@bedrock/vc-delivery 5.1.0 → 5.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/oid4/http.js +13 -0
- package/lib/oid4/oid4vci.js +52 -16
- package/package.json +1 -1
package/lib/oid4/http.js
CHANGED
|
@@ -54,6 +54,7 @@ export async function createRoutes({
|
|
|
54
54
|
ciMetadata2: `${exchangeRoute}/.well-known/openid-credential-issuer`,
|
|
55
55
|
batchCredential: `${openIdRoute}/batch_credential`,
|
|
56
56
|
credential: `${openIdRoute}/credential`,
|
|
57
|
+
credentialOffer: `${openIdRoute}/credential-offer`,
|
|
57
58
|
token: `${openIdRoute}/token`,
|
|
58
59
|
jwks: `${openIdRoute}/jwks`,
|
|
59
60
|
// OID4VP routes
|
|
@@ -217,6 +218,18 @@ export async function createRoutes({
|
|
|
217
218
|
});
|
|
218
219
|
}));
|
|
219
220
|
|
|
221
|
+
// a credential delivery server endpoint
|
|
222
|
+
// serves the credential offer for all possible credentials in the exchange
|
|
223
|
+
app.get(
|
|
224
|
+
routes.credentialOffer,
|
|
225
|
+
cors(),
|
|
226
|
+
getConfigMiddleware,
|
|
227
|
+
getExchange,
|
|
228
|
+
asyncHandler(async (req, res) => {
|
|
229
|
+
const offer = await oid4vci.getCredentialOffer({req});
|
|
230
|
+
res.json(offer);
|
|
231
|
+
}));
|
|
232
|
+
|
|
220
233
|
// a batch credential delivery server endpoint
|
|
221
234
|
// receives N credential requests and returns N VCs
|
|
222
235
|
app.options(routes.batchCredential, cors());
|
package/lib/oid4/oid4vci.js
CHANGED
|
@@ -30,22 +30,8 @@ export async function getCredentialIssuerConfig({req}) {
|
|
|
30
30
|
const {exchange} = await req.getExchange();
|
|
31
31
|
_assertOID4VCISupported({exchange});
|
|
32
32
|
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
const supportedFormats = [..._getSupportedFormats({workflow})];
|
|
36
|
-
|
|
37
|
-
// for every expected credential definition, set `format` default to
|
|
38
|
-
// `supportedFormats` and for every format, generate a new supported
|
|
39
|
-
// credential configuration
|
|
40
|
-
const credential_configurations_supported = {};
|
|
41
|
-
for(const credentialRequest of expectedCredentialRequests) {
|
|
42
|
-
const configurations = _createCredentialConfigurations({
|
|
43
|
-
credentialRequest, supportedFormats
|
|
44
|
-
});
|
|
45
|
-
for(const {id, configuration} of configurations) {
|
|
46
|
-
credential_configurations_supported[id] = configuration;
|
|
47
|
-
}
|
|
48
|
-
}
|
|
33
|
+
const credential_configurations_supported =
|
|
34
|
+
_createCredentialConfigurationsSupported({workflow, exchange});
|
|
49
35
|
|
|
50
36
|
const exchangeId = `${workflow.id}/exchanges/${exchange.id}`;
|
|
51
37
|
return {
|
|
@@ -60,6 +46,35 @@ export async function getCredentialIssuerConfig({req}) {
|
|
|
60
46
|
};
|
|
61
47
|
}
|
|
62
48
|
|
|
49
|
+
export async function getCredentialOffer({req}) {
|
|
50
|
+
const {config: workflow} = req.serviceObject;
|
|
51
|
+
const {exchange} = await req.getExchange();
|
|
52
|
+
_assertOID4VCISupported({exchange});
|
|
53
|
+
|
|
54
|
+
// start building OID4VCI credential offer
|
|
55
|
+
const exchangeId = `${workflow.id}/exchanges/${exchange.id}`;
|
|
56
|
+
const offer = {
|
|
57
|
+
credential_issuer: exchangeId,
|
|
58
|
+
grants: {
|
|
59
|
+
'urn:ietf:params:oauth:grant-type:pre-authorized_code': {
|
|
60
|
+
'pre-authorized_code': exchange.openId.preAuthorizedCode
|
|
61
|
+
}
|
|
62
|
+
}
|
|
63
|
+
};
|
|
64
|
+
|
|
65
|
+
const supported = _createCredentialConfigurationsSupported({
|
|
66
|
+
workflow, exchange
|
|
67
|
+
});
|
|
68
|
+
|
|
69
|
+
// offer all configuration IDs and support both spec version ID-1 with
|
|
70
|
+
// `credentials` and draft 14 with `credential_configuration_ids`
|
|
71
|
+
const configurationIds = Object.keys(supported);
|
|
72
|
+
offer.credentials = configurationIds;
|
|
73
|
+
offer.credential_configuration_ids = configurationIds;
|
|
74
|
+
|
|
75
|
+
return offer;
|
|
76
|
+
}
|
|
77
|
+
|
|
63
78
|
export async function getJwks({req}) {
|
|
64
79
|
const {exchange} = await req.getExchange();
|
|
65
80
|
_assertOID4VCISupported({exchange});
|
|
@@ -411,6 +426,27 @@ function _createCredentialConfigurations({
|
|
|
411
426
|
return configurations;
|
|
412
427
|
}
|
|
413
428
|
|
|
429
|
+
function _createCredentialConfigurationsSupported({workflow, exchange}) {
|
|
430
|
+
// build `credential_configurations_supported`...
|
|
431
|
+
const {openId: {expectedCredentialRequests}} = exchange;
|
|
432
|
+
const supportedFormats = [..._getSupportedFormats({workflow})];
|
|
433
|
+
|
|
434
|
+
// for every expected credential definition, set `format` default to
|
|
435
|
+
// `supportedFormats` and for every format, generate a new supported
|
|
436
|
+
// credential configuration
|
|
437
|
+
const credential_configurations_supported = {};
|
|
438
|
+
for(const credentialRequest of expectedCredentialRequests) {
|
|
439
|
+
const configurations = _createCredentialConfigurations({
|
|
440
|
+
credentialRequest, supportedFormats
|
|
441
|
+
});
|
|
442
|
+
for(const {id, configuration} of configurations) {
|
|
443
|
+
credential_configurations_supported[id] = configuration;
|
|
444
|
+
}
|
|
445
|
+
}
|
|
446
|
+
|
|
447
|
+
return credential_configurations_supported;
|
|
448
|
+
}
|
|
449
|
+
|
|
414
450
|
function _getAlgFromPrivateKey({privateKeyJwk}) {
|
|
415
451
|
if(privateKeyJwk.alg) {
|
|
416
452
|
return privateKeyJwk.alg;
|