@ixo/ucan 1.1.1 → 1.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.turbo/turbo-build.log +1 -1
- package/README.md +47 -5
- package/dist/did/local-resolver.d.ts +6 -0
- package/dist/did/local-resolver.d.ts.map +1 -0
- package/dist/did/local-resolver.js +22 -0
- package/dist/did/local-resolver.js.map +1 -0
- package/dist/did/web-resolver.d.ts +7 -0
- package/dist/did/web-resolver.d.ts.map +1 -0
- package/dist/did/web-resolver.js +78 -0
- package/dist/did/web-resolver.js.map +1 -0
- package/dist/index.d.ts +2 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +2 -0
- package/dist/index.js.map +1 -1
- package/dist/tsconfig.tsbuildinfo +1 -1
- package/dist/validator/validator.d.ts +1 -0
- package/dist/validator/validator.d.ts.map +1 -1
- package/dist/validator/validator.js +150 -6
- package/dist/validator/validator.js.map +1 -1
- package/package.json +20 -9
- package/src/did/local-resolver.ts +79 -0
- package/src/did/web-resolver.ts +140 -0
- package/src/index.ts +10 -0
- package/src/validator/validator.test.ts +336 -0
- package/src/validator/validator.ts +239 -12
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"validator.js","sourceRoot":"","sources":["../../src/validator/validator.ts"],"names":[],"mappings":"AAcA,OAAO,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AAC5C,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAC1C,OAAO,EAAE,KAAK,EAAE,MAAM,mBAAmB,CAAC;AAG1C,OAAO,EAAE,uBAAuB,EAAE,MAAM,oBAAoB,CAAC;AAoK7D,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,OAA+B;IAE/B,MAAM,eAAe,GACnB,OAAO,CAAC,eAAe,IAAI,IAAI,uBAAuB,EAAE,CAAC;IAI3D,IAAI,cAAwB,CAAC;IAE7B,IAAI,OAAO,CAAC,SAAS,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAE7C,cAAc,GAAG,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IAC7D,CAAC;SAAM,CAAC;QAEN,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC;YACzB,MAAM,IAAI,KAAK,CACb,cAAc,OAAO,CAAC,SAAS,wCAAwC;gBACrE,+EAA+E,CAClF,CAAC;QACJ,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,WAAW,CACxC,OAAO,CAAC,SAAsC,CAC/C,CAAC;QAEF,IAAI,OAAO,IAAI,QAAQ,EAAE,CAAC;YACxB,MAAM,IAAI,KAAK,CACb,gCAAgC,OAAO,CAAC,SAAS,KAAK,QAAQ,CAAC,KAAK,CAAC,OAAO,EAAE,CAC/E,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,QAAQ,CAAC,EAAE,IAAI,QAAQ,CAAC,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC7C,MAAM,IAAI,KAAK,CACb,gCAAgC,OAAO,CAAC,SAAS,IAAI;gBACnD,8DAA8D,CACjE,CAAC;QACJ,CAAC;QAGD,MAAM,MAAM,GAAG,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;QAC9B,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,KAAK,CAAC,qCAAqC,OAAO,CAAC,SAAS,EAAE,CAAC,CAAC;QAC5E,CAAC;QAED,cAAc,GAAG,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IAClD,CAAC;IAGD,MAAM,aAAa,GAAG,KAAK,EAAE,GAA8B,EAAE,EAAE;QAE7D,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YAC5B,OAAO,CAAC,KAAK,CAAC,6CAA6C,EAAE,GAAG,CAAC,CAAC;YAClE,OAAO;gBACL,KAAK,EAAE;oBACL,IAAI,EAAE,uBAAgC;oBACtC,GAAG,EAAE,MAAM,CAAC,GAAG,CAAC;oBAChB,OAAO,EAAE,4BAA4B,OAAO,GAAG,EAAE;iBAClD;aACF,CAAC;QACJ,CAAC;QAGD,IAAI,GAAG,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;YAC/B,OAAO,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC;QACvB,CAAC;QAGD,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC;YACxB,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;YAC9C,IAAI,IAAI,IAAI,MAAM,IAAI,MAAM,CAAC,EAAE,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAE3C,OAAO,EAAE,EAAE,EAAE,MAAM,CAAC,EAAE,EAAE,CAAC;YAC3B,CAAC;YACD,IAAI,OAAO,IAAI,MAAM,EAAE,CAAC;gBACtB,OAAO;oBACL,KAAK,EAAE;wBACL,IAAI,EAAE,uBAAgC;wBACtC,GAAG;wBACH,OAAO,EAAE,MAAM,CAAC,KAAK,CAAC,OAAO;qBAC9B;iBACF,CAAC;YACJ,CAAC;QACH,CAAC;QAED,OAAO;YACL,KAAK,EAAE;gBACL,IAAI,EAAE,uBAAgC;gBACtC,GAAG;gBACH,OAAO,EAAE,uBAAuB,GAAG,EAAE;aACtC;SACF,CAAC;IACJ,CAAC,CAAC;IAOF,SAAS,eAAe,CAAC,UAAe;QACtC,IAAI,CAAC,UAAU,EAAE,MAAM,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC1D,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC;QACnC,CAAC;QACD,MAAM,WAAW,GAAG,eAAe,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;QAC1D,OAAO,CAAC,GAAG,WAAW,EAAE,UAAU,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC;IACnD,CAAC;IAOD,SAAS,0BAA0B,CAAC,UAAe;QACjD,MAAM,GAAG,GACP,OAAO,UAAU,EAAE,UAAU,KAAK,QAAQ;YAC1C,QAAQ,CAAC,UAAU,CAAC,UAAU,CAAC;YAC7B,CAAC,CAAC,UAAU,CAAC,UAAU;YACvB,CAAC,CAAC,SAAS,CAAC;QAEhB,IAAI,CAAC,UAAU,EAAE,MAAM,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC1D,OAAO,GAAG,CAAC;QACb,CAAC;QAED,MAAM,SAAS,GAAG,0BAA0B,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;QAEnE,IAAI,GAAG,KAAK,SAAS,IAAI,SAAS,KAAK,SAAS,EAAE,CAAC;YACjD,OAAO,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;QAClC,CAAC;QACD,OAAO,GAAG,IAAI,SAAS,CAAC;IAC1B,CAAC;IAED,OAAO;QACL,SAAS,EAAE,OAAO,CAAC,SAAS;QAE5B,KAAK,CAAC,QAAQ,CACZ,gBAAgB,EAChB,aAAa,EACb,QAAQ;YAER,IAAI,CAAC;gBAEH,MAAM,QAAQ,GAAG,IAAI,UAAU,CAC7B,MAAM,CAAC,IAAI,CAAC,gBAAgB,EAAE,QAAQ,CAAC,CACxC,CAAC;gBAGF,MAAM,SAAS,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;gBACrD,IAAI,SAAS,CAAC,KAAK,EAAE,CAAC;oBACpB,OAAO;wBACL,EAAE,EAAE,KAAK;wBACT,KAAK,EAAE;4BACL,IAAI,EAAE,gBAAgB;4BACtB,OAAO,EAAE,qBAAqB,SAAS,CAAC,KAAK,EAAE,OAAO,IAAI,SAAS,EAAE;yBACtE;qBACF,CAAC;gBACJ,CAAC;gBAED,MAAM,UAAU,GAAG,IAAI,IAAI,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;gBAGhE,IAAI,CAAC,UAAU,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,QAAQ,EAAE,GAAG,EAAE,CAAC;oBAC3D,OAAO;wBACL,EAAE,EAAE,KAAK;wBACT,KAAK,EAAE;4BACL,IAAI,EAAE,gBAAgB;4BACtB,OAAO,EAAE,uCAAuC;yBACjD;qBACF,CAAC;gBACJ,CAAC;gBAGD,MAAM,WAAW,GAAG,UAAU,CAAC,QAAQ,CAAC,GAAG,EAAE,CAAC;gBAC9C,IAAI,WAAW,KAAK,OAAO,CAAC,SAAS,EAAE,CAAC;oBACtC,OAAO;wBACL,EAAE,EAAE,KAAK;wBACT,KAAK,EAAE;4BACL,IAAI,EAAE,cAAc;4BACpB,OAAO,EAAE,2BAA2B,WAAW,SAAS,OAAO,CAAC,SAAS,EAAE;yBAC5E;qBACF,CAAC;gBACJ,CAAC;gBAGD,MAAM,aAAa,GAAG,UAAU,CAAC,GAAG,EAAE,QAAQ,EAAE,CAAC;gBACjD,IAAI,aAAa,IAAI,CAAC,MAAM,eAAe,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC,EAAE,CAAC;oBAChE,OAAO;wBACL,EAAE,EAAE,KAAK;wBACT,KAAK,EAAE;4BACL,IAAI,EAAE,QAAQ;4BACd,OAAO,EAAE,kCAAkC;yBAC5C;qBACF,CAAC;gBACJ,CAAC;gBAID,MAAM,WAAW,GAAG,KAAK,CAAC,aAAa,EAAE,CAAC,UAAU,CAAC,EAAE;oBACrD,SAAS,EAAE,cAAc;oBACzB,SAAS,EAAE,OAAO,CAAC,QAAQ;oBAE3B,aAAa,EAAE,aAAoB;oBACnC,QAAQ,EAAE,CAAC,GAAqB,EAAE,MAAc,EAAE,EAAE;wBAElD,IAAI,OAAO,CAAC,WAAW,CAAC,QAAQ,CAAC,MAAM,CAAC;4BAAE,OAAO,IAAI,CAAC;wBAEtD,IAAI,OAAO,GAAG,CAAC,IAAI,KAAK,QAAQ,IAAI,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC;4BAC3D,OAAO,IAAI,CAAC;wBACd,OAAO,KAAK,CAAC;oBACf,CAAC;oBACD,qBAAqB,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC;iBAC1C,CAAC,CAAC;gBAEH,MAAM,YAAY,GAAG,MAAM,WAAW,CAAC;gBAEvC,IAAI,YAAY,CAAC,KAAK,EAAE,CAAC;oBAEvB,MAAM,QAAQ,GAAG,YAAY,CAAC,KAAK,CAAC,OAAO,IAAI,sBAAsB,CAAC;oBACtE,MAAM,aAAa,GACjB,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC;wBAC1B,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC;wBAC3B,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC;wBAC5B,QAAQ,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;oBAEhC,OAAO;wBACL,EAAE,EAAE,KAAK;wBACT,KAAK,EAAE;4BACL,IAAI,EAAE,aAAa,CAAC,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,cAAc;4BACzD,OAAO,EAAE,QAAQ;yBAClB;qBACF,CAAC;gBACJ,CAAC;gBAGD,MAAM,YAAY,GAAG,UAAU,CAAC,YAAY,EAAE,CAAC,CAAC,CAAC,CAAC;gBAClD,IAAI,YAAY,IAAI,YAAY,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;oBAEnD,MAAM,OAAO,GAAG,YAAY,CAAC,IAAc,CAAC;oBAC5C,MAAM,eAAe,GACnB,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC;wBACrB,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;wBAC5C,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC;4BACrB,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;oBAE/C,IAAI,CAAC,eAAe,EAAE,CAAC;wBACrB,OAAO;4BACL,EAAE,EAAE,KAAK;4BACT,KAAK,EAAE;gCACL,IAAI,EAAE,cAAc;gCACpB,OAAO,EAAE,YAAY,YAAY,CAAC,IAAI,mBAAmB,QAAQ,EAAE;6BACpE;yBACF,CAAC;oBACJ,CAAC;gBACH,CAAC;gBAGD,IAAI,aAAa,EAAE,CAAC;oBAClB,MAAM,eAAe,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;gBAC3C,CAAC;gBAGD,MAAM,UAAU,GAAG,eAAe,CAAC,UAAU,CAAC,CAAC;gBAC/C,MAAM,UAAU,GAAG,0BAA0B,CAAC,UAAU,CAAC,CAAC;gBAI1D,MAAM,KAAK,GAAI,UAAkB,CAAC,KAErB,CAAC;gBAEd,OAAO;oBACL,EAAE,EAAE,IAAI;oBACR,OAAO,EAAE,UAAU,CAAC,MAAM,CAAC,GAAG,EAAE;oBAChC,UAAU,EAAE,YAAY;wBACtB,CAAC,CAAC;4BACE,GAAG,EAAE,YAAY,CAAC,GAAG;4BACrB,IAAI,EAAE,YAAY,CAAC,IAAc;4BACjC,EAAE,EAAE,YAAY,CAAC,EAAyC;yBAC3D;wBACH,CAAC,CAAC,SAAS;oBACb,UAAU;oBACV,UAAU;oBACV,KAAK,EAAE,KAAK,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS;iBACrD,CAAC;YACJ,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC;gBACrE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,gBAAgB,EAAE,OAAO,EAAE,EAAE,CAAC;YACnE,CAAC;QACH,CAAC;KACF,CAAC;AACJ,CAAC"}
|
|
1
|
+
{"version":3,"file":"validator.js","sourceRoot":"","sources":["../../src/validator/validator.ts"],"names":[],"mappings":"AAcA,OAAO,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AAC5C,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,MAAM,cAAc,CAAC;AAChD,OAAO,EAAE,KAAK,EAAE,MAAM,mBAAmB,CAAC;AAG1C,OAAO,EAAE,uBAAuB,EAAE,MAAM,oBAAoB,CAAC;AAyL7D,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,OAA+B;IAE/B,MAAM,eAAe,GACnB,OAAO,CAAC,eAAe,IAAI,IAAI,uBAAuB,EAAE,CAAC;IAM3D,IAAI,cAAoC,CAAC;IAEzC,KAAK,UAAU,iBAAiB;QAC9B,IAAI,cAAc;YAAE,OAAO,cAAc,CAAC;QAE1C,IAAI,OAAO,CAAC,SAAS,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;YAC7C,cAAc,GAAG,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;YAC3D,OAAO,cAAc,CAAC;QACxB,CAAC;QAED,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC;YACzB,MAAM,IAAI,KAAK,CACb,cAAc,OAAO,CAAC,SAAS,wCAAwC;gBACrE,+EAA+E,CAClF,CAAC;QACJ,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,WAAW,CACxC,OAAO,CAAC,SAAsC,CAC/C,CAAC;QAEF,IAAI,OAAO,IAAI,QAAQ,EAAE,CAAC;YACxB,MAAM,IAAI,KAAK,CACb,gCAAgC,OAAO,CAAC,SAAS,KAAK,QAAQ,CAAC,KAAK,CAAC,OAAO,EAAE,CAC/E,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,QAAQ,CAAC,EAAE,IAAI,QAAQ,CAAC,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC7C,MAAM,IAAI,KAAK,CACb,gCAAgC,OAAO,CAAC,SAAS,IAAI;gBACnD,8DAA8D,CACjE,CAAC;QACJ,CAAC;QAED,MAAM,MAAM,GAAG,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;QAC9B,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,KAAK,CAAC,qCAAqC,OAAO,CAAC,SAAS,EAAE,CAAC,CAAC;QAC5E,CAAC;QAED,cAAc,GAAG,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAChD,OAAO,cAAc,CAAC;IACxB,CAAC;IAGD,MAAM,aAAa,GAAG,KAAK,EAAE,GAA8B,EAAE,EAAE;QAE7D,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YAC5B,OAAO,CAAC,KAAK,CAAC,6CAA6C,EAAE,GAAG,CAAC,CAAC;YAClE,OAAO;gBACL,KAAK,EAAE;oBACL,IAAI,EAAE,uBAAgC;oBACtC,GAAG,EAAE,MAAM,CAAC,GAAG,CAAC;oBAChB,OAAO,EAAE,4BAA4B,OAAO,GAAG,EAAE;iBAClD;aACF,CAAC;QACJ,CAAC;QAGD,IAAI,GAAG,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;YAC/B,OAAO,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC;QACvB,CAAC;QAGD,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC;YACxB,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;YAC9C,IAAI,IAAI,IAAI,MAAM,IAAI,MAAM,CAAC,EAAE,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAE3C,OAAO,EAAE,EAAE,EAAE,MAAM,CAAC,EAAE,EAAE,CAAC;YAC3B,CAAC;YACD,IAAI,OAAO,IAAI,MAAM,EAAE,CAAC;gBACtB,OAAO;oBACL,KAAK,EAAE;wBACL,IAAI,EAAE,uBAAgC;wBACtC,GAAG;wBACH,OAAO,EAAE,MAAM,CAAC,KAAK,CAAC,OAAO;qBAC9B;iBACF,CAAC;YACJ,CAAC;QACH,CAAC;QAED,OAAO;YACL,KAAK,EAAE;gBACL,IAAI,EAAE,uBAAgC;gBACtC,GAAG;gBACH,OAAO,EAAE,uBAAuB,GAAG,EAAE;aACtC;SACF,CAAC;IACJ,CAAC,CAAC;IAOF,SAAS,eAAe,CAAC,UAAe;QACtC,IAAI,CAAC,UAAU,EAAE,MAAM,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC1D,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC;QACnC,CAAC;QACD,MAAM,WAAW,GAAG,eAAe,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;QAC1D,OAAO,CAAC,GAAG,WAAW,EAAE,UAAU,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC;IACnD,CAAC;IAOD,SAAS,0BAA0B,CAAC,UAAe;QACjD,MAAM,GAAG,GACP,OAAO,UAAU,EAAE,UAAU,KAAK,QAAQ;YAC1C,QAAQ,CAAC,UAAU,CAAC,UAAU,CAAC;YAC7B,CAAC,CAAC,UAAU,CAAC,UAAU;YACvB,CAAC,CAAC,SAAS,CAAC;QAEhB,IAAI,CAAC,UAAU,EAAE,MAAM,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC1D,OAAO,GAAG,CAAC;QACb,CAAC;QAED,MAAM,SAAS,GAAG,0BAA0B,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;QAEnE,IAAI,GAAG,KAAK,SAAS,IAAI,SAAS,KAAK,SAAS,EAAE,CAAC;YACjD,OAAO,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;QAClC,CAAC;QACD,OAAO,GAAG,IAAI,SAAS,CAAC;IAC1B,CAAC;IAQD,KAAK,UAAU,qBAAqB,CAAC,UAAe;QAClD,MAAM,SAAS,GAAW,UAAU,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;QAGlD,MAAM,QAAQ,GAAG,MAAM,aAAa,CAClC,SAAsC,CACvC,CAAC;QACF,IAAI,OAAO,IAAI,QAAQ,EAAE,CAAC;YACxB,OAAO;gBACL,EAAE,EAAE,KAAK;gBACT,KAAK,EAAE;oBACL,IAAI,EAAE,mBAAmB;oBACzB,OAAO,EAAE,6BAA6B,SAAS,KAAK,QAAQ,CAAC,KAAK,EAAE,OAAO,IAAI,SAAS,EAAE;iBAC3F;aACF,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,QAAQ,CAAC,EAAE,IAAI,QAAQ,CAAC,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC7C,OAAO;gBACL,EAAE,EAAE,KAAK;gBACT,KAAK,EAAE;oBACL,IAAI,EAAE,mBAAmB;oBACzB,OAAO,EAAE,gCAAgC,SAAS,EAAE;iBACrD;aACF,CAAC;QACJ,CAAC;QAED,MAAM,MAAM,GAAG,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAE,CAAC;QAC/B,MAAM,YAAY,GAAG,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAIpD,MAAM,QAAQ,GAAG,UAAU,CAAC,IAAI,CAAC;QAOjC,MAAM,eAAe,GAAG;YACtB,GAAG,EAAE,GAAG,EAAE,CAAC,SAAS;YACpB,MAAM,EAAE,CAAC,OAAmB,EAAE,SAAkB,EAAE,EAAE,CAClD,YAAY,CAAC,MAAM,CACjB,OAAO,EAEP,SAAgB,CACjB;SACJ,CAAC;QAGF,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,QAAQ,EAAE,eAAsB,CAAC,CAAC;QAC9E,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,OAAO;gBACL,EAAE,EAAE,KAAK;gBACT,KAAK,EAAE;oBACL,IAAI,EAAE,mBAAmB;oBACzB,OAAO,EAAE,4CAA4C,SAAS,EAAE;iBACjE;aACF,CAAC;QACJ,CAAC;QAGD,IAAI,UAAU,CAAC,MAAM,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACtD,KAAK,MAAM,KAAK,IAAI,UAAU,CAAC,MAAM,EAAE,CAAC;gBAEtC,MAAM,aAAa,GAAW,KAAK,CAAC,QAAQ,CAAC,GAAG,EAAE,CAAC;gBACnD,IAAI,aAAa,KAAK,SAAS,EAAE,CAAC;oBAEhC,MAAM,gBAAgB,GAAG,MAAM,aAAa,CAC1C,aAA0C,CAC3C,CAAC;oBACF,MAAM,WAAW,GACf,IAAI,IAAI,gBAAgB,IAAI,gBAAgB,CAAC,EAAE;wBAC7C,CAAC,CAAC,gBAAgB,CAAC,EAAE,CAAC,CAAC,CAAC;wBACxB,CAAC,CAAC,IAAI,CAAC;oBAEX,IAAI,MAAM,KAAK,WAAW,EAAE,CAAC;wBAC3B,OAAO;4BACL,EAAE,EAAE,KAAK;4BACT,KAAK,EAAE;gCACL,IAAI,EAAE,cAAc;gCACpB,OAAO,EAAE,sCAAsC,aAAa,qCAAqC,SAAS,EAAE;6BAC7G;yBACF,CAAC;oBACJ,CAAC;gBACH,CAAC;gBAED,MAAM,WAAW,GAAG,MAAM,qBAAqB,CAAC,KAAK,CAAC,CAAC;gBACvD,IAAI,CAAC,WAAW,CAAC,EAAE,EAAE,CAAC;oBACpB,OAAO,WAAW,CAAC;gBACrB,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC;IACtB,CAAC;IAED,OAAO;QACL,SAAS,EAAE,OAAO,CAAC,SAAS;QAE5B,KAAK,CAAC,QAAQ,CACZ,gBAAgB,EAChB,aAAa,EACb,QAAQ;YAER,IAAI,CAAC;gBAEH,MAAM,QAAQ,GAAG,IAAI,UAAU,CAC7B,MAAM,CAAC,IAAI,CAAC,gBAAgB,EAAE,QAAQ,CAAC,CACxC,CAAC;gBAGF,MAAM,SAAS,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;gBACrD,IAAI,SAAS,CAAC,KAAK,EAAE,CAAC;oBACpB,OAAO;wBACL,EAAE,EAAE,KAAK;wBACT,KAAK,EAAE;4BACL,IAAI,EAAE,gBAAgB;4BACtB,OAAO,EAAE,qBAAqB,SAAS,CAAC,KAAK,EAAE,OAAO,IAAI,SAAS,EAAE;yBACtE;qBACF,CAAC;gBACJ,CAAC;gBAED,MAAM,UAAU,GAAG,IAAI,IAAI,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;gBAGhE,IAAI,CAAC,UAAU,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,QAAQ,EAAE,GAAG,EAAE,CAAC;oBAC3D,OAAO;wBACL,EAAE,EAAE,KAAK;wBACT,KAAK,EAAE;4BACL,IAAI,EAAE,gBAAgB;4BACtB,OAAO,EAAE,uCAAuC;yBACjD;qBACF,CAAC;gBACJ,CAAC;gBAGD,MAAM,WAAW,GAAG,UAAU,CAAC,QAAQ,CAAC,GAAG,EAAE,CAAC;gBAC9C,IAAI,WAAW,KAAK,OAAO,CAAC,SAAS,EAAE,CAAC;oBACtC,OAAO;wBACL,EAAE,EAAE,KAAK;wBACT,KAAK,EAAE;4BACL,IAAI,EAAE,cAAc;4BACpB,OAAO,EAAE,2BAA2B,WAAW,SAAS,OAAO,CAAC,SAAS,EAAE;yBAC5E;qBACF,CAAC;gBACJ,CAAC;gBAGD,MAAM,aAAa,GAAG,UAAU,CAAC,GAAG,EAAE,QAAQ,EAAE,CAAC;gBACjD,IAAI,aAAa,IAAI,CAAC,MAAM,eAAe,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC,EAAE,CAAC;oBAChE,OAAO;wBACL,EAAE,EAAE,KAAK;wBACT,KAAK,EAAE;4BACL,IAAI,EAAE,QAAQ;4BACd,OAAO,EAAE,kCAAkC;yBAC5C;qBACF,CAAC;gBACJ,CAAC;gBAID,MAAM,gBAAgB,GAAG,MAAM,iBAAiB,EAAE,CAAC;gBACnD,MAAM,WAAW,GAAG,KAAK,CAAC,aAAa,EAAE,CAAC,UAAU,CAAC,EAAE;oBACrD,SAAS,EAAE,gBAAgB;oBAC3B,SAAS,EAAE,OAAO,CAAC,QAAQ;oBAE3B,aAAa,EAAE,aAAoB;oBACnC,QAAQ,EAAE,CAAC,GAAqB,EAAE,MAAc,EAAE,EAAE;wBAElD,IAAI,OAAO,CAAC,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC;4BAAE,OAAO,IAAI,CAAC;wBAEnD,IAAI,OAAO,CAAC,WAAW,CAAC,QAAQ,CAAC,MAAM,CAAC;4BAAE,OAAO,IAAI,CAAC;wBAEtD,IAAI,OAAO,GAAG,CAAC,IAAI,KAAK,QAAQ,IAAI,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC;4BAC3D,OAAO,IAAI,CAAC;wBACd,OAAO,KAAK,CAAC;oBACf,CAAC;oBACD,qBAAqB,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC;iBAC1C,CAAC,CAAC;gBAEH,MAAM,YAAY,GAAG,MAAM,WAAW,CAAC;gBAEvC,IAAI,YAAY,CAAC,KAAK,EAAE,CAAC;oBAEvB,MAAM,QAAQ,GAAG,YAAY,CAAC,KAAK,CAAC,OAAO,IAAI,sBAAsB,CAAC;oBACtE,MAAM,aAAa,GACjB,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC;wBAC1B,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC;wBAC3B,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC;wBAC5B,QAAQ,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;oBAEhC,OAAO;wBACL,EAAE,EAAE,KAAK;wBACT,KAAK,EAAE;4BACL,IAAI,EAAE,aAAa,CAAC,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,cAAc;4BACzD,OAAO,EAAE,QAAQ;yBAClB;qBACF,CAAC;gBACJ,CAAC;gBAGD,MAAM,YAAY,GAAG,UAAU,CAAC,YAAY,EAAE,CAAC,CAAC,CAAC,CAAC;gBAClD,IAAI,YAAY,IAAI,YAAY,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;oBAEnD,MAAM,OAAO,GAAG,YAAY,CAAC,IAAc,CAAC;oBAC5C,MAAM,eAAe,GACnB,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC;wBACrB,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;wBAC5C,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC;4BACrB,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;oBAE/C,IAAI,CAAC,eAAe,EAAE,CAAC;wBACrB,OAAO;4BACL,EAAE,EAAE,KAAK;4BACT,KAAK,EAAE;gCACL,IAAI,EAAE,cAAc;gCACpB,OAAO,EAAE,YAAY,YAAY,CAAC,IAAI,mBAAmB,QAAQ,EAAE;6BACpE;yBACF,CAAC;oBACJ,CAAC;gBACH,CAAC;gBAGD,IAAI,aAAa,EAAE,CAAC;oBAClB,MAAM,eAAe,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;gBAC3C,CAAC;gBAGD,MAAM,UAAU,GAAG,eAAe,CAAC,UAAU,CAAC,CAAC;gBAC/C,MAAM,UAAU,GAAG,0BAA0B,CAAC,UAAU,CAAC,CAAC;gBAI1D,MAAM,KAAK,GAAI,UAAkB,CAAC,KAErB,CAAC;gBAEd,OAAO;oBACL,EAAE,EAAE,IAAI;oBACR,OAAO,EAAE,UAAU,CAAC,MAAM,CAAC,GAAG,EAAE;oBAChC,UAAU,EAAE,YAAY;wBACtB,CAAC,CAAC;4BACE,GAAG,EAAE,YAAY,CAAC,GAAG;4BACrB,IAAI,EAAE,YAAY,CAAC,IAAc;4BACjC,EAAE,EAAE,YAAY,CAAC,EAAyC;yBAC3D;wBACH,CAAC,CAAC,SAAS;oBACb,UAAU;oBACV,UAAU;oBACV,KAAK,EAAE,KAAK,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS;iBACrD,CAAC;YACJ,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC;gBACrE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,gBAAgB,EAAE,OAAO,EAAE,EAAE,CAAC;YACnE,CAAC;QACH,CAAC;QAED,KAAK,CAAC,kBAAkB,CACtB,gBAAwB;YAExB,IAAI,CAAC;gBAEH,MAAM,QAAQ,GAAG,IAAI,UAAU,CAC7B,MAAM,CAAC,IAAI,CAAC,gBAAgB,EAAE,QAAQ,CAAC,CACxC,CAAC;gBAGF,MAAM,SAAS,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;gBACrD,IAAI,SAAS,CAAC,KAAK,EAAE,CAAC;oBACpB,OAAO;wBACL,EAAE,EAAE,KAAK;wBACT,KAAK,EAAE;4BACL,IAAI,EAAE,gBAAgB;4BACtB,OAAO,EAAE,qBAAqB,SAAS,CAAC,KAAK,EAAE,OAAO,IAAI,SAAS,EAAE;yBACtE;qBACF,CAAC;gBACJ,CAAC;gBAED,MAAM,UAAU,GAAG,IAAI,IAAI,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;gBAGhE,IAAI,CAAC,UAAU,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,QAAQ,EAAE,GAAG,EAAE,CAAC;oBAC3D,OAAO;wBACL,EAAE,EAAE,KAAK;wBACT,KAAK,EAAE;4BACL,IAAI,EAAE,gBAAgB;4BACtB,OAAO,EAAE,uCAAuC;yBACjD;qBACF,CAAC;gBACJ,CAAC;gBAGD,MAAM,WAAW,GAAG,UAAU,CAAC,QAAQ,CAAC,GAAG,EAAE,CAAC;gBAC9C,IAAI,WAAW,KAAK,OAAO,CAAC,SAAS,EAAE,CAAC;oBACtC,OAAO;wBACL,EAAE,EAAE,KAAK;wBACT,KAAK,EAAE;4BACL,IAAI,EAAE,cAAc;4BACpB,OAAO,EAAE,2BAA2B,WAAW,SAAS,OAAO,CAAC,SAAS,EAAE;yBAC5E;qBACF,CAAC;gBACJ,CAAC;gBAGD,MAAM,UAAU,GAAG,0BAA0B,CAAC,UAAU,CAAC,CAAC;gBAC1D,IAAI,UAAU,KAAK,SAAS,EAAE,CAAC;oBAC7B,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;oBACjD,IAAI,UAAU,GAAG,UAAU,EAAE,CAAC;wBAC5B,OAAO;4BACL,EAAE,EAAE,KAAK;4BACT,KAAK,EAAE;gCACL,IAAI,EAAE,SAAS;gCACf,OAAO,EAAE,yBAAyB,IAAI,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE,EAAE;6BAC9E;yBACF,CAAC;oBACJ,CAAC;gBACH,CAAC;gBAGD,MAAM,SAAS,GAAG,MAAM,qBAAqB,CAAC,UAAU,CAAC,CAAC;gBAC1D,IAAI,CAAC,SAAS,CAAC,EAAE,EAAE,CAAC;oBAClB,OAAO,SAAS,CAAC;gBACnB,CAAC;gBAGD,MAAM,UAAU,GAAG,eAAe,CAAC,UAAU,CAAC,CAAC;gBAC/C,MAAM,GAAG,GAAG,UAAU,CAAC,YAAY,EAAE,CAAC,CAAC,CAAC,CAAC;gBAEzC,MAAM,KAAK,GAAI,UAAkB,CAAC,KAErB,CAAC;gBAEd,OAAO;oBACL,EAAE,EAAE,IAAI;oBACR,OAAO,EAAE,UAAU,CAAC,MAAM,CAAC,GAAG,EAAE;oBAChC,UAAU,EAAE,GAAG;wBACb,CAAC,CAAC;4BACE,GAAG,EAAE,GAAG,CAAC,GAAG;4BACZ,IAAI,EAAE,GAAG,CAAC,IAAc;4BACxB,EAAE,EAAE,GAAG,CAAC,EAAyC;yBAClD;wBACH,CAAC,CAAC,SAAS;oBACb,UAAU;oBACV,UAAU;oBACV,KAAK,EAAE,KAAK,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS;iBACrD,CAAC;YACJ,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC;gBACrE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,gBAAgB,EAAE,OAAO,EAAE,EAAE,CAAC;YACnE,CAAC;QACH,CAAC;KACF,CAAC;AACJ,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@ixo/ucan",
|
|
3
3
|
"description": "UCAN authorization for any service - built on ucanto",
|
|
4
|
-
"version": "1.
|
|
4
|
+
"version": "1.2.1",
|
|
5
5
|
"private": false,
|
|
6
6
|
"publishConfig": {
|
|
7
7
|
"access": "public"
|
|
@@ -11,28 +11,39 @@
|
|
|
11
11
|
"types": "./dist/index.d.ts",
|
|
12
12
|
"exports": {
|
|
13
13
|
".": {
|
|
14
|
+
"types": "./dist/index.d.ts",
|
|
14
15
|
"import": "./dist/index.js",
|
|
15
|
-
"
|
|
16
|
+
"default": "./dist/index.js"
|
|
16
17
|
},
|
|
17
18
|
"./validator": {
|
|
19
|
+
"types": "./dist/validator/validator.d.ts",
|
|
18
20
|
"import": "./dist/validator/validator.js",
|
|
19
|
-
"
|
|
21
|
+
"default": "./dist/validator/validator.js"
|
|
20
22
|
},
|
|
21
23
|
"./client": {
|
|
24
|
+
"types": "./dist/client/create-client.d.ts",
|
|
22
25
|
"import": "./dist/client/create-client.js",
|
|
23
|
-
"
|
|
26
|
+
"default": "./dist/client/create-client.js"
|
|
24
27
|
},
|
|
25
28
|
"./capabilities": {
|
|
29
|
+
"types": "./dist/capabilities/capability.d.ts",
|
|
26
30
|
"import": "./dist/capabilities/capability.js",
|
|
27
|
-
"
|
|
31
|
+
"default": "./dist/capabilities/capability.js"
|
|
28
32
|
},
|
|
29
33
|
"./did": {
|
|
34
|
+
"types": "./dist/did/ixo-resolver.d.ts",
|
|
30
35
|
"import": "./dist/did/ixo-resolver.js",
|
|
31
|
-
"
|
|
36
|
+
"default": "./dist/did/ixo-resolver.js"
|
|
37
|
+
},
|
|
38
|
+
"./did/web": {
|
|
39
|
+
"types": "./dist/did/web-resolver.d.ts",
|
|
40
|
+
"import": "./dist/did/web-resolver.js",
|
|
41
|
+
"default": "./dist/did/web-resolver.js"
|
|
32
42
|
},
|
|
33
43
|
"./store": {
|
|
44
|
+
"types": "./dist/store/memory.d.ts",
|
|
34
45
|
"import": "./dist/store/memory.js",
|
|
35
|
-
"
|
|
46
|
+
"default": "./dist/store/memory.js"
|
|
36
47
|
}
|
|
37
48
|
},
|
|
38
49
|
"devDependencies": {
|
|
@@ -43,8 +54,8 @@
|
|
|
43
54
|
"typescript": "^5.5.4",
|
|
44
55
|
"vitest": "^3.2.4",
|
|
45
56
|
"@ixo/eslint-config": "2.0.0",
|
|
46
|
-
"@ixo/
|
|
47
|
-
"@ixo/
|
|
57
|
+
"@ixo/vitest-config": "1.0.0",
|
|
58
|
+
"@ixo/typescript-config": "1.0.0"
|
|
48
59
|
},
|
|
49
60
|
"dependencies": {
|
|
50
61
|
"@ucanto/client": "9.0.2",
|
|
@@ -0,0 +1,79 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @fileoverview Local DID resolver for UCAN validation
|
|
3
|
+
*
|
|
4
|
+
* Resolves DIDs from an in-memory registry of pre-known keys.
|
|
5
|
+
* Useful for services that generate their own did:web identity and
|
|
6
|
+
* need to validate UCANs addressed to themselves or sibling services
|
|
7
|
+
* without making network calls.
|
|
8
|
+
*
|
|
9
|
+
* @example
|
|
10
|
+
* ```typescript
|
|
11
|
+
* import { createLocalDIDResolver, createCompositeDIDResolver, createWebDIDResolver } from '@ixo/ucan';
|
|
12
|
+
*
|
|
13
|
+
* const localResolver = createLocalDIDResolver();
|
|
14
|
+
* // Register own DID key at startup
|
|
15
|
+
* localResolver.register('did:web:myservice.example.com', 'z6MkPublicKeyMultibase...');
|
|
16
|
+
*
|
|
17
|
+
* const didResolver = createCompositeDIDResolver([
|
|
18
|
+
* localResolver, // check local first (instant)
|
|
19
|
+
* createWebDIDResolver(), // fall back to HTTP
|
|
20
|
+
* ]);
|
|
21
|
+
* ```
|
|
22
|
+
*/
|
|
23
|
+
|
|
24
|
+
import type { DID } from '@ucanto/interface';
|
|
25
|
+
import type { DIDKeyResolver, KeyDID } from '../types.js';
|
|
26
|
+
|
|
27
|
+
/**
|
|
28
|
+
* A DID resolver with a mutable registry of locally-known DIDs.
|
|
29
|
+
* Conforms to `DIDKeyResolver` so it can be used in `createCompositeDIDResolver`.
|
|
30
|
+
*/
|
|
31
|
+
export interface LocalDIDResolver extends DIDKeyResolver {
|
|
32
|
+
/**
|
|
33
|
+
* Register a DID with its public key multibase.
|
|
34
|
+
* Subsequent calls to the resolver for this DID will return the key
|
|
35
|
+
* instantly without any network call.
|
|
36
|
+
*
|
|
37
|
+
* @param did - The full DID string (e.g. 'did:web:localhost%3A9000')
|
|
38
|
+
* @param publicKeyMultibase - The z-base58btc multibase-encoded Ed25519 public key
|
|
39
|
+
*/
|
|
40
|
+
register(did: string, publicKeyMultibase: string): void;
|
|
41
|
+
}
|
|
42
|
+
|
|
43
|
+
/**
|
|
44
|
+
* Creates a local DID resolver backed by an in-memory map.
|
|
45
|
+
*
|
|
46
|
+
* When used at the front of a composite resolver chain, it provides
|
|
47
|
+
* instant resolution for known DIDs and falls through to network
|
|
48
|
+
* resolvers for unknown ones.
|
|
49
|
+
*/
|
|
50
|
+
export function createLocalDIDResolver(): LocalDIDResolver {
|
|
51
|
+
const registry = new Map<string, KeyDID[]>();
|
|
52
|
+
|
|
53
|
+
const resolver = (async (
|
|
54
|
+
did: DID,
|
|
55
|
+
): Promise<
|
|
56
|
+
{ ok: KeyDID[] } | { error: { name: string; did: string; message: string } }
|
|
57
|
+
> => {
|
|
58
|
+
const keys = registry.get(did);
|
|
59
|
+
if (keys) {
|
|
60
|
+
return { ok: keys };
|
|
61
|
+
}
|
|
62
|
+
|
|
63
|
+
// Return "not a" error so createCompositeDIDResolver skips to next resolver
|
|
64
|
+
return {
|
|
65
|
+
error: {
|
|
66
|
+
name: 'DIDKeyResolutionError',
|
|
67
|
+
did,
|
|
68
|
+
message: `Cannot resolve ${did}: not a did: registered locally`,
|
|
69
|
+
},
|
|
70
|
+
};
|
|
71
|
+
}) as LocalDIDResolver;
|
|
72
|
+
|
|
73
|
+
resolver.register = (did: string, publicKeyMultibase: string): void => {
|
|
74
|
+
const keyDid: KeyDID = `did:key:${publicKeyMultibase}`;
|
|
75
|
+
registry.set(did, [keyDid]);
|
|
76
|
+
};
|
|
77
|
+
|
|
78
|
+
return resolver;
|
|
79
|
+
}
|
|
@@ -0,0 +1,140 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @fileoverview did:web resolver for UCAN validation
|
|
3
|
+
*
|
|
4
|
+
* Resolves did:web identifiers by fetching the DID document from
|
|
5
|
+
* the well-known endpoint as defined in the did:web specification.
|
|
6
|
+
*
|
|
7
|
+
* @see https://w3c-ccg.github.io/did-method-web/
|
|
8
|
+
*/
|
|
9
|
+
|
|
10
|
+
import type { DID } from '@ucanto/interface';
|
|
11
|
+
import type { DIDKeyResolver, KeyDID } from '../types.js';
|
|
12
|
+
|
|
13
|
+
export interface WebDIDResolverConfig {
|
|
14
|
+
fetch?: typeof globalThis.fetch;
|
|
15
|
+
/** If true, retry with http:// when https:// fetch fails. Default: false. */
|
|
16
|
+
fallbackToHttp?: boolean;
|
|
17
|
+
}
|
|
18
|
+
|
|
19
|
+
interface VerificationMethod {
|
|
20
|
+
id: string;
|
|
21
|
+
type: string;
|
|
22
|
+
publicKeyMultibase?: string;
|
|
23
|
+
}
|
|
24
|
+
|
|
25
|
+
/**
|
|
26
|
+
* Creates a DID resolver for did:web identifiers
|
|
27
|
+
*
|
|
28
|
+
* Fetches the DID document from `https://{domain}/.well-known/did.json`
|
|
29
|
+
* (or `https://{domain}/{path}/did.json` for path-based did:web DIDs)
|
|
30
|
+
* and extracts Ed25519 verification methods as did:key identifiers.
|
|
31
|
+
*
|
|
32
|
+
* @example
|
|
33
|
+
* ```typescript
|
|
34
|
+
* const resolver = createWebDIDResolver();
|
|
35
|
+
* const result = await resolver('did:web:sandbox.ixo.world');
|
|
36
|
+
* if ('ok' in result) {
|
|
37
|
+
* console.log('Keys:', result.ok); // ['did:key:z6Mk...']
|
|
38
|
+
* }
|
|
39
|
+
* ```
|
|
40
|
+
*/
|
|
41
|
+
export function createWebDIDResolver(
|
|
42
|
+
config?: WebDIDResolverConfig,
|
|
43
|
+
): DIDKeyResolver {
|
|
44
|
+
const fetchFn = config?.fetch ?? globalThis.fetch;
|
|
45
|
+
|
|
46
|
+
return async (
|
|
47
|
+
did: DID,
|
|
48
|
+
): Promise<
|
|
49
|
+
{ ok: KeyDID[] } | { error: { name: string; did: string; message: string } }
|
|
50
|
+
> => {
|
|
51
|
+
if (!did.startsWith('did:web:')) {
|
|
52
|
+
return {
|
|
53
|
+
error: {
|
|
54
|
+
name: 'DIDKeyResolutionError',
|
|
55
|
+
did,
|
|
56
|
+
message: `Cannot resolve ${did}: not a did:web identifier`,
|
|
57
|
+
},
|
|
58
|
+
};
|
|
59
|
+
}
|
|
60
|
+
|
|
61
|
+
try {
|
|
62
|
+
// did:web:example.com → https://example.com/.well-known/did.json
|
|
63
|
+
// did:web:example.com:path:to → https://example.com/path/to/did.json
|
|
64
|
+
const parts = did.slice('did:web:'.length).split(':');
|
|
65
|
+
const domain = decodeURIComponent(parts[0]!);
|
|
66
|
+
const pathSegments = parts.slice(1).map(decodeURIComponent);
|
|
67
|
+
|
|
68
|
+
const path =
|
|
69
|
+
pathSegments.length > 0
|
|
70
|
+
? `/${pathSegments.join('/')}/did.json`
|
|
71
|
+
: '/.well-known/did.json';
|
|
72
|
+
|
|
73
|
+
const httpsUrl = `https://${domain}${path}`;
|
|
74
|
+
|
|
75
|
+
let response: Response | null = null;
|
|
76
|
+
let fetchUrl = httpsUrl;
|
|
77
|
+
|
|
78
|
+
try {
|
|
79
|
+
response = await fetchFn(httpsUrl);
|
|
80
|
+
} catch (httpsError) {
|
|
81
|
+
if (config?.fallbackToHttp) {
|
|
82
|
+
fetchUrl = `http://${domain}${path}`;
|
|
83
|
+
response = await fetchFn(fetchUrl);
|
|
84
|
+
} else {
|
|
85
|
+
throw httpsError;
|
|
86
|
+
}
|
|
87
|
+
}
|
|
88
|
+
|
|
89
|
+
if (!response.ok && config?.fallbackToHttp && fetchUrl === httpsUrl) {
|
|
90
|
+
// HTTPS returned a non-ok status, try HTTP
|
|
91
|
+
fetchUrl = `http://${domain}${path}`;
|
|
92
|
+
response = await fetchFn(fetchUrl);
|
|
93
|
+
}
|
|
94
|
+
|
|
95
|
+
if (!response.ok) {
|
|
96
|
+
return {
|
|
97
|
+
error: {
|
|
98
|
+
name: 'DIDKeyResolutionError',
|
|
99
|
+
did,
|
|
100
|
+
message: `Failed to fetch DID document from ${fetchUrl}: HTTP ${response.status}`,
|
|
101
|
+
},
|
|
102
|
+
};
|
|
103
|
+
}
|
|
104
|
+
|
|
105
|
+
const doc = (await response.json()) as {
|
|
106
|
+
verificationMethod?: VerificationMethod[];
|
|
107
|
+
};
|
|
108
|
+
|
|
109
|
+
const keys: KeyDID[] = [];
|
|
110
|
+
for (const vm of doc.verificationMethod ?? []) {
|
|
111
|
+
if (
|
|
112
|
+
vm.type.includes('Ed25519') &&
|
|
113
|
+
vm.publicKeyMultibase?.startsWith('z')
|
|
114
|
+
) {
|
|
115
|
+
keys.push(`did:key:${vm.publicKeyMultibase}`);
|
|
116
|
+
}
|
|
117
|
+
}
|
|
118
|
+
|
|
119
|
+
if (keys.length === 0) {
|
|
120
|
+
return {
|
|
121
|
+
error: {
|
|
122
|
+
name: 'DIDKeyResolutionError',
|
|
123
|
+
did,
|
|
124
|
+
message: `No valid Ed25519 verification methods found in DID document for ${did}`,
|
|
125
|
+
},
|
|
126
|
+
};
|
|
127
|
+
}
|
|
128
|
+
|
|
129
|
+
return { ok: keys };
|
|
130
|
+
} catch (error) {
|
|
131
|
+
return {
|
|
132
|
+
error: {
|
|
133
|
+
name: 'DIDKeyResolutionError',
|
|
134
|
+
did,
|
|
135
|
+
message: `Failed to resolve ${did}: ${error instanceof Error ? error.message : 'Unknown error'}`,
|
|
136
|
+
},
|
|
137
|
+
};
|
|
138
|
+
}
|
|
139
|
+
};
|
|
140
|
+
}
|
package/src/index.ts
CHANGED
|
@@ -120,6 +120,16 @@ export {
|
|
|
120
120
|
type IxoDIDResolverConfig,
|
|
121
121
|
} from './did/ixo-resolver.js';
|
|
122
122
|
|
|
123
|
+
export {
|
|
124
|
+
createWebDIDResolver,
|
|
125
|
+
type WebDIDResolverConfig,
|
|
126
|
+
} from './did/web-resolver.js';
|
|
127
|
+
|
|
128
|
+
export {
|
|
129
|
+
createLocalDIDResolver,
|
|
130
|
+
type LocalDIDResolver,
|
|
131
|
+
} from './did/local-resolver.js';
|
|
132
|
+
|
|
123
133
|
// =============================================================================
|
|
124
134
|
// Store (for replay protection)
|
|
125
135
|
// =============================================================================
|
|
@@ -6,6 +6,7 @@ import { defineCapability, Schema } from '../capabilities/capability.js';
|
|
|
6
6
|
import {
|
|
7
7
|
createDelegation,
|
|
8
8
|
createInvocation,
|
|
9
|
+
serializeDelegation,
|
|
9
10
|
serializeInvocation,
|
|
10
11
|
type Capability,
|
|
11
12
|
} from '../client/create-client.js';
|
|
@@ -774,4 +775,339 @@ describe('UCAN Validator', () => {
|
|
|
774
775
|
expect(result2.error?.code).toBe('REPLAY');
|
|
775
776
|
});
|
|
776
777
|
});
|
|
778
|
+
|
|
779
|
+
describe('validateDelegation', () => {
|
|
780
|
+
it('should validate a simple delegation with did:key', async () => {
|
|
781
|
+
const server = await keygen();
|
|
782
|
+
const user = await keygen();
|
|
783
|
+
|
|
784
|
+
const validator = await createUCANValidator({
|
|
785
|
+
serverDid: server.did,
|
|
786
|
+
rootIssuers: [user.did],
|
|
787
|
+
});
|
|
788
|
+
|
|
789
|
+
const delegation = await createDelegation({
|
|
790
|
+
issuer: user.signer,
|
|
791
|
+
audience: server.did,
|
|
792
|
+
capabilities: [
|
|
793
|
+
{
|
|
794
|
+
can: '*' as Capability['can'],
|
|
795
|
+
with: 'ixo:oracle' as Capability['with'],
|
|
796
|
+
},
|
|
797
|
+
],
|
|
798
|
+
expiration: Math.floor(Date.now() / 1000) + 3600,
|
|
799
|
+
});
|
|
800
|
+
|
|
801
|
+
const serialized = await serializeDelegation(delegation);
|
|
802
|
+
const result = await validator.validateDelegation(serialized);
|
|
803
|
+
|
|
804
|
+
expect(result.ok).toBe(true);
|
|
805
|
+
expect(result.invoker).toBe(user.did);
|
|
806
|
+
expect(result.capability?.can).toBe('*');
|
|
807
|
+
expect(result.capability?.with).toBe('ixo:oracle');
|
|
808
|
+
expect(result.proofChain).toEqual([user.did]);
|
|
809
|
+
});
|
|
810
|
+
|
|
811
|
+
it('should validate a delegation with non-did:key issuer (withDID)', async () => {
|
|
812
|
+
const server = await keygen();
|
|
813
|
+
const userKey = await keygen();
|
|
814
|
+
// Simulate a did:ixo issuer (signer with overridden DID)
|
|
815
|
+
const ixoDid = 'did:ixo:ixo1testuser123' as const;
|
|
816
|
+
const signer = userKey.signer.withDID(ixoDid);
|
|
817
|
+
|
|
818
|
+
const validator = await createUCANValidator({
|
|
819
|
+
serverDid: server.did,
|
|
820
|
+
rootIssuers: [ixoDid],
|
|
821
|
+
// Provide a resolver that maps did:ixo -> did:key
|
|
822
|
+
didResolver: async (did) => {
|
|
823
|
+
if (did === ixoDid) return { ok: [userKey.did] };
|
|
824
|
+
return { error: { name: 'NotFound', did, message: 'Unknown DID' } };
|
|
825
|
+
},
|
|
826
|
+
});
|
|
827
|
+
|
|
828
|
+
const delegation = await createDelegation({
|
|
829
|
+
issuer: signer,
|
|
830
|
+
audience: server.did,
|
|
831
|
+
capabilities: [
|
|
832
|
+
{
|
|
833
|
+
can: '*' as Capability['can'],
|
|
834
|
+
with: 'ixo:oracle' as Capability['with'],
|
|
835
|
+
},
|
|
836
|
+
],
|
|
837
|
+
expiration: Math.floor(Date.now() / 1000) + 3600,
|
|
838
|
+
});
|
|
839
|
+
|
|
840
|
+
const serialized = await serializeDelegation(delegation);
|
|
841
|
+
const result = await validator.validateDelegation(serialized);
|
|
842
|
+
|
|
843
|
+
expect(result.ok).toBe(true);
|
|
844
|
+
expect(result.invoker).toBe(ixoDid);
|
|
845
|
+
expect(result.proofChain).toEqual([ixoDid]);
|
|
846
|
+
});
|
|
847
|
+
|
|
848
|
+
it('should reject delegation with wrong audience', async () => {
|
|
849
|
+
const server = await keygen();
|
|
850
|
+
const wrongServer = await keygen();
|
|
851
|
+
const user = await keygen();
|
|
852
|
+
|
|
853
|
+
const validator = await createUCANValidator({
|
|
854
|
+
serverDid: server.did,
|
|
855
|
+
rootIssuers: [user.did],
|
|
856
|
+
});
|
|
857
|
+
|
|
858
|
+
const delegation = await createDelegation({
|
|
859
|
+
issuer: user.signer,
|
|
860
|
+
audience: wrongServer.did,
|
|
861
|
+
capabilities: [
|
|
862
|
+
{
|
|
863
|
+
can: '*' as Capability['can'],
|
|
864
|
+
with: 'ixo:oracle' as Capability['with'],
|
|
865
|
+
},
|
|
866
|
+
],
|
|
867
|
+
});
|
|
868
|
+
|
|
869
|
+
const serialized = await serializeDelegation(delegation);
|
|
870
|
+
const result = await validator.validateDelegation(serialized);
|
|
871
|
+
|
|
872
|
+
expect(result.ok).toBe(false);
|
|
873
|
+
expect(result.error?.code).toBe('UNAUTHORIZED');
|
|
874
|
+
});
|
|
875
|
+
|
|
876
|
+
it('should reject expired delegation', async () => {
|
|
877
|
+
const server = await keygen();
|
|
878
|
+
const user = await keygen();
|
|
879
|
+
|
|
880
|
+
const validator = await createUCANValidator({
|
|
881
|
+
serverDid: server.did,
|
|
882
|
+
rootIssuers: [user.did],
|
|
883
|
+
});
|
|
884
|
+
|
|
885
|
+
const delegation = await createDelegation({
|
|
886
|
+
issuer: user.signer,
|
|
887
|
+
audience: server.did,
|
|
888
|
+
capabilities: [
|
|
889
|
+
{
|
|
890
|
+
can: '*' as Capability['can'],
|
|
891
|
+
with: 'ixo:oracle' as Capability['with'],
|
|
892
|
+
},
|
|
893
|
+
],
|
|
894
|
+
expiration: Math.floor(Date.now() / 1000) - 60, // expired 1 minute ago
|
|
895
|
+
});
|
|
896
|
+
|
|
897
|
+
const serialized = await serializeDelegation(delegation);
|
|
898
|
+
const result = await validator.validateDelegation(serialized);
|
|
899
|
+
|
|
900
|
+
expect(result.ok).toBe(false);
|
|
901
|
+
expect(result.error?.code).toBe('EXPIRED');
|
|
902
|
+
});
|
|
903
|
+
|
|
904
|
+
it('should reject delegation with tampered signature', async () => {
|
|
905
|
+
const server = await keygen();
|
|
906
|
+
const user = await keygen();
|
|
907
|
+
const attacker = await keygen();
|
|
908
|
+
|
|
909
|
+
const validator = await createUCANValidator({
|
|
910
|
+
serverDid: server.did,
|
|
911
|
+
rootIssuers: [user.did],
|
|
912
|
+
});
|
|
913
|
+
|
|
914
|
+
// Attacker creates delegation pretending to be user
|
|
915
|
+
// but signing with their own key (signature won't match user's DID)
|
|
916
|
+
const delegation = await createDelegation({
|
|
917
|
+
issuer: attacker.signer.withDID(user.did),
|
|
918
|
+
audience: server.did,
|
|
919
|
+
capabilities: [
|
|
920
|
+
{
|
|
921
|
+
can: '*' as Capability['can'],
|
|
922
|
+
with: 'ixo:oracle' as Capability['with'],
|
|
923
|
+
},
|
|
924
|
+
],
|
|
925
|
+
expiration: Math.floor(Date.now() / 1000) + 3600,
|
|
926
|
+
});
|
|
927
|
+
|
|
928
|
+
const serialized = await serializeDelegation(delegation);
|
|
929
|
+
const result = await validator.validateDelegation(serialized);
|
|
930
|
+
|
|
931
|
+
expect(result.ok).toBe(false);
|
|
932
|
+
expect(result.error?.code).toBe('INVALID_SIGNATURE');
|
|
933
|
+
});
|
|
934
|
+
|
|
935
|
+
it('should reject malformed base64 input', async () => {
|
|
936
|
+
const server = await keygen();
|
|
937
|
+
|
|
938
|
+
const validator = await createUCANValidator({
|
|
939
|
+
serverDid: server.did,
|
|
940
|
+
rootIssuers: [],
|
|
941
|
+
});
|
|
942
|
+
|
|
943
|
+
const result = await validator.validateDelegation('not-valid-base64!!!');
|
|
944
|
+
|
|
945
|
+
expect(result.ok).toBe(false);
|
|
946
|
+
expect(result.error?.code).toBe('INVALID_FORMAT');
|
|
947
|
+
});
|
|
948
|
+
|
|
949
|
+
it('should validate delegation chain (root -> user -> server)', async () => {
|
|
950
|
+
const server = await keygen();
|
|
951
|
+
const root = await keygen();
|
|
952
|
+
const user = await keygen();
|
|
953
|
+
|
|
954
|
+
const validator = await createUCANValidator({
|
|
955
|
+
serverDid: server.did,
|
|
956
|
+
rootIssuers: [root.did],
|
|
957
|
+
});
|
|
958
|
+
|
|
959
|
+
// Root delegates to user
|
|
960
|
+
const rootToUser = await Client.delegate({
|
|
961
|
+
issuer: root.signer,
|
|
962
|
+
audience: user.signer,
|
|
963
|
+
capabilities: [
|
|
964
|
+
{
|
|
965
|
+
can: '*' as const,
|
|
966
|
+
with: 'ixo:oracle' as const,
|
|
967
|
+
},
|
|
968
|
+
],
|
|
969
|
+
expiration: Math.floor(Date.now() / 1000) + 7200,
|
|
970
|
+
});
|
|
971
|
+
|
|
972
|
+
// User re-delegates to server (with proof of root delegation)
|
|
973
|
+
const userToServer = await createDelegation({
|
|
974
|
+
issuer: user.signer,
|
|
975
|
+
audience: server.did,
|
|
976
|
+
capabilities: [
|
|
977
|
+
{
|
|
978
|
+
can: '*' as Capability['can'],
|
|
979
|
+
with: 'ixo:oracle' as Capability['with'],
|
|
980
|
+
},
|
|
981
|
+
],
|
|
982
|
+
expiration: Math.floor(Date.now() / 1000) + 3600,
|
|
983
|
+
proofs: [rootToUser],
|
|
984
|
+
});
|
|
985
|
+
|
|
986
|
+
const serialized = await serializeDelegation(userToServer);
|
|
987
|
+
const result = await validator.validateDelegation(serialized);
|
|
988
|
+
|
|
989
|
+
expect(result.ok).toBe(true);
|
|
990
|
+
expect(result.invoker).toBe(user.did);
|
|
991
|
+
expect(result.proofChain).toEqual([root.did, user.did]);
|
|
992
|
+
});
|
|
993
|
+
|
|
994
|
+
it('should return effective expiration across delegation chain', async () => {
|
|
995
|
+
const server = await keygen();
|
|
996
|
+
const root = await keygen();
|
|
997
|
+
const user = await keygen();
|
|
998
|
+
|
|
999
|
+
const laterExp = Math.floor(Date.now() / 1000) + 7200; // 2 hours
|
|
1000
|
+
const earlierExp = Math.floor(Date.now() / 1000) + 3600; // 1 hour
|
|
1001
|
+
|
|
1002
|
+
const validator = await createUCANValidator({
|
|
1003
|
+
serverDid: server.did,
|
|
1004
|
+
rootIssuers: [root.did],
|
|
1005
|
+
});
|
|
1006
|
+
|
|
1007
|
+
// Root -> user with later expiration
|
|
1008
|
+
const rootToUser = await Client.delegate({
|
|
1009
|
+
issuer: root.signer,
|
|
1010
|
+
audience: user.signer,
|
|
1011
|
+
capabilities: [
|
|
1012
|
+
{
|
|
1013
|
+
can: '*' as const,
|
|
1014
|
+
with: 'ixo:oracle' as const,
|
|
1015
|
+
},
|
|
1016
|
+
],
|
|
1017
|
+
expiration: laterExp,
|
|
1018
|
+
});
|
|
1019
|
+
|
|
1020
|
+
// User -> server with earlier expiration
|
|
1021
|
+
const userToServer = await createDelegation({
|
|
1022
|
+
issuer: user.signer,
|
|
1023
|
+
audience: server.did,
|
|
1024
|
+
capabilities: [
|
|
1025
|
+
{
|
|
1026
|
+
can: '*' as Capability['can'],
|
|
1027
|
+
with: 'ixo:oracle' as Capability['with'],
|
|
1028
|
+
},
|
|
1029
|
+
],
|
|
1030
|
+
expiration: earlierExp,
|
|
1031
|
+
proofs: [rootToUser],
|
|
1032
|
+
});
|
|
1033
|
+
|
|
1034
|
+
const serialized = await serializeDelegation(userToServer);
|
|
1035
|
+
const result = await validator.validateDelegation(serialized);
|
|
1036
|
+
|
|
1037
|
+
expect(result.ok).toBe(true);
|
|
1038
|
+
expect(result.expiration).toBeDefined();
|
|
1039
|
+
expect(result.expiration).toBeLessThanOrEqual(earlierExp);
|
|
1040
|
+
});
|
|
1041
|
+
|
|
1042
|
+
it('should reject delegation with broken proof chain', async () => {
|
|
1043
|
+
const server = await keygen();
|
|
1044
|
+
const root = await keygen();
|
|
1045
|
+
const user = await keygen();
|
|
1046
|
+
const unrelated = await keygen();
|
|
1047
|
+
|
|
1048
|
+
const validator = await createUCANValidator({
|
|
1049
|
+
serverDid: server.did,
|
|
1050
|
+
rootIssuers: [root.did],
|
|
1051
|
+
});
|
|
1052
|
+
|
|
1053
|
+
// Root delegates to an unrelated party (not user)
|
|
1054
|
+
const rootToUnrelated = await Client.delegate({
|
|
1055
|
+
issuer: root.signer,
|
|
1056
|
+
audience: unrelated.signer,
|
|
1057
|
+
capabilities: [
|
|
1058
|
+
{
|
|
1059
|
+
can: '*' as const,
|
|
1060
|
+
with: 'ixo:oracle' as const,
|
|
1061
|
+
},
|
|
1062
|
+
],
|
|
1063
|
+
});
|
|
1064
|
+
|
|
1065
|
+
// User tries to use unrelated's delegation as proof (audience mismatch)
|
|
1066
|
+
const userToServer = await createDelegation({
|
|
1067
|
+
issuer: user.signer,
|
|
1068
|
+
audience: server.did,
|
|
1069
|
+
capabilities: [
|
|
1070
|
+
{
|
|
1071
|
+
can: '*' as Capability['can'],
|
|
1072
|
+
with: 'ixo:oracle' as Capability['with'],
|
|
1073
|
+
},
|
|
1074
|
+
],
|
|
1075
|
+
proofs: [rootToUnrelated],
|
|
1076
|
+
});
|
|
1077
|
+
|
|
1078
|
+
const serialized = await serializeDelegation(userToServer);
|
|
1079
|
+
const result = await validator.validateDelegation(serialized);
|
|
1080
|
+
|
|
1081
|
+
expect(result.ok).toBe(false);
|
|
1082
|
+
expect(result.error?.code).toBe('UNAUTHORIZED');
|
|
1083
|
+
});
|
|
1084
|
+
|
|
1085
|
+
it('should return undefined expiration for non-expiring delegation', async () => {
|
|
1086
|
+
const server = await keygen();
|
|
1087
|
+
const user = await keygen();
|
|
1088
|
+
|
|
1089
|
+
const validator = await createUCANValidator({
|
|
1090
|
+
serverDid: server.did,
|
|
1091
|
+
rootIssuers: [user.did],
|
|
1092
|
+
});
|
|
1093
|
+
|
|
1094
|
+
const delegation = await createDelegation({
|
|
1095
|
+
issuer: user.signer,
|
|
1096
|
+
audience: server.did,
|
|
1097
|
+
capabilities: [
|
|
1098
|
+
{
|
|
1099
|
+
can: '*' as Capability['can'],
|
|
1100
|
+
with: 'ixo:oracle' as Capability['with'],
|
|
1101
|
+
},
|
|
1102
|
+
],
|
|
1103
|
+
// No expiration = Infinity = no effective expiration
|
|
1104
|
+
});
|
|
1105
|
+
|
|
1106
|
+
const serialized = await serializeDelegation(delegation);
|
|
1107
|
+
const result = await validator.validateDelegation(serialized);
|
|
1108
|
+
|
|
1109
|
+
expect(result.ok).toBe(true);
|
|
1110
|
+
expect(result.expiration).toBeUndefined();
|
|
1111
|
+
});
|
|
1112
|
+
});
|
|
777
1113
|
});
|