src/session/entities/session.entity.ts
Entity representing a user session in the application. It includes various properties such as credentials, authorization code, request URI, authorization queries, and more.
Properties |
|
| Optional auth_queries |
Type : AuthorizeQueries
|
Decorators :
@Column('text', {nullable: true, transformer: EncryptedJsonTransformer})
|
|
Defined in src/session/entities/session.entity.ts:125
|
|
Authorization queries associated with the session. Encrypted at rest. |
| Optional authorization_code |
Type : string
|
Decorators :
@Column('varchar', {nullable: true})
|
|
Defined in src/session/entities/session.entity.ts:114
|
|
Authorization code for the session. |
| Optional clientId |
Type : string
|
Decorators :
@Column('varchar', {nullable: true})
|
|
Defined in src/session/entities/session.entity.ts:194
|
|
Client ID used in the OID4VP authorization request. |
| createdAt |
Type : Date
|
Decorators :
@CreateDateColumn()
|
|
Defined in src/session/entities/session.entity.ts:66
|
|
The timestamp when the request was created. |
| Optional credentialPayload |
Type : OfferRequestDto
|
Decorators :
@Column('text', {nullable: true, transformer: EncryptedJsonTransformer})
|
|
Defined in src/session/entities/session.entity.ts:145
|
|
Credential payload containing the offer request details. Encrypted at rest - may contain sensitive claim data. |
| Optional credentials |
Type : VerificationResult[]
|
Decorators :
@Column('text', {nullable: true, transformer: EncryptedJsonTransformer})
|
|
Defined in src/session/entities/session.entity.ts:182
|
|
Verified credentials from the presentation process. Encrypted at rest - contains personal information. |
| Optional expiresAt |
Type : Date
|
Decorators :
@Column('date', {nullable: true})
|
|
Defined in src/session/entities/session.entity.ts:78
|
|
The timestamp when the request is set to expire. |
| Optional externalIssuer |
Type : string
|
Decorators :
@Column('varchar', {nullable: true})
|
|
Defined in src/session/entities/session.entity.ts:228
|
|
The issuer (iss) of the external authorization server token. Set when a wallet presents a token from an external AS. |
| Optional externalSubject |
Type : string
|
Decorators :
@Column('varchar', {nullable: true})
|
|
Defined in src/session/entities/session.entity.ts:235
|
|
The subject (sub) from the external authorization server token. Used to identify the user at the external AS. |
| id |
Type : string
|
Decorators :
@PrimaryColumn('uuid')
|
|
Defined in src/session/entities/session.entity.ts:60
|
|
Unique identifier for the session. |
| notifications |
Type : Notification[]
|
Decorators :
@Column('json', {default: undefined})
|
|
Defined in src/session/entities/session.entity.ts:155
|
|
Notifications associated with the session. |
| Optional notifyWebhook |
Type : WebhookConfig
|
Decorators :
@Column('json', {nullable: true})
|
|
Defined in src/session/entities/session.entity.ts:150
|
|
Webhook configuration to send the result of the notification response. |
| Optional offer |
Type : CredentialOfferObject
|
Decorators :
@Column('text', {nullable: true, transformer: EncryptedJsonTransformer})
|
|
Defined in src/session/entities/session.entity.ts:132
|
|
Credential offer object containing details about the credential offer or presentation request. Encrypted at rest. |
| Optional offerUrl |
Type : string
|
Decorators :
@Column('varchar', {nullable: true})
|
|
Defined in src/session/entities/session.entity.ts:138
|
|
Offer URL for the credential offer. |
| Optional parsedWebhook |
Type : WebhookConfig
|
Decorators :
@Column('json', {nullable: true})
|
|
Defined in src/session/entities/session.entity.ts:212
|
|
Where to send the claims webhook response. |
| Optional redirectUri |
Type : string | null
|
Decorators :
@Column('varchar', {nullable: true})
|
|
Defined in src/session/entities/session.entity.ts:206
|
|
Redirect URI to which the user-agent should be redirected after the presentation is completed. |
| Optional request_uri |
Type : string
|
Decorators :
@Column('varchar', {nullable: true})
|
|
Defined in src/session/entities/session.entity.ts:119
|
|
Request URI from the authorization request. |
| Optional requestId |
Type : string
|
Decorators :
@Column('varchar', {nullable: true})
|
|
Defined in src/session/entities/session.entity.ts:163
|
|
The ID of the presentation configuration associated with the session. |
| Optional requestObject |
Type : string
|
Decorators :
@Column('varchar', {nullable: true})
|
|
Defined in src/session/entities/session.entity.ts:175
|
|
Signed presentation auth request. |
| Optional requestUrl |
Type : string
|
Decorators :
@Column('varchar', {nullable: true})
|
|
Defined in src/session/entities/session.entity.ts:169
|
|
The URL of the presentation auth request. |
| Optional responseUri |
Type : string
|
Decorators :
@Column('varchar', {nullable: true})
|
|
Defined in src/session/entities/session.entity.ts:200
|
|
Response URI used in the OID4VP authorization request. |
| status |
Type : SessionStatus
|
Decorators :
@ApiProperty({enum: SessionStatus})
|
|
Defined in src/session/entities/session.entity.ts:107
|
|
Status of the session. |
| tenant |
Type : TenantEntity
|
Decorators :
@ManyToOne(undefined, {cascade: true, onDelete: 'CASCADE', eager: true})
|
|
Defined in src/session/entities/session.entity.ts:100
|
|
The tenant that owns this object. |
| tenantId |
Type : string
|
Decorators :
@Column('varchar')
|
|
Defined in src/session/entities/session.entity.ts:90
|
|
Tenant ID for multi-tenancy support. |
| Optional transaction_data |
Type : TransactionData[]
|
Decorators :
@Column('json', {nullable: true})
|
|
Defined in src/session/entities/session.entity.ts:219
|
|
Transaction data to include in the OID4VP authorization request. Can be overridden per-request from the presentation configuration. |
| updatedAt |
Type : Date
|
Decorators :
@UpdateDateColumn()
|
|
Defined in src/session/entities/session.entity.ts:72
|
|
The timestamp when the request was last updated. |
| useDcApi |
Type : boolean
|
Decorators :
@Column('boolean', {nullable: true})
|
|
Defined in src/session/entities/session.entity.ts:84
|
|
Flag indicating whether to use the DC API for the presentation request. |
| Optional vp_nonce |
Type : string
|
Decorators :
@Column('varchar', {nullable: true})
|
|
Defined in src/session/entities/session.entity.ts:188
|
|
Noncce from the Verifiable Presentation request. |
import { ApiProperty } from "@nestjs/swagger";
import {
CredentialOfferObject,
NotificationEvent,
} from "@openid4vc/openid4vci";
import { VerificationResult } from "@sd-jwt/sd-jwt-vc";
import {
Column,
CreateDateColumn,
Entity,
ManyToOne,
PrimaryColumn,
UpdateDateColumn,
} from "typeorm";
import { TenantEntity } from "../../auth/tenant/entitites/tenant.entity";
import { AuthorizeQueries } from "../../issuer/issuance/oid4vci/authorize/dto/authorize-request.dto";
import { OfferRequestDto } from "../../issuer/issuance/oid4vci/dto/offer-request.dto";
import { EncryptedJsonTransformer } from "../../shared/utils/encryption";
import { WebhookConfig } from "../../shared/utils/webhook/webhook.dto";
import { TransactionData } from "../../verifier/presentations/entities/presentation-config.entity";
export enum SessionStatus {
Active = "active",
Fetched = "fetched",
Completed = "completed",
Expired = "expired",
Failed = "failed",
}
/**
* Represents a session entity for managing user sessions in the application.
*/
export type Notification = {
/**
* Unique identifier for the notification.
*/
id: string;
/**
* The type of notification.
*/
event?: NotificationEvent;
/**
* The credential ID associated with the notification.
*/
credentialConfigurationId: string;
};
/**
* Entity representing a user session in the application.
* It includes various properties such as credentials, authorization code,
* request URI, authorization queries, and more.
*/
@Entity()
export class Session {
/**
* Unique identifier for the session.
*/
@PrimaryColumn("uuid")
id!: string;
/**
* The timestamp when the request was created.
*/
@CreateDateColumn()
createdAt!: Date;
/**
* The timestamp when the request was last updated.
*/
@UpdateDateColumn()
updatedAt!: Date;
/**
* The timestamp when the request is set to expire.
*/
@Column("date", { nullable: true })
expiresAt?: Date;
/**
* Flag indicating whether to use the DC API for the presentation request.
*/
@Column("boolean", { nullable: true })
useDcApi!: boolean;
/**
* Tenant ID for multi-tenancy support.
*/
@Column("varchar")
tenantId!: string;
/**
* The tenant that owns this object.
*/
@ManyToOne(() => TenantEntity, {
cascade: true,
onDelete: "CASCADE",
eager: true,
})
tenant!: TenantEntity;
/**
* Status of the session.
*/
@ApiProperty({ enum: SessionStatus })
@Column("varchar", { nullable: true, default: "active" })
status!: SessionStatus;
// issuance specific fields
/**
* Authorization code for the session.
*/
@Column("varchar", { nullable: true })
authorization_code?: string;
/**
* Request URI from the authorization request.
*/
@Column("varchar", { nullable: true })
request_uri?: string;
/**
* Authorization queries associated with the session.
* Encrypted at rest.
*/
@Column("text", { nullable: true, transformer: EncryptedJsonTransformer })
auth_queries?: AuthorizeQueries;
/**
* Credential offer object containing details about the credential offer or presentation request.
* Encrypted at rest.
*/
@Column("text", { nullable: true, transformer: EncryptedJsonTransformer })
offer?: CredentialOfferObject;
/**
* Offer URL for the credential offer.
*/
@Column("varchar", { nullable: true })
offerUrl?: string;
/**
* Credential payload containing the offer request details.
* Encrypted at rest - may contain sensitive claim data.
*/
@Column("text", { nullable: true, transformer: EncryptedJsonTransformer })
credentialPayload?: OfferRequestDto;
/**
* Webhook configuration to send the result of the notification response.
*/
@Column("json", { nullable: true })
notifyWebhook?: WebhookConfig;
/**
* Notifications associated with the session.
*/
@Column("json", { default: JSON.stringify([]) })
notifications!: Notification[];
// presentation specific fields
/**
* The ID of the presentation configuration associated with the session.
*/
@Column("varchar", { nullable: true })
requestId?: string;
/**
* The URL of the presentation auth request.
*/
@Column("varchar", { nullable: true })
requestUrl?: string;
/**
* Signed presentation auth request.
*/
@Column("varchar", { nullable: true })
requestObject?: string;
/**
* Verified credentials from the presentation process.
* Encrypted at rest - contains personal information.
*/
@Column("text", { nullable: true, transformer: EncryptedJsonTransformer })
credentials?: VerificationResult[];
/**
* Noncce from the Verifiable Presentation request.
*/
@Column("varchar", { nullable: true })
vp_nonce?: string;
/**
* Client ID used in the OID4VP authorization request.
*/
@Column("varchar", { nullable: true })
clientId?: string;
/**
* Response URI used in the OID4VP authorization request.
*/
@Column("varchar", { nullable: true })
responseUri?: string;
/**
* Redirect URI to which the user-agent should be redirected after the presentation is completed.
*/
@Column("varchar", { nullable: true })
redirectUri?: string | null;
/**
* Where to send the claims webhook response.
*/
@Column("json", { nullable: true })
parsedWebhook?: WebhookConfig;
/**
* Transaction data to include in the OID4VP authorization request.
* Can be overridden per-request from the presentation configuration.
*/
@Column("json", { nullable: true })
transaction_data?: TransactionData[];
// External authorization server fields (for wallet-initiated flows with external AS like Keycloak)
/**
* The issuer (iss) of the external authorization server token.
* Set when a wallet presents a token from an external AS.
*/
@Column("varchar", { nullable: true })
externalIssuer?: string;
/**
* The subject (sub) from the external authorization server token.
* Used to identify the user at the external AS.
*/
@Column("varchar", { nullable: true })
externalSubject?: string;
}