@arcblock/jwt 1.29.21 → 1.29.23

package/esm/index.d.mts

@@ -35,6 +35,28 @@ type JwtVerifyOptions = Partial<{
  */
 declare function sign(signer: string, sk?: BytesType, payload?: {}, doSign?: boolean, version?: string): Promise<string>;
 declare function signV2(signer: string, sk?: BytesType, payload?: any): Promise<string>;
+type PasskeyAssertion = {
+  authenticatorData: string;
+  clientDataJSON: string;
+  signature: string;
+};
+/**
+ * Compute the WebAuthn challenge for an unsigned JWT token.
+ * Always uses SHA3 hash-before-sign (v1.1.0 semantics, required for passkey).
+ *
+ * @param unsignedToken - the unsigned token (headerB64.bodyB64), may also accept 3-part tokens (ignores third segment)
+ * @returns hex-encoded SHA3 hash suitable as WebAuthn challenge
+ */
+declare function getChallenge(unsignedToken: string): string;
+/**
+ * Assemble a complete JWT from an unsigned token and a passkey assertion.
+ * The assertion is JSON-serialized and base64-encoded as the JWT's third segment.
+ *
+ * @param unsignedToken - the unsigned token (headerB64.bodyB64)
+ * @param assertion - WebAuthn assertion with base64url-encoded fields
+ * @returns complete 3-part JWT string
+ */
+declare function assemble(unsignedToken: string, assertion: PasskeyAssertion): string;
 declare function decode(token: string, bodyOnly?: true): JwtBody;
 declare function decode(token: string, bodyOnly?: false): JwtToken;
 /**
@@ -88,6 +110,23 @@ declare function signDelegationToken(signer: string, sk: BytesType, payload: {
   nbf?: string;
   exp?: string;
 }): Promise<string>;
+/**
+ * Create an unsigned delegation token for passkey two-phase signing.
+ * Unlike signDelegationToken, this does not sign (passkey has no sk), and pk is passed directly.
+ */
+declare function signDelegationTokenUnsigned(signer: string, pk: BytesType, payload: {
+  sub: string;
+  ops: string[];
+  deny?: string[];
+  delegation?: string;
+  iat?: string;
+  nbf?: string;
+  exp?: string;
+}): Promise<string>;
+/**
+ * Assemble a complete delegation token from an unsigned token and a passkey assertion.
+ */
+declare function assembleDelegationToken(unsignedToken: string, assertion: PasskeyAssertion): string;
 declare function decodeDelegationToken(token: string): DelegationToken;
 declare function verifyDelegationToken(token: string): Promise<boolean>;
 declare function checkDelegationTokenScope(scope: string, {
@@ -98,4 +137,4 @@ declare function checkDelegationTokenScope(scope: string, {
   deny?: string[];
 }): boolean;
 //#endregion
-export { DelegationToken, DelegationTokenBody, DelegationTokenHeader, JwtBody, JwtHeader, JwtToken, JwtVerifyOptions, checkDelegationTokenScope, decode, decodeDelegationToken, sign, signDelegationToken, signV2, verify, verifyDelegationToken };
+export { DelegationToken, DelegationTokenBody, DelegationTokenHeader, JwtBody, JwtHeader, JwtToken, JwtVerifyOptions, PasskeyAssertion, assemble, assembleDelegationToken, checkDelegationTokenScope, decode, decodeDelegationToken, getChallenge, sign, signDelegationToken, signDelegationTokenUnsigned, signV2, verify, verifyDelegationToken };

package/esm/index.mjs

@@ -3,12 +3,24 @@ import { Hasher, getSigner, types } from "@ocap/mcrypto";
 import { fromBase64, scopeMatchAny, toBase64, toHex } from "@ocap/util";
 import Debug from "debug";
 import stringify from "json-stable-stringify";
-import semver from "semver";
 
 //#region src/index.ts
 const debug = Debug("@arcblock/jwt");
 const JWT_VERSION_REQUIRE_HASH_BEFORE_SIGN = "1.1.0";
 const hasher = Hasher.SHA3.hash256;
+function coerceVersion(str) {
+	const m = str.match(/(\d+\.\d+\.\d+)/);
+	return m ? m[1] : null;
+}
+function semverGte(a, b) {
+	const pa = a.split(".").map(Number);
+	const pb = b.split(".").map(Number);
+	for (let i = 0; i < 3; i++) {
+		if ((pa[i] || 0) > (pb[i] || 0)) return true;
+		if ((pa[i] || 0) < (pb[i] || 0)) return false;
+	}
+	return true;
+}
 /**
 *
 *
@@ -59,8 +71,8 @@ async function sign(signer, sk, payload = {}, doSign = true, version = "1.0.0")
 	const bodyB64 = toBase64(stringify(body));
 	debug("sign.body", body);
 	const msgHex = toHex(`${headerB64}.${bodyB64}`);
-	const coercedVersion = semver.coerce(version);
-	const msgHash = coercedVersion && semver.gte(coercedVersion.version, JWT_VERSION_REQUIRE_HASH_BEFORE_SIGN) ? hasher(msgHex) : msgHex;
+	const coercedVersion = coerceVersion(version);
+	const msgHash = coercedVersion && semverGte(coercedVersion, JWT_VERSION_REQUIRE_HASH_BEFORE_SIGN) ? hasher(msgHex) : msgHex;
 	// istanbul ignore if
 	if (!doSign) return `${headerB64}.${bodyB64}`;
 	return [
@@ -72,6 +84,32 @@ async function sign(signer, sk, payload = {}, doSign = true, version = "1.0.0")
 async function signV2(signer, sk, payload = {}) {
 	return sign(signer, sk, payload, !!sk, "1.1.0");
 }
+/**
+* Compute the WebAuthn challenge for an unsigned JWT token.
+* Always uses SHA3 hash-before-sign (v1.1.0 semantics, required for passkey).
+*
+* @param unsignedToken - the unsigned token (headerB64.bodyB64), may also accept 3-part tokens (ignores third segment)
+* @returns hex-encoded SHA3 hash suitable as WebAuthn challenge
+*/
+function getChallenge(unsignedToken) {
+	if (!unsignedToken) throw new Error("Cannot compute challenge from empty token");
+	const parts = unsignedToken.split(".");
+	return hasher(toHex(`${parts[0]}.${parts[1]}`));
+}
+/**
+* Assemble a complete JWT from an unsigned token and a passkey assertion.
+* The assertion is JSON-serialized and base64-encoded as the JWT's third segment.
+*
+* @param unsignedToken - the unsigned token (headerB64.bodyB64)
+* @param assertion - WebAuthn assertion with base64url-encoded fields
+* @returns complete 3-part JWT string
+*/
+function assemble(unsignedToken, assertion) {
+	if (!unsignedToken) throw new Error("Cannot assemble JWT from empty token");
+	if (unsignedToken.split(".").length !== 2) throw new Error("Cannot assemble JWT: expected unsigned token with exactly 2 parts (headerB64.bodyB64)");
+	if (!assertion || !assertion.authenticatorData || !assertion.clientDataJSON || !assertion.signature) throw new Error("Cannot assemble JWT: assertion must contain authenticatorData, clientDataJSON, and signature");
+	return `${unsignedToken}.${toBase64(JSON.stringify(assertion))}`;
+}
 function decode(token, bodyOnly = true) {
 	const [headerB64, bodyB64, sigB64] = token.split(".");
 	const header = JSON.parse(fromBase64(headerB64).toString());
@@ -154,18 +192,30 @@ async function verify(token, signerPk, options) {
 				return false;
 			}
 		}
+		const alg = header.alg.toLowerCase();
+		if (alg === "passkey") {
+			const [, , sigB64] = token.split(".");
+			const assertionRaw = JSON.parse(fromBase64(sigB64).toString());
+			if (!assertionRaw.authenticatorData || !assertionRaw.clientDataJSON || !assertionRaw.signature) {
+				debug("verify.error.incompletePasskeyAssertion");
+				return false;
+			}
+			const challenge = hasher(toHex(`${headerB64}.${bodyB64}`));
+			const extra = JSON.stringify({
+				authenticatorData: assertionRaw.authenticatorData,
+				clientDataJSON: assertionRaw.clientDataJSON
+			});
+			return await getSigner(types.KeyType.PASSKEY).verify(challenge, assertionRaw.signature, signerPk, extra);
+		}
 		const signers = {
 			secp256k1: getSigner(types.KeyType.SECP256K1),
 			es256k: getSigner(types.KeyType.SECP256K1),
 			ed25519: getSigner(types.KeyType.ED25519),
-			ethereum: getSigner(types.KeyType.ETHEREUM),
-			passkey: getSigner(types.KeyType.PASSKEY)
+			ethereum: getSigner(types.KeyType.ETHEREUM)
 		};
-		const alg = header.alg.toLowerCase();
 		if (signers[alg]) {
 			const msgHex = toHex(`${headerB64}.${bodyB64}`);
-			const coercedBodyVersion = body.version ? semver.coerce(body.version) : null;
-			const version = coercedBodyVersion ? coercedBodyVersion.version : "";
+			const version = (body.version ? coerceVersion(body.version) : null) || "";
 			if (version && version === JWT_VERSION_REQUIRE_HASH_BEFORE_SIGN) return signers[alg].verify(hasher(msgHex), signature, signerPk);
 			return signers[alg].verify(msgHex, signature, signerPk);
 		}
@@ -190,6 +240,10 @@ const delegationTokenHeaders = {
 	[types.KeyType.ETHEREUM]: {
 		alg: "Ethereum",
 		typ: "DelegationToken"
+	},
+	[types.KeyType.PASSKEY]: {
+		alg: "Passkey",
+		typ: "DelegationToken"
 	}
 };
 async function signDelegationToken(signer, sk, payload) {
@@ -223,6 +277,45 @@ async function signDelegationToken(signer, sk, payload) {
 		toBase64(getSigner(type.pk).sign(msgHash, sk))
 	].join(".");
 }
+/**
+* Create an unsigned delegation token for passkey two-phase signing.
+* Unlike signDelegationToken, this does not sign (passkey has no sk), and pk is passed directly.
+*/
+async function signDelegationTokenUnsigned(signer, pk, payload) {
+	if (isValid(signer) === false) throw new Error("Cannot sign DelegationToken with invalid signer");
+	const type = toTypeInfo(signer);
+	if (type.pk === void 0) throw new Error("Cannot determine key type from signer");
+	const header = delegationTokenHeaders[type.pk];
+	const headerB64 = toBase64(stringify(header));
+	const delegationSignerMethod = extractMethod(signer) || "abt";
+	const now = Math.floor(Date.now() / 1e3);
+	const pkHex = typeof pk === "string" ? pk : toHex(pk);
+	const body = {
+		iss: toDid(signer, delegationSignerMethod),
+		sub: payload.sub,
+		iat: payload.iat || String(now),
+		nbf: payload.nbf || String(now),
+		exp: payload.exp || String(now + 300),
+		version: DELEGATION_TOKEN_VERSION,
+		ops: payload.ops,
+		pk: pkHex
+	};
+	if (payload.deny && payload.deny.length > 0) {
+		for (const d of payload.deny) if (!d.startsWith("fg:")) throw new Error(`Invalid deny pattern "${d}": must start with "fg:"`);
+		body.deny = payload.deny;
+	}
+	if (payload.delegation) body.delegation = payload.delegation;
+	return `${headerB64}.${toBase64(stringify(body))}`;
+}
+/**
+* Assemble a complete delegation token from an unsigned token and a passkey assertion.
+*/
+function assembleDelegationToken(unsignedToken, assertion) {
+	if (!unsignedToken) throw new Error("Cannot assemble DelegationToken from empty token");
+	if (unsignedToken.split(".").length !== 2) throw new Error("Cannot assemble DelegationToken: expected unsigned token with exactly 2 parts (headerB64.bodyB64)");
+	if (!assertion || !assertion.authenticatorData || !assertion.clientDataJSON || !assertion.signature) throw new Error("Cannot assemble DelegationToken: assertion must contain authenticatorData, clientDataJSON, and signature");
+	return `${unsignedToken}.${toBase64(JSON.stringify(assertion))}`;
+}
 function decodeDelegationToken(token) {
 	const parts = token.split(".");
 	if (parts.length !== 3) throw new Error("Invalid delegation token format: expected 3 parts");
@@ -265,13 +358,27 @@ async function verifyDelegationToken(token) {
 			debug("delegationToken.verify.error.futureIat");
 			return false;
 		}
+		const alg = header.alg.toLowerCase();
+		if (alg === "passkey") {
+			const [, , sigB64] = token.split(".");
+			const assertionRaw = JSON.parse(fromBase64(sigB64).toString());
+			if (!assertionRaw.authenticatorData || !assertionRaw.clientDataJSON || !assertionRaw.signature) {
+				debug("delegationToken.verify.error.incompletePasskeyAssertion");
+				return false;
+			}
+			const challenge = hasher(toHex(`${headerB64}.${bodyB64}`));
+			const extra = JSON.stringify({
+				authenticatorData: assertionRaw.authenticatorData,
+				clientDataJSON: assertionRaw.clientDataJSON
+			});
+			return await getSigner(types.KeyType.PASSKEY).verify(challenge, assertionRaw.signature, body.pk, extra);
+		}
 		const signers = {
 			ed25519: getSigner(types.KeyType.ED25519),
 			es256k: getSigner(types.KeyType.SECP256K1),
 			secp256k1: getSigner(types.KeyType.SECP256K1),
 			ethereum: getSigner(types.KeyType.ETHEREUM)
 		};
-		const alg = header.alg.toLowerCase();
 		if (!signers[alg]) {
 			debug("delegationToken.verify.error.unknownAlg");
 			return false;
@@ -289,4 +396,4 @@ function checkDelegationTokenScope(scope, { ops, deny }) {
 }
 
 //#endregion
-export { checkDelegationTokenScope, decode, decodeDelegationToken, sign, signDelegationToken, signV2, verify, verifyDelegationToken };
+export { assemble, assembleDelegationToken, checkDelegationTokenScope, decode, decodeDelegationToken, getChallenge, sign, signDelegationToken, signDelegationTokenUnsigned, signV2, verify, verifyDelegationToken };

package/lib/index.cjs

@@ -6,13 +6,24 @@ let debug = require("debug");
 debug = require_rolldown_runtime.__toESM(debug);
 let json_stable_stringify = require("json-stable-stringify");
 json_stable_stringify = require_rolldown_runtime.__toESM(json_stable_stringify);
-let semver = require("semver");
-semver = require_rolldown_runtime.__toESM(semver);
 
 //#region src/index.ts
 const debug$1 = (0, debug.default)("@arcblock/jwt");
 const JWT_VERSION_REQUIRE_HASH_BEFORE_SIGN = "1.1.0";
 const hasher = _ocap_mcrypto.Hasher.SHA3.hash256;
+function coerceVersion(str) {
+	const m = str.match(/(\d+\.\d+\.\d+)/);
+	return m ? m[1] : null;
+}
+function semverGte(a, b) {
+	const pa = a.split(".").map(Number);
+	const pb = b.split(".").map(Number);
+	for (let i = 0; i < 3; i++) {
+		if ((pa[i] || 0) > (pb[i] || 0)) return true;
+		if ((pa[i] || 0) < (pb[i] || 0)) return false;
+	}
+	return true;
+}
 /**
 *
 *
@@ -63,8 +74,8 @@ async function sign(signer, sk, payload = {}, doSign = true, version = "1.0.0")
 	const bodyB64 = (0, _ocap_util.toBase64)((0, json_stable_stringify.default)(body));
 	debug$1("sign.body", body);
 	const msgHex = (0, _ocap_util.toHex)(`${headerB64}.${bodyB64}`);
-	const coercedVersion = semver.default.coerce(version);
-	const msgHash = coercedVersion && semver.default.gte(coercedVersion.version, JWT_VERSION_REQUIRE_HASH_BEFORE_SIGN) ? hasher(msgHex) : msgHex;
+	const coercedVersion = coerceVersion(version);
+	const msgHash = coercedVersion && semverGte(coercedVersion, JWT_VERSION_REQUIRE_HASH_BEFORE_SIGN) ? hasher(msgHex) : msgHex;
 	// istanbul ignore if
 	if (!doSign) return `${headerB64}.${bodyB64}`;
 	return [
@@ -76,6 +87,32 @@ async function sign(signer, sk, payload = {}, doSign = true, version = "1.0.0")
 async function signV2(signer, sk, payload = {}) {
 	return sign(signer, sk, payload, !!sk, "1.1.0");
 }
+/**
+* Compute the WebAuthn challenge for an unsigned JWT token.
+* Always uses SHA3 hash-before-sign (v1.1.0 semantics, required for passkey).
+*
+* @param unsignedToken - the unsigned token (headerB64.bodyB64), may also accept 3-part tokens (ignores third segment)
+* @returns hex-encoded SHA3 hash suitable as WebAuthn challenge
+*/
+function getChallenge(unsignedToken) {
+	if (!unsignedToken) throw new Error("Cannot compute challenge from empty token");
+	const parts = unsignedToken.split(".");
+	return hasher((0, _ocap_util.toHex)(`${parts[0]}.${parts[1]}`));
+}
+/**
+* Assemble a complete JWT from an unsigned token and a passkey assertion.
+* The assertion is JSON-serialized and base64-encoded as the JWT's third segment.
+*
+* @param unsignedToken - the unsigned token (headerB64.bodyB64)
+* @param assertion - WebAuthn assertion with base64url-encoded fields
+* @returns complete 3-part JWT string
+*/
+function assemble(unsignedToken, assertion) {
+	if (!unsignedToken) throw new Error("Cannot assemble JWT from empty token");
+	if (unsignedToken.split(".").length !== 2) throw new Error("Cannot assemble JWT: expected unsigned token with exactly 2 parts (headerB64.bodyB64)");
+	if (!assertion || !assertion.authenticatorData || !assertion.clientDataJSON || !assertion.signature) throw new Error("Cannot assemble JWT: assertion must contain authenticatorData, clientDataJSON, and signature");
+	return `${unsignedToken}.${(0, _ocap_util.toBase64)(JSON.stringify(assertion))}`;
+}
 function decode(token, bodyOnly = true) {
 	const [headerB64, bodyB64, sigB64] = token.split(".");
 	const header = JSON.parse((0, _ocap_util.fromBase64)(headerB64).toString());
@@ -158,18 +195,30 @@ async function verify(token, signerPk, options) {
 				return false;
 			}
 		}
+		const alg = header.alg.toLowerCase();
+		if (alg === "passkey") {
+			const [, , sigB64] = token.split(".");
+			const assertionRaw = JSON.parse((0, _ocap_util.fromBase64)(sigB64).toString());
+			if (!assertionRaw.authenticatorData || !assertionRaw.clientDataJSON || !assertionRaw.signature) {
+				debug$1("verify.error.incompletePasskeyAssertion");
+				return false;
+			}
+			const challenge = hasher((0, _ocap_util.toHex)(`${headerB64}.${bodyB64}`));
+			const extra = JSON.stringify({
+				authenticatorData: assertionRaw.authenticatorData,
+				clientDataJSON: assertionRaw.clientDataJSON
+			});
+			return await (0, _ocap_mcrypto.getSigner)(_ocap_mcrypto.types.KeyType.PASSKEY).verify(challenge, assertionRaw.signature, signerPk, extra);
+		}
 		const signers = {
 			secp256k1: (0, _ocap_mcrypto.getSigner)(_ocap_mcrypto.types.KeyType.SECP256K1),
 			es256k: (0, _ocap_mcrypto.getSigner)(_ocap_mcrypto.types.KeyType.SECP256K1),
 			ed25519: (0, _ocap_mcrypto.getSigner)(_ocap_mcrypto.types.KeyType.ED25519),
-			ethereum: (0, _ocap_mcrypto.getSigner)(_ocap_mcrypto.types.KeyType.ETHEREUM),
-			passkey: (0, _ocap_mcrypto.getSigner)(_ocap_mcrypto.types.KeyType.PASSKEY)
+			ethereum: (0, _ocap_mcrypto.getSigner)(_ocap_mcrypto.types.KeyType.ETHEREUM)
 		};
-		const alg = header.alg.toLowerCase();
 		if (signers[alg]) {
 			const msgHex = (0, _ocap_util.toHex)(`${headerB64}.${bodyB64}`);
-			const coercedBodyVersion = body.version ? semver.default.coerce(body.version) : null;
-			const version = coercedBodyVersion ? coercedBodyVersion.version : "";
+			const version = (body.version ? coerceVersion(body.version) : null) || "";
 			if (version && version === JWT_VERSION_REQUIRE_HASH_BEFORE_SIGN) return signers[alg].verify(hasher(msgHex), signature, signerPk);
 			return signers[alg].verify(msgHex, signature, signerPk);
 		}
@@ -194,6 +243,10 @@ const delegationTokenHeaders = {
 	[_ocap_mcrypto.types.KeyType.ETHEREUM]: {
 		alg: "Ethereum",
 		typ: "DelegationToken"
+	},
+	[_ocap_mcrypto.types.KeyType.PASSKEY]: {
+		alg: "Passkey",
+		typ: "DelegationToken"
 	}
 };
 async function signDelegationToken(signer, sk, payload) {
@@ -227,6 +280,45 @@ async function signDelegationToken(signer, sk, payload) {
 		(0, _ocap_util.toBase64)((0, _ocap_mcrypto.getSigner)(type.pk).sign(msgHash, sk))
 	].join(".");
 }
+/**
+* Create an unsigned delegation token for passkey two-phase signing.
+* Unlike signDelegationToken, this does not sign (passkey has no sk), and pk is passed directly.
+*/
+async function signDelegationTokenUnsigned(signer, pk, payload) {
+	if ((0, _arcblock_did.isValid)(signer) === false) throw new Error("Cannot sign DelegationToken with invalid signer");
+	const type = (0, _arcblock_did.toTypeInfo)(signer);
+	if (type.pk === void 0) throw new Error("Cannot determine key type from signer");
+	const header = delegationTokenHeaders[type.pk];
+	const headerB64 = (0, _ocap_util.toBase64)((0, json_stable_stringify.default)(header));
+	const delegationSignerMethod = (0, _arcblock_did.extractMethod)(signer) || "abt";
+	const now = Math.floor(Date.now() / 1e3);
+	const pkHex = typeof pk === "string" ? pk : (0, _ocap_util.toHex)(pk);
+	const body = {
+		iss: (0, _arcblock_did.toDid)(signer, delegationSignerMethod),
+		sub: payload.sub,
+		iat: payload.iat || String(now),
+		nbf: payload.nbf || String(now),
+		exp: payload.exp || String(now + 300),
+		version: DELEGATION_TOKEN_VERSION,
+		ops: payload.ops,
+		pk: pkHex
+	};
+	if (payload.deny && payload.deny.length > 0) {
+		for (const d of payload.deny) if (!d.startsWith("fg:")) throw new Error(`Invalid deny pattern "${d}": must start with "fg:"`);
+		body.deny = payload.deny;
+	}
+	if (payload.delegation) body.delegation = payload.delegation;
+	return `${headerB64}.${(0, _ocap_util.toBase64)((0, json_stable_stringify.default)(body))}`;
+}
+/**
+* Assemble a complete delegation token from an unsigned token and a passkey assertion.
+*/
+function assembleDelegationToken(unsignedToken, assertion) {
+	if (!unsignedToken) throw new Error("Cannot assemble DelegationToken from empty token");
+	if (unsignedToken.split(".").length !== 2) throw new Error("Cannot assemble DelegationToken: expected unsigned token with exactly 2 parts (headerB64.bodyB64)");
+	if (!assertion || !assertion.authenticatorData || !assertion.clientDataJSON || !assertion.signature) throw new Error("Cannot assemble DelegationToken: assertion must contain authenticatorData, clientDataJSON, and signature");
+	return `${unsignedToken}.${(0, _ocap_util.toBase64)(JSON.stringify(assertion))}`;
+}
 function decodeDelegationToken(token) {
 	const parts = token.split(".");
 	if (parts.length !== 3) throw new Error("Invalid delegation token format: expected 3 parts");
@@ -269,13 +361,27 @@ async function verifyDelegationToken(token) {
 			debug$1("delegationToken.verify.error.futureIat");
 			return false;
 		}
+		const alg = header.alg.toLowerCase();
+		if (alg === "passkey") {
+			const [, , sigB64] = token.split(".");
+			const assertionRaw = JSON.parse((0, _ocap_util.fromBase64)(sigB64).toString());
+			if (!assertionRaw.authenticatorData || !assertionRaw.clientDataJSON || !assertionRaw.signature) {
+				debug$1("delegationToken.verify.error.incompletePasskeyAssertion");
+				return false;
+			}
+			const challenge = hasher((0, _ocap_util.toHex)(`${headerB64}.${bodyB64}`));
+			const extra = JSON.stringify({
+				authenticatorData: assertionRaw.authenticatorData,
+				clientDataJSON: assertionRaw.clientDataJSON
+			});
+			return await (0, _ocap_mcrypto.getSigner)(_ocap_mcrypto.types.KeyType.PASSKEY).verify(challenge, assertionRaw.signature, body.pk, extra);
+		}
 		const signers = {
 			ed25519: (0, _ocap_mcrypto.getSigner)(_ocap_mcrypto.types.KeyType.ED25519),
 			es256k: (0, _ocap_mcrypto.getSigner)(_ocap_mcrypto.types.KeyType.SECP256K1),
 			secp256k1: (0, _ocap_mcrypto.getSigner)(_ocap_mcrypto.types.KeyType.SECP256K1),
 			ethereum: (0, _ocap_mcrypto.getSigner)(_ocap_mcrypto.types.KeyType.ETHEREUM)
 		};
-		const alg = header.alg.toLowerCase();
 		if (!signers[alg]) {
 			debug$1("delegationToken.verify.error.unknownAlg");
 			return false;
@@ -293,11 +399,15 @@ function checkDelegationTokenScope(scope, { ops, deny }) {
 }
 
 //#endregion
+exports.assemble = assemble;
+exports.assembleDelegationToken = assembleDelegationToken;
 exports.checkDelegationTokenScope = checkDelegationTokenScope;
 exports.decode = decode;
 exports.decodeDelegationToken = decodeDelegationToken;
+exports.getChallenge = getChallenge;
 exports.sign = sign;
 exports.signDelegationToken = signDelegationToken;
+exports.signDelegationTokenUnsigned = signDelegationTokenUnsigned;
 exports.signV2 = signV2;
 exports.verify = verify;
 exports.verifyDelegationToken = verifyDelegationToken;

package/lib/index.d.cts

@@ -35,6 +35,28 @@ type JwtVerifyOptions = Partial<{
  */
 declare function sign(signer: string, sk?: BytesType, payload?: {}, doSign?: boolean, version?: string): Promise<string>;
 declare function signV2(signer: string, sk?: BytesType, payload?: any): Promise<string>;
+type PasskeyAssertion = {
+  authenticatorData: string;
+  clientDataJSON: string;
+  signature: string;
+};
+/**
+ * Compute the WebAuthn challenge for an unsigned JWT token.
+ * Always uses SHA3 hash-before-sign (v1.1.0 semantics, required for passkey).
+ *
+ * @param unsignedToken - the unsigned token (headerB64.bodyB64), may also accept 3-part tokens (ignores third segment)
+ * @returns hex-encoded SHA3 hash suitable as WebAuthn challenge
+ */
+declare function getChallenge(unsignedToken: string): string;
+/**
+ * Assemble a complete JWT from an unsigned token and a passkey assertion.
+ * The assertion is JSON-serialized and base64-encoded as the JWT's third segment.
+ *
+ * @param unsignedToken - the unsigned token (headerB64.bodyB64)
+ * @param assertion - WebAuthn assertion with base64url-encoded fields
+ * @returns complete 3-part JWT string
+ */
+declare function assemble(unsignedToken: string, assertion: PasskeyAssertion): string;
 declare function decode(token: string, bodyOnly?: true): JwtBody;
 declare function decode(token: string, bodyOnly?: false): JwtToken;
 /**
@@ -88,6 +110,23 @@ declare function signDelegationToken(signer: string, sk: BytesType, payload: {
   nbf?: string;
   exp?: string;
 }): Promise<string>;
+/**
+ * Create an unsigned delegation token for passkey two-phase signing.
+ * Unlike signDelegationToken, this does not sign (passkey has no sk), and pk is passed directly.
+ */
+declare function signDelegationTokenUnsigned(signer: string, pk: BytesType, payload: {
+  sub: string;
+  ops: string[];
+  deny?: string[];
+  delegation?: string;
+  iat?: string;
+  nbf?: string;
+  exp?: string;
+}): Promise<string>;
+/**
+ * Assemble a complete delegation token from an unsigned token and a passkey assertion.
+ */
+declare function assembleDelegationToken(unsignedToken: string, assertion: PasskeyAssertion): string;
 declare function decodeDelegationToken(token: string): DelegationToken;
 declare function verifyDelegationToken(token: string): Promise<boolean>;
 declare function checkDelegationTokenScope(scope: string, {
@@ -98,4 +137,4 @@ declare function checkDelegationTokenScope(scope: string, {
   deny?: string[];
 }): boolean;
 //#endregion
-export { DelegationToken, DelegationTokenBody, DelegationTokenHeader, JwtBody, JwtHeader, JwtToken, JwtVerifyOptions, checkDelegationTokenScope, decode, decodeDelegationToken, sign, signDelegationToken, signV2, verify, verifyDelegationToken };
+export { DelegationToken, DelegationTokenBody, DelegationTokenHeader, JwtBody, JwtHeader, JwtToken, JwtVerifyOptions, PasskeyAssertion, assemble, assembleDelegationToken, checkDelegationTokenScope, decode, decodeDelegationToken, getChallenge, sign, signDelegationToken, signDelegationTokenUnsigned, signV2, verify, verifyDelegationToken };

package/package.json

@@ -2,7 +2,7 @@
   "name": "@arcblock/jwt",
   "description": "JSON Web Token variant for arcblock DID solutions",
   "type": "module",
-  "version": "1.29.21",
+  "version": "1.29.23",
   "author": {
     "name": "wangshijun",
     "email": "shijun@arcblock.io",
@@ -19,18 +19,16 @@
     "access": "public"
   },
   "dependencies": {
-    "@arcblock/did": "1.29.21",
-    "@ocap/mcrypto": "1.29.21",
-    "@ocap/util": "1.29.21",
+    "@arcblock/did": "1.29.23",
+    "@ocap/mcrypto": "1.29.23",
+    "@ocap/util": "1.29.23",
     "debug": "^4.4.3",
-    "json-stable-stringify": "^1.0.1",
-    "semver": "^7.6.3"
+    "json-stable-stringify": "^1.0.1"
   },
   "devDependencies": {
-    "@ocap/wallet": "1.29.21",
+    "@ocap/wallet": "1.29.23",
     "@types/json-stable-stringify": "^1.0.36",
     "@types/node": "^22.7.5",
-    "@types/semver": "^7.5.8",
     "tsdown": "^0.18.4",
     "tslib": "^2.4.0"
   },