Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

@sphereon/ssi-types

Package Overview
Dependencies
Maintainers
4
Versions
1168
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@sphereon/ssi-types - npm Package Compare versions

Comparing version 0.32.0 to 0.32.1-feature.SPRIND.137.18

72

dist/types/sd-jwt-type-metadata.d.ts

@@ -1,6 +0,5 @@

import { AsyncHasher } from './sd-jwt-vc';
/**
* Represents the metadata associated with a specific SD-JWT VC type.
*/
interface SdJwtTypeMetadata {
export interface SdJwtTypeMetadata {
/**

@@ -41,8 +40,46 @@ * REQUIRED. The VC type URI.

*/
claims?: Array<any>;
claims?: Array<SdJwtClaimMetadata>;
}
/**
* Represents the metadata associated with a specific SD-JWT claim.
*/
export interface SdJwtClaimMetadata {
/**
* REQUIRED. An array indicating the claim or claims that are being addressed.
*/
path: Array<SdJwtClaimPath>;
/**
* OPTIONAL. Display information for the claim.
*/
display?: Array<SdJwtClaimDisplayMetadata>;
/**
* OPTIONAL. A string indicating whether the claim is selectively disclosable.
*/
sd?: SdJwtClaimSelectiveDisclosure;
/**
* OPTIONAL. A string defining the ID of the claim for reference in the SVG template.
*/
svg_id?: string;
}
/**
* Represents claim display metadata for a specific language.
*/
export interface SdJwtClaimDisplayMetadata {
/**
* REQUIRED. Language tag for the display information.
*/
lang: string;
/**
* REQUIRED. A human-readable label for the claim, intended for end users.
*/
label: string;
/**
* REQUIRED. A human-readable description for the claim, intended for end users.
*/
description?: string;
}
/**
* Represents display metadata for a specific language.
*/
interface SdJwtTypeDisplayMetadata {
export interface SdJwtTypeDisplayMetadata {
/**

@@ -68,3 +105,3 @@ * REQUIRED. Language tag for the display information.

*/
interface SdJwtTypeRenderingMetadata {
export interface SdJwtTypeRenderingMetadata {
/**

@@ -82,3 +119,3 @@ * OPTIONAL. Simple rendering method metadata.

*/
interface SdJwtSimpleRenderingMetadata {
export interface SdJwtSimpleRenderingMetadata {
/**

@@ -100,3 +137,3 @@ * OPTIONAL. Metadata for the logo image.

*/
interface SdJwtLogoMetadata {
export interface SdJwtLogoMetadata {
/**

@@ -118,3 +155,3 @@ * REQUIRED. URI pointing to the logo image.

*/
interface SdJwtSVGTemplateMetadata {
export interface SdJwtSVGTemplateMetadata {
/**

@@ -136,3 +173,3 @@ * REQUIRED. URI pointing to the SVG template.

*/
interface SdJwtSVGTemplateProperties {
export interface SdJwtSVGTemplateProperties {
/**

@@ -147,8 +184,15 @@ * OPTIONAL. The orientation for which the SVG template is optimized.

}
/**
* A string indicates that the respective key is to be selected.
* A null value indicates that all elements of the currently selected array(s) are to be selected.
* A non-negative integer indicates that the respective index in an array is to be selected.
*/
export type SdJwtClaimPath = string | null | number;
/**
* always: The Issuer MUST make the claim selectively disclosable.
* allowed: The Issuer MAY make the claim selectively disclosable.
* never: The Issuer MUST NOT make the claim selectively disclosable.
*/
export type SdJwtClaimSelectiveDisclosure = 'always' | 'allowed' | 'never';
export type SdJwtTypeHasher = (input: any, alg?: string) => string;
export declare function fetchSdJwtTypeMetadataFromVctUrl(vct: string, opts?: {
hasher?: AsyncHasher;
integrity?: string;
}): Promise<SdJwtTypeMetadata>;
export {};
//# sourceMappingURL=sd-jwt-type-metadata.d.ts.map

81

dist/types/sd-jwt-type-metadata.js
"use strict";
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
var desc = Object.getOwnPropertyDescriptor(m, k);
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
desc = { enumerable: true, get: function() { return m[k]; } };
}
Object.defineProperty(o, k2, desc);
}) : (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
o[k2] = m[k];
}));
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
Object.defineProperty(o, "default", { enumerable: true, value: v });
}) : function(o, v) {
o["default"] = v;
});
var __importStar = (this && this.__importStar) || function (mod) {
if (mod && mod.__esModule) return mod;
var result = {};
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
__setModuleDefault(result, mod);
return result;
};
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
return new (P || (P = Promise))(function (resolve, reject) {
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
step((generator = generator.apply(thisArg, _arguments || [])).next());
});
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.fetchSdJwtTypeMetadataFromVctUrl = fetchSdJwtTypeMetadataFromVctUrl;
const u8a = __importStar(require("uint8arrays"));
// Helper function to fetch API with error handling
function fetchUrlWithErrorHandling(url) {
return __awaiter(this, void 0, void 0, function* () {
const response = yield fetch(url);
if (!response.ok) {
throw new Error(`${response.status}: ${response.statusText}`);
}
return response;
});
}
function validateIntegrity(input, integrityValue, hasher, alg) {
return __awaiter(this, void 0, void 0, function* () {
const hash = yield hasher(input, alg !== null && alg !== void 0 ? alg : 'sha256');
return u8a.toString(hash, 'utf-8') === integrityValue;
});
}
// Fetch and validate Type Metadata
function fetchSdJwtTypeMetadataFromVctUrl(vct, opts) {
return __awaiter(this, void 0, void 0, function* () {
const url = new URL(vct);
const wellKnownUrl = `${url.origin}/.well-known/vct${url.pathname}`;
const response = yield fetchUrlWithErrorHandling(wellKnownUrl);
const metadata = yield response.json();
assertValidTypeMetadata(metadata, vct);
if ((opts === null || opts === void 0 ? void 0 : opts.integrity) && opts.hasher) {
if (!(yield validateIntegrity(metadata, opts.integrity, opts.hasher))) {
throw new Error('Integrity check failed');
}
}
return metadata;
});
}
function assertValidTypeMetadata(metadata, vct) {
if (metadata.vct !== vct) {
throw new Error('VCT mismatch in metadata and credential');
}
}
/*
// Example usage
try {
const vct = 'https://betelgeuse.example.com/education_credential'
const typeMetadata = await fetchSdJwtTypeMetadataFromVctUrl(vct)
console.log('Type Metadata retrieved successfully:', typeMetadata)
} catch (error) {
console.error('Error fetching type metadata:', error.message)
}
*/
//# sourceMappingURL=sd-jwt-type-metadata.js.map
{
"name": "@sphereon/ssi-types",
"description": "SSI Common Types",
"version": "0.32.0",
"version": "0.32.1-feature.SPRIND.137.18+a50eb337",
"main": "dist/index.js",

@@ -50,3 +50,3 @@ "types": "dist/index.d.ts",

"nx": {},
"gitHead": "6585912cbda057506cc459b23285526e53a9bce9"
"gitHead": "a50eb3370348285cfab74db09584821fe2b1be42"
}

@@ -1,8 +0,5 @@

import * as u8a from 'uint8arrays'
import { AsyncHasher } from './sd-jwt-vc'
/**
* Represents the metadata associated with a specific SD-JWT VC type.
*/
interface SdJwtTypeMetadata {
export interface SdJwtTypeMetadata {
/**

@@ -51,10 +48,54 @@ * REQUIRED. The VC type URI.

*/
// TODO:
claims?: Array<any>
claims?: Array<SdJwtClaimMetadata>
}
/**
* Represents the metadata associated with a specific SD-JWT claim.
*/
export interface SdJwtClaimMetadata {
/**
* REQUIRED. An array indicating the claim or claims that are being addressed.
*/
path: Array<SdJwtClaimPath>
/**
* OPTIONAL. Display information for the claim.
*/
display?: Array<SdJwtClaimDisplayMetadata>
/**
* OPTIONAL. A string indicating whether the claim is selectively disclosable.
*/
sd?: SdJwtClaimSelectiveDisclosure
/**
* OPTIONAL. A string defining the ID of the claim for reference in the SVG template.
*/
svg_id?: string
}
/**
* Represents claim display metadata for a specific language.
*/
export interface SdJwtClaimDisplayMetadata {
/**
* REQUIRED. Language tag for the display information.
*/
lang: string
/**
* REQUIRED. A human-readable label for the claim, intended for end users.
*/
label: string
/**
* REQUIRED. A human-readable description for the claim, intended for end users.
*/
description?: string
}
/**
* Represents display metadata for a specific language.
*/
interface SdJwtTypeDisplayMetadata {
export interface SdJwtTypeDisplayMetadata {
/**

@@ -84,3 +125,3 @@ * REQUIRED. Language tag for the display information.

*/
interface SdJwtTypeRenderingMetadata {
export interface SdJwtTypeRenderingMetadata {
/**

@@ -100,3 +141,3 @@ * OPTIONAL. Simple rendering method metadata.

*/
interface SdJwtSimpleRenderingMetadata {
export interface SdJwtSimpleRenderingMetadata {
/**

@@ -121,3 +162,3 @@ * OPTIONAL. Metadata for the logo image.

*/
interface SdJwtLogoMetadata {
export interface SdJwtLogoMetadata {
/**

@@ -142,3 +183,3 @@ * REQUIRED. URI pointing to the logo image.

*/
interface SdJwtSVGTemplateMetadata {
export interface SdJwtSVGTemplateMetadata {
/**

@@ -163,3 +204,3 @@ * REQUIRED. URI pointing to the SVG template.

*/
interface SdJwtSVGTemplateProperties {
export interface SdJwtSVGTemplateProperties {
/**

@@ -176,49 +217,16 @@ * OPTIONAL. The orientation for which the SVG template is optimized.

// Helper function to fetch API with error handling
async function fetchUrlWithErrorHandling(url: string): Promise<Response> {
const response = await fetch(url)
if (!response.ok) {
throw new Error(`${response.status}: ${response.statusText}`)
}
return response
}
/**
* A string indicates that the respective key is to be selected.
* A null value indicates that all elements of the currently selected array(s) are to be selected.
* A non-negative integer indicates that the respective index in an array is to be selected.
*/
export type SdJwtClaimPath = string | null | number
/**
* always: The Issuer MUST make the claim selectively disclosable.
* allowed: The Issuer MAY make the claim selectively disclosable.
* never: The Issuer MUST NOT make the claim selectively disclosable.
*/
export type SdJwtClaimSelectiveDisclosure = 'always' | 'allowed' | 'never'
export type SdJwtTypeHasher = (input: any, alg?: string) => string
async function validateIntegrity(input: any, integrityValue: string, hasher: AsyncHasher, alg?: string): Promise<boolean> {
const hash = await hasher(input, alg ?? 'sha256')
return u8a.toString(hash, 'utf-8') === integrityValue
}
// Fetch and validate Type Metadata
export async function fetchSdJwtTypeMetadataFromVctUrl(vct: string, opts?: { hasher?: AsyncHasher; integrity?: string }): Promise<SdJwtTypeMetadata> {
const url = new URL(vct)
const wellKnownUrl = `${url.origin}/.well-known/vct${url.pathname}`
const response = await fetchUrlWithErrorHandling(wellKnownUrl)
const metadata: SdJwtTypeMetadata = await response.json()
assertValidTypeMetadata(metadata, vct)
if (opts?.integrity && opts.hasher) {
if (!(await validateIntegrity(metadata, opts.integrity, opts.hasher))) {
throw new Error('Integrity check failed')
}
}
return metadata
}
function assertValidTypeMetadata(metadata: SdJwtTypeMetadata, vct: string): void {
if (metadata.vct !== vct) {
throw new Error('VCT mismatch in metadata and credential')
}
}
/*
// Example usage
try {
const vct = 'https://betelgeuse.example.com/education_credential'
const typeMetadata = await fetchSdJwtTypeMetadataFromVctUrl(vct)
console.log('Type Metadata retrieved successfully:', typeMetadata)
} catch (error) {
console.error('Error fetching type metadata:', error.message)
}
*/

Sorry, the diff of this file is not supported yet

Sorry, the diff of this file is not supported yet

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc