@pagopa/io-react-native-wallet 0.2.2 → 0.2.3
Sign up to get free protection for your applications and to get access to all the features.
- package/lib/commonjs/pid/issuing.js +28 -0
- package/lib/commonjs/pid/issuing.js.map +1 -1
- package/lib/commonjs/pid/metadata.js +51 -0
- package/lib/commonjs/pid/metadata.js.map +1 -0
- package/lib/commonjs/pid/sd-jwt/index.js +2 -1
- package/lib/commonjs/pid/sd-jwt/index.js.map +1 -1
- package/lib/commonjs/rp/index.js +148 -3
- package/lib/commonjs/rp/index.js.map +1 -1
- package/lib/commonjs/rp/types.js +4 -0
- package/lib/commonjs/rp/types.js.map +1 -1
- package/lib/commonjs/sd-jwt/__test__/index.test.js +119 -0
- package/lib/commonjs/sd-jwt/__test__/index.test.js.map +1 -0
- package/lib/commonjs/sd-jwt/index.js +84 -4
- package/lib/commonjs/sd-jwt/index.js.map +1 -1
- package/lib/commonjs/sd-jwt/types.js +9 -0
- package/lib/commonjs/sd-jwt/types.js.map +1 -1
- package/lib/commonjs/sd-jwt/verifier.js +7 -5
- package/lib/commonjs/sd-jwt/verifier.js.map +1 -1
- package/lib/commonjs/utils/errors.js +76 -1
- package/lib/commonjs/utils/errors.js.map +1 -1
- package/lib/module/pid/issuing.js +30 -2
- package/lib/module/pid/issuing.js.map +1 -1
- package/lib/module/pid/metadata.js +43 -0
- package/lib/module/pid/metadata.js.map +1 -0
- package/lib/module/pid/sd-jwt/index.js +3 -3
- package/lib/module/pid/sd-jwt/index.js.map +1 -1
- package/lib/module/rp/index.js +150 -5
- package/lib/module/rp/index.js.map +1 -1
- package/lib/module/rp/types.js +4 -0
- package/lib/module/rp/types.js.map +1 -1
- package/lib/module/sd-jwt/__test__/index.test.js +118 -0
- package/lib/module/sd-jwt/__test__/index.test.js.map +1 -0
- package/lib/module/sd-jwt/index.js +83 -3
- package/lib/module/sd-jwt/index.js.map +1 -1
- package/lib/module/sd-jwt/types.js +10 -0
- package/lib/module/sd-jwt/types.js.map +1 -1
- package/lib/module/sd-jwt/verifier.js +8 -6
- package/lib/module/sd-jwt/verifier.js.map +1 -1
- package/lib/module/utils/errors.js +71 -0
- package/lib/module/utils/errors.js.map +1 -1
- package/lib/typescript/src/index.d.ts.map +1 -0
- package/lib/typescript/src/pid/index.d.ts.map +1 -0
- package/lib/typescript/{pid → src/pid}/issuing.d.ts +9 -0
- package/lib/typescript/src/pid/issuing.d.ts.map +1 -0
- package/lib/typescript/src/pid/metadata.d.ts +528 -0
- package/lib/typescript/src/pid/metadata.d.ts.map +1 -0
- package/lib/typescript/src/pid/sd-jwt/converters.d.ts.map +1 -0
- package/lib/typescript/src/pid/sd-jwt/index.d.ts.map +1 -0
- package/lib/typescript/src/pid/sd-jwt/types.d.ts.map +1 -0
- package/lib/typescript/src/rp/__test__/index.test.d.ts.map +1 -0
- package/lib/typescript/src/rp/index.d.ts +89 -0
- package/lib/typescript/src/rp/index.d.ts.map +1 -0
- package/lib/typescript/{rp → src/rp}/types.d.ts +54 -47
- package/lib/typescript/{rp → src/rp}/types.d.ts.map +1 -1
- package/lib/typescript/src/sd-jwt/__test__/converters.test.d.ts.map +1 -0
- package/lib/typescript/src/sd-jwt/__test__/index.test.d.ts +2 -0
- package/lib/typescript/src/sd-jwt/__test__/index.test.d.ts.map +1 -0
- package/lib/typescript/src/sd-jwt/__test__/types.test.d.ts.map +1 -0
- package/lib/typescript/src/sd-jwt/converters.d.ts.map +1 -0
- package/lib/typescript/{sd-jwt → src/sd-jwt}/index.d.ts +22 -2
- package/lib/typescript/src/sd-jwt/index.d.ts.map +1 -0
- package/lib/typescript/{sd-jwt → src/sd-jwt}/types.d.ts +12 -0
- package/lib/typescript/src/sd-jwt/types.d.ts.map +1 -0
- package/lib/typescript/src/sd-jwt/verifier.d.ts +3 -0
- package/lib/typescript/src/sd-jwt/verifier.d.ts.map +1 -0
- package/lib/typescript/src/utils/dpop.d.ts.map +1 -0
- package/lib/typescript/{utils → src/utils}/errors.d.ts +41 -0
- package/lib/typescript/src/utils/errors.d.ts.map +1 -0
- package/lib/typescript/src/utils/jwk.d.ts.map +1 -0
- package/lib/typescript/src/wallet-instance-attestation/index.d.ts.map +1 -0
- package/lib/typescript/src/wallet-instance-attestation/issuing.d.ts.map +1 -0
- package/lib/typescript/{wallet-instance-attestation → src/wallet-instance-attestation}/types.d.ts +8 -8
- package/lib/typescript/{wallet-instance-attestation → src/wallet-instance-attestation}/types.d.ts.map +1 -1
- package/package.json +4 -3
- package/src/pid/issuing.ts +38 -1
- package/src/pid/metadata.ts +46 -0
- package/src/pid/sd-jwt/index.ts +6 -3
- package/src/rp/index.ts +189 -5
- package/src/rp/types.ts +8 -0
- package/src/sd-jwt/__test__/index.test.ts +171 -0
- package/src/sd-jwt/index.ts +84 -7
- package/src/sd-jwt/types.ts +13 -0
- package/src/sd-jwt/verifier.ts +5 -7
- package/src/utils/errors.ts +81 -0
- package/lib/typescript/index.d.ts.map +0 -1
- package/lib/typescript/pid/index.d.ts.map +0 -1
- package/lib/typescript/pid/issuing.d.ts.map +0 -1
- package/lib/typescript/pid/sd-jwt/converters.d.ts.map +0 -1
- package/lib/typescript/pid/sd-jwt/index.d.ts.map +0 -1
- package/lib/typescript/pid/sd-jwt/types.d.ts.map +0 -1
- package/lib/typescript/rp/__test__/index.test.d.ts.map +0 -1
- package/lib/typescript/rp/index.d.ts +0 -43
- package/lib/typescript/rp/index.d.ts.map +0 -1
- package/lib/typescript/sd-jwt/__test__/converters.test.d.ts.map +0 -1
- package/lib/typescript/sd-jwt/__test__/types.test.d.ts.map +0 -1
- package/lib/typescript/sd-jwt/converters.d.ts.map +0 -1
- package/lib/typescript/sd-jwt/index.d.ts.map +0 -1
- package/lib/typescript/sd-jwt/types.d.ts.map +0 -1
- package/lib/typescript/sd-jwt/verifier.d.ts +0 -3
- package/lib/typescript/sd-jwt/verifier.d.ts.map +0 -1
- package/lib/typescript/utils/dpop.d.ts.map +0 -1
- package/lib/typescript/utils/errors.d.ts.map +0 -1
- package/lib/typescript/utils/jwk.d.ts.map +0 -1
- package/lib/typescript/wallet-instance-attestation/index.d.ts.map +0 -1
- package/lib/typescript/wallet-instance-attestation/issuing.d.ts.map +0 -1
- /package/lib/typescript/{index.d.ts → src/index.d.ts} +0 -0
- /package/lib/typescript/{pid → src/pid}/index.d.ts +0 -0
- /package/lib/typescript/{pid → src/pid}/sd-jwt/converters.d.ts +0 -0
- /package/lib/typescript/{pid → src/pid}/sd-jwt/index.d.ts +0 -0
- /package/lib/typescript/{pid → src/pid}/sd-jwt/types.d.ts +0 -0
- /package/lib/typescript/{rp → src/rp}/__test__/index.test.d.ts +0 -0
- /package/lib/typescript/{sd-jwt → src/sd-jwt}/__test__/converters.test.d.ts +0 -0
- /package/lib/typescript/{sd-jwt → src/sd-jwt}/__test__/types.test.d.ts +0 -0
- /package/lib/typescript/{sd-jwt → src/sd-jwt}/converters.d.ts +0 -0
- /package/lib/typescript/{utils → src/utils}/dpop.d.ts +0 -0
- /package/lib/typescript/{utils → src/utils}/jwk.d.ts +0 -0
- /package/lib/typescript/{wallet-instance-attestation → src/wallet-instance-attestation}/index.d.ts +0 -0
- /package/lib/typescript/{wallet-instance-attestation → src/wallet-instance-attestation}/issuing.d.ts +0 -0
|
@@ -10,6 +10,7 @@ var _reactNativeUuid = _interopRequireDefault(require("react-native-uuid"));
|
|
|
10
10
|
var _errors = require("../utils/errors");
|
|
11
11
|
var _dpop = require("../utils/dpop");
|
|
12
12
|
var _ioReactNativeCrypto = require("@pagopa/io-react-native-crypto");
|
|
13
|
+
var _metadata = require("./metadata");
|
|
13
14
|
function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
|
|
14
15
|
// This is a temporary type that will be used for demo purposes only
|
|
15
16
|
|
|
@@ -226,6 +227,33 @@ class Issuing {
|
|
|
226
227
|
}
|
|
227
228
|
throw new _errors.PidIssuingError(`Unable to obtain credential!`);
|
|
228
229
|
}
|
|
230
|
+
|
|
231
|
+
/**
|
|
232
|
+
* Obtain the PID issuer metadata
|
|
233
|
+
*
|
|
234
|
+
* @function
|
|
235
|
+
* @returns PID issuer metadata
|
|
236
|
+
*
|
|
237
|
+
*/
|
|
238
|
+
async getEntityConfiguration() {
|
|
239
|
+
const metadataUrl = new URL(".well-known/openid-federation", this.pidProviderBaseUrl).href;
|
|
240
|
+
const response = await this.appFetch(metadataUrl);
|
|
241
|
+
if (response.status === 200) {
|
|
242
|
+
const jwtMetadata = await response.text();
|
|
243
|
+
const {
|
|
244
|
+
payload
|
|
245
|
+
} = (0, _ioReactNativeJwt.decode)(jwtMetadata);
|
|
246
|
+
const result = _metadata.PidIssuerEntityConfiguration.safeParse(payload);
|
|
247
|
+
if (result.success) {
|
|
248
|
+
const parsedMetadata = result.data;
|
|
249
|
+
await (0, _ioReactNativeJwt.verify)(jwtMetadata, parsedMetadata.jwks.keys);
|
|
250
|
+
return parsedMetadata;
|
|
251
|
+
} else {
|
|
252
|
+
throw new _errors.PidMetadataError(result.error.message);
|
|
253
|
+
}
|
|
254
|
+
}
|
|
255
|
+
throw new _errors.PidMetadataError(`Unable to obtain PID metadata. Response: ${await response.text()} with status: ${response.status}`);
|
|
256
|
+
}
|
|
229
257
|
}
|
|
230
258
|
exports.Issuing = Issuing;
|
|
231
259
|
//# sourceMappingURL=issuing.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_ioReactNativeJwt","require","_jwk","_reactNativeUuid","_interopRequireDefault","_errors","_dpop","_ioReactNativeCrypto","obj","__esModule","default","Issuing","constructor","pidProviderBaseUrl","walletProviderBaseUrl","walletInstanceAttestation","clientId","appFetch","arguments","length","undefined","fetch","state","uuid","v4","codeVerifier","authorizationCode","getUnsignedJwtForPar","jwk","parsedJwk","JWK","parse","keyThumbprint","thumbprint","publicKey","kid","codeChallenge","sha256ToBase64","unsignedJwtForPar","SignJWT","client_assertion_type","authorization_details","credentialDefinition","type","format","response_type","code_challenge_method","redirect_uri","client_id","code_challenge","setProtectedHeader","alg","setIssuedAt","setExpirationTime","toSign","getPar","signature","signedJwtForPar","appendSignature","parUrl","URL","href","requestBody","client_assertion","request","formBody","URLSearchParams","response","method","headers","body","toString","status","result","json","request_uri","PidIssuingError","text","getUnsignedDPoP","tokenUrl","dPop","getUnsignedDPop","htm","htu","jti","getAuthToken","dPopKeyTag","dPopKey","generate","unsignedDPopForToken","dPopTokenSignature","sign","deleteKey","signedDPop","decodedJwtDPop","decodeJwt","payload","grant_type","code","code_verifier","DPoP","getUnsignedNonceProof","nonce","unsignedProof","setAudience","setIssuer","getCredential","unsignedDPopForPid","dPopPidSignature","unsignedNonceProof","nonceProofSignature","accessToken","cieData","signedDPopForPid","signedNonceProof","credentialUrl","credential_definition","JSON","stringify","proof","jwt","proof_type","Authorization","exports"],"sourceRoot":"../../../src","sources":["pid/issuing.ts"],"mappings":";;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;
|
|
1
|
+
{"version":3,"names":["_ioReactNativeJwt","require","_jwk","_reactNativeUuid","_interopRequireDefault","_errors","_dpop","_ioReactNativeCrypto","_metadata","obj","__esModule","default","Issuing","constructor","pidProviderBaseUrl","walletProviderBaseUrl","walletInstanceAttestation","clientId","appFetch","arguments","length","undefined","fetch","state","uuid","v4","codeVerifier","authorizationCode","getUnsignedJwtForPar","jwk","parsedJwk","JWK","parse","keyThumbprint","thumbprint","publicKey","kid","codeChallenge","sha256ToBase64","unsignedJwtForPar","SignJWT","client_assertion_type","authorization_details","credentialDefinition","type","format","response_type","code_challenge_method","redirect_uri","client_id","code_challenge","setProtectedHeader","alg","setIssuedAt","setExpirationTime","toSign","getPar","signature","signedJwtForPar","appendSignature","parUrl","URL","href","requestBody","client_assertion","request","formBody","URLSearchParams","response","method","headers","body","toString","status","result","json","request_uri","PidIssuingError","text","getUnsignedDPoP","tokenUrl","dPop","getUnsignedDPop","htm","htu","jti","getAuthToken","dPopKeyTag","dPopKey","generate","unsignedDPopForToken","dPopTokenSignature","sign","deleteKey","signedDPop","decodedJwtDPop","decodeJwt","payload","grant_type","code","code_verifier","DPoP","getUnsignedNonceProof","nonce","unsignedProof","setAudience","setIssuer","getCredential","unsignedDPopForPid","dPopPidSignature","unsignedNonceProof","nonceProofSignature","accessToken","cieData","signedDPopForPid","signedNonceProof","credentialUrl","credential_definition","JSON","stringify","proof","jwt","proof_type","Authorization","getEntityConfiguration","metadataUrl","jwtMetadata","PidIssuerEntityConfiguration","safeParse","success","parsedMetadata","data","verifyJwt","jwks","keys","PidMetadataError","error","message","exports"],"sourceRoot":"../../../src","sources":["pid/issuing.ts"],"mappings":";;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AAOA,IAAAC,IAAA,GAAAD,OAAA;AACA,IAAAE,gBAAA,GAAAC,sBAAA,CAAAH,OAAA;AACA,IAAAI,OAAA,GAAAJ,OAAA;AACA,IAAAK,KAAA,GAAAL,OAAA;AACA,IAAAM,oBAAA,GAAAN,OAAA;AACA,IAAAO,SAAA,GAAAP,OAAA;AAA0D,SAAAG,uBAAAK,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAE1D;;AAgBO,MAAMG,OAAO,CAAC;EAUnBC,WAAWA,CACTC,kBAA0B,EAC1BC,qBAA6B,EAC7BC,yBAAiC,EACjCC,QAAgB,EAEhB;IAAA,IADAC,QAA8B,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAGG,KAAK;IAEtC,IAAI,CAACR,kBAAkB,GAAGA,kBAAkB;IAC5C,IAAI,CAACC,qBAAqB,GAAGA,qBAAqB;IAClD,IAAI,CAACQ,KAAK,GAAI,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;IAC3B,IAAI,CAACC,YAAY,GAAI,GAAEF,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;IAClC,IAAI,CAACE,iBAAiB,GAAI,GAAEH,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;IACvC,IAAI,CAACT,yBAAyB,GAAGA,yBAAyB;IAC1D,IAAI,CAACC,QAAQ,GAAGA,QAAQ;IACxB,IAAI,CAACC,QAAQ,GAAGA,QAAQ;EAC1B;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMU,oBAAoBA,CAACC,GAAQ,EAAmB;IACpD,MAAMC,SAAS,GAAGC,QAAG,CAACC,KAAK,CAACH,GAAG,CAAC;IAChC,MAAMI,aAAa,GAAG,MAAM,IAAAC,4BAAU,EAACJ,SAAS,CAAC;IACjD,MAAMK,SAAS,GAAG;MAAE,GAAGL,SAAS;MAAEM,GAAG,EAAEH;IAAc,CAAC;IACtD,MAAMI,aAAa,GAAG,MAAM,IAAAC,gCAAc,EAAC,IAAI,CAACZ,YAAY,CAAC;IAE7D,MAAMa,iBAAiB,GAAG,IAAIC,yBAAO,CAAC;MACpCC,qBAAqB,EACnB,wDAAwD;MAC1DC,qBAAqB,EAAE,CACrB;QACEC,oBAAoB,EAAE;UACpBC,IAAI,EAAE,CAAC,iBAAiB;QAC1B,CAAC;QACDC,MAAM,EAAE,WAAW;QACnBD,IAAI,EAAE;MACR,CAAC,CACF;MACDE,aAAa,EAAE,MAAM;MACrBC,qBAAqB,EAAE,MAAM;MAC7BC,YAAY,EAAE,IAAI,CAACjC,qBAAqB;MACxCQ,KAAK,EAAE,IAAI,CAACA,KAAK;MACjB0B,SAAS,EAAE,IAAI,CAAChC,QAAQ;MACxBiC,cAAc,EAAEb;IAClB,CAAC,CAAC,CACCc,kBAAkB,CAAC;MAClBC,GAAG,EAAE,OAAO;MACZhB,GAAG,EAAED,SAAS,CAACC;IACjB,CAAC,CAAC,CACDiB,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,MAAM,CAAC,CAAC;IAEX,OAAOhB,iBAAiB;EAC1B;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMiB,MAAMA,CAACjB,iBAAyB,EAAEkB,SAAiB,EAAmB;IAC1E,MAAMpB,aAAa,GAAG,MAAM,IAAAC,gCAAc,EAAC,IAAI,CAACZ,YAAY,CAAC;IAC7D,MAAMgC,eAAe,GAAG,MAAMlB,yBAAO,CAACmB,eAAe,CACnDpB,iBAAiB,EACjBkB,SACF,CAAC;IAED,MAAMG,MAAM,GAAG,IAAIC,GAAG,CAAC,SAAS,EAAE,IAAI,CAAC/C,kBAAkB,CAAC,CAACgD,IAAI;IAE/D,MAAMC,WAAW,GAAG;MAClBjB,aAAa,EAAE,MAAM;MACrBG,SAAS,EAAE,IAAI,CAAChC,QAAQ;MACxBiC,cAAc,EAAEb,aAAa;MAC7BU,qBAAqB,EAAE,MAAM;MAC7BN,qBAAqB,EACnB,wDAAwD;MAC1DuB,gBAAgB,EAAE,IAAI,CAAChD,yBAAyB;MAChDiD,OAAO,EAAEP;IACX,CAAC;IAED,IAAIQ,QAAQ,GAAG,IAAIC,eAAe,CAACJ,WAAW,CAAC;IAE/C,MAAMK,QAAQ,GAAG,MAAM,IAAI,CAAClD,QAAQ,CAAC0C,MAAM,EAAE;MAC3CS,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE;MAClB,CAAC;MACDC,IAAI,EAAEL,QAAQ,CAACM,QAAQ,CAAC;IAC1B,CAAC,CAAC;IAEF,IAAIJ,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAMC,MAAM,GAAG,MAAMN,QAAQ,CAACO,IAAI,CAAC,CAAC;MACpC,OAAOD,MAAM,CAACE,WAAW;IAC3B;IAEA,MAAM,IAAIC,uBAAe,CACtB,wCAAuC,MAAMT,QAAQ,CAACU,IAAI,CAAC,CAAE,EAChE,CAAC;EACH;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMC,eAAeA,CAAClD,GAAQ,EAAmB;IAC/C,MAAMmD,QAAQ,GAAG,IAAInB,GAAG,CAAC,QAAQ,EAAE,IAAI,CAAC/C,kBAAkB,CAAC,CAACgD,IAAI;IAChE,MAAMmB,IAAI,GAAG,IAAAC,qBAAe,EAACrD,GAAG,EAAE;MAChCsD,GAAG,EAAE,MAAM;MACXC,GAAG,EAAEJ,QAAQ;MACbK,GAAG,EAAG,GAAE7D,wBAAI,CAACC,EAAE,CAAC,CAAE;IACpB,CAAC,CAAC;IACF,OAAOwD,IAAI;EACb;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;EACE,MAAMK,YAAYA,CAAA,EAA2B;IAC3C;IACA,MAAMC,UAAU,GAAI,GAAE/D,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;IACjC,MAAM+D,OAAO,GAAG,MAAM,IAAAC,6BAAQ,EAACF,UAAU,CAAC;IAC1C,MAAMG,oBAAoB,GAAG,MAAM,IAAI,CAACX,eAAe,CAACS,OAAO,CAAC;IAChE,MAAMG,kBAAkB,GAAG,MAAM,IAAAC,yBAAI,EAACF,oBAAoB,EAAEH,UAAU,CAAC;IACvE,MAAM,IAAAM,8BAAS,EAACN,UAAU,CAAC;IAE3B,MAAMO,UAAU,GAAG,MAAMtD,yBAAO,CAACmB,eAAe,CAC9C+B,oBAAoB,EACpBC,kBACF,CAAC;IACD,MAAMI,cAAc,GAAG,IAAAC,wBAAS,EAACF,UAAU,CAAC;IAC5C,MAAMd,QAAQ,GAAGe,cAAc,CAACE,OAAO,CAACb,GAAa;IACrD,MAAMrB,WAAW,GAAG;MAClBmC,UAAU,EAAE,oBAAoB;MAChCjD,SAAS,EAAE,IAAI,CAAChC,QAAQ;MACxBkF,IAAI,EAAE,IAAI,CAACxE,iBAAiB;MAC5ByE,aAAa,EAAE,IAAI,CAAC1E,YAAY;MAChCe,qBAAqB,EACnB,wDAAwD;MAC1DuB,gBAAgB,EAAE,IAAI,CAAChD,yBAAyB;MAChDgC,YAAY,EAAE,IAAI,CAACjC;IACrB,CAAC;IACD,IAAImD,QAAQ,GAAG,IAAIC,eAAe,CAACJ,WAAW,CAAC;IAE/C,MAAMK,QAAQ,GAAG,MAAM,IAAI,CAAClD,QAAQ,CAAC8D,QAAQ,EAAE;MAC7CX,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE,mCAAmC;QACnD+B,IAAI,EAAEP;MACR,CAAC;MACDvB,IAAI,EAAEL,QAAQ,CAACM,QAAQ,CAAC;IAC1B,CAAC,CAAC;IAEF,IAAIJ,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,OAAO,MAAML,QAAQ,CAACO,IAAI,CAAC,CAAC;IAC9B;IAEA,MAAM,IAAIE,uBAAe,CACtB,0CAAyC,MAAMT,QAAQ,CAACU,IAAI,CAAC,CAAE,EAClE,CAAC;EACH;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMwB,qBAAqBA,CAACC,KAAa,EAAmB;IAC1D,MAAMC,aAAa,GAAG,IAAIhE,yBAAO,CAAC;MAChC+D;IACF,CAAC,CAAC,CACCpD,kBAAkB,CAAC;MAClBC,GAAG,EAAE,OAAO;MACZR,IAAI,EAAE;IACR,CAAC,CAAC,CACD6D,WAAW,CAAC,IAAI,CAAC1F,qBAAqB,CAAC,CACvC2F,SAAS,CAAC,IAAI,CAACzF,QAAQ,CAAC,CACxBoC,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,MAAM,CAAC,CAAC;IACX,OAAOiD,aAAa;EACtB;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMG,aAAaA,CACjBC,kBAA0B,EAC1BC,gBAAwB,EACxBC,kBAA0B,EAC1BC,mBAA2B,EAC3BC,WAAmB,EACnBC,OAAgB,EACM;IACtB,MAAMC,gBAAgB,GAAG,MAAM1E,yBAAO,CAACmB,eAAe,CACpDiD,kBAAkB,EAClBC,gBACF,CAAC;IACD,MAAMM,gBAAgB,GAAG,MAAM3E,yBAAO,CAACmB,eAAe,CACpDmD,kBAAkB,EAClBC,mBACF,CAAC;IACD,MAAMK,aAAa,GAAG,IAAIvD,GAAG,CAAC,aAAa,EAAE,IAAI,CAAC/C,kBAAkB,CAAC,CAACgD,IAAI;IAE1E,MAAMC,WAAW,GAAG;MAClBsD,qBAAqB,EAAEC,IAAI,CAACC,SAAS,CAAC;QAAE3E,IAAI,EAAE,CAAC,iBAAiB;MAAE,CAAC,CAAC;MACpEC,MAAM,EAAE,WAAW;MACnB2E,KAAK,EAAEF,IAAI,CAACC,SAAS,CAAC;QACpBE,GAAG,EAAEN,gBAAgB;QACrBF,OAAO;QACPS,UAAU,EAAE;MACd,CAAC;IACH,CAAC;IACD,MAAMxD,QAAQ,GAAG,IAAIC,eAAe,CAACJ,WAAW,CAAC;IAEjD,MAAMK,QAAQ,GAAG,MAAM,IAAI,CAAClD,QAAQ,CAACkG,aAAa,EAAE;MAClD/C,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE,mCAAmC;QACnD+B,IAAI,EAAEa,gBAAgB;QACtBS,aAAa,EAAEX;MACjB,CAAC;MACDzC,IAAI,EAAEL,QAAQ,CAACM,QAAQ,CAAC;IAC1B,CAAC,CAAC;IAEF,IAAIJ,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,OAAO,MAAML,QAAQ,CAACO,IAAI,CAAC,CAAC;IAC9B;IAEA,MAAM,IAAIE,uBAAe,CAAE,8BAA6B,CAAC;EAC3D;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;EACE,MAAM+C,sBAAsBA,CAAA,EAA0C;IACpE,MAAMC,WAAW,GAAG,IAAIhE,GAAG,CACzB,+BAA+B,EAC/B,IAAI,CAAC/C,kBACP,CAAC,CAACgD,IAAI;IAEN,MAAMM,QAAQ,GAAG,MAAM,IAAI,CAAClD,QAAQ,CAAC2G,WAAW,CAAC;IAEjD,IAAIzD,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAMqD,WAAW,GAAG,MAAM1D,QAAQ,CAACU,IAAI,CAAC,CAAC;MACzC,MAAM;QAAEmB;MAAQ,CAAC,GAAG,IAAAD,wBAAS,EAAC8B,WAAW,CAAC;MAC1C,MAAMpD,MAAM,GAAGqD,sCAA4B,CAACC,SAAS,CAAC/B,OAAO,CAAC;MAC9D,IAAIvB,MAAM,CAACuD,OAAO,EAAE;QAClB,MAAMC,cAAc,GAAGxD,MAAM,CAACyD,IAAI;QAClC,MAAM,IAAAC,wBAAS,EAACN,WAAW,EAAEI,cAAc,CAACG,IAAI,CAACC,IAAI,CAAC;QACtD,OAAOJ,cAAc;MACvB,CAAC,MAAM;QACL,MAAM,IAAIK,wBAAgB,CAAC7D,MAAM,CAAC8D,KAAK,CAACC,OAAO,CAAC;MAClD;IACF;IAEA,MAAM,IAAIF,wBAAgB,CACvB,4CAA2C,MAAMnE,QAAQ,CAACU,IAAI,CAAC,CAAE,iBAChEV,QAAQ,CAACK,MACV,EACH,CAAC;EACH;AACF;AAACiE,OAAA,CAAA9H,OAAA,GAAAA,OAAA"}
|
|
@@ -0,0 +1,51 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
|
|
3
|
+
Object.defineProperty(exports, "__esModule", {
|
|
4
|
+
value: true
|
|
5
|
+
});
|
|
6
|
+
exports.PidIssuerEntityConfiguration = exports.PidDisplayMetadata = void 0;
|
|
7
|
+
var _jwk = require("../utils/jwk");
|
|
8
|
+
var _zod = require("zod");
|
|
9
|
+
const PidDisplayMetadata = _zod.z.object({
|
|
10
|
+
name: _zod.z.string(),
|
|
11
|
+
locale: _zod.z.string(),
|
|
12
|
+
logo: _zod.z.object({
|
|
13
|
+
url: _zod.z.string(),
|
|
14
|
+
alt_text: _zod.z.string()
|
|
15
|
+
}),
|
|
16
|
+
background_color: _zod.z.string(),
|
|
17
|
+
text_color: _zod.z.string()
|
|
18
|
+
});
|
|
19
|
+
exports.PidDisplayMetadata = PidDisplayMetadata;
|
|
20
|
+
const PidIssuerEntityConfiguration = _zod.z.object({
|
|
21
|
+
jwks: _zod.z.object({
|
|
22
|
+
keys: _zod.z.array(_jwk.JWK)
|
|
23
|
+
}),
|
|
24
|
+
metadata: _zod.z.object({
|
|
25
|
+
openid_credential_issuer: _zod.z.object({
|
|
26
|
+
credential_issuer: _zod.z.string(),
|
|
27
|
+
authorization_endpoint: _zod.z.string(),
|
|
28
|
+
token_endpoint: _zod.z.string(),
|
|
29
|
+
pushed_authorization_request_endpoint: _zod.z.string(),
|
|
30
|
+
dpop_signing_alg_values_supported: _zod.z.array(_zod.z.string()),
|
|
31
|
+
credential_endpoint: _zod.z.string(),
|
|
32
|
+
credentials_supported: _zod.z.object({
|
|
33
|
+
"eu.eudiw.pid.it": _zod.z.object({
|
|
34
|
+
format: _zod.z.literal("vc+sd-jwt"),
|
|
35
|
+
cryptographic_binding_methods_supported: _zod.z.array(_zod.z.string()),
|
|
36
|
+
cryptographic_suites_supported: _zod.z.array(_zod.z.string()),
|
|
37
|
+
display: _zod.z.array(PidDisplayMetadata)
|
|
38
|
+
})
|
|
39
|
+
})
|
|
40
|
+
}),
|
|
41
|
+
federation_entity: _zod.z.object({
|
|
42
|
+
organization_name: _zod.z.string(),
|
|
43
|
+
homepage_uri: _zod.z.string(),
|
|
44
|
+
policy_uri: _zod.z.string(),
|
|
45
|
+
tos_uri: _zod.z.string(),
|
|
46
|
+
logo_uri: _zod.z.string()
|
|
47
|
+
})
|
|
48
|
+
})
|
|
49
|
+
});
|
|
50
|
+
exports.PidIssuerEntityConfiguration = PidIssuerEntityConfiguration;
|
|
51
|
+
//# sourceMappingURL=metadata.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["_jwk","require","_zod","PidDisplayMetadata","z","object","name","string","locale","logo","url","alt_text","background_color","text_color","exports","PidIssuerEntityConfiguration","jwks","keys","array","JWK","metadata","openid_credential_issuer","credential_issuer","authorization_endpoint","token_endpoint","pushed_authorization_request_endpoint","dpop_signing_alg_values_supported","credential_endpoint","credentials_supported","format","literal","cryptographic_binding_methods_supported","cryptographic_suites_supported","display","federation_entity","organization_name","homepage_uri","policy_uri","tos_uri","logo_uri"],"sourceRoot":"../../../src","sources":["pid/metadata.ts"],"mappings":";;;;;;AAAA,IAAAA,IAAA,GAAAC,OAAA;AACA,IAAAC,IAAA,GAAAD,OAAA;AAGO,MAAME,kBAAkB,GAAGC,MAAC,CAACC,MAAM,CAAC;EACzCC,IAAI,EAAEF,MAAC,CAACG,MAAM,CAAC,CAAC;EAChBC,MAAM,EAAEJ,MAAC,CAACG,MAAM,CAAC,CAAC;EAClBE,IAAI,EAAEL,MAAC,CAACC,MAAM,CAAC;IACbK,GAAG,EAAEN,MAAC,CAACG,MAAM,CAAC,CAAC;IACfI,QAAQ,EAAEP,MAAC,CAACG,MAAM,CAAC;EACrB,CAAC,CAAC;EACFK,gBAAgB,EAAER,MAAC,CAACG,MAAM,CAAC,CAAC;EAC5BM,UAAU,EAAET,MAAC,CAACG,MAAM,CAAC;AACvB,CAAC,CAAC;AAACO,OAAA,CAAAX,kBAAA,GAAAA,kBAAA;AAKI,MAAMY,4BAA4B,GAAGX,MAAC,CAACC,MAAM,CAAC;EACnDW,IAAI,EAAEZ,MAAC,CAACC,MAAM,CAAC;IAAEY,IAAI,EAAEb,MAAC,CAACc,KAAK,CAACC,QAAG;EAAE,CAAC,CAAC;EACtCC,QAAQ,EAAEhB,MAAC,CAACC,MAAM,CAAC;IACjBgB,wBAAwB,EAAEjB,MAAC,CAACC,MAAM,CAAC;MACjCiB,iBAAiB,EAAElB,MAAC,CAACG,MAAM,CAAC,CAAC;MAC7BgB,sBAAsB,EAAEnB,MAAC,CAACG,MAAM,CAAC,CAAC;MAClCiB,cAAc,EAAEpB,MAAC,CAACG,MAAM,CAAC,CAAC;MAC1BkB,qCAAqC,EAAErB,MAAC,CAACG,MAAM,CAAC,CAAC;MACjDmB,iCAAiC,EAAEtB,MAAC,CAACc,KAAK,CAACd,MAAC,CAACG,MAAM,CAAC,CAAC,CAAC;MACtDoB,mBAAmB,EAAEvB,MAAC,CAACG,MAAM,CAAC,CAAC;MAC/BqB,qBAAqB,EAAExB,MAAC,CAACC,MAAM,CAAC;QAC9B,iBAAiB,EAAED,MAAC,CAACC,MAAM,CAAC;UAC1BwB,MAAM,EAAEzB,MAAC,CAAC0B,OAAO,CAAC,WAAW,CAAC;UAC9BC,uCAAuC,EAAE3B,MAAC,CAACc,KAAK,CAACd,MAAC,CAACG,MAAM,CAAC,CAAC,CAAC;UAC5DyB,8BAA8B,EAAE5B,MAAC,CAACc,KAAK,CAACd,MAAC,CAACG,MAAM,CAAC,CAAC,CAAC;UACnD0B,OAAO,EAAE7B,MAAC,CAACc,KAAK,CAACf,kBAAkB;QACrC,CAAC;MACH,CAAC;IACH,CAAC,CAAC;IACF+B,iBAAiB,EAAE9B,MAAC,CAACC,MAAM,CAAC;MAC1B8B,iBAAiB,EAAE/B,MAAC,CAACG,MAAM,CAAC,CAAC;MAC7B6B,YAAY,EAAEhC,MAAC,CAACG,MAAM,CAAC,CAAC;MACxB8B,UAAU,EAAEjC,MAAC,CAACG,MAAM,CAAC,CAAC;MACtB+B,OAAO,EAAElC,MAAC,CAACG,MAAM,CAAC,CAAC;MACnBgC,QAAQ,EAAEnC,MAAC,CAACG,MAAM,CAAC;IACrB,CAAC;EACH,CAAC;AACH,CAAC,CAAC;AAACO,OAAA,CAAAC,4BAAA,GAAAA,4BAAA"}
|
|
@@ -33,8 +33,9 @@ var _types2 = require("./types");
|
|
|
33
33
|
function decode(token) {
|
|
34
34
|
let {
|
|
35
35
|
sdJwt,
|
|
36
|
-
disclosures
|
|
36
|
+
disclosures: disclosuresWithOriginal
|
|
37
37
|
} = (0, _sdJwt.decode)(token, _types.SdJwt4VC);
|
|
38
|
+
const disclosures = disclosuresWithOriginal.map(d => d.decoded);
|
|
38
39
|
const pid = (0, _converters.pidFromToken)(sdJwt, disclosures);
|
|
39
40
|
return {
|
|
40
41
|
pid,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_sdJwt","require","_converters","_types","_types2","decode","token","sdJwt","disclosures","decodeJwt","SdJwt4VC","pid","pidFromToken","verify","
|
|
1
|
+
{"version":3,"names":["_sdJwt","require","_converters","_types","_types2","decode","token","sdJwt","disclosures","disclosuresWithOriginal","decodeJwt","SdJwt4VC","map","d","decoded","pid","pidFromToken","verify","publicKey","payload","cnf","jwk","verifyJwt"],"sourceRoot":"../../../../src","sources":["pid/sd-jwt/index.ts"],"mappings":";;;;;;;;;;;;;AAAA,IAAAA,MAAA,GAAAC,OAAA;AAEA,IAAAC,WAAA,GAAAD,OAAA;AACA,IAAAE,MAAA,GAAAF,OAAA;AAsEA,IAAAG,OAAA,GAAAH,OAAA;AApEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,SAASI,MAAMA,CAACC,KAAa,EAAgB;EAClD,IAAI;IAAEC,KAAK;IAAEC,WAAW,EAAEC;EAAwB,CAAC,GAAG,IAAAC,aAAS,EAC7DJ,KAAK,EACLK,eACF,CAAC;EACD,MAAMH,WAAW,GAAGC,uBAAuB,CAACG,GAAG,CAAEC,CAAC,IAAKA,CAAC,CAACC,OAAO,CAAC;EACjE,MAAMC,GAAG,GAAG,IAAAC,wBAAY,EAACT,KAAK,EAAEC,WAAW,CAAC;EAE5C,OAAO;IAAEO,GAAG;IAAER,KAAK;IAAEC;EAAY,CAAC;AACpC;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,eAAeS,MAAMA,CAACX,KAAa,EAAyB;EACjE,MAAMQ,OAAO,GAAGT,MAAM,CAACC,KAAK,CAAC;EAC7B,MAAMY,SAAS,GAAGJ,OAAO,CAACP,KAAK,CAACY,OAAO,CAACC,GAAG,CAACC,GAAG;EAC/C,MAAM,IAAAC,aAAS,EAAChB,KAAK,EAAEY,SAAS,EAAEP,eAAQ,CAAC;EAE3C,OAAOG,OAAO;AAChB;;AAWA;AACA;AACA"}
|
package/lib/commonjs/rp/index.js
CHANGED
|
@@ -8,6 +8,7 @@ var _errors = require("../utils/errors");
|
|
|
8
8
|
var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
|
|
9
9
|
var _types = require("./types");
|
|
10
10
|
var _reactNativeUuid = _interopRequireDefault(require("react-native-uuid"));
|
|
11
|
+
var _sdJwt = require("../sd-jwt");
|
|
11
12
|
function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
|
|
12
13
|
class RelyingPartySolution {
|
|
13
14
|
constructor(relyingPartyBaseUrl, walletInstanceAttestation) {
|
|
@@ -69,14 +70,16 @@ class RelyingPartySolution {
|
|
|
69
70
|
|
|
70
71
|
/**
|
|
71
72
|
* Obtain the Request Object for RP authentication
|
|
73
|
+
* @see https://italia.github.io/eudi-wallet-it-docs/versione-corrente/en/relying-party-solution.html
|
|
72
74
|
*
|
|
73
|
-
* @function
|
|
75
|
+
* @async @function
|
|
74
76
|
* @param signedWalletInstanceDPoP JWT of the Wallet Instance Attestation DPoP
|
|
75
77
|
*
|
|
76
78
|
* @returns The Request Object JWT
|
|
79
|
+
* @throws {NoSuitableKeysFoundInEntityConfiguration} When the Request Object is signed with a key not listed in RP's entity configuration
|
|
77
80
|
*
|
|
78
81
|
*/
|
|
79
|
-
async getRequestObject(signedWalletInstanceDPoP) {
|
|
82
|
+
async getRequestObject(signedWalletInstanceDPoP, entity) {
|
|
80
83
|
const decodedJwtDPop = await (0, _ioReactNativeJwt.decode)(signedWalletInstanceDPoP);
|
|
81
84
|
const requestUri = decodedJwtDPop.payload.htu;
|
|
82
85
|
const response = await this.appFetch(requestUri, {
|
|
@@ -88,7 +91,24 @@ class RelyingPartySolution {
|
|
|
88
91
|
});
|
|
89
92
|
if (response.status === 200) {
|
|
90
93
|
const responseText = await response.text();
|
|
91
|
-
const responseJwt =
|
|
94
|
+
const responseJwt = (0, _ioReactNativeJwt.decode)(responseText);
|
|
95
|
+
|
|
96
|
+
// verify token signature according to RP's entity configuration
|
|
97
|
+
// to ensure the request object is authentic
|
|
98
|
+
{
|
|
99
|
+
const pubKey = entity.payload.jwks.keys.find(_ref => {
|
|
100
|
+
let {
|
|
101
|
+
kid
|
|
102
|
+
} = _ref;
|
|
103
|
+
return kid === responseJwt.protectedHeader.kid;
|
|
104
|
+
});
|
|
105
|
+
if (!pubKey) {
|
|
106
|
+
throw new _errors.NoSuitableKeysFoundInEntityConfiguration("Request Object signature verification");
|
|
107
|
+
}
|
|
108
|
+
await (0, _ioReactNativeJwt.verify)(responseText, pubKey);
|
|
109
|
+
}
|
|
110
|
+
|
|
111
|
+
// parse request object it has the expected shape by specification
|
|
92
112
|
const requestObj = _types.RequestObject.parse({
|
|
93
113
|
header: responseJwt.protectedHeader,
|
|
94
114
|
payload: responseJwt.payload
|
|
@@ -98,6 +118,131 @@ class RelyingPartySolution {
|
|
|
98
118
|
throw new _errors.IoWalletError(`Unable to obtain Request Object. Response code: ${response.status}`);
|
|
99
119
|
}
|
|
100
120
|
|
|
121
|
+
/**
|
|
122
|
+
* Prepare the Verified Presentation token for a received request object in the context of an authorization request flow.
|
|
123
|
+
* The presentation is prepared by disclosing data from provided credentials, according to requested claims
|
|
124
|
+
* Each Verified Credential come along with the claims the user accepts to disclose from it.
|
|
125
|
+
*
|
|
126
|
+
* The returned token is unsigned (sign should be apply by the caller).
|
|
127
|
+
*
|
|
128
|
+
* @todo accept more than a Verified Credential
|
|
129
|
+
*
|
|
130
|
+
* @param requestObj The incoming request object, which the requirements for the requested authorization
|
|
131
|
+
* @param presentation The Verified Credential containing user data along with the list of claims to be disclosed.
|
|
132
|
+
* @returns The unsigned Verified Presentation token
|
|
133
|
+
* @throws {ClaimsNotFoundBetweenDislosures} If the Verified Credential does not contain one or more requested claims.
|
|
134
|
+
*
|
|
135
|
+
*/
|
|
136
|
+
async prepareVpToken(requestObj, _ref2) {
|
|
137
|
+
let [vc, claims] = _ref2;
|
|
138
|
+
// this throws if vc cannot satisfy all the requested claims
|
|
139
|
+
const {
|
|
140
|
+
token: vp,
|
|
141
|
+
paths
|
|
142
|
+
} = await (0, _sdJwt.disclose)(vc, claims);
|
|
143
|
+
|
|
144
|
+
// TODO: [SIW-359] check all requeste claims of the requestedObj are satisfied
|
|
145
|
+
|
|
146
|
+
const vp_token = new _ioReactNativeJwt.SignJWT({
|
|
147
|
+
vp
|
|
148
|
+
}).setAudience(requestObj.payload.response_uri).setExpirationTime("1h").setProtectedHeader({
|
|
149
|
+
typ: "JWT",
|
|
150
|
+
alg: "ES256"
|
|
151
|
+
}).toSign();
|
|
152
|
+
const [definition_id, vc_scope] = requestObj.payload.scope;
|
|
153
|
+
const presentation_submission = {
|
|
154
|
+
definition_id,
|
|
155
|
+
id: `${_reactNativeUuid.default.v4()}`,
|
|
156
|
+
descriptor_map: paths.map(p => ({
|
|
157
|
+
id: vc_scope,
|
|
158
|
+
path: `$.vp_token.${p.path}`,
|
|
159
|
+
format: "vc+sd-jwt"
|
|
160
|
+
}))
|
|
161
|
+
};
|
|
162
|
+
return {
|
|
163
|
+
vp_token,
|
|
164
|
+
presentation_submission
|
|
165
|
+
};
|
|
166
|
+
}
|
|
167
|
+
|
|
168
|
+
/**
|
|
169
|
+
* Compose and send an Authorization Response in the context of an authorization request flow.
|
|
170
|
+
*
|
|
171
|
+
* @todo MUST add presentation_submission
|
|
172
|
+
*
|
|
173
|
+
* @param requestObj The incoming request object, which the requirements for the requested authorization
|
|
174
|
+
* @param vp_token The signed Verified Presentation token with data to send.
|
|
175
|
+
* @param presentation_submission
|
|
176
|
+
* @param entity The RP entity configuration
|
|
177
|
+
* @returns The response from the RP
|
|
178
|
+
* @throws {IoWalletError} if the submission fails.
|
|
179
|
+
* @throws {NoSuitableKeysFoundInEntityConfiguration} If entity do not contain any public key
|
|
180
|
+
*
|
|
181
|
+
*/
|
|
182
|
+
async sendAuthorizationResponse(requestObj, vp_token, presentation_submission, entity) {
|
|
183
|
+
// the request is an unsigned jws without iss, aud, exp
|
|
184
|
+
// https://openid.net/specs/openid-4-verifiable-presentations-1_0.html#name-signed-and-encrypted-respon
|
|
185
|
+
const jwk = this.choosePublicKeyToEncrypt(entity);
|
|
186
|
+
const enc = this.getEncryptionAlgByJwk(jwk);
|
|
187
|
+
const authzResponsePayload = JSON.stringify({
|
|
188
|
+
state: requestObj.payload.state,
|
|
189
|
+
presentation_submission,
|
|
190
|
+
vp_token
|
|
191
|
+
});
|
|
192
|
+
const encrypted = await new _ioReactNativeJwt.EncryptJwe(authzResponsePayload, {
|
|
193
|
+
alg: jwk.alg,
|
|
194
|
+
enc
|
|
195
|
+
}).encrypt(jwk);
|
|
196
|
+
const formBody = new URLSearchParams({
|
|
197
|
+
response: encrypted
|
|
198
|
+
});
|
|
199
|
+
const response = await this.appFetch(requestObj.payload.response_uri, {
|
|
200
|
+
method: "POST",
|
|
201
|
+
headers: {
|
|
202
|
+
"Content-Type": "application/x-www-form-urlencoded"
|
|
203
|
+
},
|
|
204
|
+
body: formBody.toString()
|
|
205
|
+
});
|
|
206
|
+
if (response.status === 200) {
|
|
207
|
+
return response.text();
|
|
208
|
+
}
|
|
209
|
+
throw new _errors.IoWalletError(`Unable to send Authorization Response. Response code: ${response.status}`);
|
|
210
|
+
}
|
|
211
|
+
|
|
212
|
+
/**
|
|
213
|
+
* Select a public key from those provided by the RP.
|
|
214
|
+
* Keys with algorithm "RSA-OAEP-256" or "RSA-OAEP" are expected, the firsts to be preferred.
|
|
215
|
+
*
|
|
216
|
+
* @param entity The RP entity configuration
|
|
217
|
+
* @returns A suitable public key with its compatible encryption algorithm
|
|
218
|
+
* @throws {NoSuitableKeysFoundInEntityConfiguration} If entity do not contain any public key suitable for encrypting
|
|
219
|
+
*/
|
|
220
|
+
choosePublicKeyToEncrypt(entity) {
|
|
221
|
+
// Look for keys using "RSA-OAEP-256", and pick a random one
|
|
222
|
+
const [usingRsa256] = entity.payload.jwks.keys.filter(k => typeof k.alg === "string" && k.alg === "RSA-OAEP-256");
|
|
223
|
+
if (usingRsa256) {
|
|
224
|
+
return usingRsa256;
|
|
225
|
+
}
|
|
226
|
+
|
|
227
|
+
// Look for keys using "RSA-OAEP", and pick a random one
|
|
228
|
+
const [usingRsa] = entity.payload.jwks.keys.filter(k => typeof k.alg === "string" && k.alg === "RSA-OAEP");
|
|
229
|
+
if (usingRsa) {
|
|
230
|
+
return usingRsa;
|
|
231
|
+
}
|
|
232
|
+
|
|
233
|
+
// No suitable key has been found
|
|
234
|
+
throw new _errors.NoSuitableKeysFoundInEntityConfiguration("Encrypt with RP public key");
|
|
235
|
+
}
|
|
236
|
+
getEncryptionAlgByJwk(_ref3) {
|
|
237
|
+
let {
|
|
238
|
+
alg
|
|
239
|
+
} = _ref3;
|
|
240
|
+
if (alg === "RSA-OAEP-256") return "A256CBC-HS512";
|
|
241
|
+
if (alg === "RSA-OAEP") return "A128CBC-HS256";
|
|
242
|
+
const _ = alg;
|
|
243
|
+
throw new Error(`Invalid jwk algorithm: ${_}`);
|
|
244
|
+
}
|
|
245
|
+
|
|
101
246
|
/**
|
|
102
247
|
* Obtain the relying party entity configuration.
|
|
103
248
|
*/
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_errors","require","_ioReactNativeJwt","_types","_reactNativeUuid","_interopRequireDefault","obj","__esModule","default","RelyingPartySolution","constructor","relyingPartyBaseUrl","walletInstanceAttestation","appFetch","arguments","length","undefined","fetch","decodeAuthRequestQR","qrcode","decoded","decodeBase64","decodedUrl","URL","protocol","resource","hostname","requestURI","searchParams","get","clientId","result","QRCodePayload","safeParse","success","data","AuthRequestDecodeError","error","message","getUnsignedWalletInstanceDPoP","walletInstanceAttestationJwk","authRequestUrl","SignJWT","jti","uuid","v4","htm","htu","ath","sha256ToBase64","setProtectedHeader","alg","jwk","typ","setIssuedAt","setExpirationTime","toSign","getRequestObject","signedWalletInstanceDPoP","decodedJwtDPop","decodeJwt","requestUri","payload","response","method","headers","Authorization","DPoP","status","responseText","text","responseJwt","requestObj","RequestObject","parse","header","
|
|
1
|
+
{"version":3,"names":["_errors","require","_ioReactNativeJwt","_types","_reactNativeUuid","_interopRequireDefault","_sdJwt","obj","__esModule","default","RelyingPartySolution","constructor","relyingPartyBaseUrl","walletInstanceAttestation","appFetch","arguments","length","undefined","fetch","decodeAuthRequestQR","qrcode","decoded","decodeBase64","decodedUrl","URL","protocol","resource","hostname","requestURI","searchParams","get","clientId","result","QRCodePayload","safeParse","success","data","AuthRequestDecodeError","error","message","getUnsignedWalletInstanceDPoP","walletInstanceAttestationJwk","authRequestUrl","SignJWT","jti","uuid","v4","htm","htu","ath","sha256ToBase64","setProtectedHeader","alg","jwk","typ","setIssuedAt","setExpirationTime","toSign","getRequestObject","signedWalletInstanceDPoP","entity","decodedJwtDPop","decodeJwt","requestUri","payload","response","method","headers","Authorization","DPoP","status","responseText","text","responseJwt","pubKey","jwks","keys","find","_ref","kid","protectedHeader","NoSuitableKeysFoundInEntityConfiguration","verify","requestObj","RequestObject","parse","header","IoWalletError","prepareVpToken","_ref2","vc","claims","token","vp","paths","disclose","vp_token","setAudience","response_uri","definition_id","vc_scope","scope","presentation_submission","id","descriptor_map","map","p","path","format","sendAuthorizationResponse","choosePublicKeyToEncrypt","enc","getEncryptionAlgByJwk","authzResponsePayload","JSON","stringify","state","encrypted","EncryptJwe","encrypt","formBody","URLSearchParams","body","toString","usingRsa256","filter","k","usingRsa","_ref3","_","Error","getEntityConfiguration","wellKnownUrl","href","RpEntityConfiguration","exports"],"sourceRoot":"../../../src","sources":["rp/index.ts"],"mappings":";;;;;;AAAA,IAAAA,OAAA,GAAAC,OAAA;AAKA,IAAAC,iBAAA,GAAAD,OAAA;AAQA,IAAAE,MAAA,GAAAF,OAAA;AAOA,IAAAG,gBAAA,GAAAC,sBAAA,CAAAJ,OAAA;AAEA,IAAAK,MAAA,GAAAL,OAAA;AAAqC,SAAAI,uBAAAE,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAE9B,MAAMG,oBAAoB,CAAC;EAKhCC,WAAWA,CACTC,mBAA2B,EAC3BC,yBAAiC,EAEjC;IAAA,IADAC,QAA8B,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAGG,KAAK;IAEtC,IAAI,CAACN,mBAAmB,GAAGA,mBAAmB;IAC9C,IAAI,CAACC,yBAAyB,GAAGA,yBAAyB;IAC1D,IAAI,CAACC,QAAQ,GAAGA,QAAQ;EAC1B;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;EACE,OAAOK,mBAAmBA,CAACC,MAAc,EAAiB;IACxD,MAAMC,OAAO,GAAG,IAAAC,8BAAY,EAACF,MAAM,CAAC;IACpC,MAAMG,UAAU,GAAG,IAAIC,GAAG,CAACH,OAAO,CAAC;IACnC,MAAMI,QAAQ,GAAGF,UAAU,CAACE,QAAQ;IACpC,MAAMC,QAAQ,GAAGH,UAAU,CAACI,QAAQ;IACpC,MAAMC,UAAU,GAAGL,UAAU,CAACM,YAAY,CAACC,GAAG,CAAC,aAAa,CAAC;IAC7D,MAAMC,QAAQ,GAAGR,UAAU,CAACM,YAAY,CAACC,GAAG,CAAC,WAAW,CAAC;IAEzD,MAAME,MAAM,GAAGC,oBAAa,CAACC,SAAS,CAAC;MACrCT,QAAQ;MACRC,QAAQ;MACRE,UAAU;MACVG;IACF,CAAC,CAAC;IAEF,IAAIC,MAAM,CAACG,OAAO,EAAE;MAClB,OAAOH,MAAM,CAACI,IAAI;IACpB,CAAC,MAAM;MACL,MAAM,IAAIC,8BAAsB,CAACL,MAAM,CAACM,KAAK,CAACC,OAAO,EAAG,GAAEhB,UAAW,EAAC,CAAC;IACzE;EACF;EACA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMiB,6BAA6BA,CACjCC,4BAAiC,EACjCC,cAAsB,EACL;IACjB,OAAO,MAAM,IAAIC,yBAAO,CAAC;MACvBC,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;MACnBC,GAAG,EAAE,KAAK;MACVC,GAAG,EAAEN,cAAc;MACnBO,GAAG,EAAE,MAAM,IAAAC,gCAAc,EAAC,IAAI,CAACrC,yBAAyB;IAC1D,CAAC,CAAC,CACCsC,kBAAkB,CAAC;MAClBC,GAAG,EAAE,OAAO;MACZC,GAAG,EAAEZ,4BAA4B;MACjCa,GAAG,EAAE;IACP,CAAC,CAAC,CACDC,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,MAAM,CAAC,CAAC;EACb;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMC,gBAAgBA,CACpBC,wBAAgC,EAChCC,MAA6B,EACL;IACxB,MAAMC,cAAc,GAAG,MAAM,IAAAC,wBAAS,EAACH,wBAAwB,CAAC;IAChE,MAAMI,UAAU,GAAGF,cAAc,CAACG,OAAO,CAAChB,GAAa;IACvD,MAAMiB,QAAQ,GAAG,MAAM,IAAI,CAACnD,QAAQ,CAACiD,UAAU,EAAE;MAC/CG,MAAM,EAAE,KAAK;MACbC,OAAO,EAAE;QACPC,aAAa,EAAG,QAAO,IAAI,CAACvD,yBAA0B,EAAC;QACvDwD,IAAI,EAAEV;MACR;IACF,CAAC,CAAC;IAEF,IAAIM,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAMC,YAAY,GAAG,MAAMN,QAAQ,CAACO,IAAI,CAAC,CAAC;MAC1C,MAAMC,WAAW,GAAG,IAAAX,wBAAS,EAACS,YAAY,CAAC;;MAE3C;MACA;MACA;QACE,MAAMG,MAAM,GAAGd,MAAM,CAACI,OAAO,CAACW,IAAI,CAACC,IAAI,CAACC,IAAI,CAC1CC,IAAA;UAAA,IAAC;YAAEC;UAAI,CAAC,GAAAD,IAAA;UAAA,OAAKC,GAAG,KAAKN,WAAW,CAACO,eAAe,CAACD,GAAG;QAAA,CACtD,CAAC;QACD,IAAI,CAACL,MAAM,EAAE;UACX,MAAM,IAAIO,gDAAwC,CAChD,uCACF,CAAC;QACH;QACA,MAAM,IAAAC,wBAAM,EAACX,YAAY,EAAEG,MAAM,CAAC;MACpC;;MAEA;MACA,MAAMS,UAAU,GAAGC,oBAAa,CAACC,KAAK,CAAC;QACrCC,MAAM,EAAEb,WAAW,CAACO,eAAe;QACnChB,OAAO,EAAES,WAAW,CAACT;MACvB,CAAC,CAAC;MAEF,OAAOmB,UAAU;IACnB;IAEA,MAAM,IAAII,qBAAa,CACpB,mDAAkDtB,QAAQ,CAACK,MAAO,EACrE,CAAC;EACH;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMkB,cAAcA,CAClBL,UAAyB,EAAAM,KAAA,EAKxB;IAAA,IAJD,CAACC,EAAE,EAAEC,MAAM,CAAe,GAAAF,KAAA;IAK1B;IACA,MAAM;MAAEG,KAAK,EAAEC,EAAE;MAAEC;IAAM,CAAC,GAAG,MAAM,IAAAC,eAAQ,EAACL,EAAE,EAAEC,MAAM,CAAC;;IAEvD;;IAEA,MAAMK,QAAQ,GAAG,IAAIrD,yBAAO,CAAC;MAAEkD;IAAG,CAAC,CAAC,CACjCI,WAAW,CAACd,UAAU,CAACnB,OAAO,CAACkC,YAAY,CAAC,CAC5C1C,iBAAiB,CAAC,IAAI,CAAC,CACvBL,kBAAkB,CAAC;MAClBG,GAAG,EAAE,KAAK;MACVF,GAAG,EAAE;IACP,CAAC,CAAC,CACDK,MAAM,CAAC,CAAC;IAEX,MAAM,CAAC0C,aAAa,EAAEC,QAAQ,CAAC,GAAGjB,UAAU,CAACnB,OAAO,CAACqC,KAAK;IAC1D,MAAMC,uBAAuB,GAAG;MAC9BH,aAAa;MACbI,EAAE,EAAG,GAAE1D,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;MAClB0D,cAAc,EAAEV,KAAK,CAACW,GAAG,CAAEC,CAAC,KAAM;QAChCH,EAAE,EAAEH,QAAQ;QACZO,IAAI,EAAG,cAAaD,CAAC,CAACC,IAAK,EAAC;QAC5BC,MAAM,EAAE;MACV,CAAC,CAAC;IACJ,CAAC;IAED,OAAO;MAAEZ,QAAQ;MAAEM;IAAwB,CAAC;EAC9C;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMO,yBAAyBA,CAC7B1B,UAAyB,EACzBa,QAAgB,EAChBM,uBAAgD,EAChD1C,MAA6B,EACZ;IACjB;IACA;IACA,MAAMP,GAAG,GAAG,IAAI,CAACyD,wBAAwB,CAAClD,MAAM,CAAC;IACjD,MAAMmD,GAAG,GAAG,IAAI,CAACC,qBAAqB,CAAC3D,GAAG,CAAC;IAE3C,MAAM4D,oBAAoB,GAAGC,IAAI,CAACC,SAAS,CAAC;MAC1CC,KAAK,EAAEjC,UAAU,CAACnB,OAAO,CAACoD,KAAK;MAC/Bd,uBAAuB;MACvBN;IACF,CAAC,CAAC;IACF,MAAMqB,SAAS,GAAG,MAAM,IAAIC,4BAAU,CAACL,oBAAoB,EAAE;MAC3D7D,GAAG,EAAEC,GAAG,CAACD,GAAG;MACZ2D;IACF,CAAC,CAAC,CAACQ,OAAO,CAAClE,GAAG,CAAC;IAEf,MAAMmE,QAAQ,GAAG,IAAIC,eAAe,CAAC;MAAExD,QAAQ,EAAEoD;IAAU,CAAC,CAAC;IAC7D,MAAMpD,QAAQ,GAAG,MAAM,IAAI,CAACnD,QAAQ,CAACqE,UAAU,CAACnB,OAAO,CAACkC,YAAY,EAAE;MACpEhC,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE;MAClB,CAAC;MACDuD,IAAI,EAAEF,QAAQ,CAACG,QAAQ,CAAC;IAC1B,CAAC,CAAC;IAEF,IAAI1D,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,OAAOL,QAAQ,CAACO,IAAI,CAAC,CAAC;IACxB;IAEA,MAAM,IAAIe,qBAAa,CACpB,yDAAwDtB,QAAQ,CAACK,MAAO,EAC3E,CAAC;EACH;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;EACUwC,wBAAwBA,CAC9BlD,MAA6B,EACkC;IAC/D;IACA,MAAM,CAACgE,WAAW,CAAC,GAAGhE,MAAM,CAACI,OAAO,CAACW,IAAI,CAACC,IAAI,CAACiD,MAAM,CAC/CC,CAAuB,IACzB,OAAOA,CAAC,CAAC1E,GAAG,KAAK,QAAQ,IAAI0E,CAAC,CAAC1E,GAAG,KAAK,cAC3C,CAAC;IAED,IAAIwE,WAAW,EAAE;MACf,OAAOA,WAAW;IACpB;;IAEA;IACA,MAAM,CAACG,QAAQ,CAAC,GAAGnE,MAAM,CAACI,OAAO,CAACW,IAAI,CAACC,IAAI,CAACiD,MAAM,CAC5CC,CAAuB,IACzB,OAAOA,CAAC,CAAC1E,GAAG,KAAK,QAAQ,IAAI0E,CAAC,CAAC1E,GAAG,KAAK,UAC3C,CAAC;IAED,IAAI2E,QAAQ,EAAE;MACZ,OAAOA,QAAQ;IACjB;;IAEA;IACA,MAAM,IAAI9C,gDAAwC,CAChD,4BACF,CAAC;EACH;EAEQ+B,qBAAqBA,CAAAgB,KAAA,EAIT;IAAA,IAJU;MAC5B5E;IAC6D,CAAC,GAAA4E,KAAA;IAG9D,IAAI5E,GAAG,KAAK,cAAc,EAAE,OAAO,eAAe;IAClD,IAAIA,GAAG,KAAK,UAAU,EAAE,OAAO,eAAe;IAE9C,MAAM6E,CAAQ,GAAG7E,GAAG;IACpB,MAAM,IAAI8E,KAAK,CAAE,0BAAyBD,CAAE,EAAC,CAAC;EAChD;;EAEA;AACF;AACA;EACE,MAAME,sBAAsBA,CAAA,EAAmC;IAC7D,MAAMC,YAAY,GAAG,IAAI5G,GAAG,CAC1B,gCAAgC,EAChC,IAAI,CAACZ,mBACP,CAAC,CAACyH,IAAI;IAEN,MAAMpE,QAAQ,GAAG,MAAM,IAAI,CAACnD,QAAQ,CAACsH,YAAY,EAAE;MACjDlE,MAAM,EAAE;IACV,CAAC,CAAC;IAEF,IAAID,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAMC,YAAY,GAAG,MAAMN,QAAQ,CAACO,IAAI,CAAC,CAAC;MAC1C,MAAMC,WAAW,GAAG,MAAM,IAAAX,wBAAS,EAACS,YAAY,CAAC;MACjD,OAAO+D,4BAAqB,CAACjD,KAAK,CAAC;QACjCC,MAAM,EAAEb,WAAW,CAACO,eAAe;QACnChB,OAAO,EAAES,WAAW,CAACT;MACvB,CAAC,CAAC;IACJ;IAEA,MAAM,IAAIuB,qBAAa,CACpB,4DAA2DtB,QAAQ,CAACK,MAAO,EAC9E,CAAC;EACH;AACF;AAACiE,OAAA,CAAA7H,oBAAA,GAAAA,oBAAA"}
|
package/lib/commonjs/rp/types.js
CHANGED
|
@@ -76,5 +76,9 @@ const QRCodePayload = z.object({
|
|
|
76
76
|
clientId: z.string(),
|
|
77
77
|
requestURI: z.string()
|
|
78
78
|
});
|
|
79
|
+
|
|
80
|
+
/**
|
|
81
|
+
* A pair that associate a tokenized Verified Credential with the claims presented or requested to present.
|
|
82
|
+
*/
|
|
79
83
|
exports.QRCodePayload = QRCodePayload;
|
|
80
84
|
//# sourceMappingURL=types.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_jwk","require","_types","z","_interopRequireWildcard","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","RequestObject","object","header","typ","literal","alg","string","kid","trust_chain","array","payload","iss","iat","UnixTime","exp","state","nonce","response_uri","response_type","response_mode","client_id","client_id_scheme","scope","exports","RpEntityConfiguration","sub","jwks","keys","JWK","metadata","wallet_relying_party","application_type","client_name","contacts","federation_entity","organization_name","homepage_uri","policy_uri","logo_uri","authority_hints","QRCodePayload","protocol","resource","clientId","requestURI"],"sourceRoot":"../../../src","sources":["rp/types.ts"],"mappings":";;;;;;AAAA,IAAAA,IAAA,GAAAC,OAAA;AACA,IAAAC,MAAA,GAAAD,OAAA;AACA,IAAAE,CAAA,GAAAC,uBAAA,CAAAH,OAAA;AAAyB,SAAAI,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAF,wBAAAM,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAGlB,MAAMW,aAAa,GAAGxB,CAAC,CAACyB,MAAM,CAAC;EACpCC,MAAM,EAAE1B,CAAC,CAACyB,MAAM,CAAC;IACfE,GAAG,EAAE3B,CAAC,CAAC4B,OAAO,CAAC,KAAK,CAAC;IACrBC,GAAG,EAAE7B,CAAC,CAAC8B,MAAM,CAAC,CAAC;IACfC,GAAG,EAAE/B,CAAC,CAAC8B,MAAM,CAAC,CAAC;IACfE,WAAW,EAAEhC,CAAC,CAACiC,KAAK,CAACjC,CAAC,CAAC8B,MAAM,CAAC,CAAC;EACjC,CAAC,CAAC;EACFI,OAAO,EAAElC,CAAC,CAACyB,MAAM,CAAC;IAChBU,GAAG,EAAEnC,CAAC,CAAC8B,MAAM,CAAC,CAAC;IACfM,GAAG,EAAEC,eAAQ;IACbC,GAAG,EAAED,eAAQ;IACbE,KAAK,EAAEvC,CAAC,CAAC8B,MAAM,CAAC,CAAC;IACjBU,KAAK,EAAExC,CAAC,CAAC8B,MAAM,CAAC,CAAC;IACjBW,YAAY,EAAEzC,CAAC,CAAC8B,MAAM,CAAC,CAAC;IACxBY,aAAa,EAAE1C,CAAC,CAAC4B,OAAO,CAAC,UAAU,CAAC;IACpCe,aAAa,EAAE3C,CAAC,CAAC4B,OAAO,CAAC,iBAAiB,CAAC;IAC3CgB,SAAS,EAAE5C,CAAC,CAAC8B,MAAM,CAAC,CAAC;IACrBe,gBAAgB,EAAE7C,CAAC,CAAC4B,OAAO,CAAC,WAAW,CAAC;IACxCkB,KAAK,EAAE9C,CAAC,CAAC8B,MAAM,CAAC;EAClB,CAAC;AACH,CAAC,CAAC;;AAEF;AAAAiB,OAAA,CAAAvB,aAAA,GAAAA,aAAA;AAEO,MAAMwB,qBAAqB,GAAGhD,CAAC,CAACyB,MAAM,CAAC;EAC5CC,MAAM,EAAE1B,CAAC,CAACyB,MAAM,CAAC;IACfE,GAAG,EAAE3B,CAAC,CAAC4B,OAAO,CAAC,sBAAsB,CAAC;IACtCC,GAAG,EAAE7B,CAAC,CAAC8B,MAAM,CAAC,CAAC;IACfC,GAAG,EAAE/B,CAAC,CAAC8B,MAAM,CAAC;EAChB,CAAC,CAAC;EACFI,OAAO,EAAElC,CAAC,CAACyB,MAAM,CAAC;IAChBa,GAAG,EAAED,eAAQ;IACbD,GAAG,EAAEC,eAAQ;IACbF,GAAG,EAAEnC,CAAC,CAAC8B,MAAM,CAAC,CAAC;IACfmB,GAAG,EAAEjD,CAAC,CAAC8B,MAAM,CAAC,CAAC;IACfoB,IAAI,EAAElD,CAAC,CAACyB,MAAM,CAAC;MACb0B,IAAI,EAAEnD,CAAC,CAACiC,KAAK,CAACmB,QAAG;IACnB,CAAC,CAAC;IACFC,QAAQ,EAAErD,CAAC,CAACyB,MAAM,CAAC;MACjB6B,oBAAoB,EAAEtD,CAAC,CAACyB,MAAM,CAAC;QAC7B8B,gBAAgB,EAAEvD,CAAC,CAAC8B,MAAM,CAAC,CAAC;QAC5Bc,SAAS,EAAE5C,CAAC,CAAC8B,MAAM,CAAC,CAAC;QACrB0B,WAAW,EAAExD,CAAC,CAAC8B,MAAM,CAAC,CAAC;QACvBoB,IAAI,EAAElD,CAAC,CAACyB,MAAM,CAAC;UACb0B,IAAI,EAAEnD,CAAC,CAACiC,KAAK,CAACmB,QAAG;QACnB,CAAC,CAAC;QACFK,QAAQ,EAAEzD,CAAC,CAACiC,KAAK,CAACjC,CAAC,CAAC8B,MAAM,CAAC,CAAC;MAC9B,CAAC,CAAC;MACF4B,iBAAiB,EAAE1D,CAAC,CAACyB,MAAM,CAAC;QAC1BkC,iBAAiB,EAAE3D,CAAC,CAAC8B,MAAM,CAAC,CAAC;QAC7B8B,YAAY,EAAE5D,CAAC,CAAC8B,MAAM,CAAC,CAAC;QACxB+B,UAAU,EAAE7D,CAAC,CAAC8B,MAAM,CAAC,CAAC;QACtBgC,QAAQ,EAAE9D,CAAC,CAAC8B,MAAM,CAAC,CAAC;QACpB2B,QAAQ,EAAEzD,CAAC,CAACiC,KAAK,CAACjC,CAAC,CAAC8B,MAAM,CAAC,CAAC;MAC9B,CAAC;IACH,CAAC,CAAC;IACFiC,eAAe,EAAE/D,CAAC,CAACiC,KAAK,CAACjC,CAAC,CAAC8B,MAAM,CAAC,CAAC;EACrC,CAAC;AACH,CAAC,CAAC;AAACiB,OAAA,CAAAC,qBAAA,GAAAA,qBAAA;AAGI,MAAMgB,aAAa,GAAGhE,CAAC,CAACyB,MAAM,CAAC;EACpCwC,QAAQ,EAAEjE,CAAC,CAAC4B,OAAO,CAAC,QAAQ,CAAC;EAC7BsC,QAAQ,EAAElE,CAAC,CAAC8B,MAAM,CAAC,CAAC;EAAE;EACtBqC,QAAQ,EAAEnE,CAAC,CAAC8B,MAAM,CAAC,CAAC;EACpBsC,UAAU,EAAEpE,CAAC,CAAC8B,MAAM,CAAC;AACvB,CAAC,CAAC;
|
|
1
|
+
{"version":3,"names":["_jwk","require","_types","z","_interopRequireWildcard","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","RequestObject","object","header","typ","literal","alg","string","kid","trust_chain","array","payload","iss","iat","UnixTime","exp","state","nonce","response_uri","response_type","response_mode","client_id","client_id_scheme","scope","exports","RpEntityConfiguration","sub","jwks","keys","JWK","metadata","wallet_relying_party","application_type","client_name","contacts","federation_entity","organization_name","homepage_uri","policy_uri","logo_uri","authority_hints","QRCodePayload","protocol","resource","clientId","requestURI"],"sourceRoot":"../../../src","sources":["rp/types.ts"],"mappings":";;;;;;AAAA,IAAAA,IAAA,GAAAC,OAAA;AACA,IAAAC,MAAA,GAAAD,OAAA;AACA,IAAAE,CAAA,GAAAC,uBAAA,CAAAH,OAAA;AAAyB,SAAAI,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAF,wBAAAM,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAGlB,MAAMW,aAAa,GAAGxB,CAAC,CAACyB,MAAM,CAAC;EACpCC,MAAM,EAAE1B,CAAC,CAACyB,MAAM,CAAC;IACfE,GAAG,EAAE3B,CAAC,CAAC4B,OAAO,CAAC,KAAK,CAAC;IACrBC,GAAG,EAAE7B,CAAC,CAAC8B,MAAM,CAAC,CAAC;IACfC,GAAG,EAAE/B,CAAC,CAAC8B,MAAM,CAAC,CAAC;IACfE,WAAW,EAAEhC,CAAC,CAACiC,KAAK,CAACjC,CAAC,CAAC8B,MAAM,CAAC,CAAC;EACjC,CAAC,CAAC;EACFI,OAAO,EAAElC,CAAC,CAACyB,MAAM,CAAC;IAChBU,GAAG,EAAEnC,CAAC,CAAC8B,MAAM,CAAC,CAAC;IACfM,GAAG,EAAEC,eAAQ;IACbC,GAAG,EAAED,eAAQ;IACbE,KAAK,EAAEvC,CAAC,CAAC8B,MAAM,CAAC,CAAC;IACjBU,KAAK,EAAExC,CAAC,CAAC8B,MAAM,CAAC,CAAC;IACjBW,YAAY,EAAEzC,CAAC,CAAC8B,MAAM,CAAC,CAAC;IACxBY,aAAa,EAAE1C,CAAC,CAAC4B,OAAO,CAAC,UAAU,CAAC;IACpCe,aAAa,EAAE3C,CAAC,CAAC4B,OAAO,CAAC,iBAAiB,CAAC;IAC3CgB,SAAS,EAAE5C,CAAC,CAAC8B,MAAM,CAAC,CAAC;IACrBe,gBAAgB,EAAE7C,CAAC,CAAC4B,OAAO,CAAC,WAAW,CAAC;IACxCkB,KAAK,EAAE9C,CAAC,CAAC8B,MAAM,CAAC;EAClB,CAAC;AACH,CAAC,CAAC;;AAEF;AAAAiB,OAAA,CAAAvB,aAAA,GAAAA,aAAA;AAEO,MAAMwB,qBAAqB,GAAGhD,CAAC,CAACyB,MAAM,CAAC;EAC5CC,MAAM,EAAE1B,CAAC,CAACyB,MAAM,CAAC;IACfE,GAAG,EAAE3B,CAAC,CAAC4B,OAAO,CAAC,sBAAsB,CAAC;IACtCC,GAAG,EAAE7B,CAAC,CAAC8B,MAAM,CAAC,CAAC;IACfC,GAAG,EAAE/B,CAAC,CAAC8B,MAAM,CAAC;EAChB,CAAC,CAAC;EACFI,OAAO,EAAElC,CAAC,CAACyB,MAAM,CAAC;IAChBa,GAAG,EAAED,eAAQ;IACbD,GAAG,EAAEC,eAAQ;IACbF,GAAG,EAAEnC,CAAC,CAAC8B,MAAM,CAAC,CAAC;IACfmB,GAAG,EAAEjD,CAAC,CAAC8B,MAAM,CAAC,CAAC;IACfoB,IAAI,EAAElD,CAAC,CAACyB,MAAM,CAAC;MACb0B,IAAI,EAAEnD,CAAC,CAACiC,KAAK,CAACmB,QAAG;IACnB,CAAC,CAAC;IACFC,QAAQ,EAAErD,CAAC,CAACyB,MAAM,CAAC;MACjB6B,oBAAoB,EAAEtD,CAAC,CAACyB,MAAM,CAAC;QAC7B8B,gBAAgB,EAAEvD,CAAC,CAAC8B,MAAM,CAAC,CAAC;QAC5Bc,SAAS,EAAE5C,CAAC,CAAC8B,MAAM,CAAC,CAAC;QACrB0B,WAAW,EAAExD,CAAC,CAAC8B,MAAM,CAAC,CAAC;QACvBoB,IAAI,EAAElD,CAAC,CAACyB,MAAM,CAAC;UACb0B,IAAI,EAAEnD,CAAC,CAACiC,KAAK,CAACmB,QAAG;QACnB,CAAC,CAAC;QACFK,QAAQ,EAAEzD,CAAC,CAACiC,KAAK,CAACjC,CAAC,CAAC8B,MAAM,CAAC,CAAC;MAC9B,CAAC,CAAC;MACF4B,iBAAiB,EAAE1D,CAAC,CAACyB,MAAM,CAAC;QAC1BkC,iBAAiB,EAAE3D,CAAC,CAAC8B,MAAM,CAAC,CAAC;QAC7B8B,YAAY,EAAE5D,CAAC,CAAC8B,MAAM,CAAC,CAAC;QACxB+B,UAAU,EAAE7D,CAAC,CAAC8B,MAAM,CAAC,CAAC;QACtBgC,QAAQ,EAAE9D,CAAC,CAAC8B,MAAM,CAAC,CAAC;QACpB2B,QAAQ,EAAEzD,CAAC,CAACiC,KAAK,CAACjC,CAAC,CAAC8B,MAAM,CAAC,CAAC;MAC9B,CAAC;IACH,CAAC,CAAC;IACFiC,eAAe,EAAE/D,CAAC,CAACiC,KAAK,CAACjC,CAAC,CAAC8B,MAAM,CAAC,CAAC;EACrC,CAAC;AACH,CAAC,CAAC;AAACiB,OAAA,CAAAC,qBAAA,GAAAA,qBAAA;AAGI,MAAMgB,aAAa,GAAGhE,CAAC,CAACyB,MAAM,CAAC;EACpCwC,QAAQ,EAAEjE,CAAC,CAAC4B,OAAO,CAAC,QAAQ,CAAC;EAC7BsC,QAAQ,EAAElE,CAAC,CAAC8B,MAAM,CAAC,CAAC;EAAE;EACtBqC,QAAQ,EAAEnE,CAAC,CAAC8B,MAAM,CAAC,CAAC;EACpBsC,UAAU,EAAEpE,CAAC,CAAC8B,MAAM,CAAC;AACvB,CAAC,CAAC;;AAEF;AACA;AACA;AAFAiB,OAAA,CAAAiB,aAAA,GAAAA,aAAA"}
|
|
@@ -0,0 +1,119 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
|
|
3
|
+
var _index = require("../index");
|
|
4
|
+
var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
|
|
5
|
+
var _types = require("../types");
|
|
6
|
+
// Examples from https://www.ietf.org/id/draft-terbu-sd-jwt-vc-02.html#name-example-4
|
|
7
|
+
// but adapted to adhere to format declared in https://italia.github.io/eudi-wallet-it-docs/versione-corrente/en/pid-eaa-data-model.html#id2
|
|
8
|
+
// In short, the token is a Frankenstein composed as follows:
|
|
9
|
+
// - the header is taken from the italian specification, with kid and alg valued according to the signing keys
|
|
10
|
+
// - disclosures are taken from the SD-JWT-4-VC standard
|
|
11
|
+
// - payload is taken from the italian specification, but _sd are compiled with:
|
|
12
|
+
// - "address" is used as verification._sd
|
|
13
|
+
// - all others disclosures are in claims._sd
|
|
14
|
+
const token = "eyJ0eXAiOiJ2YytzZC1qd3QiLCJhbGciOiJFUzI1NiIsImtpZCI6ImIxODZlYTBjMTkyNTc5MzA5N2JmMDFiOGEyODlhNDVmIiwidHJ1c3RfY2hhaW4iOlsiTkVoUmRFUnBZbmxIWTNNNVdsZFdUV1oyYVVobSAuLi4iLCJleUpoYkdjaU9pSlNVekkxTmlJc0ltdHBaQ0k2IC4uLiIsIklrSllkbVp5Ykc1b1FVMTFTRkl3TjJGcVZXMUIgLi4uIl19.eyJpc3MiOiJodHRwczovL2V4YW1wbGUuY29tL2lzc3VlciIsInN1YiI6Ik56YkxzWGg4dURDY2Q3bm9XWEZaQWZIa3hac1JHQzlYcy4uLiIsImp0aSI6InVybjp1dWlkOjZjNWMwYTQ5LWI1ODktNDMxZC1iYWU3LTIxOTEyMmE5ZWMyYyIsImlhdCI6MTU0MTQ5MzcyNCwiZXhwIjoxNTQxNDkzNzI0LCJzdGF0dXMiOiJodHRwczovL2V4YW1wbGUuY29tL3N0YXR1cyIsImNuZiI6eyJqd2siOnsia3R5IjoiUlNBIiwidXNlIjoic2lnIiwibiI6IjFUYS1zRSIsImUiOiJBUUFCIiwia2lkIjoiWWhORlMzWW5DOXRqaUNhaXZoV0xWVUozQXh3R0d6Xzk4dVJGYXFNRUVzIn19LCJ0eXBlIjoiUGVyc29uSWRlbnRpZmljYXRpb25EYXRhIiwidmVyaWZpZWRfY2xhaW1zIjp7InZlcmlmaWNhdGlvbiI6eyJfc2QiOlsiSnpZakg0c3ZsaUgwUjNQeUVNZmVadTZKdDY5dTVxZWhabzdGN0VQWWxTRSJdLCJ0cnVzdF9mcmFtZXdvcmsiOiJlaWRhcyIsImFzc3VyYW5jZV9sZXZlbCI6ImhpZ2gifSwiY2xhaW1zIjp7Il9zZCI6WyIwOXZLckpNT2x5VFdNMHNqcHVfcGRPQlZCUTJNMXkzS2hwSDUxNW5Ya3BZIiwiMnJzakdiYUMwa3k4bVQwcEpyUGlvV1RxMF9kYXcxc1g3NnBvVWxnQ3diSSIsIkVrTzhkaFcwZEhFSmJ2VUhsRV9WQ2V1Qzl1UkVMT2llTFpoaDdYYlVUdEEiLCJJbER6SUtlaVpkRHdwcXBLNlpmYnlwaEZ2ejVGZ25XYS1zTjZ3cVFYQ2l3IiwiUG9yRmJwS3VWdTZ4eW1KYWd2a0ZzRlhBYlJvYzJKR2xBVUEyQkE0bzdjSSIsIlRHZjRvTGJnd2Q1SlFhSHlLVlFaVTlVZEdFMHc1cnREc3JaemZVYW9tTG8iLCJqZHJURThZY2JZNEVpZnVnaWhpQWVfQlBla3hKUVpJQ2VpVVF3WTlRcXhJIiwianN1OXlWdWx3UVFsaEZsTV8zSmx6TWFTRnpnbGhRRzBEcGZheVF3TFVLNCJdfX0sIl9zZF9hbGciOiJzaGEtMjU2In0.8wwSHCd47wCgzRYXvvPTTRXGS-hk9V8jRzy7WSjRBTZxSHxJkGOSWwBVAA-kpJ-IvQS7699aLWxIMqAvr34sOA~WyIyR0xDNDJzS1F2ZUNmR2ZyeU5STjl3IiwgImdpdmVuX25hbWUiLCAiSm9obiJd~WyJlbHVWNU9nM2dTTklJOEVZbnN4QV9BIiwgImZhbWlseV9uYW1lIiwgIkRvZSJd~WyI2SWo3dE0tYTVpVlBHYm9TNXRtdlZBIiwgImVtYWlsIiwgImpvaG5kb2VAZXhhbXBsZS5jb20iXQ~WyJlSThaV205UW5LUHBOUGVOZW5IZGhRIiwgInBob25lX251bWJlciIsICIrMS0yMDItNTU1LTAxMDEiXQ~WyJBSngtMDk1VlBycFR0TjRRTU9xUk9BIiwgImJpcnRoZGF0ZSIsICIxOTQwLTAxLTAxIl0~WyJQYzMzSk0yTGNoY1VfbEhnZ3ZfdWZRIiwgImlzX292ZXJfMTgiLCB0cnVlXQ~WyJHMDJOU3JRZmpGWFE3SW8wOXN5YWpBIiwgImlzX292ZXJfMjEiLCB0cnVlXQ~WyJsa2x4RjVqTVlsR1RQVW92TU5JdkNBIiwgImlzX292ZXJfNjUiLCB0cnVlXQ~WyJRZ19PNjR6cUF4ZTQxMmExMDhpcm9BIiwgImFkZHJlc3MiLCB7InN0cmVldF9hZGRyZXNzIjogIjEyMyBNYWluIFN0IiwgImxvY2FsaXR5IjogIkFueXRvd24iLCAicmVnaW9uIjogIkFueXN0YXRlIiwgImNvdW50cnkiOiAiVVMifV0";
|
|
15
|
+
const unsigned = "eyJ0eXAiOiJ2YytzZC1qd3QiLCJhbGciOiJFUzI1NiIsImtpZCI6ImIxODZlYTBjMTkyNTc5MzA5N2JmMDFiOGEyODlhNDVmIiwidHJ1c3RfY2hhaW4iOlsiTkVoUmRFUnBZbmxIWTNNNVdsZFdUV1oyYVVobSAuLi4iLCJleUpoYkdjaU9pSlNVekkxTmlJc0ltdHBaQ0k2IC4uLiIsIklrSllkbVp5Ykc1b1FVMTFTRkl3TjJGcVZXMUIgLi4uIl19.eyJpc3MiOiJodHRwczovL2V4YW1wbGUuY29tL2lzc3VlciIsInN1YiI6Ik56YkxzWGg4dURDY2Q3bm9XWEZaQWZIa3hac1JHQzlYcy4uLiIsImp0aSI6InVybjp1dWlkOjZjNWMwYTQ5LWI1ODktNDMxZC1iYWU3LTIxOTEyMmE5ZWMyYyIsImlhdCI6MTU0MTQ5MzcyNCwiZXhwIjoxNTQxNDkzNzI0LCJzdGF0dXMiOiJodHRwczovL2V4YW1wbGUuY29tL3N0YXR1cyIsImNuZiI6eyJqd2siOnsia3R5IjoiUlNBIiwidXNlIjoic2lnIiwibiI6IjFUYS1zRSIsImUiOiJBUUFCIiwia2lkIjoiWWhORlMzWW5DOXRqaUNhaXZoV0xWVUozQXh3R0d6Xzk4dVJGYXFNRUVzIn19LCJ0eXBlIjoiUGVyc29uSWRlbnRpZmljYXRpb25EYXRhIiwidmVyaWZpZWRfY2xhaW1zIjp7InZlcmlmaWNhdGlvbiI6eyJfc2QiOlsiSnpZakg0c3ZsaUgwUjNQeUVNZmVadTZKdDY5dTVxZWhabzdGN0VQWWxTRSJdLCJ0cnVzdF9mcmFtZXdvcmsiOiJlaWRhcyIsImFzc3VyYW5jZV9sZXZlbCI6ImhpZ2gifSwiY2xhaW1zIjp7Il9zZCI6WyIwOXZLckpNT2x5VFdNMHNqcHVfcGRPQlZCUTJNMXkzS2hwSDUxNW5Ya3BZIiwiMnJzakdiYUMwa3k4bVQwcEpyUGlvV1RxMF9kYXcxc1g3NnBvVWxnQ3diSSIsIkVrTzhkaFcwZEhFSmJ2VUhsRV9WQ2V1Qzl1UkVMT2llTFpoaDdYYlVUdEEiLCJJbER6SUtlaVpkRHdwcXBLNlpmYnlwaEZ2ejVGZ25XYS1zTjZ3cVFYQ2l3IiwiUG9yRmJwS3VWdTZ4eW1KYWd2a0ZzRlhBYlJvYzJKR2xBVUEyQkE0bzdjSSIsIlRHZjRvTGJnd2Q1SlFhSHlLVlFaVTlVZEdFMHc1cnREc3JaemZVYW9tTG8iLCJqZHJURThZY2JZNEVpZnVnaWhpQWVfQlBla3hKUVpJQ2VpVVF3WTlRcXhJIiwianN1OXlWdWx3UVFsaEZsTV8zSmx6TWFTRnpnbGhRRzBEcGZheVF3TFVLNCJdfX0sIl9zZF9hbGciOiJzaGEtMjU2In0";
|
|
16
|
+
const signature = "8wwSHCd47wCgzRYXvvPTTRXGS-hk9V8jRzy7WSjRBTZxSHxJkGOSWwBVAA-kpJ-IvQS7699aLWxIMqAvr34sOA";
|
|
17
|
+
const signed = `${unsigned}.${signature}`;
|
|
18
|
+
const tokenizedDisclosures = ["WyIyR0xDNDJzS1F2ZUNmR2ZyeU5STjl3IiwgImdpdmVuX25hbWUiLCAiSm9obiJd", "WyJlbHVWNU9nM2dTTklJOEVZbnN4QV9BIiwgImZhbWlseV9uYW1lIiwgIkRvZSJd", "WyI2SWo3dE0tYTVpVlBHYm9TNXRtdlZBIiwgImVtYWlsIiwgImpvaG5kb2VAZXhhbXBsZS5jb20iXQ", "WyJlSThaV205UW5LUHBOUGVOZW5IZGhRIiwgInBob25lX251bWJlciIsICIrMS0yMDItNTU1LTAxMDEiXQ", "WyJBSngtMDk1VlBycFR0TjRRTU9xUk9BIiwgImJpcnRoZGF0ZSIsICIxOTQwLTAxLTAxIl0", "WyJQYzMzSk0yTGNoY1VfbEhnZ3ZfdWZRIiwgImlzX292ZXJfMTgiLCB0cnVlXQ", "WyJHMDJOU3JRZmpGWFE3SW8wOXN5YWpBIiwgImlzX292ZXJfMjEiLCB0cnVlXQ", "WyJsa2x4RjVqTVlsR1RQVW92TU5JdkNBIiwgImlzX292ZXJfNjUiLCB0cnVlXQ", "WyJRZ19PNjR6cUF4ZTQxMmExMDhpcm9BIiwgImFkZHJlc3MiLCB7InN0cmVldF9hZGRyZXNzIjogIjEyMyBNYWluIFN0IiwgImxvY2FsaXR5IjogIkFueXRvd24iLCAicmVnaW9uIjogIkFueXN0YXRlIiwgImNvdW50cnkiOiAiVVMifV0"];
|
|
19
|
+
const sdJwt = {
|
|
20
|
+
header: {
|
|
21
|
+
typ: "vc+sd-jwt",
|
|
22
|
+
alg: "ES256",
|
|
23
|
+
kid: "b186ea0c1925793097bf01b8a289a45f",
|
|
24
|
+
trust_chain: ["NEhRdERpYnlHY3M5WldWTWZ2aUhm ...", "eyJhbGciOiJSUzI1NiIsImtpZCI6 ...", "IkJYdmZybG5oQU11SFIwN2FqVW1B ..."]
|
|
25
|
+
},
|
|
26
|
+
payload: {
|
|
27
|
+
iss: "https://example.com/issuer",
|
|
28
|
+
sub: "NzbLsXh8uDCcd7noWXFZAfHkxZsRGC9Xs...",
|
|
29
|
+
jti: "urn:uuid:6c5c0a49-b589-431d-bae7-219122a9ec2c",
|
|
30
|
+
iat: 1541493724,
|
|
31
|
+
exp: 1541493724,
|
|
32
|
+
status: "https://example.com/status",
|
|
33
|
+
cnf: {
|
|
34
|
+
jwk: {
|
|
35
|
+
kty: "RSA",
|
|
36
|
+
use: "sig",
|
|
37
|
+
n: "1Ta-sE",
|
|
38
|
+
e: "AQAB",
|
|
39
|
+
kid: "YhNFS3YnC9tjiCaivhWLVUJ3AxwGGz_98uRFaqMEEs"
|
|
40
|
+
}
|
|
41
|
+
},
|
|
42
|
+
type: "PersonIdentificationData",
|
|
43
|
+
verified_claims: {
|
|
44
|
+
verification: {
|
|
45
|
+
_sd: ["JzYjH4svliH0R3PyEMfeZu6Jt69u5qehZo7F7EPYlSE"],
|
|
46
|
+
trust_framework: "eidas",
|
|
47
|
+
assurance_level: "high"
|
|
48
|
+
},
|
|
49
|
+
claims: {
|
|
50
|
+
_sd: ["09vKrJMOlyTWM0sjpu_pdOBVBQ2M1y3KhpH515nXkpY", "2rsjGbaC0ky8mT0pJrPioWTq0_daw1sX76poUlgCwbI", "EkO8dhW0dHEJbvUHlE_VCeuC9uRELOieLZhh7XbUTtA", "IlDzIKeiZdDwpqpK6ZfbyphFvz5FgnWa-sN6wqQXCiw", "PorFbpKuVu6xymJagvkFsFXAbRoc2JGlAUA2BA4o7cI", "TGf4oLbgwd5JQaHyKVQZU9UdGE0w5rtDsrZzfUaomLo", "jdrTE8YcbY4EifugihiAe_BPekxJQZICeiUQwY9QqxI", "jsu9yVulwQQlhFlM_3JlzMaSFzglhQG0DpfayQwLUK4"]
|
|
51
|
+
}
|
|
52
|
+
},
|
|
53
|
+
_sd_alg: "sha-256"
|
|
54
|
+
}
|
|
55
|
+
};
|
|
56
|
+
|
|
57
|
+
// In the very same order than tokenizedDisclosures
|
|
58
|
+
const disclosures = [["2GLC42sKQveCfGfryNRN9w", "given_name", "John"], ["eluV5Og3gSNII8EYnsxA_A", "family_name", "Doe"], ["6Ij7tM-a5iVPGboS5tmvVA", "email", "johndoe@example.com"], ["eI8ZWm9QnKPpNPeNenHdhQ", "phone_number", "+1-202-555-0101"], ["AJx-095VPrpTtN4QMOqROA", "birthdate", "1940-01-01"], ["Pc33JM2LchcU_lHggv_ufQ", "is_over_18", true], ["G02NSrQfjFXQ7Io09syajA", "is_over_21", true], ["lklxF5jMYlGTPUovMNIvCA", "is_over_65", true], ["Qg_O64zqAxe412a108iroA", "address", {
|
|
59
|
+
street_address: "123 Main St",
|
|
60
|
+
locality: "Anytown",
|
|
61
|
+
region: "Anystate",
|
|
62
|
+
country: "US"
|
|
63
|
+
}]];
|
|
64
|
+
it("Ensures example data correctness", () => {
|
|
65
|
+
expect(JSON.parse((0, _ioReactNativeJwt.decodeBase64)((0, _ioReactNativeJwt.encodeBase64)(JSON.stringify(sdJwt.header))))).toEqual(sdJwt.header);
|
|
66
|
+
expect([signed, ...tokenizedDisclosures].join("~")).toBe(token);
|
|
67
|
+
});
|
|
68
|
+
describe("decode", () => {
|
|
69
|
+
it("should decode a valid token", () => {
|
|
70
|
+
const result = (0, _index.decode)(token, _types.SdJwt4VC);
|
|
71
|
+
expect(result).toEqual({
|
|
72
|
+
sdJwt,
|
|
73
|
+
disclosures: disclosures.map((decoded, i) => ({
|
|
74
|
+
decoded,
|
|
75
|
+
encoded: tokenizedDisclosures[i]
|
|
76
|
+
}))
|
|
77
|
+
});
|
|
78
|
+
});
|
|
79
|
+
});
|
|
80
|
+
describe("disclose", () => {
|
|
81
|
+
it("should encode a valid sdjwt (one claim)", async () => {
|
|
82
|
+
const result = await (0, _index.disclose)(token, ["given_name"]);
|
|
83
|
+
const expected = {
|
|
84
|
+
token: `${signed}~WyIyR0xDNDJzS1F2ZUNmR2ZyeU5STjl3IiwgImdpdmVuX25hbWUiLCAiSm9obiJd`,
|
|
85
|
+
paths: [{
|
|
86
|
+
claim: "given_name",
|
|
87
|
+
path: "verified_claims.claims._sd[7]"
|
|
88
|
+
}]
|
|
89
|
+
};
|
|
90
|
+
expect(result).toEqual(expected);
|
|
91
|
+
});
|
|
92
|
+
it("should encode a valid sdjwt (no claims)", async () => {
|
|
93
|
+
const result = await (0, _index.disclose)(token, []);
|
|
94
|
+
const expected = {
|
|
95
|
+
token: `${signed}`,
|
|
96
|
+
paths: []
|
|
97
|
+
};
|
|
98
|
+
expect(result).toEqual(expected);
|
|
99
|
+
});
|
|
100
|
+
it("should encode a valid sdjwt (multiple claims)", async () => {
|
|
101
|
+
const result = await (0, _index.disclose)(token, ["given_name", "email"]);
|
|
102
|
+
const expected = {
|
|
103
|
+
token: `${signed}~WyIyR0xDNDJzS1F2ZUNmR2ZyeU5STjl3IiwgImdpdmVuX25hbWUiLCAiSm9obiJd~WyI2SWo3dE0tYTVpVlBHYm9TNXRtdlZBIiwgImVtYWlsIiwgImpvaG5kb2VAZXhhbXBsZS5jb20iXQ`,
|
|
104
|
+
paths: [{
|
|
105
|
+
claim: "given_name",
|
|
106
|
+
path: "verified_claims.claims._sd[7]"
|
|
107
|
+
}, {
|
|
108
|
+
claim: "email",
|
|
109
|
+
path: "verified_claims.verification._sd[0]"
|
|
110
|
+
}]
|
|
111
|
+
};
|
|
112
|
+
expect(result).toEqual(expected);
|
|
113
|
+
});
|
|
114
|
+
it("should fail on unknown claim", async () => {
|
|
115
|
+
const fn = async () => (0, _index.disclose)(token, ["unknown"]);
|
|
116
|
+
await expect(fn()).rejects.toEqual(expect.any(Error));
|
|
117
|
+
});
|
|
118
|
+
});
|
|
119
|
+
//# sourceMappingURL=index.test.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["_index","require","_ioReactNativeJwt","_types","token","unsigned","signature","signed","tokenizedDisclosures","sdJwt","header","typ","alg","kid","trust_chain","payload","iss","sub","jti","iat","exp","status","cnf","jwk","kty","use","n","e","type","verified_claims","verification","_sd","trust_framework","assurance_level","claims","_sd_alg","disclosures","street_address","locality","region","country","it","expect","JSON","parse","decodeBase64","encodeBase64","stringify","toEqual","join","toBe","describe","result","decode","SdJwt4VC","map","decoded","i","encoded","disclose","expected","paths","claim","path","fn","rejects","any","Error"],"sourceRoot":"../../../../src","sources":["sd-jwt/__test__/index.test.ts"],"mappings":";;AAAA,IAAAA,MAAA,GAAAC,OAAA;AAEA,IAAAC,iBAAA,GAAAD,OAAA;AACA,IAAAE,MAAA,GAAAF,OAAA;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMG,KAAK,GACT,kvEAAkvE;AAEpvE,MAAMC,QAAQ,GACZ,87CAA87C;AAEh8C,MAAMC,SAAS,GACb,wFAAwF;AAE1F,MAAMC,MAAM,GAAI,GAAEF,QAAS,IAAGC,SAAU,EAAC;AAEzC,MAAME,oBAAoB,GAAG,CAC3B,kEAAkE,EAClE,kEAAkE,EAClE,gFAAgF,EAChF,oFAAoF,EACpF,yEAAyE,EACzE,gEAAgE,EAChE,gEAAgE,EAChE,gEAAgE,EAChE,qLAAqL,CACtL;AAED,MAAMC,KAAK,GAAG;EACZC,MAAM,EAAE;IACNC,GAAG,EAAE,WAAW;IAChBC,GAAG,EAAE,OAAO;IACZC,GAAG,EAAE,kCAAkC;IACvCC,WAAW,EAAE,CACX,kCAAkC,EAClC,kCAAkC,EAClC,kCAAkC;EAEtC,CAAC;EACDC,OAAO,EAAE;IACPC,GAAG,EAAE,4BAA4B;IACjCC,GAAG,EAAE,sCAAsC;IAC3CC,GAAG,EAAE,+CAA+C;IACpDC,GAAG,EAAE,UAAU;IACfC,GAAG,EAAE,UAAU;IACfC,MAAM,EAAE,4BAA4B;IACpCC,GAAG,EAAE;MACHC,GAAG,EAAE;QACHC,GAAG,EAAE,KAAK;QACVC,GAAG,EAAE,KAAK;QACVC,CAAC,EAAE,QAAQ;QACXC,CAAC,EAAE,MAAM;QACTd,GAAG,EAAE;MACP;IACF,CAAC;IACDe,IAAI,EAAE,0BAA0B;IAChCC,eAAe,EAAE;MACfC,YAAY,EAAE;QACZC,GAAG,EAAE,CAAC,6CAA6C,CAAC;QACpDC,eAAe,EAAE,OAAO;QACxBC,eAAe,EAAE;MACnB,CAAC;MACDC,MAAM,EAAE;QACNH,GAAG,EAAE,CACH,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C;MAEjD;IACF,CAAC;IACDI,OAAO,EAAE;EACX;AACF,CAAC;;AAED;AACA,MAAMC,WAAW,GAAG,CAClB,CAAC,wBAAwB,EAAE,YAAY,EAAE,MAAM,CAAC,EAChD,CAAC,wBAAwB,EAAE,aAAa,EAAE,KAAK,CAAC,EAChD,CAAC,wBAAwB,EAAE,OAAO,EAAE,qBAAqB,CAAC,EAC1D,CAAC,wBAAwB,EAAE,cAAc,EAAE,iBAAiB,CAAC,EAC7D,CAAC,wBAAwB,EAAE,WAAW,EAAE,YAAY,CAAC,EACrD,CAAC,wBAAwB,EAAE,YAAY,EAAE,IAAI,CAAC,EAC9C,CAAC,wBAAwB,EAAE,YAAY,EAAE,IAAI,CAAC,EAC9C,CAAC,wBAAwB,EAAE,YAAY,EAAE,IAAI,CAAC,EAC9C,CACE,wBAAwB,EACxB,SAAS,EACT;EACEC,cAAc,EAAE,aAAa;EAC7BC,QAAQ,EAAE,SAAS;EACnBC,MAAM,EAAE,UAAU;EAClBC,OAAO,EAAE;AACX,CAAC,CACF,CACF;AACDC,EAAE,CAAC,kCAAkC,EAAE,MAAM;EAC3CC,MAAM,CACJC,IAAI,CAACC,KAAK,CAAC,IAAAC,8BAAY,EAAC,IAAAC,8BAAY,EAACH,IAAI,CAACI,SAAS,CAACtC,KAAK,CAACC,MAAM,CAAC,CAAC,CAAC,CACrE,CAAC,CAACsC,OAAO,CAACvC,KAAK,CAACC,MAAM,CAAC;EACvBgC,MAAM,CAAC,CAACnC,MAAM,EAAE,GAAGC,oBAAoB,CAAC,CAACyC,IAAI,CAAC,GAAG,CAAC,CAAC,CAACC,IAAI,CAAC9C,KAAK,CAAC;AACjE,CAAC,CAAC;AAEF+C,QAAQ,CAAC,QAAQ,EAAE,MAAM;EACvBV,EAAE,CAAC,6BAA6B,EAAE,MAAM;IACtC,MAAMW,MAAM,GAAG,IAAAC,aAAM,EAACjD,KAAK,EAAEkD,eAAQ,CAAC;IACtCZ,MAAM,CAACU,MAAM,CAAC,CAACJ,OAAO,CAAC;MACrBvC,KAAK;MACL2B,WAAW,EAAEA,WAAW,CAACmB,GAAG,CAAC,CAACC,OAAO,EAAEC,CAAC,MAAM;QAC5CD,OAAO;QACPE,OAAO,EAAElD,oBAAoB,CAACiD,CAAC;MACjC,CAAC,CAAC;IACJ,CAAC,CAAC;EACJ,CAAC,CAAC;AACJ,CAAC,CAAC;AAEFN,QAAQ,CAAC,UAAU,EAAE,MAAM;EACzBV,EAAE,CAAC,yCAAyC,EAAE,YAAY;IACxD,MAAMW,MAAM,GAAG,MAAM,IAAAO,eAAQ,EAACvD,KAAK,EAAE,CAAC,YAAY,CAAC,CAAC;IACpD,MAAMwD,QAAQ,GAAG;MACfxD,KAAK,EAAG,GAAEG,MAAO,mEAAkE;MACnFsD,KAAK,EAAE,CAAC;QAAEC,KAAK,EAAE,YAAY;QAAEC,IAAI,EAAE;MAAgC,CAAC;IACxE,CAAC;IAEDrB,MAAM,CAACU,MAAM,CAAC,CAACJ,OAAO,CAACY,QAAQ,CAAC;EAClC,CAAC,CAAC;EAEFnB,EAAE,CAAC,yCAAyC,EAAE,YAAY;IACxD,MAAMW,MAAM,GAAG,MAAM,IAAAO,eAAQ,EAACvD,KAAK,EAAE,EAAE,CAAC;IACxC,MAAMwD,QAAQ,GAAG;MAAExD,KAAK,EAAG,GAAEG,MAAO,EAAC;MAAEsD,KAAK,EAAE;IAAG,CAAC;IAElDnB,MAAM,CAACU,MAAM,CAAC,CAACJ,OAAO,CAACY,QAAQ,CAAC;EAClC,CAAC,CAAC;EAEFnB,EAAE,CAAC,+CAA+C,EAAE,YAAY;IAC9D,MAAMW,MAAM,GAAG,MAAM,IAAAO,eAAQ,EAACvD,KAAK,EAAE,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;IAC7D,MAAMwD,QAAQ,GAAG;MACfxD,KAAK,EAAG,GAAEG,MAAO,kJAAiJ;MAClKsD,KAAK,EAAE,CACL;QACEC,KAAK,EAAE,YAAY;QACnBC,IAAI,EAAE;MACR,CAAC,EACD;QACED,KAAK,EAAE,OAAO;QACdC,IAAI,EAAE;MACR,CAAC;IAEL,CAAC;IAEDrB,MAAM,CAACU,MAAM,CAAC,CAACJ,OAAO,CAACY,QAAQ,CAAC;EAClC,CAAC,CAAC;EAEFnB,EAAE,CAAC,8BAA8B,EAAE,YAAY;IAC7C,MAAMuB,EAAE,GAAG,MAAAA,CAAA,KAAY,IAAAL,eAAQ,EAACvD,KAAK,EAAE,CAAC,SAAS,CAAC,CAAC;IAEnD,MAAMsC,MAAM,CAACsB,EAAE,CAAC,CAAC,CAAC,CAACC,OAAO,CAACjB,OAAO,CAACN,MAAM,CAACwB,GAAG,CAACC,KAAK,CAAC,CAAC;EACvD,CAAC,CAAC;AACJ,CAAC,CAAC"}
|