@credo-ts/openid4vc 0.6.0-pr-2209-20250321171013 → 0.6.0-pr-2195-20250321180923

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (111) hide show
  1. package/build/openid4vc-holder/OpenId4VcHolderApi.d.ts +126 -21
  2. package/build/openid4vc-holder/OpenId4VcHolderApi.js +36 -21
  3. package/build/openid4vc-holder/OpenId4VcHolderApi.js.map +1 -1
  4. package/build/openid4vc-holder/OpenId4VcHolderModule.js +3 -3
  5. package/build/openid4vc-holder/OpenId4VcHolderModule.js.map +1 -1
  6. package/build/openid4vc-holder/OpenId4VciHolderService.d.ts +5 -6
  7. package/build/openid4vc-holder/OpenId4VciHolderService.js +13 -15
  8. package/build/openid4vc-holder/OpenId4VciHolderService.js.map +1 -1
  9. package/build/openid4vc-holder/OpenId4VciHolderServiceOptions.d.ts +3 -3
  10. package/build/openid4vc-holder/OpenId4VciHolderServiceOptions.js +2 -2
  11. package/build/openid4vc-holder/OpenId4VciHolderServiceOptions.js.map +1 -1
  12. package/build/openid4vc-holder/OpenId4vpHolderService.d.ts +132 -0
  13. package/build/openid4vc-holder/OpenId4vpHolderService.js +317 -0
  14. package/build/openid4vc-holder/OpenId4vpHolderService.js.map +1 -0
  15. package/build/openid4vc-holder/OpenId4vpHolderServiceOptions.d.ts +81 -0
  16. package/build/openid4vc-holder/{OpenId4vcSiopHolderServiceOptions.js → OpenId4vpHolderServiceOptions.js} +1 -1
  17. package/build/openid4vc-holder/OpenId4vpHolderServiceOptions.js.map +1 -0
  18. package/build/openid4vc-holder/index.d.ts +2 -2
  19. package/build/openid4vc-holder/index.js +2 -2
  20. package/build/openid4vc-holder/index.js.map +1 -1
  21. package/build/openid4vc-issuer/OpenId4VcIssuerApi.d.ts +194 -44
  22. package/build/openid4vc-issuer/OpenId4VcIssuerModule.js +1 -1
  23. package/build/openid4vc-issuer/OpenId4VcIssuerModule.js.map +1 -1
  24. package/build/openid4vc-issuer/OpenId4VcIssuerModuleConfig.d.ts +7 -7
  25. package/build/openid4vc-issuer/OpenId4VcIssuerModuleConfig.js +2 -10
  26. package/build/openid4vc-issuer/OpenId4VcIssuerModuleConfig.js.map +1 -1
  27. package/build/openid4vc-issuer/OpenId4VcIssuerService.d.ts +197 -48
  28. package/build/openid4vc-issuer/OpenId4VcIssuerService.js +28 -19
  29. package/build/openid4vc-issuer/OpenId4VcIssuerService.js.map +1 -1
  30. package/build/openid4vc-issuer/OpenId4VcIssuerServiceOptions.d.ts +11 -6
  31. package/build/openid4vc-issuer/repository/OpenId4VcIssuanceSessionRecord.d.ts +11 -1
  32. package/build/openid4vc-issuer/repository/OpenId4VcIssuanceSessionRecord.js +2 -0
  33. package/build/openid4vc-issuer/repository/OpenId4VcIssuanceSessionRecord.js.map +1 -1
  34. package/build/openid4vc-issuer/repository/OpenId4VcIssuerRecord.js +2 -2
  35. package/build/openid4vc-issuer/repository/OpenId4VcIssuerRecord.js.map +1 -1
  36. package/build/openid4vc-issuer/router/accessTokenEndpoint.js +1 -1
  37. package/build/openid4vc-issuer/router/accessTokenEndpoint.js.map +1 -1
  38. package/build/openid4vc-issuer/router/authorizationChallengeEndpoint.js +1 -1
  39. package/build/openid4vc-issuer/router/authorizationChallengeEndpoint.js.map +1 -1
  40. package/build/openid4vc-issuer/router/authorizationServerMetadataEndpoint.js +1 -1
  41. package/build/openid4vc-issuer/router/authorizationServerMetadataEndpoint.js.map +1 -1
  42. package/build/openid4vc-issuer/router/credentialEndpoint.js +4 -3
  43. package/build/openid4vc-issuer/router/credentialEndpoint.js.map +1 -1
  44. package/build/openid4vc-issuer/router/credentialOfferEndpoint.js +15 -0
  45. package/build/openid4vc-issuer/router/credentialOfferEndpoint.js.map +1 -1
  46. package/build/openid4vc-issuer/router/issuerMetadataEndpoint.js +1 -1
  47. package/build/openid4vc-issuer/router/issuerMetadataEndpoint.js.map +1 -1
  48. package/build/openid4vc-verifier/OpenId4VcVerifierApi.d.ts +12 -25
  49. package/build/openid4vc-verifier/OpenId4VcVerifierApi.js +16 -25
  50. package/build/openid4vc-verifier/OpenId4VcVerifierApi.js.map +1 -1
  51. package/build/openid4vc-verifier/OpenId4VcVerifierModule.js +5 -8
  52. package/build/openid4vc-verifier/OpenId4VcVerifierModule.js.map +1 -1
  53. package/build/openid4vc-verifier/OpenId4VcVerifierModuleConfig.d.ts +30 -7
  54. package/build/openid4vc-verifier/OpenId4VcVerifierModuleConfig.js +16 -12
  55. package/build/openid4vc-verifier/OpenId4VcVerifierModuleConfig.js.map +1 -1
  56. package/build/openid4vc-verifier/OpenId4VpVerifierService.d.ts +51 -0
  57. package/build/openid4vc-verifier/OpenId4VpVerifierService.js +765 -0
  58. package/build/openid4vc-verifier/OpenId4VpVerifierService.js.map +1 -0
  59. package/build/openid4vc-verifier/OpenId4VpVerifierServiceOptions.d.ts +146 -0
  60. package/build/openid4vc-verifier/{OpenId4VcSiopVerifierServiceOptions.js → OpenId4VpVerifierServiceOptions.js} +1 -1
  61. package/build/openid4vc-verifier/OpenId4VpVerifierServiceOptions.js.map +1 -0
  62. package/build/openid4vc-verifier/index.d.ts +2 -2
  63. package/build/openid4vc-verifier/index.js +2 -2
  64. package/build/openid4vc-verifier/index.js.map +1 -1
  65. package/build/openid4vc-verifier/repository/OpenId4VcVerificationSessionRecord.d.ts +39 -14
  66. package/build/openid4vc-verifier/repository/OpenId4VcVerificationSessionRecord.js +38 -8
  67. package/build/openid4vc-verifier/repository/OpenId4VcVerificationSessionRecord.js.map +1 -1
  68. package/build/openid4vc-verifier/repository/OpenId4VcVerifierRecord.d.ts +3 -3
  69. package/build/openid4vc-verifier/router/authorizationEndpoint.d.ts +2 -10
  70. package/build/openid4vc-verifier/router/authorizationEndpoint.js +94 -105
  71. package/build/openid4vc-verifier/router/authorizationEndpoint.js.map +1 -1
  72. package/build/openid4vc-verifier/router/authorizationRequestEndpoint.d.ts +2 -10
  73. package/build/openid4vc-verifier/router/authorizationRequestEndpoint.js +21 -22
  74. package/build/openid4vc-verifier/router/authorizationRequestEndpoint.js.map +1 -1
  75. package/build/shared/callbacks.d.ts +13 -5
  76. package/build/shared/callbacks.js +104 -13
  77. package/build/shared/callbacks.js.map +1 -1
  78. package/build/shared/issuerMetadataUtils.d.ts +102 -144
  79. package/build/shared/models/OpenId4VcJwtIssuer.d.ts +2 -3
  80. package/build/shared/models/index.d.ts +10 -10
  81. package/build/shared/models/index.js +5 -5
  82. package/build/shared/models/index.js.map +1 -1
  83. package/build/shared/router/context.d.ts +3 -3
  84. package/build/shared/router/context.js +7 -3
  85. package/build/shared/router/context.js.map +1 -1
  86. package/build/shared/transactionData.d.ts +5 -0
  87. package/build/shared/transactionData.js +22 -0
  88. package/build/shared/transactionData.js.map +1 -0
  89. package/build/shared/utils.d.ts +6 -8
  90. package/build/shared/utils.js +34 -105
  91. package/build/shared/utils.js.map +1 -1
  92. package/package.json +7 -8
  93. package/build/openid4vc-holder/OpenId4vcSiopHolderService.d.ts +0 -32
  94. package/build/openid4vc-holder/OpenId4vcSiopHolderService.js +0 -300
  95. package/build/openid4vc-holder/OpenId4vcSiopHolderService.js.map +0 -1
  96. package/build/openid4vc-holder/OpenId4vcSiopHolderServiceOptions.d.ts +0 -38
  97. package/build/openid4vc-holder/OpenId4vcSiopHolderServiceOptions.js.map +0 -1
  98. package/build/openid4vc-verifier/OpenId4VcSiopVerifierService.d.ts +0 -55
  99. package/build/openid4vc-verifier/OpenId4VcSiopVerifierService.js +0 -553
  100. package/build/openid4vc-verifier/OpenId4VcSiopVerifierService.js.map +0 -1
  101. package/build/openid4vc-verifier/OpenId4VcSiopVerifierServiceOptions.d.ts +0 -77
  102. package/build/openid4vc-verifier/OpenId4VcSiopVerifierServiceOptions.js.map +0 -1
  103. package/build/openid4vc-verifier/repository/OpenId4VcRelyingPartyEventEmitter.d.ts +0 -49
  104. package/build/openid4vc-verifier/repository/OpenId4VcRelyingPartyEventEmitter.js +0 -230
  105. package/build/openid4vc-verifier/repository/OpenId4VcRelyingPartyEventEmitter.js.map +0 -1
  106. package/build/openid4vc-verifier/repository/OpenId4VcRelyingPartySessionManager.d.ts +0 -19
  107. package/build/openid4vc-verifier/repository/OpenId4VcRelyingPartySessionManager.js +0 -144
  108. package/build/openid4vc-verifier/repository/OpenId4VcRelyingPartySessionManager.js.map +0 -1
  109. package/build/shared/transform.d.ts +0 -5
  110. package/build/shared/transform.js +0 -69
  111. package/build/shared/transform.js.map +0 -1
package/build/shared/utils.js CHANGED
@@ -2,12 +2,11 @@
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
3
  exports.getSupportedJwaSignatureAlgorithms = getSupportedJwaSignatureAlgorithms;
4
4
  exports.getKeyFromDid = getKeyFromDid;
5
- exports.getVerifyJwtCallback = getVerifyJwtCallback;
6
- exports.getCreateJwtCallback = getCreateJwtCallback;
7
- exports.openIdTokenIssuerToJwtIssuer = openIdTokenIssuerToJwtIssuer;
5
+ exports.requestSignerToJwtIssuer = requestSignerToJwtIssuer;
8
6
  exports.getProofTypeFromKey = getProofTypeFromKey;
9
7
  exports.addSecondsToDate = addSecondsToDate;
10
8
  exports.dateToSeconds = dateToSeconds;
9
+ exports.parseIfJson = parseIfJson;
11
10
  const core_1 = require("@credo-ts/core");
12
11
  /**
13
12
  * Returns the JWA Signature Algorithms that are supported by the wallet.
@@ -35,141 +34,58 @@ async function getKeyFromDid(agentContext, didUrl, allowedPurposes = ['authentic
35
34
  const verificationMethod = didDocument.dereferenceKey(didUrl, allowedPurposes);
36
35
  return (0, core_1.getKeyFromVerificationMethod)(verificationMethod);
37
36
  }
38
- function getVerifyJwtCallback(agentContext, _trustedCertificates) {
39
- return async (jwtVerifier, jwt) => {
40
- const jwsService = agentContext.dependencyManager.resolve(core_1.JwsService);
41
- let trustedCertificates = _trustedCertificates;
42
- if (jwtVerifier.method === 'did') {
43
- const key = await getKeyFromDid(agentContext, jwtVerifier.didUrl);
44
- const jwk = (0, core_1.getJwkFromKey)(key);
45
- const res = await jwsService.verifyJws(agentContext, {
46
- jws: jwt.raw,
47
- jwkResolver: () => jwk,
48
- // No certificates trusted
49
- trustedCertificates: [],
50
- });
51
- return res.isValid;
52
- }
53
- if (jwtVerifier.method === 'x5c' || jwtVerifier.method === 'jwk') {
54
- if (jwtVerifier.type === 'request-object') {
55
- const x509Config = agentContext.dependencyManager.resolve(core_1.X509ModuleConfig);
56
- const certificateChain = jwt.header.x5c?.map((cert) => core_1.X509Certificate.fromEncodedCertificate(cert));
57
- if (!trustedCertificates && certificateChain && x509Config.getTrustedCertificatesForVerification) {
58
- trustedCertificates = await x509Config.getTrustedCertificatesForVerification(agentContext, {
59
- certificateChain,
60
- verification: {
61
- type: 'oauth2SecuredAuthorizationRequest',
62
- authorizationRequest: {
63
- jwt: jwt.raw,
64
- payload: core_1.JwtPayload.fromJson(jwt.payload),
65
- },
66
- },
67
- });
68
- }
69
- if (!trustedCertificates) {
70
- // We also take from the config here to avoid the callback being called again
71
- trustedCertificates = x509Config.trustedCertificates ?? [];
72
- }
73
- }
74
- const res = await jwsService.verifyJws(agentContext, {
75
- jws: jwt.raw,
76
- // Only allowed for request object
77
- trustedCertificates: jwtVerifier.type === 'request-object' ? trustedCertificates : [],
78
- });
79
- return res.isValid;
80
- }
81
- throw new Error(`Unsupported jwt verifier method: '${jwtVerifier.method}'`);
82
- };
83
- }
84
- function getCreateJwtCallback(agentContext) {
85
- return async (jwtIssuer, jwt) => {
86
- const jwsService = agentContext.dependencyManager.resolve(core_1.JwsService);
87
- if (jwtIssuer.method === 'did') {
88
- const key = await getKeyFromDid(agentContext, jwtIssuer.didUrl);
89
- const jws = await jwsService.createJwsCompact(agentContext, {
90
- protectedHeaderOptions: { ...jwt.header, alg: jwtIssuer.alg, jwk: undefined },
91
- payload: core_1.JwtPayload.fromJson(jwt.payload),
92
- key,
93
- });
94
- return jws;
95
- }
96
- if (jwtIssuer.method === 'jwk') {
97
- if (!jwtIssuer.jwk.kty) {
98
- throw new core_1.CredoError('Missing required key type (kty) in the jwk.');
99
- }
100
- const jwk = (0, core_1.getJwkFromJson)(jwtIssuer.jwk);
101
- const key = jwk.key;
102
- const jws = await jwsService.createJwsCompact(agentContext, {
103
- protectedHeaderOptions: { ...jwt.header, jwk, alg: jwtIssuer.alg },
104
- payload: core_1.JwtPayload.fromJson(jwt.payload),
105
- key,
106
- });
107
- return jws;
108
- }
109
- if (jwtIssuer.method === 'x5c') {
110
- const leafCertificate = core_1.X509Service.getLeafCertificate(agentContext, { certificateChain: jwtIssuer.x5c });
111
- const jws = await jwsService.createJwsCompact(agentContext, {
112
- protectedHeaderOptions: { ...jwt.header, alg: jwtIssuer.alg, jwk: undefined },
113
- payload: core_1.JwtPayload.fromJson(jwt.payload),
114
- key: leafCertificate.publicKey,
115
- });
116
- return jws;
117
- }
118
- throw new Error(`Unsupported jwt issuer method '${jwtIssuer.method}'`);
119
- };
120
- }
121
- async function openIdTokenIssuerToJwtIssuer(agentContext, openId4VcTokenIssuer) {
122
- if (openId4VcTokenIssuer.method === 'did') {
123
- const key = await getKeyFromDid(agentContext, openId4VcTokenIssuer.didUrl);
37
+ async function requestSignerToJwtIssuer(agentContext, requestSigner) {
38
+ if (requestSigner.method === 'did') {
39
+ const key = await getKeyFromDid(agentContext, requestSigner.didUrl);
124
40
  const alg = (0, core_1.getJwkClassFromKeyType)(key.keyType)?.supportedSignatureAlgorithms[0];
125
41
  if (!alg)
126
42
  throw new core_1.CredoError(`No supported signature algorithms for key type: ${key.keyType}`);
127
43
  return {
128
- method: openId4VcTokenIssuer.method,
129
- didUrl: openId4VcTokenIssuer.didUrl,
44
+ method: requestSigner.method,
45
+ didUrl: requestSigner.didUrl,
130
46
  alg,
131
47
  };
132
48
  }
133
- if (openId4VcTokenIssuer.method === 'x5c') {
49
+ if (requestSigner.method === 'x5c') {
134
50
  const leafCertificate = core_1.X509Service.getLeafCertificate(agentContext, {
135
- certificateChain: openId4VcTokenIssuer.x5c,
51
+ certificateChain: requestSigner.x5c,
136
52
  });
137
53
  const jwk = (0, core_1.getJwkFromKey)(leafCertificate.publicKey);
138
54
  const alg = jwk.supportedSignatureAlgorithms[0];
139
55
  if (!alg) {
140
56
  throw new core_1.CredoError(`No supported signature algorithms found key type: '${jwk.keyType}'`);
141
57
  }
142
- if (!openId4VcTokenIssuer.issuer.startsWith('https://') &&
143
- !(openId4VcTokenIssuer.issuer.startsWith('http://') && agentContext.config.allowInsecureHttpUrls)) {
58
+ if (!requestSigner.issuer.startsWith('https://') &&
59
+ !(requestSigner.issuer.startsWith('http://') && agentContext.config.allowInsecureHttpUrls)) {
144
60
  throw new core_1.CredoError('The X509 certificate issuer must be a HTTPS URI.');
145
61
  }
146
- if (!leafCertificate.sanUriNames.includes(openId4VcTokenIssuer.issuer) &&
147
- !leafCertificate.sanDnsNames.includes((0, core_1.getDomainFromUrl)(openId4VcTokenIssuer.issuer))) {
62
+ if (!leafCertificate.sanUriNames.includes(requestSigner.issuer) &&
63
+ !leafCertificate.sanDnsNames.includes((0, core_1.getDomainFromUrl)(requestSigner.issuer))) {
148
64
  const sanUriMessage = leafCertificate.sanUriNames.length > 0
149
65
  ? `SAN-URI names are ${leafCertificate.sanUriNames.join(', ')}`
150
66
  : 'there are no SAN-URI names';
151
67
  const sanDnsMessage = leafCertificate.sanDnsNames.length > 0
152
68
  ? `SAN-DNS names are ${leafCertificate.sanDnsNames.join(', ')}`
153
69
  : 'there are no SAN-DNS names';
154
- throw new Error(`The 'iss' claim in the payload does not match a 'SAN-URI' or 'SAN-DNS' name in the x5c certificate. 'iss' value is '${openId4VcTokenIssuer.issuer}', ${sanUriMessage}, ${sanDnsMessage} (for SAN-DNS only domain has to match)`);
70
+ throw new Error(`The 'iss' claim in the payload does not match a 'SAN-URI' or 'SAN-DNS' name in the x5c certificate. 'iss' value is '${requestSigner.issuer}', ${sanUriMessage}, ${sanDnsMessage} (for SAN-DNS only domain has to match)`);
155
71
  }
156
72
  return {
157
- ...openId4VcTokenIssuer,
73
+ ...requestSigner,
158
74
  alg,
159
75
  };
160
76
  }
161
- if (openId4VcTokenIssuer.method === 'jwk') {
162
- const alg = openId4VcTokenIssuer.jwk.supportedSignatureAlgorithms[0];
77
+ if (requestSigner.method === 'jwk') {
78
+ const alg = requestSigner.jwk.supportedSignatureAlgorithms[0];
163
79
  if (!alg) {
164
- throw new core_1.CredoError(`No supported signature algorithms for key type: '${openId4VcTokenIssuer.jwk.keyType}'`);
80
+ throw new core_1.CredoError(`No supported signature algorithms for key type: '${requestSigner.jwk.keyType}'`);
165
81
  }
166
82
  return {
167
- ...openId4VcTokenIssuer,
168
- jwk: openId4VcTokenIssuer.jwk.toJson(),
83
+ ...requestSigner,
84
+ publicJwk: requestSigner.jwk.toJson(),
169
85
  alg,
170
86
  };
171
87
  }
172
- throw new core_1.CredoError(`Unsupported jwt issuer method '${openId4VcTokenIssuer.method}'`);
88
+ throw new core_1.CredoError(`Unsupported jwt issuer method '${requestSigner.method}'`);
173
89
  }
174
90
  function getProofTypeFromKey(agentContext, key) {
175
91
  const signatureSuiteRegistry = agentContext.dependencyManager.resolve(core_1.SignatureSuiteRegistry);
@@ -185,4 +101,17 @@ function addSecondsToDate(date, seconds) {
185
101
  function dateToSeconds(date) {
186
102
  return Math.floor(date.getTime() / 1000);
187
103
  }
104
+ function parseIfJson(input) {
105
+ if (typeof input !== 'string') {
106
+ return input;
107
+ }
108
+ try {
109
+ // Try to parse the string as JSON
110
+ return JSON.parse(input);
111
+ }
112
+ catch (_error) {
113
+ /* empty */
114
+ }
115
+ return input;
116
+ }
188
117
  //# sourceMappingURL=utils.js.map
package/build/shared/utils.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"utils.js","sourceRoot":"","sources":["../../src/shared/utils.ts"],"names":[],"mappings":";;AAoCA,gFAaC;AAED,sCAUC;AAED,oDAsDC;AACD,oDA4CC;AAED,oEAoEC;AAED,kDASC;AAED,4CAEC;AAED,sCAEC;AA/OD,yCAcuB;AAEvB;;;;;;;GAOG;AACH,SAAgB,kCAAkC,CAAC,YAA0B;IAC3E,MAAM,iBAAiB,GAAG,YAAY,CAAC,MAAM,CAAC,iBAAiB,CAAA;IAE/D,4EAA4E;IAC5E,MAAM,+BAA+B,GAAG,iBAAiB;QACvD,yDAAyD;SACxD,GAAG,CAAC,6BAAsB,CAAC;QAC5B,kCAAkC;SACjC,MAAM,CAAC,CAAC,QAAQ,EAAmD,EAAE,CAAC,QAAQ,KAAK,SAAS,CAAC;QAC9F,oEAAoE;SACnE,OAAO,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC,QAAQ,CAAC,4BAA4B,CAAC,CAAA;IAE/D,OAAO,+BAA+B,CAAA;AACxC,CAAC;AAEM,KAAK,UAAU,aAAa,CACjC,YAA0B,EAC1B,MAAc,EACd,kBAAgC,CAAC,gBAAgB,CAAC;IAElD,MAAM,OAAO,GAAG,YAAY,CAAC,iBAAiB,CAAC,OAAO,CAAC,cAAO,CAAC,CAAA;IAC/D,MAAM,WAAW,GAAG,MAAM,OAAO,CAAC,kBAAkB,CAAC,MAAM,CAAC,CAAA;IAC5D,MAAM,kBAAkB,GAAG,WAAW,CAAC,cAAc,CAAC,MAAM,EAAE,eAAe,CAAC,CAAA;IAE9E,OAAO,IAAA,mCAA4B,EAAC,kBAAkB,CAAC,CAAA;AACzD,CAAC;AAED,SAAgB,oBAAoB,CAClC,YAA0B,EAC1B,oBAA+C;IAE/C,OAAO,KAAK,EAAE,WAAW,EAAE,GAAG,EAAE,EAAE;QAChC,MAAM,UAAU,GAAG,YAAY,CAAC,iBAAiB,CAAC,OAAO,CAAC,iBAAU,CAAC,CAAA;QAErE,IAAI,mBAAmB,GAAG,oBAAoB,CAAA;QAE9C,IAAI,WAAW,CAAC,MAAM,KAAK,KAAK,EAAE,CAAC;YACjC,MAAM,GAAG,GAAG,MAAM,aAAa,CAAC,YAAY,EAAE,WAAW,CAAC,MAAM,CAAC,CAAA;YACjE,MAAM,GAAG,GAAG,IAAA,oBAAa,EAAC,GAAG,CAAC,CAAA;YAE9B,MAAM,GAAG,GAAG,MAAM,UAAU,CAAC,SAAS,CAAC,YAAY,EAAE;gBACnD,GAAG,EAAE,GAAG,CAAC,GAAG;gBACZ,WAAW,EAAE,GAAG,EAAE,CAAC,GAAG;gBACtB,0BAA0B;gBAC1B,mBAAmB,EAAE,EAAE;aACxB,CAAC,CAAA;YACF,OAAO,GAAG,CAAC,OAAO,CAAA;QACpB,CAAC;QACD,IAAI,WAAW,CAAC,MAAM,KAAK,KAAK,IAAI,WAAW,CAAC,MAAM,KAAK,KAAK,EAAE,CAAC;YACjE,IAAI,WAAW,CAAC,IAAI,KAAK,gBAAgB,EAAE,CAAC;gBAC1C,MAAM,UAAU,GAAG,YAAY,CAAC,iBAAiB,CAAC,OAAO,CAAC,uBAAgB,CAAC,CAAA;gBAC3E,MAAM,gBAAgB,GAAG,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,sBAAe,CAAC,sBAAsB,CAAC,IAAI,CAAC,CAAC,CAAA;gBAEpG,IAAI,CAAC,mBAAmB,IAAI,gBAAgB,IAAI,UAAU,CAAC,qCAAqC,EAAE,CAAC;oBACjG,mBAAmB,GAAG,MAAM,UAAU,CAAC,qCAAqC,CAAC,YAAY,EAAE;wBACzF,gBAAgB;wBAChB,YAAY,EAAE;4BACZ,IAAI,EAAE,mCAAmC;4BACzC,oBAAoB,EAAE;gCACpB,GAAG,EAAE,GAAG,CAAC,GAAG;gCACZ,OAAO,EAAE,iBAAU,CAAC,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC;6BAC1C;yBACF;qBACF,CAAC,CAAA;gBACJ,CAAC;gBAED,IAAI,CAAC,mBAAmB,EAAE,CAAC;oBACzB,6EAA6E;oBAC7E,mBAAmB,GAAG,UAAU,CAAC,mBAAmB,IAAI,EAAE,CAAA;gBAC5D,CAAC;YACH,CAAC;YAED,MAAM,GAAG,GAAG,MAAM,UAAU,CAAC,SAAS,CAAC,YAAY,EAAE;gBACnD,GAAG,EAAE,GAAG,CAAC,GAAG;gBACZ,kCAAkC;gBAClC,mBAAmB,EAAE,WAAW,CAAC,IAAI,KAAK,gBAAgB,CAAC,CAAC,CAAC,mBAAmB,CAAC,CAAC,CAAC,EAAE;aACtF,CAAC,CAAA;YACF,OAAO,GAAG,CAAC,OAAO,CAAA;QACpB,CAAC;QACD,MAAM,IAAI,KAAK,CAAC,qCAAqC,WAAW,CAAC,MAAM,GAAG,CAAC,CAAA;IAC7E,CAAC,CAAA;AACH,CAAC;AACD,SAAgB,oBAAoB,CAClC,YAA0B;IAE1B,OAAO,KAAK,EAAE,SAAS,EAAE,GAAG,EAAE,EAAE;QAC9B,MAAM,UAAU,GAAG,YAAY,CAAC,iBAAiB,CAAC,OAAO,CAAC,iBAAU,CAAC,CAAA;QAErE,IAAI,SAAS,CAAC,MAAM,KAAK,KAAK,EAAE,CAAC;YAC/B,MAAM,GAAG,GAAG,MAAM,aAAa,CAAC,YAAY,EAAE,SAAS,CAAC,MAAM,CAAC,CAAA;YAC/D,MAAM,GAAG,GAAG,MAAM,UAAU,CAAC,gBAAgB,CAAC,YAAY,EAAE;gBAC1D,sBAAsB,EAAE,EAAE,GAAG,GAAG,CAAC,MAAM,EAAE,GAAG,EAAE,SAAS,CAAC,GAAG,EAAE,GAAG,EAAE,SAAS,EAAE;gBAC7E,OAAO,EAAE,iBAAU,CAAC,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC;gBACzC,GAAG;aACJ,CAAC,CAAA;YAEF,OAAO,GAAG,CAAA;QACZ,CAAC;QACD,IAAI,SAAS,CAAC,MAAM,KAAK,KAAK,EAAE,CAAC;YAC/B,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC;gBACvB,MAAM,IAAI,iBAAU,CAAC,6CAA6C,CAAC,CAAA;YACrE,CAAC;YACD,MAAM,GAAG,GAAG,IAAA,qBAAc,EAAC,SAAS,CAAC,GAAc,CAAC,CAAA;YACpD,MAAM,GAAG,GAAG,GAAG,CAAC,GAAG,CAAA;YACnB,MAAM,GAAG,GAAG,MAAM,UAAU,CAAC,gBAAgB,CAAC,YAAY,EAAE;gBAC1D,sBAAsB,EAAE,EAAE,GAAG,GAAG,CAAC,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,SAAS,CAAC,GAAG,EAAE;gBAClE,OAAO,EAAE,iBAAU,CAAC,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC;gBACzC,GAAG;aACJ,CAAC,CAAA;YAEF,OAAO,GAAG,CAAA;QACZ,CAAC;QACD,IAAI,SAAS,CAAC,MAAM,KAAK,KAAK,EAAE,CAAC;YAC/B,MAAM,eAAe,GAAG,kBAAW,CAAC,kBAAkB,CAAC,YAAY,EAAE,EAAE,gBAAgB,EAAE,SAAS,CAAC,GAAG,EAAE,CAAC,CAAA;YAEzG,MAAM,GAAG,GAAG,MAAM,UAAU,CAAC,gBAAgB,CAAC,YAAY,EAAE;gBAC1D,sBAAsB,EAAE,EAAE,GAAG,GAAG,CAAC,MAAM,EAAE,GAAG,EAAE,SAAS,CAAC,GAAG,EAAE,GAAG,EAAE,SAAS,EAAE;gBAC7E,OAAO,EAAE,iBAAU,CAAC,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC;gBACzC,GAAG,EAAE,eAAe,CAAC,SAAS;aAC/B,CAAC,CAAA;YAEF,OAAO,GAAG,CAAA;QACZ,CAAC;QAED,MAAM,IAAI,KAAK,CAAC,kCAAkC,SAAS,CAAC,MAAM,GAAG,CAAC,CAAA;IACxE,CAAC,CAAA;AACH,CAAC;AAEM,KAAK,UAAU,4BAA4B,CAChD,YAA0B,EAC1B,oBAAiH;IAEjH,IAAI,oBAAoB,CAAC,MAAM,KAAK,KAAK,EAAE,CAAC;QAC1C,MAAM,GAAG,GAAG,MAAM,aAAa,CAAC,YAAY,EAAE,oBAAoB,CAAC,MAAM,CAAC,CAAA;QAC1E,MAAM,GAAG,GAAG,IAAA,6BAAsB,EAAC,GAAG,CAAC,OAAO,CAAC,EAAE,4BAA4B,CAAC,CAAC,CAAC,CAAA;QAChF,IAAI,CAAC,GAAG;YAAE,MAAM,IAAI,iBAAU,CAAC,mDAAmD,GAAG,CAAC,OAAO,EAAE,CAAC,CAAA;QAEhG,OAAO;YACL,MAAM,EAAE,oBAAoB,CAAC,MAAM;YACnC,MAAM,EAAE,oBAAoB,CAAC,MAAM;YACnC,GAAG;SACJ,CAAA;IACH,CAAC;IACD,IAAI,oBAAoB,CAAC,MAAM,KAAK,KAAK,EAAE,CAAC;QAC1C,MAAM,eAAe,GAAG,kBAAW,CAAC,kBAAkB,CAAC,YAAY,EAAE;YACnE,gBAAgB,EAAE,oBAAoB,CAAC,GAAG;SAC3C,CAAC,CAAA;QAEF,MAAM,GAAG,GAAG,IAAA,oBAAa,EAAC,eAAe,CAAC,SAAS,CAAC,CAAA;QACpD,MAAM,GAAG,GAAG,GAAG,CAAC,4BAA4B,CAAC,CAAC,CAAC,CAAA;QAC/C,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,MAAM,IAAI,iBAAU,CAAC,sDAAsD,GAAG,CAAC,OAAO,GAAG,CAAC,CAAA;QAC5F,CAAC;QAED,IACE,CAAC,oBAAoB,CAAC,MAAM,CAAC,UAAU,CAAC,UAAU,CAAC;YACnD,CAAC,CAAC,oBAAoB,CAAC,MAAM,CAAC,UAAU,CAAC,SAAS,CAAC,IAAI,YAAY,CAAC,MAAM,CAAC,qBAAqB,CAAC,EACjG,CAAC;YACD,MAAM,IAAI,iBAAU,CAAC,kDAAkD,CAAC,CAAA;QAC1E,CAAC;QAED,IACE,CAAC,eAAe,CAAC,WAAW,CAAC,QAAQ,CAAC,oBAAoB,CAAC,MAAM,CAAC;YAClE,CAAC,eAAe,CAAC,WAAW,CAAC,QAAQ,CAAC,IAAA,uBAAgB,EAAC,oBAAoB,CAAC,MAAM,CAAC,CAAC,EACpF,CAAC;YACD,MAAM,aAAa,GACjB,eAAe,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC;gBACpC,CAAC,CAAC,qBAAqB,eAAe,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;gBAC/D,CAAC,CAAC,4BAA4B,CAAA;YAClC,MAAM,aAAa,GACjB,eAAe,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC;gBACpC,CAAC,CAAC,qBAAqB,eAAe,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;gBAC/D,CAAC,CAAC,4BAA4B,CAAA;YAClC,MAAM,IAAI,KAAK,CACb,uHAAuH,oBAAoB,CAAC,MAAM,MAAM,aAAa,KAAK,aAAa,yCAAyC,CACjO,CAAA;QACH,CAAC;QAED,OAAO;YACL,GAAG,oBAAoB;YACvB,GAAG;SACJ,CAAA;IACH,CAAC;IACD,IAAI,oBAAoB,CAAC,MAAM,KAAK,KAAK,EAAE,CAAC;QAC1C,MAAM,GAAG,GAAG,oBAAoB,CAAC,GAAG,CAAC,4BAA4B,CAAC,CAAC,CAAC,CAAA;QACpE,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,MAAM,IAAI,iBAAU,CAAC,oDAAoD,oBAAoB,CAAC,GAAG,CAAC,OAAO,GAAG,CAAC,CAAA;QAC/G,CAAC;QACD,OAAO;YACL,GAAG,oBAAoB;YACvB,GAAG,EAAE,oBAAoB,CAAC,GAAG,CAAC,MAAM,EAAE;YACtC,GAAG;SACJ,CAAA;IACH,CAAC;IAED,MAAM,IAAI,iBAAU,CAAC,kCAAmC,oBAA2C,CAAC,MAAM,GAAG,CAAC,CAAA;AAChH,CAAC;AAED,SAAgB,mBAAmB,CAAC,YAA0B,EAAE,GAAQ;IACtE,MAAM,sBAAsB,GAAG,YAAY,CAAC,iBAAiB,CAAC,OAAO,CAAC,6BAAsB,CAAC,CAAA;IAE7F,MAAM,wBAAwB,GAAG,sBAAsB,CAAC,eAAe,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;IACpF,IAAI,wBAAwB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC1C,MAAM,IAAI,iBAAU,CAAC,qEAAqE,GAAG,CAAC,OAAO,IAAI,CAAC,CAAA;IAC5G,CAAC;IAED,OAAO,wBAAwB,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;AAC9C,CAAC;AAED,SAAgB,gBAAgB,CAAC,IAAU,EAAE,OAAe;IAC1D,OAAO,IAAI,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,GAAG,OAAO,GAAG,IAAI,CAAC,CAAA;AAClD,CAAC;AAED,SAAgB,aAAa,CAAC,IAAU;IACtC,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,CAAA;AAC1C,CAAC"}
1
+ {"version":3,"file":"utils.js","sourceRoot":"","sources":["../../src/shared/utils.ts"],"names":[],"mappings":";;AAuBA,gFAaC;AAED,sCAUC;AAED,4DAoEC;AAED,kDASC;AAED,4CAEC;AAED,sCAEC;AAED,kCAaC;AApJD,yCASuB;AAEvB;;;;;;;GAOG;AACH,SAAgB,kCAAkC,CAAC,YAA0B;IAC3E,MAAM,iBAAiB,GAAG,YAAY,CAAC,MAAM,CAAC,iBAAiB,CAAA;IAE/D,4EAA4E;IAC5E,MAAM,+BAA+B,GAAG,iBAAiB;QACvD,yDAAyD;SACxD,GAAG,CAAC,6BAAsB,CAAC;QAC5B,kCAAkC;SACjC,MAAM,CAAC,CAAC,QAAQ,EAAmD,EAAE,CAAC,QAAQ,KAAK,SAAS,CAAC;QAC9F,oEAAoE;SACnE,OAAO,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC,QAAQ,CAAC,4BAA4B,CAAC,CAAA;IAE/D,OAAO,+BAA+B,CAAA;AACxC,CAAC;AAEM,KAAK,UAAU,aAAa,CACjC,YAA0B,EAC1B,MAAc,EACd,kBAAgC,CAAC,gBAAgB,CAAC;IAElD,MAAM,OAAO,GAAG,YAAY,CAAC,iBAAiB,CAAC,OAAO,CAAC,cAAO,CAAC,CAAA;IAC/D,MAAM,WAAW,GAAG,MAAM,OAAO,CAAC,kBAAkB,CAAC,MAAM,CAAC,CAAA;IAC5D,MAAM,kBAAkB,GAAG,WAAW,CAAC,cAAc,CAAC,MAAM,EAAE,eAAe,CAAC,CAAA;IAE9E,OAAO,IAAA,mCAA4B,EAAC,kBAAkB,CAAC,CAAA;AACzD,CAAC;AAEM,KAAK,UAAU,wBAAwB,CAC5C,YAA0B,EAC1B,aAAiC;IAEjC,IAAI,aAAa,CAAC,MAAM,KAAK,KAAK,EAAE,CAAC;QACnC,MAAM,GAAG,GAAG,MAAM,aAAa,CAAC,YAAY,EAAE,aAAa,CAAC,MAAM,CAAC,CAAA;QACnE,MAAM,GAAG,GAAG,IAAA,6BAAsB,EAAC,GAAG,CAAC,OAAO,CAAC,EAAE,4BAA4B,CAAC,CAAC,CAAC,CAAA;QAChF,IAAI,CAAC,GAAG;YAAE,MAAM,IAAI,iBAAU,CAAC,mDAAmD,GAAG,CAAC,OAAO,EAAE,CAAC,CAAA;QAEhG,OAAO;YACL,MAAM,EAAE,aAAa,CAAC,MAAM;YAC5B,MAAM,EAAE,aAAa,CAAC,MAAM;YAC5B,GAAG;SACJ,CAAA;IACH,CAAC;IACD,IAAI,aAAa,CAAC,MAAM,KAAK,KAAK,EAAE,CAAC;QACnC,MAAM,eAAe,GAAG,kBAAW,CAAC,kBAAkB,CAAC,YAAY,EAAE;YACnE,gBAAgB,EAAE,aAAa,CAAC,GAAG;SACpC,CAAC,CAAA;QAEF,MAAM,GAAG,GAAG,IAAA,oBAAa,EAAC,eAAe,CAAC,SAAS,CAAC,CAAA;QACpD,MAAM,GAAG,GAAG,GAAG,CAAC,4BAA4B,CAAC,CAAC,CAAC,CAAA;QAC/C,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,MAAM,IAAI,iBAAU,CAAC,sDAAsD,GAAG,CAAC,OAAO,GAAG,CAAC,CAAA;QAC5F,CAAC;QAED,IACE,CAAC,aAAa,CAAC,MAAM,CAAC,UAAU,CAAC,UAAU,CAAC;YAC5C,CAAC,CAAC,aAAa,CAAC,MAAM,CAAC,UAAU,CAAC,SAAS,CAAC,IAAI,YAAY,CAAC,MAAM,CAAC,qBAAqB,CAAC,EAC1F,CAAC;YACD,MAAM,IAAI,iBAAU,CAAC,kDAAkD,CAAC,CAAA;QAC1E,CAAC;QAED,IACE,CAAC,eAAe,CAAC,WAAW,CAAC,QAAQ,CAAC,aAAa,CAAC,MAAM,CAAC;YAC3D,CAAC,eAAe,CAAC,WAAW,CAAC,QAAQ,CAAC,IAAA,uBAAgB,EAAC,aAAa,CAAC,MAAM,CAAC,CAAC,EAC7E,CAAC;YACD,MAAM,aAAa,GACjB,eAAe,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC;gBACpC,CAAC,CAAC,qBAAqB,eAAe,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;gBAC/D,CAAC,CAAC,4BAA4B,CAAA;YAClC,MAAM,aAAa,GACjB,eAAe,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC;gBACpC,CAAC,CAAC,qBAAqB,eAAe,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;gBAC/D,CAAC,CAAC,4BAA4B,CAAA;YAClC,MAAM,IAAI,KAAK,CACb,uHAAuH,aAAa,CAAC,MAAM,MAAM,aAAa,KAAK,aAAa,yCAAyC,CAC1N,CAAA;QACH,CAAC;QAED,OAAO;YACL,GAAG,aAAa;YAChB,GAAG;SACJ,CAAA;IACH,CAAC;IACD,IAAI,aAAa,CAAC,MAAM,KAAK,KAAK,EAAE,CAAC;QACnC,MAAM,GAAG,GAAG,aAAa,CAAC,GAAG,CAAC,4BAA4B,CAAC,CAAC,CAAC,CAAA;QAC7D,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,MAAM,IAAI,iBAAU,CAAC,oDAAoD,aAAa,CAAC,GAAG,CAAC,OAAO,GAAG,CAAC,CAAA;QACxG,CAAC;QACD,OAAO;YACL,GAAG,aAAa;YAChB,SAAS,EAAE,aAAa,CAAC,GAAG,CAAC,MAAM,EAAE;YACrC,GAAG;SACJ,CAAA;IACH,CAAC;IAED,MAAM,IAAI,iBAAU,CAAC,kCAAmC,aAAoC,CAAC,MAAM,GAAG,CAAC,CAAA;AACzG,CAAC;AAED,SAAgB,mBAAmB,CAAC,YAA0B,EAAE,GAAQ;IACtE,MAAM,sBAAsB,GAAG,YAAY,CAAC,iBAAiB,CAAC,OAAO,CAAC,6BAAsB,CAAC,CAAA;IAE7F,MAAM,wBAAwB,GAAG,sBAAsB,CAAC,eAAe,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;IACpF,IAAI,wBAAwB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC1C,MAAM,IAAI,iBAAU,CAAC,qEAAqE,GAAG,CAAC,OAAO,IAAI,CAAC,CAAA;IAC5G,CAAC;IAED,OAAO,wBAAwB,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;AAC9C,CAAC;AAED,SAAgB,gBAAgB,CAAC,IAAU,EAAE,OAAe;IAC1D,OAAO,IAAI,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,GAAG,OAAO,GAAG,IAAI,CAAC,CAAA;AAClD,CAAC;AAED,SAAgB,aAAa,CAAC,IAAU;IACtC,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,CAAA;AAC1C,CAAC;AAED,SAAgB,WAAW,CAAI,KAAQ;IACrC,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC9B,OAAO,KAAK,CAAA;IACd,CAAC;IAED,IAAI,CAAC;QACH,kCAAkC;QAClC,OAAO,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAA;IAC1B,CAAC;IAAC,OAAO,MAAM,EAAE,CAAC;QAChB,WAAW;IACb,CAAC;IAED,OAAO,KAAK,CAAA;AACd,CAAC"}
package/package.json CHANGED
@@ -2,7 +2,7 @@
2
2
  "name": "@credo-ts/openid4vc",
3
3
  "main": "build/index",
4
4
  "types": "build/index",
5
- "version": "0.6.0-pr-2209-20250321171013",
5
+ "version": "0.6.0-pr-2195-20250321180923",
6
6
  "files": [
7
7
  "build"
8
8
  ],
@@ -17,15 +17,14 @@
17
17
  "directory": "packages/openid4vc"
18
18
  },
19
19
  "dependencies": {
20
- "@sphereon/did-auth-siop": "0.16.1-fix.173",
21
- "@sphereon/oid4vc-common": "0.16.1-fix.173",
22
- "@sphereon/ssi-types": "0.30.2-next.135",
23
20
  "class-transformer": "^0.5.1",
24
21
  "rxjs": "^7.8.0",
25
22
  "zod": "^3.23.8",
26
- "@animo-id/oid4vci": "0.1.4",
27
- "@animo-id/oauth2": "0.1.4",
28
- "@credo-ts/core": "0.6.0-pr-2209-20250321171013"
23
+ "@openid4vc/openid4vci": "0.3.0-alpha-20250321150652",
24
+ "@openid4vc/oauth2": "0.3.0-alpha-20250321150652",
25
+ "@openid4vc/openid4vp": "0.3.0-alpha-20250321150652",
26
+ "@openid4vc/utils": "0.3.0-alpha-20250321150652",
27
+ "@credo-ts/core": "0.6.0-pr-2195-20250321180923"
29
28
  },
30
29
  "devDependencies": {
31
30
  "@types/express": "^4.17.21",
@@ -33,7 +32,7 @@
33
32
  "nock": "^14.0.0-beta.19",
34
33
  "rimraf": "^4.4.0",
35
34
  "typescript": "~5.5.2",
36
- "@credo-ts/tenants": "0.6.0-pr-2209-20250321171013"
35
+ "@credo-ts/tenants": "0.6.0-pr-2195-20250321180923"
37
36
  },
38
37
  "scripts": {
39
38
  "build": "pnpm run clean && pnpm run compile",
package/build/openid4vc-holder/OpenId4vcSiopHolderService.d.ts DELETED
@@ -1,32 +0,0 @@
1
- import type { AgentContext, EncodedX509Certificate } from '@credo-ts/core';
2
- import type { AuthorizationResponsePayload } from '@sphereon/did-auth-siop';
3
- import type { OpenId4VcSiopAcceptAuthorizationRequestOptions, OpenId4VcSiopResolvedAuthorizationRequest } from './OpenId4vcSiopHolderServiceOptions';
4
- import { DifPresentationExchangeService } from '@credo-ts/core';
5
- export declare class OpenId4VcSiopHolderService {
6
- private presentationExchangeService;
7
- constructor(presentationExchangeService: DifPresentationExchangeService);
8
- resolveAuthorizationRequest(agentContext: AgentContext, requestJwtOrUri: string, trustedCertificates?: EncodedX509Certificate[]): Promise<OpenId4VcSiopResolvedAuthorizationRequest>;
9
- acceptAuthorizationRequest(agentContext: AgentContext, options: OpenId4VcSiopAcceptAuthorizationRequestOptions): Promise<{
10
- readonly ok: false;
11
- readonly serverResponse: {
12
- readonly status: number;
13
- readonly body: string | Record<string, unknown> | null;
14
- };
15
- readonly submittedResponse: AuthorizationResponsePayload;
16
- readonly redirectUri?: undefined;
17
- readonly presentationDuringIssuanceSession?: undefined;
18
- } | {
19
- readonly ok: true;
20
- readonly serverResponse: {
21
- readonly status: number;
22
- readonly body: Record<string, unknown>;
23
- };
24
- readonly submittedResponse: AuthorizationResponsePayload;
25
- readonly redirectUri: string | undefined;
26
- readonly presentationDuringIssuanceSession: string | undefined;
27
- }>;
28
- private getOpenIdProvider;
29
- private getOpenIdTokenIssuerFromVerifiablePresentation;
30
- private assertValidTokenIssuer;
31
- private encryptJarmResponse;
32
- }
package/build/openid4vc-holder/OpenId4vcSiopHolderService.js DELETED
@@ -1,300 +0,0 @@
1
- "use strict";
2
- var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
3
- var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
4
- if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
5
- else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
6
- return c > 3 && r && Object.defineProperty(target, key, r), r;
7
- };
8
- var __metadata = (this && this.__metadata) || function (k, v) {
9
- if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
10
- };
11
- Object.defineProperty(exports, "__esModule", { value: true });
12
- exports.OpenId4VcSiopHolderService = void 0;
13
- const core_1 = require("@credo-ts/core");
14
- const did_auth_siop_1 = require("@sphereon/did-auth-siop");
15
- const transform_1 = require("../shared/transform");
16
- const utils_1 = require("../shared/utils");
17
- let OpenId4VcSiopHolderService = class OpenId4VcSiopHolderService {
18
- constructor(presentationExchangeService) {
19
- this.presentationExchangeService = presentationExchangeService;
20
- }
21
- async resolveAuthorizationRequest(agentContext, requestJwtOrUri, trustedCertificates) {
22
- const openidProvider = await this.getOpenIdProvider(agentContext, trustedCertificates);
23
- // parsing happens automatically in verifyAuthorizationRequest
24
- const verifiedAuthorizationRequest = await openidProvider.verifyAuthorizationRequest(requestJwtOrUri);
25
- agentContext.config.logger.debug(`verified SIOP Authorization Request for issuer '${verifiedAuthorizationRequest.issuer}'`);
26
- agentContext.config.logger.debug(`requestJwtOrUri '${requestJwtOrUri}'`);
27
- if (verifiedAuthorizationRequest.presentationDefinitions &&
28
- verifiedAuthorizationRequest.presentationDefinitions.length > 1) {
29
- throw new core_1.CredoError('Only a single presentation definition is supported.');
30
- }
31
- const presentationDefinition = verifiedAuthorizationRequest.presentationDefinitions?.[0]?.definition;
32
- return {
33
- authorizationRequest: verifiedAuthorizationRequest,
34
- // Parameters related to DIF Presentation Exchange
35
- presentationExchange: presentationDefinition
36
- ? {
37
- definition: presentationDefinition,
38
- credentialsForRequest: await this.presentationExchangeService.getCredentialsForRequest(agentContext, presentationDefinition),
39
- }
40
- : undefined,
41
- };
42
- }
43
- async acceptAuthorizationRequest(agentContext, options) {
44
- const { authorizationRequest, presentationExchange } = options;
45
- let openIdTokenIssuer = options.openIdTokenIssuer;
46
- let presentationExchangeOptions = undefined;
47
- const wantsIdToken = await authorizationRequest.authorizationRequest.containsResponseType(did_auth_siop_1.ResponseType.ID_TOKEN);
48
- const authorizationResponseNonce = await agentContext.wallet.generateNonce();
49
- // Handle presentation exchange part
50
- if (authorizationRequest.presentationDefinitions && authorizationRequest.presentationDefinitions.length > 0) {
51
- if (!presentationExchange) {
52
- throw new core_1.CredoError('Authorization request included presentation definition. `presentationExchange` MUST be supplied to accept authorization requests.');
53
- }
54
- const nonce = await authorizationRequest.authorizationRequest.getMergedProperty('nonce');
55
- if (!nonce) {
56
- throw new core_1.CredoError("Unable to extract 'nonce' from authorization request");
57
- }
58
- const clientId = await authorizationRequest.authorizationRequest.getMergedProperty('client_id');
59
- if (!clientId) {
60
- throw new core_1.CredoError("Unable to extract 'client_id' from authorization request");
61
- }
62
- const responseUri = (await authorizationRequest.authorizationRequest.getMergedProperty('response_uri')) ??
63
- (await authorizationRequest.authorizationRequest.getMergedProperty('redirect_uri'));
64
- if (!responseUri) {
65
- throw new core_1.CredoError("Unable to extract 'response_uri' from authorization request");
66
- }
67
- const { verifiablePresentations, presentationSubmission } = await this.presentationExchangeService.createPresentation(agentContext, {
68
- credentialsForInputDescriptor: presentationExchange.credentials,
69
- presentationDefinition: authorizationRequest.presentationDefinitions[0].definition,
70
- challenge: nonce,
71
- domain: clientId,
72
- presentationSubmissionLocation: core_1.DifPresentationExchangeSubmissionLocation.EXTERNAL,
73
- openid4vp: {
74
- mdocGeneratedNonce: authorizationResponseNonce,
75
- responseUri,
76
- },
77
- });
78
- presentationExchangeOptions = {
79
- verifiablePresentations: verifiablePresentations.map((vp) => (0, transform_1.getSphereonVerifiablePresentation)(vp)),
80
- presentationSubmission,
81
- vpTokenLocation: did_auth_siop_1.VPTokenLocation.AUTHORIZATION_RESPONSE,
82
- };
83
- if (wantsIdToken && !openIdTokenIssuer) {
84
- openIdTokenIssuer = this.getOpenIdTokenIssuerFromVerifiablePresentation(verifiablePresentations[0]);
85
- }
86
- }
87
- else if (options.presentationExchange) {
88
- throw new core_1.CredoError('`presentationExchange` was supplied, but no presentation definition was found in the presentation request.');
89
- }
90
- if (wantsIdToken) {
91
- if (!openIdTokenIssuer) {
92
- throw new core_1.CredoError('Unable to create authorization response. openIdTokenIssuer MUST be supplied when no presentation is active and the ResponseType includes id_token.');
93
- }
94
- this.assertValidTokenIssuer(authorizationRequest, openIdTokenIssuer);
95
- }
96
- const jwtIssuer = wantsIdToken && openIdTokenIssuer
97
- ? await (0, utils_1.openIdTokenIssuerToJwtIssuer)(agentContext, openIdTokenIssuer)
98
- : undefined;
99
- const openidProvider = await this.getOpenIdProvider(agentContext);
100
- const authorizationResponseWithCorrelationId = await openidProvider.createAuthorizationResponse(authorizationRequest, {
101
- jwtIssuer,
102
- presentationExchange: presentationExchangeOptions,
103
- // https://openid.net/specs/openid-connect-self-issued-v2-1_0.html#name-aud-of-a-request-object
104
- audience: authorizationRequest.authorizationRequestPayload.client_id,
105
- });
106
- const getCreateJarmResponseCallback = (authorizationResponseNonce) => {
107
- return async (opts) => {
108
- const { authorizationResponsePayload, requestObjectPayload } = opts;
109
- const jwk = await did_auth_siop_1.OP.extractEncJwksFromClientMetadata(requestObjectPayload.client_metadata);
110
- if (!jwk.kty) {
111
- throw new core_1.CredoError('Missing kty in jwk.');
112
- }
113
- const validatedMetadata = did_auth_siop_1.OP.validateJarmMetadata({
114
- client_metadata: requestObjectPayload.client_metadata,
115
- server_metadata: {
116
- authorization_encryption_alg_values_supported: ['ECDH-ES'],
117
- authorization_encryption_enc_values_supported: ['A256GCM', 'A128CBC-HS256'],
118
- },
119
- });
120
- if (validatedMetadata.type !== 'encrypted') {
121
- throw new core_1.CredoError('Only encrypted JARM responses are supported.');
122
- }
123
- // Extract nonce from the request, we use this as the `apv`
124
- const nonce = authorizationRequest.payload?.nonce;
125
- if (!nonce || typeof nonce !== 'string') {
126
- throw new core_1.CredoError('Missing nonce in authorization request payload');
127
- }
128
- const jwe = await this.encryptJarmResponse(agentContext, {
129
- jwkJson: jwk,
130
- payload: authorizationResponsePayload,
131
- authorizationRequestNonce: nonce,
132
- alg: validatedMetadata.client_metadata.authorization_encrypted_response_alg,
133
- enc: validatedMetadata.client_metadata.authorization_encrypted_response_enc,
134
- authorizationResponseNonce,
135
- });
136
- return { response: jwe };
137
- };
138
- };
139
- const response = await openidProvider.submitAuthorizationResponse(authorizationResponseWithCorrelationId, getCreateJarmResponseCallback(authorizationResponseNonce));
140
- const responseText = await response
141
- .clone()
142
- .text()
143
- .catch(() => null);
144
- const responseJson = (await response
145
- .clone()
146
- .json()
147
- .catch(() => null));
148
- if (!response.ok) {
149
- return {
150
- ok: false,
151
- serverResponse: {
152
- status: response.status,
153
- body: responseJson ?? responseText,
154
- },
155
- submittedResponse: authorizationResponseWithCorrelationId.response.payload,
156
- };
157
- }
158
- return {
159
- ok: true,
160
- serverResponse: {
161
- status: response.status,
162
- body: responseJson ?? {},
163
- },
164
- submittedResponse: authorizationResponseWithCorrelationId.response.payload,
165
- redirectUri: responseJson?.redirect_uri,
166
- presentationDuringIssuanceSession: responseJson?.presentation_during_issuance_session,
167
- };
168
- }
169
- async getOpenIdProvider(agentContext, trustedCertificates) {
170
- const builder = did_auth_siop_1.OP.builder()
171
- .withExpiresIn(6000)
172
- .withIssuer(did_auth_siop_1.ResponseIss.SELF_ISSUED_V2)
173
- .withResponseMode(did_auth_siop_1.ResponseMode.POST)
174
- .withSupportedVersions([
175
- did_auth_siop_1.SupportedVersion.SIOPv2_D11,
176
- did_auth_siop_1.SupportedVersion.SIOPv2_D12_OID4VP_D18,
177
- did_auth_siop_1.SupportedVersion.SIOPv2_D12_OID4VP_D20,
178
- ])
179
- .withCreateJwtCallback((0, utils_1.getCreateJwtCallback)(agentContext))
180
- .withVerifyJwtCallback((0, utils_1.getVerifyJwtCallback)(agentContext, trustedCertificates))
181
- .withHasher(core_1.Hasher.hash);
182
- const openidProvider = builder.build();
183
- return openidProvider;
184
- }
185
- getOpenIdTokenIssuerFromVerifiablePresentation(verifiablePresentation) {
186
- let openIdTokenIssuer;
187
- if (verifiablePresentation instanceof core_1.W3cJsonLdVerifiablePresentation) {
188
- const [firstProof] = (0, core_1.asArray)(verifiablePresentation.proof);
189
- if (!firstProof)
190
- throw new core_1.CredoError('Verifiable presentation does not contain a proof');
191
- if (!firstProof.verificationMethod.startsWith('did:')) {
192
- throw new core_1.CredoError('Verifiable presentation proof verificationMethod is not a did. Unable to extract openIdTokenIssuer from verifiable presentation');
193
- }
194
- openIdTokenIssuer = {
195
- method: 'did',
196
- didUrl: firstProof.verificationMethod,
197
- };
198
- }
199
- else if (verifiablePresentation instanceof core_1.W3cJwtVerifiablePresentation) {
200
- const kid = verifiablePresentation.jwt.header.kid;
201
- if (!kid)
202
- throw new core_1.CredoError('Verifiable Presentation does not contain a kid in the jwt header');
203
- if (kid.startsWith('#') && verifiablePresentation.presentation.holderId) {
204
- openIdTokenIssuer = {
205
- didUrl: `${verifiablePresentation.presentation.holderId}${kid}`,
206
- method: 'did',
207
- };
208
- }
209
- else if (kid.startsWith('did:')) {
210
- openIdTokenIssuer = {
211
- didUrl: kid,
212
- method: 'did',
213
- };
214
- }
215
- else {
216
- throw new core_1.CredoError("JWT W3C Verifiable presentation does not include did in JWT header 'kid'. Unable to extract openIdTokenIssuer from verifiable presentation");
217
- }
218
- }
219
- else if (verifiablePresentation instanceof core_1.MdocDeviceResponse) {
220
- throw new core_1.CredoError('Mdoc Verifiable Presentations are not yet supported');
221
- }
222
- else {
223
- const cnf = verifiablePresentation.payload.cnf;
224
- // FIXME: SD-JWT VC should have better payload typing, so this doesn't become so ugly
225
- if (!cnf ||
226
- typeof cnf !== 'object' ||
227
- !('kid' in cnf) ||
228
- typeof cnf.kid !== 'string' ||
229
- !cnf.kid.startsWith('did:') ||
230
- !cnf.kid.includes('#')) {
231
- throw new core_1.CredoError("SD-JWT Verifiable presentation has no 'cnf' claim or does not include 'cnf' claim where 'kid' is a didUrl pointing to a key. Unable to extract openIdTokenIssuer from verifiable presentation");
232
- }
233
- openIdTokenIssuer = {
234
- didUrl: cnf.kid,
235
- method: 'did',
236
- };
237
- }
238
- return openIdTokenIssuer;
239
- }
240
- assertValidTokenIssuer(authorizationRequest, openIdTokenIssuer) {
241
- const subjectSyntaxTypesSupported = authorizationRequest.registrationMetadataPayload.subject_syntax_types_supported;
242
- if (!subjectSyntaxTypesSupported) {
243
- throw new core_1.CredoError('subject_syntax_types_supported is not supplied in the registration metadata. subject_syntax_types is REQUIRED.');
244
- }
245
- let allowedSubjectSyntaxTypes = [];
246
- if (openIdTokenIssuer.method === 'did') {
247
- const parsedDid = (0, core_1.parseDid)(openIdTokenIssuer.didUrl);
248
- // Either did:<method> or did (for all did methods) is allowed
249
- allowedSubjectSyntaxTypes = [`did:${parsedDid.method}`, 'did'];
250
- }
251
- else if (openIdTokenIssuer.method === 'jwk') {
252
- allowedSubjectSyntaxTypes = ['urn:ietf:params:oauth:jwk-thumbprint'];
253
- }
254
- else {
255
- throw new core_1.CredoError("Only 'did' and 'jwk' are supported as openIdTokenIssuer at the moment");
256
- }
257
- // At least one of the allowed subject syntax types must be supported by the RP
258
- if (!allowedSubjectSyntaxTypes.some((allowed) => subjectSyntaxTypesSupported.includes(allowed))) {
259
- throw new core_1.CredoError([
260
- 'The provided openIdTokenIssuer is not supported by the relying party.',
261
- `Supported subject syntax types: '${subjectSyntaxTypesSupported.join(', ')}'`,
262
- ].join('\n'));
263
- }
264
- }
265
- async encryptJarmResponse(agentContext, options) {
266
- const { payload, jwkJson } = options;
267
- const jwk = (0, core_1.getJwkFromJson)(jwkJson);
268
- const key = jwk.key;
269
- if (!agentContext.wallet.directEncryptCompactJweEcdhEs) {
270
- throw new core_1.CredoError('Cannot decrypt Jarm Response, wallet does not support directEncryptCompactJweEcdhEs. You need to upgrade your wallet implementation.');
271
- }
272
- if (options.alg !== 'ECDH-ES') {
273
- throw new core_1.CredoError("Only 'ECDH-ES' is supported as 'alg' value for JARM response encryption");
274
- }
275
- if (options.enc !== 'A256GCM' && options.enc !== 'A128CBC-HS256') {
276
- throw new core_1.CredoError("Only 'A256GCM' and 'A128CBC-HS256' are supported as 'enc' value for JARM response encryption");
277
- }
278
- if (key.keyType !== core_1.KeyType.P256) {
279
- throw new core_1.CredoError(`Only '${core_1.KeyType.P256}' key type is supported for JARM response encryption`);
280
- }
281
- const data = core_1.Buffer.from(JSON.stringify(payload));
282
- const jwe = await agentContext.wallet.directEncryptCompactJweEcdhEs({
283
- data,
284
- recipientKey: key,
285
- header: {
286
- kid: jwkJson.kid,
287
- },
288
- encryptionAlgorithm: options.enc,
289
- apu: core_1.TypedArrayEncoder.toBase64URL(core_1.TypedArrayEncoder.fromString(options.authorizationResponseNonce)),
290
- apv: core_1.TypedArrayEncoder.toBase64URL(core_1.TypedArrayEncoder.fromString(options.authorizationRequestNonce)),
291
- });
292
- return jwe;
293
- }
294
- };
295
- exports.OpenId4VcSiopHolderService = OpenId4VcSiopHolderService;
296
- exports.OpenId4VcSiopHolderService = OpenId4VcSiopHolderService = __decorate([
297
- (0, core_1.injectable)(),
298
- __metadata("design:paramtypes", [core_1.DifPresentationExchangeService])
299
- ], OpenId4VcSiopHolderService);
300
- //# sourceMappingURL=OpenId4vcSiopHolderService.js.map
package/build/openid4vc-holder/OpenId4vcSiopHolderService.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"OpenId4vcSiopHolderService.js","sourceRoot":"","sources":["../../src/openid4vc-holder/OpenId4vcSiopHolderService.ts"],"names":[],"mappings":";;;;;;;;;;;;AAaA,yCAeuB;AACvB,2DAAwH;AAExH,mDAAuE;AACvE,2CAA0G;AAGnG,IAAM,0BAA0B,GAAhC,MAAM,0BAA0B;IACrC,YAA2B,2BAA2D;QAA3D,gCAA2B,GAA3B,2BAA2B,CAAgC;IAAG,CAAC;IAEnF,KAAK,CAAC,2BAA2B,CACtC,YAA0B,EAC1B,eAAuB,EACvB,mBAA8C;QAE9C,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,YAAY,EAAE,mBAAmB,CAAC,CAAA;QAEtF,8DAA8D;QAC9D,MAAM,4BAA4B,GAAG,MAAM,cAAc,CAAC,0BAA0B,CAAC,eAAe,CAAC,CAAA;QAErG,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAC9B,mDAAmD,4BAA4B,CAAC,MAAM,GAAG,CAC1F,CAAA;QACD,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,oBAAoB,eAAe,GAAG,CAAC,CAAA;QAExE,IACE,4BAA4B,CAAC,uBAAuB;YACpD,4BAA4B,CAAC,uBAAuB,CAAC,MAAM,GAAG,CAAC,EAC/D,CAAC;YACD,MAAM,IAAI,iBAAU,CAAC,qDAAqD,CAAC,CAAA;QAC7E,CAAC;QAED,MAAM,sBAAsB,GAAG,4BAA4B,CAAC,uBAAuB,EAAE,CAAC,CAAC,CAAC,EAAE,UAAU,CAAA;QAEpG,OAAO;YACL,oBAAoB,EAAE,4BAA4B;YAElD,kDAAkD;YAClD,oBAAoB,EAAE,sBAAsB;gBAC1C,CAAC,CAAC;oBACE,UAAU,EAAE,sBAAsB;oBAClC,qBAAqB,EAAE,MAAM,IAAI,CAAC,2BAA2B,CAAC,wBAAwB,CACpF,YAAY,EACZ,sBAAsB,CACvB;iBACF;gBACH,CAAC,CAAC,SAAS;SACd,CAAA;IACH,CAAC;IAEM,KAAK,CAAC,0BAA0B,CACrC,YAA0B,EAC1B,OAAuD;QAEvD,MAAM,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,GAAG,OAAO,CAAA;QAC9D,IAAI,iBAAiB,GAAG,OAAO,CAAC,iBAAiB,CAAA;QACjD,IAAI,2BAA2B,GAAiD,SAAS,CAAA;QAEzF,MAAM,YAAY,GAAG,MAAM,oBAAoB,CAAC,oBAAoB,CAAC,oBAAoB,CAAC,4BAAY,CAAC,QAAQ,CAAC,CAAA;QAChH,MAAM,0BAA0B,GAAG,MAAM,YAAY,CAAC,MAAM,CAAC,aAAa,EAAE,CAAA;QAE5E,oCAAoC;QACpC,IAAI,oBAAoB,CAAC,uBAAuB,IAAI,oBAAoB,CAAC,uBAAuB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC5G,IAAI,CAAC,oBAAoB,EAAE,CAAC;gBAC1B,MAAM,IAAI,iBAAU,CAClB,mIAAmI,CACpI,CAAA;YACH,CAAC;YAED,MAAM,KAAK,GAAG,MAAM,oBAAoB,CAAC,oBAAoB,CAAC,iBAAiB,CAAS,OAAO,CAAC,CAAA;YAChG,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,MAAM,IAAI,iBAAU,CAAC,sDAAsD,CAAC,CAAA;YAC9E,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,oBAAoB,CAAC,oBAAoB,CAAC,iBAAiB,CAAS,WAAW,CAAC,CAAA;YACvG,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACd,MAAM,IAAI,iBAAU,CAAC,0DAA0D,CAAC,CAAA;YAClF,CAAC;YAED,MAAM,WAAW,GACf,CAAC,MAAM,oBAAoB,CAAC,oBAAoB,CAAC,iBAAiB,CAAS,cAAc,CAAC,CAAC;gBAC3F,CAAC,MAAM,oBAAoB,CAAC,oBAAoB,CAAC,iBAAiB,CAAS,cAAc,CAAC,CAAC,CAAA;YAC7F,IAAI,CAAC,WAAW,EAAE,CAAC;gBACjB,MAAM,IAAI,iBAAU,CAAC,6DAA6D,CAAC,CAAA;YACrF,CAAC;YAED,MAAM,EAAE,uBAAuB,EAAE,sBAAsB,EAAE,GACvD,MAAM,IAAI,CAAC,2BAA2B,CAAC,kBAAkB,CAAC,YAAY,EAAE;gBACtE,6BAA6B,EAAE,oBAAoB,CAAC,WAAW;gBAC/D,sBAAsB,EAAE,oBAAoB,CAAC,uBAAuB,CAAC,CAAC,CAAC,CAAC,UAAU;gBAClF,SAAS,EAAE,KAAK;gBAChB,MAAM,EAAE,QAAQ;gBAChB,8BAA8B,EAAE,gDAAyC,CAAC,QAAQ;gBAClF,SAAS,EAAE;oBACT,kBAAkB,EAAE,0BAA0B;oBAC9C,WAAW;iBACZ;aACF,CAAC,CAAA;YAEJ,2BAA2B,GAAG;gBAC5B,uBAAuB,EAAE,uBAAuB,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,IAAA,6CAAiC,EAAC,EAAE,CAAC,CAAC;gBACnG,sBAAsB;gBACtB,eAAe,EAAE,+BAAe,CAAC,sBAAsB;aACxD,CAAA;YAED,IAAI,YAAY,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBACvC,iBAAiB,GAAG,IAAI,CAAC,8CAA8C,CAAC,uBAAuB,CAAC,CAAC,CAAC,CAAC,CAAA;YACrG,CAAC;QACH,CAAC;aAAM,IAAI,OAAO,CAAC,oBAAoB,EAAE,CAAC;YACxC,MAAM,IAAI,iBAAU,CAClB,4GAA4G,CAC7G,CAAA;QACH,CAAC;QAED,IAAI,YAAY,EAAE,CAAC;YACjB,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBACvB,MAAM,IAAI,iBAAU,CAClB,oJAAoJ,CACrJ,CAAA;YACH,CAAC;YAED,IAAI,CAAC,sBAAsB,CAAC,oBAAoB,EAAE,iBAAiB,CAAC,CAAA;QACtE,CAAC;QAED,MAAM,SAAS,GACb,YAAY,IAAI,iBAAiB;YAC/B,CAAC,CAAC,MAAM,IAAA,oCAA4B,EAAC,YAAY,EAAE,iBAAiB,CAAC;YACrE,CAAC,CAAC,SAAS,CAAA;QAEf,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,YAAY,CAAC,CAAA;QACjE,MAAM,sCAAsC,GAAG,MAAM,cAAc,CAAC,2BAA2B,CAC7F,oBAAoB,EACpB;YACE,SAAS;YACT,oBAAoB,EAAE,2BAA2B;YACjD,+FAA+F;YAC/F,QAAQ,EAAE,oBAAoB,CAAC,2BAA2B,CAAC,SAAS;SACrE,CACF,CAAA;QAED,MAAM,6BAA6B,GAAG,CAAC,0BAAkC,EAAE,EAAE;YAC3E,OAAO,KAAK,EAAE,IAGb,EAAE,EAAE;gBACH,MAAM,EAAE,4BAA4B,EAAE,oBAAoB,EAAE,GAAG,IAAI,CAAA;gBAEnE,MAAM,GAAG,GAAG,MAAM,kBAAE,CAAC,gCAAgC,CAAC,oBAAoB,CAAC,eAAe,CAAC,CAAA;gBAC3F,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC;oBACb,MAAM,IAAI,iBAAU,CAAC,qBAAqB,CAAC,CAAA;gBAC7C,CAAC;gBAED,MAAM,iBAAiB,GAAG,kBAAE,CAAC,oBAAoB,CAAC;oBAChD,eAAe,EAAE,oBAAoB,CAAC,eAAe;oBACrD,eAAe,EAAE;wBACf,6CAA6C,EAAE,CAAC,SAAS,CAAC;wBAC1D,6CAA6C,EAAE,CAAC,SAAS,EAAE,eAAe,CAAC;qBAC5E;iBACF,CAAC,CAAA;gBAEF,IAAI,iBAAiB,CAAC,IAAI,KAAK,WAAW,EAAE,CAAC;oBAC3C,MAAM,IAAI,iBAAU,CAAC,8CAA8C,CAAC,CAAA;gBACtE,CAAC;gBAED,2DAA2D;gBAC3D,MAAM,KAAK,GAAG,oBAAoB,CAAC,OAAO,EAAE,KAAK,CAAA;gBACjD,IAAI,CAAC,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;oBACxC,MAAM,IAAI,iBAAU,CAAC,gDAAgD,CAAC,CAAA;gBACxE,CAAC;gBAED,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,YAAY,EAAE;oBACvD,OAAO,EAAE,GAAc;oBACvB,OAAO,EAAE,4BAA4B;oBACrC,yBAAyB,EAAE,KAAK;oBAChC,GAAG,EAAE,iBAAiB,CAAC,eAAe,CAAC,oCAAoC;oBAC3E,GAAG,EAAE,iBAAiB,CAAC,eAAe,CAAC,oCAAoC;oBAC3E,0BAA0B;iBAC3B,CAAC,CAAA;gBAEF,OAAO,EAAE,QAAQ,EAAE,GAAG,EAAE,CAAA;YAC1B,CAAC,CAAA;QACH,CAAC,CAAA;QACD,MAAM,QAAQ,GAAG,MAAM,cAAc,CAAC,2BAA2B,CAC/D,sCAAsC,EACtC,6BAA6B,CAAC,0BAA0B,CAAC,CAC1D,CAAA;QACD,MAAM,YAAY,GAAG,MAAM,QAAQ;aAChC,KAAK,EAAE;aACP,IAAI,EAAE;aACN,KAAK,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAA;QACpB,MAAM,YAAY,GAAG,CAAC,MAAM,QAAQ;aACjC,KAAK,EAAE;aACP,IAAI,EAAE;aACN,KAAK,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAmC,CAAA;QAEvD,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,OAAO;gBACL,EAAE,EAAE,KAAK;gBACT,cAAc,EAAE;oBACd,MAAM,EAAE,QAAQ,CAAC,MAAM;oBACvB,IAAI,EAAE,YAAY,IAAI,YAAY;iBACnC;gBACD,iBAAiB,EAAE,sCAAsC,CAAC,QAAQ,CAAC,OAAO;aAClE,CAAA;QACZ,CAAC;QAED,OAAO;YACL,EAAE,EAAE,IAAI;YACR,cAAc,EAAE;gBACd,MAAM,EAAE,QAAQ,CAAC,MAAM;gBACvB,IAAI,EAAE,YAAY,IAAI,EAAE;aACzB;YACD,iBAAiB,EAAE,sCAAsC,CAAC,QAAQ,CAAC,OAAO;YAE1E,WAAW,EAAE,YAAY,EAAE,YAAkC;YAC7D,iCAAiC,EAAE,YAAY,EAAE,oCAA0D;SACnG,CAAA;IACZ,CAAC;IAEO,KAAK,CAAC,iBAAiB,CAAC,YAA0B,EAAE,mBAA8C;QACxG,MAAM,OAAO,GAAG,kBAAE,CAAC,OAAO,EAAE;aACzB,aAAa,CAAC,IAAI,CAAC;aACnB,UAAU,CAAC,2BAAW,CAAC,cAAc,CAAC;aACtC,gBAAgB,CAAC,4BAAY,CAAC,IAAI,CAAC;aACnC,qBAAqB,CAAC;YACrB,gCAAgB,CAAC,UAAU;YAC3B,gCAAgB,CAAC,qBAAqB;YACtC,gCAAgB,CAAC,qBAAqB;SACvC,CAAC;aACD,qBAAqB,CAAC,IAAA,4BAAoB,EAAC,YAAY,CAAC,CAAC;aACzD,qBAAqB,CAAC,IAAA,4BAAoB,EAAC,YAAY,EAAE,mBAAmB,CAAC,CAAC;aAC9E,UAAU,CAAC,aAAM,CAAC,IAAI,CAAC,CAAA;QAE1B,MAAM,cAAc,GAAG,OAAO,CAAC,KAAK,EAAE,CAAA;QAEtC,OAAO,cAAc,CAAA;IACvB,CAAC;IAEO,8CAA8C,CACpD,sBAA8C;QAE9C,IAAI,iBAAqC,CAAA;QAEzC,IAAI,sBAAsB,YAAY,sCAA+B,EAAE,CAAC;YACtE,MAAM,CAAC,UAAU,CAAC,GAAG,IAAA,cAAO,EAAC,sBAAsB,CAAC,KAAK,CAAC,CAAA;YAC1D,IAAI,CAAC,UAAU;gBAAE,MAAM,IAAI,iBAAU,CAAC,kDAAkD,CAAC,CAAA;YAEzF,IAAI,CAAC,UAAU,CAAC,kBAAkB,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;gBACtD,MAAM,IAAI,iBAAU,CAClB,iIAAiI,CAClI,CAAA;YACH,CAAC;YAED,iBAAiB,GAAG;gBAClB,MAAM,EAAE,KAAK;gBACb,MAAM,EAAE,UAAU,CAAC,kBAAkB;aACtC,CAAA;QACH,CAAC;aAAM,IAAI,sBAAsB,YAAY,mCAA4B,EAAE,CAAC;YAC1E,MAAM,GAAG,GAAG,sBAAsB,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAA;YAEjD,IAAI,CAAC,GAAG;gBAAE,MAAM,IAAI,iBAAU,CAAC,kEAAkE,CAAC,CAAA;YAClG,IAAI,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,sBAAsB,CAAC,YAAY,CAAC,QAAQ,EAAE,CAAC;gBACxE,iBAAiB,GAAG;oBAClB,MAAM,EAAE,GAAG,sBAAsB,CAAC,YAAY,CAAC,QAAQ,GAAG,GAAG,EAAE;oBAC/D,MAAM,EAAE,KAAK;iBACd,CAAA;YACH,CAAC;iBAAM,IAAI,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;gBAClC,iBAAiB,GAAG;oBAClB,MAAM,EAAE,GAAG;oBACX,MAAM,EAAE,KAAK;iBACd,CAAA;YACH,CAAC;iBAAM,CAAC;gBACN,MAAM,IAAI,iBAAU,CAClB,4IAA4I,CAC7I,CAAA;YACH,CAAC;QACH,CAAC;aAAM,IAAI,sBAAsB,YAAY,yBAAkB,EAAE,CAAC;YAChE,MAAM,IAAI,iBAAU,CAAC,qDAAqD,CAAC,CAAA;QAC7E,CAAC;aAAM,CAAC;YACN,MAAM,GAAG,GAAG,sBAAsB,CAAC,OAAO,CAAC,GAAG,CAAA;YAC9C,qFAAqF;YACrF,IACE,CAAC,GAAG;gBACJ,OAAO,GAAG,KAAK,QAAQ;gBACvB,CAAC,CAAC,KAAK,IAAI,GAAG,CAAC;gBACf,OAAO,GAAG,CAAC,GAAG,KAAK,QAAQ;gBAC3B,CAAC,GAAG,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC;gBAC3B,CAAC,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,EACtB,CAAC;gBACD,MAAM,IAAI,iBAAU,CAClB,+LAA+L,CAChM,CAAA;YACH,CAAC;YAED,iBAAiB,GAAG;gBAClB,MAAM,EAAE,GAAG,CAAC,GAAG;gBACf,MAAM,EAAE,KAAK;aACd,CAAA;QACH,CAAC;QAED,OAAO,iBAAiB,CAAA;IAC1B,CAAC;IAEO,sBAAsB,CAC5B,oBAAkD,EAClD,iBAAqC;QAErC,MAAM,2BAA2B,GAAG,oBAAoB,CAAC,2BAA2B,CAAC,8BAA8B,CAAA;QACnH,IAAI,CAAC,2BAA2B,EAAE,CAAC;YACjC,MAAM,IAAI,iBAAU,CAClB,gHAAgH,CACjH,CAAA;QACH,CAAC;QAED,IAAI,yBAAyB,GAAa,EAAE,CAAA;QAC5C,IAAI,iBAAiB,CAAC,MAAM,KAAK,KAAK,EAAE,CAAC;YACvC,MAAM,SAAS,GAAG,IAAA,eAAQ,EAAC,iBAAiB,CAAC,MAAM,CAAC,CAAA;YAEpD,8DAA8D;YAC9D,yBAAyB,GAAG,CAAC,OAAO,SAAS,CAAC,MAAM,EAAE,EAAE,KAAK,CAAC,CAAA;QAChE,CAAC;aAAM,IAAI,iBAAiB,CAAC,MAAM,KAAK,KAAK,EAAE,CAAC;YAC9C,yBAAyB,GAAG,CAAC,sCAAsC,CAAC,CAAA;QACtE,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,iBAAU,CAAC,uEAAuE,CAAC,CAAA;QAC/F,CAAC;QAED,+EAA+E;QAC/E,IAAI,CAAC,yBAAyB,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,2BAA2B,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC;YAChG,MAAM,IAAI,iBAAU,CAClB;gBACE,uEAAuE;gBACvE,oCAAoC,2BAA2B,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG;aAC9E,CAAC,IAAI,CAAC,IAAI,CAAC,CACb,CAAA;QACH,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,mBAAmB,CAC/B,YAA0B,EAC1B,OAOC;QAED,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,GAAG,OAAO,CAAA;QACpC,MAAM,GAAG,GAAG,IAAA,qBAAc,EAAC,OAAO,CAAC,CAAA;QACnC,MAAM,GAAG,GAAG,GAAG,CAAC,GAAG,CAAA;QAEnB,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,6BAA6B,EAAE,CAAC;YACvD,MAAM,IAAI,iBAAU,CAClB,sIAAsI,CACvI,CAAA;QACH,CAAC;QAED,IAAI,OAAO,CAAC,GAAG,KAAK,SAAS,EAAE,CAAC;YAC9B,MAAM,IAAI,iBAAU,CAAC,yEAAyE,CAAC,CAAA;QACjG,CAAC;QAED,IAAI,OAAO,CAAC,GAAG,KAAK,SAAS,IAAI,OAAO,CAAC,GAAG,KAAK,eAAe,EAAE,CAAC;YACjE,MAAM,IAAI,iBAAU,CAClB,8FAA8F,CAC/F,CAAA;QACH,CAAC;QAED,IAAI,GAAG,CAAC,OAAO,KAAK,cAAO,CAAC,IAAI,EAAE,CAAC;YACjC,MAAM,IAAI,iBAAU,CAAC,SAAS,cAAO,CAAC,IAAI,sDAAsD,CAAC,CAAA;QACnG,CAAC;QAED,MAAM,IAAI,GAAG,aAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAA;QACjD,MAAM,GAAG,GAAG,MAAM,YAAY,CAAC,MAAM,CAAC,6BAA6B,CAAC;YAClE,IAAI;YACJ,YAAY,EAAE,GAAG;YACjB,MAAM,EAAE;gBACN,GAAG,EAAE,OAAO,CAAC,GAAG;aACjB;YACD,mBAAmB,EAAE,OAAO,CAAC,GAAG;YAChC,GAAG,EAAE,wBAAiB,CAAC,WAAW,CAAC,wBAAiB,CAAC,UAAU,CAAC,OAAO,CAAC,0BAA0B,CAAC,CAAC;YACpG,GAAG,EAAE,wBAAiB,CAAC,WAAW,CAAC,wBAAiB,CAAC,UAAU,CAAC,OAAO,CAAC,yBAAyB,CAAC,CAAC;SACpG,CAAC,CAAA;QAEF,OAAO,GAAG,CAAA;IACZ,CAAC;CACF,CAAA;AA3XY,gEAA0B;qCAA1B,0BAA0B;IADtC,IAAA,iBAAU,GAAE;qCAE6C,qCAA8B;GAD3E,0BAA0B,CA2XtC"}