This class provides primary functionality to for Self Issued OpenIDConnect Provider.
- Parameters
- did:string - fully qualified decentralised identity of the relying party
- doc?:DidDocument - Complete DID Document for the Relying Party [Optional]
- resolvers?:DidResolver[] - Array of resolvers (derived from DidResolver) to be used when resolving DIDs [optional]
- Return
- Promise<Provider>
Create an instance of Provider and internally call setUser method to create an instance of Identity class
- Parameters
- did:string - fully qualified decentralised identity of the user
- doc?:DidDocument - Complete DID Document for the user [Optional]
- Return
- void
Sets the user of the application. If the DID is provied, this function resolves the provided did to a DID Document
Add necessary parameters for the user to cryptographically sign a message
- Parameters
- key:string - Private Key of the user. Should match with one of the Keys provided in DID Document
- Return
- KID of the related public key in DID Document
Removes an already added key information
- Parameters
- kid:string - Key ID of the key to be removed
- Return
- void
async validateRequest(request: string,op_metadata?:any, resolvers?:DidResolver[]): Promise<DID_SIOP.JWTObject>
- Parameters
- request:string - Authentication request from relying party to sign in
- op_metadata - SIOP(OpenIdConnect Provider) metadata: refer core/globals/SIOP_METADATA_SUPPORTED and specification
- resolvers?:DidResolver[] - Array of resolvers (derived from DidResolver) to be used when resolving DIDs [optional]
- Return
- Promise<DID_SIOP.JWTObject>
- Parameters
- requestPayload:any - payload of the request JWT
- expiresIn:number - expiration time in seconds
- Return
- Promise<string>
async generateResponseWithVPData(requestPayload: any, expiresIn: number = 1000, vps:VPData ): Promise<string>
- Parameters
- requestPayload:any - payload of the request JWT
- expiresIn:number - expiration time in seconds
- vps:VPData - Verifiable Presentation Data as JSON Object
- Return
- Promise<SIOPTokensEcoded>
- Parameters
- errorMessage:string - Message part of any error generated by validateRequest(request: string) method. A set of possible errors is provided in DID_SIOP.ERROR_RESPONSES constant. Error object can be accessed with DID_SIOP.ERROR_RESPONSES.<specific_error>.err.
- Return
- Promise<string> (Base64URL encoded)
static async getRP(redirect_uri: string, did: string, registration: any, did_doc?: DidDocument, resolvers?:DidResolver[],op_metadata?:any): Promise<RP>
- Parameters
- redirect_uri:string - redirection URL for the RP, this is where the user would be redirected with id_token once authenticated
- did:string - fully qualified decentralised identity of the relying party
- registration:any - registration meta data of the RP
- doc?:DidDocument - Complete DID Document for the Relying Party [Optional]
- resolvers?:DidResolver[] - Array of resolvers (derived from DidResolver) to be used when resolving DIDs [optional]
- op_metadata?:any - OpenIDConnect Provider metadata. Can use to override defaults specified here [optional]
- Return
- Promise<RP>
Add necessary parameters for the user to cryptographically sign a message
- Parameters
- key:string - Private Key of the user. Should match with one of the Keys provided in DID Document
- Return
- KID of the related public key in DID Document
Removes an already added key information
- Parameters
- kid:string - Key ID of the key to be removed
- Return
- void
- Parameters
- options:any = {} - Any additional options to include in the request as a JSON object
- Return
- Promise<string>
- Parameters
- request_uri:string - URI for the signed JWT token
- options:any = {} - Any additional options to include in the request as a JSON object
- Return
- Promise<string>
async validateResponse(response:string, checkParams: CheckParams = {redirect_uri: this.info.redirect_uri},resolvers?:DidResolver[]): Promise<DID_SIOP.JWTObject | DID_SIOP.SIOPErrorResponse>
- Parameters
- response:string - Received response as a string
- checkParams: DID*SIOP.CheckParams - Parameters against which the response must be validated. redirect*uri is given by default. Other possible values are **_validBefore: number***, _isExpirable: boolean* and **nonce: string**. Several others will be supported in future.
- resolvers?:DidResolver[] - Array of resolvers (derived from DidResolver) to be used when resolving DIDs [optional]
- Return
- Promise<DID_SIOP.JWTObject | DID_SIOP.SIOPErrorResponse>
- Notes
- If you use nonce in the request, you must include the same nonce when validate the response.
async validateResponseWithVPData(tokensEncoded: SIOPTokensEcoded, checkParams: CheckParams = {redirect_uri: this.info.redirect_uri},resolvers?:DidResolver[]): Promise<SIOPTokenObjects | DID_SIOP.SIOPErrorResponse>
- Parameters
- response:string - Received response as a string
- checkParams: DID*SIOP.CheckParams - Parameters against which the response must be validated. redirect*uri is given by default. Other possible values are **_validBefore: number***, _isExpirable: boolean* and **nonce: string**. Several others will be supported in future.
- resolvers?:DidResolver[] - Array of resolvers (derived from DidResolver) to be used when resolving DIDs [optional]
- Return
- Promise<DID_SIOP.SIOPTokenObjects | DID_SIOP.SIOPErrorResponse>
- Notes
- If you use nonce in the request, you must include the same nonce when validate the response.
validateRequestJWTClaims
- Defined In : Claimd/Index.ts
- Input : Tokens (vp & id) as a SIOPTokensEcoded , each token is a Base64 encoded JWT
- Validation : only the vp_token within the claim
- Return : Promise.resolve if success, reject otherwise
generateResponseWithVPData
- Defined In : core/Response.ts
- Input : Claims as a JSON object
- Validation : only the vp_token within the claim
- Return : Promise
generateResponseVPToken
- Defined In : core/Response.ts
- Input : requestPayload as a JSON object, vp_token & _vp_token as VPData
- Validation : validate vp_token interally using validateResponseVPToken
- Return : Promise, vp_token as string (Encoded JWT)
validateResponseWithVPData
- Defined In : Claimd/Index.ts
- Input : Tokens (vp & id) as a SIOPTokensEcoded , each token is a Base64 encoded JWT
- Validation : Internally calls DidSiopResponse.validateResponse to validate the id_token Internally calls Claimd/Index.ts::validateResponseVPToken to validate the vp_token
- Return : Promise (true | SIOPErrorResponse)
validateResponseVPToken
- Defined In : Claimd/Index.ts
- Input : vp_token as a JSON object
- Validation : look for verifiableCredential attribute within the vp_token
- Return : Promise.resolve if success, reject otherwise
validateResponse_VPToken
- Defined In : Claimd/Index.ts
- Input : _vp_token as a JSON object
- Validation : validate whether the input param is a valid JSON object
- Return : Promise.resolve if success, reject otherwise
validateResponseVPTokenJWT
- Defined In : Claimd/Index.ts
- Input : vp_token as a JWT object
- Validation : look for verifiableCredential attribute within the vp_token
- Return : Promise.resolve if success, reject otherwise