@sphereon/ssi-sdk-ext.identifier-resolution 0.25.0 → 0.25.1-feature.SDK.41.oidf.support.11
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/agent/IdentifierResolution.d.ts +1 -0
- package/dist/agent/IdentifierResolution.d.ts.map +1 -1
- package/dist/agent/IdentifierResolution.js +6 -0
- package/dist/agent/IdentifierResolution.js.map +1 -1
- package/dist/functions/externalIdentifierFunctions.d.ts.map +1 -1
- package/dist/functions/externalIdentifierFunctions.js +4 -0
- package/dist/functions/externalIdentifierFunctions.js.map +1 -1
- package/dist/functions/externalOIDFIdentifier.d.ts +19 -0
- package/dist/functions/externalOIDFIdentifier.d.ts.map +1 -0
- package/dist/functions/externalOIDFIdentifier.js +84 -0
- package/dist/functions/externalOIDFIdentifier.js.map +1 -0
- package/dist/functions/index.d.ts +1 -0
- package/dist/functions/index.d.ts.map +1 -1
- package/dist/functions/index.js +1 -0
- package/dist/functions/index.js.map +1 -1
- package/dist/types/IIdentifierResolution.d.ts +3 -1
- package/dist/types/IIdentifierResolution.d.ts.map +1 -1
- package/dist/types/IIdentifierResolution.js +1 -0
- package/dist/types/IIdentifierResolution.js.map +1 -1
- package/dist/types/common.d.ts +1 -0
- package/dist/types/common.d.ts.map +1 -1
- package/dist/types/common.js +4 -0
- package/dist/types/common.js.map +1 -1
- package/dist/types/externalIdentifierTypes.d.ts +18 -3
- package/dist/types/externalIdentifierTypes.d.ts.map +1 -1
- package/dist/types/externalIdentifierTypes.js +5 -0
- package/dist/types/externalIdentifierTypes.js.map +1 -1
- package/package.json +13 -12
- package/plugin.schema.json +130 -1
- package/src/agent/IdentifierResolution.ts +9 -2
- package/src/functions/externalIdentifierFunctions.ts +6 -1
- package/src/functions/externalOIDFIdentifier.ts +95 -0
- package/src/functions/index.ts +1 -0
- package/src/types/IIdentifierResolution.ts +5 -1
- package/src/types/IJwtService.d.ts +226 -0
- package/src/types/common.ts +4 -0
- package/src/types/externalIdentifierTypes.ts +26 -3
|
@@ -33,5 +33,6 @@ export declare class IdentifierResolution implements IAgentPlugin {
|
|
|
33
33
|
private identifierExternalResolveByX5c;
|
|
34
34
|
private identifierExternalResolveByCoseKey;
|
|
35
35
|
private identifierExternalResolveByJwk;
|
|
36
|
+
private identifierExternalResolveByOIDFEntityId;
|
|
36
37
|
}
|
|
37
38
|
//# sourceMappingURL=IdentifierResolution.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"IdentifierResolution.d.ts","sourceRoot":"","sources":["../../src/agent/IdentifierResolution.ts"],"names":[],"mappings":"AAAA,OAAO,EAAiB,YAAY,EAA4B,MAAM,cAAc,CAAA;AAGpF,OAAO,EAWL,qBAAqB,EAiBtB,MAAM,UAAU,CAAA;
|
|
1
|
+
{"version":3,"file":"IdentifierResolution.d.ts","sourceRoot":"","sources":["../../src/agent/IdentifierResolution.ts"],"names":[],"mappings":"AAAA,OAAO,EAAiB,YAAY,EAA4B,MAAM,cAAc,CAAA;AAGpF,OAAO,EAWL,qBAAqB,EAiBtB,MAAM,UAAU,CAAA;AAGjB;;GAEG;AACH,qBAAa,oBAAqB,YAAW,YAAY;IACvD,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAQ;IAEhC,QAAQ,CAAC,MAAM,MAAgC;IAC/C,QAAQ,CAAC,OAAO,EAAE,qBAAqB,CAkBtC;IAED;;OAEG;gBACS,IAAI,CAAC,EAAE;QAAE,MAAM,CAAC,EAAE,MAAM,CAAA;KAAE;IAItC;;;;;;OAMG;YACW,oBAAoB;YAOpB,yBAAyB;YAOzB,yBAAyB;YAOzB,yBAAyB;YAOzB,6BAA6B;YAO7B,kCAAkC;YAOlC,yBAAyB;YAOzB,yBAAyB;YAOzB,yBAAyB;YAIzB,8BAA8B;YAI9B,8BAA8B;YAI9B,kCAAkC;YAOlC,8BAA8B;YAI9B,uCAAuC;CAGtD"}
|
|
@@ -36,6 +36,7 @@ class IdentifierResolution {
|
|
|
36
36
|
identifierExternalResolveByX5c: this.identifierExternalResolveByX5c.bind(this),
|
|
37
37
|
identifierExternalResolveByJwk: this.identifierExternalResolveByJwk.bind(this),
|
|
38
38
|
identifierExternalResolveByCoseKey: this.identifierExternalResolveByCoseKey.bind(this),
|
|
39
|
+
identifierExternalResolveByOIDFEntityId: this.identifierExternalResolveByOIDFEntityId.bind(this),
|
|
39
40
|
// todo: JWKSet, oidc-discovery, oid4vci-issuer etc. Anything we already can resolve and need keys of
|
|
40
41
|
};
|
|
41
42
|
this._crypto = (_a = opts === null || opts === void 0 ? void 0 : opts.crypto) !== null && _a !== void 0 ? _a : global.crypto;
|
|
@@ -112,6 +113,11 @@ class IdentifierResolution {
|
|
|
112
113
|
return (yield this.identifierResolveExternal(Object.assign(Object.assign({}, args), { method: 'jwk' }), context));
|
|
113
114
|
});
|
|
114
115
|
}
|
|
116
|
+
identifierExternalResolveByOIDFEntityId(args, context) {
|
|
117
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
118
|
+
return (yield this.identifierResolveExternal(Object.assign(Object.assign({}, args), { method: 'entity_id' }), context));
|
|
119
|
+
});
|
|
120
|
+
}
|
|
115
121
|
}
|
|
116
122
|
exports.IdentifierResolution = IdentifierResolution;
|
|
117
123
|
//# sourceMappingURL=IdentifierResolution.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"IdentifierResolution.js","sourceRoot":"","sources":["../../src/agent/IdentifierResolution.ts"],"names":[],"mappings":";;;;;;;;;;;;AACA,
|
|
1
|
+
{"version":3,"file":"IdentifierResolution.js","sourceRoot":"","sources":["../../src/agent/IdentifierResolution.ts"],"names":[],"mappings":";;;;;;;;;;;;AACA,0BAAqG;AACrG,4CAAuF;AAgCvF;;GAEG;AACH,MAAa,oBAAoB;IAwB/B;;OAEG;IACH,YAAY,IAA0B;;QAxB7B,WAAM,GAAG,UAAM,CAAC,sBAAsB,CAAA;QACtC,YAAO,GAA0B;YACxC,oBAAoB,EAAE,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,IAAI,CAAC;YAC1D,yBAAyB,EAAE,IAAI,CAAC,yBAAyB,CAAC,IAAI,CAAC,IAAI,CAAC;YACpE,yBAAyB,EAAE,IAAI,CAAC,yBAAyB,CAAC,IAAI,CAAC,IAAI,CAAC;YACpE,yBAAyB,EAAE,IAAI,CAAC,yBAAyB,CAAC,IAAI,CAAC,IAAI,CAAC;YACpE,yBAAyB,EAAE,IAAI,CAAC,yBAAyB,CAAC,IAAI,CAAC,IAAI,CAAC;YACpE,yBAAyB,EAAE,IAAI,CAAC,yBAAyB,CAAC,IAAI,CAAC,IAAI,CAAC;YACpE,6BAA6B,EAAE,IAAI,CAAC,6BAA6B,CAAC,IAAI,CAAC,IAAI,CAAC;YAC5E,kCAAkC,EAAE,IAAI,CAAC,kCAAkC,CAAC,IAAI,CAAC,IAAI,CAAC;YAEtF,yBAAyB,EAAE,IAAI,CAAC,yBAAyB,CAAC,IAAI,CAAC,IAAI,CAAC;YACpE,8BAA8B,EAAE,IAAI,CAAC,8BAA8B,CAAC,IAAI,CAAC,IAAI,CAAC;YAC9E,8BAA8B,EAAE,IAAI,CAAC,8BAA8B,CAAC,IAAI,CAAC,IAAI,CAAC;YAC9E,8BAA8B,EAAE,IAAI,CAAC,8BAA8B,CAAC,IAAI,CAAC,IAAI,CAAC;YAC9E,kCAAkC,EAAE,IAAI,CAAC,kCAAkC,CAAC,IAAI,CAAC,IAAI,CAAC;YACtF,uCAAuC,EAAE,IAAI,CAAC,uCAAuC,CAAC,IAAI,CAAC,IAAI,CAAC;YAEhG,qGAAqG;SACtG,CAAA;QAMC,IAAI,CAAC,OAAO,GAAG,MAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,MAAM,mCAAI,MAAM,CAAC,MAAM,CAAA;IAC9C,CAAC;IAED;;;;;;OAMG;IACW,oBAAoB,CAChC,IAAmC,EACnC,OAA2D;;YAE3D,OAAO,MAAM,IAAA,yCAA6B,kCAAM,IAAI,KAAE,MAAM,EAAE,IAAI,CAAC,OAAO,KAAI,OAAO,CAAC,CAAA;QACxF,CAAC;KAAA;IAEa,yBAAyB,CACrC,IAA8B,EAC9B,OAAyE;;YAEzE,OAAO,CAAC,MAAM,IAAI,CAAC,oBAAoB,iCAAM,IAAI,KAAE,MAAM,EAAE,KAAK,KAAI,OAAO,CAAC,CAA+B,CAAA;QAC7G,CAAC;KAAA;IAEa,yBAAyB,CACrC,IAA8B,EAC9B,OAA2D;;YAE3D,OAAO,CAAC,MAAM,IAAI,CAAC,oBAAoB,iCAAM,IAAI,KAAE,MAAM,EAAE,KAAK,KAAI,OAAO,CAAC,CAA+B,CAAA;QAC7G,CAAC;KAAA;IAEa,yBAAyB,CACrC,IAA8B,EAC9B,OAA2D;;YAE3D,OAAO,CAAC,MAAM,IAAI,CAAC,oBAAoB,iCAAM,IAAI,KAAE,MAAM,EAAE,KAAK,KAAI,OAAO,CAAC,CAA+B,CAAA;QAC7G,CAAC;KAAA;IAEa,6BAA6B,CACzC,IAAkC,EAClC,OAA2D;;YAE3D,OAAO,CAAC,MAAM,IAAI,CAAC,oBAAoB,iCAAM,IAAI,KAAE,MAAM,EAAE,UAAU,KAAI,OAAO,CAAC,CAAmC,CAAA;QACtH,CAAC;KAAA;IAEa,kCAAkC,CAC5C,IAAuC,EACvC,OAA2D;;YAE7D,OAAO,CAAC,MAAM,IAAI,CAAC,oBAAoB,iCAAM,IAAI,KAAE,MAAM,EAAE,gBAAgB,KAAI,OAAO,CAAC,CAAwC,CAAA;QACjI,CAAC;KAAA;IAEa,yBAAyB,CACnC,IAA8B,EAC9B,OAA2D;;YAE7D,OAAO,CAAC,MAAM,IAAI,CAAC,oBAAoB,iCAAM,IAAI,KAAE,MAAM,EAAE,KAAK,KAAI,OAAO,CAAC,CAA+B,CAAA;QAC7G,CAAC;KAAA;IAEa,yBAAyB,CACrC,IAA8B,EAC9B,OAA2D;;YAE3D,OAAO,CAAC,MAAM,IAAI,CAAC,oBAAoB,iCAAM,IAAI,KAAE,MAAM,EAAE,KAAK,KAAI,OAAO,CAAC,CAA+B,CAAA;QAC7G,CAAC;KAAA;IAEa,yBAAyB,CAAC,IAA4B,EAAE,OAAiD;;YACrH,OAAO,MAAM,IAAA,qCAAyB,kCAAM,IAAI,KAAE,MAAM,EAAE,IAAI,CAAC,OAAO,KAAI,OAAO,CAAC,CAAA;QACpF,CAAC;KAAA;IAEa,8BAA8B,CAAC,IAA+B,EAAE,OAA2B;;YACvG,OAAO,CAAC,MAAM,IAAI,CAAC,yBAAyB,iCAAM,IAAI,KAAE,MAAM,EAAE,KAAK,KAAI,OAAO,CAAC,CAAgC,CAAA;QACnH,CAAC;KAAA;IAEa,8BAA8B,CAAC,IAA+B,EAAE,OAA2B;;YACvG,OAAO,CAAC,MAAM,IAAI,CAAC,yBAAyB,iCAAM,IAAI,KAAE,MAAM,EAAE,KAAK,KAAI,OAAO,CAAC,CAAgC,CAAA;QACnH,CAAC;KAAA;IAEa,kCAAkC,CAC9C,IAAmC,EACnC,OAA2B;;YAE3B,OAAO,CAAC,MAAM,IAAI,CAAC,yBAAyB,iCAAM,IAAI,KAAE,MAAM,EAAE,UAAU,KAAI,OAAO,CAAC,CAAoC,CAAA;QAC5H,CAAC;KAAA;IAEa,8BAA8B,CAAC,IAA+B,EAAE,OAA2B;;YACvG,OAAO,CAAC,MAAM,IAAI,CAAC,yBAAyB,iCAAM,IAAI,KAAE,MAAM,EAAE,KAAK,KAAI,OAAO,CAAC,CAAgC,CAAA;QACnH,CAAC;KAAA;IAEa,uCAAuC,CAAC,IAAwC,EAAE,OAAmC;;YACjI,OAAO,CAAC,MAAM,IAAI,CAAC,yBAAyB,iCAAM,IAAI,KAAE,MAAM,EAAE,WAAW,KAAI,OAAO,CAAC,CAAyC,CAAA;QAClI,CAAC;KAAA;CACF;AAxHD,oDAwHC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"externalIdentifierFunctions.d.ts","sourceRoot":"","sources":["../../src/functions/externalIdentifierFunctions.ts"],"names":[],"mappings":"AAWA,OAAO,EAAE,aAAa,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,cAAc,CAAA;AAGpE,OAAO,EACL,6BAA6B,EAC7B,+BAA+B,EAC/B,yBAAyB,EACzB,2BAA2B,EAC3B,yBAAyB,EACzB,2BAA2B,EAE3B,sBAAsB,EACtB,wBAAwB,EACxB,yBAAyB,EACzB,2BAA2B,
|
|
1
|
+
{"version":3,"file":"externalIdentifierFunctions.d.ts","sourceRoot":"","sources":["../../src/functions/externalIdentifierFunctions.ts"],"names":[],"mappings":"AAWA,OAAO,EAAE,aAAa,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,cAAc,CAAA;AAGpE,OAAO,EACL,6BAA6B,EAC7B,+BAA+B,EAC/B,yBAAyB,EACzB,2BAA2B,EAC3B,yBAAyB,EACzB,2BAA2B,EAE3B,sBAAsB,EACtB,wBAAwB,EACxB,yBAAyB,EACzB,2BAA2B,EAU5B,MAAM,UAAU,CAAA;AAIjB,wBAAsB,yBAAyB,CAC7C,IAAI,EAAE,sBAAsB,GAAG;IAC7B,MAAM,CAAC,EAAE,MAAM,CAAA;CAChB,EACD,OAAO,EAAE,aAAa,CAAC,GAAG,CAAC,GAC1B,OAAO,CAAC,wBAAwB,CAAC,CAoBnC;AAED,wBAAsB,4BAA4B,CAChD,IAAI,EAAE,yBAAyB,GAAG;IAChC,MAAM,CAAC,EAAE,MAAM,CAAA;CAChB,EACD,OAAO,EAAE,aAAa,CAAC,SAAS,GAAG,WAAW,CAAC,GAC9C,OAAO,CAAC,2BAA2B,CAAC,CA4EtC;AAED;;;;GAIG;AACH,wBAAsB,4BAA4B,CAChD,IAAI,EAAE,yBAAyB,GAAG;IAChC,GAAG,CAAC,EAAE,yBAAyB,CAAA;CAChC,EACD,OAAO,EAAE,aAAa,CAAC,GAAG,CAAC,GAC1B,OAAO,CAAC,2BAA2B,CAAC,CAuBtC;AAED;;;;GAIG;AACH,wBAAsB,gCAAgC,CACpD,IAAI,EAAE,6BAA6B,GAAG;IACpC,GAAG,CAAC,EAAE,yBAAyB,CAAA;CAChC,EACD,OAAO,EAAE,aAAa,CAAC,GAAG,CAAC,GAC1B,OAAO,CAAC,+BAA+B,CAAC,CAyB1C;AAED,wBAAsB,4BAA4B,CAChD,IAAI,EAAE,yBAAyB,EAC/B,OAAO,EAAE,aAAa,CAAC,SAAS,GAAG,WAAW,CAAC,GAC9C,OAAO,CAAC,2BAA2B,CAAC,CAqDtC"}
|
|
@@ -22,6 +22,7 @@ const ssi_types_1 = require("@sphereon/ssi-types");
|
|
|
22
22
|
const utils_1 = require("@veramo/utils");
|
|
23
23
|
const pkijs_1 = require("pkijs");
|
|
24
24
|
const types_1 = require("../types");
|
|
25
|
+
const _1 = require(".");
|
|
25
26
|
function resolveExternalIdentifier(opts, context) {
|
|
26
27
|
return __awaiter(this, void 0, void 0, function* () {
|
|
27
28
|
let method;
|
|
@@ -37,6 +38,9 @@ function resolveExternalIdentifier(opts, context) {
|
|
|
37
38
|
else if ((0, types_1.isExternalIdentifierCoseKeyOpts)(opts)) {
|
|
38
39
|
return resolveExternalCoseKeyIdentifier(opts, context);
|
|
39
40
|
}
|
|
41
|
+
else if ((0, types_1.isExternalIdentifierOIDFEntityIdOpts)(opts)) {
|
|
42
|
+
return (0, _1.resolveExternalOIDFEntityIdIdentifier)(opts, context);
|
|
43
|
+
}
|
|
40
44
|
else if ((0, types_1.isExternalIdentifierKidOpts)(opts)) {
|
|
41
45
|
method = 'kid';
|
|
42
46
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"externalIdentifierFunctions.js","sourceRoot":"","sources":["../../src/functions/externalIdentifierFunctions.ts"],"names":[],"mappings":";;;;;;;;;;;
|
|
1
|
+
{"version":3,"file":"externalIdentifierFunctions.js","sourceRoot":"","sources":["../../src/functions/externalIdentifierFunctions.ts"],"names":[],"mappings":";;;;;;;;;;;AAuCA,8DAyBC;AAED,oEAiFC;AAOD,oEA4BC;AAOD,4EA8BC;AAED,oEAwDC;AArRD,2EAAyG;AACzG,2EAAsF;AACtF,6EAMyC;AACzC,yEAAiE;AACjE,mDAA+D;AAE/D,yCAAyC;AACzC,iCAA+C;AAC/C,oCAqBiB;AACjB,wBAAyD;AAGzD,SAAsB,yBAAyB,CAC7C,IAEC,EACD,OAA2B;;QAE3B,IAAI,MAA4C,CAAA;QAChD,IAAI,IAAA,mCAA2B,EAAC,IAAI,CAAC,EAAE,CAAC;YACtC,OAAO,4BAA4B,CAAC,IAAI,EAAE,OAAO,CAAC,CAAA;QACpD,CAAC;aAAM,IAAI,IAAA,mCAA2B,EAAC,IAAI,CAAC,EAAE,CAAC;YAC7C,OAAO,4BAA4B,CAAC,IAAI,EAAE,OAAO,CAAC,CAAA;QACpD,CAAC;aAAM,IAAI,IAAA,mCAA2B,EAAC,IAAI,CAAC,EAAE,CAAC;YAC7C,OAAO,4BAA4B,CAAC,IAAI,EAAE,OAAO,CAAC,CAAA;QACpD,CAAC;aAAM,IAAI,IAAA,uCAA+B,EAAC,IAAI,CAAC,EAAE,CAAC;YACjD,OAAO,gCAAgC,CAAC,IAAI,EAAE,OAAO,CAAC,CAAA;QACxD,CAAC;aAAM,IAAI,IAAA,4CAAoC,EAAC,IAAI,CAAC,EAAE,CAAC;YACtD,OAAO,IAAA,wCAAqC,EAAC,IAAI,EAAE,OAAO,CAAC,CAAA;QAC7D,CAAC;aAAM,IAAI,IAAA,mCAA2B,EAAC,IAAI,CAAC,EAAE,CAAC;YAC7C,MAAM,GAAG,KAAK,CAAA;QAChB,CAAC;aAAM,IAAI,IAAA,uCAA+B,EAAC,IAAI,CAAC,EAAE,CAAC;YACjD,MAAM,GAAG,UAAU,CAAA;QACrB,CAAC;aAAM,IAAI,IAAA,6CAAqC,EAAC,IAAI,CAAC,EAAE,CAAC;YACvD,MAAM,GAAG,gBAAgB,CAAA;QAC3B,CAAC;QACD,MAAM,KAAK,CAAC,8BAA8B,MAAM,yBAAyB,CAAC,CAAA;IAC5E,CAAC;CAAA;AAED,SAAsB,4BAA4B,CAChD,IAEC,EACD,OAA+C;;;QAE/C,IAAI,CAAC,IAAA,mCAA2B,EAAC,IAAI,CAAC,EAAE,CAAC;YACvC,OAAO,OAAO,CAAC,MAAM,CAAC,kDAAkD,CAAC,CAAA;QAC3E,CAAC;QACD,MAAM,MAAM,GAAG,MAAA,IAAI,CAAC,MAAM,mCAAI,IAAI,CAAA;QAClC,MAAM,GAAG,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,IAAA,iCAAQ,EAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAA;QACjH,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACrB,OAAO,OAAO,CAAC,MAAM,CAAC,0CAA0C,CAAC,CAAA;QACnE,CAAC;QACD,MAAM,YAAY,GAAG,GAAG,CAAC,GAAG,CAAC,kDAAyB,CAAC,CAAA;QAEvD,IAAI,kBAAoD,CAAA;QACxD,IAAI,SAA0B,CAAA;QAC9B,IAAI,IAAI,GAAsB,EAAE,CAAA;QAEhC,IAAI,MAAM,EAAE,CAAC;YACX,4GAA4G;YAC5G,IAAI,IAAA,uCAAgB,EAAC,OAAO,EAAE,wBAAwB,CAAC,EAAE,CAAC;gBACxD,kBAAkB,GAAG,CAAC,MAAM,OAAO,CAAC,KAAK,CAAC,sBAAsB,CAAC;oBAC/D,KAAK,EAAE,IAAI,CAAC,UAAU;oBACtB,YAAY,EAAE,MAAA,IAAI,CAAC,YAAY,mCAAI,EAAE;oBACrC,gBAAgB,EAAE,IAAI,CAAC,gBAAgB;iBACxC,CAAC,CAAyB,CAAA,CAAC,oGAAoG;YAClI,CAAC;iBAAM,CAAC;gBACN,kBAAkB,GAAG,MAAM,IAAA,qDAA4B,EAAC;oBACtD,KAAK,EAAE,IAAI,CAAC,UAAU;oBACtB,YAAY,EAAE,MAAA,IAAI,CAAC,YAAY,mCAAI,EAAE;oBACrC,gBAAgB,EAAE,IAAI,CAAC,gBAAgB;oBACvC,IAAI;iBACL,CAAC,CAAA;YACJ,CAAC;YACD,IAAI,kBAAkB,CAAC,gBAAgB,EAAE,CAAC;gBACxC,IAAI,GAAG,kBAAkB,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE;oBACtD,OAAO;wBACL,GAAG,EAAE,IAAI,CAAC,YAAY;wBACtB,GAAG,EAAE,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,EAAE;wBACvB,aAAa,EAAE,IAAA,8CAAsB,EAAC,EAAE,GAAG,EAAE,IAAI,CAAC,YAAY,EAAE,CAAC;wBACjE,YAAY,EAAE,IAAA,0CAAkB,EAAC,IAAI,CAAC,YAAY,CAAC;qBAC1B,CAAA;gBAC7B,CAAC,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;QACD,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC/B,MAAM,YAAY,GAAG,IAAI,oBAAY,CAAC;gBACpC,IAAI,EAAE,8BAA8B;gBACpC,MAAM,EAAE,MAAA,IAAI,CAAC,MAAM,mCAAI,MAAM,CAAC,MAAM;aACrC,CAAC,CAAA;YACF,IAAA,iBAAS,EAAC,YAAY,CAAC,IAAI,EAAE,YAAY,CAAC,CAAA;YAC1C,IAAI,GAAG,MAAM,OAAO,CAAC,GAAG,CACtB,YAAY,CAAC,GAAG,CAAC,CAAO,IAAI,EAAE,EAAE;gBAC9B,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,SAAS,EAAE,YAAY,CAAC,CAAA;gBAC3D,MAAM,GAAG,GAAG,CAAC,MAAM,YAAY,CAAC,SAAS,CAAC,KAAK,EAAE,EAAE,CAAC,CAAQ,CAAA;gBAC5D,OAAO;oBACL,GAAG;oBACH,GAAG,EAAE,IAAA,qCAAY,EAAC,IAAI,CAAC,CAAC,EAAE;oBAC1B,aAAa,EAAE,IAAA,8CAAsB,EAAC,EAAE,GAAG,EAAE,CAAC;oBAC9C,YAAY,EAAE,IAAA,0CAAkB,EAAC,GAAG,CAAC;iBACZ,CAAA;YAC7B,CAAC,CAAA,CAAC,CACH,CAAA;QACH,CAAC;QACD,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACtB,OAAO,OAAO,CAAC,MAAM,CAAC,0CAA0C,CAAC,CAAA;QACnE,CAAC;QACD,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,SAAS,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,CAAA;QACzB,CAAC;QAED,OAAO;YACL,MAAM,EAAE,KAAK;YACb,kBAAkB;YAClB,SAAS;YACT,IAAI;YACJ,YAAY;YACZ,GAAG;SACJ,CAAA;IACH,CAAC;CAAA;AAED;;;;GAIG;AACH,SAAsB,4BAA4B,CAChD,IAEC,EACD,OAA2B;;QAE3B,IAAI,CAAC,IAAA,mCAA2B,EAAC,IAAI,CAAC,EAAE,CAAC;YACvC,OAAO,OAAO,CAAC,MAAM,CAAC,kDAAkD,CAAC,CAAA;QAC3E,CAAC;QACD,MAAM,GAAG,GAAG,IAAI,CAAC,UAAU,CAAA;QAC3B,IAAI,GAAG,GAA4C,SAAS,CAAA;QAC5D,IAAI,GAAG,CAAC,GAAG,EAAE,CAAC;YACZ,GAAG,GAAG,MAAM,4BAA4B,iCAAM,IAAI,CAAC,GAAG,KAAE,UAAU,EAAE,GAAG,CAAC,GAAG,KAAI,OAAO,CAAC,CAAA;QACzF,CAAC;QACD,MAAM,aAAa,GAAG,IAAA,8CAAsB,EAAC,EAAE,GAAG,EAAE,CAAC,CAAA;QACrD,OAAO;YACL,MAAM,EAAE,KAAK;YACb,GAAG;YACH,IAAI,EAAE;gBACJ;oBACE,GAAG;oBACH,aAAa;oBACb,GAAG,EAAE,GAAG,CAAC,GAAG;oBACZ,YAAY,EAAE,IAAA,0CAAkB,EAAC,GAAG,CAAC;iBACtC;aACF;YACD,GAAG;SACkC,CAAA;IACzC,CAAC;CAAA;AAED;;;;GAIG;AACH,SAAsB,gCAAgC,CACpD,IAEC,EACD,OAA2B;;QAE3B,IAAI,CAAC,IAAA,uCAA+B,EAAC,IAAI,CAAC,EAAE,CAAC;YAC3C,OAAO,OAAO,CAAC,MAAM,CAAC,4CAA4C,CAAC,CAAA;QACrE,CAAC;QACD,oDAAoD;QACpD,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,CAAA;QAC/B,IAAI,GAAG,GAA4C,SAAS,CAAA;QAC5D,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;YACpB,GAAG,GAAG,MAAM,4BAA4B,iCAAM,IAAI,CAAC,GAAG,KAAE,UAAU,EAAE,OAAO,CAAC,OAAO,KAAI,OAAO,CAAC,CAAA;QACjG,CAAC;QACD,MAAM,GAAG,GAAG,IAAA,oCAAY,EAAC,OAAO,CAAC,CAAA;QACjC,MAAM,aAAa,GAAG,IAAA,8CAAsB,EAAC,EAAE,GAAG,EAAE,CAAC,CAAA;QACrD,OAAO;YACL,MAAM,EAAE,UAAU;YAClB,OAAO;YACP,IAAI,EAAE;gBACJ;oBACE,GAAG;oBACH,aAAa;oBACb,GAAG,EAAE,OAAO,CAAC,GAAG;oBAChB,YAAY,EAAE,IAAA,0CAAkB,EAAC,GAAG,CAAC;iBACtC;aACF;YACD,GAAG;SACsC,CAAA;IAC7C,CAAC;CAAA;AAED,SAAsB,4BAA4B,CAChD,IAA+B,EAC/B,OAA+C;;;QAE/C,IAAI,CAAC,IAAA,mCAA2B,EAAC,IAAI,CAAC,EAAE,CAAC;YACvC,OAAO,OAAO,CAAC,MAAM,CAAC,kDAAkD,CAAC,CAAA;QAC3E,CAAC;aAAM,IAAI,CAAC,IAAA,uCAAgB,EAA0B,OAAO,EAAE,YAAY,CAAC,EAAE,CAAC;YAC7E,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,2EAA2E,CAAC,CAAC,CAAA;QAC3G,CAAC;QACD,MAAM,EAAE,qBAAqB,GAAG,KAAK,EAAE,eAAe,GAAG,IAAI,EAAE,kBAAkB,GAAG,IAAI,EAAE,GAAG,IAAI,CAAA;QACjG,MAAM,GAAG,GAAG,IAAI,CAAC,UAAU,CAAA;QAC3B,IAAI,MAAkB,CAAA;QACtB,IAAI,CAAC;YACH,MAAM,GAAG,IAAA,oBAAQ,EAAC,GAAG,CAAC,CAAA;QACxB,CAAC;QAAC,OAAO,KAAc,EAAE,CAAC;YACxB,iCAAiC;YACjC,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;QAC9B,CAAC;QACD,MAAM,SAAS,GAAG,MAAM,CAAA;QACxB,MAAM,mBAAmB,GAAG,MAAM,IAAA,wCAAgB,EAAC,OAAO,EAAE;YAC1D,qBAAqB;YACrB,eAAe;YACf,kBAAkB;SACnB,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;QACf,MAAM,WAAW,GAAG,MAAA,mBAAmB,CAAC,WAAW,mCAAI,SAAS,CAAA;QAChE,MAAM,OAAO,GAAG,WAAW,CAAC,CAAC,CAAC,IAAA,yCAAiB,EAAC,WAAW,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QACxE,MAAM,IAAI,GAAG,OAAO;YAClB,CAAC,CAAC,KAAK,CAAC,IAAI,CACR,IAAI,GAAG,CACL,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC;iBACnB,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAA,iBAAS,EAAC,IAAI,CAAC,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;iBACpD,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,CAC3B,CACF,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;gBACZ,OAAO;oBACL,GAAG;oBACH,aAAa,EAAE,IAAA,8CAAsB,EAAC,EAAE,GAAG,EAAE,CAAC;oBAC9C,GAAG,EAAE,GAAG,CAAC,GAAG;oBACZ,YAAY,EAAE,IAAA,0CAAkB,EAAC,GAAG,CAAC;iBACtC,CAAA;YACH,CAAC,CAAC;YACJ,CAAC,CAAC,EAAE,CAAA;QAEN,IAAI,mBAAmB,aAAnB,mBAAmB,uBAAnB,mBAAmB,CAAE,WAAW,EAAE,CAAC;YACrC,qFAAqF;YACrF,OAAO,mBAAmB,CAAC,aAAa,CAAC,CAAA;QAC3C,CAAC;QACD,OAAO;YACL,MAAM,EAAE,KAAK;YACb,GAAG;YACH,IAAI;YACJ,OAAO;YACP,WAAW;YACX,mBAAmB;YACnB,SAAS;SACV,CAAA;IACH,CAAC;CAAA"}
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
import { ExternalIdentifierOIDFEntityIdOpts, ExternalIdentifierOIDFEntityIdResult } from '../types';
|
|
2
|
+
import { IAgentContext } from '@veramo/core';
|
|
3
|
+
import { IOIDFClient } from '@sphereon/ssi-sdk.oidf-client';
|
|
4
|
+
/**
|
|
5
|
+
* Resolves an OIDF Entity ID against multiple trust anchors to establish trusted relationships
|
|
6
|
+
*
|
|
7
|
+
* @param opts Configuration options containing the identifier to resolve and trust anchors to validate against
|
|
8
|
+
* @param context Agent context that must include the OIDF client plugin and JWT verification capabilities
|
|
9
|
+
*
|
|
10
|
+
* @returns Promise resolving to an ExternalIdentifierOIDFEntityIdResult containing:
|
|
11
|
+
* - trustedAnchors: Record mapping trust anchors to their public key hexes
|
|
12
|
+
* - errorList: Optional record of errors encountered per trust anchor
|
|
13
|
+
* - jwks: Array of JWK information from the trust chain
|
|
14
|
+
* - trustEstablished: Boolean indicating if any trust relationships were established
|
|
15
|
+
*
|
|
16
|
+
* @throws Error if trust anchors are missing or JWT verification plugin is not enabled
|
|
17
|
+
*/
|
|
18
|
+
export declare function resolveExternalOIDFEntityIdIdentifier(opts: ExternalIdentifierOIDFEntityIdOpts, context: IAgentContext<IOIDFClient>): Promise<ExternalIdentifierOIDFEntityIdResult>;
|
|
19
|
+
//# sourceMappingURL=externalOIDFIdentifier.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"externalOIDFIdentifier.d.ts","sourceRoot":"","sources":["../../src/functions/externalOIDFIdentifier.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,kCAAkC,EAClC,oCAAoC,EAGrC,MAAM,UAAU,CAAA;AACjB,OAAO,EAAE,aAAa,EAAE,MAAM,cAAc,CAAA;AAC5C,OAAO,EAAE,WAAW,EAAE,MAAM,+BAA+B,CAAA;AAK3D;;;;;;;;;;;;;GAaG;AACH,wBAAsB,qCAAqC,CACzD,IAAI,EAAE,kCAAkC,EACxC,OAAO,EAAE,aAAa,CAAC,WAAW,CAAC,GAClC,OAAO,CAAC,oCAAoC,CAAC,CAgE/C"}
|
|
@@ -0,0 +1,84 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
3
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
4
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
5
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
6
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
7
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
8
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
9
|
+
});
|
|
10
|
+
};
|
|
11
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
|
+
exports.resolveExternalOIDFEntityIdIdentifier = resolveExternalOIDFEntityIdIdentifier;
|
|
13
|
+
const ssi_sdk_agent_config_1 = require("@sphereon/ssi-sdk.agent-config");
|
|
14
|
+
/**
|
|
15
|
+
* Resolves an OIDF Entity ID against multiple trust anchors to establish trusted relationships
|
|
16
|
+
*
|
|
17
|
+
* @param opts Configuration options containing the identifier to resolve and trust anchors to validate against
|
|
18
|
+
* @param context Agent context that must include the OIDF client plugin and JWT verification capabilities
|
|
19
|
+
*
|
|
20
|
+
* @returns Promise resolving to an ExternalIdentifierOIDFEntityIdResult containing:
|
|
21
|
+
* - trustedAnchors: Record mapping trust anchors to their public key hexes
|
|
22
|
+
* - errorList: Optional record of errors encountered per trust anchor
|
|
23
|
+
* - jwks: Array of JWK information from the trust chain
|
|
24
|
+
* - trustEstablished: Boolean indicating if any trust relationships were established
|
|
25
|
+
*
|
|
26
|
+
* @throws Error if trust anchors are missing or JWT verification plugin is not enabled
|
|
27
|
+
*/
|
|
28
|
+
function resolveExternalOIDFEntityIdIdentifier(opts, context) {
|
|
29
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
30
|
+
var _a;
|
|
31
|
+
let { trustAnchors, identifier } = opts;
|
|
32
|
+
if (!trustAnchors || trustAnchors.length === 0) {
|
|
33
|
+
return Promise.reject(Error('ExternalIdentifierOIDFEntityIdOpts is missing the trustAnchors'));
|
|
34
|
+
}
|
|
35
|
+
if (!(0, ssi_sdk_agent_config_1.contextHasPlugin)(context, 'jwtVerifyJwsSignature')) {
|
|
36
|
+
return Promise.reject(Error('For OIDFEntityId resolving the agent needs to have the JwtService plugin enabled'));
|
|
37
|
+
}
|
|
38
|
+
const trustedAnchors = {};
|
|
39
|
+
const errorList = {};
|
|
40
|
+
const jwkInfos = [];
|
|
41
|
+
for (const trustAnchor of trustAnchors) {
|
|
42
|
+
const resolveResult = yield context.agent.resolveTrustChain({
|
|
43
|
+
entityIdentifier: identifier,
|
|
44
|
+
trustAnchors: [trustAnchor]
|
|
45
|
+
});
|
|
46
|
+
if (resolveResult.error || !resolveResult.trustChain) {
|
|
47
|
+
errorList[trustAnchor] = (_a = resolveResult.errorMessage) !== null && _a !== void 0 ? _a : 'unspecified';
|
|
48
|
+
}
|
|
49
|
+
else {
|
|
50
|
+
const trustChain = resolveResult.trustChain.asJsReadonlyArrayView();
|
|
51
|
+
let authorityJWK = undefined;
|
|
52
|
+
for (const [i, jwt] of [...trustChain].reverse().entries()) {
|
|
53
|
+
const isLast = i === trustChain.length - 1;
|
|
54
|
+
const verifyArgs = { jws: jwt };
|
|
55
|
+
if (authorityJWK && !isLast) {
|
|
56
|
+
verifyArgs.jwk = authorityJWK;
|
|
57
|
+
}
|
|
58
|
+
const jwtVerifyResult = yield context.agent.jwtVerifyJwsSignature(verifyArgs);
|
|
59
|
+
if (jwtVerifyResult.error || jwtVerifyResult.critical) {
|
|
60
|
+
errorList[trustAnchor] = jwtVerifyResult.message;
|
|
61
|
+
break;
|
|
62
|
+
}
|
|
63
|
+
if (jwtVerifyResult.jws.signatures.length === 0) {
|
|
64
|
+
errorList[trustAnchor] = 'No signature was present in the trust anchor JWS';
|
|
65
|
+
break;
|
|
66
|
+
}
|
|
67
|
+
const signature = jwtVerifyResult.jws.signatures[0];
|
|
68
|
+
if (signature.identifier.jwks.length === 0) {
|
|
69
|
+
errorList[trustAnchor] = 'No JWK was present in the trust anchor signature';
|
|
70
|
+
break;
|
|
71
|
+
}
|
|
72
|
+
const jwkInfo = signature.identifier.jwks[0];
|
|
73
|
+
if (!authorityJWK) {
|
|
74
|
+
authorityJWK = jwkInfo.jwk;
|
|
75
|
+
jwkInfos.push(jwkInfo);
|
|
76
|
+
trustedAnchors[trustAnchor] = signature.publicKeyHex; // When we have multiple hits from different trust anchor authorities the caller can infer which signature came from which trust anchor
|
|
77
|
+
}
|
|
78
|
+
}
|
|
79
|
+
}
|
|
80
|
+
}
|
|
81
|
+
return Object.assign(Object.assign({ method: 'entity_id', trustedAnchors }, (Object.keys(errorList).length > 0 && { errorList })), { jwks: jwkInfos, trustEstablished: Object.keys(trustedAnchors).length > 0 });
|
|
82
|
+
});
|
|
83
|
+
}
|
|
84
|
+
//# sourceMappingURL=externalOIDFIdentifier.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"externalOIDFIdentifier.js","sourceRoot":"","sources":["../../src/functions/externalOIDFIdentifier.ts"],"names":[],"mappings":";;;;;;;;;;;AA2BA,sFAmEC;AArFD,yEAAiE;AAIjE;;;;;;;;;;;;;GAaG;AACH,SAAsB,qCAAqC,CACzD,IAAwC,EACxC,OAAmC;;;QAEnC,IAAI,EAAE,YAAY,EAAE,UAAU,EAAE,GAAG,IAAI,CAAA;QAEvC,IAAI,CAAC,YAAY,IAAI,YAAY,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC/C,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,gEAAgE,CAAC,CAAC,CAAA;QAChG,CAAC;QAED,IAAI,CAAC,IAAA,uCAAgB,EAAC,OAAO,EAAE,uBAAuB,CAAC,EAAE,CAAC;YACxD,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,kFAAkF,CAAC,CAAC,CAAA;QAClH,CAAC;QAED,MAAM,cAAc,GAAwC,EAAE,CAAA;QAC9D,MAAM,SAAS,GAAwC,EAAE,CAAA;QACzD,MAAM,QAAQ,GAA2B,EAAE,CAAA;QAE3C,KAAK,MAAM,WAAW,IAAI,YAAY,EAAE,CAAC;YACvC,MAAM,aAAa,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC,iBAAiB,CAAC;gBAC1D,gBAAgB,EAAE,UAAU;gBAC5B,YAAY,EAAE,CAAC,WAAW,CAAC;aAC5B,CAAC,CAAA;YAEF,IAAI,aAAa,CAAC,KAAK,IAAI,CAAC,aAAa,CAAC,UAAU,EAAE,CAAC;gBACrD,SAAS,CAAC,WAAW,CAAC,GAAG,MAAA,aAAa,CAAC,YAAY,mCAAI,aAAa,CAAA;YACtE,CAAC;iBAAM,CAAC;gBACN,MAAM,UAAU,GAA0B,aAAa,CAAC,UAAU,CAAC,qBAAqB,EAAE,CAAA;gBAC1F,IAAI,YAAY,GAAmB,SAAS,CAAA;gBAC5C,KAAK,MAAM,CAAC,CAAC,EAAE,GAAG,CAAC,IAAI,CAAC,GAAG,UAAU,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC;oBAC3D,MAAM,MAAM,GAAG,CAAC,KAAK,UAAU,CAAC,MAAM,GAAG,CAAC,CAAA;oBAE1C,MAAM,UAAU,GAAiB,EAAC,GAAG,EAAE,GAAG,EAAC,CAAA;oBAC3C,IAAG,YAAY,IAAI,CAAC,MAAM,EAAE,CAAC;wBAC3B,UAAU,CAAC,GAAG,GAAG,YAAY,CAAA;oBAC/B,CAAC;oBACD,MAAM,eAAe,GAAwB,MAAM,OAAO,CAAC,KAAK,CAAC,qBAAqB,CAAC,UAAU,CAAC,CAAA;oBAClG,IAAG,eAAe,CAAC,KAAK,IAAI,eAAe,CAAC,QAAQ,EAAE,CAAC;wBACrD,SAAS,CAAC,WAAW,CAAC,GAAG,eAAe,CAAC,OAAO,CAAA;wBAChD,MAAK;oBACP,CAAC;oBACD,IAAG,eAAe,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;wBAC/C,SAAS,CAAC,WAAW,CAAC,GAAG,kDAAkD,CAAA;wBAC3E,MAAK;oBACP,CAAC;oBACD,MAAM,SAAS,GAAG,eAAe,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,CAAA;oBACnD,IAAG,SAAS,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;wBAC1C,SAAS,CAAC,WAAW,CAAC,GAAG,kDAAkD,CAAA;wBAC3E,MAAK;oBACP,CAAC;oBACD,MAAM,OAAO,GAAmB,SAAS,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;oBAC5D,IAAG,CAAC,YAAY,EAAE,CAAC;wBACjB,YAAY,GAAG,OAAO,CAAC,GAAG,CAAA;wBAC1B,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;wBACtB,cAAc,CAAC,WAAW,CAAC,GAAG,SAAS,CAAC,YAAY,CAAA,CAAC,yIAAyI;oBAChM,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,qCACE,MAAM,EAAE,WAAW,EACnB,cAAc,IACX,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,SAAS,EAAE,CAAC,KACvD,IAAI,EAAE,QAAQ,EACd,gBAAgB,EAAE,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,MAAM,GAAG,CAAC,IACzD;IACH,CAAC;CAAA"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/functions/index.ts"],"names":[],"mappings":"AAAA,cAAc,8BAA8B,CAAA;AAC5C,cAAc,+BAA+B,CAAA;AAC7C,cAAc,iBAAiB,CAAA"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/functions/index.ts"],"names":[],"mappings":"AAAA,cAAc,8BAA8B,CAAA;AAC5C,cAAc,+BAA+B,CAAA;AAC7C,cAAc,0BAA0B,CAAA;AACxC,cAAc,iBAAiB,CAAA"}
|
package/dist/functions/index.js
CHANGED
|
@@ -16,5 +16,6 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
|
16
16
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
17
|
__exportStar(require("./managedIdentifierFunctions"), exports);
|
|
18
18
|
__exportStar(require("./externalIdentifierFunctions"), exports);
|
|
19
|
+
__exportStar(require("./externalOIDFIdentifier"), exports);
|
|
19
20
|
__exportStar(require("./LegacySupport"), exports);
|
|
20
21
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/functions/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,+DAA4C;AAC5C,gEAA6C;AAC7C,kDAA+B"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/functions/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,+DAA4C;AAC5C,gEAA6C;AAC7C,2DAAwC;AACxC,kDAA+B"}
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
import { IAgentContext, IDIDManager, IKeyManager, IPluginMethodMap } from '@veramo/core';
|
|
2
|
-
import { ExternalIdentifierCoseKeyOpts, ExternalIdentifierCoseKeyResult, ExternalIdentifierDidOpts, ExternalIdentifierDidResult, ExternalIdentifierJwkOpts, ExternalIdentifierJwkResult, ExternalIdentifierOpts, ExternalIdentifierResult, ExternalIdentifierX5cOpts, ExternalIdentifierX5cResult } from './externalIdentifierTypes';
|
|
2
|
+
import { ExternalIdentifierCoseKeyOpts, ExternalIdentifierCoseKeyResult, ExternalIdentifierDidOpts, ExternalIdentifierDidResult, ExternalIdentifierOIDFEntityIdOpts, ExternalIdentifierOIDFEntityIdResult, ExternalIdentifierJwkOpts, ExternalIdentifierJwkResult, ExternalIdentifierOpts, ExternalIdentifierResult, ExternalIdentifierX5cOpts, ExternalIdentifierX5cResult } from './externalIdentifierTypes';
|
|
3
3
|
import { ManagedIdentifierCoseKeyOpts, ManagedIdentifierCoseKeyResult, ManagedIdentifierDidOpts, ManagedIdentifierDidResult, ManagedIdentifierOID4VCIssuerOpts, ManagedIdentifierOID4VCIssuerResult, ManagedIdentifierJwkOpts, ManagedIdentifierJwkResult, ManagedIdentifierKeyOpts, ManagedIdentifierKeyResult, ManagedIdentifierKidOpts, ManagedIdentifierKidResult, ManagedIdentifierOptsOrResult, ManagedIdentifierResult, ManagedIdentifierX5cOpts, ManagedIdentifierX5cResult } from './managedIdentifierTypes';
|
|
4
|
+
import { IOIDFClient } from '@sphereon/ssi-sdk.oidf-client';
|
|
4
5
|
export declare const identifierResolutionContextMethods: Array<string>;
|
|
5
6
|
/**
|
|
6
7
|
* @public
|
|
@@ -37,5 +38,6 @@ export interface IIdentifierResolution extends IPluginMethodMap {
|
|
|
37
38
|
identifierExternalResolveByJwk(args: ExternalIdentifierJwkOpts, context: IAgentContext<any>): Promise<ExternalIdentifierJwkResult>;
|
|
38
39
|
identifierExternalResolveByCoseKey(args: ExternalIdentifierCoseKeyOpts, context: IAgentContext<any>): Promise<ExternalIdentifierCoseKeyResult>;
|
|
39
40
|
identifierExternalResolveByX5c(args: ExternalIdentifierX5cOpts, context: IAgentContext<any>): Promise<ExternalIdentifierX5cResult>;
|
|
41
|
+
identifierExternalResolveByOIDFEntityId(args: ExternalIdentifierOIDFEntityIdOpts, context: IAgentContext<IOIDFClient>): Promise<ExternalIdentifierOIDFEntityIdResult>;
|
|
40
42
|
}
|
|
41
43
|
//# sourceMappingURL=IIdentifierResolution.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"IIdentifierResolution.d.ts","sourceRoot":"","sources":["../../src/types/IIdentifierResolution.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,WAAW,EAAE,WAAW,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAA;AACxF,OAAO,EACL,6BAA6B,EAC7B,+BAA+B,EAC/B,yBAAyB,EACzB,2BAA2B,
|
|
1
|
+
{"version":3,"file":"IIdentifierResolution.d.ts","sourceRoot":"","sources":["../../src/types/IIdentifierResolution.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,WAAW,EAAE,WAAW,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAA;AACxF,OAAO,EACL,6BAA6B,EAC7B,+BAA+B,EAC/B,yBAAyB,EACzB,2BAA2B,EAAE,kCAAkC,EAAE,oCAAoC,EACrG,yBAAyB,EACzB,2BAA2B,EAC3B,sBAAsB,EACtB,wBAAwB,EACxB,yBAAyB,EACzB,2BAA2B,EAC5B,MAAM,2BAA2B,CAAA;AAClC,OAAO,EACL,4BAA4B,EAC5B,8BAA8B,EAC9B,wBAAwB,EACxB,0BAA0B,EAC1B,iCAAiC,EACjC,mCAAmC,EACnC,wBAAwB,EACxB,0BAA0B,EAC1B,wBAAwB,EACxB,0BAA0B,EAC1B,wBAAwB,EACxB,0BAA0B,EAC1B,6BAA6B,EAC7B,uBAAuB,EACvB,wBAAwB,EACxB,0BAA0B,EAC3B,MAAM,0BAA0B,CAAA;AACjC,OAAO,EAAE,WAAW,EAAE,MAAM,+BAA+B,CAAA;AAG3D,eAAO,MAAM,kCAAkC,EAAE,KAAK,CAAC,MAAM,CAe5D,CAAA;AAED;;GAEG;AACH,MAAM,WAAW,qBAAsB,SAAQ,gBAAgB;IAC7D;;;;;;;;;;;OAWG;IACH,oBAAoB,CAAC,IAAI,EAAE,6BAA6B,EAAE,OAAO,EAAE,aAAa,CAAC,WAAW,CAAC,GAAG,OAAO,CAAC,uBAAuB,CAAC,CAAA;IAEhI,yBAAyB,CAAC,IAAI,EAAE,wBAAwB,EAAE,OAAO,EAAE,aAAa,CAAC,WAAW,GAAG,WAAW,CAAC,GAAG,OAAO,CAAC,0BAA0B,CAAC,CAAA;IAEjJ,yBAAyB,CAAC,IAAI,EAAE,wBAAwB,EAAE,OAAO,EAAE,aAAa,CAAC,WAAW,CAAC,GAAG,OAAO,CAAC,0BAA0B,CAAC,CAAA;IAEnI,yBAAyB,CAAC,IAAI,EAAE,wBAAwB,EAAE,OAAO,EAAE,aAAa,CAAC,WAAW,CAAC,GAAG,OAAO,CAAC,0BAA0B,CAAC,CAAA;IAEnI,yBAAyB,CAAC,IAAI,EAAE,wBAAwB,EAAE,OAAO,EAAE,aAAa,CAAC,WAAW,CAAC,GAAG,OAAO,CAAC,0BAA0B,CAAC,CAAA;IAEnI,yBAAyB,CAAC,IAAI,EAAE,wBAAwB,EAAE,OAAO,EAAE,aAAa,CAAC,WAAW,CAAC,GAAG,OAAO,CAAC,0BAA0B,CAAC,CAAA;IAEnI,6BAA6B,CAC3B,IAAI,EAAE,4BAA4B,EAClC,OAAO,EAAE,aAAa,CAAC,WAAW,GAAG,qBAAqB,CAAC,GAC1D,OAAO,CAAC,8BAA8B,CAAC,CAAA;IAE1C,kCAAkC,CAAC,IAAI,EAAE,iCAAiC,EAAE,OAAO,EAAE,aAAa,CAAC,GAAG,CAAC,GAAG,OAAO,CAAC,mCAAmC,CAAC,CAAA;IAItJ;;;;;OAKG;IACH,yBAAyB,CAAC,IAAI,EAAE,sBAAsB,EAAE,OAAO,EAAE,aAAa,CAAC,GAAG,CAAC,GAAG,OAAO,CAAC,wBAAwB,CAAC,CAAA;IAEvH,8BAA8B,CAAC,IAAI,EAAE,yBAAyB,EAAE,OAAO,EAAE,aAAa,CAAC,GAAG,CAAC,GAAG,OAAO,CAAC,2BAA2B,CAAC,CAAA;IAElI,8BAA8B,CAAC,IAAI,EAAE,yBAAyB,EAAE,OAAO,EAAE,aAAa,CAAC,GAAG,CAAC,GAAG,OAAO,CAAC,2BAA2B,CAAC,CAAA;IAElI,kCAAkC,CAAC,IAAI,EAAE,6BAA6B,EAAE,OAAO,EAAE,aAAa,CAAC,GAAG,CAAC,GAAG,OAAO,CAAC,+BAA+B,CAAC,CAAA;IAE9I,8BAA8B,CAAC,IAAI,EAAE,yBAAyB,EAAE,OAAO,EAAE,aAAa,CAAC,GAAG,CAAC,GAAG,OAAO,CAAC,2BAA2B,CAAC,CAAA;IAElI,uCAAuC,CAAC,IAAI,EAAE,kCAAkC,EAAE,OAAO,EAAE,aAAa,CAAC,WAAW,CAAC,GAAG,OAAO,CAAC,oCAAoC,CAAC,CAAA;CACtK"}
|
|
@@ -16,5 +16,6 @@ exports.identifierResolutionContextMethods = [
|
|
|
16
16
|
'identifierExternalResolveByX5c',
|
|
17
17
|
'identifierExternalResolveByJwk',
|
|
18
18
|
'identifierExternalResolveByCoseKey',
|
|
19
|
+
'identifierExternalResolveByOIDFEntityId',
|
|
19
20
|
];
|
|
20
21
|
//# sourceMappingURL=IIdentifierResolution.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"IIdentifierResolution.js","sourceRoot":"","sources":["../../src/types/IIdentifierResolution.ts"],"names":[],"mappings":";;;
|
|
1
|
+
{"version":3,"file":"IIdentifierResolution.js","sourceRoot":"","sources":["../../src/types/IIdentifierResolution.ts"],"names":[],"mappings":";;;AAiCA,wDAAwD;AAC3C,QAAA,kCAAkC,GAAkB;IAC/D,sBAAsB;IACtB,2BAA2B;IAC3B,2BAA2B;IAC3B,2BAA2B;IAC3B,2BAA2B;IAC3B,2BAA2B;IAC3B,oCAAoC;IACpC,+BAA+B;IAC/B,2BAA2B;IAC3B,gCAAgC;IAChC,gCAAgC;IAChC,gCAAgC;IAChC,oCAAoC;IACpC,yCAAyC;CAC1C,CAAA"}
|
package/dist/types/common.d.ts
CHANGED
|
@@ -15,5 +15,6 @@ export declare function isKidIdentifier(identifier: ManagedIdentifierType | Exte
|
|
|
15
15
|
export declare function isOID4VCIssuerIdentifier(identifier: ManagedIdentifierType | ExternalIdentifierType): identifier is string;
|
|
16
16
|
export declare function isKeyIdentifier(identifier: ManagedIdentifierType): identifier is IKey;
|
|
17
17
|
export declare function isCoseKeyIdentifier(identifier: ManagedIdentifierType): identifier is ICoseKeyJson;
|
|
18
|
+
export declare function isOIDFEntityIdIdentifier(identifier: ManagedIdentifierType): identifier is ICoseKeyJson;
|
|
18
19
|
export declare function isX5cIdentifier(identifier: ManagedIdentifierType | ExternalIdentifierType): identifier is string[];
|
|
19
20
|
//# sourceMappingURL=common.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"common.d.ts","sourceRoot":"","sources":["../../src/types/common.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,GAAG,EAAE,MAAM,qBAAqB,CAAA;AACvD,OAAO,EAAE,WAAW,EAAE,IAAI,EAAE,MAAM,cAAc,CAAA;AAChD,OAAO,EAAE,sBAAsB,EAAE,MAAM,2BAA2B,CAAA;AAClE,OAAO,EAAE,qBAAqB,EAAE,MAAM,0BAA0B,CAAA;AAEhE,MAAM,WAAW,OAAO;IACtB,GAAG,EAAE,GAAG,CAAA;IACR,aAAa,EAAE,MAAM,CAAA;CACtB;AAED,wBAAgB,eAAe,CAAC,UAAU,EAAE,qBAAqB,GAAG,sBAAsB,GAAG,UAAU,IAAI,WAAW,GAAG,MAAM,CAE9H;AAED,wBAAgB,aAAa,CAAC,UAAU,EAAE,qBAAqB,GAAG,sBAAsB,GAAG,UAAU,IAAI,WAAW,CAEnH;AAED,wBAAgB,eAAe,CAAC,UAAU,EAAE,qBAAqB,GAAG,sBAAsB,GAAG,UAAU,IAAI,GAAG,CAE7G;AAED,wBAAgB,yBAAyB,CAAC,UAAU,EAAE,qBAAqB,GAAG,sBAAsB,GAAG,UAAU,IAAI,MAAM,CAE1H;AAED,wBAAgB,mBAAmB,CAAC,UAAU,EAAE,qBAAqB,GAAG,sBAAsB,GAAG,UAAU,IAAI,MAAM,CAEpH;AAED,wBAAgB,eAAe,CAAC,UAAU,EAAE,qBAAqB,GAAG,sBAAsB,GAAG,UAAU,IAAI,MAAM,CAEhH;AAED,wBAAgB,wBAAwB,CAAC,UAAU,EAAE,qBAAqB,GAAG,sBAAsB,GAAG,UAAU,IAAI,MAAM,CAEzH;AAED,wBAAgB,eAAe,CAAC,UAAU,EAAE,qBAAqB,GAAG,UAAU,IAAI,IAAI,CAQrF;AAED,wBAAgB,mBAAmB,CAAC,UAAU,EAAE,qBAAqB,GAAG,UAAU,IAAI,YAAY,CAEjG;AAED,wBAAgB,eAAe,CAAC,UAAU,EAAE,qBAAqB,GAAG,sBAAsB,GAAG,UAAU,IAAI,MAAM,EAAE,CAElH"}
|
|
1
|
+
{"version":3,"file":"common.d.ts","sourceRoot":"","sources":["../../src/types/common.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,GAAG,EAAE,MAAM,qBAAqB,CAAA;AACvD,OAAO,EAAE,WAAW,EAAE,IAAI,EAAE,MAAM,cAAc,CAAA;AAChD,OAAO,EAAE,sBAAsB,EAAE,MAAM,2BAA2B,CAAA;AAClE,OAAO,EAAE,qBAAqB,EAAE,MAAM,0BAA0B,CAAA;AAEhE,MAAM,WAAW,OAAO;IACtB,GAAG,EAAE,GAAG,CAAA;IACR,aAAa,EAAE,MAAM,CAAA;CACtB;AAED,wBAAgB,eAAe,CAAC,UAAU,EAAE,qBAAqB,GAAG,sBAAsB,GAAG,UAAU,IAAI,WAAW,GAAG,MAAM,CAE9H;AAED,wBAAgB,aAAa,CAAC,UAAU,EAAE,qBAAqB,GAAG,sBAAsB,GAAG,UAAU,IAAI,WAAW,CAEnH;AAED,wBAAgB,eAAe,CAAC,UAAU,EAAE,qBAAqB,GAAG,sBAAsB,GAAG,UAAU,IAAI,GAAG,CAE7G;AAED,wBAAgB,yBAAyB,CAAC,UAAU,EAAE,qBAAqB,GAAG,sBAAsB,GAAG,UAAU,IAAI,MAAM,CAE1H;AAED,wBAAgB,mBAAmB,CAAC,UAAU,EAAE,qBAAqB,GAAG,sBAAsB,GAAG,UAAU,IAAI,MAAM,CAEpH;AAED,wBAAgB,eAAe,CAAC,UAAU,EAAE,qBAAqB,GAAG,sBAAsB,GAAG,UAAU,IAAI,MAAM,CAEhH;AAED,wBAAgB,wBAAwB,CAAC,UAAU,EAAE,qBAAqB,GAAG,sBAAsB,GAAG,UAAU,IAAI,MAAM,CAEzH;AAED,wBAAgB,eAAe,CAAC,UAAU,EAAE,qBAAqB,GAAG,UAAU,IAAI,IAAI,CAQrF;AAED,wBAAgB,mBAAmB,CAAC,UAAU,EAAE,qBAAqB,GAAG,UAAU,IAAI,YAAY,CAEjG;AAED,wBAAgB,wBAAwB,CAAC,UAAU,EAAE,qBAAqB,GAAG,UAAU,IAAI,YAAY,CAEtG;AAED,wBAAgB,eAAe,CAAC,UAAU,EAAE,qBAAqB,GAAG,sBAAsB,GAAG,UAAU,IAAI,MAAM,EAAE,CAElH"}
|
package/dist/types/common.js
CHANGED
|
@@ -9,6 +9,7 @@ exports.isKidIdentifier = isKidIdentifier;
|
|
|
9
9
|
exports.isOID4VCIssuerIdentifier = isOID4VCIssuerIdentifier;
|
|
10
10
|
exports.isKeyIdentifier = isKeyIdentifier;
|
|
11
11
|
exports.isCoseKeyIdentifier = isCoseKeyIdentifier;
|
|
12
|
+
exports.isOIDFEntityIdIdentifier = isOIDFEntityIdIdentifier;
|
|
12
13
|
exports.isX5cIdentifier = isX5cIdentifier;
|
|
13
14
|
function isDidIdentifier(identifier) {
|
|
14
15
|
return isIIdentifier(identifier) || (typeof identifier === 'string' && identifier.startsWith('did:'));
|
|
@@ -41,6 +42,9 @@ function isKeyIdentifier(identifier) {
|
|
|
41
42
|
function isCoseKeyIdentifier(identifier) {
|
|
42
43
|
return typeof identifier === 'object' && `kty` in identifier && ('baseIV' in identifier || 'x5chain' in identifier) && !('x5c' in identifier);
|
|
43
44
|
}
|
|
45
|
+
function isOIDFEntityIdIdentifier(identifier) {
|
|
46
|
+
return typeof identifier === 'string' && identifier.startsWith('https://');
|
|
47
|
+
}
|
|
44
48
|
function isX5cIdentifier(identifier) {
|
|
45
49
|
return Array.isArray(identifier) && identifier.length > 0; // todo: Do we want to do additional validation? We know it must be DER and thus hex for instance
|
|
46
50
|
}
|
package/dist/types/common.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"common.js","sourceRoot":"","sources":["../../src/types/common.ts"],"names":[],"mappings":";;AAUA,0CAEC;AAED,sCAEC;AAED,0CAEC;AAED,8DAEC;AAED,kDAEC;AAED,0CAEC;AAED,4DAEC;AAED,0CAQC;AAED,kDAEC;AAED,0CAEC;
|
|
1
|
+
{"version":3,"file":"common.js","sourceRoot":"","sources":["../../src/types/common.ts"],"names":[],"mappings":";;AAUA,0CAEC;AAED,sCAEC;AAED,0CAEC;AAED,8DAEC;AAED,kDAEC;AAED,0CAEC;AAED,4DAEC;AAED,0CAQC;AAED,kDAEC;AAED,4DAEC;AAED,0CAEC;AAhDD,SAAgB,eAAe,CAAC,UAA0D;IACxF,OAAO,aAAa,CAAC,UAAU,CAAC,IAAI,CAAC,OAAO,UAAU,KAAK,QAAQ,IAAI,UAAU,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAA;AACvG,CAAC;AAED,SAAgB,aAAa,CAAC,UAA0D;IACtF,OAAO,OAAO,UAAU,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,IAAI,KAAK,IAAI,UAAU,IAAI,MAAM,IAAI,UAAU,CAAA;AACpH,CAAC;AAED,SAAgB,eAAe,CAAC,UAA0D;IACxF,OAAO,OAAO,UAAU,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,IAAI,KAAK,IAAI,UAAU,CAAA;AAC5F,CAAC;AAED,SAAgB,yBAAyB,CAAC,UAA0D;IAClG,OAAO,OAAO,UAAU,KAAK,QAAQ,IAAI,UAAU,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,UAAU,CAAC,QAAQ,CAAC,mCAAmC,CAAC,CAAA;AACpI,CAAC;AAED,SAAgB,mBAAmB,CAAC,UAA0D;IAC5F,OAAO,OAAO,UAAU,KAAK,QAAQ,IAAI,UAAU,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,UAAU,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAA;AAC5G,CAAC;AAED,SAAgB,eAAe,CAAC,UAA0D;IACxF,OAAO,OAAO,UAAU,KAAK,QAAQ,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,MAAM,CAAC,CAAA;AAC3G,CAAC;AAED,SAAgB,wBAAwB,CAAC,UAA0D;IACjG,OAAO,OAAO,UAAU,KAAK,QAAQ,IAAI,UAAU,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,UAAU,CAAC,QAAQ,CAAC,uCAAuC,CAAC,CAAA;AACxI,CAAC;AAED,SAAgB,eAAe,CAAC,UAAiC;IAC/D,OAAO,CACL,OAAO,UAAU,KAAK,QAAQ;QAC9B,CAAC,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC;QAC1B,OAAO,UAAU,KAAK,QAAQ;QAC9B,KAAK,IAAI,UAAU;QACnB,cAAc,IAAI,UAAU,CAC7B,CAAA;AACH,CAAC;AAED,SAAgB,mBAAmB,CAAC,UAAiC;IACnE,OAAO,OAAO,UAAU,KAAK,QAAQ,IAAI,KAAK,IAAI,UAAU,IAAI,CAAC,QAAQ,IAAI,UAAU,IAAI,SAAS,IAAI,UAAU,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,UAAU,CAAC,CAAA;AAC/I,CAAC;AAED,SAAgB,wBAAwB,CAAC,UAAiC;IACxE,OAAO,OAAO,UAAU,KAAK,QAAQ,IAAI,UAAU,CAAC,UAAU,CAAC,UAAU,CAAC,CAAA;AAC5E,CAAC;AAED,SAAgB,eAAe,CAAC,UAA0D;IACxF,OAAO,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,CAAA,CAAC,iGAAiG;AAC7J,CAAC"}
|
|
@@ -24,7 +24,7 @@ export type ExternalIdentifierDidOpts = Omit<ExternalIdentifierOptsBase, 'method
|
|
|
24
24
|
resolverResolution?: boolean;
|
|
25
25
|
};
|
|
26
26
|
export declare function isExternalIdentifierDidOpts(opts: ExternalIdentifierOptsBase): opts is ExternalIdentifierDidOpts;
|
|
27
|
-
export type ExternalIdentifierOpts = (ExternalIdentifierJwkOpts | ExternalIdentifierX5cOpts | ExternalIdentifierDidOpts | ExternalIdentifierKidOpts | ExternalIdentifierCoseKeyOpts) & ExternalIdentifierOptsBase;
|
|
27
|
+
export type ExternalIdentifierOpts = (ExternalIdentifierJwkOpts | ExternalIdentifierX5cOpts | ExternalIdentifierDidOpts | ExternalIdentifierKidOpts | ExternalIdentifierCoseKeyOpts | ExternalIdentifierOIDFEntityIdOpts) & ExternalIdentifierOptsBase;
|
|
28
28
|
export type ExternalIdentifierKidOpts = Omit<ExternalIdentifierOptsBase, 'method'> & {
|
|
29
29
|
method?: 'kid';
|
|
30
30
|
identifier: string;
|
|
@@ -51,6 +51,12 @@ export type ExternalIdentifierJwksUrlOpts = Omit<ExternalIdentifierOptsBase, 'me
|
|
|
51
51
|
identifier: string;
|
|
52
52
|
};
|
|
53
53
|
export declare function isExternalIdentifierJwksUrlOpts(opts: ExternalIdentifierOptsBase): opts is ExternalIdentifierJwksUrlOpts;
|
|
54
|
+
export type ExternalIdentifierOIDFEntityIdOpts = Omit<ExternalIdentifierOptsBase, 'method'> & {
|
|
55
|
+
method?: 'entity_id';
|
|
56
|
+
identifier: string;
|
|
57
|
+
trustAnchors?: Array<string>;
|
|
58
|
+
};
|
|
59
|
+
export declare function isExternalIdentifierOIDFEntityIdOpts(opts: ExternalIdentifierOptsBase): opts is ExternalIdentifierCoseKeyOpts;
|
|
54
60
|
export type ExternalIdentifierX5cOpts = Omit<ExternalIdentifierOptsBase, 'method'> & X509CertificateChainValidationOpts & {
|
|
55
61
|
method?: 'x5c';
|
|
56
62
|
identifier: string[];
|
|
@@ -59,8 +65,8 @@ export type ExternalIdentifierX5cOpts = Omit<ExternalIdentifierOptsBase, 'method
|
|
|
59
65
|
trustAnchors?: string[];
|
|
60
66
|
};
|
|
61
67
|
export declare function isExternalIdentifierX5cOpts(opts: ExternalIdentifierOptsBase): opts is ExternalIdentifierX5cOpts;
|
|
62
|
-
export type ExternalIdentifierMethod = 'did' | 'jwk' | 'x5c' | 'kid' | 'cose_key' | 'oidc-discovery' | 'jwks-url' | 'oid4vci-issuer';
|
|
63
|
-
export type ExternalIdentifierResult = IExternalIdentifierResultBase & (ExternalIdentifierDidResult | ExternalIdentifierX5cResult | ExternalIdentifierJwkResult | ExternalIdentifierCoseKeyResult);
|
|
68
|
+
export type ExternalIdentifierMethod = 'did' | 'jwk' | 'x5c' | 'kid' | 'cose_key' | 'oidc-discovery' | 'jwks-url' | 'oid4vci-issuer' | 'entity_id';
|
|
69
|
+
export type ExternalIdentifierResult = IExternalIdentifierResultBase & (ExternalIdentifierDidResult | ExternalIdentifierX5cResult | ExternalIdentifierJwkResult | ExternalIdentifierOIDFEntityIdResult | ExternalIdentifierCoseKeyResult);
|
|
64
70
|
export interface IExternalIdentifierResultBase {
|
|
65
71
|
method: ExternalIdentifierMethod;
|
|
66
72
|
jwks: Array<ExternalJwkInfo>;
|
|
@@ -82,6 +88,15 @@ export interface ExternalIdentifierX5cResult extends IExternalIdentifierResultBa
|
|
|
82
88
|
verificationResult?: X509ValidationResult;
|
|
83
89
|
certificates: any[];
|
|
84
90
|
}
|
|
91
|
+
export type TrustedAnchor = string;
|
|
92
|
+
export type PublicKeyHex = string;
|
|
93
|
+
export type ErrorMessage = string;
|
|
94
|
+
export interface ExternalIdentifierOIDFEntityIdResult extends IExternalIdentifierResultBase {
|
|
95
|
+
method: 'entity_id';
|
|
96
|
+
trustedAnchors: Record<TrustedAnchor, PublicKeyHex>;
|
|
97
|
+
errorList?: Record<TrustedAnchor, ErrorMessage>;
|
|
98
|
+
trustEstablished: boolean;
|
|
99
|
+
}
|
|
85
100
|
export interface ExternalJwkInfo extends JwkInfo {
|
|
86
101
|
kid?: string;
|
|
87
102
|
publicKeyHex: string;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"externalIdentifierTypes.d.ts","sourceRoot":"","sources":["../../src/types/externalIdentifierTypes.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,iCAAiC,CAAA;AACjE,OAAO,EAAE,YAAY,EAAE,GAAG,EAAE,MAAM,qBAAqB,CAAA;AACvD,OAAO,EAAE,kCAAkC,EAAE,oBAAoB,EAAE,MAAM,kCAAkC,CAAA;AAC3G,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAA;AAChD,OAAO,EAAE,WAAW,EAAE,kBAAkB,EAAE,mBAAmB,EAAE,MAAM,cAAc,CAAA;AACnF,OAAO,EAQL,OAAO,EACR,MAAM,UAAU,CAAA;AAEjB;;;;GAIG;AACH,MAAM,MAAM,sBAAsB,GAAG,MAAM,GAAG,MAAM,EAAE,GAAG,GAAG,CAAA;AAE5D,MAAM,MAAM,0BAA0B,GAAG;IACvC,MAAM,CAAC,EAAE,wBAAwB,CAAA;IACjC,UAAU,EAAE,sBAAsB,CAAA;CACnC,CAAA;AAED,MAAM,MAAM,yBAAyB,GAAG,IAAI,CAAC,0BAA0B,EAAE,QAAQ,CAAC,GAAG;IACnF,MAAM,CAAC,EAAE,KAAK,CAAA;IACd,UAAU,EAAE,MAAM,CAAA;IAClB,4BAA4B,CAAC,EAAE,OAAO,CAAA;IACtC,cAAc,CAAC,EAAE,kBAAkB,CAAA;IACnC,eAAe,CAAC,EAAE,OAAO,CAAA;IACzB,qBAAqB,CAAC,EAAE,OAAO,CAAA;IAC/B,kBAAkB,CAAC,EAAE,OAAO,CAAA;CAC7B,CAAA;AAED,wBAAgB,2BAA2B,CAAC,IAAI,EAAE,0BAA0B,GAAG,IAAI,IAAI,yBAAyB,CAG/G;AAED,MAAM,MAAM,sBAAsB,GAAG,CACjC,yBAAyB,GACzB,yBAAyB,GACzB,yBAAyB,GACzB,yBAAyB,GACzB,6BAA6B,
|
|
1
|
+
{"version":3,"file":"externalIdentifierTypes.d.ts","sourceRoot":"","sources":["../../src/types/externalIdentifierTypes.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,iCAAiC,CAAA;AACjE,OAAO,EAAE,YAAY,EAAE,GAAG,EAAE,MAAM,qBAAqB,CAAA;AACvD,OAAO,EAAE,kCAAkC,EAAE,oBAAoB,EAAE,MAAM,kCAAkC,CAAA;AAC3G,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAA;AAChD,OAAO,EAAE,WAAW,EAAE,kBAAkB,EAAE,mBAAmB,EAAE,MAAM,cAAc,CAAA;AACnF,OAAO,EAQL,OAAO,EACR,MAAM,UAAU,CAAA;AAEjB;;;;GAIG;AACH,MAAM,MAAM,sBAAsB,GAAG,MAAM,GAAG,MAAM,EAAE,GAAG,GAAG,CAAA;AAE5D,MAAM,MAAM,0BAA0B,GAAG;IACvC,MAAM,CAAC,EAAE,wBAAwB,CAAA;IACjC,UAAU,EAAE,sBAAsB,CAAA;CACnC,CAAA;AAED,MAAM,MAAM,yBAAyB,GAAG,IAAI,CAAC,0BAA0B,EAAE,QAAQ,CAAC,GAAG;IACnF,MAAM,CAAC,EAAE,KAAK,CAAA;IACd,UAAU,EAAE,MAAM,CAAA;IAClB,4BAA4B,CAAC,EAAE,OAAO,CAAA;IACtC,cAAc,CAAC,EAAE,kBAAkB,CAAA;IACnC,eAAe,CAAC,EAAE,OAAO,CAAA;IACzB,qBAAqB,CAAC,EAAE,OAAO,CAAA;IAC/B,kBAAkB,CAAC,EAAE,OAAO,CAAA;CAC7B,CAAA;AAED,wBAAgB,2BAA2B,CAAC,IAAI,EAAE,0BAA0B,GAAG,IAAI,IAAI,yBAAyB,CAG/G;AAED,MAAM,MAAM,sBAAsB,GAAG,CACjC,yBAAyB,GACzB,yBAAyB,GACzB,yBAAyB,GACzB,yBAAyB,GACzB,6BAA6B,GAC7B,kCAAkC,CACrC,GACC,0BAA0B,CAAA;AAE5B,MAAM,MAAM,yBAAyB,GAAG,IAAI,CAAC,0BAA0B,EAAE,QAAQ,CAAC,GAAG;IACnF,MAAM,CAAC,EAAE,KAAK,CAAA;IACd,UAAU,EAAE,MAAM,CAAA;CACnB,CAAA;AAED,wBAAgB,2BAA2B,CAAC,IAAI,EAAE,0BAA0B,GAAG,IAAI,IAAI,yBAAyB,CAG/G;AAED,MAAM,MAAM,yBAAyB,GAAG,IAAI,CAAC,0BAA0B,EAAE,QAAQ,CAAC,GAAG;IACnF,MAAM,CAAC,EAAE,KAAK,CAAA;IACd,UAAU,EAAE,GAAG,CAAA;IACf,GAAG,CAAC,EAAE,yBAAyB,CAAA;CAChC,CAAA;AAED,wBAAgB,2BAA2B,CAAC,IAAI,EAAE,0BAA0B,GAAG,IAAI,IAAI,yBAAyB,CAG/G;AAED,MAAM,MAAM,6BAA6B,GAAG,IAAI,CAAC,0BAA0B,EAAE,QAAQ,CAAC,GAAG;IACvF,MAAM,CAAC,EAAE,UAAU,CAAA;IACnB,UAAU,EAAE,YAAY,CAAA;CACzB,CAAA;AAED,wBAAgB,+BAA+B,CAAC,IAAI,EAAE,0BAA0B,GAAG,IAAI,IAAI,6BAA6B,CAGvH;AAED,MAAM,MAAM,mCAAmC,GAAG,IAAI,CAAC,0BAA0B,EAAE,QAAQ,CAAC,GAAG;IAC7F,MAAM,CAAC,EAAE,gBAAgB,CAAA;IACzB,UAAU,EAAE,MAAM,CAAA;CACnB,CAAA;AAED,wBAAgB,qCAAqC,CAAC,IAAI,EAAE,0BAA0B,GAAG,IAAI,IAAI,yBAAyB,CAGzH;AAED,MAAM,MAAM,6BAA6B,GAAG,IAAI,CAAC,0BAA0B,EAAE,QAAQ,CAAC,GAAG;IACvF,MAAM,CAAC,EAAE,UAAU,CAAA;IACnB,UAAU,EAAE,MAAM,CAAA;CACnB,CAAA;AAED,wBAAgB,+BAA+B,CAAC,IAAI,EAAE,0BAA0B,GAAG,IAAI,IAAI,6BAA6B,CAGvH;AAED,MAAM,MAAM,kCAAkC,GAAG,IAAI,CAAC,0BAA0B,EAAE,QAAQ,CAAC,GAAG;IAC5F,MAAM,CAAC,EAAE,WAAW,CAAA;IACpB,UAAU,EAAE,MAAM,CAAA;IAClB,YAAY,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAA;CAC7B,CAAA;AAED,wBAAgB,oCAAoC,CAAC,IAAI,EAAE,0BAA0B,GAAG,IAAI,IAAI,6BAA6B,CAG5H;AAED,MAAM,MAAM,yBAAyB,GAAG,IAAI,CAAC,0BAA0B,EAAE,QAAQ,CAAC,GAChF,kCAAkC,GAAG;IACnC,MAAM,CAAC,EAAE,KAAK,CAAA;IACd,UAAU,EAAE,MAAM,EAAE,CAAA;IACpB,MAAM,CAAC,EAAE,OAAO,CAAA;IAChB,gBAAgB,CAAC,EAAE,IAAI,CAAA;IACvB,YAAY,CAAC,EAAE,MAAM,EAAE,CAAA;CACxB,CAAA;AAEH,wBAAgB,2BAA2B,CAAC,IAAI,EAAE,0BAA0B,GAAG,IAAI,IAAI,yBAAyB,CAG/G;AAED,MAAM,MAAM,wBAAwB,GAAG,KAAK,GAAG,KAAK,GAAG,KAAK,GAAG,KAAK,GAAG,UAAU,GAAG,gBAAgB,GAAG,UAAU,GAAG,gBAAgB,GAAG,WAAW,CAAA;AAElJ,MAAM,MAAM,wBAAwB,GAAG,6BAA6B,GAClE,CAAC,2BAA2B,GAAG,2BAA2B,GAAG,2BAA2B,GAAG,oCAAoC,GAAG,+BAA+B,CAAE,CAAA;AAErK,MAAM,WAAW,6BAA6B;IAC5C,MAAM,EAAE,wBAAwB,CAAA;IAChC,IAAI,EAAE,KAAK,CAAC,eAAe,CAAC,CAAA;CAC7B;AAED,MAAM,WAAW,2BAA4B,SAAQ,6BAA6B;IAChF,MAAM,EAAE,KAAK,CAAA;IACb,GAAG,EAAE,GAAG,CAAA;IACR,GAAG,CAAC,EAAE,2BAA2B,CAAA;CAClC;AAED,MAAM,WAAW,+BAAgC,SAAQ,6BAA6B;IACpF,MAAM,EAAE,UAAU,CAAA;IAClB,OAAO,EAAE,YAAY,CAAA;IACrB,GAAG,CAAC,EAAE,2BAA2B,CAAA;CAClC;AAED,MAAM,WAAW,2BAA4B,SAAQ,6BAA6B;IAChF,MAAM,EAAE,KAAK,CAAA;IACb,GAAG,EAAE,MAAM,EAAE,CAAA;IACb,SAAS,EAAE,GAAG,CAAA;IACd,kBAAkB,CAAC,EAAE,oBAAoB,CAAA;IACzC,YAAY,EAAE,GAAG,EAAE,CAAA;CACpB;AAED,MAAM,MAAM,aAAa,GAAG,MAAM,CAAA;AAClC,MAAM,MAAM,YAAY,GAAG,MAAM,CAAA;AACjC,MAAM,MAAM,YAAY,GAAG,MAAM,CAAA;AAEjC,MAAM,WAAW,oCAAqC,SAAQ,6BAA6B;IACzF,MAAM,EAAE,WAAW,CAAA;IACnB,cAAc,EAAE,MAAM,CAAC,aAAa,EAAE,YAAY,CAAC,CAAA;IACnD,SAAS,CAAC,EAAE,MAAM,CAAC,aAAa,EAAE,YAAY,CAAC,CAAA;IAC/C,gBAAgB,EAAE,OAAO,CAAA;CAC1B;AAED,MAAM,WAAW,eAAgB,SAAQ,OAAO;IAC9C,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,YAAY,EAAE,MAAM,CAAA;CACrB;AAED,MAAM,WAAW,2BAA4B,SAAQ,6BAA6B;IAChF,MAAM,EAAE,KAAK,CAAA;IACb,GAAG,EAAE,MAAM,CAAA;IACX,WAAW,CAAC,EAAE,WAAW,CAAA;IACzB,OAAO,CAAC,EAAE,eAAe,CAAA;IACzB,mBAAmB,EAAE,IAAI,CAAC,mBAAmB,EAAE,aAAa,CAAC,CAAA;IAC7D,SAAS,EAAE,UAAU,CAAA;CACtB"}
|
|
@@ -6,6 +6,7 @@ exports.isExternalIdentifierJwkOpts = isExternalIdentifierJwkOpts;
|
|
|
6
6
|
exports.isExternalIdentifierCoseKeyOpts = isExternalIdentifierCoseKeyOpts;
|
|
7
7
|
exports.isExternalIdentifierOidcDiscoveryOpts = isExternalIdentifierOidcDiscoveryOpts;
|
|
8
8
|
exports.isExternalIdentifierJwksUrlOpts = isExternalIdentifierJwksUrlOpts;
|
|
9
|
+
exports.isExternalIdentifierOIDFEntityIdOpts = isExternalIdentifierOIDFEntityIdOpts;
|
|
9
10
|
exports.isExternalIdentifierX5cOpts = isExternalIdentifierX5cOpts;
|
|
10
11
|
const common_1 = require("./common");
|
|
11
12
|
function isExternalIdentifierDidOpts(opts) {
|
|
@@ -32,6 +33,10 @@ function isExternalIdentifierJwksUrlOpts(opts) {
|
|
|
32
33
|
const { identifier } = opts;
|
|
33
34
|
return ('method' in opts && opts.method === 'oidc-discovery') || (0, common_1.isJwksUrlIdentifier)(identifier);
|
|
34
35
|
}
|
|
36
|
+
function isExternalIdentifierOIDFEntityIdOpts(opts) {
|
|
37
|
+
const { identifier } = opts;
|
|
38
|
+
return ('method' in opts && opts.method === 'entity_id' || 'trustAnchors' in opts) && (0, common_1.isOIDFEntityIdIdentifier)(identifier);
|
|
39
|
+
}
|
|
35
40
|
function isExternalIdentifierX5cOpts(opts) {
|
|
36
41
|
const { identifier } = opts;
|
|
37
42
|
return ('method' in opts && opts.method === 'x5c') || (0, common_1.isX5cIdentifier)(identifier);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"externalIdentifierTypes.js","sourceRoot":"","sources":["../../src/types/externalIdentifierTypes.ts"],"names":[],"mappings":";;AAsCA,kEAGC;
|
|
1
|
+
{"version":3,"file":"externalIdentifierTypes.js","sourceRoot":"","sources":["../../src/types/externalIdentifierTypes.ts"],"names":[],"mappings":";;AAsCA,kEAGC;AAiBD,kEAGC;AAQD,kEAGC;AAOD,0EAGC;AAOD,sFAGC;AAOD,0EAGC;AAQD,oFAGC;AAWD,kEAGC;AA1HD,qCASiB;AAwBjB,SAAgB,2BAA2B,CAAC,IAAgC;IAC1E,MAAM,EAAE,UAAU,EAAE,GAAG,IAAI,CAAA;IAC3B,OAAO,CAAC,QAAQ,IAAI,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,KAAK,CAAC,IAAI,IAAA,wBAAe,EAAC,UAAU,CAAC,CAAA;AACnF,CAAC;AAiBD,SAAgB,2BAA2B,CAAC,IAAgC;IAC1E,MAAM,EAAE,UAAU,EAAE,GAAG,IAAI,CAAA;IAC3B,OAAO,CAAC,QAAQ,IAAI,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,KAAK,CAAC,IAAI,IAAA,wBAAe,EAAC,UAAU,CAAC,CAAA;AACnF,CAAC;AAQD,SAAgB,2BAA2B,CAAC,IAAgC;IAC1E,MAAM,EAAE,UAAU,EAAE,GAAG,IAAI,CAAA;IAC3B,OAAO,CAAC,QAAQ,IAAI,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,KAAK,CAAC,IAAI,IAAA,wBAAe,EAAC,UAAU,CAAC,CAAA;AACnF,CAAC;AAOD,SAAgB,+BAA+B,CAAC,IAAgC;IAC9E,MAAM,EAAE,UAAU,EAAE,GAAG,IAAI,CAAA;IAC3B,OAAO,CAAC,QAAQ,IAAI,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,UAAU,CAAC,IAAI,IAAA,4BAAmB,EAAC,UAAU,CAAC,CAAA;AAC5F,CAAC;AAOD,SAAgB,qCAAqC,CAAC,IAAgC;IACpF,MAAM,EAAE,UAAU,EAAE,GAAG,IAAI,CAAA;IAC3B,OAAO,CAAC,QAAQ,IAAI,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,gBAAgB,CAAC,IAAI,IAAA,kCAAyB,EAAC,UAAU,CAAC,CAAA;AACxG,CAAC;AAOD,SAAgB,+BAA+B,CAAC,IAAgC;IAC9E,MAAM,EAAE,UAAU,EAAE,GAAG,IAAI,CAAA;IAC3B,OAAO,CAAC,QAAQ,IAAI,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,gBAAgB,CAAC,IAAI,IAAA,4BAAmB,EAAC,UAAU,CAAC,CAAA;AAClG,CAAC;AAQD,SAAgB,oCAAoC,CAAC,IAAgC;IACnF,MAAM,EAAE,UAAU,EAAE,GAAG,IAAI,CAAA;IAC3B,OAAO,CAAC,QAAQ,IAAI,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,WAAW,IAAI,cAAc,IAAI,IAAI,CAAC,IAAI,IAAA,iCAAwB,EAAC,UAAU,CAAC,CAAA;AAC5H,CAAC;AAWD,SAAgB,2BAA2B,CAAC,IAAgC;IAC1E,MAAM,EAAE,UAAU,EAAE,GAAG,IAAI,CAAA;IAC3B,OAAO,CAAC,QAAQ,IAAI,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,KAAK,CAAC,IAAI,IAAA,wBAAe,EAAC,UAAU,CAAC,CAAA;AACnF,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@sphereon/ssi-sdk-ext.identifier-resolution",
|
|
3
|
-
"version": "0.25.
|
|
3
|
+
"version": "0.25.1-feature.SDK.41.oidf.support.11+ec533ab",
|
|
4
4
|
"source": "src/index.ts",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"types": "dist/index.d.ts",
|
|
@@ -15,11 +15,12 @@
|
|
|
15
15
|
"generate-plugin-schema": "sphereon dev generate-plugin-schema"
|
|
16
16
|
},
|
|
17
17
|
"dependencies": {
|
|
18
|
-
"@sphereon/ssi-sdk-ext.did-utils": "0.25.
|
|
19
|
-
"@sphereon/ssi-sdk-ext.key-utils": "0.25.
|
|
20
|
-
"@sphereon/ssi-sdk-ext.x509-utils": "0.25.
|
|
21
|
-
"@sphereon/ssi-sdk.agent-config": "0.30.
|
|
22
|
-
"@sphereon/ssi-
|
|
18
|
+
"@sphereon/ssi-sdk-ext.did-utils": "0.25.1-feature.SDK.41.oidf.support.11+ec533ab",
|
|
19
|
+
"@sphereon/ssi-sdk-ext.key-utils": "0.25.1-feature.SDK.41.oidf.support.11+ec533ab",
|
|
20
|
+
"@sphereon/ssi-sdk-ext.x509-utils": "0.25.1-feature.SDK.41.oidf.support.11+ec533ab",
|
|
21
|
+
"@sphereon/ssi-sdk.agent-config": "0.30.2-feature.SDK.41.oidf.support.286",
|
|
22
|
+
"@sphereon/ssi-sdk.oidf-client": " 0.30.2-feature.SDK.41.oidf.support.286",
|
|
23
|
+
"@sphereon/ssi-types": "0.30.2-feature.SDK.41.oidf.support.286",
|
|
23
24
|
"@veramo/core": "4.2.0",
|
|
24
25
|
"@veramo/utils": "4.2.0",
|
|
25
26
|
"debug": "^4.3.4",
|
|
@@ -27,11 +28,11 @@
|
|
|
27
28
|
"uint8arrays": "^3.1.1"
|
|
28
29
|
},
|
|
29
30
|
"devDependencies": {
|
|
30
|
-
"@sphereon/ssi-sdk-ext.did-provider-jwk": "0.25.
|
|
31
|
-
"@sphereon/ssi-sdk-ext.did-resolver-jwk": "0.25.
|
|
32
|
-
"@sphereon/ssi-sdk-ext.key-manager": "0.25.
|
|
33
|
-
"@sphereon/ssi-sdk-ext.kms-local": "0.25.
|
|
34
|
-
"@sphereon/ssi-sdk.dev": "0.30.
|
|
31
|
+
"@sphereon/ssi-sdk-ext.did-provider-jwk": "0.25.1-feature.SDK.41.oidf.support.11+ec533ab",
|
|
32
|
+
"@sphereon/ssi-sdk-ext.did-resolver-jwk": "0.25.1-feature.SDK.41.oidf.support.11+ec533ab",
|
|
33
|
+
"@sphereon/ssi-sdk-ext.key-manager": "0.25.1-feature.SDK.41.oidf.support.11+ec533ab",
|
|
34
|
+
"@sphereon/ssi-sdk-ext.kms-local": "0.25.1-feature.SDK.41.oidf.support.11+ec533ab",
|
|
35
|
+
"@sphereon/ssi-sdk.dev": "0.30.2-feature.SDK.41.oidf.support.286",
|
|
35
36
|
"@veramo/data-store": "4.2.0",
|
|
36
37
|
"@veramo/did-manager": "4.2.0",
|
|
37
38
|
"@veramo/did-resolver": "4.2.0",
|
|
@@ -64,5 +65,5 @@
|
|
|
64
65
|
"X.509 Certificates",
|
|
65
66
|
"ARF"
|
|
66
67
|
],
|
|
67
|
-
"gitHead": "
|
|
68
|
+
"gitHead": "ec533abeb8c9ef6112970169fe26b4beab3c94de"
|
|
68
69
|
}
|
package/plugin.schema.json
CHANGED
|
@@ -136,6 +136,27 @@
|
|
|
136
136
|
"required": [
|
|
137
137
|
"identifier"
|
|
138
138
|
]
|
|
139
|
+
},
|
|
140
|
+
{
|
|
141
|
+
"type": "object",
|
|
142
|
+
"properties": {
|
|
143
|
+
"method": {
|
|
144
|
+
"type": "string",
|
|
145
|
+
"const": "entity_id"
|
|
146
|
+
},
|
|
147
|
+
"identifier": {
|
|
148
|
+
"$ref": "#/components/schemas/ExternalIdentifierType"
|
|
149
|
+
},
|
|
150
|
+
"trustAnchors": {
|
|
151
|
+
"type": "array",
|
|
152
|
+
"items": {
|
|
153
|
+
"type": "string"
|
|
154
|
+
}
|
|
155
|
+
}
|
|
156
|
+
},
|
|
157
|
+
"required": [
|
|
158
|
+
"identifier"
|
|
159
|
+
]
|
|
139
160
|
}
|
|
140
161
|
]
|
|
141
162
|
},
|
|
@@ -606,6 +627,41 @@
|
|
|
606
627
|
"method"
|
|
607
628
|
]
|
|
608
629
|
},
|
|
630
|
+
{
|
|
631
|
+
"type": "object",
|
|
632
|
+
"properties": {
|
|
633
|
+
"method": {
|
|
634
|
+
"$ref": "#/components/schemas/ExternalIdentifierMethod"
|
|
635
|
+
},
|
|
636
|
+
"jwks": {
|
|
637
|
+
"type": "array",
|
|
638
|
+
"items": {
|
|
639
|
+
"$ref": "#/components/schemas/ExternalJwkInfo"
|
|
640
|
+
}
|
|
641
|
+
},
|
|
642
|
+
"trustedAnchors": {
|
|
643
|
+
"type": "object",
|
|
644
|
+
"additionalProperties": {
|
|
645
|
+
"$ref": "#/components/schemas/PublicKeyHex"
|
|
646
|
+
}
|
|
647
|
+
},
|
|
648
|
+
"errorList": {
|
|
649
|
+
"type": "object",
|
|
650
|
+
"additionalProperties": {
|
|
651
|
+
"$ref": "#/components/schemas/ErrorMessage"
|
|
652
|
+
}
|
|
653
|
+
},
|
|
654
|
+
"trustEstablished": {
|
|
655
|
+
"type": "boolean"
|
|
656
|
+
}
|
|
657
|
+
},
|
|
658
|
+
"required": [
|
|
659
|
+
"jwks",
|
|
660
|
+
"method",
|
|
661
|
+
"trustEstablished",
|
|
662
|
+
"trustedAnchors"
|
|
663
|
+
]
|
|
664
|
+
},
|
|
609
665
|
{
|
|
610
666
|
"type": "object",
|
|
611
667
|
"properties": {
|
|
@@ -643,7 +699,8 @@
|
|
|
643
699
|
"cose_key",
|
|
644
700
|
"oidc-discovery",
|
|
645
701
|
"jwks-url",
|
|
646
|
-
"oid4vci-issuer"
|
|
702
|
+
"oid4vci-issuer",
|
|
703
|
+
"entity_id"
|
|
647
704
|
]
|
|
648
705
|
},
|
|
649
706
|
"ExternalJwkInfo": {
|
|
@@ -1295,6 +1352,12 @@
|
|
|
1295
1352
|
"x5c"
|
|
1296
1353
|
]
|
|
1297
1354
|
},
|
|
1355
|
+
"PublicKeyHex": {
|
|
1356
|
+
"type": "string"
|
|
1357
|
+
},
|
|
1358
|
+
"ErrorMessage": {
|
|
1359
|
+
"type": "string"
|
|
1360
|
+
},
|
|
1298
1361
|
"ICoseKeyJson": {
|
|
1299
1362
|
"type": "object",
|
|
1300
1363
|
"properties": {
|
|
@@ -1577,6 +1640,63 @@
|
|
|
1577
1640
|
"method"
|
|
1578
1641
|
]
|
|
1579
1642
|
},
|
|
1643
|
+
"ExternalIdentifierOIDFEntityIdOpts": {
|
|
1644
|
+
"type": "object",
|
|
1645
|
+
"properties": {
|
|
1646
|
+
"method": {
|
|
1647
|
+
"type": "string",
|
|
1648
|
+
"const": "entity_id"
|
|
1649
|
+
},
|
|
1650
|
+
"identifier": {
|
|
1651
|
+
"$ref": "#/components/schemas/ExternalIdentifierType"
|
|
1652
|
+
},
|
|
1653
|
+
"trustAnchors": {
|
|
1654
|
+
"type": "array",
|
|
1655
|
+
"items": {
|
|
1656
|
+
"type": "string"
|
|
1657
|
+
}
|
|
1658
|
+
}
|
|
1659
|
+
},
|
|
1660
|
+
"required": [
|
|
1661
|
+
"identifier"
|
|
1662
|
+
]
|
|
1663
|
+
},
|
|
1664
|
+
"ExternalIdentifierOIDFEntityIdResult": {
|
|
1665
|
+
"type": "object",
|
|
1666
|
+
"properties": {
|
|
1667
|
+
"method": {
|
|
1668
|
+
"type": "string",
|
|
1669
|
+
"const": "entity_id"
|
|
1670
|
+
},
|
|
1671
|
+
"jwks": {
|
|
1672
|
+
"type": "array",
|
|
1673
|
+
"items": {
|
|
1674
|
+
"$ref": "#/components/schemas/ExternalJwkInfo"
|
|
1675
|
+
}
|
|
1676
|
+
},
|
|
1677
|
+
"trustedAnchors": {
|
|
1678
|
+
"type": "object",
|
|
1679
|
+
"additionalProperties": {
|
|
1680
|
+
"$ref": "#/components/schemas/PublicKeyHex"
|
|
1681
|
+
}
|
|
1682
|
+
},
|
|
1683
|
+
"errorList": {
|
|
1684
|
+
"type": "object",
|
|
1685
|
+
"additionalProperties": {
|
|
1686
|
+
"$ref": "#/components/schemas/ErrorMessage"
|
|
1687
|
+
}
|
|
1688
|
+
},
|
|
1689
|
+
"trustEstablished": {
|
|
1690
|
+
"type": "boolean"
|
|
1691
|
+
}
|
|
1692
|
+
},
|
|
1693
|
+
"required": [
|
|
1694
|
+
"jwks",
|
|
1695
|
+
"method",
|
|
1696
|
+
"trustEstablished",
|
|
1697
|
+
"trustedAnchors"
|
|
1698
|
+
]
|
|
1699
|
+
},
|
|
1580
1700
|
"ManagedIdentifierOptsOrResult": {
|
|
1581
1701
|
"anyOf": [
|
|
1582
1702
|
{
|
|
@@ -4116,6 +4236,15 @@
|
|
|
4116
4236
|
"$ref": "#/components/schemas/ExternalIdentifierJwkResult"
|
|
4117
4237
|
}
|
|
4118
4238
|
},
|
|
4239
|
+
"identifierExternalResolveByOIDFEntityId": {
|
|
4240
|
+
"description": "",
|
|
4241
|
+
"arguments": {
|
|
4242
|
+
"$ref": "#/components/schemas/ExternalIdentifierOIDFEntityIdOpts"
|
|
4243
|
+
},
|
|
4244
|
+
"returnType": {
|
|
4245
|
+
"$ref": "#/components/schemas/ExternalIdentifierOIDFEntityIdResult"
|
|
4246
|
+
}
|
|
4247
|
+
},
|
|
4119
4248
|
"identifierExternalResolveByX5c": {
|
|
4120
4249
|
"description": "",
|
|
4121
4250
|
"arguments": {
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { IAgentContext, IAgentPlugin, IDIDManager, IKeyManager } from '@veramo/core'
|
|
2
|
-
import { schema } from '..'
|
|
2
|
+
import { ExternalIdentifierOIDFEntityIdOpts, ExternalIdentifierOIDFEntityIdResult, schema } from '..'
|
|
3
3
|
import { resolveExternalIdentifier, ensureManagedIdentifierResult } from '../functions'
|
|
4
4
|
import {
|
|
5
5
|
ExternalIdentifierDidOpts,
|
|
@@ -30,6 +30,7 @@ import {
|
|
|
30
30
|
ManagedIdentifierOptsOrResult,
|
|
31
31
|
ManagedIdentifierOID4VCIssuerOpts
|
|
32
32
|
} from '../types'
|
|
33
|
+
import { IOIDFClient } from '@sphereon/ssi-sdk.oidf-client'
|
|
33
34
|
|
|
34
35
|
/**
|
|
35
36
|
* @public
|
|
@@ -53,6 +54,7 @@ export class IdentifierResolution implements IAgentPlugin {
|
|
|
53
54
|
identifierExternalResolveByX5c: this.identifierExternalResolveByX5c.bind(this),
|
|
54
55
|
identifierExternalResolveByJwk: this.identifierExternalResolveByJwk.bind(this),
|
|
55
56
|
identifierExternalResolveByCoseKey: this.identifierExternalResolveByCoseKey.bind(this),
|
|
57
|
+
identifierExternalResolveByOIDFEntityId: this.identifierExternalResolveByOIDFEntityId.bind(this),
|
|
56
58
|
|
|
57
59
|
// todo: JWKSet, oidc-discovery, oid4vci-issuer etc. Anything we already can resolve and need keys of
|
|
58
60
|
}
|
|
@@ -127,7 +129,7 @@ export class IdentifierResolution implements IAgentPlugin {
|
|
|
127
129
|
return (await this.identifierGetManaged({ ...args, method: 'x5c' }, context)) as ManagedIdentifierX5cResult
|
|
128
130
|
}
|
|
129
131
|
|
|
130
|
-
private async identifierResolveExternal(args: ExternalIdentifierOpts, context: IAgentContext<IKeyManager>): Promise<ExternalIdentifierResult> {
|
|
132
|
+
private async identifierResolveExternal(args: ExternalIdentifierOpts, context: IAgentContext<IKeyManager | IOIDFClient>): Promise<ExternalIdentifierResult> {
|
|
131
133
|
return await resolveExternalIdentifier({ ...args, crypto: this._crypto }, context)
|
|
132
134
|
}
|
|
133
135
|
|
|
@@ -145,7 +147,12 @@ export class IdentifierResolution implements IAgentPlugin {
|
|
|
145
147
|
): Promise<ExternalIdentifierCoseKeyResult> {
|
|
146
148
|
return (await this.identifierResolveExternal({ ...args, method: 'cose_key' }, context)) as ExternalIdentifierCoseKeyResult
|
|
147
149
|
}
|
|
150
|
+
|
|
148
151
|
private async identifierExternalResolveByJwk(args: ExternalIdentifierJwkOpts, context: IAgentContext<any>): Promise<ExternalIdentifierJwkResult> {
|
|
149
152
|
return (await this.identifierResolveExternal({ ...args, method: 'jwk' }, context)) as ExternalIdentifierJwkResult
|
|
150
153
|
}
|
|
154
|
+
|
|
155
|
+
private async identifierExternalResolveByOIDFEntityId(args: ExternalIdentifierOIDFEntityIdOpts, context: IAgentContext<IOIDFClient>): Promise<ExternalIdentifierOIDFEntityIdResult> {
|
|
156
|
+
return (await this.identifierResolveExternal({ ...args, method: 'entity_id' }, context)) as ExternalIdentifierOIDFEntityIdResult
|
|
157
|
+
}
|
|
151
158
|
}
|
|
@@ -31,8 +31,11 @@ import {
|
|
|
31
31
|
isExternalIdentifierJwksUrlOpts,
|
|
32
32
|
isExternalIdentifierKidOpts,
|
|
33
33
|
isExternalIdentifierOidcDiscoveryOpts,
|
|
34
|
+
isExternalIdentifierOIDFEntityIdOpts,
|
|
34
35
|
isExternalIdentifierX5cOpts,
|
|
35
36
|
} from '../types'
|
|
37
|
+
import { resolveExternalOIDFEntityIdIdentifier } from '.'
|
|
38
|
+
|
|
36
39
|
|
|
37
40
|
export async function resolveExternalIdentifier(
|
|
38
41
|
opts: ExternalIdentifierOpts & {
|
|
@@ -49,13 +52,15 @@ export async function resolveExternalIdentifier(
|
|
|
49
52
|
return resolveExternalJwkIdentifier(opts, context)
|
|
50
53
|
} else if (isExternalIdentifierCoseKeyOpts(opts)) {
|
|
51
54
|
return resolveExternalCoseKeyIdentifier(opts, context)
|
|
55
|
+
} else if (isExternalIdentifierOIDFEntityIdOpts(opts)) {
|
|
56
|
+
return resolveExternalOIDFEntityIdIdentifier(opts, context)
|
|
52
57
|
} else if (isExternalIdentifierKidOpts(opts)) {
|
|
53
58
|
method = 'kid'
|
|
54
59
|
} else if (isExternalIdentifierJwksUrlOpts(opts)) {
|
|
55
60
|
method = 'jwks-url'
|
|
56
61
|
} else if (isExternalIdentifierOidcDiscoveryOpts(opts)) {
|
|
57
62
|
method = 'oidc-discovery'
|
|
58
|
-
}
|
|
63
|
+
}
|
|
59
64
|
throw Error(`External resolution method ${method} is not yet implemented`)
|
|
60
65
|
}
|
|
61
66
|
|
|
@@ -0,0 +1,95 @@
|
|
|
1
|
+
import {
|
|
2
|
+
ErrorMessage,
|
|
3
|
+
ExternalIdentifierOIDFEntityIdOpts,
|
|
4
|
+
ExternalIdentifierOIDFEntityIdResult, ExternalJwkInfo,
|
|
5
|
+
PublicKeyHex,
|
|
6
|
+
TrustedAnchor,
|
|
7
|
+
} from '../types'
|
|
8
|
+
import { IAgentContext } from '@veramo/core'
|
|
9
|
+
import { IOIDFClient } from '@sphereon/ssi-sdk.oidf-client'
|
|
10
|
+
import { contextHasPlugin } from '@sphereon/ssi-sdk.agent-config'
|
|
11
|
+
import { JWK } from '@sphereon/ssi-types'
|
|
12
|
+
import { IJwsValidationResult, VerifyJwsArgs } from '../types/IJwtService'
|
|
13
|
+
|
|
14
|
+
/**
|
|
15
|
+
* Resolves an OIDF Entity ID against multiple trust anchors to establish trusted relationships
|
|
16
|
+
*
|
|
17
|
+
* @param opts Configuration options containing the identifier to resolve and trust anchors to validate against
|
|
18
|
+
* @param context Agent context that must include the OIDF client plugin and JWT verification capabilities
|
|
19
|
+
*
|
|
20
|
+
* @returns Promise resolving to an ExternalIdentifierOIDFEntityIdResult containing:
|
|
21
|
+
* - trustedAnchors: Record mapping trust anchors to their public key hexes
|
|
22
|
+
* - errorList: Optional record of errors encountered per trust anchor
|
|
23
|
+
* - jwks: Array of JWK information from the trust chain
|
|
24
|
+
* - trustEstablished: Boolean indicating if any trust relationships were established
|
|
25
|
+
*
|
|
26
|
+
* @throws Error if trust anchors are missing or JWT verification plugin is not enabled
|
|
27
|
+
*/
|
|
28
|
+
export async function resolveExternalOIDFEntityIdIdentifier(
|
|
29
|
+
opts: ExternalIdentifierOIDFEntityIdOpts,
|
|
30
|
+
context: IAgentContext<IOIDFClient>
|
|
31
|
+
): Promise<ExternalIdentifierOIDFEntityIdResult> {
|
|
32
|
+
let { trustAnchors, identifier } = opts
|
|
33
|
+
|
|
34
|
+
if (!trustAnchors || trustAnchors.length === 0) {
|
|
35
|
+
return Promise.reject(Error('ExternalIdentifierOIDFEntityIdOpts is missing the trustAnchors'))
|
|
36
|
+
}
|
|
37
|
+
|
|
38
|
+
if (!contextHasPlugin(context, 'jwtVerifyJwsSignature')) {
|
|
39
|
+
return Promise.reject(Error('For OIDFEntityId resolving the agent needs to have the JwtService plugin enabled'))
|
|
40
|
+
}
|
|
41
|
+
|
|
42
|
+
const trustedAnchors: Record<TrustedAnchor, PublicKeyHex> = {}
|
|
43
|
+
const errorList: Record<TrustedAnchor, ErrorMessage> = {}
|
|
44
|
+
const jwkInfos: Array<ExternalJwkInfo> = []
|
|
45
|
+
|
|
46
|
+
for (const trustAnchor of trustAnchors) {
|
|
47
|
+
const resolveResult = await context.agent.resolveTrustChain({
|
|
48
|
+
entityIdentifier: identifier,
|
|
49
|
+
trustAnchors: [trustAnchor]
|
|
50
|
+
})
|
|
51
|
+
|
|
52
|
+
if (resolveResult.error || !resolveResult.trustChain) {
|
|
53
|
+
errorList[trustAnchor] = resolveResult.errorMessage ?? 'unspecified'
|
|
54
|
+
} else {
|
|
55
|
+
const trustChain: ReadonlyArray<string> = resolveResult.trustChain.asJsReadonlyArrayView()
|
|
56
|
+
let authorityJWK:JWK | undefined = undefined
|
|
57
|
+
for (const [i, jwt] of [...trustChain].reverse().entries()) {
|
|
58
|
+
const isLast = i === trustChain.length - 1
|
|
59
|
+
|
|
60
|
+
const verifyArgs:VerifyJwsArgs = {jws: jwt}
|
|
61
|
+
if(authorityJWK && !isLast) {
|
|
62
|
+
verifyArgs.jwk = authorityJWK
|
|
63
|
+
}
|
|
64
|
+
const jwtVerifyResult:IJwsValidationResult = await context.agent.jwtVerifyJwsSignature(verifyArgs)
|
|
65
|
+
if(jwtVerifyResult.error || jwtVerifyResult.critical) {
|
|
66
|
+
errorList[trustAnchor] = jwtVerifyResult.message
|
|
67
|
+
break
|
|
68
|
+
}
|
|
69
|
+
if(jwtVerifyResult.jws.signatures.length === 0) {
|
|
70
|
+
errorList[trustAnchor] = 'No signature was present in the trust anchor JWS'
|
|
71
|
+
break
|
|
72
|
+
}
|
|
73
|
+
const signature = jwtVerifyResult.jws.signatures[0]
|
|
74
|
+
if(signature.identifier.jwks.length === 0) {
|
|
75
|
+
errorList[trustAnchor] = 'No JWK was present in the trust anchor signature'
|
|
76
|
+
break
|
|
77
|
+
}
|
|
78
|
+
const jwkInfo:ExternalJwkInfo = signature.identifier.jwks[0]
|
|
79
|
+
if(!authorityJWK) {
|
|
80
|
+
authorityJWK = jwkInfo.jwk
|
|
81
|
+
jwkInfos.push(jwkInfo)
|
|
82
|
+
trustedAnchors[trustAnchor] = signature.publicKeyHex // When we have multiple hits from different trust anchor authorities the caller can infer which signature came from which trust anchor
|
|
83
|
+
}
|
|
84
|
+
}
|
|
85
|
+
}
|
|
86
|
+
}
|
|
87
|
+
|
|
88
|
+
return {
|
|
89
|
+
method: 'entity_id',
|
|
90
|
+
trustedAnchors,
|
|
91
|
+
...(Object.keys(errorList).length > 0 && { errorList }),
|
|
92
|
+
jwks: jwkInfos,
|
|
93
|
+
trustEstablished: Object.keys(trustedAnchors).length > 0
|
|
94
|
+
}
|
|
95
|
+
}
|
package/src/functions/index.ts
CHANGED
|
@@ -3,7 +3,7 @@ import {
|
|
|
3
3
|
ExternalIdentifierCoseKeyOpts,
|
|
4
4
|
ExternalIdentifierCoseKeyResult,
|
|
5
5
|
ExternalIdentifierDidOpts,
|
|
6
|
-
ExternalIdentifierDidResult,
|
|
6
|
+
ExternalIdentifierDidResult, ExternalIdentifierOIDFEntityIdOpts, ExternalIdentifierOIDFEntityIdResult,
|
|
7
7
|
ExternalIdentifierJwkOpts,
|
|
8
8
|
ExternalIdentifierJwkResult,
|
|
9
9
|
ExternalIdentifierOpts,
|
|
@@ -29,6 +29,7 @@ import {
|
|
|
29
29
|
ManagedIdentifierX5cOpts,
|
|
30
30
|
ManagedIdentifierX5cResult,
|
|
31
31
|
} from './managedIdentifierTypes'
|
|
32
|
+
import { IOIDFClient } from '@sphereon/ssi-sdk.oidf-client'
|
|
32
33
|
|
|
33
34
|
// Exposing the methods here for any REST implementation
|
|
34
35
|
export const identifierResolutionContextMethods: Array<string> = [
|
|
@@ -45,6 +46,7 @@ export const identifierResolutionContextMethods: Array<string> = [
|
|
|
45
46
|
'identifierExternalResolveByX5c',
|
|
46
47
|
'identifierExternalResolveByJwk',
|
|
47
48
|
'identifierExternalResolveByCoseKey',
|
|
49
|
+
'identifierExternalResolveByOIDFEntityId',
|
|
48
50
|
]
|
|
49
51
|
|
|
50
52
|
/**
|
|
@@ -99,4 +101,6 @@ export interface IIdentifierResolution extends IPluginMethodMap {
|
|
|
99
101
|
identifierExternalResolveByCoseKey(args: ExternalIdentifierCoseKeyOpts, context: IAgentContext<any>): Promise<ExternalIdentifierCoseKeyResult>
|
|
100
102
|
|
|
101
103
|
identifierExternalResolveByX5c(args: ExternalIdentifierX5cOpts, context: IAgentContext<any>): Promise<ExternalIdentifierX5cResult>
|
|
104
|
+
|
|
105
|
+
identifierExternalResolveByOIDFEntityId(args: ExternalIdentifierOIDFEntityIdOpts, context: IAgentContext<IOIDFClient>): Promise<ExternalIdentifierOIDFEntityIdResult>
|
|
102
106
|
}
|
|
@@ -0,0 +1,226 @@
|
|
|
1
|
+
|
|
2
|
+
// Copy of jwt-service typings since we cannot include that as devDependency due to cyclic dep
|
|
3
|
+
|
|
4
|
+
import { ExternalIdentifierDidOpts, ExternalIdentifierResult, ExternalIdentifierX5cOpts, IIdentifierResolution, ManagedIdentifierOptsOrResult, ManagedIdentifierResult } from '@sphereon/ssi-sdk-ext.identifier-resolution';
|
|
5
|
+
import { ClientIdScheme } from '@sphereon/ssi-sdk-ext.x509-utils';
|
|
6
|
+
import { BaseJWK, IValidationResult, JoseSignatureAlgorithm, JoseSignatureAlgorithmString, JWK } from '@sphereon/ssi-types';
|
|
7
|
+
import { IAgentContext, IKeyManager, IPluginMethodMap } from '@veramo/core';
|
|
8
|
+
export type IRequiredContext = IAgentContext<IIdentifierResolution & IKeyManager>;
|
|
9
|
+
export declare const jwtServiceContextMethods: Array<string>;
|
|
10
|
+
export interface IJwtService extends IPluginMethodMap {
|
|
11
|
+
jwtPrepareJws(args: CreateJwsJsonArgs, context: IRequiredContext): Promise<PreparedJwsObject>;
|
|
12
|
+
jwtCreateJwsJsonGeneralSignature(args: CreateJwsJsonArgs, context: IRequiredContext): Promise<JwsJsonGeneral>;
|
|
13
|
+
jwtCreateJwsJsonFlattenedSignature(args: CreateJwsFlattenedArgs, context: IRequiredContext): Promise<JwsJsonFlattened>;
|
|
14
|
+
jwtCreateJwsCompactSignature(args: CreateJwsCompactArgs, context: IRequiredContext): Promise<JwtCompactResult>;
|
|
15
|
+
jwtVerifyJwsSignature(args: VerifyJwsArgs, context: IRequiredContext): Promise<IJwsValidationResult>;
|
|
16
|
+
jwtEncryptJweCompactJwt(args: EncryptJweCompactJwtArgs, context: IRequiredContext): Promise<JwtCompactResult>;
|
|
17
|
+
jwtDecryptJweCompactJwt(args: DecryptJweCompactJwtArgs, context: IRequiredContext): Promise<JwtCompactResult>;
|
|
18
|
+
}
|
|
19
|
+
export type IJwsValidationResult = IValidationResult & {
|
|
20
|
+
jws: JwsJsonGeneralWithIdentifiers;
|
|
21
|
+
};
|
|
22
|
+
export interface PreparedJws {
|
|
23
|
+
protectedHeader: JwsHeader;
|
|
24
|
+
payload: Uint8Array;
|
|
25
|
+
unprotectedHeader?: JwsHeader;
|
|
26
|
+
existingSignatures?: Array<JwsJsonSignature>;
|
|
27
|
+
}
|
|
28
|
+
export interface JwsJsonSignature {
|
|
29
|
+
protected: string;
|
|
30
|
+
header?: JwsHeader;
|
|
31
|
+
signature: string;
|
|
32
|
+
}
|
|
33
|
+
/**
|
|
34
|
+
* The JWK representation of an ephemeral public key.
|
|
35
|
+
* See https://www.rfc-editor.org/rfc/rfc7518.html#section-6
|
|
36
|
+
*/
|
|
37
|
+
export type EphemeralPublicKey = Omit<BaseJWK, 'alg'>;
|
|
38
|
+
export interface JweHeader extends Omit<BaseJwtHeader, 'alg'> {
|
|
39
|
+
alg: string;
|
|
40
|
+
enc: string;
|
|
41
|
+
jku?: string;
|
|
42
|
+
jwk?: BaseJWK;
|
|
43
|
+
epk?: EphemeralPublicKey;
|
|
44
|
+
x5u?: string;
|
|
45
|
+
x5c?: string[];
|
|
46
|
+
x5t?: string;
|
|
47
|
+
cty?: string;
|
|
48
|
+
crit?: string[];
|
|
49
|
+
[k: string]: any;
|
|
50
|
+
}
|
|
51
|
+
export interface JweRecipientUnprotectedHeader {
|
|
52
|
+
alg: string;
|
|
53
|
+
iv: string;
|
|
54
|
+
tag: string;
|
|
55
|
+
epk?: EphemeralPublicKey;
|
|
56
|
+
kid?: string;
|
|
57
|
+
apv?: string;
|
|
58
|
+
apu?: string;
|
|
59
|
+
}
|
|
60
|
+
export interface JweProtectedHeader extends Partial<JweHeader> {
|
|
61
|
+
zip?: 'DEF' | string;
|
|
62
|
+
}
|
|
63
|
+
export type Jws = JwsCompact | JwsJsonFlattened | JwsJsonGeneral;
|
|
64
|
+
export type JwsCompact = string;
|
|
65
|
+
export interface JwsJsonFlattened {
|
|
66
|
+
payload: string;
|
|
67
|
+
protected: string;
|
|
68
|
+
header?: JwsHeader;
|
|
69
|
+
signature: string;
|
|
70
|
+
}
|
|
71
|
+
export interface JwsJsonGeneral {
|
|
72
|
+
payload: string;
|
|
73
|
+
signatures: Array<JwsJsonSignature>;
|
|
74
|
+
}
|
|
75
|
+
export interface JwsJsonGeneralWithIdentifiers extends JwsJsonGeneral {
|
|
76
|
+
signatures: Array<JwsJsonSignatureWithIdentifier>;
|
|
77
|
+
}
|
|
78
|
+
export interface JwsJsonSignatureWithIdentifier extends JwsJsonSignature {
|
|
79
|
+
identifier: ExternalIdentifierResult;
|
|
80
|
+
publicKeyHex: string;
|
|
81
|
+
}
|
|
82
|
+
export type Jwe = JweCompact | JweJsonFlattened | JweJsonGeneral;
|
|
83
|
+
export type JweCompact = string;
|
|
84
|
+
export interface JweJsonFlattened {
|
|
85
|
+
protected: string;
|
|
86
|
+
unprotected: JweHeader;
|
|
87
|
+
header: JweHeader | JweRecipientUnprotectedHeader;
|
|
88
|
+
encrypted_key?: string;
|
|
89
|
+
aad?: string;
|
|
90
|
+
iv: string;
|
|
91
|
+
ciphertext: string;
|
|
92
|
+
tag?: string;
|
|
93
|
+
}
|
|
94
|
+
export interface JweRecipient {
|
|
95
|
+
header?: JweRecipientUnprotectedHeader;
|
|
96
|
+
encrypted_key?: string;
|
|
97
|
+
}
|
|
98
|
+
export interface JweJsonGeneral {
|
|
99
|
+
protected: string;
|
|
100
|
+
unprotected?: JweHeader;
|
|
101
|
+
recipients: Array<JweRecipient>;
|
|
102
|
+
aad?: string;
|
|
103
|
+
iv: string;
|
|
104
|
+
ciphertext: string;
|
|
105
|
+
tag?: string;
|
|
106
|
+
}
|
|
107
|
+
export interface PreparedJwsObject {
|
|
108
|
+
jws: PreparedJws;
|
|
109
|
+
b64: {
|
|
110
|
+
payload: string;
|
|
111
|
+
protectedHeader: string;
|
|
112
|
+
};
|
|
113
|
+
identifier: ManagedIdentifierResult;
|
|
114
|
+
}
|
|
115
|
+
export interface BaseJwtHeader {
|
|
116
|
+
typ?: string;
|
|
117
|
+
alg?: string;
|
|
118
|
+
kid?: string;
|
|
119
|
+
}
|
|
120
|
+
export interface BaseJwtPayload {
|
|
121
|
+
iss?: string;
|
|
122
|
+
sub?: string;
|
|
123
|
+
aud?: string[] | string;
|
|
124
|
+
exp?: number;
|
|
125
|
+
nbf?: number;
|
|
126
|
+
iat?: number;
|
|
127
|
+
jti?: string;
|
|
128
|
+
}
|
|
129
|
+
export interface JwsHeader extends BaseJwtHeader {
|
|
130
|
+
kid?: string;
|
|
131
|
+
jwk?: JWK;
|
|
132
|
+
x5c?: string[];
|
|
133
|
+
[key: string]: unknown;
|
|
134
|
+
}
|
|
135
|
+
export interface JwsPayload extends BaseJwtPayload {
|
|
136
|
+
[key: string]: unknown;
|
|
137
|
+
}
|
|
138
|
+
export interface JwsHeaderOpts {
|
|
139
|
+
alg: JoseSignatureAlgorithm | JoseSignatureAlgorithmString;
|
|
140
|
+
}
|
|
141
|
+
export type JwsIdentifierMode = 'x5c' | 'kid' | 'jwk' | 'did' | 'auto';
|
|
142
|
+
export type EncryptJweCompactJwtArgs = {
|
|
143
|
+
payload: JwsPayload;
|
|
144
|
+
protectedHeader?: JweProtectedHeader | undefined;
|
|
145
|
+
aad?: Uint8Array | undefined;
|
|
146
|
+
recipientKey: ExternalIdentifierResult & {
|
|
147
|
+
kid?: string;
|
|
148
|
+
};
|
|
149
|
+
alg?: JweAlg;
|
|
150
|
+
enc?: JweEnc;
|
|
151
|
+
apu?: string;
|
|
152
|
+
apv?: string;
|
|
153
|
+
expirationTime?: number | string | Date;
|
|
154
|
+
issuer?: string;
|
|
155
|
+
audience?: string | string[];
|
|
156
|
+
};
|
|
157
|
+
export type DecryptJweCompactJwtArgs = {
|
|
158
|
+
jwe: JweCompact;
|
|
159
|
+
idOpts: ManagedIdentifierOptsOrResult;
|
|
160
|
+
};
|
|
161
|
+
export type CreateJwsArgs = {
|
|
162
|
+
mode?: JwsIdentifierMode;
|
|
163
|
+
issuer: ManagedIdentifierOptsOrResult & {
|
|
164
|
+
noIssPayloadUpdate?: boolean;
|
|
165
|
+
noIdentifierInHeader?: boolean;
|
|
166
|
+
};
|
|
167
|
+
clientId?: string;
|
|
168
|
+
clientIdScheme?: ClientIdScheme | 'did' | string;
|
|
169
|
+
protectedHeader: JwsHeader;
|
|
170
|
+
payload: JwsPayload | Uint8Array | string;
|
|
171
|
+
};
|
|
172
|
+
export type CreateJweArgs = {
|
|
173
|
+
mode?: JwsIdentifierMode;
|
|
174
|
+
issuer: ManagedIdentifierOptsOrResult & {
|
|
175
|
+
noIssPayloadUpdate?: boolean;
|
|
176
|
+
noIdentifierInHeader?: boolean;
|
|
177
|
+
};
|
|
178
|
+
protectedHeader: JweProtectedHeader;
|
|
179
|
+
encryptedKey: string | EphemeralPublicKey;
|
|
180
|
+
iv: string;
|
|
181
|
+
ciphertext: string;
|
|
182
|
+
tag: string;
|
|
183
|
+
};
|
|
184
|
+
export type CreateJwsCompactArgs = CreateJwsArgs;
|
|
185
|
+
export type CreateJwsFlattenedArgs = Exclude<CreateJwsJsonArgs, 'existingSignatures'>;
|
|
186
|
+
export type VerifyJwsArgs = {
|
|
187
|
+
jws: Jws;
|
|
188
|
+
jwk?: JWK;
|
|
189
|
+
opts?: {
|
|
190
|
+
x5c?: Omit<ExternalIdentifierX5cOpts, 'identifier'>;
|
|
191
|
+
did?: Omit<ExternalIdentifierDidOpts, 'identifier'>;
|
|
192
|
+
};
|
|
193
|
+
};
|
|
194
|
+
/**
|
|
195
|
+
* @public
|
|
196
|
+
*/
|
|
197
|
+
export type CreateJwsJsonArgs = CreateJwsArgs & {
|
|
198
|
+
unprotectedHeader?: JwsHeader;
|
|
199
|
+
existingSignatures?: Array<JwsJsonSignature>;
|
|
200
|
+
};
|
|
201
|
+
export type CreateJweJsonArgs = CreateJweArgs & {
|
|
202
|
+
unprotectedHeader?: JweHeader;
|
|
203
|
+
};
|
|
204
|
+
/**
|
|
205
|
+
* @public
|
|
206
|
+
*/
|
|
207
|
+
export interface JwtCompactResult {
|
|
208
|
+
jwt: JwsCompact | JweCompact;
|
|
209
|
+
}
|
|
210
|
+
export declare function isJwsCompact(jws: Jws): jws is JwsCompact;
|
|
211
|
+
export declare function isJweCompact(jwe: Jwe): jwe is JweCompact;
|
|
212
|
+
export declare function isJwsJsonFlattened(jws: Jws): jws is JwsJsonFlattened;
|
|
213
|
+
export declare function isJwsJsonGeneral(jws: Jws): jws is JwsJsonGeneral;
|
|
214
|
+
export declare function isJweJsonFlattened(jwe: Jwe): jwe is JweJsonFlattened;
|
|
215
|
+
export declare function isJweJsonGeneral(jwe: Jwe): jwe is JweJsonGeneral;
|
|
216
|
+
export declare function isJwsHeader(header: BaseJwtHeader & Record<string, any>): header is JwsHeader;
|
|
217
|
+
export declare function isJweHeader(header: BaseJwtHeader & Record<string, any>): header is JweHeader;
|
|
218
|
+
export declare const COMPACT_JWS_REGEX: RegExp;
|
|
219
|
+
export declare const COMPACT_JWE_REGEX: RegExp;
|
|
220
|
+
export declare const JweAlgs: readonly ["RSA1_5", "RSA-OAEP", "RSA-OAEP-256", "A128KW", "A192KW", "A256KW", "dir", "ECDH-ES", "ECDH-ES+A128KW", "ECDH-ES+A192KW", "ECDH-ES+A256KW", "A128GCMKW", "A192GCMKW", "A256GCMKW", "PBES2-HS256+A128KW", "PBES2-HS384+A192KW", "PBES2-HS512+A256KW"];
|
|
221
|
+
export type JweAlg = typeof JweAlgs[number];
|
|
222
|
+
export declare function jweAlg(alg?: string | JweAlg): JweAlg | undefined;
|
|
223
|
+
export declare const JweEncs: readonly ["A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512", "A128GCM", "A192GCM", "A256GCM"];
|
|
224
|
+
export type JweEnc = typeof JweEncs[number];
|
|
225
|
+
export declare function jweEnc(alg?: string | JweEnc): JweEnc | undefined;
|
|
226
|
+
//# sourceMappingURL=IJwtService.d.ts.map
|
package/src/types/common.ts
CHANGED
|
@@ -50,6 +50,10 @@ export function isCoseKeyIdentifier(identifier: ManagedIdentifierType): identifi
|
|
|
50
50
|
return typeof identifier === 'object' && `kty` in identifier && ('baseIV' in identifier || 'x5chain' in identifier) && !('x5c' in identifier)
|
|
51
51
|
}
|
|
52
52
|
|
|
53
|
+
export function isOIDFEntityIdIdentifier(identifier: ManagedIdentifierType): identifier is ICoseKeyJson {
|
|
54
|
+
return typeof identifier === 'string' && identifier.startsWith('https://')
|
|
55
|
+
}
|
|
56
|
+
|
|
53
57
|
export function isX5cIdentifier(identifier: ManagedIdentifierType | ExternalIdentifierType): identifier is string[] {
|
|
54
58
|
return Array.isArray(identifier) && identifier.length > 0 // todo: Do we want to do additional validation? We know it must be DER and thus hex for instance
|
|
55
59
|
}
|
|
@@ -5,7 +5,7 @@ import { IParsedDID } from '@sphereon/ssi-types'
|
|
|
5
5
|
import { DIDDocument, DIDDocumentSection, DIDResolutionResult } from '@veramo/core'
|
|
6
6
|
import {
|
|
7
7
|
isCoseKeyIdentifier,
|
|
8
|
-
isDidIdentifier,
|
|
8
|
+
isDidIdentifier, isOIDFEntityIdIdentifier,
|
|
9
9
|
isJwkIdentifier,
|
|
10
10
|
isJwksUrlIdentifier,
|
|
11
11
|
isKidIdentifier,
|
|
@@ -47,6 +47,7 @@ export type ExternalIdentifierOpts = (
|
|
|
47
47
|
| ExternalIdentifierDidOpts
|
|
48
48
|
| ExternalIdentifierKidOpts
|
|
49
49
|
| ExternalIdentifierCoseKeyOpts
|
|
50
|
+
| ExternalIdentifierOIDFEntityIdOpts
|
|
50
51
|
) &
|
|
51
52
|
ExternalIdentifierOptsBase
|
|
52
53
|
|
|
@@ -101,6 +102,17 @@ export function isExternalIdentifierJwksUrlOpts(opts: ExternalIdentifierOptsBase
|
|
|
101
102
|
return ('method' in opts && opts.method === 'oidc-discovery') || isJwksUrlIdentifier(identifier)
|
|
102
103
|
}
|
|
103
104
|
|
|
105
|
+
export type ExternalIdentifierOIDFEntityIdOpts = Omit<ExternalIdentifierOptsBase, 'method'> & {
|
|
106
|
+
method?: 'entity_id'
|
|
107
|
+
identifier: string
|
|
108
|
+
trustAnchors?: Array<string>
|
|
109
|
+
}
|
|
110
|
+
|
|
111
|
+
export function isExternalIdentifierOIDFEntityIdOpts(opts: ExternalIdentifierOptsBase): opts is ExternalIdentifierCoseKeyOpts {
|
|
112
|
+
const { identifier } = opts
|
|
113
|
+
return ('method' in opts && opts.method === 'entity_id' || 'trustAnchors' in opts) && isOIDFEntityIdIdentifier(identifier)
|
|
114
|
+
}
|
|
115
|
+
|
|
104
116
|
export type ExternalIdentifierX5cOpts = Omit<ExternalIdentifierOptsBase, 'method'> &
|
|
105
117
|
X509CertificateChainValidationOpts & {
|
|
106
118
|
method?: 'x5c'
|
|
@@ -115,10 +127,10 @@ export function isExternalIdentifierX5cOpts(opts: ExternalIdentifierOptsBase): o
|
|
|
115
127
|
return ('method' in opts && opts.method === 'x5c') || isX5cIdentifier(identifier)
|
|
116
128
|
}
|
|
117
129
|
|
|
118
|
-
export type ExternalIdentifierMethod = 'did' | 'jwk' | 'x5c' | 'kid' | 'cose_key' | 'oidc-discovery' | 'jwks-url' | 'oid4vci-issuer'
|
|
130
|
+
export type ExternalIdentifierMethod = 'did' | 'jwk' | 'x5c' | 'kid' | 'cose_key' | 'oidc-discovery' | 'jwks-url' | 'oid4vci-issuer' | 'entity_id'
|
|
119
131
|
|
|
120
132
|
export type ExternalIdentifierResult = IExternalIdentifierResultBase &
|
|
121
|
-
(ExternalIdentifierDidResult | ExternalIdentifierX5cResult | ExternalIdentifierJwkResult | ExternalIdentifierCoseKeyResult)
|
|
133
|
+
(ExternalIdentifierDidResult | ExternalIdentifierX5cResult | ExternalIdentifierJwkResult | ExternalIdentifierOIDFEntityIdResult | ExternalIdentifierCoseKeyResult )
|
|
122
134
|
|
|
123
135
|
export interface IExternalIdentifierResultBase {
|
|
124
136
|
method: ExternalIdentifierMethod
|
|
@@ -145,6 +157,17 @@ export interface ExternalIdentifierX5cResult extends IExternalIdentifierResultBa
|
|
|
145
157
|
certificates: any[] // for now since our schema generator trips on pkijs Certificate(Json) object //fixme
|
|
146
158
|
}
|
|
147
159
|
|
|
160
|
+
export type TrustedAnchor = string
|
|
161
|
+
export type PublicKeyHex = string
|
|
162
|
+
export type ErrorMessage = string
|
|
163
|
+
|
|
164
|
+
export interface ExternalIdentifierOIDFEntityIdResult extends IExternalIdentifierResultBase {
|
|
165
|
+
method: 'entity_id'
|
|
166
|
+
trustedAnchors: Record<TrustedAnchor, PublicKeyHex>
|
|
167
|
+
errorList?: Record<TrustedAnchor, ErrorMessage>
|
|
168
|
+
trustEstablished: boolean
|
|
169
|
+
}
|
|
170
|
+
|
|
148
171
|
export interface ExternalJwkInfo extends JwkInfo {
|
|
149
172
|
kid?: string
|
|
150
173
|
publicKeyHex: string
|