@sphereon/oid4vc-common 0.16.1-next.25 → 0.16.1-next.29
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"JwtVerifier.d.ts","sourceRoot":"","sources":["../../lib/jwt/JwtVerifier.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,GAAG,EAAE,SAAS,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,IAAI,CAAC;AAE7D,OAAO,EAAE,mBAAmB,EAAE,OAAO,EAAE,MAAM,YAAY,CAAC;AAE1D,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,OAAO,CAAC;IACd,MAAM,EAAE,mBAAmB,CAAC;CAC7B;AAED,MAAM,WAAW,cAAe,SAAQ,eAAe;IACrD,MAAM,EAAE,KAAK,CAAC;IAEd,GAAG,EAAE,WAAW,GAAG,MAAM,CAAC;IAC1B,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,cAAe,SAAQ,eAAe;IACrD,MAAM,EAAE,KAAK,CAAC;IAEd,GAAG,EAAE,WAAW,GAAG,MAAM,CAAC;IAE1B;;;;;OAKG;IACH,GAAG,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IAEnB;;OAEG;IACH,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,2BAA4B,SAAQ,eAAe;IAClE,MAAM,EAAE,mBAAmB,CAAC;IAE5B;;OAEG;IACH,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,cAAe,SAAQ,eAAe;IACrD,MAAM,EAAE,KAAK,CAAC;IACd,GAAG,EAAE,WAAW,GAAG,MAAM,CAAC;IAE1B,GAAG,EAAE,GAAG,CAAC;CACV;AAED,MAAM,WAAW,iBAAkB,SAAQ,eAAe;IACxD,MAAM,EAAE,QAAQ,CAAC;CAClB;AAED,MAAM,MAAM,WAAW,GAAG,cAAc,GAAG,cAAc,GAAG,iBAAiB,GAAG,cAAc,GAAG,2BAA2B,CAAC;AAE7H,eAAO,MAAM,iBAAiB,QAAS;IAAE,MAAM,EAAE,SAAS,CAAC;IAAC,OAAO,EAAE,UAAU,CAAA;CAAE,WAAW;IAAE,IAAI,EAAE,OAAO,CAAA;CAAE,KAAG,cAS/G,CAAC;
|
|
1
|
+
{"version":3,"file":"JwtVerifier.d.ts","sourceRoot":"","sources":["../../lib/jwt/JwtVerifier.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,GAAG,EAAE,SAAS,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,IAAI,CAAC;AAE7D,OAAO,EAAE,mBAAmB,EAAE,OAAO,EAAE,MAAM,YAAY,CAAC;AAE1D,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,OAAO,CAAC;IACd,MAAM,EAAE,mBAAmB,CAAC;CAC7B;AAED,MAAM,WAAW,cAAe,SAAQ,eAAe;IACrD,MAAM,EAAE,KAAK,CAAC;IAEd,GAAG,EAAE,WAAW,GAAG,MAAM,CAAC;IAC1B,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,cAAe,SAAQ,eAAe;IACrD,MAAM,EAAE,KAAK,CAAC;IAEd,GAAG,EAAE,WAAW,GAAG,MAAM,CAAC;IAE1B;;;;;OAKG;IACH,GAAG,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IAEnB;;OAEG;IACH,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,2BAA4B,SAAQ,eAAe;IAClE,MAAM,EAAE,mBAAmB,CAAC;IAE5B;;OAEG;IACH,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,cAAe,SAAQ,eAAe;IACrD,MAAM,EAAE,KAAK,CAAC;IACd,GAAG,EAAE,WAAW,GAAG,MAAM,CAAC;IAE1B,GAAG,EAAE,GAAG,CAAC;CACV;AAED,MAAM,WAAW,iBAAkB,SAAQ,eAAe;IACxD,MAAM,EAAE,QAAQ,CAAC;CAClB;AAED,MAAM,MAAM,WAAW,GAAG,cAAc,GAAG,cAAc,GAAG,iBAAiB,GAAG,cAAc,GAAG,2BAA2B,CAAC;AAE7H,eAAO,MAAM,iBAAiB,QAAS;IAAE,MAAM,EAAE,SAAS,CAAC;IAAC,OAAO,EAAE,UAAU,CAAA;CAAE,WAAW;IAAE,IAAI,EAAE,OAAO,CAAA;CAAE,KAAG,cAS/G,CAAC;AAiBF,eAAO,MAAM,cAAc,QAAS;IAAE,MAAM,EAAE,SAAS,CAAC;IAAC,OAAO,EAAE,UAAU,CAAA;CAAE,WAAW;IAAE,IAAI,EAAE,OAAO,CAAA;CAAE,KAAG,cAgB5G,CAAC;AAEF,eAAO,MAAM,cAAc,QAAe;IAAE,MAAM,EAAE,SAAS,CAAC;IAAC,OAAO,EAAE,UAAU,CAAA;CAAE,WAAW;IAAE,IAAI,EAAE,OAAO,CAAA;CAAE,KAAG,QAAQ,cAAc,CAUxI,CAAC;AAEF,eAAO,MAAM,yBAAyB,QAC/B;IAAE,MAAM,EAAE,SAAS,CAAC;IAAC,OAAO,EAAE,UAAU,CAAA;CAAE,WACtC;IAAE,IAAI,EAAE,OAAO,CAAA;CAAE,KACzB,QAAQ,WAAW,CAQrB,CAAC;AAEF,MAAM,MAAM,qBAAqB,CAAC,CAAC,SAAS,WAAW,IAAI,CACzD,WAAW,EAAE,CAAC,EACd,GAAG,EAAE;IAAE,MAAM,EAAE,SAAS,CAAC;IAAC,OAAO,EAAE,UAAU,CAAC;IAAC,GAAG,EAAE,MAAM,CAAA;CAAE,KACzD,OAAO,CAAC,OAAO,CAAC,CAAC"}
|
package/dist/jwt/JwtVerifier.js
CHANGED
|
@@ -22,6 +22,19 @@ const getDidJwtVerifier = (jwt, options) => {
|
|
|
22
22
|
return { method: 'did', didUrl: jwt.header.kid, type: type, alg: jwt.header.alg };
|
|
23
23
|
};
|
|
24
24
|
exports.getDidJwtVerifier = getDidJwtVerifier;
|
|
25
|
+
const getIssuer = (type, payload) => {
|
|
26
|
+
// For 'request-object' the `iss` value is not required so we map the issuer to client_id
|
|
27
|
+
if (type === 'request-object') {
|
|
28
|
+
if (!payload.client_id) {
|
|
29
|
+
throw new Error('Missing required field client_id in request object JWT');
|
|
30
|
+
}
|
|
31
|
+
return payload.client_id;
|
|
32
|
+
}
|
|
33
|
+
if (typeof payload.iss !== 'string') {
|
|
34
|
+
throw new Error(`Received an invalid JWT. '${type}' contains an invalid iss claim or it is missing.`);
|
|
35
|
+
}
|
|
36
|
+
return payload.iss;
|
|
37
|
+
};
|
|
25
38
|
const getX5cVerifier = (jwt, options) => {
|
|
26
39
|
const { type } = options;
|
|
27
40
|
if (!jwt.header.x5c)
|
|
@@ -31,10 +44,13 @@ const getX5cVerifier = (jwt, options) => {
|
|
|
31
44
|
if (!Array.isArray(jwt.header.x5c) || jwt.header.x5c.length === 0 || !jwt.header.x5c.every((cert) => typeof cert === 'string')) {
|
|
32
45
|
throw new Error(`Received an invalid JWT.. '${type}' contains an invalid x5c header.`);
|
|
33
46
|
}
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
47
|
+
return {
|
|
48
|
+
method: 'x5c',
|
|
49
|
+
x5c: jwt.header.x5c,
|
|
50
|
+
issuer: getIssuer(type, jwt.payload),
|
|
51
|
+
type: type,
|
|
52
|
+
alg: jwt.header.alg,
|
|
53
|
+
};
|
|
38
54
|
};
|
|
39
55
|
exports.getX5cVerifier = getX5cVerifier;
|
|
40
56
|
const getJwkVerifier = (jwt, options) => __awaiter(void 0, void 0, void 0, function* () {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"JwtVerifier.js","sourceRoot":"","sources":["../../lib/jwt/JwtVerifier.ts"],"names":[],"mappings":";;;;;;;;;;;;AAyDO,MAAM,iBAAiB,GAAG,CAAC,GAA+C,EAAE,OAA0B,EAAkB,EAAE;IAC/H,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC;IACzB,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IACrF,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IAErF,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QAClC,MAAM,IAAI,KAAK,CAAC,8BAA8B,IAAI,mCAAmC,CAAC,CAAC;IACzF,CAAC;IACD,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;AACpF,CAAC,CAAC;AATW,QAAA,iBAAiB,qBAS5B;AAEK,MAAM,cAAc,GAAG,CAAC,GAA+C,EAAE,OAA0B,EAAkB,EAAE;IAC5H,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC;IACzB,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IACrF,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IAErF,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,OAAO,IAAI,KAAK,QAAQ,CAAC,EAAE,CAAC;QAC/H,MAAM,IAAI,KAAK,CAAC,8BAA8B,IAAI,mCAAmC,CAAC,CAAC;IACzF,CAAC;IAED,
|
|
1
|
+
{"version":3,"file":"JwtVerifier.js","sourceRoot":"","sources":["../../lib/jwt/JwtVerifier.ts"],"names":[],"mappings":";;;;;;;;;;;;AAyDO,MAAM,iBAAiB,GAAG,CAAC,GAA+C,EAAE,OAA0B,EAAkB,EAAE;IAC/H,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC;IACzB,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IACrF,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IAErF,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QAClC,MAAM,IAAI,KAAK,CAAC,8BAA8B,IAAI,mCAAmC,CAAC,CAAC;IACzF,CAAC;IACD,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;AACpF,CAAC,CAAC;AATW,QAAA,iBAAiB,qBAS5B;AAEF,MAAM,SAAS,GAAG,CAAC,IAAa,EAAE,OAAmB,EAAU,EAAE;IAC/D,yFAAyF;IACzF,IAAI,IAAI,KAAK,gBAAgB,EAAE,CAAC;QAC9B,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC;YACvB,MAAM,IAAI,KAAK,CAAC,wDAAwD,CAAC,CAAC;QAC5E,CAAC;QACD,OAAO,OAAO,CAAC,SAAmB,CAAC;IACrC,CAAC;IAED,IAAI,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ,EAAE,CAAC;QACpC,MAAM,IAAI,KAAK,CAAC,6BAA6B,IAAI,mDAAmD,CAAC,CAAC;IACxG,CAAC;IACD,OAAO,OAAO,CAAC,GAAG,CAAC;AACrB,CAAC,CAAC;AAEK,MAAM,cAAc,GAAG,CAAC,GAA+C,EAAE,OAA0B,EAAkB,EAAE;IAC5H,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC;IACzB,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IACrF,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IAErF,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,OAAO,IAAI,KAAK,QAAQ,CAAC,EAAE,CAAC;QAC/H,MAAM,IAAI,KAAK,CAAC,8BAA8B,IAAI,mCAAmC,CAAC,CAAC;IACzF,CAAC;IAED,OAAO;QACL,MAAM,EAAE,KAAK;QACb,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,GAAG;QACnB,MAAM,EAAE,SAAS,CAAC,IAAI,EAAE,GAAG,CAAC,OAAO,CAAC;QACpC,IAAI,EAAE,IAAI;QACV,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,GAAG;KACpB,CAAC;AACJ,CAAC,CAAC;AAhBW,QAAA,cAAc,kBAgBzB;AAEK,MAAM,cAAc,GAAG,CAAO,GAA+C,EAAE,OAA0B,EAA2B,EAAE;IAC3I,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC;IACzB,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;IACtF,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IAErF,IAAI,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,KAAK,QAAQ,EAAE,CAAC;QACvC,MAAM,IAAI,KAAK,CAAC,6BAA6B,IAAI,mCAAmC,CAAC,CAAC;IACxF,CAAC;IAED,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;AAC3E,CAAC,CAAA,CAAC;AAVW,QAAA,cAAc,kBAUzB;AAEK,MAAM,yBAAyB,GAAG,CACvC,GAA+C,EAC/C,OAA0B,EACJ,EAAE;;IACxB,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,GAAG,CAAC;IAEhC,IAAI,MAAA,MAAM,CAAC,GAAG,0CAAE,UAAU,CAAC,MAAM,CAAC;QAAE,OAAO,IAAA,yBAAiB,EAAC,EAAE,MAAM,EAAE,OAAO,EAAE,EAAE,OAAO,CAAC,CAAC;SACtF,IAAI,GAAG,CAAC,MAAM,CAAC,GAAG;QAAE,OAAO,IAAA,sBAAc,EAAC,EAAE,MAAM,EAAE,OAAO,EAAE,EAAE,OAAO,CAAC,CAAC;SACxE,IAAI,GAAG,CAAC,MAAM,CAAC,GAAG;QAAE,OAAO,IAAA,sBAAc,EAAC,EAAE,MAAM,EAAE,OAAO,EAAE,EAAE,OAAO,CAAC,CAAC;IAE7E,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,OAAO,CAAC,IAAI,EAAE,CAAC;AAClD,CAAC,CAAA,CAAC;AAXW,QAAA,yBAAyB,6BAWpC"}
|
package/lib/jwt/JwtVerifier.ts
CHANGED
|
@@ -66,6 +66,21 @@ export const getDidJwtVerifier = (jwt: { header: JwtHeader; payload: JwtPayload
|
|
|
66
66
|
return { method: 'did', didUrl: jwt.header.kid, type: type, alg: jwt.header.alg };
|
|
67
67
|
};
|
|
68
68
|
|
|
69
|
+
const getIssuer = (type: JwtType, payload: JwtPayload): string => {
|
|
70
|
+
// For 'request-object' the `iss` value is not required so we map the issuer to client_id
|
|
71
|
+
if (type === 'request-object') {
|
|
72
|
+
if (!payload.client_id) {
|
|
73
|
+
throw new Error('Missing required field client_id in request object JWT');
|
|
74
|
+
}
|
|
75
|
+
return payload.client_id as string;
|
|
76
|
+
}
|
|
77
|
+
|
|
78
|
+
if (typeof payload.iss !== 'string') {
|
|
79
|
+
throw new Error(`Received an invalid JWT. '${type}' contains an invalid iss claim or it is missing.`);
|
|
80
|
+
}
|
|
81
|
+
return payload.iss;
|
|
82
|
+
};
|
|
83
|
+
|
|
69
84
|
export const getX5cVerifier = (jwt: { header: JwtHeader; payload: JwtPayload }, options: { type: JwtType }): X5cJwtVerifier => {
|
|
70
85
|
const { type } = options;
|
|
71
86
|
if (!jwt.header.x5c) throw new Error(`Received an invalid JWT. Missing x5c header.`);
|
|
@@ -75,11 +90,13 @@ export const getX5cVerifier = (jwt: { header: JwtHeader; payload: JwtPayload },
|
|
|
75
90
|
throw new Error(`Received an invalid JWT.. '${type}' contains an invalid x5c header.`);
|
|
76
91
|
}
|
|
77
92
|
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
93
|
+
return {
|
|
94
|
+
method: 'x5c',
|
|
95
|
+
x5c: jwt.header.x5c,
|
|
96
|
+
issuer: getIssuer(type, jwt.payload),
|
|
97
|
+
type: type,
|
|
98
|
+
alg: jwt.header.alg,
|
|
99
|
+
};
|
|
83
100
|
};
|
|
84
101
|
|
|
85
102
|
export const getJwkVerifier = async (jwt: { header: JwtHeader; payload: JwtPayload }, options: { type: JwtType }): Promise<JwkJwtVerifier> => {
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@sphereon/oid4vc-common",
|
|
3
|
-
"version": "0.16.1-next.
|
|
3
|
+
"version": "0.16.1-next.29+b9236ad",
|
|
4
4
|
"description": "OpenID 4 Verifiable Credentials Common",
|
|
5
5
|
"source": "lib/index.ts",
|
|
6
6
|
"main": "dist/index.js",
|
|
@@ -52,5 +52,5 @@
|
|
|
52
52
|
"publishConfig": {
|
|
53
53
|
"access": "public"
|
|
54
54
|
},
|
|
55
|
-
"gitHead": "
|
|
55
|
+
"gitHead": "b9236ad206b2d438c9a8a5dcbe3c6a1df91f7ed8"
|
|
56
56
|
}
|