@aep-foundation/conformance 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (62) hide show
  1. package/CHANGELOG.md +16 -0
  2. package/LICENSE +21 -0
  3. package/README.md +72 -0
  4. package/dist/index.cjs +473 -0
  5. package/dist/index.cjs.map +1 -0
  6. package/dist/index.d.cts +110 -0
  7. package/dist/index.d.ts +110 -0
  8. package/dist/index.js +406 -0
  9. package/dist/index.js.map +1 -0
  10. package/fixtures/aep-specs/manifest.json +61 -0
  11. package/fixtures/aep-specs/schemas/README.md +57 -0
  12. package/fixtures/aep-specs/schemas/api-key-grant-response.schema.json +32 -0
  13. package/fixtures/aep-specs/schemas/basic-grant-response.schema.json +36 -0
  14. package/fixtures/aep-specs/schemas/client-assertion-claims.schema.json +36 -0
  15. package/fixtures/aep-specs/schemas/enroll-request.schema.json +22 -0
  16. package/fixtures/aep-specs/schemas/enroll-response.schema.json +24 -0
  17. package/fixtures/aep-specs/schemas/grant-request.schema.json +20 -0
  18. package/fixtures/aep-specs/schemas/idempotency-metadata.schema.json +26 -0
  19. package/fixtures/aep-specs/schemas/inspect-document.schema.json +136 -0
  20. package/fixtures/aep-specs/schemas/oauth-bearer-grant-response.schema.json +32 -0
  21. package/fixtures/aep-specs/schemas/platform-agent-identity-list-response.schema.json +78 -0
  22. package/fixtures/aep-specs/schemas/platform-agent-identity.schema.json +60 -0
  23. package/fixtures/aep-specs/schemas/platform-discovery.schema.json +107 -0
  24. package/fixtures/aep-specs/schemas/platform-lifecycle-request.schema.json +14 -0
  25. package/fixtures/aep-specs/schemas/platform-lifecycle-response.schema.json +60 -0
  26. package/fixtures/aep-specs/schemas/platform-provision-request.schema.json +18 -0
  27. package/fixtures/aep-specs/schemas/platform-sign-request.schema.json +26 -0
  28. package/fixtures/aep-specs/schemas/platform-sign-response.schema.json +34 -0
  29. package/fixtures/aep-specs/schemas/platform-verification-request.schema.json +22 -0
  30. package/fixtures/aep-specs/schemas/platform-verification-response.schema.json +37 -0
  31. package/fixtures/aep-specs/schemas/problem.schema.json +25 -0
  32. package/fixtures/aep-specs/schemas/revoke-request.schema.json +32 -0
  33. package/fixtures/aep-specs/schemas/revoke-response.schema.json +7 -0
  34. package/fixtures/aep-specs/schemas/status-response.schema.json +28 -0
  35. package/fixtures/aep-specs/test-vectors/README.md +100 -0
  36. package/fixtures/aep-specs/test-vectors/client-assertion/enroll-claims.json +26 -0
  37. package/fixtures/aep-specs/test-vectors/credentials/api-key/grant-response.json +20 -0
  38. package/fixtures/aep-specs/test-vectors/credentials/basic/grant-response.json +21 -0
  39. package/fixtures/aep-specs/test-vectors/credentials/oauth-bearer/grant-response.json +20 -0
  40. package/fixtures/aep-specs/test-vectors/enroll/request-minimal.json +24 -0
  41. package/fixtures/aep-specs/test-vectors/enroll/response-active.json +19 -0
  42. package/fixtures/aep-specs/test-vectors/errors/not-recognized-problem.json +22 -0
  43. package/fixtures/aep-specs/test-vectors/grant-revoke/grant-request-oauth-bearer.json +25 -0
  44. package/fixtures/aep-specs/test-vectors/grant-revoke/revoke-request-all-grant-types.json +23 -0
  45. package/fixtures/aep-specs/test-vectors/grant-revoke/revoke-request-oauth-bearer.json +25 -0
  46. package/fixtures/aep-specs/test-vectors/grant-revoke/revoke-response-empty.json +17 -0
  47. package/fixtures/aep-specs/test-vectors/idempotency/enroll-conflict.json +25 -0
  48. package/fixtures/aep-specs/test-vectors/inspect/minimal-http.json +45 -0
  49. package/fixtures/aep-specs/test-vectors/platform/discovery.json +36 -0
  50. package/fixtures/aep-specs/test-vectors/platform/lifecycle-request.json +13 -0
  51. package/fixtures/aep-specs/test-vectors/platform/lifecycle-response.json +21 -0
  52. package/fixtures/aep-specs/test-vectors/platform/list-response.json +35 -0
  53. package/fixtures/aep-specs/test-vectors/platform/provision-request.json +14 -0
  54. package/fixtures/aep-specs/test-vectors/platform/provision-response-distinct-services.json +44 -0
  55. package/fixtures/aep-specs/test-vectors/platform/provision-response.json +21 -0
  56. package/fixtures/aep-specs/test-vectors/platform/sign-request.json +16 -0
  57. package/fixtures/aep-specs/test-vectors/platform/sign-response.json +18 -0
  58. package/fixtures/aep-specs/test-vectors/platform/verification-request.json +15 -0
  59. package/fixtures/aep-specs/test-vectors/platform/verification-response-recognized.json +19 -0
  60. package/fixtures/aep-specs/test-vectors/platform/verification-response-unrecognized.json +15 -0
  61. package/fixtures/aep-specs/test-vectors/status/response-active.json +22 -0
  62. package/package.json +56 -0
@@ -0,0 +1,60 @@
1
+ {
2
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
3
+ "$id": "https://www.aep.foundation/schemas/platform-agent-identity.schema.json",
4
+ "title": "AEP Platform Agent Identity",
5
+ "type": "object",
6
+ "required": [
7
+ "agent_did",
8
+ "agent_identity_id",
9
+ "created_at",
10
+ "did_document_url",
11
+ "key_id",
12
+ "service_did",
13
+ "signing_algorithms",
14
+ "status",
15
+ "updated_at"
16
+ ],
17
+ "additionalProperties": true,
18
+ "properties": {
19
+ "agent_did": {
20
+ "type": "string",
21
+ "pattern": "^did:"
22
+ },
23
+ "agent_identity_id": {
24
+ "type": "string",
25
+ "minLength": 1
26
+ },
27
+ "created_at": {
28
+ "type": "string",
29
+ "format": "date-time"
30
+ },
31
+ "did_document_url": {
32
+ "type": "string",
33
+ "pattern": "^https://"
34
+ },
35
+ "key_id": {
36
+ "type": "string",
37
+ "minLength": 1
38
+ },
39
+ "service_did": {
40
+ "type": "string",
41
+ "pattern": "^did:"
42
+ },
43
+ "signing_algorithms": {
44
+ "type": "array",
45
+ "minItems": 1,
46
+ "items": {
47
+ "type": "string",
48
+ "enum": ["EdDSA", "ES256"]
49
+ }
50
+ },
51
+ "status": {
52
+ "type": "string",
53
+ "enum": ["active", "revoked", "suspended", "terminated"]
54
+ },
55
+ "updated_at": {
56
+ "type": "string",
57
+ "format": "date-time"
58
+ }
59
+ }
60
+ }
@@ -0,0 +1,107 @@
1
+ {
2
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
3
+ "$id": "https://www.aep.foundation/schemas/platform-discovery.schema.json",
4
+ "title": "AEP Platform Discovery Document",
5
+ "type": "object",
6
+ "required": ["aep_version", "endpoints", "http", "identity", "platform", "signing"],
7
+ "additionalProperties": true,
8
+ "properties": {
9
+ "aep_version": {
10
+ "type": "string",
11
+ "pattern": "^[0-9]+\\.[0-9]+$"
12
+ },
13
+ "endpoints": {
14
+ "type": "object",
15
+ "required": ["lifecycle", "provision", "sign", "list"],
16
+ "additionalProperties": true,
17
+ "properties": {
18
+ "hosted_verification": {
19
+ "type": "string",
20
+ "pattern": "^/"
21
+ },
22
+ "lifecycle": {
23
+ "type": "string",
24
+ "pattern": "^/"
25
+ },
26
+ "provision": {
27
+ "type": "string",
28
+ "pattern": "^/"
29
+ },
30
+ "sign": {
31
+ "type": "string",
32
+ "pattern": "^/"
33
+ },
34
+ "list": {
35
+ "type": "string",
36
+ "pattern": "^/"
37
+ }
38
+ }
39
+ },
40
+ "http": {
41
+ "type": "object",
42
+ "required": ["endpoint_base"],
43
+ "additionalProperties": true,
44
+ "properties": {
45
+ "endpoint_base": {
46
+ "type": "string",
47
+ "pattern": "^/"
48
+ }
49
+ }
50
+ },
51
+ "identity": {
52
+ "type": "object",
53
+ "required": ["did_methods", "did_url_template"],
54
+ "additionalProperties": true,
55
+ "properties": {
56
+ "did_methods": {
57
+ "type": "array",
58
+ "minItems": 1,
59
+ "items": {
60
+ "type": "string"
61
+ }
62
+ },
63
+ "did_url_template": {
64
+ "type": "string",
65
+ "pattern": "^https://"
66
+ }
67
+ }
68
+ },
69
+ "platform": {
70
+ "type": "object",
71
+ "required": ["hosted_verification", "name"],
72
+ "additionalProperties": true,
73
+ "properties": {
74
+ "did": {
75
+ "type": "string",
76
+ "pattern": "^did:"
77
+ },
78
+ "hosted_verification": {
79
+ "type": "boolean"
80
+ },
81
+ "name": {
82
+ "type": "string",
83
+ "minLength": 1
84
+ }
85
+ }
86
+ },
87
+ "signing": {
88
+ "type": "object",
89
+ "required": ["algorithms", "default_lifetime_seconds"],
90
+ "additionalProperties": true,
91
+ "properties": {
92
+ "algorithms": {
93
+ "type": "array",
94
+ "minItems": 1,
95
+ "items": {
96
+ "type": "string",
97
+ "enum": ["EdDSA", "ES256"]
98
+ }
99
+ },
100
+ "default_lifetime_seconds": {
101
+ "type": "string",
102
+ "pattern": "^(?:[1-9][0-9]?|[12][0-9]{2}|300)$"
103
+ }
104
+ }
105
+ }
106
+ }
107
+ }
@@ -0,0 +1,14 @@
1
+ {
2
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
3
+ "$id": "https://www.aep.foundation/schemas/platform-lifecycle-request.schema.json",
4
+ "title": "AEP Platform Lifecycle Request",
5
+ "type": "object",
6
+ "required": ["status"],
7
+ "additionalProperties": false,
8
+ "properties": {
9
+ "status": {
10
+ "type": "string",
11
+ "enum": ["active", "revoked", "suspended", "terminated"]
12
+ }
13
+ }
14
+ }
@@ -0,0 +1,60 @@
1
+ {
2
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
3
+ "$id": "https://www.aep.foundation/schemas/platform-lifecycle-response.schema.json",
4
+ "title": "AEP Platform Lifecycle Response",
5
+ "type": "object",
6
+ "required": [
7
+ "agent_did",
8
+ "agent_identity_id",
9
+ "created_at",
10
+ "did_document_url",
11
+ "key_id",
12
+ "service_did",
13
+ "signing_algorithms",
14
+ "status",
15
+ "updated_at"
16
+ ],
17
+ "additionalProperties": true,
18
+ "properties": {
19
+ "agent_did": {
20
+ "type": "string",
21
+ "pattern": "^did:"
22
+ },
23
+ "agent_identity_id": {
24
+ "type": "string",
25
+ "minLength": 1
26
+ },
27
+ "created_at": {
28
+ "type": "string",
29
+ "format": "date-time"
30
+ },
31
+ "did_document_url": {
32
+ "type": "string",
33
+ "pattern": "^https://"
34
+ },
35
+ "key_id": {
36
+ "type": "string",
37
+ "minLength": 1
38
+ },
39
+ "service_did": {
40
+ "type": "string",
41
+ "pattern": "^did:"
42
+ },
43
+ "signing_algorithms": {
44
+ "type": "array",
45
+ "minItems": 1,
46
+ "items": {
47
+ "type": "string",
48
+ "enum": ["EdDSA", "ES256"]
49
+ }
50
+ },
51
+ "status": {
52
+ "type": "string",
53
+ "enum": ["active", "revoked", "suspended", "terminated"]
54
+ },
55
+ "updated_at": {
56
+ "type": "string",
57
+ "format": "date-time"
58
+ }
59
+ }
60
+ }
@@ -0,0 +1,18 @@
1
+ {
2
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
3
+ "$id": "https://www.aep.foundation/schemas/platform-provision-request.schema.json",
4
+ "title": "AEP Platform Provision Request",
5
+ "type": "object",
6
+ "required": ["idempotency_key", "service_did"],
7
+ "additionalProperties": false,
8
+ "properties": {
9
+ "idempotency_key": {
10
+ "type": "string",
11
+ "minLength": 1
12
+ },
13
+ "service_did": {
14
+ "type": "string",
15
+ "pattern": "^did:"
16
+ }
17
+ }
18
+ }
@@ -0,0 +1,26 @@
1
+ {
2
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
3
+ "$id": "https://www.aep.foundation/schemas/platform-sign-request.schema.json",
4
+ "title": "AEP Platform Sign Request",
5
+ "type": "object",
6
+ "required": ["jti", "op", "service_did"],
7
+ "additionalProperties": false,
8
+ "properties": {
9
+ "jti": {
10
+ "type": "string",
11
+ "minLength": 1
12
+ },
13
+ "op": {
14
+ "type": "string",
15
+ "enum": ["enroll", "grant", "revoke", "status"]
16
+ },
17
+ "service_did": {
18
+ "type": "string",
19
+ "pattern": "^did:"
20
+ },
21
+ "lifetime_seconds": {
22
+ "type": "string",
23
+ "pattern": "^(?:[1-9][0-9]?|[12][0-9]{2}|300)$"
24
+ }
25
+ }
26
+ }
@@ -0,0 +1,34 @@
1
+ {
2
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
3
+ "$id": "https://www.aep.foundation/schemas/platform-sign-response.schema.json",
4
+ "title": "AEP Platform Sign Response",
5
+ "type": "object",
6
+ "required": ["agent_did", "client_assertion", "expires_at", "issued_at", "jti", "service_did"],
7
+ "additionalProperties": true,
8
+ "properties": {
9
+ "agent_did": {
10
+ "type": "string",
11
+ "pattern": "^did:"
12
+ },
13
+ "client_assertion": {
14
+ "type": "string",
15
+ "minLength": 1
16
+ },
17
+ "expires_at": {
18
+ "type": "string",
19
+ "format": "date-time"
20
+ },
21
+ "issued_at": {
22
+ "type": "string",
23
+ "format": "date-time"
24
+ },
25
+ "jti": {
26
+ "type": "string",
27
+ "minLength": 1
28
+ },
29
+ "service_did": {
30
+ "type": "string",
31
+ "pattern": "^did:"
32
+ }
33
+ }
34
+ }
@@ -0,0 +1,22 @@
1
+ {
2
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
3
+ "$id": "https://www.aep.foundation/schemas/platform-verification-request.schema.json",
4
+ "title": "AEP Platform Verification Request",
5
+ "type": "object",
6
+ "required": ["client_assertion", "op", "service_did"],
7
+ "additionalProperties": false,
8
+ "properties": {
9
+ "client_assertion": {
10
+ "type": "string",
11
+ "minLength": 1
12
+ },
13
+ "op": {
14
+ "type": "string",
15
+ "enum": ["enroll", "grant", "revoke", "status"]
16
+ },
17
+ "service_did": {
18
+ "type": "string",
19
+ "pattern": "^did:"
20
+ }
21
+ }
22
+ }
@@ -0,0 +1,37 @@
1
+ {
2
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
3
+ "$id": "https://www.aep.foundation/schemas/platform-verification-response.schema.json",
4
+ "title": "AEP Platform Verification Response",
5
+ "type": "object",
6
+ "required": ["reason", "service_did", "verified"],
7
+ "additionalProperties": true,
8
+ "properties": {
9
+ "agent_did": {
10
+ "type": "string",
11
+ "pattern": "^did:"
12
+ },
13
+ "agent_identity_id": {
14
+ "type": "string",
15
+ "minLength": 1
16
+ },
17
+ "op": {
18
+ "type": "string",
19
+ "enum": ["enroll", "grant", "revoke", "status"]
20
+ },
21
+ "reason": {
22
+ "type": "string",
23
+ "enum": ["not_recognized", "verified"]
24
+ },
25
+ "service_did": {
26
+ "type": "string",
27
+ "pattern": "^did:"
28
+ },
29
+ "status": {
30
+ "type": "string",
31
+ "enum": ["active", "revoked", "suspended", "terminated"]
32
+ },
33
+ "verified": {
34
+ "type": "boolean"
35
+ }
36
+ }
37
+ }
@@ -0,0 +1,25 @@
1
+ {
2
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
3
+ "$id": "https://www.aep.foundation/schemas/problem.schema.json",
4
+ "title": "AEP Problem Details",
5
+ "type": "object",
6
+ "required": ["type", "title", "status", "code"],
7
+ "additionalProperties": true,
8
+ "properties": {
9
+ "type": {
10
+ "type": "string",
11
+ "pattern": "^urn:aep:error:"
12
+ },
13
+ "title": {
14
+ "type": "string",
15
+ "minLength": 1
16
+ },
17
+ "status": {
18
+ "type": "integer"
19
+ },
20
+ "code": {
21
+ "type": "string",
22
+ "minLength": 1
23
+ }
24
+ }
25
+ }
@@ -0,0 +1,32 @@
1
+ {
2
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
3
+ "$id": "https://www.aep.foundation/schemas/revoke-request.schema.json",
4
+ "title": "AEP Revoke Request",
5
+ "type": "object",
6
+ "additionalProperties": true,
7
+ "oneOf": [
8
+ {
9
+ "required": ["grant_type"]
10
+ },
11
+ {
12
+ "required": ["credential_id"]
13
+ },
14
+ {
15
+ "required": ["all_grant_types"]
16
+ }
17
+ ],
18
+ "properties": {
19
+ "grant_type": {
20
+ "type": "string",
21
+ "minLength": 1
22
+ },
23
+ "credential_id": {
24
+ "type": "string",
25
+ "minLength": 1
26
+ },
27
+ "all_grant_types": {
28
+ "type": "string",
29
+ "enum": ["true"]
30
+ }
31
+ }
32
+ }
@@ -0,0 +1,7 @@
1
+ {
2
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
3
+ "$id": "https://www.aep.foundation/schemas/revoke-response.schema.json",
4
+ "title": "AEP Revoke Response",
5
+ "type": "object",
6
+ "additionalProperties": false
7
+ }
@@ -0,0 +1,28 @@
1
+ {
2
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
3
+ "$id": "https://www.aep.foundation/schemas/status-response.schema.json",
4
+ "title": "AEP Status Response",
5
+ "type": "object",
6
+ "required": ["status"],
7
+ "additionalProperties": true,
8
+ "properties": {
9
+ "status": {
10
+ "type": "string",
11
+ "enum": ["active", "pending", "unavailable", "suspended", "terminated", "rejected"]
12
+ },
13
+ "owner_action_required": {
14
+ "type": "string",
15
+ "enum": ["true", "false"]
16
+ },
17
+ "requirements_pending": {
18
+ "type": "array",
19
+ "items": {
20
+ "type": "string"
21
+ }
22
+ },
23
+ "since": {
24
+ "type": "string",
25
+ "format": "date-time"
26
+ }
27
+ }
28
+ }
@@ -0,0 +1,100 @@
1
+ # AEP Test Vectors
2
+
3
+ This directory contains deterministic test vectors for the currently published
4
+ AEP Internet-Draft set.
5
+
6
+ The initial vector set should cover:
7
+
8
+ | Category | Purpose | Draft Coverage |
9
+ | ----------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------- |
10
+ | Inspect document | Validate required fields, command advertisement, grant type advertisement, `did:web`, HTTP binding configuration, and extension discovery shape. | Core |
11
+ | Client assertion JWT | Validate JOSE header fields, JWT claim fields, `aud`, `op`, `iat`, `exp`, and `jti` requirements. | Core |
12
+ | Error response | Validate AEP Problem Details shape and stable error codes. | Core |
13
+ | Idempotency | Validate safe retry shape and idempotency conflict behavior. | Core |
14
+ | Enroll request/response | Validate minimal enrollment request and response shape. | Core |
15
+ | Status response | Validate enrolled identity status response shape. | Core |
16
+ | Grant/Revoke request | Validate shared Grant and Revoke request fields, including revoke-all behavior. | Core plus credential profiles |
17
+ | OAuth Bearer credential | Validate OAuth Bearer Grant response, presentation syntax, expiry, scopes, and Revoke shape. | OAuth Bearer |
18
+ | API-key credential | Validate API-key Grant response, API-key value syntax, header selection, expiry, scopes, and Revoke shape. | API-key |
19
+ | Basic credential | Validate Basic Grant response, generated username/password constraints, Basic presentation syntax, expiry, scopes, and Revoke shape. | Basic |
20
+ | Platform specification | Validate Platform discovery, Service-scoped Agent DID provisioning, distinct opaque DIDs per Service, delegated signing, lifecycle, and hosted verification shapes. | Platform Hosted Identity |
21
+
22
+ ## File Layout
23
+
24
+ Vectors use one directory per category:
25
+
26
+ ```text
27
+ test-vectors/
28
+ inspect/
29
+ client-assertion/
30
+ errors/
31
+ idempotency/
32
+ enroll/
33
+ status/
34
+ grant-revoke/
35
+ platform/
36
+ credentials/
37
+ oauth-bearer/
38
+ api-key/
39
+ basic/
40
+ ```
41
+
42
+ Each vector file is JSON. File names use lowercase hyphenated identifiers:
43
+
44
+ ```text
45
+ <category>/<vector-id>.json
46
+ ```
47
+
48
+ ## Vector Format
49
+
50
+ Each vector has this top-level shape:
51
+
52
+ ```json
53
+ {
54
+ "id": "inspect-minimal-http",
55
+ "title": "Minimal HTTP Inspect document",
56
+ "description": "A Service advertising the baseline HTTP binding and current credential profiles.",
57
+ "drafts": ["draft-kavian-agent-enrollment-protocol-01"],
58
+ "category": "inspect",
59
+ "applies_to": ["agent", "service"],
60
+ "profile": "core-http",
61
+ "input": {},
62
+ "expected": {}
63
+ }
64
+ ```
65
+
66
+ Required fields:
67
+
68
+ | Field | Requirement |
69
+ | ------------- | ------------------------------------------------------------------------------- |
70
+ | `id` | Lowercase hyphenated vector identifier. |
71
+ | `title` | Short human-readable name. |
72
+ | `description` | One- or two-sentence explanation of the behavior under test. |
73
+ | `drafts` | Draft identifiers covered by the vector. |
74
+ | `category` | Vector category. |
75
+ | `applies_to` | Array containing `agent`, `service`, or both. |
76
+ | `profile` | `core-http`, `platform-hosted-identity`, `oauth-bearer`, `api-key`, or `basic`. |
77
+ | `input` | Test input object. |
78
+ | `expected` | Expected output or validation result object. |
79
+
80
+ ## Validation Rules
81
+
82
+ A vector validator should check at least:
83
+
84
+ - JSON parseability.
85
+ - File path matches `category` and `id`.
86
+ - `id` uses lowercase hyphenated syntax.
87
+ - `drafts` contains only published AEP draft identifiers.
88
+ - `category` is one of the known vector categories.
89
+ - `applies_to` contains only known roles.
90
+ - `profile` is one of the known profiles.
91
+ - `input` and `expected` are JSON objects.
92
+
93
+ The validator should not require live network access. Network-dependent checks
94
+ belong in the future conformance harness, not in static vector validation.
95
+
96
+ Run static vector validation with:
97
+
98
+ ```sh
99
+ make -C ietf check-vectors
100
+ ```
@@ -0,0 +1,26 @@
1
+ {
2
+ "id": "enroll-claims",
3
+ "title": "Client assertion claims for Enroll",
4
+ "description": "A valid baseline AEP client assertion claim set for an Enroll command.",
5
+ "drafts": ["draft-kavian-agent-enrollment-protocol-01"],
6
+ "category": "client-assertion",
7
+ "applies_to": ["agent", "service"],
8
+ "profile": "core-http",
9
+ "input": {
10
+ "service_did": "did:web:api.example.com",
11
+ "agent_did": "did:web:agent.example.com:agents:123",
12
+ "command": "enroll",
13
+ "issued_at": 1748428800,
14
+ "expires_at": 1748429100,
15
+ "jti": "01J0AEPVECTORENROLL0000000001"
16
+ },
17
+ "expected": {
18
+ "iss": "did:web:agent.example.com:agents:123",
19
+ "sub": "did:web:agent.example.com:agents:123",
20
+ "aud": "did:web:api.example.com",
21
+ "op": "enroll",
22
+ "iat": 1748428800,
23
+ "exp": 1748429100,
24
+ "jti": "01J0AEPVECTORENROLL0000000001"
25
+ }
26
+ }
@@ -0,0 +1,20 @@
1
+ {
2
+ "id": "grant-response",
3
+ "title": "API-key Grant response",
4
+ "description": "A successful API-key session-credential response.",
5
+ "drafts": ["draft-kavian-aep-api-key-session-credential-01"],
6
+ "category": "credentials/api-key",
7
+ "applies_to": ["agent", "service"],
8
+ "profile": "api-key",
9
+ "input": {
10
+ "grant_type": "api-key",
11
+ "requested_scopes": ["read"]
12
+ },
13
+ "expected": {
14
+ "api_key": "aep_live_7Jm5Example",
15
+ "credential_id": "key_01HZY8W7Q2F8J7D3P9G9Z1N6TT",
16
+ "expires_at": "2026-12-01T00:00:00Z",
17
+ "header": "x-api-key",
18
+ "scopes": ["read"]
19
+ }
20
+ }
@@ -0,0 +1,21 @@
1
+ {
2
+ "id": "grant-response",
3
+ "title": "Basic Grant response",
4
+ "description": "A successful HTTP Basic session-credential response.",
5
+ "drafts": ["draft-kavian-aep-basic-session-credential-01"],
6
+ "category": "credentials/basic",
7
+ "applies_to": ["agent", "service"],
8
+ "profile": "basic",
9
+ "input": {
10
+ "grant_type": "basic",
11
+ "requested_scopes": ["read"]
12
+ },
13
+ "expected": {
14
+ "credential_id": "bas_01HZY8W7Q2F8J7D3P9G9Z1N6TT",
15
+ "expires_at": "2026-12-01T00:00:00Z",
16
+ "password": "s3cr3tExample",
17
+ "realm": "api.example.com",
18
+ "scopes": ["read"],
19
+ "username": "aep_agent_abc123"
20
+ }
21
+ }