@bifold/core 3.0.0 → 3.0.2

package/lib/module/modules/openid/offerResolve.js.map

@@ -1 +1 @@
-{"version":3,"names":["OpenId4VciCredentialFormatProfile","DidJwk","DidKey","Kms","extractOpenId4VcCredentialMetadata","setOpenId4VcCredentialMetadata","resolveOpenId4VciOffer","agent","data","uri","authorization","offerUri","encodeURIComponent","JSON","stringify","Error","config","logger","info","resolvedCredentialOffer","openid4vc","holder","resolveCredentialOffer","acquirePreAuthorizedAccessToken","txCode","modules","requestToken","customCredentialBindingResolver","supportedDidMethods","supportsAllDidMethods","supportsJwk","credentialFormat","proofTypes","_proofTypes$jwt","didMethod","includes","undefined","key","kms","createKeyForSignatureAlgorithm","algorithm","jwt","supportedSignatureAlgorithms","publicJwk","PublicJwk","fromPublicJwk","didResult","dids","create","method","options","keyId","didState","state","verificationMethodId","didJwk","fromDid","did","didKey","fingerprint","didUrls","SdJwtVc","MsoMdoc","keys","join","receiveCredentialFromOpenId4VciOffer","tokenResponse","credentialConfigurationIdsToRequest","clientId","pidSchemes","offeredCredentialsToRequest","Object","entries","offeredCredentialConfigurations","filter","k","values","length","credentials","requestCredentials","credentialConfigurationIds","verifyCredentialStatus","allowedProofOfPossessionSignatureAlgorithms","credentialBindingResolver","credentialConfigurationId","firstCredential","record","openId4VcMetadata","id","metadata","credentialIssuer","credential_issuer","display"],"sourceRoot":"../../../../src","sources":["modules/openid/offerResolve.tsx"],"mappings":"AAAA,SAIEA,iCAAiC,QAG5B,qBAAqB;AAC5B,SAEEC,MAAM,EACNC,MAAM,EAGNC,GAAG,QACE,gBAAgB;AACvB,SACEC,kCAAkC,EAClCC,8BAA8B,QACzB,YAAY;AAEnB,OAAO,MAAMC,sBAAsB,GAAG,MAAAA,CAAO;EAC3CC,KAAK;EACLC,IAAI;EACJC,GAAG;EACHC;AAQF,CAAC,KAAiD;EAChD,IAAIC,QAAQ,GAAGF,GAAG;EAElB,IAAI,CAACE,QAAQ,IAAIH,IAAI,EAAE;IACrB;IACA;IACAG,QAAQ,GAAG,8CAA8CC,kBAAkB,CAACC,IAAI,CAACC,SAAS,CAACN,IAAI,CAAC,CAAC,EAAE;EACrG,CAAC,MAAM,IAAI,CAACG,QAAQ,EAAE;IACpB,MAAM,IAAII,KAAK,CAAC,qCAAqC,CAAC;EACxD;EAEAR,KAAK,CAACS,MAAM,CAACC,MAAM,CAACC,IAAI,CAAC,wBAAwBP,QAAQ,EAAE,EAAE;IAC3DA,QAAQ;IACRH,IAAI,EAAEA,IAAI;IACVC,GAAG,EAAEE;EACP,CAAC,CAAC;EAEF,MAAMQ,uBAAuB,GAAG,MAAMZ,KAAK,CAACa,SAAS,CAACC,MAAM,CAACC,sBAAsB,CAACX,QAAQ,CAAC;EAE7F,IAAID,aAAa,EAAE;IACjB,MAAM,IAAIK,KAAK,CAAC,4DAA4D,CAAC;EAC/E;EAEA,OAAOI,uBAAuB;AAChC,CAAC;AAED,OAAO,eAAeI,+BAA+BA,CAAC;EACpDhB,KAAK;EACLY,uBAAuB;EACvBK;AAKF,CAAC,EAA2C;EAC1C,OAAO,MAAMjB,KAAK,CAACkB,OAAO,CAACL,SAAS,CAACC,MAAM,CAACK,YAAY,CAAC;IACvDP,uBAAuB;IACvBK;EACF,CAAC,CAAC;AACJ;AAEA,OAAO,MAAMG,+BAA+B,GAAG,MAAAA,CAAO;EACpDpB,KAAK;EACLqB,mBAAmB;EACnBC,qBAAqB;EACrBC,WAAW;EACXC,gBAAgB;EAChBC;AAKF,CAAC,KAAgD;EAAA,IAAAC,eAAA;EAC/C;EACA;EACA,IAAIC,SAAoC,GACtCL,qBAAqB,IAAID,mBAAmB,aAAnBA,mBAAmB,eAAnBA,mBAAmB,CAAEO,QAAQ,CAAC,SAAS,CAAC,GAC7D,KAAK,GACLP,mBAAmB,aAAnBA,mBAAmB,eAAnBA,mBAAmB,CAAEO,QAAQ,CAAC,SAAS,CAAC,GACxC,KAAK,GACLC,SAAS;;EAEf;EACA;EACA;EACA,IAAI,CAACR,mBAAmB,IAAI,CAACE,WAAW,EAAE;IACxCI,SAAS,GAAG,KAAK;EACnB;EAEA,MAAMG,GAAG,GAAG,MAAM9B,KAAK,CAAC+B,GAAG,CAACC,8BAA8B,CAAC;IACzDC,SAAS,EAAE,CAAAR,UAAU,aAAVA,UAAU,gBAAAC,eAAA,GAAVD,UAAU,CAAES,GAAG,cAAAR,eAAA,uBAAfA,eAAA,CAAiBS,4BAA4B,CAAC,CAAC,CAAC,KAAI;EACjE,CAAC,CAAC;EACF,MAAMC,SAAS,GAAGxC,GAAG,CAACyC,SAAS,CAACC,aAAa,CAACR,GAAG,CAACM,SAAS,CAAC;EAE5D,IAAIT,SAAS,EAAE;IACb,MAAMY,SAAS,GAAG,MAAMvC,KAAK,CAACwC,IAAI,CAACC,MAAM,CAA4C;MACnFC,MAAM,EAAEf,SAAS;MACjBgB,OAAO,EAAE;QACPC,KAAK,EAAEd,GAAG,CAACc;MACb;IACF,CAAC,CAAC;IAEF,IAAIL,SAAS,CAACM,QAAQ,CAACC,KAAK,KAAK,UAAU,EAAE;MAC3C,MAAM,IAAItC,KAAK,CAAC,sBAAsB,CAAC;IACzC;IAEA,IAAIuC,oBAA4B;IAChC,IAAIpB,SAAS,KAAK,KAAK,EAAE;MACvB,MAAMqB,MAAM,GAAGtD,MAAM,CAACuD,OAAO,CAACV,SAAS,CAACM,QAAQ,CAACK,GAAG,CAAC;MACrDH,oBAAoB,GAAGC,MAAM,CAACD,oBAAoB;IACpD,CAAC,MAAM;MACL,MAAMI,MAAM,GAAGxD,MAAM,CAACsD,OAAO,CAACV,SAAS,CAACM,QAAQ,CAACK,GAAG,CAAC;MACrDH,oBAAoB,GAAG,GAAGI,MAAM,CAACD,GAAG,IAAIC,MAAM,CAACf,SAAS,CAACgB,WAAW,EAAE;IACxE;IAEA,OAAO;MACLC,OAAO,EAAE,CAACN,oBAAoB,CAAC;MAC/BL,MAAM,EAAE;IACV,CAAC;EACH;;EAEA;EACA,IACEnB,WAAW,KACVC,gBAAgB,KAAK/B,iCAAiC,CAAC6D,OAAO,IAC7D9B,gBAAgB,KAAK/B,iCAAiC,CAAC8D,OAAO,CAAC,EACjE;IACA,OAAO;MACLb,MAAM,EAAE,KAAK;MACbc,IAAI,EAAE,CAACpB,SAAS,CAAC,CAAC;IACpB,CAAC;EACH;EAEA,MAAM,IAAI5B,KAAK,CACb,wIACEe,WAAW,GAAG,OAAO,GAAG,EAAE,GACzB,CAAAF,mBAAmB,aAAnBA,mBAAmB,uBAAnBA,mBAAmB,CAAEoC,IAAI,CAAC,IAAI,CAAC,KAAI,SAAS,EACjD,CAAC;AACH,CAAC;AAED,OAAO,MAAMC,oCAAoC,GAAG,MAAAA,CAAO;EACzD1D,KAAK;EACLY,uBAAuB;EACvB+C,aAAa;EACbC,mCAAmC;EACnCC,QAAQ;EACRC;AAQF,CAAC,KAAK;EACJ,MAAMC,2BAA2B,GAAGH,mCAAmC,GACnEI,MAAM,CAACC,OAAO,CAACrD,uBAAuB,CAACsD,+BAA+B,CAAC,CAACC,MAAM,CAAC,CAAC,CAACC,CAAC,CAAC,KACjFR,mCAAmC,CAAChC,QAAQ,CAACwC,CAAC,CAChD,CAAC,GACD,CAACJ,MAAM,CAACK,MAAM,CAACzD,uBAAuB,CAACsD,+BAA+B,CAAC,CAAC,CAAC,CAAC,CAAC;EAE/E,IAAIH,2BAA2B,CAACO,MAAM,KAAK,CAAC,EAAE;IAC5C,MAAM,IAAI9D,KAAK,CACb,+DAA+DoD,mCAAmC,gEACpG,CAAC;EACH;EAEA,MAAMW,WAAW,GAAG,MAAOvE,KAAK,CAACa,SAAS,CAACC,MAAM,CAAwB0D,kBAAkB,CAAC;IAC1F5D,uBAAuB;IACvB,GAAG+C,aAAa;IAChBE,QAAQ;IACRY,0BAA0B,EAAEb,mCAAmC;IAC/Dc,sBAAsB,EAAE,KAAK;IAC7BC,2CAA2C,EAAE;IAC3C;IACA;IACA;IACA,OAAO,EACP,OAAO,CACR;IACDC,yBAAyB,EAAE,MAAAA,CAAO;MAChCvD,mBAAmB;MACnBI,UAAU;MACVH,qBAAqB;MACrBC,WAAW;MACXC,gBAAgB;MAChBqD;IACkC,CAAC,KAAK;MACxC,OAAOzD,+BAA+B,CAAC;QACrCpB,KAAK;QACLqB,mBAAmB;QACnBI,UAAU;QACVH,qBAAqB;QACrBC,WAAW;QACXC,gBAAgB;QAChBqD,yBAAyB;QACzBjE,uBAAuB;QACvBkD;MACF,CAAC,CAAC;IACJ;EACF,CAAC,CAAC;;EAEF;EACA,MAAM,CAACgB,eAAe,CAAC,GAAGP,WAAW,CAACA,WAAW;EACjD,IAAI,CAACO,eAAe,EAClB,MAAM,IAAItE,KAAK,CAAC,oFAAoF,CAAC;EAEvG,IAAI,OAAOsE,eAAe,KAAK,QAAQ,EAAE;IACvC,MAAM,IAAItE,KAAK,CAAC,mFAAmF,CAAC;EACtG;EAEA,MAAMuE,MAAM,GAAGD,eAAe,CAACC,MAAM;;EAErC;;EAEA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;;EAEA;;EAEA;EACA;EACA;EACA;;EAEA,MAAMC,iBAAiB,GAAGnF,kCAAkC,CAC1DmE,MAAM,CAACK,MAAM,CAACzD,uBAAuB,CAACsD,+BAA+B,CAAC,CAAC,CAAC,CAAC,EACzE;IACEe,EAAE,EAAErE,uBAAuB,CAACsE,QAAQ,CAACC,gBAAgB,CAACC,iBAAiB;IAAE;IACzEC,OAAO,EAAEzE,uBAAuB,CAACsE,QAAQ,CAACC,gBAAgB,CAACE;EAC7D,CACF,CAAC;EAEDvF,8BAA8B,CAACiF,MAAM,EAAEC,iBAAiB,CAAC;EAEzD,OAAOD,MAAM;AACf,CAAC","ignoreList":[]}
+{"version":3,"names":["OpenId4VciCredentialFormatProfile","DidJwk","DidKey","Kms","extractOpenId4VcCredentialMetadata","setOpenId4VcCredentialMetadata","getCredentialConfigurationIdsToRequest","resolvedCredentialOffer","credentialConfigurationIdsToRequest","credentialConfigurationIds","Object","keys","offeredCredentialConfigurations","length","Error","credentialConfigurationId","resolveOpenId4VciOffer","agent","data","uri","authorization","offerUri","encodeURIComponent","JSON","stringify","config","logger","info","openid4vc","holder","resolveCredentialOffer","acquirePreAuthorizedAccessToken","txCode","requestToken","customCredentialBindingResolver","supportedDidMethods","supportsAllDidMethods","supportsJwk","credentialFormat","proofTypes","_proofTypes$jwt","didMethod","includes","undefined","key","kms","createKeyForSignatureAlgorithm","algorithm","jwt","supportedSignatureAlgorithms","publicJwk","PublicJwk","fromPublicJwk","didResult","dids","create","method","options","keyId","didState","state","didUrl","fromDid","did","verificationMethodId","didKey","fingerprint","didUrls","SdJwtVc","MsoMdoc","join","receiveCredentialFromOpenId4VciOffer","tokenResponse","clientId","credentials","requestCredentials","verifyCredentialStatus","allowedProofOfPossessionSignatureAlgorithms","credentialBindingResolver","firstCredential","record","requestedCredentialConfiguration","openId4VcMetadata","id","metadata","credentialIssuer","credential_issuer","display"],"sourceRoot":"../../../../src","sources":["modules/openid/offerResolve.tsx"],"mappings":"AAAA,SAGEA,iCAAiC,QAG5B,qBAAqB;AAC5B,SAAgBC,MAAM,EAAEC,MAAM,EAA4CC,GAAG,QAAQ,gBAAgB;AACrG,SAASC,kCAAkC,EAAEC,8BAA8B,QAAQ,YAAY;AAU/F,MAAMC,sCAAsC,GAAGA,CAAC;EAC9CC,uBAAuB;EACvBC;AAIF,CAAC,KAAK;EACJ,MAAMC,0BAA0B,GAAGD,mCAAmC,IAAI,CACxEE,MAAM,CAACC,IAAI,CAACJ,uBAAuB,CAACK,+BAA+B,CAAC,CAAC,CAAC,CAAC,CACxE;EAED,IAAIH,0BAA0B,CAACI,MAAM,KAAK,CAAC,IAAI,CAACJ,0BAA0B,CAAC,CAAC,CAAC,EAAE;IAC7E,MAAM,IAAIK,KAAK,CAAC,+DAA+D,CAAC;EAClF;EAEA,KAAK,MAAMC,yBAAyB,IAAIN,0BAA0B,EAAE;IAClE,IAAI,CAACF,uBAAuB,CAACK,+BAA+B,CAACG,yBAAyB,CAAC,EAAE;MACvF,MAAM,IAAID,KAAK,CACb,+DAA+DN,mCAAmC,gEACpG,CAAC;IACH;EACF;EAEA,OAAOC,0BAA0B;AACnC,CAAC;AAED,OAAO,MAAMO,sBAAsB,GAAG,MAAAA,CAAO;EAC3CC,KAAK;EACLC,IAAI;EACJC,GAAG;EACHC;AAQF,CAAC,KAAiD;EAChD,IAAIC,QAAQ,GAAGF,GAAG;EAElB,IAAI,CAACE,QAAQ,IAAIH,IAAI,EAAE;IACrB;IACA;IACAG,QAAQ,GAAG,8CAA8CC,kBAAkB,CAACC,IAAI,CAACC,SAAS,CAACN,IAAI,CAAC,CAAC,EAAE;EACrG,CAAC,MAAM,IAAI,CAACG,QAAQ,EAAE;IACpB,MAAM,IAAIP,KAAK,CAAC,qCAAqC,CAAC;EACxD;EAEAG,KAAK,CAACQ,MAAM,CAACC,MAAM,CAACC,IAAI,CAAC,wBAAwBN,QAAQ,EAAE,EAAE;IAC3DA,QAAQ;IACRH,IAAI,EAAEA,IAAI;IACVC,GAAG,EAAEE;EACP,CAAC,CAAC;EAEF,MAAMd,uBAAuB,GAAG,MAAMU,KAAK,CAACW,SAAS,CAACC,MAAM,CAACC,sBAAsB,CAACT,QAAQ,CAAC;EAE7F,IAAID,aAAa,EAAE;IACjB,MAAM,IAAIN,KAAK,CAAC,kFAAkF,CAAC;EACrG;EAEA,OAAOP,uBAAuB;AAChC,CAAC;AAED,OAAO,eAAewB,+BAA+BA,CAAC;EACpDd,KAAK;EACLV,uBAAuB;EACvByB;AAKF,CAAC,EAA2C;EAC1C,OAAO,MAAMf,KAAK,CAACW,SAAS,CAACC,MAAM,CAACI,YAAY,CAAC;IAC/C1B,uBAAuB;IACvByB;EACF,CAAC,CAAC;AACJ;AAEA,OAAO,MAAME,+BAA+B,GAAG,MAAAA,CAAO;EACpDjB,KAAK;EACLkB,mBAAmB;EACnBC,qBAAqB;EACrBC,WAAW;EACXC,gBAAgB;EAChBC;AACgC,CAAC,KAAgD;EAAA,IAAAC,eAAA;EACjF,IAAIC,SAAoC,GACtCL,qBAAqB,IAAID,mBAAmB,aAAnBA,mBAAmB,eAAnBA,mBAAmB,CAAEO,QAAQ,CAAC,SAAS,CAAC,GAC7D,KAAK,GACLP,mBAAmB,aAAnBA,mBAAmB,eAAnBA,mBAAmB,CAAEO,QAAQ,CAAC,SAAS,CAAC,GACtC,KAAK,GACLC,SAAS;EAEjB,IAAI,CAACR,mBAAmB,IAAI,CAACE,WAAW,EAAE;IACxCI,SAAS,GAAG,KAAK;EACnB;EAEA,MAAMG,GAAG,GAAG,MAAM3B,KAAK,CAAC4B,GAAG,CAACC,8BAA8B,CAAC;IACzDC,SAAS,EAAE,CAAAR,UAAU,aAAVA,UAAU,gBAAAC,eAAA,GAAVD,UAAU,CAAES,GAAG,cAAAR,eAAA,uBAAfA,eAAA,CAAiBS,4BAA4B,CAAC,CAAC,CAAC,KAAI;EACjE,CAAC,CAAC;EACF,MAAMC,SAAS,GAAG/C,GAAG,CAACgD,SAAS,CAACC,aAAa,CAACR,GAAG,CAACM,SAAS,CAAC;EAE5D,IAAIT,SAAS,EAAE;IACb,MAAMY,SAAS,GAAG,MAAMpC,KAAK,CAACqC,IAAI,CAACC,MAAM,CAA4C;MACnFC,MAAM,EAAEf,SAAS;MACjBgB,OAAO,EAAE;QACPC,KAAK,EAAEd,GAAG,CAACc;MACb;IACF,CAAC,CAAC;IAEF,IAAIL,SAAS,CAACM,QAAQ,CAACC,KAAK,KAAK,UAAU,EAAE;MAC3C,MAAM,IAAI9C,KAAK,CAAC,sBAAsB,CAAC;IACzC;IAEA,IAAI+C,MAAc;IAClB,IAAIpB,SAAS,KAAK,KAAK,EAAE;MACvBoB,MAAM,GAAG5D,MAAM,CAAC6D,OAAO,CAACT,SAAS,CAACM,QAAQ,CAACI,GAAG,CAAC,CAACC,oBAAoB;IACtE,CAAC,MAAM;MACL,MAAMC,MAAM,GAAG/D,MAAM,CAAC4D,OAAO,CAACT,SAAS,CAACM,QAAQ,CAACI,GAAG,CAAC;MACrDF,MAAM,GAAG,GAAGI,MAAM,CAACF,GAAG,IAAIE,MAAM,CAACf,SAAS,CAACgB,WAAW,EAAE;IAC1D;IAEA,OAAO;MACLV,MAAM,EAAE,KAAK;MACbW,OAAO,EAAE,CAACN,MAAM;IAClB,CAAC;EACH;;EAEA;EACA,IACExB,WAAW,KACVC,gBAAgB,KAAKtC,iCAAiC,CAACoE,OAAO,IAC7D9B,gBAAgB,KAAKtC,iCAAiC,CAACqE,OAAO,CAAC,EACjE;IACA,OAAO;MACLb,MAAM,EAAE,KAAK;MACb7C,IAAI,EAAE,CAACuC,SAAS,CAAC,CAAE;IACrB,CAAC;EACH;EAEA,MAAM,IAAIpC,KAAK,CACb,wIACEuB,WAAW,GAAG,OAAO,GAAG,EAAE,GACzB,CAAAF,mBAAmB,aAAnBA,mBAAmB,uBAAnBA,mBAAmB,CAAEmC,IAAI,CAAC,IAAI,CAAC,KAAI,SAAS,EACjD,CAAC;AACH,CAAC;AAED,OAAO,MAAMC,oCAAoC,GAAG,MAAAA,CAAO;EACzDtD,KAAK;EACLV,uBAAuB;EACvBiE,aAAa;EACbhE,mCAAmC;EACnCiE;AAOF,CAAC,KAAsC;EACrC,MAAMhE,0BAA0B,GAAGH,sCAAsC,CAAC;IACxEC,uBAAuB;IACvBC;EACF,CAAC,CAAC;EAEF,MAAMkE,WAAW,GAAG,MAAMzD,KAAK,CAACW,SAAS,CAACC,MAAM,CAAC8C,kBAAkB,CAAC;IAClEpE,uBAAuB;IACvB,GAAGiE,aAAa;IAChBC,QAAQ;IACRhE,0BAA0B;IAC1BmE,sBAAsB,EAAE,KAAK;IAC7BC,2CAA2C,EAAE;IAC3C;IACA;IACA;IACA,OAAO,EACP,OAAO,CACR;IACDC,yBAAyB,EAAE,MAAAA,CAAO;MAChC3C,mBAAmB;MACnBI,UAAU;MACVH,qBAAqB;MACrBC,WAAW;MACXC;IACkC,CAAC,KAAK;MACxC,OAAOJ,+BAA+B,CAAC;QACrCjB,KAAK;QACLkB,mBAAmB;QACnBI,UAAU;QACVH,qBAAqB;QACrBC,WAAW;QACXC;MACF,CAAC,CAAC;IACJ;EACF,CAAC,CAAC;;EAEF;EACA,MAAM,CAACyC,eAAe,CAAC,GAAGL,WAAW,CAACA,WAAW;EACjD,IAAI,CAACK,eAAe,EAClB,MAAM,IAAIjE,KAAK,CAAC,oFAAoF,CAAC;EAEvG,IAAI,OAAOiE,eAAe,KAAK,QAAQ,EAAE;IACvC,MAAM,IAAIjE,KAAK,CAAC,mFAAmF,CAAC;EACtG;EAEA,MAAMkE,MAAM,GAAGD,eAAe,CAACC,MAAM;EACrC,MAAMC,gCAAgC,GACpC1E,uBAAuB,CAACK,+BAA+B,CAACH,0BAA0B,CAAC,CAAC,CAAC,CAAC;EAExF,MAAMyE,iBAAiB,GAAG9E,kCAAkC,CAAC6E,gCAAgC,EAAS;IACpGE,EAAE,EAAE5E,uBAAuB,CAAC6E,QAAQ,CAACC,gBAAgB,CAACC,iBAAiB;IACvEC,OAAO,EAAEhF,uBAAuB,CAAC6E,QAAQ,CAACC,gBAAgB,CAACE;EAC7D,CAAC,CAAC;EAEFlF,8BAA8B,CAAC2E,MAAM,EAAEE,iBAAiB,CAAC;EAEzD,OAAOF,MAAM;AACf,CAAC","ignoreList":[]}

package/lib/module/modules/openid/refresh/operations.js

@@ -0,0 +1,31 @@
+import { toOpenIDCredentialLite } from '../credentialRecord';
+import { refreshAccessToken } from './refreshToken';
+import { credentialRegistry } from './registry';
+import { reissueCredentialWithAccessToken } from './reIssuance';
+export async function refreshAndQueueReplacement({
+  agent,
+  logger,
+  record,
+  toLite = toOpenIDCredentialLite
+}) {
+  const token = await refreshAccessToken({
+    logger,
+    cred: record,
+    agentContext: agent.context
+  });
+  if (!token) {
+    return undefined;
+  }
+  const newRecord = await reissueCredentialWithAccessToken({
+    agent,
+    logger,
+    record,
+    tokenResponse: token
+  });
+  if (!newRecord) {
+    return undefined;
+  }
+  credentialRegistry.getState().markExpiredWithReplacement(record.id, toLite(newRecord));
+  return newRecord;
+}
+//# sourceMappingURL=operations.js.map

package/lib/module/modules/openid/refresh/operations.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["toOpenIDCredentialLite","refreshAccessToken","credentialRegistry","reissueCredentialWithAccessToken","refreshAndQueueReplacement","agent","logger","record","toLite","token","cred","agentContext","context","undefined","newRecord","tokenResponse","getState","markExpiredWithReplacement","id"],"sourceRoot":"../../../../../src","sources":["modules/openid/refresh/operations.ts"],"mappings":"AAEA,SAAiCA,sBAAsB,QAAQ,qBAAqB;AACpF,SAASC,kBAAkB,QAAQ,gBAAgB;AACnD,SAASC,kBAAkB,QAAQ,YAAY;AAC/C,SAASC,gCAAgC,QAAQ,cAAc;AAU/D,OAAO,eAAeC,0BAA0BA,CAAC;EAC/CC,KAAK;EACLC,MAAM;EACNC,MAAM;EACNC,MAAM,GAAGR;AACc,CAAC,EAAE;EAC1B,MAAMS,KAAK,GAAG,MAAMR,kBAAkB,CAAC;IAAEK,MAAM;IAAEI,IAAI,EAAEH,MAAM;IAAEI,YAAY,EAAEN,KAAK,CAACO;EAAQ,CAAC,CAAC;EAC7F,IAAI,CAACH,KAAK,EAAE;IACV,OAAOI,SAAS;EAClB;EAEA,MAAMC,SAAS,GAAG,MAAMX,gCAAgC,CAAC;IACvDE,KAAK;IACLC,MAAM;IACNC,MAAM;IACNQ,aAAa,EAAEN;EACjB,CAAC,CAAC;EAEF,IAAI,CAACK,SAAS,EAAE;IACd,OAAOD,SAAS;EAClB;EAEAX,kBAAkB,CAACc,QAAQ,CAAC,CAAC,CAACC,0BAA0B,CAACV,MAAM,CAACW,EAAE,EAAEV,MAAM,CAACM,SAAS,CAAC,CAAC;EACtF,OAAOA,SAAS;AAClB","ignoreList":[]}

package/lib/module/modules/openid/refresh/reIssuance.js

@@ -6,8 +6,7 @@ export async function reissueCredentialWithAccessToken({
   logger,
   record,
   tokenResponse,
-  clientId,
-  pidSchemes
+  clientId
 }) {
   if (!record) {
     throw new Error('No credential record provided for re-issuance.');
@@ -29,26 +28,23 @@ export async function reissueCredentialWithAccessToken({
   logger.info('*** Starting to get new credential via re-issuance flow ***');
   // Request a **new** credential using the *existing* configuration id
 
-  const creds = await agent.modules.openid4vc.holder.requestCredentials({
+  const creds = await agent.openid4vc.holder.requestCredentials({
     resolvedCredentialOffer,
     accessToken: tokenResponse.access_token,
     tokenType: tokenResponse.token_type || 'Bearer',
     cNonce: tokenResponse.c_nonce,
     clientId,
-    credentialsToRequest: [credentialConfigurationId],
+    credentialConfigurationIds: [credentialConfigurationId],
     verifyCredentialStatus: false,
     // you’ll check after storing
     allowedProofOfPossessionSignatureAlgorithms: ['EdDSA', 'ES256'],
     credentialBindingResolver: async opts => customCredentialBindingResolver({
       agent,
       supportedDidMethods: opts.supportedDidMethods,
-      // keyType: opts.keyType,
+      proofTypes: opts.proofTypes,
       supportsAllDidMethods: opts.supportsAllDidMethods,
       supportsJwk: opts.supportsJwk,
-      credentialFormat: opts.credentialFormat,
-      // supportedCredentialId: opts.supportedCredentialId,
-      resolvedCredentialOffer: resolvedCredentialOffer,
-      pidSchemes
+      credentialFormat: opts.credentialFormat
     })
   });
   logger.info('*** New credential received via re-issuance flow ***.');
@@ -70,7 +66,8 @@ export async function reissueCredentialWithAccessToken({
   //   })
   // }
 
-  const openId4VcMetadata = extractOpenId4VcCredentialMetadata(resolvedCredentialOffer.offeredCredentialConfigurations, {
+  const requestedCredentialConfiguration = resolvedCredentialOffer.offeredCredentialConfigurations[credentialConfigurationId];
+  const openId4VcMetadata = extractOpenId4VcCredentialMetadata(requestedCredentialConfiguration, {
     id: resolvedCredentialOffer.metadata.credentialIssuer.credential_issuer,
     display: resolvedCredentialOffer.metadata.credentialIssuer.display
   });

package/lib/module/modules/openid/refresh/reIssuance.js.map

@@ -1 +1 @@
-{"version":3,"names":["customCredentialBindingResolver","extractOpenId4VcCredentialMetadata","getRefreshCredentialMetadata","setOpenId4VcCredentialMetadata","setRefreshCredentialMetadata","RefreshStatus","reissueCredentialWithAccessToken","agent","logger","record","tokenResponse","clientId","pidSchemes","Error","refreshMetaData","credentialConfigurationId","resolvedCredentialOffer","access_token","info","creds","modules","openid4vc","holder","requestCredentials","accessToken","tokenType","token_type","cNonce","c_nonce","credentialsToRequest","verifyCredentialStatus","allowedProofOfPossessionSignatureAlgorithms","credentialBindingResolver","opts","supportedDidMethods","supportsAllDidMethods","supportsJwk","credentialFormat","firstCredential","credentials","newRecord","openId4VcMetadata","offeredCredentialConfigurations","id","metadata","credentialIssuer","credential_issuer","display","refreshToken","refresh_token","lastCheckedAt","Date","now","lastCheckResult","Valid"],"sourceRoot":"../../../../../src","sources":["modules/openid/refresh/reIssuance.ts"],"mappings":"AAeA,SAASA,+BAA+B,QAAQ,iBAAiB;AAEjE,SACEC,kCAAkC,EAClCC,4BAA4B,EAC5BC,8BAA8B,EAC9BC,4BAA4B,QACvB,aAAa;AACpB,SAASC,aAAa,QAAQ,SAAS;AAavC,OAAO,eAAeC,gCAAgCA,CAAC;EACrDC,KAAK;EACLC,MAAM;EACNC,MAAM;EACNC,aAAa;EACbC,QAAQ;EACRC;AAC2B,CAAC,EAAiG;EAC7H,IAAI,CAACH,MAAM,EAAE;IACX,MAAM,IAAII,KAAK,CAAC,gDAAgD,CAAC;EACnE;EAEA,MAAMC,eAAe,GAAGZ,4BAA4B,CAACO,MAAM,CAAC;EAC5D,IAAI,CAACK,eAAe,EAAE;IACpB,MAAM,IAAID,KAAK,CAAC,0DAA0D,CAAC;EAC7E;EACA,MAAM;IAAEE,yBAAyB;IAAEC;EAAwB,CAAC,GAAGF,eAAe;EAE9E,IAAI,CAACE,uBAAuB,EAAE;IAC5B,MAAM,IAAIH,KAAK,CAAC,6EAA6E,CAAC;EAChG;EAEA,IAAI,CAACH,aAAa,CAACO,YAAY,EAAE;IAC/B,MAAM,IAAIJ,KAAK,CAAC,8DAA8D,CAAC;EACjF;EAEAL,MAAM,CAACU,IAAI,CAAC,6DAA6D,CAAC;EAC1E;;EAQA,MAAMC,KAAe,GAAG,MAAMZ,KAAK,CAACa,OAAO,CAACC,SAAS,CAACC,MAAM,CAACC,kBAAkB,CAAC;IAC9EP,uBAAuB;IACvBQ,WAAW,EAAEd,aAAa,CAACO,YAAY;IACvCQ,SAAS,EAAEf,aAAa,CAACgB,UAAU,IAAI,QAAQ;IAC/CC,MAAM,EAAEjB,aAAa,CAACkB,OAAO;IAC7BjB,QAAQ;IACRkB,oBAAoB,EAAE,CAACd,yBAAyB,CAAC;IACjDe,sBAAsB,EAAE,KAAK;IAAE;IAC/BC,2CAA2C,EAAE,CAAC,OAAO,EAAE,OAAO,CAAC;IAC/DC,yBAAyB,EAAE,MAAOC,IAAwC,IACxEjC,+BAA+B,CAAC;MAC9BO,KAAK;MACL2B,mBAAmB,EAAED,IAAI,CAACC,mBAAmB;MAC7C;MACAC,qBAAqB,EAAEF,IAAI,CAACE,qBAAqB;MACjDC,WAAW,EAAEH,IAAI,CAACG,WAAW;MAC7BC,gBAAgB,EAAEJ,IAAI,CAACI,gBAAgB;MACvC;MACArB,uBAAuB,EAAEA,uBAAuB;MAChDJ;IACF,CAAC;EACL,CAAC,CAAC;EAEFJ,MAAM,CAACU,IAAI,CAAC,uDAAuD,CAAC;;EAEpE;EACA,MAAM,CAACoB,eAAe,CAAC,GAAGnB,KAAK,CAACoB,WAAW;EAC3C,IAAI,CAACD,eAAe,IAAI,OAAOA,eAAe,KAAK,QAAQ,EAAE;IAC3D,MAAM,IAAIzB,KAAK,CAAC,+DAA+D,CAAC;EAClF;EAEA,MAAM2B,SAAmF,GAAGF,eAAe,CAAC7B,MAAM;EAClH;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;;EAEA,MAAMgC,iBAAiB,GAAGxC,kCAAkC,CAC1De,uBAAuB,CAAC0B,+BAA+B,EACvD;IACEC,EAAE,EAAE3B,uBAAuB,CAAC4B,QAAQ,CAACC,gBAAgB,CAACC,iBAAiB;IACvEC,OAAO,EAAE/B,uBAAuB,CAAC4B,QAAQ,CAACC,gBAAgB,CAACE;EAC7D,CACF,CAAC;EAED5C,8BAA8B,CAACqC,SAAS,EAAEC,iBAAiB,CAAC;EAE5DrC,4BAA4B,CAACoC,SAAS,EAAE;IACtC,GAAG1B,eAAe;IAClBkC,YAAY,EAAEtC,aAAa,CAACuC,aAAa,IAAInC,eAAe,CAACkC,YAAY;IACzEE,aAAa,EAAEC,IAAI,CAACC,GAAG,CAAC,CAAC;IACzBC,eAAe,EAAEhD,aAAa,CAACiD;EACjC,CAAC,CAAC;EAEF,OAAOd,SAAS;AAClB","ignoreList":[]}
+{"version":3,"names":["customCredentialBindingResolver","extractOpenId4VcCredentialMetadata","getRefreshCredentialMetadata","setOpenId4VcCredentialMetadata","setRefreshCredentialMetadata","RefreshStatus","reissueCredentialWithAccessToken","agent","logger","record","tokenResponse","clientId","Error","refreshMetaData","credentialConfigurationId","resolvedCredentialOffer","access_token","info","creds","openid4vc","holder","requestCredentials","accessToken","tokenType","token_type","cNonce","c_nonce","credentialConfigurationIds","verifyCredentialStatus","allowedProofOfPossessionSignatureAlgorithms","credentialBindingResolver","opts","supportedDidMethods","proofTypes","supportsAllDidMethods","supportsJwk","credentialFormat","firstCredential","credentials","newRecord","requestedCredentialConfiguration","offeredCredentialConfigurations","openId4VcMetadata","id","metadata","credentialIssuer","credential_issuer","display","refreshToken","refresh_token","lastCheckedAt","Date","now","lastCheckResult","Valid"],"sourceRoot":"../../../../../src","sources":["modules/openid/refresh/reIssuance.ts"],"mappings":"AASA,SAASA,+BAA+B,QAAQ,iBAAiB;AAEjE,SACEC,kCAAkC,EAClCC,4BAA4B,EAC5BC,8BAA8B,EAC9BC,4BAA4B,QACvB,aAAa;AACpB,SAASC,aAAa,QAAQ,SAAS;AAYvC,OAAO,eAAeC,gCAAgCA,CAAC;EACrDC,KAAK;EACLC,MAAM;EACNC,MAAM;EACNC,aAAa;EACbC;AAC2B,CAAC,EAA+C;EAC3E,IAAI,CAACF,MAAM,EAAE;IACX,MAAM,IAAIG,KAAK,CAAC,gDAAgD,CAAC;EACnE;EAEA,MAAMC,eAAe,GAAGX,4BAA4B,CAACO,MAAM,CAAC;EAC5D,IAAI,CAACI,eAAe,EAAE;IACpB,MAAM,IAAID,KAAK,CAAC,0DAA0D,CAAC;EAC7E;EACA,MAAM;IAAEE,yBAAyB;IAAEC;EAAwB,CAAC,GAAGF,eAAe;EAE9E,IAAI,CAACE,uBAAuB,EAAE;IAC5B,MAAM,IAAIH,KAAK,CAAC,6EAA6E,CAAC;EAChG;EAEA,IAAI,CAACF,aAAa,CAACM,YAAY,EAAE;IAC/B,MAAM,IAAIJ,KAAK,CAAC,8DAA8D,CAAC;EACjF;EAEAJ,MAAM,CAACS,IAAI,CAAC,6DAA6D,CAAC;EAC1E;;EAQA,MAAMC,KAAe,GAAG,MAAMX,KAAK,CAACY,SAAS,CAACC,MAAM,CAACC,kBAAkB,CAAC;IACtEN,uBAAuB;IACvBO,WAAW,EAAEZ,aAAa,CAACM,YAAY;IACvCO,SAAS,EAAEb,aAAa,CAACc,UAAU,IAAI,QAAQ;IAC/CC,MAAM,EAAEf,aAAa,CAACgB,OAAO;IAC7Bf,QAAQ;IACRgB,0BAA0B,EAAE,CAACb,yBAAyB,CAAC;IACvDc,sBAAsB,EAAE,KAAK;IAAE;IAC/BC,2CAA2C,EAAE,CAAC,OAAO,EAAE,OAAO,CAAC;IAC/DC,yBAAyB,EAAE,MAAOC,IAAwC,IACxE/B,+BAA+B,CAAC;MAC9BO,KAAK;MACLyB,mBAAmB,EAAED,IAAI,CAACC,mBAAmB;MAC7CC,UAAU,EAAEF,IAAI,CAACE,UAAU;MAC3BC,qBAAqB,EAAEH,IAAI,CAACG,qBAAqB;MACjDC,WAAW,EAAEJ,IAAI,CAACI,WAAW;MAC7BC,gBAAgB,EAAEL,IAAI,CAACK;IACzB,CAAC;EACL,CAAC,CAAC;EAEF5B,MAAM,CAACS,IAAI,CAAC,uDAAuD,CAAC;;EAEpE;EACA,MAAM,CAACoB,eAAe,CAAC,GAAGnB,KAAK,CAACoB,WAAW;EAC3C,IAAI,CAACD,eAAe,IAAI,OAAOA,eAAe,KAAK,QAAQ,EAAE;IAC3D,MAAM,IAAIzB,KAAK,CAAC,+DAA+D,CAAC;EAClF;EAEA,MAAM2B,SAAiC,GAAGF,eAAe,CAAC5B,MAAM;EAChE;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;;EAEA,MAAM+B,gCAAgC,GACpCzB,uBAAuB,CAAC0B,+BAA+B,CAAC3B,yBAAyB,CAAC;EAEpF,MAAM4B,iBAAiB,GAAGzC,kCAAkC,CAACuC,gCAAgC,EAAS;IACpGG,EAAE,EAAE5B,uBAAuB,CAAC6B,QAAQ,CAACC,gBAAgB,CAACC,iBAAiB;IACvEC,OAAO,EAAEhC,uBAAuB,CAAC6B,QAAQ,CAACC,gBAAgB,CAACE;EAC7D,CAAC,CAAC;EAEF5C,8BAA8B,CAACoC,SAAS,EAAEG,iBAAiB,CAAC;EAE5DtC,4BAA4B,CAACmC,SAAS,EAAE;IACtC,GAAG1B,eAAe;IAClBmC,YAAY,EAAEtC,aAAa,CAACuC,aAAa,IAAIpC,eAAe,CAACmC,YAAY;IACzEE,aAAa,EAAEC,IAAI,CAACC,GAAG,CAAC,CAAC;IACzBC,eAAe,EAAEhD,aAAa,CAACiD;EACjC,CAAC,CAAC;EAEF,OAAOf,SAAS;AAClB","ignoreList":[]}

package/lib/module/modules/openid/refresh/refreshOrchestrator.js

@@ -1,48 +1,49 @@
 // modules/openid/refresh/RefreshOrchestrator.ts
-import { ClaimFormat, SdJwtVcRecord, W3cCredentialRecord } from '@credo-ts/core';
-import { refreshAccessToken } from './refreshToken';
-import { reissueCredentialWithAccessToken } from './reIssuance';
-import { RefreshStatus } from './types';
+
+import { OpenIDCredentialRefreshFlowType, RefreshStatus } from './types';
 import { credentialRegistry } from './registry';
 import { verifyCredentialStatus } from './verifyCredentialStatus';
 import { getRefreshCredentialMetadata, markOpenIDCredentialStatus, persistCredentialRecord, setRefreshCredentialMetadata } from '../metadata';
-const defaultToLite = rec => {
-  var _rec$createdAt;
-  return {
-    id: rec.id,
-    // best-effort: SdJwt/W3C both expose claimFormat via tags in many setups.
-    // Fallback to JwtVc if unknown so UI has *some* value.
-    format: rec instanceof W3cCredentialRecord && ClaimFormat.JwtVc || rec instanceof SdJwtVcRecord && ClaimFormat.SdJwtW3cVc || ClaimFormat.JwtVc,
-    // TODO: Won't these checks against ClaimFormat always be true?
-    createdAt: (_rec$createdAt = rec.createdAt) === null || _rec$createdAt === void 0 ? void 0 : _rec$createdAt.toISOString(),
-    issuer: undefined
-  };
-};
+import { toOpenIDCredentialLite } from '../credentialRecord';
+import { refreshAndQueueReplacement } from './operations';
 export class RefreshOrchestrator {
   intervalOn = false; // interval enabled?
   runningOnce = false; // a run is in progress?
-
+  startupRunTriggered = false;
   recentlyIssued = new Map();
-  checkStatusOnly = true;
   constructor(logger, bridge, opts) {
     this.logger = logger;
     this.opts = {
       intervalMs: 15 * 60 * 1000,
       autoStart: true,
+      runOnStart: false,
+      flowType: OpenIDCredentialRefreshFlowType.FullReplacement,
       onError: e => this.logger.error(String(e)),
       listRecords: async () => [],
-      toLite: defaultToLite,
+      toLite: toOpenIDCredentialLite,
       ...(opts ?? {})
     };
     logger.info(`🔧 [RefreshOrchestrator] initialized -> ${JSON.stringify({
       intervalMs: this.opts.intervalMs,
-      autoStart: this.opts.autoStart
+      autoStart: this.opts.autoStart,
+      runOnStart: this.opts.runOnStart,
+      flowType: this.opts.flowType
     })}`);
     bridge.onReady(agent => {
       this.agent = agent;
       this.logger.info('🪝 [RefreshOrchestrator] Agent ready');
+      if (this.opts.runOnStart && !this.startupRunTriggered) {
+        this.startupRunTriggered = true;
+        void this.runOnce('startup');
+      }
       if (this.opts.autoStart && this.opts.intervalMs) this.start();
     }, true);
+    bridge.onChange(agent => {
+      if (agent) return;
+      this.agent = undefined;
+      this.logger.info('🪝 [RefreshOrchestrator] Agent cleared');
+      this.stop();
+    });
   }
   configure(next) {
     const prev = {
@@ -59,7 +60,9 @@ export class RefreshOrchestrator {
     };
     this.logger.info(`🔧 [RefreshOrchestrator] configure -> ${JSON.stringify({
       intervalMs: this.opts.intervalMs,
-      autoStart: this.opts.autoStart
+      autoStart: this.opts.autoStart,
+      runOnStart: this.opts.runOnStart,
+      flowType: this.opts.flowType
     })}`);
     const nowIntervalMs = this.opts.intervalMs ?? null;
     const nowAutoStart = this.opts.autoStart ?? true;
@@ -133,8 +136,11 @@ export class RefreshOrchestrator {
       for (const rec of records) {
         // don’t block whole batch if one fails
         try {
-          await this.checkRecordStatus(rec);
-          // await this.refreshRecord(rec)
+          if (this.opts.flowType === OpenIDCredentialRefreshFlowType.FullReplacement) {
+            await this.refreshRecord(rec);
+          } else {
+            await this.checkRecordStatus(rec);
+          }
         } catch (e) {
           var _this$opts$onError, _this$opts;
           this.logger.error(`💥 [Refresh] record ${rec.id} failed: ${String(e)}`);
@@ -165,6 +171,7 @@ export class RefreshOrchestrator {
       shouldSkip,
       markRefreshing,
       clearRefreshing,
+      clearExpired,
       upsert,
       markInvalid,
       setLastSweep
@@ -189,19 +196,22 @@ export class RefreshOrchestrator {
     this.logger.info(`🧭 [Refresh] check credential ${id}`);
     try {
       // 3) verification
-      const isValid = await verifyCredentialStatus(rec, this.logger);
+      const status = await verifyCredentialStatus(rec, this.logger);
       const now = Date.now();
       const meta = getRefreshCredentialMetadata(rec) ?? {};
-      meta.lastCheckResult = isValid ? RefreshStatus.Valid : RefreshStatus.Invalid;
+      meta.lastCheckResult = status;
       meta.lastCheckedAt = now;
       meta.attemptCount = (meta.attemptCount ?? 0) + 1;
       setRefreshCredentialMetadata(rec, meta);
       await persistCredentialRecord(this.agent.context, rec);
-      if (isValid) {
+      if (status === RefreshStatus.Valid) {
         this.logger.info(`✅ [Refresh] valid → ${id}`);
-      } else {
+        clearExpired(id);
+      } else if (status === RefreshStatus.Invalid) {
         this.logger.info(`❌ [Refresh] invalid → ${id}`);
-        markInvalid(id); // <-- key change: we only flag invalid here
+        markInvalid(id);
+      } else {
+        this.logger.warn(`⚠️ [Refresh] status check error → ${id}`);
       }
       setLastSweep(new Date(now).toISOString());
     } catch (error) {
@@ -218,9 +228,8 @@ export class RefreshOrchestrator {
       markRefreshing,
       clearRefreshing,
       clearExpired,
-      markExpiredWithReplacement,
-      blockAsFailed,
       blockAsSucceeded,
+      markInvalid,
       upsert
     } = credentialRegistry.getState();
     const id = rec.id;
@@ -243,8 +252,8 @@ export class RefreshOrchestrator {
     this.logger.info(`🧭 [Refresh] check credential ${id}`);
     try {
       // 3) verification
-      const isValid = await verifyCredentialStatus(rec, this.logger);
-      if (isValid) {
+      const status = await verifyCredentialStatus(rec, this.logger);
+      if (status === RefreshStatus.Valid) {
         this.logger.info(`✅ [Refresh] valid → ${id}`);
         // If it was previously expired for any reason, clear that and block as succeeded
         clearExpired(id);
@@ -252,6 +261,15 @@ export class RefreshOrchestrator {
         // blockAsSucceeded(id)
         return;
       }
+      if (status === RefreshStatus.Error) {
+        this.logger.warn(`⚠️ [Refresh] status check failed; deferring re-issue → ${id}`);
+        await markOpenIDCredentialStatus({
+          credential: rec,
+          status: RefreshStatus.Error,
+          agentContext: this.agent.context
+        });
+        return;
+      }
 
       // Invalid case:
 
@@ -260,48 +278,28 @@ export class RefreshOrchestrator {
         status: RefreshStatus.Invalid,
         agentContext: this.agent.context
       });
-
-      // 4) needs refresh → get access token
       this.logger.info(`♻️ [Refresh] invalid, attempting re-issue → ${id}`);
-      const token = await refreshAccessToken({
-        logger: this.logger,
-        cred: rec,
-        agentContext: this.agent.context
-      });
-      if (!token) {
-        const msg = `no refresh token available`;
-        this.logger.warn(`⚠️ [Refresh] ${msg} for ${id}`);
-        blockAsFailed(id, msg);
-        return;
-      }
-
-      // 5) re-issue
-      const newRecord = await reissueCredentialWithAccessToken({
+      const newRecord = await refreshAndQueueReplacement({
         agent: this.agent,
         logger: this.logger,
         record: rec,
-        tokenResponse: token
+        toLite: this.opts.toLite
       });
-      if (newRecord) {
-        this.logger.info(`💾 [Refresh] new credential → ${newRecord.id}`);
-        // Queue a replacement for UI/notifications and block the old one as succeeded
-        markExpiredWithReplacement(id, this.opts.toLite(newRecord));
-        blockAsSucceeded(id);
-        this.recentlyIssued.set(newRecord.id, newRecord);
-      } else {
-        const msg = `re-issue returned no record`;
+      if (!newRecord) {
+        const msg = 'credential refresh did not yield a replacement';
         this.logger.warn(`⚠️ [Refresh] ${msg} for ${id}`);
-        blockAsFailed(id, msg);
-        await markOpenIDCredentialStatus({
-          credential: rec,
-          status: RefreshStatus.Invalid,
-          agentContext: this.agent.context
-        });
+        markInvalid(id);
+        return;
       }
+      this.logger.info(`💾 [Refresh] new credential → ${newRecord.id}`);
+      blockAsSucceeded(id);
+      this.recentlyIssued.set(newRecord.id, newRecord);
     } catch (e) {
+      var _this$opts$onError4, _this$opts4;
       const err = String(e);
       this.logger.error(`💥 [Refresh] error on ${id}: ${err}`);
-      blockAsFailed(id, err);
+      (_this$opts$onError4 = (_this$opts4 = this.opts).onError) === null || _this$opts$onError4 === void 0 || _this$opts$onError4.call(_this$opts4, e);
+      markInvalid(id);
     } finally {
       // 6) clear in-flight marker
       clearRefreshing(id);

package/lib/module/modules/openid/refresh/refreshOrchestrator.js.map

@@ -1 +1 @@
-{"version":3,"names":["ClaimFormat","SdJwtVcRecord","W3cCredentialRecord","refreshAccessToken","reissueCredentialWithAccessToken","RefreshStatus","credentialRegistry","verifyCredentialStatus","getRefreshCredentialMetadata","markOpenIDCredentialStatus","persistCredentialRecord","setRefreshCredentialMetadata","defaultToLite","rec","_rec$createdAt","id","format","JwtVc","SdJwtW3cVc","createdAt","toISOString","issuer","undefined","RefreshOrchestrator","intervalOn","runningOnce","recentlyIssued","Map","checkStatusOnly","constructor","logger","bridge","opts","intervalMs","autoStart","onError","e","error","String","listRecords","toLite","info","JSON","stringify","onReady","agent","start","configure","next","prev","agentReady","nowIntervalMs","nowAutoStart","stop","isRunning","timer","setInterval","runOnce","clearInterval","reason","_this$agent","warn","isInitialized","records","length","checkRecordStatus","_this$opts$onError","_this$opts","call","_this$opts$onError2","_this$opts2","setIntervalMs","resolveFull","get","shouldSkip","markRefreshing","clearRefreshing","upsert","markInvalid","setLastSweep","getState","isValid","now","Date","meta","lastCheckResult","Valid","Invalid","lastCheckedAt","attemptCount","context","_this$opts$onError3","_this$opts3","refreshRecord","clearExpired","markExpiredWithReplacement","blockAsFailed","blockAsSucceeded","credential","status","agentContext","token","cred","msg","newRecord","record","tokenResponse","set","err"],"sourceRoot":"../../../../../src","sources":["modules/openid/refresh/refreshOrchestrator.ts"],"mappings":"AAAA;AACA,SAAgBA,WAAW,EAAcC,aAAa,EAAEC,mBAAmB,QAA+B,gBAAgB;AAE1H,SAASC,kBAAkB,QAAQ,gBAAgB;AACnD,SAASC,gCAAgC,QAAQ,cAAc;AAC/D,SAAmFC,aAAa,QAAQ,SAAS;AAEjH,SAASC,kBAAkB,QAAQ,YAAY;AAC/C,SAASC,sBAAsB,QAAQ,0BAA0B;AACjE,SACEC,4BAA4B,EAC5BC,0BAA0B,EAC1BC,uBAAuB,EACvBC,4BAA4B,QACvB,aAAa;AAIpB,MAAMC,aAAa,GAAIC,GAAY;EAAA,IAAAC,cAAA;EAAA,OAAM;IACvCC,EAAE,EAAEF,GAAG,CAACE,EAAE;IACV;IACA;IACAC,MAAM,EACHH,GAAG,YAAYX,mBAAmB,IAAIF,WAAW,CAACiB,KAAK,IACvDJ,GAAG,YAAYZ,aAAa,IAAID,WAAW,CAACkB,UAAW,IACxDlB,WAAW,CAACiB,KAAK;IAAE;IACrBE,SAAS,GAAAL,cAAA,GAAED,GAAG,CAACM,SAAS,cAAAL,cAAA,uBAAbA,cAAA,CAAeM,WAAW,CAAC,CAAC;IACvCC,MAAM,EAAEC;EACV,CAAC;AAAA,CAAC;AAEF,OAAO,MAAMC,mBAAmB,CAAiC;EAEvDC,UAAU,GAAG,KAAK,EAAC;EACnBC,WAAW,GAAG,KAAK,EAAC;;EAGXC,cAAc,GAAG,IAAIC,GAAG,CAAkB,CAAC;EAC3CC,eAAe,GAAG,IAAI;EAEhCC,WAAWA,CAAkBC,MAAoB,EAAEC,MAAmB,EAAEC,IAA8B,EAAE;IAAA,KAA3EF,MAAoB,GAApBA,MAAoB;IACtD,IAAI,CAACE,IAAI,GAAG;MACVC,UAAU,EAAE,EAAE,GAAG,EAAE,GAAG,IAAI;MAC1BC,SAAS,EAAE,IAAI;MACfC,OAAO,EAAGC,CAAC,IAAK,IAAI,CAACN,MAAM,CAACO,KAAK,CAACC,MAAM,CAACF,CAAC,CAAC,CAAC;MAC5CG,WAAW,EAAE,MAAAA,CAAA,KAAY,EAAE;MAC3BC,MAAM,EAAE5B,aAAa;MACrB,IAAIoB,IAAI,IAAI,CAAC,CAAC;IAChB,CAAC;IAEDF,MAAM,CAACW,IAAI,CACT,2CAA2CC,IAAI,CAACC,SAAS,CAAC;MACxDV,UAAU,EAAE,IAAI,CAACD,IAAI,CAACC,UAAU;MAChCC,SAAS,EAAE,IAAI,CAACF,IAAI,CAACE;IACvB,CAAC,CAAC,EACJ,CAAC;IAEDH,MAAM,CAACa,OAAO,CAAEC,KAAK,IAAK;MACxB,IAAI,CAACA,KAAK,GAAGA,KAAK;MAClB,IAAI,CAACf,MAAM,CAACW,IAAI,CAAC,sCAAsC,CAAC;MACxD,IAAI,IAAI,CAACT,IAAI,CAACE,SAAS,IAAI,IAAI,CAACF,IAAI,CAACC,UAAU,EAAE,IAAI,CAACa,KAAK,CAAC,CAAC;IAC/D,CAAC,EAAE,IAAI,CAAC;EACV;EAEOC,SAASA,CAACC,IAAsC,EAAE;IACvD,MAAMC,IAAI,GAAG;MACXzB,UAAU,EAAE,IAAI,CAACA,UAAU;MAC3BS,UAAU,EAAE,IAAI,CAACD,IAAI,CAACC,UAAU,IAAI,IAAI;MACxCC,SAAS,EAAE,IAAI,CAACF,IAAI,CAACE,SAAS,IAAI,IAAI;MACtCgB,UAAU,EAAE,CAAC,CAAC,IAAI,CAACL;IACrB,CAAC;;IAED;IACA,IAAI,CAACb,IAAI,GAAG;MAAE,GAAG,IAAI,CAACA,IAAI;MAAE,GAAGgB;IAAK,CAAC;IAErC,IAAI,CAAClB,MAAM,CAACW,IAAI,CACd,yCAAyCC,IAAI,CAACC,SAAS,CAAC;MACtDV,UAAU,EAAE,IAAI,CAACD,IAAI,CAACC,UAAU;MAChCC,SAAS,EAAE,IAAI,CAACF,IAAI,CAACE;IACvB,CAAC,CAAC,EACJ,CAAC;IAED,MAAMiB,aAAa,GAAG,IAAI,CAACnB,IAAI,CAACC,UAAU,IAAI,IAAI;IAClD,MAAMmB,YAAY,GAAG,IAAI,CAACpB,IAAI,CAACE,SAAS,IAAI,IAAI;;IAEhD;IACA,IAAIe,IAAI,CAACzB,UAAU,IAAIyB,IAAI,CAAChB,UAAU,KAAKkB,aAAa,EAAE;MACxD,IAAI,CAACE,IAAI,CAAC,CAAC;MACX,IAAIF,aAAa,EAAE,IAAI,CAACL,KAAK,CAAC,CAAC;MAC/B;IACF;;IAEA;IACA,IAAIG,IAAI,CAACzB,UAAU,IAAI2B,aAAa,KAAK,IAAI,EAAE;MAC7C,IAAI,CAACE,IAAI,CAAC,CAAC;MACX;IACF;;IAEA;IACA;IACA;IACA,IAAI,CAACJ,IAAI,CAACzB,UAAU,IAAI2B,aAAa,IAAIC,YAAY,EAAE;MACrD;MACA,IAAI,IAAI,CAACP,KAAK,EAAE,IAAI,CAACC,KAAK,CAAC,CAAC;MAC5B;MACA;IACF;;IAEA;IACA,IAAI,CAACG,IAAI,CAACzB,UAAU,IAAI,CAACyB,IAAI,CAACf,SAAS,IAAIkB,YAAY,IAAID,aAAa,EAAE;MACxE,IAAI,IAAI,CAACN,KAAK,EAAE,IAAI,CAACC,KAAK,CAAC,CAAC;MAC5B;MACA;IACF;;IAEA;EACF;EAEOQ,SAASA,CAAA,EAAG;IACjB,OAAO,IAAI,CAAC7B,WAAW;EACzB;EAEOqB,KAAKA,CAAA,EAAG;IACb,IAAI,IAAI,CAACtB,UAAU,IAAI,CAAC,IAAI,CAACQ,IAAI,CAACC,UAAU,EAAE;IAC9C,IAAI,CAACH,MAAM,CAACW,IAAI,CAAC,yCAAyC,CAAC;IAC3D,IAAI,CAACjB,UAAU,GAAG,IAAI;IACtB,IAAI,CAAC+B,KAAK,GAAGC,WAAW,CAAC,MAAM;MAC7B;MACA,KAAK,IAAI,CAACC,OAAO,CAAC,UAAU,CAAC;IAC/B,CAAC,EAAE,IAAI,CAACzB,IAAI,CAACC,UAAU,CAAC;EAC1B;EAEOoB,IAAIA,CAAA,EAAG;IACZ,IAAI,CAAC,IAAI,CAAC7B,UAAU,EAAE;IACtB,IAAI,CAACM,MAAM,CAACW,IAAI,CAAC,wCAAwC,CAAC;IAC1DiB,aAAa,CAAC,IAAI,CAACH,KAAM,CAAC;IAC1B,IAAI,CAACA,KAAK,GAAGjC,SAAS;IACtB,IAAI,CAACE,UAAU,GAAG,KAAK;EACzB;EAEA,MAAaiC,OAAOA,CAACE,MAAM,GAAG,QAAQ,EAAE;IAAA,IAAAC,WAAA;IACtC,IAAI,IAAI,CAACnC,WAAW,EAAE;MACpB,IAAI,CAACK,MAAM,CAAC+B,IAAI,CAAC,2DAA2D,CAAC;MAC7E;IACF;IACA,IAAI,CAAC,IAAI,CAAChB,KAAK,IAAI,GAAAe,WAAA,GAAC,IAAI,CAACf,KAAK,cAAAe,WAAA,eAAVA,WAAA,CAAYE,aAAa,GAAE;MAC7C,IAAI,CAAChC,MAAM,CAAC+B,IAAI,CAAC,2DAA2D,CAAC;MAC7E;IACF;IAEA,IAAI,CAACpC,WAAW,GAAG,IAAI;IACvB,IAAI,CAACK,MAAM,CAACW,IAAI,CAAC,qCAAqCkB,MAAM,GAAG,CAAC;IAEhE,IAAI;MACF,MAAMI,OAAO,GAAG,MAAM,IAAI,CAAC/B,IAAI,CAACO,WAAW,CAAC,CAAC;MAC7C,IAAI,CAACT,MAAM,CAACW,IAAI,CAAC,sBAAsBsB,OAAO,CAACC,MAAM,qBAAqB,CAAC;MAC3E,KAAK,MAAMnD,GAAG,IAAIkD,OAAO,EAAe;QACtC;QACA,IAAI;UACF,MAAM,IAAI,CAACE,iBAAiB,CAACpD,GAAG,CAAC;UACjC;QACF,CAAC,CAAC,OAAOuB,CAAC,EAAE;UAAA,IAAA8B,kBAAA,EAAAC,UAAA;UACV,IAAI,CAACrC,MAAM,CAACO,KAAK,CAAC,uBAAuBxB,GAAG,CAACE,EAAE,YAAYuB,MAAM,CAACF,CAAC,CAAC,EAAE,CAAC;UACvE,CAAA8B,kBAAA,IAAAC,UAAA,OAAI,CAACnC,IAAI,EAACG,OAAO,cAAA+B,kBAAA,eAAjBA,kBAAA,CAAAE,IAAA,CAAAD,UAAA,EAAoB/B,CAAC,CAAC;QACxB;MACF;MACA,IAAI,CAACN,MAAM,CAACW,IAAI,CAAC,2BAA2B,CAAC;IAC/C,CAAC,CAAC,OAAOL,CAAC,EAAE;MAAA,IAAAiC,mBAAA,EAAAC,WAAA;MACV,IAAI,CAACxC,MAAM,CAACO,KAAK,CAAC,8BAA8BC,MAAM,CAACF,CAAC,CAAC,EAAE,CAAC;MAC5D,CAAAiC,mBAAA,IAAAC,WAAA,OAAI,CAACtC,IAAI,EAACG,OAAO,cAAAkC,mBAAA,eAAjBA,mBAAA,CAAAD,IAAA,CAAAE,WAAA,EAAoBlC,CAAC,CAAC;IACxB,CAAC,SAAS;MACR,IAAI,CAACX,WAAW,GAAG,KAAK;IAC1B;EACF;EAEO8C,aAAaA,CAACtC,UAAyB,EAAE;IAC9C,IAAI,CAACc,SAAS,CAAC;MAAEd;IAAW,CAAC,CAAC;EAChC;EAEOuC,WAAWA,CAACzD,EAAU,EAAuB;IAClD,OAAO,IAAI,CAACW,cAAc,CAAC+C,GAAG,CAAC1D,EAAE,CAAC;EACpC;;EAEA;EACA,MAAckD,iBAAiBA,CAACpD,GAAY,EAAE;IAC5C,MAAM;MAAE6D,UAAU;MAAEC,cAAc;MAAEC,eAAe;MAAEC,MAAM;MAAEC,WAAW;MAAEC;IAAa,CAAC,GACtFzE,kBAAkB,CAAC0E,QAAQ,CAAC,CAAC;IAE/B,MAAMjE,EAAE,GAAGF,GAAG,CAACE,EAAE;IAEjB,IAAI,CAAC,IAAI,CAAC8B,KAAK,EAAE;MACf,IAAI,CAACf,MAAM,CAACO,KAAK,CAAC,iEAAiEtB,EAAE,EAAE,CAAC;MACxF;IACF;;IAEA;IACA,IAAI2D,UAAU,CAAC3D,EAAE,CAAC,EAAE;MAClB,IAAI,CAACe,MAAM,CAACW,IAAI,CAAC,gCAAgC1B,EAAE,8BAA8B,CAAC;MAClF;IACF;;IAEA;IACA8D,MAAM,CAAC,IAAI,CAAC7C,IAAI,CAACQ,MAAM,CAAC3B,GAAG,CAAC,CAAC;;IAE7B;IACA8D,cAAc,CAAC5D,EAAE,CAAC;IAClB,IAAI,CAACe,MAAM,CAACW,IAAI,CAAC,iCAAiC1B,EAAE,EAAE,CAAC;IAEvD,IAAI;MACF;MACA,MAAMkE,OAAO,GAAG,MAAM1E,sBAAsB,CAACM,GAAG,EAAE,IAAI,CAACiB,MAAM,CAAC;MAC9D,MAAMoD,GAAG,GAAGC,IAAI,CAACD,GAAG,CAAC,CAAC;MAEtB,MAAME,IAAI,GAAG5E,4BAA4B,CAACK,GAAG,CAAC,IAAK,CAAC,CAA+B;MACnFuE,IAAI,CAACC,eAAe,GAAGJ,OAAO,GAAG5E,aAAa,CAACiF,KAAK,GAAGjF,aAAa,CAACkF,OAAO;MAC5EH,IAAI,CAACI,aAAa,GAAGN,GAAG;MACxBE,IAAI,CAACK,YAAY,GAAG,CAACL,IAAI,CAACK,YAAY,IAAI,CAAC,IAAI,CAAC;MAChD9E,4BAA4B,CAACE,GAAG,EAAEuE,IAAI,CAAC;MACvC,MAAM1E,uBAAuB,CAAC,IAAI,CAACmC,KAAK,CAAC6C,OAAO,EAAE7E,GAAG,CAAC;MAEtD,IAAIoE,OAAO,EAAE;QACX,IAAI,CAACnD,MAAM,CAACW,IAAI,CAAC,uBAAuB1B,EAAE,EAAE,CAAC;MAC/C,CAAC,MAAM;QACL,IAAI,CAACe,MAAM,CAACW,IAAI,CAAC,yBAAyB1B,EAAE,EAAE,CAAC;QAC/C+D,WAAW,CAAC/D,EAAE,CAAC,EAAC;MAClB;MACAgE,YAAY,CAAC,IAAII,IAAI,CAACD,GAAG,CAAC,CAAC9D,WAAW,CAAC,CAAC,CAAC;IAC3C,CAAC,CAAC,OAAOiB,KAAK,EAAE;MAAA,IAAAsD,mBAAA,EAAAC,WAAA;MACd,IAAI,CAAC9D,MAAM,CAACO,KAAK,CAAC,+BAA+BtB,EAAE,KAAKuB,MAAM,CAACD,KAAK,CAAC,EAAE,CAAC;MACxE,CAAAsD,mBAAA,IAAAC,WAAA,OAAI,CAAC5D,IAAI,EAACG,OAAO,cAAAwD,mBAAA,eAAjBA,mBAAA,CAAAvB,IAAA,CAAAwB,WAAA,EAAoBvD,KAAK,CAAC;IAC5B,CAAC,SAAS;MACRuC,eAAe,CAAC7D,EAAE,CAAC;IACrB;EACF;EAEA,MAAc8E,aAAaA,CAAChF,GAAY,EAAE;IACxC,MAAM;MACJ6D,UAAU;MACVC,cAAc;MACdC,eAAe;MACfkB,YAAY;MACZC,0BAA0B;MAC1BC,aAAa;MACbC,gBAAgB;MAChBpB;IACF,CAAC,GAAGvE,kBAAkB,CAAC0E,QAAQ,CAAC,CAAC;IAEjC,MAAMjE,EAAE,GAAGF,GAAG,CAACE,EAAE;IAEjB,IAAI,CAAC,IAAI,CAAC8B,KAAK,EAAE;MACf,IAAI,CAACf,MAAM,CAACO,KAAK,CAAC,iEAAiEtB,EAAE,EAAE,CAAC;MACxF;IACF;;IAEA;IACA,IAAI2D,UAAU,CAAC3D,EAAE,CAAC,EAAE;MAClB,IAAI,CAACe,MAAM,CAACW,IAAI,CAAC,gCAAgC1B,EAAE,8BAA8B,CAAC;MAClF;IACF;;IAEA;IACA8D,MAAM,CAAC,IAAI,CAAC7C,IAAI,CAACQ,MAAM,CAAC3B,GAAG,CAAC,CAAC;;IAE7B;IACA8D,cAAc,CAAC5D,EAAE,CAAC;IAClB,IAAI,CAACe,MAAM,CAACW,IAAI,CAAC,iCAAiC1B,EAAE,EAAE,CAAC;IAEvD,IAAI;MACF;MACA,MAAMkE,OAAO,GAAG,MAAM1E,sBAAsB,CAACM,GAAG,EAAE,IAAI,CAACiB,MAAM,CAAC;MAC9D,IAAImD,OAAO,EAAE;QACX,IAAI,CAACnD,MAAM,CAACW,IAAI,CAAC,uBAAuB1B,EAAE,EAAE,CAAC;QAC7C;QACA+E,YAAY,CAAC/E,EAAE,CAAC;QAChB;QACA;QACA;MACF;;MAEA;;MAEA,MAAMN,0BAA0B,CAAC;QAC/ByF,UAAU,EAAErF,GAAG;QACfsF,MAAM,EAAE9F,aAAa,CAACkF,OAAO;QAC7Ba,YAAY,EAAE,IAAI,CAACvD,KAAK,CAAC6C;MAC3B,CAAC,CAAC;;MAEF;MACA,IAAI,CAAC5D,MAAM,CAACW,IAAI,CAAC,+CAA+C1B,EAAE,EAAE,CAAC;MACrE,MAAMsF,KAAK,GAAG,MAAMlG,kBAAkB,CAAC;QAAE2B,MAAM,EAAE,IAAI,CAACA,MAAM;QAAEwE,IAAI,EAAEzF,GAAG;QAAEuF,YAAY,EAAE,IAAI,CAACvD,KAAK,CAAC6C;MAAQ,CAAC,CAAC;MAC5G,IAAI,CAACW,KAAK,EAAE;QACV,MAAME,GAAG,GAAG,4BAA4B;QACxC,IAAI,CAACzE,MAAM,CAAC+B,IAAI,CAAC,gBAAgB0C,GAAG,QAAQxF,EAAE,EAAE,CAAC;QACjDiF,aAAa,CAACjF,EAAE,EAAEwF,GAAG,CAAC;QACtB;MACF;;MAEA;MACA,MAAMC,SAAS,GAAG,MAAMpG,gCAAgC,CAAC;QACvDyC,KAAK,EAAE,IAAI,CAACA,KAAK;QACjBf,MAAM,EAAE,IAAI,CAACA,MAAM;QACnB2E,MAAM,EAAE5F,GAAG;QACX6F,aAAa,EAAEL;MACjB,CAAC,CAAC;MAEF,IAAIG,SAAS,EAAE;QACb,IAAI,CAAC1E,MAAM,CAACW,IAAI,CAAC,iCAAiC+D,SAAS,CAACzF,EAAE,EAAE,CAAC;QACjE;QACAgF,0BAA0B,CAAChF,EAAE,EAAE,IAAI,CAACiB,IAAI,CAACQ,MAAM,CAACgE,SAAS,CAAC,CAAC;QAC3DP,gBAAgB,CAAClF,EAAE,CAAC;QACpB,IAAI,CAACW,cAAc,CAACiF,GAAG,CAACH,SAAS,CAACzF,EAAE,EAAEyF,SAAS,CAAC;MAClD,CAAC,MAAM;QACL,MAAMD,GAAG,GAAG,6BAA6B;QACzC,IAAI,CAACzE,MAAM,CAAC+B,IAAI,CAAC,gBAAgB0C,GAAG,QAAQxF,EAAE,EAAE,CAAC;QACjDiF,aAAa,CAACjF,EAAE,EAAEwF,GAAG,CAAC;QACtB,MAAM9F,0BAA0B,CAAC;UAC/ByF,UAAU,EAAErF,GAAG;UACfsF,MAAM,EAAE9F,aAAa,CAACkF,OAAO;UAC7Ba,YAAY,EAAE,IAAI,CAACvD,KAAK,CAAC6C;QAC3B,CAAC,CAAC;MACJ;IACF,CAAC,CAAC,OAAOtD,CAAC,EAAE;MACV,MAAMwE,GAAG,GAAGtE,MAAM,CAACF,CAAC,CAAC;MACrB,IAAI,CAACN,MAAM,CAACO,KAAK,CAAC,yBAAyBtB,EAAE,KAAK6F,GAAG,EAAE,CAAC;MACxDZ,aAAa,CAACjF,EAAE,EAAE6F,GAAG,CAAC;IACxB,CAAC,SAAS;MACR;MACAhC,eAAe,CAAC7D,EAAE,CAAC;IACrB;EACF;AACF","ignoreList":[]}
+{"version":3,"names":["OpenIDCredentialRefreshFlowType","RefreshStatus","credentialRegistry","verifyCredentialStatus","getRefreshCredentialMetadata","markOpenIDCredentialStatus","persistCredentialRecord","setRefreshCredentialMetadata","toOpenIDCredentialLite","refreshAndQueueReplacement","RefreshOrchestrator","intervalOn","runningOnce","startupRunTriggered","recentlyIssued","Map","constructor","logger","bridge","opts","intervalMs","autoStart","runOnStart","flowType","FullReplacement","onError","e","error","String","listRecords","toLite","info","JSON","stringify","onReady","agent","runOnce","start","onChange","undefined","stop","configure","next","prev","agentReady","nowIntervalMs","nowAutoStart","isRunning","timer","setInterval","clearInterval","reason","_this$agent","warn","isInitialized","records","length","rec","refreshRecord","checkRecordStatus","_this$opts$onError","_this$opts","id","call","_this$opts$onError2","_this$opts2","setIntervalMs","resolveFull","get","shouldSkip","markRefreshing","clearRefreshing","clearExpired","upsert","markInvalid","setLastSweep","getState","status","now","Date","meta","lastCheckResult","lastCheckedAt","attemptCount","context","Valid","Invalid","toISOString","_this$opts$onError3","_this$opts3","blockAsSucceeded","Error","credential","agentContext","newRecord","record","msg","set","_this$opts$onError4","_this$opts4","err"],"sourceRoot":"../../../../../src","sources":["modules/openid/refresh/refreshOrchestrator.ts"],"mappings":"AAAA;;AAGA,SAEEA,+BAA+B,EAG/BC,aAAa,QACR,SAAS;AAEhB,SAASC,kBAAkB,QAAQ,YAAY;AAC/C,SAASC,sBAAsB,QAAQ,0BAA0B;AACjE,SACEC,4BAA4B,EAC5BC,0BAA0B,EAC1BC,uBAAuB,EACvBC,4BAA4B,QACvB,aAAa;AACpB,SAAiCC,sBAAsB,QAAQ,qBAAqB;AACpF,SAASC,0BAA0B,QAAQ,cAAc;AAEzD,OAAO,MAAMC,mBAAmB,CAAiC;EAEvDC,UAAU,GAAG,KAAK,EAAC;EACnBC,WAAW,GAAG,KAAK,EAAC;EACpBC,mBAAmB,GAAG,KAAK;EAGlBC,cAAc,GAAG,IAAIC,GAAG,CAAiC,CAAC;EAEpEC,WAAWA,CACCC,MAAoB,EACrCC,MAAmB,EACnBC,IAA8B,EAC9B;IAAA,KAHiBF,MAAoB,GAApBA,MAAoB;IAIrC,IAAI,CAACE,IAAI,GAAG;MACVC,UAAU,EAAE,EAAE,GAAG,EAAE,GAAG,IAAI;MAC1BC,SAAS,EAAE,IAAI;MACfC,UAAU,EAAE,KAAK;MACjBC,QAAQ,EAAEvB,+BAA+B,CAACwB,eAAe;MACzDC,OAAO,EAAGC,CAAC,IAAK,IAAI,CAACT,MAAM,CAACU,KAAK,CAACC,MAAM,CAACF,CAAC,CAAC,CAAC;MAC5CG,WAAW,EAAE,MAAAA,CAAA,KAAY,EAAE;MAC3BC,MAAM,EAAEtB,sBAAsB;MAC9B,IAAIW,IAAI,IAAI,CAAC,CAAC;IAChB,CAAC;IAEDF,MAAM,CAACc,IAAI,CACT,2CAA2CC,IAAI,CAACC,SAAS,CAAC;MACxDb,UAAU,EAAE,IAAI,CAACD,IAAI,CAACC,UAAU;MAChCC,SAAS,EAAE,IAAI,CAACF,IAAI,CAACE,SAAS;MAC9BC,UAAU,EAAE,IAAI,CAACH,IAAI,CAACG,UAAU;MAChCC,QAAQ,EAAE,IAAI,CAACJ,IAAI,CAACI;IACtB,CAAC,CAAC,EACJ,CAAC;IAEDL,MAAM,CAACgB,OAAO,CAAEC,KAAK,IAAK;MACxB,IAAI,CAACA,KAAK,GAAGA,KAAK;MAClB,IAAI,CAAClB,MAAM,CAACc,IAAI,CAAC,sCAAsC,CAAC;MACxD,IAAI,IAAI,CAACZ,IAAI,CAACG,UAAU,IAAI,CAAC,IAAI,CAACT,mBAAmB,EAAE;QACrD,IAAI,CAACA,mBAAmB,GAAG,IAAI;QAC/B,KAAK,IAAI,CAACuB,OAAO,CAAC,SAAS,CAAC;MAC9B;MACA,IAAI,IAAI,CAACjB,IAAI,CAACE,SAAS,IAAI,IAAI,CAACF,IAAI,CAACC,UAAU,EAAE,IAAI,CAACiB,KAAK,CAAC,CAAC;IAC/D,CAAC,EAAE,IAAI,CAAC;IAERnB,MAAM,CAACoB,QAAQ,CAAEH,KAAK,IAAK;MACzB,IAAIA,KAAK,EAAE;MAEX,IAAI,CAACA,KAAK,GAAGI,SAAS;MACtB,IAAI,CAACtB,MAAM,CAACc,IAAI,CAAC,wCAAwC,CAAC;MAC1D,IAAI,CAACS,IAAI,CAAC,CAAC;IACb,CAAC,CAAC;EACJ;EAEOC,SAASA,CAACC,IAAsC,EAAE;IACvD,MAAMC,IAAI,GAAG;MACXhC,UAAU,EAAE,IAAI,CAACA,UAAU;MAC3BS,UAAU,EAAE,IAAI,CAACD,IAAI,CAACC,UAAU,IAAI,IAAI;MACxCC,SAAS,EAAE,IAAI,CAACF,IAAI,CAACE,SAAS,IAAI,IAAI;MACtCuB,UAAU,EAAE,CAAC,CAAC,IAAI,CAACT;IACrB,CAAC;;IAED;IACA,IAAI,CAAChB,IAAI,GAAG;MAAE,GAAG,IAAI,CAACA,IAAI;MAAE,GAAGuB;IAAK,CAAC;IAErC,IAAI,CAACzB,MAAM,CAACc,IAAI,CACd,yCAAyCC,IAAI,CAACC,SAAS,CAAC;MACtDb,UAAU,EAAE,IAAI,CAACD,IAAI,CAACC,UAAU;MAChCC,SAAS,EAAE,IAAI,CAACF,IAAI,CAACE,SAAS;MAC9BC,UAAU,EAAE,IAAI,CAACH,IAAI,CAACG,UAAU;MAChCC,QAAQ,EAAE,IAAI,CAACJ,IAAI,CAACI;IACtB,CAAC,CAAC,EACJ,CAAC;IAED,MAAMsB,aAAa,GAAG,IAAI,CAAC1B,IAAI,CAACC,UAAU,IAAI,IAAI;IAClD,MAAM0B,YAAY,GAAG,IAAI,CAAC3B,IAAI,CAACE,SAAS,IAAI,IAAI;;IAEhD;IACA,IAAIsB,IAAI,CAAChC,UAAU,IAAIgC,IAAI,CAACvB,UAAU,KAAKyB,aAAa,EAAE;MACxD,IAAI,CAACL,IAAI,CAAC,CAAC;MACX,IAAIK,aAAa,EAAE,IAAI,CAACR,KAAK,CAAC,CAAC;MAC/B;IACF;;IAEA;IACA,IAAIM,IAAI,CAAChC,UAAU,IAAIkC,aAAa,KAAK,IAAI,EAAE;MAC7C,IAAI,CAACL,IAAI,CAAC,CAAC;MACX;IACF;;IAEA;IACA;IACA;IACA,IAAI,CAACG,IAAI,CAAChC,UAAU,IAAIkC,aAAa,IAAIC,YAAY,EAAE;MACrD;MACA,IAAI,IAAI,CAACX,KAAK,EAAE,IAAI,CAACE,KAAK,CAAC,CAAC;MAC5B;MACA;IACF;;IAEA;IACA,IAAI,CAACM,IAAI,CAAChC,UAAU,IAAI,CAACgC,IAAI,CAACtB,SAAS,IAAIyB,YAAY,IAAID,aAAa,EAAE;MACxE,IAAI,IAAI,CAACV,KAAK,EAAE,IAAI,CAACE,KAAK,CAAC,CAAC;MAC5B;MACA;IACF;;IAEA;EACF;EAEOU,SAASA,CAAA,EAAG;IACjB,OAAO,IAAI,CAACnC,WAAW;EACzB;EAEOyB,KAAKA,CAAA,EAAG;IACb,IAAI,IAAI,CAAC1B,UAAU,IAAI,CAAC,IAAI,CAACQ,IAAI,CAACC,UAAU,EAAE;IAC9C,IAAI,CAACH,MAAM,CAACc,IAAI,CAAC,yCAAyC,CAAC;IAC3D,IAAI,CAACpB,UAAU,GAAG,IAAI;IACtB,IAAI,CAACqC,KAAK,GAAGC,WAAW,CAAC,MAAM;MAC7B;MACA,KAAK,IAAI,CAACb,OAAO,CAAC,UAAU,CAAC;IAC/B,CAAC,EAAE,IAAI,CAACjB,IAAI,CAACC,UAAU,CAAC;EAC1B;EAEOoB,IAAIA,CAAA,EAAG;IACZ,IAAI,CAAC,IAAI,CAAC7B,UAAU,EAAE;IACtB,IAAI,CAACM,MAAM,CAACc,IAAI,CAAC,wCAAwC,CAAC;IAC1DmB,aAAa,CAAC,IAAI,CAACF,KAAM,CAAC;IAC1B,IAAI,CAACA,KAAK,GAAGT,SAAS;IACtB,IAAI,CAAC5B,UAAU,GAAG,KAAK;EACzB;EAEA,MAAayB,OAAOA,CAACe,MAAM,GAAG,QAAQ,EAAE;IAAA,IAAAC,WAAA;IACtC,IAAI,IAAI,CAACxC,WAAW,EAAE;MACpB,IAAI,CAACK,MAAM,CAACoC,IAAI,CAAC,2DAA2D,CAAC;MAC7E;IACF;IACA,IAAI,CAAC,IAAI,CAAClB,KAAK,IAAI,GAAAiB,WAAA,GAAC,IAAI,CAACjB,KAAK,cAAAiB,WAAA,eAAVA,WAAA,CAAYE,aAAa,GAAE;MAC7C,IAAI,CAACrC,MAAM,CAACoC,IAAI,CAAC,2DAA2D,CAAC;MAC7E;IACF;IAEA,IAAI,CAACzC,WAAW,GAAG,IAAI;IACvB,IAAI,CAACK,MAAM,CAACc,IAAI,CAAC,qCAAqCoB,MAAM,GAAG,CAAC;IAEhE,IAAI;MACF,MAAMI,OAAO,GAAG,MAAM,IAAI,CAACpC,IAAI,CAACU,WAAW,CAAC,CAAC;MAC7C,IAAI,CAACZ,MAAM,CAACc,IAAI,CAAC,sBAAsBwB,OAAO,CAACC,MAAM,qBAAqB,CAAC;MAC3E,KAAK,MAAMC,GAAG,IAAIF,OAAO,EAA8B;QACrD;QACA,IAAI;UACF,IAAI,IAAI,CAACpC,IAAI,CAACI,QAAQ,KAAKvB,+BAA+B,CAACwB,eAAe,EAAE;YAC1E,MAAM,IAAI,CAACkC,aAAa,CAACD,GAAG,CAAC;UAC/B,CAAC,MAAM;YACL,MAAM,IAAI,CAACE,iBAAiB,CAACF,GAAG,CAAC;UACnC;QACF,CAAC,CAAC,OAAO/B,CAAC,EAAE;UAAA,IAAAkC,kBAAA,EAAAC,UAAA;UACV,IAAI,CAAC5C,MAAM,CAACU,KAAK,CAAC,uBAAuB8B,GAAG,CAACK,EAAE,YAAYlC,MAAM,CAACF,CAAC,CAAC,EAAE,CAAC;UACvE,CAAAkC,kBAAA,IAAAC,UAAA,OAAI,CAAC1C,IAAI,EAACM,OAAO,cAAAmC,kBAAA,eAAjBA,kBAAA,CAAAG,IAAA,CAAAF,UAAA,EAAoBnC,CAAC,CAAC;QACxB;MACF;MACA,IAAI,CAACT,MAAM,CAACc,IAAI,CAAC,2BAA2B,CAAC;IAC/C,CAAC,CAAC,OAAOL,CAAC,EAAE;MAAA,IAAAsC,mBAAA,EAAAC,WAAA;MACV,IAAI,CAAChD,MAAM,CAACU,KAAK,CAAC,8BAA8BC,MAAM,CAACF,CAAC,CAAC,EAAE,CAAC;MAC5D,CAAAsC,mBAAA,IAAAC,WAAA,OAAI,CAAC9C,IAAI,EAACM,OAAO,cAAAuC,mBAAA,eAAjBA,mBAAA,CAAAD,IAAA,CAAAE,WAAA,EAAoBvC,CAAC,CAAC;IACxB,CAAC,SAAS;MACR,IAAI,CAACd,WAAW,GAAG,KAAK;IAC1B;EACF;EAEOsD,aAAaA,CAAC9C,UAAyB,EAAE;IAC9C,IAAI,CAACqB,SAAS,CAAC;MAAErB;IAAW,CAAC,CAAC;EAChC;EAEO+C,WAAWA,CAACL,EAAU,EAAsC;IACjE,OAAO,IAAI,CAAChD,cAAc,CAACsD,GAAG,CAACN,EAAE,CAAC;EACpC;;EAEA;EACA,MAAcH,iBAAiBA,CAACF,GAA2B,EAAE;IAC3D,MAAM;MAAEY,UAAU;MAAEC,cAAc;MAAEC,eAAe;MAAEC,YAAY;MAAEC,MAAM;MAAEC,WAAW;MAAEC;IAAa,CAAC,GACpGzE,kBAAkB,CAAC0E,QAAQ,CAAC,CAAC;IAE/B,MAAMd,EAAE,GAAGL,GAAG,CAACK,EAAE;IAEjB,IAAI,CAAC,IAAI,CAAC3B,KAAK,EAAE;MACf,IAAI,CAAClB,MAAM,CAACU,KAAK,CAAC,iEAAiEmC,EAAE,EAAE,CAAC;MACxF;IACF;;IAEA;IACA,IAAIO,UAAU,CAACP,EAAE,CAAC,EAAE;MAClB,IAAI,CAAC7C,MAAM,CAACc,IAAI,CAAC,gCAAgC+B,EAAE,8BAA8B,CAAC;MAClF;IACF;;IAEA;IACAW,MAAM,CAAC,IAAI,CAACtD,IAAI,CAACW,MAAM,CAAC2B,GAAG,CAAC,CAAC;;IAE7B;IACAa,cAAc,CAACR,EAAE,CAAC;IAClB,IAAI,CAAC7C,MAAM,CAACc,IAAI,CAAC,iCAAiC+B,EAAE,EAAE,CAAC;IAEvD,IAAI;MACF;MACA,MAAMe,MAAM,GAAG,MAAM1E,sBAAsB,CAACsD,GAAG,EAAE,IAAI,CAACxC,MAAM,CAAC;MAC7D,MAAM6D,GAAG,GAAGC,IAAI,CAACD,GAAG,CAAC,CAAC;MAEtB,MAAME,IAAI,GAAG5E,4BAA4B,CAACqD,GAAG,CAAC,IAAK,CAAC,CAA+B;MACnFuB,IAAI,CAACC,eAAe,GAAGJ,MAAM;MAC7BG,IAAI,CAACE,aAAa,GAAGJ,GAAG;MACxBE,IAAI,CAACG,YAAY,GAAG,CAACH,IAAI,CAACG,YAAY,IAAI,CAAC,IAAI,CAAC;MAChD5E,4BAA4B,CAACkD,GAAG,EAAEuB,IAAI,CAAC;MACvC,MAAM1E,uBAAuB,CAAC,IAAI,CAAC6B,KAAK,CAACiD,OAAO,EAAE3B,GAAG,CAAC;MAEtD,IAAIoB,MAAM,KAAK5E,aAAa,CAACoF,KAAK,EAAE;QAClC,IAAI,CAACpE,MAAM,CAACc,IAAI,CAAC,uBAAuB+B,EAAE,EAAE,CAAC;QAC7CU,YAAY,CAACV,EAAE,CAAC;MAClB,CAAC,MAAM,IAAIe,MAAM,KAAK5E,aAAa,CAACqF,OAAO,EAAE;QAC3C,IAAI,CAACrE,MAAM,CAACc,IAAI,CAAC,yBAAyB+B,EAAE,EAAE,CAAC;QAC/CY,WAAW,CAACZ,EAAE,CAAC;MACjB,CAAC,MAAM;QACL,IAAI,CAAC7C,MAAM,CAACoC,IAAI,CAAC,qCAAqCS,EAAE,EAAE,CAAC;MAC7D;MACAa,YAAY,CAAC,IAAII,IAAI,CAACD,GAAG,CAAC,CAACS,WAAW,CAAC,CAAC,CAAC;IAC3C,CAAC,CAAC,OAAO5D,KAAK,EAAE;MAAA,IAAA6D,mBAAA,EAAAC,WAAA;MACd,IAAI,CAACxE,MAAM,CAACU,KAAK,CAAC,+BAA+BmC,EAAE,KAAKlC,MAAM,CAACD,KAAK,CAAC,EAAE,CAAC;MACxE,CAAA6D,mBAAA,IAAAC,WAAA,OAAI,CAACtE,IAAI,EAACM,OAAO,cAAA+D,mBAAA,eAAjBA,mBAAA,CAAAzB,IAAA,CAAA0B,WAAA,EAAoB9D,KAAK,CAAC;IAC5B,CAAC,SAAS;MACR4C,eAAe,CAACT,EAAE,CAAC;IACrB;EACF;EAEA,MAAcJ,aAAaA,CAACD,GAA2B,EAAE;IACvD,MAAM;MAAEY,UAAU;MAAEC,cAAc;MAAEC,eAAe;MAAEC,YAAY;MAAEkB,gBAAgB;MAAEhB,WAAW;MAAED;IAAO,CAAC,GACxGvE,kBAAkB,CAAC0E,QAAQ,CAAC,CAAC;IAE/B,MAAMd,EAAE,GAAGL,GAAG,CAACK,EAAE;IAEjB,IAAI,CAAC,IAAI,CAAC3B,KAAK,EAAE;MACf,IAAI,CAAClB,MAAM,CAACU,KAAK,CAAC,iEAAiEmC,EAAE,EAAE,CAAC;MACxF;IACF;;IAEA;IACA,IAAIO,UAAU,CAACP,EAAE,CAAC,EAAE;MAClB,IAAI,CAAC7C,MAAM,CAACc,IAAI,CAAC,gCAAgC+B,EAAE,8BAA8B,CAAC;MAClF;IACF;;IAEA;IACAW,MAAM,CAAC,IAAI,CAACtD,IAAI,CAACW,MAAM,CAAC2B,GAAG,CAAC,CAAC;;IAE7B;IACAa,cAAc,CAACR,EAAE,CAAC;IAClB,IAAI,CAAC7C,MAAM,CAACc,IAAI,CAAC,iCAAiC+B,EAAE,EAAE,CAAC;IAEvD,IAAI;MACF;MACA,MAAMe,MAAM,GAAG,MAAM1E,sBAAsB,CAACsD,GAAG,EAAE,IAAI,CAACxC,MAAM,CAAC;MAC7D,IAAI4D,MAAM,KAAK5E,aAAa,CAACoF,KAAK,EAAE;QAClC,IAAI,CAACpE,MAAM,CAACc,IAAI,CAAC,uBAAuB+B,EAAE,EAAE,CAAC;QAC7C;QACAU,YAAY,CAACV,EAAE,CAAC;QAChB;QACA;QACA;MACF;MAEA,IAAIe,MAAM,KAAK5E,aAAa,CAAC0F,KAAK,EAAE;QAClC,IAAI,CAAC1E,MAAM,CAACoC,IAAI,CAAC,0DAA0DS,EAAE,EAAE,CAAC;QAChF,MAAMzD,0BAA0B,CAAC;UAC/BuF,UAAU,EAAEnC,GAAG;UACfoB,MAAM,EAAE5E,aAAa,CAAC0F,KAAK;UAC3BE,YAAY,EAAE,IAAI,CAAC1D,KAAK,CAACiD;QAC3B,CAAC,CAAC;QACF;MACF;;MAEA;;MAEA,MAAM/E,0BAA0B,CAAC;QAC/BuF,UAAU,EAAEnC,GAAG;QACfoB,MAAM,EAAE5E,aAAa,CAACqF,OAAO;QAC7BO,YAAY,EAAE,IAAI,CAAC1D,KAAK,CAACiD;MAC3B,CAAC,CAAC;MAEF,IAAI,CAACnE,MAAM,CAACc,IAAI,CAAC,+CAA+C+B,EAAE,EAAE,CAAC;MACrE,MAAMgC,SAAS,GAAG,MAAMrF,0BAA0B,CAAC;QACjD0B,KAAK,EAAE,IAAI,CAACA,KAAK;QACjBlB,MAAM,EAAE,IAAI,CAACA,MAAM;QACnB8E,MAAM,EAAEtC,GAAG;QACX3B,MAAM,EAAE,IAAI,CAACX,IAAI,CAACW;MACpB,CAAC,CAAC;MAEF,IAAI,CAACgE,SAAS,EAAE;QACd,MAAME,GAAG,GAAG,gDAAgD;QAC5D,IAAI,CAAC/E,MAAM,CAACoC,IAAI,CAAC,gBAAgB2C,GAAG,QAAQlC,EAAE,EAAE,CAAC;QACjDY,WAAW,CAACZ,EAAE,CAAC;QACf;MACF;MAEA,IAAI,CAAC7C,MAAM,CAACc,IAAI,CAAC,iCAAiC+D,SAAS,CAAChC,EAAE,EAAE,CAAC;MACjE4B,gBAAgB,CAAC5B,EAAE,CAAC;MACpB,IAAI,CAAChD,cAAc,CAACmF,GAAG,CAACH,SAAS,CAAChC,EAAE,EAAEgC,SAAS,CAAC;IAClD,CAAC,CAAC,OAAOpE,CAAC,EAAE;MAAA,IAAAwE,mBAAA,EAAAC,WAAA;MACV,MAAMC,GAAG,GAAGxE,MAAM,CAACF,CAAC,CAAC;MACrB,IAAI,CAACT,MAAM,CAACU,KAAK,CAAC,yBAAyBmC,EAAE,KAAKsC,GAAG,EAAE,CAAC;MACxD,CAAAF,mBAAA,IAAAC,WAAA,OAAI,CAAChF,IAAI,EAACM,OAAO,cAAAyE,mBAAA,eAAjBA,mBAAA,CAAAnC,IAAA,CAAAoC,WAAA,EAAoBzE,CAAC,CAAC;MACtBgD,WAAW,CAACZ,EAAE,CAAC;IACjB,CAAC,SAAS;MACR;MACAS,eAAe,CAACT,EAAE,CAAC;IACrB;EACF;AACF","ignoreList":[]}

package/lib/module/modules/openid/refresh/refreshToken.js

@@ -14,20 +14,16 @@ export async function refreshAccessToken({
   logger.info(`[refreshAccessToken] Found refresh metadata for credential: ${cred.id}`);
   const {
     refreshToken,
-    authServer
+    tokenEndpoint
   } = refreshMetaData;
   try {
-    if (!authServer) {
-      throw new Error('No authorization server found in the credential offer metadata');
+    if (!tokenEndpoint) {
+      throw new Error('No token endpoint found in the credential offer metadata');
     }
-    logger.info(`[refreshAccessToken] Found auth server for credential: ${cred.id}: ${authServer}`);
+    logger.info(`[refreshAccessToken] Found token endpoint for credential: ${cred.id}: ${tokenEndpoint}`);
 
     // Build token endpoint:
-    // React-Native-safe URL build
-    const tokenUrl = authServer.endsWith('/') ? authServer.slice(0, -1) : authServer;
-    // const tokenUrl = new URL('token', authServer)
-    // tokenUrl.searchParams.set('force', 'false')
-
+    const tokenUrl = tokenEndpoint.endsWith('/') ? tokenEndpoint.slice(0, -1) : tokenEndpoint;
     logger.info(`[refreshAccessToken] Refreshing access token at URL: ${tokenUrl} for credential: ${cred.id}`);
     const body = new URLSearchParams({
       grant_type: 'refresh_token',
@@ -45,20 +41,24 @@ export async function refreshAccessToken({
       },
       body: body.toString()
     });
-    logger.info(`[refreshAccessToken] Response status: ${JSON.stringify(res)}`);
+    logger.info(`[refreshAccessToken] Token endpoint response status: ${res.status}`);
     if (!res.ok) {
       const errText = await res.text();
       throw new Error(`Refresh failed ${res.status}: ${errText}`);
     }
     const data = await res.json();
-    logger.info(`[refreshAccessToken] New access token acquired: ${JSON.stringify(data)}`);
+    logger.info(`[refreshAccessToken] Token refresh succeeded: ${JSON.stringify({
+      token_type: data.token_type,
+      expires_in: data.expires_in,
+      has_access_token: Boolean(data.access_token),
+      has_refresh_token: Boolean(data.refresh_token)
+    })}`);
 
     // If refresh token rotated, persist it
     if (data.refresh_token && data.refresh_token !== refreshToken) {
       logger.info(`[refreshAccessToken] Refresh token rotated; saving new one`);
       setRefreshCredentialMetadata(cred, {
         ...refreshMetaData,
-        authServer: authServer,
         refreshToken: data.refresh_token
       });
       await persistCredentialRecord(agentContext, cred);

package/lib/module/modules/openid/refresh/refreshToken.js.map

@@ -1 +1 @@
-{"version":3,"names":["getRefreshCredentialMetadata","persistCredentialRecord","setRefreshCredentialMetadata","refreshAccessToken","logger","cred","agentContext","info","id","refreshMetaData","error","refreshToken","authServer","Error","tokenUrl","endsWith","slice","body","URLSearchParams","grant_type","refresh_token","pre_authorized_code","pre_authorized_code_alt","user_pin","res","fetch","toString","method","headers","accept","JSON","stringify","ok","errText","text","status","data","json"],"sourceRoot":"../../../../../src","sources":["modules/openid/refresh/refreshToken.ts"],"mappings":"AAGA,SAASA,4BAA4B,EAAEC,uBAAuB,EAAEC,4BAA4B,QAAQ,aAAa;AAEjH,OAAO,eAAeC,kBAAkBA,CAAC;EACvCC,MAAM;EACNC,IAAI;EACJC;AAKF,CAAC,EAAwC;EACvCF,MAAM,CAACG,IAAI,CAAC,4DAA4DF,IAAI,CAACG,EAAE,EAAE,CAAC;EAClF;EACA,MAAMC,eAAe,GAAGT,4BAA4B,CAACK,IAAI,CAAC;EAC1D,IAAI,CAACI,eAAe,EAAE;IACpBL,MAAM,CAACM,KAAK,CAAC,kEAAkEL,IAAI,CAACG,EAAE,EAAE,CAAC;IACzF;EACF;EAEAJ,MAAM,CAACG,IAAI,CAAC,+DAA+DF,IAAI,CAACG,EAAE,EAAE,CAAC;EACrF,MAAM;IAAEG,YAAY;IAAEC;EAAW,CAAC,GAAGH,eAAe;EAEpD,IAAI;IACF,IAAI,CAACG,UAAU,EAAE;MACf,MAAM,IAAIC,KAAK,CAAC,gEAAgE,CAAC;IACnF;IAEAT,MAAM,CAACG,IAAI,CAAC,0DAA0DF,IAAI,CAACG,EAAE,KAAKI,UAAU,EAAE,CAAC;;IAE/F;IACA;IACA,MAAME,QAAQ,GAAIF,UAAU,CAACG,QAAQ,CAAC,GAAG,CAAC,GAAGH,UAAU,CAACI,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAGJ,UAAW;IAClF;IACA;;IAEAR,MAAM,CAACG,IAAI,CAAC,wDAAwDO,QAAQ,oBAAoBT,IAAI,CAACG,EAAE,EAAE,CAAC;IAE1G,MAAMS,IAAI,GAAG,IAAIC,eAAe,CAAC;MAC/BC,UAAU,EAAE,eAAe;MAC3BC,aAAa,EAAET,YAAY;MAC3B;MACAU,mBAAmB,EAAE,EAAE;MACvBC,uBAAuB,EAAE,EAAE;MAC3BC,QAAQ,EAAE;IACZ,CAAC,CAAC;IAEF,MAAMC,GAAG,GAAG,MAAMC,KAAK,CAACX,QAAQ,CAACY,QAAQ,CAAC,CAAC,EAAE;MAC3CC,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACPC,MAAM,EAAE,kBAAkB;QAC1B,cAAc,EAAE;MAClB,CAAC;MACDZ,IAAI,EAAEA,IAAI,CAACS,QAAQ,CAAC;IACtB,CAAC,CAAC;IAEFtB,MAAM,CAACG,IAAI,CAAC,yCAAyCuB,IAAI,CAACC,SAAS,CAACP,GAAG,CAAC,EAAE,CAAC;IAE3E,IAAI,CAACA,GAAG,CAACQ,EAAE,EAAE;MACX,MAAMC,OAAO,GAAG,MAAMT,GAAG,CAACU,IAAI,CAAC,CAAC;MAChC,MAAM,IAAIrB,KAAK,CAAC,kBAAkBW,GAAG,CAACW,MAAM,KAAKF,OAAO,EAAE,CAAC;IAC7D;IAEA,MAAMG,IAAqB,GAAG,MAAMZ,GAAG,CAACa,IAAI,CAAC,CAAC;IAC9CjC,MAAM,CAACG,IAAI,CAAC,mDAAmDuB,IAAI,CAACC,SAAS,CAACK,IAAI,CAAC,EAAE,CAAC;;IAEtF;IACA,IAAIA,IAAI,CAAChB,aAAa,IAAIgB,IAAI,CAAChB,aAAa,KAAKT,YAAY,EAAE;MAC7DP,MAAM,CAACG,IAAI,CAAC,4DAA4D,CAAC;MACzEL,4BAA4B,CAACG,IAAI,EAAE;QACjC,GAAGI,eAAe;QAClBG,UAAU,EAAEA,UAAU;QACtBD,YAAY,EAAEyB,IAAI,CAAChB;MACrB,CAAC,CAAC;MAEF,MAAMnB,uBAAuB,CAACK,YAAY,EAAED,IAAI,CAAC;IACnD;IAEA,OAAO+B,IAAI;EACb,CAAC,CAAC,OAAO1B,KAAK,EAAE;IACdN,MAAM,CAACM,KAAK,CAAC,iDAAiDA,KAAK,EAAE,CAAC;IACtE,MAAMA,KAAK;EACb;AACF","ignoreList":[]}
+{"version":3,"names":["getRefreshCredentialMetadata","persistCredentialRecord","setRefreshCredentialMetadata","refreshAccessToken","logger","cred","agentContext","info","id","refreshMetaData","error","refreshToken","tokenEndpoint","Error","tokenUrl","endsWith","slice","body","URLSearchParams","grant_type","refresh_token","pre_authorized_code","pre_authorized_code_alt","user_pin","res","fetch","toString","method","headers","accept","status","ok","errText","text","data","json","JSON","stringify","token_type","expires_in","has_access_token","Boolean","access_token","has_refresh_token"],"sourceRoot":"../../../../../src","sources":["modules/openid/refresh/refreshToken.ts"],"mappings":"AAGA,SAASA,4BAA4B,EAAEC,uBAAuB,EAAEC,4BAA4B,QAAQ,aAAa;AAGjH,OAAO,eAAeC,kBAAkBA,CAAC;EACvCC,MAAM;EACNC,IAAI;EACJC;AAKF,CAAC,EAAwC;EACvCF,MAAM,CAACG,IAAI,CAAC,4DAA4DF,IAAI,CAACG,EAAE,EAAE,CAAC;EAClF;EACA,MAAMC,eAAe,GAAGT,4BAA4B,CAACK,IAAI,CAAC;EAC1D,IAAI,CAACI,eAAe,EAAE;IACpBL,MAAM,CAACM,KAAK,CAAC,kEAAkEL,IAAI,CAACG,EAAE,EAAE,CAAC;IACzF;EACF;EAEAJ,MAAM,CAACG,IAAI,CAAC,+DAA+DF,IAAI,CAACG,EAAE,EAAE,CAAC;EACrF,MAAM;IAAEG,YAAY;IAAEC;EAAc,CAAC,GAAGH,eAAe;EAEvD,IAAI;IACF,IAAI,CAACG,aAAa,EAAE;MAClB,MAAM,IAAIC,KAAK,CAAC,0DAA0D,CAAC;IAC7E;IAEAT,MAAM,CAACG,IAAI,CAAC,6DAA6DF,IAAI,CAACG,EAAE,KAAKI,aAAa,EAAE,CAAC;;IAErG;IACA,MAAME,QAAQ,GAAGF,aAAa,CAACG,QAAQ,CAAC,GAAG,CAAC,GAAGH,aAAa,CAACI,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAGJ,aAAa;IACzFR,MAAM,CAACG,IAAI,CAAC,wDAAwDO,QAAQ,oBAAoBT,IAAI,CAACG,EAAE,EAAE,CAAC;IAE1G,MAAMS,IAAI,GAAG,IAAIC,eAAe,CAAC;MAC/BC,UAAU,EAAE,eAAe;MAC3BC,aAAa,EAAET,YAAY;MAC3B;MACAU,mBAAmB,EAAE,EAAE;MACvBC,uBAAuB,EAAE,EAAE;MAC3BC,QAAQ,EAAE;IACZ,CAAC,CAAC;IAEF,MAAMC,GAAG,GAAG,MAAMC,KAAK,CAACX,QAAQ,CAACY,QAAQ,CAAC,CAAC,EAAE;MAC3CC,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACPC,MAAM,EAAE,kBAAkB;QAC1B,cAAc,EAAE;MAClB,CAAC;MACDZ,IAAI,EAAEA,IAAI,CAACS,QAAQ,CAAC;IACtB,CAAC,CAAC;IAEFtB,MAAM,CAACG,IAAI,CAAC,wDAAwDiB,GAAG,CAACM,MAAM,EAAE,CAAC;IAEjF,IAAI,CAACN,GAAG,CAACO,EAAE,EAAE;MACX,MAAMC,OAAO,GAAG,MAAMR,GAAG,CAACS,IAAI,CAAC,CAAC;MAChC,MAAM,IAAIpB,KAAK,CAAC,kBAAkBW,GAAG,CAACM,MAAM,KAAKE,OAAO,EAAE,CAAC;IAC7D;IAEA,MAAME,IAAqB,GAAG,MAAMV,GAAG,CAACW,IAAI,CAAC,CAAC;IAC9C/B,MAAM,CAACG,IAAI,CACT,iDAAiD6B,IAAI,CAACC,SAAS,CAAC;MAC9DC,UAAU,EAAEJ,IAAI,CAACI,UAAU;MAC3BC,UAAU,EAAEL,IAAI,CAACK,UAAU;MAC3BC,gBAAgB,EAAEC,OAAO,CAACP,IAAI,CAACQ,YAAY,CAAC;MAC5CC,iBAAiB,EAAEF,OAAO,CAACP,IAAI,CAACd,aAAa;IAC/C,CAAC,CAAC,EACJ,CAAC;;IAED;IACA,IAAIc,IAAI,CAACd,aAAa,IAAIc,IAAI,CAACd,aAAa,KAAKT,YAAY,EAAE;MAC7DP,MAAM,CAACG,IAAI,CAAC,4DAA4D,CAAC;MACzEL,4BAA4B,CAACG,IAAI,EAAE;QACjC,GAAGI,eAAe;QAClBE,YAAY,EAAEuB,IAAI,CAACd;MACrB,CAAC,CAAC;MAEF,MAAMnB,uBAAuB,CAACK,YAAY,EAAED,IAAI,CAAC;IACnD;IAEA,OAAO6B,IAAI;EACb,CAAC,CAAC,OAAOxB,KAAK,EAAE;IACdN,MAAM,CAACM,KAAK,CAAC,iDAAiDA,KAAK,EAAE,CAAC;IACtE,MAAMA,KAAK;EACb;AACF","ignoreList":[]}

package/lib/module/modules/openid/refresh/registry.js

@@ -106,7 +106,7 @@ export const credentialRegistry = createStore((set, get) => ({
   shouldSkip: id => {
     const s = get();
     if (s.refreshing[id]) return true; // in-progress
-    if (s.expired.includes(id)) return true; // replacement already queued
+    if (s.expired.includes(id) && Boolean(s.replacements[id])) return true; // replacement already queued
     if (s.blocked[id]) return true; // previously succeeded/failed
     return false;
   },

package/lib/module/modules/openid/refresh/registry.js.map

@@ -1 +1 @@
-{"version":3,"names":["createStore","credentialRegistry","set","get","byId","expired","checked","replacements","refreshing","blocked","lastSweepAt","undefined","upsert","cred","s","id","markRefreshing","clearRefreshing","_drop","rest","markExpiredWithReplacement","oldId","replacement","includes","markInvalid","acceptReplacement","repl","restRepl","filter","x","reason","at","Date","toISOString","clearExpired","blockAsSucceeded","blockAsFailed","error","unblock","shouldSkip","setLastSweep","iso","reset","readRegistry","getState","mutateRegistry","updater","setState","selectOldIdByReplacementId","replacementId","Object","entries"],"sourceRoot":"../../../../../src","sources":["modules/openid/refresh/registry.ts"],"mappings":"AACA,SAASA,WAAW,QAAQ,iBAAiB;;AAiB7C;;AA4DA,OAAO,MAAMC,kBAAkB,GAAGD,WAAW,CAAgB,CAACE,GAAG,EAAEC,GAAG,MAAM;EAC1EC,IAAI,EAAE,CAAC,CAAC;EACRC,OAAO,EAAE,EAAE;EACXC,OAAO,EAAE,EAAE;EACXC,YAAY,EAAE,CAAC,CAAC;EAChBC,UAAU,EAAE,CAAC,CAAC;EACdC,OAAO,EAAE,CAAC,CAAC;EACXC,WAAW,EAAEC,SAAS;EAEtBC,MAAM,EAAGC,IAAI,IAAKX,GAAG,CAAEY,CAAC,KAAM;IAAEV,IAAI,EAAE;MAAE,GAAGU,CAAC,CAACV,IAAI;MAAE,CAACS,IAAI,CAACE,EAAE,GAAGF;IAAK;EAAE,CAAC,CAAC,CAAC;EAExEG,cAAc,EAAGD,EAAE,IAAKb,GAAG,CAAEY,CAAC,KAAM;IAAEN,UAAU,EAAE;MAAE,GAAGM,CAAC,CAACN,UAAU;MAAE,CAACO,EAAE,GAAG;IAAK;EAAE,CAAC,CAAC,CAAC;EAErFE,eAAe,EAAGF,EAAE,IAClBb,GAAG,CAAEY,CAAC,IAAK;IACT;IACA,MAAM;MAAE,CAACC,EAAE,GAAGG,KAAK;MAAE,GAAGC;IAAK,CAAC,GAAGL,CAAC,CAACN,UAAU;IAC7C,OAAO;MAAEA,UAAU,EAAEW;IAAK,CAAC;EAC7B,CAAC,CAAC;EAEJC,0BAA0B,EAAEA,CAACC,KAAK,EAAEC,WAAW,KAC7CpB,GAAG,CAAEY,CAAC,KAAM;IACVT,OAAO,EAAES,CAAC,CAACT,OAAO,CAACkB,QAAQ,CAACF,KAAK,CAAC,GAAGP,CAAC,CAACT,OAAO,GAAG,CAAC,GAAGS,CAAC,CAACT,OAAO,EAAEgB,KAAK,CAAC;IACtEf,OAAO,EAAEQ,CAAC,CAACR,OAAO,CAACiB,QAAQ,CAACF,KAAK,CAAC,GAAGP,CAAC,CAACR,OAAO,GAAG,CAAC,GAAGQ,CAAC,CAACR,OAAO,EAAEe,KAAK,CAAC;IACtEd,YAAY,EAAE;MAAE,GAAGO,CAAC,CAACP,YAAY;MAAE,CAACc,KAAK,GAAGC;IAAY;EAC1D,CAAC,CAAC,CAAC;EAELE,WAAW,EAAGT,EAAE,IACdb,GAAG,CAAEY,CAAC,KAAM;IACVT,OAAO,EAAES,CAAC,CAACT,OAAO,CAACkB,QAAQ,CAACR,EAAE,CAAC,GAAGD,CAAC,CAACT,OAAO,GAAG,CAAC,GAAGS,CAAC,CAACT,OAAO,EAAEU,EAAE,CAAC;IAChET,OAAO,EAAEQ,CAAC,CAACR,OAAO,CAACiB,QAAQ,CAACR,EAAE,CAAC,GAAGD,CAAC,CAACR,OAAO,GAAG,CAAC,GAAGQ,CAAC,CAACR,OAAO,EAAES,EAAE;EACjE,CAAC,CAAC,CAAC;EAELU,iBAAiB,EAAGJ,KAAK,IACvBnB,GAAG,CAAEY,CAAC,IAAK;IACT,MAAMY,IAAI,GAAGZ,CAAC,CAACP,YAAY,CAACc,KAAK,CAAC;IAClC,IAAI,CAACK,IAAI,EAAE,OAAOZ,CAAC;IACnB,MAAMV,IAAI,GAAG;MAAE,GAAGU,CAAC,CAACV;IAAK,CAAC;IAC1B,OAAOA,IAAI,CAACiB,KAAK,CAAC;IAClBjB,IAAI,CAACsB,IAAI,CAACX,EAAE,CAAC,GAAGW,IAAI;IACpB;IACA,MAAM;MAAE,CAACL,KAAK,GAAGH,KAAK;MAAE,GAAGS;IAAS,CAAC,GAAGb,CAAC,CAACP,YAAY;IACtD,OAAO;MACLH,IAAI;MACJG,YAAY,EAAEoB,QAAQ;MACtBtB,OAAO,EAAES,CAAC,CAACT,OAAO,CAACuB,MAAM,CAAEC,CAAC,IAAKA,CAAC,KAAKR,KAAK,CAAC;MAC7C;MACAZ,OAAO,EAAE;QAAE,GAAGK,CAAC,CAACL,OAAO;QAAE,CAACY,KAAK,GAAG;UAAES,MAAM,EAAE,WAAW;UAAEC,EAAE,EAAE,IAAIC,IAAI,CAAC,CAAC,CAACC,WAAW,CAAC;QAAE;MAAE;IAC1F,CAAC;EACH,CAAC,CAAC;EAEJC,YAAY,EAAGnB,EAAE,IACfb,GAAG,CAAEY,CAAC,KAAM;IACVT,OAAO,EAAES,CAAC,CAACT,OAAO,CAACuB,MAAM,CAAEC,CAAC,IAAKA,CAAC,KAAKd,EAAE;EAC3C,CAAC,CAAC,CAAC;EAELoB,gBAAgB,EAAGpB,EAAE,IACnBb,GAAG,CAAEY,CAAC,KAAM;IACVL,OAAO,EAAE;MAAE,GAAGK,CAAC,CAACL,OAAO;MAAE,CAACM,EAAE,GAAG;QAAEe,MAAM,EAAE,WAAW;QAAEC,EAAE,EAAE,IAAIC,IAAI,CAAC,CAAC,CAACC,WAAW,CAAC;MAAE;IAAE;EACvF,CAAC,CAAC,CAAC;EAELG,aAAa,EAAEA,CAACrB,EAAE,EAAEsB,KAAK,KACvBnC,GAAG,CAAEY,CAAC,KAAM;IACVL,OAAO,EAAE;MAAE,GAAGK,CAAC,CAACL,OAAO;MAAE,CAACM,EAAE,GAAG;QAAEe,MAAM,EAAE,QAAQ;QAAEC,EAAE,EAAE,IAAIC,IAAI,CAAC,CAAC,CAACC,WAAW,CAAC,CAAC;QAAEI;MAAM;IAAE;EAC3F,CAAC,CAAC,CAAC;EAELC,OAAO,EAAGvB,EAAE,IACVb,GAAG,CAAEY,CAAC,IAAK;IACT;IACA,MAAM;MAAE,CAACC,EAAE,GAAGG,KAAK;MAAE,GAAGC;IAAK,CAAC,GAAGL,CAAC,CAACL,OAAO;IAC1C,OAAO;MAAEA,OAAO,EAAEU;IAAK,CAAC;EAC1B,CAAC,CAAC;EAEJoB,UAAU,EAAGxB,EAAE,IAAK;IAClB,MAAMD,CAAC,GAAGX,GAAG,CAAC,CAAC;IACf,IAAIW,CAAC,CAACN,UAAU,CAACO,EAAE,CAAC,EAAE,OAAO,IAAI,EAAC;IAClC,IAAID,CAAC,CAACT,OAAO,CAACkB,QAAQ,CAACR,EAAE,CAAC,EAAE,OAAO,IAAI,EAAC;IACxC,IAAID,CAAC,CAACL,OAAO,CAACM,EAAE,CAAC,EAAE,OAAO,IAAI,EAAC;IAC/B,OAAO,KAAK;EACd,CAAC;EAEDyB,YAAY,EAAGC,GAAG,IAAKvC,GAAG,CAAC;IAAEQ,WAAW,EAAE+B;EAAI,CAAC,CAAC;EAEhDC,KAAK,EAAEA,CAAA,KACLxC,GAAG,CAAC;IACFE,IAAI,EAAE,CAAC,CAAC;IACRC,OAAO,EAAE,EAAE;IACXC,OAAO,EAAE,EAAE;IACXC,YAAY,EAAE,CAAC,CAAC;IAChBC,UAAU,EAAE,CAAC,CAAC;IACdC,OAAO,EAAE,CAAC,CAAC;IACXC,WAAW,EAAEC;EACf,CAAC;AACL,CAAC,CAAC,CAAC;;AAEH;AACA,OAAO,MAAMgC,YAAY,GAAGA,CAAA,KAAM1C,kBAAkB,CAAC2C,QAAQ,CAAC,CAAC;AAC/D,OAAO,MAAMC,cAAc,GAAIC,OAAmC,IAChE7C,kBAAkB,CAAC8C,QAAQ,CAAEjC,CAAC,IAAK;EACjCgC,OAAO,CAAChC,CAAC,CAAC;EACV,OAAOA,CAAC;AACV,CAAC,CAAC;AAEJ,OAAO,MAAMkC,0BAA0B,GAAIC,aAAqB,IAAyB;EACvF,MAAM;IAAE1C;EAAa,CAAC,GAAGN,kBAAkB,CAAC2C,QAAQ,CAAC,CAAC;EACtD,KAAK,MAAM,CAACvB,KAAK,EAAEK,IAAI,CAAC,IAAIwB,MAAM,CAACC,OAAO,CAAC5C,YAAY,CAAC,EAAE;IACxD,IAAImB,IAAI,CAACX,EAAE,KAAKkC,aAAa,EAAE,OAAO5B,KAAK;EAC7C;EACA,OAAOV,SAAS;AAClB,CAAC","ignoreList":[]}
+{"version":3,"names":["createStore","credentialRegistry","set","get","byId","expired","checked","replacements","refreshing","blocked","lastSweepAt","undefined","upsert","cred","s","id","markRefreshing","clearRefreshing","_drop","rest","markExpiredWithReplacement","oldId","replacement","includes","markInvalid","acceptReplacement","repl","restRepl","filter","x","reason","at","Date","toISOString","clearExpired","blockAsSucceeded","blockAsFailed","error","unblock","shouldSkip","Boolean","setLastSweep","iso","reset","readRegistry","getState","mutateRegistry","updater","setState","selectOldIdByReplacementId","replacementId","Object","entries"],"sourceRoot":"../../../../../src","sources":["modules/openid/refresh/registry.ts"],"mappings":"AACA,SAASA,WAAW,QAAQ,iBAAiB;;AAiB7C;;AA4DA,OAAO,MAAMC,kBAAkB,GAAGD,WAAW,CAAgB,CAACE,GAAG,EAAEC,GAAG,MAAM;EAC1EC,IAAI,EAAE,CAAC,CAAC;EACRC,OAAO,EAAE,EAAE;EACXC,OAAO,EAAE,EAAE;EACXC,YAAY,EAAE,CAAC,CAAC;EAChBC,UAAU,EAAE,CAAC,CAAC;EACdC,OAAO,EAAE,CAAC,CAAC;EACXC,WAAW,EAAEC,SAAS;EAEtBC,MAAM,EAAGC,IAAI,IAAKX,GAAG,CAAEY,CAAC,KAAM;IAAEV,IAAI,EAAE;MAAE,GAAGU,CAAC,CAACV,IAAI;MAAE,CAACS,IAAI,CAACE,EAAE,GAAGF;IAAK;EAAE,CAAC,CAAC,CAAC;EAExEG,cAAc,EAAGD,EAAE,IAAKb,GAAG,CAAEY,CAAC,KAAM;IAAEN,UAAU,EAAE;MAAE,GAAGM,CAAC,CAACN,UAAU;MAAE,CAACO,EAAE,GAAG;IAAK;EAAE,CAAC,CAAC,CAAC;EAErFE,eAAe,EAAGF,EAAE,IAClBb,GAAG,CAAEY,CAAC,IAAK;IACT;IACA,MAAM;MAAE,CAACC,EAAE,GAAGG,KAAK;MAAE,GAAGC;IAAK,CAAC,GAAGL,CAAC,CAACN,UAAU;IAC7C,OAAO;MAAEA,UAAU,EAAEW;IAAK,CAAC;EAC7B,CAAC,CAAC;EAEJC,0BAA0B,EAAEA,CAACC,KAAK,EAAEC,WAAW,KAC7CpB,GAAG,CAAEY,CAAC,KAAM;IACVT,OAAO,EAAES,CAAC,CAACT,OAAO,CAACkB,QAAQ,CAACF,KAAK,CAAC,GAAGP,CAAC,CAACT,OAAO,GAAG,CAAC,GAAGS,CAAC,CAACT,OAAO,EAAEgB,KAAK,CAAC;IACtEf,OAAO,EAAEQ,CAAC,CAACR,OAAO,CAACiB,QAAQ,CAACF,KAAK,CAAC,GAAGP,CAAC,CAACR,OAAO,GAAG,CAAC,GAAGQ,CAAC,CAACR,OAAO,EAAEe,KAAK,CAAC;IACtEd,YAAY,EAAE;MAAE,GAAGO,CAAC,CAACP,YAAY;MAAE,CAACc,KAAK,GAAGC;IAAY;EAC1D,CAAC,CAAC,CAAC;EAELE,WAAW,EAAGT,EAAE,IACdb,GAAG,CAAEY,CAAC,KAAM;IACVT,OAAO,EAAES,CAAC,CAACT,OAAO,CAACkB,QAAQ,CAACR,EAAE,CAAC,GAAGD,CAAC,CAACT,OAAO,GAAG,CAAC,GAAGS,CAAC,CAACT,OAAO,EAAEU,EAAE,CAAC;IAChET,OAAO,EAAEQ,CAAC,CAACR,OAAO,CAACiB,QAAQ,CAACR,EAAE,CAAC,GAAGD,CAAC,CAACR,OAAO,GAAG,CAAC,GAAGQ,CAAC,CAACR,OAAO,EAAES,EAAE;EACjE,CAAC,CAAC,CAAC;EAELU,iBAAiB,EAAGJ,KAAK,IACvBnB,GAAG,CAAEY,CAAC,IAAK;IACT,MAAMY,IAAI,GAAGZ,CAAC,CAACP,YAAY,CAACc,KAAK,CAAC;IAClC,IAAI,CAACK,IAAI,EAAE,OAAOZ,CAAC;IACnB,MAAMV,IAAI,GAAG;MAAE,GAAGU,CAAC,CAACV;IAAK,CAAC;IAC1B,OAAOA,IAAI,CAACiB,KAAK,CAAC;IAClBjB,IAAI,CAACsB,IAAI,CAACX,EAAE,CAAC,GAAGW,IAAI;IACpB;IACA,MAAM;MAAE,CAACL,KAAK,GAAGH,KAAK;MAAE,GAAGS;IAAS,CAAC,GAAGb,CAAC,CAACP,YAAY;IACtD,OAAO;MACLH,IAAI;MACJG,YAAY,EAAEoB,QAAQ;MACtBtB,OAAO,EAAES,CAAC,CAACT,OAAO,CAACuB,MAAM,CAAEC,CAAC,IAAKA,CAAC,KAAKR,KAAK,CAAC;MAC7C;MACAZ,OAAO,EAAE;QAAE,GAAGK,CAAC,CAACL,OAAO;QAAE,CAACY,KAAK,GAAG;UAAES,MAAM,EAAE,WAAW;UAAEC,EAAE,EAAE,IAAIC,IAAI,CAAC,CAAC,CAACC,WAAW,CAAC;QAAE;MAAE;IAC1F,CAAC;EACH,CAAC,CAAC;EAEJC,YAAY,EAAGnB,EAAE,IACfb,GAAG,CAAEY,CAAC,KAAM;IACVT,OAAO,EAAES,CAAC,CAACT,OAAO,CAACuB,MAAM,CAAEC,CAAC,IAAKA,CAAC,KAAKd,EAAE;EAC3C,CAAC,CAAC,CAAC;EAELoB,gBAAgB,EAAGpB,EAAE,IACnBb,GAAG,CAAEY,CAAC,KAAM;IACVL,OAAO,EAAE;MAAE,GAAGK,CAAC,CAACL,OAAO;MAAE,CAACM,EAAE,GAAG;QAAEe,MAAM,EAAE,WAAW;QAAEC,EAAE,EAAE,IAAIC,IAAI,CAAC,CAAC,CAACC,WAAW,CAAC;MAAE;IAAE;EACvF,CAAC,CAAC,CAAC;EAELG,aAAa,EAAEA,CAACrB,EAAE,EAAEsB,KAAK,KACvBnC,GAAG,CAAEY,CAAC,KAAM;IACVL,OAAO,EAAE;MAAE,GAAGK,CAAC,CAACL,OAAO;MAAE,CAACM,EAAE,GAAG;QAAEe,MAAM,EAAE,QAAQ;QAAEC,EAAE,EAAE,IAAIC,IAAI,CAAC,CAAC,CAACC,WAAW,CAAC,CAAC;QAAEI;MAAM;IAAE;EAC3F,CAAC,CAAC,CAAC;EAELC,OAAO,EAAGvB,EAAE,IACVb,GAAG,CAAEY,CAAC,IAAK;IACT;IACA,MAAM;MAAE,CAACC,EAAE,GAAGG,KAAK;MAAE,GAAGC;IAAK,CAAC,GAAGL,CAAC,CAACL,OAAO;IAC1C,OAAO;MAAEA,OAAO,EAAEU;IAAK,CAAC;EAC1B,CAAC,CAAC;EAEJoB,UAAU,EAAGxB,EAAE,IAAK;IAClB,MAAMD,CAAC,GAAGX,GAAG,CAAC,CAAC;IACf,IAAIW,CAAC,CAACN,UAAU,CAACO,EAAE,CAAC,EAAE,OAAO,IAAI,EAAC;IAClC,IAAID,CAAC,CAACT,OAAO,CAACkB,QAAQ,CAACR,EAAE,CAAC,IAAIyB,OAAO,CAAC1B,CAAC,CAACP,YAAY,CAACQ,EAAE,CAAC,CAAC,EAAE,OAAO,IAAI,EAAC;IACvE,IAAID,CAAC,CAACL,OAAO,CAACM,EAAE,CAAC,EAAE,OAAO,IAAI,EAAC;IAC/B,OAAO,KAAK;EACd,CAAC;EAED0B,YAAY,EAAGC,GAAG,IAAKxC,GAAG,CAAC;IAAEQ,WAAW,EAAEgC;EAAI,CAAC,CAAC;EAEhDC,KAAK,EAAEA,CAAA,KACLzC,GAAG,CAAC;IACFE,IAAI,EAAE,CAAC,CAAC;IACRC,OAAO,EAAE,EAAE;IACXC,OAAO,EAAE,EAAE;IACXC,YAAY,EAAE,CAAC,CAAC;IAChBC,UAAU,EAAE,CAAC,CAAC;IACdC,OAAO,EAAE,CAAC,CAAC;IACXC,WAAW,EAAEC;EACf,CAAC;AACL,CAAC,CAAC,CAAC;;AAEH;AACA,OAAO,MAAMiC,YAAY,GAAGA,CAAA,KAAM3C,kBAAkB,CAAC4C,QAAQ,CAAC,CAAC;AAC/D,OAAO,MAAMC,cAAc,GAAIC,OAAmC,IAChE9C,kBAAkB,CAAC+C,QAAQ,CAAElC,CAAC,IAAK;EACjCiC,OAAO,CAACjC,CAAC,CAAC;EACV,OAAOA,CAAC;AACV,CAAC,CAAC;AAEJ,OAAO,MAAMmC,0BAA0B,GAAIC,aAAqB,IAAyB;EACvF,MAAM;IAAE3C;EAAa,CAAC,GAAGN,kBAAkB,CAAC4C,QAAQ,CAAC,CAAC;EACtD,KAAK,MAAM,CAACxB,KAAK,EAAEK,IAAI,CAAC,IAAIyB,MAAM,CAACC,OAAO,CAAC7C,YAAY,CAAC,EAAE;IACxD,IAAImB,IAAI,CAACX,EAAE,KAAKmC,aAAa,EAAE,OAAO7B,KAAK;EAC7C;EACA,OAAOV,SAAS;AAClB,CAAC","ignoreList":[]}

package/lib/module/modules/openid/refresh/types.js

@@ -4,6 +4,17 @@ export let RefreshStatus = /*#__PURE__*/function (RefreshStatus) {
   RefreshStatus["Error"] = "error";
   return RefreshStatus;
 }({});
+
+/**
+ * Controls how invalid OpenID credentials are handled after status checks.
+ * - InvalidThenOnDemand: show invalid notification; replacement is attempted on user action.
+ * - FullReplacement: orchestrator attempts replacement immediately and surfaces replacement notification when available.
+ */
+export let OpenIDCredentialRefreshFlowType = /*#__PURE__*/function (OpenIDCredentialRefreshFlowType) {
+  OpenIDCredentialRefreshFlowType["InvalidThenOnDemand"] = "invalid-then-on-demand";
+  OpenIDCredentialRefreshFlowType["FullReplacement"] = "full-replacement";
+  return OpenIDCredentialRefreshFlowType;
+}({});
 export let OpenIDCustomNotificationType = /*#__PURE__*/function (OpenIDCustomNotificationType) {
   OpenIDCustomNotificationType["CredentialReplacementAvailable"] = "CustomNotificationOpenIDCredential";
   OpenIDCustomNotificationType["CredentialExpired"] = "CredentialExpired";

package/lib/module/modules/openid/refresh/types.js.map

@@ -1 +1 @@
-{"version":3,"names":["RefreshStatus","OpenIDCustomNotificationType"],"sourceRoot":"../../../../../src","sources":["modules/openid/refresh/types.ts"],"mappings":"AAoBA,WAAYA,aAAa,0BAAbA,aAAa;EAAbA,aAAa;EAAbA,aAAa;EAAbA,aAAa;EAAA,OAAbA,aAAa;AAAA;AAoDzB,WAAYC,4BAA4B,0BAA5BA,4BAA4B;EAA5BA,4BAA4B;EAA5BA,4BAA4B;EAAA,OAA5BA,4BAA4B;AAAA","ignoreList":[]}
+{"version":3,"names":["RefreshStatus","OpenIDCredentialRefreshFlowType","OpenIDCustomNotificationType"],"sourceRoot":"../../../../../src","sources":["modules/openid/refresh/types.ts"],"mappings":"AAeA,WAAYA,aAAa,0BAAbA,aAAa;EAAbA,aAAa;EAAbA,aAAa;EAAbA,aAAa;EAAA,OAAbA,aAAa;AAAA;;AAMzB;AACA;AACA;AACA;AACA;AACA,WAAYC,+BAA+B,0BAA/BA,+BAA+B;EAA/BA,+BAA+B;EAA/BA,+BAA+B;EAAA,OAA/BA,+BAA+B;AAAA;AAmD3C,WAAYC,4BAA4B,0BAA5BA,4BAA4B;EAA5BA,4BAA4B;EAA5BA,4BAA4B;EAAA,OAA5BA,4BAA4B;AAAA","ignoreList":[]}

package/lib/module/modules/openid/refresh/verifyCredentialStatus.js

@@ -1,28 +1,28 @@
 // modules/openid/refresh/verifyCredentialStatus.ts
 
 import { getListFromStatusListJWT, getStatusListFromJWT } from '@sd-jwt/jwt-status-list';
+import { RefreshStatus } from './types';
 /**
  * Verifies credential status for Sd-JWT credentials using status lists.
  * Non–Sd-JWT credentials (W3C jwt_vc_json without status list, or mdoc) are treated as valid here.
- * Returns true if valid; false if revoked/invalid or on error.
  */
 export async function verifyCredentialStatus(rec, logger) {
   try {
     // Only Sd-JWT creds have compactSdJwtVc in this codebase
-    if (!('compactSdJwtVc' in rec)) return true;
+    if (!('compactSdJwtVc' in rec)) return RefreshStatus.Valid;
     logger === null || logger === void 0 || logger.info(`[Verifier] Verifying credential status for Sd-JWT credential: ${rec.id}`);
     const ref = getStatusListFromJWT(rec.firstCredential.compact);
     const res = await fetch(ref.uri);
     if (!res.ok) throw new Error(`HTTP ${res.status}`);
     const jwt = await res.text();
     const list = getListFromStatusListJWT(jwt);
-    const ok = list.getStatus(ref.idx) === 0;
-    logger === null || logger === void 0 || logger.info(`${ok ? '✅' : '❌'} [Verifier] ${rec.id} → ${ok ? 'valid' : 'revoked'}`);
-    return ok;
+    const status = list.getStatus(ref.idx) === 0 ? RefreshStatus.Valid : RefreshStatus.Invalid;
+    logger === null || logger === void 0 || logger.info(`${status === RefreshStatus.Valid ? '✅' : '❌'} [Verifier] ${rec.id} → ${status}`);
+    return status;
   } catch (e) {
     var _logger$error;
     logger === null || logger === void 0 || (_logger$error = logger.error) === null || _logger$error === void 0 || _logger$error.call(logger, `💥 [Verifier] ${'id' in rec ? rec.id : 'unknown'} verify failed: ${String(e)}`);
-    return false;
+    return RefreshStatus.Error;
   }
 }
 //# sourceMappingURL=verifyCredentialStatus.js.map

package/lib/module/modules/openid/refresh/verifyCredentialStatus.js.map

@@ -1 +1 @@
-{"version":3,"names":["getListFromStatusListJWT","getStatusListFromJWT","verifyCredentialStatus","rec","logger","info","id","ref","firstCredential","compact","res","fetch","uri","ok","Error","status","jwt","text","list","getStatus","idx","e","_logger$error","error","call","String"],"sourceRoot":"../../../../../src","sources":["modules/openid/refresh/verifyCredentialStatus.ts"],"mappings":"AAAA;;AAEA,SAASA,wBAAwB,EAAEC,oBAAoB,QAAQ,yBAAyB;AAKxF;AACA;AACA;AACA;AACA;AACA,OAAO,eAAeC,sBAAsBA,CAACC,GAAY,EAAEC,MAAqB,EAAoB;EAClG,IAAI;IACF;IACA,IAAI,EAAE,gBAAgB,IAAID,GAAG,CAAC,EAAE,OAAO,IAAI;IAE3CC,MAAM,aAANA,MAAM,eAANA,MAAM,CAAEC,IAAI,CAAC,iEAAiEF,GAAG,CAACG,EAAE,EAAE,CAAC;IAEvF,MAAMC,GAAG,GAAGN,oBAAoB,CAACE,GAAG,CAACK,eAAe,CAACC,OAAO,CAAC;IAC7D,MAAMC,GAAG,GAAG,MAAMC,KAAK,CAACJ,GAAG,CAACK,GAAG,CAAC;IAChC,IAAI,CAACF,GAAG,CAACG,EAAE,EAAE,MAAM,IAAIC,KAAK,CAAC,QAAQJ,GAAG,CAACK,MAAM,EAAE,CAAC;IAClD,MAAMC,GAAG,GAAG,MAAMN,GAAG,CAACO,IAAI,CAAC,CAAC;IAE5B,MAAMC,IAAI,GAAGlB,wBAAwB,CAACgB,GAAG,CAAC;IAC1C,MAAMH,EAAE,GAAGK,IAAI,CAACC,SAAS,CAACZ,GAAG,CAACa,GAAG,CAAC,KAAK,CAAC;IAExChB,MAAM,aAANA,MAAM,eAANA,MAAM,CAAEC,IAAI,CAAC,GAAGQ,EAAE,GAAG,GAAG,GAAG,GAAG,eAAeV,GAAG,CAACG,EAAE,MAAMO,EAAE,GAAG,OAAO,GAAG,SAAS,EAAE,CAAC;IACpF,OAAOA,EAAE;EACX,CAAC,CAAC,OAAOQ,CAAC,EAAE;IAAA,IAAAC,aAAA;IACVlB,MAAM,aAANA,MAAM,gBAAAkB,aAAA,GAANlB,MAAM,CAAEmB,KAAK,cAAAD,aAAA,eAAbA,aAAA,CAAAE,IAAA,CAAApB,MAAM,EAAU,iBAAiB,IAAI,IAAID,GAAG,GAAGA,GAAG,CAACG,EAAE,GAAG,SAAS,mBAAmBmB,MAAM,CAACJ,CAAC,CAAC,EAAE,CAAC;IAChG,OAAO,KAAK;EACd;AACF","ignoreList":[]}
+{"version":3,"names":["getListFromStatusListJWT","getStatusListFromJWT","RefreshStatus","verifyCredentialStatus","rec","logger","Valid","info","id","ref","firstCredential","compact","res","fetch","uri","ok","Error","status","jwt","text","list","getStatus","idx","Invalid","e","_logger$error","error","call","String"],"sourceRoot":"../../../../../src","sources":["modules/openid/refresh/verifyCredentialStatus.ts"],"mappings":"AAAA;;AAEA,SAASA,wBAAwB,EAAEC,oBAAoB,QAAQ,yBAAyB;AAExF,SAASC,aAAa,QAAQ,SAAS;AAIvC;AACA;AACA;AACA;AACA,OAAO,eAAeC,sBAAsBA,CAACC,GAAY,EAAEC,MAAqB,EAA0B;EACxG,IAAI;IACF;IACA,IAAI,EAAE,gBAAgB,IAAID,GAAG,CAAC,EAAE,OAAOF,aAAa,CAACI,KAAK;IAE1DD,MAAM,aAANA,MAAM,eAANA,MAAM,CAAEE,IAAI,CAAC,iEAAiEH,GAAG,CAACI,EAAE,EAAE,CAAC;IAEvF,MAAMC,GAAG,GAAGR,oBAAoB,CAACG,GAAG,CAACM,eAAe,CAACC,OAAO,CAAC;IAC7D,MAAMC,GAAG,GAAG,MAAMC,KAAK,CAACJ,GAAG,CAACK,GAAG,CAAC;IAChC,IAAI,CAACF,GAAG,CAACG,EAAE,EAAE,MAAM,IAAIC,KAAK,CAAC,QAAQJ,GAAG,CAACK,MAAM,EAAE,CAAC;IAClD,MAAMC,GAAG,GAAG,MAAMN,GAAG,CAACO,IAAI,CAAC,CAAC;IAE5B,MAAMC,IAAI,GAAGpB,wBAAwB,CAACkB,GAAG,CAAC;IAC1C,MAAMD,MAAM,GAAGG,IAAI,CAACC,SAAS,CAACZ,GAAG,CAACa,GAAG,CAAC,KAAK,CAAC,GAAGpB,aAAa,CAACI,KAAK,GAAGJ,aAAa,CAACqB,OAAO;IAE1FlB,MAAM,aAANA,MAAM,eAANA,MAAM,CAAEE,IAAI,CAAC,GAAGU,MAAM,KAAKf,aAAa,CAACI,KAAK,GAAG,GAAG,GAAG,GAAG,eAAeF,GAAG,CAACI,EAAE,MAAMS,MAAM,EAAE,CAAC;IAC9F,OAAOA,MAAM;EACf,CAAC,CAAC,OAAOO,CAAC,EAAE;IAAA,IAAAC,aAAA;IACVpB,MAAM,aAANA,MAAM,gBAAAoB,aAAA,GAANpB,MAAM,CAAEqB,KAAK,cAAAD,aAAA,eAAbA,aAAA,CAAAE,IAAA,CAAAtB,MAAM,EAAU,iBAAiB,IAAI,IAAID,GAAG,GAAGA,GAAG,CAACI,EAAE,GAAG,SAAS,mBAAmBoB,MAAM,CAACJ,CAAC,CAAC,EAAE,CAAC;IAChG,OAAOtB,aAAa,CAACc,KAAK;EAC5B;AACF","ignoreList":[]}