@sphereon/ssi-sdk-ext.identifier-resolution 0.27.1-feature.SPRIND.113.interop.6 → 0.27.1-feature.SPRIND.116.13
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/functions/LegacySupport.js +1 -1
- package/dist/functions/LegacySupport.js.map +1 -1
- package/dist/functions/externalOIDFIdentifier.d.ts.map +1 -1
- package/dist/functions/externalOIDFIdentifier.js +27 -1
- package/dist/functions/externalOIDFIdentifier.js.map +1 -1
- package/dist/types/externalIdentifierTypes.d.ts +2 -0
- package/dist/types/externalIdentifierTypes.d.ts.map +1 -1
- package/dist/types/externalIdentifierTypes.js.map +1 -1
- package/package.json +9 -9
- package/plugin.schema.json +43 -0
- package/src/functions/LegacySupport.ts +1 -1
- package/src/functions/externalOIDFIdentifier.ts +5 -2
- package/src/types/externalIdentifierTypes.ts +2 -0
|
@@ -10,7 +10,7 @@ function legacyKeyRefsToIdentifierOpts(opts) {
|
|
|
10
10
|
if (!opts.idOpts) {
|
|
11
11
|
console.warn(`Legacy idOpts being used. Support will be dropped in the future. Consider switching to the idOpts, to have support for DIDs, JWKS, x5c etc. See https://github.com/Sphereon-Opensource/SSI-SDK-crypto-extensions/tree/feature/multi_identifier_support/packages/identifier-resolution`);
|
|
12
12
|
// legacy way
|
|
13
|
-
let kmsKeyRef = (_j = (_f = (_d = (_a = opts.keyRef) !== null && _a !== void 0 ? _a : (_c = (_b = opts.didOpts) === null || _b === void 0 ? void 0 : _b.idOpts) === null || _c === void 0 ? void 0 : _c.kmsKeyRef) !== null && _d !== void 0 ? _d : (_e = opts.didOpts) === null || _e === void 0 ? void 0 : _e.kid) !== null && _f !== void 0 ? _f : (_h = (_g = opts.didOpts) === null || _g === void 0 ? void 0 : _g.idOpts) === null || _h === void 0 ? void 0 : _h.kid) !== null && _j !== void 0 ? _j : (typeof ((_k = opts.didOpts) === null || _k === void 0 ? void 0 : _k.idOpts
|
|
13
|
+
let kmsKeyRef = (_j = (_f = (_d = (_a = opts.keyRef) !== null && _a !== void 0 ? _a : (_c = (_b = opts.didOpts) === null || _b === void 0 ? void 0 : _b.idOpts) === null || _c === void 0 ? void 0 : _c.kmsKeyRef) !== null && _d !== void 0 ? _d : (_e = opts.didOpts) === null || _e === void 0 ? void 0 : _e.kid) !== null && _f !== void 0 ? _f : (_h = (_g = opts.didOpts) === null || _g === void 0 ? void 0 : _g.idOpts) === null || _h === void 0 ? void 0 : _h.kid) !== null && _j !== void 0 ? _j : (typeof ((_l = (_k = opts.didOpts) === null || _k === void 0 ? void 0 : _k.idOpts) === null || _l === void 0 ? void 0 : _l.identifier) === 'object' ? opts.didOpts.idOpts.identifier.keys[0].kid : undefined);
|
|
14
14
|
if (!kmsKeyRef) {
|
|
15
15
|
throw Error('Key ref is needed for access token signer');
|
|
16
16
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"LegacySupport.js","sourceRoot":"","sources":["../../src/functions/LegacySupport.ts"],"names":[],"mappings":";;AAOA,sEA8CC;AAlDD;;;GAGG;AACH,SAAgB,6BAA6B,CAAC,IAK7C;;IACC,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;QACjB,OAAO,CAAC,IAAI,CACV,uRAAuR,CACxR,CAAA;QACD,aAAa;QACb,IAAI,SAAS,GACX,MAAA,MAAA,MAAA,MAAA,IAAI,CAAC,MAAM,mCACX,MAAA,MAAA,IAAI,CAAC,OAAO,0CAAE,MAAM,0CAAE,SAAS,mCAC/B,MAAA,IAAI,CAAC,OAAO,0CAAE,GAAG,mCACjB,MAAA,MAAA,IAAI,CAAC,OAAO,0CAAE,MAAM,0CAAE,GAAG,mCACzB,CAAC,OAAO,CAAA,MAAA,IAAI,CAAC,OAAO,0CAAE,MAAM,
|
|
1
|
+
{"version":3,"file":"LegacySupport.js","sourceRoot":"","sources":["../../src/functions/LegacySupport.ts"],"names":[],"mappings":";;AAOA,sEA8CC;AAlDD;;;GAGG;AACH,SAAgB,6BAA6B,CAAC,IAK7C;;IACC,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;QACjB,OAAO,CAAC,IAAI,CACV,uRAAuR,CACxR,CAAA;QACD,aAAa;QACb,IAAI,SAAS,GACX,MAAA,MAAA,MAAA,MAAA,IAAI,CAAC,MAAM,mCACX,MAAA,MAAA,IAAI,CAAC,OAAO,0CAAE,MAAM,0CAAE,SAAS,mCAC/B,MAAA,IAAI,CAAC,OAAO,0CAAE,GAAG,mCACjB,MAAA,MAAA,IAAI,CAAC,OAAO,0CAAE,MAAM,0CAAE,GAAG,mCACzB,CAAC,OAAO,CAAA,MAAA,MAAA,IAAI,CAAC,OAAO,0CAAE,MAAM,0CAAE,UAAU,CAAA,KAAK,QAAQ,CAAC,CAAC,CAAE,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,UAA0B,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC,CAAA;QAClI,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,MAAM,KAAK,CAAC,2CAA2C,CAAC,CAAA;QAC1D,CAAC;QACD,IAAI,UAAU,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,OAAO,0CAAE,UAAU,mCAAI,MAAA,MAAA,IAAI,CAAC,OAAO,0CAAE,MAAM,0CAAE,UAAU,CAA4B,CAAA;QAE1G,OAAO;YACL,SAAS,EAAE,MAAA,IAAI,CAAC,MAAM,mCAAI,SAAS;YACnC,UAAU,EAAE,UAAU,aAAV,UAAU,cAAV,UAAU,GAAI,SAAS;YACnC,MAAM,EAAE,IAAI,CAAC,GAAG;SACkB,CAAA;IACtC,CAAC;SAAM,CAAC;QACN,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAA;QAC1B,IAAI,IAAI,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;YACrC,aAAa;YACb,OAAO,CAAC,IAAI,CACV,uRAAuR,CACxR,CAAA;YACD,MAAM,CAAC,SAAS,GAAG,IAAI,CAAC,MAAM,CAAA;QAChC,CAAC;QACD,IAAI,IAAI,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;YAC/B,aAAa;YACb,OAAO,CAAC,IAAI,CACV,oRAAoR,CACrR,CAAA;YACD,MAAM,CAAC,MAAM,GAAG,IAAI,CAAC,GAAG,CAAA;QAC1B,CAAC;QAED,OAAO,MAAM,CAAA;IACf,CAAC;AACH,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"externalOIDFIdentifier.d.ts","sourceRoot":"","sources":["../../src/functions/externalOIDFIdentifier.ts"],"names":[],"mappings":"AAAA,OAAO,EAAgB,kCAAkC,EAAE,oCAAoC,EAAkC,MAAM,UAAU,CAAA;AACjJ,OAAO,EAAE,aAAa,EAAE,MAAM,cAAc,CAAA;AAC5C,OAAO,EAAE,WAAW,EAAE,MAAM,+BAA+B,CAAA;AAI3D;;;;;;;;;;;;;GAaG;AACH,wBAAsB,qCAAqC,CACzD,IAAI,EAAE,kCAAkC,EACxC,OAAO,EAAE,aAAa,CAAC,WAAW,CAAC,GAClC,OAAO,CAAC,oCAAoC,CAAC,
|
|
1
|
+
{"version":3,"file":"externalOIDFIdentifier.d.ts","sourceRoot":"","sources":["../../src/functions/externalOIDFIdentifier.ts"],"names":[],"mappings":"AAAA,OAAO,EAAgB,kCAAkC,EAAE,oCAAoC,EAAkC,MAAM,UAAU,CAAA;AACjJ,OAAO,EAAE,aAAa,EAAE,MAAM,cAAc,CAAA;AAC5C,OAAO,EAAE,WAAW,EAAE,MAAM,+BAA+B,CAAA;AAI3D;;;;;;;;;;;;;GAaG;AACH,wBAAsB,qCAAqC,CACzD,IAAI,EAAE,kCAAkC,EACxC,OAAO,EAAE,aAAa,CAAC,WAAW,CAAC,GAClC,OAAO,CAAC,oCAAoC,CAAC,CAmE/C"}
|
|
@@ -1,4 +1,27 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
14
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
15
|
+
}) : function(o, v) {
|
|
16
|
+
o["default"] = v;
|
|
17
|
+
});
|
|
18
|
+
var __importStar = (this && this.__importStar) || function (mod) {
|
|
19
|
+
if (mod && mod.__esModule) return mod;
|
|
20
|
+
var result = {};
|
|
21
|
+
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
|
|
22
|
+
__setModuleDefault(result, mod);
|
|
23
|
+
return result;
|
|
24
|
+
};
|
|
2
25
|
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
3
26
|
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
4
27
|
return new (P || (P = Promise))(function (resolve, reject) {
|
|
@@ -11,6 +34,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
|
|
|
11
34
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
35
|
exports.resolveExternalOIDFEntityIdIdentifier = resolveExternalOIDFEntityIdIdentifier;
|
|
13
36
|
const ssi_sdk_agent_config_1 = require("@sphereon/ssi-sdk.agent-config");
|
|
37
|
+
const u8a = __importStar(require("uint8arrays"));
|
|
14
38
|
/**
|
|
15
39
|
* Resolves an OIDF Entity ID against multiple trust anchors to establish trusted relationships
|
|
16
40
|
*
|
|
@@ -38,6 +62,7 @@ function resolveExternalOIDFEntityIdIdentifier(opts, context) {
|
|
|
38
62
|
const trustedAnchors = new Set();
|
|
39
63
|
const errorList = {};
|
|
40
64
|
const jwkInfos = [];
|
|
65
|
+
let payload;
|
|
41
66
|
for (const trustAnchor of trustAnchors) {
|
|
42
67
|
const resolveResult = yield context.agent.resolveTrustChain({
|
|
43
68
|
entityIdentifier: identifier,
|
|
@@ -62,6 +87,7 @@ function resolveExternalOIDFEntityIdIdentifier(opts, context) {
|
|
|
62
87
|
errorList[trustAnchor] = 'No signature was present in the trust anchor JWS';
|
|
63
88
|
continue;
|
|
64
89
|
}
|
|
90
|
+
payload = JSON.parse(u8a.toString(u8a.fromString(jwtVerifyResult.jws.payload, 'base64url')));
|
|
65
91
|
const signature = jwtVerifyResult.jws.signatures[0];
|
|
66
92
|
if (signature.identifier.jwks.length === 0) {
|
|
67
93
|
errorList[trustAnchor] = 'No JWK was present in the trust anchor signature';
|
|
@@ -74,7 +100,7 @@ function resolveExternalOIDFEntityIdIdentifier(opts, context) {
|
|
|
74
100
|
trustedAnchors.add(trustAnchor);
|
|
75
101
|
}
|
|
76
102
|
}
|
|
77
|
-
return Object.assign(Object.assign({ method: 'entity_id', trustedAnchors: Array.from(trustedAnchors) }, (Object.keys(errorList).length > 0 && { errorList })), { jwks: jwkInfos, trustEstablished: trustedAnchors.size > 0 });
|
|
103
|
+
return Object.assign(Object.assign({ method: 'entity_id', trustedAnchors: Array.from(trustedAnchors) }, (Object.keys(errorList).length > 0 && { errorList })), { jwks: jwkInfos, jwtPayload: payload, trustEstablished: trustedAnchors.size > 0 });
|
|
78
104
|
});
|
|
79
105
|
}
|
|
80
106
|
//# sourceMappingURL=externalOIDFIdentifier.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"externalOIDFIdentifier.js","sourceRoot":"","sources":["../../src/functions/externalOIDFIdentifier.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"externalOIDFIdentifier.js","sourceRoot":"","sources":["../../src/functions/externalOIDFIdentifier.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAoBA,sFAsEC;AAvFD,yEAAiE;AAEjE,iDAAkC;AAClC;;;;;;;;;;;;;GAaG;AACH,SAAsB,qCAAqC,CACzD,IAAwC,EACxC,OAAmC;;;QAEnC,IAAI,EAAE,YAAY,EAAE,UAAU,EAAE,GAAG,IAAI,CAAA;QAEvC,IAAI,CAAC,YAAY,IAAI,YAAY,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC/C,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,gEAAgE,CAAC,CAAC,CAAA;QAChG,CAAC;QAED,IAAI,CAAC,IAAA,uCAAgB,EAAC,OAAO,EAAE,uBAAuB,CAAC,EAAE,CAAC;YACxD,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,kFAAkF,CAAC,CAAC,CAAA;QAClH,CAAC;QAED,MAAM,cAAc,GAAuB,IAAI,GAAG,EAAiB,CAAA;QACnE,MAAM,SAAS,GAAwC,EAAE,CAAA;QACzD,MAAM,QAAQ,GAA2B,EAAE,CAAA;QAE3C,IAAI,OAA+B,CAAA;QACnC,KAAK,MAAM,WAAW,IAAI,YAAY,EAAE,CAAC;YACvC,MAAM,aAAa,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC,iBAAiB,CAAC;gBAC1D,gBAAgB,EAAE,UAAU;gBAC5B,YAAY,EAAE,CAAC,WAAW,CAAC;aAC5B,CAAC,CAAA;YAEF,IAAI,aAAa,CAAC,KAAK,IAAI,CAAC,aAAa,CAAC,UAAU,EAAE,CAAC;gBACrD,SAAS,CAAC,WAAW,CAAC,GAAG,MAAA,aAAa,CAAC,YAAY,mCAAI,aAAa,CAAA;YACtE,CAAC;iBAAM,CAAC;gBACN,MAAM,UAAU,GAA0B,aAAa,CAAC,UAAU,CAAC,qBAAqB,EAAE,CAAA;gBAC1F,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;oBAC5B,SAAS,CAAC,WAAW,CAAC,GAAG,sBAAsB,CAAA;oBAC/C,SAAQ;gBACV,CAAC;gBAED,MAAM,GAAG,GAAG,UAAU,CAAC,CAAC,CAAC,CAAA;gBACzB,MAAM,eAAe,GAAyB,MAAM,OAAO,CAAC,KAAK,CAAC,qBAAqB,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAAA;gBAErG,IAAI,eAAe,CAAC,KAAK,IAAI,eAAe,CAAC,QAAQ,EAAE,CAAC;oBACtD,SAAS,CAAC,WAAW,CAAC,GAAG,eAAe,CAAC,OAAO,CAAA;oBAChD,SAAQ;gBACV,CAAC;gBAED,IAAI,eAAe,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;oBAChD,SAAS,CAAC,WAAW,CAAC,GAAG,kDAAkD,CAAA;oBAC3E,SAAQ;gBACV,CAAC;gBAED,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,UAAU,CAAC,eAAe,CAAC,GAAG,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC,CAAC,CAAA;gBAC5F,MAAM,SAAS,GAAG,eAAe,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,CAAA;gBACnD,IAAI,SAAS,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;oBAC3C,SAAS,CAAC,WAAW,CAAC,GAAG,kDAAkD,CAAA;oBAC3E,SAAQ;gBACV,CAAC;gBAED,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;oBAC1B,mCAAmC;oBACnC,QAAQ,CAAC,IAAI,CAAC,GAAG,SAAS,CAAC,UAAU,CAAC,IAAI,CAAC,CAAA;gBAC7C,CAAC;gBACD,cAAc,CAAC,GAAG,CAAC,WAAW,CAAC,CAAA;YACjC,CAAC;QACH,CAAC;QAED,qCACE,MAAM,EAAE,WAAW,EACnB,cAAc,EAAE,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,IACvC,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,SAAS,EAAE,CAAC,KACvD,IAAI,EAAE,QAAQ,EACd,UAAU,EAAE,OAAO,EACnB,gBAAgB,EAAE,cAAc,CAAC,IAAI,GAAG,CAAC,IAC1C;IACH,CAAC;CAAA"}
|
|
@@ -4,6 +4,7 @@ import { X509CertificateChainValidationOpts, X509ValidationResult } from '@spher
|
|
|
4
4
|
import { IParsedDID } from '@sphereon/ssi-types';
|
|
5
5
|
import { DIDDocument, DIDDocumentSection, DIDResolutionResult } from '@veramo/core';
|
|
6
6
|
import { JwkInfo } from './common';
|
|
7
|
+
import { JwsPayload } from "./IJwtService";
|
|
7
8
|
/**
|
|
8
9
|
* Use whenever we need to resolve an external identifier. We can pass in kids, DIDs, and x5chains
|
|
9
10
|
*
|
|
@@ -95,6 +96,7 @@ export interface ExternalIdentifierOIDFEntityIdResult extends IExternalIdentifie
|
|
|
95
96
|
method: 'entity_id';
|
|
96
97
|
trustedAnchors: Array<TrustedAnchor>;
|
|
97
98
|
errorList?: Record<TrustedAnchor, ErrorMessage>;
|
|
99
|
+
jwtPayload?: JwsPayload;
|
|
98
100
|
trustEstablished: boolean;
|
|
99
101
|
}
|
|
100
102
|
export interface ExternalJwkInfo extends JwkInfo {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"externalIdentifierTypes.d.ts","sourceRoot":"","sources":["../../src/types/externalIdentifierTypes.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,iCAAiC,CAAA;AACjE,OAAO,EAAE,YAAY,EAAE,GAAG,EAAE,MAAM,qBAAqB,CAAA;AACvD,OAAO,EAAE,kCAAkC,EAAE,oBAAoB,EAAE,MAAM,kCAAkC,CAAA;AAC3G,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAA;AAChD,OAAO,EAAE,WAAW,EAAE,kBAAkB,EAAE,mBAAmB,EAAE,MAAM,cAAc,CAAA;AACnF,OAAO,EASL,OAAO,EACR,MAAM,UAAU,CAAA;
|
|
1
|
+
{"version":3,"file":"externalIdentifierTypes.d.ts","sourceRoot":"","sources":["../../src/types/externalIdentifierTypes.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,iCAAiC,CAAA;AACjE,OAAO,EAAE,YAAY,EAAE,GAAG,EAAE,MAAM,qBAAqB,CAAA;AACvD,OAAO,EAAE,kCAAkC,EAAE,oBAAoB,EAAE,MAAM,kCAAkC,CAAA;AAC3G,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAA;AAChD,OAAO,EAAE,WAAW,EAAE,kBAAkB,EAAE,mBAAmB,EAAE,MAAM,cAAc,CAAA;AACnF,OAAO,EASL,OAAO,EACR,MAAM,UAAU,CAAA;AACjB,OAAO,EAAC,UAAU,EAAC,MAAM,eAAe,CAAC;AAEzC;;;;GAIG;AACH,MAAM,MAAM,sBAAsB,GAAG,MAAM,GAAG,MAAM,EAAE,GAAG,GAAG,CAAA;AAE5D,MAAM,MAAM,0BAA0B,GAAG;IACvC,MAAM,CAAC,EAAE,wBAAwB,CAAA;IACjC,UAAU,EAAE,sBAAsB,CAAA;CACnC,CAAA;AAED,MAAM,MAAM,yBAAyB,GAAG,IAAI,CAAC,0BAA0B,EAAE,QAAQ,CAAC,GAAG;IACnF,MAAM,CAAC,EAAE,KAAK,CAAA;IACd,UAAU,EAAE,MAAM,CAAA;IAClB,4BAA4B,CAAC,EAAE,OAAO,CAAA;IACtC,cAAc,CAAC,EAAE,kBAAkB,CAAA;IACnC,eAAe,CAAC,EAAE,OAAO,CAAA;IACzB,qBAAqB,CAAC,EAAE,OAAO,CAAA;IAC/B,kBAAkB,CAAC,EAAE,OAAO,CAAA;CAC7B,CAAA;AAED,wBAAgB,2BAA2B,CAAC,IAAI,EAAE,0BAA0B,GAAG,IAAI,IAAI,yBAAyB,CAG/G;AAED,MAAM,MAAM,sBAAsB,GAAG,CACjC,yBAAyB,GACzB,yBAAyB,GACzB,yBAAyB,GACzB,yBAAyB,GACzB,6BAA6B,GAC7B,kCAAkC,CACrC,GACC,0BAA0B,CAAA;AAE5B,MAAM,MAAM,yBAAyB,GAAG,IAAI,CAAC,0BAA0B,EAAE,QAAQ,CAAC,GAAG;IACnF,MAAM,CAAC,EAAE,KAAK,CAAA;IACd,UAAU,EAAE,MAAM,CAAA;CACnB,CAAA;AAED,wBAAgB,2BAA2B,CAAC,IAAI,EAAE,0BAA0B,GAAG,IAAI,IAAI,yBAAyB,CAG/G;AAED,MAAM,MAAM,yBAAyB,GAAG,IAAI,CAAC,0BAA0B,EAAE,QAAQ,CAAC,GAAG;IACnF,MAAM,CAAC,EAAE,KAAK,CAAA;IACd,UAAU,EAAE,GAAG,CAAA;IACf,GAAG,CAAC,EAAE,yBAAyB,CAAA;CAChC,CAAA;AAED,wBAAgB,2BAA2B,CAAC,IAAI,EAAE,0BAA0B,GAAG,IAAI,IAAI,yBAAyB,CAG/G;AAED,MAAM,MAAM,6BAA6B,GAAG,IAAI,CAAC,0BAA0B,EAAE,QAAQ,CAAC,GAAG;IACvF,MAAM,CAAC,EAAE,UAAU,CAAA;IACnB,UAAU,EAAE,YAAY,CAAA;CACzB,CAAA;AAED,wBAAgB,+BAA+B,CAAC,IAAI,EAAE,0BAA0B,GAAG,IAAI,IAAI,6BAA6B,CAGvH;AAED,MAAM,MAAM,mCAAmC,GAAG,IAAI,CAAC,0BAA0B,EAAE,QAAQ,CAAC,GAAG;IAC7F,MAAM,CAAC,EAAE,gBAAgB,CAAA;IACzB,UAAU,EAAE,MAAM,CAAA;CACnB,CAAA;AAED,wBAAgB,qCAAqC,CAAC,IAAI,EAAE,0BAA0B,GAAG,IAAI,IAAI,yBAAyB,CAGzH;AAED,MAAM,MAAM,6BAA6B,GAAG,IAAI,CAAC,0BAA0B,EAAE,QAAQ,CAAC,GAAG;IACvF,MAAM,CAAC,EAAE,UAAU,CAAA;IACnB,UAAU,EAAE,MAAM,CAAA;CACnB,CAAA;AAED,wBAAgB,+BAA+B,CAAC,IAAI,EAAE,0BAA0B,GAAG,IAAI,IAAI,6BAA6B,CAGvH;AAED,MAAM,MAAM,kCAAkC,GAAG,IAAI,CAAC,0BAA0B,EAAE,QAAQ,CAAC,GAAG;IAC5F,MAAM,CAAC,EAAE,WAAW,CAAA;IACpB,UAAU,EAAE,MAAM,CAAA;IAClB,YAAY,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAA;CAC7B,CAAA;AAED,wBAAgB,oCAAoC,CAAC,IAAI,EAAE,0BAA0B,GAAG,IAAI,IAAI,kCAAkC,CAGjI;AAED,MAAM,MAAM,yBAAyB,GAAG,IAAI,CAAC,0BAA0B,EAAE,QAAQ,CAAC,GAChF,kCAAkC,GAAG;IACnC,MAAM,CAAC,EAAE,KAAK,CAAA;IACd,UAAU,EAAE,MAAM,EAAE,CAAA;IACpB,MAAM,CAAC,EAAE,OAAO,CAAA;IAChB,gBAAgB,CAAC,EAAE,IAAI,CAAA;IACvB,YAAY,CAAC,EAAE,MAAM,EAAE,CAAA;CACxB,CAAA;AAEH,wBAAgB,2BAA2B,CAAC,IAAI,EAAE,0BAA0B,GAAG,IAAI,IAAI,yBAAyB,CAG/G;AAED,MAAM,MAAM,wBAAwB,GAAG,KAAK,GAAG,KAAK,GAAG,KAAK,GAAG,KAAK,GAAG,UAAU,GAAG,gBAAgB,GAAG,UAAU,GAAG,gBAAgB,GAAG,WAAW,CAAA;AAElJ,MAAM,MAAM,wBAAwB,GAAG,6BAA6B,GAClE,CACI,2BAA2B,GAC3B,2BAA2B,GAC3B,2BAA2B,GAC3B,oCAAoC,GACpC,+BAA+B,CAClC,CAAA;AAEH,MAAM,WAAW,6BAA6B;IAC5C,MAAM,EAAE,wBAAwB,CAAA;IAChC,IAAI,EAAE,KAAK,CAAC,eAAe,CAAC,CAAA;CAC7B;AAED,MAAM,WAAW,2BAA4B,SAAQ,6BAA6B;IAChF,MAAM,EAAE,KAAK,CAAA;IACb,GAAG,EAAE,GAAG,CAAA;IACR,GAAG,CAAC,EAAE,2BAA2B,CAAA;CAClC;AAED,MAAM,WAAW,+BAAgC,SAAQ,6BAA6B;IACpF,MAAM,EAAE,UAAU,CAAA;IAClB,OAAO,EAAE,YAAY,CAAA;IACrB,GAAG,CAAC,EAAE,2BAA2B,CAAA;CAClC;AAED,MAAM,WAAW,2BAA4B,SAAQ,6BAA6B;IAChF,MAAM,EAAE,KAAK,CAAA;IACb,GAAG,EAAE,MAAM,EAAE,CAAA;IACb,SAAS,EAAE,GAAG,CAAA;IACd,kBAAkB,CAAC,EAAE,oBAAoB,CAAA;IACzC,YAAY,EAAE,GAAG,EAAE,CAAA;CACpB;AAED,MAAM,MAAM,aAAa,GAAG,MAAM,CAAA;AAClC,MAAM,MAAM,YAAY,GAAG,MAAM,CAAA;AACjC,MAAM,MAAM,YAAY,GAAG,MAAM,CAAA;AAEjC,MAAM,WAAW,oCAAqC,SAAQ,6BAA6B;IACzF,MAAM,EAAE,WAAW,CAAA;IACnB,cAAc,EAAE,KAAK,CAAC,aAAa,CAAC,CAAA;IACpC,SAAS,CAAC,EAAE,MAAM,CAAC,aAAa,EAAE,YAAY,CAAC,CAAA;IAC/C,UAAU,CAAC,EAAE,UAAU,CAAA;IACvB,gBAAgB,EAAE,OAAO,CAAA;CAC1B;AAED,MAAM,WAAW,eAAgB,SAAQ,OAAO;IAC9C,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,YAAY,EAAE,MAAM,CAAA;CACrB;AAED,MAAM,WAAW,2BAA4B,SAAQ,6BAA6B;IAChF,MAAM,EAAE,KAAK,CAAA;IACb,GAAG,EAAE,MAAM,CAAA;IACX,WAAW,CAAC,EAAE,WAAW,CAAA;IACzB,OAAO,CAAC,EAAE,eAAe,CAAA;IACzB,mBAAmB,EAAE,IAAI,CAAC,mBAAmB,EAAE,aAAa,CAAC,CAAA;IAC7D,SAAS,EAAE,UAAU,CAAA;CACtB"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"externalIdentifierTypes.js","sourceRoot":"","sources":["../../src/types/externalIdentifierTypes.ts"],"names":[],"mappings":";;
|
|
1
|
+
{"version":3,"file":"externalIdentifierTypes.js","sourceRoot":"","sources":["../../src/types/externalIdentifierTypes.ts"],"names":[],"mappings":";;AAwCA,kEAGC;AAiBD,kEAGC;AAQD,kEAGC;AAOD,0EAGC;AAOD,sFAGC;AAOD,0EAGC;AAQD,oFAGC;AAWD,kEAGC;AA5HD,qCAUiB;AAyBjB,SAAgB,2BAA2B,CAAC,IAAgC;IAC1E,MAAM,EAAE,UAAU,EAAE,GAAG,IAAI,CAAA;IAC3B,OAAO,CAAC,QAAQ,IAAI,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,KAAK,CAAC,IAAI,IAAA,wBAAe,EAAC,UAAU,CAAC,CAAA;AACnF,CAAC;AAiBD,SAAgB,2BAA2B,CAAC,IAAgC;IAC1E,MAAM,EAAE,UAAU,EAAE,GAAG,IAAI,CAAA;IAC3B,OAAO,CAAC,QAAQ,IAAI,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,KAAK,CAAC,IAAI,IAAA,wBAAe,EAAC,UAAU,CAAC,CAAA;AACnF,CAAC;AAQD,SAAgB,2BAA2B,CAAC,IAAgC;IAC1E,MAAM,EAAE,UAAU,EAAE,GAAG,IAAI,CAAA;IAC3B,OAAO,CAAC,QAAQ,IAAI,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,KAAK,CAAC,IAAI,IAAA,wBAAe,EAAC,UAAU,CAAC,CAAA;AACnF,CAAC;AAOD,SAAgB,+BAA+B,CAAC,IAAgC;IAC9E,MAAM,EAAE,UAAU,EAAE,GAAG,IAAI,CAAA;IAC3B,OAAO,CAAC,QAAQ,IAAI,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,UAAU,CAAC,IAAI,IAAA,4BAAmB,EAAC,UAAU,CAAC,CAAA;AAC5F,CAAC;AAOD,SAAgB,qCAAqC,CAAC,IAAgC;IACpF,MAAM,EAAE,UAAU,EAAE,GAAG,IAAI,CAAA;IAC3B,OAAO,CAAC,QAAQ,IAAI,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,gBAAgB,CAAC,IAAI,IAAA,kCAAyB,EAAC,UAAU,CAAC,CAAA;AACxG,CAAC;AAOD,SAAgB,+BAA+B,CAAC,IAAgC;IAC9E,MAAM,EAAE,UAAU,EAAE,GAAG,IAAI,CAAA;IAC3B,OAAO,CAAC,QAAQ,IAAI,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,gBAAgB,CAAC,IAAI,IAAA,4BAAmB,EAAC,UAAU,CAAC,CAAA;AAClG,CAAC;AAQD,SAAgB,oCAAoC,CAAC,IAAgC;IACnF,MAAM,EAAE,UAAU,EAAE,GAAG,IAAI,CAAA;IAC3B,OAAO,CAAC,CAAC,QAAQ,IAAI,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,WAAW,CAAC,IAAI,cAAc,IAAI,IAAI,CAAC,IAAI,IAAA,iCAAwB,EAAC,UAAU,CAAC,CAAA;AAC9H,CAAC;AAWD,SAAgB,2BAA2B,CAAC,IAAgC;IAC1E,MAAM,EAAE,UAAU,EAAE,GAAG,IAAI,CAAA;IAC3B,OAAO,CAAC,QAAQ,IAAI,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,KAAK,CAAC,IAAI,IAAA,wBAAe,EAAC,UAAU,CAAC,CAAA;AACnF,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@sphereon/ssi-sdk-ext.identifier-resolution",
|
|
3
|
-
"version": "0.27.1-feature.SPRIND.
|
|
3
|
+
"version": "0.27.1-feature.SPRIND.116.13+4c832ab",
|
|
4
4
|
"source": "src/index.ts",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"types": "dist/index.d.ts",
|
|
@@ -15,9 +15,9 @@
|
|
|
15
15
|
"generate-plugin-schema": "sphereon dev generate-plugin-schema"
|
|
16
16
|
},
|
|
17
17
|
"dependencies": {
|
|
18
|
-
"@sphereon/ssi-sdk-ext.did-utils": "0.27.1-feature.SPRIND.
|
|
19
|
-
"@sphereon/ssi-sdk-ext.key-utils": "0.27.1-feature.SPRIND.
|
|
20
|
-
"@sphereon/ssi-sdk-ext.x509-utils": "0.27.1-feature.SPRIND.
|
|
18
|
+
"@sphereon/ssi-sdk-ext.did-utils": "0.27.1-feature.SPRIND.116.13+4c832ab",
|
|
19
|
+
"@sphereon/ssi-sdk-ext.key-utils": "0.27.1-feature.SPRIND.116.13+4c832ab",
|
|
20
|
+
"@sphereon/ssi-sdk-ext.x509-utils": "0.27.1-feature.SPRIND.116.13+4c832ab",
|
|
21
21
|
"@sphereon/ssi-sdk.agent-config": "0.30.2-feature.SDK.41.oidf.support.286",
|
|
22
22
|
"@sphereon/ssi-sdk.oidf-client": " 0.30.2-feature.SDK.41.oidf.support.286",
|
|
23
23
|
"@sphereon/ssi-types": "0.30.2-feature.SDK.41.oidf.support.286",
|
|
@@ -28,10 +28,10 @@
|
|
|
28
28
|
"uint8arrays": "^3.1.1"
|
|
29
29
|
},
|
|
30
30
|
"devDependencies": {
|
|
31
|
-
"@sphereon/ssi-sdk-ext.did-provider-jwk": "0.27.1-feature.SPRIND.
|
|
32
|
-
"@sphereon/ssi-sdk-ext.did-resolver-jwk": "0.27.1-feature.SPRIND.
|
|
33
|
-
"@sphereon/ssi-sdk-ext.key-manager": "0.27.1-feature.SPRIND.
|
|
34
|
-
"@sphereon/ssi-sdk-ext.kms-local": "0.27.1-feature.SPRIND.
|
|
31
|
+
"@sphereon/ssi-sdk-ext.did-provider-jwk": "0.27.1-feature.SPRIND.116.13+4c832ab",
|
|
32
|
+
"@sphereon/ssi-sdk-ext.did-resolver-jwk": "0.27.1-feature.SPRIND.116.13+4c832ab",
|
|
33
|
+
"@sphereon/ssi-sdk-ext.key-manager": "0.27.1-feature.SPRIND.116.13+4c832ab",
|
|
34
|
+
"@sphereon/ssi-sdk-ext.kms-local": "0.27.1-feature.SPRIND.116.13+4c832ab",
|
|
35
35
|
"@sphereon/ssi-sdk.dev": "0.30.2-feature.SDK.41.oidf.support.286",
|
|
36
36
|
"@veramo/data-store": "4.2.0",
|
|
37
37
|
"@veramo/did-manager": "4.2.0",
|
|
@@ -65,5 +65,5 @@
|
|
|
65
65
|
"X.509 Certificates",
|
|
66
66
|
"ARF"
|
|
67
67
|
],
|
|
68
|
-
"gitHead": "
|
|
68
|
+
"gitHead": "4c832ab68039264f7595d7f2c432ef558f7c59a2"
|
|
69
69
|
}
|
package/plugin.schema.json
CHANGED
|
@@ -663,6 +663,9 @@
|
|
|
663
663
|
"$ref": "#/components/schemas/ErrorMessage"
|
|
664
664
|
}
|
|
665
665
|
},
|
|
666
|
+
"jwtPayload": {
|
|
667
|
+
"$ref": "#/components/schemas/JwsPayload"
|
|
668
|
+
},
|
|
666
669
|
"trustEstablished": {
|
|
667
670
|
"type": "boolean"
|
|
668
671
|
}
|
|
@@ -1376,6 +1379,43 @@
|
|
|
1376
1379
|
"ErrorMessage": {
|
|
1377
1380
|
"type": "string"
|
|
1378
1381
|
},
|
|
1382
|
+
"JwsPayload": {
|
|
1383
|
+
"type": "object",
|
|
1384
|
+
"additionalProperties": {},
|
|
1385
|
+
"properties": {
|
|
1386
|
+
"iss": {
|
|
1387
|
+
"type": "string"
|
|
1388
|
+
},
|
|
1389
|
+
"sub": {
|
|
1390
|
+
"type": "string"
|
|
1391
|
+
},
|
|
1392
|
+
"aud": {
|
|
1393
|
+
"anyOf": [
|
|
1394
|
+
{
|
|
1395
|
+
"type": "array",
|
|
1396
|
+
"items": {
|
|
1397
|
+
"type": "string"
|
|
1398
|
+
}
|
|
1399
|
+
},
|
|
1400
|
+
{
|
|
1401
|
+
"type": "string"
|
|
1402
|
+
}
|
|
1403
|
+
]
|
|
1404
|
+
},
|
|
1405
|
+
"exp": {
|
|
1406
|
+
"type": "number"
|
|
1407
|
+
},
|
|
1408
|
+
"nbf": {
|
|
1409
|
+
"type": "number"
|
|
1410
|
+
},
|
|
1411
|
+
"iat": {
|
|
1412
|
+
"type": "number"
|
|
1413
|
+
},
|
|
1414
|
+
"jti": {
|
|
1415
|
+
"type": "string"
|
|
1416
|
+
}
|
|
1417
|
+
}
|
|
1418
|
+
},
|
|
1379
1419
|
"ICoseKeyJson": {
|
|
1380
1420
|
"type": "object",
|
|
1381
1421
|
"properties": {
|
|
@@ -1704,6 +1744,9 @@
|
|
|
1704
1744
|
"$ref": "#/components/schemas/ErrorMessage"
|
|
1705
1745
|
}
|
|
1706
1746
|
},
|
|
1747
|
+
"jwtPayload": {
|
|
1748
|
+
"$ref": "#/components/schemas/JwsPayload"
|
|
1749
|
+
},
|
|
1707
1750
|
"trustEstablished": {
|
|
1708
1751
|
"type": "boolean"
|
|
1709
1752
|
}
|
|
@@ -21,7 +21,7 @@ export function legacyKeyRefsToIdentifierOpts(opts: {
|
|
|
21
21
|
opts.didOpts?.idOpts?.kmsKeyRef ??
|
|
22
22
|
opts.didOpts?.kid ??
|
|
23
23
|
opts.didOpts?.idOpts?.kid ??
|
|
24
|
-
(typeof opts.didOpts?.idOpts
|
|
24
|
+
(typeof opts.didOpts?.idOpts?.identifier === 'object' ? (opts.didOpts.idOpts.identifier as IIdentifier).keys[0].kid : undefined)
|
|
25
25
|
if (!kmsKeyRef) {
|
|
26
26
|
throw Error('Key ref is needed for access token signer')
|
|
27
27
|
}
|
|
@@ -2,8 +2,8 @@ import { ErrorMessage, ExternalIdentifierOIDFEntityIdOpts, ExternalIdentifierOID
|
|
|
2
2
|
import { IAgentContext } from '@veramo/core'
|
|
3
3
|
import { IOIDFClient } from '@sphereon/ssi-sdk.oidf-client'
|
|
4
4
|
import { contextHasPlugin } from '@sphereon/ssi-sdk.agent-config'
|
|
5
|
-
import {
|
|
6
|
-
|
|
5
|
+
import {IJwsValidationResult, JwsPayload} from '../types/IJwtService'
|
|
6
|
+
import * as u8a from 'uint8arrays'
|
|
7
7
|
/**
|
|
8
8
|
* Resolves an OIDF Entity ID against multiple trust anchors to establish trusted relationships
|
|
9
9
|
*
|
|
@@ -36,6 +36,7 @@ export async function resolveExternalOIDFEntityIdIdentifier(
|
|
|
36
36
|
const errorList: Record<TrustedAnchor, ErrorMessage> = {}
|
|
37
37
|
const jwkInfos: Array<ExternalJwkInfo> = []
|
|
38
38
|
|
|
39
|
+
let payload: JwsPayload | undefined
|
|
39
40
|
for (const trustAnchor of trustAnchors) {
|
|
40
41
|
const resolveResult = await context.agent.resolveTrustChain({
|
|
41
42
|
entityIdentifier: identifier,
|
|
@@ -64,6 +65,7 @@ export async function resolveExternalOIDFEntityIdIdentifier(
|
|
|
64
65
|
continue
|
|
65
66
|
}
|
|
66
67
|
|
|
68
|
+
payload = JSON.parse(u8a.toString(u8a.fromString(jwtVerifyResult.jws.payload, 'base64url')))
|
|
67
69
|
const signature = jwtVerifyResult.jws.signatures[0]
|
|
68
70
|
if (signature.identifier.jwks.length === 0) {
|
|
69
71
|
errorList[trustAnchor] = 'No JWK was present in the trust anchor signature'
|
|
@@ -83,6 +85,7 @@ export async function resolveExternalOIDFEntityIdIdentifier(
|
|
|
83
85
|
trustedAnchors: Array.from(trustedAnchors),
|
|
84
86
|
...(Object.keys(errorList).length > 0 && { errorList }),
|
|
85
87
|
jwks: jwkInfos,
|
|
88
|
+
jwtPayload: payload,
|
|
86
89
|
trustEstablished: trustedAnchors.size > 0,
|
|
87
90
|
}
|
|
88
91
|
}
|
|
@@ -14,6 +14,7 @@ import {
|
|
|
14
14
|
isX5cIdentifier,
|
|
15
15
|
JwkInfo,
|
|
16
16
|
} from './common'
|
|
17
|
+
import {JwsPayload} from "./IJwtService";
|
|
17
18
|
|
|
18
19
|
/**
|
|
19
20
|
* Use whenever we need to resolve an external identifier. We can pass in kids, DIDs, and x5chains
|
|
@@ -172,6 +173,7 @@ export interface ExternalIdentifierOIDFEntityIdResult extends IExternalIdentifie
|
|
|
172
173
|
method: 'entity_id'
|
|
173
174
|
trustedAnchors: Array<TrustedAnchor>
|
|
174
175
|
errorList?: Record<TrustedAnchor, ErrorMessage>
|
|
176
|
+
jwtPayload?: JwsPayload
|
|
175
177
|
trustEstablished: boolean
|
|
176
178
|
}
|
|
177
179
|
|