feat: accept header

src/iden3comm/constants.ts

@@ -1,3 +1,5 @@
+import { AcceptProfile } from './types';
+
 const IDEN3_PROTOCOL = 'https://iden3-communication.io/';
 /**
  * Constants for Iden3 protocol
@@ -73,5 +75,30 @@ export const SUPPORTED_PUBLIC_KEY_TYPES = {
   ]
 };
 
+export enum ProtocolVersion {
+  v1 = 'iden3comm/v1'
+}
+
+export enum AcceptAuthCircuits {
+  authV2 = 'authV2',
+  authV3 = 'authV3'
+}
+
+export enum AcceptJwzAlgorithms {
+  groth16 = 'groth16'
+}
+
+export enum AcceptJwsAlgorithms {
+  ES256K = 'ES256K',
+  ES256KR = 'ES256K-R'
+}
+
+export const defaultAcceptProfile: AcceptProfile = {
+  protocolVersion: ProtocolVersion.v1,
+  env: MediaType.ZKPMessage,
+  circuits: [AcceptAuthCircuits.authV2],
+  alg: [AcceptJwzAlgorithms.groth16]
+};
+
 export const DEFAULT_PROOF_VERIFY_DELAY = 1 * 60 * 60 * 1000; // 1 hour
 export const DEFAULT_AUTH_VERIFY_DELAY = 5 * 60 * 1000; // 5 minutes

src/iden3comm/handlers/auth.ts

@@ -1,4 +1,4 @@
-import { MediaType } from '../constants';
+import { MediaType, ProtocolVersion } from '../constants';
 import { IProofService } from '../../proof/proof-service';
 import { PROTOCOL_MESSAGE_TYPE } from '../constants';
 
@@ -21,6 +21,7 @@ import { byteDecoder, byteEncoder } from '../../utils';
 import { processZeroKnowledgeProofRequests } from './common';
 import { CircuitId } from '../../circuits';
 import { AbstractMessageHandler, IProtocolMessageHandler } from './message-handler';
+import { parseAcceptProfile } from '../utils';
 
 /**
  *  createAuthorizationRequest is a function to create protocol authorization request
@@ -231,13 +232,40 @@ export class AuthHandler
 
     // override sender did if it's explicitly specified in the auth request
     const to = authRequest.to ? DID.parse(authRequest.to) : ctx.senderDid;
-    const mediaType = ctx.mediaType || MediaType.ZKPMessage;
     const guid = uuid.v4();
 
     if (!authRequest.from) {
       throw new Error('auth request should contain from field');
     }
 
+    const responseType = PROTOCOL_MESSAGE_TYPE.AUTHORIZATION_RESPONSE_MESSAGE_TYPE;
+    let mediaType: MediaType;
+    if (authRequest.body.accept?.length) {
+      const supportedMediaTypes: MediaType[] = [];
+      for (const acceptProfile of authRequest.body.accept || []) {
+        // 1. check protocol version
+        const { protocolVersion, env, circuits, alg } = parseAcceptProfile(acceptProfile);
+        if (protocolVersion === ProtocolVersion.v1 && responseType.split('/').at(-2) !== '1.0') {
+          continue;
+        }
+        // 2. check packer support
+        if (this._packerMgr.isSupported(env, alg, circuits)) {
+          supportedMediaTypes.push(env);
+        }
+      }
+
+      if (!supportedMediaTypes.length) {
+        throw new Error('no profile meets `access` header requirements');
+      }
+
+      mediaType = supportedMediaTypes[0];
+      if (ctx.mediaType && supportedMediaTypes.includes(ctx.mediaType)) {
+        mediaType = ctx.mediaType;
+      }
+    } else {
+      mediaType = ctx.mediaType || MediaType.ZKPMessage;
+    }
+
     const from = DID.parse(authRequest.from);
 
     const responseScope = await processZeroKnowledgeProofRequests(
@@ -250,8 +278,8 @@ export class AuthHandler
 
     return {
       id: guid,
-      typ: ctx.mediaType,
-      type: PROTOCOL_MESSAGE_TYPE.AUTHORIZATION_RESPONSE_MESSAGE_TYPE,
+      typ: mediaType,
+      type: responseType,
       thid: authRequest.thid ?? guid,
       body: {
         message: authRequest?.body?.message,

src/iden3comm/index.ts

@@ -3,6 +3,7 @@ export * from './packers';
 export * from './types';
 export * from './handlers';
 export * from './utils/did';
+export * from './utils/accept-profile';
 
 import * as PROTOCOL_CONSTANTS from './constants';
 export { PROTOCOL_CONSTANTS };

src/iden3comm/packageManager.ts

@@ -1,8 +1,14 @@
 import { BasicMessage, IPackageManager, IPacker, PackerParams } from './types';
 import { bytesToHeaderStub } from './utils/envelope';
 import { base64 } from 'rfc4648';
-import { MediaType } from './constants';
+import {
+  AcceptAuthCircuits,
+  AcceptJwsAlgorithms,
+  AcceptJwzAlgorithms,
+  MediaType
+} from './constants';
 import { byteDecoder, byteEncoder } from '../utils';
+import { ZKPPacker } from './packers';
 
 /**
  * Basic package manager for iden3 communication protocol
@@ -21,6 +27,39 @@ export class PackageManager implements IPackageManager {
     this.packers = new Map<MediaType, IPacker>();
   }
 
+  /** {@inheritDoc IPackageManager.isSupported} */
+  isSupported(
+    mediaType: MediaType,
+    algs?: AcceptJwzAlgorithms[] | AcceptJwsAlgorithms[],
+    circuits?: AcceptAuthCircuits[]
+  ): boolean {
+    const p = this.packers.get(mediaType);
+    if (!p) {
+      return false;
+    }
+
+    let algFound = false || !algs?.length;
+    if (algs?.length) {
+      const packerSupportedAlgs = p.getSupportedAlgorithms().map((i) => i.toString());
+      algFound = algs?.some((alg) => packerSupportedAlgs.includes(alg));
+    }
+
+    let circuitFound = false || !circuits?.length;
+    if (circuits?.length) {
+      if (mediaType !== MediaType.ZKPMessage) {
+        throw new Error('circuits param not supported for ZKPMessage media type');
+      }
+      const packerCircuits = (p as ZKPPacker).getSupportedCircuits();
+      circuitFound = circuits.some((c) => packerCircuits.includes(c));
+    }
+    return algFound && circuitFound;
+  }
+
+  /** {@inheritDoc IPackageManager.getSupportedMediaTypes} */
+  getSupportedMediaTypes(): MediaType[] {
+    return [...this.packers.keys()];
+  }
+
   /** {@inheritDoc IPackageManager.registerPackers} */
   registerPackers(packers: Array<IPacker>): void {
     packers.forEach((p) => {

src/iden3comm/packers/jws.ts

@@ -1,5 +1,5 @@
 import { BasicMessage, IPacker, JWSPackerParams } from '../types';
-import { MediaType, SUPPORTED_PUBLIC_KEY_TYPES } from '../constants';
+import { AcceptJwsAlgorithms, MediaType, SUPPORTED_PUBLIC_KEY_TYPES } from '../constants';
 import { extractPublicKeyBytes, resolveVerificationMethods } from '../utils/did';
 import { keyPath, KMS } from '../../kms/';
 
@@ -102,6 +102,11 @@ export class JWSPacker implements IPacker {
     return MediaType.SignedMessage;
   }
 
+  /** {@inheritDoc IPacker.getSupportedAlgorithms} */
+  getSupportedAlgorithms(): AcceptJwsAlgorithms[] {
+    return [AcceptJwsAlgorithms.ES256K, AcceptJwsAlgorithms.ES256KR];
+  }
+
   private async resolveDidDoc(from: string) {
     let didDocument: DIDDocument;
     try {

src/iden3comm/packers/plain.ts

@@ -1,5 +1,5 @@
 import { BasicMessage, IPacker } from '../types';
-import { MediaType } from '../constants';
+import { AcceptJwsAlgorithms, AcceptJwzAlgorithms, MediaType } from '../constants';
 import { byteDecoder, byteEncoder } from '../../utils';
 
 /**
@@ -53,4 +53,9 @@ export class PlainPacker implements IPacker {
   mediaType(): MediaType {
     return MediaType.PlainMessage;
   }
+
+  /** {@inheritDoc IPacker.getSupportedAlgorithms} */
+  getSupportedAlgorithms(): AcceptJwzAlgorithms[] | AcceptJwsAlgorithms[] {
+    return [];
+  }
 }

src/iden3comm/packers/zkp.ts

@@ -20,7 +20,7 @@ import {
   ErrStateVerificationFailed,
   ErrUnknownCircuitID
 } from '../errors';
-import { MediaType } from '../constants';
+import { AcceptAuthCircuits, AcceptJwzAlgorithms, MediaType } from '../constants';
 import { byteDecoder, byteEncoder } from '../../utils';
 import { DEFAULT_AUTH_VERIFY_DELAY } from '../constants';
 
@@ -174,6 +174,15 @@ export class ZKPPacker implements IPacker {
   mediaType(): MediaType {
     return MediaType.ZKPMessage;
   }
+
+  /** {@inheritDoc IPacker.getSupportedAlgorithms} */
+  getSupportedAlgorithms(): AcceptJwzAlgorithms[] {
+    return [AcceptJwzAlgorithms.groth16];
+  }
+
+  getSupportedCircuits(): AcceptAuthCircuits[] {
+    return [AcceptAuthCircuits.authV2];
+  }
 }
 
 const verifySender = async (token: Token, msg: BasicMessage): Promise<void> => {

src/iden3comm/types/index.ts

@@ -6,6 +6,7 @@ export * from './protocol/revocation';
 export * from './protocol/contract-request';
 export * from './protocol/proposal-request';
 export * from './protocol/payment';
+export * from './protocol/accept-profile';
 
 export * from './packer';
 export * from './models';

src/iden3comm/types/packageManager.ts

@@ -1,5 +1,10 @@
 import { BasicMessage, IPacker, PackerParams } from './packer';
-import { MediaType } from '../constants';
+import {
+  AcceptAuthCircuits,
+  AcceptJwsAlgorithms,
+  AcceptJwzAlgorithms,
+  MediaType
+} from '../constants';
 
 /**
  * Interface for defining the registry of packers
@@ -74,6 +79,25 @@ export interface IPackageManager {
    * @returns MediaType
    */
   getMediaType(envelope: string): MediaType;
+
+  /**
+   * gets supported media type by packer manager
+   *
+   * @returns MediaType[]
+   */
+  getSupportedMediaTypes(): MediaType[];
+
+  /**
+   * gets if media type and algorithms supported by packer manager
+   *
+   * @param {MediaType} mediaType
+   * @returns AcceptJwzAlgorithms[] | AcceptJwsAlgorithms[]
+   */
+  isSupported(
+    mediaType: MediaType,
+    alg?: AcceptJwzAlgorithms[] | AcceptJwsAlgorithms[],
+    circuits?: AcceptAuthCircuits[]
+  ): boolean;
 }
 /**
  * EnvelopeStub is used to stub the jwt based envelops

src/iden3comm/types/packer.ts

@@ -2,7 +2,7 @@ import { DID } from '@iden3/js-iden3-core';
 import { DataPrepareHandlerFunc, VerificationHandlerFunc } from '../packers';
 import { ProvingMethodAlg } from '@iden3/js-jwz';
 import { CircuitId } from '../../circuits';
-import { MediaType } from '../constants';
+import { AcceptJwsAlgorithms, AcceptJwzAlgorithms, MediaType } from '../constants';
 import { DIDDocument, VerificationMethod } from 'did-resolver';
 import { StateVerificationOpts } from './models';
 /**
@@ -121,6 +121,13 @@ export interface IPacker {
    * @returns The media type as a MediaType.
    */
   mediaType(): MediaType;
+
+  /**
+   * gets supported algorithms for mediaType
+   *
+   * @returns AcceptJwzAlgorithms[] | AcceptJwsAlgorithms[]
+   */
+  getSupportedAlgorithms(): AcceptJwzAlgorithms[] | AcceptJwsAlgorithms[];
 }
 /**
  * Params for verification of auth circuit public signals

src/iden3comm/types/protocol/accept-profile.ts

@@ -0,0 +1,14 @@
+import {
+  AcceptAuthCircuits,
+  AcceptJwsAlgorithms,
+  AcceptJwzAlgorithms,
+  MediaType,
+  ProtocolVersion
+} from '../../constants';
+
+export type AcceptProfile = {
+  protocolVersion: ProtocolVersion;
+  env: MediaType;
+  circuits?: AcceptAuthCircuits[];
+  alg?: AcceptJwsAlgorithms[] | AcceptJwzAlgorithms[];
+};

src/iden3comm/types/protocol/auth.ts

@@ -26,6 +26,7 @@ export type AuthorizationRequestMessageBody = {
   callbackUrl: string;
   reason?: string;
   message?: string;
+  accept?: string[];
   did_doc?: JSONObject;
   scope: Array<ZeroKnowledgeProofRequest>;
 };