@sphereon/ssi-sdk.credential-vcdm 0.33.1-feature.jose.vcdm.55

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (17) hide show
  1. package/LICENSE +201 -0
  2. package/README.md +6 -0
  3. package/dist/index.cjs +406 -0
  4. package/dist/index.cjs.map +1 -0
  5. package/dist/index.d.cts +547 -0
  6. package/dist/index.d.ts +547 -0
  7. package/dist/index.js +375 -0
  8. package/dist/index.js.map +1 -0
  9. package/package.json +93 -0
  10. package/src/__tests__/action-handler.test.ts +130 -0
  11. package/src/__tests__/issue-verify-flow-w3c.test.ts +250 -0
  12. package/src/__tests__/message-handler.test.ts +281 -0
  13. package/src/action-handler.ts +209 -0
  14. package/src/functions.ts +96 -0
  15. package/src/index.ts +25 -0
  16. package/src/message-handler.ts +167 -0
  17. package/src/types.ts +546 -0
package/dist/index.js ADDED
@@ -0,0 +1,375 @@
1
+ var __defProp = Object.defineProperty;
2
+ var __name = (target, value) => __defProp(target, "name", { value, configurable: true });
3
+
4
+ // src/message-handler.ts
5
+ import { AbstractMessageHandler } from "@veramo/message-handler";
6
+ import { asArray, computeEntryHash, decodeCredentialToObject, extractIssuer } from "@veramo/utils";
7
+ import { normalizeCredential, normalizePresentation, validateJwtCredentialPayload, validateJwtPresentationPayload } from "did-jwt-vc";
8
+ import { v4 as uuidv4 } from "uuid";
9
+ import Debug from "debug";
10
+ var debug = Debug("sphereon:vcdm:message-handler");
11
+ var MessageTypes = {
12
+ /** Represents a Verifiable Credential */
13
+ vc: "w3c.vc",
14
+ /** Represents a Verifiable Presentation */
15
+ vp: "w3c.vp"
16
+ };
17
+ var W3cMessageHandler = class extends AbstractMessageHandler {
18
+ static {
19
+ __name(this, "W3cMessageHandler");
20
+ }
21
+ async handle(message, context) {
22
+ const meta = message.getLastMetaData();
23
+ if (meta?.type === "JWT" && message.raw) {
24
+ const { data } = message;
25
+ try {
26
+ validateJwtPresentationPayload(data);
27
+ debug("JWT is", MessageTypes.vp);
28
+ const presentation = normalizePresentation(message.raw);
29
+ const credentials = presentation.verifiableCredential;
30
+ message.id = computeEntryHash(message.raw);
31
+ message.type = MessageTypes.vp;
32
+ message.from = presentation.holder;
33
+ message.to = presentation.verifier?.[0];
34
+ if (presentation.tag) {
35
+ message.threadId = presentation.tag;
36
+ }
37
+ message.createdAt = presentation.issuanceDate;
38
+ message.presentations = [
39
+ presentation
40
+ ];
41
+ message.credentials = credentials;
42
+ return message;
43
+ } catch (e) {
44
+ }
45
+ try {
46
+ validateJwtCredentialPayload(data);
47
+ debug("JWT is", MessageTypes.vc);
48
+ const credential = normalizeCredential(message.raw);
49
+ message.id = computeEntryHash(message.raw);
50
+ message.type = MessageTypes.vc;
51
+ message.from = credential.issuer.id;
52
+ message.to = credential.credentialSubject.id;
53
+ if (credential.tag) {
54
+ message.threadId = credential.tag;
55
+ }
56
+ message.createdAt = credential.issuanceDate;
57
+ message.credentials = [
58
+ credential
59
+ ];
60
+ return message;
61
+ } catch (e) {
62
+ }
63
+ }
64
+ if (message.type === MessageTypes.vc && message.data) {
65
+ const credential = message.data;
66
+ const result = await context.agent.verifyCredential({
67
+ credential
68
+ });
69
+ if (result.verified) {
70
+ message.id = computeEntryHash(message.raw || message.id || uuidv4());
71
+ message.type = MessageTypes.vc;
72
+ message.from = extractIssuer(credential);
73
+ message.to = credential.credentialSubject.id;
74
+ if (credential.tag) {
75
+ message.threadId = credential.tag;
76
+ }
77
+ message.createdAt = credential.issuanceDate;
78
+ message.credentials = [
79
+ credential
80
+ ];
81
+ return message;
82
+ } else {
83
+ throw new Error(result.error?.message);
84
+ }
85
+ }
86
+ if (message.type === MessageTypes.vp && message.data) {
87
+ const presentation = message.data;
88
+ const result = await context.agent.verifyPresentation({
89
+ presentation,
90
+ // FIXME: HARDCODED CHALLENGE VERIFICATION FOR NOW
91
+ challenge: "VERAMO",
92
+ domain: "VERAMO"
93
+ });
94
+ if (result.verified) {
95
+ message.id = computeEntryHash(message.raw || message.id || uuidv4());
96
+ message.type = MessageTypes.vp;
97
+ message.from = presentation.holder;
98
+ if (presentation.tag) {
99
+ message.threadId = presentation.tag;
100
+ }
101
+ message.presentations = [
102
+ presentation
103
+ ];
104
+ message.credentials = asArray(presentation.verifiableCredential).map(decodeCredentialToObject);
105
+ return message;
106
+ } else {
107
+ throw new Error(result.error?.message);
108
+ }
109
+ }
110
+ return super.handle(message, context);
111
+ }
112
+ };
113
+
114
+ // src/action-handler.ts
115
+ import { schema } from "@veramo/core";
116
+ import { isDefined as isDefined2, MANDATORY_CREDENTIAL_CONTEXT, processEntryToArray } from "@veramo/utils";
117
+ import Debug2 from "debug";
118
+
119
+ // src/functions.ts
120
+ import { isDefined } from "@veramo/utils";
121
+ import { decodeJWT } from "did-jwt";
122
+ function extractIssuer2(input, options = {}) {
123
+ if (!isDefined(input)) {
124
+ return "";
125
+ } else if (typeof input === "string") {
126
+ try {
127
+ const { payload } = decodeJWT(input.split(`~`)[0]);
128
+ const iss = payload.iss ?? "";
129
+ return !!options.removeParameters ? removeDIDParameters(iss) : iss;
130
+ } catch (e) {
131
+ return "";
132
+ }
133
+ } else {
134
+ let iss;
135
+ if (input.issuer) {
136
+ iss = input.issuer;
137
+ } else if (input.holder) {
138
+ iss = input.holder;
139
+ } else {
140
+ iss = "";
141
+ }
142
+ if (typeof iss !== "string") iss = iss.id ?? "";
143
+ return !!options.removeParameters ? removeDIDParameters(iss) : iss;
144
+ }
145
+ }
146
+ __name(extractIssuer2, "extractIssuer");
147
+ function removeDIDParameters(did) {
148
+ return did.replace(/\?.*$/, "");
149
+ }
150
+ __name(removeDIDParameters, "removeDIDParameters");
151
+ function pickSigningKey(identifier, keyRef) {
152
+ let key;
153
+ if (!keyRef) {
154
+ key = identifier.keys.find((k) => k.type === "Secp256k1" || k.type === "Ed25519" || k.type === "Secp256r1");
155
+ if (!key) throw Error("key_not_found: No signing key for " + identifier.did);
156
+ } else {
157
+ key = identifier.keys.find((k) => k.kid === keyRef);
158
+ if (!key) throw Error("key_not_found: No signing key for " + identifier.did + " with kid " + keyRef);
159
+ }
160
+ return key;
161
+ }
162
+ __name(pickSigningKey, "pickSigningKey");
163
+ async function isRevoked(credential, context) {
164
+ if (!credential.credentialStatus) return false;
165
+ if (typeof context.agent.checkCredentialStatus === "function") {
166
+ const status = await context.agent.checkCredentialStatus({
167
+ credential
168
+ });
169
+ return status?.revoked == true || status?.verified === false;
170
+ }
171
+ throw new Error(`invalid_setup: The credential status can't be verified because there is no ICredentialStatusVerifier plugin installed.`);
172
+ }
173
+ __name(isRevoked, "isRevoked");
174
+
175
+ // src/action-handler.ts
176
+ var debug2 = Debug2("sphereon:ssi-sdk:vcdm");
177
+ var VcdmCredentialPlugin = class {
178
+ static {
179
+ __name(this, "VcdmCredentialPlugin");
180
+ }
181
+ methods;
182
+ schema = {
183
+ components: {
184
+ schemas: {
185
+ ...schema.ICredentialIssuer.components.schemas,
186
+ ...schema.ICredentialVerifier.components.schemas
187
+ },
188
+ methods: {
189
+ ...schema.ICredentialIssuer.components.methods,
190
+ ...schema.ICredentialVerifier.components.methods
191
+ }
192
+ }
193
+ };
194
+ issuers;
195
+ constructor(options) {
196
+ this.issuers = options.issuers;
197
+ this.methods = {
198
+ listUsableProofFormats: this.listUsableProofFormats.bind(this),
199
+ createVerifiableCredential: this.createVerifiableCredential.bind(this),
200
+ verifyCredential: this.verifyCredential.bind(this),
201
+ createVerifiablePresentation: this.createVerifiablePresentation.bind(this),
202
+ verifyPresentation: this.verifyPresentation.bind(this)
203
+ };
204
+ }
205
+ async listUsableProofFormats(did, context) {
206
+ const signingOptions = [];
207
+ const keys = did.keys;
208
+ for (const key of keys) {
209
+ for (const issuer of this.issuers) {
210
+ if (issuer.matchKeyForType(key)) {
211
+ signingOptions.push(issuer.getTypeProofFormat());
212
+ }
213
+ }
214
+ }
215
+ return signingOptions;
216
+ }
217
+ /** {@inheritdoc @veramo/core#ICredentialIssuer.createVerifiableCredential} */
218
+ async createVerifiableCredential(args, context) {
219
+ let {
220
+ credential,
221
+ proofFormat,
222
+ /* keyRef, removeOriginalFields,*/
223
+ now
224
+ /*, ...otherOptions */
225
+ } = args;
226
+ const credentialContext = processEntryToArray(credential["@context"], MANDATORY_CREDENTIAL_CONTEXT);
227
+ const credentialType = processEntryToArray(credential.type, "VerifiableCredential");
228
+ now = typeof now === "number" ? new Date(now * 1e3) : now;
229
+ if (!Object.getOwnPropertyNames(credential).includes("issuanceDate")) {
230
+ credential.issuanceDate = (now instanceof Date ? now : /* @__PURE__ */ new Date()).toISOString();
231
+ }
232
+ credential = {
233
+ ...credential,
234
+ "@context": credentialContext,
235
+ type: credentialType
236
+ };
237
+ const issuer = extractIssuer2(credential, {
238
+ removeParameters: true
239
+ });
240
+ if (!issuer || typeof issuer === "undefined") {
241
+ throw new Error("invalid_argument: credential.issuer must not be empty");
242
+ }
243
+ try {
244
+ await context.agent.didManagerGet({
245
+ did: issuer
246
+ });
247
+ } catch (e) {
248
+ throw new Error(`invalid_argument: credential.issuer must be a DID managed by this agent. ${e}`);
249
+ }
250
+ try {
251
+ async function findAndIssueCredential(issuers) {
252
+ for (const issuer2 of issuers) {
253
+ if (issuer2.canIssueCredentialType({
254
+ proofFormat
255
+ })) {
256
+ return await issuer2.createVerifiableCredential(args, context);
257
+ }
258
+ }
259
+ throw new Error("invalid_setup: No issuer found for the requested proof format");
260
+ }
261
+ __name(findAndIssueCredential, "findAndIssueCredential");
262
+ const verifiableCredential = await findAndIssueCredential(this.issuers);
263
+ return verifiableCredential;
264
+ } catch (error) {
265
+ debug2(error);
266
+ return Promise.reject(error);
267
+ }
268
+ }
269
+ /** {@inheritdoc @veramo/core#ICredentialVerifier.verifyCredential} */
270
+ async verifyCredential(args, context) {
271
+ let {
272
+ credential,
273
+ policies
274
+ /*, ...otherOptions*/
275
+ } = args;
276
+ let verifiedCredential;
277
+ let verificationResult = {
278
+ verified: false
279
+ };
280
+ async function findAndVerifyCredential(issuers) {
281
+ for (const issuer of issuers) {
282
+ if (issuer.canVerifyDocumentType({
283
+ document: credential
284
+ })) {
285
+ return issuer.verifyCredential(args, context);
286
+ }
287
+ }
288
+ return Promise.reject(Error("invalid_setup: No issuer found for the provided credential"));
289
+ }
290
+ __name(findAndVerifyCredential, "findAndVerifyCredential");
291
+ verificationResult = await findAndVerifyCredential(this.issuers);
292
+ verifiedCredential = credential;
293
+ if (policies?.credentialStatus !== false && await isRevoked(verifiedCredential, context)) {
294
+ verificationResult = {
295
+ verified: false,
296
+ error: {
297
+ message: "revoked: The credential was revoked by the issuer",
298
+ errorCode: "revoked"
299
+ }
300
+ };
301
+ }
302
+ return verificationResult;
303
+ }
304
+ /** {@inheritdoc @veramo/core#ICredentialIssuer.createVerifiablePresentation} */
305
+ async createVerifiablePresentation(args, context) {
306
+ let { presentation, proofFormat } = args;
307
+ const presentationContext = processEntryToArray(args?.presentation?.["@context"], MANDATORY_CREDENTIAL_CONTEXT);
308
+ const presentationType = processEntryToArray(args?.presentation?.type, "VerifiablePresentation");
309
+ presentation = {
310
+ ...presentation,
311
+ "@context": presentationContext,
312
+ type: presentationType
313
+ };
314
+ if (!isDefined2(presentation.holder)) {
315
+ throw new Error("invalid_argument: presentation.holder must not be empty");
316
+ }
317
+ if (presentation.verifiableCredential) {
318
+ presentation.verifiableCredential = presentation.verifiableCredential.map((cred) => {
319
+ if (typeof cred !== "string" && cred.proof.jwt) {
320
+ return cred.proof.jwt;
321
+ } else {
322
+ return cred;
323
+ }
324
+ });
325
+ }
326
+ let verifiablePresentation;
327
+ async function findAndCreatePresentation(issuers) {
328
+ for (const issuer of issuers) {
329
+ if (issuer.canIssueCredentialType({
330
+ proofFormat
331
+ })) {
332
+ return await issuer.createVerifiablePresentation(args, context);
333
+ }
334
+ }
335
+ throw new Error("invalid_setup: No issuer found for the requested proof format");
336
+ }
337
+ __name(findAndCreatePresentation, "findAndCreatePresentation");
338
+ verifiablePresentation = await findAndCreatePresentation(this.issuers);
339
+ return verifiablePresentation;
340
+ }
341
+ /** {@inheritdoc @veramo/core#ICredentialVerifier.verifyPresentation} */
342
+ async verifyPresentation(args, context) {
343
+ let {
344
+ presentation
345
+ /*domain, challenge, fetchRemoteContexts, policies, ...otherOptions*/
346
+ } = args;
347
+ async function findAndVerifyPresentation(issuers) {
348
+ for (const issuer of issuers) {
349
+ if (issuer.canVerifyDocumentType({
350
+ document: presentation
351
+ })) {
352
+ return issuer.verifyPresentation(args, context);
353
+ }
354
+ }
355
+ throw new Error("invalid_setup: No verifier found for the provided presentation");
356
+ }
357
+ __name(findAndVerifyPresentation, "findAndVerifyPresentation");
358
+ const result = await findAndVerifyPresentation(this.issuers);
359
+ return result;
360
+ }
361
+ };
362
+
363
+ // src/index.ts
364
+ var CredentialIssuer = VcdmCredentialPlugin;
365
+ export {
366
+ CredentialIssuer,
367
+ MessageTypes,
368
+ VcdmCredentialPlugin,
369
+ W3cMessageHandler,
370
+ extractIssuer2 as extractIssuer,
371
+ isRevoked,
372
+ pickSigningKey,
373
+ removeDIDParameters
374
+ };
375
+ //# sourceMappingURL=index.js.map
package/dist/index.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/message-handler.ts","../src/action-handler.ts","../src/functions.ts","../src/index.ts"],"sourcesContent":["import type {\n IAgentContext,\n ICredentialVerifier,\n IResolver,\n VerifiableCredential,\n VerifiablePresentation,\n} from '@veramo/core'\nimport { AbstractMessageHandler, Message } from '@veramo/message-handler'\nimport { asArray, computeEntryHash, decodeCredentialToObject, extractIssuer } from '@veramo/utils'\n\nimport {\n normalizeCredential,\n normalizePresentation,\n validateJwtCredentialPayload,\n validateJwtPresentationPayload,\n}// @ts-ignore\nfrom 'did-jwt-vc'\n\nimport { v4 as uuidv4 } from 'uuid'\nimport Debug from 'debug'\n\nconst debug = Debug('sphereon:vcdm:message-handler')\n\n/**\n * These types are used by `@veramo/data-store` when storing Verifiable Credentials and Presentations\n *\n * @internal\n */\nexport const MessageTypes = {\n /** Represents a Verifiable Credential */\n vc: 'w3c.vc',\n /** Represents a Verifiable Presentation */\n vp: 'w3c.vp',\n}\n\n/**\n * Represents the requirements that this plugin has.\n * The agent that is using this plugin is expected to provide these methods.\n *\n * This interface can be used for static type checks, to make sure your application is properly initialized.\n */\nexport type IContext = IAgentContext<IResolver & ICredentialVerifier>\n\n/**\n * An implementation of the {@link @veramo/message-handler#AbstractMessageHandler}.\n *\n * This plugin can handle incoming W3C Verifiable Credentials and Presentations and prepare them\n * for internal storage as {@link @veramo/message-handler#Message} types.\n *\n * The current version can only handle `JWT` encoded\n *\n * @remarks {@link @veramo/core#IDataStore | IDataStore }\n *\n * @public\n */\nexport class W3cMessageHandler extends AbstractMessageHandler {\n async handle(message: Message, context: IContext): Promise<Message> {\n const meta = message.getLastMetaData()\n\n // console.log(JSON.stringify(message, null, 2))\n\n //FIXME: messages should not be expected to be only JWT\n if (meta?.type === 'JWT' && message.raw) {\n const { data } = message\n\n try {\n validateJwtPresentationPayload(data)\n\n //FIXME: flagging this for potential privacy leaks\n debug('JWT is', MessageTypes.vp)\n const presentation = normalizePresentation(message.raw)\n const credentials = presentation.verifiableCredential\n\n message.id = computeEntryHash(message.raw)\n message.type = MessageTypes.vp\n message.from = presentation.holder\n message.to = presentation.verifier?.[0]\n\n if (presentation.tag) {\n message.threadId = presentation.tag\n }\n\n message.createdAt = presentation.issuanceDate\n message.presentations = [presentation]\n message.credentials = credentials\n\n return message\n } catch (e) {}\n\n try {\n validateJwtCredentialPayload(data)\n //FIXME: flagging this for potential privacy leaks\n debug('JWT is', MessageTypes.vc)\n const credential = normalizeCredential(message.raw)\n\n message.id = computeEntryHash(message.raw)\n message.type = MessageTypes.vc\n message.from = credential.issuer.id\n message.to = credential.credentialSubject.id\n\n if (credential.tag) {\n message.threadId = credential.tag\n }\n\n message.createdAt = credential.issuanceDate\n message.credentials = [credential]\n return message\n } catch (e) {}\n }\n\n // LDS Verification and Handling\n if (message.type === MessageTypes.vc && message.data) {\n // verify credential\n const credential = message.data as VerifiableCredential\n\n const result = await context.agent.verifyCredential({ credential })\n if (result.verified) {\n message.id = computeEntryHash(message.raw || message.id || uuidv4())\n message.type = MessageTypes.vc\n message.from = extractIssuer(credential)\n message.to = credential.credentialSubject.id\n\n if (credential.tag) {\n message.threadId = credential.tag\n }\n\n message.createdAt = credential.issuanceDate\n message.credentials = [credential]\n return message\n } else {\n throw new Error(result.error?.message)\n }\n }\n\n if (message.type === MessageTypes.vp && message.data) {\n // verify presentation\n const presentation = message.data as VerifiablePresentation\n\n // throws on error.\n const result = await context.agent.verifyPresentation({\n presentation,\n // FIXME: HARDCODED CHALLENGE VERIFICATION FOR NOW\n challenge: 'VERAMO',\n domain: 'VERAMO',\n })\n if (result.verified) {\n message.id = computeEntryHash(message.raw || message.id || uuidv4())\n message.type = MessageTypes.vp\n message.from = presentation.holder\n // message.to = presentation.verifier?.[0]\n\n if (presentation.tag) {\n message.threadId = presentation.tag\n }\n\n // message.createdAt = presentation.issuanceDate\n message.presentations = [presentation]\n message.credentials = asArray(presentation.verifiableCredential).map(decodeCredentialToObject)\n return message\n } else {\n throw new Error(result.error?.message)\n }\n }\n\n return super.handle(message, context)\n }\n}\n","import type { IAgentPlugin, IIdentifier, IVerifyResult, VerifiableCredential, VerifiablePresentation } from '@veramo/core'\nimport { schema } from '@veramo/core'\n\nimport type {\n ICreateVerifiableCredentialLDArgs,\n ICreateVerifiablePresentationLDArgs,\n IVcdmCredentialPlugin,\n IVcdmCredentialProvider,\n IVcdmIssuerAgentContext,\n IVcdmVerifierAgentContext,\n IVerifyCredentialLDArgs,\n IVerifyPresentationLDArgs,\n} from './types'\n\nimport { isDefined, MANDATORY_CREDENTIAL_CONTEXT, processEntryToArray } from '@veramo/utils'\nimport Debug from 'debug'\nimport { extractIssuer, isRevoked } from './functions'\nimport type { W3CVerifiableCredential, W3CVerifiablePresentation } from '@sphereon/ssi-types'\nimport type { VerifiableCredentialSP, VerifiablePresentationSP } from '@sphereon/ssi-sdk.core'\n\nconst debug = Debug('sphereon:ssi-sdk:vcdm')\n\n/**\n * A plugin that implements the {@link @sphereon/ssi-sdk.credential-vcdm#IVcdmCredentialPlugin} methods.\n *\n * @public\n */\nexport class VcdmCredentialPlugin implements IAgentPlugin {\n readonly methods: IVcdmCredentialPlugin\n readonly schema = {\n components: {\n schemas: {\n ...schema.ICredentialIssuer.components.schemas,\n ...schema.ICredentialVerifier.components.schemas,\n },\n methods: {\n ...schema.ICredentialIssuer.components.methods,\n ...schema.ICredentialVerifier.components.methods,\n },\n },\n }\n private issuers: IVcdmCredentialProvider[]\n\n constructor(options: { issuers: IVcdmCredentialProvider[] }) {\n this.issuers = options.issuers\n this.methods = {\n listUsableProofFormats: this.listUsableProofFormats.bind(this),\n createVerifiableCredential: this.createVerifiableCredential.bind(this),\n verifyCredential: this.verifyCredential.bind(this),\n createVerifiablePresentation: this.createVerifiablePresentation.bind(this),\n verifyPresentation: this.verifyPresentation.bind(this),\n }\n }\n\n async listUsableProofFormats(did: IIdentifier, context: IVcdmIssuerAgentContext): Promise<string[]> {\n const signingOptions: string[] = []\n const keys = did.keys\n for (const key of keys) {\n for (const issuer of this.issuers) {\n if (issuer.matchKeyForType(key)) {\n signingOptions.push(issuer.getTypeProofFormat())\n }\n }\n }\n return signingOptions\n }\n\n /** {@inheritdoc @veramo/core#ICredentialIssuer.createVerifiableCredential} */\n async createVerifiableCredential(args: ICreateVerifiableCredentialLDArgs, context: IVcdmIssuerAgentContext): Promise<VerifiableCredentialSP> {\n let { credential, proofFormat, /* keyRef, removeOriginalFields,*/ now /*, ...otherOptions */ } = args\n const credentialContext = processEntryToArray(credential['@context'], MANDATORY_CREDENTIAL_CONTEXT)\n const credentialType = processEntryToArray(credential.type, 'VerifiableCredential')\n\n // only add issuanceDate for JWT\n now = typeof now === 'number' ? new Date(now * 1000) : now\n if (!Object.getOwnPropertyNames(credential).includes('issuanceDate')) {\n credential.issuanceDate = (now instanceof Date ? now : new Date()).toISOString()\n }\n\n credential = {\n ...credential,\n '@context': credentialContext,\n type: credentialType,\n }\n\n //FIXME: if the identifier is not found, the error message should reflect that.\n const issuer = extractIssuer(credential, { removeParameters: true })\n if (!issuer || typeof issuer === 'undefined') {\n throw new Error('invalid_argument: credential.issuer must not be empty')\n }\n\n try {\n await context.agent.didManagerGet({ did: issuer })\n } catch (e) {\n throw new Error(`invalid_argument: credential.issuer must be a DID managed by this agent. ${e}`)\n }\n try {\n async function findAndIssueCredential(issuers: IVcdmCredentialProvider[]) {\n for (const issuer of issuers) {\n if (issuer.canIssueCredentialType({ proofFormat })) {\n return await issuer.createVerifiableCredential(args, context)\n }\n }\n throw new Error('invalid_setup: No issuer found for the requested proof format')\n }\n const verifiableCredential = await findAndIssueCredential(this.issuers)\n return verifiableCredential\n } catch (error) {\n debug(error)\n return Promise.reject(error)\n }\n }\n\n /** {@inheritdoc @veramo/core#ICredentialVerifier.verifyCredential} */\n async verifyCredential(args: IVerifyCredentialLDArgs, context: IVcdmVerifierAgentContext): Promise<IVerifyResult> {\n let { credential, policies /*, ...otherOptions*/ } = args\n let verifiedCredential: VerifiableCredential\n let verificationResult: IVerifyResult | undefined = { verified: false }\n\n async function findAndVerifyCredential(issuers: IVcdmCredentialProvider[]): Promise<IVerifyResult> {\n for (const issuer of issuers) {\n if (issuer.canVerifyDocumentType({ document: credential as W3CVerifiableCredential })) {\n return issuer.verifyCredential(args, context)\n }\n }\n return Promise.reject(Error('invalid_setup: No issuer found for the provided credential'))\n }\n verificationResult = await findAndVerifyCredential(this.issuers)\n verifiedCredential = <VerifiableCredential>credential\n\n if (policies?.credentialStatus !== false && (await isRevoked(verifiedCredential, context as any))) {\n verificationResult = {\n verified: false,\n error: {\n message: 'revoked: The credential was revoked by the issuer',\n errorCode: 'revoked',\n },\n }\n }\n\n return verificationResult\n }\n\n /** {@inheritdoc @veramo/core#ICredentialIssuer.createVerifiablePresentation} */\n async createVerifiablePresentation(args: ICreateVerifiablePresentationLDArgs, context: IVcdmIssuerAgentContext): Promise<VerifiablePresentationSP> {\n let {\n presentation,\n proofFormat,\n /* domain,\n challenge,\n removeOriginalFields,\n keyRef,*/\n // save,\n /*now,*/\n /*...otherOptions*/\n } = args\n const presentationContext: string[] = processEntryToArray(args?.presentation?.['@context'], MANDATORY_CREDENTIAL_CONTEXT)\n const presentationType = processEntryToArray(args?.presentation?.type, 'VerifiablePresentation')\n presentation = {\n ...presentation,\n '@context': presentationContext,\n type: presentationType,\n }\n\n if (!isDefined(presentation.holder)) {\n throw new Error('invalid_argument: presentation.holder must not be empty')\n }\n\n if (presentation.verifiableCredential) {\n presentation.verifiableCredential = presentation.verifiableCredential.map((cred) => {\n // map JWT credentials to their canonical form\n if (typeof cred !== 'string' && cred.proof.jwt) {\n return cred.proof.jwt\n } else {\n return cred\n }\n })\n }\n\n let verifiablePresentation: VerifiablePresentation | undefined\n\n async function findAndCreatePresentation(issuers: IVcdmCredentialProvider[]) {\n for (const issuer of issuers) {\n if (issuer.canIssueCredentialType({ proofFormat })) {\n return await issuer.createVerifiablePresentation(args, context)\n }\n }\n throw new Error('invalid_setup: No issuer found for the requested proof format')\n }\n\n verifiablePresentation = await findAndCreatePresentation(this.issuers)\n return verifiablePresentation as VerifiablePresentationSP // fixme: this is a hack to get around the fact that the return type is not correct.\n }\n\n /** {@inheritdoc @veramo/core#ICredentialVerifier.verifyPresentation} */\n async verifyPresentation(args: IVerifyPresentationLDArgs, context: IVcdmVerifierAgentContext): Promise<IVerifyResult> {\n let { presentation /*domain, challenge, fetchRemoteContexts, policies, ...otherOptions*/ } = args\n async function findAndVerifyPresentation(issuers: IVcdmCredentialProvider[]): Promise<IVerifyResult> {\n for (const issuer of issuers) {\n if (issuer.canVerifyDocumentType({ document: presentation as W3CVerifiablePresentation })) {\n return issuer.verifyPresentation(args, context)\n }\n }\n throw new Error('invalid_setup: No verifier found for the provided presentation')\n }\n const result = await findAndVerifyPresentation(this.issuers)\n return result\n }\n}\n","import {\n CredentialPayload,\n IAgentContext, ICredentialStatusVerifier,\n IIdentifier,\n IKey,\n IssuerType,\n PresentationPayload,\n VerifiableCredential,\n W3CVerifiableCredential,\n W3CVerifiablePresentation\n} from '@veramo/core'\nimport { isDefined } from '@veramo/utils'\nimport { decodeJWT } from 'did-jwt'\n\n/**\n * Decodes a credential or presentation and returns the issuer ID\n * `iss` from a JWT or `issuer`/`issuer.id` from a VC or `holder` from a VP\n *\n * @param input - the credential or presentation whose issuer/holder needs to be extracted.\n * @param options - options for the extraction\n * removeParameters - Remove all DID parameters from the issuer ID\n *\n * @beta This API may change without a BREAKING CHANGE notice.\n */\nexport function extractIssuer(\n input?:\n | W3CVerifiableCredential\n | W3CVerifiablePresentation\n | CredentialPayload\n | PresentationPayload\n | null,\n options: { removeParameters?: boolean } = {}\n): string {\n if (!isDefined(input)) {\n return ''\n } else if (typeof input === 'string') {\n // JWT\n try {\n const { payload } = decodeJWT(input.split(`~`)[0])\n const iss = payload.iss ?? ''\n return !!options.removeParameters ? removeDIDParameters(iss) : iss\n } catch (e: any) {\n return ''\n }\n } else {\n // JSON\n let iss: IssuerType\n if (input.issuer) {\n iss = input.issuer\n } else if (input.holder) {\n iss = input.holder\n } else {\n iss = ''\n }\n if (typeof iss !== 'string') iss = iss.id ?? ''\n return !!options.removeParameters ? removeDIDParameters(iss) : iss\n }\n}\n\n\n/**\n * Remove all DID parameters from a DID url after the query part (?)\n *\n * @param did - the DID URL\n *\n * @beta This API may change without a BREAKING CHANGE notice.\n */\nexport function removeDIDParameters(did: string): string {\n return did.replace(/\\?.*$/, '')\n}\n\n\nexport function pickSigningKey(identifier: IIdentifier, keyRef?: string): IKey {\n let key: IKey | undefined\n\n if (!keyRef) {\n key = identifier.keys.find((k) => k.type === 'Secp256k1' || k.type === 'Ed25519' || k.type === 'Secp256r1')\n if (!key) throw Error('key_not_found: No signing key for ' + identifier.did)\n } else {\n key = identifier.keys.find((k) => k.kid === keyRef)\n if (!key) throw Error('key_not_found: No signing key for ' + identifier.did + ' with kid ' + keyRef)\n }\n\n return key as IKey\n}\n\nexport async function isRevoked(credential: VerifiableCredential, context: IAgentContext<ICredentialStatusVerifier>): Promise<boolean> {\n if (!credential.credentialStatus) return false\n\n if (typeof context.agent.checkCredentialStatus === 'function') {\n const status = await context.agent.checkCredentialStatus({ credential })\n return status?.revoked == true || status?.verified === false\n }\n\n throw new Error(`invalid_setup: The credential status can't be verified because there is no ICredentialStatusVerifier plugin installed.`)\n}\n","/**\n * Provides a {@link @veramo/credential-w3c#CredentialPlugin | plugin} for the {@link @veramo/core#Agent} that\n * implements\n * {@link @veramo/core#ICredentialIssuer} interface.\n *\n * Provides a {@link @veramo/credential-w3c#W3cMessageHandler | plugin} for the\n * {@link @veramo/message-handler#MessageHandler} that verifies Credentials and Presentations in a message.\n *\n * @packageDocumentation\n */\nexport type * from './types'\nexport { W3cMessageHandler, MessageTypes } from './message-handler'\nimport { VcdmCredentialPlugin } from './action-handler'\n\n/**\n * @deprecated please use {@link VcdmCredentialPlugin} instead\n * @public\n */\nconst CredentialIssuer = VcdmCredentialPlugin\nexport { CredentialIssuer, VcdmCredentialPlugin }\n\n// For backward compatibility, re-export the plugin types that were moved to core in v4\nexport type { ICredentialIssuer, ICredentialVerifier } from '@veramo/core'\n\nexport * from './functions'\n"],"mappings":";;;;AAOA,SAASA,8BAAuC;AAChD,SAASC,SAASC,kBAAkBC,0BAA0BC,qBAAqB;AAEnF,SACEC,qBACAC,uBACAC,8BACAC,sCAEG;AAEL,SAASC,MAAMC,cAAc;AAC7B,OAAOC,WAAW;AAElB,IAAMC,QAAQC,MAAM,+BAAA;AAOb,IAAMC,eAAe;;EAE1BC,IAAI;;EAEJC,IAAI;AACN;AAsBO,IAAMC,oBAAN,cAAgCC,uBAAAA;EAhDvC,OAgDuCA;;;EACrC,MAAMC,OAAOC,SAAkBC,SAAqC;AAClE,UAAMC,OAAOF,QAAQG,gBAAe;AAKpC,QAAID,MAAME,SAAS,SAASJ,QAAQK,KAAK;AACvC,YAAM,EAAEC,KAAI,IAAKN;AAEjB,UAAI;AACFO,uCAA+BD,IAAAA;AAG/Bd,cAAM,UAAUE,aAAaE,EAAE;AAC/B,cAAMY,eAAeC,sBAAsBT,QAAQK,GAAG;AACtD,cAAMK,cAAcF,aAAaG;AAEjCX,gBAAQY,KAAKC,iBAAiBb,QAAQK,GAAG;AACzCL,gBAAQI,OAAOV,aAAaE;AAC5BI,gBAAQc,OAAON,aAAaO;AAC5Bf,gBAAQgB,KAAKR,aAAaS,WAAW,CAAA;AAErC,YAAIT,aAAaU,KAAK;AACpBlB,kBAAQmB,WAAWX,aAAaU;QAClC;AAEAlB,gBAAQoB,YAAYZ,aAAaa;AACjCrB,gBAAQsB,gBAAgB;UAACd;;AACzBR,gBAAQU,cAAcA;AAEtB,eAAOV;MACT,SAASuB,GAAG;MAAC;AAEb,UAAI;AACFC,qCAA6BlB,IAAAA;AAE7Bd,cAAM,UAAUE,aAAaC,EAAE;AAC/B,cAAM8B,aAAaC,oBAAoB1B,QAAQK,GAAG;AAElDL,gBAAQY,KAAKC,iBAAiBb,QAAQK,GAAG;AACzCL,gBAAQI,OAAOV,aAAaC;AAC5BK,gBAAQc,OAAOW,WAAWE,OAAOf;AACjCZ,gBAAQgB,KAAKS,WAAWG,kBAAkBhB;AAE1C,YAAIa,WAAWP,KAAK;AAClBlB,kBAAQmB,WAAWM,WAAWP;QAChC;AAEAlB,gBAAQoB,YAAYK,WAAWJ;AAC/BrB,gBAAQU,cAAc;UAACe;;AACvB,eAAOzB;MACT,SAASuB,GAAG;MAAC;IACf;AAGA,QAAIvB,QAAQI,SAASV,aAAaC,MAAMK,QAAQM,MAAM;AAEpD,YAAMmB,aAAazB,QAAQM;AAE3B,YAAMuB,SAAS,MAAM5B,QAAQ6B,MAAMC,iBAAiB;QAAEN;MAAW,CAAA;AACjE,UAAII,OAAOG,UAAU;AACnBhC,gBAAQY,KAAKC,iBAAiBb,QAAQK,OAAOL,QAAQY,MAAMqB,OAAAA,CAAAA;AAC3DjC,gBAAQI,OAAOV,aAAaC;AAC5BK,gBAAQc,OAAOoB,cAAcT,UAAAA;AAC7BzB,gBAAQgB,KAAKS,WAAWG,kBAAkBhB;AAE1C,YAAIa,WAAWP,KAAK;AAClBlB,kBAAQmB,WAAWM,WAAWP;QAChC;AAEAlB,gBAAQoB,YAAYK,WAAWJ;AAC/BrB,gBAAQU,cAAc;UAACe;;AACvB,eAAOzB;MACT,OAAO;AACL,cAAM,IAAImC,MAAMN,OAAOO,OAAOpC,OAAAA;MAChC;IACF;AAEA,QAAIA,QAAQI,SAASV,aAAaE,MAAMI,QAAQM,MAAM;AAEpD,YAAME,eAAeR,QAAQM;AAG7B,YAAMuB,SAAS,MAAM5B,QAAQ6B,MAAMO,mBAAmB;QACpD7B;;QAEA8B,WAAW;QACXC,QAAQ;MACV,CAAA;AACA,UAAIV,OAAOG,UAAU;AACnBhC,gBAAQY,KAAKC,iBAAiBb,QAAQK,OAAOL,QAAQY,MAAMqB,OAAAA,CAAAA;AAC3DjC,gBAAQI,OAAOV,aAAaE;AAC5BI,gBAAQc,OAAON,aAAaO;AAG5B,YAAIP,aAAaU,KAAK;AACpBlB,kBAAQmB,WAAWX,aAAaU;QAClC;AAGAlB,gBAAQsB,gBAAgB;UAACd;;AACzBR,gBAAQU,cAAc8B,QAAQhC,aAAaG,oBAAoB,EAAE8B,IAAIC,wBAAAA;AACrE,eAAO1C;MACT,OAAO;AACL,cAAM,IAAImC,MAAMN,OAAOO,OAAOpC,OAAAA;MAChC;IACF;AAEA,WAAO,MAAMD,OAAOC,SAASC,OAAAA;EAC/B;AACF;;;ACrKA,SAAS0C,cAAc;AAavB,SAASC,aAAAA,YAAWC,8BAA8BC,2BAA2B;AAC7E,OAAOC,YAAW;;;ACJlB,SAASC,iBAAiB;AAC1B,SAASC,iBAAiB;AAYnB,SAASC,eACdC,OAMAC,UAA0C,CAAC,GAAC;AAE5C,MAAI,CAACC,UAAUF,KAAAA,GAAQ;AACrB,WAAO;EACT,WAAW,OAAOA,UAAU,UAAU;AAEpC,QAAI;AACF,YAAM,EAAEG,QAAO,IAAKC,UAAUJ,MAAMK,MAAM,GAAG,EAAE,CAAA,CAAE;AACjD,YAAMC,MAAMH,QAAQG,OAAO;AAC3B,aAAO,CAAC,CAACL,QAAQM,mBAAmBC,oBAAoBF,GAAAA,IAAOA;IACjE,SAASG,GAAQ;AACf,aAAO;IACT;EACF,OAAO;AAEL,QAAIH;AACJ,QAAIN,MAAMU,QAAQ;AAChBJ,YAAMN,MAAMU;IACd,WAAWV,MAAMW,QAAQ;AACvBL,YAAMN,MAAMW;IACd,OAAO;AACLL,YAAM;IACR;AACA,QAAI,OAAOA,QAAQ,SAAUA,OAAMA,IAAIM,MAAM;AAC7C,WAAO,CAAC,CAACX,QAAQM,mBAAmBC,oBAAoBF,GAAAA,IAAOA;EACjE;AACF;AAjCgBP,OAAAA,gBAAAA;AA2CT,SAASS,oBAAoBK,KAAW;AAC7C,SAAOA,IAAIC,QAAQ,SAAS,EAAA;AAC9B;AAFgBN;AAKT,SAASO,eAAeC,YAAyBC,QAAe;AACrE,MAAIC;AAEJ,MAAI,CAACD,QAAQ;AACXC,UAAMF,WAAWG,KAAKC,KAAK,CAACC,MAAMA,EAAEC,SAAS,eAAeD,EAAEC,SAAS,aAAaD,EAAEC,SAAS,WAAA;AAC/F,QAAI,CAACJ,IAAK,OAAMK,MAAM,uCAAuCP,WAAWH,GAAG;EAC7E,OAAO;AACLK,UAAMF,WAAWG,KAAKC,KAAK,CAACC,MAAMA,EAAEG,QAAQP,MAAAA;AAC5C,QAAI,CAACC,IAAK,OAAMK,MAAM,uCAAuCP,WAAWH,MAAM,eAAeI,MAAAA;EAC/F;AAEA,SAAOC;AACT;AAZgBH;AAchB,eAAsBU,UAAUC,YAAkCC,SAAiD;AACjH,MAAI,CAACD,WAAWE,iBAAkB,QAAO;AAEzC,MAAI,OAAOD,QAAQE,MAAMC,0BAA0B,YAAY;AAC7D,UAAMC,SAAS,MAAMJ,QAAQE,MAAMC,sBAAsB;MAAEJ;IAAW,CAAA;AACtE,WAAOK,QAAQC,WAAW,QAAQD,QAAQE,aAAa;EACzD;AAEA,QAAM,IAAIV,MAAM,wHAAwH;AAC1I;AATsBE;;;ADlEtB,IAAMS,SAAQC,OAAM,uBAAA;AAOb,IAAMC,uBAAN,MAAMA;EA1Bb,OA0BaA;;;EACFC;EACAC,SAAS;IAChBC,YAAY;MACVC,SAAS;QACP,GAAGF,OAAOG,kBAAkBF,WAAWC;QACvC,GAAGF,OAAOI,oBAAoBH,WAAWC;MAC3C;MACAH,SAAS;QACP,GAAGC,OAAOG,kBAAkBF,WAAWF;QACvC,GAAGC,OAAOI,oBAAoBH,WAAWF;MAC3C;IACF;EACF;EACQM;EAERC,YAAYC,SAAiD;AAC3D,SAAKF,UAAUE,QAAQF;AACvB,SAAKN,UAAU;MACbS,wBAAwB,KAAKA,uBAAuBC,KAAK,IAAI;MAC7DC,4BAA4B,KAAKA,2BAA2BD,KAAK,IAAI;MACrEE,kBAAkB,KAAKA,iBAAiBF,KAAK,IAAI;MACjDG,8BAA8B,KAAKA,6BAA6BH,KAAK,IAAI;MACzEI,oBAAoB,KAAKA,mBAAmBJ,KAAK,IAAI;IACvD;EACF;EAEA,MAAMD,uBAAuBM,KAAkBC,SAAqD;AAClG,UAAMC,iBAA2B,CAAA;AACjC,UAAMC,OAAOH,IAAIG;AACjB,eAAWC,OAAOD,MAAM;AACtB,iBAAWE,UAAU,KAAKd,SAAS;AACjC,YAAIc,OAAOC,gBAAgBF,GAAAA,GAAM;AAC/BF,yBAAeK,KAAKF,OAAOG,mBAAkB,CAAA;QAC/C;MACF;IACF;AACA,WAAON;EACT;;EAGA,MAAMN,2BAA2Ba,MAAyCR,SAAmE;AAC3I,QAAI;MAAES;MAAYC;;MAAgDC;;IAAwB,IAAOH;AACjG,UAAMI,oBAAoBC,oBAAoBJ,WAAW,UAAA,GAAaK,4BAAAA;AACtE,UAAMC,iBAAiBF,oBAAoBJ,WAAWO,MAAM,sBAAA;AAG5DL,UAAM,OAAOA,QAAQ,WAAW,IAAIM,KAAKN,MAAM,GAAA,IAAQA;AACvD,QAAI,CAACO,OAAOC,oBAAoBV,UAAAA,EAAYW,SAAS,cAAA,GAAiB;AACpEX,iBAAWY,gBAAgBV,eAAeM,OAAON,MAAM,oBAAIM,KAAAA,GAAQK,YAAW;IAChF;AAEAb,iBAAa;MACX,GAAGA;MACH,YAAYG;MACZI,MAAMD;IACR;AAGA,UAAMX,SAASmB,eAAcd,YAAY;MAAEe,kBAAkB;IAAK,CAAA;AAClE,QAAI,CAACpB,UAAU,OAAOA,WAAW,aAAa;AAC5C,YAAM,IAAIqB,MAAM,uDAAA;IAClB;AAEA,QAAI;AACF,YAAMzB,QAAQ0B,MAAMC,cAAc;QAAE5B,KAAKK;MAAO,CAAA;IAClD,SAASwB,GAAG;AACV,YAAM,IAAIH,MAAM,4EAA4EG,CAAAA,EAAG;IACjG;AACA,QAAI;AACF,qBAAeC,uBAAuBvC,SAAkC;AACtE,mBAAWc,WAAUd,SAAS;AAC5B,cAAIc,QAAO0B,uBAAuB;YAAEpB;UAAY,CAAA,GAAI;AAClD,mBAAO,MAAMN,QAAOT,2BAA2Ba,MAAMR,OAAAA;UACvD;QACF;AACA,cAAM,IAAIyB,MAAM,+DAAA;MAClB;AAPeI;AAQf,YAAME,uBAAuB,MAAMF,uBAAuB,KAAKvC,OAAO;AACtE,aAAOyC;IACT,SAASC,OAAO;AACdnD,MAAAA,OAAMmD,KAAAA;AACN,aAAOC,QAAQC,OAAOF,KAAAA;IACxB;EACF;;EAGA,MAAMpC,iBAAiBY,MAA+BR,SAA4D;AAChH,QAAI;MAAES;MAAY0B;;IAA4B,IAAO3B;AACrD,QAAI4B;AACJ,QAAIC,qBAAgD;MAAEC,UAAU;IAAM;AAEtE,mBAAeC,wBAAwBjD,SAAkC;AACvE,iBAAWc,UAAUd,SAAS;AAC5B,YAAIc,OAAOoC,sBAAsB;UAAEC,UAAUhC;QAAsC,CAAA,GAAI;AACrF,iBAAOL,OAAOR,iBAAiBY,MAAMR,OAAAA;QACvC;MACF;AACA,aAAOiC,QAAQC,OAAOT,MAAM,4DAAA,CAAA;IAC9B;AAPec;AAQfF,yBAAqB,MAAME,wBAAwB,KAAKjD,OAAO;AAC/D8C,yBAA2C3B;AAE3C,QAAI0B,UAAUO,qBAAqB,SAAU,MAAMC,UAAUP,oBAAoBpC,OAAAA,GAAkB;AACjGqC,2BAAqB;QACnBC,UAAU;QACVN,OAAO;UACLY,SAAS;UACTC,WAAW;QACb;MACF;IACF;AAEA,WAAOR;EACT;;EAGA,MAAMxC,6BAA6BW,MAA2CR,SAAqE;AACjJ,QAAI,EACF8C,cACApC,YAAW,IAQTF;AACJ,UAAMuC,sBAAgClC,oBAAoBL,MAAMsC,eAAe,UAAA,GAAahC,4BAAAA;AAC5F,UAAMkC,mBAAmBnC,oBAAoBL,MAAMsC,cAAc9B,MAAM,wBAAA;AACvE8B,mBAAe;MACb,GAAGA;MACH,YAAYC;MACZ/B,MAAMgC;IACR;AAEA,QAAI,CAACC,WAAUH,aAAaI,MAAM,GAAG;AACnC,YAAM,IAAIzB,MAAM,yDAAA;IAClB;AAEA,QAAIqB,aAAaf,sBAAsB;AACrCe,mBAAaf,uBAAuBe,aAAaf,qBAAqBoB,IAAI,CAACC,SAAAA;AAEzE,YAAI,OAAOA,SAAS,YAAYA,KAAKC,MAAMC,KAAK;AAC9C,iBAAOF,KAAKC,MAAMC;QACpB,OAAO;AACL,iBAAOF;QACT;MACF,CAAA;IACF;AAEA,QAAIG;AAEJ,mBAAeC,0BAA0BlE,SAAkC;AACzE,iBAAWc,UAAUd,SAAS;AAC5B,YAAIc,OAAO0B,uBAAuB;UAAEpB;QAAY,CAAA,GAAI;AAClD,iBAAO,MAAMN,OAAOP,6BAA6BW,MAAMR,OAAAA;QACzD;MACF;AACA,YAAM,IAAIyB,MAAM,+DAAA;IAClB;AAPe+B;AASfD,6BAAyB,MAAMC,0BAA0B,KAAKlE,OAAO;AACrE,WAAOiE;EACT;;EAGA,MAAMzD,mBAAmBU,MAAiCR,SAA4D;AACpH,QAAI;MAAE8C;;IAAgF,IAAOtC;AAC7F,mBAAeiD,0BAA0BnE,SAAkC;AACzE,iBAAWc,UAAUd,SAAS;AAC5B,YAAIc,OAAOoC,sBAAsB;UAAEC,UAAUK;QAA0C,CAAA,GAAI;AACzF,iBAAO1C,OAAON,mBAAmBU,MAAMR,OAAAA;QACzC;MACF;AACA,YAAM,IAAIyB,MAAM,gEAAA;IAClB;AAPegC;AAQf,UAAMC,SAAS,MAAMD,0BAA0B,KAAKnE,OAAO;AAC3D,WAAOoE;EACT;AACF;;;AE9LA,IAAMC,mBAAmBC;","names":["AbstractMessageHandler","asArray","computeEntryHash","decodeCredentialToObject","extractIssuer","normalizeCredential","normalizePresentation","validateJwtCredentialPayload","validateJwtPresentationPayload","v4","uuidv4","Debug","debug","Debug","MessageTypes","vc","vp","W3cMessageHandler","AbstractMessageHandler","handle","message","context","meta","getLastMetaData","type","raw","data","validateJwtPresentationPayload","presentation","normalizePresentation","credentials","verifiableCredential","id","computeEntryHash","from","holder","to","verifier","tag","threadId","createdAt","issuanceDate","presentations","e","validateJwtCredentialPayload","credential","normalizeCredential","issuer","credentialSubject","result","agent","verifyCredential","verified","uuidv4","extractIssuer","Error","error","verifyPresentation","challenge","domain","asArray","map","decodeCredentialToObject","schema","isDefined","MANDATORY_CREDENTIAL_CONTEXT","processEntryToArray","Debug","isDefined","decodeJWT","extractIssuer","input","options","isDefined","payload","decodeJWT","split","iss","removeParameters","removeDIDParameters","e","issuer","holder","id","did","replace","pickSigningKey","identifier","keyRef","key","keys","find","k","type","Error","kid","isRevoked","credential","context","credentialStatus","agent","checkCredentialStatus","status","revoked","verified","debug","Debug","VcdmCredentialPlugin","methods","schema","components","schemas","ICredentialIssuer","ICredentialVerifier","issuers","constructor","options","listUsableProofFormats","bind","createVerifiableCredential","verifyCredential","createVerifiablePresentation","verifyPresentation","did","context","signingOptions","keys","key","issuer","matchKeyForType","push","getTypeProofFormat","args","credential","proofFormat","now","credentialContext","processEntryToArray","MANDATORY_CREDENTIAL_CONTEXT","credentialType","type","Date","Object","getOwnPropertyNames","includes","issuanceDate","toISOString","extractIssuer","removeParameters","Error","agent","didManagerGet","e","findAndIssueCredential","canIssueCredentialType","verifiableCredential","error","Promise","reject","policies","verifiedCredential","verificationResult","verified","findAndVerifyCredential","canVerifyDocumentType","document","credentialStatus","isRevoked","message","errorCode","presentation","presentationContext","presentationType","isDefined","holder","map","cred","proof","jwt","verifiablePresentation","findAndCreatePresentation","findAndVerifyPresentation","result","CredentialIssuer","VcdmCredentialPlugin"]}
package/package.json ADDED
@@ -0,0 +1,93 @@
1
+ {
2
+ "name": "@sphereon/ssi-sdk.credential-vcdm",
3
+ "description": "Plugin for working with W3C Verifiable Credentials DataModel 1 and 2 Credentials & Presentations.",
4
+ "version": "0.33.1-feature.jose.vcdm.55+6f02f6f8",
5
+ "source": "src/index.ts",
6
+ "type": "module",
7
+ "main": "./dist/index.cjs",
8
+ "module": "./dist/index.js",
9
+ "types": "./dist/index.d.ts",
10
+ "exports": {
11
+ "react-native": "./dist/index.js",
12
+ "import": {
13
+ "types": "./dist/index.d.ts",
14
+ "import": "./dist/index.js"
15
+ },
16
+ "require": {
17
+ "types": "./dist/index.d.cts",
18
+ "require": "./dist/index.cjs"
19
+ }
20
+ },
21
+ "veramo": {
22
+ "pluginInterfaces": {
23
+ "IVcdmCredentialProvider": "./src/types.ts"
24
+ }
25
+ },
26
+ "scripts": {
27
+ "build": "tsup --config ../../tsup.config.ts --tsconfig ../../tsconfig.tsup.json",
28
+ "generate-plugin-schema": "tsx ../../packages/dev/bin/sphereon.js dev generate-plugin-schema"
29
+ },
30
+ "dependencies": {
31
+ "@sphereon/ssi-sdk.agent-config": "0.33.1-feature.jose.vcdm.55+6f02f6f8",
32
+ "@sphereon/ssi-sdk.core": "0.33.1-feature.jose.vcdm.55+6f02f6f8",
33
+ "@sphereon/ssi-sdk.vc-status-list": "0.33.1-feature.jose.vcdm.55+6f02f6f8",
34
+ "@sphereon/ssi-types": "0.33.1-feature.jose.vcdm.55+6f02f6f8",
35
+ "@veramo/core": "4.2.0",
36
+ "@veramo/message-handler": "4.2.0",
37
+ "@veramo/utils": "4.2.0",
38
+ "canonicalize": "^2.0.0",
39
+ "debug": "^4.3.3",
40
+ "did-jwt": "6.11.6",
41
+ "did-jwt-vc": "3.1.3",
42
+ "did-resolver": "^4.1.0",
43
+ "uuid": "^9.0.1"
44
+ },
45
+ "devDependencies": {
46
+ "@sphereon/ssi-sdk-ext.did-provider-key": "0.28.1-feature.esm.cjs.18",
47
+ "@sphereon/ssi-sdk-ext.key-manager": "0.28.1-feature.esm.cjs.18",
48
+ "@sphereon/ssi-sdk-ext.kms-local": "0.28.1-feature.esm.cjs.18",
49
+ "@types/debug": "4.1.8",
50
+ "@types/uuid": "9.0.2",
51
+ "@veramo/did-manager": "4.2.0",
52
+ "@veramo/did-provider-ethr": "4.2.0",
53
+ "@veramo/did-resolver": "4.2.0",
54
+ "@veramo/key-manager": "4.2.0",
55
+ "ethr-did-resolver": "^11.0.3",
56
+ "typescript": "5.8.3"
57
+ },
58
+ "files": [
59
+ "dist/**/*",
60
+ "src/**/*",
61
+ "README.md",
62
+ "LICENSE"
63
+ ],
64
+ "publishConfig": {
65
+ "access": "public"
66
+ },
67
+ "repository": {
68
+ "type": "git",
69
+ "url": "https://github.com/decentralized-identity/veramo.git",
70
+ "directory": "packages/credential-w3c"
71
+ },
72
+ "author": "Consensys Mesh R&D <hello@veramo.io>",
73
+ "contributors": [
74
+ "Simonas Karuzas <simonas.karuzas@mesh.xyz>",
75
+ "Mircea Nistor <mircea.nistor@mesh.xyz>"
76
+ ],
77
+ "keywords": [
78
+ "Veramo",
79
+ "DID",
80
+ "Verifiable Credential",
81
+ "JWT",
82
+ "W3C",
83
+ "aggregator",
84
+ "vc-jwt",
85
+ "veramo-plugin"
86
+ ],
87
+ "license": "Apache-2.0",
88
+ "moduleDirectories": [
89
+ "node_modules",
90
+ "src"
91
+ ],
92
+ "gitHead": "6f02f6f83679198268c6e1ea956be24cc1017234"
93
+ }
package/src/__tests__/action-handler.test.ts ADDED
@@ -0,0 +1,130 @@
1
+ import { beforeAll, describe, expect, test } from 'vitest'
2
+
3
+ import { CredentialPayload, ICredentialPlugin, IDIDManager, IIdentifier, IKeyManager, IResolver, PresentationPayload, TAgent } from '@veramo/core'
4
+ import { VcdmCredentialPlugin } from '../action-handler.js'
5
+ import { CredentialProviderJWT } from '../../../credential-jwt/src'
6
+
7
+ import { getDidKeyResolver, SphereonKeyDidProvider } from '@sphereon/ssi-sdk-ext.did-provider-key'
8
+ import { Resolver } from 'did-resolver'
9
+ import { getResolver as ethrDidResolver } from 'ethr-did-resolver'
10
+ import { createAgent } from '@sphereon/ssi-sdk.agent-config'
11
+ import { MemoryKeyStore, MemoryPrivateKeyStore, SphereonKeyManager } from '@sphereon/ssi-sdk-ext.key-manager'
12
+ import { SphereonKeyManagementSystem } from '@sphereon/ssi-sdk-ext.kms-local'
13
+ import { DIDManager, MemoryDIDStore } from '@veramo/did-manager'
14
+ import { EthrDIDProvider } from '@veramo/did-provider-ethr'
15
+ import { DIDResolverPlugin } from '@veramo/did-resolver'
16
+
17
+ const infuraProjectId = '3586660d179141e3801c3895de1c2eba'
18
+
19
+ let didKeyIdentifier: IIdentifier
20
+ let didEthrIdentifier: IIdentifier
21
+ let agent: TAgent<IResolver & IKeyManager & IDIDManager & ICredentialPlugin>
22
+
23
+ describe('@sphereon/ssi-sdk.credential-vcdm', () => {
24
+ beforeAll(async () => {
25
+ const jwt = new CredentialProviderJWT()
26
+ agent = await createAgent<IResolver & IKeyManager & IDIDManager & ICredentialPlugin>({
27
+ plugins: [
28
+ new SphereonKeyManager({
29
+ store: new MemoryKeyStore(),
30
+ kms: {
31
+ local: new SphereonKeyManagementSystem(new MemoryPrivateKeyStore()),
32
+ },
33
+ }),
34
+ new DIDManager({
35
+ providers: {
36
+ 'did:key': new SphereonKeyDidProvider({ defaultKms: 'local' }),
37
+ 'did:ethr': new EthrDIDProvider({
38
+ defaultKms: 'local',
39
+ network: 'mainnet',
40
+ }),
41
+ },
42
+ store: new MemoryDIDStore(),
43
+ defaultProvider: 'did:key',
44
+ }),
45
+ new DIDResolverPlugin({
46
+ resolver: new Resolver({
47
+ ...getDidKeyResolver(),
48
+ ...ethrDidResolver({ infuraProjectId }),
49
+ }),
50
+ }),
51
+ new VcdmCredentialPlugin({ issuers: [jwt] }),
52
+ ],
53
+ })
54
+ didKeyIdentifier = await agent.didManagerCreate()
55
+ didEthrIdentifier = await agent.didManagerCreate({ provider: 'did:ethr' })
56
+ })
57
+
58
+ test('handles createVerifiableCredential', async () => {
59
+ expect.assertions(1)
60
+
61
+ const issuerId = didEthrIdentifier.did
62
+
63
+ const credential: CredentialPayload = {
64
+ '@context': ['https://www.w3.org/2018/credentials/v1', 'https://www.w3.org/2020/demo/4342323'],
65
+ type: ['VerifiableCredential', 'PublicProfile'],
66
+ issuer: { id: issuerId },
67
+ issuanceDate: new Date().toISOString(),
68
+ id: 'vc1',
69
+ credentialSubject: {
70
+ id: 'https://example.com/user/alice',
71
+ name: 'Alice',
72
+ profilePicture: 'https://example.com/a.png',
73
+ address: {
74
+ street: 'Some str.',
75
+ house: 1,
76
+ },
77
+ },
78
+ }
79
+
80
+ const vc = await agent.createVerifiableCredential({
81
+ credential,
82
+ save: false,
83
+ proofFormat: 'jwt',
84
+ })
85
+ expect(vc.id).toEqual('vc1')
86
+ })
87
+
88
+ test('handles createVerifiablePresentation', async () => {
89
+ expect.assertions(1)
90
+
91
+ const issuerId = didEthrIdentifier.did
92
+
93
+ const credential = await agent.createVerifiableCredential({
94
+ credential: {
95
+ '@context': ['https://www.w3.org/2018/credentials/v1'],
96
+ type: ['VerifiableCredential', 'PublicProfile'],
97
+ issuer: { id: issuerId },
98
+ issuanceDate: new Date().toISOString(),
99
+ id: 'vc1',
100
+ credentialSubject: {
101
+ id: 'https://example.com/user/alice',
102
+ name: 'Alice',
103
+ profilePicture: 'https://example.com/a.png',
104
+ address: {
105
+ street: 'Some str.',
106
+ house: 1,
107
+ },
108
+ },
109
+ },
110
+ save: false,
111
+ proofFormat: 'jwt',
112
+ })
113
+
114
+ const presentation: PresentationPayload = {
115
+ '@context': ['https://www.w3.org/2018/credentials/v1'],
116
+ type: ['VerifiablePresentation'],
117
+ holder: didEthrIdentifier.did + '?versionTime=2023-01-01T00:00:00Z',
118
+ issuanceDate: new Date().toISOString(),
119
+ verifiableCredential: [credential],
120
+ }
121
+
122
+ const vp = await agent.createVerifiablePresentation({
123
+ presentation,
124
+ save: false,
125
+ proofFormat: 'jwt',
126
+ })
127
+
128
+ expect(vp.holder).toEqual(issuerId)
129
+ })
130
+ })