@twin.org/trust-verifiers 0.0.3-next.11 → 0.0.3-next.13

package/README.md

@@ -1,6 +1,6 @@
 # TWIN Trust Verifiers
 
-Verifiers for trust.
+This package is part of the trust repository and provides reusable trust building blocks so applications can issue, validate, and orchestrate trust artefacts with consistent behaviour.
 
 ## Installation
 

package/dist/es/verifiers/jwtVerifiableCredentialVerifier.js

@@ -15,6 +15,7 @@ export class JwtVerifiableCredentialVerifier {
      * The logging component.
      * @internal
      */
+    // eslint-disable-next-line @typescript-eslint/no-unused-private-class-members
     _loggingComponent;
     /**
      * The identity component.

package/dist/es/verifiers/jwtVerifiableCredentialVerifier.js.map

@@ -1 +1 @@
-{"version":3,"file":"jwtVerifiableCredentialVerifier.js","sourceRoot":"","sources":["../../../src/verifiers/jwtVerifiableCredentialVerifier.ts"],"names":[],"mappings":"AAAA,gCAAgC;AAChC,uCAAuC;AACvC,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,gBAAgB,EAAE,YAAY,EAAE,EAAE,EAAe,MAAM,gBAAgB,CAAC;AACpG,OAAO,EAAE,YAAY,EAAE,MAAM,wBAAwB,CAAC;AAKtD,OAAO,EAAE,GAAG,EAAE,MAAM,eAAe,CAAC;AAGpC;;GAEG;AACH,MAAM,OAAO,+BAA+B;IAC3C;;OAEG;IACI,MAAM,CAAU,UAAU,qCAAqD;IAEtF;;;OAGG;IACc,iBAAiB,CAAqB;IAEvD;;;OAGG;IACc,kBAAkB,CAAqB;IAExD;;;OAGG;IACH,YAAY,OAA4D;QACvE,IAAI,CAAC,iBAAiB,GAAG,gBAAgB,CAAC,WAAW,CACpD,OAAO,EAAE,oBAAoB,IAAI,SAAS,CAC1C,CAAC;QAEF,IAAI,CAAC,kBAAkB,GAAG,gBAAgB,CAAC,GAAG,CAAC,OAAO,EAAE,qBAAqB,IAAI,UAAU,CAAC,CAAC;IAC9F,CAAC;IAED;;;OAGG;IACI,SAAS;QACf,OAAO,+BAA+B,CAAC,UAAU,CAAC;IACnD,CAAC;IAED;;;;;;;OAOG;IACI,KAAK,CAAC,MAAM,CAClB,OAAgB,EAChB,IAA4B,EAC5B,MAAgB;QAEhB,IAAI,EAAE,CAAC,WAAW,CAAC,OAAO,CAAC,EAAE,CAAC;YAC7B,MAAM,GAAG,GAAG,MAAM,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YAEtC,IAAI,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,EAAE,CAAC;gBAC1F,IAAI,UAAU,GAAG,IAAI,CAAC;gBACtB,IAAI,CAAC;oBACJ,MAAM,SAAS,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC;oBAC/D,IAAI,SAAS,GAAG,CAAC,IAAI,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;wBAC7C,MAAM,CAAC,IAAI,CACV,IAAI,YAAY,CAAC,+BAA+B,CAAC,UAAU,EAAE,cAAc,CAAC,CAC5E,CAAC;wBACF,UAAU,GAAG,KAAK,CAAC;oBACpB,CAAC;oBAED,MAAM,kBAAkB,GACvB,MAAM,IAAI,CAAC,kBAAkB,CAAC,0BAA0B,CAAC,OAAO,CAAC,CAAC;oBAEnE,MAAM,oBAAoB,GAAG,kBAAkB,CAAC,oBAAoB,CAAC;oBACrE,IAAI,EAAE,CAAC,KAAK,CAAC,oBAAoB,CAAC,EAAE,CAAC;wBACpC,MAAM,CAAC,IAAI,CACV,IAAI,YAAY,CAAC,+BAA+B,CAAC,UAAU,EAAE,wBAAwB,CAAC,CACtF,CAAC;wBACF,UAAU,GAAG,KAAK,CAAC;oBACpB,CAAC;yBAAM,CAAC;wBACP,IAAI,CAAC,IAAI,KAAK,EAAE,CAAC;wBACjB,IAAI,CAAC,IAAI,CAAC,oBAAoB,GAAG,YAAY,CAAC,YAAY,CAAC,oBAAoB,CAAC,CAAC;oBAClF,CAAC;oBAED,MAAM,MAAM,GAAuB,EAAE,CAAC,WAAW,CAAC,oBAAoB,EAAE,MAAM,CAAC;wBAC9E,CAAC,CAAC,oBAAoB,EAAE,MAAM;wBAC9B,CAAC,CAAC,SAAS,CAAC;oBACb,IAAI,EAAE,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC;wBACtB,MAAM,CAAC,IAAI,CACV,IAAI,YAAY,CAAC,+BAA+B,CAAC,UAAU,EAAE,oBAAoB,CAAC,CAClF,CAAC;wBACF,UAAU,GAAG,KAAK,CAAC;oBACpB,CAAC;yBAAM,CAAC;wBACP,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC;oBACxB,CAAC;oBAED,MAAM,OAAO,GAAG,oBAAoB,EAAE,iBAAiB,CAAC;oBACxD,IAAI,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;wBACvB,MAAM,CAAC,IAAI,CACV,IAAI,YAAY,CAAC,+BAA+B,CAAC,UAAU,EAAE,qBAAqB,CAAC,CACnF,CAAC;wBACF,UAAU,GAAG,KAAK,CAAC;oBACpB,CAAC;yBAAM,CAAC;wBACP,IAAI,CAAC,IAAI,KAAK,EAAE,CAAC;wBACjB,IAAI,CAAC,IAAI,CAAC,OAAO,GAAG,YAAY,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;oBACxD,CAAC;gBACF,CAAC;gBAAC,OAAO,GAAG,EAAE,CAAC;oBACd,UAAU,GAAG,KAAK,CAAC;oBACnB,MAAM,CAAC,IAAI,CACV,IAAI,YAAY,CACf,+BAA+B,CAAC,UAAU,EAC1C,qBAAqB,EACrB,SAAS,EACT,SAAS,CAAC,SAAS,CAAC,GAAG,CAAC,CACxB,CACD,CAAC;gBACH,CAAC;gBAED,OAAO,UAAU,CAAC;YACnB,CAAC;QACF,CAAC;IACF,CAAC","sourcesContent":["// Copyright 2025 IOTA Stiftung.\n// SPDX-License-Identifier: Apache-2.0.\nimport { BaseError, Coerce, ComponentFactory, GeneralError, Is, type IError } from \"@twin.org/core\";\nimport { JsonLdHelper } from \"@twin.org/data-json-ld\";\nimport type { IIdentityComponent } from \"@twin.org/identity-models\";\nimport type { ILoggingComponent } from \"@twin.org/logging-models\";\nimport { nameof } from \"@twin.org/nameof\";\nimport type { ITrustVerificationInfo, ITrustVerifier } from \"@twin.org/trust-models\";\nimport { Jwt } from \"@twin.org/web\";\nimport type { IJwtVerifiableCredentialVerifierConstructorOptions } from \"../models/IJwtVerifiableCredentialVerifierConstructorOptions.js\";\n\n/**\n * Class to verify a JWT Verifiable Credential.\n */\nexport class JwtVerifiableCredentialVerifier implements ITrustVerifier {\n\t/**\n\t * Runtime name for the class.\n\t */\n\tpublic static readonly CLASS_NAME: string = nameof<JwtVerifiableCredentialVerifier>();\n\n\t/**\n\t * The logging component.\n\t * @internal\n\t */\n\tprivate readonly _loggingComponent?: ILoggingComponent;\n\n\t/**\n\t * The identity component.\n\t * @internal\n\t */\n\tprivate readonly _identityComponent: IIdentityComponent;\n\n\t/**\n\t * Create a new instance of JwtVerifiableCredentialVerifier.\n\t * @param options The options for the service.\n\t */\n\tconstructor(options?: IJwtVerifiableCredentialVerifierConstructorOptions) {\n\t\tthis._loggingComponent = ComponentFactory.getIfExists(\n\t\t\toptions?.loggingComponentType ?? \"logging\"\n\t\t);\n\n\t\tthis._identityComponent = ComponentFactory.get(options?.identityComponentType ?? \"identity\");\n\t}\n\n\t/**\n\t * Returns the class name of the component.\n\t * @returns The class name of the component.\n\t */\n\tpublic className(): string {\n\t\treturn JwtVerifiableCredentialVerifier.CLASS_NAME;\n\t}\n\n\t/**\n\t * Verify a payload by checking the validity of its structure and content.\n\t * @param payload The payload to verify.\n\t * @param info Information extracted from previous verifiers and to be added by this verifier.\n\t * @param info.identity The identity associated with the payload.\n\t * @param errors Array to collect verification errors.\n\t * @returns Whether the payload is verified, returns undefined if payload was not processed.\n\t */\n\tpublic async verify(\n\t\tpayload: unknown,\n\t\tinfo: ITrustVerificationInfo,\n\t\terrors: IError[]\n\t): Promise<boolean | undefined> {\n\t\tif (Is.stringValue(payload)) {\n\t\t\tconst jwt = await Jwt.decode(payload);\n\n\t\t\tif (Is.objectValue(jwt.header) && Is.object(jwt.payload) && Is.uint8Array(jwt.signature)) {\n\t\t\t\tlet isVerified = true;\n\t\t\t\ttry {\n\t\t\t\t\tconst expiredMs = (Coerce.number(jwt.payload.exp) ?? 0) * 1000;\n\t\t\t\t\tif (expiredMs > 0 && expiredMs < Date.now()) {\n\t\t\t\t\t\terrors.push(\n\t\t\t\t\t\t\tnew GeneralError(JwtVerifiableCredentialVerifier.CLASS_NAME, \"tokenExpired\")\n\t\t\t\t\t\t);\n\t\t\t\t\t\tisVerified = false;\n\t\t\t\t\t}\n\n\t\t\t\t\tconst verificationResult =\n\t\t\t\t\t\tawait this._identityComponent.verifiableCredentialVerify(payload);\n\n\t\t\t\t\tconst verifiableCredential = verificationResult.verifiableCredential;\n\t\t\t\t\tif (Is.empty(verifiableCredential)) {\n\t\t\t\t\t\terrors.push(\n\t\t\t\t\t\t\tnew GeneralError(JwtVerifiableCredentialVerifier.CLASS_NAME, \"tokenMissingCredential\")\n\t\t\t\t\t\t);\n\t\t\t\t\t\tisVerified = false;\n\t\t\t\t\t} else {\n\t\t\t\t\t\tinfo.data ??= {};\n\t\t\t\t\t\tinfo.data.verifiableCredential = JsonLdHelper.toNodeObject(verifiableCredential);\n\t\t\t\t\t}\n\n\t\t\t\t\tconst issuer: string | undefined = Is.stringValue(verifiableCredential?.issuer)\n\t\t\t\t\t\t? verifiableCredential?.issuer\n\t\t\t\t\t\t: undefined;\n\t\t\t\t\tif (Is.empty(issuer)) {\n\t\t\t\t\t\terrors.push(\n\t\t\t\t\t\t\tnew GeneralError(JwtVerifiableCredentialVerifier.CLASS_NAME, \"tokenMissingIssuer\")\n\t\t\t\t\t\t);\n\t\t\t\t\t\tisVerified = false;\n\t\t\t\t\t} else {\n\t\t\t\t\t\tinfo.identity = issuer;\n\t\t\t\t\t}\n\n\t\t\t\t\tconst subject = verifiableCredential?.credentialSubject;\n\t\t\t\t\tif (Is.empty(subject)) {\n\t\t\t\t\t\terrors.push(\n\t\t\t\t\t\t\tnew GeneralError(JwtVerifiableCredentialVerifier.CLASS_NAME, \"tokenMissingSubject\")\n\t\t\t\t\t\t);\n\t\t\t\t\t\tisVerified = false;\n\t\t\t\t\t} else {\n\t\t\t\t\t\tinfo.data ??= {};\n\t\t\t\t\t\tinfo.data.subject = JsonLdHelper.toNodeObject(subject);\n\t\t\t\t\t}\n\t\t\t\t} catch (err) {\n\t\t\t\t\tisVerified = false;\n\t\t\t\t\terrors.push(\n\t\t\t\t\t\tnew GeneralError(\n\t\t\t\t\t\t\tJwtVerifiableCredentialVerifier.CLASS_NAME,\n\t\t\t\t\t\t\t\"tokenDecodingFailed\",\n\t\t\t\t\t\t\tundefined,\n\t\t\t\t\t\t\tBaseError.fromError(err)\n\t\t\t\t\t\t)\n\t\t\t\t\t);\n\t\t\t\t}\n\n\t\t\t\treturn isVerified;\n\t\t\t}\n\t\t}\n\t}\n}\n"]}
+{"version":3,"file":"jwtVerifiableCredentialVerifier.js","sourceRoot":"","sources":["../../../src/verifiers/jwtVerifiableCredentialVerifier.ts"],"names":[],"mappings":"AAAA,gCAAgC;AAChC,uCAAuC;AACvC,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,gBAAgB,EAAE,YAAY,EAAE,EAAE,EAAe,MAAM,gBAAgB,CAAC;AACpG,OAAO,EAAE,YAAY,EAAE,MAAM,wBAAwB,CAAC;AAKtD,OAAO,EAAE,GAAG,EAAE,MAAM,eAAe,CAAC;AAGpC;;GAEG;AACH,MAAM,OAAO,+BAA+B;IAC3C;;OAEG;IACI,MAAM,CAAU,UAAU,qCAAqD;IAEtF;;;OAGG;IACH,8EAA8E;IAC7D,iBAAiB,CAAqB;IAEvD;;;OAGG;IACc,kBAAkB,CAAqB;IAExD;;;OAGG;IACH,YAAY,OAA4D;QACvE,IAAI,CAAC,iBAAiB,GAAG,gBAAgB,CAAC,WAAW,CACpD,OAAO,EAAE,oBAAoB,IAAI,SAAS,CAC1C,CAAC;QAEF,IAAI,CAAC,kBAAkB,GAAG,gBAAgB,CAAC,GAAG,CAAC,OAAO,EAAE,qBAAqB,IAAI,UAAU,CAAC,CAAC;IAC9F,CAAC;IAED;;;OAGG;IACI,SAAS;QACf,OAAO,+BAA+B,CAAC,UAAU,CAAC;IACnD,CAAC;IAED;;;;;;;OAOG;IACI,KAAK,CAAC,MAAM,CAClB,OAAgB,EAChB,IAA4B,EAC5B,MAAgB;QAEhB,IAAI,EAAE,CAAC,WAAW,CAAC,OAAO,CAAC,EAAE,CAAC;YAC7B,MAAM,GAAG,GAAG,MAAM,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YAEtC,IAAI,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,EAAE,CAAC;gBAC1F,IAAI,UAAU,GAAG,IAAI,CAAC;gBACtB,IAAI,CAAC;oBACJ,MAAM,SAAS,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC;oBAC/D,IAAI,SAAS,GAAG,CAAC,IAAI,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;wBAC7C,MAAM,CAAC,IAAI,CACV,IAAI,YAAY,CAAC,+BAA+B,CAAC,UAAU,EAAE,cAAc,CAAC,CAC5E,CAAC;wBACF,UAAU,GAAG,KAAK,CAAC;oBACpB,CAAC;oBAED,MAAM,kBAAkB,GACvB,MAAM,IAAI,CAAC,kBAAkB,CAAC,0BAA0B,CAAC,OAAO,CAAC,CAAC;oBAEnE,MAAM,oBAAoB,GAAG,kBAAkB,CAAC,oBAAoB,CAAC;oBACrE,IAAI,EAAE,CAAC,KAAK,CAAC,oBAAoB,CAAC,EAAE,CAAC;wBACpC,MAAM,CAAC,IAAI,CACV,IAAI,YAAY,CAAC,+BAA+B,CAAC,UAAU,EAAE,wBAAwB,CAAC,CACtF,CAAC;wBACF,UAAU,GAAG,KAAK,CAAC;oBACpB,CAAC;yBAAM,CAAC;wBACP,IAAI,CAAC,IAAI,KAAK,EAAE,CAAC;wBACjB,IAAI,CAAC,IAAI,CAAC,oBAAoB,GAAG,YAAY,CAAC,YAAY,CAAC,oBAAoB,CAAC,CAAC;oBAClF,CAAC;oBAED,MAAM,MAAM,GAAuB,EAAE,CAAC,WAAW,CAAC,oBAAoB,EAAE,MAAM,CAAC;wBAC9E,CAAC,CAAC,oBAAoB,EAAE,MAAM;wBAC9B,CAAC,CAAC,SAAS,CAAC;oBACb,IAAI,EAAE,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC;wBACtB,MAAM,CAAC,IAAI,CACV,IAAI,YAAY,CAAC,+BAA+B,CAAC,UAAU,EAAE,oBAAoB,CAAC,CAClF,CAAC;wBACF,UAAU,GAAG,KAAK,CAAC;oBACpB,CAAC;yBAAM,CAAC;wBACP,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC;oBACxB,CAAC;oBAED,MAAM,OAAO,GAAG,oBAAoB,EAAE,iBAAiB,CAAC;oBACxD,IAAI,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;wBACvB,MAAM,CAAC,IAAI,CACV,IAAI,YAAY,CAAC,+BAA+B,CAAC,UAAU,EAAE,qBAAqB,CAAC,CACnF,CAAC;wBACF,UAAU,GAAG,KAAK,CAAC;oBACpB,CAAC;yBAAM,CAAC;wBACP,IAAI,CAAC,IAAI,KAAK,EAAE,CAAC;wBACjB,IAAI,CAAC,IAAI,CAAC,OAAO,GAAG,YAAY,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;oBACxD,CAAC;gBACF,CAAC;gBAAC,OAAO,GAAG,EAAE,CAAC;oBACd,UAAU,GAAG,KAAK,CAAC;oBACnB,MAAM,CAAC,IAAI,CACV,IAAI,YAAY,CACf,+BAA+B,CAAC,UAAU,EAC1C,qBAAqB,EACrB,SAAS,EACT,SAAS,CAAC,SAAS,CAAC,GAAG,CAAC,CACxB,CACD,CAAC;gBACH,CAAC;gBAED,OAAO,UAAU,CAAC;YACnB,CAAC;QACF,CAAC;IACF,CAAC","sourcesContent":["// Copyright 2025 IOTA Stiftung.\n// SPDX-License-Identifier: Apache-2.0.\nimport { BaseError, Coerce, ComponentFactory, GeneralError, Is, type IError } from \"@twin.org/core\";\nimport { JsonLdHelper } from \"@twin.org/data-json-ld\";\nimport type { IIdentityComponent } from \"@twin.org/identity-models\";\nimport type { ILoggingComponent } from \"@twin.org/logging-models\";\nimport { nameof } from \"@twin.org/nameof\";\nimport type { ITrustVerificationInfo, ITrustVerifier } from \"@twin.org/trust-models\";\nimport { Jwt } from \"@twin.org/web\";\nimport type { IJwtVerifiableCredentialVerifierConstructorOptions } from \"../models/IJwtVerifiableCredentialVerifierConstructorOptions.js\";\n\n/**\n * Class to verify a JWT Verifiable Credential.\n */\nexport class JwtVerifiableCredentialVerifier implements ITrustVerifier {\n\t/**\n\t * Runtime name for the class.\n\t */\n\tpublic static readonly CLASS_NAME: string = nameof<JwtVerifiableCredentialVerifier>();\n\n\t/**\n\t * The logging component.\n\t * @internal\n\t */\n\t// eslint-disable-next-line @typescript-eslint/no-unused-private-class-members\n\tprivate readonly _loggingComponent?: ILoggingComponent;\n\n\t/**\n\t * The identity component.\n\t * @internal\n\t */\n\tprivate readonly _identityComponent: IIdentityComponent;\n\n\t/**\n\t * Create a new instance of JwtVerifiableCredentialVerifier.\n\t * @param options The options for the service.\n\t */\n\tconstructor(options?: IJwtVerifiableCredentialVerifierConstructorOptions) {\n\t\tthis._loggingComponent = ComponentFactory.getIfExists(\n\t\t\toptions?.loggingComponentType ?? \"logging\"\n\t\t);\n\n\t\tthis._identityComponent = ComponentFactory.get(options?.identityComponentType ?? \"identity\");\n\t}\n\n\t/**\n\t * Returns the class name of the component.\n\t * @returns The class name of the component.\n\t */\n\tpublic className(): string {\n\t\treturn JwtVerifiableCredentialVerifier.CLASS_NAME;\n\t}\n\n\t/**\n\t * Verify a payload by checking the validity of its structure and content.\n\t * @param payload The payload to verify.\n\t * @param info Information extracted from previous verifiers and to be added by this verifier.\n\t * @param info.identity The identity associated with the payload.\n\t * @param errors Array to collect verification errors.\n\t * @returns Whether the payload is verified, returns undefined if payload was not processed.\n\t */\n\tpublic async verify(\n\t\tpayload: unknown,\n\t\tinfo: ITrustVerificationInfo,\n\t\terrors: IError[]\n\t): Promise<boolean | undefined> {\n\t\tif (Is.stringValue(payload)) {\n\t\t\tconst jwt = await Jwt.decode(payload);\n\n\t\t\tif (Is.objectValue(jwt.header) && Is.object(jwt.payload) && Is.uint8Array(jwt.signature)) {\n\t\t\t\tlet isVerified = true;\n\t\t\t\ttry {\n\t\t\t\t\tconst expiredMs = (Coerce.number(jwt.payload.exp) ?? 0) * 1000;\n\t\t\t\t\tif (expiredMs > 0 && expiredMs < Date.now()) {\n\t\t\t\t\t\terrors.push(\n\t\t\t\t\t\t\tnew GeneralError(JwtVerifiableCredentialVerifier.CLASS_NAME, \"tokenExpired\")\n\t\t\t\t\t\t);\n\t\t\t\t\t\tisVerified = false;\n\t\t\t\t\t}\n\n\t\t\t\t\tconst verificationResult =\n\t\t\t\t\t\tawait this._identityComponent.verifiableCredentialVerify(payload);\n\n\t\t\t\t\tconst verifiableCredential = verificationResult.verifiableCredential;\n\t\t\t\t\tif (Is.empty(verifiableCredential)) {\n\t\t\t\t\t\terrors.push(\n\t\t\t\t\t\t\tnew GeneralError(JwtVerifiableCredentialVerifier.CLASS_NAME, \"tokenMissingCredential\")\n\t\t\t\t\t\t);\n\t\t\t\t\t\tisVerified = false;\n\t\t\t\t\t} else {\n\t\t\t\t\t\tinfo.data ??= {};\n\t\t\t\t\t\tinfo.data.verifiableCredential = JsonLdHelper.toNodeObject(verifiableCredential);\n\t\t\t\t\t}\n\n\t\t\t\t\tconst issuer: string | undefined = Is.stringValue(verifiableCredential?.issuer)\n\t\t\t\t\t\t? verifiableCredential?.issuer\n\t\t\t\t\t\t: undefined;\n\t\t\t\t\tif (Is.empty(issuer)) {\n\t\t\t\t\t\terrors.push(\n\t\t\t\t\t\t\tnew GeneralError(JwtVerifiableCredentialVerifier.CLASS_NAME, \"tokenMissingIssuer\")\n\t\t\t\t\t\t);\n\t\t\t\t\t\tisVerified = false;\n\t\t\t\t\t} else {\n\t\t\t\t\t\tinfo.identity = issuer;\n\t\t\t\t\t}\n\n\t\t\t\t\tconst subject = verifiableCredential?.credentialSubject;\n\t\t\t\t\tif (Is.empty(subject)) {\n\t\t\t\t\t\terrors.push(\n\t\t\t\t\t\t\tnew GeneralError(JwtVerifiableCredentialVerifier.CLASS_NAME, \"tokenMissingSubject\")\n\t\t\t\t\t\t);\n\t\t\t\t\t\tisVerified = false;\n\t\t\t\t\t} else {\n\t\t\t\t\t\tinfo.data ??= {};\n\t\t\t\t\t\tinfo.data.subject = JsonLdHelper.toNodeObject(subject);\n\t\t\t\t\t}\n\t\t\t\t} catch (err) {\n\t\t\t\t\tisVerified = false;\n\t\t\t\t\terrors.push(\n\t\t\t\t\t\tnew GeneralError(\n\t\t\t\t\t\t\tJwtVerifiableCredentialVerifier.CLASS_NAME,\n\t\t\t\t\t\t\t\"tokenDecodingFailed\",\n\t\t\t\t\t\t\tundefined,\n\t\t\t\t\t\t\tBaseError.fromError(err)\n\t\t\t\t\t\t)\n\t\t\t\t\t);\n\t\t\t\t}\n\n\t\t\t\treturn isVerified;\n\t\t\t}\n\t\t}\n\t}\n}\n"]}

package/docs/changelog.md

@@ -1,6 +1,34 @@
 # Changelog
 
-## [0.0.3-next.11](https://github.com/twinfoundation/trust/compare/trust-verifiers-v0.0.3-next.10...trust-verifiers-v0.0.3-next.11) (2026-03-04)
+## [0.0.3-next.13](https://github.com/iotaledger/twin-trust/compare/trust-verifiers-v0.0.3-next.12...trust-verifiers-v0.0.3-next.13) (2026-05-20)
+
+
+### Features
+
+* update dependencies ([367d7fc](https://github.com/iotaledger/twin-trust/commit/367d7fc1f970522650c776d231bfacc84f97be67))
+
+
+### Dependencies
+
+* The following workspace dependencies were updated
+  * dependencies
+    * @twin.org/trust-models bumped from 0.0.3-next.12 to 0.0.3-next.13
+
+## [0.0.3-next.12](https://github.com/iotaledger/twin-trust/compare/trust-verifiers-v0.0.3-next.11...trust-verifiers-v0.0.3-next.12) (2026-05-11)
+
+
+### Features
+
+* typescript 6 update ([a232da2](https://github.com/iotaledger/twin-trust/commit/a232da293afbd3b42843e187e4952dabd7917397))
+
+
+### Dependencies
+
+* The following workspace dependencies were updated
+  * dependencies
+    * @twin.org/trust-models bumped from 0.0.3-next.11 to 0.0.3-next.12
+
+## [0.0.3-next.11](https://github.com/iotaledger/twin-trust/compare/trust-verifiers-v0.0.3-next.10...trust-verifiers-v0.0.3-next.11) (2026-03-04)
 
 
 ### Miscellaneous Chores
@@ -14,7 +42,7 @@
   * dependencies
     * @twin.org/trust-models bumped from 0.0.3-next.10 to 0.0.3-next.11
 
-## [0.0.3-next.10](https://github.com/twinfoundation/trust/compare/trust-verifiers-v0.0.3-next.9...trust-verifiers-v0.0.3-next.10) (2026-02-27)
+## [0.0.3-next.10](https://github.com/iotaledger/twin-trust/compare/trust-verifiers-v0.0.3-next.9...trust-verifiers-v0.0.3-next.10) (2026-02-27)
 
 
 ### Miscellaneous Chores
@@ -28,7 +56,7 @@
   * dependencies
     * @twin.org/trust-models bumped from 0.0.3-next.9 to 0.0.3-next.10
 
-## [0.0.3-next.9](https://github.com/twinfoundation/trust/compare/trust-verifiers-v0.0.3-next.8...trust-verifiers-v0.0.3-next.9) (2026-02-26)
+## [0.0.3-next.9](https://github.com/iotaledger/twin-trust/compare/trust-verifiers-v0.0.3-next.8...trust-verifiers-v0.0.3-next.9) (2026-02-26)
 
 
 ### Miscellaneous Chores
@@ -42,12 +70,12 @@
   * dependencies
     * @twin.org/trust-models bumped from 0.0.3-next.8 to 0.0.3-next.9
 
-## [0.0.3-next.8](https://github.com/twinfoundation/trust/compare/trust-verifiers-v0.0.3-next.7...trust-verifiers-v0.0.3-next.8) (2026-01-30)
+## [0.0.3-next.8](https://github.com/iotaledger/twin-trust/compare/trust-verifiers-v0.0.3-next.7...trust-verifiers-v0.0.3-next.8) (2026-01-30)
 
 
 ### Features
 
-* verification info structure ([#10](https://github.com/twinfoundation/trust/issues/10)) ([8b09ec8](https://github.com/twinfoundation/trust/commit/8b09ec8128214b659f427fc3a985eb8ced9ed5dc))
+* verification info structure ([#10](https://github.com/iotaledger/twin-trust/issues/10)) ([8b09ec8](https://github.com/iotaledger/twin-trust/commit/8b09ec8128214b659f427fc3a985eb8ced9ed5dc))
 
 
 ### Dependencies
@@ -56,7 +84,7 @@
   * dependencies
     * @twin.org/trust-models bumped from 0.0.3-next.7 to 0.0.3-next.8
 
-## [0.0.3-next.7](https://github.com/twinfoundation/trust/compare/trust-verifiers-v0.0.3-next.6...trust-verifiers-v0.0.3-next.7) (2025-12-04)
+## [0.0.3-next.7](https://github.com/iotaledger/twin-trust/compare/trust-verifiers-v0.0.3-next.6...trust-verifiers-v0.0.3-next.7) (2025-12-04)
 
 
 ### Miscellaneous Chores
@@ -70,12 +98,12 @@
   * dependencies
     * @twin.org/trust-models bumped from 0.0.3-next.6 to 0.0.3-next.7
 
-## [0.0.3-next.6](https://github.com/twinfoundation/trust/compare/trust-verifiers-v0.0.3-next.5...trust-verifiers-v0.0.3-next.6) (2025-12-04)
+## [0.0.3-next.6](https://github.com/iotaledger/twin-trust/compare/trust-verifiers-v0.0.3-next.5...trust-verifiers-v0.0.3-next.6) (2025-12-04)
 
 
 ### Features
 
-* always include identity in verification info ([9594d19](https://github.com/twinfoundation/trust/commit/9594d19e9d718bd42b82964750ae3bcfb7df51bf))
+* always include identity in verification info ([9594d19](https://github.com/iotaledger/twin-trust/commit/9594d19e9d718bd42b82964750ae3bcfb7df51bf))
 
 
 ### Dependencies
@@ -84,7 +112,7 @@
   * dependencies
     * @twin.org/trust-models bumped from 0.0.3-next.5 to 0.0.3-next.6
 
-## [0.0.3-next.5](https://github.com/twinfoundation/trust/compare/trust-verifiers-v0.0.3-next.4...trust-verifiers-v0.0.3-next.5) (2025-12-04)
+## [0.0.3-next.5](https://github.com/iotaledger/twin-trust/compare/trust-verifiers-v0.0.3-next.4...trust-verifiers-v0.0.3-next.5) (2025-12-04)
 
 
 ### Miscellaneous Chores
@@ -98,12 +126,12 @@
   * dependencies
     * @twin.org/trust-models bumped from 0.0.3-next.4 to 0.0.3-next.5
 
-## [0.0.3-next.4](https://github.com/twinfoundation/trust/compare/trust-verifiers-v0.0.3-next.3...trust-verifiers-v0.0.3-next.4) (2025-12-04)
+## [0.0.3-next.4](https://github.com/iotaledger/twin-trust/compare/trust-verifiers-v0.0.3-next.3...trust-verifiers-v0.0.3-next.4) (2025-12-04)
 
 
 ### Features
 
-* add generators ([6228c88](https://github.com/twinfoundation/trust/commit/6228c88a8f0244b7bdfc76b8624c427c81d23f7b))
+* add generators ([6228c88](https://github.com/iotaledger/twin-trust/commit/6228c88a8f0244b7bdfc76b8624c427c81d23f7b))
 
 
 ### Dependencies
@@ -112,12 +140,12 @@
   * dependencies
     * @twin.org/trust-models bumped from 0.0.3-next.3 to 0.0.3-next.4
 
-## [0.0.3-next.3](https://github.com/twinfoundation/trust/compare/trust-verifiers-v0.0.3-next.2...trust-verifiers-v0.0.3-next.3) (2025-12-04)
+## [0.0.3-next.3](https://github.com/iotaledger/twin-trust/compare/trust-verifiers-v0.0.3-next.2...trust-verifiers-v0.0.3-next.3) (2025-12-04)
 
 
 ### Features
 
-* flatten error structure ([5fdd665](https://github.com/twinfoundation/trust/commit/5fdd665d0fc523a655563a0c20d1d82b634534e2))
+* flatten error structure ([5fdd665](https://github.com/iotaledger/twin-trust/commit/5fdd665d0fc523a655563a0c20d1d82b634534e2))
 
 
 ### Dependencies
@@ -126,12 +154,12 @@
   * dependencies
     * @twin.org/trust-models bumped from 0.0.3-next.2 to 0.0.3-next.3
 
-## [0.0.3-next.2](https://github.com/twinfoundation/trust/compare/trust-verifiers-v0.0.3-next.1...trust-verifiers-v0.0.3-next.2) (2025-12-03)
+## [0.0.3-next.2](https://github.com/iotaledger/twin-trust/compare/trust-verifiers-v0.0.3-next.1...trust-verifiers-v0.0.3-next.2) (2025-12-03)
 
 
 ### Features
 
-* support pass through of info between verifiers ([1ce64b9](https://github.com/twinfoundation/trust/commit/1ce64b97a949278b447cc12b576ce5de537f30f3))
+* support pass through of info between verifiers ([1ce64b9](https://github.com/iotaledger/twin-trust/commit/1ce64b97a949278b447cc12b576ce5de537f30f3))
 
 
 ### Dependencies
@@ -140,12 +168,12 @@
   * dependencies
     * @twin.org/trust-models bumped from 0.0.3-next.1 to 0.0.3-next.2
 
-## [0.0.3-next.1](https://github.com/twinfoundation/trust/compare/trust-verifiers-v0.0.3-next.0...trust-verifiers-v0.0.3-next.1) (2025-12-02)
+## [0.0.3-next.1](https://github.com/iotaledger/twin-trust/compare/trust-verifiers-v0.0.3-next.0...trust-verifiers-v0.0.3-next.1) (2025-12-02)
 
 
 ### Features
 
-* initial commit ([d378ef4](https://github.com/twinfoundation/trust/commit/d378ef4cd66c98fa188aaf3b23152d1e47d88a37))
+* initial commit ([d378ef4](https://github.com/iotaledger/twin-trust/commit/d378ef4cd66c98fa188aaf3b23152d1e47d88a37))
 
 
 ### Dependencies
@@ -154,4 +182,4 @@
   * dependencies
     * @twin.org/trust-models bumped from 0.0.3-next.0 to 0.0.3-next.1
 
-## @twin.org/trust-verifiers - Changelog
+## Changelog

package/docs/examples.md

@@ -1 +1,44 @@
-# @twin.org/trust-verifiers - Examples
+# Trust Verifiers Examples
+
+These snippets demonstrate how to initialise a JWT verifier and evaluate a token while collecting identity and subject details.
+
+## JwtVerifiableCredentialVerifier
+
+```typescript
+import { ComponentFactory, type IError } from '@twin.org/core';
+import type { IIdentityComponent } from '@twin.org/identity-models';
+import type { ITrustVerificationInfo } from '@twin.org/trust-models';
+import { JwtVerifiableCredentialVerifier } from '@twin.org/trust-verifiers';
+
+const identityComponent: IIdentityComponent = {
+  verifiableCredentialVerify: async () => ({
+    verifiableCredential: {
+      issuer: 'did:example:issuer',
+      credentialSubject: {
+        id: 'did:example:subject',
+        role: 'supplier'
+      }
+    }
+  })
+} as IIdentityComponent;
+
+ComponentFactory.register('identity', () => identityComponent);
+
+const verifier = new JwtVerifiableCredentialVerifier({
+  identityComponentType: 'identity'
+});
+
+console.log(verifier.className()); // JwtVerifiableCredentialVerifier
+
+const info: ITrustVerificationInfo = { identity: '' };
+const errors: IError[] = [];
+const verified = await verifier.verify(
+  'eyJhbGciOiJFZERTQSJ9.eyJleHAiOjQwMDAwMDAwMDB9.signature',
+  info,
+  errors
+);
+
+console.log(verified); // true
+console.log(info.identity); // did:example:issuer
+console.log(info.data?.subject); // { id: "did:example:subject", role: "supplier" }
+```

package/docs/reference/classes/JwtVerifiableCredentialVerifier.md

@@ -28,7 +28,7 @@ The options for the service.
 
 ## Properties
 
-### CLASS\_NAME
+### CLASS\_NAME {#class_name}
 
 > `readonly` `static` **CLASS\_NAME**: `string`
 
@@ -36,7 +36,7 @@ Runtime name for the class.
 
 ## Methods
 
-### className()
+### className() {#classname}
 
 > **className**(): `string`
 
@@ -54,7 +54,7 @@ The class name of the component.
 
 ***
 
-### verify()
+### verify() {#verify}
 
 > **verify**(`payload`, `info`, `errors`): `Promise`\<`boolean` \| `undefined`\>
 

package/docs/reference/interfaces/IJwtVerifiableCredentialVerifierConstructorOptions.md

@@ -4,9 +4,9 @@ The options for the JWT Verifiable Credential Verifier.
 
 ## Properties
 
-### loggingComponentType?
+### loggingComponentType? {#loggingcomponenttype}
 
-> `optional` **loggingComponentType**: `string`
+> `optional` **loggingComponentType?**: `string`
 
 The logging component type.
 
@@ -18,9 +18,9 @@ logging
 
 ***
 
-### identityComponentType?
+### identityComponentType? {#identitycomponenttype}
 
-> `optional` **identityComponentType**: `string`
+> `optional` **identityComponentType?**: `string`
 
 The identity component type.
 

package/package.json

@@ -1,10 +1,10 @@
 {
 	"name": "@twin.org/trust-verifiers",
-	"version": "0.0.3-next.11",
-	"description": "Verifiers for trust",
+	"version": "0.0.3-next.13",
+	"description": "Implements trust verifiers that validate credentials and proofs against trust model requirements",
 	"repository": {
 		"type": "git",
-		"url": "git+https://github.com/twinfoundation/trust.git",
+		"url": "git+https://github.com/iotaledger/trust.git",
 		"directory": "packages/trust-verifiers"
 	},
 	"author": "martyn.janes@iota.org",
@@ -19,7 +19,7 @@
 		"@twin.org/identity-models": "next",
 		"@twin.org/logging-models": "next",
 		"@twin.org/nameof": "next",
-		"@twin.org/trust-models": "0.0.3-next.11",
+		"@twin.org/trust-models": "0.0.3-next.13",
 		"@twin.org/web": "next"
 	},
 	"main": "./dist/es/index.js",
@@ -50,7 +50,7 @@
 		"schemas"
 	],
 	"bugs": {
-		"url": "git+https://github.com/twinfoundation/trust/issues"
+		"url": "git+https://github.com/iotaledger/trust/issues"
 	},
 	"homepage": "https://twindev.org"
 }