Merge pull request #158 from Sphereon-Opensource/feature/jarm_sdk

feature/jarm_sdk
Sphereon-Opensource · Oct 21, 2024 · dcfd0c9 · dcfd0c9
2 parents 71e72e8 + 0603b43
commit dcfd0c9
Show file tree

Hide file tree

Showing 43 changed files with 1,578 additions and 1,480 deletions.
diff --git a/.github/workflows/build-test-on-pr.yml b/.github/workflows/build-test-on-pr.yml
@@ -23,9 +23,7 @@ jobs:
         uses: actions/setup-node@v4
         with:
           node-version: '20.x'
-      - uses: pnpm/action-setup@v3
-        with:
-          version: 8.15.7
+      - uses: pnpm/action-setup@v4
       - run: pnpm install
       - run: pnpm build
       - name: run CI tests
@@ -41,4 +39,13 @@ jobs:
           SPHEREON_SSI_MSAL_USERNAME: ${{ secrets.SPHEREON_SSI_MSAL_USERNAME }}
           SPHEREON_SSI_MSAL_PASSWORD: ${{ secrets.SPHEREON_SSI_MSAL_PASSWORD }}
         run: pnpm test:ci
-      - run: npx codecov
+      - name: codecov
+        uses: codecov/codecov-action@v4
+        with:
+          token: ${{ secrets.CODECOV_TOKEN }} # not required for public repos
+          name: codecove # optional
+          flags: unittest
+          fail_ci_if_error: true # optional (default = false)
+          #directory: ./coverage/reports/
+          #files: ./coverage1.xml,./coverage2.xml
+          verbose: true # optional (default = false)
diff --git a/.github/workflows/build-test-publish-on-push.yml b/.github/workflows/build-test-publish-on-push.yml
@@ -37,18 +37,7 @@ jobs:
         uses: actions/setup-node@v4
         with:
           node-version: '20.x'
-      - uses: pnpm/action-setup@v3
-        with:
-          version: 8.15.7
-#      - name: Get yarn cache directory path
-#        id: yarn-cache-dir-path
-#        run: echo "::set-output name=dir::$(yarn cache dir)"
-#      - uses: actions/cache@v2
-#        id: yarn-cache
-#        with:
-#          path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
-#          key: ${{ runner.os }}-yarn-2-${{ hashFiles('**/package.json') }}
-
+      - uses: pnpm/action-setup@v4
       - run: pnpm install
       - run: pnpm build
       - name: run integration tests
@@ -81,18 +70,25 @@ jobs:
       - name: diff
         run: git diff
 
+      - name: Sets PREID
+        env:
+          name: "${{github.ref_name}}"
+        run: |
+          echo "PRE_ID=${name//[\/_-]/.}" >> $GITHUB_ENV
+
       - name: publish @latest when on main
         if: github.ref == 'refs/heads/main'
-        run: pnpm publish:latest
+        run: lerna publish --conventional-commits --force-publish --include-merged-tags --sync-dist-version --create-release github --yes --dist-tag latest --registry https://registry.npmjs.org
 
       - name: publish @next when on develop
         if: github.ref == 'refs/heads/develop'
-        run: pnpm publish:next
+        run: lerna publish --conventional-prerelease --force-publish --canary --sync-dist-version --no-git-tag-version --include-merged-tags --preid next --pre-dist-tag next --yes --registry https://registry.npmjs.org",
 
-      - name: publish @next when on fix
+      - name: publish @next when on fix branch
         if: startsWith(github.ref, 'refs/heads/fix')
-        run: pnpm publish:next
+        run: lerna publish --conventional-prerelease --force-publish --canary --sync-dist-version --no-git-tag-version --include-merged-tags --preid fix --pre-dist-tag fix --yes --registry https://registry.npmjs.org",
 
       - name: publish @unstable when on unstable branch
         if: startsWith(github.ref, 'refs/heads/feat')
-        run: pnpm publish:unstable
+        run: lerna publish --conventional-prerelease --force-publish --canary --sync-dist-version --no-git-tag-version --include-merged-tags --preid $PRE_ID --pre-dist-tag unstable --yes --throttle-size 75 --registry https://registry.npmjs.org
+
diff --git a/package.json b/package.json
@@ -36,7 +36,6 @@
     "@types/debug": "^4.1.12",
     "@types/jest": "^29.5.12",
     "@types/node": "^18.19.39",
-    "codecov": "^3.8.3",
     "jest": "^29.7.0",
     "lerna": "^8.1.6",
     "lerna-changelog": "^2.2.0",
@@ -67,3 +66,4 @@
     "OID4VP"
   ]
 }
+
diff --git a/packages/callback-example/package.json b/packages/callback-example/package.json
@@ -19,7 +19,7 @@
     "@sphereon/oid4vci-client": "workspace:*",
     "@sphereon/oid4vci-common": "workspace:*",
     "@sphereon/oid4vci-issuer": "workspace:*",
-    "@sphereon/ssi-types": "0.29.1-unstable.208",
+    "@sphereon/ssi-types": "0.30.1",
     "jose": "^4.10.0"
   },
   "devDependencies": {

diff --git a/packages/client/lib/OpenID4VCIClientV1_0_13.ts b/packages/client/lib/OpenID4VCIClientV1_0_13.ts
@@ -447,7 +447,7 @@ export class OpenID4VCIClientV1_0_13 {
           );
         }
         const credentialsSupported = metadata.credential_configurations_supported;
-        if (!metadata.credential_configurations_supported || !credentialsSupported[credentialIdentifier]) {
+        if (!credentialsSupported || !credentialsSupported[credentialIdentifier]) {
           throw new Error(`Credential type ${credentialIdentifier} is not supported by issuer ${this.getIssuer()}`);
         }
       } else if (!types) {
@@ -472,9 +472,19 @@ export class OpenID4VCIClientV1_0_13 {
           console.log(`Not all credential types ${JSON.stringify(credentialTypes)} are present in metadata for ${this.getIssuer()}`);
           // throw Error(`Not all credential types ${JSON.stringify(credentialTypes)} are supported by issuer ${this.getIssuer()}`);
         }
-      } else if (metadata.credential_configurations_supported && !Array.isArray(metadata.credential_configurations_supported)) {
-        const credentialsSupported = metadata.credential_configurations_supported;
-        if (types.some((type) => !metadata.credential_configurations_supported || !credentialsSupported[type])) {
+      } else if (metadata.credential_configurations_supported && typeof(metadata.credential_configurations_supported) === 'object') {
+        let typeSupported = false;
+        Object.values(metadata.credential_configurations_supported).forEach((supportedCredential) => {
+          const subTypes = getTypesFromCredentialSupported(supportedCredential);
+          if (
+            subTypes.every((t, i) => types[i] === t) ||
+            (types.length === 1 && (types[0] === supportedCredential.id || subTypes.includes(types[0])))
+          ) {
+            typeSupported = true;
+          }
+        })
+
+        if (!typeSupported) {
           throw Error(`Not all credential types ${JSON.stringify(credentialTypes)} are supported by issuer ${this.getIssuer()}`);
         }
       }

diff --git a/packages/client/lib/__tests__/SphereonE2E.spec.test.ts b/packages/client/lib/__tests__/SphereonE2E.spec.test.ts
@@ -170,3 +170,4 @@ describe('ismapolis bug report #63, https://github.com/Sphereon-Opensource/OID4V
     console.log(JSON.stringify(credentialResponse.credential));
   });
 });
+
diff --git a/packages/client/package.json b/packages/client/package.json
@@ -17,7 +17,7 @@
   "dependencies": {
     "@sphereon/oid4vc-common": "workspace:*",
     "@sphereon/oid4vci-common": "workspace:*",
-    "@sphereon/ssi-types": "0.29.1-unstable.208",
+    "@sphereon/ssi-types": "0.30.1",
     "cross-fetch": "^3.1.8",
     "debug": "^4.3.5"
   },
@@ -30,7 +30,6 @@
     "@types/uuid": "^9.0.8",
     "@typescript-eslint/eslint-plugin": "^5.62.0",
     "@typescript-eslint/parser": "^5.62.0",
-    "codecov": "^3.8.3",
     "dotenv": "^16.4.5",
     "eslint": "^8.57.0",
     "eslint-config-prettier": "^9.1.0",

diff --git a/packages/common/package.json b/packages/common/package.json
@@ -10,7 +10,7 @@
     "build:clean": "tsc --build --clean && tsc --build"
   },
   "dependencies": {
-    "@sphereon/ssi-types": "0.29.1-unstable.208",
+    "@sphereon/ssi-types": "0.30.1",
     "jwt-decode": "^4.0.0",
     "sha.js": "^2.4.11",
     "uint8arrays": "3.1.1",

diff --git a/packages/did-auth-siop-adapter/lib/did/DidJWT.ts b/packages/did-auth-siop-adapter/lib/did/DidJWT.ts
@@ -253,14 +253,14 @@ export function getSubDidFromPayload(payload: JWTPayload, header?: JWTHeader): s
       return did
     }
   }
-  return payload.sub
+  return payload.sub!
 }
 
 export function isIssSelfIssued(payload: JWTPayload): boolean {
   return (
-    (payload.iss && payload.iss.includes(ResponseIss.SELF_ISSUED_V1)) ||
+    (payload.iss && (payload.iss.includes(ResponseIss.SELF_ISSUED_V1)) ||
     (payload.iss && payload.iss.includes(ResponseIss.SELF_ISSUED_V2)) ||
-    payload.iss === payload.sub
+    payload.iss === payload.sub)
   )
 }
 

diff --git a/packages/issuer-rest/package.json b/packages/issuer-rest/package.json
@@ -14,8 +14,8 @@
     "@sphereon/oid4vc-common": "workspace:*",
     "@sphereon/oid4vci-common": "workspace:*",
     "@sphereon/oid4vci-issuer": "workspace:*",
-    "@sphereon/ssi-express-support": "0.29.1-unstable.208",
-    "@sphereon/ssi-types": "0.29.1-unstable.208",
+    "@sphereon/ssi-express-support": "0.30.1",
+    "@sphereon/ssi-types": "0.30.1",
     "body-parser": "^1.20.2",
     "cookie-parser": "^1.4.6",
     "cors": "^2.8.5",

diff --git a/packages/issuer/package.json b/packages/issuer/package.json
@@ -12,7 +12,7 @@
   "dependencies": {
     "@sphereon/oid4vc-common": "workspace:*",
     "@sphereon/oid4vci-common": "workspace:*",
-    "@sphereon/ssi-types": "0.29.1-unstable.208",
+    "@sphereon/ssi-types": "0.30.1",
     "uuid": "^9.0.0"
   },
   "peerDependencies": {

diff --git a/packages/oid4vci-common/package.json b/packages/oid4vci-common/package.json
@@ -11,7 +11,7 @@
   },
   "dependencies": {
     "@sphereon/oid4vc-common": "workspace:*",
-    "@sphereon/ssi-types": "0.29.1-unstable.208",
+    "@sphereon/ssi-types": "0.30.1",
     "cross-fetch": "^3.1.8",
     "debug": "^4.3.5",
     "jwt-decode": "^4.0.0",

diff --git a/packages/siop-oid4vp/lib/__tests__/AuthenticationRequest.request.spec.ts b/packages/siop-oid4vp/lib/__tests__/AuthenticationRequest.request.spec.ts
@@ -1,7 +1,6 @@
 import { parse } from 'querystring'
 
 import { SigningAlgo } from '@sphereon/oid4vc-common'
-import { IPresentationDefinition } from '@sphereon/pex'
 import { IProofType } from '@sphereon/ssi-types'
 
 import {
@@ -13,7 +12,7 @@ import {
   SubjectIdentifierType,
   SubjectType,
   SupportedVersion,
-  URI,
+  URI
 } from '..'
 import SIOPErrors from '../types/Errors'
 
@@ -24,8 +23,9 @@ import {
   VERIFIER_NAME_FOR_CLIENT,
   VERIFIER_NAME_FOR_CLIENT_NL,
   VERIFIERZ_PURPOSE_TO_VERIFY,
-  VERIFIERZ_PURPOSE_TO_VERIFY_NL,
+  VERIFIERZ_PURPOSE_TO_VERIFY_NL
 } from './data/mockedData'
+import { IPresentationDefinition } from '@sphereon/pex'
 
 const EXAMPLE_REDIRECT_URL = 'https://acme.com/hello'
 const EXAMPLE_REFERENCE_URL = 'https://rp.acme.com/siop/jwts'
@@ -152,7 +152,7 @@ describe('create Request Uri should', () => {
     expect(uriRequest.authorizationRequestPayload).toBeDefined()
 
     const uriDecoded = decodeURIComponent(uriRequest.encodedUri)
-    expect(uriDecoded).toContain(`openid://`)
+    expect(uriDecoded).toContain(`openid4vp://`)
     expect(uriDecoded).toContain(`response_type=${ResponseType.ID_TOKEN}`)
     expect(uriDecoded).toContain(`&redirect_uri=${opts.payload?.redirect_uri}`)
     expect(uriDecoded).toContain(`&scope=${Scope.OPENID}`)
@@ -167,6 +167,13 @@ describe('create Request Uri should', () => {
     expect.assertions(4)
     const opts: CreateAuthorizationRequestOpts = {
       version: SupportedVersion.SIOPv2_ID1,
+      payload: {
+        client_id: WELL_KNOWN_OPENID_FEDERATION,
+        scope: 'test',
+        response_type: 'id_token',
+        request_object_signing_alg_values_supported: [SigningAlgo.ES256, SigningAlgo.EDDSA],
+        redirect_uri: EXAMPLE_REDIRECT_URL,
+      },
       requestObject: {
         jwtIssuer: { method: 'did', didUrl: KID, alg: SigningAlgo.ES256 },
         passBy: PassBy.REFERENCE,
@@ -219,9 +226,16 @@ describe('create Request Uri should', () => {
   })
 
   it('return an url with an embedded token value', async () => {
-    expect.assertions(3)
+    expect.assertions(4)
     const opts: CreateAuthorizationRequestOpts = {
       version: SupportedVersion.SIOPv2_ID1,
+      payload: {
+        client_id: WELL_KNOWN_OPENID_FEDERATION,
+        scope: 'test',
+        response_type: 'id_token',
+        request_object_signing_alg_values_supported: [SigningAlgo.ES256, SigningAlgo.EDDSA],
+        redirect_uri: EXAMPLE_REDIRECT_URL,
+      },
       requestObject: {
         passBy: PassBy.VALUE,
         jwtIssuer: {
@@ -268,10 +282,11 @@ describe('create Request Uri should', () => {
     const uriRequest = await URI.fromOpts(opts)
 
     const uriDecoded = decodeURIComponent(uriRequest.encodedUri)
-    expect(uriDecoded).toContain(`openid://?request=eyJhbGciOi`)
+    expect(uriDecoded).toContain(`request=eyJhbGciOi`)
+    expect(uriDecoded.startsWith(`openid4vp://?client_id=https://www.example.com/`)).toBeTruthy()
 
     const data = URI.parse(uriDecoded)
-    expect(data.scheme).toEqual('openid://')
+    expect(data.scheme).toEqual('openid4vp://')
     expect(data.authorizationRequestPayload.request).toContain(`eyJhbGciOi`)
   })
 })
@@ -511,30 +526,13 @@ describe('create Request JWT should', () => {
   it('succeed when requesting with a valid PD', async () => {
     const opts: CreateAuthorizationRequestOpts = {
       version: SupportedVersion.SIOPv2_ID1,
-      /*payload: {
+      payload: {
         client_id: WELL_KNOWN_OPENID_FEDERATION,
         scope: 'test',
         response_type: 'id_token',
+        request_object_signing_alg_values_supported: [SigningAlgo.ES256, SigningAlgo.EDDSA],
         redirect_uri: EXAMPLE_REDIRECT_URL,
-        request_object_signing_alg_values_supported: [SigningAlgo.EDDSA, SigningAlgo.ES256],
-        claims: {
-          vp_token: {
-            presentation_definition: {
-              id: 'Insurance Plans',
-              input_descriptors: [
-                {
-                  id: 'Ontario Health Insurance Plan',
-                  schema: [
-                    {
-                      uri: 'https://did.itsourweb.org:3000/smartcredential/Ontario-Health-Insurance-Plan',
-                    },
-                  ],
-                },
-              ],
-            },
-          },
-        },
-      },*/
+      },
       requestObject: {
         jwtIssuer: { method: 'did', didUrl: KID, alg: SigningAlgo.ES256K },
         passBy: PassBy.REFERENCE,
@@ -598,7 +596,8 @@ describe('create Request JWT should', () => {
     const uriRequest = await URI.fromOpts(opts)
 
     const uriDecoded = decodeURIComponent(uriRequest.encodedUri)
-    expect(uriDecoded).toEqual(`openid://?request_uri=https://rp.acme.com/siop/jwts`)
+    expect(uriDecoded.startsWith('openid4vp://?')).toBeTruthy()
+    expect(uriDecoded).toContain(`request_uri=https://rp.acme.com/siop/jwts`)
     expect((await (await uriRequest.toAuthorizationRequest())?.requestObject?.getPayload())?.claims.vp_token).toBeDefined()
   })
 
@@ -611,22 +610,6 @@ describe('create Request JWT should', () => {
         response_type: 'id_token',
         redirect_uri: EXAMPLE_REDIRECT_URL,
         request_object_signing_alg_values_supported: [SigningAlgo.EDDSA, SigningAlgo.ES256],
-        claims: {
-          vp_token: {
-            presentation_definition: {
-              input_descriptors: [
-                {
-                  id: 'Ontario Health Insurance Plan',
-                  schema: [
-                    {
-                      uri: 'https://did.itsourweb.org:3000/smartcredential/Ontario-Health-Insurance-Plan',
-                    },
-                  ],
-                },
-              ],
-            } as IPresentationDefinition,
-          },
-        },
       },
 
       requestObject: {

diff --git a/packages/siop-oid4vp/lib/__tests__/AuthenticationResponse.response.spec.ts b/packages/siop-oid4vp/lib/__tests__/AuthenticationResponse.response.spec.ts
@@ -453,9 +453,9 @@ describe('create JWT from Request JWT should', () => {
       }),
       jwtIssuer: { method: 'did', didUrl: `${mockResEntity.did}#controller`, alg: SigningAlgo.ES256K },
       presentationExchange: {
-        verifiablePresentations: [verifiablePresentationResult.verifiablePresentation],
+        verifiablePresentations: verifiablePresentationResult.verifiablePresentations,
         vpTokenLocation: VPTokenLocation.ID_TOKEN,
-        presentationSubmission: await createPresentationSubmission([verifiablePresentationResult.verifiablePresentation], {
+        presentationSubmission: await createPresentationSubmission(verifiablePresentationResult.verifiablePresentations, {
           presentationDefinitions: [definition],
         }),
       },
@@ -634,8 +634,8 @@ describe('create JWT from Request JWT should', () => {
       }),
       jwtIssuer: { method: 'did', didUrl: `${mockResEntity.did}#controller`, alg: SigningAlgo.ES256K },
       presentationExchange: {
-        verifiablePresentations: [verifiablePresentationResult.verifiablePresentation],
-        presentationSubmission: await createPresentationSubmission([verifiablePresentationResult.verifiablePresentation], {
+        verifiablePresentations: verifiablePresentationResult.verifiablePresentations,
+        presentationSubmission: await createPresentationSubmission(verifiablePresentationResult.verifiablePresentations, {
           presentationDefinitions: [definition],
         }),
         vpTokenLocation: VPTokenLocation.ID_TOKEN,
Original file line number	Diff line number	Diff line change
Expand Up		@@ -170,3 +170,4 @@ describe('ismapolis bug report #63, https://github.com/Sphereon-Opensource/OID4V
		console.log(JSON.stringify(credentialResponse.credential));
		});
		});