@peac/protocol 0.12.0-preview.1 → 0.12.0-preview.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.cjs +9 -93
- package/dist/index.cjs.map +1 -1
- package/dist/index.mjs +9 -93
- package/dist/index.mjs.map +1 -1
- package/dist/issue.d.ts +4 -1
- package/dist/issue.d.ts.map +1 -1
- package/dist/verify-local-wire01.d.ts +45 -0
- package/dist/verify-local-wire01.d.ts.map +1 -0
- package/dist/verify-local.cjs +8 -92
- package/dist/verify-local.cjs.map +1 -1
- package/dist/verify-local.d.ts +30 -78
- package/dist/verify-local.d.ts.map +1 -1
- package/dist/verify-local.mjs +8 -92
- package/dist/verify-local.mjs.map +1 -1
- package/package.json +4 -4
package/dist/index.cjs
CHANGED
|
@@ -188,7 +188,7 @@ async function issueWire02(options) {
|
|
|
188
188
|
retryable: false,
|
|
189
189
|
http_status: 400,
|
|
190
190
|
details: {
|
|
191
|
-
message: `iss is not in canonical form: "${options.iss}". Use https
|
|
191
|
+
message: `iss is not in canonical form: "${options.iss}". Use an https://<origin> or did:<method> identifier.`
|
|
192
192
|
}
|
|
193
193
|
});
|
|
194
194
|
}
|
|
@@ -1415,16 +1415,7 @@ function sanitizeParseIssues(issues) {
|
|
|
1415
1415
|
}));
|
|
1416
1416
|
}
|
|
1417
1417
|
async function verifyLocal(jws, publicKey, options = {}) {
|
|
1418
|
-
const {
|
|
1419
|
-
issuer,
|
|
1420
|
-
audience,
|
|
1421
|
-
subjectUri,
|
|
1422
|
-
rid,
|
|
1423
|
-
requireExp = false,
|
|
1424
|
-
maxClockSkew = 300,
|
|
1425
|
-
strictness = "strict",
|
|
1426
|
-
policyDigest
|
|
1427
|
-
} = options;
|
|
1418
|
+
const { issuer, subjectUri, maxClockSkew = 300, strictness = "strict", policyDigest } = options;
|
|
1428
1419
|
const now = options.now ?? Math.floor(Date.now() / 1e3);
|
|
1429
1420
|
try {
|
|
1430
1421
|
const result = await crypto.verify(jws, publicKey);
|
|
@@ -1556,86 +1547,11 @@ async function verifyLocal(jws, publicKey, options = {}) {
|
|
|
1556
1547
|
policy_binding: bindingStatus
|
|
1557
1548
|
};
|
|
1558
1549
|
}
|
|
1559
|
-
|
|
1560
|
-
|
|
1561
|
-
|
|
1562
|
-
|
|
1563
|
-
|
|
1564
|
-
message: `Issuer mismatch: expected "${issuer}", got "${w01.iss}"`
|
|
1565
|
-
};
|
|
1566
|
-
}
|
|
1567
|
-
if (audience !== void 0 && w01.aud !== audience) {
|
|
1568
|
-
return {
|
|
1569
|
-
valid: false,
|
|
1570
|
-
code: "E_INVALID_AUDIENCE",
|
|
1571
|
-
message: `Audience mismatch: expected "${audience}", got "${w01.aud}"`
|
|
1572
|
-
};
|
|
1573
|
-
}
|
|
1574
|
-
if (rid !== void 0 && w01.rid !== rid) {
|
|
1575
|
-
return {
|
|
1576
|
-
valid: false,
|
|
1577
|
-
code: "E_INVALID_RECEIPT_ID",
|
|
1578
|
-
message: `Receipt ID mismatch: expected "${rid}", got "${w01.rid}"`
|
|
1579
|
-
};
|
|
1580
|
-
}
|
|
1581
|
-
if (requireExp && w01.exp === void 0) {
|
|
1582
|
-
return {
|
|
1583
|
-
valid: false,
|
|
1584
|
-
code: "E_MISSING_EXP",
|
|
1585
|
-
message: "Receipt missing required exp claim"
|
|
1586
|
-
};
|
|
1587
|
-
}
|
|
1588
|
-
if (w01.iat > now + maxClockSkew) {
|
|
1589
|
-
return {
|
|
1590
|
-
valid: false,
|
|
1591
|
-
code: "E_NOT_YET_VALID",
|
|
1592
|
-
message: `Receipt not yet valid: issued at ${new Date(w01.iat * 1e3).toISOString()}, now is ${new Date(now * 1e3).toISOString()}`
|
|
1593
|
-
};
|
|
1594
|
-
}
|
|
1595
|
-
if (w01.exp !== void 0 && w01.exp < now - maxClockSkew) {
|
|
1596
|
-
return {
|
|
1597
|
-
valid: false,
|
|
1598
|
-
code: "E_EXPIRED",
|
|
1599
|
-
message: `Receipt expired at ${new Date(w01.exp * 1e3).toISOString()}`
|
|
1600
|
-
};
|
|
1601
|
-
}
|
|
1602
|
-
if (pr.variant === "commerce") {
|
|
1603
|
-
const claims = pr.claims;
|
|
1604
|
-
if (subjectUri !== void 0 && claims.subject?.uri !== subjectUri) {
|
|
1605
|
-
return {
|
|
1606
|
-
valid: false,
|
|
1607
|
-
code: "E_INVALID_SUBJECT",
|
|
1608
|
-
message: `Subject mismatch: expected "${subjectUri}", got "${claims.subject?.uri ?? "undefined"}"`
|
|
1609
|
-
};
|
|
1610
|
-
}
|
|
1611
|
-
return {
|
|
1612
|
-
valid: true,
|
|
1613
|
-
variant: "commerce",
|
|
1614
|
-
claims,
|
|
1615
|
-
kid: result.header.kid,
|
|
1616
|
-
wireVersion: "0.1",
|
|
1617
|
-
warnings: [],
|
|
1618
|
-
policy_binding: "unavailable"
|
|
1619
|
-
};
|
|
1620
|
-
} else {
|
|
1621
|
-
const claims = pr.claims;
|
|
1622
|
-
if (subjectUri !== void 0 && claims.sub !== subjectUri) {
|
|
1623
|
-
return {
|
|
1624
|
-
valid: false,
|
|
1625
|
-
code: "E_INVALID_SUBJECT",
|
|
1626
|
-
message: `Subject mismatch: expected "${subjectUri}", got "${claims.sub ?? "undefined"}"`
|
|
1627
|
-
};
|
|
1628
|
-
}
|
|
1629
|
-
return {
|
|
1630
|
-
valid: true,
|
|
1631
|
-
variant: "attestation",
|
|
1632
|
-
claims,
|
|
1633
|
-
kid: result.header.kid,
|
|
1634
|
-
wireVersion: "0.1",
|
|
1635
|
-
warnings: [],
|
|
1636
|
-
policy_binding: "unavailable"
|
|
1637
|
-
};
|
|
1638
|
-
}
|
|
1550
|
+
return {
|
|
1551
|
+
valid: false,
|
|
1552
|
+
code: "E_UNSUPPORTED_WIRE_VERSION",
|
|
1553
|
+
message: "Wire 0.1 receipts are not supported. Re-issue as Wire 0.2 using issueWire02()."
|
|
1554
|
+
};
|
|
1639
1555
|
} catch (err) {
|
|
1640
1556
|
if (isCryptoError(err)) {
|
|
1641
1557
|
if (Object.prototype.hasOwnProperty.call(JOSE_CODE_MAP, err.code)) {
|
|
@@ -1684,10 +1600,10 @@ async function verifyLocal(jws, publicKey, options = {}) {
|
|
|
1684
1600
|
}
|
|
1685
1601
|
}
|
|
1686
1602
|
function isCommerceResult(r) {
|
|
1687
|
-
return
|
|
1603
|
+
return false;
|
|
1688
1604
|
}
|
|
1689
1605
|
function isAttestationResult(r) {
|
|
1690
|
-
return
|
|
1606
|
+
return false;
|
|
1691
1607
|
}
|
|
1692
1608
|
function isWire02Result(r) {
|
|
1693
1609
|
return r.valid === true && r.variant === "wire-02";
|