@openid4vc/openid4vp 0.3.0-alpha-20250401105222 → 0.3.0-alpha-20250404080256
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.d.mts +9 -0
- package/dist/index.d.ts +9 -0
- package/dist/index.js +20 -8
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +20 -8
- package/dist/index.mjs.map +1 -1
- package/package.json +3 -3
package/dist/index.mjs
CHANGED
|
@@ -1392,11 +1392,17 @@ function jarmAssertMetadataSupported(options) {
|
|
|
1392
1392
|
|
|
1393
1393
|
// src/authorization-response/create-authorization-response.ts
|
|
1394
1394
|
async function createOpenid4vpAuthorizationResponse(options) {
|
|
1395
|
-
const { authorizationRequestPayload, jarm, callbacks } = options;
|
|
1395
|
+
const { authorizationRequestPayload, jarm, callbacks, origin } = options;
|
|
1396
1396
|
const authorizationResponsePayload = {
|
|
1397
1397
|
...options.authorizationResponsePayload,
|
|
1398
1398
|
state: authorizationRequestPayload.state
|
|
1399
1399
|
};
|
|
1400
|
+
const { clientIdScheme } = getOpenid4vpClientId({
|
|
1401
|
+
responseMode: authorizationRequestPayload.response_mode,
|
|
1402
|
+
clientId: authorizationRequestPayload.client_id,
|
|
1403
|
+
legacyClientIdScheme: authorizationRequestPayload.client_id_scheme,
|
|
1404
|
+
origin
|
|
1405
|
+
});
|
|
1400
1406
|
if (authorizationRequestPayload.response_mode && isJarmResponseMode(authorizationRequestPayload.response_mode) && !jarm) {
|
|
1401
1407
|
throw new Oauth2Error8(
|
|
1402
1408
|
`Missing jarm options for creating Jarm response with response mode '${authorizationRequestPayload.response_mode}'`
|
|
@@ -1407,14 +1413,20 @@ async function createOpenid4vpAuthorizationResponse(options) {
|
|
|
1407
1413
|
authorizationResponsePayload
|
|
1408
1414
|
};
|
|
1409
1415
|
}
|
|
1410
|
-
if (!
|
|
1416
|
+
if (clientIdScheme === "https" && !options.clientMetadata) {
|
|
1417
|
+
throw new Oauth2Error8(
|
|
1418
|
+
"When OpenID Federation is used as the client id scheme (https), passing externally fetched and verified 'clientMetadata' to the 'createOpenid4vpAuthorizationResponse' is required."
|
|
1419
|
+
);
|
|
1420
|
+
}
|
|
1421
|
+
const clientMetadata = options.clientMetadata ?? authorizationRequestPayload.client_metadata;
|
|
1422
|
+
if (!clientMetadata) {
|
|
1411
1423
|
throw new Oauth2Error8("Missing client metadata in the request params to assert Jarm metadata support.");
|
|
1412
1424
|
}
|
|
1413
1425
|
let jwks;
|
|
1414
|
-
if (
|
|
1415
|
-
jwks =
|
|
1416
|
-
} else if (
|
|
1417
|
-
jwks = await fetchJwks(
|
|
1426
|
+
if (clientMetadata.jwks) {
|
|
1427
|
+
jwks = clientMetadata.jwks;
|
|
1428
|
+
} else if (clientMetadata.jwks_uri) {
|
|
1429
|
+
jwks = await fetchJwks(clientMetadata.jwks_uri, options.callbacks.fetch);
|
|
1418
1430
|
} else {
|
|
1419
1431
|
throw new Oauth2ServerErrorResponseError11({
|
|
1420
1432
|
error: Oauth2ErrorCodes10.InvalidRequest,
|
|
@@ -1422,11 +1434,11 @@ async function createOpenid4vpAuthorizationResponse(options) {
|
|
|
1422
1434
|
});
|
|
1423
1435
|
}
|
|
1424
1436
|
const supportedJarmMetadata = jarmAssertMetadataSupported({
|
|
1425
|
-
clientMetadata
|
|
1437
|
+
clientMetadata,
|
|
1426
1438
|
serverMetadata: jarm.serverMetadata
|
|
1427
1439
|
});
|
|
1428
1440
|
const clientMetaJwks = extractJwksFromClientMetadata({
|
|
1429
|
-
...
|
|
1441
|
+
...clientMetadata,
|
|
1430
1442
|
jwks
|
|
1431
1443
|
});
|
|
1432
1444
|
if (!clientMetaJwks?.encJwk) {
|