From a5adaba21a97f525bf69d156df991afc234896ab Mon Sep 17 00:00:00 2001 From: Mircea Nistor Date: Tue, 9 Aug 2022 15:52:08 +0200 Subject: [PATCH] feat(credential-status): rename plugin interfaces and methods fixes #981 --- docsconfig.json | 4 +- packages/core/package.json | 5 +- packages/core/plugin.schema.json | 615 +++++++++++++++++- packages/core/src/index.ts | 3 + packages/core/src/types/ICredentialStatus.ts | 79 +-- .../src/types/ICredentialStatusManager.ts | 86 +++ .../src/types/ICredentialStatusVerifier.ts} | 24 +- packages/core/src/types/IDIDManager.ts | 35 +- packages/core/src/types/vc-data-model.ts | 27 +- packages/credential-status/package.json | 3 +- packages/credential-status/plugin.schema.json | 399 ------------ .../src/__tests__/credential-status.test.ts | 73 ++- .../src/credential-status.ts | 26 +- packages/credential-status/src/index.ts | 1 - packages/credential-status/tsconfig.json | 5 +- .../src/abstract-identifier-provider.ts | 2 +- packages/key-manager/src/types.ts | 7 +- .../src/web3-key-management-system.ts | 57 +- 18 files changed, 878 insertions(+), 573 deletions(-) create mode 100644 packages/core/src/types/ICredentialStatusManager.ts rename packages/{credential-status/src/types.ts => core/src/types/ICredentialStatusVerifier.ts} (71%) delete mode 100644 packages/credential-status/plugin.schema.json diff --git a/docsconfig.json b/docsconfig.json index 48a89df76..1f64743d9 100644 --- a/docsconfig.json +++ b/docsconfig.json @@ -2,6 +2,7 @@ "documentPackages": [ "core", "credential-ld", + "credential-status", "credential-w3c", "data-store", "data-store-json", @@ -15,6 +16,7 @@ "did-resolver", "key-manager", "kms-local", + "kms-web3", "message-handler", "remote-client", "remote-server", @@ -22,4 +24,4 @@ "url-handler", "utils" ] -} \ No newline at end of file +} diff --git a/packages/core/package.json b/packages/core/package.json index fe2a33db5..3d6ce7cab 100644 --- a/packages/core/package.json +++ b/packages/core/package.json @@ -15,7 +15,10 @@ "IDIDManager": "./src/types/IDIDManager.ts", "IDataStore": "./src/types/IDataStore.ts", "IDataStoreORM": "./src/types/IDataStoreORM.ts", - "IMessageHandler": "./src/types/IMessageHandler.ts" + "IMessageHandler": "./src/types/IMessageHandler.ts", + "ICredentialStatus": "./src/types/ICredentialStatus.ts", + "ICredentialStatusVerifier": "./src/types/ICredentialStatusVerifier.ts", + "ICredentialStatusManager": "./src/types/ICredentialStatusManager.ts" } }, "dependencies": { diff --git a/packages/core/plugin.schema.json b/packages/core/plugin.schema.json index 1c6b388d8..f070a43fb 100644 --- a/packages/core/plugin.schema.json +++ b/packages/core/plugin.schema.json @@ -1453,13 +1453,14 @@ }, "options": { "type": "object", - "description": "Identifier provider specific options" + "description": "Identifier provider specific options." } }, "required": [ "did", "document" - ] + ], + "description": "The arguments necessary to perform a full DID document update for a DID." } }, "methods": { @@ -1587,7 +1588,7 @@ } }, "didManagerUpdate": { - "description": "", + "description": "Updates the DID document of a managed ", "arguments": { "$ref": "#/components/schemas/IDIDManagerUpdateArgs" }, @@ -1781,7 +1782,7 @@ "type": "string" }, "credentialStatus": { - "$ref": "#/components/schemas/CredentialStatus" + "$ref": "#/components/schemas/CredentialStatusReference" }, "id": { "type": "string" @@ -1803,7 +1804,7 @@ "type": "string" } }, - "description": "A proof property of a Verifiable Credential or Presentation" + "description": "A proof property of a {@link VerifiableCredential } or {@link VerifiablePresentation }" }, "IssuerType": { "anyOf": [ @@ -1822,7 +1823,7 @@ "type": "string" } ], - "description": "The issuer of a Credential or the holder of a Presentation.\n\nThe value of the issuer property MUST be either a URI or an object containing an id property. It is RECOMMENDED that the URI in the issuer or its id be one which, if de-referenced, results in a document containing machine-readable information about the issuer that can be used to verify the information expressed in the credential.\n\nSee {@link https://www.w3.org/TR/vc-data-model/#issuer | Issuer data model }" + "description": "The issuer of a {@link VerifiableCredential } or the holder of a {@link VerifiablePresentation } .\n\nThe value of the issuer property MUST be either a URI or an object containing an id property. It is RECOMMENDED that the URI in the issuer or its id be one which, if de-referenced, results in a document containing machine-readable information about the issuer that can be used to verify the information expressed in the credential.\n\nSee {@link https://www.w3.org/TR/vc-data-model/#issuer | Issuer data model }" }, "CredentialSubject": { "type": "object", @@ -1833,7 +1834,7 @@ }, "description": "The value of the credentialSubject property is defined as a set of objects that contain one or more properties that are each related to a subject of the verifiable credential. Each object MAY contain an id.\n\nSee {@link https://www.w3.org/TR/vc-data-model/#credential-subject | Credential Subject }" }, - "CredentialStatus": { + "CredentialStatusReference": { "type": "object", "properties": { "id": { @@ -2549,7 +2550,7 @@ "type": "string" }, "credentialStatus": { - "$ref": "#/components/schemas/CredentialStatus" + "$ref": "#/components/schemas/CredentialStatusReference" }, "id": { "type": "string" @@ -2571,7 +2572,7 @@ "type": "string" } }, - "description": "A proof property of a Verifiable Credential or Presentation" + "description": "A proof property of a {@link VerifiableCredential } or {@link VerifiablePresentation }" }, "IssuerType": { "anyOf": [ @@ -2590,7 +2591,7 @@ "type": "string" } ], - "description": "The issuer of a Credential or the holder of a Presentation.\n\nThe value of the issuer property MUST be either a URI or an object containing an id property. It is RECOMMENDED that the URI in the issuer or its id be one which, if de-referenced, results in a document containing machine-readable information about the issuer that can be used to verify the information expressed in the credential.\n\nSee {@link https://www.w3.org/TR/vc-data-model/#issuer | Issuer data model }" + "description": "The issuer of a {@link VerifiableCredential } or the holder of a {@link VerifiablePresentation } .\n\nThe value of the issuer property MUST be either a URI or an object containing an id property. It is RECOMMENDED that the URI in the issuer or its id be one which, if de-referenced, results in a document containing machine-readable information about the issuer that can be used to verify the information expressed in the credential.\n\nSee {@link https://www.w3.org/TR/vc-data-model/#issuer | Issuer data model }" }, "CredentialSubject": { "type": "object", @@ -2601,7 +2602,7 @@ }, "description": "The value of the credentialSubject property is defined as a set of objects that contain one or more properties that are each related to a subject of the verifiable credential. Each object MAY contain an id.\n\nSee {@link https://www.w3.org/TR/vc-data-model/#credential-subject | Credential Subject }" }, - "CredentialStatus": { + "CredentialStatusReference": { "type": "object", "properties": { "id": { @@ -3326,7 +3327,7 @@ "type": "string" }, "credentialStatus": { - "$ref": "#/components/schemas/CredentialStatus" + "$ref": "#/components/schemas/CredentialStatusReference" }, "id": { "type": "string" @@ -3348,7 +3349,7 @@ "type": "string" } }, - "description": "A proof property of a Verifiable Credential or Presentation" + "description": "A proof property of a {@link VerifiableCredential } or {@link VerifiablePresentation }" }, "IssuerType": { "anyOf": [ @@ -3367,7 +3368,7 @@ "type": "string" } ], - "description": "The issuer of a Credential or the holder of a Presentation.\n\nThe value of the issuer property MUST be either a URI or an object containing an id property. It is RECOMMENDED that the URI in the issuer or its id be one which, if de-referenced, results in a document containing machine-readable information about the issuer that can be used to verify the information expressed in the credential.\n\nSee {@link https://www.w3.org/TR/vc-data-model/#issuer | Issuer data model }" + "description": "The issuer of a {@link VerifiableCredential } or the holder of a {@link VerifiablePresentation } .\n\nThe value of the issuer property MUST be either a URI or an object containing an id property. It is RECOMMENDED that the URI in the issuer or its id be one which, if de-referenced, results in a document containing machine-readable information about the issuer that can be used to verify the information expressed in the credential.\n\nSee {@link https://www.w3.org/TR/vc-data-model/#issuer | Issuer data model }" }, "CredentialSubject": { "type": "object", @@ -3378,7 +3379,7 @@ }, "description": "The value of the credentialSubject property is defined as a set of objects that contain one or more properties that are each related to a subject of the verifiable credential. Each object MAY contain an id.\n\nSee {@link https://www.w3.org/TR/vc-data-model/#credential-subject | Credential Subject }" }, - "CredentialStatus": { + "CredentialStatusReference": { "type": "object", "properties": { "id": { @@ -3486,5 +3487,589 @@ } } } + }, + "ICredentialStatus": { + "components": { + "schemas": {}, + "methods": {} + } + }, + "ICredentialStatusVerifier": { + "components": { + "schemas": { + "ICheckCredentialStatusArgs": { + "type": "object", + "properties": { + "credential": { + "$ref": "#/components/schemas/VerifiableCredential", + "description": "The credential whose status needs to be checked" + }, + "didDocumentOverride": { + "$ref": "#/components/schemas/DIDDocument", + "description": "The DID document of the issuer. This can be used in case the DID Document is already resolver, to avoid a potentially expensive DID resolution operation." + } + }, + "required": [ + "credential" + ], + "description": "Arguments for calling {@link ICredentialStatusVerifier.checkCredentialStatus | checkCredentialStatus } .\n\nThe credential whose status should be checked and the DID document of the credential issuer.\n\nSee {@link https://www.w3.org/TR/vc-data-model/#status | Credential Status }" + }, + "VerifiableCredential": { + "type": "object", + "properties": { + "proof": { + "$ref": "#/components/schemas/ProofType" + }, + "issuer": { + "$ref": "#/components/schemas/IssuerType" + }, + "credentialSubject": { + "$ref": "#/components/schemas/CredentialSubject" + }, + "type": { + "anyOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "type": "string" + } + ] + }, + "@context": { + "anyOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "type": "string" + } + ] + }, + "issuanceDate": { + "type": "string" + }, + "expirationDate": { + "type": "string" + }, + "credentialStatus": { + "$ref": "#/components/schemas/CredentialStatusReference" + }, + "id": { + "type": "string" + } + }, + "required": [ + "@context", + "credentialSubject", + "issuanceDate", + "issuer", + "proof" + ], + "description": "Represents a signed Verifiable Credential payload (includes proof), using a JSON representation. See {@link https://www.w3.org/TR/vc-data-model/#credentials | VC data model }" + }, + "ProofType": { + "type": "object", + "properties": { + "type": { + "type": "string" + } + }, + "description": "A proof property of a {@link VerifiableCredential } or {@link VerifiablePresentation }" + }, + "IssuerType": { + "anyOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ] + }, + { + "type": "string" + } + ], + "description": "The issuer of a {@link VerifiableCredential } or the holder of a {@link VerifiablePresentation } .\n\nThe value of the issuer property MUST be either a URI or an object containing an id property. It is RECOMMENDED that the URI in the issuer or its id be one which, if de-referenced, results in a document containing machine-readable information about the issuer that can be used to verify the information expressed in the credential.\n\nSee {@link https://www.w3.org/TR/vc-data-model/#issuer | Issuer data model }" + }, + "CredentialSubject": { + "type": "object", + "properties": { + "id": { + "type": "string" + } + }, + "description": "The value of the credentialSubject property is defined as a set of objects that contain one or more properties that are each related to a subject of the verifiable credential. Each object MAY contain an id.\n\nSee {@link https://www.w3.org/TR/vc-data-model/#credential-subject | Credential Subject }" + }, + "CredentialStatusReference": { + "type": "object", + "properties": { + "id": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "description": "Used for the discovery of information about the current status of a verifiable credential, such as whether it is suspended or revoked. The precise contents of the credential status information is determined by the specific `credentialStatus` type definition, and varies depending on factors such as whether it is simple to implement or if it is privacy-enhancing.\n\nSee {@link https://www.w3.org/TR/vc-data-model/#status | Credential Status }" + }, + "DIDDocument": { + "type": "object", + "properties": { + "authentication": { + "type": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "$ref": "#/components/schemas/VerificationMethod" + } + ] + } + }, + "assertionMethod": { + "type": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "$ref": "#/components/schemas/VerificationMethod" + } + ] + } + }, + "keyAgreement": { + "type": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "$ref": "#/components/schemas/VerificationMethod" + } + ] + } + }, + "capabilityInvocation": { + "type": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "$ref": "#/components/schemas/VerificationMethod" + } + ] + } + }, + "capabilityDelegation": { + "type": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "$ref": "#/components/schemas/VerificationMethod" + } + ] + } + }, + "@context": { + "anyOf": [ + { + "type": "string", + "const": "https://www.w3.org/ns/did/v1" + }, + { + "type": "string" + }, + { + "type": "array", + "items": { + "type": "string" + } + } + ] + }, + "id": { + "type": "string" + }, + "alsoKnownAs": { + "type": "array", + "items": { + "type": "string" + } + }, + "controller": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "array", + "items": { + "type": "string" + } + } + ] + }, + "verificationMethod": { + "type": "array", + "items": { + "$ref": "#/components/schemas/VerificationMethod" + } + }, + "service": { + "type": "array", + "items": { + "$ref": "#/components/schemas/ServiceEndpoint" + } + }, + "publicKey": { + "type": "array", + "items": { + "$ref": "#/components/schemas/VerificationMethod" + }, + "deprecated": true + } + }, + "required": [ + "id" + ] + }, + "VerificationMethod": { + "type": "object", + "properties": { + "id": { + "type": "string" + }, + "type": { + "type": "string" + }, + "controller": { + "type": "string" + }, + "publicKeyBase58": { + "type": "string" + }, + "publicKeyBase64": { + "type": "string" + }, + "publicKeyJwk": { + "$ref": "#/components/schemas/JsonWebKey" + }, + "publicKeyHex": { + "type": "string" + }, + "publicKeyMultibase": { + "type": "string" + }, + "blockchainAccountId": { + "type": "string" + }, + "ethereumAddress": { + "type": "string" + } + }, + "required": [ + "id", + "type", + "controller" + ] + }, + "JsonWebKey": { + "type": "object", + "properties": { + "alg": { + "type": "string" + }, + "crv": { + "type": "string" + }, + "e": { + "type": "string" + }, + "ext": { + "type": "boolean" + }, + "key_ops": { + "type": "array", + "items": { + "type": "string" + } + }, + "kid": { + "type": "string" + }, + "kty": { + "type": "string" + }, + "n": { + "type": "string" + }, + "use": { + "type": "string" + }, + "x": { + "type": "string" + }, + "y": { + "type": "string" + } + }, + "required": [ + "kty" + ], + "description": "Encapsulates a JSON web key type that includes only the public properties that can be used in DID documents.\n\nThe private properties are intentionally omitted to discourage the use (and accidental disclosure) of private keys in DID documents." + }, + "ServiceEndpoint": { + "type": "object", + "properties": { + "id": { + "type": "string" + }, + "type": { + "type": "string" + }, + "serviceEndpoint": { + "type": "string" + }, + "description": { + "type": "string" + } + }, + "required": [ + "id", + "type", + "serviceEndpoint" + ] + }, + "CredentialStatus": { + "type": "object", + "properties": { + "revoked": { + "type": "boolean" + } + }, + "description": "Represents the result of a status check.\n\nImplementations MUST populate the `revoked` boolean property, but they can return additional metadata that is method specific." + } + }, + "methods": { + "checkCredentialStatus": { + "description": "Checks the status of a ", + "arguments": { + "$ref": "#/components/schemas/ICheckCredentialStatusArgs" + }, + "returnType": { + "$ref": "#/components/schemas/CredentialStatus" + } + } + } + } + }, + "ICredentialStatusManager": { + "components": { + "schemas": { + "CredentialStatusGenerateArgs": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "The credential status type (aka credential status method) to be used in the `credentialStatus` generation." + } + }, + "required": [ + "type" + ], + "additionalProperties": { + "description": "Any other options will be forwarded to the credentialStatus method driver" + }, + "description": "Arguments for generating a `credentialStatus` property for a {@link VerifiableCredential } ." + }, + "CredentialStatusReference": { + "type": "object", + "properties": { + "id": { + "type": "string" + }, + "type": { + "type": "string" + } + }, + "required": [ + "id", + "type" + ], + "description": "Used for the discovery of information about the current status of a verifiable credential, such as whether it is suspended or revoked. The precise contents of the credential status information is determined by the specific `credentialStatus` type definition, and varies depending on factors such as whether it is simple to implement or if it is privacy-enhancing.\n\nSee {@link https://www.w3.org/TR/vc-data-model/#status | Credential Status }" + }, + "CredentialStatusUpdateArgs": { + "type": "object", + "properties": { + "vc": { + "$ref": "#/components/schemas/VerifiableCredential", + "description": "The verifiable credential whose status will be updated." + }, + "options": { + "type": "object", + "description": "Options that will be forwarded to the credentialStatus method specific manager." + } + }, + "required": [ + "vc" + ], + "description": "Input arguments for {@link ICredentialStatusManager.credentialStatusUpdate | credentialStatusUpdate }" + }, + "VerifiableCredential": { + "type": "object", + "properties": { + "proof": { + "$ref": "#/components/schemas/ProofType" + }, + "issuer": { + "$ref": "#/components/schemas/IssuerType" + }, + "credentialSubject": { + "$ref": "#/components/schemas/CredentialSubject" + }, + "type": { + "anyOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "type": "string" + } + ] + }, + "@context": { + "anyOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "type": "string" + } + ] + }, + "issuanceDate": { + "type": "string" + }, + "expirationDate": { + "type": "string" + }, + "credentialStatus": { + "$ref": "#/components/schemas/CredentialStatusReference" + }, + "id": { + "type": "string" + } + }, + "required": [ + "@context", + "credentialSubject", + "issuanceDate", + "issuer", + "proof" + ], + "description": "Represents a signed Verifiable Credential payload (includes proof), using a JSON representation. See {@link https://www.w3.org/TR/vc-data-model/#credentials | VC data model }" + }, + "ProofType": { + "type": "object", + "properties": { + "type": { + "type": "string" + } + }, + "description": "A proof property of a {@link VerifiableCredential } or {@link VerifiablePresentation }" + }, + "IssuerType": { + "anyOf": [ + { + "type": "object", + "properties": { + "id": { + "type": "string" + } + }, + "required": [ + "id" + ] + }, + { + "type": "string" + } + ], + "description": "The issuer of a {@link VerifiableCredential } or the holder of a {@link VerifiablePresentation } .\n\nThe value of the issuer property MUST be either a URI or an object containing an id property. It is RECOMMENDED that the URI in the issuer or its id be one which, if de-referenced, results in a document containing machine-readable information about the issuer that can be used to verify the information expressed in the credential.\n\nSee {@link https://www.w3.org/TR/vc-data-model/#issuer | Issuer data model }" + }, + "CredentialSubject": { + "type": "object", + "properties": { + "id": { + "type": "string" + } + }, + "description": "The value of the credentialSubject property is defined as a set of objects that contain one or more properties that are each related to a subject of the verifiable credential. Each object MAY contain an id.\n\nSee {@link https://www.w3.org/TR/vc-data-model/#credential-subject | Credential Subject }" + } + }, + "methods": { + "credentialStatusGenerate": { + "description": "Generates a ", + "arguments": { + "$ref": "#/components/schemas/CredentialStatusGenerateArgs" + }, + "returnType": { + "$ref": "#/components/schemas/CredentialStatusReference" + } + }, + "credentialStatusTypes": { + "description": "List all the credential status types (methods) available in the current agent instance.", + "arguments": { + "type": "object" + }, + "returnType": { + "type": "array", + "items": { + "type": "string" + } + } + }, + "credentialStatusUpdate": { + "description": "Changes the status of an existing ", + "arguments": { + "$ref": "#/components/schemas/CredentialStatusUpdateArgs" + }, + "returnType": { + "type": "object" + } + } + } + } } } \ No newline at end of file diff --git a/packages/core/src/index.ts b/packages/core/src/index.ts index 1cad80807..1b8efa781 100644 --- a/packages/core/src/index.ts +++ b/packages/core/src/index.ts @@ -7,6 +7,9 @@ export { Agent, createAgent, IAgentOptions } from './agent' export { ValidationError } from './validator' export { CoreEvents } from './coreEvents' export * from './types/IAgent' +export * from './types/ICredentialStatus' +export * from './types/ICredentialStatusManager' +export * from './types/ICredentialStatusVerifier' export * from './types/IDataStore' export * from './types/IDataStoreORM' export * from './types/IIdentifier' diff --git a/packages/core/src/types/ICredentialStatus.ts b/packages/core/src/types/ICredentialStatus.ts index 6a6c2f859..4b37f5b83 100644 --- a/packages/core/src/types/ICredentialStatus.ts +++ b/packages/core/src/types/ICredentialStatus.ts @@ -1,78 +1,13 @@ -export { DIDDocument, DIDResolutionOptions, DIDResolutionResult } from 'did-resolver' -import { IPluginMethodMap } from './IAgent' -import { CredentialStatus, VerifiableCredential } from './vc-data-model' +import { ICredentialStatusVerifier } from './ICredentialStatusVerifier' +import { ICredentialStatusManager } from './ICredentialStatusManager' /** - * The arguments expected by a plugin that implements a credential status type/method - * in order to change the status of an issued verifiable credential. - * - * Each credential status type has its own specific parameters according to their spec. - * - * @see https://w3c-ccg.github.io/vc-status-list-2021/ | StatusList2021Entry - * @see https://w3c-ccg.github.io/vc-csl2017/ | CredentialStatusList2017 + * Veramo plugin interface for plugins implementing both the {@link ICredentialStatusManager | manager} and the + * {@link ICredentialStatusVerifier | verifier} aspects of Credential Status flow. * - * @beta - */ -interface CredentialStatusUpdateOptions { [x: string]: any } - -/** - * Input arguments for {@link ICredentialStatus.credentialStatusUpdate | credentialStatusUpdate} - * @beta - */ -export interface CredentialStatusUpdateArgs { - /** - * The verifiable credential whose status will be updated. - */ - vc: VerifiableCredential - - /** - * Credential status strategy options that will be passed to the method specific manager. - * - * @see: https://www.w3.org/TR/vc-data-model/#status - */ - options?: CredentialStatusUpdateOptions -} - -/** - * Arguments for generating a `credentialStatus` property for a {@link VerifiableCredential}. - * @see {@link ICredentialStatus.credentialStatusGenerate} + * @see {@link https://www.w3.org/TR/vc-data-model/#status | credentialStatus} data model + * @see {@link @veramo/credential-status#CredentialStatusPlugin | CredentialStatusPlugin} * * @beta */ -export interface CredentialStatusGenerateArgs { - /** - * The credential status type (aka credential status method) to be used in the `credentialStatus` generation. - */ - type: string -} - -/** - * Credential status manager interface - * @beta - */ -export interface ICredentialStatus extends IPluginMethodMap { - /** - * Changes the status of an existing verifiable credential. - * Commonly used to revoke an existent credential. - * - * @param args - Input arguments for updating the status or revoking a credential - * @beta - */ - credentialStatusUpdate(args: CredentialStatusUpdateArgs): Promise - - /** - * Generates a `credentialStatus` property for a future credential, not yet signed. - * - * This method is used during the creation of a VC in order to make the VC capable of - * having its status updated later, allowing it to be revoked later by instance. - * - * @param args - Input arguments for generating the `credentialStatus` field of a new credential - * @beta - */ - credentialStatusGenerate(args: CredentialStatusGenerateArgs): Promise - - /** - * List all the credential status types (methods) available in the current agent instance. - */ - credentialStatusTypes(): Promise -} \ No newline at end of file +export type ICredentialStatus = ICredentialStatusVerifier & ICredentialStatusManager diff --git a/packages/core/src/types/ICredentialStatusManager.ts b/packages/core/src/types/ICredentialStatusManager.ts new file mode 100644 index 000000000..65ed1789c --- /dev/null +++ b/packages/core/src/types/ICredentialStatusManager.ts @@ -0,0 +1,86 @@ +export { DIDDocument, DIDResolutionOptions, DIDResolutionResult } from 'did-resolver' +import { IPluginMethodMap } from './IAgent' +import { CredentialStatusReference, VerifiableCredential } from './vc-data-model' + +/** + * The arguments expected by a plugin that implements a credential status type/method + * in order to change the status of an issued verifiable credential. + * + * Each credential status type has its own specific parameters according to their spec. + * + * @see {@link https://w3c-ccg.github.io/vc-status-list-2021/ | StatusList2021Entry } + * @see {@link https://w3c-ccg.github.io/vc-csl2017/ | CredentialStatusList2017 } + * @see {@link https://www.w3.org/TR/vc-data-model/#status | credential status data model } + * + * @beta + */ +interface CredentialStatusUpdateOptions { + [x: string]: any +} + +/** + * Input arguments for {@link ICredentialStatusManager.credentialStatusUpdate | credentialStatusUpdate} + * @beta + */ +export interface CredentialStatusUpdateArgs { + /** + * The verifiable credential whose status will be updated. + */ + vc: VerifiableCredential + + /** + * Options that will be forwarded to the credentialStatus method specific manager. + * + * @see {@link https://www.w3.org/TR/vc-data-model/#status} + */ + options?: CredentialStatusUpdateOptions +} + +/** + * Arguments for generating a `credentialStatus` property for a {@link VerifiableCredential}. + * @see {@link ICredentialStatusManager.credentialStatusGenerate | credentialStatusGenerate} + * + * @beta + */ +export interface CredentialStatusGenerateArgs { + /** + * The credential status type (aka credential status method) to be used in the `credentialStatus` generation. + */ + type: string + + /** + * Any other options will be forwarded to the credentialStatus method driver + */ + [x: string]: any +} + +/** + * Credential status manager interface + * @beta + */ +export interface ICredentialStatusManager extends IPluginMethodMap { + /** + * Changes the status of an existing {@link VerifiableCredential}. + * Commonly used to revoke an existing credential. + * + * @param args - Input arguments for updating the status(revoking) a credential + * @beta + */ + credentialStatusUpdate(args: CredentialStatusUpdateArgs): Promise + + /** + * Generates a `credentialStatus` property for a future credential, not yet signed. + * + * This method is used during the creation of a {@link VerifiableCredential} in order to make it capable of + * having its status updated later (to be revoked). + * + * @param args - Input arguments for generating the `credentialStatus` field of a new credential + * @beta + */ + credentialStatusGenerate(args: CredentialStatusGenerateArgs): Promise + + /** + * List all the credential status types (methods) available in the current agent instance. + */ + credentialStatusTypes(): Promise> +} diff --git a/packages/credential-status/src/types.ts b/packages/core/src/types/ICredentialStatusVerifier.ts similarity index 71% rename from packages/credential-status/src/types.ts rename to packages/core/src/types/ICredentialStatusVerifier.ts index 82bd4bb8f..8c7967c06 100644 --- a/packages/credential-status/src/types.ts +++ b/packages/core/src/types/ICredentialStatusVerifier.ts @@ -1,9 +1,10 @@ -import { IAgentContext, IPluginMethodMap, VerifiableCredential } from '@veramo/core' -import { CredentialStatus as CredentialStatusVerification } from 'credential-status' import { DIDDocument } from 'did-resolver' +import { IAgentContext, IPluginMethodMap } from './IAgent' +import { VerifiableCredential, CredentialStatus } from './vc-data-model' +import { IResolver } from "./IResolver"; /** - * Arguments for calling {@link ICheckCredentialStatus.checkCredentialStatus | checkCredentialStatus}. + * Arguments for calling {@link ICredentialStatusVerifier.checkCredentialStatus | checkCredentialStatus}. * * The credential whose status should be checked and the DID document of the credential issuer. * @@ -12,8 +13,16 @@ import { DIDDocument } from 'did-resolver' * @beta This API may change without a BREAKING CHANGE notice. */ export interface ICheckCredentialStatusArgs { + /** + * The credential whose status needs to be checked + */ credential: VerifiableCredential - didDoc: DIDDocument + + /** + * The DID document of the issuer. This can be used in case the DID Document is already resolver, to avoid a + * potentially expensive DID resolution operation. + */ + didDocumentOverride?: DIDDocument } /** @@ -33,8 +42,7 @@ export interface ICheckCredentialStatusArgs { * * @beta This API may change without a BREAKING CHANGE notice. */ -export interface ICheckCredentialStatus extends IPluginMethodMap { - +export interface ICredentialStatusVerifier extends IPluginMethodMap { /** * Checks the status of a {@link @veramo/core#VerifiableCredential | Verifiable Credential}. * @@ -43,6 +51,6 @@ export interface ICheckCredentialStatus extends IPluginMethodMap { */ checkCredentialStatus( args: ICheckCredentialStatusArgs, - context: IAgentContext, - ): Promise + context: IAgentContext, + ): Promise } diff --git a/packages/core/src/types/IDIDManager.ts b/packages/core/src/types/IDIDManager.ts index 47a1df893..351237350 100644 --- a/packages/core/src/types/IDIDManager.ts +++ b/packages/core/src/types/IDIDManager.ts @@ -125,6 +125,13 @@ export interface IDIDManagerGetOrCreateArgs { options?: object } +/** + * The arguments necessary to perform a full DID document update for a DID. + * + * @see {@link IDIDManager.didManagerUpdate | didManagerUpdate} + * + * @beta + */ export interface IDIDManagerUpdateArgs { /** * Required. DID @@ -137,8 +144,10 @@ export interface IDIDManagerUpdateArgs { document: Partial /** - * Identifier provider specific options - */ + * Identifier provider specific options. + * + * @see {@link @veramo/did-manager#AbstractIdentifierProvider | AbstractIdentifierProvider} + */ options?: { [x: string]: any } @@ -242,7 +251,6 @@ export interface IDIDManager extends IPluginMethodMap { * Returns a list of managed identifiers * * @param args - Required. Arguments to get the list of identifiers - * @param context - Execution context. Requires `agent` that has {@link @veramo/core#IKeyManager} methods * * @example * ```typescript @@ -266,7 +274,6 @@ export interface IDIDManager extends IPluginMethodMap { * Returns a specific identifier by alias * * @param args - Required. Arguments to get the identifier - * @param context - Execution context. Requires `agent` that has {@link @veramo/core#IKeyManager} methods * * @example * ```typescript @@ -282,7 +289,9 @@ export interface IDIDManager extends IPluginMethodMap { * Creates and returns a new identifier * * @param args - Required. Arguments to create the identifier - * @param context - Execution context. Requires `agent` that has {@link @veramo/core#IKeyManager} methods + * @param context - *RESERVED* This is filled by the framework when the method is called. This method's Execution context requires an `agent` that has + * {@link @veramo/core#IKeyManager} methods. * * @example * ```typescript @@ -299,7 +308,8 @@ export interface IDIDManager extends IPluginMethodMap { * Sets identifier alias * * @param args - Required. Arguments to set identifier alias - * @param context - Execution context. Requires `agent` that has {@link @veramo/core#IKeyManager} methods + * @param context - Execution context. Requires `agent` + * that has {@link @veramo/core#IKeyManager} methods * * @example * ```typescript @@ -314,13 +324,24 @@ export interface IDIDManager extends IPluginMethodMap { /** * Returns an existing identifier or creates a new one for a specific alias + * @param args - The alias used for the search and the provider/kms/options used to create the DID when none is found. + * @param context - *RESERVED* This is filled by the framework when the method is called. This method's execution context requires an `agent` that has + * {@link @veramo/core#IKeyManager} methods. */ didManagerGetOrCreate( args: IDIDManagerGetOrCreateArgs, context: IAgentContext, ): Promise - didManagerUpdate(args: IDIDManagerUpdateArgs, context: IAgentContext): Promise + /** + * Updates the DID document of a managed {@link IIdentifier | DID}. + * @param args - the arguments necessary for the update. The options are specific for each DID provider. + * @param context - *RESERVED* This is filled by the framework when the method is called. This method's execution context requires an `agent` that has + * {@link @veramo/core#IKeyManager} methods. + */ + didManagerUpdate(args: IDIDManagerUpdateArgs, context: IAgentContext): Promise /** * Imports identifier diff --git a/packages/core/src/types/vc-data-model.ts b/packages/core/src/types/vc-data-model.ts index 69de0c0c3..4b0821b87 100644 --- a/packages/core/src/types/vc-data-model.ts +++ b/packages/core/src/types/vc-data-model.ts @@ -7,7 +7,7 @@ export type CompactJWT = string /** - * The issuer of a Credential or the holder of a Presentation. + * The issuer of a {@link VerifiableCredential} or the holder of a {@link VerifiablePresentation }. * * The value of the issuer property MUST be either a URI or an object containing an id property. * It is RECOMMENDED that the URI in the issuer or its id be one which, if de-referenced, results in a document @@ -18,7 +18,7 @@ export type CompactJWT = string * * @beta This API may change without a BREAKING CHANGE notice. */ -export type IssuerType = { id: string;[x: string]: any } | string +export type IssuerType = { id: string; [x: string]: any } | string /** * The value of the credentialSubject property is defined as a set of objects that contain one or more properties that @@ -44,14 +44,29 @@ export type CredentialSubject = { * * @beta This API may change without a BREAKING CHANGE notice. */ -export type CredentialStatus = { +export type CredentialStatusReference = { id: string type: string [x: string]: any } /** - * A proof property of a Verifiable Credential or Presentation + * Represents the result of a status check. + * + * Implementations MUST populate the `revoked` boolean property, but they can return additional metadata that is + * method specific. + * + * @see {@link credential-status#CredentialStatus | CredentialStatus} + * + * @beta This API may change without a BREAKING CHANGE notice. + */ +export type CredentialStatus = { + revoked?: boolean + [x: string]: any +} + +/** + * A proof property of a {@link VerifiableCredential} or {@link VerifiablePresentation} * * @beta This API may change without a BREAKING CHANGE notice. */ @@ -74,7 +89,7 @@ export interface UnsignedCredential { '@context': string[] | string issuanceDate: string expirationDate?: string - credentialStatus?: CredentialStatus + credentialStatus?: CredentialStatusReference id?: string [x: string]: any @@ -150,7 +165,7 @@ export interface CredentialPayload { '@context'?: string[] issuanceDate?: DateType expirationDate?: DateType - credentialStatus?: CredentialStatus + credentialStatus?: CredentialStatusReference id?: string [x: string]: any diff --git a/packages/credential-status/package.json b/packages/credential-status/package.json index 196502386..bc5b3d9a6 100644 --- a/packages/credential-status/package.json +++ b/packages/credential-status/package.json @@ -6,7 +6,7 @@ "types": "build/index.d.ts", "scripts": { "build": "tsc", - "generate-plugin-schema": "yarn veramo dev generate-plugin-schema" + "extract-api": "yarn veramo dev extract-api" }, "veramo": { "pluginInterfaces": { @@ -15,6 +15,7 @@ }, "dependencies": { "@veramo/core": "^3.1.0", + "@veramo/utils": "^3.1.0", "credential-status": "^2.0.3", "did-jwt": "^6.2.0", "did-resolver": "^3.2.2" diff --git a/packages/credential-status/plugin.schema.json b/packages/credential-status/plugin.schema.json deleted file mode 100644 index abeda70b9..000000000 --- a/packages/credential-status/plugin.schema.json +++ /dev/null @@ -1,399 +0,0 @@ -{ - "ICheckCredentialStatus": { - "components": { - "schemas": { - "ICheckCredentialStatusArgs": { - "type": "object", - "properties": { - "credential": { - "$ref": "#/components/schemas/VerifiableCredential" - }, - "didDoc": { - "$ref": "#/components/schemas/DIDDocument" - } - }, - "required": [ - "credential", - "didDoc" - ], - "description": "Arguments for calling {@link ICheckCredentialStatus.checkCredentialStatus | checkCredentialStatus } .\n\nThe credential whose status should be checked and the DID document of the credential issuer.\n\nSee {@link https://www.w3.org/TR/vc-data-model/#status | Credential Status }" - }, - "VerifiableCredential": { - "type": "object", - "properties": { - "proof": { - "$ref": "#/components/schemas/ProofType" - }, - "issuer": { - "$ref": "#/components/schemas/IssuerType" - }, - "credentialSubject": { - "$ref": "#/components/schemas/CredentialSubject" - }, - "type": { - "anyOf": [ - { - "type": "array", - "items": { - "type": "string" - } - }, - { - "type": "string" - } - ] - }, - "@context": { - "anyOf": [ - { - "type": "array", - "items": { - "type": "string" - } - }, - { - "type": "string" - } - ] - }, - "issuanceDate": { - "type": "string" - }, - "expirationDate": { - "type": "string" - }, - "credentialStatus": { - "$ref": "#/components/schemas/CredentialStatus" - }, - "id": { - "type": "string" - } - }, - "required": [ - "@context", - "credentialSubject", - "issuanceDate", - "issuer", - "proof" - ], - "description": "Represents a signed Verifiable Credential payload (includes proof), using a JSON representation. See {@link https://www.w3.org/TR/vc-data-model/#credentials | VC data model }" - }, - "ProofType": { - "type": "object", - "properties": { - "type": { - "type": "string" - } - }, - "description": "A proof property of a Verifiable Credential or Presentation" - }, - "IssuerType": { - "anyOf": [ - { - "type": "object", - "properties": { - "id": { - "type": "string" - } - }, - "required": [ - "id" - ] - }, - { - "type": "string" - } - ], - "description": "The issuer of a Credential or the holder of a Presentation.\n\nThe value of the issuer property MUST be either a URI or an object containing an id property. It is RECOMMENDED that the URI in the issuer or its id be one which, if de-referenced, results in a document containing machine-readable information about the issuer that can be used to verify the information expressed in the credential.\n\nSee {@link https://www.w3.org/TR/vc-data-model/#issuer | Issuer data model }" - }, - "CredentialSubject": { - "type": "object", - "properties": { - "id": { - "type": "string" - } - }, - "description": "The value of the credentialSubject property is defined as a set of objects that contain one or more properties that are each related to a subject of the verifiable credential. Each object MAY contain an id.\n\nSee {@link https://www.w3.org/TR/vc-data-model/#credential-subject | Credential Subject }" - }, - "CredentialStatus": { - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "type": { - "$ref": "#/components/schemas/CredentialStatusType" - } - }, - "required": [ - "id", - "type" - ], - "description": "Used for the discovery of information about the current status of a verifiable credential, such as whether it is suspended or revoked. The precise contents of the credential status information is determined by the specific `credentialStatus` type definition, and varies depending on factors such as whether it is simple to implement or if it is privacy-enhancing.\n\nSee {@link https://www.w3.org/TR/vc-data-model/#status | Credential Status }" - }, - "CredentialStatusType": { - "type": "string", - "description": "Expresses the credential status type (also referred to as the credential status method). It is expected that the value will provide enough information to determine the current status of the credential and that machine readable information needs to be retrievable from the URI. For example, the object could contain a link to an external document noting whether or not the credential is suspended or revoked." - }, - "DIDDocument": { - "type": "object", - "properties": { - "authentication": { - "type": "array", - "items": { - "anyOf": [ - { - "type": "string" - }, - { - "$ref": "#/components/schemas/VerificationMethod" - } - ] - } - }, - "assertionMethod": { - "type": "array", - "items": { - "anyOf": [ - { - "type": "string" - }, - { - "$ref": "#/components/schemas/VerificationMethod" - } - ] - } - }, - "keyAgreement": { - "type": "array", - "items": { - "anyOf": [ - { - "type": "string" - }, - { - "$ref": "#/components/schemas/VerificationMethod" - } - ] - } - }, - "capabilityInvocation": { - "type": "array", - "items": { - "anyOf": [ - { - "type": "string" - }, - { - "$ref": "#/components/schemas/VerificationMethod" - } - ] - } - }, - "capabilityDelegation": { - "type": "array", - "items": { - "anyOf": [ - { - "type": "string" - }, - { - "$ref": "#/components/schemas/VerificationMethod" - } - ] - } - }, - "@context": { - "anyOf": [ - { - "type": "string", - "const": "https://www.w3.org/ns/did/v1" - }, - { - "type": "string" - }, - { - "type": "array", - "items": { - "type": "string" - } - } - ] - }, - "id": { - "type": "string" - }, - "alsoKnownAs": { - "type": "array", - "items": { - "type": "string" - } - }, - "controller": { - "anyOf": [ - { - "type": "string" - }, - { - "type": "array", - "items": { - "type": "string" - } - } - ] - }, - "verificationMethod": { - "type": "array", - "items": { - "$ref": "#/components/schemas/VerificationMethod" - } - }, - "service": { - "type": "array", - "items": { - "$ref": "#/components/schemas/ServiceEndpoint" - } - }, - "publicKey": { - "type": "array", - "items": { - "$ref": "#/components/schemas/VerificationMethod" - }, - "deprecated": true - } - }, - "required": [ - "id" - ] - }, - "VerificationMethod": { - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "type": { - "type": "string" - }, - "controller": { - "type": "string" - }, - "publicKeyBase58": { - "type": "string" - }, - "publicKeyBase64": { - "type": "string" - }, - "publicKeyJwk": { - "$ref": "#/components/schemas/JsonWebKey" - }, - "publicKeyHex": { - "type": "string" - }, - "publicKeyMultibase": { - "type": "string" - }, - "blockchainAccountId": { - "type": "string" - }, - "ethereumAddress": { - "type": "string" - } - }, - "required": [ - "id", - "type", - "controller" - ] - }, - "JsonWebKey": { - "type": "object", - "properties": { - "alg": { - "type": "string" - }, - "crv": { - "type": "string" - }, - "e": { - "type": "string" - }, - "ext": { - "type": "boolean" - }, - "key_ops": { - "type": "array", - "items": { - "type": "string" - } - }, - "kid": { - "type": "string" - }, - "kty": { - "type": "string" - }, - "n": { - "type": "string" - }, - "use": { - "type": "string" - }, - "x": { - "type": "string" - }, - "y": { - "type": "string" - } - }, - "required": [ - "kty" - ], - "description": "Encapsulates a JSON web key type that includes only the public properties that can be used in DID documents.\n\nThe private properties are intentionally omitted to discourage the use (and accidental disclosure) of private keys in DID documents." - }, - "ServiceEndpoint": { - "type": "object", - "properties": { - "id": { - "type": "string" - }, - "type": { - "type": "string" - }, - "serviceEndpoint": { - "type": "string" - }, - "description": { - "type": "string" - } - }, - "required": [ - "id", - "type", - "serviceEndpoint" - ] - }, - "CredentialStatusVerification": { - "type": "object", - "properties": { - "revoked": { - "type": "boolean" - } - }, - "description": "Represents the result of a status check.\n\nImplementations should populate the `revoked` boolean property, but they can return additional metadata that is method specific." - } - }, - "methods": { - "checkCredentialStatus": { - "description": "Checks the status of a ", - "arguments": { - "$ref": "#/components/schemas/ICheckCredentialStatusArgs" - }, - "returnType": { - "$ref": "#/components/schemas/CredentialStatusVerification" - } - } - } - } - } -} \ No newline at end of file diff --git a/packages/credential-status/src/__tests__/credential-status.test.ts b/packages/credential-status/src/__tests__/credential-status.test.ts index f91702af3..f2d5d9d08 100644 --- a/packages/credential-status/src/__tests__/credential-status.test.ts +++ b/packages/credential-status/src/__tests__/credential-status.test.ts @@ -1,40 +1,80 @@ -import { createAgent } from '../../../core/src' +import { createAgent, ICredentialStatusVerifier, VerifiableCredential } from '../../../core/src' +import { DIDResolverPlugin } from '../../../did-resolver/src' import { CredentialStatusPlugin } from '../credential-status' -import { DIDDocument } from 'did-resolver' +import { DIDDocument, DIDResolutionOptions, DIDResolutionResult, Resolvable } from 'did-resolver' describe('@veramo/credential-status', () => { - const referenceCredential = { + const referenceDoc: DIDDocument = { id: 'did:example:1234' } + const referenceCredential: VerifiableCredential = { + '@context': [], + issuanceDate: new Date().toISOString(), + proof: {}, + issuer: referenceDoc.id, + credentialSubject: {}, credentialStatus: { type: 'ExoticStatusMethod2022', id: 'some-exotic-id', }, } - const referenceDoc = {} as DIDDocument it('should check the credential status', async () => { - expect.assertions(3); + expect.assertions(3) const expectedResult = {} const checkStatus = jest.fn(async () => expectedResult) + const agent = createAgent({ + plugins: [ + new CredentialStatusPlugin({ + ExoticStatusMethod2022: checkStatus, + }), + ], + }) + + const result = await agent.checkCredentialStatus({ + credential: referenceCredential, + didDocumentOverride: referenceDoc, + }) + + expect(result).toStrictEqual(expectedResult) + expect(checkStatus).toBeCalledTimes(1) + expect(checkStatus).toBeCalledWith(referenceCredential, referenceDoc) + }) + + it('should check the credential status using DID resolver to get the issuer doc', async () => { + expect.assertions(4) + const expectedResult = {} + const checkStatus = jest.fn(async () => expectedResult) + const fakeResolver: Resolvable = { + resolve: jest.fn( + async (didUrl: string, options?: DIDResolutionOptions): Promise => { + return { + didDocument: { id: didUrl }, + didResolutionMetadata: {}, + didDocumentMetadata: {}, + } + }, + ), + } const agent = createAgent({ plugins: [ new CredentialStatusPlugin({ ExoticStatusMethod2022: checkStatus, }), + new DIDResolverPlugin({ resolver: fakeResolver }), ], }) const result = await agent.checkCredentialStatus({ credential: referenceCredential, - didDoc: referenceDoc, }) expect(result).toStrictEqual(expectedResult) expect(checkStatus).toBeCalledTimes(1) expect(checkStatus).toBeCalledWith(referenceCredential, referenceDoc) + expect(fakeResolver.resolve).toBeCalledTimes(1) }) it('should not perform status check if no `credentialStatus` present', async () => { - expect.assertions(2); + expect.assertions(2) const checkStatus = jest.fn() const agent = createAgent({ plugins: [ @@ -46,7 +86,7 @@ describe('@veramo/credential-status', () => { const result = await agent.checkCredentialStatus({ credential: {}, - didDoc: referenceDoc, + didDocumentOverride: referenceDoc, }) expect(result).toEqual({ @@ -57,17 +97,22 @@ describe('@veramo/credential-status', () => { }) it('should throw if unknown status check was provided', async () => { - expect.assertions(1); + expect.assertions(1) const agent = createAgent({ plugins: [ new CredentialStatusPlugin({ - NotCalled: jest.fn() - }) + NotCalled: jest.fn(), + }), ], }) - await expect(agent.checkCredentialStatus({ - credential: referenceCredential - })).rejects.toThrow(`unknown_method: credentialStatus method ExoticStatusMethod2022 unknown. Validity can not be determined.`) + await expect( + agent.checkCredentialStatus({ + credential: referenceCredential, + didDocumentOverride: referenceDoc, + }), + ).rejects.toThrow( + `unknown_method: credentialStatus method ExoticStatusMethod2022 unknown. Validity can not be determined.`, + ) }) }) diff --git a/packages/credential-status/src/credential-status.ts b/packages/credential-status/src/credential-status.ts index c1affa621..b6ccdcbe4 100644 --- a/packages/credential-status/src/credential-status.ts +++ b/packages/credential-status/src/credential-status.ts @@ -1,9 +1,15 @@ -import { IAgentContext, IAgentPlugin, VerifiableCredential } from '@veramo/core' -import { CredentialStatus, Status, StatusMethod } from 'credential-status' -import { ICheckCredentialStatus, ICheckCredentialStatusArgs } from './types' +import { + IAgentContext, + IAgentPlugin, + ICheckCredentialStatusArgs, + ICredentialStatusVerifier, + IResolver, +} from '@veramo/core' +import { extractIssuer, resolveDidOrThrow } from '@veramo/utils' +import { Status, StatusMethod } from 'credential-status' /** - * This plugin implements the {@link @veramo/credential-status#ICheckCredentialStatus | ICheckCredentialStatus} + * This plugin implements the {@link @veramo/core#ICredentialStatusVerifier | ICredentialStatusVerifier} * interface. * * This aggregates some {@link credential-status#StatusMethod | credential status implementations} to provide a second @@ -22,7 +28,7 @@ import { ICheckCredentialStatus, ICheckCredentialStatusArgs } from './types' */ export class CredentialStatusPlugin implements IAgentPlugin { private readonly status: Status - readonly methods: ICheckCredentialStatus + readonly methods: ICredentialStatusVerifier constructor(registry: Record = {}) { this.status = new Status(registry) @@ -31,8 +37,12 @@ export class CredentialStatusPlugin implements IAgentPlugin { } } - private async checkCredentialStatus(args: ICheckCredentialStatusArgs, context: IAgentContext) { - return this.status.checkStatus(args.credential, args.didDoc) + private async checkCredentialStatus(args: ICheckCredentialStatusArgs, context: IAgentContext) { + let didDoc = args.didDocumentOverride + if (!didDoc) { + const issuerDid = extractIssuer(args.credential) + didDoc = await resolveDidOrThrow(issuerDid, context) + } + return this.status.checkStatus(args.credential, didDoc) } } - diff --git a/packages/credential-status/src/index.ts b/packages/credential-status/src/index.ts index b277e3f48..22721d4b8 100644 --- a/packages/credential-status/src/index.ts +++ b/packages/credential-status/src/index.ts @@ -1,3 +1,2 @@ /* istanbul ignore file */ export { CredentialStatusPlugin } from './credential-status' -export * from './types' diff --git a/packages/credential-status/tsconfig.json b/packages/credential-status/tsconfig.json index e0e1861fb..486f1543f 100644 --- a/packages/credential-status/tsconfig.json +++ b/packages/credential-status/tsconfig.json @@ -7,6 +7,7 @@ "skipLibCheck": true }, "references": [ - { "path": "../core" } + { "path": "../core" }, + { "path": "../utils" } ] -} \ No newline at end of file +} diff --git a/packages/did-manager/src/abstract-identifier-provider.ts b/packages/did-manager/src/abstract-identifier-provider.ts index 943d6cad5..f16bc12d5 100644 --- a/packages/did-manager/src/abstract-identifier-provider.ts +++ b/packages/did-manager/src/abstract-identifier-provider.ts @@ -39,7 +39,7 @@ export abstract class AbstractIdentifierProvider { /** * Subclasses can override this to signal that they can work with a given DID prefix - * @param prefix a DID URL prefix, Example: 'did:key:z6Mk', or `did:ethr`, or `did:ethr:arbitrum:testnet` + * @param prefix - a DID URL prefix, Example: 'did:key:z6Mk', or `did:ethr`, or `did:ethr:arbitrum:testnet` */ matchPrefix?(prefix: string): boolean { return false diff --git a/packages/key-manager/src/types.ts b/packages/key-manager/src/types.ts index c28037c04..691a0e7f5 100644 --- a/packages/key-manager/src/types.ts +++ b/packages/key-manager/src/types.ts @@ -1,8 +1,13 @@ import { TypedDataDomain, TypedDataField } from '@ethersproject/abstract-signer' +/** + * The payload that is sent to be signed according to EIP712 + * @see {@link https://eips.ethereum.org/EIPS/eip-712} + * @beta + */ export type Eip712Payload = { domain: TypedDataDomain types: Record primaryType: string message: Record -} \ No newline at end of file +} diff --git a/packages/kms-web3/src/web3-key-management-system.ts b/packages/kms-web3/src/web3-key-management-system.ts index e1f832730..988f64ae2 100644 --- a/packages/kms-web3/src/web3-key-management-system.ts +++ b/packages/kms-web3/src/web3-key-management-system.ts @@ -1,17 +1,18 @@ import { JsonRpcSigner, Web3Provider } from '@ethersproject/providers' -import { - TKeyType, - IKey, - ManagedKeyInfo, - MinimalImportableKey, -} from '@veramo/core' +import { TKeyType, IKey, ManagedKeyInfo, MinimalImportableKey } from '@veramo/core' import { AbstractKeyManagementSystem, Eip712Payload } from '@veramo/key-manager' import { toUtf8String } from '@ethersproject/strings' +/** + * This is a {@link @veramo/keyManager#AbstractKeyManagementSystem | KMS} implementation that uses the addresses of a + * web3 wallet as key identifiers, and calls the respective wallet for signing operations. + * @beta + */ export class Web3KeyManagementSystem extends AbstractKeyManagementSystem { /** - * - * @param providers - the key can be any unique name. Example { metamask: metamaskProvider, walletConnect: walletConnectProvider } + * + * @param providers - the key can be any unique name. Example { metamask: metamaskProvider, walletConnect: + * walletConnectProvider } */ constructor(private providers: Record) { super() @@ -21,9 +22,7 @@ export class Web3KeyManagementSystem extends AbstractKeyManagementSystem { throw Error('not_supported: Web3KeyManagementSystem cannot create new keys') } - async importKey( - args: Omit, - ): Promise { + async importKey(args: Omit): Promise { // throw Error('Not implemented') return args as any as ManagedKeyInfo } @@ -32,7 +31,7 @@ export class Web3KeyManagementSystem extends AbstractKeyManagementSystem { const keys: ManagedKeyInfo[] = [] for (const provider in this.providers) { const accounts = await this.providers[provider].listAccounts() - for (const account of accounts) { + for (const account of accounts) { const key: ManagedKeyInfo = { kid: `${provider}-${account}`, type: 'Secp256k1', @@ -41,11 +40,8 @@ export class Web3KeyManagementSystem extends AbstractKeyManagementSystem { meta: { account, provider, - algorithms: [ - 'eth_signMessage', - 'eth_signTypedData', - ] - } + algorithms: ['eth_signMessage', 'eth_signTypedData'], + }, } keys.push(key) } @@ -65,10 +61,10 @@ export class Web3KeyManagementSystem extends AbstractKeyManagementSystem { return true } - // keyRef should be in this format '{providerName-account} - // example: 'metamask-0xf3beac30c498d9e26865f34fcaa57dbb935b0d74' - private getAccountAndSignerByKeyRef(keyRef: Pick): {account: string, signer: JsonRpcSigner } { - const [ providerName, account ] = keyRef.kid.split('-') + // keyRef should be in this format '{providerName-account} + // example: 'metamask-0xf3beac30c498d9e26865f34fcaa57dbb935b0d74' + private getAccountAndSignerByKeyRef(keyRef: Pick): { account: string; signer: JsonRpcSigner } { + const [providerName, account] = keyRef.kid.split('-') if (!this.providers[providerName]) { throw Error(`not_available: provider ${providerName}`) } @@ -85,13 +81,10 @@ export class Web3KeyManagementSystem extends AbstractKeyManagementSystem { algorithm?: string data: Uint8Array }): Promise { - if (algorithm) { if (algorithm === 'eth_signMessage') { return await this.eth_signMessage(keyRef, data) - } else if ( - ['eth_signTypedData', 'EthereumEip712Signature2021'].includes(algorithm) - ) { + } else if (['eth_signTypedData', 'EthereumEip712Signature2021'].includes(algorithm)) { return await this.eth_signTypedData(keyRef, data) } } @@ -107,10 +100,7 @@ export class Web3KeyManagementSystem extends AbstractKeyManagementSystem { const serializedData = toUtf8String(data) try { const jsonData = JSON.parse(serializedData) as Eip712Payload - if ( - typeof jsonData.domain === 'object' && - typeof jsonData.types === 'object' - ) { + if (typeof jsonData.domain === 'object' && typeof jsonData.types === 'object') { const { domain, types, message, primaryType } = jsonData msg = message msgDomain = domain @@ -122,16 +112,12 @@ export class Web3KeyManagementSystem extends AbstractKeyManagementSystem { } catch (e) { // next check will throw since the data couldn't be parsed } - if ( - typeof msgDomain !== 'object' || - typeof msgTypes !== 'object' || - typeof msg !== 'object' - ) { + if (typeof msgDomain !== 'object' || typeof msgTypes !== 'object' || typeof msg !== 'object') { throw Error( `invalid_arguments: Cannot sign typed data. 'domain', 'types', and 'message' must be provided`, ) } - delete(msgTypes.EIP712Domain) + delete msgTypes.EIP712Domain const { signer } = this.getAccountAndSignerByKeyRef(keyRef) const signature = await signer._signTypedData(msgDomain, msgTypes, msg) @@ -148,5 +134,4 @@ export class Web3KeyManagementSystem extends AbstractKeyManagementSystem { // HEX encoded string, 0x prefixed return signature } - }