Merge pull request #347 from docknetwork/fix/jwt-with-resolver

Fix verifying JWT credentials using Dock DID resolver

package.json

@@ -1,6 +1,6 @@
 {
   "name": "@docknetwork/sdk",
-  "version": "4.0.0",
+  "version": "4.0.1",
   "main": "index.js",
   "license": "MIT",
   "repository": {

src/utils/vc/credentials.js

@@ -8,7 +8,7 @@ import { getAndValidateSchemaIfPresent } from './schema';
 import { isRevocationCheckNeeded, checkRevocationStatus } from '../revocation';
 import DIDResolver from '../../did-resolver'; // eslint-disable-line
 
-import { getSuiteFromKeyDoc, expandJSONLD } from './helpers';
+import { getSuiteFromKeyDoc, expandJSONLD, getKeyFromDIDDocument } from './helpers';
 import { DEFAULT_CONTEXT_V1_URL, credentialContextField } from './constants';
 import { ensureValidDatetime } from '../type-helpers';
 
@@ -275,7 +275,8 @@ export async function verifyCredential(vcJSONorString, {
       throw new Error('No kid in JWT header');
     }
 
-    const { document: keyDocument } = await docLoader(header.kid);
+    const { document: didDocument } = await docLoader(header.kid);
+    const keyDocument = getKeyFromDIDDocument(didDocument, header.kid);
     const keyDocSuite = await getSuiteFromKeyDoc(keyDocument, false, { detached: false, header });
     const verified = await keyDocSuite.verifySignature({
       verifyData: new Uint8Array(Buffer.from(jwtSplit[1], 'utf8')),

src/utils/vc/helpers.js

@@ -95,3 +95,22 @@ export async function expandJSONLD(credential, options = {}) {
   });
   return expanded[0];
 }
+
+export function potentialToArray(a) {
+  /* eslint-disable no-nested-ternary */
+  return a ? (Array.isArray(a) ? a : [a]) : [];
+}
+
+export function getKeyFromDIDDocument(didDocument, didUrl) {
+  // Ensure not already a key doc
+  if (didDocument.publicKeyBase58 || didDocument.publicKeyMultibase || didDocument.publicKeyJwk || (didDocument.publicKey && !Array.isArray(didDocument.publicKey))) {
+    return didDocument;
+  }
+
+  const possibleKeys = [
+    ...potentialToArray(didDocument.verificationMethod),
+    ...potentialToArray(didDocument.keyAgreement),
+    ...potentialToArray(didDocument.publicKey),
+  ];
+  return possibleKeys.filter((key) => key.id === didUrl)[0];
+}

tests/integration/issuing.test.js

@@ -119,4 +119,25 @@ describe('Verifiable Credential issuance where issuer has a Dock DID', () => {
       ),
     );
   }, 40000);
+
+  test('(JWT) Issue a verifiable credential with ed25519 key and verify it', async () => {
+    const issuerKey = getKeyDoc(issuer1DID, dock.keyring.addFromUri(issuer1KeySeed, null, 'ed25519'), 'Ed25519VerificationKey2018');
+    const credential = await issueCredential(issuerKey, unsignedCred, true, null, null, null, null, false, 'jwt');
+    const result = await verifyCredential(credential, { resolver });
+    expect(result.verified).toBeTruthy();
+  }, 40000);
+
+  test('(JWT) Issue a verifiable credential with secp256k1 key and verify it', async () => {
+    const issuerKey = getKeyDoc(issuer2DID, generateEcdsaSecp256k1Keypair(issuer2KeyEntropy), 'EcdsaSecp256k1VerificationKey2019');
+    const credential = await issueCredential(issuerKey, unsignedCred, true, null, null, null, null, false, 'jwt');
+    const result = await verifyCredential(credential, { resolver });
+    expect(result.verified).toBeTruthy();
+  }, 40000);
+
+  test('(JWT) Issue a verifiable credential with sr25519 key and verify it', async () => {
+    const issuerKey = getKeyDoc(issuer3DID, dock.keyring.addFromUri(issuer3KeySeed, null, 'sr25519'), 'Sr25519VerificationKey2020');
+    const credential = await issueCredential(issuerKey, unsignedCred, true, null, null, null, null, false, 'jwt');
+    const result = await verifyCredential(credential, { resolver });
+    expect(result.verified).toBeTruthy();
+  }, 40000);
 });