@digitalbazaar/oid4-client 5.2.0 → 5.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/lib/convert/index.js +2 -2
  2. package/lib/oid4vp/authorizationRequest.js +7 -2
  3. package/lib/oid4vp/authorizationResponse.js +2 -1
  4. package/lib/oid4vp/verifier.js +1 -1
  5. package/lib/query/dcql.js +2 -2
  6. package/lib/query/presentationExchange.js +1 -11
  7. package/package.json +1 -1
package/lib/convert/index.js CHANGED
@@ -92,7 +92,7 @@ export function fromVpr({
92
92
  const dcql_query = vprGroupsToDcqlQuery({
93
93
  groupMap, options: queryFormats.dcql === true ? {} : queryFormats.dcql
94
94
  });
95
- if(dcql_query) {
95
+ if(dcql_query?.credentials) {
96
96
  authorizationRequest.dcql_query = dcql_query;
97
97
  }
98
98
  }
@@ -286,7 +286,7 @@ function _fromDIDAuthenticationQuery({query, strict = false}) {
286
286
  };
287
287
  // compatibility with legacy cryptosuite
288
288
  if(cryptosuites.includes('Ed25519Signature2020')) {
289
- client_metadata.vp_formats.supported.ldp_vc
289
+ client_metadata.vp_formats_supported.ldp_vc
290
290
  .proof_type_values.push('Ed25519Signature2020');
291
291
  }
292
292
 
package/lib/oid4vp/authorizationRequest.js CHANGED
@@ -13,6 +13,9 @@ import {
13
13
  const REQUIRED_SIGNED_AUTHZ_REQUEST_CLIENT_ID_SCHEMES = new Set([
14
14
  'x509_san_dns', 'x509_hash', 'did', 'decentralized_identifier'
15
15
  ]);
16
+ const SUPPORTED_AUTHORIZATION_ENCRYPTED_RESPONSE_ENC = new Set([
17
+ 'A256GCM', 'A128GCM'
18
+ ]);
16
19
  const SUPPORTED_CLIENT_ID_SCHEMES = new Set([
17
20
  'redirect_uri',
18
21
  'x509_san_dns', 'x509_hash', 'did', 'decentralized_identifier'
@@ -177,10 +180,12 @@ export async function validate({authorizationRequest, expectedClientId}) {
177
180
  name: 'NotSupportedError'
178
181
  });
179
182
  }
180
- if(authorization_encrypted_response_enc !== 'A256GCM') {
183
+ if(!SUPPORTED_AUTHORIZATION_ENCRYPTED_RESPONSE_ENC.has(
184
+ authorization_encrypted_response_enc)) {
185
+ const supported = [...SUPPORTED_AUTHORIZATION_ENCRYPTED_RESPONSE_ENC];
181
186
  throw createNamedError({
182
187
  message: `"${authorization_encrypted_response_enc}" is not ` +
183
- 'supported; only "A256GCM" is supported.',
188
+ `supported; supported values are: ${supported.join(', ')}`,
184
189
  name: 'NotSupportedError'
185
190
  });
186
191
  }
package/lib/oid4vp/authorizationResponse.js CHANGED
@@ -239,7 +239,8 @@ async function _encrypt({
239
239
  };
240
240
  const jwt = await new EncryptJWT(claimSet)
241
241
  .setProtectedHeader({
242
- alg: 'ECDH-ES', enc: 'A256GCM',
242
+ alg: 'ECDH-ES',
243
+ enc: encryptionOptions?.enc ?? 'A256GCM',
243
244
  kid: recipientPublicJwk.kid
244
245
  })
245
246
  .setKeyManagementParameters(keyManagementParameters)
package/lib/oid4vp/verifier.js CHANGED
@@ -96,7 +96,7 @@ async function _decrypt({jwt, getDecryptParameters}) {
96
96
 
97
97
  return jwtDecrypt(jwt, getKey, {
98
98
  // only supported algorithms at this time:
99
- contentEncryptionAlgorithms: ['A256GCM'],
99
+ contentEncryptionAlgorithms: ['A256GCM', 'A128GCM'],
100
100
  keyManagementAlgorithms: ['ECDH-ES']
101
101
  });
102
102
  }
package/lib/query/dcql.js CHANGED
@@ -10,7 +10,7 @@ import jsonpointer from 'json-pointer';
10
10
  const MDOC_MDL = 'org.iso.18013.5.1.mDL';
11
11
 
12
12
  export function dcqlQueryToVprGroups({dcql_query} = {}) {
13
- const {credentials} = dcql_query;
13
+ const {credentials = []} = dcql_query;
14
14
  let {credential_sets: credentialSets} = dcql_query;
15
15
  if(!credentialSets) {
16
16
  credentialSets = [{
@@ -97,7 +97,7 @@ export function vprGroupsToDcqlQuery({groupMap, options = {}} = {}) {
97
97
  if(credentials.length > 0) {
98
98
  dcqlQuery.credentials = credentials;
99
99
  }
100
- if(credentialSets.length > 0) {
100
+ if(credentialSets[0].options?.length > 0) {
101
101
  dcqlQuery.credential_sets = credentialSets;
102
102
  }
103
103
 
package/lib/query/presentationExchange.js CHANGED
@@ -36,16 +36,6 @@ export function inputDescriptorToJsonPointerMap({inputDescriptor} = {}) {
36
36
  export function vprGroupsToPresentationDefinition({
37
37
  groupMap, prefixJwtVcPath
38
38
  } = {}) {
39
- // only a single `QueryByExample` is supported at this time; use last one
40
- const queryByExample = [...groupMap.values()]
41
- .filter(g => g.has('QueryByExample'))
42
- .map(g => g.get('QueryByExample'))
43
- .at(-1);
44
- if(!queryByExample) {
45
- // no presentation definition
46
- return;
47
- }
48
-
49
39
  const input_descriptors = [];
50
40
  const presentationDefinition = {
51
41
  id: crypto.randomUUID(),
@@ -57,7 +47,7 @@ export function vprGroupsToPresentationDefinition({
57
47
  for(const queries of groups) {
58
48
  // only `QueryByExample` is convertible
59
49
  const queryByExamples = queries.get('QueryByExample');
60
- if(!(queryByExamples?.length > 0)) {
50
+ if(!queryByExamples) {
61
51
  continue;
62
52
  }
63
53
 
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@digitalbazaar/oid4-client",
3
- "version": "5.2.0",
3
+ "version": "5.3.0",
4
4
  "description": "An OID4 (VC + VP) client",
5
5
  "homepage": "https://github.com/digitalbazaar/oid4-client",
6
6
  "author": {