@mattrglobal/verifier-sdk-web 1.1.1-unstable.15 → 1.1.1-unstable.154

package/dist/lib/verifier-js-no-deps.cjs.js

@@ -7,7 +7,7 @@
  * Do Not Translate or Localize
  *
  * Bundle of @mattrglobal/verifier-sdk-web
- * Generated: 2025-01-14
+ * Generated: 2025-05-18
  * Version: 1.1.0
  * Dependencies:
  */
@@ -89,47 +89,21 @@ const assertType = (validator, message) => data => {
     }
 };
 
-var SafeFetchCommonRespondErrorType;
-
-(function(SafeFetchCommonRespondErrorType) {
-    SafeFetchCommonRespondErrorType["UnexpectedRespond"] = "UnexpectedRespond";
-})(SafeFetchCommonRespondErrorType || (SafeFetchCommonRespondErrorType = {}));
-
-var SafeFetchErrorType;
-
-(function(SafeFetchErrorType) {
-    SafeFetchErrorType["HttpError"] = "HttpError";
-    SafeFetchErrorType["UnknownError"] = "UnknownError";
-})(SafeFetchErrorType || (SafeFetchErrorType = {}));
-
-const safeFetch = async (input, init) => {
-    try {
-        const response = await fetch(input, init);
-        if (response.status > 299 || response.status < 200) {
-            return neverthrow.err({
-                type: SafeFetchErrorType.HttpError,
-                message: `HTTP error, status = ${response.status}`,
-                status: response.status
-            });
-        }
-        return neverthrow.ok(response);
-    } catch (error) {
-        return neverthrow.err({
-            type: SafeFetchErrorType.UnknownError,
-            message: "Unknown error",
-            cause: error
-        });
-    }
-};
-
 exports.MobileCredentialVerificationReasonType = void 0;
 
 (function(MobileCredentialVerificationReasonType) {
-    MobileCredentialVerificationReasonType["Expired"] = "expired";
-    MobileCredentialVerificationReasonType["Inactive"] = "inactive";
-    MobileCredentialVerificationReasonType["StatusRevoked"] = "invalid";
-    MobileCredentialVerificationReasonType["StatusSuspended"] = "suspended";
-    MobileCredentialVerificationReasonType["StatusUnknown"] = "unknown";
+    MobileCredentialVerificationReasonType["TrustedIssuerCertificateExpired"] = "TrustedIssuerCertificateExpired";
+    MobileCredentialVerificationReasonType["TrustedIssuerCertificateNotYetValid"] = "TrustedIssuerCertificateNotYetValid";
+    MobileCredentialVerificationReasonType["IssuerNotTrusted"] = "IssuerNotTrusted";
+    MobileCredentialVerificationReasonType["MobileCredentialInvalid"] = "MobileCredentialInvalid";
+    MobileCredentialVerificationReasonType["MobileCredentialExpired"] = "MobileCredentialExpired";
+    MobileCredentialVerificationReasonType["MobileCredentialNotYetValid"] = "MobileCredentialNotYetValid";
+    MobileCredentialVerificationReasonType["InvalidSignerCertificate"] = "InvalidSignerCertificate";
+    MobileCredentialVerificationReasonType["DeviceKeyInvalid"] = "DeviceKeyInvalid";
+    MobileCredentialVerificationReasonType["UnsupportedCurve"] = "UnsupportedCurve";
+    MobileCredentialVerificationReasonType["StatusRevoked"] = "StatusRevoked";
+    MobileCredentialVerificationReasonType["StatusSuspended"] = "StatusSuspended";
+    MobileCredentialVerificationReasonType["StatusUnknown"] = "StatusUnknown";
 })(exports.MobileCredentialVerificationReasonType || (exports.MobileCredentialVerificationReasonType = {}));
 
 exports.ClaimType = void 0;
@@ -164,6 +138,15 @@ exports.OpenidPresentationCredentialProfileSupported = void 0;
     OpenidPresentationCredentialProfileSupported["MOBILE"] = "mobile";
 })(exports.OpenidPresentationCredentialProfileSupported || (exports.OpenidPresentationCredentialProfileSupported = {}));
 
+var PresentationStatusCode;
+
+(function(PresentationStatusCode) {
+    PresentationStatusCode["AwaitingRequestRetrieval"] = "AwaitingRequestRetrieval";
+    PresentationStatusCode["AwaitingResponse"] = "AwaitingResponse";
+    PresentationStatusCode["ResponseSubmitted"] = "ResponseSubmitted";
+    PresentationStatusCode["ResultReady"] = "ResultReady";
+})(PresentationStatusCode || (PresentationStatusCode = {}));
+
 const CredentialQueryValidator = v__namespace.object({
     profile: v__namespace.picklist([ exports.OpenidPresentationCredentialProfileSupported.MOBILE ]),
     docType: v__namespace.string(),
@@ -191,18 +174,63 @@ const PresentationResultRelaxValidator = v__namespace.object({
     error: v__namespace.optional(v__namespace.unknown())
 });
 
+exports.Mode = void 0;
+
+(function(Mode) {
+    Mode["SameDevice"] = "sameDevice";
+    Mode["CrossDevice"] = "crossDevice";
+})(exports.Mode || (exports.Mode = {}));
+
+var SessionType;
+
+(function(SessionType) {
+    SessionType["DigitalCredentialsApi"] = "digital-credentials-api";
+    SessionType["Openid4vp"] = "openid4vp";
+})(SessionType || (SessionType = {}));
+
 v__namespace.object({
     credentialQuery: v__namespace.array(CredentialQueryValidator),
     challenge: v__namespace.string(),
     redirectUri: v__namespace.optional(v__namespace.string()),
-    walletProviderId: v__namespace.optional(v__namespace.string())
+    walletProviderId: v__namespace.optional(v__namespace.string()),
+    dcApiSupported: v__namespace.optional(v__namespace.boolean())
 });
 
-const CreateSessionResponseValidator = v__namespace.object({
+const CreateSessionDigitalCredentialsValidator = v__namespace.object({
+    type: v__namespace.literal(SessionType.DigitalCredentialsApi),
     sessionId: v__namespace.string(),
+    sessionKey: v__namespace.string(),
+    sessionTtl: v__namespace.number(),
+    request: v__namespace.record(v__namespace.string(), v__namespace.any())
+});
+
+const CreateSessionOpenId4vpResponseValidator = v__namespace.object({
+    type: v__namespace.optional(v__namespace.literal(SessionType.Openid4vp)),
+    sessionId: v__namespace.string(),
+    sessionKey: v__namespace.string(),
     sessionUrl: v__namespace.string()
 });
 
+const CreateSessionResponseValidator = v__namespace.union([ CreateSessionDigitalCredentialsValidator, CreateSessionOpenId4vpResponseValidator ]);
+
+v__namespace.object({
+    sessionId: v__namespace.string(),
+    sessionKey: v__namespace.string(),
+    apiBaseUrl: v__namespace.string()
+});
+
+v__namespace.object({
+    sessionId: v__namespace.string(),
+    sessionKey: v__namespace.string()
+});
+
+const GetSessionStatusResponseValidator = v__namespace.union([ v__namespace.object({
+    status: v__namespace.picklist([ PresentationStatusCode.ResultReady ]),
+    responseCode: v__namespace.optional(v__namespace.string())
+}), v__namespace.object({
+    status: v__namespace.string()
+}) ]);
+
 var LocalStorageKey;
 
 (function(LocalStorageKey) {
@@ -210,12 +238,9 @@ var LocalStorageKey;
     LocalStorageKey["sessionId"] = "mattr_sid";
 })(LocalStorageKey || (LocalStorageKey = {}));
 
-exports.Mode = void 0;
+const MATTR_SDK_VERSION_HEADER = "x-mattr-sdk-version";
 
-(function(Mode) {
-    Mode["sameDevice"] = "sameDevice";
-    Mode["crossDevice"] = "crossDevice";
-})(exports.Mode || (exports.Mode = {}));
+const MATTR_SDK_VERSION_VALUE = "2.0.0";
 
 var MessageEventDataType;
 
@@ -225,50 +250,106 @@ var MessageEventDataType;
     MessageEventDataType["PresentationAbort"] = "PresentationAbort";
 })(MessageEventDataType || (MessageEventDataType = {}));
 
-const RequestCredentialsSameDeviceOptionsValidator = v__namespace.object({
-    credentialQuery: v__namespace.pipe(v__namespace.array(CredentialQueryValidator), v__namespace.nonEmpty()),
-    redirectUri: v__namespace.string(),
-    challenge: v__namespace.optional(v__namespace.string()),
+const OpenId4vpConfigSameDeviceOptionsValidator = v__namespace.object({
     walletProviderId: v__namespace.optional(v__namespace.string()),
-    mode: v__namespace.picklist([ exports.Mode.sameDevice ])
+    mode: v__namespace.literal(exports.Mode.SameDevice),
+    redirectUri: v__namespace.string()
 });
 
-const RequestCredentialsCrossDeviceOptionsValidator = v__namespace.object({
-    credentialQuery: v__namespace.pipe(v__namespace.array(CredentialQueryValidator), v__namespace.nonEmpty()),
-    crossDeviceCallback: v__namespace.object({
-        onComplete: v__namespace.function(),
-        onFailure: v__namespace.function()
-    }),
-    challenge: v__namespace.optional(v__namespace.string()),
+const OpenId4vpConfigCrossDeviceOptionsValidator = v__namespace.object({
     walletProviderId: v__namespace.optional(v__namespace.string()),
-    mode: v__namespace.picklist([ exports.Mode.crossDevice ])
+    mode: v__namespace.literal(exports.Mode.CrossDevice)
 });
 
-const RequestCredentialsAutoDetectDeviceOptionsValidator = v__namespace.object({
-    credentialQuery: v__namespace.pipe(v__namespace.array(CredentialQueryValidator), v__namespace.nonEmpty()),
-    crossDeviceCallback: v__namespace.object({
-        onComplete: v__namespace.function(),
-        onFailure: v__namespace.function()
-    }),
-    redirectUri: v__namespace.string(),
-    challenge: v__namespace.optional(v__namespace.string()),
+const OpenId4vpConfigAutoDetectOptionsValidator = v__namespace.object({
     walletProviderId: v__namespace.optional(v__namespace.string()),
-    mode: v__namespace.optional(v__namespace.picklist([ exports.Mode.crossDevice, exports.Mode.sameDevice ]))
+    redirectUri: v__namespace.string(),
+    mode: v__namespace.optional(v__namespace.picklist([ exports.Mode.CrossDevice, exports.Mode.SameDevice ]))
 });
 
-const RequestCredentialsOptionsValidator = v__namespace.union([ RequestCredentialsSameDeviceOptionsValidator, RequestCredentialsCrossDeviceOptionsValidator, RequestCredentialsAutoDetectDeviceOptionsValidator ]);
+const RequestCredentialsOptionsValidator = v__namespace.object({
+    credentialQuery: v__namespace.pipe(v__namespace.array(CredentialQueryValidator), v__namespace.nonEmpty()),
+    challenge: v__namespace.optional(v__namespace.string()),
+    openid4vpConfiguration: v__namespace.optional(v__namespace.union([ OpenId4vpConfigSameDeviceOptionsValidator, OpenId4vpConfigCrossDeviceOptionsValidator, OpenId4vpConfigAutoDetectOptionsValidator ]))
+});
 
 exports.RequestCredentialsErrorType = void 0;
 
 (function(RequestCredentialsErrorType) {
     RequestCredentialsErrorType["RequestCredentialsFailed"] = "RequestCredentialsFailed";
+    RequestCredentialsErrorType["Timeout"] = "Timeout";
+    RequestCredentialsErrorType["Abort"] = "Abort";
 })(exports.RequestCredentialsErrorType || (exports.RequestCredentialsErrorType = {}));
 
+var RequestCredentialsErrorMessage;
+
+(function(RequestCredentialsErrorMessage) {
+    RequestCredentialsErrorMessage["FailedToGetSessionResult"] = "Failed to get session result";
+    RequestCredentialsErrorMessage["FailedToGetSessionStatus"] = "Failed to get session status";
+    RequestCredentialsErrorMessage["FailedToCreateSession"] = "Failed to create session";
+    RequestCredentialsErrorMessage["FailedToVerifyCredentialResponse"] = "Failed to verify credential response";
+    RequestCredentialsErrorMessage["MissingOpenId4vpConfig"] = "Identified openid4vp session, but missing openId4vpConfiguration on `requestCredentials`";
+    RequestCredentialsErrorMessage["DcApiError"] = "Failed to request credentials with Digital Credentials API";
+    RequestCredentialsErrorMessage["DcApiResponseParseError"] = "Failed to parse response from Digital Credentials API";
+    RequestCredentialsErrorMessage["Abort"] = "User aborted the session";
+    RequestCredentialsErrorMessage["Timeout"] = "User session timeout";
+})(RequestCredentialsErrorMessage || (RequestCredentialsErrorMessage = {}));
+
+exports.AbortSessionErrorType = void 0;
+
+(function(AbortSessionErrorType) {
+    AbortSessionErrorType["AbortSessionFailed"] = "AbortSessionFailed";
+})(exports.AbortSessionErrorType || (exports.AbortSessionErrorType = {}));
+
+var AbortSessionErrorMessage;
+
+(function(AbortSessionErrorMessage) {
+    AbortSessionErrorMessage["FailedToAbortSession"] = "Failed to abort session";
+})(AbortSessionErrorMessage || (AbortSessionErrorMessage = {}));
+
 const InitialiseOptionsValidator = v__namespace.object({
-    apiBaseUrl: v__namespace.string(),
-    applicationId: v__namespace.optional(v__namespace.string())
+    apiBaseUrl: v__namespace.pipe(v__namespace.string(), v__namespace.nonEmpty("Must not be empty")),
+    applicationId: v__namespace.pipe(v__namespace.string(), v__namespace.nonEmpty("Must not be empty"))
 });
 
+var SafeFetchCommonResponseErrorType;
+
+(function(SafeFetchCommonResponseErrorType) {
+    SafeFetchCommonResponseErrorType["UnexpectedResponse"] = "UnexpectedResponse";
+})(SafeFetchCommonResponseErrorType || (SafeFetchCommonResponseErrorType = {}));
+
+var SafeFetchErrorType;
+
+(function(SafeFetchErrorType) {
+    SafeFetchErrorType["HttpError"] = "HttpError";
+    SafeFetchErrorType["UnknownError"] = "UnknownError";
+})(SafeFetchErrorType || (SafeFetchErrorType = {}));
+
+const safeFetch = async (input, init) => {
+    try {
+        const headers = Object.assign(Object.assign({}, init === null || init === void 0 ? void 0 : init.headers), {
+            [MATTR_SDK_VERSION_HEADER]: `verifier-sdk-web/${MATTR_SDK_VERSION_VALUE}`
+        });
+        const response = await fetch(input, Object.assign(Object.assign({}, init), {
+            headers: headers
+        }));
+        if (response.status > 299 || response.status < 200) {
+            return neverthrow.err({
+                type: SafeFetchErrorType.HttpError,
+                message: `HTTP error, status = ${response.status}`,
+                status: response.status
+            });
+        }
+        return neverthrow.ok(response);
+    } catch (error) {
+        return neverthrow.err({
+            type: SafeFetchErrorType.UnknownError,
+            message: "Unknown error",
+            cause: error
+        });
+    }
+};
+
 let initialiseOptions = undefined;
 
 var InitialiseErrorMessage;
@@ -284,10 +365,71 @@ const initialise = options => {
 
 const getInitialiseOptions = () => initialiseOptions;
 
+let sessionAbortController = undefined;
+
+let _sessionId = undefined;
+
+let _sessionKey = undefined;
+
+let _sessionTimeoutId = undefined;
+
+const getActiveSession = () => {
+    const sessionId = _sessionId;
+    const sessionKey = _sessionKey;
+    const sessionTimeoutId = _sessionTimeoutId;
+    if (sessionId) {
+        return {
+            sessionId: sessionId,
+            sessionKey: sessionKey,
+            sessionTimeoutId: sessionTimeoutId
+        };
+    }
+    return undefined;
+};
+
+const setActiveSession = session => {
+    const {sessionId: sessionId, sessionKey: sessionKey, sessionTimeoutId: sessionTimeoutId} = session;
+    _sessionId = sessionId;
+    _sessionKey = sessionKey;
+    _sessionTimeoutId = sessionTimeoutId;
+    const abortController = new AbortController;
+    sessionAbortController = abortController;
+    return abortController;
+};
+
+const removeActiveSession = () => {
+    sessionAbortController === null || sessionAbortController === void 0 ? void 0 : sessionAbortController.abort();
+    if (_sessionTimeoutId) {
+        window.clearTimeout(_sessionTimeoutId);
+    }
+    sessionAbortController = undefined;
+    _sessionKey = undefined;
+    _sessionId = undefined;
+    _sessionTimeoutId = undefined;
+};
+
 const defaultRetryDelay = attempt => Math.pow(2, attempt) * 1e3;
 
 const defaultRetry = 2;
 
+const withRetry = async (fn, options) => {
+    const {retries: retries = defaultRetry, retryDelay: retryDelay = defaultRetryDelay, attempt: attempt = 0} = options;
+    try {
+        return await fn();
+    } catch (err) {
+        if (retries > 0) {
+            const delay = typeof retryDelay === "function" ? retryDelay(attempt) : retryDelay;
+            await new Promise((resolve => setTimeout(resolve, delay)));
+            return await withRetry(fn, Object.assign(Object.assign({}, options), {
+                retries: retries - 1,
+                retryDelay: retryDelay,
+                attempt: attempt + 1
+            }));
+        }
+        throw err;
+    }
+};
+
 const withRetrySafeFetch = async (fn, options) => {
     const {retries: retries = defaultRetry, retryDelay: retryDelay = defaultRetryDelay, attempt: attempt = 0, retryHttpStatus: retryHttpStatus} = options;
     const result = await fn();
@@ -316,17 +458,15 @@ const getHashParamValue = (hash, param) => {
     return urlParams.get(param);
 };
 
-const createSession = async ({credentialQuery: credentialQuery, challenge: challenge, redirectUri: redirectUri, apiBaseUrl: apiBaseUrl, applicationId: applicationId, walletProviderId: walletProviderId}) => {
-    const postData = Object.assign(Object.assign(Object.assign({
+const createSession = async ({credentialQuery: credentialQuery, challenge: challenge, redirectUri: redirectUri, apiBaseUrl: apiBaseUrl, walletProviderId: walletProviderId, dcApiSupported: dcApiSupported, applicationId: applicationId}) => {
+    const postData = {
         credentialQuery: credentialQuery,
-        challenge: challenge
-    }, redirectUri ? {
-        redirectUri: redirectUri
-    } : {}), applicationId ? {
-        applicationId: applicationId
-    } : {}), walletProviderId ? {
-        walletProviderId: walletProviderId
-    } : {});
+        challenge: challenge,
+        applicationId: applicationId,
+        redirectUri: redirectUri,
+        walletProviderId: walletProviderId,
+        dcApiSupported: dcApiSupported
+    };
     const responseResult = await safeFetch(`${apiBaseUrl}/v2/presentations/sessions`, {
         method: "POST",
         headers: {
@@ -340,8 +480,42 @@ const createSession = async ({credentialQuery: credentialQuery, challenge: chall
     const data = await responseResult.value.json();
     if (!isType(CreateSessionResponseValidator)(data)) {
         return neverthrow.err({
-            type: SafeFetchCommonRespondErrorType.UnexpectedRespond,
-            message: "Create session return unsupported response"
+            type: SafeFetchCommonResponseErrorType.UnexpectedResponse,
+            message: "Create session returned unsupported response"
+        });
+    }
+    return neverthrow.ok(data);
+};
+
+const abortSession = async ({apiBaseUrl: apiBaseUrl, sessionId: sessionId, sessionKey: sessionKey}) => {
+    const responseResult = await safeFetch(`${apiBaseUrl}/v2/presentations/sessions/${sessionId}/abort`, {
+        method: "POST",
+        headers: {
+            "Content-Type": "application/json",
+            Authorization: `Bearer ${sessionKey}`
+        }
+    });
+    if (responseResult.isErr()) {
+        return neverthrow.err(responseResult.error);
+    }
+    return neverthrow.ok(undefined);
+};
+
+const getSessionStatus = async ({apiBaseUrl: apiBaseUrl, sessionId: sessionId, sessionKey: sessionKey}) => {
+    const responseResult = await safeFetch(`${apiBaseUrl}/v2/presentations/sessions/${sessionId}/status`, {
+        method: "GET",
+        headers: {
+            Authorization: `Bearer ${sessionKey}`
+        }
+    });
+    if (responseResult.isErr()) {
+        return neverthrow.err(responseResult.error);
+    }
+    const data = await responseResult.value.json();
+    if (!isType(GetSessionStatusResponseValidator)(data)) {
+        return neverthrow.err({
+            type: SafeFetchCommonResponseErrorType.UnexpectedResponse,
+            message: "Get session status return unsupported response"
         });
     }
     return neverthrow.ok(data);
@@ -369,7 +543,7 @@ const exchangeSessionResult = async ({challenge: challenge, responseCode: respon
     const data = await responseResult.value.json();
     if (!isType(PresentationResultRelaxValidator)(data)) {
         return neverthrow.err({
-            type: SafeFetchCommonRespondErrorType.UnexpectedRespond,
+            type: SafeFetchCommonResponseErrorType.UnexpectedResponse,
             message: "Exchange session result return unsupported response",
             details: {
                 data: data
@@ -384,22 +558,7 @@ const isMobileDetect = userAgent => isMobile.isMobile({
     tablet: false
 });
 
-exports.CrossDeviceCallbackErrorType = void 0;
-
-(function(CrossDeviceCallbackErrorType) {
-    CrossDeviceCallbackErrorType["Timeout"] = "Timeout";
-    CrossDeviceCallbackErrorType["Abort"] = "Abort";
-    CrossDeviceCallbackErrorType["RequestCredentialsFailed"] = "RequestCredentialsFailed";
-})(exports.CrossDeviceCallbackErrorType || (exports.CrossDeviceCallbackErrorType = {}));
-
-var CrossDeviceRequestCredentialsErrorMessage;
-
-(function(CrossDeviceRequestCredentialsErrorMessage) {
-    CrossDeviceRequestCredentialsErrorMessage["FailedToGetSessionResult"] = "Failed to get session result";
-    CrossDeviceRequestCredentialsErrorMessage["FailedToCreateSession"] = "Failed to create session";
-    CrossDeviceRequestCredentialsErrorMessage["Abort"] = "User aborted the session";
-    CrossDeviceRequestCredentialsErrorMessage["Timeout"] = "User session timeout";
-})(CrossDeviceRequestCredentialsErrorMessage || (CrossDeviceRequestCredentialsErrorMessage = {}));
+const getVersion = () => MATTR_SDK_VERSION_VALUE;
 
 var WindowEventListenerType;
 
@@ -407,10 +566,13 @@ var WindowEventListenerType;
     WindowEventListenerType["message"] = "message";
 })(WindowEventListenerType || (WindowEventListenerType = {}));
 
-let listener;
+let listener = undefined;
 
 const removeWindowMessageEventListener = () => {
-    window.removeEventListener(WindowEventListenerType.message, listener, false);
+    if (listener) {
+        window.removeEventListener(WindowEventListenerType.message, listener, false);
+    }
+    listener = undefined;
 };
 
 const closeCrossDeviceModal = options => {
@@ -422,8 +584,7 @@ const closeCrossDeviceModal = options => {
 };
 
 const receiveMessageHandler = options => async event => {
-    const {crossDeviceCallback: crossDeviceCallback, container: container, sessionId: sessionId, apiBaseUrl: apiBaseUrl, challenge: challenge} = options;
-    const {onComplete: onComplete, onFailure: onFailure} = crossDeviceCallback;
+    const {onComplete: onComplete, onFailure: onFailure, container: container, sessionId: sessionId, apiBaseUrl: apiBaseUrl, challenge: challenge} = options;
     if (event.origin !== apiBaseUrl) {
         return;
     }
@@ -437,8 +598,8 @@ const receiveMessageHandler = options => async event => {
         });
         if (result.isErr()) {
             onFailure({
-                type: exports.CrossDeviceCallbackErrorType.RequestCredentialsFailed,
-                message: CrossDeviceRequestCredentialsErrorMessage.FailedToGetSessionResult
+                type: exports.RequestCredentialsErrorType.RequestCredentialsFailed,
+                message: RequestCredentialsErrorMessage.FailedToGetSessionResult
             });
             closeCrossDeviceModal({
                 container: container
@@ -446,8 +607,9 @@ const receiveMessageHandler = options => async event => {
             return;
         }
         onComplete({
-            result: result.value,
-            sessionId: result.value.sessionId
+            result: "challenge" in result.value ? result.value : undefined,
+            sessionId: result.value.sessionId,
+            sessionCompletedInRedirect: false
         });
         closeCrossDeviceModal({
             container: container
@@ -456,8 +618,8 @@ const receiveMessageHandler = options => async event => {
     }
     if (event.data.type === MessageEventDataType.PresentationTimeout) {
         onFailure({
-            type: exports.CrossDeviceCallbackErrorType.Timeout,
-            message: CrossDeviceRequestCredentialsErrorMessage.Timeout
+            type: exports.RequestCredentialsErrorType.Timeout,
+            message: RequestCredentialsErrorMessage.Timeout
         });
         closeCrossDeviceModal({
             container: container
@@ -466,8 +628,8 @@ const receiveMessageHandler = options => async event => {
     }
     if (event.data.type === MessageEventDataType.PresentationAbort) {
         onFailure({
-            type: exports.CrossDeviceCallbackErrorType.Abort,
-            message: CrossDeviceRequestCredentialsErrorMessage.Abort
+            type: exports.RequestCredentialsErrorType.Abort,
+            message: RequestCredentialsErrorMessage.Abort
         });
         closeCrossDeviceModal({
             container: container
@@ -492,41 +654,198 @@ const openCrossDeviceModal = options => {
     return modalContainer;
 };
 
-const requestCredentialsCrossDevice = async options => {
-    const {challenge: challenge, walletProviderId: walletProviderId, credentialQuery: credentialQuery, crossDeviceCallback: crossDeviceCallback, initialiseOptions: initialiseOptions} = options;
-    const {apiBaseUrl: apiBaseUrl, applicationId: applicationId} = initialiseOptions;
-    const createSessionResult = await createSession({
-        credentialQuery: credentialQuery,
-        challenge: challenge,
+const requestCredentialsWithCrossDevice = async options => {
+    const {challenge: challenge, apiBaseUrl: apiBaseUrl, sessionUrl: sessionUrl, sessionId: sessionId, sessionKey: sessionKey} = options;
+    const container = openCrossDeviceModal({
+        sessionUrl: sessionUrl
+    });
+    return await new Promise((resolve => {
+        const abortController = setActiveSession({
+            sessionId: sessionId,
+            sessionKey: sessionKey
+        });
+        abortController.signal.addEventListener("abort", (() => {
+            closeCrossDeviceModal({
+                container: container
+            });
+            resolve(neverthrow.err({
+                type: exports.RequestCredentialsErrorType.Abort,
+                message: RequestCredentialsErrorMessage.Abort
+            }));
+        }));
+        removeWindowMessageEventListener();
+        listener = receiveMessageHandler({
+            container: container,
+            sessionId: sessionId,
+            apiBaseUrl: apiBaseUrl,
+            challenge: challenge,
+            onComplete: data => resolve(neverthrow.ok(data)),
+            onFailure: error => resolve(neverthrow.err(error))
+        });
+        window.addEventListener(WindowEventListenerType.message, listener, false);
+    }));
+};
+
+const abortCredentialRequest = async () => {
+    const initialiseOptions = getInitialiseOptions();
+    if (!initialiseOptions) {
+        throw new Exception(InitialiseErrorMessage.SdkNotInitialised);
+    }
+    const {apiBaseUrl: apiBaseUrl} = initialiseOptions;
+    const session = getActiveSession();
+    if (!session || !session.sessionKey) {
+        return neverthrow.ok(undefined);
+    }
+    const {sessionId: sessionId, sessionKey: sessionKey} = session;
+    removeActiveSession();
+    const abortSessionResult = await abortSession({
         apiBaseUrl: apiBaseUrl,
-        applicationId: applicationId,
-        walletProviderId: walletProviderId
+        sessionId: sessionId,
+        sessionKey: sessionKey
     });
-    if (createSessionResult.isErr()) {
+    if (abortSessionResult.isErr()) {
         return neverthrow.err({
-            type: exports.RequestCredentialsErrorType.RequestCredentialsFailed,
-            message: CrossDeviceRequestCredentialsErrorMessage.FailedToCreateSession,
-            cause: createSessionResult.error
+            type: exports.AbortSessionErrorType.AbortSessionFailed,
+            message: AbortSessionErrorMessage.FailedToAbortSession,
+            cause: abortSessionResult.error
         });
     }
-    const {sessionUrl: sessionUrl, sessionId: sessionId} = createSessionResult.value;
-    const container = openCrossDeviceModal({
-        sessionUrl: sessionUrl,
-        crossDeviceCallback: crossDeviceCallback
-    });
-    listener = receiveMessageHandler({
-        crossDeviceCallback: crossDeviceCallback,
-        container: container,
+    return neverthrow.ok(undefined);
+};
+
+const requestCredentialsWithDigitalCredentialsApi = async options => {
+    const {apiBaseUrl: apiBaseUrl, sessionId: sessionId, sessionKey: sessionKey, challenge: challenge, request: request, sessionTtl: sessionTtl} = options;
+    const sessionTimeoutId = window.setTimeout((() => removeActiveSession()), sessionTtl * 1e3);
+    const abortController = setActiveSession({
         sessionId: sessionId,
+        sessionKey: sessionKey,
+        sessionTimeoutId: sessionTimeoutId
+    });
+    const credentialResponseResult = await getCredentials(request, abortController);
+    if (credentialResponseResult.isErr()) {
+        await abortCredentialRequest();
+        return neverthrow.err(credentialResponseResult.error);
+    }
+    const credentialResponse = credentialResponseResult.value;
+    const parsedCredentialResponseResult = parseCredentialResponse(credentialResponse);
+    if (parsedCredentialResponseResult.isErr()) {
+        await abortCredentialRequest();
+        return neverthrow.err(parsedCredentialResponseResult.error);
+    }
+    const parsedCredentialResponse = parsedCredentialResponseResult.value;
+    const credentialVerificationResult = await verifyCredentialResponse({
         apiBaseUrl: apiBaseUrl,
-        challenge: challenge
+        sessionId: sessionId,
+        sessionKey: sessionKey,
+        challenge: challenge,
+        protocol: parsedCredentialResponse.protocol,
+        data: parsedCredentialResponse.data
     });
-    window.addEventListener(WindowEventListenerType.message, listener, false);
-    return neverthrow.ok({
-        sessionId: sessionId
+    if (credentialVerificationResult.isErr()) {
+        return neverthrow.err({
+            type: exports.RequestCredentialsErrorType.RequestCredentialsFailed,
+            message: RequestCredentialsErrorMessage.FailedToVerifyCredentialResponse,
+            cause: credentialVerificationResult.error
+        });
+    }
+    return neverthrow.ok(credentialVerificationResult.value);
+};
+
+const getCredentials = async (request, abortController) => {
+    try {
+        const credentialResponse = await navigator.credentials.get(Object.assign(Object.assign({}, request), {
+            signal: abortController.signal
+        }));
+        return neverthrow.ok(credentialResponse);
+    } catch (exception) {
+        return neverthrow.err({
+            type: exports.RequestCredentialsErrorType.RequestCredentialsFailed,
+            message: RequestCredentialsErrorMessage.DcApiError,
+            cause: exception
+        });
+    }
+};
+
+const parseCredentialResponse = credentialResponse => {
+    if (!credentialResponse) {
+        return neverthrow.err({
+            type: exports.RequestCredentialsErrorType.RequestCredentialsFailed,
+            message: RequestCredentialsErrorMessage.DcApiResponseParseError,
+            details: {
+                response: credentialResponse
+            }
+        });
+    }
+    if (typeof credentialResponse === "object") {
+        return neverthrow.ok(credentialResponse);
+    }
+    if (typeof credentialResponse === "string") {
+        try {
+            const parsed = JSON.parse(credentialResponse);
+            return neverthrow.ok(parsed);
+        } catch (_a) {
+            return neverthrow.err({
+                type: exports.RequestCredentialsErrorType.RequestCredentialsFailed,
+                message: RequestCredentialsErrorMessage.DcApiResponseParseError,
+                details: {
+                    response: credentialResponse
+                }
+            });
+        }
+    }
+    return neverthrow.err({
+        type: exports.RequestCredentialsErrorType.RequestCredentialsFailed,
+        message: RequestCredentialsErrorMessage.DcApiResponseParseError,
+        details: {
+            response: credentialResponse
+        }
     });
 };
 
+const verifyCredentialResponse = async options => {
+    const {apiBaseUrl: apiBaseUrl, sessionId: sessionId, sessionKey: sessionKey, challenge: challenge, protocol: protocol, data: data} = options;
+    const requestBody = {
+        protocol: protocol,
+        data: data,
+        challenge: challenge
+    };
+    const credentialVerificationResult = await safeFetch(`${apiBaseUrl}/v2/presentations/sessions/${sessionId}/dc-api/response`, {
+        method: "POST",
+        headers: {
+            "Content-Type": "application/json",
+            Authorization: `Bearer ${sessionKey}`
+        },
+        body: JSON.stringify(requestBody)
+    });
+    if (credentialVerificationResult.isErr()) {
+        return neverthrow.err(credentialVerificationResult.error);
+    }
+    const credentialVerificationResponse = await credentialVerificationResult.value.json();
+    if (!isType(PresentationResultRelaxValidator)(credentialVerificationResponse)) {
+        return neverthrow.err({
+            type: SafeFetchCommonResponseErrorType.UnexpectedResponse,
+            message: "Verify credential returned unsupported response",
+            details: {
+                response: credentialVerificationResponse
+            }
+        });
+    }
+    return neverthrow.ok(credentialVerificationResponse);
+};
+
+const isDigitalCredentialsApiSupported = () => {
+    var _a;
+    return "DigitalCredential" in window && typeof window.DigitalCredential === "function" && typeof ((_a = navigator === null || navigator === void 0 ? void 0 : navigator.credentials) === null || _a === void 0 ? void 0 : _a.get) === "function";
+};
+
+const sleep = ms => new Promise((resolve => setTimeout(resolve, ms)));
+
+const SESSION_STATUS_POLLING_MAX_RETRY = 1e3;
+
+const SESSION_STATUS_POLLING_INTERVAL_MS = 3e3;
+
+const SESSION_STATUS_POLLING_INITIAL_DELAY_MS = 3e3;
+
 var SameDeviceRequestCredentialsErrorMessage;
 
 (function(SameDeviceRequestCredentialsErrorMessage) {
@@ -535,65 +854,135 @@ var SameDeviceRequestCredentialsErrorMessage;
 })(SameDeviceRequestCredentialsErrorMessage || (SameDeviceRequestCredentialsErrorMessage = {}));
 
 const requestCredentialsSameDevice = async options => {
-    const {challenge: challenge, credentialQuery: credentialQuery, redirectUri: redirectUri, walletProviderId: walletProviderId, initialiseOptions: initialiseOptions} = options;
-    const {apiBaseUrl: apiBaseUrl, applicationId: applicationId} = initialiseOptions;
+    const {challenge: challenge, apiBaseUrl: apiBaseUrl, applicationId: applicationId, sessionUrl: sessionUrl, sessionKey: sessionKey, sessionId: sessionId} = options;
+    const abortController = setActiveSession({
+        sessionId: sessionId,
+        sessionKey: sessionKey
+    });
+    window.localStorage.setItem(LocalStorageKey.sessionId, sessionId);
     window.localStorage.setItem(LocalStorageKey.challenge, challenge);
-    const storedChallenge = window.localStorage.getItem(LocalStorageKey.challenge);
-    if (!storedChallenge) {
-        return neverthrow.err({
-            type: exports.RequestCredentialsErrorType.RequestCredentialsFailed,
-            message: SameDeviceRequestCredentialsErrorMessage.FailedToStoreChallenge
+    window.location.assign(sessionUrl);
+    await sleep(SESSION_STATUS_POLLING_INITIAL_DELAY_MS);
+    const checkResult = await withRetry((async () => {
+        const statusResult = await getSessionStatus({
+            apiBaseUrl: apiBaseUrl,
+            applicationId: applicationId,
+            sessionId: sessionId,
+            sessionKey: sessionKey
         });
+        if (abortController.signal.aborted) {
+            return neverthrow.err({
+                type: exports.RequestCredentialsErrorType.Abort,
+                message: RequestCredentialsErrorMessage.Abort
+            });
+        }
+        if (statusResult.isErr()) {
+            if (statusResult.error.status === 404) {
+                return neverthrow.err({
+                    type: exports.RequestCredentialsErrorType.Timeout,
+                    message: RequestCredentialsErrorMessage.Timeout
+                });
+            }
+            throw Error("Unexpected status response. Retry");
+        }
+        if (statusResult.value.status !== PresentationStatusCode.ResultReady) {
+            throw Error("Result is not ready. Retry");
+        }
+        return neverthrow.ok(undefined);
+    }), {
+        retries: SESSION_STATUS_POLLING_MAX_RETRY,
+        retryDelay: SESSION_STATUS_POLLING_INTERVAL_MS
+    });
+    if (checkResult.isErr()) {
+        return neverthrow.err(checkResult.error);
     }
+    window.close();
+    return neverthrow.ok({
+        sessionId: sessionId,
+        sessionCompletedInRedirect: true
+    });
+};
+
+const requestCredentials = async options => {
+    var _a;
+    const initialiseOptions = getInitialiseOptions();
+    if (!initialiseOptions) {
+        throw new Exception(InitialiseErrorMessage.SdkNotInitialised);
+    }
+    assertType(RequestCredentialsOptionsValidator, "Invalid request credential options")(options);
+    const {apiBaseUrl: apiBaseUrl, applicationId: applicationId} = initialiseOptions;
+    const {challenge: challenge = generateChallenge(), credentialQuery: credentialQuery, openid4vpConfiguration: openid4vpConfiguration} = options;
+    const dcApiSupported = isDigitalCredentialsApiSupported();
+    const openId4VpRedirectUri = deriveOpenId4vpRedirectUri(openid4vpConfiguration);
     const createSessionResult = await createSession({
         credentialQuery: credentialQuery,
-        challenge: storedChallenge,
-        redirectUri: redirectUri,
+        challenge: challenge,
+        redirectUri: openId4VpRedirectUri,
+        walletProviderId: (_a = openid4vpConfiguration === null || openid4vpConfiguration === void 0 ? void 0 : openid4vpConfiguration.walletProviderId) !== null && _a !== void 0 ? _a : undefined,
         apiBaseUrl: apiBaseUrl,
         applicationId: applicationId,
-        walletProviderId: walletProviderId
+        dcApiSupported: dcApiSupported
     });
     if (createSessionResult.isErr()) {
         return neverthrow.err({
             type: exports.RequestCredentialsErrorType.RequestCredentialsFailed,
-            message: SameDeviceRequestCredentialsErrorMessage.FailedToCreateSession,
+            message: RequestCredentialsErrorMessage.FailedToCreateSession,
             cause: createSessionResult.error
         });
     }
-    const {sessionUrl: sessionUrl, sessionId: sessionId} = createSessionResult.value;
-    window.localStorage.setItem(LocalStorageKey.sessionId, sessionId);
-    window.location.assign(sessionUrl);
-    return neverthrow.ok({
+    const session = createSessionResult.value;
+    const {sessionKey: sessionKey, sessionId: sessionId} = session;
+    if (session.type === SessionType.DigitalCredentialsApi) {
+        const {request: request, sessionTtl: sessionTtl} = session;
+        return await requestCredentialsWithDigitalCredentialsApi({
+            apiBaseUrl: apiBaseUrl,
+            request: request,
+            sessionId: sessionId,
+            sessionKey: sessionKey,
+            challenge: challenge,
+            sessionTtl: sessionTtl
+        });
+    }
+    if (!openid4vpConfiguration) {
+        return neverthrow.err({
+            type: exports.RequestCredentialsErrorType.RequestCredentialsFailed,
+            message: RequestCredentialsErrorMessage.MissingOpenId4vpConfig
+        });
+    }
+    const {sessionUrl: sessionUrl} = session;
+    if (openId4VpRedirectUri) {
+        return await requestCredentialsSameDevice({
+            challenge: challenge,
+            apiBaseUrl: apiBaseUrl,
+            applicationId: applicationId,
+            sessionUrl: sessionUrl,
+            sessionKey: sessionKey,
+            sessionId: sessionId
+        });
+    }
+    return await requestCredentialsWithCrossDevice({
+        challenge: challenge,
+        apiBaseUrl: apiBaseUrl,
+        sessionUrl: sessionUrl,
+        sessionKey: sessionKey,
         sessionId: sessionId
     });
 };
 
-const requestCredentials = async options => {
-    var _a;
-    const initialiseOptions = getInitialiseOptions();
-    if (!initialiseOptions) {
-        throw new Exception(InitialiseErrorMessage.SdkNotInitialised);
+const deriveOpenId4vpRedirectUri = openid4vpConfiguration => {
+    if (!openid4vpConfiguration) {
+        return undefined;
     }
-    assertType(RequestCredentialsOptionsValidator, "Invalid request credential options")(options);
-    const {challenge: challenge = generateChallenge()} = options;
-    const mode = (_a = options.mode) !== null && _a !== void 0 ? _a : isMobileDetect(navigator.userAgent) ? exports.Mode.sameDevice : exports.Mode.crossDevice;
-    if (mode === exports.Mode.sameDevice && "redirectUri" in options) {
-        return await requestCredentialsSameDevice(Object.assign(Object.assign({}, options), {
-            initialiseOptions: initialiseOptions,
-            challenge: challenge,
-            mode: mode
-        }));
+    let detectedMode;
+    if (openid4vpConfiguration && openid4vpConfiguration.mode) {
+        detectedMode = openid4vpConfiguration.mode;
+    } else {
+        detectedMode = isMobileDetect(navigator.userAgent) ? exports.Mode.SameDevice : exports.Mode.CrossDevice;
     }
-    if (mode === exports.Mode.crossDevice && "crossDeviceCallback" in options) {
-        return await requestCredentialsCrossDevice(Object.assign(Object.assign({}, options), {
-            initialiseOptions: initialiseOptions,
-            challenge: challenge,
-            mode: mode
-        }));
+    if (detectedMode === exports.Mode.SameDevice && !isType(OpenId4vpConfigCrossDeviceOptionsValidator)(openid4vpConfiguration) && openid4vpConfiguration.redirectUri) {
+        return openid4vpConfiguration.redirectUri;
     }
-    throw new Exception("Invalid request credential options", {
-        data: options
-    });
+    return undefined;
 };
 
 exports.HandleRedirectCallbackErrorType = void 0;
@@ -607,7 +996,7 @@ var HandleRedirectCallbackErrorMessage;
 (function(HandleRedirectCallbackErrorMessage) {
     HandleRedirectCallbackErrorMessage["FailedToFindResponseCode"] = "Failed to find response code";
     HandleRedirectCallbackErrorMessage["FailedToFindChallenge"] = "Failed to find challenge";
-    HandleRedirectCallbackErrorMessage["FailedToFindSessionId"] = "Failed to find sessionId";
+    HandleRedirectCallbackErrorMessage["FailedToFindActiveSession"] = "Failed to find active session";
     HandleRedirectCallbackErrorMessage["FailedToGetSessionResult"] = "Failed to get session result";
 })(HandleRedirectCallbackErrorMessage || (HandleRedirectCallbackErrorMessage = {}));
 
@@ -624,18 +1013,12 @@ const handleRedirectCallback = async () => {
             message: HandleRedirectCallbackErrorMessage.FailedToFindResponseCode
         });
     }
-    const challenge = window.localStorage.getItem(LocalStorageKey.challenge);
-    if (!challenge) {
-        return neverthrow.err({
-            type: exports.HandleRedirectCallbackErrorType.HandleRedirectCallbackFailed,
-            message: HandleRedirectCallbackErrorMessage.FailedToFindChallenge
-        });
-    }
     const sessionId = window.localStorage.getItem(LocalStorageKey.sessionId);
-    if (!sessionId) {
+    const challenge = window.localStorage.getItem(LocalStorageKey.challenge);
+    if (!sessionId || !challenge) {
         return neverthrow.err({
             type: exports.HandleRedirectCallbackErrorType.HandleRedirectCallbackFailed,
-            message: HandleRedirectCallbackErrorMessage.FailedToFindSessionId
+            message: HandleRedirectCallbackErrorMessage.FailedToFindActiveSession
         });
     }
     const result = await exchangeSessionResult({
@@ -652,20 +1035,25 @@ const handleRedirectCallback = async () => {
         });
     }
     return neverthrow.ok({
-        result: result.value,
+        result: "challenge" in result.value ? result.value : undefined,
         sessionId: result.value.sessionId
     });
 };
 
 const utils = {
     generateChallenge: generateChallenge,
+    getVersion: getVersion,
     unwrap: unwrap
 };
 
+exports.abortCredentialRequest = abortCredentialRequest;
+
 exports.handleRedirectCallback = handleRedirectCallback;
 
 exports.initialise = initialise;
 
+exports.isDigitalCredentialsApiSupported = isDigitalCredentialsApiSupported;
+
 exports.requestCredentials = requestCredentials;
 
 exports.utils = utils;