npm - @eudiplo/sdk-core - Versions diffs - 4.4.0 → 4.5.0 - Mend

@eudiplo/sdk-core 4.4.0 → 4.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (28) hide show

package/README.md +45 -170
package/dist/api/client/client.gen.d.mts +1 -1
package/dist/api/client/client.gen.d.ts +1 -1
package/dist/api/client/client.gen.js +12 -44
package/dist/api/client/client.gen.mjs +12 -44
package/dist/api/client/index.d.mts +4 -4
package/dist/api/client/index.d.ts +4 -4
package/dist/api/client/index.js +18 -54
package/dist/api/client/index.mjs +18 -54
package/dist/api/client/types.gen.d.mts +1 -1
package/dist/api/client/types.gen.d.ts +1 -1
package/dist/api/client.gen.d.mts +2 -2
package/dist/api/client.gen.d.ts +2 -2
package/dist/api/client.gen.js +13 -47
package/dist/api/client.gen.mjs +13 -47
package/dist/api/index.d.mts +79 -75
package/dist/api/index.d.ts +79 -75
package/dist/api/index.js +108 -136
package/dist/api/index.mjs +106 -135
package/dist/index.d.mts +56 -295
package/dist/index.d.ts +56 -295
package/dist/index.js +389 -308
package/dist/index.mjs +381 -298
package/dist/{types.gen-DKrNRB-E.d.mts → types.gen-Cc6DtXw9.d.mts} +23 -23
package/dist/{types.gen-DKrNRB-E.d.ts → types.gen-Cc6DtXw9.d.ts} +23 -23
package/dist/{types.gen-DpwDhqbe.d.mts → types.gen-z3We9JHj.d.mts} +898 -787
package/dist/{types.gen-DpwDhqbe.d.ts → types.gen-z3We9JHj.d.ts} +898 -787
package/package.json +5 -3

package/dist/index.js CHANGED Viewed

@@ -27,10 +27,7 @@ var formDataBodySerializer = {
   }
 };
 var jsonBodySerializer = {
-  bodySerializer: (body) => JSON.stringify(
-    body,
-    (_key, value) => typeof value === "bigint" ? value.toString() : value
-  )
+  bodySerializer: (body) => JSON.stringify(body, (_key, value) => typeof value === "bigint" ? value.toString() : value)
 };
 // src/api/core/serverSentEvents.gen.ts
@@ -74,10 +71,7 @@ function createSseClient({
         }
         const _fetch = options.fetch ?? globalThis.fetch;
         const response = await _fetch(request);
-        if (!response.ok)
-          throw new Error(
-            `SSE failed: ${response.status} ${response.statusText}`
-          );
+        if (!response.ok) throw new Error(`SSE failed: ${response.status} ${response.statusText}`);
         if (!response.body) throw new Error("No body in SSE response");
         const reader = response.body.pipeThrough(new TextDecoderStream()).getReader();
         let buffer = "";
@@ -108,10 +102,7 @@ function createSseClient({
                 } else if (line.startsWith("id:")) {
                   lastEventId = line.replace(/^id:\s*/, "");
                 } else if (line.startsWith("retry:")) {
-                  const parsed = Number.parseInt(
-                    line.replace(/^retry:\s*/, ""),
-                    10
-                  );
+                  const parsed = Number.parseInt(line.replace(/^retry:\s*/, ""), 10);
                   if (!Number.isNaN(parsed)) {
                     retryDelay = parsed;
                   }
@@ -157,10 +148,7 @@ function createSseClient({
         if (sseMaxRetryAttempts !== void 0 && attempt >= sseMaxRetryAttempts) {
           break;
         }
-        const backoff = Math.min(
-          retryDelay * 2 ** (attempt - 1),
-          sseMaxRetryDelay ?? 3e4
-        );
+        const backoff = Math.min(retryDelay * 2 ** (attempt - 1), sseMaxRetryDelay ?? 3e4);
         await sleep(backoff);
       }
     }
@@ -268,11 +256,7 @@ var serializeObjectParam = ({
   if (style !== "deepObject" && !explode) {
     let values = [];
     Object.entries(value).forEach(([key, v]) => {
-      values = [
-        ...values,
-        key,
-        allowReserved ? v : encodeURIComponent(v)
-      ];
+      values = [...values, key, allowReserved ? v : encodeURIComponent(v)];
     });
     const joinedValues2 = values.join(",");
     switch (style) {
@@ -323,10 +307,7 @@ var defaultPathSerializer = ({ path, url: _url }) => {
         continue;
       }
       if (Array.isArray(value)) {
-        url = url.replace(
-          match,
-          serializeArrayParam({ explode, name, style, value })
-        );
+        url = url.replace(match, serializeArrayParam({ explode, name, style, value }));
         continue;
       }
       if (typeof value === "object") {
@@ -474,9 +455,7 @@ var getParseAs = (contentType) => {
   if (cleanContent === "multipart/form-data") {
     return "formData";
   }
-  if (["application/", "audio/", "image/", "video/"].some(
-    (type) => cleanContent.startsWith(type)
-  )) {
+  if (["application/", "audio/", "image/", "video/"].some((type) => cleanContent.startsWith(type))) {
     return "blob";
   }
   if (cleanContent.startsWith("text/")) {
@@ -493,11 +472,8 @@ var checkForExistence = (options, name) => {
   }
   return false;
 };
-var setAuthParams = async ({
-  security,
-  ...options
-}) => {
-  for (const auth of security) {
+async function setAuthParams(options) {
+  for (const auth of options.security ?? []) {
     if (checkForExistence(options, auth.name)) {
       continue;
     }
@@ -522,7 +498,7 @@ var setAuthParams = async ({
         break;
     }
   }
-};
+}
 var buildUrl = (options) => getUrl({
   baseUrl: options.baseUrl,
   path: options.path,
@@ -648,10 +624,7 @@ var createClient = (config = {}) => {
       serializedBody: void 0
     };
     if (opts.security) {
-      await setAuthParams({
-        ...opts,
-        security: opts.security
-      });
+      await setAuthParams(opts);
     }
     if (opts.requestValidator) {
       await opts.requestValidator(opts);
@@ -764,12 +737,7 @@ var createClient = (config = {}) => {
       let finalError = error;
       for (const fn of interceptors.error.fns) {
         if (fn) {
-          finalError = await fn(
-            finalError,
-            response,
-            request2,
-            options
-          );
+          finalError = await fn(finalError, response, request2, options);
         }
       }
       finalError = finalError || {};
@@ -834,9 +802,7 @@ var createClient = (config = {}) => {
 };
 // src/api/client.gen.ts
-var client = createClient(
-  createConfig({ throwOnError: true })
-);
+var client = createClient(createConfig({ throwOnError: true }));
 // src/api/sdk.gen.ts
 var appControllerGetVersion = (options) => (options?.client ?? client).get({
@@ -1119,18 +1085,81 @@ var credentialConfigControllerUpdateCredentialConfiguration = (options) => (opti
     ...options.headers
   }
 });
-var credentialConfigControllerSignSchemaMetaConfig = (options) => (options.client ?? client).post({
+var schemaMetadataControllerSignSchemaMetaConfig = (options) => (options.client ?? client).post({
+  security: [{ scheme: "bearer", type: "http" }],
+  url: "/api/schema-metadata/sign",
+  ...options,
+  headers: {
+    "Content-Type": "application/json",
+    ...options.headers
+  }
+});
+var schemaMetadataControllerSignVersionSchemaMetaConfig = (options) => (options.client ?? client).post({
+  security: [{ scheme: "bearer", type: "http" }],
+  url: "/api/schema-metadata/sign-version",
+  ...options,
+  headers: {
+    "Content-Type": "application/json",
+    ...options.headers
+  }
+});
+var schemaMetadataControllerGetVocabularies = (options) => (options?.client ?? client).get({
+  security: [{ scheme: "bearer", type: "http" }],
+  url: "/api/schema-metadata/vocabularies",
+  ...options
+});
+var schemaMetadataControllerFindAll = (options) => (options?.client ?? client).get({
+  security: [{ scheme: "bearer", type: "http" }],
+  url: "/api/schema-metadata",
+  ...options
+});
+var schemaMetadataControllerFindOne = (options) => (options.client ?? client).get({
+  security: [{ scheme: "bearer", type: "http" }],
+  url: "/api/schema-metadata/{id}",
+  ...options
+});
+var schemaMetadataControllerRemove = (options) => (options.client ?? client).delete({
+  security: [{ scheme: "bearer", type: "http" }],
+  url: "/api/schema-metadata/{id}/versions/{version}",
+  ...options
+});
+var schemaMetadataControllerUpdate = (options) => (options.client ?? client).patch({
   security: [{ scheme: "bearer", type: "http" }],
-  url: "/api/issuer/credentials/schema-metadata/sign",
+  url: "/api/schema-metadata/{id}/versions/{version}",
   ...options,
   headers: {
     "Content-Type": "application/json",
     ...options.headers
   }
 });
-var credentialConfigControllerSignVersionSchemaMetaConfig = (options) => (options.client ?? client).post({
+var schemaMetadataControllerGetLatest = (options) => (options.client ?? client).get({
+  security: [{ scheme: "bearer", type: "http" }],
+  url: "/api/schema-metadata/{id}/latest",
+  ...options
+});
+var schemaMetadataControllerGetVersions = (options) => (options.client ?? client).get({
+  security: [{ scheme: "bearer", type: "http" }],
+  url: "/api/schema-metadata/{id}/versions",
+  ...options
+});
+var schemaMetadataControllerGetJwt = (options) => (options.client ?? client).get({
+  security: [{ scheme: "bearer", type: "http" }],
+  url: "/api/schema-metadata/{id}/versions/{version}/jwt",
+  ...options
+});
+var schemaMetadataControllerExport = (options) => (options.client ?? client).get({
+  security: [{ scheme: "bearer", type: "http" }],
+  url: "/api/schema-metadata/{id}/versions/{version}/export",
+  ...options
+});
+var schemaMetadataControllerGetSchema = (options) => (options.client ?? client).get({
+  security: [{ scheme: "bearer", type: "http" }],
+  url: "/api/schema-metadata/{id}/versions/{version}/schemas/{format}",
+  ...options
+});
+var schemaMetadataControllerDeprecateVersion = (options) => (options.client ?? client).patch({
   security: [{ scheme: "bearer", type: "http" }],
-  url: "/api/issuer/credentials/schema-metadata/sign-version",
+  url: "/api/schema-metadata/{id}/versions/{version}/deprecation",
   ...options,
   headers: {
     "Content-Type": "application/json",
@@ -1251,6 +1280,26 @@ var trustListControllerGetTrustListVersion = (options) => (options.client ?? cli
   url: "/api/trust-list/{id}/versions/{versionId}",
   ...options
 });
+var cacheControllerGetStats = (options) => (options?.client ?? client).get({
+  security: [{ scheme: "bearer", type: "http" }],
+  url: "/api/cache/stats",
+  ...options
+});
+var cacheControllerClearAllCaches = (options) => (options?.client ?? client).delete({
+  security: [{ scheme: "bearer", type: "http" }],
+  url: "/api/cache",
+  ...options
+});
+var cacheControllerClearTrustListCache = (options) => (options?.client ?? client).delete({
+  security: [{ scheme: "bearer", type: "http" }],
+  url: "/api/cache/trust-list",
+  ...options
+});
+var cacheControllerClearStatusListCache = (options) => (options?.client ?? client).delete({
+  security: [{ scheme: "bearer", type: "http" }],
+  url: "/api/cache/status-list",
+  ...options
+});
 var presentationManagementControllerConfiguration = (options) => (options?.client ?? client).get({
   security: [{ scheme: "bearer", type: "http" }],
   url: "/api/verifier/config",
@@ -1312,26 +1361,6 @@ var presentationManagementControllerReissueRegistrationCertificate = (options) =
   url: "/api/verifier/config/{id}/registration-cert/reissue",
   ...options
 });
-var cacheControllerGetStats = (options) => (options?.client ?? client).get({
-  security: [{ scheme: "bearer", type: "http" }],
-  url: "/api/cache/stats",
-  ...options
-});
-var cacheControllerClearAllCaches = (options) => (options?.client ?? client).delete({
-  security: [{ scheme: "bearer", type: "http" }],
-  url: "/api/cache",
-  ...options
-});
-var cacheControllerClearTrustListCache = (options) => (options?.client ?? client).delete({
-  security: [{ scheme: "bearer", type: "http" }],
-  url: "/api/cache/trust-list",
-  ...options
-});
-var cacheControllerClearStatusListCache = (options) => (options?.client ?? client).delete({
-  security: [{ scheme: "bearer", type: "http" }],
-  url: "/api/cache/status-list",
-  ...options
-});
 var registrarControllerDeleteConfig = (options) => (options?.client ?? client).delete({
   security: [{ scheme: "bearer", type: "http" }],
   url: "/api/registrar/config",
@@ -1369,69 +1398,6 @@ var registrarControllerCreateAccessCertificate = (options) => (options.client ??
     ...options.headers
   }
 });
-var schemaMetadataControllerGetVocabularies = (options) => (options?.client ?? client).get({
-  security: [{ scheme: "bearer", type: "http" }],
-  url: "/api/schema-metadata/vocabularies",
-  ...options
-});
-var schemaMetadataControllerFindAll = (options) => (options?.client ?? client).get({
-  security: [{ scheme: "bearer", type: "http" }],
-  url: "/api/schema-metadata",
-  ...options
-});
-var schemaMetadataControllerFindOne = (options) => (options.client ?? client).get({
-  security: [{ scheme: "bearer", type: "http" }],
-  url: "/api/schema-metadata/{id}",
-  ...options
-});
-var schemaMetadataControllerRemove = (options) => (options.client ?? client).delete({
-  security: [{ scheme: "bearer", type: "http" }],
-  url: "/api/schema-metadata/{id}/versions/{version}",
-  ...options
-});
-var schemaMetadataControllerUpdate = (options) => (options.client ?? client).patch({
-  security: [{ scheme: "bearer", type: "http" }],
-  url: "/api/schema-metadata/{id}/versions/{version}",
-  ...options,
-  headers: {
-    "Content-Type": "application/json",
-    ...options.headers
-  }
-});
-var schemaMetadataControllerGetLatest = (options) => (options.client ?? client).get({
-  security: [{ scheme: "bearer", type: "http" }],
-  url: "/api/schema-metadata/{id}/latest",
-  ...options
-});
-var schemaMetadataControllerGetVersions = (options) => (options.client ?? client).get({
-  security: [{ scheme: "bearer", type: "http" }],
-  url: "/api/schema-metadata/{id}/versions",
-  ...options
-});
-var schemaMetadataControllerGetJwt = (options) => (options.client ?? client).get({
-  security: [{ scheme: "bearer", type: "http" }],
-  url: "/api/schema-metadata/{id}/versions/{version}/jwt",
-  ...options
-});
-var schemaMetadataControllerExport = (options) => (options.client ?? client).get({
-  security: [{ scheme: "bearer", type: "http" }],
-  url: "/api/schema-metadata/{id}/versions/{version}/export",
-  ...options
-});
-var schemaMetadataControllerGetSchema = (options) => (options.client ?? client).get({
-  security: [{ scheme: "bearer", type: "http" }],
-  url: "/api/schema-metadata/{id}/versions/{version}/schemas/{format}",
-  ...options
-});
-var schemaMetadataControllerDeprecateVersion = (options) => (options.client ?? client).patch({
-  security: [{ scheme: "bearer", type: "http" }],
-  url: "/api/schema-metadata/{id}/versions/{version}/deprecation",
-  ...options,
-  headers: {
-    "Content-Type": "application/json",
-    ...options.headers
-  }
-});
 var credentialOfferControllerGetOffer = (options) => (options.client ?? client).post({
   security: [{ scheme: "bearer", type: "http" }],
   url: "/api/issuer/offer",
@@ -1464,6 +1430,11 @@ var keyChainControllerGetProviders = (options) => (options?.client ?? client).ge
   url: "/api/key-chain/providers",
   ...options
 });
+var keyChainControllerGetProvidersHealth = (options) => (options?.client ?? client).get({
+  security: [{ scheme: "bearer", type: "http" }],
+  url: "/api/key-chain/providers/health",
+  ...options
+});
 var keyChainControllerGetAll = (options) => (options?.client ?? client).get({
   security: [{ scheme: "bearer", type: "http" }],
   url: "/api/key-chain",
@@ -1550,6 +1521,26 @@ function decodeJwtPayload(jwt) {
   const jsonPayload = atob(base64);
   return JSON.parse(jsonPayload);
 }
+function extractResponseUriFromRequestObject(requestObject) {
+  const requestPayload = decodeJwtPayload(requestObject);
+  if (!requestPayload.response_uri) {
+    throw new Error("No response_uri found in request object");
+  }
+  return requestPayload.response_uri;
+}
+function mapDcApiPresentationResult(result) {
+  let resolvedCredentials;
+  if (Array.isArray(result)) {
+    resolvedCredentials = result;
+  } else if (Array.isArray(result?.credentials)) {
+    resolvedCredentials = result.credentials;
+  }
+  return {
+    credentials: resolvedCredentials,
+    response: result,
+    redirectUri: result?.redirect_uri
+  };
+}
 var EudiploClient = class {
   config;
   accessToken;
@@ -1641,15 +1632,14 @@ var EudiploClient = class {
       tx_code: options.txCode
     };
     if (options.claims) {
-      body.credentialClaims = {
-        additionalProperties: void 0
-      };
+      const credentialClaims = {};
       for (const [configId, claims] of Object.entries(options.claims)) {
-        body.credentialClaims[configId] = {
+        credentialClaims[configId] = {
           type: "inline",
           claims
         };
       }
+      body.credentialClaims = credentialClaims;
     }
     const response = await credentialOfferControllerGetOffer({
       body
@@ -1690,10 +1680,12 @@ var EudiploClient = class {
    */
   async createPresentationRequest(options) {
     await this.ensureAuthenticated();
+    const inferredOrigin = options.origin ?? (typeof globalThis.location === "object" ? globalThis.location.origin : void 0);
     const body = {
       response_type: options.responseType ?? "uri",
       requestId: options.configId,
-      redirectUri: options.redirectUri
+      redirectUri: options.redirectUri,
+      expected_origin: options.responseType === "dc-api" ? inferredOrigin : void 0
     };
     const response = await verifierOfferControllerGetOffer({
       body
@@ -1911,10 +1903,12 @@ var EudiploClient = class {
    */
   async createDcApiPresentationRequest(options) {
     await this.ensureAuthenticated();
+    const inferredOrigin = options.origin ?? (typeof globalThis.location === "object" ? globalThis.location.origin : void 0);
     const body = {
       response_type: "dc-api",
       requestId: options.configId,
-      redirectUri: options.redirectUri
+      redirectUri: options.redirectUri,
+      expected_origin: inferredOrigin
     };
     const response = await verifierOfferControllerGetOffer({
       body
@@ -1922,7 +1916,34 @@ var EudiploClient = class {
     if (!response.data) {
       throw new Error("Failed to create DC API presentation request");
     }
-    return this.getSession(response.data.session);
+    const session = await this.getSession(response.data.session);
+    if (session.requestObject) {
+      return session;
+    }
+    const nonceOrId = session.walletNonce ?? session.id;
+    const requestObjectUrl = `${this.config.baseUrl}/api/presentations/${encodeURIComponent(nonceOrId)}/oid4vp/request`;
+    const fetchImpl = this.config.fetch ?? fetch;
+    const requestObjectResponse = await fetchImpl(requestObjectUrl, {
+      method: "GET",
+      headers: {
+        Accept: "application/oauth-authz-req+jwt",
+        ...inferredOrigin ? { Origin: inferredOrigin } : {}
+      }
+    });
+    if (!requestObjectResponse.ok) {
+      const errorText = await requestObjectResponse.text();
+      throw new Error(
+        `Failed to fetch DC API request object: ${requestObjectResponse.status} ${errorText}`
+      );
+    }
+    const requestObject = (await requestObjectResponse.text()).trim();
+    if (!requestObject) {
+      throw new Error("DC API request endpoint returned an empty requestObject");
+    }
+    return {
+      ...session,
+      requestObject
+    };
   }
   /**
    * Submit a presentation using the Digital Credentials API.
@@ -1954,54 +1975,13 @@ var EudiploClient = class {
         'Session does not contain a requestObject. Make sure to create the session with response_type: "dc-api"'
       );
     }
-    const dcResponse = await navigator.credentials.get({
-      mediation: "required",
-      digital: {
-        requests: [
-          {
-            protocol: "openid4vp-v1-signed",
-            data: { request: session.requestObject }
-          }
-        ]
-      }
-    });
-    if (!dcResponse) {
-      throw new Error("No response from Digital Credentials API");
-    }
-    if (dcResponse.data?.error) {
-      throw new Error(
-        `Wallet error: ${dcResponse.data.error}${dcResponse.data.error_description ? ` - ${dcResponse.data.error_description}` : ""}`
-      );
-    }
-    const requestPayload = decodeJwtPayload(
-      session.requestObject
-    );
-    if (!requestPayload.response_uri) {
-      throw new Error("No response_uri found in request object");
-    }
-    const fetchImpl = this.config.fetch ?? fetch;
-    const submitResponse = await fetchImpl(requestPayload.response_uri, {
-      method: "POST",
-      headers: {
-        "Content-Type": "application/json"
-      },
-      body: JSON.stringify({
-        ...dcResponse.data,
-        sendResponse: options.sendResponse ?? true
-      })
+    const walletResponse = await invokeDcApi(session.requestObject);
+    return submitDcApiResponse({
+      responseUri: extractResponseUriFromRequestObject(session.requestObject),
+      walletResponse,
+      sendResponse: options.sendResponse,
+      fetch: this.config.fetch
     });
-    if (!submitResponse.ok) {
-      const errorText = await submitResponse.text();
-      throw new Error(
-        `Failed to submit presentation: ${submitResponse.status} ${errorText}`
-      );
-    }
-    const result = await submitResponse.json();
-    return {
-      credentials: result.credentials ?? result,
-      response: result,
-      redirectUri: result.redirect_uri
-    };
   }
   /**
    * Convenience method to create a presentation request and immediately
@@ -2020,111 +2000,7 @@ var EudiploClient = class {
     return this.submitDcApiPresentation(session, dcOptions);
   }
 };
-async function verify(options) {
-  const client2 = new EudiploClient({
-    baseUrl: options.baseUrl,
-    clientId: options.clientId,
-    clientSecret: options.clientSecret
-  });
-  const { uri, sessionId } = await client2.createPresentationRequest({
-    configId: options.configId,
-    redirectUri: options.redirectUri
-  });
-  return {
-    uri,
-    sessionId,
-    waitForCompletion: (pollingOptions) => client2.waitForSession(sessionId, { ...options.polling, ...pollingOptions }),
-    getStatus: () => client2.getSession(sessionId)
-  };
-}
-async function issue(options) {
-  const client2 = new EudiploClient({
-    baseUrl: options.baseUrl,
-    clientId: options.clientId,
-    clientSecret: options.clientSecret
-  });
-  const { uri, sessionId } = await client2.createIssuanceOffer({
-    credentialConfigurationIds: options.credentialConfigurationIds,
-    claims: options.claims,
-    txCode: options.txCode
-  });
-  return {
-    uri,
-    sessionId,
-    waitForCompletion: (pollingOptions) => client2.waitForSession(sessionId, { ...options.polling, ...pollingOptions }),
-    getStatus: () => client2.getSession(sessionId)
-  };
-}
-async function verifyAndWait(options) {
-  const { uri, waitForCompletion } = await verify(options);
-  options.onUri(uri);
-  return waitForCompletion(options.polling);
-}
-async function issueAndWait(options) {
-  const { uri, waitForCompletion } = await issue(options);
-  options.onUri(uri);
-  return waitForCompletion(options.polling);
-}
-async function verifyWithDcApi(options) {
-  const eudiploClient = new EudiploClient({
-    baseUrl: options.baseUrl,
-    clientId: options.clientId,
-    clientSecret: options.clientSecret
-  });
-  return eudiploClient.verifyWithDcApi(
-    {
-      configId: options.configId,
-      redirectUri: options.redirectUri
-    },
-    {
-      sendResponse: options.sendResponse
-    }
-  );
-}
-async function createDcApiRequest(options) {
-  const eudiploClient = new EudiploClient({
-    baseUrl: options.baseUrl,
-    clientId: options.clientId,
-    clientSecret: options.clientSecret
-  });
-  const session = await eudiploClient.createDcApiPresentationRequest({
-    configId: options.configId,
-    redirectUri: options.redirectUri
-  });
-  return {
-    session,
-    submit: (dcOptions) => eudiploClient.submitDcApiPresentation(session, {
-      sendResponse: options.sendResponse,
-      ...dcOptions
-    })
-  };
-}
-async function createDcApiRequestForBrowser(options) {
-  const eudiploClient = new EudiploClient({
-    baseUrl: options.baseUrl,
-    clientId: options.clientId,
-    clientSecret: options.clientSecret
-  });
-  const session = await eudiploClient.createDcApiPresentationRequest({
-    configId: options.configId,
-    redirectUri: options.redirectUri
-  });
-  if (!session.requestObject) {
-    throw new Error("Session does not contain a requestObject");
-  }
-  const requestPayload = decodeJwtPayload(
-    session.requestObject
-  );
-  if (!requestPayload.response_uri) {
-    throw new Error("No response_uri found in request object");
-  }
-  return {
-    requestObject: session.requestObject,
-    sessionId: session.id,
-    responseUri: requestPayload.response_uri
-  };
-}
-async function callDcApi(requestObject) {
+async function invokeDcApi(requestObject) {
   if (!isDcApiAvailable()) {
     throw new Error(
       "Digital Credentials API is not available in this browser. Please use a supported browser or fall back to QR code flow."
@@ -2151,7 +2027,7 @@ async function callDcApi(requestObject) {
   }
   return dcResponse.data;
 }
-async function submitDcApiWalletResponse(options) {
+async function submitDcApiResponse(options) {
   const fetchImpl = options.fetch ?? fetch;
   const submitResponse = await fetchImpl(options.responseUri, {
     method: "POST",
@@ -2170,10 +2046,217 @@ async function submitDcApiWalletResponse(options) {
     );
   }
   const result = await submitResponse.json();
+  return mapDcApiPresentationResult(result);
+}
+// src/config/derive.ts
+var JSON_SCHEMA_DRAFT_2020_12 = "https://json-schema.org/draft/2020-12/schema";
+function segmentToKey(segment) {
+  if (segment === null) {
+    return "*";
+  }
+  return String(segment);
+}
+function getOrCreateChild(target, key, nextIsArray) {
+  const current = target[key];
+  if (current !== void 0) {
+    if (Array.isArray(current)) {
+      return current;
+    }
+    if (typeof current === "object" && current !== null) {
+      return current;
+    }
+  }
+  const created = nextIsArray ? [] : {};
+  target[key] = created;
+  return created;
+}
+function setValueAtPath(target, path, value) {
+  if (path.length === 0) {
+    return;
+  }
+  let cursor = target;
+  for (let index = 0; index < path.length; index += 1) {
+    const segment = path[index];
+    const isLast = index === path.length - 1;
+    const next = path[index + 1];
+    if (Array.isArray(cursor)) {
+      const arrayIndex = typeof segment === "number" ? segment : Number(segmentToKey(segment));
+      if (!Number.isFinite(arrayIndex) || arrayIndex < 0) {
+        return;
+      }
+      if (isLast) {
+        cursor[arrayIndex] = value;
+        return;
+      }
+      const current = cursor[arrayIndex];
+      if (typeof current !== "object" || current === null) {
+        cursor[arrayIndex] = typeof next === "number" ? [] : {};
+      }
+      cursor = cursor[arrayIndex];
+      continue;
+    }
+    const key = segmentToKey(segment);
+    if (isLast) {
+      cursor[key] = value;
+      return;
+    }
+    cursor = getOrCreateChild(cursor, key, typeof next === "number");
+  }
+}
+function getDisplayTitle(display) {
+  if (!display || display.length === 0) {
+    return void 0;
+  }
+  const en = display.find((entry) => entry.locale.toLowerCase().startsWith("en"));
+  return en?.name ?? display[0]?.name;
+}
+function mergeLeafSchema(existing, next) {
+  const merged = { ...next };
+  if (existing.properties && Object.keys(existing.properties).length > 0) {
+    merged.properties = existing.properties;
+  }
+  if (Array.isArray(existing.required) && existing.required.length > 0) {
+    merged.required = existing.required;
+  }
+  return merged;
+}
+function ensureSchemaNode(root, path) {
+  let cursor = root;
+  for (const segment of path) {
+    const key = segmentToKey(segment);
+    cursor.properties ??= {};
+    if (!cursor.properties[key]) {
+      cursor.properties[key] = {
+        type: "object",
+        properties: {}
+      };
+    }
+    cursor = cursor.properties[key];
+  }
+  return cursor;
+}
+function ensureFrameNode(root, path) {
+  let cursor = root;
+  for (const segment of path) {
+    const key = segmentToKey(segment);
+    const current = cursor[key];
+    if (!current || typeof current !== "object" || Array.isArray(current)) {
+      cursor[key] = {};
+    }
+    cursor = cursor[key];
+  }
+  return cursor;
+}
+function buildClaims(fields) {
+  const claims = {};
+  for (const field of fields) {
+    if (!Object.prototype.hasOwnProperty.call(field, "defaultValue")) {
+      continue;
+    }
+    setValueAtPath(claims, field.path, field.defaultValue);
+  }
+  return claims;
+}
+function buildDisclosureFrame(fields) {
+  const frame = {};
+  let hasDisclosure = false;
+  for (const field of fields) {
+    if (!field.disclosable || field.path.length === 0) {
+      continue;
+    }
+    const parentPath = field.path.slice(0, -1);
+    const leaf = segmentToKey(field.path.at(-1) ?? "");
+    const node = ensureFrameNode(frame, parentPath);
+    const existing = Array.isArray(node._sd) ? node._sd : [];
+    if (!existing.includes(leaf)) {
+      existing.push(leaf);
+      node._sd = existing;
+    }
+    hasDisclosure = true;
+  }
+  return hasDisclosure ? frame : void 0;
+}
+function buildClaimsMetadata(fields) {
+  return fields.filter((field) => field.path.length > 0).map((field) => {
+    const metadata = {
+      path: field.path
+    };
+    if (typeof field.mandatory === "boolean") {
+      metadata.mandatory = field.mandatory;
+    }
+    if (field.display && field.display.length > 0) {
+      metadata.display = field.display;
+    }
+    return metadata;
+  });
+}
+function buildLeafSchema(field) {
+  const schema = {
+    ...field.constraints,
+    type: field.type === "date" ? "string" : field.type
+  };
+  if (field.type === "date" && !schema.format) {
+    schema.format = "date";
+  }
+  const title = getDisplayTitle(field.display);
+  if (title) {
+    schema.title = title;
+  }
+  return schema;
+}
+function addRequired(parent, key) {
+  if (!Array.isArray(parent.required)) {
+    parent.required = [];
+  }
+  if (!parent.required.includes(key)) {
+    parent.required.push(key);
+  }
+}
+function buildJsonSchema(fields) {
+  const root = {
+    $schema: JSON_SCHEMA_DRAFT_2020_12,
+    type: "object",
+    properties: {}
+  };
+  for (const field of fields) {
+    if (field.path.length === 0) {
+      continue;
+    }
+    const parent = ensureSchemaNode(root, field.path.slice(0, -1));
+    const leafKey = segmentToKey(field.path.at(-1) ?? "");
+    parent.properties ??= {};
+    const leafSchema = buildLeafSchema(field);
+    const existing = parent.properties[leafKey];
+    parent.properties[leafKey] = existing && typeof existing === "object" && !Array.isArray(existing) ? mergeLeafSchema(existing, leafSchema) : leafSchema;
+    if (field.mandatory) {
+      addRequired(parent, leafKey);
+    }
+  }
+  return root;
+}
+function buildClaimsByNamespace(fields) {
+  const byNamespace = {};
+  for (const field of fields) {
+    if (!field.namespace || !Object.prototype.hasOwnProperty.call(field, "defaultValue")) {
+      continue;
+    }
+    if (!byNamespace[field.namespace]) {
+      byNamespace[field.namespace] = {};
+    }
+    const namespaceTarget = byNamespace[field.namespace];
+    const normalizedPath = field.path.length > 0 && segmentToKey(field.path[0] ?? "") === field.namespace ? field.path.slice(1) : field.path;
+    setValueAtPath(namespaceTarget, normalizedPath, field.defaultValue);
+  }
+  return byNamespace;
+}
+function deriveRuntimeArtifacts(fields) {
   return {
-    credentials: result.credentials ?? result,
-    response: result,
-    redirectUri: result.redirect_uri
+    claims: buildClaims(fields),
+    disclosureFrame: buildDisclosureFrame(fields),
+    claimsMetadata: buildClaimsMetadata(fields),
+    schema: buildJsonSchema(fields),
+    claimsByNamespace: buildClaimsByNamespace(fields)
   };
 }
@@ -2187,11 +2270,15 @@ exports.attributeProviderControllerGetById = attributeProviderControllerGetById;
 exports.attributeProviderControllerUpdate = attributeProviderControllerUpdate;
 exports.auditLogControllerGetAuditLogs = auditLogControllerGetAuditLogs;
 exports.authControllerGetOAuth2Token = authControllerGetOAuth2Token;
+exports.buildClaims = buildClaims;
+exports.buildClaimsByNamespace = buildClaimsByNamespace;
+exports.buildClaimsMetadata = buildClaimsMetadata;
+exports.buildDisclosureFrame = buildDisclosureFrame;
+exports.buildJsonSchema = buildJsonSchema;
 exports.cacheControllerClearAllCaches = cacheControllerClearAllCaches;
 exports.cacheControllerClearStatusListCache = cacheControllerClearStatusListCache;
 exports.cacheControllerClearTrustListCache = cacheControllerClearTrustListCache;
 exports.cacheControllerGetStats = cacheControllerGetStats;
-exports.callDcApi = callDcApi;
 exports.client = client;
 exports.clientControllerCreateClient = clientControllerCreateClient;
 exports.clientControllerDeleteClient = clientControllerDeleteClient;
@@ -2200,29 +2287,25 @@ exports.clientControllerGetClientSecret = clientControllerGetClientSecret;
 exports.clientControllerGetClients = clientControllerGetClients;
 exports.clientControllerRotateClientSecret = clientControllerRotateClientSecret;
 exports.clientControllerUpdateClient = clientControllerUpdateClient;
-exports.createDcApiRequest = createDcApiRequest;
-exports.createDcApiRequestForBrowser = createDcApiRequestForBrowser;
 exports.credentialConfigControllerDeleteIssuanceConfiguration = credentialConfigControllerDeleteIssuanceConfiguration;
 exports.credentialConfigControllerGetConfigById = credentialConfigControllerGetConfigById;
 exports.credentialConfigControllerGetConfigs = credentialConfigControllerGetConfigs;
-exports.credentialConfigControllerSignSchemaMetaConfig = credentialConfigControllerSignSchemaMetaConfig;
-exports.credentialConfigControllerSignVersionSchemaMetaConfig = credentialConfigControllerSignVersionSchemaMetaConfig;
 exports.credentialConfigControllerStoreCredentialConfiguration = credentialConfigControllerStoreCredentialConfiguration;
 exports.credentialConfigControllerUpdateCredentialConfiguration = credentialConfigControllerUpdateCredentialConfiguration;
 exports.credentialOfferControllerGetOffer = credentialOfferControllerGetOffer;
 exports.deferredControllerCompleteDeferred = deferredControllerCompleteDeferred;
 exports.deferredControllerFailDeferred = deferredControllerFailDeferred;
+exports.deriveRuntimeArtifacts = deriveRuntimeArtifacts;
 exports.isDcApiAvailable = isDcApiAvailable;
 exports.issuanceConfigControllerGetIssuanceConfigurations = issuanceConfigControllerGetIssuanceConfigurations;
 exports.issuanceConfigControllerStoreIssuanceConfiguration = issuanceConfigControllerStoreIssuanceConfiguration;
-exports.issue = issue;
-exports.issueAndWait = issueAndWait;
 exports.keyChainControllerCreate = keyChainControllerCreate;
 exports.keyChainControllerDelete = keyChainControllerDelete;
 exports.keyChainControllerExport = keyChainControllerExport;
 exports.keyChainControllerGetAll = keyChainControllerGetAll;
 exports.keyChainControllerGetById = keyChainControllerGetById;
 exports.keyChainControllerGetProviders = keyChainControllerGetProviders;
+exports.keyChainControllerGetProvidersHealth = keyChainControllerGetProvidersHealth;
 exports.keyChainControllerImport = keyChainControllerImport;
 exports.keyChainControllerRotate = keyChainControllerRotate;
 exports.keyChainControllerUpdate = keyChainControllerUpdate;
@@ -2250,6 +2333,8 @@ exports.schemaMetadataControllerGetSchema = schemaMetadataControllerGetSchema;
 exports.schemaMetadataControllerGetVersions = schemaMetadataControllerGetVersions;
 exports.schemaMetadataControllerGetVocabularies = schemaMetadataControllerGetVocabularies;
 exports.schemaMetadataControllerRemove = schemaMetadataControllerRemove;
+exports.schemaMetadataControllerSignSchemaMetaConfig = schemaMetadataControllerSignSchemaMetaConfig;
+exports.schemaMetadataControllerSignVersionSchemaMetaConfig = schemaMetadataControllerSignVersionSchemaMetaConfig;
 exports.schemaMetadataControllerUpdate = schemaMetadataControllerUpdate;
 exports.sessionConfigControllerGetConfig = sessionConfigControllerGetConfig;
 exports.sessionConfigControllerResetConfig = sessionConfigControllerResetConfig;
@@ -2269,7 +2354,6 @@ exports.statusListManagementControllerGetList = statusListManagementControllerGe
 exports.statusListManagementControllerGetLists = statusListManagementControllerGetLists;
 exports.statusListManagementControllerUpdateList = statusListManagementControllerUpdateList;
 exports.storageControllerUpload = storageControllerUpload;
-exports.submitDcApiWalletResponse = submitDcApiWalletResponse;
 exports.tenantControllerDeleteTenant = tenantControllerDeleteTenant;
 exports.tenantControllerGetTenant = tenantControllerGetTenant;
 exports.tenantControllerGetTenants = tenantControllerGetTenants;
@@ -2289,9 +2373,6 @@ exports.userControllerGetUser = userControllerGetUser;
 exports.userControllerGetUsers = userControllerGetUsers;
 exports.userControllerUpdateUser = userControllerUpdateUser;
 exports.verifierOfferControllerGetOffer = verifierOfferControllerGetOffer;
-exports.verify = verify;
-exports.verifyAndWait = verifyAndWait;
-exports.verifyWithDcApi = verifyWithDcApi;
 exports.webhookEndpointControllerCreate = webhookEndpointControllerCreate;
 exports.webhookEndpointControllerDelete = webhookEndpointControllerDelete;
 exports.webhookEndpointControllerGetAll = webhookEndpointControllerGetAll;