From 9a1b0002ec9dd2609377fc9a178463e026b33a0c Mon Sep 17 00:00:00 2001 From: Rein Krul Date: Wed, 18 Mar 2026 11:36:15 +0100 Subject: [PATCH 1/2] #403: Change to DeziUserCredential --- .../test/medicatieoverdracht-policy.json | 23 ++++++++++++++++--- 1 file changed, 20 insertions(+), 3 deletions(-) diff --git a/gf-test-2026/test/medicatieoverdracht-policy.json b/gf-test-2026/test/medicatieoverdracht-policy.json index 814cddd..46de39a 100644 --- a/gf-test-2026/test/medicatieoverdracht-policy.json +++ b/gf-test-2026/test/medicatieoverdracht-policy.json @@ -22,11 +22,25 @@ "id": "pd_any_care_organization", "name": "Care organization", "purpose": "Finding a care organization and practitioner", + "submission_requirements": [ + { + "name": "Required credentials", + "rule": "all", + "from": "required" + }, + { + "name": "Optional credentials", + "rule": "pick", + "min": 0, + "from": "optional" + } + ], "input_descriptors": [ { "id": "id_uzicert_uracredential", "name": "Care organization identity from fake UZI-server certificate", "purpose": "Finding a care organization for authorizing access to medical metadata.", + "group": ["required"], "constraints": { "fields": [ { @@ -76,6 +90,7 @@ { "id": "id_patient_enrollment", "name": "The patient enrollment credential", + "group": ["required"], "constraints": { "fields": [ { @@ -123,6 +138,7 @@ { "id": "id_healthcare_professional_delegation", "name": "The healthcare professional delegation credential", + "group": ["required"], "constraints": { "fields": [ { @@ -169,6 +185,7 @@ }, { "id": "id_dezicredential", + "group": ["optional"], "constraints": { "fields": [ { @@ -177,7 +194,7 @@ ], "filter": { "type": "string", - "const": "DeziIDTokenCredential" + "const": "DeziUserCredential" } }, { @@ -226,9 +243,9 @@ } }, { - "id": "user_roles", + "id": "user_role", "path": [ - "$.credentialSubject.employee.roles" + "$.credentialSubject.employee.role" ], "filter": { "type": "string" From 44e0be2307836d77731f8741df057e7d98ff4cec Mon Sep 17 00:00:00 2001 From: Rein Krul Date: Thu, 19 Mar 2026 13:07:14 +0100 Subject: [PATCH 2/2] Add optional Dezi credential to eOverdracht policy --- gf-test-2026/test/eOverdracht-policy.json | 170 ++++++++++++++++++ .../test/medicatieoverdracht-policy.json | 6 +- 2 files changed, 173 insertions(+), 3 deletions(-) diff --git a/gf-test-2026/test/eOverdracht-policy.json b/gf-test-2026/test/eOverdracht-policy.json index 64bd26e..dc131cf 100644 --- a/gf-test-2026/test/eOverdracht-policy.json +++ b/gf-test-2026/test/eOverdracht-policy.json @@ -21,11 +21,25 @@ "id": "pd_any_care_organization", "name": "Care organization", "purpose": "Finding a care organization", + "submission_requirements": [ + { + "name": "Required credentials", + "rule": "all", + "from": "required" + }, + { + "name": "Optional credentials", + "rule": "pick", + "min": 0, + "from": "optional" + } + ], "input_descriptors": [ { "id": "id_uzicert_uracredential", "name": "Care organization identity from fake UZI-server certificate", "purpose": "Finding a care organization for authorizing access to medical metadata.", + "group": ["required"], "constraints": { "fields": [ { @@ -66,6 +80,77 @@ } ] } + }, + { + "id": "id_dezicredential", + "group": ["optional"], + "constraints": { + "fields": [ + { + "path": [ + "$.type" + ], + "filter": { + "type": "string", + "const": "DeziUserCredential" + } + }, + { + "id": "organization_ura_dezi", + "path": [ + "$.credentialSubject.identifier" + ], + "filter": { + "type": "string" + } + }, + { + "id": "user_id", + "path": [ + "$.credentialSubject.employee.identifier" + ], + "filter": { + "type": "string" + } + }, + { + "id": "user_initials", + "path": [ + "$.credentialSubject.employee.initials" + ], + "filter": { + "type": "string" + } + }, + { + "id": "user_surname", + "path": [ + "$.credentialSubject.employee.surname" + ], + "filter": { + "type": "string" + } + }, + { + "id": "user_surname_prefix", + "path": [ + "$.credentialSubject.employee.surnamePrefix" + ], + "filter": { + "type": "string" + } + }, + { + "id": "user_role", + "path": [ + "$.credentialSubject.employee.role" + ], + "filter": { + "type": "string" + } + } + ] + } } ] } @@ -92,11 +177,25 @@ "id": "pd_any_care_organization", "name": "Care organization", "purpose": "Finding a care organization", + "submission_requirements": [ + { + "name": "Required credentials", + "rule": "all", + "from": "required" + }, + { + "name": "User identity", + "rule": "pick", + "min": 0, + "from": "user-identity" + } + ], "input_descriptors": [ { "id": "id_uzicert_uracredential", "name": "Care organization identity from fake UZI-server certificate", "purpose": "Finding a care organization for authorizing access to medical metadata.", + "group": ["required"], "constraints": { "fields": [ { @@ -137,6 +236,77 @@ } ] } + }, + { + "id": "id_dezicredential", + "group": ["user-identity"], + "constraints": { + "fields": [ + { + "path": [ + "$.type" + ], + "filter": { + "type": "string", + "const": "DeziUserCredential" + } + }, + { + "id": "organization_ura_dezi", + "path": [ + "$.credentialSubject.identifier" + ], + "filter": { + "type": "string" + } + }, + { + "id": "user_id", + "path": [ + "$.credentialSubject.employee.identifier" + ], + "filter": { + "type": "string" + } + }, + { + "id": "user_initials", + "path": [ + "$.credentialSubject.employee.initials" + ], + "filter": { + "type": "string" + } + }, + { + "id": "user_surname", + "path": [ + "$.credentialSubject.employee.surname" + ], + "filter": { + "type": "string" + } + }, + { + "id": "user_surname_prefix", + "path": [ + "$.credentialSubject.employee.surnamePrefix" + ], + "filter": { + "type": "string" + } + }, + { + "id": "user_role", + "path": [ + "$.credentialSubject.employee.role" + ], + "filter": { + "type": "string" + } + } + ] + } } ] } diff --git a/gf-test-2026/test/medicatieoverdracht-policy.json b/gf-test-2026/test/medicatieoverdracht-policy.json index 1478d20..ccce6cb 100644 --- a/gf-test-2026/test/medicatieoverdracht-policy.json +++ b/gf-test-2026/test/medicatieoverdracht-policy.json @@ -29,10 +29,10 @@ "from": "required" }, { - "name": "Optional credentials", + "name": "User identity", "rule": "pick", "min": 0, - "from": "optional" + "from": "user-identity" } ], "input_descriptors": [ @@ -185,7 +185,7 @@ }, { "id": "id_dezicredential", - "group": ["optional"], + "group": ["user-identity"], "constraints": { "fields": [ {