@bedrock/vc-verifier 19.1.0 → 20.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. package/README.md +1 -1
  2. package/lib/config.js +4 -2
  3. package/lib/di.js +63 -0
  4. package/lib/documentLoader.js +77 -5
  5. package/lib/envelopes.js +51 -0
  6. package/lib/http.js +12 -57
  7. package/lib/index.js +15 -2
  8. package/lib/vcjwt.js +537 -0
  9. package/lib/verify.js +86 -0
  10. package/package.json +39 -37
  11. package/schemas/bedrock-vc-verifier.js +231 -30
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@bedrock/vc-verifier",
3
- "version": "19.1.0",
3
+ "version": "20.1.0",
4
4
  "type": "module",
5
5
  "description": "Bedrock VC Verifier",
6
6
  "main": "./lib/index.js",
@@ -9,7 +9,7 @@
9
9
  "schemas/**/*.js"
10
10
  ],
11
11
  "scripts": {
12
- "lint": "eslint ."
12
+ "lint": "eslint --ext .cjs,.js ."
13
13
  },
14
14
  "repository": {
15
15
  "type": "git",
@@ -25,52 +25,54 @@
25
25
  },
26
26
  "homepage": "https://github.com/digitalbazaar/bedrock-vc-verifier",
27
27
  "dependencies": {
28
- "@digitalbazaar/bbs-2023-cryptosuite": "^1.1.0",
29
- "@digitalbazaar/data-integrity": "^2.0.0",
28
+ "@digitalbazaar/bbs-2023-cryptosuite": "^1.2.0",
29
+ "@digitalbazaar/data-integrity": "^2.2.0",
30
30
  "@digitalbazaar/ecdsa-2019-cryptosuite": "^2.0.0",
31
- "@digitalbazaar/ecdsa-rdfc-2019-cryptosuite": "^1.0.1",
32
- "@digitalbazaar/ecdsa-sd-2023-cryptosuite": "^3.2.0",
31
+ "@digitalbazaar/ecdsa-multikey": "^1.7.0",
32
+ "@digitalbazaar/ecdsa-rdfc-2019-cryptosuite": "^1.1.0",
33
+ "@digitalbazaar/ecdsa-sd-2023-cryptosuite": "^3.2.1",
34
+ "@digitalbazaar/ed25519-multikey": "^1.1.0",
33
35
  "@digitalbazaar/ed25519-signature-2018": "^4.0.0",
34
- "@digitalbazaar/ed25519-signature-2020": "^5.0.0",
36
+ "@digitalbazaar/ed25519-signature-2020": "^5.4.0",
35
37
  "@digitalbazaar/eddsa-2022-cryptosuite": "^1.0.0",
36
- "@digitalbazaar/eddsa-rdfc-2022-cryptosuite": "^1.0.1",
37
- "@digitalbazaar/vc": "^6.0.0",
38
- "@digitalbazaar/vc-revocation-list": "^6.0.0",
39
- "@digitalbazaar/vc-status-list": "^7.0.0",
38
+ "@digitalbazaar/eddsa-rdfc-2022-cryptosuite": "^1.1.0",
39
+ "@digitalbazaar/vc": "^7.0.0",
40
+ "@digitalbazaar/vc-revocation-list": "^7.0.0",
41
+ "@digitalbazaar/vc-status-list": "^8.0.0",
40
42
  "assert-plus": "^1.0.0",
41
43
  "bnid": "^3.0.0",
42
- "body-parser": "^1.20.0",
44
+ "body-parser": "^1.20.2",
43
45
  "cors": "^2.8.5",
44
- "serialize-error": "^11.0.0"
46
+ "jose": "^5.6.3",
47
+ "klona": "^2.0.6",
48
+ "serialize-error": "^11.0.3"
45
49
  },
46
50
  "peerDependencies": {
47
51
  "@bedrock/app-identity": "^4.0.0",
48
- "@bedrock/core": "^6.0.1",
49
- "@bedrock/credentials-context": "^4.0.0",
50
- "@bedrock/data-integrity-context": "^3.0.0",
51
- "@bedrock/did-context": "^5.0.0",
52
- "@bedrock/did-io": "^10.2.0",
53
- "@bedrock/express": "^8.0.0",
54
- "@bedrock/https-agent": "^4.0.0",
55
- "@bedrock/jsonld-document-loader": "^4.0.0",
56
- "@bedrock/mongodb": "^10.0.0",
57
- "@bedrock/multikey-context": "^2.0.0",
58
- "@bedrock/security-context": "^8.0.0",
59
- "@bedrock/service-agent": "^8.0.0",
60
- "@bedrock/service-context-store": "^11.0.0",
61
- "@bedrock/service-core": "^9.0.0",
62
- "@bedrock/validation": "^7.0.0",
63
- "@bedrock/vc-revocation-list-context": "^4.0.0",
64
- "@bedrock/vc-status-list-context": "^5.0.0",
65
- "@bedrock/veres-one-context": "^15.0.0"
52
+ "@bedrock/core": "^6.1.3",
53
+ "@bedrock/credentials-context": "^5.0.2",
54
+ "@bedrock/data-integrity-context": "^4.0.3",
55
+ "@bedrock/did-context": "^6.0.0",
56
+ "@bedrock/did-io": "^10.3.1",
57
+ "@bedrock/express": "^8.3.1",
58
+ "@bedrock/https-agent": "^4.1.0",
59
+ "@bedrock/jsonld-document-loader": "^5.1.0",
60
+ "@bedrock/mongodb": "^10.2.0",
61
+ "@bedrock/multikey-context": "^3.0.0",
62
+ "@bedrock/security-context": "^9.0.0",
63
+ "@bedrock/service-agent": "^9.0.2",
64
+ "@bedrock/service-context-store": "^12.0.0",
65
+ "@bedrock/service-core": "^10.0.0",
66
+ "@bedrock/validation": "^7.1.0",
67
+ "@bedrock/vc-revocation-list-context": "^5.0.0",
68
+ "@bedrock/vc-status-list-context": "^6.0.2",
69
+ "@bedrock/veres-one-context": "^16.0.0"
66
70
  },
67
71
  "devDependencies": {
68
- "eslint": "^8.47.0",
69
- "eslint-config-digitalbazaar": "^5.0.1",
70
- "eslint-plugin-jsdoc": "^48.0.3",
71
- "eslint-plugin-unicorn": "^50.0.1",
72
- "jsdoc": "^4.0.2",
73
- "jsdoc-to-markdown": "^8.0.0"
72
+ "eslint": "^8.57.0",
73
+ "eslint-config-digitalbazaar": "^5.2.0",
74
+ "eslint-plugin-jsdoc": "^48.11.0",
75
+ "eslint-plugin-unicorn": "^55.0.0"
74
76
  },
75
77
  "engines": {
76
78
  "node": ">=18"
package/schemas/bedrock-vc-verifier.js CHANGED
@@ -1,59 +1,260 @@
1
1
  /*!
2
- * Copyright (c) 2022 Digital Bazaar, Inc. All rights reserved.
2
+ * Copyright (c) 2022-2024 Digital Bazaar, Inc. All rights reserved.
3
3
  */
4
- const context = {
5
- title: '@context',
4
+ import {schemas} from '@bedrock/validation';
5
+
6
+ const VC_CONTEXT_1 = 'https://www.w3.org/2018/credentials/v1';
7
+ const VC_CONTEXT_2 = 'https://www.w3.org/ns/credentials/v2';
8
+
9
+ const vcContext = {
6
10
  type: 'array',
7
11
  minItems: 1,
8
- items: {
9
- type: ['string', 'object']
12
+ // the first context must be the VC context
13
+ items: [{
14
+ oneOf: [{
15
+ const: VC_CONTEXT_1
16
+ }, {
17
+ const: VC_CONTEXT_2
18
+ }]
19
+ }],
20
+ // additional contexts maybe strings or objects
21
+ additionalItems: {
22
+ anyOf: [{type: 'string'}, {type: 'object'}]
10
23
  }
11
24
  };
12
25
 
13
- export const createChallengeBody = {
14
- title: 'Create Challenge Body',
26
+ function idOrObjectWithId() {
27
+ return {
28
+ title: 'identifier or an object with an id',
29
+ anyOf: [
30
+ schemas.identifier(),
31
+ {
32
+ type: 'object',
33
+ required: ['id'],
34
+ additionalProperties: true,
35
+ properties: {id: schemas.identifier()}
36
+ }
37
+ ]
38
+ };
39
+ }
40
+
41
+ function verifiableCredential() {
42
+ return {
43
+ title: 'Verifiable Credential',
44
+ type: 'object',
45
+ required: [
46
+ '@context',
47
+ 'credentialSubject',
48
+ 'issuer',
49
+ 'type'
50
+ ],
51
+ additionalProperties: true,
52
+ properties: {
53
+ '@context': vcContext,
54
+ credentialSubject: {
55
+ anyOf: [
56
+ {type: 'object'},
57
+ {type: 'array', minItems: 1, items: {type: 'object'}}
58
+ ]
59
+ },
60
+ id: {
61
+ type: 'string'
62
+ },
63
+ issuer: idOrObjectWithId(),
64
+ type: {
65
+ type: 'array',
66
+ minItems: 1,
67
+ // this first type must be VerifiableCredential
68
+ items: [
69
+ {const: 'VerifiableCredential'},
70
+ ],
71
+ // additional types must be strings
72
+ additionalItems: {
73
+ type: 'string'
74
+ }
75
+ },
76
+ proof: schemas.proof()
77
+ }
78
+ };
79
+ }
80
+
81
+ const envelopedVerifiableCredential = {
82
+ title: 'Enveloped Verifiable Credential',
15
83
  type: 'object',
16
84
  additionalProperties: false,
17
- // body must be empty
18
- properties: {}
85
+ required: ['@context', 'id', 'type'],
86
+ properties: {
87
+ '@context': {
88
+ anyOf: [{
89
+ const: VC_CONTEXT_2
90
+ }, {
91
+ type: 'array',
92
+ minItems: 1,
93
+ maxItems: 1,
94
+ // the first context must be the VC context
95
+ items: [{
96
+ const: VC_CONTEXT_2
97
+ }]
98
+ }]
99
+ },
100
+ id: {
101
+ type: 'string'
102
+ },
103
+ type: {
104
+ const: 'EnvelopedVerifiableCredential'
105
+ }
106
+ }
19
107
  };
20
108
 
21
- export const verifyCredentialBody = {
22
- title: 'Verify Credential Body',
109
+ export function verifiablePresentation() {
110
+ return {
111
+ title: 'Verifiable Presentation',
112
+ type: 'object',
113
+ required: ['@context', 'type'],
114
+ additionalProperties: true,
115
+ properties: {
116
+ '@context': vcContext,
117
+ id: {
118
+ type: 'string'
119
+ },
120
+ type: {
121
+ type: 'array',
122
+ minItems: 1,
123
+ // this first type must be VerifiablePresentation
124
+ items: [
125
+ {const: 'VerifiablePresentation'},
126
+ ],
127
+ // additional types must be strings
128
+ additionalItems: {
129
+ type: 'string'
130
+ }
131
+ },
132
+ verifiableCredential: {
133
+ anyOf: [
134
+ verifiableCredential(),
135
+ envelopedVerifiableCredential, {
136
+ type: 'array',
137
+ minItems: 1,
138
+ items: {
139
+ anyOf: [verifiableCredential(), envelopedVerifiableCredential]
140
+ }
141
+ }
142
+ ]
143
+ },
144
+ holder: idOrObjectWithId(),
145
+ proof: schemas.proof()
146
+ }
147
+ };
148
+ }
149
+
150
+ const envelopedVerifiablePresentation = {
151
+ title: 'Enveloped Verifiable Presentation',
23
152
  type: 'object',
24
- required: ['verifiableCredential'],
25
153
  additionalProperties: false,
154
+ required: ['@context', 'id', 'type'],
26
155
  properties: {
27
- options: {
28
- type: 'object'
156
+ '@context': {
157
+ anyOf: [{
158
+ const: VC_CONTEXT_2
159
+ }, {
160
+ type: 'array',
161
+ minItems: 1,
162
+ maxItems: 1,
163
+ // the first context must be the VC context
164
+ items: [{
165
+ const: VC_CONTEXT_2
166
+ }]
167
+ }]
29
168
  },
30
- verifiableCredential: {
31
- type: 'object',
32
- additionalProperties: true,
33
- required: ['@context'],
34
- properties: {
35
- '@context': context
36
- }
169
+ id: {
170
+ type: 'string'
171
+ },
172
+ type: {
173
+ const: 'EnvelopedVerifiablePresentation'
37
174
  }
38
175
  }
39
176
  };
40
177
 
41
- export const verifyPresentationBody = {
42
- title: 'Verify Presentation Body',
178
+ export const verifyOptions = {
179
+ title: 'Verify Options',
43
180
  type: 'object',
44
- required: ['verifiablePresentation'],
181
+ oneOf: [{
182
+ required: ['didResolver']
183
+ }, {
184
+ required: ['documentLoader']
185
+ }],
45
186
  additionalProperties: false,
46
187
  properties: {
47
- options: {
48
- type: 'object'
188
+ didResolver: {
189
+ title: 'DID Resolver',
190
+ type: 'object',
191
+ required: ['url'],
192
+ additionalProperties: false,
193
+ properties: {
194
+ url: {
195
+ type: 'string',
196
+ pattern: '^https://[^.]+.[^.]+'
197
+ }
198
+ }
49
199
  },
50
- verifiablePresentation: {
200
+ documentLoader: {
201
+ title: 'Document Loader',
51
202
  type: 'object',
52
- additionalProperties: true,
53
- required: ['@context'],
203
+ required: ['allowRemoteContexts'],
204
+ additionalProperties: false,
54
205
  properties: {
55
- '@context': context
206
+ allowRemoteContexts: {
207
+ type: 'boolean'
208
+ }
56
209
  }
57
210
  }
58
211
  }
59
212
  };
213
+
214
+ export const createChallengeBody = {
215
+ title: 'Create Challenge Body',
216
+ type: 'object',
217
+ additionalProperties: false,
218
+ // body must be empty
219
+ properties: {}
220
+ };
221
+
222
+ export function verifyCredentialBody() {
223
+ return {
224
+ title: 'Verify Credential Body',
225
+ type: 'object',
226
+ required: ['verifiableCredential'],
227
+ additionalProperties: false,
228
+ properties: {
229
+ options: {
230
+ type: 'object'
231
+ },
232
+ verifiableCredential: {
233
+ anyOf: [
234
+ verifiableCredential(),
235
+ envelopedVerifiableCredential
236
+ ]
237
+ }
238
+ }
239
+ };
240
+ }
241
+
242
+ export function verifyPresentationBody() {
243
+ return {
244
+ title: 'Verify Presentation Body',
245
+ type: 'object',
246
+ required: ['verifiablePresentation'],
247
+ additionalProperties: false,
248
+ properties: {
249
+ options: {
250
+ type: 'object'
251
+ },
252
+ verifiablePresentation: {
253
+ anyOf: [
254
+ verifiablePresentation(),
255
+ envelopedVerifiablePresentation
256
+ ]
257
+ }
258
+ }
259
+ };
260
+ }