npm - @eudi-verify/server - Versions diffs - 0.1.0 → 0.1.2 - Mend

@eudi-verify/server 0.1.0 → 0.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/README.md CHANGED Viewed

@@ -15,11 +15,11 @@ import {
   createVerifierHandlers,
   OpenEudiEngine,
   MemoryKVStore,
-} from '@eudi-verify/server';
+} from "@eudi-verify/server";
 // 1. Create engine and store
-const BASE_URL = process.env.BASE_URL || 'http://localhost:3000/api/eudi';
-const engine = new OpenEudiEngine({ mode: 'demo', baseUrl: BASE_URL });
+const BASE_URL = process.env.BASE_URL || "http://localhost:3000/api/eudi";
+const engine = new OpenEudiEngine({ mode: "demo", baseUrl: BASE_URL });
 const store = new MemoryKVStore();
 // 2. Create handlers
@@ -27,7 +27,7 @@ const handlers = createVerifierHandlers({
   engine,
   store,
   baseUrl: BASE_URL,
-  mode: 'demo',
+  mode: "demo",
   tokenSecret: process.env.TOKEN_SECRET!, // 32+ chars
 });
@@ -40,11 +40,11 @@ const handlers = createVerifierHandlers({
 ### Node.js HTTP
 ```ts
-import http from 'node:http';
+import http from "node:http";
 function buildContext(req, params = {}, body = undefined) {
   return {
-    ip: req.socket.remoteAddress ?? '127.0.0.1',
+    ip: req.socket.remoteAddress ?? "127.0.0.1",
     origin: req.headers.origin,
     params,
     body,
@@ -53,11 +53,13 @@ function buildContext(req, params = {}, body = undefined) {
 const server = http.createServer(async (req, res) => {
   const url = new URL(req.url!, `http://${req.headers.host}`);
   // Route to handlers
-  if (url.pathname === '/sessions' && req.method === 'POST') {
+  if (url.pathname === "/sessions" && req.method === "POST") {
     const body = await readBody(req);
-    const result = await handlers.createSession(buildContext(req, {}, JSON.parse(body)));
+    const result = await handlers.createSession(
+      buildContext(req, {}, JSON.parse(body)),
+    );
     sendJson(res, result.status, result.body, result.headers);
   }
   // ... other routes
@@ -67,36 +69,40 @@ const server = http.createServer(async (req, res) => {
 ### Express
 ```ts
-import express from 'express';
+import express from "express";
 const app = express();
 app.use(express.json());
 function buildContext(req, params = {}, body = undefined) {
   return {
-    ip: req.ip ?? '127.0.0.1',
+    ip: req.ip ?? "127.0.0.1",
     origin: req.headers.origin,
     params,
     body,
   };
 }
-app.post('/sessions', async (req, res) => {
+app.post("/sessions", async (req, res) => {
   const result = await handlers.createSession(buildContext(req, {}, req.body));
   res.status(result.status).set(result.headers).json(result.body);
 });
-app.get('/sessions/:id', async (req, res) => {
-  const result = await handlers.getSession(buildContext(req, { sessionId: req.params.id }));
+app.get("/sessions/:id", async (req, res) => {
+  const result = await handlers.getSession(
+    buildContext(req, { sessionId: req.params.id }),
+  );
   res.status(result.status).set(result.headers).json(result.body);
 });
-app.post('/sessions/:id/cancel', async (req, res) => {
-  const result = await handlers.cancelSession(buildContext(req, { sessionId: req.params.id }));
+app.post("/sessions/:id/cancel", async (req, res) => {
+  const result = await handlers.cancelSession(
+    buildContext(req, { sessionId: req.params.id }),
+  );
   res.status(result.status).set(result.headers).json(result.body);
 });
-app.post('/tokens/verify', async (req, res) => {
+app.post("/tokens/verify", async (req, res) => {
   const result = await handlers.verifyToken(buildContext(req, {}, req.body));
   res.status(result.status).json(result.body);
 });
@@ -105,21 +111,23 @@ app.post('/tokens/verify', async (req, res) => {
 ### Hono
 ```ts
-import { Hono } from 'hono';
+import { Hono } from "hono";
 const app = new Hono();
 function buildContext(c, params = {}, body = undefined) {
   return {
-    ip: c.req.header('x-forwarded-for') ?? '127.0.0.1',
-    origin: c.req.header('origin'),
+    ip: c.req.header("x-forwarded-for") ?? "127.0.0.1",
+    origin: c.req.header("origin"),
     params,
     body,
   };
 }
-app.post('/sessions', async (c) => {
-  const result = await handlers.createSession(buildContext(c, {}, await c.req.json()));
+app.post("/sessions", async (c) => {
+  const result = await handlers.createSession(
+    buildContext(c, {}, await c.req.json()),
+  );
   return c.json(result.body, result.status, result.headers);
 });
@@ -130,30 +138,30 @@ app.post('/sessions', async (c) => {
 ```ts
 interface VerifierConfig {
-  engine: VerifierEngine;     // OpenEudiEngine or MockEngine
-  store: IKVStore;            // MemoryKVStore (or Redis for production)
-  baseUrl: string;            // Public callback URL (e.g., https://example.com/api/eudi)
-  mode: 'demo' | 'production';
-  tokenSecret: string;        // HMAC secret, 32+ characters
-  tokenTtlMs?: number;        // Default: 300000 (5 min)
-  sessionTtlMs?: number;      // Default: 300000 (5 min)
+  engine: VerifierEngine; // OpenEudiEngine or MockEngine
+  store: IKVStore; // MemoryKVStore (or Redis for production)
+  baseUrl: string; // Public callback URL (e.g., https://example.com/api/eudi)
+  mode: "demo" | "production";
+  tokenSecret: string; // HMAC secret, 32+ characters
+  tokenTtlMs?: number; // Default: 300000 (5 min)
+  sessionTtlMs?: number; // Default: 300000 (5 min)
   rateLimit?: {
-    maxRequests: number;      // Default: 10
-    windowMs: number;         // Default: 60000 (1 min)
+    maxRequests: number; // Default: 10
+    windowMs: number; // Default: 60000 (1 min)
   };
-  allowedOrigins?: string[];  // CORS/Origin check (empty = allow all)
+  allowedOrigins?: string[]; // CORS/Origin check (empty = allow all)
 }
 ```
 ## Handlers
-| Handler | Route | Description |
-|---------|-------|-------------|
-| `createSession(body, ctx)` | `POST /sessions` | Create verification session |
-| `getSession(id)` | `GET /sessions/:id` | Get session status |
-| `cancelSession(id)` | `POST /sessions/:id/cancel` | Cancel active session |
-| `verifyToken(body)` | `POST /tokens/verify` | Validate verification token |
-| `handleCallback(data)` | `POST /callback` | Wallet callback (internal) |
+| Handler                    | Route                       | Description                 |
+| -------------------------- | --------------------------- | --------------------------- |
+| `createSession(body, ctx)` | `POST /sessions`            | Create verification session |
+| `getSession(id)`           | `GET /sessions/:id`         | Get session status          |
+| `cancelSession(id)`        | `POST /sessions/:id/cancel` | Cancel active session       |
+| `verifyToken(body)`        | `POST /tokens/verify`       | Validate verification token |
+| `handleCallback(data)`     | `POST /callback`            | Wallet callback (internal)  |
 ## Error Boundaries
@@ -163,22 +171,22 @@ Handlers return `{ status, headers?, body }` — they **never throw**. Your fram
 **1. HTTP errors** — returned as `{ error, message, details? }` with 4xx/5xx status:
-| Status | `error` code | Typical cause |
-|--------|--------------|---------------|
-| 400 | `bad_request` | Invalid input |
-| 403 | `forbidden` | Origin not in `allowedOrigins` |
-| 404 | `not_found` | Session missing |
-| 409 | `conflict` | Cancel on terminal session |
-| 429 | `rate_limited` | Rate limit exceeded |
-| 500 | `internal_error` | Engine failure on create |
+| Status | `error` code     | Typical cause                  |
+| ------ | ---------------- | ------------------------------ |
+| 400    | `bad_request`    | Invalid input                  |
+| 403    | `forbidden`      | Origin not in `allowedOrigins` |
+| 404    | `not_found`      | Session missing                |
+| 409    | `conflict`       | Cancel on terminal session     |
+| 429    | `rate_limited`   | Rate limit exceeded            |
+| 500    | `internal_error` | Engine failure on create       |
 **2. Session outcomes** — HTTP 200, check `body.status`:
-| `status` | Meaning |
-|----------|---------|
-| `rejected` | User declined in wallet |
-| `expired` | Session TTL elapsed |
-| `error` | VP validation or engine failure |
+| `status`   | Meaning                         |
+| ---------- | ------------------------------- |
+| `rejected` | User declined in wallet         |
+| `expired`  | Session TTL elapsed             |
+| `error`    | VP validation or engine failure |
 These surface to your frontend via `GET /sessions/:id` polling, not via callback HTTP status.
@@ -198,12 +206,12 @@ To report callback-path failures server-side, inspect the session after handling
 ### Route adapter pattern
 ```ts
-app.post('/sessions', async (req, res) => {
+app.post("/sessions", async (req, res) => {
   const result = await handlers.createSession(buildContext(req, {}, req.body));
-  if (result.status >= 400 && 'error' in result.body) {
+  if (result.status >= 400 && "error" in result.body) {
     // Your error reporting hook
-    reportError({ handler: 'createSession', ...result.body });
+    reportError({ handler: "createSession", ...result.body });
   }
   res.status(result.status).set(result.headers).json(result.body);
@@ -225,11 +233,11 @@ After the widget emits a `verified` event with a token, validate it server-side:
 ```ts
 // In your protected endpoint
-app.post('/checkout', async (req, res) => {
+app.post("/checkout", async (req, res) => {
   const { eudiToken } = req.body;
   const result = await handlers.verifyToken({ token: eudiToken });
   if (result.body.valid) {
     // Token is valid, claims are verified
     const { age_over_18, nationality } = result.body.claims;
@@ -246,6 +254,7 @@ app.post('/checkout', async (req, res) => {
 ⚠️ Demo mode accepts simulated credentials. **Never use in production.**
 Demo mode is indicated by:
 - Console warning on startup
 - `X-Eudi-Mode: demo` header on all responses

package/dist/index.d.ts CHANGED Viewed

@@ -39,7 +39,7 @@ interface VerificationRequest {
  * Flow: pending → waiting_for_wallet → verified|rejected|expired|error
  *       ↳ cancelled (from any non-terminal state)
  */
-type SessionStatus = 'pending' | 'waiting_for_wallet' | 'verified' | 'rejected' | 'expired' | 'cancelled' | 'error';
+type SessionStatus = "pending" | "waiting_for_wallet" | "verified" | "rejected" | "expired" | "cancelled" | "error";
 /**
  * Terminal states that cannot transition further.
  */
@@ -155,7 +155,7 @@ interface VerifyTokenInput {
 interface VerifyTokenResult {
     valid: boolean;
     claims?: VerifiedClaims;
-    error?: 'invalid_token' | 'expired' | 'already_consumed' | 'invalid_signature';
+    error?: "invalid_token" | "expired" | "already_consumed" | "invalid_signature";
 }
 /**
  * API error response.
@@ -168,7 +168,7 @@ interface ApiError {
 /**
  * Operation mode for the verifier.
  */
-type VerifierMode = 'demo' | 'production';
+type VerifierMode = "demo" | "production";
 /**
  * @eudi-verify/server - Key-Value Store Interface

package/dist/index.js CHANGED Viewed

@@ -134,7 +134,11 @@ var MockEngine = class {
     const requestedClaims = Object.keys(config.request).filter(
       (k) => config.request[k] === true
     );
-    const qrUrl = this.buildMockQrUrl(config.sessionId, config.baseUrl, requestedClaims);
+    const qrUrl = this.buildMockQrUrl(
+      config.sessionId,
+      config.baseUrl,
+      requestedClaims
+    );
     return {
       qrUrl,
       engineData: {
@@ -274,7 +278,9 @@ var OpenEudiEngine = class {
         redirect_uri: `${this.config.baseUrl}/callback`,
         state: session.id,
         nonce,
-        presentation_definition: this.buildPresentationDefinition(session.request),
+        presentation_definition: this.buildPresentationDefinition(
+          session.request
+        ),
         mode: "demo"
       });
     }
@@ -285,7 +291,9 @@ var OpenEudiEngine = class {
       redirect_uri: `${this.config.baseUrl}/callback`,
       state: session.id,
       nonce,
-      presentation_definition: this.buildPresentationDefinition(session.request)
+      presentation_definition: this.buildPresentationDefinition(
+        session.request
+      )
     });
   }
   async cancelSession(_session) {
@@ -328,7 +336,9 @@ var OpenEudiEngine = class {
     return `openid4vp://authorize?${params.toString()}`;
   }
   buildPresentationDefinition(request) {
-    const requestedClaims = Object.keys(request).filter((k) => request[k] === true);
+    const requestedClaims = Object.keys(request).filter(
+      (k) => request[k] === true
+    );
     const inputDescriptors = requestedClaims.map((claim) => ({
       id: claim,
       name: this.getClaimDisplayName(claim),

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@eudi-verify/server",
-  "version": "0.1.0",
+  "version": "0.1.2",
   "description": "Framework-agnostic REST API handlers for EUDI Wallet verification",
   "type": "module",
   "engines": {