@docknetwork/wallet-sdk-wasm 1.7.6 → 1.9.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +6 -7
- package/rollup.config.mjs +1 -0
- package/src/globals.d.ts +4 -1
- package/src/services/blockchain/cached-did-resolver.ts +4 -3
- package/src/services/blockchain/normalize-did-document.ts +73 -0
- package/src/services/blockchain/service.ts +0 -2
- package/src/services/credential/bbs-revocation.test.js +147 -0
- package/src/services/credential/bbs-revocation.ts +65 -18
- package/src/services/credential/config.ts +7 -0
- package/src/services/credential/index.test.js +261 -17
- package/src/services/credential/oid4vci.js +44 -0
- package/src/services/credential/oid4vci.test.js +162 -0
- package/src/services/credential/pex-helpers.js +77 -31
- package/src/services/credential/pex-helpers.test.js +4 -4
- package/src/services/credential/sd-jwt.ts +41 -5
- package/src/services/credential/service-rpc.js +6 -0
- package/src/services/credential/service.ts +171 -16
- package/src/services/credential/utils.js +3 -5
- package/src/services/delegation/index.android.js +3 -0
- package/src/services/delegation/index.ios.js +3 -0
- package/src/services/delegation/index.ts +1 -0
- package/src/services/delegation/service-rpc.ts +21 -0
- package/src/services/delegation/service.ts +59 -0
- package/src/services/edv/service-rpc.js +18 -2
- package/src/services/edv/service.test.js +327 -0
- package/src/services/edv/service.ts +103 -13
- package/src/services/index.js +2 -0
- package/src/wallet/rpc-storage-interface.js +9 -4
- package/lib/core/crypto.js +0 -45
- package/lib/core/crypto.mjs +0 -33
- package/lib/core/format-utils.js +0 -51
- package/lib/core/format-utils.mjs +0 -42
- package/lib/core/keychain.js +0 -61
- package/lib/core/keychain.mjs +0 -37
- package/lib/core/logger.js +0 -13
- package/lib/core/logger.mjs +0 -9
- package/lib/core/storage.js +0 -14
- package/lib/core/storage.mjs +0 -9
- package/lib/core/validation.js +0 -29
- package/lib/core/validation.mjs +0 -16
- package/lib/core/webview-logger.js +0 -49
- package/lib/core/webview-logger.mjs +0 -41
- package/lib/errors.js +0 -17
- package/lib/errors.mjs +0 -12
- package/lib/events.js +0 -18
- package/lib/events.mjs +0 -13
- package/lib/index.js +0 -146
- package/lib/index.mjs +0 -144
- package/lib/logger.js +0 -22
- package/lib/logger.mjs +0 -17
- package/lib/modules/event-manager.js +0 -46
- package/lib/modules/event-manager.mjs +0 -37
- package/lib/modules/network-manager.js +0 -80
- package/lib/modules/network-manager.mjs +0 -71
- package/lib/mrklt.js +0 -2
- package/lib/mrklt.mjs +0 -1
- package/lib/rpc-client.js +0 -83
- package/lib/rpc-client.mjs +0 -73
- package/lib/rpc-server.js +0 -97
- package/lib/rpc-server.mjs +0 -95
- package/lib/rpc-util.js +0 -113
- package/lib/rpc-util.mjs +0 -103
- package/lib/sandbox-rpc-server.js +0 -28
- package/lib/sandbox-rpc-server.mjs +0 -26
- package/lib/sandbox.js +0 -102
- package/lib/sandbox.mjs +0 -100
- package/lib/services/blockchain/cached-did-resolver.js +0 -113
- package/lib/services/blockchain/cached-did-resolver.mjs +0 -109
- package/lib/services/blockchain/configs.js +0 -7
- package/lib/services/blockchain/configs.mjs +0 -3
- package/lib/services/blockchain/index.android.js +0 -18
- package/lib/services/blockchain/index.android.mjs +0 -14
- package/lib/services/blockchain/index.ios.js +0 -18
- package/lib/services/blockchain/index.ios.mjs +0 -14
- package/lib/services/blockchain/index.js +0 -36
- package/lib/services/blockchain/index.mjs +0 -28
- package/lib/services/blockchain/service-rpc.js +0 -72
- package/lib/services/blockchain/service-rpc.mjs +0 -68
- package/lib/services/blockchain/service.js +0 -312
- package/lib/services/blockchain/service.mjs +0 -306
- package/lib/services/credential/bbs-revocation.js +0 -92
- package/lib/services/credential/bbs-revocation.mjs +0 -87
- package/lib/services/credential/bound-check.js +0 -77
- package/lib/services/credential/bound-check.mjs +0 -64
- package/lib/services/credential/config.js +0 -56
- package/lib/services/credential/config.mjs +0 -47
- package/lib/services/credential/delegatable-credentials.js +0 -300
- package/lib/services/credential/delegatable-credentials.mjs +0 -263
- package/lib/services/credential/index.android.js +0 -19
- package/lib/services/credential/index.android.mjs +0 -15
- package/lib/services/credential/index.ios.js +0 -19
- package/lib/services/credential/index.ios.mjs +0 -15
- package/lib/services/credential/index.js +0 -106
- package/lib/services/credential/index.mjs +0 -67
- package/lib/services/credential/pex-helpers.js +0 -333
- package/lib/services/credential/pex-helpers.mjs +0 -319
- package/lib/services/credential/range-proofs-example.js +0 -107
- package/lib/services/credential/range-proofs-example.mjs +0 -103
- package/lib/services/credential/sd-jwt.js +0 -214
- package/lib/services/credential/sd-jwt.mjs +0 -200
- package/lib/services/credential/service-rpc.js +0 -61
- package/lib/services/credential/service-rpc.mjs +0 -57
- package/lib/services/credential/service.js +0 -683
- package/lib/services/credential/service.mjs +0 -672
- package/lib/services/credential/utils.js +0 -103
- package/lib/services/credential/utils.mjs +0 -78
- package/lib/services/dids/config.js +0 -40
- package/lib/services/dids/config.mjs +0 -31
- package/lib/services/dids/index.android.js +0 -19
- package/lib/services/dids/index.android.mjs +0 -15
- package/lib/services/dids/index.ios.js +0 -19
- package/lib/services/dids/index.ios.mjs +0 -15
- package/lib/services/dids/index.js +0 -23
- package/lib/services/dids/index.mjs +0 -19
- package/lib/services/dids/keypair-utils.js +0 -142
- package/lib/services/dids/keypair-utils.mjs +0 -113
- package/lib/services/dids/service-rpc.js +0 -37
- package/lib/services/dids/service-rpc.mjs +0 -33
- package/lib/services/dids/service.js +0 -100
- package/lib/services/dids/service.mjs +0 -92
- package/lib/services/edv/configs.js +0 -25
- package/lib/services/edv/configs.mjs +0 -16
- package/lib/services/edv/hmac.js +0 -88
- package/lib/services/edv/hmac.mjs +0 -63
- package/lib/services/edv/index.android.js +0 -19
- package/lib/services/edv/index.android.mjs +0 -15
- package/lib/services/edv/index.ios.js +0 -19
- package/lib/services/edv/index.ios.mjs +0 -15
- package/lib/services/edv/index.js +0 -32
- package/lib/services/edv/index.mjs +0 -24
- package/lib/services/edv/service-rpc.js +0 -78
- package/lib/services/edv/service-rpc.mjs +0 -74
- package/lib/services/edv/service.js +0 -370
- package/lib/services/edv/service.mjs +0 -357
- package/lib/services/index.js +0 -94
- package/lib/services/index.mjs +0 -92
- package/lib/services/pex/config.js +0 -29
- package/lib/services/pex/config.mjs +0 -20
- package/lib/services/pex/index.android.js +0 -19
- package/lib/services/pex/index.android.mjs +0 -15
- package/lib/services/pex/index.ios.js +0 -19
- package/lib/services/pex/index.ios.mjs +0 -15
- package/lib/services/pex/index.js +0 -12
- package/lib/services/pex/index.mjs +0 -4
- package/lib/services/pex/service-rpc.js +0 -39
- package/lib/services/pex/service-rpc.mjs +0 -35
- package/lib/services/pex/service.js +0 -91
- package/lib/services/pex/service.mjs +0 -86
- package/lib/services/pex/tests/jest.config.js +0 -25
- package/lib/services/pex/tests/jest.config.mjs +0 -23
- package/lib/services/relay-service/configs.js +0 -45
- package/lib/services/relay-service/configs.mjs +0 -36
- package/lib/services/relay-service/index.android.js +0 -21
- package/lib/services/relay-service/index.android.mjs +0 -17
- package/lib/services/relay-service/index.ios.js +0 -21
- package/lib/services/relay-service/index.ios.mjs +0 -17
- package/lib/services/relay-service/index.js +0 -14
- package/lib/services/relay-service/index.mjs +0 -6
- package/lib/services/relay-service/service-rpc.js +0 -47
- package/lib/services/relay-service/service-rpc.mjs +0 -43
- package/lib/services/relay-service/service.js +0 -181
- package/lib/services/relay-service/service.mjs +0 -173
- package/lib/services/rpc-service-client.js +0 -36
- package/lib/services/rpc-service-client.mjs +0 -28
- package/lib/services/sandbox.js +0 -10
- package/lib/services/sandbox.mjs +0 -8
- package/lib/services/storage/configs.js +0 -7
- package/lib/services/storage/configs.mjs +0 -3
- package/lib/services/storage/index.android.js +0 -18
- package/lib/services/storage/index.android.mjs +0 -14
- package/lib/services/storage/index.ios.js +0 -18
- package/lib/services/storage/index.ios.mjs +0 -14
- package/lib/services/storage/index.js +0 -26
- package/lib/services/storage/index.mjs +0 -24
- package/lib/services/storage/service-rpc.js +0 -37
- package/lib/services/storage/service-rpc.mjs +0 -33
- package/lib/services/storage/service.js +0 -32
- package/lib/services/storage/service.mjs +0 -27
- package/lib/services/test-utils.js +0 -98
- package/lib/services/test-utils.mjs +0 -84
- package/lib/services/util-crypto/configs.js +0 -23
- package/lib/services/util-crypto/configs.mjs +0 -15
- package/lib/services/util-crypto/index.android.js +0 -19
- package/lib/services/util-crypto/index.android.mjs +0 -15
- package/lib/services/util-crypto/index.ios.js +0 -19
- package/lib/services/util-crypto/index.ios.mjs +0 -15
- package/lib/services/util-crypto/index.js +0 -14
- package/lib/services/util-crypto/index.mjs +0 -6
- package/lib/services/util-crypto/service-rpc.js +0 -42
- package/lib/services/util-crypto/service-rpc.mjs +0 -38
- package/lib/services/util-crypto/service.js +0 -108
- package/lib/services/util-crypto/service.mjs +0 -83
- package/lib/services/wallet/configs.js +0 -32
- package/lib/services/wallet/configs.mjs +0 -23
- package/lib/services/wallet/index.android.js +0 -21
- package/lib/services/wallet/index.android.mjs +0 -17
- package/lib/services/wallet/index.ios.js +0 -21
- package/lib/services/wallet/index.ios.mjs +0 -17
- package/lib/services/wallet/index.js +0 -17
- package/lib/services/wallet/index.mjs +0 -9
- package/lib/services/wallet/service-rpc.js +0 -33
- package/lib/services/wallet/service-rpc.mjs +0 -29
- package/lib/services/wallet/service.js +0 -62
- package/lib/services/wallet/service.mjs +0 -57
- package/lib/setup-nodejs.js +0 -93
- package/lib/setup-nodejs.mjs +0 -91
- package/lib/setup-tests.js +0 -92
- package/lib/setup-tests.mjs +0 -90
- package/lib/src/core/crypto.d.ts +0 -8
- package/lib/src/core/crypto.d.ts.map +0 -1
- package/lib/src/core/format-utils.d.ts +0 -26
- package/lib/src/core/format-utils.d.ts.map +0 -1
- package/lib/src/core/logger.d.ts +0 -3
- package/lib/src/core/logger.d.ts.map +0 -1
- package/lib/src/core/storage.d.ts +0 -8
- package/lib/src/core/storage.d.ts.map +0 -1
- package/lib/src/core/validation.d.ts +0 -6
- package/lib/src/core/validation.d.ts.map +0 -1
- package/lib/src/errors.d.ts +0 -7
- package/lib/src/errors.d.ts.map +0 -1
- package/lib/src/logger.d.ts +0 -5
- package/lib/src/logger.d.ts.map +0 -1
- package/lib/src/modules/event-manager.d.ts +0 -12
- package/lib/src/modules/event-manager.d.ts.map +0 -1
- package/lib/src/modules/network-manager.d.ts +0 -32
- package/lib/src/modules/network-manager.d.ts.map +0 -1
- package/lib/src/rpc-client.d.ts +0 -4
- package/lib/src/rpc-client.d.ts.map +0 -1
- package/lib/src/rpc-util.d.ts +0 -11
- package/lib/src/rpc-util.d.ts.map +0 -1
- package/lib/src/services/blockchain/cached-did-resolver.d.ts +0 -28
- package/lib/src/services/blockchain/cached-did-resolver.d.ts.map +0 -1
- package/lib/src/services/blockchain/cached-did-resolver.test.d.ts +0 -2
- package/lib/src/services/blockchain/cached-did-resolver.test.d.ts.map +0 -1
- package/lib/src/services/blockchain/configs.d.ts +0 -7
- package/lib/src/services/blockchain/configs.d.ts.map +0 -1
- package/lib/src/services/blockchain/service.d.ts +0 -155
- package/lib/src/services/blockchain/service.d.ts.map +0 -1
- package/lib/src/services/credential/bbs-revocation.d.ts +0 -10
- package/lib/src/services/credential/bbs-revocation.d.ts.map +0 -1
- package/lib/src/services/credential/bound-check.d.ts +0 -61
- package/lib/src/services/credential/bound-check.d.ts.map +0 -1
- package/lib/src/services/credential/bound-check.test.d.ts +0 -2
- package/lib/src/services/credential/bound-check.test.d.ts.map +0 -1
- package/lib/src/services/credential/config.d.ts +0 -10
- package/lib/src/services/credential/config.d.ts.map +0 -1
- package/lib/src/services/credential/delegatable-credentials.d.ts +0 -272
- package/lib/src/services/credential/delegatable-credentials.d.ts.map +0 -1
- package/lib/src/services/credential/index.d.ts +0 -35
- package/lib/src/services/credential/index.d.ts.map +0 -1
- package/lib/src/services/credential/pex-helpers.d.ts +0 -23
- package/lib/src/services/credential/pex-helpers.d.ts.map +0 -1
- package/lib/src/services/credential/range-proofs-example.d.ts +0 -2
- package/lib/src/services/credential/range-proofs-example.d.ts.map +0 -1
- package/lib/src/services/credential/sd-jwt.test.d.ts +0 -2
- package/lib/src/services/credential/sd-jwt.test.d.ts.map +0 -1
- package/lib/src/services/credential/service.d.ts +0 -313
- package/lib/src/services/credential/service.d.ts.map +0 -1
- package/lib/src/services/credential/utils.d.ts +0 -3
- package/lib/src/services/credential/utils.d.ts.map +0 -1
- package/lib/src/services/dids/config.d.ts +0 -24
- package/lib/src/services/dids/config.d.ts.map +0 -1
- package/lib/src/services/dids/keypair-utils.d.ts +0 -15
- package/lib/src/services/dids/keypair-utils.d.ts.map +0 -1
- package/lib/src/services/dids/service-rpc.d.ts +0 -11
- package/lib/src/services/dids/service-rpc.d.ts.map +0 -1
- package/lib/src/services/dids/service.d.ts +0 -70
- package/lib/src/services/dids/service.d.ts.map +0 -1
- package/lib/src/services/edv/configs.d.ts +0 -12
- package/lib/src/services/edv/configs.d.ts.map +0 -1
- package/lib/src/services/edv/hmac.d.ts +0 -29
- package/lib/src/services/edv/hmac.d.ts.map +0 -1
- package/lib/src/services/edv/service.d.ts +0 -229
- package/lib/src/services/edv/service.d.ts.map +0 -1
- package/lib/src/services/pex/config.d.ts +0 -21
- package/lib/src/services/pex/config.d.ts.map +0 -1
- package/lib/src/services/pex/service.d.ts +0 -21
- package/lib/src/services/pex/service.d.ts.map +0 -1
- package/lib/src/services/relay-service/configs.d.ts +0 -35
- package/lib/src/services/relay-service/configs.d.ts.map +0 -1
- package/lib/src/services/relay-service/service-rpc.d.ts +0 -12
- package/lib/src/services/relay-service/service-rpc.d.ts.map +0 -1
- package/lib/src/services/relay-service/service.d.ts +0 -159
- package/lib/src/services/relay-service/service.d.ts.map +0 -1
- package/lib/src/services/rpc-service-client.d.ts +0 -7
- package/lib/src/services/rpc-service-client.d.ts.map +0 -1
- package/lib/src/services/storage/configs.d.ts +0 -2
- package/lib/src/services/storage/configs.d.ts.map +0 -1
- package/lib/src/services/storage/index.d.ts +0 -2
- package/lib/src/services/storage/index.d.ts.map +0 -1
- package/lib/src/services/storage/service-rpc.d.ts +0 -9
- package/lib/src/services/storage/service-rpc.d.ts.map +0 -1
- package/lib/src/services/storage/service.d.ts +0 -10
- package/lib/src/services/storage/service.d.ts.map +0 -1
- package/lib/src/services/util-crypto/configs.d.ts +0 -5
- package/lib/src/services/util-crypto/configs.d.ts.map +0 -1
- package/lib/src/services/util-crypto/index.d.ts +0 -2
- package/lib/src/services/util-crypto/index.d.ts.map +0 -1
- package/lib/src/services/util-crypto/service.d.ts +0 -10
- package/lib/src/services/util-crypto/service.d.ts.map +0 -1
- package/lib/src/services/wallet/configs.d.ts +0 -13
- package/lib/src/services/wallet/configs.d.ts.map +0 -1
- package/lib/src/services/wallet/service.d.ts +0 -13
- package/lib/src/services/wallet/service.d.ts.map +0 -1
- package/lib/src/types.d.ts +0 -12
- package/lib/src/types.d.ts.map +0 -1
- package/lib/src/wallet/memory-storage-interface.d.ts +0 -31
- package/lib/src/wallet/memory-storage-interface.d.ts.map +0 -1
- package/lib/src/wallet/memory-storage-wallet.d.ts +0 -6
- package/lib/src/wallet/memory-storage-wallet.d.ts.map +0 -1
- package/lib/src/wallet/rpc-storage-interface.d.ts +0 -32
- package/lib/src/wallet/rpc-storage-interface.d.ts.map +0 -1
- package/lib/src/wallet/rpc-storage-wallet.d.ts +0 -6
- package/lib/src/wallet/rpc-storage-wallet.d.ts.map +0 -1
- package/lib/test-utils.js +0 -46
- package/lib/test-utils.mjs +0 -38
- package/lib/tsconfig.tsbuildinfo +0 -1
- package/lib/types.js +0 -7
- package/lib/types.mjs +0 -3
- package/lib/wallet/memory-storage-interface.js +0 -101
- package/lib/wallet/memory-storage-interface.mjs +0 -95
- package/lib/wallet/memory-storage-wallet.js +0 -30
- package/lib/wallet/memory-storage-wallet.mjs +0 -24
- package/lib/wallet/rpc-storage-interface.js +0 -134
- package/lib/wallet/rpc-storage-interface.mjs +0 -128
- package/lib/wallet/rpc-storage-wallet.js +0 -46
- package/lib/wallet/rpc-storage-wallet.mjs +0 -40
|
@@ -1,47 +0,0 @@
|
|
|
1
|
-
import assert from 'assert';
|
|
2
|
-
|
|
3
|
-
// @ts-nocheck
|
|
4
|
-
const serviceName = 'credentials';
|
|
5
|
-
const validation = {
|
|
6
|
-
generateCredential: params => {
|
|
7
|
-
const { subject } = params;
|
|
8
|
-
if (subject) {
|
|
9
|
-
assert(typeof subject === 'object', 'invalid subject');
|
|
10
|
-
assert(Object.keys(subject).length > 0, 'invalid subject');
|
|
11
|
-
}
|
|
12
|
-
},
|
|
13
|
-
verifyCredential: params => {
|
|
14
|
-
const { credential } = params;
|
|
15
|
-
assert(typeof credential === 'object' || typeof credential === 'string', 'invalid credential');
|
|
16
|
-
if (typeof credential === 'object') {
|
|
17
|
-
assert(Object.keys(credential).length > 0, 'invalid credential');
|
|
18
|
-
}
|
|
19
|
-
},
|
|
20
|
-
createBBSPresentation: params => {
|
|
21
|
-
const { credentials } = params;
|
|
22
|
-
assert(Array.isArray(credentials), 'invalid credentials');
|
|
23
|
-
assert(credentials.length > 0, 'no credential found');
|
|
24
|
-
},
|
|
25
|
-
deriveVCFromPresentation: params => {
|
|
26
|
-
const { credentials } = params;
|
|
27
|
-
assert(Array.isArray(credentials), 'invalid credentials');
|
|
28
|
-
assert(credentials.length > 0, 'no credential found');
|
|
29
|
-
},
|
|
30
|
-
signCredential: params => {
|
|
31
|
-
const { vcJson, keyDoc } = params;
|
|
32
|
-
assert(typeof vcJson === 'object', 'invalid vcJson');
|
|
33
|
-
assert(typeof keyDoc === 'object', 'invalid keyDoc');
|
|
34
|
-
assert(typeof keyDoc.publicKeyBase58 === 'string', 'publicKeyBase58 is not present');
|
|
35
|
-
},
|
|
36
|
-
createPresentation: params => {
|
|
37
|
-
const { credentials, keyDoc, challenge, id } = params;
|
|
38
|
-
assert(typeof id === 'string', 'invalid id');
|
|
39
|
-
assert(typeof keyDoc === 'object', 'invalid KeyDoc');
|
|
40
|
-
assert(typeof challenge === 'string', 'invalid challenge');
|
|
41
|
-
assert(Array.isArray(credentials), 'invalid credentials');
|
|
42
|
-
assert(credentials.length > 0, 'no credential found');
|
|
43
|
-
assert(typeof keyDoc.publicKeyBase58 === 'string', 'publicKeyBase58 is not present');
|
|
44
|
-
},
|
|
45
|
-
};
|
|
46
|
-
|
|
47
|
-
export { serviceName, validation };
|
|
@@ -1,300 +0,0 @@
|
|
|
1
|
-
'use strict';
|
|
2
|
-
|
|
3
|
-
Object.defineProperty(exports, '__esModule', { value: true });
|
|
4
|
-
|
|
5
|
-
var cedar = require('@cedar-policy/cedar-wasm/nodejs');
|
|
6
|
-
var vc = require('@docknetwork/credential-sdk/vc');
|
|
7
|
-
var vcDelegationEngine = require('@docknetwork/vc-delegation-engine');
|
|
8
|
-
var keypairs = require('@docknetwork/universal-wallet/methods/keypairs');
|
|
9
|
-
var services_blockchain_service = require('../blockchain/service.js');
|
|
10
|
-
require('@cosmjs/proto-signing');
|
|
11
|
-
require('@docknetwork/cheqd-blockchain-api');
|
|
12
|
-
require('@docknetwork/cheqd-blockchain-modules');
|
|
13
|
-
require('@docknetwork/credential-sdk/modules');
|
|
14
|
-
require('@docknetwork/credential-sdk/resolver');
|
|
15
|
-
require('@docknetwork/crypto-wasm-ts/lib/index');
|
|
16
|
-
require('events');
|
|
17
|
-
require('../../core/logger.js');
|
|
18
|
-
require('../../modules/event-manager.js');
|
|
19
|
-
require('assert');
|
|
20
|
-
require('../util-crypto/service.js');
|
|
21
|
-
require('@docknetwork/credential-sdk/utils');
|
|
22
|
-
require('@scure/bip39');
|
|
23
|
-
require('@scure/bip39/wordlists/english');
|
|
24
|
-
require('../util-crypto/configs.js');
|
|
25
|
-
require('@docknetwork/credential-sdk/types');
|
|
26
|
-
require('../blockchain/cached-did-resolver.js');
|
|
27
|
-
require('../storage/index.js');
|
|
28
|
-
require('../storage/service.js');
|
|
29
|
-
require('../storage/service-rpc.js');
|
|
30
|
-
require('../rpc-service-client.js');
|
|
31
|
-
require('../../rpc-client.js');
|
|
32
|
-
require('json-rpc-2.0');
|
|
33
|
-
require('../../core/crypto.js');
|
|
34
|
-
require('crypto');
|
|
35
|
-
require('../../logger.js');
|
|
36
|
-
require('../../rpc-util.js');
|
|
37
|
-
|
|
38
|
-
function _interopNamespace(e) {
|
|
39
|
-
if (e && e.__esModule) return e;
|
|
40
|
-
var n = Object.create(null);
|
|
41
|
-
if (e) {
|
|
42
|
-
Object.keys(e).forEach(function (k) {
|
|
43
|
-
if (k !== 'default') {
|
|
44
|
-
var d = Object.getOwnPropertyDescriptor(e, k);
|
|
45
|
-
Object.defineProperty(n, k, d.get ? d : {
|
|
46
|
-
enumerable: true,
|
|
47
|
-
get: function () { return e[k]; }
|
|
48
|
-
});
|
|
49
|
-
}
|
|
50
|
-
});
|
|
51
|
-
}
|
|
52
|
-
n["default"] = e;
|
|
53
|
-
return Object.freeze(n);
|
|
54
|
-
}
|
|
55
|
-
|
|
56
|
-
var cedar__namespace = /*#__PURE__*/_interopNamespace(cedar);
|
|
57
|
-
|
|
58
|
-
// @ts-nocheck
|
|
59
|
-
/**
|
|
60
|
-
* Prepares a key document for signing by creating a proper keypair with signer capability
|
|
61
|
-
* @param keyDoc - The key document with id, controller, type, and key material
|
|
62
|
-
* @returns A key document with an active signer
|
|
63
|
-
*/
|
|
64
|
-
function prepareKeyForSigning(keyDoc) {
|
|
65
|
-
const kp = keypairs.getKeypairFromDoc(keyDoc);
|
|
66
|
-
// Get the signer from the keypair - this returns an object with id and sign method
|
|
67
|
-
const signer = kp.signer();
|
|
68
|
-
// Set the id on the signer to match the verification method
|
|
69
|
-
signer.id = keyDoc.id;
|
|
70
|
-
return {
|
|
71
|
-
...keyDoc,
|
|
72
|
-
keypair: kp,
|
|
73
|
-
signer,
|
|
74
|
-
};
|
|
75
|
-
}
|
|
76
|
-
/**
|
|
77
|
-
* W3C Credentials V1 context URL
|
|
78
|
-
*/
|
|
79
|
-
const W3C_CREDENTIALS_V1 = 'https://www.w3.org/2018/credentials/v1';
|
|
80
|
-
/**
|
|
81
|
-
* Namespace used by the vc-delegation-engine for delegation properties
|
|
82
|
-
*/
|
|
83
|
-
const DELEGATION_ENGINE_NS = 'https://ld.truvera.io/credentials/delegation#';
|
|
84
|
-
/**
|
|
85
|
-
* Base delegation context terms required for delegation credentials.
|
|
86
|
-
* These terms define the JSON-LD mappings needed for the vc-delegation-engine
|
|
87
|
-
* to properly process delegation chains.
|
|
88
|
-
*
|
|
89
|
-
* Use this as a base and extend with your own application-specific terms:
|
|
90
|
-
* @example
|
|
91
|
-
* const myContext = [
|
|
92
|
-
* W3C_CREDENTIALS_V1,
|
|
93
|
-
* {
|
|
94
|
-
* ...DELEGATION_CONTEXT_TERMS,
|
|
95
|
-
* // Add your custom terms here
|
|
96
|
-
* MyCredentialType: 'https://example.org/MyCredentialType',
|
|
97
|
-
* myField: 'https://example.org/myField',
|
|
98
|
-
* },
|
|
99
|
-
* ];
|
|
100
|
-
*/
|
|
101
|
-
const DELEGATION_CONTEXT_TERMS = {
|
|
102
|
-
'@version': 1.1,
|
|
103
|
-
'@protected': true,
|
|
104
|
-
DelegationCredential: `${DELEGATION_ENGINE_NS}DelegationCredential`,
|
|
105
|
-
mayClaim: { '@id': vcDelegationEngine.MAY_CLAIM_IRI, '@container': '@set' },
|
|
106
|
-
rootCredentialId: { '@id': `${DELEGATION_ENGINE_NS}rootCredentialId`, '@type': '@id' },
|
|
107
|
-
previousCredentialId: { '@id': `${DELEGATION_ENGINE_NS}previousCredentialId`, '@type': '@id' },
|
|
108
|
-
};
|
|
109
|
-
/**
|
|
110
|
-
* Default context for verifiable presentations
|
|
111
|
-
*/
|
|
112
|
-
const PRESENTATION_CONTEXT = [W3C_CREDENTIALS_V1];
|
|
113
|
-
/**
|
|
114
|
-
* Issues a delegation credential that grants authority to a delegate
|
|
115
|
-
* @param keyPair - The key pair to sign the credential
|
|
116
|
-
* @param params - Delegation parameters
|
|
117
|
-
* @returns Signed delegation credential
|
|
118
|
-
*/
|
|
119
|
-
async function issueDelegationCredential(keyPair, credential) {
|
|
120
|
-
const preparedKey = prepareKeyForSigning(keyPair);
|
|
121
|
-
return vc.issueCredential(preparedKey, credential);
|
|
122
|
-
}
|
|
123
|
-
/**
|
|
124
|
-
* Issues a credential as a delegate (with delegation chain reference)
|
|
125
|
-
* @param keyPair - The delegate's key pair to sign the credential
|
|
126
|
-
* @param params - Credential parameters
|
|
127
|
-
* @returns Signed credential
|
|
128
|
-
*/
|
|
129
|
-
async function issueDelegatedCredential(keyPair, credential) {
|
|
130
|
-
const preparedKey = prepareKeyForSigning(keyPair);
|
|
131
|
-
return vc.issueCredential(preparedKey, credential);
|
|
132
|
-
}
|
|
133
|
-
/**
|
|
134
|
-
* Creates and signs a verifiable presentation with delegation credentials
|
|
135
|
-
* @param keyPair - The key pair to sign the presentation
|
|
136
|
-
* @param params - Presentation parameters
|
|
137
|
-
* @returns Signed verifiable presentation
|
|
138
|
-
*/
|
|
139
|
-
async function createSignedPresentation(keyPair, params) {
|
|
140
|
-
const { credentials, holderDid, challenge, domain, context = PRESENTATION_CONTEXT, } = params;
|
|
141
|
-
const presentation = {
|
|
142
|
-
'@context': context,
|
|
143
|
-
type: ['VerifiablePresentation'],
|
|
144
|
-
holder: holderDid,
|
|
145
|
-
verifiableCredential: credentials,
|
|
146
|
-
};
|
|
147
|
-
// Create key document for signing with proper keypair
|
|
148
|
-
const keyDoc = {
|
|
149
|
-
...keyPair,
|
|
150
|
-
id: keyPair.id || `${holderDid}#keys-1`,
|
|
151
|
-
controller: keyPair.controller || holderDid,
|
|
152
|
-
};
|
|
153
|
-
const preparedKey = prepareKeyForSigning(keyDoc);
|
|
154
|
-
return vc.signPresentation(presentation, preparedKey, challenge, domain);
|
|
155
|
-
}
|
|
156
|
-
/**
|
|
157
|
-
* Verifies a verifiable presentation with optional delegation chain validation
|
|
158
|
-
* Uses the credential-sdk's verifyPresentation which automatically:
|
|
159
|
-
* 1. Verifies the presentation signature
|
|
160
|
-
* 2. Verifies all credentials
|
|
161
|
-
* 3. Detects delegation credentials
|
|
162
|
-
* 4. Validates the delegation chain
|
|
163
|
-
* 5. Applies Cedar policies if provided
|
|
164
|
-
*
|
|
165
|
-
* @param vp - The verifiable presentation to verify
|
|
166
|
-
* @param options - Verification options
|
|
167
|
-
* @returns Verification result with delegation info if applicable
|
|
168
|
-
*/
|
|
169
|
-
async function verifyDelegatablePresentation(vp, options = {}) {
|
|
170
|
-
const { challenge = vp.proof?.challenge || 'default-challenge', domain = vp.proof?.domain || 'default-domain', unsignedPresentation = false, failOnUnauthorizedClaims = true, policies, } = options;
|
|
171
|
-
const verifyOptions = {
|
|
172
|
-
challenge,
|
|
173
|
-
domain,
|
|
174
|
-
documentLoader: vc.documentLoader(services_blockchain_service.blockchainService.resolver),
|
|
175
|
-
unsignedPresentation,
|
|
176
|
-
failOnUnauthorizedClaims,
|
|
177
|
-
};
|
|
178
|
-
// Add Cedar authorization if policies are provided
|
|
179
|
-
if (policies) {
|
|
180
|
-
verifyOptions.cedarAuth = {
|
|
181
|
-
policies,
|
|
182
|
-
cedar: cedar__namespace,
|
|
183
|
-
};
|
|
184
|
-
}
|
|
185
|
-
return vc.verifyPresentation(vp, verifyOptions);
|
|
186
|
-
}
|
|
187
|
-
/**
|
|
188
|
-
* Creates a Cedar policy for delegation verification
|
|
189
|
-
* @param config - Policy configuration
|
|
190
|
-
* @returns Cedar policy object
|
|
191
|
-
*/
|
|
192
|
-
function createCedarPolicy(config) {
|
|
193
|
-
const { maxDepth = 2, rootIssuer, requiredClaims = {} } = config;
|
|
194
|
-
let claimsConditions = '';
|
|
195
|
-
for (const [key, value] of Object.entries(requiredClaims)) {
|
|
196
|
-
if (typeof value === 'number') {
|
|
197
|
-
claimsConditions += ` &&\n context.authorizedClaims.${key} >= ${value}`;
|
|
198
|
-
}
|
|
199
|
-
else if (typeof value === 'string') {
|
|
200
|
-
claimsConditions += ` &&\n context.authorizedClaims.${key} == "${value}"`;
|
|
201
|
-
}
|
|
202
|
-
}
|
|
203
|
-
const policyText = `
|
|
204
|
-
permit(
|
|
205
|
-
principal in Credential::Chain::"Action:Verify",
|
|
206
|
-
action == Credential::Action::"Verify",
|
|
207
|
-
resource
|
|
208
|
-
) when {
|
|
209
|
-
principal == context.vpSigner &&
|
|
210
|
-
context.tailDepth <= ${maxDepth} &&
|
|
211
|
-
context.rootIssuer == Credential::Actor::"${rootIssuer}"${claimsConditions}
|
|
212
|
-
};
|
|
213
|
-
`;
|
|
214
|
-
return { staticPolicies: policyText };
|
|
215
|
-
}
|
|
216
|
-
/**
|
|
217
|
-
* Creates an unsigned verifiable presentation (for testing)
|
|
218
|
-
* @param credentials - Array of credentials to include
|
|
219
|
-
* @param proof - Optional proof object
|
|
220
|
-
* @param context - Optional context
|
|
221
|
-
* @returns Verifiable presentation object
|
|
222
|
-
*/
|
|
223
|
-
function createUnsignedPresentation(credentials, proof, context = PRESENTATION_CONTEXT) {
|
|
224
|
-
const vp = {
|
|
225
|
-
'@context': context,
|
|
226
|
-
type: ['VerifiablePresentation'],
|
|
227
|
-
verifiableCredential: credentials,
|
|
228
|
-
};
|
|
229
|
-
if (proof) {
|
|
230
|
-
vp.proof = proof;
|
|
231
|
-
}
|
|
232
|
-
return vp;
|
|
233
|
-
}
|
|
234
|
-
/**
|
|
235
|
-
* Service class for delegatable credentials operations
|
|
236
|
-
*/
|
|
237
|
-
class DelegatableCredentialsService {
|
|
238
|
-
name = 'delegatable-credentials';
|
|
239
|
-
rpcMethods = [
|
|
240
|
-
DelegatableCredentialsService.prototype.issueDelegation,
|
|
241
|
-
DelegatableCredentialsService.prototype.issueDelegatedCredential,
|
|
242
|
-
DelegatableCredentialsService.prototype.createPresentation,
|
|
243
|
-
DelegatableCredentialsService.prototype.verifyPresentation,
|
|
244
|
-
DelegatableCredentialsService.prototype.createPolicy,
|
|
245
|
-
];
|
|
246
|
-
/**
|
|
247
|
-
* Issues a delegation credential
|
|
248
|
-
*/
|
|
249
|
-
async issueDelegation(params) {
|
|
250
|
-
return issueDelegationCredential(params.keyPair, params);
|
|
251
|
-
}
|
|
252
|
-
/**
|
|
253
|
-
* Issues a credential as a delegate
|
|
254
|
-
*/
|
|
255
|
-
async issueDelegatedCredential(params) {
|
|
256
|
-
return issueDelegatedCredential(params.keyPair, params);
|
|
257
|
-
}
|
|
258
|
-
/**
|
|
259
|
-
* Creates and signs a verifiable presentation
|
|
260
|
-
*/
|
|
261
|
-
async createPresentation(params) {
|
|
262
|
-
return createSignedPresentation(params.keyPair, params);
|
|
263
|
-
}
|
|
264
|
-
/**
|
|
265
|
-
* Verifies a verifiable presentation with delegation chain
|
|
266
|
-
*/
|
|
267
|
-
async verifyPresentation(params) {
|
|
268
|
-
return verifyDelegatablePresentation(params.presentation, {
|
|
269
|
-
challenge: params.challenge,
|
|
270
|
-
domain: params.domain,
|
|
271
|
-
unsignedPresentation: params.unsignedPresentation,
|
|
272
|
-
failOnUnauthorizedClaims: params.failOnUnauthorizedClaims,
|
|
273
|
-
policies: params.policies,
|
|
274
|
-
});
|
|
275
|
-
}
|
|
276
|
-
/**
|
|
277
|
-
* Creates a Cedar policy for delegation verification
|
|
278
|
-
*/
|
|
279
|
-
createPolicy(params) {
|
|
280
|
-
return createCedarPolicy(params);
|
|
281
|
-
}
|
|
282
|
-
}
|
|
283
|
-
const delegatableCredentialsService = new DelegatableCredentialsService();
|
|
284
|
-
|
|
285
|
-
exports.cedar = cedar__namespace;
|
|
286
|
-
Object.defineProperty(exports, 'MAY_CLAIM_IRI', {
|
|
287
|
-
enumerable: true,
|
|
288
|
-
get: function () { return vcDelegationEngine.MAY_CLAIM_IRI; }
|
|
289
|
-
});
|
|
290
|
-
exports.DELEGATION_CONTEXT_TERMS = DELEGATION_CONTEXT_TERMS;
|
|
291
|
-
exports.DELEGATION_ENGINE_NS = DELEGATION_ENGINE_NS;
|
|
292
|
-
exports.PRESENTATION_CONTEXT = PRESENTATION_CONTEXT;
|
|
293
|
-
exports.W3C_CREDENTIALS_V1 = W3C_CREDENTIALS_V1;
|
|
294
|
-
exports.createCedarPolicy = createCedarPolicy;
|
|
295
|
-
exports.createSignedPresentation = createSignedPresentation;
|
|
296
|
-
exports.createUnsignedPresentation = createUnsignedPresentation;
|
|
297
|
-
exports.delegatableCredentialsService = delegatableCredentialsService;
|
|
298
|
-
exports.issueDelegatedCredential = issueDelegatedCredential;
|
|
299
|
-
exports.issueDelegationCredential = issueDelegationCredential;
|
|
300
|
-
exports.verifyDelegatablePresentation = verifyDelegatablePresentation;
|
|
@@ -1,263 +0,0 @@
|
|
|
1
|
-
import * as cedar from '@cedar-policy/cedar-wasm/nodejs';
|
|
2
|
-
export { cedar };
|
|
3
|
-
import { issueCredential, signPresentation, documentLoader, verifyPresentation } from '@docknetwork/credential-sdk/vc';
|
|
4
|
-
import { MAY_CLAIM_IRI } from '@docknetwork/vc-delegation-engine';
|
|
5
|
-
export { MAY_CLAIM_IRI } from '@docknetwork/vc-delegation-engine';
|
|
6
|
-
import { getKeypairFromDoc } from '@docknetwork/universal-wallet/methods/keypairs';
|
|
7
|
-
import { blockchainService } from '../blockchain/service.mjs';
|
|
8
|
-
import '@cosmjs/proto-signing';
|
|
9
|
-
import '@docknetwork/cheqd-blockchain-api';
|
|
10
|
-
import '@docknetwork/cheqd-blockchain-modules';
|
|
11
|
-
import '@docknetwork/credential-sdk/modules';
|
|
12
|
-
import '@docknetwork/credential-sdk/resolver';
|
|
13
|
-
import '@docknetwork/crypto-wasm-ts/lib/index';
|
|
14
|
-
import 'events';
|
|
15
|
-
import '../../core/logger.mjs';
|
|
16
|
-
import '../../modules/event-manager.mjs';
|
|
17
|
-
import 'assert';
|
|
18
|
-
import '../util-crypto/service.mjs';
|
|
19
|
-
import '@docknetwork/credential-sdk/utils';
|
|
20
|
-
import '@scure/bip39';
|
|
21
|
-
import '@scure/bip39/wordlists/english';
|
|
22
|
-
import '../util-crypto/configs.mjs';
|
|
23
|
-
import '@docknetwork/credential-sdk/types';
|
|
24
|
-
import '../blockchain/cached-did-resolver.mjs';
|
|
25
|
-
import '../storage/index.mjs';
|
|
26
|
-
import '../storage/service.mjs';
|
|
27
|
-
import '../storage/service-rpc.mjs';
|
|
28
|
-
import '../rpc-service-client.mjs';
|
|
29
|
-
import '../../rpc-client.mjs';
|
|
30
|
-
import 'json-rpc-2.0';
|
|
31
|
-
import '../../core/crypto.mjs';
|
|
32
|
-
import 'crypto';
|
|
33
|
-
import '../../logger.mjs';
|
|
34
|
-
import '../../rpc-util.mjs';
|
|
35
|
-
|
|
36
|
-
// @ts-nocheck
|
|
37
|
-
/**
|
|
38
|
-
* Prepares a key document for signing by creating a proper keypair with signer capability
|
|
39
|
-
* @param keyDoc - The key document with id, controller, type, and key material
|
|
40
|
-
* @returns A key document with an active signer
|
|
41
|
-
*/
|
|
42
|
-
function prepareKeyForSigning(keyDoc) {
|
|
43
|
-
const kp = getKeypairFromDoc(keyDoc);
|
|
44
|
-
// Get the signer from the keypair - this returns an object with id and sign method
|
|
45
|
-
const signer = kp.signer();
|
|
46
|
-
// Set the id on the signer to match the verification method
|
|
47
|
-
signer.id = keyDoc.id;
|
|
48
|
-
return {
|
|
49
|
-
...keyDoc,
|
|
50
|
-
keypair: kp,
|
|
51
|
-
signer,
|
|
52
|
-
};
|
|
53
|
-
}
|
|
54
|
-
/**
|
|
55
|
-
* W3C Credentials V1 context URL
|
|
56
|
-
*/
|
|
57
|
-
const W3C_CREDENTIALS_V1 = 'https://www.w3.org/2018/credentials/v1';
|
|
58
|
-
/**
|
|
59
|
-
* Namespace used by the vc-delegation-engine for delegation properties
|
|
60
|
-
*/
|
|
61
|
-
const DELEGATION_ENGINE_NS = 'https://ld.truvera.io/credentials/delegation#';
|
|
62
|
-
/**
|
|
63
|
-
* Base delegation context terms required for delegation credentials.
|
|
64
|
-
* These terms define the JSON-LD mappings needed for the vc-delegation-engine
|
|
65
|
-
* to properly process delegation chains.
|
|
66
|
-
*
|
|
67
|
-
* Use this as a base and extend with your own application-specific terms:
|
|
68
|
-
* @example
|
|
69
|
-
* const myContext = [
|
|
70
|
-
* W3C_CREDENTIALS_V1,
|
|
71
|
-
* {
|
|
72
|
-
* ...DELEGATION_CONTEXT_TERMS,
|
|
73
|
-
* // Add your custom terms here
|
|
74
|
-
* MyCredentialType: 'https://example.org/MyCredentialType',
|
|
75
|
-
* myField: 'https://example.org/myField',
|
|
76
|
-
* },
|
|
77
|
-
* ];
|
|
78
|
-
*/
|
|
79
|
-
const DELEGATION_CONTEXT_TERMS = {
|
|
80
|
-
'@version': 1.1,
|
|
81
|
-
'@protected': true,
|
|
82
|
-
DelegationCredential: `${DELEGATION_ENGINE_NS}DelegationCredential`,
|
|
83
|
-
mayClaim: { '@id': MAY_CLAIM_IRI, '@container': '@set' },
|
|
84
|
-
rootCredentialId: { '@id': `${DELEGATION_ENGINE_NS}rootCredentialId`, '@type': '@id' },
|
|
85
|
-
previousCredentialId: { '@id': `${DELEGATION_ENGINE_NS}previousCredentialId`, '@type': '@id' },
|
|
86
|
-
};
|
|
87
|
-
/**
|
|
88
|
-
* Default context for verifiable presentations
|
|
89
|
-
*/
|
|
90
|
-
const PRESENTATION_CONTEXT = [W3C_CREDENTIALS_V1];
|
|
91
|
-
/**
|
|
92
|
-
* Issues a delegation credential that grants authority to a delegate
|
|
93
|
-
* @param keyPair - The key pair to sign the credential
|
|
94
|
-
* @param params - Delegation parameters
|
|
95
|
-
* @returns Signed delegation credential
|
|
96
|
-
*/
|
|
97
|
-
async function issueDelegationCredential(keyPair, credential) {
|
|
98
|
-
const preparedKey = prepareKeyForSigning(keyPair);
|
|
99
|
-
return issueCredential(preparedKey, credential);
|
|
100
|
-
}
|
|
101
|
-
/**
|
|
102
|
-
* Issues a credential as a delegate (with delegation chain reference)
|
|
103
|
-
* @param keyPair - The delegate's key pair to sign the credential
|
|
104
|
-
* @param params - Credential parameters
|
|
105
|
-
* @returns Signed credential
|
|
106
|
-
*/
|
|
107
|
-
async function issueDelegatedCredential(keyPair, credential) {
|
|
108
|
-
const preparedKey = prepareKeyForSigning(keyPair);
|
|
109
|
-
return issueCredential(preparedKey, credential);
|
|
110
|
-
}
|
|
111
|
-
/**
|
|
112
|
-
* Creates and signs a verifiable presentation with delegation credentials
|
|
113
|
-
* @param keyPair - The key pair to sign the presentation
|
|
114
|
-
* @param params - Presentation parameters
|
|
115
|
-
* @returns Signed verifiable presentation
|
|
116
|
-
*/
|
|
117
|
-
async function createSignedPresentation(keyPair, params) {
|
|
118
|
-
const { credentials, holderDid, challenge, domain, context = PRESENTATION_CONTEXT, } = params;
|
|
119
|
-
const presentation = {
|
|
120
|
-
'@context': context,
|
|
121
|
-
type: ['VerifiablePresentation'],
|
|
122
|
-
holder: holderDid,
|
|
123
|
-
verifiableCredential: credentials,
|
|
124
|
-
};
|
|
125
|
-
// Create key document for signing with proper keypair
|
|
126
|
-
const keyDoc = {
|
|
127
|
-
...keyPair,
|
|
128
|
-
id: keyPair.id || `${holderDid}#keys-1`,
|
|
129
|
-
controller: keyPair.controller || holderDid,
|
|
130
|
-
};
|
|
131
|
-
const preparedKey = prepareKeyForSigning(keyDoc);
|
|
132
|
-
return signPresentation(presentation, preparedKey, challenge, domain);
|
|
133
|
-
}
|
|
134
|
-
/**
|
|
135
|
-
* Verifies a verifiable presentation with optional delegation chain validation
|
|
136
|
-
* Uses the credential-sdk's verifyPresentation which automatically:
|
|
137
|
-
* 1. Verifies the presentation signature
|
|
138
|
-
* 2. Verifies all credentials
|
|
139
|
-
* 3. Detects delegation credentials
|
|
140
|
-
* 4. Validates the delegation chain
|
|
141
|
-
* 5. Applies Cedar policies if provided
|
|
142
|
-
*
|
|
143
|
-
* @param vp - The verifiable presentation to verify
|
|
144
|
-
* @param options - Verification options
|
|
145
|
-
* @returns Verification result with delegation info if applicable
|
|
146
|
-
*/
|
|
147
|
-
async function verifyDelegatablePresentation(vp, options = {}) {
|
|
148
|
-
const { challenge = vp.proof?.challenge || 'default-challenge', domain = vp.proof?.domain || 'default-domain', unsignedPresentation = false, failOnUnauthorizedClaims = true, policies, } = options;
|
|
149
|
-
const verifyOptions = {
|
|
150
|
-
challenge,
|
|
151
|
-
domain,
|
|
152
|
-
documentLoader: documentLoader(blockchainService.resolver),
|
|
153
|
-
unsignedPresentation,
|
|
154
|
-
failOnUnauthorizedClaims,
|
|
155
|
-
};
|
|
156
|
-
// Add Cedar authorization if policies are provided
|
|
157
|
-
if (policies) {
|
|
158
|
-
verifyOptions.cedarAuth = {
|
|
159
|
-
policies,
|
|
160
|
-
cedar,
|
|
161
|
-
};
|
|
162
|
-
}
|
|
163
|
-
return verifyPresentation(vp, verifyOptions);
|
|
164
|
-
}
|
|
165
|
-
/**
|
|
166
|
-
* Creates a Cedar policy for delegation verification
|
|
167
|
-
* @param config - Policy configuration
|
|
168
|
-
* @returns Cedar policy object
|
|
169
|
-
*/
|
|
170
|
-
function createCedarPolicy(config) {
|
|
171
|
-
const { maxDepth = 2, rootIssuer, requiredClaims = {} } = config;
|
|
172
|
-
let claimsConditions = '';
|
|
173
|
-
for (const [key, value] of Object.entries(requiredClaims)) {
|
|
174
|
-
if (typeof value === 'number') {
|
|
175
|
-
claimsConditions += ` &&\n context.authorizedClaims.${key} >= ${value}`;
|
|
176
|
-
}
|
|
177
|
-
else if (typeof value === 'string') {
|
|
178
|
-
claimsConditions += ` &&\n context.authorizedClaims.${key} == "${value}"`;
|
|
179
|
-
}
|
|
180
|
-
}
|
|
181
|
-
const policyText = `
|
|
182
|
-
permit(
|
|
183
|
-
principal in Credential::Chain::"Action:Verify",
|
|
184
|
-
action == Credential::Action::"Verify",
|
|
185
|
-
resource
|
|
186
|
-
) when {
|
|
187
|
-
principal == context.vpSigner &&
|
|
188
|
-
context.tailDepth <= ${maxDepth} &&
|
|
189
|
-
context.rootIssuer == Credential::Actor::"${rootIssuer}"${claimsConditions}
|
|
190
|
-
};
|
|
191
|
-
`;
|
|
192
|
-
return { staticPolicies: policyText };
|
|
193
|
-
}
|
|
194
|
-
/**
|
|
195
|
-
* Creates an unsigned verifiable presentation (for testing)
|
|
196
|
-
* @param credentials - Array of credentials to include
|
|
197
|
-
* @param proof - Optional proof object
|
|
198
|
-
* @param context - Optional context
|
|
199
|
-
* @returns Verifiable presentation object
|
|
200
|
-
*/
|
|
201
|
-
function createUnsignedPresentation(credentials, proof, context = PRESENTATION_CONTEXT) {
|
|
202
|
-
const vp = {
|
|
203
|
-
'@context': context,
|
|
204
|
-
type: ['VerifiablePresentation'],
|
|
205
|
-
verifiableCredential: credentials,
|
|
206
|
-
};
|
|
207
|
-
if (proof) {
|
|
208
|
-
vp.proof = proof;
|
|
209
|
-
}
|
|
210
|
-
return vp;
|
|
211
|
-
}
|
|
212
|
-
/**
|
|
213
|
-
* Service class for delegatable credentials operations
|
|
214
|
-
*/
|
|
215
|
-
class DelegatableCredentialsService {
|
|
216
|
-
name = 'delegatable-credentials';
|
|
217
|
-
rpcMethods = [
|
|
218
|
-
DelegatableCredentialsService.prototype.issueDelegation,
|
|
219
|
-
DelegatableCredentialsService.prototype.issueDelegatedCredential,
|
|
220
|
-
DelegatableCredentialsService.prototype.createPresentation,
|
|
221
|
-
DelegatableCredentialsService.prototype.verifyPresentation,
|
|
222
|
-
DelegatableCredentialsService.prototype.createPolicy,
|
|
223
|
-
];
|
|
224
|
-
/**
|
|
225
|
-
* Issues a delegation credential
|
|
226
|
-
*/
|
|
227
|
-
async issueDelegation(params) {
|
|
228
|
-
return issueDelegationCredential(params.keyPair, params);
|
|
229
|
-
}
|
|
230
|
-
/**
|
|
231
|
-
* Issues a credential as a delegate
|
|
232
|
-
*/
|
|
233
|
-
async issueDelegatedCredential(params) {
|
|
234
|
-
return issueDelegatedCredential(params.keyPair, params);
|
|
235
|
-
}
|
|
236
|
-
/**
|
|
237
|
-
* Creates and signs a verifiable presentation
|
|
238
|
-
*/
|
|
239
|
-
async createPresentation(params) {
|
|
240
|
-
return createSignedPresentation(params.keyPair, params);
|
|
241
|
-
}
|
|
242
|
-
/**
|
|
243
|
-
* Verifies a verifiable presentation with delegation chain
|
|
244
|
-
*/
|
|
245
|
-
async verifyPresentation(params) {
|
|
246
|
-
return verifyDelegatablePresentation(params.presentation, {
|
|
247
|
-
challenge: params.challenge,
|
|
248
|
-
domain: params.domain,
|
|
249
|
-
unsignedPresentation: params.unsignedPresentation,
|
|
250
|
-
failOnUnauthorizedClaims: params.failOnUnauthorizedClaims,
|
|
251
|
-
policies: params.policies,
|
|
252
|
-
});
|
|
253
|
-
}
|
|
254
|
-
/**
|
|
255
|
-
* Creates a Cedar policy for delegation verification
|
|
256
|
-
*/
|
|
257
|
-
createPolicy(params) {
|
|
258
|
-
return createCedarPolicy(params);
|
|
259
|
-
}
|
|
260
|
-
}
|
|
261
|
-
const delegatableCredentialsService = new DelegatableCredentialsService();
|
|
262
|
-
|
|
263
|
-
export { DELEGATION_CONTEXT_TERMS, DELEGATION_ENGINE_NS, PRESENTATION_CONTEXT, W3C_CREDENTIALS_V1, createCedarPolicy, createSignedPresentation, createUnsignedPresentation, delegatableCredentialsService, issueDelegatedCredential, issueDelegationCredential, verifyDelegatablePresentation };
|
|
@@ -1,19 +0,0 @@
|
|
|
1
|
-
'use strict';
|
|
2
|
-
|
|
3
|
-
Object.defineProperty(exports, '__esModule', { value: true });
|
|
4
|
-
|
|
5
|
-
var services_credential_serviceRpc = require('./service-rpc.js');
|
|
6
|
-
require('../rpc-service-client.js');
|
|
7
|
-
require('assert');
|
|
8
|
-
require('../../rpc-client.js');
|
|
9
|
-
require('json-rpc-2.0');
|
|
10
|
-
require('../../core/crypto.js');
|
|
11
|
-
require('crypto');
|
|
12
|
-
require('../../core/logger.js');
|
|
13
|
-
require('../../logger.js');
|
|
14
|
-
require('../../rpc-util.js');
|
|
15
|
-
require('./config.js');
|
|
16
|
-
|
|
17
|
-
const credentialServiceRPC = new services_credential_serviceRpc.CredentialServiceRPC();
|
|
18
|
-
|
|
19
|
-
exports.credentialServiceRPC = credentialServiceRPC;
|
|
@@ -1,15 +0,0 @@
|
|
|
1
|
-
import { CredentialServiceRPC } from './service-rpc.mjs';
|
|
2
|
-
import '../rpc-service-client.mjs';
|
|
3
|
-
import 'assert';
|
|
4
|
-
import '../../rpc-client.mjs';
|
|
5
|
-
import 'json-rpc-2.0';
|
|
6
|
-
import '../../core/crypto.mjs';
|
|
7
|
-
import 'crypto';
|
|
8
|
-
import '../../core/logger.mjs';
|
|
9
|
-
import '../../logger.mjs';
|
|
10
|
-
import '../../rpc-util.mjs';
|
|
11
|
-
import './config.mjs';
|
|
12
|
-
|
|
13
|
-
const credentialServiceRPC = new CredentialServiceRPC();
|
|
14
|
-
|
|
15
|
-
export { credentialServiceRPC };
|
|
@@ -1,19 +0,0 @@
|
|
|
1
|
-
'use strict';
|
|
2
|
-
|
|
3
|
-
Object.defineProperty(exports, '__esModule', { value: true });
|
|
4
|
-
|
|
5
|
-
var services_credential_serviceRpc = require('./service-rpc.js');
|
|
6
|
-
require('../rpc-service-client.js');
|
|
7
|
-
require('assert');
|
|
8
|
-
require('../../rpc-client.js');
|
|
9
|
-
require('json-rpc-2.0');
|
|
10
|
-
require('../../core/crypto.js');
|
|
11
|
-
require('crypto');
|
|
12
|
-
require('../../core/logger.js');
|
|
13
|
-
require('../../logger.js');
|
|
14
|
-
require('../../rpc-util.js');
|
|
15
|
-
require('./config.js');
|
|
16
|
-
|
|
17
|
-
const credentialServiceRPC = new services_credential_serviceRpc.CredentialServiceRPC();
|
|
18
|
-
|
|
19
|
-
exports.credentialServiceRPC = credentialServiceRPC;
|
|
@@ -1,15 +0,0 @@
|
|
|
1
|
-
import { CredentialServiceRPC } from './service-rpc.mjs';
|
|
2
|
-
import '../rpc-service-client.mjs';
|
|
3
|
-
import 'assert';
|
|
4
|
-
import '../../rpc-client.mjs';
|
|
5
|
-
import 'json-rpc-2.0';
|
|
6
|
-
import '../../core/crypto.mjs';
|
|
7
|
-
import 'crypto';
|
|
8
|
-
import '../../core/logger.mjs';
|
|
9
|
-
import '../../logger.mjs';
|
|
10
|
-
import '../../rpc-util.mjs';
|
|
11
|
-
import './config.mjs';
|
|
12
|
-
|
|
13
|
-
const credentialServiceRPC = new CredentialServiceRPC();
|
|
14
|
-
|
|
15
|
-
export { credentialServiceRPC };
|