@eudiplo/sdk-core 1.15.2 → 1.18.0

package/dist/index.js

@@ -744,10 +744,14 @@ var createClient = (config = {}) => {
         case "arrayBuffer":
         case "blob":
         case "formData":
-        case "json":
         case "text":
           data = await response[parseAs]();
           break;
+        case "json": {
+          const text = await response.text();
+          data = text ? JSON.parse(text) : {};
+          break;
+        }
         case "stream":
           return opts.responseStyle === "data" ? response.body : {
             data: response.body,
@@ -929,6 +933,11 @@ var clientControllerGetClientSecret = (options) => (options.client ?? client).ge
   url: "/client/{id}/secret",
   ...options
 });
+var clientControllerRotateClientSecret = (options) => (options.client ?? client).post({
+  security: [{ scheme: "bearer", type: "http" }],
+  url: "/client/{id}/rotate-secret",
+  ...options
+});
 var keyControllerGetKeys = (options) => (options?.client ?? client).get({
   security: [{ scheme: "bearer", type: "http" }],
   url: "/key",
@@ -1148,6 +1157,14 @@ var credentialConfigControllerUpdateCredentialConfiguration = (options) => (opti
   }
 });
 var oid4VciControllerCredential = (options) => (options.client ?? client).post({ url: "/{tenantId}/vci/credential", ...options });
+var oid4VciControllerDeferredCredential = (options) => (options.client ?? client).post({
+  url: "/{tenantId}/vci/deferred_credential",
+  ...options,
+  headers: {
+    "Content-Type": "application/json",
+    ...options.headers
+  }
+});
 var oid4VciControllerNotifications = (options) => (options.client ?? client).post({
   url: "/{tenantId}/vci/notification",
   ...options,
@@ -1175,6 +1192,18 @@ var authorizeControllerAuthorizationChallengeEndpoint = (options) => (options.cl
     ...options.headers
   }
 });
+var interactiveAuthorizationControllerInteractiveAuthorization = (options) => (options.client ?? client).post({
+  url: "/{tenantId}/authorize/interactive",
+  ...options,
+  headers: {
+    "Content-Type": "application/json",
+    ...options.headers
+  }
+});
+var interactiveAuthorizationControllerCompleteWebAuth = (options) => (options.client ?? client).post({
+  url: "/{tenantId}/authorize/interactive/complete-web-auth/{authSession}",
+  ...options
+});
 var credentialOfferControllerGetOffer = (options) => (options.client ?? client).post({
   security: [{ scheme: "bearer", type: "http" }],
   url: "/issuer/offer",
@@ -1184,6 +1213,24 @@ var credentialOfferControllerGetOffer = (options) => (options.client ?? client).
     ...options.headers
   }
 });
+var deferredControllerCompleteDeferred = (options) => (options.client ?? client).post({
+  security: [{ scheme: "bearer", type: "http" }],
+  url: "/issuer/deferred/{transactionId}/complete",
+  ...options,
+  headers: {
+    "Content-Type": "application/json",
+    ...options.headers
+  }
+});
+var deferredControllerFailDeferred = (options) => (options.client ?? client).post({
+  security: [{ scheme: "bearer", type: "http" }],
+  url: "/issuer/deferred/{transactionId}/fail",
+  ...options,
+  headers: {
+    "Content-Type": "application/json",
+    ...options.headers
+  }
+});
 var oid4VciMetadataControllerVct = (options) => (options.client ?? client).get({ url: "/{tenantId}/credentials-metadata/vct/{id}", ...options });
 var wellKnownControllerIssuerMetadata0 = (options) => (options.client ?? client).get({ url: "/.well-known/openid-credential-issuer/{tenantId}", ...options });
 var wellKnownControllerIssuerMetadata1 = (options) => (options.client ?? client).get({ url: "/{tenantId}/.well-known/openid-credential-issuer", ...options });
@@ -1193,6 +1240,7 @@ var wellKnownControllerGetJwks0 = (options) => (options.client ?? client).get({
 var wellKnownControllerGetJwks1 = (options) => (options.client ?? client).get({ url: "/{tenantId}/.well-known/jwks.json", ...options });
 var oid4VpControllerGetRequestWithSession = (options) => (options.client ?? client).get({ url: "/{session}/oid4vp/request", ...options });
 var oid4VpControllerGetPostRequestWithSession = (options) => (options.client ?? client).post({ url: "/{session}/oid4vp/request", ...options });
+var oid4VpControllerGetRequestNoRedirectWithSession = (options) => (options.client ?? client).get({ url: "/{session}/oid4vp/request/no-redirect", ...options });
 var oid4VpControllerGetResponse = (options) => (options.client ?? client).post({
   url: "/{session}/oid4vp",
   ...options,
@@ -1201,6 +1249,43 @@ var oid4VpControllerGetResponse = (options) => (options.client ?? client).post({
     ...options.headers
   }
 });
+var registrarControllerDeleteConfig = (options) => (options?.client ?? client).delete({
+  security: [{ scheme: "bearer", type: "http" }],
+  url: "/registrar/config",
+  ...options
+});
+var registrarControllerGetConfig = (options) => (options?.client ?? client).get({
+  security: [{ scheme: "bearer", type: "http" }],
+  url: "/registrar/config",
+  ...options
+});
+var registrarControllerUpdateConfig = (options) => (options.client ?? client).patch({
+  security: [{ scheme: "bearer", type: "http" }],
+  url: "/registrar/config",
+  ...options,
+  headers: {
+    "Content-Type": "application/json",
+    ...options.headers
+  }
+});
+var registrarControllerCreateConfig = (options) => (options.client ?? client).post({
+  security: [{ scheme: "bearer", type: "http" }],
+  url: "/registrar/config",
+  ...options,
+  headers: {
+    "Content-Type": "application/json",
+    ...options.headers
+  }
+});
+var registrarControllerCreateAccessCertificate = (options) => (options.client ?? client).post({
+  security: [{ scheme: "bearer", type: "http" }],
+  url: "/registrar/access-certificate",
+  ...options,
+  headers: {
+    "Content-Type": "application/json",
+    ...options.headers
+  }
+});
 var presentationManagementControllerConfiguration = (options) => (options?.client ?? client).get({
   security: [{ scheme: "bearer", type: "http" }],
   url: "/verifier/config",
@@ -1234,6 +1319,26 @@ var presentationManagementControllerUpdateConfiguration = (options) => (options.
     ...options.headers
   }
 });
+var cacheControllerGetStats = (options) => (options?.client ?? client).get({
+  security: [{ scheme: "bearer", type: "http" }],
+  url: "/cache/stats",
+  ...options
+});
+var cacheControllerClearAllCaches = (options) => (options?.client ?? client).delete({
+  security: [{ scheme: "bearer", type: "http" }],
+  url: "/cache",
+  ...options
+});
+var cacheControllerClearTrustListCache = (options) => (options?.client ?? client).delete({
+  security: [{ scheme: "bearer", type: "http" }],
+  url: "/cache/trust-list",
+  ...options
+});
+var cacheControllerClearStatusListCache = (options) => (options?.client ?? client).delete({
+  security: [{ scheme: "bearer", type: "http" }],
+  url: "/cache/status-list",
+  ...options
+});
 var trustListControllerGetAllTrustLists = (options) => (options?.client ?? client).get({
   security: [{ scheme: "bearer", type: "http" }],
   url: "/trust-list",
@@ -1305,6 +1410,19 @@ var storageControllerUpload = (options) => (options.client ?? client).post({
 var storageControllerDownload = (options) => (options.client ?? client).get({ url: "/storage/{key}", ...options });
 
 // src/client.ts
+function isDcApiAvailable() {
+  return typeof navigator !== "undefined" && "credentials" in navigator && "get" in navigator.credentials && typeof window !== "undefined" && "DigitalCredential" in window;
+}
+function decodeJwtPayload(jwt) {
+  const parts = jwt.split(".");
+  if (parts.length !== 3) {
+    throw new Error("Invalid JWT format");
+  }
+  const payload = parts[1];
+  const base64 = payload.replace(/-/g, "+").replace(/_/g, "/");
+  const jsonPayload = atob(base64);
+  return JSON.parse(jsonPayload);
+}
 var EudiploClient = class {
   config;
   accessToken;
@@ -1417,14 +1535,26 @@ var EudiploClient = class {
   /**
    * Create a presentation request (for verification).
    *
-   * @example
+   * Returns two URIs:
+   * - `uri`: For same-device flow (wallet on same device, redirect after completion)
+   * - `crossDeviceUri`: For cross-device flow (QR code, no redirect, poll for status)
+   *
+   * @example Same-device flow (wallet app on user's device)
    * ```typescript
-   * // Age verification
    * const { uri, sessionId } = await client.createPresentationRequest({
-   *   configId: 'age-over-18'
+   *   configId: 'age-over-18',
+   *   redirectUri: 'https://example.com/callback'
    * });
+   * // Redirect user to uri - wallet will redirect back after completion
+   * window.location.href = uri;
+   * ```
    *
-   * // Show QR code, wait for wallet to respond
+   * @example Cross-device flow (QR code scanned by separate device)
+   * ```typescript
+   * const { crossDeviceUri, sessionId } = await client.createPresentationRequest({
+   *   configId: 'age-over-18'
+   * });
+   * // Display crossDeviceUri as QR code, then poll for completion
    * const session = await client.waitForSession(sessionId);
    * ```
    */
@@ -1443,6 +1573,7 @@ var EudiploClient = class {
     }
     return {
       uri: response.data.uri,
+      crossDeviceUri: response.data.crossDeviceUri ?? response.data.uri,
       sessionId: response.data.session
     };
   }
@@ -1525,6 +1656,133 @@ var EudiploClient = class {
   getBaseUrl() {
     return this.config.baseUrl;
   }
+  // ==========================================================================
+  // Digital Credentials API Methods
+  // ==========================================================================
+  /**
+   * Create a presentation request configured for DC API usage.
+   * Returns a session with the signed request object needed for DC API.
+   *
+   * @example
+   * ```typescript
+   * const session = await client.createDcApiPresentationRequest({
+   *   configId: 'age-over-18'
+   * });
+   *
+   * // Use the requestObject with the DC API
+   * const result = await client.submitDcApiPresentation(session);
+   * ```
+   */
+  async createDcApiPresentationRequest(options) {
+    await this.ensureAuthenticated();
+    const body = {
+      response_type: "dc-api",
+      requestId: options.configId,
+      redirectUri: options.redirectUri
+    };
+    const response = await verifierOfferControllerGetOffer({
+      body
+    });
+    if (!response.data) {
+      throw new Error("Failed to create DC API presentation request");
+    }
+    return this.getSession(response.data.session);
+  }
+  /**
+   * Submit a presentation using the Digital Credentials API.
+   * This method handles the browser DC API call and submits the response to the verifier.
+   *
+   * @example
+   * ```typescript
+   * // Check if DC API is available
+   * if (!isDcApiAvailable()) {
+   *   throw new Error('DC API not supported in this browser');
+   * }
+   *
+   * const session = await client.createDcApiPresentationRequest({
+   *   configId: 'age-over-18'
+   * });
+   *
+   * const result = await client.submitDcApiPresentation(session);
+   * console.log('Verified credentials:', result.credentials);
+   * ```
+   */
+  async submitDcApiPresentation(session, options = {}) {
+    if (!isDcApiAvailable()) {
+      throw new Error(
+        "Digital Credentials API is not available in this browser. Please use a supported browser or fall back to QR code flow."
+      );
+    }
+    if (!session.requestObject) {
+      throw new Error(
+        'Session does not contain a requestObject. Make sure to create the session with response_type: "dc-api"'
+      );
+    }
+    const dcResponse = await navigator.credentials.get({
+      mediation: "required",
+      digital: {
+        requests: [
+          {
+            protocol: "openid4vp-v1-signed",
+            data: { request: session.requestObject }
+          }
+        ]
+      }
+    });
+    if (!dcResponse) {
+      throw new Error("No response from Digital Credentials API");
+    }
+    if (dcResponse.data?.error) {
+      throw new Error(
+        `Wallet error: ${dcResponse.data.error}${dcResponse.data.error_description ? ` - ${dcResponse.data.error_description}` : ""}`
+      );
+    }
+    const requestPayload = decodeJwtPayload(
+      session.requestObject
+    );
+    if (!requestPayload.response_uri) {
+      throw new Error("No response_uri found in request object");
+    }
+    const fetchImpl = this.config.fetch ?? fetch;
+    const submitResponse = await fetchImpl(requestPayload.response_uri, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json"
+      },
+      body: JSON.stringify({
+        ...dcResponse.data,
+        sendResponse: options.sendResponse ?? true
+      })
+    });
+    if (!submitResponse.ok) {
+      const errorText = await submitResponse.text();
+      throw new Error(
+        `Failed to submit presentation: ${submitResponse.status} ${errorText}`
+      );
+    }
+    const result = await submitResponse.json();
+    return {
+      credentials: result.credentials ?? result,
+      response: result,
+      redirectUri: result.redirect_uri
+    };
+  }
+  /**
+   * Convenience method to create a presentation request and immediately
+   * submit it using the Digital Credentials API.
+   *
+   * @example
+   * ```typescript
+   * const result = await client.verifyWithDcApi({
+   *   configId: 'age-over-18'
+   * });
+   * console.log('Verified:', result.credentials);
+   * ```
+   */
+  async verifyWithDcApi(options, dcOptions = {}) {
+    const session = await this.createDcApiPresentationRequest(options);
+    return this.submitDcApiPresentation(session, dcOptions);
+  }
 };
 async function verify(options) {
   const client2 = new EudiploClient({
@@ -1571,6 +1829,117 @@ async function issueAndWait(options) {
   options.onUri(uri);
   return waitForCompletion(options.polling);
 }
+async function verifyWithDcApi(options) {
+  const eudiploClient = new EudiploClient({
+    baseUrl: options.baseUrl,
+    clientId: options.clientId,
+    clientSecret: options.clientSecret
+  });
+  return eudiploClient.verifyWithDcApi(
+    {
+      configId: options.configId,
+      redirectUri: options.redirectUri
+    },
+    {
+      sendResponse: options.sendResponse
+    }
+  );
+}
+async function createDcApiRequest(options) {
+  const eudiploClient = new EudiploClient({
+    baseUrl: options.baseUrl,
+    clientId: options.clientId,
+    clientSecret: options.clientSecret
+  });
+  const session = await eudiploClient.createDcApiPresentationRequest({
+    configId: options.configId,
+    redirectUri: options.redirectUri
+  });
+  return {
+    session,
+    submit: (dcOptions) => eudiploClient.submitDcApiPresentation(session, {
+      sendResponse: options.sendResponse,
+      ...dcOptions
+    })
+  };
+}
+async function createDcApiRequestForBrowser(options) {
+  const eudiploClient = new EudiploClient({
+    baseUrl: options.baseUrl,
+    clientId: options.clientId,
+    clientSecret: options.clientSecret
+  });
+  const session = await eudiploClient.createDcApiPresentationRequest({
+    configId: options.configId,
+    redirectUri: options.redirectUri
+  });
+  if (!session.requestObject) {
+    throw new Error("Session does not contain a requestObject");
+  }
+  const requestPayload = decodeJwtPayload(
+    session.requestObject
+  );
+  if (!requestPayload.response_uri) {
+    throw new Error("No response_uri found in request object");
+  }
+  return {
+    requestObject: session.requestObject,
+    sessionId: session.id,
+    responseUri: requestPayload.response_uri
+  };
+}
+async function callDcApi(requestObject) {
+  if (!isDcApiAvailable()) {
+    throw new Error(
+      "Digital Credentials API is not available in this browser. Please use a supported browser or fall back to QR code flow."
+    );
+  }
+  const dcResponse = await navigator.credentials.get({
+    mediation: "required",
+    digital: {
+      requests: [
+        {
+          protocol: "openid4vp-v1-signed",
+          data: { request: requestObject }
+        }
+      ]
+    }
+  });
+  if (!dcResponse) {
+    throw new Error("No response from Digital Credentials API");
+  }
+  if (dcResponse.data?.error) {
+    throw new Error(
+      `Wallet error: ${dcResponse.data.error}${dcResponse.data.error_description ? ` - ${dcResponse.data.error_description}` : ""}`
+    );
+  }
+  return dcResponse.data;
+}
+async function submitDcApiWalletResponse(options) {
+  const fetchImpl = options.fetch ?? fetch;
+  const submitResponse = await fetchImpl(options.responseUri, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/json"
+    },
+    body: JSON.stringify({
+      ...options.walletResponse,
+      sendResponse: options.sendResponse ?? true
+    })
+  });
+  if (!submitResponse.ok) {
+    const errorText = await submitResponse.text();
+    throw new Error(
+      `Failed to submit presentation: ${submitResponse.status} ${errorText}`
+    );
+  }
+  const result = await submitResponse.json();
+  return {
+    credentials: result.credentials ?? result,
+    response: result,
+    redirectUri: result.redirect_uri
+  };
+}
 
 exports.EudiploClient = EudiploClient;
 exports.appControllerMain = appControllerMain;
@@ -1581,6 +1950,11 @@ exports.authorizeControllerAuthorizationChallengeEndpoint = authorizeControllerA
 exports.authorizeControllerAuthorize = authorizeControllerAuthorize;
 exports.authorizeControllerPar = authorizeControllerPar;
 exports.authorizeControllerToken = authorizeControllerToken;
+exports.cacheControllerClearAllCaches = cacheControllerClearAllCaches;
+exports.cacheControllerClearStatusListCache = cacheControllerClearStatusListCache;
+exports.cacheControllerClearTrustListCache = cacheControllerClearTrustListCache;
+exports.cacheControllerGetStats = cacheControllerGetStats;
+exports.callDcApi = callDcApi;
 exports.certControllerAddCertificate = certControllerAddCertificate;
 exports.certControllerDeleteCertificate = certControllerDeleteCertificate;
 exports.certControllerExportConfig = certControllerExportConfig;
@@ -1593,14 +1967,22 @@ exports.clientControllerDeleteClient = clientControllerDeleteClient;
 exports.clientControllerGetClient = clientControllerGetClient;
 exports.clientControllerGetClientSecret = clientControllerGetClientSecret;
 exports.clientControllerGetClients = clientControllerGetClients;
+exports.clientControllerRotateClientSecret = clientControllerRotateClientSecret;
 exports.clientControllerUpdateClient = clientControllerUpdateClient;
+exports.createDcApiRequest = createDcApiRequest;
+exports.createDcApiRequestForBrowser = createDcApiRequestForBrowser;
 exports.credentialConfigControllerDeleteIssuanceConfiguration = credentialConfigControllerDeleteIssuanceConfiguration;
 exports.credentialConfigControllerGetConfigById = credentialConfigControllerGetConfigById;
 exports.credentialConfigControllerGetConfigs = credentialConfigControllerGetConfigs;
 exports.credentialConfigControllerStoreCredentialConfiguration = credentialConfigControllerStoreCredentialConfiguration;
 exports.credentialConfigControllerUpdateCredentialConfiguration = credentialConfigControllerUpdateCredentialConfiguration;
 exports.credentialOfferControllerGetOffer = credentialOfferControllerGetOffer;
+exports.deferredControllerCompleteDeferred = deferredControllerCompleteDeferred;
+exports.deferredControllerFailDeferred = deferredControllerFailDeferred;
 exports.healthControllerCheck = healthControllerCheck;
+exports.interactiveAuthorizationControllerCompleteWebAuth = interactiveAuthorizationControllerCompleteWebAuth;
+exports.interactiveAuthorizationControllerInteractiveAuthorization = interactiveAuthorizationControllerInteractiveAuthorization;
+exports.isDcApiAvailable = isDcApiAvailable;
 exports.issuanceConfigControllerGetIssuanceConfigurations = issuanceConfigControllerGetIssuanceConfigurations;
 exports.issuanceConfigControllerStoreIssuanceConfiguration = issuanceConfigControllerStoreIssuanceConfiguration;
 exports.issue = issue;
@@ -1611,10 +1993,12 @@ exports.keyControllerGetKey = keyControllerGetKey;
 exports.keyControllerGetKeys = keyControllerGetKeys;
 exports.keyControllerUpdateKey = keyControllerUpdateKey;
 exports.oid4VciControllerCredential = oid4VciControllerCredential;
+exports.oid4VciControllerDeferredCredential = oid4VciControllerDeferredCredential;
 exports.oid4VciControllerNonce = oid4VciControllerNonce;
 exports.oid4VciControllerNotifications = oid4VciControllerNotifications;
 exports.oid4VciMetadataControllerVct = oid4VciMetadataControllerVct;
 exports.oid4VpControllerGetPostRequestWithSession = oid4VpControllerGetPostRequestWithSession;
+exports.oid4VpControllerGetRequestNoRedirectWithSession = oid4VpControllerGetRequestNoRedirectWithSession;
 exports.oid4VpControllerGetRequestWithSession = oid4VpControllerGetRequestWithSession;
 exports.oid4VpControllerGetResponse = oid4VpControllerGetResponse;
 exports.presentationManagementControllerConfiguration = presentationManagementControllerConfiguration;
@@ -1623,6 +2007,11 @@ exports.presentationManagementControllerGetConfiguration = presentationManagemen
 exports.presentationManagementControllerStorePresentationConfig = presentationManagementControllerStorePresentationConfig;
 exports.presentationManagementControllerUpdateConfiguration = presentationManagementControllerUpdateConfiguration;
 exports.prometheusControllerIndex = prometheusControllerIndex;
+exports.registrarControllerCreateAccessCertificate = registrarControllerCreateAccessCertificate;
+exports.registrarControllerCreateConfig = registrarControllerCreateConfig;
+exports.registrarControllerDeleteConfig = registrarControllerDeleteConfig;
+exports.registrarControllerGetConfig = registrarControllerGetConfig;
+exports.registrarControllerUpdateConfig = registrarControllerUpdateConfig;
 exports.sessionConfigControllerGetConfig = sessionConfigControllerGetConfig;
 exports.sessionConfigControllerResetConfig = sessionConfigControllerResetConfig;
 exports.sessionConfigControllerUpdateConfig = sessionConfigControllerUpdateConfig;
@@ -1642,6 +2031,7 @@ exports.statusListManagementControllerGetLists = statusListManagementControllerG
 exports.statusListManagementControllerUpdateList = statusListManagementControllerUpdateList;
 exports.storageControllerDownload = storageControllerDownload;
 exports.storageControllerUpload = storageControllerUpload;
+exports.submitDcApiWalletResponse = submitDcApiWalletResponse;
 exports.tenantControllerDeleteTenant = tenantControllerDeleteTenant;
 exports.tenantControllerGetTenant = tenantControllerGetTenant;
 exports.tenantControllerGetTenants = tenantControllerGetTenants;
@@ -1659,6 +2049,7 @@ exports.trustListPublicControllerGetTrustListJwt = trustListPublicControllerGetT
 exports.verifierOfferControllerGetOffer = verifierOfferControllerGetOffer;
 exports.verify = verify;
 exports.verifyAndWait = verifyAndWait;
+exports.verifyWithDcApi = verifyWithDcApi;
 exports.wellKnownControllerAuthzMetadata0 = wellKnownControllerAuthzMetadata0;
 exports.wellKnownControllerAuthzMetadata1 = wellKnownControllerAuthzMetadata1;
 exports.wellKnownControllerGetJwks0 = wellKnownControllerGetJwks0;