import type { EbsiUriConfiguration } from "@cef-ebsi/ebsi-uri"; import type { EBSIVerifiableAccreditationRecord } from "@cef-ebsi/vcdm1.1-accreditation-schema"; import type { EBSIVerifiableAttestation } from "@cef-ebsi/vcdm1.1-attestation-schema"; import type { EBSIStatusList2021Credential } from "@cef-ebsi/vcdm1.1-revocation-statuslist-schema"; import type { RawAxiosRequestHeaders } from "axios"; import type { JWTPayload, Signer } from "did-jwt"; /** * `createVerifiableCredentialJwt` options */ export interface CreateVerifiableCredentialOptions { /** * Custom Axios request headers */ axiosHeaders?: RawAxiosRequestHeaders; /** * Time in seconds expanding the validity period of the JWT, both before "nbf" and after "exp". Default : 0 second. * Note: the did-jwt library uses a similar `skewTime` parameter with a default value of 5 minutes (300 seconds). */ clockSkew?: number; /** * Extra credentialSchema types. By default, the library only supports "FullJsonSchemaValidator2021" and "JsonSchema". * The library is not responsible for validating these extra types. */ extraCredentialSchemaTypes?: string[]; /** * Additional header parameters to add to the JWT header */ header?: Record; /** * Determines whether to validate the accreditations of the VC issuer or not. * Validation is active by default. * @defaultValue false */ skipAccreditationsValidation?: boolean; /** * Determines whether to validate the credential subject or not * Validation is active by default. */ skipCredentialSubjectValidation?: boolean; /** * Determines whether to validate the credential status or not * Validation is active by default. * @defaultValue false */ skipStatusValidation?: boolean; /** * Determines whether to validate the Verifiable Credential payload or not. * Validation is active by default. * * Note: even when skipValidation is set to true, the payload must be a valid * EBSI Verifiable Attestation. * @defaultValue false */ skipValidation?: boolean; /** * Credential subject. This parameter is mandatory if the payload's `credentialSubject` is an array. * It must correspond to one of the IDs in the payload's `credentialSubject` array. */ sub?: string; /** * Axios requests timeout (in milliseconds). Default: 15 seconds */ timeout?: number; /** * Unix timestamp. Optional comparison date. Default: current date and time. * For the JWT to be valid, `nbf` ≤ `validAt` ≤ `exp`. */ validAt?: number; } export interface EbsiEnvConfiguration extends EbsiUriConfiguration { /** * List of trusted hosts running the EBSI Core Services APIs. * If a host does not respond, the next one in the list will be called. */ hosts: string[]; /** * List of trusted services with their respective version number (e.g. "v5"). */ services: NonNullable< EbsiUriConfiguration["services"] >; } /** * Information about the issuer (DID, kid, public and private JWKs, alg) */ export interface EbsiIssuer< Alg extends "EdDSA" | "ES256" | "ES256K" = "EdDSA" | "ES256" | "ES256K", > { // One of https://www.iana.org/assignments/jose/jose.xhtml#web-signature-encryption-algorithms alg: Alg; did: string; kid: string; signer: Signer; } // Type aliases export type EbsiStatusList2021Credential = EBSIStatusList2021Credential; export type EbsiVerifiableAccreditation = EBSIVerifiableAccreditationRecord; export type EbsiVerifiableAttestation = EBSIVerifiableAttestation; // List of EBSI services that will be used by the library export type Service = | "did-registry" | "trusted-issuers-registry" | "trusted-policies-registry" | "trusted-schemas-registry"; export interface VcJwtPayload extends JWTPayload { iss: string; jti: string; vc: EbsiVerifiableAttestation; } /** * `verifyCredentialJwt` options */ export interface VerifyCredentialOptions { /** * Custom Axios request headers */ axiosHeaders?: RawAxiosRequestHeaders; /** * Time in seconds expanding the validity period of the JWT, both before "nbf" and after "exp". Default : 0 second. * Note: the did-jwt library uses a similar `skewTime` parameter with a default value of 5 minutes (300 seconds). */ clockSkew?: number; /** * Extra credentialSchema types. By default, the library only supports "FullJsonSchemaValidator2021" and "JsonSchema". * The library is not responsible for validating these extra types. */ extraCredentialSchemaTypes?: string[]; /** * Determines whether the JSON to JWT transformation will remove the * original fields from the input payload. * See https://www.w3.org/TR/vc-data-model/#jwt-encoding * @defaultValue true */ removeOriginalFields?: boolean; /** * Determines whether to validate the accreditations of the VC issuer or not. * Validation is active by default. * @defaultValue false */ skipAccreditationsValidation?: boolean; /** * Determines whether to validate the credential subject or not * Validation is active by default. */ skipCredentialSubjectValidation?: boolean; /** * Determines whether to validate the credential status or not. * Validation is active by default. * @defaultValue false */ skipStatusValidation?: boolean; /** * Axios requests timeout (in milliseconds). Default: 15 seconds */ timeout?: number; /** * Unix timestamp. Optional comparison date. Default: current date and time. * For the JWT to be valid, `nbf` ≤ `validAt` ≤ `exp`. */ validAt?: number; /** * Determines whether or not to validate the issuer's accreditations when `termsOfUse` is missing. * @defaultValue false */ validateAccreditationWithoutTermsOfUse?: boolean; }