@pagopa/io-react-native-wallet 0.2.8 → 0.3.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/commonjs/rp/__test__/index.test.js +145 -0
- package/lib/commonjs/rp/__test__/index.test.js.map +1 -1
- package/lib/commonjs/rp/index.js +33 -41
- package/lib/commonjs/rp/index.js.map +1 -1
- package/lib/commonjs/rp/types.js +11 -9
- package/lib/commonjs/rp/types.js.map +1 -1
- package/lib/commonjs/utils/jwk.js +35 -0
- package/lib/commonjs/utils/jwk.js.map +1 -1
- package/lib/commonjs/wallet-instance-attestation/issuing.js +1 -1
- package/lib/commonjs/wallet-instance-attestation/issuing.js.map +1 -1
- package/lib/commonjs/wallet-instance-attestation/types.js +6 -2
- package/lib/commonjs/wallet-instance-attestation/types.js.map +1 -1
- package/lib/module/rp/__test__/index.test.js +145 -0
- package/lib/module/rp/__test__/index.test.js.map +1 -1
- package/lib/module/rp/index.js +33 -41
- package/lib/module/rp/index.js.map +1 -1
- package/lib/module/rp/types.js +11 -9
- package/lib/module/rp/types.js.map +1 -1
- package/lib/module/utils/jwk.js +34 -0
- package/lib/module/utils/jwk.js.map +1 -1
- package/lib/module/wallet-instance-attestation/issuing.js +2 -2
- package/lib/module/wallet-instance-attestation/issuing.js.map +1 -1
- package/lib/module/wallet-instance-attestation/types.js +6 -2
- package/lib/module/wallet-instance-attestation/types.js.map +1 -1
- package/lib/typescript/rp/index.d.ts +8 -8
- package/lib/typescript/rp/index.d.ts.map +1 -1
- package/lib/typescript/rp/types.d.ts +260 -389
- package/lib/typescript/rp/types.d.ts.map +1 -1
- package/lib/typescript/utils/jwk.d.ts +9 -0
- package/lib/typescript/utils/jwk.d.ts.map +1 -1
- package/lib/typescript/wallet-instance-attestation/issuing.d.ts.map +1 -1
- package/lib/typescript/wallet-instance-attestation/types.d.ts +40 -4
- package/lib/typescript/wallet-instance-attestation/types.d.ts.map +1 -1
- package/package.json +2 -2
- package/src/rp/__test__/index.test.ts +222 -0
- package/src/rp/index.ts +44 -54
- package/src/rp/types.ts +8 -7
- package/src/utils/jwk.ts +21 -0
- package/src/wallet-instance-attestation/issuing.ts +3 -2
- package/src/wallet-instance-attestation/types.ts +6 -2
package/src/rp/types.ts
CHANGED
|
@@ -5,7 +5,8 @@ import * as z from "zod";
|
|
|
5
5
|
export type RequestObject = z.infer<typeof RequestObject>;
|
|
6
6
|
export const RequestObject = z.object({
|
|
7
7
|
header: z.object({
|
|
8
|
-
|
|
8
|
+
// FIXME: SIW-421 type field must be either required or omitted, optional isn't useful
|
|
9
|
+
typ: z.literal("JWT").optional(),
|
|
9
10
|
alg: z.string(),
|
|
10
11
|
kid: z.string(),
|
|
11
12
|
trust_chain: z.array(z.string()),
|
|
@@ -46,18 +47,18 @@ export const RpEntityConfiguration = z.object({
|
|
|
46
47
|
application_type: z.string(),
|
|
47
48
|
client_id: z.string(),
|
|
48
49
|
client_name: z.string(),
|
|
49
|
-
jwks: z.
|
|
50
|
-
keys: z.array(JWK),
|
|
51
|
-
}),
|
|
50
|
+
jwks: z.array(JWK),
|
|
52
51
|
contacts: z.array(z.string()),
|
|
53
52
|
}),
|
|
54
|
-
|
|
53
|
+
// FIXME: SIW-422 require federation_metadata field
|
|
54
|
+
// Actual RP implementation does not comply with the spec
|
|
55
|
+
/* federation_entity: z.object({
|
|
55
56
|
organization_name: z.string(),
|
|
56
57
|
homepage_uri: z.string(),
|
|
57
58
|
policy_uri: z.string(),
|
|
58
59
|
logo_uri: z.string(),
|
|
59
60
|
contacts: z.array(z.string()),
|
|
60
|
-
}),
|
|
61
|
+
}), */
|
|
61
62
|
}),
|
|
62
63
|
authority_hints: z.array(z.string()),
|
|
63
64
|
}),
|
|
@@ -65,7 +66,7 @@ export const RpEntityConfiguration = z.object({
|
|
|
65
66
|
|
|
66
67
|
export type QRCodePayload = z.infer<typeof QRCodePayload>;
|
|
67
68
|
export const QRCodePayload = z.object({
|
|
68
|
-
protocol: z.
|
|
69
|
+
protocol: z.string(),
|
|
69
70
|
resource: z.string(), // TODO: refine to known paths using literals
|
|
70
71
|
clientId: z.string(),
|
|
71
72
|
requestURI: z.string(),
|
package/src/utils/jwk.ts
CHANGED
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
import { removePadding } from "@pagopa/io-react-native-jwt";
|
|
1
2
|
import { z } from "zod";
|
|
2
3
|
|
|
3
4
|
export type JWK = z.infer<typeof JWK>;
|
|
@@ -37,3 +38,23 @@ export const JWK = z.object({
|
|
|
37
38
|
/** JWK "x5u" (X.509 URL) Parameter. */
|
|
38
39
|
x5u: z.string().optional(),
|
|
39
40
|
});
|
|
41
|
+
|
|
42
|
+
/**
|
|
43
|
+
* Ensure key values are encoded using base64url and not just base64, as defined in https://datatracker.ietf.org/doc/html/rfc7517
|
|
44
|
+
*
|
|
45
|
+
* @see https://datatracker.ietf.org/doc/html/rfc7517
|
|
46
|
+
*
|
|
47
|
+
* @param key The key to fix
|
|
48
|
+
* @returns THe same input key with fixed values
|
|
49
|
+
*/
|
|
50
|
+
export function fixBase64EncodingOnKey(key: JWK): JWK {
|
|
51
|
+
const { x, y, e, n, ...pk } = key;
|
|
52
|
+
|
|
53
|
+
return {
|
|
54
|
+
...pk,
|
|
55
|
+
...(x ? { x: removePadding(x) } : {}),
|
|
56
|
+
...(y ? { y: removePadding(y) } : {}),
|
|
57
|
+
...(e ? { e: removePadding(e) } : {}),
|
|
58
|
+
...(n ? { n: removePadding(n) } : {}),
|
|
59
|
+
};
|
|
60
|
+
}
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import { decode as decodeJwt } from "@pagopa/io-react-native-jwt";
|
|
2
2
|
import { verify as verifyJwt } from "@pagopa/io-react-native-jwt";
|
|
3
3
|
import { SignJWT, thumbprint } from "@pagopa/io-react-native-jwt";
|
|
4
|
-
import { JWK } from "../utils/jwk";
|
|
4
|
+
import { JWK, fixBase64EncodingOnKey } from "../utils/jwk";
|
|
5
5
|
import { WalletInstanceAttestationRequestJwt } from "./types";
|
|
6
6
|
import uuid from "react-native-uuid";
|
|
7
7
|
import { WalletInstanceAttestationIssuingError } from "../utils/errors";
|
|
@@ -38,7 +38,7 @@ export class Issuing {
|
|
|
38
38
|
jti: `${uuid.v4()}`,
|
|
39
39
|
type: "WalletInstanceAttestationRequest",
|
|
40
40
|
cnf: {
|
|
41
|
-
jwk: publicKey,
|
|
41
|
+
jwk: fixBase64EncodingOnKey(publicKey),
|
|
42
42
|
},
|
|
43
43
|
})
|
|
44
44
|
.setProtectedHeader({
|
|
@@ -74,6 +74,7 @@ export class Issuing {
|
|
|
74
74
|
attestationRequest,
|
|
75
75
|
signature
|
|
76
76
|
);
|
|
77
|
+
|
|
77
78
|
const decodedRequest = decodeJwt(signedAttestationRequest);
|
|
78
79
|
const parsedRequest = WalletInstanceAttestationRequestJwt.parse({
|
|
79
80
|
payload: decodedRequest.payload,
|
|
@@ -18,7 +18,11 @@ const Jwt = z.object({
|
|
|
18
18
|
iat: UnixTime,
|
|
19
19
|
exp: UnixTime,
|
|
20
20
|
cnf: z.object({
|
|
21
|
-
jwk:
|
|
21
|
+
jwk: z.intersection(
|
|
22
|
+
JWK,
|
|
23
|
+
// this key requires a kis because it must be referenced for DPoP
|
|
24
|
+
z.object({ kid: z.string() })
|
|
25
|
+
),
|
|
22
26
|
}),
|
|
23
27
|
}),
|
|
24
28
|
});
|
|
@@ -60,7 +64,7 @@ export const WalletInstanceAttestationJwt = z.object({
|
|
|
60
64
|
tos_uri: z.string().url(),
|
|
61
65
|
logo_uri: z.string().url(),
|
|
62
66
|
asc: z.string(),
|
|
63
|
-
authorization_endpoint: z.string()
|
|
67
|
+
authorization_endpoint: z.string(),
|
|
64
68
|
response_types_supported: z.array(z.string()),
|
|
65
69
|
vp_formats_supported: z.object({
|
|
66
70
|
jwt_vp_json: z.object({
|