@sphereon/ssi-sdk.credential-validation 0.33.1-feature.vcdm2.tsup.32 → 0.33.1-next.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (19) hide show
  1. package/dist/agent/CredentialValidation.d.ts +20 -0
  2. package/dist/agent/CredentialValidation.d.ts.map +1 -0
  3. package/dist/agent/CredentialValidation.js +243 -0
  4. package/dist/agent/CredentialValidation.js.map +1 -0
  5. package/dist/index.d.ts +4 -79
  6. package/dist/index.d.ts.map +1 -0
  7. package/dist/index.js +25 -1866
  8. package/dist/index.js.map +1 -1
  9. package/dist/{index.d.cts → ssi-sdk.credential-validation.d.ts} +101 -83
  10. package/dist/tsdoc-metadata.json +11 -0
  11. package/dist/types/ICredentialValidation.d.ts +59 -0
  12. package/dist/types/ICredentialValidation.d.ts.map +1 -0
  13. package/dist/types/ICredentialValidation.js +10 -0
  14. package/dist/types/ICredentialValidation.js.map +1 -0
  15. package/package.json +14 -27
  16. package/plugin.schema.json +26 -62
  17. package/src/types/ICredentialValidation.ts +1 -1
  18. package/dist/index.cjs +0 -1898
  19. package/dist/index.cjs.map +0 -1
package/dist/index.cjs DELETED
@@ -1,1898 +0,0 @@
1
- "use strict";
2
- var __create = Object.create;
3
- var __defProp = Object.defineProperty;
4
- var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
5
- var __getOwnPropNames = Object.getOwnPropertyNames;
6
- var __getProtoOf = Object.getPrototypeOf;
7
- var __hasOwnProp = Object.prototype.hasOwnProperty;
8
- var __name = (target, value) => __defProp(target, "name", { value, configurable: true });
9
- var __commonJS = (cb, mod) => function __require() {
10
- return mod || (0, cb[__getOwnPropNames(cb)[0]])((mod = { exports: {} }).exports, mod), mod.exports;
11
- };
12
- var __export = (target, all) => {
13
- for (var name in all)
14
- __defProp(target, name, { get: all[name], enumerable: true });
15
- };
16
- var __copyProps = (to, from, except, desc) => {
17
- if (from && typeof from === "object" || typeof from === "function") {
18
- for (let key of __getOwnPropNames(from))
19
- if (!__hasOwnProp.call(to, key) && key !== except)
20
- __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
21
- }
22
- return to;
23
- };
24
- var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
25
- // If the importer is in node compatibility mode or this is not an ESM
26
- // file that has been converted to a CommonJS file using a Babel-
27
- // compatible transform (i.e. "__esModule" has not been set), then set
28
- // "default" to the CommonJS "module.exports" for node compatibility.
29
- isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
30
- mod
31
- ));
32
- var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
33
-
34
- // plugin.schema.json
35
- var require_plugin_schema = __commonJS({
36
- "plugin.schema.json"(exports, module2) {
37
- module2.exports = {
38
- ICredentialValidation: {
39
- components: {
40
- schemas: {
41
- VerifyCredentialArgs: {
42
- type: "object",
43
- properties: {
44
- credential: {
45
- $ref: "#/components/schemas/OriginalVerifiableCredential"
46
- },
47
- hasher: {
48
- $ref: "#/components/schemas/HasherSync"
49
- },
50
- fetchRemoteContexts: {
51
- type: "boolean"
52
- },
53
- policies: {
54
- $ref: "#/components/schemas/VerificationPolicies"
55
- }
56
- },
57
- required: [
58
- "credential",
59
- "fetchRemoteContexts"
60
- ]
61
- },
62
- OriginalVerifiableCredential: {
63
- anyOf: [
64
- {
65
- $ref: "#/components/schemas/W3CVerifiableCredential"
66
- },
67
- {
68
- $ref: "#/components/schemas/JwtDecodedVerifiableCredential"
69
- },
70
- {
71
- $ref: "#/components/schemas/SdJwtDecodedVerifiableCredential"
72
- },
73
- {
74
- $ref: "#/components/schemas/MdocOid4vpIssuerSigned"
75
- },
76
- {
77
- $ref: "#/components/schemas/MdocDocument"
78
- }
79
- ]
80
- },
81
- W3CVerifiableCredential: {
82
- anyOf: [
83
- {
84
- $ref: "#/components/schemas/IVerifiableCredential"
85
- },
86
- {
87
- $ref: "#/components/schemas/CompactJWT"
88
- }
89
- ],
90
- description: "Represents a signed Verifiable Credential (includes proof), in either JSON, compact JWT or compact SD-JWT VC format. See {@link https://www.w3.org/TR/vc-data-model/#credentials | VC data model } See {@link https://www.w3.org/TR/vc-data-model/#proof-formats | proof formats }"
91
- },
92
- IVerifiableCredential: {
93
- type: "object",
94
- properties: {
95
- proof: {
96
- anyOf: [
97
- {
98
- $ref: "#/components/schemas/IProof"
99
- },
100
- {
101
- type: "array",
102
- items: {
103
- $ref: "#/components/schemas/IProof"
104
- }
105
- }
106
- ]
107
- },
108
- "@context": {
109
- anyOf: [
110
- {
111
- $ref: "#/components/schemas/ICredentialContextType"
112
- },
113
- {
114
- type: "array",
115
- items: {
116
- $ref: "#/components/schemas/ICredentialContextType"
117
- }
118
- }
119
- ]
120
- },
121
- type: {
122
- type: "array",
123
- items: {
124
- type: "string"
125
- }
126
- },
127
- credentialSchema: {
128
- anyOf: [
129
- {
130
- $ref: "#/components/schemas/ICredentialSchemaType"
131
- },
132
- {
133
- type: "array",
134
- items: {
135
- $ref: "#/components/schemas/ICredentialSchemaType"
136
- }
137
- }
138
- ]
139
- },
140
- issuer: {
141
- anyOf: [
142
- {
143
- $ref: "#/components/schemas/IIssuerId"
144
- },
145
- {
146
- $ref: "#/components/schemas/IIssuer"
147
- }
148
- ]
149
- },
150
- issuanceDate: {
151
- type: "string"
152
- },
153
- credentialSubject: {
154
- anyOf: [
155
- {
156
- type: "object",
157
- properties: {
158
- id: {
159
- type: "string"
160
- }
161
- }
162
- },
163
- {
164
- type: "array",
165
- items: {
166
- type: "object",
167
- properties: {
168
- id: {
169
- type: "string"
170
- }
171
- }
172
- }
173
- }
174
- ]
175
- },
176
- expirationDate: {
177
- type: "string"
178
- },
179
- id: {
180
- type: "string"
181
- },
182
- credentialStatus: {
183
- $ref: "#/components/schemas/ICredentialStatus"
184
- },
185
- description: {
186
- type: "string"
187
- },
188
- name: {
189
- type: "string"
190
- }
191
- },
192
- required: [
193
- "@context",
194
- "credentialSubject",
195
- "issuanceDate",
196
- "issuer",
197
- "proof",
198
- "type"
199
- ]
200
- },
201
- IProof: {
202
- type: "object",
203
- properties: {
204
- type: {
205
- anyOf: [
206
- {
207
- $ref: "#/components/schemas/IProofType"
208
- },
209
- {
210
- type: "string"
211
- }
212
- ]
213
- },
214
- created: {
215
- type: "string"
216
- },
217
- proofPurpose: {
218
- anyOf: [
219
- {
220
- $ref: "#/components/schemas/IProofPurpose"
221
- },
222
- {
223
- type: "string"
224
- }
225
- ]
226
- },
227
- verificationMethod: {
228
- type: "string"
229
- },
230
- challenge: {
231
- type: "string"
232
- },
233
- domain: {
234
- type: "string"
235
- },
236
- proofValue: {
237
- type: "string"
238
- },
239
- jws: {
240
- type: "string"
241
- },
242
- jwt: {
243
- type: "string"
244
- },
245
- mso_mdoc: {
246
- type: "string"
247
- },
248
- nonce: {
249
- type: "string"
250
- },
251
- requiredRevealStatements: {
252
- type: "array",
253
- items: {
254
- type: "string"
255
- }
256
- }
257
- },
258
- required: [
259
- "type",
260
- "created",
261
- "proofPurpose",
262
- "verificationMethod"
263
- ]
264
- },
265
- IProofType: {
266
- type: "string",
267
- enum: [
268
- "Ed25519Signature2018",
269
- "Ed25519Signature2020",
270
- "EcdsaSecp256k1Signature2019",
271
- "EcdsaSecp256k1RecoverySignature2020",
272
- "JsonWebSignature2020",
273
- "RsaSignature2018",
274
- "GpgSignature2020",
275
- "JcsEd25519Signature2020",
276
- "BbsBlsSignatureProof2020",
277
- "BbsBlsBoundSignatureProof2020",
278
- "JwtProof2020",
279
- "SdJwtProof2024",
280
- "MsoMdocProof2024"
281
- ]
282
- },
283
- IProofPurpose: {
284
- type: "string",
285
- enum: [
286
- "verificationMethod",
287
- "assertionMethod",
288
- "authentication",
289
- "keyAgreement",
290
- "contactAgreement",
291
- "capabilityInvocation",
292
- "capabilityDelegation"
293
- ]
294
- },
295
- ICredentialContextType: {
296
- anyOf: [
297
- {
298
- type: "object",
299
- properties: {
300
- name: {
301
- type: "string"
302
- },
303
- did: {
304
- type: "string"
305
- }
306
- }
307
- },
308
- {
309
- type: "string"
310
- }
311
- ]
312
- },
313
- ICredentialSchemaType: {
314
- anyOf: [
315
- {
316
- $ref: "#/components/schemas/ICredentialSchema"
317
- },
318
- {
319
- type: "string"
320
- }
321
- ]
322
- },
323
- ICredentialSchema: {
324
- type: "object",
325
- properties: {
326
- id: {
327
- type: "string"
328
- },
329
- type: {
330
- type: "string"
331
- }
332
- },
333
- required: [
334
- "id"
335
- ]
336
- },
337
- IIssuerId: {
338
- type: "string"
339
- },
340
- IIssuer: {
341
- type: "object",
342
- properties: {
343
- id: {
344
- type: "string"
345
- }
346
- },
347
- required: [
348
- "id"
349
- ]
350
- },
351
- ICredentialStatus: {
352
- type: "object",
353
- properties: {
354
- id: {
355
- type: "string"
356
- },
357
- type: {
358
- type: "string"
359
- }
360
- },
361
- required: [
362
- "id",
363
- "type"
364
- ]
365
- },
366
- CompactJWT: {
367
- type: "string",
368
- description: "Represents a Json Web Token in compact form."
369
- },
370
- JwtDecodedVerifiableCredential: {
371
- type: "object",
372
- properties: {
373
- vc: {
374
- $ref: "#/components/schemas/IVerifiableCredential"
375
- },
376
- exp: {
377
- type: "string"
378
- },
379
- iss: {
380
- type: "string"
381
- },
382
- nbf: {
383
- type: "string"
384
- },
385
- sub: {
386
- type: "string"
387
- },
388
- jti: {
389
- type: "string"
390
- }
391
- },
392
- required: [
393
- "vc",
394
- "exp",
395
- "iss",
396
- "nbf",
397
- "sub",
398
- "jti"
399
- ]
400
- },
401
- SdJwtDecodedVerifiableCredential: {
402
- type: "object",
403
- properties: {
404
- compactSdJwtVc: {
405
- type: "string",
406
- description: "The compact sd jwt is the sd-jwt encoded as string. It is a normal JWT, with the disclosures and kb-jwt appended separated by ~"
407
- },
408
- disclosures: {
409
- type: "array",
410
- items: {
411
- $ref: "#/components/schemas/SdJwtDisclosure"
412
- },
413
- description: "The disclosures included within the SD-JWT in both encoded and decoded format. The digests are also included, and allows the disclosures to be linked against the digests in the signed payload."
414
- },
415
- signedPayload: {
416
- type: "object",
417
- properties: {
418
- vct: {
419
- type: "string"
420
- },
421
- iss: {
422
- type: "string"
423
- },
424
- iat: {
425
- type: "number"
426
- },
427
- nbf: {
428
- type: "number"
429
- },
430
- exp: {
431
- type: "number"
432
- },
433
- cnf: {
434
- type: "object",
435
- properties: {
436
- jwk: {},
437
- kid: {
438
- type: "string"
439
- }
440
- }
441
- },
442
- status: {
443
- type: "object",
444
- properties: {
445
- idx: {
446
- type: "number"
447
- },
448
- uri: {
449
- type: "string"
450
- }
451
- },
452
- required: [
453
- "idx",
454
- "uri"
455
- ]
456
- },
457
- sub: {
458
- type: "string"
459
- },
460
- _sd: {
461
- type: "array",
462
- items: {
463
- type: "string"
464
- }
465
- },
466
- _sd_alg: {
467
- type: "string"
468
- }
469
- },
470
- additionalProperties: {
471
- anyOf: [
472
- {
473
- not: {}
474
- },
475
- {
476
- not: {}
477
- },
478
- {
479
- type: [
480
- "string",
481
- "number",
482
- "boolean",
483
- "object",
484
- "array"
485
- ]
486
- }
487
- ]
488
- },
489
- required: [
490
- "iat",
491
- "iss",
492
- "vct"
493
- ],
494
- description: "The signed payload is the payload of the sd-jwt that is actually signed, and that includes the `_sd` and `...` digests."
495
- },
496
- decodedPayload: {
497
- $ref: "#/components/schemas/SdJwtDecodedVerifiableCredentialPayload",
498
- description: "The decoded payload is the payload when all `_sd` and `...` digests have been replaced by the actual values from the disclosures. This format could also be seen as the 'pretty` version of the SD JWT payload.\n\nThis is useful for displaying the contents of the SD JWT VC to the user, or for example for querying the contents of the SD JWT VC using a PEX presentation definition path."
499
- },
500
- kbJwt: {
501
- type: "object",
502
- properties: {
503
- header: {
504
- $ref: "#/components/schemas/SdJwtVcKbJwtHeader"
505
- },
506
- payload: {
507
- $ref: "#/components/schemas/SdJwtVcKbJwtPayload"
508
- },
509
- compact: {
510
- $ref: "#/components/schemas/CompactJWT"
511
- }
512
- },
513
- required: [
514
- "header",
515
- "payload"
516
- ],
517
- description: "Key binding JWT"
518
- }
519
- },
520
- required: [
521
- "compactSdJwtVc",
522
- "disclosures",
523
- "signedPayload",
524
- "decodedPayload"
525
- ],
526
- description: "The decoded SD JWT Verifiable Credential. This representation includes multiple representations of the same SD-JWT, and allows to fully process an SD-JWT, as well as create a presentation SD-JWT (minus the KB-JWT) by removing certain disclosures from the compact SD-JWT.\n\nThis representation is useful as it doesn't require a hasher implementation to match the different digests in the signed SD-JWT payload, with the different disclosures."
527
- },
528
- SdJwtDisclosure: {
529
- type: "object",
530
- properties: {
531
- encoded: {
532
- type: "string"
533
- },
534
- decoded: {
535
- $ref: "#/components/schemas/SdJwtDecodedDisclosure"
536
- },
537
- digest: {
538
- type: "string"
539
- }
540
- },
541
- required: [
542
- "encoded",
543
- "decoded",
544
- "digest"
545
- ]
546
- },
547
- SdJwtDecodedDisclosure: {
548
- anyOf: [
549
- {
550
- type: "array",
551
- minItems: 3,
552
- items: [
553
- {
554
- type: "string"
555
- },
556
- {
557
- type: "string"
558
- },
559
- {
560
- anyOf: [
561
- {
562
- type: "string"
563
- },
564
- {
565
- type: "number"
566
- },
567
- {
568
- type: "boolean"
569
- },
570
- {
571
- type: "object",
572
- additionalProperties: {
573
- anyOf: [
574
- {
575
- $ref: "#/components/schemas/alias-d-jwt-vc.d.ts-197-306-d-jwt-vc.d.ts-0-8006"
576
- },
577
- {
578
- not: {}
579
- }
580
- ]
581
- }
582
- },
583
- {
584
- type: "array",
585
- items: {
586
- $ref: "#/components/schemas/alias-d-jwt-vc.d.ts-197-306-d-jwt-vc.d.ts-0-8006"
587
- }
588
- }
589
- ]
590
- }
591
- ],
592
- maxItems: 3
593
- },
594
- {
595
- type: "array",
596
- minItems: 2,
597
- items: [
598
- {
599
- type: "string"
600
- },
601
- {
602
- anyOf: [
603
- {
604
- type: "string"
605
- },
606
- {
607
- type: "number"
608
- },
609
- {
610
- type: "boolean"
611
- },
612
- {
613
- type: "object",
614
- additionalProperties: {
615
- anyOf: [
616
- {
617
- $ref: "#/components/schemas/alias-d-jwt-vc.d.ts-197-306-d-jwt-vc.d.ts-0-8006"
618
- },
619
- {
620
- not: {}
621
- }
622
- ]
623
- }
624
- },
625
- {
626
- type: "array",
627
- items: {
628
- $ref: "#/components/schemas/alias-d-jwt-vc.d.ts-197-306-d-jwt-vc.d.ts-0-8006"
629
- }
630
- }
631
- ]
632
- }
633
- ],
634
- maxItems: 2
635
- }
636
- ]
637
- },
638
- "alias-d-jwt-vc.d.ts-197-306-d-jwt-vc.d.ts-0-8006": {
639
- anyOf: [
640
- {
641
- type: "string"
642
- },
643
- {
644
- type: "number"
645
- },
646
- {
647
- type: "boolean"
648
- },
649
- {
650
- type: "object",
651
- additionalProperties: {
652
- anyOf: [
653
- {
654
- $ref: "#/components/schemas/alias-d-jwt-vc.d.ts-197-306-d-jwt-vc.d.ts-0-8006"
655
- },
656
- {
657
- not: {}
658
- }
659
- ]
660
- }
661
- },
662
- {
663
- type: "array",
664
- items: {
665
- $ref: "#/components/schemas/alias-d-jwt-vc.d.ts-197-306-d-jwt-vc.d.ts-0-8006"
666
- }
667
- }
668
- ]
669
- },
670
- SdJwtDecodedVerifiableCredentialPayload: {
671
- type: "object",
672
- properties: {
673
- vct: {
674
- type: "string"
675
- },
676
- iss: {
677
- type: "string"
678
- },
679
- iat: {
680
- type: "number"
681
- },
682
- nbf: {
683
- type: "number"
684
- },
685
- exp: {
686
- type: "number"
687
- },
688
- cnf: {
689
- type: "object",
690
- properties: {
691
- jwk: {},
692
- kid: {
693
- type: "string"
694
- }
695
- }
696
- },
697
- status: {
698
- type: "object",
699
- properties: {
700
- idx: {
701
- type: "number"
702
- },
703
- uri: {
704
- type: "string"
705
- }
706
- },
707
- required: [
708
- "idx",
709
- "uri"
710
- ]
711
- },
712
- sub: {
713
- type: "string"
714
- }
715
- },
716
- required: [
717
- "vct",
718
- "iss",
719
- "iat"
720
- ],
721
- additionalProperties: {
722
- anyOf: [
723
- {
724
- type: "string"
725
- },
726
- {
727
- type: "number"
728
- },
729
- {
730
- type: "boolean"
731
- },
732
- {
733
- type: "object",
734
- additionalProperties: {
735
- anyOf: [
736
- {
737
- $ref: "#/components/schemas/alias-d-jwt-vc.d.ts-197-306-d-jwt-vc.d.ts-0-8006"
738
- },
739
- {
740
- not: {}
741
- }
742
- ]
743
- }
744
- },
745
- {
746
- type: "array",
747
- items: {
748
- $ref: "#/components/schemas/alias-d-jwt-vc.d.ts-197-306-d-jwt-vc.d.ts-0-8006"
749
- }
750
- },
751
- {
752
- not: {}
753
- }
754
- ]
755
- },
756
- description: "Decoded 'pretty' SD JWT Verifiable Credential. This representation has all the `_sd` properties removed, and includes the disclosures directly within the payload."
757
- },
758
- SdJwtVcKbJwtHeader: {
759
- type: "object",
760
- properties: {
761
- typ: {
762
- type: "string",
763
- const: "kb+jwt"
764
- },
765
- alg: {
766
- type: "string"
767
- }
768
- },
769
- required: [
770
- "typ",
771
- "alg"
772
- ]
773
- },
774
- SdJwtVcKbJwtPayload: {
775
- type: "object",
776
- properties: {
777
- iat: {
778
- type: "number"
779
- },
780
- aud: {
781
- type: "string"
782
- },
783
- nonce: {
784
- type: "string"
785
- },
786
- sd_hash: {
787
- type: "string"
788
- }
789
- },
790
- required: [
791
- "iat",
792
- "aud",
793
- "nonce",
794
- "sd_hash"
795
- ],
796
- additionalProperties: {}
797
- },
798
- MdocOid4vpIssuerSigned: {
799
- type: "string",
800
- description: "Represents a selective disclosure JWT vc in compact form."
801
- },
802
- MdocDocument: {
803
- $ref: "#/components/schemas/com.sphereon.mdoc.data.device.DocumentCbor"
804
- },
805
- "com.sphereon.mdoc.data.device.DocumentCbor": {
806
- type: "object",
807
- properties: {}
808
- },
809
- HasherSync: {
810
- $comment: "(data: string | ArrayBuffer, alg: string) => Uint8Array",
811
- type: "object",
812
- properties: {
813
- namedArgs: {
814
- type: "object",
815
- properties: {
816
- data: {
817
- anyOf: [
818
- {
819
- type: "string"
820
- },
821
- {
822
- type: "object",
823
- properties: {
824
- byteLength: {
825
- type: "number"
826
- }
827
- },
828
- required: [
829
- "byteLength"
830
- ]
831
- }
832
- ]
833
- },
834
- alg: {
835
- type: "string"
836
- }
837
- },
838
- required: [
839
- "data",
840
- "alg"
841
- ],
842
- additionalProperties: false
843
- }
844
- }
845
- },
846
- VerificationPolicies: {
847
- type: "object",
848
- properties: {
849
- schemaValidation: {
850
- $ref: "#/components/schemas/SchemaValidation"
851
- },
852
- credentialStatus: {
853
- type: "boolean"
854
- },
855
- expirationDate: {
856
- type: "boolean"
857
- },
858
- issuanceDate: {
859
- type: "boolean"
860
- }
861
- },
862
- required: [
863
- "expirationDate",
864
- "issuanceDate"
865
- ]
866
- },
867
- SchemaValidation: {
868
- type: "string",
869
- enum: [
870
- "ALWAYS",
871
- "NEVER",
872
- "WHEN_PRESENT"
873
- ]
874
- },
875
- VerificationResult: {
876
- type: "object",
877
- properties: {
878
- result: {
879
- type: "boolean"
880
- },
881
- source: {
882
- anyOf: [
883
- {
884
- $ref: "#/components/schemas/WrappedVerifiableCredential"
885
- },
886
- {
887
- $ref: "#/components/schemas/WrappedVerifiablePresentation"
888
- }
889
- ]
890
- },
891
- subResults: {
892
- type: "array",
893
- items: {
894
- $ref: "#/components/schemas/VerificationSubResult"
895
- }
896
- },
897
- error: {
898
- type: "string"
899
- },
900
- errorDetails: {
901
- type: "string"
902
- }
903
- },
904
- required: [
905
- "result",
906
- "source",
907
- "subResults"
908
- ]
909
- },
910
- WrappedVerifiableCredential: {
911
- anyOf: [
912
- {
913
- $ref: "#/components/schemas/WrappedW3CVerifiableCredential"
914
- },
915
- {
916
- $ref: "#/components/schemas/WrappedSdJwtVerifiableCredential"
917
- },
918
- {
919
- $ref: "#/components/schemas/WrappedMdocCredential"
920
- }
921
- ]
922
- },
923
- WrappedW3CVerifiableCredential: {
924
- type: "object",
925
- properties: {
926
- original: {
927
- anyOf: [
928
- {
929
- $ref: "#/components/schemas/W3CVerifiableCredential"
930
- },
931
- {
932
- $ref: "#/components/schemas/JwtDecodedVerifiableCredential"
933
- }
934
- ],
935
- description: "Original VC that we've received"
936
- },
937
- decoded: {
938
- anyOf: [
939
- {
940
- $ref: "#/components/schemas/JwtDecodedVerifiableCredential"
941
- },
942
- {
943
- $ref: "#/components/schemas/IVerifiableCredential"
944
- }
945
- ],
946
- description: "In case of JWT credential it will be the decoded version. In other cases it will be the same as original one"
947
- },
948
- type: {
949
- anyOf: [
950
- {
951
- type: "string",
952
- const: "json-ld"
953
- },
954
- {
955
- type: "string",
956
- const: "jwt-encoded"
957
- },
958
- {
959
- type: "string",
960
- const: "jwt-decoded"
961
- }
962
- ],
963
- description: "Type of this credential. Supported types are json-ld, jwt (decoded/encoded)"
964
- },
965
- format: {
966
- type: "string",
967
- enum: [
968
- "jwt_vc",
969
- "ldp_vc",
970
- "ldp",
971
- "jwt"
972
- ],
973
- description: "The claim format, typically used during exchange transport protocols"
974
- },
975
- credential: {
976
- $ref: "#/components/schemas/IVerifiableCredential",
977
- description: "Internal stable representation of a Credential"
978
- }
979
- },
980
- required: [
981
- "original",
982
- "decoded",
983
- "type",
984
- "format",
985
- "credential"
986
- ]
987
- },
988
- WrappedSdJwtVerifiableCredential: {
989
- type: "object",
990
- properties: {
991
- original: {
992
- anyOf: [
993
- {
994
- $ref: "#/components/schemas/SdJwtDecodedVerifiableCredential"
995
- },
996
- {
997
- $ref: "#/components/schemas/CompactSdJwtVc"
998
- }
999
- ],
1000
- description: "Original VC that we've received. Can be either the encoded or decoded variant."
1001
- },
1002
- decoded: {
1003
- $ref: "#/components/schemas/SdJwtDecodedVerifiableCredentialPayload",
1004
- description: "Decoded version of the SD-JWT payload. This is the decoded payload, rather than the whole SD-JWT as the `decoded` property is used in e.g. PEX to check for path filters from fields. The full decoded credential can be found in the `credential` field."
1005
- },
1006
- type: {
1007
- anyOf: [
1008
- {
1009
- type: "string",
1010
- const: "sd-jwt-vc-decoded"
1011
- },
1012
- {
1013
- type: "string",
1014
- const: "sd-jwt-vc-encoded"
1015
- }
1016
- ],
1017
- description: "Type of this credential."
1018
- },
1019
- format: {
1020
- type: "string",
1021
- const: "vc+sd-jwt",
1022
- description: "The claim format, typically used during exchange transport protocols"
1023
- },
1024
- credential: {
1025
- $ref: "#/components/schemas/SdJwtDecodedVerifiableCredential",
1026
- description: "Internal stable representation of a Credential"
1027
- }
1028
- },
1029
- required: [
1030
- "original",
1031
- "decoded",
1032
- "type",
1033
- "format",
1034
- "credential"
1035
- ]
1036
- },
1037
- CompactSdJwtVc: {
1038
- type: "string",
1039
- description: "Represents a selective disclosure JWT vc in compact form."
1040
- },
1041
- WrappedMdocCredential: {
1042
- type: "object",
1043
- properties: {
1044
- original: {
1045
- anyOf: [
1046
- {
1047
- $ref: "#/components/schemas/MdocDocument"
1048
- },
1049
- {
1050
- $ref: "#/components/schemas/MdocOid4vpIssuerSigned"
1051
- }
1052
- ],
1053
- description: "Original IssuerSigned to Mdoc that we've received. Can be either the encoded or decoded variant."
1054
- },
1055
- decoded: {
1056
- $ref: "#/components/schemas/MdocDecodedPayload",
1057
- description: "Record where keys are the namespaces and the values are objects again with the namespace values"
1058
- },
1059
- type: {
1060
- anyOf: [
1061
- {
1062
- type: "string",
1063
- const: "mso_mdoc-decoded"
1064
- },
1065
- {
1066
- type: "string",
1067
- const: "mso_mdoc-encoded"
1068
- }
1069
- ],
1070
- description: "Type of this credential."
1071
- },
1072
- format: {
1073
- type: "string",
1074
- const: "mso_mdoc",
1075
- description: "The claim format, typically used during exchange transport protocols"
1076
- },
1077
- credential: {
1078
- $ref: "#/components/schemas/MdocDocument",
1079
- description: "Internal stable representation of a Credential"
1080
- }
1081
- },
1082
- required: [
1083
- "original",
1084
- "decoded",
1085
- "type",
1086
- "format",
1087
- "credential"
1088
- ]
1089
- },
1090
- MdocDecodedPayload: {
1091
- type: "object",
1092
- additionalProperties: {
1093
- type: "object",
1094
- additionalProperties: {
1095
- type: [
1096
- "string",
1097
- "number",
1098
- "boolean"
1099
- ]
1100
- }
1101
- },
1102
- description: "Record where keys are the namespaces and the values are objects again with the namespace values"
1103
- },
1104
- WrappedVerifiablePresentation: {
1105
- anyOf: [
1106
- {
1107
- $ref: "#/components/schemas/WrappedW3CVerifiablePresentation"
1108
- },
1109
- {
1110
- $ref: "#/components/schemas/WrappedSdJwtVerifiablePresentation"
1111
- },
1112
- {
1113
- $ref: "#/components/schemas/WrappedMdocPresentation"
1114
- }
1115
- ]
1116
- },
1117
- WrappedW3CVerifiablePresentation: {
1118
- type: "object",
1119
- properties: {
1120
- original: {
1121
- anyOf: [
1122
- {
1123
- $ref: "#/components/schemas/W3CVerifiablePresentation"
1124
- },
1125
- {
1126
- $ref: "#/components/schemas/JwtDecodedVerifiablePresentation"
1127
- }
1128
- ],
1129
- description: "Original VP that we've received"
1130
- },
1131
- decoded: {
1132
- anyOf: [
1133
- {
1134
- $ref: "#/components/schemas/JwtDecodedVerifiablePresentation"
1135
- },
1136
- {
1137
- $ref: "#/components/schemas/IVerifiablePresentation"
1138
- }
1139
- ],
1140
- description: "In case of JWT VP it will be the decoded version. In other cases it will be the same as original one"
1141
- },
1142
- type: {
1143
- anyOf: [
1144
- {
1145
- type: "string",
1146
- const: "json-ld"
1147
- },
1148
- {
1149
- type: "string",
1150
- const: "jwt-encoded"
1151
- },
1152
- {
1153
- type: "string",
1154
- const: "jwt-decoded"
1155
- }
1156
- ],
1157
- description: "Type of this Presentation. Supported types are json-ld and jwt (decoded/encoded) and sd-jwt-vc (decoded/encoded)"
1158
- },
1159
- format: {
1160
- type: "string",
1161
- enum: [
1162
- "jwt_vp",
1163
- "ldp_vp"
1164
- ],
1165
- description: "The claim format, typically used during exchange transport protocols"
1166
- },
1167
- presentation: {
1168
- $ref: "#/components/schemas/UniformVerifiablePresentation",
1169
- description: "Internal stable representation of a Presentation without proofs, created based on https://www.w3.org/TR/vc-data-model/#jwt-decoding"
1170
- },
1171
- vcs: {
1172
- type: "array",
1173
- items: {
1174
- $ref: "#/components/schemas/WrappedW3CVerifiableCredential"
1175
- },
1176
- description: "Wrapped Verifiable Credentials belonging to the Presentation"
1177
- }
1178
- },
1179
- required: [
1180
- "original",
1181
- "decoded",
1182
- "type",
1183
- "format",
1184
- "presentation",
1185
- "vcs"
1186
- ]
1187
- },
1188
- W3CVerifiablePresentation: {
1189
- anyOf: [
1190
- {
1191
- $ref: "#/components/schemas/IVerifiablePresentation"
1192
- },
1193
- {
1194
- $ref: "#/components/schemas/CompactJWT"
1195
- }
1196
- ],
1197
- description: "Represents a signed Verifiable Presentation (includes proof), in either JSON or compact JWT format. See {@link https://www.w3.org/TR/vc-data-model/#presentations | VC data model } See {@link https://www.w3.org/TR/vc-data-model/#proof-formats | proof formats }"
1198
- },
1199
- IVerifiablePresentation: {
1200
- type: "object",
1201
- properties: {
1202
- proof: {
1203
- anyOf: [
1204
- {
1205
- $ref: "#/components/schemas/IProof"
1206
- },
1207
- {
1208
- type: "array",
1209
- items: {
1210
- $ref: "#/components/schemas/IProof"
1211
- }
1212
- }
1213
- ]
1214
- },
1215
- id: {
1216
- type: "string"
1217
- },
1218
- "@context": {
1219
- anyOf: [
1220
- {
1221
- $ref: "#/components/schemas/ICredentialContextType"
1222
- },
1223
- {
1224
- type: "array",
1225
- items: {
1226
- $ref: "#/components/schemas/ICredentialContextType"
1227
- }
1228
- }
1229
- ]
1230
- },
1231
- type: {
1232
- anyOf: [
1233
- {
1234
- type: "string"
1235
- },
1236
- {
1237
- type: "array",
1238
- items: {
1239
- type: "string"
1240
- }
1241
- }
1242
- ]
1243
- },
1244
- verifiableCredential: {
1245
- type: "array",
1246
- items: {
1247
- $ref: "#/components/schemas/W3CVerifiableCredential"
1248
- }
1249
- },
1250
- presentation_submission: {
1251
- $ref: "#/components/schemas/PresentationSubmission"
1252
- },
1253
- holder: {
1254
- type: "string"
1255
- },
1256
- verifier: {
1257
- type: "string"
1258
- }
1259
- },
1260
- required: [
1261
- "@context",
1262
- "proof"
1263
- ]
1264
- },
1265
- PresentationSubmission: {
1266
- type: "object",
1267
- properties: {
1268
- id: {
1269
- type: "string",
1270
- description: "A UUID or some other unique ID to identify this Presentation Submission"
1271
- },
1272
- definition_id: {
1273
- type: "string",
1274
- description: "A UUID or some other unique ID to identify this Presentation Definition"
1275
- },
1276
- descriptor_map: {
1277
- type: "array",
1278
- items: {
1279
- $ref: "#/components/schemas/Descriptor"
1280
- },
1281
- description: "List of descriptors of how the claims are being mapped to presentation definition"
1282
- }
1283
- },
1284
- required: [
1285
- "id",
1286
- "definition_id",
1287
- "descriptor_map"
1288
- ],
1289
- description: "It expresses how the inputs are presented as proofs to a Verifier."
1290
- },
1291
- Descriptor: {
1292
- type: "object",
1293
- properties: {
1294
- id: {
1295
- type: "string",
1296
- description: "ID to identify the descriptor from Presentation Definition Input Descriptor it coresponds to."
1297
- },
1298
- path: {
1299
- type: "string",
1300
- description: "The path where the verifiable credential is located in the presentation submission json"
1301
- },
1302
- path_nested: {
1303
- $ref: "#/components/schemas/Descriptor"
1304
- },
1305
- format: {
1306
- type: "string",
1307
- description: "The Proof or JWT algorith that the proof is in"
1308
- }
1309
- },
1310
- required: [
1311
- "id",
1312
- "path",
1313
- "format"
1314
- ],
1315
- description: "descriptor map laying out the structure of the presentation submission."
1316
- },
1317
- JwtDecodedVerifiablePresentation: {
1318
- type: "object",
1319
- properties: {
1320
- vp: {
1321
- $ref: "#/components/schemas/IVerifiablePresentation"
1322
- },
1323
- exp: {
1324
- type: "string"
1325
- },
1326
- iss: {
1327
- type: "string"
1328
- },
1329
- nbf: {
1330
- type: "string"
1331
- },
1332
- sub: {
1333
- type: "string"
1334
- },
1335
- jti: {
1336
- type: "string"
1337
- },
1338
- aud: {
1339
- type: "string"
1340
- },
1341
- iat: {
1342
- type: "string"
1343
- }
1344
- },
1345
- required: [
1346
- "vp",
1347
- "exp",
1348
- "iss",
1349
- "nbf",
1350
- "sub",
1351
- "jti",
1352
- "aud",
1353
- "iat"
1354
- ]
1355
- },
1356
- UniformVerifiablePresentation: {
1357
- type: "object",
1358
- properties: {
1359
- "@context": {
1360
- anyOf: [
1361
- {
1362
- $ref: "#/components/schemas/ICredentialContextType"
1363
- },
1364
- {
1365
- type: "array",
1366
- items: {
1367
- $ref: "#/components/schemas/ICredentialContextType"
1368
- }
1369
- }
1370
- ]
1371
- },
1372
- type: {
1373
- anyOf: [
1374
- {
1375
- type: "string"
1376
- },
1377
- {
1378
- type: "array",
1379
- items: {
1380
- type: "string"
1381
- }
1382
- }
1383
- ]
1384
- },
1385
- verifiableCredential: {
1386
- type: "array",
1387
- items: {
1388
- $ref: "#/components/schemas/WrappedW3CVerifiableCredential"
1389
- }
1390
- },
1391
- presentation_submission: {
1392
- $ref: "#/components/schemas/PresentationSubmission"
1393
- },
1394
- holder: {
1395
- type: "string"
1396
- }
1397
- },
1398
- required: [
1399
- "@context",
1400
- "type",
1401
- "verifiableCredential"
1402
- ]
1403
- },
1404
- WrappedSdJwtVerifiablePresentation: {
1405
- type: "object",
1406
- properties: {
1407
- original: {
1408
- anyOf: [
1409
- {
1410
- $ref: "#/components/schemas/SdJwtDecodedVerifiableCredential"
1411
- },
1412
- {
1413
- $ref: "#/components/schemas/CompactSdJwtVc"
1414
- }
1415
- ],
1416
- description: "Original VP that we've received. Can be either the encoded or decoded variant."
1417
- },
1418
- decoded: {
1419
- $ref: "#/components/schemas/SdJwtDecodedVerifiableCredentialPayload",
1420
- description: "Decoded version of the SD-JWT payload. This is the decoded payload, rather than the whole SD-JWT."
1421
- },
1422
- type: {
1423
- anyOf: [
1424
- {
1425
- type: "string",
1426
- const: "sd-jwt-vc-decoded"
1427
- },
1428
- {
1429
- type: "string",
1430
- const: "sd-jwt-vc-encoded"
1431
- }
1432
- ],
1433
- description: "Type of this Presentation."
1434
- },
1435
- format: {
1436
- type: "string",
1437
- const: "vc+sd-jwt",
1438
- description: "The claim format, typically used during exchange transport protocols"
1439
- },
1440
- presentation: {
1441
- $ref: "#/components/schemas/SdJwtDecodedVerifiableCredential",
1442
- description: "Internal stable representation of a Presentation"
1443
- },
1444
- vcs: {
1445
- type: "array",
1446
- items: {
1447
- $ref: "#/components/schemas/WrappedSdJwtVerifiableCredential"
1448
- },
1449
- minItems: 1,
1450
- maxItems: 1,
1451
- description: "Wrapped Verifiable Credentials belonging to the Presentation. Will always be an array with a single SdJwtVerifiableCredential entry."
1452
- }
1453
- },
1454
- required: [
1455
- "original",
1456
- "decoded",
1457
- "type",
1458
- "format",
1459
- "presentation",
1460
- "vcs"
1461
- ]
1462
- },
1463
- WrappedMdocPresentation: {
1464
- type: "object",
1465
- properties: {
1466
- original: {
1467
- anyOf: [
1468
- {
1469
- $ref: "#/components/schemas/MdocDeviceResponse"
1470
- },
1471
- {
1472
- $ref: "#/components/schemas/MdocOid4vpMdocVpToken"
1473
- }
1474
- ],
1475
- description: "Original VP that we've received. Can be either the encoded or decoded variant."
1476
- },
1477
- decoded: {
1478
- $ref: "#/components/schemas/MdocDeviceResponse",
1479
- description: "Decoded version of the SD-JWT payload. This is the decoded payload, rather than the whole SD-JWT."
1480
- },
1481
- type: {
1482
- anyOf: [
1483
- {
1484
- type: "string",
1485
- const: "mso_mdoc-encoded"
1486
- },
1487
- {
1488
- type: "string",
1489
- const: "mso_mdoc-decoded"
1490
- }
1491
- ],
1492
- description: "Type of this Presentation."
1493
- },
1494
- format: {
1495
- type: "string",
1496
- const: "mso_mdoc",
1497
- description: "The claim format, typically used during exchange transport protocols"
1498
- },
1499
- presentation: {
1500
- $ref: "#/components/schemas/MdocDeviceResponse",
1501
- description: "Internal stable representation of a Presentation"
1502
- },
1503
- vcs: {
1504
- type: "array",
1505
- items: {
1506
- $ref: "#/components/schemas/WrappedMdocCredential"
1507
- },
1508
- description: "Wrapped Mdocs belonging to the Presentation. There can be multiple documents in a single device response"
1509
- }
1510
- },
1511
- required: [
1512
- "original",
1513
- "decoded",
1514
- "type",
1515
- "format",
1516
- "presentation",
1517
- "vcs"
1518
- ]
1519
- },
1520
- MdocDeviceResponse: {
1521
- $ref: "#/components/schemas/com.sphereon.mdoc.data.device.DeviceResponseCbor"
1522
- },
1523
- "com.sphereon.mdoc.data.device.DeviceResponseCbor": {
1524
- type: "object",
1525
- properties: {}
1526
- },
1527
- MdocOid4vpMdocVpToken: {
1528
- type: "string"
1529
- },
1530
- VerificationSubResult: {
1531
- type: "object",
1532
- properties: {
1533
- result: {
1534
- type: "boolean"
1535
- },
1536
- error: {
1537
- type: "string"
1538
- },
1539
- errorDetails: {
1540
- type: "string"
1541
- }
1542
- },
1543
- required: [
1544
- "result"
1545
- ]
1546
- },
1547
- VerifyMdocCredentialArgs: {
1548
- type: "object",
1549
- properties: {
1550
- credential: {
1551
- type: "string"
1552
- }
1553
- },
1554
- required: [
1555
- "credential"
1556
- ]
1557
- },
1558
- ValidateSchemaArgs: {
1559
- type: "object",
1560
- properties: {
1561
- credential: {
1562
- $ref: "#/components/schemas/OriginalVerifiableCredential"
1563
- },
1564
- validationPolicy: {
1565
- $ref: "#/components/schemas/SchemaValidation"
1566
- },
1567
- hasher: {
1568
- $ref: "#/components/schemas/HasherSync"
1569
- }
1570
- },
1571
- required: [
1572
- "credential"
1573
- ]
1574
- },
1575
- VerifySDJWTCredentialArgs: {
1576
- type: "object",
1577
- properties: {
1578
- credential: {
1579
- type: "string"
1580
- },
1581
- hasher: {
1582
- $ref: "#/components/schemas/HasherSync"
1583
- }
1584
- },
1585
- required: [
1586
- "credential"
1587
- ]
1588
- },
1589
- VerifyW3CCredentialArgs: {
1590
- type: "object"
1591
- }
1592
- },
1593
- methods: {
1594
- cvVerifyCredential: {
1595
- description: "",
1596
- arguments: {
1597
- $ref: "#/components/schemas/VerifyCredentialArgs"
1598
- },
1599
- returnType: {
1600
- $ref: "#/components/schemas/VerificationResult"
1601
- }
1602
- },
1603
- cvVerifyMdoc: {
1604
- description: "",
1605
- arguments: {
1606
- $ref: "#/components/schemas/VerifyMdocCredentialArgs"
1607
- },
1608
- returnType: {
1609
- $ref: "#/components/schemas/VerificationResult"
1610
- }
1611
- },
1612
- cvVerifySchema: {
1613
- description: "",
1614
- arguments: {
1615
- $ref: "#/components/schemas/ValidateSchemaArgs"
1616
- },
1617
- returnType: {
1618
- $ref: "#/components/schemas/VerificationResult"
1619
- }
1620
- },
1621
- cvVerifySDJWTCredential: {
1622
- description: "",
1623
- arguments: {
1624
- $ref: "#/components/schemas/VerifySDJWTCredentialArgs"
1625
- },
1626
- returnType: {
1627
- $ref: "#/components/schemas/VerificationResult"
1628
- }
1629
- },
1630
- cvVerifyW3CCredential: {
1631
- description: "",
1632
- arguments: {
1633
- $ref: "#/components/schemas/VerifyW3CCredentialArgs"
1634
- },
1635
- returnType: {
1636
- $ref: "#/components/schemas/VerificationResult"
1637
- }
1638
- }
1639
- }
1640
- }
1641
- }
1642
- };
1643
- }
1644
- });
1645
-
1646
- // src/index.ts
1647
- var index_exports = {};
1648
- __export(index_exports, {
1649
- CredentialValidation: () => CredentialValidation,
1650
- SchemaValidation: () => SchemaValidation,
1651
- credentialValidationMethods: () => credentialValidationMethods,
1652
- schema: () => schema
1653
- });
1654
- module.exports = __toCommonJS(index_exports);
1655
-
1656
- // src/agent/CredentialValidation.ts
1657
- var import_kmp_mdoc_core = require("@sphereon/kmp-mdoc-core");
1658
- var import_ssi_types = require("@sphereon/ssi-types");
1659
- var import_ajv_formats = __toESM(require("ajv-formats"), 1);
1660
- var import__ = __toESM(require("ajv/dist/2020"), 1);
1661
- var import_cross_fetch = __toESM(require("cross-fetch"), 1);
1662
- var import_ssi_sdk = require("@sphereon/ssi-sdk.core");
1663
- var decodeFrom = import_kmp_mdoc_core.com.sphereon.kmp.decodeFrom;
1664
- var IssuerSignedCbor = import_kmp_mdoc_core.com.sphereon.mdoc.data.device.IssuerSignedCbor;
1665
- var credentialValidationMethods = [
1666
- "cvVerifyCredential",
1667
- "cvVerifySchema",
1668
- "cvVerifyMdoc",
1669
- "cvVerifySDJWTCredential",
1670
- "cvVerifyW3CCredential"
1671
- ];
1672
- var CredentialValidation = class {
1673
- static {
1674
- __name(this, "CredentialValidation");
1675
- }
1676
- schema = schema.ICredentialValidation;
1677
- methods = {
1678
- cvVerifyCredential: this.cvVerifyCredential.bind(this),
1679
- cvVerifySchema: this.cvVerifySchema.bind(this),
1680
- cvVerifyMdoc: this.cvVerifyMdoc.bind(this),
1681
- cvVerifySDJWTCredential: this.cvVerifySDJWTCredential.bind(this),
1682
- cvVerifyW3CCredential: this.cvVerifyW3CCredential.bind(this)
1683
- };
1684
- detectSchemas(wrappedVC) {
1685
- if ("credential" in wrappedVC) {
1686
- const { credential } = wrappedVC;
1687
- if ("credentialSchema" in credential) {
1688
- const { credentialSchema } = credential;
1689
- if (Array.isArray(credentialSchema)) {
1690
- return credentialSchema;
1691
- } else if (credentialSchema) {
1692
- return [
1693
- credentialSchema
1694
- ];
1695
- }
1696
- }
1697
- }
1698
- return void 0;
1699
- }
1700
- async cvVerifyCredential(args, context) {
1701
- const { credential, hasher = import_ssi_sdk.defaultHasher, policies } = args;
1702
- const schemaResult = await this.cvVerifySchema({
1703
- credential,
1704
- validationPolicy: policies?.schemaValidation ?? SchemaValidation.WHEN_PRESENT,
1705
- hasher
1706
- });
1707
- if (!schemaResult.result) {
1708
- return schemaResult;
1709
- }
1710
- if (import_ssi_types.CredentialMapper.isMsoMdocOid4VPEncoded(credential)) {
1711
- return await this.cvVerifyMdoc({
1712
- credential
1713
- }, context);
1714
- } else if (import_ssi_types.CredentialMapper.isSdJwtEncoded(credential)) {
1715
- return await this.cvVerifySDJWTCredential({
1716
- credential,
1717
- hasher
1718
- }, context);
1719
- } else {
1720
- return await this.cvVerifyW3CCredential({
1721
- ...args,
1722
- credential
1723
- }, context);
1724
- }
1725
- }
1726
- async cvVerifySchema(args) {
1727
- const { credential, hasher = import_ssi_sdk.defaultHasher, validationPolicy } = args;
1728
- const wrappedCredential = import_ssi_types.CredentialMapper.toWrappedVerifiableCredential(credential, {
1729
- hasher
1730
- });
1731
- if (validationPolicy === SchemaValidation.NEVER) {
1732
- return {
1733
- result: true,
1734
- source: wrappedCredential,
1735
- subResults: []
1736
- };
1737
- }
1738
- return this.validateSchema(wrappedCredential, validationPolicy);
1739
- }
1740
- async validateSchema(wrappedVC, validationPolicy) {
1741
- const schemas = this.detectSchemas(wrappedVC);
1742
- if (!schemas) {
1743
- if (validationPolicy === SchemaValidation.ALWAYS) {
1744
- console.error(`No schema found for credential, but validation policy is set to ALWAYS. Returning false. Credential: ${JSON.stringify(wrappedVC.credential, null, 2)}`);
1745
- return {
1746
- result: false,
1747
- source: wrappedVC,
1748
- subResults: []
1749
- };
1750
- } else {
1751
- return {
1752
- result: true,
1753
- source: wrappedVC,
1754
- subResults: []
1755
- };
1756
- }
1757
- }
1758
- const subResults = await Promise.all(schemas.map((schema2) => this.verifyCredentialAgainstSchema(wrappedVC, schema2)));
1759
- return {
1760
- result: subResults.every((subResult) => subResult.result),
1761
- source: wrappedVC,
1762
- subResults
1763
- };
1764
- }
1765
- async fetchSchema(uri) {
1766
- const response = await (0, import_cross_fetch.default)(uri);
1767
- if (!response.ok) {
1768
- throw new Error(`Unable to fetch schema from ${uri}`);
1769
- }
1770
- return response.json();
1771
- }
1772
- async verifyCredentialAgainstSchema(wrappedVC, schema2) {
1773
- const schemaUrl = typeof schema2 === "string" ? schema2 : schema2.id;
1774
- let schemaValue;
1775
- try {
1776
- schemaValue = await this.fetchSchema(schemaUrl);
1777
- } catch (error) {
1778
- console.error(error);
1779
- return {
1780
- result: false,
1781
- error
1782
- };
1783
- }
1784
- const ajv = new import__.default({
1785
- loadSchema: this.fetchSchema
1786
- });
1787
- (0, import_ajv_formats.default)(ajv);
1788
- const validate = await ajv.compileAsync(schemaValue);
1789
- const valid = validate(wrappedVC.credential);
1790
- if (!valid) {
1791
- console.error(`Schema validation failed for `, wrappedVC.credential);
1792
- }
1793
- return {
1794
- result: valid
1795
- };
1796
- }
1797
- async cvVerifyMdoc(args, context) {
1798
- const { credential } = args;
1799
- const issuerSigned = IssuerSignedCbor.Static.cborDecode(decodeFrom(credential, import_kmp_mdoc_core.com.sphereon.kmp.Encoding.BASE64URL));
1800
- const verification = await context.agent.mdocVerifyIssuerSigned({
1801
- input: issuerSigned.toJson().issuerAuth
1802
- }).catch((error) => {
1803
- console.error(error);
1804
- return {
1805
- name: "mdoc",
1806
- critical: true,
1807
- error: true,
1808
- message: error.message ?? "Mdoc Issuer Signed VC could not be verified"
1809
- };
1810
- });
1811
- return {
1812
- source: import_ssi_types.CredentialMapper.toWrappedVerifiableCredential(credential, {
1813
- hasher: import_ssi_sdk.defaultHasher
1814
- }),
1815
- result: !verification.error,
1816
- subResults: [],
1817
- ...verification.error && {
1818
- error: verification.message ?? `Could not verify mdoc from issuer`
1819
- }
1820
- };
1821
- }
1822
- async cvVerifyW3CCredential(args, context) {
1823
- const { credential, policies } = args;
1824
- const result = await context.agent.verifyCredential(args);
1825
- if (typeof result === "boolean") {
1826
- return {
1827
- // FIXME the source is never used, need to start using this as the source of truth
1828
- source: import_ssi_types.CredentialMapper.toWrappedVerifiableCredential(args.credential, {
1829
- hasher: import_ssi_sdk.defaultHasher
1830
- }),
1831
- result,
1832
- ...!result && {
1833
- error: "Invalid JWT VC",
1834
- errorDetails: `JWT VC was not valid with policies: ${JSON.stringify(policies)}`
1835
- },
1836
- subResults: []
1837
- };
1838
- } else {
1839
- let error;
1840
- let errorDetails;
1841
- const subResults = [];
1842
- if (result.error) {
1843
- error = result.error?.message ?? "";
1844
- errorDetails = result.error?.details?.code ?? "";
1845
- errorDetails = (errorDetails !== "" ? `${errorDetails}, ` : "") + (result.error?.details?.url ?? "");
1846
- if (result.error?.errors) {
1847
- error = (error !== "" ? `${error}, ` : "") + result.error?.errors?.map((error2) => error2.message ?? error2.name).join(", ");
1848
- errorDetails = (errorDetails !== "" ? `${errorDetails}, ` : "") + result.error?.errors?.map((error2) => (error2?.details?.code ? `${error2.details.code}, ` : "") + (error2?.details?.url ?? "")).join(", ");
1849
- }
1850
- console.error(error);
1851
- }
1852
- return {
1853
- source: import_ssi_types.CredentialMapper.toWrappedVerifiableCredential(credential, {
1854
- hasher: import_ssi_sdk.defaultHasher
1855
- }),
1856
- result: result.verified,
1857
- subResults,
1858
- error,
1859
- errorDetails
1860
- };
1861
- }
1862
- }
1863
- async cvVerifySDJWTCredential(args, context) {
1864
- const { credential, hasher = import_ssi_sdk.defaultHasher } = args;
1865
- const verification = await context.agent.verifySdJwtVc({
1866
- credential
1867
- }).catch((error) => {
1868
- console.error(error);
1869
- return {
1870
- error: "Invalid SD-JWT VC",
1871
- errorDetails: error.message ?? "SD-JWT VC could not be verified"
1872
- };
1873
- });
1874
- const result = "header" in verification && "payload" in verification;
1875
- return {
1876
- source: import_ssi_types.CredentialMapper.toWrappedVerifiableCredential(credential, {
1877
- hasher: hasher ?? import_ssi_sdk.defaultHasher
1878
- }),
1879
- result,
1880
- subResults: [],
1881
- ...!result && {
1882
- ...verification
1883
- }
1884
- };
1885
- }
1886
- };
1887
-
1888
- // src/types/ICredentialValidation.ts
1889
- var SchemaValidation = /* @__PURE__ */ function(SchemaValidation2) {
1890
- SchemaValidation2["ALWAYS"] = "ALWAYS";
1891
- SchemaValidation2["NEVER"] = "NEVER";
1892
- SchemaValidation2["WHEN_PRESENT"] = "WHEN_PRESENT";
1893
- return SchemaValidation2;
1894
- }({});
1895
-
1896
- // src/index.ts
1897
- var schema = require_plugin_schema();
1898
- //# sourceMappingURL=index.cjs.map