@twin.org/trust-generators 0.0.3-next.16 → 0.0.3-next.18

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -53,8 +53,7 @@ export class JwtVerifiableCredentialGenerator {
53
53
  * @param identity The identity for which to generate the payload.
54
54
  * @param info Information to use in the generation.
55
55
  * @param info.subject The subject of the verifiable credential (JSON-LD).
56
- * @param tenantIdHash Optional tenant identifier, should be an opaque hashed version. Embedded directly in the JWT
57
- * payload as the `tid` claim (mirroring the existing auth-service session-JWT shape).
56
+ * @param tenantIdHash Optional tenant identifier, should be an opaque hashed version. Embedded directly in the JWT as the tid claim.
58
57
  * @param organizationId Optional organization identifier. Embedded directly in
59
58
  * the JWT payload as the `org` claim.
60
59
  * @param options Per-call generation options.
@@ -1 +1 @@
1
- {"version":3,"file":"jwtVerifiableCredentialGenerator.js","sourceRoot":"","sources":["../../../src/generators/jwtVerifiableCredentialGenerator.ts"],"names":[],"mappings":"AAAA,gCAAgC;AAChC,uCAAuC;AACvC,OAAO,EAAE,gBAAgB,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,gBAAgB,CAAC;AAE9D,OAAO,EAAE,cAAc,EAA2B,MAAM,2BAA2B,CAAC;AAMpF;;GAEG;AACH,MAAM,OAAO,gCAAgC;IAC5C;;OAEG;IACI,MAAM,CAAU,UAAU,sCAAsD;IAEvF;;;OAGG;IACH,8EAA8E;IAC7D,iBAAiB,CAAqB;IAEvD;;;OAGG;IACc,kBAAkB,CAAqB;IAExD;;;OAGG;IACc,qBAAqB,CAAS;IAE/C;;;OAGG;IACc,kBAAkB,CAAU;IAE7C;;;OAGG;IACH,YAAY,OAA4D;QACvE,IAAI,CAAC,iBAAiB,GAAG,gBAAgB,CAAC,WAAW,CACpD,OAAO,EAAE,oBAAoB,IAAI,SAAS,CAC1C,CAAC;QAEF,IAAI,CAAC,kBAAkB,GAAG,gBAAgB,CAAC,GAAG,CAAC,OAAO,EAAE,qBAAqB,IAAI,UAAU,CAAC,CAAC;QAE7F,IAAI,CAAC,qBAAqB,GAAG,OAAO,CAAC,MAAM,CAAC,oBAAoB,CAAC;QACjE,IAAI,CAAC,kBAAkB,GAAG,OAAO,CAAC,MAAM,CAAC,iBAAiB,CAAC;IAC5D,CAAC;IAED;;;OAGG;IACI,SAAS;QACf,OAAO,gCAAgC,CAAC,UAAU,CAAC;IACpD,CAAC;IAED;;;;;;;;;;;;;OAaG;IACI,KAAK,CAAC,QAAQ,CACpB,QAAgB,EAChB,IAAsC,EACtC,YAAqB,EACrB,cAAuB,EACvB,OAAuC;QAEvC,MAAM,CAAC,WAAW,CAAC,gCAAgC,CAAC,UAAU,cAAoB,QAAQ,CAAC,CAAC;QAE5F,MAAM,YAAY,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,EAAE,iBAAiB,CAAC;YAC1D,CAAC,CAAC,OAAO,CAAC,iBAAiB;YAC3B,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC;QAE3B,IAAI,cAAc,CAAC;QAEnB,IAAI,EAAE,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,CAAC;YAC9B,MAAM,KAAK,GAAG,YAAY,GAAG,IAAI,CAAC;YAClC,cAAc,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC,CAAC;QAC/C,CAAC;QAED,MAAM,gBAAgB,GAA8B,EAAE,CAAC;QACvD,IAAI,EAAE,CAAC,WAAW,CAAC,YAAY,CAAC,EAAE,CAAC;YAClC,gBAAgB,CAAC,GAAG,GAAG,YAAY,CAAC;QACrC,CAAC;QACD,IAAI,EAAE,CAAC,WAAW,CAAC,cAAc,CAAC,EAAE,CAAC;YACpC,gBAAgB,CAAC,GAAG,GAAG,cAAc,CAAC;QACvC,CAAC;QAED,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,0BAA0B,CAC1E,cAAc,CAAC,MAAM,CAAC,QAAQ,EAAE,IAAI,CAAC,qBAAqB,CAAC,EAC3D,SAAS,EACT,IAAI,EAAE,OAAO,IAAI,EAAE,EACnB;YACC,cAAc;YACd,gBAAgB;SAChB,EACD,QAAQ,CACR,CAAC;QAEF,OAAO,UAAU,CAAC,GAAG,CAAC;IACvB,CAAC","sourcesContent":["// Copyright 2025 IOTA Stiftung.\n// SPDX-License-Identifier: Apache-2.0.\nimport { ComponentFactory, Guards, Is } from \"@twin.org/core\";\nimport type { IJsonLdNodeObject } from \"@twin.org/data-json-ld\";\nimport { DocumentHelper, type IIdentityComponent } from \"@twin.org/identity-models\";\nimport type { ILoggingComponent } from \"@twin.org/logging-models\";\nimport { nameof } from \"@twin.org/nameof\";\nimport type { ITrustGenerator } from \"@twin.org/trust-models\";\nimport type { IJwtVerifiableCredentialGeneratorConstructorOptions } from \"../models/IJwtVerifiableCredentialGeneratorConstructorOptions.js\";\n\n/**\n * Class to generate a JWT Verifiable Credential.\n */\nexport class JwtVerifiableCredentialGenerator implements ITrustGenerator {\n\t/**\n\t * Runtime name for the class.\n\t */\n\tpublic static readonly CLASS_NAME: string = nameof<JwtVerifiableCredentialGenerator>();\n\n\t/**\n\t * The logging component.\n\t * @internal\n\t */\n\t// eslint-disable-next-line @typescript-eslint/no-unused-private-class-members\n\tprivate readonly _loggingComponent?: ILoggingComponent;\n\n\t/**\n\t * The identity component.\n\t * @internal\n\t */\n\tprivate readonly _identityComponent: IIdentityComponent;\n\n\t/**\n\t * The verification method ID for the connector to use.\n\t * @internal\n\t */\n\tprivate readonly _verificationMethodId: string;\n\n\t/**\n\t * The time-to-live (TTL) for token in seconds.\n\t * @internal\n\t */\n\tprivate readonly _tokenTtlInSeconds?: number;\n\n\t/**\n\t * Create a new instance of JwtVerifiableCredentialGenerator.\n\t * @param options The options for the service.\n\t */\n\tconstructor(options: IJwtVerifiableCredentialGeneratorConstructorOptions) {\n\t\tthis._loggingComponent = ComponentFactory.getIfExists(\n\t\t\toptions?.loggingComponentType ?? \"logging\"\n\t\t);\n\n\t\tthis._identityComponent = ComponentFactory.get(options?.identityComponentType ?? \"identity\");\n\n\t\tthis._verificationMethodId = options.config.verificationMethodId;\n\t\tthis._tokenTtlInSeconds = options.config.tokenTtlInSeconds;\n\t}\n\n\t/**\n\t * Returns the class name of the component.\n\t * @returns The class name of the component.\n\t */\n\tpublic className(): string {\n\t\treturn JwtVerifiableCredentialGenerator.CLASS_NAME;\n\t}\n\n\t/**\n\t * Generate a trust payload.\n\t * @param identity The identity for which to generate the payload.\n\t * @param info Information to use in the generation.\n\t * @param info.subject The subject of the verifiable credential (JSON-LD).\n\t * @param tenantIdHash Optional tenant identifier, should be an opaque hashed version. Embedded directly in the JWT\n\t * payload as the `tid` claim (mirroring the existing auth-service session-JWT shape).\n\t * @param organizationId Optional organization identifier. Embedded directly in\n\t * the JWT payload as the `org` claim.\n\t * @param options Per-call generation options.\n\t * @param options.tokenTtlInSeconds TTL override in seconds for this token only. Takes precedence over the\n\t * config-level `tokenTtlInSeconds` when provided.\n\t * @returns The generated JWT.\n\t */\n\tpublic async generate(\n\t\tidentity: string,\n\t\tinfo?: { subject?: IJsonLdNodeObject },\n\t\ttenantIdHash?: string,\n\t\torganizationId?: string,\n\t\toptions?: { tokenTtlInSeconds: number }\n\t): Promise<unknown> {\n\t\tGuards.stringValue(JwtVerifiableCredentialGenerator.CLASS_NAME, nameof(identity), identity);\n\n\t\tconst ttlInSeconds = Is.integer(options?.tokenTtlInSeconds)\n\t\t\t? options.tokenTtlInSeconds\n\t\t\t: this._tokenTtlInSeconds;\n\n\t\tlet expirationDate;\n\n\t\tif (Is.integer(ttlInSeconds)) {\n\t\t\tconst ttlMs = ttlInSeconds * 1000;\n\t\t\texpirationDate = new Date(Date.now() + ttlMs);\n\t\t}\n\n\t\tconst jwtPayloadFields: { [key: string]: string } = {};\n\t\tif (Is.stringValue(tenantIdHash)) {\n\t\t\tjwtPayloadFields.tid = tenantIdHash;\n\t\t}\n\t\tif (Is.stringValue(organizationId)) {\n\t\t\tjwtPayloadFields.org = organizationId;\n\t\t}\n\n\t\tconst credential = await this._identityComponent.verifiableCredentialCreate(\n\t\t\tDocumentHelper.joinId(identity, this._verificationMethodId),\n\t\t\tundefined,\n\t\t\tinfo?.subject ?? {},\n\t\t\t{\n\t\t\t\texpirationDate,\n\t\t\t\tjwtPayloadFields\n\t\t\t},\n\t\t\tidentity\n\t\t);\n\n\t\treturn credential.jwt;\n\t}\n}\n"]}
1
+ {"version":3,"file":"jwtVerifiableCredentialGenerator.js","sourceRoot":"","sources":["../../../src/generators/jwtVerifiableCredentialGenerator.ts"],"names":[],"mappings":"AAAA,gCAAgC;AAChC,uCAAuC;AACvC,OAAO,EAAE,gBAAgB,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,gBAAgB,CAAC;AAE9D,OAAO,EAAE,cAAc,EAA2B,MAAM,2BAA2B,CAAC;AAMpF;;GAEG;AACH,MAAM,OAAO,gCAAgC;IAC5C;;OAEG;IACI,MAAM,CAAU,UAAU,sCAAsD;IAEvF;;;OAGG;IACH,8EAA8E;IAC7D,iBAAiB,CAAqB;IAEvD;;;OAGG;IACc,kBAAkB,CAAqB;IAExD;;;OAGG;IACc,qBAAqB,CAAS;IAE/C;;;OAGG;IACc,kBAAkB,CAAU;IAE7C;;;OAGG;IACH,YAAY,OAA4D;QACvE,IAAI,CAAC,iBAAiB,GAAG,gBAAgB,CAAC,WAAW,CACpD,OAAO,EAAE,oBAAoB,IAAI,SAAS,CAC1C,CAAC;QAEF,IAAI,CAAC,kBAAkB,GAAG,gBAAgB,CAAC,GAAG,CAAC,OAAO,EAAE,qBAAqB,IAAI,UAAU,CAAC,CAAC;QAE7F,IAAI,CAAC,qBAAqB,GAAG,OAAO,CAAC,MAAM,CAAC,oBAAoB,CAAC;QACjE,IAAI,CAAC,kBAAkB,GAAG,OAAO,CAAC,MAAM,CAAC,iBAAiB,CAAC;IAC5D,CAAC;IAED;;;OAGG;IACI,SAAS;QACf,OAAO,gCAAgC,CAAC,UAAU,CAAC;IACpD,CAAC;IAED;;;;;;;;;;;;OAYG;IACI,KAAK,CAAC,QAAQ,CACpB,QAAgB,EAChB,IAAsC,EACtC,YAAqB,EACrB,cAAuB,EACvB,OAAuC;QAEvC,MAAM,CAAC,WAAW,CAAC,gCAAgC,CAAC,UAAU,cAAoB,QAAQ,CAAC,CAAC;QAE5F,MAAM,YAAY,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,EAAE,iBAAiB,CAAC;YAC1D,CAAC,CAAC,OAAO,CAAC,iBAAiB;YAC3B,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC;QAE3B,IAAI,cAAc,CAAC;QAEnB,IAAI,EAAE,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,CAAC;YAC9B,MAAM,KAAK,GAAG,YAAY,GAAG,IAAI,CAAC;YAClC,cAAc,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC,CAAC;QAC/C,CAAC;QAED,MAAM,gBAAgB,GAA8B,EAAE,CAAC;QACvD,IAAI,EAAE,CAAC,WAAW,CAAC,YAAY,CAAC,EAAE,CAAC;YAClC,gBAAgB,CAAC,GAAG,GAAG,YAAY,CAAC;QACrC,CAAC;QACD,IAAI,EAAE,CAAC,WAAW,CAAC,cAAc,CAAC,EAAE,CAAC;YACpC,gBAAgB,CAAC,GAAG,GAAG,cAAc,CAAC;QACvC,CAAC;QAED,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,0BAA0B,CAC1E,cAAc,CAAC,MAAM,CAAC,QAAQ,EAAE,IAAI,CAAC,qBAAqB,CAAC,EAC3D,SAAS,EACT,IAAI,EAAE,OAAO,IAAI,EAAE,EACnB;YACC,cAAc;YACd,gBAAgB;SAChB,EACD,QAAQ,CACR,CAAC;QAEF,OAAO,UAAU,CAAC,GAAG,CAAC;IACvB,CAAC","sourcesContent":["// Copyright 2025 IOTA Stiftung.\n// SPDX-License-Identifier: Apache-2.0.\nimport { ComponentFactory, Guards, Is } from \"@twin.org/core\";\nimport type { IJsonLdNodeObject } from \"@twin.org/data-json-ld\";\nimport { DocumentHelper, type IIdentityComponent } from \"@twin.org/identity-models\";\nimport type { ILoggingComponent } from \"@twin.org/logging-models\";\nimport { nameof } from \"@twin.org/nameof\";\nimport type { ITrustGenerator } from \"@twin.org/trust-models\";\nimport type { IJwtVerifiableCredentialGeneratorConstructorOptions } from \"../models/IJwtVerifiableCredentialGeneratorConstructorOptions.js\";\n\n/**\n * Class to generate a JWT Verifiable Credential.\n */\nexport class JwtVerifiableCredentialGenerator implements ITrustGenerator {\n\t/**\n\t * Runtime name for the class.\n\t */\n\tpublic static readonly CLASS_NAME: string = nameof<JwtVerifiableCredentialGenerator>();\n\n\t/**\n\t * The logging component.\n\t * @internal\n\t */\n\t// eslint-disable-next-line @typescript-eslint/no-unused-private-class-members\n\tprivate readonly _loggingComponent?: ILoggingComponent;\n\n\t/**\n\t * The identity component.\n\t * @internal\n\t */\n\tprivate readonly _identityComponent: IIdentityComponent;\n\n\t/**\n\t * The verification method ID for the connector to use.\n\t * @internal\n\t */\n\tprivate readonly _verificationMethodId: string;\n\n\t/**\n\t * The time-to-live (TTL) for token in seconds.\n\t * @internal\n\t */\n\tprivate readonly _tokenTtlInSeconds?: number;\n\n\t/**\n\t * Create a new instance of JwtVerifiableCredentialGenerator.\n\t * @param options The options for the service.\n\t */\n\tconstructor(options: IJwtVerifiableCredentialGeneratorConstructorOptions) {\n\t\tthis._loggingComponent = ComponentFactory.getIfExists(\n\t\t\toptions?.loggingComponentType ?? \"logging\"\n\t\t);\n\n\t\tthis._identityComponent = ComponentFactory.get(options?.identityComponentType ?? \"identity\");\n\n\t\tthis._verificationMethodId = options.config.verificationMethodId;\n\t\tthis._tokenTtlInSeconds = options.config.tokenTtlInSeconds;\n\t}\n\n\t/**\n\t * Returns the class name of the component.\n\t * @returns The class name of the component.\n\t */\n\tpublic className(): string {\n\t\treturn JwtVerifiableCredentialGenerator.CLASS_NAME;\n\t}\n\n\t/**\n\t * Generate a trust payload.\n\t * @param identity The identity for which to generate the payload.\n\t * @param info Information to use in the generation.\n\t * @param info.subject The subject of the verifiable credential (JSON-LD).\n\t * @param tenantIdHash Optional tenant identifier, should be an opaque hashed version. Embedded directly in the JWT as the tid claim.\n\t * @param organizationId Optional organization identifier. Embedded directly in\n\t * the JWT payload as the `org` claim.\n\t * @param options Per-call generation options.\n\t * @param options.tokenTtlInSeconds TTL override in seconds for this token only. Takes precedence over the\n\t * config-level `tokenTtlInSeconds` when provided.\n\t * @returns The generated JWT.\n\t */\n\tpublic async generate(\n\t\tidentity: string,\n\t\tinfo?: { subject?: IJsonLdNodeObject },\n\t\ttenantIdHash?: string,\n\t\torganizationId?: string,\n\t\toptions?: { tokenTtlInSeconds: number }\n\t): Promise<unknown> {\n\t\tGuards.stringValue(JwtVerifiableCredentialGenerator.CLASS_NAME, nameof(identity), identity);\n\n\t\tconst ttlInSeconds = Is.integer(options?.tokenTtlInSeconds)\n\t\t\t? options.tokenTtlInSeconds\n\t\t\t: this._tokenTtlInSeconds;\n\n\t\tlet expirationDate;\n\n\t\tif (Is.integer(ttlInSeconds)) {\n\t\t\tconst ttlMs = ttlInSeconds * 1000;\n\t\t\texpirationDate = new Date(Date.now() + ttlMs);\n\t\t}\n\n\t\tconst jwtPayloadFields: { [key: string]: string } = {};\n\t\tif (Is.stringValue(tenantIdHash)) {\n\t\t\tjwtPayloadFields.tid = tenantIdHash;\n\t\t}\n\t\tif (Is.stringValue(organizationId)) {\n\t\t\tjwtPayloadFields.org = organizationId;\n\t\t}\n\n\t\tconst credential = await this._identityComponent.verifiableCredentialCreate(\n\t\t\tDocumentHelper.joinId(identity, this._verificationMethodId),\n\t\t\tundefined,\n\t\t\tinfo?.subject ?? {},\n\t\t\t{\n\t\t\t\texpirationDate,\n\t\t\t\tjwtPayloadFields\n\t\t\t},\n\t\t\tidentity\n\t\t);\n\n\t\treturn credential.jwt;\n\t}\n}\n"]}
@@ -24,8 +24,7 @@ export declare class JwtVerifiableCredentialGenerator implements ITrustGenerator
24
24
  * @param identity The identity for which to generate the payload.
25
25
  * @param info Information to use in the generation.
26
26
  * @param info.subject The subject of the verifiable credential (JSON-LD).
27
- * @param tenantIdHash Optional tenant identifier, should be an opaque hashed version. Embedded directly in the JWT
28
- * payload as the `tid` claim (mirroring the existing auth-service session-JWT shape).
27
+ * @param tenantIdHash Optional tenant identifier, should be an opaque hashed version. Embedded directly in the JWT as the tid claim.
29
28
  * @param organizationId Optional organization identifier. Embedded directly in
30
29
  * the JWT payload as the `org` claim.
31
30
  * @param options Per-call generation options.
package/docs/changelog.md CHANGED
@@ -1,5 +1,33 @@
1
1
  # Changelog
2
2
 
3
+ ## [0.0.3-next.18](https://github.com/iotaledger/twin-trust/compare/trust-generators-v0.0.3-next.17...trust-generators-v0.0.3-next.18) (2026-06-05)
4
+
5
+
6
+ ### Miscellaneous Chores
7
+
8
+ * **trust-generators:** Synchronize repo versions
9
+
10
+
11
+ ### Dependencies
12
+
13
+ * The following workspace dependencies were updated
14
+ * dependencies
15
+ * @twin.org/trust-models bumped from 0.0.3-next.17 to 0.0.3-next.18
16
+
17
+ ## [0.0.3-next.17](https://github.com/iotaledger/twin-trust/compare/trust-generators-v0.0.3-next.16...trust-generators-v0.0.3-next.17) (2026-06-02)
18
+
19
+
20
+ ### Features
21
+
22
+ * update param names ([4c78d57](https://github.com/iotaledger/twin-trust/commit/4c78d5703ce7adef3fb5d3bbb1d2cde5db4376cc))
23
+
24
+
25
+ ### Dependencies
26
+
27
+ * The following workspace dependencies were updated
28
+ * dependencies
29
+ * @twin.org/trust-models bumped from 0.0.3-next.16 to 0.0.3-next.17
30
+
3
31
  ## [0.0.3-next.16](https://github.com/iotaledger/twin-trust/compare/trust-generators-v0.0.3-next.15...trust-generators-v0.0.3-next.16) (2026-05-27)
4
32
 
5
33
 
@@ -82,8 +82,7 @@ The subject of the verifiable credential (JSON-LD).
82
82
 
83
83
  `string`
84
84
 
85
- Optional tenant identifier, should be an opaque hashed version. Embedded directly in the JWT
86
- payload as the `tid` claim (mirroring the existing auth-service session-JWT shape).
85
+ Optional tenant identifier, should be an opaque hashed version. Embedded directly in the JWT as the tid claim.
87
86
 
88
87
  ##### organizationId?
89
88
 
package/package.json CHANGED
@@ -1,10 +1,10 @@
1
1
  {
2
2
  "name": "@twin.org/trust-generators",
3
- "version": "0.0.3-next.16",
3
+ "version": "0.0.3-next.18",
4
4
  "description": "Implements trust credential generators that produce signed verifiable credential artefacts",
5
5
  "repository": {
6
6
  "type": "git",
7
- "url": "git+https://github.com/iotaledger/trust.git",
7
+ "url": "git+https://github.com/iotaledger/twin-trust.git",
8
8
  "directory": "packages/trust-generators"
9
9
  },
10
10
  "author": "martyn.janes@iota.org",
@@ -19,7 +19,7 @@
19
19
  "@twin.org/identity-models": "next",
20
20
  "@twin.org/logging-models": "next",
21
21
  "@twin.org/nameof": "next",
22
- "@twin.org/trust-models": "0.0.3-next.16",
22
+ "@twin.org/trust-models": "0.0.3-next.18",
23
23
  "@twin.org/web": "next"
24
24
  },
25
25
  "main": "./dist/es/index.js",
@@ -50,7 +50,7 @@
50
50
  "schemas"
51
51
  ],
52
52
  "bugs": {
53
- "url": "git+https://github.com/iotaledger/trust/issues"
53
+ "url": "git+https://github.com/iotaledger/twin-trust/issues"
54
54
  },
55
55
  "homepage": "https://twindev.org"
56
56
  }