UNPKG

@sphereon/did-auth-siop

Version:

Self Issued OpenID V2 (SIOPv2) and OpenID 4 Verifiable Presentations (OID4VP)

74 lines 5.69 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
"use strict"; var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } return new (P || (P = Promise))(function (resolve, reject) { function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } step((generator = generator.apply(thisArg, _arguments || [])).next()); }); }; Object.defineProperty(exports, "__esModule", { value: true }); exports.assertValidRPRegistrationMedataPayload = exports.createAuthorizationRequestPayload = exports.createPresentationDefinitionClaimsProperties = void 0; const pex_1 = require("@sphereon/pex"); const helpers_1 = require("../helpers"); const Opts_1 = require("../rp/Opts"); const schemas_1 = require("../schemas"); const types_1 = require("../types"); const RequestRegistration_1 = require("./RequestRegistration"); const types_2 = require("./types"); const createPresentationDefinitionClaimsProperties = (opts) => __awaiter(void 0, void 0, void 0, function* () { if (!opts || !opts.vp_token || (!opts.vp_token.presentation_definition && !opts.vp_token.presentation_definition_uri && !opts.vp_token.dcql_query)) { return undefined; } let presentationDef = opts.vp_token.presentation_definition; if (!presentationDef && opts.vp_token.presentation_definition_uri) { presentationDef = yield (0, helpers_1.getWithUrl)(opts.vp_token.presentation_definition_uri, false); } if (presentationDef) { const discoveryResult = pex_1.PEX.definitionVersionDiscovery(presentationDef); if (discoveryResult.error) { return Promise.reject(new Error(types_1.SIOPErrors.REQUEST_CLAIMS_PRESENTATION_DEFINITION_NOT_VALID)); } } return Object.assign(Object.assign(Object.assign({}, (opts.id_token ? { id_token: opts.id_token } : {})), ((opts.vp_token.presentation_definition || opts.vp_token.presentation_definition_uri) && { vp_token: Object.assign(Object.assign({}, (!opts.vp_token.presentation_definition_uri && { presentation_definition: opts.vp_token.presentation_definition })), (opts.vp_token.presentation_definition_uri && { presentation_definition_uri: opts.vp_token.presentation_definition_uri })), })), (opts.vp_token.dcql_query && { vp_token: { dcql_query: opts.vp_token.dcql_query } })); }); exports.createPresentationDefinitionClaimsProperties = createPresentationDefinitionClaimsProperties; const createAuthorizationRequestPayload = (opts, requestObject) => __awaiter(void 0, void 0, void 0, function* () { var _a, _b; const payload = opts.payload; const state = (_a = payload === null || payload === void 0 ? void 0 : payload.state) !== null && _a !== void 0 ? _a : undefined; const nonce = (payload === null || payload === void 0 ? void 0 : payload.nonce) ? (0, helpers_1.getNonce)(state, payload.nonce) : undefined; // TODO: if opts['registration] throw Error to get rid of test code using that key const clientMetadata = (_b = opts['registration']) !== null && _b !== void 0 ? _b : opts.clientMetadata; const registration = yield (0, RequestRegistration_1.createRequestRegistration)(clientMetadata, opts); const claims = opts.version >= types_1.SupportedVersion.SIOPv2_ID1 ? opts.payload.claims : yield (0, exports.createPresentationDefinitionClaimsProperties)(opts.payload.claims); const isRequestTarget = (0, Opts_1.isTargetOrNoTargets)(types_2.PropertyTarget.AUTHORIZATION_REQUEST, opts.requestObject.targets); const isRequestByValue = opts.requestObject.passBy === types_1.PassBy.VALUE; if (isRequestTarget && isRequestByValue && !requestObject) { throw Error(types_1.SIOPErrors.NO_JWT); } const request = isRequestByValue ? yield requestObject.toJwt() : undefined; const authRequestPayload = Object.assign(Object.assign(Object.assign(Object.assign(Object.assign(Object.assign(Object.assign(Object.assign({}, payload), (clientMetadata.client_id && { client_id: clientMetadata.client_id })), (isRequestTarget && opts.requestObject.passBy === types_1.PassBy.REFERENCE ? { request_uri: opts.requestObject.reference_uri } : {})), (isRequestTarget && isRequestByValue && { request })), (nonce && { nonce })), (state && { state })), (registration.payload && (0, Opts_1.isTarget)(types_2.PropertyTarget.AUTHORIZATION_REQUEST, registration.clientMetadataOpts.targets) ? registration.payload : {})), (claims && { claims })); return (0, helpers_1.removeNullUndefined)(authRequestPayload); }); exports.createAuthorizationRequestPayload = createAuthorizationRequestPayload; const assertValidRPRegistrationMedataPayload = (regObj) => { if (regObj) { const valid = (0, schemas_1.RPRegistrationMetadataPayloadSchema)(regObj); if (!valid) { // eslint-disable-next-line @typescript-eslint/ban-ts-comment //@ts-ignore throw new Error('Registration data validation error: ' + JSON.stringify(schemas_1.RPRegistrationMetadataPayloadSchema.errors)); } } if ((regObj === null || regObj === void 0 ? void 0 : regObj.subject_syntax_types_supported) && regObj.subject_syntax_types_supported.length == 0) { throw new Error(`${types_1.SIOPErrors.VERIFY_BAD_PARAMS}`); } }; exports.assertValidRPRegistrationMedataPayload = assertValidRPRegistrationMedataPayload; //# sourceMappingURL=Payload.js.map