@pagopa/io-react-native-wallet 0.4.3 → 0.6.0
Sign up to get free protection for your applications and to get access to all the features.
- package/README.md +128 -19
- package/lib/commonjs/index.js +16 -23
- package/lib/commonjs/index.js.map +1 -1
- package/lib/commonjs/pid/index.js +3 -8
- package/lib/commonjs/pid/index.js.map +1 -1
- package/lib/commonjs/pid/issuing.js +153 -176
- package/lib/commonjs/pid/issuing.js.map +1 -1
- package/lib/commonjs/rp/__test__/index.test.js +7 -5
- package/lib/commonjs/rp/__test__/index.test.js.map +1 -1
- package/lib/commonjs/rp/index.js +145 -155
- package/lib/commonjs/rp/index.js.map +1 -1
- package/lib/commonjs/rp/types.js +1 -21
- package/lib/commonjs/rp/types.js.map +1 -1
- package/lib/commonjs/trust/index.js +24 -5
- package/lib/commonjs/trust/index.js.map +1 -1
- package/lib/commonjs/trust/types.js +102 -9
- package/lib/commonjs/trust/types.js.map +1 -1
- package/lib/commonjs/utils/crypto.js +46 -0
- package/lib/commonjs/utils/crypto.js.map +1 -0
- package/lib/commonjs/utils/dpop.js +14 -7
- package/lib/commonjs/utils/dpop.js.map +1 -1
- package/lib/commonjs/wallet-instance-attestation/index.js +3 -3
- package/lib/commonjs/wallet-instance-attestation/issuing.js +42 -60
- package/lib/commonjs/wallet-instance-attestation/issuing.js.map +1 -1
- package/lib/module/index.js +4 -6
- package/lib/module/index.js.map +1 -1
- package/lib/module/pid/index.js +1 -1
- package/lib/module/pid/index.js.map +1 -1
- package/lib/module/pid/issuing.js +152 -180
- package/lib/module/pid/issuing.js.map +1 -1
- package/lib/module/rp/__test__/index.test.js +3 -3
- package/lib/module/rp/__test__/index.test.js.map +1 -1
- package/lib/module/rp/index.js +141 -154
- package/lib/module/rp/index.js.map +1 -1
- package/lib/module/rp/types.js +0 -20
- package/lib/module/rp/types.js.map +1 -1
- package/lib/module/trust/index.js +19 -5
- package/lib/module/trust/index.js.map +1 -1
- package/lib/module/trust/types.js +100 -7
- package/lib/module/trust/types.js.map +1 -1
- package/lib/module/utils/crypto.js +40 -0
- package/lib/module/utils/crypto.js.map +1 -0
- package/lib/module/utils/dpop.js +13 -5
- package/lib/module/utils/dpop.js.map +1 -1
- package/lib/module/wallet-instance-attestation/index.js +2 -2
- package/lib/module/wallet-instance-attestation/index.js.map +1 -1
- package/lib/module/wallet-instance-attestation/issuing.js +40 -58
- package/lib/module/wallet-instance-attestation/issuing.js.map +1 -1
- package/lib/typescript/index.d.ts +4 -6
- package/lib/typescript/index.d.ts.map +1 -1
- package/lib/typescript/pid/index.d.ts +1 -1
- package/lib/typescript/pid/index.d.ts.map +1 -1
- package/lib/typescript/pid/issuing.d.ts +43 -88
- package/lib/typescript/pid/issuing.d.ts.map +1 -1
- package/lib/typescript/rp/index.d.ts +41 -87
- package/lib/typescript/rp/index.d.ts.map +1 -1
- package/lib/typescript/rp/types.d.ts +10 -906
- package/lib/typescript/rp/types.d.ts.map +1 -1
- package/lib/typescript/sd-jwt/index.d.ts +1 -1
- package/lib/typescript/sd-jwt/index.d.ts.map +1 -1
- package/lib/typescript/trust/index.d.ts +806 -3
- package/lib/typescript/trust/index.d.ts.map +1 -1
- package/lib/typescript/trust/types.d.ts +9655 -297
- package/lib/typescript/trust/types.d.ts.map +1 -1
- package/lib/typescript/utils/crypto.d.ts +10 -0
- package/lib/typescript/utils/crypto.d.ts.map +1 -0
- package/lib/typescript/utils/dpop.d.ts +10 -2
- package/lib/typescript/utils/dpop.d.ts.map +1 -1
- package/lib/typescript/wallet-instance-attestation/index.d.ts +2 -2
- package/lib/typescript/wallet-instance-attestation/index.d.ts.map +1 -1
- package/lib/typescript/wallet-instance-attestation/issuing.d.ts +18 -31
- package/lib/typescript/wallet-instance-attestation/issuing.d.ts.map +1 -1
- package/lib/typescript/wallet-instance-attestation/types.d.ts +4 -4
- package/package.json +2 -2
- package/src/index.ts +14 -13
- package/src/pid/index.ts +1 -1
- package/src/pid/issuing.ts +233 -232
- package/src/rp/__test__/index.test.ts +3 -3
- package/src/rp/index.ts +172 -194
- package/src/rp/types.ts +0 -24
- package/src/sd-jwt/index.ts +1 -1
- package/src/trust/index.ts +106 -5
- package/src/trust/types.ts +152 -34
- package/src/utils/crypto.ts +41 -0
- package/src/utils/dpop.ts +17 -7
- package/src/wallet-instance-attestation/index.ts +2 -2
- package/src/wallet-instance-attestation/issuing.ts +51 -63
- package/lib/commonjs/pid/metadata.js +0 -49
- package/lib/commonjs/pid/metadata.js.map +0 -1
- package/lib/module/pid/metadata.js +0 -41
- package/lib/module/pid/metadata.js.map +0 -1
- package/lib/typescript/pid/metadata.d.ts +0 -482
- package/lib/typescript/pid/metadata.d.ts.map +0 -1
- package/src/pid/metadata.ts +0 -46
package/lib/commonjs/rp/index.js
CHANGED
|
@@ -3,88 +3,82 @@
|
|
|
3
3
|
Object.defineProperty(exports, "__esModule", {
|
|
4
4
|
value: true
|
|
5
5
|
});
|
|
6
|
-
exports.
|
|
6
|
+
exports.sendAuthorizationResponse = exports.getRequestObject = exports.decodeAuthRequestQR = void 0;
|
|
7
7
|
var _errors = require("../utils/errors");
|
|
8
8
|
var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
|
|
9
9
|
var _types = require("./types");
|
|
10
10
|
var _reactNativeUuid = _interopRequireDefault(require("react-native-uuid"));
|
|
11
11
|
var _sdJwt = require("../sd-jwt");
|
|
12
|
-
var
|
|
12
|
+
var _dpop = require("../utils/dpop");
|
|
13
|
+
var WalletInstanceAttestation = _interopRequireWildcard(require("../wallet-instance-attestation"));
|
|
14
|
+
function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
|
|
15
|
+
function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
|
|
13
16
|
function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
17
|
+
/**
|
|
18
|
+
* Select a RSA public key from those provided by the RP to encrypt.
|
|
19
|
+
*
|
|
20
|
+
* @param entity The RP entity configuration
|
|
21
|
+
* @returns A suitable public key with its compatible encryption algorithm
|
|
22
|
+
* @throws {NoSuitableKeysFoundInEntityConfiguration} If entity do not contain any public key suitable for encrypting
|
|
23
|
+
*/
|
|
24
|
+
const chooseRSAPublicKeyToEncrypt = entity => {
|
|
25
|
+
const [usingRsa256] = entity.payload.metadata.wallet_relying_party.jwks.filter(jwk => jwk.use === "enc" && jwk.kty === "RSA");
|
|
26
|
+
if (usingRsa256) {
|
|
27
|
+
return usingRsa256;
|
|
20
28
|
}
|
|
21
29
|
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
30
|
+
// No suitable key has been found
|
|
31
|
+
throw new _errors.NoSuitableKeysFoundInEntityConfiguration("Encrypt with RP public key");
|
|
32
|
+
};
|
|
33
|
+
|
|
34
|
+
/**
|
|
35
|
+
* Decode a QR code content to an authentication request url.
|
|
36
|
+
* @function
|
|
37
|
+
* @param qrcode QR code content
|
|
38
|
+
*
|
|
39
|
+
* @returns The authentication request url
|
|
40
|
+
*
|
|
41
|
+
*/
|
|
42
|
+
const decodeAuthRequestQR = qrcode => {
|
|
43
|
+
const decoded = (0, _ioReactNativeJwt.decodeBase64)(qrcode);
|
|
44
|
+
const decodedUrl = new URL(decoded);
|
|
45
|
+
const protocol = decodedUrl.protocol;
|
|
46
|
+
const resource = decodedUrl.hostname;
|
|
47
|
+
const requestURI = decodedUrl.searchParams.get("request_uri");
|
|
48
|
+
const clientId = decodedUrl.searchParams.get("client_id");
|
|
49
|
+
const result = _types.QRCodePayload.safeParse({
|
|
50
|
+
protocol,
|
|
51
|
+
resource,
|
|
52
|
+
requestURI,
|
|
53
|
+
clientId
|
|
54
|
+
});
|
|
55
|
+
if (result.success) {
|
|
56
|
+
return result.data;
|
|
57
|
+
} else {
|
|
58
|
+
throw new _errors.AuthRequestDecodeError(result.error.message, `${decodedUrl}`);
|
|
48
59
|
}
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
60
|
+
};
|
|
61
|
+
exports.decodeAuthRequestQR = decodeAuthRequestQR;
|
|
62
|
+
/**
|
|
63
|
+
* Obtain the Request Object for RP authentication
|
|
64
|
+
* @see https://italia.github.io/eudi-wallet-it-docs/versione-corrente/en/relying-party-solution.html
|
|
65
|
+
*/
|
|
66
|
+
const getRequestObject = _ref => {
|
|
67
|
+
let {
|
|
68
|
+
wiaCryptoContext,
|
|
69
|
+
appFetch = fetch
|
|
70
|
+
} = _ref;
|
|
71
|
+
return async (walletInstanceAttestation, requestUri, rpEntityConfiguration) => {
|
|
72
|
+
const signedWalletInstanceDPoP = await (0, _dpop.createDPopToken)({
|
|
61
73
|
jti: `${_reactNativeUuid.default.v4()}`,
|
|
62
74
|
htm: "GET",
|
|
63
|
-
htu:
|
|
64
|
-
ath: await (0, _ioReactNativeJwt.sha256ToBase64)(
|
|
65
|
-
})
|
|
66
|
-
|
|
67
|
-
jwk: walletInstanceAttestationJwk,
|
|
68
|
-
typ: "dpop+jwt"
|
|
69
|
-
}).setIssuedAt().setExpirationTime("1h").toSign();
|
|
70
|
-
}
|
|
71
|
-
|
|
72
|
-
/**
|
|
73
|
-
* Obtain the Request Object for RP authentication
|
|
74
|
-
* @see https://italia.github.io/eudi-wallet-it-docs/versione-corrente/en/relying-party-solution.html
|
|
75
|
-
*
|
|
76
|
-
* @async @function
|
|
77
|
-
* @param signedWalletInstanceDPoP JWT of the Wallet Instance Attestation DPoP
|
|
78
|
-
*
|
|
79
|
-
* @returns The Request Object JWT
|
|
80
|
-
* @throws {NoSuitableKeysFoundInEntityConfiguration} When the Request Object is signed with a key not listed in RP's entity configuration
|
|
81
|
-
*
|
|
82
|
-
*/
|
|
83
|
-
async getRequestObject(signedWalletInstanceDPoP, requestUri, entity) {
|
|
84
|
-
const response = await this.appFetch(requestUri, {
|
|
75
|
+
htu: requestUri,
|
|
76
|
+
ath: await (0, _ioReactNativeJwt.sha256ToBase64)(walletInstanceAttestation)
|
|
77
|
+
}, wiaCryptoContext);
|
|
78
|
+
const response = await appFetch(requestUri, {
|
|
85
79
|
method: "GET",
|
|
86
80
|
headers: {
|
|
87
|
-
Authorization: `DPoP ${
|
|
81
|
+
Authorization: `DPoP ${walletInstanceAttestation}`,
|
|
88
82
|
DPoP: signedWalletInstanceDPoP
|
|
89
83
|
}
|
|
90
84
|
});
|
|
@@ -96,10 +90,10 @@ class RelyingPartySolution {
|
|
|
96
90
|
// verify token signature according to RP's entity configuration
|
|
97
91
|
// to ensure the request object is authentic
|
|
98
92
|
{
|
|
99
|
-
const pubKey =
|
|
93
|
+
const pubKey = rpEntityConfiguration.payload.metadata.wallet_relying_party.jwks.find(_ref2 => {
|
|
100
94
|
let {
|
|
101
95
|
kid
|
|
102
|
-
} =
|
|
96
|
+
} = _ref2;
|
|
103
97
|
return kid === responseJwt.protectedHeader.kid;
|
|
104
98
|
});
|
|
105
99
|
if (!pubKey) {
|
|
@@ -109,55 +103,64 @@ class RelyingPartySolution {
|
|
|
109
103
|
}
|
|
110
104
|
|
|
111
105
|
// parse request object it has the expected shape by specification
|
|
112
|
-
const
|
|
106
|
+
const requestObject = _types.RequestObject.parse({
|
|
113
107
|
header: responseJwt.protectedHeader,
|
|
114
108
|
payload: responseJwt.payload
|
|
115
109
|
});
|
|
116
|
-
return
|
|
110
|
+
return {
|
|
111
|
+
requestObject,
|
|
112
|
+
rpEntityConfiguration,
|
|
113
|
+
walletInstanceAttestation
|
|
114
|
+
};
|
|
117
115
|
}
|
|
118
|
-
throw new _errors.IoWalletError(`Unable to obtain Request Object. Response code: ${response.status}
|
|
119
|
-
|
|
116
|
+
throw new _errors.IoWalletError(`Unable to obtain Request Object. Response code: ${response.status}
|
|
117
|
+
${await response.text()}`);
|
|
118
|
+
};
|
|
119
|
+
};
|
|
120
120
|
|
|
121
|
-
|
|
122
|
-
|
|
123
|
-
|
|
124
|
-
|
|
125
|
-
|
|
126
|
-
|
|
127
|
-
|
|
128
|
-
|
|
129
|
-
|
|
130
|
-
|
|
131
|
-
|
|
132
|
-
|
|
133
|
-
|
|
134
|
-
|
|
135
|
-
|
|
136
|
-
|
|
137
|
-
|
|
138
|
-
|
|
139
|
-
// TODO: [SIW-353] support multiple presentations,
|
|
140
|
-
signKeyId) {
|
|
141
|
-
let [vc, claims] = _ref2;
|
|
121
|
+
/**
|
|
122
|
+
* Prepare the Verified Presentation token for a received request object in the context of an authorization request flow.
|
|
123
|
+
* The presentation is prepared by disclosing data from provided credentials, according to requested claims
|
|
124
|
+
* Each Verified Credential come along with the claims the user accepts to disclose from it.
|
|
125
|
+
*
|
|
126
|
+
* @todo accept more than a Verified Credential
|
|
127
|
+
*/
|
|
128
|
+
exports.getRequestObject = getRequestObject;
|
|
129
|
+
const prepareVpToken = _ref3 => {
|
|
130
|
+
let {
|
|
131
|
+
pidCryptoContext
|
|
132
|
+
} = _ref3;
|
|
133
|
+
return async (_ref4, _ref5) => {
|
|
134
|
+
let {
|
|
135
|
+
requestObject,
|
|
136
|
+
walletInstanceAttestation
|
|
137
|
+
} = _ref4;
|
|
138
|
+
let [vc, claims] = _ref5;
|
|
142
139
|
// this throws if vc cannot satisfy all the requested claims
|
|
143
140
|
const {
|
|
144
141
|
token: vp,
|
|
145
142
|
paths
|
|
146
143
|
} = await (0, _sdJwt.disclose)(vc, claims);
|
|
147
144
|
|
|
148
|
-
//
|
|
145
|
+
// obtain issuer from Wallet Instance
|
|
146
|
+
const {
|
|
147
|
+
payload: {
|
|
148
|
+
iss
|
|
149
|
+
}
|
|
150
|
+
} = WalletInstanceAttestation.decode(walletInstanceAttestation);
|
|
151
|
+
const pidKid = await pidCryptoContext.getPublicKey().then(_ => _.kid);
|
|
149
152
|
|
|
150
|
-
|
|
153
|
+
// TODO: [SIW-359] check all requeste claims of the requestedObj are satisfied
|
|
154
|
+
const vp_token = await new _ioReactNativeJwt.SignJWT(pidCryptoContext).setProtectedHeader({
|
|
155
|
+
typ: "JWT",
|
|
156
|
+
kid: pidKid
|
|
157
|
+
}).setPayload({
|
|
151
158
|
vp: vp,
|
|
152
159
|
jti: `${_reactNativeUuid.default.v4()}`,
|
|
153
|
-
iss
|
|
154
|
-
nonce:
|
|
155
|
-
}).setAudience(
|
|
156
|
-
|
|
157
|
-
alg: "ES256",
|
|
158
|
-
kid: signKeyId
|
|
159
|
-
}).toSign();
|
|
160
|
-
const vc_scope = requestObj.payload.scope;
|
|
160
|
+
iss,
|
|
161
|
+
nonce: requestObject.payload.nonce
|
|
162
|
+
}).setAudience(requestObject.payload.response_uri).setIssuedAt().setExpirationTime("1h").sign();
|
|
163
|
+
const vc_scope = requestObject.payload.scope;
|
|
161
164
|
const presentation_submission = {
|
|
162
165
|
definition_id: `${_reactNativeUuid.default.v4()}`,
|
|
163
166
|
id: `${_reactNativeUuid.default.v4()}`,
|
|
@@ -171,30 +174,43 @@ class RelyingPartySolution {
|
|
|
171
174
|
vp_token,
|
|
172
175
|
presentation_submission
|
|
173
176
|
};
|
|
174
|
-
}
|
|
177
|
+
};
|
|
178
|
+
};
|
|
175
179
|
|
|
176
|
-
|
|
177
|
-
|
|
178
|
-
|
|
179
|
-
|
|
180
|
-
|
|
181
|
-
|
|
182
|
-
|
|
183
|
-
|
|
184
|
-
|
|
185
|
-
|
|
186
|
-
|
|
187
|
-
|
|
188
|
-
|
|
189
|
-
|
|
190
|
-
|
|
180
|
+
/**
|
|
181
|
+
* Compose and send an Authorization Response in the context of an authorization request flow.
|
|
182
|
+
*
|
|
183
|
+
* @todo MUST add presentation_submission
|
|
184
|
+
*
|
|
185
|
+
*/
|
|
186
|
+
const sendAuthorizationResponse = _ref6 => {
|
|
187
|
+
let {
|
|
188
|
+
pidCryptoContext,
|
|
189
|
+
appFetch = fetch
|
|
190
|
+
} = _ref6;
|
|
191
|
+
return async (_ref7, presentation) => {
|
|
192
|
+
let {
|
|
193
|
+
requestObject,
|
|
194
|
+
rpEntityConfiguration,
|
|
195
|
+
walletInstanceAttestation
|
|
196
|
+
} = _ref7;
|
|
191
197
|
// the request is an unsigned jws without iss, aud, exp
|
|
192
198
|
// https://openid.net/specs/openid-4-verifiable-presentations-1_0.html#name-signed-and-encrypted-respon
|
|
193
|
-
const jwk =
|
|
199
|
+
const jwk = chooseRSAPublicKeyToEncrypt(rpEntityConfiguration);
|
|
200
|
+
const {
|
|
201
|
+
vp_token,
|
|
202
|
+
presentation_submission
|
|
203
|
+
} = await prepareVpToken({
|
|
204
|
+
pidCryptoContext
|
|
205
|
+
})({
|
|
206
|
+
requestObject,
|
|
207
|
+
rpEntityConfiguration,
|
|
208
|
+
walletInstanceAttestation
|
|
209
|
+
}, presentation);
|
|
194
210
|
const authzResponsePayload = JSON.stringify({
|
|
195
|
-
state:
|
|
211
|
+
state: requestObject.payload.state,
|
|
196
212
|
presentation_submission,
|
|
197
|
-
nonce:
|
|
213
|
+
nonce: requestObject.payload.nonce,
|
|
198
214
|
vp_token
|
|
199
215
|
});
|
|
200
216
|
const encrypted = await new _ioReactNativeJwt.EncryptJwe(authzResponsePayload, {
|
|
@@ -206,7 +222,7 @@ class RelyingPartySolution {
|
|
|
206
222
|
response: encrypted
|
|
207
223
|
});
|
|
208
224
|
const body = formBody.toString();
|
|
209
|
-
const response = await
|
|
225
|
+
const response = await appFetch(requestObject.payload.response_uri, {
|
|
210
226
|
method: "POST",
|
|
211
227
|
headers: {
|
|
212
228
|
"Content-Type": "application/x-www-form-urlencoded"
|
|
@@ -217,33 +233,7 @@ class RelyingPartySolution {
|
|
|
217
233
|
return await response.json();
|
|
218
234
|
}
|
|
219
235
|
throw new _errors.IoWalletError(`Unable to send Authorization Response. Response: ${await response.text()} with code: ${response.status}`);
|
|
220
|
-
}
|
|
221
|
-
|
|
222
|
-
|
|
223
|
-
* Select a RSA public key from those provided by the RP to encrypt.
|
|
224
|
-
*
|
|
225
|
-
* @param entity The RP entity configuration
|
|
226
|
-
* @returns A suitable public key with its compatible encryption algorithm
|
|
227
|
-
* @throws {NoSuitableKeysFoundInEntityConfiguration} If entity do not contain any public key suitable for encrypting
|
|
228
|
-
*/
|
|
229
|
-
chooseRSAPublicKeyToEncrypt(entity) {
|
|
230
|
-
const [usingRsa256] = entity.payload.metadata.wallet_relying_party.jwks.filter(jwk => jwk.use === "enc" && jwk.kty === "RSA");
|
|
231
|
-
if (usingRsa256) {
|
|
232
|
-
return usingRsa256;
|
|
233
|
-
}
|
|
234
|
-
|
|
235
|
-
// No suitable key has been found
|
|
236
|
-
throw new _errors.NoSuitableKeysFoundInEntityConfiguration("Encrypt with RP public key");
|
|
237
|
-
}
|
|
238
|
-
|
|
239
|
-
/**
|
|
240
|
-
* Obtain the relying party entity configuration.
|
|
241
|
-
*/
|
|
242
|
-
async getEntityConfiguration() {
|
|
243
|
-
return (0, _trust.getEntityConfiguration)(this.relyingPartyBaseUrl, {
|
|
244
|
-
appFetch: this.appFetch
|
|
245
|
-
}).then(_types.RpEntityConfiguration.parse);
|
|
246
|
-
}
|
|
247
|
-
}
|
|
248
|
-
exports.RelyingPartySolution = RelyingPartySolution;
|
|
236
|
+
};
|
|
237
|
+
};
|
|
238
|
+
exports.sendAuthorizationResponse = sendAuthorizationResponse;
|
|
249
239
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_errors","require","_ioReactNativeJwt","_types","_reactNativeUuid","_interopRequireDefault","_sdJwt","
|
|
1
|
+
{"version":3,"names":["_errors","require","_ioReactNativeJwt","_types","_reactNativeUuid","_interopRequireDefault","_sdJwt","_dpop","WalletInstanceAttestation","_interopRequireWildcard","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","chooseRSAPublicKeyToEncrypt","entity","usingRsa256","payload","metadata","wallet_relying_party","jwks","filter","jwk","use","kty","NoSuitableKeysFoundInEntityConfiguration","decodeAuthRequestQR","qrcode","decoded","decodeBase64","decodedUrl","URL","protocol","resource","hostname","requestURI","searchParams","clientId","result","QRCodePayload","safeParse","success","data","AuthRequestDecodeError","error","message","exports","getRequestObject","_ref","wiaCryptoContext","appFetch","fetch","walletInstanceAttestation","requestUri","rpEntityConfiguration","signedWalletInstanceDPoP","createDPopToken","jti","uuid","v4","htm","htu","ath","sha256ToBase64","response","method","headers","Authorization","DPoP","status","responseJson","json","responseEncodedJwt","responseJwt","decodeJwt","pubKey","find","_ref2","kid","protectedHeader","verify","requestObject","RequestObject","parse","header","IoWalletError","text","prepareVpToken","_ref3","pidCryptoContext","_ref4","_ref5","vc","claims","token","vp","paths","disclose","iss","decode","pidKid","getPublicKey","then","_","vp_token","SignJWT","setProtectedHeader","typ","setPayload","nonce","setAudience","response_uri","setIssuedAt","setExpirationTime","sign","vc_scope","scope","presentation_submission","definition_id","id","descriptor_map","map","p","path","format","sendAuthorizationResponse","_ref6","_ref7","presentation","authzResponsePayload","JSON","stringify","state","encrypted","EncryptJwe","alg","enc","encrypt","formBody","URLSearchParams","body","toString"],"sourceRoot":"../../../src","sources":["rp/index.ts"],"mappings":";;;;;;AAAA,IAAAA,OAAA,GAAAC,OAAA;AAKA,IAAAC,iBAAA,GAAAD,OAAA;AASA,IAAAE,MAAA,GAAAF,OAAA;AAEA,IAAAG,gBAAA,GAAAC,sBAAA,CAAAJ,OAAA;AAEA,IAAAK,MAAA,GAAAL,OAAA;AACA,IAAAM,KAAA,GAAAN,OAAA;AAEA,IAAAO,yBAAA,GAAAC,uBAAA,CAAAR,OAAA;AAA4E,SAAAS,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAF,wBAAAM,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAAA,SAAAhB,uBAAAU,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAE5E;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMiB,2BAA2B,GAC/BC,MAAuC,IAC/B;EACR,MAAM,CAACC,WAAW,CAAC,GACjBD,MAAM,CAACE,OAAO,CAACC,QAAQ,CAACC,oBAAoB,CAACC,IAAI,CAACC,MAAM,CACrDC,GAAG,IAAKA,GAAG,CAACC,GAAG,KAAK,KAAK,IAAID,GAAG,CAACE,GAAG,KAAK,KAC5C,CAAC;EAEH,IAAIR,WAAW,EAAE;IACf,OAAOA,WAAW;EACpB;;EAEA;EACA,MAAM,IAAIS,gDAAwC,CAChD,4BACF,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMC,mBAAmB,GAAIC,MAAc,IAAoB;EACpE,MAAMC,OAAO,GAAG,IAAAC,8BAAY,EAACF,MAAM,CAAC;EACpC,MAAMG,UAAU,GAAG,IAAIC,GAAG,CAACH,OAAO,CAAC;EACnC,MAAMI,QAAQ,GAAGF,UAAU,CAACE,QAAQ;EACpC,MAAMC,QAAQ,GAAGH,UAAU,CAACI,QAAQ;EACpC,MAAMC,UAAU,GAAGL,UAAU,CAACM,YAAY,CAAClC,GAAG,CAAC,aAAa,CAAC;EAC7D,MAAMmC,QAAQ,GAAGP,UAAU,CAACM,YAAY,CAAClC,GAAG,CAAC,WAAW,CAAC;EAEzD,MAAMoC,MAAM,GAAGC,oBAAa,CAACC,SAAS,CAAC;IACrCR,QAAQ;IACRC,QAAQ;IACRE,UAAU;IACVE;EACF,CAAC,CAAC;EAEF,IAAIC,MAAM,CAACG,OAAO,EAAE;IAClB,OAAOH,MAAM,CAACI,IAAI;EACpB,CAAC,MAAM;IACL,MAAM,IAAIC,8BAAsB,CAACL,MAAM,CAACM,KAAK,CAACC,OAAO,EAAG,GAAEf,UAAW,EAAC,CAAC;EACzE;AACF,CAAC;AAACgB,OAAA,CAAApB,mBAAA,GAAAA,mBAAA;AAQF;AACA;AACA;AACA;AACO,MAAMqB,gBAAgB,GAC3BC,IAAA;EAAA,IAAC;IACCC,gBAAgB;IAChBC,QAAQ,GAAGC;EAIb,CAAC,GAAAH,IAAA;EAAA,OACD,OACEI,yBAAiC,EACjCC,UAAkB,EAClBC,qBAAsD,KACvB;IAC/B,MAAMC,wBAAwB,GAAG,MAAM,IAAAC,qBAAe,EACpD;MACEC,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;MACnBC,GAAG,EAAE,KAAK;MACVC,GAAG,EAAER,UAAU;MACfS,GAAG,EAAE,MAAM,IAAAC,gCAAc,EAACX,yBAAyB;IACrD,CAAC,EACDH,gBACF,CAAC;IAED,MAAMe,QAAQ,GAAG,MAAMd,QAAQ,CAACG,UAAU,EAAE;MAC1CY,MAAM,EAAE,KAAK;MACbC,OAAO,EAAE;QACPC,aAAa,EAAG,QAAOf,yBAA0B,EAAC;QAClDgB,IAAI,EAAEb;MACR;IACF,CAAC,CAAC;IAEF,IAAIS,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAMC,YAAY,GAAG,MAAMN,QAAQ,CAACO,IAAI,CAAC,CAAC;MAC1C,MAAMC,kBAAkB,GAAGF,YAAY,CAACN,QAAQ;MAEhD,MAAMS,WAAW,GAAG,IAAAC,wBAAS,EAACF,kBAAkB,CAAC;;MAEjD;MACA;MACA;QACE,MAAMG,MAAM,GACVrB,qBAAqB,CAACrC,OAAO,CAACC,QAAQ,CAACC,oBAAoB,CAACC,IAAI,CAACwD,IAAI,CACnEC,KAAA;UAAA,IAAC;YAAEC;UAAI,CAAC,GAAAD,KAAA;UAAA,OAAKC,GAAG,KAAKL,WAAW,CAACM,eAAe,CAACD,GAAG;QAAA,CACtD,CAAC;QACH,IAAI,CAACH,MAAM,EAAE;UACX,MAAM,IAAIlD,gDAAwC,CAChD,uCACF,CAAC;QACH;QACA,MAAM,IAAAuD,wBAAM,EAACR,kBAAkB,EAAEG,MAAM,CAAC;MAC1C;;MAEA;MACA,MAAMM,aAAa,GAAGC,oBAAa,CAACC,KAAK,CAAC;QACxCC,MAAM,EAAEX,WAAW,CAACM,eAAe;QACnC9D,OAAO,EAAEwD,WAAW,CAACxD;MACvB,CAAC,CAAC;MAEF,OAAO;QACLgE,aAAa;QACb3B,qBAAqB;QACrBF;MACF,CAAC;IACH;IAEA,MAAM,IAAIiC,qBAAa,CACpB,mDAAkDrB,QAAQ,CAACK,MAAO;AACzE,QAAQ,MAAML,QAAQ,CAACsB,IAAI,CAAC,CAAE,EAC1B,CAAC;EACH,CAAC;AAAA;;AAEH;AACA;AACA;AACA;AACA;AACA;AACA;AANAxC,OAAA,CAAAC,gBAAA,GAAAA,gBAAA;AAOA,MAAMwC,cAAc,GAClBC,KAAA;EAAA,IAAC;IAAEC;EAAsD,CAAC,GAAAD,KAAA;EAAA,OAC1D,OAAAE,KAAA,EAAAC,KAAA,KAMM;IAAA,IALJ;MAAEV,aAAa;MAAE7B;IAA6C,CAAC,GAAAsC,KAAA;IAAA,IAC/D,CAACE,EAAE,EAAEC,MAAM,CAAe,GAAAF,KAAA;IAK1B;IACA,MAAM;MAAEG,KAAK,EAAEC,EAAE;MAAEC;IAAM,CAAC,GAAG,MAAM,IAAAC,eAAQ,EAACL,EAAE,EAAEC,MAAM,CAAC;;IAEvD;IACA,MAAM;MACJ5E,OAAO,EAAE;QAAEiF;MAAI;IACjB,CAAC,GAAG5G,yBAAyB,CAAC6G,MAAM,CAAC/C,yBAAyB,CAAC;IAE/D,MAAMgD,MAAM,GAAG,MAAMX,gBAAgB,CAACY,YAAY,CAAC,CAAC,CAACC,IAAI,CAAEC,CAAC,IAAKA,CAAC,CAACzB,GAAG,CAAC;;IAEvE;IACA,MAAM0B,QAAQ,GAAG,MAAM,IAAIC,yBAAO,CAAChB,gBAAgB,CAAC,CACjDiB,kBAAkB,CAAC;MAClBC,GAAG,EAAE,KAAK;MACV7B,GAAG,EAAEsB;IACP,CAAC,CAAC,CACDQ,UAAU,CAAC;MACVb,EAAE,EAAEA,EAAE;MACNtC,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;MACnBuC,GAAG;MACHW,KAAK,EAAE5B,aAAa,CAAChE,OAAO,CAAC4F;IAC/B,CAAC,CAAC,CACDC,WAAW,CAAC7B,aAAa,CAAChE,OAAO,CAAC8F,YAAY,CAAC,CAC/CC,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,IAAI,CAAC,CAAC;IAET,MAAMC,QAAQ,GAAGlC,aAAa,CAAChE,OAAO,CAACmG,KAAK;IAC5C,MAAMC,uBAAuB,GAAG;MAC9BC,aAAa,EAAG,GAAE5D,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;MAC7B4D,EAAE,EAAG,GAAE7D,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;MAClB6D,cAAc,EAAExB,KAAK,CAACyB,GAAG,CAAEC,CAAC,KAAM;QAChCH,EAAE,EAAEJ,QAAQ;QACZQ,IAAI,EAAG,cAAaD,CAAC,CAACC,IAAK,EAAC;QAC5BC,MAAM,EAAE;MACV,CAAC,CAAC;IACJ,CAAC;IAED,OAAO;MAAEpB,QAAQ;MAAEa;IAAwB,CAAC;EAC9C,CAAC;AAAA;;AAEH;AACA;AACA;AACA;AACA;AACA;AACO,MAAMQ,yBAAyB,GACpCC,KAAA;EAAA,IAAC;IACCrC,gBAAgB;IAChBvC,QAAQ,GAAGC;EAIb,CAAC,GAAA2E,KAAA;EAAA,OACD,OAAAC,KAAA,EAMEC,YAA0B,KACN;IAAA,IANpB;MACE/C,aAAa;MACb3B,qBAAqB;MACrBF;IACiB,CAAC,GAAA2E,KAAA;IAGpB;IACA;IACA,MAAMzG,GAAG,GAAGR,2BAA2B,CAACwC,qBAAqB,CAAC;IAE9D,MAAM;MAAEkD,QAAQ;MAAEa;IAAwB,CAAC,GAAG,MAAM9B,cAAc,CAAC;MACjEE;IACF,CAAC,CAAC,CACA;MACER,aAAa;MACb3B,qBAAqB;MACrBF;IACF,CAAC,EACD4E,YACF,CAAC;IAED,MAAMC,oBAAoB,GAAGC,IAAI,CAACC,SAAS,CAAC;MAC1CC,KAAK,EAAEnD,aAAa,CAAChE,OAAO,CAACmH,KAAK;MAClCf,uBAAuB;MACvBR,KAAK,EAAE5B,aAAa,CAAChE,OAAO,CAAC4F,KAAK;MAClCL;IACF,CAAC,CAAC;IAEF,MAAM6B,SAAS,GAAG,MAAM,IAAIC,4BAAU,CAACL,oBAAoB,EAAE;MAC3DM,GAAG,EAAE,cAAc;MACnBC,GAAG,EAAE,eAAe;MACpB1D,GAAG,EAAExD,GAAG,CAACwD;IACX,CAAC,CAAC,CAAC2D,OAAO,CAACnH,GAAG,CAAC;IAEf,MAAMoH,QAAQ,GAAG,IAAIC,eAAe,CAAC;MAAE3E,QAAQ,EAAEqE;IAAU,CAAC,CAAC;IAC7D,MAAMO,IAAI,GAAGF,QAAQ,CAACG,QAAQ,CAAC,CAAC;IAEhC,MAAM7E,QAAQ,GAAG,MAAMd,QAAQ,CAAC+B,aAAa,CAAChE,OAAO,CAAC8F,YAAY,EAAE;MAClE9C,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE;MAClB,CAAC;MACD0E;IACF,CAAC,CAAC;IAEF,IAAI5E,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,OAAO,MAAML,QAAQ,CAACO,IAAI,CAAC,CAAC;IAC9B;IAEA,MAAM,IAAIc,qBAAa,CACpB,oDAAmD,MAAMrB,QAAQ,CAACsB,IAAI,CAAC,CAAE,eACxEtB,QAAQ,CAACK,MACV,EACH,CAAC;EACH,CAAC;AAAA;AAACvB,OAAA,CAAA+E,yBAAA,GAAAA,yBAAA"}
|
package/lib/commonjs/rp/types.js
CHANGED
|
@@ -3,11 +3,9 @@
|
|
|
3
3
|
Object.defineProperty(exports, "__esModule", {
|
|
4
4
|
value: true
|
|
5
5
|
});
|
|
6
|
-
exports.
|
|
7
|
-
var _jwk = require("../utils/jwk");
|
|
6
|
+
exports.RequestObject = exports.QRCodePayload = void 0;
|
|
8
7
|
var _types = require("../sd-jwt/types");
|
|
9
8
|
var z = _interopRequireWildcard(require("zod"));
|
|
10
|
-
var _types2 = require("../trust/types");
|
|
11
9
|
function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
|
|
12
10
|
function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
|
|
13
11
|
const RequestObject = z.object({
|
|
@@ -32,25 +30,7 @@ const RequestObject = z.object({
|
|
|
32
30
|
scope: z.string()
|
|
33
31
|
})
|
|
34
32
|
});
|
|
35
|
-
|
|
36
|
-
/**
|
|
37
|
-
* EntityConfiguration plus the metadata specific for a Relying Party entity.
|
|
38
|
-
*/
|
|
39
33
|
exports.RequestObject = RequestObject;
|
|
40
|
-
const RpEntityConfiguration = _types2.EntityConfiguration.and(z.object({
|
|
41
|
-
payload: z.object({
|
|
42
|
-
metadata: z.object({
|
|
43
|
-
wallet_relying_party: z.object({
|
|
44
|
-
application_type: z.string().optional(),
|
|
45
|
-
client_id: z.string().optional(),
|
|
46
|
-
client_name: z.string().optional(),
|
|
47
|
-
jwks: z.array(_jwk.JWK),
|
|
48
|
-
contacts: z.array(z.string()).optional()
|
|
49
|
-
}).passthrough()
|
|
50
|
-
})
|
|
51
|
-
})
|
|
52
|
-
}));
|
|
53
|
-
exports.RpEntityConfiguration = RpEntityConfiguration;
|
|
54
34
|
const QRCodePayload = z.object({
|
|
55
35
|
protocol: z.string(),
|
|
56
36
|
resource: z.string(),
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["
|
|
1
|
+
{"version":3,"names":["_types","require","z","_interopRequireWildcard","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","RequestObject","object","header","typ","literal","optional","alg","string","kid","trust_chain","array","payload","iss","iat","UnixTime","exp","state","nonce","response_uri","response_type","response_mode","client_id","client_id_scheme","scope","exports","QRCodePayload","protocol","resource","clientId","requestURI"],"sourceRoot":"../../../src","sources":["rp/types.ts"],"mappings":";;;;;;AAAA,IAAAA,MAAA,GAAAC,OAAA;AACA,IAAAC,CAAA,GAAAC,uBAAA,CAAAF,OAAA;AAAyB,SAAAG,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAF,wBAAAM,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAGlB,MAAMW,aAAa,GAAGxB,CAAC,CAACyB,MAAM,CAAC;EACpCC,MAAM,EAAE1B,CAAC,CAACyB,MAAM,CAAC;IACf;IACAE,GAAG,EAAE3B,CAAC,CAAC4B,OAAO,CAAC,KAAK,CAAC,CAACC,QAAQ,CAAC,CAAC;IAChCC,GAAG,EAAE9B,CAAC,CAAC+B,MAAM,CAAC,CAAC;IACfC,GAAG,EAAEhC,CAAC,CAAC+B,MAAM,CAAC,CAAC;IACfE,WAAW,EAAEjC,CAAC,CAACkC,KAAK,CAAClC,CAAC,CAAC+B,MAAM,CAAC,CAAC;EACjC,CAAC,CAAC;EACFI,OAAO,EAAEnC,CAAC,CAACyB,MAAM,CAAC;IAChBW,GAAG,EAAEpC,CAAC,CAAC+B,MAAM,CAAC,CAAC;IACfM,GAAG,EAAEC,eAAQ;IACbC,GAAG,EAAED,eAAQ;IACbE,KAAK,EAAExC,CAAC,CAAC+B,MAAM,CAAC,CAAC;IACjBU,KAAK,EAAEzC,CAAC,CAAC+B,MAAM,CAAC,CAAC;IACjBW,YAAY,EAAE1C,CAAC,CAAC+B,MAAM,CAAC,CAAC;IACxBY,aAAa,EAAE3C,CAAC,CAAC4B,OAAO,CAAC,UAAU,CAAC;IACpCgB,aAAa,EAAE5C,CAAC,CAAC4B,OAAO,CAAC,iBAAiB,CAAC;IAC3CiB,SAAS,EAAE7C,CAAC,CAAC+B,MAAM,CAAC,CAAC;IACrBe,gBAAgB,EAAE9C,CAAC,CAAC4B,OAAO,CAAC,WAAW,CAAC;IACxCmB,KAAK,EAAE/C,CAAC,CAAC+B,MAAM,CAAC;EAClB,CAAC;AACH,CAAC,CAAC;AAACiB,OAAA,CAAAxB,aAAA,GAAAA,aAAA;AAGI,MAAMyB,aAAa,GAAGjD,CAAC,CAACyB,MAAM,CAAC;EACpCyB,QAAQ,EAAElD,CAAC,CAAC+B,MAAM,CAAC,CAAC;EACpBoB,QAAQ,EAAEnD,CAAC,CAAC+B,MAAM,CAAC,CAAC;EAAE;EACtBqB,QAAQ,EAAEpD,CAAC,CAAC+B,MAAM,CAAC,CAAC;EACpBsB,UAAU,EAAErD,CAAC,CAAC+B,MAAM,CAAC;AACvB,CAAC,CAAC;;AAEF;AACA;AACA;AAFAiB,OAAA,CAAAC,aAAA,GAAAA,aAAA"}
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
Object.defineProperty(exports, "__esModule", {
|
|
4
4
|
value: true
|
|
5
5
|
});
|
|
6
|
-
exports.getEntityConfiguration =
|
|
6
|
+
exports.getWalletProviderEntityConfiguration = exports.getTrustAnchorEntityConfiguration = exports.getRelyingPartyEntityConfiguration = exports.getEntityConfiguration = exports.getCredentialIssuerEntityConfiguration = void 0;
|
|
7
7
|
Object.defineProperty(exports, "verifyTrustChain", {
|
|
8
8
|
enumerable: true,
|
|
9
9
|
get: function () {
|
|
@@ -15,18 +15,27 @@ var _types = require("./types");
|
|
|
15
15
|
var _errors = require("../utils/errors");
|
|
16
16
|
var _chain = require("./chain");
|
|
17
17
|
/**
|
|
18
|
-
* Fetch and parse
|
|
18
|
+
* Fetch and parse the entity configuration document for a given federation entity.
|
|
19
|
+
* This is an inner method to serve public interfaces.
|
|
20
|
+
*
|
|
21
|
+
* To add another entity configuration type (example: Foo entity type):
|
|
22
|
+
* - create its zod schema and type by inherit from the base type (example: FooEntityConfiguration = BaseEntityConfiguration.and(...))
|
|
23
|
+
* - add such type to EntityConfiguration union
|
|
24
|
+
* - add an overload to this function
|
|
25
|
+
* - create a public function which use such type (example: getFooEntityConfiguration = (url, options) => Promise<FooEntityConfiguration>)
|
|
19
26
|
*
|
|
20
27
|
* @param entityBaseUrl The base url of the entity.
|
|
28
|
+
* @param schema The expected schema of the entity configuration, according to the kind of entity we are fetching from.
|
|
21
29
|
* @param options.appFetch An optional instance of the http client to be used.
|
|
22
30
|
* @returns The parsed entity configuration object
|
|
23
31
|
* @throws {IoWalletError} If the http request fails
|
|
24
32
|
* @throws Parse error if the document is not in the expected shape.
|
|
25
33
|
*/
|
|
26
|
-
|
|
34
|
+
|
|
35
|
+
async function fetchAndParseEntityConfiguration(entityBaseUrl, schema) {
|
|
27
36
|
let {
|
|
28
37
|
appFetch = fetch
|
|
29
|
-
} = arguments.length >
|
|
38
|
+
} = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : {};
|
|
30
39
|
const wellKnownUrl = `${entityBaseUrl}/.well-known/openid-federation`;
|
|
31
40
|
const response = await appFetch(wellKnownUrl, {
|
|
32
41
|
method: "GET"
|
|
@@ -34,11 +43,21 @@ async function getEntityConfiguration(entityBaseUrl) {
|
|
|
34
43
|
if (response.status === 200) {
|
|
35
44
|
const responseText = await response.text();
|
|
36
45
|
const responseJwt = (0, _ioReactNativeJwt.decode)(responseText);
|
|
37
|
-
return
|
|
46
|
+
return schema.parse({
|
|
38
47
|
header: responseJwt.protectedHeader,
|
|
39
48
|
payload: responseJwt.payload
|
|
40
49
|
});
|
|
41
50
|
}
|
|
42
51
|
throw new _errors.IoWalletError(`Unable to obtain Entity Configuration at ${wellKnownUrl}. Response code: ${response.status}`);
|
|
43
52
|
}
|
|
53
|
+
const getWalletProviderEntityConfiguration = (entityBaseUrl, options) => fetchAndParseEntityConfiguration(entityBaseUrl, _types.WalletProviderEntityConfiguration, options);
|
|
54
|
+
exports.getWalletProviderEntityConfiguration = getWalletProviderEntityConfiguration;
|
|
55
|
+
const getCredentialIssuerEntityConfiguration = (entityBaseUrl, options) => fetchAndParseEntityConfiguration(entityBaseUrl, _types.CredentialIssuerEntityConfiguration, options);
|
|
56
|
+
exports.getCredentialIssuerEntityConfiguration = getCredentialIssuerEntityConfiguration;
|
|
57
|
+
const getTrustAnchorEntityConfiguration = (entityBaseUrl, options) => fetchAndParseEntityConfiguration(entityBaseUrl, _types.TrustAnchorEntityConfiguration, options);
|
|
58
|
+
exports.getTrustAnchorEntityConfiguration = getTrustAnchorEntityConfiguration;
|
|
59
|
+
const getRelyingPartyEntityConfiguration = (entityBaseUrl, options) => fetchAndParseEntityConfiguration(entityBaseUrl, _types.RelyingPartyEntityConfiguration, options);
|
|
60
|
+
exports.getRelyingPartyEntityConfiguration = getRelyingPartyEntityConfiguration;
|
|
61
|
+
const getEntityConfiguration = (entityBaseUrl, options) => fetchAndParseEntityConfiguration(entityBaseUrl, _types.EntityConfiguration, options);
|
|
62
|
+
exports.getEntityConfiguration = getEntityConfiguration;
|
|
44
63
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_ioReactNativeJwt","require","_types","_errors","_chain","
|
|
1
|
+
{"version":3,"names":["_ioReactNativeJwt","require","_types","_errors","_chain","fetchAndParseEntityConfiguration","entityBaseUrl","schema","appFetch","fetch","arguments","length","undefined","wellKnownUrl","response","method","status","responseText","text","responseJwt","decodeJwt","parse","header","protectedHeader","payload","IoWalletError","getWalletProviderEntityConfiguration","options","WalletProviderEntityConfiguration","exports","getCredentialIssuerEntityConfiguration","CredentialIssuerEntityConfiguration","getTrustAnchorEntityConfiguration","TrustAnchorEntityConfiguration","getRelyingPartyEntityConfiguration","RelyingPartyEntityConfiguration","getEntityConfiguration","EntityConfiguration"],"sourceRoot":"../../../src","sources":["trust/index.ts"],"mappings":";;;;;;;;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AACA,IAAAC,MAAA,GAAAD,OAAA;AAOA,IAAAE,OAAA,GAAAF,OAAA;AACA,IAAAG,MAAA,GAAAH,OAAA;AAIA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAoCA,eAAeI,gCAAgCA,CAC7CC,aAAqB,EACrBC,MAK8B,EAM9B;EAAA,IALA;IACEC,QAAQ,GAAGC;EAGb,CAAC,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EAEN,MAAMG,YAAY,GAAI,GAAEP,aAAc,gCAA+B;EAErE,MAAMQ,QAAQ,GAAG,MAAMN,QAAQ,CAACK,YAAY,EAAE;IAC5CE,MAAM,EAAE;EACV,CAAC,CAAC;EAEF,IAAID,QAAQ,CAACE,MAAM,KAAK,GAAG,EAAE;IAC3B,MAAMC,YAAY,GAAG,MAAMH,QAAQ,CAACI,IAAI,CAAC,CAAC;IAC1C,MAAMC,WAAW,GAAG,IAAAC,wBAAS,EAACH,YAAY,CAAC;IAC3C,OAAOV,MAAM,CAACc,KAAK,CAAC;MAClBC,MAAM,EAAEH,WAAW,CAACI,eAAe;MACnCC,OAAO,EAAEL,WAAW,CAACK;IACvB,CAAC,CAAC;EACJ;EAEA,MAAM,IAAIC,qBAAa,CACpB,4CAA2CZ,YAAa,oBAAmBC,QAAQ,CAACE,MAAO,EAC9F,CAAC;AACH;AAEO,MAAMU,oCAAoC,GAAGA,CAClDpB,aAAqE,EACrEqB,OAAgE,KAEhEtB,gCAAgC,CAC9BC,aAAa,EACbsB,wCAAiC,EACjCD,OACF,CAAC;AAACE,OAAA,CAAAH,oCAAA,GAAAA,oCAAA;AAEG,MAAMI,sCAAsC,GAAGA,CACpDxB,aAAqE,EACrEqB,OAAgE,KAEhEtB,gCAAgC,CAC9BC,aAAa,EACbyB,0CAAmC,EACnCJ,OACF,CAAC;AAACE,OAAA,CAAAC,sCAAA,GAAAA,sCAAA;AAEG,MAAME,iCAAiC,GAAGA,CAC/C1B,aAAqE,EACrEqB,OAAgE,KAEhEtB,gCAAgC,CAC9BC,aAAa,EACb2B,qCAA8B,EAC9BN,OACF,CAAC;AAACE,OAAA,CAAAG,iCAAA,GAAAA,iCAAA;AAEG,MAAME,kCAAkC,GAAGA,CAChD5B,aAAqE,EACrEqB,OAAgE,KAEhEtB,gCAAgC,CAC9BC,aAAa,EACb6B,sCAA+B,EAC/BR,OACF,CAAC;AAACE,OAAA,CAAAK,kCAAA,GAAAA,kCAAA;AAEG,MAAME,sBAAsB,GAAGA,CACpC9B,aAAqE,EACrEqB,OAAgE,KAEhEtB,gCAAgC,CAACC,aAAa,EAAE+B,0BAAmB,EAAEV,OAAO,CAAC;AAACE,OAAA,CAAAO,sBAAA,GAAAA,sBAAA"}
|