@pagopa/io-react-native-wallet 0.1.0 → 0.2.0

package/README.md

@@ -41,7 +41,7 @@ const issuing = new WalletInstanceAttestation.Issuing(
     yourWalletProviderUrl
     );
 
-// Genrate keys
+// Generate keys
 const publicKey = await yourCustomPublicKey("TEE_KEY_TAG");
 
 const walletInstanceAttestationRequest =

package/lib/commonjs/index.js

@@ -3,15 +3,22 @@
 Object.defineProperty(exports, "__esModule", {
   value: true
 });
-exports.WalletInstanceAttestation = exports.PID = void 0;
-exports.multiply = multiply;
+exports.WalletInstanceAttestation = exports.RP = exports.PID = exports.Errors = void 0;
+Object.defineProperty(exports, "getUnsignedDPop", {
+  enumerable: true,
+  get: function () {
+    return _dpop.getUnsignedDPop;
+  }
+});
 var PID = _interopRequireWildcard(require("./pid"));
 exports.PID = PID;
+var RP = _interopRequireWildcard(require("./rp"));
+exports.RP = RP;
+var Errors = _interopRequireWildcard(require("./utils/errors"));
+exports.Errors = Errors;
 var WalletInstanceAttestation = _interopRequireWildcard(require("./wallet-instance-attestation"));
 exports.WalletInstanceAttestation = WalletInstanceAttestation;
+var _dpop = require("./utils/dpop");
 function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
 function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
-function multiply(a, b) {
-  return Promise.resolve(a * b);
-}
 //# sourceMappingURL=index.js.map

package/lib/commonjs/index.js.map

@@ -1 +1 @@
-{"version":3,"names":["PID","_interopRequireWildcard","require","exports","WalletInstanceAttestation","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","multiply","a","b","Promise","resolve"],"sourceRoot":"../../src","sources":["index.ts"],"mappings":";;;;;;;AAAA,IAAAA,GAAA,GAAAC,uBAAA,CAAAC,OAAA;AAA6BC,OAAA,CAAAH,GAAA,GAAAA,GAAA;AAC7B,IAAAI,yBAAA,GAAAH,uBAAA,CAAAC,OAAA;AAA2EC,OAAA,CAAAC,yBAAA,GAAAA,yBAAA;AAAA,SAAAC,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAL,wBAAAS,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAEpE,SAASW,QAAQA,CAACC,CAAS,EAAEC,CAAS,EAAmB;EAC9D,OAAOC,OAAO,CAACC,OAAO,CAACH,CAAC,GAAGC,CAAC,CAAC;AAC/B"}
+{"version":3,"names":["PID","_interopRequireWildcard","require","exports","RP","Errors","WalletInstanceAttestation","_dpop","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set"],"sourceRoot":"../../src","sources":["index.ts"],"mappings":";;;;;;;;;;;;AAAA,IAAAA,GAAA,GAAAC,uBAAA,CAAAC,OAAA;AAA6BC,OAAA,CAAAH,GAAA,GAAAA,GAAA;AAC7B,IAAAI,EAAA,GAAAH,uBAAA,CAAAC,OAAA;AAA2BC,OAAA,CAAAC,EAAA,GAAAA,EAAA;AAC3B,IAAAC,MAAA,GAAAJ,uBAAA,CAAAC,OAAA;AAAyCC,OAAA,CAAAE,MAAA,GAAAA,MAAA;AACzC,IAAAC,yBAAA,GAAAL,uBAAA,CAAAC,OAAA;AAA2EC,OAAA,CAAAG,yBAAA,GAAAA,yBAAA;AAC3E,IAAAC,KAAA,GAAAL,OAAA;AAA+C,SAAAM,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAR,wBAAAY,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA"}

package/lib/commonjs/pid/index.js

@@ -3,9 +3,16 @@
 Object.defineProperty(exports, "__esModule", {
   value: true
 });
+Object.defineProperty(exports, "Issuing", {
+  enumerable: true,
+  get: function () {
+    return _issuing.Issuing;
+  }
+});
 exports.SdJwt = void 0;
 var SdJwt = _interopRequireWildcard(require("./sd-jwt"));
 exports.SdJwt = SdJwt;
+var _issuing = require("./issuing");
 function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
 function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
 //# sourceMappingURL=index.js.map

package/lib/commonjs/pid/index.js.map

@@ -1 +1 @@
-{"version":3,"names":["SdJwt","_interopRequireWildcard","require","exports","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set"],"sourceRoot":"../../../src","sources":["pid/index.ts"],"mappings":";;;;;;AAAA,IAAAA,KAAA,GAAAC,uBAAA,CAAAC,OAAA;AAAkCC,OAAA,CAAAH,KAAA,GAAAA,KAAA;AAAA,SAAAI,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAJ,wBAAAQ,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA"}
+{"version":3,"names":["SdJwt","_interopRequireWildcard","require","exports","_issuing","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set"],"sourceRoot":"../../../src","sources":["pid/index.ts"],"mappings":";;;;;;;;;;;;AAAA,IAAAA,KAAA,GAAAC,uBAAA,CAAAC,OAAA;AAAkCC,OAAA,CAAAH,KAAA,GAAAA,KAAA;AAClC,IAAAI,QAAA,GAAAF,OAAA;AAAoC,SAAAG,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAL,wBAAAS,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA"}

package/lib/commonjs/pid/issuing.js

@@ -0,0 +1,231 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.Issuing = void 0;
+var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
+var _jwk = require("../utils/jwk");
+var _reactNativeUuid = _interopRequireDefault(require("react-native-uuid"));
+var _errors = require("../utils/errors");
+var _dpop = require("../utils/dpop");
+var _ioReactNativeCrypto = require("@pagopa/io-react-native-crypto");
+function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
+// This is a temporary type that will be used for demo purposes only
+
+class Issuing {
+  constructor(pidProviderBaseUrl, walletProviderBaseUrl, walletInstanceAttestation, clientId) {
+    let appFetch = arguments.length > 4 && arguments[4] !== undefined ? arguments[4] : fetch;
+    this.pidProviderBaseUrl = pidProviderBaseUrl;
+    this.walletProviderBaseUrl = walletProviderBaseUrl;
+    this.state = `${_reactNativeUuid.default.v4()}`;
+    this.codeVerifier = `${_reactNativeUuid.default.v4()}`;
+    this.authorizationCode = `${_reactNativeUuid.default.v4()}`;
+    this.walletInstanceAttestation = walletInstanceAttestation;
+    this.clientId = clientId;
+    this.appFetch = appFetch;
+  }
+
+  /**
+   * Return the unsigned jwt to call the PAR request.
+   *
+   * @function
+   * @param jwk The wallet instance attestation public JWK
+   *
+   * @returns Unsigned jwt
+   *
+   */
+  async getUnsignedJwtForPar(jwk) {
+    const parsedJwk = _jwk.JWK.parse(jwk);
+    const keyThumbprint = await (0, _ioReactNativeJwt.thumbprint)(parsedJwk);
+    const publicKey = {
+      ...parsedJwk,
+      kid: keyThumbprint
+    };
+    const codeChallenge = await (0, _ioReactNativeJwt.sha256ToBase64)(this.codeVerifier);
+    const unsignedJwtForPar = new _ioReactNativeJwt.SignJWT({
+      client_assertion_type: "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
+      authorization_details: [{
+        credentialDefinition: {
+          type: ["eu.eudiw.pid.it"]
+        },
+        format: "vc+sd-jwt",
+        type: "type"
+      }],
+      response_type: "code",
+      code_challenge_method: "s256",
+      redirect_uri: this.walletProviderBaseUrl,
+      state: this.state,
+      client_id: this.clientId,
+      code_challenge: codeChallenge
+    }).setProtectedHeader({
+      alg: "ES256",
+      kid: publicKey.kid
+    }).setIssuedAt().setExpirationTime("1h").toSign();
+    return unsignedJwtForPar;
+  }
+
+  /**
+   * Make a PAR request to the PID issuer and return the response url
+   *
+   * @function
+   * @param unsignedJwtForPar The unsigned JWT for PAR
+   * @param signature The JWT for PAR signature
+   *
+   * @returns Unsigned PAR url
+   *
+   */
+  async getPar(unsignedJwtForPar, signature) {
+    const codeChallenge = await (0, _ioReactNativeJwt.sha256ToBase64)(this.codeVerifier);
+    const signedJwtForPar = await _ioReactNativeJwt.SignJWT.appendSignature(unsignedJwtForPar, signature);
+    const parUrl = new URL("/as/par", this.pidProviderBaseUrl).href;
+    const requestBody = {
+      response_type: "code",
+      client_id: this.clientId,
+      code_challenge: codeChallenge,
+      code_challenge_method: "S256",
+      client_assertion_type: "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
+      client_assertion: this.walletInstanceAttestation,
+      request: signedJwtForPar
+    };
+    var formBody = new URLSearchParams(requestBody);
+    const response = await this.appFetch(parUrl, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/x-www-form-urlencoded"
+      },
+      body: formBody.toString()
+    });
+    if (response.status === 201) {
+      const result = await response.json();
+      return result.request_uri;
+    }
+    throw new _errors.PidIssuingError(`Unable to obtain PAR. Response code: ${await response.text()}`);
+  }
+
+  /**
+   * Return the unsigned jwt for a generic DPoP
+   *
+   * @function
+   * @param jwk the public key for which the DPoP is to be created
+   *
+   * @returns Unsigned JWT for DPoP
+   *
+   */
+  async getUnsignedDPoP(jwk) {
+    const tokenUrl = new URL("/token", this.pidProviderBaseUrl).href;
+    const dPop = (0, _dpop.getUnsignedDPop)(jwk, {
+      htm: "POST",
+      htu: tokenUrl,
+      jti: `${_reactNativeUuid.default.v4()}`
+    });
+    return dPop;
+  }
+
+  /**
+   * Make an auth token request to the PID issuer
+   *
+   * @function
+   * @returns a token response
+   *
+   */
+  async getAuthToken() {
+    //Generate fresh keys for DPoP
+    const dPopKeyTag = `${_reactNativeUuid.default.v4()}`;
+    const dPopKey = await (0, _ioReactNativeCrypto.generate)(dPopKeyTag);
+    const unsignedDPopForToken = await this.getUnsignedDPoP(dPopKey);
+    const dPopTokenSignature = await (0, _ioReactNativeCrypto.sign)(unsignedDPopForToken, dPopKeyTag);
+    await (0, _ioReactNativeCrypto.deleteKey)(dPopKeyTag);
+    const signedDPop = await _ioReactNativeJwt.SignJWT.appendSignature(unsignedDPopForToken, dPopTokenSignature);
+    const decodedJwtDPop = (0, _ioReactNativeJwt.decode)(signedDPop);
+    const tokenUrl = decodedJwtDPop.payload.htu;
+    const requestBody = {
+      grant_type: "authorization code",
+      client_id: this.clientId,
+      code: this.authorizationCode,
+      code_verifier: this.codeVerifier,
+      client_assertion_type: "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
+      client_assertion: this.walletInstanceAttestation,
+      redirect_uri: this.walletProviderBaseUrl
+    };
+    var formBody = new URLSearchParams(requestBody);
+    const response = await this.appFetch(tokenUrl, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/x-www-form-urlencoded",
+        DPoP: signedDPop
+      },
+      body: formBody.toString()
+    });
+    if (response.status === 200) {
+      return await response.json();
+    }
+    throw new _errors.PidIssuingError(`Unable to obtain token. Response code: ${await response.text()}`);
+  }
+
+  /**
+   * Return the unsigned jwt for nonce proof of possession
+   *
+   * @function
+   * @param nonce the nonce
+   *
+   * @returns Unsigned JWT for nonce proof
+   *
+   */
+  async getUnsignedNonceProof(nonce) {
+    const unsignedProof = new _ioReactNativeJwt.SignJWT({
+      nonce
+    }).setProtectedHeader({
+      alg: "ES256",
+      type: "openid4vci-proof+jwt"
+    }).setAudience(this.walletProviderBaseUrl).setIssuer(this.clientId).setIssuedAt().setExpirationTime("1h").toSign();
+    return unsignedProof;
+  }
+
+  /**
+   * Make the credential issuing request to the PID issuer
+   *
+   * @function
+   * @param unsignedDPopForPid The unsigned JWT for PID DPoP
+   * @param dPopPidSignature The JWT for PID DPoP signature
+   * @param unsignedNonceProof The unsigned JWT for nonce proof
+   * @param nonceProofSignature The JWT for nonce proof signature
+   * @param accessToken The access token obtained with getAuthToken
+   * @param cieData Personal data read by the CIE
+   *
+   * @returns a credential
+   *
+   */
+  async getCredential(unsignedDPopForPid, dPopPidSignature, unsignedNonceProof, nonceProofSignature, accessToken, cieData) {
+    const signedDPopForPid = await _ioReactNativeJwt.SignJWT.appendSignature(unsignedDPopForPid, dPopPidSignature);
+    const signedNonceProof = await _ioReactNativeJwt.SignJWT.appendSignature(unsignedNonceProof, nonceProofSignature);
+    const credentialUrl = new URL("/credential", this.pidProviderBaseUrl).href;
+    const requestBody = {
+      credential_definition: JSON.stringify({
+        type: ["eu.eudiw.pid.it"]
+      }),
+      format: "vc+sd-jwt",
+      proof: JSON.stringify({
+        jwt: signedNonceProof,
+        cieData,
+        proof_type: "jwt"
+      })
+    };
+    const formBody = new URLSearchParams(requestBody);
+    const response = await this.appFetch(credentialUrl, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/x-www-form-urlencoded",
+        DPoP: signedDPopForPid,
+        Authorization: accessToken
+      },
+      body: formBody.toString()
+    });
+    if (response.status === 200) {
+      return await response.json();
+    }
+    throw new _errors.PidIssuingError(`Unable to obtain credential!`);
+  }
+}
+exports.Issuing = Issuing;
+//# sourceMappingURL=issuing.js.map

package/lib/commonjs/pid/issuing.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["_ioReactNativeJwt","require","_jwk","_reactNativeUuid","_interopRequireDefault","_errors","_dpop","_ioReactNativeCrypto","obj","__esModule","default","Issuing","constructor","pidProviderBaseUrl","walletProviderBaseUrl","walletInstanceAttestation","clientId","appFetch","arguments","length","undefined","fetch","state","uuid","v4","codeVerifier","authorizationCode","getUnsignedJwtForPar","jwk","parsedJwk","JWK","parse","keyThumbprint","thumbprint","publicKey","kid","codeChallenge","sha256ToBase64","unsignedJwtForPar","SignJWT","client_assertion_type","authorization_details","credentialDefinition","type","format","response_type","code_challenge_method","redirect_uri","client_id","code_challenge","setProtectedHeader","alg","setIssuedAt","setExpirationTime","toSign","getPar","signature","signedJwtForPar","appendSignature","parUrl","URL","href","requestBody","client_assertion","request","formBody","URLSearchParams","response","method","headers","body","toString","status","result","json","request_uri","PidIssuingError","text","getUnsignedDPoP","tokenUrl","dPop","getUnsignedDPop","htm","htu","jti","getAuthToken","dPopKeyTag","dPopKey","generate","unsignedDPopForToken","dPopTokenSignature","sign","deleteKey","signedDPop","decodedJwtDPop","decodeJwt","payload","grant_type","code","code_verifier","DPoP","getUnsignedNonceProof","nonce","unsignedProof","setAudience","setIssuer","getCredential","unsignedDPopForPid","dPopPidSignature","unsignedNonceProof","nonceProofSignature","accessToken","cieData","signedDPopForPid","signedNonceProof","credentialUrl","credential_definition","JSON","stringify","proof","jwt","proof_type","Authorization","exports"],"sourceRoot":"../../../src","sources":["pid/issuing.ts"],"mappings":";;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AAMA,IAAAC,IAAA,GAAAD,OAAA;AACA,IAAAE,gBAAA,GAAAC,sBAAA,CAAAH,OAAA;AACA,IAAAI,OAAA,GAAAJ,OAAA;AACA,IAAAK,KAAA,GAAAL,OAAA;AACA,IAAAM,oBAAA,GAAAN,OAAA;AAA2E,SAAAG,uBAAAI,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAE3E;;AAgBO,MAAMG,OAAO,CAAC;EAUnBC,WAAWA,CACTC,kBAA0B,EAC1BC,qBAA6B,EAC7BC,yBAAiC,EACjCC,QAAgB,EAEhB;IAAA,IADAC,QAA8B,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAGG,KAAK;IAEtC,IAAI,CAACR,kBAAkB,GAAGA,kBAAkB;IAC5C,IAAI,CAACC,qBAAqB,GAAGA,qBAAqB;IAClD,IAAI,CAACQ,KAAK,GAAI,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;IAC3B,IAAI,CAACC,YAAY,GAAI,GAAEF,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;IAClC,IAAI,CAACE,iBAAiB,GAAI,GAAEH,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;IACvC,IAAI,CAACT,yBAAyB,GAAGA,yBAAyB;IAC1D,IAAI,CAACC,QAAQ,GAAGA,QAAQ;IACxB,IAAI,CAACC,QAAQ,GAAGA,QAAQ;EAC1B;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMU,oBAAoBA,CAACC,GAAQ,EAAmB;IACpD,MAAMC,SAAS,GAAGC,QAAG,CAACC,KAAK,CAACH,GAAG,CAAC;IAChC,MAAMI,aAAa,GAAG,MAAM,IAAAC,4BAAU,EAACJ,SAAS,CAAC;IACjD,MAAMK,SAAS,GAAG;MAAE,GAAGL,SAAS;MAAEM,GAAG,EAAEH;IAAc,CAAC;IACtD,MAAMI,aAAa,GAAG,MAAM,IAAAC,gCAAc,EAAC,IAAI,CAACZ,YAAY,CAAC;IAE7D,MAAMa,iBAAiB,GAAG,IAAIC,yBAAO,CAAC;MACpCC,qBAAqB,EACnB,wDAAwD;MAC1DC,qBAAqB,EAAE,CACrB;QACEC,oBAAoB,EAAE;UACpBC,IAAI,EAAE,CAAC,iBAAiB;QAC1B,CAAC;QACDC,MAAM,EAAE,WAAW;QACnBD,IAAI,EAAE;MACR,CAAC,CACF;MACDE,aAAa,EAAE,MAAM;MACrBC,qBAAqB,EAAE,MAAM;MAC7BC,YAAY,EAAE,IAAI,CAACjC,qBAAqB;MACxCQ,KAAK,EAAE,IAAI,CAACA,KAAK;MACjB0B,SAAS,EAAE,IAAI,CAAChC,QAAQ;MACxBiC,cAAc,EAAEb;IAClB,CAAC,CAAC,CACCc,kBAAkB,CAAC;MAClBC,GAAG,EAAE,OAAO;MACZhB,GAAG,EAAED,SAAS,CAACC;IACjB,CAAC,CAAC,CACDiB,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,MAAM,CAAC,CAAC;IAEX,OAAOhB,iBAAiB;EAC1B;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMiB,MAAMA,CAACjB,iBAAyB,EAAEkB,SAAiB,EAAmB;IAC1E,MAAMpB,aAAa,GAAG,MAAM,IAAAC,gCAAc,EAAC,IAAI,CAACZ,YAAY,CAAC;IAC7D,MAAMgC,eAAe,GAAG,MAAMlB,yBAAO,CAACmB,eAAe,CACnDpB,iBAAiB,EACjBkB,SACF,CAAC;IAED,MAAMG,MAAM,GAAG,IAAIC,GAAG,CAAC,SAAS,EAAE,IAAI,CAAC/C,kBAAkB,CAAC,CAACgD,IAAI;IAE/D,MAAMC,WAAW,GAAG;MAClBjB,aAAa,EAAE,MAAM;MACrBG,SAAS,EAAE,IAAI,CAAChC,QAAQ;MACxBiC,cAAc,EAAEb,aAAa;MAC7BU,qBAAqB,EAAE,MAAM;MAC7BN,qBAAqB,EACnB,wDAAwD;MAC1DuB,gBAAgB,EAAE,IAAI,CAAChD,yBAAyB;MAChDiD,OAAO,EAAEP;IACX,CAAC;IAED,IAAIQ,QAAQ,GAAG,IAAIC,eAAe,CAACJ,WAAW,CAAC;IAE/C,MAAMK,QAAQ,GAAG,MAAM,IAAI,CAAClD,QAAQ,CAAC0C,MAAM,EAAE;MAC3CS,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE;MAClB,CAAC;MACDC,IAAI,EAAEL,QAAQ,CAACM,QAAQ,CAAC;IAC1B,CAAC,CAAC;IAEF,IAAIJ,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAMC,MAAM,GAAG,MAAMN,QAAQ,CAACO,IAAI,CAAC,CAAC;MACpC,OAAOD,MAAM,CAACE,WAAW;IAC3B;IAEA,MAAM,IAAIC,uBAAe,CACtB,wCAAuC,MAAMT,QAAQ,CAACU,IAAI,CAAC,CAAE,EAChE,CAAC;EACH;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMC,eAAeA,CAAClD,GAAQ,EAAmB;IAC/C,MAAMmD,QAAQ,GAAG,IAAInB,GAAG,CAAC,QAAQ,EAAE,IAAI,CAAC/C,kBAAkB,CAAC,CAACgD,IAAI;IAChE,MAAMmB,IAAI,GAAG,IAAAC,qBAAe,EAACrD,GAAG,EAAE;MAChCsD,GAAG,EAAE,MAAM;MACXC,GAAG,EAAEJ,QAAQ;MACbK,GAAG,EAAG,GAAE7D,wBAAI,CAACC,EAAE,CAAC,CAAE;IACpB,CAAC,CAAC;IACF,OAAOwD,IAAI;EACb;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;EACE,MAAMK,YAAYA,CAAA,EAA2B;IAC3C;IACA,MAAMC,UAAU,GAAI,GAAE/D,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;IACjC,MAAM+D,OAAO,GAAG,MAAM,IAAAC,6BAAQ,EAACF,UAAU,CAAC;IAC1C,MAAMG,oBAAoB,GAAG,MAAM,IAAI,CAACX,eAAe,CAACS,OAAO,CAAC;IAChE,MAAMG,kBAAkB,GAAG,MAAM,IAAAC,yBAAI,EAACF,oBAAoB,EAAEH,UAAU,CAAC;IACvE,MAAM,IAAAM,8BAAS,EAACN,UAAU,CAAC;IAE3B,MAAMO,UAAU,GAAG,MAAMtD,yBAAO,CAACmB,eAAe,CAC9C+B,oBAAoB,EACpBC,kBACF,CAAC;IACD,MAAMI,cAAc,GAAG,IAAAC,wBAAS,EAACF,UAAU,CAAC;IAC5C,MAAMd,QAAQ,GAAGe,cAAc,CAACE,OAAO,CAACb,GAAa;IACrD,MAAMrB,WAAW,GAAG;MAClBmC,UAAU,EAAE,oBAAoB;MAChCjD,SAAS,EAAE,IAAI,CAAChC,QAAQ;MACxBkF,IAAI,EAAE,IAAI,CAACxE,iBAAiB;MAC5ByE,aAAa,EAAE,IAAI,CAAC1E,YAAY;MAChCe,qBAAqB,EACnB,wDAAwD;MAC1DuB,gBAAgB,EAAE,IAAI,CAAChD,yBAAyB;MAChDgC,YAAY,EAAE,IAAI,CAACjC;IACrB,CAAC;IACD,IAAImD,QAAQ,GAAG,IAAIC,eAAe,CAACJ,WAAW,CAAC;IAE/C,MAAMK,QAAQ,GAAG,MAAM,IAAI,CAAClD,QAAQ,CAAC8D,QAAQ,EAAE;MAC7CX,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE,mCAAmC;QACnD+B,IAAI,EAAEP;MACR,CAAC;MACDvB,IAAI,EAAEL,QAAQ,CAACM,QAAQ,CAAC;IAC1B,CAAC,CAAC;IAEF,IAAIJ,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,OAAO,MAAML,QAAQ,CAACO,IAAI,CAAC,CAAC;IAC9B;IAEA,MAAM,IAAIE,uBAAe,CACtB,0CAAyC,MAAMT,QAAQ,CAACU,IAAI,CAAC,CAAE,EAClE,CAAC;EACH;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMwB,qBAAqBA,CAACC,KAAa,EAAmB;IAC1D,MAAMC,aAAa,GAAG,IAAIhE,yBAAO,CAAC;MAChC+D;IACF,CAAC,CAAC,CACCpD,kBAAkB,CAAC;MAClBC,GAAG,EAAE,OAAO;MACZR,IAAI,EAAE;IACR,CAAC,CAAC,CACD6D,WAAW,CAAC,IAAI,CAAC1F,qBAAqB,CAAC,CACvC2F,SAAS,CAAC,IAAI,CAACzF,QAAQ,CAAC,CACxBoC,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,MAAM,CAAC,CAAC;IACX,OAAOiD,aAAa;EACtB;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMG,aAAaA,CACjBC,kBAA0B,EAC1BC,gBAAwB,EACxBC,kBAA0B,EAC1BC,mBAA2B,EAC3BC,WAAmB,EACnBC,OAAgB,EACM;IACtB,MAAMC,gBAAgB,GAAG,MAAM1E,yBAAO,CAACmB,eAAe,CACpDiD,kBAAkB,EAClBC,gBACF,CAAC;IACD,MAAMM,gBAAgB,GAAG,MAAM3E,yBAAO,CAACmB,eAAe,CACpDmD,kBAAkB,EAClBC,mBACF,CAAC;IACD,MAAMK,aAAa,GAAG,IAAIvD,GAAG,CAAC,aAAa,EAAE,IAAI,CAAC/C,kBAAkB,CAAC,CAACgD,IAAI;IAE1E,MAAMC,WAAW,GAAG;MAClBsD,qBAAqB,EAAEC,IAAI,CAACC,SAAS,CAAC;QAAE3E,IAAI,EAAE,CAAC,iBAAiB;MAAE,CAAC,CAAC;MACpEC,MAAM,EAAE,WAAW;MACnB2E,KAAK,EAAEF,IAAI,CAACC,SAAS,CAAC;QACpBE,GAAG,EAAEN,gBAAgB;QACrBF,OAAO;QACPS,UAAU,EAAE;MACd,CAAC;IACH,CAAC;IACD,MAAMxD,QAAQ,GAAG,IAAIC,eAAe,CAACJ,WAAW,CAAC;IAEjD,MAAMK,QAAQ,GAAG,MAAM,IAAI,CAAClD,QAAQ,CAACkG,aAAa,EAAE;MAClD/C,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE,mCAAmC;QACnD+B,IAAI,EAAEa,gBAAgB;QACtBS,aAAa,EAAEX;MACjB,CAAC;MACDzC,IAAI,EAAEL,QAAQ,CAACM,QAAQ,CAAC;IAC1B,CAAC,CAAC;IAEF,IAAIJ,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,OAAO,MAAML,QAAQ,CAACO,IAAI,CAAC,CAAC;IAC9B;IAEA,MAAM,IAAIE,uBAAe,CAAE,8BAA6B,CAAC;EAC3D;AACF;AAAC+C,OAAA,CAAAhH,OAAA,GAAAA,OAAA"}

package/lib/commonjs/rp/__test__/index.test.js

@@ -0,0 +1,18 @@
+"use strict";
+
+var _ = require("..");
+var _errors = require("../../utils/errors");
+const walletInstanceAttestation = "eyJhbGciOiJFUzI1NiIsImtpZCI6IjV0NVlZcEJoTi1FZ0lFRUk1aVV6cjZyME1SMDJMblZRME9tZWttTktjalkiLCJ0cnVzdF9jaGFpbiI6WyJleUpoYkdjaU9pSkZVei4uLjZTMEEiLCJleUpoYkdjaU9pSkZVei4uLmpKTEEiLCJleUpoYkdjaU9pSkZVei4uLkg5Z3ciXSwidHlwIjoidmErand0IiwieDVjIjpbIk1JSUJqRENDIC4uLiBYRmVoZ0tRQT09Il19.eyJpc3MiOiJodHRwczovL3dhbGxldC1wcm92aWRlci5leGFtcGxlLm9yZyIsInN1YiI6InZiZVhKa3NNNDV4cGh0QU5uQ2lHNm1DeXVVNGpmR056b3BHdUt2b2dnOWMiLCJ0eXBlIjoiV2FsbGV0SW5zdGFuY2VBdHRlc3RhdGlvbiIsInBvbGljeV91cmkiOiJodHRwczovL3dhbGxldC1wcm92aWRlci5leGFtcGxlLm9yZy9wcml2YWN5X3BvbGljeSIsInRvc191cmkiOiJodHRwczovL3dhbGxldC1wcm92aWRlci5leGFtcGxlLm9yZy9pbmZvX3BvbGljeSIsImxvZ29fdXJpIjoiaHR0cHM6Ly93YWxsZXQtcHJvdmlkZXIuZXhhbXBsZS5vcmcvbG9nby5zdmciLCJhc2MiOiJodHRwczovL3dhbGxldC1wcm92aWRlci5leGFtcGxlLm9yZy9Mb0EvYmFzaWMiLCJjbmYiOnsiandrIjp7ImNydiI6IlAtMjU2Iiwia3R5IjoiRUMiLCJ4IjoiNEhOcHRJLXhyMnBqeVJKS0dNbno0V21kblFEX3VKU3E0Ujk1Tmo5OGI0NCIsInkiOiJMSVpuU0IzOXZGSmhZZ1MzazdqWEU0cjMtQ29HRlF3WnRQQklScXBObHJnIiwia2lkIjoidmJlWEprc000NXhwaHRBTm5DaUc2bUN5dVU0amZHTnpvcEd1S3ZvZ2c5YyJ9fSwiYXV0aG9yaXphdGlvbl9lbmRwb2ludCI6ImV1ZGl3OiIsInJlc3BvbnNlX3R5cGVzX3N1cHBvcnRlZCI6WyJ2cF90b2tlbiJdLCJ2cF9mb3JtYXRzX3N1cHBvcnRlZCI6eyJqd3RfdnBfanNvbiI6eyJhbGdfdmFsdWVzX3N1cHBvcnRlZCI6WyJFUzI1NiJdfSwiand0X3ZjX2pzb24iOnsiYWxnX3ZhbHVlc19zdXBwb3J0ZWQiOlsiRVMyNTYiXX19LCJyZXF1ZXN0X29iamVjdF9zaWduaW5nX2FsZ192YWx1ZXNfc3VwcG9ydGVkIjpbIkVTMjU2Il0sInByZXNlbnRhdGlvbl9kZWZpbml0aW9uX3VyaV9zdXBwb3J0ZWQiOmZhbHNlLCJpYXQiOjE2ODcyODExOTUsImV4cCI6MTY4NzI4ODM5NX0.OTuPik6p3o9j6VOx-uCyxRvHwoh1pDiiZcBQFNQt2uE3dK-8izGNflJVETi_uhGSZOf25Enkq-UvEin9NrbJNw";
+const rp = new _.RelyingPartySolution("http://rp.example", walletInstanceAttestation);
+describe("decodeAuthRequestQR", () => {
+  it("should return authentication request URL", async () => {
+    const qrcode = "ZXVkaXc6Ly9hdXRob3JpemU/Y2xpZW50X2lkPWh0dHBzOi8vdmVyaWZpZXIuZXhhbXBsZS5vcmcmcmVxdWVzdF91cmk9aHR0cHM6Ly92ZXJpZmllci5leGFtcGxlLm9yZy9yZXF1ZXN0X3VyaQ==";
+    const result = rp.decodeAuthRequestQR(qrcode);
+    expect(result).toEqual("https://verifier.example.org/request_uri");
+  });
+  it("should throw exception with invalid QR", async () => {
+    const qrcode = "aHR0cDovL2dvb2dsZS5pdA==";
+    expect(() => rp.decodeAuthRequestQR(qrcode)).toThrowError(_errors.AuthRequestDecodeError);
+  });
+});
+//# sourceMappingURL=index.test.js.map

package/lib/commonjs/rp/__test__/index.test.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["_","require","_errors","walletInstanceAttestation","rp","RelyingPartySolution","describe","it","qrcode","result","decodeAuthRequestQR","expect","toEqual","toThrowError","AuthRequestDecodeError"],"sourceRoot":"../../../../src","sources":["rp/__test__/index.test.ts"],"mappings":";;AAAA,IAAAA,CAAA,GAAAC,OAAA;AACA,IAAAC,OAAA,GAAAD,OAAA;AAEA,MAAME,yBAAyB,GAC7B,qhDAAqhD;AACvhD,MAAMC,EAAE,GAAG,IAAIC,sBAAoB,CACjC,mBAAmB,EACnBF,yBACF,CAAC;AACDG,QAAQ,CAAC,qBAAqB,EAAE,MAAM;EACpCC,EAAE,CAAC,0CAA0C,EAAE,YAAY;IACzD,MAAMC,MAAM,GACV,sJAAsJ;IACxJ,MAAMC,MAAM,GAAGL,EAAE,CAACM,mBAAmB,CAACF,MAAM,CAAC;IAC7CG,MAAM,CAACF,MAAM,CAAC,CAACG,OAAO,CAAC,0CAA0C,CAAC;EACpE,CAAC,CAAC;EACFL,EAAE,CAAC,wCAAwC,EAAE,YAAY;IACvD,MAAMC,MAAM,GAAG,0BAA0B;IACzCG,MAAM,CAAC,MAAMP,EAAE,CAACM,mBAAmB,CAACF,MAAM,CAAC,CAAC,CAACK,YAAY,CACvDC,8BACF,CAAC;EACH,CAAC,CAAC;AACJ,CAAC,CAAC"}

package/lib/commonjs/rp/index.js

@@ -0,0 +1,116 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.RelyingPartySolution = void 0;
+var _errors = require("../utils/errors");
+var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
+var _types = require("./types");
+var _reactNativeUuid = _interopRequireDefault(require("react-native-uuid"));
+function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
+class RelyingPartySolution {
+  constructor(relyingPartyBaseUrl, walletInstanceAttestation) {
+    let appFetch = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : fetch;
+    this.relyingPartyBaseUrl = relyingPartyBaseUrl;
+    this.walletInstanceAttestation = walletInstanceAttestation;
+    this.appFetch = appFetch;
+  }
+
+  /**
+   * Decode a QR code content to an authentication request url.
+   * @function
+   * @param qrcode QR code content
+   *
+   * @returns The authentication request url
+   *
+   */
+  decodeAuthRequestQR(qrcode) {
+    try {
+      const decoded = (0, _ioReactNativeJwt.decodeBase64)(qrcode);
+      const decodedUrl = new URL(decoded);
+      const requestUri = decodedUrl.searchParams.get("request_uri");
+      if (requestUri) {
+        return requestUri;
+      } else {
+        throw new _errors.AuthRequestDecodeError("Unable to obtain request_uri from QR code", `${decodedUrl}`);
+      }
+    } catch {
+      throw new _errors.AuthRequestDecodeError("Unable to decode QR code authentication request url", qrcode);
+    }
+  }
+  /**
+   * Obtain the unsigned wallet instance DPoP for authentication request
+   *
+   * @function
+   * @param walletInstanceAttestationJwk JWT of the Wallet Instance Attestation
+   * @param authRequestUrl authentication request url
+   *
+   * @returns The unsigned wallet instance DPoP
+   *
+   */
+  async getUnsignedWalletInstanceDPoP(walletInstanceAttestationJwk, authRequestUrl) {
+    return await new _ioReactNativeJwt.SignJWT({
+      jti: `${_reactNativeUuid.default.v4()}`,
+      htm: "GET",
+      htu: authRequestUrl,
+      ath: await (0, _ioReactNativeJwt.sha256ToBase64)(this.walletInstanceAttestation)
+    }).setProtectedHeader({
+      alg: "ES256",
+      jwk: walletInstanceAttestationJwk,
+      typ: "dpop+jwt"
+    }).setIssuedAt().setExpirationTime("1h").toSign();
+  }
+
+  /**
+   * Obtain the Request Object for RP authentication
+   *
+   * @function
+   * @param signedWalletInstanceDPoP JWT of the Wallet Instance Attestation DPoP
+   *
+   * @returns The Request Object JWT
+   *
+   */
+  async getRequestObject(signedWalletInstanceDPoP) {
+    const decodedJwtDPop = await (0, _ioReactNativeJwt.decode)(signedWalletInstanceDPoP);
+    const requestUri = decodedJwtDPop.payload.htu;
+    const response = await this.appFetch(requestUri, {
+      method: "GET",
+      headers: {
+        Authorization: `DPoP ${this.walletInstanceAttestation}`,
+        DPoP: signedWalletInstanceDPoP
+      }
+    });
+    if (response.status === 200) {
+      const responseText = await response.text();
+      const responseJwt = await (0, _ioReactNativeJwt.decode)(responseText);
+      const requestObj = _types.RequestObject.parse({
+        header: responseJwt.protectedHeader,
+        payload: responseJwt.payload
+      });
+      return requestObj;
+    }
+    throw new _errors.IoWalletError(`Unable to obtain Request Object. Response code: ${response.status}`);
+  }
+
+  /**
+   * Obtain the relying party entity configuration.
+   */
+  async getEntityConfiguration() {
+    const wellKnownUrl = new URL("/.well-known/openid-federation", this.relyingPartyBaseUrl).href;
+    const response = await this.appFetch(wellKnownUrl, {
+      method: "GET"
+    });
+    if (response.status === 200) {
+      const responseText = await response.text();
+      const responseJwt = await (0, _ioReactNativeJwt.decode)(responseText);
+      return _types.RpEntityConfiguration.parse({
+        header: responseJwt.protectedHeader,
+        payload: responseJwt.payload
+      });
+    }
+    throw new _errors.IoWalletError(`Unable to obtain RP Entity Configuration. Response code: ${response.status}`);
+  }
+}
+exports.RelyingPartySolution = RelyingPartySolution;
+//# sourceMappingURL=index.js.map

package/lib/commonjs/rp/index.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["_errors","require","_ioReactNativeJwt","_types","_reactNativeUuid","_interopRequireDefault","obj","__esModule","default","RelyingPartySolution","constructor","relyingPartyBaseUrl","walletInstanceAttestation","appFetch","arguments","length","undefined","fetch","decodeAuthRequestQR","qrcode","decoded","decodeBase64","decodedUrl","URL","requestUri","searchParams","get","AuthRequestDecodeError","getUnsignedWalletInstanceDPoP","walletInstanceAttestationJwk","authRequestUrl","SignJWT","jti","uuid","v4","htm","htu","ath","sha256ToBase64","setProtectedHeader","alg","jwk","typ","setIssuedAt","setExpirationTime","toSign","getRequestObject","signedWalletInstanceDPoP","decodedJwtDPop","decodeJwt","payload","response","method","headers","Authorization","DPoP","status","responseText","text","responseJwt","requestObj","RequestObject","parse","header","protectedHeader","IoWalletError","getEntityConfiguration","wellKnownUrl","href","RpEntityConfiguration","exports"],"sourceRoot":"../../../src","sources":["rp/index.ts"],"mappings":";;;;;;AAAA,IAAAA,OAAA,GAAAC,OAAA;AACA,IAAAC,iBAAA,GAAAD,OAAA;AAMA,IAAAE,MAAA,GAAAF,OAAA;AAEA,IAAAG,gBAAA,GAAAC,sBAAA,CAAAJ,OAAA;AAAqC,SAAAI,uBAAAC,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAG9B,MAAMG,oBAAoB,CAAC;EAKhCC,WAAWA,CACTC,mBAA2B,EAC3BC,yBAAiC,EAEjC;IAAA,IADAC,QAA8B,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAGG,KAAK;IAEtC,IAAI,CAACN,mBAAmB,GAAGA,mBAAmB;IAC9C,IAAI,CAACC,yBAAyB,GAAGA,yBAAyB;IAC1D,IAAI,CAACC,QAAQ,GAAGA,QAAQ;EAC1B;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;EACEK,mBAAmBA,CAACC,MAAc,EAAU;IAC1C,IAAI;MACF,MAAMC,OAAO,GAAG,IAAAC,8BAAY,EAACF,MAAM,CAAC;MACpC,MAAMG,UAAU,GAAG,IAAIC,GAAG,CAACH,OAAO,CAAC;MACnC,MAAMI,UAAU,GAAGF,UAAU,CAACG,YAAY,CAACC,GAAG,CAAC,aAAa,CAAC;MAC7D,IAAIF,UAAU,EAAE;QACd,OAAOA,UAAU;MACnB,CAAC,MAAM;QACL,MAAM,IAAIG,8BAAsB,CAC9B,2CAA2C,EAC1C,GAAEL,UAAW,EAChB,CAAC;MACH;IACF,CAAC,CAAC,MAAM;MACN,MAAM,IAAIK,8BAAsB,CAC9B,qDAAqD,EACrDR,MACF,CAAC;IACH;EACF;EACA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMS,6BAA6BA,CACjCC,4BAAiC,EACjCC,cAAsB,EACL;IACjB,OAAO,MAAM,IAAIC,yBAAO,CAAC;MACvBC,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;MACnBC,GAAG,EAAE,KAAK;MACVC,GAAG,EAAEN,cAAc;MACnBO,GAAG,EAAE,MAAM,IAAAC,gCAAc,EAAC,IAAI,CAAC1B,yBAAyB;IAC1D,CAAC,CAAC,CACC2B,kBAAkB,CAAC;MAClBC,GAAG,EAAE,OAAO;MACZC,GAAG,EAAEZ,4BAA4B;MACjCa,GAAG,EAAE;IACP,CAAC,CAAC,CACDC,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,MAAM,CAAC,CAAC;EACb;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMC,gBAAgBA,CACpBC,wBAAgC,EACR;IACxB,MAAMC,cAAc,GAAG,MAAM,IAAAC,wBAAS,EAACF,wBAAwB,CAAC;IAChE,MAAMvB,UAAU,GAAGwB,cAAc,CAACE,OAAO,CAACd,GAAa;IAEvD,MAAMe,QAAQ,GAAG,MAAM,IAAI,CAACtC,QAAQ,CAACW,UAAU,EAAE;MAC/C4B,MAAM,EAAE,KAAK;MACbC,OAAO,EAAE;QACPC,aAAa,EAAG,QAAO,IAAI,CAAC1C,yBAA0B,EAAC;QACvD2C,IAAI,EAAER;MACR;IACF,CAAC,CAAC;IAEF,IAAII,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAMC,YAAY,GAAG,MAAMN,QAAQ,CAACO,IAAI,CAAC,CAAC;MAC1C,MAAMC,WAAW,GAAG,MAAM,IAAAV,wBAAS,EAACQ,YAAY,CAAC;MACjD,MAAMG,UAAU,GAAGC,oBAAa,CAACC,KAAK,CAAC;QACrCC,MAAM,EAAEJ,WAAW,CAACK,eAAe;QACnCd,OAAO,EAAES,WAAW,CAACT;MACvB,CAAC,CAAC;MACF,OAAOU,UAAU;IACnB;IAEA,MAAM,IAAIK,qBAAa,CACpB,mDAAkDd,QAAQ,CAACK,MAAO,EACrE,CAAC;EACH;;EAEA;AACF;AACA;EACE,MAAMU,sBAAsBA,CAAA,EAAmC;IAC7D,MAAMC,YAAY,GAAG,IAAI5C,GAAG,CAC1B,gCAAgC,EAChC,IAAI,CAACZ,mBACP,CAAC,CAACyD,IAAI;IAEN,MAAMjB,QAAQ,GAAG,MAAM,IAAI,CAACtC,QAAQ,CAACsD,YAAY,EAAE;MACjDf,MAAM,EAAE;IACV,CAAC,CAAC;IAEF,IAAID,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAMC,YAAY,GAAG,MAAMN,QAAQ,CAACO,IAAI,CAAC,CAAC;MAC1C,MAAMC,WAAW,GAAG,MAAM,IAAAV,wBAAS,EAACQ,YAAY,CAAC;MACjD,OAAOY,4BAAqB,CAACP,KAAK,CAAC;QACjCC,MAAM,EAAEJ,WAAW,CAACK,eAAe;QACnCd,OAAO,EAAES,WAAW,CAACT;MACvB,CAAC,CAAC;IACJ;IAEA,MAAM,IAAIe,qBAAa,CACpB,4DAA2Dd,QAAQ,CAACK,MAAO,EAC9E,CAAC;EACH;AACF;AAACc,OAAA,CAAA7D,oBAAA,GAAAA,oBAAA"}

package/lib/commonjs/rp/types.js

@@ -0,0 +1,72 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.RpEntityConfiguration = exports.RequestObject = void 0;
+var _jwk = require("../utils/jwk");
+var _types = require("../sd-jwt/types");
+var z = _interopRequireWildcard(require("zod"));
+function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
+function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
+const RequestObject = z.object({
+  header: z.object({
+    typ: z.literal("JWT"),
+    alg: z.string(),
+    kid: z.string(),
+    trust_chain: z.array(z.string())
+  }),
+  payload: z.object({
+    iss: z.string(),
+    iat: _types.UnixTime,
+    exp: _types.UnixTime,
+    state: z.string(),
+    nonce: z.string(),
+    response_uri: z.string(),
+    response_type: z.literal("vp_token"),
+    response_mode: z.literal("direct_post.jwt"),
+    client_id: z.string(),
+    client_id_scheme: z.literal("entity_id"),
+    scope: z.string()
+  })
+});
+
+// TODO: This types is WIP in technical rules
+exports.RequestObject = RequestObject;
+const RpEntityConfiguration = z.object({
+  header: z.object({
+    typ: z.literal("entity-statement+jwt"),
+    alg: z.string(),
+    kid: z.string()
+  }),
+  payload: z.object({
+    exp: _types.UnixTime,
+    iat: _types.UnixTime,
+    iss: z.string(),
+    sub: z.string(),
+    jwks: z.object({
+      keys: z.array(_jwk.JWK)
+    }),
+    metadata: z.object({
+      wallet_relying_party: z.object({
+        application_type: z.string(),
+        client_id: z.string(),
+        client_name: z.string(),
+        jwks: z.object({
+          keys: z.array(_jwk.JWK)
+        }),
+        contacts: z.array(z.string())
+      }),
+      federation_entity: z.object({
+        organization_name: z.string(),
+        homepage_uri: z.string(),
+        policy_uri: z.string(),
+        logo_uri: z.string(),
+        contacts: z.array(z.string())
+      })
+    }),
+    authority_hints: z.array(z.string())
+  })
+});
+exports.RpEntityConfiguration = RpEntityConfiguration;
+//# sourceMappingURL=types.js.map

package/lib/commonjs/rp/types.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["_jwk","require","_types","z","_interopRequireWildcard","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","RequestObject","object","header","typ","literal","alg","string","kid","trust_chain","array","payload","iss","iat","UnixTime","exp","state","nonce","response_uri","response_type","response_mode","client_id","client_id_scheme","scope","exports","RpEntityConfiguration","sub","jwks","keys","JWK","metadata","wallet_relying_party","application_type","client_name","contacts","federation_entity","organization_name","homepage_uri","policy_uri","logo_uri","authority_hints"],"sourceRoot":"../../../src","sources":["rp/types.ts"],"mappings":";;;;;;AAAA,IAAAA,IAAA,GAAAC,OAAA;AACA,IAAAC,MAAA,GAAAD,OAAA;AACA,IAAAE,CAAA,GAAAC,uBAAA,CAAAH,OAAA;AAAyB,SAAAI,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAF,wBAAAM,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAGlB,MAAMW,aAAa,GAAGxB,CAAC,CAACyB,MAAM,CAAC;EACpCC,MAAM,EAAE1B,CAAC,CAACyB,MAAM,CAAC;IACfE,GAAG,EAAE3B,CAAC,CAAC4B,OAAO,CAAC,KAAK,CAAC;IACrBC,GAAG,EAAE7B,CAAC,CAAC8B,MAAM,CAAC,CAAC;IACfC,GAAG,EAAE/B,CAAC,CAAC8B,MAAM,CAAC,CAAC;IACfE,WAAW,EAAEhC,CAAC,CAACiC,KAAK,CAACjC,CAAC,CAAC8B,MAAM,CAAC,CAAC;EACjC,CAAC,CAAC;EACFI,OAAO,EAAElC,CAAC,CAACyB,MAAM,CAAC;IAChBU,GAAG,EAAEnC,CAAC,CAAC8B,MAAM,CAAC,CAAC;IACfM,GAAG,EAAEC,eAAQ;IACbC,GAAG,EAAED,eAAQ;IACbE,KAAK,EAAEvC,CAAC,CAAC8B,MAAM,CAAC,CAAC;IACjBU,KAAK,EAAExC,CAAC,CAAC8B,MAAM,CAAC,CAAC;IACjBW,YAAY,EAAEzC,CAAC,CAAC8B,MAAM,CAAC,CAAC;IACxBY,aAAa,EAAE1C,CAAC,CAAC4B,OAAO,CAAC,UAAU,CAAC;IACpCe,aAAa,EAAE3C,CAAC,CAAC4B,OAAO,CAAC,iBAAiB,CAAC;IAC3CgB,SAAS,EAAE5C,CAAC,CAAC8B,MAAM,CAAC,CAAC;IACrBe,gBAAgB,EAAE7C,CAAC,CAAC4B,OAAO,CAAC,WAAW,CAAC;IACxCkB,KAAK,EAAE9C,CAAC,CAAC8B,MAAM,CAAC;EAClB,CAAC;AACH,CAAC,CAAC;;AAEF;AAAAiB,OAAA,CAAAvB,aAAA,GAAAA,aAAA;AAEO,MAAMwB,qBAAqB,GAAGhD,CAAC,CAACyB,MAAM,CAAC;EAC5CC,MAAM,EAAE1B,CAAC,CAACyB,MAAM,CAAC;IACfE,GAAG,EAAE3B,CAAC,CAAC4B,OAAO,CAAC,sBAAsB,CAAC;IACtCC,GAAG,EAAE7B,CAAC,CAAC8B,MAAM,CAAC,CAAC;IACfC,GAAG,EAAE/B,CAAC,CAAC8B,MAAM,CAAC;EAChB,CAAC,CAAC;EACFI,OAAO,EAAElC,CAAC,CAACyB,MAAM,CAAC;IAChBa,GAAG,EAAED,eAAQ;IACbD,GAAG,EAAEC,eAAQ;IACbF,GAAG,EAAEnC,CAAC,CAAC8B,MAAM,CAAC,CAAC;IACfmB,GAAG,EAAEjD,CAAC,CAAC8B,MAAM,CAAC,CAAC;IACfoB,IAAI,EAAElD,CAAC,CAACyB,MAAM,CAAC;MACb0B,IAAI,EAAEnD,CAAC,CAACiC,KAAK,CAACmB,QAAG;IACnB,CAAC,CAAC;IACFC,QAAQ,EAAErD,CAAC,CAACyB,MAAM,CAAC;MACjB6B,oBAAoB,EAAEtD,CAAC,CAACyB,MAAM,CAAC;QAC7B8B,gBAAgB,EAAEvD,CAAC,CAAC8B,MAAM,CAAC,CAAC;QAC5Bc,SAAS,EAAE5C,CAAC,CAAC8B,MAAM,CAAC,CAAC;QACrB0B,WAAW,EAAExD,CAAC,CAAC8B,MAAM,CAAC,CAAC;QACvBoB,IAAI,EAAElD,CAAC,CAACyB,MAAM,CAAC;UACb0B,IAAI,EAAEnD,CAAC,CAACiC,KAAK,CAACmB,QAAG;QACnB,CAAC,CAAC;QACFK,QAAQ,EAAEzD,CAAC,CAACiC,KAAK,CAACjC,CAAC,CAAC8B,MAAM,CAAC,CAAC;MAC9B,CAAC,CAAC;MACF4B,iBAAiB,EAAE1D,CAAC,CAACyB,MAAM,CAAC;QAC1BkC,iBAAiB,EAAE3D,CAAC,CAAC8B,MAAM,CAAC,CAAC;QAC7B8B,YAAY,EAAE5D,CAAC,CAAC8B,MAAM,CAAC,CAAC;QACxB+B,UAAU,EAAE7D,CAAC,CAAC8B,MAAM,CAAC,CAAC;QACtBgC,QAAQ,EAAE9D,CAAC,CAAC8B,MAAM,CAAC,CAAC;QACpB2B,QAAQ,EAAEzD,CAAC,CAACiC,KAAK,CAACjC,CAAC,CAAC8B,MAAM,CAAC,CAAC;MAC9B,CAAC;IACH,CAAC,CAAC;IACFiC,eAAe,EAAE/D,CAAC,CAACiC,KAAK,CAACjC,CAAC,CAAC8B,MAAM,CAAC,CAAC;EACrC,CAAC;AACH,CAAC,CAAC;AAACiB,OAAA,CAAAC,qBAAA,GAAAA,qBAAA"}

package/lib/commonjs/sd-jwt/types.js

@@ -25,7 +25,7 @@ const SdJwt4VC = _zod.z.object({
   header: _zod.z.object({
     typ: _zod.z.literal("vc+sd-jwt"),
     alg: _zod.z.string(),
-    kid: _zod.z.string(),
+    kid: _zod.z.string().optional(),
     trust_chain: _zod.z.array(_zod.z.string())
   }),
   payload: _zod.z.object({

package/lib/commonjs/sd-jwt/types.js.map

@@ -1 +1 @@
-{"version":3,"names":["_jwk","require","_zod","UnixTime","z","number","min","max","exports","ObfuscatedDisclosures","object","_sd","array","string","Disclosure","tuple","unknown","SdJwt4VC","header","typ","literal","alg","kid","trust_chain","payload","iss","sub","jti","iat","exp","status","cnf","jwk","JWK","type","verified_claims","verification","intersection","trust_framework","assurance_level","claims","_sd_alg"],"sourceRoot":"../../../src","sources":["sd-jwt/types.ts"],"mappings":";;;;;;AAAA,IAAAA,IAAA,GAAAC,OAAA;AACA,IAAAC,IAAA,GAAAD,OAAA;AAEO,MAAME,QAAQ,GAAGC,MAAC,CAACC,MAAM,CAAC,CAAC,CAACC,GAAG,CAAC,CAAC,CAAC,CAACC,GAAG,CAAC,aAAa,CAAC;AAACC,OAAA,CAAAL,QAAA,GAAAA,QAAA;AAItD,MAAMM,qBAAqB,GAAGL,MAAC,CAACM,MAAM,CAAC;EAAEC,GAAG,EAAEP,MAAC,CAACQ,KAAK,CAACR,MAAC,CAACS,MAAM,CAAC,CAAC;AAAE,CAAC,CAAC;;AAE3E;AACA;AACA;AACA;AACA;AACA;AALAL,OAAA,CAAAC,qBAAA,GAAAA,qBAAA;AAOO,MAAMK,UAAU,GAAGV,MAAC,CAACW,KAAK,CAAC,CAChC,UAAWX,MAAC,CAACS,MAAM,CAAC,CAAC,EACrB,gBAAiBT,MAAC,CAACS,MAAM,CAAC,CAAC,EAC3B,iBAAkBT,MAAC,CAACY,OAAO,CAAC,CAAC,CAC9B,CAAC;AAACR,OAAA,CAAAM,UAAA,GAAAA,UAAA;AAGI,MAAMG,QAAQ,GAAGb,MAAC,CAACM,MAAM,CAAC;EAC/BQ,MAAM,EAAEd,MAAC,CAACM,MAAM,CAAC;IACfS,GAAG,EAAEf,MAAC,CAACgB,OAAO,CAAC,WAAW,CAAC;IAC3BC,GAAG,EAAEjB,MAAC,CAACS,MAAM,CAAC,CAAC;IACfS,GAAG,EAAElB,MAAC,CAACS,MAAM,CAAC,CAAC;IACfU,WAAW,EAAEnB,MAAC,CAACQ,KAAK,CAACR,MAAC,CAACS,MAAM,CAAC,CAAC;EACjC,CAAC,CAAC;EACFW,OAAO,EAAEpB,MAAC,CAACM,MAAM,CAAC;IAChBe,GAAG,EAAErB,MAAC,CAACS,MAAM,CAAC,CAAC;IACfa,GAAG,EAAEtB,MAAC,CAACS,MAAM,CAAC,CAAC;IACfc,GAAG,EAAEvB,MAAC,CAACS,MAAM,CAAC,CAAC;IACfe,GAAG,EAAEzB,QAAQ;IACb0B,GAAG,EAAE1B,QAAQ;IACb2B,MAAM,EAAE1B,MAAC,CAACS,MAAM,CAAC,CAAC;IAClBkB,GAAG,EAAE3B,MAAC,CAACM,MAAM,CAAC;MACZsB,GAAG,EAAEC;IACP,CAAC,CAAC;IACFC,IAAI,EAAE9B,MAAC,CAACgB,OAAO,CAAC,0BAA0B,CAAC;IAC3Ce,eAAe,EAAE/B,MAAC,CAACM,MAAM,CAAC;MACxB0B,YAAY,EAAEhC,MAAC,CAACiC,YAAY,CAC1BjC,MAAC,CAACM,MAAM,CAAC;QACP4B,eAAe,EAAElC,MAAC,CAACgB,OAAO,CAAC,OAAO,CAAC;QACnCmB,eAAe,EAAEnC,MAAC,CAACS,MAAM,CAAC;MAC5B,CAAC,CAAC,EACFJ,qBACF,CAAC;MACD+B,MAAM,EAAE/B;IACV,CAAC,CAAC;IACFgC,OAAO,EAAErC,MAAC,CAACgB,OAAO,CAAC,SAAS;EAC9B,CAAC;AACH,CAAC,CAAC;AAACZ,OAAA,CAAAS,QAAA,GAAAA,QAAA"}
+{"version":3,"names":["_jwk","require","_zod","UnixTime","z","number","min","max","exports","ObfuscatedDisclosures","object","_sd","array","string","Disclosure","tuple","unknown","SdJwt4VC","header","typ","literal","alg","kid","optional","trust_chain","payload","iss","sub","jti","iat","exp","status","cnf","jwk","JWK","type","verified_claims","verification","intersection","trust_framework","assurance_level","claims","_sd_alg"],"sourceRoot":"../../../src","sources":["sd-jwt/types.ts"],"mappings":";;;;;;AAAA,IAAAA,IAAA,GAAAC,OAAA;AACA,IAAAC,IAAA,GAAAD,OAAA;AAEO,MAAME,QAAQ,GAAGC,MAAC,CAACC,MAAM,CAAC,CAAC,CAACC,GAAG,CAAC,CAAC,CAAC,CAACC,GAAG,CAAC,aAAa,CAAC;AAACC,OAAA,CAAAL,QAAA,GAAAA,QAAA;AAItD,MAAMM,qBAAqB,GAAGL,MAAC,CAACM,MAAM,CAAC;EAAEC,GAAG,EAAEP,MAAC,CAACQ,KAAK,CAACR,MAAC,CAACS,MAAM,CAAC,CAAC;AAAE,CAAC,CAAC;;AAE3E;AACA;AACA;AACA;AACA;AACA;AALAL,OAAA,CAAAC,qBAAA,GAAAA,qBAAA;AAOO,MAAMK,UAAU,GAAGV,MAAC,CAACW,KAAK,CAAC,CAChC,UAAWX,MAAC,CAACS,MAAM,CAAC,CAAC,EACrB,gBAAiBT,MAAC,CAACS,MAAM,CAAC,CAAC,EAC3B,iBAAkBT,MAAC,CAACY,OAAO,CAAC,CAAC,CAC9B,CAAC;AAACR,OAAA,CAAAM,UAAA,GAAAA,UAAA;AAGI,MAAMG,QAAQ,GAAGb,MAAC,CAACM,MAAM,CAAC;EAC/BQ,MAAM,EAAEd,MAAC,CAACM,MAAM,CAAC;IACfS,GAAG,EAAEf,MAAC,CAACgB,OAAO,CAAC,WAAW,CAAC;IAC3BC,GAAG,EAAEjB,MAAC,CAACS,MAAM,CAAC,CAAC;IACfS,GAAG,EAAElB,MAAC,CAACS,MAAM,CAAC,CAAC,CAACU,QAAQ,CAAC,CAAC;IAC1BC,WAAW,EAAEpB,MAAC,CAACQ,KAAK,CAACR,MAAC,CAACS,MAAM,CAAC,CAAC;EACjC,CAAC,CAAC;EACFY,OAAO,EAAErB,MAAC,CAACM,MAAM,CAAC;IAChBgB,GAAG,EAAEtB,MAAC,CAACS,MAAM,CAAC,CAAC;IACfc,GAAG,EAAEvB,MAAC,CAACS,MAAM,CAAC,CAAC;IACfe,GAAG,EAAExB,MAAC,CAACS,MAAM,CAAC,CAAC;IACfgB,GAAG,EAAE1B,QAAQ;IACb2B,GAAG,EAAE3B,QAAQ;IACb4B,MAAM,EAAE3B,MAAC,CAACS,MAAM,CAAC,CAAC;IAClBmB,GAAG,EAAE5B,MAAC,CAACM,MAAM,CAAC;MACZuB,GAAG,EAAEC;IACP,CAAC,CAAC;IACFC,IAAI,EAAE/B,MAAC,CAACgB,OAAO,CAAC,0BAA0B,CAAC;IAC3CgB,eAAe,EAAEhC,MAAC,CAACM,MAAM,CAAC;MACxB2B,YAAY,EAAEjC,MAAC,CAACkC,YAAY,CAC1BlC,MAAC,CAACM,MAAM,CAAC;QACP6B,eAAe,EAAEnC,MAAC,CAACgB,OAAO,CAAC,OAAO,CAAC;QACnCoB,eAAe,EAAEpC,MAAC,CAACS,MAAM,CAAC;MAC5B,CAAC,CAAC,EACFJ,qBACF,CAAC;MACDgC,MAAM,EAAEhC;IACV,CAAC,CAAC;IACFiC,OAAO,EAAEtC,MAAC,CAACgB,OAAO,CAAC,SAAS;EAC9B,CAAC;AACH,CAAC,CAAC;AAACZ,OAAA,CAAAS,QAAA,GAAAA,QAAA"}

package/lib/commonjs/utils/dpop.js

@@ -0,0 +1,27 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.getUnsignedDPop = exports.DPoPPayload = void 0;
+var z = _interopRequireWildcard(require("zod"));
+var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
+function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
+function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
+const getUnsignedDPop = (jwk, payload) => {
+  const dPop = new _ioReactNativeJwt.SignJWT(payload).setProtectedHeader({
+    alg: "ES256",
+    typ: "dpop+jwt",
+    jwk
+  }).setIssuedAt().setExpirationTime("1h").toSign();
+  return dPop;
+};
+exports.getUnsignedDPop = getUnsignedDPop;
+const DPoPPayload = z.object({
+  jti: z.string(),
+  htm: z.union([z.literal("POST"), z.literal("GET")]),
+  htu: z.string(),
+  ath: z.string().optional()
+});
+exports.DPoPPayload = DPoPPayload;
+//# sourceMappingURL=dpop.js.map

package/lib/commonjs/utils/dpop.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["z","_interopRequireWildcard","require","_ioReactNativeJwt","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","getUnsignedDPop","jwk","payload","dPop","SignJWT","setProtectedHeader","alg","typ","setIssuedAt","setExpirationTime","toSign","exports","DPoPPayload","object","jti","string","htm","union","literal","htu","ath","optional"],"sourceRoot":"../../../src","sources":["utils/dpop.ts"],"mappings":";;;;;;AAAA,IAAAA,CAAA,GAAAC,uBAAA,CAAAC,OAAA;AAEA,IAAAC,iBAAA,GAAAD,OAAA;AAAsD,SAAAE,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAJ,wBAAAQ,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAG/C,MAAMW,eAAe,GAAGA,CAACC,GAAQ,EAAEC,OAAoB,KAAa;EACzE,MAAMC,IAAI,GAAG,IAAIC,yBAAO,CAACF,OAAO,CAAC,CAC9BG,kBAAkB,CAAC;IAClBC,GAAG,EAAE,OAAO;IACZC,GAAG,EAAE,UAAU;IACfN;EACF,CAAC,CAAC,CACDO,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,MAAM,CAAC,CAAC;EACX,OAAOP,IAAI;AACb,CAAC;AAACQ,OAAA,CAAAX,eAAA,GAAAA,eAAA;AAGK,MAAMY,WAAW,GAAGtC,CAAC,CAACuC,MAAM,CAAC;EAClCC,GAAG,EAAExC,CAAC,CAACyC,MAAM,CAAC,CAAC;EACfC,GAAG,EAAE1C,CAAC,CAAC2C,KAAK,CAAC,CAAC3C,CAAC,CAAC4C,OAAO,CAAC,MAAM,CAAC,EAAE5C,CAAC,CAAC4C,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC;EACnDC,GAAG,EAAE7C,CAAC,CAACyC,MAAM,CAAC,CAAC;EACfK,GAAG,EAAE9C,CAAC,CAACyC,MAAM,CAAC,CAAC,CAACM,QAAQ,CAAC;AAC3B,CAAC,CAAC;AAACV,OAAA,CAAAC,WAAA,GAAAA,WAAA"}