@pagopa/io-react-native-wallet 0.2.8 → 0.3.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (40) hide show
  1. package/lib/commonjs/rp/__test__/index.test.js +145 -0
  2. package/lib/commonjs/rp/__test__/index.test.js.map +1 -1
  3. package/lib/commonjs/rp/index.js +33 -41
  4. package/lib/commonjs/rp/index.js.map +1 -1
  5. package/lib/commonjs/rp/types.js +11 -9
  6. package/lib/commonjs/rp/types.js.map +1 -1
  7. package/lib/commonjs/utils/jwk.js +35 -0
  8. package/lib/commonjs/utils/jwk.js.map +1 -1
  9. package/lib/commonjs/wallet-instance-attestation/issuing.js +1 -1
  10. package/lib/commonjs/wallet-instance-attestation/issuing.js.map +1 -1
  11. package/lib/commonjs/wallet-instance-attestation/types.js +6 -2
  12. package/lib/commonjs/wallet-instance-attestation/types.js.map +1 -1
  13. package/lib/module/rp/__test__/index.test.js +145 -0
  14. package/lib/module/rp/__test__/index.test.js.map +1 -1
  15. package/lib/module/rp/index.js +33 -41
  16. package/lib/module/rp/index.js.map +1 -1
  17. package/lib/module/rp/types.js +11 -9
  18. package/lib/module/rp/types.js.map +1 -1
  19. package/lib/module/utils/jwk.js +34 -0
  20. package/lib/module/utils/jwk.js.map +1 -1
  21. package/lib/module/wallet-instance-attestation/issuing.js +2 -2
  22. package/lib/module/wallet-instance-attestation/issuing.js.map +1 -1
  23. package/lib/module/wallet-instance-attestation/types.js +6 -2
  24. package/lib/module/wallet-instance-attestation/types.js.map +1 -1
  25. package/lib/typescript/rp/index.d.ts +8 -8
  26. package/lib/typescript/rp/index.d.ts.map +1 -1
  27. package/lib/typescript/rp/types.d.ts +260 -389
  28. package/lib/typescript/rp/types.d.ts.map +1 -1
  29. package/lib/typescript/utils/jwk.d.ts +9 -0
  30. package/lib/typescript/utils/jwk.d.ts.map +1 -1
  31. package/lib/typescript/wallet-instance-attestation/issuing.d.ts.map +1 -1
  32. package/lib/typescript/wallet-instance-attestation/types.d.ts +40 -4
  33. package/lib/typescript/wallet-instance-attestation/types.d.ts.map +1 -1
  34. package/package.json +2 -2
  35. package/src/rp/__test__/index.test.ts +222 -0
  36. package/src/rp/index.ts +44 -54
  37. package/src/rp/types.ts +8 -7
  38. package/src/utils/jwk.ts +21 -0
  39. package/src/wallet-instance-attestation/issuing.ts +3 -2
  40. package/src/wallet-instance-attestation/types.ts +6 -2
package/src/rp/types.ts CHANGED
@@ -5,7 +5,8 @@ import * as z from "zod";
5
5
  export type RequestObject = z.infer<typeof RequestObject>;
6
6
  export const RequestObject = z.object({
7
7
  header: z.object({
8
- typ: z.literal("JWT"),
8
+ // FIXME: SIW-421 type field must be either required or omitted, optional isn't useful
9
+ typ: z.literal("JWT").optional(),
9
10
  alg: z.string(),
10
11
  kid: z.string(),
11
12
  trust_chain: z.array(z.string()),
@@ -46,18 +47,18 @@ export const RpEntityConfiguration = z.object({
46
47
  application_type: z.string(),
47
48
  client_id: z.string(),
48
49
  client_name: z.string(),
49
- jwks: z.object({
50
- keys: z.array(JWK),
51
- }),
50
+ jwks: z.array(JWK),
52
51
  contacts: z.array(z.string()),
53
52
  }),
54
- federation_entity: z.object({
53
+ // FIXME: SIW-422 require federation_metadata field
54
+ // Actual RP implementation does not comply with the spec
55
+ /* federation_entity: z.object({
55
56
  organization_name: z.string(),
56
57
  homepage_uri: z.string(),
57
58
  policy_uri: z.string(),
58
59
  logo_uri: z.string(),
59
60
  contacts: z.array(z.string()),
60
- }),
61
+ }), */
61
62
  }),
62
63
  authority_hints: z.array(z.string()),
63
64
  }),
@@ -65,7 +66,7 @@ export const RpEntityConfiguration = z.object({
65
66
 
66
67
  export type QRCodePayload = z.infer<typeof QRCodePayload>;
67
68
  export const QRCodePayload = z.object({
68
- protocol: z.literal("eudiw:"),
69
+ protocol: z.string(),
69
70
  resource: z.string(), // TODO: refine to known paths using literals
70
71
  clientId: z.string(),
71
72
  requestURI: z.string(),
package/src/utils/jwk.ts CHANGED
@@ -1,3 +1,4 @@
1
+ import { removePadding } from "@pagopa/io-react-native-jwt";
1
2
  import { z } from "zod";
2
3
 
3
4
  export type JWK = z.infer<typeof JWK>;
@@ -37,3 +38,23 @@ export const JWK = z.object({
37
38
  /** JWK "x5u" (X.509 URL) Parameter. */
38
39
  x5u: z.string().optional(),
39
40
  });
41
+
42
+ /**
43
+ * Ensure key values are encoded using base64url and not just base64, as defined in https://datatracker.ietf.org/doc/html/rfc7517
44
+ *
45
+ * @see https://datatracker.ietf.org/doc/html/rfc7517
46
+ *
47
+ * @param key The key to fix
48
+ * @returns THe same input key with fixed values
49
+ */
50
+ export function fixBase64EncodingOnKey(key: JWK): JWK {
51
+ const { x, y, e, n, ...pk } = key;
52
+
53
+ return {
54
+ ...pk,
55
+ ...(x ? { x: removePadding(x) } : {}),
56
+ ...(y ? { y: removePadding(y) } : {}),
57
+ ...(e ? { e: removePadding(e) } : {}),
58
+ ...(n ? { n: removePadding(n) } : {}),
59
+ };
60
+ }
@@ -1,7 +1,7 @@
1
1
  import { decode as decodeJwt } from "@pagopa/io-react-native-jwt";
2
2
  import { verify as verifyJwt } from "@pagopa/io-react-native-jwt";
3
3
  import { SignJWT, thumbprint } from "@pagopa/io-react-native-jwt";
4
- import { JWK } from "../utils/jwk";
4
+ import { JWK, fixBase64EncodingOnKey } from "../utils/jwk";
5
5
  import { WalletInstanceAttestationRequestJwt } from "./types";
6
6
  import uuid from "react-native-uuid";
7
7
  import { WalletInstanceAttestationIssuingError } from "../utils/errors";
@@ -38,7 +38,7 @@ export class Issuing {
38
38
  jti: `${uuid.v4()}`,
39
39
  type: "WalletInstanceAttestationRequest",
40
40
  cnf: {
41
- jwk: publicKey,
41
+ jwk: fixBase64EncodingOnKey(publicKey),
42
42
  },
43
43
  })
44
44
  .setProtectedHeader({
@@ -74,6 +74,7 @@ export class Issuing {
74
74
  attestationRequest,
75
75
  signature
76
76
  );
77
+
77
78
  const decodedRequest = decodeJwt(signedAttestationRequest);
78
79
  const parsedRequest = WalletInstanceAttestationRequestJwt.parse({
79
80
  payload: decodedRequest.payload,
@@ -18,7 +18,11 @@ const Jwt = z.object({
18
18
  iat: UnixTime,
19
19
  exp: UnixTime,
20
20
  cnf: z.object({
21
- jwk: JWK,
21
+ jwk: z.intersection(
22
+ JWK,
23
+ // this key requires a kis because it must be referenced for DPoP
24
+ z.object({ kid: z.string() })
25
+ ),
22
26
  }),
23
27
  }),
24
28
  });
@@ -60,7 +64,7 @@ export const WalletInstanceAttestationJwt = z.object({
60
64
  tos_uri: z.string().url(),
61
65
  logo_uri: z.string().url(),
62
66
  asc: z.string(),
63
- authorization_endpoint: z.string().url(),
67
+ authorization_endpoint: z.string(),
64
68
  response_types_supported: z.array(z.string()),
65
69
  vp_formats_supported: z.object({
66
70
  jwt_vp_json: z.object({