Merge remote-tracking branch 'origin/feature/IATAB2B-52' into feature…

…/oid4vp-rest-api-improv-bootcamp
Sphereon-Opensource · Feb 5, 2025 · cb1cb47 · cb1cb47
2 parents 5047f15 + 2a07c66
commit cb1cb47
Show file tree

Hide file tree

Showing 31 changed files with 931 additions and 344 deletions.
diff --git a/packages/data-store/src/entities/statusList/StatusListEntities.ts b/packages/data-store/src/entities/statusList/StatusListEntities.ts
@@ -110,6 +110,6 @@ export class StatusList2021Entity extends StatusListEntity {
 export class OAuthStatusListEntity extends StatusListEntity {
   @Column({ type: 'integer', name: 'bitsPerStatus', nullable: false })
   bitsPerStatus!: number
-  @Column({ type: 'datetime', name: 'expiresAt', nullable: true })
+  @Column({ type: process.env.DB_TYPE === 'postgres' ? 'timestamp' : 'datetime', name: 'expiresAt', nullable: true })
   expiresAt?: Date
 }
diff --git a/packages/data-store/src/migrations/postgres/1693866470001-CreateStatusList.ts b/packages/data-store/src/migrations/postgres/1693866470001-CreateStatusList.ts
@@ -5,7 +5,7 @@ export class CreateStatusList1693866470001 implements MigrationInterface {
   name = 'CreateStatusList1693866470001'
 
   public async up(queryRunner: QueryRunner): Promise<void> {
-    await queryRunner.query(`CREATE TYPE "StatusList_type_enum" AS ENUM('StatusList2021', 'OAuthStatusList')`)
+    await queryRunner.query(`CREATE TYPE "StatusList_type_enum" AS ENUM('StatusList2021')`)
     await queryRunner.query(`CREATE TYPE "StatusList_drivertype_enum" AS ENUM('agent_typeorm', 'agent_kv_store', 'github', 'agent_filesystem')`)
     await queryRunner.query(`CREATE TYPE "StatusList_credentialidmode_enum" AS ENUM('ISSUANCE', 'PERSISTENCE', 'NEVER')`)
 
@@ -21,9 +21,6 @@ export class CreateStatusList1693866470001 implements MigrationInterface {
                  CONSTRAINT "PK_68704d2d13857360c6b44a3d1d0" PRIMARY KEY ("statusListId", "statusListIndex")
              )`,
     )
-    await queryRunner.query(`CREATE TYPE "StatusList_type_enum" AS ENUM('StatusList2021')`)
-    await queryRunner.query(`CREATE TYPE "StatusList_drivertype_enum" AS ENUM('agent_typeorm', 'agent_kv_store', 'github', 'agent_filesystem')`)
-    await queryRunner.query(`CREATE TYPE "StatusList_credentialidmode_enum" AS ENUM('ISSUANCE', 'PERSISTENCE', 'NEVER')`)
     await queryRunner.query(
       `CREATE TABLE "StatusList"
              (

diff --git a/packages/data-store/src/statusList/StatusListStore.ts b/packages/data-store/src/statusList/StatusListStore.ts
@@ -89,9 +89,9 @@ export class StatusListStore implements IStatusListStore {
       await this.getStatusListEntryRepo()
     ).findOne({
       where: {
-        ...(args.statusListId && { statusList: args.statusListId }),
+        statusList: args.statusListId,
         ...(args.correlationId && { correlationId: args.correlationId }),
-        statusListIndex: args.statusListIndex,
+        ...(args.statusListIndex && { statusListIndex: args.statusListIndex }),
       },
     })
 

diff --git a/packages/data-store/src/types/statusList/IAbstractStatusListStore.ts b/packages/data-store/src/types/statusList/IAbstractStatusListStore.ts
@@ -11,9 +11,9 @@ export interface IStatusListEntryAvailableArgs {
 }
 
 export interface IGetStatusListEntryByIndexArgs {
-  statusListId?: string
+  statusListId: string
   correlationId?: string
-  statusListIndex: number
+  statusListIndex?: number
   errorOnNotFound?: boolean
 }
 

diff --git a/packages/ebsi-support/package.json b/packages/ebsi-support/package.json
@@ -15,8 +15,8 @@
   },
   "dependencies": {
     "@ethersproject/random": "^5.7.0",
-    "@sphereon/did-auth-siop": "0.16.1-next.339",
-    "@sphereon/did-auth-siop-adapter": "0.16.1-next.339",
+    "@sphereon/did-auth-siop": "0.16.1-feature.IATAB2B.52.345",
+    "@sphereon/did-auth-siop-adapter": "0.16.1-feature.IATAB2B.52.345",
     "@sphereon/pex": "5.0.0-unstable.28",
     "@sphereon/pex-models": "^2.3.2",
     "@sphereon/ssi-sdk-ext.did-resolver-ebsi": "0.27.0",
@@ -44,8 +44,8 @@
     "xstate": "^4.38.3"
   },
   "devDependencies": {
-    "@sphereon/oid4vci-client": "0.16.1-next.339",
-    "@sphereon/oid4vci-common": "0.16.1-next.339",
+    "@sphereon/oid4vci-client": "0.16.1-feature.IATAB2B.52.345",
+    "@sphereon/oid4vci-common": "0.16.1-feature.IATAB2B.52.345",
     "@sphereon/ssi-express-support": "workspace:*",
     "@sphereon/ssi-sdk-ext.key-manager": "0.27.0",
     "@sphereon/ssi-sdk-ext.kms-local": "0.27.0",

diff --git a/packages/mdl-mdoc/package.json b/packages/mdl-mdoc/package.json
@@ -14,7 +14,7 @@
     "build:clean": "tsc --build --clean && tsc --build"
   },
   "dependencies": {
-    "@sphereon/did-auth-siop": "0.16.1-next.339",
+    "@sphereon/did-auth-siop": "0.16.1-feature.IATAB2B.52.345",
     "@sphereon/kmp-mdoc-core": "0.2.0-SNAPSHOT.26",
     "@sphereon/pex": "5.0.0-unstable.28",
     "@sphereon/pex-models": "^2.3.2",
@@ -35,8 +35,8 @@
     "uuid": "^9.0.1"
   },
   "devDependencies": {
-    "@sphereon/oid4vci-client": "0.16.1-next.339",
-    "@sphereon/oid4vci-common": "0.16.1-next.339",
+    "@sphereon/oid4vci-client": "0.16.1-feature.IATAB2B.52.345",
+    "@sphereon/oid4vci-common": "0.16.1-feature.IATAB2B.52.345",
     "@sphereon/ssi-express-support": "workspace:*",
     "@sphereon/ssi-sdk-ext.key-manager": "0.27.0",
     "@sphereon/ssi-sdk-ext.kms-local": "0.27.0",

diff --git a/packages/oid4vci-holder/package.json b/packages/oid4vci-holder/package.json
@@ -15,9 +15,9 @@
   },
   "dependencies": {
     "@sphereon/kmp-mdoc-core": "0.2.0-SNAPSHOT.26",
-    "@sphereon/did-auth-siop": "0.16.1-next.339",
-    "@sphereon/oid4vci-client": "0.16.1-next.339",
-    "@sphereon/oid4vci-common": "0.16.1-next.339",
+    "@sphereon/did-auth-siop": "0.16.1-feature.IATAB2B.52.345",
+    "@sphereon/oid4vci-client": "0.16.1-feature.IATAB2B.52.345",
+    "@sphereon/oid4vci-common": "0.16.1-feature.IATAB2B.52.345",
     "@sphereon/ssi-sdk-ext.did-utils": "0.27.0",
     "@sphereon/ssi-sdk-ext.identifier-resolution": "0.27.0",
     "@sphereon/ssi-sdk-ext.jwt-service": "0.27.0",
@@ -45,7 +45,7 @@
     "xstate": "^4.38.3"
   },
   "devDependencies": {
-    "@sphereon/oid4vc-common": "0.16.1-next.339",
+    "@sphereon/oid4vc-common": "0.16.1-feature.IATAB2B.52.345",
     "@sphereon/ssi-sdk.siopv2-oid4vp-common": "workspace:*",
     "@sphereon/ssi-sdk-ext.did-resolver-jwk": "0.27.0",
     "@types/i18n-js": "^3.8.9",

diff --git a/packages/oid4vci-issuer-rest-api/package.json b/packages/oid4vci-issuer-rest-api/package.json
@@ -11,9 +11,9 @@
     "start:dev": "ts-node __tests__/RestAPI.ts"
   },
   "dependencies": {
-    "@sphereon/oid4vci-common": "0.16.1-next.339",
-    "@sphereon/oid4vci-issuer": "0.16.1-next.339",
-    "@sphereon/oid4vci-issuer-server": "0.16.1-next.339",
+    "@sphereon/oid4vci-common": "0.16.1-feature.IATAB2B.52.345",
+    "@sphereon/oid4vci-issuer": "0.16.1-feature.IATAB2B.52.345",
+    "@sphereon/oid4vci-issuer-server": "0.16.1-feature.IATAB2B.52.345",
     "@sphereon/ssi-express-support": "workspace:*",
     "@sphereon/ssi-sdk-ext.identifier-resolution": "0.27.0",
     "@sphereon/ssi-sdk-ext.jwt-service": "0.27.0",

diff --git a/packages/oid4vci-issuer-rest-client/package.json b/packages/oid4vci-issuer-rest-client/package.json
@@ -16,7 +16,7 @@
     "generate-plugin-schema": "ts-node ../../packages/dev/bin/sphereon.js dev generate-plugin-schema"
   },
   "dependencies": {
-    "@sphereon/oid4vci-common": "0.16.1-next.339",
+    "@sphereon/oid4vci-common": "0.16.1-feature.IATAB2B.52.345",
     "@sphereon/ssi-types": "workspace:*",
     "@veramo/core": "4.2.0",
     "cross-fetch": "^3.1.8"

diff --git a/packages/oid4vci-issuer-store/package.json b/packages/oid4vci-issuer-store/package.json
@@ -14,7 +14,7 @@
     "build:clean": "tsc --build --clean && tsc --build"
   },
   "dependencies": {
-    "@sphereon/oid4vci-common": "0.16.1-next.339",
+    "@sphereon/oid4vci-common": "0.16.1-feature.IATAB2B.52.345",
     "@sphereon/ssi-sdk-ext.did-utils": "0.27.0",
     "@sphereon/ssi-sdk-ext.identifier-resolution": "0.27.0",
     "@sphereon/ssi-sdk.kv-store-temp": "workspace:*",

diff --git a/packages/oid4vci-issuer/package.json b/packages/oid4vci-issuer/package.json
@@ -14,8 +14,8 @@
     "build:clean": "tsc --build --clean && tsc --build"
   },
   "dependencies": {
-    "@sphereon/oid4vci-common": "0.16.1-next.339",
-    "@sphereon/oid4vci-issuer": "0.16.1-next.339",
+    "@sphereon/oid4vci-common": "0.16.1-feature.IATAB2B.52.345",
+    "@sphereon/oid4vci-issuer": "0.16.1-feature.IATAB2B.52.345",
     "@sphereon/ssi-sdk-ext.did-utils": "0.27.0",
     "@sphereon/ssi-sdk-ext.identifier-resolution": "0.27.0",
     "@sphereon/ssi-sdk-ext.jwt-service": "0.27.0",
@@ -36,7 +36,7 @@
     "uuid": "^9.0.1"
   },
   "devDependencies": {
-    "@sphereon/did-auth-siop": "0.16.1-next.339",
+    "@sphereon/did-auth-siop": "0.16.1-feature.IATAB2B.52.345",
     "@sphereon/did-uni-client": "^0.6.3",
     "@veramo/did-provider-key": "4.2.0",
     "@veramo/did-resolver": "4.2.0",

diff --git a/packages/oid4vci-issuer/src/functions.ts b/packages/oid4vci-issuer/src/functions.ts
@@ -5,6 +5,7 @@ import {
   Jwt,
   JwtVerifyResult,
   OID4VCICredentialFormat,
+  StatusListOpts,
 } from '@sphereon/oid4vci-common'
 import { JWTHeader, JWTPayload } from '@sphereon/oid4vci-common/lib/types'
 import { CredentialDataSupplier, CredentialIssuanceInput, CredentialSignerCallback, VcIssuer, VcIssuerBuilder } from '@sphereon/oid4vci-issuer'
@@ -51,10 +52,14 @@ export function getJwtVerifyCallback({ verifyOpts }: { verifyOpts?: JWTVerifyOpt
 
       const header = jwtDecode<JWTHeader>(args.jwt, { header: true })
       const payload = jwtDecode<JWTPayload>(args.jwt, { header: false })
+      const kid = args.kid ?? header.kid
+      const jwk = !kid ? jwkInfo.jwk : undefined // TODO double-check if this is correct
       return {
         alg,
         ...identifier,
         jwt: { header, payload },
+        ...(kid && { kid }),
+        ...(jwk && { jwk }),
       } as JwtVerifyResult<DIDDocument>
     }
 
@@ -178,8 +183,9 @@ export async function getCredentialSignerCallback(
     credential: CredentialIssuanceInput
     jwtVerifyResult: JwtVerifyResult<DIDDocument>
     format?: OID4VCICredentialFormat
+    statusListOpts?: Array<StatusListOpts>
   }): Promise<W3CVerifiableCredential | CompactSdJwtVc> {
-    const { jwtVerifyResult, format } = args
+    const { jwtVerifyResult, format, statusListOpts } = args
     const credential = args.credential as ICredential // TODO: SDJWT
     let proofFormat: ProofFormat
 
@@ -206,7 +212,7 @@ export async function getCredentialSignerCallback(
       // TODO: We should extend the plugin capabilities of issuance so we do not have to tuck this into the sign callback
       if (contextHasPlugin<IStatusListPlugin>(context, 'slAddStatusToCredential')) {
         // Add status list if enabled (and when the input has a credentialStatus object (can be empty))
-        const credentialStatusVC = await context.agent.slAddStatusToCredential({ credential })
+        const credentialStatusVC = await context.agent.slAddStatusToCredential({ credential, statusListOpts })
         if (credential.credentialStatus && !credential.credentialStatus.statusListCredential) {
           credential.credentialStatus = credentialStatusVC.credentialStatus
         }
@@ -239,6 +245,22 @@ export async function getCredentialSignerCallback(
           _sd: credential['_sd'],
         }
       }
+
+      if (contextHasPlugin<IStatusListPlugin>(context, 'slAddStatusToSdJwtCredential')) {
+        if ((sdJwtPayload.status && sdJwtPayload.status.status_list) || (statusListOpts && statusListOpts.length > 0)) {
+          // Add status list if enabled (and when the input has a credentialStatus object (can be empty))
+          const credentialStatusVC = await context.agent.slAddStatusToSdJwtCredential({ credential: sdJwtPayload, statusListOpts })
+          if (sdJwtPayload.status?.status_list?.idx) {
+            if (!credentialStatusVC.status || !credentialStatusVC.status.status_list) {
+              // TODO check, looks like sdJwtPayload and credentialStatusVC is the same
+              return Promise.reject(Error('slAddStatusToSdJwtCredential did not return a status_list'))
+            }
+
+            sdJwtPayload.status.status_list.idx = credentialStatusVC.status.status_list.idx
+          }
+        }
+      }
+
       const result = await context.agent.createSdJwtVc({
         credentialPayload: sdJwtPayload,
         disclosureFrame: disclosureFrame,
@@ -326,20 +348,19 @@ export async function createVciIssuer(
   ).build()
 }
 
-export async function createAuthRequestUriCallback(opts: { path: string, presentationDefinitionId: string }): Promise<() => Promise<string>> {
+export async function createAuthRequestUriCallback(opts: { path: string; presentationDefinitionId: string }): Promise<() => Promise<string>> {
   async function authRequestUriCallback(): Promise<string> {
     const path = opts.path.replace(':definitionId', opts.presentationDefinitionId)
     return fetch(path, {
       method: 'POST',
       headers: {
         'Content-Type': 'application/json',
-      }
-    })
-    .then(async (response): Promise<string> => {
+      },
+    }).then(async (response): Promise<string> => {
       if (response.status >= 400) {
         return Promise.reject(Error(await response.text()))
       } else {
-        const responseData = await response.json();
+        const responseData = await response.json()
 
         if (!responseData.authRequestURI) {
           return Promise.reject(Error('Missing auth request uri in response body'))
@@ -348,26 +369,27 @@ export async function createAuthRequestUriCallback(opts: { path: string, present
         return responseData.authRequestURI
       }
     })
-
   }
 
   return authRequestUriCallback
 }
 
-export async function createVerifyAuthResponseCallback(opts: { path: string, presentationDefinitionId: string }): Promise<(correlationId: string) => Promise<boolean>> {
+export async function createVerifyAuthResponseCallback(opts: {
+  path: string
+  presentationDefinitionId: string
+}): Promise<(correlationId: string) => Promise<boolean>> {
   async function verifyAuthResponseCallback(correlationId: string): Promise<boolean> {
     return fetch(opts.path, {
       method: 'POST',
       headers: {
         'Content-Type': 'application/json',
       },
       body: JSON.stringify({ definitionId: opts.presentationDefinitionId, correlationId }),
-    })
-    .then(async (response): Promise<boolean> => {
+    }).then(async (response): Promise<boolean> => {
       if (response.status >= 400) {
         return Promise.reject(Error(await response.text()))
       } else {
-        const responseData = await response.json();
+        const responseData = await response.json()
 
         if (!responseData.status) {
           return Promise.reject(Error('Missing status in response body'))

diff --git a/packages/siopv2-oid4vp-common/package.json b/packages/siopv2-oid4vp-common/package.json
@@ -12,7 +12,7 @@
     "access": "public"
   },
   "dependencies": {
-    "@sphereon/did-auth-siop": "0.16.1-next.339",
+    "@sphereon/did-auth-siop": "0.16.1-feature.IATAB2B.52.345",
     "@sphereon/ssi-sdk.core": "workspace:*",
     "@sphereon/ssi-types": "workspace:*",
     "uint8arrays": "3.1.1"

diff --git a/packages/siopv2-oid4vp-op-auth/package.json b/packages/siopv2-oid4vp-op-auth/package.json
@@ -14,9 +14,9 @@
     "build:clean": "tsc --build --clean && tsc --build"
   },
   "dependencies": {
-    "@sphereon/did-auth-siop": "0.16.1-next.339",
-    "@sphereon/did-auth-siop-adapter": "0.16.1-next.339",
-    "@sphereon/oid4vc-common": "0.16.1-next.339",
+    "@sphereon/did-auth-siop": "0.16.1-feature.IATAB2B.52.345",
+    "@sphereon/did-auth-siop-adapter": "0.16.1-feature.IATAB2B.52.345",
+    "@sphereon/oid4vc-common": "0.16.1-feature.IATAB2B.52.345",
     "@sphereon/pex": "5.0.0-unstable.28",
     "@sphereon/pex-models": "^2.3.2",
     "@sphereon/ssi-sdk-ext.did-utils": "0.27.0",

diff --git a/packages/siopv2-oid4vp-rp-auth/package.json b/packages/siopv2-oid4vp-rp-auth/package.json
@@ -14,9 +14,9 @@
     "build:clean": "tsc --build --clean && tsc --build"
   },
   "dependencies": {
-    "@sphereon/did-auth-siop": "0.16.1-next.339",
-    "@sphereon/did-auth-siop-adapter": "0.16.1-next.339",
-    "@sphereon/oid4vc-common": "0.16.1-next.339",
+    "@sphereon/did-auth-siop": "0.16.1-feature.IATAB2B.52.345",
+    "@sphereon/did-auth-siop-adapter": "0.16.1-feature.IATAB2B.52.345",
+    "@sphereon/oid4vc-common": "0.16.1-feature.IATAB2B.52.345",
     "@sphereon/pex": "5.0.0-unstable.28",
     "@sphereon/ssi-sdk-ext.did-utils": "0.27.0",
     "@sphereon/ssi-sdk-ext.identifier-resolution": "0.27.0",

diff --git a/packages/siopv2-oid4vp-rp-rest-api/package.json b/packages/siopv2-oid4vp-rp-rest-api/package.json
@@ -11,7 +11,7 @@
     "start:dev": "ts-node __tests__/RestAPI.ts"
   },
   "dependencies": {
-    "@sphereon/did-auth-siop": "0.16.1-next.339",
+    "@sphereon/did-auth-siop": "0.16.1-feature.IATAB2B.52.345",
     "@sphereon/ssi-express-support": "workspace:*",
     "@sphereon/ssi-sdk.core": "workspace:*",
     "@sphereon/ssi-sdk.credential-validation": "workspace:*",

diff --git a/packages/ssi-types/src/types/w3c-vc.ts b/packages/ssi-types/src/types/w3c-vc.ts
@@ -20,7 +20,7 @@ export interface ICredential {
   expirationDate?: string
   // If jti is present, the value MUST be used to set the value of the id property of the new JSON object.
   id?: string
-  credentialStatus?: ICredentialStatus
+  credentialStatus?: ICredentialStatus // | Array<ICredentialStatus>  TODO this is only true for VC v2.0  CREATE TICKET BEFORE PR
   description?: string
   name?: string