| Safe Haskell | None |
|---|---|
| Language | Haskell2010 |
SDJWT.Internal.Disclosure
Description
Disclosure creation, encoding, and decoding (low-level).
Disclosures are base64url-encoded JSON arrays that contain the cleartext values of selectively disclosable claims. This module provides functions to create disclosures for object properties and array elements, and to encode/decode them.
Usage
This module contains low-level disclosure utilities that are typically used internally by other SD-JWT modules. Most users should use the higher-level APIs in:
Issuer- For issuers (handles disclosure creation internally)Holder- For holders (handles disclosure selection internally)Verifier- For verifiers (handles disclosure verification internally)
These utilities may be useful for:
- Advanced use cases requiring custom disclosure handling
- Library developers building on top of SD-JWT
- Testing and debugging
Synopsis
- createObjectDisclosure :: Salt -> Text -> Value -> Either SDJWTError EncodedDisclosure
- createArrayDisclosure :: Salt -> Value -> Either SDJWTError EncodedDisclosure
- decodeDisclosure :: EncodedDisclosure -> Either SDJWTError Disclosure
- encodeDisclosure :: Disclosure -> EncodedDisclosure
- getDisclosureSalt :: Disclosure -> Salt
- getDisclosureClaimName :: Disclosure -> Maybe Text
- getDisclosureValue :: Disclosure -> Value
Documentation
createObjectDisclosure :: Salt -> Text -> Value -> Either SDJWTError EncodedDisclosure Source #
Create disclosure for object property: [salt, claim_name, claim_value].
Creates a disclosure for a selectively disclosable object property. The disclosure is a JSON array containing:
- The salt (base64url-encoded)
- The claim name
- The claim value
The result is base64url-encoded as required by RFC 9901.
createArrayDisclosure :: Salt -> Value -> Either SDJWTError EncodedDisclosure Source #
Create disclosure for array element: [salt, claim_value].
Creates a disclosure for a selectively disclosable array element. The disclosure is a JSON array containing:
- The salt (base64url-encoded)
- The array element value
Note: Array element disclosures do not include a claim name. The result is base64url-encoded as required by RFC 9901.
decodeDisclosure :: EncodedDisclosure -> Either SDJWTError Disclosure Source #
Decode disclosure from base64url.
Decodes a base64url-encoded disclosure string back into a Disclosure
value. The disclosure must be a valid JSON array with either 2 elements
(for array disclosures) or 3 elements (for object disclosures).
Returns Left with an error if the disclosure format is invalid.
encodeDisclosure :: Disclosure -> EncodedDisclosure Source #
Encode disclosure to base64url.
Encodes a Disclosure value to its base64url-encoded string representation.
This is the inverse of decodeDisclosure.
getDisclosureSalt :: Disclosure -> Salt Source #
Extract salt from disclosure.
Returns the salt value used in the disclosure. The salt is the same regardless of whether it's an object or array disclosure.
getDisclosureValue :: Disclosure -> Value Source #
Extract claim value.
Returns the claim value from the disclosure, regardless of whether it's an object or array disclosure.