@pagopa/io-react-native-wallet 0.3.0 → 0.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +57 -24
- package/lib/commonjs/index.js +13 -0
- package/lib/commonjs/index.js.map +1 -1
- package/lib/commonjs/rp/__test__/index.test.js +8 -1
- package/lib/commonjs/rp/__test__/index.test.js.map +1 -1
- package/lib/commonjs/rp/index.js +5 -14
- package/lib/commonjs/rp/index.js.map +1 -1
- package/lib/commonjs/rp/types.js +7 -27
- package/lib/commonjs/rp/types.js.map +1 -1
- package/lib/commonjs/trust/chain.js +94 -0
- package/lib/commonjs/trust/chain.js.map +1 -0
- package/lib/commonjs/trust/index.js +44 -0
- package/lib/commonjs/trust/index.js.map +1 -0
- package/lib/commonjs/trust/types.js +64 -0
- package/lib/commonjs/trust/types.js.map +1 -0
- package/lib/commonjs/wallet-instance-attestation/issuing.js +4 -4
- package/lib/commonjs/wallet-instance-attestation/issuing.js.map +1 -1
- package/lib/commonjs/wallet-instance-attestation/types.js +6 -9
- package/lib/commonjs/wallet-instance-attestation/types.js.map +1 -1
- package/lib/module/index.js +2 -1
- package/lib/module/index.js.map +1 -1
- package/lib/module/rp/__test__/index.test.js +8 -1
- package/lib/module/rp/__test__/index.test.js.map +1 -1
- package/lib/module/rp/index.js +5 -14
- package/lib/module/rp/index.js.map +1 -1
- package/lib/module/rp/types.js +7 -27
- package/lib/module/rp/types.js.map +1 -1
- package/lib/module/trust/chain.js +86 -0
- package/lib/module/trust/chain.js.map +1 -0
- package/lib/module/trust/index.js +34 -0
- package/lib/module/trust/index.js.map +1 -0
- package/lib/module/trust/types.js +52 -0
- package/lib/module/trust/types.js.map +1 -0
- package/lib/module/wallet-instance-attestation/issuing.js +4 -4
- package/lib/module/wallet-instance-attestation/issuing.js.map +1 -1
- package/lib/module/wallet-instance-attestation/types.js +6 -9
- package/lib/module/wallet-instance-attestation/types.js.map +1 -1
- package/lib/typescript/index.d.ts +2 -1
- package/lib/typescript/index.d.ts.map +1 -1
- package/lib/typescript/rp/index.d.ts.map +1 -1
- package/lib/typescript/rp/types.d.ts +232 -145
- package/lib/typescript/rp/types.d.ts.map +1 -1
- package/lib/typescript/trust/chain.d.ts +17 -0
- package/lib/typescript/trust/chain.d.ts.map +1 -0
- package/lib/typescript/trust/index.d.ts +16 -0
- package/lib/typescript/trust/index.d.ts.map +1 -0
- package/lib/typescript/trust/types.d.ts +1041 -0
- package/lib/typescript/trust/types.d.ts.map +1 -0
- package/lib/typescript/wallet-instance-attestation/types.d.ts +30 -50
- package/lib/typescript/wallet-instance-attestation/types.d.ts.map +1 -1
- package/package.json +1 -1
- package/src/index.ts +3 -0
- package/src/rp/__test__/index.test.ts +8 -1
- package/src/rp/index.ts +5 -20
- package/src/rp/types.ts +17 -34
- package/src/trust/chain.ts +109 -0
- package/src/trust/index.ts +43 -0
- package/src/trust/types.ts +56 -0
- package/src/wallet-instance-attestation/issuing.ts +4 -4
- package/src/wallet-instance-attestation/types.ts +6 -9
package/README.md
CHANGED
|
@@ -27,7 +27,6 @@ PID.SdJwt.decode("<token>");
|
|
|
27
27
|
|
|
28
28
|
//Decode and verification
|
|
29
29
|
PID.SdJwt.verify("<token>");
|
|
30
|
-
|
|
31
30
|
```
|
|
32
31
|
|
|
33
32
|
### Wallet Instance Attestation
|
|
@@ -37,32 +36,26 @@ PID.SdJwt.verify("<token>");
|
|
|
37
36
|
```ts
|
|
38
37
|
import { WalletInstanceAttestation } from "@pagopa/io-react-native-wallet";
|
|
39
38
|
|
|
40
|
-
const issuing = new WalletInstanceAttestation.Issuing(
|
|
41
|
-
yourWalletProviderUrl
|
|
42
|
-
);
|
|
39
|
+
const issuing = new WalletInstanceAttestation.Issuing(yourWalletProviderUrl);
|
|
43
40
|
|
|
44
41
|
// Generate keys
|
|
45
42
|
const publicKey = await yourCustomPublicKey("TEE_KEY_TAG");
|
|
46
43
|
|
|
47
44
|
const walletInstanceAttestationRequest =
|
|
48
|
-
await issuing.getAttestationRequestToSign(
|
|
49
|
-
publicKey
|
|
50
|
-
);
|
|
45
|
+
await issuing.getAttestationRequestToSign(publicKey);
|
|
51
46
|
|
|
52
47
|
//Sign with TEE
|
|
53
48
|
const signature = await yourCustomSignatureFunction(
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
);
|
|
57
|
-
|
|
58
|
-
const walletInstanceAttestation =
|
|
59
|
-
await issuing.getAttestation(
|
|
60
|
-
walletInstanceAttestationRequest,
|
|
61
|
-
signature
|
|
49
|
+
walletInstanceAttestationRequest,
|
|
50
|
+
"TEE_KEY_TAG"
|
|
62
51
|
);
|
|
63
52
|
|
|
64
|
-
|
|
53
|
+
const walletInstanceAttestation = await issuing.getAttestation(
|
|
54
|
+
walletInstanceAttestationRequest,
|
|
55
|
+
signature
|
|
56
|
+
);
|
|
65
57
|
|
|
58
|
+
console.log(walletInstanceAttestation);
|
|
66
59
|
```
|
|
67
60
|
|
|
68
61
|
#### Encode and Decode
|
|
@@ -75,17 +68,57 @@ WalletInstanceAttestation.decode("<token>");
|
|
|
75
68
|
|
|
76
69
|
## Example
|
|
77
70
|
|
|
78
|
-
|
|
71
|
+
### NodeJS and Ruby
|
|
79
72
|
|
|
80
|
-
|
|
81
|
-
|
|
73
|
+
To run the example project you need to install the correct version of NodeJS and Ruby.
|
|
74
|
+
We recommend the use of a virtual environment of your choice. For ease of use, this guide adopts [nodenv](https://github.com/nodenv/nodenv) or [nvm](https://github.com/nvm-sh/nvm) for NodeJS and [rbenv](https://github.com/rbenv/rbenv) for Ruby.
|
|
75
|
+
[Yarn](https://yarnpkg.com/) is the package manager of choice.
|
|
76
|
+
|
|
77
|
+
The node version used in this project is stored in [example/.node-version](example/.node-version) and [example/.nvmrc],
|
|
78
|
+
while the version of Ruby is stored in [example/.ruby-version](.ruby-version).
|
|
79
|
+
|
|
80
|
+
### React Native
|
|
81
|
+
|
|
82
|
+
Follow the [official tutorial](https://reactnative.dev/docs/environment-setup?guide=native) for installing the `React Native CLI` for your operating system.
|
|
83
|
+
|
|
84
|
+
If you have a macOS system, you can follow both the tutorial for iOS and for Android. If you have a Linux or Windows system, you only need to install the development environment for Android.
|
|
85
|
+
|
|
86
|
+
### Build the app
|
|
87
|
+
|
|
88
|
+
In order to build the app,
|
|
89
|
+
As stated [previously](#nodejs-and-ruby), we also use `nodenv` and `rbenv` for managing the environment:
|
|
90
|
+
|
|
91
|
+
```bash
|
|
92
|
+
# Clone the repository
|
|
93
|
+
$ git clone https://github.com/pagopa/io-react-native-wallet
|
|
94
|
+
|
|
95
|
+
# CD into the repository
|
|
96
|
+
$ cd io-react-native-wallet
|
|
97
|
+
|
|
98
|
+
# Install library dependencies
|
|
99
|
+
$ yarn install
|
|
100
|
+
|
|
101
|
+
# CD into the example folder
|
|
102
|
+
$ cd example
|
|
103
|
+
|
|
104
|
+
# Install bundle
|
|
105
|
+
$ gem install bundle
|
|
106
|
+
|
|
107
|
+
# Install the required Gems from the Gemfile
|
|
108
|
+
# Run this only during the first setup and when Gems dependencies change
|
|
109
|
+
$ bundle install
|
|
82
110
|
|
|
83
|
-
|
|
111
|
+
# Install example dependencies
|
|
112
|
+
# Run this only during the first setup and when JS dependencies change
|
|
113
|
+
$ yarn install
|
|
84
114
|
|
|
85
|
-
#
|
|
86
|
-
|
|
115
|
+
# Install podfiles when targeting iOS (ignore this step for Android)
|
|
116
|
+
# Run this only during the first setup and when Pods dependencies change
|
|
117
|
+
$ cd ios && bundle exec pod install && cd ..
|
|
87
118
|
|
|
88
|
-
#
|
|
89
|
-
yarn
|
|
119
|
+
# Run the app on iOS
|
|
120
|
+
$ yarn ios
|
|
90
121
|
|
|
122
|
+
# Run the app on Android
|
|
123
|
+
$ yarn android
|
|
91
124
|
```
|
package/lib/commonjs/index.js
CHANGED
|
@@ -11,12 +11,24 @@ Object.defineProperty(exports, "RelyingPartySolution", {
|
|
|
11
11
|
}
|
|
12
12
|
});
|
|
13
13
|
exports.WalletInstanceAttestation = void 0;
|
|
14
|
+
Object.defineProperty(exports, "getEntityConfiguration", {
|
|
15
|
+
enumerable: true,
|
|
16
|
+
get: function () {
|
|
17
|
+
return _trust.getEntityConfiguration;
|
|
18
|
+
}
|
|
19
|
+
});
|
|
14
20
|
Object.defineProperty(exports, "getUnsignedDPop", {
|
|
15
21
|
enumerable: true,
|
|
16
22
|
get: function () {
|
|
17
23
|
return _dpop.getUnsignedDPop;
|
|
18
24
|
}
|
|
19
25
|
});
|
|
26
|
+
Object.defineProperty(exports, "verifyTrustChain", {
|
|
27
|
+
enumerable: true,
|
|
28
|
+
get: function () {
|
|
29
|
+
return _trust.verifyTrustChain;
|
|
30
|
+
}
|
|
31
|
+
});
|
|
20
32
|
require("react-native-url-polyfill/auto");
|
|
21
33
|
var PID = _interopRequireWildcard(require("./pid"));
|
|
22
34
|
exports.PID = PID;
|
|
@@ -27,6 +39,7 @@ exports.Errors = Errors;
|
|
|
27
39
|
var WalletInstanceAttestation = _interopRequireWildcard(require("./wallet-instance-attestation"));
|
|
28
40
|
exports.WalletInstanceAttestation = WalletInstanceAttestation;
|
|
29
41
|
var _dpop = require("./utils/dpop");
|
|
42
|
+
var _trust = require("./trust");
|
|
30
43
|
function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
|
|
31
44
|
function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
|
|
32
45
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["require","PID","_interopRequireWildcard","exports","RP","Errors","WalletInstanceAttestation","_dpop","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set"],"sourceRoot":"../../src","sources":["index.ts"],"mappings":"
|
|
1
|
+
{"version":3,"names":["require","PID","_interopRequireWildcard","exports","RP","Errors","WalletInstanceAttestation","_dpop","_trust","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set"],"sourceRoot":"../../src","sources":["index.ts"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEAA,OAAA;AAEA,IAAAC,GAAA,GAAAC,uBAAA,CAAAF,OAAA;AAA6BG,OAAA,CAAAF,GAAA,GAAAA,GAAA;AAC7B,IAAAG,EAAA,GAAAF,uBAAA,CAAAF,OAAA;AAA2BG,OAAA,CAAAC,EAAA,GAAAA,EAAA;AAC3B,IAAAC,MAAA,GAAAH,uBAAA,CAAAF,OAAA;AAAyCG,OAAA,CAAAE,MAAA,GAAAA,MAAA;AACzC,IAAAC,yBAAA,GAAAJ,uBAAA,CAAAF,OAAA;AAA2EG,OAAA,CAAAG,yBAAA,GAAAA,yBAAA;AAC3E,IAAAC,KAAA,GAAAP,OAAA;AAEA,IAAAQ,MAAA,GAAAR,OAAA;AAAmE,SAAAS,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAR,wBAAAY,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA"}
|
|
@@ -15,7 +15,7 @@ describe("decodeAuthRequestQR", () => {
|
|
|
15
15
|
});
|
|
16
16
|
});
|
|
17
17
|
describe("RpEntityConfiguration", () => {
|
|
18
|
-
it("should parse a valid
|
|
18
|
+
it("should parse a valid conf", async () => {
|
|
19
19
|
const pp = {
|
|
20
20
|
header: {
|
|
21
21
|
alg: "RS256",
|
|
@@ -36,6 +36,13 @@ describe("RpEntityConfiguration", () => {
|
|
|
36
36
|
}]
|
|
37
37
|
},
|
|
38
38
|
metadata: {
|
|
39
|
+
federation_entity: {
|
|
40
|
+
organization_name: "wallet-provider",
|
|
41
|
+
homepage_uri: "https://wallet-provider.example",
|
|
42
|
+
policy_uri: "https://wallet-provider.example",
|
|
43
|
+
logo_uri: "https://wallet-provider.example",
|
|
44
|
+
contacts: ["https://wallet-provider.example"]
|
|
45
|
+
},
|
|
39
46
|
wallet_relying_party: {
|
|
40
47
|
application_type: "web",
|
|
41
48
|
authorization_encrypted_response_alg: ["RSA-OAEP", "RSA-OAEP-256", "ECDH-ES", "ECDH-ES+A128KW", "ECDH-ES+A192KW", "ECDH-ES+A256KW"],
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_","require","_errors","_types","describe","it","qrcode","result","RelyingPartySolution","decodeAuthRequestQR","expect","requestURI","toEqual","toThrowError","AuthRequestDecodeError","pp","header","alg","kid","typ","payload","exp","iat","iss","sub","jwks","keys","kty","e","n","metadata","wallet_relying_party","application_type","authorization_encrypted_response_alg","authorization_encrypted_response_enc","authorization_signed_response_alg","client_id","client_name","
|
|
1
|
+
{"version":3,"names":["_","require","_errors","_types","describe","it","qrcode","result","RelyingPartySolution","decodeAuthRequestQR","expect","requestURI","toEqual","toThrowError","AuthRequestDecodeError","pp","header","alg","kid","typ","payload","exp","iat","iss","sub","jwks","keys","kty","e","n","metadata","federation_entity","organization_name","homepage_uri","policy_uri","logo_uri","contacts","wallet_relying_party","application_type","authorization_encrypted_response_alg","authorization_encrypted_response_enc","authorization_signed_response_alg","client_id","client_name","default_acr_values","default_max_age","id_token_encrypted_response_alg","id_token_encrypted_response_enc","id_token_signed_response_alg","presentation_definitions","id","input_descriptors","format","constraints","fields","filter","const","type","path","intent_to_retain","limit_disclosure","jwt","mso_mdoc","redirect_uris","request_uris","require_auth_time","subject_type","vp_formats","jwt_vp_json","crv","d","use","x","y","p","q","authority_hints","RpEntityConfiguration","safeParse","success","error","toBe"],"sourceRoot":"../../../../src","sources":["rp/__test__/index.test.ts"],"mappings":";;AAAA,IAAAA,CAAA,GAAAC,OAAA;AACA,IAAAC,OAAA,GAAAD,OAAA;AACA,IAAAE,MAAA,GAAAF,OAAA;AAEAG,QAAQ,CAAC,qBAAqB,EAAE,MAAM;EACpCC,EAAE,CAAC,0CAA0C,EAAE,YAAY;IACzD,MAAMC,MAAM,GACV,sJAAsJ;IACxJ,MAAMC,MAAM,GAAGC,sBAAoB,CAACC,mBAAmB,CAACH,MAAM,CAAC;IAC/DI,MAAM,CAACH,MAAM,CAACI,UAAU,CAAC,CAACC,OAAO,CAC/B,0CACF,CAAC;EACH,CAAC,CAAC;EACFP,EAAE,CAAC,wCAAwC,EAAE,YAAY;IACvD,MAAMC,MAAM,GAAG,0BAA0B;IACzCI,MAAM,CAAC,MAAMF,sBAAoB,CAACC,mBAAmB,CAACH,MAAM,CAAC,CAAC,CAACO,YAAY,CACzEC,8BACF,CAAC;EACH,CAAC,CAAC;AACJ,CAAC,CAAC;AAEFV,QAAQ,CAAC,uBAAuB,EAAE,MAAM;EACtCC,EAAE,CAAC,2BAA2B,EAAE,YAAY;IAC1C,MAAMU,EAAE,GAAG;MACTC,MAAM,EAAE;QACNC,GAAG,EAAE,OAAO;QACZC,GAAG,EAAE,6CAA6C;QAClDC,GAAG,EAAE;MACP,CAAC;MACDC,OAAO,EAAE;QACPC,GAAG,EAAE,UAAU;QACfC,GAAG,EAAE,UAAU;QACfC,GAAG,EAAE,+DAA+D;QACpEC,GAAG,EAAE,+DAA+D;QACpEC,IAAI,EAAE;UACJC,IAAI,EAAE,CACJ;YACEC,GAAG,EAAE,KAAK;YACVT,GAAG,EAAE,6CAA6C;YAClDU,CAAC,EAAE,MAAM;YACTC,CAAC,EAAE;UACL,CAAC;QAEL,CAAC;QACDC,QAAQ,EAAE;UACRC,iBAAiB,EAAE;YACjBC,iBAAiB,EAAE,iBAAiB;YACpCC,YAAY,EAAE,iCAAiC;YAC/CC,UAAU,EAAE,iCAAiC;YAC7CC,QAAQ,EAAE,iCAAiC;YAC3CC,QAAQ,EAAE,CAAC,iCAAiC;UAC9C,CAAC;UACDC,oBAAoB,EAAE;YACpBC,gBAAgB,EAAE,KAAK;YACvBC,oCAAoC,EAAE,CACpC,UAAU,EACV,cAAc,EACd,SAAS,EACT,gBAAgB,EAChB,gBAAgB,EAChB,gBAAgB,CACjB;YACDC,oCAAoC,EAAE,CACpC,eAAe,EACf,eAAe,EACf,eAAe,EACf,SAAS,EACT,SAAS,EACT,SAAS,CACV;YACDC,iCAAiC,EAAE,CACjC,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,CACR;YACDC,SAAS,EACP,+DAA+D;YACjEC,WAAW,EAAE,iCAAiC;YAC9CP,QAAQ,EAAE,CAAC,0BAA0B,CAAC;YACtCQ,kBAAkB,EAAE,CAClB,gCAAgC,EAChC,gCAAgC,CACjC;YACDC,eAAe,EAAE,IAAI;YACrBC,+BAA+B,EAAE,CAC/B,UAAU,EACV,cAAc,EACd,SAAS,EACT,gBAAgB,EAChB,gBAAgB,EAChB,gBAAgB,CACjB;YACDC,+BAA+B,EAAE,CAC/B,eAAe,EACf,eAAe,EACf,eAAe,EACf,SAAS,EACT,SAAS,EACT,SAAS,CACV;YACDC,4BAA4B,EAAE,CAC5B,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,CACR;YACDC,wBAAwB,EAAE,CACxB;cACEC,EAAE,EAAE,6CAA6C;cACjDC,iBAAiB,EAAE,CACjB;gBACED,EAAE,EAAE,6CAA6C;gBACjDE,MAAM,EAAE;kBACNC,WAAW,EAAE;oBACXC,MAAM,EAAE,CACN;sBACEC,MAAM,EAAE;wBACNC,KAAK,EAAE,0BAA0B;wBACjCC,IAAI,EAAE;sBACR,CAAC;sBACDC,IAAI,EAAE,CAAC,eAAe;oBACxB,CAAC,EACD;sBACEH,MAAM,EAAE;wBACNE,IAAI,EAAE;sBACR,CAAC;sBACDC,IAAI,EAAE,CAAC,cAAc;oBACvB,CAAC,EACD;sBACEC,gBAAgB,EAAE,MAAM;sBACxBD,IAAI,EAAE,CAAC,sBAAsB;oBAC/B,CAAC,EACD;sBACEC,gBAAgB,EAAE,MAAM;sBACxBD,IAAI,EAAE,CAAC,qBAAqB;oBAC9B,CAAC,EACD;sBACEC,gBAAgB,EAAE,MAAM;sBACxBD,IAAI,EAAE,CAAC,oBAAoB;oBAC7B,CAAC,CACF;oBACDE,gBAAgB,EAAE;kBACpB,CAAC;kBACDC,GAAG,EAAE;oBACH5C,GAAG,EAAE,CAAC,OAAO,EAAE,OAAO;kBACxB;gBACF;cACF,CAAC;YAEL,CAAC,EACD;cACEiC,EAAE,EAAE,gBAAgB;cACpBC,iBAAiB,EAAE,CACjB;gBACEC,MAAM,EAAE;kBACNC,WAAW,EAAE;oBACXC,MAAM,EAAE,CACN;sBACEC,MAAM,EAAE;wBACNC,KAAK,EAAE,uBAAuB;wBAC9BC,IAAI,EAAE;sBACR,CAAC;sBACDC,IAAI,EAAE,CAAC,gBAAgB;oBACzB,CAAC,EACD;sBACEH,MAAM,EAAE;wBACNC,KAAK,EAAE,mBAAmB;wBAC1BC,IAAI,EAAE;sBACR,CAAC;sBACDC,IAAI,EAAE,CAAC,kBAAkB;oBAC3B,CAAC,EACD;sBACEC,gBAAgB,EAAE,OAAO;sBACzBD,IAAI,EAAE,CAAC,oBAAoB;oBAC7B,CAAC,EACD;sBACEC,gBAAgB,EAAE,OAAO;sBACzBD,IAAI,EAAE,CAAC,iBAAiB;oBAC1B,CAAC,EACD;sBACEC,gBAAgB,EAAE,OAAO;sBACzBD,IAAI,EAAE,CAAC,2BAA2B;oBACpC,CAAC,CACF;oBACDE,gBAAgB,EAAE;kBACpB,CAAC;kBACDE,QAAQ,EAAE;oBACR7C,GAAG,EAAE,CAAC,OAAO,EAAE,OAAO;kBACxB;gBACF,CAAC;gBACDiC,EAAE,EAAE;cACN,CAAC;YAEL,CAAC,CACF;YACDa,aAAa,EAAE,CACb,4EAA4E,CAC7E;YACDC,YAAY,EAAE,CACZ,2EAA2E,CAC5E;YACDC,iBAAiB,EAAE,IAAI;YACvBC,YAAY,EAAE,UAAU;YACxBC,UAAU,EAAE;cACVC,WAAW,EAAE;gBACXnD,GAAG,EAAE,CAAC,OAAO,EAAE,QAAQ;cACzB;YACF,CAAC;YACDQ,IAAI,EAAE,CACJ;cACE4C,GAAG,EAAE,OAAO;cACZC,CAAC,EAAE,6CAA6C;cAChDpD,GAAG,EAAE,6CAA6C;cAClDqD,GAAG,EAAE,KAAK;cACV5C,GAAG,EAAE,IAAI;cACT6C,CAAC,EAAE,6CAA6C;cAChDC,CAAC,EAAE;YACL,CAAC,EACD;cACE9C,GAAG,EAAE,KAAK;cACV2C,CAAC,EAAE,wVAAwV;cAC3V1C,CAAC,EAAE,MAAM;cACT2C,GAAG,EAAE,KAAK;cACVrD,GAAG,EAAE,6CAA6C;cAClDW,CAAC,EAAE,wVAAwV;cAC3V6C,CAAC,EAAE,6KAA6K;cAChLC,CAAC,EAAE;YACL,CAAC;UAEL;QACF,CAAC;QACDC,eAAe,EAAE,CACf,0DAA0D;MAE9D;IACF,CAAC;IACD,MAAMrE,MAAM,GAAGsE,4BAAqB,CAACC,SAAS,CAAC/D,EAAE,CAAC;IAClD,IAAIR,MAAM,CAACwE,OAAO,KAAK,KAAK,EAAE;MAC5B,MAAMxE,MAAM,CAACyE,KAAK;IACpB;IACAtE,MAAM,CAACH,MAAM,CAACwE,OAAO,CAAC,CAACE,IAAI,CAAC,IAAI,CAAC;EACnC,CAAC,CAAC;AACJ,CAAC,CAAC"}
|
package/lib/commonjs/rp/index.js
CHANGED
|
@@ -9,6 +9,7 @@ var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
|
|
|
9
9
|
var _types = require("./types");
|
|
10
10
|
var _reactNativeUuid = _interopRequireDefault(require("react-native-uuid"));
|
|
11
11
|
var _sdJwt = require("../sd-jwt");
|
|
12
|
+
var _trust = require("../trust");
|
|
12
13
|
function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
|
|
13
14
|
class RelyingPartySolution {
|
|
14
15
|
constructor(relyingPartyBaseUrl, walletInstanceAttestation) {
|
|
@@ -213,7 +214,7 @@ class RelyingPartySolution {
|
|
|
213
214
|
body
|
|
214
215
|
});
|
|
215
216
|
if (response.status === 200) {
|
|
216
|
-
return await response.
|
|
217
|
+
return await response.json();
|
|
217
218
|
}
|
|
218
219
|
throw new _errors.IoWalletError(`Unable to send Authorization Response. Response: ${await response.text()} with code: ${response.status}`);
|
|
219
220
|
}
|
|
@@ -239,19 +240,9 @@ class RelyingPartySolution {
|
|
|
239
240
|
* Obtain the relying party entity configuration.
|
|
240
241
|
*/
|
|
241
242
|
async getEntityConfiguration() {
|
|
242
|
-
|
|
243
|
-
|
|
244
|
-
|
|
245
|
-
});
|
|
246
|
-
if (response.status === 200) {
|
|
247
|
-
const responseText = await response.text();
|
|
248
|
-
const responseJwt = await (0, _ioReactNativeJwt.decode)(responseText);
|
|
249
|
-
return _types.RpEntityConfiguration.parse({
|
|
250
|
-
header: responseJwt.protectedHeader,
|
|
251
|
-
payload: responseJwt.payload
|
|
252
|
-
});
|
|
253
|
-
}
|
|
254
|
-
throw new _errors.IoWalletError(`Unable to obtain RP Entity Configuration. Response code: ${response.status}`);
|
|
243
|
+
return (0, _trust.getEntityConfiguration)(this.relyingPartyBaseUrl, {
|
|
244
|
+
appFetch: this.appFetch
|
|
245
|
+
}).then(_types.RpEntityConfiguration.parse);
|
|
255
246
|
}
|
|
256
247
|
}
|
|
257
248
|
exports.RelyingPartySolution = RelyingPartySolution;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_errors","require","_ioReactNativeJwt","_types","_reactNativeUuid","_interopRequireDefault","_sdJwt","obj","__esModule","default","RelyingPartySolution","constructor","relyingPartyBaseUrl","walletInstanceAttestation","appFetch","arguments","length","undefined","fetch","decodeAuthRequestQR","qrcode","decoded","decodeBase64","decodedUrl","URL","protocol","resource","hostname","requestURI","searchParams","get","clientId","result","QRCodePayload","safeParse","success","data","AuthRequestDecodeError","error","message","getUnsignedWalletInstanceDPoP","walletInstanceAttestationJwk","authRequestUrl","SignJWT","jti","uuid","v4","htm","htu","ath","sha256ToBase64","setProtectedHeader","alg","jwk","typ","setIssuedAt","setExpirationTime","toSign","getRequestObject","signedWalletInstanceDPoP","requestUri","entity","response","method","headers","Authorization","DPoP","status","responseJson","json","responseEncodedJwt","responseJwt","decodeJwt","pubKey","payload","metadata","wallet_relying_party","jwks","find","_ref","kid","protectedHeader","NoSuitableKeysFoundInEntityConfiguration","verify","requestObj","RequestObject","parse","header","IoWalletError","prepareVpToken","walletInstanceIdentifier","_ref2","signKeyId","vc","claims","token","vp","paths","disclose","vp_token","iss","nonce","setAudience","response_uri","vc_scope","scope","presentation_submission","definition_id","id","descriptor_map","map","p","path","format","sendAuthorizationResponse","chooseRSAPublicKeyToEncrypt","authzResponsePayload","JSON","stringify","state","encrypted","EncryptJwe","enc","encrypt","formBody","URLSearchParams","body","toString","text","usingRsa256","filter","use","kty","getEntityConfiguration","
|
|
1
|
+
{"version":3,"names":["_errors","require","_ioReactNativeJwt","_types","_reactNativeUuid","_interopRequireDefault","_sdJwt","_trust","obj","__esModule","default","RelyingPartySolution","constructor","relyingPartyBaseUrl","walletInstanceAttestation","appFetch","arguments","length","undefined","fetch","decodeAuthRequestQR","qrcode","decoded","decodeBase64","decodedUrl","URL","protocol","resource","hostname","requestURI","searchParams","get","clientId","result","QRCodePayload","safeParse","success","data","AuthRequestDecodeError","error","message","getUnsignedWalletInstanceDPoP","walletInstanceAttestationJwk","authRequestUrl","SignJWT","jti","uuid","v4","htm","htu","ath","sha256ToBase64","setProtectedHeader","alg","jwk","typ","setIssuedAt","setExpirationTime","toSign","getRequestObject","signedWalletInstanceDPoP","requestUri","entity","response","method","headers","Authorization","DPoP","status","responseJson","json","responseEncodedJwt","responseJwt","decodeJwt","pubKey","payload","metadata","wallet_relying_party","jwks","find","_ref","kid","protectedHeader","NoSuitableKeysFoundInEntityConfiguration","verify","requestObj","RequestObject","parse","header","IoWalletError","prepareVpToken","walletInstanceIdentifier","_ref2","signKeyId","vc","claims","token","vp","paths","disclose","vp_token","iss","nonce","setAudience","response_uri","vc_scope","scope","presentation_submission","definition_id","id","descriptor_map","map","p","path","format","sendAuthorizationResponse","chooseRSAPublicKeyToEncrypt","authzResponsePayload","JSON","stringify","state","encrypted","EncryptJwe","enc","encrypt","formBody","URLSearchParams","body","toString","text","usingRsa256","filter","use","kty","getEntityConfiguration","then","RpEntityConfiguration","exports"],"sourceRoot":"../../../src","sources":["rp/index.ts"],"mappings":";;;;;;AAAA,IAAAA,OAAA,GAAAC,OAAA;AAKA,IAAAC,iBAAA,GAAAD,OAAA;AAQA,IAAAE,MAAA,GAAAF,OAAA;AAOA,IAAAG,gBAAA,GAAAC,sBAAA,CAAAJ,OAAA;AAEA,IAAAK,MAAA,GAAAL,OAAA;AACA,IAAAM,MAAA,GAAAN,OAAA;AAAkD,SAAAI,uBAAAG,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAE3C,MAAMG,oBAAoB,CAAC;EAKhCC,WAAWA,CACTC,mBAA2B,EAC3BC,yBAAiC,EAEjC;IAAA,IADAC,QAA8B,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAGG,KAAK;IAEtC,IAAI,CAACN,mBAAmB,GAAGA,mBAAmB;IAC9C,IAAI,CAACC,yBAAyB,GAAGA,yBAAyB;IAC1D,IAAI,CAACC,QAAQ,GAAGA,QAAQ;EAC1B;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;EACE,OAAOK,mBAAmBA,CAACC,MAAc,EAAiB;IACxD,MAAMC,OAAO,GAAG,IAAAC,8BAAY,EAACF,MAAM,CAAC;IACpC,MAAMG,UAAU,GAAG,IAAIC,GAAG,CAACH,OAAO,CAAC;IACnC,MAAMI,QAAQ,GAAGF,UAAU,CAACE,QAAQ;IACpC,MAAMC,QAAQ,GAAGH,UAAU,CAACI,QAAQ;IACpC,MAAMC,UAAU,GAAGL,UAAU,CAACM,YAAY,CAACC,GAAG,CAAC,aAAa,CAAC;IAC7D,MAAMC,QAAQ,GAAGR,UAAU,CAACM,YAAY,CAACC,GAAG,CAAC,WAAW,CAAC;IAEzD,MAAME,MAAM,GAAGC,oBAAa,CAACC,SAAS,CAAC;MACrCT,QAAQ;MACRC,QAAQ;MACRE,UAAU;MACVG;IACF,CAAC,CAAC;IAEF,IAAIC,MAAM,CAACG,OAAO,EAAE;MAClB,OAAOH,MAAM,CAACI,IAAI;IACpB,CAAC,MAAM;MACL,MAAM,IAAIC,8BAAsB,CAACL,MAAM,CAACM,KAAK,CAACC,OAAO,EAAG,GAAEhB,UAAW,EAAC,CAAC;IACzE;EACF;EACA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMiB,6BAA6BA,CACjCC,4BAAiC,EACjCC,cAAsB,EACL;IACjB,OAAO,MAAM,IAAIC,yBAAO,CAAC;MACvBC,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;MACnBC,GAAG,EAAE,KAAK;MACVC,GAAG,EAAEN,cAAc;MACnBO,GAAG,EAAE,MAAM,IAAAC,gCAAc,EAAC,IAAI,CAACrC,yBAAyB;IAC1D,CAAC,CAAC,CACCsC,kBAAkB,CAAC;MAClBC,GAAG,EAAE,OAAO;MACZC,GAAG,EAAEZ,4BAA4B;MACjCa,GAAG,EAAE;IACP,CAAC,CAAC,CACDC,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,MAAM,CAAC,CAAC;EACb;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMC,gBAAgBA,CACpBC,wBAAgC,EAChCC,UAAkB,EAClBC,MAA6B,EACL;IACxB,MAAMC,QAAQ,GAAG,MAAM,IAAI,CAAChD,QAAQ,CAAC8C,UAAU,EAAE;MAC/CG,MAAM,EAAE,KAAK;MACbC,OAAO,EAAE;QACPC,aAAa,EAAG,QAAO,IAAI,CAACpD,yBAA0B,EAAC;QACvDqD,IAAI,EAAEP;MACR;IACF,CAAC,CAAC;IAEF,IAAIG,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAMC,YAAY,GAAG,MAAMN,QAAQ,CAACO,IAAI,CAAC,CAAC;MAC1C,MAAMC,kBAAkB,GAAGF,YAAY,CAACN,QAAQ;MAEhD,MAAMS,WAAW,GAAG,IAAAC,wBAAS,EAACF,kBAAkB,CAAC;;MAEjD;MACA;MACA;QACE,MAAMG,MAAM,GAAGZ,MAAM,CAACa,OAAO,CAACC,QAAQ,CAACC,oBAAoB,CAACC,IAAI,CAACC,IAAI,CACnEC,IAAA;UAAA,IAAC;YAAEC;UAAI,CAAC,GAAAD,IAAA;UAAA,OAAKC,GAAG,KAAKT,WAAW,CAACU,eAAe,CAACD,GAAG;QAAA,CACtD,CAAC;QACD,IAAI,CAACP,MAAM,EAAE;UACX,MAAM,IAAIS,gDAAwC,CAChD,uCACF,CAAC;QACH;QACA,MAAM,IAAAC,wBAAM,EAACb,kBAAkB,EAAEG,MAAM,CAAC;MAC1C;;MAEA;MACA,MAAMW,UAAU,GAAGC,oBAAa,CAACC,KAAK,CAAC;QACrCC,MAAM,EAAEhB,WAAW,CAACU,eAAe;QACnCP,OAAO,EAAEH,WAAW,CAACG;MACvB,CAAC,CAAC;MAEF,OAAOU,UAAU;IACnB;IAEA,MAAM,IAAII,qBAAa,CACpB,mDAAkD1B,QAAQ,CAACK,MAAO,EACrE,CAAC;EACH;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMsB,cAAcA,CAClBL,UAAyB,EACzBM,wBAAgC,EAAAC,KAAA;EACJ;EAC5BC,SAAiB,EAIhB;IAAA,IALD,CAACC,EAAE,EAAEC,MAAM,CAAe,GAAAH,KAAA;IAM1B;IACA,MAAM;MAAEI,KAAK,EAAEC,EAAE;MAAEC;IAAM,CAAC,GAAG,MAAM,IAAAC,eAAQ,EAACL,EAAE,EAAEC,MAAM,CAAC;;IAEvD;;IAEA,MAAMK,QAAQ,GAAG,IAAIxD,yBAAO,CAAC;MAC3BqD,EAAE,EAAEA,EAAE;MACNpD,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;MACnBsD,GAAG,EAAEV,wBAAwB;MAC7BW,KAAK,EAAEjB,UAAU,CAACV,OAAO,CAAC2B;IAC5B,CAAC,CAAC,CACCC,WAAW,CAAClB,UAAU,CAACV,OAAO,CAAC6B,YAAY,CAAC,CAC5ChD,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBL,kBAAkB,CAAC;MAClBG,GAAG,EAAE,KAAK;MACVF,GAAG,EAAE,OAAO;MACZ4B,GAAG,EAAEY;IACP,CAAC,CAAC,CACDnC,MAAM,CAAC,CAAC;IAEX,MAAM+C,QAAQ,GAAGpB,UAAU,CAACV,OAAO,CAAC+B,KAAK;IACzC,MAAMC,uBAAuB,GAAG;MAC9BC,aAAa,EAAG,GAAE9D,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;MAC7B8D,EAAE,EAAG,GAAE/D,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;MAClB+D,cAAc,EAAEZ,KAAK,CAACa,GAAG,CAAEC,CAAC,KAAM;QAChCH,EAAE,EAAEJ,QAAQ;QACZQ,IAAI,EAAG,cAAaD,CAAC,CAACC,IAAK,EAAC;QAC5BC,MAAM,EAAE;MACV,CAAC,CAAC;IACJ,CAAC;IAED,OAAO;MAAEd,QAAQ;MAAEO;IAAwB,CAAC;EAC9C;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMQ,yBAAyBA,CAC7B9B,UAAyB,EACzBe,QAAgB,EAChBO,uBAAgD,EAChD7C,MAA6B,EACZ;IACjB;IACA;IACA,MAAMR,GAAG,GAAG,IAAI,CAAC8D,2BAA2B,CAACtD,MAAM,CAAC;IAEpD,MAAMuD,oBAAoB,GAAGC,IAAI,CAACC,SAAS,CAAC;MAC1CC,KAAK,EAAEnC,UAAU,CAACV,OAAO,CAAC6C,KAAK;MAC/Bb,uBAAuB;MACvBL,KAAK,EAAEjB,UAAU,CAACV,OAAO,CAAC2B,KAAK;MAC/BF;IACF,CAAC,CAAC;IAEF,MAAMqB,SAAS,GAAG,MAAM,IAAIC,4BAAU,CAACL,oBAAoB,EAAE;MAC3DhE,GAAG,EAAE,cAAc;MACnBsE,GAAG,EAAE,eAAe;MACpB1C,GAAG,EAAE3B,GAAG,CAAC2B;IACX,CAAC,CAAC,CAAC2C,OAAO,CAACtE,GAAG,CAAC;IAEf,MAAMuE,QAAQ,GAAG,IAAIC,eAAe,CAAC;MAAE/D,QAAQ,EAAE0D;IAAU,CAAC,CAAC;IAC7D,MAAMM,IAAI,GAAGF,QAAQ,CAACG,QAAQ,CAAC,CAAC;IAEhC,MAAMjE,QAAQ,GAAG,MAAM,IAAI,CAAChD,QAAQ,CAACsE,UAAU,CAACV,OAAO,CAAC6B,YAAY,EAAE;MACpExC,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE;MAClB,CAAC;MACD8D;IACF,CAAC,CAAC;IAEF,IAAIhE,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,OAAO,MAAML,QAAQ,CAACO,IAAI,CAAC,CAAC;IAC9B;IAEA,MAAM,IAAImB,qBAAa,CACpB,oDAAmD,MAAM1B,QAAQ,CAACkE,IAAI,CAAC,CAAE,eACxElE,QAAQ,CAACK,MACV,EACH,CAAC;EACH;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;EACUgD,2BAA2BA,CAACtD,MAA6B,EAAO;IACtE,MAAM,CAACoE,WAAW,CAAC,GACjBpE,MAAM,CAACa,OAAO,CAACC,QAAQ,CAACC,oBAAoB,CAACC,IAAI,CAACqD,MAAM,CACrD7E,GAAG,IAAKA,GAAG,CAAC8E,GAAG,KAAK,KAAK,IAAI9E,GAAG,CAAC+E,GAAG,KAAK,KAC5C,CAAC;IAEH,IAAIH,WAAW,EAAE;MACf,OAAOA,WAAW;IACpB;;IAEA;IACA,MAAM,IAAI/C,gDAAwC,CAChD,4BACF,CAAC;EACH;;EAEA;AACF;AACA;EACE,MAAMmD,sBAAsBA,CAAA,EAAmC;IAC7D,OAAO,IAAAA,6BAAsB,EAAC,IAAI,CAACzH,mBAAmB,EAAE;MACtDE,QAAQ,EAAE,IAAI,CAACA;IACjB,CAAC,CAAC,CAACwH,IAAI,CAACC,4BAAqB,CAACjD,KAAK,CAAC;EACtC;AACF;AAACkD,OAAA,CAAA9H,oBAAA,GAAAA,oBAAA"}
|
package/lib/commonjs/rp/types.js
CHANGED
|
@@ -7,6 +7,7 @@ exports.RpEntityConfiguration = exports.RequestObject = exports.QRCodePayload =
|
|
|
7
7
|
var _jwk = require("../utils/jwk");
|
|
8
8
|
var _types = require("../sd-jwt/types");
|
|
9
9
|
var z = _interopRequireWildcard(require("zod"));
|
|
10
|
+
var _types2 = require("../trust/types");
|
|
10
11
|
function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
|
|
11
12
|
function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
|
|
12
13
|
const RequestObject = z.object({
|
|
@@ -32,22 +33,12 @@ const RequestObject = z.object({
|
|
|
32
33
|
})
|
|
33
34
|
});
|
|
34
35
|
|
|
35
|
-
|
|
36
|
+
/**
|
|
37
|
+
* EntityConfiguration plus the metadata specific for a Relying Party entity.
|
|
38
|
+
*/
|
|
36
39
|
exports.RequestObject = RequestObject;
|
|
37
|
-
const RpEntityConfiguration = z.object({
|
|
38
|
-
header: z.object({
|
|
39
|
-
typ: z.literal("entity-statement+jwt"),
|
|
40
|
-
alg: z.string(),
|
|
41
|
-
kid: z.string()
|
|
42
|
-
}),
|
|
40
|
+
const RpEntityConfiguration = _types2.EntityConfiguration.and(z.object({
|
|
43
41
|
payload: z.object({
|
|
44
|
-
exp: _types.UnixTime,
|
|
45
|
-
iat: _types.UnixTime,
|
|
46
|
-
iss: z.string(),
|
|
47
|
-
sub: z.string(),
|
|
48
|
-
jwks: z.object({
|
|
49
|
-
keys: z.array(_jwk.JWK)
|
|
50
|
-
}),
|
|
51
42
|
metadata: z.object({
|
|
52
43
|
wallet_relying_party: z.object({
|
|
53
44
|
application_type: z.string(),
|
|
@@ -56,20 +47,9 @@ const RpEntityConfiguration = z.object({
|
|
|
56
47
|
jwks: z.array(_jwk.JWK),
|
|
57
48
|
contacts: z.array(z.string())
|
|
58
49
|
})
|
|
59
|
-
|
|
60
|
-
// Actual RP implementation does not comply with the spec
|
|
61
|
-
/* federation_entity: z.object({
|
|
62
|
-
organization_name: z.string(),
|
|
63
|
-
homepage_uri: z.string(),
|
|
64
|
-
policy_uri: z.string(),
|
|
65
|
-
logo_uri: z.string(),
|
|
66
|
-
contacts: z.array(z.string()),
|
|
67
|
-
}), */
|
|
68
|
-
}),
|
|
69
|
-
|
|
70
|
-
authority_hints: z.array(z.string())
|
|
50
|
+
})
|
|
71
51
|
})
|
|
72
|
-
});
|
|
52
|
+
}));
|
|
73
53
|
exports.RpEntityConfiguration = RpEntityConfiguration;
|
|
74
54
|
const QRCodePayload = z.object({
|
|
75
55
|
protocol: z.string(),
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_jwk","require","_types","z","_interopRequireWildcard","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","RequestObject","object","header","typ","literal","optional","alg","string","kid","trust_chain","array","payload","iss","iat","UnixTime","exp","state","nonce","response_uri","response_type","response_mode","client_id","client_id_scheme","scope","exports","RpEntityConfiguration","
|
|
1
|
+
{"version":3,"names":["_jwk","require","_types","z","_interopRequireWildcard","_types2","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","RequestObject","object","header","typ","literal","optional","alg","string","kid","trust_chain","array","payload","iss","iat","UnixTime","exp","state","nonce","response_uri","response_type","response_mode","client_id","client_id_scheme","scope","exports","RpEntityConfiguration","EntityConfiguration","and","metadata","wallet_relying_party","application_type","client_name","jwks","JWK","contacts","QRCodePayload","protocol","resource","clientId","requestURI"],"sourceRoot":"../../../src","sources":["rp/types.ts"],"mappings":";;;;;;AAAA,IAAAA,IAAA,GAAAC,OAAA;AACA,IAAAC,MAAA,GAAAD,OAAA;AACA,IAAAE,CAAA,GAAAC,uBAAA,CAAAH,OAAA;AACA,IAAAI,OAAA,GAAAJ,OAAA;AAAqD,SAAAK,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAH,wBAAAO,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAG9C,MAAMW,aAAa,GAAGzB,CAAC,CAAC0B,MAAM,CAAC;EACpCC,MAAM,EAAE3B,CAAC,CAAC0B,MAAM,CAAC;IACf;IACAE,GAAG,EAAE5B,CAAC,CAAC6B,OAAO,CAAC,KAAK,CAAC,CAACC,QAAQ,CAAC,CAAC;IAChCC,GAAG,EAAE/B,CAAC,CAACgC,MAAM,CAAC,CAAC;IACfC,GAAG,EAAEjC,CAAC,CAACgC,MAAM,CAAC,CAAC;IACfE,WAAW,EAAElC,CAAC,CAACmC,KAAK,CAACnC,CAAC,CAACgC,MAAM,CAAC,CAAC;EACjC,CAAC,CAAC;EACFI,OAAO,EAAEpC,CAAC,CAAC0B,MAAM,CAAC;IAChBW,GAAG,EAAErC,CAAC,CAACgC,MAAM,CAAC,CAAC;IACfM,GAAG,EAAEC,eAAQ;IACbC,GAAG,EAAED,eAAQ;IACbE,KAAK,EAAEzC,CAAC,CAACgC,MAAM,CAAC,CAAC;IACjBU,KAAK,EAAE1C,CAAC,CAACgC,MAAM,CAAC,CAAC;IACjBW,YAAY,EAAE3C,CAAC,CAACgC,MAAM,CAAC,CAAC;IACxBY,aAAa,EAAE5C,CAAC,CAAC6B,OAAO,CAAC,UAAU,CAAC;IACpCgB,aAAa,EAAE7C,CAAC,CAAC6B,OAAO,CAAC,iBAAiB,CAAC;IAC3CiB,SAAS,EAAE9C,CAAC,CAACgC,MAAM,CAAC,CAAC;IACrBe,gBAAgB,EAAE/C,CAAC,CAAC6B,OAAO,CAAC,WAAW,CAAC;IACxCmB,KAAK,EAAEhD,CAAC,CAACgC,MAAM,CAAC;EAClB,CAAC;AACH,CAAC,CAAC;;AAEF;AACA;AACA;AAFAiB,OAAA,CAAAxB,aAAA,GAAAA,aAAA;AAIO,MAAMyB,qBAAqB,GAAGC,2BAAmB,CAACC,GAAG,CAC1DpD,CAAC,CAAC0B,MAAM,CAAC;EACPU,OAAO,EAAEpC,CAAC,CAAC0B,MAAM,CAAC;IAChB2B,QAAQ,EAAErD,CAAC,CAAC0B,MAAM,CAAC;MACjB4B,oBAAoB,EAAEtD,CAAC,CAAC0B,MAAM,CAAC;QAC7B6B,gBAAgB,EAAEvD,CAAC,CAACgC,MAAM,CAAC,CAAC;QAC5Bc,SAAS,EAAE9C,CAAC,CAACgC,MAAM,CAAC,CAAC;QACrBwB,WAAW,EAAExD,CAAC,CAACgC,MAAM,CAAC,CAAC;QACvByB,IAAI,EAAEzD,CAAC,CAACmC,KAAK,CAACuB,QAAG,CAAC;QAClBC,QAAQ,EAAE3D,CAAC,CAACmC,KAAK,CAACnC,CAAC,CAACgC,MAAM,CAAC,CAAC;MAC9B,CAAC;IACH,CAAC;EACH,CAAC;AACH,CAAC,CACH,CAAC;AAACiB,OAAA,CAAAC,qBAAA,GAAAA,qBAAA;AAGK,MAAMU,aAAa,GAAG5D,CAAC,CAAC0B,MAAM,CAAC;EACpCmC,QAAQ,EAAE7D,CAAC,CAACgC,MAAM,CAAC,CAAC;EACpB8B,QAAQ,EAAE9D,CAAC,CAACgC,MAAM,CAAC,CAAC;EAAE;EACtB+B,QAAQ,EAAE/D,CAAC,CAACgC,MAAM,CAAC,CAAC;EACpBgC,UAAU,EAAEhE,CAAC,CAACgC,MAAM,CAAC;AACvB,CAAC,CAAC;;AAEF;AACA;AACA;AAFAiB,OAAA,CAAAW,aAAA,GAAAA,aAAA"}
|
|
@@ -0,0 +1,94 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
|
|
3
|
+
Object.defineProperty(exports, "__esModule", {
|
|
4
|
+
value: true
|
|
5
|
+
});
|
|
6
|
+
exports.verifyTrustChain = verifyTrustChain;
|
|
7
|
+
var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
|
|
8
|
+
var _types = require("./types");
|
|
9
|
+
var _errors = require("../utils/errors");
|
|
10
|
+
var z = _interopRequireWildcard(require("zod"));
|
|
11
|
+
function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
|
|
12
|
+
function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
|
|
13
|
+
// Verify a token signature
|
|
14
|
+
// The kid is extracted from the token header
|
|
15
|
+
const verify = async (token, kid, jwks) => {
|
|
16
|
+
const jwk = jwks.find(k => k.kid === kid);
|
|
17
|
+
if (!jwk) {
|
|
18
|
+
throw new Error(`Invalid kid: ${kid}, token: ${token}`);
|
|
19
|
+
}
|
|
20
|
+
const {
|
|
21
|
+
protectedHeader: header,
|
|
22
|
+
payload
|
|
23
|
+
} = await (0, _ioReactNativeJwt.verify)(token, jwk);
|
|
24
|
+
return {
|
|
25
|
+
header,
|
|
26
|
+
payload
|
|
27
|
+
};
|
|
28
|
+
};
|
|
29
|
+
const decode = token => {
|
|
30
|
+
const {
|
|
31
|
+
protectedHeader: header,
|
|
32
|
+
payload
|
|
33
|
+
} = (0, _ioReactNativeJwt.decode)(token);
|
|
34
|
+
return {
|
|
35
|
+
header,
|
|
36
|
+
payload
|
|
37
|
+
};
|
|
38
|
+
};
|
|
39
|
+
|
|
40
|
+
// The first element of the chain is supposed to be the Entity Configuration for the document issuer
|
|
41
|
+
const FirstElementShape = _types.EntityConfiguration;
|
|
42
|
+
// Each element but the first is supposed to be an Entity Statement
|
|
43
|
+
const MiddleElementShape = _types.EntityStatement;
|
|
44
|
+
// The last element of the chain can either be an Entity Statement
|
|
45
|
+
// or the Entity Configuration for the known Trust Anchor
|
|
46
|
+
const LastElementShape = z.union([_types.EntityStatement, _types.TrustAnchorEntityConfiguration]);
|
|
47
|
+
|
|
48
|
+
/**
|
|
49
|
+
* Validates a provided trust chain against a known trust
|
|
50
|
+
*
|
|
51
|
+
* @param trustAnchorEntity
|
|
52
|
+
* @param chain
|
|
53
|
+
* @returns The list of parsed token representing the chain
|
|
54
|
+
* @throws {IoWalletError} If the chain is not valid
|
|
55
|
+
*/
|
|
56
|
+
async function verifyTrustChain(trustAnchorEntity, chain) {
|
|
57
|
+
// If the chain is empty, fail
|
|
58
|
+
if (chain.length === 0) {
|
|
59
|
+
throw new _errors.IoWalletError("Cannot verify empty trust chain");
|
|
60
|
+
}
|
|
61
|
+
|
|
62
|
+
// Select the expected token shape
|
|
63
|
+
const selectTokenShape = elementIndex => elementIndex === 0 ? FirstElementShape : elementIndex === chain.length - 1 ? LastElementShape : MiddleElementShape;
|
|
64
|
+
|
|
65
|
+
// select the kid from the current index
|
|
66
|
+
const selectKid = currentIndex => {
|
|
67
|
+
const token = chain[currentIndex];
|
|
68
|
+
if (!token) {
|
|
69
|
+
throw new _errors.IoWalletError(`Cannot select kid: empty token`);
|
|
70
|
+
}
|
|
71
|
+
const shape = selectTokenShape(currentIndex);
|
|
72
|
+
return shape.parse(decode(token)).header.kid;
|
|
73
|
+
};
|
|
74
|
+
|
|
75
|
+
// select keys from the next token
|
|
76
|
+
// if the current token is the last, keys fro trust anchor will be used
|
|
77
|
+
const selectKeys = currentIndex => {
|
|
78
|
+
if (currentIndex === chain.length - 1) {
|
|
79
|
+
return trustAnchorEntity.payload.jwks.keys;
|
|
80
|
+
}
|
|
81
|
+
const nextIndex = currentIndex + 1;
|
|
82
|
+
const nextToken = chain[nextIndex];
|
|
83
|
+
if (!nextToken) {
|
|
84
|
+
throw new _errors.IoWalletError(`Cannot select keys: empty nextToken`);
|
|
85
|
+
}
|
|
86
|
+
const shape = selectTokenShape(nextIndex);
|
|
87
|
+
return shape.parse(decode(nextToken)).payload.jwks.keys;
|
|
88
|
+
};
|
|
89
|
+
|
|
90
|
+
// Iterate the chain and validate each element's signature against the public keys of its next
|
|
91
|
+
// If there is no next, hence it's the end of the chain and it must be verified by the Trust Anchor
|
|
92
|
+
return Promise.all(chain.map((token, i) => [token, selectKid(i), selectKeys(i)]).map(args => verify(...args)));
|
|
93
|
+
}
|
|
94
|
+
//# sourceMappingURL=chain.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["_ioReactNativeJwt","require","_types","_errors","z","_interopRequireWildcard","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","verify","token","kid","jwks","jwk","find","k","Error","protectedHeader","header","payload","verifyJwt","decode","decodeJwt","FirstElementShape","EntityConfiguration","MiddleElementShape","EntityStatement","LastElementShape","union","TrustAnchorEntityConfiguration","verifyTrustChain","trustAnchorEntity","chain","length","IoWalletError","selectTokenShape","elementIndex","selectKid","currentIndex","shape","parse","selectKeys","keys","nextIndex","nextToken","Promise","all","map","i","args"],"sourceRoot":"../../../src","sources":["trust/chain.ts"],"mappings":";;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AAIA,IAAAC,MAAA,GAAAD,OAAA;AAMA,IAAAE,OAAA,GAAAF,OAAA;AACA,IAAAG,CAAA,GAAAC,uBAAA,CAAAJ,OAAA;AAAyB,SAAAK,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAF,wBAAAM,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAQzB;AACA;AACA,MAAMW,MAAM,GAAG,MAAAA,CACbC,KAAa,EACbC,GAAW,EACXC,IAAW,KACc;EACzB,MAAMC,GAAG,GAAGD,IAAI,CAACE,IAAI,CAAEC,CAAC,IAAKA,CAAC,CAACJ,GAAG,KAAKA,GAAG,CAAC;EAC3C,IAAI,CAACE,GAAG,EAAE;IACR,MAAM,IAAIG,KAAK,CAAE,gBAAeL,GAAI,YAAWD,KAAM,EAAC,CAAC;EACzD;EACA,MAAM;IAAEO,eAAe,EAAEC,MAAM;IAAEC;EAAQ,CAAC,GAAG,MAAM,IAAAC,wBAAS,EAACV,KAAK,EAAEG,GAAG,CAAC;EACxE,OAAO;IAAEK,MAAM;IAAEC;EAAQ,CAAC;AAC5B,CAAC;AAED,MAAME,MAAM,GAAIX,KAAa,IAAK;EAChC,MAAM;IAAEO,eAAe,EAAEC,MAAM;IAAEC;EAAQ,CAAC,GAAG,IAAAG,wBAAS,EAACZ,KAAK,CAAC;EAC7D,OAAO;IAAEQ,MAAM;IAAEC;EAAQ,CAAC;AAC5B,CAAC;;AAED;AACA,MAAMI,iBAAiB,GAAGC,0BAAmB;AAC7C;AACA,MAAMC,kBAAkB,GAAGC,sBAAe;AAC1C;AACA;AACA,MAAMC,gBAAgB,GAAG1C,CAAC,CAAC2C,KAAK,CAAC,CAC/BF,sBAAe,EACfG,qCAA8B,CAC/B,CAAC;;AAEF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,eAAeC,gBAAgBA,CACpCC,iBAAiD,EACjDC,KAAe,EACS;EACxB;EACA,IAAIA,KAAK,CAACC,MAAM,KAAK,CAAC,EAAE;IACtB,MAAM,IAAIC,qBAAa,CAAC,iCAAiC,CAAC;EAC5D;;EAEA;EACA,MAAMC,gBAAgB,GAAIC,YAAoB,IAC5CA,YAAY,KAAK,CAAC,GACdb,iBAAiB,GACjBa,YAAY,KAAKJ,KAAK,CAACC,MAAM,GAAG,CAAC,GACjCN,gBAAgB,GAChBF,kBAAkB;;EAExB;EACA,MAAMY,SAAS,GAAIC,YAAoB,IAAa;IAClD,MAAM5B,KAAK,GAAGsB,KAAK,CAACM,YAAY,CAAC;IACjC,IAAI,CAAC5B,KAAK,EAAE;MACV,MAAM,IAAIwB,qBAAa,CAAE,gCAA+B,CAAC;IAC3D;IACA,MAAMK,KAAK,GAAGJ,gBAAgB,CAACG,YAAY,CAAC;IAC5C,OAAOC,KAAK,CAACC,KAAK,CAACnB,MAAM,CAACX,KAAK,CAAC,CAAC,CAACQ,MAAM,CAACP,GAAG;EAC9C,CAAC;;EAED;EACA;EACA,MAAM8B,UAAU,GAAIH,YAAoB,IAAY;IAClD,IAAIA,YAAY,KAAKN,KAAK,CAACC,MAAM,GAAG,CAAC,EAAE;MACrC,OAAOF,iBAAiB,CAACZ,OAAO,CAACP,IAAI,CAAC8B,IAAI;IAC5C;IAEA,MAAMC,SAAS,GAAGL,YAAY,GAAG,CAAC;IAClC,MAAMM,SAAS,GAAGZ,KAAK,CAACW,SAAS,CAAC;IAClC,IAAI,CAACC,SAAS,EAAE;MACd,MAAM,IAAIV,qBAAa,CAAE,qCAAoC,CAAC;IAChE;IACA,MAAMK,KAAK,GAAGJ,gBAAgB,CAACQ,SAAS,CAAC;IACzC,OAAOJ,KAAK,CAACC,KAAK,CAACnB,MAAM,CAACuB,SAAS,CAAC,CAAC,CAACzB,OAAO,CAACP,IAAI,CAAC8B,IAAI;EACzD,CAAC;;EAED;EACA;EACA,OAAOG,OAAO,CAACC,GAAG,CAChBd,KAAK,CACFe,GAAG,CAAC,CAACrC,KAAK,EAAEsC,CAAC,KAAK,CAACtC,KAAK,EAAE2B,SAAS,CAACW,CAAC,CAAC,EAAEP,UAAU,CAACO,CAAC,CAAC,CAAU,CAAC,CAChED,GAAG,CAAEE,IAAI,IAAKxC,MAAM,CAAC,GAAGwC,IAAI,CAAC,CAClC,CAAC;AACH"}
|
|
@@ -0,0 +1,44 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
|
|
3
|
+
Object.defineProperty(exports, "__esModule", {
|
|
4
|
+
value: true
|
|
5
|
+
});
|
|
6
|
+
exports.getEntityConfiguration = getEntityConfiguration;
|
|
7
|
+
Object.defineProperty(exports, "verifyTrustChain", {
|
|
8
|
+
enumerable: true,
|
|
9
|
+
get: function () {
|
|
10
|
+
return _chain.verifyTrustChain;
|
|
11
|
+
}
|
|
12
|
+
});
|
|
13
|
+
var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
|
|
14
|
+
var _types = require("./types");
|
|
15
|
+
var _errors = require("../utils/errors");
|
|
16
|
+
var _chain = require("./chain");
|
|
17
|
+
/**
|
|
18
|
+
* Fetch and parse teh entity configuration document for a given federation entity
|
|
19
|
+
*
|
|
20
|
+
* @param entityBaseUrl The base url of the entity.
|
|
21
|
+
* @param options.appFetch An optional instance of the http client to be used.
|
|
22
|
+
* @returns The parsed entity configuration object
|
|
23
|
+
* @throws {IoWalletError} If the http request fails
|
|
24
|
+
* @throws Parse error if the document is not in the expected shape.
|
|
25
|
+
*/
|
|
26
|
+
async function getEntityConfiguration(entityBaseUrl) {
|
|
27
|
+
let {
|
|
28
|
+
appFetch = fetch
|
|
29
|
+
} = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {};
|
|
30
|
+
const wellKnownUrl = `${entityBaseUrl}/.well-known/openid-federation`;
|
|
31
|
+
const response = await appFetch(wellKnownUrl, {
|
|
32
|
+
method: "GET"
|
|
33
|
+
});
|
|
34
|
+
if (response.status === 200) {
|
|
35
|
+
const responseText = await response.text();
|
|
36
|
+
const responseJwt = (0, _ioReactNativeJwt.decode)(responseText);
|
|
37
|
+
return _types.EntityConfiguration.parse({
|
|
38
|
+
header: responseJwt.protectedHeader,
|
|
39
|
+
payload: responseJwt.payload
|
|
40
|
+
});
|
|
41
|
+
}
|
|
42
|
+
throw new _errors.IoWalletError(`Unable to obtain Entity Configuration at ${wellKnownUrl}. Response code: ${response.status}`);
|
|
43
|
+
}
|
|
44
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["_ioReactNativeJwt","require","_types","_errors","_chain","getEntityConfiguration","entityBaseUrl","appFetch","fetch","arguments","length","undefined","wellKnownUrl","response","method","status","responseText","text","responseJwt","decodeJwt","EntityConfiguration","parse","header","protectedHeader","payload","IoWalletError"],"sourceRoot":"../../../src","sources":["trust/index.ts"],"mappings":";;;;;;;;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AACA,IAAAC,MAAA,GAAAD,OAAA;AACA,IAAAE,OAAA,GAAAF,OAAA;AACA,IAAAG,MAAA,GAAAH,OAAA;AAIA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,eAAeI,sBAAsBA,CAC1CC,aAAqB,EAMS;EAAA,IAL9B;IACEC,QAAQ,GAAGC;EAGb,CAAC,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EAEN,MAAMG,YAAY,GAAI,GAAEN,aAAc,gCAA+B;EAErE,MAAMO,QAAQ,GAAG,MAAMN,QAAQ,CAACK,YAAY,EAAE;IAC5CE,MAAM,EAAE;EACV,CAAC,CAAC;EAEF,IAAID,QAAQ,CAACE,MAAM,KAAK,GAAG,EAAE;IAC3B,MAAMC,YAAY,GAAG,MAAMH,QAAQ,CAACI,IAAI,CAAC,CAAC;IAC1C,MAAMC,WAAW,GAAG,IAAAC,wBAAS,EAACH,YAAY,CAAC;IAC3C,OAAOI,0BAAmB,CAACC,KAAK,CAAC;MAC/BC,MAAM,EAAEJ,WAAW,CAACK,eAAe;MACnCC,OAAO,EAAEN,WAAW,CAACM;IACvB,CAAC,CAAC;EACJ;EAEA,MAAM,IAAIC,qBAAa,CACpB,4CAA2Cb,YAAa,oBAAmBC,QAAQ,CAACE,MAAO,EAC9F,CAAC;AACH"}
|
|
@@ -0,0 +1,64 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
|
|
3
|
+
Object.defineProperty(exports, "__esModule", {
|
|
4
|
+
value: true
|
|
5
|
+
});
|
|
6
|
+
exports.TrustMark = exports.TrustAnchorEntityConfiguration = exports.EntityStatement = exports.EntityConfiguration = void 0;
|
|
7
|
+
var _types = require("../sd-jwt/types");
|
|
8
|
+
var _jwk = require("../utils/jwk");
|
|
9
|
+
var z = _interopRequireWildcard(require("zod"));
|
|
10
|
+
function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
|
|
11
|
+
function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
|
|
12
|
+
const TrustMark = z.object({
|
|
13
|
+
id: z.string(),
|
|
14
|
+
trust_mark: z.string()
|
|
15
|
+
});
|
|
16
|
+
exports.TrustMark = TrustMark;
|
|
17
|
+
const EntityStatement = z.object({
|
|
18
|
+
header: z.object({
|
|
19
|
+
typ: z.literal("entity-statement+jwt"),
|
|
20
|
+
alg: z.string(),
|
|
21
|
+
kid: z.string()
|
|
22
|
+
}),
|
|
23
|
+
payload: z.object({
|
|
24
|
+
iss: z.string(),
|
|
25
|
+
sub: z.string(),
|
|
26
|
+
jwks: z.object({
|
|
27
|
+
keys: z.array(_jwk.JWK)
|
|
28
|
+
}),
|
|
29
|
+
trust_marks: z.array(TrustMark),
|
|
30
|
+
iat: z.number(),
|
|
31
|
+
exp: z.number()
|
|
32
|
+
})
|
|
33
|
+
});
|
|
34
|
+
exports.EntityStatement = EntityStatement;
|
|
35
|
+
const EntityConfiguration = z.object({
|
|
36
|
+
header: z.object({
|
|
37
|
+
typ: z.literal("entity-statement+jwt"),
|
|
38
|
+
alg: z.string(),
|
|
39
|
+
kid: z.string()
|
|
40
|
+
}),
|
|
41
|
+
payload: z.object({
|
|
42
|
+
exp: _types.UnixTime,
|
|
43
|
+
iat: _types.UnixTime,
|
|
44
|
+
iss: z.string(),
|
|
45
|
+
sub: z.string(),
|
|
46
|
+
jwks: z.object({
|
|
47
|
+
keys: z.array(_jwk.JWK)
|
|
48
|
+
}),
|
|
49
|
+
metadata: z.object({
|
|
50
|
+
federation_entity: z.object({
|
|
51
|
+
organization_name: z.string(),
|
|
52
|
+
homepage_uri: z.string(),
|
|
53
|
+
policy_uri: z.string(),
|
|
54
|
+
logo_uri: z.string(),
|
|
55
|
+
contacts: z.array(z.string())
|
|
56
|
+
})
|
|
57
|
+
}),
|
|
58
|
+
authority_hints: z.array(z.string())
|
|
59
|
+
})
|
|
60
|
+
});
|
|
61
|
+
exports.EntityConfiguration = EntityConfiguration;
|
|
62
|
+
const TrustAnchorEntityConfiguration = EntityConfiguration;
|
|
63
|
+
exports.TrustAnchorEntityConfiguration = TrustAnchorEntityConfiguration;
|
|
64
|
+
//# sourceMappingURL=types.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["_types","require","_jwk","z","_interopRequireWildcard","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","TrustMark","object","id","string","trust_mark","exports","EntityStatement","header","typ","literal","alg","kid","payload","iss","sub","jwks","keys","array","JWK","trust_marks","iat","number","exp","EntityConfiguration","UnixTime","metadata","federation_entity","organization_name","homepage_uri","policy_uri","logo_uri","contacts","authority_hints","TrustAnchorEntityConfiguration"],"sourceRoot":"../../../src","sources":["trust/types.ts"],"mappings":";;;;;;AAAA,IAAAA,MAAA,GAAAC,OAAA;AACA,IAAAC,IAAA,GAAAD,OAAA;AACA,IAAAE,CAAA,GAAAC,uBAAA,CAAAH,OAAA;AAAyB,SAAAI,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAF,wBAAAM,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAElB,MAAMW,SAAS,GAAGxB,CAAC,CAACyB,MAAM,CAAC;EAAEC,EAAE,EAAE1B,CAAC,CAAC2B,MAAM,CAAC,CAAC;EAAEC,UAAU,EAAE5B,CAAC,CAAC2B,MAAM,CAAC;AAAE,CAAC,CAAC;AAACE,OAAA,CAAAL,SAAA,GAAAA,SAAA;AAIvE,MAAMM,eAAe,GAAG9B,CAAC,CAACyB,MAAM,CAAC;EACtCM,MAAM,EAAE/B,CAAC,CAACyB,MAAM,CAAC;IACfO,GAAG,EAAEhC,CAAC,CAACiC,OAAO,CAAC,sBAAsB,CAAC;IACtCC,GAAG,EAAElC,CAAC,CAAC2B,MAAM,CAAC,CAAC;IACfQ,GAAG,EAAEnC,CAAC,CAAC2B,MAAM,CAAC;EAChB,CAAC,CAAC;EACFS,OAAO,EAAEpC,CAAC,CAACyB,MAAM,CAAC;IAChBY,GAAG,EAAErC,CAAC,CAAC2B,MAAM,CAAC,CAAC;IACfW,GAAG,EAAEtC,CAAC,CAAC2B,MAAM,CAAC,CAAC;IACfY,IAAI,EAAEvC,CAAC,CAACyB,MAAM,CAAC;MAAEe,IAAI,EAAExC,CAAC,CAACyC,KAAK,CAACC,QAAG;IAAE,CAAC,CAAC;IACtCC,WAAW,EAAE3C,CAAC,CAACyC,KAAK,CAACjB,SAAS,CAAC;IAC/BoB,GAAG,EAAE5C,CAAC,CAAC6C,MAAM,CAAC,CAAC;IACfC,GAAG,EAAE9C,CAAC,CAAC6C,MAAM,CAAC;EAChB,CAAC;AACH,CAAC,CAAC;AAAChB,OAAA,CAAAC,eAAA,GAAAA,eAAA;AAGI,MAAMiB,mBAAmB,GAAG/C,CAAC,CAACyB,MAAM,CAAC;EAC1CM,MAAM,EAAE/B,CAAC,CAACyB,MAAM,CAAC;IACfO,GAAG,EAAEhC,CAAC,CAACiC,OAAO,CAAC,sBAAsB,CAAC;IACtCC,GAAG,EAAElC,CAAC,CAAC2B,MAAM,CAAC,CAAC;IACfQ,GAAG,EAAEnC,CAAC,CAAC2B,MAAM,CAAC;EAChB,CAAC,CAAC;EACFS,OAAO,EAAEpC,CAAC,CAACyB,MAAM,CAAC;IAChBqB,GAAG,EAAEE,eAAQ;IACbJ,GAAG,EAAEI,eAAQ;IACbX,GAAG,EAAErC,CAAC,CAAC2B,MAAM,CAAC,CAAC;IACfW,GAAG,EAAEtC,CAAC,CAAC2B,MAAM,CAAC,CAAC;IACfY,IAAI,EAAEvC,CAAC,CAACyB,MAAM,CAAC;MACbe,IAAI,EAAExC,CAAC,CAACyC,KAAK,CAACC,QAAG;IACnB,CAAC,CAAC;IACFO,QAAQ,EAAEjD,CAAC,CAACyB,MAAM,CAAC;MACjByB,iBAAiB,EAAElD,CAAC,CAACyB,MAAM,CAAC;QAC1B0B,iBAAiB,EAAEnD,CAAC,CAAC2B,MAAM,CAAC,CAAC;QAC7ByB,YAAY,EAAEpD,CAAC,CAAC2B,MAAM,CAAC,CAAC;QACxB0B,UAAU,EAAErD,CAAC,CAAC2B,MAAM,CAAC,CAAC;QACtB2B,QAAQ,EAAEtD,CAAC,CAAC2B,MAAM,CAAC,CAAC;QACpB4B,QAAQ,EAAEvD,CAAC,CAACyC,KAAK,CAACzC,CAAC,CAAC2B,MAAM,CAAC,CAAC;MAC9B,CAAC;IACH,CAAC,CAAC;IACF6B,eAAe,EAAExD,CAAC,CAACyC,KAAK,CAACzC,CAAC,CAAC2B,MAAM,CAAC,CAAC;EACrC,CAAC;AACH,CAAC,CAAC;AAACE,OAAA,CAAAkB,mBAAA,GAAAA,mBAAA;AAKI,MAAMU,8BAA8B,GAAGV,mBAAmB;AAAClB,OAAA,CAAA4B,8BAAA,GAAAA,8BAAA"}
|