@sphereon/ssi-sdk.siopv2-oid4vp-rp-rest-api 0.34.1-fix.171 → 0.34.1-fix.223
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.cjs +56 -79
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +6 -58
- package/dist/index.d.ts +6 -58
- package/dist/index.js +56 -79
- package/dist/index.js.map +1 -1
- package/package.json +21 -19
- package/src/siop-api-functions.ts +35 -27
- package/src/types/types.ts +7 -38
- package/src/universal-oid4vp-api-functions.ts +78 -60
- package/src/schemas/index.ts +0 -42
package/src/types/types.ts
CHANGED
|
@@ -1,11 +1,10 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import { CreateAuthorizationRequestPayload, CreateAuthorizationResponsePayload } from '@sphereon/did-auth-siop'
|
|
2
2
|
import { GenericAuthArgs, ISingleEndpointOpts } from '@sphereon/ssi-express-support'
|
|
3
|
-
import { ISIOPv2RP } from '@sphereon/ssi-sdk.siopv2-oid4vp-rp-auth'
|
|
4
3
|
import { IPDManager } from '@sphereon/ssi-sdk.pd-manager'
|
|
5
4
|
import { AuthorizationRequestStateStatus, AuthorizationResponseStateStatus } from '@sphereon/ssi-sdk.siopv2-oid4vp-common'
|
|
5
|
+
import { ISIOPv2RP } from '@sphereon/ssi-sdk.siopv2-oid4vp-rp-auth'
|
|
6
|
+
import { IAgentContext, ICredentialVerifier } from '@veramo/core'
|
|
6
7
|
import { Request, Response } from 'express'
|
|
7
|
-
import { z } from 'zod'
|
|
8
|
-
import { CreateAuthorizationRequestBodySchema, CreateAuthorizationResponseSchema } from '../schemas'
|
|
9
8
|
import { QRCodeOpts } from './QRCode.types'
|
|
10
9
|
import { VerifiedData } from '@sphereon/did-auth-siop'
|
|
11
10
|
|
|
@@ -36,24 +35,20 @@ export interface ICreateAuthRequestWebappEndpointOpts extends ISingleEndpointOpt
|
|
|
36
35
|
export type IRequiredPlugins = ICredentialVerifier & ISIOPv2RP & IPDManager
|
|
37
36
|
export type IRequiredContext = IAgentContext<IRequiredPlugins>
|
|
38
37
|
|
|
39
|
-
export type
|
|
38
|
+
export type CreateAuthorizationRequestPayloadRequest = Request<Record<string, never>, any, CreateAuthorizationRequestPayload, Record<string, never>>
|
|
40
39
|
|
|
41
|
-
export type
|
|
42
|
-
|
|
43
|
-
export type CreateAuthorizationResponse = Response<CreateAuthorizationRequestResponse>
|
|
44
|
-
|
|
45
|
-
export type CreateAuthorizationRequestResponse = z.infer<typeof CreateAuthorizationResponseSchema>;
|
|
40
|
+
export type CreateAuthorizationResponsePayloadResponse = Response<CreateAuthorizationResponsePayload>
|
|
46
41
|
|
|
47
42
|
export type DeleteAuthorizationRequest = Request<DeleteAuthorizationRequestPathParameters, any, Record<string, any>, Record<string, any>>
|
|
48
43
|
|
|
49
44
|
export type DeleteAuthorizationRequestPathParameters = {
|
|
50
|
-
correlationId: string
|
|
45
|
+
correlationId: string
|
|
51
46
|
}
|
|
52
47
|
|
|
53
48
|
export type GetAuthorizationRequestStatus = Request<GetAuthorizationRequestStatusPathParameters, any, Record<string, any>, Record<string, any>>
|
|
54
49
|
|
|
55
50
|
export type GetAuthorizationRequestStatusPathParameters = {
|
|
56
|
-
correlationId: string
|
|
51
|
+
correlationId: string
|
|
57
52
|
}
|
|
58
53
|
|
|
59
54
|
export type RequestError = {
|
|
@@ -70,29 +65,3 @@ export interface AuthStatusResponse {
|
|
|
70
65
|
verified_data?: VerifiedData
|
|
71
66
|
error?: RequestError
|
|
72
67
|
}
|
|
73
|
-
|
|
74
|
-
// export type VerifiedData = {
|
|
75
|
-
// authorization_response?: AuthorizationResponse
|
|
76
|
-
// credential_claims?: AdditionalClaims
|
|
77
|
-
// }
|
|
78
|
-
//
|
|
79
|
-
// export type AuthorizationResponse = {
|
|
80
|
-
// presentation_submission?: Record<string, any>
|
|
81
|
-
// vp_token?: VpToken
|
|
82
|
-
// }
|
|
83
|
-
//
|
|
84
|
-
// export type SingleObjectVpTokenPE = Record<string, any>
|
|
85
|
-
//
|
|
86
|
-
// export type SingleStringVpTokenPE = string
|
|
87
|
-
//
|
|
88
|
-
// export type MultipleVpTokens = Array<SingleObjectVpTokenPE> | Array<SingleStringVpTokenPE>
|
|
89
|
-
//
|
|
90
|
-
// export type MultipleVpTokenDCQL = {
|
|
91
|
-
// [key: string]: MultipleVpTokens
|
|
92
|
-
// }
|
|
93
|
-
//
|
|
94
|
-
// export type VpToken =
|
|
95
|
-
// | SingleObjectVpTokenPE
|
|
96
|
-
// | SingleStringVpTokenPE
|
|
97
|
-
// | MultipleVpTokens
|
|
98
|
-
// | MultipleVpTokenDCQL
|
|
@@ -1,18 +1,24 @@
|
|
|
1
|
+
import {
|
|
2
|
+
AuthorizationRequestStateStatus,
|
|
3
|
+
CreateAuthorizationRequest,
|
|
4
|
+
createAuthorizationRequestFromPayload,
|
|
5
|
+
CreateAuthorizationRequestPayloadSchema,
|
|
6
|
+
CreateAuthorizationResponsePayload,
|
|
7
|
+
} from '@sphereon/did-auth-siop'
|
|
1
8
|
import { checkAuth, ISingleEndpointOpts, sendErrorResponse } from '@sphereon/ssi-express-support'
|
|
2
9
|
import { uriWithBase } from '@sphereon/ssi-sdk.siopv2-oid4vp-common'
|
|
3
10
|
import { Request, Response, Router } from 'express'
|
|
4
11
|
import uuid from 'short-uuid'
|
|
5
12
|
import { validateData } from './middleware/validationMiddleware'
|
|
6
|
-
import { CreateAuthorizationRequestBodySchema } from './schemas'
|
|
7
13
|
import {
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
14
|
+
AuthStatusResponse,
|
|
15
|
+
CreateAuthorizationRequestPayloadRequest,
|
|
16
|
+
CreateAuthorizationResponsePayloadResponse,
|
|
11
17
|
DeleteAuthorizationRequest,
|
|
12
18
|
GetAuthorizationRequestStatus,
|
|
13
|
-
AuthStatusResponse,
|
|
14
19
|
ICreateAuthRequestWebappEndpointOpts,
|
|
15
|
-
IRequiredContext
|
|
20
|
+
IRequiredContext,
|
|
21
|
+
QRCodeOpts,
|
|
16
22
|
} from './types'
|
|
17
23
|
|
|
18
24
|
export function createAuthRequestUniversalOID4VPEndpoint(router: Router, context: IRequiredContext, opts?: ICreateAuthRequestWebappEndpointOpts) {
|
|
@@ -22,58 +28,68 @@ export function createAuthRequestUniversalOID4VPEndpoint(router: Router, context
|
|
|
22
28
|
}
|
|
23
29
|
|
|
24
30
|
const path = opts?.path ?? '/backend/auth/requests'
|
|
25
|
-
router.post(
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
31
|
+
router.post(
|
|
32
|
+
path,
|
|
33
|
+
checkAuth(opts?.endpoint),
|
|
34
|
+
validateData(CreateAuthorizationRequestPayloadSchema),
|
|
35
|
+
async (request: CreateAuthorizationRequestPayloadRequest, response: CreateAuthorizationResponsePayloadResponse) => {
|
|
36
|
+
try {
|
|
37
|
+
const authRequest: CreateAuthorizationRequest = createAuthorizationRequestFromPayload(request.body)
|
|
38
|
+
const correlationId = authRequest.correlationId ?? uuid.uuid()
|
|
39
|
+
const qrCodeOpts = authRequest.qrCode ? ({ ...authRequest.qrCode } satisfies QRCodeOpts) : opts?.qrCodeOpts
|
|
40
|
+
const queryId = authRequest.queryId
|
|
41
|
+
|
|
42
|
+
const definitionItems = await context.agent.pdmGetDefinitions({
|
|
43
|
+
filter: [
|
|
44
|
+
{ id: queryId }, // Allow both PK (unique queryId + version combi) or just plain queryId which assumes the latest version
|
|
45
|
+
{ queryId },
|
|
46
|
+
],
|
|
47
|
+
})
|
|
48
|
+
if (definitionItems.length === 0) {
|
|
36
49
|
console.log(`No query could be found for the given id. Query id: ${queryId}`)
|
|
37
50
|
return sendErrorResponse(response, 404, { status: 404, message: 'No query could be found' })
|
|
51
|
+
}
|
|
52
|
+
|
|
53
|
+
const requestByReferenceURI = uriWithBase(`/siop/queries/${queryId}/auth-requests/${correlationId}`, {
|
|
54
|
+
baseURI: authRequest.requestUriBase ?? opts?.siopBaseURI,
|
|
55
|
+
})
|
|
56
|
+
const responseURI = uriWithBase(`/siop/queries/${queryId}/auth-responses/${correlationId}`, { baseURI: opts?.siopBaseURI })
|
|
57
|
+
|
|
58
|
+
const authRequestURI = await context.agent.siopCreateAuthRequestURI({
|
|
59
|
+
queryId,
|
|
60
|
+
correlationId,
|
|
61
|
+
nonce: uuid.uuid(),
|
|
62
|
+
requestByReferenceURI,
|
|
63
|
+
responseURIType: 'response_uri',
|
|
64
|
+
responseURI,
|
|
65
|
+
...(authRequest.directPostResponseRedirectUri && { responseRedirectURI: authRequest.directPostResponseRedirectUri }),
|
|
66
|
+
...(authRequest.callback && { callback: authRequest.callback }),
|
|
67
|
+
})
|
|
68
|
+
|
|
69
|
+
let qrCodeDataUri: string | undefined
|
|
70
|
+
if (qrCodeOpts) {
|
|
71
|
+
const { AwesomeQR } = await import('awesome-qr')
|
|
72
|
+
const qrCode = new AwesomeQR({ ...qrCodeOpts, text: authRequestURI })
|
|
73
|
+
qrCodeDataUri = `data:image/png;base64,${(await qrCode.draw())!.toString('base64')}`
|
|
74
|
+
} else {
|
|
75
|
+
qrCodeDataUri = authRequestURI
|
|
76
|
+
}
|
|
77
|
+
|
|
78
|
+
const authRequestBody = {
|
|
79
|
+
query_id: queryId,
|
|
80
|
+
correlation_id: correlationId,
|
|
81
|
+
request_uri: authRequestURI,
|
|
82
|
+
status_uri: `${uriWithBase(opts?.webappAuthStatusPath ?? `/backend/auth/status/${correlationId}`, { baseURI: opts?.webappBaseURI })}`,
|
|
83
|
+
...(qrCodeDataUri && { qr_uri: qrCodeDataUri }),
|
|
84
|
+
} satisfies CreateAuthorizationResponsePayload
|
|
85
|
+
console.log(`Auth Request URI data to send back: ${JSON.stringify(authRequestBody)}`)
|
|
86
|
+
|
|
87
|
+
return response.status(201).json(authRequestBody)
|
|
88
|
+
} catch (error) {
|
|
89
|
+
return sendErrorResponse(response, 500, { status: 500, message: 'Could not create an authorization request URI' }, error)
|
|
38
90
|
}
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
baseURI: requestUriBase ?? opts?.siopBaseURI,
|
|
42
|
-
})
|
|
43
|
-
const responseURI = uriWithBase(`/siop/definitions/${queryId}/auth-responses/${correlationId}`, { baseURI: opts?.siopBaseURI })
|
|
44
|
-
|
|
45
|
-
const authRequestURI = await context.agent.siopCreateAuthRequestURI({
|
|
46
|
-
queryId,
|
|
47
|
-
correlationId,
|
|
48
|
-
nonce: uuid.uuid(),
|
|
49
|
-
requestByReferenceURI,
|
|
50
|
-
responseURIType: 'response_uri',
|
|
51
|
-
responseURI,
|
|
52
|
-
...(directPostResponseRedirectUri && { responseRedirectURI: directPostResponseRedirectUri }),
|
|
53
|
-
callback
|
|
54
|
-
})
|
|
55
|
-
|
|
56
|
-
let qrCodeDataUri: string | undefined
|
|
57
|
-
if (qrCodeOpts) {
|
|
58
|
-
const { AwesomeQR } = await import('awesome-qr')
|
|
59
|
-
const qrCode = new AwesomeQR({ ...qrCodeOpts, text: authRequestURI })
|
|
60
|
-
qrCodeDataUri = `data:image/png;base64,${(await qrCode.draw())!.toString('base64')}`
|
|
61
|
-
}
|
|
62
|
-
|
|
63
|
-
const authRequestBody = {
|
|
64
|
-
query_id: queryId,
|
|
65
|
-
correlation_id: correlationId,
|
|
66
|
-
request_uri: authRequestURI,
|
|
67
|
-
status_uri: `${uriWithBase(opts?.webappAuthStatusPath ?? `/backend/auth/status/${correlationId}`, { baseURI: opts?.webappBaseURI })}`,
|
|
68
|
-
...(qrCodeDataUri && { qr_uri: qrCodeDataUri }),
|
|
69
|
-
} satisfies CreateAuthorizationRequestResponse
|
|
70
|
-
console.log(`Auth Request URI data to send back: ${JSON.stringify(authRequestBody)}`)
|
|
71
|
-
|
|
72
|
-
return response.status(201).json(authRequestBody)
|
|
73
|
-
} catch (error) {
|
|
74
|
-
return sendErrorResponse(response, 500, { status: 500, message: 'Could not create an authorization request URI' }, error)
|
|
75
|
-
}
|
|
76
|
-
})
|
|
91
|
+
},
|
|
92
|
+
)
|
|
77
93
|
}
|
|
78
94
|
|
|
79
95
|
export function removeAuthRequestStateUniversalOID4VPEndpoint(router: Router, context: IRequiredContext, opts?: ISingleEndpointOpts) {
|
|
@@ -89,7 +105,7 @@ export function removeAuthRequestStateUniversalOID4VPEndpoint(router: Router, co
|
|
|
89
105
|
|
|
90
106
|
const authRequestState = await context.agent.siopGetAuthRequestState({
|
|
91
107
|
correlationId,
|
|
92
|
-
errorOnNotFound: false
|
|
108
|
+
errorOnNotFound: false,
|
|
93
109
|
})
|
|
94
110
|
if (!authRequestState) {
|
|
95
111
|
console.log(`No authorization request could be found for the given correlationId. correlationId: ${correlationId}`)
|
|
@@ -119,7 +135,7 @@ export function authStatusUniversalOID4VPEndpoint(router: Router, context: IRequ
|
|
|
119
135
|
|
|
120
136
|
const requestState = await context.agent.siopGetAuthRequestState({
|
|
121
137
|
correlationId,
|
|
122
|
-
errorOnNotFound: false
|
|
138
|
+
errorOnNotFound: false,
|
|
123
139
|
})
|
|
124
140
|
|
|
125
141
|
if (!requestState) {
|
|
@@ -128,8 +144,11 @@ export function authStatusUniversalOID4VPEndpoint(router: Router, context: IRequ
|
|
|
128
144
|
}
|
|
129
145
|
|
|
130
146
|
let responseState
|
|
131
|
-
if (requestState.status ===
|
|
132
|
-
responseState =
|
|
147
|
+
if (requestState.status === AuthorizationRequestStateStatus.RETRIEVED) {
|
|
148
|
+
responseState = await context.agent.siopGetAuthResponseState({
|
|
149
|
+
correlationId,
|
|
150
|
+
errorOnNotFound: false
|
|
151
|
+
})
|
|
133
152
|
}
|
|
134
153
|
const overallState = responseState ?? requestState
|
|
135
154
|
|
|
@@ -139,7 +158,6 @@ export function authStatusUniversalOID4VPEndpoint(router: Router, context: IRequ
|
|
|
139
158
|
query_id: overallState.queryId,
|
|
140
159
|
last_updated: overallState.lastUpdated,
|
|
141
160
|
...('verifiedData' in overallState && { verified_data: overallState.verifiedData }),
|
|
142
|
-
//...((responseState?.status === AuthorizationResponseStateStatus.VERIFIED && responseState.verifiedData !== undefined) && { verified_data: responseState.verifiedData }),
|
|
143
161
|
...(overallState.error && { message: overallState.error.message })
|
|
144
162
|
} satisfies AuthStatusResponse
|
|
145
163
|
console.debug(`Will send auth status: ${JSON.stringify(statusBody)}`)
|
package/src/schemas/index.ts
DELETED
|
@@ -1,42 +0,0 @@
|
|
|
1
|
-
import {
|
|
2
|
-
CallbackOptsSchema,
|
|
3
|
-
RequestUriMethod,
|
|
4
|
-
ResponseMode,
|
|
5
|
-
ResponseType
|
|
6
|
-
} from '@sphereon/did-auth-siop'
|
|
7
|
-
import { z } from 'zod'
|
|
8
|
-
|
|
9
|
-
export const ResponseTypeSchema = z.enum([ResponseType.VP_TOKEN]);
|
|
10
|
-
|
|
11
|
-
export const ResponseModeSchema = z.enum([ResponseMode.DIRECT_POST, ResponseMode.DIRECT_POST_JWT]);
|
|
12
|
-
|
|
13
|
-
const requestUriMethods = ['get', 'post'] as const satisfies Array<RequestUriMethod>;
|
|
14
|
-
export const RequestUriMethodSchema = z.enum(requestUriMethods);
|
|
15
|
-
|
|
16
|
-
export const QRCodeOptsSchema = z.object({
|
|
17
|
-
size: z.number().optional(),
|
|
18
|
-
color_dark: z.string().optional(),
|
|
19
|
-
color_light: z.string().optional(),
|
|
20
|
-
});
|
|
21
|
-
|
|
22
|
-
export const CreateAuthorizationRequestBodySchema = z.object({
|
|
23
|
-
query_id: z.string(),
|
|
24
|
-
client_id: z.string().optional(),
|
|
25
|
-
request_uri_base: z.string().optional(),
|
|
26
|
-
correlation_id: z.string().optional(),
|
|
27
|
-
request_uri_method: RequestUriMethodSchema.optional(),
|
|
28
|
-
response_type: ResponseTypeSchema.optional(),
|
|
29
|
-
response_mode: ResponseModeSchema.optional(),
|
|
30
|
-
transaction_data: z.array(z.string()).optional(),
|
|
31
|
-
qr_code: QRCodeOptsSchema.optional(),
|
|
32
|
-
direct_post_response_redirect_uri: z.string().optional(),
|
|
33
|
-
callback: CallbackOptsSchema.optional(),
|
|
34
|
-
});
|
|
35
|
-
|
|
36
|
-
export const CreateAuthorizationResponseSchema = z.object({
|
|
37
|
-
correlation_id: z.string(),
|
|
38
|
-
query_id: z.string(),
|
|
39
|
-
request_uri: z.string(),
|
|
40
|
-
status_uri: z.string(),
|
|
41
|
-
qr_uri: z.string().optional(),
|
|
42
|
-
});
|