@sphereon/ssi-sdk-ext.identifier-resolution 0.24.1-next.98 → 0.24.1-unstable.112

package/src/types/externalIdentifierTypes.ts

@@ -1,9 +1,18 @@
 import { DidDocumentJwks } from '@sphereon/ssi-sdk-ext.did-utils'
-import { JWK } from '@sphereon/ssi-sdk-ext.key-utils'
-import { X509ValidationResult } from '@sphereon/ssi-sdk-ext.x509-utils'
+import { ICoseKeyJson, JWK } from '@sphereon/ssi-types'
+import { X509CertificateChainValidationOpts, X509ValidationResult } from '@sphereon/ssi-sdk-ext.x509-utils'
 import { IParsedDID } from '@sphereon/ssi-types'
 import { DIDDocument, DIDDocumentSection, DIDResolutionResult } from '@veramo/core'
-import { isDidIdentifier, isJwkIdentifier, isJwksUrlIdentifier, isKidIdentifier, isOidcDiscoveryIdentifier, isX5cIdentifier, JwkInfo } from './common'
+import {
+  isCoseKeyIdentifier,
+  isDidIdentifier,
+  isJwkIdentifier,
+  isJwksUrlIdentifier,
+  isKidIdentifier,
+  isOidcDiscoveryIdentifier,
+  isX5cIdentifier,
+  JwkInfo,
+} from './common'
 
 /**
  * Use whenever we need to resolve an external identifier. We can pass in kids, DIDs, and x5chains
@@ -32,7 +41,13 @@ export function isExternalIdentifierDidOpts(opts: ExternalIdentifierOptsBase): o
   return ('method' in opts && opts.method === 'did') || isDidIdentifier(identifier)
 }
 
-export type ExternalIdentifierOpts = (ExternalIdentifierJwkOpts | ExternalIdentifierX5cOpts | ExternalIdentifierDidOpts | ExternalIdentifierKidOpts) &
+export type ExternalIdentifierOpts = (
+  | ExternalIdentifierJwkOpts
+  | ExternalIdentifierX5cOpts
+  | ExternalIdentifierDidOpts
+  | ExternalIdentifierKidOpts
+  | ExternalIdentifierCoseKeyOpts
+) &
   ExternalIdentifierOptsBase
 
 export type ExternalIdentifierKidOpts = Omit<ExternalIdentifierOptsBase, 'method'> & {
@@ -48,6 +63,7 @@ export function isExternalIdentifierKidOpts(opts: ExternalIdentifierOptsBase): o
 export type ExternalIdentifierJwkOpts = Omit<ExternalIdentifierOptsBase, 'method'> & {
   method?: 'jwk'
   identifier: JWK
+  x5c?: ExternalIdentifierX5cOpts
 }
 
 export function isExternalIdentifierJwkOpts(opts: ExternalIdentifierOptsBase): opts is ExternalIdentifierJwkOpts {
@@ -55,6 +71,16 @@ export function isExternalIdentifierJwkOpts(opts: ExternalIdentifierOptsBase): o
   return ('method' in opts && opts.method === 'jwk') || isJwkIdentifier(identifier)
 }
 
+export type ExternalIdentifierCoseKeyOpts = Omit<ExternalIdentifierOptsBase, 'method'> & {
+  method?: 'cose_key'
+  identifier: ICoseKeyJson
+}
+
+export function isExternalIdentifierCoseKeyOpts(opts: ExternalIdentifierOptsBase): opts is ExternalIdentifierCoseKeyOpts {
+  const { identifier } = opts
+  return ('method' in opts && opts.method === 'cose_key') || isCoseKeyIdentifier(identifier)
+}
+
 export type ExternalIdentifierOidcDiscoveryOpts = Omit<ExternalIdentifierOptsBase, 'method'> & {
   method?: 'oidc-discovery'
   identifier: string
@@ -75,28 +101,42 @@ export function isExternalIdentifierJwksUrlOpts(opts: ExternalIdentifierOptsBase
   return ('method' in opts && opts.method === 'oidc-discovery') || isJwksUrlIdentifier(identifier)
 }
 
-export type ExternalIdentifierX5cOpts = Omit<ExternalIdentifierOptsBase, 'method'> & {
-  method?: 'x5c'
-  identifier: string[]
-  verify?: boolean // defaults to true
-  verificationTime?: Date
-  trustAnchors?: string[]
-}
+export type ExternalIdentifierX5cOpts = Omit<ExternalIdentifierOptsBase, 'method'> &
+  X509CertificateChainValidationOpts & {
+    method?: 'x5c'
+    identifier: string[]
+    verify?: boolean // defaults to true
+    verificationTime?: Date
+    trustAnchors?: string[]
+  }
 
 export function isExternalIdentifierX5cOpts(opts: ExternalIdentifierOptsBase): opts is ExternalIdentifierX5cOpts {
   const { identifier } = opts
   return ('method' in opts && opts.method === 'x5c') || isX5cIdentifier(identifier)
 }
 
-export type ExternalIdentifierMethod = 'did' | 'jwk' | 'x5c' | 'kid' | 'oidc-discovery' | 'jwks-url' | 'oid4vci-issuer'
+export type ExternalIdentifierMethod = 'did' | 'jwk' | 'x5c' | 'kid' | 'cose_key' | 'oidc-discovery' | 'jwks-url' | 'oid4vci-issuer'
 
-export type ExternalIdentifierResult = ExternalIdentifierDidResult | ExternalIdentifierX5cResult
+export type ExternalIdentifierResult = IExternalIdentifierResultBase &
+  (ExternalIdentifierDidResult | ExternalIdentifierX5cResult | ExternalIdentifierJwkResult | ExternalIdentifierCoseKeyResult)
 
 export interface IExternalIdentifierResultBase {
   method: ExternalIdentifierMethod
   jwks: Array<ExternalJwkInfo>
 }
 
+export interface ExternalIdentifierJwkResult extends IExternalIdentifierResultBase {
+  method: 'jwk'
+  jwk: JWK
+  x5c?: ExternalIdentifierX5cResult
+}
+
+export interface ExternalIdentifierCoseKeyResult extends IExternalIdentifierResultBase {
+  method: 'cose_key'
+  coseKey: ICoseKeyJson
+  x5c?: ExternalIdentifierX5cResult
+}
+
 export interface ExternalIdentifierX5cResult extends IExternalIdentifierResultBase {
   method: 'x5c'
   x5c: string[]
@@ -107,6 +147,7 @@ export interface ExternalIdentifierX5cResult extends IExternalIdentifierResultBa
 
 export interface ExternalJwkInfo extends JwkInfo {
   kid?: string
+  publicKeyHex: string
 }
 
 export interface ExternalIdentifierDidResult extends IExternalIdentifierResultBase {

package/src/types/managedIdentifierTypes.ts

@@ -1,13 +1,14 @@
-import { JWK } from '@sphereon/ssi-sdk-ext.key-utils'
+import { ClientIdScheme } from '@sphereon/ssi-sdk-ext.x509-utils'
+import { ICoseKeyJson, JWK } from '@sphereon/ssi-types'
 import { DIDDocumentSection, IIdentifier, IKey, TKeyType } from '@veramo/core'
-import { isDidIdentifier, isJwkIdentifier, isKeyIdentifier, isKidIdentifier, isX5cIdentifier, JwkInfo } from './common'
+import { isCoseKeyIdentifier, isDidIdentifier, isJwkIdentifier, isKeyIdentifier, isKidIdentifier, isX5cIdentifier, JwkInfo } from './common'
 
 /**
  * Use whenever we need to pass in an identifier. We can pass in kids, DIDs, IIdentifier objects and x5chains
  *
  * The functions below can be used to check the type, and they also provide the proper 'runtime' types
  */
-export type ManagedIdentifierType = IIdentifier /*did*/ | string /*did or kid*/ | string[] /*x5c*/ | JWK | IKey
+export type ManagedIdentifierType = IIdentifier /*did*/ | string /*did or kid*/ | string[] /*x5c*/ | JWK | IKey | ICoseKeyJson
 
 export type ManagedIdentifierOpts = (
   | ManagedIdentifierJwkOpts
@@ -15,6 +16,7 @@ export type ManagedIdentifierOpts = (
   | ManagedIdentifierDidOpts
   | ManagedIdentifierKidOpts
   | ManagedIdentifierKeyOpts
+  | ManagedIdentifierCoseKeyOpts
 ) &
   ManagedIdentifierOptsBase
 
@@ -24,6 +26,8 @@ export type ManagedIdentifierOptsBase = {
   kmsKeyRef?: string // The key reference for the KMS system. If provided this value will be used to determine the appropriate key. Otherwise it will be inferred
   issuer?: string // can be used when a specific issuer needs to end up, for instance when signing JWTs. Will be returned or inferred if not provided
   kid?: string // can be used when a specific kid value needs to be used. For instance when signing JWTs. Will be returned or inferred if not provided
+  clientId?: string
+  clientIdScheme?: ClientIdScheme | 'did' | string
 }
 
 export type ManagedIdentifierDidOpts = Omit<ManagedIdentifierOptsBase, 'method'> & {
@@ -56,11 +60,21 @@ export type ManagedIdentifierKeyOpts = Omit<ManagedIdentifierOptsBase, 'method'>
   identifier: IKey
 }
 
-export function isManagedIdentifierKeyOpts(opts: ManagedIdentifierOptsBase): opts is ManagedIdentifierKidOpts {
+export function isManagedIdentifierKeyOpts(opts: ManagedIdentifierOptsBase): opts is ManagedIdentifierKeyOpts {
   const { identifier } = opts
   return ('method' in opts && opts.method === 'key') || isKeyIdentifier(identifier)
 }
 
+export type ManagedIdentifierCoseKeyOpts = Omit<ManagedIdentifierOptsBase, 'method'> & {
+  method?: 'cose_key'
+  identifier: ICoseKeyJson
+}
+
+export function isManagedIdentifierCoseKeyOpts(opts: ManagedIdentifierOptsBase): opts is ManagedIdentifierCoseKeyOpts {
+  const { identifier } = opts
+  return ('method' in opts && opts.method === 'cose_key') || isCoseKeyIdentifier(identifier)
+}
+
 export type ManagedIdentifierJwkOpts = Omit<ManagedIdentifierOptsBase, 'method'> & {
   method?: 'jwk'
   identifier: JWK
@@ -91,6 +105,9 @@ export interface IManagedIdentifierResultBase extends ManagedJwkInfo {
   key: IKey
   kid?: string
   issuer?: string
+  clientId?: string
+  clientIdScheme?: ClientIdScheme | 'did' | string
+  identifier: ManagedIdentifierType
 }
 
 export function isManagedIdentifierDidResult(object: IManagedIdentifierResultBase): object is ManagedIdentifierDidResult {
@@ -113,6 +130,10 @@ export function isManagedIdentifierKeyResult(object: IManagedIdentifierResultBas
   return object!! && typeof object === 'object' && 'method' in object && object.method === 'key'
 }
 
+export function isManagedIdentifierCoseKeyResult(object: IManagedIdentifierResultBase): object is ManagedIdentifierCoseKeyResult {
+  return object!! && typeof object === 'object' && 'method' in object && object.method === 'cose_key'
+}
+
 export interface ManagedIdentifierDidResult extends IManagedIdentifierResultBase {
   method: 'did'
   identifier: IIdentifier
@@ -126,27 +147,45 @@ export interface ManagedIdentifierDidResult extends IManagedIdentifierResultBase
 }
 
 export interface ManagedIdentifierJwkResult extends IManagedIdentifierResultBase {
+  identifier: JWK
   method: 'jwk'
 }
 
 export interface ManagedIdentifierKidResult extends IManagedIdentifierResultBase {
   method: 'kid'
+  identifier: string
   kid: string
 }
 
 export interface ManagedIdentifierKeyResult extends IManagedIdentifierResultBase {
   method: 'key'
+  identifier: IKey
+}
+
+export interface ManagedIdentifierCoseKeyResult extends IManagedIdentifierResultBase {
+  method: 'cose_key'
+  identifier: ICoseKeyJson
 }
 
 export interface ManagedIdentifierX5cResult extends IManagedIdentifierResultBase {
   method: 'x5c'
+  identifier: string[]
   x5c: string[]
   certificate: any // Certificate(JSON_, but trips schema generator. Probably want to create our own DTO
 }
 
-export type ManagedIdentifierMethod = 'did' | 'jwk' | 'x5c' | 'kid' | 'key'
+export type ManagedIdentifierMethod = 'did' | 'jwk' | 'x5c' | 'kid' | 'key' | 'cose_key'
 
 export type ManagedIdentifierResult = IManagedIdentifierResultBase &
-  (ManagedIdentifierX5cResult | ManagedIdentifierDidResult | ManagedIdentifierJwkResult | ManagedIdentifierKidResult | ManagedIdentifierKeyResult)
-
-export type ManagedIdentifierOptsOrResult = ManagedIdentifierResult | ManagedIdentifierOpts
+  (
+    | ManagedIdentifierX5cResult
+    | ManagedIdentifierDidResult
+    | ManagedIdentifierJwkResult
+    | ManagedIdentifierKidResult
+    | ManagedIdentifierKeyResult
+    | ManagedIdentifierCoseKeyResult
+  )
+
+export type ManagedIdentifierOptsOrResult = (ManagedIdentifierResult | ManagedIdentifierOpts) & {
+  lazyDisabled?: boolean
+}