Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
What's new
7
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Open sidebar
ESSIF-Lab
TNO SSI Service
SSI Service Backend
Commits
8de542ab
Commit
8de542ab
authored
May 14, 2020
by
Hidde-Jan Jongsma
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Add decoding request jwts
parent
e013aaec
Changes
5
Hide whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
157 additions
and
1 deletion
+157
-1
src/requests/credential-issue-request.ts
src/requests/credential-issue-request.ts
+25
-0
src/requests/credential-verify-request.ts
src/requests/credential-verify-request.ts
+19
-0
src/requests/requests.module.ts
src/requests/requests.module.ts
+7
-1
src/requests/requests.service.spec.ts
src/requests/requests.service.spec.ts
+18
-0
src/requests/requests.service.ts
src/requests/requests.service.ts
+88
-0
No files found.
src/requests/credential-issue-request.ts
0 → 100644
View file @
8de542ab
import
uuidv4
from
'
uuid/v4
'
;
interface
CredentialData
{
[
key
:
string
]:
string
|
number
|
boolean
|
null
;
}
export
interface
CredentialIssueRequestData
{
iss
:
string
;
type
:
string
;
data
:
CredentialData
;
callbackUrl
:
string
;
// the REST api of the verifier where to deliver the credential data
}
export
class
CredentialIssueRequest
{
requestId
:
string
;
constructor
(
protected
issuerId
:
string
,
public
credentialType
:
string
,
public
credentialData
:
CredentialData
,
public
callbackUrl
:
string
,
)
{
this
.
requestId
=
`credential-issue-request-
${
uuidv4
()}
`
;
}
}
src/requests/credential-verify-request.ts
0 → 100644
View file @
8de542ab
import
uuidv4
from
'
uuid/v4
'
;
export
interface
CredentialVerifyRequestData
{
iss
:
string
;
type
:
string
;
callbackUrl
:
string
;
// the REST api of the verifier where to deliver the credential data
}
export
class
CredentialVerifyRequest
{
requestId
:
string
;
constructor
(
protected
verifierId
:
string
,
public
credentialType
:
string
,
public
callbackUrl
:
string
,
)
{
this
.
requestId
=
`credential-verify-request-
${
uuidv4
()}
`
;
}
}
src/requests/requests.module.ts
View file @
8de542ab
import
{
Module
}
from
'
@nestjs/common
'
;
import
{
RequestsService
}
from
'
./requests.service
'
;
import
{
OrganizationsModule
}
from
'
../organizations/organizations.module
'
;
@
Module
({})
@
Module
({
imports
:
[
OrganizationsModule
],
providers
:
[
RequestsService
],
exports
:
[
RequestsService
],
})
export
class
RequestsModule
{}
src/requests/requests.service.spec.ts
0 → 100644
View file @
8de542ab
import
{
Test
,
TestingModule
}
from
'
@nestjs/testing
'
;
import
{
RequestsService
}
from
'
./requests.service
'
;
describe
(
'
RequestsService
'
,
()
=>
{
let
service
:
RequestsService
;
beforeEach
(
async
()
=>
{
const
module
:
TestingModule
=
await
Test
.
createTestingModule
({
providers
:
[
RequestsService
],
}).
compile
();
service
=
module
.
get
<
RequestsService
>
(
RequestsService
);
});
it
(
'
should be defined
'
,
()
=>
{
expect
(
service
).
toBeDefined
();
});
});
src/requests/requests.service.ts
0 → 100644
View file @
8de542ab
import
{
Injectable
}
from
'
@nestjs/common
'
;
import
{
decode
,
verify
}
from
'
jsonwebtoken
'
;
import
{
OrganizationsService
}
from
'
src/organizations/organizations.service
'
;
import
{
Organization
}
from
'
src/organizations/organization.entity
'
;
import
{
CredentialVerifyRequest
,
CredentialVerifyRequestData
,
}
from
'
./credential-verify-request
'
;
import
{
CredentialIssueRequest
,
CredentialIssueRequestData
,
}
from
'
./credential-issue-request
'
;
export
class
InvalidRequestJWT
extends
Error
{}
const
JWT_MAX_AGE
=
'
300s
'
;
@
Injectable
()
export
class
RequestsService
{
constructor
(
private
organizationsService
:
OrganizationsService
)
{}
async
decodeVerifyRequestToken
(
jwt
:
string
)
{
const
{
request
,
requestor
}
=
await
this
.
decodeAndVerifyJwt
<
CredentialVerifyRequestData
>
(
jwt
);
return
{
verifyRequest
:
new
CredentialVerifyRequest
(
request
.
iss
,
request
.
type
,
request
.
callbackUrl
,
),
verifier
:
requestor
,
};
}
async
decodeIssueRequestToken
(
jwt
:
string
)
{
const
{
request
,
requestor
}
=
await
this
.
decodeAndVerifyJwt
<
CredentialIssueRequestData
>
(
jwt
);
return
{
issueRequest
:
new
CredentialIssueRequest
(
request
.
iss
,
request
.
type
,
request
.
data
,
request
.
callbackUrl
,
),
issuer
:
requestor
,
};
}
async
decodeAndVerifyJwt
<
T
>
(
jwt
:
string
,
):
Promise
<
{
request
:
T
;
requestor
:
Organization
}
>
{
try
{
// First decode to extract issuer
const
decoded
=
decode
(
jwt
,
{
json
:
true
});
// Check if issuer is set
if
(
!
decoded
||
!
decoded
.
iss
)
{
throw
new
Error
(
'
Could not decode issuer
'
);
}
const
requestor
=
await
this
.
organizationsService
.
findByIdentifier
(
decoded
.
iss
,
);
if
(
!
requestor
)
{
throw
new
Error
(
'
Could not find requestor
'
);
}
// Verify that jwt is signed by specified issuer
const
request
=
verify
(
jwt
,
requestor
.
sharedSecret
,
{
maxAge
:
JWT_MAX_AGE
,
});
if
(
typeof
request
===
'
string
'
)
{
throw
new
Error
(
`String returned '
${
request
}
'. Expecting json object`
);
}
return
{
request
,
requestor
};
}
catch
(
e
)
{
throw
new
InvalidRequestJWT
(
'
Could not decode request JWT
'
);
}
}
}
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment