trentlarson/crowd-funder-from-jason
1
0
Fork 0
forked from jsnbuchanan/crowd-funder-for-time-pwa
Code Issues Pull Requests Projects Releases Wiki Activity
Files
48c749a80476f77fbca3e99d2360f393a46025be
crowd-funder-from-jason/test-scripts/did_generator.ts
Matthew Raymer 48c749a804 feat: Improve DID registration with admin credentials 
- Add admin keypair (DID + private key) for proper registration signing
- Remove SQLite database dependency for admin DID lookup
- Update both TypeScript and Python implementations to use admin credentials
- Enhance documentation with detailed usage, options, and security notes
- Fix JWT signing to use admin's key as issuer
- Standardize API URL handling with defaults
- Add command-line options for admin DID and API URL override

Both implementations now successfully register new DIDs using the admin's
credentials to sign the registration claims. The admin acts as both the
agent in the claim and the issuer of the JWT.
2025-03-04 05:59:10 +00:00

245 lines
7.7 KiB
TypeScript
Raw Blame History

/**
* DID Generator Script
* @author Matthew Raymer
*
* This script generates and registers Decentralized Identifiers (DIDs) with admin authorization.
* It supports the creation of Ethereum-based DIDs (did:ethr) and handles the complete
* registration flow with the endorser.ch API.
*
* Features:
* - Ethereum keypair generation using ethers.js
* - JWT creation and signing using did-jwt
* - DID registration with admin authorization
* - Detailed error handling and logging
* - Command-line interface for admin DID input
*
* Dependencies:
* did-jwt: For JWT creation and signing
* ethers: For Ethereum account operations
* node-fetch: For API communication
* commander: For CLI argument parsing
*
* Usage:
* npm run generate-did -- [options]
*
* Options:
* -a, --admin-did <did> Override default admin DID
* --api-url <url> Override default API endpoint
*
* Environment:
* Default Admin DID: did:ethr:0x0000694B58C2cC69658993A90D3840C560f2F51F
* Default API URL: https://test-api.endorser.ch/api/v2/claim
*/
/// <reference types="node" />
// Add at the top of your file to ignore dom types
import * as didJwt from 'did-jwt';
import { ethers } from 'ethers';
import fetch from 'node-fetch';
import { program } from 'commander';
const admin_keypair = {
did: 'did:ethr:0x0000694B58C2cC69658993A90D3840C560f2F51F',
privateKey: '2b6472c026ec2aa2c4235c994a63868fc9212d18b58f6cbfe861b52e71330f5b'
}
// Default admin DID
const DEFAULT_ADMIN_DID = admin_keypair.did;
// Add constant for default API URL
const DEFAULT_API_URL = 'https://test-api.endorser.ch/api/v2/claim';
/**
* Result interface for DID creation process
*/
interface DIDCreationResult {
did: string; // The generated DID
privateKey: string; // Private key without 0x prefix
publicKey: string; // Public key with 0x prefix
isValid: boolean; // Validation status
jwt: string; // Signed JWT for registration
}
/**
* Result interface for DID registration attempt
*/
interface RegistrationResult {
success: boolean; // Registration success status
error?: string; // Optional error message
response?: any; // Optional API response data
}
/**
* Creates and validates a new DID with admin authorization
*
* Workflow:
* 1. Generates new Ethereum keypair using ethers.js
* 2. Creates DID from public key in did:ethr format
* 3. Constructs registration claim with:
* - Admin DID as the agent (authorizer)
* - New DID as the participant (being registered)
* 4. Signs claim as JWT using admin's private key
*
* @param adminDid - Administrator DID for authorization
* @returns Promise<DIDCreationResult> - Generated DID details and JWT
*/
async function createAndValidateDID(adminDid: string): Promise<DIDCreationResult> {
console.log('Using admin DID:', adminDid);
// Generate new DID keypair
console.log('Generating new keypair...');
const wallet = ethers.Wallet.createRandom();
const did = `did:ethr:${wallet.address}`;
const privateKey = wallet.privateKey.slice(2);
const publicKey = wallet.publicKey;
// Create registration claim with admin as agent
const registerClaim = {
"@context": "https://schema.org",
"@type": "RegisterAction",
agent: { did: adminDid },
participant: { did: did },
object: "endorser.ch"
};
const vcPayload = {
iat: Math.floor(Date.now() / 1000),
exp: Math.floor(Date.now() / 1000) + 300,
sub: "RegisterAction",
vc: {
"@context": ["https://www.w3.org/2018/credentials/v1"],
type: ["VerifiableCredential"],
credentialSubject: registerClaim
}
};
console.log('\nGenerated DID Details:');
console.log('----------------------');
console.log('DID:', did);
console.log('Admin DID:', adminDid);
console.log('Address:', wallet.address);
console.log('Private Key:', wallet.privateKey);
console.log('Public Key:', wallet.publicKey);
console.log('\nDebug Details:');
console.log('-------------');
console.log('Private Key (hex):', privateKey); // Should be without 0x
console.log('Public Key (hex):', publicKey); // Should be with 0x
console.log('Header:', {
typ: "JWT",
alg: "ES256K"
});
console.log('Payload:', vcPayload);
// Create and sign JWT with admin's key
console.log('\nCreating JWT...');
const signer = didJwt.SimpleSigner(admin_keypair.privateKey); // Use admin's private key
const jwt = await didJwt.createJWT(vcPayload, {
issuer: admin_keypair.did, // Admin DID as issuer
signer: signer
});
console.log('\nJWT Parts:');
const [header, payload, signature] = jwt.split('.');
console.log('Header (base64):', header);
console.log('Payload (base64):', payload);
console.log('Signature (base64):', signature);
return { did, privateKey, publicKey, isValid: true, jwt };
}
/**
* Registers a DID with the endorser.ch API
*
* Workflow:
* 1. Submits JWT to API endpoint
* 2. Processes response (success/error)
* 3. Handles error cases:
* - Network errors
* - API errors (400, 401, etc)
* - Malformed responses
*
* @param jwt - Signed JWT for registration
* @returns Promise<RegistrationResult> - Registration result with response/error
*/
async function registerDID(jwt: string): Promise<RegistrationResult> {
try {
const response = await fetch(DEFAULT_API_URL, {
method: 'POST',
headers: {
'Content-Type': 'application/json',
},
body: JSON.stringify({ jwtEncoded: jwt }),
});
console.log(`\nServer Response Status: ${response.status}`);
const responseText = await response.text();
console.log(`Server Response Body: ${responseText}`);
if (response.ok) {
return {
success: true,
response: JSON.parse(responseText)
};
} else {
try {
const errorJson = JSON.parse(responseText);
const errorMsg = errorJson.error?.message || 'Unknown error';
return {
success: false,
error: `Registration failed (${response.status}): ${errorMsg}`,
response: errorJson
};
} catch {
return {
success: false,
error: `Registration failed (${response.status}): ${responseText}`,
response: responseText
};
}
}
} catch (e) {
return {
success: false,
error: `Request failed: ${e}`
};
}
}
// Command line handling
program
.name('did-generator')
.description('Generate and register a new DID')
.option('-a, --admin-did <did>', 'Admin DID', DEFAULT_ADMIN_DID)
.option('--api-url <url>', 'Override API URL', DEFAULT_API_URL)
.parse();
const options = program.opts();
const adminDid = options.adminDid; // Use the option instead of args
const apiUrl = options.apiUrl;
console.log('Starting DID Generation...\n');
console.log('Using admin DID:', adminDid); // Log the admin DID being used
(async () => {
try {
const result = await createAndValidateDID(adminDid);
console.log('\nSuccessfully generated DID with admin authorization!');
console.log('Registration JWT:', result.jwt.substring(0, 50) + '...');
console.log('\nAttempting registration...');
const registrationResult = await registerDID(result.jwt);
if (registrationResult.success) {
console.log('Registration successful!');
console.log('Response:', JSON.stringify(registrationResult.response, null, 2));
} else {
console.log('Registration failed!');
console.log('Error:', registrationResult.error);
if (registrationResult.response) {
console.log('Full response:', JSON.stringify(registrationResult.response, null, 2));
}
}
} catch (error) {
console.error('\nError:', error);
process.exit(1);
}
})();
Reference in New Issue View Git Blame Copy Permalink