@pagopa/io-react-native-wallet 0.2.8 → 0.3.1
Sign up to get free protection for your applications and to get access to all the features.
- package/lib/commonjs/rp/__test__/index.test.js +145 -0
- package/lib/commonjs/rp/__test__/index.test.js.map +1 -1
- package/lib/commonjs/rp/index.js +33 -41
- package/lib/commonjs/rp/index.js.map +1 -1
- package/lib/commonjs/rp/types.js +11 -9
- package/lib/commonjs/rp/types.js.map +1 -1
- package/lib/commonjs/utils/jwk.js +35 -0
- package/lib/commonjs/utils/jwk.js.map +1 -1
- package/lib/commonjs/wallet-instance-attestation/issuing.js +1 -1
- package/lib/commonjs/wallet-instance-attestation/issuing.js.map +1 -1
- package/lib/commonjs/wallet-instance-attestation/types.js +6 -2
- package/lib/commonjs/wallet-instance-attestation/types.js.map +1 -1
- package/lib/module/rp/__test__/index.test.js +145 -0
- package/lib/module/rp/__test__/index.test.js.map +1 -1
- package/lib/module/rp/index.js +33 -41
- package/lib/module/rp/index.js.map +1 -1
- package/lib/module/rp/types.js +11 -9
- package/lib/module/rp/types.js.map +1 -1
- package/lib/module/utils/jwk.js +34 -0
- package/lib/module/utils/jwk.js.map +1 -1
- package/lib/module/wallet-instance-attestation/issuing.js +2 -2
- package/lib/module/wallet-instance-attestation/issuing.js.map +1 -1
- package/lib/module/wallet-instance-attestation/types.js +6 -2
- package/lib/module/wallet-instance-attestation/types.js.map +1 -1
- package/lib/typescript/rp/index.d.ts +8 -8
- package/lib/typescript/rp/index.d.ts.map +1 -1
- package/lib/typescript/rp/types.d.ts +260 -389
- package/lib/typescript/rp/types.d.ts.map +1 -1
- package/lib/typescript/utils/jwk.d.ts +9 -0
- package/lib/typescript/utils/jwk.d.ts.map +1 -1
- package/lib/typescript/wallet-instance-attestation/issuing.d.ts.map +1 -1
- package/lib/typescript/wallet-instance-attestation/types.d.ts +40 -4
- package/lib/typescript/wallet-instance-attestation/types.d.ts.map +1 -1
- package/package.json +2 -2
- package/src/rp/__test__/index.test.ts +222 -0
- package/src/rp/index.ts +44 -54
- package/src/rp/types.ts +8 -7
- package/src/utils/jwk.ts +21 -0
- package/src/wallet-instance-attestation/issuing.ts +3 -2
- package/src/wallet-instance-attestation/types.ts +6 -2
package/src/rp/types.ts
CHANGED
|
@@ -5,7 +5,8 @@ import * as z from "zod";
|
|
|
5
5
|
export type RequestObject = z.infer<typeof RequestObject>;
|
|
6
6
|
export const RequestObject = z.object({
|
|
7
7
|
header: z.object({
|
|
8
|
-
|
|
8
|
+
// FIXME: SIW-421 type field must be either required or omitted, optional isn't useful
|
|
9
|
+
typ: z.literal("JWT").optional(),
|
|
9
10
|
alg: z.string(),
|
|
10
11
|
kid: z.string(),
|
|
11
12
|
trust_chain: z.array(z.string()),
|
|
@@ -46,18 +47,18 @@ export const RpEntityConfiguration = z.object({
|
|
|
46
47
|
application_type: z.string(),
|
|
47
48
|
client_id: z.string(),
|
|
48
49
|
client_name: z.string(),
|
|
49
|
-
jwks: z.
|
|
50
|
-
keys: z.array(JWK),
|
|
51
|
-
}),
|
|
50
|
+
jwks: z.array(JWK),
|
|
52
51
|
contacts: z.array(z.string()),
|
|
53
52
|
}),
|
|
54
|
-
|
|
53
|
+
// FIXME: SIW-422 require federation_metadata field
|
|
54
|
+
// Actual RP implementation does not comply with the spec
|
|
55
|
+
/* federation_entity: z.object({
|
|
55
56
|
organization_name: z.string(),
|
|
56
57
|
homepage_uri: z.string(),
|
|
57
58
|
policy_uri: z.string(),
|
|
58
59
|
logo_uri: z.string(),
|
|
59
60
|
contacts: z.array(z.string()),
|
|
60
|
-
}),
|
|
61
|
+
}), */
|
|
61
62
|
}),
|
|
62
63
|
authority_hints: z.array(z.string()),
|
|
63
64
|
}),
|
|
@@ -65,7 +66,7 @@ export const RpEntityConfiguration = z.object({
|
|
|
65
66
|
|
|
66
67
|
export type QRCodePayload = z.infer<typeof QRCodePayload>;
|
|
67
68
|
export const QRCodePayload = z.object({
|
|
68
|
-
protocol: z.
|
|
69
|
+
protocol: z.string(),
|
|
69
70
|
resource: z.string(), // TODO: refine to known paths using literals
|
|
70
71
|
clientId: z.string(),
|
|
71
72
|
requestURI: z.string(),
|
package/src/utils/jwk.ts
CHANGED
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
import { removePadding } from "@pagopa/io-react-native-jwt";
|
|
1
2
|
import { z } from "zod";
|
|
2
3
|
|
|
3
4
|
export type JWK = z.infer<typeof JWK>;
|
|
@@ -37,3 +38,23 @@ export const JWK = z.object({
|
|
|
37
38
|
/** JWK "x5u" (X.509 URL) Parameter. */
|
|
38
39
|
x5u: z.string().optional(),
|
|
39
40
|
});
|
|
41
|
+
|
|
42
|
+
/**
|
|
43
|
+
* Ensure key values are encoded using base64url and not just base64, as defined in https://datatracker.ietf.org/doc/html/rfc7517
|
|
44
|
+
*
|
|
45
|
+
* @see https://datatracker.ietf.org/doc/html/rfc7517
|
|
46
|
+
*
|
|
47
|
+
* @param key The key to fix
|
|
48
|
+
* @returns THe same input key with fixed values
|
|
49
|
+
*/
|
|
50
|
+
export function fixBase64EncodingOnKey(key: JWK): JWK {
|
|
51
|
+
const { x, y, e, n, ...pk } = key;
|
|
52
|
+
|
|
53
|
+
return {
|
|
54
|
+
...pk,
|
|
55
|
+
...(x ? { x: removePadding(x) } : {}),
|
|
56
|
+
...(y ? { y: removePadding(y) } : {}),
|
|
57
|
+
...(e ? { e: removePadding(e) } : {}),
|
|
58
|
+
...(n ? { n: removePadding(n) } : {}),
|
|
59
|
+
};
|
|
60
|
+
}
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import { decode as decodeJwt } from "@pagopa/io-react-native-jwt";
|
|
2
2
|
import { verify as verifyJwt } from "@pagopa/io-react-native-jwt";
|
|
3
3
|
import { SignJWT, thumbprint } from "@pagopa/io-react-native-jwt";
|
|
4
|
-
import { JWK } from "../utils/jwk";
|
|
4
|
+
import { JWK, fixBase64EncodingOnKey } from "../utils/jwk";
|
|
5
5
|
import { WalletInstanceAttestationRequestJwt } from "./types";
|
|
6
6
|
import uuid from "react-native-uuid";
|
|
7
7
|
import { WalletInstanceAttestationIssuingError } from "../utils/errors";
|
|
@@ -38,7 +38,7 @@ export class Issuing {
|
|
|
38
38
|
jti: `${uuid.v4()}`,
|
|
39
39
|
type: "WalletInstanceAttestationRequest",
|
|
40
40
|
cnf: {
|
|
41
|
-
jwk: publicKey,
|
|
41
|
+
jwk: fixBase64EncodingOnKey(publicKey),
|
|
42
42
|
},
|
|
43
43
|
})
|
|
44
44
|
.setProtectedHeader({
|
|
@@ -74,6 +74,7 @@ export class Issuing {
|
|
|
74
74
|
attestationRequest,
|
|
75
75
|
signature
|
|
76
76
|
);
|
|
77
|
+
|
|
77
78
|
const decodedRequest = decodeJwt(signedAttestationRequest);
|
|
78
79
|
const parsedRequest = WalletInstanceAttestationRequestJwt.parse({
|
|
79
80
|
payload: decodedRequest.payload,
|
|
@@ -18,7 +18,11 @@ const Jwt = z.object({
|
|
|
18
18
|
iat: UnixTime,
|
|
19
19
|
exp: UnixTime,
|
|
20
20
|
cnf: z.object({
|
|
21
|
-
jwk:
|
|
21
|
+
jwk: z.intersection(
|
|
22
|
+
JWK,
|
|
23
|
+
// this key requires a kis because it must be referenced for DPoP
|
|
24
|
+
z.object({ kid: z.string() })
|
|
25
|
+
),
|
|
22
26
|
}),
|
|
23
27
|
}),
|
|
24
28
|
});
|
|
@@ -60,7 +64,7 @@ export const WalletInstanceAttestationJwt = z.object({
|
|
|
60
64
|
tos_uri: z.string().url(),
|
|
61
65
|
logo_uri: z.string().url(),
|
|
62
66
|
asc: z.string(),
|
|
63
|
-
authorization_endpoint: z.string()
|
|
67
|
+
authorization_endpoint: z.string(),
|
|
64
68
|
response_types_supported: z.array(z.string()),
|
|
65
69
|
vp_formats_supported: z.object({
|
|
66
70
|
jwt_vp_json: z.object({
|