@pagopa/io-react-native-wallet 0.1.0 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/lib/commonjs/index.js +12 -5
- package/lib/commonjs/index.js.map +1 -1
- package/lib/commonjs/pid/index.js +7 -0
- package/lib/commonjs/pid/index.js.map +1 -1
- package/lib/commonjs/pid/issuing.js +231 -0
- package/lib/commonjs/pid/issuing.js.map +1 -0
- package/lib/commonjs/rp/__test__/index.test.js +18 -0
- package/lib/commonjs/rp/__test__/index.test.js.map +1 -0
- package/lib/commonjs/rp/index.js +116 -0
- package/lib/commonjs/rp/index.js.map +1 -0
- package/lib/commonjs/rp/types.js +72 -0
- package/lib/commonjs/rp/types.js.map +1 -0
- package/lib/commonjs/sd-jwt/types.js +1 -1
- package/lib/commonjs/sd-jwt/types.js.map +1 -1
- package/lib/commonjs/utils/dpop.js +27 -0
- package/lib/commonjs/utils/dpop.js.map +1 -0
- package/lib/commonjs/utils/errors.js +49 -1
- package/lib/commonjs/utils/errors.js.map +1 -1
- package/lib/commonjs/wallet-instance-attestation/issuing.js +3 -5
- package/lib/commonjs/wallet-instance-attestation/issuing.js.map +1 -1
- package/lib/module/index.js +4 -4
- package/lib/module/index.js.map +1 -1
- package/lib/module/pid/index.js +2 -1
- package/lib/module/pid/index.js.map +1 -1
- package/lib/module/pid/issuing.js +225 -0
- package/lib/module/pid/issuing.js.map +1 -0
- package/lib/module/rp/__test__/index.test.js +16 -0
- package/lib/module/rp/__test__/index.test.js.map +1 -0
- package/lib/module/rp/index.js +108 -0
- package/lib/module/rp/index.js.map +1 -0
- package/lib/module/rp/types.js +63 -0
- package/lib/module/rp/types.js.map +1 -0
- package/lib/module/sd-jwt/types.js +1 -1
- package/lib/module/sd-jwt/types.js.map +1 -1
- package/lib/module/utils/dpop.js +17 -0
- package/lib/module/utils/dpop.js.map +1 -0
- package/lib/module/utils/errors.js +46 -0
- package/lib/module/utils/errors.js.map +1 -1
- package/lib/module/wallet-instance-attestation/issuing.js +3 -5
- package/lib/module/wallet-instance-attestation/issuing.js.map +1 -1
- package/lib/typescript/index.d.ts +4 -2
- package/lib/typescript/index.d.ts.map +1 -1
- package/lib/typescript/pid/index.d.ts +2 -1
- package/lib/typescript/pid/index.d.ts.map +1 -1
- package/lib/typescript/pid/issuing.d.ts +93 -0
- package/lib/typescript/pid/issuing.d.ts.map +1 -0
- package/lib/typescript/rp/__test__/index.test.d.ts +2 -0
- package/lib/typescript/rp/__test__/index.test.d.ts.map +1 -0
- package/lib/typescript/rp/index.d.ts +43 -0
- package/lib/typescript/rp/index.d.ts.map +1 -0
- package/lib/typescript/rp/types.d.ts +840 -0
- package/lib/typescript/rp/types.d.ts.map +1 -0
- package/lib/typescript/sd-jwt/types.d.ts +5 -5
- package/lib/typescript/utils/dpop.d.ts +21 -0
- package/lib/typescript/utils/dpop.d.ts.map +1 -0
- package/lib/typescript/utils/errors.d.ts +26 -0
- package/lib/typescript/utils/errors.d.ts.map +1 -1
- package/lib/typescript/wallet-instance-attestation/issuing.d.ts +3 -3
- package/lib/typescript/wallet-instance-attestation/issuing.d.ts.map +1 -1
- package/lib/typescript/wallet-instance-attestation/types.d.ts +4 -4
- package/package.json +4 -2
- package/src/index.ts +4 -5
- package/src/pid/index.ts +2 -1
- package/src/pid/issuing.ts +305 -0
- package/src/rp/__test__/index.test.ts +23 -0
- package/src/rp/index.ts +150 -0
- package/src/rp/types.ts +64 -0
- package/src/sd-jwt/types.ts +1 -1
- package/src/utils/dpop.ts +25 -0
- package/src/utils/errors.ts +48 -0
- package/src/wallet-instance-attestation/issuing.ts +9 -7
@@ -3,7 +3,7 @@
|
|
3
3
|
Object.defineProperty(exports, "__esModule", {
|
4
4
|
value: true
|
5
5
|
});
|
6
|
-
exports.WalletInstanceAttestationIssuingError = exports.ValidationFailed = exports.IoWalletError = void 0;
|
6
|
+
exports.WalletInstanceAttestationIssuingError = exports.ValidationFailed = exports.PidIssuingError = exports.IoWalletError = exports.AuthRequestDecodeError = void 0;
|
7
7
|
/**
|
8
8
|
* A generic Error that all other io-wallet specific Error subclasses extend.
|
9
9
|
*
|
@@ -78,5 +78,53 @@ class WalletInstanceAttestationIssuingError extends IoWalletError {
|
|
78
78
|
this.reason = reason;
|
79
79
|
}
|
80
80
|
}
|
81
|
+
|
82
|
+
/**
|
83
|
+
* An error subclass thrown when auth request decode fail
|
84
|
+
*
|
85
|
+
*/
|
81
86
|
exports.WalletInstanceAttestationIssuingError = WalletInstanceAttestationIssuingError;
|
87
|
+
class AuthRequestDecodeError extends IoWalletError {
|
88
|
+
static get code() {
|
89
|
+
return "ERR_IO_WALLET_AUTHENTICATION_REQUEST_DECODE_FAILED";
|
90
|
+
}
|
91
|
+
code = "ERR_IO_WALLET_AUTHENTICATION_REQUEST_DECODE_FAILED";
|
92
|
+
|
93
|
+
/** The Claim for which the validation failed. */
|
94
|
+
|
95
|
+
/** Reason code for the validation failure. */
|
96
|
+
|
97
|
+
constructor(message) {
|
98
|
+
let claim = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : "unspecified";
|
99
|
+
let reason = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : "unspecified";
|
100
|
+
super(message);
|
101
|
+
this.claim = claim;
|
102
|
+
this.reason = reason;
|
103
|
+
}
|
104
|
+
}
|
105
|
+
|
106
|
+
/**
|
107
|
+
* An error subclass thrown when validation fail
|
108
|
+
*
|
109
|
+
*/
|
110
|
+
exports.AuthRequestDecodeError = AuthRequestDecodeError;
|
111
|
+
class PidIssuingError extends IoWalletError {
|
112
|
+
static get code() {
|
113
|
+
return "ERR_IO_WALLET_PID_ISSUING_FAILED";
|
114
|
+
}
|
115
|
+
code = "ERR_IO_WALLET_PID_ISSUING_FAILED";
|
116
|
+
|
117
|
+
/** The Claim for which the validation failed. */
|
118
|
+
|
119
|
+
/** Reason code for the validation failure. */
|
120
|
+
|
121
|
+
constructor(message) {
|
122
|
+
let claim = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : "unspecified";
|
123
|
+
let reason = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : "unspecified";
|
124
|
+
super(message);
|
125
|
+
this.claim = claim;
|
126
|
+
this.reason = reason;
|
127
|
+
}
|
128
|
+
}
|
129
|
+
exports.PidIssuingError = PidIssuingError;
|
82
130
|
//# sourceMappingURL=errors.js.map
|
@@ -1 +1 @@
|
|
1
|
-
{"version":3,"names":["IoWalletError","Error","code","constructor","message","_Error$captureStackTr","name","captureStackTrace","call","exports","ValidationFailed","claim","arguments","length","undefined","reason","WalletInstanceAttestationIssuingError"],"sourceRoot":"../../../src","sources":["utils/errors.ts"],"mappings":";;;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMA,aAAa,SAASC,KAAK,CAAC;EACvC;EACA,WAAWC,IAAIA,CAAA,EAAW;IACxB,OAAO,uBAAuB;EAChC;;EAEA;EACAA,IAAI,GAAW,uBAAuB;EAEtCC,WAAWA,CAACC,OAAgB,EAAE;IAAA,IAAAC,qBAAA;IAC5B,KAAK,CAACD,OAAO,CAAC;IACd,IAAI,CAACE,IAAI,GAAG,IAAI,CAACH,WAAW,CAACG,IAAI;IACjC;IACA,CAAAD,qBAAA,GAAAJ,KAAK,CAACM,iBAAiB,cAAAF,qBAAA,uBAAvBA,qBAAA,CAAAG,IAAA,CAAAP,KAAK,EAAqB,IAAI,EAAE,IAAI,CAACE,WAAW,CAAC;EACnD;AACF;AACA;AACA;AACA;AACA;AAHAM,OAAA,CAAAT,aAAA,GAAAA,aAAA;AAIO,MAAMU,gBAAgB,SAASV,aAAa,CAAC;EAClD,WAAWE,IAAIA,CAAA,EAAsC;IACnD,OAAO,iCAAiC;EAC1C;EAEAA,IAAI,GAAG,iCAAiC;;EAExC;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CO,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACR,OAAO,CAAC;IACd,IAAI,CAACO,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AAHAN,OAAA,CAAAC,gBAAA,GAAAA,gBAAA;AAIO,MAAMM,qCAAqC,SAAShB,aAAa,CAAC;EACvE,WAAWE,IAAIA,CAAA,EAAwD;IACrE,OAAO,mDAAmD;EAC5D;EAEAA,IAAI,GAAG,mDAAmD;;EAE1D;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CO,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACR,OAAO,CAAC;IACd,IAAI,CAACO,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;
|
1
|
+
{"version":3,"names":["IoWalletError","Error","code","constructor","message","_Error$captureStackTr","name","captureStackTrace","call","exports","ValidationFailed","claim","arguments","length","undefined","reason","WalletInstanceAttestationIssuingError","AuthRequestDecodeError","PidIssuingError"],"sourceRoot":"../../../src","sources":["utils/errors.ts"],"mappings":";;;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMA,aAAa,SAASC,KAAK,CAAC;EACvC;EACA,WAAWC,IAAIA,CAAA,EAAW;IACxB,OAAO,uBAAuB;EAChC;;EAEA;EACAA,IAAI,GAAW,uBAAuB;EAEtCC,WAAWA,CAACC,OAAgB,EAAE;IAAA,IAAAC,qBAAA;IAC5B,KAAK,CAACD,OAAO,CAAC;IACd,IAAI,CAACE,IAAI,GAAG,IAAI,CAACH,WAAW,CAACG,IAAI;IACjC;IACA,CAAAD,qBAAA,GAAAJ,KAAK,CAACM,iBAAiB,cAAAF,qBAAA,uBAAvBA,qBAAA,CAAAG,IAAA,CAAAP,KAAK,EAAqB,IAAI,EAAE,IAAI,CAACE,WAAW,CAAC;EACnD;AACF;AACA;AACA;AACA;AACA;AAHAM,OAAA,CAAAT,aAAA,GAAAA,aAAA;AAIO,MAAMU,gBAAgB,SAASV,aAAa,CAAC;EAClD,WAAWE,IAAIA,CAAA,EAAsC;IACnD,OAAO,iCAAiC;EAC1C;EAEAA,IAAI,GAAG,iCAAiC;;EAExC;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CO,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACR,OAAO,CAAC;IACd,IAAI,CAACO,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AAHAN,OAAA,CAAAC,gBAAA,GAAAA,gBAAA;AAIO,MAAMM,qCAAqC,SAAShB,aAAa,CAAC;EACvE,WAAWE,IAAIA,CAAA,EAAwD;IACrE,OAAO,mDAAmD;EAC5D;EAEAA,IAAI,GAAG,mDAAmD;;EAE1D;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CO,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACR,OAAO,CAAC;IACd,IAAI,CAACO,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AAHAN,OAAA,CAAAO,qCAAA,GAAAA,qCAAA;AAIO,MAAMC,sBAAsB,SAASjB,aAAa,CAAC;EACxD,WAAWE,IAAIA,CAAA,EAAyD;IACtE,OAAO,oDAAoD;EAC7D;EAEAA,IAAI,GAAG,oDAAoD;;EAE3D;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CO,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACR,OAAO,CAAC;IACd,IAAI,CAACO,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AAHAN,OAAA,CAAAQ,sBAAA,GAAAA,sBAAA;AAIO,MAAMC,eAAe,SAASlB,aAAa,CAAC;EACjD,WAAWE,IAAIA,CAAA,EAAuC;IACpD,OAAO,kCAAkC;EAC3C;EAEAA,IAAI,GAAG,kCAAkC;;EAEzC;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CO,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACR,OAAO,CAAC;IACd,IAAI,CAACO,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;AAACN,OAAA,CAAAS,eAAA,GAAAA,eAAA"}
|
@@ -12,7 +12,9 @@ var _errors = require("../utils/errors");
|
|
12
12
|
function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
|
13
13
|
class Issuing {
|
14
14
|
constructor(walletProviderBaseUrl) {
|
15
|
+
let appFetch = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : fetch;
|
15
16
|
this.walletProviderBaseUrl = walletProviderBaseUrl;
|
17
|
+
this.appFetch = appFetch;
|
16
18
|
}
|
17
19
|
|
18
20
|
/**
|
@@ -57,15 +59,11 @@ class Issuing {
|
|
57
59
|
* @param attestationRequest Wallet Instance Attestaion Request
|
58
60
|
* obtained with {@link getAttestationRequestToSign}
|
59
61
|
* @param signature Signature of the Wallet Instance Attestaion Request
|
60
|
-
* @param appFetch Optional object with fetch function to use
|
61
62
|
*
|
62
63
|
* @returns {string} Wallet Instance Attestation
|
63
64
|
*
|
64
65
|
*/
|
65
66
|
async getAttestation(attestationRequest, signature) {
|
66
|
-
let appFetch = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : {
|
67
|
-
fetch
|
68
|
-
};
|
69
67
|
const signedAttestationRequest = await _ioReactNativeJwt.SignJWT.appendSignature(attestationRequest, signature);
|
70
68
|
const decodedRequest = (0, _ioReactNativeJwt.decode)(signedAttestationRequest);
|
71
69
|
const parsedRequest = _types.WalletInstanceAttestationRequestJwt.parse({
|
@@ -79,7 +77,7 @@ class Issuing {
|
|
79
77
|
grant_type: "urn:ietf:params:oauth:client-assertion-type:jwt-key-attestation",
|
80
78
|
assertion: signedAttestationRequest
|
81
79
|
};
|
82
|
-
const response = await appFetch
|
80
|
+
const response = await this.appFetch(tokenUrl, {
|
83
81
|
method: "POST",
|
84
82
|
headers: {
|
85
83
|
"Content-Type": "application/json"
|
@@ -1 +1 @@
|
|
1
|
-
{"version":3,"names":["_ioReactNativeJwt","require","_jwk","_types","_reactNativeUuid","_interopRequireDefault","_errors","obj","__esModule","default","Issuing","constructor","walletProviderBaseUrl","getAttestationRequestToSign","jwk","parsedJwk","JWK","parse","keyThumbprint","thumbprint","publicKey","kid","walletInstanceAttestationRequest","SignJWT","iss","sub","jti","uuid","v4","type","cnf","setProtectedHeader","alg","typ","setIssuedAt","setExpirationTime","toSign","getAttestation","attestationRequest","signature","
|
1
|
+
{"version":3,"names":["_ioReactNativeJwt","require","_jwk","_types","_reactNativeUuid","_interopRequireDefault","_errors","obj","__esModule","default","Issuing","constructor","walletProviderBaseUrl","appFetch","arguments","length","undefined","fetch","getAttestationRequestToSign","jwk","parsedJwk","JWK","parse","keyThumbprint","thumbprint","publicKey","kid","walletInstanceAttestationRequest","SignJWT","iss","sub","jti","uuid","v4","type","cnf","setProtectedHeader","alg","typ","setIssuedAt","setExpirationTime","toSign","getAttestation","attestationRequest","signature","signedAttestationRequest","appendSignature","decodedRequest","decodeJwt","parsedRequest","WalletInstanceAttestationRequestJwt","payload","header","protectedHeader","verifyJwt","tokenUrl","URL","href","requestBody","grant_type","assertion","response","method","headers","body","JSON","stringify","status","text","WalletInstanceAttestationIssuingError","exports"],"sourceRoot":"../../../src","sources":["wallet-instance-attestation/issuing.ts"],"mappings":";;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AAGA,IAAAC,IAAA,GAAAD,OAAA;AACA,IAAAE,MAAA,GAAAF,OAAA;AACA,IAAAG,gBAAA,GAAAC,sBAAA,CAAAJ,OAAA;AACA,IAAAK,OAAA,GAAAL,OAAA;AAAwE,SAAAI,uBAAAE,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAEjE,MAAMG,OAAO,CAAC;EAGnBC,WAAWA,CACTC,qBAA6B,EAE7B;IAAA,IADAC,QAA8B,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAGG,KAAK;IAEtC,IAAI,CAACL,qBAAqB,GAAGA,qBAAqB;IAClD,IAAI,CAACC,QAAQ,GAAGA,QAAQ;EAC1B;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMK,2BAA2BA,CAACC,GAAQ,EAAmB;IAC3D,MAAMC,SAAS,GAAGC,QAAG,CAACC,KAAK,CAACH,GAAG,CAAC;IAChC,MAAMI,aAAa,GAAG,MAAM,IAAAC,4BAAU,EAACJ,SAAS,CAAC;IACjD,MAAMK,SAAS,GAAG;MAAE,GAAGL,SAAS;MAAEM,GAAG,EAAEH;IAAc,CAAC;IAEtD,MAAMI,gCAAgC,GAAG,IAAIC,yBAAO,CAAC;MACnDC,GAAG,EAAEN,aAAa;MAClBO,GAAG,EAAE,IAAI,CAAClB,qBAAqB;MAC/BmB,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;MACnBC,IAAI,EAAE,kCAAkC;MACxCC,GAAG,EAAE;QACHhB,GAAG,EAAEM;MACP;IACF,CAAC,CAAC,CACCW,kBAAkB,CAAC;MAClBC,GAAG,EAAE,OAAO;MACZX,GAAG,EAAED,SAAS,CAACC,GAAG;MAClBY,GAAG,EAAE;IACP,CAAC,CAAC,CACDC,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,MAAM,CAAC,CAAC;IAEX,OAAOd,gCAAgC;EACzC;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMe,cAAcA,CAClBC,kBAA0B,EAC1BC,SAAiB,EACA;IACjB,MAAMC,wBAAwB,GAAG,MAAMjB,yBAAO,CAACkB,eAAe,CAC5DH,kBAAkB,EAClBC,SACF,CAAC;IACD,MAAMG,cAAc,GAAG,IAAAC,wBAAS,EAACH,wBAAwB,CAAC;IAC1D,MAAMI,aAAa,GAAGC,0CAAmC,CAAC5B,KAAK,CAAC;MAC9D6B,OAAO,EAAEJ,cAAc,CAACI,OAAO;MAC/BC,MAAM,EAAEL,cAAc,CAACM;IACzB,CAAC,CAAC;IACF,MAAM5B,SAAS,GAAGwB,aAAa,CAACE,OAAO,CAAChB,GAAG,CAAChB,GAAG;IAE/C,MAAM,IAAAmC,wBAAS,EAACT,wBAAwB,EAAEpB,SAAS,CAAC;IAEpD,MAAM8B,QAAQ,GAAG,IAAIC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC5C,qBAAqB,CAAC,CAAC6C,IAAI;IAClE,MAAMC,WAAW,GAAG;MAClBC,UAAU,EACR,iEAAiE;MACnEC,SAAS,EAAEf;IACb,CAAC;IACD,MAAMgB,QAAQ,GAAG,MAAM,IAAI,CAAChD,QAAQ,CAAC0C,QAAQ,EAAE;MAC7CO,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE;MAClB,CAAC;MACDC,IAAI,EAAEC,IAAI,CAACC,SAAS,CAACR,WAAW;IAClC,CAAC,CAAC;IAEF,IAAIG,QAAQ,CAACM,MAAM,KAAK,GAAG,EAAE;MAC3B,OAAO,MAAMN,QAAQ,CAACO,IAAI,CAAC,CAAC;IAC9B;IAEA,MAAM,IAAIC,6CAAqC,CAC7C,mEAAmE,EAClE,kBAAiBR,QAAQ,CAACM,MAAO,EACpC,CAAC;EACH;AACF;AAACG,OAAA,CAAA5D,OAAA,GAAAA,OAAA"}
|
package/lib/module/index.js
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
import * as PID from "./pid";
|
2
|
+
import * as RP from "./rp";
|
3
|
+
import * as Errors from "./utils/errors";
|
2
4
|
import * as WalletInstanceAttestation from "./wallet-instance-attestation";
|
3
|
-
|
4
|
-
|
5
|
-
}
|
6
|
-
export { PID, WalletInstanceAttestation };
|
5
|
+
import { getUnsignedDPop } from "./utils/dpop";
|
6
|
+
export { PID, RP, WalletInstanceAttestation, Errors, getUnsignedDPop };
|
7
7
|
//# sourceMappingURL=index.js.map
|
package/lib/module/index.js.map
CHANGED
@@ -1 +1 @@
|
|
1
|
-
{"version":3,"names":["PID","
|
1
|
+
{"version":3,"names":["PID","RP","Errors","WalletInstanceAttestation","getUnsignedDPop"],"sourceRoot":"../../src","sources":["index.ts"],"mappings":"AAAA,OAAO,KAAKA,GAAG,MAAM,OAAO;AAC5B,OAAO,KAAKC,EAAE,MAAM,MAAM;AAC1B,OAAO,KAAKC,MAAM,MAAM,gBAAgB;AACxC,OAAO,KAAKC,yBAAyB,MAAM,+BAA+B;AAC1E,SAASC,eAAe,QAAQ,cAAc;AAE9C,SAASJ,GAAG,EAAEC,EAAE,EAAEE,yBAAyB,EAAED,MAAM,EAAEE,eAAe"}
|
package/lib/module/pid/index.js
CHANGED
@@ -1 +1 @@
|
|
1
|
-
{"version":3,"names":["SdJwt"],"sourceRoot":"../../../src","sources":["pid/index.ts"],"mappings":"AAAA,OAAO,KAAKA,KAAK,MAAM,UAAU;AACjC,
|
1
|
+
{"version":3,"names":["SdJwt","Issuing"],"sourceRoot":"../../../src","sources":["pid/index.ts"],"mappings":"AAAA,OAAO,KAAKA,KAAK,MAAM,UAAU;AACjC,SAASC,OAAO,QAAQ,WAAW;AACnC,SAASD,KAAK,EAAEC,OAAO"}
|
@@ -0,0 +1,225 @@
|
|
1
|
+
import { decode as decodeJwt, sha256ToBase64 } from "@pagopa/io-react-native-jwt";
|
2
|
+
import { SignJWT, thumbprint } from "@pagopa/io-react-native-jwt";
|
3
|
+
import { JWK } from "../utils/jwk";
|
4
|
+
import uuid from "react-native-uuid";
|
5
|
+
import { PidIssuingError } from "../utils/errors";
|
6
|
+
import { getUnsignedDPop } from "../utils/dpop";
|
7
|
+
import { sign, generate, deleteKey } from "@pagopa/io-react-native-crypto";
|
8
|
+
|
9
|
+
// This is a temporary type that will be used for demo purposes only
|
10
|
+
|
11
|
+
export class Issuing {
|
12
|
+
constructor(pidProviderBaseUrl, walletProviderBaseUrl, walletInstanceAttestation, clientId) {
|
13
|
+
let appFetch = arguments.length > 4 && arguments[4] !== undefined ? arguments[4] : fetch;
|
14
|
+
this.pidProviderBaseUrl = pidProviderBaseUrl;
|
15
|
+
this.walletProviderBaseUrl = walletProviderBaseUrl;
|
16
|
+
this.state = `${uuid.v4()}`;
|
17
|
+
this.codeVerifier = `${uuid.v4()}`;
|
18
|
+
this.authorizationCode = `${uuid.v4()}`;
|
19
|
+
this.walletInstanceAttestation = walletInstanceAttestation;
|
20
|
+
this.clientId = clientId;
|
21
|
+
this.appFetch = appFetch;
|
22
|
+
}
|
23
|
+
|
24
|
+
/**
|
25
|
+
* Return the unsigned jwt to call the PAR request.
|
26
|
+
*
|
27
|
+
* @function
|
28
|
+
* @param jwk The wallet instance attestation public JWK
|
29
|
+
*
|
30
|
+
* @returns Unsigned jwt
|
31
|
+
*
|
32
|
+
*/
|
33
|
+
async getUnsignedJwtForPar(jwk) {
|
34
|
+
const parsedJwk = JWK.parse(jwk);
|
35
|
+
const keyThumbprint = await thumbprint(parsedJwk);
|
36
|
+
const publicKey = {
|
37
|
+
...parsedJwk,
|
38
|
+
kid: keyThumbprint
|
39
|
+
};
|
40
|
+
const codeChallenge = await sha256ToBase64(this.codeVerifier);
|
41
|
+
const unsignedJwtForPar = new SignJWT({
|
42
|
+
client_assertion_type: "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
|
43
|
+
authorization_details: [{
|
44
|
+
credentialDefinition: {
|
45
|
+
type: ["eu.eudiw.pid.it"]
|
46
|
+
},
|
47
|
+
format: "vc+sd-jwt",
|
48
|
+
type: "type"
|
49
|
+
}],
|
50
|
+
response_type: "code",
|
51
|
+
code_challenge_method: "s256",
|
52
|
+
redirect_uri: this.walletProviderBaseUrl,
|
53
|
+
state: this.state,
|
54
|
+
client_id: this.clientId,
|
55
|
+
code_challenge: codeChallenge
|
56
|
+
}).setProtectedHeader({
|
57
|
+
alg: "ES256",
|
58
|
+
kid: publicKey.kid
|
59
|
+
}).setIssuedAt().setExpirationTime("1h").toSign();
|
60
|
+
return unsignedJwtForPar;
|
61
|
+
}
|
62
|
+
|
63
|
+
/**
|
64
|
+
* Make a PAR request to the PID issuer and return the response url
|
65
|
+
*
|
66
|
+
* @function
|
67
|
+
* @param unsignedJwtForPar The unsigned JWT for PAR
|
68
|
+
* @param signature The JWT for PAR signature
|
69
|
+
*
|
70
|
+
* @returns Unsigned PAR url
|
71
|
+
*
|
72
|
+
*/
|
73
|
+
async getPar(unsignedJwtForPar, signature) {
|
74
|
+
const codeChallenge = await sha256ToBase64(this.codeVerifier);
|
75
|
+
const signedJwtForPar = await SignJWT.appendSignature(unsignedJwtForPar, signature);
|
76
|
+
const parUrl = new URL("/as/par", this.pidProviderBaseUrl).href;
|
77
|
+
const requestBody = {
|
78
|
+
response_type: "code",
|
79
|
+
client_id: this.clientId,
|
80
|
+
code_challenge: codeChallenge,
|
81
|
+
code_challenge_method: "S256",
|
82
|
+
client_assertion_type: "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
|
83
|
+
client_assertion: this.walletInstanceAttestation,
|
84
|
+
request: signedJwtForPar
|
85
|
+
};
|
86
|
+
var formBody = new URLSearchParams(requestBody);
|
87
|
+
const response = await this.appFetch(parUrl, {
|
88
|
+
method: "POST",
|
89
|
+
headers: {
|
90
|
+
"Content-Type": "application/x-www-form-urlencoded"
|
91
|
+
},
|
92
|
+
body: formBody.toString()
|
93
|
+
});
|
94
|
+
if (response.status === 201) {
|
95
|
+
const result = await response.json();
|
96
|
+
return result.request_uri;
|
97
|
+
}
|
98
|
+
throw new PidIssuingError(`Unable to obtain PAR. Response code: ${await response.text()}`);
|
99
|
+
}
|
100
|
+
|
101
|
+
/**
|
102
|
+
* Return the unsigned jwt for a generic DPoP
|
103
|
+
*
|
104
|
+
* @function
|
105
|
+
* @param jwk the public key for which the DPoP is to be created
|
106
|
+
*
|
107
|
+
* @returns Unsigned JWT for DPoP
|
108
|
+
*
|
109
|
+
*/
|
110
|
+
async getUnsignedDPoP(jwk) {
|
111
|
+
const tokenUrl = new URL("/token", this.pidProviderBaseUrl).href;
|
112
|
+
const dPop = getUnsignedDPop(jwk, {
|
113
|
+
htm: "POST",
|
114
|
+
htu: tokenUrl,
|
115
|
+
jti: `${uuid.v4()}`
|
116
|
+
});
|
117
|
+
return dPop;
|
118
|
+
}
|
119
|
+
|
120
|
+
/**
|
121
|
+
* Make an auth token request to the PID issuer
|
122
|
+
*
|
123
|
+
* @function
|
124
|
+
* @returns a token response
|
125
|
+
*
|
126
|
+
*/
|
127
|
+
async getAuthToken() {
|
128
|
+
//Generate fresh keys for DPoP
|
129
|
+
const dPopKeyTag = `${uuid.v4()}`;
|
130
|
+
const dPopKey = await generate(dPopKeyTag);
|
131
|
+
const unsignedDPopForToken = await this.getUnsignedDPoP(dPopKey);
|
132
|
+
const dPopTokenSignature = await sign(unsignedDPopForToken, dPopKeyTag);
|
133
|
+
await deleteKey(dPopKeyTag);
|
134
|
+
const signedDPop = await SignJWT.appendSignature(unsignedDPopForToken, dPopTokenSignature);
|
135
|
+
const decodedJwtDPop = decodeJwt(signedDPop);
|
136
|
+
const tokenUrl = decodedJwtDPop.payload.htu;
|
137
|
+
const requestBody = {
|
138
|
+
grant_type: "authorization code",
|
139
|
+
client_id: this.clientId,
|
140
|
+
code: this.authorizationCode,
|
141
|
+
code_verifier: this.codeVerifier,
|
142
|
+
client_assertion_type: "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
|
143
|
+
client_assertion: this.walletInstanceAttestation,
|
144
|
+
redirect_uri: this.walletProviderBaseUrl
|
145
|
+
};
|
146
|
+
var formBody = new URLSearchParams(requestBody);
|
147
|
+
const response = await this.appFetch(tokenUrl, {
|
148
|
+
method: "POST",
|
149
|
+
headers: {
|
150
|
+
"Content-Type": "application/x-www-form-urlencoded",
|
151
|
+
DPoP: signedDPop
|
152
|
+
},
|
153
|
+
body: formBody.toString()
|
154
|
+
});
|
155
|
+
if (response.status === 200) {
|
156
|
+
return await response.json();
|
157
|
+
}
|
158
|
+
throw new PidIssuingError(`Unable to obtain token. Response code: ${await response.text()}`);
|
159
|
+
}
|
160
|
+
|
161
|
+
/**
|
162
|
+
* Return the unsigned jwt for nonce proof of possession
|
163
|
+
*
|
164
|
+
* @function
|
165
|
+
* @param nonce the nonce
|
166
|
+
*
|
167
|
+
* @returns Unsigned JWT for nonce proof
|
168
|
+
*
|
169
|
+
*/
|
170
|
+
async getUnsignedNonceProof(nonce) {
|
171
|
+
const unsignedProof = new SignJWT({
|
172
|
+
nonce
|
173
|
+
}).setProtectedHeader({
|
174
|
+
alg: "ES256",
|
175
|
+
type: "openid4vci-proof+jwt"
|
176
|
+
}).setAudience(this.walletProviderBaseUrl).setIssuer(this.clientId).setIssuedAt().setExpirationTime("1h").toSign();
|
177
|
+
return unsignedProof;
|
178
|
+
}
|
179
|
+
|
180
|
+
/**
|
181
|
+
* Make the credential issuing request to the PID issuer
|
182
|
+
*
|
183
|
+
* @function
|
184
|
+
* @param unsignedDPopForPid The unsigned JWT for PID DPoP
|
185
|
+
* @param dPopPidSignature The JWT for PID DPoP signature
|
186
|
+
* @param unsignedNonceProof The unsigned JWT for nonce proof
|
187
|
+
* @param nonceProofSignature The JWT for nonce proof signature
|
188
|
+
* @param accessToken The access token obtained with getAuthToken
|
189
|
+
* @param cieData Personal data read by the CIE
|
190
|
+
*
|
191
|
+
* @returns a credential
|
192
|
+
*
|
193
|
+
*/
|
194
|
+
async getCredential(unsignedDPopForPid, dPopPidSignature, unsignedNonceProof, nonceProofSignature, accessToken, cieData) {
|
195
|
+
const signedDPopForPid = await SignJWT.appendSignature(unsignedDPopForPid, dPopPidSignature);
|
196
|
+
const signedNonceProof = await SignJWT.appendSignature(unsignedNonceProof, nonceProofSignature);
|
197
|
+
const credentialUrl = new URL("/credential", this.pidProviderBaseUrl).href;
|
198
|
+
const requestBody = {
|
199
|
+
credential_definition: JSON.stringify({
|
200
|
+
type: ["eu.eudiw.pid.it"]
|
201
|
+
}),
|
202
|
+
format: "vc+sd-jwt",
|
203
|
+
proof: JSON.stringify({
|
204
|
+
jwt: signedNonceProof,
|
205
|
+
cieData,
|
206
|
+
proof_type: "jwt"
|
207
|
+
})
|
208
|
+
};
|
209
|
+
const formBody = new URLSearchParams(requestBody);
|
210
|
+
const response = await this.appFetch(credentialUrl, {
|
211
|
+
method: "POST",
|
212
|
+
headers: {
|
213
|
+
"Content-Type": "application/x-www-form-urlencoded",
|
214
|
+
DPoP: signedDPopForPid,
|
215
|
+
Authorization: accessToken
|
216
|
+
},
|
217
|
+
body: formBody.toString()
|
218
|
+
});
|
219
|
+
if (response.status === 200) {
|
220
|
+
return await response.json();
|
221
|
+
}
|
222
|
+
throw new PidIssuingError(`Unable to obtain credential!`);
|
223
|
+
}
|
224
|
+
}
|
225
|
+
//# sourceMappingURL=issuing.js.map
|
@@ -0,0 +1 @@
|
|
1
|
+
{"version":3,"names":["decode","decodeJwt","sha256ToBase64","SignJWT","thumbprint","JWK","uuid","PidIssuingError","getUnsignedDPop","sign","generate","deleteKey","Issuing","constructor","pidProviderBaseUrl","walletProviderBaseUrl","walletInstanceAttestation","clientId","appFetch","arguments","length","undefined","fetch","state","v4","codeVerifier","authorizationCode","getUnsignedJwtForPar","jwk","parsedJwk","parse","keyThumbprint","publicKey","kid","codeChallenge","unsignedJwtForPar","client_assertion_type","authorization_details","credentialDefinition","type","format","response_type","code_challenge_method","redirect_uri","client_id","code_challenge","setProtectedHeader","alg","setIssuedAt","setExpirationTime","toSign","getPar","signature","signedJwtForPar","appendSignature","parUrl","URL","href","requestBody","client_assertion","request","formBody","URLSearchParams","response","method","headers","body","toString","status","result","json","request_uri","text","getUnsignedDPoP","tokenUrl","dPop","htm","htu","jti","getAuthToken","dPopKeyTag","dPopKey","unsignedDPopForToken","dPopTokenSignature","signedDPop","decodedJwtDPop","payload","grant_type","code","code_verifier","DPoP","getUnsignedNonceProof","nonce","unsignedProof","setAudience","setIssuer","getCredential","unsignedDPopForPid","dPopPidSignature","unsignedNonceProof","nonceProofSignature","accessToken","cieData","signedDPopForPid","signedNonceProof","credentialUrl","credential_definition","JSON","stringify","proof","jwt","proof_type","Authorization"],"sourceRoot":"../../../src","sources":["pid/issuing.ts"],"mappings":"AAAA,SACEA,MAAM,IAAIC,SAAS,EACnBC,cAAc,QACT,6BAA6B;AAEpC,SAASC,OAAO,EAAEC,UAAU,QAAQ,6BAA6B;AACjE,SAASC,GAAG,QAAQ,cAAc;AAClC,OAAOC,IAAI,MAAM,mBAAmB;AACpC,SAASC,eAAe,QAAQ,iBAAiB;AACjD,SAASC,eAAe,QAAQ,eAAe;AAC/C,SAASC,IAAI,EAAEC,QAAQ,EAAEC,SAAS,QAAQ,gCAAgC;;AAE1E;;AAgBA,OAAO,MAAMC,OAAO,CAAC;EAUnBC,WAAWA,CACTC,kBAA0B,EAC1BC,qBAA6B,EAC7BC,yBAAiC,EACjCC,QAAgB,EAEhB;IAAA,IADAC,QAA8B,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAGG,KAAK;IAEtC,IAAI,CAACR,kBAAkB,GAAGA,kBAAkB;IAC5C,IAAI,CAACC,qBAAqB,GAAGA,qBAAqB;IAClD,IAAI,CAACQ,KAAK,GAAI,GAAEjB,IAAI,CAACkB,EAAE,CAAC,CAAE,EAAC;IAC3B,IAAI,CAACC,YAAY,GAAI,GAAEnB,IAAI,CAACkB,EAAE,CAAC,CAAE,EAAC;IAClC,IAAI,CAACE,iBAAiB,GAAI,GAAEpB,IAAI,CAACkB,EAAE,CAAC,CAAE,EAAC;IACvC,IAAI,CAACR,yBAAyB,GAAGA,yBAAyB;IAC1D,IAAI,CAACC,QAAQ,GAAGA,QAAQ;IACxB,IAAI,CAACC,QAAQ,GAAGA,QAAQ;EAC1B;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMS,oBAAoBA,CAACC,GAAQ,EAAmB;IACpD,MAAMC,SAAS,GAAGxB,GAAG,CAACyB,KAAK,CAACF,GAAG,CAAC;IAChC,MAAMG,aAAa,GAAG,MAAM3B,UAAU,CAACyB,SAAS,CAAC;IACjD,MAAMG,SAAS,GAAG;MAAE,GAAGH,SAAS;MAAEI,GAAG,EAAEF;IAAc,CAAC;IACtD,MAAMG,aAAa,GAAG,MAAMhC,cAAc,CAAC,IAAI,CAACuB,YAAY,CAAC;IAE7D,MAAMU,iBAAiB,GAAG,IAAIhC,OAAO,CAAC;MACpCiC,qBAAqB,EACnB,wDAAwD;MAC1DC,qBAAqB,EAAE,CACrB;QACEC,oBAAoB,EAAE;UACpBC,IAAI,EAAE,CAAC,iBAAiB;QAC1B,CAAC;QACDC,MAAM,EAAE,WAAW;QACnBD,IAAI,EAAE;MACR,CAAC,CACF;MACDE,aAAa,EAAE,MAAM;MACrBC,qBAAqB,EAAE,MAAM;MAC7BC,YAAY,EAAE,IAAI,CAAC5B,qBAAqB;MACxCQ,KAAK,EAAE,IAAI,CAACA,KAAK;MACjBqB,SAAS,EAAE,IAAI,CAAC3B,QAAQ;MACxB4B,cAAc,EAAEX;IAClB,CAAC,CAAC,CACCY,kBAAkB,CAAC;MAClBC,GAAG,EAAE,OAAO;MACZd,GAAG,EAAED,SAAS,CAACC;IACjB,CAAC,CAAC,CACDe,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,MAAM,CAAC,CAAC;IAEX,OAAOf,iBAAiB;EAC1B;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMgB,MAAMA,CAAChB,iBAAyB,EAAEiB,SAAiB,EAAmB;IAC1E,MAAMlB,aAAa,GAAG,MAAMhC,cAAc,CAAC,IAAI,CAACuB,YAAY,CAAC;IAC7D,MAAM4B,eAAe,GAAG,MAAMlD,OAAO,CAACmD,eAAe,CACnDnB,iBAAiB,EACjBiB,SACF,CAAC;IAED,MAAMG,MAAM,GAAG,IAAIC,GAAG,CAAC,SAAS,EAAE,IAAI,CAAC1C,kBAAkB,CAAC,CAAC2C,IAAI;IAE/D,MAAMC,WAAW,GAAG;MAClBjB,aAAa,EAAE,MAAM;MACrBG,SAAS,EAAE,IAAI,CAAC3B,QAAQ;MACxB4B,cAAc,EAAEX,aAAa;MAC7BQ,qBAAqB,EAAE,MAAM;MAC7BN,qBAAqB,EACnB,wDAAwD;MAC1DuB,gBAAgB,EAAE,IAAI,CAAC3C,yBAAyB;MAChD4C,OAAO,EAAEP;IACX,CAAC;IAED,IAAIQ,QAAQ,GAAG,IAAIC,eAAe,CAACJ,WAAW,CAAC;IAE/C,MAAMK,QAAQ,GAAG,MAAM,IAAI,CAAC7C,QAAQ,CAACqC,MAAM,EAAE;MAC3CS,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE;MAClB,CAAC;MACDC,IAAI,EAAEL,QAAQ,CAACM,QAAQ,CAAC;IAC1B,CAAC,CAAC;IAEF,IAAIJ,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAMC,MAAM,GAAG,MAAMN,QAAQ,CAACO,IAAI,CAAC,CAAC;MACpC,OAAOD,MAAM,CAACE,WAAW;IAC3B;IAEA,MAAM,IAAIhE,eAAe,CACtB,wCAAuC,MAAMwD,QAAQ,CAACS,IAAI,CAAC,CAAE,EAChE,CAAC;EACH;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMC,eAAeA,CAAC7C,GAAQ,EAAmB;IAC/C,MAAM8C,QAAQ,GAAG,IAAIlB,GAAG,CAAC,QAAQ,EAAE,IAAI,CAAC1C,kBAAkB,CAAC,CAAC2C,IAAI;IAChE,MAAMkB,IAAI,GAAGnE,eAAe,CAACoB,GAAG,EAAE;MAChCgD,GAAG,EAAE,MAAM;MACXC,GAAG,EAAEH,QAAQ;MACbI,GAAG,EAAG,GAAExE,IAAI,CAACkB,EAAE,CAAC,CAAE;IACpB,CAAC,CAAC;IACF,OAAOmD,IAAI;EACb;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;EACE,MAAMI,YAAYA,CAAA,EAA2B;IAC3C;IACA,MAAMC,UAAU,GAAI,GAAE1E,IAAI,CAACkB,EAAE,CAAC,CAAE,EAAC;IACjC,MAAMyD,OAAO,GAAG,MAAMvE,QAAQ,CAACsE,UAAU,CAAC;IAC1C,MAAME,oBAAoB,GAAG,MAAM,IAAI,CAACT,eAAe,CAACQ,OAAO,CAAC;IAChE,MAAME,kBAAkB,GAAG,MAAM1E,IAAI,CAACyE,oBAAoB,EAAEF,UAAU,CAAC;IACvE,MAAMrE,SAAS,CAACqE,UAAU,CAAC;IAE3B,MAAMI,UAAU,GAAG,MAAMjF,OAAO,CAACmD,eAAe,CAC9C4B,oBAAoB,EACpBC,kBACF,CAAC;IACD,MAAME,cAAc,GAAGpF,SAAS,CAACmF,UAAU,CAAC;IAC5C,MAAMV,QAAQ,GAAGW,cAAc,CAACC,OAAO,CAACT,GAAa;IACrD,MAAMnB,WAAW,GAAG;MAClB6B,UAAU,EAAE,oBAAoB;MAChC3C,SAAS,EAAE,IAAI,CAAC3B,QAAQ;MACxBuE,IAAI,EAAE,IAAI,CAAC9D,iBAAiB;MAC5B+D,aAAa,EAAE,IAAI,CAAChE,YAAY;MAChCW,qBAAqB,EACnB,wDAAwD;MAC1DuB,gBAAgB,EAAE,IAAI,CAAC3C,yBAAyB;MAChD2B,YAAY,EAAE,IAAI,CAAC5B;IACrB,CAAC;IACD,IAAI8C,QAAQ,GAAG,IAAIC,eAAe,CAACJ,WAAW,CAAC;IAE/C,MAAMK,QAAQ,GAAG,MAAM,IAAI,CAAC7C,QAAQ,CAACwD,QAAQ,EAAE;MAC7CV,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE,mCAAmC;QACnDyB,IAAI,EAAEN;MACR,CAAC;MACDlB,IAAI,EAAEL,QAAQ,CAACM,QAAQ,CAAC;IAC1B,CAAC,CAAC;IAEF,IAAIJ,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,OAAO,MAAML,QAAQ,CAACO,IAAI,CAAC,CAAC;IAC9B;IAEA,MAAM,IAAI/D,eAAe,CACtB,0CAAyC,MAAMwD,QAAQ,CAACS,IAAI,CAAC,CAAE,EAClE,CAAC;EACH;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMmB,qBAAqBA,CAACC,KAAa,EAAmB;IAC1D,MAAMC,aAAa,GAAG,IAAI1F,OAAO,CAAC;MAChCyF;IACF,CAAC,CAAC,CACC9C,kBAAkB,CAAC;MAClBC,GAAG,EAAE,OAAO;MACZR,IAAI,EAAE;IACR,CAAC,CAAC,CACDuD,WAAW,CAAC,IAAI,CAAC/E,qBAAqB,CAAC,CACvCgF,SAAS,CAAC,IAAI,CAAC9E,QAAQ,CAAC,CACxB+B,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,MAAM,CAAC,CAAC;IACX,OAAO2C,aAAa;EACtB;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMG,aAAaA,CACjBC,kBAA0B,EAC1BC,gBAAwB,EACxBC,kBAA0B,EAC1BC,mBAA2B,EAC3BC,WAAmB,EACnBC,OAAgB,EACM;IACtB,MAAMC,gBAAgB,GAAG,MAAMpG,OAAO,CAACmD,eAAe,CACpD2C,kBAAkB,EAClBC,gBACF,CAAC;IACD,MAAMM,gBAAgB,GAAG,MAAMrG,OAAO,CAACmD,eAAe,CACpD6C,kBAAkB,EAClBC,mBACF,CAAC;IACD,MAAMK,aAAa,GAAG,IAAIjD,GAAG,CAAC,aAAa,EAAE,IAAI,CAAC1C,kBAAkB,CAAC,CAAC2C,IAAI;IAE1E,MAAMC,WAAW,GAAG;MAClBgD,qBAAqB,EAAEC,IAAI,CAACC,SAAS,CAAC;QAAErE,IAAI,EAAE,CAAC,iBAAiB;MAAE,CAAC,CAAC;MACpEC,MAAM,EAAE,WAAW;MACnBqE,KAAK,EAAEF,IAAI,CAACC,SAAS,CAAC;QACpBE,GAAG,EAAEN,gBAAgB;QACrBF,OAAO;QACPS,UAAU,EAAE;MACd,CAAC;IACH,CAAC;IACD,MAAMlD,QAAQ,GAAG,IAAIC,eAAe,CAACJ,WAAW,CAAC;IAEjD,MAAMK,QAAQ,GAAG,MAAM,IAAI,CAAC7C,QAAQ,CAACuF,aAAa,EAAE;MAClDzC,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE,mCAAmC;QACnDyB,IAAI,EAAEa,gBAAgB;QACtBS,aAAa,EAAEX;MACjB,CAAC;MACDnC,IAAI,EAAEL,QAAQ,CAACM,QAAQ,CAAC;IAC1B,CAAC,CAAC;IAEF,IAAIJ,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,OAAO,MAAML,QAAQ,CAACO,IAAI,CAAC,CAAC;IAC9B;IAEA,MAAM,IAAI/D,eAAe,CAAE,8BAA6B,CAAC;EAC3D;AACF"}
|
@@ -0,0 +1,16 @@
|
|
1
|
+
import { RelyingPartySolution } from "..";
|
2
|
+
import { AuthRequestDecodeError } from "../../utils/errors";
|
3
|
+
const walletInstanceAttestation = "eyJhbGciOiJFUzI1NiIsImtpZCI6IjV0NVlZcEJoTi1FZ0lFRUk1aVV6cjZyME1SMDJMblZRME9tZWttTktjalkiLCJ0cnVzdF9jaGFpbiI6WyJleUpoYkdjaU9pSkZVei4uLjZTMEEiLCJleUpoYkdjaU9pSkZVei4uLmpKTEEiLCJleUpoYkdjaU9pSkZVei4uLkg5Z3ciXSwidHlwIjoidmErand0IiwieDVjIjpbIk1JSUJqRENDIC4uLiBYRmVoZ0tRQT09Il19.eyJpc3MiOiJodHRwczovL3dhbGxldC1wcm92aWRlci5leGFtcGxlLm9yZyIsInN1YiI6InZiZVhKa3NNNDV4cGh0QU5uQ2lHNm1DeXVVNGpmR056b3BHdUt2b2dnOWMiLCJ0eXBlIjoiV2FsbGV0SW5zdGFuY2VBdHRlc3RhdGlvbiIsInBvbGljeV91cmkiOiJodHRwczovL3dhbGxldC1wcm92aWRlci5leGFtcGxlLm9yZy9wcml2YWN5X3BvbGljeSIsInRvc191cmkiOiJodHRwczovL3dhbGxldC1wcm92aWRlci5leGFtcGxlLm9yZy9pbmZvX3BvbGljeSIsImxvZ29fdXJpIjoiaHR0cHM6Ly93YWxsZXQtcHJvdmlkZXIuZXhhbXBsZS5vcmcvbG9nby5zdmciLCJhc2MiOiJodHRwczovL3dhbGxldC1wcm92aWRlci5leGFtcGxlLm9yZy9Mb0EvYmFzaWMiLCJjbmYiOnsiandrIjp7ImNydiI6IlAtMjU2Iiwia3R5IjoiRUMiLCJ4IjoiNEhOcHRJLXhyMnBqeVJKS0dNbno0V21kblFEX3VKU3E0Ujk1Tmo5OGI0NCIsInkiOiJMSVpuU0IzOXZGSmhZZ1MzazdqWEU0cjMtQ29HRlF3WnRQQklScXBObHJnIiwia2lkIjoidmJlWEprc000NXhwaHRBTm5DaUc2bUN5dVU0amZHTnpvcEd1S3ZvZ2c5YyJ9fSwiYXV0aG9yaXphdGlvbl9lbmRwb2ludCI6ImV1ZGl3OiIsInJlc3BvbnNlX3R5cGVzX3N1cHBvcnRlZCI6WyJ2cF90b2tlbiJdLCJ2cF9mb3JtYXRzX3N1cHBvcnRlZCI6eyJqd3RfdnBfanNvbiI6eyJhbGdfdmFsdWVzX3N1cHBvcnRlZCI6WyJFUzI1NiJdfSwiand0X3ZjX2pzb24iOnsiYWxnX3ZhbHVlc19zdXBwb3J0ZWQiOlsiRVMyNTYiXX19LCJyZXF1ZXN0X29iamVjdF9zaWduaW5nX2FsZ192YWx1ZXNfc3VwcG9ydGVkIjpbIkVTMjU2Il0sInByZXNlbnRhdGlvbl9kZWZpbml0aW9uX3VyaV9zdXBwb3J0ZWQiOmZhbHNlLCJpYXQiOjE2ODcyODExOTUsImV4cCI6MTY4NzI4ODM5NX0.OTuPik6p3o9j6VOx-uCyxRvHwoh1pDiiZcBQFNQt2uE3dK-8izGNflJVETi_uhGSZOf25Enkq-UvEin9NrbJNw";
|
4
|
+
const rp = new RelyingPartySolution("http://rp.example", walletInstanceAttestation);
|
5
|
+
describe("decodeAuthRequestQR", () => {
|
6
|
+
it("should return authentication request URL", async () => {
|
7
|
+
const qrcode = "ZXVkaXc6Ly9hdXRob3JpemU/Y2xpZW50X2lkPWh0dHBzOi8vdmVyaWZpZXIuZXhhbXBsZS5vcmcmcmVxdWVzdF91cmk9aHR0cHM6Ly92ZXJpZmllci5leGFtcGxlLm9yZy9yZXF1ZXN0X3VyaQ==";
|
8
|
+
const result = rp.decodeAuthRequestQR(qrcode);
|
9
|
+
expect(result).toEqual("https://verifier.example.org/request_uri");
|
10
|
+
});
|
11
|
+
it("should throw exception with invalid QR", async () => {
|
12
|
+
const qrcode = "aHR0cDovL2dvb2dsZS5pdA==";
|
13
|
+
expect(() => rp.decodeAuthRequestQR(qrcode)).toThrowError(AuthRequestDecodeError);
|
14
|
+
});
|
15
|
+
});
|
16
|
+
//# sourceMappingURL=index.test.js.map
|
@@ -0,0 +1 @@
|
|
1
|
+
{"version":3,"names":["RelyingPartySolution","AuthRequestDecodeError","walletInstanceAttestation","rp","describe","it","qrcode","result","decodeAuthRequestQR","expect","toEqual","toThrowError"],"sourceRoot":"../../../../src","sources":["rp/__test__/index.test.ts"],"mappings":"AAAA,SAASA,oBAAoB,QAAQ,IAAI;AACzC,SAASC,sBAAsB,QAAQ,oBAAoB;AAE3D,MAAMC,yBAAyB,GAC7B,qhDAAqhD;AACvhD,MAAMC,EAAE,GAAG,IAAIH,oBAAoB,CACjC,mBAAmB,EACnBE,yBACF,CAAC;AACDE,QAAQ,CAAC,qBAAqB,EAAE,MAAM;EACpCC,EAAE,CAAC,0CAA0C,EAAE,YAAY;IACzD,MAAMC,MAAM,GACV,sJAAsJ;IACxJ,MAAMC,MAAM,GAAGJ,EAAE,CAACK,mBAAmB,CAACF,MAAM,CAAC;IAC7CG,MAAM,CAACF,MAAM,CAAC,CAACG,OAAO,CAAC,0CAA0C,CAAC;EACpE,CAAC,CAAC;EACFL,EAAE,CAAC,wCAAwC,EAAE,YAAY;IACvD,MAAMC,MAAM,GAAG,0BAA0B;IACzCG,MAAM,CAAC,MAAMN,EAAE,CAACK,mBAAmB,CAACF,MAAM,CAAC,CAAC,CAACK,YAAY,CACvDV,sBACF,CAAC;EACH,CAAC,CAAC;AACJ,CAAC,CAAC"}
|
@@ -0,0 +1,108 @@
|
|
1
|
+
import { AuthRequestDecodeError, IoWalletError } from "../utils/errors";
|
2
|
+
import { decode as decodeJwt, decodeBase64, sha256ToBase64, SignJWT } from "@pagopa/io-react-native-jwt";
|
3
|
+
import { RequestObject, RpEntityConfiguration } from "./types";
|
4
|
+
import uuid from "react-native-uuid";
|
5
|
+
export class RelyingPartySolution {
|
6
|
+
constructor(relyingPartyBaseUrl, walletInstanceAttestation) {
|
7
|
+
let appFetch = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : fetch;
|
8
|
+
this.relyingPartyBaseUrl = relyingPartyBaseUrl;
|
9
|
+
this.walletInstanceAttestation = walletInstanceAttestation;
|
10
|
+
this.appFetch = appFetch;
|
11
|
+
}
|
12
|
+
|
13
|
+
/**
|
14
|
+
* Decode a QR code content to an authentication request url.
|
15
|
+
* @function
|
16
|
+
* @param qrcode QR code content
|
17
|
+
*
|
18
|
+
* @returns The authentication request url
|
19
|
+
*
|
20
|
+
*/
|
21
|
+
decodeAuthRequestQR(qrcode) {
|
22
|
+
try {
|
23
|
+
const decoded = decodeBase64(qrcode);
|
24
|
+
const decodedUrl = new URL(decoded);
|
25
|
+
const requestUri = decodedUrl.searchParams.get("request_uri");
|
26
|
+
if (requestUri) {
|
27
|
+
return requestUri;
|
28
|
+
} else {
|
29
|
+
throw new AuthRequestDecodeError("Unable to obtain request_uri from QR code", `${decodedUrl}`);
|
30
|
+
}
|
31
|
+
} catch {
|
32
|
+
throw new AuthRequestDecodeError("Unable to decode QR code authentication request url", qrcode);
|
33
|
+
}
|
34
|
+
}
|
35
|
+
/**
|
36
|
+
* Obtain the unsigned wallet instance DPoP for authentication request
|
37
|
+
*
|
38
|
+
* @function
|
39
|
+
* @param walletInstanceAttestationJwk JWT of the Wallet Instance Attestation
|
40
|
+
* @param authRequestUrl authentication request url
|
41
|
+
*
|
42
|
+
* @returns The unsigned wallet instance DPoP
|
43
|
+
*
|
44
|
+
*/
|
45
|
+
async getUnsignedWalletInstanceDPoP(walletInstanceAttestationJwk, authRequestUrl) {
|
46
|
+
return await new SignJWT({
|
47
|
+
jti: `${uuid.v4()}`,
|
48
|
+
htm: "GET",
|
49
|
+
htu: authRequestUrl,
|
50
|
+
ath: await sha256ToBase64(this.walletInstanceAttestation)
|
51
|
+
}).setProtectedHeader({
|
52
|
+
alg: "ES256",
|
53
|
+
jwk: walletInstanceAttestationJwk,
|
54
|
+
typ: "dpop+jwt"
|
55
|
+
}).setIssuedAt().setExpirationTime("1h").toSign();
|
56
|
+
}
|
57
|
+
|
58
|
+
/**
|
59
|
+
* Obtain the Request Object for RP authentication
|
60
|
+
*
|
61
|
+
* @function
|
62
|
+
* @param signedWalletInstanceDPoP JWT of the Wallet Instance Attestation DPoP
|
63
|
+
*
|
64
|
+
* @returns The Request Object JWT
|
65
|
+
*
|
66
|
+
*/
|
67
|
+
async getRequestObject(signedWalletInstanceDPoP) {
|
68
|
+
const decodedJwtDPop = await decodeJwt(signedWalletInstanceDPoP);
|
69
|
+
const requestUri = decodedJwtDPop.payload.htu;
|
70
|
+
const response = await this.appFetch(requestUri, {
|
71
|
+
method: "GET",
|
72
|
+
headers: {
|
73
|
+
Authorization: `DPoP ${this.walletInstanceAttestation}`,
|
74
|
+
DPoP: signedWalletInstanceDPoP
|
75
|
+
}
|
76
|
+
});
|
77
|
+
if (response.status === 200) {
|
78
|
+
const responseText = await response.text();
|
79
|
+
const responseJwt = await decodeJwt(responseText);
|
80
|
+
const requestObj = RequestObject.parse({
|
81
|
+
header: responseJwt.protectedHeader,
|
82
|
+
payload: responseJwt.payload
|
83
|
+
});
|
84
|
+
return requestObj;
|
85
|
+
}
|
86
|
+
throw new IoWalletError(`Unable to obtain Request Object. Response code: ${response.status}`);
|
87
|
+
}
|
88
|
+
|
89
|
+
/**
|
90
|
+
* Obtain the relying party entity configuration.
|
91
|
+
*/
|
92
|
+
async getEntityConfiguration() {
|
93
|
+
const wellKnownUrl = new URL("/.well-known/openid-federation", this.relyingPartyBaseUrl).href;
|
94
|
+
const response = await this.appFetch(wellKnownUrl, {
|
95
|
+
method: "GET"
|
96
|
+
});
|
97
|
+
if (response.status === 200) {
|
98
|
+
const responseText = await response.text();
|
99
|
+
const responseJwt = await decodeJwt(responseText);
|
100
|
+
return RpEntityConfiguration.parse({
|
101
|
+
header: responseJwt.protectedHeader,
|
102
|
+
payload: responseJwt.payload
|
103
|
+
});
|
104
|
+
}
|
105
|
+
throw new IoWalletError(`Unable to obtain RP Entity Configuration. Response code: ${response.status}`);
|
106
|
+
}
|
107
|
+
}
|
108
|
+
//# sourceMappingURL=index.js.map
|
@@ -0,0 +1 @@
|
|
1
|
+
{"version":3,"names":["AuthRequestDecodeError","IoWalletError","decode","decodeJwt","decodeBase64","sha256ToBase64","SignJWT","RequestObject","RpEntityConfiguration","uuid","RelyingPartySolution","constructor","relyingPartyBaseUrl","walletInstanceAttestation","appFetch","arguments","length","undefined","fetch","decodeAuthRequestQR","qrcode","decoded","decodedUrl","URL","requestUri","searchParams","get","getUnsignedWalletInstanceDPoP","walletInstanceAttestationJwk","authRequestUrl","jti","v4","htm","htu","ath","setProtectedHeader","alg","jwk","typ","setIssuedAt","setExpirationTime","toSign","getRequestObject","signedWalletInstanceDPoP","decodedJwtDPop","payload","response","method","headers","Authorization","DPoP","status","responseText","text","responseJwt","requestObj","parse","header","protectedHeader","getEntityConfiguration","wellKnownUrl","href"],"sourceRoot":"../../../src","sources":["rp/index.ts"],"mappings":"AAAA,SAASA,sBAAsB,EAAEC,aAAa,QAAQ,iBAAiB;AACvE,SACEC,MAAM,IAAIC,SAAS,EACnBC,YAAY,EACZC,cAAc,EACdC,OAAO,QACF,6BAA6B;AACpC,SAASC,aAAa,EAAEC,qBAAqB,QAAQ,SAAS;AAE9D,OAAOC,IAAI,MAAM,mBAAmB;AAGpC,OAAO,MAAMC,oBAAoB,CAAC;EAKhCC,WAAWA,CACTC,mBAA2B,EAC3BC,yBAAiC,EAEjC;IAAA,IADAC,QAA8B,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAGG,KAAK;IAEtC,IAAI,CAACN,mBAAmB,GAAGA,mBAAmB;IAC9C,IAAI,CAACC,yBAAyB,GAAGA,yBAAyB;IAC1D,IAAI,CAACC,QAAQ,GAAGA,QAAQ;EAC1B;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;EACEK,mBAAmBA,CAACC,MAAc,EAAU;IAC1C,IAAI;MACF,MAAMC,OAAO,GAAGjB,YAAY,CAACgB,MAAM,CAAC;MACpC,MAAME,UAAU,GAAG,IAAIC,GAAG,CAACF,OAAO,CAAC;MACnC,MAAMG,UAAU,GAAGF,UAAU,CAACG,YAAY,CAACC,GAAG,CAAC,aAAa,CAAC;MAC7D,IAAIF,UAAU,EAAE;QACd,OAAOA,UAAU;MACnB,CAAC,MAAM;QACL,MAAM,IAAIxB,sBAAsB,CAC9B,2CAA2C,EAC1C,GAAEsB,UAAW,EAChB,CAAC;MACH;IACF,CAAC,CAAC,MAAM;MACN,MAAM,IAAItB,sBAAsB,CAC9B,qDAAqD,EACrDoB,MACF,CAAC;IACH;EACF;EACA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMO,6BAA6BA,CACjCC,4BAAiC,EACjCC,cAAsB,EACL;IACjB,OAAO,MAAM,IAAIvB,OAAO,CAAC;MACvBwB,GAAG,EAAG,GAAErB,IAAI,CAACsB,EAAE,CAAC,CAAE,EAAC;MACnBC,GAAG,EAAE,KAAK;MACVC,GAAG,EAAEJ,cAAc;MACnBK,GAAG,EAAE,MAAM7B,cAAc,CAAC,IAAI,CAACQ,yBAAyB;IAC1D,CAAC,CAAC,CACCsB,kBAAkB,CAAC;MAClBC,GAAG,EAAE,OAAO;MACZC,GAAG,EAAET,4BAA4B;MACjCU,GAAG,EAAE;IACP,CAAC,CAAC,CACDC,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,MAAM,CAAC,CAAC;EACb;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMC,gBAAgBA,CACpBC,wBAAgC,EACR;IACxB,MAAMC,cAAc,GAAG,MAAMzC,SAAS,CAACwC,wBAAwB,CAAC;IAChE,MAAMnB,UAAU,GAAGoB,cAAc,CAACC,OAAO,CAACZ,GAAa;IAEvD,MAAMa,QAAQ,GAAG,MAAM,IAAI,CAAChC,QAAQ,CAACU,UAAU,EAAE;MAC/CuB,MAAM,EAAE,KAAK;MACbC,OAAO,EAAE;QACPC,aAAa,EAAG,QAAO,IAAI,CAACpC,yBAA0B,EAAC;QACvDqC,IAAI,EAAEP;MACR;IACF,CAAC,CAAC;IAEF,IAAIG,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAMC,YAAY,GAAG,MAAMN,QAAQ,CAACO,IAAI,CAAC,CAAC;MAC1C,MAAMC,WAAW,GAAG,MAAMnD,SAAS,CAACiD,YAAY,CAAC;MACjD,MAAMG,UAAU,GAAGhD,aAAa,CAACiD,KAAK,CAAC;QACrCC,MAAM,EAAEH,WAAW,CAACI,eAAe;QACnCb,OAAO,EAAES,WAAW,CAACT;MACvB,CAAC,CAAC;MACF,OAAOU,UAAU;IACnB;IAEA,MAAM,IAAItD,aAAa,CACpB,mDAAkD6C,QAAQ,CAACK,MAAO,EACrE,CAAC;EACH;;EAEA;AACF;AACA;EACE,MAAMQ,sBAAsBA,CAAA,EAAmC;IAC7D,MAAMC,YAAY,GAAG,IAAIrC,GAAG,CAC1B,gCAAgC,EAChC,IAAI,CAACX,mBACP,CAAC,CAACiD,IAAI;IAEN,MAAMf,QAAQ,GAAG,MAAM,IAAI,CAAChC,QAAQ,CAAC8C,YAAY,EAAE;MACjDb,MAAM,EAAE;IACV,CAAC,CAAC;IAEF,IAAID,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAMC,YAAY,GAAG,MAAMN,QAAQ,CAACO,IAAI,CAAC,CAAC;MAC1C,MAAMC,WAAW,GAAG,MAAMnD,SAAS,CAACiD,YAAY,CAAC;MACjD,OAAO5C,qBAAqB,CAACgD,KAAK,CAAC;QACjCC,MAAM,EAAEH,WAAW,CAACI,eAAe;QACnCb,OAAO,EAAES,WAAW,CAACT;MACvB,CAAC,CAAC;IACJ;IAEA,MAAM,IAAI5C,aAAa,CACpB,4DAA2D6C,QAAQ,CAACK,MAAO,EAC9E,CAAC;EACH;AACF"}
|
@@ -0,0 +1,63 @@
|
|
1
|
+
import { JWK } from "../utils/jwk";
|
2
|
+
import { UnixTime } from "../sd-jwt/types";
|
3
|
+
import * as z from "zod";
|
4
|
+
export const RequestObject = z.object({
|
5
|
+
header: z.object({
|
6
|
+
typ: z.literal("JWT"),
|
7
|
+
alg: z.string(),
|
8
|
+
kid: z.string(),
|
9
|
+
trust_chain: z.array(z.string())
|
10
|
+
}),
|
11
|
+
payload: z.object({
|
12
|
+
iss: z.string(),
|
13
|
+
iat: UnixTime,
|
14
|
+
exp: UnixTime,
|
15
|
+
state: z.string(),
|
16
|
+
nonce: z.string(),
|
17
|
+
response_uri: z.string(),
|
18
|
+
response_type: z.literal("vp_token"),
|
19
|
+
response_mode: z.literal("direct_post.jwt"),
|
20
|
+
client_id: z.string(),
|
21
|
+
client_id_scheme: z.literal("entity_id"),
|
22
|
+
scope: z.string()
|
23
|
+
})
|
24
|
+
});
|
25
|
+
|
26
|
+
// TODO: This types is WIP in technical rules
|
27
|
+
|
28
|
+
export const RpEntityConfiguration = z.object({
|
29
|
+
header: z.object({
|
30
|
+
typ: z.literal("entity-statement+jwt"),
|
31
|
+
alg: z.string(),
|
32
|
+
kid: z.string()
|
33
|
+
}),
|
34
|
+
payload: z.object({
|
35
|
+
exp: UnixTime,
|
36
|
+
iat: UnixTime,
|
37
|
+
iss: z.string(),
|
38
|
+
sub: z.string(),
|
39
|
+
jwks: z.object({
|
40
|
+
keys: z.array(JWK)
|
41
|
+
}),
|
42
|
+
metadata: z.object({
|
43
|
+
wallet_relying_party: z.object({
|
44
|
+
application_type: z.string(),
|
45
|
+
client_id: z.string(),
|
46
|
+
client_name: z.string(),
|
47
|
+
jwks: z.object({
|
48
|
+
keys: z.array(JWK)
|
49
|
+
}),
|
50
|
+
contacts: z.array(z.string())
|
51
|
+
}),
|
52
|
+
federation_entity: z.object({
|
53
|
+
organization_name: z.string(),
|
54
|
+
homepage_uri: z.string(),
|
55
|
+
policy_uri: z.string(),
|
56
|
+
logo_uri: z.string(),
|
57
|
+
contacts: z.array(z.string())
|
58
|
+
})
|
59
|
+
}),
|
60
|
+
authority_hints: z.array(z.string())
|
61
|
+
})
|
62
|
+
});
|
63
|
+
//# sourceMappingURL=types.js.map
|
@@ -0,0 +1 @@
|
|
1
|
+
{"version":3,"names":["JWK","UnixTime","z","RequestObject","object","header","typ","literal","alg","string","kid","trust_chain","array","payload","iss","iat","exp","state","nonce","response_uri","response_type","response_mode","client_id","client_id_scheme","scope","RpEntityConfiguration","sub","jwks","keys","metadata","wallet_relying_party","application_type","client_name","contacts","federation_entity","organization_name","homepage_uri","policy_uri","logo_uri","authority_hints"],"sourceRoot":"../../../src","sources":["rp/types.ts"],"mappings":"AAAA,SAASA,GAAG,QAAQ,cAAc;AAClC,SAASC,QAAQ,QAAQ,iBAAiB;AAC1C,OAAO,KAAKC,CAAC,MAAM,KAAK;AAGxB,OAAO,MAAMC,aAAa,GAAGD,CAAC,CAACE,MAAM,CAAC;EACpCC,MAAM,EAAEH,CAAC,CAACE,MAAM,CAAC;IACfE,GAAG,EAAEJ,CAAC,CAACK,OAAO,CAAC,KAAK,CAAC;IACrBC,GAAG,EAAEN,CAAC,CAACO,MAAM,CAAC,CAAC;IACfC,GAAG,EAAER,CAAC,CAACO,MAAM,CAAC,CAAC;IACfE,WAAW,EAAET,CAAC,CAACU,KAAK,CAACV,CAAC,CAACO,MAAM,CAAC,CAAC;EACjC,CAAC,CAAC;EACFI,OAAO,EAAEX,CAAC,CAACE,MAAM,CAAC;IAChBU,GAAG,EAAEZ,CAAC,CAACO,MAAM,CAAC,CAAC;IACfM,GAAG,EAAEd,QAAQ;IACbe,GAAG,EAAEf,QAAQ;IACbgB,KAAK,EAAEf,CAAC,CAACO,MAAM,CAAC,CAAC;IACjBS,KAAK,EAAEhB,CAAC,CAACO,MAAM,CAAC,CAAC;IACjBU,YAAY,EAAEjB,CAAC,CAACO,MAAM,CAAC,CAAC;IACxBW,aAAa,EAAElB,CAAC,CAACK,OAAO,CAAC,UAAU,CAAC;IACpCc,aAAa,EAAEnB,CAAC,CAACK,OAAO,CAAC,iBAAiB,CAAC;IAC3Ce,SAAS,EAAEpB,CAAC,CAACO,MAAM,CAAC,CAAC;IACrBc,gBAAgB,EAAErB,CAAC,CAACK,OAAO,CAAC,WAAW,CAAC;IACxCiB,KAAK,EAAEtB,CAAC,CAACO,MAAM,CAAC;EAClB,CAAC;AACH,CAAC,CAAC;;AAEF;;AAEA,OAAO,MAAMgB,qBAAqB,GAAGvB,CAAC,CAACE,MAAM,CAAC;EAC5CC,MAAM,EAAEH,CAAC,CAACE,MAAM,CAAC;IACfE,GAAG,EAAEJ,CAAC,CAACK,OAAO,CAAC,sBAAsB,CAAC;IACtCC,GAAG,EAAEN,CAAC,CAACO,MAAM,CAAC,CAAC;IACfC,GAAG,EAAER,CAAC,CAACO,MAAM,CAAC;EAChB,CAAC,CAAC;EACFI,OAAO,EAAEX,CAAC,CAACE,MAAM,CAAC;IAChBY,GAAG,EAAEf,QAAQ;IACbc,GAAG,EAAEd,QAAQ;IACba,GAAG,EAAEZ,CAAC,CAACO,MAAM,CAAC,CAAC;IACfiB,GAAG,EAAExB,CAAC,CAACO,MAAM,CAAC,CAAC;IACfkB,IAAI,EAAEzB,CAAC,CAACE,MAAM,CAAC;MACbwB,IAAI,EAAE1B,CAAC,CAACU,KAAK,CAACZ,GAAG;IACnB,CAAC,CAAC;IACF6B,QAAQ,EAAE3B,CAAC,CAACE,MAAM,CAAC;MACjB0B,oBAAoB,EAAE5B,CAAC,CAACE,MAAM,CAAC;QAC7B2B,gBAAgB,EAAE7B,CAAC,CAACO,MAAM,CAAC,CAAC;QAC5Ba,SAAS,EAAEpB,CAAC,CAACO,MAAM,CAAC,CAAC;QACrBuB,WAAW,EAAE9B,CAAC,CAACO,MAAM,CAAC,CAAC;QACvBkB,IAAI,EAAEzB,CAAC,CAACE,MAAM,CAAC;UACbwB,IAAI,EAAE1B,CAAC,CAACU,KAAK,CAACZ,GAAG;QACnB,CAAC,CAAC;QACFiC,QAAQ,EAAE/B,CAAC,CAACU,KAAK,CAACV,CAAC,CAACO,MAAM,CAAC,CAAC;MAC9B,CAAC,CAAC;MACFyB,iBAAiB,EAAEhC,CAAC,CAACE,MAAM,CAAC;QAC1B+B,iBAAiB,EAAEjC,CAAC,CAACO,MAAM,CAAC,CAAC;QAC7B2B,YAAY,EAAElC,CAAC,CAACO,MAAM,CAAC,CAAC;QACxB4B,UAAU,EAAEnC,CAAC,CAACO,MAAM,CAAC,CAAC;QACtB6B,QAAQ,EAAEpC,CAAC,CAACO,MAAM,CAAC,CAAC;QACpBwB,QAAQ,EAAE/B,CAAC,CAACU,KAAK,CAACV,CAAC,CAACO,MAAM,CAAC,CAAC;MAC9B,CAAC;IACH,CAAC,CAAC;IACF8B,eAAe,EAAErC,CAAC,CAACU,KAAK,CAACV,CAAC,CAACO,MAAM,CAAC,CAAC;EACrC,CAAC;AACH,CAAC,CAAC"}
|
@@ -1 +1 @@
|
|
1
|
-
{"version":3,"names":["JWK","z","UnixTime","number","min","max","ObfuscatedDisclosures","object","_sd","array","string","Disclosure","tuple","unknown","SdJwt4VC","header","typ","literal","alg","kid","trust_chain","payload","iss","sub","jti","iat","exp","status","cnf","jwk","type","verified_claims","verification","intersection","trust_framework","assurance_level","claims","_sd_alg"],"sourceRoot":"../../../src","sources":["sd-jwt/types.ts"],"mappings":"AAAA,SAASA,GAAG,QAAQ,cAAc;AAClC,SAASC,CAAC,QAAQ,KAAK;AAEvB,OAAO,MAAMC,QAAQ,GAAGD,CAAC,CAACE,MAAM,CAAC,CAAC,CAACC,GAAG,CAAC,CAAC,CAAC,CAACC,GAAG,CAAC,aAAa,CAAC;AAI5D,OAAO,MAAMC,qBAAqB,GAAGL,CAAC,CAACM,MAAM,CAAC;EAAEC,GAAG,EAAEP,CAAC,CAACQ,KAAK,CAACR,CAAC,CAACS,MAAM,CAAC,CAAC;AAAE,CAAC,CAAC;;AAE3E;AACA;AACA;AACA;AACA;AACA;;AAEA,OAAO,MAAMC,UAAU,GAAGV,CAAC,CAACW,KAAK,CAAC,CAChC,UAAWX,CAAC,CAACS,MAAM,CAAC,CAAC,EACrB,gBAAiBT,CAAC,CAACS,MAAM,CAAC,CAAC,EAC3B,iBAAkBT,CAAC,CAACY,OAAO,CAAC,CAAC,CAC9B,CAAC;AAGF,OAAO,MAAMC,QAAQ,GAAGb,CAAC,CAACM,MAAM,CAAC;EAC/BQ,MAAM,EAAEd,CAAC,CAACM,MAAM,CAAC;IACfS,GAAG,EAAEf,CAAC,CAACgB,OAAO,CAAC,WAAW,CAAC;IAC3BC,GAAG,EAAEjB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfS,GAAG,EAAElB,CAAC,CAACS,MAAM,CAAC,CAAC;
|
1
|
+
{"version":3,"names":["JWK","z","UnixTime","number","min","max","ObfuscatedDisclosures","object","_sd","array","string","Disclosure","tuple","unknown","SdJwt4VC","header","typ","literal","alg","kid","optional","trust_chain","payload","iss","sub","jti","iat","exp","status","cnf","jwk","type","verified_claims","verification","intersection","trust_framework","assurance_level","claims","_sd_alg"],"sourceRoot":"../../../src","sources":["sd-jwt/types.ts"],"mappings":"AAAA,SAASA,GAAG,QAAQ,cAAc;AAClC,SAASC,CAAC,QAAQ,KAAK;AAEvB,OAAO,MAAMC,QAAQ,GAAGD,CAAC,CAACE,MAAM,CAAC,CAAC,CAACC,GAAG,CAAC,CAAC,CAAC,CAACC,GAAG,CAAC,aAAa,CAAC;AAI5D,OAAO,MAAMC,qBAAqB,GAAGL,CAAC,CAACM,MAAM,CAAC;EAAEC,GAAG,EAAEP,CAAC,CAACQ,KAAK,CAACR,CAAC,CAACS,MAAM,CAAC,CAAC;AAAE,CAAC,CAAC;;AAE3E;AACA;AACA;AACA;AACA;AACA;;AAEA,OAAO,MAAMC,UAAU,GAAGV,CAAC,CAACW,KAAK,CAAC,CAChC,UAAWX,CAAC,CAACS,MAAM,CAAC,CAAC,EACrB,gBAAiBT,CAAC,CAACS,MAAM,CAAC,CAAC,EAC3B,iBAAkBT,CAAC,CAACY,OAAO,CAAC,CAAC,CAC9B,CAAC;AAGF,OAAO,MAAMC,QAAQ,GAAGb,CAAC,CAACM,MAAM,CAAC;EAC/BQ,MAAM,EAAEd,CAAC,CAACM,MAAM,CAAC;IACfS,GAAG,EAAEf,CAAC,CAACgB,OAAO,CAAC,WAAW,CAAC;IAC3BC,GAAG,EAAEjB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfS,GAAG,EAAElB,CAAC,CAACS,MAAM,CAAC,CAAC,CAACU,QAAQ,CAAC,CAAC;IAC1BC,WAAW,EAAEpB,CAAC,CAACQ,KAAK,CAACR,CAAC,CAACS,MAAM,CAAC,CAAC;EACjC,CAAC,CAAC;EACFY,OAAO,EAAErB,CAAC,CAACM,MAAM,CAAC;IAChBgB,GAAG,EAAEtB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfc,GAAG,EAAEvB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfe,GAAG,EAAExB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfgB,GAAG,EAAExB,QAAQ;IACbyB,GAAG,EAAEzB,QAAQ;IACb0B,MAAM,EAAE3B,CAAC,CAACS,MAAM,CAAC,CAAC;IAClBmB,GAAG,EAAE5B,CAAC,CAACM,MAAM,CAAC;MACZuB,GAAG,EAAE9B;IACP,CAAC,CAAC;IACF+B,IAAI,EAAE9B,CAAC,CAACgB,OAAO,CAAC,0BAA0B,CAAC;IAC3Ce,eAAe,EAAE/B,CAAC,CAACM,MAAM,CAAC;MACxB0B,YAAY,EAAEhC,CAAC,CAACiC,YAAY,CAC1BjC,CAAC,CAACM,MAAM,CAAC;QACP4B,eAAe,EAAElC,CAAC,CAACgB,OAAO,CAAC,OAAO,CAAC;QACnCmB,eAAe,EAAEnC,CAAC,CAACS,MAAM,CAAC;MAC5B,CAAC,CAAC,EACFJ,qBACF,CAAC;MACD+B,MAAM,EAAE/B;IACV,CAAC,CAAC;IACFgC,OAAO,EAAErC,CAAC,CAACgB,OAAO,CAAC,SAAS;EAC9B,CAAC;AACH,CAAC,CAAC"}
|