@pagopa/io-react-native-wallet 0.4.3 → 0.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +128 -19
- package/lib/commonjs/index.js +16 -23
- package/lib/commonjs/index.js.map +1 -1
- package/lib/commonjs/pid/index.js +3 -8
- package/lib/commonjs/pid/index.js.map +1 -1
- package/lib/commonjs/pid/issuing.js +153 -176
- package/lib/commonjs/pid/issuing.js.map +1 -1
- package/lib/commonjs/rp/__test__/index.test.js +7 -5
- package/lib/commonjs/rp/__test__/index.test.js.map +1 -1
- package/lib/commonjs/rp/index.js +145 -155
- package/lib/commonjs/rp/index.js.map +1 -1
- package/lib/commonjs/rp/types.js +1 -21
- package/lib/commonjs/rp/types.js.map +1 -1
- package/lib/commonjs/trust/index.js +24 -5
- package/lib/commonjs/trust/index.js.map +1 -1
- package/lib/commonjs/trust/types.js +102 -9
- package/lib/commonjs/trust/types.js.map +1 -1
- package/lib/commonjs/utils/crypto.js +46 -0
- package/lib/commonjs/utils/crypto.js.map +1 -0
- package/lib/commonjs/utils/dpop.js +14 -7
- package/lib/commonjs/utils/dpop.js.map +1 -1
- package/lib/commonjs/wallet-instance-attestation/index.js +3 -3
- package/lib/commonjs/wallet-instance-attestation/issuing.js +42 -60
- package/lib/commonjs/wallet-instance-attestation/issuing.js.map +1 -1
- package/lib/module/index.js +4 -6
- package/lib/module/index.js.map +1 -1
- package/lib/module/pid/index.js +1 -1
- package/lib/module/pid/index.js.map +1 -1
- package/lib/module/pid/issuing.js +152 -180
- package/lib/module/pid/issuing.js.map +1 -1
- package/lib/module/rp/__test__/index.test.js +3 -3
- package/lib/module/rp/__test__/index.test.js.map +1 -1
- package/lib/module/rp/index.js +141 -154
- package/lib/module/rp/index.js.map +1 -1
- package/lib/module/rp/types.js +0 -20
- package/lib/module/rp/types.js.map +1 -1
- package/lib/module/trust/index.js +19 -5
- package/lib/module/trust/index.js.map +1 -1
- package/lib/module/trust/types.js +100 -7
- package/lib/module/trust/types.js.map +1 -1
- package/lib/module/utils/crypto.js +40 -0
- package/lib/module/utils/crypto.js.map +1 -0
- package/lib/module/utils/dpop.js +13 -5
- package/lib/module/utils/dpop.js.map +1 -1
- package/lib/module/wallet-instance-attestation/index.js +2 -2
- package/lib/module/wallet-instance-attestation/index.js.map +1 -1
- package/lib/module/wallet-instance-attestation/issuing.js +40 -58
- package/lib/module/wallet-instance-attestation/issuing.js.map +1 -1
- package/lib/typescript/index.d.ts +4 -6
- package/lib/typescript/index.d.ts.map +1 -1
- package/lib/typescript/pid/index.d.ts +1 -1
- package/lib/typescript/pid/index.d.ts.map +1 -1
- package/lib/typescript/pid/issuing.d.ts +43 -88
- package/lib/typescript/pid/issuing.d.ts.map +1 -1
- package/lib/typescript/rp/index.d.ts +41 -87
- package/lib/typescript/rp/index.d.ts.map +1 -1
- package/lib/typescript/rp/types.d.ts +10 -906
- package/lib/typescript/rp/types.d.ts.map +1 -1
- package/lib/typescript/sd-jwt/index.d.ts +1 -1
- package/lib/typescript/sd-jwt/index.d.ts.map +1 -1
- package/lib/typescript/trust/index.d.ts +806 -3
- package/lib/typescript/trust/index.d.ts.map +1 -1
- package/lib/typescript/trust/types.d.ts +9655 -297
- package/lib/typescript/trust/types.d.ts.map +1 -1
- package/lib/typescript/utils/crypto.d.ts +10 -0
- package/lib/typescript/utils/crypto.d.ts.map +1 -0
- package/lib/typescript/utils/dpop.d.ts +10 -2
- package/lib/typescript/utils/dpop.d.ts.map +1 -1
- package/lib/typescript/wallet-instance-attestation/index.d.ts +2 -2
- package/lib/typescript/wallet-instance-attestation/index.d.ts.map +1 -1
- package/lib/typescript/wallet-instance-attestation/issuing.d.ts +18 -31
- package/lib/typescript/wallet-instance-attestation/issuing.d.ts.map +1 -1
- package/lib/typescript/wallet-instance-attestation/types.d.ts +4 -4
- package/package.json +2 -2
- package/src/index.ts +14 -13
- package/src/pid/index.ts +1 -1
- package/src/pid/issuing.ts +233 -232
- package/src/rp/__test__/index.test.ts +3 -3
- package/src/rp/index.ts +172 -194
- package/src/rp/types.ts +0 -24
- package/src/sd-jwt/index.ts +1 -1
- package/src/trust/index.ts +106 -5
- package/src/trust/types.ts +152 -34
- package/src/utils/crypto.ts +41 -0
- package/src/utils/dpop.ts +17 -7
- package/src/wallet-instance-attestation/index.ts +2 -2
- package/src/wallet-instance-attestation/issuing.ts +51 -63
- package/lib/commonjs/pid/metadata.js +0 -49
- package/lib/commonjs/pid/metadata.js.map +0 -1
- package/lib/module/pid/metadata.js +0 -41
- package/lib/module/pid/metadata.js.map +0 -1
- package/lib/typescript/pid/metadata.d.ts +0 -482
- package/lib/typescript/pid/metadata.d.ts.map +0 -1
- package/src/pid/metadata.ts +0 -46
|
@@ -3,95 +3,72 @@
|
|
|
3
3
|
Object.defineProperty(exports, "__esModule", {
|
|
4
4
|
value: true
|
|
5
5
|
});
|
|
6
|
-
exports.
|
|
6
|
+
exports.getCredential = exports.authorizeIssuing = void 0;
|
|
7
7
|
var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
|
|
8
8
|
var _jwk = require("../utils/jwk");
|
|
9
9
|
var _reactNativeUuid = _interopRequireDefault(require("react-native-uuid"));
|
|
10
10
|
var _errors = require("../utils/errors");
|
|
11
11
|
var _dpop = require("../utils/dpop");
|
|
12
|
+
var WalletInstanceAttestation = _interopRequireWildcard(require("../wallet-instance-attestation"));
|
|
12
13
|
var _ioReactNativeCrypto = require("@pagopa/io-react-native-crypto");
|
|
13
|
-
var
|
|
14
|
-
var
|
|
14
|
+
var _2 = require(".");
|
|
15
|
+
var _crypto = require("../utils/crypto");
|
|
16
|
+
function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
|
|
17
|
+
function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
|
|
15
18
|
function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
|
|
16
19
|
// This is a temporary type that will be used for demo purposes only
|
|
17
20
|
|
|
18
|
-
|
|
19
|
-
constructor(pidProviderBaseUrl, walletProviderBaseUrl, walletInstanceAttestation, clientId) {
|
|
20
|
-
let appFetch = arguments.length > 4 && arguments[4] !== undefined ? arguments[4] : fetch;
|
|
21
|
-
this.pidProviderBaseUrl = pidProviderBaseUrl;
|
|
22
|
-
this.walletProviderBaseUrl = walletProviderBaseUrl;
|
|
23
|
-
this.state = `${_reactNativeUuid.default.v4()}`;
|
|
24
|
-
this.codeVerifier = `${_reactNativeUuid.default.v4()}`;
|
|
25
|
-
this.authorizationCode = `${_reactNativeUuid.default.v4()}`;
|
|
26
|
-
this.walletInstanceAttestation = walletInstanceAttestation;
|
|
27
|
-
this.clientId = clientId;
|
|
28
|
-
this.appFetch = appFetch;
|
|
29
|
-
}
|
|
21
|
+
const assertionType = "urn:ietf:params:oauth:client-assertion-type:jwt-client-attestation";
|
|
30
22
|
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
23
|
+
/**
|
|
24
|
+
* Make a PAR request to the PID issuer and return the response url
|
|
25
|
+
*/
|
|
26
|
+
const getPar = _ref => {
|
|
27
|
+
let {
|
|
28
|
+
wiaCryptoContext,
|
|
29
|
+
appFetch = fetch
|
|
30
|
+
} = _ref;
|
|
31
|
+
return async (clientId, codeVerifier, walletProviderBaseUrl, pidProviderEntityConfiguration, walletInstanceAttestation) => {
|
|
32
|
+
// Calculate the thumbprint of the public key of the Wallet Instance Attestation.
|
|
33
|
+
// The PAR request token is signed used the Wallet Instance Attestation key.
|
|
34
|
+
// The signature can be verified by reading the public key from the key set shippet with the it will ship the Wallet Instance Attestation;
|
|
35
|
+
// key is matched by its kid, which is supposed to be the thumbprint of its public key.
|
|
36
|
+
const keyThumbprint = await wiaCryptoContext.getPublicKey().then(_jwk.JWK.parse).then(_ioReactNativeJwt.thumbprint);
|
|
37
|
+
const iss = WalletInstanceAttestation.decode(walletInstanceAttestation).payload.cnf.jwk.kid;
|
|
38
|
+
const codeChallenge = await (0, _ioReactNativeJwt.sha256ToBase64)(codeVerifier);
|
|
39
|
+
const signedJwtForPar = await new _ioReactNativeJwt.SignJWT(wiaCryptoContext).setProtectedHeader({
|
|
45
40
|
kid: keyThumbprint
|
|
46
|
-
}
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
41
|
+
}).setPayload({
|
|
42
|
+
iss,
|
|
43
|
+
aud: pidProviderEntityConfiguration.payload.iss,
|
|
44
|
+
jti: `${_reactNativeUuid.default.v4()}`,
|
|
45
|
+
client_assertion_type: assertionType,
|
|
50
46
|
authorization_details: [{
|
|
51
|
-
|
|
52
|
-
type:
|
|
47
|
+
credential_definition: {
|
|
48
|
+
type: "PersonIdentificationData"
|
|
53
49
|
},
|
|
54
50
|
format: "vc+sd-jwt",
|
|
55
|
-
type: "
|
|
51
|
+
type: "openid_credential"
|
|
56
52
|
}],
|
|
57
53
|
response_type: "code",
|
|
58
54
|
code_challenge_method: "s256",
|
|
59
|
-
redirect_uri:
|
|
60
|
-
state:
|
|
61
|
-
client_id:
|
|
55
|
+
redirect_uri: walletProviderBaseUrl,
|
|
56
|
+
state: `${_reactNativeUuid.default.v4()}`,
|
|
57
|
+
client_id: clientId,
|
|
62
58
|
code_challenge: codeChallenge
|
|
63
|
-
}).
|
|
64
|
-
|
|
65
|
-
kid: publicKey.kid
|
|
66
|
-
}).setIssuedAt().setExpirationTime("1h").toSign();
|
|
67
|
-
return unsignedJwtForPar;
|
|
68
|
-
}
|
|
69
|
-
|
|
70
|
-
/**
|
|
71
|
-
* Make a PAR request to the PID issuer and return the response url
|
|
72
|
-
*
|
|
73
|
-
* @function
|
|
74
|
-
* @param unsignedJwtForPar The unsigned JWT for PAR
|
|
75
|
-
* @param signature The JWT for PAR signature
|
|
76
|
-
*
|
|
77
|
-
* @returns Unsigned PAR url
|
|
78
|
-
*
|
|
79
|
-
*/
|
|
80
|
-
async getPar(unsignedJwtForPar, signature) {
|
|
81
|
-
const codeChallenge = await (0, _ioReactNativeJwt.sha256ToBase64)(this.codeVerifier);
|
|
82
|
-
const signedJwtForPar = await _ioReactNativeJwt.SignJWT.appendSignature(unsignedJwtForPar, signature);
|
|
83
|
-
const parUrl = new URL("/as/par", this.pidProviderBaseUrl).href;
|
|
59
|
+
}).setIssuedAt().setExpirationTime("1h").sign();
|
|
60
|
+
const parUrl = pidProviderEntityConfiguration.payload.metadata.openid_credential_issuer.pushed_authorization_request_endpoint;
|
|
84
61
|
const requestBody = {
|
|
85
62
|
response_type: "code",
|
|
86
|
-
client_id:
|
|
63
|
+
client_id: clientId,
|
|
87
64
|
code_challenge: codeChallenge,
|
|
88
65
|
code_challenge_method: "S256",
|
|
89
|
-
client_assertion_type:
|
|
90
|
-
client_assertion:
|
|
66
|
+
client_assertion_type: assertionType,
|
|
67
|
+
client_assertion: walletInstanceAttestation,
|
|
91
68
|
request: signedJwtForPar
|
|
92
69
|
};
|
|
93
70
|
var formBody = new URLSearchParams(requestBody);
|
|
94
|
-
const response = await
|
|
71
|
+
const response = await appFetch(parUrl, {
|
|
95
72
|
method: "POST",
|
|
96
73
|
headers: {
|
|
97
74
|
"Content-Type": "application/x-www-form-urlencoded"
|
|
@@ -103,55 +80,56 @@ class Issuing {
|
|
|
103
80
|
return result.request_uri;
|
|
104
81
|
}
|
|
105
82
|
throw new _errors.PidIssuingError(`Unable to obtain PAR. Response code: ${await response.text()}`);
|
|
106
|
-
}
|
|
83
|
+
};
|
|
84
|
+
};
|
|
107
85
|
|
|
108
|
-
|
|
109
|
-
|
|
110
|
-
|
|
111
|
-
|
|
112
|
-
|
|
113
|
-
|
|
114
|
-
|
|
115
|
-
|
|
116
|
-
|
|
117
|
-
|
|
118
|
-
|
|
119
|
-
|
|
86
|
+
/**
|
|
87
|
+
* Start the issuing flow by generating an authorization request to the PID Provider. Obtain from the PID Provider an access token to be used to complete the issuing flow.
|
|
88
|
+
*
|
|
89
|
+
* @param params.wiaCryptoContext The key pair associated with the WIA. Will be use to prove the ownership of the attestation.
|
|
90
|
+
* @param params.appFetch (optional) Http client
|
|
91
|
+
* @param walletInstanceAttestation Wallet Instance Attestation token.
|
|
92
|
+
* @param walletProviderBaseUrl Base url for the Wallet Provider
|
|
93
|
+
* @param pidProviderEntityConfiguration The Entity Configuration of the PID Provider, from which discover public endooints.
|
|
94
|
+
* @returns The access token along with the values that identify the issuing session.
|
|
95
|
+
*/
|
|
96
|
+
const authorizeIssuing = _ref2 => {
|
|
97
|
+
let {
|
|
98
|
+
wiaCryptoContext,
|
|
99
|
+
appFetch = fetch
|
|
100
|
+
} = _ref2;
|
|
101
|
+
return async (walletInstanceAttestation, walletProviderBaseUrl, pidProviderEntityConfiguration) => {
|
|
102
|
+
// FIXME: do better
|
|
103
|
+
const clientId = await wiaCryptoContext.getPublicKey().then(_ => _.kid);
|
|
104
|
+
const codeVerifier = `${_reactNativeUuid.default.v4()}`;
|
|
105
|
+
const authorizationCode = `${_reactNativeUuid.default.v4()}`;
|
|
106
|
+
const tokenUrl = pidProviderEntityConfiguration.payload.metadata.openid_credential_issuer.token_endpoint;
|
|
107
|
+
await getPar({
|
|
108
|
+
wiaCryptoContext,
|
|
109
|
+
appFetch
|
|
110
|
+
})(clientId, codeVerifier, walletProviderBaseUrl, pidProviderEntityConfiguration, walletInstanceAttestation);
|
|
111
|
+
|
|
112
|
+
// Use an ephemeral key to be destroyed after use
|
|
113
|
+
const keytag = `ephemeral-${_reactNativeUuid.default.v4()}`;
|
|
114
|
+
await (0, _ioReactNativeCrypto.generate)(keytag);
|
|
115
|
+
const ephemeralContext = (0, _crypto.createCryptoContextFor)(keytag);
|
|
116
|
+
const signedDPop = await (0, _dpop.createDPopToken)({
|
|
120
117
|
htm: "POST",
|
|
121
118
|
htu: tokenUrl,
|
|
122
119
|
jti: `${_reactNativeUuid.default.v4()}`
|
|
123
|
-
});
|
|
124
|
-
|
|
125
|
-
}
|
|
126
|
-
|
|
127
|
-
/**
|
|
128
|
-
* Make an auth token request to the PID issuer
|
|
129
|
-
*
|
|
130
|
-
* @function
|
|
131
|
-
* @returns a token response
|
|
132
|
-
*
|
|
133
|
-
*/
|
|
134
|
-
async getAuthToken() {
|
|
135
|
-
//Generate fresh keys for DPoP
|
|
136
|
-
const dPopKeyTag = `${_reactNativeUuid.default.v4()}`;
|
|
137
|
-
const dPopKey = await (0, _ioReactNativeCrypto.generate)(dPopKeyTag);
|
|
138
|
-
const unsignedDPopForToken = await this.getUnsignedDPoP(dPopKey);
|
|
139
|
-
const dPopTokenSignature = await (0, _ioReactNativeCrypto.sign)(unsignedDPopForToken, dPopKeyTag);
|
|
140
|
-
await (0, _ioReactNativeCrypto.deleteKey)(dPopKeyTag);
|
|
141
|
-
const signedDPop = await _ioReactNativeJwt.SignJWT.appendSignature(unsignedDPopForToken, dPopTokenSignature);
|
|
142
|
-
const decodedJwtDPop = (0, _ioReactNativeJwt.decode)(signedDPop);
|
|
143
|
-
const tokenUrl = decodedJwtDPop.payload.htu;
|
|
120
|
+
}, ephemeralContext);
|
|
121
|
+
await (0, _ioReactNativeCrypto.deleteKey)(keytag);
|
|
144
122
|
const requestBody = {
|
|
145
123
|
grant_type: "authorization code",
|
|
146
|
-
client_id:
|
|
147
|
-
code:
|
|
148
|
-
code_verifier:
|
|
149
|
-
client_assertion_type:
|
|
150
|
-
client_assertion:
|
|
151
|
-
redirect_uri:
|
|
124
|
+
client_id: clientId,
|
|
125
|
+
code: authorizationCode,
|
|
126
|
+
code_verifier: codeVerifier,
|
|
127
|
+
client_assertion_type: assertionType,
|
|
128
|
+
client_assertion: walletInstanceAttestation,
|
|
129
|
+
redirect_uri: walletProviderBaseUrl
|
|
152
130
|
};
|
|
153
131
|
var formBody = new URLSearchParams(requestBody);
|
|
154
|
-
const response = await
|
|
132
|
+
const response = await appFetch(tokenUrl, {
|
|
155
133
|
method: "POST",
|
|
156
134
|
headers: {
|
|
157
135
|
"Content-Type": "application/x-www-form-urlencoded",
|
|
@@ -160,51 +138,67 @@ class Issuing {
|
|
|
160
138
|
body: formBody.toString()
|
|
161
139
|
});
|
|
162
140
|
if (response.status === 200) {
|
|
163
|
-
|
|
141
|
+
const {
|
|
142
|
+
c_nonce,
|
|
143
|
+
access_token
|
|
144
|
+
} = await response.json();
|
|
145
|
+
return {
|
|
146
|
+
accessToken: access_token,
|
|
147
|
+
nonce: c_nonce,
|
|
148
|
+
clientId,
|
|
149
|
+
codeVerifier,
|
|
150
|
+
authorizationCode,
|
|
151
|
+
walletProviderBaseUrl
|
|
152
|
+
};
|
|
164
153
|
}
|
|
165
154
|
throw new _errors.PidIssuingError(`Unable to obtain token. Response code: ${await response.text()}`);
|
|
166
|
-
}
|
|
155
|
+
};
|
|
156
|
+
};
|
|
167
157
|
|
|
168
|
-
|
|
169
|
-
|
|
170
|
-
|
|
171
|
-
|
|
172
|
-
|
|
173
|
-
|
|
174
|
-
|
|
175
|
-
|
|
176
|
-
|
|
177
|
-
|
|
178
|
-
|
|
179
|
-
|
|
180
|
-
}).setProtectedHeader({
|
|
181
|
-
alg: "ES256",
|
|
182
|
-
type: "openid4vci-proof+jwt"
|
|
183
|
-
}).setAudience(this.walletProviderBaseUrl).setIssuer(this.clientId).setIssuedAt().setExpirationTime("1h").toSign();
|
|
184
|
-
return unsignedProof;
|
|
185
|
-
}
|
|
158
|
+
/**
|
|
159
|
+
* Return the signed jwt for nonce proof of possession
|
|
160
|
+
*/
|
|
161
|
+
exports.authorizeIssuing = authorizeIssuing;
|
|
162
|
+
const createNonceProof = async (nonce, issuer, audience, ctx) => {
|
|
163
|
+
return new _ioReactNativeJwt.SignJWT(ctx).setPayload({
|
|
164
|
+
nonce,
|
|
165
|
+
jwk: await ctx.getPublicKey()
|
|
166
|
+
}).setProtectedHeader({
|
|
167
|
+
type: "openid4vci-proof+jwt"
|
|
168
|
+
}).setAudience(audience).setIssuer(issuer).setIssuedAt().setExpirationTime("1h").sign();
|
|
169
|
+
};
|
|
186
170
|
|
|
187
|
-
|
|
188
|
-
|
|
189
|
-
|
|
190
|
-
|
|
191
|
-
|
|
192
|
-
|
|
193
|
-
|
|
194
|
-
|
|
195
|
-
|
|
196
|
-
|
|
197
|
-
|
|
198
|
-
|
|
199
|
-
|
|
200
|
-
|
|
201
|
-
async
|
|
202
|
-
|
|
203
|
-
|
|
204
|
-
|
|
171
|
+
/**
|
|
172
|
+
* Complete the issuing flow and get the PID credential.
|
|
173
|
+
*
|
|
174
|
+
* @param params.pidCryptoContext The key pair associated with the PID. Will be use to prove the ownership of the credential.
|
|
175
|
+
* @param params.appFetch (optional) Http client
|
|
176
|
+
* @param authConf The authorization configuration retrieved with the access token
|
|
177
|
+
* @param cieData Data red from the CIE login process
|
|
178
|
+
* @returns The PID credential token
|
|
179
|
+
*/
|
|
180
|
+
const getCredential = _ref3 => {
|
|
181
|
+
let {
|
|
182
|
+
pidCryptoContext,
|
|
183
|
+
appFetch = fetch
|
|
184
|
+
} = _ref3;
|
|
185
|
+
return async (_ref4, pidProviderEntityConfiguration, cieData) => {
|
|
186
|
+
let {
|
|
187
|
+
nonce,
|
|
188
|
+
accessToken,
|
|
189
|
+
clientId,
|
|
190
|
+
walletProviderBaseUrl
|
|
191
|
+
} = _ref4;
|
|
192
|
+
const signedDPopForPid = await (0, _dpop.createDPopToken)({
|
|
193
|
+
htm: "POST",
|
|
194
|
+
htu: pidProviderEntityConfiguration.payload.metadata.openid_credential_issuer.token_endpoint,
|
|
195
|
+
jti: `${_reactNativeUuid.default.v4()}`
|
|
196
|
+
}, pidCryptoContext);
|
|
197
|
+
const signedNonceProof = await createNonceProof(nonce, clientId, walletProviderBaseUrl, pidCryptoContext);
|
|
198
|
+
const credentialUrl = pidProviderEntityConfiguration.payload.metadata.openid_credential_issuer.credential_endpoint;
|
|
205
199
|
const requestBody = {
|
|
206
200
|
credential_definition: JSON.stringify({
|
|
207
|
-
type: ["
|
|
201
|
+
type: ["PersonIdentificationData"]
|
|
208
202
|
}),
|
|
209
203
|
format: "vc+sd-jwt",
|
|
210
204
|
proof: JSON.stringify({
|
|
@@ -214,7 +208,7 @@ class Issuing {
|
|
|
214
208
|
})
|
|
215
209
|
};
|
|
216
210
|
const formBody = new URLSearchParams(requestBody);
|
|
217
|
-
const response = await
|
|
211
|
+
const response = await appFetch(credentialUrl, {
|
|
218
212
|
method: "POST",
|
|
219
213
|
headers: {
|
|
220
214
|
"Content-Type": "application/x-www-form-urlencoded",
|
|
@@ -224,37 +218,20 @@ class Issuing {
|
|
|
224
218
|
body: formBody.toString()
|
|
225
219
|
});
|
|
226
220
|
if (response.status === 200) {
|
|
227
|
-
|
|
228
|
-
|
|
229
|
-
|
|
230
|
-
}
|
|
231
|
-
|
|
232
|
-
/**
|
|
233
|
-
* Obtain the PID issuer metadata
|
|
234
|
-
*
|
|
235
|
-
* @function
|
|
236
|
-
* @returns PID issuer metadata
|
|
237
|
-
*
|
|
238
|
-
*/
|
|
239
|
-
async getEntityConfiguration() {
|
|
240
|
-
const metadataUrl = new URL("ci/.well-known/openid-federation", this.pidProviderBaseUrl).href;
|
|
241
|
-
const response = await this.appFetch(metadataUrl);
|
|
242
|
-
if (response.status === 200) {
|
|
243
|
-
const jwtMetadata = await response.text();
|
|
244
|
-
const {
|
|
245
|
-
payload
|
|
246
|
-
} = (0, _ioReactNativeJwt.decode)(jwtMetadata);
|
|
247
|
-
const result = _metadata.PidIssuerEntityConfiguration.safeParse(payload);
|
|
248
|
-
if (result.success) {
|
|
249
|
-
const parsedMetadata = result.data;
|
|
250
|
-
await (0, _ioReactNativeJwt.verify)(jwtMetadata, parsedMetadata.jwks.keys);
|
|
251
|
-
return parsedMetadata;
|
|
252
|
-
} else {
|
|
253
|
-
throw new _errors.PidMetadataError(result.error.message);
|
|
254
|
-
}
|
|
221
|
+
const pidResponse = await response.json();
|
|
222
|
+
await validatePid(pidResponse.credential, pidCryptoContext);
|
|
223
|
+
return pidResponse;
|
|
255
224
|
}
|
|
256
|
-
throw new _errors.
|
|
225
|
+
throw new _errors.PidIssuingError(`Unable to obtain credential! url=${credentialUrl} status=${response.status} body=${await response.text()}`);
|
|
226
|
+
};
|
|
227
|
+
};
|
|
228
|
+
exports.getCredential = getCredential;
|
|
229
|
+
const validatePid = async (pidJwt, pidCryptoContext) => {
|
|
230
|
+
const decoded = _2.SdJwt.decode(pidJwt);
|
|
231
|
+
const pidKey = await pidCryptoContext.getPublicKey();
|
|
232
|
+
const holderBindedKey = decoded.sdJwt.payload.cnf.jwk;
|
|
233
|
+
if ((await (0, _ioReactNativeJwt.thumbprint)(pidKey)) !== (await (0, _ioReactNativeJwt.thumbprint)(holderBindedKey))) {
|
|
234
|
+
throw new _errors.PidIssuingError(`The obtained pid does not seem to be valid according to your configuration. Your PID public key is: ${JSON.stringify(pidKey)} but PID holder binded key is: ${JSON.stringify(holderBindedKey)}`);
|
|
257
235
|
}
|
|
258
|
-
}
|
|
259
|
-
exports.Issuing = Issuing;
|
|
236
|
+
};
|
|
260
237
|
//# sourceMappingURL=issuing.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_ioReactNativeJwt","require","_jwk","_reactNativeUuid","_interopRequireDefault","_errors","_dpop","_ioReactNativeCrypto","
|
|
1
|
+
{"version":3,"names":["_ioReactNativeJwt","require","_jwk","_reactNativeUuid","_interopRequireDefault","_errors","_dpop","WalletInstanceAttestation","_interopRequireWildcard","_ioReactNativeCrypto","_2","_crypto","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","assertionType","getPar","_ref","wiaCryptoContext","appFetch","fetch","clientId","codeVerifier","walletProviderBaseUrl","pidProviderEntityConfiguration","walletInstanceAttestation","keyThumbprint","getPublicKey","then","JWK","parse","thumbprint","iss","decode","payload","cnf","jwk","kid","codeChallenge","sha256ToBase64","signedJwtForPar","SignJWT","setProtectedHeader","setPayload","aud","jti","uuid","v4","client_assertion_type","authorization_details","credential_definition","type","format","response_type","code_challenge_method","redirect_uri","state","client_id","code_challenge","setIssuedAt","setExpirationTime","sign","parUrl","metadata","openid_credential_issuer","pushed_authorization_request_endpoint","requestBody","client_assertion","request","formBody","URLSearchParams","response","method","headers","body","toString","status","result","json","request_uri","PidIssuingError","text","authorizeIssuing","_ref2","_","authorizationCode","tokenUrl","token_endpoint","keytag","generate","ephemeralContext","createCryptoContextFor","signedDPop","createDPopToken","htm","htu","deleteKey","grant_type","code","code_verifier","DPoP","c_nonce","access_token","accessToken","nonce","exports","createNonceProof","issuer","audience","ctx","setAudience","setIssuer","getCredential","_ref3","pidCryptoContext","_ref4","cieData","signedDPopForPid","signedNonceProof","credentialUrl","credential_endpoint","JSON","stringify","proof","jwt","proof_type","Authorization","pidResponse","validatePid","credential","pidJwt","decoded","SdJwt","pidKey","holderBindedKey","sdJwt"],"sourceRoot":"../../../src","sources":["pid/issuing.ts"],"mappings":";;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AAMA,IAAAC,IAAA,GAAAD,OAAA;AACA,IAAAE,gBAAA,GAAAC,sBAAA,CAAAH,OAAA;AACA,IAAAI,OAAA,GAAAJ,OAAA;AACA,IAAAK,KAAA,GAAAL,OAAA;AAEA,IAAAM,yBAAA,GAAAC,uBAAA,CAAAP,OAAA;AACA,IAAAQ,oBAAA,GAAAR,OAAA;AACA,IAAAS,EAAA,GAAAT,OAAA;AACA,IAAAU,OAAA,GAAAV,OAAA;AAAyD,SAAAW,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAL,wBAAAS,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAAA,SAAAnB,uBAAAa,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AACzD;;AAwBA,MAAMiB,aAAa,GACjB,oEAAoE;;AAEtE;AACA;AACA;AACA,MAAMC,MAAM,GACVC,IAAA;EAAA,IAAC;IACCC,gBAAgB;IAChBC,QAAQ,GAAGC;EAIb,CAAC,GAAAH,IAAA;EAAA,OACD,OACEI,QAAgB,EAChBC,YAAoB,EACpBC,qBAA6B,EAC7BC,8BAAmE,EACnEC,yBAAiC,KACb;IACpB;IACA;IACA;IACA;IACA,MAAMC,aAAa,GAAG,MAAMR,gBAAgB,CACzCS,YAAY,CAAC,CAAC,CACdC,IAAI,CAACC,QAAG,CAACC,KAAK,CAAC,CACfF,IAAI,CAACG,4BAAU,CAAC;IAEnB,MAAMC,GAAG,GAAG5C,yBAAyB,CAAC6C,MAAM,CAACR,yBAAyB,CAAC,CACpES,OAAO,CAACC,GAAG,CAACC,GAAG,CAACC,GAAG;IAEtB,MAAMC,aAAa,GAAG,MAAM,IAAAC,gCAAc,EAACjB,YAAY,CAAC;IAExD,MAAMkB,eAAe,GAAG,MAAM,IAAIC,yBAAO,CAACvB,gBAAgB,CAAC,CACxDwB,kBAAkB,CAAC;MAClBL,GAAG,EAAEX;IACP,CAAC,CAAC,CACDiB,UAAU,CAAC;MACVX,GAAG;MACHY,GAAG,EAAEpB,8BAA8B,CAACU,OAAO,CAACF,GAAG;MAC/Ca,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;MACnBC,qBAAqB,EAAEjC,aAAa;MACpCkC,qBAAqB,EAAE,CACrB;QACEC,qBAAqB,EAAE;UACrBC,IAAI,EAAE;QACR,CAAC;QACDC,MAAM,EAAE,WAAW;QACnBD,IAAI,EAAE;MACR,CAAC,CACF;MACDE,aAAa,EAAE,MAAM;MACrBC,qBAAqB,EAAE,MAAM;MAC7BC,YAAY,EAAEhC,qBAAqB;MACnCiC,KAAK,EAAG,GAAEV,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;MACrBU,SAAS,EAAEpC,QAAQ;MACnBqC,cAAc,EAAEpB;IAClB,CAAC,CAAC,CACDqB,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,IAAI,CAAC,CAAC;IAET,MAAMC,MAAM,GACVtC,8BAA8B,CAACU,OAAO,CAAC6B,QAAQ,CAACC,wBAAwB,CACrEC,qCAAqC;IAE1C,MAAMC,WAAW,GAAG;MAClBb,aAAa,EAAE,MAAM;MACrBI,SAAS,EAAEpC,QAAQ;MACnBqC,cAAc,EAAEpB,aAAa;MAC7BgB,qBAAqB,EAAE,MAAM;MAC7BN,qBAAqB,EAAEjC,aAAa;MACpCoD,gBAAgB,EAAE1C,yBAAyB;MAC3C2C,OAAO,EAAE5B;IACX,CAAC;IAED,IAAI6B,QAAQ,GAAG,IAAIC,eAAe,CAACJ,WAAW,CAAC;IAE/C,MAAMK,QAAQ,GAAG,MAAMpD,QAAQ,CAAC2C,MAAM,EAAE;MACtCU,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE;MAClB,CAAC;MACDC,IAAI,EAAEL,QAAQ,CAACM,QAAQ,CAAC;IAC1B,CAAC,CAAC;IAEF,IAAIJ,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAMC,MAAM,GAAG,MAAMN,QAAQ,CAACO,IAAI,CAAC,CAAC;MACpC,OAAOD,MAAM,CAACE,WAAW;IAC3B;IAEA,MAAM,IAAIC,uBAAe,CACtB,wCAAuC,MAAMT,QAAQ,CAACU,IAAI,CAAC,CAAE,EAChE,CAAC;EACH,CAAC;AAAA;;AAEH;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMC,gBAAgB,GAC3BC,KAAA;EAAA,IAAC;IACCjE,gBAAgB;IAChBC,QAAQ,GAAGC;EAIb,CAAC,GAAA+D,KAAA;EAAA,OACD,OACE1D,yBAAiC,EACjCF,qBAA6B,EAC7BC,8BAAmE,KACpC;IAC/B;IACA,MAAMH,QAAQ,GAAG,MAAMH,gBAAgB,CAACS,YAAY,CAAC,CAAC,CAACC,IAAI,CAAEwD,CAAC,IAAKA,CAAC,CAAC/C,GAAG,CAAC;IACzE,MAAMf,YAAY,GAAI,GAAEwB,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;IACnC,MAAMsC,iBAAiB,GAAI,GAAEvC,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;IACxC,MAAMuC,QAAQ,GACZ9D,8BAA8B,CAACU,OAAO,CAAC6B,QAAQ,CAACC,wBAAwB,CACrEuB,cAAc;IAEnB,MAAMvE,MAAM,CAAC;MAAEE,gBAAgB;MAAEC;IAAS,CAAC,CAAC,CAC1CE,QAAQ,EACRC,YAAY,EACZC,qBAAqB,EACrBC,8BAA8B,EAC9BC,yBACF,CAAC;;IAED;IACA,MAAM+D,MAAM,GAAI,aAAY1C,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;IACvC,MAAM,IAAA0C,6BAAQ,EAACD,MAAM,CAAC;IACtB,MAAME,gBAAgB,GAAG,IAAAC,8BAAsB,EAACH,MAAM,CAAC;IAEvD,MAAMI,UAAU,GAAG,MAAM,IAAAC,qBAAe,EACtC;MACEC,GAAG,EAAE,MAAM;MACXC,GAAG,EAAET,QAAQ;MACbzC,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE;IACpB,CAAC,EACD2C,gBACF,CAAC;IAED,MAAM,IAAAM,8BAAS,EAACR,MAAM,CAAC;IAEvB,MAAMtB,WAAW,GAAG;MAClB+B,UAAU,EAAE,oBAAoB;MAChCxC,SAAS,EAAEpC,QAAQ;MACnB6E,IAAI,EAAEb,iBAAiB;MACvBc,aAAa,EAAE7E,YAAY;MAC3B0B,qBAAqB,EAAEjC,aAAa;MACpCoD,gBAAgB,EAAE1C,yBAAyB;MAC3C8B,YAAY,EAAEhC;IAChB,CAAC;IACD,IAAI8C,QAAQ,GAAG,IAAIC,eAAe,CAACJ,WAAW,CAAC;IAE/C,MAAMK,QAAQ,GAAG,MAAMpD,QAAQ,CAACmE,QAAQ,EAAE;MACxCd,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE,mCAAmC;QACnD2B,IAAI,EAAER;MACR,CAAC;MACDlB,IAAI,EAAEL,QAAQ,CAACM,QAAQ,CAAC;IAC1B,CAAC,CAAC;IAEF,IAAIJ,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAM;QAAEyB,OAAO;QAAEC;MAAa,CAAC,GAAG,MAAM/B,QAAQ,CAACO,IAAI,CAAC,CAAC;MACvD,OAAO;QACLyB,WAAW,EAAED,YAAY;QACzBE,KAAK,EAAEH,OAAO;QACdhF,QAAQ;QACRC,YAAY;QACZ+D,iBAAiB;QACjB9D;MACF,CAAC;IACH;IAEA,MAAM,IAAIyD,uBAAe,CACtB,0CAAyC,MAAMT,QAAQ,CAACU,IAAI,CAAC,CAAE,EAClE,CAAC;EACH,CAAC;AAAA;;AAEH;AACA;AACA;AAFAwB,OAAA,CAAAvB,gBAAA,GAAAA,gBAAA;AAGA,MAAMwB,gBAAgB,GAAG,MAAAA,CACvBF,KAAa,EACbG,MAAc,EACdC,QAAgB,EAChBC,GAAkB,KACE;EACpB,OAAO,IAAIpE,yBAAO,CAACoE,GAAG,CAAC,CACpBlE,UAAU,CAAC;IACV6D,KAAK;IACLpE,GAAG,EAAE,MAAMyE,GAAG,CAAClF,YAAY,CAAC;EAC9B,CAAC,CAAC,CACDe,kBAAkB,CAAC;IAClBS,IAAI,EAAE;EACR,CAAC,CAAC,CACD2D,WAAW,CAACF,QAAQ,CAAC,CACrBG,SAAS,CAACJ,MAAM,CAAC,CACjBhD,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,IAAI,CAAC,CAAC;AACX,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMmD,aAAa,GACxBC,KAAA;EAAA,IAAC;IACCC,gBAAgB;IAChB/F,QAAQ,GAAGC;EAIb,CAAC,GAAA6F,KAAA;EAAA,OACD,OAAAE,KAAA,EAEE3F,8BAAmE,EACnE4F,OAAgB,KACS;IAAA,IAHzB;MAAEZ,KAAK;MAAED,WAAW;MAAElF,QAAQ;MAAEE;IAAyC,CAAC,GAAA4F,KAAA;IAI1E,MAAME,gBAAgB,GAAG,MAAM,IAAAxB,qBAAe,EAC5C;MACEC,GAAG,EAAE,MAAM;MACXC,GAAG,EAAEvE,8BAA8B,CAACU,OAAO,CAAC6B,QAAQ,CACjDC,wBAAwB,CAACuB,cAAc;MAC1C1C,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE;IACpB,CAAC,EACDmE,gBACF,CAAC;IACD,MAAMI,gBAAgB,GAAG,MAAMZ,gBAAgB,CAC7CF,KAAK,EACLnF,QAAQ,EACRE,qBAAqB,EACrB2F,gBACF,CAAC;IAED,MAAMK,aAAa,GACjB/F,8BAA8B,CAACU,OAAO,CAAC6B,QAAQ,CAACC,wBAAwB,CACrEwD,mBAAmB;IAExB,MAAMtD,WAAW,GAAG;MAClBhB,qBAAqB,EAAEuE,IAAI,CAACC,SAAS,CAAC;QACpCvE,IAAI,EAAE,CAAC,0BAA0B;MACnC,CAAC,CAAC;MACFC,MAAM,EAAE,WAAW;MACnBuE,KAAK,EAAEF,IAAI,CAACC,SAAS,CAAC;QACpBE,GAAG,EAAEN,gBAAgB;QACrBF,OAAO;QACPS,UAAU,EAAE;MACd,CAAC;IACH,CAAC;IACD,MAAMxD,QAAQ,GAAG,IAAIC,eAAe,CAACJ,WAAW,CAAC;IAEjD,MAAMK,QAAQ,GAAG,MAAMpD,QAAQ,CAACoG,aAAa,EAAE;MAC7C/C,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE,mCAAmC;QACnD2B,IAAI,EAAEiB,gBAAgB;QACtBS,aAAa,EAAEvB;MACjB,CAAC;MACD7B,IAAI,EAAEL,QAAQ,CAACM,QAAQ,CAAC;IAC1B,CAAC,CAAC;IAEF,IAAIJ,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAMmD,WAAW,GAAI,MAAMxD,QAAQ,CAACO,IAAI,CAAC,CAAiB;MAC1D,MAAMkD,WAAW,CAACD,WAAW,CAACE,UAAU,EAAEf,gBAAgB,CAAC;MAC3D,OAAOa,WAAW;IACpB;IAEA,MAAM,IAAI/C,uBAAe,CACtB,oCAAmCuC,aAAc,WAChDhD,QAAQ,CAACK,MACV,SAAQ,MAAML,QAAQ,CAACU,IAAI,CAAC,CAAE,EACjC,CAAC;EACH,CAAC;AAAA;AAACwB,OAAA,CAAAO,aAAA,GAAAA,aAAA;AAEJ,MAAMgB,WAAW,GAAG,MAAAA,CAAOE,MAAc,EAAEhB,gBAA+B,KAAK;EAC7E,MAAMiB,OAAO,GAAGC,QAAK,CAACnG,MAAM,CAACiG,MAAM,CAAC;EACpC,MAAMG,MAAM,GAAG,MAAMnB,gBAAgB,CAACvF,YAAY,CAAC,CAAC;EACpD,MAAM2G,eAAe,GAAGH,OAAO,CAACI,KAAK,CAACrG,OAAO,CAACC,GAAG,CAACC,GAAG;EAErD,IAAI,CAAC,MAAM,IAAAL,4BAAU,EAACsG,MAAM,CAAC,OAAO,MAAM,IAAAtG,4BAAU,EAACuG,eAAe,CAAC,CAAC,EAAE;IACtE,MAAM,IAAItD,uBAAe,CACtB,uGAAsGyC,IAAI,CAACC,SAAS,CACnHW,MACF,CAAE,kCAAiCZ,IAAI,CAACC,SAAS,CAACY,eAAe,CAAE,EACrE,CAAC;EACH;AACF,CAAC"}
|
|
@@ -1,17 +1,19 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
|
|
3
|
-
var
|
|
3
|
+
var _types = require("../../trust/types");
|
|
4
|
+
var RelyingPartySolution = _interopRequireWildcard(require(".."));
|
|
4
5
|
var _errors = require("../../utils/errors");
|
|
5
|
-
|
|
6
|
+
function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
|
|
7
|
+
function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
|
|
6
8
|
describe("decodeAuthRequestQR", () => {
|
|
7
9
|
it("should return authentication request URL", async () => {
|
|
8
10
|
const qrcode = "ZXVkaXc6Ly9hdXRob3JpemU/Y2xpZW50X2lkPWh0dHBzOi8vdmVyaWZpZXIuZXhhbXBsZS5vcmcmcmVxdWVzdF91cmk9aHR0cHM6Ly92ZXJpZmllci5leGFtcGxlLm9yZy9yZXF1ZXN0X3VyaQ==";
|
|
9
|
-
const result =
|
|
11
|
+
const result = RelyingPartySolution.decodeAuthRequestQR(qrcode);
|
|
10
12
|
expect(result.requestURI).toEqual("https://verifier.example.org/request_uri");
|
|
11
13
|
});
|
|
12
14
|
it("should throw exception with invalid QR", async () => {
|
|
13
15
|
const qrcode = "aHR0cDovL2dvb2dsZS5pdA==";
|
|
14
|
-
expect(() =>
|
|
16
|
+
expect(() => RelyingPartySolution.decodeAuthRequestQR(qrcode)).toThrowError(_errors.AuthRequestDecodeError);
|
|
15
17
|
});
|
|
16
18
|
});
|
|
17
19
|
describe("RpEntityConfiguration", () => {
|
|
@@ -158,7 +160,7 @@ describe("RpEntityConfiguration", () => {
|
|
|
158
160
|
authority_hints: ["https://demo.federation.eudi.wallet.developers.italia.it"]
|
|
159
161
|
}
|
|
160
162
|
};
|
|
161
|
-
const result = _types.
|
|
163
|
+
const result = _types.RelyingPartyEntityConfiguration.safeParse(pp);
|
|
162
164
|
if (result.success === false) {
|
|
163
165
|
throw result.error;
|
|
164
166
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["
|
|
1
|
+
{"version":3,"names":["_types","require","RelyingPartySolution","_interopRequireWildcard","_errors","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","describe","it","qrcode","result","decodeAuthRequestQR","expect","requestURI","toEqual","toThrowError","AuthRequestDecodeError","pp","header","alg","kid","typ","payload","exp","iat","iss","sub","jwks","keys","kty","e","n","metadata","federation_entity","organization_name","homepage_uri","policy_uri","logo_uri","contacts","wallet_relying_party","application_type","authorization_encrypted_response_alg","authorization_encrypted_response_enc","authorization_signed_response_alg","client_id","client_name","default_acr_values","default_max_age","id_token_encrypted_response_alg","id_token_encrypted_response_enc","id_token_signed_response_alg","presentation_definitions","id","input_descriptors","format","constraints","fields","filter","const","type","path","intent_to_retain","limit_disclosure","jwt","mso_mdoc","redirect_uris","request_uris","require_auth_time","subject_type","vp_formats","jwt_vp_json","crv","d","use","x","y","p","q","authority_hints","RelyingPartyEntityConfiguration","safeParse","success","error","toBe"],"sourceRoot":"../../../../src","sources":["rp/__test__/index.test.ts"],"mappings":";;AAAA,IAAAA,MAAA,GAAAC,OAAA;AACA,IAAAC,oBAAA,GAAAC,uBAAA,CAAAF,OAAA;AACA,IAAAG,OAAA,GAAAH,OAAA;AAA4D,SAAAI,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAH,wBAAAO,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAE5DW,QAAQ,CAAC,qBAAqB,EAAE,MAAM;EACpCC,EAAE,CAAC,0CAA0C,EAAE,YAAY;IACzD,MAAMC,MAAM,GACV,sJAAsJ;IACxJ,MAAMC,MAAM,GAAG5B,oBAAoB,CAAC6B,mBAAmB,CAACF,MAAM,CAAC;IAC/DG,MAAM,CAACF,MAAM,CAACG,UAAU,CAAC,CAACC,OAAO,CAC/B,0CACF,CAAC;EACH,CAAC,CAAC;EACFN,EAAE,CAAC,wCAAwC,EAAE,YAAY;IACvD,MAAMC,MAAM,GAAG,0BAA0B;IACzCG,MAAM,CAAC,MAAM9B,oBAAoB,CAAC6B,mBAAmB,CAACF,MAAM,CAAC,CAAC,CAACM,YAAY,CACzEC,8BACF,CAAC;EACH,CAAC,CAAC;AACJ,CAAC,CAAC;AAEFT,QAAQ,CAAC,uBAAuB,EAAE,MAAM;EACtCC,EAAE,CAAC,2BAA2B,EAAE,YAAY;IAC1C,MAAMS,EAAE,GAAG;MACTC,MAAM,EAAE;QACNC,GAAG,EAAE,OAAO;QACZC,GAAG,EAAE,6CAA6C;QAClDC,GAAG,EAAE;MACP,CAAC;MACDC,OAAO,EAAE;QACPC,GAAG,EAAE,UAAU;QACfC,GAAG,EAAE,UAAU;QACfC,GAAG,EAAE,+DAA+D;QACpEC,GAAG,EAAE,+DAA+D;QACpEC,IAAI,EAAE;UACJC,IAAI,EAAE,CACJ;YACEC,GAAG,EAAE,KAAK;YACVT,GAAG,EAAE,6CAA6C;YAClDU,CAAC,EAAE,MAAM;YACTC,CAAC,EAAE;UACL,CAAC;QAEL,CAAC;QACDC,QAAQ,EAAE;UACRC,iBAAiB,EAAE;YACjBC,iBAAiB,EAAE,iBAAiB;YACpCC,YAAY,EAAE,iCAAiC;YAC/CC,UAAU,EAAE,iCAAiC;YAC7CC,QAAQ,EAAE,iCAAiC;YAC3CC,QAAQ,EAAE,CAAC,iCAAiC;UAC9C,CAAC;UACDC,oBAAoB,EAAE;YACpBC,gBAAgB,EAAE,KAAK;YACvBC,oCAAoC,EAAE,CACpC,UAAU,EACV,cAAc,EACd,SAAS,EACT,gBAAgB,EAChB,gBAAgB,EAChB,gBAAgB,CACjB;YACDC,oCAAoC,EAAE,CACpC,eAAe,EACf,eAAe,EACf,eAAe,EACf,SAAS,EACT,SAAS,EACT,SAAS,CACV;YACDC,iCAAiC,EAAE,CACjC,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,CACR;YACDC,SAAS,EACP,+DAA+D;YACjEC,WAAW,EAAE,iCAAiC;YAC9CP,QAAQ,EAAE,CAAC,0BAA0B,CAAC;YACtCQ,kBAAkB,EAAE,CAClB,gCAAgC,EAChC,gCAAgC,CACjC;YACDC,eAAe,EAAE,IAAI;YACrBC,+BAA+B,EAAE,CAC/B,UAAU,EACV,cAAc,EACd,SAAS,EACT,gBAAgB,EAChB,gBAAgB,EAChB,gBAAgB,CACjB;YACDC,+BAA+B,EAAE,CAC/B,eAAe,EACf,eAAe,EACf,eAAe,EACf,SAAS,EACT,SAAS,EACT,SAAS,CACV;YACDC,4BAA4B,EAAE,CAC5B,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,CACR;YACDC,wBAAwB,EAAE,CACxB;cACEC,EAAE,EAAE,6CAA6C;cACjDC,iBAAiB,EAAE,CACjB;gBACED,EAAE,EAAE,6CAA6C;gBACjDE,MAAM,EAAE;kBACNC,WAAW,EAAE;oBACXC,MAAM,EAAE,CACN;sBACEC,MAAM,EAAE;wBACNC,KAAK,EAAE,0BAA0B;wBACjCC,IAAI,EAAE;sBACR,CAAC;sBACDC,IAAI,EAAE,CAAC,eAAe;oBACxB,CAAC,EACD;sBACEH,MAAM,EAAE;wBACNE,IAAI,EAAE;sBACR,CAAC;sBACDC,IAAI,EAAE,CAAC,cAAc;oBACvB,CAAC,EACD;sBACEC,gBAAgB,EAAE,MAAM;sBACxBD,IAAI,EAAE,CAAC,sBAAsB;oBAC/B,CAAC,EACD;sBACEC,gBAAgB,EAAE,MAAM;sBACxBD,IAAI,EAAE,CAAC,qBAAqB;oBAC9B,CAAC,EACD;sBACEC,gBAAgB,EAAE,MAAM;sBACxBD,IAAI,EAAE,CAAC,oBAAoB;oBAC7B,CAAC,CACF;oBACDE,gBAAgB,EAAE;kBACpB,CAAC;kBACDC,GAAG,EAAE;oBACH5C,GAAG,EAAE,CAAC,OAAO,EAAE,OAAO;kBACxB;gBACF;cACF,CAAC;YAEL,CAAC,EACD;cACEiC,EAAE,EAAE,gBAAgB;cACpBC,iBAAiB,EAAE,CACjB;gBACEC,MAAM,EAAE;kBACNC,WAAW,EAAE;oBACXC,MAAM,EAAE,CACN;sBACEC,MAAM,EAAE;wBACNC,KAAK,EAAE,uBAAuB;wBAC9BC,IAAI,EAAE;sBACR,CAAC;sBACDC,IAAI,EAAE,CAAC,gBAAgB;oBACzB,CAAC,EACD;sBACEH,MAAM,EAAE;wBACNC,KAAK,EAAE,mBAAmB;wBAC1BC,IAAI,EAAE;sBACR,CAAC;sBACDC,IAAI,EAAE,CAAC,kBAAkB;oBAC3B,CAAC,EACD;sBACEC,gBAAgB,EAAE,OAAO;sBACzBD,IAAI,EAAE,CAAC,oBAAoB;oBAC7B,CAAC,EACD;sBACEC,gBAAgB,EAAE,OAAO;sBACzBD,IAAI,EAAE,CAAC,iBAAiB;oBAC1B,CAAC,EACD;sBACEC,gBAAgB,EAAE,OAAO;sBACzBD,IAAI,EAAE,CAAC,2BAA2B;oBACpC,CAAC,CACF;oBACDE,gBAAgB,EAAE;kBACpB,CAAC;kBACDE,QAAQ,EAAE;oBACR7C,GAAG,EAAE,CAAC,OAAO,EAAE,OAAO;kBACxB;gBACF,CAAC;gBACDiC,EAAE,EAAE;cACN,CAAC;YAEL,CAAC,CACF;YACDa,aAAa,EAAE,CACb,4EAA4E,CAC7E;YACDC,YAAY,EAAE,CACZ,2EAA2E,CAC5E;YACDC,iBAAiB,EAAE,IAAI;YACvBC,YAAY,EAAE,UAAU;YACxBC,UAAU,EAAE;cACVC,WAAW,EAAE;gBACXnD,GAAG,EAAE,CAAC,OAAO,EAAE,QAAQ;cACzB;YACF,CAAC;YACDQ,IAAI,EAAE,CACJ;cACE4C,GAAG,EAAE,OAAO;cACZC,CAAC,EAAE,6CAA6C;cAChDpD,GAAG,EAAE,6CAA6C;cAClDqD,GAAG,EAAE,KAAK;cACV5C,GAAG,EAAE,IAAI;cACT6C,CAAC,EAAE,6CAA6C;cAChDC,CAAC,EAAE;YACL,CAAC,EACD;cACE9C,GAAG,EAAE,KAAK;cACV2C,CAAC,EAAE,wVAAwV;cAC3V1C,CAAC,EAAE,MAAM;cACT2C,GAAG,EAAE,KAAK;cACVrD,GAAG,EAAE,6CAA6C;cAClDW,CAAC,EAAE,wVAAwV;cAC3V6C,CAAC,EAAE,6KAA6K;cAChLC,CAAC,EAAE;YACL,CAAC;UAEL;QACF,CAAC;QACDC,eAAe,EAAE,CACf,0DAA0D;MAE9D;IACF,CAAC;IACD,MAAMpE,MAAM,GAAGqE,sCAA+B,CAACC,SAAS,CAAC/D,EAAE,CAAC;IAC5D,IAAIP,MAAM,CAACuE,OAAO,KAAK,KAAK,EAAE;MAC5B,MAAMvE,MAAM,CAACwE,KAAK;IACpB;IACAtE,MAAM,CAACF,MAAM,CAACuE,OAAO,CAAC,CAACE,IAAI,CAAC,IAAI,CAAC;EACnC,CAAC,CAAC;AACJ,CAAC,CAAC"}
|