forked from LegReq/authorization-capabilities-poc
-
Notifications
You must be signed in to change notification settings - Fork 0
/
index.js
110 lines (77 loc) · 3.43 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
import {
generateEd25519Key,
keyToDID,
keyToVerificationMethod,
delegateCapability,
invokeCapability,
verifyInvocation,
resolveDID,
verifyDelegation,
} from '@spruceid/didkit-wasm-node';
const rootCapabilityJWK = generateEd25519Key();
const capControllerDID = keyToDID("key", rootCapabilityJWK);
console.log("Root Cap JWK :", rootCapabilityJWK);
console.log("Root Cap DID :", capControllerDID);
const didDoc = await resolveDID(capControllerDID, "{}");
// console.log(DIDAuth)did:key:z6Mkn3X6Kdh9AZuV84MJhj9yA6qMT6Sgm1puwFi7N81717dS
console.log("Root Cap DID Doc \n", didDoc);
let rootCapability = {
"@context": "https://w3id.org/security/v2",
"id": "urn:zcap:root:https%3A%2F%2Fexample.com%2Ffoo",
"controller": capControllerDID,
"invocationTarget": "https://example.com/foo"
};
const capDelegationVM = await keyToVerificationMethod('key', rootCapabilityJWK);
console.log("Cap Delegation Verification Method", capDelegationVM);
console.log("Root Capability : \n", rootCapability);
let capDelegationLinkedDataProofOptions = {
"verificationMethod": capDelegationVM,
"proofPurpose": "capabilityDelegation"
};
const delegationJWK = generateEd25519Key();
const delegationDID = keyToDID("key", delegationJWK);
console.log("Delegate to DID : ", delegationDID);
let capabilityToDelegate = {
// TODO: Not sure why we don't need https://w3id.org/zcap/v1 copnt
// "@context": [
// "https://w3id.org/security/v2",
// "https://w3id.org/zcap/v1"
// ],
"@context": "https://w3id.org/security/v2",
"id": "urn:uuid:cdc77118-6bfa-11ec-aceb-10bf48838a41",
"parentCapability": "urn:zcap:root:https%3A%2F%2Fexample.com%2Ffoo",
"controller": delegationDID,
"invocationTarget": "https://example.com/foo",
"expires": "2023-11-03T18:33:51Z",
"allowedAction": [
"write",
"read"
],
};
console.log("Capability to delegate\n", capabilityToDelegate);
const jsonCap = JSON.stringify(capabilityToDelegate);
let result = await delegateCapability(jsonCap, JSON.stringify(capDelegationLinkedDataProofOptions), JSON.stringify([rootCapability.id]), rootCapabilityJWK);
let delegatedCapability = JSON.parse(result);
console.log("Delegated Capability \n", delegatedCapability);
let verificationResult = await verifyDelegation(JSON.stringify(delegatedCapability));
console.log("Delegation Successful ? : ", verificationResult);
//////////////////////////////////////////////////////////////////////////////////////////
// Capability Invocation
//////////////////////////////////////////////////////////////////////////////////////////
console.log("Capability to invoke :\n", delegatedCapability)
const capInvocationVM = await keyToVerificationMethod('key', delegationJWK);
console.log("Cap Invocation Verification Method", capInvocationVM);
let capInvocationLinkedDataProofOptions = {
"verificationMethod": capInvocationVM,
"proofPurpose": "capabilityInvocation"
};
const invocation = {
"@context": "https://w3id.org/security/v2",
"id": "urn:uuid:ad86cb2c-e9db-434a-beae-71b82120a8a4",
"capabilityAction": "write",
};
console.log("Unsigned Invocation \n",invocation);
let capInvocation = await invokeCapability(JSON.stringify(invocation), delegatedCapability.id, JSON.stringify(capInvocationLinkedDataProofOptions), delegationJWK);
console.log("Invocation\n", capInvocation);
let invVerificationResult = await verifyInvocation(capInvocation,JSON.stringify(delegatedCapability));
console.log("Invocation Verification", invVerificationResult);