@pagopa/io-react-native-wallet 0.4.3 → 0.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +128 -19
- package/lib/commonjs/index.js +16 -23
- package/lib/commonjs/index.js.map +1 -1
- package/lib/commonjs/pid/index.js +3 -8
- package/lib/commonjs/pid/index.js.map +1 -1
- package/lib/commonjs/pid/issuing.js +153 -176
- package/lib/commonjs/pid/issuing.js.map +1 -1
- package/lib/commonjs/rp/__test__/index.test.js +7 -5
- package/lib/commonjs/rp/__test__/index.test.js.map +1 -1
- package/lib/commonjs/rp/index.js +145 -155
- package/lib/commonjs/rp/index.js.map +1 -1
- package/lib/commonjs/rp/types.js +1 -21
- package/lib/commonjs/rp/types.js.map +1 -1
- package/lib/commonjs/trust/index.js +24 -5
- package/lib/commonjs/trust/index.js.map +1 -1
- package/lib/commonjs/trust/types.js +102 -9
- package/lib/commonjs/trust/types.js.map +1 -1
- package/lib/commonjs/utils/crypto.js +46 -0
- package/lib/commonjs/utils/crypto.js.map +1 -0
- package/lib/commonjs/utils/dpop.js +14 -7
- package/lib/commonjs/utils/dpop.js.map +1 -1
- package/lib/commonjs/wallet-instance-attestation/index.js +3 -3
- package/lib/commonjs/wallet-instance-attestation/issuing.js +42 -60
- package/lib/commonjs/wallet-instance-attestation/issuing.js.map +1 -1
- package/lib/module/index.js +4 -6
- package/lib/module/index.js.map +1 -1
- package/lib/module/pid/index.js +1 -1
- package/lib/module/pid/index.js.map +1 -1
- package/lib/module/pid/issuing.js +152 -180
- package/lib/module/pid/issuing.js.map +1 -1
- package/lib/module/rp/__test__/index.test.js +3 -3
- package/lib/module/rp/__test__/index.test.js.map +1 -1
- package/lib/module/rp/index.js +141 -154
- package/lib/module/rp/index.js.map +1 -1
- package/lib/module/rp/types.js +0 -20
- package/lib/module/rp/types.js.map +1 -1
- package/lib/module/trust/index.js +19 -5
- package/lib/module/trust/index.js.map +1 -1
- package/lib/module/trust/types.js +100 -7
- package/lib/module/trust/types.js.map +1 -1
- package/lib/module/utils/crypto.js +40 -0
- package/lib/module/utils/crypto.js.map +1 -0
- package/lib/module/utils/dpop.js +13 -5
- package/lib/module/utils/dpop.js.map +1 -1
- package/lib/module/wallet-instance-attestation/index.js +2 -2
- package/lib/module/wallet-instance-attestation/index.js.map +1 -1
- package/lib/module/wallet-instance-attestation/issuing.js +40 -58
- package/lib/module/wallet-instance-attestation/issuing.js.map +1 -1
- package/lib/typescript/index.d.ts +4 -6
- package/lib/typescript/index.d.ts.map +1 -1
- package/lib/typescript/pid/index.d.ts +1 -1
- package/lib/typescript/pid/index.d.ts.map +1 -1
- package/lib/typescript/pid/issuing.d.ts +43 -88
- package/lib/typescript/pid/issuing.d.ts.map +1 -1
- package/lib/typescript/rp/index.d.ts +41 -87
- package/lib/typescript/rp/index.d.ts.map +1 -1
- package/lib/typescript/rp/types.d.ts +10 -906
- package/lib/typescript/rp/types.d.ts.map +1 -1
- package/lib/typescript/sd-jwt/index.d.ts +1 -1
- package/lib/typescript/sd-jwt/index.d.ts.map +1 -1
- package/lib/typescript/trust/index.d.ts +806 -3
- package/lib/typescript/trust/index.d.ts.map +1 -1
- package/lib/typescript/trust/types.d.ts +9655 -297
- package/lib/typescript/trust/types.d.ts.map +1 -1
- package/lib/typescript/utils/crypto.d.ts +10 -0
- package/lib/typescript/utils/crypto.d.ts.map +1 -0
- package/lib/typescript/utils/dpop.d.ts +10 -2
- package/lib/typescript/utils/dpop.d.ts.map +1 -1
- package/lib/typescript/wallet-instance-attestation/index.d.ts +2 -2
- package/lib/typescript/wallet-instance-attestation/index.d.ts.map +1 -1
- package/lib/typescript/wallet-instance-attestation/issuing.d.ts +18 -31
- package/lib/typescript/wallet-instance-attestation/issuing.d.ts.map +1 -1
- package/lib/typescript/wallet-instance-attestation/types.d.ts +4 -4
- package/package.json +2 -2
- package/src/index.ts +14 -13
- package/src/pid/index.ts +1 -1
- package/src/pid/issuing.ts +233 -232
- package/src/rp/__test__/index.test.ts +3 -3
- package/src/rp/index.ts +172 -194
- package/src/rp/types.ts +0 -24
- package/src/sd-jwt/index.ts +1 -1
- package/src/trust/index.ts +106 -5
- package/src/trust/types.ts +152 -34
- package/src/utils/crypto.ts +41 -0
- package/src/utils/dpop.ts +17 -7
- package/src/wallet-instance-attestation/index.ts +2 -2
- package/src/wallet-instance-attestation/issuing.ts +51 -63
- package/lib/commonjs/pid/metadata.js +0 -49
- package/lib/commonjs/pid/metadata.js.map +0 -1
- package/lib/module/pid/metadata.js +0 -41
- package/lib/module/pid/metadata.js.map +0 -1
- package/lib/typescript/pid/metadata.d.ts +0 -482
- package/lib/typescript/pid/metadata.d.ts.map +0 -1
- package/src/pid/metadata.ts +0 -46
package/lib/commonjs/rp/index.js
CHANGED
|
@@ -3,88 +3,82 @@
|
|
|
3
3
|
Object.defineProperty(exports, "__esModule", {
|
|
4
4
|
value: true
|
|
5
5
|
});
|
|
6
|
-
exports.
|
|
6
|
+
exports.sendAuthorizationResponse = exports.getRequestObject = exports.decodeAuthRequestQR = void 0;
|
|
7
7
|
var _errors = require("../utils/errors");
|
|
8
8
|
var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
|
|
9
9
|
var _types = require("./types");
|
|
10
10
|
var _reactNativeUuid = _interopRequireDefault(require("react-native-uuid"));
|
|
11
11
|
var _sdJwt = require("../sd-jwt");
|
|
12
|
-
var
|
|
12
|
+
var _dpop = require("../utils/dpop");
|
|
13
|
+
var WalletInstanceAttestation = _interopRequireWildcard(require("../wallet-instance-attestation"));
|
|
14
|
+
function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
|
|
15
|
+
function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
|
|
13
16
|
function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
17
|
+
/**
|
|
18
|
+
* Select a RSA public key from those provided by the RP to encrypt.
|
|
19
|
+
*
|
|
20
|
+
* @param entity The RP entity configuration
|
|
21
|
+
* @returns A suitable public key with its compatible encryption algorithm
|
|
22
|
+
* @throws {NoSuitableKeysFoundInEntityConfiguration} If entity do not contain any public key suitable for encrypting
|
|
23
|
+
*/
|
|
24
|
+
const chooseRSAPublicKeyToEncrypt = entity => {
|
|
25
|
+
const [usingRsa256] = entity.payload.metadata.wallet_relying_party.jwks.filter(jwk => jwk.use === "enc" && jwk.kty === "RSA");
|
|
26
|
+
if (usingRsa256) {
|
|
27
|
+
return usingRsa256;
|
|
20
28
|
}
|
|
21
29
|
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
30
|
+
// No suitable key has been found
|
|
31
|
+
throw new _errors.NoSuitableKeysFoundInEntityConfiguration("Encrypt with RP public key");
|
|
32
|
+
};
|
|
33
|
+
|
|
34
|
+
/**
|
|
35
|
+
* Decode a QR code content to an authentication request url.
|
|
36
|
+
* @function
|
|
37
|
+
* @param qrcode QR code content
|
|
38
|
+
*
|
|
39
|
+
* @returns The authentication request url
|
|
40
|
+
*
|
|
41
|
+
*/
|
|
42
|
+
const decodeAuthRequestQR = qrcode => {
|
|
43
|
+
const decoded = (0, _ioReactNativeJwt.decodeBase64)(qrcode);
|
|
44
|
+
const decodedUrl = new URL(decoded);
|
|
45
|
+
const protocol = decodedUrl.protocol;
|
|
46
|
+
const resource = decodedUrl.hostname;
|
|
47
|
+
const requestURI = decodedUrl.searchParams.get("request_uri");
|
|
48
|
+
const clientId = decodedUrl.searchParams.get("client_id");
|
|
49
|
+
const result = _types.QRCodePayload.safeParse({
|
|
50
|
+
protocol,
|
|
51
|
+
resource,
|
|
52
|
+
requestURI,
|
|
53
|
+
clientId
|
|
54
|
+
});
|
|
55
|
+
if (result.success) {
|
|
56
|
+
return result.data;
|
|
57
|
+
} else {
|
|
58
|
+
throw new _errors.AuthRequestDecodeError(result.error.message, `${decodedUrl}`);
|
|
48
59
|
}
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
60
|
+
};
|
|
61
|
+
exports.decodeAuthRequestQR = decodeAuthRequestQR;
|
|
62
|
+
/**
|
|
63
|
+
* Obtain the Request Object for RP authentication
|
|
64
|
+
* @see https://italia.github.io/eudi-wallet-it-docs/versione-corrente/en/relying-party-solution.html
|
|
65
|
+
*/
|
|
66
|
+
const getRequestObject = _ref => {
|
|
67
|
+
let {
|
|
68
|
+
wiaCryptoContext,
|
|
69
|
+
appFetch = fetch
|
|
70
|
+
} = _ref;
|
|
71
|
+
return async (walletInstanceAttestation, requestUri, rpEntityConfiguration) => {
|
|
72
|
+
const signedWalletInstanceDPoP = await (0, _dpop.createDPopToken)({
|
|
61
73
|
jti: `${_reactNativeUuid.default.v4()}`,
|
|
62
74
|
htm: "GET",
|
|
63
|
-
htu:
|
|
64
|
-
ath: await (0, _ioReactNativeJwt.sha256ToBase64)(
|
|
65
|
-
})
|
|
66
|
-
|
|
67
|
-
jwk: walletInstanceAttestationJwk,
|
|
68
|
-
typ: "dpop+jwt"
|
|
69
|
-
}).setIssuedAt().setExpirationTime("1h").toSign();
|
|
70
|
-
}
|
|
71
|
-
|
|
72
|
-
/**
|
|
73
|
-
* Obtain the Request Object for RP authentication
|
|
74
|
-
* @see https://italia.github.io/eudi-wallet-it-docs/versione-corrente/en/relying-party-solution.html
|
|
75
|
-
*
|
|
76
|
-
* @async @function
|
|
77
|
-
* @param signedWalletInstanceDPoP JWT of the Wallet Instance Attestation DPoP
|
|
78
|
-
*
|
|
79
|
-
* @returns The Request Object JWT
|
|
80
|
-
* @throws {NoSuitableKeysFoundInEntityConfiguration} When the Request Object is signed with a key not listed in RP's entity configuration
|
|
81
|
-
*
|
|
82
|
-
*/
|
|
83
|
-
async getRequestObject(signedWalletInstanceDPoP, requestUri, entity) {
|
|
84
|
-
const response = await this.appFetch(requestUri, {
|
|
75
|
+
htu: requestUri,
|
|
76
|
+
ath: await (0, _ioReactNativeJwt.sha256ToBase64)(walletInstanceAttestation)
|
|
77
|
+
}, wiaCryptoContext);
|
|
78
|
+
const response = await appFetch(requestUri, {
|
|
85
79
|
method: "GET",
|
|
86
80
|
headers: {
|
|
87
|
-
Authorization: `DPoP ${
|
|
81
|
+
Authorization: `DPoP ${walletInstanceAttestation}`,
|
|
88
82
|
DPoP: signedWalletInstanceDPoP
|
|
89
83
|
}
|
|
90
84
|
});
|
|
@@ -96,10 +90,10 @@ class RelyingPartySolution {
|
|
|
96
90
|
// verify token signature according to RP's entity configuration
|
|
97
91
|
// to ensure the request object is authentic
|
|
98
92
|
{
|
|
99
|
-
const pubKey =
|
|
93
|
+
const pubKey = rpEntityConfiguration.payload.metadata.wallet_relying_party.jwks.find(_ref2 => {
|
|
100
94
|
let {
|
|
101
95
|
kid
|
|
102
|
-
} =
|
|
96
|
+
} = _ref2;
|
|
103
97
|
return kid === responseJwt.protectedHeader.kid;
|
|
104
98
|
});
|
|
105
99
|
if (!pubKey) {
|
|
@@ -109,55 +103,64 @@ class RelyingPartySolution {
|
|
|
109
103
|
}
|
|
110
104
|
|
|
111
105
|
// parse request object it has the expected shape by specification
|
|
112
|
-
const
|
|
106
|
+
const requestObject = _types.RequestObject.parse({
|
|
113
107
|
header: responseJwt.protectedHeader,
|
|
114
108
|
payload: responseJwt.payload
|
|
115
109
|
});
|
|
116
|
-
return
|
|
110
|
+
return {
|
|
111
|
+
requestObject,
|
|
112
|
+
rpEntityConfiguration,
|
|
113
|
+
walletInstanceAttestation
|
|
114
|
+
};
|
|
117
115
|
}
|
|
118
|
-
throw new _errors.IoWalletError(`Unable to obtain Request Object. Response code: ${response.status}
|
|
119
|
-
|
|
116
|
+
throw new _errors.IoWalletError(`Unable to obtain Request Object. Response code: ${response.status}
|
|
117
|
+
${await response.text()}`);
|
|
118
|
+
};
|
|
119
|
+
};
|
|
120
120
|
|
|
121
|
-
|
|
122
|
-
|
|
123
|
-
|
|
124
|
-
|
|
125
|
-
|
|
126
|
-
|
|
127
|
-
|
|
128
|
-
|
|
129
|
-
|
|
130
|
-
|
|
131
|
-
|
|
132
|
-
|
|
133
|
-
|
|
134
|
-
|
|
135
|
-
|
|
136
|
-
|
|
137
|
-
|
|
138
|
-
|
|
139
|
-
// TODO: [SIW-353] support multiple presentations,
|
|
140
|
-
signKeyId) {
|
|
141
|
-
let [vc, claims] = _ref2;
|
|
121
|
+
/**
|
|
122
|
+
* Prepare the Verified Presentation token for a received request object in the context of an authorization request flow.
|
|
123
|
+
* The presentation is prepared by disclosing data from provided credentials, according to requested claims
|
|
124
|
+
* Each Verified Credential come along with the claims the user accepts to disclose from it.
|
|
125
|
+
*
|
|
126
|
+
* @todo accept more than a Verified Credential
|
|
127
|
+
*/
|
|
128
|
+
exports.getRequestObject = getRequestObject;
|
|
129
|
+
const prepareVpToken = _ref3 => {
|
|
130
|
+
let {
|
|
131
|
+
pidCryptoContext
|
|
132
|
+
} = _ref3;
|
|
133
|
+
return async (_ref4, _ref5) => {
|
|
134
|
+
let {
|
|
135
|
+
requestObject,
|
|
136
|
+
walletInstanceAttestation
|
|
137
|
+
} = _ref4;
|
|
138
|
+
let [vc, claims] = _ref5;
|
|
142
139
|
// this throws if vc cannot satisfy all the requested claims
|
|
143
140
|
const {
|
|
144
141
|
token: vp,
|
|
145
142
|
paths
|
|
146
143
|
} = await (0, _sdJwt.disclose)(vc, claims);
|
|
147
144
|
|
|
148
|
-
//
|
|
145
|
+
// obtain issuer from Wallet Instance
|
|
146
|
+
const {
|
|
147
|
+
payload: {
|
|
148
|
+
iss
|
|
149
|
+
}
|
|
150
|
+
} = WalletInstanceAttestation.decode(walletInstanceAttestation);
|
|
151
|
+
const pidKid = await pidCryptoContext.getPublicKey().then(_ => _.kid);
|
|
149
152
|
|
|
150
|
-
|
|
153
|
+
// TODO: [SIW-359] check all requeste claims of the requestedObj are satisfied
|
|
154
|
+
const vp_token = await new _ioReactNativeJwt.SignJWT(pidCryptoContext).setProtectedHeader({
|
|
155
|
+
typ: "JWT",
|
|
156
|
+
kid: pidKid
|
|
157
|
+
}).setPayload({
|
|
151
158
|
vp: vp,
|
|
152
159
|
jti: `${_reactNativeUuid.default.v4()}`,
|
|
153
|
-
iss
|
|
154
|
-
nonce:
|
|
155
|
-
}).setAudience(
|
|
156
|
-
|
|
157
|
-
alg: "ES256",
|
|
158
|
-
kid: signKeyId
|
|
159
|
-
}).toSign();
|
|
160
|
-
const vc_scope = requestObj.payload.scope;
|
|
160
|
+
iss,
|
|
161
|
+
nonce: requestObject.payload.nonce
|
|
162
|
+
}).setAudience(requestObject.payload.response_uri).setIssuedAt().setExpirationTime("1h").sign();
|
|
163
|
+
const vc_scope = requestObject.payload.scope;
|
|
161
164
|
const presentation_submission = {
|
|
162
165
|
definition_id: `${_reactNativeUuid.default.v4()}`,
|
|
163
166
|
id: `${_reactNativeUuid.default.v4()}`,
|
|
@@ -171,30 +174,43 @@ class RelyingPartySolution {
|
|
|
171
174
|
vp_token,
|
|
172
175
|
presentation_submission
|
|
173
176
|
};
|
|
174
|
-
}
|
|
177
|
+
};
|
|
178
|
+
};
|
|
175
179
|
|
|
176
|
-
|
|
177
|
-
|
|
178
|
-
|
|
179
|
-
|
|
180
|
-
|
|
181
|
-
|
|
182
|
-
|
|
183
|
-
|
|
184
|
-
|
|
185
|
-
|
|
186
|
-
|
|
187
|
-
|
|
188
|
-
|
|
189
|
-
|
|
190
|
-
|
|
180
|
+
/**
|
|
181
|
+
* Compose and send an Authorization Response in the context of an authorization request flow.
|
|
182
|
+
*
|
|
183
|
+
* @todo MUST add presentation_submission
|
|
184
|
+
*
|
|
185
|
+
*/
|
|
186
|
+
const sendAuthorizationResponse = _ref6 => {
|
|
187
|
+
let {
|
|
188
|
+
pidCryptoContext,
|
|
189
|
+
appFetch = fetch
|
|
190
|
+
} = _ref6;
|
|
191
|
+
return async (_ref7, presentation) => {
|
|
192
|
+
let {
|
|
193
|
+
requestObject,
|
|
194
|
+
rpEntityConfiguration,
|
|
195
|
+
walletInstanceAttestation
|
|
196
|
+
} = _ref7;
|
|
191
197
|
// the request is an unsigned jws without iss, aud, exp
|
|
192
198
|
// https://openid.net/specs/openid-4-verifiable-presentations-1_0.html#name-signed-and-encrypted-respon
|
|
193
|
-
const jwk =
|
|
199
|
+
const jwk = chooseRSAPublicKeyToEncrypt(rpEntityConfiguration);
|
|
200
|
+
const {
|
|
201
|
+
vp_token,
|
|
202
|
+
presentation_submission
|
|
203
|
+
} = await prepareVpToken({
|
|
204
|
+
pidCryptoContext
|
|
205
|
+
})({
|
|
206
|
+
requestObject,
|
|
207
|
+
rpEntityConfiguration,
|
|
208
|
+
walletInstanceAttestation
|
|
209
|
+
}, presentation);
|
|
194
210
|
const authzResponsePayload = JSON.stringify({
|
|
195
|
-
state:
|
|
211
|
+
state: requestObject.payload.state,
|
|
196
212
|
presentation_submission,
|
|
197
|
-
nonce:
|
|
213
|
+
nonce: requestObject.payload.nonce,
|
|
198
214
|
vp_token
|
|
199
215
|
});
|
|
200
216
|
const encrypted = await new _ioReactNativeJwt.EncryptJwe(authzResponsePayload, {
|
|
@@ -206,7 +222,7 @@ class RelyingPartySolution {
|
|
|
206
222
|
response: encrypted
|
|
207
223
|
});
|
|
208
224
|
const body = formBody.toString();
|
|
209
|
-
const response = await
|
|
225
|
+
const response = await appFetch(requestObject.payload.response_uri, {
|
|
210
226
|
method: "POST",
|
|
211
227
|
headers: {
|
|
212
228
|
"Content-Type": "application/x-www-form-urlencoded"
|
|
@@ -217,33 +233,7 @@ class RelyingPartySolution {
|
|
|
217
233
|
return await response.json();
|
|
218
234
|
}
|
|
219
235
|
throw new _errors.IoWalletError(`Unable to send Authorization Response. Response: ${await response.text()} with code: ${response.status}`);
|
|
220
|
-
}
|
|
221
|
-
|
|
222
|
-
|
|
223
|
-
* Select a RSA public key from those provided by the RP to encrypt.
|
|
224
|
-
*
|
|
225
|
-
* @param entity The RP entity configuration
|
|
226
|
-
* @returns A suitable public key with its compatible encryption algorithm
|
|
227
|
-
* @throws {NoSuitableKeysFoundInEntityConfiguration} If entity do not contain any public key suitable for encrypting
|
|
228
|
-
*/
|
|
229
|
-
chooseRSAPublicKeyToEncrypt(entity) {
|
|
230
|
-
const [usingRsa256] = entity.payload.metadata.wallet_relying_party.jwks.filter(jwk => jwk.use === "enc" && jwk.kty === "RSA");
|
|
231
|
-
if (usingRsa256) {
|
|
232
|
-
return usingRsa256;
|
|
233
|
-
}
|
|
234
|
-
|
|
235
|
-
// No suitable key has been found
|
|
236
|
-
throw new _errors.NoSuitableKeysFoundInEntityConfiguration("Encrypt with RP public key");
|
|
237
|
-
}
|
|
238
|
-
|
|
239
|
-
/**
|
|
240
|
-
* Obtain the relying party entity configuration.
|
|
241
|
-
*/
|
|
242
|
-
async getEntityConfiguration() {
|
|
243
|
-
return (0, _trust.getEntityConfiguration)(this.relyingPartyBaseUrl, {
|
|
244
|
-
appFetch: this.appFetch
|
|
245
|
-
}).then(_types.RpEntityConfiguration.parse);
|
|
246
|
-
}
|
|
247
|
-
}
|
|
248
|
-
exports.RelyingPartySolution = RelyingPartySolution;
|
|
236
|
+
};
|
|
237
|
+
};
|
|
238
|
+
exports.sendAuthorizationResponse = sendAuthorizationResponse;
|
|
249
239
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_errors","require","_ioReactNativeJwt","_types","_reactNativeUuid","_interopRequireDefault","_sdJwt","
|
|
1
|
+
{"version":3,"names":["_errors","require","_ioReactNativeJwt","_types","_reactNativeUuid","_interopRequireDefault","_sdJwt","_dpop","WalletInstanceAttestation","_interopRequireWildcard","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","chooseRSAPublicKeyToEncrypt","entity","usingRsa256","payload","metadata","wallet_relying_party","jwks","filter","jwk","use","kty","NoSuitableKeysFoundInEntityConfiguration","decodeAuthRequestQR","qrcode","decoded","decodeBase64","decodedUrl","URL","protocol","resource","hostname","requestURI","searchParams","clientId","result","QRCodePayload","safeParse","success","data","AuthRequestDecodeError","error","message","exports","getRequestObject","_ref","wiaCryptoContext","appFetch","fetch","walletInstanceAttestation","requestUri","rpEntityConfiguration","signedWalletInstanceDPoP","createDPopToken","jti","uuid","v4","htm","htu","ath","sha256ToBase64","response","method","headers","Authorization","DPoP","status","responseJson","json","responseEncodedJwt","responseJwt","decodeJwt","pubKey","find","_ref2","kid","protectedHeader","verify","requestObject","RequestObject","parse","header","IoWalletError","text","prepareVpToken","_ref3","pidCryptoContext","_ref4","_ref5","vc","claims","token","vp","paths","disclose","iss","decode","pidKid","getPublicKey","then","_","vp_token","SignJWT","setProtectedHeader","typ","setPayload","nonce","setAudience","response_uri","setIssuedAt","setExpirationTime","sign","vc_scope","scope","presentation_submission","definition_id","id","descriptor_map","map","p","path","format","sendAuthorizationResponse","_ref6","_ref7","presentation","authzResponsePayload","JSON","stringify","state","encrypted","EncryptJwe","alg","enc","encrypt","formBody","URLSearchParams","body","toString"],"sourceRoot":"../../../src","sources":["rp/index.ts"],"mappings":";;;;;;AAAA,IAAAA,OAAA,GAAAC,OAAA;AAKA,IAAAC,iBAAA,GAAAD,OAAA;AASA,IAAAE,MAAA,GAAAF,OAAA;AAEA,IAAAG,gBAAA,GAAAC,sBAAA,CAAAJ,OAAA;AAEA,IAAAK,MAAA,GAAAL,OAAA;AACA,IAAAM,KAAA,GAAAN,OAAA;AAEA,IAAAO,yBAAA,GAAAC,uBAAA,CAAAR,OAAA;AAA4E,SAAAS,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAF,wBAAAM,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAAA,SAAAhB,uBAAAU,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAE5E;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMiB,2BAA2B,GAC/BC,MAAuC,IAC/B;EACR,MAAM,CAACC,WAAW,CAAC,GACjBD,MAAM,CAACE,OAAO,CAACC,QAAQ,CAACC,oBAAoB,CAACC,IAAI,CAACC,MAAM,CACrDC,GAAG,IAAKA,GAAG,CAACC,GAAG,KAAK,KAAK,IAAID,GAAG,CAACE,GAAG,KAAK,KAC5C,CAAC;EAEH,IAAIR,WAAW,EAAE;IACf,OAAOA,WAAW;EACpB;;EAEA;EACA,MAAM,IAAIS,gDAAwC,CAChD,4BACF,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMC,mBAAmB,GAAIC,MAAc,IAAoB;EACpE,MAAMC,OAAO,GAAG,IAAAC,8BAAY,EAACF,MAAM,CAAC;EACpC,MAAMG,UAAU,GAAG,IAAIC,GAAG,CAACH,OAAO,CAAC;EACnC,MAAMI,QAAQ,GAAGF,UAAU,CAACE,QAAQ;EACpC,MAAMC,QAAQ,GAAGH,UAAU,CAACI,QAAQ;EACpC,MAAMC,UAAU,GAAGL,UAAU,CAACM,YAAY,CAAClC,GAAG,CAAC,aAAa,CAAC;EAC7D,MAAMmC,QAAQ,GAAGP,UAAU,CAACM,YAAY,CAAClC,GAAG,CAAC,WAAW,CAAC;EAEzD,MAAMoC,MAAM,GAAGC,oBAAa,CAACC,SAAS,CAAC;IACrCR,QAAQ;IACRC,QAAQ;IACRE,UAAU;IACVE;EACF,CAAC,CAAC;EAEF,IAAIC,MAAM,CAACG,OAAO,EAAE;IAClB,OAAOH,MAAM,CAACI,IAAI;EACpB,CAAC,MAAM;IACL,MAAM,IAAIC,8BAAsB,CAACL,MAAM,CAACM,KAAK,CAACC,OAAO,EAAG,GAAEf,UAAW,EAAC,CAAC;EACzE;AACF,CAAC;AAACgB,OAAA,CAAApB,mBAAA,GAAAA,mBAAA;AAQF;AACA;AACA;AACA;AACO,MAAMqB,gBAAgB,GAC3BC,IAAA;EAAA,IAAC;IACCC,gBAAgB;IAChBC,QAAQ,GAAGC;EAIb,CAAC,GAAAH,IAAA;EAAA,OACD,OACEI,yBAAiC,EACjCC,UAAkB,EAClBC,qBAAsD,KACvB;IAC/B,MAAMC,wBAAwB,GAAG,MAAM,IAAAC,qBAAe,EACpD;MACEC,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;MACnBC,GAAG,EAAE,KAAK;MACVC,GAAG,EAAER,UAAU;MACfS,GAAG,EAAE,MAAM,IAAAC,gCAAc,EAACX,yBAAyB;IACrD,CAAC,EACDH,gBACF,CAAC;IAED,MAAMe,QAAQ,GAAG,MAAMd,QAAQ,CAACG,UAAU,EAAE;MAC1CY,MAAM,EAAE,KAAK;MACbC,OAAO,EAAE;QACPC,aAAa,EAAG,QAAOf,yBAA0B,EAAC;QAClDgB,IAAI,EAAEb;MACR;IACF,CAAC,CAAC;IAEF,IAAIS,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAMC,YAAY,GAAG,MAAMN,QAAQ,CAACO,IAAI,CAAC,CAAC;MAC1C,MAAMC,kBAAkB,GAAGF,YAAY,CAACN,QAAQ;MAEhD,MAAMS,WAAW,GAAG,IAAAC,wBAAS,EAACF,kBAAkB,CAAC;;MAEjD;MACA;MACA;QACE,MAAMG,MAAM,GACVrB,qBAAqB,CAACrC,OAAO,CAACC,QAAQ,CAACC,oBAAoB,CAACC,IAAI,CAACwD,IAAI,CACnEC,KAAA;UAAA,IAAC;YAAEC;UAAI,CAAC,GAAAD,KAAA;UAAA,OAAKC,GAAG,KAAKL,WAAW,CAACM,eAAe,CAACD,GAAG;QAAA,CACtD,CAAC;QACH,IAAI,CAACH,MAAM,EAAE;UACX,MAAM,IAAIlD,gDAAwC,CAChD,uCACF,CAAC;QACH;QACA,MAAM,IAAAuD,wBAAM,EAACR,kBAAkB,EAAEG,MAAM,CAAC;MAC1C;;MAEA;MACA,MAAMM,aAAa,GAAGC,oBAAa,CAACC,KAAK,CAAC;QACxCC,MAAM,EAAEX,WAAW,CAACM,eAAe;QACnC9D,OAAO,EAAEwD,WAAW,CAACxD;MACvB,CAAC,CAAC;MAEF,OAAO;QACLgE,aAAa;QACb3B,qBAAqB;QACrBF;MACF,CAAC;IACH;IAEA,MAAM,IAAIiC,qBAAa,CACpB,mDAAkDrB,QAAQ,CAACK,MAAO;AACzE,QAAQ,MAAML,QAAQ,CAACsB,IAAI,CAAC,CAAE,EAC1B,CAAC;EACH,CAAC;AAAA;;AAEH;AACA;AACA;AACA;AACA;AACA;AACA;AANAxC,OAAA,CAAAC,gBAAA,GAAAA,gBAAA;AAOA,MAAMwC,cAAc,GAClBC,KAAA;EAAA,IAAC;IAAEC;EAAsD,CAAC,GAAAD,KAAA;EAAA,OAC1D,OAAAE,KAAA,EAAAC,KAAA,KAMM;IAAA,IALJ;MAAEV,aAAa;MAAE7B;IAA6C,CAAC,GAAAsC,KAAA;IAAA,IAC/D,CAACE,EAAE,EAAEC,MAAM,CAAe,GAAAF,KAAA;IAK1B;IACA,MAAM;MAAEG,KAAK,EAAEC,EAAE;MAAEC;IAAM,CAAC,GAAG,MAAM,IAAAC,eAAQ,EAACL,EAAE,EAAEC,MAAM,CAAC;;IAEvD;IACA,MAAM;MACJ5E,OAAO,EAAE;QAAEiF;MAAI;IACjB,CAAC,GAAG5G,yBAAyB,CAAC6G,MAAM,CAAC/C,yBAAyB,CAAC;IAE/D,MAAMgD,MAAM,GAAG,MAAMX,gBAAgB,CAACY,YAAY,CAAC,CAAC,CAACC,IAAI,CAAEC,CAAC,IAAKA,CAAC,CAACzB,GAAG,CAAC;;IAEvE;IACA,MAAM0B,QAAQ,GAAG,MAAM,IAAIC,yBAAO,CAAChB,gBAAgB,CAAC,CACjDiB,kBAAkB,CAAC;MAClBC,GAAG,EAAE,KAAK;MACV7B,GAAG,EAAEsB;IACP,CAAC,CAAC,CACDQ,UAAU,CAAC;MACVb,EAAE,EAAEA,EAAE;MACNtC,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;MACnBuC,GAAG;MACHW,KAAK,EAAE5B,aAAa,CAAChE,OAAO,CAAC4F;IAC/B,CAAC,CAAC,CACDC,WAAW,CAAC7B,aAAa,CAAChE,OAAO,CAAC8F,YAAY,CAAC,CAC/CC,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,IAAI,CAAC,CAAC;IAET,MAAMC,QAAQ,GAAGlC,aAAa,CAAChE,OAAO,CAACmG,KAAK;IAC5C,MAAMC,uBAAuB,GAAG;MAC9BC,aAAa,EAAG,GAAE5D,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;MAC7B4D,EAAE,EAAG,GAAE7D,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;MAClB6D,cAAc,EAAExB,KAAK,CAACyB,GAAG,CAAEC,CAAC,KAAM;QAChCH,EAAE,EAAEJ,QAAQ;QACZQ,IAAI,EAAG,cAAaD,CAAC,CAACC,IAAK,EAAC;QAC5BC,MAAM,EAAE;MACV,CAAC,CAAC;IACJ,CAAC;IAED,OAAO;MAAEpB,QAAQ;MAAEa;IAAwB,CAAC;EAC9C,CAAC;AAAA;;AAEH;AACA;AACA;AACA;AACA;AACA;AACO,MAAMQ,yBAAyB,GACpCC,KAAA;EAAA,IAAC;IACCrC,gBAAgB;IAChBvC,QAAQ,GAAGC;EAIb,CAAC,GAAA2E,KAAA;EAAA,OACD,OAAAC,KAAA,EAMEC,YAA0B,KACN;IAAA,IANpB;MACE/C,aAAa;MACb3B,qBAAqB;MACrBF;IACiB,CAAC,GAAA2E,KAAA;IAGpB;IACA;IACA,MAAMzG,GAAG,GAAGR,2BAA2B,CAACwC,qBAAqB,CAAC;IAE9D,MAAM;MAAEkD,QAAQ;MAAEa;IAAwB,CAAC,GAAG,MAAM9B,cAAc,CAAC;MACjEE;IACF,CAAC,CAAC,CACA;MACER,aAAa;MACb3B,qBAAqB;MACrBF;IACF,CAAC,EACD4E,YACF,CAAC;IAED,MAAMC,oBAAoB,GAAGC,IAAI,CAACC,SAAS,CAAC;MAC1CC,KAAK,EAAEnD,aAAa,CAAChE,OAAO,CAACmH,KAAK;MAClCf,uBAAuB;MACvBR,KAAK,EAAE5B,aAAa,CAAChE,OAAO,CAAC4F,KAAK;MAClCL;IACF,CAAC,CAAC;IAEF,MAAM6B,SAAS,GAAG,MAAM,IAAIC,4BAAU,CAACL,oBAAoB,EAAE;MAC3DM,GAAG,EAAE,cAAc;MACnBC,GAAG,EAAE,eAAe;MACpB1D,GAAG,EAAExD,GAAG,CAACwD;IACX,CAAC,CAAC,CAAC2D,OAAO,CAACnH,GAAG,CAAC;IAEf,MAAMoH,QAAQ,GAAG,IAAIC,eAAe,CAAC;MAAE3E,QAAQ,EAAEqE;IAAU,CAAC,CAAC;IAC7D,MAAMO,IAAI,GAAGF,QAAQ,CAACG,QAAQ,CAAC,CAAC;IAEhC,MAAM7E,QAAQ,GAAG,MAAMd,QAAQ,CAAC+B,aAAa,CAAChE,OAAO,CAAC8F,YAAY,EAAE;MAClE9C,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE;MAClB,CAAC;MACD0E;IACF,CAAC,CAAC;IAEF,IAAI5E,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,OAAO,MAAML,QAAQ,CAACO,IAAI,CAAC,CAAC;IAC9B;IAEA,MAAM,IAAIc,qBAAa,CACpB,oDAAmD,MAAMrB,QAAQ,CAACsB,IAAI,CAAC,CAAE,eACxEtB,QAAQ,CAACK,MACV,EACH,CAAC;EACH,CAAC;AAAA;AAACvB,OAAA,CAAA+E,yBAAA,GAAAA,yBAAA"}
|
package/lib/commonjs/rp/types.js
CHANGED
|
@@ -3,11 +3,9 @@
|
|
|
3
3
|
Object.defineProperty(exports, "__esModule", {
|
|
4
4
|
value: true
|
|
5
5
|
});
|
|
6
|
-
exports.
|
|
7
|
-
var _jwk = require("../utils/jwk");
|
|
6
|
+
exports.RequestObject = exports.QRCodePayload = void 0;
|
|
8
7
|
var _types = require("../sd-jwt/types");
|
|
9
8
|
var z = _interopRequireWildcard(require("zod"));
|
|
10
|
-
var _types2 = require("../trust/types");
|
|
11
9
|
function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
|
|
12
10
|
function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
|
|
13
11
|
const RequestObject = z.object({
|
|
@@ -32,25 +30,7 @@ const RequestObject = z.object({
|
|
|
32
30
|
scope: z.string()
|
|
33
31
|
})
|
|
34
32
|
});
|
|
35
|
-
|
|
36
|
-
/**
|
|
37
|
-
* EntityConfiguration plus the metadata specific for a Relying Party entity.
|
|
38
|
-
*/
|
|
39
33
|
exports.RequestObject = RequestObject;
|
|
40
|
-
const RpEntityConfiguration = _types2.EntityConfiguration.and(z.object({
|
|
41
|
-
payload: z.object({
|
|
42
|
-
metadata: z.object({
|
|
43
|
-
wallet_relying_party: z.object({
|
|
44
|
-
application_type: z.string().optional(),
|
|
45
|
-
client_id: z.string().optional(),
|
|
46
|
-
client_name: z.string().optional(),
|
|
47
|
-
jwks: z.array(_jwk.JWK),
|
|
48
|
-
contacts: z.array(z.string()).optional()
|
|
49
|
-
}).passthrough()
|
|
50
|
-
})
|
|
51
|
-
})
|
|
52
|
-
}));
|
|
53
|
-
exports.RpEntityConfiguration = RpEntityConfiguration;
|
|
54
34
|
const QRCodePayload = z.object({
|
|
55
35
|
protocol: z.string(),
|
|
56
36
|
resource: z.string(),
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["
|
|
1
|
+
{"version":3,"names":["_types","require","z","_interopRequireWildcard","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","RequestObject","object","header","typ","literal","optional","alg","string","kid","trust_chain","array","payload","iss","iat","UnixTime","exp","state","nonce","response_uri","response_type","response_mode","client_id","client_id_scheme","scope","exports","QRCodePayload","protocol","resource","clientId","requestURI"],"sourceRoot":"../../../src","sources":["rp/types.ts"],"mappings":";;;;;;AAAA,IAAAA,MAAA,GAAAC,OAAA;AACA,IAAAC,CAAA,GAAAC,uBAAA,CAAAF,OAAA;AAAyB,SAAAG,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAF,wBAAAM,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAGlB,MAAMW,aAAa,GAAGxB,CAAC,CAACyB,MAAM,CAAC;EACpCC,MAAM,EAAE1B,CAAC,CAACyB,MAAM,CAAC;IACf;IACAE,GAAG,EAAE3B,CAAC,CAAC4B,OAAO,CAAC,KAAK,CAAC,CAACC,QAAQ,CAAC,CAAC;IAChCC,GAAG,EAAE9B,CAAC,CAAC+B,MAAM,CAAC,CAAC;IACfC,GAAG,EAAEhC,CAAC,CAAC+B,MAAM,CAAC,CAAC;IACfE,WAAW,EAAEjC,CAAC,CAACkC,KAAK,CAAClC,CAAC,CAAC+B,MAAM,CAAC,CAAC;EACjC,CAAC,CAAC;EACFI,OAAO,EAAEnC,CAAC,CAACyB,MAAM,CAAC;IAChBW,GAAG,EAAEpC,CAAC,CAAC+B,MAAM,CAAC,CAAC;IACfM,GAAG,EAAEC,eAAQ;IACbC,GAAG,EAAED,eAAQ;IACbE,KAAK,EAAExC,CAAC,CAAC+B,MAAM,CAAC,CAAC;IACjBU,KAAK,EAAEzC,CAAC,CAAC+B,MAAM,CAAC,CAAC;IACjBW,YAAY,EAAE1C,CAAC,CAAC+B,MAAM,CAAC,CAAC;IACxBY,aAAa,EAAE3C,CAAC,CAAC4B,OAAO,CAAC,UAAU,CAAC;IACpCgB,aAAa,EAAE5C,CAAC,CAAC4B,OAAO,CAAC,iBAAiB,CAAC;IAC3CiB,SAAS,EAAE7C,CAAC,CAAC+B,MAAM,CAAC,CAAC;IACrBe,gBAAgB,EAAE9C,CAAC,CAAC4B,OAAO,CAAC,WAAW,CAAC;IACxCmB,KAAK,EAAE/C,CAAC,CAAC+B,MAAM,CAAC;EAClB,CAAC;AACH,CAAC,CAAC;AAACiB,OAAA,CAAAxB,aAAA,GAAAA,aAAA;AAGI,MAAMyB,aAAa,GAAGjD,CAAC,CAACyB,MAAM,CAAC;EACpCyB,QAAQ,EAAElD,CAAC,CAAC+B,MAAM,CAAC,CAAC;EACpBoB,QAAQ,EAAEnD,CAAC,CAAC+B,MAAM,CAAC,CAAC;EAAE;EACtBqB,QAAQ,EAAEpD,CAAC,CAAC+B,MAAM,CAAC,CAAC;EACpBsB,UAAU,EAAErD,CAAC,CAAC+B,MAAM,CAAC;AACvB,CAAC,CAAC;;AAEF;AACA;AACA;AAFAiB,OAAA,CAAAC,aAAA,GAAAA,aAAA"}
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
Object.defineProperty(exports, "__esModule", {
|
|
4
4
|
value: true
|
|
5
5
|
});
|
|
6
|
-
exports.getEntityConfiguration =
|
|
6
|
+
exports.getWalletProviderEntityConfiguration = exports.getTrustAnchorEntityConfiguration = exports.getRelyingPartyEntityConfiguration = exports.getEntityConfiguration = exports.getCredentialIssuerEntityConfiguration = void 0;
|
|
7
7
|
Object.defineProperty(exports, "verifyTrustChain", {
|
|
8
8
|
enumerable: true,
|
|
9
9
|
get: function () {
|
|
@@ -15,18 +15,27 @@ var _types = require("./types");
|
|
|
15
15
|
var _errors = require("../utils/errors");
|
|
16
16
|
var _chain = require("./chain");
|
|
17
17
|
/**
|
|
18
|
-
* Fetch and parse
|
|
18
|
+
* Fetch and parse the entity configuration document for a given federation entity.
|
|
19
|
+
* This is an inner method to serve public interfaces.
|
|
20
|
+
*
|
|
21
|
+
* To add another entity configuration type (example: Foo entity type):
|
|
22
|
+
* - create its zod schema and type by inherit from the base type (example: FooEntityConfiguration = BaseEntityConfiguration.and(...))
|
|
23
|
+
* - add such type to EntityConfiguration union
|
|
24
|
+
* - add an overload to this function
|
|
25
|
+
* - create a public function which use such type (example: getFooEntityConfiguration = (url, options) => Promise<FooEntityConfiguration>)
|
|
19
26
|
*
|
|
20
27
|
* @param entityBaseUrl The base url of the entity.
|
|
28
|
+
* @param schema The expected schema of the entity configuration, according to the kind of entity we are fetching from.
|
|
21
29
|
* @param options.appFetch An optional instance of the http client to be used.
|
|
22
30
|
* @returns The parsed entity configuration object
|
|
23
31
|
* @throws {IoWalletError} If the http request fails
|
|
24
32
|
* @throws Parse error if the document is not in the expected shape.
|
|
25
33
|
*/
|
|
26
|
-
|
|
34
|
+
|
|
35
|
+
async function fetchAndParseEntityConfiguration(entityBaseUrl, schema) {
|
|
27
36
|
let {
|
|
28
37
|
appFetch = fetch
|
|
29
|
-
} = arguments.length >
|
|
38
|
+
} = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : {};
|
|
30
39
|
const wellKnownUrl = `${entityBaseUrl}/.well-known/openid-federation`;
|
|
31
40
|
const response = await appFetch(wellKnownUrl, {
|
|
32
41
|
method: "GET"
|
|
@@ -34,11 +43,21 @@ async function getEntityConfiguration(entityBaseUrl) {
|
|
|
34
43
|
if (response.status === 200) {
|
|
35
44
|
const responseText = await response.text();
|
|
36
45
|
const responseJwt = (0, _ioReactNativeJwt.decode)(responseText);
|
|
37
|
-
return
|
|
46
|
+
return schema.parse({
|
|
38
47
|
header: responseJwt.protectedHeader,
|
|
39
48
|
payload: responseJwt.payload
|
|
40
49
|
});
|
|
41
50
|
}
|
|
42
51
|
throw new _errors.IoWalletError(`Unable to obtain Entity Configuration at ${wellKnownUrl}. Response code: ${response.status}`);
|
|
43
52
|
}
|
|
53
|
+
const getWalletProviderEntityConfiguration = (entityBaseUrl, options) => fetchAndParseEntityConfiguration(entityBaseUrl, _types.WalletProviderEntityConfiguration, options);
|
|
54
|
+
exports.getWalletProviderEntityConfiguration = getWalletProviderEntityConfiguration;
|
|
55
|
+
const getCredentialIssuerEntityConfiguration = (entityBaseUrl, options) => fetchAndParseEntityConfiguration(entityBaseUrl, _types.CredentialIssuerEntityConfiguration, options);
|
|
56
|
+
exports.getCredentialIssuerEntityConfiguration = getCredentialIssuerEntityConfiguration;
|
|
57
|
+
const getTrustAnchorEntityConfiguration = (entityBaseUrl, options) => fetchAndParseEntityConfiguration(entityBaseUrl, _types.TrustAnchorEntityConfiguration, options);
|
|
58
|
+
exports.getTrustAnchorEntityConfiguration = getTrustAnchorEntityConfiguration;
|
|
59
|
+
const getRelyingPartyEntityConfiguration = (entityBaseUrl, options) => fetchAndParseEntityConfiguration(entityBaseUrl, _types.RelyingPartyEntityConfiguration, options);
|
|
60
|
+
exports.getRelyingPartyEntityConfiguration = getRelyingPartyEntityConfiguration;
|
|
61
|
+
const getEntityConfiguration = (entityBaseUrl, options) => fetchAndParseEntityConfiguration(entityBaseUrl, _types.EntityConfiguration, options);
|
|
62
|
+
exports.getEntityConfiguration = getEntityConfiguration;
|
|
44
63
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_ioReactNativeJwt","require","_types","_errors","_chain","
|
|
1
|
+
{"version":3,"names":["_ioReactNativeJwt","require","_types","_errors","_chain","fetchAndParseEntityConfiguration","entityBaseUrl","schema","appFetch","fetch","arguments","length","undefined","wellKnownUrl","response","method","status","responseText","text","responseJwt","decodeJwt","parse","header","protectedHeader","payload","IoWalletError","getWalletProviderEntityConfiguration","options","WalletProviderEntityConfiguration","exports","getCredentialIssuerEntityConfiguration","CredentialIssuerEntityConfiguration","getTrustAnchorEntityConfiguration","TrustAnchorEntityConfiguration","getRelyingPartyEntityConfiguration","RelyingPartyEntityConfiguration","getEntityConfiguration","EntityConfiguration"],"sourceRoot":"../../../src","sources":["trust/index.ts"],"mappings":";;;;;;;;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AACA,IAAAC,MAAA,GAAAD,OAAA;AAOA,IAAAE,OAAA,GAAAF,OAAA;AACA,IAAAG,MAAA,GAAAH,OAAA;AAIA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAoCA,eAAeI,gCAAgCA,CAC7CC,aAAqB,EACrBC,MAK8B,EAM9B;EAAA,IALA;IACEC,QAAQ,GAAGC;EAGb,CAAC,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EAEN,MAAMG,YAAY,GAAI,GAAEP,aAAc,gCAA+B;EAErE,MAAMQ,QAAQ,GAAG,MAAMN,QAAQ,CAACK,YAAY,EAAE;IAC5CE,MAAM,EAAE;EACV,CAAC,CAAC;EAEF,IAAID,QAAQ,CAACE,MAAM,KAAK,GAAG,EAAE;IAC3B,MAAMC,YAAY,GAAG,MAAMH,QAAQ,CAACI,IAAI,CAAC,CAAC;IAC1C,MAAMC,WAAW,GAAG,IAAAC,wBAAS,EAACH,YAAY,CAAC;IAC3C,OAAOV,MAAM,CAACc,KAAK,CAAC;MAClBC,MAAM,EAAEH,WAAW,CAACI,eAAe;MACnCC,OAAO,EAAEL,WAAW,CAACK;IACvB,CAAC,CAAC;EACJ;EAEA,MAAM,IAAIC,qBAAa,CACpB,4CAA2CZ,YAAa,oBAAmBC,QAAQ,CAACE,MAAO,EAC9F,CAAC;AACH;AAEO,MAAMU,oCAAoC,GAAGA,CAClDpB,aAAqE,EACrEqB,OAAgE,KAEhEtB,gCAAgC,CAC9BC,aAAa,EACbsB,wCAAiC,EACjCD,OACF,CAAC;AAACE,OAAA,CAAAH,oCAAA,GAAAA,oCAAA;AAEG,MAAMI,sCAAsC,GAAGA,CACpDxB,aAAqE,EACrEqB,OAAgE,KAEhEtB,gCAAgC,CAC9BC,aAAa,EACbyB,0CAAmC,EACnCJ,OACF,CAAC;AAACE,OAAA,CAAAC,sCAAA,GAAAA,sCAAA;AAEG,MAAME,iCAAiC,GAAGA,CAC/C1B,aAAqE,EACrEqB,OAAgE,KAEhEtB,gCAAgC,CAC9BC,aAAa,EACb2B,qCAA8B,EAC9BN,OACF,CAAC;AAACE,OAAA,CAAAG,iCAAA,GAAAA,iCAAA;AAEG,MAAME,kCAAkC,GAAGA,CAChD5B,aAAqE,EACrEqB,OAAgE,KAEhEtB,gCAAgC,CAC9BC,aAAa,EACb6B,sCAA+B,EAC/BR,OACF,CAAC;AAACE,OAAA,CAAAK,kCAAA,GAAAA,kCAAA;AAEG,MAAME,sBAAsB,GAAGA,CACpC9B,aAAqE,EACrEqB,OAAgE,KAEhEtB,gCAAgC,CAACC,aAAa,EAAE+B,0BAAmB,EAAEV,OAAO,CAAC;AAACE,OAAA,CAAAO,sBAAA,GAAAA,sBAAA"}
|