@connectid-tools/rp-nodejs-sdk 4.0.5 → 4.2.0

package/README.md

@@ -413,10 +413,16 @@ The required function parameters are:
 
 # Release Notes
 
-### 4.0.5 (Feb 24, 2024)
+### 4.2.0 (Aug 8, 2025)
+- `cba_loyalty` claim.
+
+### 4.1.0 (Feb 25, 2025)
+- Implemented user-agent support.
+
+### 4.0.5 (Feb 24, 2025)
 - Add README.md and license files to bundle.
 
-### 4.0.4 (Feb 21, 2024)
+### 4.0.4 (Feb 21, 2025)
 - Remove `declarationMap`.
 
 ### 4.0.3 (Nov 29, 2024)

package/config.js

@@ -1,7 +1,7 @@
 export const config = {
     data: {
         // Set the signing Key Id based on what is contained in the JWKS
-        signing_kid: 'roHtgBlRFapqTHbc8EzXIIgO_bu5YHlEjx75vIcaxfE',
+        signing_kid: 'lHf9shwoF1wEES2sB9TBafbs0AVrLiU-1_ntzCrBo8A',
         // The location of the signing certificate and key that are used for signing purposes
         signing_key: './certs/signing.key',
         signing_pem: './certs/signing.pem', // TODO not being used atm
@@ -9,7 +9,7 @@ export const config = {
         transport_key: './certs/transport.key',
         transport_pem: './certs/transport.pem',
         // The location of the root certificate for the trust authority
-        ca_pem: './certs/connectid-sandbox-ca.pem',
+        ca_pem: './certs/ca.pem',
         // This is the URL that this application is actually running on and using for callbacks (noting that multiple may be registered for the client)
         application_redirect_uri: 'https://tpp.localhost/cb',
         // The registry API endpoint that will list all participants with their auth server details

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@connectid-tools/rp-nodejs-sdk",
-  "version": "4.0.5",
+  "version": "4.2.0",
   "description": "Digital Identity Relying Party Node SDK",
   "main": "relying-party-client-sdk.js",
   "types": "relying-party-client-sdk.d.ts",
@@ -11,6 +11,7 @@
     "test": "node --import tsx --test src/tests/*.test.ts",
     "test:watch": "node --watch --test --import tsx src/tests/*.test.ts",
     "test:conformance": "node --import tsx --test src/conformance/conformance.test.ts",
+    "test:integration": "npm run build && node --import tsx --test src/integration/*.test.ts",
     "prebuild": "rm -rf lib",
     "build": "tsc",
     "postbuild": "cp package.json README.md license lib && cd lib && node ../node_modules/add-js-extension/dist/bin.js . --once && replace-in-files --string='${process.env.SDK_VERSION}' --replacement=$npm_package_version relying-party-client-sdk.js && cd .."
@@ -35,13 +36,13 @@
     "winston": "^3.17.0"
   },
   "devDependencies": {
-    "@types/node": "^20.17.19",
+    "@types/node": "^20.19.9",
     "@types/openid-client": "^3.7.0",
     "add-js-extension": "^1.0.4",
-    "eslint": "^9.21.0",
-    "prettier": "^3.5.2",
+    "eslint": "^9.32.0",
+    "prettier": "^3.6.2",
     "replace-in-files-cli": "^2.2.0",
-    "tsx": "^4.19.3",
-    "typescript": "^5.7.3"
+    "tsx": "^4.20.3",
+    "typescript": "^5.9.2"
   }
 }

package/relying-party-client-sdk.js

@@ -15,8 +15,9 @@ import { getLogger } from './logger.js';
 import ParticipantFilters from './filter/participant-filters.js';
 import { illegalPurposeChars, isValidCertificate, validatePurpose } from './validator.js';
 import { generatePushAuthorisationRequestParams } from './utils/request-utils.js';
+import { buildUserAgent } from './utils/user-agent.js';
 // The extended list of claims which can be requested for a user
-const extendedClaimList = ['over16', 'over18', 'over21', 'over25', 'over65', 'beneficiary_account_au', 'beneficiary_account_au_payid', 'beneficiary_account_international'];
+const extendedClaimList = ['over16', 'over18', 'over21', 'over25', 'over65', 'beneficiary_account_au', 'beneficiary_account_au_payid', 'beneficiary_account_international', 'cba_loyalty'];
 export default class RelyingPartyClientSdk {
     constructor(config) {
         this.purpose = 'verifying your identity';
@@ -42,7 +43,7 @@ export default class RelyingPartyClientSdk {
         this.signingKey = getCertificate(this.config.data.signing_key, this.config.data.signing_key_content);
         this.caPem = getCertificate(this.config.data.ca_pem, this.config.data.ca_pem_content);
         this.logger = getLogger(this.config.data.log_level);
-        this.logger.info(`Creating RelyingPartyClientSdk - version 4.0.5`);
+        this.logger.info(`Creating RelyingPartyClientSdk - version 4.2.0`);
         if (this.config.data.purpose) {
             const purposeValidation = validatePurpose(this.config.data.purpose);
             if (purposeValidation === 'INVALID_LENGTH') {
@@ -74,7 +75,7 @@ export default class RelyingPartyClientSdk {
         globalAgent.options.key = this.transportKey;
         globalAgent.options.ca = [this.caPem, ...rootCertificates];
         custom.setHttpOptionsDefaults({ timeout: 10000 });
-        // 4.0.5 is replaced with `postbuild` script in package.json (see replace-in-files)
+        // 4.2.0 is replaced with `postbuild` script in package.json (see replace-in-files)
         this.logger.info(`Using ${this.config.data.transport_key_content ? 'transport_key_content' : 'transport_key'} config prop`);
         this.logger.info(`Using ${this.config.data.transport_pem_content ? 'transport_pem_content' : 'transport_pem'} config prop`);
         this.logger.info(`Using ${this.config.data.ca_pem_content ? 'ca_pem_content' : 'ca_pem'} config prop`);
@@ -130,7 +131,11 @@ export default class RelyingPartyClientSdk {
         return new Date();
     }
     async fetchParticipants(participantsUri) {
-        const response = await fetch(participantsUri);
+        const response = await fetch(participantsUri, {
+            headers: {
+                'User-Agent': buildUserAgent(this.config.data.client.client_id),
+            },
+        });
         if (!response.ok) {
             throw new Error(`Failed to retrieve participants from ${participantsUri}: status (${response.status})`);
         }
@@ -142,8 +147,8 @@ export default class RelyingPartyClientSdk {
             this.cachedParticipants = await this.fetchParticipants(participantsUri);
             this.cachedParticipantsExpiry = currentTime + (this.config.data.cache_ttl ?? this.default_cache_ttl) * 1000;
         }
-        // ensure the cached value remain untouched down the call stack by returning a deep copy 
-        return this.cachedParticipants.map(participant => Object.assign({}, participant));
+        // ensure the cached value remain untouched down the call stack by returning a deep copy
+        return this.cachedParticipants.map((participant) => Object.assign({}, participant));
     }
     // Create and send a pushed authorisation request to the specified authorisation
     // server to allow the initiation of an OIDC flow.
@@ -320,7 +325,11 @@ export default class RelyingPartyClientSdk {
         const keyset = await this.getKeyset();
         const fapiClient = new localIssuer.FAPI1Client(this.config.data.client, keyset);
         this.logger.debug(`Discovered client ${JSON.stringify(fapiClient)}`);
-        fapiClient[custom.http_options] = () => ({ key: this.transportKey, cert: this.transportPem, headers: { 'x-fapi-interaction-id': xFapiInteractionId } });
+        fapiClient[custom.http_options] = () => ({
+            key: this.transportKey,
+            cert: this.transportPem,
+            headers: { 'x-fapi-interaction-id': xFapiInteractionId },
+        });
         return { fapiClient, localIssuer };
     }
     async generateRequest(fapiClient, claims, purpose) {
@@ -341,8 +350,8 @@ export default class RelyingPartyClientSdk {
         });
         const clientAssertionPayload = {
             clientAssertionPayload: {
-                aud: fapiClient.issuer.issuer
-            }
+                aud: fapiClient.issuer.issuer,
+            },
         };
         this.logger.debug('Generated request object: ' + JSON.stringify(request));
         const { request_uri } = await fapiClient.pushedAuthorizationRequest({ request }, clientAssertionPayload);

package/utils/cert-utils.d.ts

@@ -1 +1 @@
-export declare const getCertificate: (certificatePath?: string, certificateContent?: string) => string | Buffer<ArrayBufferLike>;
+export declare const getCertificate: (certificatePath?: string, certificateContent?: string) => string | NonSharedBuffer;

package/utils/system-information.d.ts

@@ -0,0 +1 @@
+export declare const getSystemInformation: () => string;

package/utils/system-information.js

@@ -0,0 +1,27 @@
+import os from 'os';
+export const getSystemInformation = () => {
+    const platform = os.platform(); // 'darwin', 'win32', 'linux', etc.
+    const arch = os.arch(); // 'x64', 'arm64', etc.
+    const release = os.release(); // OS version like '10.15.7' or '10.0.18363'
+    // Get Node.js version
+    const nodeVersion = process.version; // e.g., 'v16.13.0'
+    let userAgent;
+    if (platform === 'darwin') {
+        // macOS
+        const chip = arch === 'arm64' ? 'Apple Silicon' : 'Intel'; // Check if M1 chip (arm64)
+        userAgent = `(${platform}; ${chip} Mac OS X ${release}; node${nodeVersion.replace('v', ' ')})`;
+    }
+    else if (platform === 'win32') {
+        // Windows
+        userAgent = `(${platform}; ${arch} Windows NT ${release}; node${nodeVersion.replace('v', ' ')})`;
+    }
+    else if (platform === 'linux') {
+        // Linux
+        userAgent = `(${platform}; ${arch} ${release}; node${nodeVersion.replace('v', ' ')})`;
+    }
+    else {
+        // For any other platform (e.g., unknown)
+        userAgent = `(${platform}; ${arch} ${release}; node${nodeVersion.replace('v', ' ')})`;
+    }
+    return userAgent;
+};

package/utils/user-agent.d.ts

@@ -0,0 +1,2 @@
+export declare const packageJsonVersion = "4.2.0";
+export declare const buildUserAgent: (clientId: string) => string;

package/utils/user-agent.js

@@ -0,0 +1,6 @@
+import { getSystemInformation } from './system-information.js';
+// important: Update this every time the package version changes
+export const packageJsonVersion = '4.2.0';
+export const buildUserAgent = (clientId) => {
+    return `cid-rp-nodejs-sdk/${packageJsonVersion} ${getSystemInformation()} +${clientId}`;
+};