Wrong assumption that session requests requesting specific attribute value lead to a unique match

[ivard]

Given the following session:

{
"@context": "https://irma.app/ld/request/disclosure/v2",
"disclose": [
  [
    [ { "type": "irma-demo.sidn-pbdf.email.domain", "value": "test.nl" }]
  ]
]
}

If you already have [email protected] stored in your irmaclient, then there should be two options:

• Select the existing [email protected]
• Add a new credential (for another test.nl email address)

Now only the first option is showed.

[DibranMulder]

I validated this issue with the following test scenario:

irma session --server https://is.staging.yivi.app --authmethod token --key <redacted> --request '{ "@context": "https://irma.app/ld/request/disclosure/v2", "disclose": [[[ { "type": "irma-demo.sidn-pbdf.email.email" }, { "type": "irma-demo.sidn-pbdf.email.domain", "value": "caesar.nl" }]]]}'

In this case the irmaclient matches on my [email protected] credential that indeed has the caesar.nl domain but the other property email is left open, the user should be able to Add a new credential. I tracked the code down to the following lines, but it still needs further investigation.

irmago/requests.go

Line 418 in d389b45

func (ar *AttributeRequest) Satisfy(attr AttributeTypeIdentifier, val *string) bool {