@eudiplo/sdk-core 1.14.0-main.cc24d2f → 1.14.0-main.cc2ac00

package/README.md

@@ -12,227 +12,102 @@ pnpm add @eudiplo/sdk-core
 yarn add @eudiplo/sdk-core
 ```
 
-## Quick Start - The Simplest Way
-
-### One-liner for Age Verification
+## Quick Start
 
 ```typescript
-import { verifyAndWait } from '@eudiplo/sdk-core';
+import { EudiploClient } from '@eudiplo/sdk-core';
 
-const session = await verifyAndWait({
+const client = new EudiploClient({
   baseUrl: 'https://eudiplo.example.com',
   clientId: 'my-demo',
   clientSecret: 'secret',
-  configId: 'age-over-18',
-  onUri: (uri) => showQRCode(uri), // Your QR code display function
-  onUpdate: (s) => console.log('Status:', s.status),
 });
 
-console.log('Verified!', session.credentials);
-```
-
-### Two-step Flow (More Control)
-
-```typescript
-import { verify } from '@eudiplo/sdk-core';
-
-// Step 1: Create the request
-const { uri, sessionId, waitForCompletion } = await verify({
-  baseUrl: 'https://eudiplo.example.com',
-  clientId: 'my-demo',
-  clientSecret: 'secret',
+// Verification (QR flow)
+const verifyOffer = await client.createPresentationRequest({
   configId: 'age-over-18',
 });
+showQRCode(verifyOffer.uri);
+const verifiedSession = await client.waitForSession(verifyOffer.sessionId);
 
-// Step 2: Show QR code
-showQRCode(uri);
-
-// Step 3: Wait for user to scan and respond
-const session = await waitForCompletion();
-console.log('Verified credentials:', session.credentials);
-```
-
-### Credential Issuance
-
-```typescript
-import { issue } from '@eudiplo/sdk-core';
-
-const { uri, waitForCompletion } = await issue({
-  baseUrl: 'https://eudiplo.example.com',
-  clientId: 'my-demo',
-  clientSecret: 'secret',
+// Issuance (QR flow)
+const issuanceOffer = await client.createIssuanceOffer({
   credentialConfigurationIds: ['PID'],
   claims: {
     PID: { given_name: 'John', family_name: 'Doe', birthdate: '1990-01-15' },
   },
 });
-
-showQRCode(uri);
-await waitForCompletion();
+showQRCode(issuanceOffer.uri);
+await client.waitForSession(issuanceOffer.sessionId);
 ```
 
 ## Full API
 
-### Factory Functions (Easiest)
+### Class API
 
-| Function                 | Description                                                                               |
-| ------------------------ | ----------------------------------------------------------------------------------------- |
-| `verify(options)`        | Create a presentation request, returns `{ uri, sessionId, waitForCompletion, getStatus }` |
-| `issue(options)`         | Create an issuance offer, returns `{ uri, sessionId, waitForCompletion, getStatus }`      |
-| `verifyAndWait(options)` | One-liner: create request + wait for result                                               |
-| `issueAndWait(options)`  | One-liner: create offer + wait for result                                                 |
+Use `EudiploClient` methods directly:
+
+| Method                        | Description                                    |
+| ----------------------------- | ---------------------------------------------- |
+| `createPresentationRequest()` | Create verification request URI and session ID |
+| `createIssuanceOffer()`       | Create issuance offer URI and session ID       |
+| `waitForSession()`            | Poll session until terminal state              |
+| `subscribeToSession()`        | Subscribe via SSE                              |
+| `verifyWithDcApi()`           | Browser-native DC API end-to-end flow          |
 
 ### Digital Credentials API (Browser Native)
 
 The SDK includes utilities for the [Digital Credentials API](https://wicg.github.io/digital-credentials/), enabling browser-native credential presentation without QR codes.
 
 ```typescript
-import { isDcApiAvailable, verifyWithDcApi } from '@eudiplo/sdk-core';
+import { isDcApiAvailable, EudiploClient } from '@eudiplo/sdk-core';
+
+const client = new EudiploClient({
+  baseUrl: 'https://eudiplo.example.com',
+  clientId: 'my-demo',
+  clientSecret: 'secret',
+});
 
 // Check if browser supports DC API
 if (isDcApiAvailable()) {
-  const result = await verifyWithDcApi({
-    baseUrl: 'https://eudiplo.example.com',
-    clientId: 'my-demo',
-    clientSecret: 'secret',
+  const result = await client.verifyWithDcApi({
     configId: 'age-over-18',
   });
 
-  console.log('Verified!', result.session.credentials);
+  console.log('Verified!', result.credentials);
 } else {
-  // Fall back to QR code flow
-  const session = await verifyAndWait({...});
+  // Fall back to QR code flow using EudiploClient methods
 }
 ```
 
-#### DC API Functions
+#### DC API Methods
 
-| Function               | Description                                         |
-| ---------------------- | --------------------------------------------------- |
-| `isDcApiAvailable()`   | Check if browser supports Digital Credentials API   |
-| `verifyWithDcApi()`    | Complete verification flow using browser-native API |
-| `createDcApiRequest()` | Create a `DigitalCredentialRequestOptions` object   |
+| Method                                       | Description                                         |
+| -------------------------------------------- | --------------------------------------------------- |
+| `isDcApiAvailable()`                         | Check if browser supports Digital Credentials API   |
+| `client.verifyWithDcApi()`                   | Complete verification flow using browser-native API |
+| `client.createDcApiPresentationRequest(...)` | Create DC API session with request object           |
 
 #### Lower-level DC API Usage
 
 ```typescript
-import { createDcApiRequest, EudiploClient } from '@eudiplo/sdk-core';
+import { EudiploClient } from '@eudiplo/sdk-core';
 
 const client = new EudiploClient({...});
 
-// Create presentation request
-const { uri, sessionId } = await client.createPresentationRequest({
+// Create DC API session with request object
+const session = await client.createDcApiPresentationRequest({
   configId: 'age-over-18',
-  responseType: 'dc-api',
-});
-
-// Create the browser request object
-const request = createDcApiRequest(uri);
-
-// Call the browser API directly
-const credential = await navigator.credentials.get(request);
-
-// Submit the response and get verified session
-const session = await client.submitDcApiResponse(sessionId, credential);
-```
-
-#### Secure Server/Client Deployment (Recommended for Production)
-
-When deploying to production, you should **never expose your client credentials to the browser**. The SDK provides helper functions to split the DC API flow between your server (where credentials are safe) and the browser (where the DC API runs).
-
-**Server-side Functions:**
-
-| Function                         | Description                                            |
-| -------------------------------- | ------------------------------------------------------ |
-| `createDcApiRequestForBrowser()` | Create request on server, return safe data for browser |
-| `submitDcApiWalletResponse()`    | Submit wallet response to EUDIPLO from server          |
-
-**Browser-side Functions:**
-
-| Function      | Description                                            |
-| ------------- | ------------------------------------------------------ |
-| `callDcApi()` | Call the native DC API with a request from your server |
-
-##### Example: Express.js Backend + Browser Frontend
-
-**Server (Express.js / Next.js API route):**
-
-```typescript
-import {
-  createDcApiRequestForBrowser,
-  submitDcApiWalletResponse,
-} from '@eudiplo/sdk-core';
-
-// POST /api/start-verification
-app.post('/api/start-verification', async (req, res) => {
-  const requestData = await createDcApiRequestForBrowser({
-    baseUrl: process.env.EUDIPLO_URL,
-    clientId: process.env.EUDIPLO_CLIENT_ID, // ✅ Safe on server
-    clientSecret: process.env.EUDIPLO_SECRET, // ✅ Safe on server
-    configId: 'age-over-18',
-  });
-
-  // Only safe data is sent to browser (no secrets)
-  res.json(requestData);
-});
-
-// POST /api/complete-verification
-app.post('/api/complete-verification', async (req, res) => {
-  const { responseUri, walletResponse } = req.body;
-
-  const result = await submitDcApiWalletResponse({
-    responseUri,
-    walletResponse,
-    sendResponse: true, // Get verified claims back
-  });
-
-  // result.credentials contains the verified data
-  res.json(result);
 });
-```
-
-**Browser (React / vanilla JS):**
 
-```typescript
-import { callDcApi, isDcApiAvailable } from '@eudiplo/sdk-core';
-
-async function verifyAge() {
-  // 1. Get the request from your server (credentials stay on server)
-  const requestData = await fetch('/api/start-verification', {
-    method: 'POST',
-  }).then((r) => r.json());
-
-  // 2. Check DC API support and call it locally
-  if (!isDcApiAvailable()) {
-    throw new Error('Digital Credentials API not supported');
-  }
-
-  const walletResponse = await callDcApi(requestData.requestObject);
-
-  // 3. Send the wallet response back to your server for verification
-  const result = await fetch('/api/complete-verification', {
-    method: 'POST',
-    headers: { 'Content-Type': 'application/json' },
-    body: JSON.stringify({
-      responseUri: requestData.responseUri,
-      walletResponse,
-    }),
-  }).then((r) => r.json());
-
-  console.log('Verified!', result.credentials);
-  return result;
-}
+// Submit using the browser-native DC API end-to-end
+const result = await client.submitDcApiPresentation(session);
 ```
 
-**What stays where:**
+#### Secure Deployment Note
 
-| Data                           | Location         | Safe to expose?     |
-| ------------------------------ | ---------------- | ------------------- |
-| `clientId` / `clientSecret`    | Server only      | ❌ Never expose     |
-| `requestObject` (signed JWT)   | Server → Browser | ✅ Yes              |
-| `responseUri`                  | Server → Browser | ✅ Yes              |
-| Wallet response (encrypted VP) | Browser → Server | ✅ Yes              |
-| Verified credentials           | Server only      | Depends on use case |
+For production deployments, keep `clientId` and `clientSecret` on the server.
+Use `EudiploClient` methods to run the full flow (`createDcApiPresentationRequest` + `submitDcApiPresentation`) from trusted backend/application code.
 
 ### Class-based API (More Control)
 

package/dist/api/client/client.gen.d.mts

@@ -1,4 +1,4 @@
-import { b as Config, C as Client } from '../../types.gen-D8LjzWc0.mjs';
+import { b as Config, C as Client } from '../../types.gen-zNuA7BkO.mjs';
 
 declare const createClient: (config?: Config) => Client;
 

package/dist/api/client/client.gen.d.ts

@@ -1,4 +1,4 @@
-import { b as Config, C as Client } from '../../types.gen-D8LjzWc0.js';
+import { b as Config, C as Client } from '../../types.gen-zNuA7BkO.js';
 
 declare const createClient: (config?: Config) => Client;
 

package/dist/api/client/client.gen.js

@@ -1,7 +1,7 @@
 'use strict';
 
 // src/api/core/serverSentEvents.gen.ts
-var createSseClient = ({
+function createSseClient({
   onRequest,
   onSseError,
   onSseEvent,
@@ -13,7 +13,7 @@ var createSseClient = ({
   sseSleepFn,
   url,
   ...options
-}) => {
+}) {
   let lastEventId;
   const sleep = sseSleepFn ?? ((ms) => new Promise((resolve) => setTimeout(resolve, ms)));
   const createStream = async function* () {
@@ -41,10 +41,7 @@ var createSseClient = ({
         }
         const _fetch = options.fetch ?? globalThis.fetch;
         const response = await _fetch(request);
-        if (!response.ok)
-          throw new Error(
-            `SSE failed: ${response.status} ${response.statusText}`
-          );
+        if (!response.ok) throw new Error(`SSE failed: ${response.status} ${response.statusText}`);
         if (!response.body) throw new Error("No body in SSE response");
         const reader = response.body.pipeThrough(new TextDecoderStream()).getReader();
         let buffer = "";
@@ -60,7 +57,7 @@ var createSseClient = ({
             const { done, value } = await reader.read();
             if (done) break;
             buffer += value;
-            buffer = buffer.replace(/\r\n/g, "\n").replace(/\r/g, "\n");
+            buffer = buffer.replace(/\r\n?/g, "\n");
             const chunks = buffer.split("\n\n");
             buffer = chunks.pop() ?? "";
             for (const chunk of chunks) {
@@ -75,10 +72,7 @@ var createSseClient = ({
                 } else if (line.startsWith("id:")) {
                   lastEventId = line.replace(/^id:\s*/, "");
                 } else if (line.startsWith("retry:")) {
-                  const parsed = Number.parseInt(
-                    line.replace(/^retry:\s*/, ""),
-                    10
-                  );
+                  const parsed = Number.parseInt(line.replace(/^retry:\s*/, ""), 10);
                   if (!Number.isNaN(parsed)) {
                     retryDelay = parsed;
                   }
@@ -124,17 +118,14 @@ var createSseClient = ({
         if (sseMaxRetryAttempts !== void 0 && attempt >= sseMaxRetryAttempts) {
           break;
         }
-        const backoff = Math.min(
-          retryDelay * 2 ** (attempt - 1),
-          sseMaxRetryDelay ?? 3e4
-        );
+        const backoff = Math.min(retryDelay * 2 ** (attempt - 1), sseMaxRetryDelay ?? 3e4);
         await sleep(backoff);
       }
     }
   };
   const stream = createStream();
   return { stream };
-};
+}
 
 // src/api/core/pathSerializer.gen.ts
 var separatorArrayExplode = (style) => {
@@ -235,11 +226,7 @@ var serializeObjectParam = ({
   if (style !== "deepObject" && !explode) {
     let values = [];
     Object.entries(value).forEach(([key, v]) => {
-      values = [
-        ...values,
-        key,
-        allowReserved ? v : encodeURIComponent(v)
-      ];
+      values = [...values, key, allowReserved ? v : encodeURIComponent(v)];
     });
     const joinedValues2 = values.join(",");
     switch (style) {
@@ -290,10 +277,7 @@ var defaultPathSerializer = ({ path, url: _url }) => {
         continue;
       }
       if (Array.isArray(value)) {
-        url = url.replace(
-          match,
-          serializeArrayParam({ explode, name, style, value })
-        );
+        url = url.replace(match, serializeArrayParam({ explode, name, style, value }));
         continue;
       }
       if (typeof value === "object") {
@@ -381,10 +365,7 @@ var getAuthToken = async (auth, callback) => {
 
 // src/api/core/bodySerializer.gen.ts
 var jsonBodySerializer = {
-  bodySerializer: (body) => JSON.stringify(
-    body,
-    (_key, value) => typeof value === "bigint" ? value.toString() : value
-  )
+  bodySerializer: (body) => JSON.stringify(body, (_key, value) => typeof value === "bigint" ? value.toString() : value)
 };
 
 // src/api/client/utils.gen.ts
@@ -449,9 +430,7 @@ var getParseAs = (contentType) => {
   if (cleanContent === "multipart/form-data") {
     return "formData";
   }
-  if (["application/", "audio/", "image/", "video/"].some(
-    (type) => cleanContent.startsWith(type)
-  )) {
+  if (["application/", "audio/", "image/", "video/"].some((type) => cleanContent.startsWith(type))) {
     return "blob";
   }
   if (cleanContent.startsWith("text/")) {
@@ -468,11 +447,8 @@ var checkForExistence = (options, name) => {
   }
   return false;
 };
-var setAuthParams = async ({
-  security,
-  ...options
-}) => {
-  for (const auth of security) {
+async function setAuthParams(options) {
+  for (const auth of options.security ?? []) {
     if (checkForExistence(options, auth.name)) {
       continue;
     }
@@ -497,7 +473,7 @@ var setAuthParams = async ({
         break;
     }
   }
-};
+}
 var buildUrl = (options) => getUrl({
   baseUrl: options.baseUrl,
   path: options.path,
@@ -623,10 +599,7 @@ var createClient = (config = {}) => {
       serializedBody: void 0
     };
     if (opts.security) {
-      await setAuthParams({
-        ...opts,
-        security: opts.security
-      });
+      await setAuthParams(opts);
     }
     if (opts.requestValidator) {
       await opts.requestValidator(opts);
@@ -637,136 +610,121 @@ var createClient = (config = {}) => {
     if (opts.body === void 0 || opts.serializedBody === "") {
       opts.headers.delete("Content-Type");
     }
-    const url = buildUrl(opts);
-    return { opts, url };
+    const resolvedOpts = opts;
+    const url = buildUrl(resolvedOpts);
+    return { opts: resolvedOpts, url };
   };
   const request = async (options) => {
-    const { opts, url } = await beforeRequest(options);
-    const requestInit = {
-      redirect: "follow",
-      ...opts,
-      body: getValidRequestBody(opts)
-    };
-    let request2 = new Request(url, requestInit);
-    for (const fn of interceptors.request.fns) {
-      if (fn) {
-        request2 = await fn(request2, opts);
-      }
-    }
-    const _fetch = opts.fetch;
+    const throwOnError = options.throwOnError ?? _config.throwOnError;
+    const responseStyle = options.responseStyle ?? _config.responseStyle;
+    let request2;
     let response;
     try {
-      response = await _fetch(request2);
-    } catch (error2) {
-      let finalError2 = error2;
-      for (const fn of interceptors.error.fns) {
+      const { opts, url } = await beforeRequest(options);
+      const requestInit = {
+        redirect: "follow",
+        ...opts,
+        body: getValidRequestBody(opts)
+      };
+      request2 = new Request(url, requestInit);
+      for (const fn of interceptors.request.fns) {
         if (fn) {
-          finalError2 = await fn(
-            error2,
-            void 0,
-            request2,
-            opts
-          );
+          request2 = await fn(request2, opts);
         }
       }
-      finalError2 = finalError2 || {};
-      if (opts.throwOnError) {
-        throw finalError2;
+      const _fetch = opts.fetch;
+      response = await _fetch(request2);
+      for (const fn of interceptors.response.fns) {
+        if (fn) {
+          response = await fn(response, request2, opts);
+        }
       }
-      return opts.responseStyle === "data" ? void 0 : {
-        error: finalError2,
+      const result = {
         request: request2,
-        response: void 0
+        response
       };
-    }
-    for (const fn of interceptors.response.fns) {
-      if (fn) {
-        response = await fn(response, request2, opts);
-      }
-    }
-    const result = {
-      request: request2,
-      response
-    };
-    if (response.ok) {
-      const parseAs = (opts.parseAs === "auto" ? getParseAs(response.headers.get("Content-Type")) : opts.parseAs) ?? "json";
-      if (response.status === 204 || response.headers.get("Content-Length") === "0") {
-        let emptyData;
+      if (response.ok) {
+        const parseAs = (opts.parseAs === "auto" ? getParseAs(response.headers.get("Content-Type")) : opts.parseAs) ?? "json";
+        if (response.status === 204 || response.headers.get("Content-Length") === "0") {
+          let emptyData;
+          switch (parseAs) {
+            case "arrayBuffer":
+            case "blob":
+            case "text":
+              emptyData = await response[parseAs]();
+              break;
+            case "formData":
+              emptyData = new FormData();
+              break;
+            case "stream":
+              emptyData = response.body;
+              break;
+            case "json":
+            default:
+              emptyData = {};
+              break;
+          }
+          return opts.responseStyle === "data" ? emptyData : {
+            data: emptyData,
+            ...result
+          };
+        }
+        let data;
         switch (parseAs) {
           case "arrayBuffer":
           case "blob":
+          case "formData":
           case "text":
-            emptyData = await response[parseAs]();
+            data = await response[parseAs]();
             break;
-          case "formData":
-            emptyData = new FormData();
+          case "json": {
+            const text = await response.text();
+            data = text ? JSON.parse(text) : {};
             break;
+          }
           case "stream":
-            emptyData = response.body;
-            break;
-          case "json":
-          default:
-            emptyData = {};
-            break;
+            return opts.responseStyle === "data" ? response.body : {
+              data: response.body,
+              ...result
+            };
+        }
+        if (parseAs === "json") {
+          if (opts.responseValidator) {
+            await opts.responseValidator(data);
+          }
+          if (opts.responseTransformer) {
+            data = await opts.responseTransformer(data);
+          }
         }
-        return opts.responseStyle === "data" ? emptyData : {
-          data: emptyData,
+        return opts.responseStyle === "data" ? data : {
+          data,
           ...result
         };
       }
-      let data;
-      switch (parseAs) {
-        case "arrayBuffer":
-        case "blob":
-        case "formData":
-        case "text":
-          data = await response[parseAs]();
-          break;
-        case "json": {
-          const text = await response.text();
-          data = text ? JSON.parse(text) : {};
-          break;
-        }
-        case "stream":
-          return opts.responseStyle === "data" ? response.body : {
-            data: response.body,
-            ...result
-          };
+      const textError = await response.text();
+      let jsonError;
+      try {
+        jsonError = JSON.parse(textError);
+      } catch {
       }
-      if (parseAs === "json") {
-        if (opts.responseValidator) {
-          await opts.responseValidator(data);
-        }
-        if (opts.responseTransformer) {
-          data = await opts.responseTransformer(data);
+      throw jsonError ?? textError;
+    } catch (error) {
+      let finalError = error;
+      for (const fn of interceptors.error.fns) {
+        if (fn) {
+          finalError = await fn(finalError, response, request2, options);
         }
       }
-      return opts.responseStyle === "data" ? data : {
-        data,
-        ...result
-      };
-    }
-    const textError = await response.text();
-    let jsonError;
-    try {
-      jsonError = JSON.parse(textError);
-    } catch {
-    }
-    const error = jsonError ?? textError;
-    let finalError = error;
-    for (const fn of interceptors.error.fns) {
-      if (fn) {
-        finalError = await fn(error, response, request2, opts);
+      finalError = finalError || {};
+      if (throwOnError) {
+        throw finalError;
       }
+      return responseStyle === "data" ? void 0 : {
+        error: finalError,
+        request: request2,
+        response
+      };
     }
-    finalError = finalError || {};
-    if (opts.throwOnError) {
-      throw finalError;
-    }
-    return opts.responseStyle === "data" ? void 0 : {
-      error: finalError,
-      ...result
-    };
   };
   const makeMethodFn = (method) => (options) => request({ ...options, method });
   const makeSseFn = (method) => async (options) => {
@@ -774,7 +732,6 @@ var createClient = (config = {}) => {
     return createSseClient({
       ...opts,
       body: opts.body,
-      headers: opts.headers,
       method,
       onRequest: async (url2, init) => {
         let request2 = new Request(url2, init);
@@ -789,8 +746,9 @@ var createClient = (config = {}) => {
       url
     });
   };
+  const _buildUrl = (options) => buildUrl({ ..._config, ...options });
   return {
-    buildUrl,
+    buildUrl: _buildUrl,
     connect: makeMethodFn("CONNECT"),
     delete: makeMethodFn("DELETE"),
     get: makeMethodFn("GET"),