@openid4vc/openid4vp 0.3.0-alpha-20251107132439 → 0.3.0-alpha-20251110130103
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.cjs +11 -1
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +13 -1
- package/dist/index.d.mts +13 -1
- package/dist/index.mjs +11 -2
- package/dist/index.mjs.map +1 -1
- package/package.json +3 -3
package/dist/index.cjs
CHANGED
|
@@ -397,6 +397,12 @@ function parseOpenid4vpAuthorizationRequest(options) {
|
|
|
397
397
|
};
|
|
398
398
|
}
|
|
399
399
|
|
|
400
|
+
//#endregion
|
|
401
|
+
//#region src/client-identifier-prefix/x509-hash.ts
|
|
402
|
+
async function calculateX509HashClientIdPrefixValue({ x509Certificate, hash }) {
|
|
403
|
+
return (0, __openid4vc_utils.encodeToBase64Url)(await hash(typeof x509Certificate === "string" ? (0, __openid4vc_utils.decodeBase64)(x509Certificate) : x509Certificate, __openid4vc_oauth2.HashAlgorithm.Sha256));
|
|
404
|
+
}
|
|
405
|
+
|
|
400
406
|
//#endregion
|
|
401
407
|
//#region src/client-identifier-prefix/z-client-id-prefix.ts
|
|
402
408
|
const zClientIdPrefix = zod.z.enum([
|
|
@@ -656,7 +662,10 @@ async function validateOpenid4vpClientId(options, parserConfig) {
|
|
|
656
662
|
});
|
|
657
663
|
}
|
|
658
664
|
} else if (clientIdPrefix === "x509_hash") {
|
|
659
|
-
const x509Hash =
|
|
665
|
+
const x509Hash = await calculateX509HashClientIdPrefixValue({
|
|
666
|
+
hash: options.callbacks.hash,
|
|
667
|
+
x509Certificate: jar.signer.x5c[0]
|
|
668
|
+
});
|
|
660
669
|
if (x509Hash !== clientIdIdentifier) throw new __openid4vc_oauth2.Oauth2ServerErrorResponseError({
|
|
661
670
|
error: __openid4vc_oauth2.Oauth2ErrorCodes.InvalidRequest,
|
|
662
671
|
error_description: `Invalid client identifier. Expected the base64url encoded sha-256 hash of the leaf x5c certificate ('${x509Hash}') to match the client identifier '${clientIdIdentifier}'.`
|
|
@@ -1717,6 +1726,7 @@ var Openid4vpVerifier = class {
|
|
|
1717
1726
|
exports.JarmMode = JarmMode;
|
|
1718
1727
|
exports.Openid4vpClient = Openid4vpClient;
|
|
1719
1728
|
exports.Openid4vpVerifier = Openid4vpVerifier;
|
|
1729
|
+
exports.calculateX509HashClientIdPrefixValue = calculateX509HashClientIdPrefixValue;
|
|
1720
1730
|
exports.createOpenid4vpAuthorizationRequest = createOpenid4vpAuthorizationRequest;
|
|
1721
1731
|
exports.createOpenid4vpAuthorizationResponse = createOpenid4vpAuthorizationResponse;
|
|
1722
1732
|
exports.extractEncryptionJwkFromJwks = extractEncryptionJwkFromJwks;
|