@sphereon/oid4vci-client 0.10.3 → 0.10.4-next.14

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (45) hide show
  1. package/README.md +18 -0
  2. package/dist/AccessTokenClient.d.ts.map +1 -1
  3. package/dist/AccessTokenClient.js +11 -16
  4. package/dist/AccessTokenClient.js.map +1 -1
  5. package/dist/CredentialOfferClient.d.ts.map +1 -1
  6. package/dist/CredentialOfferClient.js +8 -7
  7. package/dist/CredentialOfferClient.js.map +1 -1
  8. package/dist/CredentialRequestClient.d.ts +6 -1
  9. package/dist/CredentialRequestClient.d.ts.map +1 -1
  10. package/dist/CredentialRequestClient.js +42 -19
  11. package/dist/CredentialRequestClient.js.map +1 -1
  12. package/dist/MetadataClient.d.ts.map +1 -1
  13. package/dist/MetadataClient.js +1 -2
  14. package/dist/MetadataClient.js.map +1 -1
  15. package/dist/ProofOfPossessionBuilder.d.ts.map +1 -1
  16. package/dist/ProofOfPossessionBuilder.js +1 -2
  17. package/dist/ProofOfPossessionBuilder.js.map +1 -1
  18. package/dist/functions/index.d.ts +1 -3
  19. package/dist/functions/index.d.ts.map +1 -1
  20. package/dist/functions/index.js +1 -3
  21. package/dist/functions/index.js.map +1 -1
  22. package/dist/types/index.d.ts +2 -0
  23. package/dist/types/index.d.ts.map +1 -1
  24. package/dist/types/index.js +5 -0
  25. package/dist/types/index.js.map +1 -1
  26. package/lib/AccessTokenClient.ts +12 -13
  27. package/lib/CredentialOfferClient.ts +7 -5
  28. package/lib/CredentialRequestClient.ts +43 -3
  29. package/lib/MetadataClient.ts +1 -2
  30. package/lib/ProofOfPossessionBuilder.ts +1 -2
  31. package/lib/__tests__/CredentialRequestClient.spec.ts +5 -1
  32. package/lib/__tests__/HttpUtils.spec.ts +1 -1
  33. package/lib/__tests__/IT.spec.ts +42 -3
  34. package/lib/__tests__/IssuanceInitiation.spec.ts +22 -0
  35. package/lib/__tests__/ProofOfPossessionBuilder.spec.ts +1 -1
  36. package/lib/__tests__/SdJwt.spec.ts +2 -1
  37. package/lib/__tests__/SphereonE2E.spec.test.ts +2 -1
  38. package/lib/functions/index.ts +1 -3
  39. package/lib/types/index.ts +6 -0
  40. package/package.json +4 -4
  41. package/dist/functions/ProofUtil.d.ts +0 -30
  42. package/dist/functions/ProofUtil.d.ts.map +0 -1
  43. package/dist/functions/ProofUtil.js +0 -106
  44. package/dist/functions/ProofUtil.js.map +0 -1
  45. package/lib/functions/ProofUtil.ts +0 -128
package/lib/functions/ProofUtil.ts DELETED
@@ -1,128 +0,0 @@
1
- import {
2
- BAD_PARAMS,
3
- BaseJWK,
4
- JWK,
5
- JWS_NOT_VALID,
6
- Jwt,
7
- JWTHeader,
8
- JWTPayload,
9
- ProofOfPossession,
10
- ProofOfPossessionCallbacks,
11
- Typ,
12
- } from '@sphereon/oid4vci-common';
13
- import Debug from 'debug';
14
-
15
- const debug = Debug('sphereon:openid4vci:token');
16
-
17
- /**
18
- *
19
- * - proofOfPossessionCallback: JWTSignerCallback
20
- * Mandatory if you want to create (sign) ProofOfPossession
21
- * - proofOfPossessionVerifierCallback?: JWTVerifyCallback
22
- * If exists, verifies the ProofOfPossession
23
- * - proofOfPossessionCallbackArgs: ProofOfPossessionCallbackArgs
24
- * arguments needed for signing ProofOfPossession
25
- * @param callbacks:
26
- * - proofOfPossessionCallback: JWTSignerCallback
27
- * Mandatory to create (sign) ProofOfPossession
28
- * - proofOfPossessionVerifierCallback?: JWTVerifyCallback
29
- * If exists, verifies the ProofOfPossession
30
- * @param jwtProps
31
- * @param existingJwt
32
- * - Optional, clientId of the party requesting the credential
33
- */
34
- export const createProofOfPossession = async <DIDDoc>(
35
- callbacks: ProofOfPossessionCallbacks<DIDDoc>,
36
- jwtProps?: JwtProps,
37
- existingJwt?: Jwt,
38
- ): Promise<ProofOfPossession> => {
39
- if (!callbacks.signCallback) {
40
- debug(`no jwt signer callback or arguments supplied!`);
41
- throw new Error(BAD_PARAMS);
42
- }
43
-
44
- const signerArgs = createJWT(jwtProps, existingJwt);
45
- const jwt = await callbacks.signCallback(signerArgs, signerArgs.header.kid);
46
- const proof = {
47
- proof_type: 'jwt',
48
- jwt,
49
- } as ProofOfPossession;
50
-
51
- try {
52
- partiallyValidateJWS(jwt);
53
- if (callbacks.verifyCallback) {
54
- debug(`Calling supplied verify callback....`);
55
- await callbacks.verifyCallback({ jwt, kid: signerArgs.header.kid });
56
- debug(`Supplied verify callback return success result`);
57
- }
58
- } catch {
59
- debug(`JWS was not valid`);
60
- throw new Error(JWS_NOT_VALID);
61
- }
62
- debug(`Proof of Possession JWT:\r\n${jwt}`);
63
- return proof;
64
- };
65
-
66
- const partiallyValidateJWS = (jws: string): void => {
67
- if (jws.split('.').length !== 3 || !jws.startsWith('ey')) {
68
- throw new Error(JWS_NOT_VALID);
69
- }
70
- };
71
-
72
- export interface JwtProps {
73
- typ?: Typ;
74
- kid?: string;
75
- jwk?: JWK;
76
- issuer?: string;
77
- clientId?: string;
78
- alg?: string;
79
- jti?: string;
80
- nonce?: string;
81
- }
82
-
83
- const createJWT = (jwtProps?: JwtProps, existingJwt?: Jwt): Jwt => {
84
- const aud = getJwtProperty<string | string[]>('aud', true, jwtProps?.issuer, existingJwt?.payload?.aud);
85
- const iss = getJwtProperty<string>('iss', false, jwtProps?.clientId, existingJwt?.payload?.iss);
86
- const jti = getJwtProperty<string>('jti', false, jwtProps?.jti, existingJwt?.payload?.jti);
87
- const typ = getJwtProperty<string>('typ', true, jwtProps?.typ, existingJwt?.header?.typ, 'jwt');
88
- const nonce = getJwtProperty<string>('nonce', false, jwtProps?.nonce, existingJwt?.payload?.nonce); // Officially this is required, but some implementations don't have it
89
- // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
90
- const alg = getJwtProperty<string>('alg', false, jwtProps?.alg, existingJwt?.header?.alg, 'ES256')!;
91
- const kid = getJwtProperty<string>('kid', false, jwtProps?.kid, existingJwt?.header?.kid);
92
- const jwk = getJwtProperty<BaseJWK>('jwk', false, jwtProps?.jwk, existingJwt?.header?.jwk);
93
- const jwt: Partial<Jwt> = existingJwt ? existingJwt : {};
94
- const now = +new Date();
95
- const jwtPayload: Partial<JWTPayload> = {
96
- aud,
97
- iat: jwt.payload?.iat ?? Math.round(now / 1000 - 60), // Let's ensure we subtract 60 seconds for potential time offsets
98
- exp: jwt.payload?.exp ?? Math.round(now / 1000 + 10 * 60),
99
- nonce,
100
- ...(iss ? { iss } : {}),
101
- ...(jti ? { jti } : {}),
102
- };
103
-
104
- const jwtHeader: JWTHeader = {
105
- typ,
106
- alg,
107
- kid,
108
- jwk,
109
- };
110
- return {
111
- payload: { ...jwt.payload, ...jwtPayload },
112
- header: { ...jwt.header, ...jwtHeader },
113
- };
114
- };
115
-
116
- const getJwtProperty = <T>(propertyName: string, required: boolean, option?: string | JWK, jwtProperty?: T, defaultValue?: T): T | undefined => {
117
- if (typeof option === 'string' && option && jwtProperty && option !== jwtProperty) {
118
- throw Error(`Cannot have a property '${propertyName}' with value '${option}' and different JWT value '${jwtProperty}' at the same time`);
119
- }
120
- let result = (jwtProperty ? jwtProperty : option) as T | undefined;
121
- if (!result) {
122
- if (required) {
123
- throw Error(`No ${propertyName} property provided either in a JWT or as option`);
124
- }
125
- result = defaultValue;
126
- }
127
- return result;
128
- };