WIP JwtVcJson

Author: cicnavi

src/Codebooks/AtContextsEnum.php

@@ -0,0 +1,10 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\OpenID\Codebooks;
+
+enum AtContextsEnum: string
+{
+    case W3Org2018CredentialsV1 = 'https://www.w3.org/2018/credentials/v1';
+}

src/Codebooks/ClaimsEnum.php

@@ -6,6 +6,10 @@
 
 enum ClaimsEnum: string
 {
+    // @context
+    case AtContext = '@context';
+    // @type
+    case AtType = '@type';
     case AcrValuesSupported = 'acr_values_supported';
     // Algorithm
     case Alg = 'alg';
@@ -42,6 +46,7 @@ enum ClaimsEnum: string
     case CredentialResponseEncryption = 'credential_response_encryption';
     // CredentialSigningAlgorithmValuesSupported
     case CredentialSigningAlgValuesSupported = 'credential_signing_alg_values_supported';
+    case CredentialSubject = 'credential_subject';
     case CryptographicBindingMethodsSupported = 'cryptographic_binding_methods_supported';
     case DeferredCredentialEndpoint = 'deferred_credential_endpoint';
     case Delegation = 'delegation';

src/Exceptions/JwtVcJsonException.php src/Exceptions/VcDataModelException.phpsrc/Exceptions/JwtVcJsonException.php renamed to src/Exceptions/VcDataModelException.php

@@ -4,6 +4,6 @@
 
 namespace SimpleSAML\OpenID\Exceptions;
 
-class JwtVcJsonException extends JwsException
+class VcDataModelException extends JwsException
 {
 }

src/Factories/ClaimFactory.php

@@ -10,11 +10,14 @@
 use SimpleSAML\OpenID\Exceptions\JwksException;
 use SimpleSAML\OpenID\Federation\Factories\FederationClaimFactory;
 use SimpleSAML\OpenID\Helpers;
+use SimpleSAML\OpenID\VerifiableCredentials\VcDataModel\Factories\VcDataModelClaimFactory;
 
 class ClaimFactory
 {
     protected FederationClaimFactory $federationClaimFactory;
 
+    protected VcDataModelClaimFactory $vcDataModelClaimFactory;
+
     public function __construct(
         protected readonly Helpers $helpers,
     ) {
@@ -28,6 +31,14 @@ public function forFederation(): FederationClaimFactory
         );
     }
 
+    public function forVcDataModel(): VcDataModelClaimFactory
+    {
+        return $this->vcDataModelClaimFactory ??= new VcDataModelClaimFactory(
+            $this->helpers,
+            $this,
+        );
+    }
+
     /**
      * @throws \SimpleSAML\OpenID\Exceptions\InvalidValueException
      */

src/Helpers/Arr.php

@@ -56,4 +56,28 @@ public function getNestedValue(array $array, int|string ...$keys): mixed
 
         return $this->getNestedValue($nestedArray, ...$keys);
     }
+
+    /**
+     * @param mixed[] $array
+     */
+    public function isAssociative(array $array): bool
+    {
+        // Has at least one string key or non-sequential numeric keys
+        return array_keys($array) !== range(0, count($array) - 1);
+    }
+
+    /**
+     * Is array of arrays.
+     * @param mixed[] $array
+     */
+    public function isOfArrays(array $array): bool
+    {
+        foreach ($array as $value) {
+            if (!is_array($value)) {
+                return false;
+            }
+        }
+
+        return true;
+    }
 }

src/Helpers/Type.php

@@ -24,9 +24,11 @@ public function ensureString(mixed $value, ?string $context = null): string
             return (string)$value;
         }
 
-        $error = 'Unsafe string casting, aborting.';
-        $error .= is_string($context) ? ' Context: ' . $context : '';
-        $error .= ' Value was: ' . var_export($value, true);
+        $error = $this->prepareErrorMessage(
+            'Unsafe string casting, aborting.',
+            $value,
+            $context,
+        );
 
         throw new InvalidValueException($error);
     }
@@ -43,9 +45,11 @@ public function ensureNonEmptyString(mixed $value, ?string $context = null): str
             return $value;
         }
 
-        $error = 'Empty string value encountered, aborting.';
-        $error .= is_string($context) ? ' Context: ' . $context : '';
-        $error .= ' Value was: ' . var_export($value, true);
+        $error = $this->prepareErrorMessage(
+            'Empty string value encountered, aborting.',
+            $value,
+            $context,
+        );
 
         throw new InvalidValueException($error);
     }
@@ -73,9 +77,11 @@ public function ensureArray(mixed $value, ?string $context = null): array
             // Converts object properties to an array
         }
 
-        $error = 'Unsafe array casting, aborting.';
-        $error .= is_string($context) ? 'Context: ' . $context : '';
-        $error .= ' Value was: ' . var_export($value, true);
+        $error = $this->prepareErrorMessage(
+            'Unsafe array casting, aborting.',
+            $value,
+            $context,
+        );
 
         throw new InvalidValueException($error);
     }
@@ -203,10 +209,148 @@ public function ensureInt(mixed $value, ?string $context = null): int
             return (int)$value;
         }
 
-        $error = 'Unsafe integer casting, aborting.';
-        $error .= is_string($context) ? 'Context: ' . $context : '';
-        $error .= ' Value was: ' . var_export($value, true);
+        $error = $this->prepareErrorMessage(
+            'Unsafe integer casting, aborting.',
+            $value,
+            $context,
+        );
 
         throw new InvalidValueException($error);
     }
+
+    /**
+     * @return non-empty-string
+     * @throws \SimpleSAML\OpenID\Exceptions\InvalidValueException
+     */
+    public function enforceRegex(
+        mixed $value,
+        string $pattern,
+        ?string $context = null,
+    ): string {
+        $value = $this->ensureNonEmptyString($value, $context);
+
+        $error = $this->prepareErrorMessage(
+            'Regex match failed, aborting.',
+            $value,
+            $context,
+        );
+
+        preg_match($pattern, $value) || throw new InvalidValueException($error);
+
+        return $value;
+    }
+
+    /**
+     * @return non-empty-string
+     * @throws \SimpleSAML\OpenID\Exceptions\InvalidValueException
+     */
+    public function enforceUri(
+        mixed $value,
+        ?string $context = null,
+        string $pattern = '/^[^:]+:\/\/?([^\s\/$.?#].[^\s]*)?$/',
+    ): string {
+        try {
+            $value = $this->enforceRegex($value, $pattern, $context);
+        } catch (InvalidValueException) {
+            $error = $this->prepareErrorMessage(
+                'URI regex match failed, aborting.',
+                $value,
+                $context,
+            );
+
+            throw new InvalidValueException($error);
+        }
+
+        return $value;
+    }
+
+    /**
+     * @param mixed[] $array
+     * @return array<mixed[]>
+     * @throws \SimpleSAML\OpenID\Exceptions\InvalidValueException
+     */
+    public function enforceArrayOfArrays(array $array, ?string $context = null): array
+    {
+        foreach ($array as $value) {
+            if (!is_array($value)) {
+                $error = $this->prepareErrorMessage(
+                    'Non-array value encountered, aborting.',
+                    $array,
+                    $context,
+                );
+
+                throw new InvalidValueException($error);
+            }
+        }
+
+        /** @var array<mixed[]> $array */
+        return $array;
+    }
+
+    /**
+     * @param mixed[] $array
+     * @return non-empty-array<mixed>
+     * @throws \SimpleSAML\OpenID\Exceptions\InvalidValueException
+     */
+    public function enforceNonEmptyArray(array $array, ?string $context = null): array
+    {
+        if ($array === []) {
+            $error = $this->prepareErrorMessage(
+                'Empty array encountered, aborting.',
+                $array,
+                $context,
+            );
+            throw new InvalidValueException($error);
+        }
+
+        return $array;
+    }
+
+    /**
+     * @param mixed[] $array
+     * @return non-empty-array<non-empty-string>
+     * @throws \SimpleSAML\OpenID\Exceptions\InvalidValueException
+     */
+    public function enforceNonEmptyArrayWithValuesAsNonEmptyStrings(array $array, ?string $context = null): array
+    {
+        $array = $this->ensureArrayWithValuesAsNonEmptyStrings($array, $context);
+        $array = $this->enforceNonEmptyArray($array, $context);
+
+        /** @var non-empty-array<non-empty-string> $array */
+        return $array;
+    }
+
+    /**
+     * @param mixed[] $array
+     * @return non-empty-array<non-empty-array>
+     * @throws \SimpleSAML\OpenID\Exceptions\InvalidValueException
+     */
+    public function enforceNonEmptyArrayOfNonEmptyArrays(array $array, ?string $context = null): array
+    {
+        $array = $this->enforceNonEmptyArray($array, $context);
+
+        foreach ($array as $value) {
+            if (!is_array($value)) {
+                $error = $this->prepareErrorMessage(
+                    'Non-array value encountered, aborting.',
+                    $array,
+                    $context,
+                );
+
+                throw new InvalidValueException($error);
+            }
+
+            $this->enforceNonEmptyArray($value, $context);
+        }
+
+        /** @var non-empty-array<non-empty-array> $array */
+        return $array;
+    }
+
+    protected function prepareErrorMessage(string $message, mixed $value, ?string $context = null): string
+    {
+        return $message .
+        (is_string($context) ? ' Context: ' . $context : '') .
+        ' Value was: ' . var_export($value, true);
+    }
 }

src/Jws/ParsedJws.php

@@ -95,6 +95,14 @@ public function getPayloadClaim(string $key): mixed
         return $this->getPayload()[$key] ?? null;
     }
 
+    public function getNestedPayloadClaim(int|string ...$keys): mixed
+    {
+        return $this->helpers->arr()->getNestedValue(
+            $this->getPayload(),
+            ...$keys,
+        );
+    }
+
     public function getToken(
         JwsSerializerEnum $jwsSerializerEnum = JwsSerializerEnum::Compact,
         ?int $signatureIndex = null,