@sphereon/ssi-sdk.w3c-vc-api 0.13.1-next.32 → 0.13.1-next.33

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/README.md CHANGED
@@ -2,51 +2,199 @@
2
2
  <h1 align="center">
3
3
  <br>
4
4
  <a href="https://www.sphereon.com"><img src="https://sphereon.com/content/themes/sphereon/assets/img/logo.svg" alt="Sphereon" width="400"></a>
5
- <br>SIOPv2 and OpenID4VP Relying Party REST endpoints
5
+ <br>W3C VC API
6
6
  <br>
7
7
  </h1>
8
8
 
9
9
  ---
10
10
 
11
- **Warning: This package still is in very early development. Breaking changes without notice will happen at this point!**
11
+ **Warning: This package is in early development. Breaking changes without notice will happen at this point!**
12
12
 
13
13
  ---
14
14
 
15
- An authentication plugin using the [Self Issued OpenID Provider v2 (SIOP)](https://github.com/Sphereon-Opensource/did-auth-siop) authentication library for having Relying Parties conforming to
16
- the [Self Issued OpenID Provider v2 (SIOPv2)](https://openid.net/specs/openid-connect-self-issued-v2-1_0.html)
17
- and [OpenID Connect for Verifiable Presentations (OIDC4VP)](https://openid.net/specs/openid-connect-4-verifiable-presentations-1_0.html)
18
- as specified in the OpenID Connect working group.
15
+ This module provides a W3C Verifiable Credential API, to allow issuance and verification of VCs and VPs.
19
16
 
20
- ## Self Issued OpenID Provider v2 (SIOPv2)
17
+ # VC API
21
18
 
22
- For more information about [Self Issued OpenID Provider v2 (SIOP)](https://github.com/Sphereon-Opensource/did-auth-siop#introduction), see the documentation in the readme.
19
+ For more information about the W3C VC API visit
20
+ the [W3C VC API Github](https://w3c-ccg.github.io/vc-api/).
21
+ This module allows you to issue, persist, retrieve and verify Verifiable Credentials (other endpoints are not supported yet)
23
22
 
24
- ## Requirements
23
+ There are 3 modes of resolution, controlled by a query parameter, when calling the resolution endpoint. You can also set
24
+ a default mode when no query parameter is being used.
25
+
26
+ The modes are:
27
+
28
+ - **local**: Only DIDs managed by the agent can be resolved. DID:web and it's keys are translated to DID documents
29
+ - **global**: Resolves DIDs by using the supported resolvers of the agent, allowing external DID resolution
30
+ - **hybrid** (default): Tries to resolve locally first. If not found it will fallback to the global mode
31
+
32
+ ### Issuance example
33
+
34
+ The below example resolves the provided did:web DID using external resolution by looking up the domain from the provided
35
+ host at https://ddip.sphereon.com.
36
+
37
+ ```shell
38
+ curl -X POST\
39
+ -H "Accept: application/json"\
40
+ "https://agent/credentials/issue"
41
+ -d '<json body below>'
42
+ ```
43
+ Body:
44
+ ```json
45
+ {
46
+ "verifiableCredential": {
47
+ "@context": [
48
+ "https://www.w3.org/2018/credentials/v1"
49
+ ],
50
+ "id": "https://example.com/8790171",
51
+ "type": [
52
+ "VerifiableCredential",
53
+ "GS1CompanyPrefixLicenseCredential"
54
+ ],
55
+ "issuer": "did:web:example.com",
56
+ "issuanceDate": "2023-06-22T00:00:00.000Z",
57
+ "validUntil": "2024-06-22T00:00:00.000Z",
58
+ "credentialSubject": {
59
+ "id": "did:web:subject.example.com",
60
+ "example": "value"
61
+ },
62
+ "proof": {
63
+ "type": "JsonWebSignature2020",
64
+ "created": "2023-06-29T22:20:27.000Z",
65
+ "proofPurpose": "assertionMethod",
66
+ "verificationMethod": "did:web:example.com#key-1",
67
+ "jws": "ey......."
68
+ }
69
+ }
70
+ }
71
+ ```
72
+
73
+ ```json
74
+ {
75
+
76
+ }
77
+ ```
25
78
 
26
- For this plugin a DID resolver is also required. A DID resolver can be added to the agent as plugin as seen in the example below.
27
79
 
28
- ## Available functions
80
+ ## Configure API
29
81
 
30
- ## Usage
82
+ You can configure and build the API in multiple ways. This module also exposes functions for every endpoint, so you are
83
+ able to create your own Express router and then use functions to enable certain endpoints in your solution. The more
84
+ easy route is to use the `VcApiServer` class. This class has configuration support, allowing to enable/disable
85
+ certain features, like for instance whether VCs can be created, persisted, and/or verified.
31
86
 
32
- ### Adding the plugin to an agent:
87
+ Note: You can have multiple instances of the VcApiServer, as long as you make sure that the basePaths differs
88
+ for each instance and that the same express is being used.
33
89
 
34
90
  ```typescript
35
- import { IDidAuthSiopOpAuthenticator } from '@sphereon/ssi-sdk-did-auth-siop-authenticator'
36
- import { Resolver } from 'did-resolver'
37
- import { getDidKeyResolver } from '@veramo/did-provider-key'
38
- import { DIDResolverPlugin } from '@veramo/did-resolver'
39
- import { getUniResolver } from '@sphereon/did-uni-client'
91
+ // agent is a configured SSI-SDK/Veramo agent (see below for an example)
92
+
93
+ // Let's first build express to listen on port 5000
94
+ const expressBuilder = ExpressBuilder.fromServerOpts({
95
+ port: 5000,
96
+ hostname: '0.0.0.0',
97
+ }).withPassportAuth(false)
98
+ const expressArgs = expressBuilder.build({ startListening: true })
99
+
100
+ // Now create the VC PI, with VC issuance, persistence and verification enabled and authentication disabled
101
+ new VcApiServer({
102
+ opts: {
103
+ endpointOpts: {
104
+ globalAuth: {
105
+ authentication: {
106
+ enabled: false,
107
+ },
108
+ },
109
+ },
110
+ issueCredentialOpts: {
111
+ enableFeatures: ['vc-issue', 'vc-persist', 'vc-verify'],
112
+ proofFormat: 'lds', // Issue JSON-LD VCs, can also be changed to `jwt`
113
+ fetchRemoteContexts: true, // Whether to allow fetching remote contexts, mainly used when verifying VCs
114
+ keyRef: '89a4661e446b46401325a38d3b20582d1dd277eb448a3181012a671b7ae15837', // The key to use when signing VCs
115
+ },
116
+ },
117
+ expressArgs,
118
+ agent,
119
+ })
120
+ // At this point you can execute the example above, as the VC API is now listening on port 5000
121
+ ```
122
+
123
+ ## Requirements
124
+
125
+ For this plugin a DID resolver is also required. A DID resolver can be added to the agent as plugin as seen in the
126
+ example below. You can find resolvers in the Veramo project and our
127
+ [SSI-SDK-crypto-extensions](https://github.com/Sphereon-Opensource/SSI-SDK-crypto-extensions.git)
128
+
129
+ ### Agent setup
40
130
 
41
- const agent = createAgent<IDidAuthSiopOpAuthenticator & IResolver>({
131
+ ```typescript
132
+ export const resolver = new Resolver({
133
+ ...getDidWebResolver(),
134
+ ...getDidKeyResolver(),
135
+ ...getDidJwkResolver(),
136
+ ...getDidIonResolver(),
137
+ })
138
+
139
+ export const didProviders = {
140
+ [`did:web`]: new WebDIDProvider({
141
+ defaultKms: 'local',
142
+ }),
143
+ [`did:key`]: new KeyDIDProvider({
144
+ defaultKms: 'local',
145
+ }),
146
+ [`did:ion`]: new IonDIDProvider({
147
+ defaultKms: 'local',
148
+ }),
149
+ [`did:jwk`]: new JwkDIDProvider({
150
+ defaultKms: 'local',
151
+ }),
152
+ }
153
+
154
+ const agent = createAgent<
155
+ IDIDManager &
156
+ IKeyManager &
157
+ IDataStore &
158
+ IDataStoreORM &
159
+ IResolver &
160
+ IPresentationExchange &
161
+ ICredentialVerifier &
162
+ ICredentialHandlerLDLocal &
163
+ ICredentialPlugin
164
+ >({
42
165
  plugins: [
43
- new DidAuthSiopOpAuthenticator(),
166
+ new DataStore(dbConnection),
167
+ new DataStoreORM(dbConnection),
168
+ new KeyManager({
169
+ store: new KeyStore(dbConnection),
170
+ kms: {
171
+ local: new KeyManagementSystem(privateKeyStore),
172
+ },
173
+ }),
174
+ new DIDManager({
175
+ store: new DIDStore(dbConnection),
176
+ defaultProvider: `${DID_PREFIX}:${SupportedDidMethodEnum.DID_JWK}`,
177
+ providers: didProviders,
178
+ }),
44
179
  new DIDResolverPlugin({
45
- resolver: new Resolver({
46
- ...getDidKeyResolver(),
47
- ...getUniResolver('web'),
48
- ...getUniResolver('jwk'),
49
- }),
180
+ resolver,
181
+ }),
182
+ new PresentationExchange(),
183
+ new CredentialPlugin(),
184
+ new CredentialHandlerLDLocal({
185
+ contextMaps: [LdDefaultContexts],
186
+ suites: [
187
+ new SphereonEd25519Signature2018(),
188
+ new SphereonEd25519Signature2020(),
189
+ new SphereonBbsBlsSignature2020(),
190
+ new SphereonJsonWebSignature2020(),
191
+ new SphereonEcdsaSecp256k1RecoverySignature2020(),
192
+ ],
193
+ bindingOverrides: new Map([
194
+ ['createVerifiableCredentialLD', MethodNames.createVerifiableCredentialLDLocal],
195
+ ['createVerifiablePresentationLD', MethodNames.createVerifiablePresentationLDLocal],
196
+ ]),
197
+ keyStore: privateKeyStore,
50
198
  }),
51
199
  ],
52
200
  })
@@ -55,11 +203,11 @@ const agent = createAgent<IDidAuthSiopOpAuthenticator & IResolver>({
55
203
  ## Installation
56
204
 
57
205
  ```shell
58
- yarn add @sphereon/ssi-sdk-siopv2-openid4vp-rp
206
+ pnpm add @sphereon/ssi-sdk.w3c-vc-api
59
207
  ```
60
208
 
61
209
  ## Build
62
210
 
63
211
  ```shell
64
- yarn build
212
+ pnpm build
65
213
  ```
package/dist/types.d.ts CHANGED
@@ -3,11 +3,8 @@ import { IAgentContext, ICredentialIssuer, ICredentialPlugin, ICredentialVerifie
3
3
  import { ProofFormat } from '@veramo/core/src/types/ICredentialIssuer';
4
4
  export type IRequiredPlugins = IDataStore & IDataStoreORM & IDIDManager & IKeyManager & ICredentialIssuer & ICredentialVerifier & ICredentialPlugin & IResolver;
5
5
  export type IRequiredContext = IAgentContext<IRequiredPlugins>;
6
- interface IVCAPISecurityOpts {
7
- }
8
6
  export interface IVCAPIOpts {
9
7
  endpointOpts?: IVCAPIEndpointOpts;
10
- securityOpts?: IVCAPISecurityOpts;
11
8
  issueCredentialOpts?: IVCAPIIssueOpts;
12
9
  }
13
10
  export interface IVCAPIEndpointOpts {
@@ -66,5 +63,4 @@ export interface ChallengeOptsPayload {
66
63
  challenge?: string;
67
64
  domain?: string;
68
65
  }
69
- export {};
70
66
  //# sourceMappingURL=types.d.ts.map
@@ -1 +1 @@
1
- {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,mBAAmB,EAAE,MAAM,mCAAmC,CAAA;AACxF,OAAO,EACL,aAAa,EACb,iBAAiB,EACjB,iBAAiB,EACjB,mBAAmB,EACnB,UAAU,EACV,aAAa,EACb,WAAW,EACX,WAAW,EACX,SAAS,EACV,MAAM,cAAc,CAAA;AACrB,OAAO,EAAE,WAAW,EAAE,MAAM,0CAA0C,CAAA;AAEtE,MAAM,MAAM,gBAAgB,GAAG,UAAU,GACvC,aAAa,GACb,WAAW,GACX,WAAW,GACX,iBAAiB,GACjB,mBAAmB,GACnB,iBAAiB,GACjB,SAAS,CAAA;AACX,MAAM,MAAM,gBAAgB,GAAG,aAAa,CAAC,gBAAgB,CAAC,CAAA;AAE9D,UAAU,kBAAkB;CAAG;AAE/B,MAAM,WAAW,UAAU;IACzB,YAAY,CAAC,EAAE,kBAAkB,CAAA;IACjC,YAAY,CAAC,EAAE,kBAAkB,CAAA;IACjC,mBAAmB,CAAC,EAAE,eAAe,CAAA;CACtC;AAED,MAAM,WAAW,kBAAkB;IACjC,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,UAAU,CAAC,EAAE,eAAe,CAAA;IAC5B,eAAe,CAAC,EAAE,4BAA4B,CAAA;IAC9C,cAAc,CAAC,EAAE,mBAAmB,CAAA;IACpC,aAAa,CAAC,EAAE,mBAAmB,CAAA;IACnC,gBAAgB,CAAC,EAAE,mBAAmB,CAAA;IACtC,gBAAgB,CAAC,EAAE,6BAA6B,CAAA;IAChD,kBAAkB,CAAC,EAAE,mBAAmB,CAAA;CACzC;AAED,MAAM,MAAM,aAAa,GAAG,WAAW,GAAG,UAAU,GAAG,YAAY,CAAA;AAEnE,MAAM,WAAW,eAAe;IAC9B,cAAc,CAAC,EAAE,aAAa,EAAE,CAAA;IAChC,wBAAwB,CAAC,EAAE,OAAO,CAAA;IAElC;;OAEG;IACH,WAAW,EAAE,WAAW,CAAA;IAExB;;;OAGG;IACH,oBAAoB,CAAC,EAAE,OAAO,CAAA;IAE9B;;;OAGG;IACH,MAAM,CAAC,EAAE,MAAM,CAAA;IAEf;;;;;;OAMG;IACH,mBAAmB,CAAC,EAAE,OAAO,CAAA;CAC9B;AAED,MAAM,WAAW,4BAA6B,SAAQ,mBAAmB;IACvE,mBAAmB,CAAC,EAAE,eAAe,CAAA;IACrC,wBAAwB,CAAC,EAAE,OAAO,CAAA;CACnC;AAED,MAAM,WAAW,6BAA8B,SAAQ,mBAAmB;IACxE,mBAAmB,CAAC,EAAE,OAAO,CAAA;CAC9B;AAED,MAAM,WAAW,oBAAoB;IACnC,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,gBAAgB,CAAC,EAAE;QACjB,IAAI,EAAE,MAAM,CAAA;KACb,CAAA;CACF;AAED,MAAM,WAAW,oBAAoB;IACnC,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,MAAM,CAAC,EAAE,MAAM,CAAA;CAChB"}
1
+ {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,mBAAmB,EAAE,MAAM,mCAAmC,CAAA;AACxF,OAAO,EACL,aAAa,EACb,iBAAiB,EACjB,iBAAiB,EACjB,mBAAmB,EACnB,UAAU,EACV,aAAa,EACb,WAAW,EACX,WAAW,EACX,SAAS,EACV,MAAM,cAAc,CAAA;AACrB,OAAO,EAAE,WAAW,EAAE,MAAM,0CAA0C,CAAA;AAEtE,MAAM,MAAM,gBAAgB,GAAG,UAAU,GACvC,aAAa,GACb,WAAW,GACX,WAAW,GACX,iBAAiB,GACjB,mBAAmB,GACnB,iBAAiB,GACjB,SAAS,CAAA;AACX,MAAM,MAAM,gBAAgB,GAAG,aAAa,CAAC,gBAAgB,CAAC,CAAA;AAI9D,MAAM,WAAW,UAAU;IACzB,YAAY,CAAC,EAAE,kBAAkB,CAAA;IAEjC,mBAAmB,CAAC,EAAE,eAAe,CAAA;CACtC;AAED,MAAM,WAAW,kBAAkB;IACjC,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,UAAU,CAAC,EAAE,eAAe,CAAA;IAC5B,eAAe,CAAC,EAAE,4BAA4B,CAAA;IAC9C,cAAc,CAAC,EAAE,mBAAmB,CAAA;IACpC,aAAa,CAAC,EAAE,mBAAmB,CAAA;IACnC,gBAAgB,CAAC,EAAE,mBAAmB,CAAA;IACtC,gBAAgB,CAAC,EAAE,6BAA6B,CAAA;IAChD,kBAAkB,CAAC,EAAE,mBAAmB,CAAA;CACzC;AAED,MAAM,MAAM,aAAa,GAAG,WAAW,GAAG,UAAU,GAAG,YAAY,CAAA;AAEnE,MAAM,WAAW,eAAe;IAC9B,cAAc,CAAC,EAAE,aAAa,EAAE,CAAA;IAChC,wBAAwB,CAAC,EAAE,OAAO,CAAA;IAElC;;OAEG;IACH,WAAW,EAAE,WAAW,CAAA;IAExB;;;OAGG;IACH,oBAAoB,CAAC,EAAE,OAAO,CAAA;IAE9B;;;OAGG;IACH,MAAM,CAAC,EAAE,MAAM,CAAA;IAEf;;;;;;OAMG;IACH,mBAAmB,CAAC,EAAE,OAAO,CAAA;CAC9B;AAED,MAAM,WAAW,4BAA6B,SAAQ,mBAAmB;IACvE,mBAAmB,CAAC,EAAE,eAAe,CAAA;IACrC,wBAAwB,CAAC,EAAE,OAAO,CAAA;CACnC;AAED,MAAM,WAAW,6BAA8B,SAAQ,mBAAmB;IACxE,mBAAmB,CAAC,EAAE,OAAO,CAAA;CAC9B;AAED,MAAM,WAAW,oBAAoB;IACnC,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,gBAAgB,CAAC,EAAE;QACjB,IAAI,EAAE,MAAM,CAAA;KACb,CAAA;CACF;AAED,MAAM,WAAW,oBAAoB;IACnC,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,MAAM,CAAC,EAAE,MAAM,CAAA;CAChB"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@sphereon/ssi-sdk.w3c-vc-api",
3
- "version": "0.13.1-next.32+ba897de",
3
+ "version": "0.13.1-next.33+a7cf5cd",
4
4
  "source": "src/index.ts",
5
5
  "main": "dist/index.js",
6
6
  "types": "dist/index.d.ts",
@@ -12,11 +12,11 @@
12
12
  },
13
13
  "dependencies": {
14
14
  "@sphereon/did-auth-siop": "0.3.2-unstable.7",
15
- "@sphereon/ssi-sdk.core": "0.13.1-next.32+ba897de",
16
- "@sphereon/ssi-sdk.express-support": "0.13.1-next.32+ba897de",
17
- "@sphereon/ssi-sdk.kv-store-temp": "0.13.1-next.32+ba897de",
18
- "@sphereon/ssi-sdk.presentation-exchange": "0.13.1-next.32+ba897de",
19
- "@sphereon/ssi-types": "0.13.1-next.32+ba897de",
15
+ "@sphereon/ssi-sdk.core": "0.13.1-next.33+a7cf5cd",
16
+ "@sphereon/ssi-sdk.express-support": "0.13.1-next.33+a7cf5cd",
17
+ "@sphereon/ssi-sdk.kv-store-temp": "0.13.1-next.33+a7cf5cd",
18
+ "@sphereon/ssi-sdk.presentation-exchange": "0.13.1-next.33+a7cf5cd",
19
+ "@sphereon/ssi-types": "0.13.1-next.33+a7cf5cd",
20
20
  "@types/uuid": "^9.0.1",
21
21
  "@veramo/core": "4.2.0",
22
22
  "@veramo/credential-w3c": "4.2.0",
@@ -32,10 +32,10 @@
32
32
  },
33
33
  "devDependencies": {
34
34
  "@sphereon/did-uni-client": "^0.6.0",
35
- "@sphereon/ssi-sdk-ext.did-provider-jwk": "0.12.2-next.12",
36
- "@sphereon/ssi-sdk-ext.did-resolver-jwk": "0.12.2-next.12",
37
- "@sphereon/ssi-sdk.data-store": "0.13.1-next.32+ba897de",
38
- "@sphereon/ssi-sdk.vc-handler-ld-local": "0.13.1-next.32+ba897de",
35
+ "@sphereon/ssi-sdk-ext.did-provider-jwk": "0.13.0",
36
+ "@sphereon/ssi-sdk-ext.did-resolver-jwk": "0.13.0",
37
+ "@sphereon/ssi-sdk.data-store": "0.13.1-next.33+a7cf5cd",
38
+ "@sphereon/ssi-sdk.vc-handler-ld-local": "0.13.1-next.33+a7cf5cd",
39
39
  "@types/body-parser": "^1.19.2",
40
40
  "@types/cookie-parser": "^1.4.3",
41
41
  "@types/cors": "^2.8.13",
@@ -86,5 +86,5 @@
86
86
  "W3C",
87
87
  "VC API"
88
88
  ],
89
- "gitHead": "ba897ded1b092dd7d21634cfb0de396a59d2e0d5"
89
+ "gitHead": "a7cf5cd23f39321ecb7c35589723a5d23114d460"
90
90
  }
package/src/types.ts CHANGED
@@ -22,11 +22,11 @@ export type IRequiredPlugins = IDataStore &
22
22
  IResolver
23
23
  export type IRequiredContext = IAgentContext<IRequiredPlugins>
24
24
 
25
- interface IVCAPISecurityOpts {}
25
+ // interface IVCAPISecurityOpts {}
26
26
 
27
27
  export interface IVCAPIOpts {
28
28
  endpointOpts?: IVCAPIEndpointOpts
29
- securityOpts?: IVCAPISecurityOpts
29
+ // securityOpts?: IVCAPISecurityOpts
30
30
  issueCredentialOpts?: IVCAPIIssueOpts
31
31
  }
32
32