@interop/did-web-resolver 3.0.0 → 4.0.0

package/dist/esm/DidWebResolver.d.ts

@@ -0,0 +1,147 @@
+export declare function didFromUrl({ url }?: {
+    url?: string;
+}): string;
+export declare function urlFromDid({ did }: {
+    did: string | undefined;
+}): string;
+/**
+ * Initializes the DID Document's keys/proof methods.
+ *
+ * @example
+ * didDocument.id = 'did:ex:123';
+ * const {didDocument, keyPairs} = await initKeys({
+ *   didDocument,
+ *   cryptoLd,
+ *   keyMap: {
+ *     capabilityInvocation: someExistingKey,
+ *     authentication: 'Ed25519VerificationKey2020',
+ *     assertionMethod: 'Ed25519VerificationKey2020',
+ *     keyAgreement: 'X25519KeyAgreementKey2019'
+ *   }
+ * });.
+ *
+ * @param {object} options - Options hashmap.
+ * @param {object} options.didDocument - DID Document.
+ * @typedef {object} CryptoLD
+ * @param {CryptoLD} [options.cryptoLd] - CryptoLD driver instance,
+ *   initialized with the key types this DID Document intends to support.
+ * @param {object} [options.keyMap] - Map of keys (or key types) by purpose.
+ *
+ * @returns {Promise<{didDocument: object, keyPairs: Map}>} Resolves with the
+ *   DID Document initialized with keys, as well as the map of the corresponding
+ *   key pairs (by key id).
+ */
+export declare function initKeys({ didDocument, cryptoLd, keyMap }?: {
+    didDocument?: object;
+    cryptoLd?: any;
+    keyMap?: any;
+}): Promise<{
+    didDocument: object;
+    keyPairs: Map<string, any>;
+}>;
+export declare class DidWebResolver {
+    cryptoLd: any;
+    keyMap: object;
+    method: string;
+    logger: any;
+    /**
+     * @param cryptoLd {CryptoLD}
+     * @param keyMap {object}
+     * @param [logger] {object} Logger object (with .log, .error, .warn,
+     *   etc methods).
+     */
+    constructor({ cryptoLd, keyMap, logger }?: {
+        cryptoLd?: any;
+        keyMap?: object;
+        logger?: any;
+    });
+    /**
+     * Generates a new DID Document and initializes various authentication
+     * and authorization proof purpose keys.
+     *
+     * @example
+     *   const url = 'https://example.com'
+     *   const { didDocument, didKeys } = await didWeb.generate({url})
+     *   didDocument.id
+     *   // -> 'did:web:example.com'
+     *
+     *
+     * Either an `id` or a `url` is required:
+     * @param [id] {string} - A did:web DID. If absent, will be converted from url
+     * @param [url] {string}
+     * @param [seed] {string|Uint8Array}
+     *
+     * @param [keyMap] {object} A hashmap of key types by purpose.
+     *
+     * @param cryptoLd
+     * @parma [cryptoLd] {object} CryptoLD instance with support for supported
+     *   crypto suites installed.
+     *
+     * @returns {Promise<{didDocument: object, keyPairs: object,
+     *   methodFor: Function}>} Resolves with the generated DID Document, along
+     *   with the corresponding key pairs used to generate it (for storage in a
+     *   KMS).
+     */
+    generate({ id, url, seed, keyMap, cryptoLd }?: {
+        id?: string;
+        url?: string;
+        seed?: string | Uint8Array;
+        keyMap?: any;
+        cryptoLd?: any;
+    }): Promise<{
+        didDocument: any;
+        keyPairs: object;
+        methodFor: Function;
+    }>;
+    /**
+     * Fetches a DID Document for a given DID.
+     *
+     * @example
+     * // In Node.js tests, use an agent to avoid self-signed certificate errors
+     * const agent = new https.agent({rejectUnauthorized: false});
+     *
+     * @param {string} [did] For example, 'did:web:example.com'
+     * @param {string} [url]
+     * @param {https.Agent} [agent] Optional agent used to customize network
+     *   behavior in Node.js (such as `rejectUnauthorized: false`).
+     * @param {object} [logger] Logger object (with .log, .error, .warn,
+     *   etc methods).
+     *
+     * @throws {Error}
+     *
+     * @returns {Promise<object>} Plain parsed JSON object of the DID Document.
+     */
+    get({ did, url, agent, logger }: {
+        did?: string | undefined;
+        url?: string | undefined;
+        agent?: any;
+        logger?: any;
+    }): Promise<object>;
+    /**
+     * Returns the public key (verification method) object for a given DID
+     * Document and purpose. Useful in conjunction with a `.get()` call.
+     *
+     * @example
+     * const didDocument = await didKeyDriver.get({did});
+     * const authKeyData = didDriver.publicMethodFor({
+     *   didDocument, purpose: 'authentication'
+     * });
+     * // You can then create a suite instance object to verify signatures etc.
+     * const authPublicKey = await cryptoLd.from(authKeyData);
+     * const {verify} = authPublicKey.verifier();
+     *
+     * @param {object} options - Options hashmap.
+     * @param {object} options.didDocument - DID Document (retrieved via a
+     *   `.get()` or from some other source).
+     * @param {string} options.purpose - Verification method purpose, such as
+     *   'authentication', 'assertionMethod', 'keyAgreement' and so on.
+     *
+     * @returns {object} Returns the public key object (obtained from the DID
+     *   Document), without a `@context`.
+     */
+    publicMethodFor({ didDocument, purpose }: {
+        didDocument: any;
+        purpose: string;
+    }): any;
+}
+//# sourceMappingURL=DidWebResolver.d.ts.map

package/dist/esm/DidWebResolver.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"DidWebResolver.d.ts","sourceRoot":"","sources":["../../src/DidWebResolver.ts"],"names":[],"mappings":"AAmBA,wBAAgB,UAAU,CAAE,EAAE,GAAG,EAAE,GAAE;IAAE,GAAG,CAAC,EAAE,MAAM,CAAA;CAAO,GAAG,MAAM,CAkClE;AAED,wBAAgB,UAAU,CAAE,EAAE,GAAG,EAAE,EAAE;IAAE,GAAG,EAAE,MAAM,GAAG,SAAS,CAAA;CAAE,GAAG,MAAM,CAmCxE;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AACH,wBAAsB,QAAQ,CAC5B,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,EAAE,GACjC;IAAE,WAAW,CAAC,EAAE,MAAM,CAAC;IAAC,QAAQ,CAAC,EAAE,GAAG,CAAC;IAAC,MAAM,CAAC,EAAE,GAAG,CAAA;CAAO,GAC1D,OAAO,CAAC;IAAE,WAAW,EAAE,MAAM,CAAC;IAAC,QAAQ,EAAE,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,CAAA;CAAE,CAAC,CAiC9D;AAED,qBAAa,cAAc;IAClB,QAAQ,EAAE,GAAG,CAAA;IACb,MAAM,EAAE,MAAM,CAAA;IACd,MAAM,EAAE,MAAM,CAAA;IACd,MAAM,EAAE,GAAG,CAAA;IAElB;;;;;OAKG;gBACU,EAAE,QAAQ,EAAE,MAAwB,EAAE,MAAgB,EAAE,GACrE;QAAE,QAAQ,CAAC,EAAE,GAAG,CAAC;QAAC,MAAM,CAAC,EAAE,MAAM,CAAC;QAAC,MAAM,CAAC,EAAE,GAAG,CAAA;KAAO;IAOtD;;;;;;;;;;;;;;;;;;;;;;;;;;OA0BG;IACG,QAAQ,CACZ,EAAE,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,MAAM,EAAE,QAAwB,EAAE,GACnD;QAAE,EAAE,CAAC,EAAE,MAAM,CAAC;QAAC,GAAG,CAAC,EAAE,MAAM,CAAC;QAAC,IAAI,CAAC,EAAE,MAAM,GAAG,UAAU,CAAC;QAAC,MAAM,CAAC,EAAE,GAAG,CAAC;QAAC,QAAQ,CAAC,EAAE,GAAG,CAAA;KAAO,GAC5F,OAAO,CAAC;QAAE,WAAW,EAAE,GAAG,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,QAAQ,CAAA;KAAE,CAAC;IA+CtE;;;;;;;;;;;;;;;;;OAiBG;IACG,GAAG,CAAE,EAAE,GAAG,EAAE,GAAG,EAAE,KAAK,EAAE,MAAoB,EAAE,EAAE;QAAE,GAAG,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;QAAC,GAAG,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;QAAC,KAAK,CAAC,EAAE,GAAG,CAAC;QAAC,MAAM,CAAC,EAAE,GAAG,CAAA;KAAE,GAAG,OAAO,CAAC,MAAM,CAAC;IAwCzJ;;;;;;;;;;;;;;;;;;;;;OAqBG;IACH,eAAe,CAAE,EAAE,WAAW,EAAE,OAAO,EAAE,EAAE;QAAE,WAAW,EAAE,GAAG,CAAC;QAAC,OAAO,EAAE,MAAM,CAAA;KAAE,GAAG,GAAG;CAOvF"}

package/dist/esm/DidWebResolver.js

@@ -0,0 +1,322 @@
+/* eslint-disable @typescript-eslint/strict-boolean-expressions */
+import { httpClient } from '@digitalbazaar/http-client';
+import * as didIo from '@digitalcredentials/did-io';
+import * as ed25519Context from 'ed25519-signature-2020-context';
+import * as x25519Context from 'x25519-key-agreement-2020-context';
+import * as didContext from 'did-context';
+import { decodeSecretKeySeed } from '@digitalcredentials/bnid';
+import { URL } from 'whatwg-url';
+const { VERIFICATION_RELATIONSHIPS } = didIo;
+const DEFAULT_KEY_MAP = {
+    capabilityInvocation: 'Ed25519VerificationKey2020',
+    authentication: 'Ed25519VerificationKey2020',
+    assertionMethod: 'Ed25519VerificationKey2020',
+    capabilityDelegation: 'Ed25519VerificationKey2020',
+    keyAgreement: 'X25519KeyAgreementKey2020'
+};
+export function didFromUrl({ url } = {}) {
+    if (!url) {
+        throw new TypeError('Cannot convert url to did, missing url.');
+    }
+    if (url.startsWith('http:')) {
+        throw new TypeError('did:web does not support non-HTTPS URLs.');
+    }
+    let parsedUrl;
+    try {
+        parsedUrl = new URL(url);
+    }
+    catch (error) {
+        throw new TypeError(`Invalid url: "${url}".`);
+    }
+    let { host, pathname } = parsedUrl;
+    let pathComponent = '';
+    const didJsonSuffix = '/did.json';
+    const wellKnownSuffix = '/.well-known';
+    if (pathname?.endsWith(didJsonSuffix)) {
+        pathname = pathname.substring(0, pathname.length - didJsonSuffix.length);
+    }
+    if (pathname?.endsWith(wellKnownSuffix)) {
+        pathname = pathname.substring(0, pathname.length - wellKnownSuffix.length);
+    }
+    if (pathname && pathname !== '/') {
+        pathComponent = pathname.split('/').map(encodeURIComponent).join(':');
+    }
+    return 'did:web:' + encodeURIComponent(host) + pathComponent;
+}
+export function urlFromDid({ did }) {
+    if (!did?.startsWith('did:web:')) {
+        throw new TypeError(`DID Method not supported: "${did ?? ''}".`);
+    }
+    const [didUrl, hashFragment] = did.split('#');
+    // eslint-disable-next-line no-unused-vars
+    // const [didResource, query] = didUrl.split('?')
+    // eslint-disable-next-line @typescript-eslint/no-unused-vars
+    const [_did, _web, urlNoProtocol, ...pathFragments] = didUrl.split(':');
+    if (urlNoProtocol.includes('/')) {
+        throw new TypeError(`Cannot construct url from did: "${did}". domain-name cannot contain a path.`);
+    }
+    let parsedUrl;
+    try {
+        // URI-decode the url (in case it contained a port number,
+        // for example, `did:web:localhost%3A8080`
+        parsedUrl = new URL('https://' + decodeURIComponent(urlNoProtocol));
+    }
+    catch (error) {
+        throw new TypeError(`Cannot construct url from did: "${did}".`);
+    }
+    if (pathFragments.length === 0) {
+        parsedUrl.pathname = '/.well-known/did.json';
+    }
+    else {
+        parsedUrl.pathname = pathFragments.map(decodeURIComponent).join('/') + '/did.json';
+    }
+    if (hashFragment) {
+        parsedUrl.hash = hashFragment;
+    }
+    return parsedUrl.toString();
+}
+/**
+ * Initializes the DID Document's keys/proof methods.
+ *
+ * @example
+ * didDocument.id = 'did:ex:123';
+ * const {didDocument, keyPairs} = await initKeys({
+ *   didDocument,
+ *   cryptoLd,
+ *   keyMap: {
+ *     capabilityInvocation: someExistingKey,
+ *     authentication: 'Ed25519VerificationKey2020',
+ *     assertionMethod: 'Ed25519VerificationKey2020',
+ *     keyAgreement: 'X25519KeyAgreementKey2019'
+ *   }
+ * });.
+ *
+ * @param {object} options - Options hashmap.
+ * @param {object} options.didDocument - DID Document.
+ * @typedef {object} CryptoLD
+ * @param {CryptoLD} [options.cryptoLd] - CryptoLD driver instance,
+ *   initialized with the key types this DID Document intends to support.
+ * @param {object} [options.keyMap] - Map of keys (or key types) by purpose.
+ *
+ * @returns {Promise<{didDocument: object, keyPairs: Map}>} Resolves with the
+ *   DID Document initialized with keys, as well as the map of the corresponding
+ *   key pairs (by key id).
+ */
+export async function initKeys({ didDocument, cryptoLd, keyMap } = {}) {
+    const doc = { ...didDocument };
+    if (!doc.id) {
+        throw new TypeError('DID Document "id" property is required to initialize keys.');
+    }
+    const keyPairs = new Map();
+    // Set the defaults for the created keys (if needed)
+    const options = { controller: doc.id };
+    for (const purpose in keyMap) {
+        if (!VERIFICATION_RELATIONSHIPS.has(purpose)) {
+            throw new Error(`Unsupported key purpose: "${purpose}".`);
+        }
+        let key;
+        if (typeof keyMap[purpose] === 'string') {
+            if (!cryptoLd) {
+                throw new Error('Please provide an initialized CryptoLD instance.');
+            }
+            key = await cryptoLd.generate({ type: keyMap[purpose], ...options });
+        }
+        else {
+            // An existing key has been provided
+            key = keyMap[purpose];
+        }
+        doc[purpose] = [key.export({ publicKey: true })];
+        keyPairs.set(key.id, key);
+    }
+    return { didDocument: doc, keyPairs };
+}
+export class DidWebResolver {
+    cryptoLd;
+    keyMap;
+    method;
+    logger;
+    /**
+     * @param cryptoLd {CryptoLD}
+     * @param keyMap {object}
+     * @param [logger] {object} Logger object (with .log, .error, .warn,
+     *   etc methods).
+     */
+    constructor({ cryptoLd, keyMap = DEFAULT_KEY_MAP, logger = console } = {}) {
+        this.method = 'web'; // did:web:... (used for didIo resolver harness)
+        this.cryptoLd = cryptoLd;
+        this.keyMap = keyMap;
+        this.logger = logger;
+    }
+    /**
+     * Generates a new DID Document and initializes various authentication
+     * and authorization proof purpose keys.
+     *
+     * @example
+     *   const url = 'https://example.com'
+     *   const { didDocument, didKeys } = await didWeb.generate({url})
+     *   didDocument.id
+     *   // -> 'did:web:example.com'
+     *
+     *
+     * Either an `id` or a `url` is required:
+     * @param [id] {string} - A did:web DID. If absent, will be converted from url
+     * @param [url] {string}
+     * @param [seed] {string|Uint8Array}
+     *
+     * @param [keyMap] {object} A hashmap of key types by purpose.
+     *
+     * @param cryptoLd
+     * @parma [cryptoLd] {object} CryptoLD instance with support for supported
+     *   crypto suites installed.
+     *
+     * @returns {Promise<{didDocument: object, keyPairs: object,
+     *   methodFor: Function}>} Resolves with the generated DID Document, along
+     *   with the corresponding key pairs used to generate it (for storage in a
+     *   KMS).
+     */
+    async generate({ id, url, seed, keyMap, cryptoLd = this.cryptoLd } = {}) {
+        if (!id && !url) {
+            throw new TypeError('A "url" or an "id" parameter is required.');
+        }
+        if (seed && keyMap) {
+            throw new TypeError('Either a "seed" or a "keyMap" param must be provided, but not both.');
+        }
+        const did = id ?? didFromUrl({ url });
+        if (seed) {
+            const keyPair = await _keyPairFromSecretSeed({
+                seed, controller: did, cryptoLd
+            });
+            keyMap = { assertionMethod: keyPair };
+        }
+        else {
+            keyMap = keyMap || this.keyMap;
+        }
+        // Compose the DID Document
+        let didDocument = {
+            '@context': [
+                didContext.constants.DID_CONTEXT_URL,
+                ed25519Context.constants.CONTEXT_URL,
+                x25519Context.constants.CONTEXT_URL
+            ],
+            id: did
+        };
+        const result = await initKeys({ didDocument, cryptoLd, keyMap });
+        const keyPairs = result.keyPairs;
+        didDocument = result.didDocument;
+        // Convenience function that returns the public/private key pair instance
+        // for a given purpose (authentication, assertionMethod, keyAgreement, etc).
+        const methodFor = ({ purpose }) => {
+            const { id: methodId } = didIo.findVerificationMethod({
+                doc: didDocument, purpose
+            });
+            return keyPairs.get(methodId);
+        };
+        return { didDocument, keyPairs, methodFor };
+    }
+    /**
+     * Fetches a DID Document for a given DID.
+     *
+     * @example
+     * // In Node.js tests, use an agent to avoid self-signed certificate errors
+     * const agent = new https.agent({rejectUnauthorized: false});
+     *
+     * @param {string} [did] For example, 'did:web:example.com'
+     * @param {string} [url]
+     * @param {https.Agent} [agent] Optional agent used to customize network
+     *   behavior in Node.js (such as `rejectUnauthorized: false`).
+     * @param {object} [logger] Logger object (with .log, .error, .warn,
+     *   etc methods).
+     *
+     * @throws {Error}
+     *
+     * @returns {Promise<object>} Plain parsed JSON object of the DID Document.
+     */
+    async get({ did, url, agent, logger = this.logger }) {
+        const didUrl = url ?? urlFromDid({ did });
+        if (!didUrl) {
+            throw new TypeError('A DID or a URL is required.');
+        }
+        const [urlAuthority, keyIdFragment] = didUrl.split('#');
+        let didDocument;
+        try {
+            logger.info(`Fetching "${urlAuthority}" via http client.`);
+            const result = await httpClient.get(urlAuthority, { agent });
+            didDocument = result.data;
+        }
+        catch (e) {
+            // status is HTTP status code
+            // data is JSON error from the server if available
+            const { data, status } = e;
+            // eslint-disable-next-line @typescript-eslint/restrict-template-expressions
+            logger.error(`Http ${status ?? ''} error:`, data);
+            throw e;
+        }
+        if (didDocument && keyIdFragment) {
+            // resolve an individual key
+            // Keys are expected to have format: <did:web:...>#<keyIdFragment>
+            const didAuthority = didFromUrl({ url: urlAuthority });
+            const methodId = `${didAuthority}#${keyIdFragment}`;
+            const key = didIo.findVerificationMethod({ doc: didDocument, methodId });
+            if (!key) {
+                throw new Error(`Key id ${methodId} not found.`);
+            }
+            const keyPair = await this.cryptoLd.from(key);
+            return keyPair.export({ publicKey: true, includeContext: true });
+        }
+        return didDocument;
+    }
+    /**
+     * Returns the public key (verification method) object for a given DID
+     * Document and purpose. Useful in conjunction with a `.get()` call.
+     *
+     * @example
+     * const didDocument = await didKeyDriver.get({did});
+     * const authKeyData = didDriver.publicMethodFor({
+     *   didDocument, purpose: 'authentication'
+     * });
+     * // You can then create a suite instance object to verify signatures etc.
+     * const authPublicKey = await cryptoLd.from(authKeyData);
+     * const {verify} = authPublicKey.verifier();
+     *
+     * @param {object} options - Options hashmap.
+     * @param {object} options.didDocument - DID Document (retrieved via a
+     *   `.get()` or from some other source).
+     * @param {string} options.purpose - Verification method purpose, such as
+     *   'authentication', 'assertionMethod', 'keyAgreement' and so on.
+     *
+     * @returns {object} Returns the public key object (obtained from the DID
+     *   Document), without a `@context`.
+     */
+    publicMethodFor({ didDocument, purpose }) {
+        const method = didIo.findVerificationMethod({ doc: didDocument, purpose });
+        if (!method) {
+            throw new Error(`No verification method found for purpose "${purpose}"`);
+        }
+        return method;
+    }
+}
+/**
+ * @param options {object}
+ * @param options.seed {string|Uint8Array}
+ * @param controller {string}
+ * @param cryptoLd {object}
+ *
+ * @return {Promise<LDKeyPair>}
+ */
+async function _keyPairFromSecretSeed({ seed, controller, cryptoLd }) {
+    let seedBytes;
+    if (typeof seed === 'string') {
+        // Currently only supports base58 multibase / identity multihash encoding.
+        if (!seed.startsWith('z1A')) {
+            throw new TypeError('"seed" parameter must be a multibase/multihash encoded string, or a Uint8Array.');
+        }
+        seedBytes = decodeSecretKeySeed({ secretKeySeed: seed });
+    }
+    else {
+        seedBytes = new Uint8Array(seed);
+    }
+    return cryptoLd.generate({
+        controller, seed: seedBytes, type: 'Ed25519VerificationKey2020'
+    });
+}
+//# sourceMappingURL=DidWebResolver.js.map

package/dist/esm/DidWebResolver.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"DidWebResolver.js","sourceRoot":"","sources":["../../src/DidWebResolver.ts"],"names":[],"mappings":"AAAA,kEAAkE;AAClE,OAAO,EAAE,UAAU,EAAE,MAAM,4BAA4B,CAAA;AACvD,OAAO,KAAK,KAAK,MAAM,4BAA4B,CAAA;AACnD,OAAO,KAAK,cAAc,MAAM,gCAAgC,CAAA;AAChE,OAAO,KAAK,aAAa,MAAM,mCAAmC,CAAA;AAClE,OAAO,KAAK,UAAU,MAAM,aAAa,CAAA;AACzC,OAAO,EAAE,mBAAmB,EAAE,MAAM,0BAA0B,CAAA;AAC9D,OAAO,EAAE,GAAG,EAAE,MAAM,YAAY,CAAA;AAEhC,MAAM,EAAE,0BAA0B,EAAE,GAAG,KAAK,CAAA;AAE5C,MAAM,eAAe,GAAG;IACtB,oBAAoB,EAAE,4BAA4B;IAClD,cAAc,EAAE,4BAA4B;IAC5C,eAAe,EAAE,4BAA4B;IAC7C,oBAAoB,EAAE,4BAA4B;IAClD,YAAY,EAAE,2BAA2B;CAC1C,CAAA;AAED,MAAM,UAAU,UAAU,CAAE,EAAE,GAAG,KAAuB,EAAE;IACxD,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,SAAS,CAAC,yCAAyC,CAAC,CAAA;KAC/D;IACD,IAAI,GAAG,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE;QAC3B,MAAM,IAAI,SAAS,CAAC,0CAA0C,CAAC,CAAA;KAChE;IAED,IAAI,SAAS,CAAA;IACb,IAAI;QACF,SAAS,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAA;KACzB;IAAC,OAAO,KAAK,EAAE;QACd,MAAM,IAAI,SAAS,CAAC,iBAAiB,GAAG,IAAI,CAAC,CAAA;KAC9C;IAED,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,GAAG,SAAS,CAAA;IAClC,IAAI,aAAa,GAAG,EAAE,CAAA;IAEtB,MAAM,aAAa,GAAG,WAAW,CAAA;IACjC,MAAM,eAAe,GAAG,cAAc,CAAA;IAEtC,IAAI,QAAQ,EAAE,QAAQ,CAAC,aAAa,CAAC,EAAE;QACrC,QAAQ,GAAG,QAAQ,CAAC,SAAS,CAAC,CAAC,EAAE,QAAQ,CAAC,MAAM,GAAG,aAAa,CAAC,MAAM,CAAC,CAAA;KACzE;IAED,IAAI,QAAQ,EAAE,QAAQ,CAAC,eAAe,CAAC,EAAE;QACvC,QAAQ,GAAG,QAAQ,CAAC,SAAS,CAAC,CAAC,EAAE,QAAQ,CAAC,MAAM,GAAG,eAAe,CAAC,MAAM,CAAC,CAAA;KAC3E;IAED,IAAI,QAAQ,IAAI,QAAQ,KAAK,GAAG,EAAE;QAChC,aAAa,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;KACtE;IAED,OAAO,UAAU,GAAG,kBAAkB,CAAC,IAAI,CAAC,GAAG,aAAa,CAAA;AAC9D,CAAC;AAED,MAAM,UAAU,UAAU,CAAE,EAAE,GAAG,EAA+B;IAC9D,IAAI,CAAC,GAAG,EAAE,UAAU,CAAC,UAAU,CAAC,EAAE;QAChC,MAAM,IAAI,SAAS,CAAC,8BAA8B,GAAG,IAAI,EAAE,IAAI,CAAC,CAAA;KACjE;IAED,MAAM,CAAC,MAAM,EAAE,YAAY,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IAC7C,0CAA0C;IAC1C,iDAAiD;IAEjD,6DAA6D;IAC7D,MAAM,CAAC,IAAI,EAAE,IAAI,EAAE,aAAa,EAAE,GAAG,aAAa,CAAC,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IAEvE,IAAI,aAAa,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE;QAC/B,MAAM,IAAI,SAAS,CAAC,mCAAmC,GAAG,uCAAuC,CAAC,CAAA;KACnG;IAED,IAAI,SAAS,CAAA;IACb,IAAI;QACF,0DAA0D;QAC1D,0CAA0C;QAC1C,SAAS,GAAG,IAAI,GAAG,CAAC,UAAU,GAAG,kBAAkB,CAAC,aAAa,CAAC,CAAC,CAAA;KACpE;IAAC,OAAO,KAAK,EAAE;QACd,MAAM,IAAI,SAAS,CAAC,mCAAmC,GAAG,IAAI,CAAC,CAAA;KAChE;IAED,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC,EAAE;QAC9B,SAAS,CAAC,QAAQ,GAAG,uBAAuB,CAAA;KAC7C;SAAM;QACL,SAAS,CAAC,QAAQ,GAAG,aAAa,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,WAAW,CAAA;KACnF;IAED,IAAI,YAAY,EAAE;QAChB,SAAS,CAAC,IAAI,GAAG,YAAY,CAAA;KAC9B;IACD,OAAO,SAAS,CAAC,QAAQ,EAAE,CAAA;AAC7B,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AACH,MAAM,CAAC,KAAK,UAAU,QAAQ,CAC5B,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,KAC0B,EAAE;IAE3D,MAAM,GAAG,GAAQ,EAAE,GAAG,WAAW,EAAE,CAAA;IACnC,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE;QACX,MAAM,IAAI,SAAS,CACjB,4DAA4D,CAAC,CAAA;KAChE;IAED,MAAM,QAAQ,GAAG,IAAI,GAAG,EAAE,CAAA;IAE1B,oDAAoD;IACpD,MAAM,OAAO,GAAG,EAAE,UAAU,EAAE,GAAG,CAAC,EAAE,EAAE,CAAA;IAEtC,KAAK,MAAM,OAAO,IAAI,MAAM,EAAE;QAC5B,IAAI,CAAC,0BAA0B,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE;YAC5C,MAAM,IAAI,KAAK,CAAC,6BAA6B,OAAO,IAAI,CAAC,CAAA;SAC1D;QAED,IAAI,GAAG,CAAA;QACP,IAAI,OAAO,MAAM,CAAC,OAAO,CAAC,KAAK,QAAQ,EAAE;YACvC,IAAI,CAAC,QAAQ,EAAE;gBACb,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAA;aACpE;YACD,GAAG,GAAG,MAAM,QAAQ,CAAC,QAAQ,CAAC,EAAE,IAAI,EAAE,MAAM,CAAC,OAAO,CAAC,EAAE,GAAG,OAAO,EAAE,CAAC,CAAA;SACrE;aAAM;YACL,oCAAoC;YACpC,GAAG,GAAG,MAAM,CAAC,OAAO,CAAC,CAAA;SACtB;QAED,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC,CAAA;QAChD,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAA;KAC1B;IAED,OAAO,EAAE,WAAW,EAAE,GAAG,EAAE,QAAQ,EAAE,CAAA;AACvC,CAAC;AAED,MAAM,OAAO,cAAc;IAClB,QAAQ,CAAK;IACb,MAAM,CAAQ;IACd,MAAM,CAAQ;IACd,MAAM,CAAK;IAElB;;;;;OAKG;IACH,YAAa,EAAE,QAAQ,EAAE,MAAM,GAAG,eAAe,EAAE,MAAM,GAAG,OAAO,KACf,EAAE;QACpD,IAAI,CAAC,MAAM,GAAG,KAAK,CAAA,CAAC,gDAAgD;QACpE,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAA;QACxB,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;QACpB,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;IACtB,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;OA0BG;IACH,KAAK,CAAC,QAAQ,CACZ,EAAE,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,GAAG,IAAI,CAAC,QAAQ,KACyC,EAAE;QAE5F,IAAI,CAAC,EAAE,IAAI,CAAC,GAAG,EAAE;YACf,MAAM,IAAI,SAAS,CAAC,2CAA2C,CAAC,CAAA;SACjE;QACD,IAAI,IAAI,IAAI,MAAM,EAAE;YAClB,MAAM,IAAI,SAAS,CACjB,qEAAqE,CACtE,CAAA;SACF;QAED,MAAM,GAAG,GAAG,EAAE,IAAI,UAAU,CAAC,EAAE,GAAG,EAAE,CAAC,CAAA;QAErC,IAAI,IAAI,EAAE;YACR,MAAM,OAAO,GAAG,MAAM,sBAAsB,CAAC;gBAC3C,IAAI,EAAE,UAAU,EAAE,GAAG,EAAE,QAAQ;aAChC,CAAC,CAAA;YACF,MAAM,GAAG,EAAE,eAAe,EAAE,OAAO,EAAE,CAAA;SACtC;aAAM;YACL,MAAM,GAAG,MAAM,IAAI,IAAI,CAAC,MAAM,CAAA;SAC/B;QAED,2BAA2B;QAC3B,IAAI,WAAW,GAAG;YAChB,UAAU,EAAE;gBACV,UAAU,CAAC,SAAS,CAAC,eAAe;gBACpC,cAAc,CAAC,SAAS,CAAC,WAAW;gBACpC,aAAa,CAAC,SAAS,CAAC,WAAW;aACpC;YACD,EAAE,EAAE,GAAG;SACR,CAAA;QAED,MAAM,MAAM,GAAQ,MAAM,QAAQ,CAAC,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAA;QACrE,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAA;QAChC,WAAW,GAAG,MAAM,CAAC,WAAW,CAAA;QAEhC,yEAAyE;QACzE,4EAA4E;QAC5E,MAAM,SAAS,GAAG,CAAC,EAAE,OAAO,EAAuB,EAAO,EAAE;YAC1D,MAAM,EAAE,EAAE,EAAE,QAAQ,EAAE,GAAG,KAAK,CAAC,sBAAsB,CAAC;gBACpD,GAAG,EAAE,WAAW,EAAE,OAAO;aAC1B,CAAC,CAAA;YACF,OAAO,QAAQ,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAA;QAC/B,CAAC,CAAA;QAED,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAA;IAC7C,CAAC;IAED;;;;;;;;;;;;;;;;;OAiBG;IACH,KAAK,CAAC,GAAG,CAAE,EAAE,GAAG,EAAE,GAAG,EAAE,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC,MAAM,EAAqF;QACrI,MAAM,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,EAAE,GAAG,EAAE,CAAC,CAAA;QACzC,IAAI,CAAC,MAAM,EAAE;YACX,MAAM,IAAI,SAAS,CAAC,6BAA6B,CAAC,CAAA;SACnD;QAED,MAAM,CAAC,YAAY,EAAE,aAAa,CAAC,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QAEvD,IAAI,WAAW,CAAA;QACf,IAAI;YACF,MAAM,CAAC,IAAI,CAAC,aAAa,YAAY,oBAAoB,CAAC,CAAA;YAC1D,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,GAAG,CAAC,YAAY,EAAE,EAAE,KAAK,EAAE,CAAC,CAAA;YAC5D,WAAW,GAAG,MAAM,CAAC,IAAI,CAAA;SAC1B;QAAC,OAAO,CAAM,EAAE;YACf,6BAA6B;YAC7B,kDAAkD;YAClD,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,CAAC,CAAA;YAC1B,4EAA4E;YAC5E,MAAM,CAAC,KAAK,CAAC,QAAQ,MAAM,IAAI,EAAE,SAAS,EAAE,IAAI,CAAC,CAAA;YACjD,MAAM,CAAC,CAAA;SACR;QACD,IAAI,WAAW,IAAI,aAAa,EAAE;YAChC,4BAA4B;YAC5B,kEAAkE;YAClE,MAAM,YAAY,GAAG,UAAU,CAAC,EAAE,GAAG,EAAE,YAAY,EAAE,CAAC,CAAA;YACtD,MAAM,QAAQ,GAAG,GAAG,YAAY,IAAI,aAAa,EAAE,CAAA;YAEnD,MAAM,GAAG,GAAG,KAAK,CAAC,sBAAsB,CAAC,EAAE,GAAG,EAAE,WAAW,EAAE,QAAQ,EAAE,CAAC,CAAA;YACxE,IAAI,CAAC,GAAG,EAAE;gBACR,MAAM,IAAI,KAAK,CAAC,UAAU,QAAQ,aAAa,CAAC,CAAA;aACjD;YAED,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;YAE7C,OAAO,OAAO,CAAC,MAAM,CAAC,EAAE,SAAS,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,EAAE,CAAC,CAAA;SACjE;QAED,OAAO,WAAW,CAAA;IACpB,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;OAqBG;IACH,eAAe,CAAE,EAAE,WAAW,EAAE,OAAO,EAAyC;QAC9E,MAAM,MAAM,GAAG,KAAK,CAAC,sBAAsB,CAAC,EAAE,GAAG,EAAE,WAAW,EAAE,OAAO,EAAE,CAAC,CAAA;QAC1E,IAAI,CAAC,MAAM,EAAE;YACX,MAAM,IAAI,KAAK,CAAC,6CAA6C,OAAO,GAAG,CAAC,CAAA;SACzE;QACD,OAAO,MAAM,CAAA;IACf,CAAC;CACF;AAED;;;;;;;GAOG;AACH,KAAK,UAAU,sBAAsB,CAAE,EAAE,IAAI,EAAE,UAAU,EAAE,QAAQ,EAAsE;IACvI,IAAI,SAAS,CAAA;IACb,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE;QAC5B,0EAA0E;QAC1E,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,EAAE;YAC3B,MAAM,IAAI,SAAS,CAAC,iFAAiF,CAAC,CAAA;SACvG;QACD,SAAS,GAAG,mBAAmB,CAAC,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAA;KACzD;SAAM;QACL,SAAS,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,CAAA;KACjC;IACD,OAAO,QAAQ,CAAC,QAAQ,CAAC;QACvB,UAAU,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,4BAA4B;KAChE,CAAC,CAAA;AACJ,CAAC"}

package/dist/esm/index.d.ts

@@ -0,0 +1,8 @@
+import { DidWebResolver, didFromUrl, urlFromDid } from './DidWebResolver';
+declare const driver: (options: {
+    cryptoLd?: any;
+    keyMap?: object | undefined;
+    logger?: any;
+} | undefined) => DidWebResolver;
+export { driver, DidWebResolver, didFromUrl, urlFromDid };
+//# sourceMappingURL=index.d.ts.map

package/dist/esm/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAA;AAEzE,QAAA,MAAM,MAAM,YAAa;IAAE,QAAQ,CAAC,EAAE,GAAG,CAAC;IAAC,MAAM,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IAAC,MAAM,CAAC,EAAE,GAAG,CAAA;CAAE,GAAG,SAAS,KAAG,cAEpG,CAAA;AAED,OAAO,EAAE,MAAM,EAAE,cAAc,EAAE,UAAU,EAAE,UAAU,EAAE,CAAA"}

package/dist/esm/index.js

@@ -1,5 +1,6 @@
-import cjsModule from '../index.js';
-export const driver = cjsModule.driver;
-export const DidWebResolver = cjsModule.DidWebResolver;
-export const didFromUrl = cjsModule.didFromUrl;
-export const urlFromDid = cjsModule.urlFromDid;
+import { DidWebResolver, didFromUrl, urlFromDid } from './DidWebResolver';
+const driver = (options) => {
+    return new DidWebResolver(options);
+};
+export { driver, DidWebResolver, didFromUrl, urlFromDid };
+//# sourceMappingURL=index.js.map

package/dist/esm/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAA;AAEzE,MAAM,MAAM,GAAG,CAAC,OAAkF,EAAkB,EAAE;IACpH,OAAO,IAAI,cAAc,CAAC,OAAO,CAAC,CAAA;AACpC,CAAC,CAAA;AAED,OAAO,EAAE,MAAM,EAAE,cAAc,EAAE,UAAU,EAAE,UAAU,EAAE,CAAA"}

package/dist/src/DidWebResolver.d.ts

@@ -0,0 +1,146 @@
+export declare function didFromUrl({ url }?: {
+    url?: string;
+}): string;
+export declare function urlFromDid({ did }: {
+    did: string | undefined;
+}): string;
+/**
+ * Initializes the DID Document's keys/proof methods.
+ *
+ * @example
+ * didDocument.id = 'did:ex:123';
+ * const {didDocument, keyPairs} = await initKeys({
+ *   didDocument,
+ *   cryptoLd,
+ *   keyMap: {
+ *     capabilityInvocation: someExistingKey,
+ *     authentication: 'Ed25519VerificationKey2020',
+ *     assertionMethod: 'Ed25519VerificationKey2020',
+ *     keyAgreement: 'X25519KeyAgreementKey2019'
+ *   }
+ * });.
+ *
+ * @param {object} options - Options hashmap.
+ * @param {object} options.didDocument - DID Document.
+ * @typedef {object} CryptoLD
+ * @param {CryptoLD} [options.cryptoLd] - CryptoLD driver instance,
+ *   initialized with the key types this DID Document intends to support.
+ * @param {object} [options.keyMap] - Map of keys (or key types) by purpose.
+ *
+ * @returns {Promise<{didDocument: object, keyPairs: Map}>} Resolves with the
+ *   DID Document initialized with keys, as well as the map of the corresponding
+ *   key pairs (by key id).
+ */
+export declare function initKeys({ didDocument, cryptoLd, keyMap }?: {
+    didDocument?: object;
+    cryptoLd?: any;
+    keyMap?: any;
+}): Promise<{
+    didDocument: object;
+    keyPairs: Map<string, any>;
+}>;
+export declare class DidWebResolver {
+    cryptoLd: any;
+    keyMap: object;
+    method: string;
+    logger: any;
+    /**
+     * @param cryptoLd {CryptoLD}
+     * @param keyMap {object}
+     * @param [logger] {object} Logger object (with .log, .error, .warn,
+     *   etc methods).
+     */
+    constructor({ cryptoLd, keyMap, logger }?: {
+        cryptoLd?: any;
+        keyMap?: object;
+        logger?: any;
+    });
+    /**
+     * Generates a new DID Document and initializes various authentication
+     * and authorization proof purpose keys.
+     *
+     * @example
+     *   const url = 'https://example.com'
+     *   const { didDocument, didKeys } = await didWeb.generate({url})
+     *   didDocument.id
+     *   // -> 'did:web:example.com'
+     *
+     *
+     * Either an `id` or a `url` is required:
+     * @param [id] {string} - A did:web DID. If absent, will be converted from url
+     * @param [url] {string}
+     * @param [seed] {string|Uint8Array}
+     *
+     * @param [keyMap] {object} A hashmap of key types by purpose.
+     *
+     * @param cryptoLd
+     * @parma [cryptoLd] {object} CryptoLD instance with support for supported
+     *   crypto suites installed.
+     *
+     * @returns {Promise<{didDocument: object, keyPairs: object,
+     *   methodFor: Function}>} Resolves with the generated DID Document, along
+     *   with the corresponding key pairs used to generate it (for storage in a
+     *   KMS).
+     */
+    generate({ id, url, seed, keyMap, cryptoLd }?: {
+        id?: string;
+        url?: string;
+        seed?: string | Uint8Array;
+        keyMap?: any;
+        cryptoLd?: any;
+    }): Promise<{
+        didDocument: any;
+        keyPairs: object;
+        methodFor: Function;
+    }>;
+    /**
+     * Fetches a DID Document for a given DID.
+     *
+     * @example
+     * // In Node.js tests, use an agent to avoid self-signed certificate errors
+     * const agent = new https.agent({rejectUnauthorized: false});
+     *
+     * @param {string} [did] For example, 'did:web:example.com'
+     * @param {string} [url]
+     * @param {https.Agent} [agent] Optional agent used to customize network
+     *   behavior in Node.js (such as `rejectUnauthorized: false`).
+     * @param {object} [logger] Logger object (with .log, .error, .warn,
+     *   etc methods).
+     *
+     * @throws {Error}
+     *
+     * @returns {Promise<object>} Plain parsed JSON object of the DID Document.
+     */
+    get({ did, url, agent, logger }: {
+        did?: string | undefined;
+        url?: string | undefined;
+        agent?: any;
+        logger?: any;
+    }): Promise<object>;
+    /**
+     * Returns the public key (verification method) object for a given DID
+     * Document and purpose. Useful in conjunction with a `.get()` call.
+     *
+     * @example
+     * const didDocument = await didKeyDriver.get({did});
+     * const authKeyData = didDriver.publicMethodFor({
+     *   didDocument, purpose: 'authentication'
+     * });
+     * // You can then create a suite instance object to verify signatures etc.
+     * const authPublicKey = await cryptoLd.from(authKeyData);
+     * const {verify} = authPublicKey.verifier();
+     *
+     * @param {object} options - Options hashmap.
+     * @param {object} options.didDocument - DID Document (retrieved via a
+     *   `.get()` or from some other source).
+     * @param {string} options.purpose - Verification method purpose, such as
+     *   'authentication', 'assertionMethod', 'keyAgreement' and so on.
+     *
+     * @returns {object} Returns the public key object (obtained from the DID
+     *   Document), without a `@context`.
+     */
+    publicMethodFor({ didDocument, purpose }: {
+        didDocument: any;
+        purpose: string;
+    }): any;
+}