feat: JWKS hosting for all keys when Sphereon Key Manager is used

Sphereon-Opensource · Oct 24, 2024 · 1cac215 · 1cac215
1 parent 578d62e
commit 1cac215
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 2 deletions.
diff --git a/packages/public-key-hosting/src/api-functions.ts b/packages/public-key-hosting/src/api-functions.ts
@@ -1,4 +1,6 @@
 import { checkAuth, ISingleEndpointOpts, sendErrorResponse } from '@sphereon/ssi-express-support'
+import { ISphereonKeyManager } from '@sphereon/ssi-sdk-ext.key-manager'
+import { contextHasPlugin } from '@sphereon/ssi-sdk.agent-config'
 import { Request, Response, Router } from 'express'
 import { JKWS_HOSTING_ALL_KEYS_PATH, JWKS_HOSTING_DID_KEYS_PATH } from './environment'
 import { toJWKS } from './functions'
@@ -15,8 +17,12 @@ export function getAllJWKSEndpoint(router: Router, context: IRequiredContext, op
   logger.info(`All JWKS endpoint enabled, path ${path}`)
   router.get(path, checkAuth(opts?.endpoint), async (request: Request, response: Response) => {
     try {
+      if (!contextHasPlugin<ISphereonKeyManager>(context, 'keyManagerListKeys')) {
+        return sendErrorResponse(response, 500, 'Key manager plugin that can list keys is not found. Please enable the Sphereon Key Manager plugin if you want to use this endpoint')
+      }
       response.statusCode = 202
-      return response.send({})
+      const keys = await context.agent.keyManagerListKeys()
+      return response.send(toJWKS({ keys }))
     } catch (e) {
       return sendErrorResponse(response, 500, e.message as string, e)
     }

diff --git a/packages/public-key-hosting/src/environment.ts b/packages/public-key-hosting/src/environment.ts
@@ -1,2 +1,2 @@
 export const JKWS_HOSTING_ALL_KEYS_PATH = process.env.JWKS_HOSTING_BASE_PATH ?? '/.well-known/jwks.json'
-export const JWKS_HOSTING_DID_KEYS_PATH = process.env.JWKS_HOSTING_BASE_PATH ?? '/.well-known/jwks/dids/:did'
+export const JWKS_HOSTING_DID_KEYS_PATH = process.env.JWKS_HOSTING_DID_PATH ?? '/.well-known/jwks/dids/:did'