UNPKG

@didtools/cacao

Version:
102 lines (101 loc) 4.14 kB
import * as multiformats from 'multiformats'; import type { Cacao, SignedCacao } from '@didtools/codecs'; import { SiweMessage } from './siwx/siwe.js'; import { SiwsMessage } from './siwx/siws.js'; import { SiwTezosMessage } from './siwx/siwTezos.js'; import { SiwStacksMessage } from './siwx/siwStacks'; export declare const LEGACY_CHAIN_ID_REORG_DATE: number; export type { CacaoHeader as Header, CacaoPayload as Payload, CacaoSignature as Signature, SignedCacao, } from '@didtools/codecs'; export type CacaoBlock = { value: Cacao; cid: multiformats.CID; bytes: Uint8Array; }; export type Verifiers = Record<string, CacaoVerifier>; export type CacaoVerifier = (cacao: Cacao, opts: VerifyOptions) => Promise<void>; export type AuthMethod = (opts: AuthMethodOpts) => Promise<Cacao>; export type Payload = { domain: string; iss: string; aud: string; version: string; nonce: string; iat: string; nbf?: string; exp?: string; statement?: string; requestId?: string; resources?: Array<string>; }; export type VerifyOptions = { /** * @param verifiers - object of supported verification methods to verify given cacao */ verifiers: Verifiers; /** * @param atTime - the point in time the capability is being verified for */ atTime?: Date; /** * @param expPhaseOutSecs - Number of seconds that a capability stays valid for after it was expired */ revocationPhaseOutSecs?: number; /** * @param clockSkewSecs - Number of seconds of clock tolerance when verifying iat, nbf, and exp */ clockSkewSecs?: number; /** * @param disableExpirationCheck - Do not verify expiration time */ disableExpirationCheck?: boolean; }; export type AuthMethodOpts = { /**RFC 4501 dns authority that is requesting the signing. */ domain?: string; /**Ethereum address performing the signing conformant to capitalization * encoded checksum specified in EIP-55 where applicable. */ address?: string; /**Human-readable ASCII assertion that the user will sign, and it must not * contain `\n`. */ statement?: string; /**RFC 3986 URI referring to the resource that is the subject of the signing * (as in the __subject__ of a claim). */ uri?: string; /**Current version of the message. */ version?: string; /**Randomized token used to prevent replay attacks, at least 8 alphanumeric * characters. */ nonce?: string; /**ISO 8601 datetime string of the current time. */ issuedAt?: string; /**ISO 8601 datetime string that, if present, indicates when the signed * authentication message is no longer valid. */ expirationTime?: string; /**ISO 8601 datetime string that, if present, indicates when the signed * authentication message will become valid. */ notBefore?: string; /**System-specific identifier that may be used to uniquely refer to the * sign-in request. */ requestId?: string; /**EIP-155 Chain ID to which the session is bound, and the network where * Contract Accounts must be resolved. */ chainId?: string; /**List of information or references to information the user wishes to have * resolved as part of authentication by the relying party. They are * expressed as RFC 3986 URIs separated by `\n- `. */ resources?: Array<string>; }; export declare namespace Cacao { function fromSiweMessage(siweMessage: SiweMessage): Cacao; function fromSiwsMessage(siwsMessage: SiwsMessage): Cacao; function fromSiwTezosMessage(siwTezosMessage: SiwTezosMessage): Cacao; function fromSiwStacksMessage(siwStacksMessage: SiwStacksMessage): Cacao; function fromBlockBytes(bytes: Uint8Array): Promise<Cacao>; function verify(cacao: Cacao, opts?: VerifyOptions): Promise<void>; } export type Cacao = Cacao; export declare namespace CacaoBlock { function fromCacao(cacao: Cacao): Promise<CacaoBlock>; } export declare function assertSigned(cacao: Cacao): asserts cacao is SignedCacao; export declare function verifyTimeChecks(cacao: Cacao, options: VerifyOptions): void;