npm - @openid4vc/openid4vp - Versions diffs - 0.3.0-alpha-20250713104548 → 0.3.0-alpha-20250713140735 - Mend

@openid4vc/openid4vp 0.3.0-alpha-20250713104548 → 0.3.0-alpha-20250713140735

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/index.d.mts CHANGED Viewed

@@ -11687,6 +11687,14 @@ declare const zClientMetadata: z.ZodObject<{
 }, z.ZodTypeAny, "passthrough">>;
 type ClientMetadata = z.infer<typeof zClientMetadata>;
+/**
+ * The Openid4vpVersionNumber
+ *
+ * 100 means 1.0 final, all others are draft versions
+ */
+type Openid4vpVersionNumber = 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 100;
+declare function parseAuthorizationRequestVersion(request: Openid4vpAuthorizationRequest | Openid4vpAuthorizationRequestDcApi): Openid4vpVersionNumber;
 declare const zClientIdPrefix: z.ZodEnum<["pre-registered", "redirect_uri", "verifier_attestation", "https", "openid_federation", "did", "decentralized_identifier", "x509_san_uri", "x509_hash", "x509_san_dns", "origin", "web-origin"]>;
 declare const zUniformClientIdPrefix: z.ZodEnum<["pre-registered", "redirect_uri", "verifier_attestation", "openid_federation", "decentralized_identifier", "x509_san_uri", "x509_hash", "x509_san_dns", "origin"]>;
 type ClientIdPrefix = z.infer<typeof zClientIdPrefix>;
@@ -11753,6 +11761,15 @@ interface GetOpenid4vpClientIdOptions {
     legacyClientIdScheme?: unknown;
     responseMode: unknown;
     origin?: string;
+    /**
+     * The version of OpenID4VP used.
+     *
+     * Currently it is only used for:
+     * - determining whether effective client id is `origin:` or `web-origin:` when DC API is used.
+     *
+     * When no version is provided, it is assumed version 1.0 (100) is used.
+     */
+    version?: Openid4vpVersionNumber;
 }
 /**
  * Get the client id for an authorization request based on the response_mode, client_id, client_id_scheme and origin values.
@@ -12573,14 +12590,6 @@ declare const zJarmClientMetadata: z.ZodObject<{
 }>;
 type JarmClientMetadata = z.infer<typeof zJarmClientMetadata>;
-/**
- * The Openid4vpVersionNumber
- *
- * 100 means 1.0 final, all others are draft versions
- */
-type Openid4vpVersionNumber = 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 100;
-declare function parseAuthorizationRequestVersion(request: Openid4vpAuthorizationRequest | Openid4vpAuthorizationRequestDcApi): Openid4vpVersionNumber;
 interface CreateJarAuthorizationRequestOptions {
     authorizationRequestPayload: JwtPayload & {
         client_id?: string;

package/dist/index.d.ts CHANGED Viewed

@@ -11687,6 +11687,14 @@ declare const zClientMetadata: z.ZodObject<{
 }, z.ZodTypeAny, "passthrough">>;
 type ClientMetadata = z.infer<typeof zClientMetadata>;
+/**
+ * The Openid4vpVersionNumber
+ *
+ * 100 means 1.0 final, all others are draft versions
+ */
+type Openid4vpVersionNumber = 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 100;
+declare function parseAuthorizationRequestVersion(request: Openid4vpAuthorizationRequest | Openid4vpAuthorizationRequestDcApi): Openid4vpVersionNumber;
 declare const zClientIdPrefix: z.ZodEnum<["pre-registered", "redirect_uri", "verifier_attestation", "https", "openid_federation", "did", "decentralized_identifier", "x509_san_uri", "x509_hash", "x509_san_dns", "origin", "web-origin"]>;
 declare const zUniformClientIdPrefix: z.ZodEnum<["pre-registered", "redirect_uri", "verifier_attestation", "openid_federation", "decentralized_identifier", "x509_san_uri", "x509_hash", "x509_san_dns", "origin"]>;
 type ClientIdPrefix = z.infer<typeof zClientIdPrefix>;
@@ -11753,6 +11761,15 @@ interface GetOpenid4vpClientIdOptions {
     legacyClientIdScheme?: unknown;
     responseMode: unknown;
     origin?: string;
+    /**
+     * The version of OpenID4VP used.
+     *
+     * Currently it is only used for:
+     * - determining whether effective client id is `origin:` or `web-origin:` when DC API is used.
+     *
+     * When no version is provided, it is assumed version 1.0 (100) is used.
+     */
+    version?: Openid4vpVersionNumber;
 }
 /**
  * Get the client id for an authorization request based on the response_mode, client_id, client_id_scheme and origin values.
@@ -12573,14 +12590,6 @@ declare const zJarmClientMetadata: z.ZodObject<{
 }>;
 type JarmClientMetadata = z.infer<typeof zJarmClientMetadata>;
-/**
- * The Openid4vpVersionNumber
- *
- * 100 means 1.0 final, all others are draft versions
- */
-type Openid4vpVersionNumber = 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 100;
-declare function parseAuthorizationRequestVersion(request: Openid4vpAuthorizationRequest | Openid4vpAuthorizationRequestDcApi): Openid4vpVersionNumber;
 interface CreateJarAuthorizationRequestOptions {
     authorizationRequestPayload: JwtPayload & {
         client_id?: string;

package/dist/index.js CHANGED Viewed

@@ -350,6 +350,7 @@ function getOpenid4vpClientId(options) {
   const original = {
     clientId: options.clientId
   };
+  const version = options.version ?? 100;
   if (isOpenid4vpResponseModeDcApi(options.responseMode)) {
     if (!options.clientId) {
       if (!options.origin) {
@@ -362,10 +363,7 @@ function getOpenid4vpClientId(options) {
         clientIdPrefix: "origin",
         effectiveClientIdPrefix: "origin",
         clientIdIdentifier: options.origin,
-        // FIXME: draft 24 uses web-origin, draft 25+ uses origin
-        // But it's not really possible to know which one to use as the
-        // 'effective' client id. Defaulting to origin: since that's newer
-        effectiveClientId: `origin:${options.origin}`,
+        effectiveClientId: version >= 25 ? `origin:${options.origin}` : `web-origin:${options.origin}`,
         original
       };
     }
@@ -813,10 +811,10 @@ function parseAuthorizationRequestVersion(request) {
   if (request.client_metadata?.vp_formats_supported?.mso_mdoc?.issuer_signed_alg_values || request.client_metadata?.vp_formats_supported?.mso_mdoc?.device_signed_alg_values) {
     requirements.push(["<", 28]);
   }
-  if (request.client_metadata?.vp_formats) {
+  if (request.client_metadata?.vp_formats_supported) {
     requirements.push([">=", 27]);
   }
-  if (request.client_metadata?.vp_formats_supported) {
+  if (request.client_metadata?.vp_formats) {
     requirements.push(["<", 27]);
   }
   if (request.client_id?.startsWith("openid_federation:") || request.client_id?.startsWith("decentralized_identifier:")) {
@@ -1457,6 +1455,7 @@ async function resolveOpenid4vpAuthorizationRequest(options) {
       disableOriginValidation
     });
   }
+  const version = parseAuthorizationRequestVersion(authorizationRequestPayload);
   let clientMetadata = authorizationRequestPayload.client_metadata;
   if (!isOpenid4vpAuthorizationRequestDcApi(authorizationRequestPayload) && !clientMetadata && authorizationRequestPayload.client_metadata_uri) {
     clientMetadata = await fetchClientMetadata({ clientMetadataUri: authorizationRequestPayload.client_metadata_uri });
@@ -1468,7 +1467,8 @@ async function resolveOpenid4vpAuthorizationRequest(options) {
     },
     jar,
     callbacks,
-    origin
+    origin,
+    version
   });
   let pex;
   let dcql;
@@ -1495,7 +1495,7 @@ async function resolveOpenid4vpAuthorizationRequest(options) {
     client: clientMeta,
     pex,
     dcql,
-    version: parseAuthorizationRequestVersion(authorizationRequestPayload)
+    version
   };
 }
 function validateOpenId4vpAuthorizationRequestPayload(options) {