@bedrock/vc-verifier 21.0.0 → 21.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/vcjwt.js +14 -2
- package/package.json +1 -1
package/lib/vcjwt.js
CHANGED
|
@@ -87,6 +87,18 @@ async function _verifyJwt({jwt, proofPurpose, audience} = {}) {
|
|
|
87
87
|
}
|
|
88
88
|
|
|
89
89
|
const vm = await didIo.get({url: kid});
|
|
90
|
+
if(!vm) {
|
|
91
|
+
throw new BedrockError(
|
|
92
|
+
`Verification method identified by "kid" (${kid}) could not be ` +
|
|
93
|
+
'retrieved.', {
|
|
94
|
+
name: 'DataError',
|
|
95
|
+
details: {
|
|
96
|
+
public: true,
|
|
97
|
+
httpStatusCode: 400
|
|
98
|
+
}
|
|
99
|
+
});
|
|
100
|
+
}
|
|
101
|
+
|
|
90
102
|
// `vm.controller` must be the issuer of the JWT; also ensure that
|
|
91
103
|
// the specified controller authorized `vm` for the given proof purpose
|
|
92
104
|
({controller} = vm);
|
|
@@ -97,9 +109,9 @@ async function _verifyJwt({jwt, proofPurpose, audience} = {}) {
|
|
|
97
109
|
if(typeof match === 'string') {
|
|
98
110
|
match = didDoc?.verificationMethod?.find?.(e => e.id === vm.id);
|
|
99
111
|
}
|
|
100
|
-
if(!(match && Array.isArray(match.controller) ?
|
|
112
|
+
if(!(match && (Array.isArray(match.controller) ?
|
|
101
113
|
match.controller.includes(vm.controller) :
|
|
102
|
-
match.controller === vm.controller)) {
|
|
114
|
+
match.controller === vm.controller))) {
|
|
103
115
|
throw new BedrockError(
|
|
104
116
|
`Verification method controller "${controller}" did not authorize ` +
|
|
105
117
|
`verification method "${vm.id}" for the purpose ` +
|