@sphereon/ssi-sdk-ext.identifier-resolution 0.36.1-next.47 → 0.36.1-next.70

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/dist/index.cjs +46 -9
  2. package/dist/index.cjs.map +1 -1
  3. package/dist/index.js +46 -9
  4. package/dist/index.js.map +1 -1
  5. package/package.json +13 -13
  6. package/plugin.schema.json +2 -2
  7. package/src/functions/managedIdentifierFunctions.ts +65 -12
package/dist/index.js CHANGED
@@ -1062,9 +1062,9 @@ var require_plugin_schema = __commonJS({
1062
1062
  type: "object"
1063
1063
  },
1064
1064
  DidDocumentJwks: {
1065
- $ref: '#/components/schemas/Record<Exclude<DIDDocumentSection,("publicKey"|"service")>,def-interface-.ts-36152-36877-.ts-0-63876[]>'
1065
+ $ref: '#/components/schemas/Record<Exclude<DIDDocumentSection,("publicKey"|"service")>,def-interface-.ts-36172-36897-.ts-0-63936[]>'
1066
1066
  },
1067
- 'Record<Exclude<DIDDocumentSection,("publicKey"|"service")>,def-interface-.ts-36152-36877-.ts-0-63876[]>': {
1067
+ 'Record<Exclude<DIDDocumentSection,("publicKey"|"service")>,def-interface-.ts-36172-36897-.ts-0-63936[]>': {
1068
1068
  type: "object",
1069
1069
  properties: {
1070
1070
  verificationMethod: {
@@ -4780,7 +4780,6 @@ async function getManagedDidIdentifier(opts, context) {
4780
4780
  identifier = opts.identifier;
4781
4781
  }
4782
4782
  const did = identifier.did;
4783
- const keys = identifier?.keys;
4784
4783
  const extendedKey = await getFirstKeyWithRelation({
4785
4784
  ...opts,
4786
4785
  // Make sure we use offline mode if no pref was supplied. We are looking for managed DIDs after all. Could be it is not published yet
@@ -4789,19 +4788,57 @@ async function getManagedDidIdentifier(opts, context) {
4789
4788
  vmRelationship: opts.vmRelationship ?? "verificationMethod"
4790
4789
  }, context);
4791
4790
  const key = extendedKey;
4792
- const controllerKeyId = identifier.controllerKeyId;
4793
4791
  const jwk = toJwk(key.publicKeyHex, key.type, {
4794
4792
  key
4795
4793
  });
4796
4794
  const jwkThumbprint = key.meta?.jwkThumbprint ?? calculateJwkThumbprint({
4797
4795
  jwk
4798
4796
  });
4799
- let kid = opts.kid ?? extendedKey.meta?.verificationMethod?.id;
4800
- if (!kid.startsWith(did)) {
4797
+ let kid = opts.kid ?? extendedKey.meta?.verificationMethod?.id ?? extendedKey.kid;
4798
+ if (kid && !kid.startsWith(did)) {
4801
4799
  const hash = kid.startsWith("#") ? "" : "#";
4802
4800
  kid = `${did}${hash}${kid}`;
4803
4801
  }
4804
4802
  const issuer = opts.issuer ?? did;
4803
+ let filteredKeys = identifier?.keys ?? [];
4804
+ let isFiltered = false;
4805
+ if (opts.kmsKeyRef) {
4806
+ const keysByKmsKeyRef = filteredKeys.filter((k) => k.kid === opts.kmsKeyRef);
4807
+ if (keysByKmsKeyRef.length > 0) {
4808
+ filteredKeys = keysByKmsKeyRef;
4809
+ isFiltered = true;
4810
+ }
4811
+ }
4812
+ if (!isFiltered && opts.vmRelationship) {
4813
+ const keysByVmRelationship = filteredKeys.filter((k) => {
4814
+ const purposes = k.meta?.purposes;
4815
+ if (!purposes || purposes.length === 0) {
4816
+ return opts.vmRelationship === "verificationMethod";
4817
+ }
4818
+ return purposes.includes(opts.vmRelationship);
4819
+ });
4820
+ if (keysByVmRelationship.length > 0) {
4821
+ filteredKeys = keysByVmRelationship;
4822
+ isFiltered = true;
4823
+ }
4824
+ }
4825
+ if (!isFiltered && typeof opts.identifier === "string" && opts.identifier.includes("#")) {
4826
+ const fragment = opts.identifier.split("#")[1];
4827
+ const keysByFragment = filteredKeys.filter((k) => {
4828
+ const vmId = k.meta?.verificationMethod?.id;
4829
+ return vmId === `${did}#${fragment}` || vmId === fragment || k.kid === fragment;
4830
+ });
4831
+ if (keysByFragment.length > 0) {
4832
+ filteredKeys = keysByFragment;
4833
+ }
4834
+ }
4835
+ const keys = filteredKeys;
4836
+ const controllerKeyId = key.kid;
4837
+ const filteredIdentifier = {
4838
+ ...identifier,
4839
+ keys: filteredKeys,
4840
+ controllerKeyId
4841
+ };
4805
4842
  return {
4806
4843
  method,
4807
4844
  key,
@@ -4813,7 +4850,7 @@ async function getManagedDidIdentifier(opts, context) {
4813
4850
  kid,
4814
4851
  keys,
4815
4852
  issuer,
4816
- identifier,
4853
+ identifier: filteredIdentifier,
4817
4854
  clientId: opts.clientId,
4818
4855
  clientIdScheme: opts.clientIdScheme,
4819
4856
  opts
@@ -4933,10 +4970,10 @@ async function getManagedOID4VCIssuerIdentifier(opts, context) {
4933
4970
  }
4934
4971
  __name(getManagedOID4VCIssuerIdentifier, "getManagedOID4VCIssuerIdentifier");
4935
4972
  async function getManagedIdentifier(opts, context) {
4936
- let resolutionResult;
4937
4973
  if (isManagedIdentifierResult(opts)) {
4938
- opts;
4974
+ return opts;
4939
4975
  }
4976
+ let resolutionResult;
4940
4977
  if (isManagedIdentifierKidOpts(opts)) {
4941
4978
  resolutionResult = await getManagedKidIdentifier(opts, context);
4942
4979
  } else if (isManagedIdentifierDidOpts(opts)) {