@zedeid-sdk/zedeid-did-siop-lib

## Overview ## This implements _Self Issued OpenId Connect Provider (SIOP)_ for _Decentralized Identities (DIDs)_. The library contains two components, **RP (Relying Party)** and **Provider**. Provider is intended to be used inside any piece of software w

Usage no npm install needed!

<script type="module">
  import zedeidSdkZedeidDidSiopLib from 'https://cdn.skypack.dev/@zedeid-sdk/zedeid-did-siop-lib';
</script>

README

zedeid-did-siop

Also available via: https://cdn.jsdelivr.net/npm/@zedeid-sdk/zedeid-did-siop-lib/dist/browser/did-siop.js

Overview

This implements Self Issued OpenId Connect Provider (SIOP) for Decentralized Identities (DIDs). The library contains two components, RP (Relying Party) and Provider. Provider is intended to be used inside any piece of software which will provide DID SIOP authentication and RP can be used by relying parties (client apps) to utilize DID SIOP authentication. This library can be used in both client-side (browser) and server-side (Node.js) applications.

Following are the primary specifications followed by this implementation.

Additionally this library can be used in authentication code flow

Usage (Implicit flow)

RP

import {RP} from "@zedeid-sdk/zedeid-did-siop-lib"

//create a RP instance
const relyingParty = new RP(redirect_uri,did,kid,privateKey);

//before calling any other methods initialise the object (async method)
await relyingParty.init();

//generate the request
const request = await relyingParty.generateRequest();

//send the request to a provider and receive the response
//response - {response_type:'id_token', id_token: 'value':}

//validate a response token from the provider
const decodedResponse = await relyingParty.validateResponse(response.id_token);
console.log(decodedResponse) //{success: boolean, data: decodedResponse}

Provider

import {SIOProvider} from "@zedeid-sdk/zedeid-did-siop-lib";


//create a Provider instance
const provider = new SIOProvider(did, kid, privateKey);

//before calling any other methods initialise the object (async method)
await provider.init();

//validate the request from RP
const decodedRequest = await provider.validateRequest(request);

//generate response to the previously sent request by the RP
const res = await provider.generateResponse(decodedRequest, request, [expiresIn]);
console.log(res) //{response_type:'id_token', id_token: 'id_token_value'}

Usage (Authorization code flow)

RP

import {RP} from "@zedeid-sdk/zedeid-did-siop-lib"

//create a RP instance
const relyingParty = new RP(redirect_uri,did,kid,privateKey);

//before calling any other methods initialise the object (async method)
await relyingParty.init();

//generate the first request
const request = await relyingParty.generateRequest({response_type:'code'}, {response_type:'code'});

//send the request to a provider and receive the response
//response - {response_type:'code', code:code_value}

//generate the second request using the first response
const secondRequest = await relyingParty.generateRequest({response_type:'id_token', grant_type:'authorization_code', code: 'code_received_above'}, {response_type:'code'});
//send the request to a provider and receive the response            
//response - {response_type:'id_token', id_token:idToken, refresh_token: refreshToken}

//generate a token refresh request
const tokenRefreshReq = relyingParty.generateTokenRefreshRequest(id_token, refresh_token);

//validate a response token from the provider
const decodedResponse = await relyingParty.validateResponse(response.id_token);
console.log(decodedResponse) //{success: boolean, data: decodedResponse}

Provider

import {SIOProvider} from "@zedeid-sdk/zedeid-did-siop-lib"

//create a Provider instance
const provider = new SIOProvider(did, kid, privateKey);

//before calling any other methods initialise the object (async method)
await provider.init();

if the environment is not a browser; set a storage with the interface of Window.localstorage for getting and setting items. (ex: react-native : react-native-async-storage)

provider.setStorage(new StorageAdapter());

// firstRequest received from a RP
const decodedRequest = await provider.validateRequest(firstRequest);
const firstResponse = await provider.generateResponse(decodedRequest, firstRequest);
//response - {response_type:'code', code:code_value}

//send the response to redirect_uri and receive second request

const decodedRequestSecond = await provider.validateRequest(secondRequest);           
const secondResponse = await provider.generateResponse(decodedRequestSecond, secondRequest);            
//response - {response_type:'id_token', id_token:idToken, refresh_token: refreshToken}

//refresh a token
const decodedTokenRefreshReq = await provider.validateRequest(tokenRefreshReq);           
const response = await provider.generateResponse(decodedTokenRefreshReq, tokenRefreshReq);            
//response - {response_type:'id_token', id_token:idToken, refresh_token: refreshToken}