feat: ES256 delegate

docs/api/classes/GnosisIam.GnosisIam-1.md

@@ -398,17 +398,18 @@ ___
 
 ### createDelegateProof
 
-▸ **createDelegateProof**(`delegateKey`, `rpcUrl`, `identity`): `Promise`<`string`\>
+▸ **createDelegateProof**(`delegateKey`, `rpcUrl`, `identity`, `algorithm?`): `Promise`<`string`\>
 
 **`description`** create a proof of identity delegate
 
 #### Parameters
 
 | Name | Type | Description |
 | :------ | :------ | :------ |
-| `delegateKey` | `string` | private key of the delegate |
+| `delegateKey` | `string` | private key of the delegate in hexadecimal format |
 | `rpcUrl` | `string` | the url of the blockchain provider |
 | `identity` | `string` | Did of the delegate |
+| `algorithm` | `Algorithms` | - |
 
 #### Returns
 

docs/api/classes/iam.IAM.md

@@ -353,17 +353,18 @@ ___
 
 ### createDelegateProof
 
-▸ **createDelegateProof**(`delegateKey`, `rpcUrl`, `identity`): `Promise`<`string`\>
+▸ **createDelegateProof**(`delegateKey`, `rpcUrl`, `identity`, `algorithm?`): `Promise`<`string`\>
 
 **`description`** create a proof of identity delegate
 
 #### Parameters
 
 | Name | Type | Description |
 | :------ | :------ | :------ |
-| `delegateKey` | `string` | private key of the delegate |
+| `delegateKey` | `string` | private key of the delegate in hexadecimal format |
 | `rpcUrl` | `string` | the url of the blockchain provider |
 | `identity` | `string` | Did of the delegate |
+| `algorithm` | `Algorithms` | - |
 
 #### Returns
 

docs/api/enums/errors_ErrorMessages.ERROR_MESSAGES.md

@@ -17,6 +17,7 @@
 - [ENS\_RESOLVER\_NOT\_INITIALIZED](errors_ErrorMessages.ERROR_MESSAGES.md#ens_resolver_not_initialized)
 - [ENS\_TYPE\_NOT\_SUPPORTED](errors_ErrorMessages.ERROR_MESSAGES.md#ens_type_not_supported)
 - [INSUFFICIENT\_BALANCE](errors_ErrorMessages.ERROR_MESSAGES.md#insufficient_balance)
+- [JWT\_ALGORITHM\_NOT\_SUPPORTED](errors_ErrorMessages.ERROR_MESSAGES.md#jwt_algorithm_not_supported)
 - [JWT\_NOT\_INITIALIZED](errors_ErrorMessages.ERROR_MESSAGES.md#jwt_not_initialized)
 - [METAMASK\_EXTENSION\_NOT\_AVAILABLE](errors_ErrorMessages.ERROR_MESSAGES.md#metamask_extension_not_available)
 - [NATS\_NOT\_CONNECTED](errors_ErrorMessages.ERROR_MESSAGES.md#nats_not_connected)
@@ -108,6 +109,12 @@ ___
 
 ___
 
+### JWT\_ALGORITHM\_NOT\_SUPPORTED
+
+• **JWT\_ALGORITHM\_NOT\_SUPPORTED** = `"Jwt algorithm no supported"`
+
+___
+
 ### JWT\_NOT\_INITIALIZED
 
 • **JWT\_NOT\_INITIALIZED** = `"JWT was not initialized"`

package.json

@@ -81,6 +81,7 @@
         "eth-ens-namehash": "^2.0.8",
         "ethers": "^5.4.4",
         "js-sha3": "^0.8.0",
+        "jsonwebtoken": "^8.5.1",
         "lodash.difference": "^4.5.0",
         "nats.ws": "^1.3.0",
         "qs": "^6.9.4",

src/errors/ErrorMessages.ts

@@ -32,4 +32,5 @@ export enum ERROR_MESSAGES {
     WITHDRAWAL_WAS_NOT_REQUESTED = "Stake withdrawal was not requested",
     STAKE_WAS_NOT_PUT = "Stake was not put",
     INSUFFICIENT_BALANCE = "Signer has insufficient balance",
+    JWT_ALGORITHM_NOT_SUPPORTED = "Jwt algorithm no supported",
 }

src/iam.ts

@@ -16,6 +16,7 @@
 // @authors: Daniel Wojno
 
 import { providers, Signer, utils, Wallet } from "ethers";
+import jsonwebtoken from "jsonwebtoken";
 import {
     IRoleDefinition,
     IAppDefinition,
@@ -24,7 +25,7 @@ import {
     EncodedCall,
     DomainReader,
 } from "@energyweb/iam-contracts";
-import { KeyType } from "@ew-did-registry/keys";
+import { KeyType, privToPem } from "@ew-did-registry/keys";
 import {
     DIDAttribute,
     Encoding,
@@ -564,12 +565,17 @@ export class IAM extends IAMBase {
 
     /**
      * @description create a proof of identity delegate
-     * @param delegateKey private key of the delegate
+     * @param delegateKey private key of the delegate in hexadecimal format
      * @param rpcUrl the url of the blockchain provider
      * @param identity Did of the delegate
      * @returns token of delegate
      */
-    async createDelegateProof(delegateKey: string, rpcUrl: string, identity: string): Promise<string> {
+    async createDelegateProof(
+        delegateKey: string,
+        rpcUrl: string,
+        identity: string,
+        algorithm: Algorithms = Algorithms.EIP191,
+    ): Promise<string> {
         const provider = new providers.JsonRpcProvider(rpcUrl);
         const blockNumber = (await provider.getBlockNumber()).toString();
 
@@ -579,9 +585,14 @@ export class IAM extends IAMBase {
                 blockNumber,
             },
         };
-        const jwt = new JWT(new Wallet(delegateKey));
-        const identityToken = jwt.sign(payload, { algorithm: Algorithms.EIP191, issuer: identity });
-        return identityToken;
+        if (algorithm === Algorithms.EIP191) {
+            return new JWT(new Wallet(delegateKey)).sign(payload, { issuer: identity });
+        } else if (algorithm === Algorithms.ES256) {
+            /** @todo move to @ew-did-registry/jwt */
+            return jsonwebtoken.sign(payload, privToPem(delegateKey, KeyType.Secp256r1), { issuer: identity });
+        } else {
+            throw new Error(ERROR_MESSAGES.JWT_ALGORITHM_NOT_SUPPORTED);
+        }
     }
 
     /// ROLES

src/iam/iam-base.ts

@@ -25,7 +25,7 @@ import { ClaimManager } from "../../ethers/ClaimManager";
 import { JWT } from "@ew-did-registry/jwt";
 import { ICacheServerClient } from "../cacheServerClient/ICacheServerClient";
 import { detectExecutionEnvironment, ExecutionEnvironment } from "../utils/detectEnvironment";
-import { connect, NatsConnection, Codec, JSONCodec } from "nats.ws";
+import { connect, NatsConnection, Codec, JSONCodec } from "nats.ws/lib/src/mod.js";
 import { ERROR_MESSAGES } from "../errors";
 import { ClaimData } from "../cacheServerClient/cacheServerClient.types";
 import difference from "lodash.difference";