@connectid-tools/rp-nodejs-sdk 4.2.1 → 5.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (97) hide show
  1. package/README.md +60 -71
  2. package/package.json +4 -5
  3. package/{config.js → src/config.js} +2 -31
  4. package/src/conformance/api/conformance-api.d.ts +38 -0
  5. package/src/conformance/api/conformance-api.js +53 -0
  6. package/src/conformance/config.json +60 -0
  7. package/src/conformance/conformance-config.d.ts +2 -0
  8. package/src/conformance/conformance-config.js +34 -0
  9. package/src/conformance/conformance.test.js +101 -0
  10. package/src/conformance/variant.json +1 -0
  11. package/src/crypto/crypto-loader.d.ts +32 -0
  12. package/src/crypto/crypto-loader.js +49 -0
  13. package/src/crypto/jwt-helper.d.ts +61 -0
  14. package/src/crypto/jwt-helper.js +92 -0
  15. package/src/crypto/pkce-helper.d.ts +43 -0
  16. package/src/crypto/pkce-helper.js +75 -0
  17. package/src/endpoints/participants-endpoint.d.ts +55 -0
  18. package/src/endpoints/participants-endpoint.js +137 -0
  19. package/src/endpoints/pushed-authorisation-request-endpoint.d.ts +87 -0
  20. package/src/endpoints/pushed-authorisation-request-endpoint.js +192 -0
  21. package/src/endpoints/retrieve-token-endpoint.d.ts +66 -0
  22. package/src/endpoints/retrieve-token-endpoint.js +159 -0
  23. package/src/endpoints/userinfo-endpoint.d.ts +24 -0
  24. package/src/endpoints/userinfo-endpoint.js +50 -0
  25. package/src/fapi/fapi-utils.d.ts +6 -0
  26. package/src/fapi/fapi-utils.js +9 -0
  27. package/src/http/http-client-extensions.d.ts +60 -0
  28. package/src/http/http-client-extensions.js +106 -0
  29. package/src/http/http-client-factory.d.ts +27 -0
  30. package/src/http/http-client-factory.js +45 -0
  31. package/src/integration/integration.test.d.ts +1 -0
  32. package/src/integration/integration.test.js +30 -0
  33. package/src/model/callback-params.d.ts +31 -0
  34. package/src/model/callback-params.js +1 -0
  35. package/src/model/claims.d.ts +100 -0
  36. package/src/model/claims.js +1 -0
  37. package/src/model/consolidated-token-set.d.ts +74 -0
  38. package/src/model/consolidated-token-set.js +100 -0
  39. package/src/model/discovery-service.d.ts +46 -0
  40. package/src/model/discovery-service.js +112 -0
  41. package/src/model/issuer-metadata.d.ts +165 -0
  42. package/src/model/issuer-metadata.js +1 -0
  43. package/src/model/jwks.d.ts +12 -0
  44. package/src/model/jwks.js +1 -0
  45. package/src/model/token-response.d.ts +31 -0
  46. package/src/model/token-response.js +1 -0
  47. package/src/model/token-set.d.ts +73 -0
  48. package/src/model/token-set.js +179 -0
  49. package/src/relying-party-client-sdk.d.ts +68 -0
  50. package/src/relying-party-client-sdk.js +150 -0
  51. package/src/test-data/large-participants-test-data.d.ts +865 -0
  52. package/src/test-data/large-participants-test-data.js +18907 -0
  53. package/src/test-data/participants-test-data.d.ts +149 -0
  54. package/src/test-data/participants-test-data.js +458 -0
  55. package/src/test-data/sandbox-participants-test-data.d.ts +865 -0
  56. package/src/test-data/sandbox-participants-test-data.js +3794 -0
  57. package/src/tests/cert-utils.test.d.ts +1 -0
  58. package/src/tests/cert-utils.test.js +13 -0
  59. package/src/tests/functional-utils.test.d.ts +1 -0
  60. package/src/tests/functional-utils.test.js +13 -0
  61. package/src/tests/participant-filters.test.d.ts +1 -0
  62. package/src/tests/participant-filters.test.js +151 -0
  63. package/src/tests/pushed-authorisation-request-endpoint.test.d.ts +1 -0
  64. package/src/tests/pushed-authorisation-request-endpoint.test.js +159 -0
  65. package/src/tests/relying-party-client-sdk.test.d.ts +1 -0
  66. package/src/tests/relying-party-client-sdk.test.js +313 -0
  67. package/src/tests/request-utils.test.d.ts +1 -0
  68. package/src/tests/request-utils.test.js +16 -0
  69. package/src/tests/system-information.test.d.ts +1 -0
  70. package/src/tests/system-information.test.js +16 -0
  71. package/src/tests/user-agent.test.d.ts +1 -0
  72. package/src/tests/user-agent.test.js +23 -0
  73. package/src/tests/validator.test.d.ts +1 -0
  74. package/src/tests/validator.test.js +38 -0
  75. package/{types.d.ts → src/types.d.ts} +61 -32
  76. package/src/types.js +1 -0
  77. package/{utils → src/utils}/request-utils.d.ts +1 -1
  78. package/src/utils/request-utils.js +8 -0
  79. package/{utils → src/utils}/user-agent.d.ts +1 -1
  80. package/{utils → src/utils}/user-agent.js +1 -1
  81. package/relying-party-client-sdk.d.ts +0 -37
  82. package/relying-party-client-sdk.js +0 -364
  83. package/utils/request-utils.js +0 -8
  84. /package/{config.d.ts → src/config.d.ts} +0 -0
  85. /package/{types.js → src/conformance/conformance.test.d.ts} +0 -0
  86. /package/{filter → src/filter}/participant-filters.d.ts +0 -0
  87. /package/{filter → src/filter}/participant-filters.js +0 -0
  88. /package/{logger.d.ts → src/logger.d.ts} +0 -0
  89. /package/{logger.js → src/logger.js} +0 -0
  90. /package/{utils → src/utils}/cert-utils.d.ts +0 -0
  91. /package/{utils → src/utils}/cert-utils.js +0 -0
  92. /package/{utils → src/utils}/functional-utils.d.ts +0 -0
  93. /package/{utils → src/utils}/functional-utils.js +0 -0
  94. /package/{utils → src/utils}/system-information.d.ts +0 -0
  95. /package/{utils → src/utils}/system-information.js +0 -0
  96. /package/{validator.d.ts → src/validator.d.ts} +0 -0
  97. /package/{validator.js → src/validator.js} +0 -0
package/src/relying-party-client-sdk.js ADDED
@@ -0,0 +1,150 @@
1
+ import { getCertificate } from './utils/cert-utils.js';
2
+ import { getLogger } from './logger.js';
3
+ import ParticipantFilters from './filter/participant-filters.js';
4
+ import { illegalPurposeChars, isValidCertificate, validatePurpose } from './validator.js';
5
+ import { CryptoLoader } from './crypto/crypto-loader.js';
6
+ import { JwtHelper } from './crypto/jwt-helper.js';
7
+ import { HttpClientFactory } from './http/http-client-factory.js';
8
+ import { ParticipantsEndpoint } from './endpoints/participants-endpoint.js';
9
+ import { PushedAuthorisationRequestEndpoint } from './endpoints/pushed-authorisation-request-endpoint.js';
10
+ import { RetrieveTokenEndpoint } from './endpoints/retrieve-token-endpoint.js';
11
+ import { UserInfoEndpoint } from './endpoints/userinfo-endpoint.js';
12
+ export default class RelyingPartyClientSdk {
13
+ constructor(config) {
14
+ this.purpose = 'verifying your identity';
15
+ this.config = config;
16
+ // Validate certificates
17
+ if (!isValidCertificate(this.config.data.transport_key, this.config.data.transport_key_content)) {
18
+ throw new Error('Either transport_key or transport_key_content must be provided');
19
+ }
20
+ if (!isValidCertificate(this.config.data.transport_pem, this.config.data.transport_pem_content)) {
21
+ throw new Error('Either transport_pem or transport_pem_content must be provided');
22
+ }
23
+ if (!isValidCertificate(this.config.data.signing_key, this.config.data.signing_key_content)) {
24
+ throw new Error('Either signing_key or signing_key_content must be provided');
25
+ }
26
+ if (!isValidCertificate(this.config.data.ca_pem, this.config.data.ca_pem_content)) {
27
+ throw new Error('Either ca_pem or ca_pem_content must be provided');
28
+ }
29
+ this.logger = getLogger(this.config.data.log_level);
30
+ this.logger.info(`Creating RelyingPartyClientSdk - version ${process.env.SDK_VERSION}`);
31
+ // Validate and set purpose
32
+ if (this.config.data.purpose) {
33
+ const purposeValidation = validatePurpose(this.config.data.purpose);
34
+ if (purposeValidation === 'INVALID_LENGTH') {
35
+ this.logger.warn('Purpose must be between 3 and 300 characters');
36
+ throw new Error(`Invalid purpose supplied in config: ${this.config.data.purpose}`);
37
+ }
38
+ if (purposeValidation === 'INVALID_CHARACTERS') {
39
+ this.logger.warn(`Purpose cannot contain any of the following characters: ${illegalPurposeChars.join(',')}, purpose supplied: [${this.config.data.purpose}]`);
40
+ throw new Error(`Invalid purpose supplied in config: ${this.config.data.purpose}`);
41
+ }
42
+ this.purpose = this.config.data.purpose;
43
+ this.logger.info(`Using default purpose supplied in config: ${this.purpose}`);
44
+ }
45
+ else {
46
+ this.logger.info(`Using built-in default purpose: ${this.purpose}`);
47
+ }
48
+ // Log filtering configuration
49
+ if (this.config.data.include_uncertified_participants) {
50
+ this.logger.info('Identity provider list will not be filtered as include_uncertified_participants=true');
51
+ }
52
+ else {
53
+ if (this.config.data.required_claims) {
54
+ this.logger.info(`Identity provider list will be filtered for participants that support the following claims: ${JSON.stringify(this.config.data.required_claims)}`);
55
+ }
56
+ if (this.config.data.required_participant_certifications) {
57
+ this.logger.info(`Identity provider list will be filtered for participants that support the following certifications: ${JSON.stringify(this.config.data.required_participant_certifications)}`);
58
+ }
59
+ }
60
+ // Log certificate source
61
+ this.logger.info(`Using ${this.config.data.transport_key_content ? 'transport_key_content' : 'transport_key'} config prop`);
62
+ this.logger.info(`Using ${this.config.data.transport_pem_content ? 'transport_pem_content' : 'transport_pem'} config prop`);
63
+ this.logger.info(`Using ${this.config.data.ca_pem_content ? 'ca_pem_content' : 'ca_pem'} config prop`);
64
+ this.logger.info(`Using ${this.config.data.signing_key_content ? 'signing_key_content' : 'signing_key'} config prop`);
65
+ // Initialize crypto
66
+ const signingKeyObject = CryptoLoader.loadPrivateKey(getCertificate(this.config.data.signing_key, this.config.data.signing_key_content));
67
+ // Initialize JWT helper
68
+ this.jwtHelper = new JwtHelper(signingKeyObject, this.config.data.signing_kid, this.config.data.client_id);
69
+ // Initialize HTTP client
70
+ this.httpClient = HttpClientFactory.createClient({
71
+ transportKey: getCertificate(this.config.data.transport_key, this.config.data.transport_key_content),
72
+ transportPem: getCertificate(this.config.data.transport_pem, this.config.data.transport_pem_content),
73
+ caPem: getCertificate(this.config.data.ca_pem, this.config.data.ca_pem_content),
74
+ clientId: this.config.data.client_id,
75
+ });
76
+ // Initialize endpoints
77
+ this.participantsEndpoint = new ParticipantsEndpoint(this.config, new ParticipantFilters(), this.httpClient, this.logger, () => this.getCurrentDate());
78
+ this.pushedAuthorisationRequestEndpoint = new PushedAuthorisationRequestEndpoint(this.config, this.httpClient, this.jwtHelper, this.logger, this.participantsEndpoint);
79
+ this.retrieveTokenEndpoint = new RetrieveTokenEndpoint(this.config, this.httpClient, this.jwtHelper, this.logger, this.participantsEndpoint);
80
+ this.userInfoEndpoint = new UserInfoEndpoint(this.httpClient, this.logger, this.config.data.client_id, this.participantsEndpoint);
81
+ }
82
+ /**
83
+ * Get the list of participating identity providers within the scheme.
84
+ *
85
+ * Applies filtering based on SDK configuration.
86
+ *
87
+ * @returns List of participants
88
+ */
89
+ async getParticipants() {
90
+ return this.participantsEndpoint.getParticipants();
91
+ }
92
+ /**
93
+ * Get the list of fallback provider participants.
94
+ *
95
+ * @returns List of fallback provider participants
96
+ */
97
+ async getFallbackProviderParticipants() {
98
+ return this.participantsEndpoint.getFallbackProviderParticipants();
99
+ }
100
+ /**
101
+ * Sends a Pushed Authorization Request (PAR).
102
+ *
103
+ * @param authServerId - Authorization server ID
104
+ * @param essentialClaims - Claims that must be provided
105
+ * @param voluntaryClaims - Claims that are optional
106
+ * @param purpose - Purpose string for data sharing
107
+ * @returns Object containing authorization URL and PKCE parameters
108
+ */
109
+ async sendPushedAuthorisationRequest(authServerId, essentialClaims, voluntaryClaims = [], purpose = this.purpose) {
110
+ const { authUrl, codeVerifier, state, nonce, xFapiInteractionId } = await this.pushedAuthorisationRequestEndpoint.sendPushedAuthorisationRequest(authServerId, essentialClaims, voluntaryClaims, purpose);
111
+ return {
112
+ authUrl,
113
+ codeVerifier,
114
+ state,
115
+ nonce,
116
+ xFapiInteractionId,
117
+ };
118
+ }
119
+ /**
120
+ * Retrieves tokens using an authorisation code.
121
+ *
122
+ * @param authorisationServerId - Authorisation server ID
123
+ * @param requestParams - OAuth callback parameters
124
+ * @param codeVerifier - PKCE code verifier from PAR
125
+ * @param state - State parameter from PAR
126
+ * @param nonce - Nonce parameter from PAR
127
+ * @returns Consolidated token set with validated claims
128
+ */
129
+ async retrieveTokens(authorisationServerId, requestParams, codeVerifier, state, nonce) {
130
+ return this.retrieveTokenEndpoint.retrieveTokens(authorisationServerId, requestParams, codeVerifier, state, nonce);
131
+ }
132
+ /**
133
+ * Retrieves user information from the UserInfo endpoint.
134
+ *
135
+ * @param authorisationServerId - Authorization server ID
136
+ * @param accessToken - Access token
137
+ * @returns UserInfo claims
138
+ */
139
+ async getUserInfo(authorisationServerId, accessToken) {
140
+ return this.userInfoEndpoint.getUserInfo(authorisationServerId, accessToken);
141
+ }
142
+ /**
143
+ * Gets the current date (for testing purposes).
144
+ *
145
+ * @returns Current date
146
+ */
147
+ getCurrentDate() {
148
+ return new Date();
149
+ }
150
+ }