feat: fetch entity statement

Signed-off-by: Berend Sliedrecht <sliedrecht@berend.io>
animo · Jul 11, 2024 · df7aea3 · df7aea3
1 parent 12a0add
commit df7aea3
Show file tree

Hide file tree

Showing 16 changed files with 718 additions and 128 deletions.
diff --git a/package.json b/package.json
@@ -1,7 +1,7 @@
 {
   "name": "openid-federation-ts",
   "private": true,
-  "version": "0.1.0",
+  "version": "0.0.0",
   "description": "Openid Federation implementation",
   "author": "Animo Solutions",
   "license": "Apache-2.0",
@@ -16,13 +16,13 @@
     "release": "lerna publish"
   },
   "devDependencies": {
-    "@biomejs/biome": "1.8.0",
-    "rimraf": "^5.0.7"
+    "@biomejs/biome": "1.8.3",
+    "rimraf": "^6.0.0"
   },
   "pnpm": {
     "overrides": {
-      "typescript": "~5.3.2",
-      "@types/node": "^20.11.1",
+      "typescript": "~5.5.3",
+      "@types/node": "^20.14.10",
       "ts-node": "^10.9.2"
     }
   }

diff --git a/packages/core/__tests__/createEntityConfiguration.test.ts b/packages/core/__tests__/createEntityConfiguration.test.ts
@@ -4,11 +4,11 @@ import { createEntityConfiguration } from '../src/entityConfiguration'
 import type { SignCallback } from '../src/utils'
 
 describe('create entity configuration', () => {
-  const signCallback: SignCallback = () => Promise.resolve(new Uint8Array(42).fill(8))
+  const signJwtCallback: SignCallback = () => Promise.resolve(new Uint8Array(42).fill(8))
 
   it('should create a basic entity configuration', async () => {
     const entityConfiguration = await createEntityConfiguration({
-      signCallback,
+      signJwtCallback,
       claims: {
         exp: 1,
         iat: 1,
@@ -27,7 +27,7 @@ describe('create entity configuration', () => {
 
   it('should create a more complex entity configuration', async () => {
     const entityConfiguration = await createEntityConfiguration({
-      signCallback,
+      signJwtCallback: signJwtCallback,
       claims: {
         exp: 1,
         iat: 1,
@@ -48,7 +48,7 @@ describe('create entity configuration', () => {
   it('should not create a entity configuration when iss and sub are not equal', async () => {
     await assert.rejects(
       createEntityConfiguration({
-        signCallback,
+        signJwtCallback: signJwtCallback,
         claims: {
           exp: 1,
           iat: 1,
@@ -67,7 +67,7 @@ describe('create entity configuration', () => {
   it('should not create a entity configuration when kid is not found in jwks.keys', async () => {
     await assert.rejects(
       createEntityConfiguration({
-        signCallback,
+        signJwtCallback: signJwtCallback,
         claims: {
           exp: 1,
           iat: 1,
@@ -87,7 +87,7 @@ describe('create entity configuration', () => {
   it("should not create a entity configuration when typ is not 'entity-statement+jwt'", async () => {
     await assert.rejects(
       createEntityConfiguration({
-        signCallback,
+        signJwtCallback: signJwtCallback,
         claims: {
           exp: 1,
           iat: 1,
@@ -107,7 +107,7 @@ describe('create entity configuration', () => {
   it('should not create a entity configuration when jwks.keys include keys with the same kid', async () => {
     await assert.rejects(
       createEntityConfiguration({
-        signCallback,
+        signJwtCallback: signJwtCallback,
         claims: {
           exp: 1,
           iat: 1,

diff --git a/packages/core/__tests__/createEntityStatement.test.ts b/packages/core/__tests__/createEntityStatement.test.ts
@@ -0,0 +1,91 @@
+import assert from 'node:assert'
+import { describe, it } from 'node:test'
+import { createEntityStatement } from '../src/entityStatement/createEntityStatement'
+import type { SignCallback } from '../src/utils'
+
+describe('create entity statement', () => {
+  const signJwtCallback: SignCallback = () => Promise.resolve(new Uint8Array(10).fill(42))
+
+  it('should create a basic entity statement', async () => {
+    const entityStatementJwt = await createEntityStatement({
+      jwk: { kty: 'EC', kid: 'a' },
+      claims: {
+        exp: 1,
+        iat: 1,
+        iss: 'https://example.org',
+        sub: 'https://one.example.org',
+        jwks: { keys: [{ kty: 'EC', kid: 'b' }] },
+      },
+      header: {
+        kid: 'a',
+        typ: 'entity-statement+jwt',
+      },
+      signJwtCallback,
+    })
+
+    assert.strictEqual(
+      entityStatementJwt,
+      'eyJraWQiOiJhIiwidHlwIjoiZW50aXR5LXN0YXRlbWVudCtqd3QifQ.eyJleHAiOjEsImlhdCI6MSwiaXNzIjoiaHR0cHM6Ly9leGFtcGxlLm9yZyIsInN1YiI6Imh0dHBzOi8vb25lLmV4YW1wbGUub3JnIiwiandrcyI6eyJrZXlzIjpbeyJrdHkiOiJFQyIsImtpZCI6ImIifV19fQ.KioqKioqKioqKg'
+    )
+  })
+
+  it('should create a basic entity statement without a provided header', async () => {
+    const entityStatementJwt = await createEntityStatement({
+      jwk: { kty: 'EC', kid: 'a' },
+      claims: {
+        exp: 1,
+        iat: 1,
+        iss: 'https://example.org',
+        sub: 'https://one.example.org',
+        jwks: { keys: [{ kty: 'EC', kid: 'b' }] },
+      },
+      signJwtCallback,
+    })
+
+    assert.strictEqual(
+      entityStatementJwt,
+      'eyJ0eXAiOiJlbnRpdHktc3RhdGVtZW50K2p3dCIsImtpZCI6ImEifQ.eyJleHAiOjEsImlhdCI6MSwiaXNzIjoiaHR0cHM6Ly9leGFtcGxlLm9yZyIsInN1YiI6Imh0dHBzOi8vb25lLmV4YW1wbGUub3JnIiwiandrcyI6eyJrZXlzIjpbeyJrdHkiOiJFQyIsImtpZCI6ImIifV19fQ.KioqKioqKioqKg'
+    )
+  })
+
+  it('should not create a basic entity statement with an invalid typ', async () => {
+    await assert.rejects(
+      createEntityStatement({
+        jwk: { kty: 'EC', kid: 'a' },
+        claims: {
+          exp: 1,
+          iat: 1,
+          iss: 'https://example.org',
+          sub: 'https://one.example.org',
+          jwks: { keys: [{ kty: 'EC', kid: 'b' }] },
+        },
+        header: {
+          kid: 'a',
+          // @ts-ignore
+          typ: 'invalid-typ',
+        },
+        signJwtCallback,
+      })
+    )
+  })
+
+  it('should not create a basic entity statement with a jwk that does not match the kid in the header', async () => {
+    await assert.rejects(
+      createEntityStatement({
+        jwk: { kty: 'EC', kid: 'b' },
+        claims: {
+          exp: 1,
+          iat: 1,
+          iss: 'https://example.org',
+          sub: 'https://one.example.org',
+          jwks: { keys: [{ kty: 'EC', kid: 'b' }] },
+        },
+        header: {
+          kid: 'a',
+          typ: 'entity-statement+jwt',
+        },
+        signJwtCallback,
+      })
+    )
+  })
+})
diff --git a/packages/core/__tests__/fetchEntityConfiguration.test.ts b/packages/core/__tests__/fetchEntityConfiguration.test.ts
@@ -24,7 +24,7 @@ describe('fetch entity configuration', () => {
     const entityConfiguration = await createEntityConfiguration({
       header: { kid: 'a', typ: 'entity-statement+jwt' },
       claims,
-      signCallback,
+      signJwtCallback: signCallback,
     })
 
     const scope = nock(entityId).get('/.well-known/openid-federation').reply(200, entityConfiguration, {
@@ -55,7 +55,7 @@ describe('fetch entity configuration', () => {
     const entityConfiguration = await createEntityConfiguration({
       header: { kid: 'a', typ: 'entity-statement+jwt' },
       claims,
-      signCallback,
+      signJwtCallback: signCallback,
     })
 
     const scope = nock(entityId).get('/.well-known/openid-federation').reply(200, entityConfiguration, {