@aspect-evp/issuer
v0.1.1
Published
EVP issuer implementation for email providers
Maintainers
seanluis47Readme
@aspect-evp/issuer
EVP issuer implementation for email providers.
Installation
npm install @aspect-evp/issuerUsage
import { EmailVerificationIssuer } from '@aspect-evp/issuer';
// Initialize with your signing key
const issuer = new EmailVerificationIssuer({
issuer: 'mail.example.com',
privateKey: yourPrivateKeyJWK,
kid: '2024-01-key',
algorithm: 'EdDSA'
});
// Serve /.well-known/email-verification
app.get('/.well-known/email-verification', (req, res) => {
res.json(issuer.getMetadata('https://mail.example.com'));
});
// Serve JWKS
app.get('/email-verification/jwks', async (req, res) => {
res.json(await issuer.getJWKS());
});
// Handle issuance requests
app.post('/email-verification/issuance', async (req, res) => {
const { request_token } = req.body;
// Verify the request token from browser
const { email, cnf } = await issuer.verifyRequestToken(request_token);
// Verify user owns this email (your auth logic)
if (!userOwnsEmail(req.session.userId, email)) {
return res.status(403).json({ error: 'unauthorized_email' });
}
// Issue SD-JWT
const sdJwt = await issuer.issueToken(email, cnf.jwk);
res.json({ token: sdJwt });
});Key Generation
import { EmailVerificationIssuer } from '@aspect-evp/issuer';
// Generate a new EdDSA key pair
const keyPair = await EmailVerificationIssuer.generateKeyPair('EdDSA');
console.log(keyPair.privateKey); // Store securely
console.log(keyPair.publicKey); // Expose via JWKSSupported Algorithms
EdDSA(recommended)ES256ES384RS256
Documentation
See the full documentation for complete API reference.
License
MIT