@sphereon/did-auth-siop-adapter 0.14.1-next.10

package/LICENSE

@@ -0,0 +1,201 @@
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright [2022] [Sphereon B.V.]
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.

package/README.md

@@ -0,0 +1,13 @@
+<!--suppress HtmlDeprecatedAttribute -->
+<h1 align="center">
+  <br>
+  <a href="https://www.sphereon.com"><img src="https://sphereon.com/content/themes/sphereon/assets/img/logo.svg" alt="Sphereon" width="400"></a>
+  <br><center>Self Issued OpenID Provider (SIOPv2)<br/>
+with OpenID4VP support DID-JWT adapter</center>
+  <br>
+</h1>
+<br>
+
+
+A simple utility library for creating and veryfing did-jwt's with.
+[@spheren/did-auth-siop](https://img.shields.io/npm/v/@sphereon/did-auth-siop.svg)

package/dist/DidJwtAdapter.d.ts

@@ -0,0 +1,17 @@
+import { JwtHeader, JwtIssuerWithContext, JwtPayload } from '@sphereon/did-auth-siop';
+import { JwtVerifier } from '@sphereon/did-auth-siop/dist/types/JwtVerifier';
+import { Resolvable } from 'did-resolver';
+import { ExternalSignature, ExternalVerification, InternalSignature, InternalVerification, SuppliedSignature } from './types';
+export declare const verfiyDidJwtAdapter: (jwtVerifier: JwtVerifier, jwt: {
+    header: JwtHeader;
+    payload: JwtPayload;
+    raw: string;
+}, options: {
+    verification: InternalVerification | ExternalVerification;
+    resolver: Resolvable;
+}) => Promise<boolean>;
+export declare const createDidJwtAdapter: (signature: InternalSignature | ExternalSignature | SuppliedSignature, jwtIssuer: JwtIssuerWithContext, jwt: {
+    header: JwtHeader;
+    payload: JwtPayload;
+}) => Promise<string>;
+//# sourceMappingURL=DidJwtAdapter.d.ts.map

package/dist/DidJwtAdapter.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"DidJwtAdapter.d.ts","sourceRoot":"","sources":["../lib/DidJwtAdapter.ts"],"names":[],"mappings":"AAAA,OAAO,EAGL,SAAS,EACT,oBAAoB,EACpB,UAAU,EAEX,MAAM,yBAAyB,CAAA;AAChC,OAAO,EAAE,WAAW,EAAE,MAAM,gDAAgD,CAAA;AAC5E,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAA;AAGzC,OAAO,EAAqB,iBAAiB,EAAE,oBAAoB,EAAE,iBAAiB,EAAE,oBAAoB,EAAE,iBAAiB,EAAE,MAAM,SAAS,CAAA;AAEhJ,eAAO,MAAM,mBAAmB,gBACjB,WAAW,OACnB;IAAE,MAAM,EAAE,SAAS,CAAC;IAAC,OAAO,EAAE,UAAU,CAAC;IAAC,GAAG,EAAE,MAAM,CAAA;CAAE,WACnD;IACP,YAAY,EAAE,oBAAoB,GAAG,oBAAoB,CAAA;IACzD,QAAQ,EAAE,UAAU,CAAA;CACrB,KACA,QAAQ,OAAO,CA4BjB,CAAA;AAED,eAAO,MAAM,mBAAmB,cACnB,iBAAiB,GAAG,iBAAiB,GAAG,iBAAiB,aACzD,oBAAoB,OAC1B;IAAE,MAAM,EAAE,SAAS,CAAC;IAAC,OAAO,EAAE,UAAU,CAAA;CAAE,KAC9C,QAAQ,MAAM,CAWhB,CAAA"}

package/dist/DidJwtAdapter.js

@@ -0,0 +1,57 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createDidJwtAdapter = exports.verfiyDidJwtAdapter = void 0;
+const did_1 = require("./did");
+const types_1 = require("./types");
+const verfiyDidJwtAdapter = (jwtVerifier, jwt, options) => __awaiter(void 0, void 0, void 0, function* () {
+    var _a, _b, _c, _d, _e, _f, _g, _h, _j, _k, _l;
+    if (jwtVerifier.method === 'did') {
+        const audience = (_d = (_c = (_b = (_a = options === null || options === void 0 ? void 0 : options.verification) === null || _a === void 0 ? void 0 : _a.resolveOpts) === null || _b === void 0 ? void 0 : _b.jwtVerifyOpts) === null || _c === void 0 ? void 0 : _c.audience) !== null && _d !== void 0 ? _d : (0, did_1.getAudience)(jwt.raw);
+        yield (0, did_1.verifyDidJWT)(jwt.raw, options.resolver, Object.assign(Object.assign({}, (_f = (_e = options.verification) === null || _e === void 0 ? void 0 : _e.resolveOpts) === null || _f === void 0 ? void 0 : _f.jwtVerifyOpts), { audience }));
+        if (jwtVerifier.type === 'request-object' && ((_g = jwt.payload.client_id) === null || _g === void 0 ? void 0 : _g.startsWith('did:'))) {
+            const authorizationRequestPayload = jwt.payload;
+            if (((_h = options.verification) === null || _h === void 0 ? void 0 : _h.checkLinkedDomain) && options.verification.checkLinkedDomain != types_1.CheckLinkedDomain.NEVER) {
+                yield (0, did_1.validateLinkedDomainWithDid)(authorizationRequestPayload.client_id, options.verification);
+            }
+            else if (!((_j = options.verification) === null || _j === void 0 ? void 0 : _j.checkLinkedDomain) && options.verification.wellknownDIDVerifyCallback) {
+                yield (0, did_1.validateLinkedDomainWithDid)(authorizationRequestPayload.client_id, options.verification);
+            }
+        }
+        if (jwtVerifier.type === 'id-token') {
+            const issuerDid = (0, did_1.getSubDidFromPayload)(jwt.payload);
+            if (((_k = options.verification) === null || _k === void 0 ? void 0 : _k.checkLinkedDomain) && options.verification.checkLinkedDomain != types_1.CheckLinkedDomain.NEVER) {
+                yield (0, did_1.validateLinkedDomainWithDid)(issuerDid, options.verification);
+            }
+            else if (!((_l = options.verification) === null || _l === void 0 ? void 0 : _l.checkLinkedDomain) && options.verification.wellknownDIDVerifyCallback) {
+                yield (0, did_1.validateLinkedDomainWithDid)(issuerDid, options.verification);
+            }
+        }
+        return true;
+    }
+    throw new Error('Invalid use of the did-auth-siop create jwt adapter');
+});
+exports.verfiyDidJwtAdapter = verfiyDidJwtAdapter;
+const createDidJwtAdapter = (signature, jwtIssuer, jwt) => __awaiter(void 0, void 0, void 0, function* () {
+    if (jwtIssuer.method === 'did') {
+        const issuer = jwtIssuer.didUrl.split('#')[0];
+        jwt.payload.issuer = issuer;
+        if (jwtIssuer.type === 'request-object') {
+            return yield (0, did_1.signRequestObjectPayload)(jwt.payload, signature);
+        }
+        else if (jwtIssuer.type === 'id-token') {
+            return yield (0, did_1.signIDTokenPayload)(jwt.payload, signature);
+        }
+    }
+    throw new Error('Invalid use of the did-auth-siop create jwt adapter');
+});
+exports.createDidJwtAdapter = createDidJwtAdapter;
+//# sourceMappingURL=DidJwtAdapter.js.map

package/dist/DidJwtAdapter.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"DidJwtAdapter.js","sourceRoot":"","sources":["../lib/DidJwtAdapter.ts"],"names":[],"mappings":";;;;;;;;;;;;AAWA,+BAAkJ;AAClJ,mCAAgJ;AAEzI,MAAM,mBAAmB,GAAG,CACjC,WAAwB,EACxB,GAA4D,EAC5D,OAGC,EACiB,EAAE;;IACpB,IAAI,WAAW,CAAC,MAAM,KAAK,KAAK,EAAE,CAAC;QACjC,MAAM,QAAQ,GAAG,MAAA,MAAA,MAAA,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,YAAY,0CAAE,WAAW,0CAAE,aAAa,0CAAE,QAAQ,mCAAI,IAAA,iBAAW,EAAC,GAAG,CAAC,GAAG,CAAC,CAAA;QAEpG,MAAM,IAAA,kBAAY,EAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,QAAQ,kCAAO,MAAA,MAAA,OAAO,CAAC,YAAY,0CAAE,WAAW,0CAAE,aAAa,KAAE,QAAQ,IAAG,CAAA;QAEhH,IAAI,WAAW,CAAC,IAAI,KAAK,gBAAgB,KAAI,MAAC,GAAG,CAAC,OAA+C,CAAC,SAAS,0CAAE,UAAU,CAAC,MAAM,CAAC,CAAA,EAAE,CAAC;YAChI,MAAM,2BAA2B,GAAG,GAAG,CAAC,OAAsC,CAAA;YAC9E,IAAI,CAAA,MAAA,OAAO,CAAC,YAAY,0CAAE,iBAAiB,KAAI,OAAO,CAAC,YAAY,CAAC,iBAAiB,IAAI,yBAAiB,CAAC,KAAK,EAAE,CAAC;gBACjH,MAAM,IAAA,iCAA2B,EAAC,2BAA2B,CAAC,SAAS,EAAE,OAAO,CAAC,YAAY,CAAC,CAAA;YAChG,CAAC;iBAAM,IAAI,CAAC,CAAA,MAAA,OAAO,CAAC,YAAY,0CAAE,iBAAiB,CAAA,IAAI,OAAO,CAAC,YAAY,CAAC,0BAA0B,EAAE,CAAC;gBACvG,MAAM,IAAA,iCAA2B,EAAC,2BAA2B,CAAC,SAAS,EAAE,OAAO,CAAC,YAAY,CAAC,CAAA;YAChG,CAAC;QACH,CAAC;QAED,IAAI,WAAW,CAAC,IAAI,KAAK,UAAU,EAAE,CAAC;YACpC,MAAM,SAAS,GAAG,IAAA,0BAAoB,EAAC,GAAG,CAAC,OAAO,CAAC,CAAA;YACnD,IAAI,CAAA,MAAA,OAAO,CAAC,YAAY,0CAAE,iBAAiB,KAAI,OAAO,CAAC,YAAY,CAAC,iBAAiB,IAAI,yBAAiB,CAAC,KAAK,EAAE,CAAC;gBACjH,MAAM,IAAA,iCAA2B,EAAC,SAAS,EAAE,OAAO,CAAC,YAAY,CAAC,CAAA;YACpE,CAAC;iBAAM,IAAI,CAAC,CAAA,MAAA,OAAO,CAAC,YAAY,0CAAE,iBAAiB,CAAA,IAAI,OAAO,CAAC,YAAY,CAAC,0BAA0B,EAAE,CAAC;gBACvG,MAAM,IAAA,iCAA2B,EAAC,SAAS,EAAE,OAAO,CAAC,YAAY,CAAC,CAAA;YACpE,CAAC;QACH,CAAC;QAED,OAAO,IAAI,CAAA;IACb,CAAC;IAED,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAA;AACxE,CAAC,CAAA,CAAA;AAnCY,QAAA,mBAAmB,uBAmC/B;AAEM,MAAM,mBAAmB,GAAG,CACjC,SAAoE,EACpE,SAA+B,EAC/B,GAA+C,EAC9B,EAAE;IACnB,IAAI,SAAS,CAAC,MAAM,KAAK,KAAK,EAAE,CAAC;QAC/B,MAAM,MAAM,GAAG,SAAS,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAA;QAC7C,GAAG,CAAC,OAAO,CAAC,MAAM,GAAG,MAAM,CAAA;QAC3B,IAAI,SAAS,CAAC,IAAI,KAAK,gBAAgB,EAAE,CAAC;YACxC,OAAO,MAAM,IAAA,8BAAwB,EAAC,GAAG,CAAC,OAA+B,EAAE,SAAS,CAAC,CAAA;QACvF,CAAC;aAAM,IAAI,SAAS,CAAC,IAAI,KAAK,UAAU,EAAE,CAAC;YACzC,OAAO,MAAM,IAAA,wBAAkB,EAAC,GAAG,CAAC,OAAyB,EAAE,SAAS,CAAC,CAAA;QAC3E,CAAC;IACH,CAAC;IACD,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAA;AACxE,CAAC,CAAA,CAAA;AAfY,QAAA,mBAAmB,uBAe/B"}

package/dist/did/DIDResolution.d.ts

@@ -0,0 +1,18 @@
+import { Resolvable } from 'did-resolver';
+import { DIDDocument, ResolveOpts } from '../types';
+export declare function getResolver(opts: ResolveOpts): Resolvable;
+/**
+ * This method returns a resolver object in OP/RP
+ * If the user of this library, configures OP/RP to have a customResolver, we will use that
+ * If the user of this library configures OP/RP to use a custom resolver for any specific did method, we will use that
+ * and in the end for the rest of the did methods, configured either with calling `addDidMethod` upon building OP/RP
+ * (without any resolver configuration) or declaring in the subject_syntax_types_supported of the registration object
+ * we will use universal resolver from Sphereon's DID Universal Resolver library
+ * @param customResolver
+ * @param subjectSyntaxTypesSupported
+ * @param resolverMap
+ */
+export declare function getResolverUnion(customResolver: Resolvable, subjectSyntaxTypesSupported: string[] | string, resolverMap: Map<string, Resolvable>): Resolvable;
+export declare function mergeAllDidMethods(subjectSyntaxTypesSupported: string | string[], resolvers: Map<string, Resolvable>): string[];
+export declare function resolveDidDocument(did: string, opts?: ResolveOpts): Promise<DIDDocument>;
+//# sourceMappingURL=DIDResolution.d.ts.map

package/dist/did/DIDResolution.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"DIDResolution.d.ts","sourceRoot":"","sources":["../../lib/did/DIDResolution.ts"],"names":[],"mappings":"AAEA,OAAO,EAAwD,UAAU,EAAY,MAAM,cAAc,CAAA;AAEzG,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,UAAU,CAAA;AAInD,wBAAgB,WAAW,CAAC,IAAI,EAAE,WAAW,GAAG,UAAU,CAoCzD;AAED;;;;;;;;;;GAUG;AACH,wBAAgB,gBAAgB,CAC9B,cAAc,EAAE,UAAU,EAC1B,2BAA2B,EAAE,MAAM,EAAE,GAAG,MAAM,EAC9C,WAAW,EAAE,GAAG,CAAC,MAAM,EAAE,UAAU,CAAC,GACnC,UAAU,CA8BZ;AAED,wBAAgB,kBAAkB,CAAC,2BAA2B,EAAE,MAAM,GAAG,MAAM,EAAE,EAAE,SAAS,EAAE,GAAG,CAAC,MAAM,EAAE,UAAU,CAAC,GAAG,MAAM,EAAE,CAQ/H;AAED,wBAAsB,kBAAkB,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,WAAW,GAAG,OAAO,CAAC,WAAW,CAAC,CAa9F"}

package/dist/did/DIDResolution.js

@@ -0,0 +1,119 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.resolveDidDocument = exports.mergeAllDidMethods = exports.getResolverUnion = exports.getResolver = void 0;
+const did_auth_siop_1 = require("@sphereon/did-auth-siop");
+const did_uni_client_1 = require("@sphereon/did-uni-client");
+const did_resolver_1 = require("did-resolver");
+const index_1 = require("./index");
+function getResolver(opts) {
+    if (opts && typeof opts.resolver === 'object') {
+        return opts.resolver;
+    }
+    if (!opts || !opts.subjectSyntaxTypesSupported) {
+        if (opts === null || opts === void 0 ? void 0 : opts.noUniversalResolverFallback) {
+            throw Error(`No subject syntax types nor did methods configured for DID resolution, but fallback to universal resolver has been disabled`);
+        }
+        console.log(`Falling back to universal resolver as no resolve opts have been provided, or no subject syntax types supported are provided. It is wise to fix this`);
+        return new did_uni_client_1.UniResolver();
+    }
+    const uniResolvers = [];
+    if (opts.subjectSyntaxTypesSupported.indexOf(did_auth_siop_1.SubjectIdentifierType.DID) === -1) {
+        const specificDidMethods = opts.subjectSyntaxTypesSupported.filter((sst) => sst.includes('did:'));
+        if (!specificDidMethods.length) {
+            throw new Error('No did method found.');
+        }
+        for (const didMethod of specificDidMethods) {
+            const uniResolver = (0, did_uni_client_1.getUniResolver)((0, index_1.getMethodFromDid)(didMethod), { resolveUrl: opts.resolveUrl });
+            uniResolvers.push(uniResolver);
+        }
+        return new did_resolver_1.Resolver(...uniResolvers);
+    }
+    else {
+        if (opts === null || opts === void 0 ? void 0 : opts.noUniversalResolverFallback) {
+            throw Error(`No subject syntax types nor did methods configured for DID resolution, but fallback to universal resolver has been disabled`);
+        }
+        console.log(`Falling back to universal resolver as no resolve opts have been provided, or no subject syntax types supported are provided. It is wise to fix this`);
+        return new did_uni_client_1.UniResolver();
+    }
+}
+exports.getResolver = getResolver;
+/**
+ * This method returns a resolver object in OP/RP
+ * If the user of this library, configures OP/RP to have a customResolver, we will use that
+ * If the user of this library configures OP/RP to use a custom resolver for any specific did method, we will use that
+ * and in the end for the rest of the did methods, configured either with calling `addDidMethod` upon building OP/RP
+ * (without any resolver configuration) or declaring in the subject_syntax_types_supported of the registration object
+ * we will use universal resolver from Sphereon's DID Universal Resolver library
+ * @param customResolver
+ * @param subjectSyntaxTypesSupported
+ * @param resolverMap
+ */
+function getResolverUnion(customResolver, subjectSyntaxTypesSupported, resolverMap) {
+    if (customResolver) {
+        return customResolver;
+    }
+    const fallbackResolver = customResolver ? customResolver : new did_uni_client_1.UniResolver();
+    const uniResolvers = [];
+    const subjectTypes = [];
+    if (subjectSyntaxTypesSupported) {
+        typeof subjectSyntaxTypesSupported === 'string'
+            ? subjectTypes.push(subjectSyntaxTypesSupported)
+            : subjectTypes.push(...subjectSyntaxTypesSupported);
+    }
+    if (subjectTypes.indexOf(did_auth_siop_1.SubjectSyntaxTypesSupportedValues.DID.valueOf()) !== -1) {
+        return customResolver ? customResolver : new did_uni_client_1.UniResolver();
+    }
+    const specificDidMethods = subjectTypes.filter((sst) => !!sst && sst.startsWith('did:'));
+    specificDidMethods.forEach((dm) => {
+        let methodResolver;
+        if (!resolverMap.has(dm) || resolverMap.get(dm) === null) {
+            methodResolver = (0, did_uni_client_1.getUniResolver)((0, index_1.getMethodFromDid)(dm));
+        }
+        else {
+            methodResolver = resolverMap.get(dm);
+        }
+        uniResolvers.push(methodResolver);
+    });
+    return subjectTypes.indexOf(did_auth_siop_1.SubjectSyntaxTypesSupportedValues.DID.valueOf()) !== -1
+        ? new did_resolver_1.Resolver(...Object.assign({ fallbackResolver }, uniResolvers))
+        : new did_resolver_1.Resolver(...uniResolvers);
+}
+exports.getResolverUnion = getResolverUnion;
+function mergeAllDidMethods(subjectSyntaxTypesSupported, resolvers) {
+    if (!Array.isArray(subjectSyntaxTypesSupported)) {
+        subjectSyntaxTypesSupported = [subjectSyntaxTypesSupported];
+    }
+    const unionSubjectSyntaxTypes = new Set();
+    subjectSyntaxTypesSupported.forEach((sst) => unionSubjectSyntaxTypes.add(sst));
+    resolvers.forEach((_, didMethod) => unionSubjectSyntaxTypes.add((0, index_1.toSIOPRegistrationDidMethod)(didMethod)));
+    return Array.from(unionSubjectSyntaxTypes);
+}
+exports.mergeAllDidMethods = mergeAllDidMethods;
+function resolveDidDocument(did, opts) {
+    return __awaiter(this, void 0, void 0, function* () {
+        var _a;
+        // todo: The accept is only there because did:key used by Veramo requires it. According to the spec it is optional. It should not hurt, but let's test
+        const result = yield getResolver(Object.assign({}, opts)).resolve(did, { accept: 'application/did+ld+json' });
+        if ((_a = result === null || result === void 0 ? void 0 : result.didResolutionMetadata) === null || _a === void 0 ? void 0 : _a.error) {
+            throw Error(result.didResolutionMetadata.error);
+        }
+        // eslint-disable-next-line @typescript-eslint/ban-ts-comment
+        // @ts-ignore
+        if (!result.didDocument && result.id) {
+            // todo: This looks like a bug. It seems that sometimes we get back a DID document directly instead of a did resolution results
+            return result;
+        }
+        return result.didDocument;
+    });
+}
+exports.resolveDidDocument = resolveDidDocument;
+//# sourceMappingURL=DIDResolution.js.map

package/dist/did/DIDResolution.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"DIDResolution.js","sourceRoot":"","sources":["../../lib/did/DIDResolution.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2DAAkG;AAClG,6DAAsE;AACtE,+CAAyG;AAIzG,mCAAuE;AAEvE,SAAgB,WAAW,CAAC,IAAiB;IAC3C,IAAI,IAAI,IAAI,OAAO,IAAI,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;QAC9C,OAAO,IAAI,CAAC,QAAQ,CAAA;IACtB,CAAC;IACD,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,2BAA2B,EAAE,CAAC;QAC/C,IAAI,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,2BAA2B,EAAE,CAAC;YACtC,MAAM,KAAK,CAAC,6HAA6H,CAAC,CAAA;QAC5I,CAAC;QACD,OAAO,CAAC,GAAG,CACT,qJAAqJ,CACtJ,CAAA;QACD,OAAO,IAAI,4BAAW,EAAE,CAAA;IAC1B,CAAC;IAED,MAAM,YAAY,GAEZ,EAAE,CAAA;IACR,IAAI,IAAI,CAAC,2BAA2B,CAAC,OAAO,CAAC,qCAAqB,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;QAC/E,MAAM,kBAAkB,GAAG,IAAI,CAAC,2BAA2B,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAA;QACjG,IAAI,CAAC,kBAAkB,CAAC,MAAM,EAAE,CAAC;YAC/B,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAA;QACzC,CAAC;QACD,KAAK,MAAM,SAAS,IAAI,kBAAkB,EAAE,CAAC;YAC3C,MAAM,WAAW,GAAG,IAAA,+BAAc,EAAC,IAAA,wBAAgB,EAAC,SAAS,CAAC,EAAE,EAAE,UAAU,EAAE,IAAI,CAAC,UAAU,EAAE,CAAC,CAAA;YAChG,YAAY,CAAC,IAAI,CAAC,WAAW,CAAC,CAAA;QAChC,CAAC;QACD,OAAO,IAAI,uBAAQ,CAAC,GAAG,YAAY,CAAC,CAAA;IACtC,CAAC;SAAM,CAAC;QACN,IAAI,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,2BAA2B,EAAE,CAAC;YACtC,MAAM,KAAK,CAAC,6HAA6H,CAAC,CAAA;QAC5I,CAAC;QACD,OAAO,CAAC,GAAG,CACT,qJAAqJ,CACtJ,CAAA;QACD,OAAO,IAAI,4BAAW,EAAE,CAAA;IAC1B,CAAC;AACH,CAAC;AApCD,kCAoCC;AAED;;;;;;;;;;GAUG;AACH,SAAgB,gBAAgB,CAC9B,cAA0B,EAC1B,2BAA8C,EAC9C,WAAoC;IAEpC,IAAI,cAAc,EAAE,CAAC;QACnB,OAAO,cAAc,CAAA;IACvB,CAAC;IACD,MAAM,gBAAgB,GAAe,cAAc,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,4BAAW,EAAE,CAAA;IACxF,MAAM,YAAY,GAEZ,EAAE,CAAA;IACR,MAAM,YAAY,GAAa,EAAE,CAAA;IACjC,IAAI,2BAA2B,EAAE,CAAC;QAChC,OAAO,2BAA2B,KAAK,QAAQ;YAC7C,CAAC,CAAC,YAAY,CAAC,IAAI,CAAC,2BAA2B,CAAC;YAChD,CAAC,CAAC,YAAY,CAAC,IAAI,CAAC,GAAG,2BAA2B,CAAC,CAAA;IACvD,CAAC;IACD,IAAI,YAAY,CAAC,OAAO,CAAC,iDAAiC,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;QACjF,OAAO,cAAc,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,4BAAW,EAAE,CAAA;IAC5D,CAAC;IACD,MAAM,kBAAkB,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,IAAI,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAA;IACxF,kBAAkB,CAAC,OAAO,CAAC,CAAC,EAAE,EAAE,EAAE;QAChC,IAAI,cAAc,CAAA;QAClB,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,WAAW,CAAC,GAAG,CAAC,EAAE,CAAC,KAAK,IAAI,EAAE,CAAC;YACzD,cAAc,GAAG,IAAA,+BAAc,EAAC,IAAA,wBAAgB,EAAC,EAAE,CAAC,CAAC,CAAA;QACvD,CAAC;aAAM,CAAC;YACN,cAAc,GAAG,WAAW,CAAC,GAAG,CAAC,EAAE,CAAC,CAAA;QACtC,CAAC;QACD,YAAY,CAAC,IAAI,CAAC,cAAc,CAAC,CAAA;IACnC,CAAC,CAAC,CAAA;IACF,OAAO,YAAY,CAAC,OAAO,CAAC,iDAAiC,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC,KAAK,CAAC,CAAC;QACjF,CAAC,CAAC,IAAI,uBAAQ,CAAC,mBAAK,gBAAgB,IAAK,YAAY,CAAE,CAAC;QACxD,CAAC,CAAC,IAAI,uBAAQ,CAAC,GAAG,YAAY,CAAC,CAAA;AACnC,CAAC;AAlCD,4CAkCC;AAED,SAAgB,kBAAkB,CAAC,2BAA8C,EAAE,SAAkC;IACnH,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,2BAA2B,CAAC,EAAE,CAAC;QAChD,2BAA2B,GAAG,CAAC,2BAA2B,CAAC,CAAA;IAC7D,CAAC;IACD,MAAM,uBAAuB,GAAG,IAAI,GAAG,EAAE,CAAA;IACzC,2BAA2B,CAAC,OAAO,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,uBAAuB,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAA;IAC9E,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,EAAE,CAAC,uBAAuB,CAAC,GAAG,CAAC,IAAA,mCAA2B,EAAC,SAAS,CAAC,CAAC,CAAC,CAAA;IACxG,OAAO,KAAK,CAAC,IAAI,CAAC,uBAAuB,CAAa,CAAA;AACxD,CAAC;AARD,gDAQC;AAED,SAAsB,kBAAkB,CAAC,GAAW,EAAE,IAAkB;;;QACtE,sJAAsJ;QACtJ,MAAM,MAAM,GAAG,MAAM,WAAW,mBAAM,IAAI,EAAG,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,MAAM,EAAE,yBAAyB,EAAE,CAAC,CAAA;QACjG,IAAI,MAAA,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,qBAAqB,0CAAE,KAAK,EAAE,CAAC;YACzC,MAAM,KAAK,CAAC,MAAM,CAAC,qBAAqB,CAAC,KAAK,CAAC,CAAA;QACjD,CAAC;QACD,6DAA6D;QAC7D,aAAa;QACb,IAAI,CAAC,MAAM,CAAC,WAAW,IAAI,MAAM,CAAC,EAAE,EAAE,CAAC;YACrC,+HAA+H;YAC/H,OAAO,MAAgC,CAAA;QACzC,CAAC;QACD,OAAO,MAAM,CAAC,WAAW,CAAA;IAC3B,CAAC;CAAA;AAbD,gDAaC"}

package/dist/did/DidJWT.d.ts

@@ -0,0 +1,57 @@
+import { IDTokenPayload, RequestObjectPayload, SigningAlgo, VerifiedJWT } from '@sphereon/did-auth-siop';
+import { JWTHeader, JWTOptions, JWTPayload, JWTVerifyOptions, Signer } from 'did-jwt';
+import { Resolvable } from 'did-resolver';
+import { ExternalSignature, InternalSignature, SuppliedSignature } from '../types';
+/**
+ *  Verifies given JWT. If the JWT is valid, the promise returns an object including the JWT, the payload of the JWT,
+ *  and the did doc of the issuer of the JWT.
+ *
+ *  @example
+ *  verifyDidJWT('did:key:example', resolver, {audience: '5A8bRWU3F7j3REx3vkJ...', callbackUrl: 'https://...'}).then(obj => {
+ *      const did = obj.did                 // DIDres of signer
+ *      const payload = obj.payload
+ *      const doc = obj.doc                 // DIDres Document of signer
+ *      const JWT = obj.JWT                 // JWT
+ *      const signerKeyId = obj.signerKeyId // ID of key in DIDres document that signed JWT
+ *      ...
+ *  })
+ *
+ *  @param    {String}            jwt                   a JSON Web Token to verify
+ *  @param    {Resolvable}        resolver
+ *  @param    {JWTVerifyOptions}  [options]             Options
+ *  @param    {String}            options.audience      DID of the recipient of the JWT
+ *  @param    {String}            options.callbackUrl   callback url in JWT
+ *  @return   {Promise<Object, Error>}                  a promise which resolves with a response object or rejects with an error
+ */
+export declare function verifyDidJWT(jwt: string, resolver: Resolvable, options: JWTVerifyOptions): Promise<VerifiedJWT>;
+/**
+ *  Creates a signed JWT given an address which becomes the issuer, a signer function, and a payload for which the withSignature is over.
+ *
+ *  @example
+ *  const signer = ES256KSigner(process.env.PRIVATE_KEY)
+ *  createJWT({address: '5A8bRWU3F7j3REx3vkJ...', signer}, {key1: 'value', key2: ..., ... }).then(JWT => {
+ *      ...
+ *  })
+ *
+ *  @param    {Object}            payload               payload object
+ *  @param    {Object}            [options]             an unsigned credential object
+ *  @param    {String}            options.issuer        The DID of the issuer (signer) of JWT
+ *  @param    {Signer}            options.signer        a `Signer` function, Please see `ES256KSigner` or `EdDSASigner`
+ *  @param    {boolean}           options.canonicalize  optional flag to canonicalize header and payload before signing
+ *  @param    {Object}            header                optional object to specify or customize the JWT header
+ *  @return   {Promise<Object, Error>}                  a promise which resolves with a signed JSON Web Token or rejects with an error
+ */
+export declare function createDidJWT(payload: Partial<JWTPayload>, { issuer, signer, expiresIn, canonicalize }: JWTOptions, header: Partial<JWTHeader>): Promise<string>;
+export declare function signIDTokenPayload(payload: IDTokenPayload, signature: InternalSignature | ExternalSignature | SuppliedSignature): Promise<string>;
+export declare function signRequestObjectPayload(payload: RequestObjectPayload, signature: InternalSignature | ExternalSignature | SuppliedSignature): Promise<string>;
+export declare function signDidJwtInternal(payload: IDTokenPayload | RequestObjectPayload, issuer: string, hexPrivateKey: string, alg: SigningAlgo, kid: string, customJwtSigner?: Signer): Promise<string>;
+export declare function getAudience(jwt: string): string;
+export declare function getSubDidFromPayload(payload: JWTPayload, header?: JWTHeader): string;
+export declare function isIssSelfIssued(payload: JWTPayload): boolean;
+export declare function getMethodFromDid(did: string): string;
+/**
+ * Since the OIDC SIOP spec incorrectly uses 'did:<method>:' and calls that a method, we have to fix it
+ * @param didOrMethod
+ */
+export declare function toSIOPRegistrationDidMethod(didOrMethod: string): string;
+//# sourceMappingURL=DidJWT.d.ts.map

package/dist/did/DidJWT.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"DidJWT.d.ts","sourceRoot":"","sources":["../../lib/did/DidJWT.ts"],"names":[],"mappings":"AACA,OAAO,EAEL,cAAc,EACd,oBAAoB,EAGpB,WAAW,EAGX,WAAW,EACZ,MAAM,yBAAyB,CAAA;AAChC,OAAO,EAOL,SAAS,EACT,UAAU,EACV,UAAU,EACV,gBAAgB,EAChB,MAAM,EAEP,MAAM,SAAS,CAAA;AAChB,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAA;AAGzC,OAAO,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,MAAM,UAAU,CAAA;AAElF;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,wBAAsB,YAAY,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,WAAW,CAAC,CAErH;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAsB,YAAY,CAChC,OAAO,EAAE,OAAO,CAAC,UAAU,CAAC,EAC5B,EAAE,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,YAAY,EAAE,EAAE,UAAU,EACvD,MAAM,EAAE,OAAO,CAAC,SAAS,CAAC,GACzB,OAAO,CAAC,MAAM,CAAC,CAEjB;AAED,wBAAsB,kBAAkB,CAAC,OAAO,EAAE,cAAc,EAAE,SAAS,EAAE,iBAAiB,GAAG,iBAAiB,GAAG,iBAAiB,mBAYrI;AAED,wBAAsB,wBAAwB,CAAC,OAAO,EAAE,oBAAoB,EAAE,SAAS,EAAE,iBAAiB,GAAG,iBAAiB,GAAG,iBAAiB,mBAyBjJ;AAED,wBAAsB,kBAAkB,CACtC,OAAO,EAAE,cAAc,GAAG,oBAAoB,EAC9C,MAAM,EAAE,MAAM,EACd,aAAa,EAAE,MAAM,EACrB,GAAG,EAAE,WAAW,EAChB,GAAG,EAAE,MAAM,EACX,eAAe,CAAC,EAAE,MAAM,GACvB,OAAO,CAAC,MAAM,CAAC,CAajB;AA+DD,wBAAgB,WAAW,CAAC,GAAG,EAAE,MAAM,UAWtC;AASD,wBAAgB,oBAAoB,CAAC,OAAO,EAAE,UAAU,EAAE,MAAM,CAAC,EAAE,SAAS,GAAG,MAAM,CAgBpF;AAED,wBAAgB,eAAe,CAAC,OAAO,EAAE,UAAU,GAAG,OAAO,CAE5D;AAED,wBAAgB,gBAAgB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAYpD;AAED;;;GAGG;AACH,wBAAgB,2BAA2B,CAAC,WAAW,EAAE,MAAM,UAO9D"}