@openid4vc/openid4vp 0.3.0-alpha-20251107132439 → 0.3.0-alpha-20251110130103
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.cjs +11 -1
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +13 -1
- package/dist/index.d.mts +13 -1
- package/dist/index.mjs +11 -2
- package/dist/index.mjs.map +1 -1
- package/package.json +3 -3
package/dist/index.d.cts
CHANGED
|
@@ -1693,6 +1693,18 @@ interface ValidateOpenid4vpAuthorizationResponseOptions {
|
|
|
1693
1693
|
*/
|
|
1694
1694
|
declare function validateOpenid4vpAuthorizationResponsePayload(options: ValidateOpenid4vpAuthorizationResponseOptions): ValidateOpenid4VpAuthorizationResponseResult;
|
|
1695
1695
|
//#endregion
|
|
1696
|
+
//#region src/client-identifier-prefix/x509-hash.d.ts
|
|
1697
|
+
declare function calculateX509HashClientIdPrefixValue({
|
|
1698
|
+
x509Certificate,
|
|
1699
|
+
hash
|
|
1700
|
+
}: {
|
|
1701
|
+
/**
|
|
1702
|
+
* DER encoded x509 certificate. Either encoded as base64 or directly as Uint8Array
|
|
1703
|
+
*/
|
|
1704
|
+
x509Certificate: string | Uint8Array;
|
|
1705
|
+
hash: CallbackContext['hash'];
|
|
1706
|
+
}): Promise<string>;
|
|
1707
|
+
//#endregion
|
|
1696
1708
|
//#region src/jarm/jarm-extract-jwks.d.ts
|
|
1697
1709
|
declare function extractEncryptionJwkFromJwks(jwks: JwkSet, {
|
|
1698
1710
|
kid,
|
|
@@ -2569,5 +2581,5 @@ declare class Openid4vpVerifier {
|
|
|
2569
2581
|
declare function parsePexVpToken(vpToken: unknown): [VpTokenPresentationEntry, ...VpTokenPresentationEntry[]];
|
|
2570
2582
|
declare function parseDcqlVpToken(vpToken: unknown): Record<string, [VpTokenPresentationEntry, ...VpTokenPresentationEntry[]]>;
|
|
2571
2583
|
//#endregion
|
|
2572
|
-
export { type ClientIdPrefix, type ClientMetadata, type CreateOpenid4vpAuthorizationRequestOptions, type CreateOpenid4vpAuthorizationResponseOptions, type CreateOpenid4vpAuthorizationResponseResult, type CredentialFormat, type GetOpenid4vpClientIdOptions, type JarmClientMetadata, JarmMode, type Openid4vpAuthorizationRequest, type Openid4vpAuthorizationRequestDcApi, type Openid4vpAuthorizationResponse, Openid4vpClient, Openid4vpVerifier, type Openid4vpVersionNumber, type ParseJarmAuthorizationResponseOptions, type ParseOpenid4vpAuthorizationRequestOptions, type ParseOpenid4vpAuthorizationResponseOptions, type ParseTransactionDataOptions, type ParsedOpenid4vpAuthorizationResponse, type ProofFormat, type ResolveOpenid4vpAuthorizationRequestOptions, type ResolvedOpenid4vpAuthorizationRequest, type SubmitOpenid4vpAuthorizationResponseOptions, type TransactionDataEntry, type TransactionDataHashesCredentials, type ValidateOpenid4VpAuthorizationResponseResult, type ValidateOpenid4VpDcqlAuthorizationResponseResult, type ValidateOpenid4VpPexAuthorizationResponseResult, type ValidateOpenid4vpAuthorizationRequestPayloadOptions, type ValidateOpenid4vpAuthorizationResponseOptions, type VerifiedTransactionDataEntry, type VerifierAttestation, type VerifierAttestations, type VerifyJarmAuthorizationResponseOptions, type VerifyTransactionDataOptions, type VpToken, type VpTokenDcql, type VpTokenPex, type VpTokenPresentationEntry, type WalletMetadata, type WalletVerificationOptions, createOpenid4vpAuthorizationRequest, createOpenid4vpAuthorizationResponse, extractEncryptionJwkFromJwks, getOpenid4vpClientId, isJarmResponseMode, isOpenid4vpAuthorizationRequestDcApi, parseAuthorizationRequestVersion, parseDcqlVpToken, parseJarmAuthorizationResponse, parseOpenid4VpAuthorizationResponsePayload, parseOpenid4vpAuthorizationRequest, parseOpenid4vpAuthorizationResponse, parsePexVpToken, parseTransactionData, resolveOpenid4vpAuthorizationRequest, submitOpenid4vpAuthorizationResponse, validateOpenid4vpAuthorizationRequestPayload, validateOpenid4vpAuthorizationResponsePayload, verifyJarmAuthorizationResponse, zClientIdPrefix, zClientMetadata, zCredentialFormat, zJarmClientMetadata, zOpenid4vpAuthorizationResponse, zProofFormat, zVerifierAttestations, zWalletMetadata };
|
|
2584
|
+
export { type ClientIdPrefix, type ClientMetadata, type CreateOpenid4vpAuthorizationRequestOptions, type CreateOpenid4vpAuthorizationResponseOptions, type CreateOpenid4vpAuthorizationResponseResult, type CredentialFormat, type GetOpenid4vpClientIdOptions, type JarmClientMetadata, JarmMode, type Openid4vpAuthorizationRequest, type Openid4vpAuthorizationRequestDcApi, type Openid4vpAuthorizationResponse, Openid4vpClient, Openid4vpVerifier, type Openid4vpVersionNumber, type ParseJarmAuthorizationResponseOptions, type ParseOpenid4vpAuthorizationRequestOptions, type ParseOpenid4vpAuthorizationResponseOptions, type ParseTransactionDataOptions, type ParsedOpenid4vpAuthorizationResponse, type ProofFormat, type ResolveOpenid4vpAuthorizationRequestOptions, type ResolvedOpenid4vpAuthorizationRequest, type SubmitOpenid4vpAuthorizationResponseOptions, type TransactionDataEntry, type TransactionDataHashesCredentials, type ValidateOpenid4VpAuthorizationResponseResult, type ValidateOpenid4VpDcqlAuthorizationResponseResult, type ValidateOpenid4VpPexAuthorizationResponseResult, type ValidateOpenid4vpAuthorizationRequestPayloadOptions, type ValidateOpenid4vpAuthorizationResponseOptions, type VerifiedTransactionDataEntry, type VerifierAttestation, type VerifierAttestations, type VerifyJarmAuthorizationResponseOptions, type VerifyTransactionDataOptions, type VpToken, type VpTokenDcql, type VpTokenPex, type VpTokenPresentationEntry, type WalletMetadata, type WalletVerificationOptions, calculateX509HashClientIdPrefixValue, createOpenid4vpAuthorizationRequest, createOpenid4vpAuthorizationResponse, extractEncryptionJwkFromJwks, getOpenid4vpClientId, isJarmResponseMode, isOpenid4vpAuthorizationRequestDcApi, parseAuthorizationRequestVersion, parseDcqlVpToken, parseJarmAuthorizationResponse, parseOpenid4VpAuthorizationResponsePayload, parseOpenid4vpAuthorizationRequest, parseOpenid4vpAuthorizationResponse, parsePexVpToken, parseTransactionData, resolveOpenid4vpAuthorizationRequest, submitOpenid4vpAuthorizationResponse, validateOpenid4vpAuthorizationRequestPayload, validateOpenid4vpAuthorizationResponsePayload, verifyJarmAuthorizationResponse, zClientIdPrefix, zClientMetadata, zCredentialFormat, zJarmClientMetadata, zOpenid4vpAuthorizationResponse, zProofFormat, zVerifierAttestations, zWalletMetadata };
|
|
2573
2585
|
//# sourceMappingURL=index.d.cts.map
|
package/dist/index.d.mts
CHANGED
|
@@ -1693,6 +1693,18 @@ interface ValidateOpenid4vpAuthorizationResponseOptions {
|
|
|
1693
1693
|
*/
|
|
1694
1694
|
declare function validateOpenid4vpAuthorizationResponsePayload(options: ValidateOpenid4vpAuthorizationResponseOptions): ValidateOpenid4VpAuthorizationResponseResult;
|
|
1695
1695
|
//#endregion
|
|
1696
|
+
//#region src/client-identifier-prefix/x509-hash.d.ts
|
|
1697
|
+
declare function calculateX509HashClientIdPrefixValue({
|
|
1698
|
+
x509Certificate,
|
|
1699
|
+
hash
|
|
1700
|
+
}: {
|
|
1701
|
+
/**
|
|
1702
|
+
* DER encoded x509 certificate. Either encoded as base64 or directly as Uint8Array
|
|
1703
|
+
*/
|
|
1704
|
+
x509Certificate: string | Uint8Array;
|
|
1705
|
+
hash: CallbackContext['hash'];
|
|
1706
|
+
}): Promise<string>;
|
|
1707
|
+
//#endregion
|
|
1696
1708
|
//#region src/jarm/jarm-extract-jwks.d.ts
|
|
1697
1709
|
declare function extractEncryptionJwkFromJwks(jwks: JwkSet, {
|
|
1698
1710
|
kid,
|
|
@@ -2569,5 +2581,5 @@ declare class Openid4vpVerifier {
|
|
|
2569
2581
|
declare function parsePexVpToken(vpToken: unknown): [VpTokenPresentationEntry, ...VpTokenPresentationEntry[]];
|
|
2570
2582
|
declare function parseDcqlVpToken(vpToken: unknown): Record<string, [VpTokenPresentationEntry, ...VpTokenPresentationEntry[]]>;
|
|
2571
2583
|
//#endregion
|
|
2572
|
-
export { type ClientIdPrefix, type ClientMetadata, type CreateOpenid4vpAuthorizationRequestOptions, type CreateOpenid4vpAuthorizationResponseOptions, type CreateOpenid4vpAuthorizationResponseResult, type CredentialFormat, type GetOpenid4vpClientIdOptions, type JarmClientMetadata, JarmMode, type Openid4vpAuthorizationRequest, type Openid4vpAuthorizationRequestDcApi, type Openid4vpAuthorizationResponse, Openid4vpClient, Openid4vpVerifier, type Openid4vpVersionNumber, type ParseJarmAuthorizationResponseOptions, type ParseOpenid4vpAuthorizationRequestOptions, type ParseOpenid4vpAuthorizationResponseOptions, type ParseTransactionDataOptions, type ParsedOpenid4vpAuthorizationResponse, type ProofFormat, type ResolveOpenid4vpAuthorizationRequestOptions, type ResolvedOpenid4vpAuthorizationRequest, type SubmitOpenid4vpAuthorizationResponseOptions, type TransactionDataEntry, type TransactionDataHashesCredentials, type ValidateOpenid4VpAuthorizationResponseResult, type ValidateOpenid4VpDcqlAuthorizationResponseResult, type ValidateOpenid4VpPexAuthorizationResponseResult, type ValidateOpenid4vpAuthorizationRequestPayloadOptions, type ValidateOpenid4vpAuthorizationResponseOptions, type VerifiedTransactionDataEntry, type VerifierAttestation, type VerifierAttestations, type VerifyJarmAuthorizationResponseOptions, type VerifyTransactionDataOptions, type VpToken, type VpTokenDcql, type VpTokenPex, type VpTokenPresentationEntry, type WalletMetadata, type WalletVerificationOptions, createOpenid4vpAuthorizationRequest, createOpenid4vpAuthorizationResponse, extractEncryptionJwkFromJwks, getOpenid4vpClientId, isJarmResponseMode, isOpenid4vpAuthorizationRequestDcApi, parseAuthorizationRequestVersion, parseDcqlVpToken, parseJarmAuthorizationResponse, parseOpenid4VpAuthorizationResponsePayload, parseOpenid4vpAuthorizationRequest, parseOpenid4vpAuthorizationResponse, parsePexVpToken, parseTransactionData, resolveOpenid4vpAuthorizationRequest, submitOpenid4vpAuthorizationResponse, validateOpenid4vpAuthorizationRequestPayload, validateOpenid4vpAuthorizationResponsePayload, verifyJarmAuthorizationResponse, zClientIdPrefix, zClientMetadata, zCredentialFormat, zJarmClientMetadata, zOpenid4vpAuthorizationResponse, zProofFormat, zVerifierAttestations, zWalletMetadata };
|
|
2584
|
+
export { type ClientIdPrefix, type ClientMetadata, type CreateOpenid4vpAuthorizationRequestOptions, type CreateOpenid4vpAuthorizationResponseOptions, type CreateOpenid4vpAuthorizationResponseResult, type CredentialFormat, type GetOpenid4vpClientIdOptions, type JarmClientMetadata, JarmMode, type Openid4vpAuthorizationRequest, type Openid4vpAuthorizationRequestDcApi, type Openid4vpAuthorizationResponse, Openid4vpClient, Openid4vpVerifier, type Openid4vpVersionNumber, type ParseJarmAuthorizationResponseOptions, type ParseOpenid4vpAuthorizationRequestOptions, type ParseOpenid4vpAuthorizationResponseOptions, type ParseTransactionDataOptions, type ParsedOpenid4vpAuthorizationResponse, type ProofFormat, type ResolveOpenid4vpAuthorizationRequestOptions, type ResolvedOpenid4vpAuthorizationRequest, type SubmitOpenid4vpAuthorizationResponseOptions, type TransactionDataEntry, type TransactionDataHashesCredentials, type ValidateOpenid4VpAuthorizationResponseResult, type ValidateOpenid4VpDcqlAuthorizationResponseResult, type ValidateOpenid4VpPexAuthorizationResponseResult, type ValidateOpenid4vpAuthorizationRequestPayloadOptions, type ValidateOpenid4vpAuthorizationResponseOptions, type VerifiedTransactionDataEntry, type VerifierAttestation, type VerifierAttestations, type VerifyJarmAuthorizationResponseOptions, type VerifyTransactionDataOptions, type VpToken, type VpTokenDcql, type VpTokenPex, type VpTokenPresentationEntry, type WalletMetadata, type WalletVerificationOptions, calculateX509HashClientIdPrefixValue, createOpenid4vpAuthorizationRequest, createOpenid4vpAuthorizationResponse, extractEncryptionJwkFromJwks, getOpenid4vpClientId, isJarmResponseMode, isOpenid4vpAuthorizationRequestDcApi, parseAuthorizationRequestVersion, parseDcqlVpToken, parseJarmAuthorizationResponse, parseOpenid4VpAuthorizationResponsePayload, parseOpenid4vpAuthorizationRequest, parseOpenid4vpAuthorizationResponse, parsePexVpToken, parseTransactionData, resolveOpenid4vpAuthorizationRequest, submitOpenid4vpAuthorizationResponse, validateOpenid4vpAuthorizationRequestPayload, validateOpenid4vpAuthorizationResponsePayload, verifyJarmAuthorizationResponse, zClientIdPrefix, zClientMetadata, zCredentialFormat, zJarmClientMetadata, zOpenid4vpAuthorizationResponse, zProofFormat, zVerifierAttestations, zWalletMetadata };
|
|
2573
2585
|
//# sourceMappingURL=index.d.mts.map
|
package/dist/index.mjs
CHANGED
|
@@ -373,6 +373,12 @@ function parseOpenid4vpAuthorizationRequest(options) {
|
|
|
373
373
|
};
|
|
374
374
|
}
|
|
375
375
|
|
|
376
|
+
//#endregion
|
|
377
|
+
//#region src/client-identifier-prefix/x509-hash.ts
|
|
378
|
+
async function calculateX509HashClientIdPrefixValue({ x509Certificate, hash }) {
|
|
379
|
+
return encodeToBase64Url(await hash(typeof x509Certificate === "string" ? decodeBase64(x509Certificate) : x509Certificate, HashAlgorithm.Sha256));
|
|
380
|
+
}
|
|
381
|
+
|
|
376
382
|
//#endregion
|
|
377
383
|
//#region src/client-identifier-prefix/z-client-id-prefix.ts
|
|
378
384
|
const zClientIdPrefix = z.enum([
|
|
@@ -632,7 +638,10 @@ async function validateOpenid4vpClientId(options, parserConfig) {
|
|
|
632
638
|
});
|
|
633
639
|
}
|
|
634
640
|
} else if (clientIdPrefix === "x509_hash") {
|
|
635
|
-
const x509Hash =
|
|
641
|
+
const x509Hash = await calculateX509HashClientIdPrefixValue({
|
|
642
|
+
hash: options.callbacks.hash,
|
|
643
|
+
x509Certificate: jar.signer.x5c[0]
|
|
644
|
+
});
|
|
636
645
|
if (x509Hash !== clientIdIdentifier) throw new Oauth2ServerErrorResponseError({
|
|
637
646
|
error: Oauth2ErrorCodes.InvalidRequest,
|
|
638
647
|
error_description: `Invalid client identifier. Expected the base64url encoded sha-256 hash of the leaf x5c certificate ('${x509Hash}') to match the client identifier '${clientIdIdentifier}'.`
|
|
@@ -1690,5 +1699,5 @@ var Openid4vpVerifier = class {
|
|
|
1690
1699
|
};
|
|
1691
1700
|
|
|
1692
1701
|
//#endregion
|
|
1693
|
-
export { JarmMode, Openid4vpClient, Openid4vpVerifier, createOpenid4vpAuthorizationRequest, createOpenid4vpAuthorizationResponse, extractEncryptionJwkFromJwks, getOpenid4vpClientId, isJarmResponseMode, isOpenid4vpAuthorizationRequestDcApi, parseAuthorizationRequestVersion, parseDcqlVpToken, parseJarmAuthorizationResponse, parseOpenid4VpAuthorizationResponsePayload, parseOpenid4vpAuthorizationRequest, parseOpenid4vpAuthorizationResponse, parsePexVpToken, parseTransactionData, resolveOpenid4vpAuthorizationRequest, submitOpenid4vpAuthorizationResponse, validateOpenid4vpAuthorizationRequestPayload, validateOpenid4vpAuthorizationResponsePayload, verifyJarmAuthorizationResponse, zClientIdPrefix, zClientMetadata, zCredentialFormat, zJarmClientMetadata, zOpenid4vpAuthorizationResponse, zProofFormat, zVerifierAttestations, zWalletMetadata };
|
|
1702
|
+
export { JarmMode, Openid4vpClient, Openid4vpVerifier, calculateX509HashClientIdPrefixValue, createOpenid4vpAuthorizationRequest, createOpenid4vpAuthorizationResponse, extractEncryptionJwkFromJwks, getOpenid4vpClientId, isJarmResponseMode, isOpenid4vpAuthorizationRequestDcApi, parseAuthorizationRequestVersion, parseDcqlVpToken, parseJarmAuthorizationResponse, parseOpenid4VpAuthorizationResponsePayload, parseOpenid4vpAuthorizationRequest, parseOpenid4vpAuthorizationResponse, parsePexVpToken, parseTransactionData, resolveOpenid4vpAuthorizationRequest, submitOpenid4vpAuthorizationResponse, validateOpenid4vpAuthorizationRequestPayload, validateOpenid4vpAuthorizationResponsePayload, verifyJarmAuthorizationResponse, zClientIdPrefix, zClientMetadata, zCredentialFormat, zJarmClientMetadata, zOpenid4vpAuthorizationResponse, zProofFormat, zVerifierAttestations, zWalletMetadata };
|
|
1694
1703
|
//# sourceMappingURL=index.mjs.map
|