feat: implementation for OID4VC and OID4VP #289
Conversation
Signed-off-by: KambleSahil3 <sahil.kamble@ayanworks.com> Signed-off-by: Sahil Kamble <sahil.kamble@ayanworks.com>
Signed-off-by: Tipu_Singh <tipu.singh@ayanworks.com>
Signed-off-by: Tipu_Singh <tipu.singh@ayanworks.com>
Signed-off-by: Tipu_Singh <tipu.singh@ayanworks.com>
Signed-off-by: Tipu_Singh <tipu.singh@ayanworks.com>
Signed-off-by: Tipu_Singh <tipu.singh@ayanworks.com>
Signed-off-by: Tipu_Singh <tipu.singh@ayanworks.com>
Signed-off-by: Tipu_Singh <tipu.singh@ayanworks.com>
Signed-off-by: Tipu_Singh <tipu.singh@ayanworks.com>
Signed-off-by: Tipu_Singh <tipu.singh@ayanworks.com>
WalkthroughThis update introduces comprehensive OpenID4VC support by adding new controllers, services, types, and route registrations for issuance sessions, issuers, verifiers, and holders. It also updates dependencies, refactors ESLint configuration, and improves code consistency. Several patches are applied to external dependencies, and minor formatting and import adjustments are made throughout the codebase. Changes
Sequence Diagram(s)sequenceDiagram
participant Client
participant ExpressServer
participant OpenID4VC_Controller
participant OpenID4VC_Service
participant Agent
%% Example: Creating a Credential Offer (Issuance Session)
Client->>ExpressServer: POST /openid4vc/issuance-sessions/create-credential-offer
ExpressServer->>OpenID4VC_Controller: createCredentialOffer(request)
OpenID4VC_Controller->>OpenID4VC_Service: createCredentialOffer(options, agent)
OpenID4VC_Service->>Agent: createCredentialOffer(options)
Agent-->>OpenID4VC_Service: offer/session record
OpenID4VC_Service-->>OpenID4VC_Controller: offer/session record
OpenID4VC_Controller-->>ExpressServer: offer/session record
ExpressServer-->>Client: offer/session record
%% Example: Holder requests credential
Client->>ExpressServer: POST /openid4vc/holder/request-credential
ExpressServer->>OpenID4VC_Controller: requestCredential(body)
OpenID4VC_Controller->>OpenID4VC_Service: requestCredential(agent, body)
OpenID4VC_Service->>Agent: requestAndStoreCredentials(...)
Agent-->>OpenID4VC_Service: credential(s)
OpenID4VC_Service-->>OpenID4VC_Controller: result
OpenID4VC_Controller-->>ExpressServer: result
ExpressServer-->>Client: result
Possibly related issues
Suggested labels
Poem
✨ Finishing Touches
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. 🪧 TipsChatThere are 3 ways to chat with CodeRabbit:
SupportNeed help? Create a ticket on our support page for assistance with any issues or questions. Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (Invoked using PR comments)
Other keywords and placeholders
CodeRabbit Configuration File (
|
Signed-off-by: Tipu_Singh <tipu.singh@ayanworks.com>
|
|
@coderabbitai review |
✅ Actions performedReview triggered.
|
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 34
🔭 Outside diff range comments (6)
src/authentication.ts (1)
20-31: Function returnsundefinedfor all failure paths – callers can’t detect 401
expressAuthenticationonly returns the string'success'; on invalid or missing API keys it silently resolvesundefined, leaving upstream middleware to infer failure. This breaks typical oas-tools expectations (throwing401or returning a rejected promise). Recommend explicit rejection:if (providedApiKey === dynamicApiKey) { return 'success' } + + // Invalid key – trigger 401 for swagger-express-middleware / tsoa style handlers + throw { + status: 401, + message: 'Invalid API key', + } } + + // Header not supplied – same 401 + throw { + status: 401, + message: 'Authorization header missing', + } }Fail-fast behaviour makes the security handler predictable and prevents accidental “pass-through” when chaining middlewares.
src/controllers/proofs/ProofController.ts (1)
275-275: Specify a concrete return type for proofFormDataUsing
Promise<any>bypasses TypeScript’s checks and is causing pipeline failures. Replace it with the actual type returned bythis.agent.proofs.getFormatData, or at minimum useunknownas an interim, then define a proper interface.• File:
src/controllers/proofs/ProofController.ts
Line: thepublic async proofFormData…: Promise<any>signatureSuggested diff:
- // TODO: Add return type - public async proofFormData(@Path('proofRecordId') proofRecordId: string): Promise<any> { + import type { FormatData } from '@aries-framework/core' // adjust import to your library + + // Return the actual format‐data type instead of `any` + public async proofFormData(@Path('proofRecordId') proofRecordId: string): Promise<FormatData> {If the library doesn’t export a suitable type, define one based on the structure of
getFormatData’s response:interface ProofFormData { // …fields matching the returned data } public async proofFormData(...): Promise<ProofFormData> { … }src/controllers/did/DidController.ts (1)
353-353: EnsuredidDocumentuses the properDidDocumenttypeReplace the explicit
anyon line 353 and import the correct type from@credo-ts/core:• File:
src/controllers/did/DidController.ts
– Add at the top with your other type imports:
diff + import type { DidDocument } from '@credo-ts/core'
– Change the declaration on line 353:
diff - let didDocument: any + let didDocument: DidDocumentThis ensures strong typing for the DID document rather than using
any.patches/@credo-ts+core+0.5.15+001+message-type-for-messages.patch (2)
1-44: Consider alternative approaches to patching external dependencies.Patching external dependencies can create maintenance challenges and potential breaking changes when updating packages. The added
messageTypeproperty toPlaintextMessageis marked as required, which could break existing code that doesn't provide this property.Consider these alternatives:
- Fork the dependency and maintain your own version with these changes
- Contribute upstream by submitting a pull request to the @credo-ts/core repository
- Use wrapper functions or adapters to add the message type tracking without modifying the core types
If you must keep the patch, consider making the
messageTypeproperty optional to avoid breaking existing code:- messageType: string; + messageType?: string;
9-9: Potential runtime error: Direct property assignment bypasses type safety.The code directly assigns
messageTypeto theforwardMessageobject without going through the proper constructor or type-safe mechanisms. This could lead to runtime errors or type inconsistencies.Consider modifying the ForwardMessage constructor to accept the messageType parameter properly, or ensure the assignment is type-safe:
- forwardMessage["messageType"] = message['@type']; + forwardMessage.messageType = message['@type'];src/controllers/types.ts (1)
122-122: Replace 'any' types with specific typesMultiple locations use
anytype which reduces type safety. Consider using more specific types.The ESLint pipeline is failing due to
@typescript-eslint/no-explicit-anyrule violations at lines 122, 128, 244, 287, and 320. Consider replacing these with more specific types or usingunknownif the type is truly dynamic.Also applies to: 128-128, 244-244, 287-287, 320-320
🧹 Nitpick comments (22)
src/authentication.ts (1)
33-39: Global mutabledynamicApiKeyis process-wide – consider scopingA module-level mutable variable will be shared across every tenant/request and can be overwritten accidentally.
If multiple clients require distinct keys, store them in a cache keyed by tenant/user, or inject via a config/service rather than a global.This is optional, but improves safety under concurrent loads.
src/utils/constant.ts (1)
1-1: Consider grouping constants or freezing the value
A single-value file can bloat the util folder over time. Either create (or move to) a sharedconstants.tsbarrel or export a frozen object to keep related symbols co-located.-export const X509_CERTIFICATE_RECORD = 'X509_CERTIFICATE' +export const CONSTANTS = Object.freeze({ + X509_CERTIFICATE_RECORD: 'X509_CERTIFICATE', +})src/dto/vCredentialIssuerMetadataDraft14.ts (1)
1-4: Class name & placeholder field need refinement
Starting a class name with lowercasevbreaks PascalCase convention andexampleFieldappears to be a stub. Recommend renaming and fleshing out actual draft-14 properties.-export class vCredentialIssuerMetadataDraft14 { - exampleField?: string -} +/** + * Draft-14 issuer metadata (W3C/OID4VCI) + */ +export class CredentialIssuerMetadataDraft14 { + // TODO: populate with spec-compliant fields + credential_issuer?: string + authorization_server?: string + // ... +}src/utils/logger.ts (1)
92-99: Consider the impact of removing source attributeThe removal of the
sourceattribute from theotelLogger.emitcall reduces static source identification. This might make debugging more difficult in distributed logging scenarios.Consider adding dynamic source identification if needed:
otelLogger.emit({ body: logMessage, severityText: LogLevel[level].toUpperCase(), attributes: { ...(data || {}), ...(errorDetails ? { error: errorDetails } : {}), + ...(this.logger.settings.name ? { source: this.logger.settings.name } : {}), }, })src/controllers/openid4vc/types/holder.types.ts (1)
22-25: Consider implementing or removing the commentedselectedCredentialsfield.The commented field suggests this feature might be planned but not yet implemented. If this is intended functionality, consider adding a TODO comment explaining the implementation timeline. Otherwise, remove the commented code to maintain clarity.
Would you like me to help implement the
selectedCredentialsfunctionality or create an issue to track this TODO?src/cliAgent.ts (1)
414-428: Remove commented code block.This large block of commented code appears to be an old implementation. Clean up the codebase by removing it.
src/utils/oid4vc-agent.ts (4)
39-41: Improve error message specificity.The error message should specify which field is missing to help with debugging.
Apply this diff:
- if (!issuerDid && !issuerx509certificate) { - throw new Error('Either issuerDid or issuerx509certificate must be provided') - } + if (!issuerDid && !issuerx509certificate) { + throw new Error('Either issuerDid or issuerx509certificate must be provided in issuanceMetadata') + }
126-126: Remove commented debug statement.
145-150: Clean up commented code in credential payload.Multiple lines of commented code suggest incomplete refactoring. Either implement the functionality or remove these comments for clarity.
Also applies to: 157-157, 161-161, 165-165
213-217: Remove or implement the commented function.This appears to be a placeholder for future functionality. Either implement it or remove it to avoid confusion.
src/controllers/openid4vc/issuers/issuer.service.ts (1)
13-15: Review console logging in production code.The console.log statement with ESLint disable comment suggests this might be temporary debugging code. Consider using a proper logging framework instead.
-// eslint-disable-next-line no-console -console.log(`\nIssuer URL: ${issuerMetadata.credentialIssuer.credential_issuer}`) +// Consider using a proper logging framework +logger.info(`Issuer URL: ${issuerMetadata.credentialIssuer.credential_issuer}`)src/controllers/openid4vc/issuance-sessions/issuance-sessions.service.ts (2)
45-45: Address the TODO comment for type fixThe commented TODO indicates incomplete type handling that should be addressed.
Would you like me to help fix the type issue for
OpenId4VciCredentialFormatProfileor open an issue to track this?
141-141: Fix typo in documentation- * deletes ann issuance session by id + * deletes an issuance session by idsrc/controllers/openid4vc/holder/holder.service.ts (1)
39-47: Fix typo in function name.The function name contains a typo.
-function recursivelyMapAttribues(value: unknown): MappedAttributesReturnType { +function recursivelyMapAttributes(value: unknown): MappedAttributesReturnType { if (value === null || value === undefined || typeof value === 'number' || typeof value === 'boolean') return value if (typeof value === 'string') return value if (value instanceof Map) { - return Object.fromEntries(Array.from(value.entries()).map(([key, value]) => [key, recursivelyMapAttribues(value)])) + return Object.fromEntries(Array.from(value.entries()).map(([key, value]) => [key, recursivelyMapAttributes(value)])) } - if (Array.isArray(value)) return value.map(recursivelyMapAttribues) - return Object.fromEntries(Object.entries(value).map(([key, value]) => [key, recursivelyMapAttribues(value)])) + if (Array.isArray(value)) return value.map(recursivelyMapAttributes) + return Object.fromEntries(Object.entries(value).map(([key, value]) => [key, recursivelyMapAttributes(value)])) }src/controllers/openid4vc/types/issuer.types.ts (1)
107-122: Consider using TypeScript utility types to reduce duplication.
UpdateIssuerRecordOptionsduplicates properties fromCreateIssuerOptions. Consider usingOmitorPickutility types for better maintainability.-export interface UpdateIssuerRecordOptions { - display?: CredentialDisplay[] - dpopSigningAlgValuesSupported?: string[] - credentialConfigurationsSupported: Record<string, CredentialConfigurationSupportedWithFormats> - batchCredentialIssuance?: BatchCredentialIssuanceOptions -} +export interface UpdateIssuerRecordOptions extends Omit<CreateIssuerOptions, 'issuerId' | 'accessTokenSignerKeyType' | 'authorizationServerConfigs'> {}src/controllers/openid4vc/types/verifier.types.ts (7)
1-1: Reconsider disabling explicit member accessibility rule.The ESLint disable comment removes type safety benefits. Consider enabling explicit member accessibility to improve code clarity and maintainability.
-/* eslint-disable @typescript-eslint/explicit-member-accessibility */
20-56: Consider using more descriptive interface names.The current naming pattern (
JwtObject,LdpObject, etc.) could be more descriptive to indicate their purpose within the OpenID4VC context.-export interface JwtObject { +export interface JwtFormatDescriptor { alg: string[] } -export interface LdpObject { +export interface LdpFormatDescriptor { proof_type: string[] }
34-36: Consider using consistent naming conventions.The property names use kebab-case within quotes, which is unconventional for TypeScript interfaces. Consider using camelCase with appropriate mapping if needed.
export interface SdJwtObject { - 'sd-jwt_alg_values'?: string[] - 'kb-jwt_alg_values'?: string[] + sdJwtAlgValues?: string[] + kbJwtAlgValues?: string[] }
54-54: Consider consistent property naming.The property name
'vc+sd-jwt'uses unconventional characters for TypeScript. Consider using a more standard naming approach.- 'vc+sd-jwt'?: SdJwtObject + vcSdJwt?: SdJwtObject
107-107: Consider more specific typing fornotproperty.The
notproperty usesRecord<string, unknown>which is quite broad. Consider using a more specific type if the structure is known.- not?: Record<string, unknown> + not?: FilterV2
167-170: Consider using interfaces instead of classes for data structures.Classes are typically used for behavior, while interfaces are better for pure data structures. These appear to be configuration objects without methods.
-export class OpenId4VcSiopVerifierClientMetadata { - client_name?: string - logo_uri?: string -} +export interface OpenId4VcSiopVerifierClientMetadata { + client_name?: string + logo_uri?: string +}
172-175: Consider using interfaces for option types.Similar to the previous comment, option types are typically better represented as interfaces unless they need constructor logic.
-export class OpenId4VcSiopCreateVerifierOptions { - verifierId?: string - clientMetadata?: OpenId4VcSiopVerifierClientMetadata -} +export interface OpenId4VcSiopCreateVerifierOptions { + verifierId?: string + clientMetadata?: OpenId4VcSiopVerifierClientMetadata +}
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
⛔ Files ignored due to path filters (1)
yarn.lockis excluded by!**/yarn.lock,!**/*.lock
📒 Files selected for processing (56)
.eslintrc.js(0 hunks).github/workflows/continuous-delivery.yml(0 hunks).github/workflows/continuous-integration.yml(1 hunks)README.md(1 hunks)bin/afj-rest.js(1 hunks)eslint.config.mjs(1 hunks)package.json(1 hunks)patches/@credo-ts+core+0.5.1+001+initial.patch(0 hunks)patches/@credo-ts+core+0.5.15+001+message-type-for-messages.patch(2 hunks)patches/@credo-ts+core+0.5.3+002+fix-process-problem-report.patch(0 hunks)patches/@credo-ts+core+0.5.3+006+w3c-issuance-without-holder-did-negotiaton.patch(0 hunks)src/authentication.ts(1 hunks)src/cli.ts(3 hunks)src/cliAgent.ts(12 hunks)src/controllers/agent/AgentController.ts(1 hunks)src/controllers/basic-messages/BasicMessageController.ts(1 hunks)src/controllers/connections/ConnectionController.ts(2 hunks)src/controllers/credentials/CredentialController.ts(2 hunks)src/controllers/credentials/CredentialDefinitionController.ts(5 hunks)src/controllers/credentials/SchemaController.ts(2 hunks)src/controllers/did/DidController.ts(2 hunks)src/controllers/endorser-transaction/EndorserTransactionController.ts(7 hunks)src/controllers/multi-tenancy/MultiTenancyController.ts(42 hunks)src/controllers/openid4vc/holder/holder.Controller.ts(1 hunks)src/controllers/openid4vc/holder/holder.service.ts(1 hunks)src/controllers/openid4vc/issuance-sessions/issuance-sessions.Controller.ts(1 hunks)src/controllers/openid4vc/issuance-sessions/issuance-sessions.service.ts(1 hunks)src/controllers/openid4vc/issuers/issuer.Controller.ts(1 hunks)src/controllers/openid4vc/issuers/issuer.service.ts(1 hunks)src/controllers/openid4vc/types/holder.types.ts(1 hunks)src/controllers/openid4vc/types/issuer.types.ts(1 hunks)src/controllers/openid4vc/types/verifier.types.ts(1 hunks)src/controllers/openid4vc/verifier-sessions/verification-sessions.Controller.ts(1 hunks)src/controllers/openid4vc/verifier-sessions/verification-sessions.service.ts(1 hunks)src/controllers/openid4vc/verifiers/verifier.Controller.ts(1 hunks)src/controllers/openid4vc/verifiers/verifier.service.ts(1 hunks)src/controllers/outofband/OutOfBandController.ts(6 hunks)src/controllers/polygon/PolygonController.ts(4 hunks)src/controllers/proofs/ProofController.ts(2 hunks)src/controllers/question-answer/QuestionAnswerController.ts(3 hunks)src/controllers/types.ts(3 hunks)src/dto/vCredentialIssuerMetadataDraft14.ts(1 hunks)src/enums/enum.ts(1 hunks)src/events/CredentialEvents.ts(1 hunks)src/events/QuestionAnswerEvents.ts(1 hunks)src/events/WebhookEvent.ts(1 hunks)src/index.ts(0 hunks)src/routes/routes.ts(24 hunks)src/securityMiddleware.ts(1 hunks)src/utils/TsyringeAdapter.ts(1 hunks)src/utils/constant.ts(1 hunks)src/utils/logger.ts(5 hunks)src/utils/oid4vc-agent.ts(1 hunks)src/utils/tsyringeTsoaIocContainer.ts(1 hunks)tsconfig.build.json(1 hunks)tsconfig.eslint.json(1 hunks)
💤 Files with no reviewable changes (6)
- .github/workflows/continuous-delivery.yml
- src/index.ts
- patches/@credo-ts+core+0.5.1+001+initial.patch
- patches/@credo-ts+core+0.5.3+006+w3c-issuance-without-holder-did-negotiaton.patch
- .eslintrc.js
- patches/@credo-ts+core+0.5.3+002+fix-process-problem-report.patch
🧰 Additional context used
🧠 Learnings (8)
src/controllers/credentials/CredentialController.ts (1)
Learnt from: GHkrishna
PR: credebl/credo-controller#281
File: src/authentication.ts:0-0
Timestamp: 2025-07-09T11:14:49.346Z
Learning: In the credo-controller project, the team prefers JWT token cache to not expire (no TTL) for their authentication implementation in src/authentication.ts.
package.json (1)
Learnt from: GHkrishna
PR: credebl/credo-controller#281
File: src/authentication.ts:0-0
Timestamp: 2025-07-09T11:14:49.346Z
Learning: In the credo-controller project, the team prefers JWT token cache to not expire (no TTL) for their authentication implementation in src/authentication.ts.
src/controllers/multi-tenancy/MultiTenancyController.ts (1)
Learnt from: GHkrishna
PR: credebl/credo-controller#281
File: src/authentication.ts:0-0
Timestamp: 2025-07-09T11:14:49.346Z
Learning: In the credo-controller project, the team prefers JWT token cache to not expire (no TTL) for their authentication implementation in src/authentication.ts.
src/controllers/did/DidController.ts (1)
Learnt from: GHkrishna
PR: credebl/credo-controller#281
File: src/authentication.ts:0-0
Timestamp: 2025-07-09T11:14:49.346Z
Learning: In the credo-controller project, the team prefers JWT token cache to not expire (no TTL) for their authentication implementation in src/authentication.ts.
src/controllers/credentials/CredentialDefinitionController.ts (1)
Learnt from: GHkrishna
PR: credebl/credo-controller#281
File: src/authentication.ts:0-0
Timestamp: 2025-07-09T11:14:49.346Z
Learning: In the credo-controller project, the team prefers JWT token cache to not expire (no TTL) for their authentication implementation in src/authentication.ts.
src/controllers/openid4vc/issuers/issuer.Controller.ts (1)
Learnt from: GHkrishna
PR: credebl/credo-controller#281
File: src/authentication.ts:0-0
Timestamp: 2025-07-09T11:14:49.346Z
Learning: In the credo-controller project, the team prefers JWT token cache to not expire (no TTL) for their authentication implementation in src/authentication.ts.
src/controllers/openid4vc/holder/holder.Controller.ts (1)
Learnt from: GHkrishna
PR: credebl/credo-controller#281
File: src/authentication.ts:0-0
Timestamp: 2025-07-09T11:14:49.346Z
Learning: In the credo-controller project, the team prefers JWT token cache to not expire (no TTL) for their authentication implementation in src/authentication.ts.
src/controllers/openid4vc/holder/holder.service.ts (1)
Learnt from: GHkrishna
PR: credebl/credo-controller#281
File: src/authentication.ts:0-0
Timestamp: 2025-07-09T11:14:49.346Z
Learning: In the credo-controller project, the team prefers JWT token cache to not expire (no TTL) for their authentication implementation in src/authentication.ts.
🧬 Code Graph Analysis (16)
src/controllers/multi-tenancy/MultiTenancyController.ts (2)
src/controllers/endorser-transaction/EndorserTransactionController.ts (1)
endorserTransaction(32-49)src/controllers/types.ts (7)
EndorserTransaction(345-348)RecipientKeyOption(373-375)WriteTransaction(356-372)CreateProofRequestOobOptions(126-138)CustomW3cJsonLdSignCredentialOptions(438-440)SignDataOptions(397-403)SafeW3cJsonLdVerifyCredentialOptions(424-427)
src/controllers/endorser-transaction/EndorserTransactionController.ts (2)
src/controllers/multi-tenancy/MultiTenancyController.ts (1)
endorserTransaction(616-633)src/controllers/types.ts (1)
WriteTransaction(356-372)
src/cli.ts (1)
src/cliAgent.ts (1)
Transports(67-67)
src/controllers/credentials/CredentialDefinitionController.ts (1)
src/controllers/examples.ts (1)
CredentialDefinitionId(35-35)
src/controllers/openid4vc/verifiers/verifier.service.ts (3)
src/cliAgent.ts (2)
RestMultiTenantAgentModules(120-120)RestAgentModules(122-122)src/controllers/openid4vc/types/verifier.types.ts (2)
OpenId4VcSiopCreateVerifierOptions(172-175)OpenId4VcUpdateVerifierRecordOptions(177-180)src/controllers/openid4vc/issuers/issuer.service.ts (1)
issuerService(56-56)
src/controllers/openid4vc/verifier-sessions/verification-sessions.service.ts (2)
src/cliAgent.ts (2)
RestMultiTenantAgentModules(120-120)RestAgentModules(122-122)src/controllers/openid4vc/types/verifier.types.ts (1)
CreateAuthorizationRequest(160-165)
src/controllers/openid4vc/issuance-sessions/issuance-sessions.service.ts (4)
src/controllers/openid4vc/types/issuer.types.ts (2)
OpenId4VcIssuanceSessionsCreateOffer(16-39)X509GenericRecord(46-49)src/cliAgent.ts (2)
RestMultiTenantAgentModules(120-120)RestAgentModules(122-122)src/errors/errors.ts (2)
BadRequestError(102-102)NotFoundError(101-101)src/utils/constant.ts (1)
X509_CERTIFICATE_RECORD(1-1)
src/controllers/outofband/OutOfBandController.ts (1)
src/controllers/types.ts (3)
CreateInvitationOptions(328-342)RecipientKeyOption(373-375)AcceptInvitationConfig(198-205)
src/utils/oid4vc-agent.ts (2)
src/controllers/openid4vc/types/issuer.types.ts (1)
OpenId4VcIssuanceSessionCreateOfferSdJwtCredentialOptions(6-14)src/controllers/types.ts (1)
DisclosureFrame(485-487)
src/controllers/openid4vc/issuers/issuer.service.ts (2)
src/cliAgent.ts (2)
RestMultiTenantAgentModules(120-120)RestAgentModules(122-122)src/controllers/openid4vc/verifiers/verifier.service.ts (1)
issuerService(55-55)
src/controllers/openid4vc/issuers/issuer.Controller.ts (4)
src/controllers/openid4vc/issuance-sessions/issuance-sessions.Controller.ts (1)
Tags(14-118)src/controllers/openid4vc/verifiers/verifier.Controller.ts (1)
Tags(7-63)src/controllers/openid4vc/issuers/issuer.service.ts (1)
issuerService(56-56)src/controllers/openid4vc/types/issuer.types.ts (1)
UpdateIssuerRecordOptions(117-122)
src/controllers/types.ts (1)
src/controllers/examples.ts (2)
RecordId(20-20)Did(25-25)
src/controllers/openid4vc/holder/holder.Controller.ts (2)
src/controllers/openid4vc/holder/holder.service.ts (1)
HolderService(49-225)src/controllers/openid4vc/types/holder.types.ts (4)
ResolveCredentialOfferBody(1-3)AuthorizeRequestCredentialOffer(13-16)RequestCredentialBody(5-11)ResolveProofRequest(18-20)
src/controllers/openid4vc/holder/holder.service.ts (1)
src/controllers/openid4vc/types/holder.types.ts (4)
ResolveCredentialOfferBody(1-3)AuthorizeRequestCredentialOffer(13-16)RequestCredentialBody(5-11)ResolveProofRequest(18-20)
src/controllers/openid4vc/verifier-sessions/verification-sessions.Controller.ts (2)
src/controllers/openid4vc/types/verifier.types.ts (1)
CreateAuthorizationRequest(160-165)src/controllers/openid4vc/verifier-sessions/verification-sessions.service.ts (1)
verificationSessionService(109-109)
src/controllers/openid4vc/types/issuer.types.ts (1)
src/utils/oid4vc-agent.ts (1)
OpenId4VcIssuanceSessionCreateOfferSdJwtCredentialOptions(218-272)
🪛 GitHub Actions: Continuous Integration
src/authentication.ts
[warning] 12-12: ESLint: Unexpected any. Specify a different type (@typescript-eslint/no-explicit-any)
src/controllers/multi-tenancy/MultiTenancyController.ts
[warning] 1-1: ESLint: Unused eslint-disable directive (no problems were reported from 'prettier/prettier')
[warning] 384-384: ESLint: Unexpected any. Specify a different type (@typescript-eslint/no-explicit-any)
[warning] 439-439: ESLint: Unexpected any. Specify a different type (@typescript-eslint/no-explicit-any)
[warning] 474-474: ESLint: Unexpected any. Specify a different type (@typescript-eslint/no-explicit-any)
[warning] 808-808: ESLint: Unexpected any. Specify a different type (@typescript-eslint/no-explicit-any)
[warning] 809-809: ESLint: Unexpected any. Specify a different type (@typescript-eslint/no-explicit-any)
[warning] 843-843: ESLint: Unexpected any. Specify a different type (@typescript-eslint/no-explicit-any)
[warning] 878-878: ESLint: Unexpected any. Specify a different type (@typescript-eslint/no-explicit-any)
[warning] 949-949: ESLint: Unexpected any. Specify a different type (@typescript-eslint/no-explicit-any)
[warning] 1179-1179: ESLint: Unexpected any. Specify a different type (@typescript-eslint/no-explicit-any)
[warning] 1258-1258: ESLint: Unexpected any. Specify a different type (@typescript-eslint/no-explicit-any)
[warning] 1437-1437: ESLint: Unexpected any. Specify a different type (@typescript-eslint/no-explicit-any)
[warning] 1468-1468: ESLint: Unexpected any. Specify a different type (@typescript-eslint/no-explicit-any)
[warning] 1469-1469: ESLint: Unexpected any. Specify a different type (@typescript-eslint/no-explicit-any)
[warning] 1689-1689: ESLint: Unexpected any. Specify a different type (@typescript-eslint/no-explicit-any)
[warning] 1955-1955: ESLint: Unexpected any. Specify a different type (@typescript-eslint/no-explicit-any)
[warning] 2025-2025: ESLint: Unexpected any. Specify a different type (@typescript-eslint/no-explicit-any)
src/controllers/proofs/ProofController.ts
[warning] 275-275: ESLint: Unexpected any. Specify a different type (@typescript-eslint/no-explicit-any)
src/controllers/polygon/PolygonController.ts
[warning] 56-56: ESLint: Unexpected any. Specify a different type (@typescript-eslint/no-explicit-any)
[warning] 110-110: ESLint: Unexpected any. Specify a different type (@typescript-eslint/no-explicit-any)
[warning] 111-111: ESLint: Unexpected any. Specify a different type (@typescript-eslint/no-explicit-any)
src/controllers/did/DidController.ts
[warning] 353-353: ESLint: Unexpected any. Specify a different type (@typescript-eslint/no-explicit-any)
src/controllers/openid4vc/verifier-sessions/verification-sessions.service.ts
[warning] 89-89: ESLint: Unexpected any. Specify a different type (@typescript-eslint/no-explicit-any)
src/cliAgent.ts
[warning] 436-436: ESLint: Unexpected any. Specify a different type (@typescript-eslint/no-explicit-any)
[warning] 437-437: ESLint: Unexpected any. Specify a different type (@typescript-eslint/no-explicit-any)
src/controllers/openid4vc/issuers/issuer.service.ts
[warning] 9-9: ESLint: Unexpected any. Specify a different type (@typescript-eslint/no-explicit-any)
[warning] 21-21: ESLint: Unexpected any. Specify a different type (@typescript-eslint/no-explicit-any)
src/controllers/openid4vc/issuers/issuer.Controller.ts
[warning] 38-38: ESLint: Unexpected any. Specify a different type (@typescript-eslint/no-explicit-any)
src/controllers/types.ts
[warning] 122-122: ESLint: Unexpected any. Specify a different type (@typescript-eslint/no-explicit-any)
[warning] 128-128: ESLint: Unexpected any. Specify a different type (@typescript-eslint/no-explicit-any)
[warning] 244-244: ESLint: Unexpected any. Specify a different type (@typescript-eslint/no-explicit-any)
[warning] 287-287: ESLint: Unexpected any. Specify a different type (@typescript-eslint/no-explicit-any)
[warning] 320-320: ESLint: Unexpected any. Specify a different type (@typescript-eslint/no-explicit-any)
src/controllers/openid4vc/issuance-sessions/issuance-sessions.Controller.ts
[warning] 46-46: ESLint: Unexpected any. Specify a different type (@typescript-eslint/no-explicit-any)
src/controllers/openid4vc/holder/holder.service.ts
[warning] 141-141: ESLint: Unexpected any. Specify a different type (@typescript-eslint/no-explicit-any)
[warning] 156-156: ESLint: Unexpected any. Specify a different type (@typescript-eslint/no-explicit-any)
src/controllers/openid4vc/types/verifier.types.ts
[warning] 135-135: ESLint: Unexpected any. Specify a different type (@typescript-eslint/no-explicit-any)
src/controllers/openid4vc/types/issuer.types.ts
[warning] 94-94: ESLint: Unexpected any. Specify a different type (@typescript-eslint/no-explicit-any)
🪛 GitHub Check: Validate
src/cliAgent.ts
[warning] 437-437:
Unexpected any. Specify a different type
[warning] 436-436:
Unexpected any. Specify a different type
🪛 Gitleaks (8.26.0)
src/controllers/types.ts
490-490: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.
(generic-api-key)
🔇 Additional comments (50)
src/events/CredentialEvents.ts (1)
31-32: Trailing comma fix restores valid syntaxAdding the comma cleanly closes the callback argument list and eliminates the syntax error observed in previous builds/tests. No further action needed.
src/events/QuestionAnswerEvents.ts (1)
32-33: Comma insertion prevents parse errorSame minor syntax correction as elsewhere in the event modules—looks good.
tsconfig.build.json (1)
29-30: No functional impactOnly a trailing newline was added; nothing to review.
README.md (1)
134-135: Formatting-only tweakThe extra comma in the example keeps the argument list style consistent with codebase conventions—no issues.
src/securityMiddleware.ts (1)
26-28: Minor style correction acknowledgedThe trailing comma after the predicate function is syntactically harmless and conforms to the repo’s prettier settings.
src/controllers/agent/AgentController.ts (1)
4-6: Imports correctly consolidated – good cleanup
Merging the TSOA decorators into the main import block removes the redundant secondary statement and improves readability. No functional impact observed.tsconfig.eslint.json (1)
6-8: No remaining legacy alias references detected
Ran the following search to confirm all imports have been updated fromafj-controller/*tocredo-controller/*:rg --line-number --pretty $'from ['"'"'"]afj-controller/'No matches were found—every import now uses the new
credo-controller/*alias. ESLint-driven type-checking in CI should pass without issues.src/enums/enum.ts (1)
75-78: Enum addition looks good
SignerMethodaligns with the new OpenID4VC flow and follows the existing naming convention.src/controllers/basic-messages/BasicMessageController.ts (1)
5-5: LGTM! Import consolidation improves code organization.The consolidation of TSOA decorators into a single import statement follows best practices for import organization and enhances code readability.
src/controllers/credentials/CredentialController.ts (2)
17-17: LGTM! Import consolidation improves code organization.The consolidation of TSOA decorators into a single import statement follows best practices for import organization and enhances code readability.
60-60: LGTM! Trailing comma addition improves maintainability.The addition of a trailing comma to the last parameter follows best practices and makes future parameter additions cleaner in version control.
src/controllers/connections/ConnectionController.ts (2)
5-5: LGTM! Import reordering improves code organization.Moving the TSOA decorator import to follow the core imports creates better logical grouping and improves code organization.
41-41: LGTM! Trailing comma addition improves maintainability.The addition of a trailing comma to the last parameter follows best practices and makes future parameter additions cleaner in version control.
src/controllers/credentials/SchemaController.ts (2)
5-5: LGTM! Import reordering improves code organization.Moving the TSOA decorator import to follow the core imports creates better logical grouping and improves code organization.
120-120: LGTM! Trailing comma addition improves maintainability.The addition of a trailing comma to the function call argument follows best practices and makes future argument additions cleaner in version control.
src/events/WebhookEvent.ts (1)
5-5: LGTM! Dynamic import is necessary for node-fetch v3 compatibility.The change from static import to dynamic import is required for node-fetch v3, which is ESM-only. The implementation correctly uses
.defaultto access the default export from the ES module. This approach maintains compatibility while supporting the upgraded node-fetch version.bin/afj-rest.js (1)
2-9: Good modernization to async module loading!The change from synchronous
require()to asynchronousimport()is a good improvement. The error handling is properly implemented with clear error messages and appropriate exit codes.src/controllers/proofs/ProofController.ts (2)
10-10: Import reorganization improves code structure.Moving the TSOA imports to an earlier position improves import organization and consistency across the codebase.
227-227: Good addition of trailing comma for consistency.The trailing comma addition aligns with the broader code style improvements in this PR.
src/controllers/did/DidController.ts (2)
14-14: Import reorganization improves consistency.Moving the TSOA imports to an earlier position aligns with the broader code style improvements across the codebase.
128-128: Good addition of trailing commas.The trailing comma additions improve code consistency and make future diffs cleaner.
Also applies to: 136-136
src/controllers/outofband/OutOfBandController.ts (2)
21-21: Import reorganization aligns with codebase standards.Moving the TSOA imports to an earlier position is consistent with the broader code style improvements across the controller files.
96-96: Trailing comma additions improve code consistency.The trailing comma additions across multiple parameter lists enhance code maintainability and align with modern JavaScript/TypeScript best practices.
Also applies to: 119-119, 153-153, 207-207, 292-292, 297-297
src/controllers/endorser-transaction/EndorserTransactionController.ts (2)
11-11: Import reorganization maintains consistency.Moving the TSOA imports to an earlier position is consistent with the broader code style improvements across the codebase.
42-42: Trailing comma additions enhance code maintainability.The trailing comma additions across parameter lists and function calls improve code consistency and make future diffs cleaner.
Also applies to: 73-73, 79-79, 85-85, 103-103, 135-135, 151-151, 180-180
src/controllers/question-answer/QuestionAnswerController.ts (2)
6-6: Good import consolidation.The import statement consolidation improves readability and follows best practices for organizing imports.
39-39: Consistent trailing comma formatting.The addition of trailing commas in parameter lists improves consistency and makes future parameter additions cleaner in diffs.
Also applies to: 69-69
src/controllers/polygon/PolygonController.ts (2)
8-8: Good import consolidation.The import statement consolidation improves readability and follows best practices for organizing imports.
57-57: Consistent formatting improvements.The addition of trailing commas and the missing comma fix improve code consistency and formatting.
Also applies to: 74-74, 112-112
.github/workflows/continuous-integration.yml (3)
5-7: Good infrastructure modernizationAdding the
developbranch to the CI triggers is a sensible change for development workflows. This allows the team to run CI checks on both main and develop branches.
22-25: Node.js version upgrade looks goodThe upgrade from Node.js 18.19.0 to 20 aligns with current LTS versions and the action update to v4 is appropriate for the newer Node.js version.
16-16: Verify Ubuntu 24.04 compatibilityWe didn’t find any Ubuntu-specific configs in the repo, but upgrading the runner can still introduce subtle breaks. Please manually confirm:
- The GitHub Actions runner label
ubuntu-24.04is officially supported.- All
apt-get installcommands (or other package managers) reference packages available in Ubuntu 24.04.- Any Dockerfiles or base images you use also support 24.04.
src/controllers/multi-tenancy/MultiTenancyController.ts (2)
4-9: Import organization improvementsThe reorganization of imports and addition of trailing commas improves code consistency and readability.
63-63: TSOA import consolidationGood consolidation of TSOA decorator imports into a single import statement for better organization.
package.json (3)
38-38: Lint script simplificationThe simplification of the lint script from
eslint --ignore-path .gitignore .to justeslintis good, assuming the ESLint configuration properly handles file patterns.
117-120: Resolutions field additionThe addition of the resolutions field ensures consistent versions of core dependencies across the dependency tree, which is good for avoiding version conflicts.
48-48: OpenID4VC Dependency Confirmed in UseThe
@credo-ts/openid4vcpackage is actively imported and utilized across the codebase. No unused dependency concerns.Key usage locations:
- src/cliAgent.ts
– ImportsOpenId4VcIssuerModule,OpenId4VcVerifierModuleand configures routers- src/utils/oid4vc-agent.ts
– ImplementsgetCredentialRequestToCredentialMapperwith multiple OpenID4VC credential formats- src/routes/routes.ts
– Exposes OpenID4VC API routes for issuance-sessions, issuers, verifiers, and holders- Controllers & Services
–controllers/openid4vc/issuers,verifiers,issuance-sessions,verification-sessions, andholdermodules all invokeagent.modules.openId4Vc*methods- Type Definitions
– Multiple interfaces (e.g.OpenId4VcIssuanceSessionsCreateOffer,OpenId4VcSiopCreateVerifierOptions) declared and used throughoutNo further action required—the dependency is correctly integrated and in active use.
src/utils/logger.ts (2)
29-29: Improved constructor flexibilityThe change from a fixed
serviceNameparameter to an optionalnameparameter makes the logger more flexible and reusable across different services.
34-34: Dynamic log level configurationUsing the instance's
logLevelproperty instead of the constructor parameter for determining the minimum log level is a good improvement for consistency.src/controllers/credentials/CredentialDefinitionController.ts (2)
6-6: TSOA import consolidationGood consolidation of TSOA decorator imports into a single import statement, consistent with similar changes across other controllers.
36-36: Consistent formatting improvementsThe addition of trailing commas and multiline formatting for async calls improves code readability and consistency across the codebase.
Also applies to: 39-40, 79-79, 108-109, 128-129, 133-133
src/cliAgent.ts (1)
435-438: Ensure Express router types on OID4VC endpointsThe current code in
src/cliAgent.ts(lines 435–438) bypasses TypeScript checking by usingany:if (transport instanceof HttpInboundTransport) { transport.app.use('/oid4vci', modules.openId4VcIssuer.config.router as any) transport.app.use('/oid4vp', modules.openId4VcVerifier.config.router as any) }After confirming that
config.routerimplementsexpress.RequestHandler(orexpress.Router), update the casts:- transport.app.use('/oid4vci', modules.openId4VcIssuer.config.router as any) - transport.app.use('/oid4vp', modules.openId4VcVerifier.config.router as any) + transport.app.use('/oid4vci', modules.openId4VcIssuer.config.router as RequestHandler) + transport.app.use('/oid4vp', modules.openId4VcVerifier.config.router as RequestHandler)Or, if it’s actually an
express.Routerinstance:import type { Router } from 'express' // … transport.app.use('/oid4vci', modules.openId4VcIssuer.config.router as Router) transport.app.use('/oid4vp', modules.openId4VcVerifier.config.router as Router)Please verify the exact type of
config.routerin@credo-ts/openid4vcand adjust the casts accordingly.src/cli.ts (1)
1-6: Clean code refactoring looks good!The formatting improvements enhance readability:
- Adding
.jsextensions for ESM compatibility- Using
hideBinhelper as recommended by yargs- Simplifying validation with
array.includes()- Consistent single-line formatting for simple options
Also applies to: 56-56, 72-75, 79-80, 107-107, 121-121, 133-133
src/controllers/openid4vc/verifiers/verifier.service.ts (1)
7-53: Well-structured service class with appropriate separation of concerns.The service methods correctly delegate to the agent's OpenID4VC verifier module and use the dependency manager for repository operations. The type signatures are properly defined with union types for different agent module configurations.
src/controllers/openid4vc/issuers/issuer.Controller.ts (1)
27-108: Well-structured controller with consistent error handling.The controller follows good patterns with proper dependency injection, route decorators, and consistent error handling using
ErrorHandlingService.handle(). The method delegation to the service layer is appropriate.eslint.config.mjs (1)
1-93: Successful ESLint configuration migration to ES module format.The migration from
.eslintrc.jstoeslint.config.mjsis well-executed, preserving all existing rules while adopting the new configuration format. The file-specific overrides for config files and test files are properly maintained.src/controllers/openid4vc/verifier-sessions/verification-sessions.service.ts (1)
73-98: Well-structured presentation format handling.The logic for processing different presentation formats (JSON-LD, JWT, SD-JWT) is well-implemented with proper type checking and format-specific property extraction.
src/controllers/openid4vc/verifier-sessions/verification-sessions.Controller.ts (1)
11-14: Consider adding security decorator for consistencyUnlike
IssuanceSessionsController, this controller lacks the@Security('apiKey')decorator. Verify if this is intentional.If API key authentication is required for verification sessions, add:
@Tags('oid4vc verification sessions') @Route('/openid4vc/verification-sessions') +@Security('apiKey') @injectable()src/routes/routes.ts (1)
5658-5687: Critical Security Issue: Missing Authentication on VerifierController and HolderControllerThe Verifier and Holder controllers lack the
@Security('apiKey')decorator at the class level, so TSOA did not injectauthenticateMiddlewareinto their routes. All other OID4VC controllers (e.g., IssuerController) are properly secured.Actions required:
- Add a class-level
@Security('apiKey')decorator above the@Routeon each controller:
- src/controllers/openid4vc/verifiers/verifier.Controller.ts
@Tags('oid4vc verifiers') @Security('apiKey') @Route('openid4vc/verifier') export class VerifierController { … }- src/controllers/openid4vc/holder/holder.Controller.ts
@Tags('oid4vc holders') @Security('apiKey') @Route('openid4vc/holder') export class HolderController { … }- Re-run TSOA to regenerate
src/routes/routes.tsso that all/openid4vc/verifier/*and/openid4vc/holder/*endpoints includeauthenticateMiddleware([{"apiKey":[]}]).fix_required
src/controllers/openid4vc/types/verifier.types.ts (1)
149-154: Unable to locate external type definition – please verify compatibilityWe tried to find the
DifPresentationExchangeDefinitionV2declaration innode_modules/@credo-ts/core, but the package’s source isn’t present locally. Before merging, ensure that extending the external interface with these fields won’t break compatibility:
- format?: Format
- submission_requirements?: SubmissionRequirementModel[]
- input_descriptors: InputDescriptorV2Model[]
- frame?: object
• Confirm that the upstream
DifPresentationExchangeDefinitionV2allows these extensions (e.g., no required properties are overridden).
• If necessary, adjust the external package’s type or add corresponding upstream definitions.
| secMethod?: { [key: string]: any }, | ||
| scopes?: string | ||
| scopes?: string, | ||
| ) { | ||
| const logger = new TsLogger(LogLevel.info) |
There was a problem hiding this comment.
🛠️ Refactor suggestion
Replace any with a safer, lint-compliant type
CI fails on @typescript-eslint/no-explicit-any. Unless the OpenAPI generator mandates any, switch to a structural type (e.g. Record<string, unknown>) or unknown to satisfy the linter and avoid implicit-any hazards.
- secMethod?: { [key: string]: any },
+ secMethod?: Record<string, unknown>,If the object is expected to hold primitives only, narrow the value type accordingly (e.g. string | number | boolean).
📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| secMethod?: { [key: string]: any }, | |
| scopes?: string | |
| scopes?: string, | |
| ) { | |
| secMethod?: Record<string, unknown>, | |
| scopes?: string, | |
| ) { |
🧰 Tools
🪛 GitHub Check: Validate
[warning] 12-12:
Unexpected any. Specify a different type
🪛 GitHub Actions: Continuous Integration
[warning] 12-12: ESLint: Unexpected any. Specify a different type (@typescript-eslint/no-explicit-any)
🤖 Prompt for AI Agents
In src/authentication.ts around lines 12 to 14, replace the type annotation for
secMethod from { [key: string]: any } to a safer type such as Record<string,
unknown> or a more specific structural type that fits the expected data. This
change will satisfy the @typescript-eslint/no-explicit-any lint rule and improve
type safety by avoiding implicit any usage.
| get: <T>(controller: any): T => { | ||
| return container.resolve<T>(controller) |
There was a problem hiding this comment.
🛠️ Refactor suggestion
Type safety degradation: Consider maintaining strict typing.
Changing the parameter type from Parameters<IocContainer['get']>[0] to any reduces type safety and could lead to runtime errors. This change might mask underlying type compatibility issues that should be addressed properly.
Consider these alternatives:
- Fix the root cause of the type compatibility issue instead of using
any - Use a more specific type that accurately represents the expected controller types
- Add runtime type checking if dynamic typing is necessary
- get: <T>(controller: any): T => {
+ get: <T>(controller: new (...args: any[]) => T): T => {Or maintain the original typing and fix the underlying issue:
- get: <T>(controller: any): T => {
+ get: <T>(controller: Parameters<IocContainer['get']>[0]): T => {
- return container.resolve<T>(controller)
+ return container.resolve<T>(controller as any)📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| get: <T>(controller: any): T => { | |
| return container.resolve<T>(controller) | |
| get: <T>(controller: new (...args: any[]) => T): T => { | |
| return container.resolve<T>(controller) |
🤖 Prompt for AI Agents
In src/utils/TsyringeAdapter.ts around lines 6 to 7, the parameter type for the
get method is currently set to any, which reduces type safety. To fix this,
revert the parameter type to Parameters<IocContainer['get']>[0] or another
specific type that accurately represents the expected controller types. Avoid
using any to maintain strict typing and prevent potential runtime errors. If
dynamic typing is necessary, consider adding runtime type checks instead of
weakening the type signature.
| createSchemaRequest: { | ||
| did: string | ||
| schemaName: string | ||
| schema: { [key: string]: any } |
There was a problem hiding this comment.
🛠️ Refactor suggestion
Address ESLint warning: Replace 'any' with specific type.
The schema parameter uses any type which reduces type safety. Consider defining a proper interface or using a more specific type.
- schema: { [key: string]: any }
+ schema: Record<string, unknown>Or better yet, define a proper schema interface:
+interface SchemaDefinition {
+ [key: string]: unknown
+}
- schema: { [key: string]: any }
+ schema: SchemaDefinition📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| schema: { [key: string]: any } | |
| schema: Record<string, unknown> |
| schema: { [key: string]: any } | |
| schema: SchemaDefinition |
🧰 Tools
🪛 GitHub Actions: Continuous Integration
[warning] 56-56: ESLint: Unexpected any. Specify a different type (@typescript-eslint/no-explicit-any)
🤖 Prompt for AI Agents
In src/controllers/polygon/PolygonController.ts at line 56, the schema parameter
is typed as {[key: string]: any}, which triggers an ESLint warning due to use of
'any'. To fix this, define a specific interface or type that accurately
represents the expected structure of the schema object, then replace the 'any'
type with this more precise type to improve type safety and satisfy ESLint.
| operation: any | ||
| transaction: any |
There was a problem hiding this comment.
🛠️ Refactor suggestion
Address ESLint warnings: Replace 'any' with specific types.
The operation and transaction parameters use any type which reduces type safety. Consider defining proper interfaces or using more specific types.
- operation: any
- transaction: any
+ operation: DidOperation
+ transaction: unknownOr define proper interfaces:
+interface EstimateTransactionRequest {
+ operation: DidOperation
+ transaction: Record<string, unknown>
+}
- estimateTransactionRequest: {
- operation: any
- transaction: any
- },
+ estimateTransactionRequest: EstimateTransactionRequest,🧰 Tools
🪛 GitHub Actions: Continuous Integration
[warning] 110-110: ESLint: Unexpected any. Specify a different type (@typescript-eslint/no-explicit-any)
[warning] 111-111: ESLint: Unexpected any. Specify a different type (@typescript-eslint/no-explicit-any)
🤖 Prompt for AI Agents
In src/controllers/polygon/PolygonController.ts around lines 110 to 111, the
parameters 'operation' and 'transaction' are typed as 'any', which reduces type
safety and causes ESLint warnings. To fix this, replace 'any' with more specific
types that accurately describe the expected structure or behavior of these
parameters. If no existing types fit, define appropriate interfaces or type
aliases for 'operation' and 'transaction' and use them instead of 'any'.
| get: <T>(controller: any): T | Promise<T> => { | ||
| return container.resolve<T>(controller) |
There was a problem hiding this comment.
🛠️ Refactor suggestion
Type safety degradation: Consider maintaining strict typing.
Similar to the TsyringeAdapter.ts changes, changing the parameter type from Parameters<IocContainer['get']>[0] to any reduces type safety and could lead to runtime errors. This pattern of loosening type safety across IoC container adapters is concerning.
Consider these alternatives:
- Fix the root cause of the type compatibility issue instead of using
any - Use a more specific type that accurately represents the expected controller types
- Maintain consistency with proper typing across all IoC container adapters
- get: <T>(controller: any): T | Promise<T> => {
+ get: <T>(controller: new (...args: any[]) => T): T | Promise<T> => {Or maintain the original typing and fix the underlying issue:
- get: <T>(controller: any): T | Promise<T> => {
+ get: <T>(controller: Parameters<IocContainer['get']>[0]): T | Promise<T> => {
- return container.resolve<T>(controller)
+ return container.resolve<T>(controller as any)📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| get: <T>(controller: any): T | Promise<T> => { | |
| return container.resolve<T>(controller) | |
| get: <T>(controller: new (...args: any[]) => T): T | Promise<T> => { | |
| return container.resolve<T>(controller) |
🤖 Prompt for AI Agents
In src/utils/tsyringeTsoaIocContainer.ts around lines 6 to 7, the parameter type
for the get method is currently set to any, which reduces type safety. To fix
this, replace any with the original type Parameters<IocContainer['get']>[0] or a
more specific type that accurately represents the expected controller types.
This will maintain strict typing and consistency with other IoC container
adapters, preventing potential runtime errors.
| export interface OpenId4VcIssuanceSessionCreateOfferSdJwtCredentialOptions { | ||
| credentialSupportedId: string | ||
| format: string | ||
| payload: { | ||
| vct?: string | ||
| [key: string]: unknown | ||
| } | ||
| disclosureFrame?: Record<string, boolean | Record<string, boolean>> | ||
| } |
There was a problem hiding this comment.
💡 Verification agent
🧩 Analysis chain
Improve type consistency and add documentation.
This interface duplicates the one in src/utils/oid4vc-agent.ts but with less specific types and missing documentation. Consider:
- Using the specific
OpenId4VciCredentialFormatProfiletype forformat - Using the
DisclosureFrametype fordisclosureFrame - Adding JSDoc comments for clarity
🏁 Script executed:
#!/bin/bash
# Check if OpenId4VciCredentialFormatProfile and DisclosureFrame types are available
rg -A 2 "OpenId4VciCredentialFormatProfile|DisclosureFrame" --type tsLength of output: 2330
Align SdJwt credential options with existing types and add JSDoc
Use the existing OpenId4VciCredentialFormatProfile and DisclosureFrame types to narrow format and disclosureFrame, and mirror the JSDoc from src/utils/oid4vc-agent.ts.
• File: src/controllers/openid4vc/types/issuer.types.ts
– Import OpenId4VciCredentialFormatProfile from @credo-ts/openid4vc
– Import DisclosureFrame from ../../types
– Change
ts format: string … disclosureFrame?: Record<string, boolean | Record<string, boolean>>
to
```ts
/**
* @example {@link OpenId4VciCredentialFormatProfile.SdJwtVc}
*/
format: OpenId4VciCredentialFormatProfile
/**
* Specifies which attributes to disclose.
*/
disclosureFrame?: DisclosureFrame
```
– Add a top-level JSDoc block for the interface and field-level comments for credentialSupportedId, payload, etc., consistent with oid4vc-agent.ts
Suggested diff:
--- a/src/controllers/openid4vc/types/issuer.types.ts
+++ b/src/controllers/openid4vc/types/issuer.types.ts
@@ -1,5 +1,7 @@
+import type { DisclosureFrame } from '../../types'
+import { OpenId4VciCredentialFormatProfile } from '@credo-ts/openid4vc'
- export interface OpenId4VcIssuanceSessionCreateOfferSdJwtCredentialOptions {
+/**
+ * Options for creating an OpenID4VC issuance session offer with SD-JWT.
+ */
+export interface OpenId4VcIssuanceSessionCreateOfferSdJwtCredentialOptions {
/**
* The identifier of the supported credential.
*/
@@ -6,7 +10,12 @@ export interface OpenId4VcIssuanceSessionCreateOfferSdJwtCredentialOptions {
credentialSupportedId: string
- format: string
+ /**
+ * The credential format.
+ * @example {@link OpenId4VciCredentialFormatProfile.SdJwtVc}
+ */
+ format: OpenId4VciCredentialFormatProfile
/**
* Custom payload for the credential.
@@ -13,7 +22,10 @@ export interface OpenId4VcIssuanceSessionCreateOfferSdJwtCredentialOptions {
[key: string]: unknown
}
- disclosureFrame?: Record<string, boolean | Record<string, boolean>>
+ /**
+ * A disclosure frame specifying which attributes to reveal.
+ */
+ disclosureFrame?: DisclosureFrame
}🤖 Prompt for AI Agents
In src/controllers/openid4vc/types/issuer.types.ts lines 6 to 14, update the
interface OpenId4VcIssuanceSessionCreateOfferSdJwtCredentialOptions by importing
OpenId4VciCredentialFormatProfile from @credo-ts/openid4vc and DisclosureFrame
from ../../types. Replace the format field's type from string to
OpenId4VciCredentialFormatProfile with a JSDoc example referencing
OpenId4VciCredentialFormatProfile.SdJwtVc. Change disclosureFrame's type from
Record<string, boolean | Record<string, boolean>> to DisclosureFrame with a
JSDoc comment explaining it specifies which attributes to disclose. Add a
top-level JSDoc comment for the interface and field-level comments for
credentialSupportedId, payload, and other fields consistent with the style in
src/utils/oid4vc-agent.ts.
|
|
||
| export enum ResponseModeEnum { | ||
| DIRECT_POST = 'direct_post', | ||
| DIRECT_POSJWT = 'direct_post.jwt', |
There was a problem hiding this comment.
Fix typo in enum value.
There's a typo in the enum value - "POSJWT" should be "POST_JWT".
- DIRECT_POSJWT = 'direct_post.jwt',
+ DIRECT_POST_JWT = 'direct_post.jwt',📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| DIRECT_POSJWT = 'direct_post.jwt', | |
| DIRECT_POST_JWT = 'direct_post.jwt', |
🤖 Prompt for AI Agents
In src/controllers/openid4vc/types/verifier.types.ts at line 7, correct the typo
in the enum value by changing "DIRECT_POSJWT" to "DIRECT_POST_JWT" to accurately
reflect the intended naming.
| export interface SubmissionRequirementModel extends SubmissionRequirement { | ||
| from_nested?: SubmissionRequirementModel[] | ||
| } |
There was a problem hiding this comment.
💡 Verification agent
🧩 Analysis chain
Verify recursive type definition.
The recursive from_nested property in SubmissionRequirementModel should be carefully validated to prevent infinite recursion in runtime usage.
🏁 Script executed:
#!/bin/bash
# Description: Check for proper handling of recursive SubmissionRequirementModel usage
# Expected: Find validation or depth limiting logic in service files
rg -A 10 -B 5 "SubmissionRequirementModel|from_nested" --type tsLength of output: 2500
Ensure safe recursion handling for SubmissionRequirementModel.from_nested
I didn’t find any runtime logic that guards against infinite nesting when processing SubmissionRequirementModel (lines 63–65 in src/controllers/openid4vc/types/verifier.types.ts). If you traverse or validate submission_requirements (e.g., in DifPresentationExchangeDefinitionV2Model), please:
- Introduce a maximum‐depth parameter or iterative guard when walking
from_nested. - Validate incoming payloads to enforce a sane nesting limit.
- Update the service or utility that processes
SubmissionRequirementModelto abort or error out once the depth limit is exceeded.
Locations to address:
- src/controllers/openid4vc/types/verifier.types.ts:63–65 (recursive definition)
- Any service/function that traverses
submission_requirements(e.g., your verifier implementation)
🤖 Prompt for AI Agents
In src/controllers/openid4vc/types/verifier.types.ts at lines 63 to 65, the
SubmissionRequirementModel interface allows recursive nesting via from_nested
without any depth limit, which risks infinite recursion. To fix this, add a
maximum depth parameter or guard in any function that traverses from_nested,
such as in the verifier implementation, to prevent exceeding a sane nesting
limit. Also, validate incoming submission_requirements payloads to enforce this
maximum depth and update traversal logic to abort or throw an error if the depth
limit is surpassed.
| export class OpenId4VcUpdateVerifierRecordOptions { | ||
| verifierId!: string | ||
| clientMetadata?: OpenId4VcSiopVerifierClientMetadata | ||
| } |
There was a problem hiding this comment.
🛠️ Refactor suggestion
Consider removing definite assignment assertion.
The ! assertion on verifierId bypasses TypeScript's type checking. Consider making it required in the interface definition instead.
-export class OpenId4VcUpdateVerifierRecordOptions {
- verifierId!: string
- clientMetadata?: OpenId4VcSiopVerifierClientMetadata
-}
+export interface OpenId4VcUpdateVerifierRecordOptions {
+ verifierId: string
+ clientMetadata?: OpenId4VcSiopVerifierClientMetadata
+}📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| export class OpenId4VcUpdateVerifierRecordOptions { | |
| verifierId!: string | |
| clientMetadata?: OpenId4VcSiopVerifierClientMetadata | |
| } | |
| export interface OpenId4VcUpdateVerifierRecordOptions { | |
| verifierId: string | |
| clientMetadata?: OpenId4VcSiopVerifierClientMetadata | |
| } |
🤖 Prompt for AI Agents
In src/controllers/openid4vc/types/verifier.types.ts around lines 177 to 180,
the definite assignment assertion (!) on the verifierId property bypasses
TypeScript's type checking. To fix this, remove the exclamation mark and make
verifierId a required property by defining it without the assertion, ensuring it
is properly initialized or passed when creating instances of
OpenId4VcUpdateVerifierRecordOptions.
| export interface Issuance { | ||
| [key: string]: any | ||
| manifest?: string | ||
| } |
There was a problem hiding this comment.
Replace any type with more specific typing.
The pipeline failure correctly identifies the use of any type. This reduces type safety and should be replaced with a more specific type.
export interface Issuance {
- [key: string]: any
+ [key: string]: unknown
manifest?: string
}Or better yet, define the specific properties:
export interface Issuance {
- [key: string]: any
manifest?: string
+ [key: string]: string | number | boolean | object | null
}📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| export interface Issuance { | |
| [key: string]: any | |
| manifest?: string | |
| } | |
| export interface Issuance { | |
| [key: string]: unknown | |
| manifest?: string | |
| } |
🧰 Tools
🪛 GitHub Actions: Continuous Integration
[warning] 135-135: ESLint: Unexpected any. Specify a different type (@typescript-eslint/no-explicit-any)
🤖 Prompt for AI Agents
In src/controllers/openid4vc/types/verifier.types.ts at lines 134 to 137, the
use of the `any` type in the Issuance interface reduces type safety and causes
pipeline failures. Replace the `[key: string]: any` index signature with a more
specific type that accurately reflects the expected properties and their types,
or explicitly define the known properties of the Issuance interface to improve
type safety and clarity.
What
0.6.1-pr-2091-20241119140918Summary by CodeRabbit
New Features
Bug Fixes
Chores