feat: More support for definition Formats when creating VPs from SIOP

Sphereon-Opensource · Apr 26, 2023 · 61c4120 · 61c4120
1 parent bd82063
commit 61c4120
Show file tree

Hide file tree

Showing 4 changed files with 71 additions and 48 deletions.
diff --git a/packages/did-auth-siop-op-authenticator/package.json b/packages/did-auth-siop-op-authenticator/package.json
@@ -14,8 +14,8 @@
     "build:clean": "tsc --build --clean && tsc --build"
   },
   "dependencies": {
-    "@sphereon/did-auth-siop": "^0.3.0-unstable.25",
-    "@sphereon/pex": "2.0.0-unstable.12",
+    "@sphereon/did-auth-siop": "^0.3.0-unstable.36",
+    "@sphereon/pex": "2.0.0-unstable.14",
     "@sphereon/ssi-sdk-core": "^0.9.0",
     "@sphereon/ssi-sdk-did-utils": "^0.9.0",
     "@sphereon/ssi-types": "^0.9.0",

diff --git a/packages/did-auth-siop-op-authenticator/src/session/OID4VP.ts b/packages/did-auth-siop-op-authenticator/src/session/OID4VP.ts
@@ -8,6 +8,7 @@ import { OpSession } from './OpSession'
 import { CredentialMapper, W3CVerifiableCredential } from '@sphereon/ssi-types'
 import { PresentationDefinitionWithLocation, PresentationExchange } from '@sphereon/did-auth-siop'
 import { SelectResults, Status, SubmissionRequirementMatch } from '@sphereon/pex'
+
 import { ProofOptions } from '@sphereon/ssi-sdk-core'
 import { createPresentationSignCallback, determineKid, getKey } from './functions'
 import { FindCredentialsArgs, IIdentifier } from '@veramo/core'
@@ -81,11 +82,14 @@ export class OID4VP {
     const vcs = await this.filterCredentials(selectedVerifiableCredentials.definition, {
       verifiableCredentials: selectedVerifiableCredentials.credentials.map((vc) => CredentialMapper.storedCredentialToOriginalFormat(vc)),
     })
+    selectedVerifiableCredentials.definition.definition.format
     const key = await getKey(idOpts.identifier, 'authentication', this.session.context, idOpts.kid)
     const signCallback = await createPresentationSignCallback({
       presentationSignCallback: this.session.options.presentationSignCallback,
       kid: determineKid(key, idOpts),
       context: this.session.context,
+      format: selectedVerifiableCredentials.definition.definition.format
+
     })
     const presentation = await this.getPresentationExchange(vcs.credentials, this.allDIDs).createVerifiablePresentation(
       vcs.definition.definition,

diff --git a/packages/did-auth-siop-op-authenticator/src/session/functions.ts b/packages/did-auth-siop-op-authenticator/src/session/functions.ts
@@ -2,7 +2,7 @@ import { IIdentifierOpts, IOPOptions, IRequiredContext } from '../types/IDidAuth
 import { EventEmitter } from 'events'
 import { AgentDIDResolver, getAgentDIDMethods, mapIdentifierKeysToDocWithJwkSupport } from '@sphereon/ssi-sdk-did-utils'
 import { KeyAlgo, SuppliedSigner } from '@sphereon/ssi-sdk-core'
-import { W3CVerifiablePresentation } from '@sphereon/ssi-types'
+import { CredentialMapper, W3CVerifiablePresentation } from '@sphereon/ssi-types'
 import {
   Builder,
   CheckLinkedDomain,
@@ -13,49 +13,53 @@ import {
   SigningAlgo,
   SupportedVersion,
 } from '@sphereon/did-auth-siop'
+import { Format } from '@sphereon/pex-models'
 import { PresentationSignCallBackParams } from '@sphereon/pex'
 import { DIDDocumentSection, IIdentifier, IKey, PresentationPayload, TKeyType } from '@veramo/core'
 import { _ExtendedIKey } from '@veramo/utils'
 import { IVerifyCallbackArgs, IVerifyCredentialResult } from '@sphereon/wellknown-dids-client'
 
 export async function createPresentationSignCallback({
-  presentationSignCallback,
-  kid,
-  domain,
-  challenge,
-  context,
-}: {
+                                                       presentationSignCallback,
+                                                       kid,
+                                                       domain,
+                                                       challenge,
+                                                       format,
+                                                       context,
+                                                     }: {
   presentationSignCallback?: PresentationSignCallback
   kid: string
   domain?: string
   challenge?: string
+  format?: Format
   context: IRequiredContext
 }): Promise<PresentationSignCallback> {
   // fixme: Remove once IPresentation in proper form is available in PEX
   // @ts-ignore
   return presentationSignCallback
     ? presentationSignCallback
     : async (args: PresentationSignCallBackParams): Promise<W3CVerifiablePresentation> => {
-        const presentation: PresentationPayload = args.presentation as PresentationPayload
-        const format = args.presentationDefinition.format
+      const presentation: PresentationPayload = args.presentation as PresentationPayload
+      const formatOptions = args.presentationDefinition.format ?? format
+      const proofFormat = formatOptions && (formatOptions.ldp || formatOptions.ldp_vp) ? 'lds' : 'jwt'
 
-        const vp = await context.agent.createVerifiablePresentation({
-          presentation,
-          keyRef: kid,
-          domain,
-          challenge,
-          fetchRemoteContexts: true,
-          proofFormat: format && (format.ldp || format.ldp_vp) ? 'lds' : 'jwt',
-        })
-        return vp as W3CVerifiablePresentation
-      }
+      const vp = await context.agent.createVerifiablePresentation({
+        presentation,
+        keyRef: kid,
+        domain,
+        challenge,
+        fetchRemoteContexts: true,
+        proofFormat,
+      })
+      return CredentialMapper.storedPresentationToOriginalFormat(vp as W3CVerifiablePresentation)
+    }
 }
 
 export async function createOPBuilder({
-  opOptions,
-  idOpts,
-  context,
-}: {
+                                        opOptions,
+                                        idOpts,
+                                        context,
+                                      }: {
   opOptions: IOPOptions
   idOpts?: IIdentifierOpts
   context: IRequiredContext
@@ -64,12 +68,12 @@ export async function createOPBuilder({
   const builder = OP.builder()
     .withResponseMode(opOptions.responseMode ?? ResponseMode.POST)
     .withSupportedVersions(
-      opOptions.supportedVersions ?? [SupportedVersion.SIOPv2_ID1, SupportedVersion.JWT_VC_PRESENTATION_PROFILE_v1, SupportedVersion.SIOPv2_D11]
+      opOptions.supportedVersions ?? [SupportedVersion.SIOPv2_ID1, SupportedVersion.JWT_VC_PRESENTATION_PROFILE_v1, SupportedVersion.SIOPv2_D11],
     )
     .withExpiresIn(opOptions.expiresIn ?? 300)
     .withCheckLinkedDomain(opOptions.checkLinkedDomains ?? CheckLinkedDomain.IF_PRESENT)
     .withCustomResolver(
-      opOptions.resolveOpts?.resolver ?? new AgentDIDResolver(context, opOptions.resolveOpts?.noUniversalResolverFallback !== false)
+      opOptions.resolveOpts?.resolver ?? new AgentDIDResolver(context, opOptions.resolveOpts?.noUniversalResolverFallback !== false),
     )
     .withEventEmitter(eventEmitter)
     .withRegistration({
@@ -82,9 +86,9 @@ export async function createOPBuilder({
   const wellknownDIDVerifyCallback = opOptions.wellknownDIDVerifyCallback
     ? opOptions.wellknownDIDVerifyCallback
     : async (args: IVerifyCallbackArgs): Promise<IVerifyCredentialResult> => {
-        const result = await context.agent.verifyCredential({ credential: args.credential, fetchRemoteContexts: true })
-        return { verified: result.verified }
-      }
+      const result = await context.agent.verifyCredential({ credential: args.credential, fetchRemoteContexts: true })
+      return { verified: result.verified }
+    }
   builder.withWellknownDIDVerifyCallback(wellknownDIDVerifyCallback)
 
   if (idOpts && idOpts.identifier) {
@@ -95,24 +99,24 @@ export async function createOPBuilder({
       SuppliedSigner(key, context, getSigningAlgo(key.type) as unknown as KeyAlgo),
       idOpts.identifier.did,
       kid,
-      getSigningAlgo(key.type)
+      getSigningAlgo(key.type),
     )
     builder.withPresentationSignCallback(
       await createPresentationSignCallback({
         presentationSignCallback: opOptions.presentationSignCallback,
         kid,
         context,
-      })
+      }),
     )
   }
   return builder
 }
 
 export async function createOP({
-  opOptions,
-  idOpts,
-  context,
-}: {
+                                 opOptions,
+                                 idOpts,
+                                 context,
+                               }: {
   opOptions: IOPOptions
   idOpts?: IIdentifierOpts
   context: IRequiredContext
@@ -124,7 +128,7 @@ export async function getKey(
   identifier: IIdentifier,
   verificationMethodSection: DIDDocumentSection = 'authentication',
   context: IRequiredContext,
-  keyId?: string
+  keyId?: string,
 ): Promise<IKey> {
   const keys = await mapIdentifierKeysToDocWithJwkSupport(identifier, verificationMethodSection, context)
   if (!keys || keys.length === 0) {

diff --git a/yarn.lock b/yarn.lock
@@ -2356,15 +2356,15 @@
     "@trust/keyto" "^2.0.0-alpha1"
     "@veramo/core" "4.2.0"
 
-"@sphereon/did-auth-siop@^0.3.0-unstable.25":
-  version "0.3.0-unstable.25"
-  resolved "https://registry.yarnpkg.com/@sphereon/did-auth-siop/-/did-auth-siop-0.3.0-unstable.25.tgz#0932f8a59072e8e9bfee8a50e44662bd46e26e11"
-  integrity sha512-sc4l6eJIejZidJVasiMNlmPPe/CJ05FmLStVmQkiFoZA3CvG6bxPtNxE9rIIaw3kjGWJUOyQ9wDDqmBlZfv1Lg==
+"@sphereon/did-auth-siop@^0.3.0-unstable.36":
+  version "0.3.0-unstable.36"
+  resolved "https://registry.yarnpkg.com/@sphereon/did-auth-siop/-/did-auth-siop-0.3.0-unstable.36.tgz#28c1afe6b9b3aa3bf6e416088f2c7a5375ebe66a"
+  integrity sha512-Q70ZhufI8CqVAAfAVYRNj+bttc6s2bFl2peMgcWcVryI3zamroB+8i+O+y/djgY+Ac37V5eTEXXoPHpdRLwygg==
   dependencies:
     "@sphereon/did-uni-client" "^0.6.0"
-    "@sphereon/pex" "^2.0.0-unstable.12"
+    "@sphereon/pex" "^2.0.0-unstable.14"
     "@sphereon/pex-models" "^1.2.2"
-    "@sphereon/ssi-types" "^0.9.0"
+    "@sphereon/ssi-types" "^0.9.1-next.109"
     "@sphereon/wellknown-dids-client" "^0.1.3"
     "@stablelib/ed25519" "^1.0.3"
     "@stablelib/random" "^1.0.2"
@@ -2458,10 +2458,10 @@
   resolved "https://registry.yarnpkg.com/@sphereon/pex-models/-/pex-models-1.2.2.tgz#85d2062693c0a9c31fb5c1be0847675141803846"
   integrity sha512-/pGDQGs4lSK4Fuf6WzaGengb1UqNYmjRdkIC+dJT89kMktIwJLoNB2PvQHcggn3nEbmwZFB/1dgJGumAnWPYsg==
 
-"@sphereon/pex@2.0.0-unstable.12", "@sphereon/pex@^2.0.0-unstable.12":
-  version "2.0.0-unstable.12"
-  resolved "https://registry.yarnpkg.com/@sphereon/pex/-/pex-2.0.0-unstable.12.tgz#d6184d11c46723357578ce016ad68aba7e390a8a"
-  integrity sha512-yR43vr6GAw0KOIYqSf9hp7OSylGH6WYqNIaGEKtlEgHhn7T5q831ZEyXsEUI3g459U28Uq0m+OzncAHxi8qMIg==
+"@sphereon/pex@2.0.0-unstable.14", "@sphereon/pex@^2.0.0-unstable.14":
+  version "2.0.0-unstable.14"
+  resolved "https://registry.yarnpkg.com/@sphereon/pex/-/pex-2.0.0-unstable.14.tgz#13727200866206a93aa478a2e4ba651bb2024d91"
+  integrity sha512-QraUuoy6dxcZTcdK7pH6qcCAN+jJtWCfPC54eVLah7c5ogj8tuP9XYa1dSonuJ/ZUIrIvaRXB3ALSzvP3aWMhQ==
   dependencies:
     "@sphereon/pex-models" "^1.2.2"
     "@sphereon/ssi-types" "^0.9.0"
@@ -2472,6 +2472,13 @@
     nanoid "^3.3.4"
     string.prototype.matchall "^4.0.8"
 
+"@sphereon/ssi-types@^0.9.1-next.109":
+  version "0.9.1-unstable.136"
+  resolved "https://registry.yarnpkg.com/@sphereon/ssi-types/-/ssi-types-0.9.1-unstable.136.tgz#160a1ef075e01879e8fd7cac5523f3afdc0bd8c4"
+  integrity sha512-ugtoM+FVBTR+lNmJvQPPLkrkaC8tPDzS5GA/A56gdCSh8YZoCh7CympVZYHKF9W0gg0lqhCd+kh09UoFUdGLQg==
+  dependencies:
+    jwt-decode "^3.1.2"
+
 "@sphereon/wellknown-dids-client@^0.1.3":
   version "0.1.3"
   resolved "https://registry.yarnpkg.com/@sphereon/wellknown-dids-client/-/wellknown-dids-client-0.1.3.tgz#4711599ed732903e9f45fe051660f925c9b508a4"
@@ -12243,13 +12250,21 @@ random-bytes@~1.0.0:
   resolved "https://registry.yarnpkg.com/random-bytes/-/random-bytes-1.0.0.tgz#4f68a1dc0ae58bd3fb95848c30324db75d64360b"
   integrity sha512-iv7LhNVO047HzYR3InF6pUcUsPQiHTM1Qal51DcGSuZFBil1aBBWG5eHPNek7bvILMaYJ/8RU1e8w1AMdHmLQQ==
 
-randombytes@^2.1.0:
+randombytes@^2.0.5, randombytes@^2.1.0:
   version "2.1.0"
   resolved "https://registry.yarnpkg.com/randombytes/-/randombytes-2.1.0.tgz#df6f84372f0270dc65cdf6291349ab7a473d4f2a"
   integrity sha512-vYl3iOX+4CKUWuxGi9Ukhie6fsqXqS9FE2Zaic4tNFD2N2QQaXOMFbuKK4QmDHC0JO6B1Zp41J0LpT0oR68amQ==
   dependencies:
     safe-buffer "^5.1.0"
 
+randomfill@^1.0.4:
+  version "1.0.4"
+  resolved "https://registry.yarnpkg.com/randomfill/-/randomfill-1.0.4.tgz#c92196fc86ab42be983f1bf31778224931d61458"
+  integrity sha512-87lcbR8+MhcWcUiQ+9e+Rwx8MyR2P7qnt15ynUlbm3TU/fjbgz4GsvfSUDTemtCCtVCqb4ZcEFlyPNTh9bBTLw==
+  dependencies:
+    randombytes "^2.0.5"
+    safe-buffer "^5.1.0"
+
 range-parser@~1.2.1:
   version "1.2.1"
   resolved "https://registry.yarnpkg.com/range-parser/-/range-parser-1.2.1.tgz#3cf37023d199e1c24d1a55b84800c2f3e6468031"