@nmshd/consumption 7.4.0 → 7.5.0-openid4vc.1

package/dist/modules/openid4vc/local/Holder.js

@@ -0,0 +1,184 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Holder = void 0;
+const core_1 = require("@credo-ts/core");
+const openid4vc_1 = require("@credo-ts/openid4vc");
+const content_1 = require("@nmshd/content");
+const BaseAgent_1 = require("./BaseAgent");
+const EnmeshedStorageService_1 = require("./EnmeshedStorageService");
+function getOpenIdHolderModules() {
+    return {
+        openid4vc: new openid4vc_1.OpenId4VcModule(),
+        x509: new core_1.X509Module({
+            getTrustedCertificatesForVerification: (_agentContext, { certificateChain, verification }) => {
+                // eslint-disable-next-line no-console
+                console.log(`dynamically trusting certificate ${certificateChain[0].getIssuerNameField("C")} for verification of ${verification.type}`);
+                return [certificateChain[0].toString("pem")];
+            }
+        })
+    };
+}
+class Holder extends BaseAgent_1.BaseAgent {
+    constructor(keyStorage, accountController, attributeController, fetchInstance) {
+        super(keyStorage, getOpenIdHolderModules(), accountController, attributeController, fetchInstance);
+        this.client = {
+            clientId: "wallet",
+            redirectUri: "http://localhost:3000/redirect"
+        };
+    }
+    async resolveCredentialOffer(credentialOffer) {
+        return await this.agent.openid4vc.holder.resolveCredentialOffer(credentialOffer);
+    }
+    async requestCredentials(resolvedCredentialOffer, credentialConfigurationIds, access) {
+        const tokenResponse = "accessToken" in access
+            ? {
+                accessToken: access.accessToken,
+                accessTokenResponse: {
+                    // eslint-disable-next-line @typescript-eslint/naming-convention
+                    access_token: access.accessToken,
+                    // eslint-disable-next-line @typescript-eslint/naming-convention
+                    token_type: "bearer"
+                }
+            }
+            : await this.agent.openid4vc.holder.requestToken({ resolvedCredentialOffer, txCode: access.pinCode });
+        const credentialResponse = await this.agent.openid4vc.holder.requestCredentials({
+            resolvedCredentialOffer,
+            credentialConfigurationIds: credentialConfigurationIds,
+            credentialBindingResolver: async ({ supportedDidMethods, supportsAllDidMethods, proofTypes }) => {
+                const key = await this.agent.kms.createKeyForSignatureAlgorithm({
+                    algorithm: proofTypes.jwt?.supportedSignatureAlgorithms[0] ?? "EdDSA"
+                });
+                const publicJwk = core_1.Kms.PublicJwk.fromPublicJwk(key.publicJwk);
+                if (supportsAllDidMethods || supportedDidMethods?.includes("did:key")) {
+                    await this.agent.dids.create({
+                        method: "key",
+                        options: {
+                            keyId: key.keyId
+                        }
+                    });
+                    const didKey = new core_1.DidKey(publicJwk);
+                    return {
+                        method: "did",
+                        didUrls: [`${didKey.did}#${didKey.publicJwk.fingerprint}`]
+                    };
+                }
+                if (supportedDidMethods?.includes("did:jwk")) {
+                    const didJwk = core_1.DidJwk.fromPublicJwk(publicJwk);
+                    await this.agent.dids.create({
+                        method: "jwk",
+                        options: {
+                            keyId: key.keyId
+                        }
+                    });
+                    return {
+                        method: "did",
+                        didUrls: [`${didJwk.did}#0`]
+                    };
+                }
+                // We fall back on jwk binding
+                return {
+                    method: "jwk",
+                    keys: [publicJwk]
+                };
+            },
+            ...tokenResponse
+        });
+        this.agent.config.logger.info("Credential response:", credentialResponse);
+        return credentialResponse.credentials;
+    }
+    async storeCredentials(credentialResponses) {
+        const storedCredentials = await Promise.all(credentialResponses.map((credentialResponse) => {
+            if (![core_1.ClaimFormat.SdJwtW3cVc, core_1.ClaimFormat.SdJwtDc, core_1.ClaimFormat.MsoMdoc].includes(credentialResponse.claimFormat)) {
+                throw new Error("Unsupported credential format");
+            }
+            const enmeshedStorageService = this.agent.dependencyManager.resolve(core_1.InjectionSymbols.StorageService);
+            return enmeshedStorageService.saveWithDisplay(this.agent.context, credentialResponse.encoded, credentialResponse.claimFormat, credentialResponse.displayInformation);
+        }));
+        this.agent.config.logger.info(`Stored credentials: ${JSON.stringify(storedCredentials)}`);
+        return storedCredentials;
+    }
+    async resolveAuthorizationRequest(request) {
+        const resolvedRequest = await this.agent.openid4vc.holder.resolveOpenId4VpAuthorizationRequest(request);
+        return resolvedRequest;
+    }
+    async acceptAuthorizationRequest(resolvedAuthorizationRequest, credential) {
+        if (!resolvedAuthorizationRequest.presentationExchange && !resolvedAuthorizationRequest.dcql) {
+            throw new Error("Missing presentation exchange or dcql on resolved authorization request");
+        }
+        const credentialContent = credential.content.value;
+        const credentialRecord = (0, EnmeshedStorageService_1.decodeRecord)(credentialContent.type, credentialContent.value);
+        let credentialForPex;
+        if (resolvedAuthorizationRequest.presentationExchange) {
+            const inputDescriptor = resolvedAuthorizationRequest.presentationExchange.credentialsForRequest.requirements[0].submissionEntry[0].inputDescriptorId;
+            credentialForPex = {
+                [inputDescriptor]: [
+                    {
+                        credentialRecord,
+                        claimFormat: credentialContent.type,
+                        disclosedPayload: {} // TODO: implement SD properly
+                    }
+                ]
+            };
+        }
+        let credentialForDcql;
+        if (resolvedAuthorizationRequest.dcql) {
+            const queryId = resolvedAuthorizationRequest.dcql.queryResult.credentials[0].id;
+            credentialForDcql = {
+                [queryId]: [
+                    {
+                        credentialRecord,
+                        claimFormat: credentialContent.type,
+                        disclosedPayload: {} // TODO: implement SD properly
+                    }
+                ]
+            };
+        }
+        const submissionResult = await this.agent.openid4vc.holder.acceptOpenId4VpAuthorizationRequest({
+            authorizationRequestPayload: resolvedAuthorizationRequest.authorizationRequestPayload,
+            presentationExchange: credentialForPex ? { credentials: credentialForPex } : undefined,
+            dcql: credentialForDcql ? { credentials: credentialForDcql } : undefined
+        });
+        return submissionResult.serverResponse;
+    }
+    // hacky solution because credo doesn't support credentials without key binding
+    // TODO: use credentials without key binding once supported
+    async createPresentationTokenContent(credential, nonce) {
+        if (credential.type !== core_1.ClaimFormat.SdJwtDc)
+            throw new Error("Only SD-JWT credentials are supported for token presentation");
+        const sdJwtVcApi = this.agent.dependencyManager.resolve(core_1.SdJwtVcApi);
+        const presentation = await sdJwtVcApi.present({
+            sdJwtVc: sdJwtVcApi.fromCompact(credential.value),
+            verifierMetadata: {
+                audience: "defaultPresentationAudience",
+                issuedAt: Date.now() / 1000,
+                nonce
+            }
+        });
+        return content_1.TokenContentVerifiablePresentation.from({
+            value: presentation,
+            type: credential.type,
+            displayInformation: credential.displayInformation
+        });
+    }
+    async verifyPresentationTokenContent(tokenContent, expectedNonce) {
+        if (tokenContent.type !== core_1.ClaimFormat.SdJwtDc)
+            throw new Error("Only SD-JWT credentials are supported for token presentation");
+        const sdJwtVcApi = this.agent.dependencyManager.resolve(core_1.SdJwtVcApi);
+        const verificationResult = await sdJwtVcApi.verify({
+            compactSdJwtVc: tokenContent.value,
+            keyBinding: {
+                audience: "defaultPresentationAudience",
+                nonce: expectedNonce
+            }
+        });
+        return { isValid: verificationResult.isValid, error: "error" in verificationResult ? verificationResult.error : undefined };
+    }
+    async exit() {
+        await this.shutdown();
+    }
+    async restart() {
+        await this.shutdown();
+    }
+}
+exports.Holder = Holder;
+//# sourceMappingURL=Holder.js.map

package/dist/modules/openid4vc/local/Holder.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"Holder.js","sourceRoot":"","sources":["../../../../src/modules/openid4vc/local/Holder.ts"],"names":[],"mappings":";;;AAAA,yCAawB;AACxB,mDAAwK;AACxK,4CAA0F;AAG1F,2CAAwC;AACxC,qEAAgF;AAIhF,SAAS,sBAAsB;IAC3B,OAAO;QACH,SAAS,EAAE,IAAI,2BAAe,EAAE;QAChC,IAAI,EAAE,IAAI,iBAAU,CAAC;YACjB,qCAAqC,EAAE,CAAC,aAAa,EAAE,EAAE,gBAAgB,EAAE,YAAY,EAAE,EAAE,EAAE;gBACzF,sCAAsC;gBACtC,OAAO,CAAC,GAAG,CAAC,oCAAoC,gBAAgB,CAAC,CAAC,CAAC,CAAC,kBAAkB,CAAC,GAAG,CAAC,wBAAwB,YAAY,CAAC,IAAI,EAAE,CAAC,CAAC;gBACxI,OAAO,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC;YACjD,CAAC;SACJ,CAAC;KACI,CAAC;AACf,CAAC;AAED,MAAa,MAAO,SAAQ,qBAAoD;IAM5E,YAAmB,UAAsB,EAAE,iBAAoC,EAAE,mBAAyC,EAAE,aAA2B;QACnJ,KAAK,CAAC,UAAU,EAAE,sBAAsB,EAAE,EAAE,iBAAiB,EAAE,mBAAmB,EAAE,aAAa,CAAC,CAAC;QANhG,WAAM,GAAG;YACZ,QAAQ,EAAE,QAAQ;YAClB,WAAW,EAAE,gCAAgC;SAChD,CAAC;IAIF,CAAC;IAEM,KAAK,CAAC,sBAAsB,CAAC,eAAuB;QACvD,OAAO,MAAM,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,MAAM,CAAC,sBAAsB,CAAC,eAAe,CAAC,CAAC;IACrF,CAAC;IAEM,KAAK,CAAC,kBAAkB,CAC3B,uBAA0D,EAC1D,0BAAoC,EACpC,MAAsD;QAEtD,MAAM,aAAa,GACf,aAAa,IAAI,MAAM;YACnB,CAAC,CAAC;gBACI,WAAW,EAAE,MAAM,CAAC,WAAW;gBAC/B,mBAAmB,EAAE;oBACjB,gEAAgE;oBAChE,YAAY,EAAE,MAAM,CAAC,WAAW;oBAChC,gEAAgE;oBAChE,UAAU,EAAE,QAAQ;iBACvB;aACJ;YACH,CAAC,CAAC,MAAM,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,MAAM,CAAC,YAAY,CAAC,EAAE,uBAAuB,EAAE,MAAM,EAAE,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC;QAE9G,MAAM,kBAAkB,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,MAAM,CAAC,kBAAkB,CAAC;YAC5E,uBAAuB;YACvB,0BAA0B,EAAE,0BAA0B;YACtD,yBAAyB,EAAE,KAAK,EAAE,EAAE,mBAAmB,EAAE,qBAAqB,EAAE,UAAU,EAAE,EAAE,EAAE;gBAC5F,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,8BAA8B,CAAC;oBAC5D,SAAS,EAAE,UAAU,CAAC,GAAG,EAAE,4BAA4B,CAAC,CAAC,CAAC,IAAI,OAAO;iBACxE,CAAC,CAAC;gBACH,MAAM,SAAS,GAAG,UAAG,CAAC,SAAS,CAAC,aAAa,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;gBAE7D,IAAI,qBAAqB,IAAI,mBAAmB,EAAE,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;oBACpE,MAAM,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,CAAsB;wBAC9C,MAAM,EAAE,KAAK;wBACb,OAAO,EAAE;4BACL,KAAK,EAAE,GAAG,CAAC,KAAK;yBACnB;qBACJ,CAAC,CAAC;oBACH,MAAM,MAAM,GAAG,IAAI,aAAM,CAAC,SAAS,CAAC,CAAC;oBAErC,OAAO;wBACH,MAAM,EAAE,KAAK;wBACb,OAAO,EAAE,CAAC,GAAG,MAAM,CAAC,GAAG,IAAI,MAAM,CAAC,SAAS,CAAC,WAAW,EAAE,CAAC;qBAC7D,CAAC;gBACN,CAAC;gBACD,IAAI,mBAAmB,EAAE,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;oBAC3C,MAAM,MAAM,GAAG,aAAM,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC;oBAC/C,MAAM,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,CAAsB;wBAC9C,MAAM,EAAE,KAAK;wBACb,OAAO,EAAE;4BACL,KAAK,EAAE,GAAG,CAAC,KAAK;yBACnB;qBACJ,CAAC,CAAC;oBAEH,OAAO;wBACH,MAAM,EAAE,KAAK;wBACb,OAAO,EAAE,CAAC,GAAG,MAAM,CAAC,GAAG,IAAI,CAAC;qBAC/B,CAAC;gBACN,CAAC;gBAED,8BAA8B;gBAC9B,OAAO;oBACH,MAAM,EAAE,KAAK;oBACb,IAAI,EAAE,CAAC,SAAS,CAAC;iBACpB,CAAC;YACN,CAAC;YACD,GAAG,aAAa;SACnB,CAAC,CAAC;QAEH,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,sBAAsB,EAAE,kBAAkB,CAAC,CAAC;QAE1E,OAAO,kBAAkB,CAAC,WAAW,CAAC;IAC1C,CAAC;IAEM,KAAK,CAAC,gBAAgB,CAAC,mBAAuD;QACjF,MAAM,iBAAiB,GAAG,MAAM,OAAO,CAAC,GAAG,CACvC,mBAAmB,CAAC,GAAG,CAAC,CAAC,kBAAkB,EAAE,EAAE;YAC3C,IAAI,CAAC,CAAC,kBAAW,CAAC,UAAU,EAAE,kBAAW,CAAC,OAAO,EAAE,kBAAW,CAAC,OAAO,CAAC,CAAC,QAAQ,CAAC,kBAAkB,CAAC,WAAW,CAAC,EAAE,CAAC;gBAC/G,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;YACrD,CAAC;YAED,MAAM,sBAAsB,GAAG,IAAI,CAAC,KAAK,CAAC,iBAAiB,CAAC,OAAO,CAAqC,uBAAgB,CAAC,cAAc,CAAC,CAAC;YAEzI,OAAO,sBAAsB,CAAC,eAAe,CACzC,IAAI,CAAC,KAAK,CAAC,OAAO,EAClB,kBAAkB,CAAC,OAAO,EAC1B,kBAAkB,CAAC,WAAW,EAC9B,kBAAkB,CAAC,kBAAkB,CACxC,CAAC;QACN,CAAC,CAAC,CACL,CAAC;QAEF,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,uBAAuB,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAC,EAAE,CAAC,CAAC;QAC1F,OAAO,iBAAiB,CAAC;IAC7B,CAAC;IAEM,KAAK,CAAC,2BAA2B,CAAC,OAAe;QACpD,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,MAAM,CAAC,oCAAoC,CAAC,OAAO,CAAC,CAAC;QACxG,OAAO,eAAe,CAAC;IAC3B,CAAC;IAEM,KAAK,CAAC,0BAA0B,CACnC,4BAAmE,EACnE,UAAgC;QAYhC,IAAI,CAAC,4BAA4B,CAAC,oBAAoB,IAAI,CAAC,4BAA4B,CAAC,IAAI,EAAE,CAAC;YAC3F,MAAM,IAAI,KAAK,CAAC,yEAAyE,CAAC,CAAC;QAC/F,CAAC;QAED,MAAM,iBAAiB,GAAG,UAAU,CAAC,OAAO,CAAC,KAA6B,CAAC;QAC3E,MAAM,gBAAgB,GAAG,IAAA,qCAAY,EAAC,iBAAiB,CAAC,IAAI,EAAE,iBAAiB,CAAC,KAAK,CAAC,CAAC;QAEvF,IAAI,gBAAgE,CAAC;QACrE,IAAI,4BAA4B,CAAC,oBAAoB,EAAE,CAAC;YACpD,MAAM,eAAe,GAAG,4BAA4B,CAAC,oBAAoB,CAAC,qBAAqB,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,iBAAiB,CAAC;YACrJ,gBAAgB,GAAG;gBACf,CAAC,eAAe,CAAC,EAAE;oBACf;wBACI,gBAAgB;wBAChB,WAAW,EAAE,iBAAiB,CAAC,IAAW;wBAC1C,gBAAgB,EAAE,EAAE,CAAC,8BAA8B;qBACtD;iBACJ;aACG,CAAC;QACb,CAAC;QAED,IAAI,iBAAwD,CAAC;QAC7D,IAAI,4BAA4B,CAAC,IAAI,EAAE,CAAC;YACpC,MAAM,OAAO,GAAG,4BAA4B,CAAC,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YAChF,iBAAiB,GAAG;gBAChB,CAAC,OAAO,CAAC,EAAE;oBACP;wBACI,gBAAgB;wBAChB,WAAW,EAAE,iBAAiB,CAAC,IAAW;wBAC1C,gBAAgB,EAAE,EAAE,CAAC,8BAA8B;qBACtD;iBACJ;aACG,CAAC;QACb,CAAC;QAED,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,MAAM,CAAC,mCAAmC,CAAC;YAC3F,2BAA2B,EAAE,4BAA4B,CAAC,2BAA2B;YACrF,oBAAoB,EAAE,gBAAgB,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,gBAAgB,EAAE,CAAC,CAAC,CAAC,SAAS;YACtF,IAAI,EAAE,iBAAiB,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,iBAAiB,EAAE,CAAC,CAAC,CAAC,SAAS;SAC3E,CAAC,CAAC;QACH,OAAO,gBAAgB,CAAC,cAAc,CAAC;IAC3C,CAAC;IAED,+EAA+E;IAC/E,2DAA2D;IACpD,KAAK,CAAC,8BAA8B,CAAC,UAAgC,EAAE,KAAa;QACvF,IAAI,UAAU,CAAC,IAAI,KAAK,kBAAW,CAAC,OAAO;YAAE,MAAM,IAAI,KAAK,CAAC,8DAA8D,CAAC,CAAC;QAE7H,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,iBAAiB,CAAC,OAAO,CAAC,iBAAU,CAAC,CAAC;QACpE,MAAM,YAAY,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC;YAC1C,OAAO,EAAE,UAAU,CAAC,WAAW,CAAC,UAAU,CAAC,KAAe,CAAC;YAC3D,gBAAgB,EAAE;gBACd,QAAQ,EAAE,6BAA6B;gBACvC,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI;gBAC3B,KAAK;aACR;SACJ,CAAC,CAAC;QAEH,OAAO,4CAAkC,CAAC,IAAI,CAAC;YAC3C,KAAK,EAAE,YAAY;YACnB,IAAI,EAAE,UAAU,CAAC,IAAI;YACrB,kBAAkB,EAAE,UAAU,CAAC,kBAAkB;SACpD,CAAC,CAAC;IACP,CAAC;IAEM,KAAK,CAAC,8BAA8B,CAAC,YAAgD,EAAE,aAAqB;QAC/G,IAAI,YAAY,CAAC,IAAI,KAAK,kBAAW,CAAC,OAAO;YAAE,MAAM,IAAI,KAAK,CAAC,8DAA8D,CAAC,CAAC;QAE/H,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,iBAAiB,CAAC,OAAO,CAAC,iBAAU,CAAC,CAAC;QACpE,MAAM,kBAAkB,GAAG,MAAM,UAAU,CAAC,MAAM,CAAC;YAC/C,cAAc,EAAE,YAAY,CAAC,KAAe;YAC5C,UAAU,EAAE;gBACR,QAAQ,EAAE,6BAA6B;gBACvC,KAAK,EAAE,aAAa;aACvB;SACJ,CAAC,CAAC;QAEH,OAAO,EAAE,OAAO,EAAE,kBAAkB,CAAC,OAAO,EAAE,KAAK,EAAE,OAAO,IAAI,kBAAkB,CAAC,CAAC,CAAC,kBAAkB,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC;IAChI,CAAC;IAEM,KAAK,CAAC,IAAI;QACb,MAAM,IAAI,CAAC,QAAQ,EAAE,CAAC;IAC1B,CAAC;IAEM,KAAK,CAAC,OAAO;QAChB,MAAM,IAAI,CAAC,QAAQ,EAAE,CAAC;IAC1B,CAAC;CACJ;AApND,wBAoNC"}

package/dist/modules/openid4vc/local/KeyStorage.d.ts

@@ -0,0 +1,12 @@
+import { ILogger } from "@js-soft/logging-abstractions";
+import { SynchronizedCollection } from "@nmshd/transport";
+export declare class KeyStorage {
+    private readonly collection;
+    private readonly logger;
+    constructor(collection: SynchronizedCollection, logger: ILogger);
+    hasKey(keyId: string): Promise<boolean>;
+    storeKey(keyId: string, keyData: any): Promise<void>;
+    getKey(keyId: string): Promise<any | undefined>;
+    deleteKey(keyId: string): Promise<void>;
+}
+//# sourceMappingURL=KeyStorage.d.ts.map

package/dist/modules/openid4vc/local/KeyStorage.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"KeyStorage.d.ts","sourceRoot":"","sources":["../../../../src/modules/openid4vc/local/KeyStorage.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,+BAA+B,CAAC;AAGxD,OAAO,EAA2C,sBAAsB,EAAE,MAAM,kBAAkB,CAAC;AAmBnG,qBAAa,UAAU;IAEf,OAAO,CAAC,QAAQ,CAAC,UAAU;IAC3B,OAAO,CAAC,QAAQ,CAAC,MAAM;gBADN,UAAU,EAAE,sBAAsB,EAClC,MAAM,EAAE,OAAO;IAGvB,MAAM,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAKvC,QAAQ,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC;IAUpD,MAAM,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,GAAG,GAAG,SAAS,CAAC;IAW/C,SAAS,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;CASvD"}

package/dist/modules/openid4vc/local/KeyStorage.js

@@ -0,0 +1,67 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.KeyStorage = void 0;
+const ts_serval_1 = require("@js-soft/ts-serval");
+const core_types_1 = require("@nmshd/core-types");
+const transport_1 = require("@nmshd/transport");
+const ts_simple_nameof_1 = require("ts-simple-nameof");
+class KeyStorageEntry extends transport_1.CoreSynchronizable {
+    constructor() {
+        super(...arguments);
+        this.technicalProperties = [(0, ts_simple_nameof_1.nameof)((r) => r.key)];
+    }
+    static from(entry) {
+        return this.fromAny(entry);
+    }
+}
+__decorate([
+    (0, ts_serval_1.serialize)({ any: true }),
+    (0, ts_serval_1.validate)(),
+    __metadata("design:type", Object)
+], KeyStorageEntry.prototype, "key", void 0);
+class KeyStorage {
+    constructor(collection, logger) {
+        this.collection = collection;
+        this.logger = logger;
+    }
+    async hasKey(keyId) {
+        const entry = await this.collection.read(keyId);
+        return !!entry;
+    }
+    async storeKey(keyId, keyData) {
+        const entry = await this.collection.read(keyId);
+        if (entry) {
+            this.logger.info(`Key with id ${keyId} already exists`);
+            return;
+        }
+        await this.collection.create(KeyStorageEntry.from({ id: core_types_1.CoreId.from(keyId), key: keyData }));
+    }
+    async getKey(keyId) {
+        const entry = await this.collection.read(keyId);
+        if (!entry) {
+            this.logger.warn(`Key with id ${keyId} not found`);
+            return undefined;
+        }
+        const parsed = KeyStorageEntry.from(entry);
+        return parsed.key;
+    }
+    async deleteKey(keyId) {
+        const entry = await this.collection.read(keyId);
+        if (!entry) {
+            this.logger.warn(`Key with id ${keyId} not found, cannot delete`);
+            return;
+        }
+        await this.collection.delete(KeyStorageEntry.from(entry));
+    }
+}
+exports.KeyStorage = KeyStorage;
+//# sourceMappingURL=KeyStorage.js.map

package/dist/modules/openid4vc/local/KeyStorage.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"KeyStorage.js","sourceRoot":"","sources":["../../../../src/modules/openid4vc/local/KeyStorage.ts"],"names":[],"mappings":";;;;;;;;;;;;AACA,kDAAyD;AACzD,kDAA2C;AAC3C,gDAAmG;AACnG,uDAA0C;AAM1C,MAAM,eAAgB,SAAQ,8BAAkB;IAAhD;;QACoB,wBAAmB,GAAa,CAAC,IAAA,yBAAM,EAAkB,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IAS5F,CAAC;IAHU,MAAM,CAAC,IAAI,CAAC,KAAuB;QACtC,OAAO,IAAI,CAAC,OAAO,CAAkB,KAAK,CAAC,CAAC;IAChD,CAAC;CACJ;AALU;IAFN,IAAA,qBAAS,EAAC,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC;IACxB,IAAA,oBAAQ,GAAE;;4CACK;AAOpB,MAAa,UAAU;IACnB,YACqB,UAAkC,EAClC,MAAe;QADf,eAAU,GAAV,UAAU,CAAwB;QAClC,WAAM,GAAN,MAAM,CAAS;IACjC,CAAC;IAEG,KAAK,CAAC,MAAM,CAAC,KAAa;QAC7B,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAChD,OAAO,CAAC,CAAC,KAAK,CAAC;IACnB,CAAC;IAEM,KAAK,CAAC,QAAQ,CAAC,KAAa,EAAE,OAAY;QAC7C,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAChD,IAAI,KAAK,EAAE,CAAC;YACR,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,eAAe,KAAK,iBAAiB,CAAC,CAAC;YACxD,OAAO;QACX,CAAC;QAED,MAAM,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,eAAe,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,mBAAM,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC;IACjG,CAAC;IAEM,KAAK,CAAC,MAAM,CAAC,KAAa;QAC7B,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAChD,IAAI,CAAC,KAAK,EAAE,CAAC;YACT,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,eAAe,KAAK,YAAY,CAAC,CAAC;YACnD,OAAO,SAAS,CAAC;QACrB,CAAC;QAED,MAAM,MAAM,GAAG,eAAe,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC3C,OAAO,MAAM,CAAC,GAAG,CAAC;IACtB,CAAC;IAEM,KAAK,CAAC,SAAS,CAAC,KAAa;QAChC,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAChD,IAAI,CAAC,KAAK,EAAE,CAAC;YACT,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,eAAe,KAAK,2BAA2B,CAAC,CAAC;YAClE,OAAO;QACX,CAAC;QAED,MAAM,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,eAAe,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;IAC9D,CAAC;CACJ;AAzCD,gCAyCC"}

package/dist/modules/openid4vc/local/OpenId4VciCredentialResponseJSON.d.ts

@@ -0,0 +1,7 @@
+import { ClaimFormat, W3cJsonCredential } from "@credo-ts/core";
+export interface OpenId4VciCredentialResponseJSON {
+    claimFormat: ClaimFormat;
+    encoded: string | W3cJsonCredential;
+    displayInformation?: Record<string, any>[];
+}
+//# sourceMappingURL=OpenId4VciCredentialResponseJSON.d.ts.map

package/dist/modules/openid4vc/local/OpenId4VciCredentialResponseJSON.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"OpenId4VciCredentialResponseJSON.d.ts","sourceRoot":"","sources":["../../../../src/modules/openid4vc/local/OpenId4VciCredentialResponseJSON.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,iBAAiB,EAAE,MAAM,gBAAgB,CAAC;AAEhE,MAAM,WAAW,gCAAgC;IAC7C,WAAW,EAAE,WAAW,CAAC;IACzB,OAAO,EAAE,MAAM,GAAG,iBAAiB,CAAC;IACpC,kBAAkB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EAAE,CAAC;CAC9C"}

package/dist/modules/openid4vc/local/OpenId4VciCredentialResponseJSON.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=OpenId4VciCredentialResponseJSON.js.map

package/dist/modules/openid4vc/local/OpenId4VciCredentialResponseJSON.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"OpenId4VciCredentialResponseJSON.js","sourceRoot":"","sources":["../../../../src/modules/openid4vc/local/OpenId4VciCredentialResponseJSON.ts"],"names":[],"mappings":""}

package/dist/modules/openid4vc/local/RequestedCredentialCache.d.ts

@@ -0,0 +1,9 @@
+import { SynchronizedCollection } from "@nmshd/transport";
+import { OpenId4VciCredentialResponseJSON } from "./OpenId4VciCredentialResponseJSON";
+export declare class RequestedCredentialCache {
+    private readonly collection;
+    constructor(collection: SynchronizedCollection);
+    get(credentialOfferUrl: string): Promise<OpenId4VciCredentialResponseJSON[] | undefined>;
+    set(credentialOfferUrl: string, credentialResponses: OpenId4VciCredentialResponseJSON[]): Promise<void>;
+}
+//# sourceMappingURL=RequestedCredentialCache.d.ts.map

package/dist/modules/openid4vc/local/RequestedCredentialCache.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"RequestedCredentialCache.d.ts","sourceRoot":"","sources":["../../../../src/modules/openid4vc/local/RequestedCredentialCache.ts"],"names":[],"mappings":"AAEA,OAAO,EAAsB,sBAAsB,EAAE,MAAM,kBAAkB,CAAC;AAG9E,OAAO,EAAE,gCAAgC,EAAE,MAAM,oCAAoC,CAAC;AAyBtF,qBAAa,wBAAwB;IACd,OAAO,CAAC,QAAQ,CAAC,UAAU;gBAAV,UAAU,EAAE,sBAAsB;IAEzD,GAAG,CAAC,kBAAkB,EAAE,MAAM,GAAG,OAAO,CAAC,gCAAgC,EAAE,GAAG,SAAS,CAAC;IAKxF,GAAG,CAAC,kBAAkB,EAAE,MAAM,EAAE,mBAAmB,EAAE,gCAAgC,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC;CAIvH"}

package/dist/modules/openid4vc/local/RequestedCredentialCache.js

@@ -0,0 +1,57 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.RequestedCredentialCache = void 0;
+const ts_serval_1 = require("@js-soft/ts-serval");
+const transport_1 = require("@nmshd/transport");
+const ts_simple_nameof_1 = require("ts-simple-nameof");
+const ConsumptionIds_1 = require("../../../consumption/ConsumptionIds");
+class RequestedCredentialCacheEntry extends transport_1.CoreSynchronizable {
+    constructor() {
+        super(...arguments);
+        this.technicalProperties = [
+            (0, ts_simple_nameof_1.nameof)((r) => r.credentialOfferUrl),
+            (0, ts_simple_nameof_1.nameof)((r) => r.credentialResponses)
+        ];
+    }
+    static create(id, credentialOfferUrl, credentialResponses) {
+        return this.fromAny({
+            id: id,
+            credentialOfferUrl: credentialOfferUrl,
+            credentialResponses
+        });
+    }
+}
+__decorate([
+    (0, ts_serval_1.serialize)(),
+    (0, ts_serval_1.validate)(),
+    __metadata("design:type", String)
+], RequestedCredentialCacheEntry.prototype, "credentialOfferUrl", void 0);
+__decorate([
+    (0, ts_serval_1.serialize)({ any: true }),
+    (0, ts_serval_1.validate)(),
+    __metadata("design:type", Array)
+], RequestedCredentialCacheEntry.prototype, "credentialResponses", void 0);
+class RequestedCredentialCache {
+    constructor(collection) {
+        this.collection = collection;
+    }
+    async get(credentialOfferUrl) {
+        const doc = await this.collection.findOne({ credentialOfferUrl: credentialOfferUrl });
+        return doc ? RequestedCredentialCacheEntry.fromAny(doc).credentialResponses : undefined;
+    }
+    async set(credentialOfferUrl, credentialResponses) {
+        const id = await ConsumptionIds_1.ConsumptionIds.requestedCredentialCacheEntry.generate();
+        await this.collection.create(RequestedCredentialCacheEntry.create(id, credentialOfferUrl, credentialResponses));
+    }
+}
+exports.RequestedCredentialCache = RequestedCredentialCache;
+//# sourceMappingURL=RequestedCredentialCache.js.map

package/dist/modules/openid4vc/local/RequestedCredentialCache.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"RequestedCredentialCache.js","sourceRoot":"","sources":["../../../../src/modules/openid4vc/local/RequestedCredentialCache.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,kDAAyD;AAEzD,gDAA8E;AAC9E,uDAA0C;AAC1C,wEAAqE;AAGrE,MAAM,6BAA8B,SAAQ,8BAAkB;IAA9D;;QACoB,wBAAmB,GAAa;YAC5C,IAAA,yBAAM,EAAgC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,kBAAkB,CAAC;YAClE,IAAA,yBAAM,EAAgC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,mBAAmB,CAAC;SACtE,CAAC;IAiBN,CAAC;IAPU,MAAM,CAAC,MAAM,CAAC,EAAU,EAAE,kBAA0B,EAAE,mBAAuD;QAChH,OAAO,IAAI,CAAC,OAAO,CAAgC;YAC/C,EAAE,EAAE,EAAE;YACN,kBAAkB,EAAE,kBAAkB;YACtC,mBAAmB;SACtB,CAAC,CAAC;IACP,CAAC;CACJ;AAbU;IAFN,IAAA,qBAAS,GAAE;IACX,IAAA,oBAAQ,GAAE;;yEACuB;AAI3B;IAFN,IAAA,qBAAS,EAAC,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC;IACxB,IAAA,oBAAQ,GAAE;;0EACoD;AAWnE,MAAa,wBAAwB;IACjC,YAAoC,UAAkC;QAAlC,eAAU,GAAV,UAAU,CAAwB;IAAG,CAAC;IAEnE,KAAK,CAAC,GAAG,CAAC,kBAA0B;QACvC,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,kBAAkB,EAAE,kBAAkB,EAAE,CAAC,CAAC;QACtF,OAAO,GAAG,CAAC,CAAC,CAAC,6BAA6B,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,mBAAmB,CAAC,CAAC,CAAC,SAAS,CAAC;IAC5F,CAAC;IAEM,KAAK,CAAC,GAAG,CAAC,kBAA0B,EAAE,mBAAuD;QAChG,MAAM,EAAE,GAAG,MAAM,+BAAc,CAAC,6BAA6B,CAAC,QAAQ,EAAE,CAAC;QACzE,MAAM,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,6BAA6B,CAAC,MAAM,CAAC,EAAE,EAAE,kBAAkB,EAAE,mBAAmB,CAAC,CAAC,CAAC;IACpH,CAAC;CACJ;AAZD,4DAYC"}

package/dist/modules/requests/events/ShareCredentialOfferRequestItemProcessedByRecipientEvent.d.ts

@@ -0,0 +1,12 @@
+import { CoreAddress } from "@nmshd/core-types";
+import { TransportDataEvent } from "@nmshd/transport";
+export interface ShareCredentialOfferRequestItemProcessedByRecipientEventData {
+    credentialOfferUrl: string;
+    accepted: boolean;
+    peer: CoreAddress;
+}
+export declare class ShareCredentialOfferRequestItemProcessedByRecipientEvent extends TransportDataEvent<ShareCredentialOfferRequestItemProcessedByRecipientEventData> {
+    static readonly namespace = "consumption.shareCredentialOfferRequestItemProcessedByRecipient";
+    constructor(eventTargetAddress: string, data: ShareCredentialOfferRequestItemProcessedByRecipientEventData);
+}
+//# sourceMappingURL=ShareCredentialOfferRequestItemProcessedByRecipientEvent.d.ts.map

package/dist/modules/requests/events/ShareCredentialOfferRequestItemProcessedByRecipientEvent.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ShareCredentialOfferRequestItemProcessedByRecipientEvent.d.ts","sourceRoot":"","sources":["../../../../src/modules/requests/events/ShareCredentialOfferRequestItemProcessedByRecipientEvent.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,kBAAkB,EAAE,MAAM,kBAAkB,CAAC;AAEtD,MAAM,WAAW,4DAA4D;IACzE,kBAAkB,EAAE,MAAM,CAAC;IAC3B,QAAQ,EAAE,OAAO,CAAC;IAClB,IAAI,EAAE,WAAW,CAAC;CACrB;AAED,qBAAa,wDAAyD,SAAQ,kBAAkB,CAAC,4DAA4D,CAAC;IAC1J,gBAAuB,SAAS,qEAAqE;gBAElF,kBAAkB,EAAE,MAAM,EAAE,IAAI,EAAE,4DAA4D;CAGpH"}

package/dist/modules/requests/events/ShareCredentialOfferRequestItemProcessedByRecipientEvent.js

@@ -0,0 +1,12 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ShareCredentialOfferRequestItemProcessedByRecipientEvent = void 0;
+const transport_1 = require("@nmshd/transport");
+class ShareCredentialOfferRequestItemProcessedByRecipientEvent extends transport_1.TransportDataEvent {
+    static { this.namespace = "consumption.shareCredentialOfferRequestItemProcessedByRecipient"; }
+    constructor(eventTargetAddress, data) {
+        super(ShareCredentialOfferRequestItemProcessedByRecipientEvent.namespace, eventTargetAddress, data);
+    }
+}
+exports.ShareCredentialOfferRequestItemProcessedByRecipientEvent = ShareCredentialOfferRequestItemProcessedByRecipientEvent;
+//# sourceMappingURL=ShareCredentialOfferRequestItemProcessedByRecipientEvent.js.map

package/dist/modules/requests/events/ShareCredentialOfferRequestItemProcessedByRecipientEvent.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ShareCredentialOfferRequestItemProcessedByRecipientEvent.js","sourceRoot":"","sources":["../../../../src/modules/requests/events/ShareCredentialOfferRequestItemProcessedByRecipientEvent.ts"],"names":[],"mappings":";;;AACA,gDAAsD;AAQtD,MAAa,wDAAyD,SAAQ,8BAAgF;aACnI,cAAS,GAAG,iEAAiE,CAAC;IAErG,YAAmB,kBAA0B,EAAE,IAAkE;QAC7G,KAAK,CAAC,wDAAwD,CAAC,SAAS,EAAE,kBAAkB,EAAE,IAAI,CAAC,CAAC;IACxG,CAAC;;AALL,4HAMC"}

package/dist/modules/requests/events/index.d.ts

@@ -3,4 +3,5 @@ export * from "./IncomingRequestStatusChangedEvent";
 export * from "./OutgoingRequestCreatedAndCompletedEvent";
 export * from "./OutgoingRequestCreatedEvent";
 export * from "./OutgoingRequestStatusChangedEvent";
+export * from "./ShareCredentialOfferRequestItemProcessedByRecipientEvent";
 //# sourceMappingURL=index.d.ts.map

package/dist/modules/requests/events/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/modules/requests/events/index.ts"],"names":[],"mappings":"AAAA,cAAc,gCAAgC,CAAC;AAC/C,cAAc,qCAAqC,CAAC;AACpD,cAAc,2CAA2C,CAAC;AAC1D,cAAc,+BAA+B,CAAC;AAC9C,cAAc,qCAAqC,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/modules/requests/events/index.ts"],"names":[],"mappings":"AAAA,cAAc,gCAAgC,CAAC;AAC/C,cAAc,qCAAqC,CAAC;AACpD,cAAc,2CAA2C,CAAC;AAC1D,cAAc,+BAA+B,CAAC;AAC9C,cAAc,qCAAqC,CAAC;AACpD,cAAc,4DAA4D,CAAC"}

package/dist/modules/requests/events/index.js

@@ -19,4 +19,5 @@ __exportStar(require("./IncomingRequestStatusChangedEvent"), exports);
 __exportStar(require("./OutgoingRequestCreatedAndCompletedEvent"), exports);
 __exportStar(require("./OutgoingRequestCreatedEvent"), exports);
 __exportStar(require("./OutgoingRequestStatusChangedEvent"), exports);
+__exportStar(require("./ShareCredentialOfferRequestItemProcessedByRecipientEvent"), exports);
 //# sourceMappingURL=index.js.map

package/dist/modules/requests/events/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/modules/requests/events/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,iEAA+C;AAC/C,sEAAoD;AACpD,4EAA0D;AAC1D,gEAA8C;AAC9C,sEAAoD"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/modules/requests/events/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,iEAA+C;AAC/C,sEAAoD;AACpD,4EAA0D;AAC1D,gEAA8C;AAC9C,sEAAoD;AACpD,6FAA2E"}

package/dist/modules/requests/index.d.ts

@@ -26,6 +26,9 @@ export * from "./itemProcessors/RequestItemConstructor";
 export * from "./itemProcessors/RequestItemProcessorConstructor";
 export * from "./itemProcessors/RequestItemProcessorRegistry";
 export * from "./itemProcessors/shareAttribute/ShareAttributeRequestItemProcessor";
+export * from "./itemProcessors/shareAuthorizationRequest/AcceptShareAuthorizationRequestRequestItemParameters";
+export * from "./itemProcessors/shareAuthorizationRequest/ShareAuthorizationRequestRequestItemProcessor";
+export * from "./itemProcessors/shareCredentialOffer/ShareCredentialOfferRequestItemProcessor";
 export * from "./itemProcessors/transferFileOwnership/TransferFileOwnershipRequestItemProcessor";
 export * from "./local/LocalRequest";
 export * from "./local/LocalRequestStatus";

package/dist/modules/requests/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/modules/requests/index.ts"],"names":[],"mappings":"AAAA,cAAc,UAAU,CAAC;AACzB,cAAc,6EAA6E,CAAC;AAC5F,cAAc,uDAAuD,CAAC;AACtE,cAAc,+CAA+C,CAAC;AAC9D,cAAc,oDAAoD,CAAC;AACnE,cAAc,+CAA+C,CAAC;AAC9D,cAAc,2CAA2C,CAAC;AAC1D,cAAc,+CAA+C,CAAC;AAC9D,cAAc,6CAA6C,CAAC;AAC5D,cAAc,uCAAuC,CAAC;AACtD,cAAc,uDAAuD,CAAC;AACtE,cAAc,mFAAmF,CAAC;AAClG,cAAc,+CAA+C,CAAC;AAC9D,cAAc,sEAAsE,CAAC;AACrF,cAAc,6EAA6E,CAAC;AAC5F,cAAc,sEAAsE,CAAC;AACrF,cAAc,iEAAiE,CAAC;AAChF,cAAc,0DAA0D,CAAC;AACzE,cAAc,8CAA8C,CAAC;AAC7D,cAAc,wCAAwC,CAAC;AACvD,cAAc,+EAA+E,CAAC;AAC9F,cAAc,wEAAwE,CAAC;AACvF,OAAO,EACH,4CAA4C,EAC5C,iEAAiE,EACjE,4DAA4D,EAC/D,MAAM,yEAAyE,CAAC;AACjF,cAAc,kEAAkE,CAAC;AACjF,cAAc,yCAAyC,CAAC;AACxD,cAAc,kDAAkD,CAAC;AACjE,cAAc,+CAA+C,CAAC;AAC9D,cAAc,oEAAoE,CAAC;AACnF,cAAc,kFAAkF,CAAC;AACjG,cAAc,sBAAsB,CAAC;AACrC,cAAc,4BAA4B,CAAC;AAC3C,cAAc,oCAAoC,CAAC;AACnD,cAAc,uBAAuB,CAAC;AACtC,cAAc,sEAAsE,CAAC;AACrF,cAAc,yIAAyI,CAAC;AACxJ,cAAc,qEAAqE,CAAC;AACpF,cAAc,kEAAkE,CAAC;AACjF,cAAc,uCAAuC,CAAC;AACtD,cAAc,8DAA8D,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/modules/requests/index.ts"],"names":[],"mappings":"AAAA,cAAc,UAAU,CAAC;AACzB,cAAc,6EAA6E,CAAC;AAC5F,cAAc,uDAAuD,CAAC;AACtE,cAAc,+CAA+C,CAAC;AAC9D,cAAc,oDAAoD,CAAC;AACnE,cAAc,+CAA+C,CAAC;AAC9D,cAAc,2CAA2C,CAAC;AAC1D,cAAc,+CAA+C,CAAC;AAC9D,cAAc,6CAA6C,CAAC;AAC5D,cAAc,uCAAuC,CAAC;AACtD,cAAc,uDAAuD,CAAC;AACtE,cAAc,mFAAmF,CAAC;AAClG,cAAc,+CAA+C,CAAC;AAC9D,cAAc,sEAAsE,CAAC;AACrF,cAAc,6EAA6E,CAAC;AAC5F,cAAc,sEAAsE,CAAC;AACrF,cAAc,iEAAiE,CAAC;AAChF,cAAc,0DAA0D,CAAC;AACzE,cAAc,8CAA8C,CAAC;AAC7D,cAAc,wCAAwC,CAAC;AACvD,cAAc,+EAA+E,CAAC;AAC9F,cAAc,wEAAwE,CAAC;AACvF,OAAO,EACH,4CAA4C,EAC5C,iEAAiE,EACjE,4DAA4D,EAC/D,MAAM,yEAAyE,CAAC;AACjF,cAAc,kEAAkE,CAAC;AACjF,cAAc,yCAAyC,CAAC;AACxD,cAAc,kDAAkD,CAAC;AACjE,cAAc,+CAA+C,CAAC;AAC9D,cAAc,oEAAoE,CAAC;AACnF,cAAc,iGAAiG,CAAC;AAChH,cAAc,0FAA0F,CAAC;AACzG,cAAc,gFAAgF,CAAC;AAC/F,cAAc,kFAAkF,CAAC;AACjG,cAAc,sBAAsB,CAAC;AACrC,cAAc,4BAA4B,CAAC;AAC3C,cAAc,oCAAoC,CAAC;AACnD,cAAc,uBAAuB,CAAC;AACtC,cAAc,sEAAsE,CAAC;AACrF,cAAc,yIAAyI,CAAC;AACxJ,cAAc,qEAAqE,CAAC;AACpF,cAAc,kEAAkE,CAAC;AACjF,cAAc,uCAAuC,CAAC;AACtD,cAAc,8DAA8D,CAAC"}

package/dist/modules/requests/index.js

@@ -41,6 +41,9 @@ __exportStar(require("./itemProcessors/RequestItemConstructor"), exports);
 __exportStar(require("./itemProcessors/RequestItemProcessorConstructor"), exports);
 __exportStar(require("./itemProcessors/RequestItemProcessorRegistry"), exports);
 __exportStar(require("./itemProcessors/shareAttribute/ShareAttributeRequestItemProcessor"), exports);
+__exportStar(require("./itemProcessors/shareAuthorizationRequest/AcceptShareAuthorizationRequestRequestItemParameters"), exports);
+__exportStar(require("./itemProcessors/shareAuthorizationRequest/ShareAuthorizationRequestRequestItemProcessor"), exports);
+__exportStar(require("./itemProcessors/shareCredentialOffer/ShareCredentialOfferRequestItemProcessor"), exports);
 __exportStar(require("./itemProcessors/transferFileOwnership/TransferFileOwnershipRequestItemProcessor"), exports);
 __exportStar(require("./local/LocalRequest"), exports);
 __exportStar(require("./local/LocalRequestStatus"), exports);

package/dist/modules/requests/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/modules/requests/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,2CAAyB;AACzB,8GAA4F;AAC5F,wFAAsE;AACtE,gFAA8D;AAC9D,qFAAmE;AACnE,gFAA8D;AAC9D,4EAA0D;AAC1D,gFAA8D;AAC9D,8EAA4D;AAC5D,wEAAsD;AACtD,wFAAsE;AACtE,oHAAkG;AAClG,gFAA8D;AAC9D,uGAAqF;AACrF,8GAA4F;AAC5F,uGAAqF;AACrF,kGAAgF;AAChF,2FAAyE;AACzE,+EAA6D;AAC7D,yEAAuD;AACvD,gHAA8F;AAC9F,yGAAuF;AAMvF,mGAAiF;AACjF,0EAAwD;AACxD,mFAAiE;AACjE,gFAA8D;AAC9D,qGAAmF;AACnF,mHAAiG;AACjG,uDAAqC;AACrC,6DAA2C;AAC3C,qEAAmD;AACnD,wDAAsC;AACtC,uGAAqF;AACrF,0KAAwJ;AACxJ,sGAAoF;AACpF,mGAAiF;AACjF,wEAAsD;AACtD,+FAA6E"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/modules/requests/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,2CAAyB;AACzB,8GAA4F;AAC5F,wFAAsE;AACtE,gFAA8D;AAC9D,qFAAmE;AACnE,gFAA8D;AAC9D,4EAA0D;AAC1D,gFAA8D;AAC9D,8EAA4D;AAC5D,wEAAsD;AACtD,wFAAsE;AACtE,oHAAkG;AAClG,gFAA8D;AAC9D,uGAAqF;AACrF,8GAA4F;AAC5F,uGAAqF;AACrF,kGAAgF;AAChF,2FAAyE;AACzE,+EAA6D;AAC7D,yEAAuD;AACvD,gHAA8F;AAC9F,yGAAuF;AAMvF,mGAAiF;AACjF,0EAAwD;AACxD,mFAAiE;AACjE,gFAA8D;AAC9D,qGAAmF;AACnF,kIAAgH;AAChH,2HAAyG;AACzG,iHAA+F;AAC/F,mHAAiG;AACjG,uDAAqC;AACrC,6DAA2C;AAC3C,qEAAmD;AACnD,wDAAsC;AACtC,uGAAqF;AACrF,0KAAwJ;AACxJ,sGAAoF;AACpF,mGAAiF;AACjF,wEAAsD;AACtD,+FAA6E"}

package/dist/modules/requests/itemProcessors/shareAuthorizationRequest/AcceptShareAuthorizationRequestRequestItemParameters.d.ts

@@ -0,0 +1,11 @@
+import { Serializable } from "@js-soft/ts-serval";
+import { CoreId } from "@nmshd/core-types";
+import { AcceptRequestItemParametersJSON } from "../../incoming/decide/AcceptRequestItemParameters";
+export interface AcceptShareAuthorizationRequestRequestItemParametersJSON extends AcceptRequestItemParametersJSON {
+    attributeId: string;
+}
+export declare class AcceptShareAuthorizationRequestRequestItemParameters extends Serializable {
+    attributeId: CoreId;
+    static from(value: AcceptShareAuthorizationRequestRequestItemParametersJSON): AcceptShareAuthorizationRequestRequestItemParameters;
+}
+//# sourceMappingURL=AcceptShareAuthorizationRequestRequestItemParameters.d.ts.map

package/dist/modules/requests/itemProcessors/shareAuthorizationRequest/AcceptShareAuthorizationRequestRequestItemParameters.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"AcceptShareAuthorizationRequestRequestItemParameters.d.ts","sourceRoot":"","sources":["../../../../../src/modules/requests/itemProcessors/shareAuthorizationRequest/AcceptShareAuthorizationRequestRequestItemParameters.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAA6B,MAAM,oBAAoB,CAAC;AAC7E,OAAO,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAC3C,OAAO,EAAE,+BAA+B,EAAE,MAAM,mDAAmD,CAAC;AAEpG,MAAM,WAAW,wDAAyD,SAAQ,+BAA+B;IAC7G,WAAW,EAAE,MAAM,CAAC;CACvB;AAED,qBACa,oDAAqD,SAAQ,YAAY;IAG3E,WAAW,EAAE,MAAM,CAAC;WAEb,IAAI,CAAC,KAAK,EAAE,wDAAwD,GAAG,oDAAoD;CAG5I"}

package/dist/modules/requests/itemProcessors/shareAuthorizationRequest/AcceptShareAuthorizationRequestRequestItemParameters.js

@@ -0,0 +1,29 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AcceptShareAuthorizationRequestRequestItemParameters = void 0;
+const ts_serval_1 = require("@js-soft/ts-serval");
+const core_types_1 = require("@nmshd/core-types");
+let AcceptShareAuthorizationRequestRequestItemParameters = class AcceptShareAuthorizationRequestRequestItemParameters extends ts_serval_1.Serializable {
+    static from(value) {
+        return this.fromAny(value);
+    }
+};
+exports.AcceptShareAuthorizationRequestRequestItemParameters = AcceptShareAuthorizationRequestRequestItemParameters;
+__decorate([
+    (0, ts_serval_1.serialize)(),
+    (0, ts_serval_1.validate)(),
+    __metadata("design:type", core_types_1.CoreId)
+], AcceptShareAuthorizationRequestRequestItemParameters.prototype, "attributeId", void 0);
+exports.AcceptShareAuthorizationRequestRequestItemParameters = AcceptShareAuthorizationRequestRequestItemParameters = __decorate([
+    (0, ts_serval_1.type)("AcceptShareAuthorizationRequestRequestItemParameters")
+], AcceptShareAuthorizationRequestRequestItemParameters);
+//# sourceMappingURL=AcceptShareAuthorizationRequestRequestItemParameters.js.map

package/dist/modules/requests/itemProcessors/shareAuthorizationRequest/AcceptShareAuthorizationRequestRequestItemParameters.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"AcceptShareAuthorizationRequestRequestItemParameters.js","sourceRoot":"","sources":["../../../../../src/modules/requests/itemProcessors/shareAuthorizationRequest/AcceptShareAuthorizationRequestRequestItemParameters.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,kDAA6E;AAC7E,kDAA2C;AAQpC,IAAM,oDAAoD,GAA1D,MAAM,oDAAqD,SAAQ,wBAAY;IAK3E,MAAM,CAAC,IAAI,CAAC,KAA+D;QAC9E,OAAO,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;IAC/B,CAAC;CACJ,CAAA;AARY,oHAAoD;AAGtD;IAFN,IAAA,qBAAS,GAAE;IACX,IAAA,oBAAQ,GAAE;8BACS,mBAAM;yFAAC;+DAHlB,oDAAoD;IADhE,IAAA,gBAAI,EAAC,sDAAsD,CAAC;GAChD,oDAAoD,CAQhE"}

package/dist/modules/requests/itemProcessors/shareAuthorizationRequest/ShareAuthorizationRequestRequestItemProcessor.d.ts

@@ -0,0 +1,12 @@
+import { AcceptResponseItem, Request, ShareAuthorizationRequestRequestItem } from "@nmshd/content";
+import { CoreAddress } from "@nmshd/core-types";
+import { ValidationResult } from "../../../common/ValidationResult";
+import { GenericRequestItemProcessor } from "../GenericRequestItemProcessor";
+import { LocalRequestInfo } from "../IRequestItemProcessor";
+import { AcceptShareAuthorizationRequestRequestItemParametersJSON } from "./AcceptShareAuthorizationRequestRequestItemParameters";
+export declare class ShareAuthorizationRequestRequestItemProcessor extends GenericRequestItemProcessor<ShareAuthorizationRequestRequestItem> {
+    canCreateOutgoingRequestItem(requestItem: ShareAuthorizationRequestRequestItem, _request: Request, _recipient?: CoreAddress): Promise<ValidationResult>;
+    canAccept(requestItem: ShareAuthorizationRequestRequestItem, params: AcceptShareAuthorizationRequestRequestItemParametersJSON, _requestInfo: LocalRequestInfo): Promise<ValidationResult>;
+    accept(requestItem: ShareAuthorizationRequestRequestItem, params: AcceptShareAuthorizationRequestRequestItemParametersJSON, _requestInfo: LocalRequestInfo): Promise<AcceptResponseItem>;
+}
+//# sourceMappingURL=ShareAuthorizationRequestRequestItemProcessor.d.ts.map

package/dist/modules/requests/itemProcessors/shareAuthorizationRequest/ShareAuthorizationRequestRequestItemProcessor.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ShareAuthorizationRequestRequestItemProcessor.d.ts","sourceRoot":"","sources":["../../../../../src/modules/requests/itemProcessors/shareAuthorizationRequest/ShareAuthorizationRequestRequestItemProcessor.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,OAAO,EAAsB,oCAAoC,EAAE,MAAM,gBAAgB,CAAC;AACvH,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAIhD,OAAO,EAAE,gBAAgB,EAAE,MAAM,kCAAkC,CAAC;AACpE,OAAO,EAAE,2BAA2B,EAAE,MAAM,gCAAgC,CAAC;AAC7E,OAAO,EAAE,gBAAgB,EAAE,MAAM,0BAA0B,CAAC;AAC5D,OAAO,EAEH,wDAAwD,EAC3D,MAAM,wDAAwD,CAAC;AAEhE,qBAAa,6CAA8C,SAAQ,2BAA2B,CAAC,oCAAoC,CAAC;IAC1G,4BAA4B,CAAC,WAAW,EAAE,oCAAoC,EAAE,QAAQ,EAAE,OAAO,EAAE,UAAU,CAAC,EAAE,WAAW,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAUvJ,SAAS,CAC3B,WAAW,EAAE,oCAAoC,EACjD,MAAM,EAAE,wDAAwD,EAChE,YAAY,EAAE,gBAAgB,GAC/B,OAAO,CAAC,gBAAgB,CAAC;IAsBN,MAAM,CACxB,WAAW,EAAE,oCAAoC,EACjD,MAAM,EAAE,wDAAwD,EAChE,YAAY,EAAE,gBAAgB,GAC/B,OAAO,CAAC,kBAAkB,CAAC;CAoBjC"}

package/dist/modules/requests/itemProcessors/shareAuthorizationRequest/ShareAuthorizationRequestRequestItemProcessor.js

@@ -0,0 +1,55 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ShareAuthorizationRequestRequestItemProcessor = void 0;
+const content_1 = require("@nmshd/content");
+const transport_1 = require("@nmshd/transport");
+const ConsumptionCoreErrors_1 = require("../../../../consumption/ConsumptionCoreErrors");
+const attributes_1 = require("../../../attributes");
+const ValidationResult_1 = require("../../../common/ValidationResult");
+const GenericRequestItemProcessor_1 = require("../GenericRequestItemProcessor");
+const AcceptShareAuthorizationRequestRequestItemParameters_1 = require("./AcceptShareAuthorizationRequestRequestItemParameters");
+class ShareAuthorizationRequestRequestItemProcessor extends GenericRequestItemProcessor_1.GenericRequestItemProcessor {
+    async canCreateOutgoingRequestItem(requestItem, _request, _recipient) {
+        try {
+            await this.consumptionController.openId4Vc.resolveAuthorizationRequest(requestItem.authorizationRequestUrl);
+        }
+        catch (_) {
+            return ValidationResult_1.ValidationResult.error(ConsumptionCoreErrors_1.ConsumptionCoreErrors.requests.invalidRequestItem("The authorization request url can't be resolved."));
+        }
+        return ValidationResult_1.ValidationResult.success();
+    }
+    async canAccept(requestItem, params, _requestInfo) {
+        const parsedParams = AcceptShareAuthorizationRequestRequestItemParameters_1.AcceptShareAuthorizationRequestRequestItemParameters.from(params);
+        const attribute = (await this.consumptionController.attributes.getLocalAttribute(parsedParams.attributeId));
+        if (!attribute)
+            return ValidationResult_1.ValidationResult.error(transport_1.TransportCoreErrors.general.recordNotFound(attributes_1.LocalAttribute, parsedParams.attributeId.toString()));
+        let resolvedAuthorizationRequest;
+        try {
+            resolvedAuthorizationRequest = await this.consumptionController.openId4Vc.resolveAuthorizationRequest(requestItem.authorizationRequestUrl);
+        }
+        catch (_) {
+            return ValidationResult_1.ValidationResult.error(ConsumptionCoreErrors_1.ConsumptionCoreErrors.requests.invalidRequestItem("The authorization request url can't be resolved."));
+        }
+        const matchingCredentials = resolvedAuthorizationRequest.matchingCredentials;
+        const matchingAttributeIds = matchingCredentials.map((c) => c.id.toString());
+        if (!matchingAttributeIds.includes(parsedParams.attributeId.toString())) {
+            return ValidationResult_1.ValidationResult.error(ConsumptionCoreErrors_1.ConsumptionCoreErrors.requests.invalidAcceptParameters("The credential selected for presentation doesn't match the query."));
+        }
+        return ValidationResult_1.ValidationResult.success();
+    }
+    async accept(requestItem, params, _requestInfo) {
+        const parsedParams = AcceptShareAuthorizationRequestRequestItemParameters_1.AcceptShareAuthorizationRequestRequestItemParameters.from(params);
+        const resolvedAuthorizationRequest = await this.consumptionController.openId4Vc.resolveAuthorizationRequest(requestItem.authorizationRequestUrl);
+        const attribute = (await this.consumptionController.attributes.getLocalAttribute(parsedParams.attributeId));
+        if (!attribute)
+            throw transport_1.TransportCoreErrors.general.recordNotFound(attributes_1.LocalAttribute, parsedParams.attributeId.toString());
+        const acceptResult = await this.consumptionController.openId4Vc.acceptAuthorizationRequest(resolvedAuthorizationRequest.authorizationRequest, attribute);
+        if (acceptResult.status !== 200) {
+            transport_1.TransportLoggerFactory.getLogger(ShareAuthorizationRequestRequestItemProcessor).error("Failed to accept ShareAuthorizationRequestRequestItem. Error message:", JSON.stringify(acceptResult.message));
+            throw ConsumptionCoreErrors_1.ConsumptionCoreErrors.requests.invalidAcceptParameters("The presentation was not successful. Try again later or select a different credential.");
+        }
+        return content_1.AcceptResponseItem.from({ result: content_1.ResponseItemResult.Accepted });
+    }
+}
+exports.ShareAuthorizationRequestRequestItemProcessor = ShareAuthorizationRequestRequestItemProcessor;
+//# sourceMappingURL=ShareAuthorizationRequestRequestItemProcessor.js.map