@gramota/issuer 0.3.2 → 0.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.d.ts +1 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +5 -0
- package/dist/index.js.map +1 -1
- package/dist/issuer.d.ts.map +1 -1
- package/dist/issuer.js +10 -1
- package/dist/issuer.js.map +1 -1
- package/dist/pid.d.ts +148 -0
- package/dist/pid.d.ts.map +1 -0
- package/dist/pid.js +126 -0
- package/dist/pid.js.map +1 -0
- package/dist/types.d.ts +15 -2
- package/dist/types.d.ts.map +1 -1
- package/dist/types.js.map +1 -1
- package/package.json +2 -2
package/dist/index.d.ts
CHANGED
|
@@ -1,3 +1,4 @@
|
|
|
1
1
|
export { Issuer, type IssuerCredentialsApi } from "./issuer.js";
|
|
2
2
|
export { IssuerError, type BatchIssueEntry, type BatchIssueOptions, type IssuerConfig, type IssuerErrorCode, type IssueOptions, type IssueResult, } from "./types.js";
|
|
3
|
+
export { EU_PID_VCT, EU_PID_CREDENTIAL_CONFIGURATION_ID, PidClaim, PID_MANDATORY_CLAIM_NAMES, defaultPidSubject, statusListReference, type PidSubject, type DefaultPidSubjectOptions, type StatusListReference, } from "./pid.js";
|
|
3
4
|
//# sourceMappingURL=index.d.ts.map
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,KAAK,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAChE,OAAO,EACL,WAAW,EACX,KAAK,eAAe,EACpB,KAAK,iBAAiB,EACtB,KAAK,YAAY,EACjB,KAAK,eAAe,EACpB,KAAK,YAAY,EACjB,KAAK,WAAW,GACjB,MAAM,YAAY,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,KAAK,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAChE,OAAO,EACL,WAAW,EACX,KAAK,eAAe,EACpB,KAAK,iBAAiB,EACtB,KAAK,YAAY,EACjB,KAAK,eAAe,EACpB,KAAK,YAAY,EACjB,KAAK,WAAW,GACjB,MAAM,YAAY,CAAC;AAMpB,OAAO,EACL,UAAU,EACV,kCAAkC,EAClC,QAAQ,EACR,yBAAyB,EACzB,iBAAiB,EACjB,mBAAmB,EACnB,KAAK,UAAU,EACf,KAAK,wBAAwB,EAC7B,KAAK,mBAAmB,GACzB,MAAM,UAAU,CAAC"}
|
package/dist/index.js
CHANGED
|
@@ -1,3 +1,8 @@
|
|
|
1
1
|
export { Issuer } from "./issuer.js";
|
|
2
2
|
export { IssuerError, } from "./types.js";
|
|
3
|
+
// EU PID claim helpers — constants for canonical claim names + a default
|
|
4
|
+
// subject builder. Importing from `@gramota/issuer` keeps callers from
|
|
5
|
+
// hand-typing `birthdate` vs `birth_date` (the Rulebook spelling differs
|
|
6
|
+
// from common OIDC custom).
|
|
7
|
+
export { EU_PID_VCT, EU_PID_CREDENTIAL_CONFIGURATION_ID, PidClaim, PID_MANDATORY_CLAIM_NAMES, defaultPidSubject, statusListReference, } from "./pid.js";
|
|
3
8
|
//# sourceMappingURL=index.js.map
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAA6B,MAAM,aAAa,CAAC;AAChE,OAAO,EACL,WAAW,GAOZ,MAAM,YAAY,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAA6B,MAAM,aAAa,CAAC;AAChE,OAAO,EACL,WAAW,GAOZ,MAAM,YAAY,CAAC;AAEpB,yEAAyE;AACzE,uEAAuE;AACvE,yEAAyE;AACzE,4BAA4B;AAC5B,OAAO,EACL,UAAU,EACV,kCAAkC,EAClC,QAAQ,EACR,yBAAyB,EACzB,iBAAiB,EACjB,mBAAmB,GAIpB,MAAM,UAAU,CAAC"}
|
package/dist/issuer.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"issuer.d.ts","sourceRoot":"","sources":["../src/issuer.ts"],"names":[],"mappings":"AAEA,OAAO,EAAY,KAAK,UAAU,EAAe,MAAM,eAAe,CAAC;AACvE,OAAO,EAGL,KAAK,iBAAiB,EACtB,KAAK,YAAY,EACjB,KAAK,WAAW,EAChB,KAAK,YAAY,EAClB,MAAM,YAAY,CAAC;
|
|
1
|
+
{"version":3,"file":"issuer.d.ts","sourceRoot":"","sources":["../src/issuer.ts"],"names":[],"mappings":"AAEA,OAAO,EAAY,KAAK,UAAU,EAAe,MAAM,eAAe,CAAC;AACvE,OAAO,EAGL,KAAK,iBAAiB,EACtB,KAAK,YAAY,EACjB,KAAK,WAAW,EAChB,KAAK,YAAY,EAClB,MAAM,YAAY,CAAC;AASpB;mCACmC;AACnC,MAAM,WAAW,oBAAoB;IACnC,6DAA6D;IAC7D,KAAK,CAAC,OAAO,EAAE,YAAY,GAAG,OAAO,CAAC,WAAW,CAAC,CAAC;IACnD;;;;yEAIqE;IACrE,UAAU,CAAC,OAAO,EAAE,iBAAiB,GAAG,OAAO,CAAC,SAAS,WAAW,EAAE,CAAC,CAAC;CACzE;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,qBAAa,MAAM;IACjB;4EACwE;IACxE,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAS;IAChC,sCAAsC;IACtC,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAS;IACvC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAqB;IACzC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAqB;IACzC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAsB;IAE9C;+EAC2E;IAC3E,QAAQ,CAAC,WAAW,EAAE,oBAAoB,CAAC;gBAE/B,MAAM,EAAE,YAAY;IAkBhC;;;+DAG2D;IACrD,KAAK,CAAC,OAAO,EAAE,YAAY,GAAG,OAAO,CAAC,WAAW,CAAC;IAIxD;;;;;;;;;;;2BAWuB;IACjB,UAAU,CACd,OAAO,EAAE,iBAAiB,GACzB,OAAO,CAAC,SAAS,WAAW,EAAE,CAAC;YAIpB,cAAc;YAiCd,SAAS;IA2DvB,6EAA6E;IAC7E,IAAI,SAAS,IAAI,UAAU,CAE1B;IAED,4DAA4D;IAC5D,IAAI,QAAQ,IAAI,MAAM,CAErB;CACF"}
|
package/dist/issuer.js
CHANGED
|
@@ -2,7 +2,11 @@ import { randomUUID } from "node:crypto";
|
|
|
2
2
|
import { issueSdJwt } from "@gramota/sd-jwt";
|
|
3
3
|
import { asSigner } from "@gramota/jose";
|
|
4
4
|
import { IssuerError, } from "./types.js";
|
|
5
|
-
|
|
5
|
+
// SD-JWT-VC §3.2.1 (since draft-08, November 2024): the JWS `typ` header MUST
|
|
6
|
+
// be `dc+sd-jwt`. Spec text recommends verifiers accept the legacy `vc+sd-jwt`
|
|
7
|
+
// during the transition window for back-compat with already-minted credentials.
|
|
8
|
+
// Override via `IssuerConfig.typ` for callers stuck on the legacy spelling.
|
|
9
|
+
const DEFAULT_TYP = "dc+sd-jwt";
|
|
6
10
|
const DEFAULT_HASH_ALG = "sha-256";
|
|
7
11
|
/**
|
|
8
12
|
* The issuer role per IETF SD-JWT-VC §3.
|
|
@@ -122,6 +126,11 @@ export class Issuer {
|
|
|
122
126
|
payload["exp"] = expiresAt;
|
|
123
127
|
if (options.notBefore !== undefined)
|
|
124
128
|
payload["nbf"] = options.notBefore;
|
|
129
|
+
// Status claim plumbed per SD-JWT-VC §6 / HAIP §6.1. When the caller
|
|
130
|
+
// does NOT supply a status, OMIT the claim entirely — emitting an
|
|
131
|
+
// empty `status: {}` would tell the verifier "this credential is
|
|
132
|
+
// revocable but has no status list configured", which is worse than
|
|
133
|
+
// saying "non-revocable" outright.
|
|
125
134
|
if (options.status !== undefined)
|
|
126
135
|
payload["status"] = options.status;
|
|
127
136
|
// Adapt the Signer to issueSdJwt's `signer: (s) => Promise<sig>` shape.
|
package/dist/issuer.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"issuer.js","sourceRoot":"","sources":["../src/issuer.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EAAE,UAAU,EAAgB,MAAM,iBAAiB,CAAC;AAC3D,OAAO,EAAE,QAAQ,EAAgC,MAAM,eAAe,CAAC;AACvE,OAAO,EACL,WAAW,GAMZ,MAAM,YAAY,CAAC;AAEpB,MAAM,WAAW,GAAG,WAAW,CAAC;AAChC,MAAM,gBAAgB,GAAY,SAAS,CAAC;AAe5C;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,OAAO,MAAM;IACjB;4EACwE;IACvD,MAAM,CAAS;IAChC,sCAAsC;IACrB,aAAa,CAAS;IACtB,GAAG,CAAqB;IACxB,GAAG,CAAqB;IACxB,OAAO,CAAsB;IAE9C;+EAC2E;IAClE,WAAW,CAAuB;IAE3C,YAAY,MAAoB;QAC9B,IAAI,OAAO,MAAM,CAAC,QAAQ,KAAK,QAAQ,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACxE,MAAM,IAAI,SAAS,CAAC,6CAA6C,CAAC,CAAC;QACrE,CAAC;QACD,IAAI,CAAC,MAAM,GAAG,qBAAqB,CAAC,MAAM,CAAC,CAAC;QAC5C,IAAI,CAAC,aAAa,GAAG,MAAM,CAAC,QAAQ,CAAC;QACrC,IAAI,CAAC,GAAG,GAAG,MAAM,CAAC,GAAG,CAAC;QACtB,IAAI,CAAC,GAAG,GAAG,MAAM,CAAC,GAAG,CAAC;QACtB,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,OAAO,CAAC;QAE9B,wEAAwE;QACxE,0EAA0E;QAC1E,IAAI,CAAC,WAAW,GAAG;YACjB,KAAK,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC;YAC3C,UAAU,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC;SACtD,CAAC;IACJ,CAAC;IAED;;;+DAG2D;IAC3D,KAAK,CAAC,KAAK,CAAC,OAAqB;QAC/B,OAAO,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;IACjC,CAAC;IAED;;;;;;;;;;;2BAWuB;IACvB,KAAK,CAAC,UAAU,CACd,OAA0B;QAE1B,OAAO,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;IACtC,CAAC;IAEO,KAAK,CAAC,cAAc,CAC1B,OAA0B;QAE1B,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,WAAW,CAAC,IAAI,OAAO,CAAC,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC5E,MAAM,IAAI,WAAW,CACnB,oBAAoB,EACpB,mDAAmD,CACpD,CAAC;QACJ,CAAC;QAED,wEAAwE;QACxE,sEAAsE;QACtE,oEAAoE;QACpE,MAAM,cAAc,GAClB,OAAO,CAAC,QAAQ,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QAEpD,uEAAuE;QACvE,+DAA+D;QAC/D,kEAAkE;QAClE,mDAAmD;QACnD,MAAM,IAAI,GAAG,OAAO,CAAC,WAAW,CAAC,CAAC,CAAE,CAAC;QACrC,QAAQ,CAAC,cAAc,CAAC,OAAO,EAAE,IAAI,EAAE,cAAc,CAAC,CAAC,CAAC;QAExD,iEAAiE;QACjE,mEAAmE;QACnE,gEAAgE;QAChE,MAAM,OAAO,GAAkB,EAAE,CAAC;QAClC,KAAK,MAAM,KAAK,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC;YACxC,OAAO,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,SAAS,CAAC,cAAc,CAAC,OAAO,EAAE,KAAK,EAAE,cAAc,CAAC,CAAC,CAAC,CAAC;QACrF,CAAC;QACD,OAAO,OAAO,CAAC;IACjB,CAAC;IAEO,KAAK,CAAC,SAAS,CAAC,OAAqB;QAC3C,QAAQ,CAAC,OAAO,CAAC,CAAC;QAElB,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QACnE,MAAM,SAAS,GAAG,aAAa,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;QACnD,MAAM,YAAY,GAAG,OAAO,CAAC,YAAY,IAAI,UAAU,EAAE,CAAC;QAE1D,wEAAwE;QACxE,+BAA+B;QAC/B,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,sBAAsB,IAAI,EAAE,CAAC,CAAC;QAC9D,MAAM,QAAQ,GAA4B,EAAE,CAAC;QAC7C,MAAM,YAAY,GAA4B,EAAE,CAAC;QACjD,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;YACrD,IAAI,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC;gBAAE,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;;gBAC/B,YAAY,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAC3B,CAAC;QAED,MAAM,OAAO,GAA4B;YACvC,GAAG,EAAE,IAAI,CAAC,aAAa;YACvB,GAAG,EAAE,QAAQ;YACb,GAAG,EAAE,OAAO,CAAC,GAAG;YAChB,GAAG,EAAE,EAAE,GAAG,EAAE,OAAO,CAAC,SAAS,EAAE;YAC/B,GAAG,YAAY;SAChB,CAAC;QACF,IAAI,SAAS,KAAK,SAAS;YAAE,OAAO,CAAC,KAAK,CAAC,GAAG,SAAS,CAAC;QACxD,IAAI,OAAO,CAAC,SAAS,KAAK,SAAS;YAAE,OAAO,CAAC,KAAK,CAAC,GAAG,OAAO,CAAC,SAAS,CAAC;QACxE,IAAI,OAAO,CAAC,MAAM,KAAK,SAAS;YAAE,OAAO,CAAC,QAAQ,CAAC,GAAG,OAAO,CAAC,MAAM,CAAC;QAErE,wEAAwE;QACxE,MAAM,MAAM,GAAG,CAAC,aAAqB,EAAmB,EAAE,CACxD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QAElC,MAAM,SAAS,GAAqC;YAClD,OAAO;YACP,QAAQ;YACR,GAAG,EAAE,IAAI,CAAC,MAAM,CAAC,GAAG;YACpB,GAAG,EAAE,IAAI,CAAC,GAAG,IAAI,WAAW;YAC5B,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,IAAI,CAAC,OAAO,IAAI,gBAAgB;SAC1C,CAAC;QACF,IAAI,IAAI,CAAC,GAAG,KAAK,SAAS,EAAE,CAAC;YAC3B,SAAS,CAAC,WAAW,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC;QAC5C,CAAC;QAED,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,SAAS,CAAC,CAAC;QAE3C,OAAO;YACL,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,YAAY;YACZ,WAAW,EAAE,MAAM,CAAC,WAAW;YAC/B,SAAS;SACV,CAAC;IACJ,CAAC;IAED,6EAA6E;IAC7E,IAAI,SAAS;QACX,OAAO,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC;IAC/B,CAAC;IAED,4DAA4D;IAC5D,IAAI,QAAQ;QACV,OAAO,IAAI,CAAC,aAAa,CAAC;IAC5B,CAAC;CACF;AAED;;GAEG;AACH,SAAS,qBAAqB,CAAC,MAAoB;IACjD,IACE,QAAQ,IAAI,MAAM;QAClB,MAAM,CAAC,MAAM,KAAK,SAAS;QAC3B,OAAQ,MAAM,CAAC,MAAiB,CAAC,IAAI,KAAK,UAAU,EACpD,CAAC;QACD,OAAO,MAAM,CAAC,MAAM,CAAC;IACvB,CAAC;IACD,IACE,YAAY,IAAI,MAAM;QACtB,WAAW,IAAI,MAAM;QACrB,KAAK,IAAI,MAAM;QACf,MAAM,CAAC,UAAU,KAAK,IAAI;QAC1B,OAAO,MAAM,CAAC,UAAU,KAAK,QAAQ;QACrC,MAAM,CAAC,SAAS,KAAK,IAAI;QACzB,OAAO,MAAM,CAAC,SAAS,KAAK,QAAQ;QACpC,OAAO,MAAM,CAAC,GAAG,KAAK,QAAQ;QAC9B,MAAM,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,EACrB,CAAC;QACD,OAAO,QAAQ,CAAC;YACd,SAAS,EAAE,MAAM,CAAC,SAAS;YAC3B,UAAU,EAAE,MAAM,CAAC,UAAU;YAC7B,GAAG,EAAE,MAAM,CAAC,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IACD,MAAM,IAAI,SAAS,CACjB,+FAA+F,CAChG,CAAC;AACJ,CAAC;AAED;;;;;;;GAOG;AACH,SAAS,cAAc,CACrB,MAAyB,EACzB,KAAsB,EACtB,cAAsB;IAEtB,OAAO;QACL,OAAO,EAAE,MAAM,CAAC,OAAO;QACvB,GAAG,EAAE,MAAM,CAAC,GAAG;QACf,SAAS,EAAE,KAAK,CAAC,SAAS;QAC1B,QAAQ,EAAE,cAAc;QACxB,GAAG,CAAC,MAAM,CAAC,sBAAsB,KAAK,SAAS;YAC7C,CAAC,CAAC,EAAE,sBAAsB,EAAE,MAAM,CAAC,sBAAsB,EAAE;YAC3D,CAAC,CAAC,EAAE,CAAC;QACP,GAAG,CAAC,MAAM,CAAC,SAAS,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC1E,GAAG,CAAC,MAAM,CAAC,SAAS,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC1E,GAAG,CAAC,MAAM,CAAC,SAAS,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC1E,GAAG,CAAC,KAAK,CAAC,YAAY,KAAK,SAAS;YAClC,CAAC,CAAC,EAAE,YAAY,EAAE,KAAK,CAAC,YAAY,EAAE;YACtC,CAAC,CAAC,EAAE,CAAC;QACP,GAAG,CAAC,KAAK,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KAChE,CAAC;AACJ,CAAC;AAED,8EAA8E;AAC9E,aAAa;AACb,8EAA8E;AAE9E,SAAS,QAAQ,CAAC,OAAqB;IACrC,IACE,OAAO,CAAC,OAAO,KAAK,IAAI;QACxB,OAAO,OAAO,CAAC,OAAO,KAAK,QAAQ;QACnC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,EAC9B,CAAC;QACD,MAAM,IAAI,WAAW,CAAC,wBAAwB,EAAE,0CAA0C,CAAC,CAAC;IAC9F,CAAC;IACD,IAAI,OAAO,CAAC,SAAS,KAAK,IAAI,IAAI,OAAO,OAAO,CAAC,SAAS,KAAK,QAAQ,EAAE,CAAC;QACxE,MAAM,IAAI,WAAW,CAAC,4BAA4B,EAAE,6CAA6C,CAAC,CAAC;IACrG,CAAC;IACD,IAAI,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ,IAAI,OAAO,CAAC,GAAG,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAChE,MAAM,IAAI,WAAW,CACnB,qBAAqB,EACrB,oDAAoD,CACrD,CAAC;IACJ,CAAC;IACD,IAAI,OAAO,CAAC,SAAS,KAAK,SAAS,IAAI,OAAO,CAAC,SAAS,KAAK,SAAS,EAAE,CAAC;QACvE,MAAM,IAAI,WAAW,CACnB,wBAAwB,EACxB,uDAAuD,CACxD,CAAC;IACJ,CAAC;IACD,IAAI,OAAO,CAAC,sBAAsB,KAAK,SAAS,EAAE,CAAC;QACjD,KAAK,MAAM,IAAI,IAAI,OAAO,CAAC,sBAAsB,EAAE,CAAC;YAClD,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,IAAI,CAAC,EAAE,CAAC;gBACjE,MAAM,IAAI,WAAW,CACnB,4BAA4B,EAC5B,yCAAyC,IAAI,6BAA6B,CAC3E,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IACD,0DAA0D;IAC1D,KAAK,MAAM,QAAQ,IAAI,CAAC,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,QAAQ,CAAC,EAAE,CAAC;QAC5E,IAAI,MAAM,CAAC,SAAS,CAAC,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,QAAQ,CAAC,EAAE,CAAC;YACpE,MAAM,IAAI,WAAW,CACnB,kCAAkC,EAClC,uDAAuD,QAAQ,8BAA8B,CAC9F,CAAC;QACJ,CAAC;IACH,CAAC;AACH,CAAC;AAED,SAAS,aAAa,CACpB,OAAqB,EACrB,QAAgB;IAEhB,IAAI,OAAO,CAAC,SAAS,KAAK,SAAS,EAAE,CAAC;QACpC,IAAI,OAAO,CAAC,SAAS,IAAI,QAAQ,EAAE,CAAC;YAClC,MAAM,IAAI,WAAW,CACnB,uBAAuB,EACvB,qBAAqB,OAAO,CAAC,SAAS,yBAAyB,QAAQ,GAAG,CAC3E,CAAC;QACJ,CAAC;QACD,OAAO,OAAO,CAAC,SAAS,CAAC;IAC3B,CAAC;IACD,IAAI,OAAO,CAAC,SAAS,KAAK,SAAS,EAAE,CAAC;QACpC,IAAI,OAAO,CAAC,SAAS,IAAI,CAAC,EAAE,CAAC;YAC3B,MAAM,IAAI,WAAW,CAAC,uBAAuB,EAAE,sCAAsC,CAAC,CAAC;QACzF,CAAC;QACD,OAAO,QAAQ,GAAG,OAAO,CAAC,SAAS,CAAC;IACtC,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC"}
|
|
1
|
+
{"version":3,"file":"issuer.js","sourceRoot":"","sources":["../src/issuer.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EAAE,UAAU,EAAgB,MAAM,iBAAiB,CAAC;AAC3D,OAAO,EAAE,QAAQ,EAAgC,MAAM,eAAe,CAAC;AACvE,OAAO,EACL,WAAW,GAMZ,MAAM,YAAY,CAAC;AAEpB,8EAA8E;AAC9E,+EAA+E;AAC/E,gFAAgF;AAChF,4EAA4E;AAC5E,MAAM,WAAW,GAAG,WAAW,CAAC;AAChC,MAAM,gBAAgB,GAAY,SAAS,CAAC;AAe5C;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,OAAO,MAAM;IACjB;4EACwE;IACvD,MAAM,CAAS;IAChC,sCAAsC;IACrB,aAAa,CAAS;IACtB,GAAG,CAAqB;IACxB,GAAG,CAAqB;IACxB,OAAO,CAAsB;IAE9C;+EAC2E;IAClE,WAAW,CAAuB;IAE3C,YAAY,MAAoB;QAC9B,IAAI,OAAO,MAAM,CAAC,QAAQ,KAAK,QAAQ,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACxE,MAAM,IAAI,SAAS,CAAC,6CAA6C,CAAC,CAAC;QACrE,CAAC;QACD,IAAI,CAAC,MAAM,GAAG,qBAAqB,CAAC,MAAM,CAAC,CAAC;QAC5C,IAAI,CAAC,aAAa,GAAG,MAAM,CAAC,QAAQ,CAAC;QACrC,IAAI,CAAC,GAAG,GAAG,MAAM,CAAC,GAAG,CAAC;QACtB,IAAI,CAAC,GAAG,GAAG,MAAM,CAAC,GAAG,CAAC;QACtB,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,OAAO,CAAC;QAE9B,wEAAwE;QACxE,0EAA0E;QAC1E,IAAI,CAAC,WAAW,GAAG;YACjB,KAAK,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC;YAC3C,UAAU,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC;SACtD,CAAC;IACJ,CAAC;IAED;;;+DAG2D;IAC3D,KAAK,CAAC,KAAK,CAAC,OAAqB;QAC/B,OAAO,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;IACjC,CAAC;IAED;;;;;;;;;;;2BAWuB;IACvB,KAAK,CAAC,UAAU,CACd,OAA0B;QAE1B,OAAO,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;IACtC,CAAC;IAEO,KAAK,CAAC,cAAc,CAC1B,OAA0B;QAE1B,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,WAAW,CAAC,IAAI,OAAO,CAAC,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC5E,MAAM,IAAI,WAAW,CACnB,oBAAoB,EACpB,mDAAmD,CACpD,CAAC;QACJ,CAAC;QAED,wEAAwE;QACxE,sEAAsE;QACtE,oEAAoE;QACpE,MAAM,cAAc,GAClB,OAAO,CAAC,QAAQ,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QAEpD,uEAAuE;QACvE,+DAA+D;QAC/D,kEAAkE;QAClE,mDAAmD;QACnD,MAAM,IAAI,GAAG,OAAO,CAAC,WAAW,CAAC,CAAC,CAAE,CAAC;QACrC,QAAQ,CAAC,cAAc,CAAC,OAAO,EAAE,IAAI,EAAE,cAAc,CAAC,CAAC,CAAC;QAExD,iEAAiE;QACjE,mEAAmE;QACnE,gEAAgE;QAChE,MAAM,OAAO,GAAkB,EAAE,CAAC;QAClC,KAAK,MAAM,KAAK,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC;YACxC,OAAO,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,SAAS,CAAC,cAAc,CAAC,OAAO,EAAE,KAAK,EAAE,cAAc,CAAC,CAAC,CAAC,CAAC;QACrF,CAAC;QACD,OAAO,OAAO,CAAC;IACjB,CAAC;IAEO,KAAK,CAAC,SAAS,CAAC,OAAqB;QAC3C,QAAQ,CAAC,OAAO,CAAC,CAAC;QAElB,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QACnE,MAAM,SAAS,GAAG,aAAa,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;QACnD,MAAM,YAAY,GAAG,OAAO,CAAC,YAAY,IAAI,UAAU,EAAE,CAAC;QAE1D,wEAAwE;QACxE,+BAA+B;QAC/B,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,sBAAsB,IAAI,EAAE,CAAC,CAAC;QAC9D,MAAM,QAAQ,GAA4B,EAAE,CAAC;QAC7C,MAAM,YAAY,GAA4B,EAAE,CAAC;QACjD,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;YACrD,IAAI,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC;gBAAE,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;;gBAC/B,YAAY,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAC3B,CAAC;QAED,MAAM,OAAO,GAA4B;YACvC,GAAG,EAAE,IAAI,CAAC,aAAa;YACvB,GAAG,EAAE,QAAQ;YACb,GAAG,EAAE,OAAO,CAAC,GAAG;YAChB,GAAG,EAAE,EAAE,GAAG,EAAE,OAAO,CAAC,SAAS,EAAE;YAC/B,GAAG,YAAY;SAChB,CAAC;QACF,IAAI,SAAS,KAAK,SAAS;YAAE,OAAO,CAAC,KAAK,CAAC,GAAG,SAAS,CAAC;QACxD,IAAI,OAAO,CAAC,SAAS,KAAK,SAAS;YAAE,OAAO,CAAC,KAAK,CAAC,GAAG,OAAO,CAAC,SAAS,CAAC;QACxE,qEAAqE;QACrE,kEAAkE;QAClE,iEAAiE;QACjE,oEAAoE;QACpE,mCAAmC;QACnC,IAAI,OAAO,CAAC,MAAM,KAAK,SAAS;YAAE,OAAO,CAAC,QAAQ,CAAC,GAAG,OAAO,CAAC,MAAM,CAAC;QAErE,wEAAwE;QACxE,MAAM,MAAM,GAAG,CAAC,aAAqB,EAAmB,EAAE,CACxD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QAElC,MAAM,SAAS,GAAqC;YAClD,OAAO;YACP,QAAQ;YACR,GAAG,EAAE,IAAI,CAAC,MAAM,CAAC,GAAG;YACpB,GAAG,EAAE,IAAI,CAAC,GAAG,IAAI,WAAW;YAC5B,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,IAAI,CAAC,OAAO,IAAI,gBAAgB;SAC1C,CAAC;QACF,IAAI,IAAI,CAAC,GAAG,KAAK,SAAS,EAAE,CAAC;YAC3B,SAAS,CAAC,WAAW,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC;QAC5C,CAAC;QAED,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,SAAS,CAAC,CAAC;QAE3C,OAAO;YACL,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,YAAY;YACZ,WAAW,EAAE,MAAM,CAAC,WAAW;YAC/B,SAAS;SACV,CAAC;IACJ,CAAC;IAED,6EAA6E;IAC7E,IAAI,SAAS;QACX,OAAO,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC;IAC/B,CAAC;IAED,4DAA4D;IAC5D,IAAI,QAAQ;QACV,OAAO,IAAI,CAAC,aAAa,CAAC;IAC5B,CAAC;CACF;AAED;;GAEG;AACH,SAAS,qBAAqB,CAAC,MAAoB;IACjD,IACE,QAAQ,IAAI,MAAM;QAClB,MAAM,CAAC,MAAM,KAAK,SAAS;QAC3B,OAAQ,MAAM,CAAC,MAAiB,CAAC,IAAI,KAAK,UAAU,EACpD,CAAC;QACD,OAAO,MAAM,CAAC,MAAM,CAAC;IACvB,CAAC;IACD,IACE,YAAY,IAAI,MAAM;QACtB,WAAW,IAAI,MAAM;QACrB,KAAK,IAAI,MAAM;QACf,MAAM,CAAC,UAAU,KAAK,IAAI;QAC1B,OAAO,MAAM,CAAC,UAAU,KAAK,QAAQ;QACrC,MAAM,CAAC,SAAS,KAAK,IAAI;QACzB,OAAO,MAAM,CAAC,SAAS,KAAK,QAAQ;QACpC,OAAO,MAAM,CAAC,GAAG,KAAK,QAAQ;QAC9B,MAAM,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,EACrB,CAAC;QACD,OAAO,QAAQ,CAAC;YACd,SAAS,EAAE,MAAM,CAAC,SAAS;YAC3B,UAAU,EAAE,MAAM,CAAC,UAAU;YAC7B,GAAG,EAAE,MAAM,CAAC,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IACD,MAAM,IAAI,SAAS,CACjB,+FAA+F,CAChG,CAAC;AACJ,CAAC;AAED;;;;;;;GAOG;AACH,SAAS,cAAc,CACrB,MAAyB,EACzB,KAAsB,EACtB,cAAsB;IAEtB,OAAO;QACL,OAAO,EAAE,MAAM,CAAC,OAAO;QACvB,GAAG,EAAE,MAAM,CAAC,GAAG;QACf,SAAS,EAAE,KAAK,CAAC,SAAS;QAC1B,QAAQ,EAAE,cAAc;QACxB,GAAG,CAAC,MAAM,CAAC,sBAAsB,KAAK,SAAS;YAC7C,CAAC,CAAC,EAAE,sBAAsB,EAAE,MAAM,CAAC,sBAAsB,EAAE;YAC3D,CAAC,CAAC,EAAE,CAAC;QACP,GAAG,CAAC,MAAM,CAAC,SAAS,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC1E,GAAG,CAAC,MAAM,CAAC,SAAS,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC1E,GAAG,CAAC,MAAM,CAAC,SAAS,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC1E,GAAG,CAAC,KAAK,CAAC,YAAY,KAAK,SAAS;YAClC,CAAC,CAAC,EAAE,YAAY,EAAE,KAAK,CAAC,YAAY,EAAE;YACtC,CAAC,CAAC,EAAE,CAAC;QACP,GAAG,CAAC,KAAK,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KAChE,CAAC;AACJ,CAAC;AAED,8EAA8E;AAC9E,aAAa;AACb,8EAA8E;AAE9E,SAAS,QAAQ,CAAC,OAAqB;IACrC,IACE,OAAO,CAAC,OAAO,KAAK,IAAI;QACxB,OAAO,OAAO,CAAC,OAAO,KAAK,QAAQ;QACnC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,EAC9B,CAAC;QACD,MAAM,IAAI,WAAW,CAAC,wBAAwB,EAAE,0CAA0C,CAAC,CAAC;IAC9F,CAAC;IACD,IAAI,OAAO,CAAC,SAAS,KAAK,IAAI,IAAI,OAAO,OAAO,CAAC,SAAS,KAAK,QAAQ,EAAE,CAAC;QACxE,MAAM,IAAI,WAAW,CAAC,4BAA4B,EAAE,6CAA6C,CAAC,CAAC;IACrG,CAAC;IACD,IAAI,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ,IAAI,OAAO,CAAC,GAAG,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAChE,MAAM,IAAI,WAAW,CACnB,qBAAqB,EACrB,oDAAoD,CACrD,CAAC;IACJ,CAAC;IACD,IAAI,OAAO,CAAC,SAAS,KAAK,SAAS,IAAI,OAAO,CAAC,SAAS,KAAK,SAAS,EAAE,CAAC;QACvE,MAAM,IAAI,WAAW,CACnB,wBAAwB,EACxB,uDAAuD,CACxD,CAAC;IACJ,CAAC;IACD,IAAI,OAAO,CAAC,sBAAsB,KAAK,SAAS,EAAE,CAAC;QACjD,KAAK,MAAM,IAAI,IAAI,OAAO,CAAC,sBAAsB,EAAE,CAAC;YAClD,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,IAAI,CAAC,EAAE,CAAC;gBACjE,MAAM,IAAI,WAAW,CACnB,4BAA4B,EAC5B,yCAAyC,IAAI,6BAA6B,CAC3E,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IACD,0DAA0D;IAC1D,KAAK,MAAM,QAAQ,IAAI,CAAC,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,QAAQ,CAAC,EAAE,CAAC;QAC5E,IAAI,MAAM,CAAC,SAAS,CAAC,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,QAAQ,CAAC,EAAE,CAAC;YACpE,MAAM,IAAI,WAAW,CACnB,kCAAkC,EAClC,uDAAuD,QAAQ,8BAA8B,CAC9F,CAAC;QACJ,CAAC;IACH,CAAC;AACH,CAAC;AAED,SAAS,aAAa,CACpB,OAAqB,EACrB,QAAgB;IAEhB,IAAI,OAAO,CAAC,SAAS,KAAK,SAAS,EAAE,CAAC;QACpC,IAAI,OAAO,CAAC,SAAS,IAAI,QAAQ,EAAE,CAAC;YAClC,MAAM,IAAI,WAAW,CACnB,uBAAuB,EACvB,qBAAqB,OAAO,CAAC,SAAS,yBAAyB,QAAQ,GAAG,CAC3E,CAAC;QACJ,CAAC;QACD,OAAO,OAAO,CAAC,SAAS,CAAC;IAC3B,CAAC;IACD,IAAI,OAAO,CAAC,SAAS,KAAK,SAAS,EAAE,CAAC;QACpC,IAAI,OAAO,CAAC,SAAS,IAAI,CAAC,EAAE,CAAC;YAC3B,MAAM,IAAI,WAAW,CAAC,uBAAuB,EAAE,sCAAsC,CAAC,CAAC;QACzF,CAAC;QACD,OAAO,QAAQ,GAAG,OAAO,CAAC,SAAS,CAAC;IACtC,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC"}
|
package/dist/pid.d.ts
ADDED
|
@@ -0,0 +1,148 @@
|
|
|
1
|
+
/** Base `vct` value for an EU PID per ARF Annex 2 PID_14. Country-specific
|
|
2
|
+
* variants (`urn:eudi:pid:de:1`, etc.) extend this — callers can pass
|
|
3
|
+
* their own VCT string to {@link Issuer.issue} if a country profile is
|
|
4
|
+
* required. */
|
|
5
|
+
export declare const EU_PID_VCT = "urn:eudi:pid:1";
|
|
6
|
+
/** OID4VCI credential-configuration-id convention used by the EU
|
|
7
|
+
* reference wallet for the SD-JWT-VC PID. */
|
|
8
|
+
export declare const EU_PID_CREDENTIAL_CONFIGURATION_ID = "urn:eudi:pid:1_sd_jwt_vc";
|
|
9
|
+
/**
|
|
10
|
+
* Canonical PID claim names per PID Rulebook §4.1.1.
|
|
11
|
+
*
|
|
12
|
+
* Held as constants rather than free-form strings so that the inevitable
|
|
13
|
+
* one-character typo (`birth_date` vs `birthdate`, `nationality` vs
|
|
14
|
+
* `nationalities`) is a compile-time error, not a silent rejection by an
|
|
15
|
+
* EU verifier.
|
|
16
|
+
*/
|
|
17
|
+
export declare const PidClaim: {
|
|
18
|
+
/** Family name (surname). PID Rulebook §2.2 mandatory. */
|
|
19
|
+
readonly family_name: "family_name";
|
|
20
|
+
/** Given (first) name. PID Rulebook §2.2 mandatory. */
|
|
21
|
+
readonly given_name: "given_name";
|
|
22
|
+
/** ISO 8601 birthdate. Note: ONE WORD, no underscore, per Rulebook §4.1.1
|
|
23
|
+
* and OIDC Core §5.1 (NOT `birth_date`). */
|
|
24
|
+
readonly birthdate: "birthdate";
|
|
25
|
+
/** Birth place — string or nested object per Rulebook §4.1.1. PID Rulebook
|
|
26
|
+
* §2.2 mandatory. */
|
|
27
|
+
readonly birth_place: "birth_place";
|
|
28
|
+
/** ISO 3166-1 alpha-2 country codes — JSON array per Rulebook §4.1.1.
|
|
29
|
+
* Note: PLURAL, not `nationality`. PID Rulebook §2.2 mandatory. */
|
|
30
|
+
readonly nationalities: "nationalities";
|
|
31
|
+
/** ISO 3166-1 alpha-2 — issuing-country metadata. PID Rulebook §2.4
|
|
32
|
+
* mandatory. */
|
|
33
|
+
readonly issuing_country: "issuing_country";
|
|
34
|
+
/** Issuing-authority identifier (string). PID Rulebook §2.4 mandatory. */
|
|
35
|
+
readonly issuing_authority: "issuing_authority";
|
|
36
|
+
/** ISO 8601 PID-domain expiry-date (YYYY-MM-DD). PID Rulebook §2.4
|
|
37
|
+
* mandatory. NOT a substitute for the JWT `exp` claim — they encode
|
|
38
|
+
* different concepts. */
|
|
39
|
+
readonly expiry_date: "expiry_date";
|
|
40
|
+
};
|
|
41
|
+
/** Tuple of names from {@link PidClaim} for the PID Rulebook §2.2/§2.4
|
|
42
|
+
* mandatory set. Useful to pass as `selectivelyDisclosable` when every
|
|
43
|
+
* mandatory claim should be SD (the HAIP profile expectation). */
|
|
44
|
+
export declare const PID_MANDATORY_CLAIM_NAMES: readonly ["family_name", "given_name", "birthdate", "birth_place", "nationalities", "issuing_country", "issuing_authority", "expiry_date"];
|
|
45
|
+
/**
|
|
46
|
+
* Shape of a fully-populated PID subject per PID Rulebook §2.2 + §2.4.
|
|
47
|
+
*
|
|
48
|
+
* Every field listed is REQUIRED for a Rulebook-conformant PID. Defaults
|
|
49
|
+
* (e.g. test/dev) should fill all of these — see {@link defaultPidSubject}.
|
|
50
|
+
*
|
|
51
|
+
* Fields are typed loosely (`unknown`) to allow callers to pass either
|
|
52
|
+
* plain values or `sd()`-wrapped values for nested selective disclosure.
|
|
53
|
+
*/
|
|
54
|
+
export interface PidSubject {
|
|
55
|
+
readonly family_name: unknown;
|
|
56
|
+
readonly given_name: unknown;
|
|
57
|
+
/** Canonical spelling per Rulebook §4.1.1 — one word. */
|
|
58
|
+
readonly birthdate: unknown;
|
|
59
|
+
/** String or nested object per Rulebook §4.1.1 (`{country, locality}`
|
|
60
|
+
* pattern is common). */
|
|
61
|
+
readonly birth_place: unknown;
|
|
62
|
+
/** Array of ISO 3166-1 alpha-2 codes. Can be a plain array OR an array
|
|
63
|
+
* containing `sd()` markers for per-element selective disclosure. */
|
|
64
|
+
readonly nationalities: unknown;
|
|
65
|
+
readonly issuing_country: unknown;
|
|
66
|
+
readonly issuing_authority: unknown;
|
|
67
|
+
/** YYYY-MM-DD per Rulebook §4.1.1 (distinct from JWT `exp`). */
|
|
68
|
+
readonly expiry_date: unknown;
|
|
69
|
+
/** Extra non-mandatory claims (resident_address, sex, age_over_18, …)
|
|
70
|
+
* are permitted by the Rulebook §4.1.1 list — callers can include any
|
|
71
|
+
* of them via string-keyed access. */
|
|
72
|
+
readonly [extra: string]: unknown;
|
|
73
|
+
}
|
|
74
|
+
/** Inputs to {@link defaultPidSubject}. All optional — every field has a
|
|
75
|
+
* test-defaulting fallback so a zero-config caller (e.g. an integration
|
|
76
|
+
* test that just wants "any valid PID") produces a Rulebook-shaped
|
|
77
|
+
* credential without typing eight strings by hand. */
|
|
78
|
+
export interface DefaultPidSubjectOptions {
|
|
79
|
+
readonly family_name?: string;
|
|
80
|
+
readonly given_name?: string;
|
|
81
|
+
/** ISO 8601 birthdate (one-word claim name). */
|
|
82
|
+
readonly birthdate?: string;
|
|
83
|
+
/** Plain string or `{country, locality}` object. */
|
|
84
|
+
readonly birth_place?: string | Record<string, unknown>;
|
|
85
|
+
/** ISO 3166-1 alpha-2 codes. */
|
|
86
|
+
readonly nationalities?: readonly string[];
|
|
87
|
+
/** ISO 3166-1 alpha-2 — the issuing country. */
|
|
88
|
+
readonly issuing_country?: string;
|
|
89
|
+
/** String identifier — IACA, IDS, ministry code, etc. */
|
|
90
|
+
readonly issuing_authority?: string;
|
|
91
|
+
/** YYYY-MM-DD attribute expiry (distinct from JWT exp). */
|
|
92
|
+
readonly expiry_date?: string;
|
|
93
|
+
/** Pass true to wrap individual `nationalities` array elements in `sd()`
|
|
94
|
+
* so each one is selectively disclosable. Default `false` (plain
|
|
95
|
+
* array) — top-level SD via `selectivelyDisclosable` still works.
|
|
96
|
+
*
|
|
97
|
+
* Per PID Rulebook §4.1.1 either encoding is acceptable; the SD-per-
|
|
98
|
+
* element form is more privacy-preserving when a holder wants to
|
|
99
|
+
* disclose "I have at least one nationality" without revealing which. */
|
|
100
|
+
readonly nationalitiesPerElementSd?: boolean;
|
|
101
|
+
/** Pass true to wrap individual `birth_place` sub-fields in `sd()` when
|
|
102
|
+
* `birth_place` is a nested object. Default `false`. */
|
|
103
|
+
readonly birthPlaceNestedSd?: boolean;
|
|
104
|
+
}
|
|
105
|
+
/**
|
|
106
|
+
* Build a PID Rulebook §2.2/§2.4-conformant default subject for testing
|
|
107
|
+
* and dev. Every mandatory claim is present; callers can override any
|
|
108
|
+
* field individually.
|
|
109
|
+
*
|
|
110
|
+
* Production callers SHOULD supply real values via the options bag rather
|
|
111
|
+
* than relying on the defaults — defaults are "valid shape" only, not
|
|
112
|
+
* meaningful identity data.
|
|
113
|
+
*
|
|
114
|
+
* Returns a `PidSubject` ready to pass directly as the `subject` field
|
|
115
|
+
* of {@link IssueOptions} or {@link BatchIssueOptions}.
|
|
116
|
+
*/
|
|
117
|
+
export declare function defaultPidSubject(options?: DefaultPidSubjectOptions): Record<string, unknown>;
|
|
118
|
+
/**
|
|
119
|
+
* Canonical SD-JWT-VC `status` claim shape per IETF
|
|
120
|
+
* draft-ietf-oauth-status-list (Token Status List) §3.1.
|
|
121
|
+
*
|
|
122
|
+
* Use this when you want the type system to enforce the `{ status_list:
|
|
123
|
+
* { uri, idx } }` shape; pass the result to {@link IssueOptions.status}
|
|
124
|
+
* (the option is loosely typed as `Record<string, unknown>` to leave
|
|
125
|
+
* room for future status schemes).
|
|
126
|
+
*
|
|
127
|
+
* Skipping the helper and the `status` option entirely produces a
|
|
128
|
+
* credential without a `status` claim — see {@link IssueOptions.status}
|
|
129
|
+
* for the semantics of that choice.
|
|
130
|
+
*/
|
|
131
|
+
export interface StatusListReference {
|
|
132
|
+
readonly status_list: {
|
|
133
|
+
/** Resolvable URL pointing at a Token Status List JWT/CWT published
|
|
134
|
+
* by the issuer. */
|
|
135
|
+
readonly uri: string;
|
|
136
|
+
/** Zero-based index of this credential's slot inside the list. */
|
|
137
|
+
readonly idx: number;
|
|
138
|
+
};
|
|
139
|
+
}
|
|
140
|
+
/**
|
|
141
|
+
* Build a Token Status List `status` reference for {@link IssueOptions.status}.
|
|
142
|
+
*
|
|
143
|
+
* Trivial shape — the helper exists primarily so callers don't repeat the
|
|
144
|
+
* `{ status_list: { uri, idx } }` literal at every issuance site and so
|
|
145
|
+
* `uri` / `idx` typos surface at compile time, not at verification.
|
|
146
|
+
*/
|
|
147
|
+
export declare function statusListReference(uri: string, idx: number): StatusListReference;
|
|
148
|
+
//# sourceMappingURL=pid.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"pid.d.ts","sourceRoot":"","sources":["../src/pid.ts"],"names":[],"mappings":"AAqBA;;;eAGe;AACf,eAAO,MAAM,UAAU,mBAAmB,CAAC;AAE3C;6CAC6C;AAC7C,eAAO,MAAM,kCAAkC,6BAA6B,CAAC;AAE7E;;;;;;;GAOG;AACH,eAAO,MAAM,QAAQ;IACnB,0DAA0D;;IAE1D,uDAAuD;;IAEvD;gDAC4C;;IAE5C;yBACqB;;IAErB;uEACmE;;IAEnE;oBACgB;;IAEhB,0EAA0E;;IAE1E;;6BAEyB;;CAEjB,CAAC;AAEX;;kEAEkE;AAClE,eAAO,MAAM,yBAAyB,4IAS5B,CAAC;AAEX;;;;;;;;GAQG;AACH,MAAM,WAAW,UAAU;IACzB,QAAQ,CAAC,WAAW,EAAE,OAAO,CAAC;IAC9B,QAAQ,CAAC,UAAU,EAAE,OAAO,CAAC;IAC7B,yDAAyD;IACzD,QAAQ,CAAC,SAAS,EAAE,OAAO,CAAC;IAC5B;6BACyB;IACzB,QAAQ,CAAC,WAAW,EAAE,OAAO,CAAC;IAC9B;yEACqE;IACrE,QAAQ,CAAC,aAAa,EAAE,OAAO,CAAC;IAChC,QAAQ,CAAC,eAAe,EAAE,OAAO,CAAC;IAClC,QAAQ,CAAC,iBAAiB,EAAE,OAAO,CAAC;IACpC,gEAAgE;IAChE,QAAQ,CAAC,WAAW,EAAE,OAAO,CAAC;IAC9B;;0CAEsC;IACtC,QAAQ,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC;CACnC;AAED;;;sDAGsD;AACtD,MAAM,WAAW,wBAAwB;IACvC,QAAQ,CAAC,WAAW,CAAC,EAAE,MAAM,CAAC;IAC9B,QAAQ,CAAC,UAAU,CAAC,EAAE,MAAM,CAAC;IAC7B,gDAAgD;IAChD,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC;IAC5B,oDAAoD;IACpD,QAAQ,CAAC,WAAW,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACxD,gCAAgC;IAChC,QAAQ,CAAC,aAAa,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IAC3C,gDAAgD;IAChD,QAAQ,CAAC,eAAe,CAAC,EAAE,MAAM,CAAC;IAClC,yDAAyD;IACzD,QAAQ,CAAC,iBAAiB,CAAC,EAAE,MAAM,CAAC;IACpC,2DAA2D;IAC3D,QAAQ,CAAC,WAAW,CAAC,EAAE,MAAM,CAAC;IAC9B;;;;;;6EAMyE;IACzE,QAAQ,CAAC,yBAAyB,CAAC,EAAE,OAAO,CAAC;IAC7C;4DACwD;IACxD,QAAQ,CAAC,kBAAkB,CAAC,EAAE,OAAO,CAAC;CACvC;AAED;;;;;;;;;;;GAWG;AACH,wBAAgB,iBAAiB,CAC/B,OAAO,GAAE,wBAA6B,GACrC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAoCzB;AAMD;;;;;;;;;;;;GAYG;AACH,MAAM,WAAW,mBAAmB;IAClC,QAAQ,CAAC,WAAW,EAAE;QACpB;4BACoB;QACpB,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC;QACrB,kEAAkE;QAClE,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC;KACtB,CAAC;CACH;AAED;;;;;;GAMG;AACH,wBAAgB,mBAAmB,CACjC,GAAG,EAAE,MAAM,EACX,GAAG,EAAE,MAAM,GACV,mBAAmB,CAErB"}
|
package/dist/pid.js
ADDED
|
@@ -0,0 +1,126 @@
|
|
|
1
|
+
// EU Digital Identity (EUDI) Person Identification Data (PID) — claim
|
|
2
|
+
// helpers + status-list helper for the SD-JWT-VC encoding profile.
|
|
3
|
+
//
|
|
4
|
+
// Spec drivers
|
|
5
|
+
// ------------
|
|
6
|
+
// - PID Rulebook (Attestation Rulebooks Catalog, current main) §2.2 and §2.4
|
|
7
|
+
// enumerate the mandatory claims for a PID attestation.
|
|
8
|
+
// - PID Rulebook §4.1.1 lists the canonical SD-JWT-VC claim names — note
|
|
9
|
+
// `birthdate` is one word (no underscore), aligned with OpenID Connect
|
|
10
|
+
// Core §5.1.
|
|
11
|
+
// - PID Rulebook §4.1 specifies `address` as a nested object and
|
|
12
|
+
// `nationalities` as a JSON array; both can be encoded with nested
|
|
13
|
+
// selective disclosure via `sd()` from `@gramota/sd-jwt`.
|
|
14
|
+
// - ARF Annex 2 PID_14 fixes the base `vct = "urn:eudi:pid:1"`.
|
|
15
|
+
//
|
|
16
|
+
// This module exposes the constants + default-subject shape so callers
|
|
17
|
+
// (the SaaS issuer route, the SDK demo, integration tests) can produce
|
|
18
|
+
// a rulebook-conformant credential without hand-keying the claim names.
|
|
19
|
+
import { sd } from "@gramota/sd-jwt";
|
|
20
|
+
/** Base `vct` value for an EU PID per ARF Annex 2 PID_14. Country-specific
|
|
21
|
+
* variants (`urn:eudi:pid:de:1`, etc.) extend this — callers can pass
|
|
22
|
+
* their own VCT string to {@link Issuer.issue} if a country profile is
|
|
23
|
+
* required. */
|
|
24
|
+
export const EU_PID_VCT = "urn:eudi:pid:1";
|
|
25
|
+
/** OID4VCI credential-configuration-id convention used by the EU
|
|
26
|
+
* reference wallet for the SD-JWT-VC PID. */
|
|
27
|
+
export const EU_PID_CREDENTIAL_CONFIGURATION_ID = "urn:eudi:pid:1_sd_jwt_vc";
|
|
28
|
+
/**
|
|
29
|
+
* Canonical PID claim names per PID Rulebook §4.1.1.
|
|
30
|
+
*
|
|
31
|
+
* Held as constants rather than free-form strings so that the inevitable
|
|
32
|
+
* one-character typo (`birth_date` vs `birthdate`, `nationality` vs
|
|
33
|
+
* `nationalities`) is a compile-time error, not a silent rejection by an
|
|
34
|
+
* EU verifier.
|
|
35
|
+
*/
|
|
36
|
+
export const PidClaim = {
|
|
37
|
+
/** Family name (surname). PID Rulebook §2.2 mandatory. */
|
|
38
|
+
family_name: "family_name",
|
|
39
|
+
/** Given (first) name. PID Rulebook §2.2 mandatory. */
|
|
40
|
+
given_name: "given_name",
|
|
41
|
+
/** ISO 8601 birthdate. Note: ONE WORD, no underscore, per Rulebook §4.1.1
|
|
42
|
+
* and OIDC Core §5.1 (NOT `birth_date`). */
|
|
43
|
+
birthdate: "birthdate",
|
|
44
|
+
/** Birth place — string or nested object per Rulebook §4.1.1. PID Rulebook
|
|
45
|
+
* §2.2 mandatory. */
|
|
46
|
+
birth_place: "birth_place",
|
|
47
|
+
/** ISO 3166-1 alpha-2 country codes — JSON array per Rulebook §4.1.1.
|
|
48
|
+
* Note: PLURAL, not `nationality`. PID Rulebook §2.2 mandatory. */
|
|
49
|
+
nationalities: "nationalities",
|
|
50
|
+
/** ISO 3166-1 alpha-2 — issuing-country metadata. PID Rulebook §2.4
|
|
51
|
+
* mandatory. */
|
|
52
|
+
issuing_country: "issuing_country",
|
|
53
|
+
/** Issuing-authority identifier (string). PID Rulebook §2.4 mandatory. */
|
|
54
|
+
issuing_authority: "issuing_authority",
|
|
55
|
+
/** ISO 8601 PID-domain expiry-date (YYYY-MM-DD). PID Rulebook §2.4
|
|
56
|
+
* mandatory. NOT a substitute for the JWT `exp` claim — they encode
|
|
57
|
+
* different concepts. */
|
|
58
|
+
expiry_date: "expiry_date",
|
|
59
|
+
};
|
|
60
|
+
/** Tuple of names from {@link PidClaim} for the PID Rulebook §2.2/§2.4
|
|
61
|
+
* mandatory set. Useful to pass as `selectivelyDisclosable` when every
|
|
62
|
+
* mandatory claim should be SD (the HAIP profile expectation). */
|
|
63
|
+
export const PID_MANDATORY_CLAIM_NAMES = [
|
|
64
|
+
PidClaim.family_name,
|
|
65
|
+
PidClaim.given_name,
|
|
66
|
+
PidClaim.birthdate,
|
|
67
|
+
PidClaim.birth_place,
|
|
68
|
+
PidClaim.nationalities,
|
|
69
|
+
PidClaim.issuing_country,
|
|
70
|
+
PidClaim.issuing_authority,
|
|
71
|
+
PidClaim.expiry_date,
|
|
72
|
+
];
|
|
73
|
+
/**
|
|
74
|
+
* Build a PID Rulebook §2.2/§2.4-conformant default subject for testing
|
|
75
|
+
* and dev. Every mandatory claim is present; callers can override any
|
|
76
|
+
* field individually.
|
|
77
|
+
*
|
|
78
|
+
* Production callers SHOULD supply real values via the options bag rather
|
|
79
|
+
* than relying on the defaults — defaults are "valid shape" only, not
|
|
80
|
+
* meaningful identity data.
|
|
81
|
+
*
|
|
82
|
+
* Returns a `PidSubject` ready to pass directly as the `subject` field
|
|
83
|
+
* of {@link IssueOptions} or {@link BatchIssueOptions}.
|
|
84
|
+
*/
|
|
85
|
+
export function defaultPidSubject(options = {}) {
|
|
86
|
+
const nationalitiesArray = options.nationalities ?? ["DE"];
|
|
87
|
+
// Per-element SD wrapping: each entry becomes `sd("DE")` so the holder
|
|
88
|
+
// can disclose individual codes. The verifier sees `{"...": digest}`
|
|
89
|
+
// slots in the array; absent disclosures are silently withheld.
|
|
90
|
+
const nationalities = options.nationalitiesPerElementSd === true
|
|
91
|
+
? nationalitiesArray.map((n) => sd(n))
|
|
92
|
+
: nationalitiesArray;
|
|
93
|
+
// birth_place: plain string OR object. Nested-SD only applies to the
|
|
94
|
+
// object form (you can't SD-wrap individual chars of a string).
|
|
95
|
+
let birthPlace = options.birth_place ?? "Berlin";
|
|
96
|
+
if (options.birthPlaceNestedSd === true &&
|
|
97
|
+
typeof birthPlace === "object" &&
|
|
98
|
+
birthPlace !== null) {
|
|
99
|
+
const wrapped = {};
|
|
100
|
+
for (const [k, v] of Object.entries(birthPlace)) {
|
|
101
|
+
wrapped[k] = sd(v);
|
|
102
|
+
}
|
|
103
|
+
birthPlace = wrapped;
|
|
104
|
+
}
|
|
105
|
+
return {
|
|
106
|
+
[PidClaim.family_name]: options.family_name ?? "Doe",
|
|
107
|
+
[PidClaim.given_name]: options.given_name ?? "John",
|
|
108
|
+
[PidClaim.birthdate]: options.birthdate ?? "1990-01-01",
|
|
109
|
+
[PidClaim.birth_place]: birthPlace,
|
|
110
|
+
[PidClaim.nationalities]: nationalities,
|
|
111
|
+
[PidClaim.issuing_country]: options.issuing_country ?? "DE",
|
|
112
|
+
[PidClaim.issuing_authority]: options.issuing_authority ?? "DE-PID-AUTH",
|
|
113
|
+
[PidClaim.expiry_date]: options.expiry_date ?? "2030-01-01",
|
|
114
|
+
};
|
|
115
|
+
}
|
|
116
|
+
/**
|
|
117
|
+
* Build a Token Status List `status` reference for {@link IssueOptions.status}.
|
|
118
|
+
*
|
|
119
|
+
* Trivial shape — the helper exists primarily so callers don't repeat the
|
|
120
|
+
* `{ status_list: { uri, idx } }` literal at every issuance site and so
|
|
121
|
+
* `uri` / `idx` typos surface at compile time, not at verification.
|
|
122
|
+
*/
|
|
123
|
+
export function statusListReference(uri, idx) {
|
|
124
|
+
return { status_list: { uri, idx } };
|
|
125
|
+
}
|
|
126
|
+
//# sourceMappingURL=pid.js.map
|
package/dist/pid.js.map
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"pid.js","sourceRoot":"","sources":["../src/pid.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE,mEAAmE;AACnE,EAAE;AACF,eAAe;AACf,eAAe;AACf,6EAA6E;AAC7E,0DAA0D;AAC1D,yEAAyE;AACzE,yEAAyE;AACzE,eAAe;AACf,iEAAiE;AACjE,qEAAqE;AACrE,4DAA4D;AAC5D,gEAAgE;AAChE,EAAE;AACF,uEAAuE;AACvE,uEAAuE;AACvE,wEAAwE;AAExE,OAAO,EAAE,EAAE,EAAgB,MAAM,iBAAiB,CAAC;AAEnD;;;eAGe;AACf,MAAM,CAAC,MAAM,UAAU,GAAG,gBAAgB,CAAC;AAE3C;6CAC6C;AAC7C,MAAM,CAAC,MAAM,kCAAkC,GAAG,0BAA0B,CAAC;AAE7E;;;;;;;GAOG;AACH,MAAM,CAAC,MAAM,QAAQ,GAAG;IACtB,0DAA0D;IAC1D,WAAW,EAAE,aAAsB;IACnC,uDAAuD;IACvD,UAAU,EAAE,YAAqB;IACjC;gDAC4C;IAC5C,SAAS,EAAE,WAAoB;IAC/B;yBACqB;IACrB,WAAW,EAAE,aAAsB;IACnC;uEACmE;IACnE,aAAa,EAAE,eAAwB;IACvC;oBACgB;IAChB,eAAe,EAAE,iBAA0B;IAC3C,0EAA0E;IAC1E,iBAAiB,EAAE,mBAA4B;IAC/C;;6BAEyB;IACzB,WAAW,EAAE,aAAsB;CAC3B,CAAC;AAEX;;kEAEkE;AAClE,MAAM,CAAC,MAAM,yBAAyB,GAAG;IACvC,QAAQ,CAAC,WAAW;IACpB,QAAQ,CAAC,UAAU;IACnB,QAAQ,CAAC,SAAS;IAClB,QAAQ,CAAC,WAAW;IACpB,QAAQ,CAAC,aAAa;IACtB,QAAQ,CAAC,eAAe;IACxB,QAAQ,CAAC,iBAAiB;IAC1B,QAAQ,CAAC,WAAW;CACZ,CAAC;AAgEX;;;;;;;;;;;GAWG;AACH,MAAM,UAAU,iBAAiB,CAC/B,UAAoC,EAAE;IAEtC,MAAM,kBAAkB,GAAG,OAAO,CAAC,aAAa,IAAI,CAAC,IAAI,CAAC,CAAC;IAE3D,uEAAuE;IACvE,qEAAqE;IACrE,gEAAgE;IAChE,MAAM,aAAa,GACjB,OAAO,CAAC,yBAAyB,KAAK,IAAI;QACxC,CAAC,CAAC,kBAAkB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;QACtC,CAAC,CAAC,kBAAkB,CAAC;IAEzB,qEAAqE;IACrE,gEAAgE;IAChE,IAAI,UAAU,GAAY,OAAO,CAAC,WAAW,IAAI,QAAQ,CAAC;IAC1D,IACE,OAAO,CAAC,kBAAkB,KAAK,IAAI;QACnC,OAAO,UAAU,KAAK,QAAQ;QAC9B,UAAU,KAAK,IAAI,EACnB,CAAC;QACD,MAAM,OAAO,GAA4B,EAAE,CAAC;QAC5C,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,CAAC;YAChD,OAAO,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;QACrB,CAAC;QACD,UAAU,GAAG,OAAO,CAAC;IACvB,CAAC;IAED,OAAO;QACL,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,OAAO,CAAC,WAAW,IAAI,KAAK;QACpD,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,OAAO,CAAC,UAAU,IAAI,MAAM;QACnD,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,OAAO,CAAC,SAAS,IAAI,YAAY;QACvD,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,UAAU;QAClC,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,aAAa;QACvC,CAAC,QAAQ,CAAC,eAAe,CAAC,EAAE,OAAO,CAAC,eAAe,IAAI,IAAI;QAC3D,CAAC,QAAQ,CAAC,iBAAiB,CAAC,EAAE,OAAO,CAAC,iBAAiB,IAAI,aAAa;QACxE,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,OAAO,CAAC,WAAW,IAAI,YAAY;KAC5D,CAAC;AACJ,CAAC;AA6BD;;;;;;GAMG;AACH,MAAM,UAAU,mBAAmB,CACjC,GAAW,EACX,GAAW;IAEX,OAAO,EAAE,WAAW,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC;AACvC,CAAC"}
|
package/dist/types.d.ts
CHANGED
|
@@ -31,7 +31,9 @@ export type IssuerConfig = IssuerSignerInput & {
|
|
|
31
31
|
hashAlg?: HashAlg;
|
|
32
32
|
/** JOSE `kid` header to set on every issued credential. Optional. */
|
|
33
33
|
kid?: string;
|
|
34
|
-
/** JOSE `typ` header. Default `
|
|
34
|
+
/** JOSE `typ` header. Default `dc+sd-jwt` per SD-JWT-VC §3.2.1 (draft-08+,
|
|
35
|
+
* November 2024). Pass `"vc+sd-jwt"` explicitly to mint with the legacy
|
|
36
|
+
* value during the transition window. */
|
|
35
37
|
typ?: string;
|
|
36
38
|
};
|
|
37
39
|
export interface IssueOptions {
|
|
@@ -58,7 +60,18 @@ export interface IssueOptions {
|
|
|
58
60
|
notBefore?: number;
|
|
59
61
|
/** Override `iat` — defaults to `floor(Date.now()/1000)` at call time. */
|
|
60
62
|
issuedAt?: number;
|
|
61
|
-
/** Optional `status` claim
|
|
63
|
+
/** Optional `status` claim per SD-JWT-VC §6 (Token Status List) /
|
|
64
|
+
* HAIP §6.1.
|
|
65
|
+
*
|
|
66
|
+
* When set, the issued credential carries a `status` claim with the
|
|
67
|
+
* supplied shape — typically `{ status_list: { uri: string, idx: number } }`
|
|
68
|
+
* referencing an IETF Token Status List the issuer publishes elsewhere
|
|
69
|
+
* (`@gramota/status-list`). The verifier resolves the URI at presentation
|
|
70
|
+
* time to look up the current revocation/suspension state at `idx`.
|
|
71
|
+
*
|
|
72
|
+
* When undefined, the `status` claim is OMITTED from the credential
|
|
73
|
+
* (not emitted as an empty value) — a credential without a status claim
|
|
74
|
+
* is treated as non-revocable by the verifier. */
|
|
62
75
|
status?: Readonly<Record<string, unknown>>;
|
|
63
76
|
/** Override the generated credential ID (default: random UUID v4). */
|
|
64
77
|
credentialId?: string;
|
package/dist/types.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAE7C,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AACtE,OAAO,KAAK,EAAE,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAEhE;;;;;;;;;;GAUG;AACH,MAAM,MAAM,iBAAiB,GACzB;IACE,qDAAqD;IACrD,UAAU,EAAE,UAAU,CAAC;IACvB,uDAAuD;IACvD,SAAS,EAAE,UAAU,CAAC;IACtB,2DAA2D;IAC3D,GAAG,EAAE,YAAY,CAAC;CACnB,GACD;IACE,2DAA2D;IAC3D,MAAM,EAAE,MAAM,CAAC;CAChB,CAAC;AAEN,2EAA2E;AAC3E,MAAM,MAAM,YAAY,GAAG,iBAAiB,GAAG;IAC7C,iEAAiE;IACjE,QAAQ,EAAE,MAAM,CAAC;IACjB,0EAA0E;IAC1E,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,qEAAqE;IACrE,GAAG,CAAC,EAAE,MAAM,CAAC;IACb
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAE7C,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AACtE,OAAO,KAAK,EAAE,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAEhE;;;;;;;;;;GAUG;AACH,MAAM,MAAM,iBAAiB,GACzB;IACE,qDAAqD;IACrD,UAAU,EAAE,UAAU,CAAC;IACvB,uDAAuD;IACvD,SAAS,EAAE,UAAU,CAAC;IACtB,2DAA2D;IAC3D,GAAG,EAAE,YAAY,CAAC;CACnB,GACD;IACE,2DAA2D;IAC3D,MAAM,EAAE,MAAM,CAAC;CAChB,CAAC;AAEN,2EAA2E;AAC3E,MAAM,MAAM,YAAY,GAAG,iBAAiB,GAAG;IAC7C,iEAAiE;IACjE,QAAQ,EAAE,MAAM,CAAC;IACjB,0EAA0E;IAC1E,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,qEAAqE;IACrE,GAAG,CAAC,EAAE,MAAM,CAAC;IACb;;6CAEyC;IACzC,GAAG,CAAC,EAAE,MAAM,CAAC;CACd,CAAC;AAEF,MAAM,WAAW,YAAY;IAC3B;;yDAEqD;IACrD,OAAO,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;IAC3C;2EACuE;IACvE,sBAAsB,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IAC3C;mEAC+D;IAC/D,SAAS,EAAE,UAAU,CAAC;IACtB;;0DAEsD;IACtD,GAAG,EAAE,MAAM,CAAC;IACZ;sBACkB;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,4EAA4E;IAC5E,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,yCAAyC;IACzC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,0EAA0E;IAC1E,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB;;;;;;;;;;;sDAWkD;IAClD,MAAM,CAAC,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;IAC3C,sEAAsE;IACtE,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AAED,kCAAkC;AAClC,MAAM,WAAW,WAAW;IAC1B,oEAAoE;IACpE,KAAK,EAAE,MAAM,CAAC;IACd,2CAA2C;IAC3C,YAAY,EAAE,MAAM,CAAC;IACrB,6EAA6E;IAC7E,WAAW,EAAE,SAAS,eAAe,EAAE,CAAC;IACxC,+DAA+D;IAC/D,SAAS,EAAE,MAAM,GAAG,SAAS,CAAC;CAC/B;AAED;;;;GAIG;AACH,MAAM,WAAW,eAAe;IAC9B;+EAC2E;IAC3E,SAAS,EAAE,UAAU,CAAC;IACtB,gFAAgF;IAChF,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB;;gCAE4B;IAC5B,MAAM,CAAC,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;CAC5C;AAED;;;;;;;;GAQG;AACH,MAAM,WAAW,iBAAiB;IAChC;uCACmC;IACnC,OAAO,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;IAC3C,2DAA2D;IAC3D,GAAG,EAAE,MAAM,CAAC;IACZ;;;kCAG8B;IAC9B,sBAAsB,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IAC3C,+DAA+D;IAC/D,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,wEAAwE;IACxE,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,oBAAoB;IACpB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB;yEACqE;IACrE,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,qDAAqD;IACrD,WAAW,EAAE,SAAS,eAAe,EAAE,CAAC;CACzC;AAED,sCAAsC;AACtC,MAAM,MAAM,eAAe,GACvB,wBAAwB,GACxB,4BAA4B,GAC5B,qBAAqB,GACrB,wBAAwB,GACxB,uBAAuB,GACvB,4BAA4B,GAC5B,kCAAkC,GAClC,oBAAoB,CAAC;AAEzB,qBAAa,WAAY,SAAQ,YAAY;IAC3C,SAAkB,IAAI,EAAE,eAAe,CAAC;gBAGtC,IAAI,EAAE,eAAe,EACrB,OAAO,EAAE,MAAM,EACf,OAAO,CAAC,EAAE;QAAE,KAAK,CAAC,EAAE,OAAO,CAAA;KAAE;CAMhC"}
|
package/dist/types.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;
|
|
1
|
+
{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AA8J7C,MAAM,OAAO,WAAY,SAAQ,YAAY;IACzB,IAAI,CAAkB;IAExC,YACE,IAAqB,EACrB,OAAe,EACf,OAA6B;QAE7B,KAAK,CAAC,OAAO,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;QAC9B,IAAI,CAAC,IAAI,GAAG,aAAa,CAAC;QAC1B,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;IACnB,CAAC;CACF"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@gramota/issuer",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.4.0",
|
|
4
4
|
"description": "EUDIW credential issuer — sign SD-JWT-VC credentials with selective disclosure and key binding.",
|
|
5
5
|
"license": "Apache-2.0",
|
|
6
6
|
"type": "module",
|
|
@@ -18,7 +18,7 @@
|
|
|
18
18
|
"dependencies": {
|
|
19
19
|
"@gramota/core": "0.2.1",
|
|
20
20
|
"@gramota/jose": "0.3.0",
|
|
21
|
-
"@gramota/sd-jwt": "0.
|
|
21
|
+
"@gramota/sd-jwt": "0.3.0"
|
|
22
22
|
},
|
|
23
23
|
"devDependencies": {
|
|
24
24
|
"jose": "^5.9.6"
|