@openid4vc/openid4vp 0.3.0-alpha-20250315153126 → 0.3.0-alpha-20250315172536
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.d.mts +6 -6
- package/dist/index.d.ts +6 -6
- package/dist/index.js +70 -49
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +34 -13
- package/dist/index.mjs.map +1 -1
- package/package.json +3 -3
package/dist/index.d.mts
CHANGED
|
@@ -10106,10 +10106,10 @@ interface ParsedOpenid4vpDcApiAuthorizationRequest {
|
|
|
10106
10106
|
provided: 'uri' | 'jwt' | 'params';
|
|
10107
10107
|
params: Openid4vpAuthorizationRequestDcApi;
|
|
10108
10108
|
}
|
|
10109
|
-
interface
|
|
10109
|
+
interface ParseOpenid4vpAuthorizationRequestOptions {
|
|
10110
10110
|
authorizationRequest: string | Record<string, unknown>;
|
|
10111
10111
|
}
|
|
10112
|
-
declare function
|
|
10112
|
+
declare function parseOpenid4vpAuthorizationRequest(options: ParseOpenid4vpAuthorizationRequestOptions): ParsedOpenid4vpAuthorizationRequest | ParsedJarRequest | ParsedOpenid4vpDcApiAuthorizationRequest;
|
|
10113
10113
|
|
|
10114
10114
|
declare const zJarRequestObjectPayload: z.ZodObject<{
|
|
10115
10115
|
client_id: z.ZodString;
|
|
@@ -12253,7 +12253,7 @@ interface ParsedTransactionDataEntry {
|
|
|
12253
12253
|
declare function parseTransactionData(options: ParseTransactionDataOptions): ParsedTransactionDataEntry[];
|
|
12254
12254
|
|
|
12255
12255
|
interface ResolveOpenid4vpAuthorizationRequestOptions {
|
|
12256
|
-
authorizationRequestPayload: Openid4vpAuthorizationRequest | JarAuthorizationRequest;
|
|
12256
|
+
authorizationRequestPayload: Openid4vpAuthorizationRequest | Openid4vpAuthorizationRequestDcApi | JarAuthorizationRequest;
|
|
12257
12257
|
wallet?: WalletVerificationOptions;
|
|
12258
12258
|
origin?: string;
|
|
12259
12259
|
disableOriginValidation?: boolean;
|
|
@@ -12653,7 +12653,7 @@ interface Openid4vpClientOptions {
|
|
|
12653
12653
|
declare class Openid4vpClient {
|
|
12654
12654
|
private options;
|
|
12655
12655
|
constructor(options: Openid4vpClientOptions);
|
|
12656
|
-
|
|
12656
|
+
parseOpenid4vpAuthorizationRequest(options: ParseOpenid4vpAuthorizationRequestOptions): ParsedJarRequest | ParsedOpenid4vpAuthorizationRequest | ParsedOpenid4vpDcApiAuthorizationRequest;
|
|
12657
12657
|
resolveOpenId4vpAuthorizationRequest(options: Omit<ResolveOpenid4vpAuthorizationRequestOptions, 'callbacks'>): Promise<ResolvedOpenid4vpAuthorizationRequest>;
|
|
12658
12658
|
createOpenid4vpAuthorizationResponse(options: Omit<CreateOpenid4vpAuthorizationResponseOptions, 'callbacks'>): Promise<CreateOpenid4vpAuthorizationResponseResult>;
|
|
12659
12659
|
submitOpenid4vpAuthorizationResponse(options: Omit<SubmitOpenid4vpAuthorizationResponseOptions, 'callbacks'>): Promise<{
|
|
@@ -17032,7 +17032,7 @@ declare class Openid4vpVerifier {
|
|
|
17032
17032
|
authorizationRequest: any;
|
|
17033
17033
|
jar: undefined;
|
|
17034
17034
|
}>;
|
|
17035
|
-
parseOpenid4vpAuthorizationRequestPayload(options:
|
|
17035
|
+
parseOpenid4vpAuthorizationRequestPayload(options: ParseOpenid4vpAuthorizationRequestOptions): ParsedJarRequest | ParsedOpenid4vpAuthorizationRequest | ParsedOpenid4vpDcApiAuthorizationRequest;
|
|
17036
17036
|
parseOpenid4vpAuthorizationResponse(options: ParseOpenid4vpAuthorizationResponseOptions): Promise<ParsedOpenid4vpAuthorizationResponse>;
|
|
17037
17037
|
validateOpenid4vpAuthorizationResponsePayload(options: ValidateOpenid4vpAuthorizationResponseOptions): ValidateOpenid4VpAuthorizationResponseResult;
|
|
17038
17038
|
parsePexVpToken(vpToken: unknown): [string | Record<string, any>, ...(string | Record<string, any>)[]];
|
|
@@ -17051,4 +17051,4 @@ type CredentialFormat = z.infer<typeof zCredentialFormat>;
|
|
|
17051
17051
|
declare const zProofFormat: z.ZodEnum<["jwt_vp_json", "ldc_vp", "ac_vp", "dc+sd-jwt", "vc+sd-jwt", "mso_mdoc"]>;
|
|
17052
17052
|
type ProofFormat = z.infer<typeof zProofFormat>;
|
|
17053
17053
|
|
|
17054
|
-
export { type ClientIdScheme, type ClientMetadata, type CreateOpenid4vpAuthorizationRequestOptions, type CreateOpenid4vpAuthorizationResponseOptions, type CreateOpenid4vpAuthorizationResponseResult, type CredentialFormat, type JarmClientMetadata, JarmMode, type Openid4vpAuthorizationRequest, type Openid4vpAuthorizationRequestDcApi, type Openid4vpAuthorizationResponse, Openid4vpClient, Openid4vpVerifier, type ParseJarmAuthorizationResponseOptions, type
|
|
17054
|
+
export { type ClientIdScheme, type ClientMetadata, type CreateOpenid4vpAuthorizationRequestOptions, type CreateOpenid4vpAuthorizationResponseOptions, type CreateOpenid4vpAuthorizationResponseResult, type CredentialFormat, type JarmClientMetadata, JarmMode, type Openid4vpAuthorizationRequest, type Openid4vpAuthorizationRequestDcApi, type Openid4vpAuthorizationResponse, Openid4vpClient, Openid4vpVerifier, type ParseJarmAuthorizationResponseOptions, type ParseOpenid4vpAuthorizationRequestOptions, type ParseOpenid4vpAuthorizationResponseOptions, type ParseTransactionDataOptions, type ParsedOpenid4vpAuthorizationResponse, type ProofFormat, type ResolveOpenid4vpAuthorizationRequestOptions, type ResolvedOpenid4vpAuthorizationRequest, type SubmitOpenid4vpAuthorizationResponseOptions, type TransactionDataEntry, type ValidateOpenid4VpAuthorizationResponseResult, type ValidateOpenid4VpDcqlAuthorizationResponseResult, type ValidateOpenid4VpPexAuthorizationResponseResult, type ValidateOpenid4vpAuthorizationRequestPayloadOptions, type ValidateOpenid4vpAuthorizationResponseOptions, type VerifyJarmAuthorizationResponseOptions, type WalletMetadata, type WalletVerificationOptions, createOpenid4vpAuthorizationRequest, createOpenid4vpAuthorizationResponse, isJarmResponseMode, isOpenid4vpAuthorizationRequestDcApi, parseDcqlVpToken, parseJarmAuthorizationResponse, parseOpenid4vpAuthorizationRequest, parseOpenid4vpAuthorizationResponse, parsePexVpToken, parseTransactionData, resolveOpenid4vpAuthorizationRequest, submitOpenid4vpAuthorizationResponse, validateOpenid4vpAuthorizationRequestPayload, validateOpenid4vpAuthorizationResponsePayload, verifyJarmAuthorizationResponse, zClientIdScheme, zClientMetadata, zCredentialFormat, zJarmClientMetadata, zOpenid4vpAuthorizationResponse, zProofFormat, zWalletMetadata };
|
package/dist/index.d.ts
CHANGED
|
@@ -10106,10 +10106,10 @@ interface ParsedOpenid4vpDcApiAuthorizationRequest {
|
|
|
10106
10106
|
provided: 'uri' | 'jwt' | 'params';
|
|
10107
10107
|
params: Openid4vpAuthorizationRequestDcApi;
|
|
10108
10108
|
}
|
|
10109
|
-
interface
|
|
10109
|
+
interface ParseOpenid4vpAuthorizationRequestOptions {
|
|
10110
10110
|
authorizationRequest: string | Record<string, unknown>;
|
|
10111
10111
|
}
|
|
10112
|
-
declare function
|
|
10112
|
+
declare function parseOpenid4vpAuthorizationRequest(options: ParseOpenid4vpAuthorizationRequestOptions): ParsedOpenid4vpAuthorizationRequest | ParsedJarRequest | ParsedOpenid4vpDcApiAuthorizationRequest;
|
|
10113
10113
|
|
|
10114
10114
|
declare const zJarRequestObjectPayload: z.ZodObject<{
|
|
10115
10115
|
client_id: z.ZodString;
|
|
@@ -12253,7 +12253,7 @@ interface ParsedTransactionDataEntry {
|
|
|
12253
12253
|
declare function parseTransactionData(options: ParseTransactionDataOptions): ParsedTransactionDataEntry[];
|
|
12254
12254
|
|
|
12255
12255
|
interface ResolveOpenid4vpAuthorizationRequestOptions {
|
|
12256
|
-
authorizationRequestPayload: Openid4vpAuthorizationRequest | JarAuthorizationRequest;
|
|
12256
|
+
authorizationRequestPayload: Openid4vpAuthorizationRequest | Openid4vpAuthorizationRequestDcApi | JarAuthorizationRequest;
|
|
12257
12257
|
wallet?: WalletVerificationOptions;
|
|
12258
12258
|
origin?: string;
|
|
12259
12259
|
disableOriginValidation?: boolean;
|
|
@@ -12653,7 +12653,7 @@ interface Openid4vpClientOptions {
|
|
|
12653
12653
|
declare class Openid4vpClient {
|
|
12654
12654
|
private options;
|
|
12655
12655
|
constructor(options: Openid4vpClientOptions);
|
|
12656
|
-
|
|
12656
|
+
parseOpenid4vpAuthorizationRequest(options: ParseOpenid4vpAuthorizationRequestOptions): ParsedJarRequest | ParsedOpenid4vpAuthorizationRequest | ParsedOpenid4vpDcApiAuthorizationRequest;
|
|
12657
12657
|
resolveOpenId4vpAuthorizationRequest(options: Omit<ResolveOpenid4vpAuthorizationRequestOptions, 'callbacks'>): Promise<ResolvedOpenid4vpAuthorizationRequest>;
|
|
12658
12658
|
createOpenid4vpAuthorizationResponse(options: Omit<CreateOpenid4vpAuthorizationResponseOptions, 'callbacks'>): Promise<CreateOpenid4vpAuthorizationResponseResult>;
|
|
12659
12659
|
submitOpenid4vpAuthorizationResponse(options: Omit<SubmitOpenid4vpAuthorizationResponseOptions, 'callbacks'>): Promise<{
|
|
@@ -17032,7 +17032,7 @@ declare class Openid4vpVerifier {
|
|
|
17032
17032
|
authorizationRequest: any;
|
|
17033
17033
|
jar: undefined;
|
|
17034
17034
|
}>;
|
|
17035
|
-
parseOpenid4vpAuthorizationRequestPayload(options:
|
|
17035
|
+
parseOpenid4vpAuthorizationRequestPayload(options: ParseOpenid4vpAuthorizationRequestOptions): ParsedJarRequest | ParsedOpenid4vpAuthorizationRequest | ParsedOpenid4vpDcApiAuthorizationRequest;
|
|
17036
17036
|
parseOpenid4vpAuthorizationResponse(options: ParseOpenid4vpAuthorizationResponseOptions): Promise<ParsedOpenid4vpAuthorizationResponse>;
|
|
17037
17037
|
validateOpenid4vpAuthorizationResponsePayload(options: ValidateOpenid4vpAuthorizationResponseOptions): ValidateOpenid4VpAuthorizationResponseResult;
|
|
17038
17038
|
parsePexVpToken(vpToken: unknown): [string | Record<string, any>, ...(string | Record<string, any>)[]];
|
|
@@ -17051,4 +17051,4 @@ type CredentialFormat = z.infer<typeof zCredentialFormat>;
|
|
|
17051
17051
|
declare const zProofFormat: z.ZodEnum<["jwt_vp_json", "ldc_vp", "ac_vp", "dc+sd-jwt", "vc+sd-jwt", "mso_mdoc"]>;
|
|
17052
17052
|
type ProofFormat = z.infer<typeof zProofFormat>;
|
|
17053
17053
|
|
|
17054
|
-
export { type ClientIdScheme, type ClientMetadata, type CreateOpenid4vpAuthorizationRequestOptions, type CreateOpenid4vpAuthorizationResponseOptions, type CreateOpenid4vpAuthorizationResponseResult, type CredentialFormat, type JarmClientMetadata, JarmMode, type Openid4vpAuthorizationRequest, type Openid4vpAuthorizationRequestDcApi, type Openid4vpAuthorizationResponse, Openid4vpClient, Openid4vpVerifier, type ParseJarmAuthorizationResponseOptions, type
|
|
17054
|
+
export { type ClientIdScheme, type ClientMetadata, type CreateOpenid4vpAuthorizationRequestOptions, type CreateOpenid4vpAuthorizationResponseOptions, type CreateOpenid4vpAuthorizationResponseResult, type CredentialFormat, type JarmClientMetadata, JarmMode, type Openid4vpAuthorizationRequest, type Openid4vpAuthorizationRequestDcApi, type Openid4vpAuthorizationResponse, Openid4vpClient, Openid4vpVerifier, type ParseJarmAuthorizationResponseOptions, type ParseOpenid4vpAuthorizationRequestOptions, type ParseOpenid4vpAuthorizationResponseOptions, type ParseTransactionDataOptions, type ParsedOpenid4vpAuthorizationResponse, type ProofFormat, type ResolveOpenid4vpAuthorizationRequestOptions, type ResolvedOpenid4vpAuthorizationRequest, type SubmitOpenid4vpAuthorizationResponseOptions, type TransactionDataEntry, type ValidateOpenid4VpAuthorizationResponseResult, type ValidateOpenid4VpDcqlAuthorizationResponseResult, type ValidateOpenid4VpPexAuthorizationResponseResult, type ValidateOpenid4vpAuthorizationRequestPayloadOptions, type ValidateOpenid4vpAuthorizationResponseOptions, type VerifyJarmAuthorizationResponseOptions, type WalletMetadata, type WalletVerificationOptions, createOpenid4vpAuthorizationRequest, createOpenid4vpAuthorizationResponse, isJarmResponseMode, isOpenid4vpAuthorizationRequestDcApi, parseDcqlVpToken, parseJarmAuthorizationResponse, parseOpenid4vpAuthorizationRequest, parseOpenid4vpAuthorizationResponse, parsePexVpToken, parseTransactionData, resolveOpenid4vpAuthorizationRequest, submitOpenid4vpAuthorizationResponse, validateOpenid4vpAuthorizationRequestPayload, validateOpenid4vpAuthorizationResponsePayload, verifyJarmAuthorizationResponse, zClientIdScheme, zClientMetadata, zCredentialFormat, zJarmClientMetadata, zOpenid4vpAuthorizationResponse, zProofFormat, zWalletMetadata };
|
package/dist/index.js
CHANGED
|
@@ -38,7 +38,7 @@ __export(src_exports, {
|
|
|
38
38
|
isOpenid4vpAuthorizationRequestDcApi: () => isOpenid4vpAuthorizationRequestDcApi,
|
|
39
39
|
parseDcqlVpToken: () => parseDcqlVpToken,
|
|
40
40
|
parseJarmAuthorizationResponse: () => parseJarmAuthorizationResponse,
|
|
41
|
-
|
|
41
|
+
parseOpenid4vpAuthorizationRequest: () => parseOpenid4vpAuthorizationRequest,
|
|
42
42
|
parseOpenid4vpAuthorizationResponse: () => parseOpenid4vpAuthorizationResponse,
|
|
43
43
|
parsePexVpToken: () => parsePexVpToken,
|
|
44
44
|
parseTransactionData: () => parseTransactionData,
|
|
@@ -412,7 +412,7 @@ var zOpenid4vpAuthorizationRequest = import_zod7.z.object({
|
|
|
412
412
|
client_metadata: zClientMetadata.optional(),
|
|
413
413
|
client_metadata_uri: import_utils5.zHttpsUrl.optional(),
|
|
414
414
|
state: import_zod7.z.string().optional(),
|
|
415
|
-
transaction_data: import_zod7.z.array(import_zod7.z.string()).optional(),
|
|
415
|
+
transaction_data: import_zod7.z.array(import_zod7.z.string().base64url()).optional(),
|
|
416
416
|
trust_chain: import_zod7.z.unknown().optional(),
|
|
417
417
|
client_id_scheme: import_zod7.z.enum([
|
|
418
418
|
"pre-registered",
|
|
@@ -424,6 +424,25 @@ var zOpenid4vpAuthorizationRequest = import_zod7.z.object({
|
|
|
424
424
|
"x509_san_uri"
|
|
425
425
|
]).optional()
|
|
426
426
|
}).passthrough();
|
|
427
|
+
var zStringToJson = import_zod7.z.string().transform((string, ctx) => {
|
|
428
|
+
try {
|
|
429
|
+
return JSON.parse(string);
|
|
430
|
+
} catch (error) {
|
|
431
|
+
ctx.addIssue({
|
|
432
|
+
code: "custom",
|
|
433
|
+
message: "Expected a JSON string, but could not parse the string to JSON"
|
|
434
|
+
});
|
|
435
|
+
return import_zod7.z.NEVER;
|
|
436
|
+
}
|
|
437
|
+
});
|
|
438
|
+
var zOpenid4vpAuthorizationRequestFromUriParams = import_zod7.z.string().url().transform((url) => Object.fromEntries(new import_utils5.URL(url).searchParams)).pipe(
|
|
439
|
+
import_zod7.z.object({
|
|
440
|
+
presentation_definition: zStringToJson.optional(),
|
|
441
|
+
client_metadata: zStringToJson.optional(),
|
|
442
|
+
dcql_query: zStringToJson.optional(),
|
|
443
|
+
transaction_data: zStringToJson.optional()
|
|
444
|
+
}).passthrough()
|
|
445
|
+
);
|
|
427
446
|
|
|
428
447
|
// src/authorization-request/z-authorization-request-dc-api.ts
|
|
429
448
|
var import_zod8 = require("zod");
|
|
@@ -525,7 +544,6 @@ async function createOpenid4vpAuthorizationRequest(options) {
|
|
|
525
544
|
// src/authorization-request/parse-authorization-request-params.ts
|
|
526
545
|
var import_oauth211 = require("@openid4vc/oauth2");
|
|
527
546
|
var import_utils8 = require("@openid4vc/utils");
|
|
528
|
-
var import_utils9 = require("@openid4vc/utils");
|
|
529
547
|
var import_zod10 = __toESM(require("zod"));
|
|
530
548
|
|
|
531
549
|
// src/jar/z-jar-authorization-request.ts
|
|
@@ -559,14 +577,17 @@ function isJarAuthorizationRequest(request) {
|
|
|
559
577
|
}
|
|
560
578
|
|
|
561
579
|
// src/authorization-request/parse-authorization-request-params.ts
|
|
562
|
-
function
|
|
580
|
+
function parseOpenid4vpAuthorizationRequest(options) {
|
|
563
581
|
const { authorizationRequest } = options;
|
|
564
582
|
let provided = "params";
|
|
565
583
|
let params;
|
|
566
584
|
if (typeof authorizationRequest === "string") {
|
|
567
585
|
if (authorizationRequest.includes("://")) {
|
|
568
|
-
|
|
569
|
-
|
|
586
|
+
params = (0, import_utils8.parseWithErrorHandling)(
|
|
587
|
+
zOpenid4vpAuthorizationRequestFromUriParams,
|
|
588
|
+
authorizationRequest,
|
|
589
|
+
"Unable to parse openid4vp authorization request uri to a valid object"
|
|
590
|
+
);
|
|
570
591
|
provided = "uri";
|
|
571
592
|
} else {
|
|
572
593
|
const decoded = (0, import_oauth211.decodeJwt)({ jwt: authorizationRequest });
|
|
@@ -576,7 +597,7 @@ function parseOpenid4vpAuthorizationRequestPayload(options) {
|
|
|
576
597
|
} else {
|
|
577
598
|
params = authorizationRequest;
|
|
578
599
|
}
|
|
579
|
-
const parsedRequest = (0,
|
|
600
|
+
const parsedRequest = (0, import_utils8.parseWithErrorHandling)(
|
|
580
601
|
import_zod10.default.union([zOpenid4vpAuthorizationRequest, zJarAuthorizationRequest, zOpenid4vpAuthorizationRequestDcApi]),
|
|
581
602
|
params
|
|
582
603
|
);
|
|
@@ -603,12 +624,12 @@ function parseOpenid4vpAuthorizationRequestPayload(options) {
|
|
|
603
624
|
|
|
604
625
|
// src/authorization-request/resolve-authorization-request.ts
|
|
605
626
|
var import_oauth219 = require("@openid4vc/oauth2");
|
|
606
|
-
var
|
|
627
|
+
var import_utils13 = require("@openid4vc/utils");
|
|
607
628
|
var import_zod14 = __toESM(require("zod"));
|
|
608
629
|
|
|
609
630
|
// src/client-identifier-scheme/parse-client-identifier-scheme.ts
|
|
610
631
|
var import_oauth213 = require("@openid4vc/oauth2");
|
|
611
|
-
var
|
|
632
|
+
var import_utils9 = require("@openid4vc/utils");
|
|
612
633
|
|
|
613
634
|
// src/version.ts
|
|
614
635
|
var import_oauth212 = require("@openid4vc/oauth2");
|
|
@@ -834,7 +855,7 @@ function parseClientIdentifier(options, parserConfig) {
|
|
|
834
855
|
}
|
|
835
856
|
if (!isOpenid4vpAuthorizationRequestDcApi(authorizationRequestPayload)) {
|
|
836
857
|
const uri = authorizationRequestPayload.redirect_uri ?? authorizationRequestPayload.response_uri;
|
|
837
|
-
if (!uri || new
|
|
858
|
+
if (!uri || new import_utils9.URL(uri).hostname !== identifierPart) {
|
|
838
859
|
throw new import_oauth213.Oauth2ServerErrorResponseError({
|
|
839
860
|
error: import_oauth213.Oauth2ErrorCodes.InvalidRequest,
|
|
840
861
|
error_description: "Invalid client identifier. The fully qualified domain name of the redirect_uri value MUST match the Client Identifier without the prefix x509_san_dns."
|
|
@@ -901,14 +922,14 @@ function parseClientIdentifier(options, parserConfig) {
|
|
|
901
922
|
|
|
902
923
|
// src/fetch-client-metadata.ts
|
|
903
924
|
var import_oauth214 = require("@openid4vc/oauth2");
|
|
904
|
-
var
|
|
925
|
+
var import_utils10 = require("@openid4vc/utils");
|
|
905
926
|
async function fetchClientMetadata(options) {
|
|
906
927
|
const { fetch, clientMetadataUri } = options;
|
|
907
|
-
const fetcher = (0,
|
|
908
|
-
const { result, response } = await fetcher(zClientMetadata,
|
|
928
|
+
const fetcher = (0, import_utils10.createZodFetcher)(fetch);
|
|
929
|
+
const { result, response } = await fetcher(zClientMetadata, import_utils10.ContentType.Json, clientMetadataUri, {
|
|
909
930
|
method: "GET",
|
|
910
931
|
headers: {
|
|
911
|
-
Accept:
|
|
932
|
+
Accept: import_utils10.ContentType.Json
|
|
912
933
|
}
|
|
913
934
|
});
|
|
914
935
|
if (!response.ok) {
|
|
@@ -931,23 +952,23 @@ var import_oauth217 = require("@openid4vc/oauth2");
|
|
|
931
952
|
|
|
932
953
|
// src/jar/jar-request-object/fetch-jar-request-object.ts
|
|
933
954
|
var import_oauth215 = require("@openid4vc/oauth2");
|
|
934
|
-
var
|
|
955
|
+
var import_utils11 = require("@openid4vc/utils");
|
|
935
956
|
var import_zod11 = require("zod");
|
|
936
957
|
async function fetchJarRequestObject(options) {
|
|
937
958
|
const { requestUri, clientIdentifierScheme, method, wallet, fetch } = options;
|
|
938
|
-
const fetcher = (0,
|
|
959
|
+
const fetcher = (0, import_utils11.createZodFetcher)(fetch);
|
|
939
960
|
let requestBody = wallet.metadata ? { wallet_metadata: wallet.metadata, wallet_nonce: wallet.nonce } : void 0;
|
|
940
961
|
if (requestBody?.wallet_metadata?.request_object_signing_alg_values_supported && clientIdentifierScheme === "redirect_uri") {
|
|
941
962
|
const { request_object_signing_alg_values_supported, ...rest } = requestBody.wallet_metadata;
|
|
942
963
|
requestBody = { ...requestBody, wallet_metadata: { ...rest } };
|
|
943
964
|
}
|
|
944
|
-
const { result, response } = await fetcher(import_zod11.z.string(),
|
|
965
|
+
const { result, response } = await fetcher(import_zod11.z.string(), import_utils11.ContentType.OAuthAuthorizationRequestJwt, requestUri, {
|
|
945
966
|
method,
|
|
946
967
|
headers: {
|
|
947
|
-
Accept: `${
|
|
948
|
-
"Content-Type":
|
|
968
|
+
Accept: `${import_utils11.ContentType.OAuthAuthorizationRequestJwt}, ${import_utils11.ContentType.Jwt};q=0.9`,
|
|
969
|
+
"Content-Type": import_utils11.ContentType.XWwwFormUrlencoded
|
|
949
970
|
},
|
|
950
|
-
body: method === "POST" ? (0,
|
|
971
|
+
body: method === "POST" ? (0, import_utils11.objectToQueryParams)(wallet.metadata ?? {}) : void 0
|
|
951
972
|
});
|
|
952
973
|
if (!response.ok) {
|
|
953
974
|
throw new import_oauth215.Oauth2ServerErrorResponseError({
|
|
@@ -1064,7 +1085,7 @@ async function verifyJarRequestObject(options) {
|
|
|
1064
1085
|
|
|
1065
1086
|
// src/transaction-data/parse-transaction-data.ts
|
|
1066
1087
|
var import_oauth218 = require("@openid4vc/oauth2");
|
|
1067
|
-
var
|
|
1088
|
+
var import_utils12 = require("@openid4vc/utils");
|
|
1068
1089
|
|
|
1069
1090
|
// src/transaction-data/z-transaction-data.ts
|
|
1070
1091
|
var import_zod13 = require("zod");
|
|
@@ -1078,7 +1099,7 @@ var zTransactionData = import_zod13.z.array(zTransactionEntry);
|
|
|
1078
1099
|
// src/transaction-data/parse-transaction-data.ts
|
|
1079
1100
|
function parseTransactionData(options) {
|
|
1080
1101
|
const { transactionData } = options;
|
|
1081
|
-
const decoded = transactionData.map((tdEntry) => (0,
|
|
1102
|
+
const decoded = transactionData.map((tdEntry) => (0, import_utils12.parseIfJson)((0, import_utils12.encodeToUtf8String)((0, import_utils12.decodeBase64)(tdEntry))));
|
|
1082
1103
|
const parsedResult = zTransactionData.safeParse(decoded);
|
|
1083
1104
|
if (!parsedResult.success) {
|
|
1084
1105
|
throw new import_oauth218.Oauth2ServerErrorResponseError({
|
|
@@ -1097,7 +1118,7 @@ function parseTransactionData(options) {
|
|
|
1097
1118
|
async function resolveOpenid4vpAuthorizationRequest(options) {
|
|
1098
1119
|
const { wallet, callbacks, origin, disableOriginValidation } = options;
|
|
1099
1120
|
let authorizationRequestPayload;
|
|
1100
|
-
const parsed = (0,
|
|
1121
|
+
const parsed = (0, import_utils13.parseWithErrorHandling)(
|
|
1101
1122
|
import_zod14.default.union([zOpenid4vpAuthorizationRequestDcApi, zOpenid4vpAuthorizationRequest, zJarAuthorizationRequest]),
|
|
1102
1123
|
options.authorizationRequestPayload,
|
|
1103
1124
|
"Invalid authorization request. Could not parse openid4vp authorization request as openid4vp or jar auth request."
|
|
@@ -1105,7 +1126,7 @@ async function resolveOpenid4vpAuthorizationRequest(options) {
|
|
|
1105
1126
|
let jar;
|
|
1106
1127
|
if (isJarAuthorizationRequest(parsed)) {
|
|
1107
1128
|
jar = await verifyJarRequest({ jarRequestParams: parsed, callbacks, wallet });
|
|
1108
|
-
const parsedJarAuthorizationRequestPayload = (0,
|
|
1129
|
+
const parsedJarAuthorizationRequestPayload = (0, import_utils13.parseWithErrorHandling)(
|
|
1109
1130
|
import_zod14.default.union([zOpenid4vpAuthorizationRequestDcApi, zOpenid4vpAuthorizationRequest]),
|
|
1110
1131
|
jar.authorizationRequestParams,
|
|
1111
1132
|
"Invalid authorization request. Could not parse jar request payload as openid4vp auth request."
|
|
@@ -1186,7 +1207,7 @@ function validateOpenId4vpAuthorizationRequestPayload(options) {
|
|
|
1186
1207
|
|
|
1187
1208
|
// src/authorization-response/create-authorization-response.ts
|
|
1188
1209
|
var import_oauth222 = require("@openid4vc/oauth2");
|
|
1189
|
-
var
|
|
1210
|
+
var import_utils14 = require("@openid4vc/utils");
|
|
1190
1211
|
|
|
1191
1212
|
// ../utils/src/date.ts
|
|
1192
1213
|
function addSecondsToDate(date, seconds) {
|
|
@@ -1330,7 +1351,7 @@ async function createOpenid4vpAuthorizationResponse(options) {
|
|
|
1330
1351
|
additionalJwtPayload = {
|
|
1331
1352
|
iss: jarm.authorizationServer,
|
|
1332
1353
|
aud: jarm.audience,
|
|
1333
|
-
exp: jarm.expiresInSeconds ?? (0,
|
|
1354
|
+
exp: jarm.expiresInSeconds ?? (0, import_utils14.dateToSeconds)(addSecondsToDate(/* @__PURE__ */ new Date(), 60 * 10))
|
|
1334
1355
|
// default: 10 minutes
|
|
1335
1356
|
};
|
|
1336
1357
|
}
|
|
@@ -1362,25 +1383,25 @@ async function createOpenid4vpAuthorizationResponse(options) {
|
|
|
1362
1383
|
|
|
1363
1384
|
// src/authorization-response/submit-authorization-response.ts
|
|
1364
1385
|
var import_oauth224 = require("@openid4vc/oauth2");
|
|
1386
|
+
var import_utils16 = require("@openid4vc/utils");
|
|
1365
1387
|
var import_utils17 = require("@openid4vc/utils");
|
|
1366
|
-
var import_utils18 = require("@openid4vc/utils");
|
|
1367
1388
|
|
|
1368
1389
|
// src/jarm/jarm-authorizatino-response-send.ts
|
|
1369
1390
|
var import_oauth223 = require("@openid4vc/oauth2");
|
|
1370
|
-
var
|
|
1391
|
+
var import_utils15 = require("@openid4vc/utils");
|
|
1371
1392
|
var jarmAuthorizationResponseSend = (options) => {
|
|
1372
1393
|
const { authorizationRequestPayload, jarmAuthorizationResponseJwt, callbacks } = options;
|
|
1373
1394
|
const responseEndpoint = authorizationRequestPayload.response_uri ?? authorizationRequestPayload.redirect_uri;
|
|
1374
1395
|
if (!responseEndpoint) {
|
|
1375
1396
|
throw new import_oauth223.Oauth2Error(`Either 'response_uri' or 'redirect_uri' MUST be present in the authorization request`);
|
|
1376
1397
|
}
|
|
1377
|
-
const responseEndpointUrl = new
|
|
1398
|
+
const responseEndpointUrl = new import_utils15.URL(responseEndpoint);
|
|
1378
1399
|
return handleDirectPostJwt(responseEndpointUrl, jarmAuthorizationResponseJwt, callbacks);
|
|
1379
1400
|
};
|
|
1380
1401
|
async function handleDirectPostJwt(responseEndpoint, responseJwt, callbacks) {
|
|
1381
|
-
const response = await (callbacks.fetch ??
|
|
1402
|
+
const response = await (callbacks.fetch ?? import_utils15.defaultFetcher)(responseEndpoint, {
|
|
1382
1403
|
method: "POST",
|
|
1383
|
-
headers: { "Content-Type":
|
|
1404
|
+
headers: { "Content-Type": import_utils15.ContentType.XWwwFormUrlencoded },
|
|
1384
1405
|
body: `response=${responseJwt}`
|
|
1385
1406
|
});
|
|
1386
1407
|
return {
|
|
@@ -1405,13 +1426,13 @@ async function submitOpenid4vpAuthorizationResponse(options) {
|
|
|
1405
1426
|
"Failed to submit OpenId4Vp Authorization Response. No redirect_uri or response_uri provided."
|
|
1406
1427
|
);
|
|
1407
1428
|
}
|
|
1408
|
-
const fetch = callbacks.fetch ??
|
|
1409
|
-
const encodedResponse = (0,
|
|
1429
|
+
const fetch = callbacks.fetch ?? import_utils16.defaultFetcher;
|
|
1430
|
+
const encodedResponse = (0, import_utils17.objectToQueryParams)(authorizationResponsePayload);
|
|
1410
1431
|
const submissionResponse = await fetch(url, {
|
|
1411
1432
|
method: "POST",
|
|
1412
1433
|
body: encodedResponse,
|
|
1413
1434
|
headers: {
|
|
1414
|
-
"Content-Type":
|
|
1435
|
+
"Content-Type": import_utils16.ContentType.XWwwFormUrlencoded
|
|
1415
1436
|
}
|
|
1416
1437
|
});
|
|
1417
1438
|
return {
|
|
@@ -1424,7 +1445,7 @@ async function submitOpenid4vpAuthorizationResponse(options) {
|
|
|
1424
1445
|
var import_oauth225 = require("@openid4vc/oauth2");
|
|
1425
1446
|
|
|
1426
1447
|
// src/vp-token/parse-vp-token.ts
|
|
1427
|
-
var
|
|
1448
|
+
var import_utils18 = require("@openid4vc/utils");
|
|
1428
1449
|
|
|
1429
1450
|
// src/vp-token/z-vp-token.ts
|
|
1430
1451
|
var import_zod16 = require("zod");
|
|
@@ -1444,17 +1465,17 @@ var zVpToken = zVpTokenDcql.or(zVpTokenPex);
|
|
|
1444
1465
|
|
|
1445
1466
|
// src/vp-token/parse-vp-token.ts
|
|
1446
1467
|
function parsePexVpToken(vpToken) {
|
|
1447
|
-
const parsedVpToken = (0,
|
|
1468
|
+
const parsedVpToken = (0, import_utils18.parseWithErrorHandling)(
|
|
1448
1469
|
zVpTokenPex,
|
|
1449
|
-
(0,
|
|
1470
|
+
(0, import_utils18.parseIfJson)(vpToken),
|
|
1450
1471
|
"Could not parse presentation exchange vp_token. Expected a string or an array of strings"
|
|
1451
1472
|
);
|
|
1452
1473
|
return Array.isArray(parsedVpToken) ? parsedVpToken : [parsedVpToken];
|
|
1453
1474
|
}
|
|
1454
1475
|
function parseDcqlVpToken(vpToken) {
|
|
1455
|
-
return (0,
|
|
1476
|
+
return (0, import_utils18.parseWithErrorHandling)(
|
|
1456
1477
|
zVpTokenDcql,
|
|
1457
|
-
(0,
|
|
1478
|
+
(0, import_utils18.parseIfJson)(vpToken),
|
|
1458
1479
|
"Could not parse dcql vp_token. Expected an object where the values are encoded presentations"
|
|
1459
1480
|
);
|
|
1460
1481
|
}
|
|
@@ -1507,7 +1528,7 @@ function validateOpenid4vpAuthorizationResponsePayload(options) {
|
|
|
1507
1528
|
var import_oauth227 = require("@openid4vc/oauth2");
|
|
1508
1529
|
|
|
1509
1530
|
// src/authorization-response/parse-authorization-response-payload.ts
|
|
1510
|
-
var
|
|
1531
|
+
var import_utils19 = require("@openid4vc/utils");
|
|
1511
1532
|
|
|
1512
1533
|
// src/authorization-response/z-authorization-response.ts
|
|
1513
1534
|
var import_zod18 = require("zod");
|
|
@@ -1531,7 +1552,7 @@ var zOpenid4vpAuthorizationResponse = import_zod18.z.object({
|
|
|
1531
1552
|
|
|
1532
1553
|
// src/authorization-response/parse-authorization-response-payload.ts
|
|
1533
1554
|
function parseOpenid4VpAuthorizationResponsePayload(payload) {
|
|
1534
|
-
return (0,
|
|
1555
|
+
return (0, import_utils19.parseWithErrorHandling)(
|
|
1535
1556
|
zOpenid4vpAuthorizationResponse,
|
|
1536
1557
|
payload,
|
|
1537
1558
|
"Failed to parse openid4vp authorization response."
|
|
@@ -1540,11 +1561,11 @@ function parseOpenid4VpAuthorizationResponsePayload(payload) {
|
|
|
1540
1561
|
|
|
1541
1562
|
// src/authorization-response/parse-jarm-authorization-response.ts
|
|
1542
1563
|
var import_oauth226 = require("@openid4vc/oauth2");
|
|
1543
|
-
var
|
|
1564
|
+
var import_utils20 = require("@openid4vc/utils");
|
|
1544
1565
|
var import_zod19 = __toESM(require("zod"));
|
|
1545
1566
|
async function parseJarmAuthorizationResponse(options) {
|
|
1546
1567
|
const { jarmResponseJwt, callbacks, authorizationRequestPayload, expectedClientId } = options;
|
|
1547
|
-
const jarmAuthorizationResponseJwt = (0,
|
|
1568
|
+
const jarmAuthorizationResponseJwt = (0, import_utils20.parseWithErrorHandling)(
|
|
1548
1569
|
import_zod19.default.union([import_oauth226.zCompactJwt, import_oauth226.zCompactJwe]),
|
|
1549
1570
|
jarmResponseJwt,
|
|
1550
1571
|
"Invalid jarm authorization response jwt."
|
|
@@ -1620,8 +1641,8 @@ var Openid4vpClient = class {
|
|
|
1620
1641
|
constructor(options) {
|
|
1621
1642
|
this.options = options;
|
|
1622
1643
|
}
|
|
1623
|
-
|
|
1624
|
-
return
|
|
1644
|
+
parseOpenid4vpAuthorizationRequest(options) {
|
|
1645
|
+
return parseOpenid4vpAuthorizationRequest(options);
|
|
1625
1646
|
}
|
|
1626
1647
|
async resolveOpenId4vpAuthorizationRequest(options) {
|
|
1627
1648
|
return resolveOpenid4vpAuthorizationRequest({ ...options, callbacks: this.options.callbacks });
|
|
@@ -1636,7 +1657,7 @@ var Openid4vpClient = class {
|
|
|
1636
1657
|
|
|
1637
1658
|
// src/transaction-data/verify-transaction-data.ts
|
|
1638
1659
|
var import_oauth228 = require("@openid4vc/oauth2");
|
|
1639
|
-
var
|
|
1660
|
+
var import_utils21 = require("@openid4vc/utils");
|
|
1640
1661
|
async function verifyTransactionData(options) {
|
|
1641
1662
|
const parsedTransactionData = parseTransactionData({
|
|
1642
1663
|
transactionData: options.transactionData
|
|
@@ -1663,7 +1684,7 @@ async function verifyTransactionDataEntry({
|
|
|
1663
1684
|
);
|
|
1664
1685
|
const hashes = {};
|
|
1665
1686
|
for (const alg of supportedAlgs) {
|
|
1666
|
-
hashes[alg] = (0,
|
|
1687
|
+
hashes[alg] = (0, import_utils21.encodeToBase64Url)(await callbacks.hash((0, import_utils21.decodeUtf8String)(entry.encoded), alg));
|
|
1667
1688
|
}
|
|
1668
1689
|
for (const credentialId of entry.transactionData.credential_ids) {
|
|
1669
1690
|
const transactionDataHashesCredential = credentials[credentialId];
|
|
@@ -1708,7 +1729,7 @@ var Openid4vpVerifier = class {
|
|
|
1708
1729
|
return createOpenid4vpAuthorizationRequest({ ...options, callbacks: this.options.callbacks });
|
|
1709
1730
|
}
|
|
1710
1731
|
parseOpenid4vpAuthorizationRequestPayload(options) {
|
|
1711
|
-
return
|
|
1732
|
+
return parseOpenid4vpAuthorizationRequest(options);
|
|
1712
1733
|
}
|
|
1713
1734
|
parseOpenid4vpAuthorizationResponse(options) {
|
|
1714
1735
|
return parseOpenid4vpAuthorizationResponse(options);
|
|
@@ -1758,7 +1779,7 @@ var zWalletMetadata = import_zod22.z.object({
|
|
|
1758
1779
|
isOpenid4vpAuthorizationRequestDcApi,
|
|
1759
1780
|
parseDcqlVpToken,
|
|
1760
1781
|
parseJarmAuthorizationResponse,
|
|
1761
|
-
|
|
1782
|
+
parseOpenid4vpAuthorizationRequest,
|
|
1762
1783
|
parseOpenid4vpAuthorizationResponse,
|
|
1763
1784
|
parsePexVpToken,
|
|
1764
1785
|
parseTransactionData,
|