npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@sphereon/ssi-sdk-did-auth-siop-authenticator

v0.11.0

Published

<!--suppress HtmlDeprecatedAttribute --> <h1 align="center"> <br> <a href="https://www.sphereon.com"><img src="https://sphereon.com/content/themes/sphereon/assets/img/logo.svg" alt="Sphereon" width="400"></a> <br>DID Auth SIOP OP Authenticator (Type

Downloads

79

Readme


Warning: This package still is in very early development. Breaking changes without notice will happen at this point!


A Veramo authentication plugin using the Self Issued OpenID Provider v2 (SIOP) authentication library for having clients / people conforming to the Self Issued OpenID Provider v2 (SIOPv2) and OpenID Connect for Verifiable Presentations (OIDC4VP) as specified in the OpenID Connect working group.

Self Issued OpenID Provider v2 (SIOP)

For more information about Self Issued OpenID Provider v2 (SIOP), see the documentation in the readme.

Requirements

For this plugin a DID resolver is also required. A DID resolver can be added to the agent as plugin as seen in the example below.

Available functions

  • getSessionForSiop
  • registerSessionForSiop
  • removeSessionForSiop
  • registerCustomApprovalForSiop
  • removeCustomApprovalForSiop
  • authenticateWithSiop
  • getSiopAuthorizationRequestFromRP
  • getSiopAuthorizationRequestDetails
  • verifySiopAuthorizationRequestURI
  • sendSiopAuthorizationResponse

The following functions can also be used on the session object without the need of a session id first.

  • authenticateWithSiop
  • getSiopAuthorizationRequestFromRP
  • getSiopAuthorizationRequestDetails
  • verifySiopAuthorizationRequestURI
  • sendSiopAuthorizationResponse

Usage

Adding the plugin to an agent:

import { IDidAuthSiopOpAuthenticator } from '@sphereon/ssi-sdk-did-auth-siop-authenticator'
import { Resolver } from 'did-resolver'
import { getDidKeyResolver } from '@veramo/did-provider-key'
import { DIDResolverPlugin } from '@veramo/did-resolver'
import { getUniResolver } from '@sphereon/did-uni-client'

const agent = createAgent<IDidAuthSiopOpAuthenticator & IResolver>({
  plugins: [
    new DidAuthSiopOpAuthenticator(),
    new DIDResolverPlugin({
      resolver: new Resolver({
        ...getDidKeyResolver(),
        ...getUniResolver('lto', { resolveUrl: 'https://uniresolver.test.sphereon.io/1.0/identifiers' }),
        ...getUniResolver('factom', { resolveUrl: 'https://uniresolver.test.sphereon.io/1.0/identifiers' }),
      }),
    }),
  ],
})

Get an OP session:

const sessionId = 'example_session_id'
const opSession = await agent.getSessionForSiop({
  sessionId,
})

Register an OP session:

const sessionId = 'example_session_id'
const identifier = {
  did: 'did:ethr:0xb9c5714089478a327f09197987f16f9e5d936e8a',
  provider: 'example_provider',
  controllerKeyId: `did:ethr:0xb9c5714089478a327f09197987f16f9e5d936e8a#controller`,
  keys: [
    {
      kid: `did:ethr:0xb9c5714089478a327f09197987f16f9e5d936e8a#controller`,
      kms: 'example_kms',
      type: 'Ed25519' as const,
      publicKeyHex: '1e21e21e...',
      privateKeyHex: 'elfcvtswdbn...',
    },
  ],
  services: [],
}

const opSession = await agent.registerSessionForSiop({
  sessionId,
  identifier,
})

Remove an OP session:

const sessionId = 'example_session_id'
const opSession = await agent.removeSessionForSiop({
  sessionId,
})

Authenticate with DID auth SIOP:

It is possible to register custom approval functions as an extra confirmation before sending the authentication response. These functions can then be used as an optional parameter. It is also possible to directly provide a custom approval function.

These custom approval functions can also be provided at agent creation.

await agent.registerCustomApprovalForSiop({
  key: 'example_key',
  customApproval: (verifiedAuthorizationRequest: VerifiedAuthorizationRequest) => Promise.resolve(),
})
const sessionId = 'example_session_id'
const stateId = 'example_state_id'
const redirectUrl = 'https://example.com'
const customApprovalKey = 'example_key'
const authenticationResponse = await agent.authenticateWithSiop({
  sessionId,
  stateId,
  redirectUrl,
  customApproval: customApprovalKey,
})
const authenticationResponse = await agent.authenticateWithSiop({
  sessionId,
  stateId,
  redirectUrl,
  customApproval: (verifiedAuthorizationRequest: VerifiedAuthorizationRequest) => {
    return Promise.resolve()
  },
})

Get authorization request from the relying party:

For more detailed information see: Self Issued OpenID Provider v2 (SIOP)

const sessionId = 'example_session_id'
const stateId = 'example_state_id'
const redirectUrl = 'https://example.com'
const authorizationRequest = await agent.getSiopAuthorizationRequestFromRP({
  sessionId,
  stateId,
  redirectUrl,
})

Get authorization request details:

For more detailed information see: Self Issued OpenID Provider v2 (SIOP)

const sessionId = 'example_session_id'
const authorizationRequestDetailsResponse = await agent.getSiopAuthorizationRequestDetails({
  sessionId,
  verifiedAuthorizationRequest: createAuthorizationResponse,
})

Verify authorization request URI:

For more detailed information see: Self Issued OpenID Provider v2 (SIOP)

const sessionId = 'example_session_id'
const verifiedAuthorizationResponse = await agent.verifySiopAuthorizationRequestURI({
  sessionId,
  requestURI: createAuthorizationResponse,
})

Send authorization response:

For more detailed information see: Self Issued OpenID Provider v2 (SIOP)

const sessionId = 'example_session_id'
const authorizationResponse = await agent.sendSiopAuthorizationResponse({
  sessionId,
  verifiedAuthorizationRequest: verifiedAuthorizationResponse,
})

Installation

yarn add @sphereon/ssi-sdk-did-auth-siop-authenticator

Build

yarn build