@sphereon/ssi-sdk-ext.did-utils 0.28.1-feature.oyd.cmsm.improv.21 → 0.28.1-next.53

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (18) hide show
  1. package/dist/index.cjs +766 -0
  2. package/dist/index.cjs.map +1 -0
  3. package/dist/index.d.cts +272 -0
  4. package/dist/index.d.ts +272 -3
  5. package/dist/index.js +733 -17
  6. package/dist/index.js.map +1 -1
  7. package/package.json +27 -15
  8. package/src/did-functions.ts +781 -764
  9. package/src/types.ts +4 -4
  10. package/dist/did-functions.d.ts +0 -190
  11. package/dist/did-functions.d.ts.map +0 -1
  12. package/dist/did-functions.js +0 -817
  13. package/dist/did-functions.js.map +0 -1
  14. package/dist/index.d.ts.map +0 -1
  15. package/dist/types.d.ts +0 -85
  16. package/dist/types.d.ts.map +0 -1
  17. package/dist/types.js +0 -19
  18. package/dist/types.js.map +0 -1
package/dist/did-functions.js DELETED
@@ -1,817 +0,0 @@
1
- "use strict";
2
- var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
3
- if (k2 === undefined) k2 = k;
4
- var desc = Object.getOwnPropertyDescriptor(m, k);
5
- if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
6
- desc = { enumerable: true, get: function() { return m[k]; } };
7
- }
8
- Object.defineProperty(o, k2, desc);
9
- }) : (function(o, m, k, k2) {
10
- if (k2 === undefined) k2 = k;
11
- o[k2] = m[k];
12
- }));
13
- var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
14
- Object.defineProperty(o, "default", { enumerable: true, value: v });
15
- }) : function(o, v) {
16
- o["default"] = v;
17
- });
18
- var __importStar = (this && this.__importStar) || function (mod) {
19
- if (mod && mod.__esModule) return mod;
20
- var result = {};
21
- if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
22
- __setModuleDefault(result, mod);
23
- return result;
24
- };
25
- var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
26
- function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
27
- return new (P || (P = Promise))(function (resolve, reject) {
28
- function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
29
- function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
30
- function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
31
- step((generator = generator.apply(thisArg, _arguments || [])).next());
32
- });
33
- };
34
- var __rest = (this && this.__rest) || function (s, e) {
35
- var t = {};
36
- for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p) && e.indexOf(p) < 0)
37
- t[p] = s[p];
38
- if (s != null && typeof Object.getOwnPropertySymbols === "function")
39
- for (var i = 0, p = Object.getOwnPropertySymbols(s); i < p.length; i++) {
40
- if (e.indexOf(p[i]) < 0 && Object.prototype.propertyIsEnumerable.call(s, p[i]))
41
- t[p[i]] = s[p[i]];
42
- }
43
- return t;
44
- };
45
- var __importDefault = (this && this.__importDefault) || function (mod) {
46
- return (mod && mod.__esModule) ? mod : { "default": mod };
47
- };
48
- Object.defineProperty(exports, "__esModule", { value: true });
49
- exports.getDidSigner = exports.signDidJWT = exports.AgentDIDResolver = exports.getKeys = exports.getControllerKey = exports.getEthereumAddressFromKey = exports.getFirstKeyWithRelationFromDIDDoc = exports.createIdentifier = exports.getPrimaryIdentifier = exports.getOrCreatePrimaryIdentifier = exports.getFirstKeyWithRelation = exports.getAuthenticationKey = void 0;
50
- exports.dereferenceDidKeysWithJwkSupport = dereferenceDidKeysWithJwkSupport;
51
- exports.jwkTtoPublicKeyHex = jwkTtoPublicKeyHex;
52
- exports.extractPublicKeyHexWithJwkSupport = extractPublicKeyHexWithJwkSupport;
53
- exports.isEvenHexString = isEvenHexString;
54
- exports.extractPublicKeyHex = extractPublicKeyHex;
55
- exports.verificationMethodToJwk = verificationMethodToJwk;
56
- exports.didDocumentToJwks = didDocumentToJwks;
57
- exports.mapIdentifierKeysToDocWithJwkSupport = mapIdentifierKeysToDocWithJwkSupport;
58
- exports.getAgentDIDMethods = getAgentDIDMethods;
59
- exports.getDID = getDID;
60
- exports.toDID = toDID;
61
- exports.toDIDs = toDIDs;
62
- exports.getKey = getKey;
63
- exports.determineKid = determineKid;
64
- exports.getSupportedDIDMethods = getSupportedDIDMethods;
65
- exports.getAgentResolver = getAgentResolver;
66
- exports.toDidDocument = toDidDocument;
67
- exports.toDidResolutionResult = toDidResolutionResult;
68
- exports.asDidWeb = asDidWeb;
69
- const transactions_1 = require("@ethersproject/transactions");
70
- const did_uni_client_1 = require("@sphereon/did-uni-client");
71
- const ssi_sdk_ext_key_utils_1 = require("@sphereon/ssi-sdk-ext.key-utils");
72
- const ssi_sdk_ext_x509_utils_1 = require("@sphereon/ssi-sdk-ext.x509-utils");
73
- const ssi_sdk_core_1 = require("@sphereon/ssi-sdk.core");
74
- const ed25519_1 = require("@stablelib/ed25519");
75
- const utils_1 = require("@veramo/utils");
76
- const did_jwt_1 = require("did-jwt");
77
- // @ts-ignore
78
- const elliptic_1 = __importDefault(require("elliptic"));
79
- const u8a = __importStar(require("uint8arrays"));
80
- const types_1 = require("./types");
81
- const getAuthenticationKey = (_a, context_1) => __awaiter(void 0, [_a, context_1], void 0, function* ({ identifier, offlineWhenNoDIDRegistered, noVerificationMethodFallback, keyType, controllerKey, }, context) {
82
- return yield (0, exports.getFirstKeyWithRelation)({
83
- identifier,
84
- offlineWhenNoDIDRegistered,
85
- noVerificationMethodFallback,
86
- keyType,
87
- controllerKey,
88
- vmRelationship: 'authentication',
89
- }, context);
90
- });
91
- exports.getAuthenticationKey = getAuthenticationKey;
92
- const getFirstKeyWithRelation = (_a, context_1) => __awaiter(void 0, [_a, context_1], void 0, function* ({ identifier, offlineWhenNoDIDRegistered, noVerificationMethodFallback, keyType, controllerKey, vmRelationship, }, context) {
93
- var _b, _c;
94
- let key = undefined;
95
- try {
96
- key =
97
- (_b = (yield (0, exports.getFirstKeyWithRelationFromDIDDoc)({
98
- identifier,
99
- vmRelationship,
100
- errorOnNotFound: false,
101
- keyType,
102
- controllerKey,
103
- }, context))) !== null && _b !== void 0 ? _b : (noVerificationMethodFallback || vmRelationship === 'verificationMethod' // let's not fallback to the same value again
104
- ? undefined
105
- : yield (0, exports.getFirstKeyWithRelationFromDIDDoc)({
106
- identifier,
107
- vmRelationship: 'verificationMethod',
108
- errorOnNotFound: false,
109
- keyType,
110
- controllerKey,
111
- }, context));
112
- }
113
- catch (e) {
114
- if (e instanceof Error) {
115
- if (!e.message.includes('404') || !offlineWhenNoDIDRegistered) {
116
- throw e;
117
- }
118
- }
119
- else {
120
- throw e;
121
- }
122
- }
123
- if (!key && offlineWhenNoDIDRegistered) {
124
- const offlineDID = toDidDocument(identifier);
125
- key =
126
- (_c = (yield (0, exports.getFirstKeyWithRelationFromDIDDoc)({
127
- identifier,
128
- vmRelationship,
129
- errorOnNotFound: false,
130
- didDocument: offlineDID,
131
- keyType,
132
- controllerKey,
133
- }, context))) !== null && _c !== void 0 ? _c : (noVerificationMethodFallback || vmRelationship === 'verificationMethod' // let's not fallback to the same value again
134
- ? undefined
135
- : yield (0, exports.getFirstKeyWithRelationFromDIDDoc)({
136
- identifier,
137
- vmRelationship: 'verificationMethod',
138
- errorOnNotFound: false,
139
- didDocument: offlineDID,
140
- keyType,
141
- controllerKey,
142
- }, context));
143
- if (!key) {
144
- key = identifier.keys
145
- .map((key) => key)
146
- .filter((key) => keyType === undefined || key.type === keyType || (controllerKey && key.kid === identifier.controllerKeyId))
147
- .find((key) => { var _a, _b; return ((_a = key.meta.verificationMethod) === null || _a === void 0 ? void 0 : _a.type.includes('authentication')) || ((_b = key.meta.purposes) === null || _b === void 0 ? void 0 : _b.includes('authentication')); });
148
- }
149
- }
150
- if (!key) {
151
- throw Error(`Could not find authentication key for DID ${identifier.did}`);
152
- }
153
- return key;
154
- });
155
- exports.getFirstKeyWithRelation = getFirstKeyWithRelation;
156
- const getOrCreatePrimaryIdentifier = (context, opts) => __awaiter(void 0, void 0, void 0, function* () {
157
- var _a, _b;
158
- const primaryIdentifier = yield (0, exports.getPrimaryIdentifier)(context, Object.assign(Object.assign({}, (_a = opts === null || opts === void 0 ? void 0 : opts.createOpts) === null || _a === void 0 ? void 0 : _a.options), ((opts === null || opts === void 0 ? void 0 : opts.method) && { method: opts.method })));
159
- if (primaryIdentifier !== undefined) {
160
- return {
161
- created: false,
162
- result: primaryIdentifier,
163
- };
164
- }
165
- if ((opts === null || opts === void 0 ? void 0 : opts.method) === types_1.SupportedDidMethodEnum.DID_KEY) {
166
- const createOpts = (_b = opts === null || opts === void 0 ? void 0 : opts.createOpts) !== null && _b !== void 0 ? _b : {};
167
- createOpts.options = Object.assign({ codecName: 'EBSI', type: 'Secp256r1' }, createOpts);
168
- opts.createOpts = createOpts;
169
- }
170
- const createdIdentifier = yield (0, exports.createIdentifier)(context, opts);
171
- return {
172
- created: true,
173
- result: createdIdentifier,
174
- };
175
- });
176
- exports.getOrCreatePrimaryIdentifier = getOrCreatePrimaryIdentifier;
177
- const getPrimaryIdentifier = (context, opts) => __awaiter(void 0, void 0, void 0, function* () {
178
- const identifiers = (yield context.agent.didManagerFind((opts === null || opts === void 0 ? void 0 : opts.method) ? { provider: `${types_1.DID_PREFIX}${opts === null || opts === void 0 ? void 0 : opts.method}` } : {})).filter((identifier) => (opts === null || opts === void 0 ? void 0 : opts.type) === undefined || identifier.keys.some((key) => key.type === (opts === null || opts === void 0 ? void 0 : opts.type)));
179
- return identifiers && identifiers.length > 0 ? identifiers[0] : undefined;
180
- });
181
- exports.getPrimaryIdentifier = getPrimaryIdentifier;
182
- const createIdentifier = (context, opts) => __awaiter(void 0, void 0, void 0, function* () {
183
- var _a, _b, _c, _d, _e, _f;
184
- return yield context.agent.didManagerCreate(Object.assign(Object.assign({ kms: yield (0, ssi_sdk_ext_key_utils_1.getKms)(context, (_a = opts === null || opts === void 0 ? void 0 : opts.createOpts) === null || _a === void 0 ? void 0 : _a.kms) }, ((opts === null || opts === void 0 ? void 0 : opts.method) && { provider: `${types_1.DID_PREFIX}${opts === null || opts === void 0 ? void 0 : opts.method}` })), { alias: (_c = (_b = opts === null || opts === void 0 ? void 0 : opts.createOpts) === null || _b === void 0 ? void 0 : _b.alias) !== null && _c !== void 0 ? _c : `${types_1.IdentifierAliasEnum.PRIMARY}-${opts === null || opts === void 0 ? void 0 : opts.method}-${(_e = (_d = opts === null || opts === void 0 ? void 0 : opts.createOpts) === null || _d === void 0 ? void 0 : _d.options) === null || _e === void 0 ? void 0 : _e.type}-${new Date().getTime()}`, options: (_f = opts === null || opts === void 0 ? void 0 : opts.createOpts) === null || _f === void 0 ? void 0 : _f.options }));
185
- });
186
- exports.createIdentifier = createIdentifier;
187
- const getFirstKeyWithRelationFromDIDDoc = (_a, context_1) => __awaiter(void 0, [_a, context_1], void 0, function* ({ identifier, vmRelationship = 'verificationMethod', keyType, errorOnNotFound = false, didDocument, controllerKey, }, context) {
188
- const matchedKeys = yield mapIdentifierKeysToDocWithJwkSupport({ identifier, vmRelationship, didDocument }, context);
189
- if (Array.isArray(matchedKeys) && matchedKeys.length > 0) {
190
- const result = matchedKeys.find((key) => keyType === undefined || key.type === keyType || (controllerKey && key.kid === identifier.controllerKeyId));
191
- if (result) {
192
- return result;
193
- }
194
- }
195
- if (errorOnNotFound) {
196
- throw new Error(`Could not find key with relationship ${vmRelationship} in DID document for ${identifier.did}${keyType ? ' and key type: ' + keyType : ''}`);
197
- }
198
- return undefined;
199
- });
200
- exports.getFirstKeyWithRelationFromDIDDoc = getFirstKeyWithRelationFromDIDDoc;
201
- const getEthereumAddressFromKey = ({ key }) => {
202
- var _a, _b, _c, _d, _e;
203
- if (key.type !== 'Secp256k1') {
204
- throw Error(`Can only get ethereum address from a Secp256k1 key. Type is ${key.type} for keyRef: ${key.kid}`);
205
- }
206
- const ethereumAddress = (_e = (_b = (_a = key.meta) === null || _a === void 0 ? void 0 : _a.ethereumAddress) !== null && _b !== void 0 ? _b : (_d = (_c = key.meta) === null || _c === void 0 ? void 0 : _c.account) === null || _d === void 0 ? void 0 : _d.toLowerCase()) !== null && _e !== void 0 ? _e : (0, transactions_1.computeAddress)(`0x${key.publicKeyHex}`).toLowerCase();
207
- if (!ethereumAddress) {
208
- throw Error(`Could not get or generate ethereum address from key with keyRef ${key.kid}`);
209
- }
210
- return ethereumAddress;
211
- };
212
- exports.getEthereumAddressFromKey = getEthereumAddressFromKey;
213
- const getControllerKey = ({ identifier }) => {
214
- const key = identifier.keys.find((key) => key.kid === identifier.controllerKeyId);
215
- if (!key) {
216
- throw Error(`Could not get controller key for identifier ${identifier}`);
217
- }
218
- return key;
219
- };
220
- exports.getControllerKey = getControllerKey;
221
- const getKeys = ({ jwkThumbprint, kms, identifier, kmsKeyRef, keyType, controllerKey, }) => {
222
- return identifier.keys
223
- .filter((key) => !keyType || key.type === keyType)
224
- .filter((key) => !kms || key.kms === kms)
225
- .filter((key) => !kmsKeyRef || key.kid === kmsKeyRef)
226
- .filter((key) => { var _a; return !jwkThumbprint || ((_a = key.meta) === null || _a === void 0 ? void 0 : _a.jwkThumbprint) === jwkThumbprint; })
227
- .filter((key) => !controllerKey || identifier.controllerKeyId === key.kid);
228
- };
229
- exports.getKeys = getKeys;
230
- //TODO: Move to ssi-sdk/core and create PR upstream
231
- /**
232
- * Dereferences keys from DID document and normalizes them for easy comparison.
233
- *
234
- * When dereferencing keyAgreement keys, only Ed25519 and X25519 curves are supported.
235
- * Other key types are omitted from the result and Ed25519 keys are converted to X25519
236
- *
237
- * @returns a Promise that resolves to the list of dereferenced keys.
238
- *
239
- * @beta This API may change without a BREAKING CHANGE notice.
240
- */
241
- function dereferenceDidKeysWithJwkSupport(didDocument_1) {
242
- return __awaiter(this, arguments, void 0, function* (didDocument, section = 'keyAgreement', context) {
243
- const convert = section === 'keyAgreement';
244
- if (section === 'service') {
245
- return [];
246
- }
247
- return (yield Promise.all((didDocument[section] || []).map((key) => __awaiter(this, void 0, void 0, function* () {
248
- if (typeof key === 'string') {
249
- try {
250
- return (yield context.agent.getDIDComponentById({
251
- didDocument,
252
- didUrl: key,
253
- section,
254
- }));
255
- }
256
- catch (e) {
257
- return null;
258
- }
259
- }
260
- else {
261
- return key;
262
- }
263
- }))))
264
- .filter(utils_1.isDefined)
265
- .map((key) => {
266
- const hexKey = extractPublicKeyHexWithJwkSupport(key, convert);
267
- const { publicKeyHex, publicKeyBase58, publicKeyBase64, publicKeyJwk } = key, keyProps = __rest(key, ["publicKeyHex", "publicKeyBase58", "publicKeyBase64", "publicKeyJwk"]);
268
- const newKey = Object.assign(Object.assign({}, keyProps), { publicKeyHex: hexKey });
269
- if (convert && 'Ed25519VerificationKey2018' === newKey.type) {
270
- newKey.type = 'X25519KeyAgreementKey2019';
271
- }
272
- return newKey;
273
- });
274
- });
275
- }
276
- function jwkTtoPublicKeyHex(jwk) {
277
- // todo: Hacky way to convert this to a VM. Should extract the logic from the below methods
278
- // @ts-ignore
279
- const vm = {
280
- publicKeyJwk: (0, ssi_sdk_ext_key_utils_1.sanitizedJwk)(jwk),
281
- };
282
- return extractPublicKeyHexWithJwkSupport(vm);
283
- }
284
- /**
285
- * Converts the publicKey of a VerificationMethod to hex encoding (publicKeyHex)
286
- *
287
- * @param pk - the VerificationMethod to be converted
288
- * @param convert - when this flag is set to true, Ed25519 keys are converted to their X25519 pairs
289
- * @returns the hex encoding of the public key
290
- *
291
- * @beta This API may change without a BREAKING CHANGE notice.
292
- */
293
- function extractPublicKeyHexWithJwkSupport(pk, convert = false) {
294
- if (pk.publicKeyJwk) {
295
- const jwk = (0, ssi_sdk_ext_key_utils_1.sanitizedJwk)(pk.publicKeyJwk);
296
- if (jwk.kty === 'EC') {
297
- const curve = jwk.crv ? toEcLibCurve(jwk.crv) : 'p256';
298
- const xHex = (0, ssi_sdk_ext_x509_utils_1.base64ToHex)(jwk.x, 'base64url');
299
- const yHex = (0, ssi_sdk_ext_x509_utils_1.base64ToHex)(jwk.y, 'base64url');
300
- const prefix = '04'; // isEven(yHex) ? '02' : '03'
301
- // Uncompressed Hex format: 04<x><y>
302
- // Compressed Hex format: 02<x> (for even y) or 03<x> (for uneven y)
303
- const hex = `${prefix}${xHex}${yHex}`;
304
- try {
305
- const ec = new elliptic_1.default.ec(curve);
306
- // We return directly as we don't want to convert the result back into Uint8Array and then convert again to hex as the elliptic lib already returns hex strings
307
- const publicKeyHex = ec.keyFromPublic(hex, 'hex').getPublic(true, 'hex');
308
- // This returns a short form (x) with 02 or 03 prefix
309
- return publicKeyHex;
310
- }
311
- catch (error) {
312
- console.error(`Error converting EC with elliptic lib curve ${curve} from JWK to hex. x: ${jwk.x}, y: ${jwk.y}, error: ${error}`, error);
313
- }
314
- }
315
- else if (jwk.crv === 'Ed25519') {
316
- return u8a.toString(u8a.fromString(jwk.x, 'base64url'), 'base16');
317
- }
318
- else if (jwk.kty === 'RSA') {
319
- return (0, ssi_sdk_ext_x509_utils_1.hexKeyFromPEMBasedJwk)(jwk, 'public');
320
- }
321
- }
322
- // delegate the other types to the original Veramo function
323
- return extractPublicKeyHex(pk, convert);
324
- }
325
- function isEvenHexString(hex) {
326
- const lastChar = hex[hex.length - 1].toLowerCase();
327
- return ['0', '2', '4', '6', '8', 'a', 'c', 'e'].includes(lastChar);
328
- }
329
- /**
330
- * Converts the publicKey of a VerificationMethod to hex encoding (publicKeyHex)
331
- *
332
- * @param pk - the VerificationMethod to be converted
333
- * @param convert - when this flag is set to true, Ed25519 keys are converted to their X25519 pairs
334
- * @returns the hex encoding of the public key
335
- *
336
- * @beta This API may change without a BREAKING CHANGE notice.
337
- */
338
- function extractPublicKeyHex(pk, convert = false) {
339
- let keyBytes = extractPublicKeyBytes(pk);
340
- const jwk = pk.publicKeyJwk ? (0, ssi_sdk_ext_key_utils_1.sanitizedJwk)(pk.publicKeyJwk) : undefined;
341
- if (convert) {
342
- if (['Ed25519', 'Ed25519VerificationKey2018', 'Ed25519VerificationKey2020'].includes(pk.type) ||
343
- (pk.type === 'JsonWebKey2020' && (jwk === null || jwk === void 0 ? void 0 : jwk.crv) === 'Ed25519')) {
344
- keyBytes = (0, ed25519_1.convertPublicKeyToX25519)(keyBytes);
345
- }
346
- else if (!['X25519', 'X25519KeyAgreementKey2019', 'X25519KeyAgreementKey2020'].includes(pk.type) &&
347
- !(pk.type === 'JsonWebKey2020' && (jwk === null || jwk === void 0 ? void 0 : jwk.crv) === 'X25519')) {
348
- return '';
349
- }
350
- }
351
- return (0, ssi_sdk_core_1.bytesToHex)(keyBytes);
352
- }
353
- function toEcLibCurve(input) {
354
- return input.toLowerCase().replace('-', '').replace('_', '');
355
- }
356
- function extractPublicKeyBytes(pk) {
357
- var _a;
358
- if (pk.publicKeyBase58) {
359
- return (0, ssi_sdk_core_1.base58ToBytes)(pk.publicKeyBase58);
360
- }
361
- else if (pk.publicKeyMultibase) {
362
- return (0, ssi_sdk_core_1.multibaseKeyToBytes)(pk.publicKeyMultibase);
363
- }
364
- else if (pk.publicKeyBase64) {
365
- return (0, ssi_sdk_core_1.base64ToBytes)(pk.publicKeyBase64);
366
- }
367
- else if (pk.publicKeyHex) {
368
- return (0, ssi_sdk_core_1.hexToBytes)(pk.publicKeyHex);
369
- }
370
- else if (((_a = pk.publicKeyJwk) === null || _a === void 0 ? void 0 : _a.crv) && pk.publicKeyJwk.x && pk.publicKeyJwk.y) {
371
- return (0, ssi_sdk_core_1.hexToBytes)(extractPublicKeyHexWithJwkSupport(pk));
372
- }
373
- else if (pk.publicKeyJwk && (pk.publicKeyJwk.crv === 'Ed25519' || pk.publicKeyJwk.crv === 'X25519') && pk.publicKeyJwk.x) {
374
- return (0, ssi_sdk_core_1.base64ToBytes)(pk.publicKeyJwk.x);
375
- }
376
- return new Uint8Array();
377
- }
378
- function verificationMethodToJwk(vm) {
379
- var _a;
380
- let jwk = vm.publicKeyJwk;
381
- if (!jwk) {
382
- let publicKeyHex = (_a = vm.publicKeyHex) !== null && _a !== void 0 ? _a : u8a.toString(extractPublicKeyBytes(vm), 'hex');
383
- jwk = (0, ssi_sdk_ext_key_utils_1.toJwk)(publicKeyHex, (0, ssi_sdk_ext_key_utils_1.keyTypeFromCryptographicSuite)({ crv: vm.type }));
384
- }
385
- if (!jwk) {
386
- throw Error(`Could not convert verification method to jwk`);
387
- }
388
- jwk.kid = vm.id;
389
- return (0, ssi_sdk_ext_key_utils_1.sanitizedJwk)(jwk);
390
- }
391
- function didDocumentSectionToJwks(didDocumentSection, searchForVerificationMethods, verificationMethods) {
392
- const jwks = new Set((searchForVerificationMethods !== null && searchForVerificationMethods !== void 0 ? searchForVerificationMethods : [])
393
- .map((vmOrId) => (typeof vmOrId === 'object' ? vmOrId : verificationMethods === null || verificationMethods === void 0 ? void 0 : verificationMethods.find((vm) => vm.id === vmOrId)))
394
- .filter(utils_1.isDefined)
395
- .map((vm) => verificationMethodToJwk(vm)));
396
- return { didDocumentSection, jwks: Array.from(jwks) };
397
- }
398
- function didDocumentToJwks(didDocument) {
399
- return {
400
- verificationMethod: [
401
- ...didDocumentSectionToJwks('publicKey', didDocument.publicKey, didDocument.verificationMethod).jwks, // legacy support
402
- ...didDocumentSectionToJwks('verificationMethod', didDocument.verificationMethod, didDocument.verificationMethod).jwks,
403
- ],
404
- assertionMethod: didDocumentSectionToJwks('assertionMethod', didDocument.assertionMethod, didDocument.verificationMethod).jwks,
405
- authentication: didDocumentSectionToJwks('authentication', didDocument.authentication, didDocument.verificationMethod).jwks,
406
- keyAgreement: didDocumentSectionToJwks('keyAgreement', didDocument.keyAgreement, didDocument.verificationMethod).jwks,
407
- capabilityInvocation: didDocumentSectionToJwks('capabilityInvocation', didDocument.capabilityInvocation, didDocument.verificationMethod).jwks,
408
- capabilityDelegation: didDocumentSectionToJwks('capabilityDelegation', didDocument.capabilityDelegation, didDocument.verificationMethod).jwks,
409
- };
410
- }
411
- /**
412
- * Maps the keys of a locally managed {@link @veramo/core#IIdentifier | IIdentifier} to the corresponding
413
- * {@link did-resolver#VerificationMethod | VerificationMethod} entries from the DID document.
414
- *
415
- * @param identifier - the identifier to be mapped
416
- * @param section - the section of the DID document to be mapped (see
417
- * {@link https://www.w3.org/TR/did-core/#verification-relationships | verification relationships}), but can also be
418
- * `verificationMethod` to map all the keys.
419
- * @param didDocument
420
- * @param context - the veramo agent context, which must contain a {@link @veramo/core#IResolver | IResolver}
421
- * implementation that can resolve the DID document of the identifier.
422
- *
423
- * @returns an array of mapped keys. The corresponding verification method is added to the `meta.verificationMethod`
424
- * property of the key.
425
- *
426
- * @beta This API may change without a BREAKING CHANGE notice.
427
- */
428
- function mapIdentifierKeysToDocWithJwkSupport(_a, context_1) {
429
- return __awaiter(this, arguments, void 0, function* ({ identifier, vmRelationship = 'verificationMethod', didDocument, }, context) {
430
- const didDoc = didDocument !== null && didDocument !== void 0 ? didDocument : (yield getAgentResolver(context)
431
- .resolve(identifier.did)
432
- .then((result) => result.didDocument));
433
- if (!didDoc) {
434
- throw Error(`Could not resolve DID ${identifier.did}`);
435
- }
436
- // const rsaDidWeb = identifier.keys && identifier.keys.length > 0 && identifier.keys.find((key) => key.type === 'RSA') && didDocument
437
- // We skip mapping in case the identifier is RSA and a did document is supplied.
438
- const keys = didDoc ? [] : yield (0, utils_1.mapIdentifierKeysToDoc)(identifier, vmRelationship, context);
439
- // dereference all key agreement keys from DID document and normalize
440
- const documentKeys = yield dereferenceDidKeysWithJwkSupport(didDoc, vmRelationship, context);
441
- const localKeys = vmRelationship === 'keyAgreement' ? (0, utils_1.convertIdentifierEncryptionKeys)(identifier) : (0, utils_1.compressIdentifierSecp256k1Keys)(identifier);
442
- // finally map the didDocument keys to the identifier keys by comparing `publicKeyHex`
443
- const extendedKeys = documentKeys
444
- .map((verificationMethod) => {
445
- /*if (verificationMethod.type !== 'JsonWebKey2020') {
446
- return null
447
- }*/
448
- const localKey = localKeys.find((localKey) => {
449
- var _a;
450
- return localKey.publicKeyHex === verificationMethod.publicKeyHex ||
451
- ((_a = verificationMethod.publicKeyHex) === null || _a === void 0 ? void 0 : _a.startsWith(localKey.publicKeyHex)) ||
452
- compareBlockchainAccountId(localKey, verificationMethod);
453
- });
454
- if (localKey) {
455
- const { meta } = localKey, localProps = __rest(localKey, ["meta"]);
456
- return Object.assign(Object.assign({}, localProps), { meta: Object.assign(Object.assign({}, meta), { verificationMethod }) });
457
- }
458
- else {
459
- return null;
460
- }
461
- })
462
- .filter(utils_1.isDefined);
463
- return keys.concat(extendedKeys);
464
- });
465
- }
466
- /**
467
- * Compares the `blockchainAccountId` of a `EcdsaSecp256k1RecoveryMethod2020` verification method with the address
468
- * computed from a locally managed key.
469
- *
470
- * @returns true if the local key address corresponds to the `blockchainAccountId`
471
- *
472
- * @param localKey - The locally managed key
473
- * @param verificationMethod - a {@link did-resolver#VerificationMethod | VerificationMethod} with a
474
- * `blockchainAccountId`
475
- *
476
- * @beta This API may change without a BREAKING CHANGE notice.
477
- */
478
- function compareBlockchainAccountId(localKey, verificationMethod) {
479
- var _a, _b;
480
- if ((verificationMethod.type !== 'EcdsaSecp256k1RecoveryMethod2020' && verificationMethod.type !== 'EcdsaSecp256k1VerificationKey2019') ||
481
- localKey.type !== 'Secp256k1') {
482
- return false;
483
- }
484
- let vmEthAddr = (0, utils_1.getEthereumAddress)(verificationMethod);
485
- if ((_a = localKey.meta) === null || _a === void 0 ? void 0 : _a.account) {
486
- return vmEthAddr === ((_b = localKey.meta) === null || _b === void 0 ? void 0 : _b.account.toLowerCase());
487
- }
488
- const computedAddr = (0, transactions_1.computeAddress)('0x' + localKey.publicKeyHex).toLowerCase();
489
- return computedAddr === vmEthAddr;
490
- }
491
- function getAgentDIDMethods(context) {
492
- return __awaiter(this, void 0, void 0, function* () {
493
- return (yield context.agent.didManagerGetProviders()).map((provider) => provider.toLowerCase().replace('did:', ''));
494
- });
495
- }
496
- function getDID(idOpts) {
497
- if (typeof idOpts.identifier === 'string') {
498
- return idOpts.identifier;
499
- }
500
- else if (typeof idOpts.identifier === 'object') {
501
- return idOpts.identifier.did;
502
- }
503
- throw Error(`Cannot get DID from identifier value`);
504
- }
505
- function toDID(identifier) {
506
- if (typeof identifier === 'string') {
507
- return identifier;
508
- }
509
- if (identifier.did) {
510
- return identifier.did;
511
- }
512
- throw Error(`No DID value present in identifier`);
513
- }
514
- function toDIDs(identifiers) {
515
- if (!identifiers) {
516
- return [];
517
- }
518
- return identifiers.map(toDID);
519
- }
520
- function getKey(_a, context_1) {
521
- return __awaiter(this, arguments, void 0, function* ({ identifier, vmRelationship = 'authentication', kmsKeyRef, }, context) {
522
- if (!identifier) {
523
- return Promise.reject(new Error(`No identifier provided to getKey method!`));
524
- }
525
- // normalize to kid, in case keyId was passed in as did#vm or #vm
526
- const kmsKeyRefParts = kmsKeyRef === null || kmsKeyRef === void 0 ? void 0 : kmsKeyRef.split(`#`);
527
- const kid = kmsKeyRefParts ? ((kmsKeyRefParts === null || kmsKeyRefParts === void 0 ? void 0 : kmsKeyRefParts.length) === 2 ? kmsKeyRefParts[1] : kmsKeyRefParts[0]) : undefined;
528
- // todo: We really should do a keyRef and external kid here
529
- let identifierKey = kmsKeyRef ? identifier.keys.find((key) => { var _a; return key.kid === kid || ((_a = key === null || key === void 0 ? void 0 : key.meta) === null || _a === void 0 ? void 0 : _a.jwkThumbprint) === kid; }) : undefined;
530
- if (!identifierKey) {
531
- const keys = yield mapIdentifierKeysToDocWithJwkSupport({ identifier, vmRelationship: vmRelationship }, context);
532
- if (!keys || keys.length === 0) {
533
- throw new Error(`No keys found for verificationMethodSection: ${vmRelationship} and did ${identifier.did}`);
534
- }
535
- if (kmsKeyRef) {
536
- identifierKey = keys.find((key) => { var _a, _b, _c; return ((_a = key.meta.verificationMethod) === null || _a === void 0 ? void 0 : _a.id) === kmsKeyRef || (kid && ((_c = (_b = key.meta.verificationMethod) === null || _b === void 0 ? void 0 : _b.id) === null || _c === void 0 ? void 0 : _c.includes(kid))); });
537
- }
538
- if (!identifierKey) {
539
- identifierKey = keys.find((key) => { var _a, _b; return ((_a = key.meta.verificationMethod) === null || _a === void 0 ? void 0 : _a.type) === vmRelationship || ((_b = key.meta.purposes) === null || _b === void 0 ? void 0 : _b.includes(vmRelationship)); });
540
- }
541
- if (!identifierKey) {
542
- identifierKey = keys[0];
543
- }
544
- }
545
- if (!identifierKey) {
546
- throw new Error(`No matching verificationMethodSection key found for keyId: ${kmsKeyRef} and vmSection: ${vmRelationship} for id ${identifier.did}`);
547
- }
548
- return identifierKey;
549
- });
550
- }
551
- /**
552
- *
553
- * @param identifier
554
- * @param context
555
- *
556
- * @deprecated Replaced by the identfier resolution plugin
557
- */
558
- function legacyGetIdentifier(_a, context_1) {
559
- return __awaiter(this, arguments, void 0, function* ({ identifier, }, context) {
560
- if (typeof identifier === 'string') {
561
- return yield context.agent.didManagerGet({ did: identifier });
562
- }
563
- return identifier;
564
- });
565
- }
566
- /**
567
- * Get the real kid as used in JWTs. This is the kid in the VM or in the JWT, not the kid in the Veramo/Sphereon keystore. That was just a poorly chosen name
568
- * @param key
569
- * @param idOpts
570
- * @param context
571
- */
572
- function determineKid(_a, context_1) {
573
- return __awaiter(this, arguments, void 0, function* ({ key, idOpts, }, context) {
574
- var _b, _c, _d, _e, _f, _g, _h, _j, _k, _l, _m, _o, _p;
575
- if ((_c = (_b = key.meta) === null || _b === void 0 ? void 0 : _b.verificationMethod) === null || _c === void 0 ? void 0 : _c.id) {
576
- return (_e = (_d = key.meta) === null || _d === void 0 ? void 0 : _d.verificationMethod) === null || _e === void 0 ? void 0 : _e.id;
577
- }
578
- const identifier = yield legacyGetIdentifier(idOpts, context);
579
- const mappedKeys = yield mapIdentifierKeysToDocWithJwkSupport({
580
- identifier,
581
- vmRelationship: 'verificationMethod',
582
- }, context);
583
- const vmKey = mappedKeys.find((extendedKey) => extendedKey.kid === key.kid);
584
- if (vmKey) {
585
- return (_l = (_k = (_h = (_g = (_f = vmKey.meta) === null || _f === void 0 ? void 0 : _f.verificationMethod) === null || _g === void 0 ? void 0 : _g.id) !== null && _h !== void 0 ? _h : (_j = vmKey.meta) === null || _j === void 0 ? void 0 : _j.jwkThumbprint) !== null && _k !== void 0 ? _k : idOpts.kmsKeyRef) !== null && _l !== void 0 ? _l : vmKey.kid;
586
- }
587
- return (_p = (_o = (_m = key.meta) === null || _m === void 0 ? void 0 : _m.jwkThumbprint) !== null && _o !== void 0 ? _o : idOpts.kmsKeyRef) !== null && _p !== void 0 ? _p : key.kid;
588
- });
589
- }
590
- function getSupportedDIDMethods(didOpts, context) {
591
- return __awaiter(this, void 0, void 0, function* () {
592
- var _a;
593
- return (_a = didOpts.supportedDIDMethods) !== null && _a !== void 0 ? _a : (yield getAgentDIDMethods(context));
594
- });
595
- }
596
- function getAgentResolver(context, opts) {
597
- return new AgentDIDResolver(context, opts);
598
- }
599
- class AgentDIDResolver {
600
- constructor(context, opts) {
601
- this.context = context;
602
- this.resolverResolution = (opts === null || opts === void 0 ? void 0 : opts.resolverResolution) !== false;
603
- this.uniresolverResolution = (opts === null || opts === void 0 ? void 0 : opts.uniresolverResolution) !== false;
604
- this.localResolution = (opts === null || opts === void 0 ? void 0 : opts.localResolution) !== false;
605
- }
606
- resolve(didUrl, options) {
607
- return __awaiter(this, void 0, void 0, function* () {
608
- let resolutionResult;
609
- let origResolutionResult;
610
- let err;
611
- if (!this.resolverResolution && !this.localResolution && !this.uniresolverResolution) {
612
- throw Error(`No agent hosted DID resolution, regular agent resolution nor universal resolver resolution is enabled. Cannot resolve DIDs.`);
613
- }
614
- if (this.resolverResolution) {
615
- try {
616
- resolutionResult = yield this.context.agent.resolveDid({ didUrl, options });
617
- }
618
- catch (error) {
619
- err = error;
620
- }
621
- }
622
- if (resolutionResult) {
623
- origResolutionResult = resolutionResult;
624
- if (resolutionResult.didDocument === null) {
625
- resolutionResult = undefined;
626
- }
627
- }
628
- else {
629
- console.log(`Agent resolver resolution is disabled. This typically isn't desirable!`);
630
- }
631
- if (!resolutionResult && this.localResolution) {
632
- console.log(`Using local DID resolution, looking at DIDs hosted by the agent.`);
633
- try {
634
- const did = didUrl.split('#')[0];
635
- const iIdentifier = yield this.context.agent.didManagerGet({ did });
636
- resolutionResult = toDidResolutionResult(iIdentifier, { did });
637
- if (resolutionResult.didDocument) {
638
- err = undefined;
639
- }
640
- else {
641
- console.log(`Local resolution resulted in a DID Document for ${did}`);
642
- }
643
- }
644
- catch (error) {
645
- if (!err) {
646
- err = error;
647
- }
648
- }
649
- }
650
- if (resolutionResult) {
651
- if (!origResolutionResult) {
652
- origResolutionResult = resolutionResult;
653
- }
654
- if (!resolutionResult.didDocument) {
655
- resolutionResult = undefined;
656
- }
657
- }
658
- if (!resolutionResult && this.uniresolverResolution) {
659
- console.log(`Using universal resolver resolution for did ${didUrl} `);
660
- resolutionResult = yield new did_uni_client_1.UniResolver().resolve(didUrl, options);
661
- if (!origResolutionResult) {
662
- origResolutionResult = resolutionResult;
663
- }
664
- if (resolutionResult.didDocument) {
665
- err = undefined;
666
- }
667
- }
668
- if (err) {
669
- // throw original error
670
- throw err;
671
- }
672
- if (!resolutionResult && !origResolutionResult) {
673
- throw `Could not resolve ${didUrl}. Resolutions tried: online: ${this.resolverResolution}, local: ${this.localResolution}, uni resolver: ${this.uniresolverResolution}`;
674
- }
675
- return resolutionResult !== null && resolutionResult !== void 0 ? resolutionResult : origResolutionResult;
676
- });
677
- }
678
- }
679
- exports.AgentDIDResolver = AgentDIDResolver;
680
- /**
681
- * Please note that this is not an exact representation of the actual DID Document.
682
- *
683
- * We try to do our best, to map keys onto relevant verification methods and relationships, but we simply lack the context
684
- * of the actual DID method here. Do not relly on this method for DID resolution. It is only handy for offline use cases
685
- * when no DID Document is cached. For DID:WEB it does provide an accurate representation!
686
- *
687
- * @param identifier
688
- * @param opts
689
- */
690
- function toDidDocument(identifier, opts) {
691
- var _a, _b, _c, _d, _e, _f;
692
- let didDocument = undefined;
693
- // TODO: Introduce jwk thumbprints here
694
- if (identifier) {
695
- const did = (_a = identifier.did) !== null && _a !== void 0 ? _a : opts === null || opts === void 0 ? void 0 : opts.did;
696
- didDocument = Object.assign(Object.assign(Object.assign(Object.assign(Object.assign(Object.assign({ '@context': 'https://www.w3.org/ns/did/v1', id: did, verificationMethod: identifier.keys.map((key) => {
697
- const vm = {
698
- controller: did,
699
- id: key.kid.startsWith(did) && key.kid.includes('#') ? key.kid : `${did}#${key.kid}`,
700
- publicKeyJwk: (0, ssi_sdk_ext_key_utils_1.toJwk)(key.publicKeyHex, key.type, {
701
- use: ssi_sdk_ext_key_utils_1.ENC_KEY_ALGS.includes(key.type) ? ssi_sdk_ext_key_utils_1.JwkKeyUse.Encryption : ssi_sdk_ext_key_utils_1.JwkKeyUse.Signature,
702
- key,
703
- }),
704
- type: 'JsonWebKey2020',
705
- };
706
- return vm;
707
- }) }, (((opts === null || opts === void 0 ? void 0 : opts.use) === undefined || ((_b = opts === null || opts === void 0 ? void 0 : opts.use) === null || _b === void 0 ? void 0 : _b.includes(ssi_sdk_ext_key_utils_1.JwkKeyUse.Signature))) &&
708
- identifier.keys && {
709
- assertionMethod: identifier.keys
710
- .filter((key) => { var _a, _b, _c, _d; return ((_a = key === null || key === void 0 ? void 0 : key.meta) === null || _a === void 0 ? void 0 : _a.purpose) === undefined || ((_b = key === null || key === void 0 ? void 0 : key.meta) === null || _b === void 0 ? void 0 : _b.purpose) === 'assertionMethod' || ((_d = (_c = key === null || key === void 0 ? void 0 : key.meta) === null || _c === void 0 ? void 0 : _c.purposes) === null || _d === void 0 ? void 0 : _d.includes('assertionMethod')); })
711
- .map((key) => {
712
- if (key.kid.startsWith(did) && key.kid.includes('#')) {
713
- return key.kid;
714
- }
715
- return `${did}#${key.kid}`;
716
- }),
717
- })), (((opts === null || opts === void 0 ? void 0 : opts.use) === undefined || ((_c = opts === null || opts === void 0 ? void 0 : opts.use) === null || _c === void 0 ? void 0 : _c.includes(ssi_sdk_ext_key_utils_1.JwkKeyUse.Signature))) &&
718
- identifier.keys && {
719
- authentication: identifier.keys
720
- .filter((key) => { var _a, _b, _c, _d; return ((_a = key === null || key === void 0 ? void 0 : key.meta) === null || _a === void 0 ? void 0 : _a.purpose) === undefined || ((_b = key === null || key === void 0 ? void 0 : key.meta) === null || _b === void 0 ? void 0 : _b.purpose) === 'authentication' || ((_d = (_c = key === null || key === void 0 ? void 0 : key.meta) === null || _c === void 0 ? void 0 : _c.purposes) === null || _d === void 0 ? void 0 : _d.includes('authentication')); })
721
- .map((key) => {
722
- if (key.kid.startsWith(did) && key.kid.includes('#')) {
723
- return key.kid;
724
- }
725
- return `${did}#${key.kid}`;
726
- }),
727
- })), (((opts === null || opts === void 0 ? void 0 : opts.use) === undefined || ((_d = opts === null || opts === void 0 ? void 0 : opts.use) === null || _d === void 0 ? void 0 : _d.includes(ssi_sdk_ext_key_utils_1.JwkKeyUse.Encryption))) &&
728
- identifier.keys && {
729
- keyAgreement: identifier.keys
730
- .filter((key) => { var _a, _b, _c; return key.type === 'X25519' || ((_a = key === null || key === void 0 ? void 0 : key.meta) === null || _a === void 0 ? void 0 : _a.purpose) === 'keyAgreement' || ((_c = (_b = key === null || key === void 0 ? void 0 : key.meta) === null || _b === void 0 ? void 0 : _b.purposes) === null || _c === void 0 ? void 0 : _c.includes('keyAgreement')); })
731
- .map((key) => {
732
- if (key.kid.startsWith(did) && key.kid.includes('#')) {
733
- return key.kid;
734
- }
735
- return `${did}#${key.kid}`;
736
- }),
737
- })), (((opts === null || opts === void 0 ? void 0 : opts.use) === undefined || ((_e = opts === null || opts === void 0 ? void 0 : opts.use) === null || _e === void 0 ? void 0 : _e.includes(ssi_sdk_ext_key_utils_1.JwkKeyUse.Encryption))) &&
738
- identifier.keys && {
739
- capabilityInvocation: identifier.keys
740
- .filter((key) => { var _a, _b, _c; return key.type === 'X25519' || ((_a = key === null || key === void 0 ? void 0 : key.meta) === null || _a === void 0 ? void 0 : _a.purpose) === 'capabilityInvocation' || ((_c = (_b = key === null || key === void 0 ? void 0 : key.meta) === null || _b === void 0 ? void 0 : _b.purposes) === null || _c === void 0 ? void 0 : _c.includes('capabilityInvocation')); })
741
- .map((key) => {
742
- if (key.kid.startsWith(did) && key.kid.includes('#')) {
743
- return key.kid;
744
- }
745
- return `${did}#${key.kid}`;
746
- }),
747
- })), (((opts === null || opts === void 0 ? void 0 : opts.use) === undefined || ((_f = opts === null || opts === void 0 ? void 0 : opts.use) === null || _f === void 0 ? void 0 : _f.includes(ssi_sdk_ext_key_utils_1.JwkKeyUse.Encryption))) &&
748
- identifier.keys && {
749
- capabilityDelegation: identifier.keys
750
- .filter((key) => { var _a, _b, _c; return key.type === 'X25519' || ((_a = key === null || key === void 0 ? void 0 : key.meta) === null || _a === void 0 ? void 0 : _a.purpose) === 'capabilityDelegation' || ((_c = (_b = key === null || key === void 0 ? void 0 : key.meta) === null || _b === void 0 ? void 0 : _b.purposes) === null || _c === void 0 ? void 0 : _c.includes('capabilityDelegation')); })
751
- .map((key) => {
752
- if (key.kid.startsWith(did) && key.kid.includes('#')) {
753
- return key.kid;
754
- }
755
- return `${did}#${key.kid}`;
756
- }),
757
- })), (identifier.services && identifier.services.length > 0 && { service: identifier.services }));
758
- }
759
- return didDocument;
760
- }
761
- function toDidResolutionResult(identifier, opts) {
762
- var _a;
763
- const didDocument = (_a = toDidDocument(identifier, opts)) !== null && _a !== void 0 ? _a : null; // null is used in case of errors and required by the did resolution spec
764
- const resolutionResult = {
765
- '@context': 'https://w3id.org/did-resolution/v1',
766
- didDocument,
767
- didResolutionMetadata: Object.assign(Object.assign({}, (!didDocument && { error: 'notFound' })), (Array.isArray(opts === null || opts === void 0 ? void 0 : opts.supportedMethods) &&
768
- identifier &&
769
- !(opts === null || opts === void 0 ? void 0 : opts.supportedMethods.includes(identifier.provider.replace('did:', ''))) && { error: 'unsupportedDidMethod' })),
770
- didDocumentMetadata: Object.assign({}, ((identifier === null || identifier === void 0 ? void 0 : identifier.alias) && { equivalentId: identifier === null || identifier === void 0 ? void 0 : identifier.alias })),
771
- };
772
- return resolutionResult;
773
- }
774
- function asDidWeb(hostnameOrDID) {
775
- return __awaiter(this, void 0, void 0, function* () {
776
- let did = hostnameOrDID;
777
- if (!did) {
778
- throw Error('Domain or DID expected, but received nothing.');
779
- }
780
- if (did.startsWith('did:web:')) {
781
- return did;
782
- }
783
- return `did:web:${did.replace(/https?:\/\/([^/?#]+).*/i, '$1').toLowerCase()}`;
784
- });
785
- }
786
- /**
787
- * @deprecated Replaced by the new signer service
788
- */
789
- const signDidJWT = (args) => __awaiter(void 0, void 0, void 0, function* () {
790
- const { idOpts, header, payload, context, options } = args;
791
- const jwtOptions = Object.assign(Object.assign({}, options), { signer: yield (0, exports.getDidSigner)({ idOpts, context }) });
792
- return (0, did_jwt_1.createJWT)(payload, jwtOptions, header);
793
- });
794
- exports.signDidJWT = signDidJWT;
795
- /**
796
- * @deprecated Replaced by the new signer service
797
- */
798
- const getDidSigner = (args) => __awaiter(void 0, void 0, void 0, function* () {
799
- const { idOpts, context } = args;
800
- const identifier = yield legacyGetIdentifier(idOpts, context);
801
- const key = yield getKey({
802
- identifier,
803
- vmRelationship: idOpts.verificationMethodSection,
804
- kmsKeyRef: idOpts.kmsKeyRef,
805
- }, context);
806
- const algorithm = yield (0, ssi_sdk_ext_key_utils_1.signatureAlgorithmFromKey)({ key });
807
- return (data) => __awaiter(void 0, void 0, void 0, function* () {
808
- const input = data instanceof Object.getPrototypeOf(Uint8Array) ? new TextDecoder().decode(data) : data;
809
- return yield context.agent.keyManagerSign({
810
- keyRef: key.kid,
811
- algorithm,
812
- data: input,
813
- });
814
- });
815
- });
816
- exports.getDidSigner = getDidSigner;
817
- //# sourceMappingURL=did-functions.js.map