@ewqwe/digital-identity 1.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +12 -0
- package/README.md +193 -0
- package/dist/api-client.d.ts +22 -0
- package/dist/attestation.d.ts +80 -0
- package/dist/config.d.ts +72 -0
- package/dist/dcql.d.ts +266 -0
- package/dist/index.cjs +2 -0
- package/dist/index.cjs.map +1 -0
- package/dist/index.mjs +1112 -0
- package/dist/index.mjs.map +1 -0
- package/dist/lib.d.ts +18 -0
- package/dist/types.d.ts +521 -0
- package/package.json +57 -0
package/dist/index.mjs
ADDED
|
@@ -0,0 +1,1112 @@
|
|
|
1
|
+
//#region src/config.ts
|
|
2
|
+
var e = {
|
|
3
|
+
haip: {
|
|
4
|
+
id: "haip",
|
|
5
|
+
name: "HAIP Profile",
|
|
6
|
+
description: "High Assurance Interoperability Profile for EUDI Wallet",
|
|
7
|
+
clientIdScheme: "x509_hash",
|
|
8
|
+
requestFormat: "jar",
|
|
9
|
+
responseMode: "direct_post.jwt",
|
|
10
|
+
urlSchemes: ["eudi-openid4vp://", "openid4vp://"],
|
|
11
|
+
requiresJarSigning: !0
|
|
12
|
+
},
|
|
13
|
+
"annex-a": {
|
|
14
|
+
id: "annex-a",
|
|
15
|
+
name: "Annex A Profile",
|
|
16
|
+
description: "EU Age Verification Profile for Proof of Age",
|
|
17
|
+
clientIdScheme: "redirect_uri",
|
|
18
|
+
requestFormat: "plain",
|
|
19
|
+
responseMode: "direct_post",
|
|
20
|
+
urlSchemes: ["av://"],
|
|
21
|
+
requiresJarSigning: !1
|
|
22
|
+
},
|
|
23
|
+
"haip-x509-san-dns": {
|
|
24
|
+
id: "haip-x509-san-dns",
|
|
25
|
+
name: "HAIP (x509_san_dns)",
|
|
26
|
+
description: "HAIP with x509_san_dns client_id scheme",
|
|
27
|
+
clientIdScheme: "x509_san_dns",
|
|
28
|
+
requestFormat: "jar",
|
|
29
|
+
responseMode: "direct_post.jwt",
|
|
30
|
+
urlSchemes: ["eudi-openid4vp://", "openid4vp://"],
|
|
31
|
+
requiresJarSigning: !0
|
|
32
|
+
}
|
|
33
|
+
}, t = {
|
|
34
|
+
mdl: {
|
|
35
|
+
id: "mdl",
|
|
36
|
+
name: "Mobile Driver's License",
|
|
37
|
+
format: "mso_mdoc",
|
|
38
|
+
docType: "org.iso.18013.5.1.mDL",
|
|
39
|
+
namespace: "org.iso.18013.5.1",
|
|
40
|
+
profile: "haip",
|
|
41
|
+
claims: [
|
|
42
|
+
{
|
|
43
|
+
id: "family_name",
|
|
44
|
+
name: "Family Name"
|
|
45
|
+
},
|
|
46
|
+
{
|
|
47
|
+
id: "given_name",
|
|
48
|
+
name: "Given Names"
|
|
49
|
+
},
|
|
50
|
+
{
|
|
51
|
+
id: "birth_date",
|
|
52
|
+
name: "Birth Date"
|
|
53
|
+
},
|
|
54
|
+
{
|
|
55
|
+
id: "portrait",
|
|
56
|
+
name: "Portrait"
|
|
57
|
+
},
|
|
58
|
+
{
|
|
59
|
+
id: "age_over_21",
|
|
60
|
+
name: "Age Over 21"
|
|
61
|
+
},
|
|
62
|
+
{
|
|
63
|
+
id: "age_over_18",
|
|
64
|
+
name: "Age Over 18"
|
|
65
|
+
},
|
|
66
|
+
{
|
|
67
|
+
id: "document_number",
|
|
68
|
+
name: "Document Number"
|
|
69
|
+
},
|
|
70
|
+
{
|
|
71
|
+
id: "issue_date",
|
|
72
|
+
name: "Issue Date"
|
|
73
|
+
},
|
|
74
|
+
{
|
|
75
|
+
id: "expiry_date",
|
|
76
|
+
name: "Expiry Date"
|
|
77
|
+
},
|
|
78
|
+
{
|
|
79
|
+
id: "issuing_authority",
|
|
80
|
+
name: "Issuing Authority"
|
|
81
|
+
},
|
|
82
|
+
{
|
|
83
|
+
id: "issuing_country",
|
|
84
|
+
name: "Issuing Country"
|
|
85
|
+
},
|
|
86
|
+
{
|
|
87
|
+
id: "driving_privileges",
|
|
88
|
+
name: "Driving Privileges"
|
|
89
|
+
}
|
|
90
|
+
]
|
|
91
|
+
},
|
|
92
|
+
"national-id": {
|
|
93
|
+
id: "national-id",
|
|
94
|
+
name: "National ID (PID)",
|
|
95
|
+
format: "mso_mdoc",
|
|
96
|
+
docType: "eu.europa.ec.eudi.pid.1",
|
|
97
|
+
namespace: "eu.europa.ec.eudi.pid.1",
|
|
98
|
+
profile: "haip",
|
|
99
|
+
claims: [
|
|
100
|
+
{
|
|
101
|
+
id: "family_name",
|
|
102
|
+
name: "Family Name"
|
|
103
|
+
},
|
|
104
|
+
{
|
|
105
|
+
id: "given_name",
|
|
106
|
+
name: "Given Names"
|
|
107
|
+
},
|
|
108
|
+
{
|
|
109
|
+
id: "birth_date",
|
|
110
|
+
name: "Birth Date"
|
|
111
|
+
},
|
|
112
|
+
{
|
|
113
|
+
id: "portrait",
|
|
114
|
+
name: "Portrait"
|
|
115
|
+
},
|
|
116
|
+
{
|
|
117
|
+
id: "nationality",
|
|
118
|
+
name: "Nationality"
|
|
119
|
+
},
|
|
120
|
+
{
|
|
121
|
+
id: "place_of_birth",
|
|
122
|
+
name: "Place of Birth"
|
|
123
|
+
},
|
|
124
|
+
{
|
|
125
|
+
id: "resident_address",
|
|
126
|
+
name: "Resident Address"
|
|
127
|
+
},
|
|
128
|
+
{
|
|
129
|
+
id: "resident_country",
|
|
130
|
+
name: "Resident Country"
|
|
131
|
+
},
|
|
132
|
+
{
|
|
133
|
+
id: "sex",
|
|
134
|
+
name: "Sex"
|
|
135
|
+
}
|
|
136
|
+
]
|
|
137
|
+
},
|
|
138
|
+
"national-id-sd-jwt": {
|
|
139
|
+
id: "national-id-sd-jwt",
|
|
140
|
+
name: "National ID (PID) — SD-JWT VC",
|
|
141
|
+
format: "dc+sd-jwt",
|
|
142
|
+
docType: "urn:eudi:pid:1",
|
|
143
|
+
namespace: "urn:eudi:pid:1",
|
|
144
|
+
vct: "urn:eudi:pid:1",
|
|
145
|
+
profile: "haip",
|
|
146
|
+
claims: [
|
|
147
|
+
{
|
|
148
|
+
id: "family_name",
|
|
149
|
+
name: "Family Name"
|
|
150
|
+
},
|
|
151
|
+
{
|
|
152
|
+
id: "given_name",
|
|
153
|
+
name: "Given Names"
|
|
154
|
+
},
|
|
155
|
+
{
|
|
156
|
+
id: "birthdate",
|
|
157
|
+
name: "Birth Date"
|
|
158
|
+
},
|
|
159
|
+
{
|
|
160
|
+
id: "picture",
|
|
161
|
+
name: "Portrait"
|
|
162
|
+
},
|
|
163
|
+
{
|
|
164
|
+
id: "nationalities",
|
|
165
|
+
name: "Nationalities"
|
|
166
|
+
},
|
|
167
|
+
{
|
|
168
|
+
id: "place_of_birth",
|
|
169
|
+
name: "Place of Birth"
|
|
170
|
+
},
|
|
171
|
+
{
|
|
172
|
+
id: "address",
|
|
173
|
+
name: "Address"
|
|
174
|
+
},
|
|
175
|
+
{
|
|
176
|
+
id: "sex",
|
|
177
|
+
name: "Sex"
|
|
178
|
+
}
|
|
179
|
+
]
|
|
180
|
+
},
|
|
181
|
+
"proof-of-age": {
|
|
182
|
+
id: "proof-of-age",
|
|
183
|
+
name: "Proof of Age (EU AV)",
|
|
184
|
+
format: "mso_mdoc",
|
|
185
|
+
docType: "eu.europa.ec.av.1",
|
|
186
|
+
namespace: "eu.europa.ec.av.1",
|
|
187
|
+
profile: "annex-a",
|
|
188
|
+
claims: [{
|
|
189
|
+
id: "age_over_18",
|
|
190
|
+
name: "Age Over 18"
|
|
191
|
+
}]
|
|
192
|
+
},
|
|
193
|
+
"france-identite-numerique": {
|
|
194
|
+
id: "france-identite-numerique",
|
|
195
|
+
name: "France Identité Numérique",
|
|
196
|
+
format: "mso_mdoc",
|
|
197
|
+
docType: "eu.europa.ec.eudi.pid.1",
|
|
198
|
+
namespace: "eu.europa.ec.eudi.pid.1",
|
|
199
|
+
profile: "haip",
|
|
200
|
+
claims: [
|
|
201
|
+
{
|
|
202
|
+
id: "age_over_18",
|
|
203
|
+
name: "Age Over 18"
|
|
204
|
+
},
|
|
205
|
+
{
|
|
206
|
+
id: "family_name",
|
|
207
|
+
name: "Family Name"
|
|
208
|
+
},
|
|
209
|
+
{
|
|
210
|
+
id: "given_name",
|
|
211
|
+
name: "Given Names"
|
|
212
|
+
},
|
|
213
|
+
{
|
|
214
|
+
id: "birth_date",
|
|
215
|
+
name: "Birth Date"
|
|
216
|
+
},
|
|
217
|
+
{
|
|
218
|
+
id: "portrait",
|
|
219
|
+
name: "Portrait"
|
|
220
|
+
}
|
|
221
|
+
]
|
|
222
|
+
},
|
|
223
|
+
tax: {
|
|
224
|
+
id: "tax",
|
|
225
|
+
name: "Tax Identification",
|
|
226
|
+
format: "mso_mdoc",
|
|
227
|
+
docType: "eu.europa.ec.eudi.tax.1",
|
|
228
|
+
namespace: "eu.europa.ec.eudi.tax.1",
|
|
229
|
+
profile: "haip",
|
|
230
|
+
claims: [
|
|
231
|
+
{
|
|
232
|
+
id: "tax_number",
|
|
233
|
+
name: "Tax Number"
|
|
234
|
+
},
|
|
235
|
+
{
|
|
236
|
+
id: "registered_family_name",
|
|
237
|
+
name: "Registered Family Name"
|
|
238
|
+
},
|
|
239
|
+
{
|
|
240
|
+
id: "registered_given_name",
|
|
241
|
+
name: "Registered Given Names"
|
|
242
|
+
},
|
|
243
|
+
{
|
|
244
|
+
id: "issuing_country",
|
|
245
|
+
name: "Issuing Country"
|
|
246
|
+
}
|
|
247
|
+
]
|
|
248
|
+
},
|
|
249
|
+
"tax-sd-jwt": {
|
|
250
|
+
id: "tax-sd-jwt",
|
|
251
|
+
name: "Tax Identification — SD-JWT VC",
|
|
252
|
+
format: "dc+sd-jwt",
|
|
253
|
+
docType: "urn:eu.europa.ec.eudi:tax:1",
|
|
254
|
+
namespace: "urn:eu.europa.ec.eudi:tax:1",
|
|
255
|
+
vct: "urn:eu.europa.ec.eudi:tax:1",
|
|
256
|
+
profile: "haip",
|
|
257
|
+
claims: [
|
|
258
|
+
{
|
|
259
|
+
id: "tax_number",
|
|
260
|
+
name: "Tax Number"
|
|
261
|
+
},
|
|
262
|
+
{
|
|
263
|
+
id: "registered_family_name",
|
|
264
|
+
name: "Registered Family Name"
|
|
265
|
+
},
|
|
266
|
+
{
|
|
267
|
+
id: "registered_given_name",
|
|
268
|
+
name: "Registered Given Names"
|
|
269
|
+
},
|
|
270
|
+
{
|
|
271
|
+
id: "issuing_country",
|
|
272
|
+
name: "Issuing Country"
|
|
273
|
+
}
|
|
274
|
+
]
|
|
275
|
+
},
|
|
276
|
+
"pseudonym-age": {
|
|
277
|
+
id: "pseudonym-age",
|
|
278
|
+
name: "Pseudonym (Age Over 18)",
|
|
279
|
+
format: "mso_mdoc",
|
|
280
|
+
docType: "eu.europa.ec.eudi.pseudonym.age_over_18.1",
|
|
281
|
+
namespace: "eu.europa.ec.eudi.pseudonym.age_over_18.1",
|
|
282
|
+
profile: "haip",
|
|
283
|
+
claims: [{
|
|
284
|
+
id: "age_over_18",
|
|
285
|
+
name: "Age Over 18"
|
|
286
|
+
}]
|
|
287
|
+
},
|
|
288
|
+
"pseudonym-age-sd-jwt": {
|
|
289
|
+
id: "pseudonym-age-sd-jwt",
|
|
290
|
+
name: "Pseudonym (Age Over 18) — SD-JWT VC",
|
|
291
|
+
format: "dc+sd-jwt",
|
|
292
|
+
docType: "urn:eu.europa.ec.eudi:pseudonym_age_over_18:1",
|
|
293
|
+
namespace: "urn:eu.europa.ec.eudi:pseudonym_age_over_18:1",
|
|
294
|
+
vct: "urn:eu.europa.ec.eudi:pseudonym_age_over_18:1",
|
|
295
|
+
profile: "haip",
|
|
296
|
+
claims: [{
|
|
297
|
+
id: "age_over_18",
|
|
298
|
+
name: "Age Over 18"
|
|
299
|
+
}]
|
|
300
|
+
},
|
|
301
|
+
cor: {
|
|
302
|
+
id: "cor",
|
|
303
|
+
name: "Certificate of Residence",
|
|
304
|
+
format: "mso_mdoc",
|
|
305
|
+
docType: "eu.europa.ec.eudi.cor.1",
|
|
306
|
+
namespace: "eu.europa.ec.eudi.cor.1",
|
|
307
|
+
profile: "haip",
|
|
308
|
+
claims: [
|
|
309
|
+
{
|
|
310
|
+
id: "resident_address",
|
|
311
|
+
name: "Resident Address"
|
|
312
|
+
},
|
|
313
|
+
{
|
|
314
|
+
id: "resident_country",
|
|
315
|
+
name: "Resident Country"
|
|
316
|
+
},
|
|
317
|
+
{
|
|
318
|
+
id: "resident_city",
|
|
319
|
+
name: "Resident City"
|
|
320
|
+
},
|
|
321
|
+
{
|
|
322
|
+
id: "resident_postal_code",
|
|
323
|
+
name: "Resident Postal Code"
|
|
324
|
+
},
|
|
325
|
+
{
|
|
326
|
+
id: "issuing_country",
|
|
327
|
+
name: "Issuing Country"
|
|
328
|
+
}
|
|
329
|
+
]
|
|
330
|
+
},
|
|
331
|
+
"photo-id": {
|
|
332
|
+
id: "photo-id",
|
|
333
|
+
name: "Photo ID",
|
|
334
|
+
format: "mso_mdoc",
|
|
335
|
+
docType: "org.iso.23220.2.photoid.1",
|
|
336
|
+
namespace: "org.iso.23220.photoid.1",
|
|
337
|
+
profile: "haip",
|
|
338
|
+
claims: [
|
|
339
|
+
{
|
|
340
|
+
id: "family_name",
|
|
341
|
+
name: "Family Name"
|
|
342
|
+
},
|
|
343
|
+
{
|
|
344
|
+
id: "given_name",
|
|
345
|
+
name: "Given Names"
|
|
346
|
+
},
|
|
347
|
+
{
|
|
348
|
+
id: "birth_date",
|
|
349
|
+
name: "Birth Date"
|
|
350
|
+
},
|
|
351
|
+
{
|
|
352
|
+
id: "portrait",
|
|
353
|
+
name: "Portrait"
|
|
354
|
+
},
|
|
355
|
+
{
|
|
356
|
+
id: "document_number",
|
|
357
|
+
name: "Document Number"
|
|
358
|
+
},
|
|
359
|
+
{
|
|
360
|
+
id: "issuing_authority",
|
|
361
|
+
name: "Issuing Authority"
|
|
362
|
+
},
|
|
363
|
+
{
|
|
364
|
+
id: "issuing_country",
|
|
365
|
+
name: "Issuing Country"
|
|
366
|
+
},
|
|
367
|
+
{
|
|
368
|
+
id: "expiry_date",
|
|
369
|
+
name: "Expiry Date"
|
|
370
|
+
}
|
|
371
|
+
]
|
|
372
|
+
},
|
|
373
|
+
reservation: {
|
|
374
|
+
id: "reservation",
|
|
375
|
+
name: "Travel Reservation",
|
|
376
|
+
format: "mso_mdoc",
|
|
377
|
+
docType: "org.iso.18013.5.1.reservation",
|
|
378
|
+
namespace: "org.iso.18013.5.1.reservation",
|
|
379
|
+
profile: "haip",
|
|
380
|
+
claims: [
|
|
381
|
+
{
|
|
382
|
+
id: "reservation_number",
|
|
383
|
+
name: "Reservation Number"
|
|
384
|
+
},
|
|
385
|
+
{
|
|
386
|
+
id: "family_name",
|
|
387
|
+
name: "Family Name"
|
|
388
|
+
},
|
|
389
|
+
{
|
|
390
|
+
id: "given_name",
|
|
391
|
+
name: "Given Names"
|
|
392
|
+
}
|
|
393
|
+
]
|
|
394
|
+
},
|
|
395
|
+
iban: {
|
|
396
|
+
id: "iban",
|
|
397
|
+
name: "IBAN",
|
|
398
|
+
format: "mso_mdoc",
|
|
399
|
+
docType: "eu.europa.ec.eudi.iban.1",
|
|
400
|
+
namespace: "eu.europa.ec.eudi.iban.1",
|
|
401
|
+
profile: "haip",
|
|
402
|
+
claims: [
|
|
403
|
+
{
|
|
404
|
+
id: "iban",
|
|
405
|
+
name: "IBAN"
|
|
406
|
+
},
|
|
407
|
+
{
|
|
408
|
+
id: "account_holder",
|
|
409
|
+
name: "Account Holder"
|
|
410
|
+
},
|
|
411
|
+
{
|
|
412
|
+
id: "bic",
|
|
413
|
+
name: "BIC"
|
|
414
|
+
}
|
|
415
|
+
]
|
|
416
|
+
},
|
|
417
|
+
"iban-sd-jwt": {
|
|
418
|
+
id: "iban-sd-jwt",
|
|
419
|
+
name: "IBAN — SD-JWT VC",
|
|
420
|
+
format: "dc+sd-jwt",
|
|
421
|
+
docType: "urn:eu.europa.ec.eudi:iban:1",
|
|
422
|
+
namespace: "urn:eu.europa.ec.eudi:iban:1",
|
|
423
|
+
vct: "urn:eu.europa.ec.eudi:iban:1",
|
|
424
|
+
profile: "haip",
|
|
425
|
+
claims: [
|
|
426
|
+
{
|
|
427
|
+
id: "iban",
|
|
428
|
+
name: "IBAN"
|
|
429
|
+
},
|
|
430
|
+
{
|
|
431
|
+
id: "account_holder",
|
|
432
|
+
name: "Account Holder"
|
|
433
|
+
},
|
|
434
|
+
{
|
|
435
|
+
id: "bic",
|
|
436
|
+
name: "BIC"
|
|
437
|
+
}
|
|
438
|
+
]
|
|
439
|
+
},
|
|
440
|
+
ehic: {
|
|
441
|
+
id: "ehic",
|
|
442
|
+
name: "European Health Insurance Card",
|
|
443
|
+
format: "mso_mdoc",
|
|
444
|
+
docType: "eu.europa.ec.eudi.ehic.1",
|
|
445
|
+
namespace: "eu.europa.ec.eudi.ehic.1",
|
|
446
|
+
profile: "haip",
|
|
447
|
+
claims: [
|
|
448
|
+
{
|
|
449
|
+
id: "family_name",
|
|
450
|
+
name: "Family Name"
|
|
451
|
+
},
|
|
452
|
+
{
|
|
453
|
+
id: "given_name",
|
|
454
|
+
name: "Given Names"
|
|
455
|
+
},
|
|
456
|
+
{
|
|
457
|
+
id: "birth_date",
|
|
458
|
+
name: "Birth Date"
|
|
459
|
+
},
|
|
460
|
+
{
|
|
461
|
+
id: "personal_id",
|
|
462
|
+
name: "Personal ID"
|
|
463
|
+
},
|
|
464
|
+
{
|
|
465
|
+
id: "institution_id",
|
|
466
|
+
name: "Institution ID"
|
|
467
|
+
},
|
|
468
|
+
{
|
|
469
|
+
id: "institution_country",
|
|
470
|
+
name: "Institution Country"
|
|
471
|
+
},
|
|
472
|
+
{
|
|
473
|
+
id: "card_number",
|
|
474
|
+
name: "Card Number"
|
|
475
|
+
},
|
|
476
|
+
{
|
|
477
|
+
id: "expiry_date",
|
|
478
|
+
name: "Expiry Date"
|
|
479
|
+
}
|
|
480
|
+
]
|
|
481
|
+
},
|
|
482
|
+
"ehic-sd-jwt": {
|
|
483
|
+
id: "ehic-sd-jwt",
|
|
484
|
+
name: "European Health Insurance Card — SD-JWT VC",
|
|
485
|
+
format: "dc+sd-jwt",
|
|
486
|
+
docType: "urn:eu.europa.ec.eudi:ehic:1",
|
|
487
|
+
namespace: "urn:eu.europa.ec.eudi:ehic:1",
|
|
488
|
+
vct: "urn:eu.europa.ec.eudi:ehic:1",
|
|
489
|
+
profile: "haip",
|
|
490
|
+
claims: [
|
|
491
|
+
{
|
|
492
|
+
id: "family_name",
|
|
493
|
+
name: "Family Name"
|
|
494
|
+
},
|
|
495
|
+
{
|
|
496
|
+
id: "given_name",
|
|
497
|
+
name: "Given Names"
|
|
498
|
+
},
|
|
499
|
+
{
|
|
500
|
+
id: "birth_date",
|
|
501
|
+
name: "Birth Date"
|
|
502
|
+
},
|
|
503
|
+
{
|
|
504
|
+
id: "personal_id",
|
|
505
|
+
name: "Personal ID"
|
|
506
|
+
},
|
|
507
|
+
{
|
|
508
|
+
id: "institution_id",
|
|
509
|
+
name: "Institution ID"
|
|
510
|
+
},
|
|
511
|
+
{
|
|
512
|
+
id: "institution_country",
|
|
513
|
+
name: "Institution Country"
|
|
514
|
+
},
|
|
515
|
+
{
|
|
516
|
+
id: "card_number",
|
|
517
|
+
name: "Card Number"
|
|
518
|
+
},
|
|
519
|
+
{
|
|
520
|
+
id: "expiry_date",
|
|
521
|
+
name: "Expiry Date"
|
|
522
|
+
}
|
|
523
|
+
]
|
|
524
|
+
},
|
|
525
|
+
"health-id": {
|
|
526
|
+
id: "health-id",
|
|
527
|
+
name: "Health ID",
|
|
528
|
+
format: "mso_mdoc",
|
|
529
|
+
docType: "eu.europa.ec.eudi.hiid.1",
|
|
530
|
+
namespace: "eu.europa.ec.eudi.hiid.1",
|
|
531
|
+
profile: "haip",
|
|
532
|
+
claims: [
|
|
533
|
+
{
|
|
534
|
+
id: "family_name",
|
|
535
|
+
name: "Family Name"
|
|
536
|
+
},
|
|
537
|
+
{
|
|
538
|
+
id: "given_name",
|
|
539
|
+
name: "Given Names"
|
|
540
|
+
},
|
|
541
|
+
{
|
|
542
|
+
id: "birth_date",
|
|
543
|
+
name: "Birth Date"
|
|
544
|
+
},
|
|
545
|
+
{
|
|
546
|
+
id: "health_insurance_id",
|
|
547
|
+
name: "Health Insurance ID"
|
|
548
|
+
},
|
|
549
|
+
{
|
|
550
|
+
id: "issuing_country",
|
|
551
|
+
name: "Issuing Country"
|
|
552
|
+
}
|
|
553
|
+
]
|
|
554
|
+
},
|
|
555
|
+
"health-id-sd-jwt": {
|
|
556
|
+
id: "health-id-sd-jwt",
|
|
557
|
+
name: "Health ID — SD-JWT VC",
|
|
558
|
+
format: "dc+sd-jwt",
|
|
559
|
+
docType: "urn:eu.europa.ec.eudi:hiid:1",
|
|
560
|
+
namespace: "urn:eu.europa.ec.eudi:hiid:1",
|
|
561
|
+
vct: "urn:eu.europa.ec.eudi:hiid:1",
|
|
562
|
+
profile: "haip",
|
|
563
|
+
claims: [
|
|
564
|
+
{
|
|
565
|
+
id: "family_name",
|
|
566
|
+
name: "Family Name"
|
|
567
|
+
},
|
|
568
|
+
{
|
|
569
|
+
id: "given_name",
|
|
570
|
+
name: "Given Names"
|
|
571
|
+
},
|
|
572
|
+
{
|
|
573
|
+
id: "birth_date",
|
|
574
|
+
name: "Birth Date"
|
|
575
|
+
},
|
|
576
|
+
{
|
|
577
|
+
id: "health_insurance_id",
|
|
578
|
+
name: "Health Insurance ID"
|
|
579
|
+
},
|
|
580
|
+
{
|
|
581
|
+
id: "issuing_country",
|
|
582
|
+
name: "Issuing Country"
|
|
583
|
+
}
|
|
584
|
+
]
|
|
585
|
+
},
|
|
586
|
+
pda1: {
|
|
587
|
+
id: "pda1",
|
|
588
|
+
name: "Portable Document A1",
|
|
589
|
+
format: "mso_mdoc",
|
|
590
|
+
docType: "eu.europa.ec.eudi.pda1.1",
|
|
591
|
+
namespace: "eu.europa.ec.eudi.pda1.1",
|
|
592
|
+
profile: "haip",
|
|
593
|
+
claims: [
|
|
594
|
+
{
|
|
595
|
+
id: "family_name",
|
|
596
|
+
name: "Family Name"
|
|
597
|
+
},
|
|
598
|
+
{
|
|
599
|
+
id: "given_name",
|
|
600
|
+
name: "Given Names"
|
|
601
|
+
},
|
|
602
|
+
{
|
|
603
|
+
id: "birth_date",
|
|
604
|
+
name: "Birth Date"
|
|
605
|
+
},
|
|
606
|
+
{
|
|
607
|
+
id: "nationality",
|
|
608
|
+
name: "Nationality"
|
|
609
|
+
},
|
|
610
|
+
{
|
|
611
|
+
id: "social_security_number",
|
|
612
|
+
name: "Social Security Number"
|
|
613
|
+
},
|
|
614
|
+
{
|
|
615
|
+
id: "issuing_country",
|
|
616
|
+
name: "Issuing Country"
|
|
617
|
+
},
|
|
618
|
+
{
|
|
619
|
+
id: "expiry_date",
|
|
620
|
+
name: "Expiry Date"
|
|
621
|
+
}
|
|
622
|
+
]
|
|
623
|
+
},
|
|
624
|
+
"pda1-sd-jwt": {
|
|
625
|
+
id: "pda1-sd-jwt",
|
|
626
|
+
name: "Portable Document A1 — SD-JWT VC",
|
|
627
|
+
format: "dc+sd-jwt",
|
|
628
|
+
docType: "urn:eu.europa.ec.eudi:pda1:1",
|
|
629
|
+
namespace: "urn:eu.europa.ec.eudi:pda1:1",
|
|
630
|
+
vct: "urn:eu.europa.ec.eudi:pda1:1",
|
|
631
|
+
profile: "haip",
|
|
632
|
+
claims: [
|
|
633
|
+
{
|
|
634
|
+
id: "family_name",
|
|
635
|
+
name: "Family Name"
|
|
636
|
+
},
|
|
637
|
+
{
|
|
638
|
+
id: "given_name",
|
|
639
|
+
name: "Given Names"
|
|
640
|
+
},
|
|
641
|
+
{
|
|
642
|
+
id: "birth_date",
|
|
643
|
+
name: "Birth Date"
|
|
644
|
+
},
|
|
645
|
+
{
|
|
646
|
+
id: "nationality",
|
|
647
|
+
name: "Nationality"
|
|
648
|
+
},
|
|
649
|
+
{
|
|
650
|
+
id: "social_security_number",
|
|
651
|
+
name: "Social Security Number"
|
|
652
|
+
},
|
|
653
|
+
{
|
|
654
|
+
id: "issuing_country",
|
|
655
|
+
name: "Issuing Country"
|
|
656
|
+
},
|
|
657
|
+
{
|
|
658
|
+
id: "expiry_date",
|
|
659
|
+
name: "Expiry Date"
|
|
660
|
+
}
|
|
661
|
+
]
|
|
662
|
+
},
|
|
663
|
+
loyalty: {
|
|
664
|
+
id: "loyalty",
|
|
665
|
+
name: "Loyalty Card",
|
|
666
|
+
format: "mso_mdoc",
|
|
667
|
+
docType: "eu.europa.ec.eudi.loyalty.1",
|
|
668
|
+
namespace: "eu.europa.ec.eudi.loyalty.1",
|
|
669
|
+
profile: "haip",
|
|
670
|
+
claims: [
|
|
671
|
+
{
|
|
672
|
+
id: "family_name",
|
|
673
|
+
name: "Family Name"
|
|
674
|
+
},
|
|
675
|
+
{
|
|
676
|
+
id: "given_name",
|
|
677
|
+
name: "Given Names"
|
|
678
|
+
},
|
|
679
|
+
{
|
|
680
|
+
id: "loyalty_number",
|
|
681
|
+
name: "Loyalty Number"
|
|
682
|
+
},
|
|
683
|
+
{
|
|
684
|
+
id: "program_name",
|
|
685
|
+
name: "Program Name"
|
|
686
|
+
}
|
|
687
|
+
]
|
|
688
|
+
},
|
|
689
|
+
msisdn: {
|
|
690
|
+
id: "msisdn",
|
|
691
|
+
name: "Mobile Phone Number (MSISDN)",
|
|
692
|
+
format: "mso_mdoc",
|
|
693
|
+
docType: "eu.europa.ec.eudi.msisdn.1",
|
|
694
|
+
namespace: "eu.europa.ec.eudi.msisdn.1",
|
|
695
|
+
profile: "haip",
|
|
696
|
+
claims: [{
|
|
697
|
+
id: "phone_number",
|
|
698
|
+
name: "Phone Number"
|
|
699
|
+
}, {
|
|
700
|
+
id: "registered_family_name",
|
|
701
|
+
name: "Registered Family Name"
|
|
702
|
+
}]
|
|
703
|
+
},
|
|
704
|
+
"msisdn-sd-jwt": {
|
|
705
|
+
id: "msisdn-sd-jwt",
|
|
706
|
+
name: "Mobile Phone Number (MSISDN) — SD-JWT VC",
|
|
707
|
+
format: "dc+sd-jwt",
|
|
708
|
+
docType: "urn:eu.europa.ec.eudi:msisdn:1",
|
|
709
|
+
namespace: "urn:eu.europa.ec.eudi:msisdn:1",
|
|
710
|
+
vct: "urn:eu.europa.ec.eudi:msisdn:1",
|
|
711
|
+
profile: "haip",
|
|
712
|
+
claims: [{
|
|
713
|
+
id: "phone_number",
|
|
714
|
+
name: "Phone Number"
|
|
715
|
+
}, {
|
|
716
|
+
id: "registered_family_name",
|
|
717
|
+
name: "Registered Family Name"
|
|
718
|
+
}]
|
|
719
|
+
},
|
|
720
|
+
por: {
|
|
721
|
+
id: "por",
|
|
722
|
+
name: "Power of Representation",
|
|
723
|
+
format: "mso_mdoc",
|
|
724
|
+
docType: "eu.europa.ec.eudi.por.1",
|
|
725
|
+
namespace: "eu.europa.ec.eudi.por.1",
|
|
726
|
+
profile: "haip",
|
|
727
|
+
claims: [
|
|
728
|
+
{
|
|
729
|
+
id: "legal_person_id",
|
|
730
|
+
name: "Legal Person ID"
|
|
731
|
+
},
|
|
732
|
+
{
|
|
733
|
+
id: "legal_person_name",
|
|
734
|
+
name: "Legal Person Name"
|
|
735
|
+
},
|
|
736
|
+
{
|
|
737
|
+
id: "representative_family_name",
|
|
738
|
+
name: "Representative Family Name"
|
|
739
|
+
},
|
|
740
|
+
{
|
|
741
|
+
id: "representative_given_name",
|
|
742
|
+
name: "Representative Given Names"
|
|
743
|
+
}
|
|
744
|
+
]
|
|
745
|
+
},
|
|
746
|
+
"por-sd-jwt": {
|
|
747
|
+
id: "por-sd-jwt",
|
|
748
|
+
name: "Power of Representation — SD-JWT VC",
|
|
749
|
+
format: "dc+sd-jwt",
|
|
750
|
+
docType: "urn:eu.europa.ec.eudi:por:1",
|
|
751
|
+
namespace: "urn:eu.europa.ec.eudi:por:1",
|
|
752
|
+
vct: "urn:eu.europa.ec.eudi:por:1",
|
|
753
|
+
profile: "haip",
|
|
754
|
+
claims: [
|
|
755
|
+
{
|
|
756
|
+
id: "legal_person_id",
|
|
757
|
+
name: "Legal Person ID"
|
|
758
|
+
},
|
|
759
|
+
{
|
|
760
|
+
id: "legal_person_name",
|
|
761
|
+
name: "Legal Person Name"
|
|
762
|
+
},
|
|
763
|
+
{
|
|
764
|
+
id: "representative_family_name",
|
|
765
|
+
name: "Representative Family Name"
|
|
766
|
+
},
|
|
767
|
+
{
|
|
768
|
+
id: "representative_given_name",
|
|
769
|
+
name: "Representative Given Names"
|
|
770
|
+
}
|
|
771
|
+
]
|
|
772
|
+
}
|
|
773
|
+
};
|
|
774
|
+
function n(e) {
|
|
775
|
+
let n = t[e];
|
|
776
|
+
return n ? n.claims.slice(0, 5).map((e) => e.id) : [];
|
|
777
|
+
}
|
|
778
|
+
function r(e) {
|
|
779
|
+
return t[e]?.claims || [];
|
|
780
|
+
}
|
|
781
|
+
function i(n) {
|
|
782
|
+
let r = t[n];
|
|
783
|
+
return r && e[r.profile] || null;
|
|
784
|
+
}
|
|
785
|
+
function a(e) {
|
|
786
|
+
return t[e]?.profile || "haip";
|
|
787
|
+
}
|
|
788
|
+
//#endregion
|
|
789
|
+
//#region src/dcql.ts
|
|
790
|
+
var o = "eu.europa.ec.av.1", s = "eu.europa.ec.av.1.mdoc", c = "org.iso.18013.5.1", l = "org.iso.18013.5.1.mDL", u = "eu.europa.ec.eudi.pid.1", d = "eu.europa.ec.eudi.pid.1";
|
|
791
|
+
function f(e = 18) {
|
|
792
|
+
let t = `age_over_${e}`;
|
|
793
|
+
return { credentials: [{
|
|
794
|
+
id: "eu_av_proof",
|
|
795
|
+
format: "mso_mdoc",
|
|
796
|
+
meta: { doctype_value: s },
|
|
797
|
+
claims: [{
|
|
798
|
+
path: [o, t],
|
|
799
|
+
values: [!0],
|
|
800
|
+
intent_to_retain: !1
|
|
801
|
+
}]
|
|
802
|
+
}] };
|
|
803
|
+
}
|
|
804
|
+
function p(e = 18) {
|
|
805
|
+
let t = `age_over_${e}`;
|
|
806
|
+
return {
|
|
807
|
+
credentials: [{
|
|
808
|
+
id: "eu_av_proof",
|
|
809
|
+
format: "mso_mdoc",
|
|
810
|
+
meta: { doctype_value: s },
|
|
811
|
+
claims: [{
|
|
812
|
+
path: [o, t],
|
|
813
|
+
values: [!0],
|
|
814
|
+
intent_to_retain: !1
|
|
815
|
+
}]
|
|
816
|
+
}, {
|
|
817
|
+
id: "mdl_fallback",
|
|
818
|
+
format: "mso_mdoc",
|
|
819
|
+
meta: { doctype_value: l },
|
|
820
|
+
claims: [{
|
|
821
|
+
path: [c, t],
|
|
822
|
+
values: [!0],
|
|
823
|
+
intent_to_retain: !1
|
|
824
|
+
}]
|
|
825
|
+
}],
|
|
826
|
+
credential_sets: [{
|
|
827
|
+
options: [["eu_av_proof"], ["mdl_fallback"]],
|
|
828
|
+
required: !0
|
|
829
|
+
}]
|
|
830
|
+
};
|
|
831
|
+
}
|
|
832
|
+
function m() {
|
|
833
|
+
return { credentials: [{
|
|
834
|
+
id: "eu-pid-age-verification",
|
|
835
|
+
format: "mso_mdoc",
|
|
836
|
+
meta: { doctype_value: d },
|
|
837
|
+
claims: [{ path: [u, "age_over_18"] }]
|
|
838
|
+
}] };
|
|
839
|
+
}
|
|
840
|
+
function h(e, n, r, i) {
|
|
841
|
+
let a = t[n];
|
|
842
|
+
if (!a) throw Error(`Unknown credential type: ${n}`);
|
|
843
|
+
let o = a.format === "dc+sd-jwt", s = r.map((e) => {
|
|
844
|
+
let t = {
|
|
845
|
+
id: e,
|
|
846
|
+
path: o ? [e] : [a.namespace, e]
|
|
847
|
+
};
|
|
848
|
+
return o || (t.intent_to_retain = !1), t;
|
|
849
|
+
}), c = { credentials: [o ? {
|
|
850
|
+
id: `${n}_credential`,
|
|
851
|
+
format: "dc+sd-jwt",
|
|
852
|
+
meta: { vct_values: [a.vct] },
|
|
853
|
+
claims: s
|
|
854
|
+
} : {
|
|
855
|
+
id: `${n}_credential`,
|
|
856
|
+
format: "mso_mdoc",
|
|
857
|
+
meta: { doctype_value: a.docType },
|
|
858
|
+
claims: s
|
|
859
|
+
}] }, l = o ? { "dc+sd-jwt": {
|
|
860
|
+
"sd-jwt_alg_values": [
|
|
861
|
+
"ES256",
|
|
862
|
+
"ES384",
|
|
863
|
+
"ES512"
|
|
864
|
+
],
|
|
865
|
+
"kb-jwt_alg_values": [
|
|
866
|
+
"ES256",
|
|
867
|
+
"ES384",
|
|
868
|
+
"ES512"
|
|
869
|
+
]
|
|
870
|
+
} } : { mso_mdoc: {
|
|
871
|
+
issuerauth_alg_values: [
|
|
872
|
+
-7,
|
|
873
|
+
-35,
|
|
874
|
+
-36
|
|
875
|
+
],
|
|
876
|
+
deviceauth_alg_values: [
|
|
877
|
+
-7,
|
|
878
|
+
-35,
|
|
879
|
+
-36
|
|
880
|
+
]
|
|
881
|
+
} };
|
|
882
|
+
return {
|
|
883
|
+
public_url: e,
|
|
884
|
+
dcql_query: c,
|
|
885
|
+
nonce: _(),
|
|
886
|
+
credential_type: n,
|
|
887
|
+
profile: i,
|
|
888
|
+
client_metadata: {
|
|
889
|
+
client_name: "ewQwe Digital Credentials Demo",
|
|
890
|
+
vp_formats: l
|
|
891
|
+
}
|
|
892
|
+
};
|
|
893
|
+
}
|
|
894
|
+
function g(e, t) {
|
|
895
|
+
return t || (e === "proof-of-age" ? "annex-a" : "haip");
|
|
896
|
+
}
|
|
897
|
+
function _() {
|
|
898
|
+
let e = new Uint8Array(32);
|
|
899
|
+
if (globalThis.crypto.getRandomValues(e), typeof btoa == "function") {
|
|
900
|
+
let t = "";
|
|
901
|
+
for (let n of e) t += String.fromCharCode(n);
|
|
902
|
+
return btoa(t).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "");
|
|
903
|
+
}
|
|
904
|
+
if (typeof Buffer < "u") return Buffer.from(e).toString("base64").replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "");
|
|
905
|
+
throw Error("No base64 encoder available in this runtime");
|
|
906
|
+
}
|
|
907
|
+
function v(e) {
|
|
908
|
+
try {
|
|
909
|
+
return JSON.parse(e);
|
|
910
|
+
} catch {
|
|
911
|
+
return null;
|
|
912
|
+
}
|
|
913
|
+
}
|
|
914
|
+
function y(e) {
|
|
915
|
+
for (let t of e.credentials) for (let e of t.claims ?? []) {
|
|
916
|
+
let t = e.path[e.path.length - 1];
|
|
917
|
+
if (typeof t != "string") continue;
|
|
918
|
+
let n = t.match(/^age_over_(\d+)$/);
|
|
919
|
+
if (n) return parseInt(n[1], 10);
|
|
920
|
+
}
|
|
921
|
+
return null;
|
|
922
|
+
}
|
|
923
|
+
function b(e) {
|
|
924
|
+
let t = e.nonce ?? _(), n = e.state ?? _(), r = f(e.ageThreshold ?? 18);
|
|
925
|
+
return {
|
|
926
|
+
client_id: `redirect_uri:${e.redirectUri}`,
|
|
927
|
+
response_type: "vp_token",
|
|
928
|
+
response_mode: "fragment",
|
|
929
|
+
nonce: t,
|
|
930
|
+
state: n,
|
|
931
|
+
redirect_uri: e.redirectUri,
|
|
932
|
+
dcql_query: JSON.stringify(r)
|
|
933
|
+
};
|
|
934
|
+
}
|
|
935
|
+
function x(e) {
|
|
936
|
+
let t = e.nonce ?? _(), n = e.state ?? _(), r = p(e.ageThreshold ?? 18);
|
|
937
|
+
return {
|
|
938
|
+
client_id: `x509_san_dns:${e.rpDomain}`,
|
|
939
|
+
response_type: "vp_token",
|
|
940
|
+
response_mode: "direct_post",
|
|
941
|
+
nonce: t,
|
|
942
|
+
state: n,
|
|
943
|
+
response_uri: e.responseUri,
|
|
944
|
+
dcql_query: JSON.stringify(r)
|
|
945
|
+
};
|
|
946
|
+
}
|
|
947
|
+
//#endregion
|
|
948
|
+
//#region src/attestation.ts
|
|
949
|
+
function S(e) {
|
|
950
|
+
let t = e.replace(/-/g, "+").replace(/_/g, "/"), n = t.padEnd(t.length + (4 - t.length % 4) % 4, "=");
|
|
951
|
+
if (typeof atob == "function") {
|
|
952
|
+
let e = atob(n), t = new Uint8Array(e.length);
|
|
953
|
+
for (let n = 0; n < e.length; n++) t[n] = e.charCodeAt(n);
|
|
954
|
+
return t;
|
|
955
|
+
}
|
|
956
|
+
if (typeof Buffer < "u") return new Uint8Array(Buffer.from(n, "base64"));
|
|
957
|
+
throw Error("No base64 decoder available in this runtime");
|
|
958
|
+
}
|
|
959
|
+
function C() {
|
|
960
|
+
let e = globalThis.crypto?.subtle;
|
|
961
|
+
if (!e) throw Error("Web Crypto API is not available in this runtime");
|
|
962
|
+
return e;
|
|
963
|
+
}
|
|
964
|
+
function w(e) {
|
|
965
|
+
let t = e.split(".");
|
|
966
|
+
if (t.length !== 3) throw Error("Invalid JWT: expected 3 dot-separated parts");
|
|
967
|
+
let [n, r, i] = t;
|
|
968
|
+
return [
|
|
969
|
+
n,
|
|
970
|
+
r,
|
|
971
|
+
S(i)
|
|
972
|
+
];
|
|
973
|
+
}
|
|
974
|
+
function T(e) {
|
|
975
|
+
let t = new TextDecoder().decode(S(e));
|
|
976
|
+
return JSON.parse(t);
|
|
977
|
+
}
|
|
978
|
+
function E(e) {
|
|
979
|
+
let t = e.trim(), n;
|
|
980
|
+
if (t.startsWith("-----BEGIN CERTIFICATE-----")) {
|
|
981
|
+
let e = S(t.replace(/-----BEGIN CERTIFICATE-----/, "").replace(/-----END CERTIFICATE-----/, "").replace(/\s+/g, "").replace(/\+/g, "-").replace(/\//g, "_")).buffer;
|
|
982
|
+
n = D(e);
|
|
983
|
+
} else n = t.startsWith("-----BEGIN PUBLIC KEY-----") ? S(t.replace(/-----BEGIN PUBLIC KEY-----/, "").replace(/-----END PUBLIC KEY-----/, "").replace(/\s+/g, "").replace(/\+/g, "-").replace(/\//g, "_")).buffer : S(t.replace(/\s+/g, "").replace(/\+/g, "-").replace(/\//g, "_")).buffer;
|
|
984
|
+
return C().importKey("spki", n, {
|
|
985
|
+
name: "ECDSA",
|
|
986
|
+
namedCurve: "P-256"
|
|
987
|
+
}, !1, ["verify"]);
|
|
988
|
+
}
|
|
989
|
+
function D(e) {
|
|
990
|
+
let t = new Uint8Array(e), n = new Uint8Array([
|
|
991
|
+
42,
|
|
992
|
+
134,
|
|
993
|
+
72,
|
|
994
|
+
206,
|
|
995
|
+
61,
|
|
996
|
+
2,
|
|
997
|
+
1
|
|
998
|
+
]);
|
|
999
|
+
outer: for (let e = 0; e < t.length - n.length; e++) {
|
|
1000
|
+
for (let r = 0; r < n.length; r++) if (t[e + r] !== n[r]) continue outer;
|
|
1001
|
+
let r = e - 2 - 2;
|
|
1002
|
+
if (r < 2) continue;
|
|
1003
|
+
let i = O(t, r);
|
|
1004
|
+
if (i < 0) continue;
|
|
1005
|
+
let [, a] = k(t, i);
|
|
1006
|
+
return t.slice(i, a).buffer;
|
|
1007
|
+
}
|
|
1008
|
+
throw Error("Could not extract SubjectPublicKeyInfo from certificate — EC public key OID not found");
|
|
1009
|
+
}
|
|
1010
|
+
function O(e, t) {
|
|
1011
|
+
for (let n = t - 2; n >= 0; n--) if (e[n] === 48) try {
|
|
1012
|
+
let [r, i] = k(e, n);
|
|
1013
|
+
if (r <= t && t < i) return n;
|
|
1014
|
+
} catch {}
|
|
1015
|
+
return -1;
|
|
1016
|
+
}
|
|
1017
|
+
function k(e, t) {
|
|
1018
|
+
let n = t + 1, r;
|
|
1019
|
+
if (e[n] & 128) {
|
|
1020
|
+
let t = e[n] & 127;
|
|
1021
|
+
r = 0;
|
|
1022
|
+
for (let i = 0; i < t; i++) r = r << 8 | e[++n];
|
|
1023
|
+
n++;
|
|
1024
|
+
} else r = e[n++];
|
|
1025
|
+
return [n, n + r];
|
|
1026
|
+
}
|
|
1027
|
+
function A(e) {
|
|
1028
|
+
let t = e.split(".");
|
|
1029
|
+
if (t.length !== 3) throw Error("Invalid JWT: expected 3 dot-separated parts");
|
|
1030
|
+
return T(t[1]);
|
|
1031
|
+
}
|
|
1032
|
+
function j(e) {
|
|
1033
|
+
let t = Math.floor(Date.now() / 1e3);
|
|
1034
|
+
return e.exp !== void 0 && e.exp < t ? "expired" : e.nbf !== void 0 && e.nbf > t ? "not_yet_valid" : "valid";
|
|
1035
|
+
}
|
|
1036
|
+
async function M(e, t) {
|
|
1037
|
+
let n = e.split(".");
|
|
1038
|
+
if (n.length !== 3) throw Error("Invalid JWT: expected 3 dot-separated parts");
|
|
1039
|
+
let r = JSON.parse(new TextDecoder().decode(S(n[0]))), i = typeof r.kid == "string" ? r.kid : void 0, a = await fetch(t);
|
|
1040
|
+
if (!a.ok) throw Error(`Failed to fetch JWKS from ${t}: HTTP ${a.status}`);
|
|
1041
|
+
let o = await a.json(), s = Array.isArray(o.keys) ? o.keys : [], c;
|
|
1042
|
+
if (i !== void 0 && (c = s.find((e) => e.kid === i)), c ||= s.find((e) => {
|
|
1043
|
+
let t = e;
|
|
1044
|
+
return Array.isArray(t.x5c) && t.x5c.length > 0;
|
|
1045
|
+
}), !c) throw Error(`No suitable attestation verification key found in JWKS${i === void 0 ? "" : ` for kid="${i}"`}`);
|
|
1046
|
+
let l = c;
|
|
1047
|
+
if (!Array.isArray(l.x5c) || l.x5c.length === 0) throw Error("JWKS attestation key does not include an x5c certificate");
|
|
1048
|
+
return N(e, await E(`-----BEGIN CERTIFICATE-----\n${l.x5c[0]}\n-----END CERTIFICATE-----`));
|
|
1049
|
+
}
|
|
1050
|
+
async function N(e, t) {
|
|
1051
|
+
let [n, r, i] = w(e), a = new TextEncoder().encode(`${n}.${r}`);
|
|
1052
|
+
if (!await C().verify({
|
|
1053
|
+
name: "ECDSA",
|
|
1054
|
+
hash: { name: "SHA-256" }
|
|
1055
|
+
}, t, i.buffer, a)) throw Error("Attestation JWT signature verification failed");
|
|
1056
|
+
let o = T(r), s = j(o);
|
|
1057
|
+
if (s === "expired") throw Error(`Attestation JWT is expired (exp=${o.exp}, now=${Math.floor(Date.now() / 1e3)})`);
|
|
1058
|
+
if (s === "not_yet_valid") throw Error(`Attestation JWT is not yet valid (nbf=${o.nbf}, now=${Math.floor(Date.now() / 1e3)})`);
|
|
1059
|
+
return o;
|
|
1060
|
+
}
|
|
1061
|
+
//#endregion
|
|
1062
|
+
//#region src/api-client.ts
|
|
1063
|
+
var P = class {
|
|
1064
|
+
constructor(e) {
|
|
1065
|
+
if (e?.fetch) this.fetchFn = e.fetch;
|
|
1066
|
+
else if (typeof globalThis.fetch == "function") this.fetchFn = globalThis.fetch.bind(globalThis);
|
|
1067
|
+
else throw Error("No fetch implementation available");
|
|
1068
|
+
this.baseUrl = e?.baseUrl?.replace(/\/$/u, "") ?? "";
|
|
1069
|
+
}
|
|
1070
|
+
buildUrl(e) {
|
|
1071
|
+
if (/^https?:\/\//i.test(e)) return e;
|
|
1072
|
+
let t = e.startsWith("/") ? e : `/${e}`;
|
|
1073
|
+
return `${this.baseUrl}${t}`;
|
|
1074
|
+
}
|
|
1075
|
+
async requestJson(e, t, n) {
|
|
1076
|
+
let r = this.buildUrl(t), i = await this.fetchFn(r, {
|
|
1077
|
+
method: e,
|
|
1078
|
+
headers: { "Content-Type": "application/json" },
|
|
1079
|
+
body: n === void 0 ? void 0 : JSON.stringify(n)
|
|
1080
|
+
});
|
|
1081
|
+
if (!i.ok) {
|
|
1082
|
+
let t = await i.text().catch(() => ""), n = t ? `${i.status} ${i.statusText}: ${t}` : `${i.status} ${i.statusText}`;
|
|
1083
|
+
throw Error(`API request failed ${e} ${r}: ${n}`);
|
|
1084
|
+
}
|
|
1085
|
+
return await i.json();
|
|
1086
|
+
}
|
|
1087
|
+
async initOpenID4VPTransaction(e) {
|
|
1088
|
+
return await this.requestJson("POST", "/ewqwe_api/openid4vp/init", e);
|
|
1089
|
+
}
|
|
1090
|
+
async getOpenID4VPTransactionStatus(e) {
|
|
1091
|
+
return await this.requestJson("GET", `/ewqwe_api/openid4vp/status/${encodeURIComponent(e)}`);
|
|
1092
|
+
}
|
|
1093
|
+
async getOpenID4VPAuthorizationRequest(e) {
|
|
1094
|
+
return await this.requestJson("GET", `/ewqwe_api/openid4vp/request/${encodeURIComponent(e)}`);
|
|
1095
|
+
}
|
|
1096
|
+
async postOpenID4VPAuthorizationRequest(e, t) {
|
|
1097
|
+
await this.requestJson("POST", `/ewqwe_api/openid4vp/request/${encodeURIComponent(e)}`, t);
|
|
1098
|
+
}
|
|
1099
|
+
async postOpenID4VPDirectPost(e) {
|
|
1100
|
+
await this.requestJson("POST", "/ewqwe_api/openid4vp/direct_post", e);
|
|
1101
|
+
}
|
|
1102
|
+
async getOpenID4VPJwks() {
|
|
1103
|
+
return await this.requestJson("GET", "/ewqwe_api/openid4vp/.well-known/jwks.json");
|
|
1104
|
+
}
|
|
1105
|
+
async verifyPresentation(e) {
|
|
1106
|
+
return await this.requestJson("POST", "/ewqwe_api/verify", e);
|
|
1107
|
+
}
|
|
1108
|
+
};
|
|
1109
|
+
//#endregion
|
|
1110
|
+
export { t as CREDENTIAL_TYPES, s as EU_AV_DOCTYPE, o as EU_AV_NAMESPACE, d as EU_PID_DOCTYPE, u as EU_PID_NAMESPACE, P as EwqweApiClient, l as ISO_MDL_DOCTYPE, c as ISO_MDL_NAMESPACE, e as PROTOCOL_PROFILES, S as base64urlDecode, f as buildAgeVerificationQuery, p as buildAgeVerificationQueryWithFallback, b as buildAuthorizationRequest, x as buildCrossDeviceAuthorizationRequest, h as buildInitTransactionRequest, A as decodeAttestation, g as determineProfile, y as extractAgeThreshold, _ as generateNonce, j as getAttestationExpiryStatus, r as getClaimsForType, m as getDefaultAgeVerificationDCQL, n as getDefaultClaims, i as getProfileForType, a as getProfileIdForType, E as importVerifierPublicKey, M as parseAttestation, v as parseDCQLQuery, N as verifyAttestation };
|
|
1111
|
+
|
|
1112
|
+
//# sourceMappingURL=index.mjs.map
|