-
Notifications
You must be signed in to change notification settings - Fork 23
/
EBSI.spec.ts
executable file
·117 lines (98 loc) · 3.62 KB
/
EBSI.spec.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
import { getResolver as getKeyResolver } from '@cef-ebsi/key-did-resolver';
// import { EbsiWallet } from '@cef-ebsi/wallet-lib';
import EbsiWallet from '@cef-ebsi/wallet-lib';
import { PresentationSignCallBackParams } from '@sphereon/pex';
import { parseDid, W3CVerifiablePresentation } from '@sphereon/ssi-types';
import { Resolver } from 'did-resolver';
import { importJWK, JWK, SignJWT } from 'jose';
import { v4 as uuidv4 } from 'uuid';
import { CheckLinkedDomain, OP, SigningAlgo } from '../../src';
const ID_TOKEN_REQUEST_URL = 'https://api-conformance.ebsi.eu/conformance/v3/auth-mock/id_token_request';
export const UNIT_TEST_TIMEOUT = 30000;
export const jwk: JWK = {
alg: 'ES256',
kty: 'EC',
use: 'sig',
crv: 'P-256',
x: '9ggs4Cm4VXcKOePpjkL9iSyMCa22yOjbo-oUXpy-aw0',
y: 'lEXW7b_J7lceiVEtrfptvuPeENsOJl-fhzmu654GPR8',
};
const hexPrivateKey = '47dc6ae067aa011f8574d2da7cf8c326538af08b85e6779d192a9893291c9a0a';
const nonce = uuidv4();
export const generateDid = (_opts?: { seed?: Uint8Array }) => {
const did = EbsiWallet.createDid('NATURAL_PERSON', jwk);
return did;
};
const keyResolver = getKeyResolver();
const didStr = generateDid();
const kid = `${didStr}#${parseDid(didStr).id}`;
console.log(kid);
describe('EBSI SIOPv2 should', () => {
async function testWithOp() {
const did = await generateDid(/*{ seed: u8a.fromString(hexPrivateKey, 'base16') }*/);
expect(did).toBeDefined();
const authRequestURL = await getAuthRequestURL({ nonce });
expect(authRequestURL).toBeDefined();
expect(authRequestURL).toContain('openid://?state=');
expect(authRequestURL).toContain(nonce);
const correlationId = 'test';
const op: OP = OP.builder()
.addResolver('key', new Resolver(keyResolver))
.withCheckLinkedDomain(CheckLinkedDomain.NEVER)
.withPresentationSignCallback(presentationSignCalback)
.withSignature({ alg: SigningAlgo.ES256, kid, did: didStr, hexPrivateKey })
.build();
const verifiedAuthRequest = await op.verifyAuthorizationRequest(authRequestURL, { correlationId });
expect(verifiedAuthRequest).toBeDefined();
const authResponse = await op.createAuthorizationResponse(verifiedAuthRequest, {
issuer: didStr,
correlationId,
});
expect(authResponse).toBeDefined();
expect(authResponse.response.payload).toBeDefined();
console.log(JSON.stringify(authResponse));
const result = await op.submitAuthorizationResponse(authResponse);
console.log(result.statusText);
console.log(await result.text());
expect(result.status).toEqual(204);
}
it(
'succeed with an id token only',
async () => {
await testWithOp();
},
UNIT_TEST_TIMEOUT
);
async function getAuthRequestURL({ nonce }: { nonce: string }): Promise<string> {
const credentialOffer = await fetch(ID_TOKEN_REQUEST_URL, {
method: 'post',
headers: {
Accept: 'text/plain',
'Content-Type': 'application/json',
},
//make sure to serialize your JSON body
body: JSON.stringify({
nonce,
}),
});
return await credentialOffer.text();
}
async function presentationSignCalback(args: PresentationSignCallBackParams): Promise<W3CVerifiablePresentation> {
const importedJwk = await importJWK(jwk, 'ES256');
const jwt = await new SignJWT({
vp: { ...args.presentation },
nonce: args.options.proofOptions.nonce,
iss: args.options.holderDID,
})
.setProtectedHeader({
typ: 'JWT',
alg: 'ES256',
kid,
})
.setIssuedAt()
.setExpirationTime('2h')
.sign(importedJwk);
console.log(`VP: ${jwt}`);
return jwt;
}
});