diff --git a/README.md b/README.md
index 2ff1e5b3f..ba24e8c9d 100644
--- a/README.md
+++ b/README.md
@@ -35,6 +35,10 @@ multiple packages (see lerna below). It contains plugins that extend the Veramo
The [core package](./packages/ssi-sdk-core/README.md) contains types and methods shared by the other plugins
+## MS Authenticator
+
+The core package for microsoft authentication using msal library.
+
## Factom DID Provider
The [Factom Protocol DID Provider](./packages/factom-did-provider/README.md) can create DIDs using the
diff --git a/packages/ms-authenticator/CHANGELOG.md b/packages/ms-authenticator/CHANGELOG.md
new file mode 100644
index 000000000..e4d87c4d4
--- /dev/null
+++ b/packages/ms-authenticator/CHANGELOG.md
@@ -0,0 +1,4 @@
+# Change Log
+
+All notable changes to this project will be documented in this file.
+See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
diff --git a/packages/ms-vc-api-issuer/LICENSE b/packages/ms-authenticator/LICENSE
similarity index 100%
rename from packages/ms-vc-api-issuer/LICENSE
rename to packages/ms-authenticator/LICENSE
diff --git a/packages/ms-vc-api-issuer/README.md b/packages/ms-authenticator/README.md
similarity index 67%
rename from packages/ms-vc-api-issuer/README.md
rename to packages/ms-authenticator/README.md
index 7fc21387b..6f1f970f2 100644
--- a/packages/ms-vc-api-issuer/README.md
+++ b/packages/ms-authenticator/README.md
@@ -2,7 +2,7 @@
-
Microsoft Azure Active Directory VC API Issuer (Typescript)
+
Microsoft Azure Active Directory Authenticator (Typescript)
@@ -12,14 +12,14 @@
---
-# ms-vc-api-verifier
+# ms-authenticator
-A Veramo plugin to issue credentials using the Microsoft Azure Active Directory.
+A Veramo plugin to authenticate using the Microsoft Authentication Library (MSAL).
### Installation
```shell
-yarn add @sphereon/ssi-sdk-ms-vc-api-issuer
+yarn add @sphereon/ms-authenticator
```
### Build
diff --git a/packages/ms-authenticator/__tests__/authenticators.test.ts b/packages/ms-authenticator/__tests__/authenticators.test.ts
new file mode 100644
index 000000000..4a6a7fae6
--- /dev/null
+++ b/packages/ms-authenticator/__tests__/authenticators.test.ts
@@ -0,0 +1,24 @@
+import {ClientCredentialAuthenticator, UsernamePasswordAuthenticator} from "../src/authenticators";
+
+describe('@sphereon/ms-authenticator', ()=>{
+
+ it('should authenticate using clientCredential', async () => {
+
+ return await expect(ClientCredentialAuthenticator({
+ azClientId: '04c2bd60-cdbf-4935-80dd-110fdf473e6e',
+ azClientSecret:'',
+ azTenantId: 'e2a42b2f-7460-4499-afc2-425315ef058a',
+ credentialManifest:'https://beta.eu.did.msidentity.com/v1.0/e2a42b2f-7460-4499-afc2-425315ef058a/verifiableCredential/contracts/VerifiedCredentialExpert2'
+ })).resolves.not.toBeNull();
+ });
+
+ it('should authenticate using usernamePassword', async () => {
+ return await expect(UsernamePasswordAuthenticator({
+ azTenantId: 'e2a42b2f-7460-4499-afc2-425315ef058a',
+ azClientId: '04c2bd60-cdbf-4935-80dd-110fdf473e6e',
+ scopes: ["user.read"],
+ username: '',
+ password:'',
+ })).resolves.not.toBeNull();
+ });
+})
\ No newline at end of file
diff --git a/packages/ms-vc-api-issuer/api-extractor.json b/packages/ms-authenticator/api-extractor.json
similarity index 100%
rename from packages/ms-vc-api-issuer/api-extractor.json
rename to packages/ms-authenticator/api-extractor.json
diff --git a/packages/ms-vc-api-issuer/package.json b/packages/ms-authenticator/package.json
similarity index 76%
rename from packages/ms-vc-api-issuer/package.json
rename to packages/ms-authenticator/package.json
index f607b3ba2..b4d5d1008 100644
--- a/packages/ms-vc-api-issuer/package.json
+++ b/packages/ms-authenticator/package.json
@@ -1,17 +1,11 @@
{
- "name": "@sphereon/ssi-sdk-ms-vc-api-issuer",
- "version": "0.5.0",
+ "name": "@sphereon/ms-authenticator",
+ "version": "0.0.1",
"source": "src/index.ts",
"main": "dist/index.js",
"types": "dist/index.d.ts",
- "veramo": {
- "pluginInterfaces": {
- "IMsVcApiIssuer": "./src/types/IMsVcApiIssuer.ts"
- }
- },
"scripts": {
- "build": "tsc --build",
- "generate-plugin-schema": "yarn veramo dev generate-plugin-schema"
+ "build": "tsc"
},
"dependencies": {
"@azure/msal-common": "^7.0.0",
diff --git a/packages/ms-authenticator/src/authenticators/MsAuthenticator.ts b/packages/ms-authenticator/src/authenticators/MsAuthenticator.ts
new file mode 100644
index 000000000..166b662a2
--- /dev/null
+++ b/packages/ms-authenticator/src/authenticators/MsAuthenticator.ts
@@ -0,0 +1,126 @@
+import { ConfidentialClientApplication, LogLevel, PublicClientApplication, UsernamePasswordRequest } from '@azure/msal-node'
+import {
+ IMsAuthenticationAuthorizationCodeArgs,
+ IMsAuthenticationClientCredentialArgs,
+ IMsAuthenticationOnBehalfOfArgs, IMsAuthenticationSilentFlowArgs,
+ IMsAuthenticationUsernamePasswordArgs,
+} from '../index'
+
+import { fetch } from 'cross-fetch'
+
+/**
+ * Not implemented yet
+ * @param authenticationArgs
+ * @constructor
+ */
+export async function AuthorizationCodeAuthenticator(authenticationArgs: IMsAuthenticationAuthorizationCodeArgs): Promise {
+ throw new Error("This authentication method is not implemented yet.")
+}
+
+/**
+ * Not implemented yet
+ * @param authenticationArgs
+ * @constructor
+ */
+export async function BehalfOfAuthenticator(authenticationArgs: IMsAuthenticationOnBehalfOfArgs): Promise {
+ throw new Error("This authentication method is not implemented yet.")
+}
+
+/**
+ * necessary fields are:
+ * azClientId: clientId of the application you're trying to login
+ * azClientSecret: secret of the application you're trying to login
+ * azTenantId: your MS Azure tenantId
+ * credentialManifest: address of your credential manifest. usually in following format:
+ * https://beta.eu.did.msidentity.com/v1.0//verifiableCredential/contracts/
+ * @param authenticationArgs
+ * @constructor
+ */
+export async function ClientCredentialAuthenticator(authenticationArgs: IMsAuthenticationClientCredentialArgs): Promise {
+ var msalConfig = {
+ auth: {
+ clientId: authenticationArgs.azClientId,
+ authority: 'https://login.microsoftonline.com/' + authenticationArgs.azTenantId,
+ clientSecret: authenticationArgs.azClientSecret,
+ },
+ system: {
+ loggerOptions: {
+ piiLoggingEnabled: false,
+ logLevel: LogLevel.Verbose,
+ }
+ }
+ }
+
+ const cca = new ConfidentialClientApplication(msalConfig)
+ const msalClientCredentialRequest = {
+ scopes: ['3db474b9-6a0c-4840-96ac-1fceb342124f/.default'],
+ skipCache: false,
+ }
+ await fetch('https://login.microsoftonline.com/' + authenticationArgs.azTenantId + '/v2.0/.well-known/openid-configuration', {method: 'GET'})
+ .then((res) => res.json())
+ .then(async (resp) => {
+ console.log(`tenant_region_scope = ${resp.tenant_region_scope}`)
+ let msIdentityHostName = 'https://beta.did.msidentity.com/v1.0/'
+ if (resp.tenant_region_scope == 'EU') {
+ msIdentityHostName = 'https://beta.eu.did.msidentity.com/v1.0/'
+ }
+ // Check that the Credential Manifest URL is in the same tenant Region and throw an error if it's not
+ if (!authenticationArgs.credentialManifest.startsWith(msIdentityHostName)) {
+ throw new Error(`Error in config file. CredentialManifest URL configured for wrong tenant region. Should start with:` + msIdentityHostName)
+ }
+
+ // get the Access Token
+ try {
+ const result = await cca.acquireTokenByClientCredential(msalClientCredentialRequest)
+ if (result) {
+ return result.accessToken
+ }
+ } catch {
+ console.log('failed to get access token')
+ resp.status(401).json({
+ error: 'Could not acquire credentials to access your Azure Key Vault',
+ })
+ return
+ }
+ return ''
+ })
+ return ''
+}
+
+/**
+ * Not implemented yet
+ * @param authenticationArgs
+ * @constructor
+ */
+export async function SilentFlowAuthenticator(authenticationArgs: IMsAuthenticationSilentFlowArgs): Promise {
+ throw new Error("This authentication method is not implemented yet.")
+}
+
+/**
+ * necessary fields are:
+ * azClientId: clientId of the application you're trying to login
+ * azTenantId: your MS Azure tenantId
+ * username: username of the user
+ * password: password of the user
+ * scopes: scopes that you want to access via this authentication
+ * @param authenticationArgs
+ * @constructor
+ */
+export async function UsernamePasswordAuthenticator(authenticationArgs: IMsAuthenticationUsernamePasswordArgs): Promise {
+ const msalConfig = {
+ auth: {
+ clientId: authenticationArgs.azClientId,
+ authority: 'https://login.microsoftonline.com/' + authenticationArgs.azTenantId,
+ },
+ }
+ const pca = new PublicClientApplication(msalConfig)
+ return await pca
+ .acquireTokenByUsernamePassword(authenticationArgs as UsernamePasswordRequest)
+ .then((response: any) => {
+ console.log('acquired token by password grant', response)
+ return response
+ })
+ .catch((error: any) => {
+ console.log(error)
+ })
+}
diff --git a/packages/ms-authenticator/src/authenticators/index.ts b/packages/ms-authenticator/src/authenticators/index.ts
new file mode 100644
index 000000000..e8c98c358
--- /dev/null
+++ b/packages/ms-authenticator/src/authenticators/index.ts
@@ -0,0 +1,5 @@
+export { AuthorizationCodeAuthenticator } from './MsAuthenticator'
+export { BehalfOfAuthenticator } from './MsAuthenticator'
+export { ClientCredentialAuthenticator } from './MsAuthenticator'
+export { SilentFlowAuthenticator } from './MsAuthenticator'
+export { UsernamePasswordAuthenticator } from './MsAuthenticator'
\ No newline at end of file
diff --git a/packages/ms-authenticator/src/index.ts b/packages/ms-authenticator/src/index.ts
new file mode 100644
index 000000000..74dcea293
--- /dev/null
+++ b/packages/ms-authenticator/src/index.ts
@@ -0,0 +1,2 @@
+export * from './authenticators'
+export * from './types'
diff --git a/packages/ms-vc-api-issuer/src/types/IMsVcApiIssuer.ts b/packages/ms-authenticator/src/types/IMsAuthenticator.ts
similarity index 96%
rename from packages/ms-vc-api-issuer/src/types/IMsVcApiIssuer.ts
rename to packages/ms-authenticator/src/types/IMsAuthenticator.ts
index 83fe73034..3f0bb0081 100644
--- a/packages/ms-vc-api-issuer/src/types/IMsVcApiIssuer.ts
+++ b/packages/ms-authenticator/src/types/IMsAuthenticator.ts
@@ -1,7 +1,7 @@
import { IAgentContext, IPluginMethodMap } from '@veramo/core'
import { AccountInfo } from '@azure/msal-common'
-export interface IMsVcApiIssuer extends IPluginMethodMap {
+export interface IMsAuthenticator extends IPluginMethodMap {
authenticateMsVcApi(): Promise
}
diff --git a/packages/ms-authenticator/src/types/index.ts b/packages/ms-authenticator/src/types/index.ts
new file mode 100644
index 000000000..dad317f33
--- /dev/null
+++ b/packages/ms-authenticator/src/types/index.ts
@@ -0,0 +1 @@
+export * from './IMsAuthenticator'
\ No newline at end of file
diff --git a/packages/ms-authenticator/tsconfig.json b/packages/ms-authenticator/tsconfig.json
new file mode 100644
index 000000000..f3a8aee57
--- /dev/null
+++ b/packages/ms-authenticator/tsconfig.json
@@ -0,0 +1,7 @@
+{
+ "extends": "../tsconfig-base.json",
+ "compilerOptions": {
+ "rootDir": "src",
+ "outDir": "dist"
+ }
+}
diff --git a/packages/ms-vc-api-issuer/CHANGELOG.md b/packages/ms-vc-api-issuer/CHANGELOG.md
deleted file mode 100644
index 741aa3678..000000000
--- a/packages/ms-vc-api-issuer/CHANGELOG.md
+++ /dev/null
@@ -1,36 +0,0 @@
-# Change Log
-
-All notable changes to this project will be documented in this file.
-See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
-
-# [0.5.0](https://github.com/Sphereon-Opensource/SSI-SDK/compare/v0.4.0...v0.5.0) (2022-02-23)
-
-**Note:** Version bump only for package @sphereon/ssi-sdk-vc-api-issuer
-
-# [0.4.0](https://github.com/Sphereon-Opensource/SSI-SDK/compare/v0.3.4...v0.4.0) (2022-02-11)
-
-**Note:** Version bump only for package @sphereon/ssi-sdk-vc-api-issuer
-
-## [0.3.4](https://github.com/Sphereon-Opensource/SSI-SDK/compare/v0.3.3...v0.3.4) (2022-02-11)
-
-**Note:** Version bump only for package @sphereon/ssi-sdk-vc-api-issuer
-
-## [0.3.1](https://github.com/Sphereon-Opensource/SSI-SDK/compare/v0.3.0...v0.3.1) (2022-01-28)
-
-**Note:** Version bump only for package @sphereon/ssi-sdk-vc-api-issuer
-
-# [0.3.0](https://github.com/Sphereon-Opensource/SSI-SDK/compare/v0.2.0...v0.3.0) (2022-01-16)
-
-**Note:** Version bump only for package @sphereon/ssi-sdk-vc-api-issuer
-
-# [0.2.0](https://github.com/Sphereon-Opensource/SSI-SDK/compare/v0.1.0...v0.2.0) (2021-12-16)
-
-### Bug Fixes
-
-- move to ES6 import for cross-fetch ([b855273](https://github.com/Sphereon-Opensource/SSI-SDK/commit/b85527391fd2072c427dc34a69ad026b60a70be0))
-
-# 0.1.0 (2021-11-26)
-
-### Bug Fixes
-
-- open handles and logging after test completes ([8cca899](https://github.com/Sphereon-Opensource/SSI-SDK/commit/8cca899ff73c45564589c89d1635d0ba23b3e544))
diff --git a/packages/ms-vc-api-issuer/__tests__/localAgent.test.ts b/packages/ms-vc-api-issuer/__tests__/localAgent.test.ts
deleted file mode 100644
index 2e24dd96c..000000000
--- a/packages/ms-vc-api-issuer/__tests__/localAgent.test.ts
+++ /dev/null
@@ -1,29 +0,0 @@
-import { getConfig } from '@veramo/cli/build/setup'
-import { createObjects } from '@veramo/cli/build/lib/objectCreator'
-
-jest.setTimeout(30000)
-
-import vcApiIssuerUsernamePasswordAgentLogic from './shared/vcApiIssuerUsernamePasswordAgentLogic'
-import vcApiIssuerClientCredentialAgentLogic from './shared/vcApiIssuerClientCredentialAgentLogic'
-
-let agent: any
-
-const setup = async (): Promise => {
- const config = getConfig('packages/ms-vc-api-issuer/agent.yml')
- const { localAgent } = createObjects(config, { localAgent: '/agent' })
- agent = localAgent
-
- return true
-}
-
-const tearDown = async (): Promise => {
- return true
-}
-
-const getAgent = () => agent
-const testContext = { getAgent, setup, tearDown }
-
-describe('ms-vc-api-isuuer-Local integration tests', () => {
- vcApiIssuerUsernamePasswordAgentLogic(testContext)
- vcApiIssuerClientCredentialAgentLogic(testContext)
-})
diff --git a/packages/ms-vc-api-issuer/__tests__/shared/vcApiIssuerClientCredentialAgentLogic.ts b/packages/ms-vc-api-issuer/__tests__/shared/vcApiIssuerClientCredentialAgentLogic.ts
deleted file mode 100644
index 9ad9919a6..000000000
--- a/packages/ms-vc-api-issuer/__tests__/shared/vcApiIssuerClientCredentialAgentLogic.ts
+++ /dev/null
@@ -1,36 +0,0 @@
-import { TAgent, createAgent } from '@veramo/core'
-import { IMsVcApiIssuer, MsAuthenticationTypeEnum, MsVcApiIssuer } from '../../src'
-
-type ConfiguredAgent = TAgent
-
-export default (testContext: { getAgent: () => ConfiguredAgent; setup: () => Promise; tearDown: () => Promise }) => {
- describe('Issuer Agent Plugin', () => {
- let agent: TAgent
-
- beforeAll(async () => {
- await testContext.setup()
- agent = createAgent({
- plugins:[
- new MsVcApiIssuer({
- authenticationType: MsAuthenticationTypeEnum.ClientCredential,
- authenticationArgs: {
- azClientId: '',
- azClientSecret:'',
- azTenantId: '',
- credentialManifest:''
- }})]
- })
- })
-
- afterAll(async () => {
- await new Promise((resolve) => setTimeout(() => resolve(), 10000)) // avoid jest open handle error
- await testContext.tearDown()
- })
-
- it('should authenticate to Microsoft Azure Active Directory with ClientCredential', async () => {
- return await expect(
- agent.authenticateMsVcApi()
- ).resolves.not.toBeNull()
- });
- })
-}
diff --git a/packages/ms-vc-api-issuer/__tests__/shared/vcApiIssuerUsernamePasswordAgentLogic.ts b/packages/ms-vc-api-issuer/__tests__/shared/vcApiIssuerUsernamePasswordAgentLogic.ts
deleted file mode 100644
index c5495172a..000000000
--- a/packages/ms-vc-api-issuer/__tests__/shared/vcApiIssuerUsernamePasswordAgentLogic.ts
+++ /dev/null
@@ -1,41 +0,0 @@
-import {TAgent, createAgent} from '@veramo/core'
-import {MsVcApiIssuer, IMsVcApiIssuer, MsAuthenticationTypeEnum} from '../../src'
-
-
-type ConfiguredAgent = TAgent
-
-export default (testContext: { getAgent: () => ConfiguredAgent; setup: () => Promise; tearDown: () => Promise }) => {
- describe('Issuer Agent Plugin', () => {
- let agent: TAgent
-
- beforeAll(async () => {
- await testContext.setup()
- agent = createAgent({
- plugins:[
- new MsVcApiIssuer({
- authenticationType: MsAuthenticationTypeEnum.UsernamePassword,
- authenticationArgs: {
- azTenantId: '',
- azClientId: '',
- scopes: ["user.read"],
- username: '',
- password:'',
- }})]
- })
- })
-
- afterAll(async () => {
- await new Promise((resolve) => setTimeout(() => resolve(), 10000)) // avoid jest open handle error
- await testContext.tearDown()
- })
-
-
- it('should authenticate to Microsoft Azure Active Directory with UsernamePassword', async () => {
- const result = await agent.authenticateMsVcApi();
- console.log(result)
- return await expect(
- agent.authenticateMsVcApi()
- ).resolves.not.toBeNull()
- });
- })
-}
diff --git a/packages/ms-vc-api-issuer/agent.yml b/packages/ms-vc-api-issuer/agent.yml
deleted file mode 100644
index 014ab2562..000000000
--- a/packages/ms-vc-api-issuer/agent.yml
+++ /dev/null
@@ -1,78 +0,0 @@
-version: 3.0
-
-constants:
- baseUrl: http://localhost:3335
- port: 3335
- # please use your own X25519 key, this is only an example
- secretKey: 29739248cad1bd1a0fc4d9b75cd4d2990de535baf5caadfdf8d8f86664aa830c
- methods:
- - authenticateMsVcApi
-
-server:
- baseUrl:
- $ref: /constants/baseUrl
- port:
- $ref: /constants/port
- use:
- # CORS
- - - $require: 'cors'
-
- # Add agent to the request object
- - - $require: '@veramo/remote-server?t=function#RequestWithAgentRouter'
- $args:
- - agent:
- $ref: /agent
-
- # API base path
- - - /agent
- - $require: '@veramo/remote-server?t=function#apiKeyAuth'
- $args:
- # Please configure your own API key. This is used when executing agent methods through ${baseUrl}/agent or ${baseUrl}/api-docs
- - apiKey: test123
- - $require: '@veramo/remote-server?t=function#AgentRouter'
- $args:
- - exposedMethods:
- $ref: /constants/methods
-
- # Open API schema
- - - /open-api.json
- - $require: '@veramo/remote-server?t=function#ApiSchemaRouter'
- $args:
- - basePath: :3335/agent
- securityScheme: bearer
- apiName: Agent
- apiVersion: '1.0.0'
- exposedMethods:
- $ref: /constants/methods
-
- # Swagger docs
- - - /api-docs
- - $require: swagger-ui-express?t=object#serve
- - $require: swagger-ui-express?t=function#setup
- $args:
- - null
- - swaggerOptions:
- url: '/open-api.json'
-
- # Execute during server initialization
- init:
- - $require: '@veramo/remote-server?t=function#createDefaultDid'
- $args:
- - agent:
- $ref: /agent
- baseUrl:
- $ref: /constants/baseUrl
- messagingServiceEndpoint: /messaging
-
-# Agent
-agent:
- $require: '@veramo/core#Agent'
- $args:
- - schemaValidation: false
- plugins:
- - $require: ./packages/ms-vc-api-issuer/dist#MsVcApiIssuer
- $args:
- - azClientId: '04c2bd60-cdbf-4935-80dd-110fdf473e6e'
- azClientSecret: 'WAM8Q~rE05C9ja2TRiZ3H~TYz2W4TdMe.jpwSc~p'
- azTenantId: 'e2a42b2f-7460-4499-afc2-425315ef058a'
- credentialManifest: 'https://beta.eu.did.msidentity.com/v1.0/e2a42b2f-7460-4499-afc2-425315ef058a/verifiableCredential/contracts/VerifiedCredentialExpert2'
diff --git a/packages/ms-vc-api-issuer/plugin.schema.json b/packages/ms-vc-api-issuer/plugin.schema.json
deleted file mode 100644
index 42882c51f..000000000
--- a/packages/ms-vc-api-issuer/plugin.schema.json
+++ /dev/null
@@ -1,33 +0,0 @@
-{
- "IMsVcApiIssuer": {
- "components": {
- "schemas": {
- "IMsAuthenticationResponse": {
- "type": "object",
- "properties": {
- "length": {
- "type": "number"
- }
- },
- "required": [
- "length"
- ],
- "additionalProperties": {
- "type": "string"
- }
- }
- },
- "methods": {
- "authenticateMsVcApi": {
- "description": "",
- "arguments": {
- "type": "object"
- },
- "returnType": {
- "$ref": "#/components/schemas/IMsAuthenticationResponse"
- }
- }
- }
- }
- }
-}
\ No newline at end of file
diff --git a/packages/ms-vc-api-issuer/src/agent/MsVcApiIssuer.ts b/packages/ms-vc-api-issuer/src/agent/MsVcApiIssuer.ts
deleted file mode 100644
index 790351d16..000000000
--- a/packages/ms-vc-api-issuer/src/agent/MsVcApiIssuer.ts
+++ /dev/null
@@ -1,119 +0,0 @@
-import { IAgentPlugin } from '@veramo/core'
-import { ConfidentialClientApplication, LogLevel, PublicClientApplication, UsernamePasswordRequest } from '@azure/msal-node'
-import {
- IMsAuthenticationAuthorizationCodeArgs,
- IMsAuthenticationClientCredentialArgs,
- IMsAuthenticationOnBehalfOfArgs,
- IMsAuthenticationUsernamePasswordArgs,
- MsAuthenticationTypeEnum,
- schema,
-} from '../index'
-import { IMsAuthenticationResponse, IMsAuthenticationWrapperArgs, IMsVcApiIssuer } from '../types/IMsVcApiIssuer'
-
-/**
- * {@inheritDoc IMsVcApiIssuer}
- */
-export class MsVcApiIssuer implements IAgentPlugin {
- readonly schema = schema.IVcApiIssuer
- readonly methods: IMsVcApiIssuer = {
- authenticateMsVcApi: this.authenticateMsVcApi.bind(this),
- }
- private readonly authenticationType: MsAuthenticationTypeEnum
- private readonly authenticationArgs:
- | IMsAuthenticationClientCredentialArgs
- | IMsAuthenticationUsernamePasswordArgs
- | IMsAuthenticationAuthorizationCodeArgs
- | IMsAuthenticationOnBehalfOfArgs
-
- constructor(options: IMsAuthenticationWrapperArgs) {
- this.authenticationType = options.authenticationType
- this.authenticationArgs = options.authenticationArgs
- }
-
- /** {@inheritDoc IMsVcApiIssuer.authenticateMsVcApi} */
- public async authenticateMsVcApi(): Promise {
- let accessToken = ''
- console.log('authenticationType:',this.authenticationType, 'authenticationArgs:',this.authenticationArgs)
- /*this.authenticationType = args.authenticationType
- this.authenticationArgs = args.authenticationArgs*/
- if (this.authenticationType === 'ClientCredential') {
- accessToken = await this.authenticateWithClientCredential(this.authenticationArgs as IMsAuthenticationClientCredentialArgs)
- } else if (this.authenticationType === 'UsernamePassword') {
- accessToken = await this.authenticateWithUsernamePassword(this.authenticationArgs as IMsAuthenticationUsernamePasswordArgs)
- } else {
- throw new Error(`method of authentication ${this.authenticationType} is not supported!`)
- }
- return accessToken as IMsAuthenticationResponse
- }
-
- private async authenticateWithClientCredential(authneticationArgs: IMsAuthenticationClientCredentialArgs) {
- var msalConfig = {
- auth: {
- clientId: authneticationArgs.azClientId,
- authority: 'https://login.microsoftonline.com/' + authneticationArgs.azTenantId,
- clientSecret: authneticationArgs.azClientSecret,
- },
- system: {
- loggerOptions: {
- piiLoggingEnabled: false,
- logLevel: LogLevel.Verbose,
- }
- }
- }
-
- const cca = new ConfidentialClientApplication(msalConfig)
- const msalClientCredentialRequest = {
- scopes: ['3db474b9-6a0c-4840-96ac-1fceb342124f/.default'],
- skipCache: false,
- }
- await fetch('https://login.microsoftonline.com/' + authneticationArgs.azTenantId + '/v2.0/.well-known/openid-configuration', { method: 'GET' })
- .then((res) => res.json())
- .then(async (resp) => {
- console.log(`tenant_region_scope = ${resp.tenant_region_scope}`)
- let msIdentityHostName = 'https://beta.did.msidentity.com/v1.0/'
- if (resp.tenant_region_scope == 'EU') {
- msIdentityHostName = 'https://beta.eu.did.msidentity.com/v1.0/'
- }
- // Check that the Credential Manifest URL is in the same tenant Region and throw an error if it's not
- if (!authneticationArgs.credentialManifest.startsWith(msIdentityHostName)) {
- throw new Error(`Error in config file. CredentialManifest URL configured for wrong tenant region. Should start with:` + msIdentityHostName)
- }
-
- // get the Access Token
- try {
- const result = await cca.acquireTokenByClientCredential(msalClientCredentialRequest)
- if (result) {
- return result.accessToken
- }
- } catch {
- console.log('failed to get access token')
- resp.status(401).json({
- error: 'Could not acquire credentials to access your Azure Key Vault',
- })
- return
- }
- return ''
- })
- return ''
- }
-
- private async authenticateWithUsernamePassword(authenticationArgs: IMsAuthenticationUsernamePasswordArgs) {
- const msalConfig = {
- auth: {
- clientId: authenticationArgs.azClientId,
- authority: 'https://login.microsoftonline.com/' + authenticationArgs.azTenantId,
- },
- }
- const pca = new PublicClientApplication(msalConfig)
- //TODO(sksadjad): see if it's necessary need to fill in the scopes here
- return await pca
- .acquireTokenByUsernamePassword(authenticationArgs as UsernamePasswordRequest)
- .then((response: any) => {
- console.log('acquired token by password grant', response)
- return response
- })
- .catch((error: any) => {
- console.log(error)
- })
- }
-}
diff --git a/packages/ms-vc-api-issuer/src/index.ts b/packages/ms-vc-api-issuer/src/index.ts
deleted file mode 100644
index 540eafeaf..000000000
--- a/packages/ms-vc-api-issuer/src/index.ts
+++ /dev/null
@@ -1,7 +0,0 @@
-/**
- * @public
- */
-const schema = require('../plugin.schema.json')
-export { schema }
-export { MsVcApiIssuer } from './agent/MsVcApiIssuer'
-export * from './types/IMsVcApiIssuer'
diff --git a/packages/ms-vc-api-issuer/tsconfig.json b/packages/ms-vc-api-issuer/tsconfig.json
deleted file mode 100644
index f1ea09b35..000000000
--- a/packages/ms-vc-api-issuer/tsconfig.json
+++ /dev/null
@@ -1,9 +0,0 @@
-{
- "extends": "../tsconfig-base.json",
- "compilerOptions": {
- "rootDir": "src",
- "outDir": "dist",
- "declarationDir": "dist"
- },
- "references": [{ "path": "../ssi-sdk-core" }]
-}
diff --git a/packages/tsconfig.json b/packages/tsconfig.json
index 81513b2d4..ae533a223 100644
--- a/packages/tsconfig.json
+++ b/packages/tsconfig.json
@@ -6,7 +6,7 @@
{ "path": "lto-did-provider" },
{ "path": "mnemonic-seed-manager" },
{ "path": "vc-api-issuer" },
- { "path": "ms-vc-api-issuer" },
+ { "path": "ms-authenticator"},
{ "path": "vc-api-verifier" },
{ "path": "vc-handler-ld-local" },
{ "path": "did-auth-siop-op-authenticator" },