@pagopa/io-react-native-wallet 0.7.4 → 0.9.0
Sign up to get free protection for your applications and to get access to all the features.
- package/README.md +49 -31
- package/lib/commonjs/credential/index.js +13 -0
- package/lib/commonjs/credential/index.js.map +1 -0
- package/lib/commonjs/credential/issuance/01-start-flow.js +2 -0
- package/lib/commonjs/credential/issuance/01-start-flow.js.map +1 -0
- package/lib/commonjs/credential/issuance/02-evaluate-issuer-trust.js +26 -0
- package/lib/commonjs/credential/issuance/02-evaluate-issuer-trust.js.map +1 -0
- package/lib/commonjs/credential/issuance/03-start-user-authorization.js +119 -0
- package/lib/commonjs/credential/issuance/03-start-user-authorization.js.map +1 -0
- package/lib/commonjs/credential/issuance/04-complete-user-authorization.js +6 -0
- package/lib/commonjs/credential/issuance/04-complete-user-authorization.js.map +1 -0
- package/lib/commonjs/credential/issuance/05-authorize-access.js +63 -0
- package/lib/commonjs/credential/issuance/05-authorize-access.js.map +1 -0
- package/lib/commonjs/credential/issuance/06-obtain-credential.js +128 -0
- package/lib/commonjs/credential/issuance/06-obtain-credential.js.map +1 -0
- package/lib/commonjs/credential/issuance/07-confirm-credential.js +6 -0
- package/lib/commonjs/credential/issuance/07-confirm-credential.js.map +1 -0
- package/lib/commonjs/credential/issuance/const.js +9 -0
- package/lib/commonjs/credential/issuance/const.js.map +1 -0
- package/lib/commonjs/credential/issuance/index.js +34 -0
- package/lib/commonjs/credential/issuance/index.js.map +1 -0
- package/lib/commonjs/credential/presentation/01-start-flow.js +55 -0
- package/lib/commonjs/credential/presentation/01-start-flow.js.map +1 -0
- package/lib/commonjs/credential/presentation/02-evaluate-rp-trust.js +32 -0
- package/lib/commonjs/credential/presentation/02-evaluate-rp-trust.js.map +1 -0
- package/lib/commonjs/credential/presentation/03-get-request-object.js +68 -0
- package/lib/commonjs/credential/presentation/03-get-request-object.js.map +1 -0
- package/lib/commonjs/credential/presentation/04-send-authorization-response.js +139 -0
- package/lib/commonjs/credential/presentation/04-send-authorization-response.js.map +1 -0
- package/lib/commonjs/credential/presentation/index.js +34 -0
- package/lib/commonjs/credential/presentation/index.js.map +1 -0
- package/lib/commonjs/{rp → credential/presentation}/types.js +17 -34
- package/lib/commonjs/credential/presentation/types.js.map +1 -0
- package/lib/commonjs/index.js +10 -61
- package/lib/commonjs/index.js.map +1 -1
- package/lib/commonjs/pid/index.js +1 -3
- package/lib/commonjs/pid/index.js.map +1 -1
- package/lib/commonjs/sd-jwt/index.js +1 -1
- package/lib/commonjs/sd-jwt/index.js.map +1 -1
- package/lib/commonjs/sd-jwt/types.js +1 -1
- package/lib/commonjs/sd-jwt/types.js.map +1 -1
- package/lib/commonjs/trust/chain.js +32 -4
- package/lib/commonjs/trust/chain.js.map +1 -1
- package/lib/commonjs/trust/index.js +105 -20
- package/lib/commonjs/trust/index.js.map +1 -1
- package/lib/commonjs/trust/types.js +54 -35
- package/lib/commonjs/trust/types.js.map +1 -1
- package/lib/commonjs/utils/crypto.js +5 -18
- package/lib/commonjs/utils/crypto.js.map +1 -1
- package/lib/commonjs/utils/misc.js +23 -0
- package/lib/commonjs/utils/misc.js.map +1 -0
- package/lib/commonjs/utils/par.js +86 -0
- package/lib/commonjs/utils/par.js.map +1 -0
- package/lib/module/credential/index.js +4 -0
- package/lib/module/credential/index.js.map +1 -0
- package/lib/module/credential/issuance/01-start-flow.js +2 -0
- package/lib/module/credential/issuance/01-start-flow.js.map +1 -0
- package/lib/module/credential/issuance/02-evaluate-issuer-trust.js +19 -0
- package/lib/module/credential/issuance/02-evaluate-issuer-trust.js.map +1 -0
- package/lib/module/credential/issuance/03-start-user-authorization.js +109 -0
- package/lib/module/credential/issuance/03-start-user-authorization.js.map +1 -0
- package/lib/module/credential/issuance/04-complete-user-authorization.js +2 -0
- package/lib/module/credential/issuance/04-complete-user-authorization.js.map +1 -0
- package/lib/module/credential/issuance/05-authorize-access.js +55 -0
- package/lib/module/credential/issuance/05-authorize-access.js.map +1 -0
- package/lib/module/credential/issuance/06-obtain-credential.js +117 -0
- package/lib/module/credential/issuance/06-obtain-credential.js.map +1 -0
- package/lib/module/credential/issuance/07-confirm-credential.js +2 -0
- package/lib/module/credential/issuance/07-confirm-credential.js.map +1 -0
- package/lib/module/credential/issuance/const.js +2 -0
- package/lib/module/credential/issuance/const.js.map +1 -0
- package/lib/module/credential/issuance/index.js +6 -0
- package/lib/module/credential/issuance/index.js.map +1 -0
- package/lib/module/credential/presentation/01-start-flow.js +46 -0
- package/lib/module/credential/presentation/01-start-flow.js.map +1 -0
- package/lib/module/credential/presentation/02-evaluate-rp-trust.js +25 -0
- package/lib/module/credential/presentation/02-evaluate-rp-trust.js.map +1 -0
- package/lib/module/credential/presentation/03-get-request-object.js +60 -0
- package/lib/module/credential/presentation/03-get-request-object.js.map +1 -0
- package/lib/module/credential/presentation/04-send-authorization-response.js +128 -0
- package/lib/module/credential/presentation/04-send-authorization-response.js.map +1 -0
- package/lib/module/credential/presentation/index.js +6 -0
- package/lib/module/credential/presentation/index.js.map +1 -0
- package/lib/module/credential/presentation/types.js +21 -0
- package/lib/module/credential/presentation/types.js.map +1 -0
- package/lib/module/index.js +4 -5
- package/lib/module/index.js.map +1 -1
- package/lib/module/pid/index.js +1 -2
- package/lib/module/pid/index.js.map +1 -1
- package/lib/module/sd-jwt/index.js +1 -1
- package/lib/module/sd-jwt/index.js.map +1 -1
- package/lib/module/sd-jwt/types.js +1 -1
- package/lib/module/sd-jwt/types.js.map +1 -1
- package/lib/module/trust/chain.js +30 -3
- package/lib/module/trust/chain.js.map +1 -1
- package/lib/module/trust/index.js +99 -16
- package/lib/module/trust/index.js.map +1 -1
- package/lib/module/trust/types.js +50 -31
- package/lib/module/trust/types.js.map +1 -1
- package/lib/module/utils/crypto.js +2 -15
- package/lib/module/utils/crypto.js.map +1 -1
- package/lib/module/utils/misc.js +17 -0
- package/lib/module/utils/misc.js.map +1 -0
- package/lib/module/utils/par.js +74 -0
- package/lib/module/utils/par.js.map +1 -0
- package/lib/typescript/credential/index.d.ts +4 -0
- package/lib/typescript/credential/index.d.ts.map +1 -0
- package/lib/typescript/credential/issuance/01-start-flow.d.ts +11 -0
- package/lib/typescript/credential/issuance/01-start-flow.d.ts.map +1 -0
- package/lib/typescript/credential/issuance/02-evaluate-issuer-trust.d.ts +18 -0
- package/lib/typescript/credential/issuance/02-evaluate-issuer-trust.d.ts.map +1 -0
- package/lib/typescript/credential/issuance/03-start-user-authorization.d.ts +31 -0
- package/lib/typescript/credential/issuance/03-start-user-authorization.d.ts.map +1 -0
- package/lib/typescript/credential/issuance/04-complete-user-authorization.d.ts +16 -0
- package/lib/typescript/credential/issuance/04-complete-user-authorization.d.ts.map +1 -0
- package/lib/typescript/credential/issuance/05-authorize-access.d.ts +26 -0
- package/lib/typescript/credential/issuance/05-authorize-access.d.ts.map +1 -0
- package/lib/typescript/credential/issuance/06-obtain-credential.d.ts +32 -0
- package/lib/typescript/credential/issuance/06-obtain-credential.d.ts.map +1 -0
- package/lib/typescript/credential/issuance/07-confirm-credential.d.ts +11 -0
- package/lib/typescript/credential/issuance/07-confirm-credential.d.ts.map +1 -0
- package/lib/typescript/credential/issuance/const.d.ts +2 -0
- package/lib/typescript/credential/issuance/const.d.ts.map +1 -0
- package/lib/typescript/credential/issuance/index.d.ts +10 -0
- package/lib/typescript/credential/issuance/index.d.ts.map +1 -0
- package/lib/typescript/credential/presentation/01-start-flow.d.ts +20 -0
- package/lib/typescript/credential/presentation/01-start-flow.d.ts.map +1 -0
- package/lib/typescript/credential/presentation/02-evaluate-rp-trust.d.ts +18 -0
- package/lib/typescript/credential/presentation/02-evaluate-rp-trust.d.ts.map +1 -0
- package/lib/typescript/credential/presentation/03-get-request-object.d.ts +25 -0
- package/lib/typescript/credential/presentation/03-get-request-object.d.ts.map +1 -0
- package/lib/typescript/credential/presentation/04-send-authorization-response.d.ts +34 -0
- package/lib/typescript/credential/presentation/04-send-authorization-response.d.ts.map +1 -0
- package/lib/typescript/credential/presentation/index.d.ts +7 -0
- package/lib/typescript/credential/presentation/index.d.ts.map +1 -0
- package/lib/typescript/credential/presentation/types.d.ts +49 -0
- package/lib/typescript/credential/presentation/types.d.ts.map +1 -0
- package/lib/typescript/index.d.ts +4 -5
- package/lib/typescript/index.d.ts.map +1 -1
- package/lib/typescript/pid/index.d.ts +1 -2
- package/lib/typescript/pid/index.d.ts.map +1 -1
- package/lib/typescript/sd-jwt/index.d.ts +2 -2
- package/lib/typescript/sd-jwt/index.d.ts.map +1 -1
- package/lib/typescript/sd-jwt/types.d.ts +5 -5
- package/lib/typescript/trust/chain.d.ts +12 -3
- package/lib/typescript/trust/chain.d.ts.map +1 -1
- package/lib/typescript/trust/index.d.ts +198 -24
- package/lib/typescript/trust/index.d.ts.map +1 -1
- package/lib/typescript/trust/types.d.ts +1299 -623
- package/lib/typescript/trust/types.d.ts.map +1 -1
- package/lib/typescript/utils/crypto.d.ts +1 -1
- package/lib/typescript/utils/crypto.d.ts.map +1 -1
- package/lib/typescript/utils/dpop.d.ts +2 -2
- package/lib/typescript/utils/misc.d.ts +8 -0
- package/lib/typescript/utils/misc.d.ts.map +1 -0
- package/lib/typescript/utils/par.d.ts +68 -0
- package/lib/typescript/utils/par.d.ts.map +1 -0
- package/package.json +2 -2
- package/src/credential/index.ts +4 -0
- package/src/credential/issuance/01-start-flow.ts +10 -0
- package/src/credential/issuance/02-evaluate-issuer-trust.ts +31 -0
- package/src/credential/issuance/03-start-user-authorization.ts +138 -0
- package/src/credential/issuance/04-complete-user-authorization.ts +17 -0
- package/src/credential/issuance/05-authorize-access.ts +92 -0
- package/src/credential/issuance/06-obtain-credential.ts +179 -0
- package/src/credential/issuance/07-confirm-credential.ts +14 -0
- package/src/credential/issuance/const.ts +2 -0
- package/src/credential/issuance/index.ts +32 -0
- package/src/credential/presentation/01-start-flow.ts +51 -0
- package/src/credential/presentation/02-evaluate-rp-trust.ts +33 -0
- package/src/credential/presentation/03-get-request-object.ts +85 -0
- package/src/credential/presentation/04-send-authorization-response.ts +168 -0
- package/src/credential/presentation/index.ts +26 -0
- package/src/credential/presentation/types.ts +27 -0
- package/src/index.ts +7 -28
- package/src/pid/index.ts +1 -2
- package/src/sd-jwt/index.ts +2 -2
- package/src/sd-jwt/types.ts +1 -1
- package/src/trust/chain.ts +45 -3
- package/src/trust/index.ts +136 -19
- package/src/trust/types.ts +57 -35
- package/src/utils/crypto.ts +2 -20
- package/src/utils/misc.ts +23 -0
- package/src/utils/par.ts +103 -0
- package/lib/commonjs/pid/issuing.js +0 -276
- package/lib/commonjs/pid/issuing.js.map +0 -1
- package/lib/commonjs/rp/__test__/index.test.js +0 -172
- package/lib/commonjs/rp/__test__/index.test.js.map +0 -1
- package/lib/commonjs/rp/index.js +0 -239
- package/lib/commonjs/rp/index.js.map +0 -1
- package/lib/commonjs/rp/types.js.map +0 -1
- package/lib/module/pid/issuing.js +0 -266
- package/lib/module/pid/issuing.js.map +0 -1
- package/lib/module/rp/__test__/index.test.js +0 -168
- package/lib/module/rp/__test__/index.test.js.map +0 -1
- package/lib/module/rp/index.js +0 -228
- package/lib/module/rp/index.js.map +0 -1
- package/lib/module/rp/types.js +0 -36
- package/lib/module/rp/types.js.map +0 -1
- package/lib/typescript/pid/issuing.d.ts +0 -57
- package/lib/typescript/pid/issuing.d.ts.map +0 -1
- package/lib/typescript/rp/__test__/index.test.d.ts +0 -2
- package/lib/typescript/rp/__test__/index.test.d.ts.map +0 -1
- package/lib/typescript/rp/index.d.ts +0 -43
- package/lib/typescript/rp/index.d.ts.map +0 -1
- package/lib/typescript/rp/types.d.ts +0 -122
- package/lib/typescript/rp/types.d.ts.map +0 -1
- package/src/pid/issuing.ts +0 -405
- package/src/rp/__test__/index.test.ts +0 -250
- package/src/rp/index.ts +0 -287
- package/src/rp/types.ts +0 -42
|
@@ -3,11 +3,13 @@
|
|
|
3
3
|
Object.defineProperty(exports, "__esModule", {
|
|
4
4
|
value: true
|
|
5
5
|
});
|
|
6
|
-
exports.
|
|
6
|
+
exports.renewTrustChain = renewTrustChain;
|
|
7
|
+
exports.validateTrustChain = validateTrustChain;
|
|
7
8
|
var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
|
|
8
9
|
var _types = require("./types");
|
|
9
10
|
var _errors = require("../utils/errors");
|
|
10
11
|
var z = _interopRequireWildcard(require("zod"));
|
|
12
|
+
var _ = require(".");
|
|
11
13
|
function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
|
|
12
14
|
function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
|
|
13
15
|
// Verify a token signature
|
|
@@ -48,12 +50,12 @@ const LastElementShape = z.union([_types.EntityStatement, _types.TrustAnchorEnti
|
|
|
48
50
|
/**
|
|
49
51
|
* Validates a provided trust chain against a known trust
|
|
50
52
|
*
|
|
51
|
-
* @param trustAnchorEntity
|
|
52
|
-
* @param chain
|
|
53
|
+
* @param trustAnchorEntity The entity configuration of the known trust anchor
|
|
54
|
+
* @param chain The chain of statements to be validate
|
|
53
55
|
* @returns The list of parsed token representing the chain
|
|
54
56
|
* @throws {IoWalletError} If the chain is not valid
|
|
55
57
|
*/
|
|
56
|
-
async function
|
|
58
|
+
async function validateTrustChain(trustAnchorEntity, chain) {
|
|
57
59
|
// If the chain is empty, fail
|
|
58
60
|
if (chain.length === 0) {
|
|
59
61
|
throw new _errors.IoWalletError("Cannot verify empty trust chain");
|
|
@@ -91,4 +93,30 @@ async function verifyTrustChain(trustAnchorEntity, chain) {
|
|
|
91
93
|
// If there is no next, hence it's the end of the chain and it must be verified by the Trust Anchor
|
|
92
94
|
return Promise.all(chain.map((token, i) => [token, selectKid(i), selectKeys(i)]).map(args => verify(...args)));
|
|
93
95
|
}
|
|
96
|
+
|
|
97
|
+
/**
|
|
98
|
+
* Given a trust chain, obtain a new trust chain by fetching each element's fresh version
|
|
99
|
+
*
|
|
100
|
+
* @param chain The original chain
|
|
101
|
+
* @param appFetch (optional) fetch api implementation
|
|
102
|
+
* @returns A list of signed token that reprensent the trust chain, in the same order of the provided chain
|
|
103
|
+
* @throws When an element of the chain fails to parse
|
|
104
|
+
*/
|
|
105
|
+
function renewTrustChain(chain) {
|
|
106
|
+
let appFetch = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : fetch;
|
|
107
|
+
return Promise.all(chain
|
|
108
|
+
// Decode each item to determine its shape
|
|
109
|
+
.map(decode).map(e => [_types.EntityStatement.safeParse(e), _types.EntityConfiguration.safeParse(e)])
|
|
110
|
+
// fetch the element according to its shape
|
|
111
|
+
.map((_ref, i) => {
|
|
112
|
+
let [es, ec] = _ref;
|
|
113
|
+
return ec.success ? (0, _.getSignedEntityConfiguration)(ec.data.payload.iss, {
|
|
114
|
+
appFetch
|
|
115
|
+
}) : es.success ? (0, _.getSignedEntityStatement)(es.data.payload.iss, es.data.payload.sub, {
|
|
116
|
+
appFetch
|
|
117
|
+
}) :
|
|
118
|
+
// if the element fail to parse in both EntityStatement and EntityConfiguration, raise an error
|
|
119
|
+
Promise.reject(new _errors.IoWalletError(`Cannot renew trust chain because the element #${i} failed to be parsed.`));
|
|
120
|
+
}));
|
|
121
|
+
}
|
|
94
122
|
//# sourceMappingURL=chain.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_ioReactNativeJwt","require","_types","_errors","z","_interopRequireWildcard","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","verify","token","kid","jwks","jwk","find","k","Error","protectedHeader","header","payload","verifyJwt","decode","decodeJwt","FirstElementShape","EntityConfiguration","MiddleElementShape","EntityStatement","LastElementShape","union","TrustAnchorEntityConfiguration","
|
|
1
|
+
{"version":3,"names":["_ioReactNativeJwt","require","_types","_errors","z","_interopRequireWildcard","_","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","verify","token","kid","jwks","jwk","find","k","Error","protectedHeader","header","payload","verifyJwt","decode","decodeJwt","FirstElementShape","EntityConfiguration","MiddleElementShape","EntityStatement","LastElementShape","union","TrustAnchorEntityConfiguration","validateTrustChain","trustAnchorEntity","chain","length","IoWalletError","selectTokenShape","elementIndex","selectKid","currentIndex","shape","parse","selectKeys","keys","nextIndex","nextToken","Promise","all","map","i","args","renewTrustChain","appFetch","arguments","undefined","fetch","e","safeParse","_ref","es","ec","success","getSignedEntityConfiguration","data","iss","getSignedEntityStatement","sub","reject"],"sourceRoot":"../../../src","sources":["trust/chain.ts"],"mappings":";;;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AAIA,IAAAC,MAAA,GAAAD,OAAA;AAMA,IAAAE,OAAA,GAAAF,OAAA;AACA,IAAAG,CAAA,GAAAC,uBAAA,CAAAJ,OAAA;AAEA,IAAAK,CAAA,GAAAL,OAAA;AAA2E,SAAAM,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAH,wBAAAO,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAO3E;AACA;AACA,MAAMW,MAAM,GAAG,MAAAA,CACbC,KAAa,EACbC,GAAW,EACXC,IAAW,KACc;EACzB,MAAMC,GAAG,GAAGD,IAAI,CAACE,IAAI,CAAEC,CAAC,IAAKA,CAAC,CAACJ,GAAG,KAAKA,GAAG,CAAC;EAC3C,IAAI,CAACE,GAAG,EAAE;IACR,MAAM,IAAIG,KAAK,CAAE,gBAAeL,GAAI,YAAWD,KAAM,EAAC,CAAC;EACzD;EACA,MAAM;IAAEO,eAAe,EAAEC,MAAM;IAAEC;EAAQ,CAAC,GAAG,MAAM,IAAAC,wBAAS,EAACV,KAAK,EAAEG,GAAG,CAAC;EACxE,OAAO;IAAEK,MAAM;IAAEC;EAAQ,CAAC;AAC5B,CAAC;AAED,MAAME,MAAM,GAAIX,KAAa,IAAK;EAChC,MAAM;IAAEO,eAAe,EAAEC,MAAM;IAAEC;EAAQ,CAAC,GAAG,IAAAG,wBAAS,EAACZ,KAAK,CAAC;EAC7D,OAAO;IAAEQ,MAAM;IAAEC;EAAQ,CAAC;AAC5B,CAAC;;AAED;AACA,MAAMI,iBAAiB,GAAGC,0BAAmB;AAC7C;AACA,MAAMC,kBAAkB,GAAGC,sBAAe;AAC1C;AACA;AACA,MAAMC,gBAAgB,GAAG3C,CAAC,CAAC4C,KAAK,CAAC,CAC/BF,sBAAe,EACfG,qCAA8B,CAC/B,CAAC;;AAEF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,eAAeC,kBAAkBA,CACtCC,iBAAiD,EACjDC,KAAe,EACS;EACxB;EACA,IAAIA,KAAK,CAACC,MAAM,KAAK,CAAC,EAAE;IACtB,MAAM,IAAIC,qBAAa,CAAC,iCAAiC,CAAC;EAC5D;;EAEA;EACA,MAAMC,gBAAgB,GAAIC,YAAoB,IAC5CA,YAAY,KAAK,CAAC,GACdb,iBAAiB,GACjBa,YAAY,KAAKJ,KAAK,CAACC,MAAM,GAAG,CAAC,GACjCN,gBAAgB,GAChBF,kBAAkB;;EAExB;EACA,MAAMY,SAAS,GAAIC,YAAoB,IAAa;IAClD,MAAM5B,KAAK,GAAGsB,KAAK,CAACM,YAAY,CAAC;IACjC,IAAI,CAAC5B,KAAK,EAAE;MACV,MAAM,IAAIwB,qBAAa,CAAE,gCAA+B,CAAC;IAC3D;IACA,MAAMK,KAAK,GAAGJ,gBAAgB,CAACG,YAAY,CAAC;IAC5C,OAAOC,KAAK,CAACC,KAAK,CAACnB,MAAM,CAACX,KAAK,CAAC,CAAC,CAACQ,MAAM,CAACP,GAAG;EAC9C,CAAC;;EAED;EACA;EACA,MAAM8B,UAAU,GAAIH,YAAoB,IAAY;IAClD,IAAIA,YAAY,KAAKN,KAAK,CAACC,MAAM,GAAG,CAAC,EAAE;MACrC,OAAOF,iBAAiB,CAACZ,OAAO,CAACP,IAAI,CAAC8B,IAAI;IAC5C;IAEA,MAAMC,SAAS,GAAGL,YAAY,GAAG,CAAC;IAClC,MAAMM,SAAS,GAAGZ,KAAK,CAACW,SAAS,CAAC;IAClC,IAAI,CAACC,SAAS,EAAE;MACd,MAAM,IAAIV,qBAAa,CAAE,qCAAoC,CAAC;IAChE;IACA,MAAMK,KAAK,GAAGJ,gBAAgB,CAACQ,SAAS,CAAC;IACzC,OAAOJ,KAAK,CAACC,KAAK,CAACnB,MAAM,CAACuB,SAAS,CAAC,CAAC,CAACzB,OAAO,CAACP,IAAI,CAAC8B,IAAI;EACzD,CAAC;;EAED;EACA;EACA,OAAOG,OAAO,CAACC,GAAG,CAChBd,KAAK,CACFe,GAAG,CAAC,CAACrC,KAAK,EAAEsC,CAAC,KAAK,CAACtC,KAAK,EAAE2B,SAAS,CAACW,CAAC,CAAC,EAAEP,UAAU,CAACO,CAAC,CAAC,CAAU,CAAC,CAChED,GAAG,CAAEE,IAAI,IAAKxC,MAAM,CAAC,GAAGwC,IAAI,CAAC,CAClC,CAAC;AACH;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,SAASC,eAAeA,CAC7BlB,KAAe,EAEf;EAAA,IADAmB,QAA8B,GAAAC,SAAA,CAAAnB,MAAA,QAAAmB,SAAA,QAAAC,SAAA,GAAAD,SAAA,MAAGE,KAAK;EAEtC,OAAOT,OAAO,CAACC,GAAG,CAChBd;EACE;EAAA,CACCe,GAAG,CAAC1B,MAAM,CAAC,CACX0B,GAAG,CACDQ,CAAC,IACA,CACE7B,sBAAe,CAAC8B,SAAS,CAACD,CAAC,CAAC,EAC5B/B,0BAAmB,CAACgC,SAAS,CAACD,CAAC,CAAC,CAEtC;EACA;EAAA,CACCR,GAAG,CAAC,CAAAU,IAAA,EAAWT,CAAC;IAAA,IAAX,CAACU,EAAE,EAAEC,EAAE,CAAC,GAAAF,IAAA;IAAA,OACZE,EAAE,CAACC,OAAO,GACN,IAAAC,8BAA4B,EAACF,EAAE,CAACG,IAAI,CAAC3C,OAAO,CAAC4C,GAAG,EAAE;MAAEZ;IAAS,CAAC,CAAC,GAC/DO,EAAE,CAACE,OAAO,GACV,IAAAI,0BAAwB,EAACN,EAAE,CAACI,IAAI,CAAC3C,OAAO,CAAC4C,GAAG,EAAEL,EAAE,CAACI,IAAI,CAAC3C,OAAO,CAAC8C,GAAG,EAAE;MACjEd;IACF,CAAC,CAAC;IACF;IACAN,OAAO,CAACqB,MAAM,CACZ,IAAIhC,qBAAa,CACd,iDAAgDc,CAAE,uBACrD,CACF,CAAC;EAAA,CACP,CACJ,CAAC;AACH"}
|
|
@@ -3,17 +3,62 @@
|
|
|
3
3
|
Object.defineProperty(exports, "__esModule", {
|
|
4
4
|
value: true
|
|
5
5
|
});
|
|
6
|
-
exports.
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
6
|
+
exports.getEntityConfiguration = exports.getCredentialIssuerEntityConfiguration = void 0;
|
|
7
|
+
exports.getEntityStatement = getEntityStatement;
|
|
8
|
+
exports.getRelyingPartyEntityConfiguration = void 0;
|
|
9
|
+
exports.getSignedEntityConfiguration = getSignedEntityConfiguration;
|
|
10
|
+
exports.getSignedEntityStatement = getSignedEntityStatement;
|
|
11
|
+
exports.getWalletProviderEntityConfiguration = exports.getTrustAnchorEntityConfiguration = void 0;
|
|
12
|
+
exports.verifyTrustChain = verifyTrustChain;
|
|
13
13
|
var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
|
|
14
14
|
var _types = require("./types");
|
|
15
|
-
var _errors = require("../utils/errors");
|
|
16
15
|
var _chain = require("./chain");
|
|
16
|
+
var _misc = require("../utils/misc");
|
|
17
|
+
/**
|
|
18
|
+
* Verify a given trust chain is actually valid.
|
|
19
|
+
* It can handle fast chain renewal, which means we try to fetch a fresh version of each statement.
|
|
20
|
+
*
|
|
21
|
+
* @param trustAnchorEntity The entity configuration of the known trust anchor
|
|
22
|
+
* @param chain The chain of statements to be validate
|
|
23
|
+
* @param options.renewOnFail Whether to renew the provided chain if the validation fails at first. Default: true
|
|
24
|
+
* @param options.appFetch Fetch api implementation. Default: the built-in implementation
|
|
25
|
+
* @returns The result of the chain validation
|
|
26
|
+
* @throws {IoWalletError} When either validation or renewal fail
|
|
27
|
+
*/
|
|
28
|
+
async function verifyTrustChain(trustAnchorEntity, chain) {
|
|
29
|
+
let {
|
|
30
|
+
appFetch = fetch,
|
|
31
|
+
renewOnFail = true
|
|
32
|
+
} = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : {};
|
|
33
|
+
try {
|
|
34
|
+
return (0, _chain.validateTrustChain)(trustAnchorEntity, chain);
|
|
35
|
+
} catch (error) {
|
|
36
|
+
if (renewOnFail) {
|
|
37
|
+
const renewedChain = await (0, _chain.renewTrustChain)(chain, appFetch);
|
|
38
|
+
return (0, _chain.validateTrustChain)(trustAnchorEntity, renewedChain);
|
|
39
|
+
} else {
|
|
40
|
+
throw error;
|
|
41
|
+
}
|
|
42
|
+
}
|
|
43
|
+
}
|
|
44
|
+
|
|
45
|
+
/**
|
|
46
|
+
* Fetch the signed entity configuration token for an entity
|
|
47
|
+
*
|
|
48
|
+
* @param entityBaseUrl The url of the entity to fetch
|
|
49
|
+
* @param param.appFetch (optional) fetch api implemention
|
|
50
|
+
* @returns The signed Entity Configuration token
|
|
51
|
+
*/
|
|
52
|
+
async function getSignedEntityConfiguration(entityBaseUrl) {
|
|
53
|
+
let {
|
|
54
|
+
appFetch = fetch
|
|
55
|
+
} = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {};
|
|
56
|
+
const wellKnownUrl = `${entityBaseUrl}/.well-known/openid-federation`;
|
|
57
|
+
return await appFetch(wellKnownUrl, {
|
|
58
|
+
method: "GET"
|
|
59
|
+
}).then((0, _misc.hasStatus)(200)).then(res => res.text());
|
|
60
|
+
}
|
|
61
|
+
|
|
17
62
|
/**
|
|
18
63
|
* Fetch and parse the entity configuration document for a given federation entity.
|
|
19
64
|
* This is an inner method to serve public interfaces.
|
|
@@ -36,19 +81,14 @@ async function fetchAndParseEntityConfiguration(entityBaseUrl, schema) {
|
|
|
36
81
|
let {
|
|
37
82
|
appFetch = fetch
|
|
38
83
|
} = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : {};
|
|
39
|
-
const
|
|
40
|
-
|
|
41
|
-
|
|
84
|
+
const responseText = await getSignedEntityConfiguration(entityBaseUrl, {
|
|
85
|
+
appFetch
|
|
86
|
+
});
|
|
87
|
+
const responseJwt = (0, _ioReactNativeJwt.decode)(responseText);
|
|
88
|
+
return schema.parse({
|
|
89
|
+
header: responseJwt.protectedHeader,
|
|
90
|
+
payload: responseJwt.payload
|
|
42
91
|
});
|
|
43
|
-
if (response.status === 200) {
|
|
44
|
-
const responseText = await response.text();
|
|
45
|
-
const responseJwt = (0, _ioReactNativeJwt.decode)(responseText);
|
|
46
|
-
return schema.parse({
|
|
47
|
-
header: responseJwt.protectedHeader,
|
|
48
|
-
payload: responseJwt.payload
|
|
49
|
-
});
|
|
50
|
-
}
|
|
51
|
-
throw new _errors.IoWalletError(`Unable to obtain Entity Configuration at ${wellKnownUrl}. Response code: ${response.status}`);
|
|
52
92
|
}
|
|
53
93
|
const getWalletProviderEntityConfiguration = (entityBaseUrl, options) => fetchAndParseEntityConfiguration(entityBaseUrl, _types.WalletProviderEntityConfiguration, options);
|
|
54
94
|
exports.getWalletProviderEntityConfiguration = getWalletProviderEntityConfiguration;
|
|
@@ -59,5 +99,50 @@ exports.getTrustAnchorEntityConfiguration = getTrustAnchorEntityConfiguration;
|
|
|
59
99
|
const getRelyingPartyEntityConfiguration = (entityBaseUrl, options) => fetchAndParseEntityConfiguration(entityBaseUrl, _types.RelyingPartyEntityConfiguration, options);
|
|
60
100
|
exports.getRelyingPartyEntityConfiguration = getRelyingPartyEntityConfiguration;
|
|
61
101
|
const getEntityConfiguration = (entityBaseUrl, options) => fetchAndParseEntityConfiguration(entityBaseUrl, _types.EntityConfiguration, options);
|
|
102
|
+
|
|
103
|
+
/**
|
|
104
|
+
* Fetch and parse the entity statement document for a given federation entity.
|
|
105
|
+
*
|
|
106
|
+
* @param accreditationBodyBaseUrl The base url of the accreditaion body which holds and signs the required entity statement
|
|
107
|
+
* @param subordinatedEntityBaseUrl The url that identifies the subordinate entity
|
|
108
|
+
* @param options.appFetch An optional instance of the http client to be used.
|
|
109
|
+
* @returns The parsed entity configuration object
|
|
110
|
+
* @throws {IoWalletError} If the http request fails
|
|
111
|
+
* @throws Parse error if the document is not in the expected shape.
|
|
112
|
+
*/
|
|
62
113
|
exports.getEntityConfiguration = getEntityConfiguration;
|
|
114
|
+
async function getEntityStatement(accreditationBodyBaseUrl, subordinatedEntityBaseUrl) {
|
|
115
|
+
let {
|
|
116
|
+
appFetch = fetch
|
|
117
|
+
} = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : {};
|
|
118
|
+
const responseText = await getSignedEntityStatement(accreditationBodyBaseUrl, subordinatedEntityBaseUrl, {
|
|
119
|
+
appFetch
|
|
120
|
+
});
|
|
121
|
+
const responseJwt = (0, _ioReactNativeJwt.decode)(responseText);
|
|
122
|
+
return _types.EntityStatement.parse({
|
|
123
|
+
header: responseJwt.protectedHeader,
|
|
124
|
+
payload: responseJwt.payload
|
|
125
|
+
});
|
|
126
|
+
}
|
|
127
|
+
|
|
128
|
+
/**
|
|
129
|
+
* Fetch the entity statement document for a given federation entity.
|
|
130
|
+
*
|
|
131
|
+
* @param accreditationBodyBaseUrl The base url of the accreditaion body which holds and signs the required entity statement
|
|
132
|
+
* @param subordinatedEntityBaseUrl The url that identifies the subordinate entity
|
|
133
|
+
* @param options.appFetch An optional instance of the http client to be used.
|
|
134
|
+
* @returns The signed entity statement token
|
|
135
|
+
* @throws {IoWalletError} If the http request fails
|
|
136
|
+
*/
|
|
137
|
+
async function getSignedEntityStatement(accreditationBodyBaseUrl, subordinatedEntityBaseUrl) {
|
|
138
|
+
let {
|
|
139
|
+
appFetch = fetch
|
|
140
|
+
} = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : {};
|
|
141
|
+
const url = `${accreditationBodyBaseUrl}/fetch?${new URLSearchParams({
|
|
142
|
+
sub: subordinatedEntityBaseUrl
|
|
143
|
+
})}`;
|
|
144
|
+
return await appFetch(url, {
|
|
145
|
+
method: "GET"
|
|
146
|
+
}).then((0, _misc.hasStatus)(200)).then(res => res.text());
|
|
147
|
+
}
|
|
63
148
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_ioReactNativeJwt","require","_types","
|
|
1
|
+
{"version":3,"names":["_ioReactNativeJwt","require","_types","_chain","_misc","verifyTrustChain","trustAnchorEntity","chain","appFetch","fetch","renewOnFail","arguments","length","undefined","validateTrustChain","error","renewedChain","renewTrustChain","getSignedEntityConfiguration","entityBaseUrl","wellKnownUrl","method","then","hasStatus","res","text","fetchAndParseEntityConfiguration","schema","responseText","responseJwt","decodeJwt","parse","header","protectedHeader","payload","getWalletProviderEntityConfiguration","options","WalletProviderEntityConfiguration","exports","getCredentialIssuerEntityConfiguration","CredentialIssuerEntityConfiguration","getTrustAnchorEntityConfiguration","TrustAnchorEntityConfiguration","getRelyingPartyEntityConfiguration","RelyingPartyEntityConfiguration","getEntityConfiguration","EntityConfiguration","getEntityStatement","accreditationBodyBaseUrl","subordinatedEntityBaseUrl","getSignedEntityStatement","EntityStatement","url","URLSearchParams","sub"],"sourceRoot":"../../../src","sources":["trust/index.ts"],"mappings":";;;;;;;;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AACA,IAAAC,MAAA,GAAAD,OAAA;AAQA,IAAAE,MAAA,GAAAF,OAAA;AACA,IAAAG,KAAA,GAAAH,OAAA;AAWA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,eAAeI,gBAAgBA,CACpCC,iBAAiD,EACjDC,KAAe,EAKiC;EAAA,IAJhD;IACEC,QAAQ,GAAGC,KAAK;IAChBC,WAAW,GAAG;EAC4C,CAAC,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EAElE,IAAI;IACF,OAAO,IAAAG,yBAAkB,EAACR,iBAAiB,EAAEC,KAAK,CAAC;EACrD,CAAC,CAAC,OAAOQ,KAAK,EAAE;IACd,IAAIL,WAAW,EAAE;MACf,MAAMM,YAAY,GAAG,MAAM,IAAAC,sBAAe,EAACV,KAAK,EAAEC,QAAQ,CAAC;MAC3D,OAAO,IAAAM,yBAAkB,EAACR,iBAAiB,EAAEU,YAAY,CAAC;IAC5D,CAAC,MAAM;MACL,MAAMD,KAAK;IACb;EACF;AACF;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,eAAeG,4BAA4BA,CAChDC,aAAqB,EAMJ;EAAA,IALjB;IACEX,QAAQ,GAAGC;EAGb,CAAC,GAAAE,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EAEN,MAAMS,YAAY,GAAI,GAAED,aAAc,gCAA+B;EAErE,OAAO,MAAMX,QAAQ,CAACY,YAAY,EAAE;IAClCC,MAAM,EAAE;EACV,CAAC,CAAC,CACCC,IAAI,CAAC,IAAAC,eAAS,EAAC,GAAG,CAAC,CAAC,CACpBD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC;AAC9B;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAoCA,eAAeC,gCAAgCA,CAC7CP,aAAqB,EACrBQ,MAK8B,EAM9B;EAAA,IALA;IACEnB,QAAQ,GAAGC;EAGb,CAAC,GAAAE,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EAEN,MAAMiB,YAAY,GAAG,MAAMV,4BAA4B,CAACC,aAAa,EAAE;IACrEX;EACF,CAAC,CAAC;EAEF,MAAMqB,WAAW,GAAG,IAAAC,wBAAS,EAACF,YAAY,CAAC;EAC3C,OAAOD,MAAM,CAACI,KAAK,CAAC;IAClBC,MAAM,EAAEH,WAAW,CAACI,eAAe;IACnCC,OAAO,EAAEL,WAAW,CAACK;EACvB,CAAC,CAAC;AACJ;AAEO,MAAMC,oCAAoC,GAAGA,CAClDhB,aAAqE,EACrEiB,OAAgE,KAEhEV,gCAAgC,CAC9BP,aAAa,EACbkB,wCAAiC,EACjCD,OACF,CAAC;AAACE,OAAA,CAAAH,oCAAA,GAAAA,oCAAA;AAEG,MAAMI,sCAAsC,GAAGA,CACpDpB,aAAqE,EACrEiB,OAAgE,KAEhEV,gCAAgC,CAC9BP,aAAa,EACbqB,0CAAmC,EACnCJ,OACF,CAAC;AAACE,OAAA,CAAAC,sCAAA,GAAAA,sCAAA;AAEG,MAAME,iCAAiC,GAAGA,CAC/CtB,aAAqE,EACrEiB,OAAgE,KAEhEV,gCAAgC,CAC9BP,aAAa,EACbuB,qCAA8B,EAC9BN,OACF,CAAC;AAACE,OAAA,CAAAG,iCAAA,GAAAA,iCAAA;AAEG,MAAME,kCAAkC,GAAGA,CAChDxB,aAAqE,EACrEiB,OAAgE,KAEhEV,gCAAgC,CAC9BP,aAAa,EACbyB,sCAA+B,EAC/BR,OACF,CAAC;AAACE,OAAA,CAAAK,kCAAA,GAAAA,kCAAA;AAEG,MAAME,sBAAsB,GAAGA,CACpC1B,aAAqE,EACrEiB,OAAgE,KAEhEV,gCAAgC,CAACP,aAAa,EAAE2B,0BAAmB,EAAEV,OAAO,CAAC;;AAE/E;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AATAE,OAAA,CAAAO,sBAAA,GAAAA,sBAAA;AAUO,eAAeE,kBAAkBA,CACtCC,wBAAgC,EAChCC,yBAAiC,EAMjC;EAAA,IALA;IACEzC,QAAQ,GAAGC;EAGb,CAAC,GAAAE,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EAEN,MAAMiB,YAAY,GAAG,MAAMsB,wBAAwB,CACjDF,wBAAwB,EACxBC,yBAAyB,EACzB;IACEzC;EACF,CACF,CAAC;EAED,MAAMqB,WAAW,GAAG,IAAAC,wBAAS,EAACF,YAAY,CAAC;EAC3C,OAAOuB,sBAAe,CAACpB,KAAK,CAAC;IAC3BC,MAAM,EAAEH,WAAW,CAACI,eAAe;IACnCC,OAAO,EAAEL,WAAW,CAACK;EACvB,CAAC,CAAC;AACJ;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,eAAegB,wBAAwBA,CAC5CF,wBAAgC,EAChCC,yBAAiC,EAMjC;EAAA,IALA;IACEzC,QAAQ,GAAGC;EAGb,CAAC,GAAAE,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EAEN,MAAMyC,GAAG,GAAI,GAAEJ,wBAAyB,UAAS,IAAIK,eAAe,CAAC;IACnEC,GAAG,EAAEL;EACP,CAAC,CAAE,EAAC;EAEJ,OAAO,MAAMzC,QAAQ,CAAC4C,GAAG,EAAE;IACzB/B,MAAM,EAAE;EACV,CAAC,CAAC,CACCC,IAAI,CAAC,IAAAC,eAAS,EAAC,GAAG,CAAC,CAAC,CACpBD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC;AAC9B"}
|
|
@@ -13,10 +13,20 @@ const TrustMark = z.object({
|
|
|
13
13
|
id: z.string(),
|
|
14
14
|
trust_mark: z.string()
|
|
15
15
|
});
|
|
16
|
+
exports.TrustMark = TrustMark;
|
|
17
|
+
const RelyingPartyMetadata = z.object({
|
|
18
|
+
application_type: z.string().optional(),
|
|
19
|
+
client_id: z.string().optional(),
|
|
20
|
+
client_name: z.string().optional(),
|
|
21
|
+
jwks: z.object({
|
|
22
|
+
keys: z.array(_jwk.JWK)
|
|
23
|
+
}),
|
|
24
|
+
contacts: z.array(z.string()).optional()
|
|
25
|
+
});
|
|
26
|
+
//.passthrough();
|
|
16
27
|
|
|
17
28
|
// Display metadata for a credential, used by the issuer to
|
|
18
29
|
// instruct the Wallet Solution on how to render the credential correctly
|
|
19
|
-
exports.TrustMark = TrustMark;
|
|
20
30
|
const CredentialDisplayMetadata = z.object({
|
|
21
31
|
name: z.string(),
|
|
22
32
|
locale: z.string(),
|
|
@@ -27,14 +37,26 @@ const CredentialDisplayMetadata = z.object({
|
|
|
27
37
|
background_color: z.string(),
|
|
28
38
|
text_color: z.string()
|
|
29
39
|
});
|
|
40
|
+
const CredentialDefinitionMetadata = z.object({
|
|
41
|
+
type: z.array(z.string()),
|
|
42
|
+
credentialSubject: z.record(z.object({
|
|
43
|
+
mandatory: z.boolean(),
|
|
44
|
+
display: z.array(z.object({
|
|
45
|
+
name: z.string(),
|
|
46
|
+
locale: z.string()
|
|
47
|
+
}))
|
|
48
|
+
}))
|
|
49
|
+
});
|
|
30
50
|
|
|
31
51
|
// Metadata for a credentia which i supported by a Issuer
|
|
32
52
|
|
|
33
53
|
const SupportedCredentialMetadata = z.object({
|
|
54
|
+
id: z.string(),
|
|
34
55
|
format: z.literal("vc+sd-jwt"),
|
|
35
56
|
cryptographic_binding_methods_supported: z.array(z.string()),
|
|
36
57
|
cryptographic_suites_supported: z.array(z.string()),
|
|
37
|
-
display: z.array(CredentialDisplayMetadata)
|
|
58
|
+
display: z.array(CredentialDisplayMetadata),
|
|
59
|
+
credential_definition: CredentialDefinitionMetadata
|
|
38
60
|
});
|
|
39
61
|
const EntityStatement = z.object({
|
|
40
62
|
header: z.object({
|
|
@@ -59,9 +81,20 @@ const EntityConfigurationHeader = z.object({
|
|
|
59
81
|
alg: z.string(),
|
|
60
82
|
kid: z.string()
|
|
61
83
|
});
|
|
84
|
+
exports.EntityConfigurationHeader = EntityConfigurationHeader;
|
|
85
|
+
const FederationEntityMetadata = z.object({
|
|
86
|
+
federation_fetch_endpoint: z.string().optional(),
|
|
87
|
+
federation_list_endpoint: z.string().optional(),
|
|
88
|
+
federation_resolve_endpoint: z.string().optional(),
|
|
89
|
+
federation_trust_mark_status_endpoint: z.string().optional(),
|
|
90
|
+
federation_trust_mark_list_endpoint: z.string().optional(),
|
|
91
|
+
homepage_uri: z.string().optional(),
|
|
92
|
+
policy_uri: z.string().optional(),
|
|
93
|
+
logo_uri: z.string().optional(),
|
|
94
|
+
contacts: z.array(z.string()).optional()
|
|
95
|
+
}).passthrough();
|
|
62
96
|
|
|
63
97
|
// Structuire common to every Entity Configuration document
|
|
64
|
-
exports.EntityConfigurationHeader = EntityConfigurationHeader;
|
|
65
98
|
const BaseEntityConfiguration = z.object({
|
|
66
99
|
header: EntityConfigurationHeader,
|
|
67
100
|
payload: z.object({
|
|
@@ -73,17 +106,7 @@ const BaseEntityConfiguration = z.object({
|
|
|
73
106
|
keys: z.array(_jwk.JWK)
|
|
74
107
|
}),
|
|
75
108
|
metadata: z.object({
|
|
76
|
-
federation_entity:
|
|
77
|
-
federation_fetch_endpoint: z.string().optional(),
|
|
78
|
-
federation_list_endpoint: z.string().optional(),
|
|
79
|
-
federation_resolve_endpoint: z.string().optional(),
|
|
80
|
-
federation_trust_mark_status_endpoint: z.string().optional(),
|
|
81
|
-
federation_trust_mark_list_endpoint: z.string().optional(),
|
|
82
|
-
homepage_uri: z.string().optional(),
|
|
83
|
-
policy_uri: z.string().optional(),
|
|
84
|
-
logo_uri: z.string().optional(),
|
|
85
|
-
contacts: z.array(z.string()).optional()
|
|
86
|
-
}).passthrough()
|
|
109
|
+
federation_entity: FederationEntityMetadata
|
|
87
110
|
}).passthrough(),
|
|
88
111
|
authority_hints: z.array(z.string()).optional()
|
|
89
112
|
}).passthrough()
|
|
@@ -112,13 +135,27 @@ const CredentialIssuerEntityConfiguration = BaseEntityConfiguration.and(z.object
|
|
|
112
135
|
jwks: z.object({
|
|
113
136
|
keys: z.array(_jwk.JWK)
|
|
114
137
|
})
|
|
115
|
-
})
|
|
138
|
+
}),
|
|
139
|
+
/** Credential Issuers act as Relying Party
|
|
140
|
+
when they require the presentation of other credentials.
|
|
141
|
+
This does not apply for PID issuance, which requires CIE authz. */
|
|
142
|
+
wallet_relying_party: RelyingPartyMetadata.optional()
|
|
116
143
|
})
|
|
117
144
|
})
|
|
118
145
|
}));
|
|
119
146
|
|
|
120
|
-
// Entity configuration for a
|
|
147
|
+
// Entity configuration for a Relying Party
|
|
121
148
|
exports.CredentialIssuerEntityConfiguration = CredentialIssuerEntityConfiguration;
|
|
149
|
+
const RelyingPartyEntityConfiguration = BaseEntityConfiguration.and(z.object({
|
|
150
|
+
payload: z.object({
|
|
151
|
+
metadata: z.object({
|
|
152
|
+
wallet_relying_party: RelyingPartyMetadata
|
|
153
|
+
})
|
|
154
|
+
})
|
|
155
|
+
}));
|
|
156
|
+
|
|
157
|
+
// Entity configuration for a Wallet Provider
|
|
158
|
+
exports.RelyingPartyEntityConfiguration = RelyingPartyEntityConfiguration;
|
|
122
159
|
const WalletProviderEntityConfiguration = BaseEntityConfiguration.and(z.object({
|
|
123
160
|
payload: z.object({
|
|
124
161
|
metadata: z.object({
|
|
@@ -136,26 +173,8 @@ const WalletProviderEntityConfiguration = BaseEntityConfiguration.and(z.object({
|
|
|
136
173
|
})
|
|
137
174
|
}));
|
|
138
175
|
|
|
139
|
-
// Entity configuration for a Relying Party
|
|
140
|
-
exports.WalletProviderEntityConfiguration = WalletProviderEntityConfiguration;
|
|
141
|
-
const RelyingPartyEntityConfiguration = BaseEntityConfiguration.and(z.object({
|
|
142
|
-
payload: z.object({
|
|
143
|
-
metadata: z.object({
|
|
144
|
-
wallet_relying_party: z.object({
|
|
145
|
-
application_type: z.string().optional(),
|
|
146
|
-
client_id: z.string().optional(),
|
|
147
|
-
client_name: z.string().optional(),
|
|
148
|
-
jwks: z.object({
|
|
149
|
-
keys: z.array(_jwk.JWK)
|
|
150
|
-
}),
|
|
151
|
-
contacts: z.array(z.string()).optional()
|
|
152
|
-
}).passthrough()
|
|
153
|
-
})
|
|
154
|
-
})
|
|
155
|
-
}));
|
|
156
|
-
|
|
157
176
|
// Maps any entity configuration by the union of every possible shapes
|
|
158
|
-
exports.
|
|
177
|
+
exports.WalletProviderEntityConfiguration = WalletProviderEntityConfiguration;
|
|
159
178
|
const EntityConfiguration = z.union([WalletProviderEntityConfiguration, CredentialIssuerEntityConfiguration, TrustAnchorEntityConfiguration, RelyingPartyEntityConfiguration], {
|
|
160
179
|
description: "Any kind of Entity Configuration allowed in the ecosystem"
|
|
161
180
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_types","require","_jwk","z","_interopRequireWildcard","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","TrustMark","object","id","string","trust_mark","exports","CredentialDisplayMetadata","name","locale","logo","url","alt_text","background_color","text_color","
|
|
1
|
+
{"version":3,"names":["_types","require","_jwk","z","_interopRequireWildcard","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","TrustMark","object","id","string","trust_mark","exports","RelyingPartyMetadata","application_type","optional","client_id","client_name","jwks","keys","array","JWK","contacts","CredentialDisplayMetadata","name","locale","logo","url","alt_text","background_color","text_color","CredentialDefinitionMetadata","type","credentialSubject","record","mandatory","boolean","display","SupportedCredentialMetadata","format","literal","cryptographic_binding_methods_supported","cryptographic_suites_supported","credential_definition","EntityStatement","header","typ","alg","kid","payload","iss","sub","trust_marks","iat","number","exp","EntityConfigurationHeader","FederationEntityMetadata","federation_fetch_endpoint","federation_list_endpoint","federation_resolve_endpoint","federation_trust_mark_status_endpoint","federation_trust_mark_list_endpoint","homepage_uri","policy_uri","logo_uri","passthrough","BaseEntityConfiguration","UnixTime","metadata","federation_entity","authority_hints","TrustAnchorEntityConfiguration","CredentialIssuerEntityConfiguration","and","openid_credential_issuer","credential_issuer","authorization_endpoint","token_endpoint","pushed_authorization_request_endpoint","dpop_signing_alg_values_supported","credential_endpoint","credentials_supported","wallet_relying_party","RelyingPartyEntityConfiguration","WalletProviderEntityConfiguration","wallet_provider","attested_security_context_values_supported","grant_types_supported","token_endpoint_auth_methods_supported","token_endpoint_auth_signing_alg_values_supported","EntityConfiguration","union","description"],"sourceRoot":"../../../src","sources":["trust/types.ts"],"mappings":";;;;;;AAAA,IAAAA,MAAA,GAAAC,OAAA;AACA,IAAAC,IAAA,GAAAD,OAAA;AACA,IAAAE,CAAA,GAAAC,uBAAA,CAAAH,OAAA;AAAyB,SAAAI,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAF,wBAAAM,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAElB,MAAMW,SAAS,GAAGxB,CAAC,CAACyB,MAAM,CAAC;EAAEC,EAAE,EAAE1B,CAAC,CAAC2B,MAAM,CAAC,CAAC;EAAEC,UAAU,EAAE5B,CAAC,CAAC2B,MAAM,CAAC;AAAE,CAAC,CAAC;AAACE,OAAA,CAAAL,SAAA,GAAAA,SAAA;AAG9E,MAAMM,oBAAoB,GAAG9B,CAAC,CAACyB,MAAM,CAAC;EACpCM,gBAAgB,EAAE/B,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;EACvCC,SAAS,EAAEjC,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;EAChCE,WAAW,EAAElC,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;EAClCG,IAAI,EAAEnC,CAAC,CAACyB,MAAM,CAAC;IAAEW,IAAI,EAAEpC,CAAC,CAACqC,KAAK,CAACC,QAAG;EAAE,CAAC,CAAC;EACtCC,QAAQ,EAAEvC,CAAC,CAACqC,KAAK,CAACrC,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAAC,CAACK,QAAQ,CAAC;AACzC,CAAC,CAAC;AACF;;AAEA;AACA;AAEA,MAAMQ,yBAAyB,GAAGxC,CAAC,CAACyB,MAAM,CAAC;EACzCgB,IAAI,EAAEzC,CAAC,CAAC2B,MAAM,CAAC,CAAC;EAChBe,MAAM,EAAE1C,CAAC,CAAC2B,MAAM,CAAC,CAAC;EAClBgB,IAAI,EAAE3C,CAAC,CAACyB,MAAM,CAAC;IACbmB,GAAG,EAAE5C,CAAC,CAAC2B,MAAM,CAAC,CAAC;IACfkB,QAAQ,EAAE7C,CAAC,CAAC2B,MAAM,CAAC;EACrB,CAAC,CAAC;EACFmB,gBAAgB,EAAE9C,CAAC,CAAC2B,MAAM,CAAC,CAAC;EAC5BoB,UAAU,EAAE/C,CAAC,CAAC2B,MAAM,CAAC;AACvB,CAAC,CAAC;AAKF,MAAMqB,4BAA4B,GAAGhD,CAAC,CAACyB,MAAM,CAAC;EAC5CwB,IAAI,EAAEjD,CAAC,CAACqC,KAAK,CAACrC,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAAC;EACzBuB,iBAAiB,EAAElD,CAAC,CAACmD,MAAM,CACzBnD,CAAC,CAACyB,MAAM,CAAC;IACP2B,SAAS,EAAEpD,CAAC,CAACqD,OAAO,CAAC,CAAC;IACtBC,OAAO,EAAEtD,CAAC,CAACqC,KAAK,CAACrC,CAAC,CAACyB,MAAM,CAAC;MAAEgB,IAAI,EAAEzC,CAAC,CAAC2B,MAAM,CAAC,CAAC;MAAEe,MAAM,EAAE1C,CAAC,CAAC2B,MAAM,CAAC;IAAE,CAAC,CAAC;EACrE,CAAC,CACH;AACF,CAAC,CAAC;;AAEF;;AAEA,MAAM4B,2BAA2B,GAAGvD,CAAC,CAACyB,MAAM,CAAC;EAC3CC,EAAE,EAAE1B,CAAC,CAAC2B,MAAM,CAAC,CAAC;EACd6B,MAAM,EAAExD,CAAC,CAACyD,OAAO,CAAC,WAAW,CAAC;EAC9BC,uCAAuC,EAAE1D,CAAC,CAACqC,KAAK,CAACrC,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAAC;EAC5DgC,8BAA8B,EAAE3D,CAAC,CAACqC,KAAK,CAACrC,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAAC;EACnD2B,OAAO,EAAEtD,CAAC,CAACqC,KAAK,CAACG,yBAAyB,CAAC;EAC3CoB,qBAAqB,EAAEZ;AACzB,CAAC,CAAC;AAGK,MAAMa,eAAe,GAAG7D,CAAC,CAACyB,MAAM,CAAC;EACtCqC,MAAM,EAAE9D,CAAC,CAACyB,MAAM,CAAC;IACfsC,GAAG,EAAE/D,CAAC,CAACyD,OAAO,CAAC,sBAAsB,CAAC;IACtCO,GAAG,EAAEhE,CAAC,CAAC2B,MAAM,CAAC,CAAC;IACfsC,GAAG,EAAEjE,CAAC,CAAC2B,MAAM,CAAC;EAChB,CAAC,CAAC;EACFuC,OAAO,EAAElE,CAAC,CAACyB,MAAM,CAAC;IAChB0C,GAAG,EAAEnE,CAAC,CAAC2B,MAAM,CAAC,CAAC;IACfyC,GAAG,EAAEpE,CAAC,CAAC2B,MAAM,CAAC,CAAC;IACfQ,IAAI,EAAEnC,CAAC,CAACyB,MAAM,CAAC;MAAEW,IAAI,EAAEpC,CAAC,CAACqC,KAAK,CAACC,QAAG;IAAE,CAAC,CAAC;IACtC+B,WAAW,EAAErE,CAAC,CAACqC,KAAK,CAACb,SAAS,CAAC;IAC/B8C,GAAG,EAAEtE,CAAC,CAACuE,MAAM,CAAC,CAAC;IACfC,GAAG,EAAExE,CAAC,CAACuE,MAAM,CAAC;EAChB,CAAC;AACH,CAAC,CAAC;AAAC1C,OAAA,CAAAgC,eAAA,GAAAA,eAAA;AAKI,MAAMY,yBAAyB,GAAGzE,CAAC,CAACyB,MAAM,CAAC;EAChDsC,GAAG,EAAE/D,CAAC,CAACyD,OAAO,CAAC,sBAAsB,CAAC;EACtCO,GAAG,EAAEhE,CAAC,CAAC2B,MAAM,CAAC,CAAC;EACfsC,GAAG,EAAEjE,CAAC,CAAC2B,MAAM,CAAC;AAChB,CAAC,CAAC;AAACE,OAAA,CAAA4C,yBAAA,GAAAA,yBAAA;AAEH,MAAMC,wBAAwB,GAAG1E,CAAC,CAC/ByB,MAAM,CAAC;EACNkD,yBAAyB,EAAE3E,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;EAChD4C,wBAAwB,EAAE5E,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;EAC/C6C,2BAA2B,EAAE7E,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;EAClD8C,qCAAqC,EAAE9E,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;EAC5D+C,mCAAmC,EAAE/E,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;EAC1DgD,YAAY,EAAEhF,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;EACnCiD,UAAU,EAAEjF,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;EACjCkD,QAAQ,EAAElF,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;EAC/BO,QAAQ,EAAEvC,CAAC,CAACqC,KAAK,CAACrC,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAAC,CAACK,QAAQ,CAAC;AACzC,CAAC,CAAC,CACDmD,WAAW,CAAC,CAAC;;AAEhB;AACA,MAAMC,uBAAuB,GAAGpF,CAAC,CAACyB,MAAM,CAAC;EACvCqC,MAAM,EAAEW,yBAAyB;EACjCP,OAAO,EAAElE,CAAC,CACPyB,MAAM,CAAC;IACN+C,GAAG,EAAEa,eAAQ;IACbf,GAAG,EAAEe,eAAQ;IACblB,GAAG,EAAEnE,CAAC,CAAC2B,MAAM,CAAC,CAAC;IACfyC,GAAG,EAAEpE,CAAC,CAAC2B,MAAM,CAAC,CAAC;IACfQ,IAAI,EAAEnC,CAAC,CAACyB,MAAM,CAAC;MACbW,IAAI,EAAEpC,CAAC,CAACqC,KAAK,CAACC,QAAG;IACnB,CAAC,CAAC;IACFgD,QAAQ,EAAEtF,CAAC,CACRyB,MAAM,CAAC;MACN8D,iBAAiB,EAAEb;IACrB,CAAC,CAAC,CACDS,WAAW,CAAC,CAAC;IAChBK,eAAe,EAAExF,CAAC,CAACqC,KAAK,CAACrC,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAAC,CAACK,QAAQ,CAAC;EAChD,CAAC,CAAC,CACDmD,WAAW,CAAC;AACjB,CAAC,CAAC;;AAEF;;AAIO,MAAMM,8BAA8B,GAAGL,uBAAuB;;AAErE;AAAAvD,OAAA,CAAA4D,8BAAA,GAAAA,8BAAA;AAIO,MAAMC,mCAAmC,GAAGN,uBAAuB,CAACO,GAAG,CAC5E3F,CAAC,CAACyB,MAAM,CAAC;EACPyC,OAAO,EAAElE,CAAC,CAACyB,MAAM,CAAC;IAChBU,IAAI,EAAEnC,CAAC,CAACyB,MAAM,CAAC;MAAEW,IAAI,EAAEpC,CAAC,CAACqC,KAAK,CAACC,QAAG;IAAE,CAAC,CAAC;IACtCgD,QAAQ,EAAEtF,CAAC,CAACyB,MAAM,CAAC;MACjBmE,wBAAwB,EAAE5F,CAAC,CAACyB,MAAM,CAAC;QACjCoE,iBAAiB,EAAE7F,CAAC,CAAC2B,MAAM,CAAC,CAAC;QAC7BmE,sBAAsB,EAAE9F,CAAC,CAAC2B,MAAM,CAAC,CAAC;QAClCoE,cAAc,EAAE/F,CAAC,CAAC2B,MAAM,CAAC,CAAC;QAC1BqE,qCAAqC,EAAEhG,CAAC,CAAC2B,MAAM,CAAC,CAAC;QACjDsE,iCAAiC,EAAEjG,CAAC,CAACqC,KAAK,CAACrC,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAAC;QACtDuE,mBAAmB,EAAElG,CAAC,CAAC2B,MAAM,CAAC,CAAC;QAC/BwE,qBAAqB,EAAEnG,CAAC,CAACqC,KAAK,CAACkB,2BAA2B,CAAC;QAC3DpB,IAAI,EAAEnC,CAAC,CAACyB,MAAM,CAAC;UAAEW,IAAI,EAAEpC,CAAC,CAACqC,KAAK,CAACC,QAAG;QAAE,CAAC;MACvC,CAAC,CAAC;MACF;AACR;AACA;MACQ8D,oBAAoB,EAAEtE,oBAAoB,CAACE,QAAQ,CAAC;IACtD,CAAC;EACH,CAAC;AACH,CAAC,CACH,CAAC;;AAED;AAAAH,OAAA,CAAA6D,mCAAA,GAAAA,mCAAA;AAIO,MAAMW,+BAA+B,GAAGjB,uBAAuB,CAACO,GAAG,CACxE3F,CAAC,CAACyB,MAAM,CAAC;EACPyC,OAAO,EAAElE,CAAC,CAACyB,MAAM,CAAC;IAChB6D,QAAQ,EAAEtF,CAAC,CAACyB,MAAM,CAAC;MACjB2E,oBAAoB,EAAEtE;IACxB,CAAC;EACH,CAAC;AACH,CAAC,CACH,CAAC;;AAED;AAAAD,OAAA,CAAAwE,+BAAA,GAAAA,+BAAA;AAIO,MAAMC,iCAAiC,GAAGlB,uBAAuB,CAACO,GAAG,CAC1E3F,CAAC,CAACyB,MAAM,CAAC;EACPyC,OAAO,EAAElE,CAAC,CAACyB,MAAM,CAAC;IAChB6D,QAAQ,EAAEtF,CAAC,CAACyB,MAAM,CAAC;MACjB8E,eAAe,EAAEvG,CAAC,CACfyB,MAAM,CAAC;QACNsE,cAAc,EAAE/F,CAAC,CAAC2B,MAAM,CAAC,CAAC;QAC1B6E,0CAA0C,EAAExG,CAAC,CAC1CqC,KAAK,CAACrC,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAAC,CACjBK,QAAQ,CAAC,CAAC;QACbyE,qBAAqB,EAAEzG,CAAC,CAACqC,KAAK,CAACrC,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAAC;QAC1C+E,qCAAqC,EAAE1G,CAAC,CAACqC,KAAK,CAACrC,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAAC;QAC1DgF,gDAAgD,EAAE3G,CAAC,CAACqC,KAAK,CACvDrC,CAAC,CAAC2B,MAAM,CAAC,CACX,CAAC;QACDQ,IAAI,EAAEnC,CAAC,CAACyB,MAAM,CAAC;UAAEW,IAAI,EAAEpC,CAAC,CAACqC,KAAK,CAACC,QAAG;QAAE,CAAC;MACvC,CAAC,CAAC,CACD6C,WAAW,CAAC;IACjB,CAAC;EACH,CAAC;AACH,CAAC,CACH,CAAC;;AAED;AAAAtD,OAAA,CAAAyE,iCAAA,GAAAA,iCAAA;AAEO,MAAMM,mBAAmB,GAAG5G,CAAC,CAAC6G,KAAK,CACxC,CACEP,iCAAiC,EACjCZ,mCAAmC,EACnCD,8BAA8B,EAC9BY,+BAA+B,CAChC,EACD;EACES,WAAW,EAAE;AACf,CACF,CAAC;AAACjF,OAAA,CAAA+E,mBAAA,GAAAA,mBAAA"}
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
Object.defineProperty(exports, "__esModule", {
|
|
4
4
|
value: true
|
|
5
5
|
});
|
|
6
|
-
exports.
|
|
6
|
+
exports.withEphemeralKey = exports.createCryptoContextFor = void 0;
|
|
7
7
|
var _ioReactNativeCrypto = require("@pagopa/io-react-native-crypto");
|
|
8
8
|
var _reactNativeUuid = _interopRequireDefault(require("react-native-uuid"));
|
|
9
9
|
var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
|
|
@@ -45,20 +45,6 @@ const createCryptoContextFor = keytag => {
|
|
|
45
45
|
};
|
|
46
46
|
};
|
|
47
47
|
|
|
48
|
-
// Wraps finally for async expressions
|
|
49
|
-
exports.createCryptoContextFor = createCryptoContextFor;
|
|
50
|
-
const asyncFinally = (fn, onFinally) => async function () {
|
|
51
|
-
try {
|
|
52
|
-
return await fn(...arguments);
|
|
53
|
-
// ^^^^^ return await is usually to be avoided,
|
|
54
|
-
// in this case is needed for the finally{} statement to be executed correctly
|
|
55
|
-
} catch (error) {
|
|
56
|
-
throw error;
|
|
57
|
-
} finally {
|
|
58
|
-
await onFinally();
|
|
59
|
-
}
|
|
60
|
-
};
|
|
61
|
-
|
|
62
48
|
/**
|
|
63
49
|
* Executes the input function injecting an ephemeral crypto context.
|
|
64
50
|
* An ephemeral crypto context is a context which is bound to a key
|
|
@@ -67,12 +53,13 @@ const asyncFinally = (fn, onFinally) => async function () {
|
|
|
67
53
|
* @param fn The procedure to be executed
|
|
68
54
|
* @returns The returned value of the input procedure.
|
|
69
55
|
*/
|
|
70
|
-
|
|
56
|
+
exports.createCryptoContextFor = createCryptoContextFor;
|
|
57
|
+
const withEphemeralKey = async fn => {
|
|
71
58
|
// Use an ephemeral key to be destroyed after use
|
|
72
59
|
const keytag = `ephemeral-${_reactNativeUuid.default.v4()}`;
|
|
73
60
|
await (0, _ioReactNativeCrypto.generate)(keytag);
|
|
74
61
|
const ephemeralContext = createCryptoContextFor(keytag);
|
|
75
|
-
return
|
|
62
|
+
return fn(ephemeralContext).finally(() => (0, _ioReactNativeCrypto.deleteKey)(keytag));
|
|
76
63
|
};
|
|
77
|
-
exports.
|
|
64
|
+
exports.withEphemeralKey = withEphemeralKey;
|
|
78
65
|
//# sourceMappingURL=crypto.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_ioReactNativeCrypto","require","_reactNativeUuid","_interopRequireDefault","_ioReactNativeJwt","_jwk","obj","__esModule","default","createCryptoContextFor","keytag","getPublicKey","then","fixBase64EncodingOnKey","jwk","kid","thumbprint","getSignature","value","sign","exports","
|
|
1
|
+
{"version":3,"names":["_ioReactNativeCrypto","require","_reactNativeUuid","_interopRequireDefault","_ioReactNativeJwt","_jwk","obj","__esModule","default","createCryptoContextFor","keytag","getPublicKey","then","fixBase64EncodingOnKey","jwk","kid","thumbprint","getSignature","value","sign","exports","withEphemeralKey","fn","uuid","v4","generate","ephemeralContext","finally","deleteKey"],"sourceRoot":"../../../src","sources":["utils/crypto.ts"],"mappings":";;;;;;AAAA,IAAAA,oBAAA,GAAAC,OAAA;AAMA,IAAAC,gBAAA,GAAAC,sBAAA,CAAAF,OAAA;AACA,IAAAG,iBAAA,GAAAH,OAAA;AACA,IAAAI,IAAA,GAAAJ,OAAA;AAA+C,SAAAE,uBAAAG,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAE/C;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMG,sBAAsB,GAAIC,MAAc,IAAoB;EACvE,OAAO;IACL;AACJ;AACA;AACA;AACA;IACI,MAAMC,YAAYA,CAAA,EAAG;MACnB,OAAO,IAAAA,iCAAY,EAACD,MAAM,CAAC,CACxBE,IAAI,CAACC,2BAAsB,CAAC,CAC5BD,IAAI,CAAC,MAAOE,GAAG,KAAM;QACpB,GAAGA,GAAG;QACN;QACA;QACA;QACA;QACAC,GAAG,EAAE,MAAM,IAAAC,4BAAU,EAACF,GAAG;MAC3B,CAAC,CAAC,CAAC;IACP,CAAC;IACD;AACJ;AACA;AACA;AACA;AACA;IACI,MAAMG,YAAYA,CAACC,KAAa,EAAE;MAChC,OAAO,IAAAC,yBAAI,EAACD,KAAK,EAAER,MAAM,CAAC;IAC5B;EACF,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAPAU,OAAA,CAAAX,sBAAA,GAAAA,sBAAA;AAQO,MAAMY,gBAAgB,GAAG,MAC9BC,EAAmD,IACpC;EACf;EACA,MAAMZ,MAAM,GAAI,aAAYa,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;EACvC,MAAM,IAAAC,6BAAQ,EAACf,MAAM,CAAC;EACtB,MAAMgB,gBAAgB,GAAGjB,sBAAsB,CAACC,MAAM,CAAC;EACvD,OAAOY,EAAE,CAACI,gBAAgB,CAAC,CAACC,OAAO,CAAC,MAAM,IAAAC,8BAAS,EAAClB,MAAM,CAAC,CAAC;AAC9D,CAAC;AAACU,OAAA,CAAAC,gBAAA,GAAAA,gBAAA"}
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
|
|
3
|
+
Object.defineProperty(exports, "__esModule", {
|
|
4
|
+
value: true
|
|
5
|
+
});
|
|
6
|
+
exports.hasStatus = void 0;
|
|
7
|
+
var _errors = require("./errors");
|
|
8
|
+
/**
|
|
9
|
+
* Check if a response is in the expected status, other
|
|
10
|
+
* @param status The expected status
|
|
11
|
+
* @returns The given response object
|
|
12
|
+
*/
|
|
13
|
+
const hasStatus = status => res => {
|
|
14
|
+
if (res.status !== status) {
|
|
15
|
+
throw new _errors.IoWalletError(`Http request failed. Expected ${status}, got ${res.status}, url: ${res.url}`);
|
|
16
|
+
}
|
|
17
|
+
return res;
|
|
18
|
+
};
|
|
19
|
+
|
|
20
|
+
// extract a type from an async function output
|
|
21
|
+
// helpful to bind the input of a function to the output of another
|
|
22
|
+
exports.hasStatus = hasStatus;
|
|
23
|
+
//# sourceMappingURL=misc.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["_errors","require","hasStatus","status","res","IoWalletError","url","exports"],"sourceRoot":"../../../src","sources":["utils/misc.ts"],"mappings":";;;;;;AAAA,IAAAA,OAAA,GAAAC,OAAA;AAEA;AACA;AACA;AACA;AACA;AACO,MAAMC,SAAS,GACnBC,MAAc,IACdC,GAAa,IAAe;EAC3B,IAAIA,GAAG,CAACD,MAAM,KAAKA,MAAM,EAAE;IACzB,MAAM,IAAIE,qBAAa,CACpB,iCAAgCF,MAAO,SAAQC,GAAG,CAACD,MAAO,UAASC,GAAG,CAACE,GAAI,EAC9E,CAAC;EACH;EACA,OAAOF,GAAG;AACZ,CAAC;;AAEH;AACA;AAAAG,OAAA,CAAAL,SAAA,GAAAA,SAAA"}
|