@credo-ts/openid4vc 0.6.0-pr-2392-20251010173905 → 0.6.0-pr-2457-20251016083534

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (163) hide show
  1. package/build/OpenId4VcApi.d.mts +1 -1
  2. package/build/OpenId4VcApi.d.ts +1 -1
  3. package/build/OpenId4VcApi.js +2 -2
  4. package/build/OpenId4VcApi.mjs +2 -2
  5. package/build/OpenId4VcModule.d.mts +1 -1
  6. package/build/OpenId4VcModule.d.ts +1 -1
  7. package/build/OpenId4VcModule.js +2 -2
  8. package/build/OpenId4VcModule.mjs +2 -2
  9. package/build/OpenId4VcModuleConfig.js +1 -1
  10. package/build/OpenId4VcModuleConfig.mjs +1 -1
  11. package/build/index.d.mts +15 -14
  12. package/build/index.d.ts +15 -14
  13. package/build/index.js +22 -15
  14. package/build/index.mjs +18 -17
  15. package/build/openid4vc-holder/OpenId4VcHolderApi.d.mts.map +1 -1
  16. package/build/openid4vc-holder/OpenId4VcHolderApi.d.ts.map +1 -1
  17. package/build/openid4vc-holder/OpenId4VcHolderApi.mjs.map +1 -1
  18. package/build/openid4vc-holder/OpenId4VciHolderService.d.mts.map +1 -1
  19. package/build/openid4vc-holder/OpenId4VciHolderService.d.ts.map +1 -1
  20. package/build/openid4vc-holder/OpenId4VciHolderService.js +11 -8
  21. package/build/openid4vc-holder/OpenId4VciHolderService.mjs +11 -8
  22. package/build/openid4vc-holder/OpenId4VciHolderService.mjs.map +1 -1
  23. package/build/openid4vc-holder/OpenId4VciHolderServiceOptions.d.mts.map +1 -1
  24. package/build/openid4vc-holder/OpenId4VciHolderServiceOptions.d.ts.map +1 -1
  25. package/build/openid4vc-holder/OpenId4VciHolderServiceOptions.mjs.map +1 -1
  26. package/build/openid4vc-holder/OpenId4vpHolderService.d.mts.map +1 -1
  27. package/build/openid4vc-holder/OpenId4vpHolderService.d.ts.map +1 -1
  28. package/build/openid4vc-holder/OpenId4vpHolderService.js +4 -4
  29. package/build/openid4vc-holder/OpenId4vpHolderService.mjs +4 -4
  30. package/build/openid4vc-holder/OpenId4vpHolderService.mjs.map +1 -1
  31. package/build/openid4vc-issuer/OpenId4VcIssuerApi.d.mts +5 -214
  32. package/build/openid4vc-issuer/OpenId4VcIssuerApi.d.mts.map +1 -1
  33. package/build/openid4vc-issuer/OpenId4VcIssuerApi.d.ts +5 -214
  34. package/build/openid4vc-issuer/OpenId4VcIssuerApi.d.ts.map +1 -1
  35. package/build/openid4vc-issuer/OpenId4VcIssuerApi.js +1 -1
  36. package/build/openid4vc-issuer/OpenId4VcIssuerApi.mjs +1 -1
  37. package/build/openid4vc-issuer/OpenId4VcIssuerApi.mjs.map +1 -1
  38. package/build/openid4vc-issuer/OpenId4VcIssuerModule.d.mts.map +1 -1
  39. package/build/openid4vc-issuer/OpenId4VcIssuerModule.d.ts.map +1 -1
  40. package/build/openid4vc-issuer/OpenId4VcIssuerModule.js +7 -7
  41. package/build/openid4vc-issuer/OpenId4VcIssuerModule.mjs +7 -7
  42. package/build/openid4vc-issuer/OpenId4VcIssuerModule.mjs.map +1 -1
  43. package/build/openid4vc-issuer/OpenId4VcIssuerModuleConfig.d.mts.map +1 -1
  44. package/build/openid4vc-issuer/OpenId4VcIssuerModuleConfig.d.ts.map +1 -1
  45. package/build/openid4vc-issuer/OpenId4VcIssuerModuleConfig.mjs.map +1 -1
  46. package/build/openid4vc-issuer/OpenId4VcIssuerService.d.mts +8 -218
  47. package/build/openid4vc-issuer/OpenId4VcIssuerService.d.mts.map +1 -1
  48. package/build/openid4vc-issuer/OpenId4VcIssuerService.d.ts +8 -218
  49. package/build/openid4vc-issuer/OpenId4VcIssuerService.d.ts.map +1 -1
  50. package/build/openid4vc-issuer/OpenId4VcIssuerService.js +18 -18
  51. package/build/openid4vc-issuer/OpenId4VcIssuerService.mjs +19 -19
  52. package/build/openid4vc-issuer/OpenId4VcIssuerService.mjs.map +1 -1
  53. package/build/openid4vc-issuer/OpenId4VcIssuerServiceOptions.d.mts +1 -1
  54. package/build/openid4vc-issuer/OpenId4VcIssuerServiceOptions.d.ts +1 -1
  55. package/build/openid4vc-issuer/index.js +2 -2
  56. package/build/openid4vc-issuer/index.mjs +2 -2
  57. package/build/openid4vc-issuer/repository/OpenId4VcIssuanceSessionRecord.d.mts +1 -1
  58. package/build/openid4vc-issuer/repository/OpenId4VcIssuanceSessionRecord.d.mts.map +1 -1
  59. package/build/openid4vc-issuer/repository/OpenId4VcIssuanceSessionRecord.d.ts +1 -1
  60. package/build/openid4vc-issuer/repository/OpenId4VcIssuanceSessionRecord.d.ts.map +1 -1
  61. package/build/openid4vc-issuer/repository/OpenId4VcIssuanceSessionRecord.js +1 -1
  62. package/build/openid4vc-issuer/repository/OpenId4VcIssuanceSessionRecord.mjs +1 -1
  63. package/build/openid4vc-issuer/repository/OpenId4VcIssuanceSessionRecord.mjs.map +1 -1
  64. package/build/openid4vc-issuer/repository/OpenId4VcIssuanceSessionRepository.js +1 -1
  65. package/build/openid4vc-issuer/repository/OpenId4VcIssuanceSessionRepository.mjs +1 -1
  66. package/build/openid4vc-issuer/repository/OpenId4VcIssuanceSessionRepository.mjs.map +1 -1
  67. package/build/openid4vc-issuer/repository/OpenId4VcIssuerRecord.d.mts.map +1 -1
  68. package/build/openid4vc-issuer/repository/OpenId4VcIssuerRecord.d.ts.map +1 -1
  69. package/build/openid4vc-issuer/repository/OpenId4VcIssuerRecord.mjs.map +1 -1
  70. package/build/openid4vc-issuer/repository/OpenId4VcIssuerRepository.js +1 -1
  71. package/build/openid4vc-issuer/repository/OpenId4VcIssuerRepository.mjs +1 -1
  72. package/build/openid4vc-issuer/repository/OpenId4VcIssuerRepository.mjs.map +1 -1
  73. package/build/openid4vc-issuer/repository/index.js +2 -2
  74. package/build/openid4vc-issuer/repository/index.mjs +2 -2
  75. package/build/openid4vc-issuer/router/accessTokenEndpoint.js +3 -4
  76. package/build/openid4vc-issuer/router/accessTokenEndpoint.mjs +3 -4
  77. package/build/openid4vc-issuer/router/accessTokenEndpoint.mjs.map +1 -1
  78. package/build/openid4vc-issuer/router/authorizationChallengeEndpoint.js +5 -6
  79. package/build/openid4vc-issuer/router/authorizationChallengeEndpoint.mjs +6 -7
  80. package/build/openid4vc-issuer/router/authorizationChallengeEndpoint.mjs.map +1 -1
  81. package/build/openid4vc-issuer/router/authorizationServerMetadataEndpoint.mjs.map +1 -1
  82. package/build/openid4vc-issuer/router/credentialEndpoint.js +5 -6
  83. package/build/openid4vc-issuer/router/credentialEndpoint.mjs +5 -6
  84. package/build/openid4vc-issuer/router/credentialEndpoint.mjs.map +1 -1
  85. package/build/openid4vc-issuer/router/credentialOfferEndpoint.js +2 -4
  86. package/build/openid4vc-issuer/router/credentialOfferEndpoint.mjs +3 -4
  87. package/build/openid4vc-issuer/router/credentialOfferEndpoint.mjs.map +1 -1
  88. package/build/openid4vc-issuer/router/deferredCredentialEndpoint.js +2 -4
  89. package/build/openid4vc-issuer/router/deferredCredentialEndpoint.mjs +3 -4
  90. package/build/openid4vc-issuer/router/deferredCredentialEndpoint.mjs.map +1 -1
  91. package/build/openid4vc-issuer/router/index.js +4 -4
  92. package/build/openid4vc-issuer/router/index.mjs +4 -4
  93. package/build/openid4vc-issuer/router/issuerMetadataEndpoint.mjs.map +1 -1
  94. package/build/openid4vc-issuer/router/jwksEndpoint.mjs.map +1 -1
  95. package/build/openid4vc-issuer/router/nonceEndpoint.mjs.map +1 -1
  96. package/build/openid4vc-verifier/OpenId4VcVerifierApi.d.mts +1 -1
  97. package/build/openid4vc-verifier/OpenId4VcVerifierApi.d.mts.map +1 -1
  98. package/build/openid4vc-verifier/OpenId4VcVerifierApi.d.ts +1 -1
  99. package/build/openid4vc-verifier/OpenId4VcVerifierApi.d.ts.map +1 -1
  100. package/build/openid4vc-verifier/OpenId4VcVerifierApi.js +1 -1
  101. package/build/openid4vc-verifier/OpenId4VcVerifierApi.mjs +1 -1
  102. package/build/openid4vc-verifier/OpenId4VcVerifierApi.mjs.map +1 -1
  103. package/build/openid4vc-verifier/OpenId4VcVerifierModule.d.mts.map +1 -1
  104. package/build/openid4vc-verifier/OpenId4VcVerifierModule.d.ts.map +1 -1
  105. package/build/openid4vc-verifier/OpenId4VcVerifierModule.js +2 -2
  106. package/build/openid4vc-verifier/OpenId4VcVerifierModule.mjs +2 -2
  107. package/build/openid4vc-verifier/OpenId4VcVerifierModule.mjs.map +1 -1
  108. package/build/openid4vc-verifier/OpenId4VpVerifierService.d.mts +3 -3
  109. package/build/openid4vc-verifier/OpenId4VpVerifierService.d.mts.map +1 -1
  110. package/build/openid4vc-verifier/OpenId4VpVerifierService.d.ts +3 -3
  111. package/build/openid4vc-verifier/OpenId4VpVerifierService.d.ts.map +1 -1
  112. package/build/openid4vc-verifier/OpenId4VpVerifierService.js +17 -17
  113. package/build/openid4vc-verifier/OpenId4VpVerifierService.mjs +17 -17
  114. package/build/openid4vc-verifier/OpenId4VpVerifierService.mjs.map +1 -1
  115. package/build/openid4vc-verifier/OpenId4VpVerifierServiceOptions.d.mts +1 -1
  116. package/build/openid4vc-verifier/OpenId4VpVerifierServiceOptions.d.ts +1 -1
  117. package/build/openid4vc-verifier/index.js +3 -3
  118. package/build/openid4vc-verifier/index.mjs +3 -3
  119. package/build/openid4vc-verifier/repository/OpenId4VcVerificationSessionRecord.d.mts +1 -1
  120. package/build/openid4vc-verifier/repository/OpenId4VcVerificationSessionRecord.d.mts.map +1 -1
  121. package/build/openid4vc-verifier/repository/OpenId4VcVerificationSessionRecord.d.ts +1 -1
  122. package/build/openid4vc-verifier/repository/OpenId4VcVerificationSessionRecord.d.ts.map +1 -1
  123. package/build/openid4vc-verifier/repository/OpenId4VcVerificationSessionRecord.mjs.map +1 -1
  124. package/build/openid4vc-verifier/repository/OpenId4VcVerificationSessionRepository.js +1 -1
  125. package/build/openid4vc-verifier/repository/OpenId4VcVerificationSessionRepository.mjs +1 -1
  126. package/build/openid4vc-verifier/repository/OpenId4VcVerificationSessionRepository.mjs.map +1 -1
  127. package/build/openid4vc-verifier/repository/OpenId4VcVerifierRecord.d.mts.map +1 -1
  128. package/build/openid4vc-verifier/repository/OpenId4VcVerifierRecord.d.ts.map +1 -1
  129. package/build/openid4vc-verifier/repository/OpenId4VcVerifierRecord.mjs.map +1 -1
  130. package/build/openid4vc-verifier/repository/OpenId4VcVerifierRepository.js +1 -1
  131. package/build/openid4vc-verifier/repository/OpenId4VcVerifierRepository.mjs +1 -1
  132. package/build/openid4vc-verifier/repository/OpenId4VcVerifierRepository.mjs.map +1 -1
  133. package/build/openid4vc-verifier/repository/index.js +2 -2
  134. package/build/openid4vc-verifier/repository/index.mjs +2 -2
  135. package/build/openid4vc-verifier/router/authorizationEndpoint.js +1 -1
  136. package/build/openid4vc-verifier/router/authorizationEndpoint.mjs +1 -1
  137. package/build/openid4vc-verifier/router/authorizationEndpoint.mjs.map +1 -1
  138. package/build/openid4vc-verifier/router/authorizationRequestEndpoint.js +1 -1
  139. package/build/openid4vc-verifier/router/authorizationRequestEndpoint.mjs +1 -1
  140. package/build/openid4vc-verifier/router/authorizationRequestEndpoint.mjs.map +1 -1
  141. package/build/shared/callbacks.d.mts +46 -0
  142. package/build/shared/callbacks.d.mts.map +1 -0
  143. package/build/shared/callbacks.d.ts +46 -0
  144. package/build/shared/callbacks.d.ts.map +1 -0
  145. package/build/shared/callbacks.js +5 -1
  146. package/build/shared/callbacks.mjs +1 -1
  147. package/build/shared/callbacks.mjs.map +1 -1
  148. package/build/shared/index.js +2 -1
  149. package/build/shared/index.mjs +2 -1
  150. package/build/shared/issuerMetadataUtils.d.mts +2 -258
  151. package/build/shared/issuerMetadataUtils.d.mts.map +1 -1
  152. package/build/shared/issuerMetadataUtils.d.ts +2 -258
  153. package/build/shared/issuerMetadataUtils.d.ts.map +1 -1
  154. package/build/shared/issuerMetadataUtils.mjs.map +1 -1
  155. package/build/shared/models/index.d.ts +1 -1
  156. package/build/shared/router/context.mjs.map +1 -1
  157. package/build/shared/router/index.js +1 -1
  158. package/build/shared/router/index.mjs +1 -1
  159. package/build/shared/router/tenants.mjs.map +1 -1
  160. package/build/shared/utils.js +0 -8
  161. package/build/shared/utils.mjs +1 -7
  162. package/build/shared/utils.mjs.map +1 -1
  163. package/package.json +8 -8
package/build/shared/router/context.mjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"context.mjs","names":[],"sources":["../../../src/shared/router/context.ts"],"sourcesContent":["import type { AgentContext, Logger } from '@credo-ts/core'\nimport type { Oauth2ErrorCodes, Oauth2ServerErrorResponseError } from '@openid4vc/oauth2'\nimport type { NextFunction, Request, Response } from 'express'\n\nimport { CredoError } from '@credo-ts/core'\nimport { Oauth2ResourceUnauthorizedError, SupportedAuthenticationScheme } from '@openid4vc/oauth2'\n\nexport interface OpenId4VcRequest<RC extends Record<string, unknown> = Record<string, never>> extends Request {\n requestContext?: RC & OpenId4VcRequestContext\n}\n\nexport interface OpenId4VcRequestContext {\n agentContext: AgentContext\n}\n\nexport function sendUnauthorizedError(\n response: Response,\n next: NextFunction,\n logger: Logger,\n error: unknown | Oauth2ResourceUnauthorizedError,\n status?: number\n) {\n const errorMessage = error instanceof Error ? error.message : error\n logger.warn(`[OID4VC] Sending authorization error response: ${JSON.stringify(errorMessage)}`, {\n error,\n })\n\n const unauhorizedError =\n error instanceof Oauth2ResourceUnauthorizedError\n ? error\n : new Oauth2ResourceUnauthorizedError('Unknown error occured', [\n { scheme: SupportedAuthenticationScheme.DPoP },\n { scheme: SupportedAuthenticationScheme.Bearer },\n ])\n\n response\n .setHeader('WWW-Authenticate', unauhorizedError.toHeaderValue())\n .status(status ?? 403)\n .send()\n next(error)\n}\n\nexport function sendOauth2ErrorResponse(\n response: Response,\n next: NextFunction,\n logger: Logger,\n error: Oauth2ServerErrorResponseError\n) {\n logger.warn(`[OID4VC] Sending oauth2 error response: ${JSON.stringify(error.message)}`, {\n error,\n })\n\n response.status(error.status).json(error.errorResponse)\n next(error)\n}\nexport function sendUnknownServerErrorResponse(\n response: Response,\n next: NextFunction,\n logger: Logger,\n error: unknown,\n additionalParams: Record<string, unknown> = {}\n) {\n logger.error('[OID4VC] Sending unknown server error response', {\n error,\n })\n\n response.status(500).json({\n error: 'server_error',\n ...additionalParams,\n })\n\n const throwError =\n error instanceof Error ? error : new CredoError('Unknown error in openid4vc error response handler')\n next(throwError)\n}\n\nexport function sendNotFoundResponse(response: Response, next: NextFunction, logger: Logger, internalReason: string) {\n logger.debug(`[OID4VC] Sending not found response: ${internalReason}`)\n\n response.status(404).send()\n next(new CredoError(internalReason))\n}\n\nexport function sendErrorResponse(\n response: Response,\n next: NextFunction,\n logger: Logger,\n status: number,\n errorCode: Oauth2ErrorCodes | string,\n errorDescription?: string,\n additionalPayload?: Record<string, unknown>,\n error?: Error\n) {\n const body = {\n error: errorCode,\n error_description: errorDescription,\n ...additionalPayload,\n }\n logger.warn(`[OID4VC] Sending error response: ${JSON.stringify(body)}`, {\n error,\n })\n\n response.status(status).json(body)\n\n const throwError =\n error instanceof Error ? error : new CredoError('Unknown error in openid4vc error response handler')\n next(throwError)\n}\n\nexport function sendJsonResponse(\n response: Response,\n next: NextFunction,\n // biome-ignore lint/suspicious/noExplicitAny: <explanation>\n body: any,\n contentType?: string,\n status?: number\n) {\n response\n .setHeader('Content-Type', contentType ?? 'application/json')\n .status(status ?? 200)\n .send(JSON.stringify(body))\n\n next()\n}\n\n// biome-ignore lint/suspicious/noExplicitAny: <explanation>\nexport function getRequestContext<T extends OpenId4VcRequest<any>>(request: T): NonNullable<T['requestContext']> {\n const requestContext = request.requestContext\n if (!requestContext) throw new CredoError('Request context not set.')\n\n return requestContext\n}\n"],"mappings":";;;;AAeA,SAAgB,sBACd,UACA,MACA,QACA,OACA,QACA;CACA,MAAM,eAAe,iBAAiB,QAAQ,MAAM,UAAU;AAC9D,QAAO,KAAK,kDAAkD,KAAK,UAAU,aAAa,IAAI,EAC5F,OACD,CAAC;CAEF,MAAM,mBACJ,iBAAiB,kCACb,QACA,IAAI,gCAAgC,yBAAyB,CAC3D,EAAE,QAAQ,8BAA8B,MAAM,EAC9C,EAAE,QAAQ,8BAA8B,QAAQ,CACjD,CAAC;AAER,UACG,UAAU,oBAAoB,iBAAiB,eAAe,CAAC,CAC/D,OAAO,UAAU,IAAI,CACrB,MAAM;AACT,MAAK,MAAM;;AAGb,SAAgB,wBACd,UACA,MACA,QACA,OACA;AACA,QAAO,KAAK,2CAA2C,KAAK,UAAU,MAAM,QAAQ,IAAI,EACtF,OACD,CAAC;AAEF,UAAS,OAAO,MAAM,OAAO,CAAC,KAAK,MAAM,cAAc;AACvD,MAAK,MAAM;;AAEb,SAAgB,+BACd,UACA,MACA,QACA,OACA,mBAA4C,EAAE,EAC9C;AACA,QAAO,MAAM,kDAAkD,EAC7D,OACD,CAAC;AAEF,UAAS,OAAO,IAAI,CAAC,KAAK;EACxB,OAAO;EACP,GAAG;EACJ,CAAC;AAIF,MADE,iBAAiB,QAAQ,QAAQ,IAAI,WAAW,oDAAoD,CACtF;;AAGlB,SAAgB,qBAAqB,UAAoB,MAAoB,QAAgB,gBAAwB;AACnH,QAAO,MAAM,wCAAwC,iBAAiB;AAEtE,UAAS,OAAO,IAAI,CAAC,MAAM;AAC3B,MAAK,IAAI,WAAW,eAAe,CAAC;;AAGtC,SAAgB,kBACd,UACA,MACA,QACA,QACA,WACA,kBACA,mBACA,OACA;CACA,MAAM,OAAO;EACX,OAAO;EACP,mBAAmB;EACnB,GAAG;EACJ;AACD,QAAO,KAAK,oCAAoC,KAAK,UAAU,KAAK,IAAI,EACtE,OACD,CAAC;AAEF,UAAS,OAAO,OAAO,CAAC,KAAK,KAAK;AAIlC,MADE,iBAAiB,QAAQ,QAAQ,IAAI,WAAW,oDAAoD,CACtF;;AAGlB,SAAgB,iBACd,UACA,MAEA,MACA,aACA,QACA;AACA,UACG,UAAU,gBAAgB,eAAe,mBAAmB,CAC5D,OAAO,UAAU,IAAI,CACrB,KAAK,KAAK,UAAU,KAAK,CAAC;AAE7B,OAAM;;AAIR,SAAgB,kBAAmD,SAA8C;CAC/G,MAAM,iBAAiB,QAAQ;AAC/B,KAAI,CAAC,eAAgB,OAAM,IAAI,WAAW,2BAA2B;AAErE,QAAO"}
1
+ {"version":3,"file":"context.mjs","names":[],"sources":["../../../src/shared/router/context.ts"],"sourcesContent":["import type { AgentContext, Logger } from '@credo-ts/core'\nimport { CredoError } from '@credo-ts/core'\nimport type { Oauth2ErrorCodes, Oauth2ServerErrorResponseError } from '@openid4vc/oauth2'\nimport { Oauth2ResourceUnauthorizedError, SupportedAuthenticationScheme } from '@openid4vc/oauth2'\nimport type { NextFunction, Request, Response } from 'express'\n\nexport interface OpenId4VcRequest<RC extends Record<string, unknown> = Record<string, never>> extends Request {\n requestContext?: RC & OpenId4VcRequestContext\n}\n\nexport interface OpenId4VcRequestContext {\n agentContext: AgentContext\n}\n\nexport function sendUnauthorizedError(\n response: Response,\n next: NextFunction,\n logger: Logger,\n error: unknown | Oauth2ResourceUnauthorizedError,\n status?: number\n) {\n const errorMessage = error instanceof Error ? error.message : error\n logger.warn(`[OID4VC] Sending authorization error response: ${JSON.stringify(errorMessage)}`, {\n error,\n })\n\n const unauhorizedError =\n error instanceof Oauth2ResourceUnauthorizedError\n ? error\n : new Oauth2ResourceUnauthorizedError('Unknown error occured', [\n { scheme: SupportedAuthenticationScheme.DPoP },\n { scheme: SupportedAuthenticationScheme.Bearer },\n ])\n\n response\n .setHeader('WWW-Authenticate', unauhorizedError.toHeaderValue())\n .status(status ?? 403)\n .send()\n next(error)\n}\n\nexport function sendOauth2ErrorResponse(\n response: Response,\n next: NextFunction,\n logger: Logger,\n error: Oauth2ServerErrorResponseError\n) {\n logger.warn(`[OID4VC] Sending oauth2 error response: ${JSON.stringify(error.message)}`, {\n error,\n })\n\n response.status(error.status).json(error.errorResponse)\n next(error)\n}\nexport function sendUnknownServerErrorResponse(\n response: Response,\n next: NextFunction,\n logger: Logger,\n error: unknown,\n additionalParams: Record<string, unknown> = {}\n) {\n logger.error('[OID4VC] Sending unknown server error response', {\n error,\n })\n\n response.status(500).json({\n error: 'server_error',\n ...additionalParams,\n })\n\n const throwError =\n error instanceof Error ? error : new CredoError('Unknown error in openid4vc error response handler')\n next(throwError)\n}\n\nexport function sendNotFoundResponse(response: Response, next: NextFunction, logger: Logger, internalReason: string) {\n logger.debug(`[OID4VC] Sending not found response: ${internalReason}`)\n\n response.status(404).send()\n next(new CredoError(internalReason))\n}\n\nexport function sendErrorResponse(\n response: Response,\n next: NextFunction,\n logger: Logger,\n status: number,\n errorCode: Oauth2ErrorCodes | string,\n errorDescription?: string,\n additionalPayload?: Record<string, unknown>,\n error?: Error\n) {\n const body = {\n error: errorCode,\n error_description: errorDescription,\n ...additionalPayload,\n }\n logger.warn(`[OID4VC] Sending error response: ${JSON.stringify(body)}`, {\n error,\n })\n\n response.status(status).json(body)\n\n const throwError =\n error instanceof Error ? error : new CredoError('Unknown error in openid4vc error response handler')\n next(throwError)\n}\n\nexport function sendJsonResponse(\n response: Response,\n next: NextFunction,\n // biome-ignore lint/suspicious/noExplicitAny: no explanation\n body: any,\n contentType?: string,\n status?: number\n) {\n response\n .setHeader('Content-Type', contentType ?? 'application/json')\n .status(status ?? 200)\n .send(JSON.stringify(body))\n\n next()\n}\n\n// biome-ignore lint/suspicious/noExplicitAny: no explanation\nexport function getRequestContext<T extends OpenId4VcRequest<any>>(request: T): NonNullable<T['requestContext']> {\n const requestContext = request.requestContext\n if (!requestContext) throw new CredoError('Request context not set.')\n\n return requestContext\n}\n"],"mappings":";;;;AAcA,SAAgB,sBACd,UACA,MACA,QACA,OACA,QACA;CACA,MAAM,eAAe,iBAAiB,QAAQ,MAAM,UAAU;AAC9D,QAAO,KAAK,kDAAkD,KAAK,UAAU,aAAa,IAAI,EAC5F,OACD,CAAC;CAEF,MAAM,mBACJ,iBAAiB,kCACb,QACA,IAAI,gCAAgC,yBAAyB,CAC3D,EAAE,QAAQ,8BAA8B,MAAM,EAC9C,EAAE,QAAQ,8BAA8B,QAAQ,CACjD,CAAC;AAER,UACG,UAAU,oBAAoB,iBAAiB,eAAe,CAAC,CAC/D,OAAO,UAAU,IAAI,CACrB,MAAM;AACT,MAAK,MAAM;;AAGb,SAAgB,wBACd,UACA,MACA,QACA,OACA;AACA,QAAO,KAAK,2CAA2C,KAAK,UAAU,MAAM,QAAQ,IAAI,EACtF,OACD,CAAC;AAEF,UAAS,OAAO,MAAM,OAAO,CAAC,KAAK,MAAM,cAAc;AACvD,MAAK,MAAM;;AAEb,SAAgB,+BACd,UACA,MACA,QACA,OACA,mBAA4C,EAAE,EAC9C;AACA,QAAO,MAAM,kDAAkD,EAC7D,OACD,CAAC;AAEF,UAAS,OAAO,IAAI,CAAC,KAAK;EACxB,OAAO;EACP,GAAG;EACJ,CAAC;AAIF,MADE,iBAAiB,QAAQ,QAAQ,IAAI,WAAW,oDAAoD,CACtF;;AAGlB,SAAgB,qBAAqB,UAAoB,MAAoB,QAAgB,gBAAwB;AACnH,QAAO,MAAM,wCAAwC,iBAAiB;AAEtE,UAAS,OAAO,IAAI,CAAC,MAAM;AAC3B,MAAK,IAAI,WAAW,eAAe,CAAC;;AAGtC,SAAgB,kBACd,UACA,MACA,QACA,QACA,WACA,kBACA,mBACA,OACA;CACA,MAAM,OAAO;EACX,OAAO;EACP,mBAAmB;EACnB,GAAG;EACJ;AACD,QAAO,KAAK,oCAAoC,KAAK,UAAU,KAAK,IAAI,EACtE,OACD,CAAC;AAEF,UAAS,OAAO,OAAO,CAAC,KAAK,KAAK;AAIlC,MADE,iBAAiB,QAAQ,QAAQ,IAAI,WAAW,oDAAoD,CACtF;;AAGlB,SAAgB,iBACd,UACA,MAEA,MACA,aACA,QACA;AACA,UACG,UAAU,gBAAgB,eAAe,mBAAmB,CAC5D,OAAO,UAAU,IAAI,CACrB,KAAK,KAAK,UAAU,KAAK,CAAC;AAE7B,OAAM;;AAIR,SAAgB,kBAAmD,SAA8C;CAC/G,MAAM,iBAAiB,QAAQ;AAC/B,KAAI,CAAC,eAAgB,OAAM,IAAI,WAAW,2BAA2B;AAErE,QAAO"}
package/build/shared/router/index.js CHANGED
@@ -1,3 +1,3 @@
1
- const require_express = require('./express.js');
2
1
  const require_context = require('./context.js');
2
+ const require_express = require('./express.js');
3
3
  const require_tenants = require('./tenants.js');
package/build/shared/router/index.mjs CHANGED
@@ -1,3 +1,3 @@
1
- import { importExpress } from "./express.mjs";
2
1
  import { getRequestContext, sendErrorResponse, sendJsonResponse, sendNotFoundResponse, sendOauth2ErrorResponse, sendUnauthorizedError, sendUnknownServerErrorResponse } from "./context.mjs";
2
+ import { importExpress } from "./express.mjs";
3
3
  import { getAgentContextForActorId, storeActorIdForContextCorrelationId } from "./tenants.mjs";
package/build/shared/router/tenants.mjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"tenants.mjs","names":[],"sources":["../../../src/shared/router/tenants.ts"],"sourcesContent":["import type { AgentContext, AgentContextProvider } from '@credo-ts/core'\nimport type { TenantsModule } from '@credo-ts/tenants'\n\nimport { InjectionSymbols, getApiForModuleByName } from '@credo-ts/core'\n\nconst OPENID4VC_ACTOR_IDS_METADATA_KEY = '_openid4vc/openId4VcActorIds'\n\nexport async function getAgentContextForActorId(rootAgentContext: AgentContext, actorId: string) {\n // Check if multi-tenancy is enabled, and if so find the associated multi-tenant record\n // This is a bit hacky as it uses the tenants module to store the openid4vc actor id\n // but this way we don't have to expose the contextCorrelationId in the openid metadata\n const tenantsApi = getApiForModuleByName<TenantsModule>(rootAgentContext, 'TenantsModule')\n if (tenantsApi) {\n const [tenant] = await tenantsApi.findTenantsByQuery({\n [OPENID4VC_ACTOR_IDS_METADATA_KEY]: [actorId],\n })\n\n if (tenant) {\n const agentContextProvider = rootAgentContext.dependencyManager.resolve<AgentContextProvider>(\n InjectionSymbols.AgentContextProvider\n )\n return agentContextProvider.getAgentContextForContextCorrelationId(`tenant-${tenant.id}`)\n }\n }\n\n return rootAgentContext\n}\n\n/**\n * Store the actor id associated with a context correlation id. If multi-tenancy is not used\n * this method won't do anything as we can just use the actor from the default context. However\n * if multi-tenancy is used, we will store the actor id in the tenant record metadata so it can\n * be queried when a request comes in for the specific actor id.\n *\n * The reason for doing this is that we don't want to expose the context correlation id in the\n * actor metadata url, as it is then possible to see exactly which actors are registered under\n * the same agent.\n */\nexport async function storeActorIdForContextCorrelationId(agentContext: AgentContext, actorId: string) {\n // It's kind of hacky, but we add support for the tenants module specifically here to map an actorId to\n // a specific tenant. Otherwise we have to expose /:contextCorrelationId/:actorId in all the public URLs\n // which is of course not so nice.\n const tenantsApi = getApiForModuleByName<TenantsModule>(agentContext, 'TenantsModule')\n\n // We don't want to query the tenant record if the current context is the root context\n if (tenantsApi && tenantsApi.rootAgentContext.contextCorrelationId !== agentContext.contextCorrelationId) {\n const tenantRecord = await tenantsApi.getTenantById(agentContext.contextCorrelationId.replace('tenant-', ''))\n\n const currentOpenId4VcActorIds = tenantRecord.metadata.get<string[]>(OPENID4VC_ACTOR_IDS_METADATA_KEY) ?? []\n const openId4VcActorIds = [...currentOpenId4VcActorIds, actorId]\n\n tenantRecord.metadata.set(OPENID4VC_ACTOR_IDS_METADATA_KEY, openId4VcActorIds)\n tenantRecord.setTag(OPENID4VC_ACTOR_IDS_METADATA_KEY, openId4VcActorIds)\n await tenantsApi.updateTenant(tenantRecord)\n }\n}\n"],"mappings":";;;AAKA,MAAM,mCAAmC;AAEzC,eAAsB,0BAA0B,kBAAgC,SAAiB;CAI/F,MAAM,aAAa,sBAAqC,kBAAkB,gBAAgB;AAC1F,KAAI,YAAY;EACd,MAAM,CAAC,UAAU,MAAM,WAAW,mBAAmB,GAClD,mCAAmC,CAAC,QAAQ,EAC9C,CAAC;AAEF,MAAI,OAIF,QAH6B,iBAAiB,kBAAkB,QAC9D,iBAAiB,qBAClB,CAC2B,uCAAuC,UAAU,OAAO,KAAK;;AAI7F,QAAO;;;;;;;;;;;;AAaT,eAAsB,oCAAoC,cAA4B,SAAiB;CAIrG,MAAM,aAAa,sBAAqC,cAAc,gBAAgB;AAGtF,KAAI,cAAc,WAAW,iBAAiB,yBAAyB,aAAa,sBAAsB;EACxG,MAAM,eAAe,MAAM,WAAW,cAAc,aAAa,qBAAqB,QAAQ,WAAW,GAAG,CAAC;EAG7G,MAAM,oBAAoB,CAAC,GADM,aAAa,SAAS,IAAc,iCAAiC,IAAI,EAAE,EACpD,QAAQ;AAEhE,eAAa,SAAS,IAAI,kCAAkC,kBAAkB;AAC9E,eAAa,OAAO,kCAAkC,kBAAkB;AACxE,QAAM,WAAW,aAAa,aAAa"}
1
+ {"version":3,"file":"tenants.mjs","names":[],"sources":["../../../src/shared/router/tenants.ts"],"sourcesContent":["import type { AgentContext, AgentContextProvider } from '@credo-ts/core'\nimport { getApiForModuleByName, InjectionSymbols } from '@credo-ts/core'\nimport type { TenantsModule } from '@credo-ts/tenants'\n\nconst OPENID4VC_ACTOR_IDS_METADATA_KEY = '_openid4vc/openId4VcActorIds'\n\nexport async function getAgentContextForActorId(rootAgentContext: AgentContext, actorId: string) {\n // Check if multi-tenancy is enabled, and if so find the associated multi-tenant record\n // This is a bit hacky as it uses the tenants module to store the openid4vc actor id\n // but this way we don't have to expose the contextCorrelationId in the openid metadata\n const tenantsApi = getApiForModuleByName<TenantsModule>(rootAgentContext, 'TenantsModule')\n if (tenantsApi) {\n const [tenant] = await tenantsApi.findTenantsByQuery({\n [OPENID4VC_ACTOR_IDS_METADATA_KEY]: [actorId],\n })\n\n if (tenant) {\n const agentContextProvider = rootAgentContext.dependencyManager.resolve<AgentContextProvider>(\n InjectionSymbols.AgentContextProvider\n )\n return agentContextProvider.getAgentContextForContextCorrelationId(`tenant-${tenant.id}`)\n }\n }\n\n return rootAgentContext\n}\n\n/**\n * Store the actor id associated with a context correlation id. If multi-tenancy is not used\n * this method won't do anything as we can just use the actor from the default context. However\n * if multi-tenancy is used, we will store the actor id in the tenant record metadata so it can\n * be queried when a request comes in for the specific actor id.\n *\n * The reason for doing this is that we don't want to expose the context correlation id in the\n * actor metadata url, as it is then possible to see exactly which actors are registered under\n * the same agent.\n */\nexport async function storeActorIdForContextCorrelationId(agentContext: AgentContext, actorId: string) {\n // It's kind of hacky, but we add support for the tenants module specifically here to map an actorId to\n // a specific tenant. Otherwise we have to expose /:contextCorrelationId/:actorId in all the public URLs\n // which is of course not so nice.\n const tenantsApi = getApiForModuleByName<TenantsModule>(agentContext, 'TenantsModule')\n\n // We don't want to query the tenant record if the current context is the root context\n if (tenantsApi && tenantsApi.rootAgentContext.contextCorrelationId !== agentContext.contextCorrelationId) {\n const tenantRecord = await tenantsApi.getTenantById(agentContext.contextCorrelationId.replace('tenant-', ''))\n\n const currentOpenId4VcActorIds = tenantRecord.metadata.get<string[]>(OPENID4VC_ACTOR_IDS_METADATA_KEY) ?? []\n const openId4VcActorIds = [...currentOpenId4VcActorIds, actorId]\n\n tenantRecord.metadata.set(OPENID4VC_ACTOR_IDS_METADATA_KEY, openId4VcActorIds)\n tenantRecord.setTag(OPENID4VC_ACTOR_IDS_METADATA_KEY, openId4VcActorIds)\n await tenantsApi.updateTenant(tenantRecord)\n }\n}\n"],"mappings":";;;AAIA,MAAM,mCAAmC;AAEzC,eAAsB,0BAA0B,kBAAgC,SAAiB;CAI/F,MAAM,aAAa,sBAAqC,kBAAkB,gBAAgB;AAC1F,KAAI,YAAY;EACd,MAAM,CAAC,UAAU,MAAM,WAAW,mBAAmB,GAClD,mCAAmC,CAAC,QAAQ,EAC9C,CAAC;AAEF,MAAI,OAIF,QAH6B,iBAAiB,kBAAkB,QAC9D,iBAAiB,qBAClB,CAC2B,uCAAuC,UAAU,OAAO,KAAK;;AAI7F,QAAO;;;;;;;;;;;;AAaT,eAAsB,oCAAoC,cAA4B,SAAiB;CAIrG,MAAM,aAAa,sBAAqC,cAAc,gBAAgB;AAGtF,KAAI,cAAc,WAAW,iBAAiB,yBAAyB,aAAa,sBAAsB;EACxG,MAAM,eAAe,MAAM,WAAW,cAAc,aAAa,qBAAqB,QAAQ,WAAW,GAAG,CAAC;EAG7G,MAAM,oBAAoB,CAAC,GADM,aAAa,SAAS,IAAc,iCAAiC,IAAI,EAAE,EACpD,QAAQ;AAEhE,eAAa,SAAS,IAAI,kCAAkC,kBAAkB;AAC9E,eAAa,OAAO,kCAAkC,kBAAkB;AACxE,QAAM,WAAW,aAAa,aAAa"}
package/build/shared/utils.js CHANGED
@@ -54,12 +54,6 @@ function getProofTypeFromPublicJwk(agentContext, key) {
54
54
  if (supportedSignatureSuites.length === 0) throw new __credo_ts_core.CredoError(`Couldn't find a supported signature suite for the given key ${key.jwkTypehumanDescription}.`);
55
55
  return supportedSignatureSuites[0].proofType;
56
56
  }
57
- function addSecondsToDate(date, seconds) {
58
- return new Date(date.getTime() + seconds * 1e3);
59
- }
60
- function dateToSeconds(date) {
61
- return Math.floor(date.getTime() / 1e3);
62
- }
63
57
  function dcqlCredentialQueryToPresentationFormat(credential) {
64
58
  switch (credential.format) {
65
59
  case "dc+sd-jwt": return __credo_ts_core.ClaimFormat.SdJwtDc;
@@ -73,8 +67,6 @@ function dcqlCredentialQueryToPresentationFormat(credential) {
73
67
  }
74
68
 
75
69
  //#endregion
76
- exports.addSecondsToDate = addSecondsToDate;
77
- exports.dateToSeconds = dateToSeconds;
78
70
  exports.dcqlCredentialQueryToPresentationFormat = dcqlCredentialQueryToPresentationFormat;
79
71
  exports.getProofTypeFromPublicJwk = getProofTypeFromPublicJwk;
80
72
  exports.getPublicJwkFromDid = getPublicJwkFromDid;
package/build/shared/utils.mjs CHANGED
@@ -52,12 +52,6 @@ function getProofTypeFromPublicJwk(agentContext, key) {
52
52
  if (supportedSignatureSuites.length === 0) throw new CredoError(`Couldn't find a supported signature suite for the given key ${key.jwkTypehumanDescription}.`);
53
53
  return supportedSignatureSuites[0].proofType;
54
54
  }
55
- function addSecondsToDate(date, seconds) {
56
- return new Date(date.getTime() + seconds * 1e3);
57
- }
58
- function dateToSeconds(date) {
59
- return Math.floor(date.getTime() / 1e3);
60
- }
61
55
  function dcqlCredentialQueryToPresentationFormat(credential) {
62
56
  switch (credential.format) {
63
57
  case "dc+sd-jwt": return ClaimFormat.SdJwtDc;
@@ -71,5 +65,5 @@ function dcqlCredentialQueryToPresentationFormat(credential) {
71
65
  }
72
66
 
73
67
  //#endregion
74
- export { addSecondsToDate, dateToSeconds, dcqlCredentialQueryToPresentationFormat, getProofTypeFromPublicJwk, getPublicJwkFromDid, getSupportedJwaSignatureAlgorithms, requestSignerToJwtIssuer };
68
+ export { dcqlCredentialQueryToPresentationFormat, getProofTypeFromPublicJwk, getPublicJwkFromDid, getSupportedJwaSignatureAlgorithms, requestSignerToJwtIssuer };
75
69
  //# sourceMappingURL=utils.mjs.map
package/build/shared/utils.mjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"utils.mjs","names":[],"sources":["../../src/shared/utils.ts"],"sourcesContent":["import { AgentContext, ClaimFormat, type DcqlQuery, type DidPurpose, Kms } from '@credo-ts/core'\nimport type { Jwk, JwtSigner, JwtSignerX5c } from '@openid4vc/oauth2'\nimport type { OpenId4VcJwtIssuer } from './models'\n\nimport {\n CredoError,\n DidsApi,\n SignatureSuiteRegistry,\n getDomainFromUrl,\n getPublicJwkFromVerificationMethod,\n} from '@credo-ts/core'\n\n/**\n * Returns the JWA Signature Algorithms that are supported by the wallet.\n */\nexport function getSupportedJwaSignatureAlgorithms(agentContext: AgentContext): Kms.KnownJwaSignatureAlgorithm[] {\n const kms = agentContext.resolve(Kms.KeyManagementApi)\n\n // If we can sign with an algorithm we assume it's supported (also for verification)\n const supportedJwaSignatureAlgorithms = Object.values(Kms.KnownJwaSignatureAlgorithms).filter(\n (algorithm) => kms.supportedBackendsForOperation({ operation: 'sign', algorithm }).length > 0\n )\n\n return supportedJwaSignatureAlgorithms\n}\n\nexport async function getPublicJwkFromDid(\n agentContext: AgentContext,\n didUrl: string,\n allowedPurposes: DidPurpose[] = ['authentication']\n) {\n const didsApi = agentContext.dependencyManager.resolve(DidsApi)\n const didDocument = await didsApi.resolveDidDocument(didUrl)\n const verificationMethod = didDocument.dereferenceKey(didUrl, allowedPurposes)\n\n return getPublicJwkFromVerificationMethod(verificationMethod)\n}\n\nexport async function requestSignerToJwtIssuer(\n agentContext: AgentContext,\n requestSigner: OpenId4VcJwtIssuer\n): Promise<Exclude<JwtSigner, JwtSignerX5c> | (JwtSignerX5c & { issuer: string })> {\n if (requestSigner.method === 'did') {\n const dids = agentContext.resolve(DidsApi)\n const { publicJwk } = await dids.resolveVerificationMethodFromCreatedDidRecord(requestSigner.didUrl)\n\n return {\n method: requestSigner.method,\n didUrl: requestSigner.didUrl,\n alg: publicJwk.signatureAlgorithm,\n kid: publicJwk.keyId,\n }\n }\n if (requestSigner.method === 'x5c') {\n const leafCertificate = requestSigner.x5c[0]\n if (!leafCertificate) {\n throw new CredoError('Unable to extract leaf certificate, x5c certificate chain is empty')\n }\n\n if (\n !requestSigner.issuer.startsWith('https://') &&\n !(requestSigner.issuer.startsWith('http://') && agentContext.config.allowInsecureHttpUrls)\n ) {\n throw new CredoError('The X509 certificate issuer must be a HTTPS URI.')\n }\n\n if (\n !leafCertificate.sanUriNames.includes(requestSigner.issuer) &&\n !leafCertificate.sanDnsNames.includes(getDomainFromUrl(requestSigner.issuer))\n ) {\n const sanUriMessage =\n leafCertificate.sanUriNames.length > 0\n ? `SAN-URI names are ${leafCertificate.sanUriNames.join(', ')}`\n : 'there are no SAN-URI names'\n const sanDnsMessage =\n leafCertificate.sanDnsNames.length > 0\n ? `SAN-DNS names are ${leafCertificate.sanDnsNames.join(', ')}`\n : 'there are no SAN-DNS names'\n throw new Error(\n `The 'iss' claim in the payload does not match a 'SAN-URI' or 'SAN-DNS' name in the x5c certificate. 'iss' value is '${requestSigner.issuer}', ${sanUriMessage}, ${sanDnsMessage} (for SAN-DNS only domain has to match)`\n )\n }\n\n return {\n ...requestSigner,\n x5c: requestSigner.x5c.map((certificate) => certificate.toString('base64')),\n alg: leafCertificate.publicJwk.signatureAlgorithm,\n kid: leafCertificate.publicJwk.keyId,\n }\n }\n if (requestSigner.method === 'jwk') {\n return {\n ...requestSigner,\n publicJwk: requestSigner.jwk.toJson() as Jwk,\n alg: requestSigner.jwk.signatureAlgorithm,\n }\n }\n\n throw new CredoError(`Unsupported jwt issuer method '${(requestSigner as OpenId4VcJwtIssuer).method}'`)\n}\n\nexport function getProofTypeFromPublicJwk(agentContext: AgentContext, key: Kms.PublicJwk) {\n const signatureSuiteRegistry = agentContext.dependencyManager.resolve(SignatureSuiteRegistry)\n\n const supportedSignatureSuites = signatureSuiteRegistry.getAllByPublicJwkType(key)\n if (supportedSignatureSuites.length === 0) {\n throw new CredoError(`Couldn't find a supported signature suite for the given key ${key.jwkTypehumanDescription}.`)\n }\n\n return supportedSignatureSuites[0].proofType\n}\n\nexport function addSecondsToDate(date: Date, seconds: number) {\n return new Date(date.getTime() + seconds * 1000)\n}\n\nexport function dateToSeconds(date: Date) {\n return Math.floor(date.getTime() / 1000)\n}\n\nexport function parseIfJson<T>(input: T): T | Record<string, unknown> {\n if (typeof input !== 'string') {\n return input\n }\n\n try {\n // Try to parse the string as JSON\n return JSON.parse(input)\n } catch (_error) {\n /* empty */\n }\n\n return input\n}\n\nexport function dcqlCredentialQueryToPresentationFormat(credential: DcqlQuery['credentials'][number]) {\n switch (credential.format) {\n case 'dc+sd-jwt':\n return ClaimFormat.SdJwtDc\n case 'vc+sd-jwt':\n if (credential.meta && 'type_values' in credential.meta) {\n return ClaimFormat.SdJwtW3cVp\n }\n\n return ClaimFormat.SdJwtDc\n case 'jwt_vc_json':\n return ClaimFormat.JwtVp\n case 'ldp_vc':\n return ClaimFormat.LdpVp\n case 'mso_mdoc':\n return ClaimFormat.MsoMdoc\n }\n}\n"],"mappings":";;;;;;AAeA,SAAgB,mCAAmC,cAA8D;CAC/G,MAAM,MAAM,aAAa,QAAQ,IAAI,iBAAiB;AAOtD,QAJwC,OAAO,OAAO,IAAI,4BAA4B,CAAC,QACpF,cAAc,IAAI,8BAA8B;EAAE,WAAW;EAAQ;EAAW,CAAC,CAAC,SAAS,EAC7F;;AAKH,eAAsB,oBACpB,cACA,QACA,kBAAgC,CAAC,iBAAiB,EAClD;AAKA,QAAO,oCAHa,MADJ,aAAa,kBAAkB,QAAQ,QAAQ,CAC7B,mBAAmB,OAAO,EACrB,eAAe,QAAQ,gBAAgB,CAEjB;;AAG/D,eAAsB,yBACpB,cACA,eACiF;AACjF,KAAI,cAAc,WAAW,OAAO;EAElC,MAAM,EAAE,cAAc,MADT,aAAa,QAAQ,QAAQ,CACT,8CAA8C,cAAc,OAAO;AAEpG,SAAO;GACL,QAAQ,cAAc;GACtB,QAAQ,cAAc;GACtB,KAAK,UAAU;GACf,KAAK,UAAU;GAChB;;AAEH,KAAI,cAAc,WAAW,OAAO;EAClC,MAAM,kBAAkB,cAAc,IAAI;AAC1C,MAAI,CAAC,gBACH,OAAM,IAAI,WAAW,qEAAqE;AAG5F,MACE,CAAC,cAAc,OAAO,WAAW,WAAW,IAC5C,EAAE,cAAc,OAAO,WAAW,UAAU,IAAI,aAAa,OAAO,uBAEpE,OAAM,IAAI,WAAW,mDAAmD;AAG1E,MACE,CAAC,gBAAgB,YAAY,SAAS,cAAc,OAAO,IAC3D,CAAC,gBAAgB,YAAY,SAAS,iBAAiB,cAAc,OAAO,CAAC,EAC7E;GACA,MAAM,gBACJ,gBAAgB,YAAY,SAAS,IACjC,qBAAqB,gBAAgB,YAAY,KAAK,KAAK,KAC3D;GACN,MAAM,gBACJ,gBAAgB,YAAY,SAAS,IACjC,qBAAqB,gBAAgB,YAAY,KAAK,KAAK,KAC3D;AACN,SAAM,IAAI,MACR,uHAAuH,cAAc,OAAO,KAAK,cAAc,IAAI,cAAc,yCAClL;;AAGH,SAAO;GACL,GAAG;GACH,KAAK,cAAc,IAAI,KAAK,gBAAgB,YAAY,SAAS,SAAS,CAAC;GAC3E,KAAK,gBAAgB,UAAU;GAC/B,KAAK,gBAAgB,UAAU;GAChC;;AAEH,KAAI,cAAc,WAAW,MAC3B,QAAO;EACL,GAAG;EACH,WAAW,cAAc,IAAI,QAAQ;EACrC,KAAK,cAAc,IAAI;EACxB;AAGH,OAAM,IAAI,WAAW,kCAAmC,cAAqC,OAAO,GAAG;;AAGzG,SAAgB,0BAA0B,cAA4B,KAAoB;CAGxF,MAAM,2BAFyB,aAAa,kBAAkB,QAAQ,uBAAuB,CAErC,sBAAsB,IAAI;AAClF,KAAI,yBAAyB,WAAW,EACtC,OAAM,IAAI,WAAW,+DAA+D,IAAI,wBAAwB,GAAG;AAGrH,QAAO,yBAAyB,GAAG;;AAGrC,SAAgB,iBAAiB,MAAY,SAAiB;AAC5D,QAAO,IAAI,KAAK,KAAK,SAAS,GAAG,UAAU,IAAK;;AAGlD,SAAgB,cAAc,MAAY;AACxC,QAAO,KAAK,MAAM,KAAK,SAAS,GAAG,IAAK;;AAkB1C,SAAgB,wCAAwC,YAA8C;AACpG,SAAQ,WAAW,QAAnB;EACE,KAAK,YACH,QAAO,YAAY;EACrB,KAAK;AACH,OAAI,WAAW,QAAQ,iBAAiB,WAAW,KACjD,QAAO,YAAY;AAGrB,UAAO,YAAY;EACrB,KAAK,cACH,QAAO,YAAY;EACrB,KAAK,SACH,QAAO,YAAY;EACrB,KAAK,WACH,QAAO,YAAY"}
1
+ {"version":3,"file":"utils.mjs","names":[],"sources":["../../src/shared/utils.ts"],"sourcesContent":["import {\n AgentContext,\n ClaimFormat,\n CredoError,\n type DcqlQuery,\n type DidPurpose,\n DidsApi,\n getDomainFromUrl,\n getPublicJwkFromVerificationMethod,\n Kms,\n SignatureSuiteRegistry,\n} from '@credo-ts/core'\nimport type { Jwk, JwtSigner, JwtSignerX5c } from '@openid4vc/oauth2'\nimport type { OpenId4VcJwtIssuer } from './models'\n\n/**\n * Returns the JWA Signature Algorithms that are supported by the wallet.\n */\nexport function getSupportedJwaSignatureAlgorithms(agentContext: AgentContext): Kms.KnownJwaSignatureAlgorithm[] {\n const kms = agentContext.resolve(Kms.KeyManagementApi)\n\n // If we can sign with an algorithm we assume it's supported (also for verification)\n const supportedJwaSignatureAlgorithms = Object.values(Kms.KnownJwaSignatureAlgorithms).filter(\n (algorithm) => kms.supportedBackendsForOperation({ operation: 'sign', algorithm }).length > 0\n )\n\n return supportedJwaSignatureAlgorithms\n}\n\nexport async function getPublicJwkFromDid(\n agentContext: AgentContext,\n didUrl: string,\n allowedPurposes: DidPurpose[] = ['authentication']\n) {\n const didsApi = agentContext.dependencyManager.resolve(DidsApi)\n const didDocument = await didsApi.resolveDidDocument(didUrl)\n const verificationMethod = didDocument.dereferenceKey(didUrl, allowedPurposes)\n\n return getPublicJwkFromVerificationMethod(verificationMethod)\n}\n\nexport async function requestSignerToJwtIssuer(\n agentContext: AgentContext,\n requestSigner: OpenId4VcJwtIssuer\n): Promise<Exclude<JwtSigner, JwtSignerX5c> | (JwtSignerX5c & { issuer: string })> {\n if (requestSigner.method === 'did') {\n const dids = agentContext.resolve(DidsApi)\n const { publicJwk } = await dids.resolveVerificationMethodFromCreatedDidRecord(requestSigner.didUrl)\n\n return {\n method: requestSigner.method,\n didUrl: requestSigner.didUrl,\n alg: publicJwk.signatureAlgorithm,\n kid: publicJwk.keyId,\n }\n }\n if (requestSigner.method === 'x5c') {\n const leafCertificate = requestSigner.x5c[0]\n if (!leafCertificate) {\n throw new CredoError('Unable to extract leaf certificate, x5c certificate chain is empty')\n }\n\n if (\n !requestSigner.issuer.startsWith('https://') &&\n !(requestSigner.issuer.startsWith('http://') && agentContext.config.allowInsecureHttpUrls)\n ) {\n throw new CredoError('The X509 certificate issuer must be a HTTPS URI.')\n }\n\n if (\n !leafCertificate.sanUriNames.includes(requestSigner.issuer) &&\n !leafCertificate.sanDnsNames.includes(getDomainFromUrl(requestSigner.issuer))\n ) {\n const sanUriMessage =\n leafCertificate.sanUriNames.length > 0\n ? `SAN-URI names are ${leafCertificate.sanUriNames.join(', ')}`\n : 'there are no SAN-URI names'\n const sanDnsMessage =\n leafCertificate.sanDnsNames.length > 0\n ? `SAN-DNS names are ${leafCertificate.sanDnsNames.join(', ')}`\n : 'there are no SAN-DNS names'\n throw new Error(\n `The 'iss' claim in the payload does not match a 'SAN-URI' or 'SAN-DNS' name in the x5c certificate. 'iss' value is '${requestSigner.issuer}', ${sanUriMessage}, ${sanDnsMessage} (for SAN-DNS only domain has to match)`\n )\n }\n\n return {\n ...requestSigner,\n x5c: requestSigner.x5c.map((certificate) => certificate.toString('base64')),\n alg: leafCertificate.publicJwk.signatureAlgorithm,\n kid: leafCertificate.publicJwk.keyId,\n }\n }\n if (requestSigner.method === 'jwk') {\n return {\n ...requestSigner,\n publicJwk: requestSigner.jwk.toJson() as Jwk,\n alg: requestSigner.jwk.signatureAlgorithm,\n }\n }\n\n throw new CredoError(`Unsupported jwt issuer method '${(requestSigner as OpenId4VcJwtIssuer).method}'`)\n}\n\nexport function getProofTypeFromPublicJwk(agentContext: AgentContext, key: Kms.PublicJwk) {\n const signatureSuiteRegistry = agentContext.dependencyManager.resolve(SignatureSuiteRegistry)\n\n const supportedSignatureSuites = signatureSuiteRegistry.getAllByPublicJwkType(key)\n if (supportedSignatureSuites.length === 0) {\n throw new CredoError(`Couldn't find a supported signature suite for the given key ${key.jwkTypehumanDescription}.`)\n }\n\n return supportedSignatureSuites[0].proofType\n}\n\nexport function parseIfJson<T>(input: T): T | Record<string, unknown> {\n if (typeof input !== 'string') {\n return input\n }\n\n try {\n // Try to parse the string as JSON\n return JSON.parse(input)\n } catch (_error) {\n /* empty */\n }\n\n return input\n}\n\nexport function dcqlCredentialQueryToPresentationFormat(credential: DcqlQuery['credentials'][number]) {\n switch (credential.format) {\n case 'dc+sd-jwt':\n return ClaimFormat.SdJwtDc\n case 'vc+sd-jwt':\n if (credential.meta && 'type_values' in credential.meta) {\n return ClaimFormat.SdJwtW3cVp\n }\n\n return ClaimFormat.SdJwtDc\n case 'jwt_vc_json':\n return ClaimFormat.JwtVp\n case 'ldp_vc':\n return ClaimFormat.LdpVp\n case 'mso_mdoc':\n return ClaimFormat.MsoMdoc\n }\n}\n"],"mappings":";;;;;;AAkBA,SAAgB,mCAAmC,cAA8D;CAC/G,MAAM,MAAM,aAAa,QAAQ,IAAI,iBAAiB;AAOtD,QAJwC,OAAO,OAAO,IAAI,4BAA4B,CAAC,QACpF,cAAc,IAAI,8BAA8B;EAAE,WAAW;EAAQ;EAAW,CAAC,CAAC,SAAS,EAC7F;;AAKH,eAAsB,oBACpB,cACA,QACA,kBAAgC,CAAC,iBAAiB,EAClD;AAKA,QAAO,oCAHa,MADJ,aAAa,kBAAkB,QAAQ,QAAQ,CAC7B,mBAAmB,OAAO,EACrB,eAAe,QAAQ,gBAAgB,CAEjB;;AAG/D,eAAsB,yBACpB,cACA,eACiF;AACjF,KAAI,cAAc,WAAW,OAAO;EAElC,MAAM,EAAE,cAAc,MADT,aAAa,QAAQ,QAAQ,CACT,8CAA8C,cAAc,OAAO;AAEpG,SAAO;GACL,QAAQ,cAAc;GACtB,QAAQ,cAAc;GACtB,KAAK,UAAU;GACf,KAAK,UAAU;GAChB;;AAEH,KAAI,cAAc,WAAW,OAAO;EAClC,MAAM,kBAAkB,cAAc,IAAI;AAC1C,MAAI,CAAC,gBACH,OAAM,IAAI,WAAW,qEAAqE;AAG5F,MACE,CAAC,cAAc,OAAO,WAAW,WAAW,IAC5C,EAAE,cAAc,OAAO,WAAW,UAAU,IAAI,aAAa,OAAO,uBAEpE,OAAM,IAAI,WAAW,mDAAmD;AAG1E,MACE,CAAC,gBAAgB,YAAY,SAAS,cAAc,OAAO,IAC3D,CAAC,gBAAgB,YAAY,SAAS,iBAAiB,cAAc,OAAO,CAAC,EAC7E;GACA,MAAM,gBACJ,gBAAgB,YAAY,SAAS,IACjC,qBAAqB,gBAAgB,YAAY,KAAK,KAAK,KAC3D;GACN,MAAM,gBACJ,gBAAgB,YAAY,SAAS,IACjC,qBAAqB,gBAAgB,YAAY,KAAK,KAAK,KAC3D;AACN,SAAM,IAAI,MACR,uHAAuH,cAAc,OAAO,KAAK,cAAc,IAAI,cAAc,yCAClL;;AAGH,SAAO;GACL,GAAG;GACH,KAAK,cAAc,IAAI,KAAK,gBAAgB,YAAY,SAAS,SAAS,CAAC;GAC3E,KAAK,gBAAgB,UAAU;GAC/B,KAAK,gBAAgB,UAAU;GAChC;;AAEH,KAAI,cAAc,WAAW,MAC3B,QAAO;EACL,GAAG;EACH,WAAW,cAAc,IAAI,QAAQ;EACrC,KAAK,cAAc,IAAI;EACxB;AAGH,OAAM,IAAI,WAAW,kCAAmC,cAAqC,OAAO,GAAG;;AAGzG,SAAgB,0BAA0B,cAA4B,KAAoB;CAGxF,MAAM,2BAFyB,aAAa,kBAAkB,QAAQ,uBAAuB,CAErC,sBAAsB,IAAI;AAClF,KAAI,yBAAyB,WAAW,EACtC,OAAM,IAAI,WAAW,+DAA+D,IAAI,wBAAwB,GAAG;AAGrH,QAAO,yBAAyB,GAAG;;AAkBrC,SAAgB,wCAAwC,YAA8C;AACpG,SAAQ,WAAW,QAAnB;EACE,KAAK,YACH,QAAO,YAAY;EACrB,KAAK;AACH,OAAI,WAAW,QAAQ,iBAAiB,WAAW,KACjD,QAAO,YAAY;AAGrB,UAAO,YAAY;EACrB,KAAK,cACH,QAAO,YAAY;EACrB,KAAK,SACH,QAAO,YAAY;EACrB,KAAK,WACH,QAAO,YAAY"}
package/package.json CHANGED
@@ -8,7 +8,7 @@
8
8
  },
9
9
  "./package.json": "./package.json"
10
10
  },
11
- "version": "0.6.0-pr-2392-20251010173905",
11
+ "version": "0.6.0-pr-2457-20251016083534",
12
12
  "files": [
13
13
  "build"
14
14
  ],
@@ -29,19 +29,19 @@
29
29
  "dependencies": {
30
30
  "class-transformer": "0.5.1",
31
31
  "rxjs": "^7.8.2",
32
- "zod": "^3.25.56",
32
+ "zod": "^3.25.74",
33
33
  "@openid4vc/openid4vci": "0.3.0-alpha-20251001121503",
34
34
  "@openid4vc/oauth2": "0.3.0-alpha-20251001121503",
35
35
  "@openid4vc/openid4vp": "0.3.0-alpha-20251001121503",
36
36
  "@openid4vc/utils": "0.3.0-alpha-20251001121503",
37
- "@types/express": "^4.17.23",
38
- "express": "^4.21.2",
39
- "@credo-ts/core": "0.6.0-pr-2392-20251010173905"
37
+ "@types/express": "^5.0.3",
38
+ "express": "^5.1.0",
39
+ "@credo-ts/core": "0.6.0-pr-2457-20251016083534"
40
40
  },
41
41
  "devDependencies": {
42
- "nock": "^14.0.5",
43
- "typescript": "~5.8.3",
44
- "@credo-ts/tenants": "0.6.0-pr-2392-20251010173905"
42
+ "nock": "^14.0.10",
43
+ "typescript": "~5.9.3",
44
+ "@credo-ts/tenants": "0.6.0-pr-2457-20251016083534"
45
45
  },
46
46
  "scripts": {
47
47
  "build": "tsdown --config-loader unconfig"