@didtools/cacao
Version:
Typescript library for Ceramic OCAP
102 lines (101 loc) • 4.14 kB
TypeScript
import * as multiformats from 'multiformats';
import type { Cacao, SignedCacao } from '@didtools/codecs';
import { SiweMessage } from './siwx/siwe.js';
import { SiwsMessage } from './siwx/siws.js';
import { SiwTezosMessage } from './siwx/siwTezos.js';
import { SiwStacksMessage } from './siwx/siwStacks';
export declare const LEGACY_CHAIN_ID_REORG_DATE: number;
export type { CacaoHeader as Header, CacaoPayload as Payload, CacaoSignature as Signature, SignedCacao, } from '@didtools/codecs';
export type CacaoBlock = {
value: Cacao;
cid: multiformats.CID;
bytes: Uint8Array;
};
export type Verifiers = Record<string, CacaoVerifier>;
export type CacaoVerifier = (cacao: Cacao, opts: VerifyOptions) => Promise<void>;
export type AuthMethod = (opts: AuthMethodOpts) => Promise<Cacao>;
export type Payload = {
domain: string;
iss: string;
aud: string;
version: string;
nonce: string;
iat: string;
nbf?: string;
exp?: string;
statement?: string;
requestId?: string;
resources?: Array<string>;
};
export type VerifyOptions = {
/**
* @param verifiers - object of supported verification methods to verify given cacao
*/
verifiers: Verifiers;
/**
* @param atTime - the point in time the capability is being verified for
*/
atTime?: Date;
/**
* @param expPhaseOutSecs - Number of seconds that a capability stays valid for after it was expired
*/
revocationPhaseOutSecs?: number;
/**
* @param clockSkewSecs - Number of seconds of clock tolerance when verifying iat, nbf, and exp
*/
clockSkewSecs?: number;
/**
* @param disableExpirationCheck - Do not verify expiration time
*/
disableExpirationCheck?: boolean;
};
export type AuthMethodOpts = {
/**RFC 4501 dns authority that is requesting the signing. */
domain?: string;
/**Ethereum address performing the signing conformant to capitalization
* encoded checksum specified in EIP-55 where applicable. */
address?: string;
/**Human-readable ASCII assertion that the user will sign, and it must not
* contain `\n`. */
statement?: string;
/**RFC 3986 URI referring to the resource that is the subject of the signing
* (as in the __subject__ of a claim). */
uri?: string;
/**Current version of the message. */
version?: string;
/**Randomized token used to prevent replay attacks, at least 8 alphanumeric
* characters. */
nonce?: string;
/**ISO 8601 datetime string of the current time. */
issuedAt?: string;
/**ISO 8601 datetime string that, if present, indicates when the signed
* authentication message is no longer valid. */
expirationTime?: string;
/**ISO 8601 datetime string that, if present, indicates when the signed
* authentication message will become valid. */
notBefore?: string;
/**System-specific identifier that may be used to uniquely refer to the
* sign-in request. */
requestId?: string;
/**EIP-155 Chain ID to which the session is bound, and the network where
* Contract Accounts must be resolved. */
chainId?: string;
/**List of information or references to information the user wishes to have
* resolved as part of authentication by the relying party. They are
* expressed as RFC 3986 URIs separated by `\n- `. */
resources?: Array<string>;
};
export declare namespace Cacao {
function fromSiweMessage(siweMessage: SiweMessage): Cacao;
function fromSiwsMessage(siwsMessage: SiwsMessage): Cacao;
function fromSiwTezosMessage(siwTezosMessage: SiwTezosMessage): Cacao;
function fromSiwStacksMessage(siwStacksMessage: SiwStacksMessage): Cacao;
function fromBlockBytes(bytes: Uint8Array): Promise<Cacao>;
function verify(cacao: Cacao, opts?: VerifyOptions): Promise<void>;
}
export type Cacao = Cacao;
export declare namespace CacaoBlock {
function fromCacao(cacao: Cacao): Promise<CacaoBlock>;
}
export declare function assertSigned(cacao: Cacao): asserts cacao is SignedCacao;
export declare function verifyTimeChecks(cacao: Cacao, options: VerifyOptions): void;