@sd-jwt/core 0.19.1-next.5 → 0.19.1-next.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +5 -7
- package/dist/index.d.mts +343 -16
- package/dist/index.d.ts +343 -16
- package/dist/index.js +644 -142
- package/dist/index.mjs +585 -127
- package/package.json +4 -7
- package/src/decode/decode.ts +366 -0
- package/src/decode/index.ts +1 -0
- package/src/decoy.ts +2 -2
- package/src/flattenJSON.ts +3 -3
- package/src/generalJSON.ts +3 -3
- package/src/index.ts +39 -25
- package/src/jwt.ts +10 -15
- package/src/kbjwt.ts +5 -6
- package/src/present/index.ts +1 -0
- package/src/present/present.ts +210 -0
- package/src/sdjwt.ts +11 -10
- package/src/test/decode/decode.spec.ts +202 -0
- package/src/test/decoy.spec.ts +2 -2
- package/src/test/generalJSON.spec.ts +1 -1
- package/src/test/index.spec.ts +2 -2
- package/src/test/jwt.spec.ts +7 -13
- package/src/test/kbjwt.spec.ts +5 -5
- package/src/test/present/present.spec.ts +305 -0
- package/src/test/sdjwt.spec.ts +4 -4
- package/src/test/types/type.spec.ts +88 -0
- package/src/test/utils/base64url.spec.ts +33 -0
- package/src/test/utils/disclosure.spec.ts +170 -0
- package/src/test/utils/error.spec.ts +15 -0
- package/src/types/index.ts +2 -0
- package/src/types/type.ts +249 -0
- package/src/types/verification-error.ts +55 -0
- package/src/utils/base64url.ts +6 -0
- package/src/utils/disclosure.ts +98 -0
- package/src/utils/error.ts +25 -0
- package/src/utils/index.ts +3 -0
- package/test/app-e2e.spec.ts +8 -8
- package/test/rfc9901-validation.spec.ts +150 -0
- package/CHANGELOG.md +0 -240
package/dist/index.d.ts
CHANGED
|
@@ -1,6 +1,224 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
1
|
+
export { base64UrlToUint8Array, base64urlDecode, base64urlEncode, uint8ArrayToBase64Url } from '@owf/identity-common';
|
|
2
|
+
|
|
3
|
+
declare const SD_SEPARATOR = "~";
|
|
4
|
+
declare const SD_LIST_KEY = "...";
|
|
5
|
+
declare const SD_DIGEST = "_sd";
|
|
6
|
+
declare const SD_DECOY = "_sd_decoy";
|
|
7
|
+
declare const KB_JWT_TYP = "kb+jwt";
|
|
8
|
+
type SDJWTCompact = string;
|
|
9
|
+
type Base64urlString = string;
|
|
10
|
+
type DisclosureData<T> = [string, string, T] | [string, T];
|
|
11
|
+
declare const IANA_HASH_ALGORITHMS: readonly ["sha-256", "sha-256-128", "sha-256-120", "sha-256-96", "sha-256-64", "sha-256-32", "sha-384", "sha-512", "sha3-224", "sha3-256", "sha3-384", "sha3-512", "blake2s-256", "blake2b-256", "blake2b-512", "k12-256", "k12-512"];
|
|
12
|
+
type HashAlgorithm = (typeof IANA_HASH_ALGORITHMS)[number];
|
|
13
|
+
type SDJWTConfig<T = unknown> = {
|
|
14
|
+
omitTyp?: boolean;
|
|
15
|
+
hasher?: Hasher;
|
|
16
|
+
hashAlg?: HashAlgorithm;
|
|
17
|
+
saltGenerator?: SaltGenerator;
|
|
18
|
+
signer?: Signer;
|
|
19
|
+
signAlg?: string;
|
|
20
|
+
verifier?: Verifier<T>;
|
|
21
|
+
kbSigner?: Signer;
|
|
22
|
+
kbSignAlg?: string;
|
|
23
|
+
kbVerifier?: KbVerifier;
|
|
24
|
+
};
|
|
25
|
+
type kbHeader = {
|
|
26
|
+
typ: 'kb+jwt';
|
|
27
|
+
alg: string;
|
|
28
|
+
};
|
|
29
|
+
type kbPayload = {
|
|
30
|
+
iat: number;
|
|
31
|
+
aud: string;
|
|
32
|
+
nonce: string;
|
|
33
|
+
sd_hash: string;
|
|
34
|
+
};
|
|
35
|
+
type KBOptions = {
|
|
36
|
+
payload: Omit<kbPayload, 'sd_hash'>;
|
|
37
|
+
};
|
|
38
|
+
interface RsaOtherPrimesInfo {
|
|
39
|
+
d?: string;
|
|
40
|
+
r?: string;
|
|
41
|
+
t?: string;
|
|
42
|
+
}
|
|
43
|
+
interface JsonWebKey {
|
|
44
|
+
alg?: string;
|
|
45
|
+
crv?: string;
|
|
46
|
+
d?: string;
|
|
47
|
+
dp?: string;
|
|
48
|
+
dq?: string;
|
|
49
|
+
e?: string;
|
|
50
|
+
ext?: boolean;
|
|
51
|
+
k?: string;
|
|
52
|
+
key_ops?: string[];
|
|
53
|
+
kty?: string;
|
|
54
|
+
n?: string;
|
|
55
|
+
oth?: RsaOtherPrimesInfo[];
|
|
56
|
+
p?: string;
|
|
57
|
+
q?: string;
|
|
58
|
+
qi?: string;
|
|
59
|
+
use?: string;
|
|
60
|
+
x?: string;
|
|
61
|
+
y?: string;
|
|
62
|
+
}
|
|
63
|
+
interface JwtPayload {
|
|
64
|
+
cnf?: {
|
|
65
|
+
jwk: JsonWebKey;
|
|
66
|
+
};
|
|
67
|
+
exp?: number;
|
|
68
|
+
[key: string]: unknown;
|
|
69
|
+
}
|
|
70
|
+
type OrPromise<T> = T | Promise<T>;
|
|
71
|
+
type Signer = (data: string) => OrPromise<string>;
|
|
72
|
+
type Verifier<T = unknown> = (data: string, sig: string, options?: T) => OrPromise<boolean>;
|
|
73
|
+
type KbVerifier = (data: string, sig: string, payload: JwtPayload) => OrPromise<boolean>;
|
|
74
|
+
type Hasher = (data: string | ArrayBuffer, alg: string) => OrPromise<Uint8Array>;
|
|
75
|
+
type SaltGenerator = (length: number) => OrPromise<string>;
|
|
76
|
+
type HasherAndAlg = {
|
|
77
|
+
hasher: Hasher;
|
|
78
|
+
alg: string;
|
|
79
|
+
};
|
|
80
|
+
type SignerSync = (data: string) => string;
|
|
81
|
+
type VerifierSync = (data: string, sig: string) => boolean;
|
|
82
|
+
type HasherSync = (data: string, alg: string) => Uint8Array;
|
|
83
|
+
type SaltGeneratorSync = (length: number) => string;
|
|
84
|
+
type HasherAndAlgSync = {
|
|
85
|
+
hasher: HasherSync;
|
|
86
|
+
alg: string;
|
|
87
|
+
};
|
|
88
|
+
type NonNever<T> = {
|
|
89
|
+
[P in keyof T as T[P] extends never ? never : P]: T[P];
|
|
90
|
+
};
|
|
91
|
+
type SD<Payload> = {
|
|
92
|
+
[SD_DIGEST]?: Array<keyof Payload>;
|
|
93
|
+
};
|
|
94
|
+
type DECOY = {
|
|
95
|
+
[SD_DECOY]?: number;
|
|
96
|
+
};
|
|
97
|
+
/**
|
|
98
|
+
* This is a disclosureFrame type that is used to represent the structure of what is being disclosed.
|
|
99
|
+
* DisclosureFrame is made from the payload type.
|
|
100
|
+
*
|
|
101
|
+
* For example, if the payload is
|
|
102
|
+
* {
|
|
103
|
+
* foo: 'bar',
|
|
104
|
+
* test: {
|
|
105
|
+
* zzz: 'yyy',
|
|
106
|
+
* }
|
|
107
|
+
* arr: ['1', '2', {a: 'b'}]
|
|
108
|
+
* }
|
|
109
|
+
*
|
|
110
|
+
* The disclosureFrame can be subset of:
|
|
111
|
+
* {
|
|
112
|
+
* _sd: ["foo", "test", "arr"],
|
|
113
|
+
* test: {
|
|
114
|
+
* _sd: ["zzz"],
|
|
115
|
+
* },
|
|
116
|
+
* arr: {
|
|
117
|
+
* _sd: ["0", "1", "2"],
|
|
118
|
+
* "2": {
|
|
119
|
+
* _sd: ["a"],
|
|
120
|
+
* }
|
|
121
|
+
* }
|
|
122
|
+
* }
|
|
123
|
+
*
|
|
124
|
+
* The disclosureFrame can be used with decoy.
|
|
125
|
+
* Decoy can be used like this:
|
|
126
|
+
* {
|
|
127
|
+
* ...
|
|
128
|
+
* _sd: ...
|
|
129
|
+
* _sd_decoy: 1 // number of decoy in this layer
|
|
130
|
+
* }
|
|
131
|
+
*
|
|
132
|
+
*/
|
|
133
|
+
type Frame<Payload> = Payload extends Array<infer U> ? U extends object ? Record<number, Frame<U>> & SD<Payload> & DECOY : SD<Payload> & DECOY : Payload extends Record<string, unknown> ? NonNever<{
|
|
134
|
+
[K in keyof Payload]?: NonNullable<Payload[K]> extends object ? Frame<Payload[K]> : never;
|
|
135
|
+
} & SD<Payload> & DECOY> : SD<Payload> & DECOY;
|
|
136
|
+
/**
|
|
137
|
+
* This is a disclosureFrame type that is used to represent the structure of what is being disclosed.
|
|
138
|
+
*/
|
|
139
|
+
type Extensible = Record<string, unknown | boolean>;
|
|
140
|
+
type DisclosureFrame<T extends Extensible> = Frame<T>;
|
|
141
|
+
/**
|
|
142
|
+
* This is a presentationFrame type that is used to represent the structure of what is being presented.
|
|
143
|
+
* PresentationFrame is made from the payload type.
|
|
144
|
+
* const claims = {
|
|
145
|
+
firstname: 'John',
|
|
146
|
+
lastname: 'Doe',
|
|
147
|
+
ssn: '123-45-6789',
|
|
148
|
+
id: '1234',
|
|
149
|
+
data: {
|
|
150
|
+
firstname: 'John',
|
|
151
|
+
lastname: 'Doe',
|
|
152
|
+
ssn: '123-45-6789',
|
|
153
|
+
list: [{ r: 'd' }, 'b', 'c'],
|
|
154
|
+
list2: ['1', '2', '3'],
|
|
155
|
+
list3: ['1', null, 2],
|
|
156
|
+
},
|
|
157
|
+
data2: {
|
|
158
|
+
hi: 'bye',
|
|
159
|
+
},
|
|
160
|
+
};
|
|
161
|
+
|
|
162
|
+
Example of a presentationFrame:
|
|
163
|
+
const presentationFrame: PresentationFrame<typeof claims> = {
|
|
164
|
+
firstname: true,
|
|
165
|
+
lastname: true,
|
|
166
|
+
ssn: true,
|
|
167
|
+
id: 'true',
|
|
168
|
+
data: {
|
|
169
|
+
firstname: true,
|
|
170
|
+
list: {
|
|
171
|
+
1: true,
|
|
172
|
+
0: {
|
|
173
|
+
r: true,
|
|
174
|
+
},
|
|
175
|
+
},
|
|
176
|
+
list2: {
|
|
177
|
+
1: true,
|
|
178
|
+
},
|
|
179
|
+
list3: true,
|
|
180
|
+
},
|
|
181
|
+
data2: true,
|
|
182
|
+
};
|
|
183
|
+
*/
|
|
184
|
+
type PFrame<Payload> = Payload extends Array<infer U> ? U extends object ? Record<number, PFrame<U> | boolean> | boolean : Record<number, boolean> | boolean : {
|
|
185
|
+
[K in keyof Payload]?: NonNullable<Payload[K]> extends object ? PFrame<Payload[K]> | boolean : boolean;
|
|
186
|
+
};
|
|
187
|
+
type PresentationFrame<T extends Extensible> = PFrame<T>;
|
|
188
|
+
|
|
189
|
+
/**
|
|
190
|
+
* Error codes for SD-JWT verification errors.
|
|
191
|
+
*/
|
|
192
|
+
type VerificationErrorCode = 'HASHER_NOT_FOUND' | 'VERIFIER_NOT_FOUND' | 'INVALID_SD_JWT' | 'INVALID_JWT_FORMAT' | 'JWT_NOT_YET_VALID' | 'JWT_EXPIRED' | 'INVALID_JWT_SIGNATURE' | 'MISSING_REQUIRED_CLAIMS' | 'KEY_BINDING_JWT_MISSING' | 'KEY_BINDING_VERIFIER_NOT_FOUND' | 'KEY_BINDING_SIGNATURE_INVALID' | 'KEY_BINDING_SD_HASH_INVALID' | 'STATUS_VERIFICATION_FAILED' | 'STATUS_INVALID' | 'VCT_VERIFICATION_FAILED' | 'UNKNOWN_ERROR';
|
|
193
|
+
/**
|
|
194
|
+
* Represents a single verification error.
|
|
195
|
+
*/
|
|
196
|
+
type VerificationError = {
|
|
197
|
+
/**
|
|
198
|
+
* The error code identifying the type of error.
|
|
199
|
+
*/
|
|
200
|
+
code: VerificationErrorCode;
|
|
201
|
+
/**
|
|
202
|
+
* Human-readable error message.
|
|
203
|
+
*/
|
|
204
|
+
message: string;
|
|
205
|
+
/**
|
|
206
|
+
* Optional additional details about the error.
|
|
207
|
+
*/
|
|
208
|
+
details?: unknown;
|
|
209
|
+
};
|
|
210
|
+
/**
|
|
211
|
+
* Result type for safe verification that collects all errors.
|
|
212
|
+
*/
|
|
213
|
+
type SafeVerifyResult<T> = {
|
|
214
|
+
success: true;
|
|
215
|
+
data: T;
|
|
216
|
+
errors?: never;
|
|
217
|
+
} | {
|
|
218
|
+
success: false;
|
|
219
|
+
data?: never;
|
|
220
|
+
errors: VerificationError[];
|
|
221
|
+
};
|
|
4
222
|
|
|
5
223
|
type FlattenJSONData = {
|
|
6
224
|
jwtData: {
|
|
@@ -156,7 +374,7 @@ declare class Jwt<Header extends Record<string, unknown> = Record<string, unknow
|
|
|
156
374
|
declare class KBJwt<Header extends kbHeader = kbHeader, Payload extends kbPayload = kbPayload> extends Jwt<Header, Payload> {
|
|
157
375
|
verifyKB(values: {
|
|
158
376
|
verifier: KbVerifier;
|
|
159
|
-
payload:
|
|
377
|
+
payload: Record<string, unknown>;
|
|
160
378
|
nonce: string;
|
|
161
379
|
}): Promise<{
|
|
162
380
|
payload: Payload;
|
|
@@ -165,6 +383,38 @@ declare class KBJwt<Header extends kbHeader = kbHeader, Payload extends kbPayloa
|
|
|
165
383
|
static fromKBEncode<Header extends kbHeader = kbHeader, Payload extends kbPayload = kbPayload>(encodedJwt: string): KBJwt<Header, Payload>;
|
|
166
384
|
}
|
|
167
385
|
|
|
386
|
+
declare class Disclosure<T = unknown> {
|
|
387
|
+
salt: string;
|
|
388
|
+
key?: string;
|
|
389
|
+
value: T;
|
|
390
|
+
_digest: string | undefined;
|
|
391
|
+
private _encoded;
|
|
392
|
+
constructor(data: DisclosureData<T>, _meta?: {
|
|
393
|
+
digest: string;
|
|
394
|
+
encoded: string;
|
|
395
|
+
});
|
|
396
|
+
static fromEncode<T>(s: string, hash: HasherAndAlg): Promise<Disclosure<T>>;
|
|
397
|
+
static fromEncodeSync<T>(s: string, hash: HasherAndAlgSync): Disclosure<T>;
|
|
398
|
+
static fromArray<T>(item: DisclosureData<T>, _meta?: {
|
|
399
|
+
digest: string;
|
|
400
|
+
encoded: string;
|
|
401
|
+
}): Disclosure<T>;
|
|
402
|
+
encode(): string;
|
|
403
|
+
decode(): DisclosureData<T>;
|
|
404
|
+
digest(hash: HasherAndAlg): Promise<string>;
|
|
405
|
+
digestSync(hash: HasherAndAlgSync): string;
|
|
406
|
+
}
|
|
407
|
+
|
|
408
|
+
declare class SDJWTException extends Error {
|
|
409
|
+
details?: unknown;
|
|
410
|
+
constructor(message: string, details?: unknown);
|
|
411
|
+
getFullMessage(): string;
|
|
412
|
+
}
|
|
413
|
+
/**
|
|
414
|
+
* Narrows an unknown caught value to an Error instance.
|
|
415
|
+
*/
|
|
416
|
+
declare function ensureError(value: unknown): Error;
|
|
417
|
+
|
|
168
418
|
type SDJwtData<Header extends Record<string, unknown>, Payload extends Record<string, unknown>, KBHeader extends kbHeader = kbHeader, KBPayload extends kbPayload = kbPayload> = {
|
|
169
419
|
jwt?: Jwt<Header, Payload>;
|
|
170
420
|
disclosures?: Array<Disclosure>;
|
|
@@ -195,8 +445,85 @@ declare const pack: <T extends Record<string, unknown>>(claims: T, disclosureFra
|
|
|
195
445
|
disclosures: Array<Disclosure>;
|
|
196
446
|
}>;
|
|
197
447
|
|
|
448
|
+
declare const decodeJwt: <H extends Record<string, unknown>, T extends Record<string, unknown>>(jwt: string) => {
|
|
449
|
+
header: H;
|
|
450
|
+
payload: T;
|
|
451
|
+
signature: string;
|
|
452
|
+
};
|
|
453
|
+
declare const splitSdJwt: (sdjwt: string) => {
|
|
454
|
+
jwt: string;
|
|
455
|
+
disclosures: string[];
|
|
456
|
+
kbJwt?: string;
|
|
457
|
+
};
|
|
458
|
+
declare const decodeSdJwt: (sdjwt: string, hasher: Hasher) => Promise<DecodedSDJwt>;
|
|
459
|
+
declare const decodeSdJwtSync: (sdjwt: string, hasher: HasherSync) => DecodedSDJwt;
|
|
460
|
+
declare const getClaims: <T = Record<string, unknown>>(rawPayload: Record<string, unknown>, disclosures: Array<Disclosure>, hasher: Hasher) => Promise<T>;
|
|
461
|
+
declare const getClaimsSync: <T = Record<string, unknown>>(rawPayload: Record<string, unknown>, disclosures: Array<Disclosure>, hasher: HasherSync) => T;
|
|
462
|
+
declare const unpackObj: (obj: unknown, map: Record<string, Disclosure>) => {
|
|
463
|
+
unpackedObj: unknown;
|
|
464
|
+
disclosureKeymap: Record<string, string>;
|
|
465
|
+
};
|
|
466
|
+
declare const createHashMapping: (disclosures: Array<Disclosure>, hash: HasherAndAlg) => Promise<Record<string, Disclosure<unknown>>>;
|
|
467
|
+
declare const createHashMappingSync: (disclosures: Array<Disclosure>, hash: HasherAndAlgSync) => Record<string, Disclosure<unknown>>;
|
|
468
|
+
declare const getSDAlgAndPayload: (SdJwtPayload: Record<string, unknown>) => {
|
|
469
|
+
_sd_alg: string;
|
|
470
|
+
payload: {
|
|
471
|
+
[x: string]: unknown;
|
|
472
|
+
};
|
|
473
|
+
};
|
|
474
|
+
declare const unpack: (SdJwtPayload: Record<string, unknown>, disclosures: Array<Disclosure>, hasher: Hasher) => Promise<{
|
|
475
|
+
unpackedObj: unknown;
|
|
476
|
+
disclosureKeymap: Record<string, string>;
|
|
477
|
+
}>;
|
|
478
|
+
declare const unpackSync: (SdJwtPayload: Record<string, unknown>, disclosures: Array<Disclosure>, hasher: HasherSync) => {
|
|
479
|
+
unpackedObj: unknown;
|
|
480
|
+
disclosureKeymap: Record<string, string>;
|
|
481
|
+
};
|
|
482
|
+
type DecodedSDJwt = {
|
|
483
|
+
jwt: {
|
|
484
|
+
header: Record<string, unknown>;
|
|
485
|
+
payload: Record<string, unknown>;
|
|
486
|
+
signature: string;
|
|
487
|
+
};
|
|
488
|
+
disclosures: Array<Disclosure>;
|
|
489
|
+
kbJwt?: {
|
|
490
|
+
header: Record<string, unknown>;
|
|
491
|
+
payload: Record<string, unknown>;
|
|
492
|
+
signature: string;
|
|
493
|
+
};
|
|
494
|
+
};
|
|
495
|
+
|
|
198
496
|
declare const createDecoy: (hash: HasherAndAlg, saltGenerator: SaltGenerator) => Promise<string>;
|
|
199
497
|
|
|
498
|
+
declare const presentableKeys: (rawPayload: Record<string, unknown>, disclosures: Array<Disclosure>, hasher: Hasher) => Promise<string[]>;
|
|
499
|
+
declare const presentableKeysSync: (rawPayload: Record<string, unknown>, disclosures: Array<Disclosure>, hasher: HasherSync) => string[];
|
|
500
|
+
declare const present: <T extends Record<string, unknown>>(sdJwt: string, presentFrame: PresentationFrame<T>, hasher: Hasher) => Promise<string>;
|
|
501
|
+
declare const presentSync: <T extends Record<string, unknown>>(sdJwt: string, presentFrame: PresentationFrame<T>, hasher: HasherSync) => string;
|
|
502
|
+
/**
|
|
503
|
+
* Transform the object keys into an array of strings. We are not sorting the array in any way.
|
|
504
|
+
* @param obj The object to transform
|
|
505
|
+
* @param prefix The prefix to add to the keys
|
|
506
|
+
* @returns
|
|
507
|
+
*/
|
|
508
|
+
declare const transformPresentationFrame: (obj: PresentationFrame<Extensible>, prefix?: string) => string[];
|
|
509
|
+
type SerializedDisclosure = {
|
|
510
|
+
digest: string;
|
|
511
|
+
encoded: string;
|
|
512
|
+
salt: string;
|
|
513
|
+
key: string | undefined;
|
|
514
|
+
value: unknown;
|
|
515
|
+
};
|
|
516
|
+
declare const createHashMappingForSerializedDisclosure: (disclosures: SerializedDisclosure[]) => Record<string, Disclosure<unknown>>;
|
|
517
|
+
/**
|
|
518
|
+
* This function selects the serialized disclosures from the payload
|
|
519
|
+
* and array of serialized disclosure based on the presentation frame.
|
|
520
|
+
* If you want to know what is serialized disclosures, check type SerializedDisclosure.
|
|
521
|
+
* @param payload: Record<string, unknown>
|
|
522
|
+
* @param disclosures: SerializedDisclosure[]
|
|
523
|
+
* @param presentationFrame: PresentationFrame<T>
|
|
524
|
+
*/
|
|
525
|
+
declare const selectDisclosures: <T extends Record<string, unknown>>(payload: Record<string, unknown>, disclosures: SerializedDisclosure[], presentationFrame: PresentationFrame<T>) => SerializedDisclosure[];
|
|
526
|
+
|
|
200
527
|
type SdJwtPayload = Record<string, unknown>;
|
|
201
528
|
declare class SDJwtInstance<ExtendedPayload extends SdJwtPayload, T = unknown> {
|
|
202
529
|
protected type?: string;
|
|
@@ -219,15 +546,15 @@ declare class SDJwtInstance<ExtendedPayload extends SdJwtPayload, T = unknown> {
|
|
|
219
546
|
kb?: KBOptions;
|
|
220
547
|
}): Promise<SDJWTCompact>;
|
|
221
548
|
verify(encodedSDJwt: string, options?: T & VerifierOptions): Promise<{
|
|
222
|
-
payload:
|
|
549
|
+
payload: ExtendedPayload;
|
|
223
550
|
header: Record<string, unknown> | undefined;
|
|
224
551
|
kb?: undefined;
|
|
225
552
|
} | {
|
|
226
|
-
payload:
|
|
553
|
+
payload: ExtendedPayload;
|
|
227
554
|
header: Record<string, unknown> | undefined;
|
|
228
555
|
kb: {
|
|
229
|
-
payload:
|
|
230
|
-
header:
|
|
556
|
+
payload: kbPayload;
|
|
557
|
+
header: kbHeader;
|
|
231
558
|
};
|
|
232
559
|
}>;
|
|
233
560
|
/**
|
|
@@ -255,12 +582,12 @@ declare class SDJwtInstance<ExtendedPayload extends SdJwtPayload, T = unknown> {
|
|
|
255
582
|
* @returns
|
|
256
583
|
*/
|
|
257
584
|
validate(encodedSDJwt: string, options?: T & VerifierOptions): Promise<{
|
|
258
|
-
payload:
|
|
585
|
+
payload: ExtendedPayload;
|
|
259
586
|
header: Record<string, unknown> | undefined;
|
|
260
587
|
}>;
|
|
261
588
|
config(newConfig: SDJWTConfig): void;
|
|
262
589
|
encode(sdJwt: SDJwt): SDJWTCompact;
|
|
263
|
-
decode(endcodedSDJwt: SDJWTCompact): Promise<SDJwt<Record<string, unknown>, Record<string, unknown>,
|
|
590
|
+
decode(endcodedSDJwt: SDJWTCompact): Promise<SDJwt<Record<string, unknown>, Record<string, unknown>, kbHeader, kbPayload>>;
|
|
264
591
|
keys(endcodedSDJwt: SDJWTCompact): Promise<string[]>;
|
|
265
592
|
presentableKeys(endcodedSDJwt: SDJWTCompact): Promise<string[]>;
|
|
266
593
|
getClaims(endcodedSDJwt: SDJWTCompact): Promise<unknown>;
|
|
@@ -292,20 +619,20 @@ declare class SDJwtGeneralJSONInstance<ExtendedPayload extends SdJwtPayload> {
|
|
|
292
619
|
kb?: KBOptions;
|
|
293
620
|
}): Promise<GeneralJSON>;
|
|
294
621
|
verify(generalJSON: GeneralJSON, options?: VerifierOptions): Promise<{
|
|
295
|
-
payload:
|
|
622
|
+
payload: ExtendedPayload;
|
|
296
623
|
headers: any[];
|
|
297
624
|
kb?: undefined;
|
|
298
625
|
} | {
|
|
299
|
-
payload:
|
|
626
|
+
payload: ExtendedPayload;
|
|
300
627
|
headers: any[];
|
|
301
628
|
kb: {
|
|
302
|
-
payload:
|
|
303
|
-
header:
|
|
629
|
+
payload: kbPayload;
|
|
630
|
+
header: kbHeader;
|
|
304
631
|
};
|
|
305
632
|
}>;
|
|
306
633
|
private calculateSDHash;
|
|
307
634
|
validate(generalJSON: GeneralJSON): Promise<{
|
|
308
|
-
payload:
|
|
635
|
+
payload: ExtendedPayload;
|
|
309
636
|
headers: any[];
|
|
310
637
|
}>;
|
|
311
638
|
config(newConfig: SDJWTConfig): void;
|
|
@@ -316,4 +643,4 @@ declare class SDJwtGeneralJSONInstance<ExtendedPayload extends SdJwtPayload> {
|
|
|
316
643
|
getClaims(generalSdjwt: GeneralJSON): Promise<unknown>;
|
|
317
644
|
}
|
|
318
645
|
|
|
319
|
-
export { FlattenJSON, type FlattenJSONData, type FlattenJSONSerialized, GeneralJSON, type GeneralJSONData, type GeneralJSONSerialized, Jwt, type JwtData, KBJwt, SDJwt, type SDJwtData, SDJwtGeneralJSONInstance, SDJwtInstance, type SdJwtPayload, type VerifierOptions, createDecoy, listKeys, pack };
|
|
646
|
+
export { type Base64urlString, type DECOY, type DecodedSDJwt, Disclosure, type DisclosureData, type DisclosureFrame, type Extensible, FlattenJSON, type FlattenJSONData, type FlattenJSONSerialized, GeneralJSON, type GeneralJSONData, type GeneralJSONSerialized, type HashAlgorithm, type Hasher, type HasherAndAlg, type HasherAndAlgSync, type HasherSync, IANA_HASH_ALGORITHMS, Jwt, type JwtData, type JwtPayload, KBJwt, type KBOptions, KB_JWT_TYP, type KbVerifier, type OrPromise, type PresentationFrame, type SD, type SDJWTCompact, type SDJWTConfig, SDJWTException, SDJwt, type SDJwtData, SDJwtGeneralJSONInstance, SDJwtInstance, SD_DECOY, SD_DIGEST, SD_LIST_KEY, SD_SEPARATOR, type SafeVerifyResult, type SaltGenerator, type SaltGeneratorSync, type SdJwtPayload, type SerializedDisclosure, type Signer, type SignerSync, type VerificationError, type VerificationErrorCode, type Verifier, type VerifierOptions, type VerifierSync, createDecoy, createHashMapping, createHashMappingForSerializedDisclosure, createHashMappingSync, decodeJwt, decodeSdJwt, decodeSdJwtSync, ensureError, getClaims, getClaimsSync, getSDAlgAndPayload, type kbHeader, type kbPayload, listKeys, pack, present, presentSync, presentableKeys, presentableKeysSync, selectDisclosures, splitSdJwt, transformPresentationFrame, unpack, unpackObj, unpackSync };
|