@mattrglobal/verifier-sdk-web 1.1.1-unstable.145 → 1.1.1-unstable.153

package/dist/verifier-js.development.js

@@ -7,7 +7,7 @@
  * Do Not Translate or Localize
  *
  * Bundle of @mattrglobal/verifier-sdk-web
- * Generated: 2025-05-14
+ * Generated: 2025-05-16
  * Version: 1.1.0
  * Dependencies:
  *
@@ -650,6 +650,19 @@
     function getDefault(schema, dataset, config2) {
         return typeof schema["default"] === "function" ? schema["default"](dataset, config2) : schema["default"];
     }
+    function any() {
+        return {
+            kind: "schema",
+            type: "any",
+            reference: any,
+            expects: "any",
+            async: false,
+            _run: function _run(dataset) {
+                dataset.typed = true;
+                return dataset;
+            }
+        };
+    }
     function array(item, message) {
         return {
             kind: "schema",
@@ -733,6 +746,43 @@
             }
         };
     }
+    function literal(literal_, message) {
+        return {
+            kind: "schema",
+            type: "literal",
+            reference: literal,
+            expects: _stringify(literal_),
+            async: false,
+            literal: literal_,
+            message: message,
+            _run: function _run(dataset, config2) {
+                if (dataset.value === this.literal) {
+                    dataset.typed = true;
+                } else {
+                    _addIssue(this, "type", dataset, config2);
+                }
+                return dataset;
+            }
+        };
+    }
+    function number(message) {
+        return {
+            kind: "schema",
+            type: "number",
+            reference: number,
+            expects: "number",
+            async: false,
+            message: message,
+            _run: function _run(dataset, config2) {
+                if (typeof dataset.value === "number" && !isNaN(dataset.value)) {
+                    dataset.typed = true;
+                } else {
+                    _addIssue(this, "type", dataset, config2);
+                }
+                return dataset;
+            }
+        };
+    }
     function object(entries, message) {
         return {
             kind: "schema",
@@ -1282,17 +1332,37 @@
         credentialErrors: optional(unknown()),
         error: optional(unknown())
     });
+    exports.Mode = void 0;
+    (function(Mode) {
+        Mode["SameDevice"] = "sameDevice";
+        Mode["CrossDevice"] = "crossDevice";
+    })(exports.Mode || (exports.Mode = {}));
+    var SessionType;
+    (function(SessionType) {
+        SessionType["DigitalCredentialsApi"] = "digital-credentials-api";
+        SessionType["Openid4vp"] = "openid4vp";
+    })(SessionType || (SessionType = {}));
     object({
         credentialQuery: array(CredentialQueryValidator),
         challenge: string(),
         redirectUri: optional(string()),
-        walletProviderId: optional(string())
+        walletProviderId: optional(string()),
+        dcApiSupported: optional(_boolean())
     });
-    const CreateSessionResponseValidator = object({
+    const CreateSessionDigitalCredentialsValidator = object({
+        type: literal(SessionType.DigitalCredentialsApi),
+        sessionId: string(),
+        sessionKey: string(),
+        sessionTtl: number(),
+        request: record(string(), any())
+    });
+    const CreateSessionOpenId4vpResponseValidator = object({
+        type: optional(literal(SessionType.Openid4vp)),
         sessionId: string(),
         sessionKey: string(),
         sessionUrl: string()
     });
+    const CreateSessionResponseValidator = union([ CreateSessionDigitalCredentialsValidator, CreateSessionOpenId4vpResponseValidator ]);
     const GetSessionStatusResponseValidator = union([ object({
         status: picklist([ PresentationStatusCode.ResultReady ]),
         responseCode: optional(string())
@@ -1306,38 +1376,31 @@
     })(LocalStorageKey || (LocalStorageKey = {}));
     const MATTR_SDK_VERSION_HEADER = "x-mattr-sdk-version";
     const MATTR_SDK_VERSION_VALUE = "2.0.0";
-    exports.Mode = void 0;
-    (function(Mode) {
-        Mode["sameDevice"] = "sameDevice";
-        Mode["crossDevice"] = "crossDevice";
-    })(exports.Mode || (exports.Mode = {}));
     var MessageEventDataType;
     (function(MessageEventDataType) {
         MessageEventDataType["PresentationCompleted"] = "PresentationCompleted";
         MessageEventDataType["PresentationTimeout"] = "PresentationTimeout";
         MessageEventDataType["PresentationAbort"] = "PresentationAbort";
     })(MessageEventDataType || (MessageEventDataType = {}));
-    const RequestCredentialsSameDeviceOptionsValidator = object({
-        credentialQuery: pipe(array(CredentialQueryValidator), nonEmpty()),
-        redirectUri: string(),
-        challenge: optional(string()),
+    const OpenId4vpConfigSameDeviceOptionsValidator = object({
         walletProviderId: optional(string()),
-        mode: picklist([ exports.Mode.sameDevice ])
+        mode: literal(exports.Mode.SameDevice),
+        redirectUri: string()
     });
-    const RequestCredentialsCrossDeviceOptionsValidator = object({
-        credentialQuery: pipe(array(CredentialQueryValidator), nonEmpty()),
-        challenge: optional(string()),
+    const OpenId4vpConfigCrossDeviceOptionsValidator = object({
         walletProviderId: optional(string()),
-        mode: picklist([ exports.Mode.crossDevice ])
+        mode: literal(exports.Mode.CrossDevice)
     });
-    const RequestCredentialsAutoDetectDeviceOptionsValidator = object({
-        credentialQuery: pipe(array(CredentialQueryValidator), nonEmpty()),
+    const OpenId4vpConfigAutoDetectOptionsValidator = object({
+        walletProviderId: optional(string()),
         redirectUri: string(),
+        mode: optional(picklist([ exports.Mode.CrossDevice, exports.Mode.SameDevice ]))
+    });
+    const RequestCredentialsOptionsValidator = object({
+        credentialQuery: pipe(array(CredentialQueryValidator), nonEmpty()),
         challenge: optional(string()),
-        walletProviderId: optional(string()),
-        mode: optional(picklist([ exports.Mode.crossDevice, exports.Mode.sameDevice ]))
+        openid4vpConfiguration: optional(union([ OpenId4vpConfigSameDeviceOptionsValidator, OpenId4vpConfigCrossDeviceOptionsValidator, OpenId4vpConfigAutoDetectOptionsValidator ]))
     });
-    const RequestCredentialsOptionsValidator = union([ RequestCredentialsSameDeviceOptionsValidator, RequestCredentialsCrossDeviceOptionsValidator, RequestCredentialsAutoDetectDeviceOptionsValidator ]);
     exports.RequestCredentialsErrorType = void 0;
     (function(RequestCredentialsErrorType) {
         RequestCredentialsErrorType["RequestCredentialsFailed"] = "RequestCredentialsFailed";
@@ -1349,6 +1412,10 @@
         RequestCredentialsErrorMessage["FailedToGetSessionResult"] = "Failed to get session result";
         RequestCredentialsErrorMessage["FailedToGetSessionStatus"] = "Failed to get session status";
         RequestCredentialsErrorMessage["FailedToCreateSession"] = "Failed to create session";
+        RequestCredentialsErrorMessage["FailedToVerifyCredentialResponse"] = "Failed to verify credential response";
+        RequestCredentialsErrorMessage["MissingOpenId4vpConfig"] = "Identified openid4vp session, but missing openId4vpConfiguration on `requestCredentials`";
+        RequestCredentialsErrorMessage["DcApiError"] = "Failed to request credentials with Digital Credentials API";
+        RequestCredentialsErrorMessage["DcApiResponseParseError"] = "Failed to parse response from Digital Credentials API";
         RequestCredentialsErrorMessage["Abort"] = "User aborted the session";
         RequestCredentialsErrorMessage["Timeout"] = "User session timeout";
     })(RequestCredentialsErrorMessage || (RequestCredentialsErrorMessage = {}));
@@ -1364,10 +1431,10 @@
         apiBaseUrl: pipe(string(), nonEmpty("Must not be empty")),
         applicationId: pipe(string(), nonEmpty("Must not be empty"))
     });
-    var SafeFetchCommonRespondErrorType;
-    (function(SafeFetchCommonRespondErrorType) {
-        SafeFetchCommonRespondErrorType["UnexpectedRespond"] = "UnexpectedRespond";
-    })(SafeFetchCommonRespondErrorType || (SafeFetchCommonRespondErrorType = {}));
+    var SafeFetchCommonResponseErrorType;
+    (function(SafeFetchCommonResponseErrorType) {
+        SafeFetchCommonResponseErrorType["UnexpectedResponse"] = "UnexpectedResponse";
+    })(SafeFetchCommonResponseErrorType || (SafeFetchCommonResponseErrorType = {}));
     var SafeFetchErrorType;
     (function(SafeFetchErrorType) {
         SafeFetchErrorType["HttpError"] = "HttpError";
@@ -1501,16 +1568,15 @@
         const urlParams = new URLSearchParams(hash.split("#")[1]);
         return urlParams.get(param);
     };
-    const createSession = async ({credentialQuery: credentialQuery, challenge: challenge, redirectUri: redirectUri, apiBaseUrl: apiBaseUrl, applicationId: applicationId, walletProviderId: walletProviderId}) => {
-        const postData = Object.assign(Object.assign({
+    const createSession = async ({credentialQuery: credentialQuery, challenge: challenge, redirectUri: redirectUri, apiBaseUrl: apiBaseUrl, walletProviderId: walletProviderId, dcApiSupported: dcApiSupported, applicationId: applicationId}) => {
+        const postData = {
             credentialQuery: credentialQuery,
             challenge: challenge,
-            applicationId: applicationId
-        }, redirectUri ? {
-            redirectUri: redirectUri
-        } : {}), walletProviderId ? {
-            walletProviderId: walletProviderId
-        } : {});
+            applicationId: applicationId,
+            redirectUri: redirectUri,
+            walletProviderId: walletProviderId,
+            dcApiSupported: dcApiSupported
+        };
         const responseResult = await safeFetch(`${apiBaseUrl}/v2/presentations/sessions`, {
             method: "POST",
             headers: {
@@ -1524,8 +1590,8 @@
         const data = await responseResult.value.json();
         if (!isType(CreateSessionResponseValidator)(data)) {
             return err({
-                type: SafeFetchCommonRespondErrorType.UnexpectedRespond,
-                message: "Create session return unsupported response"
+                type: SafeFetchCommonResponseErrorType.UnexpectedResponse,
+                message: "Create session returned unsupported response"
             });
         }
         return ok(data);
@@ -1556,7 +1622,7 @@
         const data = await responseResult.value.json();
         if (!isType(GetSessionStatusResponseValidator)(data)) {
             return err({
-                type: SafeFetchCommonRespondErrorType.UnexpectedRespond,
+                type: SafeFetchCommonResponseErrorType.UnexpectedResponse,
                 message: "Get session status return unsupported response"
             });
         }
@@ -1584,7 +1650,7 @@
         const data = await responseResult.value.json();
         if (!isType(PresentationResultRelaxValidator)(data)) {
             return err({
-                type: SafeFetchCommonRespondErrorType.UnexpectedRespond,
+                type: SafeFetchCommonResponseErrorType.UnexpectedResponse,
                 message: "Exchange session result return unsupported response",
                 details: {
                     data: data
@@ -1685,24 +1751,8 @@
         modalContainer.setAttribute("class", "mattr-verifier-modal-container");
         return modalContainer;
     };
-    const requestCredentialsCrossDevice = async options => {
-        const {challenge: challenge, walletProviderId: walletProviderId, credentialQuery: credentialQuery, initialiseOptions: initialiseOptions} = options;
-        const {apiBaseUrl: apiBaseUrl, applicationId: applicationId} = initialiseOptions;
-        const createSessionResult = await createSession({
-            credentialQuery: credentialQuery,
-            challenge: challenge,
-            apiBaseUrl: apiBaseUrl,
-            applicationId: applicationId,
-            walletProviderId: walletProviderId
-        });
-        if (createSessionResult.isErr()) {
-            return err({
-                type: exports.RequestCredentialsErrorType.RequestCredentialsFailed,
-                message: RequestCredentialsErrorMessage.FailedToCreateSession,
-                cause: createSessionResult.error
-            });
-        }
-        const {sessionUrl: sessionUrl, sessionId: sessionId, sessionKey: sessionKey} = createSessionResult.value;
+    const requestCredentialsWithCrossDevice = async options => {
+        const {challenge: challenge, apiBaseUrl: apiBaseUrl, sessionUrl: sessionUrl, sessionId: sessionId, sessionKey: sessionKey} = options;
         const container = openCrossDeviceModal({
             sessionUrl: sessionUrl
         });
@@ -1732,6 +1782,126 @@
             window.addEventListener(WindowEventListenerType.message, listener, false);
         }));
     };
+    const requestCredentialsWithDigitalCredentialsApi = async options => {
+        const {apiBaseUrl: apiBaseUrl, sessionId: sessionId, sessionKey: sessionKey, challenge: challenge, request: request} = options;
+        const credentialResponseResult = await getCredentials(request);
+        if (credentialResponseResult.isErr()) {
+            await abortSession({
+                apiBaseUrl: apiBaseUrl,
+                sessionId: sessionId,
+                sessionKey: sessionKey
+            });
+            return err(credentialResponseResult.error);
+        }
+        const credentialResponse = credentialResponseResult.value;
+        const parsedCredentialResponseResult = parseCredentialResponse(credentialResponse);
+        if (parsedCredentialResponseResult.isErr()) {
+            await abortSession({
+                apiBaseUrl: apiBaseUrl,
+                sessionId: sessionId,
+                sessionKey: sessionKey
+            });
+            return err(parsedCredentialResponseResult.error);
+        }
+        const parsedCredentialResponse = parsedCredentialResponseResult.value;
+        const credentialVerificationResult = await verifyCredentialResponse({
+            apiBaseUrl: apiBaseUrl,
+            sessionId: sessionId,
+            sessionKey: sessionKey,
+            challenge: challenge,
+            protocol: parsedCredentialResponse.protocol,
+            data: parsedCredentialResponse.data
+        });
+        if (credentialVerificationResult.isErr()) {
+            return err({
+                type: exports.RequestCredentialsErrorType.RequestCredentialsFailed,
+                message: RequestCredentialsErrorMessage.FailedToVerifyCredentialResponse,
+                cause: credentialVerificationResult.error
+            });
+        }
+        return ok(credentialVerificationResult.value);
+    };
+    const getCredentials = async request => {
+        try {
+            const credentialResponse = await navigator.credentials.get(request);
+            return ok(credentialResponse);
+        } catch (exception) {
+            return err({
+                type: exports.RequestCredentialsErrorType.RequestCredentialsFailed,
+                message: RequestCredentialsErrorMessage.DcApiError,
+                cause: exception
+            });
+        }
+    };
+    const parseCredentialResponse = credentialResponse => {
+        if (!credentialResponse) {
+            return err({
+                type: exports.RequestCredentialsErrorType.RequestCredentialsFailed,
+                message: RequestCredentialsErrorMessage.DcApiResponseParseError,
+                details: {
+                    response: credentialResponse
+                }
+            });
+        }
+        if (typeof credentialResponse === "object") {
+            return ok(credentialResponse);
+        }
+        if (typeof credentialResponse === "string") {
+            try {
+                const parsed = JSON.parse(credentialResponse);
+                return ok(parsed);
+            } catch (_a) {
+                return err({
+                    type: exports.RequestCredentialsErrorType.RequestCredentialsFailed,
+                    message: RequestCredentialsErrorMessage.DcApiResponseParseError,
+                    details: {
+                        response: credentialResponse
+                    }
+                });
+            }
+        }
+        return err({
+            type: exports.RequestCredentialsErrorType.RequestCredentialsFailed,
+            message: RequestCredentialsErrorMessage.DcApiResponseParseError,
+            details: {
+                response: credentialResponse
+            }
+        });
+    };
+    const verifyCredentialResponse = async options => {
+        const {apiBaseUrl: apiBaseUrl, sessionId: sessionId, sessionKey: sessionKey, challenge: challenge, protocol: protocol, data: data} = options;
+        const requestBody = {
+            protocol: protocol,
+            data: data,
+            challenge: challenge
+        };
+        const credentialVerificationResult = await safeFetch(`${apiBaseUrl}/v2/presentations/sessions/${sessionId}/dc-api/response`, {
+            method: "POST",
+            headers: {
+                "Content-Type": "application/json",
+                Authorization: `Bearer ${sessionKey}`
+            },
+            body: JSON.stringify(requestBody)
+        });
+        if (credentialVerificationResult.isErr()) {
+            return err(credentialVerificationResult.error);
+        }
+        const credentialVerificationResponse = await credentialVerificationResult.value.json();
+        if (!isType(PresentationResultRelaxValidator)(credentialVerificationResponse)) {
+            return err({
+                type: SafeFetchCommonResponseErrorType.UnexpectedResponse,
+                message: "Verify credential returned unsupported response",
+                details: {
+                    response: credentialVerificationResponse
+                }
+            });
+        }
+        return ok(credentialVerificationResponse);
+    };
+    const isDigitalCredentialsApiSupported = () => {
+        var _a;
+        return "DigitalCredential" in window && typeof window.DigitalCredential === "function" && typeof ((_a = navigator === null || navigator === void 0 ? void 0 : navigator.credentials) === null || _a === void 0 ? void 0 : _a.get) === "function";
+    };
     const sleep = ms => new Promise((resolve => setTimeout(resolve, ms)));
     const SESSION_STATUS_POLLING_MAX_RETRY = 1e3;
     const SESSION_STATUS_POLLING_INTERVAL_MS = 3e3;
@@ -1742,24 +1912,7 @@
         SameDeviceRequestCredentialsErrorMessage["FailedToCreateSession"] = "Failed to create session";
     })(SameDeviceRequestCredentialsErrorMessage || (SameDeviceRequestCredentialsErrorMessage = {}));
     const requestCredentialsSameDevice = async options => {
-        const {challenge: challenge, credentialQuery: credentialQuery, redirectUri: redirectUri, walletProviderId: walletProviderId, initialiseOptions: initialiseOptions} = options;
-        const {apiBaseUrl: apiBaseUrl, applicationId: applicationId} = initialiseOptions;
-        const createSessionResult = await createSession({
-            credentialQuery: credentialQuery,
-            challenge: challenge,
-            redirectUri: redirectUri,
-            apiBaseUrl: apiBaseUrl,
-            applicationId: applicationId,
-            walletProviderId: walletProviderId
-        });
-        if (createSessionResult.isErr()) {
-            return err({
-                type: exports.RequestCredentialsErrorType.RequestCredentialsFailed,
-                message: SameDeviceRequestCredentialsErrorMessage.FailedToCreateSession,
-                cause: createSessionResult.error
-            });
-        }
-        const {sessionUrl: sessionUrl, sessionKey: sessionKey, sessionId: sessionId} = createSessionResult.value;
+        const {challenge: challenge, apiBaseUrl: apiBaseUrl, applicationId: applicationId, sessionUrl: sessionUrl, sessionKey: sessionKey, sessionId: sessionId} = options;
         const abortController = setActiveSession({
             sessionId: sessionId,
             sessionKey: sessionKey
@@ -1814,20 +1967,77 @@
             throw new Exception(InitialiseErrorMessage.SdkNotInitialised);
         }
         assertType(RequestCredentialsOptionsValidator, "Invalid request credential options")(options);
-        const {challenge: challenge = generateChallenge()} = options;
-        const mode = (_a = options.mode) !== null && _a !== void 0 ? _a : isMobileDetect(navigator.userAgent) ? exports.Mode.sameDevice : exports.Mode.crossDevice;
-        if (mode === exports.Mode.sameDevice && "redirectUri" in options) {
-            return await requestCredentialsSameDevice(Object.assign(Object.assign({}, options), {
-                initialiseOptions: initialiseOptions,
+        const {apiBaseUrl: apiBaseUrl, applicationId: applicationId} = initialiseOptions;
+        const {challenge: challenge = generateChallenge(), credentialQuery: credentialQuery, openid4vpConfiguration: openid4vpConfiguration} = options;
+        const dcApiSupported = isDigitalCredentialsApiSupported();
+        const openId4VpRedirectUri = deriveOpenId4vpRedirectUri(openid4vpConfiguration);
+        const createSessionResult = await createSession({
+            credentialQuery: credentialQuery,
+            challenge: challenge,
+            redirectUri: openId4VpRedirectUri,
+            walletProviderId: (_a = openid4vpConfiguration === null || openid4vpConfiguration === void 0 ? void 0 : openid4vpConfiguration.walletProviderId) !== null && _a !== void 0 ? _a : undefined,
+            apiBaseUrl: apiBaseUrl,
+            applicationId: applicationId,
+            dcApiSupported: dcApiSupported
+        });
+        if (createSessionResult.isErr()) {
+            return err({
+                type: exports.RequestCredentialsErrorType.RequestCredentialsFailed,
+                message: RequestCredentialsErrorMessage.FailedToCreateSession,
+                cause: createSessionResult.error
+            });
+        }
+        const session = createSessionResult.value;
+        const {sessionKey: sessionKey, sessionId: sessionId} = session;
+        if (session.type === SessionType.DigitalCredentialsApi) {
+            const {request: request} = session;
+            return await requestCredentialsWithDigitalCredentialsApi({
+                apiBaseUrl: apiBaseUrl,
+                request: request,
+                sessionId: sessionId,
+                sessionKey: sessionKey,
+                challenge: challenge
+            });
+        }
+        if (!openid4vpConfiguration) {
+            return err({
+                type: exports.RequestCredentialsErrorType.RequestCredentialsFailed,
+                message: RequestCredentialsErrorMessage.MissingOpenId4vpConfig
+            });
+        }
+        const {sessionUrl: sessionUrl} = session;
+        if (openId4VpRedirectUri) {
+            return await requestCredentialsSameDevice({
                 challenge: challenge,
-                mode: mode
-            }));
+                apiBaseUrl: apiBaseUrl,
+                applicationId: applicationId,
+                sessionUrl: sessionUrl,
+                sessionKey: sessionKey,
+                sessionId: sessionId
+            });
         }
-        return await requestCredentialsCrossDevice(Object.assign(Object.assign({}, options), {
-            initialiseOptions: initialiseOptions,
+        return await requestCredentialsWithCrossDevice({
             challenge: challenge,
-            mode: exports.Mode.crossDevice
-        }));
+            apiBaseUrl: apiBaseUrl,
+            sessionUrl: sessionUrl,
+            sessionKey: sessionKey,
+            sessionId: sessionId
+        });
+    };
+    const deriveOpenId4vpRedirectUri = openid4vpConfiguration => {
+        if (!openid4vpConfiguration) {
+            return undefined;
+        }
+        let detectedMode;
+        if (openid4vpConfiguration && openid4vpConfiguration.mode) {
+            detectedMode = openid4vpConfiguration.mode;
+        } else {
+            detectedMode = isMobileDetect(navigator.userAgent) ? exports.Mode.SameDevice : exports.Mode.CrossDevice;
+        }
+        if (detectedMode === exports.Mode.SameDevice && !isType(OpenId4vpConfigCrossDeviceOptionsValidator)(openid4vpConfiguration) && openid4vpConfiguration.redirectUri) {
+            return openid4vpConfiguration.redirectUri;
+        }
+        return undefined;
     };
     exports.HandleRedirectCallbackErrorType = void 0;
     (function(HandleRedirectCallbackErrorType) {
@@ -1884,7 +2094,7 @@
         if (!initialiseOptions) {
             throw new Exception(InitialiseErrorMessage.SdkNotInitialised);
         }
-        const {apiBaseUrl: apiBaseUrl, applicationId: applicationId} = initialiseOptions;
+        const {apiBaseUrl: apiBaseUrl} = initialiseOptions;
         const session = getActiveSession();
         if (!session || !session.sessionKey) {
             return ok(undefined);
@@ -1893,7 +2103,6 @@
         removeActiveSession();
         const abortSessionResult = await abortSession({
             apiBaseUrl: apiBaseUrl,
-            applicationId: applicationId,
             sessionId: sessionId,
             sessionKey: sessionKey
         });
@@ -1914,6 +2123,7 @@
     exports.abortCredentialRequest = abortCredentialRequest;
     exports.handleRedirectCallback = handleRedirectCallback;
     exports.initialise = initialise;
+    exports.isDigitalCredentialsApiSupported = isDigitalCredentialsApiSupported;
     exports.requestCredentials = requestCredentials;
     exports.utils = utils;
     Object.defineProperty(exports, "__esModule", {