When using ClientAuthentication.AttestationBased, besides checking that the provided JWT is a valid Client Attestation JWT, we must also ensure that it is a valid Wallet Instance Attestation per TS3.
To that end we must verify the contents of WIA upon reception.
Reference: https://github.com/eu-digital-identity-wallet/eudi-doc-standards-and-technical-specifications/blob/main/docs/technical-specifications/ts3-wallet-unit-attestation.md#23-content
When using
ClientAuthentication.AttestationBased, besides checking that the provided JWT is a valid Client Attestation JWT, we must also ensure that it is a valid Wallet Instance Attestation per TS3.To that end we must verify the contents of WIA upon reception.
Reference: https://github.com/eu-digital-identity-wallet/eudi-doc-standards-and-technical-specifications/blob/main/docs/technical-specifications/ts3-wallet-unit-attestation.md#23-content