@twin.org/identity-connector-entity-storage 0.0.1-next.19 → 0.0.1-next.21

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -36,19 +36,19 @@ exports.IdentityDocument = class IdentityDocument {
36
36
  __decorate([
37
37
  entity.property({ type: "string", isPrimary: true }),
38
38
  __metadata("design:type", String)
39
- ], exports.IdentityDocument.prototype, "id", void 0);
39
+ ], exports.IdentityDocument.prototype, "id", undefined);
40
40
  __decorate([
41
41
  entity.property({ type: "object" }),
42
42
  __metadata("design:type", Object)
43
- ], exports.IdentityDocument.prototype, "document", void 0);
43
+ ], exports.IdentityDocument.prototype, "document", undefined);
44
44
  __decorate([
45
45
  entity.property({ type: "string" }),
46
46
  __metadata("design:type", String)
47
- ], exports.IdentityDocument.prototype, "signature", void 0);
47
+ ], exports.IdentityDocument.prototype, "signature", undefined);
48
48
  __decorate([
49
49
  entity.property({ type: "string" }),
50
50
  __metadata("design:type", String)
51
- ], exports.IdentityDocument.prototype, "controller", void 0);
51
+ ], exports.IdentityDocument.prototype, "controller", undefined);
52
52
  exports.IdentityDocument = __decorate([
53
53
  entity.entity()
54
54
  ], exports.IdentityDocument);
@@ -75,15 +75,15 @@ exports.IdentityProfile = class IdentityProfile {
75
75
  __decorate([
76
76
  entity.property({ type: "string", isPrimary: true }),
77
77
  __metadata("design:type", String)
78
- ], exports.IdentityProfile.prototype, "identity", void 0);
78
+ ], exports.IdentityProfile.prototype, "identity", undefined);
79
79
  __decorate([
80
80
  entity.property({ type: "object" }),
81
81
  __metadata("design:type", Object)
82
- ], exports.IdentityProfile.prototype, "publicProfile", void 0);
82
+ ], exports.IdentityProfile.prototype, "publicProfile", undefined);
83
83
  __decorate([
84
84
  entity.property({ type: "object" }),
85
85
  __metadata("design:type", Object)
86
- ], exports.IdentityProfile.prototype, "privateProfile", void 0);
86
+ ], exports.IdentityProfile.prototype, "privateProfile", undefined);
87
87
  exports.IdentityProfile = __decorate([
88
88
  entity.entity()
89
89
  ], exports.IdentityProfile);
@@ -119,14 +119,34 @@ class EntityStorageIdentityConnector {
119
119
  _vaultConnector;
120
120
  /**
121
121
  * Create a new instance of EntityStorageIdentityConnector.
122
- * @param options The dependencies for the identity connector.
123
- * @param options.didDocumentEntityStorageType The entity storage for the did documents, defaults to "identity-document".
124
- * @param options.vaultConnectorType The vault for the private keys, defaults to "vault".
122
+ * @param options The options for the identity connector.
125
123
  */
126
124
  constructor(options) {
127
125
  this._didDocumentEntityStorage = entityStorageModels.EntityStorageConnectorFactory.get(options?.didDocumentEntityStorageType ?? "identity-document");
128
126
  this._vaultConnector = vaultModels.VaultConnectorFactory.get(options?.vaultConnectorType ?? "vault");
129
127
  }
128
+ /**
129
+ * Build the key name to access the specified key in the vault.
130
+ * @param identity The identity of the user to access the vault keys.
131
+ * @returns The vault key.
132
+ * @internal
133
+ */
134
+ static buildVaultKey(identity, key) {
135
+ return `${identity}/${key}`;
136
+ }
137
+ /**
138
+ * Verify the document in storage.
139
+ * @param didDocument The did document that was stored.
140
+ * @internal
141
+ */
142
+ static async verifyDocument(didDocument, vaultConnector) {
143
+ const stringifiedDocument = core.JsonHelper.canonicalize(didDocument.document);
144
+ const docBytes = core.Converter.utf8ToBytes(stringifiedDocument);
145
+ const verified = await vaultConnector.verify(EntityStorageIdentityConnector.buildVaultKey(didDocument.id, "did"), docBytes, core.Converter.base64ToBytes(didDocument.signature));
146
+ if (!verified) {
147
+ throw new core.GeneralError("EntityStorageIdentityResolverConnector", "signatureVerificationFailed");
148
+ }
149
+ }
130
150
  /**
131
151
  * Create a new document.
132
152
  * @param controller The controller of the identity who can make changes.
@@ -136,7 +156,7 @@ class EntityStorageIdentityConnector {
136
156
  core.Guards.stringValue(this.CLASS_NAME, "controller", controller);
137
157
  try {
138
158
  const did = `did:${EntityStorageIdentityConnector.NAMESPACE}:${core.Converter.bytesToHex(core.RandomHelper.generate(32), true)}`;
139
- await this._vaultConnector.createKey(this.buildVaultKey(did, "did"), vaultModels.VaultKeyType.Ed25519);
159
+ await this._vaultConnector.createKey(EntityStorageIdentityConnector.buildVaultKey(did, "did"), vaultModels.VaultKeyType.Ed25519);
140
160
  const bitString = new core.BitString(EntityStorageIdentityConnector._REVOCATION_BITS_SIZE);
141
161
  const compressed = await core.Compression.compress(bitString.getBits(), core.CompressionType.Gzip);
142
162
  const didDocument = {
@@ -156,26 +176,6 @@ class EntityStorageIdentityConnector {
156
176
  throw new core.GeneralError(this.CLASS_NAME, "createDocumentFailed", undefined, error);
157
177
  }
158
178
  }
159
- /**
160
- * Resolve a document from its id.
161
- * @param documentId The id of the document to resolve.
162
- * @returns The resolved document.
163
- * @throws NotFoundError if the id can not be resolved.
164
- */
165
- async resolveDocument(documentId) {
166
- core.Guards.stringValue(this.CLASS_NAME, "documentId", documentId);
167
- try {
168
- const didIdentityDocument = await this._didDocumentEntityStorage.get(documentId);
169
- if (core.Is.undefined(didIdentityDocument)) {
170
- throw new core.NotFoundError(this.CLASS_NAME, "documentNotFound", documentId);
171
- }
172
- await this.verifyDocument(didIdentityDocument);
173
- return didIdentityDocument.document;
174
- }
175
- catch (error) {
176
- throw new core.GeneralError(this.CLASS_NAME, "resolveDocumentFailed", undefined, error);
177
- }
178
- }
179
179
  /**
180
180
  * Add a verification method to the document in JSON Web key Format.
181
181
  * @param controller The controller of the identity who can make changes.
@@ -195,10 +195,10 @@ class EntityStorageIdentityConnector {
195
195
  if (core.Is.undefined(didIdentityDocument)) {
196
196
  throw new core.NotFoundError(this.CLASS_NAME, "documentNotFound", documentId);
197
197
  }
198
- await this.verifyDocument(didIdentityDocument);
198
+ await EntityStorageIdentityConnector.verifyDocument(didIdentityDocument, this._vaultConnector);
199
199
  const didDocument = didIdentityDocument.document;
200
200
  const tempKeyId = `temp-vm-${core.Converter.bytesToBase64Url(core.RandomHelper.generate(16))}`;
201
- const verificationPublicKey = await this._vaultConnector.createKey(this.buildVaultKey(didDocument.id, tempKeyId), vaultModels.VaultKeyType.Ed25519);
201
+ const verificationPublicKey = await this._vaultConnector.createKey(EntityStorageIdentityConnector.buildVaultKey(didDocument.id, tempKeyId), vaultModels.VaultKeyType.Ed25519);
202
202
  const jwkParams = {
203
203
  alg: "EdDSA",
204
204
  kty: "OKP",
@@ -207,7 +207,7 @@ class EntityStorageIdentityConnector {
207
207
  };
208
208
  const kid = core.Converter.bytesToBase64Url(crypto.Sha256.sum256(core.Converter.utf8ToBytes(JSON.stringify(jwkParams))));
209
209
  const methodId = `${documentId}#${verificationMethodId ?? kid}`;
210
- await this._vaultConnector.renameKey(this.buildVaultKey(didDocument.id, tempKeyId), this.buildVaultKey(didDocument.id, verificationMethodId ?? kid));
210
+ await this._vaultConnector.renameKey(EntityStorageIdentityConnector.buildVaultKey(didDocument.id, tempKeyId), EntityStorageIdentityConnector.buildVaultKey(didDocument.id, verificationMethodId ?? kid));
211
211
  const methods = this.getAllMethods(didDocument);
212
212
  const existingMethodIndex = methods.findIndex(m => {
213
213
  if (core.Is.string(m.method)) {
@@ -259,7 +259,7 @@ class EntityStorageIdentityConnector {
259
259
  if (core.Is.undefined(didIdentityDocument)) {
260
260
  throw new core.NotFoundError(this.CLASS_NAME, "documentNotFound", idParts.id);
261
261
  }
262
- await this.verifyDocument(didIdentityDocument);
262
+ await EntityStorageIdentityConnector.verifyDocument(didIdentityDocument, this._vaultConnector);
263
263
  const didDocument = didIdentityDocument.document;
264
264
  const methods = this.getAllMethods(didDocument);
265
265
  const existingMethodIndex = methods.findIndex(m => {
@@ -307,7 +307,7 @@ class EntityStorageIdentityConnector {
307
307
  if (core.Is.undefined(didIdentityDocument)) {
308
308
  throw new core.NotFoundError(this.CLASS_NAME, "documentNotFound", documentId);
309
309
  }
310
- await this.verifyDocument(didIdentityDocument);
310
+ await EntityStorageIdentityConnector.verifyDocument(didIdentityDocument, this._vaultConnector);
311
311
  const didDocument = didIdentityDocument.document;
312
312
  const fullServiceId = serviceId.includes("#") ? serviceId : `${documentId}#${serviceId}`;
313
313
  if (core.Is.array(didDocument.service)) {
@@ -349,7 +349,7 @@ class EntityStorageIdentityConnector {
349
349
  if (core.Is.undefined(didIdentityDocument)) {
350
350
  throw new core.NotFoundError(this.CLASS_NAME, "documentNotFound", idParts.id);
351
351
  }
352
- await this.verifyDocument(didIdentityDocument);
352
+ await EntityStorageIdentityConnector.verifyDocument(didIdentityDocument, this._vaultConnector);
353
353
  const didDocument = didIdentityDocument.document;
354
354
  if (core.Is.array(didDocument.service)) {
355
355
  const existingServiceIndex = didDocument.service.findIndex(s => s.id === serviceId);
@@ -395,7 +395,7 @@ class EntityStorageIdentityConnector {
395
395
  if (core.Is.undefined(issuerIdentityDocument)) {
396
396
  throw new core.NotFoundError(this.CLASS_NAME, "documentNotFound", idParts.id);
397
397
  }
398
- await this.verifyDocument(issuerIdentityDocument);
398
+ await EntityStorageIdentityConnector.verifyDocument(issuerIdentityDocument, this._vaultConnector);
399
399
  const issuerDidDocument = issuerIdentityDocument.document;
400
400
  const methods = this.getAllMethods(issuerDidDocument);
401
401
  const methodAndArray = methods.find(m => {
@@ -467,7 +467,7 @@ class EntityStorageIdentityConnector {
467
467
  vc: jwtVc
468
468
  };
469
469
  const signature = await web.Jwt.encodeWithSigner(jwtHeader, jwtPayload, async (alg, key, payload) => {
470
- const sig = await this._vaultConnector.sign(this.buildVaultKey(idParts.id, idParts.hash ?? ""), payload);
470
+ const sig = await this._vaultConnector.sign(EntityStorageIdentityConnector.buildVaultKey(idParts.id, idParts.hash ?? ""), payload);
471
471
  return sig;
472
472
  });
473
473
  return {
@@ -502,7 +502,7 @@ class EntityStorageIdentityConnector {
502
502
  if (core.Is.undefined(issuerIdentityDocument)) {
503
503
  throw new core.NotFoundError(this.CLASS_NAME, "documentNotFound", issuerDocumentId);
504
504
  }
505
- await this.verifyDocument(issuerIdentityDocument);
505
+ await EntityStorageIdentityConnector.verifyDocument(issuerIdentityDocument, this._vaultConnector);
506
506
  const issuerDidDocument = issuerIdentityDocument.document;
507
507
  const methods = this.getAllMethods(issuerDidDocument);
508
508
  const methodAndArray = methods.find(m => {
@@ -567,7 +567,7 @@ class EntityStorageIdentityConnector {
567
567
  if (core.Is.undefined(issuerIdentityDocument)) {
568
568
  throw new core.NotFoundError(this.CLASS_NAME, "documentNotFound", issuerDocumentId);
569
569
  }
570
- await this.verifyDocument(issuerIdentityDocument);
570
+ await EntityStorageIdentityConnector.verifyDocument(issuerIdentityDocument, this._vaultConnector);
571
571
  const issuerDidDocument = issuerIdentityDocument.document;
572
572
  const revocationService = issuerDidDocument.service?.find(s => s.id.endsWith("#revocation"));
573
573
  if (revocationService &&
@@ -607,7 +607,7 @@ class EntityStorageIdentityConnector {
607
607
  if (core.Is.undefined(issuerIdentityDocument)) {
608
608
  throw new core.NotFoundError(this.CLASS_NAME, "documentNotFound", issuerDocumentId);
609
609
  }
610
- await this.verifyDocument(issuerIdentityDocument);
610
+ await EntityStorageIdentityConnector.verifyDocument(issuerIdentityDocument, this._vaultConnector);
611
611
  const issuerDidDocument = issuerIdentityDocument.document;
612
612
  const revocationService = issuerDidDocument.service?.find(s => s.id.endsWith("#revocation"));
613
613
  if (revocationService &&
@@ -665,7 +665,7 @@ class EntityStorageIdentityConnector {
665
665
  if (core.Is.undefined(holderIdentityDocument)) {
666
666
  throw new core.NotFoundError(this.CLASS_NAME, "documentNotFound", idParts.id);
667
667
  }
668
- await this.verifyDocument(holderIdentityDocument);
668
+ await EntityStorageIdentityConnector.verifyDocument(holderIdentityDocument, this._vaultConnector);
669
669
  const holderDidDocument = holderIdentityDocument.document;
670
670
  const methods = this.getAllMethods(holderDidDocument);
671
671
  const methodAndArray = methods.find(m => {
@@ -717,7 +717,7 @@ class EntityStorageIdentityConnector {
717
717
  jwtPayload.exp = Math.floor(Date.now() / 1000) + expiresInSeconds;
718
718
  }
719
719
  const signature = await web.Jwt.encodeWithSigner(jwtHeader, jwtPayload, async (alg, key, payload) => {
720
- const sig = await this._vaultConnector.sign(this.buildVaultKey(idParts.id, idParts.hash ?? ""), payload);
720
+ const sig = await this._vaultConnector.sign(EntityStorageIdentityConnector.buildVaultKey(idParts.id, idParts.hash ?? ""), payload);
721
721
  return sig;
722
722
  });
723
723
  return {
@@ -752,7 +752,7 @@ class EntityStorageIdentityConnector {
752
752
  if (core.Is.undefined(holderIdentityDocument)) {
753
753
  throw new core.NotFoundError(this.CLASS_NAME, "documentNotFound", holderDocumentId);
754
754
  }
755
- await this.verifyDocument(holderIdentityDocument);
755
+ await EntityStorageIdentityConnector.verifyDocument(holderIdentityDocument, this._vaultConnector);
756
756
  const issuers = [];
757
757
  const tokensRevoked = [];
758
758
  const verifiablePresentation = jwtPayload?.vp;
@@ -769,7 +769,7 @@ class EntityStorageIdentityConnector {
769
769
  if (core.Is.undefined(issuerDidDocument)) {
770
770
  throw new core.NotFoundError(this.CLASS_NAME, "documentNotFound", issuerDocumentId);
771
771
  }
772
- await this.verifyDocument(issuerDidDocument);
772
+ await EntityStorageIdentityConnector.verifyDocument(issuerDidDocument, this._vaultConnector);
773
773
  issuers.push(issuerDidDocument);
774
774
  const vc = jwt.payload.vc;
775
775
  if (core.Is.object(vc)) {
@@ -818,7 +818,7 @@ class EntityStorageIdentityConnector {
818
818
  if (core.Is.undefined(didIdentityDocument)) {
819
819
  throw new core.NotFoundError(this.CLASS_NAME, "documentNotFound", idParts.id);
820
820
  }
821
- await this.verifyDocument(didIdentityDocument);
821
+ await EntityStorageIdentityConnector.verifyDocument(didIdentityDocument, this._vaultConnector);
822
822
  const didDocument = didIdentityDocument.document;
823
823
  const methods = this.getAllMethods(didDocument);
824
824
  const methodAndArray = methods.find(m => {
@@ -836,7 +836,7 @@ class EntityStorageIdentityConnector {
836
836
  method: verificationMethodId
837
837
  });
838
838
  }
839
- const signature = await this._vaultConnector.sign(this.buildVaultKey(didDocument.id, idParts.hash ?? ""), bytes);
839
+ const signature = await this._vaultConnector.sign(EntityStorageIdentityConnector.buildVaultKey(didDocument.id, idParts.hash ?? ""), bytes);
840
840
  return {
841
841
  "@context": standardsW3cDid.DidContexts.ContextVCDataIntegrity,
842
842
  type: standardsW3cDid.DidTypes.DataIntegrityProof,
@@ -879,7 +879,7 @@ class EntityStorageIdentityConnector {
879
879
  if (core.Is.undefined(didIdentityDocument)) {
880
880
  throw new core.NotFoundError(this.CLASS_NAME, "documentNotFound", idParts.id);
881
881
  }
882
- await this.verifyDocument(didIdentityDocument);
882
+ await EntityStorageIdentityConnector.verifyDocument(didIdentityDocument, this._vaultConnector);
883
883
  const didDocument = didIdentityDocument.document;
884
884
  const methods = this.getAllMethods(didDocument);
885
885
  const methodAndArray = methods.find(m => {
@@ -899,7 +899,7 @@ class EntityStorageIdentityConnector {
899
899
  method: proof.verificationMethodId
900
900
  });
901
901
  }
902
- return this._vaultConnector.verify(this.buildVaultKey(didIdentityDocument.id, idParts.hash), bytes, core.Converter.base58ToBytes(proof.proofValue));
902
+ return this._vaultConnector.verify(EntityStorageIdentityConnector.buildVaultKey(didIdentityDocument.id, idParts.hash), bytes, core.Converter.base58ToBytes(proof.proofValue));
903
903
  }
904
904
  catch (error) {
905
905
  throw new core.GeneralError(this.CLASS_NAME, "verifyProofFailed", undefined, error);
@@ -952,19 +952,6 @@ class EntityStorageIdentityConnector {
952
952
  }
953
953
  return false;
954
954
  }
955
- /**
956
- * Verify the document in storage.
957
- * @param didDocument The did document that was stored.
958
- * @internal
959
- */
960
- async verifyDocument(didDocument) {
961
- const stringifiedDocument = core.JsonHelper.canonicalize(didDocument.document);
962
- const docBytes = core.Converter.utf8ToBytes(stringifiedDocument);
963
- const verified = await this._vaultConnector.verify(this.buildVaultKey(didDocument.id, "did"), docBytes, core.Converter.base64ToBytes(didDocument.signature));
964
- if (!verified) {
965
- throw new core.GeneralError(this.CLASS_NAME, "signatureVerificationFailed");
966
- }
967
- }
968
955
  /**
969
956
  * Update the document in storage.
970
957
  * @param controller The controller of the document.
@@ -974,7 +961,7 @@ class EntityStorageIdentityConnector {
974
961
  async updateDocument(controller, didDocument) {
975
962
  const stringifiedDocument = core.JsonHelper.canonicalize(didDocument);
976
963
  const docBytes = core.Converter.utf8ToBytes(stringifiedDocument);
977
- const signature = await this._vaultConnector.sign(this.buildVaultKey(didDocument.id, "did"), docBytes);
964
+ const signature = await this._vaultConnector.sign(EntityStorageIdentityConnector.buildVaultKey(didDocument.id, "did"), docBytes);
978
965
  await this._didDocumentEntityStorage.set({
979
966
  id: didDocument.id,
980
967
  document: didDocument,
@@ -982,15 +969,6 @@ class EntityStorageIdentityConnector {
982
969
  controller
983
970
  });
984
971
  }
985
- /**
986
- * Build the key name to access the specified key in the vault.
987
- * @param identity The identity of the user to access the vault keys.
988
- * @returns The vault key.
989
- * @internal
990
- */
991
- buildVaultKey(identity, key) {
992
- return `${identity}/${key}`;
993
- }
994
972
  }
995
973
 
996
974
  // Copyright 2024 IOTA Stiftung.
@@ -1013,9 +991,8 @@ class EntityStorageIdentityProfileConnector {
1013
991
  */
1014
992
  _profileEntityStorage;
1015
993
  /**
1016
- * Create a new instance of Identity.
1017
- * @param options The dependencies for the identity service.
1018
- * @param options.profileEntityStorageType The storage connector for the profiles, default to "identity-profile".
994
+ * Create a new instance of EntityStorageIdentityProfileConnector.
995
+ * @param options The options for the identity service.
1019
996
  */
1020
997
  constructor(options) {
1021
998
  this._profileEntityStorage = entityStorageModels.EntityStorageConnectorFactory.get(options?.profileEntityStorageType ?? "identity-profile");
@@ -1187,6 +1164,60 @@ class EntityStorageIdentityProfileConnector {
1187
1164
  }
1188
1165
  }
1189
1166
 
1167
+ // Copyright 2024 IOTA Stiftung.
1168
+ // SPDX-License-Identifier: Apache-2.0.
1169
+ /**
1170
+ * Class for performing identity operations using entity storage.
1171
+ */
1172
+ class EntityStorageIdentityResolverConnector {
1173
+ /**
1174
+ * The namespace supported by the identity connector.
1175
+ */
1176
+ static NAMESPACE = "entity-storage";
1177
+ /**
1178
+ * Runtime name for the class.
1179
+ */
1180
+ CLASS_NAME = "EntityStorageIdentityResolverConnector";
1181
+ /**
1182
+ * The entity storage for identities.
1183
+ * @internal
1184
+ */
1185
+ _didDocumentEntityStorage;
1186
+ /**
1187
+ * The vault for the keys.
1188
+ * @internal
1189
+ */
1190
+ _vaultConnector;
1191
+ /**
1192
+ * Create a new instance of EntityStorageIdentityResolverConnector.
1193
+ * @param options The options for the identity connector.
1194
+ */
1195
+ constructor(options) {
1196
+ this._didDocumentEntityStorage = entityStorageModels.EntityStorageConnectorFactory.get(options?.didDocumentEntityStorageType ?? "identity-document");
1197
+ this._vaultConnector = vaultModels.VaultConnectorFactory.get(options?.vaultConnectorType ?? "vault");
1198
+ }
1199
+ /**
1200
+ * Resolve a document from its id.
1201
+ * @param documentId The id of the document to resolve.
1202
+ * @returns The resolved document.
1203
+ * @throws NotFoundError if the id can not be resolved.
1204
+ */
1205
+ async resolveDocument(documentId) {
1206
+ core.Guards.stringValue(this.CLASS_NAME, "documentId", documentId);
1207
+ try {
1208
+ const didIdentityDocument = await this._didDocumentEntityStorage.get(documentId);
1209
+ if (core.Is.undefined(didIdentityDocument)) {
1210
+ throw new core.NotFoundError(this.CLASS_NAME, "documentNotFound", documentId);
1211
+ }
1212
+ await EntityStorageIdentityConnector.verifyDocument(didIdentityDocument, this._vaultConnector);
1213
+ return didIdentityDocument.document;
1214
+ }
1215
+ catch (error) {
1216
+ throw new core.GeneralError(this.CLASS_NAME, "resolveDocumentFailed", undefined, error);
1217
+ }
1218
+ }
1219
+ }
1220
+
1190
1221
  // Copyright 2024 IOTA Stiftung.
1191
1222
  // SPDX-License-Identifier: Apache-2.0.
1192
1223
  /**
@@ -1206,4 +1237,5 @@ function initSchema(options) {
1206
1237
 
1207
1238
  exports.EntityStorageIdentityConnector = EntityStorageIdentityConnector;
1208
1239
  exports.EntityStorageIdentityProfileConnector = EntityStorageIdentityProfileConnector;
1240
+ exports.EntityStorageIdentityResolverConnector = EntityStorageIdentityResolverConnector;
1209
1241
  exports.initSchema = initSchema;