@verii/server-credentialagent 1.0.0-pre.1752076816
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.localdev.e2e.env +40 -0
- package/.localdev.env +41 -0
- package/.standalone.env +5 -0
- package/LICENSE +202 -0
- package/NOTICE +1 -0
- package/README.md +19 -0
- package/docker/compose.yml +33 -0
- package/e2e/README.md +12 -0
- package/e2e/org-registration-and-issuing.e2e.test.js +624 -0
- package/jest.config.js +20 -0
- package/migrate-mongo.config.js +36 -0
- package/migrations/20210317133137-add-index-to-offers-repo.js +57 -0
- package/migrations/20210416145639-add-index-to-revocation-list.js +27 -0
- package/migrations/20210719120225-add_unique_did_index_to_tenant.js +45 -0
- package/migrations/20230524053029-add-vendorUserIdMappings-index.js +32 -0
- package/migrations/20230616111907-add-configuration-type-index.js +32 -0
- package/package.json +108 -0
- package/src/assets/public/favicon.ico +0 -0
- package/src/assets/public/logo192.png +0 -0
- package/src/assets/public/logo512.png +0 -0
- package/src/assets/public/manifest.json +28 -0
- package/src/assets/templates/app-redirect.hbs +16 -0
- package/src/config/config.js +44 -0
- package/src/config/core-config.js +143 -0
- package/src/config/holder-config.js +104 -0
- package/src/config/index.js +22 -0
- package/src/config/operator-config.js +64 -0
- package/src/controllers/autoload-holder-api-controllers.js +30 -0
- package/src/controllers/autoload-operator-api-controllers.js +31 -0
- package/src/controllers/autoload-root-api-controller.js +30 -0
- package/src/controllers/autoload-saasoperator-api-controllers.js +31 -0
- package/src/controllers/holder/autohooks.js +55 -0
- package/src/controllers/holder/get-exchange-progress/autohooks.js +27 -0
- package/src/controllers/holder/get-exchange-progress/controller.js +50 -0
- package/src/controllers/holder/inspect/autohooks.js +35 -0
- package/src/controllers/holder/inspect/get-presentation-request/controller.js +100 -0
- package/src/controllers/holder/inspect/schemas/holder-disclosure.schema.json +73 -0
- package/src/controllers/holder/inspect/schemas/index.js +33 -0
- package/src/controllers/holder/inspect/schemas/presentation-definition.v1.schema.json +461 -0
- package/src/controllers/holder/inspect/schemas/presentation-request.schema.json +279 -0
- package/src/controllers/holder/inspect/schemas/presentation-submission.schema.json +41 -0
- package/src/controllers/holder/inspect/schemas/siop-presentation-submission.schema.json +74 -0
- package/src/controllers/holder/inspect/schemas/velocity-presentation-submission.response.200.schema.json +36 -0
- package/src/controllers/holder/inspect/schemas/velocity-presentation-submission.schema.json +34 -0
- package/src/controllers/holder/inspect/submit-presentation/controller.js +89 -0
- package/src/controllers/holder/issue/autohooks.js +23 -0
- package/src/controllers/holder/issue/get-credential-manifest/controller.js +193 -0
- package/src/controllers/holder/issue/offers/autohooks.js +35 -0
- package/src/controllers/holder/issue/offers/controller.js +164 -0
- package/src/controllers/holder/issue/offers/credential-offers/controller.js +460 -0
- package/src/controllers/holder/issue/submit-identification/autohooks.js +37 -0
- package/src/controllers/holder/issue/submit-identification/controller.js +63 -0
- package/src/controllers/holder/oauth/autohooks.js +19 -0
- package/src/controllers/holder/oauth/controller.js +140 -0
- package/src/controllers/index.js +22 -0
- package/src/controllers/operator/tenants/_tenantId/autohooks.js +40 -0
- package/src/controllers/operator/tenants/_tenantId/check-credentials/autohooks.js +24 -0
- package/src/controllers/operator/tenants/_tenantId/check-credentials/controller-v0.8.js +200 -0
- package/src/controllers/operator/tenants/_tenantId/check-credentials/schemas/index.js +19 -0
- package/src/controllers/operator/tenants/_tenantId/check-credentials/schemas/vendor-credential.schema.json +244 -0
- package/src/controllers/operator/tenants/_tenantId/controller-v0.8.js +221 -0
- package/src/controllers/operator/tenants/_tenantId/disclosures/_id/autohooks.js +30 -0
- package/src/controllers/operator/tenants/_tenantId/disclosures/_id/controller-v0.8.js +271 -0
- package/src/controllers/operator/tenants/_tenantId/disclosures/_id/feeds/autohooks.js +45 -0
- package/src/controllers/operator/tenants/_tenantId/disclosures/_id/feeds/controller-v0.8.js +199 -0
- package/src/controllers/operator/tenants/_tenantId/disclosures/_id/feeds/schemas/add-feed.schema.js +14 -0
- package/src/controllers/operator/tenants/_tenantId/disclosures/_id/feeds/schemas/feed.schema.json +27 -0
- package/src/controllers/operator/tenants/_tenantId/disclosures/_id/feeds/schemas/index.js +25 -0
- package/src/controllers/operator/tenants/_tenantId/disclosures/_id/feeds/schemas/modify-feed-update-body.schema.js +18 -0
- package/src/controllers/operator/tenants/_tenantId/disclosures/_id/feeds/schemas/modify-feed.schema.json +19 -0
- package/src/controllers/operator/tenants/_tenantId/disclosures/autohooks.js +34 -0
- package/src/controllers/operator/tenants/_tenantId/disclosures/controller-v0.8.js +100 -0
- package/src/controllers/operator/tenants/_tenantId/disclosures/schemas/agent-disclosure-presentation-definition.schema.json +404 -0
- package/src/controllers/operator/tenants/_tenantId/disclosures/schemas/agent-disclosure.schema.js +24 -0
- package/src/controllers/operator/tenants/_tenantId/disclosures/schemas/index.js +29 -0
- package/src/controllers/operator/tenants/_tenantId/disclosures/schemas/new-agent-disclosure.schema.json +166 -0
- package/src/controllers/operator/tenants/_tenantId/disclosures/schemas/update-agent-disclosure.schema.js +20 -0
- package/src/controllers/operator/tenants/_tenantId/exchanges/_exchangeId/autohooks.js +30 -0
- package/src/controllers/operator/tenants/_tenantId/exchanges/_exchangeId/controller-v0.8.js +73 -0
- package/src/controllers/operator/tenants/_tenantId/exchanges/autohooks.js +19 -0
- package/src/controllers/operator/tenants/_tenantId/exchanges/controller-v0.8.js +150 -0
- package/src/controllers/operator/tenants/_tenantId/exchanges/schemas/get-exchange.response.body.json +147 -0
- package/src/controllers/operator/tenants/_tenantId/exchanges/schemas/index.js +21 -0
- package/src/controllers/operator/tenants/_tenantId/issued-credentials/autohooks.js +27 -0
- package/src/controllers/operator/tenants/_tenantId/issued-credentials/controller-v0.8.js +303 -0
- package/src/controllers/operator/tenants/_tenantId/issued-credentials/schemas/index.js +23 -0
- package/src/controllers/operator/tenants/_tenantId/issued-credentials/schemas/issued-credential.schema.json +115 -0
- package/src/controllers/operator/tenants/_tenantId/issued-credentials/schemas/revoke-credentials.schema.json +18 -0
- package/src/controllers/operator/tenants/_tenantId/keys/controller-v0.8.js +168 -0
- package/src/controllers/operator/tenants/_tenantId/offer-data/controller-v0.8.js +78 -0
- package/src/controllers/operator/tenants/_tenantId/offers/autohooks.js +34 -0
- package/src/controllers/operator/tenants/_tenantId/offers/controller-v0.8.js +253 -0
- package/src/controllers/operator/tenants/_tenantId/offers/schemas/index.js +23 -0
- package/src/controllers/operator/tenants/_tenantId/offers/schemas/new-vendor-offer.schema.js +47 -0
- package/src/controllers/operator/tenants/_tenantId/offers/schemas/vendor-offer.schema.json +56 -0
- package/src/controllers/operator/tenants/_tenantId/users/autohooks.js +24 -0
- package/src/controllers/operator/tenants/_tenantId/users/controller-v0.8.js +92 -0
- package/src/controllers/operator/tenants/_tenantId/users/schemas/index.js +23 -0
- package/src/controllers/operator/tenants/_tenantId/users/schemas/new-user.schema.json +13 -0
- package/src/controllers/operator/tenants/_tenantId/users/schemas/user.schema.json +16 -0
- package/src/controllers/operator/tenants/_tenantId/vc-api/credentials/autohooks.js +34 -0
- package/src/controllers/operator/tenants/_tenantId/vc-api/credentials/controller-v0.8.js +110 -0
- package/src/controllers/operator/tenants/_tenantId/vc-api/credentials/schemas/Credential.schema.js +18 -0
- package/src/controllers/operator/tenants/_tenantId/vc-api/credentials/schemas/IssueCredentialOptions.schema.json +42 -0
- package/src/controllers/operator/tenants/_tenantId/vc-api/credentials/schemas/IssueCredentialRequest.schema.json +13 -0
- package/src/controllers/operator/tenants/_tenantId/vc-api/credentials/schemas/IssueCredentialResponse.schema.json +19 -0
- package/src/controllers/operator/tenants/_tenantId/vc-api/credentials/schemas/LinkedDataProof.schema.json +43 -0
- package/src/controllers/operator/tenants/_tenantId/vc-api/credentials/schemas/VerifiableCredential.schema.js +16 -0
- package/src/controllers/operator/tenants/_tenantId/vc-api/credentials/schemas/index.js +31 -0
- package/src/controllers/operator/tenants/autohooks.js +65 -0
- package/src/controllers/operator/tenants/controller-v0.8.js +167 -0
- package/src/controllers/operator/tenants/schemas/index.js +41 -0
- package/src/controllers/operator/tenants/schemas/modify-secret.schema.json +11 -0
- package/src/controllers/operator/tenants/schemas/modify-tenant-v0.8.schema.json +44 -0
- package/src/controllers/operator/tenants/schemas/new-tenant-v0.8.schema.json +19 -0
- package/src/controllers/operator/tenants/schemas/new-tenant.response.200.schema.json +7 -0
- package/src/controllers/operator/tenants/schemas/secret-key-metadata.schema.json +31 -0
- package/src/controllers/operator/tenants/schemas/secret-key.schema.json +29 -0
- package/src/controllers/operator/tenants/schemas/secret-kid.schema.json +13 -0
- package/src/controllers/operator/tenants/schemas/secret-new-tenant-v0.8.schema.json +28 -0
- package/src/controllers/operator/tenants/schemas/secret-tenant-key-v0.8.schema.json +13 -0
- package/src/controllers/operator/tenants/schemas/tenant-key-v0.8.schema.json +14 -0
- package/src/controllers/operator/tenants/schemas/tenant-v0.8.schema.json +62 -0
- package/src/controllers/root/autohooks.js +23 -0
- package/src/controllers/root/controller.js +173 -0
- package/src/controllers/saasoperator/groups/_id/autohooks.js +9 -0
- package/src/controllers/saasoperator/groups/_id/controller.js +121 -0
- package/src/controllers/saasoperator/groups/autohooks.js +19 -0
- package/src/controllers/saasoperator/groups/controller.js +65 -0
- package/src/controllers/saasoperator/groups/schemas/group.schema.js +17 -0
- package/src/controllers/saasoperator/groups/schemas/index.js +4 -0
- package/src/controllers/saasoperator/groups/schemas/new-group.schema.js +13 -0
- package/src/entities/common/domains/get-json-at-path.js +28 -0
- package/src/entities/common/domains/index.js +17 -0
- package/src/entities/common/index.js +17 -0
- package/src/entities/credentials/domains/credential-format.js +22 -0
- package/src/entities/credentials/domains/index.js +19 -0
- package/src/entities/credentials/index.js +17 -0
- package/src/entities/deep-links/domains/extract-did.js +11 -0
- package/src/entities/deep-links/domains/index.js +20 -0
- package/src/entities/deep-links/domains/velocity-protocol-uri-to-http-uri.js +32 -0
- package/src/entities/deep-links/index.js +19 -0
- package/src/entities/disclosures/domains/assert-disclosure-active.js +21 -0
- package/src/entities/disclosures/domains/compute-disclosure-configuration-type.js +29 -0
- package/src/entities/disclosures/domains/constants.js +61 -0
- package/src/entities/disclosures/domains/errors.js +34 -0
- package/src/entities/disclosures/domains/get-disclosure-configuration-type.js +60 -0
- package/src/entities/disclosures/domains/index.js +32 -0
- package/src/entities/disclosures/domains/is-issuing-disclosure.js +23 -0
- package/src/entities/disclosures/domains/parse-body-to-disclosure.js +17 -0
- package/src/entities/disclosures/domains/validate-by-identification-method.js +69 -0
- package/src/entities/disclosures/domains/validate-commercial-entity.js +26 -0
- package/src/entities/disclosures/domains/validate-disclosure-by-configuration-type.js +47 -0
- package/src/entities/disclosures/domains/validate-disclosure-default-issuing.js +77 -0
- package/src/entities/disclosures/domains/validate-disclosure.js +37 -0
- package/src/entities/disclosures/domains/validate-feed.js +16 -0
- package/src/entities/disclosures/domains/validate-presentation-definition.js +54 -0
- package/src/entities/disclosures/domains/validate-vendor-endpoint.js +22 -0
- package/src/entities/disclosures/domains/validate-vendor-webhook.js +18 -0
- package/src/entities/disclosures/factories/disclosure-factory.js +94 -0
- package/src/entities/disclosures/factories/index.js +19 -0
- package/src/entities/disclosures/index.js +22 -0
- package/src/entities/disclosures/orchestrators/get-disclosure.js +18 -0
- package/src/entities/disclosures/orchestrators/index.js +20 -0
- package/src/entities/disclosures/orchestrators/update-disclosure-configuration-type.js +32 -0
- package/src/entities/disclosures/repos/index.js +20 -0
- package/src/entities/disclosures/repos/repo.js +118 -0
- package/src/entities/disclosures/repos/set-configuration-type.js +33 -0
- package/src/entities/exchanges/adapters/index.js +17 -0
- package/src/entities/exchanges/adapters/sign-exchange-response.js +45 -0
- package/src/entities/exchanges/domains/build-exchange-progress.js +56 -0
- package/src/entities/exchanges/domains/constants.js +24 -0
- package/src/entities/exchanges/domains/ensure-exchange-state-valid.js +35 -0
- package/src/entities/exchanges/domains/errors.js +33 -0
- package/src/entities/exchanges/domains/index.js +25 -0
- package/src/entities/exchanges/domains/states.js +43 -0
- package/src/entities/exchanges/domains/types.js +31 -0
- package/src/entities/exchanges/factories/disclosure-exchange-factory.js +46 -0
- package/src/entities/exchanges/factories/index.js +20 -0
- package/src/entities/exchanges/factories/offer-exchange-factory.js +48 -0
- package/src/entities/exchanges/index.js +23 -0
- package/src/entities/exchanges/orchestrators/build-exchange-request-deep-link.js +50 -0
- package/src/entities/exchanges/orchestrators/index.js +19 -0
- package/src/entities/exchanges/repos/exchange-repo-projections.js +45 -0
- package/src/entities/exchanges/repos/exchange-state-repo-extension.js +76 -0
- package/src/entities/exchanges/repos/index.js +20 -0
- package/src/entities/exchanges/repos/repo.js +44 -0
- package/src/entities/feeds/factories/feed-factory.js +47 -0
- package/src/entities/feeds/factories/index.js +19 -0
- package/src/entities/feeds/index.js +20 -0
- package/src/entities/feeds/repos/index.js +19 -0
- package/src/entities/feeds/repos/repo.js +95 -0
- package/src/entities/groups/domains/format-group.js +11 -0
- package/src/entities/groups/domains/index.js +3 -0
- package/src/entities/groups/factories/group-factory.js +40 -0
- package/src/entities/groups/factories/index.js +19 -0
- package/src/entities/groups/index.js +22 -0
- package/src/entities/groups/orchestrators/find-group-or-error.js +16 -0
- package/src/entities/groups/orchestrators/index.js +6 -0
- package/src/entities/groups/orchestrators/validate-did.js +24 -0
- package/src/entities/groups/orchestrators/validate-group-by-user.js +16 -0
- package/src/entities/groups/orchestrators/validate-group.js +39 -0
- package/src/entities/groups/repos/delete-tenant-extension.js +13 -0
- package/src/entities/groups/repos/index.js +19 -0
- package/src/entities/groups/repos/repo.js +38 -0
- package/src/entities/groups/repos/update-or-error-extension.js +46 -0
- package/src/entities/index.js +37 -0
- package/src/entities/keys/domains/constants.js +37 -0
- package/src/entities/keys/domains/index.js +21 -0
- package/src/entities/keys/domains/is-matching-private-key-kid.js +41 -0
- package/src/entities/keys/domains/validate-key.js +62 -0
- package/src/entities/keys/factories/index.js +19 -0
- package/src/entities/keys/factories/key-factory.js +56 -0
- package/src/entities/keys/index.js +22 -0
- package/src/entities/keys/orchestrators/index.js +3 -0
- package/src/entities/keys/orchestrators/validate-did-doc-keys.js +69 -0
- package/src/entities/metadata-list-allocations/index.js +19 -0
- package/src/entities/metadata-list-allocations/repos/index.js +19 -0
- package/src/entities/metadata-list-allocations/repos/repo.js +40 -0
- package/src/entities/notifications/domains/index.js +19 -0
- package/src/entities/notifications/domains/notification-types.js +25 -0
- package/src/entities/notifications/index.js +19 -0
- package/src/entities/offers/domains/build-clean-pii-filter.js +35 -0
- package/src/entities/offers/domains/build-deeplink-url.js +120 -0
- package/src/entities/offers/domains/build-offer.js +88 -0
- package/src/entities/offers/domains/build-qr-code-url.js +37 -0
- package/src/entities/offers/domains/constants.js +32 -0
- package/src/entities/offers/domains/filter-object-ids.js +34 -0
- package/src/entities/offers/domains/generate-issuing-challenge.js +26 -0
- package/src/entities/offers/domains/generate-link-code.js +35 -0
- package/src/entities/offers/domains/index.js +31 -0
- package/src/entities/offers/domains/post-validation-offers-handler.js +31 -0
- package/src/entities/offers/domains/prepare-linked-credentials-for-holder.js +36 -0
- package/src/entities/offers/domains/resolve-subject.js +142 -0
- package/src/entities/offers/domains/validate-offer-commercial-entity.js +24 -0
- package/src/entities/offers/domains/validate-offer.js +90 -0
- package/src/entities/offers/factories/index.js +19 -0
- package/src/entities/offers/factories/offer-factory.js +119 -0
- package/src/entities/offers/index.js +22 -0
- package/src/entities/offers/orchestrators/create-verifiable-credentials.js +131 -0
- package/src/entities/offers/orchestrators/finalize-exchange.js +44 -0
- package/src/entities/offers/orchestrators/index.js +23 -0
- package/src/entities/offers/orchestrators/load-credential-refs.js +57 -0
- package/src/entities/offers/orchestrators/load-credential-types-map.js +44 -0
- package/src/entities/offers/orchestrators/prepare-offers.js +35 -0
- package/src/entities/offers/orchestrators/trigger-issued-credentials-webhook.js +63 -0
- package/src/entities/offers/repos/clean-pii-extension.js +85 -0
- package/src/entities/offers/repos/index.js +20 -0
- package/src/entities/offers/repos/issued-credential-projection.js +44 -0
- package/src/entities/offers/repos/repo.js +177 -0
- package/src/entities/presentations/domains/build-identity-doc.js +120 -0
- package/src/entities/presentations/domains/build-request-response-schema.js +46 -0
- package/src/entities/presentations/domains/build-vendor-data.js +31 -0
- package/src/entities/presentations/domains/check-payment-requirement.js +30 -0
- package/src/entities/presentations/domains/errors.js +28 -0
- package/src/entities/presentations/domains/extract-fields-from-id-credential.js +35 -0
- package/src/entities/presentations/domains/index.js +26 -0
- package/src/entities/presentations/domains/merge-credential-check-results.js +24 -0
- package/src/entities/presentations/domains/validate-presentation.js +128 -0
- package/src/entities/presentations/index.js +20 -0
- package/src/entities/presentations/orchestrators/create-presentation-request.js +148 -0
- package/src/entities/presentations/orchestrators/deduplicate-disclosure-exchange.js +52 -0
- package/src/entities/presentations/orchestrators/handle-presentation-submission.js +47 -0
- package/src/entities/presentations/orchestrators/index.js +20 -0
- package/src/entities/presentations/orchestrators/match-identity-on-exchange.js +114 -0
- package/src/entities/presentations/orchestrators/share-identification-credentials.js +110 -0
- package/src/entities/presentations/orchestrators/share-presentation.js +234 -0
- package/src/entities/push-delegate/get-push-delegate.js +37 -0
- package/src/entities/push-delegate/index.js +17 -0
- package/src/entities/redirect/index.js +3 -0
- package/src/entities/redirect/orchestrators/index.js +3 -0
- package/src/entities/redirect/orchestrators/load-org-info.js +40 -0
- package/src/entities/revocation-list-allocations/index.js +19 -0
- package/src/entities/revocation-list-allocations/repos/index.js +19 -0
- package/src/entities/revocation-list-allocations/repos/repo.js +40 -0
- package/src/entities/schemas/index.js +19 -0
- package/src/entities/schemas/orchestrators/index.js +19 -0
- package/src/entities/schemas/orchestrators/load-schema-validation.js +73 -0
- package/src/entities/tenants/domains/build-service-ids.js +27 -0
- package/src/entities/tenants/domains/extract-service.js +27 -0
- package/src/entities/tenants/domains/index.js +21 -0
- package/src/entities/tenants/domains/validate-service-ids.js +35 -0
- package/src/entities/tenants/factories/index.js +19 -0
- package/src/entities/tenants/factories/tenant-factory.js +37 -0
- package/src/entities/tenants/index.js +22 -0
- package/src/entities/tenants/orchestrators/add-primary-address-to-tenant.js +47 -0
- package/src/entities/tenants/orchestrators/create-tenant.js +91 -0
- package/src/entities/tenants/orchestrators/index.js +22 -0
- package/src/entities/tenants/orchestrators/refresh-tenant-dids.js +146 -0
- package/src/entities/tenants/orchestrators/set-tenant-default-issuing-disclosure.js +31 -0
- package/src/entities/tenants/repos/index.js +20 -0
- package/src/entities/tenants/repos/insert-tenant-extension.js +33 -0
- package/src/entities/tenants/repos/repo.js +52 -0
- package/src/entities/tenants/repos/tenant-default-projection.js +33 -0
- package/src/entities/tokens/adapters/access-token.js +49 -0
- package/src/entities/tokens/adapters/index.js +19 -0
- package/src/entities/tokens/index.js +19 -0
- package/src/entities/users/factories/index.js +19 -0
- package/src/entities/users/factories/user-factory.js +36 -0
- package/src/entities/users/index.js +20 -0
- package/src/entities/users/repos/add-anonymous-user-repo-extension.js +23 -0
- package/src/entities/users/repos/find-or-insert-vendor-user-repo-extension.js +30 -0
- package/src/entities/users/repos/index.js +19 -0
- package/src/entities/users/repos/repo.js +50 -0
- package/src/fetchers/index.js +20 -0
- package/src/fetchers/operator/identify-fetcher.js +36 -0
- package/src/fetchers/operator/index.js +21 -0
- package/src/fetchers/operator/inspection-fetcher.js +35 -0
- package/src/fetchers/operator/issuing-fetcher.js +50 -0
- package/src/fetchers/operator/webhook-auth-header.js +45 -0
- package/src/fetchers/push-gateway/generate-push-gateway-token.js +40 -0
- package/src/fetchers/push-gateway/index.js +19 -0
- package/src/fetchers/push-gateway/push-fetcher.js +39 -0
- package/src/index.js +19 -0
- package/src/init-holder-server.js +108 -0
- package/src/init-operator-server.js +101 -0
- package/src/init-server.js +120 -0
- package/src/main-holder.js +18 -0
- package/src/main-operator.js +19 -0
- package/src/main.js +18 -0
- package/src/plugins/autoload-repos.js +28 -0
- package/src/plugins/disclosure-loader-plugin.js +56 -0
- package/src/plugins/ensure-disclosure-active-plugin.js +30 -0
- package/src/plugins/ensure-disclosure-configuration-type-plugin.js +29 -0
- package/src/plugins/ensure-tenant-default-issuing-disclosure-id-plugin.js +60 -0
- package/src/plugins/ensure-tenant-primary-address-plugin.js +44 -0
- package/src/plugins/exchange-error-handler-plugin.js +51 -0
- package/src/plugins/exchange-loader-plugin.js +50 -0
- package/src/plugins/group-loader-plugin.js +51 -0
- package/src/plugins/index.js +32 -0
- package/src/plugins/kms-plugin.js +57 -0
- package/src/plugins/tenant-loader-plugin.js +91 -0
- package/src/plugins/validate-cao-plugin.js +81 -0
- package/src/plugins/vendor-routes-auth-plugin.js +24 -0
- package/src/plugins/verify-access-token-plugin.js +88 -0
- package/src/standalone.js +24 -0
- package/src/start-app-server.js +38 -0
- package/test/combined/app-redirect.test.js +199 -0
- package/test/combined/helpers/credentialagent-build-fastify.js +29 -0
- package/test/combined/helpers/index.js +22 -0
- package/test/combined/helpers/nock-registrar-app-schema-name.js +50 -0
- package/test/combined/helpers/nock-registrar-get-organization-diddoc.js +26 -0
- package/test/combined/helpers/nock-registrar-get-organization-verified-profile.js +33 -0
- package/test/combined/manifest.json.test.js +55 -0
- package/test/combined/root-controller.test.js +42 -0
- package/test/combined/schemas/education-degree.schema.json +166 -0
- package/test/combined/schemas/employment-current-v1.1.schema.json +253 -0
- package/test/combined/schemas/open-badge-credential.schema.json +1285 -0
- package/test/combined/schemas/past-employment-position-with-uri-id.schema.js +22 -0
- package/test/combined/schemas/past-employment-position.schema.json +148 -0
- package/test/combined/schemas/will-always-validate.json +10 -0
- package/test/combined/validate-cao-plugin.test.js +155 -0
- package/test/get-push-delegate.test.js +54 -0
- package/test/helpers/jwt-vc-expectation.js +109 -0
- package/test/holder/build-request-response-schema.test.js +55 -0
- package/test/holder/credential-manifest-controller.test.js +3192 -0
- package/test/holder/e2e-issuing-controller.test.js +425 -0
- package/test/holder/get-exchange-progress-controller.test.js +521 -0
- package/test/holder/get-presentation-request.test.js +906 -0
- package/test/holder/helpers/credential-type-metadata.js +98 -0
- package/test/holder/helpers/credentialagent-holder-build-fastify.js +32 -0
- package/test/holder/helpers/generate-presentation.js +441 -0
- package/test/holder/helpers/generate-test-access-token.js +54 -0
- package/test/holder/helpers/jwt-access-token-expectation.js +32 -0
- package/test/holder/helpers/jwt-vc-expectation.js +115 -0
- package/test/holder/issuing-controller.test.js +7076 -0
- package/test/holder/oauth-token-controller.test.js +412 -0
- package/test/holder/presentation-submission.test.js +2365 -0
- package/test/holder/submit-identification.test.js +4815 -0
- package/test/operator/check-credentials-controller-v0.8.test.js +832 -0
- package/test/operator/credentials-revoke.test.js +536 -0
- package/test/operator/disclosures-controller-v0.8.test.js +4157 -0
- package/test/operator/exchanges-controller-v0.8.test.js +414 -0
- package/test/operator/exchanges-id-controller-v0.8.test.js +162 -0
- package/test/operator/feeds-controller-v0.8.test.js +659 -0
- package/test/operator/generate-push-gateway-token.test.js +116 -0
- package/test/operator/groups-controller.test.js +145 -0
- package/test/operator/groups-id-controller.test.js +287 -0
- package/test/operator/helpers/create-test-org-doc.js +60 -0
- package/test/operator/helpers/credentialagent-operator-build-fastify.js +32 -0
- package/test/operator/helpers/find-kms-key.js +31 -0
- package/test/operator/helpers/generate-primary-and-add-operator-to-primary.js +63 -0
- package/test/operator/helpers/init-agent-kms.js +22 -0
- package/test/operator/issued-credentials-controller-v0.8.test.js +398 -0
- package/test/operator/keys-controller-v0.8.test.js +1130 -0
- package/test/operator/offer-data-controller-v0.8.test.js +253 -0
- package/test/operator/offers-controller-v0.8.test.js +3026 -0
- package/test/operator/set-configuration-type-modifier.test.js +75 -0
- package/test/operator/swagger.test.js +37 -0
- package/test/operator/tenant-controller-v0.8.test.js +730 -0
- package/test/operator/tenant-loader-plugin.test.js +96 -0
- package/test/operator/tenants-controller-v0.8.test.js +2093 -0
- package/test/operator/users-controller-v0.8.test.js +137 -0
- package/test/operator/vc-api-credentials.test.js +963 -0
- package/verification.env +28 -0
|
@@ -0,0 +1,460 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Copyright 2023 Velocity Team
|
|
3
|
+
*
|
|
4
|
+
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
5
|
+
* you may not use this file except in compliance with the License.
|
|
6
|
+
* You may obtain a copy of the License at
|
|
7
|
+
*
|
|
8
|
+
* http://www.apache.org/licenses/LICENSE-2.0
|
|
9
|
+
*
|
|
10
|
+
* Unless required by applicable law or agreed to in writing, software
|
|
11
|
+
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
12
|
+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
13
|
+
* See the License for the specific language governing permissions and
|
|
14
|
+
* limitations under the License.
|
|
15
|
+
*/
|
|
16
|
+
|
|
17
|
+
const newError = require('http-errors');
|
|
18
|
+
const {
|
|
19
|
+
concat,
|
|
20
|
+
filter,
|
|
21
|
+
flow,
|
|
22
|
+
fromPairs,
|
|
23
|
+
includes,
|
|
24
|
+
isEmpty,
|
|
25
|
+
isNil,
|
|
26
|
+
map,
|
|
27
|
+
omit,
|
|
28
|
+
size,
|
|
29
|
+
some,
|
|
30
|
+
isString,
|
|
31
|
+
all,
|
|
32
|
+
values,
|
|
33
|
+
pick,
|
|
34
|
+
} = require('lodash/fp');
|
|
35
|
+
const { hashOffer } = require('@verii/velocity-issuing');
|
|
36
|
+
const {
|
|
37
|
+
ensureExchangeStateValid,
|
|
38
|
+
initValidateOffer,
|
|
39
|
+
prepareLinkedCredentialsForHolder,
|
|
40
|
+
prepareOffers,
|
|
41
|
+
ExchangeStates,
|
|
42
|
+
OfferType,
|
|
43
|
+
OfferMode,
|
|
44
|
+
generateIssuingChallenge,
|
|
45
|
+
ExchangeErrorCodeState,
|
|
46
|
+
} = require('../../../../../entities');
|
|
47
|
+
|
|
48
|
+
const { requestOffersFromVendor } = require('../../../../../fetchers');
|
|
49
|
+
|
|
50
|
+
const controller = async (fastify) => {
|
|
51
|
+
fastify.addHook('preHandler', async (req) =>
|
|
52
|
+
ensureExchangeStateValid(ExchangeErrorCodeState.OFFERS_CLIAMED_SYNCH, req)
|
|
53
|
+
);
|
|
54
|
+
const validateOffer = initValidateOffer(fastify);
|
|
55
|
+
|
|
56
|
+
fastify.post(
|
|
57
|
+
'/',
|
|
58
|
+
{
|
|
59
|
+
schema: fastify.autoSchema({
|
|
60
|
+
body: {
|
|
61
|
+
type: 'object',
|
|
62
|
+
properties: {
|
|
63
|
+
// TODO remove after 15/12/2021
|
|
64
|
+
types: {
|
|
65
|
+
type: 'array',
|
|
66
|
+
items: {
|
|
67
|
+
type: 'string',
|
|
68
|
+
maxLength: 64,
|
|
69
|
+
},
|
|
70
|
+
description:
|
|
71
|
+
'deprecated - provided on earlier step `get-credential-manifest` and saved in Exchange document in DB (`Exchanges` collection)',
|
|
72
|
+
deprecated: true,
|
|
73
|
+
},
|
|
74
|
+
exchangeId: { type: 'string' },
|
|
75
|
+
offerHashes: {
|
|
76
|
+
type: 'array',
|
|
77
|
+
items: {
|
|
78
|
+
type: 'string',
|
|
79
|
+
},
|
|
80
|
+
},
|
|
81
|
+
},
|
|
82
|
+
required: ['exchangeId'],
|
|
83
|
+
},
|
|
84
|
+
response: {
|
|
85
|
+
200: {
|
|
86
|
+
type: 'object',
|
|
87
|
+
properties: {
|
|
88
|
+
offers: {
|
|
89
|
+
type: 'array',
|
|
90
|
+
items: {
|
|
91
|
+
$ref: 'https://velocitycareerlabs.io/holder-offer.schema.json#',
|
|
92
|
+
},
|
|
93
|
+
},
|
|
94
|
+
challenge: {
|
|
95
|
+
type: 'string',
|
|
96
|
+
},
|
|
97
|
+
},
|
|
98
|
+
required: ['offers'],
|
|
99
|
+
},
|
|
100
|
+
502: {
|
|
101
|
+
$ref: 'error#',
|
|
102
|
+
},
|
|
103
|
+
},
|
|
104
|
+
}),
|
|
105
|
+
},
|
|
106
|
+
async (req, reply) => {
|
|
107
|
+
const {
|
|
108
|
+
user: { vendorUserId },
|
|
109
|
+
body: { types = [], offerHashes = [] },
|
|
110
|
+
exchange,
|
|
111
|
+
repos,
|
|
112
|
+
log,
|
|
113
|
+
} = req;
|
|
114
|
+
const { challenge, challengeIssuedAt } = generateIssuingChallenge();
|
|
115
|
+
|
|
116
|
+
await repos.exchanges.addState(
|
|
117
|
+
exchange._id,
|
|
118
|
+
ExchangeStates.OFFERS_REQUESTED
|
|
119
|
+
);
|
|
120
|
+
|
|
121
|
+
const offerMode = loadOfferMode(req);
|
|
122
|
+
const {
|
|
123
|
+
offers,
|
|
124
|
+
status = 200,
|
|
125
|
+
vendorOfferStatuses,
|
|
126
|
+
} = await loadingOffersToModeMap[offerMode](
|
|
127
|
+
{
|
|
128
|
+
vendorUserId,
|
|
129
|
+
types,
|
|
130
|
+
offerHashes,
|
|
131
|
+
},
|
|
132
|
+
req
|
|
133
|
+
);
|
|
134
|
+
|
|
135
|
+
if (status === 202) {
|
|
136
|
+
await repos.exchanges.addState(
|
|
137
|
+
exchange._id,
|
|
138
|
+
ExchangeStates.OFFERS_WAITING_ON_VENDOR,
|
|
139
|
+
{ offerHashes, vendorUserId }
|
|
140
|
+
);
|
|
141
|
+
} else {
|
|
142
|
+
const $set = {
|
|
143
|
+
vendorUserId,
|
|
144
|
+
offerIds: map('_id', offers),
|
|
145
|
+
challenge,
|
|
146
|
+
challengeIssuedAt,
|
|
147
|
+
};
|
|
148
|
+
if (!isEmpty(vendorOfferStatuses)) {
|
|
149
|
+
$set.vendorOfferStatuses = vendorOfferStatuses;
|
|
150
|
+
log.info({
|
|
151
|
+
exchangeId: exchange._id,
|
|
152
|
+
vendorOfferStatuses,
|
|
153
|
+
});
|
|
154
|
+
}
|
|
155
|
+
await repos.exchanges.addState(
|
|
156
|
+
exchange._id,
|
|
157
|
+
ExchangeStates.OFFERS_SENT,
|
|
158
|
+
$set
|
|
159
|
+
);
|
|
160
|
+
}
|
|
161
|
+
|
|
162
|
+
validateInvalidWebhookOffers(vendorOfferStatuses, req);
|
|
163
|
+
|
|
164
|
+
const holderOffers = mapToHolderRepresentation(offers);
|
|
165
|
+
reply.code(status);
|
|
166
|
+
return {
|
|
167
|
+
challenge: isEmpty(holderOffers) ? undefined : challenge,
|
|
168
|
+
offers: holderOffers,
|
|
169
|
+
};
|
|
170
|
+
}
|
|
171
|
+
);
|
|
172
|
+
|
|
173
|
+
const loadOfferMode = (context) => {
|
|
174
|
+
const {
|
|
175
|
+
config: { offerType },
|
|
176
|
+
disclosure: { offerMode },
|
|
177
|
+
} = context;
|
|
178
|
+
|
|
179
|
+
if (isEmpty(offerMode)) {
|
|
180
|
+
return offerType;
|
|
181
|
+
}
|
|
182
|
+
|
|
183
|
+
return offerMode;
|
|
184
|
+
};
|
|
185
|
+
|
|
186
|
+
const loadAllOffers = async (
|
|
187
|
+
{ vendorUserId, types, offerHashes },
|
|
188
|
+
context
|
|
189
|
+
) => {
|
|
190
|
+
const { exchange } = context;
|
|
191
|
+
const skipVendorOffers =
|
|
192
|
+
some({ state: ExchangeStates.OFFERS_RECEIVED }, exchange.events) &&
|
|
193
|
+
some({ state: ExchangeStates.OFFERS_WAITING_ON_VENDOR }, exchange.events);
|
|
194
|
+
return loadOffers(
|
|
195
|
+
{
|
|
196
|
+
vendorUserId,
|
|
197
|
+
types,
|
|
198
|
+
offerHashes,
|
|
199
|
+
skipVendorOffers,
|
|
200
|
+
},
|
|
201
|
+
context
|
|
202
|
+
);
|
|
203
|
+
};
|
|
204
|
+
|
|
205
|
+
const loadWebhookOffers = async (
|
|
206
|
+
{ vendorUserId, types, offerHashes },
|
|
207
|
+
context
|
|
208
|
+
) => {
|
|
209
|
+
const { exchange } = context;
|
|
210
|
+
const skipPrepreparedOffers = !some(
|
|
211
|
+
{ state: ExchangeStates.OFFERS_RECEIVED },
|
|
212
|
+
exchange.events
|
|
213
|
+
);
|
|
214
|
+
return loadOffers(
|
|
215
|
+
{
|
|
216
|
+
vendorUserId,
|
|
217
|
+
types,
|
|
218
|
+
offerHashes,
|
|
219
|
+
skipPrepreparedOffers,
|
|
220
|
+
},
|
|
221
|
+
context
|
|
222
|
+
);
|
|
223
|
+
};
|
|
224
|
+
|
|
225
|
+
const loadPreparedOffers = async (
|
|
226
|
+
{ vendorUserId, types, offerHashes },
|
|
227
|
+
context
|
|
228
|
+
) =>
|
|
229
|
+
loadOffers(
|
|
230
|
+
{
|
|
231
|
+
vendorUserId,
|
|
232
|
+
types,
|
|
233
|
+
offerHashes,
|
|
234
|
+
skipVendorOffers: true,
|
|
235
|
+
},
|
|
236
|
+
context
|
|
237
|
+
);
|
|
238
|
+
|
|
239
|
+
const loadLegacyOffers = async (
|
|
240
|
+
{ vendorUserId, types, offerHashes },
|
|
241
|
+
context
|
|
242
|
+
) => {
|
|
243
|
+
const { exchange } = context;
|
|
244
|
+
const skipVendorOffers = some(
|
|
245
|
+
{ state: ExchangeStates.OFFERS_RECEIVED },
|
|
246
|
+
exchange.events
|
|
247
|
+
);
|
|
248
|
+
return loadOffers(
|
|
249
|
+
{
|
|
250
|
+
vendorUserId,
|
|
251
|
+
types,
|
|
252
|
+
offerHashes,
|
|
253
|
+
filterByExchange: true,
|
|
254
|
+
skipVendorOffers,
|
|
255
|
+
},
|
|
256
|
+
context
|
|
257
|
+
);
|
|
258
|
+
};
|
|
259
|
+
|
|
260
|
+
const loadOffers = async (
|
|
261
|
+
{
|
|
262
|
+
vendorUserId,
|
|
263
|
+
types,
|
|
264
|
+
offerHashes,
|
|
265
|
+
filterByExchange = false,
|
|
266
|
+
skipVendorOffers = false,
|
|
267
|
+
skipPrepreparedOffers = false,
|
|
268
|
+
},
|
|
269
|
+
context
|
|
270
|
+
) => {
|
|
271
|
+
const vendorOfferResults = skipVendorOffers
|
|
272
|
+
? { offers: [], status: 200 }
|
|
273
|
+
: await getVendorOffers(vendorUserId, types, offerHashes, context);
|
|
274
|
+
if (vendorOfferResults.status === 202) {
|
|
275
|
+
return vendorOfferResults;
|
|
276
|
+
}
|
|
277
|
+
const preparedOffers = skipPrepreparedOffers
|
|
278
|
+
? []
|
|
279
|
+
: await context.repos.offers.findUniquePreparedOffers(
|
|
280
|
+
{
|
|
281
|
+
vendorUserId,
|
|
282
|
+
types,
|
|
283
|
+
offerHashes: concat(
|
|
284
|
+
offerHashes,
|
|
285
|
+
map('contentHash.value', vendorOfferResults.offers)
|
|
286
|
+
),
|
|
287
|
+
exchangeId: filterByExchange ? context.exchange._id : undefined,
|
|
288
|
+
},
|
|
289
|
+
context
|
|
290
|
+
);
|
|
291
|
+
return {
|
|
292
|
+
...vendorOfferResults,
|
|
293
|
+
offers: mapOffer(
|
|
294
|
+
[...vendorOfferResults.offers, ...preparedOffers],
|
|
295
|
+
context
|
|
296
|
+
),
|
|
297
|
+
};
|
|
298
|
+
};
|
|
299
|
+
|
|
300
|
+
const mapIssuer = (offer) => ({
|
|
301
|
+
...omit(['issuer'], offer),
|
|
302
|
+
issuer: isString(offer.issuer)
|
|
303
|
+
? offer.issuer
|
|
304
|
+
: pick(['id', 'name', 'image', 'type'], offer.issuer),
|
|
305
|
+
});
|
|
306
|
+
|
|
307
|
+
const mapOffer = (offers, context) => {
|
|
308
|
+
const { storeIssuerAsString } = context.config;
|
|
309
|
+
|
|
310
|
+
if (!storeIssuerAsString) {
|
|
311
|
+
return map((offer) => mapIssuer(offer), offers);
|
|
312
|
+
}
|
|
313
|
+
|
|
314
|
+
return map(
|
|
315
|
+
(offer) => ({
|
|
316
|
+
...omit(['issuer'], offer),
|
|
317
|
+
issuer: isString(offer.issuer)
|
|
318
|
+
? offer.issuer
|
|
319
|
+
: offer.issuer.id.toString(),
|
|
320
|
+
}),
|
|
321
|
+
offers
|
|
322
|
+
);
|
|
323
|
+
};
|
|
324
|
+
|
|
325
|
+
const getVendorOffers = async (vendorUserId, types, offerHashes, context) => {
|
|
326
|
+
const { exchange, tenant, repos } = context;
|
|
327
|
+
|
|
328
|
+
const vendorFilter = {
|
|
329
|
+
vendorUserId,
|
|
330
|
+
vendorOrganizationId: tenant.vendorOrganizationId,
|
|
331
|
+
tenantDID: tenant.did,
|
|
332
|
+
tenantId: tenant._id,
|
|
333
|
+
exchangeId: exchange._id,
|
|
334
|
+
};
|
|
335
|
+
if (types) {
|
|
336
|
+
vendorFilter.types = types;
|
|
337
|
+
}
|
|
338
|
+
|
|
339
|
+
const {
|
|
340
|
+
body: { offers: vendorOffers },
|
|
341
|
+
statusCode,
|
|
342
|
+
} = await requestOffersFromVendor(vendorFilter, context);
|
|
343
|
+
|
|
344
|
+
if (statusCode === 202) {
|
|
345
|
+
return { status: 202, offers: [], offerStatuses: {} };
|
|
346
|
+
}
|
|
347
|
+
|
|
348
|
+
const countOffersWithoutOfferId = flow(
|
|
349
|
+
filter(({ offerId }) => isNil(offerId)),
|
|
350
|
+
size
|
|
351
|
+
)(vendorOffers);
|
|
352
|
+
if (countOffersWithoutOfferId) {
|
|
353
|
+
const err = `${countOffersWithoutOfferId} offer(s) without offerId received from vendor`;
|
|
354
|
+
await repos.exchanges.addState(
|
|
355
|
+
exchange._id,
|
|
356
|
+
ExchangeStates.OFFER_ID_UNDEFINED_ERROR,
|
|
357
|
+
{
|
|
358
|
+
vendorUserId,
|
|
359
|
+
err,
|
|
360
|
+
}
|
|
361
|
+
);
|
|
362
|
+
throw newError(500, err, {
|
|
363
|
+
errorCode: 'upstream_offers_offer_id_missing',
|
|
364
|
+
});
|
|
365
|
+
}
|
|
366
|
+
|
|
367
|
+
const validatedOffersWithStatuses = await buildVendorOfferStatuses(
|
|
368
|
+
vendorOffers,
|
|
369
|
+
offerHashes,
|
|
370
|
+
context
|
|
371
|
+
);
|
|
372
|
+
|
|
373
|
+
const vendorOfferStatuses = flow(
|
|
374
|
+
map(([{ offerId }, status]) => [offerId, status]),
|
|
375
|
+
fromPairs
|
|
376
|
+
)(validatedOffersWithStatuses);
|
|
377
|
+
|
|
378
|
+
const validOffers = flow(
|
|
379
|
+
filter(([, status]) => status === 'OK'),
|
|
380
|
+
map(([offer]) => offer)
|
|
381
|
+
)(validatedOffersWithStatuses);
|
|
382
|
+
|
|
383
|
+
if (isEmpty(validOffers)) {
|
|
384
|
+
return {
|
|
385
|
+
offers: [],
|
|
386
|
+
vendorOfferStatuses,
|
|
387
|
+
};
|
|
388
|
+
}
|
|
389
|
+
const preparedOffers = await prepareOffers(validOffers, context);
|
|
390
|
+
const offers = await repos.offers.insertMany(preparedOffers);
|
|
391
|
+
return {
|
|
392
|
+
offers,
|
|
393
|
+
vendorOfferStatuses,
|
|
394
|
+
};
|
|
395
|
+
};
|
|
396
|
+
|
|
397
|
+
const buildVendorOfferStatuses = async (offers, offerHashes, context) => {
|
|
398
|
+
const doOfferValidation = async (vendorOffer) => {
|
|
399
|
+
try {
|
|
400
|
+
const validatedOffer = await validateOffer(
|
|
401
|
+
vendorOffer,
|
|
402
|
+
true,
|
|
403
|
+
false,
|
|
404
|
+
context
|
|
405
|
+
);
|
|
406
|
+
if (includes(hashOffer(validatedOffer), offerHashes)) {
|
|
407
|
+
return [validatedOffer, 'Duplicate'];
|
|
408
|
+
}
|
|
409
|
+
return [validatedOffer, 'OK'];
|
|
410
|
+
} catch (error) {
|
|
411
|
+
return [vendorOffer, error.message];
|
|
412
|
+
}
|
|
413
|
+
};
|
|
414
|
+
const proms = map(doOfferValidation, offers);
|
|
415
|
+
return Promise.all(proms);
|
|
416
|
+
};
|
|
417
|
+
|
|
418
|
+
const loadingOffersToModeMap = {
|
|
419
|
+
[OfferMode.PRELOADED]: loadPreparedOffers,
|
|
420
|
+
[OfferMode.WEBHOOK]: loadWebhookOffers,
|
|
421
|
+
[OfferType.PREPREPARED_ONLY]: loadPreparedOffers,
|
|
422
|
+
[OfferType.ALL]: loadAllOffers,
|
|
423
|
+
[OfferType.LEGACY]: loadLegacyOffers,
|
|
424
|
+
};
|
|
425
|
+
};
|
|
426
|
+
|
|
427
|
+
const validateInvalidWebhookOffers = (vendorOfferStatuses, context) => {
|
|
428
|
+
const { errorOnInvalidWebhookOffers } = context.config;
|
|
429
|
+
|
|
430
|
+
const allValid = all(
|
|
431
|
+
(status) => status === 'OK',
|
|
432
|
+
values(vendorOfferStatuses)
|
|
433
|
+
);
|
|
434
|
+
|
|
435
|
+
if (!errorOnInvalidWebhookOffers || allValid) {
|
|
436
|
+
return;
|
|
437
|
+
}
|
|
438
|
+
|
|
439
|
+
throw newError(400, 'Invalid webhook offers', {
|
|
440
|
+
errorCode: 'upstream_offers_invalid',
|
|
441
|
+
});
|
|
442
|
+
};
|
|
443
|
+
|
|
444
|
+
const mapToHolderRepresentation = map((offer) => ({
|
|
445
|
+
...omit([
|
|
446
|
+
'_id',
|
|
447
|
+
'issuer.vendorOrganizationId',
|
|
448
|
+
'contentHash',
|
|
449
|
+
'credentialSubject.vendorUserId',
|
|
450
|
+
'createdAt',
|
|
451
|
+
'updatedAt',
|
|
452
|
+
])(offer),
|
|
453
|
+
id: offer._id,
|
|
454
|
+
hash: offer.contentHash.value,
|
|
455
|
+
linkedCredentials: prepareLinkedCredentialsForHolder(offer.linkedCredentials),
|
|
456
|
+
}));
|
|
457
|
+
|
|
458
|
+
module.exports = controller;
|
|
459
|
+
|
|
460
|
+
module.exports.autoPrefix = '/issue/credential-offers';
|
|
@@ -0,0 +1,37 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Copyright 2023 Velocity Team
|
|
3
|
+
*
|
|
4
|
+
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
5
|
+
* you may not use this file except in compliance with the License.
|
|
6
|
+
* You may obtain a copy of the License at
|
|
7
|
+
*
|
|
8
|
+
* http://www.apache.org/licenses/LICENSE-2.0
|
|
9
|
+
*
|
|
10
|
+
* Unless required by applicable law or agreed to in writing, software
|
|
11
|
+
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
12
|
+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
13
|
+
* See the License for the specific language governing permissions and
|
|
14
|
+
* limitations under the License.
|
|
15
|
+
*/
|
|
16
|
+
|
|
17
|
+
const { exchangeLoaderPlugin } = require('../../../../plugins');
|
|
18
|
+
const {
|
|
19
|
+
ensureExchangeStateValid,
|
|
20
|
+
ExchangeErrorCodeState,
|
|
21
|
+
} = require('../../../../entities');
|
|
22
|
+
const {
|
|
23
|
+
presentationSubmissionSchema,
|
|
24
|
+
velocityPresentationSubmissionSchema,
|
|
25
|
+
velocityPresentationSubmissionResponseSchema,
|
|
26
|
+
} = require('../../inspect/schemas');
|
|
27
|
+
|
|
28
|
+
module.exports = async (fastify) => {
|
|
29
|
+
fastify
|
|
30
|
+
.addSchema(presentationSubmissionSchema)
|
|
31
|
+
.addSchema(velocityPresentationSubmissionSchema)
|
|
32
|
+
.addSchema(velocityPresentationSubmissionResponseSchema)
|
|
33
|
+
.register(exchangeLoaderPlugin)
|
|
34
|
+
.addHook('preHandler', async (req) =>
|
|
35
|
+
ensureExchangeStateValid(ExchangeErrorCodeState.EXCHANGE_INVALID, req)
|
|
36
|
+
);
|
|
37
|
+
};
|
|
@@ -0,0 +1,63 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Copyright 2023 Velocity Team
|
|
3
|
+
*
|
|
4
|
+
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
5
|
+
* you may not use this file except in compliance with the License.
|
|
6
|
+
* You may obtain a copy of the License at
|
|
7
|
+
*
|
|
8
|
+
* http://www.apache.org/licenses/LICENSE-2.0
|
|
9
|
+
*
|
|
10
|
+
* Unless required by applicable law or agreed to in writing, software
|
|
11
|
+
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
12
|
+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
13
|
+
* See the License for the specific language governing permissions and
|
|
14
|
+
* limitations under the License.
|
|
15
|
+
*/
|
|
16
|
+
|
|
17
|
+
const {
|
|
18
|
+
verifyVerifiablePresentationJwt,
|
|
19
|
+
} = require('@verii/verifiable-credentials');
|
|
20
|
+
const { handlePresentationSubmission } = require('../../../../entities');
|
|
21
|
+
|
|
22
|
+
const controller = async (fastify) => {
|
|
23
|
+
fastify.post(
|
|
24
|
+
'/',
|
|
25
|
+
{
|
|
26
|
+
preValidation: async (req) => {
|
|
27
|
+
// eslint-disable-next-line better-mutation/no-mutation
|
|
28
|
+
req.body.vp = await verifyVerifiablePresentationJwt(
|
|
29
|
+
req.body.jwt_vp,
|
|
30
|
+
req
|
|
31
|
+
);
|
|
32
|
+
},
|
|
33
|
+
schema: fastify.autoSchema({
|
|
34
|
+
body: {
|
|
35
|
+
type: 'object',
|
|
36
|
+
properties: {
|
|
37
|
+
exchange_id: { type: 'string', description: 'exchange id value' },
|
|
38
|
+
jwt_vp: {
|
|
39
|
+
type: 'string',
|
|
40
|
+
description: 'vp encoded as a jwt signed by the holder',
|
|
41
|
+
},
|
|
42
|
+
vp: {
|
|
43
|
+
$ref: 'https://velocitycareerlabs.io/velocity-presentation-submission.schema.json#',
|
|
44
|
+
description: '--DO-NOT-SEND--',
|
|
45
|
+
},
|
|
46
|
+
},
|
|
47
|
+
},
|
|
48
|
+
response: {
|
|
49
|
+
200: {
|
|
50
|
+
$ref: 'https://velocitycareerlabs.io/velocity-presentation-submission-response.schema.json#',
|
|
51
|
+
},
|
|
52
|
+
...fastify.ConflictResponse,
|
|
53
|
+
...fastify.UnauthorizedResponse,
|
|
54
|
+
},
|
|
55
|
+
}),
|
|
56
|
+
},
|
|
57
|
+
async (req) => handlePresentationSubmission(req.body.vp, req)
|
|
58
|
+
);
|
|
59
|
+
};
|
|
60
|
+
|
|
61
|
+
module.exports = controller;
|
|
62
|
+
|
|
63
|
+
module.exports.autoPrefix = '/issue/submit-identification';
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Copyright 2023 Velocity Team
|
|
3
|
+
*
|
|
4
|
+
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
5
|
+
* you may not use this file except in compliance with the License.
|
|
6
|
+
* You may obtain a copy of the License at
|
|
7
|
+
*
|
|
8
|
+
* http://www.apache.org/licenses/LICENSE-2.0
|
|
9
|
+
*
|
|
10
|
+
* Unless required by applicable law or agreed to in writing, software
|
|
11
|
+
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
12
|
+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
13
|
+
* See the License for the specific language governing permissions and
|
|
14
|
+
* limitations under the License.
|
|
15
|
+
*/
|
|
16
|
+
|
|
17
|
+
module.exports = async (fastify) => {
|
|
18
|
+
fastify.autoSchemaPreset({ tags: ['oauth'] });
|
|
19
|
+
};
|
|
@@ -0,0 +1,140 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Copyright 2023 Velocity Team
|
|
3
|
+
*
|
|
4
|
+
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
5
|
+
* you may not use this file except in compliance with the License.
|
|
6
|
+
* You may obtain a copy of the License at
|
|
7
|
+
*
|
|
8
|
+
* http://www.apache.org/licenses/LICENSE-2.0
|
|
9
|
+
*
|
|
10
|
+
* Unless required by applicable law or agreed to in writing, software
|
|
11
|
+
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
12
|
+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
13
|
+
* See the License for the specific language governing permissions and
|
|
14
|
+
* limitations under the License.
|
|
15
|
+
*/
|
|
16
|
+
|
|
17
|
+
const newError = require('http-errors');
|
|
18
|
+
const { nanoid } = require('nanoid');
|
|
19
|
+
const { initBuildRefreshToken } = require('@verii/crypto');
|
|
20
|
+
const { generateAccessToken } = require('../../../entities/tokens');
|
|
21
|
+
|
|
22
|
+
const buildRefreshToken = initBuildRefreshToken();
|
|
23
|
+
const controller = async (fastify) => {
|
|
24
|
+
fastify.post(
|
|
25
|
+
'/token',
|
|
26
|
+
{
|
|
27
|
+
schema: fastify.autoSchema({
|
|
28
|
+
tags: ['careerwallet'],
|
|
29
|
+
body: {
|
|
30
|
+
type: 'object',
|
|
31
|
+
properties: {
|
|
32
|
+
audience: { type: 'string' },
|
|
33
|
+
client_id: { type: 'string' },
|
|
34
|
+
},
|
|
35
|
+
required: ['audience', 'client_id'],
|
|
36
|
+
oneOf: [
|
|
37
|
+
{
|
|
38
|
+
type: 'object',
|
|
39
|
+
properties: {
|
|
40
|
+
grant_type: {
|
|
41
|
+
type: 'string',
|
|
42
|
+
enum: ['authorization_code'],
|
|
43
|
+
},
|
|
44
|
+
authorization_code: { type: 'string' },
|
|
45
|
+
},
|
|
46
|
+
required: ['grant_type', 'authorization_code'],
|
|
47
|
+
},
|
|
48
|
+
{
|
|
49
|
+
type: 'object',
|
|
50
|
+
properties: {
|
|
51
|
+
grant_type: {
|
|
52
|
+
type: 'string',
|
|
53
|
+
enum: ['refresh_token'],
|
|
54
|
+
},
|
|
55
|
+
refresh_token: { type: 'string' },
|
|
56
|
+
},
|
|
57
|
+
required: ['grant_type', 'refresh_token'],
|
|
58
|
+
},
|
|
59
|
+
],
|
|
60
|
+
},
|
|
61
|
+
response: {
|
|
62
|
+
200: {
|
|
63
|
+
type: 'object',
|
|
64
|
+
properties: {
|
|
65
|
+
access_token: { type: 'string' },
|
|
66
|
+
refresh_token: { type: 'string' },
|
|
67
|
+
token_type: { type: 'string', enum: ['Bearer'] },
|
|
68
|
+
},
|
|
69
|
+
required: ['access_token', 'token_type'],
|
|
70
|
+
},
|
|
71
|
+
...fastify.UnauthorizedResponse,
|
|
72
|
+
},
|
|
73
|
+
}),
|
|
74
|
+
},
|
|
75
|
+
async (req) => {
|
|
76
|
+
const { body, repos } = req;
|
|
77
|
+
const {
|
|
78
|
+
grant_type: grantType,
|
|
79
|
+
authorization_code: authorizationCode,
|
|
80
|
+
refresh_token: reqRefreshToken,
|
|
81
|
+
client_id: clientId,
|
|
82
|
+
} = body;
|
|
83
|
+
|
|
84
|
+
validateOauthRequest(body, req);
|
|
85
|
+
|
|
86
|
+
const feed = await matchFeed(
|
|
87
|
+
{
|
|
88
|
+
grantType,
|
|
89
|
+
authorizationCode,
|
|
90
|
+
refreshToken: reqRefreshToken,
|
|
91
|
+
clientId,
|
|
92
|
+
},
|
|
93
|
+
req
|
|
94
|
+
);
|
|
95
|
+
const user = await repos.vendorUserIdMappings.findOrInsertVendorUser(
|
|
96
|
+
feed
|
|
97
|
+
);
|
|
98
|
+
|
|
99
|
+
const refreshToken = buildRefreshToken();
|
|
100
|
+
await repos.feeds.update(`${feed._id}`, { clientId, refreshToken });
|
|
101
|
+
const accessToken = await generateAccessToken(
|
|
102
|
+
nanoid(),
|
|
103
|
+
`${user._id}`,
|
|
104
|
+
null,
|
|
105
|
+
null,
|
|
106
|
+
req
|
|
107
|
+
);
|
|
108
|
+
return {
|
|
109
|
+
access_token: accessToken,
|
|
110
|
+
refresh_token: refreshToken,
|
|
111
|
+
token_type: 'Bearer',
|
|
112
|
+
};
|
|
113
|
+
}
|
|
114
|
+
);
|
|
115
|
+
};
|
|
116
|
+
|
|
117
|
+
const matchFeed = async (
|
|
118
|
+
{ grantType, authorizationCode, refreshToken, clientId },
|
|
119
|
+
ctx
|
|
120
|
+
) => {
|
|
121
|
+
const { repos } = ctx;
|
|
122
|
+
const filter =
|
|
123
|
+
grantType === 'authorization_code'
|
|
124
|
+
? { preauthCode: authorizationCode }
|
|
125
|
+
: { refreshToken, clientId };
|
|
126
|
+
const sort = { updatedAt: -1 };
|
|
127
|
+
const feed = await repos.feeds.findOne({ filter, sort });
|
|
128
|
+
if (feed == null) {
|
|
129
|
+
throw newError.Unauthorized();
|
|
130
|
+
}
|
|
131
|
+
return feed;
|
|
132
|
+
};
|
|
133
|
+
|
|
134
|
+
const validateOauthRequest = (body, ctx) => {
|
|
135
|
+
if (body.audience !== ctx.tenant.did) {
|
|
136
|
+
throw newError.BadRequest('Bad audience');
|
|
137
|
+
}
|
|
138
|
+
};
|
|
139
|
+
|
|
140
|
+
module.exports = controller;
|