gdc-common-utils-ts 1.4.7 → 1.4.10

package/dist/models/bundle.d.ts

@@ -17,10 +17,9 @@
  *     such as registering one organization or creating one employee. It has a strict
  *     structure:
  *     - `type`: A string that defines the business action (e.g., 'Organization-registration-offer-v1.0').
- *     - `meta`: A **TOP-LEVEL** property containing the original `claims` for the operation.
- *               This is crucial for both processing and error reporting.
- *     - `resource`: A FHIR-like resource object that is the subject of the action. It
- *                   contains the structured data derived from the claims.
+ *     - `resource.meta.claims`: Canonical location for claims in request entries.
+ *     - `meta.claims`: Legacy compatibility location accepted during migration.
+ *     - `resource`: A FHIR-like resource object that is the subject of the action.
  *     - `request`/`response`: Contextual objects indicating the operation's details or result.
  */
 import { OperationOutcome } from "./operation-outcome";
@@ -50,6 +49,22 @@ export interface BundleEntryMeta {
     /** The original, flattened claims record for this specific entry. */
     claims?: Record<string, any>;
 }
+/**
+ * Canonical resource shape for batch-style entries.
+ * Claims should be authored in `resource.meta.claims`.
+ */
+/**
+ * Agnostic resource shape for batch-style entries.
+ * Canonical claims location: resource.meta.claims
+ * Allows any resource structure, but meta.claims is always present for business logic.
+ */
+export interface BundleEntryResource {
+    meta?: {
+        claims?: Record<string, any>;
+        [key: string]: any;
+    };
+    resourceType?: string;
+}
 /**
  * @deprecated Use `BundleEntry` instead. This will be removed in a future version.
  * Represents a single entry in an INCOMING request Bundle.
@@ -58,7 +73,8 @@ export interface BundleEntryRequest {
     id?: string;
     type: string;
     request: BundleRequest;
-    resource?: Record<string, any>;
+    resource?: BundleEntryResource;
+    /** @deprecated Legacy claims location. Prefer resource.meta.claims. */
     meta?: BundleEntryMeta;
 }
 /**
@@ -69,7 +85,8 @@ export interface BundleEntryResponse {
     id?: string;
     type: string;
     response: BundleResponse;
-    resource?: Record<string, any>;
+    resource?: BundleEntryResource;
+    /** @deprecated Legacy claims location. Prefer resource.meta.claims. */
     meta?: BundleEntryMeta;
 }
 /**
@@ -100,16 +117,18 @@ export interface ErrorEntry {
  * This structure is used for both requests and successful responses.
  *
  * @property {string} type - A string identifying the business action of the entry.
- * @property {BundleEntryMeta} meta - **(TOP-LEVEL PROPERTY)** Contains the original, unprocessed claims.
  * @property {object} resource - The primary FHIR-like resource that is the subject of the action.
+ *                               Canonical claims location is `resource.meta.claims`.
+ * @property {BundleEntryMeta} [meta] - Legacy top-level claims location for backward compatibility.
  * @property {BundleRequest} [request] - Details of the requested operation (for request bundles).
  * @property {BundleResponse} [response] - Details of the operation outcome (for response bundles).
  */
 export type BundleEntry = {
     id?: string;
     type: string;
+    /** @deprecated Legacy claims location. Prefer resource.meta.claims. */
     meta?: BundleEntryMeta;
-    resource?: Record<string, any>;
+    resource?: BundleEntryResource;
     request?: BundleRequest;
     response?: BundleResponse;
 };

package/dist/models/bundle.js

@@ -17,10 +17,9 @@
  *     such as registering one organization or creating one employee. It has a strict
  *     structure:
  *     - `type`: A string that defines the business action (e.g., 'Organization-registration-offer-v1.0').
- *     - `meta`: A **TOP-LEVEL** property containing the original `claims` for the operation.
- *               This is crucial for both processing and error reporting.
- *     - `resource`: A FHIR-like resource object that is the subject of the action. It
- *                   contains the structured data derived from the claims.
+ *     - `resource.meta.claims`: Canonical location for claims in request entries.
+ *     - `meta.claims`: Legacy compatibility location accepted during migration.
+ *     - `resource`: A FHIR-like resource object that is the subject of the action.
  *     - `request`/`response`: Contextual objects indicating the operation's details or result.
  */
 export {};

package/dist/utils/didcomm-submit-policy.d.ts

@@ -0,0 +1,10 @@
+export type CommunicationMode = 'plain' | 'strict' | 'auto-detect';
+export type DidcommSubmissionCapabilities = {
+    hasRecipientEncryptionJwk: boolean;
+};
+export type DidcommSubmissionPlan = {
+    mode: CommunicationMode;
+    submitKind: 'plain' | 'encrypted';
+    reason: 'plain-mode' | 'strict-mode' | 'auto-detect-encrypted' | 'auto-detect-plain';
+};
+export declare function resolveDidcommSubmissionPlan(mode: CommunicationMode, capabilities: DidcommSubmissionCapabilities): DidcommSubmissionPlan;

package/dist/utils/didcomm-submit-policy.js

@@ -0,0 +1,15 @@
+export function resolveDidcommSubmissionPlan(mode, capabilities) {
+    if (mode === 'plain') {
+        return { mode, submitKind: 'plain', reason: 'plain-mode' };
+    }
+    if (mode === 'strict') {
+        if (!capabilities.hasRecipientEncryptionJwk) {
+            throw new Error('strict mode requires recipient encryption JWK.');
+        }
+        return { mode, submitKind: 'encrypted', reason: 'strict-mode' };
+    }
+    if (capabilities.hasRecipientEncryptionJwk) {
+        return { mode, submitKind: 'encrypted', reason: 'auto-detect-encrypted' };
+    }
+    return { mode, submitKind: 'plain', reason: 'auto-detect-plain' };
+}

package/dist/utils/didcomm-submit.d.ts

@@ -0,0 +1,34 @@
+import { CommunicationMode } from './didcomm-submit-policy';
+export type DidcommFetchInit = {
+    method: 'POST';
+    headers: Record<string, string>;
+    body: string;
+};
+export type DidcommFetchResponse = {
+    status: number;
+    headers?: {
+        get(name: string): string | null;
+    };
+    json?: () => Promise<unknown>;
+    text?: () => Promise<string>;
+};
+export type DidcommFetchLike = (url: string, init: DidcommFetchInit) => Promise<DidcommFetchResponse>;
+export type DidcommSubmitInput = {
+    mode: CommunicationMode;
+    url: string;
+    payload: Record<string, unknown>;
+    defaultHeaders?: Record<string, string>;
+    bearerToken?: string;
+    recipientEncryptionJwk?: unknown;
+    fetcher: DidcommFetchLike;
+    signCompactJws?: (claims: Record<string, unknown>) => Promise<string>;
+    encryptCompactJwe?: (compactJws: string, recipientEncryptionJwk: unknown) => Promise<string>;
+};
+export type DidcommSubmitResult = {
+    status: number;
+    location?: string;
+    body: unknown;
+    submitKind: 'plain' | 'encrypted';
+    contentType: 'application/didcomm-plaintext+json' | 'application/didcomm-encrypted+json';
+};
+export declare function submitDidcomm(input: DidcommSubmitInput): Promise<DidcommSubmitResult>;

package/dist/utils/didcomm-submit.js

@@ -0,0 +1,75 @@
+import { resolveDidcommSubmissionPlan } from './didcomm-submit-policy.js';
+function getHeaderValue(headers, name) {
+    if (!headers || typeof headers.get !== 'function') {
+        return undefined;
+    }
+    const value = headers.get(name);
+    return value == null ? undefined : value;
+}
+async function parseBody(response) {
+    if (typeof response.json === 'function') {
+        try {
+            return await response.json();
+        }
+        catch {
+            // Continue to text fallback.
+        }
+    }
+    if (typeof response.text === 'function') {
+        const raw = await response.text();
+        if (!raw)
+            return undefined;
+        try {
+            return JSON.parse(raw);
+        }
+        catch {
+            return raw;
+        }
+    }
+    return undefined;
+}
+export async function submitDidcomm(input) {
+    const plan = resolveDidcommSubmissionPlan(input.mode, {
+        hasRecipientEncryptionJwk: !!input.recipientEncryptionJwk,
+    });
+    const headers = {
+        ...(input.defaultHeaders ?? {}),
+        Accept: 'application/json, application/didcomm-plaintext+json, */*',
+    };
+    let body;
+    let contentType;
+    if (plan.submitKind === 'plain') {
+        contentType = 'application/didcomm-plaintext+json';
+        body = JSON.stringify(input.payload);
+    }
+    else {
+        if (!input.signCompactJws) {
+            throw new Error('Encrypted DIDComm submission requires signCompactJws callback.');
+        }
+        if (!input.encryptCompactJwe) {
+            throw new Error('Encrypted DIDComm submission requires encryptCompactJwe callback.');
+        }
+        if (!input.recipientEncryptionJwk) {
+            throw new Error('Encrypted DIDComm submission requires recipientEncryptionJwk.');
+        }
+        const compactJws = await input.signCompactJws(input.payload);
+        body = await input.encryptCompactJwe(compactJws, input.recipientEncryptionJwk);
+        contentType = 'application/didcomm-encrypted+json';
+    }
+    headers['Content-Type'] = contentType;
+    if (input.bearerToken) {
+        headers.Authorization = `Bearer ${input.bearerToken}`;
+    }
+    const response = await input.fetcher(input.url, {
+        method: 'POST',
+        headers,
+        body,
+    });
+    return {
+        status: response.status,
+        location: getHeaderValue(response.headers, 'location'),
+        body: await parseBody(response),
+        submitKind: plan.submitKind,
+        contentType,
+    };
+}

package/dist/utils/index.d.ts

@@ -6,6 +6,8 @@ export * from './content';
 export * from './consent';
 export * from './did';
 export * from './didcomm';
+export * from './didcomm-submit';
+export * from './didcomm-submit-policy';
 export * from './format-converter';
 export * from './fhir-cid';
 export * from './jwt';
@@ -15,3 +17,4 @@ export * from './multibasehash';
 export * from './normalize';
 export * from './object-convert';
 export * from './normalize-uuid';
+export * from './vp-token';

package/dist/utils/index.js

@@ -6,6 +6,8 @@ export * from './content.js';
 export * from './consent.js';
 export * from './did.js';
 export * from './didcomm.js';
+export * from './didcomm-submit.js';
+export * from './didcomm-submit-policy.js';
 export * from './format-converter.js';
 export * from './fhir-cid.js';
 export * from './jwt.js';
@@ -15,3 +17,4 @@ export * from './multibasehash.js';
 export * from './normalize.js';
 export * from './object-convert.js';
 export * from './normalize-uuid.js';
+export * from './vp-token.js';

package/dist/utils/vp-token.d.ts

@@ -0,0 +1,37 @@
+export type VpTokenHeader = {
+    alg: string;
+    typ?: string;
+    kid?: string;
+    [key: string]: unknown;
+};
+export type VpTokenPayload = {
+    iss: string;
+    sub?: string;
+    aud?: string;
+    jti?: string;
+    iat?: number;
+    exp?: number;
+    nonce?: string;
+    vp: {
+        '@context'?: unknown;
+        type?: unknown;
+        holder?: string;
+        verifiableCredential: string[];
+        [key: string]: unknown;
+    };
+    [key: string]: unknown;
+};
+export declare function generateUuidLike(): string;
+export declare function buildEpochWindow(ttlSeconds?: number): {
+    iat: number;
+    exp: number;
+};
+export declare function createVP(input?: Partial<VpTokenPayload>): VpTokenPayload;
+export declare function addVC(vpPayload: VpTokenPayload, vcJwt: string): VpTokenPayload;
+export declare function prepareForSignature(header: VpTokenHeader, payload: VpTokenPayload): {
+    encodedHeader: string;
+    encodedPayload: string;
+    signingInput: string;
+};
+export declare function prepareBytesForSignature(header: VpTokenHeader, payload: VpTokenPayload): Uint8Array;
+export declare function buildVpTokenCompact(encodedHeader: string, encodedPayload: string, signatureBase64Url: string): string;

package/dist/utils/vp-token.js

@@ -0,0 +1,60 @@
+import { Content } from './content.js';
+function fallbackId() {
+    const rand = Math.random().toString(36).slice(2, 10);
+    return `id-${Date.now()}-${rand}`;
+}
+export function generateUuidLike() {
+    const fn = globalThis?.crypto?.randomUUID;
+    if (typeof fn === 'function')
+        return fn.call(globalThis.crypto);
+    return fallbackId();
+}
+export function buildEpochWindow(ttlSeconds = 300) {
+    const iat = Math.floor(Date.now() / 1000);
+    return { iat, exp: iat + Math.max(1, Math.floor(ttlSeconds)) };
+}
+export function createVP(input) {
+    const ttl = input?.exp && input?.iat ? undefined : buildEpochWindow(300);
+    const jti = input?.jti || generateUuidLike();
+    const nonce = input?.nonce || generateUuidLike();
+    const base = {
+        iss: String(input?.iss || ''),
+        sub: input?.sub,
+        aud: input?.aud,
+        jti,
+        iat: input?.iat ?? ttl?.iat,
+        exp: input?.exp ?? ttl?.exp,
+        nonce,
+        vp: {
+            '@context': ['https://www.w3.org/2018/credentials/v1'],
+            type: ['VerifiablePresentation'],
+            holder: input?.vp?.holder || input?.iss || '',
+            verifiableCredential: [],
+            ...(input?.vp || {}),
+        },
+    };
+    return base;
+}
+export function addVC(vpPayload, vcJwt) {
+    const v = String(vcJwt || '').trim();
+    if (!v)
+        return vpPayload;
+    vpPayload.vp.verifiableCredential.push(v);
+    return vpPayload;
+}
+export function prepareForSignature(header, payload) {
+    const encodedHeader = Content.objectToRawBase64UrlSafe(header);
+    const encodedPayload = Content.objectToRawBase64UrlSafe(payload);
+    return {
+        encodedHeader,
+        encodedPayload,
+        signingInput: `${encodedHeader}.${encodedPayload}`,
+    };
+}
+export function prepareBytesForSignature(header, payload) {
+    const { signingInput } = prepareForSignature(header, payload);
+    return new TextEncoder().encode(signingInput);
+}
+export function buildVpTokenCompact(encodedHeader, encodedPayload, signatureBase64Url) {
+    return `${encodedHeader}.${encodedPayload}.${String(signatureBase64Url || '').trim()}`;
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "gdc-common-utils-ts",
-  "version": "1.4.7",
+  "version": "1.4.10",
   "publishConfig": {
     "access": "public"
   },