@pagopa/io-react-native-wallet 0.1.0 → 0.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/lib/commonjs/index.js +19 -5
- package/lib/commonjs/index.js.map +1 -1
- package/lib/commonjs/rp/__test__/index.test.js +18 -0
- package/lib/commonjs/rp/__test__/index.test.js.map +1 -0
- package/lib/commonjs/rp/index.js +116 -0
- package/lib/commonjs/rp/index.js.map +1 -0
- package/lib/commonjs/rp/types.js +72 -0
- package/lib/commonjs/rp/types.js.map +1 -0
- package/lib/commonjs/utils/dpop.js +27 -0
- package/lib/commonjs/utils/dpop.js.map +1 -0
- package/lib/commonjs/utils/errors.js +25 -1
- package/lib/commonjs/utils/errors.js.map +1 -1
- package/lib/commonjs/utils/signature.js +10 -0
- package/lib/commonjs/utils/signature.js.map +1 -0
- package/lib/commonjs/wallet-instance-attestation/issuing.js +3 -5
- package/lib/commonjs/wallet-instance-attestation/issuing.js.map +1 -1
- package/lib/module/index.js +5 -4
- package/lib/module/index.js.map +1 -1
- package/lib/module/rp/__test__/index.test.js +16 -0
- package/lib/module/rp/__test__/index.test.js.map +1 -0
- package/lib/module/rp/index.js +108 -0
- package/lib/module/rp/index.js.map +1 -0
- package/lib/module/rp/types.js +63 -0
- package/lib/module/rp/types.js.map +1 -0
- package/lib/module/utils/dpop.js +17 -0
- package/lib/module/utils/dpop.js.map +1 -0
- package/lib/module/utils/errors.js +23 -0
- package/lib/module/utils/errors.js.map +1 -1
- package/lib/module/utils/signature.js +3 -0
- package/lib/module/utils/signature.js.map +1 -0
- package/lib/module/wallet-instance-attestation/issuing.js +3 -5
- package/lib/module/wallet-instance-attestation/issuing.js.map +1 -1
- package/lib/typescript/index.d.ts +5 -2
- package/lib/typescript/index.d.ts.map +1 -1
- package/lib/typescript/rp/__test__/index.test.d.ts +2 -0
- package/lib/typescript/rp/__test__/index.test.d.ts.map +1 -0
- package/lib/typescript/rp/index.d.ts +43 -0
- package/lib/typescript/rp/index.d.ts.map +1 -0
- package/lib/typescript/rp/types.d.ts +840 -0
- package/lib/typescript/rp/types.d.ts.map +1 -0
- package/lib/typescript/utils/dpop.d.ts +21 -0
- package/lib/typescript/utils/dpop.d.ts.map +1 -0
- package/lib/typescript/utils/errors.d.ts +13 -0
- package/lib/typescript/utils/errors.d.ts.map +1 -1
- package/lib/typescript/utils/signature.d.ts +2 -0
- package/lib/typescript/utils/signature.d.ts.map +1 -0
- package/lib/typescript/wallet-instance-attestation/issuing.d.ts +3 -3
- package/lib/typescript/wallet-instance-attestation/issuing.d.ts.map +1 -1
- package/lib/typescript/wallet-instance-attestation/types.d.ts +4 -4
- package/package.json +1 -1
- package/src/index.ts +12 -5
- package/src/rp/__test__/index.test.ts +23 -0
- package/src/rp/index.ts +150 -0
- package/src/rp/types.ts +64 -0
- package/src/utils/dpop.ts +25 -0
- package/src/utils/errors.ts +24 -0
- package/src/utils/signature.ts +4 -0
- package/src/wallet-instance-attestation/issuing.ts +8 -6
package/README.md
CHANGED
package/lib/commonjs/index.js
CHANGED
@@ -3,15 +3,29 @@
|
|
3
3
|
Object.defineProperty(exports, "__esModule", {
|
4
4
|
value: true
|
5
5
|
});
|
6
|
-
exports.WalletInstanceAttestation = exports.PID = void 0;
|
7
|
-
exports
|
6
|
+
exports.WalletInstanceAttestation = exports.RP = exports.PID = exports.Errors = void 0;
|
7
|
+
Object.defineProperty(exports, "getSignedJwt", {
|
8
|
+
enumerable: true,
|
9
|
+
get: function () {
|
10
|
+
return _signature.getSignedJwt;
|
11
|
+
}
|
12
|
+
});
|
13
|
+
Object.defineProperty(exports, "getUnsignedDPop", {
|
14
|
+
enumerable: true,
|
15
|
+
get: function () {
|
16
|
+
return _dpop.getUnsignedDPop;
|
17
|
+
}
|
18
|
+
});
|
8
19
|
var PID = _interopRequireWildcard(require("./pid"));
|
9
20
|
exports.PID = PID;
|
21
|
+
var RP = _interopRequireWildcard(require("./rp"));
|
22
|
+
exports.RP = RP;
|
23
|
+
var Errors = _interopRequireWildcard(require("./utils/errors"));
|
24
|
+
exports.Errors = Errors;
|
10
25
|
var WalletInstanceAttestation = _interopRequireWildcard(require("./wallet-instance-attestation"));
|
11
26
|
exports.WalletInstanceAttestation = WalletInstanceAttestation;
|
27
|
+
var _dpop = require("./utils/dpop");
|
28
|
+
var _signature = require("./utils/signature");
|
12
29
|
function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
|
13
30
|
function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
|
14
|
-
function multiply(a, b) {
|
15
|
-
return Promise.resolve(a * b);
|
16
|
-
}
|
17
31
|
//# sourceMappingURL=index.js.map
|
@@ -1 +1 @@
|
|
1
|
-
{"version":3,"names":["PID","_interopRequireWildcard","require","exports","WalletInstanceAttestation","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set"
|
1
|
+
{"version":3,"names":["PID","_interopRequireWildcard","require","exports","RP","Errors","WalletInstanceAttestation","_dpop","_signature","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set"],"sourceRoot":"../../src","sources":["index.ts"],"mappings":";;;;;;;;;;;;;;;;;;AAAA,IAAAA,GAAA,GAAAC,uBAAA,CAAAC,OAAA;AAA6BC,OAAA,CAAAH,GAAA,GAAAA,GAAA;AAC7B,IAAAI,EAAA,GAAAH,uBAAA,CAAAC,OAAA;AAA2BC,OAAA,CAAAC,EAAA,GAAAA,EAAA;AAC3B,IAAAC,MAAA,GAAAJ,uBAAA,CAAAC,OAAA;AAAyCC,OAAA,CAAAE,MAAA,GAAAA,MAAA;AACzC,IAAAC,yBAAA,GAAAL,uBAAA,CAAAC,OAAA;AAA2EC,OAAA,CAAAG,yBAAA,GAAAA,yBAAA;AAC3E,IAAAC,KAAA,GAAAL,OAAA;AACA,IAAAM,UAAA,GAAAN,OAAA;AAAiD,SAAAO,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAT,wBAAAa,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA"}
|
@@ -0,0 +1,18 @@
|
|
1
|
+
"use strict";
|
2
|
+
|
3
|
+
var _ = require("..");
|
4
|
+
var _errors = require("../../utils/errors");
|
5
|
+
const walletInstanceAttestation = "eyJhbGciOiJFUzI1NiIsImtpZCI6IjV0NVlZcEJoTi1FZ0lFRUk1aVV6cjZyME1SMDJMblZRME9tZWttTktjalkiLCJ0cnVzdF9jaGFpbiI6WyJleUpoYkdjaU9pSkZVei4uLjZTMEEiLCJleUpoYkdjaU9pSkZVei4uLmpKTEEiLCJleUpoYkdjaU9pSkZVei4uLkg5Z3ciXSwidHlwIjoidmErand0IiwieDVjIjpbIk1JSUJqRENDIC4uLiBYRmVoZ0tRQT09Il19.eyJpc3MiOiJodHRwczovL3dhbGxldC1wcm92aWRlci5leGFtcGxlLm9yZyIsInN1YiI6InZiZVhKa3NNNDV4cGh0QU5uQ2lHNm1DeXVVNGpmR056b3BHdUt2b2dnOWMiLCJ0eXBlIjoiV2FsbGV0SW5zdGFuY2VBdHRlc3RhdGlvbiIsInBvbGljeV91cmkiOiJodHRwczovL3dhbGxldC1wcm92aWRlci5leGFtcGxlLm9yZy9wcml2YWN5X3BvbGljeSIsInRvc191cmkiOiJodHRwczovL3dhbGxldC1wcm92aWRlci5leGFtcGxlLm9yZy9pbmZvX3BvbGljeSIsImxvZ29fdXJpIjoiaHR0cHM6Ly93YWxsZXQtcHJvdmlkZXIuZXhhbXBsZS5vcmcvbG9nby5zdmciLCJhc2MiOiJodHRwczovL3dhbGxldC1wcm92aWRlci5leGFtcGxlLm9yZy9Mb0EvYmFzaWMiLCJjbmYiOnsiandrIjp7ImNydiI6IlAtMjU2Iiwia3R5IjoiRUMiLCJ4IjoiNEhOcHRJLXhyMnBqeVJKS0dNbno0V21kblFEX3VKU3E0Ujk1Tmo5OGI0NCIsInkiOiJMSVpuU0IzOXZGSmhZZ1MzazdqWEU0cjMtQ29HRlF3WnRQQklScXBObHJnIiwia2lkIjoidmJlWEprc000NXhwaHRBTm5DaUc2bUN5dVU0amZHTnpvcEd1S3ZvZ2c5YyJ9fSwiYXV0aG9yaXphdGlvbl9lbmRwb2ludCI6ImV1ZGl3OiIsInJlc3BvbnNlX3R5cGVzX3N1cHBvcnRlZCI6WyJ2cF90b2tlbiJdLCJ2cF9mb3JtYXRzX3N1cHBvcnRlZCI6eyJqd3RfdnBfanNvbiI6eyJhbGdfdmFsdWVzX3N1cHBvcnRlZCI6WyJFUzI1NiJdfSwiand0X3ZjX2pzb24iOnsiYWxnX3ZhbHVlc19zdXBwb3J0ZWQiOlsiRVMyNTYiXX19LCJyZXF1ZXN0X29iamVjdF9zaWduaW5nX2FsZ192YWx1ZXNfc3VwcG9ydGVkIjpbIkVTMjU2Il0sInByZXNlbnRhdGlvbl9kZWZpbml0aW9uX3VyaV9zdXBwb3J0ZWQiOmZhbHNlLCJpYXQiOjE2ODcyODExOTUsImV4cCI6MTY4NzI4ODM5NX0.OTuPik6p3o9j6VOx-uCyxRvHwoh1pDiiZcBQFNQt2uE3dK-8izGNflJVETi_uhGSZOf25Enkq-UvEin9NrbJNw";
|
6
|
+
const rp = new _.RelyingPartySolution("http://rp.example", walletInstanceAttestation);
|
7
|
+
describe("decodeAuthRequestQR", () => {
|
8
|
+
it("should return authentication request URL", async () => {
|
9
|
+
const qrcode = "ZXVkaXc6Ly9hdXRob3JpemU/Y2xpZW50X2lkPWh0dHBzOi8vdmVyaWZpZXIuZXhhbXBsZS5vcmcmcmVxdWVzdF91cmk9aHR0cHM6Ly92ZXJpZmllci5leGFtcGxlLm9yZy9yZXF1ZXN0X3VyaQ==";
|
10
|
+
const result = rp.decodeAuthRequestQR(qrcode);
|
11
|
+
expect(result).toEqual("https://verifier.example.org/request_uri");
|
12
|
+
});
|
13
|
+
it("should throw exception with invalid QR", async () => {
|
14
|
+
const qrcode = "aHR0cDovL2dvb2dsZS5pdA==";
|
15
|
+
expect(() => rp.decodeAuthRequestQR(qrcode)).toThrowError(_errors.AuthRequestDecodeError);
|
16
|
+
});
|
17
|
+
});
|
18
|
+
//# sourceMappingURL=index.test.js.map
|
@@ -0,0 +1 @@
|
|
1
|
+
{"version":3,"names":["_","require","_errors","walletInstanceAttestation","rp","RelyingPartySolution","describe","it","qrcode","result","decodeAuthRequestQR","expect","toEqual","toThrowError","AuthRequestDecodeError"],"sourceRoot":"../../../../src","sources":["rp/__test__/index.test.ts"],"mappings":";;AAAA,IAAAA,CAAA,GAAAC,OAAA;AACA,IAAAC,OAAA,GAAAD,OAAA;AAEA,MAAME,yBAAyB,GAC7B,qhDAAqhD;AACvhD,MAAMC,EAAE,GAAG,IAAIC,sBAAoB,CACjC,mBAAmB,EACnBF,yBACF,CAAC;AACDG,QAAQ,CAAC,qBAAqB,EAAE,MAAM;EACpCC,EAAE,CAAC,0CAA0C,EAAE,YAAY;IACzD,MAAMC,MAAM,GACV,sJAAsJ;IACxJ,MAAMC,MAAM,GAAGL,EAAE,CAACM,mBAAmB,CAACF,MAAM,CAAC;IAC7CG,MAAM,CAACF,MAAM,CAAC,CAACG,OAAO,CAAC,0CAA0C,CAAC;EACpE,CAAC,CAAC;EACFL,EAAE,CAAC,wCAAwC,EAAE,YAAY;IACvD,MAAMC,MAAM,GAAG,0BAA0B;IACzCG,MAAM,CAAC,MAAMP,EAAE,CAACM,mBAAmB,CAACF,MAAM,CAAC,CAAC,CAACK,YAAY,CACvDC,8BACF,CAAC;EACH,CAAC,CAAC;AACJ,CAAC,CAAC"}
|
@@ -0,0 +1,116 @@
|
|
1
|
+
"use strict";
|
2
|
+
|
3
|
+
Object.defineProperty(exports, "__esModule", {
|
4
|
+
value: true
|
5
|
+
});
|
6
|
+
exports.RelyingPartySolution = void 0;
|
7
|
+
var _errors = require("../utils/errors");
|
8
|
+
var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
|
9
|
+
var _types = require("./types");
|
10
|
+
var _reactNativeUuid = _interopRequireDefault(require("react-native-uuid"));
|
11
|
+
function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
|
12
|
+
class RelyingPartySolution {
|
13
|
+
constructor(relyingPartyBaseUrl, walletInstanceAttestation) {
|
14
|
+
let appFetch = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : fetch;
|
15
|
+
this.relyingPartyBaseUrl = relyingPartyBaseUrl;
|
16
|
+
this.walletInstanceAttestation = walletInstanceAttestation;
|
17
|
+
this.appFetch = appFetch;
|
18
|
+
}
|
19
|
+
|
20
|
+
/**
|
21
|
+
* Decode a QR code content to an authentication request url.
|
22
|
+
* @function
|
23
|
+
* @param qrcode QR code content
|
24
|
+
*
|
25
|
+
* @returns The authentication request url
|
26
|
+
*
|
27
|
+
*/
|
28
|
+
decodeAuthRequestQR(qrcode) {
|
29
|
+
try {
|
30
|
+
const decoded = (0, _ioReactNativeJwt.decodeBase64)(qrcode);
|
31
|
+
const decodedUrl = new URL(decoded);
|
32
|
+
const requestUri = decodedUrl.searchParams.get("request_uri");
|
33
|
+
if (requestUri) {
|
34
|
+
return requestUri;
|
35
|
+
} else {
|
36
|
+
throw new _errors.AuthRequestDecodeError("Unable to obtain request_uri from QR code", `${decodedUrl}`);
|
37
|
+
}
|
38
|
+
} catch {
|
39
|
+
throw new _errors.AuthRequestDecodeError("Unable to decode QR code authentication request url", qrcode);
|
40
|
+
}
|
41
|
+
}
|
42
|
+
/**
|
43
|
+
* Obtain the unsigned wallet instance DPoP for authentication request
|
44
|
+
*
|
45
|
+
* @function
|
46
|
+
* @param walletInstanceAttestationJwk JWT of the Wallet Instance Attestation
|
47
|
+
* @param authRequestUrl authentication request url
|
48
|
+
*
|
49
|
+
* @returns The unsigned wallet instance DPoP
|
50
|
+
*
|
51
|
+
*/
|
52
|
+
async getUnsignedWalletInstanceDPoP(walletInstanceAttestationJwk, authRequestUrl) {
|
53
|
+
return await new _ioReactNativeJwt.SignJWT({
|
54
|
+
jti: `${_reactNativeUuid.default.v4()}`,
|
55
|
+
htm: "GET",
|
56
|
+
htu: authRequestUrl,
|
57
|
+
ath: await (0, _ioReactNativeJwt.sha256ToBase64)(this.walletInstanceAttestation)
|
58
|
+
}).setProtectedHeader({
|
59
|
+
alg: "ES256",
|
60
|
+
jwk: walletInstanceAttestationJwk,
|
61
|
+
typ: "dpop+jwt"
|
62
|
+
}).setIssuedAt().setExpirationTime("1h").toSign();
|
63
|
+
}
|
64
|
+
|
65
|
+
/**
|
66
|
+
* Obtain the Request Object for RP authentication
|
67
|
+
*
|
68
|
+
* @function
|
69
|
+
* @param signedWalletInstanceDPoP JWT of the Wallet Instance Attestation DPoP
|
70
|
+
*
|
71
|
+
* @returns The Request Object JWT
|
72
|
+
*
|
73
|
+
*/
|
74
|
+
async getRequestObject(signedWalletInstanceDPoP) {
|
75
|
+
const decodedJwtDPop = await (0, _ioReactNativeJwt.decode)(signedWalletInstanceDPoP);
|
76
|
+
const requestUri = decodedJwtDPop.payload.htu;
|
77
|
+
const response = await this.appFetch(requestUri, {
|
78
|
+
method: "GET",
|
79
|
+
headers: {
|
80
|
+
Authorization: `DPoP ${this.walletInstanceAttestation}`,
|
81
|
+
DPoP: signedWalletInstanceDPoP
|
82
|
+
}
|
83
|
+
});
|
84
|
+
if (response.status === 200) {
|
85
|
+
const responseText = await response.text();
|
86
|
+
const responseJwt = await (0, _ioReactNativeJwt.decode)(responseText);
|
87
|
+
const requestObj = _types.RequestObject.parse({
|
88
|
+
header: responseJwt.protectedHeader,
|
89
|
+
payload: responseJwt.payload
|
90
|
+
});
|
91
|
+
return requestObj;
|
92
|
+
}
|
93
|
+
throw new _errors.IoWalletError(`Unable to obtain Request Object. Response code: ${response.status}`);
|
94
|
+
}
|
95
|
+
|
96
|
+
/**
|
97
|
+
* Obtain the relying party entity configuration.
|
98
|
+
*/
|
99
|
+
async getEntityConfiguration() {
|
100
|
+
const wellKnownUrl = new URL("/.well-known/openid-federation", this.relyingPartyBaseUrl).href;
|
101
|
+
const response = await this.appFetch(wellKnownUrl, {
|
102
|
+
method: "GET"
|
103
|
+
});
|
104
|
+
if (response.status === 200) {
|
105
|
+
const responseText = await response.text();
|
106
|
+
const responseJwt = await (0, _ioReactNativeJwt.decode)(responseText);
|
107
|
+
return _types.RpEntityConfiguration.parse({
|
108
|
+
header: responseJwt.protectedHeader,
|
109
|
+
payload: responseJwt.payload
|
110
|
+
});
|
111
|
+
}
|
112
|
+
throw new _errors.IoWalletError(`Unable to obtain RP Entity Configuration. Response code: ${response.status}`);
|
113
|
+
}
|
114
|
+
}
|
115
|
+
exports.RelyingPartySolution = RelyingPartySolution;
|
116
|
+
//# sourceMappingURL=index.js.map
|
@@ -0,0 +1 @@
|
|
1
|
+
{"version":3,"names":["_errors","require","_ioReactNativeJwt","_types","_reactNativeUuid","_interopRequireDefault","obj","__esModule","default","RelyingPartySolution","constructor","relyingPartyBaseUrl","walletInstanceAttestation","appFetch","arguments","length","undefined","fetch","decodeAuthRequestQR","qrcode","decoded","decodeBase64","decodedUrl","URL","requestUri","searchParams","get","AuthRequestDecodeError","getUnsignedWalletInstanceDPoP","walletInstanceAttestationJwk","authRequestUrl","SignJWT","jti","uuid","v4","htm","htu","ath","sha256ToBase64","setProtectedHeader","alg","jwk","typ","setIssuedAt","setExpirationTime","toSign","getRequestObject","signedWalletInstanceDPoP","decodedJwtDPop","decodeJwt","payload","response","method","headers","Authorization","DPoP","status","responseText","text","responseJwt","requestObj","RequestObject","parse","header","protectedHeader","IoWalletError","getEntityConfiguration","wellKnownUrl","href","RpEntityConfiguration","exports"],"sourceRoot":"../../../src","sources":["rp/index.ts"],"mappings":";;;;;;AAAA,IAAAA,OAAA,GAAAC,OAAA;AACA,IAAAC,iBAAA,GAAAD,OAAA;AAMA,IAAAE,MAAA,GAAAF,OAAA;AAEA,IAAAG,gBAAA,GAAAC,sBAAA,CAAAJ,OAAA;AAAqC,SAAAI,uBAAAC,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAG9B,MAAMG,oBAAoB,CAAC;EAKhCC,WAAWA,CACTC,mBAA2B,EAC3BC,yBAAiC,EAEjC;IAAA,IADAC,QAA8B,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAGG,KAAK;IAEtC,IAAI,CAACN,mBAAmB,GAAGA,mBAAmB;IAC9C,IAAI,CAACC,yBAAyB,GAAGA,yBAAyB;IAC1D,IAAI,CAACC,QAAQ,GAAGA,QAAQ;EAC1B;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;EACEK,mBAAmBA,CAACC,MAAc,EAAU;IAC1C,IAAI;MACF,MAAMC,OAAO,GAAG,IAAAC,8BAAY,EAACF,MAAM,CAAC;MACpC,MAAMG,UAAU,GAAG,IAAIC,GAAG,CAACH,OAAO,CAAC;MACnC,MAAMI,UAAU,GAAGF,UAAU,CAACG,YAAY,CAACC,GAAG,CAAC,aAAa,CAAC;MAC7D,IAAIF,UAAU,EAAE;QACd,OAAOA,UAAU;MACnB,CAAC,MAAM;QACL,MAAM,IAAIG,8BAAsB,CAC9B,2CAA2C,EAC1C,GAAEL,UAAW,EAChB,CAAC;MACH;IACF,CAAC,CAAC,MAAM;MACN,MAAM,IAAIK,8BAAsB,CAC9B,qDAAqD,EACrDR,MACF,CAAC;IACH;EACF;EACA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMS,6BAA6BA,CACjCC,4BAAiC,EACjCC,cAAsB,EACL;IACjB,OAAO,MAAM,IAAIC,yBAAO,CAAC;MACvBC,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;MACnBC,GAAG,EAAE,KAAK;MACVC,GAAG,EAAEN,cAAc;MACnBO,GAAG,EAAE,MAAM,IAAAC,gCAAc,EAAC,IAAI,CAAC1B,yBAAyB;IAC1D,CAAC,CAAC,CACC2B,kBAAkB,CAAC;MAClBC,GAAG,EAAE,OAAO;MACZC,GAAG,EAAEZ,4BAA4B;MACjCa,GAAG,EAAE;IACP,CAAC,CAAC,CACDC,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,MAAM,CAAC,CAAC;EACb;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMC,gBAAgBA,CACpBC,wBAAgC,EACR;IACxB,MAAMC,cAAc,GAAG,MAAM,IAAAC,wBAAS,EAACF,wBAAwB,CAAC;IAChE,MAAMvB,UAAU,GAAGwB,cAAc,CAACE,OAAO,CAACd,GAAa;IAEvD,MAAMe,QAAQ,GAAG,MAAM,IAAI,CAACtC,QAAQ,CAACW,UAAU,EAAE;MAC/C4B,MAAM,EAAE,KAAK;MACbC,OAAO,EAAE;QACPC,aAAa,EAAG,QAAO,IAAI,CAAC1C,yBAA0B,EAAC;QACvD2C,IAAI,EAAER;MACR;IACF,CAAC,CAAC;IAEF,IAAII,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAMC,YAAY,GAAG,MAAMN,QAAQ,CAACO,IAAI,CAAC,CAAC;MAC1C,MAAMC,WAAW,GAAG,MAAM,IAAAV,wBAAS,EAACQ,YAAY,CAAC;MACjD,MAAMG,UAAU,GAAGC,oBAAa,CAACC,KAAK,CAAC;QACrCC,MAAM,EAAEJ,WAAW,CAACK,eAAe;QACnCd,OAAO,EAAES,WAAW,CAACT;MACvB,CAAC,CAAC;MACF,OAAOU,UAAU;IACnB;IAEA,MAAM,IAAIK,qBAAa,CACpB,mDAAkDd,QAAQ,CAACK,MAAO,EACrE,CAAC;EACH;;EAEA;AACF;AACA;EACE,MAAMU,sBAAsBA,CAAA,EAAmC;IAC7D,MAAMC,YAAY,GAAG,IAAI5C,GAAG,CAC1B,gCAAgC,EAChC,IAAI,CAACZ,mBACP,CAAC,CAACyD,IAAI;IAEN,MAAMjB,QAAQ,GAAG,MAAM,IAAI,CAACtC,QAAQ,CAACsD,YAAY,EAAE;MACjDf,MAAM,EAAE;IACV,CAAC,CAAC;IAEF,IAAID,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAMC,YAAY,GAAG,MAAMN,QAAQ,CAACO,IAAI,CAAC,CAAC;MAC1C,MAAMC,WAAW,GAAG,MAAM,IAAAV,wBAAS,EAACQ,YAAY,CAAC;MACjD,OAAOY,4BAAqB,CAACP,KAAK,CAAC;QACjCC,MAAM,EAAEJ,WAAW,CAACK,eAAe;QACnCd,OAAO,EAAES,WAAW,CAACT;MACvB,CAAC,CAAC;IACJ;IAEA,MAAM,IAAIe,qBAAa,CACpB,4DAA2Dd,QAAQ,CAACK,MAAO,EAC9E,CAAC;EACH;AACF;AAACc,OAAA,CAAA7D,oBAAA,GAAAA,oBAAA"}
|
@@ -0,0 +1,72 @@
|
|
1
|
+
"use strict";
|
2
|
+
|
3
|
+
Object.defineProperty(exports, "__esModule", {
|
4
|
+
value: true
|
5
|
+
});
|
6
|
+
exports.RpEntityConfiguration = exports.RequestObject = void 0;
|
7
|
+
var _jwk = require("../utils/jwk");
|
8
|
+
var _types = require("../sd-jwt/types");
|
9
|
+
var z = _interopRequireWildcard(require("zod"));
|
10
|
+
function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
|
11
|
+
function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
|
12
|
+
const RequestObject = z.object({
|
13
|
+
header: z.object({
|
14
|
+
typ: z.literal("JWT"),
|
15
|
+
alg: z.string(),
|
16
|
+
kid: z.string(),
|
17
|
+
trust_chain: z.array(z.string())
|
18
|
+
}),
|
19
|
+
payload: z.object({
|
20
|
+
iss: z.string(),
|
21
|
+
iat: _types.UnixTime,
|
22
|
+
exp: _types.UnixTime,
|
23
|
+
state: z.string(),
|
24
|
+
nonce: z.string(),
|
25
|
+
response_uri: z.string(),
|
26
|
+
response_type: z.literal("vp_token"),
|
27
|
+
response_mode: z.literal("direct_post.jwt"),
|
28
|
+
client_id: z.string(),
|
29
|
+
client_id_scheme: z.literal("entity_id"),
|
30
|
+
scope: z.string()
|
31
|
+
})
|
32
|
+
});
|
33
|
+
|
34
|
+
// TODO: This types is WIP in technical rules
|
35
|
+
exports.RequestObject = RequestObject;
|
36
|
+
const RpEntityConfiguration = z.object({
|
37
|
+
header: z.object({
|
38
|
+
typ: z.literal("entity-statement+jwt"),
|
39
|
+
alg: z.string(),
|
40
|
+
kid: z.string()
|
41
|
+
}),
|
42
|
+
payload: z.object({
|
43
|
+
exp: _types.UnixTime,
|
44
|
+
iat: _types.UnixTime,
|
45
|
+
iss: z.string(),
|
46
|
+
sub: z.string(),
|
47
|
+
jwks: z.object({
|
48
|
+
keys: z.array(_jwk.JWK)
|
49
|
+
}),
|
50
|
+
metadata: z.object({
|
51
|
+
wallet_relying_party: z.object({
|
52
|
+
application_type: z.string(),
|
53
|
+
client_id: z.string(),
|
54
|
+
client_name: z.string(),
|
55
|
+
jwks: z.object({
|
56
|
+
keys: z.array(_jwk.JWK)
|
57
|
+
}),
|
58
|
+
contacts: z.array(z.string())
|
59
|
+
}),
|
60
|
+
federation_entity: z.object({
|
61
|
+
organization_name: z.string(),
|
62
|
+
homepage_uri: z.string(),
|
63
|
+
policy_uri: z.string(),
|
64
|
+
logo_uri: z.string(),
|
65
|
+
contacts: z.array(z.string())
|
66
|
+
})
|
67
|
+
}),
|
68
|
+
authority_hints: z.array(z.string())
|
69
|
+
})
|
70
|
+
});
|
71
|
+
exports.RpEntityConfiguration = RpEntityConfiguration;
|
72
|
+
//# sourceMappingURL=types.js.map
|
@@ -0,0 +1 @@
|
|
1
|
+
{"version":3,"names":["_jwk","require","_types","z","_interopRequireWildcard","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","RequestObject","object","header","typ","literal","alg","string","kid","trust_chain","array","payload","iss","iat","UnixTime","exp","state","nonce","response_uri","response_type","response_mode","client_id","client_id_scheme","scope","exports","RpEntityConfiguration","sub","jwks","keys","JWK","metadata","wallet_relying_party","application_type","client_name","contacts","federation_entity","organization_name","homepage_uri","policy_uri","logo_uri","authority_hints"],"sourceRoot":"../../../src","sources":["rp/types.ts"],"mappings":";;;;;;AAAA,IAAAA,IAAA,GAAAC,OAAA;AACA,IAAAC,MAAA,GAAAD,OAAA;AACA,IAAAE,CAAA,GAAAC,uBAAA,CAAAH,OAAA;AAAyB,SAAAI,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAF,wBAAAM,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAGlB,MAAMW,aAAa,GAAGxB,CAAC,CAACyB,MAAM,CAAC;EACpCC,MAAM,EAAE1B,CAAC,CAACyB,MAAM,CAAC;IACfE,GAAG,EAAE3B,CAAC,CAAC4B,OAAO,CAAC,KAAK,CAAC;IACrBC,GAAG,EAAE7B,CAAC,CAAC8B,MAAM,CAAC,CAAC;IACfC,GAAG,EAAE/B,CAAC,CAAC8B,MAAM,CAAC,CAAC;IACfE,WAAW,EAAEhC,CAAC,CAACiC,KAAK,CAACjC,CAAC,CAAC8B,MAAM,CAAC,CAAC;EACjC,CAAC,CAAC;EACFI,OAAO,EAAElC,CAAC,CAACyB,MAAM,CAAC;IAChBU,GAAG,EAAEnC,CAAC,CAAC8B,MAAM,CAAC,CAAC;IACfM,GAAG,EAAEC,eAAQ;IACbC,GAAG,EAAED,eAAQ;IACbE,KAAK,EAAEvC,CAAC,CAAC8B,MAAM,CAAC,CAAC;IACjBU,KAAK,EAAExC,CAAC,CAAC8B,MAAM,CAAC,CAAC;IACjBW,YAAY,EAAEzC,CAAC,CAAC8B,MAAM,CAAC,CAAC;IACxBY,aAAa,EAAE1C,CAAC,CAAC4B,OAAO,CAAC,UAAU,CAAC;IACpCe,aAAa,EAAE3C,CAAC,CAAC4B,OAAO,CAAC,iBAAiB,CAAC;IAC3CgB,SAAS,EAAE5C,CAAC,CAAC8B,MAAM,CAAC,CAAC;IACrBe,gBAAgB,EAAE7C,CAAC,CAAC4B,OAAO,CAAC,WAAW,CAAC;IACxCkB,KAAK,EAAE9C,CAAC,CAAC8B,MAAM,CAAC;EAClB,CAAC;AACH,CAAC,CAAC;;AAEF;AAAAiB,OAAA,CAAAvB,aAAA,GAAAA,aAAA;AAEO,MAAMwB,qBAAqB,GAAGhD,CAAC,CAACyB,MAAM,CAAC;EAC5CC,MAAM,EAAE1B,CAAC,CAACyB,MAAM,CAAC;IACfE,GAAG,EAAE3B,CAAC,CAAC4B,OAAO,CAAC,sBAAsB,CAAC;IACtCC,GAAG,EAAE7B,CAAC,CAAC8B,MAAM,CAAC,CAAC;IACfC,GAAG,EAAE/B,CAAC,CAAC8B,MAAM,CAAC;EAChB,CAAC,CAAC;EACFI,OAAO,EAAElC,CAAC,CAACyB,MAAM,CAAC;IAChBa,GAAG,EAAED,eAAQ;IACbD,GAAG,EAAEC,eAAQ;IACbF,GAAG,EAAEnC,CAAC,CAAC8B,MAAM,CAAC,CAAC;IACfmB,GAAG,EAAEjD,CAAC,CAAC8B,MAAM,CAAC,CAAC;IACfoB,IAAI,EAAElD,CAAC,CAACyB,MAAM,CAAC;MACb0B,IAAI,EAAEnD,CAAC,CAACiC,KAAK,CAACmB,QAAG;IACnB,CAAC,CAAC;IACFC,QAAQ,EAAErD,CAAC,CAACyB,MAAM,CAAC;MACjB6B,oBAAoB,EAAEtD,CAAC,CAACyB,MAAM,CAAC;QAC7B8B,gBAAgB,EAAEvD,CAAC,CAAC8B,MAAM,CAAC,CAAC;QAC5Bc,SAAS,EAAE5C,CAAC,CAAC8B,MAAM,CAAC,CAAC;QACrB0B,WAAW,EAAExD,CAAC,CAAC8B,MAAM,CAAC,CAAC;QACvBoB,IAAI,EAAElD,CAAC,CAACyB,MAAM,CAAC;UACb0B,IAAI,EAAEnD,CAAC,CAACiC,KAAK,CAACmB,QAAG;QACnB,CAAC,CAAC;QACFK,QAAQ,EAAEzD,CAAC,CAACiC,KAAK,CAACjC,CAAC,CAAC8B,MAAM,CAAC,CAAC;MAC9B,CAAC,CAAC;MACF4B,iBAAiB,EAAE1D,CAAC,CAACyB,MAAM,CAAC;QAC1BkC,iBAAiB,EAAE3D,CAAC,CAAC8B,MAAM,CAAC,CAAC;QAC7B8B,YAAY,EAAE5D,CAAC,CAAC8B,MAAM,CAAC,CAAC;QACxB+B,UAAU,EAAE7D,CAAC,CAAC8B,MAAM,CAAC,CAAC;QACtBgC,QAAQ,EAAE9D,CAAC,CAAC8B,MAAM,CAAC,CAAC;QACpB2B,QAAQ,EAAEzD,CAAC,CAACiC,KAAK,CAACjC,CAAC,CAAC8B,MAAM,CAAC,CAAC;MAC9B,CAAC;IACH,CAAC,CAAC;IACFiC,eAAe,EAAE/D,CAAC,CAACiC,KAAK,CAACjC,CAAC,CAAC8B,MAAM,CAAC,CAAC;EACrC,CAAC;AACH,CAAC,CAAC;AAACiB,OAAA,CAAAC,qBAAA,GAAAA,qBAAA"}
|
@@ -0,0 +1,27 @@
|
|
1
|
+
"use strict";
|
2
|
+
|
3
|
+
Object.defineProperty(exports, "__esModule", {
|
4
|
+
value: true
|
5
|
+
});
|
6
|
+
exports.getUnsignedDPop = exports.DPoPPayload = void 0;
|
7
|
+
var z = _interopRequireWildcard(require("zod"));
|
8
|
+
var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
|
9
|
+
function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
|
10
|
+
function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
|
11
|
+
const getUnsignedDPop = (jwk, payload) => {
|
12
|
+
const dPop = new _ioReactNativeJwt.SignJWT(payload).setProtectedHeader({
|
13
|
+
alg: "ES256",
|
14
|
+
typ: "dpop+jwt",
|
15
|
+
jwk
|
16
|
+
}).setIssuedAt().setExpirationTime("1h").toSign();
|
17
|
+
return dPop;
|
18
|
+
};
|
19
|
+
exports.getUnsignedDPop = getUnsignedDPop;
|
20
|
+
const DPoPPayload = z.object({
|
21
|
+
jti: z.string(),
|
22
|
+
htm: z.union([z.literal("POST"), z.literal("GET")]),
|
23
|
+
htu: z.string(),
|
24
|
+
ath: z.string()
|
25
|
+
});
|
26
|
+
exports.DPoPPayload = DPoPPayload;
|
27
|
+
//# sourceMappingURL=dpop.js.map
|
@@ -0,0 +1 @@
|
|
1
|
+
{"version":3,"names":["z","_interopRequireWildcard","require","_ioReactNativeJwt","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","getUnsignedDPop","jwk","payload","dPop","SignJWT","setProtectedHeader","alg","typ","setIssuedAt","setExpirationTime","toSign","exports","DPoPPayload","object","jti","string","htm","union","literal","htu","ath"],"sourceRoot":"../../../src","sources":["utils/dpop.ts"],"mappings":";;;;;;AAAA,IAAAA,CAAA,GAAAC,uBAAA,CAAAC,OAAA;AAEA,IAAAC,iBAAA,GAAAD,OAAA;AAAsD,SAAAE,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAJ,wBAAAQ,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAG/C,MAAMW,eAAe,GAAGA,CAACC,GAAQ,EAAEC,OAAoB,KAAa;EACzE,MAAMC,IAAI,GAAG,IAAIC,yBAAO,CAACF,OAAO,CAAC,CAC9BG,kBAAkB,CAAC;IAClBC,GAAG,EAAE,OAAO;IACZC,GAAG,EAAE,UAAU;IACfN;EACF,CAAC,CAAC,CACDO,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,MAAM,CAAC,CAAC;EACX,OAAOP,IAAI;AACb,CAAC;AAACQ,OAAA,CAAAX,eAAA,GAAAA,eAAA;AAGK,MAAMY,WAAW,GAAGtC,CAAC,CAACuC,MAAM,CAAC;EAClCC,GAAG,EAAExC,CAAC,CAACyC,MAAM,CAAC,CAAC;EACfC,GAAG,EAAE1C,CAAC,CAAC2C,KAAK,CAAC,CAAC3C,CAAC,CAAC4C,OAAO,CAAC,MAAM,CAAC,EAAE5C,CAAC,CAAC4C,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC;EACnDC,GAAG,EAAE7C,CAAC,CAACyC,MAAM,CAAC,CAAC;EACfK,GAAG,EAAE9C,CAAC,CAACyC,MAAM,CAAC;AAChB,CAAC,CAAC;AAACJ,OAAA,CAAAC,WAAA,GAAAA,WAAA"}
|
@@ -3,7 +3,7 @@
|
|
3
3
|
Object.defineProperty(exports, "__esModule", {
|
4
4
|
value: true
|
5
5
|
});
|
6
|
-
exports.WalletInstanceAttestationIssuingError = exports.ValidationFailed = exports.IoWalletError = void 0;
|
6
|
+
exports.WalletInstanceAttestationIssuingError = exports.ValidationFailed = exports.IoWalletError = exports.AuthRequestDecodeError = void 0;
|
7
7
|
/**
|
8
8
|
* A generic Error that all other io-wallet specific Error subclasses extend.
|
9
9
|
*
|
@@ -78,5 +78,29 @@ class WalletInstanceAttestationIssuingError extends IoWalletError {
|
|
78
78
|
this.reason = reason;
|
79
79
|
}
|
80
80
|
}
|
81
|
+
|
82
|
+
/**
|
83
|
+
* An error subclass thrown when auth request decode fail
|
84
|
+
*
|
85
|
+
*/
|
81
86
|
exports.WalletInstanceAttestationIssuingError = WalletInstanceAttestationIssuingError;
|
87
|
+
class AuthRequestDecodeError extends IoWalletError {
|
88
|
+
static get code() {
|
89
|
+
return "ERR_IO_WALLET_AUTHENTICATION_REQUEST_DECODE_FAILED";
|
90
|
+
}
|
91
|
+
code = "ERR_IO_WALLET_AUTHENTICATION_REQUEST_DECODE_FAILED";
|
92
|
+
|
93
|
+
/** The Claim for which the validation failed. */
|
94
|
+
|
95
|
+
/** Reason code for the validation failure. */
|
96
|
+
|
97
|
+
constructor(message) {
|
98
|
+
let claim = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : "unspecified";
|
99
|
+
let reason = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : "unspecified";
|
100
|
+
super(message);
|
101
|
+
this.claim = claim;
|
102
|
+
this.reason = reason;
|
103
|
+
}
|
104
|
+
}
|
105
|
+
exports.AuthRequestDecodeError = AuthRequestDecodeError;
|
82
106
|
//# sourceMappingURL=errors.js.map
|
@@ -1 +1 @@
|
|
1
|
-
{"version":3,"names":["IoWalletError","Error","code","constructor","message","_Error$captureStackTr","name","captureStackTrace","call","exports","ValidationFailed","claim","arguments","length","undefined","reason","WalletInstanceAttestationIssuingError"],"sourceRoot":"../../../src","sources":["utils/errors.ts"],"mappings":";;;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMA,aAAa,SAASC,KAAK,CAAC;EACvC;EACA,WAAWC,IAAIA,CAAA,EAAW;IACxB,OAAO,uBAAuB;EAChC;;EAEA;EACAA,IAAI,GAAW,uBAAuB;EAEtCC,WAAWA,CAACC,OAAgB,EAAE;IAAA,IAAAC,qBAAA;IAC5B,KAAK,CAACD,OAAO,CAAC;IACd,IAAI,CAACE,IAAI,GAAG,IAAI,CAACH,WAAW,CAACG,IAAI;IACjC;IACA,CAAAD,qBAAA,GAAAJ,KAAK,CAACM,iBAAiB,cAAAF,qBAAA,uBAAvBA,qBAAA,CAAAG,IAAA,CAAAP,KAAK,EAAqB,IAAI,EAAE,IAAI,CAACE,WAAW,CAAC;EACnD;AACF;AACA;AACA;AACA;AACA;AAHAM,OAAA,CAAAT,aAAA,GAAAA,aAAA;AAIO,MAAMU,gBAAgB,SAASV,aAAa,CAAC;EAClD,WAAWE,IAAIA,CAAA,EAAsC;IACnD,OAAO,iCAAiC;EAC1C;EAEAA,IAAI,GAAG,iCAAiC;;EAExC;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CO,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACR,OAAO,CAAC;IACd,IAAI,CAACO,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AAHAN,OAAA,CAAAC,gBAAA,GAAAA,gBAAA;AAIO,MAAMM,qCAAqC,SAAShB,aAAa,CAAC;EACvE,WAAWE,IAAIA,CAAA,EAAwD;IACrE,OAAO,mDAAmD;EAC5D;EAEAA,IAAI,GAAG,mDAAmD;;EAE1D;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CO,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACR,OAAO,CAAC;IACd,IAAI,CAACO,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;
|
1
|
+
{"version":3,"names":["IoWalletError","Error","code","constructor","message","_Error$captureStackTr","name","captureStackTrace","call","exports","ValidationFailed","claim","arguments","length","undefined","reason","WalletInstanceAttestationIssuingError","AuthRequestDecodeError"],"sourceRoot":"../../../src","sources":["utils/errors.ts"],"mappings":";;;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMA,aAAa,SAASC,KAAK,CAAC;EACvC;EACA,WAAWC,IAAIA,CAAA,EAAW;IACxB,OAAO,uBAAuB;EAChC;;EAEA;EACAA,IAAI,GAAW,uBAAuB;EAEtCC,WAAWA,CAACC,OAAgB,EAAE;IAAA,IAAAC,qBAAA;IAC5B,KAAK,CAACD,OAAO,CAAC;IACd,IAAI,CAACE,IAAI,GAAG,IAAI,CAACH,WAAW,CAACG,IAAI;IACjC;IACA,CAAAD,qBAAA,GAAAJ,KAAK,CAACM,iBAAiB,cAAAF,qBAAA,uBAAvBA,qBAAA,CAAAG,IAAA,CAAAP,KAAK,EAAqB,IAAI,EAAE,IAAI,CAACE,WAAW,CAAC;EACnD;AACF;AACA;AACA;AACA;AACA;AAHAM,OAAA,CAAAT,aAAA,GAAAA,aAAA;AAIO,MAAMU,gBAAgB,SAASV,aAAa,CAAC;EAClD,WAAWE,IAAIA,CAAA,EAAsC;IACnD,OAAO,iCAAiC;EAC1C;EAEAA,IAAI,GAAG,iCAAiC;;EAExC;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CO,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACR,OAAO,CAAC;IACd,IAAI,CAACO,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AAHAN,OAAA,CAAAC,gBAAA,GAAAA,gBAAA;AAIO,MAAMM,qCAAqC,SAAShB,aAAa,CAAC;EACvE,WAAWE,IAAIA,CAAA,EAAwD;IACrE,OAAO,mDAAmD;EAC5D;EAEAA,IAAI,GAAG,mDAAmD;;EAE1D;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CO,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACR,OAAO,CAAC;IACd,IAAI,CAACO,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AAHAN,OAAA,CAAAO,qCAAA,GAAAA,qCAAA;AAIO,MAAMC,sBAAsB,SAASjB,aAAa,CAAC;EACxD,WAAWE,IAAIA,CAAA,EAAyD;IACtE,OAAO,oDAAoD;EAC7D;EAEAA,IAAI,GAAG,oDAAoD;;EAE3D;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CO,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACR,OAAO,CAAC;IACd,IAAI,CAACO,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;AAACN,OAAA,CAAAQ,sBAAA,GAAAA,sBAAA"}
|
@@ -0,0 +1,10 @@
|
|
1
|
+
"use strict";
|
2
|
+
|
3
|
+
Object.defineProperty(exports, "__esModule", {
|
4
|
+
value: true
|
5
|
+
});
|
6
|
+
exports.getSignedJwt = void 0;
|
7
|
+
var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
|
8
|
+
const getSignedJwt = async (unsignedJwt, signature) => await _ioReactNativeJwt.SignJWT.appendSignature(unsignedJwt, signature);
|
9
|
+
exports.getSignedJwt = getSignedJwt;
|
10
|
+
//# sourceMappingURL=signature.js.map
|
@@ -0,0 +1 @@
|
|
1
|
+
{"version":3,"names":["_ioReactNativeJwt","require","getSignedJwt","unsignedJwt","signature","SignJWT","appendSignature","exports"],"sourceRoot":"../../../src","sources":["utils/signature.ts"],"mappings":";;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AAEO,MAAMC,YAAY,GAAG,MAAAA,CAAOC,WAAmB,EAAEC,SAAiB,KACvE,MAAMC,yBAAO,CAACC,eAAe,CAACH,WAAW,EAAEC,SAAS,CAAC;AAACG,OAAA,CAAAL,YAAA,GAAAA,YAAA"}
|
@@ -12,7 +12,9 @@ var _errors = require("../utils/errors");
|
|
12
12
|
function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
|
13
13
|
class Issuing {
|
14
14
|
constructor(walletProviderBaseUrl) {
|
15
|
+
let appFetch = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : fetch;
|
15
16
|
this.walletProviderBaseUrl = walletProviderBaseUrl;
|
17
|
+
this.appFetch = appFetch;
|
16
18
|
}
|
17
19
|
|
18
20
|
/**
|
@@ -57,15 +59,11 @@ class Issuing {
|
|
57
59
|
* @param attestationRequest Wallet Instance Attestaion Request
|
58
60
|
* obtained with {@link getAttestationRequestToSign}
|
59
61
|
* @param signature Signature of the Wallet Instance Attestaion Request
|
60
|
-
* @param appFetch Optional object with fetch function to use
|
61
62
|
*
|
62
63
|
* @returns {string} Wallet Instance Attestation
|
63
64
|
*
|
64
65
|
*/
|
65
66
|
async getAttestation(attestationRequest, signature) {
|
66
|
-
let appFetch = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : {
|
67
|
-
fetch
|
68
|
-
};
|
69
67
|
const signedAttestationRequest = await _ioReactNativeJwt.SignJWT.appendSignature(attestationRequest, signature);
|
70
68
|
const decodedRequest = (0, _ioReactNativeJwt.decode)(signedAttestationRequest);
|
71
69
|
const parsedRequest = _types.WalletInstanceAttestationRequestJwt.parse({
|
@@ -79,7 +77,7 @@ class Issuing {
|
|
79
77
|
grant_type: "urn:ietf:params:oauth:client-assertion-type:jwt-key-attestation",
|
80
78
|
assertion: signedAttestationRequest
|
81
79
|
};
|
82
|
-
const response = await appFetch
|
80
|
+
const response = await this.appFetch(tokenUrl, {
|
83
81
|
method: "POST",
|
84
82
|
headers: {
|
85
83
|
"Content-Type": "application/json"
|
@@ -1 +1 @@
|
|
1
|
-
{"version":3,"names":["_ioReactNativeJwt","require","_jwk","_types","_reactNativeUuid","_interopRequireDefault","_errors","obj","__esModule","default","Issuing","constructor","walletProviderBaseUrl","getAttestationRequestToSign","jwk","parsedJwk","JWK","parse","keyThumbprint","thumbprint","publicKey","kid","walletInstanceAttestationRequest","SignJWT","iss","sub","jti","uuid","v4","type","cnf","setProtectedHeader","alg","typ","setIssuedAt","setExpirationTime","toSign","getAttestation","attestationRequest","signature","
|
1
|
+
{"version":3,"names":["_ioReactNativeJwt","require","_jwk","_types","_reactNativeUuid","_interopRequireDefault","_errors","obj","__esModule","default","Issuing","constructor","walletProviderBaseUrl","appFetch","arguments","length","undefined","fetch","getAttestationRequestToSign","jwk","parsedJwk","JWK","parse","keyThumbprint","thumbprint","publicKey","kid","walletInstanceAttestationRequest","SignJWT","iss","sub","jti","uuid","v4","type","cnf","setProtectedHeader","alg","typ","setIssuedAt","setExpirationTime","toSign","getAttestation","attestationRequest","signature","signedAttestationRequest","appendSignature","decodedRequest","decodeJwt","parsedRequest","WalletInstanceAttestationRequestJwt","payload","header","protectedHeader","verifyJwt","tokenUrl","URL","href","requestBody","grant_type","assertion","response","method","headers","body","JSON","stringify","status","text","WalletInstanceAttestationIssuingError","exports"],"sourceRoot":"../../../src","sources":["wallet-instance-attestation/issuing.ts"],"mappings":";;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AAGA,IAAAC,IAAA,GAAAD,OAAA;AACA,IAAAE,MAAA,GAAAF,OAAA;AACA,IAAAG,gBAAA,GAAAC,sBAAA,CAAAJ,OAAA;AACA,IAAAK,OAAA,GAAAL,OAAA;AAAwE,SAAAI,uBAAAE,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAEjE,MAAMG,OAAO,CAAC;EAGnBC,WAAWA,CACTC,qBAA6B,EAE7B;IAAA,IADAC,QAA8B,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAGG,KAAK;IAEtC,IAAI,CAACL,qBAAqB,GAAGA,qBAAqB;IAClD,IAAI,CAACC,QAAQ,GAAGA,QAAQ;EAC1B;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMK,2BAA2BA,CAACC,GAAQ,EAAmB;IAC3D,MAAMC,SAAS,GAAGC,QAAG,CAACC,KAAK,CAACH,GAAG,CAAC;IAChC,MAAMI,aAAa,GAAG,MAAM,IAAAC,4BAAU,EAACJ,SAAS,CAAC;IACjD,MAAMK,SAAS,GAAG;MAAE,GAAGL,SAAS;MAAEM,GAAG,EAAEH;IAAc,CAAC;IAEtD,MAAMI,gCAAgC,GAAG,IAAIC,yBAAO,CAAC;MACnDC,GAAG,EAAEN,aAAa;MAClBO,GAAG,EAAE,IAAI,CAAClB,qBAAqB;MAC/BmB,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;MACnBC,IAAI,EAAE,kCAAkC;MACxCC,GAAG,EAAE;QACHhB,GAAG,EAAEM;MACP;IACF,CAAC,CAAC,CACCW,kBAAkB,CAAC;MAClBC,GAAG,EAAE,OAAO;MACZX,GAAG,EAAED,SAAS,CAACC,GAAG;MAClBY,GAAG,EAAE;IACP,CAAC,CAAC,CACDC,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,MAAM,CAAC,CAAC;IAEX,OAAOd,gCAAgC;EACzC;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMe,cAAcA,CAClBC,kBAA0B,EAC1BC,SAAiB,EACA;IACjB,MAAMC,wBAAwB,GAAG,MAAMjB,yBAAO,CAACkB,eAAe,CAC5DH,kBAAkB,EAClBC,SACF,CAAC;IACD,MAAMG,cAAc,GAAG,IAAAC,wBAAS,EAACH,wBAAwB,CAAC;IAC1D,MAAMI,aAAa,GAAGC,0CAAmC,CAAC5B,KAAK,CAAC;MAC9D6B,OAAO,EAAEJ,cAAc,CAACI,OAAO;MAC/BC,MAAM,EAAEL,cAAc,CAACM;IACzB,CAAC,CAAC;IACF,MAAM5B,SAAS,GAAGwB,aAAa,CAACE,OAAO,CAAChB,GAAG,CAAChB,GAAG;IAE/C,MAAM,IAAAmC,wBAAS,EAACT,wBAAwB,EAAEpB,SAAS,CAAC;IAEpD,MAAM8B,QAAQ,GAAG,IAAIC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC5C,qBAAqB,CAAC,CAAC6C,IAAI;IAClE,MAAMC,WAAW,GAAG;MAClBC,UAAU,EACR,iEAAiE;MACnEC,SAAS,EAAEf;IACb,CAAC;IACD,MAAMgB,QAAQ,GAAG,MAAM,IAAI,CAAChD,QAAQ,CAAC0C,QAAQ,EAAE;MAC7CO,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE;MAClB,CAAC;MACDC,IAAI,EAAEC,IAAI,CAACC,SAAS,CAACR,WAAW;IAClC,CAAC,CAAC;IAEF,IAAIG,QAAQ,CAACM,MAAM,KAAK,GAAG,EAAE;MAC3B,OAAO,MAAMN,QAAQ,CAACO,IAAI,CAAC,CAAC;IAC9B;IAEA,MAAM,IAAIC,6CAAqC,CAC7C,mEAAmE,EAClE,kBAAiBR,QAAQ,CAACM,MAAO,EACpC,CAAC;EACH;AACF;AAACG,OAAA,CAAA5D,OAAA,GAAAA,OAAA"}
|
package/lib/module/index.js
CHANGED
@@ -1,7 +1,8 @@
|
|
1
1
|
import * as PID from "./pid";
|
2
|
+
import * as RP from "./rp";
|
3
|
+
import * as Errors from "./utils/errors";
|
2
4
|
import * as WalletInstanceAttestation from "./wallet-instance-attestation";
|
3
|
-
|
4
|
-
|
5
|
-
}
|
6
|
-
export { PID, WalletInstanceAttestation };
|
5
|
+
import { getUnsignedDPop } from "./utils/dpop";
|
6
|
+
import { getSignedJwt } from "./utils/signature";
|
7
|
+
export { PID, RP, WalletInstanceAttestation, Errors, getUnsignedDPop, getSignedJwt };
|
7
8
|
//# sourceMappingURL=index.js.map
|
package/lib/module/index.js.map
CHANGED
@@ -1 +1 @@
|
|
1
|
-
{"version":3,"names":["PID","
|
1
|
+
{"version":3,"names":["PID","RP","Errors","WalletInstanceAttestation","getUnsignedDPop","getSignedJwt"],"sourceRoot":"../../src","sources":["index.ts"],"mappings":"AAAA,OAAO,KAAKA,GAAG,MAAM,OAAO;AAC5B,OAAO,KAAKC,EAAE,MAAM,MAAM;AAC1B,OAAO,KAAKC,MAAM,MAAM,gBAAgB;AACxC,OAAO,KAAKC,yBAAyB,MAAM,+BAA+B;AAC1E,SAASC,eAAe,QAAQ,cAAc;AAC9C,SAASC,YAAY,QAAQ,mBAAmB;AAEhD,SACEL,GAAG,EACHC,EAAE,EACFE,yBAAyB,EACzBD,MAAM,EACNE,eAAe,EACfC,YAAY"}
|
@@ -0,0 +1,16 @@
|
|
1
|
+
import { RelyingPartySolution } from "..";
|
2
|
+
import { AuthRequestDecodeError } from "../../utils/errors";
|
3
|
+
const walletInstanceAttestation = "eyJhbGciOiJFUzI1NiIsImtpZCI6IjV0NVlZcEJoTi1FZ0lFRUk1aVV6cjZyME1SMDJMblZRME9tZWttTktjalkiLCJ0cnVzdF9jaGFpbiI6WyJleUpoYkdjaU9pSkZVei4uLjZTMEEiLCJleUpoYkdjaU9pSkZVei4uLmpKTEEiLCJleUpoYkdjaU9pSkZVei4uLkg5Z3ciXSwidHlwIjoidmErand0IiwieDVjIjpbIk1JSUJqRENDIC4uLiBYRmVoZ0tRQT09Il19.eyJpc3MiOiJodHRwczovL3dhbGxldC1wcm92aWRlci5leGFtcGxlLm9yZyIsInN1YiI6InZiZVhKa3NNNDV4cGh0QU5uQ2lHNm1DeXVVNGpmR056b3BHdUt2b2dnOWMiLCJ0eXBlIjoiV2FsbGV0SW5zdGFuY2VBdHRlc3RhdGlvbiIsInBvbGljeV91cmkiOiJodHRwczovL3dhbGxldC1wcm92aWRlci5leGFtcGxlLm9yZy9wcml2YWN5X3BvbGljeSIsInRvc191cmkiOiJodHRwczovL3dhbGxldC1wcm92aWRlci5leGFtcGxlLm9yZy9pbmZvX3BvbGljeSIsImxvZ29fdXJpIjoiaHR0cHM6Ly93YWxsZXQtcHJvdmlkZXIuZXhhbXBsZS5vcmcvbG9nby5zdmciLCJhc2MiOiJodHRwczovL3dhbGxldC1wcm92aWRlci5leGFtcGxlLm9yZy9Mb0EvYmFzaWMiLCJjbmYiOnsiandrIjp7ImNydiI6IlAtMjU2Iiwia3R5IjoiRUMiLCJ4IjoiNEhOcHRJLXhyMnBqeVJKS0dNbno0V21kblFEX3VKU3E0Ujk1Tmo5OGI0NCIsInkiOiJMSVpuU0IzOXZGSmhZZ1MzazdqWEU0cjMtQ29HRlF3WnRQQklScXBObHJnIiwia2lkIjoidmJlWEprc000NXhwaHRBTm5DaUc2bUN5dVU0amZHTnpvcEd1S3ZvZ2c5YyJ9fSwiYXV0aG9yaXphdGlvbl9lbmRwb2ludCI6ImV1ZGl3OiIsInJlc3BvbnNlX3R5cGVzX3N1cHBvcnRlZCI6WyJ2cF90b2tlbiJdLCJ2cF9mb3JtYXRzX3N1cHBvcnRlZCI6eyJqd3RfdnBfanNvbiI6eyJhbGdfdmFsdWVzX3N1cHBvcnRlZCI6WyJFUzI1NiJdfSwiand0X3ZjX2pzb24iOnsiYWxnX3ZhbHVlc19zdXBwb3J0ZWQiOlsiRVMyNTYiXX19LCJyZXF1ZXN0X29iamVjdF9zaWduaW5nX2FsZ192YWx1ZXNfc3VwcG9ydGVkIjpbIkVTMjU2Il0sInByZXNlbnRhdGlvbl9kZWZpbml0aW9uX3VyaV9zdXBwb3J0ZWQiOmZhbHNlLCJpYXQiOjE2ODcyODExOTUsImV4cCI6MTY4NzI4ODM5NX0.OTuPik6p3o9j6VOx-uCyxRvHwoh1pDiiZcBQFNQt2uE3dK-8izGNflJVETi_uhGSZOf25Enkq-UvEin9NrbJNw";
|
4
|
+
const rp = new RelyingPartySolution("http://rp.example", walletInstanceAttestation);
|
5
|
+
describe("decodeAuthRequestQR", () => {
|
6
|
+
it("should return authentication request URL", async () => {
|
7
|
+
const qrcode = "ZXVkaXc6Ly9hdXRob3JpemU/Y2xpZW50X2lkPWh0dHBzOi8vdmVyaWZpZXIuZXhhbXBsZS5vcmcmcmVxdWVzdF91cmk9aHR0cHM6Ly92ZXJpZmllci5leGFtcGxlLm9yZy9yZXF1ZXN0X3VyaQ==";
|
8
|
+
const result = rp.decodeAuthRequestQR(qrcode);
|
9
|
+
expect(result).toEqual("https://verifier.example.org/request_uri");
|
10
|
+
});
|
11
|
+
it("should throw exception with invalid QR", async () => {
|
12
|
+
const qrcode = "aHR0cDovL2dvb2dsZS5pdA==";
|
13
|
+
expect(() => rp.decodeAuthRequestQR(qrcode)).toThrowError(AuthRequestDecodeError);
|
14
|
+
});
|
15
|
+
});
|
16
|
+
//# sourceMappingURL=index.test.js.map
|
@@ -0,0 +1 @@
|
|
1
|
+
{"version":3,"names":["RelyingPartySolution","AuthRequestDecodeError","walletInstanceAttestation","rp","describe","it","qrcode","result","decodeAuthRequestQR","expect","toEqual","toThrowError"],"sourceRoot":"../../../../src","sources":["rp/__test__/index.test.ts"],"mappings":"AAAA,SAASA,oBAAoB,QAAQ,IAAI;AACzC,SAASC,sBAAsB,QAAQ,oBAAoB;AAE3D,MAAMC,yBAAyB,GAC7B,qhDAAqhD;AACvhD,MAAMC,EAAE,GAAG,IAAIH,oBAAoB,CACjC,mBAAmB,EACnBE,yBACF,CAAC;AACDE,QAAQ,CAAC,qBAAqB,EAAE,MAAM;EACpCC,EAAE,CAAC,0CAA0C,EAAE,YAAY;IACzD,MAAMC,MAAM,GACV,sJAAsJ;IACxJ,MAAMC,MAAM,GAAGJ,EAAE,CAACK,mBAAmB,CAACF,MAAM,CAAC;IAC7CG,MAAM,CAACF,MAAM,CAAC,CAACG,OAAO,CAAC,0CAA0C,CAAC;EACpE,CAAC,CAAC;EACFL,EAAE,CAAC,wCAAwC,EAAE,YAAY;IACvD,MAAMC,MAAM,GAAG,0BAA0B;IACzCG,MAAM,CAAC,MAAMN,EAAE,CAACK,mBAAmB,CAACF,MAAM,CAAC,CAAC,CAACK,YAAY,CACvDV,sBACF,CAAC;EACH,CAAC,CAAC;AACJ,CAAC,CAAC"}
|
@@ -0,0 +1,108 @@
|
|
1
|
+
import { AuthRequestDecodeError, IoWalletError } from "../utils/errors";
|
2
|
+
import { decode as decodeJwt, decodeBase64, sha256ToBase64, SignJWT } from "@pagopa/io-react-native-jwt";
|
3
|
+
import { RequestObject, RpEntityConfiguration } from "./types";
|
4
|
+
import uuid from "react-native-uuid";
|
5
|
+
export class RelyingPartySolution {
|
6
|
+
constructor(relyingPartyBaseUrl, walletInstanceAttestation) {
|
7
|
+
let appFetch = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : fetch;
|
8
|
+
this.relyingPartyBaseUrl = relyingPartyBaseUrl;
|
9
|
+
this.walletInstanceAttestation = walletInstanceAttestation;
|
10
|
+
this.appFetch = appFetch;
|
11
|
+
}
|
12
|
+
|
13
|
+
/**
|
14
|
+
* Decode a QR code content to an authentication request url.
|
15
|
+
* @function
|
16
|
+
* @param qrcode QR code content
|
17
|
+
*
|
18
|
+
* @returns The authentication request url
|
19
|
+
*
|
20
|
+
*/
|
21
|
+
decodeAuthRequestQR(qrcode) {
|
22
|
+
try {
|
23
|
+
const decoded = decodeBase64(qrcode);
|
24
|
+
const decodedUrl = new URL(decoded);
|
25
|
+
const requestUri = decodedUrl.searchParams.get("request_uri");
|
26
|
+
if (requestUri) {
|
27
|
+
return requestUri;
|
28
|
+
} else {
|
29
|
+
throw new AuthRequestDecodeError("Unable to obtain request_uri from QR code", `${decodedUrl}`);
|
30
|
+
}
|
31
|
+
} catch {
|
32
|
+
throw new AuthRequestDecodeError("Unable to decode QR code authentication request url", qrcode);
|
33
|
+
}
|
34
|
+
}
|
35
|
+
/**
|
36
|
+
* Obtain the unsigned wallet instance DPoP for authentication request
|
37
|
+
*
|
38
|
+
* @function
|
39
|
+
* @param walletInstanceAttestationJwk JWT of the Wallet Instance Attestation
|
40
|
+
* @param authRequestUrl authentication request url
|
41
|
+
*
|
42
|
+
* @returns The unsigned wallet instance DPoP
|
43
|
+
*
|
44
|
+
*/
|
45
|
+
async getUnsignedWalletInstanceDPoP(walletInstanceAttestationJwk, authRequestUrl) {
|
46
|
+
return await new SignJWT({
|
47
|
+
jti: `${uuid.v4()}`,
|
48
|
+
htm: "GET",
|
49
|
+
htu: authRequestUrl,
|
50
|
+
ath: await sha256ToBase64(this.walletInstanceAttestation)
|
51
|
+
}).setProtectedHeader({
|
52
|
+
alg: "ES256",
|
53
|
+
jwk: walletInstanceAttestationJwk,
|
54
|
+
typ: "dpop+jwt"
|
55
|
+
}).setIssuedAt().setExpirationTime("1h").toSign();
|
56
|
+
}
|
57
|
+
|
58
|
+
/**
|
59
|
+
* Obtain the Request Object for RP authentication
|
60
|
+
*
|
61
|
+
* @function
|
62
|
+
* @param signedWalletInstanceDPoP JWT of the Wallet Instance Attestation DPoP
|
63
|
+
*
|
64
|
+
* @returns The Request Object JWT
|
65
|
+
*
|
66
|
+
*/
|
67
|
+
async getRequestObject(signedWalletInstanceDPoP) {
|
68
|
+
const decodedJwtDPop = await decodeJwt(signedWalletInstanceDPoP);
|
69
|
+
const requestUri = decodedJwtDPop.payload.htu;
|
70
|
+
const response = await this.appFetch(requestUri, {
|
71
|
+
method: "GET",
|
72
|
+
headers: {
|
73
|
+
Authorization: `DPoP ${this.walletInstanceAttestation}`,
|
74
|
+
DPoP: signedWalletInstanceDPoP
|
75
|
+
}
|
76
|
+
});
|
77
|
+
if (response.status === 200) {
|
78
|
+
const responseText = await response.text();
|
79
|
+
const responseJwt = await decodeJwt(responseText);
|
80
|
+
const requestObj = RequestObject.parse({
|
81
|
+
header: responseJwt.protectedHeader,
|
82
|
+
payload: responseJwt.payload
|
83
|
+
});
|
84
|
+
return requestObj;
|
85
|
+
}
|
86
|
+
throw new IoWalletError(`Unable to obtain Request Object. Response code: ${response.status}`);
|
87
|
+
}
|
88
|
+
|
89
|
+
/**
|
90
|
+
* Obtain the relying party entity configuration.
|
91
|
+
*/
|
92
|
+
async getEntityConfiguration() {
|
93
|
+
const wellKnownUrl = new URL("/.well-known/openid-federation", this.relyingPartyBaseUrl).href;
|
94
|
+
const response = await this.appFetch(wellKnownUrl, {
|
95
|
+
method: "GET"
|
96
|
+
});
|
97
|
+
if (response.status === 200) {
|
98
|
+
const responseText = await response.text();
|
99
|
+
const responseJwt = await decodeJwt(responseText);
|
100
|
+
return RpEntityConfiguration.parse({
|
101
|
+
header: responseJwt.protectedHeader,
|
102
|
+
payload: responseJwt.payload
|
103
|
+
});
|
104
|
+
}
|
105
|
+
throw new IoWalletError(`Unable to obtain RP Entity Configuration. Response code: ${response.status}`);
|
106
|
+
}
|
107
|
+
}
|
108
|
+
//# sourceMappingURL=index.js.map
|
@@ -0,0 +1 @@
|
|
1
|
+
{"version":3,"names":["AuthRequestDecodeError","IoWalletError","decode","decodeJwt","decodeBase64","sha256ToBase64","SignJWT","RequestObject","RpEntityConfiguration","uuid","RelyingPartySolution","constructor","relyingPartyBaseUrl","walletInstanceAttestation","appFetch","arguments","length","undefined","fetch","decodeAuthRequestQR","qrcode","decoded","decodedUrl","URL","requestUri","searchParams","get","getUnsignedWalletInstanceDPoP","walletInstanceAttestationJwk","authRequestUrl","jti","v4","htm","htu","ath","setProtectedHeader","alg","jwk","typ","setIssuedAt","setExpirationTime","toSign","getRequestObject","signedWalletInstanceDPoP","decodedJwtDPop","payload","response","method","headers","Authorization","DPoP","status","responseText","text","responseJwt","requestObj","parse","header","protectedHeader","getEntityConfiguration","wellKnownUrl","href"],"sourceRoot":"../../../src","sources":["rp/index.ts"],"mappings":"AAAA,SAASA,sBAAsB,EAAEC,aAAa,QAAQ,iBAAiB;AACvE,SACEC,MAAM,IAAIC,SAAS,EACnBC,YAAY,EACZC,cAAc,EACdC,OAAO,QACF,6BAA6B;AACpC,SAASC,aAAa,EAAEC,qBAAqB,QAAQ,SAAS;AAE9D,OAAOC,IAAI,MAAM,mBAAmB;AAGpC,OAAO,MAAMC,oBAAoB,CAAC;EAKhCC,WAAWA,CACTC,mBAA2B,EAC3BC,yBAAiC,EAEjC;IAAA,IADAC,QAA8B,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAGG,KAAK;IAEtC,IAAI,CAACN,mBAAmB,GAAGA,mBAAmB;IAC9C,IAAI,CAACC,yBAAyB,GAAGA,yBAAyB;IAC1D,IAAI,CAACC,QAAQ,GAAGA,QAAQ;EAC1B;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;EACEK,mBAAmBA,CAACC,MAAc,EAAU;IAC1C,IAAI;MACF,MAAMC,OAAO,GAAGjB,YAAY,CAACgB,MAAM,CAAC;MACpC,MAAME,UAAU,GAAG,IAAIC,GAAG,CAACF,OAAO,CAAC;MACnC,MAAMG,UAAU,GAAGF,UAAU,CAACG,YAAY,CAACC,GAAG,CAAC,aAAa,CAAC;MAC7D,IAAIF,UAAU,EAAE;QACd,OAAOA,UAAU;MACnB,CAAC,MAAM;QACL,MAAM,IAAIxB,sBAAsB,CAC9B,2CAA2C,EAC1C,GAAEsB,UAAW,EAChB,CAAC;MACH;IACF,CAAC,CAAC,MAAM;MACN,MAAM,IAAItB,sBAAsB,CAC9B,qDAAqD,EACrDoB,MACF,CAAC;IACH;EACF;EACA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMO,6BAA6BA,CACjCC,4BAAiC,EACjCC,cAAsB,EACL;IACjB,OAAO,MAAM,IAAIvB,OAAO,CAAC;MACvBwB,GAAG,EAAG,GAAErB,IAAI,CAACsB,EAAE,CAAC,CAAE,EAAC;MACnBC,GAAG,EAAE,KAAK;MACVC,GAAG,EAAEJ,cAAc;MACnBK,GAAG,EAAE,MAAM7B,cAAc,CAAC,IAAI,CAACQ,yBAAyB;IAC1D,CAAC,CAAC,CACCsB,kBAAkB,CAAC;MAClBC,GAAG,EAAE,OAAO;MACZC,GAAG,EAAET,4BAA4B;MACjCU,GAAG,EAAE;IACP,CAAC,CAAC,CACDC,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,MAAM,CAAC,CAAC;EACb;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMC,gBAAgBA,CACpBC,wBAAgC,EACR;IACxB,MAAMC,cAAc,GAAG,MAAMzC,SAAS,CAACwC,wBAAwB,CAAC;IAChE,MAAMnB,UAAU,GAAGoB,cAAc,CAACC,OAAO,CAACZ,GAAa;IAEvD,MAAMa,QAAQ,GAAG,MAAM,IAAI,CAAChC,QAAQ,CAACU,UAAU,EAAE;MAC/CuB,MAAM,EAAE,KAAK;MACbC,OAAO,EAAE;QACPC,aAAa,EAAG,QAAO,IAAI,CAACpC,yBAA0B,EAAC;QACvDqC,IAAI,EAAEP;MACR;IACF,CAAC,CAAC;IAEF,IAAIG,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAMC,YAAY,GAAG,MAAMN,QAAQ,CAACO,IAAI,CAAC,CAAC;MAC1C,MAAMC,WAAW,GAAG,MAAMnD,SAAS,CAACiD,YAAY,CAAC;MACjD,MAAMG,UAAU,GAAGhD,aAAa,CAACiD,KAAK,CAAC;QACrCC,MAAM,EAAEH,WAAW,CAACI,eAAe;QACnCb,OAAO,EAAES,WAAW,CAACT;MACvB,CAAC,CAAC;MACF,OAAOU,UAAU;IACnB;IAEA,MAAM,IAAItD,aAAa,CACpB,mDAAkD6C,QAAQ,CAACK,MAAO,EACrE,CAAC;EACH;;EAEA;AACF;AACA;EACE,MAAMQ,sBAAsBA,CAAA,EAAmC;IAC7D,MAAMC,YAAY,GAAG,IAAIrC,GAAG,CAC1B,gCAAgC,EAChC,IAAI,CAACX,mBACP,CAAC,CAACiD,IAAI;IAEN,MAAMf,QAAQ,GAAG,MAAM,IAAI,CAAChC,QAAQ,CAAC8C,YAAY,EAAE;MACjDb,MAAM,EAAE;IACV,CAAC,CAAC;IAEF,IAAID,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAMC,YAAY,GAAG,MAAMN,QAAQ,CAACO,IAAI,CAAC,CAAC;MAC1C,MAAMC,WAAW,GAAG,MAAMnD,SAAS,CAACiD,YAAY,CAAC;MACjD,OAAO5C,qBAAqB,CAACgD,KAAK,CAAC;QACjCC,MAAM,EAAEH,WAAW,CAACI,eAAe;QACnCb,OAAO,EAAES,WAAW,CAACT;MACvB,CAAC,CAAC;IACJ;IAEA,MAAM,IAAI5C,aAAa,CACpB,4DAA2D6C,QAAQ,CAACK,MAAO,EAC9E,CAAC;EACH;AACF"}
|