wip: creating cross network claiming logic.

[ci skip]

Author: tegefaulkes

src/claims/payloads/claimNetworkAccess.ts

@@ -1,6 +1,7 @@
 import type { Claim, SignedClaim } from '../types.js';
-import type { NodeIdEncoded } from '../../ids/types.js';
+import type { NodeId, NodeIdEncoded } from '../../ids/types.js';
 import type { SignedTokenEncoded } from '../../tokens/types.js';
+import type Token from '../../tokens/Token.js';
 import * as tokensSchema from '../../tokens/schemas/index.js';
 import * as ids from '../../ids/index.js';
 import * as claimsUtils from '../utils.js';
@@ -84,10 +85,21 @@ function parseSignedClaimNetworkAccess(
   return signedClaim as SignedClaim<ClaimNetworkAccess>;
 }
 
+function verifyClaimNetworkAccess(
+  networkNodeId: NodeId,
+  targetNodeId: NodeId,
+  network: string,
+  token: Token<ClaimNetworkAccess>,
+): void {
+  // TODO: complete
+  console.log(token);
+}
+
 export {
   assertClaimNetworkAccess,
   parseClaimNetworkAccess,
   parseSignedClaimNetworkAccess,
+  verifyClaimNetworkAccess,
 };
 
 export type { ClaimNetworkAccess };

src/claims/payloads/claimNetworkAuthority.ts

@@ -18,6 +18,7 @@ interface ClaimNetworkAuthority extends Claim {
   typ: 'ClaimNetworkAuthority';
   iss: NodeIdEncoded;
   sub: NodeIdEncoded;
+  network: string;
 }
 
 function assertClaimNetworkAuthority(
@@ -47,6 +48,11 @@ function assertClaimNetworkAuthority(
       '`sub` property must be an encoded node ID',
     );
   }
+  if (claimNetworkAuthority['network'] == null) {
+    throw new validationErrors.ErrorParse(
+      '`network` property must be a network name string',
+    );
+  }
 }
 
 function parseClaimNetworkAuthority(
@@ -70,8 +76,9 @@ function parseSignedClaimNetworkAuthority(
 function verifyClaimNetworkAuthority(
   networkNodeId: NodeId,
   targetNodeId: NodeId,
+  network: string,
   token: Token<ClaimNetworkAuthority>,
-) {
+): void {
   // Should be signed by the network authority as the issuer
   const nodeIdIss = token.payload.iss;
   const networkNodeIdEncoded = nodesUtils.encodeNodeId(networkNodeId);
@@ -97,6 +104,11 @@ function verifyClaimNetworkAuthority(
   if (!token.verifyWithPublicKey(targetPublicKey)) {
     throw Error('TMP IMP Token was not signed by the network authority');
   }
+  // Checking if the network name matches
+  const networkName = token.payload.network;
+  if (networkName !== network) {
+    throw Error('TMP IMP Network name does not match the expected network');
+  }
 }
 
 export {