updates to verify

[nitro-neal]

Addressing:
#420

Made sure we are explicitly checking these:

• exp MUST represent the expirationDate property, encoded as a UNIX timestamp (NumericDate).
• iss MUST represent the issuer property of a verifiable credential or the holder property of a verifiable presentation.
• nbf MUST represent issuanceDate, encoded as a UNIX timestamp (NumericDate).
• jti MUST represent the id property of the verifiable credential or verifiable presentation.
• sub MUST represent the id property contained in the credentialSubject.

updated the iss to be the did's id and not the vcDataModel issuer

Examples:
vcJwt:

eyJ0eXAiOiJKV1QiLCJhbGciOiJFZERTQSIsImtpZCI6ImRpZDpkaHQ6aWJxdXhkNWhqZjhhOXlid3o2emN1d2U1ejhtbnpoZmF1Nmp3cms1OWlwZmlycnVvano5eSMwIn0.eyJ2YyI6eyJAY29udGV4dCI6WyJodHRwczovL3d3dy53My5vcmcvMjAxOC9jcmVkZW50aWFscy92MSJdLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiVEJEZXZlbG9wZXJDcmVkZW50aWFsIl0sImlkIjoidXJuOnV1aWQ6MjZmZTQ4MGQtMjFjMS00Nzc0LWI1YjctNjQ0NDc3NzcxMjNiIiwiaXNzdWVyIjoiZGlkOmRodDppYnF1eGQ1aGpmOGE5eWJ3ejZ6Y3V3ZTV6OG1uemhmYXU2andyazU5aXBmaXJydW9qejl5IiwiaXNzdWFuY2VEYXRlIjoiMjAyNC0wMi0yMVQyMzoxMTo0M1oiLCJjcmVkZW50aWFsU3ViamVjdCI6eyJpZCI6ImRpZDpkaHQ6aWJxdXhkNWhqZjhhOXlid3o2emN1d2U1ejhtbnpoZmF1Nmp3cms1OWlwZmlycnVvano5eSIsInVzZXJuYW1lIjoibml0cm8ifX0sIm5iZiI6MTcwODU1NzEwMywianRpIjoidXJuOnV1aWQ6MjZmZTQ4MGQtMjFjMS00Nzc0LWI1YjctNjQ0NDc3NzcxMjNiIiwiaXNzIjoiZGlkOmRodDppYnF1eGQ1aGpmOGE5eWJ3ejZ6Y3V3ZTV6OG1uemhmYXU2andyazU5aXBmaXJydW9qejl5Iiwic3ViIjoiZGlkOmRodDppYnF1eGQ1aGpmOGE5eWJ3ejZ6Y3V3ZTV6OG1uemhmYXU2andyazU5aXBmaXJydW9qejl5IiwiaWF0IjoxNzA4NTU3MTAzfQ.FeL8YtNltBjbNSN_nZJCkf1VnA_S_nkHY9jIihAL27kmuYHUeKvCYjXTsIuWBJnTc0AG9v35vRQAnQqTc4lXAA

Decoded JWT:

{
  "vc": {
    "@context": [
      "https://www.w3.org/2018/credentials/v1"
    ],
    "type": [
      "VerifiableCredential",
      "TBDeveloperCredential"
    ],
    "id": "urn:uuid:26fe480d-21c1-4774-b5b7-64447777123b",
    "issuer": "did:dht:ibquxd5hjf8a9ybwz6zcuwe5z8mnzhfau6jwrk59ipfirruojz9y",
    "issuanceDate": "2024-02-21T23:11:43Z",
    "credentialSubject": {
      "id": "did:dht:ibquxd5hjf8a9ybwz6zcuwe5z8mnzhfau6jwrk59ipfirruojz9y",
      "username": "nitro"
    }
  },
  "nbf": 1708557103,
  "jti": "urn:uuid:26fe480d-21c1-4774-b5b7-64447777123b",
  "iss": "did:dht:ibquxd5hjf8a9ybwz6zcuwe5z8mnzhfau6jwrk59ipfirruojz9y",
  "sub": "did:dht:ibquxd5hjf8a9ybwz6zcuwe5z8mnzhfau6jwrk59ipfirruojz9y",
  "iat": 1708557103
}

ParsedJwt (VcDataModel):

VerifiableCredential {
  vcDataModel: {
    '@context': [ 'https://www.w3.org/2018/credentials/v1' ],
    type: [ 'VerifiableCredential', 'TBDeveloperCredential' ],
    id: 'urn:uuid:26fe480d-21c1-4774-b5b7-64447777123b',
    issuer: 'did:dht:ibquxd5hjf8a9ybwz6zcuwe5z8mnzhfau6jwrk59ipfirruojz9y',
    issuanceDate: '2024-02-21T23:11:43Z',
    credentialSubject: {
      id: 'did:dht:ibquxd5hjf8a9ybwz6zcuwe5z8mnzhfau6jwrk59ipfirruojz9y',
      username: 'nitro'
    }
  }
}

Example processing rules:

jti
jti: 123
payload.vc.id: 123
valid? ✅

jti: 123
payload.vc.id: undefined
valid? ✅

jti: 123
payload.vc.id: 321
valid? ❌

jti: 123
payload.vc.id: “” // empty string
valid? ❌

[github-actions]

TBDocs Report

🛑 Errors: 0
⚠️ Warnings: 130

@web5/api

• Project entry file: packages/api/src/index.ts

📄 File: ./packages/api/src/protocol.ts
⚠️ extractor:typedoc:missing-reference: ProtocolMetadata is referenced by Protocol._metadata but not included in the documentation.
⚠️ extractor:typedoc:missing-docs: Protocol._agent (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: Protocol._metadata (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: Protocol._protocolsConfigureMessage (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: Protocol.send.__type.status (Property) does not have any documentation.

📄 File: ./packages/api/src/send-cache.ts
⚠️ extractor:typedoc:missing-reference: SendCache is referenced by Record._sendCache but not included in the documentation.

📄 File: ./packages/api/src/web5.ts
⚠️ extractor:typedoc:missing-reference: Web5Options is referenced by Web5.constructor.new Web5.options but not included in the documentation.
⚠️ extractor:typedoc:missing-docs: TechPreviewOptions.__type.dwnEndpoints (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: Web5ConnectOptions.__type.connectedDid (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: Web5.connect.__type.web5 (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: Web5.connect.__type.did (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: Web5.connectedDid (Property) does not have any documentation.

📄 File: ./packages/api/src/utils.ts
⚠️ extractor:typedoc:missing-docs: utils.dataToBlob.__type.dataBlob (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: utils.dataToBlob.__type.dataFormat (Property) does not have any documentation.

📄 File: ./packages/api/src/did-api.ts
⚠️ extractor:typedoc:missing-docs: DidApi.agent (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: DidApi.connectedDid (Property) does not have any documentation.

📄 File: ./packages/api/src/dwn-api.ts
⚠️ extractor:typedoc:missing-docs: ResponseStatus.__type.status (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: ResponseStatus.__type.status.__type.code (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: ResponseStatus.__type.status.__type.detail (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: ProtocolsConfigureRequest.__type.message (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: ProtocolsConfigureResponse.__type.protocol (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: ProtocolsQueryReplyEntry.__type.descriptor (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: ProtocolsQueryRequest.__type.from (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: ProtocolsQueryRequest.__type.message (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: ProtocolsQueryResponse.__type.protocols (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: RecordsCreateFromRequest.__type.author (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: RecordsCreateFromRequest.__type.data (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: RecordsCreateFromRequest.__type.message (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: RecordsCreateFromRequest.__type.record (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: RecordsDeleteRequest.__type.from (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: RecordsDeleteRequest.__type.message (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: RecordsQueryRequest.__type.message (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: RecordsQueryResponse.__type.records (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: RecordsReadRequest.__type.message (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: RecordsReadResponse.__type.record (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: RecordsWriteRequest.__type.data (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: RecordsWriteRequest.__type.message (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: RecordsWriteRequest.__type.store (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: RecordsWriteResponse.__type.record (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: DwnApi.agent (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: DwnApi.connectedDid (Property) does not have any documentation.

📄 File: ./packages/api/src/record.ts
⚠️ extractor:typedoc:missing-docs: RecordOptions.__type.author (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: RecordOptions.__type.connectedDid (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: RecordOptions.__type.encodedData (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: RecordOptions.__type.data (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: RecordOptions.__type.initialWrite (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: RecordOptions.__type.protocolRole (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: RecordOptions.__type.remoteOrigin (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: RecordModel.__type.author (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: RecordModel.__type.protocolRole (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: RecordModel.__type.recordId (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: RecordUpdateOptions.__type.data (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: RecordUpdateOptions.__type.dataCid (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: RecordUpdateOptions.__type.dataSize (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: RecordUpdateOptions.__type.dateModified (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: RecordUpdateOptions.__type.datePublished (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: RecordUpdateOptions.__type.published (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: RecordUpdateOptions.__type.protocolRole (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: Record._sendCache (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: Record._agent (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: Record._connectedDid (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: Record._encodedData (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: Record._readableStream (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: Record._remoteOrigin (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: Record._author (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: Record._attestation (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: Record._authorization (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: Record._contextId (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: Record._descriptor (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: Record._encryption (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: Record._initialWrite (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: Record._initialWriteStored (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: Record._initialWriteSigned (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: Record._recordId (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: Record._protocolRole (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: Record.data.__type.then (CallSignature) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: Record.data.__type.catch (CallSignature) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: Record.processRecord (CallSignature) does not have any documentation.

📄 File: ./packages/api/src/vc-api.ts
⚠️ extractor:typedoc:missing-docs: VcApi.agent (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: VcApi.connectedDid (Property) does not have any documentation.

🔀 Misc.
⚠️ extractor:typedoc:invalid-link: Failed to resolve link to "@web5/agent#Web5Agent" in comment for Web5ConnectOptions.__type.agent. You may have wanted "@web5/agent!Web5Agent"
⚠️ extractor:typedoc:invalid-link: Failed to resolve link to "@web5/user-agent#Web5UserAgent" in comment for Web5ConnectOptions.__type.agent. You may have wanted "@web5/user-agent!Web5UserAgent"
⚠️ extractor:typedoc:invalid-link: Failed to resolve link to "@web5/agent#AppDataStore" in comment for Web5ConnectOptions.__type.appData. You may have wanted "@web5/agent!AppDataStore"
⚠️ extractor:typedoc:invalid-link: Failed to resolve link to "@web5/agent#AppDataStore" in comment for Web5ConnectOptions.__type.appData. You may have wanted "@web5/agent!AppDataStore"
⚠️ extractor:typedoc:invalid-link: Failed to resolve link to "@web5/agent#Web5Agent" in comment for Web5.connect. You may have wanted "@web5/agent!Web5Agent"
⚠️ extractor:typedoc:invalid-link: Failed to resolve link to "@web5/user-agent#Web5UserAgent" in comment for Web5.connect. You may have wanted "@web5/user-agent!Web5UserAgent"

@web5/crypto

• Project entry file: packages/crypto/src/index.ts

@web5/crypto-aws-kms

• Project entry file: packages/crypto-aws-kms/src/index.ts

📄 File: ./packages/crypto-aws-kms/src/ecdsa.ts
⚠️ extractor:typedoc:missing-docs: EcdsaAlgorithm (Class) does not have any documentation.

📄 File: ./packages/crypto-aws-kms/src/key-manager.ts
⚠️ extractor:typedoc:missing-docs: AwsKeyManager (Class) does not have any documentation.

📄 File: ./packages/crypto-aws-kms/src/utils.ts
⚠️ extractor:typedoc:missing-docs: getKeySpec (CallSignature) does not have any documentation.

🔀 Misc.
⚠️ extractor:typedoc:invalid-link: Failed to resolve link to "@web5/crypto#Secp256k1.adjustSignatureToLowS | here" in comment for EcdsaAlgorithm.sign. You may have wanted "@web5/crypto!Secp256k1.adjustSignatureToLowS | here"

@web5/dids

• Project entry file: packages/dids/src/index.ts

@web5/credentials

• Project entry file: packages/credentials/src/index.ts

📄 File: ./packages/credentials/src/jwt.ts
⚠️ extractor:typedoc:missing-docs: JwtParseResult.__type.decoded (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: JwtParseResult.__type.encoded (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: JwtParseResult.__type.encoded.__type.header (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: JwtParseResult.__type.encoded.__type.payload (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: JwtParseResult.__type.encoded.__type.signature (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: ParseJwtOptions.__type.jwt (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: SignJwtOptions.__type.signerDid (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: SignJwtOptions.__type.payload (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: VerifyJwtOptions.__type.jwt (Property) does not have any documentation.

📄 File: ./packages/credentials/src/presentation-exchange.ts
⚠️ extractor:typedoc:missing-docs: PresentationDefinitionV2 (Interface) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: Validated (TypeAlias) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: PresentationExchange (Class) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: PresentationExchange.resetPex (CallSignature) does not have any documentation.

📄 File: ./packages/credentials/src/verifiable-credential.ts
⚠️ extractor:typedoc:missing-docs: DEFAULT_VC_CONTEXT (Variable) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: DEFAULT_VC_TYPE (Variable) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: VerifiableCredentialCreateOptions.__type.type (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: VerifiableCredentialCreateOptions.__type.issuer (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: VerifiableCredentialCreateOptions.__type.subject (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: VerifiableCredentialCreateOptions.__type.data (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: VerifiableCredentialCreateOptions.__type.issuanceDate (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: VerifiableCredentialCreateOptions.__type.expirationDate (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: VerifiableCredentialSignOptions.__type.did (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: VerifiableCredential.verify.__type.issuer (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: VerifiableCredential.verify.__type.subject (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: VerifiableCredential.verify.__type.vc (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: VerifiableCredential.type (GetSignature) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: VerifiableCredential.issuer (GetSignature) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: VerifiableCredential.subject (GetSignature) does not have any documentation.

📄 File: ./packages/credentials/src/verifiable-presentation.ts
⚠️ extractor:typedoc:missing-docs: DEFAULT_VP_TYPE (Variable) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: VerifiablePresentationCreateOptions.__type.holder (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: VerifiablePresentationCreateOptions.__type.vcJwts (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: VerifiablePresentationCreateOptions.__type.type (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: VerifiablePresentationCreateOptions.__type.additionalData (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: VerifiablePresentationSignOptions.__type.did (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: VerifiablePresentation.verify.__type.issuer (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: VerifiablePresentation.verify.__type.subject (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: VerifiablePresentation.verify.__type.vc (Property) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: VerifiablePresentation.type (GetSignature) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: VerifiablePresentation.holder (GetSignature) does not have any documentation.
⚠️ extractor:typedoc:missing-docs: VerifiablePresentation.verifiableCredential (GetSignature) does not have any documentation.

---

TBDocs Report Updated at 2024-03-14T21:46:00Z 37c71e0

[codecov]

Codecov Report

Merging #421 (37c71e0) into main (dbae44d) will decrease coverage by 0.01%.
The diff coverage is 93.52%.

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #421      +/-   ##
==========================================
- Coverage   93.35%   93.34%   -0.01%     
==========================================
  Files          80       80              
  Lines       23839    23968     +129     
  Branches     1891     1916      +25     
==========================================
+ Hits        22255    22374     +119     
- Misses       1544     1551       +7     
- Partials       40       43       +3     

Components	Coverage Δ
agent	88.72% <ø> (ø)
api	97.11% <ø> (-0.19%)	⬇️
common	98.68% <ø> (ø)
credentials	94.75% <93.52%> (-0.03%)	⬇️
crypto	93.81% <ø> (ø)
dids	97.51% <ø> (ø)
identity-agent	56.81% <ø> (ø)
crypto-aws-kms	100.00% <ø> (ø)
proxy-agent	58.43% <ø> (ø)
user-agent	55.22% <ø> (ø)

[decentralgabe]

lgtm

[mistermoe]

@nitro-neal i have vectors herethat may be worth using

[nitro-neal]

Let me add these test vectors to double check on this impl

[decentralgabe]

not optional!

[nitro-neal]

lol ok, just saw this: - https://www.w3.org/TR/vc-data-model/#jwt-decoding

If iss is present, the value MUST be used to set the issuer [property](https://www.w3.org/TR/vc-data-model/#dfn-property) of the new [credential](https://www.w3.org/TR/vc-data-model/#dfn-credential) JSON object or the holder [property](https://www.w3.org/TR/vc-data-model/#dfn-property) of the new [presentation](https://www.w3.org/TR/vc-data-model/#dfn-presentations) JSON object.

[decentralgabe]

what if there's no jti? shoudl we err?

[nitro-neal]

so it seems like all of them are optional even iss, but yea iss is the only one we require currently

[decentralgabe]

complex stuff, re-approving. nice job @nitro-neal

[nitro-neal]

@mistermoe I added your test vectors - https://github.com/TBD54566975/web5-spec/tree/main/test-vectors/vc_jwt