@peac/protocol 0.10.8 → 0.10.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/issue.d.ts +3 -0
- package/dist/issue.d.ts.map +1 -1
- package/dist/issue.js +7 -17
- package/dist/issue.js.map +1 -1
- package/dist/telemetry.d.ts +43 -0
- package/dist/telemetry.d.ts.map +1 -1
- package/dist/telemetry.js +25 -0
- package/dist/telemetry.js.map +1 -1
- package/dist/transport-profiles.d.ts.map +1 -1
- package/dist/transport-profiles.js.map +1 -1
- package/dist/verify-local.d.ts +46 -4
- package/dist/verify-local.d.ts.map +1 -1
- package/dist/verify-local.js +78 -37
- package/dist/verify-local.js.map +1 -1
- package/dist/verify.d.ts +3 -0
- package/dist/verify.d.ts.map +1 -1
- package/dist/verify.js +39 -28
- package/dist/verify.js.map +1 -1
- package/package.json +4 -5
package/dist/issue.d.ts
CHANGED
|
@@ -4,6 +4,7 @@
|
|
|
4
4
|
*/
|
|
5
5
|
import type { JsonValue } from '@peac/kernel';
|
|
6
6
|
import { PEACReceiptClaims, SubjectProfileSnapshot, type PEACError, type PurposeToken, type CanonicalPurpose, type PurposeReason, type WorkflowContext } from '@peac/schema';
|
|
7
|
+
import { type TelemetryHook } from './telemetry.js';
|
|
7
8
|
/**
|
|
8
9
|
* Options for issuing a receipt
|
|
9
10
|
*/
|
|
@@ -73,6 +74,8 @@ export interface IssueOptions {
|
|
|
73
74
|
privateKey: Uint8Array;
|
|
74
75
|
/** Key ID (ISO 8601 timestamp) */
|
|
75
76
|
kid: string;
|
|
77
|
+
/** Telemetry hook (optional, fire-and-forget) */
|
|
78
|
+
telemetry?: TelemetryHook;
|
|
76
79
|
}
|
|
77
80
|
/**
|
|
78
81
|
* Result of issuing a receipt
|
package/dist/issue.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"issue.d.ts","sourceRoot":"","sources":["../src/issue.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAE9C,OAAO,EACL,iBAAiB,EAEjB,sBAAsB,EAKtB,KAAK,SAAS,EACd,KAAK,YAAY,EACjB,KAAK,gBAAgB,EACrB,KAAK,aAAa,EAKlB,KAAK,eAAe,EAIrB,MAAM,cAAc,CAAC;
|
|
1
|
+
{"version":3,"file":"issue.d.ts","sourceRoot":"","sources":["../src/issue.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAE9C,OAAO,EACL,iBAAiB,EAEjB,sBAAsB,EAKtB,KAAK,SAAS,EACd,KAAK,YAAY,EACjB,KAAK,gBAAgB,EACrB,KAAK,aAAa,EAKlB,KAAK,eAAe,EAIrB,MAAM,cAAc,CAAC;AACtB,OAAO,EAAkC,KAAK,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAEpF;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,4BAA4B;IAC5B,GAAG,EAAE,MAAM,CAAC;IAEZ,yCAAyC;IACzC,GAAG,EAAE,MAAM,CAAC;IAEZ,uCAAuC;IACvC,GAAG,EAAE,MAAM,CAAC;IAEZ,yCAAyC;IACzC,GAAG,EAAE,MAAM,CAAC;IAEZ,8BAA8B;IAC9B,IAAI,EAAE,MAAM,CAAC;IAEb,sCAAsC;IACtC,SAAS,EAAE,MAAM,CAAC;IAElB,4FAA4F;IAC5F,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf,0DAA0D;IAC1D,GAAG,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;IAEtB,4DAA4D;IAC5D,OAAO,CAAC,EAAE,MAAM,CAAC;IAEjB,uCAAuC;IACvC,eAAe,CAAC,EAAE,MAAM,CAAC;IAEzB,oFAAoF;IACpF,QAAQ,CAAC,EAAE,SAAS,CAAC;IAErB,iCAAiC;IACjC,eAAe,CAAC,EAAE,MAAM,CAAC;IAEzB,wCAAwC;IACxC,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAEnC,6BAA6B;IAC7B,OAAO,CAAC,EAAE,MAAM,CAAC;IAEjB,4BAA4B;IAC5B,GAAG,CAAC,EAAE,iBAAiB,CAAC,KAAK,CAAC,CAAC;IAE/B,gDAAgD;IAChD,GAAG,CAAC,EAAE,MAAM,CAAC;IAEb,iEAAiE;IACjE,gBAAgB,CAAC,EAAE,sBAAsB,CAAC;IAE1C;;;;;OAKG;IACH,OAAO,CAAC,EAAE,YAAY,GAAG,YAAY,EAAE,CAAC;IAExC;;;;;OAKG;IACH,gBAAgB,CAAC,EAAE,gBAAgB,CAAC;IAEpC;;;;OAIG;IACH,cAAc,CAAC,EAAE,aAAa,CAAC;IAE/B;;;;;OAKG;IACH,gBAAgB,CAAC,EAAE,eAAe,CAAC;IAEnC,qCAAqC;IACrC,UAAU,EAAE,UAAU,CAAC;IAEvB,kCAAkC;IAClC,GAAG,EAAE,MAAM,CAAC;IAEZ,iDAAiD;IACjD,SAAS,CAAC,EAAE,aAAa,CAAC;CAC3B;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,gCAAgC;IAChC,GAAG,EAAE,MAAM,CAAC;IAEZ,+CAA+C;IAC/C,gBAAgB,CAAC,EAAE,sBAAsB,CAAC;CAC3C;AAED;;;;GAIG;AACH,qBAAa,UAAW,SAAQ,KAAK;IACnC,+BAA+B;IAC/B,QAAQ,CAAC,SAAS,EAAE,SAAS,CAAC;gBAElB,SAAS,EAAE,SAAS;CAMjC;AAED;;;;;;GAMG;AACH,wBAAsB,KAAK,CAAC,OAAO,EAAE,YAAY,GAAG,OAAO,CAAC,WAAW,CAAC,CA2KvE;AAED;;;;;;;;GAQG;AACH,wBAAsB,QAAQ,CAAC,OAAO,EAAE,YAAY,GAAG,OAAO,CAAC,MAAM,CAAC,CAGrE"}
|
package/dist/issue.js
CHANGED
|
@@ -11,7 +11,6 @@ const uuidv7_1 = require("uuidv7");
|
|
|
11
11
|
const crypto_1 = require("@peac/crypto");
|
|
12
12
|
const zod_1 = require("zod");
|
|
13
13
|
const schema_1 = require("@peac/schema");
|
|
14
|
-
const telemetry_1 = require("@peac/telemetry");
|
|
15
14
|
const telemetry_js_1 = require("./telemetry.js");
|
|
16
15
|
/**
|
|
17
16
|
* Error thrown during receipt issuance
|
|
@@ -171,22 +170,13 @@ async function issue(options) {
|
|
|
171
170
|
const startTime = performance.now();
|
|
172
171
|
// Sign with Ed25519
|
|
173
172
|
const jws = await (0, crypto_1.sign)(claims, options.privateKey, options.kid);
|
|
174
|
-
// Emit telemetry (
|
|
175
|
-
|
|
176
|
-
|
|
177
|
-
|
|
178
|
-
|
|
179
|
-
|
|
180
|
-
|
|
181
|
-
issuer: options.iss,
|
|
182
|
-
kid: options.kid,
|
|
183
|
-
durationMs,
|
|
184
|
-
});
|
|
185
|
-
}
|
|
186
|
-
catch {
|
|
187
|
-
// Telemetry MUST NOT break core flow
|
|
188
|
-
}
|
|
189
|
-
}
|
|
173
|
+
// Emit telemetry (fire-and-forget, guarded)
|
|
174
|
+
(0, telemetry_js_1.fireTelemetryHook)(options.telemetry?.onReceiptIssued, {
|
|
175
|
+
receiptHash: (0, telemetry_js_1.hashReceipt)(jws),
|
|
176
|
+
issuer: options.iss,
|
|
177
|
+
kid: options.kid,
|
|
178
|
+
durationMs: performance.now() - startTime,
|
|
179
|
+
});
|
|
190
180
|
return {
|
|
191
181
|
jws,
|
|
192
182
|
...(validatedSnapshot && { subject_snapshot: validatedSnapshot }),
|
package/dist/issue.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"issue.js","sourceRoot":"","sources":["../src/issue.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;
|
|
1
|
+
{"version":3,"file":"issue.js","sourceRoot":"","sources":["../src/issue.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;AAgKH,sBA2KC;AAWD,4BAGC;AAvVD,mCAAgC;AAChC,yCAAoC;AAEpC,6BAA+B;AAC/B,yCAoBsB;AACtB,iDAAoF;AA6GpF;;;;GAIG;AACH,MAAa,UAAW,SAAQ,KAAK;IACnC,+BAA+B;IACtB,SAAS,CAAY;IAE9B,YAAY,SAAoB;QAC9B,MAAM,OAAO,GAAG,SAAS,CAAC,OAA2C,CAAC;QACtE,KAAK,CAAC,OAAO,EAAE,OAAO,IAAI,SAAS,CAAC,IAAI,CAAC,CAAC;QAC1C,IAAI,CAAC,IAAI,GAAG,YAAY,CAAC;QACzB,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;IAC7B,CAAC;CACF;AAVD,gCAUC;AAED;;;;;;GAMG;AACI,KAAK,UAAU,KAAK,CAAC,OAAqB;IAC/C,gBAAgB;IAChB,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QACxC,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;IACzD,CAAC;IACD,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QACxC,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;IAC3D,CAAC;IACD,IAAI,OAAO,CAAC,OAAO,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAC/D,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;IAC1D,CAAC;IAED,yBAAyB;IACzB,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;QACpC,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;IACrE,CAAC;IAED,kBAAkB;IAClB,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,OAAO,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC;QACtD,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;IAC3D,CAAC;IAED,gCAAgC;IAChC,IAAI,OAAO,CAAC,GAAG,KAAK,SAAS,EAAE,CAAC;QAC9B,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,OAAO,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC;YACtD,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;QAC3D,CAAC;IACH,CAAC;IAED,4CAA4C;IAC5C,IAAI,eAA2C,CAAC;IAChD,IAAI,OAAO,CAAC,OAAO,KAAK,SAAS,EAAE,CAAC;QAClC,qBAAqB;QACrB,MAAM,WAAW,GAAG,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAEzF,sBAAsB;QACtB,MAAM,aAAa,GAAa,EAAE,CAAC;QACnC,KAAK,MAAM,KAAK,IAAI,WAAW,EAAE,CAAC;YAChC,IAAI,CAAC,IAAA,4BAAmB,EAAC,KAAK,CAAC,EAAE,CAAC;gBAChC,aAAa,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAC5B,CAAC;QACH,CAAC;QACD,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC7B,MAAM,IAAI,KAAK,CAAC,2BAA2B,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACzE,CAAC;QAED,2DAA2D;QAC3D,IAAI,WAAW,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE,CAAC;YACvC,MAAM,IAAI,KAAK,CAAC,oEAAoE,CAAC,CAAC;QACxF,CAAC;QAED,eAAe,GAAG,WAAW,CAAC;IAChC,CAAC;IAED,gDAAgD;IAChD,IAAI,OAAO,CAAC,gBAAgB,KAAK,SAAS,EAAE,CAAC;QAC3C,IAAI,CAAC,IAAA,2BAAkB,EAAC,OAAO,CAAC,gBAAgB,CAAC,EAAE,CAAC;YAClD,MAAM,IAAI,KAAK,CACb,sDAAsD,OAAO,CAAC,gBAAgB,EAAE,CACjF,CAAC;QACJ,CAAC;IACH,CAAC;IAED,0BAA0B;IAC1B,IAAI,OAAO,CAAC,cAAc,KAAK,SAAS,EAAE,CAAC;QACzC,IAAI,CAAC,IAAA,6BAAoB,EAAC,OAAO,CAAC,cAAc,CAAC,EAAE,CAAC;YAClD,MAAM,IAAI,KAAK,CAAC,2BAA2B,OAAO,CAAC,cAAc,EAAE,CAAC,CAAC;QACvE,CAAC;IACH,CAAC;IAED,uCAAuC;IACvC,IAAI,OAAO,CAAC,gBAAgB,KAAK,SAAS,EAAE,CAAC;QAC3C,IAAI,CAAC,IAAA,+BAAsB,EAAC,OAAO,CAAC,gBAAgB,CAAC,EAAE,CAAC;YACtD,MAAM,IAAI,UAAU,CAClB,IAAA,0CAAiC,EAAC,2CAA2C,CAAC,CAC/E,CAAC;QACJ,CAAC;QACD,IAAI,CAAC,IAAA,6BAAoB,EAAC,OAAO,CAAC,gBAAgB,CAAC,EAAE,CAAC;YACpD,4BAA4B;YAC5B,MAAM,GAAG,GAAG,OAAO,CAAC,gBAAgB,CAAC;YACrC,MAAM,YAAY,GAAG,GAAG,CAAC,eAAe,CAAC,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YAC/D,MAAM,aAAa,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC,IAAI,KAAK,GAAG,CAAC,eAAe,CAAC,MAAM,CAAC;YACvF,MAAM,MAAM,GAAG,YAAY,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,OAAO,CAAC;YAC3F,MAAM,IAAI,UAAU,CAAC,IAAA,sCAA6B,EAAC,MAAM,CAAC,CAAC,CAAC;QAC9D,CAAC;IACH,CAAC;IAED,iCAAiC;IACjC,MAAM,GAAG,GAAG,IAAA,eAAM,GAAE,CAAC;IAErB,wBAAwB;IACxB,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IAE1C,uBAAuB;IACvB,MAAM,MAAM,GAAsB;QAChC,GAAG,EAAE,OAAO,CAAC,GAAG;QAChB,GAAG,EAAE,OAAO,CAAC,GAAG;QAChB,GAAG;QACH,GAAG;QACH,GAAG,EAAE,OAAO,CAAC,GAAG;QAChB,GAAG,EAAE,OAAO,CAAC,GAAG;QAChB,OAAO,EAAE;YACP,IAAI,EAAE,OAAO,CAAC,IAAI;YAClB,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,MAAM,EAAE,OAAO,CAAC,GAAG;YACnB,QAAQ,EAAE,OAAO,CAAC,GAAG;YACrB,KAAK,EAAE,OAAO,CAAC,KAAK,IAAI,OAAO,CAAC,GAAG,EAAE,uDAAuD;YAC5F,GAAG,EAAE,OAAO,CAAC,GAAG,IAAI,MAAM,EAAE,yDAAyD;YACrF,QAAQ,EAAE,OAAO,CAAC,QAAQ,IAAI,EAAE,EAAE,qDAAqD;YACvF,GAAG,CAAC,OAAO,CAAC,OAAO,IAAI,EAAE,OAAO,EAAE,OAAO,CAAC,OAAO,EAAE,CAAC;YACpD,GAAG,CAAC,OAAO,CAAC,eAAe,IAAI,EAAE,eAAe,EAAE,OAAO,CAAC,eAAe,EAAE,CAAC;YAC5E,GAAG,CAAC,OAAO,CAAC,eAAe,IAAI,EAAE,eAAe,EAAE,OAAO,CAAC,eAAe,EAAE,CAAC;YAC5E,GAAG,CAAC,OAAO,CAAC,QAAQ,IAAI,EAAE,QAAQ,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC;SACxD;QACD,GAAG,CAAC,OAAO,CAAC,GAAG,IAAI,EAAE,GAAG,EAAE,OAAO,CAAC,GAAG,EAAE,CAAC;QACxC,GAAG,CAAC,OAAO,CAAC,OAAO,IAAI,EAAE,OAAO,EAAE,EAAE,GAAG,EAAE,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC;QAC7D,mEAAmE;QACnE,GAAG,CAAC,CAAC,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,gBAAgB,CAAC,IAAI;YAC/C,GAAG,EAAE;gBACH,GAAG,OAAO,CAAC,GAAG;gBACd,GAAG,CAAC,OAAO,CAAC,gBAAgB,IAAI;oBAC9B,CAAC,+BAAsB,CAAC,EAAE,OAAO,CAAC,gBAAgB;iBACnD,CAAC;aACH;SACF,CAAC;QACF,4BAA4B;QAC5B,GAAG,CAAC,eAAe,IAAI,EAAE,gBAAgB,EAAE,eAAe,EAAE,CAAC;QAC7D,GAAG,CAAC,OAAO,CAAC,gBAAgB,IAAI,EAAE,gBAAgB,EAAE,OAAO,CAAC,gBAAgB,EAAE,CAAC;QAC/E,GAAG,CAAC,OAAO,CAAC,cAAc,IAAI,EAAE,cAAc,EAAE,OAAO,CAAC,cAAc,EAAE,CAAC;KAC1E,CAAC;IAEF,gEAAgE;IAChE,IAAI,CAAC;QACH,sBAAa,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IAC9B,CAAC;IAAC,OAAO,GAAY,EAAE,CAAC;QACtB,IAAI,GAAG,YAAY,cAAQ,EAAE,CAAC;YAC5B,2CAA2C;YAC3C,MAAM,aAAa,GAAG,GAAG,CAAC,MAAM,CAAC,IAAI,CACnC,CAAC,KAAqD,EAAE,EAAE,CACxD,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAkB,EAAE,EAAE,CAAC,CAAC,KAAK,UAAU,IAAI,CAAC,KAAK,SAAS,CAAC,CAC/E,CAAC;YACF,IAAI,aAAa,IAAI,aAAa,CAAC,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;gBAC7D,MAAM,SAAS,GAAG,IAAA,mCAA0B,EAAC,aAAa,CAAC,OAAO,EAAE,aAAa,CAAC,IAAI,CAAC,CAAC;gBACxF,MAAM,IAAI,UAAU,CAAC,SAAS,CAAC,CAAC;YAClC,CAAC;QACH,CAAC;QACD,MAAM,GAAG,CAAC;IACZ,CAAC;IAED,mDAAmD;IACnD,oEAAoE;IACpE,MAAM,iBAAiB,GAAG,IAAA,gCAAuB,EAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC;IAE5E,iCAAiC;IACjC,MAAM,SAAS,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC;IAEpC,oBAAoB;IACpB,MAAM,GAAG,GAAG,MAAM,IAAA,aAAI,EAAC,MAAM,EAAE,OAAO,CAAC,UAAU,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC;IAEhE,4CAA4C;IAC5C,IAAA,gCAAiB,EAAC,OAAO,CAAC,SAAS,EAAE,eAAe,EAAE;QACpD,WAAW,EAAE,IAAA,0BAAW,EAAC,GAAG,CAAC;QAC7B,MAAM,EAAE,OAAO,CAAC,GAAG;QACnB,GAAG,EAAE,OAAO,CAAC,GAAG;QAChB,UAAU,EAAE,WAAW,CAAC,GAAG,EAAE,GAAG,SAAS;KAC1C,CAAC,CAAC;IAEH,OAAO;QACL,GAAG;QACH,GAAG,CAAC,iBAAiB,IAAI,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,CAAC;KAClE,CAAC;AACJ,CAAC;AAED;;;;;;;;GAQG;AACI,KAAK,UAAU,QAAQ,CAAC,OAAqB;IAClD,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,OAAO,CAAC,CAAC;IACpC,OAAO,MAAM,CAAC,GAAG,CAAC;AACpB,CAAC"}
|
package/dist/telemetry.d.ts
CHANGED
|
@@ -1,6 +1,49 @@
|
|
|
1
1
|
/**
|
|
2
2
|
* Telemetry utilities for protocol package
|
|
3
|
+
*
|
|
4
|
+
* TelemetryHook is the protocol-local interface for observability.
|
|
5
|
+
* Hooks are best-effort side effects: fire-and-forget, never awaited,
|
|
6
|
+
* guarded against both sync throws and async rejections.
|
|
7
|
+
*/
|
|
8
|
+
/**
|
|
9
|
+
* Input for receipt issued telemetry event
|
|
10
|
+
*/
|
|
11
|
+
export interface ReceiptIssuedHookInput {
|
|
12
|
+
receiptHash: string;
|
|
13
|
+
issuer?: string;
|
|
14
|
+
kid?: string;
|
|
15
|
+
durationMs?: number;
|
|
16
|
+
}
|
|
17
|
+
/**
|
|
18
|
+
* Input for receipt verified telemetry event
|
|
19
|
+
*/
|
|
20
|
+
export interface ReceiptVerifiedHookInput {
|
|
21
|
+
receiptHash: string;
|
|
22
|
+
valid: boolean;
|
|
23
|
+
reasonCode?: string;
|
|
24
|
+
issuer?: string;
|
|
25
|
+
kid?: string;
|
|
26
|
+
durationMs?: number;
|
|
27
|
+
}
|
|
28
|
+
/**
|
|
29
|
+
* Telemetry hook interface for protocol observability
|
|
30
|
+
*
|
|
31
|
+
* Implementations SHOULD be no-throw. Protocol guards all calls,
|
|
32
|
+
* but well-behaved hooks should not throw.
|
|
33
|
+
*
|
|
34
|
+
* Hooks may be sync or async -- protocol will NOT await the result.
|
|
35
|
+
*/
|
|
36
|
+
export type TelemetryHook = {
|
|
37
|
+
onReceiptIssued?(input: ReceiptIssuedHookInput): void | Promise<void>;
|
|
38
|
+
onReceiptVerified?(input: ReceiptVerifiedHookInput): void | Promise<void>;
|
|
39
|
+
};
|
|
40
|
+
/**
|
|
41
|
+
* Safely invoke a telemetry hook (fire-and-forget)
|
|
42
|
+
*
|
|
43
|
+
* Guards both sync throws and async rejections.
|
|
44
|
+
* Telemetry MUST NOT break core flow.
|
|
3
45
|
*/
|
|
46
|
+
export declare function fireTelemetryHook<T>(fn: ((input: T) => void | Promise<void>) | undefined, input: T): void;
|
|
4
47
|
/**
|
|
5
48
|
* Compute a SHA-256 hash of a receipt JWS
|
|
6
49
|
*
|
package/dist/telemetry.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"telemetry.d.ts","sourceRoot":"","sources":["../src/telemetry.ts"],"names":[],"mappings":"AAAA;;GAEG;
|
|
1
|
+
{"version":3,"file":"telemetry.d.ts","sourceRoot":"","sources":["../src/telemetry.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAIH;;GAEG;AACH,MAAM,WAAW,sBAAsB;IACrC,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,wBAAwB;IACvC,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,EAAE,OAAO,CAAC;IACf,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED;;;;;;;GAOG;AACH,MAAM,MAAM,aAAa,GAAG;IAC1B,eAAe,CAAC,CAAC,KAAK,EAAE,sBAAsB,GAAG,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IACtE,iBAAiB,CAAC,CAAC,KAAK,EAAE,wBAAwB,GAAG,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CAC3E,CAAC;AAEF;;;;;GAKG;AACH,wBAAgB,iBAAiB,CAAC,CAAC,EACjC,EAAE,EAAE,CAAC,CAAC,KAAK,EAAE,CAAC,KAAK,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,GAAG,SAAS,EACpD,KAAK,EAAE,CAAC,GACP,IAAI,CAWN;AAED;;;;;GAKG;AACH,wBAAgB,WAAW,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAG/C"}
|
package/dist/telemetry.js
CHANGED
|
@@ -1,10 +1,35 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
/**
|
|
3
3
|
* Telemetry utilities for protocol package
|
|
4
|
+
*
|
|
5
|
+
* TelemetryHook is the protocol-local interface for observability.
|
|
6
|
+
* Hooks are best-effort side effects: fire-and-forget, never awaited,
|
|
7
|
+
* guarded against both sync throws and async rejections.
|
|
4
8
|
*/
|
|
5
9
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
10
|
+
exports.fireTelemetryHook = fireTelemetryHook;
|
|
6
11
|
exports.hashReceipt = hashReceipt;
|
|
7
12
|
const node_crypto_1 = require("node:crypto");
|
|
13
|
+
/**
|
|
14
|
+
* Safely invoke a telemetry hook (fire-and-forget)
|
|
15
|
+
*
|
|
16
|
+
* Guards both sync throws and async rejections.
|
|
17
|
+
* Telemetry MUST NOT break core flow.
|
|
18
|
+
*/
|
|
19
|
+
function fireTelemetryHook(fn, input) {
|
|
20
|
+
if (!fn)
|
|
21
|
+
return;
|
|
22
|
+
try {
|
|
23
|
+
const result = fn(input);
|
|
24
|
+
// Swallow async rejections
|
|
25
|
+
if (result && typeof result.catch === 'function') {
|
|
26
|
+
result.catch(() => { });
|
|
27
|
+
}
|
|
28
|
+
}
|
|
29
|
+
catch {
|
|
30
|
+
// Telemetry MUST NOT break core flow
|
|
31
|
+
}
|
|
32
|
+
}
|
|
8
33
|
/**
|
|
9
34
|
* Compute a SHA-256 hash of a receipt JWS
|
|
10
35
|
*
|
package/dist/telemetry.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"telemetry.js","sourceRoot":"","sources":["../src/telemetry.ts"],"names":[],"mappings":";AAAA;;
|
|
1
|
+
{"version":3,"file":"telemetry.js","sourceRoot":"","sources":["../src/telemetry.ts"],"names":[],"mappings":";AAAA;;;;;;GAMG;;AA6CH,8CAcC;AAQD,kCAGC;AApED,6CAAyC;AAqCzC;;;;;GAKG;AACH,SAAgB,iBAAiB,CAC/B,EAAoD,EACpD,KAAQ;IAER,IAAI,CAAC,EAAE;QAAE,OAAO;IAChB,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC;QACzB,2BAA2B;QAC3B,IAAI,MAAM,IAAI,OAAQ,MAAwB,CAAC,KAAK,KAAK,UAAU,EAAE,CAAC;YACnE,MAAwB,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QAC5C,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,qCAAqC;IACvC,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,SAAgB,WAAW,CAAC,GAAW;IACrC,MAAM,IAAI,GAAG,IAAA,wBAAU,EAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAC5D,OAAO,UAAU,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC;AACvC,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"transport-profiles.d.ts","sourceRoot":"","sources":["../src/transport-profiles.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAMH;;GAEG;AACH,MAAM,MAAM,gBAAgB,GAAG,QAAQ,GAAG,SAAS,GAAG,MAAM,CAAC;AAE7D;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,OAAO,EAAE,QAAQ,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,SAAS,CAAC;IACnB,SAAS,EAAE,QAAQ,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,GAAG,EAAE,MAAM,CAAC;IACZ;;;;OAIG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CACrC;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,MAAM,EAAE,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,MAAM,sBAAsB,GAAG,mBAAmB,GAAG,oBAAoB,GAAG,iBAAiB,CAAC;AAEpG;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACpC,EAAE,EAAE,KAAK,CAAC;IACV,MAAM,EAAE,mBAAmB,GAAG,mBAAmB,GAAG,uBAAuB,CAAC;IAC5E,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,uBAAuB,CACtC,CAAC,SAAS,sBAAsB,GAAG,sBAAsB;IAEzD,EAAE,EAAE,IAAI,CAAC;IACT,MAAM,EAAE,CAAC,CAAC;CACX;AAED;;GAEG;AACH,MAAM,MAAM,2BAA2B,CAAC,CAAC,SAAS,sBAAsB,GAAG,sBAAsB,
|
|
1
|
+
{"version":3,"file":"transport-profiles.d.ts","sourceRoot":"","sources":["../src/transport-profiles.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAMH;;GAEG;AACH,MAAM,MAAM,gBAAgB,GAAG,QAAQ,GAAG,SAAS,GAAG,MAAM,CAAC;AAE7D;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,OAAO,EAAE,QAAQ,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,SAAS,CAAC;IACnB,SAAS,EAAE,QAAQ,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,GAAG,EAAE,MAAM,CAAC;IACZ;;;;OAIG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CACrC;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,MAAM,EAAE,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,MAAM,sBAAsB,GAAG,mBAAmB,GAAG,oBAAoB,GAAG,iBAAiB,CAAC;AAEpG;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACpC,EAAE,EAAE,KAAK,CAAC;IACV,MAAM,EAAE,mBAAmB,GAAG,mBAAmB,GAAG,uBAAuB,CAAC;IAC5E,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,uBAAuB,CACtC,CAAC,SAAS,sBAAsB,GAAG,sBAAsB;IAEzD,EAAE,EAAE,IAAI,CAAC;IACT,MAAM,EAAE,CAAC,CAAC;CACX;AAED;;GAEG;AACH,MAAM,MAAM,2BAA2B,CAAC,CAAC,SAAS,sBAAsB,GAAG,sBAAsB,IAC7F,uBAAuB,CAAC,CAAC,CAAC,GAC1B,qBAAqB,CAAC;AAM1B;;;;;;;;;;GAUG;AACH,wBAAgB,kBAAkB,CAChC,WAAW,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,SAAS,GACzC,2BAA2B,CAAC,mBAAmB,CAAC,CA4ElD;AAMD;;;;;;;;;;;;GAYG;AACH,wBAAgB,mBAAmB,CACjC,WAAW,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,SAAS,GACzC,2BAA2B,CAAC,oBAAoB,CAAC,CAuHnD;AA6FD;;;;;;;;;GASG;AACH,wBAAgB,gBAAgB,CAAC,IAAI,EAAE,OAAO,GAAG,2BAA2B,CAAC,iBAAiB,CAAC,CA0F9F;AAMD;;;;;GAKG;AACH,wBAAgB,qBAAqB,CAAC,OAAO,EAAE;IAC7C,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,SAAS,CAAC,CAAC;IACvD,IAAI,CAAC,EAAE,OAAO,CAAC;CAChB,GAAG,2BAA2B,CA2B9B"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"transport-profiles.js","sourceRoot":"","sources":["../src/transport-profiles.ts"],"names":[],"mappings":";AAAA;;;;;;;;;GASG;;
|
|
1
|
+
{"version":3,"file":"transport-profiles.js","sourceRoot":"","sources":["../src/transport-profiles.ts"],"names":[],"mappings":";AAAA;;;;;;;;;GASG;;AA0FH,gDA8EC;AAmBD,kDAyHC;AAuGD,4CA0FC;AAYD,sDA8BC;AApdD,8EAA8E;AAC9E,wBAAwB;AACxB,8EAA8E;AAE9E;;;;;;;;;;GAUG;AACH,SAAgB,kBAAkB,CAChC,WAA0C;IAE1C,2BAA2B;IAC3B,IAAI,WAAW,KAAK,SAAS,IAAI,WAAW,KAAK,EAAE,EAAE,CAAC;QACpD,OAAO;YACL,EAAE,EAAE,KAAK;YACT,MAAM,EAAE,mBAAmB;YAC3B,SAAS,EAAE,4BAA4B;YACvC,OAAO,EAAE,gCAAgC;SAC1C,CAAC;IACJ,CAAC;IAED,qCAAqC;IACrC,IAAI,KAAK,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE,CAAC;QAC/B,OAAO;YACL,EAAE,EAAE,KAAK;YACT,MAAM,EAAE,mBAAmB;YAC3B,SAAS,EAAE,4BAA4B;YACvC,OAAO,EAAE,+CAA+C;SACzD,CAAC;IACJ,CAAC;IAED,6DAA6D;IAC7D,IAAI,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QAC9B,qEAAqE;QACrE,mEAAmE;QACnE,MAAM,KAAK,GAAG,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACrC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;YAC7D,OAAO;gBACL,EAAE,EAAE,KAAK;gBACT,MAAM,EAAE,mBAAmB;gBAC3B,SAAS,EAAE,4BAA4B;gBACvC,OAAO,EAAE,qDAAqD;aAC/D,CAAC;QACJ,CAAC;IACH,CAAC;IAED,gEAAgE;IAChE,MAAM,QAAQ,GAAG,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACxC,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC1B,OAAO;YACL,EAAE,EAAE,KAAK;YACT,MAAM,EAAE,mBAAmB;YAC3B,SAAS,EAAE,4BAA4B;YACvC,OAAO,EAAE,+DAA+D,QAAQ,CAAC,MAAM,EAAE;SAC1F,CAAC;IACJ,CAAC;IAED,mDAAmD;IACnD,MAAM,cAAc,GAAG,kBAAkB,CAAC;IAC1C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACzC,MAAM,OAAO,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;QAC5B,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACzB,OAAO;gBACL,EAAE,EAAE,KAAK;gBACT,MAAM,EAAE,mBAAmB;gBAC3B,SAAS,EAAE,4BAA4B;gBACvC,OAAO,EAAE,8CAA8C,CAAC,GAAG,CAAC,WAAW;aACxE,CAAC;QACJ,CAAC;QACD,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YAClC,OAAO;gBACL,EAAE,EAAE,KAAK;gBACT,MAAM,EAAE,mBAAmB;gBAC3B,SAAS,EAAE,4BAA4B;gBACvC,OAAO,EAAE,8CAA8C,CAAC,GAAG,CAAC,8BAA8B;aAC3F,CAAC;QACJ,CAAC;IACH,CAAC;IAED,OAAO;QACL,EAAE,EAAE,IAAI;QACR,MAAM,EAAE;YACN,OAAO,EAAE,QAAQ;YACjB,OAAO,EAAE,WAAW;SACrB;KACF,CAAC;AACJ,CAAC;AAED,8EAA8E;AAC9E,yBAAyB;AACzB,8EAA8E;AAE9E;;;;;;;;;;;;GAYG;AACH,SAAgB,mBAAmB,CACjC,WAA0C;IAE1C,2BAA2B;IAC3B,IAAI,WAAW,KAAK,SAAS,IAAI,WAAW,KAAK,EAAE,EAAE,CAAC;QACpD,OAAO;YACL,EAAE,EAAE,KAAK;YACT,MAAM,EAAE,mBAAmB;YAC3B,SAAS,EAAE,4BAA4B;YACvC,OAAO,EAAE,wCAAwC;SAClD,CAAC;IACJ,CAAC;IAED,qCAAqC;IACrC,IAAI,KAAK,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE,CAAC;QAC/B,OAAO;YACL,EAAE,EAAE,KAAK;YACT,MAAM,EAAE,mBAAmB;YAC3B,SAAS,EAAE,4BAA4B;YACvC,OAAO,EAAE,uDAAuD;SACjE,CAAC;IACJ,CAAC;IAED,mCAAmC;IACnC,sCAAsC;IACtC,wEAAwE;IAExE,MAAM,WAAW,GAAG,qBAAqB,CAAC,WAAW,CAAC,CAAC;IAEvD,sCAAsC;IACtC,IAAI,WAAW,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACtC,OAAO;YACL,EAAE,EAAE,KAAK;YACT,MAAM,EAAE,mBAAmB;YAC3B,SAAS,EAAE,4BAA4B;YACvC,OAAO,EAAE,iDAAiD,WAAW,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE;SACtF,CAAC;IACJ,CAAC;IAED,4EAA4E;IAC5E,+DAA+D;IAC/D,MAAM,YAAY,GAAG,IAAI,GAAG,CAAC,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC;IAChD,MAAM,WAAW,GAAG,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;IAClG,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC3B,OAAO;YACL,EAAE,EAAE,KAAK;YACT,MAAM,EAAE,mBAAmB;YAC3B,SAAS,EAAE,4BAA4B;YACvC,OAAO,EAAE,+CAA+C,WAAW,CAAC,CAAC,CAAC,EAAE;SACzE,CAAC;IACJ,CAAC;IAED,MAAM,MAAM,GAAG,WAAW,CAAC,MAAM,CAAC;IAElC,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QACnB,OAAO;YACL,EAAE,EAAE,KAAK;YACT,MAAM,EAAE,mBAAmB;YAC3B,SAAS,EAAE,4BAA4B;YACvC,OAAO,EAAE,+CAA+C;SACzD,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;QAChB,OAAO;YACL,EAAE,EAAE,KAAK;YACT,MAAM,EAAE,mBAAmB;YAC3B,SAAS,EAAE,4BAA4B;YACvC,OAAO,EAAE,4CAA4C;SACtD,CAAC;IACJ,CAAC;IAED,mCAAmC;IACnC,MAAM,QAAQ,GAAG,gBAAgB,CAAC;IAClC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;QAClC,OAAO;YACL,EAAE,EAAE,KAAK;YACT,MAAM,EAAE,mBAAmB;YAC3B,SAAS,EAAE,4BAA4B;YACvC,OAAO,EAAE,iEAAiE;SAC3E,CAAC;IACJ,CAAC;IAED,wBAAwB;IACxB,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAChC,IAAI,GAAG,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO;gBACL,EAAE,EAAE,KAAK;gBACT,MAAM,EAAE,uBAAuB;gBAC/B,SAAS,EAAE,gCAAgC;gBAC3C,OAAO,EAAE,4BAA4B;aACtC,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,OAAO;YACL,EAAE,EAAE,KAAK;YACT,MAAM,EAAE,mBAAmB;YAC3B,SAAS,EAAE,4BAA4B;YACvC,OAAO,EAAE,6CAA6C;SACvD,CAAC;IACJ,CAAC;IAED,2DAA2D;IAC3D,MAAM,UAAU,GAA2B,EAAE,CAAC;IAC9C,KAAK,MAAM,GAAG,IAAI,WAAW,CAAC,IAAI,EAAE,CAAC;QACnC,IAAI,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;YAC3B,UAAU,CAAC,GAAG,CAAC,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC;QAChC,CAAC;IACH,CAAC;IAED,OAAO;QACL,EAAE,EAAE,IAAI;QACR,MAAM,EAAE;YACN,OAAO,EAAE,SAAS;YAClB,SAAS,EAAE,QAAQ;YACnB,WAAW,EAAE,MAAM,CAAC,MAAM;YAC1B,GAAG,EAAE,MAAM,CAAC,GAAG;YACf,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,UAAU,EAAE,CAAC;SAC1D;KACF,CAAC;AACJ,CAAC;AAcD;;;;;;;;GAQG;AACH,SAAS,qBAAqB,CAAC,KAAa;IAC1C,MAAM,MAAM,GAA2B,EAAE,CAAC;IAC1C,MAAM,UAAU,GAAa,EAAE,CAAC;IAChC,MAAM,IAAI,GAAa,EAAE,CAAC;IAE1B,IAAI,CAAC,GAAG,CAAC,CAAC;IACV,MAAM,GAAG,GAAG,KAAK,CAAC,MAAM,CAAC;IAEzB,OAAO,CAAC,GAAG,GAAG,EAAE,CAAC;QACf,6BAA6B;QAC7B,OAAO,CAAC,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,GAAG,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,GAAG,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC,EAAE,CAAC;YAC9E,CAAC,EAAE,CAAC;QACN,CAAC;QACD,IAAI,CAAC,IAAI,GAAG;YAAE,MAAM;QAEpB,mCAAmC;QACnC,MAAM,QAAQ,GAAG,CAAC,CAAC;QACnB,OAAO,CAAC,GAAG,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACtC,CAAC,EAAE,CAAC;QACN,CAAC;QACD,MAAM,GAAG,GAAG,KAAK,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;QACrC,IAAI,CAAC,GAAG;YAAE,MAAM;QAEhB,6BAA6B;QAC7B,OAAO,CAAC,GAAG,GAAG,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,GAAG;YAAE,CAAC,EAAE,CAAC;QAExC,aAAa;QACb,IAAI,CAAC,IAAI,GAAG,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,GAAG;YAAE,MAAM;QACxC,CAAC,EAAE,CAAC,CAAC,WAAW;QAEhB,4BAA4B;QAC5B,OAAO,CAAC,GAAG,GAAG,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,GAAG;YAAE,CAAC,EAAE,CAAC;QAExC,mCAAmC;QACnC,IAAI,KAAa,CAAC;QAClB,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC;YACrB,oCAAoC;YACpC,CAAC,EAAE,CAAC,CAAC,qBAAqB;YAC1B,MAAM,UAAU,GAAG,CAAC,CAAC;YACrB,OAAO,CAAC,GAAG,GAAG,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC;gBACnC,CAAC,EAAE,CAAC;YACN,CAAC;YACD,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC;YACnC,IAAI,CAAC,GAAG,GAAG;gBAAE,CAAC,EAAE,CAAC,CAAC,qBAAqB;QACzC,CAAC;aAAM,CAAC;YACN,kDAAkD;YAClD,MAAM,UAAU,GAAG,CAAC,CAAC;YACrB,OAAO,CAAC,GAAG,GAAG,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,GAAG,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,GAAG,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBAC5E,CAAC,EAAE,CAAC;YACN,CAAC;YACD,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC;QACrC,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAEf,mBAAmB;QACnB,IAAI,GAAG,IAAI,MAAM,EAAE,CAAC;YAClB,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACvB,CAAC;QAED,MAAM,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;IACtB,CAAC;IAED,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,IAAI,EAAE,CAAC;AACtC,CAAC;AAED,8EAA8E;AAC9E,sBAAsB;AACtB,8EAA8E;AAE9E;;;;;;;;;GASG;AACH,SAAgB,gBAAgB,CAAC,IAAa;IAC5C,IAAI,IAAI,KAAK,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;QAC9C,OAAO;YACL,EAAE,EAAE,KAAK;YACT,MAAM,EAAE,mBAAmB;YAC3B,SAAS,EAAE,4BAA4B;YACvC,OAAO,EAAE,4BAA4B;SACtC,CAAC;IACJ,CAAC;IAED,MAAM,GAAG,GAAG,IAA+B,CAAC;IAE5C,oDAAoD;IACpD,IAAI,eAAe,IAAI,GAAG,EAAE,CAAC;QAC3B,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC;YACtC,OAAO;gBACL,EAAE,EAAE,KAAK;gBACT,MAAM,EAAE,mBAAmB;gBAC3B,SAAS,EAAE,4BAA4B;gBACvC,OAAO,EAAE,gCAAgC;aAC1C,CAAC;QACJ,CAAC;QAED,MAAM,QAAQ,GAAa,EAAE,CAAC;QAC9B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,aAAa,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YAClD,MAAM,OAAO,GAAG,GAAG,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC;YACrC,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE,CAAC;gBAChC,OAAO;oBACL,EAAE,EAAE,KAAK;oBACT,MAAM,EAAE,mBAAmB;oBAC3B,SAAS,EAAE,4BAA4B;oBACvC,OAAO,EAAE,iBAAiB,CAAC,oBAAoB;iBAChD,CAAC;YACJ,CAAC;YACD,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACzB,CAAC;QAED,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC1B,OAAO;gBACL,EAAE,EAAE,KAAK;gBACT,MAAM,EAAE,mBAAmB;gBAC3B,SAAS,EAAE,4BAA4B;gBACvC,OAAO,EAAE,8BAA8B;aACxC,CAAC;QACJ,CAAC;QAED,OAAO;YACL,EAAE,EAAE,IAAI;YACR,MAAM,EAAE;gBACN,OAAO,EAAE,MAAM;gBACf,QAAQ;aACT;SACF,CAAC;IACJ,CAAC;IAED,kCAAkC;IAClC,IAAI,cAAc,IAAI,GAAG,EAAE,CAAC;QAC1B,IAAI,OAAO,GAAG,CAAC,YAAY,KAAK,QAAQ,EAAE,CAAC;YACzC,OAAO;gBACL,EAAE,EAAE,KAAK;gBACT,MAAM,EAAE,mBAAmB;gBAC3B,SAAS,EAAE,4BAA4B;gBACvC,OAAO,EAAE,+BAA+B;aACzC,CAAC;QACJ,CAAC;QAED,IAAI,GAAG,CAAC,YAAY,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAClC,OAAO;gBACL,EAAE,EAAE,KAAK;gBACT,MAAM,EAAE,mBAAmB;gBAC3B,SAAS,EAAE,4BAA4B;gBACvC,OAAO,EAAE,uBAAuB;aACjC,CAAC;QACJ,CAAC;QAED,OAAO;YACL,EAAE,EAAE,IAAI;YACR,MAAM,EAAE;gBACN,OAAO,EAAE,MAAM;gBACf,QAAQ,EAAE,CAAC,GAAG,CAAC,YAAY,CAAC;aAC7B;SACF,CAAC;IACJ,CAAC;IAED,OAAO;QACL,EAAE,EAAE,KAAK;QACT,MAAM,EAAE,mBAAmB;QAC3B,SAAS,EAAE,4BAA4B;QACvC,OAAO,EAAE,iDAAiD;KAC3D,CAAC;AACJ,CAAC;AAED,8EAA8E;AAC9E,qBAAqB;AACrB,8EAA8E;AAE9E;;;;;GAKG;AACH,SAAgB,qBAAqB,CAAC,OAGrC;IACC,MAAM,WAAW,GAAG,OAAO,CAAC,OAAO,CAAC,cAAc,CAAC,IAAI,OAAO,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC;IACvF,MAAM,WAAW,GACf,OAAO,CAAC,OAAO,CAAC,sBAAsB,CAAC,IAAI,OAAO,CAAC,OAAO,CAAC,sBAAsB,CAAC,CAAC;IAErF,kCAAkC;IAClC,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;QAC9B,OAAO,kBAAkB,CAAC,WAAW,CAAC,CAAC;IACzC,CAAC;IAED,yBAAyB;IACzB,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;QAC9B,OAAO,mBAAmB,CAAC,WAAW,CAAC,CAAC;IAC1C,CAAC;IAED,uCAAuC;IACvC,IAAI,OAAO,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;QAC/B,OAAO,gBAAgB,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IACxC,CAAC;IAED,OAAO;QACL,EAAE,EAAE,KAAK;QACT,MAAM,EAAE,mBAAmB;QAC3B,SAAS,EAAE,4BAA4B;QACvC,OAAO,EACL,6FAA6F;KAChG,CAAC;AACJ,CAAC"}
|
package/dist/verify-local.d.ts
CHANGED
|
@@ -4,7 +4,7 @@
|
|
|
4
4
|
* Use this for verifying receipts when you have the public key locally,
|
|
5
5
|
* without JWKS discovery.
|
|
6
6
|
*/
|
|
7
|
-
import { type ReceiptClaimsType } from '@peac/schema';
|
|
7
|
+
import { type ReceiptClaimsType, type AttestationReceiptClaims } from '@peac/schema';
|
|
8
8
|
/**
|
|
9
9
|
* Canonical error codes for local verification
|
|
10
10
|
*
|
|
@@ -64,15 +64,29 @@ export interface VerifyLocalOptions {
|
|
|
64
64
|
}
|
|
65
65
|
/**
|
|
66
66
|
* Result of successful local verification
|
|
67
|
+
*
|
|
68
|
+
* Discriminated union on `variant` -- callers narrow claims type via variant check:
|
|
69
|
+
* if (result.valid && result.variant === 'commerce') { result.claims.amt }
|
|
67
70
|
*/
|
|
68
|
-
export
|
|
71
|
+
export type VerifyLocalSuccess = {
|
|
69
72
|
/** Verification succeeded */
|
|
70
73
|
valid: true;
|
|
71
|
-
/**
|
|
74
|
+
/** Receipt variant (commerce = payment receipt, attestation = non-payment) */
|
|
75
|
+
variant: 'commerce';
|
|
76
|
+
/** Validated commerce receipt claims */
|
|
72
77
|
claims: ReceiptClaimsType;
|
|
73
78
|
/** Key ID from JWS header (for logging/indexing) */
|
|
74
79
|
kid: string;
|
|
75
|
-
}
|
|
80
|
+
} | {
|
|
81
|
+
/** Verification succeeded */
|
|
82
|
+
valid: true;
|
|
83
|
+
/** Receipt variant (commerce = payment receipt, attestation = non-payment) */
|
|
84
|
+
variant: 'attestation';
|
|
85
|
+
/** Validated attestation receipt claims */
|
|
86
|
+
claims: AttestationReceiptClaims;
|
|
87
|
+
/** Key ID from JWS header (for logging/indexing) */
|
|
88
|
+
kid: string;
|
|
89
|
+
};
|
|
76
90
|
/**
|
|
77
91
|
* Result of failed local verification
|
|
78
92
|
*/
|
|
@@ -83,6 +97,16 @@ export interface VerifyLocalFailure {
|
|
|
83
97
|
code: VerifyLocalErrorCode;
|
|
84
98
|
/** Human-readable error message */
|
|
85
99
|
message: string;
|
|
100
|
+
/** Structured details for debugging (stable error code preserved in `code`) */
|
|
101
|
+
details?: {
|
|
102
|
+
/** Precise parse error code from unified parser (e.g. E_PARSE_COMMERCE_INVALID) */
|
|
103
|
+
parse_code?: string;
|
|
104
|
+
/** Zod validation issues (bounded, stable shape -- non-normative, may change) */
|
|
105
|
+
issues?: ReadonlyArray<{
|
|
106
|
+
path: string;
|
|
107
|
+
message: string;
|
|
108
|
+
}>;
|
|
109
|
+
};
|
|
86
110
|
}
|
|
87
111
|
/**
|
|
88
112
|
* Union type for local verification result
|
|
@@ -122,4 +146,22 @@ export type VerifyLocalResult = VerifyLocalSuccess | VerifyLocalFailure;
|
|
|
122
146
|
* ```
|
|
123
147
|
*/
|
|
124
148
|
export declare function verifyLocal(jws: string, publicKey: Uint8Array, options?: VerifyLocalOptions): Promise<VerifyLocalResult>;
|
|
149
|
+
/**
|
|
150
|
+
* Type guard: narrows a VerifyLocalResult to a commerce success.
|
|
151
|
+
*
|
|
152
|
+
* Use instead of manual `result.valid && result.variant === 'commerce'` checks
|
|
153
|
+
* to get proper claims narrowing to ReceiptClaimsType.
|
|
154
|
+
*/
|
|
155
|
+
export declare function isCommerceResult(r: VerifyLocalResult): r is VerifyLocalSuccess & {
|
|
156
|
+
variant: 'commerce';
|
|
157
|
+
};
|
|
158
|
+
/**
|
|
159
|
+
* Type guard: narrows a VerifyLocalResult to an attestation success.
|
|
160
|
+
*
|
|
161
|
+
* Use instead of manual `result.valid && result.variant === 'attestation'` checks
|
|
162
|
+
* to get proper claims narrowing to AttestationReceiptClaims.
|
|
163
|
+
*/
|
|
164
|
+
export declare function isAttestationResult(r: VerifyLocalResult): r is VerifyLocalSuccess & {
|
|
165
|
+
variant: 'attestation';
|
|
166
|
+
};
|
|
125
167
|
//# sourceMappingURL=verify-local.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"verify-local.d.ts","sourceRoot":"","sources":["../src/verify-local.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,
|
|
1
|
+
{"version":3,"file":"verify-local.d.ts","sourceRoot":"","sources":["../src/verify-local.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,EAEL,KAAK,iBAAiB,EACtB,KAAK,wBAAwB,EAC9B,MAAM,cAAc,CAAC;AA8BtB;;;;GAIG;AACH,MAAM,MAAM,oBAAoB,GAC5B,qBAAqB,GACrB,kBAAkB,GAClB,WAAW,GACX,iBAAiB,GACjB,kBAAkB,GAClB,oBAAoB,GACpB,mBAAmB,GACnB,sBAAsB,GACtB,eAAe,GACf,YAAY,CAAC;AAEjB;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC;;;;OAIG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB;;;;OAIG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB;;;;;OAKG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IAEpB;;;;;OAKG;IACH,GAAG,CAAC,EAAE,MAAM,CAAC;IAEb;;;;;OAKG;IACH,UAAU,CAAC,EAAE,OAAO,CAAC;IAErB;;;;OAIG;IACH,GAAG,CAAC,EAAE,MAAM,CAAC;IAEb;;;;;OAKG;IACH,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AAED;;;;;GAKG;AACH,MAAM,MAAM,kBAAkB,GAC1B;IACE,6BAA6B;IAC7B,KAAK,EAAE,IAAI,CAAC;IACZ,8EAA8E;IAC9E,OAAO,EAAE,UAAU,CAAC;IACpB,wCAAwC;IACxC,MAAM,EAAE,iBAAiB,CAAC;IAC1B,oDAAoD;IACpD,GAAG,EAAE,MAAM,CAAC;CACb,GACD;IACE,6BAA6B;IAC7B,KAAK,EAAE,IAAI,CAAC;IACZ,8EAA8E;IAC9E,OAAO,EAAE,aAAa,CAAC;IACvB,2CAA2C;IAC3C,MAAM,EAAE,wBAAwB,CAAC;IACjC,oDAAoD;IACpD,GAAG,EAAE,MAAM,CAAC;CACb,CAAC;AAEN;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,0BAA0B;IAC1B,KAAK,EAAE,KAAK,CAAC;IAEb,8DAA8D;IAC9D,IAAI,EAAE,oBAAoB,CAAC;IAE3B,mCAAmC;IACnC,OAAO,EAAE,MAAM,CAAC;IAEhB,+EAA+E;IAC/E,OAAO,CAAC,EAAE;QACR,mFAAmF;QACnF,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,iFAAiF;QACjF,MAAM,CAAC,EAAE,aAAa,CAAC;YAAE,IAAI,EAAE,MAAM,CAAC;YAAC,OAAO,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;KAC3D,CAAC;CACH;AAED;;GAEG;AACH,MAAM,MAAM,iBAAiB,GAAG,kBAAkB,GAAG,kBAAkB,CAAC;AA8BxE;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AACH,wBAAsB,WAAW,CAC/B,GAAG,EAAE,MAAM,EACX,SAAS,EAAE,UAAU,EACrB,OAAO,GAAE,kBAAuB,GAC/B,OAAO,CAAC,iBAAiB,CAAC,CAuI5B;AAED;;;;;GAKG;AACH,wBAAgB,gBAAgB,CAC9B,CAAC,EAAE,iBAAiB,GACnB,CAAC,IAAI,kBAAkB,GAAG;IAAE,OAAO,EAAE,UAAU,CAAA;CAAE,CAEnD;AAED;;;;;GAKG;AACH,wBAAgB,mBAAmB,CACjC,CAAC,EAAE,iBAAiB,GACnB,CAAC,IAAI,kBAAkB,GAAG;IAAE,OAAO,EAAE,aAAa,CAAA;CAAE,CAEtD"}
|
package/dist/verify-local.js
CHANGED
|
@@ -7,6 +7,8 @@
|
|
|
7
7
|
*/
|
|
8
8
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
9
9
|
exports.verifyLocal = verifyLocal;
|
|
10
|
+
exports.isCommerceResult = isCommerceResult;
|
|
11
|
+
exports.isAttestationResult = isAttestationResult;
|
|
10
12
|
const crypto_1 = require("@peac/crypto");
|
|
11
13
|
const schema_1 = require("@peac/schema");
|
|
12
14
|
/**
|
|
@@ -34,6 +36,20 @@ const FORMAT_ERROR_CODES = new Set([
|
|
|
34
36
|
'CRYPTO_INVALID_ALG',
|
|
35
37
|
'CRYPTO_INVALID_KEY_LENGTH',
|
|
36
38
|
]);
|
|
39
|
+
/** Max parse issues to include in details (prevents log bloat) */
|
|
40
|
+
const MAX_PARSE_ISSUES = 25;
|
|
41
|
+
/**
|
|
42
|
+
* Sanitize Zod issues into a bounded, stable structure.
|
|
43
|
+
* Avoids exposing raw Zod internals or unbounded arrays in the public API.
|
|
44
|
+
*/
|
|
45
|
+
function sanitizeParseIssues(issues) {
|
|
46
|
+
if (!Array.isArray(issues))
|
|
47
|
+
return undefined;
|
|
48
|
+
return issues.slice(0, MAX_PARSE_ISSUES).map((issue) => ({
|
|
49
|
+
path: Array.isArray(issue?.path) ? issue.path.join('.') : '',
|
|
50
|
+
message: typeof issue?.message === 'string' ? issue.message : String(issue),
|
|
51
|
+
}));
|
|
52
|
+
}
|
|
37
53
|
/**
|
|
38
54
|
* Verify a PEAC receipt locally with a known public key
|
|
39
55
|
*
|
|
@@ -80,81 +96,88 @@ async function verifyLocal(jws, publicKey, options = {}) {
|
|
|
80
96
|
message: 'Ed25519 signature verification failed',
|
|
81
97
|
};
|
|
82
98
|
}
|
|
83
|
-
// 2. Validate schema
|
|
84
|
-
const
|
|
85
|
-
if (!
|
|
86
|
-
const firstIssue = parseResult.error.issues[0];
|
|
99
|
+
// 2. Validate schema (unified parser supports both commerce and attestation)
|
|
100
|
+
const pr = (0, schema_1.parseReceiptClaims)(result.payload);
|
|
101
|
+
if (!pr.ok) {
|
|
87
102
|
return {
|
|
88
103
|
valid: false,
|
|
89
104
|
code: 'E_INVALID_FORMAT',
|
|
90
|
-
message: `Receipt schema validation failed: ${
|
|
105
|
+
message: `Receipt schema validation failed: ${pr.error.message}`,
|
|
106
|
+
details: { parse_code: pr.error.code, issues: sanitizeParseIssues(pr.error.issues) },
|
|
91
107
|
};
|
|
92
108
|
}
|
|
93
|
-
|
|
109
|
+
// Shared binding checks (iss, aud, rid, iat, exp exist on both receipt types)
|
|
94
110
|
// 3. Check issuer binding
|
|
95
|
-
if (issuer !== undefined && claims.iss !== issuer) {
|
|
111
|
+
if (issuer !== undefined && pr.claims.iss !== issuer) {
|
|
96
112
|
return {
|
|
97
113
|
valid: false,
|
|
98
114
|
code: 'E_INVALID_ISSUER',
|
|
99
|
-
message: `Issuer mismatch: expected "${issuer}", got "${claims.iss}"`,
|
|
115
|
+
message: `Issuer mismatch: expected "${issuer}", got "${pr.claims.iss}"`,
|
|
100
116
|
};
|
|
101
117
|
}
|
|
102
118
|
// 4. Check audience binding
|
|
103
|
-
if (audience !== undefined && claims.aud !== audience) {
|
|
119
|
+
if (audience !== undefined && pr.claims.aud !== audience) {
|
|
104
120
|
return {
|
|
105
121
|
valid: false,
|
|
106
122
|
code: 'E_INVALID_AUDIENCE',
|
|
107
|
-
message: `Audience mismatch: expected "${audience}", got "${claims.aud}"`,
|
|
123
|
+
message: `Audience mismatch: expected "${audience}", got "${pr.claims.aud}"`,
|
|
108
124
|
};
|
|
109
125
|
}
|
|
110
|
-
// 5. Check
|
|
111
|
-
if (
|
|
112
|
-
const actualSubjectUri = claims.subject?.uri;
|
|
113
|
-
if (actualSubjectUri !== subjectUri) {
|
|
114
|
-
return {
|
|
115
|
-
valid: false,
|
|
116
|
-
code: 'E_INVALID_SUBJECT',
|
|
117
|
-
message: `Subject mismatch: expected "${subjectUri}", got "${actualSubjectUri ?? 'undefined'}"`,
|
|
118
|
-
};
|
|
119
|
-
}
|
|
120
|
-
}
|
|
121
|
-
// 6. Check receipt ID binding
|
|
122
|
-
if (rid !== undefined && claims.rid !== rid) {
|
|
126
|
+
// 5. Check receipt ID binding
|
|
127
|
+
if (rid !== undefined && pr.claims.rid !== rid) {
|
|
123
128
|
return {
|
|
124
129
|
valid: false,
|
|
125
130
|
code: 'E_INVALID_RECEIPT_ID',
|
|
126
|
-
message: `Receipt ID mismatch: expected "${rid}", got "${claims.rid}"`,
|
|
131
|
+
message: `Receipt ID mismatch: expected "${rid}", got "${pr.claims.rid}"`,
|
|
127
132
|
};
|
|
128
133
|
}
|
|
129
|
-
//
|
|
130
|
-
if (requireExp && claims.exp === undefined) {
|
|
134
|
+
// 6. Check requireExp
|
|
135
|
+
if (requireExp && pr.claims.exp === undefined) {
|
|
131
136
|
return {
|
|
132
137
|
valid: false,
|
|
133
138
|
code: 'E_MISSING_EXP',
|
|
134
139
|
message: 'Receipt missing required exp claim',
|
|
135
140
|
};
|
|
136
141
|
}
|
|
137
|
-
//
|
|
138
|
-
if (claims.iat > now + maxClockSkew) {
|
|
142
|
+
// 7. Check not-yet-valid (iat with clock skew)
|
|
143
|
+
if (pr.claims.iat > now + maxClockSkew) {
|
|
139
144
|
return {
|
|
140
145
|
valid: false,
|
|
141
146
|
code: 'E_NOT_YET_VALID',
|
|
142
|
-
message: `Receipt not yet valid: issued at ${new Date(claims.iat * 1000).toISOString()}, now is ${new Date(now * 1000).toISOString()}`,
|
|
147
|
+
message: `Receipt not yet valid: issued at ${new Date(pr.claims.iat * 1000).toISOString()}, now is ${new Date(now * 1000).toISOString()}`,
|
|
143
148
|
};
|
|
144
149
|
}
|
|
145
|
-
//
|
|
146
|
-
if (claims.exp !== undefined && claims.exp < now - maxClockSkew) {
|
|
150
|
+
// 8. Check expiry (with clock skew tolerance)
|
|
151
|
+
if (pr.claims.exp !== undefined && pr.claims.exp < now - maxClockSkew) {
|
|
147
152
|
return {
|
|
148
153
|
valid: false,
|
|
149
154
|
code: 'E_EXPIRED',
|
|
150
|
-
message: `Receipt expired at ${new Date(claims.exp * 1000).toISOString()}`,
|
|
155
|
+
message: `Receipt expired at ${new Date(pr.claims.exp * 1000).toISOString()}`,
|
|
151
156
|
};
|
|
152
157
|
}
|
|
153
|
-
return
|
|
154
|
-
|
|
155
|
-
claims
|
|
156
|
-
|
|
157
|
-
|
|
158
|
+
// 9. Subject binding + typed return (variant-branched, no unsafe casts)
|
|
159
|
+
if (pr.variant === 'commerce') {
|
|
160
|
+
const claims = pr.claims;
|
|
161
|
+
if (subjectUri !== undefined && claims.subject?.uri !== subjectUri) {
|
|
162
|
+
return {
|
|
163
|
+
valid: false,
|
|
164
|
+
code: 'E_INVALID_SUBJECT',
|
|
165
|
+
message: `Subject mismatch: expected "${subjectUri}", got "${claims.subject?.uri ?? 'undefined'}"`,
|
|
166
|
+
};
|
|
167
|
+
}
|
|
168
|
+
return { valid: true, variant: 'commerce', claims, kid: result.header.kid };
|
|
169
|
+
}
|
|
170
|
+
else {
|
|
171
|
+
const claims = pr.claims;
|
|
172
|
+
if (subjectUri !== undefined && claims.sub !== subjectUri) {
|
|
173
|
+
return {
|
|
174
|
+
valid: false,
|
|
175
|
+
code: 'E_INVALID_SUBJECT',
|
|
176
|
+
message: `Subject mismatch: expected "${subjectUri}", got "${claims.sub ?? 'undefined'}"`,
|
|
177
|
+
};
|
|
178
|
+
}
|
|
179
|
+
return { valid: true, variant: 'attestation', claims, kid: result.header.kid };
|
|
180
|
+
}
|
|
158
181
|
}
|
|
159
182
|
catch (err) {
|
|
160
183
|
// Handle typed CryptoError from @peac/crypto
|
|
@@ -186,4 +209,22 @@ async function verifyLocal(jws, publicKey, options = {}) {
|
|
|
186
209
|
};
|
|
187
210
|
}
|
|
188
211
|
}
|
|
212
|
+
/**
|
|
213
|
+
* Type guard: narrows a VerifyLocalResult to a commerce success.
|
|
214
|
+
*
|
|
215
|
+
* Use instead of manual `result.valid && result.variant === 'commerce'` checks
|
|
216
|
+
* to get proper claims narrowing to ReceiptClaimsType.
|
|
217
|
+
*/
|
|
218
|
+
function isCommerceResult(r) {
|
|
219
|
+
return r.valid === true && r.variant === 'commerce';
|
|
220
|
+
}
|
|
221
|
+
/**
|
|
222
|
+
* Type guard: narrows a VerifyLocalResult to an attestation success.
|
|
223
|
+
*
|
|
224
|
+
* Use instead of manual `result.valid && result.variant === 'attestation'` checks
|
|
225
|
+
* to get proper claims narrowing to AttestationReceiptClaims.
|
|
226
|
+
*/
|
|
227
|
+
function isAttestationResult(r) {
|
|
228
|
+
return r.valid === true && r.variant === 'attestation';
|
|
229
|
+
}
|
|
189
230
|
//# sourceMappingURL=verify-local.js.map
|
package/dist/verify-local.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"verify-local.js","sourceRoot":"","sources":["../src/verify-local.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;
|
|
1
|
+
{"version":3,"file":"verify-local.js","sourceRoot":"","sources":["../src/verify-local.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;AAoOH,kCA2IC;AAQD,4CAIC;AAQD,kDAIC;AArYD,yCAAmD;AACnD,yCAIsB;AAYtB;;;GAGG;AACH,SAAS,aAAa,CAAC,GAAY;IACjC,OAAO,CACL,GAAG,KAAK,IAAI;QACZ,OAAO,GAAG,KAAK,QAAQ;QACvB,MAAM,IAAI,GAAG;QACb,GAAG,CAAC,IAAI,KAAK,aAAa;QAC1B,MAAM,IAAI,GAAG;QACb,OAAO,GAAG,CAAC,IAAI,KAAK,QAAQ;QAC5B,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC;QAC9B,SAAS,IAAI,GAAG;QAChB,OAAO,GAAG,CAAC,OAAO,KAAK,QAAQ,CAChC,CAAC;AACJ,CAAC;AAoID;;;GAGG;AACH,MAAM,kBAAkB,GAAG,IAAI,GAAG,CAAC;IACjC,2BAA2B;IAC3B,oBAAoB;IACpB,oBAAoB;IACpB,2BAA2B;CAC5B,CAAC,CAAC;AAEH,kEAAkE;AAClE,MAAM,gBAAgB,GAAG,EAAE,CAAC;AAE5B;;;GAGG;AACH,SAAS,mBAAmB,CAC1B,MAAe;IAEf,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC;QAAE,OAAO,SAAS,CAAC;IAC7C,OAAO,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,gBAAgB,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QACvD,IAAI,EAAE,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE;QAC5D,OAAO,EAAE,OAAO,KAAK,EAAE,OAAO,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;KAC5E,CAAC,CAAC,CAAC;AACN,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AACI,KAAK,UAAU,WAAW,CAC/B,GAAW,EACX,SAAqB,EACrB,UAA8B,EAAE;IAEhC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,GAAG,EAAE,UAAU,GAAG,KAAK,EAAE,YAAY,GAAG,GAAG,EAAE,GAAG,OAAO,CAAC;IAC9F,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IAEzD,IAAI,CAAC;QACH,sEAAsE;QACtE,MAAM,MAAM,GAAG,MAAM,IAAA,eAAS,EAAU,GAAG,EAAE,SAAS,CAAC,CAAC;QAExD,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;YAClB,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,IAAI,EAAE,qBAAqB;gBAC3B,OAAO,EAAE,uCAAuC;aACjD,CAAC;QACJ,CAAC;QAED,6EAA6E;QAC7E,MAAM,EAAE,GAAG,IAAA,2BAAkB,EAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QAE9C,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YACX,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,IAAI,EAAE,kBAAkB;gBACxB,OAAO,EAAE,qCAAqC,EAAE,CAAC,KAAK,CAAC,OAAO,EAAE;gBAChE,OAAO,EAAE,EAAE,UAAU,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,EAAE,MAAM,EAAE,mBAAmB,CAAC,EAAE,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE;aACrF,CAAC;QACJ,CAAC;QAED,8EAA8E;QAC9E,0BAA0B;QAC1B,IAAI,MAAM,KAAK,SAAS,IAAI,EAAE,CAAC,MAAM,CAAC,GAAG,KAAK,MAAM,EAAE,CAAC;YACrD,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,IAAI,EAAE,kBAAkB;gBACxB,OAAO,EAAE,8BAA8B,MAAM,WAAW,EAAE,CAAC,MAAM,CAAC,GAAG,GAAG;aACzE,CAAC;QACJ,CAAC;QAED,4BAA4B;QAC5B,IAAI,QAAQ,KAAK,SAAS,IAAI,EAAE,CAAC,MAAM,CAAC,GAAG,KAAK,QAAQ,EAAE,CAAC;YACzD,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,IAAI,EAAE,oBAAoB;gBAC1B,OAAO,EAAE,gCAAgC,QAAQ,WAAW,EAAE,CAAC,MAAM,CAAC,GAAG,GAAG;aAC7E,CAAC;QACJ,CAAC;QAED,8BAA8B;QAC9B,IAAI,GAAG,KAAK,SAAS,IAAI,EAAE,CAAC,MAAM,CAAC,GAAG,KAAK,GAAG,EAAE,CAAC;YAC/C,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,IAAI,EAAE,sBAAsB;gBAC5B,OAAO,EAAE,kCAAkC,GAAG,WAAW,EAAE,CAAC,MAAM,CAAC,GAAG,GAAG;aAC1E,CAAC;QACJ,CAAC;QAED,sBAAsB;QACtB,IAAI,UAAU,IAAI,EAAE,CAAC,MAAM,CAAC,GAAG,KAAK,SAAS,EAAE,CAAC;YAC9C,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,IAAI,EAAE,eAAe;gBACrB,OAAO,EAAE,oCAAoC;aAC9C,CAAC;QACJ,CAAC;QAED,+CAA+C;QAC/C,IAAI,EAAE,CAAC,MAAM,CAAC,GAAG,GAAG,GAAG,GAAG,YAAY,EAAE,CAAC;YACvC,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,IAAI,EAAE,iBAAiB;gBACvB,OAAO,EAAE,oCAAoC,IAAI,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE,YAAY,IAAI,IAAI,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE,EAAE;aAC1I,CAAC;QACJ,CAAC;QAED,8CAA8C;QAC9C,IAAI,EAAE,CAAC,MAAM,CAAC,GAAG,KAAK,SAAS,IAAI,EAAE,CAAC,MAAM,CAAC,GAAG,GAAG,GAAG,GAAG,YAAY,EAAE,CAAC;YACtE,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,IAAI,EAAE,WAAW;gBACjB,OAAO,EAAE,sBAAsB,IAAI,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE,EAAE;aAC9E,CAAC;QACJ,CAAC;QAED,wEAAwE;QACxE,IAAI,EAAE,CAAC,OAAO,KAAK,UAAU,EAAE,CAAC;YAC9B,MAAM,MAAM,GAAG,EAAE,CAAC,MAA2B,CAAC;YAC9C,IAAI,UAAU,KAAK,SAAS,IAAI,MAAM,CAAC,OAAO,EAAE,GAAG,KAAK,UAAU,EAAE,CAAC;gBACnE,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,IAAI,EAAE,mBAAmB;oBACzB,OAAO,EAAE,+BAA+B,UAAU,WAAW,MAAM,CAAC,OAAO,EAAE,GAAG,IAAI,WAAW,GAAG;iBACnG,CAAC;YACJ,CAAC;YACD,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;QAC9E,CAAC;aAAM,CAAC;YACN,MAAM,MAAM,GAAG,EAAE,CAAC,MAAkC,CAAC;YACrD,IAAI,UAAU,KAAK,SAAS,IAAI,MAAM,CAAC,GAAG,KAAK,UAAU,EAAE,CAAC;gBAC1D,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,IAAI,EAAE,mBAAmB;oBACzB,OAAO,EAAE,+BAA+B,UAAU,WAAW,MAAM,CAAC,GAAG,IAAI,WAAW,GAAG;iBAC1F,CAAC;YACJ,CAAC;YACD,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,aAAa,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;QACjF,CAAC;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,6CAA6C;QAC7C,sFAAsF;QACtF,qDAAqD;QACrD,IAAI,aAAa,CAAC,GAAG,CAAC,EAAE,CAAC;YACvB,IAAI,kBAAkB,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;gBACrC,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,IAAI,EAAE,kBAAkB;oBACxB,OAAO,EAAE,GAAG,CAAC,OAAO;iBACrB,CAAC;YACJ,CAAC;YACD,IAAI,GAAG,CAAC,IAAI,KAAK,0BAA0B,EAAE,CAAC;gBAC5C,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,IAAI,EAAE,qBAAqB;oBAC3B,OAAO,EAAE,GAAG,CAAC,OAAO;iBACrB,CAAC;YACJ,CAAC;QACH,CAAC;QAED,0DAA0D;QAC1D,+CAA+C;QAC/C,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACjE,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,IAAI,EAAE,YAAY;YAClB,OAAO,EAAE,kCAAkC,OAAO,EAAE;SACrD,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,SAAgB,gBAAgB,CAC9B,CAAoB;IAEpB,OAAO,CAAC,CAAC,KAAK,KAAK,IAAI,IAAI,CAAC,CAAC,OAAO,KAAK,UAAU,CAAC;AACtD,CAAC;AAED;;;;;GAKG;AACH,SAAgB,mBAAmB,CACjC,CAAoB;IAEpB,OAAO,CAAC,CAAC,KAAK,KAAK,IAAI,IAAI,CAAC,CAAC,OAAO,KAAK,aAAa,CAAC;AACzD,CAAC"}
|
package/dist/verify.d.ts
CHANGED
|
@@ -2,6 +2,7 @@
|
|
|
2
2
|
* Receipt verification with JWKS fetching and caching
|
|
3
3
|
*/
|
|
4
4
|
import { PEACReceiptClaims, SubjectProfileSnapshot } from '@peac/schema';
|
|
5
|
+
import { type TelemetryHook } from './telemetry.js';
|
|
5
6
|
/**
|
|
6
7
|
* Verification result
|
|
7
8
|
*/
|
|
@@ -37,6 +38,8 @@ export interface VerifyOptions {
|
|
|
37
38
|
receiptJws: string;
|
|
38
39
|
/** Subject profile snapshot (v0.9.17+, optional envelope metadata) */
|
|
39
40
|
subject_snapshot?: SubjectProfileSnapshot;
|
|
41
|
+
/** Telemetry hook (optional, fire-and-forget) */
|
|
42
|
+
telemetry?: TelemetryHook;
|
|
40
43
|
}
|
|
41
44
|
/**
|
|
42
45
|
* Verify a PEAC receipt JWS
|
package/dist/verify.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"verify.d.ts","sourceRoot":"","sources":["../src/verify.ts"],"names":[],"mappings":"AAAA;;GAEG;AAGH,OAAO,EACL,iBAAiB,EAEjB,sBAAsB,EAEvB,MAAM,cAAc,CAAC;
|
|
1
|
+
{"version":3,"file":"verify.d.ts","sourceRoot":"","sources":["../src/verify.ts"],"names":[],"mappings":"AAAA;;GAEG;AAGH,OAAO,EACL,iBAAiB,EAEjB,sBAAsB,EAEvB,MAAM,cAAc,CAAC;AACtB,OAAO,EAAkC,KAAK,aAAa,EAAE,MAAM,gBAAgB,CAAC;AA8BpF;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,6BAA6B;IAC7B,EAAE,EAAE,IAAI,CAAC;IAET,qBAAqB;IACrB,MAAM,EAAE,iBAAiB,CAAC;IAE1B,uDAAuD;IACvD,gBAAgB,CAAC,EAAE,sBAAsB,CAAC;IAE1C,0BAA0B;IAC1B,IAAI,CAAC,EAAE;QACL,SAAS,EAAE,MAAM,CAAC;QAClB,aAAa,CAAC,EAAE,MAAM,CAAC;KACxB,CAAC;CACH;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,0BAA0B;IAC1B,EAAE,EAAE,KAAK,CAAC;IAEV,mBAAmB;IACnB,MAAM,EAAE,MAAM,CAAC;IAEf,oBAAoB;IACpB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAmGD;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,gCAAgC;IAChC,UAAU,EAAE,MAAM,CAAC;IAEnB,sEAAsE;IACtE,gBAAgB,CAAC,EAAE,sBAAsB,CAAC;IAE1C,iDAAiD;IACjD,SAAS,CAAC,EAAE,aAAa,CAAC;CAC3B;AAED;;;;;GAKG;AACH,wBAAsB,aAAa,CACjC,YAAY,EAAE,MAAM,GAAG,aAAa,GACnC,OAAO,CAAC,YAAY,GAAG,aAAa,CAAC,CAyHvC"}
|
package/dist/verify.js
CHANGED
|
@@ -6,7 +6,6 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
6
6
|
exports.verifyReceipt = verifyReceipt;
|
|
7
7
|
const crypto_1 = require("@peac/crypto");
|
|
8
8
|
const schema_1 = require("@peac/schema");
|
|
9
|
-
const telemetry_1 = require("@peac/telemetry");
|
|
10
9
|
const telemetry_js_1 = require("./telemetry.js");
|
|
11
10
|
/**
|
|
12
11
|
* In-memory JWKS cache
|
|
@@ -95,27 +94,6 @@ function jwkToPublicKey(jwk) {
|
|
|
95
94
|
}
|
|
96
95
|
return new Uint8Array(xBytes);
|
|
97
96
|
}
|
|
98
|
-
/**
|
|
99
|
-
* Emit verification telemetry (no-throw guard)
|
|
100
|
-
*/
|
|
101
|
-
function emitVerifyTelemetry(receiptJws, valid, reasonCode, issuer, kid, durationMs) {
|
|
102
|
-
const p = telemetry_1.providerRef.current;
|
|
103
|
-
if (p) {
|
|
104
|
-
try {
|
|
105
|
-
p.onReceiptVerified({
|
|
106
|
-
receiptHash: (0, telemetry_js_1.hashReceipt)(receiptJws),
|
|
107
|
-
valid,
|
|
108
|
-
reasonCode,
|
|
109
|
-
issuer,
|
|
110
|
-
kid,
|
|
111
|
-
durationMs,
|
|
112
|
-
});
|
|
113
|
-
}
|
|
114
|
-
catch {
|
|
115
|
-
// Telemetry MUST NOT break core flow
|
|
116
|
-
}
|
|
117
|
-
}
|
|
118
|
-
}
|
|
119
97
|
/**
|
|
120
98
|
* Verify a PEAC receipt JWS
|
|
121
99
|
*
|
|
@@ -126,6 +104,7 @@ async function verifyReceipt(optionsOrJws) {
|
|
|
126
104
|
// Support both old (string) and new (options) signatures for backwards compatibility
|
|
127
105
|
const receiptJws = typeof optionsOrJws === 'string' ? optionsOrJws : optionsOrJws.receiptJws;
|
|
128
106
|
const inputSnapshot = typeof optionsOrJws === 'string' ? undefined : optionsOrJws.subject_snapshot;
|
|
107
|
+
const telemetry = typeof optionsOrJws === 'string' ? undefined : optionsOrJws.telemetry;
|
|
129
108
|
const startTime = performance.now();
|
|
130
109
|
let jwksFetchTime;
|
|
131
110
|
try {
|
|
@@ -136,7 +115,14 @@ async function verifyReceipt(optionsOrJws) {
|
|
|
136
115
|
// Check expiry
|
|
137
116
|
if (payload.exp && payload.exp < Math.floor(Date.now() / 1000)) {
|
|
138
117
|
const durationMs = performance.now() - startTime;
|
|
139
|
-
|
|
118
|
+
(0, telemetry_js_1.fireTelemetryHook)(telemetry?.onReceiptVerified, {
|
|
119
|
+
receiptHash: (0, telemetry_js_1.hashReceipt)(receiptJws),
|
|
120
|
+
valid: false,
|
|
121
|
+
reasonCode: 'expired',
|
|
122
|
+
issuer: payload.iss,
|
|
123
|
+
kid: header.kid,
|
|
124
|
+
durationMs,
|
|
125
|
+
});
|
|
140
126
|
return {
|
|
141
127
|
ok: false,
|
|
142
128
|
reason: 'expired',
|
|
@@ -153,7 +139,14 @@ async function verifyReceipt(optionsOrJws) {
|
|
|
153
139
|
const jwk = jwks.keys.find((k) => k.kid === header.kid);
|
|
154
140
|
if (!jwk) {
|
|
155
141
|
const durationMs = performance.now() - startTime;
|
|
156
|
-
|
|
142
|
+
(0, telemetry_js_1.fireTelemetryHook)(telemetry?.onReceiptVerified, {
|
|
143
|
+
receiptHash: (0, telemetry_js_1.hashReceipt)(receiptJws),
|
|
144
|
+
valid: false,
|
|
145
|
+
reasonCode: 'unknown_key',
|
|
146
|
+
issuer: payload.iss,
|
|
147
|
+
kid: header.kid,
|
|
148
|
+
durationMs,
|
|
149
|
+
});
|
|
157
150
|
return {
|
|
158
151
|
ok: false,
|
|
159
152
|
reason: 'unknown_key',
|
|
@@ -166,7 +159,14 @@ async function verifyReceipt(optionsOrJws) {
|
|
|
166
159
|
const result = await (0, crypto_1.verify)(receiptJws, publicKey);
|
|
167
160
|
if (!result.valid) {
|
|
168
161
|
const durationMs = performance.now() - startTime;
|
|
169
|
-
|
|
162
|
+
(0, telemetry_js_1.fireTelemetryHook)(telemetry?.onReceiptVerified, {
|
|
163
|
+
receiptHash: (0, telemetry_js_1.hashReceipt)(receiptJws),
|
|
164
|
+
valid: false,
|
|
165
|
+
reasonCode: 'invalid_signature',
|
|
166
|
+
issuer: payload.iss,
|
|
167
|
+
kid: header.kid,
|
|
168
|
+
durationMs,
|
|
169
|
+
});
|
|
170
170
|
return {
|
|
171
171
|
ok: false,
|
|
172
172
|
reason: 'invalid_signature',
|
|
@@ -177,8 +177,14 @@ async function verifyReceipt(optionsOrJws) {
|
|
|
177
177
|
// This validates schema and logs advisory PII warning if applicable
|
|
178
178
|
const validatedSnapshot = (0, schema_1.validateSubjectSnapshot)(inputSnapshot);
|
|
179
179
|
const verifyTime = performance.now() - startTime;
|
|
180
|
-
// Emit success telemetry
|
|
181
|
-
|
|
180
|
+
// Emit success telemetry (fire-and-forget, guarded)
|
|
181
|
+
(0, telemetry_js_1.fireTelemetryHook)(telemetry?.onReceiptVerified, {
|
|
182
|
+
receiptHash: (0, telemetry_js_1.hashReceipt)(receiptJws),
|
|
183
|
+
valid: true,
|
|
184
|
+
issuer: payload.iss,
|
|
185
|
+
kid: header.kid,
|
|
186
|
+
durationMs: verifyTime,
|
|
187
|
+
});
|
|
182
188
|
return {
|
|
183
189
|
ok: true,
|
|
184
190
|
claims: payload,
|
|
@@ -191,7 +197,12 @@ async function verifyReceipt(optionsOrJws) {
|
|
|
191
197
|
}
|
|
192
198
|
catch (err) {
|
|
193
199
|
const durationMs = performance.now() - startTime;
|
|
194
|
-
|
|
200
|
+
(0, telemetry_js_1.fireTelemetryHook)(telemetry?.onReceiptVerified, {
|
|
201
|
+
receiptHash: (0, telemetry_js_1.hashReceipt)(receiptJws),
|
|
202
|
+
valid: false,
|
|
203
|
+
reasonCode: 'verification_error',
|
|
204
|
+
durationMs,
|
|
205
|
+
});
|
|
195
206
|
return {
|
|
196
207
|
ok: false,
|
|
197
208
|
reason: 'verification_error',
|
package/dist/verify.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"verify.js","sourceRoot":"","sources":["../src/verify.ts"],"names":[],"mappings":";AAAA;;GAEG;;
|
|
1
|
+
{"version":3,"file":"verify.js","sourceRoot":"","sources":["../src/verify.ts"],"names":[],"mappings":";AAAA;;GAEG;;AA8LH,sCA2HC;AAvTD,yCAA2D;AAC3D,yCAKsB;AACtB,iDAAoF;AAmBpF;;;GAGG;AACH,MAAM,SAAS,GAAG,IAAI,GAAG,EAA6C,CAAC;AAEvE;;GAEG;AACH,MAAM,YAAY,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;AAoCnC;;GAEG;AACH,KAAK,UAAU,SAAS,CAAC,SAAiB;IACxC,uCAAuC;IACvC,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QACtC,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;IACjD,CAAC;IAED,oCAAoC;IACpC,MAAM,YAAY,GAAG,GAAG,SAAS,uBAAuB,CAAC;IAEzD,IAAI,CAAC;QACH,MAAM,aAAa,GAAG,MAAM,KAAK,CAAC,YAAY,EAAE;YAC9C,OAAO,EAAE,EAAE,MAAM,EAAE,YAAY,EAAE;YACjC,0BAA0B;YAC1B,MAAM,EAAE,WAAW,CAAC,OAAO,CAAC,IAAI,CAAC;SAClC,CAAC,CAAC;QAEH,IAAI,CAAC,aAAa,CAAC,EAAE,EAAE,CAAC;YACtB,MAAM,IAAI,KAAK,CAAC,2BAA2B,aAAa,CAAC,MAAM,EAAE,CAAC,CAAC;QACrE,CAAC;QAED,MAAM,aAAa,GAAG,MAAM,aAAa,CAAC,IAAI,EAAE,CAAC;QAEjD,wDAAwD;QACxD,MAAM,QAAQ,GAAG,aAAa,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC;QACpF,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;QAChD,CAAC;QAED,MAAM,OAAO,GAAG,QAAQ,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QAErD,oDAAoD;QACpD,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;YACpC,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;QAC/C,CAAC;QAED,aAAa;QACb,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,OAAO,EAAE;YACpC,OAAO,EAAE,EAAE,MAAM,EAAE,kBAAkB,EAAE;YACvC,MAAM,EAAE,WAAW,CAAC,OAAO,CAAC,IAAI,CAAC;SAClC,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,sBAAsB,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;QAC3D,CAAC;QAED,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAS,CAAC;QAE7C,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CAAC,sBAAsB,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAC5F,CAAC;AACH,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,OAAO,CAAC,SAAiB;IACtC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAEvB,cAAc;IACd,MAAM,MAAM,GAAG,SAAS,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IACxC,IAAI,MAAM,IAAI,MAAM,CAAC,SAAS,GAAG,GAAG,EAAE,CAAC;QACrC,OAAO,EAAE,IAAI,EAAE,MAAM,CAAC,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC;IAChD,CAAC;IAED,mBAAmB;IACnB,MAAM,IAAI,GAAG,MAAM,SAAS,CAAC,SAAS,CAAC,CAAC;IAExC,WAAW;IACX,SAAS,CAAC,GAAG,CAAC,SAAS,EAAE;QACvB,IAAI,EAAE,IAAI;QACV,SAAS,EAAE,GAAG,GAAG,YAAY;KAC9B,CAAC,CAAC;IAEH,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC;AACpC,CAAC;AAED;;GAEG;AACH,SAAS,cAAc,CAAC,GAAQ;IAC9B,IAAI,GAAG,CAAC,GAAG,KAAK,KAAK,IAAI,GAAG,CAAC,GAAG,KAAK,SAAS,EAAE,CAAC;QAC/C,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;IACnE,CAAC;IAED,gCAAgC;IAChC,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC;IAC/C,IAAI,MAAM,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;QACzB,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;IACzD,CAAC;IAED,OAAO,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC;AAChC,CAAC;AAgBD;;;;;GAKG;AACI,KAAK,UAAU,aAAa,CACjC,YAAoC;IAEpC,qFAAqF;IACrF,MAAM,UAAU,GAAG,OAAO,YAAY,KAAK,QAAQ,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,YAAY,CAAC,UAAU,CAAC;IAC7F,MAAM,aAAa,GACjB,OAAO,YAAY,KAAK,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,YAAY,CAAC,gBAAgB,CAAC;IAC/E,MAAM,SAAS,GAAG,OAAO,YAAY,KAAK,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,YAAY,CAAC,SAAS,CAAC;IACxF,MAAM,SAAS,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC;IACpC,IAAI,aAAiC,CAAC;IAEtC,IAAI,CAAC;QACH,2BAA2B;QAC3B,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,IAAA,eAAM,EAAoB,UAAU,CAAC,CAAC;QAElE,4BAA4B;QAC5B,sBAAa,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAE7B,eAAe;QACf,IAAI,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,EAAE,CAAC;YAC/D,MAAM,UAAU,GAAG,WAAW,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;YACjD,IAAA,gCAAiB,EAAC,SAAS,EAAE,iBAAiB,EAAE;gBAC9C,WAAW,EAAE,IAAA,0BAAW,EAAC,UAAU,CAAC;gBACpC,KAAK,EAAE,KAAK;gBACZ,UAAU,EAAE,SAAS;gBACrB,MAAM,EAAE,OAAO,CAAC,GAAG;gBACnB,GAAG,EAAE,MAAM,CAAC,GAAG;gBACf,UAAU;aACX,CAAC,CAAC;YACH,OAAO;gBACL,EAAE,EAAE,KAAK;gBACT,MAAM,EAAE,SAAS;gBACjB,OAAO,EAAE,sBAAsB,IAAI,IAAI,CAAC,OAAO,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE,EAAE;aAC5E,CAAC;QACJ,CAAC;QAED,aAAa;QACb,MAAM,cAAc,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC;QACzC,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,GAAG,MAAM,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QACvD,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,aAAa,GAAG,WAAW,CAAC,GAAG,EAAE,GAAG,cAAc,CAAC;QACrD,CAAC;QAED,kBAAkB;QAClB,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,MAAM,CAAC,GAAG,CAAC,CAAC;QACxD,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,MAAM,UAAU,GAAG,WAAW,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;YACjD,IAAA,gCAAiB,EAAC,SAAS,EAAE,iBAAiB,EAAE;gBAC9C,WAAW,EAAE,IAAA,0BAAW,EAAC,UAAU,CAAC;gBACpC,KAAK,EAAE,KAAK;gBACZ,UAAU,EAAE,aAAa;gBACzB,MAAM,EAAE,OAAO,CAAC,GAAG;gBACnB,GAAG,EAAE,MAAM,CAAC,GAAG;gBACf,UAAU;aACX,CAAC,CAAC;YACH,OAAO;gBACL,EAAE,EAAE,KAAK;gBACT,MAAM,EAAE,aAAa;gBACrB,OAAO,EAAE,yBAAyB,MAAM,CAAC,GAAG,EAAE;aAC/C,CAAC;QACJ,CAAC;QAED,4BAA4B;QAC5B,MAAM,SAAS,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC;QAEtC,mBAAmB;QACnB,MAAM,MAAM,GAAG,MAAM,IAAA,eAAS,EAAoB,UAAU,EAAE,SAAS,CAAC,CAAC;QAEzE,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;YAClB,MAAM,UAAU,GAAG,WAAW,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;YACjD,IAAA,gCAAiB,EAAC,SAAS,EAAE,iBAAiB,EAAE;gBAC9C,WAAW,EAAE,IAAA,0BAAW,EAAC,UAAU,CAAC;gBACpC,KAAK,EAAE,KAAK;gBACZ,UAAU,EAAE,mBAAmB;gBAC/B,MAAM,EAAE,OAAO,CAAC,GAAG;gBACnB,GAAG,EAAE,MAAM,CAAC,GAAG;gBACf,UAAU;aACX,CAAC,CAAC;YACH,OAAO;gBACL,EAAE,EAAE,KAAK;gBACT,MAAM,EAAE,mBAAmB;gBAC3B,OAAO,EAAE,uCAAuC;aACjD,CAAC;QACJ,CAAC;QAED,mDAAmD;QACnD,oEAAoE;QACpE,MAAM,iBAAiB,GAAG,IAAA,gCAAuB,EAAC,aAAa,CAAC,CAAC;QAEjE,MAAM,UAAU,GAAG,WAAW,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;QAEjD,oDAAoD;QACpD,IAAA,gCAAiB,EAAC,SAAS,EAAE,iBAAiB,EAAE;YAC9C,WAAW,EAAE,IAAA,0BAAW,EAAC,UAAU,CAAC;YACpC,KAAK,EAAE,IAAI;YACX,MAAM,EAAE,OAAO,CAAC,GAAG;YACnB,GAAG,EAAE,MAAM,CAAC,GAAG;YACf,UAAU,EAAE,UAAU;SACvB,CAAC,CAAC;QAEH,OAAO;YACL,EAAE,EAAE,IAAI;YACR,MAAM,EAAE,OAAO;YACf,GAAG,CAAC,iBAAiB,IAAI,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,CAAC;YACjE,IAAI,EAAE;gBACJ,SAAS,EAAE,UAAU;gBACrB,GAAG,CAAC,aAAa,IAAI,EAAE,aAAa,EAAE,aAAa,EAAE,CAAC;aACvD;SACF,CAAC;IACJ,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,UAAU,GAAG,WAAW,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;QACjD,IAAA,gCAAiB,EAAC,SAAS,EAAE,iBAAiB,EAAE;YAC9C,WAAW,EAAE,IAAA,0BAAW,EAAC,UAAU,CAAC;YACpC,KAAK,EAAE,KAAK;YACZ,UAAU,EAAE,oBAAoB;YAChC,UAAU;SACX,CAAC,CAAC;QACH,OAAO;YACL,EAAE,EAAE,KAAK;YACT,MAAM,EAAE,oBAAoB;YAC5B,OAAO,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;SAC1D,CAAC;IACJ,CAAC;AACH,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@peac/protocol",
|
|
3
|
-
"version": "0.10.
|
|
3
|
+
"version": "0.10.9",
|
|
4
4
|
"description": "PEAC protocol implementation - receipt issuance and verification",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"types": "dist/index.d.ts",
|
|
@@ -37,10 +37,9 @@
|
|
|
37
37
|
"dependencies": {
|
|
38
38
|
"uuidv7": "^0.6.3",
|
|
39
39
|
"zod": "^3.22.4",
|
|
40
|
-
"@peac/kernel": "0.10.
|
|
41
|
-
"@peac/schema": "0.10.
|
|
42
|
-
"@peac/crypto": "0.10.
|
|
43
|
-
"@peac/telemetry": "0.10.8"
|
|
40
|
+
"@peac/kernel": "0.10.9",
|
|
41
|
+
"@peac/schema": "0.10.9",
|
|
42
|
+
"@peac/crypto": "0.10.9"
|
|
44
43
|
},
|
|
45
44
|
"devDependencies": {
|
|
46
45
|
"@types/node": "^20.10.0",
|