diff --git a/packages/siop-oid4vp/lib/__tests__/AuthenticationRequest.request.spec.ts b/packages/siop-oid4vp/lib/__tests__/AuthenticationRequest.request.spec.ts index bdebfd35..3bf4d261 100644 --- a/packages/siop-oid4vp/lib/__tests__/AuthenticationRequest.request.spec.ts +++ b/packages/siop-oid4vp/lib/__tests__/AuthenticationRequest.request.spec.ts @@ -25,6 +25,7 @@ import { VERIFIERZ_PURPOSE_TO_VERIFY, VERIFIERZ_PURPOSE_TO_VERIFY_NL } from './data/mockedData' +import { IPresentationDefinition } from '@sphereon/pex' const EXAMPLE_REDIRECT_URL = 'https://acme.com/hello' const EXAMPLE_REFERENCE_URL = 'https://rp.acme.com/siop/jwts' @@ -549,6 +550,23 @@ describe('create Request JWT should', () => { response_type: 'id_token', redirect_uri: EXAMPLE_REDIRECT_URL, request_object_signing_alg_values_supported: [SigningAlgo.EDDSA, SigningAlgo.ES256], + claims: { + vp_token: { + presentation_definition: { + id: 'Insurance Plans', + input_descriptors: [ + { + id: 'Ontario Health Insurance Plan', + schema: [ + { + uri: 'https://did.itsourweb.org:3000/smartcredential/Ontario-Health-Insurance-Plan', + }, + ], + }, + ], + }, + }, + }, }, }, clientMetadata: { @@ -578,7 +596,8 @@ describe('create Request JWT should', () => { const uriRequest = await URI.fromOpts(opts) const uriDecoded = decodeURIComponent(uriRequest.encodedUri) - expect(uriDecoded).toEqual(`openid4vp://?client_id=https://www.example.com/.well-known/openid-federation&scope=test&response_type=id_token&request_object_signing_alg_values_supported=["ES256","EdDSA"]&redirect_uri=https://acme.com/hello&claims={"vp_token":{"presentation_definition":{"id":"Ontario Health Insurance Plan","name":"Ontario","purpose":"purpose","input_descriptors":[{"id":"Ontario Health Insurance Plan","name":"Ontario","schema":[{"uri":"https://did.itsourweb.org:3000/smartcredential/Ontario-Health-Insurance-Plan"}]}]}}}&request_uri=https://rp.acme.com/siop/jwts`) + expect(uriDecoded.startsWith('openid4vp://?')).toBeTruthy() + expect(uriDecoded).toContain(`request_uri=https://rp.acme.com/siop/jwts`) expect((await (await uriRequest.toAuthorizationRequest())?.requestObject?.getPayload())?.claims.vp_token).toBeDefined() }) @@ -604,7 +623,7 @@ describe('create Request JWT should', () => { kid: KID, alg: SigningAlgo.ES256K, }), -/* payload: { + payload: { client_id: 'test_client_id', scope: 'test', response_type: 'id_token', @@ -626,7 +645,7 @@ describe('create Request JWT should', () => { } as IPresentationDefinition, }, }, - },*/ + }, }, clientMetadata: { idTokenSigningAlgValuesSupported: [SigningAlgo.EDDSA, SigningAlgo.ES256], diff --git a/packages/siop-oid4vp/lib/helpers/Revocation.ts b/packages/siop-oid4vp/lib/helpers/Revocation.ts index 6005baae..2a4eb283 100644 --- a/packages/siop-oid4vp/lib/helpers/Revocation.ts +++ b/packages/siop-oid4vp/lib/helpers/Revocation.ts @@ -7,6 +7,7 @@ import { } from '@sphereon/ssi-types'; import { RevocationStatus, RevocationVerification, RevocationVerificationCallback, VerifiableCredentialTypeFormat } from '../types' +import { LOG } from '../types'; export const verifyRevocation = async ( vpToken: WrappedVerifiablePresentation, @@ -16,27 +17,29 @@ export const verifyRevocation = async ( if (!vpToken) { throw new Error(`VP token not provided`) } - if (isWrappedW3CVerifiablePresentation(vpToken) || isWrappedSdJwtVerifiablePresentation(vpToken)) { // Only W3C support for now - if (!revocationVerificationCallback) { - throw new Error(`Revocation callback not provided`) - } - + if (!(isWrappedW3CVerifiablePresentation(vpToken) || isWrappedSdJwtVerifiablePresentation(vpToken))) { + LOG.debug('verifyRevocation does not support non-w3c presentations at the moment') + return + } + if (!revocationVerificationCallback) { + throw new Error(`Revocation callback not provided`) + } + const vcs = CredentialMapper.isWrappedSdJwtVerifiablePresentation(vpToken) || CredentialMapper.isWrappedMdocPresentation(vpToken) ? [vpToken.vcs[0]] : vpToken.presentation.verifiableCredential - for (const vc of vcs) { - if ( - revocationVerification === RevocationVerification.ALWAYS || - (revocationVerification === RevocationVerification.IF_PRESENT && credentialHasStatus(vc)) - ) { - const result = await revocationVerificationCallback( - vc.original as W3CVerifiableCredential, - originalTypeToVerifiableCredentialTypeFormat(vc.format), - ) - if (result.status === RevocationStatus.INVALID) { - throw new Error(`Revocation invalid for vc. Error: ${result.error}`) - } + for (const vc of vcs) { + if ( + revocationVerification === RevocationVerification.ALWAYS || + (revocationVerification === RevocationVerification.IF_PRESENT && credentialHasStatus(vc)) + ) { + const result = await revocationVerificationCallback( + vc.original as W3CVerifiableCredential, + originalTypeToVerifiableCredentialTypeFormat(vc.format) + ) + if (result.status === RevocationStatus.INVALID) { + throw new Error(`Revocation invalid for vc. Error: ${result.error}`) } } } diff --git a/packages/siop-oid4vp/lib/op/OPBuilder.ts b/packages/siop-oid4vp/lib/op/OPBuilder.ts index b4472240..6db8dd54 100644 --- a/packages/siop-oid4vp/lib/op/OPBuilder.ts +++ b/packages/siop-oid4vp/lib/op/OPBuilder.ts @@ -13,7 +13,7 @@ export class OPBuilder { expiresIn?: number issuer?: IIssuerId | ResponseIss responseMode?: ResponseMode = ResponseMode.DIRECT_POST - responseRegistration?: Partial //= {} + responseRegistration?: Partial = {} createJwtCallback?: CreateJwtCallback verifyJwtCallback?: VerifyJwtCallback presentationSignCallback?: PresentationSignCallback diff --git a/packages/siop-oid4vp/lib/types/index.ts b/packages/siop-oid4vp/lib/types/index.ts index 276b6f18..f00d8f13 100644 --- a/packages/siop-oid4vp/lib/types/index.ts +++ b/packages/siop-oid4vp/lib/types/index.ts @@ -1,5 +1,12 @@ +import { VCI_LOGGERS } from '@sphereon/oid4vc-common' +import { ISimpleLogger, LogMethod } from '@sphereon/ssi-types' + import SIOPErrors from './Errors' +export const LOG: ISimpleLogger = VCI_LOGGERS.options('sphereon:siop-oid4vp', { methods: [LogMethod.EVENT, LogMethod.DEBUG_PKG] }).get( + 'sphereon:siop-oid4vp', +) + export { SIOPErrors } export * from './JWT.types' export * from './SIOP.types'