@sphereon/ssi-sdk.public-key-hosting/dist/index.cjs.map

{"version":3,"sources":["../src/index.ts","../src/public-key-hosting.ts","../src/api-functions.ts","../src/environment.ts","../src/functions.ts"],"sourcesContent":["/**\n * @public\n */\nimport { Loggers } from '@sphereon/ssi-types'\n\nexport const logger = Loggers.DEFAULT.get('sphereon:public-key-hosting')\nexport * from './public-key-hosting'\nexport * from './types'\nexport * from './functions'\nexport * from './api-functions'\n","import { ExpressSupport } from '@sphereon/ssi-express-support'\nimport { agentContext } from '@sphereon/ssi-sdk.core'\nimport { TAgent } from '@veramo/core'\n\nimport express, { Express, Router } from 'express'\nimport { getAllJWKSEndpoint, getDIDJWKSEndpoint } from './api-functions'\nimport { logger } from './index'\nimport { IRequiredPlugins, IPublicKeyHostingOpts } from './types'\n\nexport class PublicKeyHosting {\n  get router(): express.Router {\n    return this._router\n  }\n\n  private readonly _express: Express\n  private readonly _agent: TAgent<IRequiredPlugins>\n  private readonly _opts?: IPublicKeyHostingOpts\n  private readonly _router: Router\n\n  constructor(args: { agent: TAgent<IRequiredPlugins>; expressSupport: ExpressSupport; opts?: IPublicKeyHostingOpts }) {\n    const { agent, opts } = args\n    this._agent = agent\n    if (opts?.endpointOpts?.globalAuth) {\n      copyGlobalAuthToEndpoint(opts, 'allJWKS')\n      copyGlobalAuthToEndpoint(opts, 'DIDJWKS')\n    }\n\n    this._opts = opts\n    this._express = args.expressSupport.express\n    this._router = express.Router()\n\n    const context = agentContext(agent)\n\n    const features = opts?.hostingOpts?.enableFeatures ?? ['all-jwks', 'did-jwks']\n    logger.info(`Public key hosting enabled, with features: ${JSON.stringify(features)}`)\n\n    // Credential endpoints\n    if (features.includes('all-jwks')) {\n      getAllJWKSEndpoint(this.router, context, {\n        ...opts?.endpointOpts?.allJWKS,\n      })\n    }\n    if (features.includes('did-jwks')) {\n      getDIDJWKSEndpoint(this.router, context, opts?.endpointOpts?.DIDJWKS)\n    }\n    this._express.use(opts?.endpointOpts?.basePath ?? '', this.router)\n  }\n\n  get agent(): TAgent<IRequiredPlugins> {\n    return this._agent\n  }\n\n  get opts(): IPublicKeyHostingOpts | undefined {\n    return this._opts\n  }\n\n  get express(): Express {\n    return this._express\n  }\n}\n\nfunction copyGlobalAuthToEndpoint(opts: IPublicKeyHostingOpts, key: string) {\n  if (opts?.endpointOpts?.globalAuth) {\n    // @ts-ignore\n    opts.endpointOpts[key] = {\n      // @ts-ignore\n      ...opts.endpointOpts[key],\n      // @ts-ignore\n      endpoint: { ...opts.endpointOpts.globalAuth, ...opts.endpointOpts[key]?.endpoint },\n    }\n  }\n}\n","import { checkAuth, ISingleEndpointOpts, sendErrorResponse } from '@sphereon/ssi-express-support'\nimport { ISphereonKeyManager } from '@sphereon/ssi-sdk-ext.key-manager'\nimport { contextHasPlugin } from '@sphereon/ssi-sdk.agent-config'\nimport { Request, Response, Router } from 'express'\nimport { JKWS_HOSTING_ALL_KEYS_PATH, JWKS_HOSTING_DID_KEYS_PATH } from './environment'\nimport { toJWKS } from './functions'\nimport { logger } from './index'\nimport { IRequiredContext } from './types'\n\nexport function getAllJWKSEndpoint(router: Router, context: IRequiredContext, opts?: ISingleEndpointOpts) {\n  if (opts?.enabled === false) {\n    logger.info(`Get all JWKS endpoint is disabled`)\n    return\n  }\n\n  const path = opts?.path ?? JKWS_HOSTING_ALL_KEYS_PATH\n  logger.info(`All JWKS endpoint enabled, path ${path}`)\n  router.get(path, checkAuth(opts?.endpoint), async (request: Request, response: Response) => {\n    try {\n      if (!contextHasPlugin<ISphereonKeyManager>(context, 'keyManagerListKeys')) {\n        return sendErrorResponse(\n          response,\n          500,\n          'Key manager plugin that can list keys is not found. Please enable the Sphereon Key Manager plugin if you want to use this endpoint',\n        )\n      }\n      response.statusCode = 202\n      const keys = await context.agent.keyManagerListKeys()\n      return response.send(toJWKS({ keys }))\n    } catch (e) {\n      return sendErrorResponse(response, 500, e.message as string, e)\n    }\n  })\n}\n\nexport function getDIDJWKSEndpoint(router: Router, context: IRequiredContext, opts?: ISingleEndpointOpts) {\n  if (opts?.enabled === false) {\n    logger.info(`Get DID JWKS endpoint is disabled`)\n    return\n  }\n  const path = opts?.path ?? JWKS_HOSTING_DID_KEYS_PATH\n  console.info(`DID JWKS endpoint enabled, path ${path}`)\n  router.get(path, checkAuth(opts?.endpoint), async (request: Request, response: Response) => {\n    const did = request.params.did\n    try {\n      console.log(`Will get JWKS for DID ${did}`)\n      const resolution = await context.agent.identifierManagedGetByDid({ identifier: did })\n      if (!resolution.identifier) {\n        return sendErrorResponse(response, 404, `DID ${did} not found`)\n      }\n      response.statusCode = 200\n      return response.send(toJWKS({ keys: resolution.keys }))\n    } catch (e) {\n      console.log(e)\n      return sendErrorResponse(response, 404, `DID ${did} not found`)\n    }\n  })\n}\n","export const JKWS_HOSTING_ALL_KEYS_PATH = process.env.JWKS_HOSTING_BASE_PATH ?? '/.well-known/jwks.json'\nexport const JWKS_HOSTING_DID_KEYS_PATH = process.env.JWKS_HOSTING_DID_PATH ?? '/.well-known/jwks/dids/:did'\n","import { toJwk } from '@sphereon/ssi-sdk-ext.key-utils'\nimport { JWK } from '@sphereon/ssi-types'\nimport { IIdentifier, IKey } from '@veramo/core'\nimport { asArray } from '@veramo/utils'\nimport { JWKS_HOSTING_DID_KEYS_PATH } from './environment'\n\nexport const toJWKS = (args: { keys: IKey | IKey[] }): { keys: Array<JWK> } => {\n  const providedKeys = asArray(args.keys)\n  const keys = providedKeys.map((key) =>\n    toJwk(key.publicKeyHex, key.type, {\n      key,\n      isPrivateKey: false,\n      noKidThumbprint: false,\n    }),\n  )\n  return {\n    keys,\n  }\n}\n\nexport const jwksURIFromIdentifier = (args: { identifier: IIdentifier; basePath?: string; baseURL?: string; onlyEncodeDid?: boolean }) => {\n  const { onlyEncodeDid, identifier, baseURL } = args\n  let basePath = args.basePath ?? JWKS_HOSTING_DID_KEYS_PATH\n  const did = encodeURIComponent(identifier.did)\n  if (onlyEncodeDid) {\n    return did\n  }\n  if (basePath.includes(':did')) {\n    basePath = basePath.replace(':did', did)\n  } else {\n    basePath += basePath.endsWith('/') ? did : `/${did}`\n  }\n  if (baseURL) {\n    return baseURL + baseURL.endsWith('/') ? basePath : `/${basePath}`\n  }\n  return basePath\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;;;;;;;;;;AAGA,uBAAwB;;;ACFxB,IAAAA,kBAA6B;AAG7B,qBAAyC;;;ACJzC,iCAAkE;AAElE,qBAAiC;;;ACF1B,IAAMC,6BAA6BC,QAAQC,IAAIC,0BAA0B;AACzE,IAAMC,6BAA6BH,QAAQC,IAAIG,yBAAyB;;;ACD/E,yBAAsB;AAGtB,mBAAwB;AAGjB,IAAMC,SAAS,wBAACC,SAAAA;AACrB,QAAMC,mBAAeC,sBAAQF,KAAKG,IAAI;AACtC,QAAMA,OAAOF,aAAaG,IAAI,CAACC,YAC7BC,0BAAMD,IAAIE,cAAcF,IAAIG,MAAM;IAChCH;IACAI,cAAc;IACdC,iBAAiB;EACnB,CAAA,CAAA;AAEF,SAAO;IACLP;EACF;AACF,GAZsB;AAcf,IAAMQ,wBAAwB,wBAACX,SAAAA;AACpC,QAAM,EAAEY,eAAeC,YAAYC,QAAO,IAAKd;AAC/C,MAAIe,WAAWf,KAAKe,YAAYC;AAChC,QAAMC,MAAMC,mBAAmBL,WAAWI,GAAG;AAC7C,MAAIL,eAAe;AACjB,WAAOK;EACT;AACA,MAAIF,SAASI,SAAS,MAAA,GAAS;AAC7BJ,eAAWA,SAASK,QAAQ,QAAQH,GAAAA;EACtC,OAAO;AACLF,gBAAYA,SAASM,SAAS,GAAA,IAAOJ,MAAM,IAAIA,GAAAA;EACjD;AACA,MAAIH,SAAS;AACX,WAAOA,UAAUA,QAAQO,SAAS,GAAA,IAAON,WAAW,IAAIA,QAAAA;EAC1D;AACA,SAAOA;AACT,GAhBqC;;;AFX9B,SAASO,mBAAmBC,QAAgBC,SAA2BC,MAA0B;AACtG,MAAIA,MAAMC,YAAY,OAAO;AAC3BC,WAAOC,KAAK,mCAAmC;AAC/C;EACF;AAEA,QAAMC,OAAOJ,MAAMI,QAAQC;AAC3BH,SAAOC,KAAK,mCAAmCC,IAAAA,EAAM;AACrDN,SAAOQ,IAAIF,UAAMG,sCAAUP,MAAMQ,QAAAA,GAAW,OAAOC,SAAkBC,aAAAA;AACnE,QAAI;AACF,UAAI,KAACC,iCAAsCZ,SAAS,oBAAA,GAAuB;AACzE,mBAAOa,8CACLF,UACA,KACA,oIAAA;MAEJ;AACAA,eAASG,aAAa;AACtB,YAAMC,OAAO,MAAMf,QAAQgB,MAAMC,mBAAkB;AACnD,aAAON,SAASO,KAAKC,OAAO;QAAEJ;MAAK,CAAA,CAAA;IACrC,SAASK,GAAG;AACV,iBAAOP,8CAAkBF,UAAU,KAAKS,EAAEC,SAAmBD,CAAAA;IAC/D;EACF,CAAA;AACF;AAxBgBtB;AA0BT,SAASwB,mBAAmBvB,QAAgBC,SAA2BC,MAA0B;AACtG,MAAIA,MAAMC,YAAY,OAAO;AAC3BC,WAAOC,KAAK,mCAAmC;AAC/C;EACF;AACA,QAAMC,OAAOJ,MAAMI,QAAQkB;AAC3BC,UAAQpB,KAAK,mCAAmCC,IAAAA,EAAM;AACtDN,SAAOQ,IAAIF,UAAMG,sCAAUP,MAAMQ,QAAAA,GAAW,OAAOC,SAAkBC,aAAAA;AACnE,UAAMc,MAAMf,QAAQgB,OAAOD;AAC3B,QAAI;AACFD,cAAQG,IAAI,yBAAyBF,GAAAA,EAAK;AAC1C,YAAMG,aAAa,MAAM5B,QAAQgB,MAAMa,0BAA0B;QAAEC,YAAYL;MAAI,CAAA;AACnF,UAAI,CAACG,WAAWE,YAAY;AAC1B,mBAAOjB,8CAAkBF,UAAU,KAAK,OAAOc,GAAAA,YAAe;MAChE;AACAd,eAASG,aAAa;AACtB,aAAOH,SAASO,KAAKC,OAAO;QAAEJ,MAAMa,WAAWb;MAAK,CAAA,CAAA;IACtD,SAASK,GAAG;AACVI,cAAQG,IAAIP,CAAAA;AACZ,iBAAOP,8CAAkBF,UAAU,KAAK,OAAOc,GAAAA,YAAe;IAChE;EACF,CAAA;AACF;AAtBgBH;;;AD1BT,IAAMS,mBAAN,MAAMA;EARb,OAQaA;;;EACX,IAAIC,SAAyB;AAC3B,WAAO,KAAKC;EACd;EAEiBC;EACAC;EACAC;EACAH;EAEjB,YAAYI,MAAyG;AACnH,UAAM,EAAEC,OAAOC,KAAI,IAAKF;AACxB,SAAKF,SAASG;AACd,QAAIC,MAAMC,cAAcC,YAAY;AAClCC,+BAAyBH,MAAM,SAAA;AAC/BG,+BAAyBH,MAAM,SAAA;IACjC;AAEA,SAAKH,QAAQG;AACb,SAAKL,WAAWG,KAAKM,eAAeC;AACpC,SAAKX,UAAUW,eAAAA,QAAQC,OAAM;AAE7B,UAAMC,cAAUC,8BAAaT,KAAAA;AAE7B,UAAMU,WAAWT,MAAMU,aAAaC,kBAAkB;MAAC;MAAY;;AACnEC,WAAOC,KAAK,8CAA8CC,KAAKC,UAAUN,QAAAA,CAAAA,EAAW;AAGpF,QAAIA,SAASO,SAAS,UAAA,GAAa;AACjCC,yBAAmB,KAAKxB,QAAQc,SAAS;QACvC,GAAGP,MAAMC,cAAciB;MACzB,CAAA;IACF;AACA,QAAIT,SAASO,SAAS,UAAA,GAAa;AACjCG,yBAAmB,KAAK1B,QAAQc,SAASP,MAAMC,cAAcmB,OAAAA;IAC/D;AACA,SAAKzB,SAAS0B,IAAIrB,MAAMC,cAAcqB,YAAY,IAAI,KAAK7B,MAAM;EACnE;EAEA,IAAIM,QAAkC;AACpC,WAAO,KAAKH;EACd;EAEA,IAAII,OAA0C;AAC5C,WAAO,KAAKH;EACd;EAEA,IAAIQ,UAAmB;AACrB,WAAO,KAAKV;EACd;AACF;AAEA,SAASQ,yBAAyBH,MAA6BuB,KAAW;AACxE,MAAIvB,MAAMC,cAAcC,YAAY;AAElCF,SAAKC,aAAasB,GAAAA,IAAO;;MAEvB,GAAGvB,KAAKC,aAAasB,GAAAA;;MAErBC,UAAU;QAAE,GAAGxB,KAAKC,aAAaC;QAAY,GAAGF,KAAKC,aAAasB,GAAAA,GAAMC;MAAS;IACnF;EACF;AACF;AAVSrB;;;ADxDF,IAAMsB,SAASC,yBAAQC,QAAQC,IAAI,6BAAA;","names":["import_ssi_sdk","JKWS_HOSTING_ALL_KEYS_PATH","process","env","JWKS_HOSTING_BASE_PATH","JWKS_HOSTING_DID_KEYS_PATH","JWKS_HOSTING_DID_PATH","toJWKS","args","providedKeys","asArray","keys","map","key","toJwk","publicKeyHex","type","isPrivateKey","noKidThumbprint","jwksURIFromIdentifier","onlyEncodeDid","identifier","baseURL","basePath","JWKS_HOSTING_DID_KEYS_PATH","did","encodeURIComponent","includes","replace","endsWith","getAllJWKSEndpoint","router","context","opts","enabled","logger","info","path","JKWS_HOSTING_ALL_KEYS_PATH","get","checkAuth","endpoint","request","response","contextHasPlugin","sendErrorResponse","statusCode","keys","agent","keyManagerListKeys","send","toJWKS","e","message","getDIDJWKSEndpoint","JWKS_HOSTING_DID_KEYS_PATH","console","did","params","log","resolution","identifierManagedGetByDid","identifier","PublicKeyHosting","router","_router","_express","_agent","_opts","args","agent","opts","endpointOpts","globalAuth","copyGlobalAuthToEndpoint","expressSupport","express","Router","context","agentContext","features","hostingOpts","enableFeatures","logger","info","JSON","stringify","includes","getAllJWKSEndpoint","allJWKS","getDIDJWKSEndpoint","DIDJWKS","use","basePath","key","endpoint","logger","Loggers","DEFAULT","get"]}