@credo-ts/anoncreds 0.5.0-alpha.144 → 0.5.0-alpha.146
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/build/AnonCredsApi.d.ts +1 -1
- package/build/AnonCredsApi.js +2 -2
- package/build/AnonCredsApi.js.map +1 -1
- package/build/AnonCredsModule.d.ts +7 -2
- package/build/AnonCredsModule.js +9 -0
- package/build/AnonCredsModule.js.map +1 -1
- package/build/anoncreds-rs/AnonCredsDataIntegrityService.d.ts +27 -0
- package/build/anoncreds-rs/AnonCredsDataIntegrityService.js +241 -0
- package/build/anoncreds-rs/AnonCredsDataIntegrityService.js.map +1 -0
- package/build/anoncreds-rs/AnonCredsRsHolderService.d.ts +26 -3
- package/build/anoncreds-rs/AnonCredsRsHolderService.js +347 -114
- package/build/anoncreds-rs/AnonCredsRsHolderService.js.map +1 -1
- package/build/anoncreds-rs/AnonCredsRsIssuerService.js +0 -1
- package/build/anoncreds-rs/AnonCredsRsIssuerService.js.map +1 -1
- package/build/anoncreds-rs/AnonCredsRsVerifierService.d.ts +3 -1
- package/build/anoncreds-rs/AnonCredsRsVerifierService.js +48 -5
- package/build/anoncreds-rs/AnonCredsRsVerifierService.js.map +1 -1
- package/build/anoncreds-rs/utils.d.ts +23 -0
- package/build/anoncreds-rs/utils.js +71 -0
- package/build/anoncreds-rs/utils.js.map +1 -0
- package/build/formats/AnonCredsCredentialFormat.d.ts +1 -1
- package/build/formats/AnonCredsCredentialFormatService.d.ts +1 -1
- package/build/formats/AnonCredsCredentialFormatService.js +18 -52
- package/build/formats/AnonCredsCredentialFormatService.js.map +1 -1
- package/build/formats/AnonCredsProofFormatService.js +13 -28
- package/build/formats/AnonCredsProofFormatService.js.map +1 -1
- package/build/formats/DataIntegrityCredentialFormatService.d.ts +89 -0
- package/build/formats/DataIntegrityCredentialFormatService.js +776 -0
- package/build/formats/DataIntegrityCredentialFormatService.js.map +1 -0
- package/build/formats/LegacyIndyCredentialFormat.d.ts +1 -1
- package/build/formats/LegacyIndyCredentialFormatService.d.ts +1 -1
- package/build/formats/LegacyIndyCredentialFormatService.js +20 -47
- package/build/formats/LegacyIndyCredentialFormatService.js.map +1 -1
- package/build/formats/LegacyIndyProofFormatService.js +18 -28
- package/build/formats/LegacyIndyProofFormatService.js.map +1 -1
- package/build/formats/index.d.ts +1 -0
- package/build/formats/index.js +3 -1
- package/build/formats/index.js.map +1 -1
- package/build/index.d.ts +2 -1
- package/build/index.js +6 -1
- package/build/index.js.map +1 -1
- package/build/models/exchange.d.ts +1 -4
- package/build/models/exchange.js.map +1 -1
- package/build/models/internal.d.ts +3 -8
- package/build/models/utils.d.ts +22 -0
- package/build/models/utils.js +3 -0
- package/build/models/utils.js.map +1 -0
- package/build/protocols/credentials/v1/V1CredentialProtocol.js +5 -0
- package/build/protocols/credentials/v1/V1CredentialProtocol.js.map +1 -1
- package/build/services/AnonCredsHolderService.d.ts +6 -3
- package/build/services/AnonCredsHolderService.js.map +1 -1
- package/build/services/AnonCredsHolderServiceOptions.d.ts +37 -20
- package/build/services/AnonCredsVerifierService.d.ts +2 -1
- package/build/services/AnonCredsVerifierServiceOptions.d.ts +12 -7
- package/build/updates/0.4-0.5/anonCredsCredentialRecord.d.ts +5 -0
- package/build/updates/0.4-0.5/anonCredsCredentialRecord.js +119 -0
- package/build/updates/0.4-0.5/anonCredsCredentialRecord.js.map +1 -0
- package/build/updates/0.4-0.5/index.d.ts +2 -0
- package/build/updates/0.4-0.5/index.js +9 -0
- package/build/updates/0.4-0.5/index.js.map +1 -0
- package/build/utils/anonCredsObjects.d.ts +26 -0
- package/build/utils/anonCredsObjects.js +82 -0
- package/build/utils/anonCredsObjects.js.map +1 -0
- package/build/utils/credential.d.ts +17 -11
- package/build/utils/credential.js +55 -36
- package/build/utils/credential.js.map +1 -1
- package/build/utils/getRevocationRegistries.d.ts +1 -9
- package/build/utils/index.d.ts +3 -1
- package/build/utils/index.js +6 -2
- package/build/utils/index.js.map +1 -1
- package/build/utils/indyIdentifiers.d.ts +18 -0
- package/build/utils/indyIdentifiers.js +151 -1
- package/build/utils/indyIdentifiers.js.map +1 -1
- package/build/utils/linkSecret.d.ts +2 -0
- package/build/utils/linkSecret.js +21 -1
- package/build/utils/linkSecret.js.map +1 -1
- package/build/utils/metadata.d.ts +21 -9
- package/build/utils/metadata.js +8 -2
- package/build/utils/metadata.js.map +1 -1
- package/build/utils/w3cAnonCredsUtils.d.ts +35 -0
- package/build/utils/w3cAnonCredsUtils.js +124 -0
- package/build/utils/w3cAnonCredsUtils.js.map +1 -0
- package/package.json +6 -4
|
@@ -15,7 +15,33 @@ const models_1 = require("../models");
|
|
|
15
15
|
const repository_1 = require("../repository");
|
|
16
16
|
const services_1 = require("../services");
|
|
17
17
|
const utils_1 = require("../utils");
|
|
18
|
+
const indyIdentifiers_1 = require("../utils/indyIdentifiers");
|
|
19
|
+
const linkSecret_1 = require("../utils/linkSecret");
|
|
20
|
+
const metadata_1 = require("../utils/metadata");
|
|
21
|
+
const w3cAnonCredsUtils_1 = require("../utils/w3cAnonCredsUtils");
|
|
22
|
+
const utils_2 = require("./utils");
|
|
18
23
|
let AnonCredsRsHolderService = class AnonCredsRsHolderService {
|
|
24
|
+
constructor() {
|
|
25
|
+
this.getPresentationMetadata = async (agentContext, options) => {
|
|
26
|
+
const { credentialsWithMetadata, credentialsProve } = options;
|
|
27
|
+
const credentials = await Promise.all(credentialsWithMetadata.map(async ({ credential, nonRevoked }) => {
|
|
28
|
+
const credentialJson = core_1.JsonTransformer.toJSON(credential);
|
|
29
|
+
const { revocationRegistryIndex, revocationRegistryId, timestamp } = anoncreds_shared_1.W3cCredential.fromJson(credentialJson);
|
|
30
|
+
if (!nonRevoked)
|
|
31
|
+
return { credential: credentialJson, revocationState: undefined, timestamp: undefined };
|
|
32
|
+
if (!revocationRegistryId || !revocationRegistryIndex)
|
|
33
|
+
throw new core_1.CredoError('Missing revocation metadata');
|
|
34
|
+
const { revocationState, updatedTimestamp } = await (0, utils_2.getRevocationMetadata)(agentContext, {
|
|
35
|
+
nonRevokedInterval: nonRevoked,
|
|
36
|
+
timestamp,
|
|
37
|
+
revocationRegistryIndex,
|
|
38
|
+
revocationRegistryId,
|
|
39
|
+
});
|
|
40
|
+
return { credential: credentialJson, revocationState, timestamp: updatedTimestamp };
|
|
41
|
+
}));
|
|
42
|
+
return { credentialsProve, credentials };
|
|
43
|
+
};
|
|
44
|
+
}
|
|
19
45
|
async createLinkSecret(agentContext, options) {
|
|
20
46
|
var _a;
|
|
21
47
|
return {
|
|
@@ -35,45 +61,60 @@ let AnonCredsRsHolderService = class AnonCredsRsHolderService {
|
|
|
35
61
|
for (const schemaId in schemas) {
|
|
36
62
|
rsSchemas[schemaId] = schemas[schemaId];
|
|
37
63
|
}
|
|
38
|
-
const
|
|
64
|
+
const w3cCredentialRepository = agentContext.dependencyManager.resolve(core_1.W3cCredentialRepository);
|
|
65
|
+
const anoncredsCredentialRepository = agentContext.dependencyManager.resolve(repository_1.AnonCredsCredentialRepository);
|
|
39
66
|
// Cache retrieved credentials in order to minimize storage calls
|
|
40
67
|
const retrievedCredentials = new Map();
|
|
41
68
|
const credentialEntryFromAttribute = async (attribute) => {
|
|
42
69
|
let credentialRecord = retrievedCredentials.get(attribute.credentialId);
|
|
43
70
|
if (!credentialRecord) {
|
|
44
|
-
|
|
45
|
-
|
|
71
|
+
const w3cCredentialRecord = await w3cCredentialRepository.findById(agentContext, attribute.credentialId);
|
|
72
|
+
if (w3cCredentialRecord) {
|
|
73
|
+
credentialRecord = w3cCredentialRecord;
|
|
74
|
+
retrievedCredentials.set(attribute.credentialId, w3cCredentialRecord);
|
|
75
|
+
}
|
|
76
|
+
else {
|
|
77
|
+
credentialRecord = await anoncredsCredentialRepository.getByCredentialId(agentContext, attribute.credentialId);
|
|
78
|
+
agentContext.config.logger.warn([
|
|
79
|
+
`Creating AnonCreds proof with legacy credential ${attribute.credentialId}.`,
|
|
80
|
+
`Please run the migration script to migrate credentials to the new w3c format. See https://credo.js.org/guides/updating/versions/0.4-to-0.5 for information on how to migrate.`,
|
|
81
|
+
].join('\n'));
|
|
82
|
+
}
|
|
46
83
|
}
|
|
47
|
-
const
|
|
48
|
-
const revocationRegistryIndex = credentialRecord.credentialRevocationId;
|
|
84
|
+
const { linkSecretId, revocationRegistryId, credentialRevocationId } = (0, w3cAnonCredsUtils_1.getAnoncredsCredentialInfoFromRecord)(credentialRecord);
|
|
49
85
|
// TODO: Check if credential has a revocation registry id (check response from anoncreds-rs API, as it is
|
|
50
86
|
// sending back a mandatory string in Credential.revocationRegistryId)
|
|
51
87
|
const timestamp = attribute.timestamp;
|
|
52
88
|
let revocationState;
|
|
53
89
|
let revocationRegistryDefinition;
|
|
54
90
|
try {
|
|
55
|
-
if (timestamp &&
|
|
56
|
-
if (!options.revocationRegistries[
|
|
57
|
-
throw new error_1.AnonCredsRsError(`Revocation Registry ${
|
|
91
|
+
if (timestamp && credentialRevocationId && revocationRegistryId) {
|
|
92
|
+
if (!options.revocationRegistries[revocationRegistryId]) {
|
|
93
|
+
throw new error_1.AnonCredsRsError(`Revocation Registry ${revocationRegistryId} not found`);
|
|
58
94
|
}
|
|
59
|
-
const { definition, revocationStatusLists, tailsFilePath } = options.revocationRegistries[
|
|
95
|
+
const { definition, revocationStatusLists, tailsFilePath } = options.revocationRegistries[revocationRegistryId];
|
|
60
96
|
// Extract revocation status list for the given timestamp
|
|
61
97
|
const revocationStatusList = revocationStatusLists[timestamp];
|
|
62
98
|
if (!revocationStatusList) {
|
|
63
|
-
throw new core_1.CredoError(`Revocation status list for revocation registry ${
|
|
99
|
+
throw new core_1.CredoError(`Revocation status list for revocation registry ${revocationRegistryId} and timestamp ${timestamp} not found in revocation status lists. All revocation status lists must be present.`);
|
|
64
100
|
}
|
|
65
101
|
revocationRegistryDefinition = anoncreds_shared_1.RevocationRegistryDefinition.fromJson(definition);
|
|
66
102
|
revocationState = anoncreds_shared_1.CredentialRevocationState.create({
|
|
67
|
-
revocationRegistryIndex: Number(
|
|
103
|
+
revocationRegistryIndex: Number(credentialRevocationId),
|
|
68
104
|
revocationRegistryDefinition,
|
|
69
105
|
tailsPath: tailsFilePath,
|
|
70
106
|
revocationStatusList: anoncreds_shared_1.RevocationStatusList.fromJson(revocationStatusList),
|
|
71
107
|
});
|
|
72
108
|
}
|
|
109
|
+
const credential = credentialRecord instanceof core_1.W3cCredentialRecord
|
|
110
|
+
? await this.w3cToLegacyCredential(agentContext, {
|
|
111
|
+
credential: credentialRecord.credential,
|
|
112
|
+
})
|
|
113
|
+
: credentialRecord.credential;
|
|
73
114
|
return {
|
|
74
|
-
linkSecretId
|
|
115
|
+
linkSecretId,
|
|
75
116
|
credentialEntry: {
|
|
76
|
-
credential:
|
|
117
|
+
credential: credential,
|
|
77
118
|
revocationState: revocationState === null || revocationState === void 0 ? void 0 : revocationState.toJson(),
|
|
78
119
|
timestamp,
|
|
79
120
|
},
|
|
@@ -99,17 +140,9 @@ let AnonCredsRsHolderService = class AnonCredsRsHolderService {
|
|
|
99
140
|
credentialsProve.push({ entryIndex, isPredicate: true, referent, reveal: true });
|
|
100
141
|
entryIndex = entryIndex + 1;
|
|
101
142
|
}
|
|
102
|
-
|
|
103
|
-
const
|
|
104
|
-
|
|
105
|
-
throw new error_1.AnonCredsRsError('All credentials in a Proof should have been issued using the same Link Secret');
|
|
106
|
-
}
|
|
107
|
-
const linkSecretRecord = await agentContext.dependencyManager
|
|
108
|
-
.resolve(repository_1.AnonCredsLinkSecretRepository)
|
|
109
|
-
.getByLinkSecretId(agentContext, credentials[0].linkSecretId);
|
|
110
|
-
if (!linkSecretRecord.value) {
|
|
111
|
-
throw new error_1.AnonCredsRsError('Link Secret value not stored');
|
|
112
|
-
}
|
|
143
|
+
const linkSecretIds = credentials.map((item) => item.linkSecretId);
|
|
144
|
+
const linkSecretId = (0, linkSecret_1.assertLinkSecretsMatch)(agentContext, linkSecretIds);
|
|
145
|
+
const linkSecret = await (0, linkSecret_1.getLinkSecret)(agentContext, linkSecretId);
|
|
113
146
|
presentation = anoncreds_shared_1.Presentation.create({
|
|
114
147
|
credentialDefinitions: rsCredentialDefinitions,
|
|
115
148
|
schemas: rsSchemas,
|
|
@@ -117,7 +150,7 @@ let AnonCredsRsHolderService = class AnonCredsRsHolderService {
|
|
|
117
150
|
credentials: credentials.map((entry) => entry.credentialEntry),
|
|
118
151
|
credentialsProve,
|
|
119
152
|
selfAttest: selectedCredentials.selfAttestedAttributes,
|
|
120
|
-
linkSecret
|
|
153
|
+
linkSecret,
|
|
121
154
|
});
|
|
122
155
|
return presentation.toJson();
|
|
123
156
|
}
|
|
@@ -170,69 +203,116 @@ let AnonCredsRsHolderService = class AnonCredsRsHolderService {
|
|
|
170
203
|
createReturnObj === null || createReturnObj === void 0 ? void 0 : createReturnObj.credentialRequestMetadata.handle.clear();
|
|
171
204
|
}
|
|
172
205
|
}
|
|
173
|
-
async
|
|
206
|
+
async w3cToLegacyCredential(agentContext, options) {
|
|
207
|
+
const credentialJson = core_1.JsonTransformer.toJSON(options.credential);
|
|
208
|
+
const w3cAnonCredsCredentialObj = anoncreds_shared_1.W3cCredential.fromJson(credentialJson);
|
|
209
|
+
const w3cCredentialObj = w3cAnonCredsCredentialObj.toLegacy();
|
|
210
|
+
const legacyCredential = w3cCredentialObj.toJson();
|
|
211
|
+
return legacyCredential;
|
|
212
|
+
}
|
|
213
|
+
async processW3cCredential(agentContext, credential, processOptions) {
|
|
214
|
+
const { credentialRequestMetadata, revocationRegistryDefinition, credentialDefinition } = processOptions;
|
|
215
|
+
const processCredentialOptions = {
|
|
216
|
+
credentialRequestMetadata: credentialRequestMetadata,
|
|
217
|
+
linkSecret: await (0, linkSecret_1.getLinkSecret)(agentContext, credentialRequestMetadata.link_secret_name),
|
|
218
|
+
revocationRegistryDefinition: revocationRegistryDefinition,
|
|
219
|
+
credentialDefinition: credentialDefinition,
|
|
220
|
+
};
|
|
221
|
+
const credentialJson = core_1.JsonTransformer.toJSON(credential);
|
|
222
|
+
const w3cAnonCredsCredential = anoncreds_shared_1.W3cCredential.fromJson(credentialJson);
|
|
223
|
+
const processedW3cAnonCredsCredential = w3cAnonCredsCredential.process(processCredentialOptions);
|
|
224
|
+
const processedW3cJsonLdVerifiableCredential = core_1.JsonTransformer.fromJSON(processedW3cAnonCredsCredential.toJson(), core_1.W3cJsonLdVerifiableCredential);
|
|
225
|
+
return processedW3cJsonLdVerifiableCredential;
|
|
226
|
+
}
|
|
227
|
+
async legacyToW3cCredential(agentContext, options) {
|
|
174
228
|
var _a, _b;
|
|
175
|
-
const { credential,
|
|
176
|
-
|
|
177
|
-
|
|
178
|
-
|
|
179
|
-
if (!linkSecretRecord.value) {
|
|
180
|
-
throw new error_1.AnonCredsRsError('Link Secret value not stored');
|
|
181
|
-
}
|
|
182
|
-
const revocationRegistryDefinition = revocationRegistry === null || revocationRegistry === void 0 ? void 0 : revocationRegistry.definition;
|
|
183
|
-
const credentialId = (_a = options.credentialId) !== null && _a !== void 0 ? _a : core_1.utils.uuid();
|
|
184
|
-
let credentialObj;
|
|
185
|
-
let processedCredential;
|
|
229
|
+
const { credential, issuerId, processOptions } = options;
|
|
230
|
+
let w3cCredential;
|
|
231
|
+
let anonCredsCredential;
|
|
232
|
+
let w3cCredentialObj;
|
|
186
233
|
try {
|
|
187
|
-
|
|
188
|
-
|
|
189
|
-
|
|
190
|
-
|
|
191
|
-
|
|
192
|
-
|
|
193
|
-
});
|
|
194
|
-
const credentialRepository = agentContext.dependencyManager.resolve(repository_1.AnonCredsCredentialRepository);
|
|
195
|
-
const methodName = agentContext.dependencyManager
|
|
196
|
-
.resolve(services_1.AnonCredsRegistryService)
|
|
197
|
-
.getRegistryForIdentifier(agentContext, credential.cred_def_id).methodName;
|
|
198
|
-
await credentialRepository.save(agentContext, new repository_1.AnonCredsCredentialRecord({
|
|
199
|
-
credential: processedCredential.toJson(),
|
|
200
|
-
credentialId,
|
|
201
|
-
linkSecretId: linkSecretRecord.linkSecretId,
|
|
202
|
-
issuerId: options.credentialDefinition.issuerId,
|
|
203
|
-
schemaName: schema.name,
|
|
204
|
-
schemaIssuerId: schema.issuerId,
|
|
205
|
-
schemaVersion: schema.version,
|
|
206
|
-
credentialRevocationId: (_b = processedCredential.revocationRegistryIndex) === null || _b === void 0 ? void 0 : _b.toString(),
|
|
207
|
-
methodName,
|
|
208
|
-
}));
|
|
209
|
-
return credentialId;
|
|
234
|
+
anonCredsCredential = anoncreds_shared_1.Credential.fromJson(credential);
|
|
235
|
+
w3cCredentialObj = anonCredsCredential.toW3c({ issuerId, w3cVersion: '1.1' });
|
|
236
|
+
const w3cJsonLdVerifiableCredential = core_1.JsonTransformer.fromJSON(w3cCredentialObj.toJson(), core_1.W3cJsonLdVerifiableCredential);
|
|
237
|
+
w3cCredential = processOptions
|
|
238
|
+
? await this.processW3cCredential(agentContext, w3cJsonLdVerifiableCredential, processOptions)
|
|
239
|
+
: w3cJsonLdVerifiableCredential;
|
|
210
240
|
}
|
|
211
241
|
finally {
|
|
212
|
-
|
|
213
|
-
|
|
242
|
+
(_a = anonCredsCredential === null || anonCredsCredential === void 0 ? void 0 : anonCredsCredential.handle) === null || _a === void 0 ? void 0 : _a.clear();
|
|
243
|
+
(_b = w3cCredentialObj === null || w3cCredentialObj === void 0 ? void 0 : w3cCredentialObj.handle) === null || _b === void 0 ? void 0 : _b.clear();
|
|
214
244
|
}
|
|
245
|
+
return w3cCredential;
|
|
215
246
|
}
|
|
216
|
-
async
|
|
217
|
-
|
|
218
|
-
const
|
|
219
|
-
.resolve(
|
|
220
|
-
.
|
|
221
|
-
|
|
222
|
-
|
|
223
|
-
|
|
224
|
-
|
|
225
|
-
|
|
226
|
-
|
|
227
|
-
|
|
228
|
-
|
|
229
|
-
schemaId:
|
|
230
|
-
|
|
231
|
-
revocationRegistryId
|
|
232
|
-
|
|
247
|
+
async storeW3cCredential(agentContext, options) {
|
|
248
|
+
const { credential, credentialRequestMetadata, schema, credentialDefinition, credentialDefinitionId } = options;
|
|
249
|
+
const methodName = agentContext.dependencyManager
|
|
250
|
+
.resolve(services_1.AnonCredsRegistryService)
|
|
251
|
+
.getRegistryForIdentifier(agentContext, credential.issuerId).methodName;
|
|
252
|
+
// this thows an error if the link secret is not found
|
|
253
|
+
await (0, linkSecret_1.getLinkSecret)(agentContext, credentialRequestMetadata.link_secret_name);
|
|
254
|
+
const { revocationRegistryId, revocationRegistryIndex } = anoncreds_shared_1.W3cCredential.fromJson(core_1.JsonTransformer.toJSON(credential));
|
|
255
|
+
const w3cCredentialService = agentContext.dependencyManager.resolve(core_1.W3cCredentialService);
|
|
256
|
+
const w3cCredentialRecord = await w3cCredentialService.storeCredential(agentContext, { credential });
|
|
257
|
+
const anonCredsTags = (0, w3cAnonCredsUtils_1.getW3cRecordAnonCredsTags)({
|
|
258
|
+
w3cCredentialRecord,
|
|
259
|
+
schema,
|
|
260
|
+
schemaId: credentialDefinition.schemaId,
|
|
261
|
+
credentialDefinitionId,
|
|
262
|
+
revocationRegistryId,
|
|
263
|
+
credentialRevocationId: revocationRegistryIndex === null || revocationRegistryIndex === void 0 ? void 0 : revocationRegistryIndex.toString(),
|
|
264
|
+
linkSecretId: credentialRequestMetadata.link_secret_name,
|
|
265
|
+
methodName,
|
|
266
|
+
});
|
|
267
|
+
const anonCredsCredentialMetadata = {
|
|
268
|
+
credentialId: w3cCredentialRecord.id,
|
|
269
|
+
credentialRevocationId: anonCredsTags.anonCredsCredentialRevocationId,
|
|
270
|
+
linkSecretId: anonCredsTags.anonCredsLinkSecretId,
|
|
271
|
+
methodName: anonCredsTags.anonCredsMethodName,
|
|
233
272
|
};
|
|
273
|
+
w3cCredentialRecord.setTags(anonCredsTags);
|
|
274
|
+
w3cCredentialRecord.metadata.set(metadata_1.W3cAnonCredsCredentialMetadataKey, anonCredsCredentialMetadata);
|
|
275
|
+
const w3cCredentialRepository = agentContext.dependencyManager.resolve(core_1.W3cCredentialRepository);
|
|
276
|
+
await w3cCredentialRepository.update(agentContext, w3cCredentialRecord);
|
|
277
|
+
return w3cCredentialRecord;
|
|
234
278
|
}
|
|
235
|
-
async
|
|
279
|
+
async storeCredential(agentContext, options) {
|
|
280
|
+
const { credential, credentialDefinition, credentialDefinitionId, credentialRequestMetadata, schema, revocationRegistry, } = options;
|
|
281
|
+
const w3cJsonLdCredential = credential instanceof core_1.W3cJsonLdVerifiableCredential
|
|
282
|
+
? credential
|
|
283
|
+
: await this.legacyToW3cCredential(agentContext, {
|
|
284
|
+
credential,
|
|
285
|
+
issuerId: credentialDefinition.issuerId,
|
|
286
|
+
processOptions: {
|
|
287
|
+
credentialRequestMetadata,
|
|
288
|
+
credentialDefinition,
|
|
289
|
+
revocationRegistryDefinition: revocationRegistry === null || revocationRegistry === void 0 ? void 0 : revocationRegistry.definition,
|
|
290
|
+
},
|
|
291
|
+
});
|
|
292
|
+
const w3cCredentialRecord = await this.storeW3cCredential(agentContext, {
|
|
293
|
+
credentialRequestMetadata,
|
|
294
|
+
credential: w3cJsonLdCredential,
|
|
295
|
+
credentialDefinitionId,
|
|
296
|
+
schema,
|
|
297
|
+
credentialDefinition,
|
|
298
|
+
revocationRegistryDefinition: revocationRegistry === null || revocationRegistry === void 0 ? void 0 : revocationRegistry.definition,
|
|
299
|
+
});
|
|
300
|
+
return w3cCredentialRecord.id;
|
|
301
|
+
}
|
|
302
|
+
async getCredential(agentContext, options) {
|
|
303
|
+
const w3cCredentialRepository = agentContext.dependencyManager.resolve(core_1.W3cCredentialRepository);
|
|
304
|
+
const w3cCredentialRecord = await w3cCredentialRepository.findById(agentContext, options.id);
|
|
305
|
+
if (w3cCredentialRecord)
|
|
306
|
+
return (0, w3cAnonCredsUtils_1.getAnoncredsCredentialInfoFromRecord)(w3cCredentialRecord);
|
|
307
|
+
const anonCredsCredentialRepository = agentContext.dependencyManager.resolve(repository_1.AnonCredsCredentialRepository);
|
|
308
|
+
const anonCredsCredentialRecord = await anonCredsCredentialRepository.getByCredentialId(agentContext, options.id);
|
|
309
|
+
agentContext.config.logger.warn([
|
|
310
|
+
`Querying legacy credential repository for credential with id ${options.id}.`,
|
|
311
|
+
`Please run the migration script to migrate credentials to the new w3c format.`,
|
|
312
|
+
].join('\n'));
|
|
313
|
+
return (0, w3cAnonCredsUtils_1.getAnoncredsCredentialInfoFromRecord)(anonCredsCredentialRecord);
|
|
314
|
+
}
|
|
315
|
+
async getLegacyCredentials(agentContext, options) {
|
|
236
316
|
const credentialRecords = await agentContext.dependencyManager
|
|
237
317
|
.resolve(repository_1.AnonCredsCredentialRepository)
|
|
238
318
|
.findByQuery(agentContext, {
|
|
@@ -244,25 +324,47 @@ let AnonCredsRsHolderService = class AnonCredsRsHolderService {
|
|
|
244
324
|
schemaIssuerId: options.schemaIssuerId,
|
|
245
325
|
methodName: options.methodName,
|
|
246
326
|
});
|
|
247
|
-
return credentialRecords.map((credentialRecord) =>
|
|
248
|
-
|
|
249
|
-
|
|
250
|
-
|
|
251
|
-
|
|
252
|
-
|
|
253
|
-
|
|
254
|
-
|
|
255
|
-
|
|
256
|
-
|
|
257
|
-
|
|
327
|
+
return credentialRecords.map((credentialRecord) => (0, w3cAnonCredsUtils_1.getAnoncredsCredentialInfoFromRecord)(credentialRecord));
|
|
328
|
+
}
|
|
329
|
+
async getCredentials(agentContext, options) {
|
|
330
|
+
const credentialRecords = await agentContext.dependencyManager
|
|
331
|
+
.resolve(core_1.W3cCredentialRepository)
|
|
332
|
+
.findByQuery(agentContext, {
|
|
333
|
+
anonCredsCredentialDefinitionId: !options.credentialDefinitionId || (0, indyIdentifiers_1.isUnqualifiedCredentialDefinitionId)(options.credentialDefinitionId)
|
|
334
|
+
? undefined
|
|
335
|
+
: options.credentialDefinitionId,
|
|
336
|
+
anonCredsSchemaId: !options.schemaId || (0, indyIdentifiers_1.isUnqualifiedSchemaId)(options.schemaId) ? undefined : options.schemaId,
|
|
337
|
+
anonCredsIssuerId: !options.issuerId || (0, indyIdentifiers_1.isUnqualifiedIndyDid)(options.issuerId) ? undefined : options.issuerId,
|
|
338
|
+
anonCredsSchemaName: options.schemaName,
|
|
339
|
+
anonCredsSchemaVersion: options.schemaVersion,
|
|
340
|
+
anonCredsSchemaIssuerId: !options.schemaIssuerId || (0, indyIdentifiers_1.isUnqualifiedIndyDid)(options.schemaIssuerId) ? undefined : options.schemaIssuerId,
|
|
341
|
+
anonCredsMethodName: options.methodName,
|
|
342
|
+
anonCredsUnqualifiedSchemaId: options.schemaId && (0, indyIdentifiers_1.isUnqualifiedSchemaId)(options.schemaId) ? options.schemaId : undefined,
|
|
343
|
+
anonCredsUnqualifiedIssuerId: options.issuerId && (0, indyIdentifiers_1.isUnqualifiedIndyDid)(options.issuerId) ? options.issuerId : undefined,
|
|
344
|
+
anonCredsUnqualifiedSchemaIssuerId: options.schemaIssuerId && (0, indyIdentifiers_1.isUnqualifiedIndyDid)(options.schemaIssuerId) ? options.schemaIssuerId : undefined,
|
|
345
|
+
anonCredsUnqualifiedCredentialDefinitionId: options.credentialDefinitionId && (0, indyIdentifiers_1.isUnqualifiedCredentialDefinitionId)(options.credentialDefinitionId)
|
|
346
|
+
? options.credentialDefinitionId
|
|
347
|
+
: undefined,
|
|
258
348
|
});
|
|
349
|
+
const credentials = credentialRecords.map((credentialRecord) => (0, w3cAnonCredsUtils_1.getAnoncredsCredentialInfoFromRecord)(credentialRecord));
|
|
350
|
+
const legacyCredentials = await this.getLegacyCredentials(agentContext, options);
|
|
351
|
+
if (legacyCredentials.length > 0) {
|
|
352
|
+
agentContext.config.logger.warn(`Queried credentials include legacy credentials. Please run the migration script to migrate credentials to the new w3c format.`);
|
|
353
|
+
}
|
|
354
|
+
return [...legacyCredentials, ...credentials];
|
|
259
355
|
}
|
|
260
|
-
async deleteCredential(agentContext,
|
|
261
|
-
const
|
|
262
|
-
const
|
|
263
|
-
|
|
356
|
+
async deleteCredential(agentContext, id) {
|
|
357
|
+
const w3cCredentialRepository = agentContext.dependencyManager.resolve(core_1.W3cCredentialRepository);
|
|
358
|
+
const w3cCredentialRecord = await w3cCredentialRepository.findById(agentContext, id);
|
|
359
|
+
if (w3cCredentialRecord) {
|
|
360
|
+
await w3cCredentialRepository.delete(agentContext, w3cCredentialRecord);
|
|
361
|
+
return;
|
|
362
|
+
}
|
|
363
|
+
const anoncredsCredentialRepository = agentContext.dependencyManager.resolve(repository_1.AnonCredsCredentialRepository);
|
|
364
|
+
const anoncredsCredentialRecord = await anoncredsCredentialRepository.getByCredentialId(agentContext, id);
|
|
365
|
+
await anoncredsCredentialRepository.delete(agentContext, anoncredsCredentialRecord);
|
|
264
366
|
}
|
|
265
|
-
async
|
|
367
|
+
async getLegacyCredentialsForProofRequest(agentContext, options) {
|
|
266
368
|
var _a, _b;
|
|
267
369
|
const proofRequest = options.proofRequest;
|
|
268
370
|
const referent = options.attributeReferent;
|
|
@@ -275,12 +377,12 @@ let AnonCredsRsHolderService = class AnonCredsRsHolderService {
|
|
|
275
377
|
const attributes = (_b = requestedAttribute.names) !== null && _b !== void 0 ? _b : [requestedAttribute.name];
|
|
276
378
|
const attributeQuery = {};
|
|
277
379
|
for (const attribute of attributes) {
|
|
278
|
-
attributeQuery[`
|
|
380
|
+
attributeQuery[`anonCredsAttr::${attribute}::marker`] = true;
|
|
279
381
|
}
|
|
280
382
|
$and.push(attributeQuery);
|
|
281
383
|
// Add query for proof request restrictions
|
|
282
384
|
if (requestedAttribute.restrictions) {
|
|
283
|
-
const restrictionQuery = this.
|
|
385
|
+
const restrictionQuery = this.queryLegacyFromRestrictions(requestedAttribute.restrictions);
|
|
284
386
|
$and.push(restrictionQuery);
|
|
285
387
|
}
|
|
286
388
|
// Add extra query
|
|
@@ -295,42 +397,146 @@ let AnonCredsRsHolderService = class AnonCredsRsHolderService {
|
|
|
295
397
|
$and,
|
|
296
398
|
});
|
|
297
399
|
return credentials.map((credentialRecord) => {
|
|
298
|
-
var _a, _b;
|
|
299
|
-
const attributes = {};
|
|
300
|
-
for (const attribute in credentialRecord.credential.values) {
|
|
301
|
-
attributes[attribute] = credentialRecord.credential.values[attribute].raw;
|
|
302
|
-
}
|
|
303
400
|
return {
|
|
304
|
-
credentialInfo:
|
|
305
|
-
attributes,
|
|
306
|
-
credentialDefinitionId: credentialRecord.credential.cred_def_id,
|
|
307
|
-
credentialId: credentialRecord.credentialId,
|
|
308
|
-
schemaId: credentialRecord.credential.schema_id,
|
|
309
|
-
credentialRevocationId: (_a = credentialRecord.credentialRevocationId) !== null && _a !== void 0 ? _a : null,
|
|
310
|
-
revocationRegistryId: (_b = credentialRecord.credential.rev_reg_id) !== null && _b !== void 0 ? _b : null,
|
|
311
|
-
methodName: credentialRecord.methodName,
|
|
312
|
-
},
|
|
401
|
+
credentialInfo: (0, w3cAnonCredsUtils_1.getAnoncredsCredentialInfoFromRecord)(credentialRecord),
|
|
313
402
|
interval: proofRequest.non_revoked,
|
|
314
403
|
};
|
|
315
404
|
});
|
|
316
405
|
}
|
|
406
|
+
async getCredentialsForProofRequest(agentContext, options) {
|
|
407
|
+
var _a, _b;
|
|
408
|
+
const proofRequest = options.proofRequest;
|
|
409
|
+
const referent = options.attributeReferent;
|
|
410
|
+
const requestedAttribute = (_a = proofRequest.requested_attributes[referent]) !== null && _a !== void 0 ? _a : proofRequest.requested_predicates[referent];
|
|
411
|
+
if (!requestedAttribute) {
|
|
412
|
+
throw new error_1.AnonCredsRsError(`Referent not found in proof request`);
|
|
413
|
+
}
|
|
414
|
+
const $and = [];
|
|
415
|
+
// Make sure the attribute(s) that are requested are present using the marker tag
|
|
416
|
+
const attributes = (_b = requestedAttribute.names) !== null && _b !== void 0 ? _b : [requestedAttribute.name];
|
|
417
|
+
const attributeQuery = {};
|
|
418
|
+
for (const attribute of attributes) {
|
|
419
|
+
attributeQuery[`anonCredsAttr::${attribute}::marker`] = true;
|
|
420
|
+
}
|
|
421
|
+
$and.push(attributeQuery);
|
|
422
|
+
// Add query for proof request restrictions
|
|
423
|
+
if (requestedAttribute.restrictions) {
|
|
424
|
+
const restrictionQuery = this.queryFromRestrictions(requestedAttribute.restrictions);
|
|
425
|
+
$and.push(restrictionQuery);
|
|
426
|
+
}
|
|
427
|
+
// Add extra query
|
|
428
|
+
// TODO: we're not really typing the extraQuery, and it will work differently based on the anoncreds implmentation
|
|
429
|
+
// We should make the allowed properties more strict
|
|
430
|
+
if (options.extraQuery) {
|
|
431
|
+
$and.push(options.extraQuery);
|
|
432
|
+
}
|
|
433
|
+
const w3cCredentialRepository = agentContext.dependencyManager.resolve(core_1.W3cCredentialRepository);
|
|
434
|
+
const credentials = await w3cCredentialRepository.findByQuery(agentContext, { $and });
|
|
435
|
+
const legacyCredentialWithMetadata = await this.getLegacyCredentialsForProofRequest(agentContext, options);
|
|
436
|
+
if (legacyCredentialWithMetadata.length > 0) {
|
|
437
|
+
agentContext.config.logger.warn([
|
|
438
|
+
`Including legacy credentials in proof request.`,
|
|
439
|
+
`Please run the migration script to migrate credentials to the new w3c format.`,
|
|
440
|
+
].join('\n'));
|
|
441
|
+
}
|
|
442
|
+
const credentialWithMetadata = credentials.map((credentialRecord) => {
|
|
443
|
+
return {
|
|
444
|
+
credentialInfo: (0, w3cAnonCredsUtils_1.getAnoncredsCredentialInfoFromRecord)(credentialRecord),
|
|
445
|
+
interval: proofRequest.non_revoked,
|
|
446
|
+
};
|
|
447
|
+
});
|
|
448
|
+
return [...credentialWithMetadata, ...legacyCredentialWithMetadata];
|
|
449
|
+
}
|
|
317
450
|
queryFromRestrictions(restrictions) {
|
|
318
451
|
var _a, _b;
|
|
319
452
|
const query = [];
|
|
320
453
|
const { restrictions: parsedRestrictions } = core_1.JsonTransformer.fromJSON({ restrictions }, models_1.AnonCredsRestrictionWrapper);
|
|
321
454
|
for (const restriction of parsedRestrictions) {
|
|
322
455
|
const queryElements = {};
|
|
456
|
+
if (restriction.credentialDefinitionId) {
|
|
457
|
+
if ((0, indyIdentifiers_1.isUnqualifiedCredentialDefinitionId)(restriction.credentialDefinitionId)) {
|
|
458
|
+
queryElements.anonCredsUnqualifiedCredentialDefinitionId = restriction.credentialDefinitionId;
|
|
459
|
+
}
|
|
460
|
+
else {
|
|
461
|
+
queryElements.anonCredsCredentialDefinitionId = restriction.credentialDefinitionId;
|
|
462
|
+
}
|
|
463
|
+
}
|
|
464
|
+
if (restriction.issuerId || restriction.issuerDid) {
|
|
465
|
+
const issuerId = ((_a = restriction.issuerId) !== null && _a !== void 0 ? _a : restriction.issuerDid);
|
|
466
|
+
if ((0, indyIdentifiers_1.isUnqualifiedIndyDid)(issuerId)) {
|
|
467
|
+
queryElements.anonCredsUnqualifiedIssuerId = issuerId;
|
|
468
|
+
}
|
|
469
|
+
else {
|
|
470
|
+
queryElements.anonCredsIssuerId = issuerId;
|
|
471
|
+
}
|
|
472
|
+
}
|
|
473
|
+
if (restriction.schemaId) {
|
|
474
|
+
if ((0, indyIdentifiers_1.isUnqualifiedSchemaId)(restriction.schemaId)) {
|
|
475
|
+
queryElements.anonCredsUnqualifiedSchemaId = restriction.schemaId;
|
|
476
|
+
}
|
|
477
|
+
else {
|
|
478
|
+
queryElements.anonCredsSchemaId = restriction.schemaId;
|
|
479
|
+
}
|
|
480
|
+
}
|
|
481
|
+
if (restriction.schemaIssuerId || restriction.schemaIssuerDid) {
|
|
482
|
+
const schemaIssuerId = ((_b = restriction.schemaIssuerId) !== null && _b !== void 0 ? _b : restriction.schemaIssuerDid);
|
|
483
|
+
if ((0, indyIdentifiers_1.isUnqualifiedIndyDid)(schemaIssuerId)) {
|
|
484
|
+
queryElements.anonCredsUnqualifiedSchemaIssuerId = schemaIssuerId;
|
|
485
|
+
}
|
|
486
|
+
else {
|
|
487
|
+
queryElements.anonCredsSchemaIssuerId = schemaIssuerId;
|
|
488
|
+
}
|
|
489
|
+
}
|
|
490
|
+
if (restriction.schemaName) {
|
|
491
|
+
queryElements.anonCredsSchemaName = restriction.schemaName;
|
|
492
|
+
}
|
|
493
|
+
if (restriction.schemaVersion) {
|
|
494
|
+
queryElements.anonCredsSchemaVersion = restriction.schemaVersion;
|
|
495
|
+
}
|
|
496
|
+
for (const [attributeName, attributeValue] of Object.entries(restriction.attributeValues)) {
|
|
497
|
+
queryElements[`anonCredsAttr::${attributeName}::value`] = attributeValue;
|
|
498
|
+
}
|
|
499
|
+
for (const [attributeName, isAvailable] of Object.entries(restriction.attributeMarkers)) {
|
|
500
|
+
if (isAvailable) {
|
|
501
|
+
queryElements[`anonCredsAttr::${attributeName}::marker`] = isAvailable;
|
|
502
|
+
}
|
|
503
|
+
}
|
|
504
|
+
query.push(queryElements);
|
|
505
|
+
}
|
|
506
|
+
return query.length === 1 ? query[0] : { $or: query };
|
|
507
|
+
}
|
|
508
|
+
queryLegacyFromRestrictions(restrictions) {
|
|
509
|
+
var _a, _b;
|
|
510
|
+
const query = [];
|
|
511
|
+
const { restrictions: parsedRestrictions } = core_1.JsonTransformer.fromJSON({ restrictions }, models_1.AnonCredsRestrictionWrapper);
|
|
512
|
+
for (const restriction of parsedRestrictions) {
|
|
513
|
+
const queryElements = {};
|
|
514
|
+
const additionalQueryElements = {};
|
|
323
515
|
if (restriction.credentialDefinitionId) {
|
|
324
516
|
queryElements.credentialDefinitionId = restriction.credentialDefinitionId;
|
|
517
|
+
if ((0, indyIdentifiers_1.isUnqualifiedCredentialDefinitionId)(restriction.credentialDefinitionId)) {
|
|
518
|
+
additionalQueryElements.credentialDefinitionId = restriction.credentialDefinitionId;
|
|
519
|
+
}
|
|
325
520
|
}
|
|
326
521
|
if (restriction.issuerId || restriction.issuerDid) {
|
|
327
|
-
|
|
522
|
+
const issuerId = ((_a = restriction.issuerId) !== null && _a !== void 0 ? _a : restriction.issuerDid);
|
|
523
|
+
queryElements.issuerId = issuerId;
|
|
524
|
+
if ((0, indyIdentifiers_1.isUnqualifiedIndyDid)(issuerId)) {
|
|
525
|
+
additionalQueryElements.issuerId = issuerId;
|
|
526
|
+
}
|
|
328
527
|
}
|
|
329
528
|
if (restriction.schemaId) {
|
|
330
529
|
queryElements.schemaId = restriction.schemaId;
|
|
530
|
+
if ((0, indyIdentifiers_1.isUnqualifiedSchemaId)(restriction.schemaId)) {
|
|
531
|
+
additionalQueryElements.schemaId = restriction.schemaId;
|
|
532
|
+
}
|
|
331
533
|
}
|
|
332
534
|
if (restriction.schemaIssuerId || restriction.schemaIssuerDid) {
|
|
333
|
-
|
|
535
|
+
const issuerId = ((_b = restriction.schemaIssuerId) !== null && _b !== void 0 ? _b : restriction.schemaIssuerDid);
|
|
536
|
+
queryElements.schemaIssuerId = issuerId;
|
|
537
|
+
if ((0, indyIdentifiers_1.isUnqualifiedIndyDid)(issuerId)) {
|
|
538
|
+
additionalQueryElements.schemaIssuerId = issuerId;
|
|
539
|
+
}
|
|
334
540
|
}
|
|
335
541
|
if (restriction.schemaName) {
|
|
336
542
|
queryElements.schemaName = restriction.schemaName;
|
|
@@ -347,9 +553,36 @@ let AnonCredsRsHolderService = class AnonCredsRsHolderService {
|
|
|
347
553
|
}
|
|
348
554
|
}
|
|
349
555
|
query.push(queryElements);
|
|
556
|
+
if (Object.keys(additionalQueryElements).length > 0) {
|
|
557
|
+
query.push(additionalQueryElements);
|
|
558
|
+
}
|
|
350
559
|
}
|
|
351
560
|
return query.length === 1 ? query[0] : { $or: query };
|
|
352
561
|
}
|
|
562
|
+
async createW3cPresentation(agentContext, options) {
|
|
563
|
+
const { credentialsProve, credentials } = await this.getPresentationMetadata(agentContext, {
|
|
564
|
+
credentialsWithMetadata: options.credentialsWithRevocationMetadata,
|
|
565
|
+
credentialsProve: options.credentialsProve,
|
|
566
|
+
});
|
|
567
|
+
let w3cAnonCredsPresentation;
|
|
568
|
+
let w3cPresentation;
|
|
569
|
+
try {
|
|
570
|
+
w3cAnonCredsPresentation = anoncreds_shared_1.W3cPresentation.create({
|
|
571
|
+
credentials,
|
|
572
|
+
credentialsProve,
|
|
573
|
+
schemas: options.schemas,
|
|
574
|
+
credentialDefinitions: options.credentialDefinitions,
|
|
575
|
+
presentationRequest: options.proofRequest,
|
|
576
|
+
linkSecret: await (0, linkSecret_1.getLinkSecret)(agentContext, options.linkSecretId),
|
|
577
|
+
});
|
|
578
|
+
const presentationJson = w3cAnonCredsPresentation.toJson();
|
|
579
|
+
w3cPresentation = core_1.JsonTransformer.fromJSON(presentationJson, core_1.W3cJsonLdVerifiablePresentation);
|
|
580
|
+
}
|
|
581
|
+
finally {
|
|
582
|
+
w3cAnonCredsPresentation === null || w3cAnonCredsPresentation === void 0 ? void 0 : w3cAnonCredsPresentation.handle.clear();
|
|
583
|
+
}
|
|
584
|
+
return w3cPresentation;
|
|
585
|
+
}
|
|
353
586
|
};
|
|
354
587
|
AnonCredsRsHolderService = __decorate([
|
|
355
588
|
(0, core_1.injectable)()
|