@sphereon/ssi-sdk.siopv2-oid4vp-rp-rest-api 0.32.1-next.18 → 0.32.1-next.287

package/src/types/index.ts

@@ -0,0 +1,2 @@
+export * from './types'
+export * from './QRCode.types'

package/src/{types.ts → types/types.ts}

@@ -3,15 +3,18 @@ import { IPresentationExchange } from '@sphereon/ssi-sdk.presentation-exchange'
 import { ISIOPv2RP } from '@sphereon/ssi-sdk.siopv2-oid4vp-rp-auth'
 import { IAgentContext, ICredentialVerifier } from '@veramo/core'
 import { IPDManager } from '@sphereon/ssi-sdk.pd-manager'
+import { QRCodeOpts } from './QRCode.types'
 
 export type SiopFeatures = 'rp-status' | 'siop'
 export interface ISIOPv2RPRestAPIOpts {
   enableFeatures?: SiopFeatures[]
   endpointOpts?: {
     basePath?: string
+    trustProxy?: boolean | Array<string>
     globalAuth?: GenericAuthArgs & { secureSiopEndpoints?: boolean }
     webappCreateAuthRequest?: ICreateAuthRequestWebappEndpointOpts // Override the create Auth Request path. Needs to contain correlationId and definitionId path params!
     webappDeleteAuthRequest?: ISingleEndpointOpts // Override the delete Auth Request path. Needs to contain correlationId and definitionId path params!
+    webappGetDefinitions?: ISingleEndpointOpts // Override the delete Auth Request path. Needs to contain correlationId and definitionId path params!
     webappAuthStatus?: ISingleEndpointOpts // Override the Auth status path. CorrelationId and definitionId need to come from the body!
     siopVerifyAuthResponse?: ISingleEndpointOpts // Override the siop Verify Response path. Needs to contain correlationId and definitionId path params!
     siopGetAuthRequest?: ISingleEndpointOpts // Override the siop get Auth Request path. Needs to contain correlationId and definitionId path params!
@@ -19,9 +22,10 @@ export interface ISIOPv2RPRestAPIOpts {
 }
 export interface ICreateAuthRequestWebappEndpointOpts extends ISingleEndpointOpts {
   siopBaseURI?: string
+  qrCodeOpts?: QRCodeOpts
   webappAuthStatusPath?: string
   webappBaseURI?: string
-  nonce?: string
+  responseRedirectURI?: string
 }
 
 export type IRequiredPlugins = ICredentialVerifier & ISIOPv2RP & IPresentationExchange & IPDManager

package/src/webapp-api-functions.ts

@@ -17,33 +17,49 @@ export function createAuthRequestWebappEndpoint(router: Router, context: IRequir
     try {
       // if (!request.agent) throw Error('No agent configured')
       const definitionId = request.params.definitionId
-      const state: string = uuid.uuid()
-      const correlationId = state
+      if (!definitionId) {
+        return sendErrorResponse(response, 400, 'No definitionId query parameter provided')
+      }
+      const state: string = request.body.state ?? uuid.uuid()
+      const correlationId = request.body.correlationId ?? state
+      const qrCodeOpts = request.body.qrCodeOpts ?? opts?.qrCodeOpts
 
-      const requestByReferenceURI = uriWithBase(`/siop/definitions/${definitionId}/auth-requests/${correlationId}`, {
+      const requestByReferenceURI = uriWithBase(`/siop/definitions/${definitionId}/auth-requests/${state}`, {
         baseURI: opts?.siopBaseURI,
       })
-      const responseURI = uriWithBase(`/siop/definitions/${definitionId}/auth-responses/${correlationId}`, { baseURI: opts?.siopBaseURI })
-      const responseRedirectURI = 'response_redirect_uri' in request.body && (request.body.response_redirect_uri as string | undefined)
+      const responseURI = uriWithBase(`/siop/definitions/${definitionId}/auth-responses/${state}`, { baseURI: opts?.siopBaseURI })
+      // first version is for backwards compat
+      const responseRedirectURI =
+        ('response_redirect_uri' in request.body && (request.body.response_redirect_uri as string | undefined)) ??
+        ('responseRedirectURI' in request.body && (request.body.responseRedirectURI as string | undefined))
 
       const authRequestURI = await context.agent.siopCreateAuthRequestURI({
         definitionId,
         correlationId,
         state,
-        nonce: opts?.nonce,
+        nonce: uuid.uuid(),
         requestByReferenceURI,
         responseURIType: 'response_uri',
         responseURI,
         ...(responseRedirectURI && { responseRedirectURI }),
       })
+
+      let qrCodeDataUri: string | undefined
+      if (qrCodeOpts) {
+        const { AwesomeQR } = await import('awesome-qr')
+        const qrCode = new AwesomeQR({ ...qrCodeOpts, text: authRequestURI })
+        qrCodeDataUri = `data:image/png;base64,${(await qrCode.draw())!.toString('base64')}`
+      }
       const authRequestBody: GenerateAuthRequestURIResponse = {
         correlationId,
+        state,
         definitionId,
         authRequestURI,
         authStatusURI: `${uriWithBase(opts?.webappAuthStatusPath ?? '/webapp/auth-status', { baseURI: opts?.webappBaseURI })}`,
+        ...(qrCodeDataUri && { qrCodeDataUri }),
       }
       console.log(`Auth Request URI data to send back: ${JSON.stringify(authRequestBody)}`)
-      return response.send(authRequestBody)
+      return response.json(authRequestBody)
     } catch (error) {
       return sendErrorResponse(response, 500, 'Could not create an authorization request URI', error)
     }
@@ -82,7 +98,7 @@ export function authStatusWebappEndpoint(router: Router, context: IRequiredConte
           definitionId,
           lastUpdated: requestState ? requestState.lastUpdated : Date.now(),
         }
-        return response.send(statusBody)
+        return response.json(statusBody)
       }
 
       let includeVerifiedData: VerifiedDataMode = VerifiedDataMode.NONE
@@ -114,13 +130,13 @@ export function authStatusWebappEndpoint(router: Router, context: IRequiredConte
             }
           : {}),
       }
-      console.log(`Will send auth status: ${JSON.stringify(statusBody)}`)
+      console.debug(`Will send auth status: ${JSON.stringify(statusBody)}`)
       if (overallState.status === 'error') {
         response.statusCode = 500
-        return response.send(statusBody)
+        return response.json(statusBody)
       }
       response.statusCode = 200
-      return response.send(statusBody)
+      return response.json(statusBody)
     } catch (error) {
       return sendErrorResponse(response, 500, error.message, error)
     }
@@ -142,7 +158,24 @@ export function removeAuthRequestStateWebappEndpoint(router: Router, context: IR
         return sendErrorResponse(response, 404, 'No authorization request could be found')
       }
       response.statusCode = 200
-      return response.send(context.agent.siopDeleteAuthState({ definitionId, correlationId }))
+      return response.json(await context.agent.siopDeleteAuthState({ definitionId, correlationId }))
+    } catch (error) {
+      return sendErrorResponse(response, 500, error.message, error)
+    }
+  })
+}
+
+export function getDefinitionsEndpoint(router: Router, context: IRequiredContext, opts?: ISingleEndpointOpts) {
+  if (opts?.enabled === false) {
+    console.log(`getDefinitions Webapp endpoint is disabled`)
+    return
+  }
+  const path = opts?.path ?? '/webapp/definitions'
+  router.get(path, checkAuth(opts?.endpoint), async (request: Request, response: Response) => {
+    try {
+      const definitions = await context.agent.pdmGetDefinitions()
+      response.statusCode = 200
+      return response.json(definitions)
     } catch (error) {
       return sendErrorResponse(response, 500, error.message, error)
     }

package/dist/types.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,mBAAmB,EAAE,MAAM,+BAA+B,CAAA;AACpF,OAAO,EAAE,qBAAqB,EAAE,MAAM,yCAAyC,CAAA;AAC/E,OAAO,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAA;AACnE,OAAO,EAAE,aAAa,EAAE,mBAAmB,EAAE,MAAM,cAAc,CAAA;AACjE,OAAO,EAAE,UAAU,EAAE,MAAM,8BAA8B,CAAA;AAEzD,MAAM,MAAM,YAAY,GAAG,WAAW,GAAG,MAAM,CAAA;AAC/C,MAAM,WAAW,oBAAoB;IACnC,cAAc,CAAC,EAAE,YAAY,EAAE,CAAA;IAC/B,YAAY,CAAC,EAAE;QACb,QAAQ,CAAC,EAAE,MAAM,CAAA;QACjB,UAAU,CAAC,EAAE,eAAe,GAAG;YAAE,mBAAmB,CAAC,EAAE,OAAO,CAAA;SAAE,CAAA;QAChE,uBAAuB,CAAC,EAAE,oCAAoC,CAAA;QAC9D,uBAAuB,CAAC,EAAE,mBAAmB,CAAA;QAC7C,gBAAgB,CAAC,EAAE,mBAAmB,CAAA;QACtC,sBAAsB,CAAC,EAAE,mBAAmB,CAAA;QAC5C,kBAAkB,CAAC,EAAE,mBAAmB,CAAA;KACzC,CAAA;CACF;AACD,MAAM,WAAW,oCAAqC,SAAQ,mBAAmB;IAC/E,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,oBAAoB,CAAC,EAAE,MAAM,CAAA;IAC7B,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,KAAK,CAAC,EAAE,MAAM,CAAA;CACf;AAED,MAAM,MAAM,gBAAgB,GAAG,mBAAmB,GAAG,SAAS,GAAG,qBAAqB,GAAG,UAAU,CAAA;AACnG,MAAM,MAAM,gBAAgB,GAAG,aAAa,CAAC,gBAAgB,CAAC,CAAA"}

package/dist/types.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":""}