npm - @velocitycareerlabs/server-careerwallet - Versions diffs - 1.25.0-dev-build.12642c864 - Mend

@velocitycareerlabs/server-careerwallet 1.25.0-dev-build.12642c864

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (252) hide show

package/src/controllers/reference/countries/controller.js ADDED Viewed

@@ -0,0 +1,81 @@
+const createError = require('http-errors');
+const {
+  getCountries,
+  isLanguageCodeValid,
+  isLanguageSupported,
+} = require('@velocitycareerlabs/country-data');
+const { CachingConstants } = require('../../../helpers');
+const DEFAULT_LANGUAGE_CODE_FALLBACK = 'en';
+const countriesController = async (fastify) => {
+  fastify.get(
+    '/',
+    {
+      schema: fastify.autoSchema({
+        querystring: {
+          type: 'object',
+          properties: {
+            lge: { type: 'string', description: 'Language' },
+          },
+        },
+        response: {
+          200: {
+            type: 'array',
+            items: {
+              type: 'object',
+              properties: {
+                name: {
+                  type: 'string',
+                  description:
+                    'The name of the country in the language of the "lge" query parameter',
+                },
+                code: {
+                  type: 'string',
+                  description: 'The ISO 3166-1 country code',
+                },
+                regions: {
+                  type: 'array',
+                  items: {
+                    type: 'object',
+                    properties: {
+                      name: {
+                        type: 'string',
+                        description:
+                          'The name of the subdivision in the language of the "lge" query parameter',
+                      },
+                      code: {
+                        type: 'string',
+                        description: 'The ISO 3166-2 subdivision code',
+                      },
+                    },
+                    required: ['name', 'code'],
+                  },
+                },
+              },
+              required: ['name', 'code', 'regions'],
+            },
+          },
+        },
+      }),
+    },
+    async ({ query: { lge } }, reply) => {
+      if (lge != null && !isLanguageCodeValid(lge)) {
+        throw createError(400, '"lge" query parameter is malformed');
+      }
+      const selectedLge =
+        lge != null && isLanguageSupported(lge)
+          ? lge
+          : DEFAULT_LANGUAGE_CODE_FALLBACK;
+      const countries = await getCountries(selectedLge);
+      return reply
+        .header(
+          CachingConstants.CACHE_CONTROL_HEADER,
+          CachingConstants.MAX_AGE_CACHE_CONTROL
+        )
+        .send(countries);
+    }
+  );
+};
+module.exports = countriesController;

package/src/controllers/reference/personas/controller.js ADDED Viewed

@@ -0,0 +1,91 @@
+const {
+  first,
+  flow,
+  flatMap,
+  isEmpty,
+  keyBy,
+  map,
+  uniq,
+} = require('lodash/fp');
+const {
+  getCredentialTypeDescriptor,
+} = require('@velocitycareerlabs/common-fetchers');
+const { personaSchema } = require('./schemas');
+const getCredentialTypeDescriptors = async (credentialTypes, context) => {
+  const credentialTypeDescriptors = await Promise.all(
+    map(
+      (credentialType) =>
+        getCredentialTypeDescriptor(
+          { type: credentialType, includeDisplay: true },
+          context
+        ),
+      credentialTypes
+    )
+  );
+  return keyBy('id', credentialTypeDescriptors);
+};
+const countriesController = async (fastify) => {
+  fastify.addSchema(personaSchema);
+  fastify.get(
+    '/',
+    {
+      schema: fastify.autoSchema({
+        response: {
+          200: {
+            type: 'array',
+            items: {
+              $ref: 'https://velocitycareerlabs.io/persona',
+            },
+          },
+        },
+      }),
+    },
+    async (req) => {
+      const { repos } = req;
+      const personas = await repos.personas.find({});
+      if (isEmpty(personas)) {
+        return [];
+      }
+      // load credential types
+      const credentialTypes = flow(
+        flatMap('vcs'),
+        flatMap('type'),
+        uniq
+      )(personas);
+      // load display descriptors
+      const credentialTypeDescriptors = await getCredentialTypeDescriptors(
+        credentialTypes,
+        req
+      );
+      // Return result
+      const result = map(
+        (persona) => ({
+          ...persona,
+          vcs: map(
+            (vc) => ({
+              ...vc,
+              output_descriptors: [
+                {
+                  id: first(vc.type),
+                  display: credentialTypeDescriptors[first(vc.type)]?.display,
+                },
+              ],
+            }),
+            persona.vcs
+          ),
+        }),
+        personas
+      );
+      return result;
+    }
+  );
+};
+module.exports = countriesController;

package/src/controllers/reference/personas/repo.js ADDED Viewed

@@ -0,0 +1,29 @@
+const {
+  repoFactory,
+  autoboxIdsExtension,
+} = require('@spencejs/spence-mongo-repos');
+module.exports = (app, options, next = () => {}) => {
+  next();
+  return repoFactory(
+    {
+      name: 'personas',
+      entityName: 'persona',
+      defaultProjection: {
+        _id: 1,
+        name: 1,
+        email: 1,
+        image: 1,
+        vcs: 1,
+        did: 1,
+        kid: 1,
+        keyId: 1,
+        publicJwk: 1,
+        createdAt: 1,
+        updatedAt: 1,
+      },
+      extensions: [autoboxIdsExtension],
+    },
+    app
+  );
+};

package/src/controllers/reference/personas/schemas/index.js ADDED Viewed

@@ -0,0 +1,3 @@
+const personaSchema = require('./persona.schema.json');
+module.exports = { personaSchema };

package/src/controllers/reference/personas/schemas/persona.schema.json ADDED Viewed

@@ -0,0 +1,108 @@
+{
+  "title": "persona",
+  "$id": "https://velocitycareerlabs.io/persona",
+  "type": "object",
+  "properties": {
+    "name": {
+      "type": "string",
+      "description": "The name persona"
+    },
+    "email": {
+      "type": "string",
+      "description": "email of the persona"
+    },
+    "image": {
+      "type": "string",
+      "format": "uri",
+      "description": "uri of the persona's image"
+    },
+    "vcs": {
+      "type": "array",
+      "items": {
+        "type": "object",
+        "properties": {
+          "jwt_vc": {
+            "type": "string",
+            "description": "The verifiable credential encoded as a jwt"
+          },
+          "type": {
+            "type": "array",
+            "items": { "type": "string" },
+            "description": "The list of credential types"
+          },
+          "output_descriptors": {
+            "type": "array",
+            "items": {
+              "type": "object",
+              "properties": {
+                "id": {
+                  "type": "string"
+                },
+                "schema": {
+                  "type": "array",
+                  "items": {
+                    "type": "object",
+                    "properties": {
+                      "uri": {
+                        "type": "string",
+                        "format": "uri"
+                      }
+                    }
+                  }
+                },
+                "display": {
+                  "type": "object",
+                  "additionalProperties": true
+                }
+              },
+              "required": ["id"]
+            }
+          }
+        },
+        "required": ["type", "jwt_vc"]
+      }
+    },
+    "did": {
+      "type": "string",
+      "description": "The did of the persona"
+    },
+    "kid": {
+      "type": "string",
+      "description": "The kid of the persona"
+    },
+    "keyId": {
+      "type": "string",
+      "description": "The keyId of the persona"
+    },
+    "publicJwk": {
+      "description": "The public jwk",
+      "type": "object",
+      "properties": {
+        "crv": {
+          "type": "string"
+        },
+        "kid": {
+          "type": "string"
+        },
+        "kty": {
+          "type": "string"
+        },
+        "x": {
+          "type": "string"
+        },
+        "y": {
+          "type": "string"
+        }
+      }
+    },
+    "createdAt": {
+      "type": "string",
+      "format": "date-time"
+    },
+    "updatedAt": {
+      "type": "string",
+      "format": "date-time"
+    }
+  },
+  "required": ["name", "email", "vcs"]
+}

package/src/controllers/root/controller.js ADDED Viewed

@@ -0,0 +1,27 @@
+const rootRoutes = async (fastify) => {
+  fastify.get(
+    '/',
+    {
+      schema: {
+        description: 'Healthcheck and version info',
+        responses: {
+          200: {
+            description: 'Successful response',
+            content: { 'text/plain': { schema: { type: 'string' } } },
+          },
+        },
+        tags: ['healthchecks'],
+      },
+    },
+    async (_res, reply) => {
+      reply
+        .status(200)
+        .send(`Welcome to Career Wallet\nVersion: ${fastify.config.version}\n`);
+    }
+  );
+};
+// eslint-disable-next-line better-mutation/no-mutation
+rootRoutes.prefixOverride = '';
+module.exports = rootRoutes;

package/src/entities/accounts/constants.js ADDED Viewed

@@ -0,0 +1,18 @@
+const accountTypes = ['perm', 'temp'];
+const accountScopes = {
+  keyCreate: 'key:create',
+  account: 'account',
+  inbox: 'inbox',
+  jwt: 'jwt',
+};
+const adminScopes = {
+  adminClient: 'admin:client',
+};
+module.exports = {
+  accountTypes,
+  accountScopes,
+  adminScopes,
+};

package/src/entities/accounts/domain/index.js ADDED Viewed

@@ -0,0 +1,3 @@
+module.exports = {
+  ...require('./merge-scopes'),
+};

package/src/entities/accounts/domain/merge-scopes.js ADDED Viewed

@@ -0,0 +1,9 @@
+const { uniq } = require('lodash');
+const { flow, union } = require('lodash/fp');
+const mergeScopes = (oldScope, newScope) =>
+  flow((scopes) => union(...scopes), uniq)([oldScope, newScope]);
+module.exports = {
+  mergeScopes,
+};

package/src/entities/accounts/index.js ADDED Viewed

@@ -0,0 +1,5 @@
+module.exports = {
+  ...require('./repos'),
+  ...require('./constants'),
+  ...require('./domain'),
+};

package/src/entities/accounts/repos/accounts.repo.js ADDED Viewed

@@ -0,0 +1,64 @@
+const {
+  autoboxIdsExtension,
+  repoFactory,
+} = require('@spencejs/spence-mongo-repos');
+const { hashAndEncodeHex } = require('@velocitycareerlabs/crypto');
+const {
+  refreshTokenExtension,
+  hashRefreshTokenField,
+} = require('@velocitycareerlabs/spencer-mongo-extensions');
+const { idTokenClaimsExtension } = require('./id-token-claims-extension');
+module.exports = (app, _, next = () => {}) => {
+  next();
+  return repoFactory(
+    {
+      name: 'accounts',
+      entityName: 'accounts',
+      defaultProjection,
+      extensions: [
+        autoboxIdsExtension,
+        refreshTokenExtension,
+        idTokenClaimsExtension,
+        accountExtensions,
+      ],
+    },
+    app
+  );
+};
+const defaultProjection = {
+  _id: 1,
+  accountType: 1,
+  userId: 1,
+  idTokenClaims: 1,
+  scope: 1,
+  refreshToken: 1,
+  createdAt: 1,
+  updatedAt: 1,
+  didKeyMetadatum: 1,
+  pushTokens: 1,
+};
+const accountExtensions = (parent) => {
+  return {
+    findAccountAndSetRefreshToken: (filter, newRefreshToken) => {
+      return parent
+        .collection()
+        .findOneAndUpdate(
+          hashRefreshTokenField(filter),
+          {
+            $set: {
+              refreshToken: hashAndEncodeHex(newRefreshToken),
+            },
+          },
+          {
+            returnDocument: 'after',
+            includeResultMetadata: true,
+          }
+        )
+        .then(({ value }) => value);
+    },
+    extensions: parent.extensions.concat(['findAccountAndSetRefreshToken']),
+  };
+};

package/src/entities/accounts/repos/id-token-claims-extension.js ADDED Viewed

@@ -0,0 +1,31 @@
+const { encrypt } = require('@velocitycareerlabs/crypto');
+const idTokenClaimsExtension = (parent, context) => {
+  return {
+    prepModification: (account, modificationType, ...args) => {
+      if (modificationType === 'insert') {
+        return parent.prepModification(
+          {
+            ...account,
+            ...(account.idTokenClaims
+              ? {
+                  idTokenClaims: encrypt(
+                    JSON.stringify(account.idTokenClaims),
+                    context.config.mongoSecret
+                  ),
+                }
+              : {}),
+          },
+          modificationType,
+          ...args
+        );
+      }
+      return parent.prepModification(account, modificationType, ...args);
+    },
+  };
+};
+module.exports = {
+  idTokenClaimsExtension,
+};

package/src/entities/accounts/repos/index.js ADDED Viewed

@@ -0,0 +1,3 @@
+module.exports = {
+  accountsRepoPlugin: require('./accounts.repo'),
+};

package/src/entities/devices/constants.js ADDED Viewed

@@ -0,0 +1,7 @@
+const deviceTypes = ['phone', 'desktop', 'browser', 'tablet'];
+const deviceOSes = ['osx', 'ios', 'android', 'windows', 'linux'];
+module.exports = {
+  deviceTypes,
+  deviceOSes,
+};

package/src/entities/devices/index.js ADDED Viewed

@@ -0,0 +1,3 @@
+module.exports = {
+  ...require('./constants'),
+};

package/src/entities/feedback/domain/generate-feedback-email.js ADDED Viewed

@@ -0,0 +1,23 @@
+const noReplyEmail = 'no-reply@velocitynetwork.foundation';
+const generateFeedbackEmail = (feedback, { config }) => ({
+  subject: `${config.nodeEnv.toUpperCase()}: Support Request - Account Feedback.`,
+  message: `
+Support Request - Account Feedback.
+User Information:
+Account ID: ${feedback.accountId}
+Feedback: ${feedback.feedback}
+Error Code (if applicable): ${feedback.errorCode}
+App Version: ${feedback.appVersion}
+Device Manufacturer: ${feedback.deviceManufacturer}
+Device Model: ${feedback.deviceModel}
+Device OS: ${feedback.deviceOS}
+IP Address: ${feedback.ip}
+  `,
+  sender: noReplyEmail,
+  recipients: [config.careerwalletSupportEmail],
+});
+module.exports = {
+  generateFeedbackEmail,
+};

package/src/entities/feedback/domain/index.js ADDED Viewed

@@ -0,0 +1,3 @@
+module.exports = {
+  ...require('./generate-feedback-email'),
+};

package/src/entities/feedback/index.js ADDED Viewed

@@ -0,0 +1,3 @@
+module.exports = {
+  ...require('./domain'),
+};

package/src/entities/index.js ADDED Viewed

@@ -0,0 +1,9 @@
+module.exports = {
+  ...require('./pushes'),
+  ...require('./oauth'),
+  ...require('./verification-code-attempts'),
+  ...require('./verifications'),
+  ...require('./accounts'),
+  ...require('./key-pairs'),
+  ...require('./feedback'),
+};

package/src/entities/key-pairs/index.js ADDED Viewed

@@ -0,0 +1,4 @@
+module.exports = {
+  ...require('./repos'),
+  ...require('./orchestrators'),
+};

package/src/entities/key-pairs/orchestrators/generate-jwk.js ADDED Viewed

@@ -0,0 +1,28 @@
+const { generateKeyPair } = require('@velocitycareerlabs/crypto');
+const { stringifyJwk } = require('@velocitycareerlabs/jwt');
+const generateJwk = async (curve, context) => {
+  const { awsKmsClient, repos, config } = context;
+  const { managedAccountsKeyId } = config;
+  const { privateKey, publicKey } = generateKeyPair({
+    curve,
+    format: 'jwk',
+  });
+  const { CiphertextBlob } = await awsKmsClient.encrypt(
+    managedAccountsKeyId,
+    stringifyJwk(privateKey)
+  );
+  const inserted = await repos.keyPairs.insert({
+    encryptedPrivateKey: CiphertextBlob,
+    publicKey,
+  });
+  return {
+    publicKey,
+    keyId: inserted._id,
+  };
+};
+module.exports = { generateJwk };

package/src/entities/key-pairs/orchestrators/get-key-pair.js ADDED Viewed

@@ -0,0 +1,58 @@
+const { isEmpty, find, equals } = require('lodash/fp');
+const newError = require('http-errors');
+const { getJwkFromDidUri } = require('@velocitycareerlabs/did-doc');
+const { ObjectId } = require('mongodb');
+// eslint-disable-next-line complexity
+const getKeyPair = async ({ kid, keyId }, context) => {
+  const { repos } = context;
+  await isKeyAuthorized({ kid, keyId }, context);
+  let filter;
+  if (!isEmpty(kid)) {
+    const parsedKid = getJwkFromDidUri(kid);
+    filter = {
+      'publicKey.kty': parsedKid.kty,
+      'publicKey.x': parsedKid.x,
+      'publicKey.y': parsedKid.y,
+      'publicKey.crv': parsedKid.crv,
+    };
+  } else if (!isEmpty(keyId)) {
+    filter = { _id: keyId };
+  } else {
+    throwKeyPairNotFoundError(kid);
+  }
+  const keyPair = await repos.keyPairs.findOne({
+    filter,
+  });
+  if (isEmpty(keyPair)) {
+    throwKeyPairNotFoundError(kid);
+  }
+  return keyPair;
+};
+const isKeyAuthorized = async ({ kid, keyId }, ctx) => {
+  const { repos, user, verifyUserAdminScope } = ctx;
+  if (verifyUserAdminScope(user)) {
+    return true;
+  }
+  const account = await repos.accounts.findOne({ filter: { _id: user?.sub } });
+  let accountFind;
+  if (!isEmpty(keyId)) {
+    accountFind = find((keyInfo) => equals(new ObjectId(keyId), keyInfo.keyId));
+  } else if (!isEmpty(kid)) {
+    accountFind = find({ kid });
+  }
+  if (accountFind == null || accountFind(account?.didKeyMetadatum) == null) {
+    throwKeyPairNotFoundError(kid);
+  }
+  return true;
+};
+const throwKeyPairNotFoundError = (kid) => {
+  throw newError(400, 'Key pair not found', {
+    errorCode: `invalid_${!isEmpty(kid) ? 'kid' : 'key_id'}`,
+  });
+};
+module.exports = { getKeyPair };

package/src/entities/key-pairs/orchestrators/index.js ADDED Viewed

@@ -0,0 +1,4 @@
+module.exports = {
+  ...require('./generate-jwk'),
+  ...require('./get-key-pair'),
+};

package/src/entities/key-pairs/repos/index.js ADDED Viewed

@@ -0,0 +1,3 @@
+module.exports = {
+  jwkRepoPlugin: require('./key-pairs.repo'),
+};

package/src/entities/key-pairs/repos/key-pairs.repo.js ADDED Viewed

@@ -0,0 +1,23 @@
+const {
+  repoFactory,
+  autoboxIdsExtension,
+} = require('@spencejs/spence-mongo-repos');
+module.exports = (app, options, next = () => {}) => {
+  next();
+  return repoFactory(
+    {
+      name: 'keyPairs',
+      entityName: 'keyPairs',
+      defaultProjection: {
+        _id: 1,
+        encryptedPrivateKey: 1,
+        publicKey: 1,
+        createdAt: 1,
+        updatedAt: 1,
+      },
+      extensions: [autoboxIdsExtension],
+    },
+    app
+  );
+};

package/src/entities/oauth/constants.js ADDED Viewed

@@ -0,0 +1,13 @@
+const TokenTypes = {
+  BEARER: 'Bearer',
+};
+const GrantTypes = {
+  VNF_PRESENTATION: 'https://velocitynetwork.foundation/oauth/presentation',
+  REFRESH_TOKEN: 'refresh_token',
+};
+module.exports = {
+  TokenTypes,
+  GrantTypes,
+};