All notable changes to this project will be documented in this file. See Conventional Commits for commit guidelines.
0.32.0 (2024-12-05)
- Remove crypto.subtle as it is giving too many issues on RN. Moved to new implementation based on @noble libs (d86e7fa)
- Validation improvements (b742fbe)
0.30.1 (2024-10-01)
0.29.0 (2024-08-01)
- Doesn't make sense to always download issuer images, even if we already have it stored. Other stability improvements for image handling (b836ca1)
- Logger fixes (75b6925)
- expose date(time) types per database. Also enhance the datasources capabilities (dd37e77)
- Remove dep on isomorphic-webcrypto (44331b8)
- update to new keyRefs instead of kids (e969b97)
0.28.0 (2024-07-23)
- Add ebsi plugin schema (422cf14)
- Ensure we always use the ES256 key for EBSI auth (be7dc15)
- Make sure we do not use the jwk thumbprint as kid default value when not in EBSI (c4a22aa)
- Make sure we do not use the jwk thumbprint as kid default value when not in EBSI (9a3bf56)
- Make sure we search for display and legal name based on issuer metadata name as well (9a4cafd)
- Allow to pass in additional keys for EBSI (16aa9e2)
0.27.0 (2024-07-07)
- added a guard to check the issuerBranding (c6d8de2)
- extract PD name & purpose from definitionPayload (9573ced)
- fixed addIssuerBranding step (3008b11)
- fixed addIssuerBranding step after adding identity (17aa278)
- remove execution of loading env files (1937c14)
- Add JWKS hosting per DID (70e41d7)
- added addIssuerBranding step to the vci machine (6fba515)
- added branding as an optional parameter to the party (0b46c70)
- Allow EBSI attestation client to be the start of a regular VCI flow (afffd39)
- Callback listeeners (fce3670)
- EBSI access token, attestation and DID support (bed66b4)
- EBSI DID registraiton/management (7195786)
- EBSI headless attestation credentials (6b6ad14)
- fixes after merge, modified some comment and prettier (daebd26)
- Get the authorization URL from a TI using a cloud/service wallet when requesting a particular attestation credential (222c4d4)
- implement Oid4VP authorization token support (5fdbd65)
- Introduce EBSI attestation service to get VCs, for instance to onboard (59f1809)
- Siopv2Holder module implementing xstate Siopv2Machine (7dd0651)
0.26.0 (2024-06-19)
- a bug in migration CreateContacts (0267460)
- a bug in selecting the type of the credential that we're going to request (c49b237)
- clientId fixes (4fc568b)
- clientId fixes (cad41fc)
- Fixed broken tests (d01859d)
- Make sure we import path/fs only when really needed for object-creation. Ensure we use agent-config plugin only in places it is needed (76b4f53)
- updated vci package and fixed getSupportedCredential function (780a377)
- updated version of vci and fixed the libs for it (ceb6074)
- updated version of vci and fixed the libs for it (de1d6aa)
- Adapted the plugin to accept https urls, added tests and documentation about the changes (73ab5ae)
- allow default auth request options for VCI links/machines, like clientId and redirectUri (434196e)
- Allow to pass in options when emitting link handler events (0293342)
- Allow to pass in state for url handler handle methods, allowing a statemachine to continue, without database persistence (16e06e8)
- Run prettier (2a9be95)
- Support http(s) urls (b3cc812)
- Updated dependencies on the @sphereon/oid4vci (00810ff)
0.25.0 (2024-06-13)
- Ensure logger is initialized early preventing potential issues when importing from other libraries (eae66f2)
- fix physical address building name validation (b3508c0)
- Order of static keys to ensure default namespace key is available when creating the default logger (dc56df2)
- removed not null constraint from the SQL statement that adds the origin column (95929d1)
- (WIP) added ownerId, tenantId, and origin. (d9b8623)
- added pd-manager / pd-store (ed77532)
- added sd-jwt plugin (85d8aeb)
- Added the StudentEntity and refactored the migrations (fb36a51)
0.24.0 (2024-06-05)
- enum fixes (dc3fb0d)
- added deactivateDidEndpoint function according to decentralized-identity's universal-registrar and renamed previous method as deleteDidEndpoint and marked it as deprecated (39a6601)
- expose contact manager methods for rest implementation (37bbfd2)
- updated oid4vci-holder to support full flow (63be076)
0.23.4 (2024-04-25)
Note: Version bump only for package @sphereon/sphereon-sdk.workspace
0.23.2 (2024-04-25)
Note: Version bump only for package @sphereon/sphereon-sdk.workspace
0.23.1 (2024-04-25)
Note: Version bump only for package @sphereon/sphereon-sdk.workspace
0.23.0 (2024-04-24)
- add PhysicalAddress migrations to postgres (afd441c)
- added default value to PartyType.origin (8b9d5d2)
- adjust PhysicalAddress postgres migration to follow code standards (b8540fe)
- Allowing null values of enum type column (a4bc42b)
- Fixed origin column name (d7a6ec1)
- made party origin mandatory in the *Args types (d8e8560)
- rework fix to include missing table in existing migration (0862dbd)
- set uri to nullable in Party table (38318ae)
- add kb-jwt to sd-jwt (e066f2b)
- Added PartyOriginEnum to PartyType, wrote migrations and updated tests and updated the contact manager plugin (07d8c1f)
0.22.0 (2024-04-04)
- Add option noStateMachinePersistence to VCI link handler to skip state machine persistence (315b076)
0.21.1 (2024-04-04)
Note: Version bump only for package @sphereon/sphereon-sdk.workspace
0.21.0 (2024-03-20)
- changed the logic for getting validFrom (7a7940b)
- fixed failing test cases and added more test cases for getting data from the raw data (6f5b50b)
- fixed import (cf67a50)
- fixed XStatePersistence plugin and fixed the tests (56d8f18)
- refactored UniformCredential names to digitalCredential, added utility methods for getting the credential document type (a0c5530)
- Resume OID4VCI with linkhandler and auth code flow was broken (654cef4)
- Use response_uri instead of redirect_uri (9c7c9ef)
- (WIP) added tenant aware credential store (db68113)
- Add rest client mode to xstate-machine-persistence, allowing to process local events but delegate the execution to a REST server (02c5e12)
- Add support to automatically cleanup on final states, as well as to cleanup all other instances when starting a machine (484fc21)
- Add support to create DID on demand when talking to RP with SIOP (68a6dee)
- Add support to start and resume xstate statemachines, with automatic persistence on state changes (f6baae0)
- added pagination to digital credential store (ecefdcf)
- added tenant aware credential store (312698e)
- added unit tests and refactored plugin methods (31eac66)
- Allow to use a customInstanceId as well as an existingInstanceId, so we can differentiate between re-using an existing machine and using a custom id (3aeb93d)
- Basic structure of plugin created (16160de)
- Created migrations and refactored the database layer (8672b82)
- upgrade SD-JWT package (6563973)
- Revert "chore: Make sure plugins having listener methods, actually expose the interface" (99db568)
- Remove BBS support. (205e0db)
- Remove BBS support. Upstream support for Windows and RN is missing. Needs to be revisited at a later point in time
0.19.0 (2024-03-02)
- changed image-size library version to a react friendly one (308bad7)
- changed the image-size usage to handle uint8array (1a0e080)
- fixed the svg problem with image-size (d7823eb)
- Instead of figuring out the proof format, we defaulted to JWT credentials if the format was not supplied, bypassing the detection code (8cba122)
- JWT VP sometimes was constructed as a JSON LD VP with JwtProof2020 (abb012c)
- modified handling svg files in ssi-sdk.core (c86188e)
- Several JWT Verifiable Presentation fixes, like missing kid, iat, exp values. Also include a holder in the vp payload, as some RPs require it, although it is optional for a JWT (30d8c54)
- VCI holder agent plugin credential and branding storage fixes (901ff44)
- Add initial OID4VP ID2 support (85325ae)
- added oid4vci-holder plugin (e8507d4)
- added physical and electronic addresses to contact-manager (76f78b3)
- added remote-server-rest-api (0076160)
- Allow i18n for JSONLD credentials (1ce843e)
- Allow to pass in nonce when creating the auth request URI (82f82ef)
- Correct submission_data when send in incorrectly as string (c5d6b76)
- event-logger improvements (a3fdcd2)
- Reuse existing PEX for performance (9c8966c)
- Support selecting did methods from aud claim of request. (0bfc03d)
- Revert "chore: update deps" (f83aee5)
0.18.1 (2024-01-19)
Note: Version bump only for package @sphereon/sphereon-sdk.workspace
0.18.0 (2024-01-13)
- added ssi-sdk.core to data-store tsconfig plus added exposed query function to enablePostgresUuidExtension signature (cb5d8cb)
- added WithTypeOrmQuery type to core module and renamed enableUuidv4 to enablePostgresUuidExtension (9bfb597)
- document added (80112ec)
- export enablePostgresUuidExtension and WithTypeOrmQuery to core exports (5161837)
- refactored usages of enablePostgresUuidExtension to accept queryRunner as the main param (3654a8a)
- Add bearer token support using callback function (4528881)
- Add static bearer token callback function option (2d5cd5a)
- added enableUuidv4 to data-store exports (d7c1237)
- ssi-types: add kid to cnf (0fb3886)
- ssi-types: sd-jwt support (b9154a0)
- Revert "chore: update deps" (a1cd971)
0.17.5 (2023-10-01)
Note: Version bump only for package @sphereon/sphereon-sdk.workspace
0.17.4 (2023-10-01)
Note: Version bump only for package @sphereon/sphereon-sdk.workspace
0.17.3 (2023-09-30)
Note: Version bump only for package @sphereon/sphereon-sdk.workspace
0.17.2 (2023-09-30)
Note: Version bump only for package @sphereon/sphereon-sdk.workspace
0.17.1 (2023-09-28)
- update deps to fix an issue with VCI offer ids not mapping on issuer metadata (aa6f98c)
0.17.0 (2023-09-28)
- Do not raise an error by default in case we encounter a VC with a statuslist we do not support. More strict scenario's are supported with an optional parm (2dde4b7)
- Do not raise an error by default in case we encounter a VC with a statuslist we do not support. More strict scenario's are supported with an optional parm (4a634b7)
0.16.0 (2023-09-28)
- Create a issuer.id in a uniform credential in case the issuer is already an object and there is an iss claim in the JWT (706baff)
- Ed25519 2018 handling for verification (b858710)
- Ed25519 2018 handling for verification (14125e5)
- Fix multibase/codec code (4354927)
- fixed partyId property in rest api (51861fd)
- Internally alg needs uppercase (0388f11)
- Make sure we do not throw an error when the IDP does not have an end_session_url (781e250)
- Secp256k recovery 2020 fix (196ad4c)
- Secp256k recovery 2020 fix (8be1da2)
- Add auth support to VCI REST client (c541b23)
- Add initial versions of VC API clients back (f6465cf)
- Add static header support to siop rest client (e9fb5ee)
- Add support for an OIDC BFF Passport based solution to express. Allows for SPA to work IDPs that require confidential clients (d4e082c)
- Add web3 signer/wallet support directly using KMS, so you can use keys managed by the KMS in web3, without ever having to expose private keys (e3d3df7)
- added contact test data (daeb87d)
- Allow VCI issuer to also supply the issuer DID when the credential issuer is an object without an id (7c72d31)
- statuslist2021 functions (61729f3)
- statuslist2021 support (2649b95)
- statuslist2021 support (46986dd)
- web3 headless provider and wallet (00fc40a)
- web3 headless provider and wallet (c69cf9e)
- web3 headless provider and wallet (62dc7df)
0.15.1 (2023-08-10)
- /well-known/did/json wasn't resolving anymore because of an incorrect path match (e94f4da)
0.15.0 (2023-08-10)
- Alg header was not correctly set, and we do support ES256 for JsonWebSignature2020 now (d8e961c)
- Authentication fixes (adafd6b)
- Add graceful http server termination (bba073b)
- Add morgan logging to express builder. Allow expres to start from build result (caa4909)
- Add optional entra ID auth builder (960f2df)
- Add optional static bearer auth builder, with hashed tokens (6a7dd17)
- Allow document loader to also load DID from the agent and fall back to the universal resolver (all configurable) (f2f9fbc)
- allow signing credential with local resolved DID. Especially handy for did:web that is not yet published/exposed (34793e9)
- Separate SIOPv2 REST API into individual functions and use express-support (2495980)
0.14.1 (2023-07-31)
Note: Version bump only for package @sphereon/sphereon-sdk.workspace
0.14.0 (2023-07-30)
- also publish when on a fix branch (e8b678e)
- also publish when on a fix branch. Also run a diff before the frozen lockfile install so we can see what's going on (69a3200)
- CI was still using yarn instead if pnpm in several places (ca16f70)
- CI was still using yarn instead if pnpm in several places (c167259)
- Fix relative DID resolution and Json websignature 2020 verification for ED25519 and some other algs (ca2682c)
- Use agent resolver if not set, with fallback to universal resolver. Fix bug in response message (43c9313)
- VCI did resolution from agent (7aa2bd3)
- VCI did resolution from agent (2c913db)
- VP did resolution from agent (aa3f3f1)
- Add express builder, cors configurer, passport authentication and casbin authorization support for APIs. (cb04fe8)
- Add global web resolution provider. Add json error handler (f19d1d1)
- Add partial DIF Universal Registrar and Resolver support (69c8046)
- Add seperate did:web service to host did.json files managed by the agent (0a8a0bb)
- Add support for ES256(k/r) in JsonWebsignature2020 signing (cd511d5)
- Allow objects for error response. Improve json handling in error responses (4151c73)
- Better support for MS Azure auth and re-using a MSAL client from Azure Request API (61bdfaf)
- Move VC API endpoints to functions, to more easily create your own API server, only supporting certain endpoints (fc03507)
0.13.0 (2023-06-24)
- allow default opts to be set when OID4VCI is running (7142273)
- allow did opts from default options to be populated in instance options (41deb99)
- allow instance opts to be set when OID4VCI is running but only when having access to the object directly (51f873e)
- Allow setting SIOP RP default opts also after construction, as sometimes you need to agent which is not available yet at construction time (bf871da)
0.12.0 (2023-06-21)
- added dev dependencies for oid4vci-issuer-rest-client plus prettier (7b6c2b3)
- added schema export for oid4vci-issuer-rest-client and some docs (7db9c1b)
- changed credentials and grants to mandatory plus renamed the uri to url (2df3612)
- fix test cases and REST arguments (975801e)
- fixed a bug in calling cross-fetch with post, modified the tests (a3defeb)
- skipped integration tests in oid4vci-issuer-rest-client (c43759b)
- unify naming (aee0bf1)
- unify naming (ec7d0b6)
- unify naming (94165cd)
- updated generate-plugin-schema for oid4vci-rest-client (70e7820)
- Add issue status support to OID4VCI REST client (40abd83)
- Add key value store plugin (95244fa)
- Add OID4VCI issuer modules (af85f1e)
- Add Presentation Exchange module (a085c81)
- Add SIOPv2 Relying Party logic and REST API (01f2023)
- Add SIOPv2OID4VP RP auth and REST module (91b1da3)
- added oid4vci-rest-client package (910f697)
- Allow to supply data for VCI Issuer REST client and server during offer (0878c28)
- changed the test structure and few other pr notes addressed (6520fbe)
- More support for definition Formats when creating VPs from SIOP (846ef0b)
- move schema generation to own plugin because of transitive dependency issues upstream (51c5156)
- move schema generation to own plugin because of transitive dependency issues upstream (58002a8)
- move to pnpm (2714a9c)
0.11.0 (2023-05-07)
- make credential mapper a bit more resilient (36c420e)
- make credential mapper a bit more resilient (ce5b487)
- make credential mapper a bit more resilient (7248fae)
- Create new agent-config module to replace the deps on Veramo cli, which pulls in everything (6ac4ec0)
- Create new agent-config module to replace the deps on Veramo cli, which pulls in everything (673856f)
- instead of returning a boolean value, return an object with more information about verification of LD creds/VPs (7df0e64)
0.10.1 (2023-05-01)
Note: Version bump only for package SSI-SDK-workspace
0.10.0 (2023-04-30)
- bbs+ fixes and updates (84c08f1)
- bbs+ fixes and updates (fc228a2)
- bbs+ fixes and updates (efcbf2c)
- bbs+ fixes and updates (871cf66)
- bbs+ fixes and updates (ae9e903)
- cleanup package.json files (aca017b)
- cleanup package.json files (0cc08b6)
- decoded JWT VPs/VCs did not contain everything (612b082)
- decoded JWT VPs/VCs did not contain everything (fd7ff68)
- Add better internal handling of JWT proof values used in JsonLD converted credentials (90004c5)
- added holder role to contact types (728c8e1)
- More support for definition Formats when creating VPs from SIOP (61c4120)
- Update to v2 PEX and v0.3 SIOP packages (80398e3)
0.9.0 (2023-03-09)
- credential mapper for jtw (f04345b)
- default contexts are not using node fs/path anymore (5a87aa3)
- default contexts are not using node fs/path anymore (8f1b17a)
- default contexts are not using node fs/path anymore (51fd687)
- deps (ec062f8)
- Disable factom tests (099a303)
- Fix DID handling in OP session (926e358)
- fix private key hex from Pem (0204094)
- Incorrect verification method id returned when signing credentials in some cases (bdbf4ef)
- Incorrect verification method id returned when signing credentials in some cases (c508507)
- JWT claims would overwrite the issuer object in the credential. Disable Factom tests (f41cf64)
- make sure cross-fetch is used to fetch (7033a2e)
- Make sure we follow JWS detached signing for JsonWebSignature2020 (3da5bad)
- missing awaits for signing presentations (518b8fc)
- Move parseDid method to ssi-types (0b28de3)
- QR code testing. Remove enzyme as it is not compatible with React 18 (62debd9)
- Remove non dev dep on veramo-core (8cb8efe)
- Remove workaround for verifier missing with ed25519 key (2e97af6)
- RSA fixes for suite (b163872)
- RSA fixes for suite (d6f57b8)
- RSA fixes for suite (9eb47d1)
- RSA fixes for suite (834642a)
- RSA fixes for suite (3df79ab)
- testing unimodules-core removal (ffdc606)
- Tests to allow multiple subjects for credentials (5e407ac)
- Tests to allow multiple subjects for credentials (52b1662)
- Tests to allow multiple subjects for credentials (110d78e)
- add Alg support to DID:JWK. Although optional in reality several external systems expect it to be present (12dae72)
- Add jsonwebsignature2020 context to presentations if missing (1f3f6b5)
- Add jwt as signature when decoding JWT VCs/VPs (f089ac1)
- Add RSA support to JsonWebKey/Signature2020 (94c0e73)
- Add support for ES256/Secp256r1 DID JWKs (1e447a6)
- allow existing did document for mapping (5f183ce)
- allow existing did document for mapping (4d82518)
- Allow multiple subjects for credentials (6300ccc)
- Allow supplying signer/verifier (00892e2)
- Allow supplying signer/verifier (625ea6f)
- Allow supplying signer/verifier (b010d7a)
- Allow to relax JWT timing checks, where the JWT claim is slightly different from the VC claim. Used for issuance and expiration dates (85bff6d)
- Create VP in OP Authenticator and allow for callbacks (0ed86d8)
- did utils package (d98b358)
- Jsonweb2020 sig support (43a3adf)
- make sure the vc-handler-ld-local can deal with keys in JWK format (26cff51)
- Make sure VP type corresponds with PEX definition (129b663)
- Make sure VP type corresponds with PEX definition (3dafa3f)
- New QR code provider plugin. Can generate both SIOPv2 and DIDCommv2 OOB QRs. Support for text generation and React QR codes as SVG (d40ba75)
- Update SIOP OP to be in line wiht latest SIOP and also supporting late binding of identifiers (2beea04)
- Revert "fix: make sure to explicitly depend on @digitalcredentials VC packages" (dae695d)
- Revert "fix: make sure to explicitly depend on @digitalcredentials VC packages" (e2be77a)
- Revert "fix: deps" (5b0df98)
0.8.0 (2022-09-03)
- Remove most deps from ssi-sdk-core to prevent circular deps (b4151a9)
0.7.0 (2022-08-05)
- Update ion deps to remove problematic did-key p384 from transmute which depended on webcypto-asl which is not compatible with node >=14. (386efc7)
- add Microsoft Request CoseCryptoService API support (251ed60)
- Add migration support to mnemonic seed manager plugin. Fix some entity props in the process (f7641f4)
- Revert "MYC-184 Update main Version change 0.5.1 -> 0.5.2" (b1b8cc6)
- Revert "MYC-184 uncommitted changes are added" (fb4f878)
0.6.0 (2022-07-01)
- Fix unit tests for VC API (f3c5eea)
- fixed and refactored some pr notes (2ff95b9)
- tests are now using env variables (9cb6ec2)
- Add custom DID resolver support (45cea11)
- Add default DID resolver support (eebce18)
- Add did resolver and method support per OpSession (9378b45)
- Add did resolver and method support per OpSession (a9f7afc)
- Add supported DID methods (df74ccd)
- Add supported DID methods (7322265)
- added piiLoggingEnabled and logLevel to optional params for clientCredential authentication (584fb7b)
- added region to optional params for clientcredential authentication (e21bd70)
- changed the structure of the module to be more like the ssi-core module of ours. Plus, changed some documents (4480b3f)
0.5.1 (2022-02-23)
Note: Version bump only for package SSI-SDK-workspace
0.5.0 (2022-02-23)
- Update waci pex implementation as it was serializing a SIOP Auth request including all options like private keys, not conforming to WACI-PEX (90a1cba)
0.4.0 (2022-02-11)
- ensure we set jsx to react (c2a5e6f)
- Add WACI PEx QR generator for React (7850e34)
0.3.4 (2022-02-11)
- fix imports (738f4ca)
0.3.3 (2022-02-10)
- building of vc-handler-ld-local containing ts files + not copying files (cdbfcab)
- we imported a ts file from another package in the monorepo instead of using the module (5d647df)
0.3.2 (2022-02-04)
- building of vc-handler-ld-local containing ts files + not copying files (cdbfcab)
- we imported a ts file from another package in the monorepo instead of using the module (5d647df)
0.3.1 (2022-01-28)
Note: Version bump only for package SSI-SDK-workspace
0.3.0 (2022-01-16)
- Add missing suites exports (4a3b8ce)
- Be a bit more relaxed when deleting an LTO DID, eventhough onchain support is not present (7347914)
- Update test timeout for Factom (9a934cf)
- Add debug logging when creating VC, can be enabled by DEBUG=sphereon:ssi-sdk:ld-credential-module-local (c0df2ce)
0.2.0 (2021-12-16)
- LTO DIDs use #sign for keys (11daa98)
- move to ES6 import for cross-fetch (b855273)
- Multibase encoding didn't include the prefix char (1be44b7)
- update test to search for kid using #sign instead of #key as the LTO indexer impl changed (fa0fae4)
- workaround for bug in VeramoEd25519Signature2018 implementation (13442eb)
- Add JSON-LD Credential and Presentation handling/sign support that is compatible with React-Native (b4e8453)
- Add JSON-LD Credential and Presentation handling/sign support that is compatible with React-Native (995f55e)
- Add local default contexts (da29f02)
- Add Local JSON-LD VC and VP issuance and verification plugin (aa1b45c)
- Add Mnemonic seed generation, verificaiton and secure storage (d9a410a)
- Add new ed25519 2018 signature and spec implementation using transmute's TS implementation (ffbe876)
- Add proof purposes to issuance and verification methods. Add support to resolve verification methods from DID doc (c8e7392)
- Add Self-Issued OpenID Connect and OpenID Connect for Verifiable Presentations support (1ec1d1c)
- Add suite lookup based on verification method type next to veramo key type (5c18dc2)
- Allow remote context loading (742d3cc)