@twin.org/trust-verifiers 0.0.3-next.20 → 0.0.3-next.24

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. package/dist/es/verifiers/identityAllowDenyVerifier.js +4 -4
  2. package/dist/es/verifiers/identityAllowDenyVerifier.js.map +1 -1
  3. package/dist/es/verifiers/jwtVerifiableCredentialVerifier.js +3 -13
  4. package/dist/es/verifiers/jwtVerifiableCredentialVerifier.js.map +1 -1
  5. package/dist/types/verifiers/identityAllowDenyVerifier.d.ts +2 -2
  6. package/dist/types/verifiers/jwtVerifiableCredentialVerifier.d.ts +3 -3
  7. package/docs/changelog.md +53 -0
  8. package/docs/reference/classes/IdentityAllowDenyVerifier.md +2 -2
  9. package/docs/reference/classes/JwtVerifiableCredentialVerifier.md +3 -3
  10. package/package.json +2 -2
package/dist/es/verifiers/identityAllowDenyVerifier.js CHANGED
@@ -20,7 +20,7 @@ export class IdentityAllowDenyVerifier {
20
20
  */
21
21
  _denyIdentities;
22
22
  /**
23
- * Create a new instance of IdentityAllowDenyVerifier.
23
+ * Creates a new instance of IdentityAllowDenyVerifier.
24
24
  * @param options The options for the verifier.
25
25
  */
26
26
  constructor(options) {
@@ -29,7 +29,7 @@ export class IdentityAllowDenyVerifier {
29
29
  }
30
30
  /**
31
31
  * Returns the class name of the component.
32
- * @returns The class name of the component.
32
+ * @returns The runtime class name string
33
33
  */
34
34
  className() {
35
35
  return IdentityAllowDenyVerifier.CLASS_NAME;
@@ -52,13 +52,13 @@ export class IdentityAllowDenyVerifier {
52
52
  errors.push(new GeneralError(IdentityAllowDenyVerifier.CLASS_NAME, "identityMissing"));
53
53
  return false;
54
54
  }
55
- if (hasAllow && !this._allowIdentities?.includes(info.identity)) {
55
+ if (hasAllow && !this._allowIdentities.includes(info.identity)) {
56
56
  errors.push(new GeneralError(IdentityAllowDenyVerifier.CLASS_NAME, "identityNotAllowed", {
57
57
  identity: info.identity
58
58
  }));
59
59
  return false;
60
60
  }
61
- if (hasDeny && this._denyIdentities?.includes(info.identity)) {
61
+ if (hasDeny && this._denyIdentities.includes(info.identity)) {
62
62
  errors.push(new GeneralError(IdentityAllowDenyVerifier.CLASS_NAME, "identityDenied", {
63
63
  identity: info.identity
64
64
  }));
package/dist/es/verifiers/identityAllowDenyVerifier.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"identityAllowDenyVerifier.js","sourceRoot":"","sources":["../../../src/verifiers/identityAllowDenyVerifier.ts"],"names":[],"mappings":"AAAA,gCAAgC;AAChC,uCAAuC;AACvC,OAAO,EAAE,YAAY,EAAE,EAAE,EAAe,MAAM,gBAAgB,CAAC;AAK/D;;GAEG;AACH,MAAM,OAAO,yBAAyB;IACrC;;OAEG;IACI,MAAM,CAAU,UAAU,+BAA+C;IAEhF;;;OAGG;IACc,gBAAgB,CAAY;IAE7C;;;OAGG;IACc,eAAe,CAAY;IAE5C;;;OAGG;IACH,YAAY,OAAsD;QACjE,IAAI,CAAC,gBAAgB,GAAG,OAAO,EAAE,MAAM,EAAE,eAAe,CAAC;QACzD,IAAI,CAAC,eAAe,GAAG,OAAO,EAAE,MAAM,EAAE,cAAc,CAAC;IACxD,CAAC;IAED;;;OAGG;IACI,SAAS;QACf,OAAO,yBAAyB,CAAC,UAAU,CAAC;IAC7C,CAAC;IAED;;;;;;;OAOG;IACI,KAAK,CAAC,MAAM,CAClB,OAAgB,EAChB,IAA4B,EAC5B,MAAgB;QAEhB,MAAM,QAAQ,GAAG,EAAE,CAAC,UAAU,CAAS,IAAI,CAAC,gBAAgB,CAAC,CAAC;QAC9D,MAAM,OAAO,GAAG,EAAE,CAAC,UAAU,CAAS,IAAI,CAAC,eAAe,CAAC,CAAC;QAE5D,IAAI,CAAC,QAAQ,IAAI,CAAC,OAAO,EAAE,CAAC;YAC3B,OAAO,SAAS,CAAC;QAClB,CAAC;QAED,IAAI,CAAC,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YACpC,MAAM,CAAC,IAAI,CAAC,IAAI,YAAY,CAAC,yBAAyB,CAAC,UAAU,EAAE,iBAAiB,CAAC,CAAC,CAAC;YACvF,OAAO,KAAK,CAAC;QACd,CAAC;QAED,IAAI,QAAQ,IAAI,CAAC,IAAI,CAAC,gBAAgB,EAAE,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YACjE,MAAM,CAAC,IAAI,CACV,IAAI,YAAY,CAAC,yBAAyB,CAAC,UAAU,EAAE,oBAAoB,EAAE;gBAC5E,QAAQ,EAAE,IAAI,CAAC,QAAQ;aACvB,CAAC,CACF,CAAC;YACF,OAAO,KAAK,CAAC;QACd,CAAC;QAED,IAAI,OAAO,IAAI,IAAI,CAAC,eAAe,EAAE,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC9D,MAAM,CAAC,IAAI,CACV,IAAI,YAAY,CAAC,yBAAyB,CAAC,UAAU,EAAE,gBAAgB,EAAE;gBACxE,QAAQ,EAAE,IAAI,CAAC,QAAQ;aACvB,CAAC,CACF,CAAC;YACF,OAAO,KAAK,CAAC;QACd,CAAC;QAED,OAAO,IAAI,CAAC;IACb,CAAC","sourcesContent":["// Copyright 2025 IOTA Stiftung.\n// SPDX-License-Identifier: Apache-2.0.\nimport { GeneralError, Is, type IError } from \"@twin.org/core\";\nimport { nameof } from \"@twin.org/nameof\";\nimport type { ITrustVerificationInfo, ITrustVerifier } from \"@twin.org/trust-models\";\nimport type { IIdentityAllowDenyVerifierConstructorOptions } from \"../models/IIdentityAllowDenyVerifierConstructorOptions.js\";\n\n/**\n * Class to gate verification based on allowed and denied identity lists.\n */\nexport class IdentityAllowDenyVerifier implements ITrustVerifier {\n\t/**\n\t * Runtime name for the class.\n\t */\n\tpublic static readonly CLASS_NAME: string = nameof<IdentityAllowDenyVerifier>();\n\n\t/**\n\t * The identities that are permitted.\n\t * @internal\n\t */\n\tprivate readonly _allowIdentities?: string[];\n\n\t/**\n\t * The identities that are explicitly rejected.\n\t * @internal\n\t */\n\tprivate readonly _denyIdentities?: string[];\n\n\t/**\n\t * Create a new instance of IdentityAllowDenyVerifier.\n\t * @param options The options for the verifier.\n\t */\n\tconstructor(options?: IIdentityAllowDenyVerifierConstructorOptions) {\n\t\tthis._allowIdentities = options?.config?.allowIdentities;\n\t\tthis._denyIdentities = options?.config?.denyIdentities;\n\t}\n\n\t/**\n\t * Returns the class name of the component.\n\t * @returns The class name of the component.\n\t */\n\tpublic className(): string {\n\t\treturn IdentityAllowDenyVerifier.CLASS_NAME;\n\t}\n\n\t/**\n\t * Verify a payload by checking the validity of its structure and content.\n\t * @param payload The payload to verify.\n\t * @param info Information extracted from previous verifiers and to be added by this verifier.\n\t * @param info.identity The identity associated with the payload.\n\t * @param errors Array to collect verification errors.\n\t * @returns Whether the payload is verified, returns undefined if payload was not processed.\n\t */\n\tpublic async verify(\n\t\tpayload: unknown,\n\t\tinfo: ITrustVerificationInfo,\n\t\terrors: IError[]\n\t): Promise<boolean | undefined> {\n\t\tconst hasAllow = Is.arrayValue<string>(this._allowIdentities);\n\t\tconst hasDeny = Is.arrayValue<string>(this._denyIdentities);\n\n\t\tif (!hasAllow && !hasDeny) {\n\t\t\treturn undefined;\n\t\t}\n\n\t\tif (!Is.stringValue(info.identity)) {\n\t\t\terrors.push(new GeneralError(IdentityAllowDenyVerifier.CLASS_NAME, \"identityMissing\"));\n\t\t\treturn false;\n\t\t}\n\n\t\tif (hasAllow && !this._allowIdentities?.includes(info.identity)) {\n\t\t\terrors.push(\n\t\t\t\tnew GeneralError(IdentityAllowDenyVerifier.CLASS_NAME, \"identityNotAllowed\", {\n\t\t\t\t\tidentity: info.identity\n\t\t\t\t})\n\t\t\t);\n\t\t\treturn false;\n\t\t}\n\n\t\tif (hasDeny && this._denyIdentities?.includes(info.identity)) {\n\t\t\terrors.push(\n\t\t\t\tnew GeneralError(IdentityAllowDenyVerifier.CLASS_NAME, \"identityDenied\", {\n\t\t\t\t\tidentity: info.identity\n\t\t\t\t})\n\t\t\t);\n\t\t\treturn false;\n\t\t}\n\n\t\treturn true;\n\t}\n}\n"]}
1
+ {"version":3,"file":"identityAllowDenyVerifier.js","sourceRoot":"","sources":["../../../src/verifiers/identityAllowDenyVerifier.ts"],"names":[],"mappings":"AAAA,gCAAgC;AAChC,uCAAuC;AACvC,OAAO,EAAE,YAAY,EAAE,EAAE,EAAe,MAAM,gBAAgB,CAAC;AAK/D;;GAEG;AACH,MAAM,OAAO,yBAAyB;IACrC;;OAEG;IACI,MAAM,CAAU,UAAU,+BAA+C;IAEhF;;;OAGG;IACc,gBAAgB,CAAY;IAE7C;;;OAGG;IACc,eAAe,CAAY;IAE5C;;;OAGG;IACH,YAAY,OAAsD;QACjE,IAAI,CAAC,gBAAgB,GAAG,OAAO,EAAE,MAAM,EAAE,eAAe,CAAC;QACzD,IAAI,CAAC,eAAe,GAAG,OAAO,EAAE,MAAM,EAAE,cAAc,CAAC;IACxD,CAAC;IAED;;;OAGG;IACI,SAAS;QACf,OAAO,yBAAyB,CAAC,UAAU,CAAC;IAC7C,CAAC;IAED;;;;;;;OAOG;IACI,KAAK,CAAC,MAAM,CAClB,OAAgB,EAChB,IAA4B,EAC5B,MAAgB;QAEhB,MAAM,QAAQ,GAAG,EAAE,CAAC,UAAU,CAAS,IAAI,CAAC,gBAAgB,CAAC,CAAC;QAC9D,MAAM,OAAO,GAAG,EAAE,CAAC,UAAU,CAAS,IAAI,CAAC,eAAe,CAAC,CAAC;QAE5D,IAAI,CAAC,QAAQ,IAAI,CAAC,OAAO,EAAE,CAAC;YAC3B,OAAO,SAAS,CAAC;QAClB,CAAC;QAED,IAAI,CAAC,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YACpC,MAAM,CAAC,IAAI,CAAC,IAAI,YAAY,CAAC,yBAAyB,CAAC,UAAU,EAAE,iBAAiB,CAAC,CAAC,CAAC;YACvF,OAAO,KAAK,CAAC;QACd,CAAC;QAED,IAAI,QAAQ,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YAChE,MAAM,CAAC,IAAI,CACV,IAAI,YAAY,CAAC,yBAAyB,CAAC,UAAU,EAAE,oBAAoB,EAAE;gBAC5E,QAAQ,EAAE,IAAI,CAAC,QAAQ;aACvB,CAAC,CACF,CAAC;YACF,OAAO,KAAK,CAAC;QACd,CAAC;QAED,IAAI,OAAO,IAAI,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC7D,MAAM,CAAC,IAAI,CACV,IAAI,YAAY,CAAC,yBAAyB,CAAC,UAAU,EAAE,gBAAgB,EAAE;gBACxE,QAAQ,EAAE,IAAI,CAAC,QAAQ;aACvB,CAAC,CACF,CAAC;YACF,OAAO,KAAK,CAAC;QACd,CAAC;QAED,OAAO,IAAI,CAAC;IACb,CAAC","sourcesContent":["// Copyright 2025 IOTA Stiftung.\n// SPDX-License-Identifier: Apache-2.0.\nimport { GeneralError, Is, type IError } from \"@twin.org/core\";\nimport { nameof } from \"@twin.org/nameof\";\nimport type { ITrustVerificationInfo, ITrustVerifier } from \"@twin.org/trust-models\";\nimport type { IIdentityAllowDenyVerifierConstructorOptions } from \"../models/IIdentityAllowDenyVerifierConstructorOptions.js\";\n\n/**\n * Class to gate verification based on allowed and denied identity lists.\n */\nexport class IdentityAllowDenyVerifier implements ITrustVerifier {\n\t/**\n\t * Runtime name for the class.\n\t */\n\tpublic static readonly CLASS_NAME: string = nameof<IdentityAllowDenyVerifier>();\n\n\t/**\n\t * The identities that are permitted.\n\t * @internal\n\t */\n\tprivate readonly _allowIdentities?: string[];\n\n\t/**\n\t * The identities that are explicitly rejected.\n\t * @internal\n\t */\n\tprivate readonly _denyIdentities?: string[];\n\n\t/**\n\t * Creates a new instance of IdentityAllowDenyVerifier.\n\t * @param options The options for the verifier.\n\t */\n\tconstructor(options?: IIdentityAllowDenyVerifierConstructorOptions) {\n\t\tthis._allowIdentities = options?.config?.allowIdentities;\n\t\tthis._denyIdentities = options?.config?.denyIdentities;\n\t}\n\n\t/**\n\t * Returns the class name of the component.\n\t * @returns The runtime class name string\n\t */\n\tpublic className(): string {\n\t\treturn IdentityAllowDenyVerifier.CLASS_NAME;\n\t}\n\n\t/**\n\t * Verify a payload by checking the validity of its structure and content.\n\t * @param payload The payload to verify.\n\t * @param info Information extracted from previous verifiers and to be added by this verifier.\n\t * @param info.identity The identity associated with the payload.\n\t * @param errors Array to collect verification errors.\n\t * @returns Whether the payload is verified, returns undefined if payload was not processed.\n\t */\n\tpublic async verify(\n\t\tpayload: unknown,\n\t\tinfo: ITrustVerificationInfo,\n\t\terrors: IError[]\n\t): Promise<boolean | undefined> {\n\t\tconst hasAllow = Is.arrayValue<string>(this._allowIdentities);\n\t\tconst hasDeny = Is.arrayValue<string>(this._denyIdentities);\n\n\t\tif (!hasAllow && !hasDeny) {\n\t\t\treturn undefined;\n\t\t}\n\n\t\tif (!Is.stringValue(info.identity)) {\n\t\t\terrors.push(new GeneralError(IdentityAllowDenyVerifier.CLASS_NAME, \"identityMissing\"));\n\t\t\treturn false;\n\t\t}\n\n\t\tif (hasAllow && !this._allowIdentities.includes(info.identity)) {\n\t\t\terrors.push(\n\t\t\t\tnew GeneralError(IdentityAllowDenyVerifier.CLASS_NAME, \"identityNotAllowed\", {\n\t\t\t\t\tidentity: info.identity\n\t\t\t\t})\n\t\t\t);\n\t\t\treturn false;\n\t\t}\n\n\t\tif (hasDeny && this._denyIdentities.includes(info.identity)) {\n\t\t\terrors.push(\n\t\t\t\tnew GeneralError(IdentityAllowDenyVerifier.CLASS_NAME, \"identityDenied\", {\n\t\t\t\t\tidentity: info.identity\n\t\t\t\t})\n\t\t\t);\n\t\t\treturn false;\n\t\t}\n\n\t\treturn true;\n\t}\n}\n"]}
package/dist/es/verifiers/jwtVerifiableCredentialVerifier.js CHANGED
@@ -17,15 +17,15 @@ export class JwtVerifiableCredentialVerifier {
17
17
  */
18
18
  _identityComponent;
19
19
  /**
20
- * Create a new instance of JwtVerifiableCredentialVerifier.
21
- * @param options The options for the service.
20
+ * Creates a new instance of JwtVerifiableCredentialVerifier.
21
+ * @param options The options for the verifier.
22
22
  */
23
23
  constructor(options) {
24
24
  this._identityComponent = ComponentFactory.get(options?.identityComponentType ?? "identity");
25
25
  }
26
26
  /**
27
27
  * Returns the class name of the component.
28
- * @returns The class name of the component.
28
+ * @returns The runtime class name string
29
29
  */
30
30
  className() {
31
31
  return JwtVerifiableCredentialVerifier.CLASS_NAME;
@@ -78,16 +78,6 @@ export class JwtVerifiableCredentialVerifier {
78
78
  info.data ??= {};
79
79
  info.data.subject = JsonLdHelper.toNodeObject(subject);
80
80
  }
81
- // Multi-tenancy claims (`tid`, `org`) are JWT-level fields injected via
82
- // `jwtPayloadFields` by the generator.
83
- const payloadTenantId = jwt.payload.tid;
84
- if (Is.stringValue(payloadTenantId)) {
85
- info.tenantId = payloadTenantId;
86
- }
87
- const payloadOrganizationId = jwt.payload.org;
88
- if (Is.stringValue(payloadOrganizationId)) {
89
- info.organizationId = payloadOrganizationId;
90
- }
91
81
  }
92
82
  catch (err) {
93
83
  isVerified = false;
package/dist/es/verifiers/jwtVerifiableCredentialVerifier.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"jwtVerifiableCredentialVerifier.js","sourceRoot":"","sources":["../../../src/verifiers/jwtVerifiableCredentialVerifier.ts"],"names":[],"mappings":"AAAA,gCAAgC;AAChC,uCAAuC;AACvC,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,gBAAgB,EAAE,YAAY,EAAE,EAAE,EAAe,MAAM,gBAAgB,CAAC;AACpG,OAAO,EAAE,YAAY,EAAE,MAAM,wBAAwB,CAAC;AAItD,OAAO,EAAE,GAAG,EAAE,MAAM,eAAe,CAAC;AAGpC;;GAEG;AACH,MAAM,OAAO,+BAA+B;IAC3C;;OAEG;IACI,MAAM,CAAU,UAAU,qCAAqD;IAEtF;;;OAGG;IACc,kBAAkB,CAAqB;IAExD;;;OAGG;IACH,YAAY,OAA4D;QACvE,IAAI,CAAC,kBAAkB,GAAG,gBAAgB,CAAC,GAAG,CAAC,OAAO,EAAE,qBAAqB,IAAI,UAAU,CAAC,CAAC;IAC9F,CAAC;IAED;;;OAGG;IACI,SAAS;QACf,OAAO,+BAA+B,CAAC,UAAU,CAAC;IACnD,CAAC;IAED;;;;;;;OAOG;IACI,KAAK,CAAC,MAAM,CAClB,OAAgB,EAChB,IAA4B,EAC5B,MAAgB;QAEhB,IAAI,EAAE,CAAC,WAAW,CAAC,OAAO,CAAC,EAAE,CAAC;YAC7B,MAAM,GAAG,GAAG,MAAM,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YAEtC,IAAI,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,EAAE,CAAC;gBAC1F,IAAI,UAAU,GAAG,IAAI,CAAC;gBACtB,IAAI,CAAC;oBACJ,MAAM,SAAS,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC;oBAC/D,IAAI,SAAS,GAAG,CAAC,IAAI,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;wBAC7C,MAAM,CAAC,IAAI,CACV,IAAI,YAAY,CAAC,+BAA+B,CAAC,UAAU,EAAE,cAAc,CAAC,CAC5E,CAAC;wBACF,UAAU,GAAG,KAAK,CAAC;oBACpB,CAAC;oBAED,MAAM,kBAAkB,GACvB,MAAM,IAAI,CAAC,kBAAkB,CAAC,0BAA0B,CAAC,OAAO,CAAC,CAAC;oBAEnE,MAAM,oBAAoB,GAAG,kBAAkB,CAAC,oBAAoB,CAAC;oBACrE,IAAI,EAAE,CAAC,KAAK,CAAC,oBAAoB,CAAC,EAAE,CAAC;wBACpC,MAAM,CAAC,IAAI,CACV,IAAI,YAAY,CAAC,+BAA+B,CAAC,UAAU,EAAE,wBAAwB,CAAC,CACtF,CAAC;wBACF,UAAU,GAAG,KAAK,CAAC;oBACpB,CAAC;yBAAM,CAAC;wBACP,IAAI,CAAC,IAAI,KAAK,EAAE,CAAC;wBACjB,IAAI,CAAC,IAAI,CAAC,oBAAoB,GAAG,YAAY,CAAC,YAAY,CAAC,oBAAoB,CAAC,CAAC;oBAClF,CAAC;oBAED,MAAM,MAAM,GAAuB,EAAE,CAAC,WAAW,CAAC,oBAAoB,EAAE,MAAM,CAAC;wBAC9E,CAAC,CAAC,oBAAoB,EAAE,MAAM;wBAC9B,CAAC,CAAC,SAAS,CAAC;oBACb,IAAI,EAAE,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC;wBACtB,MAAM,CAAC,IAAI,CACV,IAAI,YAAY,CAAC,+BAA+B,CAAC,UAAU,EAAE,oBAAoB,CAAC,CAClF,CAAC;wBACF,UAAU,GAAG,KAAK,CAAC;oBACpB,CAAC;yBAAM,CAAC;wBACP,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC;oBACxB,CAAC;oBAED,MAAM,OAAO,GAAG,oBAAoB,EAAE,iBAAiB,CAAC;oBACxD,IAAI,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;wBACvB,MAAM,CAAC,IAAI,CACV,IAAI,YAAY,CAAC,+BAA+B,CAAC,UAAU,EAAE,qBAAqB,CAAC,CACnF,CAAC;wBACF,UAAU,GAAG,KAAK,CAAC;oBACpB,CAAC;yBAAM,CAAC;wBACP,IAAI,CAAC,IAAI,KAAK,EAAE,CAAC;wBACjB,IAAI,CAAC,IAAI,CAAC,OAAO,GAAG,YAAY,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;oBACxD,CAAC;oBAED,wEAAwE;oBACxE,uCAAuC;oBACvC,MAAM,eAAe,GAAG,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC;oBACxC,IAAI,EAAE,CAAC,WAAW,CAAC,eAAe,CAAC,EAAE,CAAC;wBACrC,IAAI,CAAC,QAAQ,GAAG,eAAe,CAAC;oBACjC,CAAC;oBACD,MAAM,qBAAqB,GAAG,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC;oBAC9C,IAAI,EAAE,CAAC,WAAW,CAAC,qBAAqB,CAAC,EAAE,CAAC;wBAC3C,IAAI,CAAC,cAAc,GAAG,qBAAqB,CAAC;oBAC7C,CAAC;gBACF,CAAC;gBAAC,OAAO,GAAG,EAAE,CAAC;oBACd,UAAU,GAAG,KAAK,CAAC;oBACnB,MAAM,CAAC,IAAI,CACV,IAAI,YAAY,CACf,+BAA+B,CAAC,UAAU,EAC1C,qBAAqB,EACrB,SAAS,EACT,SAAS,CAAC,SAAS,CAAC,GAAG,CAAC,CACxB,CACD,CAAC;gBACH,CAAC;gBAED,OAAO,UAAU,CAAC;YACnB,CAAC;QACF,CAAC;IACF,CAAC","sourcesContent":["// Copyright 2025 IOTA Stiftung.\n// SPDX-License-Identifier: Apache-2.0.\nimport { BaseError, Coerce, ComponentFactory, GeneralError, Is, type IError } from \"@twin.org/core\";\nimport { JsonLdHelper } from \"@twin.org/data-json-ld\";\nimport type { IIdentityComponent } from \"@twin.org/identity-models\";\nimport { nameof } from \"@twin.org/nameof\";\nimport type { ITrustVerificationInfo, ITrustVerifier } from \"@twin.org/trust-models\";\nimport { Jwt } from \"@twin.org/web\";\nimport type { IJwtVerifiableCredentialVerifierConstructorOptions } from \"../models/IJwtVerifiableCredentialVerifierConstructorOptions.js\";\n\n/**\n * Class to verify a JWT Verifiable Credential.\n */\nexport class JwtVerifiableCredentialVerifier implements ITrustVerifier {\n\t/**\n\t * Runtime name for the class.\n\t */\n\tpublic static readonly CLASS_NAME: string = nameof<JwtVerifiableCredentialVerifier>();\n\n\t/**\n\t * The identity component.\n\t * @internal\n\t */\n\tprivate readonly _identityComponent: IIdentityComponent;\n\n\t/**\n\t * Create a new instance of JwtVerifiableCredentialVerifier.\n\t * @param options The options for the service.\n\t */\n\tconstructor(options?: IJwtVerifiableCredentialVerifierConstructorOptions) {\n\t\tthis._identityComponent = ComponentFactory.get(options?.identityComponentType ?? \"identity\");\n\t}\n\n\t/**\n\t * Returns the class name of the component.\n\t * @returns The class name of the component.\n\t */\n\tpublic className(): string {\n\t\treturn JwtVerifiableCredentialVerifier.CLASS_NAME;\n\t}\n\n\t/**\n\t * Verify a payload by checking the validity of its structure and content.\n\t * @param payload The payload to verify.\n\t * @param info Information extracted from previous verifiers and to be added by this verifier.\n\t * @param info.identity The identity associated with the payload.\n\t * @param errors Array to collect verification errors.\n\t * @returns Whether the payload is verified, returns undefined if payload was not processed.\n\t */\n\tpublic async verify(\n\t\tpayload: unknown,\n\t\tinfo: ITrustVerificationInfo,\n\t\terrors: IError[]\n\t): Promise<boolean | undefined> {\n\t\tif (Is.stringValue(payload)) {\n\t\t\tconst jwt = await Jwt.decode(payload);\n\n\t\t\tif (Is.objectValue(jwt.header) && Is.object(jwt.payload) && Is.uint8Array(jwt.signature)) {\n\t\t\t\tlet isVerified = true;\n\t\t\t\ttry {\n\t\t\t\t\tconst expiredMs = (Coerce.number(jwt.payload.exp) ?? 0) * 1000;\n\t\t\t\t\tif (expiredMs > 0 && expiredMs < Date.now()) {\n\t\t\t\t\t\terrors.push(\n\t\t\t\t\t\t\tnew GeneralError(JwtVerifiableCredentialVerifier.CLASS_NAME, \"tokenExpired\")\n\t\t\t\t\t\t);\n\t\t\t\t\t\tisVerified = false;\n\t\t\t\t\t}\n\n\t\t\t\t\tconst verificationResult =\n\t\t\t\t\t\tawait this._identityComponent.verifiableCredentialVerify(payload);\n\n\t\t\t\t\tconst verifiableCredential = verificationResult.verifiableCredential;\n\t\t\t\t\tif (Is.empty(verifiableCredential)) {\n\t\t\t\t\t\terrors.push(\n\t\t\t\t\t\t\tnew GeneralError(JwtVerifiableCredentialVerifier.CLASS_NAME, \"tokenMissingCredential\")\n\t\t\t\t\t\t);\n\t\t\t\t\t\tisVerified = false;\n\t\t\t\t\t} else {\n\t\t\t\t\t\tinfo.data ??= {};\n\t\t\t\t\t\tinfo.data.verifiableCredential = JsonLdHelper.toNodeObject(verifiableCredential);\n\t\t\t\t\t}\n\n\t\t\t\t\tconst issuer: string | undefined = Is.stringValue(verifiableCredential?.issuer)\n\t\t\t\t\t\t? verifiableCredential?.issuer\n\t\t\t\t\t\t: undefined;\n\t\t\t\t\tif (Is.empty(issuer)) {\n\t\t\t\t\t\terrors.push(\n\t\t\t\t\t\t\tnew GeneralError(JwtVerifiableCredentialVerifier.CLASS_NAME, \"tokenMissingIssuer\")\n\t\t\t\t\t\t);\n\t\t\t\t\t\tisVerified = false;\n\t\t\t\t\t} else {\n\t\t\t\t\t\tinfo.identity = issuer;\n\t\t\t\t\t}\n\n\t\t\t\t\tconst subject = verifiableCredential?.credentialSubject;\n\t\t\t\t\tif (Is.empty(subject)) {\n\t\t\t\t\t\terrors.push(\n\t\t\t\t\t\t\tnew GeneralError(JwtVerifiableCredentialVerifier.CLASS_NAME, \"tokenMissingSubject\")\n\t\t\t\t\t\t);\n\t\t\t\t\t\tisVerified = false;\n\t\t\t\t\t} else {\n\t\t\t\t\t\tinfo.data ??= {};\n\t\t\t\t\t\tinfo.data.subject = JsonLdHelper.toNodeObject(subject);\n\t\t\t\t\t}\n\n\t\t\t\t\t// Multi-tenancy claims (`tid`, `org`) are JWT-level fields injected via\n\t\t\t\t\t// `jwtPayloadFields` by the generator.\n\t\t\t\t\tconst payloadTenantId = jwt.payload.tid;\n\t\t\t\t\tif (Is.stringValue(payloadTenantId)) {\n\t\t\t\t\t\tinfo.tenantId = payloadTenantId;\n\t\t\t\t\t}\n\t\t\t\t\tconst payloadOrganizationId = jwt.payload.org;\n\t\t\t\t\tif (Is.stringValue(payloadOrganizationId)) {\n\t\t\t\t\t\tinfo.organizationId = payloadOrganizationId;\n\t\t\t\t\t}\n\t\t\t\t} catch (err) {\n\t\t\t\t\tisVerified = false;\n\t\t\t\t\terrors.push(\n\t\t\t\t\t\tnew GeneralError(\n\t\t\t\t\t\t\tJwtVerifiableCredentialVerifier.CLASS_NAME,\n\t\t\t\t\t\t\t\"tokenDecodingFailed\",\n\t\t\t\t\t\t\tundefined,\n\t\t\t\t\t\t\tBaseError.fromError(err)\n\t\t\t\t\t\t)\n\t\t\t\t\t);\n\t\t\t\t}\n\n\t\t\t\treturn isVerified;\n\t\t\t}\n\t\t}\n\t}\n}\n"]}
1
+ {"version":3,"file":"jwtVerifiableCredentialVerifier.js","sourceRoot":"","sources":["../../../src/verifiers/jwtVerifiableCredentialVerifier.ts"],"names":[],"mappings":"AAAA,gCAAgC;AAChC,uCAAuC;AACvC,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,gBAAgB,EAAE,YAAY,EAAE,EAAE,EAAe,MAAM,gBAAgB,CAAC;AACpG,OAAO,EAAE,YAAY,EAAE,MAAM,wBAAwB,CAAC;AAItD,OAAO,EAAE,GAAG,EAAE,MAAM,eAAe,CAAC;AAGpC;;GAEG;AACH,MAAM,OAAO,+BAA+B;IAC3C;;OAEG;IACI,MAAM,CAAU,UAAU,qCAAqD;IAEtF;;;OAGG;IACc,kBAAkB,CAAqB;IAExD;;;OAGG;IACH,YAAY,OAA4D;QACvE,IAAI,CAAC,kBAAkB,GAAG,gBAAgB,CAAC,GAAG,CAAC,OAAO,EAAE,qBAAqB,IAAI,UAAU,CAAC,CAAC;IAC9F,CAAC;IAED;;;OAGG;IACI,SAAS;QACf,OAAO,+BAA+B,CAAC,UAAU,CAAC;IACnD,CAAC;IAED;;;;;;;OAOG;IACI,KAAK,CAAC,MAAM,CAClB,OAAgB,EAChB,IAA4B,EAC5B,MAAgB;QAEhB,IAAI,EAAE,CAAC,WAAW,CAAC,OAAO,CAAC,EAAE,CAAC;YAC7B,MAAM,GAAG,GAAG,MAAM,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YAEtC,IAAI,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,EAAE,CAAC;gBAC1F,IAAI,UAAU,GAAG,IAAI,CAAC;gBACtB,IAAI,CAAC;oBACJ,MAAM,SAAS,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC;oBAC/D,IAAI,SAAS,GAAG,CAAC,IAAI,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;wBAC7C,MAAM,CAAC,IAAI,CACV,IAAI,YAAY,CAAC,+BAA+B,CAAC,UAAU,EAAE,cAAc,CAAC,CAC5E,CAAC;wBACF,UAAU,GAAG,KAAK,CAAC;oBACpB,CAAC;oBAED,MAAM,kBAAkB,GACvB,MAAM,IAAI,CAAC,kBAAkB,CAAC,0BAA0B,CAAC,OAAO,CAAC,CAAC;oBAEnE,MAAM,oBAAoB,GAAG,kBAAkB,CAAC,oBAAoB,CAAC;oBACrE,IAAI,EAAE,CAAC,KAAK,CAAC,oBAAoB,CAAC,EAAE,CAAC;wBACpC,MAAM,CAAC,IAAI,CACV,IAAI,YAAY,CAAC,+BAA+B,CAAC,UAAU,EAAE,wBAAwB,CAAC,CACtF,CAAC;wBACF,UAAU,GAAG,KAAK,CAAC;oBACpB,CAAC;yBAAM,CAAC;wBACP,IAAI,CAAC,IAAI,KAAK,EAAE,CAAC;wBACjB,IAAI,CAAC,IAAI,CAAC,oBAAoB,GAAG,YAAY,CAAC,YAAY,CAAC,oBAAoB,CAAC,CAAC;oBAClF,CAAC;oBAED,MAAM,MAAM,GAAuB,EAAE,CAAC,WAAW,CAAC,oBAAoB,EAAE,MAAM,CAAC;wBAC9E,CAAC,CAAC,oBAAoB,EAAE,MAAM;wBAC9B,CAAC,CAAC,SAAS,CAAC;oBACb,IAAI,EAAE,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC;wBACtB,MAAM,CAAC,IAAI,CACV,IAAI,YAAY,CAAC,+BAA+B,CAAC,UAAU,EAAE,oBAAoB,CAAC,CAClF,CAAC;wBACF,UAAU,GAAG,KAAK,CAAC;oBACpB,CAAC;yBAAM,CAAC;wBACP,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC;oBACxB,CAAC;oBAED,MAAM,OAAO,GAAG,oBAAoB,EAAE,iBAAiB,CAAC;oBACxD,IAAI,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;wBACvB,MAAM,CAAC,IAAI,CACV,IAAI,YAAY,CAAC,+BAA+B,CAAC,UAAU,EAAE,qBAAqB,CAAC,CACnF,CAAC;wBACF,UAAU,GAAG,KAAK,CAAC;oBACpB,CAAC;yBAAM,CAAC;wBACP,IAAI,CAAC,IAAI,KAAK,EAAE,CAAC;wBACjB,IAAI,CAAC,IAAI,CAAC,OAAO,GAAG,YAAY,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;oBACxD,CAAC;gBACF,CAAC;gBAAC,OAAO,GAAG,EAAE,CAAC;oBACd,UAAU,GAAG,KAAK,CAAC;oBACnB,MAAM,CAAC,IAAI,CACV,IAAI,YAAY,CACf,+BAA+B,CAAC,UAAU,EAC1C,qBAAqB,EACrB,SAAS,EACT,SAAS,CAAC,SAAS,CAAC,GAAG,CAAC,CACxB,CACD,CAAC;gBACH,CAAC;gBAED,OAAO,UAAU,CAAC;YACnB,CAAC;QACF,CAAC;IACF,CAAC","sourcesContent":["// Copyright 2025 IOTA Stiftung.\n// SPDX-License-Identifier: Apache-2.0.\nimport { BaseError, Coerce, ComponentFactory, GeneralError, Is, type IError } from \"@twin.org/core\";\nimport { JsonLdHelper } from \"@twin.org/data-json-ld\";\nimport type { IIdentityComponent } from \"@twin.org/identity-models\";\nimport { nameof } from \"@twin.org/nameof\";\nimport type { ITrustVerificationInfo, ITrustVerifier } from \"@twin.org/trust-models\";\nimport { Jwt } from \"@twin.org/web\";\nimport type { IJwtVerifiableCredentialVerifierConstructorOptions } from \"../models/IJwtVerifiableCredentialVerifierConstructorOptions.js\";\n\n/**\n * Class to verify a JWT Verifiable Credential.\n */\nexport class JwtVerifiableCredentialVerifier implements ITrustVerifier {\n\t/**\n\t * Runtime name for the class.\n\t */\n\tpublic static readonly CLASS_NAME: string = nameof<JwtVerifiableCredentialVerifier>();\n\n\t/**\n\t * The identity component.\n\t * @internal\n\t */\n\tprivate readonly _identityComponent: IIdentityComponent;\n\n\t/**\n\t * Creates a new instance of JwtVerifiableCredentialVerifier.\n\t * @param options The options for the verifier.\n\t */\n\tconstructor(options?: IJwtVerifiableCredentialVerifierConstructorOptions) {\n\t\tthis._identityComponent = ComponentFactory.get(options?.identityComponentType ?? \"identity\");\n\t}\n\n\t/**\n\t * Returns the class name of the component.\n\t * @returns The runtime class name string\n\t */\n\tpublic className(): string {\n\t\treturn JwtVerifiableCredentialVerifier.CLASS_NAME;\n\t}\n\n\t/**\n\t * Verify a payload by checking the validity of its structure and content.\n\t * @param payload The payload to verify.\n\t * @param info Information extracted from previous verifiers and to be added by this verifier.\n\t * @param info.identity The identity associated with the payload.\n\t * @param errors Array to collect verification errors.\n\t * @returns Whether the payload is verified, returns undefined if payload was not processed.\n\t */\n\tpublic async verify(\n\t\tpayload: unknown,\n\t\tinfo: ITrustVerificationInfo,\n\t\terrors: IError[]\n\t): Promise<boolean | undefined> {\n\t\tif (Is.stringValue(payload)) {\n\t\t\tconst jwt = await Jwt.decode(payload);\n\n\t\t\tif (Is.objectValue(jwt.header) && Is.object(jwt.payload) && Is.uint8Array(jwt.signature)) {\n\t\t\t\tlet isVerified = true;\n\t\t\t\ttry {\n\t\t\t\t\tconst expiredMs = (Coerce.number(jwt.payload.exp) ?? 0) * 1000;\n\t\t\t\t\tif (expiredMs > 0 && expiredMs < Date.now()) {\n\t\t\t\t\t\terrors.push(\n\t\t\t\t\t\t\tnew GeneralError(JwtVerifiableCredentialVerifier.CLASS_NAME, \"tokenExpired\")\n\t\t\t\t\t\t);\n\t\t\t\t\t\tisVerified = false;\n\t\t\t\t\t}\n\n\t\t\t\t\tconst verificationResult =\n\t\t\t\t\t\tawait this._identityComponent.verifiableCredentialVerify(payload);\n\n\t\t\t\t\tconst verifiableCredential = verificationResult.verifiableCredential;\n\t\t\t\t\tif (Is.empty(verifiableCredential)) {\n\t\t\t\t\t\terrors.push(\n\t\t\t\t\t\t\tnew GeneralError(JwtVerifiableCredentialVerifier.CLASS_NAME, \"tokenMissingCredential\")\n\t\t\t\t\t\t);\n\t\t\t\t\t\tisVerified = false;\n\t\t\t\t\t} else {\n\t\t\t\t\t\tinfo.data ??= {};\n\t\t\t\t\t\tinfo.data.verifiableCredential = JsonLdHelper.toNodeObject(verifiableCredential);\n\t\t\t\t\t}\n\n\t\t\t\t\tconst issuer: string | undefined = Is.stringValue(verifiableCredential?.issuer)\n\t\t\t\t\t\t? verifiableCredential?.issuer\n\t\t\t\t\t\t: undefined;\n\t\t\t\t\tif (Is.empty(issuer)) {\n\t\t\t\t\t\terrors.push(\n\t\t\t\t\t\t\tnew GeneralError(JwtVerifiableCredentialVerifier.CLASS_NAME, \"tokenMissingIssuer\")\n\t\t\t\t\t\t);\n\t\t\t\t\t\tisVerified = false;\n\t\t\t\t\t} else {\n\t\t\t\t\t\tinfo.identity = issuer;\n\t\t\t\t\t}\n\n\t\t\t\t\tconst subject = verifiableCredential?.credentialSubject;\n\t\t\t\t\tif (Is.empty(subject)) {\n\t\t\t\t\t\terrors.push(\n\t\t\t\t\t\t\tnew GeneralError(JwtVerifiableCredentialVerifier.CLASS_NAME, \"tokenMissingSubject\")\n\t\t\t\t\t\t);\n\t\t\t\t\t\tisVerified = false;\n\t\t\t\t\t} else {\n\t\t\t\t\t\tinfo.data ??= {};\n\t\t\t\t\t\tinfo.data.subject = JsonLdHelper.toNodeObject(subject);\n\t\t\t\t\t}\n\t\t\t\t} catch (err) {\n\t\t\t\t\tisVerified = false;\n\t\t\t\t\terrors.push(\n\t\t\t\t\t\tnew GeneralError(\n\t\t\t\t\t\t\tJwtVerifiableCredentialVerifier.CLASS_NAME,\n\t\t\t\t\t\t\t\"tokenDecodingFailed\",\n\t\t\t\t\t\t\tundefined,\n\t\t\t\t\t\t\tBaseError.fromError(err)\n\t\t\t\t\t\t)\n\t\t\t\t\t);\n\t\t\t\t}\n\n\t\t\t\treturn isVerified;\n\t\t\t}\n\t\t}\n\t}\n}\n"]}
package/dist/types/verifiers/identityAllowDenyVerifier.d.ts CHANGED
@@ -10,13 +10,13 @@ export declare class IdentityAllowDenyVerifier implements ITrustVerifier {
10
10
  */
11
11
  static readonly CLASS_NAME: string;
12
12
  /**
13
- * Create a new instance of IdentityAllowDenyVerifier.
13
+ * Creates a new instance of IdentityAllowDenyVerifier.
14
14
  * @param options The options for the verifier.
15
15
  */
16
16
  constructor(options?: IIdentityAllowDenyVerifierConstructorOptions);
17
17
  /**
18
18
  * Returns the class name of the component.
19
- * @returns The class name of the component.
19
+ * @returns The runtime class name string
20
20
  */
21
21
  className(): string;
22
22
  /**
package/dist/types/verifiers/jwtVerifiableCredentialVerifier.d.ts CHANGED
@@ -10,13 +10,13 @@ export declare class JwtVerifiableCredentialVerifier implements ITrustVerifier {
10
10
  */
11
11
  static readonly CLASS_NAME: string;
12
12
  /**
13
- * Create a new instance of JwtVerifiableCredentialVerifier.
14
- * @param options The options for the service.
13
+ * Creates a new instance of JwtVerifiableCredentialVerifier.
14
+ * @param options The options for the verifier.
15
15
  */
16
16
  constructor(options?: IJwtVerifiableCredentialVerifierConstructorOptions);
17
17
  /**
18
18
  * Returns the class name of the component.
19
- * @returns The class name of the component.
19
+ * @returns The runtime class name string
20
20
  */
21
21
  className(): string;
22
22
  /**
package/docs/changelog.md CHANGED
@@ -1,5 +1,58 @@
1
1
  # Changelog
2
2
 
3
+ ## [0.0.3-next.24](https://github.com/iotaledger/twin-trust/compare/trust-verifiers-v0.0.3-next.23...trust-verifiers-v0.0.3-next.24) (2026-06-18)
4
+
5
+
6
+ ### Miscellaneous Chores
7
+
8
+ * **trust-verifiers:** Synchronize repo versions
9
+
10
+
11
+ ### Dependencies
12
+
13
+ * The following workspace dependencies were updated
14
+ * dependencies
15
+ * @twin.org/trust-models bumped from 0.0.3-next.23 to 0.0.3-next.24
16
+
17
+ ## [0.0.3-next.23](https://github.com/iotaledger/twin-trust/compare/trust-verifiers-v0.0.3-next.22...trust-verifiers-v0.0.3-next.23) (2026-06-11)
18
+
19
+
20
+ ### Features
21
+
22
+ * add allow deny verifier ([#32](https://github.com/iotaledger/twin-trust/issues/32)) ([daf5d03](https://github.com/iotaledger/twin-trust/commit/daf5d033ffbe82e2228c48ca7ffea870a1ce956e))
23
+ * add generators ([6228c88](https://github.com/iotaledger/twin-trust/commit/6228c88a8f0244b7bdfc76b8624c427c81d23f7b))
24
+ * add optional tenantId + organizationId to trust VC payload ([#19](https://github.com/iotaledger/twin-trust/issues/19)) ([1e93f6b](https://github.com/iotaledger/twin-trust/commit/1e93f6b0eacbfa725f3c3515d4255b39dd122ce7))
25
+ * always include identity in verification info ([9594d19](https://github.com/iotaledger/twin-trust/commit/9594d19e9d718bd42b82964750ae3bcfb7df51bf))
26
+ * flatten error structure ([5fdd665](https://github.com/iotaledger/twin-trust/commit/5fdd665d0fc523a655563a0c20d1d82b634534e2))
27
+ * initial commit ([d378ef4](https://github.com/iotaledger/twin-trust/commit/d378ef4cd66c98fa188aaf3b23152d1e47d88a37))
28
+ * organization identifiers ([#39](https://github.com/iotaledger/twin-trust/issues/39)) ([a5891b9](https://github.com/iotaledger/twin-trust/commit/a5891b9d57ef209c20f53302442d1910dce963d2))
29
+ * remove logging component ([54b56cb](https://github.com/iotaledger/twin-trust/commit/54b56cb81a6cb0aac41e37e8edda9c36685f2adb))
30
+ * support pass through of info between verifiers ([1ce64b9](https://github.com/iotaledger/twin-trust/commit/1ce64b97a949278b447cc12b576ce5de537f30f3))
31
+ * typescript 6 update ([a232da2](https://github.com/iotaledger/twin-trust/commit/a232da293afbd3b42843e187e4952dabd7917397))
32
+ * update dependencies ([367d7fc](https://github.com/iotaledger/twin-trust/commit/367d7fc1f970522650c776d231bfacc84f97be67))
33
+ * verification info structure ([#10](https://github.com/iotaledger/twin-trust/issues/10)) ([8b09ec8](https://github.com/iotaledger/twin-trust/commit/8b09ec8128214b659f427fc3a985eb8ced9ed5dc))
34
+
35
+
36
+ ### Dependencies
37
+
38
+ * The following workspace dependencies were updated
39
+ * dependencies
40
+ * @twin.org/trust-models bumped from 0.0.3-next.21 to 0.0.3-next.23
41
+
42
+ ## [0.0.3-next.21](https://github.com/iotaledger/twin-trust/compare/trust-verifiers-v0.0.3-next.20...trust-verifiers-v0.0.3-next.21) (2026-06-11)
43
+
44
+
45
+ ### Features
46
+
47
+ * organization identifiers ([#39](https://github.com/iotaledger/twin-trust/issues/39)) ([a5891b9](https://github.com/iotaledger/twin-trust/commit/a5891b9d57ef209c20f53302442d1910dce963d2))
48
+
49
+
50
+ ### Dependencies
51
+
52
+ * The following workspace dependencies were updated
53
+ * dependencies
54
+ * @twin.org/trust-models bumped from 0.0.3-next.20 to 0.0.3-next.21
55
+
3
56
  ## [0.0.3-next.20](https://github.com/iotaledger/twin-trust/compare/trust-verifiers-v0.0.3-next.19...trust-verifiers-v0.0.3-next.20) (2026-06-10)
4
57
 
5
58
 
package/docs/reference/classes/IdentityAllowDenyVerifier.md CHANGED
@@ -12,7 +12,7 @@ Class to gate verification based on allowed and denied identity lists.
12
12
 
13
13
  > **new IdentityAllowDenyVerifier**(`options?`): `IdentityAllowDenyVerifier`
14
14
 
15
- Create a new instance of IdentityAllowDenyVerifier.
15
+ Creates a new instance of IdentityAllowDenyVerifier.
16
16
 
17
17
  #### Parameters
18
18
 
@@ -46,7 +46,7 @@ Returns the class name of the component.
46
46
 
47
47
  `string`
48
48
 
49
- The class name of the component.
49
+ The runtime class name string
50
50
 
51
51
  #### Implementation of
52
52
 
package/docs/reference/classes/JwtVerifiableCredentialVerifier.md CHANGED
@@ -12,7 +12,7 @@ Class to verify a JWT Verifiable Credential.
12
12
 
13
13
  > **new JwtVerifiableCredentialVerifier**(`options?`): `JwtVerifiableCredentialVerifier`
14
14
 
15
- Create a new instance of JwtVerifiableCredentialVerifier.
15
+ Creates a new instance of JwtVerifiableCredentialVerifier.
16
16
 
17
17
  #### Parameters
18
18
 
@@ -20,7 +20,7 @@ Create a new instance of JwtVerifiableCredentialVerifier.
20
20
 
21
21
  [`IJwtVerifiableCredentialVerifierConstructorOptions`](../interfaces/IJwtVerifiableCredentialVerifierConstructorOptions.md)
22
22
 
23
- The options for the service.
23
+ The options for the verifier.
24
24
 
25
25
  #### Returns
26
26
 
@@ -46,7 +46,7 @@ Returns the class name of the component.
46
46
 
47
47
  `string`
48
48
 
49
- The class name of the component.
49
+ The runtime class name string
50
50
 
51
51
  #### Implementation of
52
52
 
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@twin.org/trust-verifiers",
3
- "version": "0.0.3-next.20",
3
+ "version": "0.0.3-next.24",
4
4
  "description": "Implements trust verifiers that validate credentials and proofs against trust model requirements",
5
5
  "repository": {
6
6
  "type": "git",
@@ -19,7 +19,7 @@
19
19
  "@twin.org/identity-models": "next",
20
20
  "@twin.org/logging-models": "next",
21
21
  "@twin.org/nameof": "next",
22
- "@twin.org/trust-models": "0.0.3-next.20",
22
+ "@twin.org/trust-models": "0.0.3-next.24",
23
23
  "@twin.org/web": "next"
24
24
  },
25
25
  "main": "./dist/es/index.js",