npm - @openid4vc/openid4vp - Versions diffs - 0.3.1-alpha-20251127040522 → 0.4.0 - Mend

@openid4vc/openid4vp 0.3.1-alpha-20251127040522 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist/index.d.cts DELETED Viewed

@@ -1,2585 +0,0 @@
-import * as _openid4vc_oauth20 from "@openid4vc/oauth2";
-import { CallbackContext, CreateJarAuthorizationRequestOptions, DecodeJwtResult, HashAlgorithm, JarRequestObjectPayload, Jwk, JwkSet, JwtSigner, JwtSignerWithJwk, zJarRequestObjectPayload } from "@openid4vc/oauth2";
-import z$1, { z } from "zod";
-import { NonEmptyArray } from "@openid4vc/utils";
-//#region src/models/z-wallet-metadata.d.ts
-declare const zWalletMetadata: z.ZodObject<{
-  presentation_definition_uri_supported: z.ZodOptional<z.ZodBoolean>;
-  vp_formats_supported: z.ZodOptional<z.ZodUnion<[z.ZodObject<{
-    'dc+sd-jwt': z.ZodOptional<z.ZodObject<{
-      'sd-jwt_alg_values': z.ZodOptional<z.ZodTuple<[z.ZodString], z.ZodString>>;
-      'kb-jwt_alg_values': z.ZodOptional<z.ZodTuple<[z.ZodString], z.ZodString>>;
-    }, z.core.$loose>>;
-    jwt_vc_json: z.ZodOptional<z.ZodObject<{
-      alg_values: z.ZodOptional<z.ZodTuple<[z.ZodString], z.ZodString>>;
-    }, z.core.$loose>>;
-    ldp_vc: z.ZodOptional<z.ZodObject<{
-      proof_type_values: z.ZodOptional<z.ZodTuple<[z.ZodString], z.ZodString>>;
-      cryptosuite_values: z.ZodOptional<z.ZodTuple<[z.ZodString], z.ZodString>>;
-    }, z.core.$loose>>;
-    mso_mdoc: z.ZodOptional<z.ZodObject<{
-      issuer_signed_alg_values: z.ZodOptional<z.ZodTuple<[z.ZodNumber], z.ZodNumber>>;
-      device_signed_alg_values: z.ZodOptional<z.ZodTuple<[z.ZodNumber], z.ZodNumber>>;
-      issuerauth_alg_values: z.ZodOptional<z.ZodTuple<[z.ZodNumber], z.ZodNumber>>;
-      deviceauth_alg_values: z.ZodOptional<z.ZodTuple<[z.ZodNumber], z.ZodNumber>>;
-    }, z.core.$loose>>;
-  }, z.core.$catchall<z.ZodObject<{}, z.core.$loose>>>, z.ZodRecord<z.ZodString, z.ZodObject<{
-    alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
-  }, z.core.$loose>>]>>;
-  client_id_schemes_supported: z.ZodOptional<z.ZodArray<z.ZodEnum<{
-    redirect_uri: "redirect_uri";
-    "pre-registered": "pre-registered";
-    did: "did";
-    verifier_attestation: "verifier_attestation";
-    x509_san_dns: "x509_san_dns";
-    x509_san_uri: "x509_san_uri";
-    x509_hash: "x509_hash";
-    https: "https";
-    origin: "origin";
-    "web-origin": "web-origin";
-  }>>>;
-  client_id_prefixes_supported: z.ZodOptional<z.ZodArray<z.ZodEnum<{
-    redirect_uri: "redirect_uri";
-    "pre-registered": "pre-registered";
-    verifier_attestation: "verifier_attestation";
-    x509_san_dns: "x509_san_dns";
-    x509_san_uri: "x509_san_uri";
-    x509_hash: "x509_hash";
-    openid_federation: "openid_federation";
-    decentralized_identifier: "decentralized_identifier";
-    origin: "origin";
-  }>>>;
-  request_object_signing_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
-  authorization_encryption_alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
-  authorization_encryption_enc_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
-}, z.core.$strip>;
-type WalletMetadata = z.infer<typeof zWalletMetadata>;
-//#endregion
-//#region src/authorization-request/z-authorization-request.d.ts
-declare const zOpenid4vpAuthorizationRequest: z.ZodObject<{
-  response_type: z.ZodLiteral<"vp_token">;
-  client_id: z.ZodString;
-  redirect_uri: z.ZodOptional<z.ZodURL>;
-  response_uri: z.ZodOptional<z.ZodURL>;
-  request_uri: z.ZodOptional<z.ZodURL>;
-  request_uri_method: z.ZodOptional<z.ZodString>;
-  response_mode: z.ZodOptional<z.ZodEnum<{
-    direct_post: "direct_post";
-    "direct_post.jwt": "direct_post.jwt";
-  }>>;
-  nonce: z.ZodString;
-  wallet_nonce: z.ZodOptional<z.ZodString>;
-  scope: z.ZodOptional<z.ZodString>;
-  presentation_definition: z.ZodOptional<z.ZodUnion<[z.ZodRecord<z.ZodString, z.ZodAny>, z.ZodPipe<z.ZodString, z.ZodTransform<any, string>>]>>;
-  presentation_definition_uri: z.ZodOptional<z.ZodURL>;
-  dcql_query: z.ZodOptional<z.ZodUnion<[z.ZodRecord<z.ZodString, z.ZodAny>, z.ZodPipe<z.ZodString, z.ZodTransform<any, string>>]>>;
-  client_metadata: z.ZodOptional<z.ZodObject<{
-    logo_uri: z.ZodOptional<z.ZodUnion<[z.ZodURL, z.ZodString]>>;
-    client_name: z.ZodOptional<z.ZodString>;
-    authorization_signed_response_alg: z.ZodOptional<z.ZodString>;
-    authorization_encrypted_response_alg: z.ZodOptional<z.ZodString>;
-    authorization_encrypted_response_enc: z.ZodOptional<z.ZodOptional<z.ZodString>>;
-    jwks_uri: z.ZodOptional<z.ZodURL>;
-    jwks: z.ZodOptional<z.ZodObject<{
-      keys: z.ZodArray<z.ZodObject<{
-        kty: z.ZodString;
-        crv: z.ZodOptional<z.ZodString>;
-        x: z.ZodOptional<z.ZodString>;
-        y: z.ZodOptional<z.ZodString>;
-        e: z.ZodOptional<z.ZodString>;
-        n: z.ZodOptional<z.ZodString>;
-        alg: z.ZodOptional<z.ZodString>;
-        d: z.ZodOptional<z.ZodString>;
-        dp: z.ZodOptional<z.ZodString>;
-        dq: z.ZodOptional<z.ZodString>;
-        ext: z.ZodOptional<z.ZodBoolean>;
-        k: z.ZodOptional<z.ZodString>;
-        key_ops: z.ZodOptional<z.ZodArray<z.ZodString>>;
-        kid: z.ZodOptional<z.ZodString>;
-        oth: z.ZodOptional<z.ZodArray<z.ZodObject<{
-          d: z.ZodOptional<z.ZodString>;
-          r: z.ZodOptional<z.ZodString>;
-          t: z.ZodOptional<z.ZodString>;
-        }, z.core.$loose>>>;
-        p: z.ZodOptional<z.ZodString>;
-        q: z.ZodOptional<z.ZodString>;
-        qi: z.ZodOptional<z.ZodString>;
-        use: z.ZodOptional<z.ZodString>;
-        x5c: z.ZodOptional<z.ZodArray<z.ZodString>>;
-        x5t: z.ZodOptional<z.ZodString>;
-        'x5t#S256': z.ZodOptional<z.ZodString>;
-        x5u: z.ZodOptional<z.ZodString>;
-      }, z.core.$loose>>;
-    }, z.core.$loose>>;
-    vp_formats: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodObject<{
-      alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
-    }, z.core.$loose>>>;
-    vp_formats_supported: z.ZodOptional<z.ZodObject<{
-      'dc+sd-jwt': z.ZodOptional<z.ZodObject<{
-        'sd-jwt_alg_values': z.ZodOptional<z.ZodTuple<[z.ZodString], z.ZodString>>;
-        'kb-jwt_alg_values': z.ZodOptional<z.ZodTuple<[z.ZodString], z.ZodString>>;
-      }, z.core.$loose>>;
-      jwt_vc_json: z.ZodOptional<z.ZodObject<{
-        alg_values: z.ZodOptional<z.ZodTuple<[z.ZodString], z.ZodString>>;
-      }, z.core.$loose>>;
-      ldp_vc: z.ZodOptional<z.ZodObject<{
-        proof_type_values: z.ZodOptional<z.ZodTuple<[z.ZodString], z.ZodString>>;
-        cryptosuite_values: z.ZodOptional<z.ZodTuple<[z.ZodString], z.ZodString>>;
-      }, z.core.$loose>>;
-      mso_mdoc: z.ZodOptional<z.ZodObject<{
-        issuer_signed_alg_values: z.ZodOptional<z.ZodTuple<[z.ZodNumber], z.ZodNumber>>;
-        device_signed_alg_values: z.ZodOptional<z.ZodTuple<[z.ZodNumber], z.ZodNumber>>;
-        issuerauth_alg_values: z.ZodOptional<z.ZodTuple<[z.ZodNumber], z.ZodNumber>>;
-        deviceauth_alg_values: z.ZodOptional<z.ZodTuple<[z.ZodNumber], z.ZodNumber>>;
-      }, z.core.$loose>>;
-    }, z.core.$catchall<z.ZodObject<{}, z.core.$loose>>>>;
-    encrypted_response_enc_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
-  }, z.core.$loose>>;
-  client_metadata_uri: z.ZodOptional<z.ZodURL>;
-  state: z.ZodOptional<z.ZodString>;
-  transaction_data: z.ZodOptional<z.ZodArray<z.ZodBase64URL>>;
-  trust_chain: z.ZodOptional<z.ZodTuple<[z.ZodString], z.ZodString>>;
-  client_id_scheme: z.ZodOptional<z.ZodEnum<{
-    redirect_uri: "redirect_uri";
-    "pre-registered": "pre-registered";
-    entity_id: "entity_id";
-    did: "did";
-    verifier_attestation: "verifier_attestation";
-    x509_san_dns: "x509_san_dns";
-    x509_san_uri: "x509_san_uri";
-    x509_hash: "x509_hash";
-  }>>;
-  verifier_attestations: z.ZodOptional<z.ZodArray<z.ZodObject<{
-    format: z.ZodString;
-    data: z.ZodUnion<[z.ZodRecord<z.ZodString, z.ZodUnknown>, z.ZodString]>;
-    credential_ids: z.ZodOptional<z.ZodArray<z.ZodString>>;
-  }, z.core.$strip>>>;
-  verifier_info: z.ZodOptional<z.ZodArray<z.ZodObject<{
-    format: z.ZodString;
-    data: z.ZodUnion<[z.ZodRecord<z.ZodString, z.ZodUnknown>, z.ZodString]>;
-    credential_ids: z.ZodOptional<z.ZodArray<z.ZodString>>;
-  }, z.core.$strip>>>;
-}, z.core.$loose>;
-type Openid4vpAuthorizationRequest = z.infer<typeof zOpenid4vpAuthorizationRequest>;
-//#endregion
-//#region src/authorization-request/validate-authorization-request.d.ts
-interface WalletVerificationOptions {
-  expectedNonce?: string;
-  metadata?: WalletMetadata;
-}
-interface ValidateOpenid4vpAuthorizationRequestPayloadOptions {
-  params: Openid4vpAuthorizationRequest;
-  walletVerificationOptions?: WalletVerificationOptions;
-}
-/**
- * Validate the OpenId4Vp Authorization Request parameters
- */
-declare const validateOpenid4vpAuthorizationRequestPayload: (options: ValidateOpenid4vpAuthorizationRequestPayloadOptions) => void;
-//#endregion
-//#region src/jar/z-jar-authorization-request.d.ts
-declare const zOpenid4vpJarAuthorizationRequest: z.ZodObject<{
-  request: z.ZodOptional<z.ZodString>;
-  request_uri: z.ZodOptional<z.ZodURL>;
-  client_id: z.ZodOptional<z.ZodString>;
-  request_uri_method: z.ZodOptional<z.ZodString>;
-}, z.core.$loose>;
-type Openid4vpJarAuthorizationRequest = z.infer<typeof zOpenid4vpJarAuthorizationRequest>;
-//#endregion
-//#region src/authorization-request/z-authorization-request-dc-api.d.ts
-declare const zOpenid4vpAuthorizationRequestDcApi: z.ZodObject<{
-  response_type: z.ZodLiteral<"vp_token">;
-  nonce: z.ZodString;
-  presentation_definition: z.ZodOptional<z.ZodUnion<[z.ZodRecord<z.ZodString, z.ZodAny>, z.ZodPipe<z.ZodString, z.ZodTransform<any, string>>]>>;
-  dcql_query: z.ZodOptional<z.ZodUnion<[z.ZodRecord<z.ZodString, z.ZodAny>, z.ZodPipe<z.ZodString, z.ZodTransform<any, string>>]>>;
-  client_metadata: z.ZodOptional<z.ZodObject<{
-    logo_uri: z.ZodOptional<z.ZodUnion<[z.ZodURL, z.ZodString]>>;
-    client_name: z.ZodOptional<z.ZodString>;
-    authorization_signed_response_alg: z.ZodOptional<z.ZodString>;
-    authorization_encrypted_response_alg: z.ZodOptional<z.ZodString>;
-    authorization_encrypted_response_enc: z.ZodOptional<z.ZodOptional<z.ZodString>>;
-    jwks_uri: z.ZodOptional<z.ZodURL>;
-    jwks: z.ZodOptional<z.ZodObject<{
-      keys: z.ZodArray<z.ZodObject<{
-        kty: z.ZodString;
-        crv: z.ZodOptional<z.ZodString>;
-        x: z.ZodOptional<z.ZodString>;
-        y: z.ZodOptional<z.ZodString>;
-        e: z.ZodOptional<z.ZodString>;
-        n: z.ZodOptional<z.ZodString>;
-        alg: z.ZodOptional<z.ZodString>;
-        d: z.ZodOptional<z.ZodString>;
-        dp: z.ZodOptional<z.ZodString>;
-        dq: z.ZodOptional<z.ZodString>;
-        ext: z.ZodOptional<z.ZodBoolean>;
-        k: z.ZodOptional<z.ZodString>;
-        key_ops: z.ZodOptional<z.ZodArray<z.ZodString>>;
-        kid: z.ZodOptional<z.ZodString>;
-        oth: z.ZodOptional<z.ZodArray<z.ZodObject<{
-          d: z.ZodOptional<z.ZodString>;
-          r: z.ZodOptional<z.ZodString>;
-          t: z.ZodOptional<z.ZodString>;
-        }, z.core.$loose>>>;
-        p: z.ZodOptional<z.ZodString>;
-        q: z.ZodOptional<z.ZodString>;
-        qi: z.ZodOptional<z.ZodString>;
-        use: z.ZodOptional<z.ZodString>;
-        x5c: z.ZodOptional<z.ZodArray<z.ZodString>>;
-        x5t: z.ZodOptional<z.ZodString>;
-        'x5t#S256': z.ZodOptional<z.ZodString>;
-        x5u: z.ZodOptional<z.ZodString>;
-      }, z.core.$loose>>;
-    }, z.core.$loose>>;
-    vp_formats: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodObject<{
-      alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
-    }, z.core.$loose>>>;
-    vp_formats_supported: z.ZodOptional<z.ZodObject<{
-      'dc+sd-jwt': z.ZodOptional<z.ZodObject<{
-        'sd-jwt_alg_values': z.ZodOptional<z.ZodTuple<[z.ZodString], z.ZodString>>;
-        'kb-jwt_alg_values': z.ZodOptional<z.ZodTuple<[z.ZodString], z.ZodString>>;
-      }, z.core.$loose>>;
-      jwt_vc_json: z.ZodOptional<z.ZodObject<{
-        alg_values: z.ZodOptional<z.ZodTuple<[z.ZodString], z.ZodString>>;
-      }, z.core.$loose>>;
-      ldp_vc: z.ZodOptional<z.ZodObject<{
-        proof_type_values: z.ZodOptional<z.ZodTuple<[z.ZodString], z.ZodString>>;
-        cryptosuite_values: z.ZodOptional<z.ZodTuple<[z.ZodString], z.ZodString>>;
-      }, z.core.$loose>>;
-      mso_mdoc: z.ZodOptional<z.ZodObject<{
-        issuer_signed_alg_values: z.ZodOptional<z.ZodTuple<[z.ZodNumber], z.ZodNumber>>;
-        device_signed_alg_values: z.ZodOptional<z.ZodTuple<[z.ZodNumber], z.ZodNumber>>;
-        issuerauth_alg_values: z.ZodOptional<z.ZodTuple<[z.ZodNumber], z.ZodNumber>>;
-        deviceauth_alg_values: z.ZodOptional<z.ZodTuple<[z.ZodNumber], z.ZodNumber>>;
-      }, z.core.$loose>>;
-    }, z.core.$catchall<z.ZodObject<{}, z.core.$loose>>>>;
-    encrypted_response_enc_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
-  }, z.core.$loose>>;
-  state: z.ZodOptional<z.ZodString>;
-  transaction_data: z.ZodOptional<z.ZodArray<z.ZodBase64URL>>;
-  trust_chain: z.ZodOptional<z.ZodTuple<[z.ZodString], z.ZodString>>;
-  verifier_attestations: z.ZodOptional<z.ZodArray<z.ZodObject<{
-    format: z.ZodString;
-    data: z.ZodUnion<[z.ZodRecord<z.ZodString, z.ZodUnknown>, z.ZodString]>;
-    credential_ids: z.ZodOptional<z.ZodArray<z.ZodString>>;
-  }, z.core.$strip>>>;
-  verifier_info: z.ZodOptional<z.ZodArray<z.ZodObject<{
-    format: z.ZodString;
-    data: z.ZodUnion<[z.ZodRecord<z.ZodString, z.ZodUnknown>, z.ZodString]>;
-    credential_ids: z.ZodOptional<z.ZodArray<z.ZodString>>;
-  }, z.core.$strip>>>;
-  client_id: z.ZodOptional<z.ZodString>;
-  expected_origins: z.ZodOptional<z.ZodArray<z.ZodString>>;
-  response_mode: z.ZodEnum<{
-    dc_api: "dc_api";
-    "dc_api.jwt": "dc_api.jwt";
-    "w3c_dc_api.jwt": "w3c_dc_api.jwt";
-    w3c_dc_api: "w3c_dc_api";
-  }>;
-  client_id_scheme: z.ZodOptional<z.ZodNever>;
-  scope: z.ZodOptional<z.ZodNever>;
-}, z.core.$loose>;
-type Openid4vpAuthorizationRequestDcApi = z.infer<typeof zOpenid4vpAuthorizationRequestDcApi>;
-declare function isOpenid4vpAuthorizationRequestDcApi(request: Openid4vpAuthorizationRequest | Openid4vpAuthorizationRequestDcApi | Openid4vpJarAuthorizationRequest): request is Openid4vpAuthorizationRequestDcApi;
-//#endregion
-//#region src/authorization-request/create-authorization-request.d.ts
-interface CreateOpenid4vpAuthorizationRequestOptions {
-  scheme?: string;
-  authorizationRequestPayload: Openid4vpAuthorizationRequest | Openid4vpAuthorizationRequestDcApi;
-  jar?: Pick<CreateJarAuthorizationRequestOptions, 'additionalJwtPayload' | 'requestUri' | 'jwtSigner' | 'expiresInSeconds'>;
-  wallet?: WalletVerificationOptions;
-  callbacks: Pick<CallbackContext, 'signJwt' | 'encryptJwe'>;
-  /**
-   * Date that should be used as now. If not provided current date will be used.
-   */
-  now?: Date;
-}
-/**
- * Creates an OpenID4VP authorization request, optionally with a JWT Secured Authorization Request (JAR)
- * If the request is created after receiving wallet metadata via a POST to the request_uri endpoint, the wallet nonce needs to be provided
- *
- * @param options Configuration options for creating the authorization request
- * @param input.scheme Optional URI scheme to use (defaults to 'openid4vp://')
- * @param input.authorizationRequestPayload The OpenID4VP authorization request parameters
- * @param input.jar Optional JWT Secured Authorization Request (JAR) configuration
- * @param input.jar.requestUri The URI where the JAR will be accessible
- * @param input.jar.jwtSigner Function to sign the JAR JWT
- * @param input.jar.jweEncryptor Optional function to encrypt the JAR JWT
- * @param input.jar.additionalJwtPayload Optional additional claims to include in JAR JWT
- * @param input.wallet Optional wallet-specific parameters
- * @param input.wallet.nonce Optional wallet nonce
- * @param input.callbacks Callback functions for JWT operations
- * @returns Object containing the authorization request parameters, URI and optional JAR details
- */
-declare function createOpenid4vpAuthorizationRequest(options: CreateOpenid4vpAuthorizationRequestOptions): Promise<{
-  authorizationRequestPayload: {
-    [x: string]: unknown;
-    response_type: "vp_token";
-    client_id: string;
-    nonce: string;
-    redirect_uri?: string | undefined;
-    response_uri?: string | undefined;
-    request_uri?: string | undefined;
-    request_uri_method?: string | undefined;
-    response_mode?: "direct_post" | "direct_post.jwt" | undefined;
-    wallet_nonce?: string | undefined;
-    scope?: string | undefined;
-    presentation_definition?: any;
-    presentation_definition_uri?: string | undefined;
-    dcql_query?: any;
-    client_metadata?: {
-      [x: string]: unknown;
-      logo_uri?: string | undefined;
-      client_name?: string | undefined;
-      authorization_signed_response_alg?: string | undefined;
-      authorization_encrypted_response_alg?: string | undefined;
-      authorization_encrypted_response_enc?: string | undefined;
-      jwks_uri?: string | undefined;
-      jwks?: {
-        [x: string]: unknown;
-        keys: {
-          [x: string]: unknown;
-          kty: string;
-          crv?: string | undefined;
-          x?: string | undefined;
-          y?: string | undefined;
-          e?: string | undefined;
-          n?: string | undefined;
-          alg?: string | undefined;
-          d?: string | undefined;
-          dp?: string | undefined;
-          dq?: string | undefined;
-          ext?: boolean | undefined;
-          k?: string | undefined;
-          key_ops?: string[] | undefined;
-          kid?: string | undefined;
-          oth?: {
-            [x: string]: unknown;
-            d?: string | undefined;
-            r?: string | undefined;
-            t?: string | undefined;
-          }[] | undefined;
-          p?: string | undefined;
-          q?: string | undefined;
-          qi?: string | undefined;
-          use?: string | undefined;
-          x5c?: string[] | undefined;
-          x5t?: string | undefined;
-          'x5t#S256'?: string | undefined;
-          x5u?: string | undefined;
-        }[];
-      } | undefined;
-      vp_formats?: Record<string, {
-        [x: string]: unknown;
-        alg_values_supported?: string[] | undefined;
-      }> | undefined;
-      vp_formats_supported?: {
-        [x: string]: {
-          [x: string]: unknown;
-        };
-        'dc+sd-jwt'?: {
-          [x: string]: unknown;
-          'sd-jwt_alg_values'?: [string, ...string[]] | undefined;
-          'kb-jwt_alg_values'?: [string, ...string[]] | undefined;
-        } | undefined;
-        jwt_vc_json?: {
-          [x: string]: unknown;
-          alg_values?: [string, ...string[]] | undefined;
-        } | undefined;
-        ldp_vc?: {
-          [x: string]: unknown;
-          proof_type_values?: [string, ...string[]] | undefined;
-          cryptosuite_values?: [string, ...string[]] | undefined;
-        } | undefined;
-        mso_mdoc?: {
-          [x: string]: unknown;
-          issuer_signed_alg_values?: [number, ...number[]] | undefined;
-          device_signed_alg_values?: [number, ...number[]] | undefined;
-          issuerauth_alg_values?: [number, ...number[]] | undefined;
-          deviceauth_alg_values?: [number, ...number[]] | undefined;
-        } | undefined;
-      } | undefined;
-      encrypted_response_enc_values_supported?: string[] | undefined;
-    } | undefined;
-    client_metadata_uri?: string | undefined;
-    state?: string | undefined;
-    transaction_data?: string[] | undefined;
-    trust_chain?: [string, ...string[]] | undefined;
-    client_id_scheme?: "redirect_uri" | "pre-registered" | "entity_id" | "did" | "verifier_attestation" | "x509_san_dns" | "x509_san_uri" | "x509_hash" | undefined;
-    verifier_attestations?: {
-      format: string;
-      data: string | Record<string, unknown>;
-      credential_ids?: string[] | undefined;
-    }[] | undefined;
-    verifier_info?: {
-      format: string;
-      data: string | Record<string, unknown>;
-      credential_ids?: string[] | undefined;
-    }[] | undefined;
-  } | {
-    [x: string]: unknown;
-    response_type: "vp_token";
-    nonce: string;
-    response_mode: "dc_api" | "dc_api.jwt" | "w3c_dc_api.jwt" | "w3c_dc_api";
-    presentation_definition?: any;
-    dcql_query?: any;
-    client_metadata?: {
-      [x: string]: unknown;
-      logo_uri?: string | undefined;
-      client_name?: string | undefined;
-      authorization_signed_response_alg?: string | undefined;
-      authorization_encrypted_response_alg?: string | undefined;
-      authorization_encrypted_response_enc?: string | undefined;
-      jwks_uri?: string | undefined;
-      jwks?: {
-        [x: string]: unknown;
-        keys: {
-          [x: string]: unknown;
-          kty: string;
-          crv?: string | undefined;
-          x?: string | undefined;
-          y?: string | undefined;
-          e?: string | undefined;
-          n?: string | undefined;
-          alg?: string | undefined;
-          d?: string | undefined;
-          dp?: string | undefined;
-          dq?: string | undefined;
-          ext?: boolean | undefined;
-          k?: string | undefined;
-          key_ops?: string[] | undefined;
-          kid?: string | undefined;
-          oth?: {
-            [x: string]: unknown;
-            d?: string | undefined;
-            r?: string | undefined;
-            t?: string | undefined;
-          }[] | undefined;
-          p?: string | undefined;
-          q?: string | undefined;
-          qi?: string | undefined;
-          use?: string | undefined;
-          x5c?: string[] | undefined;
-          x5t?: string | undefined;
-          'x5t#S256'?: string | undefined;
-          x5u?: string | undefined;
-        }[];
-      } | undefined;
-      vp_formats?: Record<string, {
-        [x: string]: unknown;
-        alg_values_supported?: string[] | undefined;
-      }> | undefined;
-      vp_formats_supported?: {
-        [x: string]: {
-          [x: string]: unknown;
-        };
-        'dc+sd-jwt'?: {
-          [x: string]: unknown;
-          'sd-jwt_alg_values'?: [string, ...string[]] | undefined;
-          'kb-jwt_alg_values'?: [string, ...string[]] | undefined;
-        } | undefined;
-        jwt_vc_json?: {
-          [x: string]: unknown;
-          alg_values?: [string, ...string[]] | undefined;
-        } | undefined;
-        ldp_vc?: {
-          [x: string]: unknown;
-          proof_type_values?: [string, ...string[]] | undefined;
-          cryptosuite_values?: [string, ...string[]] | undefined;
-        } | undefined;
-        mso_mdoc?: {
-          [x: string]: unknown;
-          issuer_signed_alg_values?: [number, ...number[]] | undefined;
-          device_signed_alg_values?: [number, ...number[]] | undefined;
-          issuerauth_alg_values?: [number, ...number[]] | undefined;
-          deviceauth_alg_values?: [number, ...number[]] | undefined;
-        } | undefined;
-      } | undefined;
-      encrypted_response_enc_values_supported?: string[] | undefined;
-    } | undefined;
-    state?: string | undefined;
-    transaction_data?: string[] | undefined;
-    trust_chain?: [string, ...string[]] | undefined;
-    verifier_attestations?: {
-      format: string;
-      data: string | Record<string, unknown>;
-      credential_ids?: string[] | undefined;
-    }[] | undefined;
-    verifier_info?: {
-      format: string;
-      data: string | Record<string, unknown>;
-      credential_ids?: string[] | undefined;
-    }[] | undefined;
-    client_id?: string | undefined;
-    expected_origins?: string[] | undefined;
-    client_id_scheme?: undefined;
-    scope?: undefined;
-  };
-  authorizationRequestObject: {
-    [x: string]: unknown;
-    request?: string | undefined;
-    request_uri?: string | undefined;
-    client_id?: string | undefined;
-  };
-  authorizationRequest: string;
-  jar: {
-    jarAuthorizationRequest: {
-      [x: string]: unknown;
-      request?: string | undefined;
-      request_uri?: string | undefined;
-      client_id?: string | undefined;
-    };
-    signerJwk: {
-      [x: string]: unknown;
-      kty: string;
-      crv?: string | undefined;
-      x?: string | undefined;
-      y?: string | undefined;
-      e?: string | undefined;
-      n?: string | undefined;
-      alg?: string | undefined;
-      d?: string | undefined;
-      dp?: string | undefined;
-      dq?: string | undefined;
-      ext?: boolean | undefined;
-      k?: string | undefined;
-      key_ops?: string[] | undefined;
-      kid?: string | undefined;
-      oth?: {
-        [x: string]: unknown;
-        d?: string | undefined;
-        r?: string | undefined;
-        t?: string | undefined;
-      }[] | undefined;
-      p?: string | undefined;
-      q?: string | undefined;
-      qi?: string | undefined;
-      use?: string | undefined;
-      x5c?: string[] | undefined;
-      x5t?: string | undefined;
-      'x5t#S256'?: string | undefined;
-      x5u?: string | undefined;
-    };
-    encryptionJwk: {
-      [x: string]: unknown;
-      kty: string;
-      crv?: string | undefined;
-      x?: string | undefined;
-      y?: string | undefined;
-      e?: string | undefined;
-      n?: string | undefined;
-      alg?: string | undefined;
-      d?: string | undefined;
-      dp?: string | undefined;
-      dq?: string | undefined;
-      ext?: boolean | undefined;
-      k?: string | undefined;
-      key_ops?: string[] | undefined;
-      kid?: string | undefined;
-      oth?: {
-        [x: string]: unknown;
-        d?: string | undefined;
-        r?: string | undefined;
-        t?: string | undefined;
-      }[] | undefined;
-      p?: string | undefined;
-      q?: string | undefined;
-      qi?: string | undefined;
-      use?: string | undefined;
-      x5c?: string[] | undefined;
-      x5t?: string | undefined;
-      'x5t#S256'?: string | undefined;
-      x5u?: string | undefined;
-    } | undefined;
-    authorizationRequestJwt: string;
-    additionalJwtPayload?: Record<string, unknown> | undefined;
-    requestUri?: string | undefined;
-    jwtSigner: _openid4vc_oauth20.JwtSigner;
-    expiresInSeconds: number;
-  };
-} | {
-  authorizationRequestPayload: {
-    [x: string]: unknown;
-    response_type: "vp_token";
-    client_id: string;
-    nonce: string;
-    redirect_uri?: string | undefined;
-    response_uri?: string | undefined;
-    request_uri?: string | undefined;
-    request_uri_method?: string | undefined;
-    response_mode?: "direct_post" | "direct_post.jwt" | undefined;
-    wallet_nonce?: string | undefined;
-    scope?: string | undefined;
-    presentation_definition?: any;
-    presentation_definition_uri?: string | undefined;
-    dcql_query?: any;
-    client_metadata?: {
-      [x: string]: unknown;
-      logo_uri?: string | undefined;
-      client_name?: string | undefined;
-      authorization_signed_response_alg?: string | undefined;
-      authorization_encrypted_response_alg?: string | undefined;
-      authorization_encrypted_response_enc?: string | undefined;
-      jwks_uri?: string | undefined;
-      jwks?: {
-        [x: string]: unknown;
-        keys: {
-          [x: string]: unknown;
-          kty: string;
-          crv?: string | undefined;
-          x?: string | undefined;
-          y?: string | undefined;
-          e?: string | undefined;
-          n?: string | undefined;
-          alg?: string | undefined;
-          d?: string | undefined;
-          dp?: string | undefined;
-          dq?: string | undefined;
-          ext?: boolean | undefined;
-          k?: string | undefined;
-          key_ops?: string[] | undefined;
-          kid?: string | undefined;
-          oth?: {
-            [x: string]: unknown;
-            d?: string | undefined;
-            r?: string | undefined;
-            t?: string | undefined;
-          }[] | undefined;
-          p?: string | undefined;
-          q?: string | undefined;
-          qi?: string | undefined;
-          use?: string | undefined;
-          x5c?: string[] | undefined;
-          x5t?: string | undefined;
-          'x5t#S256'?: string | undefined;
-          x5u?: string | undefined;
-        }[];
-      } | undefined;
-      vp_formats?: Record<string, {
-        [x: string]: unknown;
-        alg_values_supported?: string[] | undefined;
-      }> | undefined;
-      vp_formats_supported?: {
-        [x: string]: {
-          [x: string]: unknown;
-        };
-        'dc+sd-jwt'?: {
-          [x: string]: unknown;
-          'sd-jwt_alg_values'?: [string, ...string[]] | undefined;
-          'kb-jwt_alg_values'?: [string, ...string[]] | undefined;
-        } | undefined;
-        jwt_vc_json?: {
-          [x: string]: unknown;
-          alg_values?: [string, ...string[]] | undefined;
-        } | undefined;
-        ldp_vc?: {
-          [x: string]: unknown;
-          proof_type_values?: [string, ...string[]] | undefined;
-          cryptosuite_values?: [string, ...string[]] | undefined;
-        } | undefined;
-        mso_mdoc?: {
-          [x: string]: unknown;
-          issuer_signed_alg_values?: [number, ...number[]] | undefined;
-          device_signed_alg_values?: [number, ...number[]] | undefined;
-          issuerauth_alg_values?: [number, ...number[]] | undefined;
-          deviceauth_alg_values?: [number, ...number[]] | undefined;
-        } | undefined;
-      } | undefined;
-      encrypted_response_enc_values_supported?: string[] | undefined;
-    } | undefined;
-    client_metadata_uri?: string | undefined;
-    state?: string | undefined;
-    transaction_data?: string[] | undefined;
-    trust_chain?: [string, ...string[]] | undefined;
-    client_id_scheme?: "redirect_uri" | "pre-registered" | "entity_id" | "did" | "verifier_attestation" | "x509_san_dns" | "x509_san_uri" | "x509_hash" | undefined;
-    verifier_attestations?: {
-      format: string;
-      data: string | Record<string, unknown>;
-      credential_ids?: string[] | undefined;
-    }[] | undefined;
-    verifier_info?: {
-      format: string;
-      data: string | Record<string, unknown>;
-      credential_ids?: string[] | undefined;
-    }[] | undefined;
-  } | {
-    [x: string]: unknown;
-    response_type: "vp_token";
-    nonce: string;
-    response_mode: "dc_api" | "dc_api.jwt" | "w3c_dc_api.jwt" | "w3c_dc_api";
-    presentation_definition?: any;
-    dcql_query?: any;
-    client_metadata?: {
-      [x: string]: unknown;
-      logo_uri?: string | undefined;
-      client_name?: string | undefined;
-      authorization_signed_response_alg?: string | undefined;
-      authorization_encrypted_response_alg?: string | undefined;
-      authorization_encrypted_response_enc?: string | undefined;
-      jwks_uri?: string | undefined;
-      jwks?: {
-        [x: string]: unknown;
-        keys: {
-          [x: string]: unknown;
-          kty: string;
-          crv?: string | undefined;
-          x?: string | undefined;
-          y?: string | undefined;
-          e?: string | undefined;
-          n?: string | undefined;
-          alg?: string | undefined;
-          d?: string | undefined;
-          dp?: string | undefined;
-          dq?: string | undefined;
-          ext?: boolean | undefined;
-          k?: string | undefined;
-          key_ops?: string[] | undefined;
-          kid?: string | undefined;
-          oth?: {
-            [x: string]: unknown;
-            d?: string | undefined;
-            r?: string | undefined;
-            t?: string | undefined;
-          }[] | undefined;
-          p?: string | undefined;
-          q?: string | undefined;
-          qi?: string | undefined;
-          use?: string | undefined;
-          x5c?: string[] | undefined;
-          x5t?: string | undefined;
-          'x5t#S256'?: string | undefined;
-          x5u?: string | undefined;
-        }[];
-      } | undefined;
-      vp_formats?: Record<string, {
-        [x: string]: unknown;
-        alg_values_supported?: string[] | undefined;
-      }> | undefined;
-      vp_formats_supported?: {
-        [x: string]: {
-          [x: string]: unknown;
-        };
-        'dc+sd-jwt'?: {
-          [x: string]: unknown;
-          'sd-jwt_alg_values'?: [string, ...string[]] | undefined;
-          'kb-jwt_alg_values'?: [string, ...string[]] | undefined;
-        } | undefined;
-        jwt_vc_json?: {
-          [x: string]: unknown;
-          alg_values?: [string, ...string[]] | undefined;
-        } | undefined;
-        ldp_vc?: {
-          [x: string]: unknown;
-          proof_type_values?: [string, ...string[]] | undefined;
-          cryptosuite_values?: [string, ...string[]] | undefined;
-        } | undefined;
-        mso_mdoc?: {
-          [x: string]: unknown;
-          issuer_signed_alg_values?: [number, ...number[]] | undefined;
-          device_signed_alg_values?: [number, ...number[]] | undefined;
-          issuerauth_alg_values?: [number, ...number[]] | undefined;
-          deviceauth_alg_values?: [number, ...number[]] | undefined;
-        } | undefined;
-      } | undefined;
-      encrypted_response_enc_values_supported?: string[] | undefined;
-    } | undefined;
-    state?: string | undefined;
-    transaction_data?: string[] | undefined;
-    trust_chain?: [string, ...string[]] | undefined;
-    verifier_attestations?: {
-      format: string;
-      data: string | Record<string, unknown>;
-      credential_ids?: string[] | undefined;
-    }[] | undefined;
-    verifier_info?: {
-      format: string;
-      data: string | Record<string, unknown>;
-      credential_ids?: string[] | undefined;
-    }[] | undefined;
-    client_id?: string | undefined;
-    expected_origins?: string[] | undefined;
-    client_id_scheme?: undefined;
-    scope?: undefined;
-  };
-  authorizationRequestObject: {
-    [x: string]: unknown;
-    response_type: "vp_token";
-    client_id: string;
-    nonce: string;
-    redirect_uri?: string | undefined;
-    response_uri?: string | undefined;
-    request_uri?: string | undefined;
-    request_uri_method?: string | undefined;
-    response_mode?: "direct_post" | "direct_post.jwt" | undefined;
-    wallet_nonce?: string | undefined;
-    scope?: string | undefined;
-    presentation_definition?: any;
-    presentation_definition_uri?: string | undefined;
-    dcql_query?: any;
-    client_metadata?: {
-      [x: string]: unknown;
-      logo_uri?: string | undefined;
-      client_name?: string | undefined;
-      authorization_signed_response_alg?: string | undefined;
-      authorization_encrypted_response_alg?: string | undefined;
-      authorization_encrypted_response_enc?: string | undefined;
-      jwks_uri?: string | undefined;
-      jwks?: {
-        [x: string]: unknown;
-        keys: {
-          [x: string]: unknown;
-          kty: string;
-          crv?: string | undefined;
-          x?: string | undefined;
-          y?: string | undefined;
-          e?: string | undefined;
-          n?: string | undefined;
-          alg?: string | undefined;
-          d?: string | undefined;
-          dp?: string | undefined;
-          dq?: string | undefined;
-          ext?: boolean | undefined;
-          k?: string | undefined;
-          key_ops?: string[] | undefined;
-          kid?: string | undefined;
-          oth?: {
-            [x: string]: unknown;
-            d?: string | undefined;
-            r?: string | undefined;
-            t?: string | undefined;
-          }[] | undefined;
-          p?: string | undefined;
-          q?: string | undefined;
-          qi?: string | undefined;
-          use?: string | undefined;
-          x5c?: string[] | undefined;
-          x5t?: string | undefined;
-          'x5t#S256'?: string | undefined;
-          x5u?: string | undefined;
-        }[];
-      } | undefined;
-      vp_formats?: Record<string, {
-        [x: string]: unknown;
-        alg_values_supported?: string[] | undefined;
-      }> | undefined;
-      vp_formats_supported?: {
-        [x: string]: {
-          [x: string]: unknown;
-        };
-        'dc+sd-jwt'?: {
-          [x: string]: unknown;
-          'sd-jwt_alg_values'?: [string, ...string[]] | undefined;
-          'kb-jwt_alg_values'?: [string, ...string[]] | undefined;
-        } | undefined;
-        jwt_vc_json?: {
-          [x: string]: unknown;
-          alg_values?: [string, ...string[]] | undefined;
-        } | undefined;
-        ldp_vc?: {
-          [x: string]: unknown;
-          proof_type_values?: [string, ...string[]] | undefined;
-          cryptosuite_values?: [string, ...string[]] | undefined;
-        } | undefined;
-        mso_mdoc?: {
-          [x: string]: unknown;
-          issuer_signed_alg_values?: [number, ...number[]] | undefined;
-          device_signed_alg_values?: [number, ...number[]] | undefined;
-          issuerauth_alg_values?: [number, ...number[]] | undefined;
-          deviceauth_alg_values?: [number, ...number[]] | undefined;
-        } | undefined;
-      } | undefined;
-      encrypted_response_enc_values_supported?: string[] | undefined;
-    } | undefined;
-    client_metadata_uri?: string | undefined;
-    state?: string | undefined;
-    transaction_data?: string[] | undefined;
-    trust_chain?: [string, ...string[]] | undefined;
-    client_id_scheme?: "redirect_uri" | "pre-registered" | "entity_id" | "did" | "verifier_attestation" | "x509_san_dns" | "x509_san_uri" | "x509_hash" | undefined;
-    verifier_attestations?: {
-      format: string;
-      data: string | Record<string, unknown>;
-      credential_ids?: string[] | undefined;
-    }[] | undefined;
-    verifier_info?: {
-      format: string;
-      data: string | Record<string, unknown>;
-      credential_ids?: string[] | undefined;
-    }[] | undefined;
-  } | {
-    [x: string]: unknown;
-    response_type: "vp_token";
-    nonce: string;
-    response_mode: "dc_api" | "dc_api.jwt" | "w3c_dc_api.jwt" | "w3c_dc_api";
-    presentation_definition?: any;
-    dcql_query?: any;
-    client_metadata?: {
-      [x: string]: unknown;
-      logo_uri?: string | undefined;
-      client_name?: string | undefined;
-      authorization_signed_response_alg?: string | undefined;
-      authorization_encrypted_response_alg?: string | undefined;
-      authorization_encrypted_response_enc?: string | undefined;
-      jwks_uri?: string | undefined;
-      jwks?: {
-        [x: string]: unknown;
-        keys: {
-          [x: string]: unknown;
-          kty: string;
-          crv?: string | undefined;
-          x?: string | undefined;
-          y?: string | undefined;
-          e?: string | undefined;
-          n?: string | undefined;
-          alg?: string | undefined;
-          d?: string | undefined;
-          dp?: string | undefined;
-          dq?: string | undefined;
-          ext?: boolean | undefined;
-          k?: string | undefined;
-          key_ops?: string[] | undefined;
-          kid?: string | undefined;
-          oth?: {
-            [x: string]: unknown;
-            d?: string | undefined;
-            r?: string | undefined;
-            t?: string | undefined;
-          }[] | undefined;
-          p?: string | undefined;
-          q?: string | undefined;
-          qi?: string | undefined;
-          use?: string | undefined;
-          x5c?: string[] | undefined;
-          x5t?: string | undefined;
-          'x5t#S256'?: string | undefined;
-          x5u?: string | undefined;
-        }[];
-      } | undefined;
-      vp_formats?: Record<string, {
-        [x: string]: unknown;
-        alg_values_supported?: string[] | undefined;
-      }> | undefined;
-      vp_formats_supported?: {
-        [x: string]: {
-          [x: string]: unknown;
-        };
-        'dc+sd-jwt'?: {
-          [x: string]: unknown;
-          'sd-jwt_alg_values'?: [string, ...string[]] | undefined;
-          'kb-jwt_alg_values'?: [string, ...string[]] | undefined;
-        } | undefined;
-        jwt_vc_json?: {
-          [x: string]: unknown;
-          alg_values?: [string, ...string[]] | undefined;
-        } | undefined;
-        ldp_vc?: {
-          [x: string]: unknown;
-          proof_type_values?: [string, ...string[]] | undefined;
-          cryptosuite_values?: [string, ...string[]] | undefined;
-        } | undefined;
-        mso_mdoc?: {
-          [x: string]: unknown;
-          issuer_signed_alg_values?: [number, ...number[]] | undefined;
-          device_signed_alg_values?: [number, ...number[]] | undefined;
-          issuerauth_alg_values?: [number, ...number[]] | undefined;
-          deviceauth_alg_values?: [number, ...number[]] | undefined;
-        } | undefined;
-      } | undefined;
-      encrypted_response_enc_values_supported?: string[] | undefined;
-    } | undefined;
-    state?: string | undefined;
-    transaction_data?: string[] | undefined;
-    trust_chain?: [string, ...string[]] | undefined;
-    verifier_attestations?: {
-      format: string;
-      data: string | Record<string, unknown>;
-      credential_ids?: string[] | undefined;
-    }[] | undefined;
-    verifier_info?: {
-      format: string;
-      data: string | Record<string, unknown>;
-      credential_ids?: string[] | undefined;
-    }[] | undefined;
-    client_id?: string | undefined;
-    expected_origins?: string[] | undefined;
-    client_id_scheme?: undefined;
-    scope?: undefined;
-  };
-  authorizationRequest: string;
-  jar: undefined;
-}>;
-//#endregion
-//#region src/authorization-request/parse-authorization-request-params.d.ts
-interface ParsedJarRequest {
-  type: 'jar';
-  provided: 'uri' | 'jwt' | 'params';
-  params: Openid4vpJarAuthorizationRequest;
-}
-interface ParsedOpenid4vpAuthorizationRequest {
-  type: 'openid4vp';
-  provided: 'uri' | 'jwt' | 'params';
-  params: Openid4vpAuthorizationRequest;
-}
-interface ParsedOpenid4vpDcApiAuthorizationRequest {
-  type: 'openid4vp_dc_api';
-  provided: 'uri' | 'jwt' | 'params';
-  params: Openid4vpAuthorizationRequestDcApi;
-}
-interface ParseOpenid4vpAuthorizationRequestOptions {
-  authorizationRequest: string | Record<string, unknown>;
-}
-declare function parseOpenid4vpAuthorizationRequest(options: ParseOpenid4vpAuthorizationRequestOptions): ParsedOpenid4vpAuthorizationRequest | ParsedJarRequest | ParsedOpenid4vpDcApiAuthorizationRequest;
-//#endregion
-//#region src/jar/handle-jar-request/verify-jar-request.d.ts
-interface VerifiedJarRequest {
-  authorizationRequestPayload: JarRequestObjectPayload;
-  sendBy: 'value' | 'reference';
-  decryptionJwk?: Jwk;
-  signer: JwtSignerWithJwk;
-  jwt: DecodeJwtResult<undefined, typeof zJarRequestObjectPayload>;
-}
-//#endregion
-//#region src/models/z-client-metadata.d.ts
-declare const zClientMetadata: z.ZodObject<{
-  logo_uri: z.ZodOptional<z.ZodUnion<[z.ZodURL, z.ZodString]>>;
-  client_name: z.ZodOptional<z.ZodString>;
-  authorization_signed_response_alg: z.ZodOptional<z.ZodString>;
-  authorization_encrypted_response_alg: z.ZodOptional<z.ZodString>;
-  authorization_encrypted_response_enc: z.ZodOptional<z.ZodOptional<z.ZodString>>;
-  jwks_uri: z.ZodOptional<z.ZodURL>;
-  jwks: z.ZodOptional<z.ZodObject<{
-    keys: z.ZodArray<z.ZodObject<{
-      kty: z.ZodString;
-      crv: z.ZodOptional<z.ZodString>;
-      x: z.ZodOptional<z.ZodString>;
-      y: z.ZodOptional<z.ZodString>;
-      e: z.ZodOptional<z.ZodString>;
-      n: z.ZodOptional<z.ZodString>;
-      alg: z.ZodOptional<z.ZodString>;
-      d: z.ZodOptional<z.ZodString>;
-      dp: z.ZodOptional<z.ZodString>;
-      dq: z.ZodOptional<z.ZodString>;
-      ext: z.ZodOptional<z.ZodBoolean>;
-      k: z.ZodOptional<z.ZodString>;
-      key_ops: z.ZodOptional<z.ZodArray<z.ZodString>>;
-      kid: z.ZodOptional<z.ZodString>;
-      oth: z.ZodOptional<z.ZodArray<z.ZodObject<{
-        d: z.ZodOptional<z.ZodString>;
-        r: z.ZodOptional<z.ZodString>;
-        t: z.ZodOptional<z.ZodString>;
-      }, z.core.$loose>>>;
-      p: z.ZodOptional<z.ZodString>;
-      q: z.ZodOptional<z.ZodString>;
-      qi: z.ZodOptional<z.ZodString>;
-      use: z.ZodOptional<z.ZodString>;
-      x5c: z.ZodOptional<z.ZodArray<z.ZodString>>;
-      x5t: z.ZodOptional<z.ZodString>;
-      'x5t#S256': z.ZodOptional<z.ZodString>;
-      x5u: z.ZodOptional<z.ZodString>;
-    }, z.core.$loose>>;
-  }, z.core.$loose>>;
-  vp_formats: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodObject<{
-    alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
-  }, z.core.$loose>>>;
-  vp_formats_supported: z.ZodOptional<z.ZodObject<{
-    'dc+sd-jwt': z.ZodOptional<z.ZodObject<{
-      'sd-jwt_alg_values': z.ZodOptional<z.ZodTuple<[z.ZodString], z.ZodString>>;
-      'kb-jwt_alg_values': z.ZodOptional<z.ZodTuple<[z.ZodString], z.ZodString>>;
-    }, z.core.$loose>>;
-    jwt_vc_json: z.ZodOptional<z.ZodObject<{
-      alg_values: z.ZodOptional<z.ZodTuple<[z.ZodString], z.ZodString>>;
-    }, z.core.$loose>>;
-    ldp_vc: z.ZodOptional<z.ZodObject<{
-      proof_type_values: z.ZodOptional<z.ZodTuple<[z.ZodString], z.ZodString>>;
-      cryptosuite_values: z.ZodOptional<z.ZodTuple<[z.ZodString], z.ZodString>>;
-    }, z.core.$loose>>;
-    mso_mdoc: z.ZodOptional<z.ZodObject<{
-      issuer_signed_alg_values: z.ZodOptional<z.ZodTuple<[z.ZodNumber], z.ZodNumber>>;
-      device_signed_alg_values: z.ZodOptional<z.ZodTuple<[z.ZodNumber], z.ZodNumber>>;
-      issuerauth_alg_values: z.ZodOptional<z.ZodTuple<[z.ZodNumber], z.ZodNumber>>;
-      deviceauth_alg_values: z.ZodOptional<z.ZodTuple<[z.ZodNumber], z.ZodNumber>>;
-    }, z.core.$loose>>;
-  }, z.core.$catchall<z.ZodObject<{}, z.core.$loose>>>>;
-  encrypted_response_enc_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
-}, z.core.$loose>;
-type ClientMetadata = z.infer<typeof zClientMetadata>;
-//#endregion
-//#region src/version.d.ts
-/**
- * The Openid4vpVersionNumber
- *
- * 100 means 1.0 final, all others are draft versions
- */
-type Openid4vpVersionNumber = 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 100;
-declare function parseAuthorizationRequestVersion(request: Openid4vpAuthorizationRequest | Openid4vpAuthorizationRequestDcApi): Openid4vpVersionNumber;
-//#endregion
-//#region src/client-identifier-prefix/z-client-id-prefix.d.ts
-declare const zClientIdPrefix: z.ZodEnum<{
-  redirect_uri: "redirect_uri";
-  "pre-registered": "pre-registered";
-  did: "did";
-  verifier_attestation: "verifier_attestation";
-  x509_san_dns: "x509_san_dns";
-  x509_san_uri: "x509_san_uri";
-  x509_hash: "x509_hash";
-  https: "https";
-  openid_federation: "openid_federation";
-  decentralized_identifier: "decentralized_identifier";
-  origin: "origin";
-  "web-origin": "web-origin";
-}>;
-declare const zUniformClientIdPrefix: z.ZodEnum<{
-  redirect_uri: "redirect_uri";
-  "pre-registered": "pre-registered";
-  verifier_attestation: "verifier_attestation";
-  x509_san_dns: "x509_san_dns";
-  x509_san_uri: "x509_san_uri";
-  x509_hash: "x509_hash";
-  openid_federation: "openid_federation";
-  decentralized_identifier: "decentralized_identifier";
-  origin: "origin";
-}>;
-type ClientIdPrefix = z.infer<typeof zClientIdPrefix>;
-type UniformClientIdPrefix = z.infer<typeof zUniformClientIdPrefix>;
-declare const zLegacyClientIdScheme: z.ZodEnum<{
-  redirect_uri: "redirect_uri";
-  "pre-registered": "pre-registered";
-  entity_id: "entity_id";
-  did: "did";
-  verifier_attestation: "verifier_attestation";
-  x509_san_dns: "x509_san_dns";
-  x509_san_uri: "x509_san_uri";
-}>;
-type LegacyClientIdScheme = z.infer<typeof zLegacyClientIdScheme>;
-//#endregion
-//#region src/client-identifier-prefix/parse-client-identifier-prefix.d.ts
-type ParsedClientIdentifierBase = {
-  /**
-   * The effective client identifier, and can be used to create and validate the session binding in e.g. the `aud`
-   * of the SD-JWT KB-JWT.
-   */
-  effective: string;
-  /**
-   * The identifier part of the client id. E.g. `did:example:123` for `decentralized_identifier:did:example:123`
-   */
-  identifier: string;
-  /**
-   * These are the original raw unvalidated values for the client id. Be cautious with using these.
-   */
-  original: {
-    /**
-     * This is the actual `client_id` parameter. May be undefined in case of unsigned
-     * DC API request.
-     */
-    clientId?: string;
-    /**
-     * This is the legacy `client_id_scheme` parameter
-     */
-    clientIdScheme?: LegacyClientIdScheme;
-  };
-};
-/**
- * Result of parsing a client identifier
- */
-type ParsedClientIdentifier = ({
-  prefix: 'redirect_uri';
-  redirectUri: string;
-  clientMetadata?: ClientMetadata;
-} | {
-  prefix: 'openid_federation';
-  trustChain?: unknown;
-  clientMetadata?: never;
-} | {
-  prefix: 'decentralized_identifier';
-  didUrl: string;
-  clientMetadata?: ClientMetadata;
-} | {
-  prefix: 'x509_san_uri' | 'x509_san_dns' | 'x509_hash';
-  clientMetadata?: ClientMetadata;
-  x5c: string[];
-} | {
-  prefix: 'verifier_attestation' | 'pre-registered' | 'origin';
-  clientMetadata?: ClientMetadata;
-}) & ParsedClientIdentifierBase;
-interface GetOpenid4vpClientIdOptions {
-  /**
-   * The client_id. Could be undefined in case of DC API
-   */
-  clientId?: string;
-  /**
-   * Legacy client id scheme from the authorization request payload
-   */
-  legacyClientIdScheme?: unknown;
-  responseMode: unknown;
-  origin?: string;
-  /**
-   * The version of OpenID4VP used.
-   *
-   * Currently it is only used for:
-   * - determining whether effective client id is `origin:` or `web-origin:` when DC API is used.
-   *
-   * When no version is provided, it is assumed version 1.0 (100) is used.
-   */
-  version?: Openid4vpVersionNumber;
-}
-/**
- * Get the client id for an authorization request based on the response_mode, client_id, client_id_scheme and origin values.
- *
- * It will return the client id prefix as used in OpenID4VP v1, and optionally provide the legacyClientId if the
- * client id was provided with a client_id_scheme
- */
-declare function getOpenid4vpClientId(options: GetOpenid4vpClientIdOptions): {
-  /**
-   * The identifier part of the client id. E.g. `did:example:123`, or `https://federation.com`
-   */
-  clientIdIdentifier: string;
-  /**
-   * The client id prefix according to the latest verion of OpenID4VP. Older prefixes are
-   * transformed into a singular value. Do not use this for checking the actual client id prefix
-   * used, but can be used to understand which method is used.
-   *
-   * E.g. `did` will be put as `decentralized_identifier`
-   */
-  clientIdPrefix: UniformClientIdPrefix;
-  /**
-   * The effective client id prefix, is the client id prefix that was used in the actual request.
-   *
-   * E.g. `did` will remain as `did`
-   */
-  effectiveClientIdPrefix: ClientIdPrefix | LegacyClientIdScheme;
-  /**
-   * The effective client id is the client id that should be used for validation. E.g. if you're comparing
-   * the `aud` claim in a SD-JWT KB-JWT, this is the value where you should match against.
-   */
-  effectiveClientId: string;
-  /**
-   * These are the original raw unvalidated values for the client id
-   */
-  original: {
-    /**
-     * This is the actual `client_id` parameter. May be undefined in case of unsigned
-     * DC API request.
-     */
-    clientId?: string;
-    /**
-     * This is the legacy `client_id_scheme` parameter
-     */
-    clientIdScheme?: LegacyClientIdScheme;
-  };
-};
-//#endregion
-//#region src/models/z-pex.d.ts
-declare const zPexPresentationDefinition: z.ZodRecord<z.ZodString, z.ZodAny>;
-declare const zPexPresentationSubmission: z.ZodRecord<z.ZodString, z.ZodAny>;
-type PexPresentationDefinition = z.infer<typeof zPexPresentationDefinition>;
-type PexPresentationSubmission = z.infer<typeof zPexPresentationSubmission>;
-//#endregion
-//#region src/transaction-data/z-transaction-data.d.ts
-declare const zTransactionEntry: z.ZodObject<{
-  type: z.ZodString;
-  credential_ids: z.ZodTuple<[z.ZodString], z.ZodString>;
-  transaction_data_hashes_alg: z.ZodOptional<z.ZodTuple<[z.ZodString], z.ZodString>>;
-}, z.core.$loose>;
-type TransactionDataEntry = z.infer<typeof zTransactionEntry>;
-//#endregion
-//#region src/transaction-data/parse-transaction-data.d.ts
-interface ParseTransactionDataOptions {
-  transactionData: string[];
-}
-interface ParsedTransactionDataEntry {
-  transactionData: TransactionDataEntry;
-  transactionDataIndex: number;
-  encoded: string;
-}
-declare function parseTransactionData(options: ParseTransactionDataOptions): ParsedTransactionDataEntry[];
-//#endregion
-//#region src/authorization-request/resolve-authorization-request.d.ts
-interface ResolveOpenid4vpAuthorizationRequestOptions {
-  authorizationRequestPayload: Openid4vpAuthorizationRequest | Openid4vpAuthorizationRequestDcApi | Openid4vpJarAuthorizationRequest;
-  wallet?: WalletVerificationOptions;
-  origin?: string;
-  disableOriginValidation?: boolean;
-  callbacks: Pick<CallbackContext, 'verifyJwt' | 'decryptJwe' | 'getX509CertificateMetadata' | 'fetch' | 'hash'>;
-}
-type ResolvedOpenid4vpAuthorizationRequest = {
-  transactionData?: ParsedTransactionDataEntry[];
-  authorizationRequestPayload: Openid4vpAuthorizationRequest | Openid4vpAuthorizationRequestDcApi;
-  jar: VerifiedJarRequest | undefined;
-  client: ParsedClientIdentifier;
-  pex?: {
-    presentation_definition?: PexPresentationDefinition;
-    presentation_definition_uri?: string;
-  };
-  dcql?: {
-    query: unknown;
-  } | undefined;
-  /**
-   * The highest possible version number based on (draft)-version checks done on the request.
-   *
-   * 100 means 1.0 final, all other numbers are draft versions.
-   */
-  version: Openid4vpVersionNumber;
-};
-declare function resolveOpenid4vpAuthorizationRequest(options: ResolveOpenid4vpAuthorizationRequestOptions): Promise<ResolvedOpenid4vpAuthorizationRequest>;
-//#endregion
-//#region src/jarm/metadata/z-jarm-authorization-server-metadata.d.ts
-declare const zJarmServerMetadata: z.ZodObject<{
-  authorization_signing_alg_values_supported: z.ZodArray<z.ZodString>;
-  authorization_encryption_alg_values_supported: z.ZodArray<z.ZodString>;
-  authorization_encryption_enc_values_supported: z.ZodArray<z.ZodString>;
-}, z.core.$strip>;
-type JarmServerMetadata = z.infer<typeof zJarmServerMetadata>;
-//#endregion
-//#region src/authorization-response/z-authorization-response.d.ts
-declare const zOpenid4vpAuthorizationResponse: z.ZodObject<{
-  state: z.ZodOptional<z.ZodString>;
-  id_token: z.ZodOptional<z.ZodString>;
-  vp_token: z.ZodUnion<[z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodTuple<[z.ZodUnion<readonly [z.ZodString, z.ZodRecord<z.ZodString, z.ZodAny>]>], z.ZodUnion<readonly [z.ZodString, z.ZodRecord<z.ZodString, z.ZodAny>]>>, z.ZodUnion<readonly [z.ZodString, z.ZodRecord<z.ZodString, z.ZodAny>]>]>>, z.ZodUnion<readonly [z.ZodUnion<readonly [z.ZodString, z.ZodRecord<z.ZodString, z.ZodAny>]>, z.ZodTuple<[z.ZodUnion<readonly [z.ZodString, z.ZodRecord<z.ZodString, z.ZodAny>]>], z.ZodUnion<readonly [z.ZodString, z.ZodRecord<z.ZodString, z.ZodAny>]>>]>]>;
-  presentation_submission: z.ZodOptional<z.ZodUnion<[z.ZodRecord<z.ZodString, z.ZodAny>, z.ZodPipe<z.ZodString, z.ZodTransform<any, string>>]>>;
-  refresh_token: z.ZodOptional<z.ZodString>;
-  token_type: z.ZodOptional<z.ZodString>;
-  access_token: z.ZodOptional<z.ZodString>;
-  expires_in: z.ZodOptional<z.ZodCoercedNumber<unknown>>;
-}, z.core.$loose>;
-type Openid4vpAuthorizationResponse = z.infer<typeof zOpenid4vpAuthorizationResponse>;
-//#endregion
-//#region src/authorization-response/create-authorization-response.d.ts
-interface CreateOpenid4vpAuthorizationResponseOptions {
-  authorizationRequestPayload: Openid4vpAuthorizationRequest | Openid4vpAuthorizationRequestDcApi;
-  /**
-   * Optional client metadata to use for sending the authorization response. In case of e.g. OpenID Federation
-   * the client metadata needs to be resolved and verified externally.
-   */
-  clientMetadata?: ClientMetadata;
-  /**
-   * The origin of the reuqest, required when creating a response for the Digital Credentials API.
-   */
-  origin?: string;
-  authorizationResponsePayload: Openid4vpAuthorizationResponse & {
-    state?: never;
-  };
-  jarm?: {
-    jwtSigner?: JwtSigner;
-    encryption?: {
-      nonce: string;
-      /**
-       * The JWK that should be used for encryption of the JARM response.
-       *
-       * If not defined, the Jwk will be determined based on the client_metadata.
-       */
-      jwk?: Jwk;
-    };
-    serverMetadata: JarmServerMetadata;
-    authorizationServer?: string;
-    audience?: string;
-    expiresInSeconds?: number;
-  };
-  callbacks: Pick<CallbackContext, 'signJwt' | 'encryptJwe' | 'fetch'>;
-}
-interface CreateOpenid4vpAuthorizationResponseResult {
-  authorizationResponsePayload: Openid4vpAuthorizationResponse;
-  jarm?: {
-    responseJwt: string;
-    /**
-     * The JWK used to encrypt the JARM response. Only defined if the response is encrypted.
-     */
-    encryptionJwk?: Jwk;
-  };
-}
-declare function createOpenid4vpAuthorizationResponse(options: CreateOpenid4vpAuthorizationResponseOptions): Promise<CreateOpenid4vpAuthorizationResponseResult>;
-//#endregion
-//#region src/jarm/jarm-authorization-response/verify-jarm-authorization-response.d.ts
-declare enum JarmMode {
-  Signed = "Signed",
-  Encrypted = "Encrypted",
-  SignedEncrypted = "SignedEncrypted",
-}
-interface VerifyJarmAuthorizationResponseOptions {
-  jarmAuthorizationResponseJwt: string;
-  authorizationRequestPayload: Openid4vpAuthorizationRequest | Openid4vpAuthorizationRequestDcApi;
-  /**
-   * The client id of the authorization request. This should be the effective client id,
-   * meaning that if no client_id was present in the authorization request and DC API is used
-   * it should be `web-origin:<origin>` (until draft 24) or `origin:<origin>` (from draft 25)
-   */
-  expectedClientId: string;
-  callbacks: Pick<CallbackContext, 'decryptJwe' | 'verifyJwt'>;
-}
-type VerifiedJarmAuthorizationResponse = Awaited<ReturnType<typeof verifyJarmAuthorizationResponse>>;
-/**
- * Validate a JARM direct_post.jwt compliant authentication response
- * * The decryption key should be resolvable using the the protected header's 'kid' field
- * * The signature verification jwk should be resolvable using the jws protected header's 'kid' field and the payload's 'iss' field.
- */
-declare function verifyJarmAuthorizationResponse(options: VerifyJarmAuthorizationResponseOptions): Promise<{
-  jarmAuthorizationResponse: {
-    [x: string]: unknown;
-    iss: string;
-    aud: string | string[];
-    exp: number;
-    state?: string | undefined;
-    iat?: number | undefined;
-    nbf?: number | undefined;
-    nonce?: string | undefined;
-    jti?: string | undefined;
-    sub?: string | undefined;
-    cnf?: {
-      [x: string]: unknown;
-      jwk?: {
-        [x: string]: unknown;
-        kty: string;
-        crv?: string | undefined;
-        x?: string | undefined;
-        y?: string | undefined;
-        e?: string | undefined;
-        n?: string | undefined;
-        alg?: string | undefined;
-        d?: string | undefined;
-        dp?: string | undefined;
-        dq?: string | undefined;
-        ext?: boolean | undefined;
-        k?: string | undefined;
-        key_ops?: string[] | undefined;
-        kid?: string | undefined;
-        oth?: {
-          [x: string]: unknown;
-          d?: string | undefined;
-          r?: string | undefined;
-          t?: string | undefined;
-        }[] | undefined;
-        p?: string | undefined;
-        q?: string | undefined;
-        qi?: string | undefined;
-        use?: string | undefined;
-        x5c?: string[] | undefined;
-        x5t?: string | undefined;
-        'x5t#S256'?: string | undefined;
-        x5u?: string | undefined;
-      } | undefined;
-      jkt?: string | undefined;
-    } | undefined;
-    status?: Record<string, any> | undefined;
-    trust_chain?: [string, ...string[]] | undefined;
-  } | {
-    [x: string]: unknown;
-    state?: string | undefined;
-    iss?: string | undefined;
-    aud?: string | string[] | undefined;
-    iat?: number | undefined;
-    exp?: number | undefined;
-    nbf?: number | undefined;
-    nonce?: string | undefined;
-    jti?: string | undefined;
-    sub?: string | undefined;
-    cnf?: {
-      [x: string]: unknown;
-      jwk?: {
-        [x: string]: unknown;
-        kty: string;
-        crv?: string | undefined;
-        x?: string | undefined;
-        y?: string | undefined;
-        e?: string | undefined;
-        n?: string | undefined;
-        alg?: string | undefined;
-        d?: string | undefined;
-        dp?: string | undefined;
-        dq?: string | undefined;
-        ext?: boolean | undefined;
-        k?: string | undefined;
-        key_ops?: string[] | undefined;
-        kid?: string | undefined;
-        oth?: {
-          [x: string]: unknown;
-          d?: string | undefined;
-          r?: string | undefined;
-          t?: string | undefined;
-        }[] | undefined;
-        p?: string | undefined;
-        q?: string | undefined;
-        qi?: string | undefined;
-        use?: string | undefined;
-        x5c?: string[] | undefined;
-        x5t?: string | undefined;
-        'x5t#S256'?: string | undefined;
-        x5u?: string | undefined;
-      } | undefined;
-      jkt?: string | undefined;
-    } | undefined;
-    status?: Record<string, any> | undefined;
-    trust_chain?: [string, ...string[]] | undefined;
-  };
-  type: JarmMode;
-  issuer: string | undefined;
-  decryptionJwk: {
-    [x: string]: unknown;
-    kty: string;
-    crv?: string | undefined;
-    x?: string | undefined;
-    y?: string | undefined;
-    e?: string | undefined;
-    n?: string | undefined;
-    alg?: string | undefined;
-    d?: string | undefined;
-    dp?: string | undefined;
-    dq?: string | undefined;
-    ext?: boolean | undefined;
-    k?: string | undefined;
-    key_ops?: string[] | undefined;
-    kid?: string | undefined;
-    oth?: {
-      [x: string]: unknown;
-      d?: string | undefined;
-      r?: string | undefined;
-      t?: string | undefined;
-    }[] | undefined;
-    p?: string | undefined;
-    q?: string | undefined;
-    qi?: string | undefined;
-    use?: string | undefined;
-    x5c?: string[] | undefined;
-    x5t?: string | undefined;
-    'x5t#S256'?: string | undefined;
-    x5u?: string | undefined;
-  } | undefined;
-}>;
-//#endregion
-//#region src/jarm/jarm-authorization-response/z-jarm-authorization-response.d.ts
-declare const zJarmHeader: z.ZodObject<{
-  apu: z.ZodOptional<z.ZodString>;
-  apv: z.ZodOptional<z.ZodString>;
-  alg: z.ZodString;
-  typ: z.ZodOptional<z.ZodString>;
-  kid: z.ZodOptional<z.ZodString>;
-  jwk: z.ZodOptional<z.ZodObject<{
-    kty: z.ZodString;
-    crv: z.ZodOptional<z.ZodString>;
-    x: z.ZodOptional<z.ZodString>;
-    y: z.ZodOptional<z.ZodString>;
-    e: z.ZodOptional<z.ZodString>;
-    n: z.ZodOptional<z.ZodString>;
-    alg: z.ZodOptional<z.ZodString>;
-    d: z.ZodOptional<z.ZodString>;
-    dp: z.ZodOptional<z.ZodString>;
-    dq: z.ZodOptional<z.ZodString>;
-    ext: z.ZodOptional<z.ZodBoolean>;
-    k: z.ZodOptional<z.ZodString>;
-    key_ops: z.ZodOptional<z.ZodArray<z.ZodString>>;
-    kid: z.ZodOptional<z.ZodString>;
-    oth: z.ZodOptional<z.ZodArray<z.ZodObject<{
-      d: z.ZodOptional<z.ZodString>;
-      r: z.ZodOptional<z.ZodString>;
-      t: z.ZodOptional<z.ZodString>;
-    }, z.core.$loose>>>;
-    p: z.ZodOptional<z.ZodString>;
-    q: z.ZodOptional<z.ZodString>;
-    qi: z.ZodOptional<z.ZodString>;
-    use: z.ZodOptional<z.ZodString>;
-    x5c: z.ZodOptional<z.ZodArray<z.ZodString>>;
-    x5t: z.ZodOptional<z.ZodString>;
-    'x5t#S256': z.ZodOptional<z.ZodString>;
-    x5u: z.ZodOptional<z.ZodString>;
-  }, z.core.$loose>>;
-  x5c: z.ZodOptional<z.ZodArray<z.ZodString>>;
-  trust_chain: z.ZodOptional<z.ZodTuple<[z.ZodString], z.ZodString>>;
-}, z.core.$strip>;
-type JarmHeader = z.infer<typeof zJarmHeader>;
-//#endregion
-//#region src/vp-token/z-vp-token.d.ts
-declare const zVpTokenPresentationEntry: z.ZodUnion<readonly [z.ZodString, z.ZodRecord<z.ZodString, z.ZodAny>]>;
-type VpTokenPresentationEntry = z.infer<typeof zVpTokenPresentationEntry>;
-declare const zVpTokenPex: z.ZodUnion<readonly [z.ZodUnion<readonly [z.ZodString, z.ZodRecord<z.ZodString, z.ZodAny>]>, z.ZodTuple<[z.ZodUnion<readonly [z.ZodString, z.ZodRecord<z.ZodString, z.ZodAny>]>], z.ZodUnion<readonly [z.ZodString, z.ZodRecord<z.ZodString, z.ZodAny>]>>]>;
-type VpTokenPex = z.infer<typeof zVpTokenPex>;
-declare const zVpTokenDcql: z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodTuple<[z.ZodUnion<readonly [z.ZodString, z.ZodRecord<z.ZodString, z.ZodAny>]>], z.ZodUnion<readonly [z.ZodString, z.ZodRecord<z.ZodString, z.ZodAny>]>>, z.ZodUnion<readonly [z.ZodString, z.ZodRecord<z.ZodString, z.ZodAny>]>]>>;
-type VpTokenDcql = z.infer<typeof zVpTokenDcql>;
-declare const zVpToken: z.ZodUnion<[z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodTuple<[z.ZodUnion<readonly [z.ZodString, z.ZodRecord<z.ZodString, z.ZodAny>]>], z.ZodUnion<readonly [z.ZodString, z.ZodRecord<z.ZodString, z.ZodAny>]>>, z.ZodUnion<readonly [z.ZodString, z.ZodRecord<z.ZodString, z.ZodAny>]>]>>, z.ZodUnion<readonly [z.ZodUnion<readonly [z.ZodString, z.ZodRecord<z.ZodString, z.ZodAny>]>, z.ZodTuple<[z.ZodUnion<readonly [z.ZodString, z.ZodRecord<z.ZodString, z.ZodAny>]>], z.ZodUnion<readonly [z.ZodString, z.ZodRecord<z.ZodString, z.ZodAny>]>>]>]>;
-type VpToken = z.infer<typeof zVpToken>;
-//#endregion
-//#region src/authorization-response/validate-authorization-response-result.d.ts
-interface ValidateOpenid4VpPexAuthorizationResponseResult {
-  type: 'pex';
-  pex: {
-    presentationSubmission: PexPresentationSubmission;
-    presentations: [VpTokenPresentationEntry, ...VpTokenPresentationEntry[]];
-  } & ({
-    scope: string;
-    presentationDefinition?: never;
-  } | {
-    scope?: never;
-    presentationDefinition: Record<string, unknown> | string;
-  });
-}
-interface ValidateOpenid4VpDcqlAuthorizationResponseResult {
-  type: 'dcql';
-  dcql: {
-    presentations: Record<string, [VpTokenPresentationEntry, ...VpTokenPresentationEntry[]]>;
-  } & ({
-    scope: string;
-    query?: never;
-  } | {
-    scope?: never;
-    query: unknown;
-  });
-}
-type ValidateOpenid4VpAuthorizationResponseResult = ValidateOpenid4VpPexAuthorizationResponseResult | ValidateOpenid4VpDcqlAuthorizationResponseResult;
-//#endregion
-//#region src/authorization-response/parse-authorization-response.d.ts
-interface ParseOpenid4vpAuthorizationResponseOptions {
-  /**
-   * The authorization response as received from the wallet, and can optionally still be encrypted.
-   */
-  authorizationResponse: Record<string, unknown>;
-  authorizationRequestPayload: Openid4vpAuthorizationRequest | Openid4vpAuthorizationRequestDcApi;
-  callbacks: Pick<CallbackContext, 'decryptJwe' | 'verifyJwt'>;
-  origin?: string;
-}
-type ParsedOpenid4vpAuthorizationResponse = ValidateOpenid4VpAuthorizationResponseResult & {
-  authorizationResponsePayload: Openid4vpAuthorizationResponse;
-  expectedNonce: string;
-  jarm?: VerifiedJarmAuthorizationResponse & {
-    jarmHeader: JarmHeader;
-  };
-};
-declare function parseOpenid4vpAuthorizationResponse(options: ParseOpenid4vpAuthorizationResponseOptions): Promise<ParsedOpenid4vpAuthorizationResponse>;
-//#endregion
-//#region src/authorization-response/parse-authorization-response-payload.d.ts
-declare function parseOpenid4VpAuthorizationResponsePayload(payload: Record<string, unknown>): {
-  [x: string]: unknown;
-  vp_token: string | Record<string, any> | [string | Record<string, any>, ...(string | Record<string, any>)[]] | Record<string, string | Record<string, any> | [string | Record<string, any>, ...(string | Record<string, any>)[]]>;
-  state?: string | undefined;
-  id_token?: string | undefined;
-  presentation_submission?: any;
-  refresh_token?: string | undefined;
-  token_type?: string | undefined;
-  access_token?: string | undefined;
-  expires_in?: number | undefined;
-};
-//#endregion
-//#region src/authorization-response/parse-jarm-authorization-response.d.ts
-interface ParseJarmAuthorizationResponseOptions {
-  jarmResponseJwt: string;
-  authorizationRequestPayload: Openid4vpAuthorizationRequest | Openid4vpAuthorizationRequestDcApi;
-  callbacks: Pick<CallbackContext, 'decryptJwe' | 'verifyJwt'>;
-  expectedClientId: string;
-}
-declare function parseJarmAuthorizationResponse(options: ParseJarmAuthorizationResponseOptions): Promise<ParsedOpenid4vpAuthorizationResponse>;
-//#endregion
-//#region src/authorization-response/submit-authorization-response.d.ts
-interface SubmitOpenid4vpAuthorizationResponseOptions {
-  authorizationRequestPayload: Pick<Openid4vpAuthorizationRequest, 'response_uri'>;
-  authorizationResponsePayload: Openid4vpAuthorizationResponse;
-  jarm?: {
-    responseJwt: string;
-  };
-  callbacks: Pick<CallbackContext, 'fetch'>;
-}
-declare function submitOpenid4vpAuthorizationResponse(options: SubmitOpenid4vpAuthorizationResponseOptions): Promise<{
-  readonly responseMode: "direct_post.jwt";
-  readonly response: Response;
-} | {
-  responseMode: string;
-  response: Response;
-}>;
-//#endregion
-//#region src/authorization-response/validate-authorization-response.d.ts
-interface ValidateOpenid4vpAuthorizationResponseOptions {
-  authorizationRequestPayload: Openid4vpAuthorizationRequest | Openid4vpAuthorizationRequestDcApi;
-  authorizationResponsePayload: Openid4vpAuthorizationResponse;
-}
-/**
- * The following steps need to be performed outside of this library
- * - verifying the presentations
- * - validating the presentations against the presentation definition
- * - checking the revocation status of the presentations
- * - checking the nonce of the presentations matches the nonce of the request (for mdoc's)
- */
-declare function validateOpenid4vpAuthorizationResponsePayload(options: ValidateOpenid4vpAuthorizationResponseOptions): ValidateOpenid4VpAuthorizationResponseResult;
-//#endregion
-//#region src/client-identifier-prefix/x509-hash.d.ts
-declare function calculateX509HashClientIdPrefixValue({
-  x509Certificate,
-  hash
-}: {
-  /**
-   * DER encoded x509 certificate. Either encoded as base64 or directly as Uint8Array
-   */
-  x509Certificate: string | Uint8Array;
-  hash: CallbackContext['hash'];
-}): Promise<string>;
-//#endregion
-//#region src/jarm/jarm-extract-jwks.d.ts
-declare function extractEncryptionJwkFromJwks(jwks: JwkSet, {
-  kid,
-  supportedAlgValues
-}: {
-  kid?: string;
-  supportedAlgValues?: string[];
-}): {
-  [x: string]: unknown;
-  kty: string;
-  crv?: string | undefined;
-  x?: string | undefined;
-  y?: string | undefined;
-  e?: string | undefined;
-  n?: string | undefined;
-  alg?: string | undefined;
-  d?: string | undefined;
-  dp?: string | undefined;
-  dq?: string | undefined;
-  ext?: boolean | undefined;
-  k?: string | undefined;
-  key_ops?: string[] | undefined;
-  kid?: string | undefined;
-  oth?: {
-    [x: string]: unknown;
-    d?: string | undefined;
-    r?: string | undefined;
-    t?: string | undefined;
-  }[] | undefined;
-  p?: string | undefined;
-  q?: string | undefined;
-  qi?: string | undefined;
-  use?: string | undefined;
-  x5c?: string[] | undefined;
-  x5t?: string | undefined;
-  'x5t#S256'?: string | undefined;
-  x5u?: string | undefined;
-} | undefined;
-//#endregion
-//#region src/jarm/jarm-response-mode.d.ts
-declare const jarmResponseMode: readonly ["jwt", "query.jwt", "fragment.jwt", "form_post.jwt", "direct_post.jwt", "dc_api.jwt"];
-type JarmResponseMode = (typeof jarmResponseMode)[number];
-declare const isJarmResponseMode: (responseMode: string) => responseMode is JarmResponseMode;
-//#endregion
-//#region src/jarm/metadata/z-jarm-client-metadata.d.ts
-/**
- * Clients may register their public encryption keys using the jwks_uri or jwks metadata parameters.
- */
-declare const zJarmClientMetadata: z.ZodObject<{
-  authorization_signed_response_alg: z.ZodOptional<z.ZodString>;
-  authorization_encrypted_response_alg: z.ZodOptional<z.ZodString>;
-  authorization_encrypted_response_enc: z.ZodOptional<z.ZodOptional<z.ZodString>>;
-}, z.core.$strip>;
-type JarmClientMetadata = z.infer<typeof zJarmClientMetadata>;
-//#endregion
-//#region src/models/z-credential-formats.d.ts
-declare const zCredentialFormat: z.ZodEnum<{
-  "dc+sd-jwt": "dc+sd-jwt";
-  jwt_vc_json: "jwt_vc_json";
-  ldp_vc: "ldp_vc";
-  mso_mdoc: "mso_mdoc";
-  "vc+sd-jwt": "vc+sd-jwt";
-}>;
-type CredentialFormat = z.infer<typeof zCredentialFormat>;
-//#endregion
-//#region src/models/z-proof-formats.d.ts
-declare const zProofFormat: z.ZodEnum<{
-  "dc+sd-jwt": "dc+sd-jwt";
-  mso_mdoc: "mso_mdoc";
-  "vc+sd-jwt": "vc+sd-jwt";
-  jwt_vp_json: "jwt_vp_json";
-  ldc_vp: "ldc_vp";
-  ac_vp: "ac_vp";
-}>;
-type ProofFormat = z.infer<typeof zProofFormat>;
-//#endregion
-//#region src/models/z-verifier-attestations.d.ts
-declare const zVerifierAttestation: z$1.ZodObject<{
-  format: z$1.ZodString;
-  data: z$1.ZodUnion<[z$1.ZodRecord<z$1.ZodString, z$1.ZodUnknown>, z$1.ZodString]>;
-  credential_ids: z$1.ZodOptional<z$1.ZodArray<z$1.ZodString>>;
-}, z$1.core.$strip>;
-declare const zVerifierAttestations: z$1.ZodArray<z$1.ZodObject<{
-  format: z$1.ZodString;
-  data: z$1.ZodUnion<[z$1.ZodRecord<z$1.ZodString, z$1.ZodUnknown>, z$1.ZodString]>;
-  credential_ids: z$1.ZodOptional<z$1.ZodArray<z$1.ZodString>>;
-}, z$1.core.$strip>>;
-type VerifierAttestation = z$1.infer<typeof zVerifierAttestation>;
-type VerifierAttestations = z$1.infer<typeof zVerifierAttestations>;
-//#endregion
-//#region src/Openid4vpClient.d.ts
-interface Openid4vpClientOptions {
-  /**
-   * Callbacks required for the openid4vp client
-   */
-  callbacks: Omit<CallbackContext, 'generateRandom' | 'clientAuthentication'>;
-}
-declare class Openid4vpClient {
-  private options;
-  constructor(options: Openid4vpClientOptions);
-  parseOpenid4vpAuthorizationRequest(options: ParseOpenid4vpAuthorizationRequestOptions): ParsedOpenid4vpAuthorizationRequest | ParsedJarRequest | ParsedOpenid4vpDcApiAuthorizationRequest;
-  resolveOpenId4vpAuthorizationRequest(options: Omit<ResolveOpenid4vpAuthorizationRequestOptions, 'callbacks'>): Promise<ResolvedOpenid4vpAuthorizationRequest>;
-  createOpenid4vpAuthorizationResponse(options: Omit<CreateOpenid4vpAuthorizationResponseOptions, 'callbacks'>): Promise<CreateOpenid4vpAuthorizationResponseResult>;
-  submitOpenid4vpAuthorizationResponse(options: Omit<SubmitOpenid4vpAuthorizationResponseOptions, 'callbacks'>): Promise<{
-    readonly responseMode: "direct_post.jwt";
-    readonly response: Response;
-  } | {
-    responseMode: string;
-    response: Response;
-  }>;
-}
-//#endregion
-//#region src/transaction-data/verify-transaction-data.d.ts
-interface TransactionDataHashesCredentials {
-  /**
-   * credentialId is the pex input descriptor id
-   * or dcql credential query id.
-   *
-   * The values must be an array of transaction data hashes
-   */
-  [credentialId: string]: NonEmptyArray<{
-    /**
-     * The hashes of the transaction data
-     */
-    transaction_data_hashes: string[];
-    /**
-     * The transaction data hash alg. If not provided
-     * in the presentation, the default value of sha256
-     * is used.
-     */
-    transaction_data_hashes_alg?: string;
-  }> | undefined;
-}
-interface VerifyTransactionDataOptions {
-  transactionData: string[];
-  credentials: TransactionDataHashesCredentials;
-  callbacks: Pick<CallbackContext, 'hash'>;
-}
-interface VerifiedTransactionDataEntry {
-  transactionDataEntry: ParsedTransactionDataEntry;
-  credentialId: string;
-  presentations: NonEmptyArray<{
-    presentationIndex: number;
-    hash: string;
-    hashAlg: HashAlgorithm;
-    credentialHashIndex: number;
-  }>;
-}
-//#endregion
-//#region src/Openid4vpVerifier.d.ts
-interface Openid4vpVerifierOptions {
-  /**
-   * Callbacks required for the openid4vp verifier
-   */
-  callbacks: Omit<CallbackContext, 'generateRandom' | 'clientAuthentication'>;
-}
-declare class Openid4vpVerifier {
-  private options;
-  constructor(options: Openid4vpVerifierOptions);
-  createOpenId4vpAuthorizationRequest(options: Omit<CreateOpenid4vpAuthorizationRequestOptions, 'callbacks'>): Promise<{
-    authorizationRequestPayload: {
-      [x: string]: unknown;
-      response_type: "vp_token";
-      client_id: string;
-      nonce: string;
-      redirect_uri?: string | undefined;
-      response_uri?: string | undefined;
-      request_uri?: string | undefined;
-      request_uri_method?: string | undefined;
-      response_mode?: "direct_post" | "direct_post.jwt" | undefined;
-      wallet_nonce?: string | undefined;
-      scope?: string | undefined;
-      presentation_definition?: any;
-      presentation_definition_uri?: string | undefined;
-      dcql_query?: any;
-      client_metadata?: {
-        [x: string]: unknown;
-        logo_uri?: string | undefined;
-        client_name?: string | undefined;
-        authorization_signed_response_alg?: string | undefined;
-        authorization_encrypted_response_alg?: string | undefined;
-        authorization_encrypted_response_enc?: string | undefined;
-        jwks_uri?: string | undefined;
-        jwks?: {
-          [x: string]: unknown;
-          keys: {
-            [x: string]: unknown;
-            kty: string;
-            crv?: string | undefined;
-            x?: string | undefined;
-            y?: string | undefined;
-            e?: string | undefined;
-            n?: string | undefined;
-            alg?: string | undefined;
-            d?: string | undefined;
-            dp?: string | undefined;
-            dq?: string | undefined;
-            ext?: boolean | undefined;
-            k?: string | undefined;
-            key_ops?: string[] | undefined;
-            kid?: string | undefined;
-            oth?: {
-              [x: string]: unknown;
-              d?: string | undefined;
-              r?: string | undefined;
-              t?: string | undefined;
-            }[] | undefined;
-            p?: string | undefined;
-            q?: string | undefined;
-            qi?: string | undefined;
-            use?: string | undefined;
-            x5c?: string[] | undefined;
-            x5t?: string | undefined;
-            'x5t#S256'?: string | undefined;
-            x5u?: string | undefined;
-          }[];
-        } | undefined;
-        vp_formats?: Record<string, {
-          [x: string]: unknown;
-          alg_values_supported?: string[] | undefined;
-        }> | undefined;
-        vp_formats_supported?: {
-          [x: string]: {
-            [x: string]: unknown;
-          };
-          'dc+sd-jwt'?: {
-            [x: string]: unknown;
-            'sd-jwt_alg_values'?: [string, ...string[]] | undefined;
-            'kb-jwt_alg_values'?: [string, ...string[]] | undefined;
-          } | undefined;
-          jwt_vc_json?: {
-            [x: string]: unknown;
-            alg_values?: [string, ...string[]] | undefined;
-          } | undefined;
-          ldp_vc?: {
-            [x: string]: unknown;
-            proof_type_values?: [string, ...string[]] | undefined;
-            cryptosuite_values?: [string, ...string[]] | undefined;
-          } | undefined;
-          mso_mdoc?: {
-            [x: string]: unknown;
-            issuer_signed_alg_values?: [number, ...number[]] | undefined;
-            device_signed_alg_values?: [number, ...number[]] | undefined;
-            issuerauth_alg_values?: [number, ...number[]] | undefined;
-            deviceauth_alg_values?: [number, ...number[]] | undefined;
-          } | undefined;
-        } | undefined;
-        encrypted_response_enc_values_supported?: string[] | undefined;
-      } | undefined;
-      client_metadata_uri?: string | undefined;
-      state?: string | undefined;
-      transaction_data?: string[] | undefined;
-      trust_chain?: [string, ...string[]] | undefined;
-      client_id_scheme?: "redirect_uri" | "pre-registered" | "entity_id" | "did" | "verifier_attestation" | "x509_san_dns" | "x509_san_uri" | "x509_hash" | undefined;
-      verifier_attestations?: {
-        format: string;
-        data: string | Record<string, unknown>;
-        credential_ids?: string[] | undefined;
-      }[] | undefined;
-      verifier_info?: {
-        format: string;
-        data: string | Record<string, unknown>;
-        credential_ids?: string[] | undefined;
-      }[] | undefined;
-    } | {
-      [x: string]: unknown;
-      response_type: "vp_token";
-      nonce: string;
-      response_mode: "dc_api" | "dc_api.jwt" | "w3c_dc_api.jwt" | "w3c_dc_api";
-      presentation_definition?: any;
-      dcql_query?: any;
-      client_metadata?: {
-        [x: string]: unknown;
-        logo_uri?: string | undefined;
-        client_name?: string | undefined;
-        authorization_signed_response_alg?: string | undefined;
-        authorization_encrypted_response_alg?: string | undefined;
-        authorization_encrypted_response_enc?: string | undefined;
-        jwks_uri?: string | undefined;
-        jwks?: {
-          [x: string]: unknown;
-          keys: {
-            [x: string]: unknown;
-            kty: string;
-            crv?: string | undefined;
-            x?: string | undefined;
-            y?: string | undefined;
-            e?: string | undefined;
-            n?: string | undefined;
-            alg?: string | undefined;
-            d?: string | undefined;
-            dp?: string | undefined;
-            dq?: string | undefined;
-            ext?: boolean | undefined;
-            k?: string | undefined;
-            key_ops?: string[] | undefined;
-            kid?: string | undefined;
-            oth?: {
-              [x: string]: unknown;
-              d?: string | undefined;
-              r?: string | undefined;
-              t?: string | undefined;
-            }[] | undefined;
-            p?: string | undefined;
-            q?: string | undefined;
-            qi?: string | undefined;
-            use?: string | undefined;
-            x5c?: string[] | undefined;
-            x5t?: string | undefined;
-            'x5t#S256'?: string | undefined;
-            x5u?: string | undefined;
-          }[];
-        } | undefined;
-        vp_formats?: Record<string, {
-          [x: string]: unknown;
-          alg_values_supported?: string[] | undefined;
-        }> | undefined;
-        vp_formats_supported?: {
-          [x: string]: {
-            [x: string]: unknown;
-          };
-          'dc+sd-jwt'?: {
-            [x: string]: unknown;
-            'sd-jwt_alg_values'?: [string, ...string[]] | undefined;
-            'kb-jwt_alg_values'?: [string, ...string[]] | undefined;
-          } | undefined;
-          jwt_vc_json?: {
-            [x: string]: unknown;
-            alg_values?: [string, ...string[]] | undefined;
-          } | undefined;
-          ldp_vc?: {
-            [x: string]: unknown;
-            proof_type_values?: [string, ...string[]] | undefined;
-            cryptosuite_values?: [string, ...string[]] | undefined;
-          } | undefined;
-          mso_mdoc?: {
-            [x: string]: unknown;
-            issuer_signed_alg_values?: [number, ...number[]] | undefined;
-            device_signed_alg_values?: [number, ...number[]] | undefined;
-            issuerauth_alg_values?: [number, ...number[]] | undefined;
-            deviceauth_alg_values?: [number, ...number[]] | undefined;
-          } | undefined;
-        } | undefined;
-        encrypted_response_enc_values_supported?: string[] | undefined;
-      } | undefined;
-      state?: string | undefined;
-      transaction_data?: string[] | undefined;
-      trust_chain?: [string, ...string[]] | undefined;
-      verifier_attestations?: {
-        format: string;
-        data: string | Record<string, unknown>;
-        credential_ids?: string[] | undefined;
-      }[] | undefined;
-      verifier_info?: {
-        format: string;
-        data: string | Record<string, unknown>;
-        credential_ids?: string[] | undefined;
-      }[] | undefined;
-      client_id?: string | undefined;
-      expected_origins?: string[] | undefined;
-      client_id_scheme?: undefined;
-      scope?: undefined;
-    };
-    authorizationRequestObject: {
-      [x: string]: unknown;
-      request?: string | undefined;
-      request_uri?: string | undefined;
-      client_id?: string | undefined;
-    };
-    authorizationRequest: string;
-    jar: {
-      jarAuthorizationRequest: {
-        [x: string]: unknown;
-        request?: string | undefined;
-        request_uri?: string | undefined;
-        client_id?: string | undefined;
-      };
-      signerJwk: {
-        [x: string]: unknown;
-        kty: string;
-        crv?: string | undefined;
-        x?: string | undefined;
-        y?: string | undefined;
-        e?: string | undefined;
-        n?: string | undefined;
-        alg?: string | undefined;
-        d?: string | undefined;
-        dp?: string | undefined;
-        dq?: string | undefined;
-        ext?: boolean | undefined;
-        k?: string | undefined;
-        key_ops?: string[] | undefined;
-        kid?: string | undefined;
-        oth?: {
-          [x: string]: unknown;
-          d?: string | undefined;
-          r?: string | undefined;
-          t?: string | undefined;
-        }[] | undefined;
-        p?: string | undefined;
-        q?: string | undefined;
-        qi?: string | undefined;
-        use?: string | undefined;
-        x5c?: string[] | undefined;
-        x5t?: string | undefined;
-        'x5t#S256'?: string | undefined;
-        x5u?: string | undefined;
-      };
-      encryptionJwk: {
-        [x: string]: unknown;
-        kty: string;
-        crv?: string | undefined;
-        x?: string | undefined;
-        y?: string | undefined;
-        e?: string | undefined;
-        n?: string | undefined;
-        alg?: string | undefined;
-        d?: string | undefined;
-        dp?: string | undefined;
-        dq?: string | undefined;
-        ext?: boolean | undefined;
-        k?: string | undefined;
-        key_ops?: string[] | undefined;
-        kid?: string | undefined;
-        oth?: {
-          [x: string]: unknown;
-          d?: string | undefined;
-          r?: string | undefined;
-          t?: string | undefined;
-        }[] | undefined;
-        p?: string | undefined;
-        q?: string | undefined;
-        qi?: string | undefined;
-        use?: string | undefined;
-        x5c?: string[] | undefined;
-        x5t?: string | undefined;
-        'x5t#S256'?: string | undefined;
-        x5u?: string | undefined;
-      } | undefined;
-      authorizationRequestJwt: string;
-      additionalJwtPayload?: Record<string, unknown> | undefined;
-      requestUri?: string | undefined;
-      jwtSigner: _openid4vc_oauth20.JwtSigner;
-      expiresInSeconds: number;
-    };
-  } | {
-    authorizationRequestPayload: {
-      [x: string]: unknown;
-      response_type: "vp_token";
-      client_id: string;
-      nonce: string;
-      redirect_uri?: string | undefined;
-      response_uri?: string | undefined;
-      request_uri?: string | undefined;
-      request_uri_method?: string | undefined;
-      response_mode?: "direct_post" | "direct_post.jwt" | undefined;
-      wallet_nonce?: string | undefined;
-      scope?: string | undefined;
-      presentation_definition?: any;
-      presentation_definition_uri?: string | undefined;
-      dcql_query?: any;
-      client_metadata?: {
-        [x: string]: unknown;
-        logo_uri?: string | undefined;
-        client_name?: string | undefined;
-        authorization_signed_response_alg?: string | undefined;
-        authorization_encrypted_response_alg?: string | undefined;
-        authorization_encrypted_response_enc?: string | undefined;
-        jwks_uri?: string | undefined;
-        jwks?: {
-          [x: string]: unknown;
-          keys: {
-            [x: string]: unknown;
-            kty: string;
-            crv?: string | undefined;
-            x?: string | undefined;
-            y?: string | undefined;
-            e?: string | undefined;
-            n?: string | undefined;
-            alg?: string | undefined;
-            d?: string | undefined;
-            dp?: string | undefined;
-            dq?: string | undefined;
-            ext?: boolean | undefined;
-            k?: string | undefined;
-            key_ops?: string[] | undefined;
-            kid?: string | undefined;
-            oth?: {
-              [x: string]: unknown;
-              d?: string | undefined;
-              r?: string | undefined;
-              t?: string | undefined;
-            }[] | undefined;
-            p?: string | undefined;
-            q?: string | undefined;
-            qi?: string | undefined;
-            use?: string | undefined;
-            x5c?: string[] | undefined;
-            x5t?: string | undefined;
-            'x5t#S256'?: string | undefined;
-            x5u?: string | undefined;
-          }[];
-        } | undefined;
-        vp_formats?: Record<string, {
-          [x: string]: unknown;
-          alg_values_supported?: string[] | undefined;
-        }> | undefined;
-        vp_formats_supported?: {
-          [x: string]: {
-            [x: string]: unknown;
-          };
-          'dc+sd-jwt'?: {
-            [x: string]: unknown;
-            'sd-jwt_alg_values'?: [string, ...string[]] | undefined;
-            'kb-jwt_alg_values'?: [string, ...string[]] | undefined;
-          } | undefined;
-          jwt_vc_json?: {
-            [x: string]: unknown;
-            alg_values?: [string, ...string[]] | undefined;
-          } | undefined;
-          ldp_vc?: {
-            [x: string]: unknown;
-            proof_type_values?: [string, ...string[]] | undefined;
-            cryptosuite_values?: [string, ...string[]] | undefined;
-          } | undefined;
-          mso_mdoc?: {
-            [x: string]: unknown;
-            issuer_signed_alg_values?: [number, ...number[]] | undefined;
-            device_signed_alg_values?: [number, ...number[]] | undefined;
-            issuerauth_alg_values?: [number, ...number[]] | undefined;
-            deviceauth_alg_values?: [number, ...number[]] | undefined;
-          } | undefined;
-        } | undefined;
-        encrypted_response_enc_values_supported?: string[] | undefined;
-      } | undefined;
-      client_metadata_uri?: string | undefined;
-      state?: string | undefined;
-      transaction_data?: string[] | undefined;
-      trust_chain?: [string, ...string[]] | undefined;
-      client_id_scheme?: "redirect_uri" | "pre-registered" | "entity_id" | "did" | "verifier_attestation" | "x509_san_dns" | "x509_san_uri" | "x509_hash" | undefined;
-      verifier_attestations?: {
-        format: string;
-        data: string | Record<string, unknown>;
-        credential_ids?: string[] | undefined;
-      }[] | undefined;
-      verifier_info?: {
-        format: string;
-        data: string | Record<string, unknown>;
-        credential_ids?: string[] | undefined;
-      }[] | undefined;
-    } | {
-      [x: string]: unknown;
-      response_type: "vp_token";
-      nonce: string;
-      response_mode: "dc_api" | "dc_api.jwt" | "w3c_dc_api.jwt" | "w3c_dc_api";
-      presentation_definition?: any;
-      dcql_query?: any;
-      client_metadata?: {
-        [x: string]: unknown;
-        logo_uri?: string | undefined;
-        client_name?: string | undefined;
-        authorization_signed_response_alg?: string | undefined;
-        authorization_encrypted_response_alg?: string | undefined;
-        authorization_encrypted_response_enc?: string | undefined;
-        jwks_uri?: string | undefined;
-        jwks?: {
-          [x: string]: unknown;
-          keys: {
-            [x: string]: unknown;
-            kty: string;
-            crv?: string | undefined;
-            x?: string | undefined;
-            y?: string | undefined;
-            e?: string | undefined;
-            n?: string | undefined;
-            alg?: string | undefined;
-            d?: string | undefined;
-            dp?: string | undefined;
-            dq?: string | undefined;
-            ext?: boolean | undefined;
-            k?: string | undefined;
-            key_ops?: string[] | undefined;
-            kid?: string | undefined;
-            oth?: {
-              [x: string]: unknown;
-              d?: string | undefined;
-              r?: string | undefined;
-              t?: string | undefined;
-            }[] | undefined;
-            p?: string | undefined;
-            q?: string | undefined;
-            qi?: string | undefined;
-            use?: string | undefined;
-            x5c?: string[] | undefined;
-            x5t?: string | undefined;
-            'x5t#S256'?: string | undefined;
-            x5u?: string | undefined;
-          }[];
-        } | undefined;
-        vp_formats?: Record<string, {
-          [x: string]: unknown;
-          alg_values_supported?: string[] | undefined;
-        }> | undefined;
-        vp_formats_supported?: {
-          [x: string]: {
-            [x: string]: unknown;
-          };
-          'dc+sd-jwt'?: {
-            [x: string]: unknown;
-            'sd-jwt_alg_values'?: [string, ...string[]] | undefined;
-            'kb-jwt_alg_values'?: [string, ...string[]] | undefined;
-          } | undefined;
-          jwt_vc_json?: {
-            [x: string]: unknown;
-            alg_values?: [string, ...string[]] | undefined;
-          } | undefined;
-          ldp_vc?: {
-            [x: string]: unknown;
-            proof_type_values?: [string, ...string[]] | undefined;
-            cryptosuite_values?: [string, ...string[]] | undefined;
-          } | undefined;
-          mso_mdoc?: {
-            [x: string]: unknown;
-            issuer_signed_alg_values?: [number, ...number[]] | undefined;
-            device_signed_alg_values?: [number, ...number[]] | undefined;
-            issuerauth_alg_values?: [number, ...number[]] | undefined;
-            deviceauth_alg_values?: [number, ...number[]] | undefined;
-          } | undefined;
-        } | undefined;
-        encrypted_response_enc_values_supported?: string[] | undefined;
-      } | undefined;
-      state?: string | undefined;
-      transaction_data?: string[] | undefined;
-      trust_chain?: [string, ...string[]] | undefined;
-      verifier_attestations?: {
-        format: string;
-        data: string | Record<string, unknown>;
-        credential_ids?: string[] | undefined;
-      }[] | undefined;
-      verifier_info?: {
-        format: string;
-        data: string | Record<string, unknown>;
-        credential_ids?: string[] | undefined;
-      }[] | undefined;
-      client_id?: string | undefined;
-      expected_origins?: string[] | undefined;
-      client_id_scheme?: undefined;
-      scope?: undefined;
-    };
-    authorizationRequestObject: {
-      [x: string]: unknown;
-      response_type: "vp_token";
-      client_id: string;
-      nonce: string;
-      redirect_uri?: string | undefined;
-      response_uri?: string | undefined;
-      request_uri?: string | undefined;
-      request_uri_method?: string | undefined;
-      response_mode?: "direct_post" | "direct_post.jwt" | undefined;
-      wallet_nonce?: string | undefined;
-      scope?: string | undefined;
-      presentation_definition?: any;
-      presentation_definition_uri?: string | undefined;
-      dcql_query?: any;
-      client_metadata?: {
-        [x: string]: unknown;
-        logo_uri?: string | undefined;
-        client_name?: string | undefined;
-        authorization_signed_response_alg?: string | undefined;
-        authorization_encrypted_response_alg?: string | undefined;
-        authorization_encrypted_response_enc?: string | undefined;
-        jwks_uri?: string | undefined;
-        jwks?: {
-          [x: string]: unknown;
-          keys: {
-            [x: string]: unknown;
-            kty: string;
-            crv?: string | undefined;
-            x?: string | undefined;
-            y?: string | undefined;
-            e?: string | undefined;
-            n?: string | undefined;
-            alg?: string | undefined;
-            d?: string | undefined;
-            dp?: string | undefined;
-            dq?: string | undefined;
-            ext?: boolean | undefined;
-            k?: string | undefined;
-            key_ops?: string[] | undefined;
-            kid?: string | undefined;
-            oth?: {
-              [x: string]: unknown;
-              d?: string | undefined;
-              r?: string | undefined;
-              t?: string | undefined;
-            }[] | undefined;
-            p?: string | undefined;
-            q?: string | undefined;
-            qi?: string | undefined;
-            use?: string | undefined;
-            x5c?: string[] | undefined;
-            x5t?: string | undefined;
-            'x5t#S256'?: string | undefined;
-            x5u?: string | undefined;
-          }[];
-        } | undefined;
-        vp_formats?: Record<string, {
-          [x: string]: unknown;
-          alg_values_supported?: string[] | undefined;
-        }> | undefined;
-        vp_formats_supported?: {
-          [x: string]: {
-            [x: string]: unknown;
-          };
-          'dc+sd-jwt'?: {
-            [x: string]: unknown;
-            'sd-jwt_alg_values'?: [string, ...string[]] | undefined;
-            'kb-jwt_alg_values'?: [string, ...string[]] | undefined;
-          } | undefined;
-          jwt_vc_json?: {
-            [x: string]: unknown;
-            alg_values?: [string, ...string[]] | undefined;
-          } | undefined;
-          ldp_vc?: {
-            [x: string]: unknown;
-            proof_type_values?: [string, ...string[]] | undefined;
-            cryptosuite_values?: [string, ...string[]] | undefined;
-          } | undefined;
-          mso_mdoc?: {
-            [x: string]: unknown;
-            issuer_signed_alg_values?: [number, ...number[]] | undefined;
-            device_signed_alg_values?: [number, ...number[]] | undefined;
-            issuerauth_alg_values?: [number, ...number[]] | undefined;
-            deviceauth_alg_values?: [number, ...number[]] | undefined;
-          } | undefined;
-        } | undefined;
-        encrypted_response_enc_values_supported?: string[] | undefined;
-      } | undefined;
-      client_metadata_uri?: string | undefined;
-      state?: string | undefined;
-      transaction_data?: string[] | undefined;
-      trust_chain?: [string, ...string[]] | undefined;
-      client_id_scheme?: "redirect_uri" | "pre-registered" | "entity_id" | "did" | "verifier_attestation" | "x509_san_dns" | "x509_san_uri" | "x509_hash" | undefined;
-      verifier_attestations?: {
-        format: string;
-        data: string | Record<string, unknown>;
-        credential_ids?: string[] | undefined;
-      }[] | undefined;
-      verifier_info?: {
-        format: string;
-        data: string | Record<string, unknown>;
-        credential_ids?: string[] | undefined;
-      }[] | undefined;
-    } | {
-      [x: string]: unknown;
-      response_type: "vp_token";
-      nonce: string;
-      response_mode: "dc_api" | "dc_api.jwt" | "w3c_dc_api.jwt" | "w3c_dc_api";
-      presentation_definition?: any;
-      dcql_query?: any;
-      client_metadata?: {
-        [x: string]: unknown;
-        logo_uri?: string | undefined;
-        client_name?: string | undefined;
-        authorization_signed_response_alg?: string | undefined;
-        authorization_encrypted_response_alg?: string | undefined;
-        authorization_encrypted_response_enc?: string | undefined;
-        jwks_uri?: string | undefined;
-        jwks?: {
-          [x: string]: unknown;
-          keys: {
-            [x: string]: unknown;
-            kty: string;
-            crv?: string | undefined;
-            x?: string | undefined;
-            y?: string | undefined;
-            e?: string | undefined;
-            n?: string | undefined;
-            alg?: string | undefined;
-            d?: string | undefined;
-            dp?: string | undefined;
-            dq?: string | undefined;
-            ext?: boolean | undefined;
-            k?: string | undefined;
-            key_ops?: string[] | undefined;
-            kid?: string | undefined;
-            oth?: {
-              [x: string]: unknown;
-              d?: string | undefined;
-              r?: string | undefined;
-              t?: string | undefined;
-            }[] | undefined;
-            p?: string | undefined;
-            q?: string | undefined;
-            qi?: string | undefined;
-            use?: string | undefined;
-            x5c?: string[] | undefined;
-            x5t?: string | undefined;
-            'x5t#S256'?: string | undefined;
-            x5u?: string | undefined;
-          }[];
-        } | undefined;
-        vp_formats?: Record<string, {
-          [x: string]: unknown;
-          alg_values_supported?: string[] | undefined;
-        }> | undefined;
-        vp_formats_supported?: {
-          [x: string]: {
-            [x: string]: unknown;
-          };
-          'dc+sd-jwt'?: {
-            [x: string]: unknown;
-            'sd-jwt_alg_values'?: [string, ...string[]] | undefined;
-            'kb-jwt_alg_values'?: [string, ...string[]] | undefined;
-          } | undefined;
-          jwt_vc_json?: {
-            [x: string]: unknown;
-            alg_values?: [string, ...string[]] | undefined;
-          } | undefined;
-          ldp_vc?: {
-            [x: string]: unknown;
-            proof_type_values?: [string, ...string[]] | undefined;
-            cryptosuite_values?: [string, ...string[]] | undefined;
-          } | undefined;
-          mso_mdoc?: {
-            [x: string]: unknown;
-            issuer_signed_alg_values?: [number, ...number[]] | undefined;
-            device_signed_alg_values?: [number, ...number[]] | undefined;
-            issuerauth_alg_values?: [number, ...number[]] | undefined;
-            deviceauth_alg_values?: [number, ...number[]] | undefined;
-          } | undefined;
-        } | undefined;
-        encrypted_response_enc_values_supported?: string[] | undefined;
-      } | undefined;
-      state?: string | undefined;
-      transaction_data?: string[] | undefined;
-      trust_chain?: [string, ...string[]] | undefined;
-      verifier_attestations?: {
-        format: string;
-        data: string | Record<string, unknown>;
-        credential_ids?: string[] | undefined;
-      }[] | undefined;
-      verifier_info?: {
-        format: string;
-        data: string | Record<string, unknown>;
-        credential_ids?: string[] | undefined;
-      }[] | undefined;
-      client_id?: string | undefined;
-      expected_origins?: string[] | undefined;
-      client_id_scheme?: undefined;
-      scope?: undefined;
-    };
-    authorizationRequest: string;
-    jar: undefined;
-  }>;
-  parseOpenid4vpAuthorizationRequestPayload(options: ParseOpenid4vpAuthorizationRequestOptions): ParsedOpenid4vpAuthorizationRequest | ParsedJarRequest | ParsedOpenid4vpDcApiAuthorizationRequest;
-  parseOpenid4vpAuthorizationResponse(options: ParseOpenid4vpAuthorizationResponseOptions): Promise<ParsedOpenid4vpAuthorizationResponse>;
-  validateOpenid4vpAuthorizationResponsePayload(options: ValidateOpenid4vpAuthorizationResponseOptions): ValidateOpenid4VpAuthorizationResponseResult;
-  parsePexVpToken(vpToken: unknown): [string | Record<string, any>, ...(string | Record<string, any>)[]];
-  parseDcqlVpToken(vpToken: unknown): Record<string, [string | Record<string, any>, ...(string | Record<string, any>)[]]>;
-  parseTransactionData(options: ParseTransactionDataOptions): ParsedTransactionDataEntry[];
-  /**
-   * Verify transaction data against submitted credentials.
-   *
-   * NOTE: this expects transaction data based authorization based on hashes. This is the method defined
-   * for SD-JWT VC, but for mDOCs it's much more generic. If you're using transaction data with mDOCs based
-   * on hashes, you can extract the values from the DeviceResponse, otherwise you must verify the transaction data
-   * manually.
-   */
-  verifyTransactionData(options: Omit<VerifyTransactionDataOptions, 'callbacks'>): Promise<VerifiedTransactionDataEntry[]>;
-}
-//#endregion
-//#region src/vp-token/parse-vp-token.d.ts
-declare function parsePexVpToken(vpToken: unknown): [VpTokenPresentationEntry, ...VpTokenPresentationEntry[]];
-declare function parseDcqlVpToken(vpToken: unknown): Record<string, [VpTokenPresentationEntry, ...VpTokenPresentationEntry[]]>;
-//#endregion
-export { type ClientIdPrefix, type ClientMetadata, type CreateOpenid4vpAuthorizationRequestOptions, type CreateOpenid4vpAuthorizationResponseOptions, type CreateOpenid4vpAuthorizationResponseResult, type CredentialFormat, type GetOpenid4vpClientIdOptions, type JarmClientMetadata, JarmMode, type Openid4vpAuthorizationRequest, type Openid4vpAuthorizationRequestDcApi, type Openid4vpAuthorizationResponse, Openid4vpClient, Openid4vpVerifier, type Openid4vpVersionNumber, type ParseJarmAuthorizationResponseOptions, type ParseOpenid4vpAuthorizationRequestOptions, type ParseOpenid4vpAuthorizationResponseOptions, type ParseTransactionDataOptions, type ParsedOpenid4vpAuthorizationResponse, type ProofFormat, type ResolveOpenid4vpAuthorizationRequestOptions, type ResolvedOpenid4vpAuthorizationRequest, type SubmitOpenid4vpAuthorizationResponseOptions, type TransactionDataEntry, type TransactionDataHashesCredentials, type ValidateOpenid4VpAuthorizationResponseResult, type ValidateOpenid4VpDcqlAuthorizationResponseResult, type ValidateOpenid4VpPexAuthorizationResponseResult, type ValidateOpenid4vpAuthorizationRequestPayloadOptions, type ValidateOpenid4vpAuthorizationResponseOptions, type VerifiedTransactionDataEntry, type VerifierAttestation, type VerifierAttestations, type VerifyJarmAuthorizationResponseOptions, type VerifyTransactionDataOptions, type VpToken, type VpTokenDcql, type VpTokenPex, type VpTokenPresentationEntry, type WalletMetadata, type WalletVerificationOptions, calculateX509HashClientIdPrefixValue, createOpenid4vpAuthorizationRequest, createOpenid4vpAuthorizationResponse, extractEncryptionJwkFromJwks, getOpenid4vpClientId, isJarmResponseMode, isOpenid4vpAuthorizationRequestDcApi, parseAuthorizationRequestVersion, parseDcqlVpToken, parseJarmAuthorizationResponse, parseOpenid4VpAuthorizationResponsePayload, parseOpenid4vpAuthorizationRequest, parseOpenid4vpAuthorizationResponse, parsePexVpToken, parseTransactionData, resolveOpenid4vpAuthorizationRequest, submitOpenid4vpAuthorizationResponse, validateOpenid4vpAuthorizationRequestPayload, validateOpenid4vpAuthorizationResponsePayload, verifyJarmAuthorizationResponse, zClientIdPrefix, zClientMetadata, zCredentialFormat, zJarmClientMetadata, zOpenid4vpAuthorizationResponse, zProofFormat, zVerifierAttestations, zWalletMetadata };
-//# sourceMappingURL=index.d.cts.map