@sd-jwt/sd-jwt-vc 0.10.1-next.1 → 0.10.1-next.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/dist/index.d.mts +12 -0
  2. package/dist/index.d.ts +12 -0
  3. package/dist/index.js +35 -6
  4. package/dist/index.mjs +36 -7
  5. package/package.json +7 -7
  6. package/src/sd-jwt-vc-instance.ts +45 -8
  7. package/src/test/vct.spec.ts +24 -0
package/dist/index.d.mts CHANGED
@@ -87,6 +87,12 @@ declare class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
87
87
  * Verifies the SD-JWT-VC. It will validate the signature, the keybindings when required, the status, and the VCT.
88
88
  */
89
89
  verify(encodedSDJwt: string, requiredClaimKeys?: string[], requireKeyBindings?: boolean): Promise<VerificationResult>;
90
+ /**
91
+ * Gets VCT Metadata of the raw SD-JWT-VC. Returns the type metadata format. If the SD-JWT-VC is invalid or does not contain a vct claim, an error is thrown.
92
+ * @param encodedSDJwt
93
+ * @returns
94
+ */
95
+ getVct(encodedSDJwt: string): Promise<TypeMetadataFormat>;
90
96
  /**
91
97
  * Validates the integrity of the response if the integrity is passed. If the integrity does not match, an error is thrown.
92
98
  * @param integrity
@@ -111,6 +117,12 @@ declare class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
111
117
  * @returns
112
118
  */
113
119
  private verifyVct;
120
+ /**
121
+ * Fetches VCT Metadata of the SD-JWT-VC. Returns the type metadata format. If the SD-JWT-VC does not contain a vct claim, an error is thrown.
122
+ * @param result
123
+ * @returns
124
+ */
125
+ private fetchVct;
114
126
  /**
115
127
  * Verifies the status of the SD-JWT-VC.
116
128
  * @param result
package/dist/index.d.ts CHANGED
@@ -87,6 +87,12 @@ declare class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
87
87
  * Verifies the SD-JWT-VC. It will validate the signature, the keybindings when required, the status, and the VCT.
88
88
  */
89
89
  verify(encodedSDJwt: string, requiredClaimKeys?: string[], requireKeyBindings?: boolean): Promise<VerificationResult>;
90
+ /**
91
+ * Gets VCT Metadata of the raw SD-JWT-VC. Returns the type metadata format. If the SD-JWT-VC is invalid or does not contain a vct claim, an error is thrown.
92
+ * @param encodedSDJwt
93
+ * @returns
94
+ */
95
+ getVct(encodedSDJwt: string): Promise<TypeMetadataFormat>;
90
96
  /**
91
97
  * Validates the integrity of the response if the integrity is passed. If the integrity does not match, an error is thrown.
92
98
  * @param integrity
@@ -111,6 +117,12 @@ declare class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
111
117
  * @returns
112
118
  */
113
119
  private verifyVct;
120
+ /**
121
+ * Fetches VCT Metadata of the SD-JWT-VC. Returns the type metadata format. If the SD-JWT-VC does not contain a vct claim, an error is thrown.
122
+ * @param result
123
+ * @returns
124
+ */
125
+ private fetchVct;
114
126
  /**
115
127
  * Verifies the status of the SD-JWT-VC.
116
128
  * @param result
package/dist/index.js CHANGED
@@ -146,6 +146,25 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends import_core.SDJwtInstance {
146
146
  return result;
147
147
  });
148
148
  }
149
+ /**
150
+ * Gets VCT Metadata of the raw SD-JWT-VC. Returns the type metadata format. If the SD-JWT-VC is invalid or does not contain a vct claim, an error is thrown.
151
+ * @param encodedSDJwt
152
+ * @returns
153
+ */
154
+ getVct(encodedSDJwt) {
155
+ return __async(this, null, function* () {
156
+ const { payload, header } = yield import_core.SDJwt.extractJwt(encodedSDJwt);
157
+ if (!payload) {
158
+ throw new import_utils.SDJWTException("JWT payload is missing");
159
+ }
160
+ const result = {
161
+ payload,
162
+ header,
163
+ kb: void 0
164
+ };
165
+ return this.fetchVct(result);
166
+ });
167
+ }
149
168
  /**
150
169
  * Validates the integrity of the response if the integrity is passed. If the integrity does not match, an error is thrown.
151
170
  * @param integrity
@@ -223,12 +242,7 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends import_core.SDJwtInstance {
223
242
  */
224
243
  verifyVct(result) {
225
244
  return __async(this, null, function* () {
226
- var _a;
227
- const fetcher = (_a = this.userConfig.vctFetcher) != null ? _a : (uri, integrity) => this.fetch(uri, integrity);
228
- const typeMetadataFormat = yield fetcher(
229
- result.payload.vct,
230
- result.payload["vct#Integrity"]
231
- );
245
+ const typeMetadataFormat = yield this.fetchVct(result);
232
246
  if (typeMetadataFormat.extends) {
233
247
  }
234
248
  const schema = yield this.loadSchema(typeMetadataFormat);
@@ -259,6 +273,21 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends import_core.SDJwtInstance {
259
273
  return typeMetadataFormat;
260
274
  });
261
275
  }
276
+ /**
277
+ * Fetches VCT Metadata of the SD-JWT-VC. Returns the type metadata format. If the SD-JWT-VC does not contain a vct claim, an error is thrown.
278
+ * @param result
279
+ * @returns
280
+ */
281
+ fetchVct(result) {
282
+ return __async(this, null, function* () {
283
+ var _a;
284
+ if (!result.payload.vct) {
285
+ throw new import_utils.SDJWTException("vct claim is required");
286
+ }
287
+ const fetcher = (_a = this.userConfig.vctFetcher) != null ? _a : (uri, integrity) => this.fetch(uri, integrity);
288
+ return fetcher(result.payload.vct, result.payload["vct#Integrity"]);
289
+ });
290
+ }
262
291
  /**
263
292
  * Verifies the status of the SD-JWT-VC.
264
293
  * @param result
package/dist/index.mjs CHANGED
@@ -23,7 +23,7 @@ var __async = (__this, __arguments, generator) => {
23
23
  };
24
24
 
25
25
  // src/sd-jwt-vc-instance.ts
26
- import { Jwt, SDJwtInstance } from "@sd-jwt/core";
26
+ import { Jwt, SDJwt, SDJwtInstance } from "@sd-jwt/core";
27
27
  import { SDJWTException } from "@sd-jwt/utils";
28
28
  import {
29
29
  getListFromStatusListJWT
@@ -114,6 +114,25 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends SDJwtInstance {
114
114
  return result;
115
115
  });
116
116
  }
117
+ /**
118
+ * Gets VCT Metadata of the raw SD-JWT-VC. Returns the type metadata format. If the SD-JWT-VC is invalid or does not contain a vct claim, an error is thrown.
119
+ * @param encodedSDJwt
120
+ * @returns
121
+ */
122
+ getVct(encodedSDJwt) {
123
+ return __async(this, null, function* () {
124
+ const { payload, header } = yield SDJwt.extractJwt(encodedSDJwt);
125
+ if (!payload) {
126
+ throw new SDJWTException("JWT payload is missing");
127
+ }
128
+ const result = {
129
+ payload,
130
+ header,
131
+ kb: void 0
132
+ };
133
+ return this.fetchVct(result);
134
+ });
135
+ }
117
136
  /**
118
137
  * Validates the integrity of the response if the integrity is passed. If the integrity does not match, an error is thrown.
119
138
  * @param integrity
@@ -191,12 +210,7 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends SDJwtInstance {
191
210
  */
192
211
  verifyVct(result) {
193
212
  return __async(this, null, function* () {
194
- var _a;
195
- const fetcher = (_a = this.userConfig.vctFetcher) != null ? _a : (uri, integrity) => this.fetch(uri, integrity);
196
- const typeMetadataFormat = yield fetcher(
197
- result.payload.vct,
198
- result.payload["vct#Integrity"]
199
- );
213
+ const typeMetadataFormat = yield this.fetchVct(result);
200
214
  if (typeMetadataFormat.extends) {
201
215
  }
202
216
  const schema = yield this.loadSchema(typeMetadataFormat);
@@ -227,6 +241,21 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends SDJwtInstance {
227
241
  return typeMetadataFormat;
228
242
  });
229
243
  }
244
+ /**
245
+ * Fetches VCT Metadata of the SD-JWT-VC. Returns the type metadata format. If the SD-JWT-VC does not contain a vct claim, an error is thrown.
246
+ * @param result
247
+ * @returns
248
+ */
249
+ fetchVct(result) {
250
+ return __async(this, null, function* () {
251
+ var _a;
252
+ if (!result.payload.vct) {
253
+ throw new SDJWTException("vct claim is required");
254
+ }
255
+ const fetcher = (_a = this.userConfig.vctFetcher) != null ? _a : (uri, integrity) => this.fetch(uri, integrity);
256
+ return fetcher(result.payload.vct, result.payload["vct#Integrity"]);
257
+ });
258
+ }
230
259
  /**
231
260
  * Verifies the status of the SD-JWT-VC.
232
261
  * @param result
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@sd-jwt/sd-jwt-vc",
3
- "version": "0.10.1-next.1+d2f2cb5",
3
+ "version": "0.10.1-next.2+bc91fd7",
4
4
  "description": "sd-jwt draft 7 implementation in typescript",
5
5
  "main": "dist/index.js",
6
6
  "module": "dist/index.mjs",
@@ -39,15 +39,15 @@
39
39
  },
40
40
  "license": "Apache-2.0",
41
41
  "dependencies": {
42
- "@sd-jwt/core": "0.10.1-next.1+d2f2cb5",
43
- "@sd-jwt/jwt-status-list": "0.10.1-next.1+d2f2cb5",
44
- "@sd-jwt/utils": "0.10.1-next.1+d2f2cb5",
42
+ "@sd-jwt/core": "0.10.1-next.2+bc91fd7",
43
+ "@sd-jwt/jwt-status-list": "0.10.1-next.2+bc91fd7",
44
+ "@sd-jwt/utils": "0.10.1-next.2+bc91fd7",
45
45
  "ajv": "^8.17.1",
46
46
  "ajv-formats": "^3.0.1"
47
47
  },
48
48
  "devDependencies": {
49
- "@sd-jwt/crypto-nodejs": "0.10.1-next.1+d2f2cb5",
50
- "@sd-jwt/types": "0.10.1-next.1+d2f2cb5",
49
+ "@sd-jwt/crypto-nodejs": "0.10.1-next.2+bc91fd7",
50
+ "@sd-jwt/types": "0.10.1-next.2+bc91fd7",
51
51
  "jose": "^5.2.2",
52
52
  "msw": "^2.3.5"
53
53
  },
@@ -67,5 +67,5 @@
67
67
  "esm"
68
68
  ]
69
69
  },
70
- "gitHead": "d2f2cb5a4d9f40e5d90209f572665a9bf1f0844b"
70
+ "gitHead": "bc91fd71f7d721298ad5c08d4379bc870903f65f"
71
71
  }
package/src/sd-jwt-vc-instance.ts CHANGED
@@ -1,4 +1,4 @@
1
- import { Jwt, SDJwtInstance } from '@sd-jwt/core';
1
+ import { Jwt, SDJwt, SDJwtInstance } from '@sd-jwt/core';
2
2
  import type { DisclosureFrame, Hasher, Verifier } from '@sd-jwt/types';
3
3
  import { SDJWTException } from '@sd-jwt/utils';
4
4
  import type { SdJwtVcPayload } from './sd-jwt-vc-payload';
@@ -130,6 +130,31 @@ export class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
130
130
  return result;
131
131
  }
132
132
 
133
+ /**
134
+ * Gets VCT Metadata of the raw SD-JWT-VC. Returns the type metadata format. If the SD-JWT-VC is invalid or does not contain a vct claim, an error is thrown.
135
+ * @param encodedSDJwt
136
+ * @returns
137
+ */
138
+ async getVct(encodedSDJwt: string): Promise<TypeMetadataFormat> {
139
+ // Call the parent class's verify method
140
+ const { payload, header } = await SDJwt.extractJwt<
141
+ Record<string, unknown>,
142
+ SdJwtVcPayload
143
+ >(encodedSDJwt);
144
+
145
+ if (!payload) {
146
+ throw new SDJWTException('JWT payload is missing');
147
+ }
148
+
149
+ const result: VerificationResult = {
150
+ payload,
151
+ header,
152
+ kb: undefined,
153
+ };
154
+
155
+ return this.fetchVct(result);
156
+ }
157
+
133
158
  /**
134
159
  * Validates the integrity of the response if the integrity is passed. If the integrity does not match, an error is thrown.
135
160
  * @param integrity
@@ -213,13 +238,7 @@ export class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
213
238
  private async verifyVct(
214
239
  result: VerificationResult,
215
240
  ): Promise<TypeMetadataFormat | undefined> {
216
- const fetcher: VcTFetcher =
217
- this.userConfig.vctFetcher ??
218
- ((uri, integrity) => this.fetch(uri, integrity));
219
- const typeMetadataFormat = await fetcher(
220
- result.payload.vct,
221
- result.payload['vct#Integrity'],
222
- );
241
+ const typeMetadataFormat = await this.fetchVct(result);
223
242
 
224
243
  if (typeMetadataFormat.extends) {
225
244
  // implement based on https://www.ietf.org/archive/id/draft-ietf-oauth-sd-jwt-vc-08.html#name-extending-type-metadata
@@ -260,6 +279,24 @@ export class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
260
279
  return typeMetadataFormat;
261
280
  }
262
281
 
282
+ /**
283
+ * Fetches VCT Metadata of the SD-JWT-VC. Returns the type metadata format. If the SD-JWT-VC does not contain a vct claim, an error is thrown.
284
+ * @param result
285
+ * @returns
286
+ */
287
+ private async fetchVct(
288
+ result: VerificationResult,
289
+ ): Promise<TypeMetadataFormat> {
290
+ if (!result.payload.vct) {
291
+ throw new SDJWTException('vct claim is required');
292
+ }
293
+
294
+ const fetcher: VcTFetcher =
295
+ this.userConfig.vctFetcher ??
296
+ ((uri, integrity) => this.fetch(uri, integrity));
297
+ return fetcher(result.payload.vct, result.payload['vct#Integrity']);
298
+ }
299
+
263
300
  /**
264
301
  * Verifies the status of the SD-JWT-VC.
265
302
  * @param result
package/src/test/vct.spec.ts CHANGED
@@ -151,5 +151,29 @@ describe('App', () => {
151
151
  );
152
152
  });
153
153
 
154
+ test('VCT Metadata retrieval', async () => {
155
+ const expectedPayload: SdJwtVcPayload = {
156
+ iat,
157
+ iss,
158
+ vct,
159
+ 'vct#Integrity': vctIntegrity,
160
+ ...claims,
161
+ };
162
+ const encodedSdjwt = await sdjwt.issue(
163
+ expectedPayload,
164
+ disclosureFrame as unknown as DisclosureFrame<SdJwtVcPayload>,
165
+ );
166
+
167
+ const typeMetadataFormat = await sdjwt.getVct(encodedSdjwt);
168
+ expect(typeMetadataFormat).to.deep.eq({
169
+ description: 'An example credential type',
170
+ name: 'ExampleCredentialType',
171
+ schema_uri: 'http://example.com/schema/example',
172
+ 'schema_uri#Integrity':
173
+ 'sha256-48a61b283ded3b55e8d9a9b063327641dc4c53f76bd5daa96c23f232822167ae',
174
+ vct: 'http://example.com/example',
175
+ });
176
+ });
177
+
154
178
  //TODO: we need tests with an embedded schema, extended and maybe also to test the errors when schema information is not available or the integrity is not valid
155
179
  });