@sphereon/ssi-sdk.linked-vp 0.34.1-feature.SSISDK.82.linkedVP.325

package/src/services/LinkedVPService.ts

@@ -0,0 +1,84 @@
+import { UniqueDigitalCredential } from '@sphereon/ssi-sdk.credential-store'
+import { Loggers, OriginalVerifiableCredential, WrappedVerifiableCredential } from '@sphereon/ssi-types'
+import type { PresentationPayload } from '@veramo/core'
+import { W3CVerifiableCredential } from '@veramo/core/src/types/vc-data-model'
+import { LOGGER_NAMESPACE, RequiredContext } from '../types'
+
+const logger = Loggers.DEFAULT.get(LOGGER_NAMESPACE)
+
+/**
+ * Extracts the original credential from various wrapper types
+ */
+function extractOriginalCredential(
+  credential: UniqueDigitalCredential | WrappedVerifiableCredential | OriginalVerifiableCredential,
+): OriginalVerifiableCredential {
+  if (typeof credential === 'string') {
+    return credential
+  }
+
+  if ('digitalCredential' in credential) {
+    const udc = credential as UniqueDigitalCredential
+    if (udc.originalVerifiableCredential) {
+      return udc.originalVerifiableCredential
+    }
+    return udc.uniformVerifiableCredential as OriginalVerifiableCredential
+  }
+
+  if ('original' in credential) {
+    return credential.original
+  }
+
+  return credential as OriginalVerifiableCredential
+}
+
+/**
+ * Creates a Verifiable Presentation for LinkedVP publishing
+ * Contains multiple credentials in a single JWT VP
+ * No nonce or audience since this is for publishing, not responding to verification
+ */
+export async function createLinkedVPPresentation(
+  holderDid: string,
+  credentials: UniqueDigitalCredential[],
+  agent: RequiredContext['agent'],
+): Promise<string | Record<string, any>> {
+  if (credentials.length === 0) {
+    return Promise.reject(Error('Cannot create LinkedVP presentation with zero credentials'))
+  }
+
+  logger.debug(`Creating LinkedVP presentation for ${holderDid} with ${credentials.length} credentials`)
+
+  const identifier = await agent.identifierManagedGet({ identifier: holderDid })
+
+  // Extract and prepare credentials
+  const verifiableCredentials = credentials.map((credential) => {
+    const original = extractOriginalCredential(credential)
+    // Keep as-is if string (JWT), otherwise convert to object
+    return typeof original === 'string' ? original : original
+  })
+
+  // Create VP structure
+  const vpObject: PresentationPayload = {
+    '@context': ['https://www.w3.org/2018/credentials/v1'],
+    type: ['VerifiablePresentation'],
+    holder: holderDid,
+    verifiableCredential: verifiableCredentials as W3CVerifiableCredential[],
+  }
+
+  // Create and sign the VP as JWT
+  const result = await agent.createVerifiablePresentation({
+    presentation: vpObject,
+    proofFormat: 'jwt',
+    keyRef: identifier.kmsKeyRef || identifier.kid,
+  })
+
+  // Extract JWT from result
+  if (typeof result === 'string') {
+    return result
+  }
+
+  if (result.proof && 'jws' in result.proof) {
+    return result.proof.jws
+  }
+
+  return Promise.reject(Error('Failed to create JWT VP - no JWT in result'))
+}

package/src/types/ILinkedVPManager.ts

@@ -0,0 +1,85 @@
+import { IIdentifierResolution } from '@sphereon/ssi-sdk-ext.identifier-resolution'
+import { ICredentialStore } from '@sphereon/ssi-sdk.credential-store'
+import { VcdmCredentialPlugin } from '@sphereon/ssi-sdk.credential-vcdm'
+import { IAgentContext, IPluginMethodMap } from '@veramo/core'
+import { IKeyManager } from '@veramo/core/src/types/IKeyManager'
+
+export const LOGGER_NAMESPACE = 'sphereon:linked-vp'
+
+export type LinkedVPPresentation = string | Record<string, any>
+
+export interface ILinkedVPManager extends IPluginMethodMap {
+  /**
+   * Publish a credential as a LinkedVP by adding it to the holder's DID Document
+   * @param args - Publication arguments including credential ID and scope configuration
+   * @param context - Agent context
+   */
+  lvpPublishCredential(args: PublishCredentialArgs, context: RequiredContext): Promise<LinkedVPEntry>
+
+  /**
+   * Unpublish a credential by removing its LinkedVP entry from the DID Document
+   * @param args - Unpublish arguments
+   * @param context - Agent context
+   */
+  lvpUnpublishCredential(args: UnpublishCredentialArgs, context: RequiredContext): Promise<boolean>
+
+  /**
+   * Check if a LinkedVP entry exists by linkedVpId
+   * @param args - Query arguments
+   * @param context - Agent context
+   */
+  lvpHasEntry(args: HasLinkedVPEntryArgs, context: RequiredContext): Promise<boolean>
+
+  /**
+   * Get LinkedVP service entries for a DID to be added to a DID Document
+   * This is useful when generating DID Documents with toDidDocument
+   * @param args - Query arguments for the DID
+   * @param context - Agent context
+   */
+  lvpGetServiceEntries(args: GetServiceEntriesArgs, context: RequiredContext): Promise<Array<LinkedVPServiceEntry>>
+
+  /**
+   * Generate and return a Verifiable Presentation for a published LinkedVP
+   * This is the main endpoint handler for GET /linked-vp/{linkedVpId}
+   * @param args - Generation arguments
+   * @param context - Agent context
+   */
+  lvpGeneratePresentation(args: GeneratePresentationArgs, context: RequiredContext): Promise<LinkedVPPresentation>
+}
+
+export type PublishCredentialArgs = {
+  digitalCredentialId: string
+  linkedVpId?: string // Optional: if not provided, will be auto-generated
+}
+
+export type UnpublishCredentialArgs = {
+  linkedVpId: string
+}
+
+export type HasLinkedVPEntryArgs = {
+  linkedVpId: string
+}
+
+export type GetServiceEntriesArgs = {
+  tenantId?: string
+}
+
+export type GeneratePresentationArgs = {
+  linkedVpId: string
+}
+
+export type LinkedVPEntry = {
+  id: string
+  linkedVpId: string
+  tenantId?: string
+  linkedVpFrom?: Date
+  createdAt: Date
+}
+
+export type LinkedVPServiceEntry = {
+  id: string
+  type: 'LinkedVerifiablePresentation'
+  serviceEndpoint: string
+}
+
+export type RequiredContext = IAgentContext<IIdentifierResolution & ICredentialStore & IKeyManager & VcdmCredentialPlugin>

package/src/types/index.ts

@@ -0,0 +1 @@
+export * from './ILinkedVPManager'