@bedrock/vc-delivery 4.7.0 → 4.8.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/openId.js +17 -3
- package/lib/vcapi.js +15 -0
- package/package.json +1 -1
- package/schemas/bedrock-vc-workflow.js +13 -0
package/lib/openId.js
CHANGED
|
@@ -916,6 +916,23 @@ async function _processAuthorizationResponse({
|
|
|
916
916
|
const {authorizationRequest, step} = arRequest;
|
|
917
917
|
({exchange} = arRequest);
|
|
918
918
|
|
|
919
|
+
// FIXME: if the VP is enveloped, remove the envelope to validate or
|
|
920
|
+
// run validation code after verification if necessary
|
|
921
|
+
|
|
922
|
+
// FIXME: check the VP against the presentation submission if requested
|
|
923
|
+
// FIXME: check the VP against "trustedIssuer" in VPR, if provided
|
|
924
|
+
const {presentationSchema} = step;
|
|
925
|
+
if(presentationSchema) {
|
|
926
|
+
// validate the received VP
|
|
927
|
+
console.log('run presentation schema');
|
|
928
|
+
const {jsonSchema: schema} = presentationSchema;
|
|
929
|
+
const validate = compile({schema});
|
|
930
|
+
const {valid, error} = validate(presentation);
|
|
931
|
+
if(!valid) {
|
|
932
|
+
throw error;
|
|
933
|
+
}
|
|
934
|
+
}
|
|
935
|
+
|
|
919
936
|
// verify the received VP
|
|
920
937
|
const {verifiablePresentationRequest} = await oid4vp.toVpr(
|
|
921
938
|
{authorizationRequest});
|
|
@@ -928,9 +945,6 @@ async function _processAuthorizationResponse({
|
|
|
928
945
|
expectedChallenge: authorizationRequest.nonce
|
|
929
946
|
});
|
|
930
947
|
|
|
931
|
-
// FIXME: check the VP against the presentation submission if requested
|
|
932
|
-
// FIXME: check the VP against "trustedIssuer" in VPR, if provided
|
|
933
|
-
|
|
934
948
|
// store VP results in variables associated with current step
|
|
935
949
|
const currentStep = exchange.step;
|
|
936
950
|
if(!exchange.variables.results) {
|
package/lib/vcapi.js
CHANGED
|
@@ -4,6 +4,7 @@
|
|
|
4
4
|
import * as bedrock from '@bedrock/core';
|
|
5
5
|
import * as exchanges from './exchanges.js';
|
|
6
6
|
import {createChallenge as _createChallenge, verify} from './verify.js';
|
|
7
|
+
import {compile} from '@bedrock/validation';
|
|
7
8
|
import {evaluateTemplate} from './helpers.js';
|
|
8
9
|
import {issue} from './issue.js';
|
|
9
10
|
import {klona} from 'klona';
|
|
@@ -95,6 +96,20 @@ export async function processExchange({req, res, workflow, exchange}) {
|
|
|
95
96
|
return;
|
|
96
97
|
}
|
|
97
98
|
|
|
99
|
+
// FIXME: if the VP is enveloped, remove the envelope to validate or
|
|
100
|
+
// run validation code after verification if necessary
|
|
101
|
+
|
|
102
|
+
const {presentationSchema} = step;
|
|
103
|
+
if(presentationSchema) {
|
|
104
|
+
// validate the received VP
|
|
105
|
+
const {jsonSchema: schema} = presentationSchema;
|
|
106
|
+
const validate = compile({schema});
|
|
107
|
+
const {valid, error} = validate(receivedPresentation);
|
|
108
|
+
if(!valid) {
|
|
109
|
+
throw error;
|
|
110
|
+
}
|
|
111
|
+
}
|
|
112
|
+
|
|
98
113
|
// verify the received VP
|
|
99
114
|
const expectedChallenge = isInitialStep ? exchange.id : undefined;
|
|
100
115
|
const {allowUnprotectedPresentation = false} = step;
|
package/package.json
CHANGED
|
@@ -228,6 +228,19 @@ const step = {
|
|
|
228
228
|
verifiablePresentationRequest: {
|
|
229
229
|
type: 'object'
|
|
230
230
|
},
|
|
231
|
+
presentationSchema: {
|
|
232
|
+
type: 'object',
|
|
233
|
+
required: ['type', 'jsonSchema'],
|
|
234
|
+
additionalProperties: false,
|
|
235
|
+
properties: {
|
|
236
|
+
type: {
|
|
237
|
+
type: 'string'
|
|
238
|
+
},
|
|
239
|
+
jsonSchema: {
|
|
240
|
+
type: 'object'
|
|
241
|
+
}
|
|
242
|
+
}
|
|
243
|
+
},
|
|
231
244
|
jwtDidProofRequest: {
|
|
232
245
|
type: 'object',
|
|
233
246
|
additionalProperties: false,
|