@digitalbazaar/oid4-client 3.3.0 → 3.4.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/OID4Client.js +36 -14
- package/package.json +1 -1
package/lib/OID4Client.js
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
/*!
|
|
2
|
-
* Copyright (c) 2022-
|
|
2
|
+
* Copyright (c) 2022-2024 Digital Bazaar, Inc. All rights reserved.
|
|
3
3
|
*/
|
|
4
4
|
import {discoverIssuer, generateDIDProofJWT} from './util.js';
|
|
5
5
|
import {httpClient} from '@digitalbazaar/http-client';
|
|
@@ -19,7 +19,7 @@ export class OID4Client {
|
|
|
19
19
|
}
|
|
20
20
|
|
|
21
21
|
async requestCredential({
|
|
22
|
-
credentialDefinition, did, didProofSigner, agent
|
|
22
|
+
credentialDefinition, did, didProofSigner, agent, format = 'ldp_vc'
|
|
23
23
|
} = {}) {
|
|
24
24
|
const {issuerConfig, offer} = this;
|
|
25
25
|
let requests;
|
|
@@ -35,7 +35,7 @@ export class OID4Client {
|
|
|
35
35
|
}
|
|
36
36
|
} else {
|
|
37
37
|
requests = [{
|
|
38
|
-
format
|
|
38
|
+
format,
|
|
39
39
|
credential_definition: credentialDefinition
|
|
40
40
|
}];
|
|
41
41
|
}
|
|
@@ -43,7 +43,8 @@ export class OID4Client {
|
|
|
43
43
|
}
|
|
44
44
|
|
|
45
45
|
async requestCredentials({
|
|
46
|
-
requests, did, didProofSigner, agent,
|
|
46
|
+
requests, did, didProofSigner, agent, format = 'ldp_vc',
|
|
47
|
+
alwaysUseBatchEndpoint = false
|
|
47
48
|
} = {}) {
|
|
48
49
|
const {issuerConfig, offer} = this;
|
|
49
50
|
if(requests === undefined && offer) {
|
|
@@ -53,7 +54,7 @@ export class OID4Client {
|
|
|
53
54
|
}
|
|
54
55
|
requests.forEach(_assertRequest);
|
|
55
56
|
// set default `format`
|
|
56
|
-
requests = requests.map(r => ({format
|
|
57
|
+
requests = requests.map(r => ({format, ...r}));
|
|
57
58
|
|
|
58
59
|
try {
|
|
59
60
|
/* First send credential request(s) to DS without DID proof JWT, e.g.:
|
|
@@ -120,8 +121,17 @@ export class OID4Client {
|
|
|
120
121
|
}
|
|
121
122
|
break;
|
|
122
123
|
} catch(cause) {
|
|
124
|
+
// presentation is required to continue issuance
|
|
125
|
+
if(_isPresentationRequired(cause)) {
|
|
126
|
+
const {data: details} = cause;
|
|
127
|
+
const error = new Error('Presentation is required.', {cause});
|
|
128
|
+
error.name = 'NotAllowedError';
|
|
129
|
+
error.details = details;
|
|
130
|
+
throw error;
|
|
131
|
+
}
|
|
132
|
+
|
|
123
133
|
if(!_isMissingProofError(cause)) {
|
|
124
|
-
// non-specific error case
|
|
134
|
+
// other non-specific error case
|
|
125
135
|
throw cause;
|
|
126
136
|
}
|
|
127
137
|
|
|
@@ -310,10 +320,7 @@ function _assertRequest(request) {
|
|
|
310
320
|
if(!(request && typeof request === 'object')) {
|
|
311
321
|
throw new TypeError('"request" must be an object.');
|
|
312
322
|
}
|
|
313
|
-
const {credential_definition
|
|
314
|
-
if(format !== undefined && format !== 'ldp_vc') {
|
|
315
|
-
throw new TypeError('Credential request "format" must be "ldp_vc".');
|
|
316
|
-
}
|
|
323
|
+
const {credential_definition} = request;
|
|
317
324
|
if(!(credential_definition && typeof credential_definition === 'object')) {
|
|
318
325
|
throw new TypeError(
|
|
319
326
|
'Credential request "credential_definition" must be an object.');
|
|
@@ -337,7 +344,7 @@ function _isMissingProofError(error) {
|
|
|
337
344
|
Cache-Control: no-store
|
|
338
345
|
|
|
339
346
|
{
|
|
340
|
-
"error": "invalid_or_missing_proof" // or "invalid_proof"
|
|
347
|
+
"error": "invalid_or_missing_proof", // or "invalid_proof"
|
|
341
348
|
"error_description":
|
|
342
349
|
"Credential issuer requires proof element in Credential Request"
|
|
343
350
|
"c_nonce": "8YE9hCnyV2",
|
|
@@ -351,6 +358,24 @@ function _isMissingProofError(error) {
|
|
|
351
358
|
errorType === 'invalid_or_missing_proof');
|
|
352
359
|
}
|
|
353
360
|
|
|
361
|
+
function _isPresentationRequired(error) {
|
|
362
|
+
/* If OID4VP is required, delivery server sends, e.g.:
|
|
363
|
+
|
|
364
|
+
HTTP/1.1 400 Bad Request
|
|
365
|
+
Content-Type: application/json
|
|
366
|
+
Cache-Control: no-store
|
|
367
|
+
|
|
368
|
+
{
|
|
369
|
+
"error": "presentation_required",
|
|
370
|
+
"error_description":
|
|
371
|
+
"Credential issuer requires presentation before Credential Request"
|
|
372
|
+
"authorization_request": {...}
|
|
373
|
+
}
|
|
374
|
+
*/
|
|
375
|
+
const errorType = error.data?.error;
|
|
376
|
+
return error.status === 400 && errorType === 'presentation_required';
|
|
377
|
+
}
|
|
378
|
+
|
|
354
379
|
function _createCredentialRequestFromId({id, issuerConfig}) {
|
|
355
380
|
const {credentials_supported: supported = []} = issuerConfig;
|
|
356
381
|
const meta = supported.find(d => d.id === id);
|
|
@@ -362,9 +387,6 @@ function _createCredentialRequestFromId({id, issuerConfig}) {
|
|
|
362
387
|
throw new Error(
|
|
363
388
|
`Invalid supported credential "${id}"; "format" not specified.`);
|
|
364
389
|
}
|
|
365
|
-
if(format !== 'ldp_vc') {
|
|
366
|
-
throw new Error(`Unsupported "format" "${format}".`);
|
|
367
|
-
}
|
|
368
390
|
if(!(Array.isArray(credential_definition?.['@context']) &&
|
|
369
391
|
Array.isArray(credential_definition?.types))) {
|
|
370
392
|
throw new Error(
|