@peac/protocol 0.12.0-preview.1 → 0.12.0-preview.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.cjs +9 -93
- package/dist/index.cjs.map +1 -1
- package/dist/index.mjs +9 -93
- package/dist/index.mjs.map +1 -1
- package/dist/issue.d.ts +4 -1
- package/dist/issue.d.ts.map +1 -1
- package/dist/verify-local-wire01.d.ts +45 -0
- package/dist/verify-local-wire01.d.ts.map +1 -0
- package/dist/verify-local.cjs +8 -92
- package/dist/verify-local.cjs.map +1 -1
- package/dist/verify-local.d.ts +30 -78
- package/dist/verify-local.d.ts.map +1 -1
- package/dist/verify-local.mjs +8 -92
- package/dist/verify-local.mjs.map +1 -1
- package/package.json +4 -4
package/dist/index.mjs
CHANGED
|
@@ -187,7 +187,7 @@ async function issueWire02(options) {
|
|
|
187
187
|
retryable: false,
|
|
188
188
|
http_status: 400,
|
|
189
189
|
details: {
|
|
190
|
-
message: `iss is not in canonical form: "${options.iss}". Use https
|
|
190
|
+
message: `iss is not in canonical form: "${options.iss}". Use an https://<origin> or did:<method> identifier.`
|
|
191
191
|
}
|
|
192
192
|
});
|
|
193
193
|
}
|
|
@@ -1414,16 +1414,7 @@ function sanitizeParseIssues(issues) {
|
|
|
1414
1414
|
}));
|
|
1415
1415
|
}
|
|
1416
1416
|
async function verifyLocal(jws, publicKey, options = {}) {
|
|
1417
|
-
const {
|
|
1418
|
-
issuer,
|
|
1419
|
-
audience,
|
|
1420
|
-
subjectUri,
|
|
1421
|
-
rid,
|
|
1422
|
-
requireExp = false,
|
|
1423
|
-
maxClockSkew = 300,
|
|
1424
|
-
strictness = "strict",
|
|
1425
|
-
policyDigest
|
|
1426
|
-
} = options;
|
|
1417
|
+
const { issuer, subjectUri, maxClockSkew = 300, strictness = "strict", policyDigest } = options;
|
|
1427
1418
|
const now = options.now ?? Math.floor(Date.now() / 1e3);
|
|
1428
1419
|
try {
|
|
1429
1420
|
const result = await verify(jws, publicKey);
|
|
@@ -1555,86 +1546,11 @@ async function verifyLocal(jws, publicKey, options = {}) {
|
|
|
1555
1546
|
policy_binding: bindingStatus
|
|
1556
1547
|
};
|
|
1557
1548
|
}
|
|
1558
|
-
|
|
1559
|
-
|
|
1560
|
-
|
|
1561
|
-
|
|
1562
|
-
|
|
1563
|
-
message: `Issuer mismatch: expected "${issuer}", got "${w01.iss}"`
|
|
1564
|
-
};
|
|
1565
|
-
}
|
|
1566
|
-
if (audience !== void 0 && w01.aud !== audience) {
|
|
1567
|
-
return {
|
|
1568
|
-
valid: false,
|
|
1569
|
-
code: "E_INVALID_AUDIENCE",
|
|
1570
|
-
message: `Audience mismatch: expected "${audience}", got "${w01.aud}"`
|
|
1571
|
-
};
|
|
1572
|
-
}
|
|
1573
|
-
if (rid !== void 0 && w01.rid !== rid) {
|
|
1574
|
-
return {
|
|
1575
|
-
valid: false,
|
|
1576
|
-
code: "E_INVALID_RECEIPT_ID",
|
|
1577
|
-
message: `Receipt ID mismatch: expected "${rid}", got "${w01.rid}"`
|
|
1578
|
-
};
|
|
1579
|
-
}
|
|
1580
|
-
if (requireExp && w01.exp === void 0) {
|
|
1581
|
-
return {
|
|
1582
|
-
valid: false,
|
|
1583
|
-
code: "E_MISSING_EXP",
|
|
1584
|
-
message: "Receipt missing required exp claim"
|
|
1585
|
-
};
|
|
1586
|
-
}
|
|
1587
|
-
if (w01.iat > now + maxClockSkew) {
|
|
1588
|
-
return {
|
|
1589
|
-
valid: false,
|
|
1590
|
-
code: "E_NOT_YET_VALID",
|
|
1591
|
-
message: `Receipt not yet valid: issued at ${new Date(w01.iat * 1e3).toISOString()}, now is ${new Date(now * 1e3).toISOString()}`
|
|
1592
|
-
};
|
|
1593
|
-
}
|
|
1594
|
-
if (w01.exp !== void 0 && w01.exp < now - maxClockSkew) {
|
|
1595
|
-
return {
|
|
1596
|
-
valid: false,
|
|
1597
|
-
code: "E_EXPIRED",
|
|
1598
|
-
message: `Receipt expired at ${new Date(w01.exp * 1e3).toISOString()}`
|
|
1599
|
-
};
|
|
1600
|
-
}
|
|
1601
|
-
if (pr.variant === "commerce") {
|
|
1602
|
-
const claims = pr.claims;
|
|
1603
|
-
if (subjectUri !== void 0 && claims.subject?.uri !== subjectUri) {
|
|
1604
|
-
return {
|
|
1605
|
-
valid: false,
|
|
1606
|
-
code: "E_INVALID_SUBJECT",
|
|
1607
|
-
message: `Subject mismatch: expected "${subjectUri}", got "${claims.subject?.uri ?? "undefined"}"`
|
|
1608
|
-
};
|
|
1609
|
-
}
|
|
1610
|
-
return {
|
|
1611
|
-
valid: true,
|
|
1612
|
-
variant: "commerce",
|
|
1613
|
-
claims,
|
|
1614
|
-
kid: result.header.kid,
|
|
1615
|
-
wireVersion: "0.1",
|
|
1616
|
-
warnings: [],
|
|
1617
|
-
policy_binding: "unavailable"
|
|
1618
|
-
};
|
|
1619
|
-
} else {
|
|
1620
|
-
const claims = pr.claims;
|
|
1621
|
-
if (subjectUri !== void 0 && claims.sub !== subjectUri) {
|
|
1622
|
-
return {
|
|
1623
|
-
valid: false,
|
|
1624
|
-
code: "E_INVALID_SUBJECT",
|
|
1625
|
-
message: `Subject mismatch: expected "${subjectUri}", got "${claims.sub ?? "undefined"}"`
|
|
1626
|
-
};
|
|
1627
|
-
}
|
|
1628
|
-
return {
|
|
1629
|
-
valid: true,
|
|
1630
|
-
variant: "attestation",
|
|
1631
|
-
claims,
|
|
1632
|
-
kid: result.header.kid,
|
|
1633
|
-
wireVersion: "0.1",
|
|
1634
|
-
warnings: [],
|
|
1635
|
-
policy_binding: "unavailable"
|
|
1636
|
-
};
|
|
1637
|
-
}
|
|
1549
|
+
return {
|
|
1550
|
+
valid: false,
|
|
1551
|
+
code: "E_UNSUPPORTED_WIRE_VERSION",
|
|
1552
|
+
message: "Wire 0.1 receipts are not supported. Re-issue as Wire 0.2 using issueWire02()."
|
|
1553
|
+
};
|
|
1638
1554
|
} catch (err) {
|
|
1639
1555
|
if (isCryptoError(err)) {
|
|
1640
1556
|
if (Object.prototype.hasOwnProperty.call(JOSE_CODE_MAP, err.code)) {
|
|
@@ -1683,10 +1599,10 @@ async function verifyLocal(jws, publicKey, options = {}) {
|
|
|
1683
1599
|
}
|
|
1684
1600
|
}
|
|
1685
1601
|
function isCommerceResult(r) {
|
|
1686
|
-
return
|
|
1602
|
+
return false;
|
|
1687
1603
|
}
|
|
1688
1604
|
function isAttestationResult(r) {
|
|
1689
|
-
return
|
|
1605
|
+
return false;
|
|
1690
1606
|
}
|
|
1691
1607
|
function isWire02Result(r) {
|
|
1692
1608
|
return r.valid === true && r.variant === "wire-02";
|