npm - @verii/endpoints-organizations-registrar - Versions diffs - 1.0.0-pre.1752076816 - Mend

@verii/endpoints-organizations-registrar 1.0.0-pre.1752076816

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (259) hide show

package/src/controllers/organizations/_did/services/controller.js ADDED Viewed

@@ -0,0 +1,195 @@
+/*
+ * Copyright 2025 Velocity Team
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+const { RegistrarScopes } = require('../../../../entities');
+const {
+  verifyUserOrganizationReadAuthorized,
+  verifyUserOrganizationWriteAuthorized,
+} = require('../../../../plugins/authorization');
+const { registeredCredentialTypesPreHandler } = require('../../plugins');
+const { invitationCodePropertySchema } = require('../../schemas');
+const {
+  initAddService,
+  initDeleteService,
+  getService,
+  updateService,
+} = require('../../../../entities');
+const servicesController = async (fastify) => {
+  const deleteService = initDeleteService(fastify);
+  const addService = initAddService(fastify);
+  fastify
+    .get(
+      '/:serviceId',
+      {
+        onRequest: fastify.verifyAccessToken([
+          RegistrarScopes.AdminOrganizations,
+          RegistrarScopes.ReadOrganizations,
+        ]),
+        preHandler: [verifyUserOrganizationReadAuthorized],
+        schema: fastify.autoSchema({
+          security: [
+            {
+              RegistrarOAuth2: [
+                RegistrarScopes.ReadOrganizations,
+                RegistrarScopes.AdminOrganizations,
+              ],
+            },
+          ],
+          params: {
+            type: 'object',
+            properties: {
+              serviceId: { type: 'string' },
+            },
+          },
+          response: {
+            200: { $ref: 'organization-service#' },
+          },
+        }),
+      },
+      async (req) => getService(req.params.did, req.params.serviceId, req)
+    )
+    .post(
+      '/',
+      {
+        onRequest: fastify.verifyAccessToken([
+          RegistrarScopes.AdminOrganizations,
+          RegistrarScopes.WriteOrganizations,
+        ]),
+        preHandler: [
+          verifyUserOrganizationWriteAuthorized,
+          registeredCredentialTypesPreHandler,
+        ],
+        schema: fastify.autoSchema({
+          security: [
+            {
+              RegistrarOAuth2: [
+                RegistrarScopes.WriteOrganizations,
+                RegistrarScopes.AdminOrganizations,
+              ],
+            },
+          ],
+          body: {
+            allOf: [
+              { $ref: 'create-did-service#' },
+              {
+                type: 'object',
+                properties: {
+                  invitationCode: invitationCodePropertySchema,
+                },
+              },
+            ],
+          },
+          response: {
+            201: {
+              type: 'object',
+              properties: {
+                service: { $ref: 'did-service#' },
+                authClient: {
+                  type: 'object',
+                  properties: {
+                    type: { type: 'string' },
+                    clientType: { type: 'string' },
+                    clientId: { type: 'string' },
+                    clientSecret: { type: 'string' },
+                    serviceId: { type: 'string' },
+                  },
+                },
+              },
+            },
+          },
+        }),
+      },
+      async (req, reply) => {
+        const response = await addService(req.params.did, req.body, req);
+        reply.code(201);
+        return response;
+      }
+    )
+    .put(
+      '/:serviceId',
+      {
+        onRequest: fastify.verifyAccessToken([
+          RegistrarScopes.AdminOrganizations,
+          RegistrarScopes.WriteOrganizations,
+        ]),
+        preHandler: [
+          verifyUserOrganizationWriteAuthorized,
+          registeredCredentialTypesPreHandler,
+        ],
+        schema: fastify.autoSchema({
+          security: [
+            {
+              RegistrarOAuth2: [
+                RegistrarScopes.WriteOrganizations,
+                RegistrarScopes.AdminOrganizations,
+              ],
+            },
+          ],
+          params: {
+            type: 'object',
+            properties: {
+              serviceId: { type: 'string' },
+            },
+          },
+          body: { $ref: 'modify-did-service#' },
+          response: {
+            200: { $ref: 'did-service#' },
+          },
+        }),
+      },
+      async (req) =>
+        updateService(req.params.did, req.params.serviceId, req.body, req)
+    )
+    .delete(
+      '/:serviceId',
+      {
+        onRequest: fastify.verifyAccessToken([
+          RegistrarScopes.AdminOrganizations,
+          RegistrarScopes.WriteOrganizations,
+        ]),
+        preHandler: [verifyUserOrganizationWriteAuthorized],
+        schema: fastify.autoSchema({
+          security: [
+            {
+              RegistrarOAuth2: [
+                RegistrarScopes.WriteOrganizations,
+                RegistrarScopes.AdminOrganizations,
+              ],
+            },
+          ],
+          params: {
+            type: 'object',
+            properties: {
+              serviceId: { type: 'string' },
+            },
+          },
+          response: {
+            204: {
+              type: 'null',
+            },
+          },
+        }),
+      },
+      async (req, reply) => {
+        await deleteService(req.params.did, req.params.serviceId, req);
+        return reply.status(204).send();
+      }
+    );
+};
+module.exports = servicesController;

package/src/controllers/organizations/_did/signatories/controller.js ADDED Viewed

@@ -0,0 +1,63 @@
+const {
+  signatoryApproveOrganizationEmail,
+  approveReminder,
+  rejectReminder,
+  validateAuthCode,
+} = require('../../../../entities');
+const signatoriesController = async (fastify) => {
+  const { sendEmail } = fastify;
+  fastify.get(
+    '/response/:response',
+    {
+      schema: fastify.autoSchema({
+        params: {
+          type: 'object',
+          properties: {
+            did: {
+              type: 'string',
+            },
+            response: {
+              type: 'string',
+              enum: ['approve', 'reject'],
+            },
+          },
+          required: ['did', 'response'],
+        },
+        querystring: {
+          type: 'object',
+          properties: {
+            authCode: {
+              type: 'string',
+            },
+          },
+          required: ['authCode'],
+        },
+        response: {
+          200: { type: 'null' },
+          401: { $ref: 'error#' },
+          400: { $ref: 'error#' },
+        },
+      }),
+    },
+    async (req) => {
+      const { repos, params, query } = req;
+      const { did, response } = params;
+      const { authCode } = query;
+      const organization = await repos.organizations.findOneByDid(did);
+      await validateAuthCode(organization, authCode, req);
+      await sendEmail(
+        signatoryApproveOrganizationEmail({ organization, response }, req)
+      );
+      if (response === 'approve') {
+        await approveReminder(organization, req);
+      } else {
+        await rejectReminder(organization, req);
+      }
+      return {};
+    }
+  );
+};
+module.exports = signatoriesController;

package/src/controllers/organizations/autohooks.js ADDED Viewed

@@ -0,0 +1,65 @@
+const {
+  didServiceSchema,
+  addressSchema,
+  locationSchema,
+  organizationProfileBaseSchema,
+  organizationProfileSchema,
+  modifyDidServiceSchema,
+  pageQuerySchema,
+} = require('@verii/common-schemas');
+const { CredentialTypesPlugin } = require('./plugins');
+const {
+  createDidServiceSchema,
+  addKeyBodySchema,
+  organizationIdsSchema,
+  organizationRegistryServiceResponseSchema,
+  fullOrganizationSchema,
+  organizationProfileCreationSchema,
+  organizationKybProfileCreationSchema,
+  organizationProfileUpdateSchema,
+  organizationSearchQueryParamsSchema,
+  organizationSearchQueryProfileParamsSchema,
+  organizationProfileVerifiableCredentialSchema,
+  organizationVerifiedProfileSchema,
+  didKeySchema,
+  organizationServiceSchema,
+} = require('./schemas');
+const {
+  publicKeySchema,
+  didProofSchema,
+  didDocSchema,
+} = require('../resolve-did/schemas');
+module.exports = async (fastify) => {
+  fastify
+    .addSchema(pageQuerySchema)
+    .addSchema(publicKeySchema)
+    .addSchema(didProofSchema)
+    .addSchema(didServiceSchema)
+    .addSchema(fullOrganizationSchema)
+    .addSchema(organizationServiceSchema)
+    .addSchema(organizationRegistryServiceResponseSchema)
+    .addSchema(addressSchema)
+    .addSchema(locationSchema)
+    .addSchema(organizationProfileBaseSchema)
+    .addSchema(organizationProfileCreationSchema)
+    .addSchema(organizationKybProfileCreationSchema)
+    .addSchema(organizationProfileUpdateSchema)
+    .addSchema(organizationProfileSchema)
+    .addSchema(didDocSchema)
+    .addSchema(organizationSearchQueryParamsSchema)
+    .addSchema(organizationSearchQueryProfileParamsSchema)
+    .addSchema(organizationProfileVerifiableCredentialSchema)
+    .addSchema(organizationVerifiedProfileSchema)
+    .addSchema(addKeyBodySchema)
+    .addSchema(organizationIdsSchema)
+    .addSchema(createDidServiceSchema)
+    .addSchema(modifyDidServiceSchema)
+    .addSchema(didKeySchema)
+    .autoSchemaPreset({ tags: ['registrar_organizations'] })
+    .register(CredentialTypesPlugin)
+    .register(
+      // eslint-disable-next-line import/no-dynamic-require
+      require(fastify.config.kmsPluginModule)[fastify.config.kmsPlugin]
+    );
+};

package/src/controllers/organizations/controller.js ADDED Viewed

@@ -0,0 +1,322 @@
+const {
+  find,
+  first,
+  flatMap,
+  intersection,
+  map,
+  mapKeys,
+  omit,
+  castArray,
+  without,
+} = require('lodash/fp');
+const newError = require('http-errors');
+const { prepCamelCase } = require('@verii/common-functions');
+const {
+  buildDidDocWithAlternativeId,
+  getDidAndAliases,
+} = require('@verii/did-doc');
+const { isWebDid } = require('@verii/did-web');
+const {
+  verifyUserOrganizationWriteAuthorized,
+  verifyUserOrganizationReadAuthorized,
+} = require('../../plugins/authorization');
+const {
+  buildProfileResponse,
+  initPrepareProfileVc,
+  initTransformOrganizationFilter,
+  getServiceTypesFromCategories,
+  transformProfileService,
+  OrganizationErrorMessages,
+  RegistrarScopes,
+  normalizeProfileName,
+  loadCaoServiceRefs,
+  buildPublicProfile,
+  synchronizeMonitors,
+  validateProfileName,
+  validateUpdateProfile,
+} = require('../../entities');
+const custodiedFinder = (existingFinder) => ({
+  ...existingFinder,
+  filter: {
+    ...existingFinder.filter,
+    didNotCustodied: { $ne: true },
+  },
+});
+const organizationController = async (fastify) => {
+  const prepareProfileVc = initPrepareProfileVc(fastify);
+  fastify
+    .get(
+      '/search-profiles',
+      {
+        preHandler: (req, reply, done) => {
+          // eslint-disable-next-line better-mutation/no-mutation
+          req.query = prepCamelCase(req.query);
+          done();
+        },
+        schema: fastify.autoSchema({
+          querystring: { $ref: 'organization-search-profile-query-params#' },
+          response: {
+            200: {
+              type: 'object',
+              properties: {
+                result: {
+                  type: 'array',
+                  items: {
+                    allOf: [
+                      { $ref: 'organization-profile#' },
+                      {
+                        type: 'object',
+                        properties: {
+                          service: {
+                            type: 'array',
+                            items: { $ref: 'did-service#' },
+                          },
+                        },
+                      },
+                    ],
+                  },
+                },
+              },
+            },
+          },
+        }),
+      },
+      async (req) => {
+        const { repos, query } = req;
+        const serviceTypes = getServiceTypesFromCategories(query);
+        let organizations = await repos.organizations.searchByAggregation(
+          query
+        );
+        organizations = map(
+          (org) => organizationWithAlternativeDidDoc(org, req),
+          organizations
+        );
+        const caoServiceRefs = query.noServiceEndpointTransform
+          ? {}
+          : await loadAllOrgCaoServiceRefs(organizations, req);
+        const result = map(
+          (organization) => ({
+            id: organization.didDoc.id,
+            alsoKnownAs: organization.didDoc.alsoKnownAs,
+            ...buildPublicProfile(organization.profile),
+            verifiableCredentialJwt: organization.verifiableCredentialJwt,
+            service: transformProfileService(
+              organization,
+              organization.services,
+              serviceTypes,
+              caoServiceRefs,
+              req
+            ),
+          }),
+          organizations
+        );
+        return { result };
+      }
+    )
+    .get(
+      '/',
+      {
+        onRequest: fastify.verifyAccessToken([
+          RegistrarScopes.ReadOrganizations,
+          RegistrarScopes.AdminOrganizations,
+        ]),
+        preHandler: [verifyUserOrganizationReadAuthorized],
+        schema: fastify.autoSchema({
+          security: [
+            {
+              RegistrarOAuth2: [
+                RegistrarScopes.ReadOrganizations,
+                RegistrarScopes.AdminOrganizations,
+              ],
+            },
+          ],
+          querystring: { $ref: 'organization-search-query-params#' },
+          response: {
+            200: {
+              type: 'object',
+              properties: {
+                result: {
+                  type: 'array',
+                  items: { $ref: 'did-doc#' },
+                },
+              },
+            },
+          },
+        }),
+      },
+      async (req) => {
+        const { repos, query } = req;
+        const organizations = await repos.organizations.find(
+          custodiedFinder(initTransformOrganizationFilter(query)),
+          { didDoc: 1 }
+        );
+        return {
+          result: map('didDoc', organizations),
+        };
+      }
+    )
+    .put(
+      '/profile/:did',
+      {
+        onRequest: fastify.verifyAccessToken([
+          RegistrarScopes.AdminOrganizations,
+          RegistrarScopes.WriteOrganizations,
+        ]),
+        preHandler: [verifyUserOrganizationWriteAuthorized],
+        schema: fastify.autoSchema({
+          security: [
+            {
+              RegistrarOAuth2: [
+                RegistrarScopes.WriteOrganizations,
+                RegistrarScopes.AdminOrganizations,
+              ],
+            },
+          ],
+          body: {
+            $ref: 'organization-profile-update#',
+          },
+          response: {
+            200: {
+              allOf: [
+                {
+                  $ref: 'organization-profile#',
+                },
+                {
+                  type: 'object',
+                  properties: {
+                    createdAt: {
+                      type: 'string',
+                      format: 'date-time',
+                    },
+                    updatedAt: {
+                      type: 'string',
+                      format: 'date-time',
+                    },
+                  },
+                  required: ['updatedAt', 'createdAt'],
+                },
+              ],
+            },
+            400: {
+              $ref: 'error#',
+            },
+          },
+        }),
+      },
+      async (req) => {
+        const { repos, params, body: profile } = req;
+        validateUpdateProfile(profile);
+        const organization = await repos.organizations.findOneByDid(
+          params.did,
+          {
+            _id: 1,
+            didDoc: 1,
+            profile: 1,
+            activatedServiceIds: 1,
+            verifiableCredentialJwt: 1,
+            adminEmail: 1,
+            normalizedProfileName: 1,
+            ids: 1,
+            createdAt: 1,
+            updatedAt: 1,
+          }
+        );
+        if (organization == null) {
+          throw newError.NotFound(
+            OrganizationErrorMessages.ORGANIZATION_NOT_FOUND
+          );
+        }
+        await validateProfileName(profile.name, organization, req);
+        const modifiedProfile = {
+          ...omit(['createdAt'], profile),
+          permittedVelocityServiceCategory:
+            organization.profile.permittedVelocityServiceCategory,
+        };
+        const { jwtVc, credentialId, vcUrl } = await prepareProfileVc(
+          organization.didDoc,
+          { ...organization.profile, ...modifiedProfile }
+        );
+        const prefixedModification = mapKeys(
+          (k) => `profile.${k}`,
+          modifiedProfile
+        );
+        const updatedOrganization = await repos.organizations.update(
+          organization._id,
+          {
+            ...prefixedModification,
+            normalizedProfileName: normalizeProfileName(profile.name),
+            signedProfileVcJwt: { signedCredential: jwtVc, credentialId },
+            verifiableCredentialJwt: vcUrl,
+          }
+        );
+        if (organization.profile.logo !== profile.logo) {
+          await repos.images.activate(profile.logo);
+          await repos.images.deactivate(organization.profile.logo);
+        }
+        return buildProfileResponse(updatedOrganization, true);
+      }
+    )
+    .post(
+      '/monitoring/sync',
+      {
+        onRequest: fastify.verifyAccessToken([
+          RegistrarScopes.AdminOrganizations,
+        ]),
+        schema: fastify.autoSchema({
+          security: [
+            {
+              RegistrarOAuth2: [RegistrarScopes.AdminOrganizations],
+            },
+          ],
+          body: { type: 'object' },
+          response: {
+            204: { type: 'null' },
+          },
+        }),
+      },
+      async (req, reply) => {
+        reply.code(204);
+        return synchronizeMonitors(req);
+      }
+    );
+};
+const organizationWithAlternativeDidDoc = (org, context) => {
+  const did = selectDid(context.query?.filter?.did, org.didDoc);
+  return {
+    ...org,
+    didDoc: buildDidDocWithAlternativeId(did, org.didDoc),
+  };
+};
+const selectDid = (didFromQuery, didDoc) => {
+  const didsFromQuery = castArray(didFromQuery);
+  const didsFromDidDoc = getDidAndAliases(didDoc);
+  const matchingDids = intersection(didsFromQuery, didsFromDidDoc);
+  const matchingDidWeb = find(isWebDid, matchingDids);
+  if (matchingDidWeb != null) {
+    return matchingDidWeb;
+  }
+  const aliases = without([didDoc.id], didsFromDidDoc);
+  const firstAlias = first(aliases);
+  return firstAlias ?? didDoc.id;
+};
+const loadAllOrgCaoServiceRefs = async (organizationDocs, context) => {
+  const allOrgsServices = flatMap('services', organizationDocs);
+  return loadCaoServiceRefs(allOrgsServices, context);
+};
+module.exports = organizationController;