@pagopa/io-react-native-wallet 0.7.4 → 0.9.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +49 -31
- package/lib/commonjs/credential/index.js +13 -0
- package/lib/commonjs/credential/index.js.map +1 -0
- package/lib/commonjs/credential/issuance/01-start-flow.js +2 -0
- package/lib/commonjs/credential/issuance/01-start-flow.js.map +1 -0
- package/lib/commonjs/credential/issuance/02-evaluate-issuer-trust.js +26 -0
- package/lib/commonjs/credential/issuance/02-evaluate-issuer-trust.js.map +1 -0
- package/lib/commonjs/credential/issuance/03-start-user-authorization.js +119 -0
- package/lib/commonjs/credential/issuance/03-start-user-authorization.js.map +1 -0
- package/lib/commonjs/credential/issuance/04-complete-user-authorization.js +6 -0
- package/lib/commonjs/credential/issuance/04-complete-user-authorization.js.map +1 -0
- package/lib/commonjs/credential/issuance/05-authorize-access.js +63 -0
- package/lib/commonjs/credential/issuance/05-authorize-access.js.map +1 -0
- package/lib/commonjs/credential/issuance/06-obtain-credential.js +128 -0
- package/lib/commonjs/credential/issuance/06-obtain-credential.js.map +1 -0
- package/lib/commonjs/credential/issuance/07-confirm-credential.js +6 -0
- package/lib/commonjs/credential/issuance/07-confirm-credential.js.map +1 -0
- package/lib/commonjs/credential/issuance/const.js +9 -0
- package/lib/commonjs/credential/issuance/const.js.map +1 -0
- package/lib/commonjs/credential/issuance/index.js +34 -0
- package/lib/commonjs/credential/issuance/index.js.map +1 -0
- package/lib/commonjs/credential/presentation/01-start-flow.js +55 -0
- package/lib/commonjs/credential/presentation/01-start-flow.js.map +1 -0
- package/lib/commonjs/credential/presentation/02-evaluate-rp-trust.js +32 -0
- package/lib/commonjs/credential/presentation/02-evaluate-rp-trust.js.map +1 -0
- package/lib/commonjs/credential/presentation/03-get-request-object.js +68 -0
- package/lib/commonjs/credential/presentation/03-get-request-object.js.map +1 -0
- package/lib/commonjs/credential/presentation/04-send-authorization-response.js +139 -0
- package/lib/commonjs/credential/presentation/04-send-authorization-response.js.map +1 -0
- package/lib/commonjs/credential/presentation/index.js +34 -0
- package/lib/commonjs/credential/presentation/index.js.map +1 -0
- package/lib/commonjs/{rp → credential/presentation}/types.js +17 -34
- package/lib/commonjs/credential/presentation/types.js.map +1 -0
- package/lib/commonjs/index.js +10 -61
- package/lib/commonjs/index.js.map +1 -1
- package/lib/commonjs/pid/index.js +1 -3
- package/lib/commonjs/pid/index.js.map +1 -1
- package/lib/commonjs/sd-jwt/index.js +1 -1
- package/lib/commonjs/sd-jwt/index.js.map +1 -1
- package/lib/commonjs/sd-jwt/types.js +1 -1
- package/lib/commonjs/sd-jwt/types.js.map +1 -1
- package/lib/commonjs/trust/chain.js +32 -4
- package/lib/commonjs/trust/chain.js.map +1 -1
- package/lib/commonjs/trust/index.js +105 -20
- package/lib/commonjs/trust/index.js.map +1 -1
- package/lib/commonjs/trust/types.js +54 -35
- package/lib/commonjs/trust/types.js.map +1 -1
- package/lib/commonjs/utils/crypto.js +5 -18
- package/lib/commonjs/utils/crypto.js.map +1 -1
- package/lib/commonjs/utils/misc.js +23 -0
- package/lib/commonjs/utils/misc.js.map +1 -0
- package/lib/commonjs/utils/par.js +86 -0
- package/lib/commonjs/utils/par.js.map +1 -0
- package/lib/module/credential/index.js +4 -0
- package/lib/module/credential/index.js.map +1 -0
- package/lib/module/credential/issuance/01-start-flow.js +2 -0
- package/lib/module/credential/issuance/01-start-flow.js.map +1 -0
- package/lib/module/credential/issuance/02-evaluate-issuer-trust.js +19 -0
- package/lib/module/credential/issuance/02-evaluate-issuer-trust.js.map +1 -0
- package/lib/module/credential/issuance/03-start-user-authorization.js +109 -0
- package/lib/module/credential/issuance/03-start-user-authorization.js.map +1 -0
- package/lib/module/credential/issuance/04-complete-user-authorization.js +2 -0
- package/lib/module/credential/issuance/04-complete-user-authorization.js.map +1 -0
- package/lib/module/credential/issuance/05-authorize-access.js +55 -0
- package/lib/module/credential/issuance/05-authorize-access.js.map +1 -0
- package/lib/module/credential/issuance/06-obtain-credential.js +117 -0
- package/lib/module/credential/issuance/06-obtain-credential.js.map +1 -0
- package/lib/module/credential/issuance/07-confirm-credential.js +2 -0
- package/lib/module/credential/issuance/07-confirm-credential.js.map +1 -0
- package/lib/module/credential/issuance/const.js +2 -0
- package/lib/module/credential/issuance/const.js.map +1 -0
- package/lib/module/credential/issuance/index.js +6 -0
- package/lib/module/credential/issuance/index.js.map +1 -0
- package/lib/module/credential/presentation/01-start-flow.js +46 -0
- package/lib/module/credential/presentation/01-start-flow.js.map +1 -0
- package/lib/module/credential/presentation/02-evaluate-rp-trust.js +25 -0
- package/lib/module/credential/presentation/02-evaluate-rp-trust.js.map +1 -0
- package/lib/module/credential/presentation/03-get-request-object.js +60 -0
- package/lib/module/credential/presentation/03-get-request-object.js.map +1 -0
- package/lib/module/credential/presentation/04-send-authorization-response.js +128 -0
- package/lib/module/credential/presentation/04-send-authorization-response.js.map +1 -0
- package/lib/module/credential/presentation/index.js +6 -0
- package/lib/module/credential/presentation/index.js.map +1 -0
- package/lib/module/credential/presentation/types.js +21 -0
- package/lib/module/credential/presentation/types.js.map +1 -0
- package/lib/module/index.js +4 -5
- package/lib/module/index.js.map +1 -1
- package/lib/module/pid/index.js +1 -2
- package/lib/module/pid/index.js.map +1 -1
- package/lib/module/sd-jwt/index.js +1 -1
- package/lib/module/sd-jwt/index.js.map +1 -1
- package/lib/module/sd-jwt/types.js +1 -1
- package/lib/module/sd-jwt/types.js.map +1 -1
- package/lib/module/trust/chain.js +30 -3
- package/lib/module/trust/chain.js.map +1 -1
- package/lib/module/trust/index.js +99 -16
- package/lib/module/trust/index.js.map +1 -1
- package/lib/module/trust/types.js +50 -31
- package/lib/module/trust/types.js.map +1 -1
- package/lib/module/utils/crypto.js +2 -15
- package/lib/module/utils/crypto.js.map +1 -1
- package/lib/module/utils/misc.js +17 -0
- package/lib/module/utils/misc.js.map +1 -0
- package/lib/module/utils/par.js +74 -0
- package/lib/module/utils/par.js.map +1 -0
- package/lib/typescript/credential/index.d.ts +4 -0
- package/lib/typescript/credential/index.d.ts.map +1 -0
- package/lib/typescript/credential/issuance/01-start-flow.d.ts +11 -0
- package/lib/typescript/credential/issuance/01-start-flow.d.ts.map +1 -0
- package/lib/typescript/credential/issuance/02-evaluate-issuer-trust.d.ts +18 -0
- package/lib/typescript/credential/issuance/02-evaluate-issuer-trust.d.ts.map +1 -0
- package/lib/typescript/credential/issuance/03-start-user-authorization.d.ts +31 -0
- package/lib/typescript/credential/issuance/03-start-user-authorization.d.ts.map +1 -0
- package/lib/typescript/credential/issuance/04-complete-user-authorization.d.ts +16 -0
- package/lib/typescript/credential/issuance/04-complete-user-authorization.d.ts.map +1 -0
- package/lib/typescript/credential/issuance/05-authorize-access.d.ts +26 -0
- package/lib/typescript/credential/issuance/05-authorize-access.d.ts.map +1 -0
- package/lib/typescript/credential/issuance/06-obtain-credential.d.ts +32 -0
- package/lib/typescript/credential/issuance/06-obtain-credential.d.ts.map +1 -0
- package/lib/typescript/credential/issuance/07-confirm-credential.d.ts +11 -0
- package/lib/typescript/credential/issuance/07-confirm-credential.d.ts.map +1 -0
- package/lib/typescript/credential/issuance/const.d.ts +2 -0
- package/lib/typescript/credential/issuance/const.d.ts.map +1 -0
- package/lib/typescript/credential/issuance/index.d.ts +10 -0
- package/lib/typescript/credential/issuance/index.d.ts.map +1 -0
- package/lib/typescript/credential/presentation/01-start-flow.d.ts +20 -0
- package/lib/typescript/credential/presentation/01-start-flow.d.ts.map +1 -0
- package/lib/typescript/credential/presentation/02-evaluate-rp-trust.d.ts +18 -0
- package/lib/typescript/credential/presentation/02-evaluate-rp-trust.d.ts.map +1 -0
- package/lib/typescript/credential/presentation/03-get-request-object.d.ts +25 -0
- package/lib/typescript/credential/presentation/03-get-request-object.d.ts.map +1 -0
- package/lib/typescript/credential/presentation/04-send-authorization-response.d.ts +34 -0
- package/lib/typescript/credential/presentation/04-send-authorization-response.d.ts.map +1 -0
- package/lib/typescript/credential/presentation/index.d.ts +7 -0
- package/lib/typescript/credential/presentation/index.d.ts.map +1 -0
- package/lib/typescript/credential/presentation/types.d.ts +49 -0
- package/lib/typescript/credential/presentation/types.d.ts.map +1 -0
- package/lib/typescript/index.d.ts +4 -5
- package/lib/typescript/index.d.ts.map +1 -1
- package/lib/typescript/pid/index.d.ts +1 -2
- package/lib/typescript/pid/index.d.ts.map +1 -1
- package/lib/typescript/sd-jwt/index.d.ts +2 -2
- package/lib/typescript/sd-jwt/index.d.ts.map +1 -1
- package/lib/typescript/sd-jwt/types.d.ts +5 -5
- package/lib/typescript/trust/chain.d.ts +12 -3
- package/lib/typescript/trust/chain.d.ts.map +1 -1
- package/lib/typescript/trust/index.d.ts +198 -24
- package/lib/typescript/trust/index.d.ts.map +1 -1
- package/lib/typescript/trust/types.d.ts +1299 -623
- package/lib/typescript/trust/types.d.ts.map +1 -1
- package/lib/typescript/utils/crypto.d.ts +1 -1
- package/lib/typescript/utils/crypto.d.ts.map +1 -1
- package/lib/typescript/utils/dpop.d.ts +2 -2
- package/lib/typescript/utils/misc.d.ts +8 -0
- package/lib/typescript/utils/misc.d.ts.map +1 -0
- package/lib/typescript/utils/par.d.ts +68 -0
- package/lib/typescript/utils/par.d.ts.map +1 -0
- package/package.json +2 -2
- package/src/credential/index.ts +4 -0
- package/src/credential/issuance/01-start-flow.ts +10 -0
- package/src/credential/issuance/02-evaluate-issuer-trust.ts +31 -0
- package/src/credential/issuance/03-start-user-authorization.ts +138 -0
- package/src/credential/issuance/04-complete-user-authorization.ts +17 -0
- package/src/credential/issuance/05-authorize-access.ts +92 -0
- package/src/credential/issuance/06-obtain-credential.ts +179 -0
- package/src/credential/issuance/07-confirm-credential.ts +14 -0
- package/src/credential/issuance/const.ts +2 -0
- package/src/credential/issuance/index.ts +32 -0
- package/src/credential/presentation/01-start-flow.ts +51 -0
- package/src/credential/presentation/02-evaluate-rp-trust.ts +33 -0
- package/src/credential/presentation/03-get-request-object.ts +85 -0
- package/src/credential/presentation/04-send-authorization-response.ts +168 -0
- package/src/credential/presentation/index.ts +26 -0
- package/src/credential/presentation/types.ts +27 -0
- package/src/index.ts +7 -28
- package/src/pid/index.ts +1 -2
- package/src/sd-jwt/index.ts +2 -2
- package/src/sd-jwt/types.ts +1 -1
- package/src/trust/chain.ts +45 -3
- package/src/trust/index.ts +136 -19
- package/src/trust/types.ts +57 -35
- package/src/utils/crypto.ts +2 -20
- package/src/utils/misc.ts +23 -0
- package/src/utils/par.ts +103 -0
- package/lib/commonjs/pid/issuing.js +0 -276
- package/lib/commonjs/pid/issuing.js.map +0 -1
- package/lib/commonjs/rp/__test__/index.test.js +0 -172
- package/lib/commonjs/rp/__test__/index.test.js.map +0 -1
- package/lib/commonjs/rp/index.js +0 -239
- package/lib/commonjs/rp/index.js.map +0 -1
- package/lib/commonjs/rp/types.js.map +0 -1
- package/lib/module/pid/issuing.js +0 -266
- package/lib/module/pid/issuing.js.map +0 -1
- package/lib/module/rp/__test__/index.test.js +0 -168
- package/lib/module/rp/__test__/index.test.js.map +0 -1
- package/lib/module/rp/index.js +0 -228
- package/lib/module/rp/index.js.map +0 -1
- package/lib/module/rp/types.js +0 -36
- package/lib/module/rp/types.js.map +0 -1
- package/lib/typescript/pid/issuing.d.ts +0 -57
- package/lib/typescript/pid/issuing.d.ts.map +0 -1
- package/lib/typescript/rp/__test__/index.test.d.ts +0 -2
- package/lib/typescript/rp/__test__/index.test.d.ts.map +0 -1
- package/lib/typescript/rp/index.d.ts +0 -43
- package/lib/typescript/rp/index.d.ts.map +0 -1
- package/lib/typescript/rp/types.d.ts +0 -122
- package/lib/typescript/rp/types.d.ts.map +0 -1
- package/src/pid/issuing.ts +0 -405
- package/src/rp/__test__/index.test.ts +0 -250
- package/src/rp/index.ts +0 -287
- package/src/rp/types.ts +0 -42
|
@@ -3,11 +3,13 @@
|
|
|
3
3
|
Object.defineProperty(exports, "__esModule", {
|
|
4
4
|
value: true
|
|
5
5
|
});
|
|
6
|
-
exports.
|
|
6
|
+
exports.renewTrustChain = renewTrustChain;
|
|
7
|
+
exports.validateTrustChain = validateTrustChain;
|
|
7
8
|
var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
|
|
8
9
|
var _types = require("./types");
|
|
9
10
|
var _errors = require("../utils/errors");
|
|
10
11
|
var z = _interopRequireWildcard(require("zod"));
|
|
12
|
+
var _ = require(".");
|
|
11
13
|
function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
|
|
12
14
|
function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
|
|
13
15
|
// Verify a token signature
|
|
@@ -48,12 +50,12 @@ const LastElementShape = z.union([_types.EntityStatement, _types.TrustAnchorEnti
|
|
|
48
50
|
/**
|
|
49
51
|
* Validates a provided trust chain against a known trust
|
|
50
52
|
*
|
|
51
|
-
* @param trustAnchorEntity
|
|
52
|
-
* @param chain
|
|
53
|
+
* @param trustAnchorEntity The entity configuration of the known trust anchor
|
|
54
|
+
* @param chain The chain of statements to be validate
|
|
53
55
|
* @returns The list of parsed token representing the chain
|
|
54
56
|
* @throws {IoWalletError} If the chain is not valid
|
|
55
57
|
*/
|
|
56
|
-
async function
|
|
58
|
+
async function validateTrustChain(trustAnchorEntity, chain) {
|
|
57
59
|
// If the chain is empty, fail
|
|
58
60
|
if (chain.length === 0) {
|
|
59
61
|
throw new _errors.IoWalletError("Cannot verify empty trust chain");
|
|
@@ -91,4 +93,30 @@ async function verifyTrustChain(trustAnchorEntity, chain) {
|
|
|
91
93
|
// If there is no next, hence it's the end of the chain and it must be verified by the Trust Anchor
|
|
92
94
|
return Promise.all(chain.map((token, i) => [token, selectKid(i), selectKeys(i)]).map(args => verify(...args)));
|
|
93
95
|
}
|
|
96
|
+
|
|
97
|
+
/**
|
|
98
|
+
* Given a trust chain, obtain a new trust chain by fetching each element's fresh version
|
|
99
|
+
*
|
|
100
|
+
* @param chain The original chain
|
|
101
|
+
* @param appFetch (optional) fetch api implementation
|
|
102
|
+
* @returns A list of signed token that reprensent the trust chain, in the same order of the provided chain
|
|
103
|
+
* @throws When an element of the chain fails to parse
|
|
104
|
+
*/
|
|
105
|
+
function renewTrustChain(chain) {
|
|
106
|
+
let appFetch = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : fetch;
|
|
107
|
+
return Promise.all(chain
|
|
108
|
+
// Decode each item to determine its shape
|
|
109
|
+
.map(decode).map(e => [_types.EntityStatement.safeParse(e), _types.EntityConfiguration.safeParse(e)])
|
|
110
|
+
// fetch the element according to its shape
|
|
111
|
+
.map((_ref, i) => {
|
|
112
|
+
let [es, ec] = _ref;
|
|
113
|
+
return ec.success ? (0, _.getSignedEntityConfiguration)(ec.data.payload.iss, {
|
|
114
|
+
appFetch
|
|
115
|
+
}) : es.success ? (0, _.getSignedEntityStatement)(es.data.payload.iss, es.data.payload.sub, {
|
|
116
|
+
appFetch
|
|
117
|
+
}) :
|
|
118
|
+
// if the element fail to parse in both EntityStatement and EntityConfiguration, raise an error
|
|
119
|
+
Promise.reject(new _errors.IoWalletError(`Cannot renew trust chain because the element #${i} failed to be parsed.`));
|
|
120
|
+
}));
|
|
121
|
+
}
|
|
94
122
|
//# sourceMappingURL=chain.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_ioReactNativeJwt","require","_types","_errors","z","_interopRequireWildcard","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","verify","token","kid","jwks","jwk","find","k","Error","protectedHeader","header","payload","verifyJwt","decode","decodeJwt","FirstElementShape","EntityConfiguration","MiddleElementShape","EntityStatement","LastElementShape","union","TrustAnchorEntityConfiguration","
|
|
1
|
+
{"version":3,"names":["_ioReactNativeJwt","require","_types","_errors","z","_interopRequireWildcard","_","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","verify","token","kid","jwks","jwk","find","k","Error","protectedHeader","header","payload","verifyJwt","decode","decodeJwt","FirstElementShape","EntityConfiguration","MiddleElementShape","EntityStatement","LastElementShape","union","TrustAnchorEntityConfiguration","validateTrustChain","trustAnchorEntity","chain","length","IoWalletError","selectTokenShape","elementIndex","selectKid","currentIndex","shape","parse","selectKeys","keys","nextIndex","nextToken","Promise","all","map","i","args","renewTrustChain","appFetch","arguments","undefined","fetch","e","safeParse","_ref","es","ec","success","getSignedEntityConfiguration","data","iss","getSignedEntityStatement","sub","reject"],"sourceRoot":"../../../src","sources":["trust/chain.ts"],"mappings":";;;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AAIA,IAAAC,MAAA,GAAAD,OAAA;AAMA,IAAAE,OAAA,GAAAF,OAAA;AACA,IAAAG,CAAA,GAAAC,uBAAA,CAAAJ,OAAA;AAEA,IAAAK,CAAA,GAAAL,OAAA;AAA2E,SAAAM,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAH,wBAAAO,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAO3E;AACA;AACA,MAAMW,MAAM,GAAG,MAAAA,CACbC,KAAa,EACbC,GAAW,EACXC,IAAW,KACc;EACzB,MAAMC,GAAG,GAAGD,IAAI,CAACE,IAAI,CAAEC,CAAC,IAAKA,CAAC,CAACJ,GAAG,KAAKA,GAAG,CAAC;EAC3C,IAAI,CAACE,GAAG,EAAE;IACR,MAAM,IAAIG,KAAK,CAAE,gBAAeL,GAAI,YAAWD,KAAM,EAAC,CAAC;EACzD;EACA,MAAM;IAAEO,eAAe,EAAEC,MAAM;IAAEC;EAAQ,CAAC,GAAG,MAAM,IAAAC,wBAAS,EAACV,KAAK,EAAEG,GAAG,CAAC;EACxE,OAAO;IAAEK,MAAM;IAAEC;EAAQ,CAAC;AAC5B,CAAC;AAED,MAAME,MAAM,GAAIX,KAAa,IAAK;EAChC,MAAM;IAAEO,eAAe,EAAEC,MAAM;IAAEC;EAAQ,CAAC,GAAG,IAAAG,wBAAS,EAACZ,KAAK,CAAC;EAC7D,OAAO;IAAEQ,MAAM;IAAEC;EAAQ,CAAC;AAC5B,CAAC;;AAED;AACA,MAAMI,iBAAiB,GAAGC,0BAAmB;AAC7C;AACA,MAAMC,kBAAkB,GAAGC,sBAAe;AAC1C;AACA;AACA,MAAMC,gBAAgB,GAAG3C,CAAC,CAAC4C,KAAK,CAAC,CAC/BF,sBAAe,EACfG,qCAA8B,CAC/B,CAAC;;AAEF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,eAAeC,kBAAkBA,CACtCC,iBAAiD,EACjDC,KAAe,EACS;EACxB;EACA,IAAIA,KAAK,CAACC,MAAM,KAAK,CAAC,EAAE;IACtB,MAAM,IAAIC,qBAAa,CAAC,iCAAiC,CAAC;EAC5D;;EAEA;EACA,MAAMC,gBAAgB,GAAIC,YAAoB,IAC5CA,YAAY,KAAK,CAAC,GACdb,iBAAiB,GACjBa,YAAY,KAAKJ,KAAK,CAACC,MAAM,GAAG,CAAC,GACjCN,gBAAgB,GAChBF,kBAAkB;;EAExB;EACA,MAAMY,SAAS,GAAIC,YAAoB,IAAa;IAClD,MAAM5B,KAAK,GAAGsB,KAAK,CAACM,YAAY,CAAC;IACjC,IAAI,CAAC5B,KAAK,EAAE;MACV,MAAM,IAAIwB,qBAAa,CAAE,gCAA+B,CAAC;IAC3D;IACA,MAAMK,KAAK,GAAGJ,gBAAgB,CAACG,YAAY,CAAC;IAC5C,OAAOC,KAAK,CAACC,KAAK,CAACnB,MAAM,CAACX,KAAK,CAAC,CAAC,CAACQ,MAAM,CAACP,GAAG;EAC9C,CAAC;;EAED;EACA;EACA,MAAM8B,UAAU,GAAIH,YAAoB,IAAY;IAClD,IAAIA,YAAY,KAAKN,KAAK,CAACC,MAAM,GAAG,CAAC,EAAE;MACrC,OAAOF,iBAAiB,CAACZ,OAAO,CAACP,IAAI,CAAC8B,IAAI;IAC5C;IAEA,MAAMC,SAAS,GAAGL,YAAY,GAAG,CAAC;IAClC,MAAMM,SAAS,GAAGZ,KAAK,CAACW,SAAS,CAAC;IAClC,IAAI,CAACC,SAAS,EAAE;MACd,MAAM,IAAIV,qBAAa,CAAE,qCAAoC,CAAC;IAChE;IACA,MAAMK,KAAK,GAAGJ,gBAAgB,CAACQ,SAAS,CAAC;IACzC,OAAOJ,KAAK,CAACC,KAAK,CAACnB,MAAM,CAACuB,SAAS,CAAC,CAAC,CAACzB,OAAO,CAACP,IAAI,CAAC8B,IAAI;EACzD,CAAC;;EAED;EACA;EACA,OAAOG,OAAO,CAACC,GAAG,CAChBd,KAAK,CACFe,GAAG,CAAC,CAACrC,KAAK,EAAEsC,CAAC,KAAK,CAACtC,KAAK,EAAE2B,SAAS,CAACW,CAAC,CAAC,EAAEP,UAAU,CAACO,CAAC,CAAC,CAAU,CAAC,CAChED,GAAG,CAAEE,IAAI,IAAKxC,MAAM,CAAC,GAAGwC,IAAI,CAAC,CAClC,CAAC;AACH;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,SAASC,eAAeA,CAC7BlB,KAAe,EAEf;EAAA,IADAmB,QAA8B,GAAAC,SAAA,CAAAnB,MAAA,QAAAmB,SAAA,QAAAC,SAAA,GAAAD,SAAA,MAAGE,KAAK;EAEtC,OAAOT,OAAO,CAACC,GAAG,CAChBd;EACE;EAAA,CACCe,GAAG,CAAC1B,MAAM,CAAC,CACX0B,GAAG,CACDQ,CAAC,IACA,CACE7B,sBAAe,CAAC8B,SAAS,CAACD,CAAC,CAAC,EAC5B/B,0BAAmB,CAACgC,SAAS,CAACD,CAAC,CAAC,CAEtC;EACA;EAAA,CACCR,GAAG,CAAC,CAAAU,IAAA,EAAWT,CAAC;IAAA,IAAX,CAACU,EAAE,EAAEC,EAAE,CAAC,GAAAF,IAAA;IAAA,OACZE,EAAE,CAACC,OAAO,GACN,IAAAC,8BAA4B,EAACF,EAAE,CAACG,IAAI,CAAC3C,OAAO,CAAC4C,GAAG,EAAE;MAAEZ;IAAS,CAAC,CAAC,GAC/DO,EAAE,CAACE,OAAO,GACV,IAAAI,0BAAwB,EAACN,EAAE,CAACI,IAAI,CAAC3C,OAAO,CAAC4C,GAAG,EAAEL,EAAE,CAACI,IAAI,CAAC3C,OAAO,CAAC8C,GAAG,EAAE;MACjEd;IACF,CAAC,CAAC;IACF;IACAN,OAAO,CAACqB,MAAM,CACZ,IAAIhC,qBAAa,CACd,iDAAgDc,CAAE,uBACrD,CACF,CAAC;EAAA,CACP,CACJ,CAAC;AACH"}
|
|
@@ -3,17 +3,62 @@
|
|
|
3
3
|
Object.defineProperty(exports, "__esModule", {
|
|
4
4
|
value: true
|
|
5
5
|
});
|
|
6
|
-
exports.
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
6
|
+
exports.getEntityConfiguration = exports.getCredentialIssuerEntityConfiguration = void 0;
|
|
7
|
+
exports.getEntityStatement = getEntityStatement;
|
|
8
|
+
exports.getRelyingPartyEntityConfiguration = void 0;
|
|
9
|
+
exports.getSignedEntityConfiguration = getSignedEntityConfiguration;
|
|
10
|
+
exports.getSignedEntityStatement = getSignedEntityStatement;
|
|
11
|
+
exports.getWalletProviderEntityConfiguration = exports.getTrustAnchorEntityConfiguration = void 0;
|
|
12
|
+
exports.verifyTrustChain = verifyTrustChain;
|
|
13
13
|
var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
|
|
14
14
|
var _types = require("./types");
|
|
15
|
-
var _errors = require("../utils/errors");
|
|
16
15
|
var _chain = require("./chain");
|
|
16
|
+
var _misc = require("../utils/misc");
|
|
17
|
+
/**
|
|
18
|
+
* Verify a given trust chain is actually valid.
|
|
19
|
+
* It can handle fast chain renewal, which means we try to fetch a fresh version of each statement.
|
|
20
|
+
*
|
|
21
|
+
* @param trustAnchorEntity The entity configuration of the known trust anchor
|
|
22
|
+
* @param chain The chain of statements to be validate
|
|
23
|
+
* @param options.renewOnFail Whether to renew the provided chain if the validation fails at first. Default: true
|
|
24
|
+
* @param options.appFetch Fetch api implementation. Default: the built-in implementation
|
|
25
|
+
* @returns The result of the chain validation
|
|
26
|
+
* @throws {IoWalletError} When either validation or renewal fail
|
|
27
|
+
*/
|
|
28
|
+
async function verifyTrustChain(trustAnchorEntity, chain) {
|
|
29
|
+
let {
|
|
30
|
+
appFetch = fetch,
|
|
31
|
+
renewOnFail = true
|
|
32
|
+
} = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : {};
|
|
33
|
+
try {
|
|
34
|
+
return (0, _chain.validateTrustChain)(trustAnchorEntity, chain);
|
|
35
|
+
} catch (error) {
|
|
36
|
+
if (renewOnFail) {
|
|
37
|
+
const renewedChain = await (0, _chain.renewTrustChain)(chain, appFetch);
|
|
38
|
+
return (0, _chain.validateTrustChain)(trustAnchorEntity, renewedChain);
|
|
39
|
+
} else {
|
|
40
|
+
throw error;
|
|
41
|
+
}
|
|
42
|
+
}
|
|
43
|
+
}
|
|
44
|
+
|
|
45
|
+
/**
|
|
46
|
+
* Fetch the signed entity configuration token for an entity
|
|
47
|
+
*
|
|
48
|
+
* @param entityBaseUrl The url of the entity to fetch
|
|
49
|
+
* @param param.appFetch (optional) fetch api implemention
|
|
50
|
+
* @returns The signed Entity Configuration token
|
|
51
|
+
*/
|
|
52
|
+
async function getSignedEntityConfiguration(entityBaseUrl) {
|
|
53
|
+
let {
|
|
54
|
+
appFetch = fetch
|
|
55
|
+
} = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {};
|
|
56
|
+
const wellKnownUrl = `${entityBaseUrl}/.well-known/openid-federation`;
|
|
57
|
+
return await appFetch(wellKnownUrl, {
|
|
58
|
+
method: "GET"
|
|
59
|
+
}).then((0, _misc.hasStatus)(200)).then(res => res.text());
|
|
60
|
+
}
|
|
61
|
+
|
|
17
62
|
/**
|
|
18
63
|
* Fetch and parse the entity configuration document for a given federation entity.
|
|
19
64
|
* This is an inner method to serve public interfaces.
|
|
@@ -36,19 +81,14 @@ async function fetchAndParseEntityConfiguration(entityBaseUrl, schema) {
|
|
|
36
81
|
let {
|
|
37
82
|
appFetch = fetch
|
|
38
83
|
} = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : {};
|
|
39
|
-
const
|
|
40
|
-
|
|
41
|
-
|
|
84
|
+
const responseText = await getSignedEntityConfiguration(entityBaseUrl, {
|
|
85
|
+
appFetch
|
|
86
|
+
});
|
|
87
|
+
const responseJwt = (0, _ioReactNativeJwt.decode)(responseText);
|
|
88
|
+
return schema.parse({
|
|
89
|
+
header: responseJwt.protectedHeader,
|
|
90
|
+
payload: responseJwt.payload
|
|
42
91
|
});
|
|
43
|
-
if (response.status === 200) {
|
|
44
|
-
const responseText = await response.text();
|
|
45
|
-
const responseJwt = (0, _ioReactNativeJwt.decode)(responseText);
|
|
46
|
-
return schema.parse({
|
|
47
|
-
header: responseJwt.protectedHeader,
|
|
48
|
-
payload: responseJwt.payload
|
|
49
|
-
});
|
|
50
|
-
}
|
|
51
|
-
throw new _errors.IoWalletError(`Unable to obtain Entity Configuration at ${wellKnownUrl}. Response code: ${response.status}`);
|
|
52
92
|
}
|
|
53
93
|
const getWalletProviderEntityConfiguration = (entityBaseUrl, options) => fetchAndParseEntityConfiguration(entityBaseUrl, _types.WalletProviderEntityConfiguration, options);
|
|
54
94
|
exports.getWalletProviderEntityConfiguration = getWalletProviderEntityConfiguration;
|
|
@@ -59,5 +99,50 @@ exports.getTrustAnchorEntityConfiguration = getTrustAnchorEntityConfiguration;
|
|
|
59
99
|
const getRelyingPartyEntityConfiguration = (entityBaseUrl, options) => fetchAndParseEntityConfiguration(entityBaseUrl, _types.RelyingPartyEntityConfiguration, options);
|
|
60
100
|
exports.getRelyingPartyEntityConfiguration = getRelyingPartyEntityConfiguration;
|
|
61
101
|
const getEntityConfiguration = (entityBaseUrl, options) => fetchAndParseEntityConfiguration(entityBaseUrl, _types.EntityConfiguration, options);
|
|
102
|
+
|
|
103
|
+
/**
|
|
104
|
+
* Fetch and parse the entity statement document for a given federation entity.
|
|
105
|
+
*
|
|
106
|
+
* @param accreditationBodyBaseUrl The base url of the accreditaion body which holds and signs the required entity statement
|
|
107
|
+
* @param subordinatedEntityBaseUrl The url that identifies the subordinate entity
|
|
108
|
+
* @param options.appFetch An optional instance of the http client to be used.
|
|
109
|
+
* @returns The parsed entity configuration object
|
|
110
|
+
* @throws {IoWalletError} If the http request fails
|
|
111
|
+
* @throws Parse error if the document is not in the expected shape.
|
|
112
|
+
*/
|
|
62
113
|
exports.getEntityConfiguration = getEntityConfiguration;
|
|
114
|
+
async function getEntityStatement(accreditationBodyBaseUrl, subordinatedEntityBaseUrl) {
|
|
115
|
+
let {
|
|
116
|
+
appFetch = fetch
|
|
117
|
+
} = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : {};
|
|
118
|
+
const responseText = await getSignedEntityStatement(accreditationBodyBaseUrl, subordinatedEntityBaseUrl, {
|
|
119
|
+
appFetch
|
|
120
|
+
});
|
|
121
|
+
const responseJwt = (0, _ioReactNativeJwt.decode)(responseText);
|
|
122
|
+
return _types.EntityStatement.parse({
|
|
123
|
+
header: responseJwt.protectedHeader,
|
|
124
|
+
payload: responseJwt.payload
|
|
125
|
+
});
|
|
126
|
+
}
|
|
127
|
+
|
|
128
|
+
/**
|
|
129
|
+
* Fetch the entity statement document for a given federation entity.
|
|
130
|
+
*
|
|
131
|
+
* @param accreditationBodyBaseUrl The base url of the accreditaion body which holds and signs the required entity statement
|
|
132
|
+
* @param subordinatedEntityBaseUrl The url that identifies the subordinate entity
|
|
133
|
+
* @param options.appFetch An optional instance of the http client to be used.
|
|
134
|
+
* @returns The signed entity statement token
|
|
135
|
+
* @throws {IoWalletError} If the http request fails
|
|
136
|
+
*/
|
|
137
|
+
async function getSignedEntityStatement(accreditationBodyBaseUrl, subordinatedEntityBaseUrl) {
|
|
138
|
+
let {
|
|
139
|
+
appFetch = fetch
|
|
140
|
+
} = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : {};
|
|
141
|
+
const url = `${accreditationBodyBaseUrl}/fetch?${new URLSearchParams({
|
|
142
|
+
sub: subordinatedEntityBaseUrl
|
|
143
|
+
})}`;
|
|
144
|
+
return await appFetch(url, {
|
|
145
|
+
method: "GET"
|
|
146
|
+
}).then((0, _misc.hasStatus)(200)).then(res => res.text());
|
|
147
|
+
}
|
|
63
148
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_ioReactNativeJwt","require","_types","
|
|
1
|
+
{"version":3,"names":["_ioReactNativeJwt","require","_types","_chain","_misc","verifyTrustChain","trustAnchorEntity","chain","appFetch","fetch","renewOnFail","arguments","length","undefined","validateTrustChain","error","renewedChain","renewTrustChain","getSignedEntityConfiguration","entityBaseUrl","wellKnownUrl","method","then","hasStatus","res","text","fetchAndParseEntityConfiguration","schema","responseText","responseJwt","decodeJwt","parse","header","protectedHeader","payload","getWalletProviderEntityConfiguration","options","WalletProviderEntityConfiguration","exports","getCredentialIssuerEntityConfiguration","CredentialIssuerEntityConfiguration","getTrustAnchorEntityConfiguration","TrustAnchorEntityConfiguration","getRelyingPartyEntityConfiguration","RelyingPartyEntityConfiguration","getEntityConfiguration","EntityConfiguration","getEntityStatement","accreditationBodyBaseUrl","subordinatedEntityBaseUrl","getSignedEntityStatement","EntityStatement","url","URLSearchParams","sub"],"sourceRoot":"../../../src","sources":["trust/index.ts"],"mappings":";;;;;;;;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AACA,IAAAC,MAAA,GAAAD,OAAA;AAQA,IAAAE,MAAA,GAAAF,OAAA;AACA,IAAAG,KAAA,GAAAH,OAAA;AAWA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,eAAeI,gBAAgBA,CACpCC,iBAAiD,EACjDC,KAAe,EAKiC;EAAA,IAJhD;IACEC,QAAQ,GAAGC,KAAK;IAChBC,WAAW,GAAG;EAC4C,CAAC,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EAElE,IAAI;IACF,OAAO,IAAAG,yBAAkB,EAACR,iBAAiB,EAAEC,KAAK,CAAC;EACrD,CAAC,CAAC,OAAOQ,KAAK,EAAE;IACd,IAAIL,WAAW,EAAE;MACf,MAAMM,YAAY,GAAG,MAAM,IAAAC,sBAAe,EAACV,KAAK,EAAEC,QAAQ,CAAC;MAC3D,OAAO,IAAAM,yBAAkB,EAACR,iBAAiB,EAAEU,YAAY,CAAC;IAC5D,CAAC,MAAM;MACL,MAAMD,KAAK;IACb;EACF;AACF;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,eAAeG,4BAA4BA,CAChDC,aAAqB,EAMJ;EAAA,IALjB;IACEX,QAAQ,GAAGC;EAGb,CAAC,GAAAE,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EAEN,MAAMS,YAAY,GAAI,GAAED,aAAc,gCAA+B;EAErE,OAAO,MAAMX,QAAQ,CAACY,YAAY,EAAE;IAClCC,MAAM,EAAE;EACV,CAAC,CAAC,CACCC,IAAI,CAAC,IAAAC,eAAS,EAAC,GAAG,CAAC,CAAC,CACpBD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC;AAC9B;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAoCA,eAAeC,gCAAgCA,CAC7CP,aAAqB,EACrBQ,MAK8B,EAM9B;EAAA,IALA;IACEnB,QAAQ,GAAGC;EAGb,CAAC,GAAAE,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EAEN,MAAMiB,YAAY,GAAG,MAAMV,4BAA4B,CAACC,aAAa,EAAE;IACrEX;EACF,CAAC,CAAC;EAEF,MAAMqB,WAAW,GAAG,IAAAC,wBAAS,EAACF,YAAY,CAAC;EAC3C,OAAOD,MAAM,CAACI,KAAK,CAAC;IAClBC,MAAM,EAAEH,WAAW,CAACI,eAAe;IACnCC,OAAO,EAAEL,WAAW,CAACK;EACvB,CAAC,CAAC;AACJ;AAEO,MAAMC,oCAAoC,GAAGA,CAClDhB,aAAqE,EACrEiB,OAAgE,KAEhEV,gCAAgC,CAC9BP,aAAa,EACbkB,wCAAiC,EACjCD,OACF,CAAC;AAACE,OAAA,CAAAH,oCAAA,GAAAA,oCAAA;AAEG,MAAMI,sCAAsC,GAAGA,CACpDpB,aAAqE,EACrEiB,OAAgE,KAEhEV,gCAAgC,CAC9BP,aAAa,EACbqB,0CAAmC,EACnCJ,OACF,CAAC;AAACE,OAAA,CAAAC,sCAAA,GAAAA,sCAAA;AAEG,MAAME,iCAAiC,GAAGA,CAC/CtB,aAAqE,EACrEiB,OAAgE,KAEhEV,gCAAgC,CAC9BP,aAAa,EACbuB,qCAA8B,EAC9BN,OACF,CAAC;AAACE,OAAA,CAAAG,iCAAA,GAAAA,iCAAA;AAEG,MAAME,kCAAkC,GAAGA,CAChDxB,aAAqE,EACrEiB,OAAgE,KAEhEV,gCAAgC,CAC9BP,aAAa,EACbyB,sCAA+B,EAC/BR,OACF,CAAC;AAACE,OAAA,CAAAK,kCAAA,GAAAA,kCAAA;AAEG,MAAME,sBAAsB,GAAGA,CACpC1B,aAAqE,EACrEiB,OAAgE,KAEhEV,gCAAgC,CAACP,aAAa,EAAE2B,0BAAmB,EAAEV,OAAO,CAAC;;AAE/E;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AATAE,OAAA,CAAAO,sBAAA,GAAAA,sBAAA;AAUO,eAAeE,kBAAkBA,CACtCC,wBAAgC,EAChCC,yBAAiC,EAMjC;EAAA,IALA;IACEzC,QAAQ,GAAGC;EAGb,CAAC,GAAAE,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EAEN,MAAMiB,YAAY,GAAG,MAAMsB,wBAAwB,CACjDF,wBAAwB,EACxBC,yBAAyB,EACzB;IACEzC;EACF,CACF,CAAC;EAED,MAAMqB,WAAW,GAAG,IAAAC,wBAAS,EAACF,YAAY,CAAC;EAC3C,OAAOuB,sBAAe,CAACpB,KAAK,CAAC;IAC3BC,MAAM,EAAEH,WAAW,CAACI,eAAe;IACnCC,OAAO,EAAEL,WAAW,CAACK;EACvB,CAAC,CAAC;AACJ;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,eAAegB,wBAAwBA,CAC5CF,wBAAgC,EAChCC,yBAAiC,EAMjC;EAAA,IALA;IACEzC,QAAQ,GAAGC;EAGb,CAAC,GAAAE,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EAEN,MAAMyC,GAAG,GAAI,GAAEJ,wBAAyB,UAAS,IAAIK,eAAe,CAAC;IACnEC,GAAG,EAAEL;EACP,CAAC,CAAE,EAAC;EAEJ,OAAO,MAAMzC,QAAQ,CAAC4C,GAAG,EAAE;IACzB/B,MAAM,EAAE;EACV,CAAC,CAAC,CACCC,IAAI,CAAC,IAAAC,eAAS,EAAC,GAAG,CAAC,CAAC,CACpBD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC;AAC9B"}
|
|
@@ -13,10 +13,20 @@ const TrustMark = z.object({
|
|
|
13
13
|
id: z.string(),
|
|
14
14
|
trust_mark: z.string()
|
|
15
15
|
});
|
|
16
|
+
exports.TrustMark = TrustMark;
|
|
17
|
+
const RelyingPartyMetadata = z.object({
|
|
18
|
+
application_type: z.string().optional(),
|
|
19
|
+
client_id: z.string().optional(),
|
|
20
|
+
client_name: z.string().optional(),
|
|
21
|
+
jwks: z.object({
|
|
22
|
+
keys: z.array(_jwk.JWK)
|
|
23
|
+
}),
|
|
24
|
+
contacts: z.array(z.string()).optional()
|
|
25
|
+
});
|
|
26
|
+
//.passthrough();
|
|
16
27
|
|
|
17
28
|
// Display metadata for a credential, used by the issuer to
|
|
18
29
|
// instruct the Wallet Solution on how to render the credential correctly
|
|
19
|
-
exports.TrustMark = TrustMark;
|
|
20
30
|
const CredentialDisplayMetadata = z.object({
|
|
21
31
|
name: z.string(),
|
|
22
32
|
locale: z.string(),
|
|
@@ -27,14 +37,26 @@ const CredentialDisplayMetadata = z.object({
|
|
|
27
37
|
background_color: z.string(),
|
|
28
38
|
text_color: z.string()
|
|
29
39
|
});
|
|
40
|
+
const CredentialDefinitionMetadata = z.object({
|
|
41
|
+
type: z.array(z.string()),
|
|
42
|
+
credentialSubject: z.record(z.object({
|
|
43
|
+
mandatory: z.boolean(),
|
|
44
|
+
display: z.array(z.object({
|
|
45
|
+
name: z.string(),
|
|
46
|
+
locale: z.string()
|
|
47
|
+
}))
|
|
48
|
+
}))
|
|
49
|
+
});
|
|
30
50
|
|
|
31
51
|
// Metadata for a credentia which i supported by a Issuer
|
|
32
52
|
|
|
33
53
|
const SupportedCredentialMetadata = z.object({
|
|
54
|
+
id: z.string(),
|
|
34
55
|
format: z.literal("vc+sd-jwt"),
|
|
35
56
|
cryptographic_binding_methods_supported: z.array(z.string()),
|
|
36
57
|
cryptographic_suites_supported: z.array(z.string()),
|
|
37
|
-
display: z.array(CredentialDisplayMetadata)
|
|
58
|
+
display: z.array(CredentialDisplayMetadata),
|
|
59
|
+
credential_definition: CredentialDefinitionMetadata
|
|
38
60
|
});
|
|
39
61
|
const EntityStatement = z.object({
|
|
40
62
|
header: z.object({
|
|
@@ -59,9 +81,20 @@ const EntityConfigurationHeader = z.object({
|
|
|
59
81
|
alg: z.string(),
|
|
60
82
|
kid: z.string()
|
|
61
83
|
});
|
|
84
|
+
exports.EntityConfigurationHeader = EntityConfigurationHeader;
|
|
85
|
+
const FederationEntityMetadata = z.object({
|
|
86
|
+
federation_fetch_endpoint: z.string().optional(),
|
|
87
|
+
federation_list_endpoint: z.string().optional(),
|
|
88
|
+
federation_resolve_endpoint: z.string().optional(),
|
|
89
|
+
federation_trust_mark_status_endpoint: z.string().optional(),
|
|
90
|
+
federation_trust_mark_list_endpoint: z.string().optional(),
|
|
91
|
+
homepage_uri: z.string().optional(),
|
|
92
|
+
policy_uri: z.string().optional(),
|
|
93
|
+
logo_uri: z.string().optional(),
|
|
94
|
+
contacts: z.array(z.string()).optional()
|
|
95
|
+
}).passthrough();
|
|
62
96
|
|
|
63
97
|
// Structuire common to every Entity Configuration document
|
|
64
|
-
exports.EntityConfigurationHeader = EntityConfigurationHeader;
|
|
65
98
|
const BaseEntityConfiguration = z.object({
|
|
66
99
|
header: EntityConfigurationHeader,
|
|
67
100
|
payload: z.object({
|
|
@@ -73,17 +106,7 @@ const BaseEntityConfiguration = z.object({
|
|
|
73
106
|
keys: z.array(_jwk.JWK)
|
|
74
107
|
}),
|
|
75
108
|
metadata: z.object({
|
|
76
|
-
federation_entity:
|
|
77
|
-
federation_fetch_endpoint: z.string().optional(),
|
|
78
|
-
federation_list_endpoint: z.string().optional(),
|
|
79
|
-
federation_resolve_endpoint: z.string().optional(),
|
|
80
|
-
federation_trust_mark_status_endpoint: z.string().optional(),
|
|
81
|
-
federation_trust_mark_list_endpoint: z.string().optional(),
|
|
82
|
-
homepage_uri: z.string().optional(),
|
|
83
|
-
policy_uri: z.string().optional(),
|
|
84
|
-
logo_uri: z.string().optional(),
|
|
85
|
-
contacts: z.array(z.string()).optional()
|
|
86
|
-
}).passthrough()
|
|
109
|
+
federation_entity: FederationEntityMetadata
|
|
87
110
|
}).passthrough(),
|
|
88
111
|
authority_hints: z.array(z.string()).optional()
|
|
89
112
|
}).passthrough()
|
|
@@ -112,13 +135,27 @@ const CredentialIssuerEntityConfiguration = BaseEntityConfiguration.and(z.object
|
|
|
112
135
|
jwks: z.object({
|
|
113
136
|
keys: z.array(_jwk.JWK)
|
|
114
137
|
})
|
|
115
|
-
})
|
|
138
|
+
}),
|
|
139
|
+
/** Credential Issuers act as Relying Party
|
|
140
|
+
when they require the presentation of other credentials.
|
|
141
|
+
This does not apply for PID issuance, which requires CIE authz. */
|
|
142
|
+
wallet_relying_party: RelyingPartyMetadata.optional()
|
|
116
143
|
})
|
|
117
144
|
})
|
|
118
145
|
}));
|
|
119
146
|
|
|
120
|
-
// Entity configuration for a
|
|
147
|
+
// Entity configuration for a Relying Party
|
|
121
148
|
exports.CredentialIssuerEntityConfiguration = CredentialIssuerEntityConfiguration;
|
|
149
|
+
const RelyingPartyEntityConfiguration = BaseEntityConfiguration.and(z.object({
|
|
150
|
+
payload: z.object({
|
|
151
|
+
metadata: z.object({
|
|
152
|
+
wallet_relying_party: RelyingPartyMetadata
|
|
153
|
+
})
|
|
154
|
+
})
|
|
155
|
+
}));
|
|
156
|
+
|
|
157
|
+
// Entity configuration for a Wallet Provider
|
|
158
|
+
exports.RelyingPartyEntityConfiguration = RelyingPartyEntityConfiguration;
|
|
122
159
|
const WalletProviderEntityConfiguration = BaseEntityConfiguration.and(z.object({
|
|
123
160
|
payload: z.object({
|
|
124
161
|
metadata: z.object({
|
|
@@ -136,26 +173,8 @@ const WalletProviderEntityConfiguration = BaseEntityConfiguration.and(z.object({
|
|
|
136
173
|
})
|
|
137
174
|
}));
|
|
138
175
|
|
|
139
|
-
// Entity configuration for a Relying Party
|
|
140
|
-
exports.WalletProviderEntityConfiguration = WalletProviderEntityConfiguration;
|
|
141
|
-
const RelyingPartyEntityConfiguration = BaseEntityConfiguration.and(z.object({
|
|
142
|
-
payload: z.object({
|
|
143
|
-
metadata: z.object({
|
|
144
|
-
wallet_relying_party: z.object({
|
|
145
|
-
application_type: z.string().optional(),
|
|
146
|
-
client_id: z.string().optional(),
|
|
147
|
-
client_name: z.string().optional(),
|
|
148
|
-
jwks: z.object({
|
|
149
|
-
keys: z.array(_jwk.JWK)
|
|
150
|
-
}),
|
|
151
|
-
contacts: z.array(z.string()).optional()
|
|
152
|
-
}).passthrough()
|
|
153
|
-
})
|
|
154
|
-
})
|
|
155
|
-
}));
|
|
156
|
-
|
|
157
176
|
// Maps any entity configuration by the union of every possible shapes
|
|
158
|
-
exports.
|
|
177
|
+
exports.WalletProviderEntityConfiguration = WalletProviderEntityConfiguration;
|
|
159
178
|
const EntityConfiguration = z.union([WalletProviderEntityConfiguration, CredentialIssuerEntityConfiguration, TrustAnchorEntityConfiguration, RelyingPartyEntityConfiguration], {
|
|
160
179
|
description: "Any kind of Entity Configuration allowed in the ecosystem"
|
|
161
180
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_types","require","_jwk","z","_interopRequireWildcard","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","TrustMark","object","id","string","trust_mark","exports","CredentialDisplayMetadata","name","locale","logo","url","alt_text","background_color","text_color","
|
|
1
|
+
{"version":3,"names":["_types","require","_jwk","z","_interopRequireWildcard","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","TrustMark","object","id","string","trust_mark","exports","RelyingPartyMetadata","application_type","optional","client_id","client_name","jwks","keys","array","JWK","contacts","CredentialDisplayMetadata","name","locale","logo","url","alt_text","background_color","text_color","CredentialDefinitionMetadata","type","credentialSubject","record","mandatory","boolean","display","SupportedCredentialMetadata","format","literal","cryptographic_binding_methods_supported","cryptographic_suites_supported","credential_definition","EntityStatement","header","typ","alg","kid","payload","iss","sub","trust_marks","iat","number","exp","EntityConfigurationHeader","FederationEntityMetadata","federation_fetch_endpoint","federation_list_endpoint","federation_resolve_endpoint","federation_trust_mark_status_endpoint","federation_trust_mark_list_endpoint","homepage_uri","policy_uri","logo_uri","passthrough","BaseEntityConfiguration","UnixTime","metadata","federation_entity","authority_hints","TrustAnchorEntityConfiguration","CredentialIssuerEntityConfiguration","and","openid_credential_issuer","credential_issuer","authorization_endpoint","token_endpoint","pushed_authorization_request_endpoint","dpop_signing_alg_values_supported","credential_endpoint","credentials_supported","wallet_relying_party","RelyingPartyEntityConfiguration","WalletProviderEntityConfiguration","wallet_provider","attested_security_context_values_supported","grant_types_supported","token_endpoint_auth_methods_supported","token_endpoint_auth_signing_alg_values_supported","EntityConfiguration","union","description"],"sourceRoot":"../../../src","sources":["trust/types.ts"],"mappings":";;;;;;AAAA,IAAAA,MAAA,GAAAC,OAAA;AACA,IAAAC,IAAA,GAAAD,OAAA;AACA,IAAAE,CAAA,GAAAC,uBAAA,CAAAH,OAAA;AAAyB,SAAAI,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAF,wBAAAM,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAElB,MAAMW,SAAS,GAAGxB,CAAC,CAACyB,MAAM,CAAC;EAAEC,EAAE,EAAE1B,CAAC,CAAC2B,MAAM,CAAC,CAAC;EAAEC,UAAU,EAAE5B,CAAC,CAAC2B,MAAM,CAAC;AAAE,CAAC,CAAC;AAACE,OAAA,CAAAL,SAAA,GAAAA,SAAA;AAG9E,MAAMM,oBAAoB,GAAG9B,CAAC,CAACyB,MAAM,CAAC;EACpCM,gBAAgB,EAAE/B,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;EACvCC,SAAS,EAAEjC,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;EAChCE,WAAW,EAAElC,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;EAClCG,IAAI,EAAEnC,CAAC,CAACyB,MAAM,CAAC;IAAEW,IAAI,EAAEpC,CAAC,CAACqC,KAAK,CAACC,QAAG;EAAE,CAAC,CAAC;EACtCC,QAAQ,EAAEvC,CAAC,CAACqC,KAAK,CAACrC,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAAC,CAACK,QAAQ,CAAC;AACzC,CAAC,CAAC;AACF;;AAEA;AACA;AAEA,MAAMQ,yBAAyB,GAAGxC,CAAC,CAACyB,MAAM,CAAC;EACzCgB,IAAI,EAAEzC,CAAC,CAAC2B,MAAM,CAAC,CAAC;EAChBe,MAAM,EAAE1C,CAAC,CAAC2B,MAAM,CAAC,CAAC;EAClBgB,IAAI,EAAE3C,CAAC,CAACyB,MAAM,CAAC;IACbmB,GAAG,EAAE5C,CAAC,CAAC2B,MAAM,CAAC,CAAC;IACfkB,QAAQ,EAAE7C,CAAC,CAAC2B,MAAM,CAAC;EACrB,CAAC,CAAC;EACFmB,gBAAgB,EAAE9C,CAAC,CAAC2B,MAAM,CAAC,CAAC;EAC5BoB,UAAU,EAAE/C,CAAC,CAAC2B,MAAM,CAAC;AACvB,CAAC,CAAC;AAKF,MAAMqB,4BAA4B,GAAGhD,CAAC,CAACyB,MAAM,CAAC;EAC5CwB,IAAI,EAAEjD,CAAC,CAACqC,KAAK,CAACrC,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAAC;EACzBuB,iBAAiB,EAAElD,CAAC,CAACmD,MAAM,CACzBnD,CAAC,CAACyB,MAAM,CAAC;IACP2B,SAAS,EAAEpD,CAAC,CAACqD,OAAO,CAAC,CAAC;IACtBC,OAAO,EAAEtD,CAAC,CAACqC,KAAK,CAACrC,CAAC,CAACyB,MAAM,CAAC;MAAEgB,IAAI,EAAEzC,CAAC,CAAC2B,MAAM,CAAC,CAAC;MAAEe,MAAM,EAAE1C,CAAC,CAAC2B,MAAM,CAAC;IAAE,CAAC,CAAC;EACrE,CAAC,CACH;AACF,CAAC,CAAC;;AAEF;;AAEA,MAAM4B,2BAA2B,GAAGvD,CAAC,CAACyB,MAAM,CAAC;EAC3CC,EAAE,EAAE1B,CAAC,CAAC2B,MAAM,CAAC,CAAC;EACd6B,MAAM,EAAExD,CAAC,CAACyD,OAAO,CAAC,WAAW,CAAC;EAC9BC,uCAAuC,EAAE1D,CAAC,CAACqC,KAAK,CAACrC,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAAC;EAC5DgC,8BAA8B,EAAE3D,CAAC,CAACqC,KAAK,CAACrC,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAAC;EACnD2B,OAAO,EAAEtD,CAAC,CAACqC,KAAK,CAACG,yBAAyB,CAAC;EAC3CoB,qBAAqB,EAAEZ;AACzB,CAAC,CAAC;AAGK,MAAMa,eAAe,GAAG7D,CAAC,CAACyB,MAAM,CAAC;EACtCqC,MAAM,EAAE9D,CAAC,CAACyB,MAAM,CAAC;IACfsC,GAAG,EAAE/D,CAAC,CAACyD,OAAO,CAAC,sBAAsB,CAAC;IACtCO,GAAG,EAAEhE,CAAC,CAAC2B,MAAM,CAAC,CAAC;IACfsC,GAAG,EAAEjE,CAAC,CAAC2B,MAAM,CAAC;EAChB,CAAC,CAAC;EACFuC,OAAO,EAAElE,CAAC,CAACyB,MAAM,CAAC;IAChB0C,GAAG,EAAEnE,CAAC,CAAC2B,MAAM,CAAC,CAAC;IACfyC,GAAG,EAAEpE,CAAC,CAAC2B,MAAM,CAAC,CAAC;IACfQ,IAAI,EAAEnC,CAAC,CAACyB,MAAM,CAAC;MAAEW,IAAI,EAAEpC,CAAC,CAACqC,KAAK,CAACC,QAAG;IAAE,CAAC,CAAC;IACtC+B,WAAW,EAAErE,CAAC,CAACqC,KAAK,CAACb,SAAS,CAAC;IAC/B8C,GAAG,EAAEtE,CAAC,CAACuE,MAAM,CAAC,CAAC;IACfC,GAAG,EAAExE,CAAC,CAACuE,MAAM,CAAC;EAChB,CAAC;AACH,CAAC,CAAC;AAAC1C,OAAA,CAAAgC,eAAA,GAAAA,eAAA;AAKI,MAAMY,yBAAyB,GAAGzE,CAAC,CAACyB,MAAM,CAAC;EAChDsC,GAAG,EAAE/D,CAAC,CAACyD,OAAO,CAAC,sBAAsB,CAAC;EACtCO,GAAG,EAAEhE,CAAC,CAAC2B,MAAM,CAAC,CAAC;EACfsC,GAAG,EAAEjE,CAAC,CAAC2B,MAAM,CAAC;AAChB,CAAC,CAAC;AAACE,OAAA,CAAA4C,yBAAA,GAAAA,yBAAA;AAEH,MAAMC,wBAAwB,GAAG1E,CAAC,CAC/ByB,MAAM,CAAC;EACNkD,yBAAyB,EAAE3E,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;EAChD4C,wBAAwB,EAAE5E,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;EAC/C6C,2BAA2B,EAAE7E,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;EAClD8C,qCAAqC,EAAE9E,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;EAC5D+C,mCAAmC,EAAE/E,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;EAC1DgD,YAAY,EAAEhF,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;EACnCiD,UAAU,EAAEjF,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;EACjCkD,QAAQ,EAAElF,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;EAC/BO,QAAQ,EAAEvC,CAAC,CAACqC,KAAK,CAACrC,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAAC,CAACK,QAAQ,CAAC;AACzC,CAAC,CAAC,CACDmD,WAAW,CAAC,CAAC;;AAEhB;AACA,MAAMC,uBAAuB,GAAGpF,CAAC,CAACyB,MAAM,CAAC;EACvCqC,MAAM,EAAEW,yBAAyB;EACjCP,OAAO,EAAElE,CAAC,CACPyB,MAAM,CAAC;IACN+C,GAAG,EAAEa,eAAQ;IACbf,GAAG,EAAEe,eAAQ;IACblB,GAAG,EAAEnE,CAAC,CAAC2B,MAAM,CAAC,CAAC;IACfyC,GAAG,EAAEpE,CAAC,CAAC2B,MAAM,CAAC,CAAC;IACfQ,IAAI,EAAEnC,CAAC,CAACyB,MAAM,CAAC;MACbW,IAAI,EAAEpC,CAAC,CAACqC,KAAK,CAACC,QAAG;IACnB,CAAC,CAAC;IACFgD,QAAQ,EAAEtF,CAAC,CACRyB,MAAM,CAAC;MACN8D,iBAAiB,EAAEb;IACrB,CAAC,CAAC,CACDS,WAAW,CAAC,CAAC;IAChBK,eAAe,EAAExF,CAAC,CAACqC,KAAK,CAACrC,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAAC,CAACK,QAAQ,CAAC;EAChD,CAAC,CAAC,CACDmD,WAAW,CAAC;AACjB,CAAC,CAAC;;AAEF;;AAIO,MAAMM,8BAA8B,GAAGL,uBAAuB;;AAErE;AAAAvD,OAAA,CAAA4D,8BAAA,GAAAA,8BAAA;AAIO,MAAMC,mCAAmC,GAAGN,uBAAuB,CAACO,GAAG,CAC5E3F,CAAC,CAACyB,MAAM,CAAC;EACPyC,OAAO,EAAElE,CAAC,CAACyB,MAAM,CAAC;IAChBU,IAAI,EAAEnC,CAAC,CAACyB,MAAM,CAAC;MAAEW,IAAI,EAAEpC,CAAC,CAACqC,KAAK,CAACC,QAAG;IAAE,CAAC,CAAC;IACtCgD,QAAQ,EAAEtF,CAAC,CAACyB,MAAM,CAAC;MACjBmE,wBAAwB,EAAE5F,CAAC,CAACyB,MAAM,CAAC;QACjCoE,iBAAiB,EAAE7F,CAAC,CAAC2B,MAAM,CAAC,CAAC;QAC7BmE,sBAAsB,EAAE9F,CAAC,CAAC2B,MAAM,CAAC,CAAC;QAClCoE,cAAc,EAAE/F,CAAC,CAAC2B,MAAM,CAAC,CAAC;QAC1BqE,qCAAqC,EAAEhG,CAAC,CAAC2B,MAAM,CAAC,CAAC;QACjDsE,iCAAiC,EAAEjG,CAAC,CAACqC,KAAK,CAACrC,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAAC;QACtDuE,mBAAmB,EAAElG,CAAC,CAAC2B,MAAM,CAAC,CAAC;QAC/BwE,qBAAqB,EAAEnG,CAAC,CAACqC,KAAK,CAACkB,2BAA2B,CAAC;QAC3DpB,IAAI,EAAEnC,CAAC,CAACyB,MAAM,CAAC;UAAEW,IAAI,EAAEpC,CAAC,CAACqC,KAAK,CAACC,QAAG;QAAE,CAAC;MACvC,CAAC,CAAC;MACF;AACR;AACA;MACQ8D,oBAAoB,EAAEtE,oBAAoB,CAACE,QAAQ,CAAC;IACtD,CAAC;EACH,CAAC;AACH,CAAC,CACH,CAAC;;AAED;AAAAH,OAAA,CAAA6D,mCAAA,GAAAA,mCAAA;AAIO,MAAMW,+BAA+B,GAAGjB,uBAAuB,CAACO,GAAG,CACxE3F,CAAC,CAACyB,MAAM,CAAC;EACPyC,OAAO,EAAElE,CAAC,CAACyB,MAAM,CAAC;IAChB6D,QAAQ,EAAEtF,CAAC,CAACyB,MAAM,CAAC;MACjB2E,oBAAoB,EAAEtE;IACxB,CAAC;EACH,CAAC;AACH,CAAC,CACH,CAAC;;AAED;AAAAD,OAAA,CAAAwE,+BAAA,GAAAA,+BAAA;AAIO,MAAMC,iCAAiC,GAAGlB,uBAAuB,CAACO,GAAG,CAC1E3F,CAAC,CAACyB,MAAM,CAAC;EACPyC,OAAO,EAAElE,CAAC,CAACyB,MAAM,CAAC;IAChB6D,QAAQ,EAAEtF,CAAC,CAACyB,MAAM,CAAC;MACjB8E,eAAe,EAAEvG,CAAC,CACfyB,MAAM,CAAC;QACNsE,cAAc,EAAE/F,CAAC,CAAC2B,MAAM,CAAC,CAAC;QAC1B6E,0CAA0C,EAAExG,CAAC,CAC1CqC,KAAK,CAACrC,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAAC,CACjBK,QAAQ,CAAC,CAAC;QACbyE,qBAAqB,EAAEzG,CAAC,CAACqC,KAAK,CAACrC,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAAC;QAC1C+E,qCAAqC,EAAE1G,CAAC,CAACqC,KAAK,CAACrC,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAAC;QAC1DgF,gDAAgD,EAAE3G,CAAC,CAACqC,KAAK,CACvDrC,CAAC,CAAC2B,MAAM,CAAC,CACX,CAAC;QACDQ,IAAI,EAAEnC,CAAC,CAACyB,MAAM,CAAC;UAAEW,IAAI,EAAEpC,CAAC,CAACqC,KAAK,CAACC,QAAG;QAAE,CAAC;MACvC,CAAC,CAAC,CACD6C,WAAW,CAAC;IACjB,CAAC;EACH,CAAC;AACH,CAAC,CACH,CAAC;;AAED;AAAAtD,OAAA,CAAAyE,iCAAA,GAAAA,iCAAA;AAEO,MAAMM,mBAAmB,GAAG5G,CAAC,CAAC6G,KAAK,CACxC,CACEP,iCAAiC,EACjCZ,mCAAmC,EACnCD,8BAA8B,EAC9BY,+BAA+B,CAChC,EACD;EACES,WAAW,EAAE;AACf,CACF,CAAC;AAACjF,OAAA,CAAA+E,mBAAA,GAAAA,mBAAA"}
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
Object.defineProperty(exports, "__esModule", {
|
|
4
4
|
value: true
|
|
5
5
|
});
|
|
6
|
-
exports.
|
|
6
|
+
exports.withEphemeralKey = exports.createCryptoContextFor = void 0;
|
|
7
7
|
var _ioReactNativeCrypto = require("@pagopa/io-react-native-crypto");
|
|
8
8
|
var _reactNativeUuid = _interopRequireDefault(require("react-native-uuid"));
|
|
9
9
|
var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
|
|
@@ -45,20 +45,6 @@ const createCryptoContextFor = keytag => {
|
|
|
45
45
|
};
|
|
46
46
|
};
|
|
47
47
|
|
|
48
|
-
// Wraps finally for async expressions
|
|
49
|
-
exports.createCryptoContextFor = createCryptoContextFor;
|
|
50
|
-
const asyncFinally = (fn, onFinally) => async function () {
|
|
51
|
-
try {
|
|
52
|
-
return await fn(...arguments);
|
|
53
|
-
// ^^^^^ return await is usually to be avoided,
|
|
54
|
-
// in this case is needed for the finally{} statement to be executed correctly
|
|
55
|
-
} catch (error) {
|
|
56
|
-
throw error;
|
|
57
|
-
} finally {
|
|
58
|
-
await onFinally();
|
|
59
|
-
}
|
|
60
|
-
};
|
|
61
|
-
|
|
62
48
|
/**
|
|
63
49
|
* Executes the input function injecting an ephemeral crypto context.
|
|
64
50
|
* An ephemeral crypto context is a context which is bound to a key
|
|
@@ -67,12 +53,13 @@ const asyncFinally = (fn, onFinally) => async function () {
|
|
|
67
53
|
* @param fn The procedure to be executed
|
|
68
54
|
* @returns The returned value of the input procedure.
|
|
69
55
|
*/
|
|
70
|
-
|
|
56
|
+
exports.createCryptoContextFor = createCryptoContextFor;
|
|
57
|
+
const withEphemeralKey = async fn => {
|
|
71
58
|
// Use an ephemeral key to be destroyed after use
|
|
72
59
|
const keytag = `ephemeral-${_reactNativeUuid.default.v4()}`;
|
|
73
60
|
await (0, _ioReactNativeCrypto.generate)(keytag);
|
|
74
61
|
const ephemeralContext = createCryptoContextFor(keytag);
|
|
75
|
-
return
|
|
62
|
+
return fn(ephemeralContext).finally(() => (0, _ioReactNativeCrypto.deleteKey)(keytag));
|
|
76
63
|
};
|
|
77
|
-
exports.
|
|
64
|
+
exports.withEphemeralKey = withEphemeralKey;
|
|
78
65
|
//# sourceMappingURL=crypto.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_ioReactNativeCrypto","require","_reactNativeUuid","_interopRequireDefault","_ioReactNativeJwt","_jwk","obj","__esModule","default","createCryptoContextFor","keytag","getPublicKey","then","fixBase64EncodingOnKey","jwk","kid","thumbprint","getSignature","value","sign","exports","
|
|
1
|
+
{"version":3,"names":["_ioReactNativeCrypto","require","_reactNativeUuid","_interopRequireDefault","_ioReactNativeJwt","_jwk","obj","__esModule","default","createCryptoContextFor","keytag","getPublicKey","then","fixBase64EncodingOnKey","jwk","kid","thumbprint","getSignature","value","sign","exports","withEphemeralKey","fn","uuid","v4","generate","ephemeralContext","finally","deleteKey"],"sourceRoot":"../../../src","sources":["utils/crypto.ts"],"mappings":";;;;;;AAAA,IAAAA,oBAAA,GAAAC,OAAA;AAMA,IAAAC,gBAAA,GAAAC,sBAAA,CAAAF,OAAA;AACA,IAAAG,iBAAA,GAAAH,OAAA;AACA,IAAAI,IAAA,GAAAJ,OAAA;AAA+C,SAAAE,uBAAAG,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAE/C;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMG,sBAAsB,GAAIC,MAAc,IAAoB;EACvE,OAAO;IACL;AACJ;AACA;AACA;AACA;IACI,MAAMC,YAAYA,CAAA,EAAG;MACnB,OAAO,IAAAA,iCAAY,EAACD,MAAM,CAAC,CACxBE,IAAI,CAACC,2BAAsB,CAAC,CAC5BD,IAAI,CAAC,MAAOE,GAAG,KAAM;QACpB,GAAGA,GAAG;QACN;QACA;QACA;QACA;QACAC,GAAG,EAAE,MAAM,IAAAC,4BAAU,EAACF,GAAG;MAC3B,CAAC,CAAC,CAAC;IACP,CAAC;IACD;AACJ;AACA;AACA;AACA;AACA;IACI,MAAMG,YAAYA,CAACC,KAAa,EAAE;MAChC,OAAO,IAAAC,yBAAI,EAACD,KAAK,EAAER,MAAM,CAAC;IAC5B;EACF,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAPAU,OAAA,CAAAX,sBAAA,GAAAA,sBAAA;AAQO,MAAMY,gBAAgB,GAAG,MAC9BC,EAAmD,IACpC;EACf;EACA,MAAMZ,MAAM,GAAI,aAAYa,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;EACvC,MAAM,IAAAC,6BAAQ,EAACf,MAAM,CAAC;EACtB,MAAMgB,gBAAgB,GAAGjB,sBAAsB,CAACC,MAAM,CAAC;EACvD,OAAOY,EAAE,CAACI,gBAAgB,CAAC,CAACC,OAAO,CAAC,MAAM,IAAAC,8BAAS,EAAClB,MAAM,CAAC,CAAC;AAC9D,CAAC;AAACU,OAAA,CAAAC,gBAAA,GAAAA,gBAAA"}
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
|
|
3
|
+
Object.defineProperty(exports, "__esModule", {
|
|
4
|
+
value: true
|
|
5
|
+
});
|
|
6
|
+
exports.hasStatus = void 0;
|
|
7
|
+
var _errors = require("./errors");
|
|
8
|
+
/**
|
|
9
|
+
* Check if a response is in the expected status, other
|
|
10
|
+
* @param status The expected status
|
|
11
|
+
* @returns The given response object
|
|
12
|
+
*/
|
|
13
|
+
const hasStatus = status => res => {
|
|
14
|
+
if (res.status !== status) {
|
|
15
|
+
throw new _errors.IoWalletError(`Http request failed. Expected ${status}, got ${res.status}, url: ${res.url}`);
|
|
16
|
+
}
|
|
17
|
+
return res;
|
|
18
|
+
};
|
|
19
|
+
|
|
20
|
+
// extract a type from an async function output
|
|
21
|
+
// helpful to bind the input of a function to the output of another
|
|
22
|
+
exports.hasStatus = hasStatus;
|
|
23
|
+
//# sourceMappingURL=misc.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["_errors","require","hasStatus","status","res","IoWalletError","url","exports"],"sourceRoot":"../../../src","sources":["utils/misc.ts"],"mappings":";;;;;;AAAA,IAAAA,OAAA,GAAAC,OAAA;AAEA;AACA;AACA;AACA;AACA;AACO,MAAMC,SAAS,GACnBC,MAAc,IACdC,GAAa,IAAe;EAC3B,IAAIA,GAAG,CAACD,MAAM,KAAKA,MAAM,EAAE;IACzB,MAAM,IAAIE,qBAAa,CACpB,iCAAgCF,MAAO,SAAQC,GAAG,CAACD,MAAO,UAASC,GAAG,CAACE,GAAI,EAC9E,CAAC;EACH;EACA,OAAOF,GAAG;AACZ,CAAC;;AAEH;AACA;AAAAG,OAAA,CAAAL,SAAA,GAAAA,SAAA"}
|