@twin.org/identity-connector-entity-storage 0.0.1-next.19 → 0.0.1-next.21
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/index.cjs +108 -76
- package/dist/esm/index.mjs +109 -78
- package/dist/types/entityStorageIdentityConnector.d.ts +3 -14
- package/dist/types/entityStorageIdentityProfileConnector.d.ts +4 -6
- package/dist/types/entityStorageIdentityResolverConnector.d.ts +28 -0
- package/dist/types/index.d.ts +4 -0
- package/dist/types/models/IEntityStorageIdentityConnectorConstructorOptions.d.ts +6 -0
- package/dist/types/models/IEntityStorageIdentityProfileConnectorConstructorOptions.d.ts +10 -0
- package/dist/types/models/IEntityStorageIdentityResolverConnectorConstructorOptions.d.ts +15 -0
- package/docs/changelog.md +1 -1
- package/docs/reference/classes/EntityStorageIdentityConnector.md +128 -120
- package/docs/reference/classes/EntityStorageIdentityProfileConnector.md +56 -46
- package/docs/reference/classes/EntityStorageIdentityResolverConnector.md +77 -0
- package/docs/reference/functions/initSchema.md +7 -3
- package/docs/reference/index.md +7 -0
- package/docs/reference/interfaces/IEntityStorageIdentityConnectorConstructorOptions.md +43 -0
- package/docs/reference/interfaces/IEntityStorageIdentityProfileConnectorConstructorOptions.md +17 -0
- package/docs/reference/interfaces/IEntityStorageIdentityResolverConnectorConstructorOptions.md +35 -0
- package/locales/en.json +4 -1
- package/package.json +4 -4
package/dist/cjs/index.cjs
CHANGED
|
@@ -36,19 +36,19 @@ exports.IdentityDocument = class IdentityDocument {
|
|
|
36
36
|
__decorate([
|
|
37
37
|
entity.property({ type: "string", isPrimary: true }),
|
|
38
38
|
__metadata("design:type", String)
|
|
39
|
-
], exports.IdentityDocument.prototype, "id",
|
|
39
|
+
], exports.IdentityDocument.prototype, "id", undefined);
|
|
40
40
|
__decorate([
|
|
41
41
|
entity.property({ type: "object" }),
|
|
42
42
|
__metadata("design:type", Object)
|
|
43
|
-
], exports.IdentityDocument.prototype, "document",
|
|
43
|
+
], exports.IdentityDocument.prototype, "document", undefined);
|
|
44
44
|
__decorate([
|
|
45
45
|
entity.property({ type: "string" }),
|
|
46
46
|
__metadata("design:type", String)
|
|
47
|
-
], exports.IdentityDocument.prototype, "signature",
|
|
47
|
+
], exports.IdentityDocument.prototype, "signature", undefined);
|
|
48
48
|
__decorate([
|
|
49
49
|
entity.property({ type: "string" }),
|
|
50
50
|
__metadata("design:type", String)
|
|
51
|
-
], exports.IdentityDocument.prototype, "controller",
|
|
51
|
+
], exports.IdentityDocument.prototype, "controller", undefined);
|
|
52
52
|
exports.IdentityDocument = __decorate([
|
|
53
53
|
entity.entity()
|
|
54
54
|
], exports.IdentityDocument);
|
|
@@ -75,15 +75,15 @@ exports.IdentityProfile = class IdentityProfile {
|
|
|
75
75
|
__decorate([
|
|
76
76
|
entity.property({ type: "string", isPrimary: true }),
|
|
77
77
|
__metadata("design:type", String)
|
|
78
|
-
], exports.IdentityProfile.prototype, "identity",
|
|
78
|
+
], exports.IdentityProfile.prototype, "identity", undefined);
|
|
79
79
|
__decorate([
|
|
80
80
|
entity.property({ type: "object" }),
|
|
81
81
|
__metadata("design:type", Object)
|
|
82
|
-
], exports.IdentityProfile.prototype, "publicProfile",
|
|
82
|
+
], exports.IdentityProfile.prototype, "publicProfile", undefined);
|
|
83
83
|
__decorate([
|
|
84
84
|
entity.property({ type: "object" }),
|
|
85
85
|
__metadata("design:type", Object)
|
|
86
|
-
], exports.IdentityProfile.prototype, "privateProfile",
|
|
86
|
+
], exports.IdentityProfile.prototype, "privateProfile", undefined);
|
|
87
87
|
exports.IdentityProfile = __decorate([
|
|
88
88
|
entity.entity()
|
|
89
89
|
], exports.IdentityProfile);
|
|
@@ -119,14 +119,34 @@ class EntityStorageIdentityConnector {
|
|
|
119
119
|
_vaultConnector;
|
|
120
120
|
/**
|
|
121
121
|
* Create a new instance of EntityStorageIdentityConnector.
|
|
122
|
-
* @param options The
|
|
123
|
-
* @param options.didDocumentEntityStorageType The entity storage for the did documents, defaults to "identity-document".
|
|
124
|
-
* @param options.vaultConnectorType The vault for the private keys, defaults to "vault".
|
|
122
|
+
* @param options The options for the identity connector.
|
|
125
123
|
*/
|
|
126
124
|
constructor(options) {
|
|
127
125
|
this._didDocumentEntityStorage = entityStorageModels.EntityStorageConnectorFactory.get(options?.didDocumentEntityStorageType ?? "identity-document");
|
|
128
126
|
this._vaultConnector = vaultModels.VaultConnectorFactory.get(options?.vaultConnectorType ?? "vault");
|
|
129
127
|
}
|
|
128
|
+
/**
|
|
129
|
+
* Build the key name to access the specified key in the vault.
|
|
130
|
+
* @param identity The identity of the user to access the vault keys.
|
|
131
|
+
* @returns The vault key.
|
|
132
|
+
* @internal
|
|
133
|
+
*/
|
|
134
|
+
static buildVaultKey(identity, key) {
|
|
135
|
+
return `${identity}/${key}`;
|
|
136
|
+
}
|
|
137
|
+
/**
|
|
138
|
+
* Verify the document in storage.
|
|
139
|
+
* @param didDocument The did document that was stored.
|
|
140
|
+
* @internal
|
|
141
|
+
*/
|
|
142
|
+
static async verifyDocument(didDocument, vaultConnector) {
|
|
143
|
+
const stringifiedDocument = core.JsonHelper.canonicalize(didDocument.document);
|
|
144
|
+
const docBytes = core.Converter.utf8ToBytes(stringifiedDocument);
|
|
145
|
+
const verified = await vaultConnector.verify(EntityStorageIdentityConnector.buildVaultKey(didDocument.id, "did"), docBytes, core.Converter.base64ToBytes(didDocument.signature));
|
|
146
|
+
if (!verified) {
|
|
147
|
+
throw new core.GeneralError("EntityStorageIdentityResolverConnector", "signatureVerificationFailed");
|
|
148
|
+
}
|
|
149
|
+
}
|
|
130
150
|
/**
|
|
131
151
|
* Create a new document.
|
|
132
152
|
* @param controller The controller of the identity who can make changes.
|
|
@@ -136,7 +156,7 @@ class EntityStorageIdentityConnector {
|
|
|
136
156
|
core.Guards.stringValue(this.CLASS_NAME, "controller", controller);
|
|
137
157
|
try {
|
|
138
158
|
const did = `did:${EntityStorageIdentityConnector.NAMESPACE}:${core.Converter.bytesToHex(core.RandomHelper.generate(32), true)}`;
|
|
139
|
-
await this._vaultConnector.createKey(
|
|
159
|
+
await this._vaultConnector.createKey(EntityStorageIdentityConnector.buildVaultKey(did, "did"), vaultModels.VaultKeyType.Ed25519);
|
|
140
160
|
const bitString = new core.BitString(EntityStorageIdentityConnector._REVOCATION_BITS_SIZE);
|
|
141
161
|
const compressed = await core.Compression.compress(bitString.getBits(), core.CompressionType.Gzip);
|
|
142
162
|
const didDocument = {
|
|
@@ -156,26 +176,6 @@ class EntityStorageIdentityConnector {
|
|
|
156
176
|
throw new core.GeneralError(this.CLASS_NAME, "createDocumentFailed", undefined, error);
|
|
157
177
|
}
|
|
158
178
|
}
|
|
159
|
-
/**
|
|
160
|
-
* Resolve a document from its id.
|
|
161
|
-
* @param documentId The id of the document to resolve.
|
|
162
|
-
* @returns The resolved document.
|
|
163
|
-
* @throws NotFoundError if the id can not be resolved.
|
|
164
|
-
*/
|
|
165
|
-
async resolveDocument(documentId) {
|
|
166
|
-
core.Guards.stringValue(this.CLASS_NAME, "documentId", documentId);
|
|
167
|
-
try {
|
|
168
|
-
const didIdentityDocument = await this._didDocumentEntityStorage.get(documentId);
|
|
169
|
-
if (core.Is.undefined(didIdentityDocument)) {
|
|
170
|
-
throw new core.NotFoundError(this.CLASS_NAME, "documentNotFound", documentId);
|
|
171
|
-
}
|
|
172
|
-
await this.verifyDocument(didIdentityDocument);
|
|
173
|
-
return didIdentityDocument.document;
|
|
174
|
-
}
|
|
175
|
-
catch (error) {
|
|
176
|
-
throw new core.GeneralError(this.CLASS_NAME, "resolveDocumentFailed", undefined, error);
|
|
177
|
-
}
|
|
178
|
-
}
|
|
179
179
|
/**
|
|
180
180
|
* Add a verification method to the document in JSON Web key Format.
|
|
181
181
|
* @param controller The controller of the identity who can make changes.
|
|
@@ -195,10 +195,10 @@ class EntityStorageIdentityConnector {
|
|
|
195
195
|
if (core.Is.undefined(didIdentityDocument)) {
|
|
196
196
|
throw new core.NotFoundError(this.CLASS_NAME, "documentNotFound", documentId);
|
|
197
197
|
}
|
|
198
|
-
await
|
|
198
|
+
await EntityStorageIdentityConnector.verifyDocument(didIdentityDocument, this._vaultConnector);
|
|
199
199
|
const didDocument = didIdentityDocument.document;
|
|
200
200
|
const tempKeyId = `temp-vm-${core.Converter.bytesToBase64Url(core.RandomHelper.generate(16))}`;
|
|
201
|
-
const verificationPublicKey = await this._vaultConnector.createKey(
|
|
201
|
+
const verificationPublicKey = await this._vaultConnector.createKey(EntityStorageIdentityConnector.buildVaultKey(didDocument.id, tempKeyId), vaultModels.VaultKeyType.Ed25519);
|
|
202
202
|
const jwkParams = {
|
|
203
203
|
alg: "EdDSA",
|
|
204
204
|
kty: "OKP",
|
|
@@ -207,7 +207,7 @@ class EntityStorageIdentityConnector {
|
|
|
207
207
|
};
|
|
208
208
|
const kid = core.Converter.bytesToBase64Url(crypto.Sha256.sum256(core.Converter.utf8ToBytes(JSON.stringify(jwkParams))));
|
|
209
209
|
const methodId = `${documentId}#${verificationMethodId ?? kid}`;
|
|
210
|
-
await this._vaultConnector.renameKey(
|
|
210
|
+
await this._vaultConnector.renameKey(EntityStorageIdentityConnector.buildVaultKey(didDocument.id, tempKeyId), EntityStorageIdentityConnector.buildVaultKey(didDocument.id, verificationMethodId ?? kid));
|
|
211
211
|
const methods = this.getAllMethods(didDocument);
|
|
212
212
|
const existingMethodIndex = methods.findIndex(m => {
|
|
213
213
|
if (core.Is.string(m.method)) {
|
|
@@ -259,7 +259,7 @@ class EntityStorageIdentityConnector {
|
|
|
259
259
|
if (core.Is.undefined(didIdentityDocument)) {
|
|
260
260
|
throw new core.NotFoundError(this.CLASS_NAME, "documentNotFound", idParts.id);
|
|
261
261
|
}
|
|
262
|
-
await
|
|
262
|
+
await EntityStorageIdentityConnector.verifyDocument(didIdentityDocument, this._vaultConnector);
|
|
263
263
|
const didDocument = didIdentityDocument.document;
|
|
264
264
|
const methods = this.getAllMethods(didDocument);
|
|
265
265
|
const existingMethodIndex = methods.findIndex(m => {
|
|
@@ -307,7 +307,7 @@ class EntityStorageIdentityConnector {
|
|
|
307
307
|
if (core.Is.undefined(didIdentityDocument)) {
|
|
308
308
|
throw new core.NotFoundError(this.CLASS_NAME, "documentNotFound", documentId);
|
|
309
309
|
}
|
|
310
|
-
await
|
|
310
|
+
await EntityStorageIdentityConnector.verifyDocument(didIdentityDocument, this._vaultConnector);
|
|
311
311
|
const didDocument = didIdentityDocument.document;
|
|
312
312
|
const fullServiceId = serviceId.includes("#") ? serviceId : `${documentId}#${serviceId}`;
|
|
313
313
|
if (core.Is.array(didDocument.service)) {
|
|
@@ -349,7 +349,7 @@ class EntityStorageIdentityConnector {
|
|
|
349
349
|
if (core.Is.undefined(didIdentityDocument)) {
|
|
350
350
|
throw new core.NotFoundError(this.CLASS_NAME, "documentNotFound", idParts.id);
|
|
351
351
|
}
|
|
352
|
-
await
|
|
352
|
+
await EntityStorageIdentityConnector.verifyDocument(didIdentityDocument, this._vaultConnector);
|
|
353
353
|
const didDocument = didIdentityDocument.document;
|
|
354
354
|
if (core.Is.array(didDocument.service)) {
|
|
355
355
|
const existingServiceIndex = didDocument.service.findIndex(s => s.id === serviceId);
|
|
@@ -395,7 +395,7 @@ class EntityStorageIdentityConnector {
|
|
|
395
395
|
if (core.Is.undefined(issuerIdentityDocument)) {
|
|
396
396
|
throw new core.NotFoundError(this.CLASS_NAME, "documentNotFound", idParts.id);
|
|
397
397
|
}
|
|
398
|
-
await
|
|
398
|
+
await EntityStorageIdentityConnector.verifyDocument(issuerIdentityDocument, this._vaultConnector);
|
|
399
399
|
const issuerDidDocument = issuerIdentityDocument.document;
|
|
400
400
|
const methods = this.getAllMethods(issuerDidDocument);
|
|
401
401
|
const methodAndArray = methods.find(m => {
|
|
@@ -467,7 +467,7 @@ class EntityStorageIdentityConnector {
|
|
|
467
467
|
vc: jwtVc
|
|
468
468
|
};
|
|
469
469
|
const signature = await web.Jwt.encodeWithSigner(jwtHeader, jwtPayload, async (alg, key, payload) => {
|
|
470
|
-
const sig = await this._vaultConnector.sign(
|
|
470
|
+
const sig = await this._vaultConnector.sign(EntityStorageIdentityConnector.buildVaultKey(idParts.id, idParts.hash ?? ""), payload);
|
|
471
471
|
return sig;
|
|
472
472
|
});
|
|
473
473
|
return {
|
|
@@ -502,7 +502,7 @@ class EntityStorageIdentityConnector {
|
|
|
502
502
|
if (core.Is.undefined(issuerIdentityDocument)) {
|
|
503
503
|
throw new core.NotFoundError(this.CLASS_NAME, "documentNotFound", issuerDocumentId);
|
|
504
504
|
}
|
|
505
|
-
await
|
|
505
|
+
await EntityStorageIdentityConnector.verifyDocument(issuerIdentityDocument, this._vaultConnector);
|
|
506
506
|
const issuerDidDocument = issuerIdentityDocument.document;
|
|
507
507
|
const methods = this.getAllMethods(issuerDidDocument);
|
|
508
508
|
const methodAndArray = methods.find(m => {
|
|
@@ -567,7 +567,7 @@ class EntityStorageIdentityConnector {
|
|
|
567
567
|
if (core.Is.undefined(issuerIdentityDocument)) {
|
|
568
568
|
throw new core.NotFoundError(this.CLASS_NAME, "documentNotFound", issuerDocumentId);
|
|
569
569
|
}
|
|
570
|
-
await
|
|
570
|
+
await EntityStorageIdentityConnector.verifyDocument(issuerIdentityDocument, this._vaultConnector);
|
|
571
571
|
const issuerDidDocument = issuerIdentityDocument.document;
|
|
572
572
|
const revocationService = issuerDidDocument.service?.find(s => s.id.endsWith("#revocation"));
|
|
573
573
|
if (revocationService &&
|
|
@@ -607,7 +607,7 @@ class EntityStorageIdentityConnector {
|
|
|
607
607
|
if (core.Is.undefined(issuerIdentityDocument)) {
|
|
608
608
|
throw new core.NotFoundError(this.CLASS_NAME, "documentNotFound", issuerDocumentId);
|
|
609
609
|
}
|
|
610
|
-
await
|
|
610
|
+
await EntityStorageIdentityConnector.verifyDocument(issuerIdentityDocument, this._vaultConnector);
|
|
611
611
|
const issuerDidDocument = issuerIdentityDocument.document;
|
|
612
612
|
const revocationService = issuerDidDocument.service?.find(s => s.id.endsWith("#revocation"));
|
|
613
613
|
if (revocationService &&
|
|
@@ -665,7 +665,7 @@ class EntityStorageIdentityConnector {
|
|
|
665
665
|
if (core.Is.undefined(holderIdentityDocument)) {
|
|
666
666
|
throw new core.NotFoundError(this.CLASS_NAME, "documentNotFound", idParts.id);
|
|
667
667
|
}
|
|
668
|
-
await
|
|
668
|
+
await EntityStorageIdentityConnector.verifyDocument(holderIdentityDocument, this._vaultConnector);
|
|
669
669
|
const holderDidDocument = holderIdentityDocument.document;
|
|
670
670
|
const methods = this.getAllMethods(holderDidDocument);
|
|
671
671
|
const methodAndArray = methods.find(m => {
|
|
@@ -717,7 +717,7 @@ class EntityStorageIdentityConnector {
|
|
|
717
717
|
jwtPayload.exp = Math.floor(Date.now() / 1000) + expiresInSeconds;
|
|
718
718
|
}
|
|
719
719
|
const signature = await web.Jwt.encodeWithSigner(jwtHeader, jwtPayload, async (alg, key, payload) => {
|
|
720
|
-
const sig = await this._vaultConnector.sign(
|
|
720
|
+
const sig = await this._vaultConnector.sign(EntityStorageIdentityConnector.buildVaultKey(idParts.id, idParts.hash ?? ""), payload);
|
|
721
721
|
return sig;
|
|
722
722
|
});
|
|
723
723
|
return {
|
|
@@ -752,7 +752,7 @@ class EntityStorageIdentityConnector {
|
|
|
752
752
|
if (core.Is.undefined(holderIdentityDocument)) {
|
|
753
753
|
throw new core.NotFoundError(this.CLASS_NAME, "documentNotFound", holderDocumentId);
|
|
754
754
|
}
|
|
755
|
-
await
|
|
755
|
+
await EntityStorageIdentityConnector.verifyDocument(holderIdentityDocument, this._vaultConnector);
|
|
756
756
|
const issuers = [];
|
|
757
757
|
const tokensRevoked = [];
|
|
758
758
|
const verifiablePresentation = jwtPayload?.vp;
|
|
@@ -769,7 +769,7 @@ class EntityStorageIdentityConnector {
|
|
|
769
769
|
if (core.Is.undefined(issuerDidDocument)) {
|
|
770
770
|
throw new core.NotFoundError(this.CLASS_NAME, "documentNotFound", issuerDocumentId);
|
|
771
771
|
}
|
|
772
|
-
await
|
|
772
|
+
await EntityStorageIdentityConnector.verifyDocument(issuerDidDocument, this._vaultConnector);
|
|
773
773
|
issuers.push(issuerDidDocument);
|
|
774
774
|
const vc = jwt.payload.vc;
|
|
775
775
|
if (core.Is.object(vc)) {
|
|
@@ -818,7 +818,7 @@ class EntityStorageIdentityConnector {
|
|
|
818
818
|
if (core.Is.undefined(didIdentityDocument)) {
|
|
819
819
|
throw new core.NotFoundError(this.CLASS_NAME, "documentNotFound", idParts.id);
|
|
820
820
|
}
|
|
821
|
-
await
|
|
821
|
+
await EntityStorageIdentityConnector.verifyDocument(didIdentityDocument, this._vaultConnector);
|
|
822
822
|
const didDocument = didIdentityDocument.document;
|
|
823
823
|
const methods = this.getAllMethods(didDocument);
|
|
824
824
|
const methodAndArray = methods.find(m => {
|
|
@@ -836,7 +836,7 @@ class EntityStorageIdentityConnector {
|
|
|
836
836
|
method: verificationMethodId
|
|
837
837
|
});
|
|
838
838
|
}
|
|
839
|
-
const signature = await this._vaultConnector.sign(
|
|
839
|
+
const signature = await this._vaultConnector.sign(EntityStorageIdentityConnector.buildVaultKey(didDocument.id, idParts.hash ?? ""), bytes);
|
|
840
840
|
return {
|
|
841
841
|
"@context": standardsW3cDid.DidContexts.ContextVCDataIntegrity,
|
|
842
842
|
type: standardsW3cDid.DidTypes.DataIntegrityProof,
|
|
@@ -879,7 +879,7 @@ class EntityStorageIdentityConnector {
|
|
|
879
879
|
if (core.Is.undefined(didIdentityDocument)) {
|
|
880
880
|
throw new core.NotFoundError(this.CLASS_NAME, "documentNotFound", idParts.id);
|
|
881
881
|
}
|
|
882
|
-
await
|
|
882
|
+
await EntityStorageIdentityConnector.verifyDocument(didIdentityDocument, this._vaultConnector);
|
|
883
883
|
const didDocument = didIdentityDocument.document;
|
|
884
884
|
const methods = this.getAllMethods(didDocument);
|
|
885
885
|
const methodAndArray = methods.find(m => {
|
|
@@ -899,7 +899,7 @@ class EntityStorageIdentityConnector {
|
|
|
899
899
|
method: proof.verificationMethodId
|
|
900
900
|
});
|
|
901
901
|
}
|
|
902
|
-
return this._vaultConnector.verify(
|
|
902
|
+
return this._vaultConnector.verify(EntityStorageIdentityConnector.buildVaultKey(didIdentityDocument.id, idParts.hash), bytes, core.Converter.base58ToBytes(proof.proofValue));
|
|
903
903
|
}
|
|
904
904
|
catch (error) {
|
|
905
905
|
throw new core.GeneralError(this.CLASS_NAME, "verifyProofFailed", undefined, error);
|
|
@@ -952,19 +952,6 @@ class EntityStorageIdentityConnector {
|
|
|
952
952
|
}
|
|
953
953
|
return false;
|
|
954
954
|
}
|
|
955
|
-
/**
|
|
956
|
-
* Verify the document in storage.
|
|
957
|
-
* @param didDocument The did document that was stored.
|
|
958
|
-
* @internal
|
|
959
|
-
*/
|
|
960
|
-
async verifyDocument(didDocument) {
|
|
961
|
-
const stringifiedDocument = core.JsonHelper.canonicalize(didDocument.document);
|
|
962
|
-
const docBytes = core.Converter.utf8ToBytes(stringifiedDocument);
|
|
963
|
-
const verified = await this._vaultConnector.verify(this.buildVaultKey(didDocument.id, "did"), docBytes, core.Converter.base64ToBytes(didDocument.signature));
|
|
964
|
-
if (!verified) {
|
|
965
|
-
throw new core.GeneralError(this.CLASS_NAME, "signatureVerificationFailed");
|
|
966
|
-
}
|
|
967
|
-
}
|
|
968
955
|
/**
|
|
969
956
|
* Update the document in storage.
|
|
970
957
|
* @param controller The controller of the document.
|
|
@@ -974,7 +961,7 @@ class EntityStorageIdentityConnector {
|
|
|
974
961
|
async updateDocument(controller, didDocument) {
|
|
975
962
|
const stringifiedDocument = core.JsonHelper.canonicalize(didDocument);
|
|
976
963
|
const docBytes = core.Converter.utf8ToBytes(stringifiedDocument);
|
|
977
|
-
const signature = await this._vaultConnector.sign(
|
|
964
|
+
const signature = await this._vaultConnector.sign(EntityStorageIdentityConnector.buildVaultKey(didDocument.id, "did"), docBytes);
|
|
978
965
|
await this._didDocumentEntityStorage.set({
|
|
979
966
|
id: didDocument.id,
|
|
980
967
|
document: didDocument,
|
|
@@ -982,15 +969,6 @@ class EntityStorageIdentityConnector {
|
|
|
982
969
|
controller
|
|
983
970
|
});
|
|
984
971
|
}
|
|
985
|
-
/**
|
|
986
|
-
* Build the key name to access the specified key in the vault.
|
|
987
|
-
* @param identity The identity of the user to access the vault keys.
|
|
988
|
-
* @returns The vault key.
|
|
989
|
-
* @internal
|
|
990
|
-
*/
|
|
991
|
-
buildVaultKey(identity, key) {
|
|
992
|
-
return `${identity}/${key}`;
|
|
993
|
-
}
|
|
994
972
|
}
|
|
995
973
|
|
|
996
974
|
// Copyright 2024 IOTA Stiftung.
|
|
@@ -1013,9 +991,8 @@ class EntityStorageIdentityProfileConnector {
|
|
|
1013
991
|
*/
|
|
1014
992
|
_profileEntityStorage;
|
|
1015
993
|
/**
|
|
1016
|
-
* Create a new instance of
|
|
1017
|
-
* @param options The
|
|
1018
|
-
* @param options.profileEntityStorageType The storage connector for the profiles, default to "identity-profile".
|
|
994
|
+
* Create a new instance of EntityStorageIdentityProfileConnector.
|
|
995
|
+
* @param options The options for the identity service.
|
|
1019
996
|
*/
|
|
1020
997
|
constructor(options) {
|
|
1021
998
|
this._profileEntityStorage = entityStorageModels.EntityStorageConnectorFactory.get(options?.profileEntityStorageType ?? "identity-profile");
|
|
@@ -1187,6 +1164,60 @@ class EntityStorageIdentityProfileConnector {
|
|
|
1187
1164
|
}
|
|
1188
1165
|
}
|
|
1189
1166
|
|
|
1167
|
+
// Copyright 2024 IOTA Stiftung.
|
|
1168
|
+
// SPDX-License-Identifier: Apache-2.0.
|
|
1169
|
+
/**
|
|
1170
|
+
* Class for performing identity operations using entity storage.
|
|
1171
|
+
*/
|
|
1172
|
+
class EntityStorageIdentityResolverConnector {
|
|
1173
|
+
/**
|
|
1174
|
+
* The namespace supported by the identity connector.
|
|
1175
|
+
*/
|
|
1176
|
+
static NAMESPACE = "entity-storage";
|
|
1177
|
+
/**
|
|
1178
|
+
* Runtime name for the class.
|
|
1179
|
+
*/
|
|
1180
|
+
CLASS_NAME = "EntityStorageIdentityResolverConnector";
|
|
1181
|
+
/**
|
|
1182
|
+
* The entity storage for identities.
|
|
1183
|
+
* @internal
|
|
1184
|
+
*/
|
|
1185
|
+
_didDocumentEntityStorage;
|
|
1186
|
+
/**
|
|
1187
|
+
* The vault for the keys.
|
|
1188
|
+
* @internal
|
|
1189
|
+
*/
|
|
1190
|
+
_vaultConnector;
|
|
1191
|
+
/**
|
|
1192
|
+
* Create a new instance of EntityStorageIdentityResolverConnector.
|
|
1193
|
+
* @param options The options for the identity connector.
|
|
1194
|
+
*/
|
|
1195
|
+
constructor(options) {
|
|
1196
|
+
this._didDocumentEntityStorage = entityStorageModels.EntityStorageConnectorFactory.get(options?.didDocumentEntityStorageType ?? "identity-document");
|
|
1197
|
+
this._vaultConnector = vaultModels.VaultConnectorFactory.get(options?.vaultConnectorType ?? "vault");
|
|
1198
|
+
}
|
|
1199
|
+
/**
|
|
1200
|
+
* Resolve a document from its id.
|
|
1201
|
+
* @param documentId The id of the document to resolve.
|
|
1202
|
+
* @returns The resolved document.
|
|
1203
|
+
* @throws NotFoundError if the id can not be resolved.
|
|
1204
|
+
*/
|
|
1205
|
+
async resolveDocument(documentId) {
|
|
1206
|
+
core.Guards.stringValue(this.CLASS_NAME, "documentId", documentId);
|
|
1207
|
+
try {
|
|
1208
|
+
const didIdentityDocument = await this._didDocumentEntityStorage.get(documentId);
|
|
1209
|
+
if (core.Is.undefined(didIdentityDocument)) {
|
|
1210
|
+
throw new core.NotFoundError(this.CLASS_NAME, "documentNotFound", documentId);
|
|
1211
|
+
}
|
|
1212
|
+
await EntityStorageIdentityConnector.verifyDocument(didIdentityDocument, this._vaultConnector);
|
|
1213
|
+
return didIdentityDocument.document;
|
|
1214
|
+
}
|
|
1215
|
+
catch (error) {
|
|
1216
|
+
throw new core.GeneralError(this.CLASS_NAME, "resolveDocumentFailed", undefined, error);
|
|
1217
|
+
}
|
|
1218
|
+
}
|
|
1219
|
+
}
|
|
1220
|
+
|
|
1190
1221
|
// Copyright 2024 IOTA Stiftung.
|
|
1191
1222
|
// SPDX-License-Identifier: Apache-2.0.
|
|
1192
1223
|
/**
|
|
@@ -1206,4 +1237,5 @@ function initSchema(options) {
|
|
|
1206
1237
|
|
|
1207
1238
|
exports.EntityStorageIdentityConnector = EntityStorageIdentityConnector;
|
|
1208
1239
|
exports.EntityStorageIdentityProfileConnector = EntityStorageIdentityProfileConnector;
|
|
1240
|
+
exports.EntityStorageIdentityResolverConnector = EntityStorageIdentityResolverConnector;
|
|
1209
1241
|
exports.initSchema = initSchema;
|