Questions about usage of Authentication class

[dstrockis]

When using did-auth-jose with RSA keys, here's how I had to use the Authentication class:

// assume I have a properly formatted jwk

// convert key into dict of keys
const keys = {};
keys[jwk.kid] = key;

// create Authentication class
const resolver = new hub.HttpResolver(discovery_endpoint);
const auth = new didAuth.Authentication({
    keys,
    resolver
});

const buffer = await auth.getAuthenticatedRequest(message, key, serverDid, accessToken);

// send and receive message

const responseMessage = await auth.getVerifiedRequest(response, false);
responseMessage.request

// generate response message

var responseBuffer = await auth.getAuthenticatedResponse(verifiedRequest, responseMessage);

A few questions, mostly about API design:

• is "Authentication" really the best class name for this?
• is "getAuthenticatedRequest" the right method name?
• shouldn't I provide my (the client's) DID to the getAuthenticatedRequest method somehow?
• why do I need to pass the key to this method? Didn't I already pass my keys in in the constructor?
• is getVerifiedRequest really the best method name? How about like decryptAndVerifyMessage or something?
• is calling it responseMessage.request the best property name? It was weird to me, because it was really a response I was decrypting/decoding.
• why do I pass the verifiedRequest into the getAuthenticatedResponse method? Is it so that a nonce can be included in the response?