@sd-jwt/sd-jwt-vc 0.19.1-next.8 → 0.20.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +28 -0
- package/dist/index.d.mts +3 -2
- package/dist/index.d.ts +3 -2
- package/dist/index.js +8 -2
- package/dist/index.mjs +8 -2
- package/package.json +3 -3
- package/src/sd-jwt-vc-instance.ts +11 -5
- package/src/test/index.spec.ts +19 -1
package/CHANGELOG.md
ADDED
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
# Change Log
|
|
2
|
+
|
|
3
|
+
All notable changes to this project will be documented in this file.
|
|
4
|
+
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
|
|
5
|
+
|
|
6
|
+
# [0.20.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.1.0...v0.20.0) (2026-06-29)
|
|
7
|
+
|
|
8
|
+
|
|
9
|
+
### Features
|
|
10
|
+
|
|
11
|
+
* version fixing to current 0.19.0 ([#382](https://github.com/openwallet-foundation/sd-jwt-js/issues/382)) ([d88c631](https://github.com/openwallet-foundation/sd-jwt-js/commit/d88c631fe4c3cefcbc96f268cb9d340296facbba))
|
|
12
|
+
|
|
13
|
+
|
|
14
|
+
|
|
15
|
+
|
|
16
|
+
|
|
17
|
+
# [0.1.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.19.0...v0.1.0) (2026-06-29)
|
|
18
|
+
|
|
19
|
+
|
|
20
|
+
### Bug Fixes
|
|
21
|
+
|
|
22
|
+
* **core:** reject tampered/unreferenced disclosures and reserved claims ([#380](https://github.com/openwallet-foundation/sd-jwt-js/issues/380)) ([3d8a72a](https://github.com/openwallet-foundation/sd-jwt-js/commit/3d8a72a0a279d67439db038c9c2b52621568b866))
|
|
23
|
+
* **sd-jwt-vc:** config param type override in SDJwtVcInstance ([#379](https://github.com/openwallet-foundation/sd-jwt-js/issues/379)) ([fe18c35](https://github.com/openwallet-foundation/sd-jwt-js/commit/fe18c3572055c3307d05f43f738c1d3c3f15de38))
|
|
24
|
+
|
|
25
|
+
|
|
26
|
+
### Features
|
|
27
|
+
|
|
28
|
+
* allow disabling status verification ([#381](https://github.com/openwallet-foundation/sd-jwt-js/issues/381)) ([c9d73e4](https://github.com/openwallet-foundation/sd-jwt-js/commit/c9d73e4db2a925e5096988fffe7eded62db1b6a7))
|
package/dist/index.d.mts
CHANGED
|
@@ -986,10 +986,10 @@ declare class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
|
|
|
986
986
|
protected userConfig: SDJWTVCConfig;
|
|
987
987
|
constructor(userConfig?: SDJWTVCConfig);
|
|
988
988
|
/**
|
|
989
|
-
* Validates if the
|
|
989
|
+
* Validates if the disclosure frame attempts to selectively disclose protected SD-JWT-VC claims.
|
|
990
990
|
* @param disclosureFrame
|
|
991
991
|
*/
|
|
992
|
-
protected
|
|
992
|
+
protected validateDisclosureFrame(disclosureFrame?: DisclosureFrame<SdJwtVcPayload>): void;
|
|
993
993
|
/**
|
|
994
994
|
* Fetches the status list from the uri with a timeout of 10 seconds.
|
|
995
995
|
* @param uri The URI to fetch from.
|
|
@@ -1100,6 +1100,7 @@ declare class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
|
|
|
1100
1100
|
* @param options
|
|
1101
1101
|
*/
|
|
1102
1102
|
private verifyStatus;
|
|
1103
|
+
config(newConfig: SDJWTVCConfig): void;
|
|
1103
1104
|
}
|
|
1104
1105
|
|
|
1105
1106
|
export { type BackgroundImage, BackgroundImageSchema, type Claim, type ClaimDisplay, ClaimDisplaySchema, type ClaimPath, ClaimPathSchema, ClaimSchema, type ClaimSelectiveDisclosure, ClaimSelectiveDisclosureSchema, ColorSchemeSchema, ContrastSchema, type Display, DisplaySchema, type Logo, LogoSchema, OrientationSchema, type Rendering, RenderingSchema, type ResolvedTypeMetadata, type SDJWTVCConfig, type SDJWTVCStatusReference, SDJwtVcInstance, type SdJwtVcPayload, type SimpleRendering, SimpleRenderingSchema, type StatusListFetcher, type StatusValidator, type SvgTemplateProperties, SvgTemplatePropertiesSchema, type SvgTemplateRendering, SvgTemplateRenderingSchema, type TypeMetadataFormat, TypeMetadataFormatSchema, type VCTFetcher, type VerificationResult };
|
package/dist/index.d.ts
CHANGED
|
@@ -986,10 +986,10 @@ declare class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
|
|
|
986
986
|
protected userConfig: SDJWTVCConfig;
|
|
987
987
|
constructor(userConfig?: SDJWTVCConfig);
|
|
988
988
|
/**
|
|
989
|
-
* Validates if the
|
|
989
|
+
* Validates if the disclosure frame attempts to selectively disclose protected SD-JWT-VC claims.
|
|
990
990
|
* @param disclosureFrame
|
|
991
991
|
*/
|
|
992
|
-
protected
|
|
992
|
+
protected validateDisclosureFrame(disclosureFrame?: DisclosureFrame<SdJwtVcPayload>): void;
|
|
993
993
|
/**
|
|
994
994
|
* Fetches the status list from the uri with a timeout of 10 seconds.
|
|
995
995
|
* @param uri The URI to fetch from.
|
|
@@ -1100,6 +1100,7 @@ declare class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
|
|
|
1100
1100
|
* @param options
|
|
1101
1101
|
*/
|
|
1102
1102
|
private verifyStatus;
|
|
1103
|
+
config(newConfig: SDJWTVCConfig): void;
|
|
1103
1104
|
}
|
|
1104
1105
|
|
|
1105
1106
|
export { type BackgroundImage, BackgroundImageSchema, type Claim, type ClaimDisplay, ClaimDisplaySchema, type ClaimPath, ClaimPathSchema, ClaimSchema, type ClaimSelectiveDisclosure, ClaimSelectiveDisclosureSchema, ColorSchemeSchema, ContrastSchema, type Display, DisplaySchema, type Logo, LogoSchema, OrientationSchema, type Rendering, RenderingSchema, type ResolvedTypeMetadata, type SDJWTVCConfig, type SDJWTVCStatusReference, SDJwtVcInstance, type SdJwtVcPayload, type SimpleRendering, SimpleRenderingSchema, type StatusListFetcher, type StatusValidator, type SvgTemplateProperties, SvgTemplatePropertiesSchema, type SvgTemplateRendering, SvgTemplateRenderingSchema, type TypeMetadataFormat, TypeMetadataFormatSchema, type VCTFetcher, type VerificationResult };
|
package/dist/index.js
CHANGED
|
@@ -280,10 +280,10 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends import_core.SDJwtInstance {
|
|
|
280
280
|
}
|
|
281
281
|
}
|
|
282
282
|
/**
|
|
283
|
-
* Validates if the
|
|
283
|
+
* Validates if the disclosure frame attempts to selectively disclose protected SD-JWT-VC claims.
|
|
284
284
|
* @param disclosureFrame
|
|
285
285
|
*/
|
|
286
|
-
|
|
286
|
+
validateDisclosureFrame(disclosureFrame) {
|
|
287
287
|
if ((disclosureFrame == null ? void 0 : disclosureFrame._sd) && Array.isArray(disclosureFrame._sd) && disclosureFrame._sd.length > 0) {
|
|
288
288
|
const reservedNames = ["iss", "nbf", "exp", "cnf", "vct", "status"];
|
|
289
289
|
const reservedNamesInDisclosureFrame = disclosureFrame._sd.filter(
|
|
@@ -716,6 +716,9 @@ ${import_zod2.default.prettifyError(validated.error)}`
|
|
|
716
716
|
verifyStatus(result, options) {
|
|
717
717
|
return __async(this, null, function* () {
|
|
718
718
|
var _a, _b, _c;
|
|
719
|
+
if (options == null ? void 0 : options.disableStatusVerification) {
|
|
720
|
+
return;
|
|
721
|
+
}
|
|
719
722
|
if (result.payload.status) {
|
|
720
723
|
if (result.payload.status.status_list) {
|
|
721
724
|
const fetcher = (_a = this.userConfig.statusListFetcher) != null ? _a : this.statusListFetcher.bind(this);
|
|
@@ -745,6 +748,9 @@ ${import_zod2.default.prettifyError(validated.error)}`
|
|
|
745
748
|
}
|
|
746
749
|
});
|
|
747
750
|
}
|
|
751
|
+
config(newConfig) {
|
|
752
|
+
super.config(newConfig);
|
|
753
|
+
}
|
|
748
754
|
};
|
|
749
755
|
// Annotate the CommonJS export names for ESM import in node:
|
|
750
756
|
0 && (module.exports = {
|
package/dist/index.mjs
CHANGED
|
@@ -242,10 +242,10 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends SDJwtInstance {
|
|
|
242
242
|
}
|
|
243
243
|
}
|
|
244
244
|
/**
|
|
245
|
-
* Validates if the
|
|
245
|
+
* Validates if the disclosure frame attempts to selectively disclose protected SD-JWT-VC claims.
|
|
246
246
|
* @param disclosureFrame
|
|
247
247
|
*/
|
|
248
|
-
|
|
248
|
+
validateDisclosureFrame(disclosureFrame) {
|
|
249
249
|
if ((disclosureFrame == null ? void 0 : disclosureFrame._sd) && Array.isArray(disclosureFrame._sd) && disclosureFrame._sd.length > 0) {
|
|
250
250
|
const reservedNames = ["iss", "nbf", "exp", "cnf", "vct", "status"];
|
|
251
251
|
const reservedNamesInDisclosureFrame = disclosureFrame._sd.filter(
|
|
@@ -678,6 +678,9 @@ ${z2.prettifyError(validated.error)}`
|
|
|
678
678
|
verifyStatus(result, options) {
|
|
679
679
|
return __async(this, null, function* () {
|
|
680
680
|
var _a, _b, _c;
|
|
681
|
+
if (options == null ? void 0 : options.disableStatusVerification) {
|
|
682
|
+
return;
|
|
683
|
+
}
|
|
681
684
|
if (result.payload.status) {
|
|
682
685
|
if (result.payload.status.status_list) {
|
|
683
686
|
const fetcher = (_a = this.userConfig.statusListFetcher) != null ? _a : this.statusListFetcher.bind(this);
|
|
@@ -707,6 +710,9 @@ ${z2.prettifyError(validated.error)}`
|
|
|
707
710
|
}
|
|
708
711
|
});
|
|
709
712
|
}
|
|
713
|
+
config(newConfig) {
|
|
714
|
+
super.config(newConfig);
|
|
715
|
+
}
|
|
710
716
|
};
|
|
711
717
|
export {
|
|
712
718
|
BackgroundImageSchema,
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@sd-jwt/sd-jwt-vc",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.20.0",
|
|
4
4
|
"description": "sd-jwt draft 7 implementation in typescript",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"module": "dist/index.mjs",
|
|
@@ -39,7 +39,7 @@
|
|
|
39
39
|
"license": "Apache-2.0",
|
|
40
40
|
"dependencies": {
|
|
41
41
|
"@owf/token-status-list": "^0.1.0-alpha-20260312123226",
|
|
42
|
-
"@sd-jwt/core": "0.
|
|
42
|
+
"@sd-jwt/core": "0.20.0",
|
|
43
43
|
"zod": "^4.3.5"
|
|
44
44
|
},
|
|
45
45
|
"devDependencies": {
|
|
@@ -63,5 +63,5 @@
|
|
|
63
63
|
"esm"
|
|
64
64
|
]
|
|
65
65
|
},
|
|
66
|
-
"gitHead": "
|
|
66
|
+
"gitHead": "af170ace9b42984f8c6447caf23256fde6204b31"
|
|
67
67
|
}
|
|
@@ -48,20 +48,18 @@ export class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
|
|
|
48
48
|
}
|
|
49
49
|
|
|
50
50
|
/**
|
|
51
|
-
* Validates if the
|
|
51
|
+
* Validates if the disclosure frame attempts to selectively disclose protected SD-JWT-VC claims.
|
|
52
52
|
* @param disclosureFrame
|
|
53
53
|
*/
|
|
54
|
-
protected
|
|
55
|
-
disclosureFrame
|
|
54
|
+
protected validateDisclosureFrame(
|
|
55
|
+
disclosureFrame?: DisclosureFrame<SdJwtVcPayload>,
|
|
56
56
|
): void {
|
|
57
|
-
//validate disclosureFrame according to https://www.ietf.org/archive/id/draft-ietf-oauth-sd-jwt-vc-08.html#section-3.2.2.2
|
|
58
57
|
if (
|
|
59
58
|
disclosureFrame?._sd &&
|
|
60
59
|
Array.isArray(disclosureFrame._sd) &&
|
|
61
60
|
disclosureFrame._sd.length > 0
|
|
62
61
|
) {
|
|
63
62
|
const reservedNames = ['iss', 'nbf', 'exp', 'cnf', 'vct', 'status'];
|
|
64
|
-
// check if there is any reserved names in the disclosureFrame._sd array
|
|
65
63
|
const reservedNamesInDisclosureFrame = disclosureFrame._sd.filter((key) =>
|
|
66
64
|
reservedNames.includes(String(key)),
|
|
67
65
|
);
|
|
@@ -625,6 +623,10 @@ export class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
|
|
|
625
623
|
result: VerificationResult,
|
|
626
624
|
options?: VerifierOptions,
|
|
627
625
|
): Promise<void> {
|
|
626
|
+
if (options?.disableStatusVerification) {
|
|
627
|
+
return;
|
|
628
|
+
}
|
|
629
|
+
|
|
628
630
|
if (result.payload.status) {
|
|
629
631
|
//checks if a status field is present in the payload based on https://www.ietf.org/archive/id/draft-ietf-oauth-status-list-02.html
|
|
630
632
|
if (result.payload.status.status_list) {
|
|
@@ -670,4 +672,8 @@ export class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
|
|
|
670
672
|
}
|
|
671
673
|
}
|
|
672
674
|
}
|
|
675
|
+
|
|
676
|
+
public config(newConfig: SDJWTVCConfig) {
|
|
677
|
+
super.config(newConfig);
|
|
678
|
+
}
|
|
673
679
|
}
|
package/src/test/index.spec.ts
CHANGED
|
@@ -120,7 +120,7 @@ describe('Revocation', () => {
|
|
|
120
120
|
},
|
|
121
121
|
});
|
|
122
122
|
|
|
123
|
-
test('Test with a non
|
|
123
|
+
test('Test with a non revoked credential', async () => {
|
|
124
124
|
const claims = {
|
|
125
125
|
firstname: 'John',
|
|
126
126
|
status: {
|
|
@@ -152,6 +152,24 @@ describe('Revocation', () => {
|
|
|
152
152
|
await expect(result).rejects.toThrowError('Status is not valid');
|
|
153
153
|
});
|
|
154
154
|
|
|
155
|
+
test('Test with a revoked credential but status verification disabled', async () => {
|
|
156
|
+
const claims = {
|
|
157
|
+
firstname: 'John',
|
|
158
|
+
status: {
|
|
159
|
+
status_list: {
|
|
160
|
+
uri: 'https://example.com/status-list',
|
|
161
|
+
idx: 1,
|
|
162
|
+
},
|
|
163
|
+
},
|
|
164
|
+
};
|
|
165
|
+
const expectedPayload: SdJwtVcPayload = { iat, iss, vct, ...claims };
|
|
166
|
+
const encodedSdjwt = await sdjwt.issue(expectedPayload);
|
|
167
|
+
const result = await sdjwt.verify(encodedSdjwt, {
|
|
168
|
+
disableStatusVerification: true,
|
|
169
|
+
});
|
|
170
|
+
expect(result).toBeDefined();
|
|
171
|
+
});
|
|
172
|
+
|
|
155
173
|
test('test to fetch the statuslist', async () => {
|
|
156
174
|
//TODO: not implemented yet since we need to either mock the fetcher or use a real fetcher
|
|
157
175
|
});
|