@pagopa/io-react-native-wallet 0.4.3 → 0.6.0
Sign up to get free protection for your applications and to get access to all the features.
- package/README.md +128 -19
- package/lib/commonjs/index.js +16 -23
- package/lib/commonjs/index.js.map +1 -1
- package/lib/commonjs/pid/index.js +3 -8
- package/lib/commonjs/pid/index.js.map +1 -1
- package/lib/commonjs/pid/issuing.js +153 -176
- package/lib/commonjs/pid/issuing.js.map +1 -1
- package/lib/commonjs/rp/__test__/index.test.js +7 -5
- package/lib/commonjs/rp/__test__/index.test.js.map +1 -1
- package/lib/commonjs/rp/index.js +145 -155
- package/lib/commonjs/rp/index.js.map +1 -1
- package/lib/commonjs/rp/types.js +1 -21
- package/lib/commonjs/rp/types.js.map +1 -1
- package/lib/commonjs/trust/index.js +24 -5
- package/lib/commonjs/trust/index.js.map +1 -1
- package/lib/commonjs/trust/types.js +102 -9
- package/lib/commonjs/trust/types.js.map +1 -1
- package/lib/commonjs/utils/crypto.js +46 -0
- package/lib/commonjs/utils/crypto.js.map +1 -0
- package/lib/commonjs/utils/dpop.js +14 -7
- package/lib/commonjs/utils/dpop.js.map +1 -1
- package/lib/commonjs/wallet-instance-attestation/index.js +3 -3
- package/lib/commonjs/wallet-instance-attestation/issuing.js +42 -60
- package/lib/commonjs/wallet-instance-attestation/issuing.js.map +1 -1
- package/lib/module/index.js +4 -6
- package/lib/module/index.js.map +1 -1
- package/lib/module/pid/index.js +1 -1
- package/lib/module/pid/index.js.map +1 -1
- package/lib/module/pid/issuing.js +152 -180
- package/lib/module/pid/issuing.js.map +1 -1
- package/lib/module/rp/__test__/index.test.js +3 -3
- package/lib/module/rp/__test__/index.test.js.map +1 -1
- package/lib/module/rp/index.js +141 -154
- package/lib/module/rp/index.js.map +1 -1
- package/lib/module/rp/types.js +0 -20
- package/lib/module/rp/types.js.map +1 -1
- package/lib/module/trust/index.js +19 -5
- package/lib/module/trust/index.js.map +1 -1
- package/lib/module/trust/types.js +100 -7
- package/lib/module/trust/types.js.map +1 -1
- package/lib/module/utils/crypto.js +40 -0
- package/lib/module/utils/crypto.js.map +1 -0
- package/lib/module/utils/dpop.js +13 -5
- package/lib/module/utils/dpop.js.map +1 -1
- package/lib/module/wallet-instance-attestation/index.js +2 -2
- package/lib/module/wallet-instance-attestation/index.js.map +1 -1
- package/lib/module/wallet-instance-attestation/issuing.js +40 -58
- package/lib/module/wallet-instance-attestation/issuing.js.map +1 -1
- package/lib/typescript/index.d.ts +4 -6
- package/lib/typescript/index.d.ts.map +1 -1
- package/lib/typescript/pid/index.d.ts +1 -1
- package/lib/typescript/pid/index.d.ts.map +1 -1
- package/lib/typescript/pid/issuing.d.ts +43 -88
- package/lib/typescript/pid/issuing.d.ts.map +1 -1
- package/lib/typescript/rp/index.d.ts +41 -87
- package/lib/typescript/rp/index.d.ts.map +1 -1
- package/lib/typescript/rp/types.d.ts +10 -906
- package/lib/typescript/rp/types.d.ts.map +1 -1
- package/lib/typescript/sd-jwt/index.d.ts +1 -1
- package/lib/typescript/sd-jwt/index.d.ts.map +1 -1
- package/lib/typescript/trust/index.d.ts +806 -3
- package/lib/typescript/trust/index.d.ts.map +1 -1
- package/lib/typescript/trust/types.d.ts +9655 -297
- package/lib/typescript/trust/types.d.ts.map +1 -1
- package/lib/typescript/utils/crypto.d.ts +10 -0
- package/lib/typescript/utils/crypto.d.ts.map +1 -0
- package/lib/typescript/utils/dpop.d.ts +10 -2
- package/lib/typescript/utils/dpop.d.ts.map +1 -1
- package/lib/typescript/wallet-instance-attestation/index.d.ts +2 -2
- package/lib/typescript/wallet-instance-attestation/index.d.ts.map +1 -1
- package/lib/typescript/wallet-instance-attestation/issuing.d.ts +18 -31
- package/lib/typescript/wallet-instance-attestation/issuing.d.ts.map +1 -1
- package/lib/typescript/wallet-instance-attestation/types.d.ts +4 -4
- package/package.json +2 -2
- package/src/index.ts +14 -13
- package/src/pid/index.ts +1 -1
- package/src/pid/issuing.ts +233 -232
- package/src/rp/__test__/index.test.ts +3 -3
- package/src/rp/index.ts +172 -194
- package/src/rp/types.ts +0 -24
- package/src/sd-jwt/index.ts +1 -1
- package/src/trust/index.ts +106 -5
- package/src/trust/types.ts +152 -34
- package/src/utils/crypto.ts +41 -0
- package/src/utils/dpop.ts +17 -7
- package/src/wallet-instance-attestation/index.ts +2 -2
- package/src/wallet-instance-attestation/issuing.ts +51 -63
- package/lib/commonjs/pid/metadata.js +0 -49
- package/lib/commonjs/pid/metadata.js.map +0 -1
- package/lib/module/pid/metadata.js +0 -41
- package/lib/module/pid/metadata.js.map +0 -1
- package/lib/typescript/pid/metadata.d.ts +0 -482
- package/lib/typescript/pid/metadata.d.ts.map +0 -1
- package/src/pid/metadata.ts +0 -46
|
@@ -3,95 +3,72 @@
|
|
|
3
3
|
Object.defineProperty(exports, "__esModule", {
|
|
4
4
|
value: true
|
|
5
5
|
});
|
|
6
|
-
exports.
|
|
6
|
+
exports.getCredential = exports.authorizeIssuing = void 0;
|
|
7
7
|
var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
|
|
8
8
|
var _jwk = require("../utils/jwk");
|
|
9
9
|
var _reactNativeUuid = _interopRequireDefault(require("react-native-uuid"));
|
|
10
10
|
var _errors = require("../utils/errors");
|
|
11
11
|
var _dpop = require("../utils/dpop");
|
|
12
|
+
var WalletInstanceAttestation = _interopRequireWildcard(require("../wallet-instance-attestation"));
|
|
12
13
|
var _ioReactNativeCrypto = require("@pagopa/io-react-native-crypto");
|
|
13
|
-
var
|
|
14
|
-
var
|
|
14
|
+
var _2 = require(".");
|
|
15
|
+
var _crypto = require("../utils/crypto");
|
|
16
|
+
function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
|
|
17
|
+
function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
|
|
15
18
|
function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
|
|
16
19
|
// This is a temporary type that will be used for demo purposes only
|
|
17
20
|
|
|
18
|
-
|
|
19
|
-
constructor(pidProviderBaseUrl, walletProviderBaseUrl, walletInstanceAttestation, clientId) {
|
|
20
|
-
let appFetch = arguments.length > 4 && arguments[4] !== undefined ? arguments[4] : fetch;
|
|
21
|
-
this.pidProviderBaseUrl = pidProviderBaseUrl;
|
|
22
|
-
this.walletProviderBaseUrl = walletProviderBaseUrl;
|
|
23
|
-
this.state = `${_reactNativeUuid.default.v4()}`;
|
|
24
|
-
this.codeVerifier = `${_reactNativeUuid.default.v4()}`;
|
|
25
|
-
this.authorizationCode = `${_reactNativeUuid.default.v4()}`;
|
|
26
|
-
this.walletInstanceAttestation = walletInstanceAttestation;
|
|
27
|
-
this.clientId = clientId;
|
|
28
|
-
this.appFetch = appFetch;
|
|
29
|
-
}
|
|
21
|
+
const assertionType = "urn:ietf:params:oauth:client-assertion-type:jwt-client-attestation";
|
|
30
22
|
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
23
|
+
/**
|
|
24
|
+
* Make a PAR request to the PID issuer and return the response url
|
|
25
|
+
*/
|
|
26
|
+
const getPar = _ref => {
|
|
27
|
+
let {
|
|
28
|
+
wiaCryptoContext,
|
|
29
|
+
appFetch = fetch
|
|
30
|
+
} = _ref;
|
|
31
|
+
return async (clientId, codeVerifier, walletProviderBaseUrl, pidProviderEntityConfiguration, walletInstanceAttestation) => {
|
|
32
|
+
// Calculate the thumbprint of the public key of the Wallet Instance Attestation.
|
|
33
|
+
// The PAR request token is signed used the Wallet Instance Attestation key.
|
|
34
|
+
// The signature can be verified by reading the public key from the key set shippet with the it will ship the Wallet Instance Attestation;
|
|
35
|
+
// key is matched by its kid, which is supposed to be the thumbprint of its public key.
|
|
36
|
+
const keyThumbprint = await wiaCryptoContext.getPublicKey().then(_jwk.JWK.parse).then(_ioReactNativeJwt.thumbprint);
|
|
37
|
+
const iss = WalletInstanceAttestation.decode(walletInstanceAttestation).payload.cnf.jwk.kid;
|
|
38
|
+
const codeChallenge = await (0, _ioReactNativeJwt.sha256ToBase64)(codeVerifier);
|
|
39
|
+
const signedJwtForPar = await new _ioReactNativeJwt.SignJWT(wiaCryptoContext).setProtectedHeader({
|
|
45
40
|
kid: keyThumbprint
|
|
46
|
-
}
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
41
|
+
}).setPayload({
|
|
42
|
+
iss,
|
|
43
|
+
aud: pidProviderEntityConfiguration.payload.iss,
|
|
44
|
+
jti: `${_reactNativeUuid.default.v4()}`,
|
|
45
|
+
client_assertion_type: assertionType,
|
|
50
46
|
authorization_details: [{
|
|
51
|
-
|
|
52
|
-
type:
|
|
47
|
+
credential_definition: {
|
|
48
|
+
type: "PersonIdentificationData"
|
|
53
49
|
},
|
|
54
50
|
format: "vc+sd-jwt",
|
|
55
|
-
type: "
|
|
51
|
+
type: "openid_credential"
|
|
56
52
|
}],
|
|
57
53
|
response_type: "code",
|
|
58
54
|
code_challenge_method: "s256",
|
|
59
|
-
redirect_uri:
|
|
60
|
-
state:
|
|
61
|
-
client_id:
|
|
55
|
+
redirect_uri: walletProviderBaseUrl,
|
|
56
|
+
state: `${_reactNativeUuid.default.v4()}`,
|
|
57
|
+
client_id: clientId,
|
|
62
58
|
code_challenge: codeChallenge
|
|
63
|
-
}).
|
|
64
|
-
|
|
65
|
-
kid: publicKey.kid
|
|
66
|
-
}).setIssuedAt().setExpirationTime("1h").toSign();
|
|
67
|
-
return unsignedJwtForPar;
|
|
68
|
-
}
|
|
69
|
-
|
|
70
|
-
/**
|
|
71
|
-
* Make a PAR request to the PID issuer and return the response url
|
|
72
|
-
*
|
|
73
|
-
* @function
|
|
74
|
-
* @param unsignedJwtForPar The unsigned JWT for PAR
|
|
75
|
-
* @param signature The JWT for PAR signature
|
|
76
|
-
*
|
|
77
|
-
* @returns Unsigned PAR url
|
|
78
|
-
*
|
|
79
|
-
*/
|
|
80
|
-
async getPar(unsignedJwtForPar, signature) {
|
|
81
|
-
const codeChallenge = await (0, _ioReactNativeJwt.sha256ToBase64)(this.codeVerifier);
|
|
82
|
-
const signedJwtForPar = await _ioReactNativeJwt.SignJWT.appendSignature(unsignedJwtForPar, signature);
|
|
83
|
-
const parUrl = new URL("/as/par", this.pidProviderBaseUrl).href;
|
|
59
|
+
}).setIssuedAt().setExpirationTime("1h").sign();
|
|
60
|
+
const parUrl = pidProviderEntityConfiguration.payload.metadata.openid_credential_issuer.pushed_authorization_request_endpoint;
|
|
84
61
|
const requestBody = {
|
|
85
62
|
response_type: "code",
|
|
86
|
-
client_id:
|
|
63
|
+
client_id: clientId,
|
|
87
64
|
code_challenge: codeChallenge,
|
|
88
65
|
code_challenge_method: "S256",
|
|
89
|
-
client_assertion_type:
|
|
90
|
-
client_assertion:
|
|
66
|
+
client_assertion_type: assertionType,
|
|
67
|
+
client_assertion: walletInstanceAttestation,
|
|
91
68
|
request: signedJwtForPar
|
|
92
69
|
};
|
|
93
70
|
var formBody = new URLSearchParams(requestBody);
|
|
94
|
-
const response = await
|
|
71
|
+
const response = await appFetch(parUrl, {
|
|
95
72
|
method: "POST",
|
|
96
73
|
headers: {
|
|
97
74
|
"Content-Type": "application/x-www-form-urlencoded"
|
|
@@ -103,55 +80,56 @@ class Issuing {
|
|
|
103
80
|
return result.request_uri;
|
|
104
81
|
}
|
|
105
82
|
throw new _errors.PidIssuingError(`Unable to obtain PAR. Response code: ${await response.text()}`);
|
|
106
|
-
}
|
|
83
|
+
};
|
|
84
|
+
};
|
|
107
85
|
|
|
108
|
-
|
|
109
|
-
|
|
110
|
-
|
|
111
|
-
|
|
112
|
-
|
|
113
|
-
|
|
114
|
-
|
|
115
|
-
|
|
116
|
-
|
|
117
|
-
|
|
118
|
-
|
|
119
|
-
|
|
86
|
+
/**
|
|
87
|
+
* Start the issuing flow by generating an authorization request to the PID Provider. Obtain from the PID Provider an access token to be used to complete the issuing flow.
|
|
88
|
+
*
|
|
89
|
+
* @param params.wiaCryptoContext The key pair associated with the WIA. Will be use to prove the ownership of the attestation.
|
|
90
|
+
* @param params.appFetch (optional) Http client
|
|
91
|
+
* @param walletInstanceAttestation Wallet Instance Attestation token.
|
|
92
|
+
* @param walletProviderBaseUrl Base url for the Wallet Provider
|
|
93
|
+
* @param pidProviderEntityConfiguration The Entity Configuration of the PID Provider, from which discover public endooints.
|
|
94
|
+
* @returns The access token along with the values that identify the issuing session.
|
|
95
|
+
*/
|
|
96
|
+
const authorizeIssuing = _ref2 => {
|
|
97
|
+
let {
|
|
98
|
+
wiaCryptoContext,
|
|
99
|
+
appFetch = fetch
|
|
100
|
+
} = _ref2;
|
|
101
|
+
return async (walletInstanceAttestation, walletProviderBaseUrl, pidProviderEntityConfiguration) => {
|
|
102
|
+
// FIXME: do better
|
|
103
|
+
const clientId = await wiaCryptoContext.getPublicKey().then(_ => _.kid);
|
|
104
|
+
const codeVerifier = `${_reactNativeUuid.default.v4()}`;
|
|
105
|
+
const authorizationCode = `${_reactNativeUuid.default.v4()}`;
|
|
106
|
+
const tokenUrl = pidProviderEntityConfiguration.payload.metadata.openid_credential_issuer.token_endpoint;
|
|
107
|
+
await getPar({
|
|
108
|
+
wiaCryptoContext,
|
|
109
|
+
appFetch
|
|
110
|
+
})(clientId, codeVerifier, walletProviderBaseUrl, pidProviderEntityConfiguration, walletInstanceAttestation);
|
|
111
|
+
|
|
112
|
+
// Use an ephemeral key to be destroyed after use
|
|
113
|
+
const keytag = `ephemeral-${_reactNativeUuid.default.v4()}`;
|
|
114
|
+
await (0, _ioReactNativeCrypto.generate)(keytag);
|
|
115
|
+
const ephemeralContext = (0, _crypto.createCryptoContextFor)(keytag);
|
|
116
|
+
const signedDPop = await (0, _dpop.createDPopToken)({
|
|
120
117
|
htm: "POST",
|
|
121
118
|
htu: tokenUrl,
|
|
122
119
|
jti: `${_reactNativeUuid.default.v4()}`
|
|
123
|
-
});
|
|
124
|
-
|
|
125
|
-
}
|
|
126
|
-
|
|
127
|
-
/**
|
|
128
|
-
* Make an auth token request to the PID issuer
|
|
129
|
-
*
|
|
130
|
-
* @function
|
|
131
|
-
* @returns a token response
|
|
132
|
-
*
|
|
133
|
-
*/
|
|
134
|
-
async getAuthToken() {
|
|
135
|
-
//Generate fresh keys for DPoP
|
|
136
|
-
const dPopKeyTag = `${_reactNativeUuid.default.v4()}`;
|
|
137
|
-
const dPopKey = await (0, _ioReactNativeCrypto.generate)(dPopKeyTag);
|
|
138
|
-
const unsignedDPopForToken = await this.getUnsignedDPoP(dPopKey);
|
|
139
|
-
const dPopTokenSignature = await (0, _ioReactNativeCrypto.sign)(unsignedDPopForToken, dPopKeyTag);
|
|
140
|
-
await (0, _ioReactNativeCrypto.deleteKey)(dPopKeyTag);
|
|
141
|
-
const signedDPop = await _ioReactNativeJwt.SignJWT.appendSignature(unsignedDPopForToken, dPopTokenSignature);
|
|
142
|
-
const decodedJwtDPop = (0, _ioReactNativeJwt.decode)(signedDPop);
|
|
143
|
-
const tokenUrl = decodedJwtDPop.payload.htu;
|
|
120
|
+
}, ephemeralContext);
|
|
121
|
+
await (0, _ioReactNativeCrypto.deleteKey)(keytag);
|
|
144
122
|
const requestBody = {
|
|
145
123
|
grant_type: "authorization code",
|
|
146
|
-
client_id:
|
|
147
|
-
code:
|
|
148
|
-
code_verifier:
|
|
149
|
-
client_assertion_type:
|
|
150
|
-
client_assertion:
|
|
151
|
-
redirect_uri:
|
|
124
|
+
client_id: clientId,
|
|
125
|
+
code: authorizationCode,
|
|
126
|
+
code_verifier: codeVerifier,
|
|
127
|
+
client_assertion_type: assertionType,
|
|
128
|
+
client_assertion: walletInstanceAttestation,
|
|
129
|
+
redirect_uri: walletProviderBaseUrl
|
|
152
130
|
};
|
|
153
131
|
var formBody = new URLSearchParams(requestBody);
|
|
154
|
-
const response = await
|
|
132
|
+
const response = await appFetch(tokenUrl, {
|
|
155
133
|
method: "POST",
|
|
156
134
|
headers: {
|
|
157
135
|
"Content-Type": "application/x-www-form-urlencoded",
|
|
@@ -160,51 +138,67 @@ class Issuing {
|
|
|
160
138
|
body: formBody.toString()
|
|
161
139
|
});
|
|
162
140
|
if (response.status === 200) {
|
|
163
|
-
|
|
141
|
+
const {
|
|
142
|
+
c_nonce,
|
|
143
|
+
access_token
|
|
144
|
+
} = await response.json();
|
|
145
|
+
return {
|
|
146
|
+
accessToken: access_token,
|
|
147
|
+
nonce: c_nonce,
|
|
148
|
+
clientId,
|
|
149
|
+
codeVerifier,
|
|
150
|
+
authorizationCode,
|
|
151
|
+
walletProviderBaseUrl
|
|
152
|
+
};
|
|
164
153
|
}
|
|
165
154
|
throw new _errors.PidIssuingError(`Unable to obtain token. Response code: ${await response.text()}`);
|
|
166
|
-
}
|
|
155
|
+
};
|
|
156
|
+
};
|
|
167
157
|
|
|
168
|
-
|
|
169
|
-
|
|
170
|
-
|
|
171
|
-
|
|
172
|
-
|
|
173
|
-
|
|
174
|
-
|
|
175
|
-
|
|
176
|
-
|
|
177
|
-
|
|
178
|
-
|
|
179
|
-
|
|
180
|
-
}).setProtectedHeader({
|
|
181
|
-
alg: "ES256",
|
|
182
|
-
type: "openid4vci-proof+jwt"
|
|
183
|
-
}).setAudience(this.walletProviderBaseUrl).setIssuer(this.clientId).setIssuedAt().setExpirationTime("1h").toSign();
|
|
184
|
-
return unsignedProof;
|
|
185
|
-
}
|
|
158
|
+
/**
|
|
159
|
+
* Return the signed jwt for nonce proof of possession
|
|
160
|
+
*/
|
|
161
|
+
exports.authorizeIssuing = authorizeIssuing;
|
|
162
|
+
const createNonceProof = async (nonce, issuer, audience, ctx) => {
|
|
163
|
+
return new _ioReactNativeJwt.SignJWT(ctx).setPayload({
|
|
164
|
+
nonce,
|
|
165
|
+
jwk: await ctx.getPublicKey()
|
|
166
|
+
}).setProtectedHeader({
|
|
167
|
+
type: "openid4vci-proof+jwt"
|
|
168
|
+
}).setAudience(audience).setIssuer(issuer).setIssuedAt().setExpirationTime("1h").sign();
|
|
169
|
+
};
|
|
186
170
|
|
|
187
|
-
|
|
188
|
-
|
|
189
|
-
|
|
190
|
-
|
|
191
|
-
|
|
192
|
-
|
|
193
|
-
|
|
194
|
-
|
|
195
|
-
|
|
196
|
-
|
|
197
|
-
|
|
198
|
-
|
|
199
|
-
|
|
200
|
-
|
|
201
|
-
async
|
|
202
|
-
|
|
203
|
-
|
|
204
|
-
|
|
171
|
+
/**
|
|
172
|
+
* Complete the issuing flow and get the PID credential.
|
|
173
|
+
*
|
|
174
|
+
* @param params.pidCryptoContext The key pair associated with the PID. Will be use to prove the ownership of the credential.
|
|
175
|
+
* @param params.appFetch (optional) Http client
|
|
176
|
+
* @param authConf The authorization configuration retrieved with the access token
|
|
177
|
+
* @param cieData Data red from the CIE login process
|
|
178
|
+
* @returns The PID credential token
|
|
179
|
+
*/
|
|
180
|
+
const getCredential = _ref3 => {
|
|
181
|
+
let {
|
|
182
|
+
pidCryptoContext,
|
|
183
|
+
appFetch = fetch
|
|
184
|
+
} = _ref3;
|
|
185
|
+
return async (_ref4, pidProviderEntityConfiguration, cieData) => {
|
|
186
|
+
let {
|
|
187
|
+
nonce,
|
|
188
|
+
accessToken,
|
|
189
|
+
clientId,
|
|
190
|
+
walletProviderBaseUrl
|
|
191
|
+
} = _ref4;
|
|
192
|
+
const signedDPopForPid = await (0, _dpop.createDPopToken)({
|
|
193
|
+
htm: "POST",
|
|
194
|
+
htu: pidProviderEntityConfiguration.payload.metadata.openid_credential_issuer.token_endpoint,
|
|
195
|
+
jti: `${_reactNativeUuid.default.v4()}`
|
|
196
|
+
}, pidCryptoContext);
|
|
197
|
+
const signedNonceProof = await createNonceProof(nonce, clientId, walletProviderBaseUrl, pidCryptoContext);
|
|
198
|
+
const credentialUrl = pidProviderEntityConfiguration.payload.metadata.openid_credential_issuer.credential_endpoint;
|
|
205
199
|
const requestBody = {
|
|
206
200
|
credential_definition: JSON.stringify({
|
|
207
|
-
type: ["
|
|
201
|
+
type: ["PersonIdentificationData"]
|
|
208
202
|
}),
|
|
209
203
|
format: "vc+sd-jwt",
|
|
210
204
|
proof: JSON.stringify({
|
|
@@ -214,7 +208,7 @@ class Issuing {
|
|
|
214
208
|
})
|
|
215
209
|
};
|
|
216
210
|
const formBody = new URLSearchParams(requestBody);
|
|
217
|
-
const response = await
|
|
211
|
+
const response = await appFetch(credentialUrl, {
|
|
218
212
|
method: "POST",
|
|
219
213
|
headers: {
|
|
220
214
|
"Content-Type": "application/x-www-form-urlencoded",
|
|
@@ -224,37 +218,20 @@ class Issuing {
|
|
|
224
218
|
body: formBody.toString()
|
|
225
219
|
});
|
|
226
220
|
if (response.status === 200) {
|
|
227
|
-
|
|
228
|
-
|
|
229
|
-
|
|
230
|
-
}
|
|
231
|
-
|
|
232
|
-
/**
|
|
233
|
-
* Obtain the PID issuer metadata
|
|
234
|
-
*
|
|
235
|
-
* @function
|
|
236
|
-
* @returns PID issuer metadata
|
|
237
|
-
*
|
|
238
|
-
*/
|
|
239
|
-
async getEntityConfiguration() {
|
|
240
|
-
const metadataUrl = new URL("ci/.well-known/openid-federation", this.pidProviderBaseUrl).href;
|
|
241
|
-
const response = await this.appFetch(metadataUrl);
|
|
242
|
-
if (response.status === 200) {
|
|
243
|
-
const jwtMetadata = await response.text();
|
|
244
|
-
const {
|
|
245
|
-
payload
|
|
246
|
-
} = (0, _ioReactNativeJwt.decode)(jwtMetadata);
|
|
247
|
-
const result = _metadata.PidIssuerEntityConfiguration.safeParse(payload);
|
|
248
|
-
if (result.success) {
|
|
249
|
-
const parsedMetadata = result.data;
|
|
250
|
-
await (0, _ioReactNativeJwt.verify)(jwtMetadata, parsedMetadata.jwks.keys);
|
|
251
|
-
return parsedMetadata;
|
|
252
|
-
} else {
|
|
253
|
-
throw new _errors.PidMetadataError(result.error.message);
|
|
254
|
-
}
|
|
221
|
+
const pidResponse = await response.json();
|
|
222
|
+
await validatePid(pidResponse.credential, pidCryptoContext);
|
|
223
|
+
return pidResponse;
|
|
255
224
|
}
|
|
256
|
-
throw new _errors.
|
|
225
|
+
throw new _errors.PidIssuingError(`Unable to obtain credential! url=${credentialUrl} status=${response.status} body=${await response.text()}`);
|
|
226
|
+
};
|
|
227
|
+
};
|
|
228
|
+
exports.getCredential = getCredential;
|
|
229
|
+
const validatePid = async (pidJwt, pidCryptoContext) => {
|
|
230
|
+
const decoded = _2.SdJwt.decode(pidJwt);
|
|
231
|
+
const pidKey = await pidCryptoContext.getPublicKey();
|
|
232
|
+
const holderBindedKey = decoded.sdJwt.payload.cnf.jwk;
|
|
233
|
+
if ((await (0, _ioReactNativeJwt.thumbprint)(pidKey)) !== (await (0, _ioReactNativeJwt.thumbprint)(holderBindedKey))) {
|
|
234
|
+
throw new _errors.PidIssuingError(`The obtained pid does not seem to be valid according to your configuration. Your PID public key is: ${JSON.stringify(pidKey)} but PID holder binded key is: ${JSON.stringify(holderBindedKey)}`);
|
|
257
235
|
}
|
|
258
|
-
}
|
|
259
|
-
exports.Issuing = Issuing;
|
|
236
|
+
};
|
|
260
237
|
//# sourceMappingURL=issuing.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_ioReactNativeJwt","require","_jwk","_reactNativeUuid","_interopRequireDefault","_errors","_dpop","_ioReactNativeCrypto","
|
|
1
|
+
{"version":3,"names":["_ioReactNativeJwt","require","_jwk","_reactNativeUuid","_interopRequireDefault","_errors","_dpop","WalletInstanceAttestation","_interopRequireWildcard","_ioReactNativeCrypto","_2","_crypto","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","assertionType","getPar","_ref","wiaCryptoContext","appFetch","fetch","clientId","codeVerifier","walletProviderBaseUrl","pidProviderEntityConfiguration","walletInstanceAttestation","keyThumbprint","getPublicKey","then","JWK","parse","thumbprint","iss","decode","payload","cnf","jwk","kid","codeChallenge","sha256ToBase64","signedJwtForPar","SignJWT","setProtectedHeader","setPayload","aud","jti","uuid","v4","client_assertion_type","authorization_details","credential_definition","type","format","response_type","code_challenge_method","redirect_uri","state","client_id","code_challenge","setIssuedAt","setExpirationTime","sign","parUrl","metadata","openid_credential_issuer","pushed_authorization_request_endpoint","requestBody","client_assertion","request","formBody","URLSearchParams","response","method","headers","body","toString","status","result","json","request_uri","PidIssuingError","text","authorizeIssuing","_ref2","_","authorizationCode","tokenUrl","token_endpoint","keytag","generate","ephemeralContext","createCryptoContextFor","signedDPop","createDPopToken","htm","htu","deleteKey","grant_type","code","code_verifier","DPoP","c_nonce","access_token","accessToken","nonce","exports","createNonceProof","issuer","audience","ctx","setAudience","setIssuer","getCredential","_ref3","pidCryptoContext","_ref4","cieData","signedDPopForPid","signedNonceProof","credentialUrl","credential_endpoint","JSON","stringify","proof","jwt","proof_type","Authorization","pidResponse","validatePid","credential","pidJwt","decoded","SdJwt","pidKey","holderBindedKey","sdJwt"],"sourceRoot":"../../../src","sources":["pid/issuing.ts"],"mappings":";;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AAMA,IAAAC,IAAA,GAAAD,OAAA;AACA,IAAAE,gBAAA,GAAAC,sBAAA,CAAAH,OAAA;AACA,IAAAI,OAAA,GAAAJ,OAAA;AACA,IAAAK,KAAA,GAAAL,OAAA;AAEA,IAAAM,yBAAA,GAAAC,uBAAA,CAAAP,OAAA;AACA,IAAAQ,oBAAA,GAAAR,OAAA;AACA,IAAAS,EAAA,GAAAT,OAAA;AACA,IAAAU,OAAA,GAAAV,OAAA;AAAyD,SAAAW,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAL,wBAAAS,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAAA,SAAAnB,uBAAAa,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AACzD;;AAwBA,MAAMiB,aAAa,GACjB,oEAAoE;;AAEtE;AACA;AACA;AACA,MAAMC,MAAM,GACVC,IAAA;EAAA,IAAC;IACCC,gBAAgB;IAChBC,QAAQ,GAAGC;EAIb,CAAC,GAAAH,IAAA;EAAA,OACD,OACEI,QAAgB,EAChBC,YAAoB,EACpBC,qBAA6B,EAC7BC,8BAAmE,EACnEC,yBAAiC,KACb;IACpB;IACA;IACA;IACA;IACA,MAAMC,aAAa,GAAG,MAAMR,gBAAgB,CACzCS,YAAY,CAAC,CAAC,CACdC,IAAI,CAACC,QAAG,CAACC,KAAK,CAAC,CACfF,IAAI,CAACG,4BAAU,CAAC;IAEnB,MAAMC,GAAG,GAAG5C,yBAAyB,CAAC6C,MAAM,CAACR,yBAAyB,CAAC,CACpES,OAAO,CAACC,GAAG,CAACC,GAAG,CAACC,GAAG;IAEtB,MAAMC,aAAa,GAAG,MAAM,IAAAC,gCAAc,EAACjB,YAAY,CAAC;IAExD,MAAMkB,eAAe,GAAG,MAAM,IAAIC,yBAAO,CAACvB,gBAAgB,CAAC,CACxDwB,kBAAkB,CAAC;MAClBL,GAAG,EAAEX;IACP,CAAC,CAAC,CACDiB,UAAU,CAAC;MACVX,GAAG;MACHY,GAAG,EAAEpB,8BAA8B,CAACU,OAAO,CAACF,GAAG;MAC/Ca,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;MACnBC,qBAAqB,EAAEjC,aAAa;MACpCkC,qBAAqB,EAAE,CACrB;QACEC,qBAAqB,EAAE;UACrBC,IAAI,EAAE;QACR,CAAC;QACDC,MAAM,EAAE,WAAW;QACnBD,IAAI,EAAE;MACR,CAAC,CACF;MACDE,aAAa,EAAE,MAAM;MACrBC,qBAAqB,EAAE,MAAM;MAC7BC,YAAY,EAAEhC,qBAAqB;MACnCiC,KAAK,EAAG,GAAEV,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;MACrBU,SAAS,EAAEpC,QAAQ;MACnBqC,cAAc,EAAEpB;IAClB,CAAC,CAAC,CACDqB,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,IAAI,CAAC,CAAC;IAET,MAAMC,MAAM,GACVtC,8BAA8B,CAACU,OAAO,CAAC6B,QAAQ,CAACC,wBAAwB,CACrEC,qCAAqC;IAE1C,MAAMC,WAAW,GAAG;MAClBb,aAAa,EAAE,MAAM;MACrBI,SAAS,EAAEpC,QAAQ;MACnBqC,cAAc,EAAEpB,aAAa;MAC7BgB,qBAAqB,EAAE,MAAM;MAC7BN,qBAAqB,EAAEjC,aAAa;MACpCoD,gBAAgB,EAAE1C,yBAAyB;MAC3C2C,OAAO,EAAE5B;IACX,CAAC;IAED,IAAI6B,QAAQ,GAAG,IAAIC,eAAe,CAACJ,WAAW,CAAC;IAE/C,MAAMK,QAAQ,GAAG,MAAMpD,QAAQ,CAAC2C,MAAM,EAAE;MACtCU,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE;MAClB,CAAC;MACDC,IAAI,EAAEL,QAAQ,CAACM,QAAQ,CAAC;IAC1B,CAAC,CAAC;IAEF,IAAIJ,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAMC,MAAM,GAAG,MAAMN,QAAQ,CAACO,IAAI,CAAC,CAAC;MACpC,OAAOD,MAAM,CAACE,WAAW;IAC3B;IAEA,MAAM,IAAIC,uBAAe,CACtB,wCAAuC,MAAMT,QAAQ,CAACU,IAAI,CAAC,CAAE,EAChE,CAAC;EACH,CAAC;AAAA;;AAEH;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMC,gBAAgB,GAC3BC,KAAA;EAAA,IAAC;IACCjE,gBAAgB;IAChBC,QAAQ,GAAGC;EAIb,CAAC,GAAA+D,KAAA;EAAA,OACD,OACE1D,yBAAiC,EACjCF,qBAA6B,EAC7BC,8BAAmE,KACpC;IAC/B;IACA,MAAMH,QAAQ,GAAG,MAAMH,gBAAgB,CAACS,YAAY,CAAC,CAAC,CAACC,IAAI,CAAEwD,CAAC,IAAKA,CAAC,CAAC/C,GAAG,CAAC;IACzE,MAAMf,YAAY,GAAI,GAAEwB,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;IACnC,MAAMsC,iBAAiB,GAAI,GAAEvC,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;IACxC,MAAMuC,QAAQ,GACZ9D,8BAA8B,CAACU,OAAO,CAAC6B,QAAQ,CAACC,wBAAwB,CACrEuB,cAAc;IAEnB,MAAMvE,MAAM,CAAC;MAAEE,gBAAgB;MAAEC;IAAS,CAAC,CAAC,CAC1CE,QAAQ,EACRC,YAAY,EACZC,qBAAqB,EACrBC,8BAA8B,EAC9BC,yBACF,CAAC;;IAED;IACA,MAAM+D,MAAM,GAAI,aAAY1C,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;IACvC,MAAM,IAAA0C,6BAAQ,EAACD,MAAM,CAAC;IACtB,MAAME,gBAAgB,GAAG,IAAAC,8BAAsB,EAACH,MAAM,CAAC;IAEvD,MAAMI,UAAU,GAAG,MAAM,IAAAC,qBAAe,EACtC;MACEC,GAAG,EAAE,MAAM;MACXC,GAAG,EAAET,QAAQ;MACbzC,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE;IACpB,CAAC,EACD2C,gBACF,CAAC;IAED,MAAM,IAAAM,8BAAS,EAACR,MAAM,CAAC;IAEvB,MAAMtB,WAAW,GAAG;MAClB+B,UAAU,EAAE,oBAAoB;MAChCxC,SAAS,EAAEpC,QAAQ;MACnB6E,IAAI,EAAEb,iBAAiB;MACvBc,aAAa,EAAE7E,YAAY;MAC3B0B,qBAAqB,EAAEjC,aAAa;MACpCoD,gBAAgB,EAAE1C,yBAAyB;MAC3C8B,YAAY,EAAEhC;IAChB,CAAC;IACD,IAAI8C,QAAQ,GAAG,IAAIC,eAAe,CAACJ,WAAW,CAAC;IAE/C,MAAMK,QAAQ,GAAG,MAAMpD,QAAQ,CAACmE,QAAQ,EAAE;MACxCd,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE,mCAAmC;QACnD2B,IAAI,EAAER;MACR,CAAC;MACDlB,IAAI,EAAEL,QAAQ,CAACM,QAAQ,CAAC;IAC1B,CAAC,CAAC;IAEF,IAAIJ,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAM;QAAEyB,OAAO;QAAEC;MAAa,CAAC,GAAG,MAAM/B,QAAQ,CAACO,IAAI,CAAC,CAAC;MACvD,OAAO;QACLyB,WAAW,EAAED,YAAY;QACzBE,KAAK,EAAEH,OAAO;QACdhF,QAAQ;QACRC,YAAY;QACZ+D,iBAAiB;QACjB9D;MACF,CAAC;IACH;IAEA,MAAM,IAAIyD,uBAAe,CACtB,0CAAyC,MAAMT,QAAQ,CAACU,IAAI,CAAC,CAAE,EAClE,CAAC;EACH,CAAC;AAAA;;AAEH;AACA;AACA;AAFAwB,OAAA,CAAAvB,gBAAA,GAAAA,gBAAA;AAGA,MAAMwB,gBAAgB,GAAG,MAAAA,CACvBF,KAAa,EACbG,MAAc,EACdC,QAAgB,EAChBC,GAAkB,KACE;EACpB,OAAO,IAAIpE,yBAAO,CAACoE,GAAG,CAAC,CACpBlE,UAAU,CAAC;IACV6D,KAAK;IACLpE,GAAG,EAAE,MAAMyE,GAAG,CAAClF,YAAY,CAAC;EAC9B,CAAC,CAAC,CACDe,kBAAkB,CAAC;IAClBS,IAAI,EAAE;EACR,CAAC,CAAC,CACD2D,WAAW,CAACF,QAAQ,CAAC,CACrBG,SAAS,CAACJ,MAAM,CAAC,CACjBhD,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,IAAI,CAAC,CAAC;AACX,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMmD,aAAa,GACxBC,KAAA;EAAA,IAAC;IACCC,gBAAgB;IAChB/F,QAAQ,GAAGC;EAIb,CAAC,GAAA6F,KAAA;EAAA,OACD,OAAAE,KAAA,EAEE3F,8BAAmE,EACnE4F,OAAgB,KACS;IAAA,IAHzB;MAAEZ,KAAK;MAAED,WAAW;MAAElF,QAAQ;MAAEE;IAAyC,CAAC,GAAA4F,KAAA;IAI1E,MAAME,gBAAgB,GAAG,MAAM,IAAAxB,qBAAe,EAC5C;MACEC,GAAG,EAAE,MAAM;MACXC,GAAG,EAAEvE,8BAA8B,CAACU,OAAO,CAAC6B,QAAQ,CACjDC,wBAAwB,CAACuB,cAAc;MAC1C1C,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE;IACpB,CAAC,EACDmE,gBACF,CAAC;IACD,MAAMI,gBAAgB,GAAG,MAAMZ,gBAAgB,CAC7CF,KAAK,EACLnF,QAAQ,EACRE,qBAAqB,EACrB2F,gBACF,CAAC;IAED,MAAMK,aAAa,GACjB/F,8BAA8B,CAACU,OAAO,CAAC6B,QAAQ,CAACC,wBAAwB,CACrEwD,mBAAmB;IAExB,MAAMtD,WAAW,GAAG;MAClBhB,qBAAqB,EAAEuE,IAAI,CAACC,SAAS,CAAC;QACpCvE,IAAI,EAAE,CAAC,0BAA0B;MACnC,CAAC,CAAC;MACFC,MAAM,EAAE,WAAW;MACnBuE,KAAK,EAAEF,IAAI,CAACC,SAAS,CAAC;QACpBE,GAAG,EAAEN,gBAAgB;QACrBF,OAAO;QACPS,UAAU,EAAE;MACd,CAAC;IACH,CAAC;IACD,MAAMxD,QAAQ,GAAG,IAAIC,eAAe,CAACJ,WAAW,CAAC;IAEjD,MAAMK,QAAQ,GAAG,MAAMpD,QAAQ,CAACoG,aAAa,EAAE;MAC7C/C,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE,mCAAmC;QACnD2B,IAAI,EAAEiB,gBAAgB;QACtBS,aAAa,EAAEvB;MACjB,CAAC;MACD7B,IAAI,EAAEL,QAAQ,CAACM,QAAQ,CAAC;IAC1B,CAAC,CAAC;IAEF,IAAIJ,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAMmD,WAAW,GAAI,MAAMxD,QAAQ,CAACO,IAAI,CAAC,CAAiB;MAC1D,MAAMkD,WAAW,CAACD,WAAW,CAACE,UAAU,EAAEf,gBAAgB,CAAC;MAC3D,OAAOa,WAAW;IACpB;IAEA,MAAM,IAAI/C,uBAAe,CACtB,oCAAmCuC,aAAc,WAChDhD,QAAQ,CAACK,MACV,SAAQ,MAAML,QAAQ,CAACU,IAAI,CAAC,CAAE,EACjC,CAAC;EACH,CAAC;AAAA;AAACwB,OAAA,CAAAO,aAAA,GAAAA,aAAA;AAEJ,MAAMgB,WAAW,GAAG,MAAAA,CAAOE,MAAc,EAAEhB,gBAA+B,KAAK;EAC7E,MAAMiB,OAAO,GAAGC,QAAK,CAACnG,MAAM,CAACiG,MAAM,CAAC;EACpC,MAAMG,MAAM,GAAG,MAAMnB,gBAAgB,CAACvF,YAAY,CAAC,CAAC;EACpD,MAAM2G,eAAe,GAAGH,OAAO,CAACI,KAAK,CAACrG,OAAO,CAACC,GAAG,CAACC,GAAG;EAErD,IAAI,CAAC,MAAM,IAAAL,4BAAU,EAACsG,MAAM,CAAC,OAAO,MAAM,IAAAtG,4BAAU,EAACuG,eAAe,CAAC,CAAC,EAAE;IACtE,MAAM,IAAItD,uBAAe,CACtB,uGAAsGyC,IAAI,CAACC,SAAS,CACnHW,MACF,CAAE,kCAAiCZ,IAAI,CAACC,SAAS,CAACY,eAAe,CAAE,EACrE,CAAC;EACH;AACF,CAAC"}
|
|
@@ -1,17 +1,19 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
|
|
3
|
-
var
|
|
3
|
+
var _types = require("../../trust/types");
|
|
4
|
+
var RelyingPartySolution = _interopRequireWildcard(require(".."));
|
|
4
5
|
var _errors = require("../../utils/errors");
|
|
5
|
-
|
|
6
|
+
function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
|
|
7
|
+
function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
|
|
6
8
|
describe("decodeAuthRequestQR", () => {
|
|
7
9
|
it("should return authentication request URL", async () => {
|
|
8
10
|
const qrcode = "ZXVkaXc6Ly9hdXRob3JpemU/Y2xpZW50X2lkPWh0dHBzOi8vdmVyaWZpZXIuZXhhbXBsZS5vcmcmcmVxdWVzdF91cmk9aHR0cHM6Ly92ZXJpZmllci5leGFtcGxlLm9yZy9yZXF1ZXN0X3VyaQ==";
|
|
9
|
-
const result =
|
|
11
|
+
const result = RelyingPartySolution.decodeAuthRequestQR(qrcode);
|
|
10
12
|
expect(result.requestURI).toEqual("https://verifier.example.org/request_uri");
|
|
11
13
|
});
|
|
12
14
|
it("should throw exception with invalid QR", async () => {
|
|
13
15
|
const qrcode = "aHR0cDovL2dvb2dsZS5pdA==";
|
|
14
|
-
expect(() =>
|
|
16
|
+
expect(() => RelyingPartySolution.decodeAuthRequestQR(qrcode)).toThrowError(_errors.AuthRequestDecodeError);
|
|
15
17
|
});
|
|
16
18
|
});
|
|
17
19
|
describe("RpEntityConfiguration", () => {
|
|
@@ -158,7 +160,7 @@ describe("RpEntityConfiguration", () => {
|
|
|
158
160
|
authority_hints: ["https://demo.federation.eudi.wallet.developers.italia.it"]
|
|
159
161
|
}
|
|
160
162
|
};
|
|
161
|
-
const result = _types.
|
|
163
|
+
const result = _types.RelyingPartyEntityConfiguration.safeParse(pp);
|
|
162
164
|
if (result.success === false) {
|
|
163
165
|
throw result.error;
|
|
164
166
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["
|
|
1
|
+
{"version":3,"names":["_types","require","RelyingPartySolution","_interopRequireWildcard","_errors","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","describe","it","qrcode","result","decodeAuthRequestQR","expect","requestURI","toEqual","toThrowError","AuthRequestDecodeError","pp","header","alg","kid","typ","payload","exp","iat","iss","sub","jwks","keys","kty","e","n","metadata","federation_entity","organization_name","homepage_uri","policy_uri","logo_uri","contacts","wallet_relying_party","application_type","authorization_encrypted_response_alg","authorization_encrypted_response_enc","authorization_signed_response_alg","client_id","client_name","default_acr_values","default_max_age","id_token_encrypted_response_alg","id_token_encrypted_response_enc","id_token_signed_response_alg","presentation_definitions","id","input_descriptors","format","constraints","fields","filter","const","type","path","intent_to_retain","limit_disclosure","jwt","mso_mdoc","redirect_uris","request_uris","require_auth_time","subject_type","vp_formats","jwt_vp_json","crv","d","use","x","y","p","q","authority_hints","RelyingPartyEntityConfiguration","safeParse","success","error","toBe"],"sourceRoot":"../../../../src","sources":["rp/__test__/index.test.ts"],"mappings":";;AAAA,IAAAA,MAAA,GAAAC,OAAA;AACA,IAAAC,oBAAA,GAAAC,uBAAA,CAAAF,OAAA;AACA,IAAAG,OAAA,GAAAH,OAAA;AAA4D,SAAAI,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAH,wBAAAO,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAE5DW,QAAQ,CAAC,qBAAqB,EAAE,MAAM;EACpCC,EAAE,CAAC,0CAA0C,EAAE,YAAY;IACzD,MAAMC,MAAM,GACV,sJAAsJ;IACxJ,MAAMC,MAAM,GAAG5B,oBAAoB,CAAC6B,mBAAmB,CAACF,MAAM,CAAC;IAC/DG,MAAM,CAACF,MAAM,CAACG,UAAU,CAAC,CAACC,OAAO,CAC/B,0CACF,CAAC;EACH,CAAC,CAAC;EACFN,EAAE,CAAC,wCAAwC,EAAE,YAAY;IACvD,MAAMC,MAAM,GAAG,0BAA0B;IACzCG,MAAM,CAAC,MAAM9B,oBAAoB,CAAC6B,mBAAmB,CAACF,MAAM,CAAC,CAAC,CAACM,YAAY,CACzEC,8BACF,CAAC;EACH,CAAC,CAAC;AACJ,CAAC,CAAC;AAEFT,QAAQ,CAAC,uBAAuB,EAAE,MAAM;EACtCC,EAAE,CAAC,2BAA2B,EAAE,YAAY;IAC1C,MAAMS,EAAE,GAAG;MACTC,MAAM,EAAE;QACNC,GAAG,EAAE,OAAO;QACZC,GAAG,EAAE,6CAA6C;QAClDC,GAAG,EAAE;MACP,CAAC;MACDC,OAAO,EAAE;QACPC,GAAG,EAAE,UAAU;QACfC,GAAG,EAAE,UAAU;QACfC,GAAG,EAAE,+DAA+D;QACpEC,GAAG,EAAE,+DAA+D;QACpEC,IAAI,EAAE;UACJC,IAAI,EAAE,CACJ;YACEC,GAAG,EAAE,KAAK;YACVT,GAAG,EAAE,6CAA6C;YAClDU,CAAC,EAAE,MAAM;YACTC,CAAC,EAAE;UACL,CAAC;QAEL,CAAC;QACDC,QAAQ,EAAE;UACRC,iBAAiB,EAAE;YACjBC,iBAAiB,EAAE,iBAAiB;YACpCC,YAAY,EAAE,iCAAiC;YAC/CC,UAAU,EAAE,iCAAiC;YAC7CC,QAAQ,EAAE,iCAAiC;YAC3CC,QAAQ,EAAE,CAAC,iCAAiC;UAC9C,CAAC;UACDC,oBAAoB,EAAE;YACpBC,gBAAgB,EAAE,KAAK;YACvBC,oCAAoC,EAAE,CACpC,UAAU,EACV,cAAc,EACd,SAAS,EACT,gBAAgB,EAChB,gBAAgB,EAChB,gBAAgB,CACjB;YACDC,oCAAoC,EAAE,CACpC,eAAe,EACf,eAAe,EACf,eAAe,EACf,SAAS,EACT,SAAS,EACT,SAAS,CACV;YACDC,iCAAiC,EAAE,CACjC,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,CACR;YACDC,SAAS,EACP,+DAA+D;YACjEC,WAAW,EAAE,iCAAiC;YAC9CP,QAAQ,EAAE,CAAC,0BAA0B,CAAC;YACtCQ,kBAAkB,EAAE,CAClB,gCAAgC,EAChC,gCAAgC,CACjC;YACDC,eAAe,EAAE,IAAI;YACrBC,+BAA+B,EAAE,CAC/B,UAAU,EACV,cAAc,EACd,SAAS,EACT,gBAAgB,EAChB,gBAAgB,EAChB,gBAAgB,CACjB;YACDC,+BAA+B,EAAE,CAC/B,eAAe,EACf,eAAe,EACf,eAAe,EACf,SAAS,EACT,SAAS,EACT,SAAS,CACV;YACDC,4BAA4B,EAAE,CAC5B,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,CACR;YACDC,wBAAwB,EAAE,CACxB;cACEC,EAAE,EAAE,6CAA6C;cACjDC,iBAAiB,EAAE,CACjB;gBACED,EAAE,EAAE,6CAA6C;gBACjDE,MAAM,EAAE;kBACNC,WAAW,EAAE;oBACXC,MAAM,EAAE,CACN;sBACEC,MAAM,EAAE;wBACNC,KAAK,EAAE,0BAA0B;wBACjCC,IAAI,EAAE;sBACR,CAAC;sBACDC,IAAI,EAAE,CAAC,eAAe;oBACxB,CAAC,EACD;sBACEH,MAAM,EAAE;wBACNE,IAAI,EAAE;sBACR,CAAC;sBACDC,IAAI,EAAE,CAAC,cAAc;oBACvB,CAAC,EACD;sBACEC,gBAAgB,EAAE,MAAM;sBACxBD,IAAI,EAAE,CAAC,sBAAsB;oBAC/B,CAAC,EACD;sBACEC,gBAAgB,EAAE,MAAM;sBACxBD,IAAI,EAAE,CAAC,qBAAqB;oBAC9B,CAAC,EACD;sBACEC,gBAAgB,EAAE,MAAM;sBACxBD,IAAI,EAAE,CAAC,oBAAoB;oBAC7B,CAAC,CACF;oBACDE,gBAAgB,EAAE;kBACpB,CAAC;kBACDC,GAAG,EAAE;oBACH5C,GAAG,EAAE,CAAC,OAAO,EAAE,OAAO;kBACxB;gBACF;cACF,CAAC;YAEL,CAAC,EACD;cACEiC,EAAE,EAAE,gBAAgB;cACpBC,iBAAiB,EAAE,CACjB;gBACEC,MAAM,EAAE;kBACNC,WAAW,EAAE;oBACXC,MAAM,EAAE,CACN;sBACEC,MAAM,EAAE;wBACNC,KAAK,EAAE,uBAAuB;wBAC9BC,IAAI,EAAE;sBACR,CAAC;sBACDC,IAAI,EAAE,CAAC,gBAAgB;oBACzB,CAAC,EACD;sBACEH,MAAM,EAAE;wBACNC,KAAK,EAAE,mBAAmB;wBAC1BC,IAAI,EAAE;sBACR,CAAC;sBACDC,IAAI,EAAE,CAAC,kBAAkB;oBAC3B,CAAC,EACD;sBACEC,gBAAgB,EAAE,OAAO;sBACzBD,IAAI,EAAE,CAAC,oBAAoB;oBAC7B,CAAC,EACD;sBACEC,gBAAgB,EAAE,OAAO;sBACzBD,IAAI,EAAE,CAAC,iBAAiB;oBAC1B,CAAC,EACD;sBACEC,gBAAgB,EAAE,OAAO;sBACzBD,IAAI,EAAE,CAAC,2BAA2B;oBACpC,CAAC,CACF;oBACDE,gBAAgB,EAAE;kBACpB,CAAC;kBACDE,QAAQ,EAAE;oBACR7C,GAAG,EAAE,CAAC,OAAO,EAAE,OAAO;kBACxB;gBACF,CAAC;gBACDiC,EAAE,EAAE;cACN,CAAC;YAEL,CAAC,CACF;YACDa,aAAa,EAAE,CACb,4EAA4E,CAC7E;YACDC,YAAY,EAAE,CACZ,2EAA2E,CAC5E;YACDC,iBAAiB,EAAE,IAAI;YACvBC,YAAY,EAAE,UAAU;YACxBC,UAAU,EAAE;cACVC,WAAW,EAAE;gBACXnD,GAAG,EAAE,CAAC,OAAO,EAAE,QAAQ;cACzB;YACF,CAAC;YACDQ,IAAI,EAAE,CACJ;cACE4C,GAAG,EAAE,OAAO;cACZC,CAAC,EAAE,6CAA6C;cAChDpD,GAAG,EAAE,6CAA6C;cAClDqD,GAAG,EAAE,KAAK;cACV5C,GAAG,EAAE,IAAI;cACT6C,CAAC,EAAE,6CAA6C;cAChDC,CAAC,EAAE;YACL,CAAC,EACD;cACE9C,GAAG,EAAE,KAAK;cACV2C,CAAC,EAAE,wVAAwV;cAC3V1C,CAAC,EAAE,MAAM;cACT2C,GAAG,EAAE,KAAK;cACVrD,GAAG,EAAE,6CAA6C;cAClDW,CAAC,EAAE,wVAAwV;cAC3V6C,CAAC,EAAE,6KAA6K;cAChLC,CAAC,EAAE;YACL,CAAC;UAEL;QACF,CAAC;QACDC,eAAe,EAAE,CACf,0DAA0D;MAE9D;IACF,CAAC;IACD,MAAMpE,MAAM,GAAGqE,sCAA+B,CAACC,SAAS,CAAC/D,EAAE,CAAC;IAC5D,IAAIP,MAAM,CAACuE,OAAO,KAAK,KAAK,EAAE;MAC5B,MAAMvE,MAAM,CAACwE,KAAK;IACpB;IACAtE,MAAM,CAACF,MAAM,CAACuE,OAAO,CAAC,CAACE,IAAI,CAAC,IAAI,CAAC;EACnC,CAAC,CAAC;AACJ,CAAC,CAAC"}
|