@bedrock/vc-delivery 5.3.0 → 5.3.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/helpers.js +13 -2
- package/lib/verify.js +19 -2
- package/package.json +1 -1
package/lib/helpers.js
CHANGED
|
@@ -13,6 +13,11 @@ import {ZcapClient} from '@digitalbazaar/ezcap';
|
|
|
13
13
|
|
|
14
14
|
const {config, util: {BedrockError}} = bedrock;
|
|
15
15
|
|
|
16
|
+
const ALLOWED_ERROR_KEYS = [
|
|
17
|
+
'message', 'name', 'type', 'data', 'errors', 'error', 'details', 'cause',
|
|
18
|
+
'status'
|
|
19
|
+
];
|
|
20
|
+
|
|
16
21
|
export async function evaluateTemplate({
|
|
17
22
|
workflow, exchange, typedTemplate
|
|
18
23
|
} = {}) {
|
|
@@ -106,8 +111,14 @@ export function decodeLocalId({localId} = {}) {
|
|
|
106
111
|
}
|
|
107
112
|
|
|
108
113
|
export function stripStacktrace(error) {
|
|
109
|
-
error
|
|
110
|
-
|
|
114
|
+
// serialize error and allow-list specific properties
|
|
115
|
+
const serialized = serializeError(error);
|
|
116
|
+
error = {};
|
|
117
|
+
for(const key of ALLOWED_ERROR_KEYS) {
|
|
118
|
+
if(serialized[key] !== undefined) {
|
|
119
|
+
error[key] = serialized[key];
|
|
120
|
+
}
|
|
121
|
+
}
|
|
111
122
|
if(error.errors) {
|
|
112
123
|
error.errors = error.errors.map(stripStacktrace);
|
|
113
124
|
}
|
package/lib/verify.js
CHANGED
|
@@ -159,6 +159,18 @@ export async function verifyDidProofJwt({workflow, exchange, jwt} = {}) {
|
|
|
159
159
|
}
|
|
160
160
|
|
|
161
161
|
const vm = await didIo.get({url: kid});
|
|
162
|
+
if(!vm) {
|
|
163
|
+
throw new BedrockError(
|
|
164
|
+
`Verification method identified by "kid" (${kid}) could not be ` +
|
|
165
|
+
'retrieved.', {
|
|
166
|
+
name: 'DataError',
|
|
167
|
+
details: {
|
|
168
|
+
public: true,
|
|
169
|
+
httpStatusCode: 400
|
|
170
|
+
}
|
|
171
|
+
});
|
|
172
|
+
}
|
|
173
|
+
|
|
162
174
|
// `vm.controller` must be the issuer of the DID JWT; also ensure that
|
|
163
175
|
// the specified controller authorized `vm` for the purpose of
|
|
164
176
|
// authentication
|
|
@@ -174,8 +186,13 @@ export async function verifyDidProofJwt({workflow, exchange, jwt} = {}) {
|
|
|
174
186
|
match.controller === vm.controller)) {
|
|
175
187
|
throw new BedrockError(
|
|
176
188
|
`Verification method controller "${issuer}" did not authorize ` +
|
|
177
|
-
`verification method "${vm.id}" for the purpose of "authentication".`,
|
|
178
|
-
|
|
189
|
+
`verification method "${vm.id}" for the purpose of "authentication".`, {
|
|
190
|
+
name: 'NotAllowedError',
|
|
191
|
+
details: {
|
|
192
|
+
public: true,
|
|
193
|
+
httpStatusCode: 400
|
|
194
|
+
}
|
|
195
|
+
});
|
|
179
196
|
}
|
|
180
197
|
let jwk;
|
|
181
198
|
if(isEcdsa) {
|