@meeco/svx-api-sdk 1.0.0-stage.20231211153548.58a6d84 → 1.0.0-stage.20231218095603.d71b65e

package/lib/types/models/VCClaimsDto.d.ts

@@ -0,0 +1,38 @@
+/**
+ * SVX API
+ * No description provided (generated by Openapi Generator https://github.com/openapitools/openapi-generator)
+ *
+ * The version of the OpenAPI document: 1.3.1
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+import type { VCCnfDto } from './VCCnfDto';
+/**
+ *
+ * @export
+ * @interface VCClaimsDto
+ */
+export interface VCClaimsDto {
+    /**
+     *
+     * @type {string}
+     * @memberof VCClaimsDto
+     */
+    id?: string;
+    /**
+     *
+     * @type {VCCnfDto}
+     * @memberof VCClaimsDto
+     */
+    cnf?: VCCnfDto;
+}
+/**
+ * Check if a given object implements the VCClaimsDto interface.
+ */
+export declare function instanceOfVCClaimsDto(value: object): boolean;
+export declare function VCClaimsDtoFromJSON(json: any): VCClaimsDto;
+export declare function VCClaimsDtoFromJSONTyped(json: any, ignoreDiscriminator: boolean): VCClaimsDto;
+export declare function VCClaimsDtoToJSON(value?: VCClaimsDto | null): any;

package/lib/types/models/VCCredentialVerificationResultResponseDto.d.ts

@@ -51,6 +51,7 @@ export declare const VCCredentialVerificationResultResponseDtoChecksEnum: {
     readonly Nonce: "nonce";
     readonly Schema: "schema";
     readonly RevocationStatus: "revocation_status";
+    readonly Constraints: "constraints";
 };
 export type VCCredentialVerificationResultResponseDtoChecksEnum = typeof VCCredentialVerificationResultResponseDtoChecksEnum[keyof typeof VCCredentialVerificationResultResponseDtoChecksEnum];
 /**

package/lib/types/models/VCFieldsDto.d.ts

@@ -9,6 +9,7 @@
  * https://openapi-generator.tech
  * Do not edit the class manually.
  */
+import type { VCFieldsDtoFilter } from './VCFieldsDtoFilter';
 /**
  *
  * @export
@@ -29,10 +30,10 @@ export interface VCFieldsDto {
     purpose?: string;
     /**
      *
-     * @type {object}
+     * @type {VCFieldsDtoFilter}
      * @memberof VCFieldsDto
      */
-    filter?: object;
+    filter?: VCFieldsDtoFilter;
 }
 /**
  * Check if a given object implements the VCFieldsDto interface.

package/lib/types/models/VCFieldsDtoFilter.d.ts

@@ -0,0 +1,43 @@
+/**
+ * SVX API
+ * No description provided (generated by Openapi Generator https://github.com/openapitools/openapi-generator)
+ *
+ * The version of the OpenAPI document: 1.3.1
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+/**
+ *
+ * @export
+ * @interface VCFieldsDtoFilter
+ */
+export interface VCFieldsDtoFilter {
+    /**
+     *
+     * @type {string}
+     * @memberof VCFieldsDtoFilter
+     */
+    type: string;
+    /**
+     * The const can be a number | string | boolean | object.However, since openapi-generator fails to generate correct SDK for swagger file using oneOf property, here it is described only as string
+     * @type {string}
+     * @memberof VCFieldsDtoFilter
+     */
+    _const?: string;
+    /**
+     *
+     * @type {string}
+     * @memberof VCFieldsDtoFilter
+     */
+    pattern?: string;
+}
+/**
+ * Check if a given object implements the VCFieldsDtoFilter interface.
+ */
+export declare function instanceOfVCFieldsDtoFilter(value: object): boolean;
+export declare function VCFieldsDtoFilterFromJSON(json: any): VCFieldsDtoFilter;
+export declare function VCFieldsDtoFilterFromJSONTyped(json: any, ignoreDiscriminator: boolean): VCFieldsDtoFilter;
+export declare function VCFieldsDtoFilterToJSON(value?: VCFieldsDtoFilter | null): any;

package/lib/types/models/VCFilterDto.d.ts

@@ -0,0 +1,43 @@
+/**
+ * SVX API
+ * No description provided (generated by Openapi Generator https://github.com/openapitools/openapi-generator)
+ *
+ * The version of the OpenAPI document: 1.3.1
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+/**
+ *
+ * @export
+ * @interface VCFilterDto
+ */
+export interface VCFilterDto {
+    /**
+     *
+     * @type {string}
+     * @memberof VCFilterDto
+     */
+    type: string;
+    /**
+     * The const can be a number | string | boolean | object.However, since openapi-generator fails to generate correct SDK for swagger file using oneOf property, here it is described only as string
+     * @type {string}
+     * @memberof VCFilterDto
+     */
+    _const?: string;
+    /**
+     *
+     * @type {string}
+     * @memberof VCFilterDto
+     */
+    pattern?: string;
+}
+/**
+ * Check if a given object implements the VCFilterDto interface.
+ */
+export declare function instanceOfVCFilterDto(value: object): boolean;
+export declare function VCFilterDtoFromJSON(json: any): VCFilterDto;
+export declare function VCFilterDtoFromJSONTyped(json: any, ignoreDiscriminator: boolean): VCFilterDto;
+export declare function VCFilterDtoToJSON(value?: VCFilterDto | null): any;

package/lib/types/models/VCGenerateCredentialDto.d.ts

@@ -9,7 +9,7 @@
  * https://openapi-generator.tech
  * Do not edit the class manually.
  */
-import type { VCGenerateCredentialDtoCnf } from './VCGenerateCredentialDtoCnf';
+import type { VCGenerateCredentialDtoClaims } from './VCGenerateCredentialDtoClaims';
 /**
  *
  * @export
@@ -30,10 +30,10 @@ export interface VCGenerateCredentialDto {
     issuer: object;
     /**
      *
-     * @type {object}
+     * @type {VCGenerateCredentialDtoClaims}
      * @memberof VCGenerateCredentialDto
      */
-    claims: object;
+    claims: VCGenerateCredentialDtoClaims;
     /**
      *
      * @type {boolean}
@@ -47,11 +47,11 @@ export interface VCGenerateCredentialDto {
      */
     expires_at?: Date;
     /**
-     *
-     * @type {VCGenerateCredentialDtoCnf}
+     * The type of the SD Verifiable Credential, The Type information Can be a string or an array of string.However, since openapi-generator fails to generate correct SDK for swagger file using oneOf property, here it is described only as string
+     * @type {string}
      * @memberof VCGenerateCredentialDto
      */
-    cnf?: VCGenerateCredentialDtoCnf;
+    type?: string;
 }
 /**
  * Check if a given object implements the VCGenerateCredentialDto interface.

package/lib/types/models/VCGenerateCredentialDtoClaims.d.ts

@@ -0,0 +1,39 @@
+/**
+ * SVX API
+ * No description provided (generated by Openapi Generator https://github.com/openapitools/openapi-generator)
+ *
+ * The version of the OpenAPI document: 1.3.1
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+import type { VCCnfDto } from './VCCnfDto';
+/**
+ *
+ * @export
+ * @interface VCGenerateCredentialDtoClaims
+ */
+export interface VCGenerateCredentialDtoClaims {
+    [key: string]: any | any;
+    /**
+     *
+     * @type {string}
+     * @memberof VCGenerateCredentialDtoClaims
+     */
+    id?: string;
+    /**
+     *
+     * @type {VCCnfDto}
+     * @memberof VCGenerateCredentialDtoClaims
+     */
+    cnf?: VCCnfDto;
+}
+/**
+ * Check if a given object implements the VCGenerateCredentialDtoClaims interface.
+ */
+export declare function instanceOfVCGenerateCredentialDtoClaims(value: object): boolean;
+export declare function VCGenerateCredentialDtoClaimsFromJSON(json: any): VCGenerateCredentialDtoClaims;
+export declare function VCGenerateCredentialDtoClaimsFromJSONTyped(json: any, ignoreDiscriminator: boolean): VCGenerateCredentialDtoClaims;
+export declare function VCGenerateCredentialDtoClaimsToJSON(value?: VCGenerateCredentialDtoClaims | null): any;

package/lib/types/models/VCIdTokenVerificationResultResponseDto.d.ts

@@ -45,6 +45,7 @@ export declare const VCIdTokenVerificationResultResponseDtoChecksEnum: {
     readonly Nonce: "nonce";
     readonly Schema: "schema";
     readonly RevocationStatus: "revocation_status";
+    readonly Constraints: "constraints";
 };
 export type VCIdTokenVerificationResultResponseDtoChecksEnum = typeof VCIdTokenVerificationResultResponseDtoChecksEnum[keyof typeof VCIdTokenVerificationResultResponseDtoChecksEnum];
 /**

package/lib/types/models/VCOldPresentationRequestResponseVerificationResultResponseDto.d.ts

@@ -45,6 +45,7 @@ export declare const VCOldPresentationRequestResponseVerificationResultResponseD
     readonly Nonce: "nonce";
     readonly Schema: "schema";
     readonly RevocationStatus: "revocation_status";
+    readonly Constraints: "constraints";
 };
 export type VCOldPresentationRequestResponseVerificationResultResponseDtoChecksEnum = typeof VCOldPresentationRequestResponseVerificationResultResponseDtoChecksEnum[keyof typeof VCOldPresentationRequestResponseVerificationResultResponseDtoChecksEnum];
 /**

package/lib/types/models/VCPresentationRequestResponseVerificationOptionsDto.d.ts

@@ -23,7 +23,7 @@ export interface VCPresentationRequestResponseVerificationOptionsDto {
      * @type {Array<string>}
      * @memberof VCPresentationRequestResponseVerificationOptionsDto
      */
-    checks?: VCPresentationRequestResponseVerificationOptionsDtoChecksEnum;
+    checks?: Array<VCPresentationRequestResponseVerificationOptionsDtoChecksEnum>;
     /**
      *
      * @type {VCRequestVerificationOptionsDto}
@@ -48,6 +48,7 @@ export interface VCPresentationRequestResponseVerificationOptionsDto {
  */
 export declare const VCPresentationRequestResponseVerificationOptionsDtoChecksEnum: {
     readonly Format: "format";
+    readonly Constraints: "constraints";
 };
 export type VCPresentationRequestResponseVerificationOptionsDtoChecksEnum = typeof VCPresentationRequestResponseVerificationOptionsDtoChecksEnum[keyof typeof VCPresentationRequestResponseVerificationOptionsDtoChecksEnum];
 /**

package/lib/types/models/VCPresentationRequestResponseVerificationResultResponseDto.d.ts

@@ -66,6 +66,7 @@ export declare const VCPresentationRequestResponseVerificationResultResponseDtoC
     readonly Nonce: "nonce";
     readonly Schema: "schema";
     readonly RevocationStatus: "revocation_status";
+    readonly Constraints: "constraints";
 };
 export type VCPresentationRequestResponseVerificationResultResponseDtoChecksEnum = typeof VCPresentationRequestResponseVerificationResultResponseDtoChecksEnum[keyof typeof VCPresentationRequestResponseVerificationResultResponseDtoChecksEnum];
 /**

package/lib/types/models/VCPresentationRequestUpdateVerificationResultRequestDto.d.ts

@@ -66,6 +66,7 @@ export declare const VCPresentationRequestUpdateVerificationResultRequestDtoChec
     readonly Nonce: "nonce";
     readonly Schema: "schema";
     readonly RevocationStatus: "revocation_status";
+    readonly Constraints: "constraints";
 };
 export type VCPresentationRequestUpdateVerificationResultRequestDtoChecksEnum = typeof VCPresentationRequestUpdateVerificationResultRequestDtoChecksEnum[keyof typeof VCPresentationRequestUpdateVerificationResultRequestDtoChecksEnum];
 /**

package/lib/types/models/VCPresentationRequestVerificationResultResponseDto.d.ts

@@ -51,6 +51,7 @@ export declare const VCPresentationRequestVerificationResultResponseDtoChecksEnu
     readonly Nonce: "nonce";
     readonly Schema: "schema";
     readonly RevocationStatus: "revocation_status";
+    readonly Constraints: "constraints";
 };
 export type VCPresentationRequestVerificationResultResponseDtoChecksEnum = typeof VCPresentationRequestVerificationResultResponseDtoChecksEnum[keyof typeof VCPresentationRequestVerificationResultResponseDtoChecksEnum];
 /**

package/lib/types/models/VCPresentationVerificationOptionsDto.d.ts

@@ -30,6 +30,7 @@ export declare const VCPresentationVerificationOptionsDtoChecksEnum: {
     readonly Signature: "signature";
     readonly Expiration: "expiration";
     readonly Nonce: "nonce";
+    readonly Constraints: "constraints";
 };
 export type VCPresentationVerificationOptionsDtoChecksEnum = typeof VCPresentationVerificationOptionsDtoChecksEnum[keyof typeof VCPresentationVerificationOptionsDtoChecksEnum];
 /**

package/lib/types/models/VCPresentationVerificationResultResponseDto.d.ts

@@ -52,6 +52,7 @@ export declare const VCPresentationVerificationResultResponseDtoChecksEnum: {
     readonly Nonce: "nonce";
     readonly Schema: "schema";
     readonly RevocationStatus: "revocation_status";
+    readonly Constraints: "constraints";
 };
 export type VCPresentationVerificationResultResponseDtoChecksEnum = typeof VCPresentationVerificationResultResponseDtoChecksEnum[keyof typeof VCPresentationVerificationResultResponseDtoChecksEnum];
 /**

package/lib/types/models/index.d.ts

@@ -246,6 +246,7 @@ export * from './ShreIntentListResponse';
 export * from './UpdateDelegationsRequest';
 export * from './VCApp';
 export * from './VCAppSignal';
+export * from './VCClaimsDto';
 export * from './VCCnfDto';
 export * from './VCComponent';
 export * from './VCConstraintsDto';
@@ -278,9 +279,11 @@ export * from './VCDatabase';
 export * from './VCErrorResponseDto';
 export * from './VCErrorsResponseDto';
 export * from './VCFieldsDto';
+export * from './VCFieldsDtoFilter';
+export * from './VCFilterDto';
 export * from './VCFormatDto';
 export * from './VCGenerateCredentialDto';
-export * from './VCGenerateCredentialDtoCnf';
+export * from './VCGenerateCredentialDtoClaims';
 export * from './VCGenerateCredentialPayloadDto';
 export * from './VCGeneratePresentationDto';
 export * from './VCGeneratePresentationPayloadDto';

package/lib/umd/apis/SharesApi.js

@@ -373,7 +373,7 @@ class SharesApi extends runtime.BaseAPI {
         });
     }
     /**
-     * Share your item with connected users.  Each share can be a share of all slots of the item, in that case `slot_id` is `NULL`, or it can be a share of just one slot. In this case `slot_id` references one of the slots of the item.  There are 3 users involved in each share:  * owner - the owner of the shared item * sender -  the user who shares data. Can be the owner or one of the recipients * recipient - the user who recieves the shared data.   Whether a non-owner may on-share a shared slot is defined in field `onsharing_permitted`.  Only the owner of the item can set `onsharing_permitted` to `true`. If `onsharing_permitted` is `false`, the recipient may on-share the item, but when that recipient creates an on-share, `onsharing_permitted` in that on-share is forced to be `false`. In other words, the depth of on-sharing in limited to 3:       OWNER ==> RECIPIENT AND SENDER ==>  RECIPIENT    Some shares require that the recipient accepts the terms of the share. Until the terms are not accepted the share DEK is hidden.   Data in slots is initially encrypted with the DEK in field `encrypted_dek`. The DEK in `encrypted_dek` is encrypted with the public key of the share recipient. When processing a share the client application is expected to decrypt the slot data and re-encrypt with the private DEK.  A public key of the recipient is needed to encrypt the share DEK. Updating all shares of the same item is performed by the owner in one go. In a situation when a share has been created by a recipient, not the owner, and there is no connection between the owner and the recipient, the owner has no access to a public key of the recipient. In order to address this problem when a share is created we also add fields `public_key` and `keypair_external_id` from the connection record between the recipient and the sender. `keypair_external_id` identifies the keypair that the public key belongs to.  When a recipient of a share on-shares the data with someone else, nothing prevents him/her to encrypt some other data instead of the original data. We need a way to enforce integrity of on-shares. We do this with help of HMAC - hash-based message authentication code obtained by running a cryptographic hash function over the data and a shared secret key.    Two fields in each slot are used for this purpose: * `encrypted_value_verification_key` - is a value verification key encrypted in the same way as the value itself: with the share DEK * `value_verification_hash` - the result of the HMAC function run on the slot value using `encrypted_value_verification_key`. `value_verification_hash` is stored as-is, unencrypted.   Only the owner of the data may send `encrypted_value_verification_key` when creating or updating the share. When other senders create a share, `encrypted_value_verification_key` must be `NULL`.  `value_verification_hash` may and should be sent by every sender, owner or not, because `value_verification_hash` must be re-encrypted with the share DEK for each share.  If the sender replaces `encrypted_value_verification_key` and/or the slot value, this will break the client-side verification against `encrypted_value_verification_key`. Field `encrypted_value` may be `NULL`. If `encrypted_value` is `NULL`, then `encrypted_value_verification_key` and `value_verification_hash` may also be `NULL`. If `encrypted_value` is present, then `encrypted_value_verification_key` and `value_verification_hash` are mandatory.
+     * Share your item with connected users.  Each share can be a share of all slots of the item, in that case `slot_id` is `NULL`, or it can be a share of just one slot. In this case `slot_id` references one of the slots of the item.  There are 3 users involved in each share:  * owner - the owner of the shared item * sender -  the user who shares data. Can be the owner or one of the recipients * recipient - the user who recieves the shared data.   Whether a non-owner may on-share a shared slot is defined in field `onsharing_permitted`.  Only the owner of the item can set `onsharing_permitted` to `true`. If `onsharing_permitted` is `false`, the recipient may on-share the item, but when that recipient creates an on-share, `onsharing_permitted` in that on-share is forced to be `false`. In other words, the depth of on-sharing in limited to 3:       OWNER ==> RECIPIENT AND SENDER ==>  RECIPIENT    Some shares require that the recipient accepts the terms of the share. Until the terms are not accepted the share DEK is hidden.   Data in slots is initially encrypted with the DEK in field `encrypted_dek`. The DEK in `encrypted_dek` is encrypted with the public key of the share recipient. When processing a share the client application is expected to decrypt the slot data and re-encrypt with the private DEK.  A public key of the recipient is needed to encrypt the share DEK. Updating all shares of the same item is performed by the owner in one go. In a situation when a share has been created by a recipient, not the owner, and there is no connection between the owner and the recipient, the owner has no access to a public key of the recipient. In order to address this problem when a share is created we also add fields `public_key` and `keypair_external_id` from the connection record between the recipient and the sender. `keypair_external_id` identifies the keypair that the public key belongs to.  When a recipient of a share on-shares the data with someone else, nothing prevents him/her to encrypt some other data instead of the original data. We need a way to enforce integrity of on-shares. We do this with help of HMAC - hash-based message authentication code obtained by running a cryptographic hash function over the data and a shared secret key.    Two fields in each slot are used for this purpose: * `encrypted_value_verification_key` - is a value verification key encrypted in the same way as the value itself: with the share DEK * `value_verification_hash` - the result of the HMAC function run on the slot value using `encrypted_value_verification_key`. `value_verification_hash` is stored as-is, unencrypted.   Only the owner of the data may send `value_verification_hash` when creating or updating the share. When other senders create a share, `value_verification_hash` must be `NULL`.  `encrypted_value_verification_key` may and should be sent by every sender, owner or not, because `encrypted_value_verification_key` must be re-encrypted with the share DEK for each share.  If the sender replaces `encrypted_value_verification_key` and/or the slot value, this will break the client-side verification against `encrypted_value_verification_key`. Field `encrypted_value` may be `NULL`. If `encrypted_value` is `NULL`, then `encrypted_value_verification_key` and `value_verification_hash` may also be `NULL`. If `encrypted_value` is present, then `encrypted_value_verification_key` and `value_verification_hash` are mandatory.
      * Share your item with connected users
      */
     itemsIdSharesPostRaw(requestParameters, initOverrides) {
@@ -408,7 +408,7 @@ class SharesApi extends runtime.BaseAPI {
         });
     }
     /**
-     * Share your item with connected users.  Each share can be a share of all slots of the item, in that case `slot_id` is `NULL`, or it can be a share of just one slot. In this case `slot_id` references one of the slots of the item.  There are 3 users involved in each share:  * owner - the owner of the shared item * sender -  the user who shares data. Can be the owner or one of the recipients * recipient - the user who recieves the shared data.   Whether a non-owner may on-share a shared slot is defined in field `onsharing_permitted`.  Only the owner of the item can set `onsharing_permitted` to `true`. If `onsharing_permitted` is `false`, the recipient may on-share the item, but when that recipient creates an on-share, `onsharing_permitted` in that on-share is forced to be `false`. In other words, the depth of on-sharing in limited to 3:       OWNER ==> RECIPIENT AND SENDER ==>  RECIPIENT    Some shares require that the recipient accepts the terms of the share. Until the terms are not accepted the share DEK is hidden.   Data in slots is initially encrypted with the DEK in field `encrypted_dek`. The DEK in `encrypted_dek` is encrypted with the public key of the share recipient. When processing a share the client application is expected to decrypt the slot data and re-encrypt with the private DEK.  A public key of the recipient is needed to encrypt the share DEK. Updating all shares of the same item is performed by the owner in one go. In a situation when a share has been created by a recipient, not the owner, and there is no connection between the owner and the recipient, the owner has no access to a public key of the recipient. In order to address this problem when a share is created we also add fields `public_key` and `keypair_external_id` from the connection record between the recipient and the sender. `keypair_external_id` identifies the keypair that the public key belongs to.  When a recipient of a share on-shares the data with someone else, nothing prevents him/her to encrypt some other data instead of the original data. We need a way to enforce integrity of on-shares. We do this with help of HMAC - hash-based message authentication code obtained by running a cryptographic hash function over the data and a shared secret key.    Two fields in each slot are used for this purpose: * `encrypted_value_verification_key` - is a value verification key encrypted in the same way as the value itself: with the share DEK * `value_verification_hash` - the result of the HMAC function run on the slot value using `encrypted_value_verification_key`. `value_verification_hash` is stored as-is, unencrypted.   Only the owner of the data may send `encrypted_value_verification_key` when creating or updating the share. When other senders create a share, `encrypted_value_verification_key` must be `NULL`.  `value_verification_hash` may and should be sent by every sender, owner or not, because `value_verification_hash` must be re-encrypted with the share DEK for each share.  If the sender replaces `encrypted_value_verification_key` and/or the slot value, this will break the client-side verification against `encrypted_value_verification_key`. Field `encrypted_value` may be `NULL`. If `encrypted_value` is `NULL`, then `encrypted_value_verification_key` and `value_verification_hash` may also be `NULL`. If `encrypted_value` is present, then `encrypted_value_verification_key` and `value_verification_hash` are mandatory.
+     * Share your item with connected users.  Each share can be a share of all slots of the item, in that case `slot_id` is `NULL`, or it can be a share of just one slot. In this case `slot_id` references one of the slots of the item.  There are 3 users involved in each share:  * owner - the owner of the shared item * sender -  the user who shares data. Can be the owner or one of the recipients * recipient - the user who recieves the shared data.   Whether a non-owner may on-share a shared slot is defined in field `onsharing_permitted`.  Only the owner of the item can set `onsharing_permitted` to `true`. If `onsharing_permitted` is `false`, the recipient may on-share the item, but when that recipient creates an on-share, `onsharing_permitted` in that on-share is forced to be `false`. In other words, the depth of on-sharing in limited to 3:       OWNER ==> RECIPIENT AND SENDER ==>  RECIPIENT    Some shares require that the recipient accepts the terms of the share. Until the terms are not accepted the share DEK is hidden.   Data in slots is initially encrypted with the DEK in field `encrypted_dek`. The DEK in `encrypted_dek` is encrypted with the public key of the share recipient. When processing a share the client application is expected to decrypt the slot data and re-encrypt with the private DEK.  A public key of the recipient is needed to encrypt the share DEK. Updating all shares of the same item is performed by the owner in one go. In a situation when a share has been created by a recipient, not the owner, and there is no connection between the owner and the recipient, the owner has no access to a public key of the recipient. In order to address this problem when a share is created we also add fields `public_key` and `keypair_external_id` from the connection record between the recipient and the sender. `keypair_external_id` identifies the keypair that the public key belongs to.  When a recipient of a share on-shares the data with someone else, nothing prevents him/her to encrypt some other data instead of the original data. We need a way to enforce integrity of on-shares. We do this with help of HMAC - hash-based message authentication code obtained by running a cryptographic hash function over the data and a shared secret key.    Two fields in each slot are used for this purpose: * `encrypted_value_verification_key` - is a value verification key encrypted in the same way as the value itself: with the share DEK * `value_verification_hash` - the result of the HMAC function run on the slot value using `encrypted_value_verification_key`. `value_verification_hash` is stored as-is, unencrypted.   Only the owner of the data may send `value_verification_hash` when creating or updating the share. When other senders create a share, `value_verification_hash` must be `NULL`.  `encrypted_value_verification_key` may and should be sent by every sender, owner or not, because `encrypted_value_verification_key` must be re-encrypted with the share DEK for each share.  If the sender replaces `encrypted_value_verification_key` and/or the slot value, this will break the client-side verification against `encrypted_value_verification_key`. Field `encrypted_value` may be `NULL`. If `encrypted_value` is `NULL`, then `encrypted_value_verification_key` and `value_verification_hash` may also be `NULL`. If `encrypted_value` is present, then `encrypted_value_verification_key` and `value_verification_hash` are mandatory.
      * Share your item with connected users
      */
     itemsIdSharesPost(id, meecoDelegationId, meecoOrganisationId, postItemSharesRequest, initOverrides) {
@@ -418,7 +418,7 @@ class SharesApi extends runtime.BaseAPI {
         });
     }
     /**
-     * Updating all shares of one item is done by the item owner in one go.  Before calling this endpoint the client application is expected to retrieve the list of shares IDs and public keys via `GET /items/{id}/shares`.  The POST body of this endpoint contains  * a list of share DEKs encrypted with public keys of share recipients * a list of slot values for each slot and each share, each encrypted with the DEK of the share that the slot belongs to  * Optionally: a list of completed `ClientTask` tasks  When a recipient of a share on-shares the data with someone else, nothing prevents him/her to encrypt some other data instead of the original data. We need a way to enforce integrity of on-shares. We do this with help of HMAC - hash-based message authentication code obtained by running a cryptographic hash function over the data and a shared secret key.    Two fields in each slot are used for this purpose: * `encrypted_value_verification_key` - is a value verification key encrypted in the same way as the value itself: with the share DEK * `value_verification_hash` - the result of the HMAC function run on the slot value using `encrypted_value_verification_key`. `value_verification_hash` is stored as-is, unencrypted.   Only the owner of the data may send `encrypted_value_verification_key` when creating or updating the share. When other senders create a share, `encrypted_value_verification_key` must be `NULL`.  `value_verification_hash` may and should be sent by every sender, owner or not, because `value_verification_hash` must be re-encrypted with the share DEK for each share.  If the sender replaces `encrypted_value_verification_key` and/or the slot value, this will break the client-side verification against `encrypted_value_verification_key`.  Field `encrypted_value` may be `NULL`. If `encrypted_value` is `NULL`, then `encrypted_value_verification_key` and `value_verification_hash` may also be `NULL`. If `encrypted_value` is present, then `encrypted_value_verification_key` and `value_verification_hash` are mandatory.
+     * Updating all shares of one item is done by the item owner in one go.  Before calling this endpoint the client application is expected to retrieve the list of shares IDs and public keys via `GET /items/{id}/shares`.  The POST body of this endpoint contains  * a list of share DEKs encrypted with public keys of share recipients * a list of slot values for each slot and each share, each encrypted with the DEK of the share that the slot belongs to  * Optionally: a list of completed `ClientTask` tasks  When a recipient of a share on-shares the data with someone else, nothing prevents him/her to encrypt some other data instead of the original data. We need a way to enforce integrity of on-shares. We do this with help of HMAC - hash-based message authentication code obtained by running a cryptographic hash function over the data and a shared secret key.    Two fields in each slot are used for this purpose: * `encrypted_value_verification_key` - is a value verification key encrypted in the same way as the value itself: with the share DEK * `value_verification_hash` - the result of the HMAC function run on the slot value using `encrypted_value_verification_key`. `value_verification_hash` is stored as-is, unencrypted.   Only the owner of the data may send `value_verification_hash` when creating or updating the share. When other senders create a share, `value_verification_hash` must be `NULL`.  `encrypted_value_verification_key` may and should be sent by every sender, owner or not, because `encrypted_value_verification_key` must be re-encrypted with the share DEK for each share.  If the sender replaces `encrypted_value_verification_key` and/or the slot value, this will break the client-side verification against `encrypted_value_verification_key`.  Field `encrypted_value` may be `NULL`. If `encrypted_value` is `NULL`, then `encrypted_value_verification_key` and `value_verification_hash` may also be `NULL`. If `encrypted_value` is present, then `encrypted_value_verification_key` and `value_verification_hash` are mandatory.
      * Update all shares of one item
      */
     itemsIdSharesPutRaw(requestParameters, initOverrides) {
@@ -453,7 +453,7 @@ class SharesApi extends runtime.BaseAPI {
         });
     }
     /**
-     * Updating all shares of one item is done by the item owner in one go.  Before calling this endpoint the client application is expected to retrieve the list of shares IDs and public keys via `GET /items/{id}/shares`.  The POST body of this endpoint contains  * a list of share DEKs encrypted with public keys of share recipients * a list of slot values for each slot and each share, each encrypted with the DEK of the share that the slot belongs to  * Optionally: a list of completed `ClientTask` tasks  When a recipient of a share on-shares the data with someone else, nothing prevents him/her to encrypt some other data instead of the original data. We need a way to enforce integrity of on-shares. We do this with help of HMAC - hash-based message authentication code obtained by running a cryptographic hash function over the data and a shared secret key.    Two fields in each slot are used for this purpose: * `encrypted_value_verification_key` - is a value verification key encrypted in the same way as the value itself: with the share DEK * `value_verification_hash` - the result of the HMAC function run on the slot value using `encrypted_value_verification_key`. `value_verification_hash` is stored as-is, unencrypted.   Only the owner of the data may send `encrypted_value_verification_key` when creating or updating the share. When other senders create a share, `encrypted_value_verification_key` must be `NULL`.  `value_verification_hash` may and should be sent by every sender, owner or not, because `value_verification_hash` must be re-encrypted with the share DEK for each share.  If the sender replaces `encrypted_value_verification_key` and/or the slot value, this will break the client-side verification against `encrypted_value_verification_key`.  Field `encrypted_value` may be `NULL`. If `encrypted_value` is `NULL`, then `encrypted_value_verification_key` and `value_verification_hash` may also be `NULL`. If `encrypted_value` is present, then `encrypted_value_verification_key` and `value_verification_hash` are mandatory.
+     * Updating all shares of one item is done by the item owner in one go.  Before calling this endpoint the client application is expected to retrieve the list of shares IDs and public keys via `GET /items/{id}/shares`.  The POST body of this endpoint contains  * a list of share DEKs encrypted with public keys of share recipients * a list of slot values for each slot and each share, each encrypted with the DEK of the share that the slot belongs to  * Optionally: a list of completed `ClientTask` tasks  When a recipient of a share on-shares the data with someone else, nothing prevents him/her to encrypt some other data instead of the original data. We need a way to enforce integrity of on-shares. We do this with help of HMAC - hash-based message authentication code obtained by running a cryptographic hash function over the data and a shared secret key.    Two fields in each slot are used for this purpose: * `encrypted_value_verification_key` - is a value verification key encrypted in the same way as the value itself: with the share DEK * `value_verification_hash` - the result of the HMAC function run on the slot value using `encrypted_value_verification_key`. `value_verification_hash` is stored as-is, unencrypted.   Only the owner of the data may send `value_verification_hash` when creating or updating the share. When other senders create a share, `value_verification_hash` must be `NULL`.  `encrypted_value_verification_key` may and should be sent by every sender, owner or not, because `encrypted_value_verification_key` must be re-encrypted with the share DEK for each share.  If the sender replaces `encrypted_value_verification_key` and/or the slot value, this will break the client-side verification against `encrypted_value_verification_key`.  Field `encrypted_value` may be `NULL`. If `encrypted_value` is `NULL`, then `encrypted_value_verification_key` and `value_verification_hash` may also be `NULL`. If `encrypted_value` is present, then `encrypted_value_verification_key` and `value_verification_hash` are mandatory.
      * Update all shares of one item
      */
     itemsIdSharesPut(id, meecoDelegationId, meecoOrganisationId, putItemSharesRequest, initOverrides) {

package/lib/umd/apis/VerifiableCredentialsApi.js

@@ -330,7 +330,7 @@ class VerifiableCredentialsApi extends runtime.BaseAPI {
         });
     }
     /**
-     * <h4>Requires the following security rights:</h4><ul><li><code>vc:org:manage</code></li></ul><br /><hr /><p>Generates unsigned verifiable credential token in JWT format. Client is expected to sign it with a private key.</p><hr /><p>An example of how credential signing in Javascript:</p><pre><code>import { generateKeyPairFromSeed } from \'@stablelib/ed25519\'; <br />import { EdDSASigner, hexToBytes } from \'did-jwt\'; <br /><br />const key = generateKeyPairFromSeed(hexToBytes(SECRET_HEX)); <br />const signerFn = EdDSASigner(key.secretKey); <br /><br />const signature = await signerFn(unsignedJwt); <br />const vcJwt = [unsignedJwt, signature].join(\'.\');</code></pre><hr /><br /><h4>Issuer property caveat</h4><p>We use <b>openapi-generator</b> to generate Typescript SDK for the given API swagger definition. However, <b>openapi-generator</b> does not support <b>oneOf</b> configuration properly and generates an invalid Typescript SDK. To avoid the problem, swagger defines <b>issuer</b> property only as string for the moment. While in fact, endpoint accepts issuer as an object in format of <code>{id: string; name: string;}</code> as well.</p>
+     * <h4>Requires the following security rights:</h4><ul><li><code>vc:org:manage</code></li></ul><br /><hr /><p>Generates unsigned verifiable credential token in JWT format. Client is expected to sign it with a private key.</p><hr /><p>An example of how credential signing in Javascript:</p><pre><code>import { generateKeyPairFromSeed } from \'@stablelib/ed25519\'; <br />import { EdDSASigner, hexToBytes } from \'did-jwt\'; <br /><br />const key = generateKeyPairFromSeed(hexToBytes(SECRET_HEX)); <br />const signerFn = EdDSASigner(key.secretKey); <br /><br />const signature = await signerFn(unsignedJwt); <br />const vcJwt = [unsignedJwt, signature].join(\'.\');</code></pre><hr /><br /><h4>Issuer property caveat</h4><p>We use <b>openapi-generator</b> to generate Typescript SDK for the given API swagger definition. However, <b>openapi-generator</b> does not support <b>oneOf</b> configuration properly and generates an invalid Typescript SDK. To avoid the problem, swagger defines <b>issuer</b> property only as string for the moment. While in fact, endpoint accepts issuer as an object in format of <code>{id: string; name: string;}</code> as well.</p><br /><h4>Type property caveat</h4><p> <code>Type</code> is required for <code>vc+sd-jwt</code> format and must be a string <br /> however, endpoint accepts <code>Type</code> as an Array of string for <code>JWT VC</code> in format of <code>[\"VerifiableCredential\", \"AlumniCredential\"]</code> as well. <br /></p>
      * Generate credential based on type and claims provided
      */
     credentialsGeneratePostRaw(requestParameters, initOverrides) {
@@ -368,7 +368,7 @@ class VerifiableCredentialsApi extends runtime.BaseAPI {
         });
     }
     /**
-     * <h4>Requires the following security rights:</h4><ul><li><code>vc:org:manage</code></li></ul><br /><hr /><p>Generates unsigned verifiable credential token in JWT format. Client is expected to sign it with a private key.</p><hr /><p>An example of how credential signing in Javascript:</p><pre><code>import { generateKeyPairFromSeed } from \'@stablelib/ed25519\'; <br />import { EdDSASigner, hexToBytes } from \'did-jwt\'; <br /><br />const key = generateKeyPairFromSeed(hexToBytes(SECRET_HEX)); <br />const signerFn = EdDSASigner(key.secretKey); <br /><br />const signature = await signerFn(unsignedJwt); <br />const vcJwt = [unsignedJwt, signature].join(\'.\');</code></pre><hr /><br /><h4>Issuer property caveat</h4><p>We use <b>openapi-generator</b> to generate Typescript SDK for the given API swagger definition. However, <b>openapi-generator</b> does not support <b>oneOf</b> configuration properly and generates an invalid Typescript SDK. To avoid the problem, swagger defines <b>issuer</b> property only as string for the moment. While in fact, endpoint accepts issuer as an object in format of <code>{id: string; name: string;}</code> as well.</p>
+     * <h4>Requires the following security rights:</h4><ul><li><code>vc:org:manage</code></li></ul><br /><hr /><p>Generates unsigned verifiable credential token in JWT format. Client is expected to sign it with a private key.</p><hr /><p>An example of how credential signing in Javascript:</p><pre><code>import { generateKeyPairFromSeed } from \'@stablelib/ed25519\'; <br />import { EdDSASigner, hexToBytes } from \'did-jwt\'; <br /><br />const key = generateKeyPairFromSeed(hexToBytes(SECRET_HEX)); <br />const signerFn = EdDSASigner(key.secretKey); <br /><br />const signature = await signerFn(unsignedJwt); <br />const vcJwt = [unsignedJwt, signature].join(\'.\');</code></pre><hr /><br /><h4>Issuer property caveat</h4><p>We use <b>openapi-generator</b> to generate Typescript SDK for the given API swagger definition. However, <b>openapi-generator</b> does not support <b>oneOf</b> configuration properly and generates an invalid Typescript SDK. To avoid the problem, swagger defines <b>issuer</b> property only as string for the moment. While in fact, endpoint accepts issuer as an object in format of <code>{id: string; name: string;}</code> as well.</p><br /><h4>Type property caveat</h4><p> <code>Type</code> is required for <code>vc+sd-jwt</code> format and must be a string <br /> however, endpoint accepts <code>Type</code> as an Array of string for <code>JWT VC</code> in format of <code>[\"VerifiableCredential\", \"AlumniCredential\"]</code> as well. <br /></p>
      * Generate credential based on type and claims provided
      */
     credentialsGeneratePost(meecoOrganisationID, vCGenerateCredentialPayloadDto, accept, initOverrides) {

package/lib/umd/models/VCClaimsDto.js

@@ -0,0 +1,53 @@
+"use strict";
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * SVX API
+ * No description provided (generated by Openapi Generator https://github.com/openapitools/openapi-generator)
+ *
+ * The version of the OpenAPI document: 1.3.1
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.VCClaimsDtoToJSON = exports.VCClaimsDtoFromJSONTyped = exports.VCClaimsDtoFromJSON = exports.instanceOfVCClaimsDto = void 0;
+const runtime_1 = require("../runtime");
+const VCCnfDto_1 = require("./VCCnfDto");
+/**
+ * Check if a given object implements the VCClaimsDto interface.
+ */
+function instanceOfVCClaimsDto(value) {
+    let isInstance = true;
+    return isInstance;
+}
+exports.instanceOfVCClaimsDto = instanceOfVCClaimsDto;
+function VCClaimsDtoFromJSON(json) {
+    return VCClaimsDtoFromJSONTyped(json, false);
+}
+exports.VCClaimsDtoFromJSON = VCClaimsDtoFromJSON;
+function VCClaimsDtoFromJSONTyped(json, ignoreDiscriminator) {
+    if ((json === undefined) || (json === null)) {
+        return json;
+    }
+    return {
+        'id': !(0, runtime_1.exists)(json, 'id') ? undefined : json['id'],
+        'cnf': !(0, runtime_1.exists)(json, 'cnf') ? undefined : (0, VCCnfDto_1.VCCnfDtoFromJSON)(json['cnf']),
+    };
+}
+exports.VCClaimsDtoFromJSONTyped = VCClaimsDtoFromJSONTyped;
+function VCClaimsDtoToJSON(value) {
+    if (value === undefined) {
+        return undefined;
+    }
+    if (value === null) {
+        return null;
+    }
+    return {
+        'id': value.id,
+        'cnf': (0, VCCnfDto_1.VCCnfDtoToJSON)(value.cnf),
+    };
+}
+exports.VCClaimsDtoToJSON = VCClaimsDtoToJSON;

package/lib/umd/models/VCCredentialVerificationResultResponseDto.js

@@ -24,7 +24,8 @@ exports.VCCredentialVerificationResultResponseDtoChecksEnum = {
     Expiration: 'expiration',
     Nonce: 'nonce',
     Schema: 'schema',
-    RevocationStatus: 'revocation_status'
+    RevocationStatus: 'revocation_status',
+    Constraints: 'constraints'
 };
 /**
  * Check if a given object implements the VCCredentialVerificationResultResponseDto interface.

package/lib/umd/models/VCFieldsDto.js

@@ -15,6 +15,7 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.VCFieldsDtoToJSON = exports.VCFieldsDtoFromJSONTyped = exports.VCFieldsDtoFromJSON = exports.instanceOfVCFieldsDto = void 0;
 const runtime_1 = require("../runtime");
+const VCFieldsDtoFilter_1 = require("./VCFieldsDtoFilter");
 /**
  * Check if a given object implements the VCFieldsDto interface.
  */
@@ -35,7 +36,7 @@ function VCFieldsDtoFromJSONTyped(json, ignoreDiscriminator) {
     return {
         'path': json['path'],
         'purpose': !(0, runtime_1.exists)(json, 'purpose') ? undefined : json['purpose'],
-        'filter': !(0, runtime_1.exists)(json, 'filter') ? undefined : json['filter'],
+        'filter': !(0, runtime_1.exists)(json, 'filter') ? undefined : (0, VCFieldsDtoFilter_1.VCFieldsDtoFilterFromJSON)(json['filter']),
     };
 }
 exports.VCFieldsDtoFromJSONTyped = VCFieldsDtoFromJSONTyped;
@@ -49,7 +50,7 @@ function VCFieldsDtoToJSON(value) {
     return {
         'path': value.path,
         'purpose': value.purpose,
-        'filter': value.filter,
+        'filter': (0, VCFieldsDtoFilter_1.VCFieldsDtoFilterToJSON)(value.filter),
     };
 }
 exports.VCFieldsDtoToJSON = VCFieldsDtoToJSON;

package/lib/umd/models/VCFieldsDtoFilter.js

@@ -0,0 +1,55 @@
+"use strict";
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * SVX API
+ * No description provided (generated by Openapi Generator https://github.com/openapitools/openapi-generator)
+ *
+ * The version of the OpenAPI document: 1.3.1
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.VCFieldsDtoFilterToJSON = exports.VCFieldsDtoFilterFromJSONTyped = exports.VCFieldsDtoFilterFromJSON = exports.instanceOfVCFieldsDtoFilter = void 0;
+const runtime_1 = require("../runtime");
+/**
+ * Check if a given object implements the VCFieldsDtoFilter interface.
+ */
+function instanceOfVCFieldsDtoFilter(value) {
+    let isInstance = true;
+    isInstance = isInstance && "type" in value;
+    return isInstance;
+}
+exports.instanceOfVCFieldsDtoFilter = instanceOfVCFieldsDtoFilter;
+function VCFieldsDtoFilterFromJSON(json) {
+    return VCFieldsDtoFilterFromJSONTyped(json, false);
+}
+exports.VCFieldsDtoFilterFromJSON = VCFieldsDtoFilterFromJSON;
+function VCFieldsDtoFilterFromJSONTyped(json, ignoreDiscriminator) {
+    if ((json === undefined) || (json === null)) {
+        return json;
+    }
+    return {
+        'type': json['type'],
+        '_const': !(0, runtime_1.exists)(json, 'const') ? undefined : json['const'],
+        'pattern': !(0, runtime_1.exists)(json, 'pattern') ? undefined : json['pattern'],
+    };
+}
+exports.VCFieldsDtoFilterFromJSONTyped = VCFieldsDtoFilterFromJSONTyped;
+function VCFieldsDtoFilterToJSON(value) {
+    if (value === undefined) {
+        return undefined;
+    }
+    if (value === null) {
+        return null;
+    }
+    return {
+        'type': value.type,
+        'const': value._const,
+        'pattern': value.pattern,
+    };
+}
+exports.VCFieldsDtoFilterToJSON = VCFieldsDtoFilterToJSON;