♀️Motivation
      • 📖Verifier implementation
      • 🔐DIDAuth
      • QueryByExample
      • QBE Examples
    • ✅Issuers and Verifiers return codes accepted by wal
    • 🔗Universal link
      • 🖥️Access from a desktop viewer
      • 📱Access from smartphone viewer
  • *️Others
    • 📂Flow between wallet, dApp and Verifier
      • 📱Hybrid dApp onboards a user with VCs
      • 📱dApp onboards a user with VCs
      • 📱dApp adds a user in whitelist
    • 📍Indices and tables
      • 📁Index
      • 🔍Search
    • 👨‍💻Show source
Powered by GitBook
On this page
  1. Altme Saas
  2. OpenID integration

Example 1 with an “authorization code flow” in Python

PreviousExample 1 with an “implicit flow” with no codeNextEBSII integration

Last updated 2 years ago

This a typical integration with a client-server application.

We use the flask-pyoic lib ,

Install with pip install Flask-pyoidc==3.11.0

This verifier parameters for an authorization code flow are :

  • issuer :

  • client_id : xgdfdbzwri

  • client_secret : 0b80ec35-1941-11ed-a869-0a1628958560

Let’s see the code.

NB : you may need to setup ngrok to get the callback if you cannot install it on a internet web server.

import flask
from flask import Flask, jsonify
from flask_pyoidc import OIDCAuthentication
from flask_pyoidc.provider_configuration import ProviderConfiguration, ClientMetadata
from flask_pyoidc.user_session import UserSession

# Init Flask
app = Flask(__name__)
app.config.update(
    OIDC_REDIRECT_URI = 'http://127.0.0.1:4000/callback', # your application redirect uri. Must be replaced by ngrok route if local to your desktop
    SECRET_KEY = "lkjhlkjh" # your application secret code for session, random
)

"""
Init OpenID Connect client PYOIDC with teh 3 bridge parameters :  client_id, client_secret and issuer URL
"""
client_metadata = ClientMetadata(
    client_id='xgdfdbzwri',
    client_secret= '0b80ec35-1941-11ed-a869-0a1628958560',
    post_logout_redirect_uris=['http://127.0.0.1:4000/logout']) # your post logout uri (optional)

provider_config = ProviderConfiguration(issuer='https://talao.co/sandbox/op',
                                    client_metadata=client_metadata)

auth = OIDCAuthentication({'default': provider_config}, app)

"""
Verifiable Credential presented by user is transfered through vp_token in OAuth2 userinfo endpoint

"""
@app.route('/')
@auth.oidc_auth('default')
def index():
    user_session = UserSession(flask.session)
    return jsonify(access_token=user_session.access_token,
               id_token=user_session.id_token,
               userinfo=user_session.userinfo) # this is the user credential

# use with ngrok
if __name__ == '__main__':
    IP = "127.0.0.1"
    app.run( host = IP, port=4000, debug =True)9692-0a1628958560

NB : with that lib, you do not have to manage the id_token, user info and the signature check. All metada needed by the lib is available in the openid config :

☁️
1️
https://altme-documentation.gitbook.io/altmes-documentation/altme-saas/quick-start
https://talao.co/sandbox/op
https://talao.co/sandbox/op/.well-known/openid-configuration