-
Notifications
You must be signed in to change notification settings - Fork 7
/
Copy pathJWTCredentialPlugin.swift
77 lines (69 loc) · 2.51 KB
/
JWTCredentialPlugin.swift
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
import Domain
import Foundation
import JSONWebKey
import JSONWebToken
import JSONWebSignature
struct JWTCredentialPlugin: CredentialPlugin {
let version = "0.1"
let credentialType = "jwt"
let supportedOperations = [
"offer",
"offer-credential",
"issue",
"issue-credential"
]
func requiredOptions(operation: String) -> [Domain.CredentialOperationsOptions] {
[]
}
func operation(
type: String,
format: String?,
payload: Data?,
options: [Domain.CredentialOperationsOptions]
) async throws -> Domain.OperationResult {
guard let payload else { throw PolluxError.invalidJWTCredential }
switch type {
case "offer", "offer-credential":
let processedJWTCredentialRequest = try await processJWTCredentialRequest(
offerData: payload,
options: options
)
return try .forward(
type: "request-credential",
format: format,
payload: processedJWTCredentialRequest.tryToData()
)
case "issue", "issue-credential":
return try await .credential(createCredential(payload))
default:
throw PolluxError.unsupportedIssuedMessage
}
}
func createCredential(_ credentialData: Data) async throws -> Credential {
try JWTCredential(data: credentialData)
}
func credential(_ imported: Data) async throws -> Credential {
try JWTCredential(data: imported)
}
private func processJWTCredentialRequest(offerData: Data, options: [CredentialOperationsOptions]) async throws -> String {
guard
let subjectDIDOption = options.first(where: {
if case .subjectDID = $0 { return true }
return false
}),
case let CredentialOperationsOptions.subjectDID(did) = subjectDIDOption
else {
throw PolluxError.invalidPrismDID
}
guard
let exportableKeyOption = options.first(where: {
if case .exportableKey = $0 { return true }
return false
}),
case let CredentialOperationsOptions.exportableKey(exportableKey) = exportableKeyOption
else {
throw PolluxError.requiresExportableKeyForOperation(operation: "Create Credential Request")
}
return try await CreateJWTCredentialRequest.create(didStr: did.string, key: exportableKey, offerData: offerData)
}
}