@twin.org/identity-connector-entity-storage 0.0.1-next.20 → 0.0.1-next.21
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/index.cjs +98 -63
- package/dist/esm/index.mjs +99 -65
- package/dist/types/entityStorageIdentityConnector.d.ts +0 -7
- package/dist/types/entityStorageIdentityResolverConnector.d.ts +28 -0
- package/dist/types/index.d.ts +2 -0
- package/dist/types/models/IEntityStorageIdentityConnectorConstructorOptions.d.ts +2 -11
- package/dist/types/models/IEntityStorageIdentityResolverConnectorConstructorOptions.d.ts +15 -0
- package/docs/changelog.md +1 -1
- package/docs/reference/classes/EntityStorageIdentityConnector.md +0 -30
- package/docs/reference/classes/EntityStorageIdentityResolverConnector.md +77 -0
- package/docs/reference/index.md +2 -0
- package/docs/reference/interfaces/IEntityStorageIdentityConnectorConstructorOptions.md +12 -0
- package/docs/reference/interfaces/IEntityStorageIdentityResolverConnectorConstructorOptions.md +35 -0
- package/locales/en.json +4 -1
- package/package.json +4 -4
package/dist/cjs/index.cjs
CHANGED
|
@@ -125,6 +125,28 @@ class EntityStorageIdentityConnector {
|
|
|
125
125
|
this._didDocumentEntityStorage = entityStorageModels.EntityStorageConnectorFactory.get(options?.didDocumentEntityStorageType ?? "identity-document");
|
|
126
126
|
this._vaultConnector = vaultModels.VaultConnectorFactory.get(options?.vaultConnectorType ?? "vault");
|
|
127
127
|
}
|
|
128
|
+
/**
|
|
129
|
+
* Build the key name to access the specified key in the vault.
|
|
130
|
+
* @param identity The identity of the user to access the vault keys.
|
|
131
|
+
* @returns The vault key.
|
|
132
|
+
* @internal
|
|
133
|
+
*/
|
|
134
|
+
static buildVaultKey(identity, key) {
|
|
135
|
+
return `${identity}/${key}`;
|
|
136
|
+
}
|
|
137
|
+
/**
|
|
138
|
+
* Verify the document in storage.
|
|
139
|
+
* @param didDocument The did document that was stored.
|
|
140
|
+
* @internal
|
|
141
|
+
*/
|
|
142
|
+
static async verifyDocument(didDocument, vaultConnector) {
|
|
143
|
+
const stringifiedDocument = core.JsonHelper.canonicalize(didDocument.document);
|
|
144
|
+
const docBytes = core.Converter.utf8ToBytes(stringifiedDocument);
|
|
145
|
+
const verified = await vaultConnector.verify(EntityStorageIdentityConnector.buildVaultKey(didDocument.id, "did"), docBytes, core.Converter.base64ToBytes(didDocument.signature));
|
|
146
|
+
if (!verified) {
|
|
147
|
+
throw new core.GeneralError("EntityStorageIdentityResolverConnector", "signatureVerificationFailed");
|
|
148
|
+
}
|
|
149
|
+
}
|
|
128
150
|
/**
|
|
129
151
|
* Create a new document.
|
|
130
152
|
* @param controller The controller of the identity who can make changes.
|
|
@@ -134,7 +156,7 @@ class EntityStorageIdentityConnector {
|
|
|
134
156
|
core.Guards.stringValue(this.CLASS_NAME, "controller", controller);
|
|
135
157
|
try {
|
|
136
158
|
const did = `did:${EntityStorageIdentityConnector.NAMESPACE}:${core.Converter.bytesToHex(core.RandomHelper.generate(32), true)}`;
|
|
137
|
-
await this._vaultConnector.createKey(
|
|
159
|
+
await this._vaultConnector.createKey(EntityStorageIdentityConnector.buildVaultKey(did, "did"), vaultModels.VaultKeyType.Ed25519);
|
|
138
160
|
const bitString = new core.BitString(EntityStorageIdentityConnector._REVOCATION_BITS_SIZE);
|
|
139
161
|
const compressed = await core.Compression.compress(bitString.getBits(), core.CompressionType.Gzip);
|
|
140
162
|
const didDocument = {
|
|
@@ -154,26 +176,6 @@ class EntityStorageIdentityConnector {
|
|
|
154
176
|
throw new core.GeneralError(this.CLASS_NAME, "createDocumentFailed", undefined, error);
|
|
155
177
|
}
|
|
156
178
|
}
|
|
157
|
-
/**
|
|
158
|
-
* Resolve a document from its id.
|
|
159
|
-
* @param documentId The id of the document to resolve.
|
|
160
|
-
* @returns The resolved document.
|
|
161
|
-
* @throws NotFoundError if the id can not be resolved.
|
|
162
|
-
*/
|
|
163
|
-
async resolveDocument(documentId) {
|
|
164
|
-
core.Guards.stringValue(this.CLASS_NAME, "documentId", documentId);
|
|
165
|
-
try {
|
|
166
|
-
const didIdentityDocument = await this._didDocumentEntityStorage.get(documentId);
|
|
167
|
-
if (core.Is.undefined(didIdentityDocument)) {
|
|
168
|
-
throw new core.NotFoundError(this.CLASS_NAME, "documentNotFound", documentId);
|
|
169
|
-
}
|
|
170
|
-
await this.verifyDocument(didIdentityDocument);
|
|
171
|
-
return didIdentityDocument.document;
|
|
172
|
-
}
|
|
173
|
-
catch (error) {
|
|
174
|
-
throw new core.GeneralError(this.CLASS_NAME, "resolveDocumentFailed", undefined, error);
|
|
175
|
-
}
|
|
176
|
-
}
|
|
177
179
|
/**
|
|
178
180
|
* Add a verification method to the document in JSON Web key Format.
|
|
179
181
|
* @param controller The controller of the identity who can make changes.
|
|
@@ -193,10 +195,10 @@ class EntityStorageIdentityConnector {
|
|
|
193
195
|
if (core.Is.undefined(didIdentityDocument)) {
|
|
194
196
|
throw new core.NotFoundError(this.CLASS_NAME, "documentNotFound", documentId);
|
|
195
197
|
}
|
|
196
|
-
await
|
|
198
|
+
await EntityStorageIdentityConnector.verifyDocument(didIdentityDocument, this._vaultConnector);
|
|
197
199
|
const didDocument = didIdentityDocument.document;
|
|
198
200
|
const tempKeyId = `temp-vm-${core.Converter.bytesToBase64Url(core.RandomHelper.generate(16))}`;
|
|
199
|
-
const verificationPublicKey = await this._vaultConnector.createKey(
|
|
201
|
+
const verificationPublicKey = await this._vaultConnector.createKey(EntityStorageIdentityConnector.buildVaultKey(didDocument.id, tempKeyId), vaultModels.VaultKeyType.Ed25519);
|
|
200
202
|
const jwkParams = {
|
|
201
203
|
alg: "EdDSA",
|
|
202
204
|
kty: "OKP",
|
|
@@ -205,7 +207,7 @@ class EntityStorageIdentityConnector {
|
|
|
205
207
|
};
|
|
206
208
|
const kid = core.Converter.bytesToBase64Url(crypto.Sha256.sum256(core.Converter.utf8ToBytes(JSON.stringify(jwkParams))));
|
|
207
209
|
const methodId = `${documentId}#${verificationMethodId ?? kid}`;
|
|
208
|
-
await this._vaultConnector.renameKey(
|
|
210
|
+
await this._vaultConnector.renameKey(EntityStorageIdentityConnector.buildVaultKey(didDocument.id, tempKeyId), EntityStorageIdentityConnector.buildVaultKey(didDocument.id, verificationMethodId ?? kid));
|
|
209
211
|
const methods = this.getAllMethods(didDocument);
|
|
210
212
|
const existingMethodIndex = methods.findIndex(m => {
|
|
211
213
|
if (core.Is.string(m.method)) {
|
|
@@ -257,7 +259,7 @@ class EntityStorageIdentityConnector {
|
|
|
257
259
|
if (core.Is.undefined(didIdentityDocument)) {
|
|
258
260
|
throw new core.NotFoundError(this.CLASS_NAME, "documentNotFound", idParts.id);
|
|
259
261
|
}
|
|
260
|
-
await
|
|
262
|
+
await EntityStorageIdentityConnector.verifyDocument(didIdentityDocument, this._vaultConnector);
|
|
261
263
|
const didDocument = didIdentityDocument.document;
|
|
262
264
|
const methods = this.getAllMethods(didDocument);
|
|
263
265
|
const existingMethodIndex = methods.findIndex(m => {
|
|
@@ -305,7 +307,7 @@ class EntityStorageIdentityConnector {
|
|
|
305
307
|
if (core.Is.undefined(didIdentityDocument)) {
|
|
306
308
|
throw new core.NotFoundError(this.CLASS_NAME, "documentNotFound", documentId);
|
|
307
309
|
}
|
|
308
|
-
await
|
|
310
|
+
await EntityStorageIdentityConnector.verifyDocument(didIdentityDocument, this._vaultConnector);
|
|
309
311
|
const didDocument = didIdentityDocument.document;
|
|
310
312
|
const fullServiceId = serviceId.includes("#") ? serviceId : `${documentId}#${serviceId}`;
|
|
311
313
|
if (core.Is.array(didDocument.service)) {
|
|
@@ -347,7 +349,7 @@ class EntityStorageIdentityConnector {
|
|
|
347
349
|
if (core.Is.undefined(didIdentityDocument)) {
|
|
348
350
|
throw new core.NotFoundError(this.CLASS_NAME, "documentNotFound", idParts.id);
|
|
349
351
|
}
|
|
350
|
-
await
|
|
352
|
+
await EntityStorageIdentityConnector.verifyDocument(didIdentityDocument, this._vaultConnector);
|
|
351
353
|
const didDocument = didIdentityDocument.document;
|
|
352
354
|
if (core.Is.array(didDocument.service)) {
|
|
353
355
|
const existingServiceIndex = didDocument.service.findIndex(s => s.id === serviceId);
|
|
@@ -393,7 +395,7 @@ class EntityStorageIdentityConnector {
|
|
|
393
395
|
if (core.Is.undefined(issuerIdentityDocument)) {
|
|
394
396
|
throw new core.NotFoundError(this.CLASS_NAME, "documentNotFound", idParts.id);
|
|
395
397
|
}
|
|
396
|
-
await
|
|
398
|
+
await EntityStorageIdentityConnector.verifyDocument(issuerIdentityDocument, this._vaultConnector);
|
|
397
399
|
const issuerDidDocument = issuerIdentityDocument.document;
|
|
398
400
|
const methods = this.getAllMethods(issuerDidDocument);
|
|
399
401
|
const methodAndArray = methods.find(m => {
|
|
@@ -465,7 +467,7 @@ class EntityStorageIdentityConnector {
|
|
|
465
467
|
vc: jwtVc
|
|
466
468
|
};
|
|
467
469
|
const signature = await web.Jwt.encodeWithSigner(jwtHeader, jwtPayload, async (alg, key, payload) => {
|
|
468
|
-
const sig = await this._vaultConnector.sign(
|
|
470
|
+
const sig = await this._vaultConnector.sign(EntityStorageIdentityConnector.buildVaultKey(idParts.id, idParts.hash ?? ""), payload);
|
|
469
471
|
return sig;
|
|
470
472
|
});
|
|
471
473
|
return {
|
|
@@ -500,7 +502,7 @@ class EntityStorageIdentityConnector {
|
|
|
500
502
|
if (core.Is.undefined(issuerIdentityDocument)) {
|
|
501
503
|
throw new core.NotFoundError(this.CLASS_NAME, "documentNotFound", issuerDocumentId);
|
|
502
504
|
}
|
|
503
|
-
await
|
|
505
|
+
await EntityStorageIdentityConnector.verifyDocument(issuerIdentityDocument, this._vaultConnector);
|
|
504
506
|
const issuerDidDocument = issuerIdentityDocument.document;
|
|
505
507
|
const methods = this.getAllMethods(issuerDidDocument);
|
|
506
508
|
const methodAndArray = methods.find(m => {
|
|
@@ -565,7 +567,7 @@ class EntityStorageIdentityConnector {
|
|
|
565
567
|
if (core.Is.undefined(issuerIdentityDocument)) {
|
|
566
568
|
throw new core.NotFoundError(this.CLASS_NAME, "documentNotFound", issuerDocumentId);
|
|
567
569
|
}
|
|
568
|
-
await
|
|
570
|
+
await EntityStorageIdentityConnector.verifyDocument(issuerIdentityDocument, this._vaultConnector);
|
|
569
571
|
const issuerDidDocument = issuerIdentityDocument.document;
|
|
570
572
|
const revocationService = issuerDidDocument.service?.find(s => s.id.endsWith("#revocation"));
|
|
571
573
|
if (revocationService &&
|
|
@@ -605,7 +607,7 @@ class EntityStorageIdentityConnector {
|
|
|
605
607
|
if (core.Is.undefined(issuerIdentityDocument)) {
|
|
606
608
|
throw new core.NotFoundError(this.CLASS_NAME, "documentNotFound", issuerDocumentId);
|
|
607
609
|
}
|
|
608
|
-
await
|
|
610
|
+
await EntityStorageIdentityConnector.verifyDocument(issuerIdentityDocument, this._vaultConnector);
|
|
609
611
|
const issuerDidDocument = issuerIdentityDocument.document;
|
|
610
612
|
const revocationService = issuerDidDocument.service?.find(s => s.id.endsWith("#revocation"));
|
|
611
613
|
if (revocationService &&
|
|
@@ -663,7 +665,7 @@ class EntityStorageIdentityConnector {
|
|
|
663
665
|
if (core.Is.undefined(holderIdentityDocument)) {
|
|
664
666
|
throw new core.NotFoundError(this.CLASS_NAME, "documentNotFound", idParts.id);
|
|
665
667
|
}
|
|
666
|
-
await
|
|
668
|
+
await EntityStorageIdentityConnector.verifyDocument(holderIdentityDocument, this._vaultConnector);
|
|
667
669
|
const holderDidDocument = holderIdentityDocument.document;
|
|
668
670
|
const methods = this.getAllMethods(holderDidDocument);
|
|
669
671
|
const methodAndArray = methods.find(m => {
|
|
@@ -715,7 +717,7 @@ class EntityStorageIdentityConnector {
|
|
|
715
717
|
jwtPayload.exp = Math.floor(Date.now() / 1000) + expiresInSeconds;
|
|
716
718
|
}
|
|
717
719
|
const signature = await web.Jwt.encodeWithSigner(jwtHeader, jwtPayload, async (alg, key, payload) => {
|
|
718
|
-
const sig = await this._vaultConnector.sign(
|
|
720
|
+
const sig = await this._vaultConnector.sign(EntityStorageIdentityConnector.buildVaultKey(idParts.id, idParts.hash ?? ""), payload);
|
|
719
721
|
return sig;
|
|
720
722
|
});
|
|
721
723
|
return {
|
|
@@ -750,7 +752,7 @@ class EntityStorageIdentityConnector {
|
|
|
750
752
|
if (core.Is.undefined(holderIdentityDocument)) {
|
|
751
753
|
throw new core.NotFoundError(this.CLASS_NAME, "documentNotFound", holderDocumentId);
|
|
752
754
|
}
|
|
753
|
-
await
|
|
755
|
+
await EntityStorageIdentityConnector.verifyDocument(holderIdentityDocument, this._vaultConnector);
|
|
754
756
|
const issuers = [];
|
|
755
757
|
const tokensRevoked = [];
|
|
756
758
|
const verifiablePresentation = jwtPayload?.vp;
|
|
@@ -767,7 +769,7 @@ class EntityStorageIdentityConnector {
|
|
|
767
769
|
if (core.Is.undefined(issuerDidDocument)) {
|
|
768
770
|
throw new core.NotFoundError(this.CLASS_NAME, "documentNotFound", issuerDocumentId);
|
|
769
771
|
}
|
|
770
|
-
await
|
|
772
|
+
await EntityStorageIdentityConnector.verifyDocument(issuerDidDocument, this._vaultConnector);
|
|
771
773
|
issuers.push(issuerDidDocument);
|
|
772
774
|
const vc = jwt.payload.vc;
|
|
773
775
|
if (core.Is.object(vc)) {
|
|
@@ -816,7 +818,7 @@ class EntityStorageIdentityConnector {
|
|
|
816
818
|
if (core.Is.undefined(didIdentityDocument)) {
|
|
817
819
|
throw new core.NotFoundError(this.CLASS_NAME, "documentNotFound", idParts.id);
|
|
818
820
|
}
|
|
819
|
-
await
|
|
821
|
+
await EntityStorageIdentityConnector.verifyDocument(didIdentityDocument, this._vaultConnector);
|
|
820
822
|
const didDocument = didIdentityDocument.document;
|
|
821
823
|
const methods = this.getAllMethods(didDocument);
|
|
822
824
|
const methodAndArray = methods.find(m => {
|
|
@@ -834,7 +836,7 @@ class EntityStorageIdentityConnector {
|
|
|
834
836
|
method: verificationMethodId
|
|
835
837
|
});
|
|
836
838
|
}
|
|
837
|
-
const signature = await this._vaultConnector.sign(
|
|
839
|
+
const signature = await this._vaultConnector.sign(EntityStorageIdentityConnector.buildVaultKey(didDocument.id, idParts.hash ?? ""), bytes);
|
|
838
840
|
return {
|
|
839
841
|
"@context": standardsW3cDid.DidContexts.ContextVCDataIntegrity,
|
|
840
842
|
type: standardsW3cDid.DidTypes.DataIntegrityProof,
|
|
@@ -877,7 +879,7 @@ class EntityStorageIdentityConnector {
|
|
|
877
879
|
if (core.Is.undefined(didIdentityDocument)) {
|
|
878
880
|
throw new core.NotFoundError(this.CLASS_NAME, "documentNotFound", idParts.id);
|
|
879
881
|
}
|
|
880
|
-
await
|
|
882
|
+
await EntityStorageIdentityConnector.verifyDocument(didIdentityDocument, this._vaultConnector);
|
|
881
883
|
const didDocument = didIdentityDocument.document;
|
|
882
884
|
const methods = this.getAllMethods(didDocument);
|
|
883
885
|
const methodAndArray = methods.find(m => {
|
|
@@ -897,7 +899,7 @@ class EntityStorageIdentityConnector {
|
|
|
897
899
|
method: proof.verificationMethodId
|
|
898
900
|
});
|
|
899
901
|
}
|
|
900
|
-
return this._vaultConnector.verify(
|
|
902
|
+
return this._vaultConnector.verify(EntityStorageIdentityConnector.buildVaultKey(didIdentityDocument.id, idParts.hash), bytes, core.Converter.base58ToBytes(proof.proofValue));
|
|
901
903
|
}
|
|
902
904
|
catch (error) {
|
|
903
905
|
throw new core.GeneralError(this.CLASS_NAME, "verifyProofFailed", undefined, error);
|
|
@@ -950,19 +952,6 @@ class EntityStorageIdentityConnector {
|
|
|
950
952
|
}
|
|
951
953
|
return false;
|
|
952
954
|
}
|
|
953
|
-
/**
|
|
954
|
-
* Verify the document in storage.
|
|
955
|
-
* @param didDocument The did document that was stored.
|
|
956
|
-
* @internal
|
|
957
|
-
*/
|
|
958
|
-
async verifyDocument(didDocument) {
|
|
959
|
-
const stringifiedDocument = core.JsonHelper.canonicalize(didDocument.document);
|
|
960
|
-
const docBytes = core.Converter.utf8ToBytes(stringifiedDocument);
|
|
961
|
-
const verified = await this._vaultConnector.verify(this.buildVaultKey(didDocument.id, "did"), docBytes, core.Converter.base64ToBytes(didDocument.signature));
|
|
962
|
-
if (!verified) {
|
|
963
|
-
throw new core.GeneralError(this.CLASS_NAME, "signatureVerificationFailed");
|
|
964
|
-
}
|
|
965
|
-
}
|
|
966
955
|
/**
|
|
967
956
|
* Update the document in storage.
|
|
968
957
|
* @param controller The controller of the document.
|
|
@@ -972,7 +961,7 @@ class EntityStorageIdentityConnector {
|
|
|
972
961
|
async updateDocument(controller, didDocument) {
|
|
973
962
|
const stringifiedDocument = core.JsonHelper.canonicalize(didDocument);
|
|
974
963
|
const docBytes = core.Converter.utf8ToBytes(stringifiedDocument);
|
|
975
|
-
const signature = await this._vaultConnector.sign(
|
|
964
|
+
const signature = await this._vaultConnector.sign(EntityStorageIdentityConnector.buildVaultKey(didDocument.id, "did"), docBytes);
|
|
976
965
|
await this._didDocumentEntityStorage.set({
|
|
977
966
|
id: didDocument.id,
|
|
978
967
|
document: didDocument,
|
|
@@ -980,15 +969,6 @@ class EntityStorageIdentityConnector {
|
|
|
980
969
|
controller
|
|
981
970
|
});
|
|
982
971
|
}
|
|
983
|
-
/**
|
|
984
|
-
* Build the key name to access the specified key in the vault.
|
|
985
|
-
* @param identity The identity of the user to access the vault keys.
|
|
986
|
-
* @returns The vault key.
|
|
987
|
-
* @internal
|
|
988
|
-
*/
|
|
989
|
-
buildVaultKey(identity, key) {
|
|
990
|
-
return `${identity}/${key}`;
|
|
991
|
-
}
|
|
992
972
|
}
|
|
993
973
|
|
|
994
974
|
// Copyright 2024 IOTA Stiftung.
|
|
@@ -1184,6 +1164,60 @@ class EntityStorageIdentityProfileConnector {
|
|
|
1184
1164
|
}
|
|
1185
1165
|
}
|
|
1186
1166
|
|
|
1167
|
+
// Copyright 2024 IOTA Stiftung.
|
|
1168
|
+
// SPDX-License-Identifier: Apache-2.0.
|
|
1169
|
+
/**
|
|
1170
|
+
* Class for performing identity operations using entity storage.
|
|
1171
|
+
*/
|
|
1172
|
+
class EntityStorageIdentityResolverConnector {
|
|
1173
|
+
/**
|
|
1174
|
+
* The namespace supported by the identity connector.
|
|
1175
|
+
*/
|
|
1176
|
+
static NAMESPACE = "entity-storage";
|
|
1177
|
+
/**
|
|
1178
|
+
* Runtime name for the class.
|
|
1179
|
+
*/
|
|
1180
|
+
CLASS_NAME = "EntityStorageIdentityResolverConnector";
|
|
1181
|
+
/**
|
|
1182
|
+
* The entity storage for identities.
|
|
1183
|
+
* @internal
|
|
1184
|
+
*/
|
|
1185
|
+
_didDocumentEntityStorage;
|
|
1186
|
+
/**
|
|
1187
|
+
* The vault for the keys.
|
|
1188
|
+
* @internal
|
|
1189
|
+
*/
|
|
1190
|
+
_vaultConnector;
|
|
1191
|
+
/**
|
|
1192
|
+
* Create a new instance of EntityStorageIdentityResolverConnector.
|
|
1193
|
+
* @param options The options for the identity connector.
|
|
1194
|
+
*/
|
|
1195
|
+
constructor(options) {
|
|
1196
|
+
this._didDocumentEntityStorage = entityStorageModels.EntityStorageConnectorFactory.get(options?.didDocumentEntityStorageType ?? "identity-document");
|
|
1197
|
+
this._vaultConnector = vaultModels.VaultConnectorFactory.get(options?.vaultConnectorType ?? "vault");
|
|
1198
|
+
}
|
|
1199
|
+
/**
|
|
1200
|
+
* Resolve a document from its id.
|
|
1201
|
+
* @param documentId The id of the document to resolve.
|
|
1202
|
+
* @returns The resolved document.
|
|
1203
|
+
* @throws NotFoundError if the id can not be resolved.
|
|
1204
|
+
*/
|
|
1205
|
+
async resolveDocument(documentId) {
|
|
1206
|
+
core.Guards.stringValue(this.CLASS_NAME, "documentId", documentId);
|
|
1207
|
+
try {
|
|
1208
|
+
const didIdentityDocument = await this._didDocumentEntityStorage.get(documentId);
|
|
1209
|
+
if (core.Is.undefined(didIdentityDocument)) {
|
|
1210
|
+
throw new core.NotFoundError(this.CLASS_NAME, "documentNotFound", documentId);
|
|
1211
|
+
}
|
|
1212
|
+
await EntityStorageIdentityConnector.verifyDocument(didIdentityDocument, this._vaultConnector);
|
|
1213
|
+
return didIdentityDocument.document;
|
|
1214
|
+
}
|
|
1215
|
+
catch (error) {
|
|
1216
|
+
throw new core.GeneralError(this.CLASS_NAME, "resolveDocumentFailed", undefined, error);
|
|
1217
|
+
}
|
|
1218
|
+
}
|
|
1219
|
+
}
|
|
1220
|
+
|
|
1187
1221
|
// Copyright 2024 IOTA Stiftung.
|
|
1188
1222
|
// SPDX-License-Identifier: Apache-2.0.
|
|
1189
1223
|
/**
|
|
@@ -1203,4 +1237,5 @@ function initSchema(options) {
|
|
|
1203
1237
|
|
|
1204
1238
|
exports.EntityStorageIdentityConnector = EntityStorageIdentityConnector;
|
|
1205
1239
|
exports.EntityStorageIdentityProfileConnector = EntityStorageIdentityProfileConnector;
|
|
1240
|
+
exports.EntityStorageIdentityResolverConnector = EntityStorageIdentityResolverConnector;
|
|
1206
1241
|
exports.initSchema = initSchema;
|
package/dist/esm/index.mjs
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { property, entity, ComparisonOperator, EntitySchemaFactory, EntitySchemaHelper } from '@twin.org/entity';
|
|
2
|
-
import {
|
|
2
|
+
import { JsonHelper, Converter, GeneralError, Guards, RandomHelper, BitString, Compression, CompressionType, Is, NotFoundError, ObjectHelper, Coerce, AlreadyExistsError, BaseError } from '@twin.org/core';
|
|
3
3
|
import { Sha256 } from '@twin.org/crypto';
|
|
4
4
|
import { JsonLdProcessor } from '@twin.org/data-json-ld';
|
|
5
5
|
import { EntityStorageConnectorFactory } from '@twin.org/entity-storage-models';
|
|
@@ -123,6 +123,28 @@ class EntityStorageIdentityConnector {
|
|
|
123
123
|
this._didDocumentEntityStorage = EntityStorageConnectorFactory.get(options?.didDocumentEntityStorageType ?? "identity-document");
|
|
124
124
|
this._vaultConnector = VaultConnectorFactory.get(options?.vaultConnectorType ?? "vault");
|
|
125
125
|
}
|
|
126
|
+
/**
|
|
127
|
+
* Build the key name to access the specified key in the vault.
|
|
128
|
+
* @param identity The identity of the user to access the vault keys.
|
|
129
|
+
* @returns The vault key.
|
|
130
|
+
* @internal
|
|
131
|
+
*/
|
|
132
|
+
static buildVaultKey(identity, key) {
|
|
133
|
+
return `${identity}/${key}`;
|
|
134
|
+
}
|
|
135
|
+
/**
|
|
136
|
+
* Verify the document in storage.
|
|
137
|
+
* @param didDocument The did document that was stored.
|
|
138
|
+
* @internal
|
|
139
|
+
*/
|
|
140
|
+
static async verifyDocument(didDocument, vaultConnector) {
|
|
141
|
+
const stringifiedDocument = JsonHelper.canonicalize(didDocument.document);
|
|
142
|
+
const docBytes = Converter.utf8ToBytes(stringifiedDocument);
|
|
143
|
+
const verified = await vaultConnector.verify(EntityStorageIdentityConnector.buildVaultKey(didDocument.id, "did"), docBytes, Converter.base64ToBytes(didDocument.signature));
|
|
144
|
+
if (!verified) {
|
|
145
|
+
throw new GeneralError("EntityStorageIdentityResolverConnector", "signatureVerificationFailed");
|
|
146
|
+
}
|
|
147
|
+
}
|
|
126
148
|
/**
|
|
127
149
|
* Create a new document.
|
|
128
150
|
* @param controller The controller of the identity who can make changes.
|
|
@@ -132,7 +154,7 @@ class EntityStorageIdentityConnector {
|
|
|
132
154
|
Guards.stringValue(this.CLASS_NAME, "controller", controller);
|
|
133
155
|
try {
|
|
134
156
|
const did = `did:${EntityStorageIdentityConnector.NAMESPACE}:${Converter.bytesToHex(RandomHelper.generate(32), true)}`;
|
|
135
|
-
await this._vaultConnector.createKey(
|
|
157
|
+
await this._vaultConnector.createKey(EntityStorageIdentityConnector.buildVaultKey(did, "did"), VaultKeyType.Ed25519);
|
|
136
158
|
const bitString = new BitString(EntityStorageIdentityConnector._REVOCATION_BITS_SIZE);
|
|
137
159
|
const compressed = await Compression.compress(bitString.getBits(), CompressionType.Gzip);
|
|
138
160
|
const didDocument = {
|
|
@@ -152,26 +174,6 @@ class EntityStorageIdentityConnector {
|
|
|
152
174
|
throw new GeneralError(this.CLASS_NAME, "createDocumentFailed", undefined, error);
|
|
153
175
|
}
|
|
154
176
|
}
|
|
155
|
-
/**
|
|
156
|
-
* Resolve a document from its id.
|
|
157
|
-
* @param documentId The id of the document to resolve.
|
|
158
|
-
* @returns The resolved document.
|
|
159
|
-
* @throws NotFoundError if the id can not be resolved.
|
|
160
|
-
*/
|
|
161
|
-
async resolveDocument(documentId) {
|
|
162
|
-
Guards.stringValue(this.CLASS_NAME, "documentId", documentId);
|
|
163
|
-
try {
|
|
164
|
-
const didIdentityDocument = await this._didDocumentEntityStorage.get(documentId);
|
|
165
|
-
if (Is.undefined(didIdentityDocument)) {
|
|
166
|
-
throw new NotFoundError(this.CLASS_NAME, "documentNotFound", documentId);
|
|
167
|
-
}
|
|
168
|
-
await this.verifyDocument(didIdentityDocument);
|
|
169
|
-
return didIdentityDocument.document;
|
|
170
|
-
}
|
|
171
|
-
catch (error) {
|
|
172
|
-
throw new GeneralError(this.CLASS_NAME, "resolveDocumentFailed", undefined, error);
|
|
173
|
-
}
|
|
174
|
-
}
|
|
175
177
|
/**
|
|
176
178
|
* Add a verification method to the document in JSON Web key Format.
|
|
177
179
|
* @param controller The controller of the identity who can make changes.
|
|
@@ -191,10 +193,10 @@ class EntityStorageIdentityConnector {
|
|
|
191
193
|
if (Is.undefined(didIdentityDocument)) {
|
|
192
194
|
throw new NotFoundError(this.CLASS_NAME, "documentNotFound", documentId);
|
|
193
195
|
}
|
|
194
|
-
await
|
|
196
|
+
await EntityStorageIdentityConnector.verifyDocument(didIdentityDocument, this._vaultConnector);
|
|
195
197
|
const didDocument = didIdentityDocument.document;
|
|
196
198
|
const tempKeyId = `temp-vm-${Converter.bytesToBase64Url(RandomHelper.generate(16))}`;
|
|
197
|
-
const verificationPublicKey = await this._vaultConnector.createKey(
|
|
199
|
+
const verificationPublicKey = await this._vaultConnector.createKey(EntityStorageIdentityConnector.buildVaultKey(didDocument.id, tempKeyId), VaultKeyType.Ed25519);
|
|
198
200
|
const jwkParams = {
|
|
199
201
|
alg: "EdDSA",
|
|
200
202
|
kty: "OKP",
|
|
@@ -203,7 +205,7 @@ class EntityStorageIdentityConnector {
|
|
|
203
205
|
};
|
|
204
206
|
const kid = Converter.bytesToBase64Url(Sha256.sum256(Converter.utf8ToBytes(JSON.stringify(jwkParams))));
|
|
205
207
|
const methodId = `${documentId}#${verificationMethodId ?? kid}`;
|
|
206
|
-
await this._vaultConnector.renameKey(
|
|
208
|
+
await this._vaultConnector.renameKey(EntityStorageIdentityConnector.buildVaultKey(didDocument.id, tempKeyId), EntityStorageIdentityConnector.buildVaultKey(didDocument.id, verificationMethodId ?? kid));
|
|
207
209
|
const methods = this.getAllMethods(didDocument);
|
|
208
210
|
const existingMethodIndex = methods.findIndex(m => {
|
|
209
211
|
if (Is.string(m.method)) {
|
|
@@ -255,7 +257,7 @@ class EntityStorageIdentityConnector {
|
|
|
255
257
|
if (Is.undefined(didIdentityDocument)) {
|
|
256
258
|
throw new NotFoundError(this.CLASS_NAME, "documentNotFound", idParts.id);
|
|
257
259
|
}
|
|
258
|
-
await
|
|
260
|
+
await EntityStorageIdentityConnector.verifyDocument(didIdentityDocument, this._vaultConnector);
|
|
259
261
|
const didDocument = didIdentityDocument.document;
|
|
260
262
|
const methods = this.getAllMethods(didDocument);
|
|
261
263
|
const existingMethodIndex = methods.findIndex(m => {
|
|
@@ -303,7 +305,7 @@ class EntityStorageIdentityConnector {
|
|
|
303
305
|
if (Is.undefined(didIdentityDocument)) {
|
|
304
306
|
throw new NotFoundError(this.CLASS_NAME, "documentNotFound", documentId);
|
|
305
307
|
}
|
|
306
|
-
await
|
|
308
|
+
await EntityStorageIdentityConnector.verifyDocument(didIdentityDocument, this._vaultConnector);
|
|
307
309
|
const didDocument = didIdentityDocument.document;
|
|
308
310
|
const fullServiceId = serviceId.includes("#") ? serviceId : `${documentId}#${serviceId}`;
|
|
309
311
|
if (Is.array(didDocument.service)) {
|
|
@@ -345,7 +347,7 @@ class EntityStorageIdentityConnector {
|
|
|
345
347
|
if (Is.undefined(didIdentityDocument)) {
|
|
346
348
|
throw new NotFoundError(this.CLASS_NAME, "documentNotFound", idParts.id);
|
|
347
349
|
}
|
|
348
|
-
await
|
|
350
|
+
await EntityStorageIdentityConnector.verifyDocument(didIdentityDocument, this._vaultConnector);
|
|
349
351
|
const didDocument = didIdentityDocument.document;
|
|
350
352
|
if (Is.array(didDocument.service)) {
|
|
351
353
|
const existingServiceIndex = didDocument.service.findIndex(s => s.id === serviceId);
|
|
@@ -391,7 +393,7 @@ class EntityStorageIdentityConnector {
|
|
|
391
393
|
if (Is.undefined(issuerIdentityDocument)) {
|
|
392
394
|
throw new NotFoundError(this.CLASS_NAME, "documentNotFound", idParts.id);
|
|
393
395
|
}
|
|
394
|
-
await
|
|
396
|
+
await EntityStorageIdentityConnector.verifyDocument(issuerIdentityDocument, this._vaultConnector);
|
|
395
397
|
const issuerDidDocument = issuerIdentityDocument.document;
|
|
396
398
|
const methods = this.getAllMethods(issuerDidDocument);
|
|
397
399
|
const methodAndArray = methods.find(m => {
|
|
@@ -463,7 +465,7 @@ class EntityStorageIdentityConnector {
|
|
|
463
465
|
vc: jwtVc
|
|
464
466
|
};
|
|
465
467
|
const signature = await Jwt.encodeWithSigner(jwtHeader, jwtPayload, async (alg, key, payload) => {
|
|
466
|
-
const sig = await this._vaultConnector.sign(
|
|
468
|
+
const sig = await this._vaultConnector.sign(EntityStorageIdentityConnector.buildVaultKey(idParts.id, idParts.hash ?? ""), payload);
|
|
467
469
|
return sig;
|
|
468
470
|
});
|
|
469
471
|
return {
|
|
@@ -498,7 +500,7 @@ class EntityStorageIdentityConnector {
|
|
|
498
500
|
if (Is.undefined(issuerIdentityDocument)) {
|
|
499
501
|
throw new NotFoundError(this.CLASS_NAME, "documentNotFound", issuerDocumentId);
|
|
500
502
|
}
|
|
501
|
-
await
|
|
503
|
+
await EntityStorageIdentityConnector.verifyDocument(issuerIdentityDocument, this._vaultConnector);
|
|
502
504
|
const issuerDidDocument = issuerIdentityDocument.document;
|
|
503
505
|
const methods = this.getAllMethods(issuerDidDocument);
|
|
504
506
|
const methodAndArray = methods.find(m => {
|
|
@@ -563,7 +565,7 @@ class EntityStorageIdentityConnector {
|
|
|
563
565
|
if (Is.undefined(issuerIdentityDocument)) {
|
|
564
566
|
throw new NotFoundError(this.CLASS_NAME, "documentNotFound", issuerDocumentId);
|
|
565
567
|
}
|
|
566
|
-
await
|
|
568
|
+
await EntityStorageIdentityConnector.verifyDocument(issuerIdentityDocument, this._vaultConnector);
|
|
567
569
|
const issuerDidDocument = issuerIdentityDocument.document;
|
|
568
570
|
const revocationService = issuerDidDocument.service?.find(s => s.id.endsWith("#revocation"));
|
|
569
571
|
if (revocationService &&
|
|
@@ -603,7 +605,7 @@ class EntityStorageIdentityConnector {
|
|
|
603
605
|
if (Is.undefined(issuerIdentityDocument)) {
|
|
604
606
|
throw new NotFoundError(this.CLASS_NAME, "documentNotFound", issuerDocumentId);
|
|
605
607
|
}
|
|
606
|
-
await
|
|
608
|
+
await EntityStorageIdentityConnector.verifyDocument(issuerIdentityDocument, this._vaultConnector);
|
|
607
609
|
const issuerDidDocument = issuerIdentityDocument.document;
|
|
608
610
|
const revocationService = issuerDidDocument.service?.find(s => s.id.endsWith("#revocation"));
|
|
609
611
|
if (revocationService &&
|
|
@@ -661,7 +663,7 @@ class EntityStorageIdentityConnector {
|
|
|
661
663
|
if (Is.undefined(holderIdentityDocument)) {
|
|
662
664
|
throw new NotFoundError(this.CLASS_NAME, "documentNotFound", idParts.id);
|
|
663
665
|
}
|
|
664
|
-
await
|
|
666
|
+
await EntityStorageIdentityConnector.verifyDocument(holderIdentityDocument, this._vaultConnector);
|
|
665
667
|
const holderDidDocument = holderIdentityDocument.document;
|
|
666
668
|
const methods = this.getAllMethods(holderDidDocument);
|
|
667
669
|
const methodAndArray = methods.find(m => {
|
|
@@ -713,7 +715,7 @@ class EntityStorageIdentityConnector {
|
|
|
713
715
|
jwtPayload.exp = Math.floor(Date.now() / 1000) + expiresInSeconds;
|
|
714
716
|
}
|
|
715
717
|
const signature = await Jwt.encodeWithSigner(jwtHeader, jwtPayload, async (alg, key, payload) => {
|
|
716
|
-
const sig = await this._vaultConnector.sign(
|
|
718
|
+
const sig = await this._vaultConnector.sign(EntityStorageIdentityConnector.buildVaultKey(idParts.id, idParts.hash ?? ""), payload);
|
|
717
719
|
return sig;
|
|
718
720
|
});
|
|
719
721
|
return {
|
|
@@ -748,7 +750,7 @@ class EntityStorageIdentityConnector {
|
|
|
748
750
|
if (Is.undefined(holderIdentityDocument)) {
|
|
749
751
|
throw new NotFoundError(this.CLASS_NAME, "documentNotFound", holderDocumentId);
|
|
750
752
|
}
|
|
751
|
-
await
|
|
753
|
+
await EntityStorageIdentityConnector.verifyDocument(holderIdentityDocument, this._vaultConnector);
|
|
752
754
|
const issuers = [];
|
|
753
755
|
const tokensRevoked = [];
|
|
754
756
|
const verifiablePresentation = jwtPayload?.vp;
|
|
@@ -765,7 +767,7 @@ class EntityStorageIdentityConnector {
|
|
|
765
767
|
if (Is.undefined(issuerDidDocument)) {
|
|
766
768
|
throw new NotFoundError(this.CLASS_NAME, "documentNotFound", issuerDocumentId);
|
|
767
769
|
}
|
|
768
|
-
await
|
|
770
|
+
await EntityStorageIdentityConnector.verifyDocument(issuerDidDocument, this._vaultConnector);
|
|
769
771
|
issuers.push(issuerDidDocument);
|
|
770
772
|
const vc = jwt.payload.vc;
|
|
771
773
|
if (Is.object(vc)) {
|
|
@@ -814,7 +816,7 @@ class EntityStorageIdentityConnector {
|
|
|
814
816
|
if (Is.undefined(didIdentityDocument)) {
|
|
815
817
|
throw new NotFoundError(this.CLASS_NAME, "documentNotFound", idParts.id);
|
|
816
818
|
}
|
|
817
|
-
await
|
|
819
|
+
await EntityStorageIdentityConnector.verifyDocument(didIdentityDocument, this._vaultConnector);
|
|
818
820
|
const didDocument = didIdentityDocument.document;
|
|
819
821
|
const methods = this.getAllMethods(didDocument);
|
|
820
822
|
const methodAndArray = methods.find(m => {
|
|
@@ -832,7 +834,7 @@ class EntityStorageIdentityConnector {
|
|
|
832
834
|
method: verificationMethodId
|
|
833
835
|
});
|
|
834
836
|
}
|
|
835
|
-
const signature = await this._vaultConnector.sign(
|
|
837
|
+
const signature = await this._vaultConnector.sign(EntityStorageIdentityConnector.buildVaultKey(didDocument.id, idParts.hash ?? ""), bytes);
|
|
836
838
|
return {
|
|
837
839
|
"@context": DidContexts.ContextVCDataIntegrity,
|
|
838
840
|
type: DidTypes.DataIntegrityProof,
|
|
@@ -875,7 +877,7 @@ class EntityStorageIdentityConnector {
|
|
|
875
877
|
if (Is.undefined(didIdentityDocument)) {
|
|
876
878
|
throw new NotFoundError(this.CLASS_NAME, "documentNotFound", idParts.id);
|
|
877
879
|
}
|
|
878
|
-
await
|
|
880
|
+
await EntityStorageIdentityConnector.verifyDocument(didIdentityDocument, this._vaultConnector);
|
|
879
881
|
const didDocument = didIdentityDocument.document;
|
|
880
882
|
const methods = this.getAllMethods(didDocument);
|
|
881
883
|
const methodAndArray = methods.find(m => {
|
|
@@ -895,7 +897,7 @@ class EntityStorageIdentityConnector {
|
|
|
895
897
|
method: proof.verificationMethodId
|
|
896
898
|
});
|
|
897
899
|
}
|
|
898
|
-
return this._vaultConnector.verify(
|
|
900
|
+
return this._vaultConnector.verify(EntityStorageIdentityConnector.buildVaultKey(didIdentityDocument.id, idParts.hash), bytes, Converter.base58ToBytes(proof.proofValue));
|
|
899
901
|
}
|
|
900
902
|
catch (error) {
|
|
901
903
|
throw new GeneralError(this.CLASS_NAME, "verifyProofFailed", undefined, error);
|
|
@@ -948,19 +950,6 @@ class EntityStorageIdentityConnector {
|
|
|
948
950
|
}
|
|
949
951
|
return false;
|
|
950
952
|
}
|
|
951
|
-
/**
|
|
952
|
-
* Verify the document in storage.
|
|
953
|
-
* @param didDocument The did document that was stored.
|
|
954
|
-
* @internal
|
|
955
|
-
*/
|
|
956
|
-
async verifyDocument(didDocument) {
|
|
957
|
-
const stringifiedDocument = JsonHelper.canonicalize(didDocument.document);
|
|
958
|
-
const docBytes = Converter.utf8ToBytes(stringifiedDocument);
|
|
959
|
-
const verified = await this._vaultConnector.verify(this.buildVaultKey(didDocument.id, "did"), docBytes, Converter.base64ToBytes(didDocument.signature));
|
|
960
|
-
if (!verified) {
|
|
961
|
-
throw new GeneralError(this.CLASS_NAME, "signatureVerificationFailed");
|
|
962
|
-
}
|
|
963
|
-
}
|
|
964
953
|
/**
|
|
965
954
|
* Update the document in storage.
|
|
966
955
|
* @param controller The controller of the document.
|
|
@@ -970,7 +959,7 @@ class EntityStorageIdentityConnector {
|
|
|
970
959
|
async updateDocument(controller, didDocument) {
|
|
971
960
|
const stringifiedDocument = JsonHelper.canonicalize(didDocument);
|
|
972
961
|
const docBytes = Converter.utf8ToBytes(stringifiedDocument);
|
|
973
|
-
const signature = await this._vaultConnector.sign(
|
|
962
|
+
const signature = await this._vaultConnector.sign(EntityStorageIdentityConnector.buildVaultKey(didDocument.id, "did"), docBytes);
|
|
974
963
|
await this._didDocumentEntityStorage.set({
|
|
975
964
|
id: didDocument.id,
|
|
976
965
|
document: didDocument,
|
|
@@ -978,15 +967,6 @@ class EntityStorageIdentityConnector {
|
|
|
978
967
|
controller
|
|
979
968
|
});
|
|
980
969
|
}
|
|
981
|
-
/**
|
|
982
|
-
* Build the key name to access the specified key in the vault.
|
|
983
|
-
* @param identity The identity of the user to access the vault keys.
|
|
984
|
-
* @returns The vault key.
|
|
985
|
-
* @internal
|
|
986
|
-
*/
|
|
987
|
-
buildVaultKey(identity, key) {
|
|
988
|
-
return `${identity}/${key}`;
|
|
989
|
-
}
|
|
990
970
|
}
|
|
991
971
|
|
|
992
972
|
// Copyright 2024 IOTA Stiftung.
|
|
@@ -1182,6 +1162,60 @@ class EntityStorageIdentityProfileConnector {
|
|
|
1182
1162
|
}
|
|
1183
1163
|
}
|
|
1184
1164
|
|
|
1165
|
+
// Copyright 2024 IOTA Stiftung.
|
|
1166
|
+
// SPDX-License-Identifier: Apache-2.0.
|
|
1167
|
+
/**
|
|
1168
|
+
* Class for performing identity operations using entity storage.
|
|
1169
|
+
*/
|
|
1170
|
+
class EntityStorageIdentityResolverConnector {
|
|
1171
|
+
/**
|
|
1172
|
+
* The namespace supported by the identity connector.
|
|
1173
|
+
*/
|
|
1174
|
+
static NAMESPACE = "entity-storage";
|
|
1175
|
+
/**
|
|
1176
|
+
* Runtime name for the class.
|
|
1177
|
+
*/
|
|
1178
|
+
CLASS_NAME = "EntityStorageIdentityResolverConnector";
|
|
1179
|
+
/**
|
|
1180
|
+
* The entity storage for identities.
|
|
1181
|
+
* @internal
|
|
1182
|
+
*/
|
|
1183
|
+
_didDocumentEntityStorage;
|
|
1184
|
+
/**
|
|
1185
|
+
* The vault for the keys.
|
|
1186
|
+
* @internal
|
|
1187
|
+
*/
|
|
1188
|
+
_vaultConnector;
|
|
1189
|
+
/**
|
|
1190
|
+
* Create a new instance of EntityStorageIdentityResolverConnector.
|
|
1191
|
+
* @param options The options for the identity connector.
|
|
1192
|
+
*/
|
|
1193
|
+
constructor(options) {
|
|
1194
|
+
this._didDocumentEntityStorage = EntityStorageConnectorFactory.get(options?.didDocumentEntityStorageType ?? "identity-document");
|
|
1195
|
+
this._vaultConnector = VaultConnectorFactory.get(options?.vaultConnectorType ?? "vault");
|
|
1196
|
+
}
|
|
1197
|
+
/**
|
|
1198
|
+
* Resolve a document from its id.
|
|
1199
|
+
* @param documentId The id of the document to resolve.
|
|
1200
|
+
* @returns The resolved document.
|
|
1201
|
+
* @throws NotFoundError if the id can not be resolved.
|
|
1202
|
+
*/
|
|
1203
|
+
async resolveDocument(documentId) {
|
|
1204
|
+
Guards.stringValue(this.CLASS_NAME, "documentId", documentId);
|
|
1205
|
+
try {
|
|
1206
|
+
const didIdentityDocument = await this._didDocumentEntityStorage.get(documentId);
|
|
1207
|
+
if (Is.undefined(didIdentityDocument)) {
|
|
1208
|
+
throw new NotFoundError(this.CLASS_NAME, "documentNotFound", documentId);
|
|
1209
|
+
}
|
|
1210
|
+
await EntityStorageIdentityConnector.verifyDocument(didIdentityDocument, this._vaultConnector);
|
|
1211
|
+
return didIdentityDocument.document;
|
|
1212
|
+
}
|
|
1213
|
+
catch (error) {
|
|
1214
|
+
throw new GeneralError(this.CLASS_NAME, "resolveDocumentFailed", undefined, error);
|
|
1215
|
+
}
|
|
1216
|
+
}
|
|
1217
|
+
}
|
|
1218
|
+
|
|
1185
1219
|
// Copyright 2024 IOTA Stiftung.
|
|
1186
1220
|
// SPDX-License-Identifier: Apache-2.0.
|
|
1187
1221
|
/**
|
|
@@ -1199,4 +1233,4 @@ function initSchema(options) {
|
|
|
1199
1233
|
}
|
|
1200
1234
|
}
|
|
1201
1235
|
|
|
1202
|
-
export { EntityStorageIdentityConnector, EntityStorageIdentityProfileConnector, IdentityDocument, IdentityProfile, initSchema };
|
|
1236
|
+
export { EntityStorageIdentityConnector, EntityStorageIdentityProfileConnector, EntityStorageIdentityResolverConnector, IdentityDocument, IdentityProfile, initSchema };
|
|
@@ -25,13 +25,6 @@ export declare class EntityStorageIdentityConnector implements IIdentityConnecto
|
|
|
25
25
|
* @returns The created document.
|
|
26
26
|
*/
|
|
27
27
|
createDocument(controller: string): Promise<IDidDocument>;
|
|
28
|
-
/**
|
|
29
|
-
* Resolve a document from its id.
|
|
30
|
-
* @param documentId The id of the document to resolve.
|
|
31
|
-
* @returns The resolved document.
|
|
32
|
-
* @throws NotFoundError if the id can not be resolved.
|
|
33
|
-
*/
|
|
34
|
-
resolveDocument(documentId: string): Promise<IDidDocument>;
|
|
35
28
|
/**
|
|
36
29
|
* Add a verification method to the document in JSON Web key Format.
|
|
37
30
|
* @param controller The controller of the identity who can make changes.
|
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
import type { IIdentityResolverConnector } from "@twin.org/identity-models";
|
|
2
|
+
import type { IDidDocument } from "@twin.org/standards-w3c-did";
|
|
3
|
+
import type { IEntityStorageIdentityResolverConnectorConstructorOptions } from "./models/IEntityStorageIdentityResolverConnectorConstructorOptions";
|
|
4
|
+
/**
|
|
5
|
+
* Class for performing identity operations using entity storage.
|
|
6
|
+
*/
|
|
7
|
+
export declare class EntityStorageIdentityResolverConnector implements IIdentityResolverConnector {
|
|
8
|
+
/**
|
|
9
|
+
* The namespace supported by the identity connector.
|
|
10
|
+
*/
|
|
11
|
+
static readonly NAMESPACE: string;
|
|
12
|
+
/**
|
|
13
|
+
* Runtime name for the class.
|
|
14
|
+
*/
|
|
15
|
+
readonly CLASS_NAME: string;
|
|
16
|
+
/**
|
|
17
|
+
* Create a new instance of EntityStorageIdentityResolverConnector.
|
|
18
|
+
* @param options The options for the identity connector.
|
|
19
|
+
*/
|
|
20
|
+
constructor(options?: IEntityStorageIdentityResolverConnectorConstructorOptions);
|
|
21
|
+
/**
|
|
22
|
+
* Resolve a document from its id.
|
|
23
|
+
* @param documentId The id of the document to resolve.
|
|
24
|
+
* @returns The resolved document.
|
|
25
|
+
* @throws NotFoundError if the id can not be resolved.
|
|
26
|
+
*/
|
|
27
|
+
resolveDocument(documentId: string): Promise<IDidDocument>;
|
|
28
|
+
}
|
package/dist/types/index.d.ts
CHANGED
|
@@ -2,6 +2,8 @@ export * from "./entities/identityDocument";
|
|
|
2
2
|
export * from "./entities/identityProfile";
|
|
3
3
|
export * from "./entityStorageIdentityConnector";
|
|
4
4
|
export * from "./entityStorageIdentityProfileConnector";
|
|
5
|
+
export * from "./entityStorageIdentityResolverConnector";
|
|
5
6
|
export * from "./models/IEntityStorageIdentityConnectorConstructorOptions";
|
|
6
7
|
export * from "./models/IEntityStorageIdentityProfileConnectorConstructorOptions";
|
|
8
|
+
export * from "./models/IEntityStorageIdentityResolverConnectorConstructorOptions";
|
|
7
9
|
export * from "./schema";
|
|
@@ -1,15 +1,6 @@
|
|
|
1
|
+
import type { IEntityStorageIdentityResolverConnectorConstructorOptions } from "./IEntityStorageIdentityResolverConnectorConstructorOptions";
|
|
1
2
|
/**
|
|
2
3
|
* Options for the entity storage identity connector constructor.
|
|
3
4
|
*/
|
|
4
|
-
export interface IEntityStorageIdentityConnectorConstructorOptions {
|
|
5
|
-
/**
|
|
6
|
-
* The entity storage for the did documents.
|
|
7
|
-
* @default identity-document
|
|
8
|
-
*/
|
|
9
|
-
didDocumentEntityStorageType?: string;
|
|
10
|
-
/**
|
|
11
|
-
* The vault for the private keys.
|
|
12
|
-
* @default vault
|
|
13
|
-
*/
|
|
14
|
-
vaultConnectorType?: string;
|
|
5
|
+
export interface IEntityStorageIdentityConnectorConstructorOptions extends IEntityStorageIdentityResolverConnectorConstructorOptions {
|
|
15
6
|
}
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Options for the entity storage identity connector constructor.
|
|
3
|
+
*/
|
|
4
|
+
export interface IEntityStorageIdentityResolverConnectorConstructorOptions {
|
|
5
|
+
/**
|
|
6
|
+
* The entity storage for the did documents.
|
|
7
|
+
* @default identity-document
|
|
8
|
+
*/
|
|
9
|
+
didDocumentEntityStorageType?: string;
|
|
10
|
+
/**
|
|
11
|
+
* The vault for the private keys.
|
|
12
|
+
* @default vault
|
|
13
|
+
*/
|
|
14
|
+
vaultConnectorType?: string;
|
|
15
|
+
}
|
package/docs/changelog.md
CHANGED
|
@@ -74,36 +74,6 @@ The created document.
|
|
|
74
74
|
|
|
75
75
|
***
|
|
76
76
|
|
|
77
|
-
### resolveDocument()
|
|
78
|
-
|
|
79
|
-
> **resolveDocument**(`documentId`): `Promise`\<`IDidDocument`\>
|
|
80
|
-
|
|
81
|
-
Resolve a document from its id.
|
|
82
|
-
|
|
83
|
-
#### Parameters
|
|
84
|
-
|
|
85
|
-
##### documentId
|
|
86
|
-
|
|
87
|
-
`string`
|
|
88
|
-
|
|
89
|
-
The id of the document to resolve.
|
|
90
|
-
|
|
91
|
-
#### Returns
|
|
92
|
-
|
|
93
|
-
`Promise`\<`IDidDocument`\>
|
|
94
|
-
|
|
95
|
-
The resolved document.
|
|
96
|
-
|
|
97
|
-
#### Throws
|
|
98
|
-
|
|
99
|
-
NotFoundError if the id can not be resolved.
|
|
100
|
-
|
|
101
|
-
#### Implementation of
|
|
102
|
-
|
|
103
|
-
`IIdentityConnector.resolveDocument`
|
|
104
|
-
|
|
105
|
-
***
|
|
106
|
-
|
|
107
77
|
### addVerificationMethod()
|
|
108
78
|
|
|
109
79
|
> **addVerificationMethod**(`controller`, `documentId`, `verificationMethodType`, `verificationMethodId`?): `Promise`\<`IDidDocumentVerificationMethod`\>
|
|
@@ -0,0 +1,77 @@
|
|
|
1
|
+
# Class: EntityStorageIdentityResolverConnector
|
|
2
|
+
|
|
3
|
+
Class for performing identity operations using entity storage.
|
|
4
|
+
|
|
5
|
+
## Implements
|
|
6
|
+
|
|
7
|
+
- `IIdentityResolverConnector`
|
|
8
|
+
|
|
9
|
+
## Constructors
|
|
10
|
+
|
|
11
|
+
### new EntityStorageIdentityResolverConnector()
|
|
12
|
+
|
|
13
|
+
> **new EntityStorageIdentityResolverConnector**(`options`?): [`EntityStorageIdentityResolverConnector`](EntityStorageIdentityResolverConnector.md)
|
|
14
|
+
|
|
15
|
+
Create a new instance of EntityStorageIdentityResolverConnector.
|
|
16
|
+
|
|
17
|
+
#### Parameters
|
|
18
|
+
|
|
19
|
+
##### options?
|
|
20
|
+
|
|
21
|
+
[`IEntityStorageIdentityResolverConnectorConstructorOptions`](../interfaces/IEntityStorageIdentityResolverConnectorConstructorOptions.md)
|
|
22
|
+
|
|
23
|
+
The options for the identity connector.
|
|
24
|
+
|
|
25
|
+
#### Returns
|
|
26
|
+
|
|
27
|
+
[`EntityStorageIdentityResolverConnector`](EntityStorageIdentityResolverConnector.md)
|
|
28
|
+
|
|
29
|
+
## Properties
|
|
30
|
+
|
|
31
|
+
### NAMESPACE
|
|
32
|
+
|
|
33
|
+
> `readonly` `static` **NAMESPACE**: `string` = `"entity-storage"`
|
|
34
|
+
|
|
35
|
+
The namespace supported by the identity connector.
|
|
36
|
+
|
|
37
|
+
***
|
|
38
|
+
|
|
39
|
+
### CLASS\_NAME
|
|
40
|
+
|
|
41
|
+
> `readonly` **CLASS\_NAME**: `string`
|
|
42
|
+
|
|
43
|
+
Runtime name for the class.
|
|
44
|
+
|
|
45
|
+
#### Implementation of
|
|
46
|
+
|
|
47
|
+
`IIdentityResolverConnector.CLASS_NAME`
|
|
48
|
+
|
|
49
|
+
## Methods
|
|
50
|
+
|
|
51
|
+
### resolveDocument()
|
|
52
|
+
|
|
53
|
+
> **resolveDocument**(`documentId`): `Promise`\<`IDidDocument`\>
|
|
54
|
+
|
|
55
|
+
Resolve a document from its id.
|
|
56
|
+
|
|
57
|
+
#### Parameters
|
|
58
|
+
|
|
59
|
+
##### documentId
|
|
60
|
+
|
|
61
|
+
`string`
|
|
62
|
+
|
|
63
|
+
The id of the document to resolve.
|
|
64
|
+
|
|
65
|
+
#### Returns
|
|
66
|
+
|
|
67
|
+
`Promise`\<`IDidDocument`\>
|
|
68
|
+
|
|
69
|
+
The resolved document.
|
|
70
|
+
|
|
71
|
+
#### Throws
|
|
72
|
+
|
|
73
|
+
NotFoundError if the id can not be resolved.
|
|
74
|
+
|
|
75
|
+
#### Implementation of
|
|
76
|
+
|
|
77
|
+
`IIdentityResolverConnector.resolveDocument`
|
package/docs/reference/index.md
CHANGED
|
@@ -6,11 +6,13 @@
|
|
|
6
6
|
- [IdentityProfile](classes/IdentityProfile.md)
|
|
7
7
|
- [EntityStorageIdentityConnector](classes/EntityStorageIdentityConnector.md)
|
|
8
8
|
- [EntityStorageIdentityProfileConnector](classes/EntityStorageIdentityProfileConnector.md)
|
|
9
|
+
- [EntityStorageIdentityResolverConnector](classes/EntityStorageIdentityResolverConnector.md)
|
|
9
10
|
|
|
10
11
|
## Interfaces
|
|
11
12
|
|
|
12
13
|
- [IEntityStorageIdentityConnectorConstructorOptions](interfaces/IEntityStorageIdentityConnectorConstructorOptions.md)
|
|
13
14
|
- [IEntityStorageIdentityProfileConnectorConstructorOptions](interfaces/IEntityStorageIdentityProfileConnectorConstructorOptions.md)
|
|
15
|
+
- [IEntityStorageIdentityResolverConnectorConstructorOptions](interfaces/IEntityStorageIdentityResolverConnectorConstructorOptions.md)
|
|
14
16
|
|
|
15
17
|
## Functions
|
|
16
18
|
|
|
@@ -2,6 +2,10 @@
|
|
|
2
2
|
|
|
3
3
|
Options for the entity storage identity connector constructor.
|
|
4
4
|
|
|
5
|
+
## Extends
|
|
6
|
+
|
|
7
|
+
- [`IEntityStorageIdentityResolverConnectorConstructorOptions`](IEntityStorageIdentityResolverConnectorConstructorOptions.md)
|
|
8
|
+
|
|
5
9
|
## Properties
|
|
6
10
|
|
|
7
11
|
### didDocumentEntityStorageType?
|
|
@@ -16,6 +20,10 @@ The entity storage for the did documents.
|
|
|
16
20
|
identity-document
|
|
17
21
|
```
|
|
18
22
|
|
|
23
|
+
#### Inherited from
|
|
24
|
+
|
|
25
|
+
[`IEntityStorageIdentityResolverConnectorConstructorOptions`](IEntityStorageIdentityResolverConnectorConstructorOptions.md).[`didDocumentEntityStorageType`](IEntityStorageIdentityResolverConnectorConstructorOptions.md#diddocumententitystoragetype)
|
|
26
|
+
|
|
19
27
|
***
|
|
20
28
|
|
|
21
29
|
### vaultConnectorType?
|
|
@@ -29,3 +37,7 @@ The vault for the private keys.
|
|
|
29
37
|
```ts
|
|
30
38
|
vault
|
|
31
39
|
```
|
|
40
|
+
|
|
41
|
+
#### Inherited from
|
|
42
|
+
|
|
43
|
+
[`IEntityStorageIdentityResolverConnectorConstructorOptions`](IEntityStorageIdentityResolverConnectorConstructorOptions.md).[`vaultConnectorType`](IEntityStorageIdentityResolverConnectorConstructorOptions.md#vaultconnectortype)
|
package/docs/reference/interfaces/IEntityStorageIdentityResolverConnectorConstructorOptions.md
ADDED
|
@@ -0,0 +1,35 @@
|
|
|
1
|
+
# Interface: IEntityStorageIdentityResolverConnectorConstructorOptions
|
|
2
|
+
|
|
3
|
+
Options for the entity storage identity connector constructor.
|
|
4
|
+
|
|
5
|
+
## Extended by
|
|
6
|
+
|
|
7
|
+
- [`IEntityStorageIdentityConnectorConstructorOptions`](IEntityStorageIdentityConnectorConstructorOptions.md)
|
|
8
|
+
|
|
9
|
+
## Properties
|
|
10
|
+
|
|
11
|
+
### didDocumentEntityStorageType?
|
|
12
|
+
|
|
13
|
+
> `optional` **didDocumentEntityStorageType**: `string`
|
|
14
|
+
|
|
15
|
+
The entity storage for the did documents.
|
|
16
|
+
|
|
17
|
+
#### Default
|
|
18
|
+
|
|
19
|
+
```ts
|
|
20
|
+
identity-document
|
|
21
|
+
```
|
|
22
|
+
|
|
23
|
+
***
|
|
24
|
+
|
|
25
|
+
### vaultConnectorType?
|
|
26
|
+
|
|
27
|
+
> `optional` **vaultConnectorType**: `string`
|
|
28
|
+
|
|
29
|
+
The vault for the private keys.
|
|
30
|
+
|
|
31
|
+
#### Default
|
|
32
|
+
|
|
33
|
+
```ts
|
|
34
|
+
vault
|
|
35
|
+
```
|
package/locales/en.json
CHANGED
|
@@ -1,9 +1,12 @@
|
|
|
1
1
|
{
|
|
2
2
|
"error": {
|
|
3
|
+
"entityStorageIdentityResolverConnector": {
|
|
4
|
+
"documentNotFound": "The document could not be found",
|
|
5
|
+
"resolveDocumentFailed": "Resolving the document failed"
|
|
6
|
+
},
|
|
3
7
|
"entityStorageIdentityConnector": {
|
|
4
8
|
"createDocumentFailed": "Creating the document failed",
|
|
5
9
|
"signatureVerificationFailed": "The document integrity check failed",
|
|
6
|
-
"resolveDocumentFailed": "Resolving the document failed",
|
|
7
10
|
"missingDid": "The full id including DID is required",
|
|
8
11
|
"addVerificationMethodFailed": "Adding the verification method failed",
|
|
9
12
|
"removeVerificationMethodFailed": "Removing the verification method failed",
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@twin.org/identity-connector-entity-storage",
|
|
3
|
-
"version": "0.0.1-next.
|
|
3
|
+
"version": "0.0.1-next.21",
|
|
4
4
|
"description": "Identity connector implementation using entity storage",
|
|
5
5
|
"repository": {
|
|
6
6
|
"type": "git",
|
|
@@ -19,7 +19,7 @@
|
|
|
19
19
|
"@twin.org/data-core": "next",
|
|
20
20
|
"@twin.org/data-json-ld": "next",
|
|
21
21
|
"@twin.org/entity": "next",
|
|
22
|
-
"@twin.org/identity-models": "0.0.1-next.
|
|
22
|
+
"@twin.org/identity-models": "0.0.1-next.21",
|
|
23
23
|
"@twin.org/nameof": "next",
|
|
24
24
|
"@twin.org/standards-w3c-did": "next",
|
|
25
25
|
"@twin.org/vault-models": "next",
|
|
@@ -30,9 +30,9 @@
|
|
|
30
30
|
"types": "./dist/types/index.d.ts",
|
|
31
31
|
"exports": {
|
|
32
32
|
".": {
|
|
33
|
+
"types": "./dist/types/index.d.ts",
|
|
33
34
|
"require": "./dist/cjs/index.cjs",
|
|
34
|
-
"import": "./dist/esm/index.mjs"
|
|
35
|
-
"types": "./dist/types/index.d.ts"
|
|
35
|
+
"import": "./dist/esm/index.mjs"
|
|
36
36
|
},
|
|
37
37
|
"./locales/*.json": "./locales/*.json"
|
|
38
38
|
},
|