gdc-common-utils-ts 1.4.8 → 1.4.10

package/dist/utils/didcomm-submit-policy.d.ts

@@ -0,0 +1,10 @@
+export type CommunicationMode = 'plain' | 'strict' | 'auto-detect';
+export type DidcommSubmissionCapabilities = {
+    hasRecipientEncryptionJwk: boolean;
+};
+export type DidcommSubmissionPlan = {
+    mode: CommunicationMode;
+    submitKind: 'plain' | 'encrypted';
+    reason: 'plain-mode' | 'strict-mode' | 'auto-detect-encrypted' | 'auto-detect-plain';
+};
+export declare function resolveDidcommSubmissionPlan(mode: CommunicationMode, capabilities: DidcommSubmissionCapabilities): DidcommSubmissionPlan;

package/dist/utils/didcomm-submit-policy.js

@@ -0,0 +1,15 @@
+export function resolveDidcommSubmissionPlan(mode, capabilities) {
+    if (mode === 'plain') {
+        return { mode, submitKind: 'plain', reason: 'plain-mode' };
+    }
+    if (mode === 'strict') {
+        if (!capabilities.hasRecipientEncryptionJwk) {
+            throw new Error('strict mode requires recipient encryption JWK.');
+        }
+        return { mode, submitKind: 'encrypted', reason: 'strict-mode' };
+    }
+    if (capabilities.hasRecipientEncryptionJwk) {
+        return { mode, submitKind: 'encrypted', reason: 'auto-detect-encrypted' };
+    }
+    return { mode, submitKind: 'plain', reason: 'auto-detect-plain' };
+}

package/dist/utils/didcomm-submit.d.ts

@@ -0,0 +1,34 @@
+import { CommunicationMode } from './didcomm-submit-policy';
+export type DidcommFetchInit = {
+    method: 'POST';
+    headers: Record<string, string>;
+    body: string;
+};
+export type DidcommFetchResponse = {
+    status: number;
+    headers?: {
+        get(name: string): string | null;
+    };
+    json?: () => Promise<unknown>;
+    text?: () => Promise<string>;
+};
+export type DidcommFetchLike = (url: string, init: DidcommFetchInit) => Promise<DidcommFetchResponse>;
+export type DidcommSubmitInput = {
+    mode: CommunicationMode;
+    url: string;
+    payload: Record<string, unknown>;
+    defaultHeaders?: Record<string, string>;
+    bearerToken?: string;
+    recipientEncryptionJwk?: unknown;
+    fetcher: DidcommFetchLike;
+    signCompactJws?: (claims: Record<string, unknown>) => Promise<string>;
+    encryptCompactJwe?: (compactJws: string, recipientEncryptionJwk: unknown) => Promise<string>;
+};
+export type DidcommSubmitResult = {
+    status: number;
+    location?: string;
+    body: unknown;
+    submitKind: 'plain' | 'encrypted';
+    contentType: 'application/didcomm-plaintext+json' | 'application/didcomm-encrypted+json';
+};
+export declare function submitDidcomm(input: DidcommSubmitInput): Promise<DidcommSubmitResult>;

package/dist/utils/didcomm-submit.js

@@ -0,0 +1,75 @@
+import { resolveDidcommSubmissionPlan } from './didcomm-submit-policy.js';
+function getHeaderValue(headers, name) {
+    if (!headers || typeof headers.get !== 'function') {
+        return undefined;
+    }
+    const value = headers.get(name);
+    return value == null ? undefined : value;
+}
+async function parseBody(response) {
+    if (typeof response.json === 'function') {
+        try {
+            return await response.json();
+        }
+        catch {
+            // Continue to text fallback.
+        }
+    }
+    if (typeof response.text === 'function') {
+        const raw = await response.text();
+        if (!raw)
+            return undefined;
+        try {
+            return JSON.parse(raw);
+        }
+        catch {
+            return raw;
+        }
+    }
+    return undefined;
+}
+export async function submitDidcomm(input) {
+    const plan = resolveDidcommSubmissionPlan(input.mode, {
+        hasRecipientEncryptionJwk: !!input.recipientEncryptionJwk,
+    });
+    const headers = {
+        ...(input.defaultHeaders ?? {}),
+        Accept: 'application/json, application/didcomm-plaintext+json, */*',
+    };
+    let body;
+    let contentType;
+    if (plan.submitKind === 'plain') {
+        contentType = 'application/didcomm-plaintext+json';
+        body = JSON.stringify(input.payload);
+    }
+    else {
+        if (!input.signCompactJws) {
+            throw new Error('Encrypted DIDComm submission requires signCompactJws callback.');
+        }
+        if (!input.encryptCompactJwe) {
+            throw new Error('Encrypted DIDComm submission requires encryptCompactJwe callback.');
+        }
+        if (!input.recipientEncryptionJwk) {
+            throw new Error('Encrypted DIDComm submission requires recipientEncryptionJwk.');
+        }
+        const compactJws = await input.signCompactJws(input.payload);
+        body = await input.encryptCompactJwe(compactJws, input.recipientEncryptionJwk);
+        contentType = 'application/didcomm-encrypted+json';
+    }
+    headers['Content-Type'] = contentType;
+    if (input.bearerToken) {
+        headers.Authorization = `Bearer ${input.bearerToken}`;
+    }
+    const response = await input.fetcher(input.url, {
+        method: 'POST',
+        headers,
+        body,
+    });
+    return {
+        status: response.status,
+        location: getHeaderValue(response.headers, 'location'),
+        body: await parseBody(response),
+        submitKind: plan.submitKind,
+        contentType,
+    };
+}

package/dist/utils/index.d.ts

@@ -6,6 +6,8 @@ export * from './content';
 export * from './consent';
 export * from './did';
 export * from './didcomm';
+export * from './didcomm-submit';
+export * from './didcomm-submit-policy';
 export * from './format-converter';
 export * from './fhir-cid';
 export * from './jwt';
@@ -15,3 +17,4 @@ export * from './multibasehash';
 export * from './normalize';
 export * from './object-convert';
 export * from './normalize-uuid';
+export * from './vp-token';

package/dist/utils/index.js

@@ -6,6 +6,8 @@ export * from './content.js';
 export * from './consent.js';
 export * from './did.js';
 export * from './didcomm.js';
+export * from './didcomm-submit.js';
+export * from './didcomm-submit-policy.js';
 export * from './format-converter.js';
 export * from './fhir-cid.js';
 export * from './jwt.js';
@@ -15,3 +17,4 @@ export * from './multibasehash.js';
 export * from './normalize.js';
 export * from './object-convert.js';
 export * from './normalize-uuid.js';
+export * from './vp-token.js';

package/dist/utils/vp-token.d.ts

@@ -0,0 +1,37 @@
+export type VpTokenHeader = {
+    alg: string;
+    typ?: string;
+    kid?: string;
+    [key: string]: unknown;
+};
+export type VpTokenPayload = {
+    iss: string;
+    sub?: string;
+    aud?: string;
+    jti?: string;
+    iat?: number;
+    exp?: number;
+    nonce?: string;
+    vp: {
+        '@context'?: unknown;
+        type?: unknown;
+        holder?: string;
+        verifiableCredential: string[];
+        [key: string]: unknown;
+    };
+    [key: string]: unknown;
+};
+export declare function generateUuidLike(): string;
+export declare function buildEpochWindow(ttlSeconds?: number): {
+    iat: number;
+    exp: number;
+};
+export declare function createVP(input?: Partial<VpTokenPayload>): VpTokenPayload;
+export declare function addVC(vpPayload: VpTokenPayload, vcJwt: string): VpTokenPayload;
+export declare function prepareForSignature(header: VpTokenHeader, payload: VpTokenPayload): {
+    encodedHeader: string;
+    encodedPayload: string;
+    signingInput: string;
+};
+export declare function prepareBytesForSignature(header: VpTokenHeader, payload: VpTokenPayload): Uint8Array;
+export declare function buildVpTokenCompact(encodedHeader: string, encodedPayload: string, signatureBase64Url: string): string;

package/dist/utils/vp-token.js

@@ -0,0 +1,60 @@
+import { Content } from './content.js';
+function fallbackId() {
+    const rand = Math.random().toString(36).slice(2, 10);
+    return `id-${Date.now()}-${rand}`;
+}
+export function generateUuidLike() {
+    const fn = globalThis?.crypto?.randomUUID;
+    if (typeof fn === 'function')
+        return fn.call(globalThis.crypto);
+    return fallbackId();
+}
+export function buildEpochWindow(ttlSeconds = 300) {
+    const iat = Math.floor(Date.now() / 1000);
+    return { iat, exp: iat + Math.max(1, Math.floor(ttlSeconds)) };
+}
+export function createVP(input) {
+    const ttl = input?.exp && input?.iat ? undefined : buildEpochWindow(300);
+    const jti = input?.jti || generateUuidLike();
+    const nonce = input?.nonce || generateUuidLike();
+    const base = {
+        iss: String(input?.iss || ''),
+        sub: input?.sub,
+        aud: input?.aud,
+        jti,
+        iat: input?.iat ?? ttl?.iat,
+        exp: input?.exp ?? ttl?.exp,
+        nonce,
+        vp: {
+            '@context': ['https://www.w3.org/2018/credentials/v1'],
+            type: ['VerifiablePresentation'],
+            holder: input?.vp?.holder || input?.iss || '',
+            verifiableCredential: [],
+            ...(input?.vp || {}),
+        },
+    };
+    return base;
+}
+export function addVC(vpPayload, vcJwt) {
+    const v = String(vcJwt || '').trim();
+    if (!v)
+        return vpPayload;
+    vpPayload.vp.verifiableCredential.push(v);
+    return vpPayload;
+}
+export function prepareForSignature(header, payload) {
+    const encodedHeader = Content.objectToRawBase64UrlSafe(header);
+    const encodedPayload = Content.objectToRawBase64UrlSafe(payload);
+    return {
+        encodedHeader,
+        encodedPayload,
+        signingInput: `${encodedHeader}.${encodedPayload}`,
+    };
+}
+export function prepareBytesForSignature(header, payload) {
+    const { signingInput } = prepareForSignature(header, payload);
+    return new TextEncoder().encode(signingInput);
+}
+export function buildVpTokenCompact(encodedHeader, encodedPayload, signatureBase64Url) {
+    return `${encodedHeader}.${encodedPayload}.${String(signatureBase64Url || '').trim()}`;
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "gdc-common-utils-ts",
-  "version": "1.4.8",
+  "version": "1.4.10",
   "publishConfig": {
     "access": "public"
   },