Merge 76bb006 into 5fdc712

FIWARE · Jun 4, 2024 · 871701a · 871701a
2 parents 5fdc712 + 76bb006
commit 871701a
Showing 1 changed file with 11 additions and 0 deletions.
diff --git a/verifier/verifier.go b/verifier/verifier.go
@@ -368,6 +368,11 @@ func (v *CredentialVerifier) GenerateToken(clientId, subject, audience string, s
 	credentialsByType := map[string][]*verifiable.Credential{}
 	credentialTypes := []string{}
 	for _, vc := range verifiablePresentation.Credentials() {
+		// verify the credential
+		verificationError := vc.CheckProof()
+		if verificationError != nil {
+			return 0, "", verificationError
+		}
 		for _, credentialType := range vc.Contents().Types {
 			if _, ok := credentialsByType[credentialType]; !ok {
 				credentialsByType[credentialType] = []*verifiable.Credential{}
@@ -468,6 +473,12 @@ func (v *CredentialVerifier) AuthenticationResponse(state string, verifiablePres
 	trustedChain, _ := verifyChain(verifiablePresentation.Credentials())
 
 	for _, credential := range verifiablePresentation.Credentials() {
+		// verify the credential
+		verificationError := credential.CheckProof()
+		if verificationError != nil {
+			return sameDevice, verificationError
+		}
+
 		verificationContext, err := v.getTrustRegistriesValidationContext(loginSession.clientId, credential.Contents().Types)
 		if err != nil {
 			logging.Log().Warnf("Was not able to create a valid verification context. Credential will be rejected. Err: %v", err)