@sphereon/did-auth-siop-adapter 0.14.1-next.10

package/dist/did/DidJWT.js

@@ -0,0 +1,247 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.toSIOPRegistrationDidMethod = exports.getMethodFromDid = exports.isIssSelfIssued = exports.getSubDidFromPayload = exports.getAudience = exports.signDidJwtInternal = exports.signRequestObjectPayload = exports.signIDTokenPayload = exports.createDidJWT = exports.verifyDidJWT = void 0;
+const did_auth_siop_1 = require("@sphereon/did-auth-siop");
+const did_auth_siop_2 = require("@sphereon/did-auth-siop");
+const did_jwt_1 = require("did-jwt");
+const helpers_1 = require("../helpers");
+/**
+ *  Verifies given JWT. If the JWT is valid, the promise returns an object including the JWT, the payload of the JWT,
+ *  and the did doc of the issuer of the JWT.
+ *
+ *  @example
+ *  verifyDidJWT('did:key:example', resolver, {audience: '5A8bRWU3F7j3REx3vkJ...', callbackUrl: 'https://...'}).then(obj => {
+ *      const did = obj.did                 // DIDres of signer
+ *      const payload = obj.payload
+ *      const doc = obj.doc                 // DIDres Document of signer
+ *      const JWT = obj.JWT                 // JWT
+ *      const signerKeyId = obj.signerKeyId // ID of key in DIDres document that signed JWT
+ *      ...
+ *  })
+ *
+ *  @param    {String}            jwt                   a JSON Web Token to verify
+ *  @param    {Resolvable}        resolver
+ *  @param    {JWTVerifyOptions}  [options]             Options
+ *  @param    {String}            options.audience      DID of the recipient of the JWT
+ *  @param    {String}            options.callbackUrl   callback url in JWT
+ *  @return   {Promise<Object, Error>}                  a promise which resolves with a response object or rejects with an error
+ */
+function verifyDidJWT(jwt, resolver, options) {
+    return __awaiter(this, void 0, void 0, function* () {
+        return (0, did_jwt_1.verifyJWT)(jwt, Object.assign(Object.assign({}, options), { resolver }));
+    });
+}
+exports.verifyDidJWT = verifyDidJWT;
+/**
+ *  Creates a signed JWT given an address which becomes the issuer, a signer function, and a payload for which the withSignature is over.
+ *
+ *  @example
+ *  const signer = ES256KSigner(process.env.PRIVATE_KEY)
+ *  createJWT({address: '5A8bRWU3F7j3REx3vkJ...', signer}, {key1: 'value', key2: ..., ... }).then(JWT => {
+ *      ...
+ *  })
+ *
+ *  @param    {Object}            payload               payload object
+ *  @param    {Object}            [options]             an unsigned credential object
+ *  @param    {String}            options.issuer        The DID of the issuer (signer) of JWT
+ *  @param    {Signer}            options.signer        a `Signer` function, Please see `ES256KSigner` or `EdDSASigner`
+ *  @param    {boolean}           options.canonicalize  optional flag to canonicalize header and payload before signing
+ *  @param    {Object}            header                optional object to specify or customize the JWT header
+ *  @return   {Promise<Object, Error>}                  a promise which resolves with a signed JSON Web Token or rejects with an error
+ */
+function createDidJWT(payload_1, _a, header_1) {
+    return __awaiter(this, arguments, void 0, function* (payload, { issuer, signer, expiresIn, canonicalize }, header) {
+        return (0, did_jwt_1.createJWT)(payload, { issuer, signer, expiresIn, canonicalize }, header);
+    });
+}
+exports.createDidJWT = createDidJWT;
+function signIDTokenPayload(payload, signature) {
+    return __awaiter(this, void 0, void 0, function* () {
+        if ((0, helpers_1.isInternalSignature)(signature)) {
+            return signDidJwtInternal(payload, payload.issuer, signature.hexPrivateKey, signature.alg, signature.kid, signature.customJwtSigner);
+        }
+        else if ((0, helpers_1.isExternalSignature)(signature)) {
+            return signDidJwtExternal(payload, signature.signatureUri, signature.authZToken, signature.alg, signature.kid);
+        }
+        else if ((0, helpers_1.isSuppliedSignature)(signature)) {
+            return signDidJwtSupplied(payload, payload.issuer, signature.signature, signature.alg, signature.kid);
+        }
+        else {
+            throw new Error('Signature parameters should be internal signature with hexPrivateKey, did, and an optional kid, or external signature parameters with signatureUri, did, and optionals parameters authZToken, hexPublicKey, and kid');
+        }
+    });
+}
+exports.signIDTokenPayload = signIDTokenPayload;
+function signRequestObjectPayload(payload, signature) {
+    return __awaiter(this, void 0, void 0, function* () {
+        let issuer = payload.iss;
+        if (!issuer) {
+            issuer = signature.did;
+        }
+        if (!issuer) {
+            throw Error('No issuer supplied to sign the JWT');
+        }
+        if (!payload.iss) {
+            payload.iss = issuer;
+        }
+        if (!payload.sub) {
+            payload.sub = signature.did;
+        }
+        if ((0, helpers_1.isInternalSignature)(signature)) {
+            return signDidJwtInternal(payload, issuer, signature.hexPrivateKey, signature.alg, signature.kid, signature.customJwtSigner);
+        }
+        else if ((0, helpers_1.isExternalSignature)(signature)) {
+            return signDidJwtExternal(payload, signature.signatureUri, signature.authZToken, signature.alg, signature.kid);
+        }
+        else if ((0, helpers_1.isSuppliedSignature)(signature)) {
+            return signDidJwtSupplied(payload, issuer, signature.signature, signature.alg, signature.kid);
+        }
+        else {
+            throw new Error('Signature parameters should be internal signature with hexPrivateKey, did, and an optional kid, or external signature parameters with signatureUri, did, and optionals parameters authZToken, hexPublicKey, and kid');
+        }
+    });
+}
+exports.signRequestObjectPayload = signRequestObjectPayload;
+function signDidJwtInternal(payload, issuer, hexPrivateKey, alg, kid, customJwtSigner) {
+    return __awaiter(this, void 0, void 0, function* () {
+        const signer = determineSigner(alg, hexPrivateKey, customJwtSigner);
+        const header = {
+            alg,
+            kid,
+        };
+        const options = {
+            issuer,
+            signer,
+            expiresIn: did_auth_siop_2.DEFAULT_EXPIRATION_TIME,
+        };
+        return yield createDidJWT(Object.assign({}, payload), options, header);
+    });
+}
+exports.signDidJwtInternal = signDidJwtInternal;
+function signDidJwtExternal(payload, signatureUri, authZToken, alg, kid) {
+    return __awaiter(this, void 0, void 0, function* () {
+        const body = {
+            issuer: payload.iss && payload.iss.includes('did:') ? payload.iss : payload.sub,
+            payload,
+            expiresIn: did_auth_siop_2.DEFAULT_EXPIRATION_TIME,
+            alg,
+            selfIssued: payload.iss.includes(did_auth_siop_2.ResponseIss.SELF_ISSUED_V2) ? payload.iss : undefined,
+            kid,
+        };
+        const response = yield (0, did_auth_siop_1.post)(signatureUri, JSON.stringify(body), { bearerToken: authZToken });
+        return response.successBody.jws;
+    });
+}
+function signDidJwtSupplied(payload, issuer, signer, alg, kid) {
+    return __awaiter(this, void 0, void 0, function* () {
+        const header = {
+            alg,
+            kid,
+        };
+        const options = {
+            issuer,
+            signer,
+            expiresIn: did_auth_siop_2.DEFAULT_EXPIRATION_TIME,
+        };
+        return yield createDidJWT(Object.assign({}, payload), options, header);
+    });
+}
+const determineSigner = (alg, hexPrivateKey, customSigner) => {
+    if (customSigner) {
+        return customSigner;
+    }
+    else if (!hexPrivateKey) {
+        throw new Error('no private key provided');
+    }
+    const privateKey = (0, did_jwt_1.hexToBytes)(hexPrivateKey.replace('0x', ''));
+    switch (alg) {
+        case did_auth_siop_2.SigningAlgo.EDDSA:
+            return (0, did_jwt_1.EdDSASigner)(privateKey);
+        case did_auth_siop_2.SigningAlgo.ES256:
+            return (0, did_jwt_1.ES256Signer)(privateKey);
+        case did_auth_siop_2.SigningAlgo.ES256K:
+            return (0, did_jwt_1.ES256KSigner)(privateKey);
+        case did_auth_siop_2.SigningAlgo.PS256:
+            throw Error('PS256 is not supported yet. Please provide a custom signer');
+        case did_auth_siop_2.SigningAlgo.RS256:
+            throw Error('RS256 is not supported yet. Please provide a custom signer');
+    }
+};
+function getAudience(jwt) {
+    const { payload } = (0, did_jwt_1.decodeJWT)(jwt);
+    if (!payload) {
+        throw new Error(did_auth_siop_2.SIOPErrors.NO_AUDIENCE);
+    }
+    else if (!payload.aud) {
+        return undefined;
+    }
+    else if (Array.isArray(payload.aud)) {
+        throw new Error(did_auth_siop_2.SIOPErrors.INVALID_AUDIENCE);
+    }
+    return payload.aud;
+}
+exports.getAudience = getAudience;
+//TODO To enable automatic registration, it cannot be a did, but HTTPS URL
+function assertIssSelfIssuedOrDid(payload) {
+    if (!payload.sub || !payload.sub.startsWith('did:') || !payload.iss || !isIssSelfIssued(payload)) {
+        throw new Error('Token does not have a iss DID');
+    }
+}
+function getSubDidFromPayload(payload, header) {
+    assertIssSelfIssuedOrDid(payload);
+    if (isIssSelfIssued(payload)) {
+        let did;
+        if (payload.sub && payload.sub.startsWith('did:')) {
+            did = payload.sub;
+        }
+        if (!did && header && header.kid && header.kid.startsWith('did:')) {
+            did = header.kid.split('#')[0];
+        }
+        if (did) {
+            return did;
+        }
+    }
+    return payload.sub;
+}
+exports.getSubDidFromPayload = getSubDidFromPayload;
+function isIssSelfIssued(payload) {
+    return payload.iss.includes(did_auth_siop_2.ResponseIss.SELF_ISSUED_V1) || payload.iss.includes(did_auth_siop_2.ResponseIss.SELF_ISSUED_V2) || payload.iss === payload.sub;
+}
+exports.isIssSelfIssued = isIssSelfIssued;
+function getMethodFromDid(did) {
+    if (!did) {
+        throw new Error(did_auth_siop_2.SIOPErrors.BAD_PARAMS);
+    }
+    const split = did.split(':');
+    if (split.length == 1 && did.length > 0) {
+        return did;
+    }
+    else if (!did.startsWith('did:') || split.length < 2) {
+        throw new Error(did_auth_siop_2.SIOPErrors.BAD_PARAMS);
+    }
+    return split[1];
+}
+exports.getMethodFromDid = getMethodFromDid;
+/**
+ * Since the OIDC SIOP spec incorrectly uses 'did:<method>:' and calls that a method, we have to fix it
+ * @param didOrMethod
+ */
+function toSIOPRegistrationDidMethod(didOrMethod) {
+    let prefix = didOrMethod;
+    if (!didOrMethod.startsWith('did:')) {
+        prefix = 'did:' + didOrMethod;
+    }
+    const split = prefix.split(':');
+    return `${split[0]}:${split[1]}`;
+}
+exports.toSIOPRegistrationDidMethod = toSIOPRegistrationDidMethod;
+//# sourceMappingURL=DidJWT.js.map

package/dist/did/DidJWT.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"DidJWT.js","sourceRoot":"","sources":["../../lib/did/DidJWT.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2DAA8C;AAC9C,2DAUgC;AAChC,qCAagB;AAGhB,wCAA0F;AAG1F;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,SAAsB,YAAY,CAAC,GAAW,EAAE,QAAoB,EAAE,OAAyB;;QAC7F,OAAO,IAAA,mBAAS,EAAC,GAAG,kCAAO,OAAO,KAAE,QAAQ,IAAG,CAAA;IACjD,CAAC;CAAA;AAFD,oCAEC;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,SAAsB,YAAY;yDAChC,OAA4B,EAC5B,EAAE,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,YAAY,EAAc,EACvD,MAA0B;QAE1B,OAAO,IAAA,mBAAS,EAAC,OAAO,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,YAAY,EAAE,EAAE,MAAM,CAAC,CAAA;IAChF,CAAC;CAAA;AAND,oCAMC;AAED,SAAsB,kBAAkB,CAAC,OAAuB,EAAE,SAAoE;;QACpI,IAAI,IAAA,6BAAmB,EAAC,SAAS,CAAC,EAAE,CAAC;YACnC,OAAO,kBAAkB,CAAC,OAAO,EAAE,OAAO,CAAC,MAAM,EAAE,SAAS,CAAC,aAAa,EAAE,SAAS,CAAC,GAAG,EAAE,SAAS,CAAC,GAAG,EAAE,SAAS,CAAC,eAAe,CAAC,CAAA;QACtI,CAAC;aAAM,IAAI,IAAA,6BAAmB,EAAC,SAAS,CAAC,EAAE,CAAC;YAC1C,OAAO,kBAAkB,CAAC,OAAO,EAAE,SAAS,CAAC,YAAY,EAAE,SAAS,CAAC,UAAU,EAAE,SAAS,CAAC,GAAG,EAAE,SAAS,CAAC,GAAG,CAAC,CAAA;QAChH,CAAC;aAAM,IAAI,IAAA,6BAAmB,EAAC,SAAS,CAAC,EAAE,CAAC;YAC1C,OAAO,kBAAkB,CAAC,OAAO,EAAE,OAAO,CAAC,MAAM,EAAE,SAAS,CAAC,SAAS,EAAE,SAAS,CAAC,GAAG,EAAE,SAAS,CAAC,GAAG,CAAC,CAAA;QACvG,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,KAAK,CACb,qNAAqN,CACtN,CAAA;QACH,CAAC;IACH,CAAC;CAAA;AAZD,gDAYC;AAED,SAAsB,wBAAwB,CAAC,OAA6B,EAAE,SAAoE;;QAChJ,IAAI,MAAM,GAAG,OAAO,CAAC,GAAG,CAAA;QACxB,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,GAAG,SAAS,CAAC,GAAG,CAAA;QACxB,CAAC;QACD,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,KAAK,CAAC,oCAAoC,CAAC,CAAA;QACnD,CAAC;QACD,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;YACjB,OAAO,CAAC,GAAG,GAAG,MAAM,CAAA;QACtB,CAAC;QACD,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;YACjB,OAAO,CAAC,GAAG,GAAG,SAAS,CAAC,GAAG,CAAA;QAC7B,CAAC;QACD,IAAI,IAAA,6BAAmB,EAAC,SAAS,CAAC,EAAE,CAAC;YACnC,OAAO,kBAAkB,CAAC,OAAO,EAAE,MAAM,EAAE,SAAS,CAAC,aAAa,EAAE,SAAS,CAAC,GAAG,EAAE,SAAS,CAAC,GAAG,EAAE,SAAS,CAAC,eAAe,CAAC,CAAA;QAC9H,CAAC;aAAM,IAAI,IAAA,6BAAmB,EAAC,SAAS,CAAC,EAAE,CAAC;YAC1C,OAAO,kBAAkB,CAAC,OAAO,EAAE,SAAS,CAAC,YAAY,EAAE,SAAS,CAAC,UAAU,EAAE,SAAS,CAAC,GAAG,EAAE,SAAS,CAAC,GAAG,CAAC,CAAA;QAChH,CAAC;aAAM,IAAI,IAAA,6BAAmB,EAAC,SAAS,CAAC,EAAE,CAAC;YAC1C,OAAO,kBAAkB,CAAC,OAAO,EAAE,MAAM,EAAE,SAAS,CAAC,SAAS,EAAE,SAAS,CAAC,GAAG,EAAE,SAAS,CAAC,GAAG,CAAC,CAAA;QAC/F,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,KAAK,CACb,qNAAqN,CACtN,CAAA;QACH,CAAC;IACH,CAAC;CAAA;AAzBD,4DAyBC;AAED,SAAsB,kBAAkB,CACtC,OAA8C,EAC9C,MAAc,EACd,aAAqB,EACrB,GAAgB,EAChB,GAAW,EACX,eAAwB;;QAExB,MAAM,MAAM,GAAG,eAAe,CAAC,GAAG,EAAE,aAAa,EAAE,eAAe,CAAC,CAAA;QACnE,MAAM,MAAM,GAAG;YACb,GAAG;YACH,GAAG;SACJ,CAAA;QACD,MAAM,OAAO,GAAG;YACd,MAAM;YACN,MAAM;YACN,SAAS,EAAE,uCAAuB;SACnC,CAAA;QAED,OAAO,MAAM,YAAY,mBAAM,OAAO,GAAI,OAAO,EAAE,MAAM,CAAC,CAAA;IAC5D,CAAC;CAAA;AApBD,gDAoBC;AAED,SAAe,kBAAkB,CAC/B,OAA8C,EAC9C,YAAoB,EACpB,UAAkB,EAClB,GAAgB,EAChB,GAAY;;QAEZ,MAAM,IAAI,GAAG;YACX,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG;YAC/E,OAAO;YACP,SAAS,EAAE,uCAAuB;YAClC,GAAG;YACH,UAAU,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,2BAAW,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS;YACtF,GAAG;SACJ,CAAA;QAED,MAAM,QAAQ,GAAmC,MAAM,IAAA,oBAAI,EAAC,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,EAAE,WAAW,EAAE,UAAU,EAAE,CAAC,CAAA;QAC5H,OAAO,QAAQ,CAAC,WAAW,CAAC,GAAG,CAAA;IACjC,CAAC;CAAA;AAED,SAAe,kBAAkB,CAC/B,OAA8C,EAC9C,MAAc,EACd,MAAc,EACd,GAAgB,EAChB,GAAW;;QAEX,MAAM,MAAM,GAAG;YACb,GAAG;YACH,GAAG;SACJ,CAAA;QACD,MAAM,OAAO,GAAG;YACd,MAAM;YACN,MAAM;YACN,SAAS,EAAE,uCAAuB;SACnC,CAAA;QAED,OAAO,MAAM,YAAY,mBAAM,OAAO,GAAI,OAAO,EAAE,MAAM,CAAC,CAAA;IAC5D,CAAC;CAAA;AAED,MAAM,eAAe,GAAG,CAAC,GAAgB,EAAE,aAAsB,EAAE,YAAqB,EAAU,EAAE;IAClG,IAAI,YAAY,EAAE,CAAC;QACjB,OAAO,YAAY,CAAA;IACrB,CAAC;SAAM,IAAI,CAAC,aAAa,EAAE,CAAC;QAC1B,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAA;IAC5C,CAAC;IACD,MAAM,UAAU,GAAG,IAAA,oBAAU,EAAC,aAAa,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAA;IAC9D,QAAQ,GAAG,EAAE,CAAC;QACZ,KAAK,2BAAW,CAAC,KAAK;YACpB,OAAO,IAAA,qBAAW,EAAC,UAAU,CAAC,CAAA;QAChC,KAAK,2BAAW,CAAC,KAAK;YACpB,OAAO,IAAA,qBAAW,EAAC,UAAU,CAAC,CAAA;QAChC,KAAK,2BAAW,CAAC,MAAM;YACrB,OAAO,IAAA,sBAAY,EAAC,UAAU,CAAC,CAAA;QACjC,KAAK,2BAAW,CAAC,KAAK;YACpB,MAAM,KAAK,CAAC,4DAA4D,CAAC,CAAA;QAC3E,KAAK,2BAAW,CAAC,KAAK;YACpB,MAAM,KAAK,CAAC,4DAA4D,CAAC,CAAA;IAC7E,CAAC;AACH,CAAC,CAAA;AAED,SAAgB,WAAW,CAAC,GAAW;IACrC,MAAM,EAAE,OAAO,EAAE,GAAG,IAAA,mBAAS,EAAC,GAAG,CAAC,CAAA;IAClC,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CAAC,0BAAU,CAAC,WAAW,CAAC,CAAA;IACzC,CAAC;SAAM,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;QACxB,OAAO,SAAS,CAAA;IAClB,CAAC;SAAM,IAAI,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;QACtC,MAAM,IAAI,KAAK,CAAC,0BAAU,CAAC,gBAAgB,CAAC,CAAA;IAC9C,CAAC;IAED,OAAO,OAAO,CAAC,GAAG,CAAA;AACpB,CAAC;AAXD,kCAWC;AAED,0EAA0E;AAC1E,SAAS,wBAAwB,CAAC,OAAmB;IACnD,IAAI,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,EAAE,CAAC;QACjG,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAA;IAClD,CAAC;AACH,CAAC;AAED,SAAgB,oBAAoB,CAAC,OAAmB,EAAE,MAAkB;IAC1E,wBAAwB,CAAC,OAAO,CAAC,CAAA;IAEjC,IAAI,eAAe,CAAC,OAAO,CAAC,EAAE,CAAC;QAC7B,IAAI,GAAG,CAAA;QACP,IAAI,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;YAClD,GAAG,GAAG,OAAO,CAAC,GAAG,CAAA;QACnB,CAAC;QACD,IAAI,CAAC,GAAG,IAAI,MAAM,IAAI,MAAM,CAAC,GAAG,IAAI,MAAM,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;YAClE,GAAG,GAAG,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAA;QAChC,CAAC;QACD,IAAI,GAAG,EAAE,CAAC;YACR,OAAO,GAAG,CAAA;QACZ,CAAC;IACH,CAAC;IACD,OAAO,OAAO,CAAC,GAAG,CAAA;AACpB,CAAC;AAhBD,oDAgBC;AAED,SAAgB,eAAe,CAAC,OAAmB;IACjD,OAAO,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,2BAAW,CAAC,cAAc,CAAC,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,2BAAW,CAAC,cAAc,CAAC,IAAI,OAAO,CAAC,GAAG,KAAK,OAAO,CAAC,GAAG,CAAA;AAC5I,CAAC;AAFD,0CAEC;AAED,SAAgB,gBAAgB,CAAC,GAAW;IAC1C,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,MAAM,IAAI,KAAK,CAAC,0BAAU,CAAC,UAAU,CAAC,CAAA;IACxC,CAAC;IACD,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IAC5B,IAAI,KAAK,CAAC,MAAM,IAAI,CAAC,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxC,OAAO,GAAG,CAAA;IACZ,CAAC;SAAM,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACvD,MAAM,IAAI,KAAK,CAAC,0BAAU,CAAC,UAAU,CAAC,CAAA;IACxC,CAAC;IAED,OAAO,KAAK,CAAC,CAAC,CAAC,CAAA;AACjB,CAAC;AAZD,4CAYC;AAED;;;GAGG;AACH,SAAgB,2BAA2B,CAAC,WAAmB;IAC7D,IAAI,MAAM,GAAG,WAAW,CAAA;IACxB,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;QACpC,MAAM,GAAG,MAAM,GAAG,WAAW,CAAA;IAC/B,CAAC;IACD,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IAC/B,OAAO,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,EAAE,CAAA;AAClC,CAAC;AAPD,kEAOC"}

package/dist/did/LinkedDomainValidations.d.ts

@@ -0,0 +1,3 @@
+import { ExternalVerification, InternalVerification } from './../types/';
+export declare function validateLinkedDomainWithDid(did: string, verification: InternalVerification | ExternalVerification): Promise<void>;
+//# sourceMappingURL=LinkedDomainValidations.d.ts.map

package/dist/did/LinkedDomainValidations.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"LinkedDomainValidations.d.ts","sourceRoot":"","sources":["../../lib/did/LinkedDomainValidations.ts"],"names":[],"mappings":"AAIA,OAAO,EAAqB,oBAAoB,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAA;AAiD3F,wBAAsB,2BAA2B,CAAC,GAAG,EAAE,MAAM,EAAE,YAAY,EAAE,oBAAoB,GAAG,oBAAoB,iBA+BvH"}

package/dist/did/LinkedDomainValidations.js

@@ -0,0 +1,102 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.validateLinkedDomainWithDid = void 0;
+const wellknown_dids_client_1 = require("@sphereon/wellknown-dids-client");
+const types_1 = require("./../types/");
+const DIDResolution_1 = require("./DIDResolution");
+const DidJWT_1 = require("./DidJWT");
+function getValidationErrorMessages(validationResult) {
+    const messages = [];
+    if (validationResult.message) {
+        messages.push(validationResult.message);
+    }
+    if (validationResult === null || validationResult === void 0 ? void 0 : validationResult.endpointDescriptors.length) {
+        for (const endpointDescriptor of validationResult.endpointDescriptors) {
+            if (endpointDescriptor.message) {
+                messages.push(endpointDescriptor.message);
+            }
+            if (endpointDescriptor.resources) {
+                for (const resource of endpointDescriptor.resources) {
+                    if (resource.message) {
+                        messages.push(resource.message);
+                    }
+                }
+            }
+        }
+    }
+    return messages;
+}
+/**
+ * @param validationErrorMessages
+ * @return returns false if the messages received from wellknown-dids-client makes this invalid for CheckLinkedDomain.IF_PRESENT plus the message itself
+ *                  and true for when we can move on
+ */
+function checkInvalidMessages(validationErrorMessages) {
+    if (!validationErrorMessages || !validationErrorMessages.length) {
+        return { status: false, message: 'linked domain is invalid.' };
+    }
+    const validMessages = [
+        wellknown_dids_client_1.WDCErrors.PROPERTY_LINKED_DIDS_DOES_NOT_CONTAIN_ANY_DOMAIN_LINK_CREDENTIALS.valueOf(),
+        wellknown_dids_client_1.WDCErrors.PROPERTY_LINKED_DIDS_NOT_PRESENT.valueOf(),
+        wellknown_dids_client_1.WDCErrors.PROPERTY_TYPE_NOT_CONTAIN_VALID_LINKED_DOMAIN.valueOf(),
+        wellknown_dids_client_1.WDCErrors.PROPERTY_SERVICE_NOT_PRESENT.valueOf(),
+    ];
+    for (const validationErrorMessage of validationErrorMessages) {
+        if (!validMessages.filter((vm) => validationErrorMessage.includes(vm)).pop()) {
+            return { status: false, message: validationErrorMessage };
+        }
+    }
+    return { status: true };
+}
+function validateLinkedDomainWithDid(did, verification) {
+    return __awaiter(this, void 0, void 0, function* () {
+        const { checkLinkedDomain, resolveOpts, wellknownDIDVerifyCallback } = verification;
+        if (checkLinkedDomain === types_1.CheckLinkedDomain.NEVER) {
+            return;
+        }
+        const didDocument = yield (0, DIDResolution_1.resolveDidDocument)(did, Object.assign(Object.assign({}, resolveOpts), { subjectSyntaxTypesSupported: [(0, DidJWT_1.toSIOPRegistrationDidMethod)((0, DidJWT_1.getMethodFromDid)(did))] }));
+        if (!didDocument) {
+            throw Error(`Could not resolve DID: ${did}`);
+        }
+        if ((!didDocument.service || !didDocument.service.find((s) => s.type === 'LinkedDomains')) && checkLinkedDomain === types_1.CheckLinkedDomain.IF_PRESENT) {
+            // No linked domains in DID document and it was optional. Let's cut it short here.
+            return;
+        }
+        try {
+            const validationResult = yield checkWellKnownDid({ didDocument, verifyCallback: wellknownDIDVerifyCallback });
+            if (validationResult.status === wellknown_dids_client_1.ValidationStatusEnum.INVALID) {
+                const validationErrorMessages = getValidationErrorMessages(validationResult);
+                const messageCondition = checkInvalidMessages(validationErrorMessages);
+                if (checkLinkedDomain === types_1.CheckLinkedDomain.ALWAYS || (checkLinkedDomain === types_1.CheckLinkedDomain.IF_PRESENT && !messageCondition.status)) {
+                    throw new Error(messageCondition.message ? messageCondition.message : validationErrorMessages[0]);
+                }
+            }
+        }
+        catch (err) {
+            const messageCondition = checkInvalidMessages([err.message]);
+            if (checkLinkedDomain === types_1.CheckLinkedDomain.ALWAYS || (checkLinkedDomain === types_1.CheckLinkedDomain.IF_PRESENT && !messageCondition.status)) {
+                throw new Error(err.message);
+            }
+        }
+    });
+}
+exports.validateLinkedDomainWithDid = validateLinkedDomainWithDid;
+function checkWellKnownDid(args) {
+    return __awaiter(this, void 0, void 0, function* () {
+        const verifier = new wellknown_dids_client_1.WellKnownDidVerifier({
+            verifySignatureCallback: args.verifyCallback,
+            onlyVerifyServiceDid: false,
+        });
+        return yield verifier.verifyDomainLinkage({ didDocument: args.didDocument });
+    });
+}
+//# sourceMappingURL=LinkedDomainValidations.js.map

package/dist/did/LinkedDomainValidations.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"LinkedDomainValidations.js","sourceRoot":"","sources":["../../lib/did/LinkedDomainValidations.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2EAAiJ;AAIjJ,uCAA2F;AAC3F,mDAAoD;AACpD,qCAAwE;AAExE,SAAS,0BAA0B,CAAC,gBAA0C;IAC5E,MAAM,QAAQ,GAAG,EAAE,CAAA;IACnB,IAAI,gBAAgB,CAAC,OAAO,EAAE,CAAC;QAC7B,QAAQ,CAAC,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAA;IACzC,CAAC;IACD,IAAI,gBAAgB,aAAhB,gBAAgB,uBAAhB,gBAAgB,CAAE,mBAAmB,CAAC,MAAM,EAAE,CAAC;QACjD,KAAK,MAAM,kBAAkB,IAAI,gBAAgB,CAAC,mBAAmB,EAAE,CAAC;YACtE,IAAI,kBAAkB,CAAC,OAAO,EAAE,CAAC;gBAC/B,QAAQ,CAAC,IAAI,CAAC,kBAAkB,CAAC,OAAO,CAAC,CAAA;YAC3C,CAAC;YACD,IAAI,kBAAkB,CAAC,SAAS,EAAE,CAAC;gBACjC,KAAK,MAAM,QAAQ,IAAI,kBAAkB,CAAC,SAAS,EAAE,CAAC;oBACpD,IAAI,QAAQ,CAAC,OAAO,EAAE,CAAC;wBACrB,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAA;oBACjC,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,QAAQ,CAAA;AACjB,CAAC;AAED;;;;GAIG;AACH,SAAS,oBAAoB,CAAC,uBAAiC;IAC7D,IAAI,CAAC,uBAAuB,IAAI,CAAC,uBAAuB,CAAC,MAAM,EAAE,CAAC;QAChE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,2BAA2B,EAAE,CAAA;IAChE,CAAC;IACD,MAAM,aAAa,GAAa;QAC9B,iCAAS,CAAC,iEAAiE,CAAC,OAAO,EAAE;QACrF,iCAAS,CAAC,gCAAgC,CAAC,OAAO,EAAE;QACpD,iCAAS,CAAC,6CAA6C,CAAC,OAAO,EAAE;QACjE,iCAAS,CAAC,4BAA4B,CAAC,OAAO,EAAE;KACjD,CAAA;IACD,KAAK,MAAM,sBAAsB,IAAI,uBAAuB,EAAE,CAAC;QAC7D,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,sBAAsB,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC;YAC7E,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,sBAAsB,EAAE,CAAA;QAC3D,CAAC;IACH,CAAC;IACD,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;AACzB,CAAC;AAED,SAAsB,2BAA2B,CAAC,GAAW,EAAE,YAAyD;;QACtH,MAAM,EAAE,iBAAiB,EAAE,WAAW,EAAE,0BAA0B,EAAE,GAAG,YAAY,CAAA;QACnF,IAAI,iBAAiB,KAAK,yBAAiB,CAAC,KAAK,EAAE,CAAC;YAClD,OAAM;QACR,CAAC;QACD,MAAM,WAAW,GAAG,MAAM,IAAA,kCAAkB,EAAC,GAAG,kCAC3C,WAAW,KACd,2BAA2B,EAAE,CAAC,IAAA,oCAA2B,EAAC,IAAA,yBAAgB,EAAC,GAAG,CAAC,CAAC,CAAC,IACjF,CAAA;QACF,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,MAAM,KAAK,CAAC,0BAA0B,GAAG,EAAE,CAAC,CAAA;QAC9C,CAAC;QACD,IAAI,CAAC,CAAC,WAAW,CAAC,OAAO,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,eAAe,CAAC,CAAC,IAAI,iBAAiB,KAAK,yBAAiB,CAAC,UAAU,EAAE,CAAC;YACjJ,kFAAkF;YAClF,OAAM;QACR,CAAC;QACD,IAAI,CAAC;YACH,MAAM,gBAAgB,GAAG,MAAM,iBAAiB,CAAC,EAAE,WAAW,EAAE,cAAc,EAAE,0BAA0B,EAAE,CAAC,CAAA;YAC7G,IAAI,gBAAgB,CAAC,MAAM,KAAK,4CAAoB,CAAC,OAAO,EAAE,CAAC;gBAC7D,MAAM,uBAAuB,GAAG,0BAA0B,CAAC,gBAAgB,CAAC,CAAA;gBAC5E,MAAM,gBAAgB,GAA0C,oBAAoB,CAAC,uBAAuB,CAAC,CAAA;gBAC7G,IAAI,iBAAiB,KAAK,yBAAiB,CAAC,MAAM,IAAI,CAAC,iBAAiB,KAAK,yBAAiB,CAAC,UAAU,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,EAAE,CAAC;oBACvI,MAAM,IAAI,KAAK,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC,CAAC,uBAAuB,CAAC,CAAC,CAAC,CAAC,CAAA;gBACnG,CAAC;YACH,CAAC;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,gBAAgB,GAA0C,oBAAoB,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAA;YACnG,IAAI,iBAAiB,KAAK,yBAAiB,CAAC,MAAM,IAAI,CAAC,iBAAiB,KAAK,yBAAiB,CAAC,UAAU,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,EAAE,CAAC;gBACvI,MAAM,IAAI,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;YAC9B,CAAC;QACH,CAAC;IACH,CAAC;CAAA;AA/BD,kEA+BC;AAOD,SAAe,iBAAiB,CAAC,IAA2B;;QAC1D,MAAM,QAAQ,GAAG,IAAI,4CAAoB,CAAC;YACxC,uBAAuB,EAAE,IAAI,CAAC,cAAc;YAC5C,oBAAoB,EAAE,KAAK;SAC5B,CAAC,CAAA;QACF,OAAO,MAAM,QAAQ,CAAC,mBAAmB,CAAC,EAAE,WAAW,EAAE,IAAI,CAAC,WAAW,EAAE,CAAC,CAAA;IAC9E,CAAC;CAAA"}

package/dist/did/index.d.ts

@@ -0,0 +1,4 @@
+export * from './DidJWT';
+export * from './DIDResolution';
+export * from './LinkedDomainValidations';
+//# sourceMappingURL=index.d.ts.map

package/dist/did/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../lib/did/index.ts"],"names":[],"mappings":"AAAA,cAAc,UAAU,CAAA;AACxB,cAAc,iBAAiB,CAAA;AAC/B,cAAc,2BAA2B,CAAA"}

package/dist/did/index.js

@@ -0,0 +1,20 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./DidJWT"), exports);
+__exportStar(require("./DIDResolution"), exports);
+__exportStar(require("./LinkedDomainValidations"), exports);
+//# sourceMappingURL=index.js.map

package/dist/did/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../lib/did/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,2CAAwB;AACxB,kDAA+B;AAC/B,4DAAyC"}

package/dist/helpers.d.ts

@@ -0,0 +1,5 @@
+import { ExternalSignature, InternalSignature, NoSignature, SuppliedSignature } from './types/SIOP.types';
+export declare const isInternalSignature: (object: InternalSignature | ExternalSignature | SuppliedSignature | NoSignature) => object is InternalSignature;
+export declare const isExternalSignature: (object: InternalSignature | ExternalSignature | SuppliedSignature | NoSignature) => object is ExternalSignature;
+export declare const isSuppliedSignature: (object: InternalSignature | ExternalSignature | SuppliedSignature | NoSignature) => object is SuppliedSignature;
+//# sourceMappingURL=helpers.d.ts.map

package/dist/helpers.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"helpers.d.ts","sourceRoot":"","sources":["../lib/helpers.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,WAAW,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAA;AAEzG,eAAO,MAAM,mBAAmB,WAAY,iBAAiB,GAAG,iBAAiB,GAAG,iBAAiB,GAAG,WAAW,gCACrE,CAAA;AAE9C,eAAO,MAAM,mBAAmB,WAAY,iBAAiB,GAAG,iBAAiB,GAAG,iBAAiB,GAAG,WAAW,gCACtE,CAAA;AAE7C,eAAO,MAAM,mBAAmB,WAAY,iBAAiB,GAAG,iBAAiB,GAAG,iBAAiB,GAAG,WAAW,gCAC5F,CAAA"}

package/dist/helpers.js

@@ -0,0 +1,10 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.isSuppliedSignature = exports.isExternalSignature = exports.isInternalSignature = void 0;
+const isInternalSignature = (object) => 'hexPrivateKey' in object && 'did' in object;
+exports.isInternalSignature = isInternalSignature;
+const isExternalSignature = (object) => 'signatureUri' in object && 'did' in object;
+exports.isExternalSignature = isExternalSignature;
+const isSuppliedSignature = (object) => 'signature' in object;
+exports.isSuppliedSignature = isSuppliedSignature;
+//# sourceMappingURL=helpers.js.map

package/dist/helpers.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"helpers.js","sourceRoot":"","sources":["../lib/helpers.ts"],"names":[],"mappings":";;;AAEO,MAAM,mBAAmB,GAAG,CAAC,MAA+E,EAA+B,EAAE,CAClJ,eAAe,IAAI,MAAM,IAAI,KAAK,IAAI,MAAM,CAAA;AADjC,QAAA,mBAAmB,uBACc;AAEvC,MAAM,mBAAmB,GAAG,CAAC,MAA+E,EAA+B,EAAE,CAClJ,cAAc,IAAI,MAAM,IAAI,KAAK,IAAI,MAAM,CAAA;AADhC,QAAA,mBAAmB,uBACa;AAEtC,MAAM,mBAAmB,GAAG,CAAC,MAA+E,EAA+B,EAAE,CAClJ,WAAW,IAAI,MAAM,CAAA;AADV,QAAA,mBAAmB,uBACT"}

package/dist/index.d.ts

@@ -0,0 +1,5 @@
+export * from './did';
+export * from './types';
+export * from './DidJwtAdapter';
+export * from './helpers';
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../lib/index.ts"],"names":[],"mappings":"AAAA,cAAc,OAAO,CAAA;AAErB,cAAc,SAAS,CAAA;AACvB,cAAc,iBAAiB,CAAA;AAC/B,cAAc,WAAW,CAAA"}

package/dist/index.js

@@ -0,0 +1,21 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./did"), exports);
+__exportStar(require("./types"), exports);
+__exportStar(require("./DidJwtAdapter"), exports);
+__exportStar(require("./helpers"), exports);
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../lib/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,wCAAqB;AAErB,0CAAuB;AACvB,kDAA+B;AAC/B,4CAAyB"}

package/dist/types/SIOP.types.d.ts

@@ -0,0 +1,63 @@
+import { SigningAlgo } from '@sphereon/did-auth-siop';
+import { VerifyCallback as WellknownDIDVerifyCallback } from '@sphereon/wellknown-dids-client';
+import { JWTVerifyOptions } from 'did-jwt';
+import { Resolvable } from 'did-resolver';
+export declare enum CheckLinkedDomain {
+    NEVER = "never",// We don't want to verify Linked domains
+    IF_PRESENT = "if_present",// If present, did-auth-siop will check the linked domain, if exist and not valid, throws an exception
+    ALWAYS = "always"
+}
+export interface InternalSignature {
+    hexPrivateKey: string;
+    did: string;
+    alg: SigningAlgo;
+    kid?: string;
+    customJwtSigner?: Signer;
+}
+export interface SuppliedSignature {
+    signature: (data: string | Uint8Array) => Promise<EcdsaSignature | string>;
+    alg: SigningAlgo;
+    did: string;
+    kid: string;
+}
+export interface NoSignature {
+    hexPublicKey: string;
+    did: string;
+    kid?: string;
+}
+export interface ExternalSignature {
+    signatureUri: string;
+    did: string;
+    authZToken?: string;
+    hexPublicKey?: string;
+    alg: SigningAlgo;
+    kid?: string;
+}
+export declare enum VerificationMode {
+    INTERNAL = 0,
+    EXTERNAL = 1
+}
+export interface EcdsaSignature {
+    r: string;
+    s: string;
+    recoveryParam?: number | null;
+}
+export type Signer = (data: string | Uint8Array) => Promise<EcdsaSignature | string>;
+export interface Verification {
+    checkLinkedDomain?: CheckLinkedDomain;
+    wellknownDIDVerifyCallback?: WellknownDIDVerifyCallback;
+    resolveOpts: ResolveOpts;
+}
+export type InternalVerification = Verification;
+export interface ExternalVerification extends Verification {
+    verifyUri: string;
+    authZToken?: string;
+}
+export interface ResolveOpts {
+    jwtVerifyOpts?: JWTVerifyOptions;
+    resolver?: Resolvable;
+    resolveUrl?: string;
+    noUniversalResolverFallback?: boolean;
+    subjectSyntaxTypesSupported?: string[];
+}
+//# sourceMappingURL=SIOP.types.d.ts.map

package/dist/types/SIOP.types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"SIOP.types.d.ts","sourceRoot":"","sources":["../../lib/types/SIOP.types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAA;AACrD,OAAO,EAAE,cAAc,IAAI,0BAA0B,EAAE,MAAM,iCAAiC,CAAA;AAC9F,OAAO,EAAE,gBAAgB,EAAE,MAAM,SAAS,CAAA;AAC1C,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAA;AAEzC,oBAAY,iBAAiB;IAC3B,KAAK,UAAU,CAAE,yCAAyC;IAC1D,UAAU,eAAe,CAAE,sGAAsG;IACjI,MAAM,WAAW;CAClB;AAED,MAAM,WAAW,iBAAiB;IAChC,aAAa,EAAE,MAAM,CAAA;IACrB,GAAG,EAAE,MAAM,CAAA;IAEX,GAAG,EAAE,WAAW,CAAA;IAChB,GAAG,CAAC,EAAE,MAAM,CAAA;IAEZ,eAAe,CAAC,EAAE,MAAM,CAAA;CACzB;AAED,MAAM,WAAW,iBAAiB;IAChC,SAAS,EAAE,CAAC,IAAI,EAAE,MAAM,GAAG,UAAU,KAAK,OAAO,CAAC,cAAc,GAAG,MAAM,CAAC,CAAA;IAE1E,GAAG,EAAE,WAAW,CAAA;IAChB,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;CACZ;AAED,MAAM,WAAW,WAAW;IAC1B,YAAY,EAAE,MAAM,CAAA;IACpB,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,CAAC,EAAE,MAAM,CAAA;CACb;AAED,MAAM,WAAW,iBAAiB;IAChC,YAAY,EAAE,MAAM,CAAA;IACpB,GAAG,EAAE,MAAM,CAAA;IACX,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,YAAY,CAAC,EAAE,MAAM,CAAA;IAErB,GAAG,EAAE,WAAW,CAAA;IAChB,GAAG,CAAC,EAAE,MAAM,CAAA;CACb;AAED,oBAAY,gBAAgB;IAC1B,QAAQ,IAAA;IACR,QAAQ,IAAA;CACT;AAED,MAAM,WAAW,cAAc;IAC7B,CAAC,EAAE,MAAM,CAAA;IACT,CAAC,EAAE,MAAM,CAAA;IACT,aAAa,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;CAC9B;AACD,MAAM,MAAM,MAAM,GAAG,CAAC,IAAI,EAAE,MAAM,GAAG,UAAU,KAAK,OAAO,CAAC,cAAc,GAAG,MAAM,CAAC,CAAA;AAEpF,MAAM,WAAW,YAAY;IAC3B,iBAAiB,CAAC,EAAE,iBAAiB,CAAA;IACrC,0BAA0B,CAAC,EAAE,0BAA0B,CAAA;IACvD,WAAW,EAAE,WAAW,CAAA;CACzB;AAED,MAAM,MAAM,oBAAoB,GAAG,YAAY,CAAA;AAE/C,MAAM,WAAW,oBAAqB,SAAQ,YAAY;IACxD,SAAS,EAAE,MAAM,CAAA;IACjB,UAAU,CAAC,EAAE,MAAM,CAAA;CACpB;AAED,MAAM,WAAW,WAAW;IAC1B,aAAa,CAAC,EAAE,gBAAgB,CAAA;IAChC,QAAQ,CAAC,EAAE,UAAU,CAAA;IACrB,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,2BAA2B,CAAC,EAAE,OAAO,CAAA;IACrC,2BAA2B,CAAC,EAAE,MAAM,EAAE,CAAA;CACvC"}

package/dist/types/SIOP.types.js

@@ -0,0 +1,15 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.VerificationMode = exports.CheckLinkedDomain = void 0;
+var CheckLinkedDomain;
+(function (CheckLinkedDomain) {
+    CheckLinkedDomain["NEVER"] = "never";
+    CheckLinkedDomain["IF_PRESENT"] = "if_present";
+    CheckLinkedDomain["ALWAYS"] = "always";
+})(CheckLinkedDomain || (exports.CheckLinkedDomain = CheckLinkedDomain = {}));
+var VerificationMode;
+(function (VerificationMode) {
+    VerificationMode[VerificationMode["INTERNAL"] = 0] = "INTERNAL";
+    VerificationMode[VerificationMode["EXTERNAL"] = 1] = "EXTERNAL";
+})(VerificationMode || (exports.VerificationMode = VerificationMode = {}));
+//# sourceMappingURL=SIOP.types.js.map

package/dist/types/SIOP.types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"SIOP.types.js","sourceRoot":"","sources":["../../lib/types/SIOP.types.ts"],"names":[],"mappings":";;;AAKA,IAAY,iBAIX;AAJD,WAAY,iBAAiB;IAC3B,oCAAe,CAAA;IACf,8CAAyB,CAAA;IACzB,sCAAiB,CAAA;AACnB,CAAC,EAJW,iBAAiB,iCAAjB,iBAAiB,QAI5B;AAoCD,IAAY,gBAGX;AAHD,WAAY,gBAAgB;IAC1B,+DAAQ,CAAA;IACR,+DAAQ,CAAA;AACV,CAAC,EAHW,gBAAgB,gCAAhB,gBAAgB,QAG3B"}

package/dist/types/SSI.types.d.ts

@@ -0,0 +1,15 @@
+import { DIDDocument as DIFDIDDocument } from 'did-resolver';
+export interface LinkedDataProof {
+    type: string;
+    created: string;
+    creator: string;
+    nonce: string;
+    signatureValue: string;
+}
+export interface DIDDocument extends DIFDIDDocument {
+    owner?: string;
+    created?: string;
+    updated?: string;
+    proof?: LinkedDataProof;
+}
+//# sourceMappingURL=SSI.types.d.ts.map

package/dist/types/SSI.types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"SSI.types.d.ts","sourceRoot":"","sources":["../../lib/types/SSI.types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,IAAI,cAAc,EAAE,MAAM,cAAc,CAAA;AAE5D,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,MAAM,CAAA;IACZ,OAAO,EAAE,MAAM,CAAA;IACf,OAAO,EAAE,MAAM,CAAA;IACf,KAAK,EAAE,MAAM,CAAA;IACb,cAAc,EAAE,MAAM,CAAA;CACvB;AAED,MAAM,WAAW,WAAY,SAAQ,cAAc;IACjD,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,KAAK,CAAC,EAAE,eAAe,CAAA;CACxB"}

package/dist/types/SSI.types.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=SSI.types.js.map

package/dist/types/SSI.types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"SSI.types.js","sourceRoot":"","sources":["../../lib/types/SSI.types.ts"],"names":[],"mappings":""}

package/dist/types/index.d.ts

@@ -0,0 +1,3 @@
+export * from './SIOP.types';
+export * from './SSI.types';
+//# sourceMappingURL=index.d.ts.map

package/dist/types/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../lib/types/index.ts"],"names":[],"mappings":"AAAA,cAAc,cAAc,CAAA;AAC5B,cAAc,aAAa,CAAA"}

package/dist/types/index.js

@@ -0,0 +1,19 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./SIOP.types"), exports);
+__exportStar(require("./SSI.types"), exports);
+//# sourceMappingURL=index.js.map

package/dist/types/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../lib/types/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,+CAA4B;AAC5B,8CAA2B"}