@twin.org/identity-connector-entity-storage 0.0.1-next.19 → 0.0.1-next.21
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/index.cjs +108 -76
- package/dist/esm/index.mjs +109 -78
- package/dist/types/entityStorageIdentityConnector.d.ts +3 -14
- package/dist/types/entityStorageIdentityProfileConnector.d.ts +4 -6
- package/dist/types/entityStorageIdentityResolverConnector.d.ts +28 -0
- package/dist/types/index.d.ts +4 -0
- package/dist/types/models/IEntityStorageIdentityConnectorConstructorOptions.d.ts +6 -0
- package/dist/types/models/IEntityStorageIdentityProfileConnectorConstructorOptions.d.ts +10 -0
- package/dist/types/models/IEntityStorageIdentityResolverConnectorConstructorOptions.d.ts +15 -0
- package/docs/changelog.md +1 -1
- package/docs/reference/classes/EntityStorageIdentityConnector.md +128 -120
- package/docs/reference/classes/EntityStorageIdentityProfileConnector.md +56 -46
- package/docs/reference/classes/EntityStorageIdentityResolverConnector.md +77 -0
- package/docs/reference/functions/initSchema.md +7 -3
- package/docs/reference/index.md +7 -0
- package/docs/reference/interfaces/IEntityStorageIdentityConnectorConstructorOptions.md +43 -0
- package/docs/reference/interfaces/IEntityStorageIdentityProfileConnectorConstructorOptions.md +17 -0
- package/docs/reference/interfaces/IEntityStorageIdentityResolverConnectorConstructorOptions.md +35 -0
- package/locales/en.json +4 -1
- package/package.json +4 -4
package/dist/esm/index.mjs
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { property, entity, ComparisonOperator, EntitySchemaFactory, EntitySchemaHelper } from '@twin.org/entity';
|
|
2
|
-
import {
|
|
2
|
+
import { JsonHelper, Converter, GeneralError, Guards, RandomHelper, BitString, Compression, CompressionType, Is, NotFoundError, ObjectHelper, Coerce, AlreadyExistsError, BaseError } from '@twin.org/core';
|
|
3
3
|
import { Sha256 } from '@twin.org/crypto';
|
|
4
4
|
import { JsonLdProcessor } from '@twin.org/data-json-ld';
|
|
5
5
|
import { EntityStorageConnectorFactory } from '@twin.org/entity-storage-models';
|
|
@@ -34,19 +34,19 @@ let IdentityDocument = class IdentityDocument {
|
|
|
34
34
|
__decorate([
|
|
35
35
|
property({ type: "string", isPrimary: true }),
|
|
36
36
|
__metadata("design:type", String)
|
|
37
|
-
], IdentityDocument.prototype, "id",
|
|
37
|
+
], IdentityDocument.prototype, "id", undefined);
|
|
38
38
|
__decorate([
|
|
39
39
|
property({ type: "object" }),
|
|
40
40
|
__metadata("design:type", Object)
|
|
41
|
-
], IdentityDocument.prototype, "document",
|
|
41
|
+
], IdentityDocument.prototype, "document", undefined);
|
|
42
42
|
__decorate([
|
|
43
43
|
property({ type: "string" }),
|
|
44
44
|
__metadata("design:type", String)
|
|
45
|
-
], IdentityDocument.prototype, "signature",
|
|
45
|
+
], IdentityDocument.prototype, "signature", undefined);
|
|
46
46
|
__decorate([
|
|
47
47
|
property({ type: "string" }),
|
|
48
48
|
__metadata("design:type", String)
|
|
49
|
-
], IdentityDocument.prototype, "controller",
|
|
49
|
+
], IdentityDocument.prototype, "controller", undefined);
|
|
50
50
|
IdentityDocument = __decorate([
|
|
51
51
|
entity()
|
|
52
52
|
], IdentityDocument);
|
|
@@ -73,15 +73,15 @@ let IdentityProfile = class IdentityProfile {
|
|
|
73
73
|
__decorate([
|
|
74
74
|
property({ type: "string", isPrimary: true }),
|
|
75
75
|
__metadata("design:type", String)
|
|
76
|
-
], IdentityProfile.prototype, "identity",
|
|
76
|
+
], IdentityProfile.prototype, "identity", undefined);
|
|
77
77
|
__decorate([
|
|
78
78
|
property({ type: "object" }),
|
|
79
79
|
__metadata("design:type", Object)
|
|
80
|
-
], IdentityProfile.prototype, "publicProfile",
|
|
80
|
+
], IdentityProfile.prototype, "publicProfile", undefined);
|
|
81
81
|
__decorate([
|
|
82
82
|
property({ type: "object" }),
|
|
83
83
|
__metadata("design:type", Object)
|
|
84
|
-
], IdentityProfile.prototype, "privateProfile",
|
|
84
|
+
], IdentityProfile.prototype, "privateProfile", undefined);
|
|
85
85
|
IdentityProfile = __decorate([
|
|
86
86
|
entity()
|
|
87
87
|
], IdentityProfile);
|
|
@@ -117,14 +117,34 @@ class EntityStorageIdentityConnector {
|
|
|
117
117
|
_vaultConnector;
|
|
118
118
|
/**
|
|
119
119
|
* Create a new instance of EntityStorageIdentityConnector.
|
|
120
|
-
* @param options The
|
|
121
|
-
* @param options.didDocumentEntityStorageType The entity storage for the did documents, defaults to "identity-document".
|
|
122
|
-
* @param options.vaultConnectorType The vault for the private keys, defaults to "vault".
|
|
120
|
+
* @param options The options for the identity connector.
|
|
123
121
|
*/
|
|
124
122
|
constructor(options) {
|
|
125
123
|
this._didDocumentEntityStorage = EntityStorageConnectorFactory.get(options?.didDocumentEntityStorageType ?? "identity-document");
|
|
126
124
|
this._vaultConnector = VaultConnectorFactory.get(options?.vaultConnectorType ?? "vault");
|
|
127
125
|
}
|
|
126
|
+
/**
|
|
127
|
+
* Build the key name to access the specified key in the vault.
|
|
128
|
+
* @param identity The identity of the user to access the vault keys.
|
|
129
|
+
* @returns The vault key.
|
|
130
|
+
* @internal
|
|
131
|
+
*/
|
|
132
|
+
static buildVaultKey(identity, key) {
|
|
133
|
+
return `${identity}/${key}`;
|
|
134
|
+
}
|
|
135
|
+
/**
|
|
136
|
+
* Verify the document in storage.
|
|
137
|
+
* @param didDocument The did document that was stored.
|
|
138
|
+
* @internal
|
|
139
|
+
*/
|
|
140
|
+
static async verifyDocument(didDocument, vaultConnector) {
|
|
141
|
+
const stringifiedDocument = JsonHelper.canonicalize(didDocument.document);
|
|
142
|
+
const docBytes = Converter.utf8ToBytes(stringifiedDocument);
|
|
143
|
+
const verified = await vaultConnector.verify(EntityStorageIdentityConnector.buildVaultKey(didDocument.id, "did"), docBytes, Converter.base64ToBytes(didDocument.signature));
|
|
144
|
+
if (!verified) {
|
|
145
|
+
throw new GeneralError("EntityStorageIdentityResolverConnector", "signatureVerificationFailed");
|
|
146
|
+
}
|
|
147
|
+
}
|
|
128
148
|
/**
|
|
129
149
|
* Create a new document.
|
|
130
150
|
* @param controller The controller of the identity who can make changes.
|
|
@@ -134,7 +154,7 @@ class EntityStorageIdentityConnector {
|
|
|
134
154
|
Guards.stringValue(this.CLASS_NAME, "controller", controller);
|
|
135
155
|
try {
|
|
136
156
|
const did = `did:${EntityStorageIdentityConnector.NAMESPACE}:${Converter.bytesToHex(RandomHelper.generate(32), true)}`;
|
|
137
|
-
await this._vaultConnector.createKey(
|
|
157
|
+
await this._vaultConnector.createKey(EntityStorageIdentityConnector.buildVaultKey(did, "did"), VaultKeyType.Ed25519);
|
|
138
158
|
const bitString = new BitString(EntityStorageIdentityConnector._REVOCATION_BITS_SIZE);
|
|
139
159
|
const compressed = await Compression.compress(bitString.getBits(), CompressionType.Gzip);
|
|
140
160
|
const didDocument = {
|
|
@@ -154,26 +174,6 @@ class EntityStorageIdentityConnector {
|
|
|
154
174
|
throw new GeneralError(this.CLASS_NAME, "createDocumentFailed", undefined, error);
|
|
155
175
|
}
|
|
156
176
|
}
|
|
157
|
-
/**
|
|
158
|
-
* Resolve a document from its id.
|
|
159
|
-
* @param documentId The id of the document to resolve.
|
|
160
|
-
* @returns The resolved document.
|
|
161
|
-
* @throws NotFoundError if the id can not be resolved.
|
|
162
|
-
*/
|
|
163
|
-
async resolveDocument(documentId) {
|
|
164
|
-
Guards.stringValue(this.CLASS_NAME, "documentId", documentId);
|
|
165
|
-
try {
|
|
166
|
-
const didIdentityDocument = await this._didDocumentEntityStorage.get(documentId);
|
|
167
|
-
if (Is.undefined(didIdentityDocument)) {
|
|
168
|
-
throw new NotFoundError(this.CLASS_NAME, "documentNotFound", documentId);
|
|
169
|
-
}
|
|
170
|
-
await this.verifyDocument(didIdentityDocument);
|
|
171
|
-
return didIdentityDocument.document;
|
|
172
|
-
}
|
|
173
|
-
catch (error) {
|
|
174
|
-
throw new GeneralError(this.CLASS_NAME, "resolveDocumentFailed", undefined, error);
|
|
175
|
-
}
|
|
176
|
-
}
|
|
177
177
|
/**
|
|
178
178
|
* Add a verification method to the document in JSON Web key Format.
|
|
179
179
|
* @param controller The controller of the identity who can make changes.
|
|
@@ -193,10 +193,10 @@ class EntityStorageIdentityConnector {
|
|
|
193
193
|
if (Is.undefined(didIdentityDocument)) {
|
|
194
194
|
throw new NotFoundError(this.CLASS_NAME, "documentNotFound", documentId);
|
|
195
195
|
}
|
|
196
|
-
await
|
|
196
|
+
await EntityStorageIdentityConnector.verifyDocument(didIdentityDocument, this._vaultConnector);
|
|
197
197
|
const didDocument = didIdentityDocument.document;
|
|
198
198
|
const tempKeyId = `temp-vm-${Converter.bytesToBase64Url(RandomHelper.generate(16))}`;
|
|
199
|
-
const verificationPublicKey = await this._vaultConnector.createKey(
|
|
199
|
+
const verificationPublicKey = await this._vaultConnector.createKey(EntityStorageIdentityConnector.buildVaultKey(didDocument.id, tempKeyId), VaultKeyType.Ed25519);
|
|
200
200
|
const jwkParams = {
|
|
201
201
|
alg: "EdDSA",
|
|
202
202
|
kty: "OKP",
|
|
@@ -205,7 +205,7 @@ class EntityStorageIdentityConnector {
|
|
|
205
205
|
};
|
|
206
206
|
const kid = Converter.bytesToBase64Url(Sha256.sum256(Converter.utf8ToBytes(JSON.stringify(jwkParams))));
|
|
207
207
|
const methodId = `${documentId}#${verificationMethodId ?? kid}`;
|
|
208
|
-
await this._vaultConnector.renameKey(
|
|
208
|
+
await this._vaultConnector.renameKey(EntityStorageIdentityConnector.buildVaultKey(didDocument.id, tempKeyId), EntityStorageIdentityConnector.buildVaultKey(didDocument.id, verificationMethodId ?? kid));
|
|
209
209
|
const methods = this.getAllMethods(didDocument);
|
|
210
210
|
const existingMethodIndex = methods.findIndex(m => {
|
|
211
211
|
if (Is.string(m.method)) {
|
|
@@ -257,7 +257,7 @@ class EntityStorageIdentityConnector {
|
|
|
257
257
|
if (Is.undefined(didIdentityDocument)) {
|
|
258
258
|
throw new NotFoundError(this.CLASS_NAME, "documentNotFound", idParts.id);
|
|
259
259
|
}
|
|
260
|
-
await
|
|
260
|
+
await EntityStorageIdentityConnector.verifyDocument(didIdentityDocument, this._vaultConnector);
|
|
261
261
|
const didDocument = didIdentityDocument.document;
|
|
262
262
|
const methods = this.getAllMethods(didDocument);
|
|
263
263
|
const existingMethodIndex = methods.findIndex(m => {
|
|
@@ -305,7 +305,7 @@ class EntityStorageIdentityConnector {
|
|
|
305
305
|
if (Is.undefined(didIdentityDocument)) {
|
|
306
306
|
throw new NotFoundError(this.CLASS_NAME, "documentNotFound", documentId);
|
|
307
307
|
}
|
|
308
|
-
await
|
|
308
|
+
await EntityStorageIdentityConnector.verifyDocument(didIdentityDocument, this._vaultConnector);
|
|
309
309
|
const didDocument = didIdentityDocument.document;
|
|
310
310
|
const fullServiceId = serviceId.includes("#") ? serviceId : `${documentId}#${serviceId}`;
|
|
311
311
|
if (Is.array(didDocument.service)) {
|
|
@@ -347,7 +347,7 @@ class EntityStorageIdentityConnector {
|
|
|
347
347
|
if (Is.undefined(didIdentityDocument)) {
|
|
348
348
|
throw new NotFoundError(this.CLASS_NAME, "documentNotFound", idParts.id);
|
|
349
349
|
}
|
|
350
|
-
await
|
|
350
|
+
await EntityStorageIdentityConnector.verifyDocument(didIdentityDocument, this._vaultConnector);
|
|
351
351
|
const didDocument = didIdentityDocument.document;
|
|
352
352
|
if (Is.array(didDocument.service)) {
|
|
353
353
|
const existingServiceIndex = didDocument.service.findIndex(s => s.id === serviceId);
|
|
@@ -393,7 +393,7 @@ class EntityStorageIdentityConnector {
|
|
|
393
393
|
if (Is.undefined(issuerIdentityDocument)) {
|
|
394
394
|
throw new NotFoundError(this.CLASS_NAME, "documentNotFound", idParts.id);
|
|
395
395
|
}
|
|
396
|
-
await
|
|
396
|
+
await EntityStorageIdentityConnector.verifyDocument(issuerIdentityDocument, this._vaultConnector);
|
|
397
397
|
const issuerDidDocument = issuerIdentityDocument.document;
|
|
398
398
|
const methods = this.getAllMethods(issuerDidDocument);
|
|
399
399
|
const methodAndArray = methods.find(m => {
|
|
@@ -465,7 +465,7 @@ class EntityStorageIdentityConnector {
|
|
|
465
465
|
vc: jwtVc
|
|
466
466
|
};
|
|
467
467
|
const signature = await Jwt.encodeWithSigner(jwtHeader, jwtPayload, async (alg, key, payload) => {
|
|
468
|
-
const sig = await this._vaultConnector.sign(
|
|
468
|
+
const sig = await this._vaultConnector.sign(EntityStorageIdentityConnector.buildVaultKey(idParts.id, idParts.hash ?? ""), payload);
|
|
469
469
|
return sig;
|
|
470
470
|
});
|
|
471
471
|
return {
|
|
@@ -500,7 +500,7 @@ class EntityStorageIdentityConnector {
|
|
|
500
500
|
if (Is.undefined(issuerIdentityDocument)) {
|
|
501
501
|
throw new NotFoundError(this.CLASS_NAME, "documentNotFound", issuerDocumentId);
|
|
502
502
|
}
|
|
503
|
-
await
|
|
503
|
+
await EntityStorageIdentityConnector.verifyDocument(issuerIdentityDocument, this._vaultConnector);
|
|
504
504
|
const issuerDidDocument = issuerIdentityDocument.document;
|
|
505
505
|
const methods = this.getAllMethods(issuerDidDocument);
|
|
506
506
|
const methodAndArray = methods.find(m => {
|
|
@@ -565,7 +565,7 @@ class EntityStorageIdentityConnector {
|
|
|
565
565
|
if (Is.undefined(issuerIdentityDocument)) {
|
|
566
566
|
throw new NotFoundError(this.CLASS_NAME, "documentNotFound", issuerDocumentId);
|
|
567
567
|
}
|
|
568
|
-
await
|
|
568
|
+
await EntityStorageIdentityConnector.verifyDocument(issuerIdentityDocument, this._vaultConnector);
|
|
569
569
|
const issuerDidDocument = issuerIdentityDocument.document;
|
|
570
570
|
const revocationService = issuerDidDocument.service?.find(s => s.id.endsWith("#revocation"));
|
|
571
571
|
if (revocationService &&
|
|
@@ -605,7 +605,7 @@ class EntityStorageIdentityConnector {
|
|
|
605
605
|
if (Is.undefined(issuerIdentityDocument)) {
|
|
606
606
|
throw new NotFoundError(this.CLASS_NAME, "documentNotFound", issuerDocumentId);
|
|
607
607
|
}
|
|
608
|
-
await
|
|
608
|
+
await EntityStorageIdentityConnector.verifyDocument(issuerIdentityDocument, this._vaultConnector);
|
|
609
609
|
const issuerDidDocument = issuerIdentityDocument.document;
|
|
610
610
|
const revocationService = issuerDidDocument.service?.find(s => s.id.endsWith("#revocation"));
|
|
611
611
|
if (revocationService &&
|
|
@@ -663,7 +663,7 @@ class EntityStorageIdentityConnector {
|
|
|
663
663
|
if (Is.undefined(holderIdentityDocument)) {
|
|
664
664
|
throw new NotFoundError(this.CLASS_NAME, "documentNotFound", idParts.id);
|
|
665
665
|
}
|
|
666
|
-
await
|
|
666
|
+
await EntityStorageIdentityConnector.verifyDocument(holderIdentityDocument, this._vaultConnector);
|
|
667
667
|
const holderDidDocument = holderIdentityDocument.document;
|
|
668
668
|
const methods = this.getAllMethods(holderDidDocument);
|
|
669
669
|
const methodAndArray = methods.find(m => {
|
|
@@ -715,7 +715,7 @@ class EntityStorageIdentityConnector {
|
|
|
715
715
|
jwtPayload.exp = Math.floor(Date.now() / 1000) + expiresInSeconds;
|
|
716
716
|
}
|
|
717
717
|
const signature = await Jwt.encodeWithSigner(jwtHeader, jwtPayload, async (alg, key, payload) => {
|
|
718
|
-
const sig = await this._vaultConnector.sign(
|
|
718
|
+
const sig = await this._vaultConnector.sign(EntityStorageIdentityConnector.buildVaultKey(idParts.id, idParts.hash ?? ""), payload);
|
|
719
719
|
return sig;
|
|
720
720
|
});
|
|
721
721
|
return {
|
|
@@ -750,7 +750,7 @@ class EntityStorageIdentityConnector {
|
|
|
750
750
|
if (Is.undefined(holderIdentityDocument)) {
|
|
751
751
|
throw new NotFoundError(this.CLASS_NAME, "documentNotFound", holderDocumentId);
|
|
752
752
|
}
|
|
753
|
-
await
|
|
753
|
+
await EntityStorageIdentityConnector.verifyDocument(holderIdentityDocument, this._vaultConnector);
|
|
754
754
|
const issuers = [];
|
|
755
755
|
const tokensRevoked = [];
|
|
756
756
|
const verifiablePresentation = jwtPayload?.vp;
|
|
@@ -767,7 +767,7 @@ class EntityStorageIdentityConnector {
|
|
|
767
767
|
if (Is.undefined(issuerDidDocument)) {
|
|
768
768
|
throw new NotFoundError(this.CLASS_NAME, "documentNotFound", issuerDocumentId);
|
|
769
769
|
}
|
|
770
|
-
await
|
|
770
|
+
await EntityStorageIdentityConnector.verifyDocument(issuerDidDocument, this._vaultConnector);
|
|
771
771
|
issuers.push(issuerDidDocument);
|
|
772
772
|
const vc = jwt.payload.vc;
|
|
773
773
|
if (Is.object(vc)) {
|
|
@@ -816,7 +816,7 @@ class EntityStorageIdentityConnector {
|
|
|
816
816
|
if (Is.undefined(didIdentityDocument)) {
|
|
817
817
|
throw new NotFoundError(this.CLASS_NAME, "documentNotFound", idParts.id);
|
|
818
818
|
}
|
|
819
|
-
await
|
|
819
|
+
await EntityStorageIdentityConnector.verifyDocument(didIdentityDocument, this._vaultConnector);
|
|
820
820
|
const didDocument = didIdentityDocument.document;
|
|
821
821
|
const methods = this.getAllMethods(didDocument);
|
|
822
822
|
const methodAndArray = methods.find(m => {
|
|
@@ -834,7 +834,7 @@ class EntityStorageIdentityConnector {
|
|
|
834
834
|
method: verificationMethodId
|
|
835
835
|
});
|
|
836
836
|
}
|
|
837
|
-
const signature = await this._vaultConnector.sign(
|
|
837
|
+
const signature = await this._vaultConnector.sign(EntityStorageIdentityConnector.buildVaultKey(didDocument.id, idParts.hash ?? ""), bytes);
|
|
838
838
|
return {
|
|
839
839
|
"@context": DidContexts.ContextVCDataIntegrity,
|
|
840
840
|
type: DidTypes.DataIntegrityProof,
|
|
@@ -877,7 +877,7 @@ class EntityStorageIdentityConnector {
|
|
|
877
877
|
if (Is.undefined(didIdentityDocument)) {
|
|
878
878
|
throw new NotFoundError(this.CLASS_NAME, "documentNotFound", idParts.id);
|
|
879
879
|
}
|
|
880
|
-
await
|
|
880
|
+
await EntityStorageIdentityConnector.verifyDocument(didIdentityDocument, this._vaultConnector);
|
|
881
881
|
const didDocument = didIdentityDocument.document;
|
|
882
882
|
const methods = this.getAllMethods(didDocument);
|
|
883
883
|
const methodAndArray = methods.find(m => {
|
|
@@ -897,7 +897,7 @@ class EntityStorageIdentityConnector {
|
|
|
897
897
|
method: proof.verificationMethodId
|
|
898
898
|
});
|
|
899
899
|
}
|
|
900
|
-
return this._vaultConnector.verify(
|
|
900
|
+
return this._vaultConnector.verify(EntityStorageIdentityConnector.buildVaultKey(didIdentityDocument.id, idParts.hash), bytes, Converter.base58ToBytes(proof.proofValue));
|
|
901
901
|
}
|
|
902
902
|
catch (error) {
|
|
903
903
|
throw new GeneralError(this.CLASS_NAME, "verifyProofFailed", undefined, error);
|
|
@@ -950,19 +950,6 @@ class EntityStorageIdentityConnector {
|
|
|
950
950
|
}
|
|
951
951
|
return false;
|
|
952
952
|
}
|
|
953
|
-
/**
|
|
954
|
-
* Verify the document in storage.
|
|
955
|
-
* @param didDocument The did document that was stored.
|
|
956
|
-
* @internal
|
|
957
|
-
*/
|
|
958
|
-
async verifyDocument(didDocument) {
|
|
959
|
-
const stringifiedDocument = JsonHelper.canonicalize(didDocument.document);
|
|
960
|
-
const docBytes = Converter.utf8ToBytes(stringifiedDocument);
|
|
961
|
-
const verified = await this._vaultConnector.verify(this.buildVaultKey(didDocument.id, "did"), docBytes, Converter.base64ToBytes(didDocument.signature));
|
|
962
|
-
if (!verified) {
|
|
963
|
-
throw new GeneralError(this.CLASS_NAME, "signatureVerificationFailed");
|
|
964
|
-
}
|
|
965
|
-
}
|
|
966
953
|
/**
|
|
967
954
|
* Update the document in storage.
|
|
968
955
|
* @param controller The controller of the document.
|
|
@@ -972,7 +959,7 @@ class EntityStorageIdentityConnector {
|
|
|
972
959
|
async updateDocument(controller, didDocument) {
|
|
973
960
|
const stringifiedDocument = JsonHelper.canonicalize(didDocument);
|
|
974
961
|
const docBytes = Converter.utf8ToBytes(stringifiedDocument);
|
|
975
|
-
const signature = await this._vaultConnector.sign(
|
|
962
|
+
const signature = await this._vaultConnector.sign(EntityStorageIdentityConnector.buildVaultKey(didDocument.id, "did"), docBytes);
|
|
976
963
|
await this._didDocumentEntityStorage.set({
|
|
977
964
|
id: didDocument.id,
|
|
978
965
|
document: didDocument,
|
|
@@ -980,15 +967,6 @@ class EntityStorageIdentityConnector {
|
|
|
980
967
|
controller
|
|
981
968
|
});
|
|
982
969
|
}
|
|
983
|
-
/**
|
|
984
|
-
* Build the key name to access the specified key in the vault.
|
|
985
|
-
* @param identity The identity of the user to access the vault keys.
|
|
986
|
-
* @returns The vault key.
|
|
987
|
-
* @internal
|
|
988
|
-
*/
|
|
989
|
-
buildVaultKey(identity, key) {
|
|
990
|
-
return `${identity}/${key}`;
|
|
991
|
-
}
|
|
992
970
|
}
|
|
993
971
|
|
|
994
972
|
// Copyright 2024 IOTA Stiftung.
|
|
@@ -1011,9 +989,8 @@ class EntityStorageIdentityProfileConnector {
|
|
|
1011
989
|
*/
|
|
1012
990
|
_profileEntityStorage;
|
|
1013
991
|
/**
|
|
1014
|
-
* Create a new instance of
|
|
1015
|
-
* @param options The
|
|
1016
|
-
* @param options.profileEntityStorageType The storage connector for the profiles, default to "identity-profile".
|
|
992
|
+
* Create a new instance of EntityStorageIdentityProfileConnector.
|
|
993
|
+
* @param options The options for the identity service.
|
|
1017
994
|
*/
|
|
1018
995
|
constructor(options) {
|
|
1019
996
|
this._profileEntityStorage = EntityStorageConnectorFactory.get(options?.profileEntityStorageType ?? "identity-profile");
|
|
@@ -1185,6 +1162,60 @@ class EntityStorageIdentityProfileConnector {
|
|
|
1185
1162
|
}
|
|
1186
1163
|
}
|
|
1187
1164
|
|
|
1165
|
+
// Copyright 2024 IOTA Stiftung.
|
|
1166
|
+
// SPDX-License-Identifier: Apache-2.0.
|
|
1167
|
+
/**
|
|
1168
|
+
* Class for performing identity operations using entity storage.
|
|
1169
|
+
*/
|
|
1170
|
+
class EntityStorageIdentityResolverConnector {
|
|
1171
|
+
/**
|
|
1172
|
+
* The namespace supported by the identity connector.
|
|
1173
|
+
*/
|
|
1174
|
+
static NAMESPACE = "entity-storage";
|
|
1175
|
+
/**
|
|
1176
|
+
* Runtime name for the class.
|
|
1177
|
+
*/
|
|
1178
|
+
CLASS_NAME = "EntityStorageIdentityResolverConnector";
|
|
1179
|
+
/**
|
|
1180
|
+
* The entity storage for identities.
|
|
1181
|
+
* @internal
|
|
1182
|
+
*/
|
|
1183
|
+
_didDocumentEntityStorage;
|
|
1184
|
+
/**
|
|
1185
|
+
* The vault for the keys.
|
|
1186
|
+
* @internal
|
|
1187
|
+
*/
|
|
1188
|
+
_vaultConnector;
|
|
1189
|
+
/**
|
|
1190
|
+
* Create a new instance of EntityStorageIdentityResolverConnector.
|
|
1191
|
+
* @param options The options for the identity connector.
|
|
1192
|
+
*/
|
|
1193
|
+
constructor(options) {
|
|
1194
|
+
this._didDocumentEntityStorage = EntityStorageConnectorFactory.get(options?.didDocumentEntityStorageType ?? "identity-document");
|
|
1195
|
+
this._vaultConnector = VaultConnectorFactory.get(options?.vaultConnectorType ?? "vault");
|
|
1196
|
+
}
|
|
1197
|
+
/**
|
|
1198
|
+
* Resolve a document from its id.
|
|
1199
|
+
* @param documentId The id of the document to resolve.
|
|
1200
|
+
* @returns The resolved document.
|
|
1201
|
+
* @throws NotFoundError if the id can not be resolved.
|
|
1202
|
+
*/
|
|
1203
|
+
async resolveDocument(documentId) {
|
|
1204
|
+
Guards.stringValue(this.CLASS_NAME, "documentId", documentId);
|
|
1205
|
+
try {
|
|
1206
|
+
const didIdentityDocument = await this._didDocumentEntityStorage.get(documentId);
|
|
1207
|
+
if (Is.undefined(didIdentityDocument)) {
|
|
1208
|
+
throw new NotFoundError(this.CLASS_NAME, "documentNotFound", documentId);
|
|
1209
|
+
}
|
|
1210
|
+
await EntityStorageIdentityConnector.verifyDocument(didIdentityDocument, this._vaultConnector);
|
|
1211
|
+
return didIdentityDocument.document;
|
|
1212
|
+
}
|
|
1213
|
+
catch (error) {
|
|
1214
|
+
throw new GeneralError(this.CLASS_NAME, "resolveDocumentFailed", undefined, error);
|
|
1215
|
+
}
|
|
1216
|
+
}
|
|
1217
|
+
}
|
|
1218
|
+
|
|
1188
1219
|
// Copyright 2024 IOTA Stiftung.
|
|
1189
1220
|
// SPDX-License-Identifier: Apache-2.0.
|
|
1190
1221
|
/**
|
|
@@ -1202,4 +1233,4 @@ function initSchema(options) {
|
|
|
1202
1233
|
}
|
|
1203
1234
|
}
|
|
1204
1235
|
|
|
1205
|
-
export { EntityStorageIdentityConnector, EntityStorageIdentityProfileConnector, IdentityDocument, IdentityProfile, initSchema };
|
|
1236
|
+
export { EntityStorageIdentityConnector, EntityStorageIdentityProfileConnector, EntityStorageIdentityResolverConnector, IdentityDocument, IdentityProfile, initSchema };
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
import { type IJsonLdContextDefinitionRoot, type IJsonLdNodeObject } from "@twin.org/data-json-ld";
|
|
2
2
|
import { type IIdentityConnector } from "@twin.org/identity-models";
|
|
3
3
|
import { DidVerificationMethodType, type IDidDocument, type IDidDocumentVerificationMethod, type IDidProof, type IDidService, type IDidVerifiableCredential, type IDidVerifiablePresentation } from "@twin.org/standards-w3c-did";
|
|
4
|
+
import type { IEntityStorageIdentityConnectorConstructorOptions } from "./models/IEntityStorageIdentityConnectorConstructorOptions";
|
|
4
5
|
/**
|
|
5
6
|
* Class for performing identity operations using entity storage.
|
|
6
7
|
*/
|
|
@@ -15,27 +16,15 @@ export declare class EntityStorageIdentityConnector implements IIdentityConnecto
|
|
|
15
16
|
readonly CLASS_NAME: string;
|
|
16
17
|
/**
|
|
17
18
|
* Create a new instance of EntityStorageIdentityConnector.
|
|
18
|
-
* @param options The
|
|
19
|
-
* @param options.didDocumentEntityStorageType The entity storage for the did documents, defaults to "identity-document".
|
|
20
|
-
* @param options.vaultConnectorType The vault for the private keys, defaults to "vault".
|
|
19
|
+
* @param options The options for the identity connector.
|
|
21
20
|
*/
|
|
22
|
-
constructor(options?:
|
|
23
|
-
didDocumentEntityStorageType?: string;
|
|
24
|
-
vaultConnectorType?: string;
|
|
25
|
-
});
|
|
21
|
+
constructor(options?: IEntityStorageIdentityConnectorConstructorOptions);
|
|
26
22
|
/**
|
|
27
23
|
* Create a new document.
|
|
28
24
|
* @param controller The controller of the identity who can make changes.
|
|
29
25
|
* @returns The created document.
|
|
30
26
|
*/
|
|
31
27
|
createDocument(controller: string): Promise<IDidDocument>;
|
|
32
|
-
/**
|
|
33
|
-
* Resolve a document from its id.
|
|
34
|
-
* @param documentId The id of the document to resolve.
|
|
35
|
-
* @returns The resolved document.
|
|
36
|
-
* @throws NotFoundError if the id can not be resolved.
|
|
37
|
-
*/
|
|
38
|
-
resolveDocument(documentId: string): Promise<IDidDocument>;
|
|
39
28
|
/**
|
|
40
29
|
* Add a verification method to the document in JSON Web key Format.
|
|
41
30
|
* @param controller The controller of the identity who can make changes.
|
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
import type { IJsonLdDocument } from "@twin.org/data-json-ld";
|
|
2
2
|
import type { IIdentityProfileConnector } from "@twin.org/identity-models";
|
|
3
|
+
import type { IEntityStorageIdentityProfileConnectorConstructorOptions } from "./models/IEntityStorageIdentityProfileConnectorConstructorOptions";
|
|
3
4
|
/**
|
|
4
5
|
* Class which implements the identity profile connector contract.
|
|
5
6
|
*/
|
|
@@ -13,13 +14,10 @@ export declare class EntityStorageIdentityProfileConnector<T extends IJsonLdDocu
|
|
|
13
14
|
*/
|
|
14
15
|
readonly CLASS_NAME: string;
|
|
15
16
|
/**
|
|
16
|
-
* Create a new instance of
|
|
17
|
-
* @param options The
|
|
18
|
-
* @param options.profileEntityStorageType The storage connector for the profiles, default to "identity-profile".
|
|
17
|
+
* Create a new instance of EntityStorageIdentityProfileConnector.
|
|
18
|
+
* @param options The options for the identity service.
|
|
19
19
|
*/
|
|
20
|
-
constructor(options?:
|
|
21
|
-
profileEntityStorageType?: string;
|
|
22
|
-
});
|
|
20
|
+
constructor(options?: IEntityStorageIdentityProfileConnectorConstructorOptions);
|
|
23
21
|
/**
|
|
24
22
|
* Create the profile properties for an identity.
|
|
25
23
|
* @param identity The identity of the profile to create.
|
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
import type { IIdentityResolverConnector } from "@twin.org/identity-models";
|
|
2
|
+
import type { IDidDocument } from "@twin.org/standards-w3c-did";
|
|
3
|
+
import type { IEntityStorageIdentityResolverConnectorConstructorOptions } from "./models/IEntityStorageIdentityResolverConnectorConstructorOptions";
|
|
4
|
+
/**
|
|
5
|
+
* Class for performing identity operations using entity storage.
|
|
6
|
+
*/
|
|
7
|
+
export declare class EntityStorageIdentityResolverConnector implements IIdentityResolverConnector {
|
|
8
|
+
/**
|
|
9
|
+
* The namespace supported by the identity connector.
|
|
10
|
+
*/
|
|
11
|
+
static readonly NAMESPACE: string;
|
|
12
|
+
/**
|
|
13
|
+
* Runtime name for the class.
|
|
14
|
+
*/
|
|
15
|
+
readonly CLASS_NAME: string;
|
|
16
|
+
/**
|
|
17
|
+
* Create a new instance of EntityStorageIdentityResolverConnector.
|
|
18
|
+
* @param options The options for the identity connector.
|
|
19
|
+
*/
|
|
20
|
+
constructor(options?: IEntityStorageIdentityResolverConnectorConstructorOptions);
|
|
21
|
+
/**
|
|
22
|
+
* Resolve a document from its id.
|
|
23
|
+
* @param documentId The id of the document to resolve.
|
|
24
|
+
* @returns The resolved document.
|
|
25
|
+
* @throws NotFoundError if the id can not be resolved.
|
|
26
|
+
*/
|
|
27
|
+
resolveDocument(documentId: string): Promise<IDidDocument>;
|
|
28
|
+
}
|
package/dist/types/index.d.ts
CHANGED
|
@@ -2,4 +2,8 @@ export * from "./entities/identityDocument";
|
|
|
2
2
|
export * from "./entities/identityProfile";
|
|
3
3
|
export * from "./entityStorageIdentityConnector";
|
|
4
4
|
export * from "./entityStorageIdentityProfileConnector";
|
|
5
|
+
export * from "./entityStorageIdentityResolverConnector";
|
|
6
|
+
export * from "./models/IEntityStorageIdentityConnectorConstructorOptions";
|
|
7
|
+
export * from "./models/IEntityStorageIdentityProfileConnectorConstructorOptions";
|
|
8
|
+
export * from "./models/IEntityStorageIdentityResolverConnectorConstructorOptions";
|
|
5
9
|
export * from "./schema";
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
import type { IEntityStorageIdentityResolverConnectorConstructorOptions } from "./IEntityStorageIdentityResolverConnectorConstructorOptions";
|
|
2
|
+
/**
|
|
3
|
+
* Options for the entity storage identity connector constructor.
|
|
4
|
+
*/
|
|
5
|
+
export interface IEntityStorageIdentityConnectorConstructorOptions extends IEntityStorageIdentityResolverConnectorConstructorOptions {
|
|
6
|
+
}
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Options for the entity storage identity profile connector constructor.
|
|
3
|
+
*/
|
|
4
|
+
export interface IEntityStorageIdentityProfileConnectorConstructorOptions {
|
|
5
|
+
/**
|
|
6
|
+
* The storage connector for the profiles.
|
|
7
|
+
* @default identity-profile
|
|
8
|
+
*/
|
|
9
|
+
profileEntityStorageType?: string;
|
|
10
|
+
}
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Options for the entity storage identity connector constructor.
|
|
3
|
+
*/
|
|
4
|
+
export interface IEntityStorageIdentityResolverConnectorConstructorOptions {
|
|
5
|
+
/**
|
|
6
|
+
* The entity storage for the did documents.
|
|
7
|
+
* @default identity-document
|
|
8
|
+
*/
|
|
9
|
+
didDocumentEntityStorageType?: string;
|
|
10
|
+
/**
|
|
11
|
+
* The vault for the private keys.
|
|
12
|
+
* @default vault
|
|
13
|
+
*/
|
|
14
|
+
vaultConnectorType?: string;
|
|
15
|
+
}
|
package/docs/changelog.md
CHANGED