feat: Add SIOPv2 Relying Party logic and REST API

README.md

@@ -25,7 +25,7 @@ multiple packages (see lerna below). It contains plugins that extend the Veramo
     - Json-LD VC handler: [Issues and verifies JSON-LD based VCs and VPs](./packages/vc-handler-ld-local/README.md)
 - OpenID Connect and Presentation Exchange:
     - SIOPv2 and
-      OIDC4VP: [Self-Issued OpenID Connect and OpenID Connect for Verifiable Presentations](./packages/did-auth-siop-op-authenticator/README.md)
+      OIDC4VP: [Self-Issued OpenID Connect and OpenID Connect for Verifiable Presentations](packages/siopv2-openid4vp-op-auth/README.md)
     - WACI PEx QR code: [Create QR codes for use with WACI PEx for React and React-Native](./packages/qr-code-generator/README.md)
 
 ## SSI SDK Core
@@ -74,7 +74,7 @@ Verifiable Credentials and Verifiable Presentations
 
 ## OpenID Connect
 
-The [Self-Issued OpenID Connect and OpenID Connect for Verifiable Presentations](./packages/did-auth-siop-op-authenticator/README.md)
+The [Self-Issued OpenID Connect and OpenID Connect for Verifiable Presentations](packages/siopv2-openid4vp-op-auth/README.md)
 plugin allows an OP to authenticate against a Relying Party using Self-Issued OpenID Connect and optionally OpenID
 Connect for Verifiable Presentations, with the help of
 our [Presentation-Exchange library](https://github.com/Sphereon-Opensource/pe-js).

packages/siopv2-openid4vp-common/.gitignore

@@ -0,0 +1,9 @@
+.vscode/*
+.idea/*
+*.iml
+.nyc_output
+build
+dist
+node_modules
+coverage
+*.log

packages/siopv2-openid4vp-common/package.json

@@ -0,0 +1,23 @@
+{
+  "name": "@sphereon/ssi-sdk-siopv2-openid4vp-common",
+  "version": "0.9.0",
+  "description": "Common SIOPv2 and OpenID4VP types between modules",
+  "source": "src/index.ts",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "author": "Sphereon <[email protected]>",
+  "license": "Apache-2.0",
+  "private": false,
+  "dependencies": {
+    "@sphereon/did-auth-siop": "^0.3.0-unstable.30"
+  },
+  "scripts": {
+    "build": "tsc"
+  },
+  "devDependencies": {
+    "@types/node": "^16.18.0"
+  },
+  "files": [
+    "dist/**/*"
+  ]
+}

packages/siopv2-openid4vp-common/src/auth-model.ts

@@ -0,0 +1,37 @@
+// noinspection JSUnusedGlobalSymbols
+import {AuthorizationResponsePayload} from "@sphereon/did-auth-siop";
+
+export interface ClaimPayloadCommonOpts {
+    [x: string]: any;
+}
+export declare enum AuthorizationRequestStateStatus {
+    CREATED = "created",
+    SENT = "sent",
+    RECEIVED = "received",
+    VERIFIED = "verified",
+    ERROR = "error"
+}
+export declare enum AuthorizationResponseStateStatus {
+    CREATED = "created",
+    SENT = "sent",
+    RECEIVED = "received",
+    VERIFIED = "verified",
+    ERROR = "error"
+}
+
+export interface GenerateAuthRequestURIResponse {
+    correlationId: string;
+    definitionId: string;
+    authRequestURI: string;
+    authStatusURI: string;
+}
+
+
+export interface AuthStatusResponse {
+    status: AuthorizationRequestStateStatus | AuthorizationResponseStateStatus;
+    correlationId: string;
+    error?: string
+    definitionId: string;
+    lastUpdated: number;
+    payload?: AuthorizationResponsePayload; // Only put in here once the status reaches Verified on the RP side
+}

packages/siopv2-openid4vp-common/src/index.ts

@@ -0,0 +1,3 @@
+export * from './auth-model';
+export * from './utils';
+

packages/siopv2-openid4vp-common/src/utils.ts

@@ -0,0 +1,16 @@
+import * as u8a from 'uint8arrays'
+
+export function base64ToBytes(s: string): Uint8Array {
+    const inputBase64Url = s.replace(/\+/g, '-').replace(/\//g, '_').replace(/=/g, '')
+    return u8a.fromString(inputBase64Url, 'base64url')
+}
+
+export function decodeBase64url(s: string): string {
+    return u8a.toString(base64ToBytes(s))
+}
+
+// noinspection JSUnusedLocalSymbols
+
+export function uriWithBase(path: string) {
+    return `${process.env.BACKEND_BASE_URL}${path.startsWith('/') ? path : '/' + path}`;
+}

packages/siopv2-openid4vp-common/tsconfig.json

@@ -0,0 +1,17 @@
+{
+  "extends": "../tsconfig-base.json",
+  "compilerOptions": {
+    "rootDir": "src",
+    "outDir": "dist",
+    "declarationDir": "dist",
+    "strictPropertyInitialization": false,
+    "noUnusedLocals": false
+  },
+  "references": [{ "path": "../ssi-types" }],
+  "include": [
+    "src/**/*",
+  ],
+  "exclude": [
+    "node_modules/**/*"
+  ]
+}

packages/did-auth-siop-op-authenticator/__tests__/localAgent.test.ts → packages/siopv2-openid4vp-op-auth/__tests__/localAgent.test.ts

@@ -17,7 +17,7 @@ function getFileAsJson(path: string) {
 let agent: any
 
 const presentationSignCallback: PresentationSignCallback = async (args) => {
-  const presentationSignProof = getFileAsJson('./packages/did-auth-siop-op-authenticator/__tests__/vc_vp_examples/psc/psc.json')
+  const presentationSignProof = getFileAsJson('./packages/siopv2-openid4vp-op-auth/__tests__/vc_vp_examples/psc/psc.json')
 
   return {
     ...args.presentation,
@@ -26,7 +26,7 @@ const presentationSignCallback: PresentationSignCallback = async (args) => {
 }
 
 const setup = async (): Promise<boolean> => {
-  const config = getConfig('packages/did-auth-siop-op-authenticator/agent.yml')
+  const config = getConfig('packages/siopv2-openid4vp-op-auth/agent.yml')
   config.agent.$args[0].plugins[1].$args[0] = presentationSignCallback
   const { localAgent } = createObjects(config, { localAgent: '/agent' })
   agent = localAgent

packages/did-auth-siop-op-authenticator/__tests__/restAgent.test.ts → packages/siopv2-openid4vp-op-auth/__tests__/restAgent.test.ts

@@ -32,7 +32,7 @@ let serverAgent: IAgent
 let restServer: Server
 
 const presentationSignCallback: PresentationSignCallback = async (args) => {
-  const presentationSignProof = getFileAsJson('./packages/did-auth-siop-op-authenticator/__tests__/vc_vp_examples/psc/psc.json')
+  const presentationSignProof = getFileAsJson('./packages/siopv2-openid4vp-op-auth/__tests__/vc_vp_examples/psc/psc.json')
 
   return {
     ...args.presentation,
@@ -61,7 +61,7 @@ const getAgent = (options?: IAgentOptions) =>
   })
 
 const setup = async (): Promise<boolean> => {
-  const config = getConfig('packages/did-auth-siop-op-authenticator/agent.yml')
+  const config = getConfig('packages/siopv2-openid4vp-op-auth/agent.yml')
   config.agent.$args[0].plugins[1].$args[0] = presentationSignCallback
   const { agent } = createObjects(config, { agent: '/agent' })
   agent.registerCustomApprovalForSiop({ key: 'success', customApproval: () => Promise.resolve() })

packages/did-auth-siop-op-authenticator/__tests__/shared/didAuthSiopOpAuthenticatorAgentLogic.ts → packages/siopv2-openid4vp-op-auth/__tests__/shared/didAuthSiopOpAuthenticatorAgentLogic.ts

@@ -175,12 +175,12 @@ export default (testContext: {
       agent = testContext.getAgent()
 
       const idCardCredential: VerifiableCredential = getFileAsJson(
-        './packages/did-auth-siop-op-authenticator/__tests__/vc_vp_examples/vc/vc_idCardCredential.json'
+        './packages/siopv2-openid4vp-op-auth/__tests__/vc_vp_examples/vc/vc_idCardCredential.json'
       )
       await agent.dataStoreSaveVerifiableCredential({ verifiableCredential: idCardCredential })
 
       const driverLicenseCredential: VerifiableCredential = getFileAsJson(
-        './packages/did-auth-siop-op-authenticator/__tests__/vc_vp_examples/vc/vc_driverLicense.json'
+        './packages/siopv2-openid4vp-op-auth/__tests__/vc_vp_examples/vc/vc_driverLicense.json'
       )
       await agent.dataStoreSaveVerifiableCredential({ verifiableCredential: driverLicenseCredential })
 
@@ -330,10 +330,10 @@ export default (testContext: {
 
     it('should get authentication details with single credential', async () => {
       const pd_single: PresentationDefinitionWithLocation = getFileAsJson(
-        './packages/did-auth-siop-op-authenticator/__tests__/vc_vp_examples/pd/pd_single.json'
+        './packages/siopv2-openid4vp-op-auth/__tests__/vc_vp_examples/pd/pd_single.json'
       )
       const vp_single: IPresentationWithDefinition = getFileAsJson(
-        './packages/did-auth-siop-op-authenticator/__tests__/vc_vp_examples/vp/vp_single.json'
+        './packages/siopv2-openid4vp-op-auth/__tests__/vc_vp_examples/vp/vp_single.json'
       )
       const presentation = CredentialMapper.toWrappedVerifiablePresentation(vp_single.presentation)
       presentation.presentation.presentation_submission!.id = expect.any(String)
@@ -361,10 +361,10 @@ export default (testContext: {
 
     it('should get authentication details with getting specific credentials', async () => {
       const pdSingle: PresentationDefinitionWithLocation = getFileAsJson(
-        './packages/did-auth-siop-op-authenticator/__tests__/vc_vp_examples/pd/pd_single.json'
+        './packages/siopv2-openid4vp-op-auth/__tests__/vc_vp_examples/pd/pd_single.json'
       )
       const vpSingle: IPresentationWithDefinition = getFileAsJson(
-        './packages/did-auth-siop-op-authenticator/__tests__/vc_vp_examples/vp/vp_single.json'
+        './packages/siopv2-openid4vp-op-auth/__tests__/vc_vp_examples/vp/vp_single.json'
       )
       const presentation = CredentialMapper.toWrappedVerifiablePresentation(vpSingle.presentation)
       presentation.presentation.presentation_submission!.id = expect.any(String)
@@ -396,10 +396,10 @@ export default (testContext: {
 
     it('should get authentication details with multiple credentials', async () => {
       const pdMultiple: PresentationDefinitionWithLocation = getFileAsJson(
-        './packages/did-auth-siop-op-authenticator/__tests__/vc_vp_examples/pd/pd_multiple.json'
+        './packages/siopv2-openid4vp-op-auth/__tests__/vc_vp_examples/pd/pd_multiple.json'
       )
       const vpMultiple: IPresentationWithDefinition = getFileAsJson(
-        './packages/did-auth-siop-op-authenticator/__tests__/vc_vp_examples/vp/vp_multiple.json'
+        './packages/siopv2-openid4vp-op-auth/__tests__/vc_vp_examples/vp/vp_multiple.json'
       )
       const presentation = CredentialMapper.toWrappedVerifiablePresentation(vpMultiple.presentation)
       presentation.presentation.presentation_submission!.id = expect.any(String)
@@ -449,7 +449,7 @@ export default (testContext: {
 
     it('should send authentication response', async () => {
       const pdMultiple: PresentationDefinitionWithLocation = getFileAsJson(
-        './packages/did-auth-siop-op-authenticator/__tests__/vc_vp_examples/pd/pd_multiple.json'
+        './packages/siopv2-openid4vp-op-auth/__tests__/vc_vp_examples/pd/pd_multiple.json'
       )
 
       const result = await agent.sendSiopAuthorizationResponse({

packages/did-auth-siop-op-authenticator/agent.yml → packages/siopv2-openid4vp-op-auth/agent.yml

@@ -117,7 +117,7 @@ agent:
     - schemaValidation: false
       plugins:
         - $ref: /didResolver
-        - $require: ./packages/did-auth-siop-op-authenticator/dist#DidAuthSiopOpAuthenticator
+        - $require: ./packages/siopv2-openid4vp-op-auth/dist#DidAuthSiopOpAuthenticator
           $args:
             - presentationSignCallback: {}
         - $require: '@veramo/data-store#DataStore'

packages/did-auth-siop-op-authenticator/package.json → packages/siopv2-openid4vp-op-auth/package.json

@@ -1,5 +1,5 @@
 {
-  "name": "@sphereon/ssi-sdk-did-auth-siop-authenticator",
+  "name": "@sphereon/ssi-sdk-siopv2-openid4vp-op-auth",
   "version": "0.9.0",
   "source": "src/index.ts",
   "main": "dist/index.js",

packages/siopv2-openid4vp-rp-auth/CHANGELOG.md

@@ -0,0 +1,71 @@
+# Change Log
+
+All notable changes to this project will be documented in this file.
+See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
+
+# [0.9.0](https://github.com/Sphereon-Opensource/SSI-SDK/compare/v0.8.0...v0.9.0) (2023-03-09)
+
+### Bug Fixes
+
+- credential mapper for jtw ([f04345b](https://github.com/Sphereon-Opensource/SSI-SDK/commit/f04345b97ff9a78a3dff096599f0b675b3239a3e))
+- Fix DID handling in OP session ([926e358](https://github.com/Sphereon-Opensource/SSI-SDK/commit/926e358ef3eadf19fc3c8f7c9940fe6322c5ff85))
+- Incorrect verification method id returned when signing credentials in some cases ([c508507](https://github.com/Sphereon-Opensource/SSI-SDK/commit/c508507ddd2e35fcb377a79bad3c82d695b3d93d))
+- Move parseDid method to ssi-types ([0b28de3](https://github.com/Sphereon-Opensource/SSI-SDK/commit/0b28de3de21afd0a224d3d174103e072162231ed))
+
+### Features
+
+- Add jwt as signature when decoding JWT VCs/VPs ([f089ac1](https://github.com/Sphereon-Opensource/SSI-SDK/commit/f089ac18dc470f0b8c581b49e70e7eba64d72bc3))
+- Allow to relax JWT timing checks, where the JWT claim is slightly different from the VC claim. Used for issuance and expiration dates ([85bff6d](https://github.com/Sphereon-Opensource/SSI-SDK/commit/85bff6da21dea5d8f636ea1f55b41be00b18b002))
+- Create VP in OP Authenticator and allow for callbacks ([0ed86d8](https://github.com/Sphereon-Opensource/SSI-SDK/commit/0ed86d8d2b655a718d7c8cf1a946e0150bf877ce))
+- Make sure VP type corresponds with PEX definition ([129b663](https://github.com/Sphereon-Opensource/SSI-SDK/commit/129b66383752e05ab3067e459bff591a07aac690))
+- Make sure VP type corresponds with PEX definition ([3dafa3f](https://github.com/Sphereon-Opensource/SSI-SDK/commit/3dafa3ff4c794d13eff3e2e0b6a85675667db089))
+- Update SIOP OP to be in line wiht latest SIOP and also supporting late binding of identifiers ([2beea04](https://github.com/Sphereon-Opensource/SSI-SDK/commit/2beea04a6604d82b12ecbc11e68a9f41775c22ed))
+
+# [0.8.0](https://github.com/Sphereon-Opensource/SSI-SDK/compare/v0.7.0...v0.8.0) (2022-09-03)
+
+**Note:** Version bump only for package @sphereon/ssi-sdk-did-auth-siop-authenticator
+
+# [0.7.0](https://github.com/Sphereon-Opensource/SSI-SDK/compare/v0.6.0...v0.7.0) (2022-08-05)
+
+**Note:** Version bump only for package @sphereon/ssi-sdk-did-auth-siop-authenticator
+
+# [0.6.0](https://github.com/Sphereon-Opensource/SSI-SDK/compare/v0.5.1...v0.6.0) (2022-07-01)
+
+### Features
+
+- Add custom DID resolver support ([45cea11](https://github.com/Sphereon-Opensource/SSI-SDK/commit/45cea1182693b698611b062a9d664ad92e8dcd6a))
+- Add default DID resolver support ([eebce18](https://github.com/Sphereon-Opensource/SSI-SDK/commit/eebce18bf9cc9d28a8bcdd6886100b7a8921bb2f))
+- Add did resolver and method support per OpSession ([9378b45](https://github.com/Sphereon-Opensource/SSI-SDK/commit/9378b451d4907c8d5385f464b27f858547409bb4))
+- Add did resolver and method support per OpSession ([a9f7afc](https://github.com/Sphereon-Opensource/SSI-SDK/commit/a9f7afc386189ca4851ce967f5abf7db812d1003))
+- Add supported DID methods ([df74ccd](https://github.com/Sphereon-Opensource/SSI-SDK/commit/df74ccddcab06a032ca47a033a46bd0268826f72))
+- Add supported DID methods ([7322265](https://github.com/Sphereon-Opensource/SSI-SDK/commit/732226544503c2bcc32bf4400da82e9154361abb))
+
+## [0.5.1](https://github.com/Sphereon-Opensource/SSI-SDK/compare/v0.5.0...v0.5.1) (2022-02-23)
+
+**Note:** Version bump only for package @sphereon/ssi-sdk-did-auth-siop-authenticator
+
+# [0.5.0](https://github.com/Sphereon-Opensource/SSI-SDK/compare/v0.4.0...v0.5.0) (2022-02-23)
+
+**Note:** Version bump only for package @sphereon/ssi-sdk-did-auth-siop-authenticator
+
+# [0.4.0](https://github.com/Sphereon-Opensource/SSI-SDK/compare/v0.3.4...v0.4.0) (2022-02-11)
+
+**Note:** Version bump only for package @sphereon/ssi-sdk-did-auth-siop-authenticator
+
+## [0.3.4](https://github.com/Sphereon-Opensource/SSI-SDK/compare/v0.3.3...v0.3.4) (2022-02-11)
+
+### Bug Fixes
+
+- fix imports ([738f4ca](https://github.com/Sphereon-Opensource/SSI-SDK/commit/738f4cafdf75c9d4831a3c31de1c0d5aff1d7285))
+
+## [0.3.1](https://github.com/Sphereon-Opensource/SSI-SDK/compare/v0.3.0...v0.3.1) (2022-01-28)
+
+**Note:** Version bump only for package @sphereon/ssi-sdk-did-auth-siop-authenticator
+
+# [0.3.0](https://github.com/Sphereon-Opensource/SSI-SDK/compare/v0.2.0...v0.3.0) (2022-01-16)
+
+**Note:** Version bump only for package @sphereon/ssi-sdk-did-auth-siop-authenticator
+
+# [0.2.0](https://github.com/Sphereon-Opensource/SSI-SDK/compare/v0.1.0...v0.2.0) (2021-12-16)
+
+**Note:** Version bump only for package @sphereon/ssi-sdk-did-auth-siop-authenticator