@twin.org/trust-generators 0.0.3-next.15 → 0.0.3-next.17
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/es/generators/jwtVerifiableCredentialGenerator.js +10 -5
- package/dist/es/generators/jwtVerifiableCredentialGenerator.js.map +1 -1
- package/dist/types/generators/jwtVerifiableCredentialGenerator.d.ts +7 -3
- package/docs/changelog.md +28 -0
- package/docs/reference/classes/JwtVerifiableCredentialGenerator.md +13 -3
- package/package.json +4 -4
|
@@ -53,17 +53,22 @@ export class JwtVerifiableCredentialGenerator {
|
|
|
53
53
|
* @param identity The identity for which to generate the payload.
|
|
54
54
|
* @param info Information to use in the generation.
|
|
55
55
|
* @param info.subject The subject of the verifiable credential (JSON-LD).
|
|
56
|
-
* @param tenantIdHash Optional tenant identifier, should be an opaque hashed version. Embedded directly in the JWT
|
|
57
|
-
* payload as the `tid` claim (mirroring the existing auth-service session-JWT shape).
|
|
56
|
+
* @param tenantIdHash Optional tenant identifier, should be an opaque hashed version. Embedded directly in the JWT as the tid claim.
|
|
58
57
|
* @param organizationId Optional organization identifier. Embedded directly in
|
|
59
58
|
* the JWT payload as the `org` claim.
|
|
59
|
+
* @param options Per-call generation options.
|
|
60
|
+
* @param options.tokenTtlInSeconds TTL override in seconds for this token only. Takes precedence over the
|
|
61
|
+
* config-level `tokenTtlInSeconds` when provided.
|
|
60
62
|
* @returns The generated JWT.
|
|
61
63
|
*/
|
|
62
|
-
async generate(identity, info, tenantIdHash, organizationId) {
|
|
64
|
+
async generate(identity, info, tenantIdHash, organizationId, options) {
|
|
63
65
|
Guards.stringValue(JwtVerifiableCredentialGenerator.CLASS_NAME, "identity", identity);
|
|
66
|
+
const ttlInSeconds = Is.integer(options?.tokenTtlInSeconds)
|
|
67
|
+
? options.tokenTtlInSeconds
|
|
68
|
+
: this._tokenTtlInSeconds;
|
|
64
69
|
let expirationDate;
|
|
65
|
-
if (Is.integer(
|
|
66
|
-
const ttlMs =
|
|
70
|
+
if (Is.integer(ttlInSeconds)) {
|
|
71
|
+
const ttlMs = ttlInSeconds * 1000;
|
|
67
72
|
expirationDate = new Date(Date.now() + ttlMs);
|
|
68
73
|
}
|
|
69
74
|
const jwtPayloadFields = {};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwtVerifiableCredentialGenerator.js","sourceRoot":"","sources":["../../../src/generators/jwtVerifiableCredentialGenerator.ts"],"names":[],"mappings":"AAAA,gCAAgC;AAChC,uCAAuC;AACvC,OAAO,EAAE,gBAAgB,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,gBAAgB,CAAC;AAE9D,OAAO,EAAE,cAAc,EAA2B,MAAM,2BAA2B,CAAC;AAMpF;;GAEG;AACH,MAAM,OAAO,gCAAgC;IAC5C;;OAEG;IACI,MAAM,CAAU,UAAU,sCAAsD;IAEvF;;;OAGG;IACH,8EAA8E;IAC7D,iBAAiB,CAAqB;IAEvD;;;OAGG;IACc,kBAAkB,CAAqB;IAExD;;;OAGG;IACc,qBAAqB,CAAS;IAE/C;;;OAGG;IACc,kBAAkB,CAAU;IAE7C;;;OAGG;IACH,YAAY,OAA4D;QACvE,IAAI,CAAC,iBAAiB,GAAG,gBAAgB,CAAC,WAAW,CACpD,OAAO,EAAE,oBAAoB,IAAI,SAAS,CAC1C,CAAC;QAEF,IAAI,CAAC,kBAAkB,GAAG,gBAAgB,CAAC,GAAG,CAAC,OAAO,EAAE,qBAAqB,IAAI,UAAU,CAAC,CAAC;QAE7F,IAAI,CAAC,qBAAqB,GAAG,OAAO,CAAC,MAAM,CAAC,oBAAoB,CAAC;QACjE,IAAI,CAAC,kBAAkB,GAAG,OAAO,CAAC,MAAM,CAAC,iBAAiB,CAAC;IAC5D,CAAC;IAED;;;OAGG;IACI,SAAS;QACf,OAAO,gCAAgC,CAAC,UAAU,CAAC;IACpD,CAAC;IAED
|
|
1
|
+
{"version":3,"file":"jwtVerifiableCredentialGenerator.js","sourceRoot":"","sources":["../../../src/generators/jwtVerifiableCredentialGenerator.ts"],"names":[],"mappings":"AAAA,gCAAgC;AAChC,uCAAuC;AACvC,OAAO,EAAE,gBAAgB,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,gBAAgB,CAAC;AAE9D,OAAO,EAAE,cAAc,EAA2B,MAAM,2BAA2B,CAAC;AAMpF;;GAEG;AACH,MAAM,OAAO,gCAAgC;IAC5C;;OAEG;IACI,MAAM,CAAU,UAAU,sCAAsD;IAEvF;;;OAGG;IACH,8EAA8E;IAC7D,iBAAiB,CAAqB;IAEvD;;;OAGG;IACc,kBAAkB,CAAqB;IAExD;;;OAGG;IACc,qBAAqB,CAAS;IAE/C;;;OAGG;IACc,kBAAkB,CAAU;IAE7C;;;OAGG;IACH,YAAY,OAA4D;QACvE,IAAI,CAAC,iBAAiB,GAAG,gBAAgB,CAAC,WAAW,CACpD,OAAO,EAAE,oBAAoB,IAAI,SAAS,CAC1C,CAAC;QAEF,IAAI,CAAC,kBAAkB,GAAG,gBAAgB,CAAC,GAAG,CAAC,OAAO,EAAE,qBAAqB,IAAI,UAAU,CAAC,CAAC;QAE7F,IAAI,CAAC,qBAAqB,GAAG,OAAO,CAAC,MAAM,CAAC,oBAAoB,CAAC;QACjE,IAAI,CAAC,kBAAkB,GAAG,OAAO,CAAC,MAAM,CAAC,iBAAiB,CAAC;IAC5D,CAAC;IAED;;;OAGG;IACI,SAAS;QACf,OAAO,gCAAgC,CAAC,UAAU,CAAC;IACpD,CAAC;IAED;;;;;;;;;;;;OAYG;IACI,KAAK,CAAC,QAAQ,CACpB,QAAgB,EAChB,IAAsC,EACtC,YAAqB,EACrB,cAAuB,EACvB,OAAuC;QAEvC,MAAM,CAAC,WAAW,CAAC,gCAAgC,CAAC,UAAU,cAAoB,QAAQ,CAAC,CAAC;QAE5F,MAAM,YAAY,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,EAAE,iBAAiB,CAAC;YAC1D,CAAC,CAAC,OAAO,CAAC,iBAAiB;YAC3B,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC;QAE3B,IAAI,cAAc,CAAC;QAEnB,IAAI,EAAE,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,CAAC;YAC9B,MAAM,KAAK,GAAG,YAAY,GAAG,IAAI,CAAC;YAClC,cAAc,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC,CAAC;QAC/C,CAAC;QAED,MAAM,gBAAgB,GAA8B,EAAE,CAAC;QACvD,IAAI,EAAE,CAAC,WAAW,CAAC,YAAY,CAAC,EAAE,CAAC;YAClC,gBAAgB,CAAC,GAAG,GAAG,YAAY,CAAC;QACrC,CAAC;QACD,IAAI,EAAE,CAAC,WAAW,CAAC,cAAc,CAAC,EAAE,CAAC;YACpC,gBAAgB,CAAC,GAAG,GAAG,cAAc,CAAC;QACvC,CAAC;QAED,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,0BAA0B,CAC1E,cAAc,CAAC,MAAM,CAAC,QAAQ,EAAE,IAAI,CAAC,qBAAqB,CAAC,EAC3D,SAAS,EACT,IAAI,EAAE,OAAO,IAAI,EAAE,EACnB;YACC,cAAc;YACd,gBAAgB;SAChB,EACD,QAAQ,CACR,CAAC;QAEF,OAAO,UAAU,CAAC,GAAG,CAAC;IACvB,CAAC","sourcesContent":["// Copyright 2025 IOTA Stiftung.\n// SPDX-License-Identifier: Apache-2.0.\nimport { ComponentFactory, Guards, Is } from \"@twin.org/core\";\nimport type { IJsonLdNodeObject } from \"@twin.org/data-json-ld\";\nimport { DocumentHelper, type IIdentityComponent } from \"@twin.org/identity-models\";\nimport type { ILoggingComponent } from \"@twin.org/logging-models\";\nimport { nameof } from \"@twin.org/nameof\";\nimport type { ITrustGenerator } from \"@twin.org/trust-models\";\nimport type { IJwtVerifiableCredentialGeneratorConstructorOptions } from \"../models/IJwtVerifiableCredentialGeneratorConstructorOptions.js\";\n\n/**\n * Class to generate a JWT Verifiable Credential.\n */\nexport class JwtVerifiableCredentialGenerator implements ITrustGenerator {\n\t/**\n\t * Runtime name for the class.\n\t */\n\tpublic static readonly CLASS_NAME: string = nameof<JwtVerifiableCredentialGenerator>();\n\n\t/**\n\t * The logging component.\n\t * @internal\n\t */\n\t// eslint-disable-next-line @typescript-eslint/no-unused-private-class-members\n\tprivate readonly _loggingComponent?: ILoggingComponent;\n\n\t/**\n\t * The identity component.\n\t * @internal\n\t */\n\tprivate readonly _identityComponent: IIdentityComponent;\n\n\t/**\n\t * The verification method ID for the connector to use.\n\t * @internal\n\t */\n\tprivate readonly _verificationMethodId: string;\n\n\t/**\n\t * The time-to-live (TTL) for token in seconds.\n\t * @internal\n\t */\n\tprivate readonly _tokenTtlInSeconds?: number;\n\n\t/**\n\t * Create a new instance of JwtVerifiableCredentialGenerator.\n\t * @param options The options for the service.\n\t */\n\tconstructor(options: IJwtVerifiableCredentialGeneratorConstructorOptions) {\n\t\tthis._loggingComponent = ComponentFactory.getIfExists(\n\t\t\toptions?.loggingComponentType ?? \"logging\"\n\t\t);\n\n\t\tthis._identityComponent = ComponentFactory.get(options?.identityComponentType ?? \"identity\");\n\n\t\tthis._verificationMethodId = options.config.verificationMethodId;\n\t\tthis._tokenTtlInSeconds = options.config.tokenTtlInSeconds;\n\t}\n\n\t/**\n\t * Returns the class name of the component.\n\t * @returns The class name of the component.\n\t */\n\tpublic className(): string {\n\t\treturn JwtVerifiableCredentialGenerator.CLASS_NAME;\n\t}\n\n\t/**\n\t * Generate a trust payload.\n\t * @param identity The identity for which to generate the payload.\n\t * @param info Information to use in the generation.\n\t * @param info.subject The subject of the verifiable credential (JSON-LD).\n\t * @param tenantIdHash Optional tenant identifier, should be an opaque hashed version. Embedded directly in the JWT as the tid claim.\n\t * @param organizationId Optional organization identifier. Embedded directly in\n\t * the JWT payload as the `org` claim.\n\t * @param options Per-call generation options.\n\t * @param options.tokenTtlInSeconds TTL override in seconds for this token only. Takes precedence over the\n\t * config-level `tokenTtlInSeconds` when provided.\n\t * @returns The generated JWT.\n\t */\n\tpublic async generate(\n\t\tidentity: string,\n\t\tinfo?: { subject?: IJsonLdNodeObject },\n\t\ttenantIdHash?: string,\n\t\torganizationId?: string,\n\t\toptions?: { tokenTtlInSeconds: number }\n\t): Promise<unknown> {\n\t\tGuards.stringValue(JwtVerifiableCredentialGenerator.CLASS_NAME, nameof(identity), identity);\n\n\t\tconst ttlInSeconds = Is.integer(options?.tokenTtlInSeconds)\n\t\t\t? options.tokenTtlInSeconds\n\t\t\t: this._tokenTtlInSeconds;\n\n\t\tlet expirationDate;\n\n\t\tif (Is.integer(ttlInSeconds)) {\n\t\t\tconst ttlMs = ttlInSeconds * 1000;\n\t\t\texpirationDate = new Date(Date.now() + ttlMs);\n\t\t}\n\n\t\tconst jwtPayloadFields: { [key: string]: string } = {};\n\t\tif (Is.stringValue(tenantIdHash)) {\n\t\t\tjwtPayloadFields.tid = tenantIdHash;\n\t\t}\n\t\tif (Is.stringValue(organizationId)) {\n\t\t\tjwtPayloadFields.org = organizationId;\n\t\t}\n\n\t\tconst credential = await this._identityComponent.verifiableCredentialCreate(\n\t\t\tDocumentHelper.joinId(identity, this._verificationMethodId),\n\t\t\tundefined,\n\t\t\tinfo?.subject ?? {},\n\t\t\t{\n\t\t\t\texpirationDate,\n\t\t\t\tjwtPayloadFields\n\t\t\t},\n\t\t\tidentity\n\t\t);\n\n\t\treturn credential.jwt;\n\t}\n}\n"]}
|
|
@@ -24,13 +24,17 @@ export declare class JwtVerifiableCredentialGenerator implements ITrustGenerator
|
|
|
24
24
|
* @param identity The identity for which to generate the payload.
|
|
25
25
|
* @param info Information to use in the generation.
|
|
26
26
|
* @param info.subject The subject of the verifiable credential (JSON-LD).
|
|
27
|
-
* @param tenantIdHash Optional tenant identifier, should be an opaque hashed version. Embedded directly in the JWT
|
|
28
|
-
* payload as the `tid` claim (mirroring the existing auth-service session-JWT shape).
|
|
27
|
+
* @param tenantIdHash Optional tenant identifier, should be an opaque hashed version. Embedded directly in the JWT as the tid claim.
|
|
29
28
|
* @param organizationId Optional organization identifier. Embedded directly in
|
|
30
29
|
* the JWT payload as the `org` claim.
|
|
30
|
+
* @param options Per-call generation options.
|
|
31
|
+
* @param options.tokenTtlInSeconds TTL override in seconds for this token only. Takes precedence over the
|
|
32
|
+
* config-level `tokenTtlInSeconds` when provided.
|
|
31
33
|
* @returns The generated JWT.
|
|
32
34
|
*/
|
|
33
35
|
generate(identity: string, info?: {
|
|
34
36
|
subject?: IJsonLdNodeObject;
|
|
35
|
-
}, tenantIdHash?: string, organizationId?: string
|
|
37
|
+
}, tenantIdHash?: string, organizationId?: string, options?: {
|
|
38
|
+
tokenTtlInSeconds: number;
|
|
39
|
+
}): Promise<unknown>;
|
|
36
40
|
}
|
package/docs/changelog.md
CHANGED
|
@@ -1,5 +1,33 @@
|
|
|
1
1
|
# Changelog
|
|
2
2
|
|
|
3
|
+
## [0.0.3-next.17](https://github.com/iotaledger/twin-trust/compare/trust-generators-v0.0.3-next.16...trust-generators-v0.0.3-next.17) (2026-06-02)
|
|
4
|
+
|
|
5
|
+
|
|
6
|
+
### Features
|
|
7
|
+
|
|
8
|
+
* update param names ([4c78d57](https://github.com/iotaledger/twin-trust/commit/4c78d5703ce7adef3fb5d3bbb1d2cde5db4376cc))
|
|
9
|
+
|
|
10
|
+
|
|
11
|
+
### Dependencies
|
|
12
|
+
|
|
13
|
+
* The following workspace dependencies were updated
|
|
14
|
+
* dependencies
|
|
15
|
+
* @twin.org/trust-models bumped from 0.0.3-next.16 to 0.0.3-next.17
|
|
16
|
+
|
|
17
|
+
## [0.0.3-next.16](https://github.com/iotaledger/twin-trust/compare/trust-generators-v0.0.3-next.15...trust-generators-v0.0.3-next.16) (2026-05-27)
|
|
18
|
+
|
|
19
|
+
|
|
20
|
+
### Features
|
|
21
|
+
|
|
22
|
+
* ttl-token per generation ([#26](https://github.com/iotaledger/twin-trust/issues/26)) ([a35e925](https://github.com/iotaledger/twin-trust/commit/a35e925560d05f30dd8c02eb4184c0c503ca075a))
|
|
23
|
+
|
|
24
|
+
|
|
25
|
+
### Dependencies
|
|
26
|
+
|
|
27
|
+
* The following workspace dependencies were updated
|
|
28
|
+
* dependencies
|
|
29
|
+
* @twin.org/trust-models bumped from 0.0.3-next.15 to 0.0.3-next.16
|
|
30
|
+
|
|
3
31
|
## [0.0.3-next.15](https://github.com/iotaledger/twin-trust/compare/trust-generators-v0.0.3-next.14...trust-generators-v0.0.3-next.15) (2026-05-26)
|
|
4
32
|
|
|
5
33
|
|
|
@@ -56,7 +56,7 @@ The class name of the component.
|
|
|
56
56
|
|
|
57
57
|
### generate() {#generate}
|
|
58
58
|
|
|
59
|
-
> **generate**(`identity`, `info?`, `tenantIdHash?`, `organizationId?`): `Promise`\<`unknown`\>
|
|
59
|
+
> **generate**(`identity`, `info?`, `tenantIdHash?`, `organizationId?`, `options?`): `Promise`\<`unknown`\>
|
|
60
60
|
|
|
61
61
|
Generate a trust payload.
|
|
62
62
|
|
|
@@ -82,8 +82,7 @@ The subject of the verifiable credential (JSON-LD).
|
|
|
82
82
|
|
|
83
83
|
`string`
|
|
84
84
|
|
|
85
|
-
Optional tenant identifier, should be an opaque hashed version. Embedded directly in the JWT
|
|
86
|
-
payload as the `tid` claim (mirroring the existing auth-service session-JWT shape).
|
|
85
|
+
Optional tenant identifier, should be an opaque hashed version. Embedded directly in the JWT as the tid claim.
|
|
87
86
|
|
|
88
87
|
##### organizationId?
|
|
89
88
|
|
|
@@ -92,6 +91,17 @@ payload as the `tid` claim (mirroring the existing auth-service session-JWT shap
|
|
|
92
91
|
Optional organization identifier. Embedded directly in
|
|
93
92
|
the JWT payload as the `org` claim.
|
|
94
93
|
|
|
94
|
+
##### options?
|
|
95
|
+
|
|
96
|
+
Per-call generation options.
|
|
97
|
+
|
|
98
|
+
###### tokenTtlInSeconds
|
|
99
|
+
|
|
100
|
+
`number`
|
|
101
|
+
|
|
102
|
+
TTL override in seconds for this token only. Takes precedence over the
|
|
103
|
+
config-level `tokenTtlInSeconds` when provided.
|
|
104
|
+
|
|
95
105
|
#### Returns
|
|
96
106
|
|
|
97
107
|
`Promise`\<`unknown`\>
|
package/package.json
CHANGED
|
@@ -1,10 +1,10 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@twin.org/trust-generators",
|
|
3
|
-
"version": "0.0.3-next.
|
|
3
|
+
"version": "0.0.3-next.17",
|
|
4
4
|
"description": "Implements trust credential generators that produce signed verifiable credential artefacts",
|
|
5
5
|
"repository": {
|
|
6
6
|
"type": "git",
|
|
7
|
-
"url": "git+https://github.com/iotaledger/trust.git",
|
|
7
|
+
"url": "git+https://github.com/iotaledger/twin-trust.git",
|
|
8
8
|
"directory": "packages/trust-generators"
|
|
9
9
|
},
|
|
10
10
|
"author": "martyn.janes@iota.org",
|
|
@@ -19,7 +19,7 @@
|
|
|
19
19
|
"@twin.org/identity-models": "next",
|
|
20
20
|
"@twin.org/logging-models": "next",
|
|
21
21
|
"@twin.org/nameof": "next",
|
|
22
|
-
"@twin.org/trust-models": "0.0.3-next.
|
|
22
|
+
"@twin.org/trust-models": "0.0.3-next.17",
|
|
23
23
|
"@twin.org/web": "next"
|
|
24
24
|
},
|
|
25
25
|
"main": "./dist/es/index.js",
|
|
@@ -50,7 +50,7 @@
|
|
|
50
50
|
"schemas"
|
|
51
51
|
],
|
|
52
52
|
"bugs": {
|
|
53
|
-
"url": "git+https://github.com/iotaledger/trust/issues"
|
|
53
|
+
"url": "git+https://github.com/iotaledger/twin-trust/issues"
|
|
54
54
|
},
|
|
55
55
|
"homepage": "https://twindev.org"
|
|
56
56
|
}
|