The DID Auth SIOP typescript library is still in an alpha state at this point. Please note that the interfaces might still change a bit as the software still is in active development.
Bugfix release, fixing RPBuilder export and a client_id bug when not explicitly provided to the RP.
- Fixed:
- Changed RPBuilder default export to a named export
- Fix #54. The client_id took the whole registration object, instead of the client_id in case it was not provided explicitly
- Updated:
- SSI-types have been updated to the latest version.
This release contains many breaking changes. Sorry for these, but this library still is in active development, as reflected by the major version still being 0. A lot of code has been refactored. Now certain classes have state, instead of passing around objects between static methods.
- Added:
- Allow to restrict selecting VCs against Formats not communicated in a presentation definition. For instance useful for filtering against a OID4VP RP, which signals support for certain Formats, but uses a definition which does not include this information
- Allow to restrict selecting VCs against DID methods not communicated in a presentation definition. For instance useful for filtering against a OID4VP RP, which signals support for certain DID methods, but uses a definition which does not include this information
- Allow passing in submission data separately from a VP. Again useful in a OID4VP situation, where presentation submission objects can be transferred next to the VP instead if in the VP
- A simple session/state manager for the RP side. This allows to find back definitions for responses coming back in. As this is a library the only implementation is an in memory implementation. It is left up to implementers to create their persistent implementations
- Added support for new version of the spec
- Support for JWT VC Presentation Profile
- Support for DID domain linkage
- Removed:
- Several dependencies have been removed or moved to development dependencies. Mainly the cryptographic libraries have been removed
- Changed:
- Requests and responses now contain state and can be instantiated from scratch/options or from an actual payload
- Schema's for AJV are now compiled at build time, instead of at runtime.
- Fixed:
- JSON-LD contexts where not always fetched correctly (Github for instance)
- Signature callback function was not always working after creating copies of data
- React-native not playing nicely with AJV schema's
- JWT VCs/VPs were not always handled correctly
- Submission data contained several errors
- Holder was sometimes missing from the VP
- Too many other fixes to list
- Updated:
- Updated some dependencies
- Updated:
- Updated some dependencies
- Fixed:
- We did not check the proper claims in an AuthResponse to determine the key type, resulting in an invalid JWT header
- Removed some remnants of the DID-jwt fork
- Updated:
- Update to PEX 1.1.2
- Update several other deps
- Fixed:
- Only throw a PEX error in case PEX itself has flagged the submission to be in error
- Use nonce from request in response if available
- Remove DID-JWT fork as the current version supports SIOPv2 iss values
- Added:
- Add default resolver support to builder
- Fixed:
- Remove did-jwt dependency, since we use an internal fork for the time being anyway
- Fixed:
- Revert back to commonjs
- Added:
- Supplied withSignature support. Allowing to integrate withSignature callbacks, next to supplying private keys or using external custodial signing with authn/authz
- Updated:
- Update @sphereon/pex to the latest stable version v1.0.2
- Moved did-key dep to dev dependency and changed to @digitalcredentials/did-method-key
- Updated:
- Update @sphereon/pex to latest stable version v1.0.1
-
Fixed:
- Check nonce and did support first before verifying JWT
-
Updated:
- Updated PEX dependency that fixed a JSON-path bug impacting us
- Updated:
- Updated dependencies
- Updated:
- Presentation Exchange updated to latest PEX version 0.5.x. The eventual Presentation is not a VP yet (proof will be in next minor release)
- Update Uni Resolver client to latest version 0.3.3
-
Added:
- Presentation Exchange support [OpenID Connect for Verifiable Presentations(https://openid.net/specs/openid-connect-4-verifiable-presentations-1_0.html)
-
Fixed:
- Many bug fixes (see git history)
- Fixed:
- Packaging fix for the did-jwt fork we include for now
This is the first Alpha release of the DID Auth SIOP typescript library. Please note that the interfaces might still change a bit as the software still is in active development.
-
Alpha release:
- Low level Auth Request and Response service classes
- High Level OP and RP role service classes
- Support for most of SIOPv2
-
Planned for Beta: