@pagopa/io-react-native-wallet 0.9.1 → 0.10.0
Sign up to get free protection for your applications and to get access to all the features.
- package/lib/commonjs/credential/issuance/06-obtain-credential.js +2 -34
- package/lib/commonjs/credential/issuance/06-obtain-credential.js.map +1 -1
- package/lib/commonjs/credential/issuance/07-verify-and-parse-credential.js +169 -0
- package/lib/commonjs/credential/issuance/07-verify-and-parse-credential.js.map +1 -0
- package/lib/commonjs/credential/issuance/08-confirm-credential.js +6 -0
- package/lib/commonjs/credential/issuance/08-confirm-credential.js.map +1 -0
- package/lib/commonjs/credential/issuance/const.js +6 -1
- package/lib/commonjs/credential/issuance/const.js.map +1 -1
- package/lib/commonjs/credential/issuance/index.js +7 -0
- package/lib/commonjs/credential/issuance/index.js.map +1 -1
- package/lib/commonjs/credential/presentation/01-start-flow.js +1 -1
- package/lib/commonjs/credential/presentation/01-start-flow.js.map +1 -1
- package/lib/commonjs/index.js +3 -1
- package/lib/commonjs/index.js.map +1 -1
- package/lib/commonjs/sd-jwt/__test__/index.test.js +33 -1
- package/lib/commonjs/sd-jwt/__test__/index.test.js.map +1 -1
- package/lib/commonjs/sd-jwt/index.js +15 -6
- package/lib/commonjs/sd-jwt/index.js.map +1 -1
- package/lib/commonjs/sd-jwt/types.js +1 -1
- package/lib/commonjs/trust/types.js +5 -0
- package/lib/commonjs/trust/types.js.map +1 -1
- package/lib/commonjs/utils/misc.js +2 -2
- package/lib/commonjs/utils/misc.js.map +1 -1
- package/lib/module/credential/issuance/06-obtain-credential.js +3 -34
- package/lib/module/credential/issuance/06-obtain-credential.js.map +1 -1
- package/lib/module/credential/issuance/07-verify-and-parse-credential.js +163 -0
- package/lib/module/credential/issuance/07-verify-and-parse-credential.js.map +1 -0
- package/lib/module/credential/issuance/08-confirm-credential.js +2 -0
- package/lib/module/credential/issuance/08-confirm-credential.js.map +1 -0
- package/lib/module/credential/issuance/const.js +2 -0
- package/lib/module/credential/issuance/const.js.map +1 -1
- package/lib/module/credential/issuance/index.js +2 -1
- package/lib/module/credential/issuance/index.js.map +1 -1
- package/lib/module/credential/presentation/01-start-flow.js +1 -1
- package/lib/module/credential/presentation/01-start-flow.js.map +1 -1
- package/lib/module/index.js +2 -1
- package/lib/module/index.js.map +1 -1
- package/lib/module/sd-jwt/__test__/index.test.js +33 -1
- package/lib/module/sd-jwt/__test__/index.test.js.map +1 -1
- package/lib/module/sd-jwt/index.js +10 -6
- package/lib/module/sd-jwt/index.js.map +1 -1
- package/lib/module/sd-jwt/types.js +1 -1
- package/lib/module/trust/types.js +5 -0
- package/lib/module/trust/types.js.map +1 -1
- package/lib/module/utils/misc.js +2 -2
- package/lib/module/utils/misc.js.map +1 -1
- package/lib/typescript/credential/issuance/01-start-flow.d.ts +2 -2
- package/lib/typescript/credential/issuance/01-start-flow.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/06-obtain-credential.d.ts +2 -1
- package/lib/typescript/credential/issuance/06-obtain-credential.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/07-verify-and-parse-credential.d.ts +36 -0
- package/lib/typescript/credential/issuance/07-verify-and-parse-credential.d.ts.map +1 -0
- package/lib/typescript/credential/issuance/08-confirm-credential.d.ts +11 -0
- package/lib/typescript/credential/issuance/08-confirm-credential.d.ts.map +1 -0
- package/lib/typescript/credential/issuance/const.d.ts +3 -0
- package/lib/typescript/credential/issuance/const.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/index.d.ts +4 -3
- package/lib/typescript/credential/issuance/index.d.ts.map +1 -1
- package/lib/typescript/credential/presentation/01-start-flow.d.ts +2 -2
- package/lib/typescript/credential/presentation/01-start-flow.d.ts.map +1 -1
- package/lib/typescript/index.d.ts +2 -1
- package/lib/typescript/index.d.ts.map +1 -1
- package/lib/typescript/sd-jwt/index.d.ts +222 -5
- package/lib/typescript/sd-jwt/index.d.ts.map +1 -1
- package/lib/typescript/sd-jwt/types.d.ts +1 -1
- package/lib/typescript/trust/index.d.ts +8 -0
- package/lib/typescript/trust/index.d.ts.map +1 -1
- package/lib/typescript/trust/types.d.ts +232 -0
- package/lib/typescript/trust/types.d.ts.map +1 -1
- package/lib/typescript/utils/misc.d.ts +2 -2
- package/lib/typescript/utils/misc.d.ts.map +1 -1
- package/package.json +2 -2
- package/src/credential/issuance/01-start-flow.ts +2 -2
- package/src/credential/issuance/06-obtain-credential.ts +3 -51
- package/src/credential/issuance/07-verify-and-parse-credential.ts +229 -0
- package/src/credential/issuance/08-confirm-credential.ts +14 -0
- package/src/credential/issuance/const.ts +6 -0
- package/src/credential/issuance/index.ts +7 -1
- package/src/credential/presentation/01-start-flow.ts +3 -3
- package/src/index.ts +2 -0
- package/src/sd-jwt/__test__/index.test.ts +32 -1
- package/src/sd-jwt/index.ts +14 -8
- package/src/sd-jwt/types.ts +1 -1
- package/src/trust/types.ts +4 -0
- package/src/utils/misc.ts +6 -2
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_types","require","_jwk","z","_interopRequireWildcard","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","TrustMark","object","id","string","trust_mark","exports","RelyingPartyMetadata","application_type","optional","client_id","client_name","jwks","keys","array","JWK","contacts","CredentialDisplayMetadata","name","locale","logo","url","alt_text","background_color","text_color","CredentialDefinitionMetadata","type","credentialSubject","record","mandatory","boolean","display","SupportedCredentialMetadata","format","literal","cryptographic_binding_methods_supported","cryptographic_suites_supported","credential_definition","EntityStatement","header","typ","alg","kid","payload","iss","sub","trust_marks","iat","number","exp","EntityConfigurationHeader","FederationEntityMetadata","federation_fetch_endpoint","federation_list_endpoint","federation_resolve_endpoint","federation_trust_mark_status_endpoint","federation_trust_mark_list_endpoint","homepage_uri","policy_uri","logo_uri","passthrough","BaseEntityConfiguration","UnixTime","metadata","federation_entity","authority_hints","TrustAnchorEntityConfiguration","CredentialIssuerEntityConfiguration","and","openid_credential_issuer","credential_issuer","authorization_endpoint","token_endpoint","pushed_authorization_request_endpoint","dpop_signing_alg_values_supported","credential_endpoint","credentials_supported","wallet_relying_party","RelyingPartyEntityConfiguration","WalletProviderEntityConfiguration","wallet_provider","attested_security_context_values_supported","grant_types_supported","token_endpoint_auth_methods_supported","token_endpoint_auth_signing_alg_values_supported","EntityConfiguration","union","description"],"sourceRoot":"../../../src","sources":["trust/types.ts"],"mappings":";;;;;;AAAA,IAAAA,MAAA,GAAAC,OAAA;AACA,IAAAC,IAAA,GAAAD,OAAA;AACA,IAAAE,CAAA,GAAAC,uBAAA,CAAAH,OAAA;AAAyB,SAAAI,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAF,wBAAAM,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAElB,MAAMW,SAAS,GAAGxB,CAAC,CAACyB,MAAM,CAAC;EAAEC,EAAE,EAAE1B,CAAC,CAAC2B,MAAM,CAAC,CAAC;EAAEC,UAAU,EAAE5B,CAAC,CAAC2B,MAAM,CAAC;AAAE,CAAC,CAAC;AAACE,OAAA,CAAAL,SAAA,GAAAA,SAAA;AAG9E,MAAMM,oBAAoB,GAAG9B,CAAC,CAACyB,MAAM,CAAC;EACpCM,gBAAgB,EAAE/B,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;EACvCC,SAAS,EAAEjC,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;EAChCE,WAAW,EAAElC,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;EAClCG,IAAI,EAAEnC,CAAC,CAACyB,MAAM,CAAC;IAAEW,IAAI,EAAEpC,CAAC,CAACqC,KAAK,CAACC,QAAG;EAAE,CAAC,CAAC;EACtCC,QAAQ,EAAEvC,CAAC,CAACqC,KAAK,CAACrC,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAAC,CAACK,QAAQ,CAAC;AACzC,CAAC,CAAC;AACF;;AAEA;AACA;AAEA,MAAMQ,yBAAyB,GAAGxC,CAAC,CAACyB,MAAM,CAAC;EACzCgB,IAAI,EAAEzC,CAAC,CAAC2B,MAAM,CAAC,CAAC;EAChBe,MAAM,EAAE1C,CAAC,CAAC2B,MAAM,CAAC,CAAC;EAClBgB,IAAI,EAAE3C,CAAC,CAACyB,MAAM,CAAC;IACbmB,GAAG,EAAE5C,CAAC,CAAC2B,MAAM,CAAC,CAAC;IACfkB,QAAQ,EAAE7C,CAAC,CAAC2B,MAAM,CAAC;EACrB,CAAC,CAAC;EACFmB,gBAAgB,EAAE9C,CAAC,CAAC2B,MAAM,CAAC,CAAC;EAC5BoB,UAAU,EAAE/C,CAAC,CAAC2B,MAAM,CAAC;AACvB,CAAC,CAAC;AAKF,MAAMqB,4BAA4B,GAAGhD,CAAC,CAACyB,MAAM,CAAC;EAC5CwB,IAAI,EAAEjD,CAAC,CAACqC,KAAK,CAACrC,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAAC;EACzBuB,iBAAiB,EAAElD,CAAC,CAACmD,MAAM,CACzBnD,CAAC,CAACyB,MAAM,CAAC;IACP2B,SAAS,EAAEpD,CAAC,CAACqD,OAAO,CAAC,CAAC;IACtBC,OAAO,EAAEtD,CAAC,CAACqC,KAAK,CAACrC,CAAC,CAACyB,MAAM,CAAC;MAAEgB,IAAI,EAAEzC,CAAC,CAAC2B,MAAM,CAAC,CAAC;MAAEe,MAAM,EAAE1C,CAAC,CAAC2B,MAAM,CAAC;IAAE,CAAC,CAAC;EACrE,CAAC,CACH;AACF,CAAC,CAAC;;AAEF;;AAEA,MAAM4B,2BAA2B,GAAGvD,CAAC,CAACyB,MAAM,CAAC;EAC3CC,EAAE,EAAE1B,CAAC,CAAC2B,MAAM,CAAC,CAAC;EACd6B,MAAM,EAAExD,CAAC,CAACyD,OAAO,CAAC,WAAW,CAAC;EAC9BC,uCAAuC,EAAE1D,CAAC,CAACqC,KAAK,CAACrC,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAAC;EAC5DgC,8BAA8B,EAAE3D,CAAC,CAACqC,KAAK,CAACrC,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAAC;EACnD2B,OAAO,EAAEtD,CAAC,CAACqC,KAAK,CAACG,yBAAyB,CAAC;EAC3CoB,qBAAqB,EAAEZ;AACzB,CAAC,CAAC;AAGK,MAAMa,eAAe,GAAG7D,CAAC,CAACyB,MAAM,CAAC;EACtCqC,MAAM,EAAE9D,CAAC,CAACyB,MAAM,CAAC;IACfsC,GAAG,EAAE/D,CAAC,CAACyD,OAAO,CAAC,sBAAsB,CAAC;IACtCO,GAAG,EAAEhE,CAAC,CAAC2B,MAAM,CAAC,CAAC;IACfsC,GAAG,EAAEjE,CAAC,CAAC2B,MAAM,CAAC;EAChB,CAAC,CAAC;EACFuC,OAAO,EAAElE,CAAC,CAACyB,MAAM,CAAC;IAChB0C,GAAG,EAAEnE,CAAC,CAAC2B,MAAM,CAAC,CAAC;IACfyC,GAAG,EAAEpE,CAAC,CAAC2B,MAAM,CAAC,CAAC;IACfQ,IAAI,EAAEnC,CAAC,CAACyB,MAAM,CAAC;MAAEW,IAAI,EAAEpC,CAAC,CAACqC,KAAK,CAACC,QAAG;IAAE,CAAC,CAAC;IACtC+B,WAAW,EAAErE,CAAC,CAACqC,KAAK,CAACb,SAAS,CAAC;IAC/B8C,GAAG,EAAEtE,CAAC,CAACuE,MAAM,CAAC,CAAC;IACfC,GAAG,EAAExE,CAAC,CAACuE,MAAM,CAAC;EAChB,CAAC;AACH,CAAC,CAAC;AAAC1C,OAAA,CAAAgC,eAAA,GAAAA,eAAA;AAKI,MAAMY,yBAAyB,GAAGzE,CAAC,CAACyB,MAAM,CAAC;EAChDsC,GAAG,EAAE/D,CAAC,CAACyD,OAAO,CAAC,sBAAsB,CAAC;EACtCO,GAAG,EAAEhE,CAAC,CAAC2B,MAAM,CAAC,CAAC;EACfsC,GAAG,EAAEjE,CAAC,CAAC2B,MAAM,CAAC;AAChB,CAAC,CAAC;
|
|
1
|
+
{"version":3,"names":["_types","require","_jwk","z","_interopRequireWildcard","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","TrustMark","object","id","string","trust_mark","exports","RelyingPartyMetadata","application_type","optional","client_id","client_name","jwks","keys","array","JWK","contacts","CredentialDisplayMetadata","name","locale","logo","url","alt_text","background_color","text_color","CredentialDefinitionMetadata","type","credentialSubject","record","mandatory","boolean","display","SupportedCredentialMetadata","format","literal","cryptographic_binding_methods_supported","cryptographic_suites_supported","credential_definition","EntityStatement","header","typ","alg","kid","payload","iss","sub","trust_marks","iat","number","exp","EntityConfigurationHeader","FederationEntityMetadata","federation_fetch_endpoint","federation_list_endpoint","federation_resolve_endpoint","federation_trust_mark_status_endpoint","federation_trust_mark_list_endpoint","organization_name","homepage_uri","policy_uri","logo_uri","passthrough","BaseEntityConfiguration","UnixTime","metadata","federation_entity","authority_hints","TrustAnchorEntityConfiguration","CredentialIssuerEntityConfiguration","and","openid_credential_issuer","credential_issuer","authorization_endpoint","token_endpoint","pushed_authorization_request_endpoint","dpop_signing_alg_values_supported","credential_endpoint","credentials_supported","wallet_relying_party","RelyingPartyEntityConfiguration","WalletProviderEntityConfiguration","wallet_provider","attested_security_context_values_supported","grant_types_supported","token_endpoint_auth_methods_supported","token_endpoint_auth_signing_alg_values_supported","EntityConfiguration","union","description"],"sourceRoot":"../../../src","sources":["trust/types.ts"],"mappings":";;;;;;AAAA,IAAAA,MAAA,GAAAC,OAAA;AACA,IAAAC,IAAA,GAAAD,OAAA;AACA,IAAAE,CAAA,GAAAC,uBAAA,CAAAH,OAAA;AAAyB,SAAAI,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAF,wBAAAM,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAElB,MAAMW,SAAS,GAAGxB,CAAC,CAACyB,MAAM,CAAC;EAAEC,EAAE,EAAE1B,CAAC,CAAC2B,MAAM,CAAC,CAAC;EAAEC,UAAU,EAAE5B,CAAC,CAAC2B,MAAM,CAAC;AAAE,CAAC,CAAC;AAACE,OAAA,CAAAL,SAAA,GAAAA,SAAA;AAG9E,MAAMM,oBAAoB,GAAG9B,CAAC,CAACyB,MAAM,CAAC;EACpCM,gBAAgB,EAAE/B,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;EACvCC,SAAS,EAAEjC,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;EAChCE,WAAW,EAAElC,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;EAClCG,IAAI,EAAEnC,CAAC,CAACyB,MAAM,CAAC;IAAEW,IAAI,EAAEpC,CAAC,CAACqC,KAAK,CAACC,QAAG;EAAE,CAAC,CAAC;EACtCC,QAAQ,EAAEvC,CAAC,CAACqC,KAAK,CAACrC,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAAC,CAACK,QAAQ,CAAC;AACzC,CAAC,CAAC;AACF;;AAEA;AACA;AAEA,MAAMQ,yBAAyB,GAAGxC,CAAC,CAACyB,MAAM,CAAC;EACzCgB,IAAI,EAAEzC,CAAC,CAAC2B,MAAM,CAAC,CAAC;EAChBe,MAAM,EAAE1C,CAAC,CAAC2B,MAAM,CAAC,CAAC;EAClBgB,IAAI,EAAE3C,CAAC,CAACyB,MAAM,CAAC;IACbmB,GAAG,EAAE5C,CAAC,CAAC2B,MAAM,CAAC,CAAC;IACfkB,QAAQ,EAAE7C,CAAC,CAAC2B,MAAM,CAAC;EACrB,CAAC,CAAC;EACFmB,gBAAgB,EAAE9C,CAAC,CAAC2B,MAAM,CAAC,CAAC;EAC5BoB,UAAU,EAAE/C,CAAC,CAAC2B,MAAM,CAAC;AACvB,CAAC,CAAC;AAKF,MAAMqB,4BAA4B,GAAGhD,CAAC,CAACyB,MAAM,CAAC;EAC5CwB,IAAI,EAAEjD,CAAC,CAACqC,KAAK,CAACrC,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAAC;EACzBuB,iBAAiB,EAAElD,CAAC,CAACmD,MAAM,CACzBnD,CAAC,CAACyB,MAAM,CAAC;IACP2B,SAAS,EAAEpD,CAAC,CAACqD,OAAO,CAAC,CAAC;IACtBC,OAAO,EAAEtD,CAAC,CAACqC,KAAK,CAACrC,CAAC,CAACyB,MAAM,CAAC;MAAEgB,IAAI,EAAEzC,CAAC,CAAC2B,MAAM,CAAC,CAAC;MAAEe,MAAM,EAAE1C,CAAC,CAAC2B,MAAM,CAAC;IAAE,CAAC,CAAC;EACrE,CAAC,CACH;AACF,CAAC,CAAC;;AAEF;;AAEA,MAAM4B,2BAA2B,GAAGvD,CAAC,CAACyB,MAAM,CAAC;EAC3CC,EAAE,EAAE1B,CAAC,CAAC2B,MAAM,CAAC,CAAC;EACd6B,MAAM,EAAExD,CAAC,CAACyD,OAAO,CAAC,WAAW,CAAC;EAC9BC,uCAAuC,EAAE1D,CAAC,CAACqC,KAAK,CAACrC,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAAC;EAC5DgC,8BAA8B,EAAE3D,CAAC,CAACqC,KAAK,CAACrC,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAAC;EACnD2B,OAAO,EAAEtD,CAAC,CAACqC,KAAK,CAACG,yBAAyB,CAAC;EAC3CoB,qBAAqB,EAAEZ;AACzB,CAAC,CAAC;AAGK,MAAMa,eAAe,GAAG7D,CAAC,CAACyB,MAAM,CAAC;EACtCqC,MAAM,EAAE9D,CAAC,CAACyB,MAAM,CAAC;IACfsC,GAAG,EAAE/D,CAAC,CAACyD,OAAO,CAAC,sBAAsB,CAAC;IACtCO,GAAG,EAAEhE,CAAC,CAAC2B,MAAM,CAAC,CAAC;IACfsC,GAAG,EAAEjE,CAAC,CAAC2B,MAAM,CAAC;EAChB,CAAC,CAAC;EACFuC,OAAO,EAAElE,CAAC,CAACyB,MAAM,CAAC;IAChB0C,GAAG,EAAEnE,CAAC,CAAC2B,MAAM,CAAC,CAAC;IACfyC,GAAG,EAAEpE,CAAC,CAAC2B,MAAM,CAAC,CAAC;IACfQ,IAAI,EAAEnC,CAAC,CAACyB,MAAM,CAAC;MAAEW,IAAI,EAAEpC,CAAC,CAACqC,KAAK,CAACC,QAAG;IAAE,CAAC,CAAC;IACtC+B,WAAW,EAAErE,CAAC,CAACqC,KAAK,CAACb,SAAS,CAAC;IAC/B8C,GAAG,EAAEtE,CAAC,CAACuE,MAAM,CAAC,CAAC;IACfC,GAAG,EAAExE,CAAC,CAACuE,MAAM,CAAC;EAChB,CAAC;AACH,CAAC,CAAC;AAAC1C,OAAA,CAAAgC,eAAA,GAAAA,eAAA;AAKI,MAAMY,yBAAyB,GAAGzE,CAAC,CAACyB,MAAM,CAAC;EAChDsC,GAAG,EAAE/D,CAAC,CAACyD,OAAO,CAAC,sBAAsB,CAAC;EACtCO,GAAG,EAAEhE,CAAC,CAAC2B,MAAM,CAAC,CAAC;EACfsC,GAAG,EAAEjE,CAAC,CAAC2B,MAAM,CAAC;AAChB,CAAC,CAAC;;AAEF;AACA;AACA;AAFAE,OAAA,CAAA4C,yBAAA,GAAAA,yBAAA;AAGA,MAAMC,wBAAwB,GAAG1E,CAAC,CAC/ByB,MAAM,CAAC;EACNkD,yBAAyB,EAAE3E,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;EAChD4C,wBAAwB,EAAE5E,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;EAC/C6C,2BAA2B,EAAE7E,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;EAClD8C,qCAAqC,EAAE9E,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;EAC5D+C,mCAAmC,EAAE/E,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;EAC1DgD,iBAAiB,EAAEhF,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;EACxCiD,YAAY,EAAEjF,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;EACnCkD,UAAU,EAAElF,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;EACjCmD,QAAQ,EAAEnF,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;EAC/BO,QAAQ,EAAEvC,CAAC,CAACqC,KAAK,CAACrC,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAAC,CAACK,QAAQ,CAAC;AACzC,CAAC,CAAC,CACDoD,WAAW,CAAC,CAAC;;AAEhB;AACA,MAAMC,uBAAuB,GAAGrF,CAAC,CAACyB,MAAM,CAAC;EACvCqC,MAAM,EAAEW,yBAAyB;EACjCP,OAAO,EAAElE,CAAC,CACPyB,MAAM,CAAC;IACN+C,GAAG,EAAEc,eAAQ;IACbhB,GAAG,EAAEgB,eAAQ;IACbnB,GAAG,EAAEnE,CAAC,CAAC2B,MAAM,CAAC,CAAC;IACfyC,GAAG,EAAEpE,CAAC,CAAC2B,MAAM,CAAC,CAAC;IACfQ,IAAI,EAAEnC,CAAC,CAACyB,MAAM,CAAC;MACbW,IAAI,EAAEpC,CAAC,CAACqC,KAAK,CAACC,QAAG;IACnB,CAAC,CAAC;IACFiD,QAAQ,EAAEvF,CAAC,CACRyB,MAAM,CAAC;MACN+D,iBAAiB,EAAEd;IACrB,CAAC,CAAC,CACDU,WAAW,CAAC,CAAC;IAChBK,eAAe,EAAEzF,CAAC,CAACqC,KAAK,CAACrC,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAAC,CAACK,QAAQ,CAAC;EAChD,CAAC,CAAC,CACDoD,WAAW,CAAC;AACjB,CAAC,CAAC;;AAEF;;AAIO,MAAMM,8BAA8B,GAAGL,uBAAuB;;AAErE;AAAAxD,OAAA,CAAA6D,8BAAA,GAAAA,8BAAA;AAIO,MAAMC,mCAAmC,GAAGN,uBAAuB,CAACO,GAAG,CAC5E5F,CAAC,CAACyB,MAAM,CAAC;EACPyC,OAAO,EAAElE,CAAC,CAACyB,MAAM,CAAC;IAChBU,IAAI,EAAEnC,CAAC,CAACyB,MAAM,CAAC;MAAEW,IAAI,EAAEpC,CAAC,CAACqC,KAAK,CAACC,QAAG;IAAE,CAAC,CAAC;IACtCiD,QAAQ,EAAEvF,CAAC,CAACyB,MAAM,CAAC;MACjBoE,wBAAwB,EAAE7F,CAAC,CAACyB,MAAM,CAAC;QACjCqE,iBAAiB,EAAE9F,CAAC,CAAC2B,MAAM,CAAC,CAAC;QAC7BoE,sBAAsB,EAAE/F,CAAC,CAAC2B,MAAM,CAAC,CAAC;QAClCqE,cAAc,EAAEhG,CAAC,CAAC2B,MAAM,CAAC,CAAC;QAC1BsE,qCAAqC,EAAEjG,CAAC,CAAC2B,MAAM,CAAC,CAAC;QACjDuE,iCAAiC,EAAElG,CAAC,CAACqC,KAAK,CAACrC,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAAC;QACtDwE,mBAAmB,EAAEnG,CAAC,CAAC2B,MAAM,CAAC,CAAC;QAC/ByE,qBAAqB,EAAEpG,CAAC,CAACqC,KAAK,CAACkB,2BAA2B,CAAC;QAC3DpB,IAAI,EAAEnC,CAAC,CAACyB,MAAM,CAAC;UAAEW,IAAI,EAAEpC,CAAC,CAACqC,KAAK,CAACC,QAAG;QAAE,CAAC;MACvC,CAAC,CAAC;MACF;AACR;AACA;MACQ+D,oBAAoB,EAAEvE,oBAAoB,CAACE,QAAQ,CAAC;IACtD,CAAC;EACH,CAAC;AACH,CAAC,CACH,CAAC;;AAED;AAAAH,OAAA,CAAA8D,mCAAA,GAAAA,mCAAA;AAIO,MAAMW,+BAA+B,GAAGjB,uBAAuB,CAACO,GAAG,CACxE5F,CAAC,CAACyB,MAAM,CAAC;EACPyC,OAAO,EAAElE,CAAC,CAACyB,MAAM,CAAC;IAChB8D,QAAQ,EAAEvF,CAAC,CAACyB,MAAM,CAAC;MACjB4E,oBAAoB,EAAEvE;IACxB,CAAC;EACH,CAAC;AACH,CAAC,CACH,CAAC;;AAED;AAAAD,OAAA,CAAAyE,+BAAA,GAAAA,+BAAA;AAIO,MAAMC,iCAAiC,GAAGlB,uBAAuB,CAACO,GAAG,CAC1E5F,CAAC,CAACyB,MAAM,CAAC;EACPyC,OAAO,EAAElE,CAAC,CAACyB,MAAM,CAAC;IAChB8D,QAAQ,EAAEvF,CAAC,CAACyB,MAAM,CAAC;MACjB+E,eAAe,EAAExG,CAAC,CACfyB,MAAM,CAAC;QACNuE,cAAc,EAAEhG,CAAC,CAAC2B,MAAM,CAAC,CAAC;QAC1B8E,0CAA0C,EAAEzG,CAAC,CAC1CqC,KAAK,CAACrC,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAAC,CACjBK,QAAQ,CAAC,CAAC;QACb0E,qBAAqB,EAAE1G,CAAC,CAACqC,KAAK,CAACrC,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAAC;QAC1CgF,qCAAqC,EAAE3G,CAAC,CAACqC,KAAK,CAACrC,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAAC;QAC1DiF,gDAAgD,EAAE5G,CAAC,CAACqC,KAAK,CACvDrC,CAAC,CAAC2B,MAAM,CAAC,CACX,CAAC;QACDQ,IAAI,EAAEnC,CAAC,CAACyB,MAAM,CAAC;UAAEW,IAAI,EAAEpC,CAAC,CAACqC,KAAK,CAACC,QAAG;QAAE,CAAC;MACvC,CAAC,CAAC,CACD8C,WAAW,CAAC;IACjB,CAAC;EACH,CAAC;AACH,CAAC,CACH,CAAC;;AAED;AAAAvD,OAAA,CAAA0E,iCAAA,GAAAA,iCAAA;AAEO,MAAMM,mBAAmB,GAAG7G,CAAC,CAAC8G,KAAK,CACxC,CACEP,iCAAiC,EACjCZ,mCAAmC,EACnCD,8BAA8B,EAC9BY,+BAA+B,CAChC,EACD;EACES,WAAW,EAAE;AACf,CACF,CAAC;AAAClF,OAAA,CAAAgF,mBAAA,GAAAA,mBAAA"}
|
|
@@ -10,9 +10,9 @@ var _errors = require("./errors");
|
|
|
10
10
|
* @param status The expected status
|
|
11
11
|
* @returns The given response object
|
|
12
12
|
*/
|
|
13
|
-
const hasStatus = status => res => {
|
|
13
|
+
const hasStatus = status => async res => {
|
|
14
14
|
if (res.status !== status) {
|
|
15
|
-
throw new _errors.IoWalletError(`Http request failed. Expected ${status}, got ${res.status}, url: ${res.url}`);
|
|
15
|
+
throw new _errors.IoWalletError(`Http request failed. Expected ${status}, got ${res.status}, url: ${res.url} with response: ${await res.text()}`);
|
|
16
16
|
}
|
|
17
17
|
return res;
|
|
18
18
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_errors","require","hasStatus","status","res","IoWalletError","url","exports"],"sourceRoot":"../../../src","sources":["utils/misc.ts"],"mappings":";;;;;;AAAA,IAAAA,OAAA,GAAAC,OAAA;AAEA;AACA;AACA;AACA;AACA;AACO,MAAMC,SAAS,GACnBC,MAAc,
|
|
1
|
+
{"version":3,"names":["_errors","require","hasStatus","status","res","IoWalletError","url","text","exports"],"sourceRoot":"../../../src","sources":["utils/misc.ts"],"mappings":";;;;;;AAAA,IAAAA,OAAA,GAAAC,OAAA;AAEA;AACA;AACA;AACA;AACA;AACO,MAAMC,SAAS,GACnBC,MAAc,IACf,MAAOC,GAAa,IAAwB;EAC1C,IAAIA,GAAG,CAACD,MAAM,KAAKA,MAAM,EAAE;IACzB,MAAM,IAAIE,qBAAa,CACpB,iCAAgCF,MAAO,SAAQC,GAAG,CAACD,MAAO,UACzDC,GAAG,CAACE,GACL,mBAAkB,MAAMF,GAAG,CAACG,IAAI,CAAC,CAAE,EACtC,CAAC;EACH;EACA,OAAOH,GAAG;AACZ,CAAC;;AAEH;AACA;AAAAI,OAAA,CAAAN,SAAA,GAAAA,SAAA"}
|
|
@@ -1,11 +1,10 @@
|
|
|
1
1
|
import * as z from "zod";
|
|
2
2
|
import uuid from "react-native-uuid";
|
|
3
3
|
import { SignJWT } from "@pagopa/io-react-native-jwt";
|
|
4
|
-
import { verify as verifySdJwt } from "../../sd-jwt";
|
|
5
4
|
import { createDPopToken } from "../../utils/dpop";
|
|
6
5
|
import { hasStatus } from "../../utils/misc";
|
|
7
|
-
import {
|
|
8
|
-
|
|
6
|
+
import { SupportedCredentialFormat } from "./const";
|
|
7
|
+
|
|
9
8
|
/**
|
|
10
9
|
* Return the signed jwt for nonce proof of possession
|
|
11
10
|
*/
|
|
@@ -17,35 +16,9 @@ export const createNonceProof = async (nonce, issuer, audience, ctx) => {
|
|
|
17
16
|
type: "openid4vci-proof+jwt"
|
|
18
17
|
}).setAudience(audience).setIssuer(issuer).setIssuedAt().setExpirationTime("1h").sign();
|
|
19
18
|
};
|
|
20
|
-
|
|
21
|
-
/**
|
|
22
|
-
* Given a credential, verify it's in the supported format
|
|
23
|
-
* and the credential is correctly signed
|
|
24
|
-
* and it's bound to the given key
|
|
25
|
-
*
|
|
26
|
-
* @param rawCredential The received credential
|
|
27
|
-
* @param issuerKeys The set of public keys of the issuer,
|
|
28
|
-
* which will be used to verify the signature
|
|
29
|
-
* @param holderBindingContext The access to the holder's key
|
|
30
|
-
*
|
|
31
|
-
* @throws If the signature verification fails
|
|
32
|
-
* @throws If the credential is not in the SdJwt4VC format
|
|
33
|
-
* @throws If the holder binding is not properly configured
|
|
34
|
-
*
|
|
35
|
-
*/
|
|
36
|
-
async function verifyCredential(rawCredential, issuerKeys, holderBindingContext) {
|
|
37
|
-
const [{
|
|
38
|
-
sdJwt
|
|
39
|
-
}, holderBindingKey] =
|
|
40
|
-
// parallel for optimization
|
|
41
|
-
await Promise.all([verifySdJwt(rawCredential, issuerKeys, SdJwt4VC), holderBindingContext.getPublicKey()]);
|
|
42
|
-
if (!sdJwt.payload.cnf.jwk.kid || sdJwt.payload.cnf.jwk.kid !== holderBindingKey.kid) {
|
|
43
|
-
throw new IoWalletError(`Failed to verify holder binding, expected kid: ${holderBindingKey.kid}, got: ${sdJwt.payload.cnf.jwk.kid}`);
|
|
44
|
-
}
|
|
45
|
-
}
|
|
46
19
|
const CredentialEndpointResponse = z.object({
|
|
47
20
|
credential: z.string(),
|
|
48
|
-
format:
|
|
21
|
+
format: SupportedCredentialFormat
|
|
49
22
|
});
|
|
50
23
|
/**
|
|
51
24
|
* Fetch a credential from the issuer
|
|
@@ -105,10 +78,6 @@ export const obtainCredential = async (issuerConf, accessToken, nonce, clientId,
|
|
|
105
78
|
},
|
|
106
79
|
body: formBody.toString()
|
|
107
80
|
}).then(hasStatus(200)).then(res => res.json()).then(CredentialEndpointResponse.parse);
|
|
108
|
-
|
|
109
|
-
/** validate the received credential signature
|
|
110
|
-
is correct and refers to the public keys of the issuer */
|
|
111
|
-
await verifyCredential(credential, issuerConf.openid_credential_issuer.jwks.keys, credentialCryptoContext);
|
|
112
81
|
return {
|
|
113
82
|
credential,
|
|
114
83
|
format
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["z","uuid","SignJWT","
|
|
1
|
+
{"version":3,"names":["z","uuid","SignJWT","createDPopToken","hasStatus","SupportedCredentialFormat","createNonceProof","nonce","issuer","audience","ctx","setPayload","jwk","getPublicKey","setProtectedHeader","type","setAudience","setIssuer","setIssuedAt","setExpirationTime","sign","CredentialEndpointResponse","object","credential","string","format","obtainCredential","issuerConf","accessToken","clientId","credentialType","context","credentialCryptoContext","walletProviderBaseUrl","appFetch","fetch","credentialUrl","openid_credential_issuer","credential_endpoint","signedDPopForPid","htm","htu","jti","v4","signedNonceProof","formBody","URLSearchParams","credential_definition","JSON","stringify","proof","jwt","proof_type","method","headers","DPoP","Authorization","body","toString","then","res","json","parse"],"sourceRoot":"../../../../src","sources":["credential/issuance/06-obtain-credential.ts"],"mappings":"AAAA,OAAO,KAAKA,CAAC,MAAM,KAAK;AACxB,OAAOC,IAAI,MAAM,mBAAmB;AACpC,SAASC,OAAO,QAA4B,6BAA6B;AACzE,SAASC,eAAe,QAAQ,kBAAkB;AAGlD,SAASC,SAAS,QAAkB,kBAAkB;AAGtD,SAASC,yBAAyB,QAAQ,SAAS;;AAEnD;AACA;AACA;AACA,OAAO,MAAMC,gBAAgB,GAAG,MAAAA,CAC9BC,KAAa,EACbC,MAAc,EACdC,QAAgB,EAChBC,GAAkB,KACE;EACpB,OAAO,IAAIR,OAAO,CAACQ,GAAG,CAAC,CACpBC,UAAU,CAAC;IACVJ,KAAK;IACLK,GAAG,EAAE,MAAMF,GAAG,CAACG,YAAY,CAAC;EAC9B,CAAC,CAAC,CACDC,kBAAkB,CAAC;IAClBC,IAAI,EAAE;EACR,CAAC,CAAC,CACDC,WAAW,CAACP,QAAQ,CAAC,CACrBQ,SAAS,CAACT,MAAM,CAAC,CACjBU,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,IAAI,CAAC,CAAC;AACX,CAAC;AAED,MAAMC,0BAA0B,GAAGrB,CAAC,CAACsB,MAAM,CAAC;EAC1CC,UAAU,EAAEvB,CAAC,CAACwB,MAAM,CAAC,CAAC;EACtBC,MAAM,EAAEpB;AACV,CAAC,CAAC;AAeF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMqB,gBAAkC,GAAG,MAAAA,CAChDC,UAAU,EACVC,WAAW,EACXrB,KAAK,EACLsB,QAAQ,EACRC,cAAc,EACdC,OAAO,KACJ;EACH,MAAM;IACJC,uBAAuB;IACvBC,qBAAqB;IACrBC,QAAQ,GAAGC;EACb,CAAC,GAAGJ,OAAO;EAEX,MAAMK,aAAa,GAAGT,UAAU,CAACU,wBAAwB,CAACC,mBAAmB;;EAE7E;AACF;AACA;EACE,MAAMC,gBAAgB,GAAG,MAAMpC,eAAe,CAC5C;IACEqC,GAAG,EAAE,MAAM;IACXC,GAAG,EAAEL,aAAa;IAClBM,GAAG,EAAG,GAAEzC,IAAI,CAAC0C,EAAE,CAAC,CAAE;EACpB,CAAC,EACDX,uBACF,CAAC;;EAED;AACF;AACA;EACE,MAAMY,gBAAgB,GAAG,MAAMtC,gBAAgB,CAC7CC,KAAK,EACLsB,QAAQ,EACRI,qBAAqB,EACrBD,uBACF,CAAC;;EAED;EACA,MAAMa,QAAQ,GAAG,IAAIC,eAAe,CAAC;IACnCC,qBAAqB,EAAEC,IAAI,CAACC,SAAS,CAAC;MACpClC,IAAI,EAAE,CAACe,cAAc;IACvB,CAAC,CAAC;IACFL,MAAM,EAAE,WAAW;IACnByB,KAAK,EAAEF,IAAI,CAACC,SAAS,CAAC;MACpBE,GAAG,EAAEP,gBAAgB;MACrBQ,UAAU,EAAE;IACd,CAAC;EACH,CAAC,CAAC;EAEF,MAAM;IAAE7B,UAAU;IAAEE;EAAO,CAAC,GAAG,MAAMS,QAAQ,CAACE,aAAa,EAAE;IAC3DiB,MAAM,EAAE,MAAM;IACdC,OAAO,EAAE;MACP,cAAc,EAAE,mCAAmC;MACnDC,IAAI,EAAEhB,gBAAgB;MACtBiB,aAAa,EAAE5B;IACjB,CAAC;IACD6B,IAAI,EAAEZ,QAAQ,CAACa,QAAQ,CAAC;EAC1B,CAAC,CAAC,CACCC,IAAI,CAACvD,SAAS,CAAC,GAAG,CAAC,CAAC,CACpBuD,IAAI,CAAEC,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBF,IAAI,CAACtC,0BAA0B,CAACyC,KAAK,CAAC;EAEzC,OAAO;IAAEvC,UAAU;IAAEE;EAAO,CAAC;AAC/B,CAAC"}
|
|
@@ -0,0 +1,163 @@
|
|
|
1
|
+
import { IoWalletError } from "../../utils/errors";
|
|
2
|
+
import { SdJwt4VC } from "../../sd-jwt/types";
|
|
3
|
+
import { verify as verifySdJwt } from "../../sd-jwt";
|
|
4
|
+
|
|
5
|
+
// The credential as a collection of attributes in plain value
|
|
6
|
+
|
|
7
|
+
// handy alias
|
|
8
|
+
|
|
9
|
+
const parseCredentialSdJwt = function (credentials_supported, _ref) {
|
|
10
|
+
var _credentials_supporte;
|
|
11
|
+
let {
|
|
12
|
+
sdJwt,
|
|
13
|
+
disclosures
|
|
14
|
+
} = _ref;
|
|
15
|
+
let ignoreMissingAttributes = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : false;
|
|
16
|
+
// find the definition that matches the received credential's type
|
|
17
|
+
// warning: if more then a defintion is found, the first is retrieved
|
|
18
|
+
const credentialSubject = (_credentials_supporte = credentials_supported.find(c => c.credential_definition.type.includes(sdJwt.payload.type))) === null || _credentials_supporte === void 0 ? void 0 : _credentials_supporte.credential_definition.credentialSubject;
|
|
19
|
+
|
|
20
|
+
// the received credential matches no supported credential, throw an exception
|
|
21
|
+
if (!credentialSubject) {
|
|
22
|
+
const expected = credentials_supported.flatMap(_ => _.credential_definition.type).join(", ");
|
|
23
|
+
throw new IoWalletError(`Received credential is of an unknwown type. Expected one of [${expected}], received '${sdJwt.payload.type}', `);
|
|
24
|
+
}
|
|
25
|
+
|
|
26
|
+
// transfrom a record { key: value } in an iterable of pairs [key, value]
|
|
27
|
+
const attrDefinitions = Object.entries(credentialSubject);
|
|
28
|
+
|
|
29
|
+
// every mandatory attribute must be present in the credential's disclosures
|
|
30
|
+
// the key of the attribute defintion must match the disclosure's name
|
|
31
|
+
const attrsNotInDisclosures = attrDefinitions.filter(_ref2 => {
|
|
32
|
+
let [attrKey, {
|
|
33
|
+
mandatory
|
|
34
|
+
}] = _ref2;
|
|
35
|
+
return mandatory && !disclosures.some(_ref3 => {
|
|
36
|
+
let [, name] = _ref3;
|
|
37
|
+
return name === attrKey;
|
|
38
|
+
});
|
|
39
|
+
});
|
|
40
|
+
if (attrsNotInDisclosures.length > 0) {
|
|
41
|
+
const missing = attrsNotInDisclosures.map(_ => _[0 /* key */]).join(", ");
|
|
42
|
+
const received = disclosures.map(_ => _[1 /* name */]).join(", ");
|
|
43
|
+
// the rationale of this condition is that we may want to be permissive
|
|
44
|
+
// on incomplete credentials in the test phase of the project.
|
|
45
|
+
// we might want to be strict once in production, hence remove this condition
|
|
46
|
+
if (!ignoreMissingAttributes) {
|
|
47
|
+
throw new IoWalletError(`Some attributes are missing in the credential. Missing: [${missing}], received: [${received}]`);
|
|
48
|
+
}
|
|
49
|
+
}
|
|
50
|
+
|
|
51
|
+
// attributes that are defined in the issuer configuration
|
|
52
|
+
// and are present in the disclosure set
|
|
53
|
+
const definedValues = attrDefinitions
|
|
54
|
+
// retrieve the value from the disclosure set
|
|
55
|
+
.map(_ref4 => {
|
|
56
|
+
var _disclosures$find;
|
|
57
|
+
let [attrKey, definition] = _ref4;
|
|
58
|
+
return [attrKey, {
|
|
59
|
+
...definition,
|
|
60
|
+
value: (_disclosures$find = disclosures.find(_ => _[1 /* name */] === attrKey)) === null || _disclosures$find === void 0 ? void 0 : _disclosures$find[2 /* value */]
|
|
61
|
+
}];
|
|
62
|
+
})
|
|
63
|
+
// add a human readable attribute name, with i18n, in the form { locale: name }
|
|
64
|
+
// example: { "it-IT": "Nome", "en-EN": "Name", "es-ES": "Nombre" }
|
|
65
|
+
.map(_ref5 => {
|
|
66
|
+
let [attrKey, {
|
|
67
|
+
display,
|
|
68
|
+
...definition
|
|
69
|
+
}] = _ref5;
|
|
70
|
+
return [attrKey, {
|
|
71
|
+
...definition,
|
|
72
|
+
name: display.reduce((names, _ref6) => {
|
|
73
|
+
let {
|
|
74
|
+
locale,
|
|
75
|
+
name
|
|
76
|
+
} = _ref6;
|
|
77
|
+
return {
|
|
78
|
+
...names,
|
|
79
|
+
[locale]: name
|
|
80
|
+
};
|
|
81
|
+
}, {})
|
|
82
|
+
}];
|
|
83
|
+
});
|
|
84
|
+
|
|
85
|
+
// attributes that are in the disclosure set
|
|
86
|
+
// but are not defined in the issuer configuration
|
|
87
|
+
const undefinedValues = disclosures.filter(_ => !Object.keys(definedValues).includes(_[1])).map(_ref7 => {
|
|
88
|
+
let [, key, value] = _ref7;
|
|
89
|
+
return [key, {
|
|
90
|
+
value,
|
|
91
|
+
mandatory: false,
|
|
92
|
+
name: key
|
|
93
|
+
}];
|
|
94
|
+
});
|
|
95
|
+
return {
|
|
96
|
+
...Object.fromEntries(definedValues),
|
|
97
|
+
...Object.fromEntries(undefinedValues)
|
|
98
|
+
};
|
|
99
|
+
};
|
|
100
|
+
|
|
101
|
+
/**
|
|
102
|
+
* Given a credential, verify it's in the supported format
|
|
103
|
+
* and the credential is correctly signed
|
|
104
|
+
* and it's bound to the given key
|
|
105
|
+
*
|
|
106
|
+
* @param rawCredential The received credential
|
|
107
|
+
* @param issuerKeys The set of public keys of the issuer,
|
|
108
|
+
* which will be used to verify the signature
|
|
109
|
+
* @param holderBindingContext The access to the holder's key
|
|
110
|
+
*
|
|
111
|
+
* @throws If the signature verification fails
|
|
112
|
+
* @throws If the credential is not in the SdJwt4VC format
|
|
113
|
+
* @throws If the holder binding is not properly configured
|
|
114
|
+
*
|
|
115
|
+
*/
|
|
116
|
+
async function verifyCredentialSdJwt(rawCredential, issuerKeys, holderBindingContext) {
|
|
117
|
+
const [decodedCredential, holderBindingKey] =
|
|
118
|
+
// parallel for optimization
|
|
119
|
+
await Promise.all([verifySdJwt(rawCredential, issuerKeys, SdJwt4VC), holderBindingContext.getPublicKey()]);
|
|
120
|
+
const {
|
|
121
|
+
cnf
|
|
122
|
+
} = decodedCredential.sdJwt.payload;
|
|
123
|
+
if (!cnf.jwk.kid || cnf.jwk.kid !== holderBindingKey.kid) {
|
|
124
|
+
throw new IoWalletError(`Failed to verify holder binding, expected kid: ${holderBindingKey.kid}, got: ${decodedCredential.sdJwt.payload.cnf.jwk.kid}`);
|
|
125
|
+
}
|
|
126
|
+
return decodedCredential;
|
|
127
|
+
}
|
|
128
|
+
|
|
129
|
+
// utility type that specialize VerifyAndParseCredential for given format
|
|
130
|
+
|
|
131
|
+
const verifyAndParseCredentialSdJwt = async (issuerConf, credential, _, _ref8) => {
|
|
132
|
+
let {
|
|
133
|
+
credentialCryptoContext,
|
|
134
|
+
ignoreMissingAttributes
|
|
135
|
+
} = _ref8;
|
|
136
|
+
const decoded = await verifyCredentialSdJwt(credential, issuerConf.openid_credential_issuer.jwks.keys, credentialCryptoContext);
|
|
137
|
+
const parsedCredential = parseCredentialSdJwt(issuerConf.openid_credential_issuer.credentials_supported, decoded, ignoreMissingAttributes);
|
|
138
|
+
return {
|
|
139
|
+
parsedCredential
|
|
140
|
+
};
|
|
141
|
+
};
|
|
142
|
+
|
|
143
|
+
/**
|
|
144
|
+
* Verify and parse an encoded credential
|
|
145
|
+
*
|
|
146
|
+
* @param issuerConf The Issuer configuration
|
|
147
|
+
* @param credential The encoded credential
|
|
148
|
+
* @param format The format of the credentual
|
|
149
|
+
* @param context.credentialCryptoContext The context to access the key the Credential will be bound to
|
|
150
|
+
* @param context.ignoreMissingAttributes (optional) Whether to fail if a defined attribute is note present in the credentual. Default: false
|
|
151
|
+
* @returns A parsed credential with attributes in plain value
|
|
152
|
+
* @throws If the credential signature is not verified with the Issuer key set
|
|
153
|
+
* @throws If the credential is not bound to the provided user key
|
|
154
|
+
* @throws If the credential data fail to parse
|
|
155
|
+
*/
|
|
156
|
+
export const verifyAndParseCredential = async (issuerConf, credential, format, context) => {
|
|
157
|
+
if (format === "vc+sd-jwt") {
|
|
158
|
+
return verifyAndParseCredentialSdJwt(issuerConf, credential, format, context);
|
|
159
|
+
}
|
|
160
|
+
const _ = format;
|
|
161
|
+
throw new IoWalletError(`Unsupported credential format: ${_}`);
|
|
162
|
+
};
|
|
163
|
+
//# sourceMappingURL=07-verify-and-parse-credential.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["IoWalletError","SdJwt4VC","verify","verifySdJwt","parseCredentialSdJwt","credentials_supported","_ref","_credentials_supporte","sdJwt","disclosures","ignoreMissingAttributes","arguments","length","undefined","credentialSubject","find","c","credential_definition","type","includes","payload","expected","flatMap","_","join","attrDefinitions","Object","entries","attrsNotInDisclosures","filter","_ref2","attrKey","mandatory","some","_ref3","name","missing","map","received","definedValues","_ref4","_disclosures$find","definition","value","_ref5","display","reduce","names","_ref6","locale","undefinedValues","keys","_ref7","key","fromEntries","verifyCredentialSdJwt","rawCredential","issuerKeys","holderBindingContext","decodedCredential","holderBindingKey","Promise","all","getPublicKey","cnf","jwk","kid","verifyAndParseCredentialSdJwt","issuerConf","credential","_ref8","credentialCryptoContext","decoded","openid_credential_issuer","jwks","parsedCredential","verifyAndParseCredential","format","context"],"sourceRoot":"../../../../src","sources":["credential/issuance/07-verify-and-parse-credential.ts"],"mappings":"AAGA,SAASA,aAAa,QAAQ,oBAAoB;AAClD,SAASC,QAAQ,QAAQ,oBAAoB;AAC7C,SAASC,MAAM,IAAIC,WAAW,QAAQ,cAAc;;AAcpD;;AAmBA;;AAKA,MAAMC,oBAAoB,GAAG,SAAAA,CAE3BC,qBAAkH,EAAAC,IAAA,EAG7F;EAAA,IAAAC,qBAAA;EAAA,IAFrB;IAAEC,KAAK;IAAEC;EAAoC,CAAC,GAAAH,IAAA;EAAA,IAC9CI,uBAAgC,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,KAAK;EAExC;EACA;EACA,MAAMG,iBAAiB,IAAAP,qBAAA,GAAGF,qBAAqB,CAACU,IAAI,CAAEC,CAAC,IACrDA,CAAC,CAACC,qBAAqB,CAACC,IAAI,CAACC,QAAQ,CAACX,KAAK,CAACY,OAAO,CAACF,IAAI,CAC1D,CAAC,cAAAX,qBAAA,uBAFyBA,qBAAA,CAEvBU,qBAAqB,CAACH,iBAAiB;;EAE1C;EACA,IAAI,CAACA,iBAAiB,EAAE;IACtB,MAAMO,QAAQ,GAAGhB,qBAAqB,CACnCiB,OAAO,CAAEC,CAAC,IAAKA,CAAC,CAACN,qBAAqB,CAACC,IAAI,CAAC,CAC5CM,IAAI,CAAC,IAAI,CAAC;IACb,MAAM,IAAIxB,aAAa,CACpB,gEAA+DqB,QAAS,gBAAeb,KAAK,CAACY,OAAO,CAACF,IAAK,KAC7G,CAAC;EACH;;EAEA;EACA,MAAMO,eAAe,GAAGC,MAAM,CAACC,OAAO,CAACb,iBAAiB,CAAC;;EAEzD;EACA;EACA,MAAMc,qBAAqB,GAAGH,eAAe,CAACI,MAAM,CAClDC,KAAA;IAAA,IAAC,CAACC,OAAO,EAAE;MAAEC;IAAU,CAAC,CAAC,GAAAF,KAAA;IAAA,OACvBE,SAAS,IAAI,CAACvB,WAAW,CAACwB,IAAI,CAACC,KAAA;MAAA,IAAC,GAAGC,IAAI,CAAC,GAAAD,KAAA;MAAA,OAAKC,IAAI,KAAKJ,OAAO;IAAA,EAAC;EAAA,CAClE,CAAC;EACD,IAAIH,qBAAqB,CAAChB,MAAM,GAAG,CAAC,EAAE;IACpC,MAAMwB,OAAO,GAAGR,qBAAqB,CAACS,GAAG,CAAEd,CAAC,IAAKA,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAACC,IAAI,CAAC,IAAI,CAAC;IAC3E,MAAMc,QAAQ,GAAG7B,WAAW,CAAC4B,GAAG,CAAEd,CAAC,IAAKA,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAACC,IAAI,CAAC,IAAI,CAAC;IACnE;IACA;IACA;IACA,IAAI,CAACd,uBAAuB,EAAE;MAC5B,MAAM,IAAIV,aAAa,CACpB,4DAA2DoC,OAAQ,iBAAgBE,QAAS,GAC/F,CAAC;IACH;EACF;;EAEA;EACA;EACA,MAAMC,aAAa,GAAGd;EACpB;EAAA,CACCY,GAAG,CACFG,KAAA;IAAA,IAAAC,iBAAA;IAAA,IAAC,CAACV,OAAO,EAAEW,UAAU,CAAC,GAAAF,KAAA;IAAA,OACpB,CACET,OAAO,EACP;MACE,GAAGW,UAAU;MACbC,KAAK,GAAAF,iBAAA,GAAEhC,WAAW,CAACM,IAAI,CACpBQ,CAAC,IAAKA,CAAC,CAAC,CAAC,CAAC,WAAW,KAAKQ,OAC7B,CAAC,cAAAU,iBAAA,uBAFMA,iBAAA,CAEH,CAAC,CAAC;IACR,CAAC,CACF;EAAA,CACL;EACA;EACA;EAAA,CACCJ,GAAG,CACFO,KAAA;IAAA,IAAC,CAACb,OAAO,EAAE;MAAEc,OAAO;MAAE,GAAGH;IAAW,CAAC,CAAC,GAAAE,KAAA;IAAA,OACpC,CACEb,OAAO,EACP;MACE,GAAGW,UAAU;MACbP,IAAI,EAAEU,OAAO,CAACC,MAAM,CAClB,CAACC,KAAK,EAAAC,KAAA;QAAA,IAAE;UAAEC,MAAM;UAAEd;QAAK,CAAC,GAAAa,KAAA;QAAA,OAAM;UAAE,GAAGD,KAAK;UAAE,CAACE,MAAM,GAAGd;QAAK,CAAC;MAAA,CAAC,EAC3D,CAAC,CACH;IACF,CAAC,CACF;EAAA,CACL,CAAC;;EAEH;EACA;EACA,MAAMe,eAAe,GAAGzC,WAAW,CAChCoB,MAAM,CAAEN,CAAC,IAAK,CAACG,MAAM,CAACyB,IAAI,CAACZ,aAAa,CAAC,CAACpB,QAAQ,CAACI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CACzDc,GAAG,CAACe,KAAA;IAAA,IAAC,GAAGC,GAAG,EAAEV,KAAK,CAAC,GAAAS,KAAA;IAAA,OAAK,CAACC,GAAG,EAAE;MAAEV,KAAK;MAAEX,SAAS,EAAE,KAAK;MAAEG,IAAI,EAAEkB;IAAI,CAAC,CAAC;EAAA,EAAC;EAEzE,OAAO;IACL,GAAG3B,MAAM,CAAC4B,WAAW,CAACf,aAAa,CAAC;IACpC,GAAGb,MAAM,CAAC4B,WAAW,CAACJ,eAAe;EACvC,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,eAAeK,qBAAqBA,CAClCC,aAAqB,EACrBC,UAAiB,EACjBC,oBAAmC,EACF;EACjC,MAAM,CAACC,iBAAiB,EAAEC,gBAAgB,CAAC;EACzC;EACA,MAAMC,OAAO,CAACC,GAAG,CAAC,CAChB3D,WAAW,CAACqD,aAAa,EAAEC,UAAU,EAAExD,QAAQ,CAAC,EAChDyD,oBAAoB,CAACK,YAAY,CAAC,CAAC,CACpC,CAAC;EAEJ,MAAM;IAAEC;EAAI,CAAC,GAAGL,iBAAiB,CAACnD,KAAK,CAACY,OAAO;EAE/C,IAAI,CAAC4C,GAAG,CAACC,GAAG,CAACC,GAAG,IAAIF,GAAG,CAACC,GAAG,CAACC,GAAG,KAAKN,gBAAgB,CAACM,GAAG,EAAE;IACxD,MAAM,IAAIlE,aAAa,CACpB,kDAAiD4D,gBAAgB,CAACM,GAAI,UAASP,iBAAiB,CAACnD,KAAK,CAACY,OAAO,CAAC4C,GAAG,CAACC,GAAG,CAACC,GAAI,EAC9H,CAAC;EACH;EAEA,OAAOP,iBAAiB;AAC1B;;AAEA;;AAQA,MAAMQ,6BAAsD,GAAG,MAAAA,CAC7DC,UAAU,EACVC,UAAU,EACV9C,CAAC,EAAA+C,KAAA,KAEE;EAAA,IADH;IAAEC,uBAAuB;IAAE7D;EAAwB,CAAC,GAAA4D,KAAA;EAEpD,MAAME,OAAO,GAAG,MAAMjB,qBAAqB,CACzCc,UAAU,EACVD,UAAU,CAACK,wBAAwB,CAACC,IAAI,CAACvB,IAAI,EAC7CoB,uBACF,CAAC;EAED,MAAMI,gBAAgB,GAAGvE,oBAAoB,CAC3CgE,UAAU,CAACK,wBAAwB,CAACpE,qBAAqB,EACzDmE,OAAO,EACP9D,uBACF,CAAC;EAED,OAAO;IAAEiE;EAAiB,CAAC;AAC7B,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMC,wBAAkD,GAAG,MAAAA,CAChER,UAAU,EACVC,UAAU,EACVQ,MAAM,EACNC,OAAO,KACJ;EACH,IAAID,MAAM,KAAK,WAAW,EAAE;IAC1B,OAAOV,6BAA6B,CAClCC,UAAU,EACVC,UAAU,EACVQ,MAAM,EACNC,OACF,CAAC;EACH;EAEA,MAAMvD,CAAQ,GAAGsD,MAAM;EACvB,MAAM,IAAI7E,aAAa,CAAE,kCAAiCuB,CAAE,EAAC,CAAC;AAChE,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":[],"sourceRoot":"../../../../src","sources":["credential/issuance/08-confirm-credential.ts"],"mappings":""}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["ASSERTION_TYPE"],"sourceRoot":"../../../../src","sources":["credential/issuance/const.ts"],"mappings":"AAAA,OAAO,
|
|
1
|
+
{"version":3,"names":["z","ASSERTION_TYPE","SupportedCredentialFormat","literal"],"sourceRoot":"../../../../src","sources":["credential/issuance/const.ts"],"mappings":"AAAA,OAAO,KAAKA,CAAC,MAAM,KAAK;AACxB,OAAO,MAAMC,cAAc,GACzB,oEAAoE;AAKtE,OAAO,MAAMC,yBAAyB,GAAGF,CAAC,CAACG,OAAO,CAAC,WAAW,CAAC"}
|
|
@@ -2,5 +2,6 @@ import { evaluateIssuerTrust } from "./02-evaluate-issuer-trust";
|
|
|
2
2
|
import { startUserAuthorization } from "./03-start-user-authorization";
|
|
3
3
|
import { authorizeAccess } from "./05-authorize-access";
|
|
4
4
|
import { obtainCredential } from "./06-obtain-credential";
|
|
5
|
-
|
|
5
|
+
import { verifyAndParseCredential } from "./07-verify-and-parse-credential";
|
|
6
|
+
export { evaluateIssuerTrust, startUserAuthorization, authorizeAccess, obtainCredential, verifyAndParseCredential };
|
|
6
7
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["evaluateIssuerTrust","startUserAuthorization","authorizeAccess","obtainCredential"],"sourceRoot":"../../../../src","sources":["credential/issuance/index.ts"],"mappings":"AACA,SACEA,mBAAmB,QAEd,4BAA4B;AACnC,SACEC,sBAAsB,QAEjB,+BAA+B;AAEtC,SAASC,eAAe,QAA8B,uBAAuB;AAC7E,SACEC,gBAAgB,QAEX,wBAAwB;
|
|
1
|
+
{"version":3,"names":["evaluateIssuerTrust","startUserAuthorization","authorizeAccess","obtainCredential","verifyAndParseCredential"],"sourceRoot":"../../../../src","sources":["credential/issuance/index.ts"],"mappings":"AACA,SACEA,mBAAmB,QAEd,4BAA4B;AACnC,SACEC,sBAAsB,QAEjB,+BAA+B;AAEtC,SAASC,eAAe,QAA8B,uBAAuB;AAC7E,SACEC,gBAAgB,QAEX,wBAAwB;AAC/B,SACEC,wBAAwB,QAEnB,kCAAkC;AAGzC,SACEJ,mBAAmB,EACnBC,sBAAsB,EACtBC,eAAe,EACfC,gBAAgB,EAChBC,wBAAwB"}
|
|
@@ -24,7 +24,7 @@ const QRCodePayload = z.object({
|
|
|
24
24
|
* @returns The url for the Relying Party to connect with
|
|
25
25
|
* @throws If the provided qr code fails to be decoded
|
|
26
26
|
*/
|
|
27
|
-
export const startFlowFromQR =
|
|
27
|
+
export const startFlowFromQR = qrcode => {
|
|
28
28
|
const decoded = decodeBase64(qrcode);
|
|
29
29
|
const decodedUrl = new URL(decoded);
|
|
30
30
|
const protocol = decodedUrl.protocol;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["z","decodeBase64","AuthRequestDecodeError","QRCodePayload","object","protocol","string","resource","clientId","requestURI","startFlowFromQR","qrcode","decoded","decodedUrl","URL","hostname","searchParams","get","result","safeParse","success","data","error","message"],"sourceRoot":"../../../../src","sources":["credential/presentation/01-start-flow.ts"],"mappings":"AAAA,OAAO,KAAKA,CAAC,MAAM,KAAK;AACxB,SAASC,YAAY,QAAQ,6BAA6B;AAC1D,SAASC,sBAAsB,QAAQ,oBAAoB;AAE3D,MAAMC,aAAa,GAAGH,CAAC,CAACI,MAAM,CAAC;EAC7BC,QAAQ,EAAEL,CAAC,CAACM,MAAM,CAAC,CAAC;EACpBC,QAAQ,EAAEP,CAAC,CAACM,MAAM,CAAC,CAAC;EAAE;EACtBE,QAAQ,EAAER,CAAC,CAACM,MAAM,CAAC,CAAC;EACpBG,UAAU,EAAET,CAAC,CAACM,MAAM,CAAC;AACvB,CAAC,CAAC;;AAEF;AACA;AACA;AACA;AACA;AACA;AACA;;AAMA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMI,eAAoC,
|
|
1
|
+
{"version":3,"names":["z","decodeBase64","AuthRequestDecodeError","QRCodePayload","object","protocol","string","resource","clientId","requestURI","startFlowFromQR","qrcode","decoded","decodedUrl","URL","hostname","searchParams","get","result","safeParse","success","data","error","message"],"sourceRoot":"../../../../src","sources":["credential/presentation/01-start-flow.ts"],"mappings":"AAAA,OAAO,KAAKA,CAAC,MAAM,KAAK;AACxB,SAASC,YAAY,QAAQ,6BAA6B;AAC1D,SAASC,sBAAsB,QAAQ,oBAAoB;AAE3D,MAAMC,aAAa,GAAGH,CAAC,CAACI,MAAM,CAAC;EAC7BC,QAAQ,EAAEL,CAAC,CAACM,MAAM,CAAC,CAAC;EACpBC,QAAQ,EAAEP,CAAC,CAACM,MAAM,CAAC,CAAC;EAAE;EACtBE,QAAQ,EAAER,CAAC,CAACM,MAAM,CAAC,CAAC;EACpBG,UAAU,EAAET,CAAC,CAACM,MAAM,CAAC;AACvB,CAAC,CAAC;;AAEF;AACA;AACA;AACA;AACA;AACA;AACA;;AAMA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMI,eAAoC,GAAIC,MAAM,IAAK;EAC9D,MAAMC,OAAO,GAAGX,YAAY,CAACU,MAAM,CAAC;EACpC,MAAME,UAAU,GAAG,IAAIC,GAAG,CAACF,OAAO,CAAC;EACnC,MAAMP,QAAQ,GAAGQ,UAAU,CAACR,QAAQ;EACpC,MAAME,QAAQ,GAAGM,UAAU,CAACE,QAAQ;EACpC,MAAMN,UAAU,GAAGI,UAAU,CAACG,YAAY,CAACC,GAAG,CAAC,aAAa,CAAC;EAC7D,MAAMT,QAAQ,GAAGK,UAAU,CAACG,YAAY,CAACC,GAAG,CAAC,WAAW,CAAC;EAEzD,MAAMC,MAAM,GAAGf,aAAa,CAACgB,SAAS,CAAC;IACrCd,QAAQ;IACRE,QAAQ;IACRE,UAAU;IACVD;EACF,CAAC,CAAC;EAEF,IAAIU,MAAM,CAACE,OAAO,EAAE;IAClB,OAAOF,MAAM,CAACG,IAAI;EACpB,CAAC,MAAM;IACL,MAAM,IAAInB,sBAAsB,CAACgB,MAAM,CAACI,KAAK,CAACC,OAAO,EAAG,GAAEV,UAAW,EAAC,CAAC;EACzE;AACF,CAAC"}
|
package/lib/module/index.js
CHANGED
|
@@ -3,10 +3,11 @@
|
|
|
3
3
|
import "react-native-url-polyfill/auto";
|
|
4
4
|
import * as Credential from "./credential";
|
|
5
5
|
import * as PID from "./pid";
|
|
6
|
+
import * as SdJwt from "./sd-jwt";
|
|
6
7
|
import * as Errors from "./utils/errors";
|
|
7
8
|
import * as WalletInstanceAttestation from "./wallet-instance-attestation";
|
|
8
9
|
import * as Trust from "./trust";
|
|
9
10
|
import { AuthorizationDetail, AuthorizationDetails } from "./utils/par";
|
|
10
11
|
import { createCryptoContextFor } from "./utils/crypto";
|
|
11
|
-
export { PID, Credential, WalletInstanceAttestation, Errors, Trust, createCryptoContextFor, AuthorizationDetail, AuthorizationDetails };
|
|
12
|
+
export { SdJwt, PID, Credential, WalletInstanceAttestation, Errors, Trust, createCryptoContextFor, AuthorizationDetail, AuthorizationDetails };
|
|
12
13
|
//# sourceMappingURL=index.js.map
|
package/lib/module/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["Credential","PID","Errors","WalletInstanceAttestation","Trust","AuthorizationDetail","AuthorizationDetails","createCryptoContextFor"],"sourceRoot":"../../src","sources":["index.ts"],"mappings":"AAAA;AACA;AACA,OAAO,gCAAgC;AAEvC,OAAO,KAAKA,UAAU,MAAM,cAAc;AAC1C,OAAO,KAAKC,GAAG,MAAM,OAAO;AAC5B,OAAO,KAAKC,MAAM,MAAM,gBAAgB;AACxC,OAAO,KAAKC,yBAAyB,MAAM,+BAA+B;AAC1E,OAAO,KAAKC,KAAK,MAAM,SAAS;AAChC,SAASC,mBAAmB,EAAEC,oBAAoB,QAAQ,aAAa;AACvE,SAASC,sBAAsB,QAAQ,gBAAgB;AAEvD,SACEN,GAAG,EACHD,UAAU,
|
|
1
|
+
{"version":3,"names":["Credential","PID","SdJwt","Errors","WalletInstanceAttestation","Trust","AuthorizationDetail","AuthorizationDetails","createCryptoContextFor"],"sourceRoot":"../../src","sources":["index.ts"],"mappings":"AAAA;AACA;AACA,OAAO,gCAAgC;AAEvC,OAAO,KAAKA,UAAU,MAAM,cAAc;AAC1C,OAAO,KAAKC,GAAG,MAAM,OAAO;AAC5B,OAAO,KAAKC,KAAK,MAAM,UAAU;AACjC,OAAO,KAAKC,MAAM,MAAM,gBAAgB;AACxC,OAAO,KAAKC,yBAAyB,MAAM,+BAA+B;AAC1E,OAAO,KAAKC,KAAK,MAAM,SAAS;AAChC,SAASC,mBAAmB,EAAEC,oBAAoB,QAAQ,aAAa;AACvE,SAASC,sBAAsB,QAAQ,gBAAgB;AAEvD,SACEN,KAAK,EACLD,GAAG,EACHD,UAAU,EACVI,yBAAyB,EACzBD,MAAM,EACNE,KAAK,EACLG,sBAAsB,EACtBF,mBAAmB,EACnBC,oBAAoB"}
|
|
@@ -1,8 +1,9 @@
|
|
|
1
|
+
import { z } from "zod";
|
|
1
2
|
import { decode, disclose } from "../index";
|
|
2
3
|
import { encodeBase64, decodeBase64 } from "@pagopa/io-react-native-jwt";
|
|
3
4
|
import { SdJwt4VC } from "../types";
|
|
4
5
|
|
|
5
|
-
// Examples from https://www.ietf.org/id/draft-terbu-sd-jwt-vc-02.html#name-example-4
|
|
6
|
+
// Examples from https://www.ietf.org/archive/id/draft-terbu-sd-jwt-vc-02.html#name-example-4
|
|
6
7
|
// but adapted to adhere to format declared in https://italia.github.io/eudi-wallet-it-docs/versione-corrente/en/pid-eaa-data-model.html#id2
|
|
7
8
|
// In short, the token is a Frankenstein composed as follows:
|
|
8
9
|
// - the header is taken from the italian specification, with kid and alg valued according to the signing keys
|
|
@@ -75,6 +76,37 @@ describe("decode", () => {
|
|
|
75
76
|
}))
|
|
76
77
|
});
|
|
77
78
|
});
|
|
79
|
+
it("should decode with default decoder", () => {
|
|
80
|
+
const result = decode(token);
|
|
81
|
+
expect(result).toEqual({
|
|
82
|
+
sdJwt,
|
|
83
|
+
disclosures: disclosures.map((decoded, i) => ({
|
|
84
|
+
decoded,
|
|
85
|
+
encoded: tokenizedDisclosures[i]
|
|
86
|
+
}))
|
|
87
|
+
});
|
|
88
|
+
});
|
|
89
|
+
it("should accept only decoders that extend SdJwt4VC", () => {
|
|
90
|
+
const validDecoder = SdJwt4VC.and(z.object({
|
|
91
|
+
payload: z.object({
|
|
92
|
+
customField: z.string()
|
|
93
|
+
})
|
|
94
|
+
}));
|
|
95
|
+
const invalidDecoder = z.object({
|
|
96
|
+
payload: z.object({
|
|
97
|
+
customField: z.string()
|
|
98
|
+
})
|
|
99
|
+
});
|
|
100
|
+
try {
|
|
101
|
+
// ts is fine
|
|
102
|
+
decode(token, validDecoder);
|
|
103
|
+
// @ts-expect-error break types
|
|
104
|
+
decode(token, invalidDecoder);
|
|
105
|
+
} catch (error) {
|
|
106
|
+
// ignore actual result, just focus on types
|
|
107
|
+
// spot the error during type checking phase
|
|
108
|
+
}
|
|
109
|
+
});
|
|
78
110
|
});
|
|
79
111
|
describe("disclose", () => {
|
|
80
112
|
it("should encode a valid sdjwt (one claim)", async () => {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["decode","disclose","encodeBase64","decodeBase64","SdJwt4VC","token","unsigned","signature","signed","tokenizedDisclosures","sdJwt","header","typ","alg","kid","trust_chain","payload","iss","sub","jti","iat","exp","status","cnf","jwk","kty","use","n","e","type","verified_claims","verification","_sd","trust_framework","assurance_level","claims","_sd_alg","disclosures","street_address","locality","region","country","it","expect","JSON","parse","stringify","toEqual","join","toBe","describe","result","map","decoded","i","encoded","expected","paths","claim","path","fn","rejects","any","Error"],"sourceRoot":"../../../../src","sources":["sd-jwt/__test__/index.test.ts"],"mappings":"AAAA,SAASA,MAAM,EAAEC,QAAQ,QAAQ,UAAU;AAE3C,SAASC,YAAY,EAAEC,YAAY,QAAQ,6BAA6B;AACxE,SAASC,QAAQ,QAAQ,UAAU;;AAEnC;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMC,KAAK,GACT,kvEAAkvE;AAEpvE,MAAMC,QAAQ,GACZ,87CAA87C;AAEh8C,MAAMC,SAAS,GACb,wFAAwF;AAE1F,MAAMC,MAAM,GAAI,GAAEF,QAAS,IAAGC,SAAU,EAAC;AAEzC,MAAME,oBAAoB,GAAG,CAC3B,kEAAkE,EAClE,kEAAkE,EAClE,gFAAgF,EAChF,oFAAoF,EACpF,yEAAyE,EACzE,gEAAgE,EAChE,gEAAgE,EAChE,gEAAgE,EAChE,qLAAqL,CACtL;AAED,MAAMC,KAAK,GAAG;EACZC,MAAM,EAAE;IACNC,GAAG,EAAE,WAAW;IAChBC,GAAG,EAAE,OAAO;IACZC,GAAG,EAAE,kCAAkC;IACvCC,WAAW,EAAE,CACX,kCAAkC,EAClC,kCAAkC,EAClC,kCAAkC;EAEtC,CAAC;EACDC,OAAO,EAAE;IACPC,GAAG,EAAE,4BAA4B;IACjCC,GAAG,EAAE,sCAAsC;IAC3CC,GAAG,EAAE,+CAA+C;IACpDC,GAAG,EAAE,UAAU;IACfC,GAAG,EAAE,UAAU;IACfC,MAAM,EAAE,4BAA4B;IACpCC,GAAG,EAAE;MACHC,GAAG,EAAE;QACHC,GAAG,EAAE,KAAK;QACVC,GAAG,EAAE,KAAK;QACVC,CAAC,EAAE,QAAQ;QACXC,CAAC,EAAE,MAAM;QACTd,GAAG,EAAE;MACP;IACF,CAAC;IACDe,IAAI,EAAE,0BAA0B;IAChCC,eAAe,EAAE;MACfC,YAAY,EAAE;QACZC,GAAG,EAAE,CAAC,6CAA6C,CAAC;QACpDC,eAAe,EAAE,OAAO;QACxBC,eAAe,EAAE;MACnB,CAAC;MACDC,MAAM,EAAE;QACNH,GAAG,EAAE,CACH,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C;MAEjD;IACF,CAAC;IACDI,OAAO,EAAE;EACX;AACF,CAAC;;AAED;AACA,MAAMC,WAAW,GAAG,CAClB,CAAC,wBAAwB,EAAE,YAAY,EAAE,MAAM,CAAC,EAChD,CAAC,wBAAwB,EAAE,aAAa,EAAE,KAAK,CAAC,EAChD,CAAC,wBAAwB,EAAE,OAAO,EAAE,qBAAqB,CAAC,EAC1D,CAAC,wBAAwB,EAAE,cAAc,EAAE,iBAAiB,CAAC,EAC7D,CAAC,wBAAwB,EAAE,WAAW,EAAE,YAAY,CAAC,EACrD,CAAC,wBAAwB,EAAE,YAAY,EAAE,IAAI,CAAC,EAC9C,CAAC,wBAAwB,EAAE,YAAY,EAAE,IAAI,CAAC,EAC9C,CAAC,wBAAwB,EAAE,YAAY,EAAE,IAAI,CAAC,EAC9C,CACE,wBAAwB,EACxB,SAAS,EACT;EACEC,cAAc,EAAE,aAAa;EAC7BC,QAAQ,EAAE,SAAS;EACnBC,MAAM,EAAE,UAAU;EAClBC,OAAO,EAAE;AACX,CAAC,CACF,CACF;AACDC,EAAE,CAAC,kCAAkC,EAAE,MAAM;EAC3CC,MAAM,CACJC,IAAI,CAACC,KAAK,CAAC1C,YAAY,CAACD,YAAY,CAAC0C,IAAI,CAACE,SAAS,CAACpC,KAAK,CAACC,MAAM,CAAC,CAAC,CAAC,CACrE,CAAC,CAACoC,OAAO,CAACrC,KAAK,CAACC,MAAM,CAAC;EACvBgC,MAAM,CAAC,CAACnC,MAAM,EAAE,GAAGC,oBAAoB,CAAC,CAACuC,IAAI,CAAC,GAAG,CAAC,CAAC,CAACC,IAAI,CAAC5C,KAAK,CAAC;AACjE,CAAC,CAAC;AAEF6C,QAAQ,CAAC,QAAQ,EAAE,MAAM;EACvBR,EAAE,CAAC,6BAA6B,EAAE,MAAM;IACtC,MAAMS,MAAM,GAAGnD,MAAM,CAACK,KAAK,EAAED,QAAQ,CAAC;IACtCuC,MAAM,CAACQ,MAAM,CAAC,CAACJ,OAAO,CAAC;MACrBrC,KAAK;MACL2B,WAAW,EAAEA,WAAW,CAACe,GAAG,CAAC,CAACC,OAAO,EAAEC,CAAC,MAAM;QAC5CD,OAAO;QACPE,OAAO,EAAE9C,oBAAoB,CAAC6C,CAAC;MACjC,CAAC,CAAC;IACJ,CAAC,CAAC;EACJ,CAAC,CAAC;AACJ,CAAC,CAAC;
|
|
1
|
+
{"version":3,"names":["z","decode","disclose","encodeBase64","decodeBase64","SdJwt4VC","token","unsigned","signature","signed","tokenizedDisclosures","sdJwt","header","typ","alg","kid","trust_chain","payload","iss","sub","jti","iat","exp","status","cnf","jwk","kty","use","n","e","type","verified_claims","verification","_sd","trust_framework","assurance_level","claims","_sd_alg","disclosures","street_address","locality","region","country","it","expect","JSON","parse","stringify","toEqual","join","toBe","describe","result","map","decoded","i","encoded","validDecoder","and","object","customField","string","invalidDecoder","error","expected","paths","claim","path","fn","rejects","any","Error"],"sourceRoot":"../../../../src","sources":["sd-jwt/__test__/index.test.ts"],"mappings":"AAAA,SAASA,CAAC,QAAQ,KAAK;AACvB,SAASC,MAAM,EAAEC,QAAQ,QAAQ,UAAU;AAE3C,SAASC,YAAY,EAAEC,YAAY,QAAQ,6BAA6B;AACxE,SAASC,QAAQ,QAAQ,UAAU;;AAEnC;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMC,KAAK,GACT,kvEAAkvE;AAEpvE,MAAMC,QAAQ,GACZ,87CAA87C;AAEh8C,MAAMC,SAAS,GACb,wFAAwF;AAE1F,MAAMC,MAAM,GAAI,GAAEF,QAAS,IAAGC,SAAU,EAAC;AAEzC,MAAME,oBAAoB,GAAG,CAC3B,kEAAkE,EAClE,kEAAkE,EAClE,gFAAgF,EAChF,oFAAoF,EACpF,yEAAyE,EACzE,gEAAgE,EAChE,gEAAgE,EAChE,gEAAgE,EAChE,qLAAqL,CACtL;AAED,MAAMC,KAAK,GAAG;EACZC,MAAM,EAAE;IACNC,GAAG,EAAE,WAAW;IAChBC,GAAG,EAAE,OAAO;IACZC,GAAG,EAAE,kCAAkC;IACvCC,WAAW,EAAE,CACX,kCAAkC,EAClC,kCAAkC,EAClC,kCAAkC;EAEtC,CAAC;EACDC,OAAO,EAAE;IACPC,GAAG,EAAE,4BAA4B;IACjCC,GAAG,EAAE,sCAAsC;IAC3CC,GAAG,EAAE,+CAA+C;IACpDC,GAAG,EAAE,UAAU;IACfC,GAAG,EAAE,UAAU;IACfC,MAAM,EAAE,4BAA4B;IACpCC,GAAG,EAAE;MACHC,GAAG,EAAE;QACHC,GAAG,EAAE,KAAK;QACVC,GAAG,EAAE,KAAK;QACVC,CAAC,EAAE,QAAQ;QACXC,CAAC,EAAE,MAAM;QACTd,GAAG,EAAE;MACP;IACF,CAAC;IACDe,IAAI,EAAE,0BAA0B;IAChCC,eAAe,EAAE;MACfC,YAAY,EAAE;QACZC,GAAG,EAAE,CAAC,6CAA6C,CAAC;QACpDC,eAAe,EAAE,OAAO;QACxBC,eAAe,EAAE;MACnB,CAAC;MACDC,MAAM,EAAE;QACNH,GAAG,EAAE,CACH,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C;MAEjD;IACF,CAAC;IACDI,OAAO,EAAE;EACX;AACF,CAAC;;AAED;AACA,MAAMC,WAAW,GAAG,CAClB,CAAC,wBAAwB,EAAE,YAAY,EAAE,MAAM,CAAC,EAChD,CAAC,wBAAwB,EAAE,aAAa,EAAE,KAAK,CAAC,EAChD,CAAC,wBAAwB,EAAE,OAAO,EAAE,qBAAqB,CAAC,EAC1D,CAAC,wBAAwB,EAAE,cAAc,EAAE,iBAAiB,CAAC,EAC7D,CAAC,wBAAwB,EAAE,WAAW,EAAE,YAAY,CAAC,EACrD,CAAC,wBAAwB,EAAE,YAAY,EAAE,IAAI,CAAC,EAC9C,CAAC,wBAAwB,EAAE,YAAY,EAAE,IAAI,CAAC,EAC9C,CAAC,wBAAwB,EAAE,YAAY,EAAE,IAAI,CAAC,EAC9C,CACE,wBAAwB,EACxB,SAAS,EACT;EACEC,cAAc,EAAE,aAAa;EAC7BC,QAAQ,EAAE,SAAS;EACnBC,MAAM,EAAE,UAAU;EAClBC,OAAO,EAAE;AACX,CAAC,CACF,CACF;AACDC,EAAE,CAAC,kCAAkC,EAAE,MAAM;EAC3CC,MAAM,CACJC,IAAI,CAACC,KAAK,CAAC1C,YAAY,CAACD,YAAY,CAAC0C,IAAI,CAACE,SAAS,CAACpC,KAAK,CAACC,MAAM,CAAC,CAAC,CAAC,CACrE,CAAC,CAACoC,OAAO,CAACrC,KAAK,CAACC,MAAM,CAAC;EACvBgC,MAAM,CAAC,CAACnC,MAAM,EAAE,GAAGC,oBAAoB,CAAC,CAACuC,IAAI,CAAC,GAAG,CAAC,CAAC,CAACC,IAAI,CAAC5C,KAAK,CAAC;AACjE,CAAC,CAAC;AAEF6C,QAAQ,CAAC,QAAQ,EAAE,MAAM;EACvBR,EAAE,CAAC,6BAA6B,EAAE,MAAM;IACtC,MAAMS,MAAM,GAAGnD,MAAM,CAACK,KAAK,EAAED,QAAQ,CAAC;IACtCuC,MAAM,CAACQ,MAAM,CAAC,CAACJ,OAAO,CAAC;MACrBrC,KAAK;MACL2B,WAAW,EAAEA,WAAW,CAACe,GAAG,CAAC,CAACC,OAAO,EAAEC,CAAC,MAAM;QAC5CD,OAAO;QACPE,OAAO,EAAE9C,oBAAoB,CAAC6C,CAAC;MACjC,CAAC,CAAC;IACJ,CAAC,CAAC;EACJ,CAAC,CAAC;EAEFZ,EAAE,CAAC,oCAAoC,EAAE,MAAM;IAC7C,MAAMS,MAAM,GAAGnD,MAAM,CAACK,KAAK,CAAC;IAC5BsC,MAAM,CAACQ,MAAM,CAAC,CAACJ,OAAO,CAAC;MACrBrC,KAAK;MACL2B,WAAW,EAAEA,WAAW,CAACe,GAAG,CAAC,CAACC,OAAO,EAAEC,CAAC,MAAM;QAC5CD,OAAO;QACPE,OAAO,EAAE9C,oBAAoB,CAAC6C,CAAC;MACjC,CAAC,CAAC;IACJ,CAAC,CAAC;EACJ,CAAC,CAAC;EAEFZ,EAAE,CAAC,kDAAkD,EAAE,MAAM;IAC3D,MAAMc,YAAY,GAAGpD,QAAQ,CAACqD,GAAG,CAC/B1D,CAAC,CAAC2D,MAAM,CAAC;MAAE1C,OAAO,EAAEjB,CAAC,CAAC2D,MAAM,CAAC;QAAEC,WAAW,EAAE5D,CAAC,CAAC6D,MAAM,CAAC;MAAE,CAAC;IAAE,CAAC,CAC7D,CAAC;IACD,MAAMC,cAAc,GAAG9D,CAAC,CAAC2D,MAAM,CAAC;MAC9B1C,OAAO,EAAEjB,CAAC,CAAC2D,MAAM,CAAC;QAAEC,WAAW,EAAE5D,CAAC,CAAC6D,MAAM,CAAC;MAAE,CAAC;IAC/C,CAAC,CAAC;IAEF,IAAI;MACF;MACA5D,MAAM,CAACK,KAAK,EAAEmD,YAAY,CAAC;MAC3B;MACAxD,MAAM,CAACK,KAAK,EAAEwD,cAAc,CAAC;IAC/B,CAAC,CAAC,OAAOC,KAAK,EAAE;MACd;MACA;IAAA;EAEJ,CAAC,CAAC;AACJ,CAAC,CAAC;AAEFZ,QAAQ,CAAC,UAAU,EAAE,MAAM;EACzBR,EAAE,CAAC,yCAAyC,EAAE,YAAY;IACxD,MAAMS,MAAM,GAAG,MAAMlD,QAAQ,CAACI,KAAK,EAAE,CAAC,YAAY,CAAC,CAAC;IACpD,MAAM0D,QAAQ,GAAG;MACf1D,KAAK,EAAG,GAAEG,MAAO,mEAAkE;MACnFwD,KAAK,EAAE,CAAC;QAAEC,KAAK,EAAE,YAAY;QAAEC,IAAI,EAAE;MAAgC,CAAC;IACxE,CAAC;IAEDvB,MAAM,CAACQ,MAAM,CAAC,CAACJ,OAAO,CAACgB,QAAQ,CAAC;EAClC,CAAC,CAAC;EAEFrB,EAAE,CAAC,yCAAyC,EAAE,YAAY;IACxD,MAAMS,MAAM,GAAG,MAAMlD,QAAQ,CAACI,KAAK,EAAE,EAAE,CAAC;IACxC,MAAM0D,QAAQ,GAAG;MAAE1D,KAAK,EAAG,GAAEG,MAAO,EAAC;MAAEwD,KAAK,EAAE;IAAG,CAAC;IAElDrB,MAAM,CAACQ,MAAM,CAAC,CAACJ,OAAO,CAACgB,QAAQ,CAAC;EAClC,CAAC,CAAC;EAEFrB,EAAE,CAAC,+CAA+C,EAAE,YAAY;IAC9D,MAAMS,MAAM,GAAG,MAAMlD,QAAQ,CAACI,KAAK,EAAE,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;IAC7D,MAAM0D,QAAQ,GAAG;MACf1D,KAAK,EAAG,GAAEG,MAAO,kJAAiJ;MAClKwD,KAAK,EAAE,CACL;QACEC,KAAK,EAAE,YAAY;QACnBC,IAAI,EAAE;MACR,CAAC,EACD;QACED,KAAK,EAAE,OAAO;QACdC,IAAI,EAAE;MACR,CAAC;IAEL,CAAC;IAEDvB,MAAM,CAACQ,MAAM,CAAC,CAACJ,OAAO,CAACgB,QAAQ,CAAC;EAClC,CAAC,CAAC;EAEFrB,EAAE,CAAC,8BAA8B,EAAE,YAAY;IAC7C,MAAMyB,EAAE,GAAG,MAAAA,CAAA,KAAYlE,QAAQ,CAACI,KAAK,EAAE,CAAC,SAAS,CAAC,CAAC;IAEnD,MAAMsC,MAAM,CAACwB,EAAE,CAAC,CAAC,CAAC,CAACC,OAAO,CAACrB,OAAO,CAACJ,MAAM,CAAC0B,GAAG,CAACC,KAAK,CAAC,CAAC;EACvD,CAAC,CAAC;AACJ,CAAC,CAAC"}
|
|
@@ -22,12 +22,12 @@ const decodeDisclosure = encoded => {
|
|
|
22
22
|
*
|
|
23
23
|
* @function
|
|
24
24
|
* @param token The encoded token that represents a valid sd-jwt for verifiable credentials
|
|
25
|
-
* @param
|
|
25
|
+
* @param customSchema (optional) Schema to use to parse the SD-JWT. Default: SdJwt4VC
|
|
26
26
|
*
|
|
27
27
|
* @returns The parsed SD-JWT token and the parsed disclosures
|
|
28
28
|
*
|
|
29
29
|
*/
|
|
30
|
-
export const decode = (token,
|
|
30
|
+
export const decode = (token, customSchema) => {
|
|
31
31
|
// token are expected in the form "sd-jwt~disclosure0~disclosure1~...~disclosureN~"
|
|
32
32
|
if (token.slice(-1) === "~") {
|
|
33
33
|
token = token.slice(0, -1);
|
|
@@ -37,7 +37,10 @@ export const decode = (token, schema) => {
|
|
|
37
37
|
// get the sd-jwt as object
|
|
38
38
|
// validate it's a valid SD-JWT for Verifiable Credentials
|
|
39
39
|
const decodedJwt = decodeJwt(rawSdJwt);
|
|
40
|
-
|
|
40
|
+
|
|
41
|
+
// use a custom parsed if provided, otherwise use base SdJwt4VC
|
|
42
|
+
const parser = customSchema || SdJwt4VC;
|
|
43
|
+
const sdJwt = parser.parse({
|
|
41
44
|
header: decodedJwt.protectedHeader,
|
|
42
45
|
payload: decodedJwt.payload
|
|
43
46
|
});
|
|
@@ -130,15 +133,15 @@ export const disclose = async (token, claims) => {
|
|
|
130
133
|
*
|
|
131
134
|
* @param token The encoded token that represents a valid sd-jwt for verifiable credentials
|
|
132
135
|
* @param publicKey The single public key or an array of public keys to validate the signature.
|
|
133
|
-
* @param
|
|
136
|
+
* @param customSchema Schema to use to parse the SD-JWT
|
|
134
137
|
*
|
|
135
138
|
* @returns The parsed SD-JWT token and the parsed disclosures
|
|
136
139
|
*
|
|
137
140
|
*/
|
|
138
|
-
export const verify = async (token, publicKey,
|
|
141
|
+
export const verify = async (token, publicKey, customSchema) => {
|
|
139
142
|
// get decoded data
|
|
140
143
|
const [rawSdJwt = ""] = token.split("~");
|
|
141
|
-
const decoded = decode(token,
|
|
144
|
+
const decoded = decode(token, customSchema);
|
|
142
145
|
|
|
143
146
|
//Check signature
|
|
144
147
|
await verifyJwt(rawSdJwt, publicKey);
|
|
@@ -151,4 +154,5 @@ export const verify = async (token, publicKey, schema) => {
|
|
|
151
154
|
disclosures: decoded.disclosures.map(d => d.decoded)
|
|
152
155
|
};
|
|
153
156
|
};
|
|
157
|
+
export { SdJwt4VC };
|
|
154
158
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["decode","decodeJwt","verify","verifyJwt","sha256ToBase64","decodeBase64","Disclosure","SdJwt4VC","verifyDisclosure","ClaimsNotFoundBetweenDislosures","ClaimsNotFoundInToken","decodeDisclosure","encoded","decoded","parse","JSON","token","
|
|
1
|
+
{"version":3,"names":["decode","decodeJwt","verify","verifyJwt","sha256ToBase64","decodeBase64","Disclosure","SdJwt4VC","verifyDisclosure","ClaimsNotFoundBetweenDislosures","ClaimsNotFoundInToken","decodeDisclosure","encoded","decoded","parse","JSON","token","customSchema","slice","rawSdJwt","rawDisclosures","split","decodedJwt","parser","sdJwt","header","protectedHeader","payload","disclosures","map","disclose","claims","paths","Promise","all","claim","disclosure","find","_ref","name","hash","verified_claims","_sd","includes","index","indexOf","path","verification","filteredDisclosures","filter","d","disclosedToken","join","publicKey"],"sourceRoot":"../../../src","sources":["sd-jwt/index.ts"],"mappings":"AAEA,SAASA,MAAM,IAAIC,SAAS,QAAQ,6BAA6B;AACjE,SAASC,MAAM,IAAIC,SAAS,QAAQ,6BAA6B;AACjE,SAASC,cAAc,QAAQ,6BAA6B;AAE5D,SAASC,YAAY,QAAQ,6BAA6B;AAC1D,SAASC,UAAU,EAAEC,QAAQ,QAAoC,SAAS;AAC1E,SAASC,gBAAgB,QAAQ,YAAY;AAE7C,SACEC,+BAA+B,EAC/BC,qBAAqB,QAChB,iBAAiB;AAExB,MAAMC,gBAAgB,GAAIC,OAAe,IAA4B;EACnE,MAAMC,OAAO,GAAGP,UAAU,CAACQ,KAAK,CAACC,IAAI,CAACD,KAAK,CAACT,YAAY,CAACO,OAAO,CAAC,CAAC,CAAC;EACnE,OAAO;IAAEC,OAAO;IAAED;EAAQ,CAAC;AAC7B,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMZ,MAAM,GAAGA,CACpBgB,KAAa,EACbC,YAAgB,KAIb;EACH;EACA,IAAID,KAAK,CAACE,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE;IAC3BF,KAAK,GAAGA,KAAK,CAACE,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;EAC5B;EACA,MAAM,CAACC,QAAQ,GAAG,EAAE,EAAE,GAAGC,cAAc,CAAC,GAAGJ,KAAK,CAACK,KAAK,CAAC,GAAG,CAAC;;EAE3D;EACA;EACA,MAAMC,UAAU,GAAGrB,SAAS,CAACkB,QAAQ,CAAC;;EAEtC;EACA,MAAMI,MAAM,GAAGN,YAAY,IAAIV,QAAQ;EAEvC,MAAMiB,KAAK,GAAGD,MAAM,CAACT,KAAK,CAAC;IACzBW,MAAM,EAAEH,UAAU,CAACI,eAAe;IAClCC,OAAO,EAAEL,UAAU,CAACK;EACtB,CAAC,CAAC;;EAEF;EACA;EACA;EACA,MAAMC,WAAW,GAAGR,cAAc,CAACS,GAAG,CAAClB,gBAAgB,CAAC;EAExD,OAAO;IAAEa,KAAK;IAAEI;EAAY,CAAC;AAC/B,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAME,QAAQ,GAAG,MAAAA,CACtBd,KAAa,EACbe,MAAgB,KACyD;EACzE,MAAM,CAACZ,QAAQ,EAAE,GAAGC,cAAc,CAAC,GAAGJ,KAAK,CAACK,KAAK,CAAC,GAAG,CAAC;EACtD,MAAM;IAAEG,KAAK;IAAEI;EAAY,CAAC,GAAG5B,MAAM,CAACgB,KAAK,EAAET,QAAQ,CAAC;;EAEtD;EACA,MAAMyB,KAAK,GAAG,MAAMC,OAAO,CAACC,GAAG,CAC7BH,MAAM,CAACF,GAAG,CAAC,MAAOM,KAAK,IAAK;IAC1B,MAAMC,UAAU,GAAGR,WAAW,CAACS,IAAI,CACjCC,IAAA;MAAA,IAAC;QAAEzB,OAAO,EAAE,GAAG0B,IAAI;MAAE,CAAC,GAAAD,IAAA;MAAA,OAAKC,IAAI,KAAKJ,KAAK;IAAA,CAC3C,CAAC;;IAED;IACA,IAAI,CAACC,UAAU,EAAE;MACf,MAAM,IAAI3B,+BAA+B,CAAC0B,KAAK,CAAC;IAClD;IAEA,MAAMK,IAAI,GAAG,MAAMpC,cAAc,CAACgC,UAAU,CAACxB,OAAO,CAAC;;IAErD;IACA;IACA,IAAIY,KAAK,CAACG,OAAO,CAACc,eAAe,CAACV,MAAM,CAACW,GAAG,CAACC,QAAQ,CAACH,IAAI,CAAC,EAAE;MAC3D,MAAMI,KAAK,GAAGpB,KAAK,CAACG,OAAO,CAACc,eAAe,CAACV,MAAM,CAACW,GAAG,CAACG,OAAO,CAACL,IAAI,CAAC;MACpE,OAAO;QAAEL,KAAK;QAAEW,IAAI,EAAG,8BAA6BF,KAAM;MAAG,CAAC;IAChE,CAAC,MAAM,IACLpB,KAAK,CAACG,OAAO,CAACc,eAAe,CAACM,YAAY,CAACL,GAAG,CAACC,QAAQ,CAACH,IAAI,CAAC,EAC7D;MACA,MAAMI,KAAK,GACTpB,KAAK,CAACG,OAAO,CAACc,eAAe,CAACM,YAAY,CAACL,GAAG,CAACG,OAAO,CAACL,IAAI,CAAC;MAC9D,OAAO;QAAEL,KAAK;QAAEW,IAAI,EAAG,oCAAmCF,KAAM;MAAG,CAAC;IACtE;IAEA,MAAM,IAAIlC,qBAAqB,CAACyB,KAAK,CAAC;EACxC,CAAC,CACH,CAAC;EAED,MAAMa,mBAAmB,GAAG5B,cAAc,CAAC6B,MAAM,CAAEC,CAAC,IAAK;IACvD,MAAM;MACJrC,OAAO,EAAE,GAAG0B,IAAI;IAClB,CAAC,GAAG5B,gBAAgB,CAACuC,CAAC,CAAC;IACvB,OAAOnB,MAAM,CAACY,QAAQ,CAACJ,IAAI,CAAC;EAC9B,CAAC,CAAC;;EAEF;EACA,MAAMY,cAAc,GAAG,CAAChC,QAAQ,EAAE,GAAG6B,mBAAmB,CAAC,CAACI,IAAI,CAAC,GAAG,CAAC;EAEnE,OAAO;IAAEpC,KAAK,EAAEmC,cAAc;IAAEnB;EAAM,CAAC;AACzC,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAM9B,MAAM,GAAG,MAAAA,CACpBc,KAAa,EACbqC,SAAsB,EACtBpC,YAAgB,KAC8C;EAC9D;EACA,MAAM,CAACE,QAAQ,GAAG,EAAE,CAAC,GAAGH,KAAK,CAACK,KAAK,CAAC,GAAG,CAAC;EACxC,MAAMR,OAAO,GAAGb,MAAM,CAACgB,KAAK,EAAEC,YAAY,CAAC;;EAE3C;EACA,MAAMd,SAAS,CAACgB,QAAQ,EAAEkC,SAAS,CAAC;;EAEpC;EACA,MAAMtB,MAAM,GAAG,CACb,GAAGlB,OAAO,CAACW,KAAK,CAACG,OAAO,CAACc,eAAe,CAACM,YAAY,CAACL,GAAG,EACzD,GAAG7B,OAAO,CAACW,KAAK,CAACG,OAAO,CAACc,eAAe,CAACV,MAAM,CAACW,GAAG,CACpD;EAED,MAAMT,OAAO,CAACC,GAAG,CACfrB,OAAO,CAACe,WAAW,CAACC,GAAG,CACrB,MAAOO,UAAU,IAAK,MAAM5B,gBAAgB,CAAC4B,UAAU,EAAEL,MAAM,CACjE,CACF,CAAC;EAED,OAAO;IACLP,KAAK,EAAEX,OAAO,CAACW,KAAK;IACpBI,WAAW,EAAEf,OAAO,CAACe,WAAW,CAACC,GAAG,CAAEqB,CAAC,IAAKA,CAAC,CAACrC,OAAO;EACvD,CAAC;AACH,CAAC;AAED,SAASN,QAAQ"}
|
|
@@ -20,7 +20,7 @@ export const Disclosure = z.tuple([/* salt */z.string(), /* claim name */z.strin
|
|
|
20
20
|
* For such reason, we may find conveninent to have encoded and decode values stored explicitly in the same structure.
|
|
21
21
|
* Please note that `encoded` can always decode into `decode`, but `decode` may or may not be encoded with the same value of `encoded`
|
|
22
22
|
*
|
|
23
|
-
* @see https://www.ietf.org/id/draft-ietf-oauth-selective-disclosure-jwt-05.html#name-disclosures-for-object-prop
|
|
23
|
+
* @see https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-05.html#name-disclosures-for-object-prop
|
|
24
24
|
*/
|
|
25
25
|
|
|
26
26
|
export const SdJwt4VC = z.object({
|
|
@@ -71,12 +71,17 @@ export const EntityConfigurationHeader = z.object({
|
|
|
71
71
|
alg: z.string(),
|
|
72
72
|
kid: z.string()
|
|
73
73
|
});
|
|
74
|
+
|
|
75
|
+
/**
|
|
76
|
+
* @see https://openid.net/specs/openid-connect-federation-1_0-29.html#name-federation-entity
|
|
77
|
+
*/
|
|
74
78
|
const FederationEntityMetadata = z.object({
|
|
75
79
|
federation_fetch_endpoint: z.string().optional(),
|
|
76
80
|
federation_list_endpoint: z.string().optional(),
|
|
77
81
|
federation_resolve_endpoint: z.string().optional(),
|
|
78
82
|
federation_trust_mark_status_endpoint: z.string().optional(),
|
|
79
83
|
federation_trust_mark_list_endpoint: z.string().optional(),
|
|
84
|
+
organization_name: z.string().optional(),
|
|
80
85
|
homepage_uri: z.string().optional(),
|
|
81
86
|
policy_uri: z.string().optional(),
|
|
82
87
|
logo_uri: z.string().optional(),
|