microsoft
/
VerifiableCredentials-Verification-SDK-Typescript
зеркало из
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Migrate the contracts to the SDK (#23) 

* Migrate the contracts to the SDK

* 0.5.25

* Remove TSMap dependencies

Co-authored-by: Guillermo Proano <gproano@microsoft.com>
This commit is contained in:
Guillermo Proano 2020-05-05 20:38:42 -07:00 коммит произвёл GitHub
Родитель 6106d21e95
Коммит 0d9ebf4645
Не найден ключ, соответствующий данной подписи
Идентификатор ключа GPG: 4AEE18F83AFDEB23
18 изменённых файлов: 951 добавлений и 364 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

36
lib/index.ts
Просмотреть файл

@ -48,5 +48,37 @@ export { IRevocedCard };
import { IResponse } from './InputValidation/IValidationResponse';
import RequestorBuilder from './ApiOidcRequest/RequestorBuilder';
import Requestor from './ApiOidcRequest/Requestor';
import { IssuanceAttestationsModel } from './ApiOidcRequest/IssuanceAttestationsModel';
export { IssuanceAttestationsModel, IResponse, RequestorBuilder, Requestor };
export { IResponse, RequestorBuilder, Requestor };
import { BaseAttestationModel } from './rules-model/BaseAttestationModel';
import { BaseIssuanceModel } from './rules-model/BaseIssuanceModel';
import { IdTokenAttestationModel } from './rules-model/IdTokenAttestationModel';
import { InputClaimModel } from './rules-model/InputClaimModel';
import { InputModel } from './rules-model/InputModel';
import { IssuanceAttestationsModel } from './rules-model/IssuanceAttestationsModel';
import { RemoteKeyAuthorizationModel } from './rules-model/RemoteKeyAuthorizationModel';
import { RemoteKeyModel } from './rules-model/RemoteKeyModel';
import { RulesModel } from './rules-model/RulesModel';
import { SelfIssuedAttestationModel } from './rules-model/SelfIssuedAttestationModel';
import { TrustedIssuerModel } from './rules-model/TrustedIssuerModel';
import { VerifiablePresentationAttestationModel } from './rules-model/VerifiablePresentationAttestationModel';
import { RefreshConfigurationModel } from './rules-model/RefreshConfigurationModel';
import { VerifiableCredentialModel } from './rules-model/VerifiableCredentialModel';
import { TransformModel } from './rules-model/TransformModel';
export {
TransformModel,
VerifiableCredentialModel,
RefreshConfigurationModel,
BaseAttestationModel,
BaseIssuanceModel,
IdTokenAttestationModel,
InputClaimModel,
InputModel,
IssuanceAttestationsModel,
RemoteKeyAuthorizationModel,
RemoteKeyModel,
RulesModel,
SelfIssuedAttestationModel,
TrustedIssuerModel,
VerifiablePresentationAttestationModel
};

128
lib/ApiOidcRequest/BaseAttestationModel.ts → lib/rules-model/BaseAttestationModel.ts
Просмотреть файл

@ -1,64 +1,64 @@
/*---------------------------------------------------------------------------------------------
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License. See License.txt in the project root for license information.
*--------------------------------------------------------------------------------------------*/
import { InputClaimModel } from './InputClaimModel';
/**
* Base class for input attestations
*/
export abstract class BaseAttestationModel {
/**
*
* @param mapping a map of string to InputClaimModel instances
* @param encrypted flag indicating if the attestation is encrypted
* @param claims an array of InputClaimModel values
* @param required an array of InputClaimModel values
*/
constructor(
public mapping?: { [map: string]: InputClaimModel },
public encrypted = false,
public claims?: InputClaimModel[],
public required = false
) {
}
/**
* Populate an instance of BaseAttestationModel from any instance
* @param input object instance to populate from
*/
populateFrom(input: any): void {
this.encrypted = input.encrypted;
this.claims = input.claims;
this.mapping = {};
this.required = input.required;
if (input.mapping) {
for (let key of Object.keys(input.mapping)) {
let claim = new InputClaimModel();
claim.populateFrom(input.mapping[key]);
this.mapping[key] = claim;
}
}
}
/**
* Create a IdTokenAttestationModel for an input resource
*/
forInput(): BaseAttestationModel {
const arr: InputClaimModel[] = [];
for (let key in this.mapping) {
arr.push(this.mapping![key].forInput());
}
return this.createForInput(arr);
}
/**
* Creates Model given input claims.
* @param claims Input claims
*/
protected abstract createForInput(claims: InputClaimModel[]): BaseAttestationModel;
}
/*---------------------------------------------------------------------------------------------
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License. See License.txt in the project root for license information.
*--------------------------------------------------------------------------------------------*/
import { InputClaimModel } from './InputClaimModel';
/**
* Base class for input attestations
*/
export abstract class BaseAttestationModel {
/**
*
* @param mapping a map of string to InputClaimModel instances
* @param encrypted flag indicating if the attestation is encrypted
* @param claims an array of InputClaimModel values
* @param required an array of InputClaimModel values
*/
constructor(
public mapping?: { [map: string]: InputClaimModel },
public encrypted = false,
public claims?: InputClaimModel[],
public required = false
) {
}
/**
* Populate an instance of BaseAttestationModel from any instance
* @param input object instance to populate from
*/
populateFrom(input: any): void {
this.encrypted = input.encrypted;
this.claims = input.claims;
this.mapping = {};
this.required = input.required;
if (input.mapping) {
for (let key of Object.keys(input.mapping)) {
let claim = new InputClaimModel();
claim.populateFrom(input.mapping[key]);
this.mapping[key] = claim;
}
}
}
/**
* Create a IdTokenAttestationModel for an input resource
*/
forInput(): BaseAttestationModel {
const arr: InputClaimModel[] = [];
for (let key in this.mapping) {
arr.push(this.mapping![key].forInput());
}
return this.createForInput(arr);
}
/**
* Creates Model given input claims.
* @param claims Input claims
*/
protected abstract createForInput(claims: InputClaimModel[]): BaseAttestationModel;
}

31
lib/rules-model/BaseIssuanceModel.ts Normal file
Просмотреть файл

@ -0,0 +1,31 @@
/*---------------------------------------------------------------------------------------------
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License. See License.txt in the project root for license information.
*--------------------------------------------------------------------------------------------*/
import { IssuanceAttestationsModel } from './IssuanceAttestationsModel';
/**
* Base class for the modeling the Rules/Input files
*/
export abstract class BaseIssuanceModel {
/**
*
* @param credentialIssuer url to the issuance endpoint of the Verifiable Credential
* @param issuer the DID of the Verifiable Credential Issuer
* @param attestations IssuanceAttestationsModel instance
*/
constructor (public credentialIssuer?: string, public issuer?: string, public attestations?: IssuanceAttestationsModel) {
}
/**
* Populate an instance of BaseAttestationModel from any instance
* @param input object instance to populate from
*/
populateFrom (input: any): void {
this.attestations = new IssuanceAttestationsModel();
this.attestations.populateFrom(input.attestations);
this.credentialIssuer = input.credentialIssuer;
this.issuer = input.issuer;
}
}

109
lib/ApiOidcRequest/IdTokenAttestationModel.ts → lib/rules-model/IdTokenAttestationModel.ts
Просмотреть файл

@ -1,55 +1,54 @@
/*---------------------------------------------------------------------------------------------
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License. See License.txt in the project root for license information.
*--------------------------------------------------------------------------------------------*/
import { BaseAttestationModel } from './BaseAttestationModel';
import { TSMap } from 'typescript-map';
import { InputClaimModel } from './InputClaimModel';
/**
* Model for defining Open Id Configuration for an Input contract
*/
export class IdTokenAttestationModel extends BaseAttestationModel {
/**
*
* @param configuration url to an Open Id Connect Provider configuration
* @param client_id if dynamic registration is not supported, the registered client to use for implicit authorization flows
* @param redirect_uri if dynamic registration is not supported, the redirect_uri used for implicit authorization flows
* @param mapping a map of string to InputClaimModel instances
* @param encrypted flag indicating if the attestation is encrypted
* @param claims an array of InputClaimModel values
* @param required a flag indicating whether the attestation is required
*/
constructor(
public configuration?: string,
// tslint:disable-next-line:variable-name
public client_id?: string,
// tslint:disable-next-line:variable-name
public redirect_uri?: string,
mapping?: { [map: string]: InputClaimModel },
encrypted: boolean = false,
claims?: InputClaimModel[],
required: boolean = false) {
super(mapping, encrypted, claims, required);
}
/**
* Populate an instance of IdTokenAttestationModel from any instance
* @param input object instance to populate from
*/
populateFrom(input: any): void {
super.populateFrom(input);
this.configuration = input.configuration;
this.client_id = input.client_id;
this.redirect_uri = input.redirect_uri;
}
/**
* Creates Model given input claims.
* @param claims Input claims
*/
protected createForInput(claims: InputClaimModel[]): BaseAttestationModel {
return new IdTokenAttestationModel(this.configuration, this.client_id, this.redirect_uri, undefined, this.encrypted, claims, this.required);
}
}
/*---------------------------------------------------------------------------------------------
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License. See License.txt in the project root for license information.
*--------------------------------------------------------------------------------------------*/
import { BaseAttestationModel } from './BaseAttestationModel';
import { InputClaimModel } from './InputClaimModel';
/**
* Model for defining Open Id Configuration for an Input contract
*/
export class IdTokenAttestationModel extends BaseAttestationModel {
/**
*
* @param configuration url to an Open Id Connect Provider configuration
* @param client_id if dynamic registration is not supported, the registered client to use for implicit authorization flows
* @param redirect_uri if dynamic registration is not supported, the redirect_uri used for implicit authorization flows
* @param mapping a map of string to InputClaimModel instances
* @param encrypted flag indicating if the attestation is encrypted
* @param claims an array of InputClaimModel values
* @param required a flag indicating whether the attestation is required
*/
constructor(
public configuration?: string,
// tslint:disable-next-line:variable-name
public client_id?: string,
// tslint:disable-next-line:variable-name
public redirect_uri?: string,
mapping?: { [map: string]: InputClaimModel },
encrypted: boolean = false,
claims?: InputClaimModel[],
required: boolean = false) {
super(mapping, encrypted, claims, required);
}
/**
* Populate an instance of IdTokenAttestationModel from any instance
* @param input object instance to populate from
*/
populateFrom(input: any): void {
super.populateFrom(input);
this.configuration = input.configuration;
this.client_id = input.client_id;
this.redirect_uri = input.redirect_uri;
}
/**
* Creates Model given input claims.
* @param claims Input claims
*/
protected createForInput(claims: InputClaimModel[]): BaseAttestationModel {
return new IdTokenAttestationModel(this.configuration, this.client_id, this.redirect_uri, undefined, this.encrypted, claims, this.required);
}
}

91
lib/ApiOidcRequest/InputClaimModel.ts → lib/rules-model/InputClaimModel.ts
Просмотреть файл

@ -1,43 +1,48 @@
/*---------------------------------------------------------------------------------------------
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License. See License.txt in the project root for license information.
*--------------------------------------------------------------------------------------------*/
/**
* Model for representing an InputClaim in the Input file
*/
export class InputClaimModel {
/**
*
* @param claim the name of the claim
* @param type hint indicating what the type of the claim must be
* @param required flag indicating if the claim is required
* @param indexed flag indicating whether or not this claim may be indexed for Verifiable Credential searching
*/
constructor(
public claim?: string,
public type?: string,
public required: boolean = false,
public indexed: boolean = false
) {
}
/**
* Populate an instance of InputClaimModel from any instance
* @param input object instance to populate from
*/
populateFrom(input: any): void {
this.claim = input.claim;
this.required = input.required;
this.type = input.type;
this.indexed = input.indexed;
}
/**
* Creates Model given input claims.
* @param claims Input claims
*/
forInput(): InputClaimModel {
return new InputClaimModel(this.claim, this.type, this.required);
}
}
/*---------------------------------------------------------------------------------------------
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License. See License.txt in the project root for license information.
*--------------------------------------------------------------------------------------------*/
import { TransformModel } from './TransformModel';
/**
* Model for representing an InputClaim in the Input file
*/
export class InputClaimModel {
/**
*
* @param claim the name of the claim
* @param type hint indicating what the type of the claim must be
* @param required flag indicating if the claim is required
* @param indexed flag indicating whether or not this claim may be indexed for Verifiable Credential searching
* @param transform TransformModel instance
*/
constructor(
public claim?: string,
public type?: string,
public required: boolean = false,
public indexed: boolean = false,
public transform?: TransformModel
) {
}
/**
* Populate an instance of InputClaimModel from any instance
* @param input object instance to populate from
*/
populateFrom(input: any): void {
this.claim = input.claim;
this.required = input.required;
this.type = input.type;
this.transform = input.transform;
this.indexed = input.indexed;
}
/**
* Creates Model given input claims.
* @param claims Input claims
*/
forInput(): InputClaimModel {
return new InputClaimModel(this.claim, this.type, this.required);
}
}

24
lib/rules-model/InputModel.ts Normal file
Просмотреть файл

@ -0,0 +1,24 @@
/*---------------------------------------------------------------------------------------------
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License. See License.txt in the project root for license information.
*--------------------------------------------------------------------------------------------*/
import { BaseIssuanceModel } from './BaseIssuanceModel';
/**
* Model for serializing Input
*/
export class InputModel extends BaseIssuanceModel {
/**
* Model id.
*/
public id: string = "input";
/**
*
* @param source IssuanceAttestationsModel instance to derive from
*/
constructor (source: BaseIssuanceModel) {
super(source.credentialIssuer, source.issuer, source.attestations?.forInput());
}
}

128
lib/ApiOidcRequest/IssuanceAttestationsModel.ts → lib/rules-model/IssuanceAttestationsModel.ts
Просмотреть файл

@ -1,64 +1,64 @@
/*---------------------------------------------------------------------------------------------
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License. See License.txt in the project root for license information.
*--------------------------------------------------------------------------------------------*/
import { SelfIssuedAttestationModel } from './SelfIssuedAttestationModel';
import { VerifiablePresentationAttestationModel } from './VerifiablePresentationAttestationModel';
import { IdTokenAttestationModel } from './IdTokenAttestationModel';
/**
* Model for attestations for input contract
*/
export class IssuanceAttestationsModel {
/**
*
* @param selfIssued SelfIssuedAttestationModel instance
* @param presentations an array of VerifiablePresentationModel instances
* @param idTokens an array of IdTokenAttestationModel instances
*/
constructor (
public selfIssued?: SelfIssuedAttestationModel,
public presentations?: VerifiablePresentationAttestationModel[],
public idTokens?: IdTokenAttestationModel[]) {
}
/**
* Derives an IssuanceAttestationModel for input from a Rules attestation model
*/
forInput (): IssuanceAttestationsModel {
return new IssuanceAttestationsModel(
this.selfIssued === undefined ? undefined : <SelfIssuedAttestationModel>this.selfIssued.forInput(),
this.presentations === undefined ? undefined : this.presentations.map(presentation => <VerifiablePresentationAttestationModel>presentation.forInput()),
this.idTokens === undefined ? undefined : this.idTokens.map(token => <IdTokenAttestationModel>token.forInput()));
}
/**
* Populate an instance of IssuanceAttestationsModel from any instance
* @param input object instance to populate from
*/
populateFrom (input: any): void {
if (input.selfIssued !== undefined) {
this.selfIssued = new SelfIssuedAttestationModel();
this.selfIssued.populateFrom(input.selfIssued);
}
if (input.presentations !== undefined) {
const arr = Array.from(input.presentations);
this.presentations = arr.map(presentation => {
const p = new VerifiablePresentationAttestationModel();
p.populateFrom(presentation);
return p;
});
}
if (input.idTokens !== undefined) {
const arr = Array.from(input.idTokens);
this.idTokens = arr.map(token => {
const t = new IdTokenAttestationModel();
t.populateFrom(token);
return t;
});
}
}
}
/*---------------------------------------------------------------------------------------------
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License. See License.txt in the project root for license information.
*--------------------------------------------------------------------------------------------*/
import { SelfIssuedAttestationModel } from './SelfIssuedAttestationModel';
import { VerifiablePresentationAttestationModel } from './VerifiablePresentationAttestationModel';
import { IdTokenAttestationModel } from './IdTokenAttestationModel';
/**
* Model for attestations for input contract
*/
export class IssuanceAttestationsModel {
/**
*
* @param selfIssued SelfIssuedAttestationModel instance
* @param presentations an array of VerifiablePresentationModel instances
* @param idTokens an array of IdTokenAttestationModel instances
*/
constructor (
public selfIssued?: SelfIssuedAttestationModel,
public presentations?: VerifiablePresentationAttestationModel[],
public idTokens?: IdTokenAttestationModel[]) {
}
/**
* Derives an IssuanceAttestationModel for input from a Rules attestation model
*/
forInput (): IssuanceAttestationsModel {
return new IssuanceAttestationsModel(
this.selfIssued === undefined ? undefined : <SelfIssuedAttestationModel>this.selfIssued.forInput(),
this.presentations === undefined ? undefined : this.presentations.map(presentation => <VerifiablePresentationAttestationModel>presentation.forInput()),
this.idTokens === undefined ? undefined : this.idTokens.map(token => <IdTokenAttestationModel>token.forInput()));
}
/**
* Populate an instance of IssuanceAttestationsModel from any instance
* @param input object instance to populate from
*/
populateFrom (input: any): void {
if (input.selfIssued !== undefined) {
this.selfIssued = new SelfIssuedAttestationModel();
this.selfIssued.populateFrom(input.selfIssued);
}
if (input.presentations !== undefined) {
const arr = Array.from(input.presentations);
this.presentations = arr.map(presentation => {
const p = new VerifiablePresentationAttestationModel();
p.populateFrom(presentation);
return p;
});
}
if (input.idTokens !== undefined) {
const arr = Array.from(input.idTokens);
this.idTokens = arr.map(token => {
const t = new IdTokenAttestationModel();
t.populateFrom(token);
return t;
});
}
}
}

24
lib/rules-model/RefreshConfigurationModel.ts Normal file
Просмотреть файл

@ -0,0 +1,24 @@
/*---------------------------------------------------------------------------------------------
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License. See License.txt in the project root for license information.
*--------------------------------------------------------------------------------------------*/
/**
* Model to express a Refresh Configuration
*/
export class RefreshConfigurationModel {
/**
*
* @param validityInterval the interval in seconds for enabling refresh
*/
constructor (public validityInterval?: number) {
}
/**
* Populate an instance of RemoteKeyAuthorizationModel from any instance
* @param input object instance to populate from
*/
populateFrom (input: any): void {
this.validityInterval = input.validityInterval;
}
}

20
lib/rules-model/RemoteKeyAuthorizationModel.ts Normal file
Просмотреть файл

@ -0,0 +1,20 @@
/*---------------------------------------------------------------------------------------------
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License. See License.txt in the project root for license information.
*--------------------------------------------------------------------------------------------*/
/**
* Model representing a Remote Key Authorization payload
*/
export class RemoteKeyAuthorizationModel {
constructor (public method?: string) {
}
/**
* Populate an instance of RemoteKeyAuthorizationModel from any instance
* @param input object instance to populate from
*/
populateFrom (input: any): void {
this.method = input.method;
}
}

43
lib/rules-model/RemoteKeyModel.ts Normal file
Просмотреть файл

@ -0,0 +1,43 @@
/*---------------------------------------------------------------------------------------------
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License. See License.txt in the project root for license information.
*--------------------------------------------------------------------------------------------*/
import { RemoteKeyAuthorizationModel } from './RemoteKeyAuthorizationModel';
/**
* Model to express a Remote Key
*/
export class RemoteKeyModel {
/**
*
* @param kid analog to the JOSE key id parameter which may be used to identify an arbitrary key
* @param key url to a remote private key which may execute a decrypt/sign operation
* @param x5t the thumbprint of a certificate identifying the public key counterpart of the private key
* @param pfx url instructing the issuer about where to obtain a PKCS 12 to obtain the private key for a decrypt/sign operation
* @param extractable flag indicating if the remote key is extractable
* @param authorization an object that describes how the Issue API will authorize to the remote key
*/
constructor(
public kid?: string,
public key?: string,
public x5t?: string,
public pfx?: string,
public extractable: boolean = false,
public authorization?: RemoteKeyAuthorizationModel
) {}
/**
* Populate an instance of RemoteKeyAuthorizationModel from any instance
* @param input object instance to populate from
*/
populateFrom(input: any): void {
this.kid = input.kid;
this.key = input.key;
this.x5t = input.x5t;
this.pfx = input.pfx;
this.extractable = input.extractable;
this.authorization = new RemoteKeyAuthorizationModel();
this.authorization.populateFrom(input.authorization);
}
}

87
lib/rules-model/RulesModel.ts Normal file
Просмотреть файл

@ -0,0 +1,87 @@
/*---------------------------------------------------------------------------------------------
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License. See License.txt in the project root for license information.
*--------------------------------------------------------------------------------------------*/
import { BaseIssuanceModel } from './BaseIssuanceModel';
import { IssuanceAttestationsModel } from './IssuanceAttestationsModel';
import { RemoteKeyModel } from './RemoteKeyModel';
import { RefreshConfigurationModel } from './RefreshConfigurationModel';
import { VerifiableCredentialModel } from './VerifiableCredentialModel';
import { TrustedIssuerModel } from '..';
/**
* Data Model to serialize a Rules file into
*/
export class RulesModel extends BaseIssuanceModel {
/**
*
* @param credentialIssuer url to the issuance endpoint of the Verifiable Credential
* @param issuer the DID of the Verifiable Credential Issuer
* @param attestations IssuanceAttestationsModel instance
* @param validityInterval the time in seconds after issuance that the Verifiable Credential will be valid for
* @param decryptionKeys An array of RemoteKey objects which allow an encrypted attestation to be decrypted.
* @param signingKeys An array of RemoteKey objects which will sign the Verifiable Credential
* @param refresh describes if Verifiable Credential refresh is enabled and for how long
* @param statusCheckDisabled flag indicating that the credentialStatus claim must be omitted from a Verifiable Credential
* @param clientRevocationDisabled flag indicating that the revokeService claim must be omitted from a Verifiable Credential. Use of this flag allows an
* Issuer to customize revocation operations
* @param vc VerifiableCredential instance
* @param minimalDisclosure a flag indicating if the issuer should create a minimal disclosure credential
* @param endorsers optional array of endorsers of the Verifiable Credential Issuer
*/
constructor(
credentialIssuer?: string,
issuer?: string,
attestations?: IssuanceAttestationsModel,
public validityInterval?: number,
public decryptionKeys?: RemoteKeyModel[],
public signingKeys?: RemoteKeyModel[],
public refresh?: RefreshConfigurationModel,
public statusCheckDisabled: boolean = false,
public clientRevocationDisabled: boolean = false,
public vc?: VerifiableCredentialModel,
public minimalDisclosure: boolean = false,
public endorsers?: TrustedIssuerModel[]) {
super(credentialIssuer, issuer, attestations);
}
/**
* Populate an instance of RemoteKeyAuthorizationModel from any instance
* @param input object instance to populate from
*/
populateFrom(input: any): void {
super.populateFrom(input);
this.validityInterval = input.validityInterval;
this.statusCheckDisabled = input.statusCheckDisabled ?? false;
this.minimalDisclosure = input.minimalDisclosure ?? false;
this.endorsers = input.endorsers;
this.clientRevocationDisabled = input.clientRevocationDisabled ?? false;
if (input.decryptionKeys) {
const arr = Array.from(input.decryptionKeys);
this.decryptionKeys = arr.map(RulesModel.createRemoteKey);
}
if (input.signingKeys) {
const arr = Array.from(input.signingKeys);
this.signingKeys = arr.map(RulesModel.createRemoteKey);
}
if (input.refresh) {
this.refresh = new RefreshConfigurationModel();
this.refresh.populateFrom(input.refresh);
}
if(input.vc){
this.vc = new VerifiableCredentialModel();
this.vc.populateFrom(input.vc);
}
}
private static createRemoteKey(key: any): RemoteKeyModel {
const k = new RemoteKeyModel();
k.populateFrom(key);
return k;
}
}

63
lib/ApiOidcRequest/SelfIssuedAttestationModel.ts → lib/rules-model/SelfIssuedAttestationModel.ts
Просмотреть файл

@ -1,32 +1,31 @@
/*---------------------------------------------------------------------------------------------
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License. See License.txt in the project root for license information.
*--------------------------------------------------------------------------------------------*/
import { InputClaimModel } from './InputClaimModel';
import { BaseAttestationModel } from './BaseAttestationModel';
import { TSMap } from 'typescript-map';
/**
* Model for defining Self Issued claims
*/
export class SelfIssuedAttestationModel extends BaseAttestationModel {
/**
*
* @param mapping a map of string to InputClaimModel instances
* @param encrypted flag indicating if the attestation is encrypted
* @param claims an array of InputClaimModel values
* @param required a flag indicating whether the attestation is required
*/
constructor(mapping?: { [map: string]: InputClaimModel }, encrypted: boolean = false, claims?: InputClaimModel[], required: boolean = false) {
super(mapping, encrypted, claims, required);
}
/**
* Creates Model given input claims.
* @param claims Input claims
*/
protected createForInput(claims: InputClaimModel[]): BaseAttestationModel {
return new SelfIssuedAttestationModel(undefined, this.encrypted, claims, this.required);
}
}
/*---------------------------------------------------------------------------------------------
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License. See License.txt in the project root for license information.
*--------------------------------------------------------------------------------------------*/
import { InputClaimModel } from './InputClaimModel';
import { BaseAttestationModel } from './BaseAttestationModel';
/**
* Model for defining Self Issued claims
*/
export class SelfIssuedAttestationModel extends BaseAttestationModel {
/**
*
* @param mapping a map of string to InputClaimModel instances
* @param encrypted flag indicating if the attestation is encrypted
* @param claims an array of InputClaimModel values
* @param required a flag indicating whether the attestation is required
*/
constructor(mapping?: { [map: string]: InputClaimModel }, encrypted: boolean = false, claims?: InputClaimModel[], required: boolean = false) {
super(mapping, encrypted, claims, required);
}
/**
* Creates Model given input claims.
* @param claims Input claims
*/
protected createForInput(claims: InputClaimModel[]): BaseAttestationModel {
return new SelfIssuedAttestationModel(undefined, this.encrypted, claims, this.required);
}
}

26
lib/rules-model/TransformModel.ts Normal file
Просмотреть файл

@ -0,0 +1,26 @@
/*---------------------------------------------------------------------------------------------
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License. See License in the project root for license information.
*--------------------------------------------------------------------------------------------*/
/**
* Model for representing a Transform property in an InputClaimModel
*/
export class TransformModel {
/**
*
* @param name The name of the Transform function
* @param remote A url to a remote transform function
*/
constructor (public name?: string, public remote?: string) {
}
/**
* Populate an instance of TransformModel from any instance
* @param input object instance to populate from
*/
populateFrom (input: any): void {
this.name = input.name;
this.remote = input.remote;
}
}

48
lib/ApiOidcRequest/TrustedIssuerModel.ts → lib/rules-model/TrustedIssuerModel.ts
Просмотреть файл

@ -1,24 +1,24 @@
/*---------------------------------------------------------------------------------------------
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License. See License.txt in the project root for license information.
*--------------------------------------------------------------------------------------------*/
/**
* Model for defining a Trusted Issuer for a Verifiable Credential
*/
export class TrustedIssuerModel {
/**
* Creates a Trusted Issuer instance
* @param iss the Decentralized Identity of the Issuer
*/
constructor (public iss?: string) {
}
/**
* Populate an instance of TrustedIssuerModel from any instance
* @param input object instance to populate from
*/
populateFrom (input: any): void {
this.iss = input.iss;
}
}
/*---------------------------------------------------------------------------------------------
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License. See License.txt in the project root for license information.
*--------------------------------------------------------------------------------------------*/
/**
* Model for defining a Trusted Issuer for a Verifiable Credential
*/
export class TrustedIssuerModel {
/**
* Creates a Trusted Issuer instance
* @param iss the Decentralized Identity of the Issuer
*/
constructor (public iss?: string) {
}
/**
* Populate an instance of TrustedIssuerModel from any instance
* @param input object instance to populate from
*/
populateFrom (input: any): void {
this.iss = input.iss;
}
}

40
lib/rules-model/VerifiableCredentialModel.ts Normal file
Просмотреть файл

@ -0,0 +1,40 @@
/*---------------------------------------------------------------------------------------------
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License. See License.txt in the project root for license information.
*--------------------------------------------------------------------------------------------*/
/**
* Model for defining a Verifiable Credential
*/
export class VerifiableCredentialModel {
/**
* Verifiable credential contexts.
*/
'@context': string[];
constructor(context?: string[], public type?: string[], public credentialSubject?: any, public credentialStatus?: any, public credentialRefresh?: any) {
if (context !== undefined) {
this['@context'] = context;
}
}
/**
* Populate an instance of TrustedIssuerModel from any instance
* @param input object instance to populate from
*/
populateFrom(input: any): void {
if (input['@context'] !== undefined) {
const arr = Array.from(input['@context']);
this['@context'] = arr.map(c => <string>c);
}
if (input.type !== undefined) {
const arr = Array.from(input.type);
this.type = arr.map(t => <string>t);
}
this.credentialSubject = input.credentialSubject;
this.credentialStatus = input.credentialStatus;
this.credentialRefresh = input.credentialRefresh;
}
}

159
lib/ApiOidcRequest/VerifiablePresentationAttestationModel.ts → lib/rules-model/VerifiablePresentationAttestationModel.ts
Просмотреть файл

@ -1,80 +1,79 @@
/*---------------------------------------------------------------------------------------------
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License. See License.txt in the project root for license information.
*--------------------------------------------------------------------------------------------*/
import { TrustedIssuerModel } from './TrustedIssuerModel';
import { BaseAttestationModel } from './BaseAttestationModel';
import { TSMap } from 'typescript-map';
import { InputClaimModel } from './InputClaimModel';
/**
* Represents a Verifiable Presentation in the input file
*/
export class VerifiablePresentationAttestationModel extends BaseAttestationModel {
/**
* Instantiates a VerifiablePresentationModel
* @param credentialType the type of the Verifiable Credential as specified: https://www.w3.org/TR/vc-data-model/#types
* @param issuers an array of Trusted Issuers for the Verifiable Credential
* @param endorsers an array of Trusted Endorsers for the Verifiable Credential
* @param contracts an array of URLs to approved contracts which return the type of Verifiable Credential
* @param mapping a map of string to InputClaimModel instances
* @param encrypted flag indicating if the attestation is encrypted
* @param claims an array of InputClaimModel values
* @param required a flag indicating whether the attestation is required
*/
constructor (
public credentialType?: string,
public issuers?: TrustedIssuerModel[],
public endorsers?: TrustedIssuerModel[],
public contracts?: string[],
mapping?: { [map: string]: InputClaimModel},
encrypted: boolean = false,
claims?: InputClaimModel[],
required: boolean = false) {
super(mapping, encrypted, claims, required);
}
/**
* Populate an instance of VerifiablePresentationModel from any instance
* @param input object instance to populate from
*/
populateFrom (input: any): void {
super.populateFrom(input);
this.credentialType = input.credentialType;
this.contracts = input.contracts;
if (input.issuers) {
const arr = Array.from(input.issuers);
this.issuers = arr.map(VerifiablePresentationAttestationModel.createTrustedIssuer);
}
if (input.endorsers) {
const arr = Array.from(input.endorsers);
this.endorsers = arr.map(VerifiablePresentationAttestationModel.createTrustedIssuer);
}
}
private static createTrustedIssuer (issuer: any): TrustedIssuerModel {
const t = new TrustedIssuerModel();
t.populateFrom(issuer);
return t;
}
/**
* Creates Model given input claims.
* @param claims Input claims
*/
protected createForInput(claims: InputClaimModel[]): BaseAttestationModel {
return new VerifiablePresentationAttestationModel(
this.credentialType,
this.issuers,
this.endorsers,
this.contracts,
undefined,
this.encrypted,
claims,
this.required
);
}
}
/*---------------------------------------------------------------------------------------------
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License. See License.txt in the project root for license information.
*--------------------------------------------------------------------------------------------*/
import { TrustedIssuerModel } from './TrustedIssuerModel';
import { BaseAttestationModel } from './BaseAttestationModel';
import { InputClaimModel } from './InputClaimModel';
/**
* Represents a Verifiable Presentation in the input file
*/
export class VerifiablePresentationAttestationModel extends BaseAttestationModel {
/**
* Instantiates a VerifiablePresentationModel
* @param credentialType the type of the Verifiable Credential as specified: https://www.w3.org/TR/vc-data-model/#types
* @param issuers an array of Trusted Issuers for the Verifiable Credential
* @param endorsers an array of Trusted Endorsers for the Verifiable Credential
* @param contracts an array of URLs to approved contracts which return the type of Verifiable Credential
* @param mapping a map of string to InputClaimModel instances
* @param encrypted flag indicating if the attestation is encrypted
* @param claims an array of InputClaimModel values
* @param required a flag indicating whether the attestation is required
*/
constructor (
public credentialType?: string,
public issuers?: TrustedIssuerModel[],
public endorsers?: TrustedIssuerModel[],
public contracts?: string[],
mapping?: { [map: string]: InputClaimModel},
encrypted: boolean = false,
claims?: InputClaimModel[],
required: boolean = false) {
super(mapping, encrypted, claims, required);
}
/**
* Populate an instance of VerifiablePresentationModel from any instance
* @param input object instance to populate from
*/
populateFrom (input: any): void {
super.populateFrom(input);
this.credentialType = input.credentialType;
this.contracts = input.contracts;
if (input.issuers) {
const arr = Array.from(input.issuers);
this.issuers = arr.map(VerifiablePresentationAttestationModel.createTrustedIssuer);
}
if (input.endorsers) {
const arr = Array.from(input.endorsers);
this.endorsers = arr.map(VerifiablePresentationAttestationModel.createTrustedIssuer);
}
}
private static createTrustedIssuer (issuer: any): TrustedIssuerModel {
const t = new TrustedIssuerModel();
t.populateFrom(issuer);
return t;
}
/**
* Creates Model given input claims.
* @param claims Input claims
*/
protected createForInput(claims: InputClaimModel[]): BaseAttestationModel {
return new VerifiablePresentationAttestationModel(
this.credentialType,
this.issuers,
this.endorsers,
this.contracts,
undefined,
this.encrypted,
claims,
this.required
);
}
}

2
runtest.bat Normal file
Просмотреть файл

@ -0,0 +1,2 @@
call npm run build
node .\node_modules\jasmine-ts --config=./tests/jasmine.json

256
tests/RulesModel.spec.ts Normal file
Просмотреть файл

@ -0,0 +1,256 @@
/*---------------------------------------------------------------------------------------------
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License. See License.txt in the project root for license information.
*--------------------------------------------------------------------------------------------*/
import { IdTokenAttestationModel, InputClaimModel, InputModel, IssuanceAttestationsModel, RefreshConfigurationModel, RemoteKeyAuthorizationModel, RemoteKeyModel, RulesModel, SelfIssuedAttestationModel, TransformModel, TrustedIssuerModel, VerifiableCredentialModel, VerifiablePresentationAttestationModel } from '../lib';
describe('TenantSourceFactory', () => {
const RULES = new RulesModel(
'issuer uri',
'issuer',
new IssuanceAttestationsModel(
new SelfIssuedAttestationModel(
{
alias: new InputClaimModel('name', 'string', false, true, new TransformModel('name', 'remote'))
},
false,
undefined,
true
),
[
new VerifiablePresentationAttestationModel(
'CredentialType',
[
new TrustedIssuerModel('trusted issuer 1'),
new TrustedIssuerModel('trusted issuer 2')
],
[
new TrustedIssuerModel('endorser')
],
[
'contract'
],
{
givenName: new InputClaimModel('vc.credentialSubject.givenName'),
familyName: new InputClaimModel('vc.credentialSubject.familyName', 'string', true)
})
],
[
new IdTokenAttestationModel(
'oidc config endpoint',
'clientId',
'redirect',
{
email: new InputClaimModel('upn', 'string', false, true),
name: new InputClaimModel('name')
}
),
]),
86400,
[
new RemoteKeyModel(undefined, undefined, 'x5t', 'pfx', true, new RemoteKeyAuthorizationModel('msi')),
new RemoteKeyModel('kid', 'key', undefined, undefined, true, new RemoteKeyAuthorizationModel('msi')),
],
[
new RemoteKeyModel('kid', 'key', undefined, undefined, false, new RemoteKeyAuthorizationModel('msi')),
],
new RefreshConfigurationModel(604800),
true,
true,
new VerifiableCredentialModel(
['urn:test:context'],
['EmployeeCredential'],
{
put: {
an: 'object',
here: true
}
},
),
true,
[
new TrustedIssuerModel('end1')
]
);
// tslint:disable-next-line:max-func-body-length
describe('RulesModel class serialization', () => {
it('Rules model must roundtrip ', async () => {
const json = JSON.stringify(RULES);
const roundtrip = new RulesModel();
roundtrip.populateFrom(JSON.parse(json));
expect(roundtrip.credentialIssuer).toEqual(RULES.credentialIssuer);
expect(roundtrip.issuer).toEqual(RULES.issuer);
expect(roundtrip.validityInterval).toEqual(RULES.validityInterval);
expect(roundtrip.statusCheckDisabled).toEqual(RULES.statusCheckDisabled);
expect(roundtrip.clientRevocationDisabled).toEqual(RULES.clientRevocationDisabled);
// check endorsers
const rulesEndorsers = <TrustedIssuerModel[]>RULES.endorsers;
const roundtripEndorsers = <TrustedIssuerModel[]>roundtrip.endorsers;
expect(roundtripEndorsers[0].iss).toEqual(rulesEndorsers[0].iss);
// check the refresh values
const roundtripRefresh = <RefreshConfigurationModel>roundtrip.refresh;
const rulesRefresh = <RefreshConfigurationModel>RULES.refresh;
expect(roundtripRefresh).toBeDefined();
expect(rulesRefresh).toBeDefined();
expect(roundtripRefresh.validityInterval).toEqual(rulesRefresh.validityInterval);
expect(roundtrip.minimalDisclosure).toBeTruthy();
// make sure mapping serializes
const roundtripSelfIssued = <SelfIssuedAttestationModel>roundtrip.attestations?.selfIssued;
const rulesSelfIssuedAttestation = <SelfIssuedAttestationModel>RULES.attestations?.selfIssued;
const roundtripSelfIssuedMapping = <any>roundtripSelfIssued.mapping;
expect(roundtripSelfIssued).toBeDefined();
expect(roundtripSelfIssuedMapping).toBeDefined();
expect(roundtripSelfIssued.required).toEqual(rulesSelfIssuedAttestation.required);
expect(Object.keys(roundtripSelfIssuedMapping).length).toEqual(Object.keys(<any>RULES.attestations?.selfIssued?.mapping).length);
// analyze the contents of input claim
const roundtripAlias = <InputClaimModel>roundtrip.attestations?.selfIssued?.mapping?.alias;
const rulesAlias = <InputClaimModel>RULES.attestations?.selfIssued?.mapping?.alias;
expect(roundtripAlias).toBeDefined();
expect(roundtripAlias.indexed).toBeTruthy();
const roundtripTransform = <TransformModel>roundtripAlias.transform;
expect(roundtripTransform).toBeDefined();
expect(roundtripTransform.remote).toBeDefined();
expect(roundtripTransform.remote).toEqual(<string>rulesAlias.transform?.remote);
const roundtripPresentations = <VerifiablePresentationAttestationModel[]>roundtrip.attestations?.presentations;
expect(roundtripPresentations).toBeDefined();
expect(roundtripPresentations.length).toEqual(1);
expect(Object.keys(<any>roundtripPresentations[0].mapping).length).toEqual(2);
const roundtripIdTokens = <IdTokenAttestationModel[]>roundtrip.attestations?.idTokens;
expect(roundtripIdTokens).toBeDefined();
expect(roundtripIdTokens.length).toEqual(1);
expect(Object.keys(<any>roundtripIdTokens[0].mapping).length).toEqual(2);
// decryption keys
const roundtripDecryptionKeys = <RemoteKeyModel[]>roundtrip.decryptionKeys;
expect(roundtripDecryptionKeys).toBeDefined();
expect(roundtripDecryptionKeys.length).toEqual(2);
expect(roundtripDecryptionKeys[0].authorization).toBeDefined();
var decryptionKey = roundtripDecryptionKeys[0];
expect(decryptionKey).toBeDefined();
expect(decryptionKey.authorization).toBeDefined();
expect(decryptionKey.extractable).toBeTruthy();
// signing keys
const roundtripSigningKeys = <RemoteKeyModel[]>roundtrip.signingKeys;
expect(roundtripSigningKeys).toBeDefined();
expect(roundtripSigningKeys.length).toEqual(1);
// vc model compare
const roundtripVc = <VerifiableCredentialModel>roundtrip.vc;
const roundtripContext = <string[]>roundtripVc["@context"];
const rulesContext = <string[]>RULES.vc?.["@context"];
const roundtripType = <string[]>roundtripVc.type;
const rulesType = <string[]>RULES.vc?.type;
const roundtripSubject = <any>roundtripVc.credentialSubject;
const rulesSubject = <any>RULES.vc?.credentialSubject;
expect(roundtripContext).toBeDefined();
expect(roundtripContext.length).toEqual(rulesContext.length);
expect(roundtripType.length).toEqual(rulesType.length);
expect(roundtripSubject.put.here).toBeDefined();
expect(roundtripSubject.put.here).toBe(rulesSubject.put.here);
});
it('Input model must correctly derive from Rules Model ', async () => {
const input = new InputModel(RULES);
expect(input.credentialIssuer).toEqual(RULES.credentialIssuer);
expect(input.issuer).toEqual(RULES.issuer);
expect(input.id).toEqual("input");
// the attestation values need to be correct
const rulesAttestations = <IssuanceAttestationsModel>RULES.attestations;
const inputAttestations = <IssuanceAttestationsModel>input.attestations;
expect(inputAttestations).toBeDefined();
// check the self issued attestation first
const inputSelfIssuedAttestation = <SelfIssuedAttestationModel>inputAttestations.selfIssued;
const rulesSelfIssuedAttestation = <SelfIssuedAttestationModel>rulesAttestations.selfIssued;
expect(inputSelfIssuedAttestation).toBeDefined();
expect(inputSelfIssuedAttestation.encrypted).toEqual(rulesSelfIssuedAttestation.encrypted);
// we are going to build a set of input and rules maps for comparison
const allMaps = [];
// self issued claims
let rulesMap = <any>rulesSelfIssuedAttestation.mapping;
let claims = <InputClaimModel[]>inputSelfIssuedAttestation.claims;
let inputMap:{[index: string]:any} = {} = {};
claims.map((value) => inputMap[value.claim!] = value);
allMaps.push({ rules: rulesMap, input: inputMap });
// idtokens
const inputIdTokens = <IdTokenAttestationModel[]>inputAttestations.idTokens;
const rulesIdTokens = <IdTokenAttestationModel[]>rulesAttestations.idTokens;
expect(inputIdTokens).toBeDefined();
for (let i = 0; i < rulesIdTokens.length; i++) {
expect(inputIdTokens[i].encrypted).toEqual(rulesIdTokens[i].encrypted);
rulesMap = rulesIdTokens[i].mapping;
claims = <InputClaimModel[]>inputIdTokens[i].claims;
inputMap = {};
claims.map((value) => inputMap[value.claim!]= value);
allMaps.push({ rules: rulesMap, input: inputMap });
}
// verifiable presentations
const inputPresentations = <VerifiablePresentationAttestationModel[]>inputAttestations.presentations;
const rulesPresentations = <VerifiablePresentationAttestationModel[]>rulesAttestations.presentations;
expect(inputPresentations).toBeDefined();
for (let i = 0; i < rulesPresentations.length; i++) {
expect(inputPresentations[i].encrypted).toEqual(rulesPresentations[i].encrypted);
rulesMap = rulesPresentations[i].mapping;
claims = <InputClaimModel[]>inputPresentations[i].claims;
inputMap = {};
claims.map((value) => inputMap[value.claim!]= value);
allMaps.push({ rules: rulesMap, input: inputMap });
}
// evaluate all rules/input pairs
allMaps.forEach((mapsToCompare) => {
// foreach value in rulesMap, it must exist in inputMap
Object.keys(mapsToCompare.rules).forEach((key: string) => {
let value = mapsToCompare.rules[key];
let lookupKey = <string>value.claim;
expect(mapsToCompare.input[lookupKey]).toBeDefined();
// evaluate claim values
let inputClaim = mapsToCompare.input[lookupKey];
expect(inputClaim).toBeDefined();
expect(inputClaim.claim).toEqual(value.claim);
expect(inputClaim.required).toEqual(value.required);
expect(inputClaim.type).toEqual(value.type);
});
});
});
it('should pass populating the VerifiableCredentialModel without context ', async () => {
const vcModel = new VerifiableCredentialModel();
vcModel.populateFrom({});
expect(vcModel).toBeDefined();
});
it('should pass populating the VerifiablePresentationAttestationModel without context ', async () => {
const vpModel = new VerifiablePresentationAttestationModel();
vpModel.populateFrom({});
expect(vpModel).toBeDefined();
});
});
});