@sphereon/did-provider-oyd 0.28.1-feature.jose.vcdm.28 → 0.28.1-feature.jose.vcdm.51
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +74 -3
- package/dist/index.cjs +151 -51
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +30 -10
- package/dist/index.d.ts +30 -10
- package/dist/index.js +151 -51
- package/dist/index.js.map +1 -1
- package/package.json +12 -5
- package/src/index.ts +3 -3
- package/src/oyd-did-provider.ts +235 -40
- package/src/types/oyd-provider-types.ts +24 -3
package/README.md
CHANGED
|
@@ -1,4 +1,75 @@
|
|
|
1
|
-
#
|
|
1
|
+
# `did:oyd` Provider
|
|
2
2
|
|
|
3
|
-
This package contains an implementation of `AbstractIdentifierProvider` for the `did:oyd` method.
|
|
4
|
-
|
|
3
|
+
This package contains an implementation of the `AbstractIdentifierProvider` for the `did:oyd` method. Enabling creating and resolving of `did:oyd` entities, conforming to the [spec for OYDID](https://ownyourdata.github.io/oydid/)
|
|
4
|
+
|
|
5
|
+
## Available functions
|
|
6
|
+
|
|
7
|
+
- createIdentifier
|
|
8
|
+
- resolveDidOyd
|
|
9
|
+
|
|
10
|
+
## Usage
|
|
11
|
+
|
|
12
|
+
### Creating an identifier
|
|
13
|
+
|
|
14
|
+
The most simple version of creating a did:oyd is without any input parameters:
|
|
15
|
+
|
|
16
|
+
```typescript
|
|
17
|
+
const identifier: IIdentifier = await agent.didManagerCreate()
|
|
18
|
+
```
|
|
19
|
+
|
|
20
|
+
Use the following options to create a did:oyd using Client-Managed-Secret-Mode:
|
|
21
|
+
|
|
22
|
+
```typescript
|
|
23
|
+
const DID_METHOD = 'did:oyd'
|
|
24
|
+
const oydDIDProvider = new OydDIDProvider({
|
|
25
|
+
defaultKms: 'mem',
|
|
26
|
+
clientManagedSecretMode: {
|
|
27
|
+
publicKeyCallback: some_function, // callback to provide public Key
|
|
28
|
+
signCallback: some_function, // callback for signing payload
|
|
29
|
+
},
|
|
30
|
+
})
|
|
31
|
+
|
|
32
|
+
const agent = createAgent<IKeyManager, DIDManager>({
|
|
33
|
+
plugins: [
|
|
34
|
+
new SphereonKeyManager({
|
|
35
|
+
store: new MemoryKeyStore(),
|
|
36
|
+
kms: {
|
|
37
|
+
mem: new SphereonKeyManagementSystem(new MemoryPrivateKeyStore()),
|
|
38
|
+
},
|
|
39
|
+
}),
|
|
40
|
+
new DIDManager({
|
|
41
|
+
providers: {
|
|
42
|
+
[DID_METHOD]: oydDIDProvider,
|
|
43
|
+
},
|
|
44
|
+
defaultProvider: DID_METHOD,
|
|
45
|
+
store: new MemoryDIDStore(),
|
|
46
|
+
}),
|
|
47
|
+
],
|
|
48
|
+
})
|
|
49
|
+
|
|
50
|
+
const identifier: IIdentifier = await agent.didManagerCreate()
|
|
51
|
+
```
|
|
52
|
+
|
|
53
|
+
### Resolving a DID
|
|
54
|
+
|
|
55
|
+
The example below resolves a did:oyd to DIDResolutionResult.
|
|
56
|
+
|
|
57
|
+
```typescript
|
|
58
|
+
const didResolutionResult: DIDResolutionResult = await agent.resolveDid({ didUrl: 'did:oyd:zQm...' })
|
|
59
|
+
```
|
|
60
|
+
|
|
61
|
+
## Installation
|
|
62
|
+
|
|
63
|
+
```shell
|
|
64
|
+
yarn add @sphereon/ssi-sdk-ext.did-provider-oyd
|
|
65
|
+
```
|
|
66
|
+
|
|
67
|
+
## Build
|
|
68
|
+
|
|
69
|
+
```shell
|
|
70
|
+
yarn build
|
|
71
|
+
```
|
|
72
|
+
|
|
73
|
+
## REST API Endpoints for `did:oyd`
|
|
74
|
+
|
|
75
|
+
For managing did:oyd DIDs (create, update, delete), refer to the following page, which provides detailed information on the available REST API endpoints: https://github.com/OwnYourData/oydid/tree/main/uni-registrar-driver-did-oyd
|
package/dist/index.cjs
CHANGED
|
@@ -32,33 +32,61 @@ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: tru
|
|
|
32
32
|
var index_exports = {};
|
|
33
33
|
__export(index_exports, {
|
|
34
34
|
OydDIDProvider: () => OydDIDProvider,
|
|
35
|
-
SupportedKeyTypes: () => SupportedKeyTypes,
|
|
36
35
|
getDidOydResolver: () => getDidOydResolver
|
|
37
36
|
});
|
|
38
37
|
module.exports = __toCommonJS(index_exports);
|
|
39
38
|
|
|
40
39
|
// src/oyd-did-provider.ts
|
|
40
|
+
var import_ssi_sdk_ext = require("@sphereon/ssi-sdk-ext.key-utils");
|
|
41
41
|
var import_did_manager = require("@veramo/did-manager");
|
|
42
42
|
var import_cross_fetch = __toESM(require("cross-fetch"), 1);
|
|
43
|
+
var import_multibase = __toESM(require("multibase"), 1);
|
|
44
|
+
var import_multicodec = __toESM(require("multicodec"), 1);
|
|
45
|
+
var u8a = __toESM(require("uint8arrays"), 1);
|
|
43
46
|
var import_debug = __toESM(require("debug"), 1);
|
|
44
47
|
var debug = (0, import_debug.default)("veramo:oyd-did:identifier-provider");
|
|
48
|
+
var OYDID_REGISTRAR_URL = "https://oydid-registrar.data-container.net/1.0/createIdentifier";
|
|
45
49
|
var OydDIDProvider = class extends import_did_manager.AbstractIdentifierProvider {
|
|
46
50
|
static {
|
|
47
51
|
__name(this, "OydDIDProvider");
|
|
48
52
|
}
|
|
49
53
|
defaultKms;
|
|
54
|
+
cmsmCallbackOpts;
|
|
50
55
|
constructor(options) {
|
|
51
56
|
super();
|
|
52
|
-
this.defaultKms = options
|
|
57
|
+
this.defaultKms = options?.defaultKms;
|
|
58
|
+
this.cmsmCallbackOpts = options?.clientManagedSecretMode;
|
|
53
59
|
}
|
|
54
|
-
async
|
|
60
|
+
async assertedKms(...kms) {
|
|
61
|
+
if (!kms || kms.length === 0) {
|
|
62
|
+
return Promise.reject(Error("KMS must be provided either as a parameter or via defaultKms."));
|
|
63
|
+
}
|
|
64
|
+
const result = kms.find((k) => !!k);
|
|
65
|
+
if (!result) {
|
|
66
|
+
return Promise.reject(Error("KMS must be provided either as a parameter or via defaultKms."));
|
|
67
|
+
}
|
|
68
|
+
return result;
|
|
69
|
+
}
|
|
70
|
+
async createIdentifier({ kms, alias, options }, context) {
|
|
71
|
+
const resolvedKms = await this.assertedKms(kms, this.defaultKms);
|
|
72
|
+
if (this.cmsmCallbackOpts && !options.cmsm || options.cmsm && options.cmsm.enabled !== false) {
|
|
73
|
+
if (!this.cmsmCallbackOpts) {
|
|
74
|
+
return Promise.reject(Error("did:oyd: no cmsm options defined on oyd did provider, but cmsm was enabled on the call!"));
|
|
75
|
+
}
|
|
76
|
+
return await this.createIdentifierWithCMSM({
|
|
77
|
+
kms: resolvedKms,
|
|
78
|
+
options
|
|
79
|
+
}, context);
|
|
80
|
+
}
|
|
55
81
|
const body = {
|
|
56
|
-
options
|
|
82
|
+
options: {
|
|
83
|
+
cmsm: false,
|
|
84
|
+
key_type: options.type ?? "Secp256r1"
|
|
85
|
+
}
|
|
57
86
|
};
|
|
58
|
-
const url = "https://oydid-registrar.data-container.net/1.0/createIdentifier";
|
|
59
87
|
let didDoc;
|
|
60
88
|
try {
|
|
61
|
-
const response = await (0, import_cross_fetch.default)(
|
|
89
|
+
const response = await (0, import_cross_fetch.default)(OYDID_REGISTRAR_URL, {
|
|
62
90
|
method: "POST",
|
|
63
91
|
headers: {
|
|
64
92
|
"Content-Type": "application/json"
|
|
@@ -66,21 +94,25 @@ var OydDIDProvider = class extends import_did_manager.AbstractIdentifierProvider
|
|
|
66
94
|
body: JSON.stringify(body)
|
|
67
95
|
});
|
|
68
96
|
if (!response.ok) {
|
|
69
|
-
|
|
97
|
+
debug("Error response from OydDID Registrar: ", response);
|
|
98
|
+
return Promise.reject(Error("Network response was not ok: " + response.statusText));
|
|
70
99
|
}
|
|
71
100
|
didDoc = await response.json();
|
|
72
101
|
} catch (error) {
|
|
73
|
-
|
|
102
|
+
debug("Unexpected error from OydDID Registrar: ", error);
|
|
103
|
+
return Promise.reject(Error("There has been a problem with the fetch operation: " + error.toString()));
|
|
74
104
|
}
|
|
75
|
-
const keyType = options?.
|
|
76
|
-
const key = await
|
|
77
|
-
|
|
78
|
-
|
|
105
|
+
const keyType = options?.type ?? "Secp256r1";
|
|
106
|
+
const key = await (0, import_ssi_sdk_ext.importProvidedOrGeneratedKey)({
|
|
107
|
+
kms: resolvedKms,
|
|
108
|
+
alias: alias ?? options.alias ?? options.kid ?? `${didDoc.did}#key-doc`,
|
|
79
109
|
options: {
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
|
|
110
|
+
key: {
|
|
111
|
+
kid: `${didDoc.did}#key-doc`,
|
|
112
|
+
type: keyType,
|
|
113
|
+
publicKeyHex: didDoc.keys[0].publicKeyHex,
|
|
114
|
+
privateKeyHex: didDoc.keys[0].privateKeyHex
|
|
115
|
+
}
|
|
84
116
|
}
|
|
85
117
|
}, context);
|
|
86
118
|
const identifier = {
|
|
@@ -94,6 +126,96 @@ var OydDIDProvider = class extends import_did_manager.AbstractIdentifierProvider
|
|
|
94
126
|
debug("Created", identifier.did);
|
|
95
127
|
return identifier;
|
|
96
128
|
}
|
|
129
|
+
async createIdentifierWithCMSM({ kms, options }, context) {
|
|
130
|
+
const cmsmCallbackOpts = this.cmsmCallbackOpts;
|
|
131
|
+
if (!cmsmCallbackOpts) {
|
|
132
|
+
return Promise.reject(Error("did:oyd: no cmsm options defined!"));
|
|
133
|
+
}
|
|
134
|
+
const assertedKms = await this.assertedKms(kms, this.defaultKms);
|
|
135
|
+
const pubKey = options.key ?? await cmsmCallbackOpts.publicKeyCallback(options.kid ?? "default", assertedKms, options.cmsm?.create !== false, options.type);
|
|
136
|
+
const kid = pubKey.kid;
|
|
137
|
+
const keyType = pubKey.type;
|
|
138
|
+
const key = base58btc({
|
|
139
|
+
publicKeyHex: pubKey.publicKeyHex,
|
|
140
|
+
keyType
|
|
141
|
+
});
|
|
142
|
+
console.log(`Bae58 pubkey key: ${key}`);
|
|
143
|
+
let signValue;
|
|
144
|
+
try {
|
|
145
|
+
const body_create = {
|
|
146
|
+
// specify the Identifier options for the registrar
|
|
147
|
+
key,
|
|
148
|
+
options: {
|
|
149
|
+
cmsm: true,
|
|
150
|
+
key_type: keyType
|
|
151
|
+
}
|
|
152
|
+
};
|
|
153
|
+
console.log(`Create request:
|
|
154
|
+
${JSON.stringify(body_create, null, 2)}
|
|
155
|
+
`);
|
|
156
|
+
const response = await (0, import_cross_fetch.default)(OYDID_REGISTRAR_URL, {
|
|
157
|
+
method: "POST",
|
|
158
|
+
headers: {
|
|
159
|
+
"Content-Type": "application/json"
|
|
160
|
+
},
|
|
161
|
+
body: JSON.stringify(body_create)
|
|
162
|
+
});
|
|
163
|
+
if (!response.ok) {
|
|
164
|
+
debug("Error response from OydDID Registrar: ", body_create, response);
|
|
165
|
+
return Promise.reject(Error("Network response was not ok: " + response.statusText));
|
|
166
|
+
}
|
|
167
|
+
signValue = await response.json();
|
|
168
|
+
console.log(`Create response:
|
|
169
|
+
${JSON.stringify(signValue, null, 2)}
|
|
170
|
+
`);
|
|
171
|
+
} catch (error) {
|
|
172
|
+
console.log("Unexpected error from OydDID Registrar: ", error);
|
|
173
|
+
return Promise.reject(Error("There has been a problem with the fetch operation: " + error.toString()));
|
|
174
|
+
}
|
|
175
|
+
const { sign } = signValue;
|
|
176
|
+
const signature = await cmsmCallbackOpts.signCallback(kid, sign);
|
|
177
|
+
console.log(`Signature: ${signature}`);
|
|
178
|
+
const body_signed = {
|
|
179
|
+
key,
|
|
180
|
+
options: {
|
|
181
|
+
cmsm: true,
|
|
182
|
+
key_type: keyType,
|
|
183
|
+
sig: signature
|
|
184
|
+
}
|
|
185
|
+
};
|
|
186
|
+
console.log(`Signed request:
|
|
187
|
+
${JSON.stringify(body_signed, null, 2)}
|
|
188
|
+
`);
|
|
189
|
+
let didDoc;
|
|
190
|
+
try {
|
|
191
|
+
const response = await (0, import_cross_fetch.default)(OYDID_REGISTRAR_URL, {
|
|
192
|
+
method: "POST",
|
|
193
|
+
headers: {
|
|
194
|
+
"Content-Type": "application/json"
|
|
195
|
+
},
|
|
196
|
+
body: JSON.stringify(body_signed)
|
|
197
|
+
});
|
|
198
|
+
if (!response.ok) {
|
|
199
|
+
console.log(`Error response from OydDID Registrar: ${JSON.stringify(response.text)}${response.statusText}`, response);
|
|
200
|
+
debug("Error response from OydDID Registrar: ", response);
|
|
201
|
+
return Promise.reject(Error("Network response was not ok: " + response.statusText));
|
|
202
|
+
}
|
|
203
|
+
didDoc = await response.json();
|
|
204
|
+
} catch (error) {
|
|
205
|
+
debug("Unexpected error from OydDID Registrar: ", error);
|
|
206
|
+
return Promise.reject(Error("There has been a problem with the fetch operation: " + error.toString()));
|
|
207
|
+
}
|
|
208
|
+
const identifier = {
|
|
209
|
+
did: didDoc.did,
|
|
210
|
+
controllerKeyId: pubKey.kid,
|
|
211
|
+
keys: [
|
|
212
|
+
pubKey
|
|
213
|
+
],
|
|
214
|
+
services: []
|
|
215
|
+
};
|
|
216
|
+
debug("Created", identifier.did);
|
|
217
|
+
return identifier;
|
|
218
|
+
}
|
|
97
219
|
async updateIdentifier(args, context) {
|
|
98
220
|
throw new Error("OydDIDProvider updateIdentifier not supported yet.");
|
|
99
221
|
}
|
|
@@ -125,33 +247,20 @@ var OydDIDProvider = class extends import_did_manager.AbstractIdentifierProvider
|
|
|
125
247
|
success: true
|
|
126
248
|
};
|
|
127
249
|
}
|
|
128
|
-
async holdKeys(args, context) {
|
|
129
|
-
if (args.options.privateKeyHex) {
|
|
130
|
-
return context.agent.keyManagerImport({
|
|
131
|
-
// @ts-ignore
|
|
132
|
-
kms: args.kms || this.defaultKms,
|
|
133
|
-
type: args.options.keyType,
|
|
134
|
-
kid: args.options.kid,
|
|
135
|
-
privateKeyHex: args.options.privateKeyHex,
|
|
136
|
-
meta: {
|
|
137
|
-
algorithms: [
|
|
138
|
-
"Ed25519"
|
|
139
|
-
]
|
|
140
|
-
}
|
|
141
|
-
});
|
|
142
|
-
}
|
|
143
|
-
return context.agent.keyManagerCreate({
|
|
144
|
-
type: args.options.keyType,
|
|
145
|
-
// @ts-ignore
|
|
146
|
-
kms: args.kms || this.defaultKms,
|
|
147
|
-
meta: {
|
|
148
|
-
algorithms: [
|
|
149
|
-
"Ed25519"
|
|
150
|
-
]
|
|
151
|
-
}
|
|
152
|
-
});
|
|
153
|
-
}
|
|
154
250
|
};
|
|
251
|
+
var keyCodecs = {
|
|
252
|
+
RSA: "rsa-pub",
|
|
253
|
+
Ed25519: "ed25519-pub",
|
|
254
|
+
X25519: "x25519-pub",
|
|
255
|
+
Secp256k1: "secp256k1-pub",
|
|
256
|
+
Secp256r1: "p256-pub",
|
|
257
|
+
Bls12381G1: "bls12_381-g1-pub",
|
|
258
|
+
Bls12381G2: "bls12_381-g2-pub"
|
|
259
|
+
};
|
|
260
|
+
var base58btc = /* @__PURE__ */ __name(({ publicKeyHex, keyType = "Secp256r1" }) => {
|
|
261
|
+
const codecName = keyCodecs[keyType];
|
|
262
|
+
return u8a.toString(import_multibase.default.encode("base58btc", import_multicodec.default.addPrefix(codecName, u8a.fromString(publicKeyHex, "hex")))).toString();
|
|
263
|
+
}, "base58btc");
|
|
155
264
|
|
|
156
265
|
// src/resolver.ts
|
|
157
266
|
var import_cross_fetch2 = __toESM(require("cross-fetch"), 1);
|
|
@@ -181,13 +290,4 @@ function getDidOydResolver() {
|
|
|
181
290
|
};
|
|
182
291
|
}
|
|
183
292
|
__name(getDidOydResolver, "getDidOydResolver");
|
|
184
|
-
|
|
185
|
-
// src/types/oyd-provider-types.ts
|
|
186
|
-
var SupportedKeyTypes = /* @__PURE__ */ function(SupportedKeyTypes2) {
|
|
187
|
-
SupportedKeyTypes2["Secp256r1"] = "Secp256r1";
|
|
188
|
-
SupportedKeyTypes2["Secp256k1"] = "Secp256k1";
|
|
189
|
-
SupportedKeyTypes2["Ed25519"] = "Ed25519";
|
|
190
|
-
SupportedKeyTypes2["X25519"] = "X25519";
|
|
191
|
-
return SupportedKeyTypes2;
|
|
192
|
-
}({});
|
|
193
293
|
//# sourceMappingURL=index.cjs.map
|
package/dist/index.cjs.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../src/index.ts","../src/oyd-did-provider.ts","../src/resolver.ts","../src/types/oyd-provider-types.ts"],"sourcesContent":["/**\n * Provides `did:oyd` {@link @ownyourdata/did-provider-oyd#OydDIDProvider | identifier provider } for the\n * {@link @veramo/did-manager#DIDManager}\n *\n * @packageDocumentation\n */\nexport { OydDIDProvider } from './oyd-did-provider.js'\nexport { getDidOydResolver } from './resolver.js'\nexport * from './types/oyd-provider-types.js'\n","import { IIdentifier, IKey, IService, IAgentContext, IKeyManager } from '@veramo/core'\nimport { AbstractIdentifierProvider } from '@veramo/did-manager'\nimport type { OydCreateIdentifierOptions, OydDidHoldKeysArgs, OydDidSupportedKeyTypes } from './types/oyd-provider-types.js'\nimport fetch from 'cross-fetch'\n\nimport Debug from 'debug'\nconst debug = Debug('veramo:oyd-did:identifier-provider')\n\ntype IContext = IAgentContext<IKeyManager>\n\n/**\n * {@link @veramo/did-manager#DIDManager} identifier provider for `did:oyd` identifiers\n * @public\n */\nexport class OydDIDProvider extends AbstractIdentifierProvider {\n private defaultKms?: string\n\n constructor(options: { defaultKms?: string }) {\n super()\n this.defaultKms = options.defaultKms\n }\n\n async createIdentifier(\n { kms, options }: { kms?: string; options: OydCreateIdentifierOptions },\n context: IContext\n ): Promise<Omit<IIdentifier, 'provider'>> {\n const body = { options }\n const url = 'https://oydid-registrar.data-container.net/1.0/createIdentifier'\n\n let didDoc: any | undefined\n try {\n const response = await fetch(url, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n },\n body: JSON.stringify(body),\n })\n if (!response.ok) {\n throw new Error('Network response was not ok: ' + response.statusText)\n }\n didDoc = await response.json()\n } catch (error) {\n // @ts-ignore\n throw new Error('There has been a problem with the fetch operation: ' + error.toString())\n }\n\n const keyType: OydDidSupportedKeyTypes = options?.keyType || 'Ed25519'\n const key = await this.holdKeys(\n {\n // @ts-ignore\n kms: kms || this.defaultKms,\n options: {\n keyType,\n kid: didDoc.did + '#key-doc',\n publicKeyHex: didDoc.keys[0].publicKeyHex,\n privateKeyHex: didDoc.keys[0].privateKeyHex,\n },\n },\n context\n )\n\n const identifier: Omit<IIdentifier, 'provider'> = {\n did: didDoc.did,\n controllerKeyId: key.kid,\n keys: [key],\n services: [],\n }\n debug('Created', identifier.did)\n return identifier\n }\n\n async updateIdentifier(\n args: { did: string; kms?: string | undefined; alias?: string | undefined; options?: any },\n context: IAgentContext<IKeyManager>\n ): Promise<IIdentifier> {\n throw new Error('OydDIDProvider updateIdentifier not supported yet.')\n }\n\n async deleteIdentifier(identifier: IIdentifier, context: IContext): Promise<boolean> {\n for (const { kid } of identifier.keys) {\n await context.agent.keyManagerDelete({ kid })\n }\n return true\n }\n\n async addKey({ identifier, key, options }: { identifier: IIdentifier; key: IKey; options?: any }, context: IContext): Promise<any> {\n return { success: true }\n }\n\n async addService({ identifier, service, options }: { identifier: IIdentifier; service: IService; options?: any }, context: IContext): Promise<any> {\n return { success: true }\n }\n\n async removeKey(args: { identifier: IIdentifier; kid: string; options?: any }, context: IContext): Promise<any> {\n return { success: true }\n }\n\n async removeService(args: { identifier: IIdentifier; id: string; options?: any }, context: IContext): Promise<any> {\n return { success: true }\n }\n\n private async holdKeys(args: OydDidHoldKeysArgs, context: IContext): Promise<IKey> {\n if (args.options.privateKeyHex) {\n return context.agent.keyManagerImport({\n // @ts-ignore\n kms: args.kms || this.defaultKms,\n type: args.options.keyType,\n kid: args.options.kid,\n privateKeyHex: args.options.privateKeyHex,\n meta: {\n algorithms: ['Ed25519'],\n },\n })\n }\n return context.agent.keyManagerCreate({\n type: args.options.keyType,\n // @ts-ignore\n kms: args.kms || this.defaultKms,\n meta: {\n algorithms: ['Ed25519'],\n },\n })\n }\n}\n","import { DIDResolutionOptions, DIDResolutionResult, DIDResolver, ParsedDID, Resolvable } from 'did-resolver'\nimport fetch from 'cross-fetch'\n\nconst resolveDidOyd: DIDResolver = async (\n didUrl: string,\n _parsed: ParsedDID,\n _resolver: Resolvable,\n options: DIDResolutionOptions\n): Promise<DIDResolutionResult> => {\n try {\n const baseUrl: string = 'https://oydid-resolver.data-container.net'\n // const didDoc = await axios.get(`${baseUrl}/1.0/identifiers/${didUrl}`);\n const response = await fetch(`${baseUrl}/1.0/identifiers/${didUrl}`)\n if (!response.ok) {\n throw new Error('Network response was not ok: ' + response.statusText)\n }\n const didDoc = await response.json()\n return didDoc as DIDResolutionResult\n } catch (err: any) {\n return {\n didDocumentMetadata: {},\n didResolutionMetadata: { error: 'invalidDid', message: err.toString() },\n didDocument: null,\n }\n }\n}\n\n/**\n * Provides a mapping to a did:oyd resolver, usable by {@link did-resolver#Resolver}.\n *\n * @public\n */\nexport function getDidOydResolver() {\n return { oyd: resolveDidOyd }\n}\n","export type OydCreateIdentifierOptions = {\n keyType?: OydDidSupportedKeyTypes\n privateKeyHex?: string\n keyUse?: KeyUse\n}\n\nexport type OydDidHoldKeysArgs = {\n kms: string\n options: HoldKeysOpts\n}\n\ntype HoldKeysOpts = {\n keyType: OydDidSupportedKeyTypes\n kid: string\n publicKeyHex?: string\n privateKeyHex?: string\n}\n\nexport enum SupportedKeyTypes {\n Secp256r1 = 'Secp256r1',\n Secp256k1 = 'Secp256k1',\n Ed25519 = 'Ed25519',\n X25519 = 'X25519',\n}\n\nexport type OydDidSupportedKeyTypes = keyof typeof SupportedKeyTypes\n\nexport type KeyUse = 'sig' | 'enc'\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;;;;;;;;;ACCA,yBAA2C;AAE3C,yBAAkB;AAElB,mBAAkB;AAClB,IAAMA,YAAQC,aAAAA,SAAM,oCAAA;AAQb,IAAMC,iBAAN,cAA6BC,8CAAAA;EAbpC,OAaoCA;;;EAC1BC;EAERC,YAAYC,SAAkC;AAC5C,UAAK;AACL,SAAKF,aAAaE,QAAQF;EAC5B;EAEA,MAAMG,iBACJ,EAAEC,KAAKF,QAAO,GACdG,SACwC;AACxC,UAAMC,OAAO;MAAEJ;IAAQ;AACvB,UAAMK,MAAM;AAEZ,QAAIC;AACJ,QAAI;AACF,YAAMC,WAAW,UAAMC,mBAAAA,SAAMH,KAAK;QAChCI,QAAQ;QACRC,SAAS;UACP,gBAAgB;QAClB;QACAN,MAAMO,KAAKC,UAAUR,IAAAA;MACvB,CAAA;AACA,UAAI,CAACG,SAASM,IAAI;AAChB,cAAM,IAAIC,MAAM,kCAAkCP,SAASQ,UAAU;MACvE;AACAT,eAAS,MAAMC,SAASS,KAAI;IAC9B,SAASC,OAAO;AAEd,YAAM,IAAIH,MAAM,wDAAwDG,MAAMC,SAAQ,CAAA;IACxF;AAEA,UAAMC,UAAmCnB,SAASmB,WAAW;AAC7D,UAAMC,MAAM,MAAM,KAAKC,SACrB;;MAEEnB,KAAKA,OAAO,KAAKJ;MACjBE,SAAS;QACPmB;QACAG,KAAKhB,OAAOiB,MAAM;QAClBC,cAAclB,OAAOmB,KAAK,CAAA,EAAGD;QAC7BE,eAAepB,OAAOmB,KAAK,CAAA,EAAGC;MAChC;IACF,GACAvB,OAAAA;AAGF,UAAMwB,aAA4C;MAChDJ,KAAKjB,OAAOiB;MACZK,iBAAiBR,IAAIE;MACrBG,MAAM;QAACL;;MACPS,UAAU,CAAA;IACZ;AACAnC,UAAM,WAAWiC,WAAWJ,GAAG;AAC/B,WAAOI;EACT;EAEA,MAAMG,iBACJC,MACA5B,SACsB;AACtB,UAAM,IAAIW,MAAM,oDAAA;EAClB;EAEA,MAAMkB,iBAAiBL,YAAyBxB,SAAqC;AACnF,eAAW,EAAEmB,IAAG,KAAMK,WAAWF,MAAM;AACrC,YAAMtB,QAAQ8B,MAAMC,iBAAiB;QAAEZ;MAAI,CAAA;IAC7C;AACA,WAAO;EACT;EAEA,MAAMa,OAAO,EAAER,YAAYP,KAAKpB,QAAO,GAA2DG,SAAiC;AACjI,WAAO;MAAEiC,SAAS;IAAK;EACzB;EAEA,MAAMC,WAAW,EAAEV,YAAYW,SAAStC,QAAO,GAAmEG,SAAiC;AACjJ,WAAO;MAAEiC,SAAS;IAAK;EACzB;EAEA,MAAMG,UAAUR,MAA+D5B,SAAiC;AAC9G,WAAO;MAAEiC,SAAS;IAAK;EACzB;EAEA,MAAMI,cAAcT,MAA8D5B,SAAiC;AACjH,WAAO;MAAEiC,SAAS;IAAK;EACzB;EAEA,MAAcf,SAASU,MAA0B5B,SAAkC;AACjF,QAAI4B,KAAK/B,QAAQ0B,eAAe;AAC9B,aAAOvB,QAAQ8B,MAAMQ,iBAAiB;;QAEpCvC,KAAK6B,KAAK7B,OAAO,KAAKJ;QACtB4C,MAAMX,KAAK/B,QAAQmB;QACnBG,KAAKS,KAAK/B,QAAQsB;QAClBI,eAAeK,KAAK/B,QAAQ0B;QAC5BiB,MAAM;UACJC,YAAY;YAAC;;QACf;MACF,CAAA;IACF;AACA,WAAOzC,QAAQ8B,MAAMY,iBAAiB;MACpCH,MAAMX,KAAK/B,QAAQmB;;MAEnBjB,KAAK6B,KAAK7B,OAAO,KAAKJ;MACtB6C,MAAM;QACJC,YAAY;UAAC;;MACf;IACF,CAAA;EACF;AACF;;;AC3HA,IAAAE,sBAAkB;AAElB,IAAMC,gBAA6B,8BACjCC,QACAC,SACAC,WACAC,YAAAA;AAEA,MAAI;AACF,UAAMC,UAAkB;AAExB,UAAMC,WAAW,UAAMC,oBAAAA,SAAM,GAAGF,OAAAA,oBAA2BJ,MAAAA,EAAQ;AACnE,QAAI,CAACK,SAASE,IAAI;AAChB,YAAM,IAAIC,MAAM,kCAAkCH,SAASI,UAAU;IACvE;AACA,UAAMC,SAAS,MAAML,SAASM,KAAI;AAClC,WAAOD;EACT,SAASE,KAAU;AACjB,WAAO;MACLC,qBAAqB,CAAC;MACtBC,uBAAuB;QAAEC,OAAO;QAAcC,SAASJ,IAAIK,SAAQ;MAAG;MACtEC,aAAa;IACf;EACF;AACF,GAtBmC;AA6B5B,SAASC,oBAAAA;AACd,SAAO;IAAEC,KAAKrB;EAAc;AAC9B;AAFgBoB;;;ACdT,IAAKE,oBAAAA,yBAAAA,oBAAAA;;;;;SAAAA;;","names":["debug","Debug","OydDIDProvider","AbstractIdentifierProvider","defaultKms","constructor","options","createIdentifier","kms","context","body","url","didDoc","response","fetch","method","headers","JSON","stringify","ok","Error","statusText","json","error","toString","keyType","key","holdKeys","kid","did","publicKeyHex","keys","privateKeyHex","identifier","controllerKeyId","services","updateIdentifier","args","deleteIdentifier","agent","keyManagerDelete","addKey","success","addService","service","removeKey","removeService","keyManagerImport","type","meta","algorithms","keyManagerCreate","import_cross_fetch","resolveDidOyd","didUrl","_parsed","_resolver","options","baseUrl","response","fetch","ok","Error","statusText","didDoc","json","err","didDocumentMetadata","didResolutionMetadata","error","message","toString","didDocument","getDidOydResolver","oyd","SupportedKeyTypes"]}
|
|
1
|
+
{"version":3,"sources":["../src/index.ts","../src/oyd-did-provider.ts","../src/resolver.ts"],"sourcesContent":["/**\n * Provides `did:oyd` {@link @ownyourdata/did-provider-oyd#OydDIDProvider | identifier provider } for the\n * {@link @veramo/did-manager#DIDManager}\n *\n * @packageDocumentation\n */\nexport { OydDIDProvider } from './oyd-did-provider'\nexport { getDidOydResolver } from './resolver'\nexport type * from './types/oyd-provider-types'\n","import { importProvidedOrGeneratedKey } from '@sphereon/ssi-sdk-ext.key-utils'\nimport { IAgentContext, IIdentifier, IKey, IKeyManager, IService, TKeyType } from '@veramo/core'\nimport { AbstractIdentifierProvider } from '@veramo/did-manager'\nimport { KeyManager } from '@veramo/key-manager'\nimport fetch from 'cross-fetch'\nimport Multibase from 'multibase'\nimport Multicodec from 'multicodec'\n\n// @ts-ignore\nimport * as u8a from 'uint8arrays'\n\nimport Debug from 'debug'\nimport type {\n CMSMCallbackOpts,\n OydConstructorOptions,\n OydCreateIdentifierOptions,\n // OydDidHoldKeysArgs,\n OydDidSupportedKeyTypes,\n} from './types/oyd-provider-types'\n\nconst debug = Debug('veramo:oyd-did:identifier-provider')\nconst OYDID_REGISTRAR_URL = 'https://oydid-registrar.data-container.net/1.0/createIdentifier'\n\ntype IContext = IAgentContext<IKeyManager>\n\n/**\n * {@link @veramo/did-manager#DIDManager} identifier provider for `did:oyd` identifiers\n * @public\n */\nexport class OydDIDProvider extends AbstractIdentifierProvider {\n private readonly defaultKms?: string\n private readonly cmsmCallbackOpts?: CMSMCallbackOpts\n\n constructor(options?: OydConstructorOptions) {\n super()\n this.defaultKms = options?.defaultKms\n this.cmsmCallbackOpts = options?.clientManagedSecretMode\n }\n\n private async assertedKms(...kms: (string | undefined)[]): Promise<string> {\n if (!kms || kms.length === 0) {\n return Promise.reject(Error('KMS must be provided either as a parameter or via defaultKms.'))\n }\n const result = kms.find((k) => !!k)\n if (!result) {\n return Promise.reject(Error('KMS must be provided either as a parameter or via defaultKms.'))\n }\n return result\n }\n\n async createIdentifier(\n { kms, alias, options }: { kms?: string; alias?: string; options: OydCreateIdentifierOptions },\n context: IContext\n ): Promise<Omit<IIdentifier, 'provider'>> {\n const resolvedKms = await this.assertedKms(kms, this.defaultKms)\n\n if ((this.cmsmCallbackOpts && !options.cmsm) || (options.cmsm && options.cmsm.enabled !== false)) {\n if (!this.cmsmCallbackOpts) {\n return Promise.reject(Error('did:oyd: no cmsm options defined on oyd did provider, but cmsm was enabled on the call!'))\n }\n return await this.createIdentifierWithCMSM({ kms: resolvedKms, options }, context)\n }\n\n const body = {\n options: {\n cmsm: false,\n key_type: options.type ?? 'Secp256r1',\n },\n }\n let didDoc: any | undefined\n try {\n const response = await fetch(OYDID_REGISTRAR_URL, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n },\n body: JSON.stringify(body),\n })\n if (!response.ok) {\n debug('Error response from OydDID Registrar: ', response)\n return Promise.reject(Error('Network response was not ok: ' + response.statusText))\n }\n didDoc = await response.json()\n } catch (error: any) {\n debug('Unexpected error from OydDID Registrar: ', error)\n return Promise.reject(Error('There has been a problem with the fetch operation: ' + error.toString()))\n }\n\n const keyType: OydDidSupportedKeyTypes = options?.type ?? 'Secp256r1'\n const key = await importProvidedOrGeneratedKey(\n {\n kms: resolvedKms,\n alias: alias ?? options.alias ?? options.kid ?? `${didDoc.did}#key-doc`,\n options: {\n key: {\n kid: `${didDoc.did}#key-doc`,\n type: keyType,\n publicKeyHex: didDoc.keys[0].publicKeyHex,\n privateKeyHex: didDoc.keys[0].privateKeyHex,\n },\n },\n },\n context\n )\n\n const identifier: Omit<IIdentifier, 'provider'> = {\n did: didDoc.did,\n controllerKeyId: key.kid,\n keys: [key],\n services: [],\n }\n debug('Created', identifier.did)\n return identifier\n }\n\n async createIdentifierWithCMSM(\n { kms, options }: { kms?: string; options: OydCreateIdentifierOptions },\n context: IContext\n ): Promise<Omit<IIdentifier, 'provider'>> {\n const cmsmCallbackOpts = this.cmsmCallbackOpts\n if (!cmsmCallbackOpts) {\n return Promise.reject(Error('did:oyd: no cmsm options defined!'))\n }\n\n const assertedKms = await this.assertedKms(kms, this.defaultKms)\n const pubKey =\n options.key ?? (await cmsmCallbackOpts.publicKeyCallback(options.kid ?? 'default', assertedKms, options.cmsm?.create !== false, options.type)) // \"default\" is probably not right, TODO!!\n const kid = pubKey.kid\n const keyType = pubKey.type\n const key = base58btc({ publicKeyHex: pubKey.publicKeyHex, keyType })\n\n console.log(`Bae58 pubkey key: ${key}`)\n let signValue: any | undefined // do the request\n try {\n const body_create = {\n // specify the Identifier options for the registrar\n key: key,\n options: {\n cmsm: true,\n key_type: keyType,\n },\n }\n console.log(`Create request:\\n${JSON.stringify(body_create, null, 2)}\\n`)\n const response = await fetch(OYDID_REGISTRAR_URL, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n },\n body: JSON.stringify(body_create),\n })\n if (!response.ok) {\n debug('Error response from OydDID Registrar: ', body_create, response)\n return Promise.reject(Error('Network response was not ok: ' + response.statusText))\n }\n signValue = await response.json()\n console.log(`Create response:\\n${JSON.stringify(signValue, null, 2)}\\n`)\n } catch (error: any) {\n console.log('Unexpected error from OydDID Registrar: ', error)\n return Promise.reject(Error('There has been a problem with the fetch operation: ' + error.toString()))\n }\n\n // we received our value to sign, now we sign it!\n const { sign } = signValue\n const signature = await cmsmCallbackOpts.signCallback(kid, sign)\n\n console.log(`Signature: ${signature}`)\n\n const body_signed = {\n key,\n options: {\n cmsm: true,\n key_type: keyType,\n sig: signature,\n },\n }\n console.log(`Signed request:\\n${JSON.stringify(body_signed, null, 2)}\\n`)\n\n // Object.assign(body_signed.options, options)\n\n let didDoc: any | undefined // do the request\n try {\n const response = await fetch(OYDID_REGISTRAR_URL, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n },\n body: JSON.stringify(body_signed),\n })\n if (!response.ok) {\n console.log(`Error response from OydDID Registrar: ${JSON.stringify(response.text)}${response.statusText}`, response)\n debug('Error response from OydDID Registrar: ', response)\n return Promise.reject(Error('Network response was not ok: ' + response.statusText))\n }\n didDoc = await response.json()\n } catch (error: any) {\n debug('Unexpected error from OydDID Registrar: ', error)\n return Promise.reject(Error('There has been a problem with the fetch operation: ' + error.toString()))\n }\n\n const identifier: Omit<IIdentifier, 'provider'> = {\n did: didDoc.did,\n controllerKeyId: pubKey.kid,\n keys: [pubKey],\n services: [],\n }\n debug('Created', identifier.did)\n return identifier\n }\n\n async updateIdentifier(\n args: { did: string; kms?: string | undefined; alias?: string | undefined; options?: any },\n context: IAgentContext<IKeyManager>\n ): Promise<IIdentifier> {\n throw new Error('OydDIDProvider updateIdentifier not supported yet.')\n }\n\n async deleteIdentifier(identifier: IIdentifier, context: IContext): Promise<boolean> {\n for (const { kid } of identifier.keys) {\n await context.agent.keyManagerDelete({ kid })\n }\n return true\n }\n\n async addKey({ identifier, key, options }: { identifier: IIdentifier; key: IKey; options?: any }, context: IContext): Promise<any> {\n return { success: true }\n }\n\n async addService({ identifier, service, options }: { identifier: IIdentifier; service: IService; options?: any }, context: IContext): Promise<any> {\n return { success: true }\n }\n\n async removeKey(args: { identifier: IIdentifier; kid: string; options?: any }, context: IContext): Promise<any> {\n return { success: true }\n }\n\n async removeService(args: { identifier: IIdentifier; id: string; options?: any }, context: IContext): Promise<any> {\n return { success: true }\n }\n}\n\nconst keyCodecs = {\n RSA: 'rsa-pub',\n Ed25519: 'ed25519-pub',\n X25519: 'x25519-pub',\n Secp256k1: 'secp256k1-pub',\n Secp256r1: 'p256-pub',\n Bls12381G1: 'bls12_381-g1-pub',\n Bls12381G2: 'bls12_381-g2-pub',\n} as const\n\nconst base58btc = ({ publicKeyHex, keyType = 'Secp256r1' }: { publicKeyHex: string; keyType?: TKeyType }): string => {\n const codecName = keyCodecs[keyType]\n\n // methodSpecificId = bytesToMultibase({bytes: u8a.fromString(key.publicKeyHex, 'hex'), codecName})\n return u8a\n .toString(Multibase.encode('base58btc', Multicodec.addPrefix(codecName as Multicodec.CodecName, u8a.fromString(publicKeyHex, 'hex'))))\n .toString()\n}\n\nexport function defaultOydCmsmPublicKeyCallback(\n keyManager: KeyManager\n): (kid: string, kms?: string, create?: boolean, createKeyType?: TKeyType) => Promise<IKey> {\n return async (kid: string, kms?: string, create?: boolean, createKeyType?: TKeyType): Promise<IKey> => {\n try {\n const existing = await keyManager.keyManagerGet({ kid })\n if (existing) {\n return existing\n }\n } catch (error: any) {}\n if (create) {\n if (!kms) {\n return Promise.reject(Error('No KMS provided, whilst creating a new key!'))\n }\n const alias = kid ?? `oyd-${new Date().toISOString()}`\n\n const agent = keyManager\n const key = await importProvidedOrGeneratedKey(\n {\n kms,\n alias,\n options: {\n key: {\n type: createKeyType ?? 'Secp256r1',\n },\n },\n },\n {\n //@ts-ignore\n agent,\n }\n )\n return key\n\n // return await keyManager.keyManagerCreate({ kms, type: createKeyType ?? 'Secp256r1' })\n }\n return Promise.reject(Error('No existing key found, and create is false!'))\n }\n}\n\nexport function defaultOydCmsmSignCallback(keyManager: KeyManager): (kid: string, data: string) => Promise<string> {\n return async (kid: string, data: string): Promise<string> => {\n return keyManager.keyManagerSign({ keyRef: kid, data, encoding: 'utf-8' })\n }\n}\n\nexport class DefaultOydCmsmCallbacks implements CMSMCallbackOpts {\n private readonly keyManager: KeyManager\n\n constructor(keyManager: KeyManager) {\n this.keyManager = keyManager\n }\n\n publicKeyCallback(kid: string, kms?: string, create?: boolean, createKeyType?: TKeyType): Promise<IKey> {\n return defaultOydCmsmPublicKeyCallback(this.keyManager)(kid, kms, create, createKeyType)\n }\n\n signCallback(kid: string, value: string): Promise<string> {\n return defaultOydCmsmSignCallback(this.keyManager)(kid, value)\n }\n}\n","import { DIDResolutionOptions, DIDResolutionResult, DIDResolver, ParsedDID, Resolvable } from 'did-resolver'\nimport fetch from 'cross-fetch'\n\nconst resolveDidOyd: DIDResolver = async (\n didUrl: string,\n _parsed: ParsedDID,\n _resolver: Resolvable,\n options: DIDResolutionOptions\n): Promise<DIDResolutionResult> => {\n try {\n const baseUrl: string = 'https://oydid-resolver.data-container.net'\n // const didDoc = await axios.get(`${baseUrl}/1.0/identifiers/${didUrl}`);\n const response = await fetch(`${baseUrl}/1.0/identifiers/${didUrl}`)\n if (!response.ok) {\n throw new Error('Network response was not ok: ' + response.statusText)\n }\n const didDoc = await response.json()\n return didDoc as DIDResolutionResult\n } catch (err: any) {\n return {\n didDocumentMetadata: {},\n didResolutionMetadata: { error: 'invalidDid', message: err.toString() },\n didDocument: null,\n }\n }\n}\n\n/**\n * Provides a mapping to a did:oyd resolver, usable by {@link did-resolver#Resolver}.\n *\n * @public\n */\nexport function getDidOydResolver() {\n return { oyd: resolveDidOyd }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;;;;;;;;ACAA,yBAA6C;AAE7C,yBAA2C;AAE3C,yBAAkB;AAClB,uBAAsB;AACtB,wBAAuB;AAGvB,UAAqB;AAErB,mBAAkB;AASlB,IAAMA,YAAQC,aAAAA,SAAM,oCAAA;AACpB,IAAMC,sBAAsB;AAQrB,IAAMC,iBAAN,cAA6BC,8CAAAA;EA7BpC,OA6BoCA;;;EACjBC;EACAC;EAEjBC,YAAYC,SAAiC;AAC3C,UAAK;AACL,SAAKH,aAAaG,SAASH;AAC3B,SAAKC,mBAAmBE,SAASC;EACnC;EAEA,MAAcC,eAAeC,KAA8C;AACzE,QAAI,CAACA,OAAOA,IAAIC,WAAW,GAAG;AAC5B,aAAOC,QAAQC,OAAOC,MAAM,+DAAA,CAAA;IAC9B;AACA,UAAMC,SAASL,IAAIM,KAAK,CAACC,MAAM,CAAC,CAACA,CAAAA;AACjC,QAAI,CAACF,QAAQ;AACX,aAAOH,QAAQC,OAAOC,MAAM,+DAAA,CAAA;IAC9B;AACA,WAAOC;EACT;EAEA,MAAMG,iBACJ,EAAER,KAAKS,OAAOZ,QAAO,GACrBa,SACwC;AACxC,UAAMC,cAAc,MAAM,KAAKZ,YAAYC,KAAK,KAAKN,UAAU;AAE/D,QAAK,KAAKC,oBAAoB,CAACE,QAAQe,QAAUf,QAAQe,QAAQf,QAAQe,KAAKC,YAAY,OAAQ;AAChG,UAAI,CAAC,KAAKlB,kBAAkB;AAC1B,eAAOO,QAAQC,OAAOC,MAAM,yFAAA,CAAA;MAC9B;AACA,aAAO,MAAM,KAAKU,yBAAyB;QAAEd,KAAKW;QAAad;MAAQ,GAAGa,OAAAA;IAC5E;AAEA,UAAMK,OAAO;MACXlB,SAAS;QACPe,MAAM;QACNI,UAAUnB,QAAQoB,QAAQ;MAC5B;IACF;AACA,QAAIC;AACJ,QAAI;AACF,YAAMC,WAAW,UAAMC,mBAAAA,SAAM7B,qBAAqB;QAChD8B,QAAQ;QACRC,SAAS;UACP,gBAAgB;QAClB;QACAP,MAAMQ,KAAKC,UAAUT,IAAAA;MACvB,CAAA;AACA,UAAI,CAACI,SAASM,IAAI;AAChBpC,cAAM,0CAA0C8B,QAAAA;AAChD,eAAOjB,QAAQC,OAAOC,MAAM,kCAAkCe,SAASO,UAAU,CAAA;MACnF;AACAR,eAAS,MAAMC,SAASQ,KAAI;IAC9B,SAASC,OAAY;AACnBvC,YAAM,4CAA4CuC,KAAAA;AAClD,aAAO1B,QAAQC,OAAOC,MAAM,wDAAwDwB,MAAMC,SAAQ,CAAA,CAAA;IACpG;AAEA,UAAMC,UAAmCjC,SAASoB,QAAQ;AAC1D,UAAMc,MAAM,UAAMC,iDAChB;MACEhC,KAAKW;MACLF,OAAOA,SAASZ,QAAQY,SAASZ,QAAQoC,OAAO,GAAGf,OAAOgB,GAAG;MAC7DrC,SAAS;QACPkC,KAAK;UACHE,KAAK,GAAGf,OAAOgB,GAAG;UAClBjB,MAAMa;UACNK,cAAcjB,OAAOkB,KAAK,CAAA,EAAGD;UAC7BE,eAAenB,OAAOkB,KAAK,CAAA,EAAGC;QAChC;MACF;IACF,GACA3B,OAAAA;AAGF,UAAM4B,aAA4C;MAChDJ,KAAKhB,OAAOgB;MACZK,iBAAiBR,IAAIE;MACrBG,MAAM;QAACL;;MACPS,UAAU,CAAA;IACZ;AACAnD,UAAM,WAAWiD,WAAWJ,GAAG;AAC/B,WAAOI;EACT;EAEA,MAAMxB,yBACJ,EAAEd,KAAKH,QAAO,GACda,SACwC;AACxC,UAAMf,mBAAmB,KAAKA;AAC9B,QAAI,CAACA,kBAAkB;AACrB,aAAOO,QAAQC,OAAOC,MAAM,mCAAA,CAAA;IAC9B;AAEA,UAAML,cAAc,MAAM,KAAKA,YAAYC,KAAK,KAAKN,UAAU;AAC/D,UAAM+C,SACJ5C,QAAQkC,OAAQ,MAAMpC,iBAAiB+C,kBAAkB7C,QAAQoC,OAAO,WAAWlC,aAAaF,QAAQe,MAAM+B,WAAW,OAAO9C,QAAQoB,IAAI;AAC9I,UAAMgB,MAAMQ,OAAOR;AACnB,UAAMH,UAAUW,OAAOxB;AACvB,UAAMc,MAAMa,UAAU;MAAET,cAAcM,OAAON;MAAcL;IAAQ,CAAA;AAEnEe,YAAQC,IAAI,qBAAqBf,GAAAA,EAAK;AACtC,QAAIgB;AACJ,QAAI;AACF,YAAMC,cAAc;;QAElBjB;QACAlC,SAAS;UACPe,MAAM;UACNI,UAAUc;QACZ;MACF;AACAe,cAAQC,IAAI;EAAoBvB,KAAKC,UAAUwB,aAAa,MAAM,CAAA,CAAA;CAAM;AACxE,YAAM7B,WAAW,UAAMC,mBAAAA,SAAM7B,qBAAqB;QAChD8B,QAAQ;QACRC,SAAS;UACP,gBAAgB;QAClB;QACAP,MAAMQ,KAAKC,UAAUwB,WAAAA;MACvB,CAAA;AACA,UAAI,CAAC7B,SAASM,IAAI;AAChBpC,cAAM,0CAA0C2D,aAAa7B,QAAAA;AAC7D,eAAOjB,QAAQC,OAAOC,MAAM,kCAAkCe,SAASO,UAAU,CAAA;MACnF;AACAqB,kBAAY,MAAM5B,SAASQ,KAAI;AAC/BkB,cAAQC,IAAI;EAAqBvB,KAAKC,UAAUuB,WAAW,MAAM,CAAA,CAAA;CAAM;IACzE,SAASnB,OAAY;AACnBiB,cAAQC,IAAI,4CAA4ClB,KAAAA;AACxD,aAAO1B,QAAQC,OAAOC,MAAM,wDAAwDwB,MAAMC,SAAQ,CAAA,CAAA;IACpG;AAGA,UAAM,EAAEoB,KAAI,IAAKF;AACjB,UAAMG,YAAY,MAAMvD,iBAAiBwD,aAAalB,KAAKgB,IAAAA;AAE3DJ,YAAQC,IAAI,cAAcI,SAAAA,EAAW;AAErC,UAAME,cAAc;MAClBrB;MACAlC,SAAS;QACPe,MAAM;QACNI,UAAUc;QACVuB,KAAKH;MACP;IACF;AACAL,YAAQC,IAAI;EAAoBvB,KAAKC,UAAU4B,aAAa,MAAM,CAAA,CAAA;CAAM;AAIxE,QAAIlC;AACJ,QAAI;AACF,YAAMC,WAAW,UAAMC,mBAAAA,SAAM7B,qBAAqB;QAChD8B,QAAQ;QACRC,SAAS;UACP,gBAAgB;QAClB;QACAP,MAAMQ,KAAKC,UAAU4B,WAAAA;MACvB,CAAA;AACA,UAAI,CAACjC,SAASM,IAAI;AAChBoB,gBAAQC,IAAI,yCAAyCvB,KAAKC,UAAUL,SAASmC,IAAI,CAAA,GAAInC,SAASO,UAAU,IAAIP,QAAAA;AAC5G9B,cAAM,0CAA0C8B,QAAAA;AAChD,eAAOjB,QAAQC,OAAOC,MAAM,kCAAkCe,SAASO,UAAU,CAAA;MACnF;AACAR,eAAS,MAAMC,SAASQ,KAAI;IAC9B,SAASC,OAAY;AACnBvC,YAAM,4CAA4CuC,KAAAA;AAClD,aAAO1B,QAAQC,OAAOC,MAAM,wDAAwDwB,MAAMC,SAAQ,CAAA,CAAA;IACpG;AAEA,UAAMS,aAA4C;MAChDJ,KAAKhB,OAAOgB;MACZK,iBAAiBE,OAAOR;MACxBG,MAAM;QAACK;;MACPD,UAAU,CAAA;IACZ;AACAnD,UAAM,WAAWiD,WAAWJ,GAAG;AAC/B,WAAOI;EACT;EAEA,MAAMiB,iBACJC,MACA9C,SACsB;AACtB,UAAM,IAAIN,MAAM,oDAAA;EAClB;EAEA,MAAMqD,iBAAiBnB,YAAyB5B,SAAqC;AACnF,eAAW,EAAEuB,IAAG,KAAMK,WAAWF,MAAM;AACrC,YAAM1B,QAAQgD,MAAMC,iBAAiB;QAAE1B;MAAI,CAAA;IAC7C;AACA,WAAO;EACT;EAEA,MAAM2B,OAAO,EAAEtB,YAAYP,KAAKlC,QAAO,GAA2Da,SAAiC;AACjI,WAAO;MAAEmD,SAAS;IAAK;EACzB;EAEA,MAAMC,WAAW,EAAExB,YAAYyB,SAASlE,QAAO,GAAmEa,SAAiC;AACjJ,WAAO;MAAEmD,SAAS;IAAK;EACzB;EAEA,MAAMG,UAAUR,MAA+D9C,SAAiC;AAC9G,WAAO;MAAEmD,SAAS;IAAK;EACzB;EAEA,MAAMI,cAAcT,MAA8D9C,SAAiC;AACjH,WAAO;MAAEmD,SAAS;IAAK;EACzB;AACF;AAEA,IAAMK,YAAY;EAChBC,KAAK;EACLC,SAAS;EACTC,QAAQ;EACRC,WAAW;EACXC,WAAW;EACXC,YAAY;EACZC,YAAY;AACd;AAEA,IAAM7B,YAAY,wBAAC,EAAET,cAAcL,UAAU,YAAW,MAAgD;AACtG,QAAM4C,YAAYR,UAAUpC,OAAAA;AAG5B,SACGD,aAAS8C,iBAAAA,QAAUC,OAAO,aAAaC,kBAAAA,QAAWC,UAAUJ,WAAuCK,eAAW5C,cAAc,KAAA,CAAA,CAAA,CAAA,EAC5HN,SAAQ;AACb,GAPkB;;;ACzPlB,IAAAmD,sBAAkB;AAElB,IAAMC,gBAA6B,8BACjCC,QACAC,SACAC,WACAC,YAAAA;AAEA,MAAI;AACF,UAAMC,UAAkB;AAExB,UAAMC,WAAW,UAAMC,oBAAAA,SAAM,GAAGF,OAAAA,oBAA2BJ,MAAAA,EAAQ;AACnE,QAAI,CAACK,SAASE,IAAI;AAChB,YAAM,IAAIC,MAAM,kCAAkCH,SAASI,UAAU;IACvE;AACA,UAAMC,SAAS,MAAML,SAASM,KAAI;AAClC,WAAOD;EACT,SAASE,KAAU;AACjB,WAAO;MACLC,qBAAqB,CAAC;MACtBC,uBAAuB;QAAEC,OAAO;QAAcC,SAASJ,IAAIK,SAAQ;MAAG;MACtEC,aAAa;IACf;EACF;AACF,GAtBmC;AA6B5B,SAASC,oBAAAA;AACd,SAAO;IAAEC,KAAKrB;EAAc;AAC9B;AAFgBoB;","names":["debug","Debug","OYDID_REGISTRAR_URL","OydDIDProvider","AbstractIdentifierProvider","defaultKms","cmsmCallbackOpts","constructor","options","clientManagedSecretMode","assertedKms","kms","length","Promise","reject","Error","result","find","k","createIdentifier","alias","context","resolvedKms","cmsm","enabled","createIdentifierWithCMSM","body","key_type","type","didDoc","response","fetch","method","headers","JSON","stringify","ok","statusText","json","error","toString","keyType","key","importProvidedOrGeneratedKey","kid","did","publicKeyHex","keys","privateKeyHex","identifier","controllerKeyId","services","pubKey","publicKeyCallback","create","base58btc","console","log","signValue","body_create","sign","signature","signCallback","body_signed","sig","text","updateIdentifier","args","deleteIdentifier","agent","keyManagerDelete","addKey","success","addService","service","removeKey","removeService","keyCodecs","RSA","Ed25519","X25519","Secp256k1","Secp256r1","Bls12381G1","Bls12381G2","codecName","Multibase","encode","Multicodec","addPrefix","fromString","import_cross_fetch","resolveDidOyd","didUrl","_parsed","_resolver","options","baseUrl","response","fetch","ok","Error","statusText","didDoc","json","err","didDocumentMetadata","didResolutionMetadata","error","message","toString","didDocument","getDidOydResolver","oyd"]}
|
package/dist/index.d.cts
CHANGED
|
@@ -1,14 +1,26 @@
|
|
|
1
|
-
import { IAgentContext, IKeyManager, IIdentifier,
|
|
1
|
+
import { TKeyType, IKey, IAgentContext, IKeyManager, IIdentifier, IService } from '@veramo/core';
|
|
2
2
|
import { AbstractIdentifierProvider } from '@veramo/did-manager';
|
|
3
3
|
import { DIDResolver } from 'did-resolver';
|
|
4
4
|
|
|
5
|
+
type OydConstructorOptions = {
|
|
6
|
+
defaultKms?: string;
|
|
7
|
+
clientManagedSecretMode?: CMSMCallbackOpts;
|
|
8
|
+
};
|
|
5
9
|
type OydCreateIdentifierOptions = {
|
|
6
|
-
|
|
10
|
+
type?: OydDidSupportedKeyTypes;
|
|
7
11
|
privateKeyHex?: string;
|
|
12
|
+
kid?: string;
|
|
13
|
+
alias?: string;
|
|
8
14
|
keyUse?: KeyUse;
|
|
15
|
+
cmsm?: CmsmOptions;
|
|
16
|
+
key?: IKey;
|
|
17
|
+
};
|
|
18
|
+
type CmsmOptions = {
|
|
19
|
+
enabled: boolean;
|
|
20
|
+
create?: boolean;
|
|
9
21
|
};
|
|
10
22
|
type OydDidHoldKeysArgs = {
|
|
11
|
-
kms
|
|
23
|
+
kms?: string;
|
|
12
24
|
options: HoldKeysOpts;
|
|
13
25
|
};
|
|
14
26
|
type HoldKeysOpts = {
|
|
@@ -17,6 +29,10 @@ type HoldKeysOpts = {
|
|
|
17
29
|
publicKeyHex?: string;
|
|
18
30
|
privateKeyHex?: string;
|
|
19
31
|
};
|
|
32
|
+
type CMSMCallbackOpts = {
|
|
33
|
+
publicKeyCallback: (kid: string, kms?: string, create?: boolean, createKeyType?: TKeyType) => Promise<IKey>;
|
|
34
|
+
signCallback: (kid: string, value: string) => Promise<string>;
|
|
35
|
+
};
|
|
20
36
|
declare enum SupportedKeyTypes {
|
|
21
37
|
Secp256r1 = "Secp256r1",
|
|
22
38
|
Secp256k1 = "Secp256k1",
|
|
@@ -32,11 +48,16 @@ type IContext = IAgentContext<IKeyManager>;
|
|
|
32
48
|
* @public
|
|
33
49
|
*/
|
|
34
50
|
declare class OydDIDProvider extends AbstractIdentifierProvider {
|
|
35
|
-
private defaultKms?;
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
createIdentifier({ kms, options }: {
|
|
51
|
+
private readonly defaultKms?;
|
|
52
|
+
private readonly cmsmCallbackOpts?;
|
|
53
|
+
constructor(options?: OydConstructorOptions);
|
|
54
|
+
private assertedKms;
|
|
55
|
+
createIdentifier({ kms, alias, options }: {
|
|
56
|
+
kms?: string;
|
|
57
|
+
alias?: string;
|
|
58
|
+
options: OydCreateIdentifierOptions;
|
|
59
|
+
}, context: IContext): Promise<Omit<IIdentifier, 'provider'>>;
|
|
60
|
+
createIdentifierWithCMSM({ kms, options }: {
|
|
40
61
|
kms?: string;
|
|
41
62
|
options: OydCreateIdentifierOptions;
|
|
42
63
|
}, context: IContext): Promise<Omit<IIdentifier, 'provider'>>;
|
|
@@ -67,7 +88,6 @@ declare class OydDIDProvider extends AbstractIdentifierProvider {
|
|
|
67
88
|
id: string;
|
|
68
89
|
options?: any;
|
|
69
90
|
}, context: IContext): Promise<any>;
|
|
70
|
-
private holdKeys;
|
|
71
91
|
}
|
|
72
92
|
|
|
73
93
|
/**
|
|
@@ -79,4 +99,4 @@ declare function getDidOydResolver(): {
|
|
|
79
99
|
oyd: DIDResolver;
|
|
80
100
|
};
|
|
81
101
|
|
|
82
|
-
export { type KeyUse, type OydCreateIdentifierOptions, OydDIDProvider, type OydDidHoldKeysArgs, type OydDidSupportedKeyTypes,
|
|
102
|
+
export { type CMSMCallbackOpts, type CmsmOptions, type KeyUse, type OydConstructorOptions, type OydCreateIdentifierOptions, OydDIDProvider, type OydDidHoldKeysArgs, type OydDidSupportedKeyTypes, getDidOydResolver };
|
package/dist/index.d.ts
CHANGED
|
@@ -1,14 +1,26 @@
|
|
|
1
|
-
import { IAgentContext, IKeyManager, IIdentifier,
|
|
1
|
+
import { TKeyType, IKey, IAgentContext, IKeyManager, IIdentifier, IService } from '@veramo/core';
|
|
2
2
|
import { AbstractIdentifierProvider } from '@veramo/did-manager';
|
|
3
3
|
import { DIDResolver } from 'did-resolver';
|
|
4
4
|
|
|
5
|
+
type OydConstructorOptions = {
|
|
6
|
+
defaultKms?: string;
|
|
7
|
+
clientManagedSecretMode?: CMSMCallbackOpts;
|
|
8
|
+
};
|
|
5
9
|
type OydCreateIdentifierOptions = {
|
|
6
|
-
|
|
10
|
+
type?: OydDidSupportedKeyTypes;
|
|
7
11
|
privateKeyHex?: string;
|
|
12
|
+
kid?: string;
|
|
13
|
+
alias?: string;
|
|
8
14
|
keyUse?: KeyUse;
|
|
15
|
+
cmsm?: CmsmOptions;
|
|
16
|
+
key?: IKey;
|
|
17
|
+
};
|
|
18
|
+
type CmsmOptions = {
|
|
19
|
+
enabled: boolean;
|
|
20
|
+
create?: boolean;
|
|
9
21
|
};
|
|
10
22
|
type OydDidHoldKeysArgs = {
|
|
11
|
-
kms
|
|
23
|
+
kms?: string;
|
|
12
24
|
options: HoldKeysOpts;
|
|
13
25
|
};
|
|
14
26
|
type HoldKeysOpts = {
|
|
@@ -17,6 +29,10 @@ type HoldKeysOpts = {
|
|
|
17
29
|
publicKeyHex?: string;
|
|
18
30
|
privateKeyHex?: string;
|
|
19
31
|
};
|
|
32
|
+
type CMSMCallbackOpts = {
|
|
33
|
+
publicKeyCallback: (kid: string, kms?: string, create?: boolean, createKeyType?: TKeyType) => Promise<IKey>;
|
|
34
|
+
signCallback: (kid: string, value: string) => Promise<string>;
|
|
35
|
+
};
|
|
20
36
|
declare enum SupportedKeyTypes {
|
|
21
37
|
Secp256r1 = "Secp256r1",
|
|
22
38
|
Secp256k1 = "Secp256k1",
|
|
@@ -32,11 +48,16 @@ type IContext = IAgentContext<IKeyManager>;
|
|
|
32
48
|
* @public
|
|
33
49
|
*/
|
|
34
50
|
declare class OydDIDProvider extends AbstractIdentifierProvider {
|
|
35
|
-
private defaultKms?;
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
createIdentifier({ kms, options }: {
|
|
51
|
+
private readonly defaultKms?;
|
|
52
|
+
private readonly cmsmCallbackOpts?;
|
|
53
|
+
constructor(options?: OydConstructorOptions);
|
|
54
|
+
private assertedKms;
|
|
55
|
+
createIdentifier({ kms, alias, options }: {
|
|
56
|
+
kms?: string;
|
|
57
|
+
alias?: string;
|
|
58
|
+
options: OydCreateIdentifierOptions;
|
|
59
|
+
}, context: IContext): Promise<Omit<IIdentifier, 'provider'>>;
|
|
60
|
+
createIdentifierWithCMSM({ kms, options }: {
|
|
40
61
|
kms?: string;
|
|
41
62
|
options: OydCreateIdentifierOptions;
|
|
42
63
|
}, context: IContext): Promise<Omit<IIdentifier, 'provider'>>;
|
|
@@ -67,7 +88,6 @@ declare class OydDIDProvider extends AbstractIdentifierProvider {
|
|
|
67
88
|
id: string;
|
|
68
89
|
options?: any;
|
|
69
90
|
}, context: IContext): Promise<any>;
|
|
70
|
-
private holdKeys;
|
|
71
91
|
}
|
|
72
92
|
|
|
73
93
|
/**
|
|
@@ -79,4 +99,4 @@ declare function getDidOydResolver(): {
|
|
|
79
99
|
oyd: DIDResolver;
|
|
80
100
|
};
|
|
81
101
|
|
|
82
|
-
export { type KeyUse, type OydCreateIdentifierOptions, OydDIDProvider, type OydDidHoldKeysArgs, type OydDidSupportedKeyTypes,
|
|
102
|
+
export { type CMSMCallbackOpts, type CmsmOptions, type KeyUse, type OydConstructorOptions, type OydCreateIdentifierOptions, OydDIDProvider, type OydDidHoldKeysArgs, type OydDidSupportedKeyTypes, getDidOydResolver };
|
package/dist/index.js
CHANGED
|
@@ -2,27 +2,56 @@ var __defProp = Object.defineProperty;
|
|
|
2
2
|
var __name = (target, value) => __defProp(target, "name", { value, configurable: true });
|
|
3
3
|
|
|
4
4
|
// src/oyd-did-provider.ts
|
|
5
|
+
import { importProvidedOrGeneratedKey } from "@sphereon/ssi-sdk-ext.key-utils";
|
|
5
6
|
import { AbstractIdentifierProvider } from "@veramo/did-manager";
|
|
6
7
|
import fetch from "cross-fetch";
|
|
8
|
+
import Multibase from "multibase";
|
|
9
|
+
import Multicodec from "multicodec";
|
|
10
|
+
import * as u8a from "uint8arrays";
|
|
7
11
|
import Debug from "debug";
|
|
8
12
|
var debug = Debug("veramo:oyd-did:identifier-provider");
|
|
13
|
+
var OYDID_REGISTRAR_URL = "https://oydid-registrar.data-container.net/1.0/createIdentifier";
|
|
9
14
|
var OydDIDProvider = class extends AbstractIdentifierProvider {
|
|
10
15
|
static {
|
|
11
16
|
__name(this, "OydDIDProvider");
|
|
12
17
|
}
|
|
13
18
|
defaultKms;
|
|
19
|
+
cmsmCallbackOpts;
|
|
14
20
|
constructor(options) {
|
|
15
21
|
super();
|
|
16
|
-
this.defaultKms = options
|
|
22
|
+
this.defaultKms = options?.defaultKms;
|
|
23
|
+
this.cmsmCallbackOpts = options?.clientManagedSecretMode;
|
|
17
24
|
}
|
|
18
|
-
async
|
|
25
|
+
async assertedKms(...kms) {
|
|
26
|
+
if (!kms || kms.length === 0) {
|
|
27
|
+
return Promise.reject(Error("KMS must be provided either as a parameter or via defaultKms."));
|
|
28
|
+
}
|
|
29
|
+
const result = kms.find((k) => !!k);
|
|
30
|
+
if (!result) {
|
|
31
|
+
return Promise.reject(Error("KMS must be provided either as a parameter or via defaultKms."));
|
|
32
|
+
}
|
|
33
|
+
return result;
|
|
34
|
+
}
|
|
35
|
+
async createIdentifier({ kms, alias, options }, context) {
|
|
36
|
+
const resolvedKms = await this.assertedKms(kms, this.defaultKms);
|
|
37
|
+
if (this.cmsmCallbackOpts && !options.cmsm || options.cmsm && options.cmsm.enabled !== false) {
|
|
38
|
+
if (!this.cmsmCallbackOpts) {
|
|
39
|
+
return Promise.reject(Error("did:oyd: no cmsm options defined on oyd did provider, but cmsm was enabled on the call!"));
|
|
40
|
+
}
|
|
41
|
+
return await this.createIdentifierWithCMSM({
|
|
42
|
+
kms: resolvedKms,
|
|
43
|
+
options
|
|
44
|
+
}, context);
|
|
45
|
+
}
|
|
19
46
|
const body = {
|
|
20
|
-
options
|
|
47
|
+
options: {
|
|
48
|
+
cmsm: false,
|
|
49
|
+
key_type: options.type ?? "Secp256r1"
|
|
50
|
+
}
|
|
21
51
|
};
|
|
22
|
-
const url = "https://oydid-registrar.data-container.net/1.0/createIdentifier";
|
|
23
52
|
let didDoc;
|
|
24
53
|
try {
|
|
25
|
-
const response = await fetch(
|
|
54
|
+
const response = await fetch(OYDID_REGISTRAR_URL, {
|
|
26
55
|
method: "POST",
|
|
27
56
|
headers: {
|
|
28
57
|
"Content-Type": "application/json"
|
|
@@ -30,21 +59,25 @@ var OydDIDProvider = class extends AbstractIdentifierProvider {
|
|
|
30
59
|
body: JSON.stringify(body)
|
|
31
60
|
});
|
|
32
61
|
if (!response.ok) {
|
|
33
|
-
|
|
62
|
+
debug("Error response from OydDID Registrar: ", response);
|
|
63
|
+
return Promise.reject(Error("Network response was not ok: " + response.statusText));
|
|
34
64
|
}
|
|
35
65
|
didDoc = await response.json();
|
|
36
66
|
} catch (error) {
|
|
37
|
-
|
|
67
|
+
debug("Unexpected error from OydDID Registrar: ", error);
|
|
68
|
+
return Promise.reject(Error("There has been a problem with the fetch operation: " + error.toString()));
|
|
38
69
|
}
|
|
39
|
-
const keyType = options?.
|
|
40
|
-
const key = await
|
|
41
|
-
|
|
42
|
-
|
|
70
|
+
const keyType = options?.type ?? "Secp256r1";
|
|
71
|
+
const key = await importProvidedOrGeneratedKey({
|
|
72
|
+
kms: resolvedKms,
|
|
73
|
+
alias: alias ?? options.alias ?? options.kid ?? `${didDoc.did}#key-doc`,
|
|
43
74
|
options: {
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
75
|
+
key: {
|
|
76
|
+
kid: `${didDoc.did}#key-doc`,
|
|
77
|
+
type: keyType,
|
|
78
|
+
publicKeyHex: didDoc.keys[0].publicKeyHex,
|
|
79
|
+
privateKeyHex: didDoc.keys[0].privateKeyHex
|
|
80
|
+
}
|
|
48
81
|
}
|
|
49
82
|
}, context);
|
|
50
83
|
const identifier = {
|
|
@@ -58,6 +91,96 @@ var OydDIDProvider = class extends AbstractIdentifierProvider {
|
|
|
58
91
|
debug("Created", identifier.did);
|
|
59
92
|
return identifier;
|
|
60
93
|
}
|
|
94
|
+
async createIdentifierWithCMSM({ kms, options }, context) {
|
|
95
|
+
const cmsmCallbackOpts = this.cmsmCallbackOpts;
|
|
96
|
+
if (!cmsmCallbackOpts) {
|
|
97
|
+
return Promise.reject(Error("did:oyd: no cmsm options defined!"));
|
|
98
|
+
}
|
|
99
|
+
const assertedKms = await this.assertedKms(kms, this.defaultKms);
|
|
100
|
+
const pubKey = options.key ?? await cmsmCallbackOpts.publicKeyCallback(options.kid ?? "default", assertedKms, options.cmsm?.create !== false, options.type);
|
|
101
|
+
const kid = pubKey.kid;
|
|
102
|
+
const keyType = pubKey.type;
|
|
103
|
+
const key = base58btc({
|
|
104
|
+
publicKeyHex: pubKey.publicKeyHex,
|
|
105
|
+
keyType
|
|
106
|
+
});
|
|
107
|
+
console.log(`Bae58 pubkey key: ${key}`);
|
|
108
|
+
let signValue;
|
|
109
|
+
try {
|
|
110
|
+
const body_create = {
|
|
111
|
+
// specify the Identifier options for the registrar
|
|
112
|
+
key,
|
|
113
|
+
options: {
|
|
114
|
+
cmsm: true,
|
|
115
|
+
key_type: keyType
|
|
116
|
+
}
|
|
117
|
+
};
|
|
118
|
+
console.log(`Create request:
|
|
119
|
+
${JSON.stringify(body_create, null, 2)}
|
|
120
|
+
`);
|
|
121
|
+
const response = await fetch(OYDID_REGISTRAR_URL, {
|
|
122
|
+
method: "POST",
|
|
123
|
+
headers: {
|
|
124
|
+
"Content-Type": "application/json"
|
|
125
|
+
},
|
|
126
|
+
body: JSON.stringify(body_create)
|
|
127
|
+
});
|
|
128
|
+
if (!response.ok) {
|
|
129
|
+
debug("Error response from OydDID Registrar: ", body_create, response);
|
|
130
|
+
return Promise.reject(Error("Network response was not ok: " + response.statusText));
|
|
131
|
+
}
|
|
132
|
+
signValue = await response.json();
|
|
133
|
+
console.log(`Create response:
|
|
134
|
+
${JSON.stringify(signValue, null, 2)}
|
|
135
|
+
`);
|
|
136
|
+
} catch (error) {
|
|
137
|
+
console.log("Unexpected error from OydDID Registrar: ", error);
|
|
138
|
+
return Promise.reject(Error("There has been a problem with the fetch operation: " + error.toString()));
|
|
139
|
+
}
|
|
140
|
+
const { sign } = signValue;
|
|
141
|
+
const signature = await cmsmCallbackOpts.signCallback(kid, sign);
|
|
142
|
+
console.log(`Signature: ${signature}`);
|
|
143
|
+
const body_signed = {
|
|
144
|
+
key,
|
|
145
|
+
options: {
|
|
146
|
+
cmsm: true,
|
|
147
|
+
key_type: keyType,
|
|
148
|
+
sig: signature
|
|
149
|
+
}
|
|
150
|
+
};
|
|
151
|
+
console.log(`Signed request:
|
|
152
|
+
${JSON.stringify(body_signed, null, 2)}
|
|
153
|
+
`);
|
|
154
|
+
let didDoc;
|
|
155
|
+
try {
|
|
156
|
+
const response = await fetch(OYDID_REGISTRAR_URL, {
|
|
157
|
+
method: "POST",
|
|
158
|
+
headers: {
|
|
159
|
+
"Content-Type": "application/json"
|
|
160
|
+
},
|
|
161
|
+
body: JSON.stringify(body_signed)
|
|
162
|
+
});
|
|
163
|
+
if (!response.ok) {
|
|
164
|
+
console.log(`Error response from OydDID Registrar: ${JSON.stringify(response.text)}${response.statusText}`, response);
|
|
165
|
+
debug("Error response from OydDID Registrar: ", response);
|
|
166
|
+
return Promise.reject(Error("Network response was not ok: " + response.statusText));
|
|
167
|
+
}
|
|
168
|
+
didDoc = await response.json();
|
|
169
|
+
} catch (error) {
|
|
170
|
+
debug("Unexpected error from OydDID Registrar: ", error);
|
|
171
|
+
return Promise.reject(Error("There has been a problem with the fetch operation: " + error.toString()));
|
|
172
|
+
}
|
|
173
|
+
const identifier = {
|
|
174
|
+
did: didDoc.did,
|
|
175
|
+
controllerKeyId: pubKey.kid,
|
|
176
|
+
keys: [
|
|
177
|
+
pubKey
|
|
178
|
+
],
|
|
179
|
+
services: []
|
|
180
|
+
};
|
|
181
|
+
debug("Created", identifier.did);
|
|
182
|
+
return identifier;
|
|
183
|
+
}
|
|
61
184
|
async updateIdentifier(args, context) {
|
|
62
185
|
throw new Error("OydDIDProvider updateIdentifier not supported yet.");
|
|
63
186
|
}
|
|
@@ -89,33 +212,20 @@ var OydDIDProvider = class extends AbstractIdentifierProvider {
|
|
|
89
212
|
success: true
|
|
90
213
|
};
|
|
91
214
|
}
|
|
92
|
-
async holdKeys(args, context) {
|
|
93
|
-
if (args.options.privateKeyHex) {
|
|
94
|
-
return context.agent.keyManagerImport({
|
|
95
|
-
// @ts-ignore
|
|
96
|
-
kms: args.kms || this.defaultKms,
|
|
97
|
-
type: args.options.keyType,
|
|
98
|
-
kid: args.options.kid,
|
|
99
|
-
privateKeyHex: args.options.privateKeyHex,
|
|
100
|
-
meta: {
|
|
101
|
-
algorithms: [
|
|
102
|
-
"Ed25519"
|
|
103
|
-
]
|
|
104
|
-
}
|
|
105
|
-
});
|
|
106
|
-
}
|
|
107
|
-
return context.agent.keyManagerCreate({
|
|
108
|
-
type: args.options.keyType,
|
|
109
|
-
// @ts-ignore
|
|
110
|
-
kms: args.kms || this.defaultKms,
|
|
111
|
-
meta: {
|
|
112
|
-
algorithms: [
|
|
113
|
-
"Ed25519"
|
|
114
|
-
]
|
|
115
|
-
}
|
|
116
|
-
});
|
|
117
|
-
}
|
|
118
215
|
};
|
|
216
|
+
var keyCodecs = {
|
|
217
|
+
RSA: "rsa-pub",
|
|
218
|
+
Ed25519: "ed25519-pub",
|
|
219
|
+
X25519: "x25519-pub",
|
|
220
|
+
Secp256k1: "secp256k1-pub",
|
|
221
|
+
Secp256r1: "p256-pub",
|
|
222
|
+
Bls12381G1: "bls12_381-g1-pub",
|
|
223
|
+
Bls12381G2: "bls12_381-g2-pub"
|
|
224
|
+
};
|
|
225
|
+
var base58btc = /* @__PURE__ */ __name(({ publicKeyHex, keyType = "Secp256r1" }) => {
|
|
226
|
+
const codecName = keyCodecs[keyType];
|
|
227
|
+
return u8a.toString(Multibase.encode("base58btc", Multicodec.addPrefix(codecName, u8a.fromString(publicKeyHex, "hex")))).toString();
|
|
228
|
+
}, "base58btc");
|
|
119
229
|
|
|
120
230
|
// src/resolver.ts
|
|
121
231
|
import fetch2 from "cross-fetch";
|
|
@@ -145,18 +255,8 @@ function getDidOydResolver() {
|
|
|
145
255
|
};
|
|
146
256
|
}
|
|
147
257
|
__name(getDidOydResolver, "getDidOydResolver");
|
|
148
|
-
|
|
149
|
-
// src/types/oyd-provider-types.ts
|
|
150
|
-
var SupportedKeyTypes = /* @__PURE__ */ function(SupportedKeyTypes2) {
|
|
151
|
-
SupportedKeyTypes2["Secp256r1"] = "Secp256r1";
|
|
152
|
-
SupportedKeyTypes2["Secp256k1"] = "Secp256k1";
|
|
153
|
-
SupportedKeyTypes2["Ed25519"] = "Ed25519";
|
|
154
|
-
SupportedKeyTypes2["X25519"] = "X25519";
|
|
155
|
-
return SupportedKeyTypes2;
|
|
156
|
-
}({});
|
|
157
258
|
export {
|
|
158
259
|
OydDIDProvider,
|
|
159
|
-
SupportedKeyTypes,
|
|
160
260
|
getDidOydResolver
|
|
161
261
|
};
|
|
162
262
|
//# sourceMappingURL=index.js.map
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../src/oyd-did-provider.ts","../src/resolver.ts","../src/types/oyd-provider-types.ts"],"sourcesContent":["import { IIdentifier, IKey, IService, IAgentContext, IKeyManager } from '@veramo/core'\nimport { AbstractIdentifierProvider } from '@veramo/did-manager'\nimport type { OydCreateIdentifierOptions, OydDidHoldKeysArgs, OydDidSupportedKeyTypes } from './types/oyd-provider-types.js'\nimport fetch from 'cross-fetch'\n\nimport Debug from 'debug'\nconst debug = Debug('veramo:oyd-did:identifier-provider')\n\ntype IContext = IAgentContext<IKeyManager>\n\n/**\n * {@link @veramo/did-manager#DIDManager} identifier provider for `did:oyd` identifiers\n * @public\n */\nexport class OydDIDProvider extends AbstractIdentifierProvider {\n private defaultKms?: string\n\n constructor(options: { defaultKms?: string }) {\n super()\n this.defaultKms = options.defaultKms\n }\n\n async createIdentifier(\n { kms, options }: { kms?: string; options: OydCreateIdentifierOptions },\n context: IContext\n ): Promise<Omit<IIdentifier, 'provider'>> {\n const body = { options }\n const url = 'https://oydid-registrar.data-container.net/1.0/createIdentifier'\n\n let didDoc: any | undefined\n try {\n const response = await fetch(url, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n },\n body: JSON.stringify(body),\n })\n if (!response.ok) {\n throw new Error('Network response was not ok: ' + response.statusText)\n }\n didDoc = await response.json()\n } catch (error) {\n // @ts-ignore\n throw new Error('There has been a problem with the fetch operation: ' + error.toString())\n }\n\n const keyType: OydDidSupportedKeyTypes = options?.keyType || 'Ed25519'\n const key = await this.holdKeys(\n {\n // @ts-ignore\n kms: kms || this.defaultKms,\n options: {\n keyType,\n kid: didDoc.did + '#key-doc',\n publicKeyHex: didDoc.keys[0].publicKeyHex,\n privateKeyHex: didDoc.keys[0].privateKeyHex,\n },\n },\n context\n )\n\n const identifier: Omit<IIdentifier, 'provider'> = {\n did: didDoc.did,\n controllerKeyId: key.kid,\n keys: [key],\n services: [],\n }\n debug('Created', identifier.did)\n return identifier\n }\n\n async updateIdentifier(\n args: { did: string; kms?: string | undefined; alias?: string | undefined; options?: any },\n context: IAgentContext<IKeyManager>\n ): Promise<IIdentifier> {\n throw new Error('OydDIDProvider updateIdentifier not supported yet.')\n }\n\n async deleteIdentifier(identifier: IIdentifier, context: IContext): Promise<boolean> {\n for (const { kid } of identifier.keys) {\n await context.agent.keyManagerDelete({ kid })\n }\n return true\n }\n\n async addKey({ identifier, key, options }: { identifier: IIdentifier; key: IKey; options?: any }, context: IContext): Promise<any> {\n return { success: true }\n }\n\n async addService({ identifier, service, options }: { identifier: IIdentifier; service: IService; options?: any }, context: IContext): Promise<any> {\n return { success: true }\n }\n\n async removeKey(args: { identifier: IIdentifier; kid: string; options?: any }, context: IContext): Promise<any> {\n return { success: true }\n }\n\n async removeService(args: { identifier: IIdentifier; id: string; options?: any }, context: IContext): Promise<any> {\n return { success: true }\n }\n\n private async holdKeys(args: OydDidHoldKeysArgs, context: IContext): Promise<IKey> {\n if (args.options.privateKeyHex) {\n return context.agent.keyManagerImport({\n // @ts-ignore\n kms: args.kms || this.defaultKms,\n type: args.options.keyType,\n kid: args.options.kid,\n privateKeyHex: args.options.privateKeyHex,\n meta: {\n algorithms: ['Ed25519'],\n },\n })\n }\n return context.agent.keyManagerCreate({\n type: args.options.keyType,\n // @ts-ignore\n kms: args.kms || this.defaultKms,\n meta: {\n algorithms: ['Ed25519'],\n },\n })\n }\n}\n","import { DIDResolutionOptions, DIDResolutionResult, DIDResolver, ParsedDID, Resolvable } from 'did-resolver'\nimport fetch from 'cross-fetch'\n\nconst resolveDidOyd: DIDResolver = async (\n didUrl: string,\n _parsed: ParsedDID,\n _resolver: Resolvable,\n options: DIDResolutionOptions\n): Promise<DIDResolutionResult> => {\n try {\n const baseUrl: string = 'https://oydid-resolver.data-container.net'\n // const didDoc = await axios.get(`${baseUrl}/1.0/identifiers/${didUrl}`);\n const response = await fetch(`${baseUrl}/1.0/identifiers/${didUrl}`)\n if (!response.ok) {\n throw new Error('Network response was not ok: ' + response.statusText)\n }\n const didDoc = await response.json()\n return didDoc as DIDResolutionResult\n } catch (err: any) {\n return {\n didDocumentMetadata: {},\n didResolutionMetadata: { error: 'invalidDid', message: err.toString() },\n didDocument: null,\n }\n }\n}\n\n/**\n * Provides a mapping to a did:oyd resolver, usable by {@link did-resolver#Resolver}.\n *\n * @public\n */\nexport function getDidOydResolver() {\n return { oyd: resolveDidOyd }\n}\n","export type OydCreateIdentifierOptions = {\n keyType?: OydDidSupportedKeyTypes\n privateKeyHex?: string\n keyUse?: KeyUse\n}\n\nexport type OydDidHoldKeysArgs = {\n kms: string\n options: HoldKeysOpts\n}\n\ntype HoldKeysOpts = {\n keyType: OydDidSupportedKeyTypes\n kid: string\n publicKeyHex?: string\n privateKeyHex?: string\n}\n\nexport enum SupportedKeyTypes {\n Secp256r1 = 'Secp256r1',\n Secp256k1 = 'Secp256k1',\n Ed25519 = 'Ed25519',\n X25519 = 'X25519',\n}\n\nexport type OydDidSupportedKeyTypes = keyof typeof SupportedKeyTypes\n\nexport type KeyUse = 'sig' | 'enc'\n"],"mappings":";;;;AACA,SAASA,kCAAkC;AAE3C,OAAOC,WAAW;AAElB,OAAOC,WAAW;AAClB,IAAMC,QAAQC,MAAM,oCAAA;AAQb,IAAMC,iBAAN,cAA6BC,2BAAAA;EAbpC,OAaoCA;;;EAC1BC;EAERC,YAAYC,SAAkC;AAC5C,UAAK;AACL,SAAKF,aAAaE,QAAQF;EAC5B;EAEA,MAAMG,iBACJ,EAAEC,KAAKF,QAAO,GACdG,SACwC;AACxC,UAAMC,OAAO;MAAEJ;IAAQ;AACvB,UAAMK,MAAM;AAEZ,QAAIC;AACJ,QAAI;AACF,YAAMC,WAAW,MAAMC,MAAMH,KAAK;QAChCI,QAAQ;QACRC,SAAS;UACP,gBAAgB;QAClB;QACAN,MAAMO,KAAKC,UAAUR,IAAAA;MACvB,CAAA;AACA,UAAI,CAACG,SAASM,IAAI;AAChB,cAAM,IAAIC,MAAM,kCAAkCP,SAASQ,UAAU;MACvE;AACAT,eAAS,MAAMC,SAASS,KAAI;IAC9B,SAASC,OAAO;AAEd,YAAM,IAAIH,MAAM,wDAAwDG,MAAMC,SAAQ,CAAA;IACxF;AAEA,UAAMC,UAAmCnB,SAASmB,WAAW;AAC7D,UAAMC,MAAM,MAAM,KAAKC,SACrB;;MAEEnB,KAAKA,OAAO,KAAKJ;MACjBE,SAAS;QACPmB;QACAG,KAAKhB,OAAOiB,MAAM;QAClBC,cAAclB,OAAOmB,KAAK,CAAA,EAAGD;QAC7BE,eAAepB,OAAOmB,KAAK,CAAA,EAAGC;MAChC;IACF,GACAvB,OAAAA;AAGF,UAAMwB,aAA4C;MAChDJ,KAAKjB,OAAOiB;MACZK,iBAAiBR,IAAIE;MACrBG,MAAM;QAACL;;MACPS,UAAU,CAAA;IACZ;AACAnC,UAAM,WAAWiC,WAAWJ,GAAG;AAC/B,WAAOI;EACT;EAEA,MAAMG,iBACJC,MACA5B,SACsB;AACtB,UAAM,IAAIW,MAAM,oDAAA;EAClB;EAEA,MAAMkB,iBAAiBL,YAAyBxB,SAAqC;AACnF,eAAW,EAAEmB,IAAG,KAAMK,WAAWF,MAAM;AACrC,YAAMtB,QAAQ8B,MAAMC,iBAAiB;QAAEZ;MAAI,CAAA;IAC7C;AACA,WAAO;EACT;EAEA,MAAMa,OAAO,EAAER,YAAYP,KAAKpB,QAAO,GAA2DG,SAAiC;AACjI,WAAO;MAAEiC,SAAS;IAAK;EACzB;EAEA,MAAMC,WAAW,EAAEV,YAAYW,SAAStC,QAAO,GAAmEG,SAAiC;AACjJ,WAAO;MAAEiC,SAAS;IAAK;EACzB;EAEA,MAAMG,UAAUR,MAA+D5B,SAAiC;AAC9G,WAAO;MAAEiC,SAAS;IAAK;EACzB;EAEA,MAAMI,cAAcT,MAA8D5B,SAAiC;AACjH,WAAO;MAAEiC,SAAS;IAAK;EACzB;EAEA,MAAcf,SAASU,MAA0B5B,SAAkC;AACjF,QAAI4B,KAAK/B,QAAQ0B,eAAe;AAC9B,aAAOvB,QAAQ8B,MAAMQ,iBAAiB;;QAEpCvC,KAAK6B,KAAK7B,OAAO,KAAKJ;QACtB4C,MAAMX,KAAK/B,QAAQmB;QACnBG,KAAKS,KAAK/B,QAAQsB;QAClBI,eAAeK,KAAK/B,QAAQ0B;QAC5BiB,MAAM;UACJC,YAAY;YAAC;;QACf;MACF,CAAA;IACF;AACA,WAAOzC,QAAQ8B,MAAMY,iBAAiB;MACpCH,MAAMX,KAAK/B,QAAQmB;;MAEnBjB,KAAK6B,KAAK7B,OAAO,KAAKJ;MACtB6C,MAAM;QACJC,YAAY;UAAC;;MACf;IACF,CAAA;EACF;AACF;;;AC3HA,OAAOE,YAAW;AAElB,IAAMC,gBAA6B,8BACjCC,QACAC,SACAC,WACAC,YAAAA;AAEA,MAAI;AACF,UAAMC,UAAkB;AAExB,UAAMC,WAAW,MAAMC,OAAM,GAAGF,OAAAA,oBAA2BJ,MAAAA,EAAQ;AACnE,QAAI,CAACK,SAASE,IAAI;AAChB,YAAM,IAAIC,MAAM,kCAAkCH,SAASI,UAAU;IACvE;AACA,UAAMC,SAAS,MAAML,SAASM,KAAI;AAClC,WAAOD;EACT,SAASE,KAAU;AACjB,WAAO;MACLC,qBAAqB,CAAC;MACtBC,uBAAuB;QAAEC,OAAO;QAAcC,SAASJ,IAAIK,SAAQ;MAAG;MACtEC,aAAa;IACf;EACF;AACF,GAtBmC;AA6B5B,SAASC,oBAAAA;AACd,SAAO;IAAEC,KAAKrB;EAAc;AAC9B;AAFgBoB;;;ACdT,IAAKE,oBAAAA,yBAAAA,oBAAAA;;;;;SAAAA;;","names":["AbstractIdentifierProvider","fetch","Debug","debug","Debug","OydDIDProvider","AbstractIdentifierProvider","defaultKms","constructor","options","createIdentifier","kms","context","body","url","didDoc","response","fetch","method","headers","JSON","stringify","ok","Error","statusText","json","error","toString","keyType","key","holdKeys","kid","did","publicKeyHex","keys","privateKeyHex","identifier","controllerKeyId","services","updateIdentifier","args","deleteIdentifier","agent","keyManagerDelete","addKey","success","addService","service","removeKey","removeService","keyManagerImport","type","meta","algorithms","keyManagerCreate","fetch","resolveDidOyd","didUrl","_parsed","_resolver","options","baseUrl","response","fetch","ok","Error","statusText","didDoc","json","err","didDocumentMetadata","didResolutionMetadata","error","message","toString","didDocument","getDidOydResolver","oyd","SupportedKeyTypes"]}
|
|
1
|
+
{"version":3,"sources":["../src/oyd-did-provider.ts","../src/resolver.ts"],"sourcesContent":["import { importProvidedOrGeneratedKey } from '@sphereon/ssi-sdk-ext.key-utils'\nimport { IAgentContext, IIdentifier, IKey, IKeyManager, IService, TKeyType } from '@veramo/core'\nimport { AbstractIdentifierProvider } from '@veramo/did-manager'\nimport { KeyManager } from '@veramo/key-manager'\nimport fetch from 'cross-fetch'\nimport Multibase from 'multibase'\nimport Multicodec from 'multicodec'\n\n// @ts-ignore\nimport * as u8a from 'uint8arrays'\n\nimport Debug from 'debug'\nimport type {\n CMSMCallbackOpts,\n OydConstructorOptions,\n OydCreateIdentifierOptions,\n // OydDidHoldKeysArgs,\n OydDidSupportedKeyTypes,\n} from './types/oyd-provider-types'\n\nconst debug = Debug('veramo:oyd-did:identifier-provider')\nconst OYDID_REGISTRAR_URL = 'https://oydid-registrar.data-container.net/1.0/createIdentifier'\n\ntype IContext = IAgentContext<IKeyManager>\n\n/**\n * {@link @veramo/did-manager#DIDManager} identifier provider for `did:oyd` identifiers\n * @public\n */\nexport class OydDIDProvider extends AbstractIdentifierProvider {\n private readonly defaultKms?: string\n private readonly cmsmCallbackOpts?: CMSMCallbackOpts\n\n constructor(options?: OydConstructorOptions) {\n super()\n this.defaultKms = options?.defaultKms\n this.cmsmCallbackOpts = options?.clientManagedSecretMode\n }\n\n private async assertedKms(...kms: (string | undefined)[]): Promise<string> {\n if (!kms || kms.length === 0) {\n return Promise.reject(Error('KMS must be provided either as a parameter or via defaultKms.'))\n }\n const result = kms.find((k) => !!k)\n if (!result) {\n return Promise.reject(Error('KMS must be provided either as a parameter or via defaultKms.'))\n }\n return result\n }\n\n async createIdentifier(\n { kms, alias, options }: { kms?: string; alias?: string; options: OydCreateIdentifierOptions },\n context: IContext\n ): Promise<Omit<IIdentifier, 'provider'>> {\n const resolvedKms = await this.assertedKms(kms, this.defaultKms)\n\n if ((this.cmsmCallbackOpts && !options.cmsm) || (options.cmsm && options.cmsm.enabled !== false)) {\n if (!this.cmsmCallbackOpts) {\n return Promise.reject(Error('did:oyd: no cmsm options defined on oyd did provider, but cmsm was enabled on the call!'))\n }\n return await this.createIdentifierWithCMSM({ kms: resolvedKms, options }, context)\n }\n\n const body = {\n options: {\n cmsm: false,\n key_type: options.type ?? 'Secp256r1',\n },\n }\n let didDoc: any | undefined\n try {\n const response = await fetch(OYDID_REGISTRAR_URL, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n },\n body: JSON.stringify(body),\n })\n if (!response.ok) {\n debug('Error response from OydDID Registrar: ', response)\n return Promise.reject(Error('Network response was not ok: ' + response.statusText))\n }\n didDoc = await response.json()\n } catch (error: any) {\n debug('Unexpected error from OydDID Registrar: ', error)\n return Promise.reject(Error('There has been a problem with the fetch operation: ' + error.toString()))\n }\n\n const keyType: OydDidSupportedKeyTypes = options?.type ?? 'Secp256r1'\n const key = await importProvidedOrGeneratedKey(\n {\n kms: resolvedKms,\n alias: alias ?? options.alias ?? options.kid ?? `${didDoc.did}#key-doc`,\n options: {\n key: {\n kid: `${didDoc.did}#key-doc`,\n type: keyType,\n publicKeyHex: didDoc.keys[0].publicKeyHex,\n privateKeyHex: didDoc.keys[0].privateKeyHex,\n },\n },\n },\n context\n )\n\n const identifier: Omit<IIdentifier, 'provider'> = {\n did: didDoc.did,\n controllerKeyId: key.kid,\n keys: [key],\n services: [],\n }\n debug('Created', identifier.did)\n return identifier\n }\n\n async createIdentifierWithCMSM(\n { kms, options }: { kms?: string; options: OydCreateIdentifierOptions },\n context: IContext\n ): Promise<Omit<IIdentifier, 'provider'>> {\n const cmsmCallbackOpts = this.cmsmCallbackOpts\n if (!cmsmCallbackOpts) {\n return Promise.reject(Error('did:oyd: no cmsm options defined!'))\n }\n\n const assertedKms = await this.assertedKms(kms, this.defaultKms)\n const pubKey =\n options.key ?? (await cmsmCallbackOpts.publicKeyCallback(options.kid ?? 'default', assertedKms, options.cmsm?.create !== false, options.type)) // \"default\" is probably not right, TODO!!\n const kid = pubKey.kid\n const keyType = pubKey.type\n const key = base58btc({ publicKeyHex: pubKey.publicKeyHex, keyType })\n\n console.log(`Bae58 pubkey key: ${key}`)\n let signValue: any | undefined // do the request\n try {\n const body_create = {\n // specify the Identifier options for the registrar\n key: key,\n options: {\n cmsm: true,\n key_type: keyType,\n },\n }\n console.log(`Create request:\\n${JSON.stringify(body_create, null, 2)}\\n`)\n const response = await fetch(OYDID_REGISTRAR_URL, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n },\n body: JSON.stringify(body_create),\n })\n if (!response.ok) {\n debug('Error response from OydDID Registrar: ', body_create, response)\n return Promise.reject(Error('Network response was not ok: ' + response.statusText))\n }\n signValue = await response.json()\n console.log(`Create response:\\n${JSON.stringify(signValue, null, 2)}\\n`)\n } catch (error: any) {\n console.log('Unexpected error from OydDID Registrar: ', error)\n return Promise.reject(Error('There has been a problem with the fetch operation: ' + error.toString()))\n }\n\n // we received our value to sign, now we sign it!\n const { sign } = signValue\n const signature = await cmsmCallbackOpts.signCallback(kid, sign)\n\n console.log(`Signature: ${signature}`)\n\n const body_signed = {\n key,\n options: {\n cmsm: true,\n key_type: keyType,\n sig: signature,\n },\n }\n console.log(`Signed request:\\n${JSON.stringify(body_signed, null, 2)}\\n`)\n\n // Object.assign(body_signed.options, options)\n\n let didDoc: any | undefined // do the request\n try {\n const response = await fetch(OYDID_REGISTRAR_URL, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n },\n body: JSON.stringify(body_signed),\n })\n if (!response.ok) {\n console.log(`Error response from OydDID Registrar: ${JSON.stringify(response.text)}${response.statusText}`, response)\n debug('Error response from OydDID Registrar: ', response)\n return Promise.reject(Error('Network response was not ok: ' + response.statusText))\n }\n didDoc = await response.json()\n } catch (error: any) {\n debug('Unexpected error from OydDID Registrar: ', error)\n return Promise.reject(Error('There has been a problem with the fetch operation: ' + error.toString()))\n }\n\n const identifier: Omit<IIdentifier, 'provider'> = {\n did: didDoc.did,\n controllerKeyId: pubKey.kid,\n keys: [pubKey],\n services: [],\n }\n debug('Created', identifier.did)\n return identifier\n }\n\n async updateIdentifier(\n args: { did: string; kms?: string | undefined; alias?: string | undefined; options?: any },\n context: IAgentContext<IKeyManager>\n ): Promise<IIdentifier> {\n throw new Error('OydDIDProvider updateIdentifier not supported yet.')\n }\n\n async deleteIdentifier(identifier: IIdentifier, context: IContext): Promise<boolean> {\n for (const { kid } of identifier.keys) {\n await context.agent.keyManagerDelete({ kid })\n }\n return true\n }\n\n async addKey({ identifier, key, options }: { identifier: IIdentifier; key: IKey; options?: any }, context: IContext): Promise<any> {\n return { success: true }\n }\n\n async addService({ identifier, service, options }: { identifier: IIdentifier; service: IService; options?: any }, context: IContext): Promise<any> {\n return { success: true }\n }\n\n async removeKey(args: { identifier: IIdentifier; kid: string; options?: any }, context: IContext): Promise<any> {\n return { success: true }\n }\n\n async removeService(args: { identifier: IIdentifier; id: string; options?: any }, context: IContext): Promise<any> {\n return { success: true }\n }\n}\n\nconst keyCodecs = {\n RSA: 'rsa-pub',\n Ed25519: 'ed25519-pub',\n X25519: 'x25519-pub',\n Secp256k1: 'secp256k1-pub',\n Secp256r1: 'p256-pub',\n Bls12381G1: 'bls12_381-g1-pub',\n Bls12381G2: 'bls12_381-g2-pub',\n} as const\n\nconst base58btc = ({ publicKeyHex, keyType = 'Secp256r1' }: { publicKeyHex: string; keyType?: TKeyType }): string => {\n const codecName = keyCodecs[keyType]\n\n // methodSpecificId = bytesToMultibase({bytes: u8a.fromString(key.publicKeyHex, 'hex'), codecName})\n return u8a\n .toString(Multibase.encode('base58btc', Multicodec.addPrefix(codecName as Multicodec.CodecName, u8a.fromString(publicKeyHex, 'hex'))))\n .toString()\n}\n\nexport function defaultOydCmsmPublicKeyCallback(\n keyManager: KeyManager\n): (kid: string, kms?: string, create?: boolean, createKeyType?: TKeyType) => Promise<IKey> {\n return async (kid: string, kms?: string, create?: boolean, createKeyType?: TKeyType): Promise<IKey> => {\n try {\n const existing = await keyManager.keyManagerGet({ kid })\n if (existing) {\n return existing\n }\n } catch (error: any) {}\n if (create) {\n if (!kms) {\n return Promise.reject(Error('No KMS provided, whilst creating a new key!'))\n }\n const alias = kid ?? `oyd-${new Date().toISOString()}`\n\n const agent = keyManager\n const key = await importProvidedOrGeneratedKey(\n {\n kms,\n alias,\n options: {\n key: {\n type: createKeyType ?? 'Secp256r1',\n },\n },\n },\n {\n //@ts-ignore\n agent,\n }\n )\n return key\n\n // return await keyManager.keyManagerCreate({ kms, type: createKeyType ?? 'Secp256r1' })\n }\n return Promise.reject(Error('No existing key found, and create is false!'))\n }\n}\n\nexport function defaultOydCmsmSignCallback(keyManager: KeyManager): (kid: string, data: string) => Promise<string> {\n return async (kid: string, data: string): Promise<string> => {\n return keyManager.keyManagerSign({ keyRef: kid, data, encoding: 'utf-8' })\n }\n}\n\nexport class DefaultOydCmsmCallbacks implements CMSMCallbackOpts {\n private readonly keyManager: KeyManager\n\n constructor(keyManager: KeyManager) {\n this.keyManager = keyManager\n }\n\n publicKeyCallback(kid: string, kms?: string, create?: boolean, createKeyType?: TKeyType): Promise<IKey> {\n return defaultOydCmsmPublicKeyCallback(this.keyManager)(kid, kms, create, createKeyType)\n }\n\n signCallback(kid: string, value: string): Promise<string> {\n return defaultOydCmsmSignCallback(this.keyManager)(kid, value)\n }\n}\n","import { DIDResolutionOptions, DIDResolutionResult, DIDResolver, ParsedDID, Resolvable } from 'did-resolver'\nimport fetch from 'cross-fetch'\n\nconst resolveDidOyd: DIDResolver = async (\n didUrl: string,\n _parsed: ParsedDID,\n _resolver: Resolvable,\n options: DIDResolutionOptions\n): Promise<DIDResolutionResult> => {\n try {\n const baseUrl: string = 'https://oydid-resolver.data-container.net'\n // const didDoc = await axios.get(`${baseUrl}/1.0/identifiers/${didUrl}`);\n const response = await fetch(`${baseUrl}/1.0/identifiers/${didUrl}`)\n if (!response.ok) {\n throw new Error('Network response was not ok: ' + response.statusText)\n }\n const didDoc = await response.json()\n return didDoc as DIDResolutionResult\n } catch (err: any) {\n return {\n didDocumentMetadata: {},\n didResolutionMetadata: { error: 'invalidDid', message: err.toString() },\n didDocument: null,\n }\n }\n}\n\n/**\n * Provides a mapping to a did:oyd resolver, usable by {@link did-resolver#Resolver}.\n *\n * @public\n */\nexport function getDidOydResolver() {\n return { oyd: resolveDidOyd }\n}\n"],"mappings":";;;;AAAA,SAASA,oCAAoC;AAE7C,SAASC,kCAAkC;AAE3C,OAAOC,WAAW;AAClB,OAAOC,eAAe;AACtB,OAAOC,gBAAgB;AAGvB,YAAYC,SAAS;AAErB,OAAOC,WAAW;AASlB,IAAMC,QAAQC,MAAM,oCAAA;AACpB,IAAMC,sBAAsB;AAQrB,IAAMC,iBAAN,cAA6BC,2BAAAA;EA7BpC,OA6BoCA;;;EACjBC;EACAC;EAEjBC,YAAYC,SAAiC;AAC3C,UAAK;AACL,SAAKH,aAAaG,SAASH;AAC3B,SAAKC,mBAAmBE,SAASC;EACnC;EAEA,MAAcC,eAAeC,KAA8C;AACzE,QAAI,CAACA,OAAOA,IAAIC,WAAW,GAAG;AAC5B,aAAOC,QAAQC,OAAOC,MAAM,+DAAA,CAAA;IAC9B;AACA,UAAMC,SAASL,IAAIM,KAAK,CAACC,MAAM,CAAC,CAACA,CAAAA;AACjC,QAAI,CAACF,QAAQ;AACX,aAAOH,QAAQC,OAAOC,MAAM,+DAAA,CAAA;IAC9B;AACA,WAAOC;EACT;EAEA,MAAMG,iBACJ,EAAER,KAAKS,OAAOZ,QAAO,GACrBa,SACwC;AACxC,UAAMC,cAAc,MAAM,KAAKZ,YAAYC,KAAK,KAAKN,UAAU;AAE/D,QAAK,KAAKC,oBAAoB,CAACE,QAAQe,QAAUf,QAAQe,QAAQf,QAAQe,KAAKC,YAAY,OAAQ;AAChG,UAAI,CAAC,KAAKlB,kBAAkB;AAC1B,eAAOO,QAAQC,OAAOC,MAAM,yFAAA,CAAA;MAC9B;AACA,aAAO,MAAM,KAAKU,yBAAyB;QAAEd,KAAKW;QAAad;MAAQ,GAAGa,OAAAA;IAC5E;AAEA,UAAMK,OAAO;MACXlB,SAAS;QACPe,MAAM;QACNI,UAAUnB,QAAQoB,QAAQ;MAC5B;IACF;AACA,QAAIC;AACJ,QAAI;AACF,YAAMC,WAAW,MAAMC,MAAM7B,qBAAqB;QAChD8B,QAAQ;QACRC,SAAS;UACP,gBAAgB;QAClB;QACAP,MAAMQ,KAAKC,UAAUT,IAAAA;MACvB,CAAA;AACA,UAAI,CAACI,SAASM,IAAI;AAChBpC,cAAM,0CAA0C8B,QAAAA;AAChD,eAAOjB,QAAQC,OAAOC,MAAM,kCAAkCe,SAASO,UAAU,CAAA;MACnF;AACAR,eAAS,MAAMC,SAASQ,KAAI;IAC9B,SAASC,OAAY;AACnBvC,YAAM,4CAA4CuC,KAAAA;AAClD,aAAO1B,QAAQC,OAAOC,MAAM,wDAAwDwB,MAAMC,SAAQ,CAAA,CAAA;IACpG;AAEA,UAAMC,UAAmCjC,SAASoB,QAAQ;AAC1D,UAAMc,MAAM,MAAMC,6BAChB;MACEhC,KAAKW;MACLF,OAAOA,SAASZ,QAAQY,SAASZ,QAAQoC,OAAO,GAAGf,OAAOgB,GAAG;MAC7DrC,SAAS;QACPkC,KAAK;UACHE,KAAK,GAAGf,OAAOgB,GAAG;UAClBjB,MAAMa;UACNK,cAAcjB,OAAOkB,KAAK,CAAA,EAAGD;UAC7BE,eAAenB,OAAOkB,KAAK,CAAA,EAAGC;QAChC;MACF;IACF,GACA3B,OAAAA;AAGF,UAAM4B,aAA4C;MAChDJ,KAAKhB,OAAOgB;MACZK,iBAAiBR,IAAIE;MACrBG,MAAM;QAACL;;MACPS,UAAU,CAAA;IACZ;AACAnD,UAAM,WAAWiD,WAAWJ,GAAG;AAC/B,WAAOI;EACT;EAEA,MAAMxB,yBACJ,EAAEd,KAAKH,QAAO,GACda,SACwC;AACxC,UAAMf,mBAAmB,KAAKA;AAC9B,QAAI,CAACA,kBAAkB;AACrB,aAAOO,QAAQC,OAAOC,MAAM,mCAAA,CAAA;IAC9B;AAEA,UAAML,cAAc,MAAM,KAAKA,YAAYC,KAAK,KAAKN,UAAU;AAC/D,UAAM+C,SACJ5C,QAAQkC,OAAQ,MAAMpC,iBAAiB+C,kBAAkB7C,QAAQoC,OAAO,WAAWlC,aAAaF,QAAQe,MAAM+B,WAAW,OAAO9C,QAAQoB,IAAI;AAC9I,UAAMgB,MAAMQ,OAAOR;AACnB,UAAMH,UAAUW,OAAOxB;AACvB,UAAMc,MAAMa,UAAU;MAAET,cAAcM,OAAON;MAAcL;IAAQ,CAAA;AAEnEe,YAAQC,IAAI,qBAAqBf,GAAAA,EAAK;AACtC,QAAIgB;AACJ,QAAI;AACF,YAAMC,cAAc;;QAElBjB;QACAlC,SAAS;UACPe,MAAM;UACNI,UAAUc;QACZ;MACF;AACAe,cAAQC,IAAI;EAAoBvB,KAAKC,UAAUwB,aAAa,MAAM,CAAA,CAAA;CAAM;AACxE,YAAM7B,WAAW,MAAMC,MAAM7B,qBAAqB;QAChD8B,QAAQ;QACRC,SAAS;UACP,gBAAgB;QAClB;QACAP,MAAMQ,KAAKC,UAAUwB,WAAAA;MACvB,CAAA;AACA,UAAI,CAAC7B,SAASM,IAAI;AAChBpC,cAAM,0CAA0C2D,aAAa7B,QAAAA;AAC7D,eAAOjB,QAAQC,OAAOC,MAAM,kCAAkCe,SAASO,UAAU,CAAA;MACnF;AACAqB,kBAAY,MAAM5B,SAASQ,KAAI;AAC/BkB,cAAQC,IAAI;EAAqBvB,KAAKC,UAAUuB,WAAW,MAAM,CAAA,CAAA;CAAM;IACzE,SAASnB,OAAY;AACnBiB,cAAQC,IAAI,4CAA4ClB,KAAAA;AACxD,aAAO1B,QAAQC,OAAOC,MAAM,wDAAwDwB,MAAMC,SAAQ,CAAA,CAAA;IACpG;AAGA,UAAM,EAAEoB,KAAI,IAAKF;AACjB,UAAMG,YAAY,MAAMvD,iBAAiBwD,aAAalB,KAAKgB,IAAAA;AAE3DJ,YAAQC,IAAI,cAAcI,SAAAA,EAAW;AAErC,UAAME,cAAc;MAClBrB;MACAlC,SAAS;QACPe,MAAM;QACNI,UAAUc;QACVuB,KAAKH;MACP;IACF;AACAL,YAAQC,IAAI;EAAoBvB,KAAKC,UAAU4B,aAAa,MAAM,CAAA,CAAA;CAAM;AAIxE,QAAIlC;AACJ,QAAI;AACF,YAAMC,WAAW,MAAMC,MAAM7B,qBAAqB;QAChD8B,QAAQ;QACRC,SAAS;UACP,gBAAgB;QAClB;QACAP,MAAMQ,KAAKC,UAAU4B,WAAAA;MACvB,CAAA;AACA,UAAI,CAACjC,SAASM,IAAI;AAChBoB,gBAAQC,IAAI,yCAAyCvB,KAAKC,UAAUL,SAASmC,IAAI,CAAA,GAAInC,SAASO,UAAU,IAAIP,QAAAA;AAC5G9B,cAAM,0CAA0C8B,QAAAA;AAChD,eAAOjB,QAAQC,OAAOC,MAAM,kCAAkCe,SAASO,UAAU,CAAA;MACnF;AACAR,eAAS,MAAMC,SAASQ,KAAI;IAC9B,SAASC,OAAY;AACnBvC,YAAM,4CAA4CuC,KAAAA;AAClD,aAAO1B,QAAQC,OAAOC,MAAM,wDAAwDwB,MAAMC,SAAQ,CAAA,CAAA;IACpG;AAEA,UAAMS,aAA4C;MAChDJ,KAAKhB,OAAOgB;MACZK,iBAAiBE,OAAOR;MACxBG,MAAM;QAACK;;MACPD,UAAU,CAAA;IACZ;AACAnD,UAAM,WAAWiD,WAAWJ,GAAG;AAC/B,WAAOI;EACT;EAEA,MAAMiB,iBACJC,MACA9C,SACsB;AACtB,UAAM,IAAIN,MAAM,oDAAA;EAClB;EAEA,MAAMqD,iBAAiBnB,YAAyB5B,SAAqC;AACnF,eAAW,EAAEuB,IAAG,KAAMK,WAAWF,MAAM;AACrC,YAAM1B,QAAQgD,MAAMC,iBAAiB;QAAE1B;MAAI,CAAA;IAC7C;AACA,WAAO;EACT;EAEA,MAAM2B,OAAO,EAAEtB,YAAYP,KAAKlC,QAAO,GAA2Da,SAAiC;AACjI,WAAO;MAAEmD,SAAS;IAAK;EACzB;EAEA,MAAMC,WAAW,EAAExB,YAAYyB,SAASlE,QAAO,GAAmEa,SAAiC;AACjJ,WAAO;MAAEmD,SAAS;IAAK;EACzB;EAEA,MAAMG,UAAUR,MAA+D9C,SAAiC;AAC9G,WAAO;MAAEmD,SAAS;IAAK;EACzB;EAEA,MAAMI,cAAcT,MAA8D9C,SAAiC;AACjH,WAAO;MAAEmD,SAAS;IAAK;EACzB;AACF;AAEA,IAAMK,YAAY;EAChBC,KAAK;EACLC,SAAS;EACTC,QAAQ;EACRC,WAAW;EACXC,WAAW;EACXC,YAAY;EACZC,YAAY;AACd;AAEA,IAAM7B,YAAY,wBAAC,EAAET,cAAcL,UAAU,YAAW,MAAgD;AACtG,QAAM4C,YAAYR,UAAUpC,OAAAA;AAG5B,SACGD,aAAS8C,UAAUC,OAAO,aAAaC,WAAWC,UAAUJ,WAAuCK,eAAW5C,cAAc,KAAA,CAAA,CAAA,CAAA,EAC5HN,SAAQ;AACb,GAPkB;;;ACzPlB,OAAOmD,YAAW;AAElB,IAAMC,gBAA6B,8BACjCC,QACAC,SACAC,WACAC,YAAAA;AAEA,MAAI;AACF,UAAMC,UAAkB;AAExB,UAAMC,WAAW,MAAMC,OAAM,GAAGF,OAAAA,oBAA2BJ,MAAAA,EAAQ;AACnE,QAAI,CAACK,SAASE,IAAI;AAChB,YAAM,IAAIC,MAAM,kCAAkCH,SAASI,UAAU;IACvE;AACA,UAAMC,SAAS,MAAML,SAASM,KAAI;AAClC,WAAOD;EACT,SAASE,KAAU;AACjB,WAAO;MACLC,qBAAqB,CAAC;MACtBC,uBAAuB;QAAEC,OAAO;QAAcC,SAASJ,IAAIK,SAAQ;MAAG;MACtEC,aAAa;IACf;EACF;AACF,GAtBmC;AA6B5B,SAASC,oBAAAA;AACd,SAAO;IAAEC,KAAKrB;EAAc;AAC9B;AAFgBoB;","names":["importProvidedOrGeneratedKey","AbstractIdentifierProvider","fetch","Multibase","Multicodec","u8a","Debug","debug","Debug","OYDID_REGISTRAR_URL","OydDIDProvider","AbstractIdentifierProvider","defaultKms","cmsmCallbackOpts","constructor","options","clientManagedSecretMode","assertedKms","kms","length","Promise","reject","Error","result","find","k","createIdentifier","alias","context","resolvedKms","cmsm","enabled","createIdentifierWithCMSM","body","key_type","type","didDoc","response","fetch","method","headers","JSON","stringify","ok","statusText","json","error","toString","keyType","key","importProvidedOrGeneratedKey","kid","did","publicKeyHex","keys","privateKeyHex","identifier","controllerKeyId","services","pubKey","publicKeyCallback","create","base58btc","console","log","signValue","body_create","sign","signature","signCallback","body_signed","sig","text","updateIdentifier","args","deleteIdentifier","agent","keyManagerDelete","addKey","success","addService","service","removeKey","removeService","keyCodecs","RSA","Ed25519","X25519","Secp256k1","Secp256r1","Bls12381G1","Bls12381G2","codecName","Multibase","encode","Multicodec","addPrefix","fromString","fetch","resolveDidOyd","didUrl","_parsed","_resolver","options","baseUrl","response","fetch","ok","Error","statusText","didDoc","json","err","didDocumentMetadata","didResolutionMetadata","error","message","toString","didDocument","getDidOydResolver","oyd"]}
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@sphereon/did-provider-oyd",
|
|
3
3
|
"description": "OwnYourData plugin that can enable creation and control of did:oyd identifiers.",
|
|
4
|
-
"version": "0.28.1-feature.jose.vcdm.
|
|
4
|
+
"version": "0.28.1-feature.jose.vcdm.51+e61d3fd",
|
|
5
5
|
"source": "./src/index.ts",
|
|
6
6
|
"type": "module",
|
|
7
7
|
"main": "./dist/index.cjs",
|
|
@@ -23,15 +23,22 @@
|
|
|
23
23
|
"extract-api": "sphereon dev extract-api"
|
|
24
24
|
},
|
|
25
25
|
"dependencies": {
|
|
26
|
+
"@sphereon/ssi-sdk-ext.key-utils": "0.28.1-feature.jose.vcdm.51+e61d3fd",
|
|
26
27
|
"@veramo/core": "4.2.0",
|
|
27
28
|
"@veramo/did-manager": "4.2.0",
|
|
28
29
|
"cross-fetch": "^4.0.0",
|
|
29
30
|
"debug": "^4.3.3",
|
|
30
|
-
"did-resolver": "^4.1.0"
|
|
31
|
+
"did-resolver": "^4.1.0",
|
|
32
|
+
"multibase": "^4.0.6",
|
|
33
|
+
"multicodec": "^3.2.1",
|
|
34
|
+
"uint8arrays": "^3.1.1"
|
|
31
35
|
},
|
|
32
36
|
"devDependencies": {
|
|
33
|
-
"@sphereon/ssi-sdk.
|
|
34
|
-
"@
|
|
37
|
+
"@sphereon/ssi-sdk-ext.key-manager": "0.28.1-feature.jose.vcdm.51+e61d3fd",
|
|
38
|
+
"@sphereon/ssi-sdk-ext.kms-local": "0.28.1-feature.jose.vcdm.51+e61d3fd",
|
|
39
|
+
"@sphereon/ssi-sdk.dev": "0.33.0",
|
|
40
|
+
"@types/debug": "4.1.12",
|
|
41
|
+
"@veramo/key-manager": "4.2.0",
|
|
35
42
|
"inquirer": "^9.1.4",
|
|
36
43
|
"inquirer-autocomplete-prompt": "^3.0.0",
|
|
37
44
|
"typescript": "5.8.3"
|
|
@@ -49,5 +56,5 @@
|
|
|
49
56
|
"author": "Christoph Fabianek <christoph@ownyourdata.eu>",
|
|
50
57
|
"keywords": [],
|
|
51
58
|
"license": "MIT",
|
|
52
|
-
"gitHead": "
|
|
59
|
+
"gitHead": "e61d3fd20099c2b3fb457a1227a10b63e777a90f"
|
|
53
60
|
}
|
package/src/index.ts
CHANGED
|
@@ -4,6 +4,6 @@
|
|
|
4
4
|
*
|
|
5
5
|
* @packageDocumentation
|
|
6
6
|
*/
|
|
7
|
-
export { OydDIDProvider } from './oyd-did-provider
|
|
8
|
-
export { getDidOydResolver } from './resolver
|
|
9
|
-
export * from './types/oyd-provider-types
|
|
7
|
+
export { OydDIDProvider } from './oyd-did-provider'
|
|
8
|
+
export { getDidOydResolver } from './resolver'
|
|
9
|
+
export type * from './types/oyd-provider-types'
|
package/src/oyd-did-provider.ts
CHANGED
|
@@ -1,10 +1,25 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import { importProvidedOrGeneratedKey } from '@sphereon/ssi-sdk-ext.key-utils'
|
|
2
|
+
import { IAgentContext, IIdentifier, IKey, IKeyManager, IService, TKeyType } from '@veramo/core'
|
|
2
3
|
import { AbstractIdentifierProvider } from '@veramo/did-manager'
|
|
3
|
-
import
|
|
4
|
+
import { KeyManager } from '@veramo/key-manager'
|
|
4
5
|
import fetch from 'cross-fetch'
|
|
6
|
+
import Multibase from 'multibase'
|
|
7
|
+
import Multicodec from 'multicodec'
|
|
8
|
+
|
|
9
|
+
// @ts-ignore
|
|
10
|
+
import * as u8a from 'uint8arrays'
|
|
5
11
|
|
|
6
12
|
import Debug from 'debug'
|
|
13
|
+
import type {
|
|
14
|
+
CMSMCallbackOpts,
|
|
15
|
+
OydConstructorOptions,
|
|
16
|
+
OydCreateIdentifierOptions,
|
|
17
|
+
// OydDidHoldKeysArgs,
|
|
18
|
+
OydDidSupportedKeyTypes,
|
|
19
|
+
} from './types/oyd-provider-types'
|
|
20
|
+
|
|
7
21
|
const debug = Debug('veramo:oyd-did:identifier-provider')
|
|
22
|
+
const OYDID_REGISTRAR_URL = 'https://oydid-registrar.data-container.net/1.0/createIdentifier'
|
|
8
23
|
|
|
9
24
|
type IContext = IAgentContext<IKeyManager>
|
|
10
25
|
|
|
@@ -13,23 +28,48 @@ type IContext = IAgentContext<IKeyManager>
|
|
|
13
28
|
* @public
|
|
14
29
|
*/
|
|
15
30
|
export class OydDIDProvider extends AbstractIdentifierProvider {
|
|
16
|
-
private defaultKms?: string
|
|
31
|
+
private readonly defaultKms?: string
|
|
32
|
+
private readonly cmsmCallbackOpts?: CMSMCallbackOpts
|
|
17
33
|
|
|
18
|
-
constructor(options
|
|
34
|
+
constructor(options?: OydConstructorOptions) {
|
|
19
35
|
super()
|
|
20
|
-
this.defaultKms = options
|
|
36
|
+
this.defaultKms = options?.defaultKms
|
|
37
|
+
this.cmsmCallbackOpts = options?.clientManagedSecretMode
|
|
38
|
+
}
|
|
39
|
+
|
|
40
|
+
private async assertedKms(...kms: (string | undefined)[]): Promise<string> {
|
|
41
|
+
if (!kms || kms.length === 0) {
|
|
42
|
+
return Promise.reject(Error('KMS must be provided either as a parameter or via defaultKms.'))
|
|
43
|
+
}
|
|
44
|
+
const result = kms.find((k) => !!k)
|
|
45
|
+
if (!result) {
|
|
46
|
+
return Promise.reject(Error('KMS must be provided either as a parameter or via defaultKms.'))
|
|
47
|
+
}
|
|
48
|
+
return result
|
|
21
49
|
}
|
|
22
50
|
|
|
23
51
|
async createIdentifier(
|
|
24
|
-
{ kms, options }: { kms?: string; options: OydCreateIdentifierOptions },
|
|
52
|
+
{ kms, alias, options }: { kms?: string; alias?: string; options: OydCreateIdentifierOptions },
|
|
25
53
|
context: IContext
|
|
26
54
|
): Promise<Omit<IIdentifier, 'provider'>> {
|
|
27
|
-
const
|
|
28
|
-
|
|
55
|
+
const resolvedKms = await this.assertedKms(kms, this.defaultKms)
|
|
56
|
+
|
|
57
|
+
if ((this.cmsmCallbackOpts && !options.cmsm) || (options.cmsm && options.cmsm.enabled !== false)) {
|
|
58
|
+
if (!this.cmsmCallbackOpts) {
|
|
59
|
+
return Promise.reject(Error('did:oyd: no cmsm options defined on oyd did provider, but cmsm was enabled on the call!'))
|
|
60
|
+
}
|
|
61
|
+
return await this.createIdentifierWithCMSM({ kms: resolvedKms, options }, context)
|
|
62
|
+
}
|
|
29
63
|
|
|
64
|
+
const body = {
|
|
65
|
+
options: {
|
|
66
|
+
cmsm: false,
|
|
67
|
+
key_type: options.type ?? 'Secp256r1',
|
|
68
|
+
},
|
|
69
|
+
}
|
|
30
70
|
let didDoc: any | undefined
|
|
31
71
|
try {
|
|
32
|
-
const response = await fetch(
|
|
72
|
+
const response = await fetch(OYDID_REGISTRAR_URL, {
|
|
33
73
|
method: 'POST',
|
|
34
74
|
headers: {
|
|
35
75
|
'Content-Type': 'application/json',
|
|
@@ -37,24 +77,27 @@ export class OydDIDProvider extends AbstractIdentifierProvider {
|
|
|
37
77
|
body: JSON.stringify(body),
|
|
38
78
|
})
|
|
39
79
|
if (!response.ok) {
|
|
40
|
-
|
|
80
|
+
debug('Error response from OydDID Registrar: ', response)
|
|
81
|
+
return Promise.reject(Error('Network response was not ok: ' + response.statusText))
|
|
41
82
|
}
|
|
42
83
|
didDoc = await response.json()
|
|
43
|
-
} catch (error) {
|
|
44
|
-
|
|
45
|
-
|
|
84
|
+
} catch (error: any) {
|
|
85
|
+
debug('Unexpected error from OydDID Registrar: ', error)
|
|
86
|
+
return Promise.reject(Error('There has been a problem with the fetch operation: ' + error.toString()))
|
|
46
87
|
}
|
|
47
88
|
|
|
48
|
-
const keyType: OydDidSupportedKeyTypes = options?.
|
|
49
|
-
const key = await
|
|
89
|
+
const keyType: OydDidSupportedKeyTypes = options?.type ?? 'Secp256r1'
|
|
90
|
+
const key = await importProvidedOrGeneratedKey(
|
|
50
91
|
{
|
|
51
|
-
|
|
52
|
-
|
|
92
|
+
kms: resolvedKms,
|
|
93
|
+
alias: alias ?? options.alias ?? options.kid ?? `${didDoc.did}#key-doc`,
|
|
53
94
|
options: {
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
95
|
+
key: {
|
|
96
|
+
kid: `${didDoc.did}#key-doc`,
|
|
97
|
+
type: keyType,
|
|
98
|
+
publicKeyHex: didDoc.keys[0].publicKeyHex,
|
|
99
|
+
privateKeyHex: didDoc.keys[0].privateKeyHex,
|
|
100
|
+
},
|
|
58
101
|
},
|
|
59
102
|
},
|
|
60
103
|
context
|
|
@@ -70,6 +113,100 @@ export class OydDIDProvider extends AbstractIdentifierProvider {
|
|
|
70
113
|
return identifier
|
|
71
114
|
}
|
|
72
115
|
|
|
116
|
+
async createIdentifierWithCMSM(
|
|
117
|
+
{ kms, options }: { kms?: string; options: OydCreateIdentifierOptions },
|
|
118
|
+
context: IContext
|
|
119
|
+
): Promise<Omit<IIdentifier, 'provider'>> {
|
|
120
|
+
const cmsmCallbackOpts = this.cmsmCallbackOpts
|
|
121
|
+
if (!cmsmCallbackOpts) {
|
|
122
|
+
return Promise.reject(Error('did:oyd: no cmsm options defined!'))
|
|
123
|
+
}
|
|
124
|
+
|
|
125
|
+
const assertedKms = await this.assertedKms(kms, this.defaultKms)
|
|
126
|
+
const pubKey =
|
|
127
|
+
options.key ?? (await cmsmCallbackOpts.publicKeyCallback(options.kid ?? 'default', assertedKms, options.cmsm?.create !== false, options.type)) // "default" is probably not right, TODO!!
|
|
128
|
+
const kid = pubKey.kid
|
|
129
|
+
const keyType = pubKey.type
|
|
130
|
+
const key = base58btc({ publicKeyHex: pubKey.publicKeyHex, keyType })
|
|
131
|
+
|
|
132
|
+
console.log(`Bae58 pubkey key: ${key}`)
|
|
133
|
+
let signValue: any | undefined // do the request
|
|
134
|
+
try {
|
|
135
|
+
const body_create = {
|
|
136
|
+
// specify the Identifier options for the registrar
|
|
137
|
+
key: key,
|
|
138
|
+
options: {
|
|
139
|
+
cmsm: true,
|
|
140
|
+
key_type: keyType,
|
|
141
|
+
},
|
|
142
|
+
}
|
|
143
|
+
console.log(`Create request:\n${JSON.stringify(body_create, null, 2)}\n`)
|
|
144
|
+
const response = await fetch(OYDID_REGISTRAR_URL, {
|
|
145
|
+
method: 'POST',
|
|
146
|
+
headers: {
|
|
147
|
+
'Content-Type': 'application/json',
|
|
148
|
+
},
|
|
149
|
+
body: JSON.stringify(body_create),
|
|
150
|
+
})
|
|
151
|
+
if (!response.ok) {
|
|
152
|
+
debug('Error response from OydDID Registrar: ', body_create, response)
|
|
153
|
+
return Promise.reject(Error('Network response was not ok: ' + response.statusText))
|
|
154
|
+
}
|
|
155
|
+
signValue = await response.json()
|
|
156
|
+
console.log(`Create response:\n${JSON.stringify(signValue, null, 2)}\n`)
|
|
157
|
+
} catch (error: any) {
|
|
158
|
+
console.log('Unexpected error from OydDID Registrar: ', error)
|
|
159
|
+
return Promise.reject(Error('There has been a problem with the fetch operation: ' + error.toString()))
|
|
160
|
+
}
|
|
161
|
+
|
|
162
|
+
// we received our value to sign, now we sign it!
|
|
163
|
+
const { sign } = signValue
|
|
164
|
+
const signature = await cmsmCallbackOpts.signCallback(kid, sign)
|
|
165
|
+
|
|
166
|
+
console.log(`Signature: ${signature}`)
|
|
167
|
+
|
|
168
|
+
const body_signed = {
|
|
169
|
+
key,
|
|
170
|
+
options: {
|
|
171
|
+
cmsm: true,
|
|
172
|
+
key_type: keyType,
|
|
173
|
+
sig: signature,
|
|
174
|
+
},
|
|
175
|
+
}
|
|
176
|
+
console.log(`Signed request:\n${JSON.stringify(body_signed, null, 2)}\n`)
|
|
177
|
+
|
|
178
|
+
// Object.assign(body_signed.options, options)
|
|
179
|
+
|
|
180
|
+
let didDoc: any | undefined // do the request
|
|
181
|
+
try {
|
|
182
|
+
const response = await fetch(OYDID_REGISTRAR_URL, {
|
|
183
|
+
method: 'POST',
|
|
184
|
+
headers: {
|
|
185
|
+
'Content-Type': 'application/json',
|
|
186
|
+
},
|
|
187
|
+
body: JSON.stringify(body_signed),
|
|
188
|
+
})
|
|
189
|
+
if (!response.ok) {
|
|
190
|
+
console.log(`Error response from OydDID Registrar: ${JSON.stringify(response.text)}${response.statusText}`, response)
|
|
191
|
+
debug('Error response from OydDID Registrar: ', response)
|
|
192
|
+
return Promise.reject(Error('Network response was not ok: ' + response.statusText))
|
|
193
|
+
}
|
|
194
|
+
didDoc = await response.json()
|
|
195
|
+
} catch (error: any) {
|
|
196
|
+
debug('Unexpected error from OydDID Registrar: ', error)
|
|
197
|
+
return Promise.reject(Error('There has been a problem with the fetch operation: ' + error.toString()))
|
|
198
|
+
}
|
|
199
|
+
|
|
200
|
+
const identifier: Omit<IIdentifier, 'provider'> = {
|
|
201
|
+
did: didDoc.did,
|
|
202
|
+
controllerKeyId: pubKey.kid,
|
|
203
|
+
keys: [pubKey],
|
|
204
|
+
services: [],
|
|
205
|
+
}
|
|
206
|
+
debug('Created', identifier.did)
|
|
207
|
+
return identifier
|
|
208
|
+
}
|
|
209
|
+
|
|
73
210
|
async updateIdentifier(
|
|
74
211
|
args: { did: string; kms?: string | undefined; alias?: string | undefined; options?: any },
|
|
75
212
|
context: IAgentContext<IKeyManager>
|
|
@@ -99,27 +236,85 @@ export class OydDIDProvider extends AbstractIdentifierProvider {
|
|
|
99
236
|
async removeService(args: { identifier: IIdentifier; id: string; options?: any }, context: IContext): Promise<any> {
|
|
100
237
|
return { success: true }
|
|
101
238
|
}
|
|
239
|
+
}
|
|
240
|
+
|
|
241
|
+
const keyCodecs = {
|
|
242
|
+
RSA: 'rsa-pub',
|
|
243
|
+
Ed25519: 'ed25519-pub',
|
|
244
|
+
X25519: 'x25519-pub',
|
|
245
|
+
Secp256k1: 'secp256k1-pub',
|
|
246
|
+
Secp256r1: 'p256-pub',
|
|
247
|
+
Bls12381G1: 'bls12_381-g1-pub',
|
|
248
|
+
Bls12381G2: 'bls12_381-g2-pub',
|
|
249
|
+
} as const
|
|
102
250
|
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
|
|
106
|
-
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
|
|
110
|
-
|
|
111
|
-
|
|
112
|
-
|
|
251
|
+
const base58btc = ({ publicKeyHex, keyType = 'Secp256r1' }: { publicKeyHex: string; keyType?: TKeyType }): string => {
|
|
252
|
+
const codecName = keyCodecs[keyType]
|
|
253
|
+
|
|
254
|
+
// methodSpecificId = bytesToMultibase({bytes: u8a.fromString(key.publicKeyHex, 'hex'), codecName})
|
|
255
|
+
return u8a
|
|
256
|
+
.toString(Multibase.encode('base58btc', Multicodec.addPrefix(codecName as Multicodec.CodecName, u8a.fromString(publicKeyHex, 'hex'))))
|
|
257
|
+
.toString()
|
|
258
|
+
}
|
|
259
|
+
|
|
260
|
+
export function defaultOydCmsmPublicKeyCallback(
|
|
261
|
+
keyManager: KeyManager
|
|
262
|
+
): (kid: string, kms?: string, create?: boolean, createKeyType?: TKeyType) => Promise<IKey> {
|
|
263
|
+
return async (kid: string, kms?: string, create?: boolean, createKeyType?: TKeyType): Promise<IKey> => {
|
|
264
|
+
try {
|
|
265
|
+
const existing = await keyManager.keyManagerGet({ kid })
|
|
266
|
+
if (existing) {
|
|
267
|
+
return existing
|
|
268
|
+
}
|
|
269
|
+
} catch (error: any) {}
|
|
270
|
+
if (create) {
|
|
271
|
+
if (!kms) {
|
|
272
|
+
return Promise.reject(Error('No KMS provided, whilst creating a new key!'))
|
|
273
|
+
}
|
|
274
|
+
const alias = kid ?? `oyd-${new Date().toISOString()}`
|
|
275
|
+
|
|
276
|
+
const agent = keyManager
|
|
277
|
+
const key = await importProvidedOrGeneratedKey(
|
|
278
|
+
{
|
|
279
|
+
kms,
|
|
280
|
+
alias,
|
|
281
|
+
options: {
|
|
282
|
+
key: {
|
|
283
|
+
type: createKeyType ?? 'Secp256r1',
|
|
284
|
+
},
|
|
285
|
+
},
|
|
113
286
|
},
|
|
114
|
-
|
|
287
|
+
{
|
|
288
|
+
//@ts-ignore
|
|
289
|
+
agent,
|
|
290
|
+
}
|
|
291
|
+
)
|
|
292
|
+
return key
|
|
293
|
+
|
|
294
|
+
// return await keyManager.keyManagerCreate({ kms, type: createKeyType ?? 'Secp256r1' })
|
|
115
295
|
}
|
|
116
|
-
return
|
|
117
|
-
|
|
118
|
-
|
|
119
|
-
|
|
120
|
-
|
|
121
|
-
|
|
122
|
-
|
|
123
|
-
|
|
296
|
+
return Promise.reject(Error('No existing key found, and create is false!'))
|
|
297
|
+
}
|
|
298
|
+
}
|
|
299
|
+
|
|
300
|
+
export function defaultOydCmsmSignCallback(keyManager: KeyManager): (kid: string, data: string) => Promise<string> {
|
|
301
|
+
return async (kid: string, data: string): Promise<string> => {
|
|
302
|
+
return keyManager.keyManagerSign({ keyRef: kid, data, encoding: 'utf-8' })
|
|
303
|
+
}
|
|
304
|
+
}
|
|
305
|
+
|
|
306
|
+
export class DefaultOydCmsmCallbacks implements CMSMCallbackOpts {
|
|
307
|
+
private readonly keyManager: KeyManager
|
|
308
|
+
|
|
309
|
+
constructor(keyManager: KeyManager) {
|
|
310
|
+
this.keyManager = keyManager
|
|
311
|
+
}
|
|
312
|
+
|
|
313
|
+
publicKeyCallback(kid: string, kms?: string, create?: boolean, createKeyType?: TKeyType): Promise<IKey> {
|
|
314
|
+
return defaultOydCmsmPublicKeyCallback(this.keyManager)(kid, kms, create, createKeyType)
|
|
315
|
+
}
|
|
316
|
+
|
|
317
|
+
signCallback(kid: string, value: string): Promise<string> {
|
|
318
|
+
return defaultOydCmsmSignCallback(this.keyManager)(kid, value)
|
|
124
319
|
}
|
|
125
320
|
}
|
|
@@ -1,11 +1,27 @@
|
|
|
1
|
+
import { IKey, TKeyType } from '@veramo/core'
|
|
2
|
+
|
|
3
|
+
export type OydConstructorOptions = {
|
|
4
|
+
defaultKms?: string
|
|
5
|
+
clientManagedSecretMode?: CMSMCallbackOpts
|
|
6
|
+
}
|
|
7
|
+
|
|
1
8
|
export type OydCreateIdentifierOptions = {
|
|
2
|
-
|
|
9
|
+
type?: OydDidSupportedKeyTypes
|
|
3
10
|
privateKeyHex?: string
|
|
11
|
+
kid?: string
|
|
12
|
+
alias?: string
|
|
4
13
|
keyUse?: KeyUse
|
|
14
|
+
cmsm?: CmsmOptions
|
|
15
|
+
key?: IKey // Use the supplied key instead of looking it up in the KMS or creating a new one
|
|
16
|
+
}
|
|
17
|
+
|
|
18
|
+
export type CmsmOptions = {
|
|
19
|
+
enabled: boolean
|
|
20
|
+
create?: boolean
|
|
5
21
|
}
|
|
6
22
|
|
|
7
23
|
export type OydDidHoldKeysArgs = {
|
|
8
|
-
kms
|
|
24
|
+
kms?: string
|
|
9
25
|
options: HoldKeysOpts
|
|
10
26
|
}
|
|
11
27
|
|
|
@@ -16,7 +32,12 @@ type HoldKeysOpts = {
|
|
|
16
32
|
privateKeyHex?: string
|
|
17
33
|
}
|
|
18
34
|
|
|
19
|
-
export
|
|
35
|
+
export type CMSMCallbackOpts = {
|
|
36
|
+
publicKeyCallback: (kid: string, kms?: string, create?: boolean, createKeyType?: TKeyType) => Promise<IKey>
|
|
37
|
+
signCallback: (kid: string, value: string) => Promise<string>
|
|
38
|
+
}
|
|
39
|
+
|
|
40
|
+
enum SupportedKeyTypes {
|
|
20
41
|
Secp256r1 = 'Secp256r1',
|
|
21
42
|
Secp256k1 = 'Secp256k1',
|
|
22
43
|
Ed25519 = 'Ed25519',
|