npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@datasign/siop

v0.7.1

Published

A cross-platform library for OIDC SIOP v2 (OpenID Connect Self-Issued Identity Provider for Decentralized Identities).

Downloads

8

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

somaysomayyuichiotayuichiota

Keywords

SSIDIDSIOPSIOPv2OpenIDConnectOIDCOIDC4VPreactnativereact-native

Readme

@datasign/siop

codecov

Yet another SIOP library! It focuses to provide clean and universal APIs to implement the SIOP authentication flow in DID wallets. It runs on browser environments as well as on mobile devices.

Targeting Specifications

  • https://identity.foundation/did-siop/ (deprecated)
  • https://openid.net/specs/openid-connect-self-issued-v2-1_0.html (still in draft)

Install

  1. yarn add @datasign/siop

It works both for React Native and the browser environments. No React Native polyfills are needed.

Usage

import Provider from '@datasign/siop';
import {SIOPError, SIOPRequestValidationError, SIOPResponseGenerationError} from '@datasign/siop';
import {getResolver as getWebResolver} from 'web-did-resolver';

...
        // Assume we've received this url from RP.
        const siopRequest = 'https://example.com/deeplink?response_type=id_token&scope=openid%20did_authn&client_id=<...>&request_uri=<...>';
        try {
          const idTokenExpiresIn = 3600;
          const resolver = new Resolver({...getWebResolver()});
          // Instantiate Self-Issued OpenID Provider.
          const provider = new Provider(idTokenExpiresIn, resolver);
          // Parse and validate the SIOP request coming from RP.
          // You can also pass a parameter parsed by react-navigation.
          const {clientId, iss, kid} = await provider.receiveRequest(siopRequest);

          // Generate a SIOP response.
          // You can choose your personas based on the information returned above.
          let location = await provider.generateResponse(
            'did:example:persona1',
            keyPair,  // keyPair generated by the elliptic library
            // You can include additional fields into id token in the return value.
            {vp_uri: 'https://credentials.example.xyz/12345'}
          );
          // You can use `location` directly as a redirect url to RP.
          await Linking.openURL(location);
        } catch (error) {
          if (error instanceof SIOPError) {
              if (error instanceof SIOPRequestValidationError) {
                  // `error` was throwed at `receiveRequest()` in this case.
                  console.error(error.error)
                  console.error(error.invalidField)
                  console.error(error.invalidValue)
              }
              else if (error instanceof SIOPResponseGenerationError) {
                  // `error` was throwed at `generateResponse()`.
                  console.error(error)
              }
              // Generate a redirect url to use as the error response to the RP.
              location = error.toResponse();
              await Linking.openURL(location);
          }
        }

Limitation / Future Tasks

  • We do not support JWE both for ID tokens and SIOP requests.
  • Currently we only support secp256k1 ECC keys. RP can use other types of keys.
  • Some parameter validations are omitted. These are:
    • Asserting jwks in registration parameter contains iss in request objects.
    • Additional did authn verification when kids in request object and jwt header are different.
  • Protocol negotiation based on the registration parameter is skipped.