npm - @credo-ts/core - Versions diffs - 0.6.0-pr-2392-20251010173905 → 0.6.0-pr-2457-20251016083534 - Mend

@credo-ts/core 0.6.0-pr-2392-20251010173905 → 0.6.0-pr-2457-20251016083534

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (985) hide show

package/build/modules/dif-presentation-exchange/DifPresentationExchangeService.d.ts CHANGED Viewed

@@ -1,13 +1,13 @@
-import { W3cJsonPresentation } from "../vc/models/presentation/W3cJsonPresentation.js";
-import { W3cJwtVerifiablePresentation } from "../vc/jwt-vc/W3cJwtVerifiablePresentation.js";
-import { MdocSessionTranscriptOptions } from "../mdoc/MdocOptions.js";
 import { SdJwtVcHeader, SdJwtVcPayload } from "../sd-jwt-vc/SdJwtVcOptions.js";
 import { SdJwtVc } from "../sd-jwt-vc/SdJwtVcService.js";
-import { W3cJsonLdVerifiablePresentation } from "../vc/data-integrity/models/W3cJsonLdVerifiablePresentation.js";
-import { W3cCredentialService } from "../vc/W3cCredentialService.js";
+import { MdocSessionTranscriptOptions } from "../mdoc/MdocOptions.js";
 import { MdocDeviceResponse } from "../mdoc/MdocDeviceResponse.js";
 import { DifPexCredentialsForRequest, DifPexInputDescriptorToCredentials } from "./models/DifPexCredentialsForRequest.js";
+import { W3cJsonPresentation } from "../vc/models/presentation/W3cJsonPresentation.js";
+import { W3cJwtVerifiablePresentation } from "../vc/jwt-vc/W3cJwtVerifiablePresentation.js";
 import { DifPresentationExchangeDefinition, DifPresentationExchangeSubmission, PresentationSubmissionLocation, VerifiablePresentation } from "./models/index.js";
+import { W3cJsonLdVerifiablePresentation } from "../vc/data-integrity/models/W3cJsonLdVerifiablePresentation.js";
+import { W3cCredentialService } from "../vc/W3cCredentialService.js";
 import { AgentContext } from "../../agent/context/AgentContext.js";
 import * as _sphereon_pex_models0 from "@sphereon/pex-models";

package/build/modules/dif-presentation-exchange/DifPresentationExchangeService.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"DifPresentationExchangeService.d.ts","names":[],"sources":["../../../src/modules/dif-presentation-exchange/DifPresentationExchangeService.ts"],"sourcesContent":[],"mappings":";;;;;;;;;;;;;;;;;~~cA8Da~~,8BAAA;;;oCAGsC;EAHtC,wBAAA,CAAA,YAA8B,EAMzB,YANyB,EAAA,sBAAA,EAOf,iCAPe,CAAA,EAQtC,OARsC,CAQ9B,2BAR8B,CAAA;EAAA;;;;6BAQ9B,CAAA,qBAAA,EAUc,2BAVd,CAAA,EAWR,kCAXQ;gCAAR,CAAA,sBAAA,EAiC2D,iCAjC3D,CAAA,EAAA,IAAA;gCAUsB,CAAA,sBAAA,EAgCqC,iCAhCrC,CAAA,EAAA,IAAA;sBACtB,CAAA,sBAAA,EAwCuB,iCAxCvB,EAAA,aAAA,EAyCc,sBAzCd,GAyCuC,sBAzCvC,EAAA,EAAA,sBAAA,CAAA,EA0CwB,iCA1CxB,CAAA,EAAA,IAAA;UAsB2D,eAAA;oBASA,CAAA,YAAA,EAuC9C,YAvC8C,EAAA,OAAA,EAAA;IASpC,6BAAA,EAgCS,kCAhCT;IACT,sBAAA,EAgCW,iCAhCX;IAAyB;;;IA+BP,8BAAA,CAAA,EAKE,8BALF;IACP;;;IAkB4B,SAAA,EAAA,MAAA;;;;;;;;4BAA5B;MACzB,OAAA,CAAA;IAAA,uBAAA,EAAA,CADqD,4BAAA,4CACrD,+BAAA,qBAAA,CAAA,EAAA"}
1	+ {"version":3,"file":"DifPresentationExchangeService.d.ts","names":[],"sources":["../../../src/modules/dif-presentation-exchange/DifPresentationExchangeService.ts"],"sourcesContent":[],"mappings":";;;;;;;;;;;;;;;;;cA2Da,8BAAA;;;oCAGsC;EAHtC,wBAAA,CAAA,YAA8B,EAMzB,YANyB,EAAA,sBAAA,EAOf,iCAPe,CAAA,EAQtC,OARsC,CAQ9B,2BAR8B,CAAA;EAAA;;;;6BAQ9B,CAAA,qBAAA,EAUc,2BAVd,CAAA,EAWR,kCAXQ;gCAAR,CAAA,sBAAA,EAiC2D,iCAjC3D,CAAA,EAAA,IAAA;gCAUsB,CAAA,sBAAA,EAgCqC,iCAhCrC,CAAA,EAAA,IAAA;sBACtB,CAAA,sBAAA,EAwCuB,iCAxCvB,EAAA,aAAA,EAyCc,sBAzCd,GAyCuC,sBAzCvC,EAAA,EAAA,sBAAA,CAAA,EA0CwB,iCA1CxB,CAAA,EAAA,IAAA;UAsB2D,eAAA;oBASA,CAAA,YAAA,EAuC9C,YAvC8C,EAAA,OAAA,EAAA;IASpC,6BAAA,EAgCS,kCAhCT;IACT,sBAAA,EAgCW,iCAhCX;IAAyB;;;IA+BP,8BAAA,CAAA,EAKE,8BALF;IACP;;;IAkB4B,SAAA,EAAA,MAAA;;;;;;;;4BAA5B;MACzB,OAAA,CAAA;IAAA,uBAAA,EAAA,CADqD,4BAAA,4CACrD,+BAAA,qBAAA,CAAA,EAAA"}

package/build/modules/dif-presentation-exchange/DifPresentationExchangeService.js CHANGED Viewed

@@ -14,9 +14,9 @@ const require_DidsApi = require('../dids/DidsApi.js');
 require('../dids/index.js');
 const require_ClaimFormat = require('../vc/models/ClaimFormat.js');
 const require_jsonld_signatures = require('../vc/data-integrity/libraries/jsonld-signatures.js');
-const require_SignatureSuiteRegistry = require('../vc/data-integrity/SignatureSuiteRegistry.js');
-const require_W3cPresentation = require('../vc/models/presentation/W3cPresentation.js');
 const require_IAnonCredsDataIntegrityService = require('../vc/data-integrity/models/IAnonCredsDataIntegrityService.js');
+const require_W3cPresentation = require('../vc/models/presentation/W3cPresentation.js');
+const require_SignatureSuiteRegistry = require('../vc/data-integrity/SignatureSuiteRegistry.js');
 const require_W3cCredentialRepository = require('../vc/repository/W3cCredentialRepository.js');
 const require_W3cCredentialService = require('../vc/W3cCredentialService.js');
 require('../vc/index.js');
@@ -116,12 +116,16 @@ let DifPresentationExchangeService = class DifPresentationExchangeService$1 {
 				});
 			} else {
 				const credentialsForPresentation = presentationToCreate.verifiableCredentials.map((c) => require_transform.getSphereonOriginalVerifiableCredential(c.credential));
+				const extraProofOptions = this.shouldSignUsingAnonCredsDataIntegrity(presentationToCreate) ? {
+					typeSupportsSelectiveDisclosure: true,
+					type: `DataIntegrityProof.${require_IAnonCredsDataIntegrityService.ANONCREDS_DATA_INTEGRITY_CRYPTOSUITE}`
+				} : {};
 				const verifiablePresentationResult = await this.pex.verifiablePresentationFrom(presentationDefinitionForSubject, credentialsForPresentation, this.getPresentationSignCallback(agentContext, presentationToCreate), {
 					proofOptions: {
 						challenge,
-						domain
+						domain,
+						...extraProofOptions
 					},
-					signatureOptions: {},
 					presentationSubmissionLocation
 				});
 				verifiablePresentationResultsWithFormat.push({
@@ -210,7 +214,7 @@ let DifPresentationExchangeService = class DifPresentationExchangeService$1 {
 	*/
 	shouldSignUsingAnonCredsDataIntegrity(presentationToCreate, presentationSubmission) {
 		if (presentationToCreate.claimFormat !== require_ClaimFormat.ClaimFormat.LdpVp) return void 0;
-		const validDescriptorFormat = presentationSubmission.descriptor_map.every((descriptor) => [
+		const validDescriptorFormat = !presentationSubmission || presentationSubmission.descriptor_map.every((descriptor) => [
 			require_ClaimFormat.ClaimFormat.DiVc,
 			require_ClaimFormat.ClaimFormat.DiVp,
 			require_ClaimFormat.ClaimFormat.LdpVc,

package/build/modules/dif-presentation-exchange/DifPresentationExchangeService.mjs CHANGED Viewed

@@ -13,9 +13,9 @@ import { DidsApi } from "../dids/DidsApi.mjs";
 import "../dids/index.mjs";
 import { ClaimFormat } from "../vc/models/ClaimFormat.mjs";
 import { purposes } from "../vc/data-integrity/libraries/jsonld-signatures.mjs";
-import { SignatureSuiteRegistry } from "../vc/data-integrity/SignatureSuiteRegistry.mjs";
-import { W3cPresentation } from "../vc/models/presentation/W3cPresentation.mjs";
 import { ANONCREDS_DATA_INTEGRITY_CRYPTOSUITE, AnonCredsDataIntegrityServiceSymbol } from "../vc/data-integrity/models/IAnonCredsDataIntegrityService.mjs";
+import { W3cPresentation } from "../vc/models/presentation/W3cPresentation.mjs";
+import { SignatureSuiteRegistry } from "../vc/data-integrity/SignatureSuiteRegistry.mjs";
 import { W3cCredentialRepository } from "../vc/repository/W3cCredentialRepository.mjs";
 import { W3cCredentialService } from "../vc/W3cCredentialService.mjs";
 import "../vc/index.mjs";
@@ -112,12 +112,16 @@ let DifPresentationExchangeService = class DifPresentationExchangeService$1 {
 				});
 			} else {
 				const credentialsForPresentation = presentationToCreate.verifiableCredentials.map((c) => getSphereonOriginalVerifiableCredential(c.credential));
+				const extraProofOptions = this.shouldSignUsingAnonCredsDataIntegrity(presentationToCreate) ? {
+					typeSupportsSelectiveDisclosure: true,
+					type: `DataIntegrityProof.${ANONCREDS_DATA_INTEGRITY_CRYPTOSUITE}`
+				} : {};
 				const verifiablePresentationResult = await this.pex.verifiablePresentationFrom(presentationDefinitionForSubject, credentialsForPresentation, this.getPresentationSignCallback(agentContext, presentationToCreate), {
 					proofOptions: {
 						challenge,
-						domain
+						domain,
+						...extraProofOptions
 					},
-					signatureOptions: {},
 					presentationSubmissionLocation
 				});
 				verifiablePresentationResultsWithFormat.push({
@@ -206,7 +210,7 @@ let DifPresentationExchangeService = class DifPresentationExchangeService$1 {
 	*/
 	shouldSignUsingAnonCredsDataIntegrity(presentationToCreate, presentationSubmission) {
 		if (presentationToCreate.claimFormat !== ClaimFormat.LdpVp) return void 0;
-		const validDescriptorFormat = presentationSubmission.descriptor_map.every((descriptor) => [
+		const validDescriptorFormat = !presentationSubmission || presentationSubmission.descriptor_map.every((descriptor) => [
 			ClaimFormat.DiVc,
 			ClaimFormat.DiVp,
 			ClaimFormat.LdpVc,

package/build/modules/dif-presentation-exchange/DifPresentationExchangeService.mjs.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"DifPresentationExchangeService.mjs","names":["DifPresentationExchangeService","w3cCredentialService: W3cCredentialService","credentials: DifPexInputDescriptorToCredentials","DifPresentationExchangeSubmissionLocation","verifiablePresentationResultsWithFormat: Array<{\n verifiablePresentationResult: VerifiablePresentationResult\n claimFormat: PresentationToCreate['claimFormat']\n }>","presentationDefinitionForSubject: DifPresentationExchangeDefinition","presentationSubmission","presentationSubmission: DifPresentationExchangeSubmission","suitableAlgorithms: Array<string> \| undefined","inputDescriptorAlgorithms: Array<Array<string>>","w3cQuery: Array<Query<W3cCredentialRecord>>","sdJwtVcQuery: Array<Query<SdJwtVcRecord>>","mdocQuery: Array<Query<MdocRecord>>","allRecords: Array<SdJwtVcRecord \| W3cCredentialRecord \| MdocRecord>"],"sources":["../../../src/modules/dif-presentation-exchange/DifPresentationExchangeService.ts"],"sourcesContent":["import type { Checked, PresentationSignCallBackParams, Validated, VerifiablePresentationResult } from '@animo-id/pex'\nimport { PEX, Status } from '@animo-id/pex'\nimport type { InputDescriptorV2 } from '@sphereon/pex-models'\nimport type {\n SdJwtDecodedVerifiableCredential,\n W3CVerifiablePresentation as SphereonW3cVerifiablePresentation,\n W3CVerifiablePresentation,\n} from '@sphereon/ssi-types'\nimport type { AgentContext } from '../../agent'\nimport type { Query } from '../../storage/StorageService'\nimport type { VerificationMethod } from '../dids'\nimport type { SdJwtVcRecord } from '../sd-jwt-vc'\nimport type { W3cCredentialRecord, W3cJsonPresentation } from '../vc'\nimport type { IAnonCredsDataIntegrityService } from '../vc/data-integrity/models/IAnonCredsDataIntegrityService'\nimport type {\n DifPexCredentialsForRequest,\n DifPexInputDescriptorToCredentials,\n DifPresentationExchangeDefinition,\n DifPresentationExchangeDefinitionV1,\n DifPresentationExchangeDefinitionV2,\n DifPresentationExchangeSubmission,\n VerifiablePresentation,\n} from './models'\nimport type { PresentationToCreate } from './utils'\n\nimport { injectable } from 'tsyringe'\n\nimport { CredoError } from '../../error'\nimport { JsonTransformer } from '../../utils'\nimport { DidsApi, getPublicJwkFromVerificationMethod } from '../dids'\nimport { Mdoc, MdocApi, MdocRecord, type MdocSessionTranscriptOptions } from '../mdoc'\nimport { MdocDeviceResponse } from '../mdoc/MdocDeviceResponse'\nimport { SdJwtVcApi } from '../sd-jwt-vc'\nimport {\n ClaimFormat,\n SignatureSuiteRegistry,\n W3cCredentialRepository,\n W3cCredentialService,\n W3cPresentation,\n} from '../vc'\nimport {\n ANONCREDS_DATA_INTEGRITY_CRYPTOSUITE,\n AnonCredsDataIntegrityServiceSymbol,\n} from '../vc/data-integrity/models/IAnonCredsDataIntegrityService'\n\nimport { PEVersion, type PartialSdJwtDecodedVerifiableCredential } from '@animo-id/pex/dist/main/lib/index.js'\nimport { getJwkHumanDescription } from '../kms'\nimport { purposes } from '../vc/data-integrity/libraries/jsonld-signatures'\nimport { DifPresentationExchangeError } from './DifPresentationExchangeError'\nimport { DifPresentationExchangeSubmissionLocation } from './models'\nimport {\n getCredentialsForRequest,\n getPresentationsToCreate,\n getSphereonOriginalVerifiableCredential,\n getSphereonOriginalVerifiablePresentation,\n getVerifiablePresentationFromEncoded,\n} from './utils'\n\n/*\n @todo create a public api for using dif presentation exchange\n /\n@injectable()\nexport class DifPresentationExchangeService {\n private pex = new PEX()\n\n public constructor(private w3cCredentialService: W3cCredentialService) {}\n\n public async getCredentialsForRequest(\n agentContext: AgentContext,\n presentationDefinition: DifPresentationExchangeDefinition\n ): Promise<DifPexCredentialsForRequest> {\n const credentialRecords = await this.queryCredentialForPresentationDefinition(agentContext, presentationDefinition)\n return getCredentialsForRequest(this.pex, presentationDefinition, credentialRecords)\n }\n\n /\n Selects the credentials to use based on the output from `getCredentialsForRequest`\n * Use this method if you don't want to manually select the credentials yourself.\n /\n public selectCredentialsForRequest(\n credentialsForRequest: DifPexCredentialsForRequest\n ): DifPexInputDescriptorToCredentials {\n if (!credentialsForRequest.areRequirementsSatisfied) {\n throw new CredoError('Could not find the required credentials for the presentation submission')\n }\n\n const credentials: DifPexInputDescriptorToCredentials = {}\n\n for (const requirement of credentialsForRequest.requirements) {\n // Take needsCount entries from the submission entry\n for (const submission of requirement.submissionEntry.slice(0, requirement.needsCount)) {\n if (!credentials[submission.inputDescriptorId]) {\n credentials[submission.inputDescriptorId] = []\n }\n\n // We pick the first matching VC if we are auto-selecting\n credentials[submission.inputDescriptorId].push(submission.verifiableCredentials[0])\n }\n }\n\n return credentials\n }\n\n public validatePresentationDefinition(presentationDefinition: DifPresentationExchangeDefinition) {\n const validation = PEX.validateDefinition(presentationDefinition)\n const errorMessages = this.formatValidated(validation)\n\n if (errorMessages.length > 0) {\n throw new DifPresentationExchangeError('Invalid presentation definition', { additionalMessages: errorMessages })\n }\n }\n\n public validatePresentationSubmission(presentationSubmission: DifPresentationExchangeSubmission) {\n const validation = PEX.validateSubmission(presentationSubmission)\n const errorMessages = this.formatValidated(validation)\n if (errorMessages.length > 0) {\n throw new DifPresentationExchangeError('Invalid presentation submission', { additionalMessages: errorMessages })\n }\n }\n\n public validatePresentation(\n presentationDefinition: DifPresentationExchangeDefinition,\n presentations: VerifiablePresentation \| VerifiablePresentation[],\n presentationSubmission?: DifPresentationExchangeSubmission\n ) {\n const result = this.pex.evaluatePresentation(\n presentationDefinition,\n Array.isArray(presentations)\n ? presentations.map(getSphereonOriginalVerifiablePresentation)\n : getSphereonOriginalVerifiablePresentation(presentations),\n {\n limitDisclosureSignatureSuites: ['DataIntegrityProof.anoncreds-2023'],\n presentationSubmission,\n }\n )\n\n if (result.areRequiredCredentialsPresent === Status.ERROR) {\n const errorMessages = this.formatValidated(result.errors)\n throw new DifPresentationExchangeError('Invalid presentation', { additionalMessages: errorMessages })\n }\n }\n\n private formatValidated(v?: Checked[] \| Validated) {\n const validated = Array.isArray(v) ? v : v ? [v] : []\n return validated\n .filter((r) => r.status === Status.ERROR)\n .map((r) => r.message)\n .filter((r): r is string => Boolean(r))\n }\n\n public async createPresentation(\n agentContext: AgentContext,\n options: {\n credentialsForInputDescriptor: DifPexInputDescriptorToCredentials\n presentationDefinition: DifPresentationExchangeDefinition\n /\n Defaults to {@link DifPresentationExchangeSubmissionLocation.PRESENTATION}\n /\n presentationSubmissionLocation?: DifPresentationExchangeSubmissionLocation\n /\n Also known as `nonce`\n /\n challenge: string\n\n /\n Also known as `audience`\n /\n domain?: string\n\n /\n Mdoc openid4vp specific options\n /\n mdocSessionTranscript?: MdocSessionTranscriptOptions\n }\n ) {\n const { presentationDefinition, domain, challenge, mdocSessionTranscript } = options\n const presentationSubmissionLocation =\n options.presentationSubmissionLocation ?? DifPresentationExchangeSubmissionLocation.PRESENTATION\n\n const verifiablePresentationResultsWithFormat: Array<{\n verifiablePresentationResult: VerifiablePresentationResult\n claimFormat: PresentationToCreate['claimFormat']\n }> = []\n\n const presentationsToCreate = getPresentationsToCreate(options.credentialsForInputDescriptor)\n for (const presentationToCreate of presentationsToCreate) {\n // We create a presentation for each subject\n // Thus for each subject we need to filter all the related input descriptors and credentials\n // FIXME: cast to V1, as tsc errors for strange reasons if not\n const inputDescriptorIds = presentationToCreate.verifiableCredentials.map((c) => c.inputDescriptorId)\n const inputDescriptorsForPresentation = (\n presentationDefinition as DifPresentationExchangeDefinitionV1\n ).input_descriptors.filter((inputDescriptor) => inputDescriptorIds.includes(inputDescriptor.id))\n\n const presentationDefinitionForSubject: DifPresentationExchangeDefinition = {\n ...presentationDefinition,\n input_descriptors: inputDescriptorsForPresentation,\n\n // We remove the submission requirements, as it will otherwise fail to create the VP\n submission_requirements: undefined,\n }\n\n if (presentationToCreate.claimFormat === ClaimFormat.MsoMdoc) {\n if (presentationToCreate.verifiableCredentials.length !== 1) {\n throw new DifPresentationExchangeError(\n 'Currently a Mdoc presentation can only be created from a single credential'\n )\n }\n const mdocRecord = presentationToCreate.verifiableCredentials[0].credential\n if (!mdocSessionTranscript) {\n throw new DifPresentationExchangeError(\n 'Missing mdoc session transcript options for creating MDOC presentation.'\n )\n }\n\n const { deviceResponseBase64Url, presentationSubmission } =\n await MdocDeviceResponse.createPresentationDefinitionDeviceResponse(agentContext, {\n mdocs: [Mdoc.fromBase64Url(mdocRecord.base64Url)],\n presentationDefinition: presentationDefinition,\n sessionTranscriptOptions: mdocSessionTranscript,\n })\n\n if (presentationSubmissionLocation !== DifPresentationExchangeSubmissionLocation.EXTERNAL) {\n throw new DifPresentationExchangeError(\n 'Only EXTERNAL DifPresentationExchangeSubmissionLocation supported for mdoc presentations'\n )\n }\n\n verifiablePresentationResultsWithFormat.push({\n verifiablePresentationResult: {\n presentationSubmission: presentationSubmission,\n verifiablePresentations: [deviceResponseBase64Url],\n presentationSubmissionLocation,\n },\n claimFormat: presentationToCreate.claimFormat,\n })\n } else {\n // Get all the credentials for the presentation\n const credentialsForPresentation = presentationToCreate.verifiableCredentials.map((c) =>\n getSphereonOriginalVerifiableCredential(c.credential)\n )\n\n const verifiablePresentationResult = await this.pex.verifiablePresentationFrom(\n presentationDefinitionForSubject,\n credentialsForPresentation,\n this.getPresentationSignCallback(agentContext, presentationToCreate),\n {\n proofOptions: {\n challenge,\n domain,\n },\n signatureOptions: {},\n presentationSubmissionLocation,\n }\n )\n\n verifiablePresentationResultsWithFormat.push({\n verifiablePresentationResult,\n claimFormat: presentationToCreate.claimFormat,\n })\n }\n }\n\n if (verifiablePresentationResultsWithFormat.length === 0) {\n throw new DifPresentationExchangeError('No verifiable presentations created')\n }\n\n if (presentationsToCreate.length !== verifiablePresentationResultsWithFormat.length) {\n throw new DifPresentationExchangeError('Invalid amount of verifiable presentations created')\n }\n\n const presentationSubmission: DifPresentationExchangeSubmission = {\n id: verifiablePresentationResultsWithFormat[0].verifiablePresentationResult.presentationSubmission.id,\n definition_id:\n verifiablePresentationResultsWithFormat[0].verifiablePresentationResult.presentationSubmission.definition_id,\n descriptor_map: [],\n }\n\n verifiablePresentationResultsWithFormat.forEach(({ verifiablePresentationResult }, index) => {\n const descriptorMap = verifiablePresentationResult.presentationSubmission.descriptor_map.map((d) => {\n const descriptor = { ...d }\n\n // when multiple presentations are submitted, path should be $[0], $[1]\n // FIXME: this should be addressed in the PEX/OID4VP lib.\n // See https://github.com/Sphereon-Opensource/SIOP-OID4VP/issues/62\n if (\n presentationSubmissionLocation === DifPresentationExchangeSubmissionLocation.EXTERNAL &&\n verifiablePresentationResultsWithFormat.length > 1\n ) {\n descriptor.path = `$[${index}]`\n }\n\n return descriptor\n })\n\n presentationSubmission.descriptor_map.push(...descriptorMap)\n })\n\n return {\n verifiablePresentations: verifiablePresentationResultsWithFormat.flatMap((resultWithFormat) =>\n resultWithFormat.verifiablePresentationResult.verifiablePresentations.map((vp) =>\n getVerifiablePresentationFromEncoded(agentContext, vp)\n )\n ),\n encodedVerifiablePresentations: verifiablePresentationResultsWithFormat.flatMap(\n (resultWithFormat) =>\n resultWithFormat.verifiablePresentationResult.verifiablePresentations as unknown as (\n \| string\n \| W3cJsonPresentation\n )[]\n ),\n presentationSubmission,\n presentationSubmissionLocation:\n verifiablePresentationResultsWithFormat[0].verifiablePresentationResult.presentationSubmissionLocation,\n }\n }\n\n private getSigningAlgorithmFromVerificationMethod(\n verificationMethod: VerificationMethod,\n suitableAlgorithms?: Array<string>\n ) {\n const publicJwk = getPublicJwkFromVerificationMethod(verificationMethod)\n\n if (suitableAlgorithms) {\n const possibleAlgorithms = publicJwk.supportedSignatureAlgorithms.filter((alg) =>\n suitableAlgorithms?.includes(alg)\n )\n if (!possibleAlgorithms \|\| possibleAlgorithms.length === 0) {\n throw new DifPresentationExchangeError(\n [\n 'Found no suitable signing algorithm.',\n `Algorithms supported by Verification method: ${publicJwk.supportedSignatureAlgorithms.join(', ')}`,\n `Suitable algorithms: ${suitableAlgorithms.join(', ')}`,\n ].join('\\n')\n )\n }\n\n return possibleAlgorithms[0]\n }\n\n return publicJwk.signatureAlgorithm\n }\n\n private getSigningAlgorithmsForPresentationDefinitionAndInputDescriptors(\n algorithmsSatisfyingDefinition: Array<string>,\n inputDescriptorAlgorithms: Array<Array<string>>\n ) {\n const allDescriptorAlgorithms = inputDescriptorAlgorithms.flat()\n const algorithmsSatisfyingDescriptors = allDescriptorAlgorithms.filter((alg) =>\n inputDescriptorAlgorithms.every((descriptorAlgorithmSet) => descriptorAlgorithmSet.includes(alg))\n )\n\n const algorithmsSatisfyingPdAndDescriptorRestrictions = algorithmsSatisfyingDefinition.filter((alg) =>\n algorithmsSatisfyingDescriptors.includes(alg)\n )\n\n if (\n algorithmsSatisfyingDefinition.length > 0 &&\n algorithmsSatisfyingDescriptors.length > 0 &&\n algorithmsSatisfyingPdAndDescriptorRestrictions.length === 0\n ) {\n throw new DifPresentationExchangeError(\n 'No signature algorithm found for satisfying restrictions of the presentation definition and input descriptors'\n )\n }\n\n if (allDescriptorAlgorithms.length > 0 && algorithmsSatisfyingDescriptors.length === 0) {\n throw new DifPresentationExchangeError(\n 'No signature algorithm found for satisfying restrictions of the input descriptors'\n )\n }\n\n let suitableAlgorithms: Array<string> \| undefined\n if (algorithmsSatisfyingPdAndDescriptorRestrictions.length > 0) {\n suitableAlgorithms = algorithmsSatisfyingPdAndDescriptorRestrictions\n } else if (algorithmsSatisfyingDescriptors.length > 0) {\n suitableAlgorithms = algorithmsSatisfyingDescriptors\n } else if (algorithmsSatisfyingDefinition.length > 0) {\n suitableAlgorithms = algorithmsSatisfyingDefinition\n }\n\n return suitableAlgorithms\n }\n\n private getSigningAlgorithmForJwtVc(\n presentationDefinition: DifPresentationExchangeDefinitionV1 \| DifPresentationExchangeDefinitionV2,\n verificationMethod: VerificationMethod\n ) {\n const algorithmsSatisfyingDefinition = presentationDefinition.format?.jwt_vc?.alg ?? []\n\n const inputDescriptorAlgorithms: Array<Array<string>> = presentationDefinition.input_descriptors\n .map((descriptor) => (descriptor as InputDescriptorV2).format?.jwt_vc?.alg ?? [])\n .filter((alg) => alg.length > 0)\n\n const suitableAlgorithms = this.getSigningAlgorithmsForPresentationDefinitionAndInputDescriptors(\n algorithmsSatisfyingDefinition,\n inputDescriptorAlgorithms\n )\n\n return this.getSigningAlgorithmFromVerificationMethod(verificationMethod, suitableAlgorithms)\n }\n\n private getProofTypeForLdpVc(\n agentContext: AgentContext,\n presentationDefinition: DifPresentationExchangeDefinitionV1 \| DifPresentationExchangeDefinitionV2,\n verificationMethod: VerificationMethod\n ) {\n const algorithmsSatisfyingDefinition = presentationDefinition.format?.ldp_vc?.proof_type ?? []\n\n const inputDescriptorAlgorithms: Array<Array<string>> = presentationDefinition.input_descriptors\n .map((descriptor) => (descriptor as InputDescriptorV2).format?.ldp_vc?.proof_type ?? [])\n .filter((alg) => alg.length > 0)\n\n const suitableSignatureSuites = this.getSigningAlgorithmsForPresentationDefinitionAndInputDescriptors(\n algorithmsSatisfyingDefinition,\n inputDescriptorAlgorithms\n )\n\n // For each of the supported algs, find the key types, then find the proof types\n const signatureSuiteRegistry = agentContext.dependencyManager.resolve(SignatureSuiteRegistry)\n\n const publicJwk = getPublicJwkFromVerificationMethod(verificationMethod)\n const supportedSignatureSuites = signatureSuiteRegistry.getAllByPublicJwkType(publicJwk)\n if (supportedSignatureSuites.length === 0) {\n throw new DifPresentationExchangeError(\n `Couldn't find a supported signature suite for the given jwk ${getJwkHumanDescription(publicJwk.toJson())}`\n )\n }\n\n if (suitableSignatureSuites) {\n const foundSignatureSuite = supportedSignatureSuites.find((suite) =>\n suitableSignatureSuites.includes(suite.proofType)\n )\n\n if (!foundSignatureSuite) {\n throw new DifPresentationExchangeError(\n [\n 'No possible signature suite found for the given verification method.',\n `Verification method type: ${verificationMethod.type}`,\n `jwk type: ${getJwkHumanDescription(publicJwk.toJson())}`,\n `SupportedSignatureSuites: '${supportedSignatureSuites.map((s) => s.proofType).join(', ')}'`,\n `SuitableSignatureSuites: ${suitableSignatureSuites.join(', ')}`,\n ].join('\\n')\n )\n }\n\n return supportedSignatureSuites[0].proofType\n }\n\n return supportedSignatureSuites[0].proofType\n }\n\n /\n if all submission descriptors have a format of di \| ldp,\n * and all credentials have an ANONCREDS_DATA_INTEGRITY proof we default to\n * signing the presentation using the ANONCREDS_DATA_INTEGRITY_CRYPTOSUITE\n /\n private shouldSignUsingAnonCredsDataIntegrity(\n presentationToCreate: PresentationToCreate,\n presentationSubmission: DifPresentationExchangeSubmission\n ) {\n if (presentationToCreate.claimFormat !== ClaimFormat.LdpVp) return undefined\n\n const validDescriptorFormat = presentationSubmission.descriptor_map.every((descriptor) =>\n [ClaimFormat.DiVc, ClaimFormat.DiVp, ClaimFormat.LdpVc, ClaimFormat.LdpVp].includes(\n descriptor.format as ClaimFormat\n )\n )\n\n const credentialAreSignedUsingAnonCredsDataIntegrity = presentationToCreate.verifiableCredentials.every(\n ({ credential }) => {\n if (credential.credential.claimFormat !== ClaimFormat.LdpVc) return false\n return credential.credential.dataIntegrityCryptosuites.includes(ANONCREDS_DATA_INTEGRITY_CRYPTOSUITE)\n }\n )\n\n return validDescriptorFormat && credentialAreSignedUsingAnonCredsDataIntegrity\n }\n\n private getPresentationSignCallback(agentContext: AgentContext, presentationToCreate: PresentationToCreate) {\n return async (callBackParams: PresentationSignCallBackParams) => {\n // The created partial proof and presentation, as well as original supplied options\n const {\n presentation: presentationInput,\n options,\n presentationDefinition,\n presentationSubmission,\n } = callBackParams\n const { challenge, domain } = options.proofOptions ?? {}\n\n if (!challenge) {\n throw new CredoError('challenge MUST be provided when signing a Verifiable Presentation')\n }\n\n if (presentationToCreate.claimFormat === ClaimFormat.JwtVp) {\n if (!presentationToCreate.subjectIds) {\n throw new DifPresentationExchangeError('Cannot create presentation for credentials without subject id')\n }\n\n // Determine a suitable verification method for the presentation\n const verificationMethod = await this.getVerificationMethodForSubjectId(\n agentContext,\n presentationToCreate.subjectIds[0]\n )\n\n const w3cPresentation = JsonTransformer.fromJSON(presentationInput, W3cPresentation)\n w3cPresentation.holder = verificationMethod.controller\n\n const signedPresentation = await this.w3cCredentialService.signPresentation<ClaimFormat.JwtVp>(agentContext, {\n format: ClaimFormat.JwtVp,\n alg: this.getSigningAlgorithmForJwtVc(presentationDefinition, verificationMethod),\n verificationMethod: verificationMethod.id,\n presentation: w3cPresentation,\n challenge,\n domain,\n })\n\n return signedPresentation.encoded as W3CVerifiablePresentation\n }\n if (presentationToCreate.claimFormat === ClaimFormat.LdpVp) {\n if (this.shouldSignUsingAnonCredsDataIntegrity(presentationToCreate, presentationSubmission)) {\n // make sure the descriptors format properties are set correctly\n presentationSubmission.descriptor_map = presentationSubmission.descriptor_map.map((descriptor) => ({\n ...descriptor,\n format: 'di_vp',\n }))\n const anoncredsDataIntegrityService = agentContext.dependencyManager.resolve<IAnonCredsDataIntegrityService>(\n AnonCredsDataIntegrityServiceSymbol\n )\n const presentation = await anoncredsDataIntegrityService.createPresentation(agentContext, {\n presentationDefinition,\n presentationSubmission,\n selectedCredentialRecords: presentationToCreate.verifiableCredentials.map((vc) => vc.credential),\n challenge,\n })\n return {\n ...presentation.toJSON(),\n presentation_submission: presentationSubmission,\n } as unknown as SphereonW3cVerifiablePresentation\n }\n\n if (!presentationToCreate.subjectIds) {\n throw new DifPresentationExchangeError('Cannot create presentation for credentials without subject id')\n }\n // Determine a suitable verification method for the presentation\n const verificationMethod = await this.getVerificationMethodForSubjectId(\n agentContext,\n presentationToCreate.subjectIds[0]\n )\n\n const w3cPresentation = JsonTransformer.fromJSON(presentationInput, W3cPresentation)\n w3cPresentation.holder = verificationMethod.controller\n\n const signedPresentation = await this.w3cCredentialService.signPresentation(agentContext, {\n format: ClaimFormat.LdpVp,\n // TODO: we should move the check for which proof to use for a presentation to earlier\n // as then we know when determining which VPs to submit already if the proof types are supported\n // by the verifier, and we can then just add this to the vpToCreate interface\n proofType: this.getProofTypeForLdpVc(agentContext, presentationDefinition, verificationMethod),\n proofPurpose: new purposes.AuthenticationProofPurpose({ challenge, domain }),\n verificationMethod: verificationMethod.id,\n presentation: w3cPresentation,\n challenge,\n domain,\n })\n\n return signedPresentation.encoded as W3CVerifiablePresentation\n }\n if (presentationToCreate.claimFormat === ClaimFormat.SdJwtDc) {\n const sdJwtInput = presentationInput as\n \| SdJwtDecodedVerifiableCredential\n \| PartialSdJwtDecodedVerifiableCredential\n\n if (!domain) {\n throw new CredoError(\"Missing 'domain' property, unable to set required 'aud' property in SD-JWT KB-JWT\")\n }\n\n const sdJwtVcApi = this.getSdJwtVcApi(agentContext)\n const sdJwtVc = await sdJwtVcApi.present({\n compactSdJwtVc: sdJwtInput.compactSdJwtVc,\n // SD is already handled by PEX, so we presents all keys\n presentationFrame: undefined,\n verifierMetadata: {\n audience: domain,\n nonce: challenge,\n // TODO: we should make this optional\n issuedAt: Math.floor(Date.now() / 1000),\n },\n additionalPayload: presentationToCreate.verifiableCredentials[0].additionalPayload,\n })\n\n return sdJwtVc\n }\n throw new DifPresentationExchangeError(\n 'Only JWT, SD-JWT-VC, JSONLD credentials are supported for a single presentation'\n )\n }\n }\n\n private async getVerificationMethodForSubjectId(agentContext: AgentContext, subjectId: string) {\n const didsApi = agentContext.dependencyManager.resolve(DidsApi)\n\n if (!subjectId.startsWith('did:')) {\n throw new DifPresentationExchangeError(\n `Only dids are supported as credentialSubject id. ${subjectId} is not a valid did`\n )\n }\n\n const didDocument = await didsApi.resolveDidDocument(subjectId)\n\n if (!didDocument.authentication \|\| didDocument.authentication.length === 0) {\n throw new DifPresentationExchangeError(\n `No authentication verificationMethods found for did ${subjectId} in did document`\n )\n }\n\n // the signature suite to use for the presentation is dependant on the credentials we share.\n // 1. Get the verification method for this given proof purpose in this DID document\n let [verificationMethod] = didDocument.authentication\n if (typeof verificationMethod === 'string') {\n verificationMethod = didDocument.dereferenceKey(verificationMethod, ['authentication'])\n }\n\n return verificationMethod\n }\n\n /\n Queries the wallet for credentials that match the given presentation definition. This only does an initial query based on the\n * schema of the input descriptors. It does not do any further filtering based on the constraints in the input descriptors.\n */\n private async queryCredentialForPresentationDefinition(\n agentContext: AgentContext,\n presentationDefinition: DifPresentationExchangeDefinition\n ): Promise<Array<SdJwtVcRecord \| W3cCredentialRecord \| MdocRecord>> {\n const w3cCredentialRepository = agentContext.dependencyManager.resolve(W3cCredentialRepository)\n const w3cQuery: Array<Query<W3cCredentialRecord>> = []\n const sdJwtVcQuery: Array<Query<SdJwtVcRecord>> = []\n const mdocQuery: Array<Query<MdocRecord>> = []\n\n const presentationDefinitionVersion = PEX.definitionVersionDiscovery(presentationDefinition)\n\n if (!presentationDefinitionVersion.version) {\n throw new DifPresentationExchangeError(\n 'Unable to determine the Presentation Exchange version from the presentation definition',\n presentationDefinitionVersion.error ? { additionalMessages: [presentationDefinitionVersion.error] } : {}\n )\n }\n\n // FIXME: in the query we should take into account the supported proof types of the verifier\n // this could help enormously in the amount of credentials we have to retrieve from storage.\n if (presentationDefinitionVersion.version === PEVersion.v1) {\n const pd = presentationDefinition as DifPresentationExchangeDefinitionV1\n\n // The schema.uri can contain either an expanded type, or a context uri\n for (const inputDescriptor of pd.input_descriptors) {\n for (const schema of inputDescriptor.schema) {\n sdJwtVcQuery.push({\n vct: schema.uri,\n })\n w3cQuery.push({\n $or: [{ expandedTypes: [schema.uri] }, { contexts: [schema.uri] }, { types: [schema.uri] }],\n })\n mdocQuery.push({\n docType: inputDescriptor.id,\n })\n }\n }\n } else if (presentationDefinitionVersion.version === PEVersion.v2) {\n // FIXME: As PE version 2 does not have the `schema` anymore, we can't query by schema anymore.\n // We probably need\n // to find some way to do initial filtering, hopefully if there's a filter on the `type` field or something.\n } else {\n throw new DifPresentationExchangeError(\n `Unsupported presentation definition version ${presentationDefinitionVersion.version as unknown as string}`\n )\n }\n\n const allRecords: Array<SdJwtVcRecord \| W3cCredentialRecord \| MdocRecord> = []\n\n // query the wallet ourselves first to avoid the need to query the pex library for all\n // credentials for every proof request\n const w3cCredentialRecords =\n w3cQuery.length > 0\n ? await w3cCredentialRepository.findByQuery(agentContext, { $or: w3cQuery })\n : await w3cCredentialRepository.getAll(agentContext)\n allRecords.push(...w3cCredentialRecords)\n\n const sdJwtVcApi = this.getSdJwtVcApi(agentContext)\n const sdJwtVcRecords =\n sdJwtVcQuery.length > 0 ? await sdJwtVcApi.findAllByQuery({ $or: sdJwtVcQuery }) : await sdJwtVcApi.getAll()\n allRecords.push(...sdJwtVcRecords)\n\n const mdocApi = this.getMdocApi(agentContext)\n const mdocRecords = mdocQuery.length > 0 ? await mdocApi.findAllByQuery({ $or: mdocQuery }) : await mdocApi.getAll()\n allRecords.push(...mdocRecords)\n\n return allRecords\n }\n\n private getSdJwtVcApi(agentContext: AgentContext) {\n return agentContext.dependencyManager.resolve(SdJwtVcApi)\n }\n\n private getMdocApi(agentContext: AgentContext) {\n return agentContext.dependencyManager.resolve(MdocApi)\n }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA8DO,2CAAMA,iCAA+B;CAG1C,AAAO,YAAY,AAAQC,sBAA4C;EAA5C;OAFnB,MAAM,IAAI,KAAK;;CAIvB,MAAa,yBACX,cACA,wBACsC;EACtC,MAAM,oBAAoB,MAAM,KAAK,yCAAyC,cAAc,uBAAuB;AACnH,SAAO,yBAAyB,KAAK,KAAK,wBAAwB,kBAAkB;;;;;;CAOtF,AAAO,4BACL,uBACoC;AACpC,MAAI,CAAC,sBAAsB,yBACzB,OAAM,IAAI,WAAW,0EAA0E;EAGjG,MAAMC,cAAkD,EAAE;AAE1D,OAAK,MAAM,eAAe,sBAAsB,aAE9C,MAAK,MAAM,cAAc,YAAY,gBAAgB,MAAM,GAAG,YAAY,WAAW,EAAE;AACrF,OAAI,CAAC,YAAY,WAAW,mBAC1B,aAAY,WAAW,qBAAqB,EAAE;AAIhD,eAAY,WAAW,mBAAmB,KAAK,WAAW,sBAAsB,GAAG;;AAIvF,SAAO;;CAGT,AAAO,+BAA+B,wBAA2D;EAC/F,MAAM,aAAa,IAAI,mBAAmB,uBAAuB;EACjE,MAAM,gBAAgB,KAAK,gBAAgB,WAAW;AAEtD,MAAI,cAAc,SAAS,EACzB,OAAM,IAAI,6BAA6B,mCAAmC,EAAE,oBAAoB,eAAe,CAAC;;CAIpH,AAAO,+BAA+B,wBAA2D;EAC/F,MAAM,aAAa,IAAI,mBAAmB,uBAAuB;EACjE,MAAM,gBAAgB,KAAK,gBAAgB,WAAW;AACtD,MAAI,cAAc,SAAS,EACzB,OAAM,IAAI,6BAA6B,mCAAmC,EAAE,oBAAoB,eAAe,CAAC;;CAIpH,AAAO,qBACL,wBACA,eACA,wBACA;EACA,MAAM,SAAS,KAAK,IAAI,qBACtB,wBACA,MAAM,QAAQ,cAAc,GACxB,cAAc,IAAI,0CAA0C,GAC5D,0CAA0C,cAAc,EAC5D;GACE,gCAAgC,CAAC,oCAAoC;GACrE;GACD,CACF;AAED,MAAI,OAAO,kCAAkC,OAAO,MAElD,OAAM,IAAI,6BAA6B,wBAAwB,EAAE,oBAD3C,KAAK,gBAAgB,OAAO,OAAO,EAC2C,CAAC;;CAIzG,AAAQ,gBAAgB,GAA2B;AAEjD,UADkB,MAAM,QAAQ,EAAE,GAAG,IAAI,IAAI,CAAC,EAAE,GAAG,EAAE,EAElD,QAAQ,MAAM,EAAE,WAAW,OAAO,MAAM,CACxC,KAAK,MAAM,EAAE,QAAQ,CACrB,QAAQ,MAAmB,QAAQ,EAAE,CAAC;;CAG3C,MAAa,mBACX,cACA,SAsBA;EACA,MAAM,EAAE,wBAAwB,QAAQ,WAAW,0BAA0B;EAC7E,MAAM,iCACJ,QAAQ,kCAAkCC,+BAA0C;EAEtF,MAAMC,0CAGD,EAAE;EAEP,MAAM,wBAAwB,yBAAyB,QAAQ,8BAA8B;AAC7F,OAAK,MAAM,wBAAwB,uBAAuB;GAIxD,MAAM,qBAAqB,qBAAqB,sBAAsB,KAAK,MAAM,EAAE,kBAAkB;GACrG,MAAM,kCACJ,uBACA,kBAAkB,QAAQ,oBAAoB,mBAAmB,SAAS,gBAAgB,GAAG,CAAC;GAEhG,MAAMC,mCAAsE;IAC1E,GAAG;IACH,mBAAmB;IAGnB,yBAAyB;IAC1B;AAED,OAAI,qBAAqB,gBAAgB,YAAY,SAAS;AAC5D,QAAI,qBAAqB,sBAAsB,WAAW,EACxD,OAAM,IAAI,6BACR,6EACD;IAEH,MAAM,aAAa,qBAAqB,sBAAsB,GAAG;AACjE,QAAI,CAAC,sBACH,OAAM,IAAI,6BACR,0EACD;IAGH,MAAM,EAAE,yBAAyB,qDAC/B,MAAM,mBAAmB,2CAA2C,cAAc;KAChF,OAAO,CAAC,KAAK,cAAc,WAAW,UAAU,CAAC;KACzB;KACxB,0BAA0B;KAC3B,CAAC;AAEJ,QAAI,mCAAmCF,+BAA0C,SAC/E,OAAM,IAAI,6BACR,2FACD;AAGH,4CAAwC,KAAK;KAC3C,8BAA8B;MAC5B,wBAAwBG;MACxB,yBAAyB,CAAC,wBAAwB;MAClD;MACD;KACD,aAAa,qBAAqB;KACnC,CAAC;UACG;IAEL,MAAM,6BAA6B,qBAAqB,sBAAsB,KAAK,MACjF,wCAAwC,EAAE,WAAW,CACtD;IAED,MAAM,+BAA+B,MAAM,KAAK,IAAI,2BAClD,kCACA,4BACA,KAAK,4BAA4B,cAAc,qBAAqB,EACpE;KACE,cAAc;MACZ;MACA;MACD;KACD,kBAAkB,EAAE;KACpB;KACD,CACF;AAED,4CAAwC,KAAK;KAC3C;KACA,aAAa,qBAAqB;KACnC,CAAC;;;AAIN,MAAI,wCAAwC,WAAW,EACrD,OAAM,IAAI,6BAA6B,sCAAsC;AAG/E,MAAI,sBAAsB,WAAW,wCAAwC,OAC3E,OAAM,IAAI,6BAA6B,qDAAqD;EAG9F,MAAMC,yBAA4D;GAChE,IAAI,wCAAwC,GAAG,6BAA6B,uBAAuB;GACnG,eACE,wCAAwC,GAAG,6BAA6B,uBAAuB;GACjG,gBAAgB,EAAE;GACnB;AAED,0CAAwC,SAAS,EAAE,gCAAgC,UAAU;GAC3F,MAAM,gBAAgB,6BAA6B,uBAAuB,eAAe,KAAK,MAAM;IAClG,MAAM,aAAa,EAAE,GAAG,GAAG;AAK3B,QACE,mCAAmCJ,+BAA0C,YAC7E,wCAAwC,SAAS,EAEjD,YAAW,OAAO,KAAK,MAAM;AAG/B,WAAO;KACP;AAEF,0BAAuB,eAAe,KAAK,GAAG,cAAc;IAC5D;AAEF,SAAO;GACL,yBAAyB,wCAAwC,SAAS,qBACxE,iBAAiB,6BAA6B,wBAAwB,KAAK,OACzE,qCAAqC,cAAc,GAAG,CACvD,CACF;GACD,gCAAgC,wCAAwC,SACrE,qBACC,iBAAiB,6BAA6B,wBAIjD;GACD;GACA,gCACE,wCAAwC,GAAG,6BAA6B;GAC3E;;CAGH,AAAQ,0CACN,oBACA,oBACA;EACA,MAAM,YAAY,mCAAmC,mBAAmB;AAExE,MAAI,oBAAoB;GACtB,MAAM,qBAAqB,UAAU,6BAA6B,QAAQ,QACxE,oBAAoB,SAAS,IAAI,CAClC;AACD,OAAI,CAAC,sBAAsB,mBAAmB,WAAW,EACvD,OAAM,IAAI,6BACR;IACE;IACA,gDAAgD,UAAU,6BAA6B,KAAK,KAAK;IACjG,wBAAwB,mBAAmB,KAAK,KAAK;IACtD,CAAC,KAAK,KAAK,CACb;AAGH,UAAO,mBAAmB;;AAG5B,SAAO,UAAU;;CAGnB,AAAQ,iEACN,gCACA,2BACA;EACA,MAAM,0BAA0B,0BAA0B,MAAM;EAChE,MAAM,kCAAkC,wBAAwB,QAAQ,QACtE,0BAA0B,OAAO,2BAA2B,uBAAuB,SAAS,IAAI,CAAC,CAClG;EAED,MAAM,kDAAkD,+BAA+B,QAAQ,QAC7F,gCAAgC,SAAS,IAAI,CAC9C;AAED,MACE,+BAA+B,SAAS,KACxC,gCAAgC,SAAS,KACzC,gDAAgD,WAAW,EAE3D,OAAM,IAAI,6BACR,gHACD;AAGH,MAAI,wBAAwB,SAAS,KAAK,gCAAgC,WAAW,EACnF,OAAM,IAAI,6BACR,oFACD;EAGH,IAAIK;AACJ,MAAI,gDAAgD,SAAS,EAC3D,sBAAqB;WACZ,gCAAgC,SAAS,EAClD,sBAAqB;WACZ,+BAA+B,SAAS,EACjD,sBAAqB;AAGvB,SAAO;;CAGT,AAAQ,4BACN,wBACA,oBACA;EACA,MAAM,iCAAiC,uBAAuB,QAAQ,QAAQ,OAAO,EAAE;EAEvF,MAAMC,4BAAkD,uBAAuB,kBAC5E,KAAK,eAAgB,WAAiC,QAAQ,QAAQ,OAAO,EAAE,CAAC,CAChF,QAAQ,QAAQ,IAAI,SAAS,EAAE;EAElC,MAAM,qBAAqB,KAAK,iEAC9B,gCACA,0BACD;AAED,SAAO,KAAK,0CAA0C,oBAAoB,mBAAmB;;CAG/F,AAAQ,qBACN,cACA,wBACA,oBACA;EACA,MAAM,iCAAiC,uBAAuB,QAAQ,QAAQ,cAAc,EAAE;EAE9F,MAAMA,4BAAkD,uBAAuB,kBAC5E,KAAK,eAAgB,WAAiC,QAAQ,QAAQ,cAAc,EAAE,CAAC,CACvF,QAAQ,QAAQ,IAAI,SAAS,EAAE;EAElC,MAAM,0BAA0B,KAAK,iEACnC,gCACA,0BACD;EAGD,MAAM,yBAAyB,aAAa,kBAAkB,QAAQ,uBAAuB;EAE7F,MAAM,YAAY,mCAAmC,mBAAmB;EACxE,MAAM,2BAA2B,uBAAuB,sBAAsB,UAAU;AACxF,MAAI,yBAAyB,WAAW,EACtC,OAAM,IAAI,6BACR,+DAA+D,uBAAuB,UAAU,QAAQ,CAAC,GAC1G;AAGH,MAAI,yBAAyB;AAK3B,OAAI,CAJwB,yBAAyB,MAAM,UACzD,wBAAwB,SAAS,MAAM,UAAU,CAClD,CAGC,OAAM,IAAI,6BACR;IACE;IACA,6BAA6B,mBAAmB;IAChD,aAAa,uBAAuB,UAAU,QAAQ,CAAC;IACvD,8BAA8B,yBAAyB,KAAK,MAAM,EAAE,UAAU,CAAC,KAAK,KAAK,CAAC;IAC1F,4BAA4B,wBAAwB,KAAK,KAAK;IAC/D,CAAC,KAAK,KAAK,CACb;AAGH,UAAO,yBAAyB,GAAG;;AAGrC,SAAO,yBAAyB,GAAG;;;;;;;CAQrC,AAAQ,sCACN,sBACA,wBACA;AACA,MAAI,qBAAqB,gBAAgB,YAAY,MAAO,QAAO;EAEnE,MAAM,wBAAwB,uBAAuB,eAAe,OAAO,eACzE;GAAC,YAAY;GAAM,YAAY;GAAM,YAAY;GAAO,YAAY;GAAM,CAAC,SACzE,WAAW,OACZ,CACF;EAED,MAAM,iDAAiD,qBAAqB,sBAAsB,OAC/F,EAAE,iBAAiB;AAClB,OAAI,WAAW,WAAW,gBAAgB,YAAY,MAAO,QAAO;AACpE,UAAO,WAAW,WAAW,0BAA0B,SAAS,qCAAqC;IAExG;AAED,SAAO,yBAAyB;;CAGlC,AAAQ,4BAA4B,cAA4B,sBAA4C;AAC1G,SAAO,OAAO,mBAAmD;GAE/D,MAAM,EACJ,cAAc,mBACd,SACA,wBACA,2BACE;GACJ,MAAM,EAAE,WAAW,WAAW,QAAQ,gBAAgB,EAAE;AAExD,OAAI,CAAC,UACH,OAAM,IAAI,WAAW,oEAAoE;AAG3F,OAAI,qBAAqB,gBAAgB,YAAY,OAAO;AAC1D,QAAI,CAAC,qBAAqB,WACxB,OAAM,IAAI,6BAA6B,gEAAgE;IAIzG,MAAM,qBAAqB,MAAM,KAAK,kCACpC,cACA,qBAAqB,WAAW,GACjC;IAED,MAAM,kBAAkB,gBAAgB,SAAS,mBAAmB,gBAAgB;AACpF,oBAAgB,SAAS,mBAAmB;AAW5C,YAT2B,MAAM,KAAK,qBAAqB,iBAAoC,cAAc;KAC3G,QAAQ,YAAY;KACpB,KAAK,KAAK,4BAA4B,wBAAwB,mBAAmB;KACjF,oBAAoB,mBAAmB;KACvC,cAAc;KACd;KACA;KACD,CAAC,EAEwB;;AAE5B,OAAI,qBAAqB,gBAAgB,YAAY,OAAO;AAC1D,QAAI,KAAK,sCAAsC,sBAAsB,uBAAuB,EAAE;AAE5F,4BAAuB,iBAAiB,uBAAuB,eAAe,KAAK,gBAAgB;MACjG,GAAG;MACH,QAAQ;MACT,EAAE;AAUH,YAAO;MACL,IAPmB,MAHiB,aAAa,kBAAkB,QACnE,oCACD,CACwD,mBAAmB,cAAc;OACxF;OACA;OACA,2BAA2B,qBAAqB,sBAAsB,KAAK,OAAO,GAAG,WAAW;OAChG;OACD,CAAC,EAEgB,QAAQ;MACxB,yBAAyB;MAC1B;;AAGH,QAAI,CAAC,qBAAqB,WACxB,OAAM,IAAI,6BAA6B,gEAAgE;IAGzG,MAAM,qBAAqB,MAAM,KAAK,kCACpC,cACA,qBAAqB,WAAW,GACjC;IAED,MAAM,kBAAkB,gBAAgB,SAAS,mBAAmB,gBAAgB;AACpF,oBAAgB,SAAS,mBAAmB;AAe5C,YAb2B,MAAM,KAAK,qBAAqB,iBAAiB,cAAc;KACxF,QAAQ,YAAY;KAIpB,WAAW,KAAK,qBAAqB,cAAc,wBAAwB,mBAAmB;KAC9F,cAAc,IAAI,SAAS,2BAA2B;MAAE;MAAW;MAAQ,CAAC;KAC5E,oBAAoB,mBAAmB;KACvC,cAAc;KACd;KACA;KACD,CAAC,EAEwB;;AAE5B,OAAI,qBAAqB,gBAAgB,YAAY,SAAS;IAC5D,MAAM,aAAa;AAInB,QAAI,CAAC,OACH,OAAM,IAAI,WAAW,oFAAoF;AAiB3G,WAbgB,MADG,KAAK,cAAc,aAAa,CAClB,QAAQ;KACvC,gBAAgB,WAAW;KAE3B,mBAAmB;KACnB,kBAAkB;MAChB,UAAU;MACV,OAAO;MAEP,UAAU,KAAK,MAAM,KAAK,KAAK,GAAG,IAAK;MACxC;KACD,mBAAmB,qBAAqB,sBAAsB,GAAG;KAClE,CAAC;;AAIJ,SAAM,IAAI,6BACR,kFACD;;;CAIL,MAAc,kCAAkC,cAA4B,WAAmB;EAC7F,MAAM,UAAU,aAAa,kBAAkB,QAAQ,QAAQ;AAE/D,MAAI,CAAC,UAAU,WAAW,OAAO,CAC/B,OAAM,IAAI,6BACR,oDAAoD,UAAU,qBAC/D;EAGH,MAAM,cAAc,MAAM,QAAQ,mBAAmB,UAAU;AAE/D,MAAI,CAAC,YAAY,kBAAkB,YAAY,eAAe,WAAW,EACvE,OAAM,IAAI,6BACR,uDAAuD,UAAU,kBAClE;EAKH,IAAI,CAAC,sBAAsB,YAAY;AACvC,MAAI,OAAO,uBAAuB,SAChC,sBAAqB,YAAY,eAAe,oBAAoB,CAAC,iBAAiB,CAAC;AAGzF,SAAO;;;;;;CAOT,MAAc,yCACZ,cACA,wBACkE;EAClE,MAAM,0BAA0B,aAAa,kBAAkB,QAAQ,wBAAwB;EAC/F,MAAMC,WAA8C,EAAE;EACtD,MAAMC,eAA4C,EAAE;EACpD,MAAMC,YAAsC,EAAE;EAE9C,MAAM,gCAAgC,IAAI,2BAA2B,uBAAuB;AAE5F,MAAI,CAAC,8BAA8B,QACjC,OAAM,IAAI,6BACR,0FACA,8BAA8B,QAAQ,EAAE,oBAAoB,CAAC,8BAA8B,MAAM,EAAE,GAAG,EAAE,CACzG;AAKH,MAAI,8BAA8B,YAAY,UAAU,IAAI;GAC1D,MAAM,KAAK;AAGX,QAAK,MAAM,mBAAmB,GAAG,kBAC/B,MAAK,MAAM,UAAU,gBAAgB,QAAQ;AAC3C,iBAAa,KAAK,EAChB,KAAK,OAAO,KACb,CAAC;AACF,aAAS,KAAK,EACZ,KAAK;KAAC,EAAE,eAAe,CAAC,OAAO,IAAI,EAAE;KAAE,EAAE,UAAU,CAAC,OAAO,IAAI,EAAE;KAAE,EAAE,OAAO,CAAC,OAAO,IAAI,EAAE;KAAC,EAC5F,CAAC;AACF,cAAU,KAAK,EACb,SAAS,gBAAgB,IAC1B,CAAC;;aAGG,8BAA8B,YAAY,UAAU,IAAI,OAKjE,OAAM,IAAI,6BACR,+CAA+C,8BAA8B,UAC9E;EAGH,MAAMC,aAAsE,EAAE;EAI9E,MAAM,uBACJ,SAAS,SAAS,IACd,MAAM,wBAAwB,YAAY,cAAc,EAAE,KAAK,UAAU,CAAC,GAC1E,MAAM,wBAAwB,OAAO,aAAa;AACxD,aAAW,KAAK,GAAG,qBAAqB;EAExC,MAAM,aAAa,KAAK,cAAc,aAAa;EACnD,MAAM,iBACJ,aAAa,SAAS,IAAI,MAAM,WAAW,eAAe,EAAE,KAAK,cAAc,CAAC,GAAG,MAAM,WAAW,QAAQ;AAC9G,aAAW,KAAK,GAAG,eAAe;EAElC,MAAM,UAAU,KAAK,WAAW,aAAa;EAC7C,MAAM,cAAc,UAAU,SAAS,IAAI,MAAM,QAAQ,eAAe,EAAE,KAAK,WAAW,CAAC,GAAG,MAAM,QAAQ,QAAQ;AACpH,aAAW,KAAK,GAAG,YAAY;AAE/B,SAAO;;CAGT,AAAQ,cAAc,cAA4B;AAChD,SAAO,aAAa,kBAAkB,QAAQ,WAAW;;CAG3D,AAAQ,WAAW,cAA4B;AAC7C,SAAO,aAAa,kBAAkB,QAAQ,QAAQ;;;6CAnoBzD,YAAY"}
1	+ {"version":3,"file":"DifPresentationExchangeService.mjs","names":["DifPresentationExchangeService","w3cCredentialService: W3cCredentialService","credentials: DifPexInputDescriptorToCredentials","DifPresentationExchangeSubmissionLocation","verifiablePresentationResultsWithFormat: Array<{\n verifiablePresentationResult: VerifiablePresentationResult\n claimFormat: PresentationToCreate['claimFormat']\n }>","presentationDefinitionForSubject: DifPresentationExchangeDefinition","presentationSubmission","presentationSubmission: DifPresentationExchangeSubmission","suitableAlgorithms: Array<string> \| undefined","inputDescriptorAlgorithms: Array<Array<string>>","w3cQuery: Array<Query<W3cCredentialRecord>>","sdJwtVcQuery: Array<Query<SdJwtVcRecord>>","mdocQuery: Array<Query<MdocRecord>>","allRecords: Array<SdJwtVcRecord \| W3cCredentialRecord \| MdocRecord>"],"sources":["../../../src/modules/dif-presentation-exchange/DifPresentationExchangeService.ts"],"sourcesContent":["import type { Checked, PresentationSignCallBackParams, Validated, VerifiablePresentationResult } from '@animo-id/pex'\nimport { PEX, Status } from '@animo-id/pex'\nimport { type PartialSdJwtDecodedVerifiableCredential, PEVersion } from '@animo-id/pex/dist/main/lib/index.js'\nimport type { InputDescriptorV2 } from '@sphereon/pex-models'\nimport type {\n SdJwtDecodedVerifiableCredential,\n W3CVerifiablePresentation as SphereonW3cVerifiablePresentation,\n W3CVerifiablePresentation,\n} from '@sphereon/ssi-types'\nimport { injectable } from 'tsyringe'\nimport type { AgentContext } from '../../agent'\nimport { CredoError } from '../../error'\nimport type { Query } from '../../storage/StorageService'\nimport { JsonTransformer } from '../../utils'\nimport type { VerificationMethod } from '../dids'\nimport { DidsApi, getPublicJwkFromVerificationMethod } from '../dids'\nimport { getJwkHumanDescription } from '../kms'\nimport { Mdoc, MdocApi, MdocRecord, type MdocSessionTranscriptOptions } from '../mdoc'\nimport { MdocDeviceResponse } from '../mdoc/MdocDeviceResponse'\nimport type { SdJwtVcRecord } from '../sd-jwt-vc'\nimport { SdJwtVcApi } from '../sd-jwt-vc'\nimport type { W3cCredentialRecord, W3cJsonPresentation } from '../vc'\nimport {\n ClaimFormat,\n SignatureSuiteRegistry,\n W3cCredentialRepository,\n W3cCredentialService,\n W3cPresentation,\n} from '../vc'\nimport { purposes } from '../vc/data-integrity/libraries/jsonld-signatures'\nimport type { IAnonCredsDataIntegrityService } from '../vc/data-integrity/models/IAnonCredsDataIntegrityService'\nimport {\n ANONCREDS_DATA_INTEGRITY_CRYPTOSUITE,\n AnonCredsDataIntegrityServiceSymbol,\n} from '../vc/data-integrity/models/IAnonCredsDataIntegrityService'\nimport { DifPresentationExchangeError } from './DifPresentationExchangeError'\nimport type {\n DifPexCredentialsForRequest,\n DifPexInputDescriptorToCredentials,\n DifPresentationExchangeDefinition,\n DifPresentationExchangeDefinitionV1,\n DifPresentationExchangeDefinitionV2,\n DifPresentationExchangeSubmission,\n VerifiablePresentation,\n} from './models'\nimport { DifPresentationExchangeSubmissionLocation } from './models'\nimport type { PresentationToCreate } from './utils'\nimport {\n getCredentialsForRequest,\n getPresentationsToCreate,\n getSphereonOriginalVerifiableCredential,\n getSphereonOriginalVerifiablePresentation,\n getVerifiablePresentationFromEncoded,\n} from './utils'\n\n/*\n @todo create a public api for using dif presentation exchange\n /\n@injectable()\nexport class DifPresentationExchangeService {\n private pex = new PEX()\n\n public constructor(private w3cCredentialService: W3cCredentialService) {}\n\n public async getCredentialsForRequest(\n agentContext: AgentContext,\n presentationDefinition: DifPresentationExchangeDefinition\n ): Promise<DifPexCredentialsForRequest> {\n const credentialRecords = await this.queryCredentialForPresentationDefinition(agentContext, presentationDefinition)\n return getCredentialsForRequest(this.pex, presentationDefinition, credentialRecords)\n }\n\n /\n Selects the credentials to use based on the output from `getCredentialsForRequest`\n * Use this method if you don't want to manually select the credentials yourself.\n /\n public selectCredentialsForRequest(\n credentialsForRequest: DifPexCredentialsForRequest\n ): DifPexInputDescriptorToCredentials {\n if (!credentialsForRequest.areRequirementsSatisfied) {\n throw new CredoError('Could not find the required credentials for the presentation submission')\n }\n\n const credentials: DifPexInputDescriptorToCredentials = {}\n\n for (const requirement of credentialsForRequest.requirements) {\n // Take needsCount entries from the submission entry\n for (const submission of requirement.submissionEntry.slice(0, requirement.needsCount)) {\n if (!credentials[submission.inputDescriptorId]) {\n credentials[submission.inputDescriptorId] = []\n }\n\n // We pick the first matching VC if we are auto-selecting\n credentials[submission.inputDescriptorId].push(submission.verifiableCredentials[0])\n }\n }\n\n return credentials\n }\n\n public validatePresentationDefinition(presentationDefinition: DifPresentationExchangeDefinition) {\n const validation = PEX.validateDefinition(presentationDefinition)\n const errorMessages = this.formatValidated(validation)\n\n if (errorMessages.length > 0) {\n throw new DifPresentationExchangeError('Invalid presentation definition', { additionalMessages: errorMessages })\n }\n }\n\n public validatePresentationSubmission(presentationSubmission: DifPresentationExchangeSubmission) {\n const validation = PEX.validateSubmission(presentationSubmission)\n const errorMessages = this.formatValidated(validation)\n if (errorMessages.length > 0) {\n throw new DifPresentationExchangeError('Invalid presentation submission', { additionalMessages: errorMessages })\n }\n }\n\n public validatePresentation(\n presentationDefinition: DifPresentationExchangeDefinition,\n presentations: VerifiablePresentation \| VerifiablePresentation[],\n presentationSubmission?: DifPresentationExchangeSubmission\n ) {\n const result = this.pex.evaluatePresentation(\n presentationDefinition,\n Array.isArray(presentations)\n ? presentations.map(getSphereonOriginalVerifiablePresentation)\n : getSphereonOriginalVerifiablePresentation(presentations),\n {\n limitDisclosureSignatureSuites: ['DataIntegrityProof.anoncreds-2023'],\n presentationSubmission,\n }\n )\n\n if (result.areRequiredCredentialsPresent === Status.ERROR) {\n const errorMessages = this.formatValidated(result.errors)\n throw new DifPresentationExchangeError('Invalid presentation', { additionalMessages: errorMessages })\n }\n }\n\n private formatValidated(v?: Checked[] \| Validated) {\n const validated = Array.isArray(v) ? v : v ? [v] : []\n return validated\n .filter((r) => r.status === Status.ERROR)\n .map((r) => r.message)\n .filter((r): r is string => Boolean(r))\n }\n\n public async createPresentation(\n agentContext: AgentContext,\n options: {\n credentialsForInputDescriptor: DifPexInputDescriptorToCredentials\n presentationDefinition: DifPresentationExchangeDefinition\n /\n Defaults to {@link DifPresentationExchangeSubmissionLocation.PRESENTATION}\n /\n presentationSubmissionLocation?: DifPresentationExchangeSubmissionLocation\n /\n Also known as `nonce`\n /\n challenge: string\n\n /\n Also known as `audience`\n /\n domain?: string\n\n /\n Mdoc openid4vp specific options\n /\n mdocSessionTranscript?: MdocSessionTranscriptOptions\n }\n ) {\n const { presentationDefinition, domain, challenge, mdocSessionTranscript } = options\n const presentationSubmissionLocation =\n options.presentationSubmissionLocation ?? DifPresentationExchangeSubmissionLocation.PRESENTATION\n\n const verifiablePresentationResultsWithFormat: Array<{\n verifiablePresentationResult: VerifiablePresentationResult\n claimFormat: PresentationToCreate['claimFormat']\n }> = []\n\n const presentationsToCreate = getPresentationsToCreate(options.credentialsForInputDescriptor)\n for (const presentationToCreate of presentationsToCreate) {\n // We create a presentation for each subject\n // Thus for each subject we need to filter all the related input descriptors and credentials\n // FIXME: cast to V1, as tsc errors for strange reasons if not\n const inputDescriptorIds = presentationToCreate.verifiableCredentials.map((c) => c.inputDescriptorId)\n const inputDescriptorsForPresentation = (\n presentationDefinition as DifPresentationExchangeDefinitionV1\n ).input_descriptors.filter((inputDescriptor) => inputDescriptorIds.includes(inputDescriptor.id))\n\n const presentationDefinitionForSubject: DifPresentationExchangeDefinition = {\n ...presentationDefinition,\n input_descriptors: inputDescriptorsForPresentation,\n\n // We remove the submission requirements, as it will otherwise fail to create the VP\n submission_requirements: undefined,\n }\n\n if (presentationToCreate.claimFormat === ClaimFormat.MsoMdoc) {\n if (presentationToCreate.verifiableCredentials.length !== 1) {\n throw new DifPresentationExchangeError(\n 'Currently a Mdoc presentation can only be created from a single credential'\n )\n }\n const mdocRecord = presentationToCreate.verifiableCredentials[0].credential\n if (!mdocSessionTranscript) {\n throw new DifPresentationExchangeError(\n 'Missing mdoc session transcript options for creating MDOC presentation.'\n )\n }\n\n const { deviceResponseBase64Url, presentationSubmission } =\n await MdocDeviceResponse.createPresentationDefinitionDeviceResponse(agentContext, {\n mdocs: [Mdoc.fromBase64Url(mdocRecord.base64Url)],\n presentationDefinition: presentationDefinition,\n sessionTranscriptOptions: mdocSessionTranscript,\n })\n\n if (presentationSubmissionLocation !== DifPresentationExchangeSubmissionLocation.EXTERNAL) {\n throw new DifPresentationExchangeError(\n 'Only EXTERNAL DifPresentationExchangeSubmissionLocation supported for mdoc presentations'\n )\n }\n\n verifiablePresentationResultsWithFormat.push({\n verifiablePresentationResult: {\n presentationSubmission: presentationSubmission,\n verifiablePresentations: [deviceResponseBase64Url],\n presentationSubmissionLocation,\n },\n claimFormat: presentationToCreate.claimFormat,\n })\n } else {\n // Get all the credentials for the presentation\n const credentialsForPresentation = presentationToCreate.verifiableCredentials.map((c) =>\n getSphereonOriginalVerifiableCredential(c.credential)\n )\n\n const extraProofOptions = this.shouldSignUsingAnonCredsDataIntegrity(presentationToCreate)\n ? {\n typeSupportsSelectiveDisclosure: true,\n type: `DataIntegrityProof.${ANONCREDS_DATA_INTEGRITY_CRYPTOSUITE}`,\n }\n : {}\n\n const verifiablePresentationResult = await this.pex.verifiablePresentationFrom(\n presentationDefinitionForSubject,\n credentialsForPresentation,\n this.getPresentationSignCallback(agentContext, presentationToCreate),\n {\n proofOptions: {\n challenge,\n domain,\n\n ...extraProofOptions,\n },\n presentationSubmissionLocation,\n }\n )\n\n verifiablePresentationResultsWithFormat.push({\n verifiablePresentationResult,\n claimFormat: presentationToCreate.claimFormat,\n })\n }\n }\n\n if (verifiablePresentationResultsWithFormat.length === 0) {\n throw new DifPresentationExchangeError('No verifiable presentations created')\n }\n\n if (presentationsToCreate.length !== verifiablePresentationResultsWithFormat.length) {\n throw new DifPresentationExchangeError('Invalid amount of verifiable presentations created')\n }\n\n const presentationSubmission: DifPresentationExchangeSubmission = {\n id: verifiablePresentationResultsWithFormat[0].verifiablePresentationResult.presentationSubmission.id,\n definition_id:\n verifiablePresentationResultsWithFormat[0].verifiablePresentationResult.presentationSubmission.definition_id,\n descriptor_map: [],\n }\n\n verifiablePresentationResultsWithFormat.forEach(({ verifiablePresentationResult }, index) => {\n const descriptorMap = verifiablePresentationResult.presentationSubmission.descriptor_map.map((d) => {\n const descriptor = { ...d }\n\n // when multiple presentations are submitted, path should be $[0], $[1]\n // FIXME: this should be addressed in the PEX/OID4VP lib.\n // See https://github.com/Sphereon-Opensource/SIOP-OID4VP/issues/62\n if (\n presentationSubmissionLocation === DifPresentationExchangeSubmissionLocation.EXTERNAL &&\n verifiablePresentationResultsWithFormat.length > 1\n ) {\n descriptor.path = `$[${index}]`\n }\n\n return descriptor\n })\n\n presentationSubmission.descriptor_map.push(...descriptorMap)\n })\n\n return {\n verifiablePresentations: verifiablePresentationResultsWithFormat.flatMap((resultWithFormat) =>\n resultWithFormat.verifiablePresentationResult.verifiablePresentations.map((vp) =>\n getVerifiablePresentationFromEncoded(agentContext, vp)\n )\n ),\n encodedVerifiablePresentations: verifiablePresentationResultsWithFormat.flatMap(\n (resultWithFormat) =>\n resultWithFormat.verifiablePresentationResult.verifiablePresentations as unknown as (\n \| string\n \| W3cJsonPresentation\n )[]\n ),\n presentationSubmission,\n presentationSubmissionLocation:\n verifiablePresentationResultsWithFormat[0].verifiablePresentationResult.presentationSubmissionLocation,\n }\n }\n\n private getSigningAlgorithmFromVerificationMethod(\n verificationMethod: VerificationMethod,\n suitableAlgorithms?: Array<string>\n ) {\n const publicJwk = getPublicJwkFromVerificationMethod(verificationMethod)\n\n if (suitableAlgorithms) {\n const possibleAlgorithms = publicJwk.supportedSignatureAlgorithms.filter((alg) =>\n suitableAlgorithms?.includes(alg)\n )\n if (!possibleAlgorithms \|\| possibleAlgorithms.length === 0) {\n throw new DifPresentationExchangeError(\n [\n 'Found no suitable signing algorithm.',\n `Algorithms supported by Verification method: ${publicJwk.supportedSignatureAlgorithms.join(', ')}`,\n `Suitable algorithms: ${suitableAlgorithms.join(', ')}`,\n ].join('\\n')\n )\n }\n\n return possibleAlgorithms[0]\n }\n\n return publicJwk.signatureAlgorithm\n }\n\n private getSigningAlgorithmsForPresentationDefinitionAndInputDescriptors(\n algorithmsSatisfyingDefinition: Array<string>,\n inputDescriptorAlgorithms: Array<Array<string>>\n ) {\n const allDescriptorAlgorithms = inputDescriptorAlgorithms.flat()\n const algorithmsSatisfyingDescriptors = allDescriptorAlgorithms.filter((alg) =>\n inputDescriptorAlgorithms.every((descriptorAlgorithmSet) => descriptorAlgorithmSet.includes(alg))\n )\n\n const algorithmsSatisfyingPdAndDescriptorRestrictions = algorithmsSatisfyingDefinition.filter((alg) =>\n algorithmsSatisfyingDescriptors.includes(alg)\n )\n\n if (\n algorithmsSatisfyingDefinition.length > 0 &&\n algorithmsSatisfyingDescriptors.length > 0 &&\n algorithmsSatisfyingPdAndDescriptorRestrictions.length === 0\n ) {\n throw new DifPresentationExchangeError(\n 'No signature algorithm found for satisfying restrictions of the presentation definition and input descriptors'\n )\n }\n\n if (allDescriptorAlgorithms.length > 0 && algorithmsSatisfyingDescriptors.length === 0) {\n throw new DifPresentationExchangeError(\n 'No signature algorithm found for satisfying restrictions of the input descriptors'\n )\n }\n\n let suitableAlgorithms: Array<string> \| undefined\n if (algorithmsSatisfyingPdAndDescriptorRestrictions.length > 0) {\n suitableAlgorithms = algorithmsSatisfyingPdAndDescriptorRestrictions\n } else if (algorithmsSatisfyingDescriptors.length > 0) {\n suitableAlgorithms = algorithmsSatisfyingDescriptors\n } else if (algorithmsSatisfyingDefinition.length > 0) {\n suitableAlgorithms = algorithmsSatisfyingDefinition\n }\n\n return suitableAlgorithms\n }\n\n private getSigningAlgorithmForJwtVc(\n presentationDefinition: DifPresentationExchangeDefinitionV1 \| DifPresentationExchangeDefinitionV2,\n verificationMethod: VerificationMethod\n ) {\n const algorithmsSatisfyingDefinition = presentationDefinition.format?.jwt_vc?.alg ?? []\n\n const inputDescriptorAlgorithms: Array<Array<string>> = presentationDefinition.input_descriptors\n .map((descriptor) => (descriptor as InputDescriptorV2).format?.jwt_vc?.alg ?? [])\n .filter((alg) => alg.length > 0)\n\n const suitableAlgorithms = this.getSigningAlgorithmsForPresentationDefinitionAndInputDescriptors(\n algorithmsSatisfyingDefinition,\n inputDescriptorAlgorithms\n )\n\n return this.getSigningAlgorithmFromVerificationMethod(verificationMethod, suitableAlgorithms)\n }\n\n private getProofTypeForLdpVc(\n agentContext: AgentContext,\n presentationDefinition: DifPresentationExchangeDefinitionV1 \| DifPresentationExchangeDefinitionV2,\n verificationMethod: VerificationMethod\n ) {\n const algorithmsSatisfyingDefinition = presentationDefinition.format?.ldp_vc?.proof_type ?? []\n\n const inputDescriptorAlgorithms: Array<Array<string>> = presentationDefinition.input_descriptors\n .map((descriptor) => (descriptor as InputDescriptorV2).format?.ldp_vc?.proof_type ?? [])\n .filter((alg) => alg.length > 0)\n\n const suitableSignatureSuites = this.getSigningAlgorithmsForPresentationDefinitionAndInputDescriptors(\n algorithmsSatisfyingDefinition,\n inputDescriptorAlgorithms\n )\n\n // For each of the supported algs, find the key types, then find the proof types\n const signatureSuiteRegistry = agentContext.dependencyManager.resolve(SignatureSuiteRegistry)\n\n const publicJwk = getPublicJwkFromVerificationMethod(verificationMethod)\n const supportedSignatureSuites = signatureSuiteRegistry.getAllByPublicJwkType(publicJwk)\n if (supportedSignatureSuites.length === 0) {\n throw new DifPresentationExchangeError(\n `Couldn't find a supported signature suite for the given jwk ${getJwkHumanDescription(publicJwk.toJson())}`\n )\n }\n\n if (suitableSignatureSuites) {\n const foundSignatureSuite = supportedSignatureSuites.find((suite) =>\n suitableSignatureSuites.includes(suite.proofType)\n )\n\n if (!foundSignatureSuite) {\n throw new DifPresentationExchangeError(\n [\n 'No possible signature suite found for the given verification method.',\n `Verification method type: ${verificationMethod.type}`,\n `jwk type: ${getJwkHumanDescription(publicJwk.toJson())}`,\n `SupportedSignatureSuites: '${supportedSignatureSuites.map((s) => s.proofType).join(', ')}'`,\n `SuitableSignatureSuites: ${suitableSignatureSuites.join(', ')}`,\n ].join('\\n')\n )\n }\n\n return supportedSignatureSuites[0].proofType\n }\n\n return supportedSignatureSuites[0].proofType\n }\n\n /\n if all submission descriptors have a format of di \| ldp,\n * and all credentials have an ANONCREDS_DATA_INTEGRITY proof we default to\n * signing the presentation using the ANONCREDS_DATA_INTEGRITY_CRYPTOSUITE\n /\n private shouldSignUsingAnonCredsDataIntegrity(\n presentationToCreate: PresentationToCreate,\n presentationSubmission?: DifPresentationExchangeSubmission\n ) {\n if (presentationToCreate.claimFormat !== ClaimFormat.LdpVp) return undefined\n\n const validDescriptorFormat =\n !presentationSubmission \|\|\n presentationSubmission.descriptor_map.every((descriptor) =>\n [ClaimFormat.DiVc, ClaimFormat.DiVp, ClaimFormat.LdpVc, ClaimFormat.LdpVp].includes(\n descriptor.format as ClaimFormat\n )\n )\n\n const credentialAreSignedUsingAnonCredsDataIntegrity = presentationToCreate.verifiableCredentials.every(\n ({ credential }) => {\n if (credential.credential.claimFormat !== ClaimFormat.LdpVc) return false\n return credential.credential.dataIntegrityCryptosuites.includes(ANONCREDS_DATA_INTEGRITY_CRYPTOSUITE)\n }\n )\n\n return validDescriptorFormat && credentialAreSignedUsingAnonCredsDataIntegrity\n }\n\n private getPresentationSignCallback(agentContext: AgentContext, presentationToCreate: PresentationToCreate) {\n return async (callBackParams: PresentationSignCallBackParams) => {\n // The created partial proof and presentation, as well as original supplied options\n const {\n presentation: presentationInput,\n options,\n presentationDefinition,\n presentationSubmission,\n } = callBackParams\n const { challenge, domain } = options.proofOptions ?? {}\n\n if (!challenge) {\n throw new CredoError('challenge MUST be provided when signing a Verifiable Presentation')\n }\n\n if (presentationToCreate.claimFormat === ClaimFormat.JwtVp) {\n if (!presentationToCreate.subjectIds) {\n throw new DifPresentationExchangeError('Cannot create presentation for credentials without subject id')\n }\n\n // Determine a suitable verification method for the presentation\n const verificationMethod = await this.getVerificationMethodForSubjectId(\n agentContext,\n presentationToCreate.subjectIds[0]\n )\n\n const w3cPresentation = JsonTransformer.fromJSON(presentationInput, W3cPresentation)\n w3cPresentation.holder = verificationMethod.controller\n\n const signedPresentation = await this.w3cCredentialService.signPresentation<ClaimFormat.JwtVp>(agentContext, {\n format: ClaimFormat.JwtVp,\n alg: this.getSigningAlgorithmForJwtVc(presentationDefinition, verificationMethod),\n verificationMethod: verificationMethod.id,\n presentation: w3cPresentation,\n challenge,\n domain,\n })\n\n return signedPresentation.encoded as W3CVerifiablePresentation\n }\n if (presentationToCreate.claimFormat === ClaimFormat.LdpVp) {\n if (this.shouldSignUsingAnonCredsDataIntegrity(presentationToCreate, presentationSubmission)) {\n // make sure the descriptors format properties are set correctly\n presentationSubmission.descriptor_map = presentationSubmission.descriptor_map.map((descriptor) => ({\n ...descriptor,\n format: 'di_vp',\n }))\n const anoncredsDataIntegrityService = agentContext.dependencyManager.resolve<IAnonCredsDataIntegrityService>(\n AnonCredsDataIntegrityServiceSymbol\n )\n const presentation = await anoncredsDataIntegrityService.createPresentation(agentContext, {\n presentationDefinition,\n presentationSubmission,\n selectedCredentialRecords: presentationToCreate.verifiableCredentials.map((vc) => vc.credential),\n challenge,\n })\n return {\n ...presentation.toJSON(),\n presentation_submission: presentationSubmission,\n } as unknown as SphereonW3cVerifiablePresentation\n }\n\n if (!presentationToCreate.subjectIds) {\n throw new DifPresentationExchangeError('Cannot create presentation for credentials without subject id')\n }\n // Determine a suitable verification method for the presentation\n const verificationMethod = await this.getVerificationMethodForSubjectId(\n agentContext,\n presentationToCreate.subjectIds[0]\n )\n\n const w3cPresentation = JsonTransformer.fromJSON(presentationInput, W3cPresentation)\n w3cPresentation.holder = verificationMethod.controller\n\n const signedPresentation = await this.w3cCredentialService.signPresentation(agentContext, {\n format: ClaimFormat.LdpVp,\n // TODO: we should move the check for which proof to use for a presentation to earlier\n // as then we know when determining which VPs to submit already if the proof types are supported\n // by the verifier, and we can then just add this to the vpToCreate interface\n proofType: this.getProofTypeForLdpVc(agentContext, presentationDefinition, verificationMethod),\n proofPurpose: new purposes.AuthenticationProofPurpose({ challenge, domain }),\n verificationMethod: verificationMethod.id,\n presentation: w3cPresentation,\n challenge,\n domain,\n })\n\n return signedPresentation.encoded as W3CVerifiablePresentation\n }\n if (presentationToCreate.claimFormat === ClaimFormat.SdJwtDc) {\n const sdJwtInput = presentationInput as\n \| SdJwtDecodedVerifiableCredential\n \| PartialSdJwtDecodedVerifiableCredential\n\n if (!domain) {\n throw new CredoError(\"Missing 'domain' property, unable to set required 'aud' property in SD-JWT KB-JWT\")\n }\n\n const sdJwtVcApi = this.getSdJwtVcApi(agentContext)\n const sdJwtVc = await sdJwtVcApi.present({\n compactSdJwtVc: sdJwtInput.compactSdJwtVc,\n // SD is already handled by PEX, so we presents all keys\n presentationFrame: undefined,\n verifierMetadata: {\n audience: domain,\n nonce: challenge,\n // TODO: we should make this optional\n issuedAt: Math.floor(Date.now() / 1000),\n },\n additionalPayload: presentationToCreate.verifiableCredentials[0].additionalPayload,\n })\n\n return sdJwtVc\n }\n throw new DifPresentationExchangeError(\n 'Only JWT, SD-JWT-VC, JSONLD credentials are supported for a single presentation'\n )\n }\n }\n\n private async getVerificationMethodForSubjectId(agentContext: AgentContext, subjectId: string) {\n const didsApi = agentContext.dependencyManager.resolve(DidsApi)\n\n if (!subjectId.startsWith('did:')) {\n throw new DifPresentationExchangeError(\n `Only dids are supported as credentialSubject id. ${subjectId} is not a valid did`\n )\n }\n\n const didDocument = await didsApi.resolveDidDocument(subjectId)\n\n if (!didDocument.authentication \|\| didDocument.authentication.length === 0) {\n throw new DifPresentationExchangeError(\n `No authentication verificationMethods found for did ${subjectId} in did document`\n )\n }\n\n // the signature suite to use for the presentation is dependant on the credentials we share.\n // 1. Get the verification method for this given proof purpose in this DID document\n let [verificationMethod] = didDocument.authentication\n if (typeof verificationMethod === 'string') {\n verificationMethod = didDocument.dereferenceKey(verificationMethod, ['authentication'])\n }\n\n return verificationMethod\n }\n\n /\n Queries the wallet for credentials that match the given presentation definition. This only does an initial query based on the\n * schema of the input descriptors. It does not do any further filtering based on the constraints in the input descriptors.\n */\n private async queryCredentialForPresentationDefinition(\n agentContext: AgentContext,\n presentationDefinition: DifPresentationExchangeDefinition\n ): Promise<Array<SdJwtVcRecord \| W3cCredentialRecord \| MdocRecord>> {\n const w3cCredentialRepository = agentContext.dependencyManager.resolve(W3cCredentialRepository)\n const w3cQuery: Array<Query<W3cCredentialRecord>> = []\n const sdJwtVcQuery: Array<Query<SdJwtVcRecord>> = []\n const mdocQuery: Array<Query<MdocRecord>> = []\n\n const presentationDefinitionVersion = PEX.definitionVersionDiscovery(presentationDefinition)\n\n if (!presentationDefinitionVersion.version) {\n throw new DifPresentationExchangeError(\n 'Unable to determine the Presentation Exchange version from the presentation definition',\n presentationDefinitionVersion.error ? { additionalMessages: [presentationDefinitionVersion.error] } : {}\n )\n }\n\n // FIXME: in the query we should take into account the supported proof types of the verifier\n // this could help enormously in the amount of credentials we have to retrieve from storage.\n if (presentationDefinitionVersion.version === PEVersion.v1) {\n const pd = presentationDefinition as DifPresentationExchangeDefinitionV1\n\n // The schema.uri can contain either an expanded type, or a context uri\n for (const inputDescriptor of pd.input_descriptors) {\n for (const schema of inputDescriptor.schema) {\n sdJwtVcQuery.push({\n vct: schema.uri,\n })\n w3cQuery.push({\n $or: [{ expandedTypes: [schema.uri] }, { contexts: [schema.uri] }, { types: [schema.uri] }],\n })\n mdocQuery.push({\n docType: inputDescriptor.id,\n })\n }\n }\n } else if (presentationDefinitionVersion.version === PEVersion.v2) {\n // FIXME: As PE version 2 does not have the `schema` anymore, we can't query by schema anymore.\n // We probably need\n // to find some way to do initial filtering, hopefully if there's a filter on the `type` field or something.\n } else {\n throw new DifPresentationExchangeError(\n `Unsupported presentation definition version ${presentationDefinitionVersion.version as unknown as string}`\n )\n }\n\n const allRecords: Array<SdJwtVcRecord \| W3cCredentialRecord \| MdocRecord> = []\n\n // query the wallet ourselves first to avoid the need to query the pex library for all\n // credentials for every proof request\n const w3cCredentialRecords =\n w3cQuery.length > 0\n ? await w3cCredentialRepository.findByQuery(agentContext, { $or: w3cQuery })\n : await w3cCredentialRepository.getAll(agentContext)\n allRecords.push(...w3cCredentialRecords)\n\n const sdJwtVcApi = this.getSdJwtVcApi(agentContext)\n const sdJwtVcRecords =\n sdJwtVcQuery.length > 0 ? await sdJwtVcApi.findAllByQuery({ $or: sdJwtVcQuery }) : await sdJwtVcApi.getAll()\n allRecords.push(...sdJwtVcRecords)\n\n const mdocApi = this.getMdocApi(agentContext)\n const mdocRecords = mdocQuery.length > 0 ? await mdocApi.findAllByQuery({ $or: mdocQuery }) : await mdocApi.getAll()\n allRecords.push(...mdocRecords)\n\n return allRecords\n }\n\n private getSdJwtVcApi(agentContext: AgentContext) {\n return agentContext.dependencyManager.resolve(SdJwtVcApi)\n }\n\n private getMdocApi(agentContext: AgentContext) {\n return agentContext.dependencyManager.resolve(MdocApi)\n }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA2DO,2CAAMA,iCAA+B;CAG1C,AAAO,YAAY,AAAQC,sBAA4C;EAA5C;OAFnB,MAAM,IAAI,KAAK;;CAIvB,MAAa,yBACX,cACA,wBACsC;EACtC,MAAM,oBAAoB,MAAM,KAAK,yCAAyC,cAAc,uBAAuB;AACnH,SAAO,yBAAyB,KAAK,KAAK,wBAAwB,kBAAkB;;;;;;CAOtF,AAAO,4BACL,uBACoC;AACpC,MAAI,CAAC,sBAAsB,yBACzB,OAAM,IAAI,WAAW,0EAA0E;EAGjG,MAAMC,cAAkD,EAAE;AAE1D,OAAK,MAAM,eAAe,sBAAsB,aAE9C,MAAK,MAAM,cAAc,YAAY,gBAAgB,MAAM,GAAG,YAAY,WAAW,EAAE;AACrF,OAAI,CAAC,YAAY,WAAW,mBAC1B,aAAY,WAAW,qBAAqB,EAAE;AAIhD,eAAY,WAAW,mBAAmB,KAAK,WAAW,sBAAsB,GAAG;;AAIvF,SAAO;;CAGT,AAAO,+BAA+B,wBAA2D;EAC/F,MAAM,aAAa,IAAI,mBAAmB,uBAAuB;EACjE,MAAM,gBAAgB,KAAK,gBAAgB,WAAW;AAEtD,MAAI,cAAc,SAAS,EACzB,OAAM,IAAI,6BAA6B,mCAAmC,EAAE,oBAAoB,eAAe,CAAC;;CAIpH,AAAO,+BAA+B,wBAA2D;EAC/F,MAAM,aAAa,IAAI,mBAAmB,uBAAuB;EACjE,MAAM,gBAAgB,KAAK,gBAAgB,WAAW;AACtD,MAAI,cAAc,SAAS,EACzB,OAAM,IAAI,6BAA6B,mCAAmC,EAAE,oBAAoB,eAAe,CAAC;;CAIpH,AAAO,qBACL,wBACA,eACA,wBACA;EACA,MAAM,SAAS,KAAK,IAAI,qBACtB,wBACA,MAAM,QAAQ,cAAc,GACxB,cAAc,IAAI,0CAA0C,GAC5D,0CAA0C,cAAc,EAC5D;GACE,gCAAgC,CAAC,oCAAoC;GACrE;GACD,CACF;AAED,MAAI,OAAO,kCAAkC,OAAO,MAElD,OAAM,IAAI,6BAA6B,wBAAwB,EAAE,oBAD3C,KAAK,gBAAgB,OAAO,OAAO,EAC2C,CAAC;;CAIzG,AAAQ,gBAAgB,GAA2B;AAEjD,UADkB,MAAM,QAAQ,EAAE,GAAG,IAAI,IAAI,CAAC,EAAE,GAAG,EAAE,EAElD,QAAQ,MAAM,EAAE,WAAW,OAAO,MAAM,CACxC,KAAK,MAAM,EAAE,QAAQ,CACrB,QAAQ,MAAmB,QAAQ,EAAE,CAAC;;CAG3C,MAAa,mBACX,cACA,SAsBA;EACA,MAAM,EAAE,wBAAwB,QAAQ,WAAW,0BAA0B;EAC7E,MAAM,iCACJ,QAAQ,kCAAkCC,+BAA0C;EAEtF,MAAMC,0CAGD,EAAE;EAEP,MAAM,wBAAwB,yBAAyB,QAAQ,8BAA8B;AAC7F,OAAK,MAAM,wBAAwB,uBAAuB;GAIxD,MAAM,qBAAqB,qBAAqB,sBAAsB,KAAK,MAAM,EAAE,kBAAkB;GACrG,MAAM,kCACJ,uBACA,kBAAkB,QAAQ,oBAAoB,mBAAmB,SAAS,gBAAgB,GAAG,CAAC;GAEhG,MAAMC,mCAAsE;IAC1E,GAAG;IACH,mBAAmB;IAGnB,yBAAyB;IAC1B;AAED,OAAI,qBAAqB,gBAAgB,YAAY,SAAS;AAC5D,QAAI,qBAAqB,sBAAsB,WAAW,EACxD,OAAM,IAAI,6BACR,6EACD;IAEH,MAAM,aAAa,qBAAqB,sBAAsB,GAAG;AACjE,QAAI,CAAC,sBACH,OAAM,IAAI,6BACR,0EACD;IAGH,MAAM,EAAE,yBAAyB,qDAC/B,MAAM,mBAAmB,2CAA2C,cAAc;KAChF,OAAO,CAAC,KAAK,cAAc,WAAW,UAAU,CAAC;KACzB;KACxB,0BAA0B;KAC3B,CAAC;AAEJ,QAAI,mCAAmCF,+BAA0C,SAC/E,OAAM,IAAI,6BACR,2FACD;AAGH,4CAAwC,KAAK;KAC3C,8BAA8B;MAC5B,wBAAwBG;MACxB,yBAAyB,CAAC,wBAAwB;MAClD;MACD;KACD,aAAa,qBAAqB;KACnC,CAAC;UACG;IAEL,MAAM,6BAA6B,qBAAqB,sBAAsB,KAAK,MACjF,wCAAwC,EAAE,WAAW,CACtD;IAED,MAAM,oBAAoB,KAAK,sCAAsC,qBAAqB,GACtF;KACE,iCAAiC;KACjC,MAAM,sBAAsB;KAC7B,GACD,EAAE;IAEN,MAAM,+BAA+B,MAAM,KAAK,IAAI,2BAClD,kCACA,4BACA,KAAK,4BAA4B,cAAc,qBAAqB,EACpE;KACE,cAAc;MACZ;MACA;MAEA,GAAG;MACJ;KACD;KACD,CACF;AAED,4CAAwC,KAAK;KAC3C;KACA,aAAa,qBAAqB;KACnC,CAAC;;;AAIN,MAAI,wCAAwC,WAAW,EACrD,OAAM,IAAI,6BAA6B,sCAAsC;AAG/E,MAAI,sBAAsB,WAAW,wCAAwC,OAC3E,OAAM,IAAI,6BAA6B,qDAAqD;EAG9F,MAAMC,yBAA4D;GAChE,IAAI,wCAAwC,GAAG,6BAA6B,uBAAuB;GACnG,eACE,wCAAwC,GAAG,6BAA6B,uBAAuB;GACjG,gBAAgB,EAAE;GACnB;AAED,0CAAwC,SAAS,EAAE,gCAAgC,UAAU;GAC3F,MAAM,gBAAgB,6BAA6B,uBAAuB,eAAe,KAAK,MAAM;IAClG,MAAM,aAAa,EAAE,GAAG,GAAG;AAK3B,QACE,mCAAmCJ,+BAA0C,YAC7E,wCAAwC,SAAS,EAEjD,YAAW,OAAO,KAAK,MAAM;AAG/B,WAAO;KACP;AAEF,0BAAuB,eAAe,KAAK,GAAG,cAAc;IAC5D;AAEF,SAAO;GACL,yBAAyB,wCAAwC,SAAS,qBACxE,iBAAiB,6BAA6B,wBAAwB,KAAK,OACzE,qCAAqC,cAAc,GAAG,CACvD,CACF;GACD,gCAAgC,wCAAwC,SACrE,qBACC,iBAAiB,6BAA6B,wBAIjD;GACD;GACA,gCACE,wCAAwC,GAAG,6BAA6B;GAC3E;;CAGH,AAAQ,0CACN,oBACA,oBACA;EACA,MAAM,YAAY,mCAAmC,mBAAmB;AAExE,MAAI,oBAAoB;GACtB,MAAM,qBAAqB,UAAU,6BAA6B,QAAQ,QACxE,oBAAoB,SAAS,IAAI,CAClC;AACD,OAAI,CAAC,sBAAsB,mBAAmB,WAAW,EACvD,OAAM,IAAI,6BACR;IACE;IACA,gDAAgD,UAAU,6BAA6B,KAAK,KAAK;IACjG,wBAAwB,mBAAmB,KAAK,KAAK;IACtD,CAAC,KAAK,KAAK,CACb;AAGH,UAAO,mBAAmB;;AAG5B,SAAO,UAAU;;CAGnB,AAAQ,iEACN,gCACA,2BACA;EACA,MAAM,0BAA0B,0BAA0B,MAAM;EAChE,MAAM,kCAAkC,wBAAwB,QAAQ,QACtE,0BAA0B,OAAO,2BAA2B,uBAAuB,SAAS,IAAI,CAAC,CAClG;EAED,MAAM,kDAAkD,+BAA+B,QAAQ,QAC7F,gCAAgC,SAAS,IAAI,CAC9C;AAED,MACE,+BAA+B,SAAS,KACxC,gCAAgC,SAAS,KACzC,gDAAgD,WAAW,EAE3D,OAAM,IAAI,6BACR,gHACD;AAGH,MAAI,wBAAwB,SAAS,KAAK,gCAAgC,WAAW,EACnF,OAAM,IAAI,6BACR,oFACD;EAGH,IAAIK;AACJ,MAAI,gDAAgD,SAAS,EAC3D,sBAAqB;WACZ,gCAAgC,SAAS,EAClD,sBAAqB;WACZ,+BAA+B,SAAS,EACjD,sBAAqB;AAGvB,SAAO;;CAGT,AAAQ,4BACN,wBACA,oBACA;EACA,MAAM,iCAAiC,uBAAuB,QAAQ,QAAQ,OAAO,EAAE;EAEvF,MAAMC,4BAAkD,uBAAuB,kBAC5E,KAAK,eAAgB,WAAiC,QAAQ,QAAQ,OAAO,EAAE,CAAC,CAChF,QAAQ,QAAQ,IAAI,SAAS,EAAE;EAElC,MAAM,qBAAqB,KAAK,iEAC9B,gCACA,0BACD;AAED,SAAO,KAAK,0CAA0C,oBAAoB,mBAAmB;;CAG/F,AAAQ,qBACN,cACA,wBACA,oBACA;EACA,MAAM,iCAAiC,uBAAuB,QAAQ,QAAQ,cAAc,EAAE;EAE9F,MAAMA,4BAAkD,uBAAuB,kBAC5E,KAAK,eAAgB,WAAiC,QAAQ,QAAQ,cAAc,EAAE,CAAC,CACvF,QAAQ,QAAQ,IAAI,SAAS,EAAE;EAElC,MAAM,0BAA0B,KAAK,iEACnC,gCACA,0BACD;EAGD,MAAM,yBAAyB,aAAa,kBAAkB,QAAQ,uBAAuB;EAE7F,MAAM,YAAY,mCAAmC,mBAAmB;EACxE,MAAM,2BAA2B,uBAAuB,sBAAsB,UAAU;AACxF,MAAI,yBAAyB,WAAW,EACtC,OAAM,IAAI,6BACR,+DAA+D,uBAAuB,UAAU,QAAQ,CAAC,GAC1G;AAGH,MAAI,yBAAyB;AAK3B,OAAI,CAJwB,yBAAyB,MAAM,UACzD,wBAAwB,SAAS,MAAM,UAAU,CAClD,CAGC,OAAM,IAAI,6BACR;IACE;IACA,6BAA6B,mBAAmB;IAChD,aAAa,uBAAuB,UAAU,QAAQ,CAAC;IACvD,8BAA8B,yBAAyB,KAAK,MAAM,EAAE,UAAU,CAAC,KAAK,KAAK,CAAC;IAC1F,4BAA4B,wBAAwB,KAAK,KAAK;IAC/D,CAAC,KAAK,KAAK,CACb;AAGH,UAAO,yBAAyB,GAAG;;AAGrC,SAAO,yBAAyB,GAAG;;;;;;;CAQrC,AAAQ,sCACN,sBACA,wBACA;AACA,MAAI,qBAAqB,gBAAgB,YAAY,MAAO,QAAO;EAEnE,MAAM,wBACJ,CAAC,0BACD,uBAAuB,eAAe,OAAO,eAC3C;GAAC,YAAY;GAAM,YAAY;GAAM,YAAY;GAAO,YAAY;GAAM,CAAC,SACzE,WAAW,OACZ,CACF;EAEH,MAAM,iDAAiD,qBAAqB,sBAAsB,OAC/F,EAAE,iBAAiB;AAClB,OAAI,WAAW,WAAW,gBAAgB,YAAY,MAAO,QAAO;AACpE,UAAO,WAAW,WAAW,0BAA0B,SAAS,qCAAqC;IAExG;AAED,SAAO,yBAAyB;;CAGlC,AAAQ,4BAA4B,cAA4B,sBAA4C;AAC1G,SAAO,OAAO,mBAAmD;GAE/D,MAAM,EACJ,cAAc,mBACd,SACA,wBACA,2BACE;GACJ,MAAM,EAAE,WAAW,WAAW,QAAQ,gBAAgB,EAAE;AAExD,OAAI,CAAC,UACH,OAAM,IAAI,WAAW,oEAAoE;AAG3F,OAAI,qBAAqB,gBAAgB,YAAY,OAAO;AAC1D,QAAI,CAAC,qBAAqB,WACxB,OAAM,IAAI,6BAA6B,gEAAgE;IAIzG,MAAM,qBAAqB,MAAM,KAAK,kCACpC,cACA,qBAAqB,WAAW,GACjC;IAED,MAAM,kBAAkB,gBAAgB,SAAS,mBAAmB,gBAAgB;AACpF,oBAAgB,SAAS,mBAAmB;AAW5C,YAT2B,MAAM,KAAK,qBAAqB,iBAAoC,cAAc;KAC3G,QAAQ,YAAY;KACpB,KAAK,KAAK,4BAA4B,wBAAwB,mBAAmB;KACjF,oBAAoB,mBAAmB;KACvC,cAAc;KACd;KACA;KACD,CAAC,EAEwB;;AAE5B,OAAI,qBAAqB,gBAAgB,YAAY,OAAO;AAC1D,QAAI,KAAK,sCAAsC,sBAAsB,uBAAuB,EAAE;AAE5F,4BAAuB,iBAAiB,uBAAuB,eAAe,KAAK,gBAAgB;MACjG,GAAG;MACH,QAAQ;MACT,EAAE;AAUH,YAAO;MACL,IAPmB,MAHiB,aAAa,kBAAkB,QACnE,oCACD,CACwD,mBAAmB,cAAc;OACxF;OACA;OACA,2BAA2B,qBAAqB,sBAAsB,KAAK,OAAO,GAAG,WAAW;OAChG;OACD,CAAC,EAEgB,QAAQ;MACxB,yBAAyB;MAC1B;;AAGH,QAAI,CAAC,qBAAqB,WACxB,OAAM,IAAI,6BAA6B,gEAAgE;IAGzG,MAAM,qBAAqB,MAAM,KAAK,kCACpC,cACA,qBAAqB,WAAW,GACjC;IAED,MAAM,kBAAkB,gBAAgB,SAAS,mBAAmB,gBAAgB;AACpF,oBAAgB,SAAS,mBAAmB;AAe5C,YAb2B,MAAM,KAAK,qBAAqB,iBAAiB,cAAc;KACxF,QAAQ,YAAY;KAIpB,WAAW,KAAK,qBAAqB,cAAc,wBAAwB,mBAAmB;KAC9F,cAAc,IAAI,SAAS,2BAA2B;MAAE;MAAW;MAAQ,CAAC;KAC5E,oBAAoB,mBAAmB;KACvC,cAAc;KACd;KACA;KACD,CAAC,EAEwB;;AAE5B,OAAI,qBAAqB,gBAAgB,YAAY,SAAS;IAC5D,MAAM,aAAa;AAInB,QAAI,CAAC,OACH,OAAM,IAAI,WAAW,oFAAoF;AAiB3G,WAbgB,MADG,KAAK,cAAc,aAAa,CAClB,QAAQ;KACvC,gBAAgB,WAAW;KAE3B,mBAAmB;KACnB,kBAAkB;MAChB,UAAU;MACV,OAAO;MAEP,UAAU,KAAK,MAAM,KAAK,KAAK,GAAG,IAAK;MACxC;KACD,mBAAmB,qBAAqB,sBAAsB,GAAG;KAClE,CAAC;;AAIJ,SAAM,IAAI,6BACR,kFACD;;;CAIL,MAAc,kCAAkC,cAA4B,WAAmB;EAC7F,MAAM,UAAU,aAAa,kBAAkB,QAAQ,QAAQ;AAE/D,MAAI,CAAC,UAAU,WAAW,OAAO,CAC/B,OAAM,IAAI,6BACR,oDAAoD,UAAU,qBAC/D;EAGH,MAAM,cAAc,MAAM,QAAQ,mBAAmB,UAAU;AAE/D,MAAI,CAAC,YAAY,kBAAkB,YAAY,eAAe,WAAW,EACvE,OAAM,IAAI,6BACR,uDAAuD,UAAU,kBAClE;EAKH,IAAI,CAAC,sBAAsB,YAAY;AACvC,MAAI,OAAO,uBAAuB,SAChC,sBAAqB,YAAY,eAAe,oBAAoB,CAAC,iBAAiB,CAAC;AAGzF,SAAO;;;;;;CAOT,MAAc,yCACZ,cACA,wBACkE;EAClE,MAAM,0BAA0B,aAAa,kBAAkB,QAAQ,wBAAwB;EAC/F,MAAMC,WAA8C,EAAE;EACtD,MAAMC,eAA4C,EAAE;EACpD,MAAMC,YAAsC,EAAE;EAE9C,MAAM,gCAAgC,IAAI,2BAA2B,uBAAuB;AAE5F,MAAI,CAAC,8BAA8B,QACjC,OAAM,IAAI,6BACR,0FACA,8BAA8B,QAAQ,EAAE,oBAAoB,CAAC,8BAA8B,MAAM,EAAE,GAAG,EAAE,CACzG;AAKH,MAAI,8BAA8B,YAAY,UAAU,IAAI;GAC1D,MAAM,KAAK;AAGX,QAAK,MAAM,mBAAmB,GAAG,kBAC/B,MAAK,MAAM,UAAU,gBAAgB,QAAQ;AAC3C,iBAAa,KAAK,EAChB,KAAK,OAAO,KACb,CAAC;AACF,aAAS,KAAK,EACZ,KAAK;KAAC,EAAE,eAAe,CAAC,OAAO,IAAI,EAAE;KAAE,EAAE,UAAU,CAAC,OAAO,IAAI,EAAE;KAAE,EAAE,OAAO,CAAC,OAAO,IAAI,EAAE;KAAC,EAC5F,CAAC;AACF,cAAU,KAAK,EACb,SAAS,gBAAgB,IAC1B,CAAC;;aAGG,8BAA8B,YAAY,UAAU,IAAI,OAKjE,OAAM,IAAI,6BACR,+CAA+C,8BAA8B,UAC9E;EAGH,MAAMC,aAAsE,EAAE;EAI9E,MAAM,uBACJ,SAAS,SAAS,IACd,MAAM,wBAAwB,YAAY,cAAc,EAAE,KAAK,UAAU,CAAC,GAC1E,MAAM,wBAAwB,OAAO,aAAa;AACxD,aAAW,KAAK,GAAG,qBAAqB;EAExC,MAAM,aAAa,KAAK,cAAc,aAAa;EACnD,MAAM,iBACJ,aAAa,SAAS,IAAI,MAAM,WAAW,eAAe,EAAE,KAAK,cAAc,CAAC,GAAG,MAAM,WAAW,QAAQ;AAC9G,aAAW,KAAK,GAAG,eAAe;EAElC,MAAM,UAAU,KAAK,WAAW,aAAa;EAC7C,MAAM,cAAc,UAAU,SAAS,IAAI,MAAM,QAAQ,eAAe,EAAE,KAAK,WAAW,CAAC,GAAG,MAAM,QAAQ,QAAQ;AACpH,aAAW,KAAK,GAAG,YAAY;AAE/B,SAAO;;CAGT,AAAQ,cAAc,cAA4B;AAChD,SAAO,aAAa,kBAAkB,QAAQ,WAAW;;CAG3D,AAAQ,WAAW,cAA4B;AAC7C,SAAO,aAAa,kBAAkB,QAAQ,QAAQ;;;6CA7oBzD,YAAY"}

package/build/modules/dif-presentation-exchange/models/DifPexCredentialsForRequest.d.mts CHANGED Viewed

@@ -1,9 +1,9 @@
+import { JsonObject } from "../../../types.mjs";
 import { ClaimFormat } from "../../vc/models/ClaimFormat.mjs";
-import { MdocNameSpaces } from "../../mdoc/MdocOptions.mjs";
 import { SdJwtVcRecord } from "../../sd-jwt-vc/repository/SdJwtVcRecord.mjs";
-import { W3cCredentialRecord } from "../../vc/repository/W3cCredentialRecord.mjs";
+import { MdocNameSpaces } from "../../mdoc/MdocOptions.mjs";
 import { MdocRecord } from "../../mdoc/repository/MdocRecord.mjs";
-import { JsonObject } from "../../../types.mjs";
+import { W3cCredentialRecord } from "../../vc/repository/W3cCredentialRecord.mjs";
 //#region src/modules/dif-presentation-exchange/models/DifPexCredentialsForRequest.d.ts
 interface DifPexCredentialsForRequest {

package/build/modules/dif-presentation-exchange/models/DifPexCredentialsForRequest.d.ts CHANGED Viewed

@@ -1,9 +1,9 @@
+import { JsonObject } from "../../../types.js";
 import { ClaimFormat } from "../../vc/models/ClaimFormat.js";
-import { MdocNameSpaces } from "../../mdoc/MdocOptions.js";
 import { SdJwtVcRecord } from "../../sd-jwt-vc/repository/SdJwtVcRecord.js";
-import { W3cCredentialRecord } from "../../vc/repository/W3cCredentialRecord.js";
+import { MdocNameSpaces } from "../../mdoc/MdocOptions.js";
 import { MdocRecord } from "../../mdoc/repository/MdocRecord.js";
-import { JsonObject } from "../../../types.js";
+import { W3cCredentialRecord } from "../../vc/repository/W3cCredentialRecord.js";
 //#region src/modules/dif-presentation-exchange/models/DifPexCredentialsForRequest.d.ts
 interface DifPexCredentialsForRequest {

package/build/modules/dif-presentation-exchange/models/index.d.mts CHANGED Viewed

@@ -1,11 +1,11 @@
-import { W3cVerifiableCredential } from "../../vc/models/credential/W3cVerifiableCredential.mjs";
-import { Mdoc } from "../../mdoc/Mdoc.mjs";
 import { SdJwtVc } from "../../sd-jwt-vc/SdJwtVcService.mjs";
+import { MdocDeviceResponse } from "../../mdoc/MdocDeviceResponse.mjs";
+import { DifPexCredentialsForRequest, DifPexCredentialsForRequestRequirement, DifPexCredentialsForRequestSubmissionEntry, DifPexInputDescriptorToCredentials, SubmissionEntryCredential } from "./DifPexCredentialsForRequest.mjs";
 import { W3cV2VerifiableCredential } from "../../vc/models/credential/W3cV2VerifiableCredential.mjs";
+import { W3cVerifiableCredential } from "../../vc/models/credential/W3cVerifiableCredential.mjs";
 import { W3cVerifiablePresentation } from "../../vc/models/presentation/W3cVerifiablePresentation.mjs";
 import { W3cV2VerifiablePresentation } from "../../vc/models/presentation/W3cV2VerifiablePresentation.mjs";
-import { MdocDeviceResponse } from "../../mdoc/MdocDeviceResponse.mjs";
-import { DifPexCredentialsForRequest, DifPexCredentialsForRequestRequirement, DifPexCredentialsForRequestSubmissionEntry, DifPexInputDescriptorToCredentials, SubmissionEntryCredential } from "./DifPexCredentialsForRequest.mjs";
+import { Mdoc } from "../../mdoc/Mdoc.mjs";
 import { PresentationSubmissionLocation } from "@animo-id/pex";
 import { PresentationDefinitionV1, PresentationDefinitionV2, PresentationSubmission } from "@sphereon/pex-models";

package/build/modules/dif-presentation-exchange/models/index.d.ts CHANGED Viewed

@@ -1,11 +1,11 @@
-import { W3cVerifiableCredential } from "../../vc/models/credential/W3cVerifiableCredential.js";
-import { Mdoc } from "../../mdoc/Mdoc.js";
 import { SdJwtVc } from "../../sd-jwt-vc/SdJwtVcService.js";
+import { MdocDeviceResponse } from "../../mdoc/MdocDeviceResponse.js";
+import { DifPexCredentialsForRequest, DifPexCredentialsForRequestRequirement, DifPexCredentialsForRequestSubmissionEntry, DifPexInputDescriptorToCredentials, SubmissionEntryCredential } from "./DifPexCredentialsForRequest.js";
 import { W3cV2VerifiableCredential } from "../../vc/models/credential/W3cV2VerifiableCredential.js";
+import { W3cVerifiableCredential } from "../../vc/models/credential/W3cVerifiableCredential.js";
 import { W3cVerifiablePresentation } from "../../vc/models/presentation/W3cVerifiablePresentation.js";
 import { W3cV2VerifiablePresentation } from "../../vc/models/presentation/W3cV2VerifiablePresentation.js";
-import { MdocDeviceResponse } from "../../mdoc/MdocDeviceResponse.js";
-import { DifPexCredentialsForRequest, DifPexCredentialsForRequestRequirement, DifPexCredentialsForRequestSubmissionEntry, DifPexInputDescriptorToCredentials, SubmissionEntryCredential } from "./DifPexCredentialsForRequest.js";
+import { Mdoc } from "../../mdoc/Mdoc.js";
 import { PresentationDefinitionV1, PresentationDefinitionV2, PresentationSubmission } from "@sphereon/pex-models";
 import { PresentationSubmissionLocation } from "@animo-id/pex";

package/build/modules/dif-presentation-exchange/utils/credentialSelection.mjs.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"credentialSelection.mjs","names":["selectResults: CredentialRecordSelectResults","presentationSubmission: DifPexCredentialsForRequest","submissionRequirements: Array<DifPexCredentialsForRequestRequirement>","match","selectedSubmission: DifPexCredentialsForRequestRequirement","satisfiedSubmissions: Array<DifPexCredentialsForRequestSubmissionEntry>","unsatisfiedSubmissions: Array<DifPexCredentialsForRequestSubmissionEntry>","submissionEntry: DifPexCredentialsForRequestSubmissionEntry","verifiableCredentials: SubmissionEntryCredential[]"],"sources":["../../../../src/modules/dif-presentation-exchange/utils/credentialSelection.ts"],"sourcesContent":["import {\n type IPresentationDefinition,\n type PEX,\n type SelectResults,\n Status,\n type SubmissionRequirementMatch,\n} from '@animo-id/pex'\nimport type {\n SubmissionRequirementMatchFrom,\n SubmissionRequirementMatchInputDescriptor,\n} from '@animo-id/pex/dist/main/lib/evaluation/core'\nimport type { InputDescriptorV1, InputDescriptorV2, SubmissionRequirement } from '@sphereon/pex-models'\nimport type {\n DifPexCredentialsForRequest,\n DifPexCredentialsForRequestRequirement,\n DifPexCredentialsForRequestSubmissionEntry,\n SubmissionEntryCredential,\n} from '../models'\n\nimport { SubmissionRequirementMatchType } from '@animo-id/pex/dist/main/lib/evaluation/core/index.js'\nimport { JSONPath } from '@astronautlabs/jsonpath'\nimport { decodeSdJwtSync, getClaimsSync } from '@sd-jwt/decode'\nimport { Rules } from '@sphereon/pex-models'\n\nimport { Hasher } from '../../../crypto'\nimport { CredoError } from '../../../error'\nimport { MdocRecord } from '../../mdoc'\nimport { Mdoc } from '../../mdoc/Mdoc'\nimport { MdocDeviceResponse } from '../../mdoc/MdocDeviceResponse'\nimport { SdJwtVcRecord } from '../../sd-jwt-vc'\nimport { ClaimFormat, W3cCredentialRecord } from '../../vc'\nimport { DifPresentationExchangeError } from '../DifPresentationExchangeError'\n\nimport type { JsonObject } from '../../../types'\nimport { getSphereonOriginalVerifiableCredential } from './transform'\n\nexport async function getCredentialsForRequest(\n // PEX instance with hasher defined\n pex: PEX,\n presentationDefinition: IPresentationDefinition,\n credentialRecords: Array<W3cCredentialRecord \| SdJwtVcRecord \| MdocRecord>\n): Promise<DifPexCredentialsForRequest> {\n const encodedCredentials = credentialRecords.map(getSphereonOriginalVerifiableCredential)\n const selectResultsRaw = pex.selectFrom(presentationDefinition, encodedCredentials)\n\n const selectResults: CredentialRecordSelectResults = {\n ...selectResultsRaw,\n matches: selectResultsRaw.matches ?? [],\n // Map the encoded credential to their respective credential record\n verifiableCredential:\n selectResultsRaw.verifiableCredential?.map((selectedEncoded, index): SubmissionEntryCredential => {\n const credentialRecordIndex = selectResultsRaw.vcIndexes?.[index]\n if (credentialRecordIndex === undefined \|\| credentialRecordIndex === -1) {\n throw new DifPresentationExchangeError('Unable to find credential in credential records.')\n }\n const credentialRecord = credentialRecords[credentialRecordIndex]\n if (credentialRecord instanceof SdJwtVcRecord) {\n // selectedEncoded always string when SdJwtVcRecord\n // Get the decoded payload from the the selected credential, this already has SD applied\n const { jwt, disclosures } = decodeSdJwtSync(selectedEncoded as string, Hasher.hash)\n const prettyClaims = getClaimsSync(jwt.payload, disclosures, Hasher.hash)\n\n return {\n claimFormat: ClaimFormat.SdJwtDc,\n credentialRecord,\n disclosedPayload: prettyClaims as JsonObject,\n }\n }\n if (credentialRecord instanceof MdocRecord) {\n return {\n claimFormat: ClaimFormat.MsoMdoc,\n credentialRecord,\n disclosedPayload: {},\n }\n }\n if (credentialRecord instanceof W3cCredentialRecord) {\n return {\n claimFormat: credentialRecord.credential.claimFormat,\n credentialRecord,\n }\n }\n throw new CredoError('Unrecognized credential record type')\n }) ?? [],\n }\n\n const presentationSubmission: DifPexCredentialsForRequest = {\n requirements: [],\n areRequirementsSatisfied: false,\n name: presentationDefinition.name,\n purpose: presentationDefinition.purpose,\n }\n\n // If there's no submission requirements, ALL input descriptors MUST be satisfied\n if (!presentationDefinition.submission_requirements \|\| presentationDefinition.submission_requirements.length === 0) {\n presentationSubmission.requirements = getSubmissionRequirementsForAllInputDescriptors(\n presentationDefinition.input_descriptors,\n selectResults\n )\n } else {\n presentationSubmission.requirements = getSubmissionRequirements(presentationDefinition, selectResults)\n }\n\n const allEntries = presentationSubmission.requirements.flatMap((requirement) => requirement.submissionEntry)\n\n const inputDescriptorsForMdocCredential = new Map<SubmissionEntryCredential, Set<string>>()\n for (const entry of allEntries)\n for (const verifiableCredential of entry.verifiableCredentials) {\n if (verifiableCredential.claimFormat !== ClaimFormat.MsoMdoc) continue\n\n const set = inputDescriptorsForMdocCredential.get(verifiableCredential) ?? new Set()\n set.add(entry.inputDescriptorId)\n inputDescriptorsForMdocCredential.set(verifiableCredential, set)\n }\n\n // NOTE: it might be better to apply disclosure per credential/match (as that's also how mdoc does this)\n // however this doesn't work very well in wallets, as you usually won't show the same credential twice with\n // different disclosed attributes\n // Apply limit disclosure for all mdocs\n for (const [verifiableCredential, inputDescriptorIds] of inputDescriptorsForMdocCredential.entries()) {\n if (verifiableCredential.claimFormat !== ClaimFormat.MsoMdoc) continue\n\n const inputDescriptorsForCredential = presentationDefinition.input_descriptors.filter(({ id }) =>\n inputDescriptorIds.has(id)\n )\n\n const mdoc = Mdoc.fromBase64Url(verifiableCredential.credentialRecord.base64Url)\n verifiableCredential.disclosedPayload = MdocDeviceResponse.limitDisclosureToInputDescriptor({\n inputDescriptor: {\n id: mdoc.docType,\n format: {\n mso_mdoc: {\n alg: [],\n },\n },\n constraints: {\n limit_disclosure: 'required',\n fields: inputDescriptorsForCredential.flatMap((i) => i.constraints?.fields ?? []),\n },\n },\n mdoc: Mdoc.fromBase64Url(verifiableCredential.credentialRecord.base64Url),\n })\n }\n\n // There may be no requirements if we filter out all optional ones. To not makes things too complicated, we see it as an error\n // for now if a request is made that has no required requirements (but only e.g. min: 0, which means we don't need to disclose anything)\n // I see this more as the fault of the presentation definition, as it should have at least some requirements.\n if (presentationSubmission.requirements.length === 0) {\n throw new DifPresentationExchangeError(\n 'Presentation Definition does not require any credentials. Optional credentials are not included in the presentation submission.'\n )\n }\n\n if (selectResults.areRequiredCredentialsPresent === Status.ERROR) {\n return presentationSubmission\n }\n\n return {\n ...presentationSubmission,\n\n // If all requirements are satisfied, the presentation submission is satisfied\n areRequirementsSatisfied: presentationSubmission.requirements.every(\n (requirement) => requirement.isRequirementSatisfied\n ),\n }\n}\n\nfunction getSubmissionRequirements(\n presentationDefinition: IPresentationDefinition,\n selectResults: CredentialRecordSelectResults\n): Array<DifPexCredentialsForRequestRequirement> {\n const submissionRequirements: Array<DifPexCredentialsForRequestRequirement> = []\n\n const matches = selectResults.matches as SubmissionRequirementMatchFrom[]\n if (!matches.every((match) => match.type === SubmissionRequirementMatchType.SubmissionRequirement && match.from)) {\n throw new DifPresentationExchangeError(\n `Expected all matches to be of type '${SubmissionRequirementMatchType.SubmissionRequirement}' with 'from' key.`\n )\n }\n\n // There are submission requirements, so we need to select the input_descriptors\n // based on the submission requirements\n presentationDefinition.submission_requirements?.forEach((submissionRequirement, submissionRequirementIndex) => {\n // Check: if the submissionRequirement uses `from_nested`, as we don't support this yet\n if (submissionRequirement.from_nested) {\n throw new DifPresentationExchangeError(\n \"Presentation definition contains requirement using 'from_nested', which is not supported yet.\"\n )\n }\n\n // Check if there's a 'from'. If not the structure is not as we expect it\n if (!submissionRequirement.from) {\n throw new DifPresentationExchangeError(\"Missing 'from' in submission requirement match\")\n }\n\n const match = matches.find((match) => match.id === submissionRequirementIndex)\n if (!match) {\n throw new Error(`Unable to find a match for submission requirement with index '${submissionRequirementIndex}'`)\n }\n\n if (submissionRequirement.rule === Rules.All) {\n const selectedSubmission = getSubmissionRequirementRuleAll(\n submissionRequirement,\n presentationDefinition,\n selectResults.verifiableCredential,\n match\n )\n submissionRequirements.push(selectedSubmission)\n } else {\n const selectedSubmission = getSubmissionRequirementRulePick(\n submissionRequirement,\n presentationDefinition,\n selectResults.verifiableCredential,\n match\n )\n\n submissionRequirements.push(selectedSubmission)\n }\n })\n\n // Submission may have requirement that doesn't require a credential to be submitted (e.g. min: 0)\n // We use minimization strategy, and thus only disclose the minimum amount of information\n const requirementsWithCredentials = submissionRequirements.filter((requirement) => requirement.needsCount > 0)\n\n return requirementsWithCredentials\n}\n\nfunction getSubmissionRequirementsForAllInputDescriptors(\n inputDescriptors: Array<InputDescriptorV1> \| Array<InputDescriptorV2>,\n selectResults: CredentialRecordSelectResults\n): Array<DifPexCredentialsForRequestRequirement> {\n const submissionRequirements: Array<DifPexCredentialsForRequestRequirement> = []\n\n const matches = selectResults.matches as SubmissionRequirementMatchInputDescriptor[]\n if (!matches.every((match) => match.type === SubmissionRequirementMatchType.InputDescriptor)) {\n throw new DifPresentationExchangeError(\n `Expected all matches to be of type '${SubmissionRequirementMatchType.InputDescriptor}' when.`\n )\n }\n\n for (const inputDescriptor of inputDescriptors) {\n const submission = getSubmissionForInputDescriptor(inputDescriptor, selectResults.verifiableCredential, matches)\n submissionRequirements.push({\n rule: Rules.Pick,\n needsCount: 1, // Every input descriptor is a distinct requirement, so the count is always 1,\n submissionEntry: [submission],\n isRequirementSatisfied: submission.verifiableCredentials.length >= 1,\n })\n }\n\n return submissionRequirements\n}\n\nfunction getSubmissionRequirementRuleAll(\n submissionRequirement: SubmissionRequirement,\n presentationDefinition: IPresentationDefinition,\n verifiableCredentials: SubmissionEntryCredential[],\n match: SubmissionRequirementMatchFrom\n) {\n // Check if there's a 'from'. If not the structure is not as we expect it\n if (!submissionRequirement.from)\n throw new DifPresentationExchangeError(\"Missing 'from' in submission requirement match.\")\n\n const selectedSubmission: DifPexCredentialsForRequestRequirement = {\n rule: Rules.All,\n needsCount: 0,\n name: submissionRequirement.name,\n purpose: submissionRequirement.purpose,\n submissionEntry: [],\n isRequirementSatisfied: false,\n }\n\n for (const inputDescriptor of presentationDefinition.input_descriptors) {\n // We only want to get the submission if the input descriptor belongs to the group\n if (!inputDescriptor.group?.includes(match.from)) continue\n\n const submission = getSubmissionForInputDescriptor(inputDescriptor, verifiableCredentials, match.input_descriptors)\n\n // Rule ALL, so for every input descriptor that matches in this group, we need to add it\n selectedSubmission.needsCount += 1\n selectedSubmission.submissionEntry.push(submission)\n }\n\n return {\n ...selectedSubmission,\n\n // If all submissions have a credential, the requirement is satisfied\n isRequirementSatisfied: selectedSubmission.submissionEntry.every(\n (submission) => submission.verifiableCredentials.length >= 1\n ),\n }\n}\n\nfunction getSubmissionRequirementRulePick(\n submissionRequirement: SubmissionRequirement,\n presentationDefinition: IPresentationDefinition,\n verifiableCredentials: SubmissionEntryCredential[],\n match: SubmissionRequirementMatchFrom\n) {\n // Check if there's a 'from'. If not the structure is not as we expect it\n if (!submissionRequirement.from) {\n throw new DifPresentationExchangeError(\"Missing 'from' in submission requirement match.\")\n }\n\n const selectedSubmission: DifPexCredentialsForRequestRequirement = {\n rule: Rules.Pick,\n needsCount: submissionRequirement.count ?? submissionRequirement.min ?? 1,\n name: submissionRequirement.name,\n purpose: submissionRequirement.purpose,\n // If there's no count, min, or max we assume one credential is required for submission\n // however, the exact behavior is not specified in the spec\n submissionEntry: [],\n isRequirementSatisfied: false,\n }\n\n const satisfiedSubmissions: Array<DifPexCredentialsForRequestSubmissionEntry> = []\n const unsatisfiedSubmissions: Array<DifPexCredentialsForRequestSubmissionEntry> = []\n\n for (const inputDescriptor of presentationDefinition.input_descriptors) {\n // We only want to get the submission if the input descriptor belongs to the group\n if (!inputDescriptor.group?.includes(match.from)) continue\n\n const submission = getSubmissionForInputDescriptor(inputDescriptor, verifiableCredentials, match.input_descriptors)\n\n if (submission.verifiableCredentials.length >= 1) {\n satisfiedSubmissions.push(submission)\n } else {\n unsatisfiedSubmissions.push(submission)\n }\n\n // If we have found enough credentials to satisfy the requirement, we could stop\n // but the user may not want the first x that match, so we continue and return all matches\n // if (satisfiedSubmissions.length === selectedSubmission.needsCount) break\n }\n\n return {\n ...selectedSubmission,\n\n // If there are enough satisfied submissions, the requirement is satisfied\n isRequirementSatisfied: satisfiedSubmissions.length >= selectedSubmission.needsCount,\n\n // if the requirement is satisfied, we only need to return the satisfied submissions\n // however if the requirement is not satisfied, we include all entries so the wallet could\n // render which credentials are missing.\n submissionEntry:\n satisfiedSubmissions.length >= selectedSubmission.needsCount\n ? satisfiedSubmissions\n : [...satisfiedSubmissions, ...unsatisfiedSubmissions],\n }\n}\n\nfunction getSubmissionForInputDescriptor(\n inputDescriptor: InputDescriptorV1 \| InputDescriptorV2,\n verifiableCredentials: SubmissionEntryCredential[],\n matches: SubmissionRequirementMatchInputDescriptor[]\n): DifPexCredentialsForRequestSubmissionEntry {\n const matchesForInputDescriptor = matches.filter((m) => m.id === inputDescriptor.id)\n\n const submissionEntry: DifPexCredentialsForRequestSubmissionEntry = {\n inputDescriptorId: inputDescriptor.id,\n name: inputDescriptor.name,\n purpose: inputDescriptor.purpose,\n verifiableCredentials: matchesForInputDescriptor.flatMap((matchForInputDescriptor) =>\n extractCredentialsFromInputDescriptorMatch(matchForInputDescriptor, verifiableCredentials)\n ),\n }\n\n // return early if no matches.\n if (!matchesForInputDescriptor?.length) return submissionEntry\n\n return submissionEntry\n}\n\nfunction extractCredentialsFromInputDescriptorMatch(\n match: SubmissionRequirementMatchInputDescriptor,\n availableCredentials: SubmissionEntryCredential[]\n) {\n const verifiableCredentials: SubmissionEntryCredential[] = []\n\n for (const vcPath of match.vc_path) {\n const [verifiableCredential] = JSONPath.query(\n { verifiableCredential: availableCredentials },\n vcPath\n ) as SubmissionEntryCredential[]\n verifiableCredentials.push(verifiableCredential)\n }\n\n return verifiableCredentials\n}\n\n/*\n Custom SelectResults that includes the Credo records instead of the encoded verifiable credential\n */\ntype CredentialRecordSelectResults = Omit<SelectResults, 'verifiableCredential'> & {\n verifiableCredential: SubmissionEntryCredential[]\n matches: SubmissionRequirementMatch[]\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAoCA,eAAsB,yBAEpB,KACA,wBACA,mBACsC;CACtC,MAAM,qBAAqB,kBAAkB,IAAI,wCAAwC;CACzF,MAAM,mBAAmB,IAAI,WAAW,wBAAwB,mBAAmB;CAEnF,MAAMA,gBAA+C;EACnD,GAAG;EACH,SAAS,iBAAiB,WAAW,EAAE;EAEvC,sBACE,iBAAiB,sBAAsB,KAAK,iBAAiB,UAAqC;GAChG,MAAM,wBAAwB,iBAAiB,YAAY;AAC3D,OAAI,0BAA0B,UAAa,0BAA0B,GACnE,OAAM,IAAI,6BAA6B,mDAAmD;GAE5F,MAAM,mBAAmB,kBAAkB;AAC3C,OAAI,4BAA4B,eAAe;IAG7C,MAAM,EAAE,KAAK,gBAAgB,gBAAgB,iBAA2B,OAAO,KAAK;IACpF,MAAM,eAAe,cAAc,IAAI,SAAS,aAAa,OAAO,KAAK;AAEzE,WAAO;KACL,aAAa,YAAY;KACzB;KACA,kBAAkB;KACnB;;AAEH,OAAI,4BAA4B,WAC9B,QAAO;IACL,aAAa,YAAY;IACzB;IACA,kBAAkB,EAAE;IACrB;AAEH,OAAI,4BAA4B,oBAC9B,QAAO;IACL,aAAa,iBAAiB,WAAW;IACzC;IACD;AAEH,SAAM,IAAI,WAAW,sCAAsC;IAC3D,IAAI,EAAE;EACX;CAED,MAAMC,yBAAsD;EAC1D,cAAc,EAAE;EAChB,0BAA0B;EAC1B,MAAM,uBAAuB;EAC7B,SAAS,uBAAuB;EACjC;AAGD,KAAI,CAAC,uBAAuB,2BAA2B,uBAAuB,wBAAwB,WAAW,EAC/G,wBAAuB,eAAe,gDACpC,uBAAuB,mBACvB,cACD;KAED,wBAAuB,eAAe,0BAA0B,wBAAwB,cAAc;CAGxG,MAAM,aAAa,uBAAuB,aAAa,SAAS,gBAAgB,YAAY,gBAAgB;CAE5G,MAAM,oDAAoC,IAAI,KAA6C;AAC3F,MAAK,MAAM,SAAS,WAClB,MAAK,MAAM,wBAAwB,MAAM,uBAAuB;AAC9D,MAAI,qBAAqB,gBAAgB,YAAY,QAAS;EAE9D,MAAM,MAAM,kCAAkC,IAAI,qBAAqB,oBAAI,IAAI,KAAK;AACpF,MAAI,IAAI,MAAM,kBAAkB;AAChC,oCAAkC,IAAI,sBAAsB,IAAI;;AAOpE,MAAK,MAAM,CAAC,sBAAsB,uBAAuB,kCAAkC,SAAS,EAAE;AACpG,MAAI,qBAAqB,gBAAgB,YAAY,QAAS;EAE9D,MAAM,gCAAgC,uBAAuB,kBAAkB,QAAQ,EAAE,SACvF,mBAAmB,IAAI,GAAG,CAC3B;EAED,MAAM,OAAO,KAAK,cAAc,qBAAqB,iBAAiB,UAAU;AAChF,uBAAqB,mBAAmB,mBAAmB,iCAAiC;GAC1F,iBAAiB;IACf,IAAI,KAAK;IACT,QAAQ,EACN,UAAU,EACR,KAAK,EAAE,EACR,EACF;IACD,aAAa;KACX,kBAAkB;KAClB,QAAQ,8BAA8B,SAAS,MAAM,EAAE,aAAa,UAAU,EAAE,CAAC;KAClF;IACF;GACD,MAAM,KAAK,cAAc,qBAAqB,iBAAiB,UAAU;GAC1E,CAAC;;AAMJ,KAAI,uBAAuB,aAAa,WAAW,EACjD,OAAM,IAAI,6BACR,kIACD;AAGH,KAAI,cAAc,kCAAkC,OAAO,MACzD,QAAO;AAGT,QAAO;EACL,GAAG;EAGH,0BAA0B,uBAAuB,aAAa,OAC3D,gBAAgB,YAAY,uBAC9B;EACF;;AAGH,SAAS,0BACP,wBACA,eAC+C;CAC/C,MAAMC,yBAAwE,EAAE;CAEhF,MAAM,UAAU,cAAc;AAC9B,KAAI,CAAC,QAAQ,OAAO,UAAU,MAAM,SAAS,+BAA+B,yBAAyB,MAAM,KAAK,CAC9G,OAAM,IAAI,6BACR,uCAAuC,+BAA+B,sBAAsB,oBAC7F;AAKH,wBAAuB,yBAAyB,SAAS,uBAAuB,+BAA+B;AAE7G,MAAI,sBAAsB,YACxB,OAAM,IAAI,6BACR,gGACD;AAIH,MAAI,CAAC,sBAAsB,KACzB,OAAM,IAAI,6BAA6B,iDAAiD;EAG1F,MAAM,QAAQ,QAAQ,MAAM,YAAUC,QAAM,OAAO,2BAA2B;AAC9E,MAAI,CAAC,MACH,OAAM,IAAI,MAAM,iEAAiE,2BAA2B,GAAG;AAGjH,MAAI,sBAAsB,SAAS,MAAM,KAAK;GAC5C,MAAM,qBAAqB,gCACzB,uBACA,wBACA,cAAc,sBACd,MACD;AACD,0BAAuB,KAAK,mBAAmB;SAC1C;GACL,MAAM,qBAAqB,iCACzB,uBACA,wBACA,cAAc,sBACd,MACD;AAED,0BAAuB,KAAK,mBAAmB;;GAEjD;AAMF,QAFoC,uBAAuB,QAAQ,gBAAgB,YAAY,aAAa,EAAE;;AAKhH,SAAS,gDACP,kBACA,eAC+C;CAC/C,MAAMD,yBAAwE,EAAE;CAEhF,MAAM,UAAU,cAAc;AAC9B,KAAI,CAAC,QAAQ,OAAO,UAAU,MAAM,SAAS,+BAA+B,gBAAgB,CAC1F,OAAM,IAAI,6BACR,uCAAuC,+BAA+B,gBAAgB,SACvF;AAGH,MAAK,MAAM,mBAAmB,kBAAkB;EAC9C,MAAM,aAAa,gCAAgC,iBAAiB,cAAc,sBAAsB,QAAQ;AAChH,yBAAuB,KAAK;GAC1B,MAAM,MAAM;GACZ,YAAY;GACZ,iBAAiB,CAAC,WAAW;GAC7B,wBAAwB,WAAW,sBAAsB,UAAU;GACpE,CAAC;;AAGJ,QAAO;;AAGT,SAAS,gCACP,uBACA,wBACA,uBACA,OACA;AAEA,KAAI,CAAC,sBAAsB,KACzB,OAAM,IAAI,6BAA6B,kDAAkD;CAE3F,MAAME,qBAA6D;EACjE,MAAM,MAAM;EACZ,YAAY;EACZ,MAAM,sBAAsB;EAC5B,SAAS,sBAAsB;EAC/B,iBAAiB,EAAE;EACnB,wBAAwB;EACzB;AAED,MAAK,MAAM,mBAAmB,uBAAuB,mBAAmB;AAEtE,MAAI,CAAC,gBAAgB,OAAO,SAAS,MAAM,KAAK,CAAE;EAElD,MAAM,aAAa,gCAAgC,iBAAiB,uBAAuB,MAAM,kBAAkB;AAGnH,qBAAmB,cAAc;AACjC,qBAAmB,gBAAgB,KAAK,WAAW;;AAGrD,QAAO;EACL,GAAG;EAGH,wBAAwB,mBAAmB,gBAAgB,OACxD,eAAe,WAAW,sBAAsB,UAAU,EAC5D;EACF;;AAGH,SAAS,iCACP,uBACA,wBACA,uBACA,OACA;AAEA,KAAI,CAAC,sBAAsB,KACzB,OAAM,IAAI,6BAA6B,kDAAkD;CAG3F,MAAMA,qBAA6D;EACjE,MAAM,MAAM;EACZ,YAAY,sBAAsB,SAAS,sBAAsB,OAAO;EACxE,MAAM,sBAAsB;EAC5B,SAAS,sBAAsB;EAG/B,iBAAiB,EAAE;EACnB,wBAAwB;EACzB;CAED,MAAMC,uBAA0E,EAAE;CAClF,MAAMC,yBAA4E,EAAE;AAEpF,MAAK,MAAM,mBAAmB,uBAAuB,mBAAmB;AAEtE,MAAI,CAAC,gBAAgB,OAAO,SAAS,MAAM,KAAK,CAAE;EAElD,MAAM,aAAa,gCAAgC,iBAAiB,uBAAuB,MAAM,kBAAkB;AAEnH,MAAI,WAAW,sBAAsB,UAAU,EAC7C,sBAAqB,KAAK,WAAW;MAErC,wBAAuB,KAAK,WAAW;;AAQ3C,QAAO;EACL,GAAG;EAGH,wBAAwB,qBAAqB,UAAU,mBAAmB;EAK1E,iBACE,qBAAqB,UAAU,mBAAmB,aAC9C,uBACA,CAAC,GAAG,sBAAsB,GAAG,uBAAuB;EAC3D;;AAGH,SAAS,gCACP,iBACA,uBACA,SAC4C;CAC5C,MAAM,4BAA4B,QAAQ,QAAQ,MAAM,EAAE,OAAO,gBAAgB,GAAG;CAEpF,MAAMC,kBAA8D;EAClE,mBAAmB,gBAAgB;EACnC,MAAM,gBAAgB;EACtB,SAAS,gBAAgB;EACzB,uBAAuB,0BAA0B,SAAS,4BACxD,2CAA2C,yBAAyB,sBAAsB,CAC3F;EACF;AAGD,KAAI,CAAC,2BAA2B,OAAQ,QAAO;AAE/C,QAAO;;AAGT,SAAS,2CACP,OACA,sBACA;CACA,MAAMC,wBAAqD,EAAE;AAE7D,MAAK,MAAM,UAAU,MAAM,SAAS;EAClC,MAAM,CAAC,wBAAwB,SAAS,MACtC,EAAE,sBAAsB,sBAAsB,EAC9C,OACD;AACD,wBAAsB,KAAK,qBAAqB;;AAGlD,QAAO"}
1	+ {"version":3,"file":"credentialSelection.mjs","names":["selectResults: CredentialRecordSelectResults","presentationSubmission: DifPexCredentialsForRequest","submissionRequirements: Array<DifPexCredentialsForRequestRequirement>","match","selectedSubmission: DifPexCredentialsForRequestRequirement","satisfiedSubmissions: Array<DifPexCredentialsForRequestSubmissionEntry>","unsatisfiedSubmissions: Array<DifPexCredentialsForRequestSubmissionEntry>","submissionEntry: DifPexCredentialsForRequestSubmissionEntry","verifiableCredentials: SubmissionEntryCredential[]"],"sources":["../../../../src/modules/dif-presentation-exchange/utils/credentialSelection.ts"],"sourcesContent":["import {\n type IPresentationDefinition,\n type PEX,\n type SelectResults,\n Status,\n type SubmissionRequirementMatch,\n} from '@animo-id/pex'\nimport type {\n SubmissionRequirementMatchFrom,\n SubmissionRequirementMatchInputDescriptor,\n} from '@animo-id/pex/dist/main/lib/evaluation/core'\nimport { SubmissionRequirementMatchType } from '@animo-id/pex/dist/main/lib/evaluation/core/index.js'\nimport { JSONPath } from '@astronautlabs/jsonpath'\nimport { decodeSdJwtSync, getClaimsSync } from '@sd-jwt/decode'\nimport type { InputDescriptorV1, InputDescriptorV2, SubmissionRequirement } from '@sphereon/pex-models'\nimport { Rules } from '@sphereon/pex-models'\nimport { Hasher } from '../../../crypto'\nimport { CredoError } from '../../../error'\nimport type { JsonObject } from '../../../types'\nimport { MdocRecord } from '../../mdoc'\nimport { Mdoc } from '../../mdoc/Mdoc'\nimport { MdocDeviceResponse } from '../../mdoc/MdocDeviceResponse'\nimport { SdJwtVcRecord } from '../../sd-jwt-vc'\nimport { ClaimFormat, W3cCredentialRecord } from '../../vc'\nimport { DifPresentationExchangeError } from '../DifPresentationExchangeError'\nimport type {\n DifPexCredentialsForRequest,\n DifPexCredentialsForRequestRequirement,\n DifPexCredentialsForRequestSubmissionEntry,\n SubmissionEntryCredential,\n} from '../models'\nimport { getSphereonOriginalVerifiableCredential } from './transform'\n\nexport async function getCredentialsForRequest(\n // PEX instance with hasher defined\n pex: PEX,\n presentationDefinition: IPresentationDefinition,\n credentialRecords: Array<W3cCredentialRecord \| SdJwtVcRecord \| MdocRecord>\n): Promise<DifPexCredentialsForRequest> {\n const encodedCredentials = credentialRecords.map(getSphereonOriginalVerifiableCredential)\n const selectResultsRaw = pex.selectFrom(presentationDefinition, encodedCredentials)\n\n const selectResults: CredentialRecordSelectResults = {\n ...selectResultsRaw,\n matches: selectResultsRaw.matches ?? [],\n // Map the encoded credential to their respective credential record\n verifiableCredential:\n selectResultsRaw.verifiableCredential?.map((selectedEncoded, index): SubmissionEntryCredential => {\n const credentialRecordIndex = selectResultsRaw.vcIndexes?.[index]\n if (credentialRecordIndex === undefined \|\| credentialRecordIndex === -1) {\n throw new DifPresentationExchangeError('Unable to find credential in credential records.')\n }\n const credentialRecord = credentialRecords[credentialRecordIndex]\n if (credentialRecord instanceof SdJwtVcRecord) {\n // selectedEncoded always string when SdJwtVcRecord\n // Get the decoded payload from the the selected credential, this already has SD applied\n const { jwt, disclosures } = decodeSdJwtSync(selectedEncoded as string, Hasher.hash)\n const prettyClaims = getClaimsSync(jwt.payload, disclosures, Hasher.hash)\n\n return {\n claimFormat: ClaimFormat.SdJwtDc,\n credentialRecord,\n disclosedPayload: prettyClaims as JsonObject,\n }\n }\n if (credentialRecord instanceof MdocRecord) {\n return {\n claimFormat: ClaimFormat.MsoMdoc,\n credentialRecord,\n disclosedPayload: {},\n }\n }\n if (credentialRecord instanceof W3cCredentialRecord) {\n return {\n claimFormat: credentialRecord.credential.claimFormat,\n credentialRecord,\n }\n }\n throw new CredoError('Unrecognized credential record type')\n }) ?? [],\n }\n\n const presentationSubmission: DifPexCredentialsForRequest = {\n requirements: [],\n areRequirementsSatisfied: false,\n name: presentationDefinition.name,\n purpose: presentationDefinition.purpose,\n }\n\n // If there's no submission requirements, ALL input descriptors MUST be satisfied\n if (!presentationDefinition.submission_requirements \|\| presentationDefinition.submission_requirements.length === 0) {\n presentationSubmission.requirements = getSubmissionRequirementsForAllInputDescriptors(\n presentationDefinition.input_descriptors,\n selectResults\n )\n } else {\n presentationSubmission.requirements = getSubmissionRequirements(presentationDefinition, selectResults)\n }\n\n const allEntries = presentationSubmission.requirements.flatMap((requirement) => requirement.submissionEntry)\n\n const inputDescriptorsForMdocCredential = new Map<SubmissionEntryCredential, Set<string>>()\n for (const entry of allEntries)\n for (const verifiableCredential of entry.verifiableCredentials) {\n if (verifiableCredential.claimFormat !== ClaimFormat.MsoMdoc) continue\n\n const set = inputDescriptorsForMdocCredential.get(verifiableCredential) ?? new Set()\n set.add(entry.inputDescriptorId)\n inputDescriptorsForMdocCredential.set(verifiableCredential, set)\n }\n\n // NOTE: it might be better to apply disclosure per credential/match (as that's also how mdoc does this)\n // however this doesn't work very well in wallets, as you usually won't show the same credential twice with\n // different disclosed attributes\n // Apply limit disclosure for all mdocs\n for (const [verifiableCredential, inputDescriptorIds] of inputDescriptorsForMdocCredential.entries()) {\n if (verifiableCredential.claimFormat !== ClaimFormat.MsoMdoc) continue\n\n const inputDescriptorsForCredential = presentationDefinition.input_descriptors.filter(({ id }) =>\n inputDescriptorIds.has(id)\n )\n\n const mdoc = Mdoc.fromBase64Url(verifiableCredential.credentialRecord.base64Url)\n verifiableCredential.disclosedPayload = MdocDeviceResponse.limitDisclosureToInputDescriptor({\n inputDescriptor: {\n id: mdoc.docType,\n format: {\n mso_mdoc: {\n alg: [],\n },\n },\n constraints: {\n limit_disclosure: 'required',\n fields: inputDescriptorsForCredential.flatMap((i) => i.constraints?.fields ?? []),\n },\n },\n mdoc: Mdoc.fromBase64Url(verifiableCredential.credentialRecord.base64Url),\n })\n }\n\n // There may be no requirements if we filter out all optional ones. To not makes things too complicated, we see it as an error\n // for now if a request is made that has no required requirements (but only e.g. min: 0, which means we don't need to disclose anything)\n // I see this more as the fault of the presentation definition, as it should have at least some requirements.\n if (presentationSubmission.requirements.length === 0) {\n throw new DifPresentationExchangeError(\n 'Presentation Definition does not require any credentials. Optional credentials are not included in the presentation submission.'\n )\n }\n\n if (selectResults.areRequiredCredentialsPresent === Status.ERROR) {\n return presentationSubmission\n }\n\n return {\n ...presentationSubmission,\n\n // If all requirements are satisfied, the presentation submission is satisfied\n areRequirementsSatisfied: presentationSubmission.requirements.every(\n (requirement) => requirement.isRequirementSatisfied\n ),\n }\n}\n\nfunction getSubmissionRequirements(\n presentationDefinition: IPresentationDefinition,\n selectResults: CredentialRecordSelectResults\n): Array<DifPexCredentialsForRequestRequirement> {\n const submissionRequirements: Array<DifPexCredentialsForRequestRequirement> = []\n\n const matches = selectResults.matches as SubmissionRequirementMatchFrom[]\n if (!matches.every((match) => match.type === SubmissionRequirementMatchType.SubmissionRequirement && match.from)) {\n throw new DifPresentationExchangeError(\n `Expected all matches to be of type '${SubmissionRequirementMatchType.SubmissionRequirement}' with 'from' key.`\n )\n }\n\n // There are submission requirements, so we need to select the input_descriptors\n // based on the submission requirements\n presentationDefinition.submission_requirements?.forEach((submissionRequirement, submissionRequirementIndex) => {\n // Check: if the submissionRequirement uses `from_nested`, as we don't support this yet\n if (submissionRequirement.from_nested) {\n throw new DifPresentationExchangeError(\n \"Presentation definition contains requirement using 'from_nested', which is not supported yet.\"\n )\n }\n\n // Check if there's a 'from'. If not the structure is not as we expect it\n if (!submissionRequirement.from) {\n throw new DifPresentationExchangeError(\"Missing 'from' in submission requirement match\")\n }\n\n const match = matches.find((match) => match.id === submissionRequirementIndex)\n if (!match) {\n throw new Error(`Unable to find a match for submission requirement with index '${submissionRequirementIndex}'`)\n }\n\n if (submissionRequirement.rule === Rules.All) {\n const selectedSubmission = getSubmissionRequirementRuleAll(\n submissionRequirement,\n presentationDefinition,\n selectResults.verifiableCredential,\n match\n )\n submissionRequirements.push(selectedSubmission)\n } else {\n const selectedSubmission = getSubmissionRequirementRulePick(\n submissionRequirement,\n presentationDefinition,\n selectResults.verifiableCredential,\n match\n )\n\n submissionRequirements.push(selectedSubmission)\n }\n })\n\n // Submission may have requirement that doesn't require a credential to be submitted (e.g. min: 0)\n // We use minimization strategy, and thus only disclose the minimum amount of information\n const requirementsWithCredentials = submissionRequirements.filter((requirement) => requirement.needsCount > 0)\n\n return requirementsWithCredentials\n}\n\nfunction getSubmissionRequirementsForAllInputDescriptors(\n inputDescriptors: Array<InputDescriptorV1> \| Array<InputDescriptorV2>,\n selectResults: CredentialRecordSelectResults\n): Array<DifPexCredentialsForRequestRequirement> {\n const submissionRequirements: Array<DifPexCredentialsForRequestRequirement> = []\n\n const matches = selectResults.matches as SubmissionRequirementMatchInputDescriptor[]\n if (!matches.every((match) => match.type === SubmissionRequirementMatchType.InputDescriptor)) {\n throw new DifPresentationExchangeError(\n `Expected all matches to be of type '${SubmissionRequirementMatchType.InputDescriptor}' when.`\n )\n }\n\n for (const inputDescriptor of inputDescriptors) {\n const submission = getSubmissionForInputDescriptor(inputDescriptor, selectResults.verifiableCredential, matches)\n submissionRequirements.push({\n rule: Rules.Pick,\n needsCount: 1, // Every input descriptor is a distinct requirement, so the count is always 1,\n submissionEntry: [submission],\n isRequirementSatisfied: submission.verifiableCredentials.length >= 1,\n })\n }\n\n return submissionRequirements\n}\n\nfunction getSubmissionRequirementRuleAll(\n submissionRequirement: SubmissionRequirement,\n presentationDefinition: IPresentationDefinition,\n verifiableCredentials: SubmissionEntryCredential[],\n match: SubmissionRequirementMatchFrom\n) {\n // Check if there's a 'from'. If not the structure is not as we expect it\n if (!submissionRequirement.from)\n throw new DifPresentationExchangeError(\"Missing 'from' in submission requirement match.\")\n\n const selectedSubmission: DifPexCredentialsForRequestRequirement = {\n rule: Rules.All,\n needsCount: 0,\n name: submissionRequirement.name,\n purpose: submissionRequirement.purpose,\n submissionEntry: [],\n isRequirementSatisfied: false,\n }\n\n for (const inputDescriptor of presentationDefinition.input_descriptors) {\n // We only want to get the submission if the input descriptor belongs to the group\n if (!inputDescriptor.group?.includes(match.from)) continue\n\n const submission = getSubmissionForInputDescriptor(inputDescriptor, verifiableCredentials, match.input_descriptors)\n\n // Rule ALL, so for every input descriptor that matches in this group, we need to add it\n selectedSubmission.needsCount += 1\n selectedSubmission.submissionEntry.push(submission)\n }\n\n return {\n ...selectedSubmission,\n\n // If all submissions have a credential, the requirement is satisfied\n isRequirementSatisfied: selectedSubmission.submissionEntry.every(\n (submission) => submission.verifiableCredentials.length >= 1\n ),\n }\n}\n\nfunction getSubmissionRequirementRulePick(\n submissionRequirement: SubmissionRequirement,\n presentationDefinition: IPresentationDefinition,\n verifiableCredentials: SubmissionEntryCredential[],\n match: SubmissionRequirementMatchFrom\n) {\n // Check if there's a 'from'. If not the structure is not as we expect it\n if (!submissionRequirement.from) {\n throw new DifPresentationExchangeError(\"Missing 'from' in submission requirement match.\")\n }\n\n const selectedSubmission: DifPexCredentialsForRequestRequirement = {\n rule: Rules.Pick,\n needsCount: submissionRequirement.count ?? submissionRequirement.min ?? 1,\n name: submissionRequirement.name,\n purpose: submissionRequirement.purpose,\n // If there's no count, min, or max we assume one credential is required for submission\n // however, the exact behavior is not specified in the spec\n submissionEntry: [],\n isRequirementSatisfied: false,\n }\n\n const satisfiedSubmissions: Array<DifPexCredentialsForRequestSubmissionEntry> = []\n const unsatisfiedSubmissions: Array<DifPexCredentialsForRequestSubmissionEntry> = []\n\n for (const inputDescriptor of presentationDefinition.input_descriptors) {\n // We only want to get the submission if the input descriptor belongs to the group\n if (!inputDescriptor.group?.includes(match.from)) continue\n\n const submission = getSubmissionForInputDescriptor(inputDescriptor, verifiableCredentials, match.input_descriptors)\n\n if (submission.verifiableCredentials.length >= 1) {\n satisfiedSubmissions.push(submission)\n } else {\n unsatisfiedSubmissions.push(submission)\n }\n\n // If we have found enough credentials to satisfy the requirement, we could stop\n // but the user may not want the first x that match, so we continue and return all matches\n // if (satisfiedSubmissions.length === selectedSubmission.needsCount) break\n }\n\n return {\n ...selectedSubmission,\n\n // If there are enough satisfied submissions, the requirement is satisfied\n isRequirementSatisfied: satisfiedSubmissions.length >= selectedSubmission.needsCount,\n\n // if the requirement is satisfied, we only need to return the satisfied submissions\n // however if the requirement is not satisfied, we include all entries so the wallet could\n // render which credentials are missing.\n submissionEntry:\n satisfiedSubmissions.length >= selectedSubmission.needsCount\n ? satisfiedSubmissions\n : [...satisfiedSubmissions, ...unsatisfiedSubmissions],\n }\n}\n\nfunction getSubmissionForInputDescriptor(\n inputDescriptor: InputDescriptorV1 \| InputDescriptorV2,\n verifiableCredentials: SubmissionEntryCredential[],\n matches: SubmissionRequirementMatchInputDescriptor[]\n): DifPexCredentialsForRequestSubmissionEntry {\n const matchesForInputDescriptor = matches.filter((m) => m.id === inputDescriptor.id)\n\n const submissionEntry: DifPexCredentialsForRequestSubmissionEntry = {\n inputDescriptorId: inputDescriptor.id,\n name: inputDescriptor.name,\n purpose: inputDescriptor.purpose,\n verifiableCredentials: matchesForInputDescriptor.flatMap((matchForInputDescriptor) =>\n extractCredentialsFromInputDescriptorMatch(matchForInputDescriptor, verifiableCredentials)\n ),\n }\n\n // return early if no matches.\n if (!matchesForInputDescriptor?.length) return submissionEntry\n\n return submissionEntry\n}\n\nfunction extractCredentialsFromInputDescriptorMatch(\n match: SubmissionRequirementMatchInputDescriptor,\n availableCredentials: SubmissionEntryCredential[]\n) {\n const verifiableCredentials: SubmissionEntryCredential[] = []\n\n for (const vcPath of match.vc_path) {\n const [verifiableCredential] = JSONPath.query(\n { verifiableCredential: availableCredentials },\n vcPath\n ) as SubmissionEntryCredential[]\n verifiableCredentials.push(verifiableCredential)\n }\n\n return verifiableCredentials\n}\n\n/*\n Custom SelectResults that includes the Credo records instead of the encoded verifiable credential\n */\ntype CredentialRecordSelectResults = Omit<SelectResults, 'verifiableCredential'> & {\n verifiableCredential: SubmissionEntryCredential[]\n matches: SubmissionRequirementMatch[]\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAiCA,eAAsB,yBAEpB,KACA,wBACA,mBACsC;CACtC,MAAM,qBAAqB,kBAAkB,IAAI,wCAAwC;CACzF,MAAM,mBAAmB,IAAI,WAAW,wBAAwB,mBAAmB;CAEnF,MAAMA,gBAA+C;EACnD,GAAG;EACH,SAAS,iBAAiB,WAAW,EAAE;EAEvC,sBACE,iBAAiB,sBAAsB,KAAK,iBAAiB,UAAqC;GAChG,MAAM,wBAAwB,iBAAiB,YAAY;AAC3D,OAAI,0BAA0B,UAAa,0BAA0B,GACnE,OAAM,IAAI,6BAA6B,mDAAmD;GAE5F,MAAM,mBAAmB,kBAAkB;AAC3C,OAAI,4BAA4B,eAAe;IAG7C,MAAM,EAAE,KAAK,gBAAgB,gBAAgB,iBAA2B,OAAO,KAAK;IACpF,MAAM,eAAe,cAAc,IAAI,SAAS,aAAa,OAAO,KAAK;AAEzE,WAAO;KACL,aAAa,YAAY;KACzB;KACA,kBAAkB;KACnB;;AAEH,OAAI,4BAA4B,WAC9B,QAAO;IACL,aAAa,YAAY;IACzB;IACA,kBAAkB,EAAE;IACrB;AAEH,OAAI,4BAA4B,oBAC9B,QAAO;IACL,aAAa,iBAAiB,WAAW;IACzC;IACD;AAEH,SAAM,IAAI,WAAW,sCAAsC;IAC3D,IAAI,EAAE;EACX;CAED,MAAMC,yBAAsD;EAC1D,cAAc,EAAE;EAChB,0BAA0B;EAC1B,MAAM,uBAAuB;EAC7B,SAAS,uBAAuB;EACjC;AAGD,KAAI,CAAC,uBAAuB,2BAA2B,uBAAuB,wBAAwB,WAAW,EAC/G,wBAAuB,eAAe,gDACpC,uBAAuB,mBACvB,cACD;KAED,wBAAuB,eAAe,0BAA0B,wBAAwB,cAAc;CAGxG,MAAM,aAAa,uBAAuB,aAAa,SAAS,gBAAgB,YAAY,gBAAgB;CAE5G,MAAM,oDAAoC,IAAI,KAA6C;AAC3F,MAAK,MAAM,SAAS,WAClB,MAAK,MAAM,wBAAwB,MAAM,uBAAuB;AAC9D,MAAI,qBAAqB,gBAAgB,YAAY,QAAS;EAE9D,MAAM,MAAM,kCAAkC,IAAI,qBAAqB,oBAAI,IAAI,KAAK;AACpF,MAAI,IAAI,MAAM,kBAAkB;AAChC,oCAAkC,IAAI,sBAAsB,IAAI;;AAOpE,MAAK,MAAM,CAAC,sBAAsB,uBAAuB,kCAAkC,SAAS,EAAE;AACpG,MAAI,qBAAqB,gBAAgB,YAAY,QAAS;EAE9D,MAAM,gCAAgC,uBAAuB,kBAAkB,QAAQ,EAAE,SACvF,mBAAmB,IAAI,GAAG,CAC3B;EAED,MAAM,OAAO,KAAK,cAAc,qBAAqB,iBAAiB,UAAU;AAChF,uBAAqB,mBAAmB,mBAAmB,iCAAiC;GAC1F,iBAAiB;IACf,IAAI,KAAK;IACT,QAAQ,EACN,UAAU,EACR,KAAK,EAAE,EACR,EACF;IACD,aAAa;KACX,kBAAkB;KAClB,QAAQ,8BAA8B,SAAS,MAAM,EAAE,aAAa,UAAU,EAAE,CAAC;KAClF;IACF;GACD,MAAM,KAAK,cAAc,qBAAqB,iBAAiB,UAAU;GAC1E,CAAC;;AAMJ,KAAI,uBAAuB,aAAa,WAAW,EACjD,OAAM,IAAI,6BACR,kIACD;AAGH,KAAI,cAAc,kCAAkC,OAAO,MACzD,QAAO;AAGT,QAAO;EACL,GAAG;EAGH,0BAA0B,uBAAuB,aAAa,OAC3D,gBAAgB,YAAY,uBAC9B;EACF;;AAGH,SAAS,0BACP,wBACA,eAC+C;CAC/C,MAAMC,yBAAwE,EAAE;CAEhF,MAAM,UAAU,cAAc;AAC9B,KAAI,CAAC,QAAQ,OAAO,UAAU,MAAM,SAAS,+BAA+B,yBAAyB,MAAM,KAAK,CAC9G,OAAM,IAAI,6BACR,uCAAuC,+BAA+B,sBAAsB,oBAC7F;AAKH,wBAAuB,yBAAyB,SAAS,uBAAuB,+BAA+B;AAE7G,MAAI,sBAAsB,YACxB,OAAM,IAAI,6BACR,gGACD;AAIH,MAAI,CAAC,sBAAsB,KACzB,OAAM,IAAI,6BAA6B,iDAAiD;EAG1F,MAAM,QAAQ,QAAQ,MAAM,YAAUC,QAAM,OAAO,2BAA2B;AAC9E,MAAI,CAAC,MACH,OAAM,IAAI,MAAM,iEAAiE,2BAA2B,GAAG;AAGjH,MAAI,sBAAsB,SAAS,MAAM,KAAK;GAC5C,MAAM,qBAAqB,gCACzB,uBACA,wBACA,cAAc,sBACd,MACD;AACD,0BAAuB,KAAK,mBAAmB;SAC1C;GACL,MAAM,qBAAqB,iCACzB,uBACA,wBACA,cAAc,sBACd,MACD;AAED,0BAAuB,KAAK,mBAAmB;;GAEjD;AAMF,QAFoC,uBAAuB,QAAQ,gBAAgB,YAAY,aAAa,EAAE;;AAKhH,SAAS,gDACP,kBACA,eAC+C;CAC/C,MAAMD,yBAAwE,EAAE;CAEhF,MAAM,UAAU,cAAc;AAC9B,KAAI,CAAC,QAAQ,OAAO,UAAU,MAAM,SAAS,+BAA+B,gBAAgB,CAC1F,OAAM,IAAI,6BACR,uCAAuC,+BAA+B,gBAAgB,SACvF;AAGH,MAAK,MAAM,mBAAmB,kBAAkB;EAC9C,MAAM,aAAa,gCAAgC,iBAAiB,cAAc,sBAAsB,QAAQ;AAChH,yBAAuB,KAAK;GAC1B,MAAM,MAAM;GACZ,YAAY;GACZ,iBAAiB,CAAC,WAAW;GAC7B,wBAAwB,WAAW,sBAAsB,UAAU;GACpE,CAAC;;AAGJ,QAAO;;AAGT,SAAS,gCACP,uBACA,wBACA,uBACA,OACA;AAEA,KAAI,CAAC,sBAAsB,KACzB,OAAM,IAAI,6BAA6B,kDAAkD;CAE3F,MAAME,qBAA6D;EACjE,MAAM,MAAM;EACZ,YAAY;EACZ,MAAM,sBAAsB;EAC5B,SAAS,sBAAsB;EAC/B,iBAAiB,EAAE;EACnB,wBAAwB;EACzB;AAED,MAAK,MAAM,mBAAmB,uBAAuB,mBAAmB;AAEtE,MAAI,CAAC,gBAAgB,OAAO,SAAS,MAAM,KAAK,CAAE;EAElD,MAAM,aAAa,gCAAgC,iBAAiB,uBAAuB,MAAM,kBAAkB;AAGnH,qBAAmB,cAAc;AACjC,qBAAmB,gBAAgB,KAAK,WAAW;;AAGrD,QAAO;EACL,GAAG;EAGH,wBAAwB,mBAAmB,gBAAgB,OACxD,eAAe,WAAW,sBAAsB,UAAU,EAC5D;EACF;;AAGH,SAAS,iCACP,uBACA,wBACA,uBACA,OACA;AAEA,KAAI,CAAC,sBAAsB,KACzB,OAAM,IAAI,6BAA6B,kDAAkD;CAG3F,MAAMA,qBAA6D;EACjE,MAAM,MAAM;EACZ,YAAY,sBAAsB,SAAS,sBAAsB,OAAO;EACxE,MAAM,sBAAsB;EAC5B,SAAS,sBAAsB;EAG/B,iBAAiB,EAAE;EACnB,wBAAwB;EACzB;CAED,MAAMC,uBAA0E,EAAE;CAClF,MAAMC,yBAA4E,EAAE;AAEpF,MAAK,MAAM,mBAAmB,uBAAuB,mBAAmB;AAEtE,MAAI,CAAC,gBAAgB,OAAO,SAAS,MAAM,KAAK,CAAE;EAElD,MAAM,aAAa,gCAAgC,iBAAiB,uBAAuB,MAAM,kBAAkB;AAEnH,MAAI,WAAW,sBAAsB,UAAU,EAC7C,sBAAqB,KAAK,WAAW;MAErC,wBAAuB,KAAK,WAAW;;AAQ3C,QAAO;EACL,GAAG;EAGH,wBAAwB,qBAAqB,UAAU,mBAAmB;EAK1E,iBACE,qBAAqB,UAAU,mBAAmB,aAC9C,uBACA,CAAC,GAAG,sBAAsB,GAAG,uBAAuB;EAC3D;;AAGH,SAAS,gCACP,iBACA,uBACA,SAC4C;CAC5C,MAAM,4BAA4B,QAAQ,QAAQ,MAAM,EAAE,OAAO,gBAAgB,GAAG;CAEpF,MAAMC,kBAA8D;EAClE,mBAAmB,gBAAgB;EACnC,MAAM,gBAAgB;EACtB,SAAS,gBAAgB;EACzB,uBAAuB,0BAA0B,SAAS,4BACxD,2CAA2C,yBAAyB,sBAAsB,CAC3F;EACF;AAGD,KAAI,CAAC,2BAA2B,OAAQ,QAAO;AAE/C,QAAO;;AAGT,SAAS,2CACP,OACA,sBACA;CACA,MAAMC,wBAAqD,EAAE;AAE7D,MAAK,MAAM,UAAU,MAAM,SAAS;EAClC,MAAM,CAAC,wBAAwB,SAAS,MACtC,EAAE,sBAAsB,sBAAsB,EAC9C,OACD;AACD,wBAAsB,KAAK,qBAAqB;;AAGlD,QAAO"}

package/build/modules/dif-presentation-exchange/utils/index.js CHANGED Viewed

@@ -2,5 +2,5 @@
 const require_transform = require('./transform.js');
 const require_credentialSelection = require('./credentialSelection.js');
-const require_presentationsToCreate = require('./presentationsToCreate.js');
 const require_presentationSelection = require('./presentationSelection.js');
+const require_presentationsToCreate = require('./presentationsToCreate.js');

package/build/modules/dif-presentation-exchange/utils/index.mjs CHANGED Viewed

@@ -2,5 +2,5 @@
 import { getSphereonOriginalVerifiableCredential, getSphereonOriginalVerifiablePresentation, getVerifiablePresentationFromEncoded } from "./transform.mjs";
 import { getCredentialsForRequest } from "./credentialSelection.mjs";
-import { getPresentationsToCreate } from "./presentationsToCreate.mjs";
 import { extractPresentationsWithDescriptorsFromSubmission } from "./presentationSelection.mjs";
+import { getPresentationsToCreate } from "./presentationsToCreate.mjs";

package/build/modules/dif-presentation-exchange/utils/presentationSelection.d.mts CHANGED Viewed

@@ -1,14 +1,14 @@
+import { SingleOrArray } from "../../../types.mjs";
 import { ClaimFormat } from "../../vc/models/ClaimFormat.mjs";
 import { W3cJsonLdVerifiableCredential } from "../../vc/data-integrity/models/W3cJsonLdVerifiableCredential.mjs";
-import { W3cJwtVerifiableCredential } from "../../vc/jwt-vc/W3cJwtVerifiableCredential.mjs";
-import { W3cJwtVerifiablePresentation } from "../../vc/jwt-vc/W3cJwtVerifiablePresentation.mjs";
-import { Mdoc } from "../../mdoc/Mdoc.mjs";
 import { SdJwtVcHeader, SdJwtVcPayload } from "../../sd-jwt-vc/SdJwtVcOptions.mjs";
 import { SdJwtVc } from "../../sd-jwt-vc/SdJwtVcService.mjs";
-import { W3cJsonLdVerifiablePresentation } from "../../vc/data-integrity/models/W3cJsonLdVerifiablePresentation.mjs";
 import { MdocDeviceResponse } from "../../mdoc/MdocDeviceResponse.mjs";
+import { W3cJwtVerifiableCredential } from "../../vc/jwt-vc/W3cJwtVerifiableCredential.mjs";
+import { W3cJwtVerifiablePresentation } from "../../vc/jwt-vc/W3cJwtVerifiablePresentation.mjs";
 import { DifPresentationExchangeDefinition, DifPresentationExchangeSubmission, VerifiablePresentation } from "../models/index.mjs";
-import { SingleOrArray } from "../../../types.mjs";
+import { W3cJsonLdVerifiablePresentation } from "../../vc/data-integrity/models/W3cJsonLdVerifiablePresentation.mjs";
+import { Mdoc } from "../../mdoc/Mdoc.mjs";
 import * as _sphereon_pex_models20 from "@sphereon/pex-models";
 //#region src/modules/dif-presentation-exchange/utils/presentationSelection.d.ts

package/build/modules/dif-presentation-exchange/utils/presentationSelection.d.mts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"presentationSelection.d.mts","names":[],"sources":["../../../../src/modules/dif-presentation-exchange/utils/presentationSelection.ts"],"sourcesContent":[],"mappings":";;;;;;;;;;;;;;~~KAoBY~~,gCAAA,GAAmC,kBACtC;iBAEO,iDAAA,gBACC,cAAc,qCACjB,+CACA;;;;;;;;;;EANF,SAAA,UAAA,4BAAgC,gCAAA;EAAA,SAAA,eAAA,qFAAA;;WAAG,WAAA,qBAAA;EAAU,SAAA,UAAA,mCAAA;EAGzC,SAAA,YAAA,SAAiD,+BAAA;EAAA,SAAA,UAAA,SAAA,+BAAA;WAClC,eAAA,qFAAA"}
1	+ {"version":3,"file":"presentationSelection.d.mts","names":[],"sources":["../../../../src/modules/dif-presentation-exchange/utils/presentationSelection.ts"],"sourcesContent":[],"mappings":";;;;;;;;;;;;;;KAkBY,gCAAA,GAAmC,kBACtC;iBAEO,iDAAA,gBACC,cAAc,qCACjB,+CACA;;;;;;;;;;EANF,SAAA,UAAA,4BAAgC,gCAAA;EAAA,SAAA,eAAA,qFAAA;;WAAG,WAAA,qBAAA;EAAU,SAAA,UAAA,mCAAA;EAGzC,SAAA,YAAA,SAAiD,+BAAA;EAAA,SAAA,UAAA,SAAA,+BAAA;WAClC,eAAA,qFAAA"}

package/build/modules/dif-presentation-exchange/utils/presentationSelection.d.ts CHANGED Viewed

@@ -1,14 +1,14 @@
+import { SingleOrArray } from "../../../types.js";
 import { ClaimFormat } from "../../vc/models/ClaimFormat.js";
 import { W3cJsonLdVerifiableCredential } from "../../vc/data-integrity/models/W3cJsonLdVerifiableCredential.js";
-import { W3cJwtVerifiableCredential } from "../../vc/jwt-vc/W3cJwtVerifiableCredential.js";
-import { W3cJwtVerifiablePresentation } from "../../vc/jwt-vc/W3cJwtVerifiablePresentation.js";
-import { Mdoc } from "../../mdoc/Mdoc.js";
 import { SdJwtVcHeader, SdJwtVcPayload } from "../../sd-jwt-vc/SdJwtVcOptions.js";
 import { SdJwtVc } from "../../sd-jwt-vc/SdJwtVcService.js";
-import { W3cJsonLdVerifiablePresentation } from "../../vc/data-integrity/models/W3cJsonLdVerifiablePresentation.js";
 import { MdocDeviceResponse } from "../../mdoc/MdocDeviceResponse.js";
+import { W3cJwtVerifiableCredential } from "../../vc/jwt-vc/W3cJwtVerifiableCredential.js";
+import { W3cJwtVerifiablePresentation } from "../../vc/jwt-vc/W3cJwtVerifiablePresentation.js";
 import { DifPresentationExchangeDefinition, DifPresentationExchangeSubmission, VerifiablePresentation } from "../models/index.js";
-import { SingleOrArray } from "../../../types.js";
+import { W3cJsonLdVerifiablePresentation } from "../../vc/data-integrity/models/W3cJsonLdVerifiablePresentation.js";
+import { Mdoc } from "../../mdoc/Mdoc.js";
 import * as _sphereon_pex_models20 from "@sphereon/pex-models";
 //#region src/modules/dif-presentation-exchange/utils/presentationSelection.d.ts

package/build/modules/dif-presentation-exchange/utils/presentationSelection.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"presentationSelection.d.ts","names":[],"sources":["../../../../src/modules/dif-presentation-exchange/utils/presentationSelection.ts"],"sourcesContent":[],"mappings":";;;;;;;;;;;;;;~~KAoBY~~,gCAAA,GAAmC,kBACtC;iBAEO,iDAAA,gBACC,cAAc,qCACjB,+CACA;;;;;;;;EANF,SAAA,UAAA,mCAAgC;EAAA,SAAA,YAAA,8BAAA,kCAAA;WACnC,UAAA,4BAAA,gCAAA;WADsC,eAAA,qFAAA;CAAU,GAAA;EAGzC,SAAA,WAAA,qBAAA;EAAiD,SAAA,UAAA,mCAAA;WAClC,YAAA,SAAA,+BAAA;WAAd,UAAA,SAAA,+BAAA;WACH,eAAA,qFAAA"}
1	+ {"version":3,"file":"presentationSelection.d.ts","names":[],"sources":["../../../../src/modules/dif-presentation-exchange/utils/presentationSelection.ts"],"sourcesContent":[],"mappings":";;;;;;;;;;;;;;KAkBY,gCAAA,GAAmC,kBACtC;iBAEO,iDAAA,gBACC,cAAc,qCACjB,+CACA;;;;;;;;EANF,SAAA,UAAA,mCAAgC;EAAA,SAAA,YAAA,8BAAA,kCAAA;WACnC,UAAA,4BAAA,gCAAA;WADsC,eAAA,qFAAA;CAAU,GAAA;EAGzC,SAAA,WAAA,qBAAA;EAAiD,SAAA,UAAA,mCAAA;WAClC,YAAA,SAAA,+BAAA;WAAd,UAAA,SAAA,+BAAA;WACH,eAAA,qFAAA"}

package/build/modules/dif-presentation-exchange/utils/presentationSelection.js CHANGED Viewed

@@ -6,9 +6,9 @@ require('../../../error/index.js');
 const require_ClaimFormat = require('../../vc/models/ClaimFormat.js');
 const require_W3cJsonLdVerifiablePresentation = require('../../vc/data-integrity/models/W3cJsonLdVerifiablePresentation.js');
 const require_W3cJwtVerifiablePresentation = require('../../vc/jwt-vc/W3cJwtVerifiablePresentation.js');
-const require_W3cV2JwtVerifiablePresentation = require('../../vc/jwt-vc/W3cV2JwtVerifiablePresentation.js');
 const require_W3cV2SdJwtVerifiablePresentation = require('../../vc/sd-jwt-vc/W3cV2SdJwtVerifiablePresentation.js');
 require('../../vc/sd-jwt-vc/index.js');
+const require_W3cV2JwtVerifiablePresentation = require('../../vc/jwt-vc/W3cV2JwtVerifiablePresentation.js');
 require('../../vc/index.js');
 const require_MdocDeviceResponse = require('../../mdoc/MdocDeviceResponse.js');
 require('../../mdoc/index.js');

package/build/modules/dif-presentation-exchange/utils/presentationSelection.mjs CHANGED Viewed

@@ -5,9 +5,9 @@ import "../../../error/index.mjs";
 import { ClaimFormat } from "../../vc/models/ClaimFormat.mjs";
 import { W3cJsonLdVerifiablePresentation } from "../../vc/data-integrity/models/W3cJsonLdVerifiablePresentation.mjs";
 import { W3cJwtVerifiablePresentation } from "../../vc/jwt-vc/W3cJwtVerifiablePresentation.mjs";
-import { W3cV2JwtVerifiablePresentation } from "../../vc/jwt-vc/W3cV2JwtVerifiablePresentation.mjs";
 import { W3cV2SdJwtVerifiablePresentation } from "../../vc/sd-jwt-vc/W3cV2SdJwtVerifiablePresentation.mjs";
 import "../../vc/sd-jwt-vc/index.mjs";
+import { W3cV2JwtVerifiablePresentation } from "../../vc/jwt-vc/W3cV2JwtVerifiablePresentation.mjs";
 import "../../vc/index.mjs";
 import { MdocDeviceResponse } from "../../mdoc/MdocDeviceResponse.mjs";
 import "../../mdoc/index.mjs";