@openid4vc/openid4vp 0.3.0-alpha-20250401105222 → 0.3.0-alpha-20250404180231
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.d.mts +9 -0
- package/dist/index.d.ts +9 -0
- package/dist/index.js +21 -12
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +21 -12
- package/dist/index.mjs.map +1 -1
- package/package.json +3 -3
package/dist/index.mjs
CHANGED
|
@@ -939,15 +939,12 @@ function parseAuthorizationRequestVersion(request) {
|
|
|
939
939
|
requirements.push(["<", 23]);
|
|
940
940
|
requirements.push([">=", 21]);
|
|
941
941
|
}
|
|
942
|
-
if (isOpenid4vpAuthorizationRequestDcApi(request) && request.response_mode === "dc_api" || request.response_mode === "dc_api.jwt") {
|
|
942
|
+
if (isOpenid4vpAuthorizationRequestDcApi(request) && (request.response_mode === "dc_api" || request.response_mode === "dc_api.jwt")) {
|
|
943
943
|
requirements.push([">=", 23]);
|
|
944
944
|
}
|
|
945
945
|
if (isOpenid4vpAuthorizationRequestDcApi(request) && (request.transaction_data || request.dcql_query)) {
|
|
946
946
|
requirements.push([">=", 23]);
|
|
947
947
|
}
|
|
948
|
-
if (request.dcql_query) {
|
|
949
|
-
requirements.push([">=", 22]);
|
|
950
|
-
}
|
|
951
948
|
if (request.transaction_data) {
|
|
952
949
|
requirements.push([">=", 22]);
|
|
953
950
|
}
|
|
@@ -1392,11 +1389,17 @@ function jarmAssertMetadataSupported(options) {
|
|
|
1392
1389
|
|
|
1393
1390
|
// src/authorization-response/create-authorization-response.ts
|
|
1394
1391
|
async function createOpenid4vpAuthorizationResponse(options) {
|
|
1395
|
-
const { authorizationRequestPayload, jarm, callbacks } = options;
|
|
1392
|
+
const { authorizationRequestPayload, jarm, callbacks, origin } = options;
|
|
1396
1393
|
const authorizationResponsePayload = {
|
|
1397
1394
|
...options.authorizationResponsePayload,
|
|
1398
1395
|
state: authorizationRequestPayload.state
|
|
1399
1396
|
};
|
|
1397
|
+
const { clientIdScheme } = getOpenid4vpClientId({
|
|
1398
|
+
responseMode: authorizationRequestPayload.response_mode,
|
|
1399
|
+
clientId: authorizationRequestPayload.client_id,
|
|
1400
|
+
legacyClientIdScheme: authorizationRequestPayload.client_id_scheme,
|
|
1401
|
+
origin
|
|
1402
|
+
});
|
|
1400
1403
|
if (authorizationRequestPayload.response_mode && isJarmResponseMode(authorizationRequestPayload.response_mode) && !jarm) {
|
|
1401
1404
|
throw new Oauth2Error8(
|
|
1402
1405
|
`Missing jarm options for creating Jarm response with response mode '${authorizationRequestPayload.response_mode}'`
|
|
@@ -1407,14 +1410,20 @@ async function createOpenid4vpAuthorizationResponse(options) {
|
|
|
1407
1410
|
authorizationResponsePayload
|
|
1408
1411
|
};
|
|
1409
1412
|
}
|
|
1410
|
-
if (!
|
|
1413
|
+
if (clientIdScheme === "https" && !options.clientMetadata) {
|
|
1414
|
+
throw new Oauth2Error8(
|
|
1415
|
+
"When OpenID Federation is used as the client id scheme (https), passing externally fetched and verified 'clientMetadata' to the 'createOpenid4vpAuthorizationResponse' is required."
|
|
1416
|
+
);
|
|
1417
|
+
}
|
|
1418
|
+
const clientMetadata = options.clientMetadata ?? authorizationRequestPayload.client_metadata;
|
|
1419
|
+
if (!clientMetadata) {
|
|
1411
1420
|
throw new Oauth2Error8("Missing client metadata in the request params to assert Jarm metadata support.");
|
|
1412
1421
|
}
|
|
1413
1422
|
let jwks;
|
|
1414
|
-
if (
|
|
1415
|
-
jwks =
|
|
1416
|
-
} else if (
|
|
1417
|
-
jwks = await fetchJwks(
|
|
1423
|
+
if (clientMetadata.jwks) {
|
|
1424
|
+
jwks = clientMetadata.jwks;
|
|
1425
|
+
} else if (clientMetadata.jwks_uri) {
|
|
1426
|
+
jwks = await fetchJwks(clientMetadata.jwks_uri, options.callbacks.fetch);
|
|
1418
1427
|
} else {
|
|
1419
1428
|
throw new Oauth2ServerErrorResponseError11({
|
|
1420
1429
|
error: Oauth2ErrorCodes10.InvalidRequest,
|
|
@@ -1422,11 +1431,11 @@ async function createOpenid4vpAuthorizationResponse(options) {
|
|
|
1422
1431
|
});
|
|
1423
1432
|
}
|
|
1424
1433
|
const supportedJarmMetadata = jarmAssertMetadataSupported({
|
|
1425
|
-
clientMetadata
|
|
1434
|
+
clientMetadata,
|
|
1426
1435
|
serverMetadata: jarm.serverMetadata
|
|
1427
1436
|
});
|
|
1428
1437
|
const clientMetaJwks = extractJwksFromClientMetadata({
|
|
1429
|
-
...
|
|
1438
|
+
...clientMetadata,
|
|
1430
1439
|
jwks
|
|
1431
1440
|
});
|
|
1432
1441
|
if (!clientMetaJwks?.encJwk) {
|