npm - @velocitycareerlabs/server-webwallet - Versions diffs - 1.25.0-dev-build.12642c864 - Mend

@velocitycareerlabs/server-webwallet 1.25.0-dev-build.12642c864

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (193) hide show

package/src/controllers/issuing/deep-link/controller.js ADDED Viewed

@@ -0,0 +1,192 @@
+const {
+  VCLDeepLink,
+  VCLCredentialManifestDescriptorByDeepLink,
+  VCLToken,
+  VCLFinalizeOffersDescriptor,
+  VCLIssuingType,
+  VCLCredentialManifest,
+  VCLJwt,
+  VCLVerifiedProfile,
+  VCLDidJwk,
+} = require('@velocitycareerlabs/vnf-nodejs-wallet-sdk');
+const {
+  loadAdditionalRenderInfo,
+  getCredentialsFromOffers,
+  buildIssuingInputCredentials,
+  generateOffersByDeepLink,
+} = require('../../../entities');
+const {
+  validateAccountPermissions,
+} = require('../../../entities/accounts/domains');
+const issuingController = async (fastify) => {
+  fastify.get(
+    '/get-credential-manifest',
+    {
+      preValidation: fastify.verifyAccessToken(),
+      schema: fastify.autoSchema({
+        tags: ['webwallet'],
+        querystring: {
+          $ref: 'https://velocitycareerlabs.io/webwallet-get-credential-manifest-query.schema.json',
+        },
+        response: {
+          200: {
+            $ref: 'https://velocitycareerlabs.io/webwallet-get-credential-manifest-response.schema.json',
+          },
+          '4xx': { $ref: 'error#' },
+        },
+      }),
+    },
+    async (req) => {
+      const credentialManifest = await req.vclSdk.getCredentialManifest(
+        new VCLCredentialManifestDescriptorByDeepLink(
+          new VCLDeepLink(req.query.link)
+        )
+      );
+      return {
+        credentialManifest: {
+          presentation: credentialManifest.jwt.payload,
+          jwt: credentialManifest.jwt.encodedJwt,
+          verifiedProfile: credentialManifest.verifiedProfile.payload,
+          link: credentialManifest.deepLink.value,
+        },
+      };
+    }
+  );
+  fastify.post(
+    '/offers',
+    {
+      preValidation: fastify.verifyAccessToken(),
+      schema: fastify.autoSchema({
+        tags: ['webwallet'],
+        body: {
+          $ref: 'https://velocitycareerlabs.io/webwallet-offers-by-deep-link-request.schema.json',
+        },
+        response: {
+          200: {
+            $ref: 'https://velocitycareerlabs.io/webwallet-offers-by-deep-link-response.schema.json',
+          },
+          '4xx': { $ref: 'error#' },
+        },
+      }),
+    },
+    async (req) => {
+      const {
+        body: {
+          credentialManifest,
+          inputCredentials: inputCredentialsIds = [],
+        },
+      } = req;
+      const { offers } = await generateOffersByDeepLink(
+        credentialManifest,
+        VCLIssuingType.Career,
+        [],
+        await buildIssuingInputCredentials(inputCredentialsIds, req),
+        req
+      );
+      const offersPayloadArr = offers.all.map((offer) => offer.payload);
+      const additionalRenderInfo = await loadAdditionalRenderInfo(
+        offersPayloadArr,
+        req
+      );
+      return {
+        credentialManifest,
+        offers: offersPayloadArr,
+        token: offers.sessionToken.value,
+        challenge: offers.challenge,
+        ...additionalRenderInfo,
+      };
+    }
+  );
+  fastify.post(
+    '/accept-offers',
+    {
+      preValidation: fastify.verifyAccessToken(),
+      schema: fastify.autoSchema({
+        tags: ['webwallet'],
+        body: {
+          $ref: 'https://velocitycareerlabs.io/webwallet-accept-deep-link-offers-request.schema.json',
+        },
+        response: {
+          200: {
+            $ref: 'https://velocitycareerlabs.io/webwallet-accept-deep-link-offers-response.schema.json',
+          },
+          '4xx': { $ref: 'error#' },
+        },
+      }),
+    },
+    async (req) => {
+      const {
+        body: { credentialManifest, offerIds, token, challenge },
+      } = req;
+      const account = await req.repos.accounts.findOne({
+        filter: { userId: req.user.sub },
+      });
+      validateAccountPermissions(account);
+      const { did: userDid } = account;
+      const didJwk = getDidJwkFromAccount(account);
+      const {
+        vclSdk,
+        config: { careerWalletAdminAccessToken },
+      } = req;
+      const vclCredentialManifest = new VCLCredentialManifest(
+        VCLJwt.fromEncodedJwt(credentialManifest.jwt),
+        credentialManifest.vendorOriginContext,
+        new VCLVerifiedProfile(credentialManifest.verifiedProfile),
+        new VCLDeepLink(credentialManifest.link),
+        didJwk,
+        careerWalletAdminAccessToken
+      );
+      const sessionToken = new VCLToken(token);
+      const verifiableCredentials = await vclSdk.finalizeOffers(
+        new VCLFinalizeOffersDescriptor(
+          vclCredentialManifest,
+          challenge,
+          offerIds,
+          []
+        ),
+        sessionToken
+      );
+      let savedCredentials;
+      if (verifiableCredentials.passedCredentials?.length) {
+        const credentials = getCredentialsFromOffers(
+          req.user.sub,
+          userDid,
+          verifiableCredentials.passedCredentials
+        );
+        // eslint-disable-next-line no-unused-vars
+        savedCredentials = await req.repos.credentials.insertMany(credentials);
+      }
+      return {
+        passedCredentials: savedCredentials || [],
+        failedCredentials: verifiableCredentials.failedCredentials || [],
+      };
+    }
+  );
+  const getDidJwkFromAccount = (account) => {
+    return account.didKeyMetadatum &&
+      Array.isArray(account.didKeyMetadatum) &&
+      account.didKeyMetadatum.length > 0
+      ? VCLDidJwk.fromJSON(account.didKeyMetadatum[0])
+      : null;
+  };
+};
+module.exports = issuingController;

package/src/controllers/issuing/deep-link/schemas/index.js ADDED Viewed

@@ -0,0 +1,6 @@
+module.exports = {
+  ...require('./webwallet-deep-link-offers-request.schema'),
+  ...require('./webwallet-deep-link-offers-response.schema'),
+  ...require('./webwallet-deep-link-accept-offers-response.schema'),
+  ...require('./webwallet-deep-link-accept-offers-request.schema'),
+};

package/src/controllers/issuing/deep-link/schemas/webwallet-deep-link-accept-offers-request.schema.js ADDED Viewed

@@ -0,0 +1,30 @@
+const webWalletDeepLinkAcceptOffersRequestSchema = {
+  $id: 'https://velocitycareerlabs.io/webwallet-accept-deep-link-offers-request.schema.json',
+  title: 'webwallet-accept-deep-link-offers-request',
+  description: 'the request for webwallet accept offers endpoint',
+  type: 'object',
+  properties: {
+    credentialManifest: {
+      type: 'object',
+      properties: {
+        jwt: { type: 'string' },
+        link: { type: 'string' },
+      },
+      required: ['jwt'],
+      additionalProperties: true,
+    },
+    token: { type: 'string' },
+    offerIds: {
+      type: 'array',
+      items: {
+        type: 'string',
+      },
+    },
+    challenge: { type: 'string' },
+  },
+  required: ['credentialManifest', 'token', 'offerIds'],
+};
+module.exports = {
+  webWalletDeepLinkAcceptOffersRequestSchema,
+};

package/src/controllers/issuing/deep-link/schemas/webwallet-deep-link-accept-offers-response.schema.js ADDED Viewed

@@ -0,0 +1,36 @@
+const webWalletDeepLinkAcceptOffersResponseSchema = {
+  $id: 'https://velocitycareerlabs.io/webwallet-accept-deep-link-offers-response.schema.json',
+  title: 'webwallet-accept-deep-link-offers-response',
+  description: 'the body of response for webwallet accept offers endpoint',
+  type: 'object',
+  properties: {
+    passedCredentials: {
+      type: 'array',
+      items: {
+        $ref: 'https://velocitycareerlabs.io/webwallet-credential-response.schema.json',
+      },
+    },
+    failedCredentials: {
+      type: 'array',
+      items: {
+        type: 'object',
+        properties: {
+          signedJwt: {
+            type: 'object',
+            properties: {
+              header: { type: 'string' },
+              payload: { type: 'string' },
+              signature: { type: 'string' },
+            },
+          },
+          encodedJwt: { type: 'string' },
+        },
+      },
+    },
+  },
+  required: ['passedCredentials', 'failedCredentials'],
+};
+module.exports = {
+  webWalletDeepLinkAcceptOffersResponseSchema,
+};

package/src/controllers/issuing/deep-link/schemas/webwallet-deep-link-offers-request.schema.js ADDED Viewed

@@ -0,0 +1,28 @@
+const webWalletDeepLinkOffersRequestSchema = {
+  $id: 'https://velocitycareerlabs.io/webwallet-offers-by-deep-link-request.schema.json',
+  title: 'webwallet-offers-by-deep-link-request',
+  description: 'the request for webwallet get offers endpoint',
+  type: 'object',
+  properties: {
+    credentialManifest: {
+      type: 'object',
+      properties: {
+        jwt: { type: 'string' },
+        link: { type: 'string' },
+      },
+      required: ['jwt'],
+      additionalProperties: true,
+    },
+    inputCredentials: {
+      type: 'array',
+      items: {
+        type: 'string',
+      },
+    },
+  },
+  required: ['credentialManifest'],
+};
+module.exports = {
+  webWalletDeepLinkOffersRequestSchema,
+};

package/src/controllers/issuing/deep-link/schemas/webwallet-deep-link-offers-response.schema.js ADDED Viewed

@@ -0,0 +1,48 @@
+const webWalletDeepLinkOffersResponseSchema = {
+  $id: 'https://velocitycareerlabs.io/webwallet-offers-by-deep-link-response.schema.json',
+  title: 'webwallet-offers-by-deep-link-response',
+  description: 'the body of response for webwallet get offers endpoint',
+  type: 'object',
+  properties: {
+    credentialManifest: {
+      type: 'object',
+      properties: {
+        jwt: { type: 'string' },
+        link: { type: 'string' },
+      },
+      required: ['jwt'],
+      additionalProperties: true,
+    },
+    offers: {
+      type: 'array',
+      items: {
+        $ref: 'https://velocitycareerlabs.io/holder-offer.schema.json',
+      },
+    },
+    challenge: { type: 'string' },
+    token: { type: 'string' },
+    issuers: {
+      type: 'object',
+      additionalProperties: {
+        $ref: 'organization-profile',
+      },
+    },
+    displayDescriptors: {
+      type: 'object',
+      additionalProperties: {
+        $ref: 'https://velocitycareerlabs.io/webwallet-display-descriptor-response.schema.json',
+      },
+    },
+  },
+  required: [
+    'credentialManifest',
+    'offers',
+    'token',
+    'issuers',
+    'displayDescriptors',
+  ],
+};
+module.exports = {
+  webWalletDeepLinkOffersResponseSchema,
+};

package/src/controllers/issuing/identity-credentials/autohooks.js ADDED Viewed

@@ -0,0 +1,42 @@
+const { oauthPlugin } = require('@velocitycareerlabs/auth');
+const {
+  newOfferRelatedResourceSchema,
+  holderOfferSchema,
+} = require('@velocitycareerlabs/common-schemas');
+const {
+  webWalletCredentialResponseSchema,
+  webWalletCredentialManifestSchema,
+} = require('../../../entities');
+const {
+  webWalletIdentityCredentialsRequestCodeParamsSchema,
+  webWalletIdentityCredentialsRequestCodeBodySchema,
+  webWalletIdentityCredentialsConfirmBodySchema,
+  webWalletIdentityCredentialsConfirmResponseSchema,
+} = require('./schemas');
+const {
+  webWalletGetCredentialManifestQuerySchema,
+  webWalletGetCredentialManifestResponseSchema,
+} = require('../common-schemas');
+module.exports = async (fastify) => {
+  fastify
+    .addSchema(newOfferRelatedResourceSchema)
+    .addSchema(holderOfferSchema)
+    .addSchema(webWalletCredentialManifestSchema)
+    .addSchema(webWalletGetCredentialManifestQuerySchema)
+    .addSchema(webWalletGetCredentialManifestResponseSchema)
+    .addSchema(webWalletCredentialResponseSchema)
+    .addSchema(webWalletIdentityCredentialsRequestCodeParamsSchema)
+    .addSchema(webWalletIdentityCredentialsRequestCodeBodySchema)
+    .addSchema(webWalletIdentityCredentialsConfirmBodySchema)
+    .addSchema(webWalletIdentityCredentialsConfirmResponseSchema)
+    .autoSchemaPreset({
+      tags: ['webwallet'],
+    })
+    .register(oauthPlugin, {
+      domain: fastify.config.auth0Domain,
+      audience: [fastify.config.auth0WebWalletAudience],
+    });
+};

package/src/controllers/issuing/identity-credentials/controller.js ADDED Viewed

@@ -0,0 +1,188 @@
+const newError = require('http-errors');
+const { get } = require('lodash/fp');
+const md5 = require('blueimp-md5');
+const { jwtDecode } = require('@velocitycareerlabs/jwt');
+const {
+  getIdentityIssuerService,
+  getIdentityOffersByDeepLink,
+  getCredentialsFromOffers,
+  doesUserHaveFreshPendingVerification,
+} = require('../../../entities');
+const {
+  verifyIdCredentialRequestCode,
+  verifyIdCredentialConfirmCode,
+} = require('../../../fetchers');
+const issueIdentityCredentialsController = async (fastify) => {
+  fastify.post(
+    '/request-code/:credentialType',
+    {
+      preValidation: fastify.verifyAccessToken(),
+      schema: fastify.autoSchema({
+        tags: ['webwallet'],
+        params: {
+          $ref: 'https://velocitycareerlabs.io/webwallet-identity-credentials-request-code-params.schema.json',
+        },
+        body: {
+          $ref: 'https://velocitycareerlabs.io/webwallet-identity-credentials-request-code-body.schema.json',
+        },
+        response: {
+          204: {
+            type: 'null',
+          },
+          '4xx': { $ref: 'error#' },
+        },
+      }),
+    },
+    async (req, reply) => {
+      const {
+        params: { credentialType },
+        body: { value },
+        repos,
+      } = req;
+      /**
+       * @type {import('../../../entities/accounts/repos/accounts.repo').Account}
+       */
+      const existingAccount = await repos.accounts.findOne(
+        {
+          filter: { userId: req.user.sub },
+        },
+        { verificationInfo: 1 }
+      );
+      if (
+        !doesUserHaveFreshPendingVerification(
+          existingAccount,
+          value,
+          credentialType
+        )
+      ) {
+        const nonOfIdCredentialsVerified =
+          get(`verificationInfo.${credentialType}.status`, existingAccount) !==
+          'verified';
+        await verifyIdCredentialRequestCode(credentialType, value, req);
+        await repos.accounts.update(existingAccount._id, {
+          [`verificationInfo.${credentialType}`]: {
+            status: nonOfIdCredentialsVerified ? 'pending' : 'verified',
+            codeSentAt: new Date(),
+            codeSentTo: md5(value),
+          },
+        });
+      }
+      reply.code(204);
+    }
+  );
+  fastify.post(
+    '/confirm',
+    {
+      preValidation: fastify.verifyAccessToken(),
+      schema: fastify.autoSchema({
+        tags: ['webwallet'],
+        body: {
+          $ref: 'https://velocitycareerlabs.io/webwallet-identity-credentials-confirm-body.schema.json',
+        },
+        response: {
+          200: {
+            $ref: 'https://velocitycareerlabs.io/webwallet-identity-credentials-confirm-response.schema.json',
+          },
+          '4xx': { $ref: 'error#' },
+        },
+      }),
+    },
+    async (req) => {
+      const {
+        body: { verificationCode, type },
+      } = req;
+      const { token } = await verifyIdCredentialConfirmCode(
+        verificationCode,
+        req
+      );
+      const identityIssuer = await getIdentityIssuerService(type, req);
+      if (!identityIssuer) {
+        throw newError(400, 'Failed to find identity issuer', {
+          errorCode: 'verification_error',
+        });
+      }
+      const deepLink = buildCredentialManifestDeepLink(
+        identityIssuer.serviceEndpoint,
+        token,
+        fastify.config.deepLinkProtocol
+      );
+      const {
+        acceptedOffers = [],
+        offers = [],
+        credentialManifest = {},
+      } = await getIdentityOffersByDeepLink(deepLink, req);
+      if (
+        acceptedOffers?.failedCredentials?.length ||
+        !acceptedOffers?.passedCredentials?.length
+      ) {
+        throw newError(400, 'Failed to finalize offers', {
+          errorCode: 'verification_error',
+        });
+      }
+      const { disclosureId, issuerName } = getPropsFromCredentialManifest(
+        credentialManifest.jwt.encodedJwt
+      );
+      const { did: userDid, _id: id } = await req.repos.accounts.findOne({
+        filter: { userId: req.user.sub },
+      });
+      const credentials = getCredentialsFromOffers(
+        req.user.sub,
+        userDid,
+        acceptedOffers.passedCredentials
+      );
+      const savedCredentials = await req.repos.credentials.insertMany(
+        credentials
+      );
+      await req.repos.accounts.update(id, {
+        [`verificationInfo.${type}`]: {
+          status: 'verified',
+          codeSentAt: null,
+          codeSentTo: null,
+        },
+      });
+      return {
+        credentials: savedCredentials,
+        // trackingData is for Mixpanel tracking events
+        trackingData: { offers, disclosureId, issuerName },
+      };
+    }
+  );
+};
+const buildCredentialManifestDeepLink = (serviceEndpoint, token, protocol) => {
+  const requestUri = encodeURIComponent(
+    `${serviceEndpoint}?vendorOriginContext=${token}`
+  );
+  return `${protocol}issue?request_uri=${requestUri}&vendorOriginContext=${token}`;
+};
+const getPropsFromCredentialManifest = (encodedJwt) => {
+  const decodedJwt = jwtDecode(encodedJwt);
+  return {
+    disclosureId: decodedJwt.payload.presentation_definition.id.split('.')[1],
+    issuerName: decodedJwt.payload.metadata.client_name,
+  };
+};
+module.exports = issueIdentityCredentialsController;

package/src/controllers/issuing/identity-credentials/schemas/index.js ADDED Viewed

@@ -0,0 +1,6 @@
+module.exports = {
+  ...require('./webwallet-identity-credentials-request-code-params.schema'),
+  ...require('./webwallet-identity-credentials-request-code-body.schema'),
+  ...require('./webwallet-identity-credentials-confirm-body.schema'),
+  ...require('./webwallet-identity-credentials-confirm-response.schema'),
+};

package/src/controllers/issuing/identity-credentials/schemas/webwallet-identity-credentials-confirm-body.schema.js ADDED Viewed

@@ -0,0 +1,20 @@
+const { keys } = require('lodash/fp');
+const { identityClaimTypes } = require('../../../../entities/issuing');
+const webWalletIdentityCredentialsConfirmBodySchema = {
+  $id: 'https://velocitycareerlabs.io/webwallet-identity-credentials-confirm-body.schema.json',
+  title: 'webwallet-identity-credentials-confirm-body',
+  type: 'object',
+  properties: {
+    verificationCode: { type: 'string' },
+    type: {
+      type: 'string',
+      enum: keys(identityClaimTypes),
+    },
+  },
+  required: ['verificationCode', 'type'],
+};
+module.exports = {
+  webWalletIdentityCredentialsConfirmBodySchema,
+};

package/src/controllers/issuing/identity-credentials/schemas/webwallet-identity-credentials-confirm-response.schema.js ADDED Viewed

@@ -0,0 +1,37 @@
+const webWalletIdentityCredentialsConfirmResponseSchema = {
+  $id: 'https://velocitycareerlabs.io/webwallet-identity-credentials-confirm-response.schema.json',
+  title: 'webwallet-identity-credentials-confirm-response',
+  description:
+    'the response for webwallet identity credentials confirm endpoint',
+  type: 'object',
+  properties: {
+    credentials: {
+      type: 'array',
+      items: {
+        $ref: 'https://velocitycareerlabs.io/webwallet-credential-response.schema.json',
+      },
+    },
+    trackingData: {
+      type: 'object',
+      properties: {
+        disclosureId: {
+          type: 'string',
+        },
+        offers: {
+          type: 'array',
+          items: {
+            $ref: 'https://velocitycareerlabs.io/holder-offer.schema.json',
+          },
+        },
+        issuerName: {
+          type: 'string',
+        },
+      },
+    },
+  },
+  required: ['credentials', 'trackingData'],
+};
+module.exports = {
+  webWalletIdentityCredentialsConfirmResponseSchema,
+};

package/src/controllers/issuing/identity-credentials/schemas/webwallet-identity-credentials-request-code-body.schema.js ADDED Viewed

@@ -0,0 +1,14 @@
+const webWalletIdentityCredentialsRequestCodeBodySchema = {
+  $id: 'https://velocitycareerlabs.io/webwallet-identity-credentials-request-code-body.schema.json',
+  title: 'webwallet-identity-credentials-request-code-body',
+  type: 'object',
+  description: 'The actual email address or phone number',
+  properties: {
+    value: { type: 'string' },
+  },
+  required: ['value'],
+};
+module.exports = {
+  webWalletIdentityCredentialsRequestCodeBodySchema,
+};

package/src/controllers/issuing/identity-credentials/schemas/webwallet-identity-credentials-request-code-params.schema.js ADDED Viewed

@@ -0,0 +1,19 @@
+const { keys } = require('lodash/fp');
+const { identityClaimTypes } = require('../../../../entities/issuing');
+const webWalletIdentityCredentialsRequestCodeParamsSchema = {
+  $id: 'https://velocitycareerlabs.io/webwallet-identity-credentials-request-code-params.schema.json',
+  title: 'webwallet-identity-credentials-request-code-params',
+  type: 'object',
+  description: 'Either `phone` or `email`',
+  properties: {
+    credentialType: {
+      type: 'string',
+      enum: keys(identityClaimTypes),
+    },
+  },
+};
+module.exports = {
+  webWalletIdentityCredentialsRequestCodeParamsSchema,
+};

package/src/controllers/linkedin/autohooks.js ADDED Viewed

@@ -0,0 +1,16 @@
+const { oauthPlugin } = require('@velocitycareerlabs/auth');
+const multipart = require('@fastify/multipart');
+const { webWalletLinkedinMeResponseSchema } = require('./schemas');
+module.exports = async (fastify) => {
+  fastify
+    .register(multipart, { attachFieldsToBody: 'keyValues' })
+    .register(oauthPlugin, {
+      domain: fastify.config.auth0Domain,
+      audience: [fastify.config.auth0WebWalletAudience],
+    });
+  fastify.addSchema(webWalletLinkedinMeResponseSchema).autoSchemaPreset({
+    tags: ['webwallet'],
+  });
+};