npm - @verii/server-credentialagent - Versions diffs - 1.0.0-pre.1752076816 - Mend

@verii/server-credentialagent 1.0.0-pre.1752076816

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (395) hide show

package/src/entities/common/domains/index.js ADDED Viewed

@@ -0,0 +1,17 @@
+/*
+ * Copyright 2025 Velocity Team
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+module.exports = { ...require('./get-json-at-path') };

package/src/entities/common/index.js ADDED Viewed

@@ -0,0 +1,17 @@
+/*
+ * Copyright 2025 Velocity Team
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+module.exports = { ...require('./domains') };

package/src/entities/credentials/domains/credential-format.js ADDED Viewed

@@ -0,0 +1,22 @@
+/**
+ * Copyright 2023 Velocity Team
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+const CredentialFormat = {
+  JWT_VC: 'jwt-vc',
+  JSON_LD_VC: 'jsonld-vc',
+};
+module.exports = { CredentialFormat };

package/src/entities/credentials/domains/index.js ADDED Viewed

@@ -0,0 +1,19 @@
+/**
+ * Copyright 2023 Velocity Team
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+module.exports = {
+  ...require('./credential-format'),
+};

package/src/entities/credentials/index.js ADDED Viewed

@@ -0,0 +1,17 @@
+/**
+ * Copyright 2023 Velocity Team
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+module.exports = { ...require('./domains') };

package/src/entities/deep-links/domains/extract-did.js ADDED Viewed

@@ -0,0 +1,11 @@
+const { split } = require('lodash/fp');
+const extractDid = (uri) => {
+  const newUrl = new URL(decodeURIComponent(uri));
+  const parts = split('/', newUrl.pathname);
+  return parts[5];
+};
+module.exports = {
+  extractDid,
+};

package/src/entities/deep-links/domains/index.js ADDED Viewed

@@ -0,0 +1,20 @@
+/**
+ * Copyright 2023 Velocity Team
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+module.exports = {
+  ...require('./velocity-protocol-uri-to-http-uri'),
+  ...require('./extract-did'),
+};

package/src/entities/deep-links/domains/velocity-protocol-uri-to-http-uri.js ADDED Viewed

@@ -0,0 +1,32 @@
+/**
+ * Copyright 2023 Velocity Team
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+const velocityProtocolUriToHttpUri = (velocityProtocolDeepLink, context) => {
+  const { config } = context;
+  const velocityProtocolDeepLinkUri = new URL(velocityProtocolDeepLink);
+  const httpProtocolDeepLink = new URL(`${config.hostUrl}/app-redirect`);
+  velocityProtocolDeepLinkUri.searchParams.forEach((value, name) => {
+    httpProtocolDeepLink.searchParams.append(name, value);
+  });
+  httpProtocolDeepLink.searchParams.set(
+    'exchange_type',
+    velocityProtocolDeepLinkUri.host
+  );
+  return httpProtocolDeepLink.href;
+};
+module.exports = {
+  velocityProtocolUriToHttpUri,
+};

package/src/entities/deep-links/index.js ADDED Viewed

@@ -0,0 +1,19 @@
+/**
+ * Copyright 2023 Velocity Team
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+module.exports = {
+  ...require('./domains'),
+};

package/src/entities/disclosures/domains/assert-disclosure-active.js ADDED Viewed

@@ -0,0 +1,21 @@
+const { isNil } = require('lodash/fp');
+const newError = require('http-errors');
+const assertDisclosureActive = (disclosure, req) => {
+  const { enableDeactivatedDisclosure } = req.config;
+  if (
+    !enableDeactivatedDisclosure ||
+    isNil(disclosure?.deactivationDate) ||
+    new Date(disclosure.deactivationDate) > new Date()
+  ) {
+    return;
+  }
+  throw newError(400, 'Disclosure is not active', {
+    errorCode: 'disclosure_not_active',
+  });
+};
+module.exports = {
+  assertDisclosureActive,
+};

package/src/entities/disclosures/domains/compute-disclosure-configuration-type.js ADDED Viewed

@@ -0,0 +1,29 @@
+/**
+ * Copyright 2023 Velocity Team
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+const { includes } = require('lodash/fp');
+const { VendorEndpointCategory, ConfigurationType } = require('./constants');
+const computeDisclosureConfigurationType = (disclosure) => {
+  const { vendorEndpoint } = disclosure;
+  return includes(vendorEndpoint, VendorEndpointCategory.ISSUING)
+    ? ConfigurationType.ISSUING
+    : ConfigurationType.INSPECTION;
+};
+module.exports = {
+  computeDisclosureConfigurationType,
+};

package/src/entities/disclosures/domains/constants.js ADDED Viewed

@@ -0,0 +1,61 @@
+/**
+ * Copyright 2023 Velocity Team
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+const OfferMode = {
+  WEBHOOK: 'webhook',
+  PRELOADED: 'preloaded',
+};
+const IdentificationMethods = {
+  VERIFIABLE_PRESENTATION: 'verifiable_presentation',
+  PREAUTH: 'preauth',
+};
+const VendorEndpoint = {
+  // webhook capabilities
+  RECEIVE_CHECKED_CREDENTIALS: 'receive-checked-credentials',
+  RECEIVE_UNCHECKED_CREDENTIALS: 'receive-unchecked-credentials',
+  RECEIVE_APPLICANT: 'receive-applicant',
+  ISSUING_IDENTIFICATION: 'issuing-identification',
+  // integrated capabilities
+  INTEGRATED_ISSUING_IDENTIFICATION: 'integrated-issuing-identification',
+};
+const ConfigurationType = {
+  ISSUING: 'issuing',
+  INSPECTION: 'inspection',
+};
+const VendorEndpointCategory = {
+  ISSUING: [
+    VendorEndpoint.INTEGRATED_ISSUING_IDENTIFICATION,
+    VendorEndpoint.ISSUING_IDENTIFICATION,
+  ],
+  INSPECTION: [
+    VendorEndpoint.RECEIVE_APPLICANT,
+    VendorEndpoint.RECEIVE_UNCHECKED_CREDENTIALS,
+    VendorEndpoint.RECEIVE_CHECKED_CREDENTIALS,
+  ],
+};
+module.exports = {
+  IdentificationMethods,
+  OfferMode,
+  VendorEndpoint,
+  VendorEndpointCategory,
+  ConfigurationType,
+};

package/src/entities/disclosures/domains/errors.js ADDED Viewed

@@ -0,0 +1,34 @@
+/**
+ * Copyright 2023 Velocity Team
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+const DisclosureErrors = {
+  DUPLICATE_ISSUING_IDENTIFICATION:
+    'Only one disclosure for "issuing-identification" endpoint is allowed per tenant',
+  IDENTITY_MATCHERS_REQUIRED:
+    'When using { "vendorEndpoint": "integrated-issuing-identification" } "identityMatchers" property is required',
+  TYPES_REQUIRED: "body should have required property 'types'",
+  PREAUTH_TYPES_MAY_NOT_BE_SPECIFIED:
+    "body may not have property 'types' when 'identificationMode' is set to 'preauth'",
+  PREAUTH_TYPES_MAY_NOT_BE_SET_ISSUING_DEFAULT:
+    "body may not have property 'setIssuingDefault' when 'identificationMode' is set to 'preauth'",
+  PRESENTATION_DEFINITION_XOR_TYPES:
+    "body may only have one property of 'types' or 'presentationDefinition'",
+  PRESENTATION_DEFINITION_GROUP_IF_SUBMISSION_REQUIREMENTS:
+    'presentationDefinition input_descriptors[*].group is required when submission_requirements are sent',
+  ISSUING_FEED_NOT_SUPPORTED: 'Issuing feeds are not supported',
+};
+module.exports = { DisclosureErrors };

package/src/entities/disclosures/domains/get-disclosure-configuration-type.js ADDED Viewed

@@ -0,0 +1,60 @@
+/**
+ * Copyright 2023 Velocity Team
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+const newError = require('http-errors');
+const { isEmpty, includes, upperCase } = require('lodash/fp');
+const { VendorEndpointCategory, ConfigurationType } = require('./constants');
+const getDisclosureConfigurationType = (
+  disclosure,
+  { config: { disclosureCredentialTypeRequired } }
+) => {
+  const { configurationType, vendorEndpoint } = disclosure;
+  const isEmptyConfigurationType = isEmpty(configurationType);
+  if (isEmptyConfigurationType && disclosureCredentialTypeRequired) {
+    throw newError(400, 'Disclosure configuration type required', {
+      errorCode: 'disclosure_configuration_type_required',
+    });
+  }
+  const isExist = includes(
+    vendorEndpoint,
+    VendorEndpointCategory[upperCase(configurationType)]
+  );
+  if (!isEmptyConfigurationType && !isExist) {
+    throw newError(400, 'Disclosure configuration type invalid', {
+      errorCode: 'disclosure_invalid',
+    });
+  }
+  const defaultConfigurationType =
+    getConfigurationTypeByVendorEndpoint(vendorEndpoint);
+  return isEmptyConfigurationType
+    ? defaultConfigurationType
+    : configurationType;
+};
+const getConfigurationTypeByVendorEndpoint = (vendorEndpoint) =>
+  includes(vendorEndpoint, VendorEndpointCategory.INSPECTION)
+    ? ConfigurationType.INSPECTION
+    : ConfigurationType.ISSUING;
+module.exports = {
+  getDisclosureConfigurationType,
+};

package/src/entities/disclosures/domains/index.js ADDED Viewed

@@ -0,0 +1,32 @@
+/**
+ * Copyright 2023 Velocity Team
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+module.exports = {
+  ...require('./errors'),
+  ...require('./constants'),
+  ...require('./validate-by-identification-method'),
+  ...require('./get-disclosure-configuration-type'),
+  ...require('./is-issuing-disclosure'),
+  ...require('./validate-disclosure-default-issuing'),
+  ...require('./compute-disclosure-configuration-type'),
+  ...require('./assert-disclosure-active'),
+  ...require('./validate-disclosure-by-configuration-type'),
+  ...require('./parse-body-to-disclosure'),
+  ...require('./validate-vendor-endpoint'),
+  ...require('./validate-disclosure'),
+  ...require('./validate-vendor-webhook'),
+  ...require('./validate-commercial-entity'),
+};

package/src/entities/disclosures/domains/is-issuing-disclosure.js ADDED Viewed

@@ -0,0 +1,23 @@
+/*
+ * Copyright 2025 Velocity Team
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+const { ConfigurationType, VendorEndpointCategory } = require('./constants');
+const isIssuingDisclosure = ({ configurationType, vendorEndpoint }) =>
+  configurationType === ConfigurationType.ISSUING ||
+  VendorEndpointCategory.ISSUING.includes(vendorEndpoint);
+module.exports = { isIssuingDisclosure };

package/src/entities/disclosures/domains/parse-body-to-disclosure.js ADDED Viewed

@@ -0,0 +1,17 @@
+const { omit, flow, set } = require('lodash/fp');
+const { dateify } = require('@verii/common-functions');
+const {
+  getDisclosureConfigurationType,
+} = require('./get-disclosure-configuration-type');
+const parseBodyToDisclosure = (body, context) => {
+  return flow(
+    dateify(['deactivationDate']),
+    omit(['setIssuingDefault']),
+    set('configurationType', getDisclosureConfigurationType(body, context))
+  )(body);
+};
+module.exports = {
+  parseBodyToDisclosure,
+};

package/src/entities/disclosures/domains/validate-by-identification-method.js ADDED Viewed

@@ -0,0 +1,69 @@
+/**
+ * Copyright 2023 Velocity Team
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+const { isEmpty, includes, some } = require('lodash/fp');
+const newError = require('http-errors');
+const { DisclosureErrors } = require('./errors');
+const { IdentificationMethods } = require('./constants');
+const validateByIdentificationMethod = (disclosure, setIssuingDefault) => {
+  validateByVerifiablePresentationMethod(disclosure);
+  validateByPreauthMethod(disclosure, setIssuingDefault);
+};
+const validateByVerifiablePresentationMethod = (disclosure) => {
+  if (
+    !includes(
+      IdentificationMethods.VERIFIABLE_PRESENTATION,
+      disclosure.identificationMethods
+    )
+  ) {
+    return;
+  }
+  if (some(isEmpty, disclosure.types)) {
+    throw newError(400, DisclosureErrors.TYPES_REQUIRED, {
+      errorCode: 'request_validation_failed',
+    });
+  }
+};
+const identificationMethodsIncludesPreauth = (identificationMethods) => {
+  return includes(IdentificationMethods.PREAUTH, identificationMethods);
+};
+const validateByPreauthMethod = (disclosure, setIssuingDefault) => {
+  if (!identificationMethodsIncludesPreauth(disclosure.identificationMethods)) {
+    return;
+  }
+  if (disclosure.types) {
+    throw newError(400, DisclosureErrors.PREAUTH_TYPES_MAY_NOT_BE_SPECIFIED, {
+      errorCode: 'request_validation_failed',
+    });
+  }
+  if (setIssuingDefault) {
+    throw newError(
+      400,
+      DisclosureErrors.PREAUTH_TYPES_MAY_NOT_BE_SET_ISSUING_DEFAULT,
+      {
+        errorCode: 'request_validation_failed',
+      }
+    );
+  }
+};
+module.exports = {
+  validateByIdentificationMethod,
+  identificationMethodsIncludesPreauth,
+};

package/src/entities/disclosures/domains/validate-commercial-entity.js ADDED Viewed

@@ -0,0 +1,26 @@
+const { some, isEmpty } = require('lodash/fp');
+const newError = require('http-errors');
+const validateCommercialEntity = (disclosure, verifiedProfile) => {
+  const { commercialEntityName, commercialEntityLogo } = disclosure;
+  if (isEmpty(commercialEntityName) && isEmpty(commercialEntityLogo)) {
+    return;
+  }
+  if (
+    !some(
+      ({ name, logo }) =>
+        name === commercialEntityName && logo === commercialEntityLogo,
+      verifiedProfile?.credentialSubject?.commercialEntities || []
+    )
+  ) {
+    const errorCode = 'invalid_commercial_entity';
+    const errorMessage = 'Invalid commercial entity';
+    throw newError(400, errorMessage, { errorCode });
+  }
+};
+module.exports = {
+  validateCommercialEntity,
+};

package/src/entities/disclosures/domains/validate-disclosure-by-configuration-type.js ADDED Viewed

@@ -0,0 +1,47 @@
+const newError = require('http-errors');
+const { isEmpty, includes } = require('lodash/fp');
+const { ConfigurationType } = require('./constants');
+const ValidationByConfigurationType = {
+  [ConfigurationType.ISSUING]: (disclosure) => {
+    if (isEmpty(disclosure.offerMode)) {
+      throw newError(400, 'Offer mode is required', {
+        errorCode: 'offer_mode_required',
+      });
+    }
+  },
+  [ConfigurationType.INSPECTION]: (disclosure) => {
+    if (isEmpty(disclosure.duration)) {
+      throw newError(400, 'Duration is required', {
+        errorCode: 'duration_required',
+      });
+    }
+    if (isEmpty(disclosure.purpose)) {
+      throw newError(400, 'Purpose is required', {
+        errorCode: 'purpose_required',
+      });
+    }
+    if (isEmpty(disclosure.types) && !disclosure.presentationDefinition) {
+      throw newError(400, 'Types should has minimum one item', {
+        errorCode: 'types_required',
+      });
+    }
+  },
+};
+const validateDisclosureByConfigurationType = (disclosure) => {
+  const { configurationType, identificationMethods } = disclosure;
+  const isVerifiablePresentationMode = includes(
+    'verifiable_presentation',
+    identificationMethods
+  );
+  ValidationByConfigurationType[
+    isVerifiablePresentationMode
+      ? ConfigurationType.INSPECTION
+      : configurationType
+  ](disclosure);
+};
+module.exports = {
+  validateDisclosureByConfigurationType,
+};