@sovrahq/waci 3.4.0

package/dist/utils/index.js

@@ -0,0 +1,356 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __generator = (this && this.__generator) || function (thisArg, body) {
+    var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
+    return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
+    function verb(n) { return function (v) { return step([n, v]); }; }
+    function step(op) {
+        if (f) throw new TypeError("Generator is already executing.");
+        while (g && (g = 0, op[0] && (_ = 0)), _) try {
+            if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
+            if (y = 0, t) op = [op[0] & 2, t.value];
+            switch (op[0]) {
+                case 0: case 1: t = op; break;
+                case 4: _.label++; return { value: op[1], done: false };
+                case 5: _.label++; y = op[1]; op = [0]; continue;
+                case 7: op = _.ops.pop(); _.trys.pop(); continue;
+                default:
+                    if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
+                    if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
+                    if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
+                    if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
+                    if (t[2]) _.ops.pop();
+                    _.trys.pop(); continue;
+            }
+            op = body.call(thisArg, _);
+        } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
+        if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
+    }
+};
+var __asyncValues = (this && this.__asyncValues) || function (o) {
+    if (!Symbol.asyncIterator) throw new TypeError("Symbol.asyncIterator is not defined.");
+    var m = o[Symbol.asyncIterator], i;
+    return m ? m.call(o) : (o = typeof __values === "function" ? __values(o) : o[Symbol.iterator](), i = {}, verb("next"), verb("throw"), verb("return"), i[Symbol.asyncIterator] = function () { return this; }, i);
+    function verb(n) { i[n] = o[n] && function (v) { return new Promise(function (resolve, reject) { v = o[n](v), settle(resolve, reject, v.done, v.value); }); }; }
+    function settle(resolve, reject, d, v) { Promise.resolve(v).then(function(v) { resolve({ value: v, done: d }); }, reject); }
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.validateVcByInputDescriptor = exports.extractExpectedChallenge = exports.verifyPresentation = exports.createUUID = exports.getObjectValues = exports.extractSDJWTClaims = exports.extractClaimKeyFromPath = void 0;
+var UUID = require("uuid");
+var jsonpath = require("jsonpath");
+var jsonschema = require("jsonschema");
+var erros_1 = require("./erros");
+/**
+ * Extract the claim key from a JSONPath expression.
+ * E.g. "$.credentialSubject.name" → "name", "$.type" → "type"
+ */
+var extractClaimKeyFromPath = function (path) {
+    var segments = path.replace(/^\$\.?/, '').split('.');
+    return segments[segments.length - 1];
+};
+exports.extractClaimKeyFromPath = extractClaimKeyFromPath;
+/**
+ * Parse an SD-JWT string and extract the disclosed claim names as a Set.
+ * SD-JWT format: <JWT>~<disclosure1>~<disclosure2>~...~[<KB-JWT>]
+ * Each disclosure is base64url-encoded JSON array: [salt, claimName, claimValue]
+ */
+var extractSDJWTClaims = function (sdJwtString) {
+    var claims = new Set();
+    try {
+        var parts = sdJwtString.split('~');
+        // Skip first part (JWT) and filter out empty strings and potential KB-JWT (has dots)
+        var disclosures = parts.slice(1).filter(function (p) { return p.length > 0; });
+        for (var _i = 0, disclosures_1 = disclosures; _i < disclosures_1.length; _i++) {
+            var disclosure = disclosures_1[_i];
+            // Skip if it looks like a JWT (KB-JWT)
+            if (disclosure.split('.').length === 3)
+                continue;
+            try {
+                // Base64url decode
+                var base64 = disclosure.replace(/-/g, '+').replace(/_/g, '/');
+                while (base64.length % 4 !== 0)
+                    base64 += '=';
+                var decoded = Buffer.from(base64, 'base64').toString('utf-8');
+                var array = JSON.parse(decoded);
+                if (Array.isArray(array) && array.length >= 2) {
+                    claims.add(array[1]); // claimName is second element
+                }
+            }
+            catch (_a) {
+                // Skip malformed disclosures
+            }
+        }
+    }
+    catch (_b) {
+        // Return empty set on any error
+    }
+    return claims;
+};
+exports.extractSDJWTClaims = extractSDJWTClaims;
+var getObjectValues = function (object) {
+    return Object.values(object);
+};
+exports.getObjectValues = getObjectValues;
+exports.createUUID = UUID.v4;
+var verifyPresentation = function (presentationDefinition, credentialApplication, verificationCallback) { return __awaiter(void 0, void 0, void 0, function () {
+    var vcs, _loop_1, _a, _b, _c, state_1, e_1_1, error_1;
+    var _d, e_1, _e, _f;
+    var _g, _h;
+    return __generator(this, function (_j) {
+        switch (_j.label) {
+            case 0:
+                _j.trys.push([0, 14, , 15]);
+                vcs = [];
+                _j.label = 1;
+            case 1:
+                _j.trys.push([1, 7, 8, 13]);
+                _loop_1 = function () {
+                    var inputDescriptor, vcInput, vc, verificationResult_1, disclosedClaims, _i, _k, field, pathKey, _l, _m, field, fieldValue, errors, verificationResult, error;
+                    return __generator(this, function (_o) {
+                        switch (_o.label) {
+                            case 0:
+                                _f = _c.value;
+                                _a = false;
+                                _o.label = 1;
+                            case 1:
+                                _o.trys.push([1, , 5, 6]);
+                                inputDescriptor = _f;
+                                vcInput = credentialApplication.data.json.presentation_submission.descriptor_map.find(function (descriptor) { return inputDescriptor.id === descriptor.id; });
+                                if (!vcInput)
+                                    return [2 /*return*/, { value: new erros_1.InputDescriptorError() }];
+                                vc = jsonpath.query(credentialApplication.data.json, vcInput.path)[0];
+                                vcs.push(vc);
+                                if (!(typeof vc === 'string')) return [3 /*break*/, 3];
+                                return [4 /*yield*/, verificationCallback(vc)];
+                            case 2:
+                                verificationResult_1 = _o.sent();
+                                console.log('---- Verification Result (SD-JWT string) -----', verificationResult_1);
+                                if (!verificationResult_1.result) {
+                                    return [2 /*return*/, { value: {
+                                                result: false,
+                                                error: verificationResult_1.error || ['Credential verification failed'],
+                                                vcs: vcs
+                                            } }];
+                                }
+                                // Validate that required fields from constraints are present in SD-JWT disclosures
+                                if ((_g = inputDescriptor.constraints) === null || _g === void 0 ? void 0 : _g.fields) {
+                                    disclosedClaims = (0, exports.extractSDJWTClaims)(vc);
+                                    for (_i = 0, _k = inputDescriptor.constraints.fields; _i < _k.length; _i++) {
+                                        field = _k[_i];
+                                        pathKey = (0, exports.extractClaimKeyFromPath)(field.path[0]);
+                                        if (!disclosedClaims.has(pathKey)) {
+                                            return [2 /*return*/, { value: {
+                                                        result: false,
+                                                        error: [{ name: 'missing-field', description: "SD-JWT missing required disclosure: ".concat(pathKey) }],
+                                                        vcs: vcs,
+                                                    } }];
+                                        }
+                                    }
+                                }
+                                return [2 /*return*/, "continue"];
+                            case 3:
+                                // Verify fields
+                                for (_l = 0, _m = inputDescriptor.constraints.fields; _l < _m.length; _l++) {
+                                    field = _m[_l];
+                                    fieldValue = (_h = jsonpath.query(vc, field.path[0])) === null || _h === void 0 ? void 0 : _h[0];
+                                    if (!fieldValue) {
+                                        return [2 /*return*/, { value: { result: false, error: [{ name: 'missing-field', description: "Missing required field: ".concat(field.path[0]) }], vcs: vcs } }];
+                                    }
+                                    if (field.filter) {
+                                        errors = jsonschema.validate(fieldValue, field.filter).errors;
+                                        if (errors.length) {
+                                            return [2 /*return*/, { value: { result: false, error: [{ name: 'invalid-field', description: "Field ".concat(field.path[0], " does not match filter") }], vcs: vcs } }];
+                                        }
+                                    }
+                                }
+                                return [4 /*yield*/, verificationCallback(vc)];
+                            case 4:
+                                verificationResult = _o.sent();
+                                console.log('---- Verification Result -----', verificationResult);
+                                if (!verificationResult.result) {
+                                    error = verificationResult.error;
+                                    switch (error.name) {
+                                        case 'did-document-resolution-error':
+                                            // DIDDocumentResolutionError
+                                            console.log("Cannot resolve DID document: ".concat(error.did));
+                                            // Handle DID resolution failure
+                                            break;
+                                        case 'vc-invalid-signature':
+                                            // InvalidSignatureError
+                                            console.log('Invalid signature detected');
+                                            console.log('Description:', error.description);
+                                            // Handle signature validation failure
+                                            break;
+                                        case 'verification-method-not-found':
+                                            // VerificationMethodNotFound
+                                            console.log("Verification method ".concat(error.verificationMethod, " not found in DID Document: ").concat(error.did));
+                                            // Handle missing verification method
+                                            break;
+                                        case 'verification-relationship-invalid':
+                                            // VerificationRelationshipError
+                                            console.log("Verification method ".concat(error.verificationMethod, " is not configured as ").concat(error.expectedVerificationRelationship));
+                                            // Handle incorrect verification relationship
+                                            break;
+                                        case 'unexpected-challenge':
+                                            // UnexpectedChallengeError
+                                            console.log('Unexpected challenge error:', error.errorMessage);
+                                            // Handle challenge validation failure
+                                            break;
+                                        case 'authentication-purpose-challenge-required':
+                                            // AuthenticationPurposeChallengeRequired
+                                            console.log('Authentication purpose requires a challenge');
+                                            // Handle missing challenge for authentication
+                                            break;
+                                        case 'verifiable-credential-revoked':
+                                            // VerifiableCredentialRevoked
+                                            console.log('Credential has been revoked');
+                                            console.log('Revocation details:', error.errors);
+                                            return [2 /*return*/, { value: {
+                                                        result: false,
+                                                        error: verificationResult.error || ['Credential verification failed'],
+                                                        vcs: vcs
+                                                    } }];
+                                            // Handle revoked credential
+                                            break;
+                                        case 'verifiable-credential-suspended':
+                                            // VerifiableCredentialSuspended
+                                            console.log('Credential has been suspended');
+                                            console.log('Suspension details:', error.errors);
+                                            return [2 /*return*/, { value: {
+                                                        result: false,
+                                                        error: verificationResult.error || ['Credential verification failed'],
+                                                        vcs: vcs
+                                                    } }];
+                                            // Handle suspended credential
+                                            break;
+                                        case 'credential-status-service-error':
+                                            // CredentialStatusServiceError
+                                            console.log("Error retrieving credential status from: ".concat(error.endpoint));
+                                            console.log("HTTP Status: ".concat(error.httpStatusResult));
+                                            console.log("Response Data: ".concat(error.dataResult));
+                                            // Handle credential status service failure
+                                            break;
+                                        case 'verifiable-credential-expired':
+                                            // VerifiableCredentialExpired
+                                            console.log('Credential has expired');
+                                            return [2 /*return*/, { value: {
+                                                        result: false,
+                                                        error: verificationResult.error || ['Credential verification failed'],
+                                                        vcs: vcs
+                                                    } }];
+                                            // Handle expired credential
+                                            break;
+                                        case 'unhandled-vc-suite-error':
+                                            // UnhandledVCSuiteError
+                                            console.log('Unhandled VC suite error:', error.messageError);
+                                            // Handle unexpected verification errors
+                                            break;
+                                        default:
+                                            console.log('Unknown error type:', error.name);
+                                            console.log('Error description:', error.description);
+                                            console.log('Error code:', error.code);
+                                        // Handle unknown errors
+                                    }
+                                }
+                                return [3 /*break*/, 6];
+                            case 5:
+                                _a = true;
+                                return [7 /*endfinally*/];
+                            case 6: return [2 /*return*/];
+                        }
+                    });
+                };
+                _a = true, _b = __asyncValues(presentationDefinition.input_descriptors);
+                _j.label = 2;
+            case 2: return [4 /*yield*/, _b.next()];
+            case 3:
+                if (!(_c = _j.sent(), _d = _c.done, !_d)) return [3 /*break*/, 6];
+                return [5 /*yield**/, _loop_1()];
+            case 4:
+                state_1 = _j.sent();
+                if (typeof state_1 === "object")
+                    return [2 /*return*/, state_1.value];
+                _j.label = 5;
+            case 5: return [3 /*break*/, 2];
+            case 6: return [3 /*break*/, 13];
+            case 7:
+                e_1_1 = _j.sent();
+                e_1 = { error: e_1_1 };
+                return [3 /*break*/, 13];
+            case 8:
+                _j.trys.push([8, , 11, 12]);
+                if (!(!_a && !_d && (_e = _b.return))) return [3 /*break*/, 10];
+                return [4 /*yield*/, _e.call(_b)];
+            case 9:
+                _j.sent();
+                _j.label = 10;
+            case 10: return [3 /*break*/, 12];
+            case 11:
+                if (e_1) throw e_1.error;
+                return [7 /*endfinally*/];
+            case 12: return [7 /*endfinally*/];
+            case 13: return [2 /*return*/, {
+                    result: true,
+                    vcs: vcs
+                }];
+            case 14:
+                error_1 = _j.sent();
+                console.error(error_1);
+                return [2 /*return*/, {
+                        result: false,
+                        error: error_1,
+                        vcs: []
+                    }];
+            case 15: return [2 /*return*/];
+        }
+    });
+}); };
+exports.verifyPresentation = verifyPresentation;
+var extractExpectedChallenge = function (presentationDefinitionMessage) {
+    return presentationDefinitionMessage.attachments.find(function (attachment) { var _a, _b, _c; return (_c = (_b = (_a = attachment === null || attachment === void 0 ? void 0 : attachment.data) === null || _a === void 0 ? void 0 : _a.json) === null || _b === void 0 ? void 0 : _b.options) === null || _c === void 0 ? void 0 : _c.challenge; }).data.json.options.challenge;
+};
+exports.extractExpectedChallenge = extractExpectedChallenge;
+var validateVcByInputDescriptor = function (vc, inputDescriptor) {
+    var _a, _b;
+    // SD-JWT: validate disclosed claims against required fields
+    if (typeof vc === 'string') {
+        if (!((_a = inputDescriptor.constraints) === null || _a === void 0 ? void 0 : _a.fields))
+            return true;
+        var disclosedClaims = (0, exports.extractSDJWTClaims)(vc);
+        for (var _i = 0, _c = inputDescriptor.constraints.fields; _i < _c.length; _i++) {
+            var field = _c[_i];
+            var pathKey = (0, exports.extractClaimKeyFromPath)(field.path[0]);
+            if (!disclosedClaims.has(pathKey))
+                return false;
+        }
+        return true;
+    }
+    for (var _d = 0, _e = inputDescriptor.constraints.fields; _d < _e.length; _d++) {
+        var field = _e[_d];
+        var fieldValues = (_b = field.path) === null || _b === void 0 ? void 0 : _b.map(function (path) {
+            return jsonpath.value(vc, path);
+        });
+        for (var _f = 0, fieldValues_1 = fieldValues; _f < fieldValues_1.length; _f++) {
+            var value = fieldValues_1[_f];
+            if (!value)
+                return false;
+            if (field.filter) {
+                var errors = jsonschema.validate(value, field.filter).errors;
+                if (errors.length) {
+                    return false;
+                }
+            }
+        }
+    }
+    return true;
+};
+exports.validateVcByInputDescriptor = validateVcByInputDescriptor;
+//# sourceMappingURL=index.js.map

package/dist/utils/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/utils/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,2BAA6B;AAC7B,mCAAqC;AACrC,uCAAyC;AAQzC,iCAA+C;AAE/C;;;GAGG;AACI,IAAM,uBAAuB,GAAG,UAAC,IAAY;IAClD,IAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACvD,OAAO,QAAQ,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;AACvC,CAAC,CAAC;AAHW,QAAA,uBAAuB,2BAGlC;AAEF;;;;GAIG;AACI,IAAM,kBAAkB,GAAG,UAAC,WAAmB;IACpD,IAAM,MAAM,GAAG,IAAI,GAAG,EAAU,CAAC;IACjC,IAAI;QACF,IAAM,KAAK,GAAG,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACrC,qFAAqF;QACrF,IAAM,WAAW,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,UAAA,CAAC,IAAI,OAAA,CAAC,CAAC,MAAM,GAAG,CAAC,EAAZ,CAAY,CAAC,CAAC;QAC7D,KAAyB,UAAW,EAAX,2BAAW,EAAX,yBAAW,EAAX,IAAW,EAAE;YAAjC,IAAM,UAAU,oBAAA;YACnB,uCAAuC;YACvC,IAAI,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,KAAK,CAAC;gBAAE,SAAS;YACjD,IAAI;gBACF,mBAAmB;gBACnB,IAAI,MAAM,GAAG,UAAU,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;gBAC9D,OAAO,MAAM,CAAC,MAAM,GAAG,CAAC,KAAK,CAAC;oBAAE,MAAM,IAAI,GAAG,CAAC;gBAC9C,IAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;gBAChE,IAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;gBAClC,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,KAAK,CAAC,MAAM,IAAI,CAAC,EAAE;oBAC7C,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,8BAA8B;iBACrD;aACF;YAAC,WAAM;gBACN,6BAA6B;aAC9B;SACF;KACF;IAAC,WAAM;QACN,gCAAgC;KACjC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC,CAAC;AA1BW,QAAA,kBAAkB,sBA0B7B;AAEK,IAAM,eAAe,GAAG,UAAC,MAAW;IACzC,OAAA,MAAM,CAAC,MAAM,CAAS,MAAM,CAAC;AAA7B,CAA6B,CAAC;AADnB,QAAA,eAAe,mBACI;AAEnB,QAAA,UAAU,GAAG,IAAI,CAAC,EAAE,CAAC;AAE3B,IAAM,kBAAkB,GAAG,UAChC,sBAA8C,EAC9C,qBAAqE,EACrE,oBAA0E;;;;;;;;gBAGlE,GAAG,GAAU,EAAE,CAAC;;;;;;;;;gCACc,cAAwC;gCAAxC,WAAwC;;;;gCAA3D,eAAe,KAAA,CAAA;gCAExB,OAAO,GACX,qBAAqB,CAAC,IAAI,CAAC,IAAI,CAAC,uBAAuB,CAAC,cAAc,CAAC,IAAI,CACzE,UAAC,UAAU,IAAK,OAAA,eAAe,CAAC,EAAE,KAAK,UAAU,CAAC,EAAE,EAApC,CAAoC,CACrD,CAAC;gCAEJ,IAAI,CAAC,OAAO;mEAAS,IAAI,4BAAoB,EAAE,IAAC;gCAC1C,EAAE,GAAG,QAAQ,CAAC,KAAK,CACvB,qBAAqB,CAAC,IAAI,CAAC,IAAI,EAC/B,OAAO,CAAC,IAAI,CACb,CAAC,CAAC,CAAC,CAAC;gCAEL,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;qCAGT,CAAA,OAAO,EAAE,KAAK,QAAQ,CAAA,EAAtB,wBAAsB;gCACG,qBAAM,oBAAoB,CAAC,EAAE,CAAC,EAAA;;gCAAnD,uBAAqB,SAA8B;gCACzD,OAAO,CAAC,GAAG,CAAC,gDAAgD,EAAE,oBAAkB,CAAC,CAAC;gCAClF,IAAI,CAAC,oBAAkB,CAAC,MAAM,EAAE;mEACvB;gDACL,MAAM,EAAE,KAAK;gDACb,KAAK,EAAE,oBAAkB,CAAC,KAAK,IAAI,CAAC,gCAAgC,CAAC;gDACrE,GAAG,KAAA;6CACJ;iCACF;gCACD,mFAAmF;gCACnF,IAAI,MAAA,eAAe,CAAC,WAAW,0CAAE,MAAM,EAAE;oCACjC,eAAe,GAAG,IAAA,0BAAkB,EAAC,EAAE,CAAC,CAAC;oCAC/C,WAAsD,EAAlC,KAAA,eAAe,CAAC,WAAW,CAAC,MAAM,EAAlC,cAAkC,EAAlC,IAAkC,EAAE;wCAA7C,KAAK;wCACR,OAAO,GAAG,IAAA,+BAAuB,EAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;wCACvD,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE;2EAC1B;wDACL,MAAM,EAAE,KAAK;wDACb,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,eAAe,EAAE,WAAW,EAAE,8CAAuC,OAAO,CAAE,EAAE,CAAC;wDACjG,GAAG,KAAA;qDACJ;yCACF;qCACF;iCACF;;;gCAIH,gBAAgB;gCAChB,WAAsD,EAAlC,KAAA,eAAe,CAAC,WAAW,CAAC,MAAM,EAAlC,cAAkC,EAAlC,IAAkC,EAAE;oCAA7C,KAAK;oCACR,UAAU,GAAG,MAAA,QAAQ,CAAC,KAAK,CAAC,EAAE,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,0CAAG,CAAC,CAAC,CAAC;oCAC1D,IAAI,CAAC,UAAU,EAAE;uEACR,EAAE,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,eAAe,EAAE,WAAW,EAAE,kCAA2B,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAE,EAAE,CAAC,EAAE,GAAG,KAAA,EAAE;qCAC3H;oCACD,IAAI,KAAK,CAAC,MAAM,EAAE;wCACR,MAAM,GAAK,UAAU,CAAC,QAAQ,CAAC,UAAU,EAAE,KAAK,CAAC,MAAM,CAAC,OAAlD,CAAmD;wCACjE,IAAI,MAAM,CAAC,MAAM,EAAE;2EACV,EAAE,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,eAAe,EAAE,WAAW,EAAE,gBAAS,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,2BAAwB,EAAE,CAAC,EAAE,GAAG,KAAA,EAAE;yCAC/H;qCACF;iCACF;gCAG0B,qBAAM,oBAAoB,CAAC,EAAE,CAAC,EAAA;;gCAAnD,kBAAkB,GAAG,SAA8B;gCACzD,OAAO,CAAC,GAAG,CAAC,gCAAgC,EAAE,kBAAkB,CAAC,CAAC;gCAElE,IAAI,CAAC,kBAAkB,CAAC,MAAM,EAAE;oCACxB,KAAK,GAAG,kBAAkB,CAAC,KAAY,CAAC;oCAC9C,QAAQ,KAAK,CAAC,IAAI,EAAE;wCAClB,KAAK,+BAA+B;4CAClC,6BAA6B;4CAC7B,OAAO,CAAC,GAAG,CAAC,uCAAgC,KAAK,CAAC,GAAG,CAAE,CAAC,CAAC;4CACzD,gCAAgC;4CAChC,MAAM;wCAER,KAAK,sBAAsB;4CACzB,wBAAwB;4CACxB,OAAO,CAAC,GAAG,CAAC,4BAA4B,CAAC,CAAC;4CAC1C,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,KAAK,CAAC,WAAW,CAAC,CAAC;4CAC/C,sCAAsC;4CACtC,MAAM;wCAER,KAAK,+BAA+B;4CAClC,6BAA6B;4CAC7B,OAAO,CAAC,GAAG,CAAC,8BAAuB,KAAK,CAAC,kBAAkB,yCAA+B,KAAK,CAAC,GAAG,CAAE,CAAC,CAAC;4CACvG,qCAAqC;4CACrC,MAAM;wCAER,KAAK,mCAAmC;4CACtC,gCAAgC;4CAChC,OAAO,CAAC,GAAG,CAAC,8BAAuB,KAAK,CAAC,kBAAkB,mCAAyB,KAAK,CAAC,gCAAgC,CAAE,CAAC,CAAC;4CAC9H,6CAA6C;4CAC7C,MAAM;wCAER,KAAK,sBAAsB;4CACzB,2BAA2B;4CAC3B,OAAO,CAAC,GAAG,CAAC,6BAA6B,EAAE,KAAK,CAAC,YAAY,CAAC,CAAC;4CAC/D,sCAAsC;4CACtC,MAAM;wCAER,KAAK,2CAA2C;4CAC9C,yCAAyC;4CACzC,OAAO,CAAC,GAAG,CAAC,6CAA6C,CAAC,CAAC;4CAC3D,8CAA8C;4CAC9C,MAAM;wCAER,KAAK,+BAA+B;4CAClC,8BAA8B;4CAC9B,OAAO,CAAC,GAAG,CAAC,6BAA6B,CAAC,CAAC;4CAC3C,OAAO,CAAC,GAAG,CAAC,qBAAqB,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;2EAC1C;wDACL,MAAM,EAAE,KAAK;wDACb,KAAK,EAAE,kBAAkB,CAAC,KAAK,IAAI,CAAC,gCAAgC,CAAC;wDACrE,GAAG,EAAC,GAAG;qDACR;4CACD,4BAA4B;4CAC5B,MAAM;wCAER,KAAK,iCAAiC;4CACpC,gCAAgC;4CAChC,OAAO,CAAC,GAAG,CAAC,+BAA+B,CAAC,CAAC;4CAC7C,OAAO,CAAC,GAAG,CAAC,qBAAqB,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;2EAC1C;wDACL,MAAM,EAAE,KAAK;wDACb,KAAK,EAAE,kBAAkB,CAAC,KAAK,IAAI,CAAC,gCAAgC,CAAC;wDACrE,GAAG,EAAC,GAAG;qDACR;4CACD,8BAA8B;4CAC9B,MAAM;wCAER,KAAK,iCAAiC;4CACpC,+BAA+B;4CAC/B,OAAO,CAAC,GAAG,CAAC,mDAA4C,KAAK,CAAC,QAAQ,CAAE,CAAC,CAAC;4CAC1E,OAAO,CAAC,GAAG,CAAC,uBAAgB,KAAK,CAAC,gBAAgB,CAAE,CAAC,CAAC;4CACtD,OAAO,CAAC,GAAG,CAAC,yBAAkB,KAAK,CAAC,UAAU,CAAE,CAAC,CAAC;4CAClD,2CAA2C;4CAC3C,MAAM;wCAER,KAAK,+BAA+B;4CAClC,8BAA8B;4CAC9B,OAAO,CAAC,GAAG,CAAC,wBAAwB,CAAC,CAAC;2EAC/B;wDACL,MAAM,EAAE,KAAK;wDACb,KAAK,EAAE,kBAAkB,CAAC,KAAK,IAAI,CAAC,gCAAgC,CAAC;wDACrE,GAAG,EAAC,GAAG;qDACR;4CACD,4BAA4B;4CAC5B,MAAM;wCAER,KAAK,0BAA0B;4CAC7B,wBAAwB;4CACxB,OAAO,CAAC,GAAG,CAAC,2BAA2B,EAAE,KAAK,CAAC,YAAY,CAAC,CAAC;4CAC7D,wCAAwC;4CACxC,MAAM;wCAER;4CACE,OAAO,CAAC,GAAG,CAAC,qBAAqB,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC;4CAC/C,OAAO,CAAC,GAAG,CAAC,oBAAoB,EAAE,KAAK,CAAC,WAAW,CAAC,CAAC;4CACrD,OAAO,CAAC,GAAG,CAAC,aAAa,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC;wCACvC,wBAAwB;qCAC3B;iCACF;;;;;;;;;2BA5JiC,KAAA,cAAA,sBAAsB,CAAC,iBAAiB,CAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;qBA8J5E,sBAAO;oBACL,MAAM,EAAE,IAAI;oBACZ,GAAG,KAAA;iBACJ,EAAC;;;gBAEF,OAAO,CAAC,KAAK,CAAC,OAAK,CAAC,CAAC;gBACrB,sBAAO;wBACL,MAAM,EAAE,KAAK;wBAAE,KAAK,SAAA;wBAAE,GAAG,EAAE,EAAE;qBAC9B,EAAC;;;;KAEL,CAAC;AA/KW,QAAA,kBAAkB,sBA+K7B;AAEK,IAAM,wBAAwB,GAAG,UACtC,6BAA0C;IAE1C,OAAO,6BAA6B,CAAC,WAAW,CAAC,IAAI,CACnD,UAAC,UAAU,oBAAK,OAAA,MAAA,MAAA,MAAA,UAAU,aAAV,UAAU,uBAAV,UAAU,CAAE,IAAI,0CAAE,IAAI,0CAAE,OAAO,0CAAE,SAAS,CAAA,EAAA,CAC3D,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC;AAChC,CAAC,CAAC;AANW,QAAA,wBAAwB,4BAMnC;AAEK,IAAM,2BAA2B,GAAG,UAAC,EAAE,EAAE,eAAe;;IAC7D,4DAA4D;IAC5D,IAAI,OAAO,EAAE,KAAK,QAAQ,EAAE;QAC1B,IAAI,CAAC,CAAA,MAAA,eAAe,CAAC,WAAW,0CAAE,MAAM,CAAA;YAAE,OAAO,IAAI,CAAC;QACtD,IAAM,eAAe,GAAG,IAAA,0BAAkB,EAAC,EAAE,CAAC,CAAC;QAC/C,KAAoB,UAAkC,EAAlC,KAAA,eAAe,CAAC,WAAW,CAAC,MAAM,EAAlC,cAAkC,EAAlC,IAAkC,EAAE;YAAnD,IAAM,KAAK,SAAA;YACd,IAAM,OAAO,GAAG,IAAA,+BAAuB,EAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;YACvD,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,OAAO,CAAC;gBAAE,OAAO,KAAK,CAAC;SACjD;QACD,OAAO,IAAI,CAAC;KACb;IACD,KAAoB,UAAkC,EAAlC,KAAA,eAAe,CAAC,WAAW,CAAC,MAAM,EAAlC,cAAkC,EAAlC,IAAkC,EAAE;QAAnD,IAAM,KAAK,SAAA;QACd,IAAM,WAAW,GAAG,MAAA,KAAK,CAAC,IAAI,0CAAE,GAAG,CAAC,UAAC,IAAI;YACvC,OAAO,QAAQ,CAAC,KAAK,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC;QAClC,CAAC,CAAC,CAAC;QAEH,KAAoB,UAAW,EAAX,2BAAW,EAAX,yBAAW,EAAX,IAAW,EAAE;YAA5B,IAAM,KAAK,oBAAA;YACd,IAAI,CAAC,KAAK;gBAAE,OAAO,KAAK,CAAC;YACzB,IAAI,KAAK,CAAC,MAAM,EAAE;gBACR,IAAA,MAAM,GAAK,UAAU,CAAC,QAAQ,CAAC,KAAK,EAAE,KAAK,CAAC,MAAM,CAAC,OAA7C,CAA8C;gBAC5D,IAAI,MAAM,CAAC,MAAM,EAAE;oBACjB,OAAO,KAAK,CAAC;iBACd;aACF;SACF;KACF;IACD,OAAO,IAAI,CAAC;AACd,CAAC,CAAC;AA3BW,QAAA,2BAA2B,+BA2BtC"}

package/jest.config.json

@@ -0,0 +1,17 @@
+{
+	"moduleFileExtensions": [
+		"js",
+		"json",
+		"ts"
+	],
+	"rootDir": "test",
+	"testRegex": ".*\\.spec\\.ts$",
+	"transform": {
+		"^.+\\.(t|j)s$": "ts-jest"
+	},
+	"collectCoverageFrom": [
+		"**/*.(t|j)s"
+	],
+	"coverageDirectory": "../coverage",
+	"testEnvironment": "node"
+}

package/package.json

@@ -0,0 +1,39 @@
+{
+  "name": "@sovrahq/waci",
+  "version": "3.4.0",
+  "license": "Apache-2.0",
+  "main": "dist/index.js",
+  "typings": "dist/index.d.ts",
+  "scripts": {
+    "build": "tsc --project tsconfig.build.json",
+    "test": "jest --verbose --silent"
+  },
+  "devDependencies": {
+    "@types/base-64": "^1.0.0",
+    "@types/jest": "^27.5.0",
+    "@types/jsonpath": "^0.2.0",
+    "@types/lodash": "^4.14.182",
+    "@types/uuid": "^8.3.4",
+    "@typescript-eslint/eslint-plugin": "^5.0.0",
+    "@typescript-eslint/parser": "^5.0.0",
+    "eslint": "^8.2.0",
+    "eslint-config-airbnb-base": "^15.0.0",
+    "eslint-config-prettier": "^8.3.0",
+    "eslint-plugin-import": "^2.25.2",
+    "eslint-plugin-prettier": "^4.0.0",
+    "eslint-plugin-unused-imports": "^2.0.0",
+    "jest": "^28.0.3",
+    "prettier": "^2.3.2",
+    "ts-jest": "^28.0.1",
+    "typescript": "^4.2.4"
+  },
+  "dependencies": {
+    "jsonpath": "^1.1.1",
+    "jsonschema": "^1.4.1",
+    "lodash": "^4.17.21",
+    "uuid": "^8.3.2"
+  },
+  "publishConfig": {
+    "access": "public"
+  }
+}

package/readme.md

@@ -0,0 +1 @@
+# WACI

package/src/callbacks/index.ts

@@ -0,0 +1,75 @@
+import {
+  CredentialFulfillment,
+  Actor,
+  CredentialManifest,
+  InputDescriptor,
+  PresentationDefinitionFrame,
+  WACIMessage,
+} from '../types';
+import { OfferCredentialMessageParamsBase } from '../handlers/issuance/step-3-propose-credential.handler';
+
+export type Callback<TInput = any, TOutput = any> = (
+  input: TInput,
+) => Promise<TOutput>;
+
+export type InputCallbacks = {
+  [Actor.Holder]?: {
+    getHolderDID: Callback<{ message: WACIMessage }, string>;
+    // Issuance flow
+    getCredentialApplication: Callback<
+      { manifest: CredentialManifest; fulfillment: CredentialFulfillment, message?: WACIMessage },
+      { credentialsToPresent: any[], presentationProofTypes: string[] } | CredentialPresentationResponse
+    >;
+    // Verification flow
+    getCredentialPresentation: Callback<
+      {
+        inputDescriptors: InputDescriptor[],
+        frame?: PresentationDefinitionFrame,
+        message?: WACIMessage
+      },
+      { credentialsToPresent: any[] } | CredentialPresentationResponse
+    >;
+    signPresentation: Callback<{
+      contentToSign: any;
+      challenge: string;
+      domain?: string;
+      message?: WACIMessage;
+    }>;
+    handleCredentialFulfillment: Callback<{ credentialFulfillment: CredentialFulfillment[], message: WACIMessage }, boolean>;
+    handlePresentationAck: Callback<{ status: any, message: WACIMessage }, void>;
+  };
+
+  [Actor.Issuer]?: {
+    getCredentialManifest: Callback<
+      { invitationId: string; holderDid: string, message: WACIMessage },
+      OfferCredentialMessageParamsBase
+    >;
+    signCredential: Callback<{ vc: any, message: WACIMessage }, any>;
+    verifyCredential: Callback<any, { result: boolean; error?: any }>;
+    credentialVerificationResult?: Callback<{ result: boolean; error?: any, thid: string, vcs: any[], message: WACIMessage }, void>;
+    verifyPresentation: Callback<
+      { presentation: any; challenge: string, message?: WACIMessage, holderDid?: string },
+      { result: boolean; error?: any }
+    >;
+    handleIssuanceAck: Callback<{ status: any, from: string, pthid: string, thid: string, message: WACIMessage }, void>;
+  };
+  [Actor.Verifier]?: {
+    getPresentationDefinition: Callback<
+      { invitationId: string },
+      {
+        inputDescriptors: InputDescriptor[],
+        frame?: PresentationDefinitionFrame,
+      }
+    >;
+    credentialVerificationResult?: Callback<{ result: boolean; error?: any, thid: string, vcs: any[], message: WACIMessage }, void>;
+    verifyCredential: Callback<any, { result: boolean; error?: any }>;
+    verifyPresentation: Callback<
+      { presentation: any; challenge: string, message?: WACIMessage, holderDid?: string },
+      { result: boolean; error?: any }
+    >;
+  };
+};
+
+export enum CredentialPresentationResponse {
+  AsyncProcess
+}

package/src/constants/index.ts

@@ -0,0 +1 @@
+export const SUPPORTED_ALGORITHMS = [ 'didcomm/v2', 'didcomm/aip2;env=rfc587' ];

package/src/handlers/common/problem-report.handler.ts

@@ -0,0 +1,15 @@
+import { RegisterHandler } from '../decorators/register-handler.decorator';
+import {
+  WACIMessage,
+  WACIMessageHandler,
+  WACIMessageType,
+  Actor,
+} from '../../types';
+
+@RegisterHandler(Actor.Holder, WACIMessageType.ProblemReport)
+export class ProblemReportHandler implements WACIMessageHandler {
+  async handle(messageThread: WACIMessage[], callbacks: any): Promise<void> {
+    const message = messageThread[messageThread.length - 1];
+    await callbacks[Actor.Holder].handlePresentationAck({ status: message.body, message });
+  }
+}

package/src/handlers/common/step-2-oob-invitation.handler.ts

@@ -0,0 +1,45 @@
+import { RegisterHandler } from '../decorators/register-handler.decorator';
+import {
+  GoalCode,
+  WACIMessage,
+  WACIMessageHandler,
+  WACIMessageHandlerResponse,
+  WACIMessageResponseType,
+  WACIMessageType,
+  Actor,
+} from '../../types';
+import { createUUID } from '../../utils';
+
+@RegisterHandler(Actor.Holder, WACIMessageType.OutOfBandInvitation)
+export class OOBInvitationHandler implements WACIMessageHandler {
+  async handle(
+    messageThread: WACIMessage[],
+    callbacks: any,
+  ): Promise<WACIMessageHandlerResponse> {
+    const message = messageThread[messageThread.length - 1];
+    let responseMessageType: WACIMessageType;
+    switch (message?.body?.goal_code) {
+      case GoalCode.Issuance:
+        responseMessageType = WACIMessageType.ProposeCredential;
+        break;
+      case GoalCode.Presentation:
+        responseMessageType = WACIMessageType.ProposePresentation;
+        break;
+      default:
+        throw Error('No goal code defined in invitation');
+    }
+
+    const holderDID = await callbacks[Actor.Holder].getHolderDID({ message });
+
+    return {
+      responseType: WACIMessageResponseType.CreateThread,
+      message: {
+        type: responseMessageType,
+        id: createUUID(),
+        pthid: message.id,
+        from: holderDID,
+        to: [message.from],
+      },
+    };
+  }
+}

package/src/handlers/decorators/register-handler.decorator.ts

@@ -0,0 +1,10 @@
+import { Actor } from '../../types';
+import { handlers } from '../index';
+
+export const RegisterHandler =
+  (actor : Actor, messageType : any) : any =>
+    (target : new (...args : never[]) => any) => {
+      const actorHandlers = handlers[actor];
+      // eslint-disable-next-line new-cap
+      actorHandlers.set(messageType, new target());
+    };

package/src/handlers/index.ts

@@ -0,0 +1,7 @@
+import { WACIMessageHandler, WACIMessageType, Actor } from '../types';
+
+export const handlers = {
+  [Actor.Holder]: new Map<WACIMessageType, WACIMessageHandler>(),
+  [Actor.Issuer]: new Map<WACIMessageType, WACIMessageHandler>(),
+  [Actor.Verifier]: new Map<WACIMessageType, WACIMessageHandler>(),
+};