@pagopa/io-react-native-wallet 0.1.0 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (72) hide show
  1. package/README.md +1 -1
  2. package/lib/commonjs/index.js +12 -5
  3. package/lib/commonjs/index.js.map +1 -1
  4. package/lib/commonjs/pid/index.js +7 -0
  5. package/lib/commonjs/pid/index.js.map +1 -1
  6. package/lib/commonjs/pid/issuing.js +231 -0
  7. package/lib/commonjs/pid/issuing.js.map +1 -0
  8. package/lib/commonjs/rp/__test__/index.test.js +18 -0
  9. package/lib/commonjs/rp/__test__/index.test.js.map +1 -0
  10. package/lib/commonjs/rp/index.js +116 -0
  11. package/lib/commonjs/rp/index.js.map +1 -0
  12. package/lib/commonjs/rp/types.js +72 -0
  13. package/lib/commonjs/rp/types.js.map +1 -0
  14. package/lib/commonjs/sd-jwt/types.js +1 -1
  15. package/lib/commonjs/sd-jwt/types.js.map +1 -1
  16. package/lib/commonjs/utils/dpop.js +27 -0
  17. package/lib/commonjs/utils/dpop.js.map +1 -0
  18. package/lib/commonjs/utils/errors.js +49 -1
  19. package/lib/commonjs/utils/errors.js.map +1 -1
  20. package/lib/commonjs/wallet-instance-attestation/issuing.js +3 -5
  21. package/lib/commonjs/wallet-instance-attestation/issuing.js.map +1 -1
  22. package/lib/module/index.js +4 -4
  23. package/lib/module/index.js.map +1 -1
  24. package/lib/module/pid/index.js +2 -1
  25. package/lib/module/pid/index.js.map +1 -1
  26. package/lib/module/pid/issuing.js +225 -0
  27. package/lib/module/pid/issuing.js.map +1 -0
  28. package/lib/module/rp/__test__/index.test.js +16 -0
  29. package/lib/module/rp/__test__/index.test.js.map +1 -0
  30. package/lib/module/rp/index.js +108 -0
  31. package/lib/module/rp/index.js.map +1 -0
  32. package/lib/module/rp/types.js +63 -0
  33. package/lib/module/rp/types.js.map +1 -0
  34. package/lib/module/sd-jwt/types.js +1 -1
  35. package/lib/module/sd-jwt/types.js.map +1 -1
  36. package/lib/module/utils/dpop.js +17 -0
  37. package/lib/module/utils/dpop.js.map +1 -0
  38. package/lib/module/utils/errors.js +46 -0
  39. package/lib/module/utils/errors.js.map +1 -1
  40. package/lib/module/wallet-instance-attestation/issuing.js +3 -5
  41. package/lib/module/wallet-instance-attestation/issuing.js.map +1 -1
  42. package/lib/typescript/index.d.ts +4 -2
  43. package/lib/typescript/index.d.ts.map +1 -1
  44. package/lib/typescript/pid/index.d.ts +2 -1
  45. package/lib/typescript/pid/index.d.ts.map +1 -1
  46. package/lib/typescript/pid/issuing.d.ts +93 -0
  47. package/lib/typescript/pid/issuing.d.ts.map +1 -0
  48. package/lib/typescript/rp/__test__/index.test.d.ts +2 -0
  49. package/lib/typescript/rp/__test__/index.test.d.ts.map +1 -0
  50. package/lib/typescript/rp/index.d.ts +43 -0
  51. package/lib/typescript/rp/index.d.ts.map +1 -0
  52. package/lib/typescript/rp/types.d.ts +840 -0
  53. package/lib/typescript/rp/types.d.ts.map +1 -0
  54. package/lib/typescript/sd-jwt/types.d.ts +5 -5
  55. package/lib/typescript/utils/dpop.d.ts +21 -0
  56. package/lib/typescript/utils/dpop.d.ts.map +1 -0
  57. package/lib/typescript/utils/errors.d.ts +26 -0
  58. package/lib/typescript/utils/errors.d.ts.map +1 -1
  59. package/lib/typescript/wallet-instance-attestation/issuing.d.ts +3 -3
  60. package/lib/typescript/wallet-instance-attestation/issuing.d.ts.map +1 -1
  61. package/lib/typescript/wallet-instance-attestation/types.d.ts +4 -4
  62. package/package.json +4 -2
  63. package/src/index.ts +4 -5
  64. package/src/pid/index.ts +2 -1
  65. package/src/pid/issuing.ts +305 -0
  66. package/src/rp/__test__/index.test.ts +23 -0
  67. package/src/rp/index.ts +150 -0
  68. package/src/rp/types.ts +64 -0
  69. package/src/sd-jwt/types.ts +1 -1
  70. package/src/utils/dpop.ts +25 -0
  71. package/src/utils/errors.ts +48 -0
  72. package/src/wallet-instance-attestation/issuing.ts +9 -7
@@ -3,7 +3,7 @@
3
3
  Object.defineProperty(exports, "__esModule", {
4
4
  value: true
5
5
  });
6
- exports.WalletInstanceAttestationIssuingError = exports.ValidationFailed = exports.IoWalletError = void 0;
6
+ exports.WalletInstanceAttestationIssuingError = exports.ValidationFailed = exports.PidIssuingError = exports.IoWalletError = exports.AuthRequestDecodeError = void 0;
7
7
  /**
8
8
  * A generic Error that all other io-wallet specific Error subclasses extend.
9
9
  *
@@ -78,5 +78,53 @@ class WalletInstanceAttestationIssuingError extends IoWalletError {
78
78
  this.reason = reason;
79
79
  }
80
80
  }
81
+
82
+ /**
83
+ * An error subclass thrown when auth request decode fail
84
+ *
85
+ */
81
86
  exports.WalletInstanceAttestationIssuingError = WalletInstanceAttestationIssuingError;
87
+ class AuthRequestDecodeError extends IoWalletError {
88
+ static get code() {
89
+ return "ERR_IO_WALLET_AUTHENTICATION_REQUEST_DECODE_FAILED";
90
+ }
91
+ code = "ERR_IO_WALLET_AUTHENTICATION_REQUEST_DECODE_FAILED";
92
+
93
+ /** The Claim for which the validation failed. */
94
+
95
+ /** Reason code for the validation failure. */
96
+
97
+ constructor(message) {
98
+ let claim = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : "unspecified";
99
+ let reason = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : "unspecified";
100
+ super(message);
101
+ this.claim = claim;
102
+ this.reason = reason;
103
+ }
104
+ }
105
+
106
+ /**
107
+ * An error subclass thrown when validation fail
108
+ *
109
+ */
110
+ exports.AuthRequestDecodeError = AuthRequestDecodeError;
111
+ class PidIssuingError extends IoWalletError {
112
+ static get code() {
113
+ return "ERR_IO_WALLET_PID_ISSUING_FAILED";
114
+ }
115
+ code = "ERR_IO_WALLET_PID_ISSUING_FAILED";
116
+
117
+ /** The Claim for which the validation failed. */
118
+
119
+ /** Reason code for the validation failure. */
120
+
121
+ constructor(message) {
122
+ let claim = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : "unspecified";
123
+ let reason = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : "unspecified";
124
+ super(message);
125
+ this.claim = claim;
126
+ this.reason = reason;
127
+ }
128
+ }
129
+ exports.PidIssuingError = PidIssuingError;
82
130
  //# sourceMappingURL=errors.js.map
@@ -1 +1 @@
1
- {"version":3,"names":["IoWalletError","Error","code","constructor","message","_Error$captureStackTr","name","captureStackTrace","call","exports","ValidationFailed","claim","arguments","length","undefined","reason","WalletInstanceAttestationIssuingError"],"sourceRoot":"../../../src","sources":["utils/errors.ts"],"mappings":";;;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMA,aAAa,SAASC,KAAK,CAAC;EACvC;EACA,WAAWC,IAAIA,CAAA,EAAW;IACxB,OAAO,uBAAuB;EAChC;;EAEA;EACAA,IAAI,GAAW,uBAAuB;EAEtCC,WAAWA,CAACC,OAAgB,EAAE;IAAA,IAAAC,qBAAA;IAC5B,KAAK,CAACD,OAAO,CAAC;IACd,IAAI,CAACE,IAAI,GAAG,IAAI,CAACH,WAAW,CAACG,IAAI;IACjC;IACA,CAAAD,qBAAA,GAAAJ,KAAK,CAACM,iBAAiB,cAAAF,qBAAA,uBAAvBA,qBAAA,CAAAG,IAAA,CAAAP,KAAK,EAAqB,IAAI,EAAE,IAAI,CAACE,WAAW,CAAC;EACnD;AACF;AACA;AACA;AACA;AACA;AAHAM,OAAA,CAAAT,aAAA,GAAAA,aAAA;AAIO,MAAMU,gBAAgB,SAASV,aAAa,CAAC;EAClD,WAAWE,IAAIA,CAAA,EAAsC;IACnD,OAAO,iCAAiC;EAC1C;EAEAA,IAAI,GAAG,iCAAiC;;EAExC;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CO,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACR,OAAO,CAAC;IACd,IAAI,CAACO,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AAHAN,OAAA,CAAAC,gBAAA,GAAAA,gBAAA;AAIO,MAAMM,qCAAqC,SAAShB,aAAa,CAAC;EACvE,WAAWE,IAAIA,CAAA,EAAwD;IACrE,OAAO,mDAAmD;EAC5D;EAEAA,IAAI,GAAG,mDAAmD;;EAE1D;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CO,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACR,OAAO,CAAC;IACd,IAAI,CAACO,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;AAACN,OAAA,CAAAO,qCAAA,GAAAA,qCAAA"}
1
+ {"version":3,"names":["IoWalletError","Error","code","constructor","message","_Error$captureStackTr","name","captureStackTrace","call","exports","ValidationFailed","claim","arguments","length","undefined","reason","WalletInstanceAttestationIssuingError","AuthRequestDecodeError","PidIssuingError"],"sourceRoot":"../../../src","sources":["utils/errors.ts"],"mappings":";;;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMA,aAAa,SAASC,KAAK,CAAC;EACvC;EACA,WAAWC,IAAIA,CAAA,EAAW;IACxB,OAAO,uBAAuB;EAChC;;EAEA;EACAA,IAAI,GAAW,uBAAuB;EAEtCC,WAAWA,CAACC,OAAgB,EAAE;IAAA,IAAAC,qBAAA;IAC5B,KAAK,CAACD,OAAO,CAAC;IACd,IAAI,CAACE,IAAI,GAAG,IAAI,CAACH,WAAW,CAACG,IAAI;IACjC;IACA,CAAAD,qBAAA,GAAAJ,KAAK,CAACM,iBAAiB,cAAAF,qBAAA,uBAAvBA,qBAAA,CAAAG,IAAA,CAAAP,KAAK,EAAqB,IAAI,EAAE,IAAI,CAACE,WAAW,CAAC;EACnD;AACF;AACA;AACA;AACA;AACA;AAHAM,OAAA,CAAAT,aAAA,GAAAA,aAAA;AAIO,MAAMU,gBAAgB,SAASV,aAAa,CAAC;EAClD,WAAWE,IAAIA,CAAA,EAAsC;IACnD,OAAO,iCAAiC;EAC1C;EAEAA,IAAI,GAAG,iCAAiC;;EAExC;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CO,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACR,OAAO,CAAC;IACd,IAAI,CAACO,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AAHAN,OAAA,CAAAC,gBAAA,GAAAA,gBAAA;AAIO,MAAMM,qCAAqC,SAAShB,aAAa,CAAC;EACvE,WAAWE,IAAIA,CAAA,EAAwD;IACrE,OAAO,mDAAmD;EAC5D;EAEAA,IAAI,GAAG,mDAAmD;;EAE1D;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CO,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACR,OAAO,CAAC;IACd,IAAI,CAACO,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AAHAN,OAAA,CAAAO,qCAAA,GAAAA,qCAAA;AAIO,MAAMC,sBAAsB,SAASjB,aAAa,CAAC;EACxD,WAAWE,IAAIA,CAAA,EAAyD;IACtE,OAAO,oDAAoD;EAC7D;EAEAA,IAAI,GAAG,oDAAoD;;EAE3D;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CO,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACR,OAAO,CAAC;IACd,IAAI,CAACO,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AAHAN,OAAA,CAAAQ,sBAAA,GAAAA,sBAAA;AAIO,MAAMC,eAAe,SAASlB,aAAa,CAAC;EACjD,WAAWE,IAAIA,CAAA,EAAuC;IACpD,OAAO,kCAAkC;EAC3C;EAEAA,IAAI,GAAG,kCAAkC;;EAEzC;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CO,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACR,OAAO,CAAC;IACd,IAAI,CAACO,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;AAACN,OAAA,CAAAS,eAAA,GAAAA,eAAA"}
@@ -12,7 +12,9 @@ var _errors = require("../utils/errors");
12
12
  function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
13
13
  class Issuing {
14
14
  constructor(walletProviderBaseUrl) {
15
+ let appFetch = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : fetch;
15
16
  this.walletProviderBaseUrl = walletProviderBaseUrl;
17
+ this.appFetch = appFetch;
16
18
  }
17
19
 
18
20
  /**
@@ -57,15 +59,11 @@ class Issuing {
57
59
  * @param attestationRequest Wallet Instance Attestaion Request
58
60
  * obtained with {@link getAttestationRequestToSign}
59
61
  * @param signature Signature of the Wallet Instance Attestaion Request
60
- * @param appFetch Optional object with fetch function to use
61
62
  *
62
63
  * @returns {string} Wallet Instance Attestation
63
64
  *
64
65
  */
65
66
  async getAttestation(attestationRequest, signature) {
66
- let appFetch = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : {
67
- fetch
68
- };
69
67
  const signedAttestationRequest = await _ioReactNativeJwt.SignJWT.appendSignature(attestationRequest, signature);
70
68
  const decodedRequest = (0, _ioReactNativeJwt.decode)(signedAttestationRequest);
71
69
  const parsedRequest = _types.WalletInstanceAttestationRequestJwt.parse({
@@ -79,7 +77,7 @@ class Issuing {
79
77
  grant_type: "urn:ietf:params:oauth:client-assertion-type:jwt-key-attestation",
80
78
  assertion: signedAttestationRequest
81
79
  };
82
- const response = await appFetch.fetch(tokenUrl, {
80
+ const response = await this.appFetch(tokenUrl, {
83
81
  method: "POST",
84
82
  headers: {
85
83
  "Content-Type": "application/json"
@@ -1 +1 @@
1
- {"version":3,"names":["_ioReactNativeJwt","require","_jwk","_types","_reactNativeUuid","_interopRequireDefault","_errors","obj","__esModule","default","Issuing","constructor","walletProviderBaseUrl","getAttestationRequestToSign","jwk","parsedJwk","JWK","parse","keyThumbprint","thumbprint","publicKey","kid","walletInstanceAttestationRequest","SignJWT","iss","sub","jti","uuid","v4","type","cnf","setProtectedHeader","alg","typ","setIssuedAt","setExpirationTime","toSign","getAttestation","attestationRequest","signature","appFetch","arguments","length","undefined","fetch","signedAttestationRequest","appendSignature","decodedRequest","decodeJwt","parsedRequest","WalletInstanceAttestationRequestJwt","payload","header","protectedHeader","verifyJwt","tokenUrl","URL","href","requestBody","grant_type","assertion","response","method","headers","body","JSON","stringify","status","text","WalletInstanceAttestationIssuingError","exports"],"sourceRoot":"../../../src","sources":["wallet-instance-attestation/issuing.ts"],"mappings":";;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AAGA,IAAAC,IAAA,GAAAD,OAAA;AACA,IAAAE,MAAA,GAAAF,OAAA;AACA,IAAAG,gBAAA,GAAAC,sBAAA,CAAAJ,OAAA;AACA,IAAAK,OAAA,GAAAL,OAAA;AAAwE,SAAAI,uBAAAE,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAEjE,MAAMG,OAAO,CAAC;EAGnBC,WAAWA,CAACC,qBAA6B,EAAE;IACzC,IAAI,CAACA,qBAAqB,GAAGA,qBAAqB;EACpD;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMC,2BAA2BA,CAACC,GAAQ,EAAmB;IAC3D,MAAMC,SAAS,GAAGC,QAAG,CAACC,KAAK,CAACH,GAAG,CAAC;IAChC,MAAMI,aAAa,GAAG,MAAM,IAAAC,4BAAU,EAACJ,SAAS,CAAC;IACjD,MAAMK,SAAS,GAAG;MAAE,GAAGL,SAAS;MAAEM,GAAG,EAAEH;IAAc,CAAC;IAEtD,MAAMI,gCAAgC,GAAG,IAAIC,yBAAO,CAAC;MACnDC,GAAG,EAAEN,aAAa;MAClBO,GAAG,EAAE,IAAI,CAACb,qBAAqB;MAC/Bc,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;MACnBC,IAAI,EAAE,kCAAkC;MACxCC,GAAG,EAAE;QACHhB,GAAG,EAAEM;MACP;IACF,CAAC,CAAC,CACCW,kBAAkB,CAAC;MAClBC,GAAG,EAAE,OAAO;MACZX,GAAG,EAAED,SAAS,CAACC,GAAG;MAClBY,GAAG,EAAE;IACP,CAAC,CAAC,CACDC,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,MAAM,CAAC,CAAC;IAEX,OAAOd,gCAAgC;EACzC;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMe,cAAcA,CAClBC,kBAA0B,EAC1BC,SAAiB,EAEA;IAAA,IADjBC,QAAqB,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG;MAAEG;IAAM,CAAC;IAEjC,MAAMC,wBAAwB,GAAG,MAAMtB,yBAAO,CAACuB,eAAe,CAC5DR,kBAAkB,EAClBC,SACF,CAAC;IACD,MAAMQ,cAAc,GAAG,IAAAC,wBAAS,EAACH,wBAAwB,CAAC;IAC1D,MAAMI,aAAa,GAAGC,0CAAmC,CAACjC,KAAK,CAAC;MAC9DkC,OAAO,EAAEJ,cAAc,CAACI,OAAO;MAC/BC,MAAM,EAAEL,cAAc,CAACM;IACzB,CAAC,CAAC;IACF,MAAMjC,SAAS,GAAG6B,aAAa,CAACE,OAAO,CAACrB,GAAG,CAAChB,GAAG;IAE/C,MAAM,IAAAwC,wBAAS,EAACT,wBAAwB,EAAEzB,SAAS,CAAC;IAEpD,MAAMmC,QAAQ,GAAG,IAAIC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC5C,qBAAqB,CAAC,CAAC6C,IAAI;IAClE,MAAMC,WAAW,GAAG;MAClBC,UAAU,EACR,iEAAiE;MACnEC,SAAS,EAAEf;IACb,CAAC;IACD,MAAMgB,QAAQ,GAAG,MAAMrB,QAAQ,CAACI,KAAK,CAACW,QAAQ,EAAE;MAC9CO,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE;MAClB,CAAC;MACDC,IAAI,EAAEC,IAAI,CAACC,SAAS,CAACR,WAAW;IAClC,CAAC,CAAC;IAEF,IAAIG,QAAQ,CAACM,MAAM,KAAK,GAAG,EAAE;MAC3B,OAAO,MAAMN,QAAQ,CAACO,IAAI,CAAC,CAAC;IAC9B;IAEA,MAAM,IAAIC,6CAAqC,CAC7C,mEAAmE,EAClE,kBAAiBR,QAAQ,CAACM,MAAO,EACpC,CAAC;EACH;AACF;AAACG,OAAA,CAAA5D,OAAA,GAAAA,OAAA"}
1
+ {"version":3,"names":["_ioReactNativeJwt","require","_jwk","_types","_reactNativeUuid","_interopRequireDefault","_errors","obj","__esModule","default","Issuing","constructor","walletProviderBaseUrl","appFetch","arguments","length","undefined","fetch","getAttestationRequestToSign","jwk","parsedJwk","JWK","parse","keyThumbprint","thumbprint","publicKey","kid","walletInstanceAttestationRequest","SignJWT","iss","sub","jti","uuid","v4","type","cnf","setProtectedHeader","alg","typ","setIssuedAt","setExpirationTime","toSign","getAttestation","attestationRequest","signature","signedAttestationRequest","appendSignature","decodedRequest","decodeJwt","parsedRequest","WalletInstanceAttestationRequestJwt","payload","header","protectedHeader","verifyJwt","tokenUrl","URL","href","requestBody","grant_type","assertion","response","method","headers","body","JSON","stringify","status","text","WalletInstanceAttestationIssuingError","exports"],"sourceRoot":"../../../src","sources":["wallet-instance-attestation/issuing.ts"],"mappings":";;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AAGA,IAAAC,IAAA,GAAAD,OAAA;AACA,IAAAE,MAAA,GAAAF,OAAA;AACA,IAAAG,gBAAA,GAAAC,sBAAA,CAAAJ,OAAA;AACA,IAAAK,OAAA,GAAAL,OAAA;AAAwE,SAAAI,uBAAAE,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAEjE,MAAMG,OAAO,CAAC;EAGnBC,WAAWA,CACTC,qBAA6B,EAE7B;IAAA,IADAC,QAA8B,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAGG,KAAK;IAEtC,IAAI,CAACL,qBAAqB,GAAGA,qBAAqB;IAClD,IAAI,CAACC,QAAQ,GAAGA,QAAQ;EAC1B;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMK,2BAA2BA,CAACC,GAAQ,EAAmB;IAC3D,MAAMC,SAAS,GAAGC,QAAG,CAACC,KAAK,CAACH,GAAG,CAAC;IAChC,MAAMI,aAAa,GAAG,MAAM,IAAAC,4BAAU,EAACJ,SAAS,CAAC;IACjD,MAAMK,SAAS,GAAG;MAAE,GAAGL,SAAS;MAAEM,GAAG,EAAEH;IAAc,CAAC;IAEtD,MAAMI,gCAAgC,GAAG,IAAIC,yBAAO,CAAC;MACnDC,GAAG,EAAEN,aAAa;MAClBO,GAAG,EAAE,IAAI,CAAClB,qBAAqB;MAC/BmB,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;MACnBC,IAAI,EAAE,kCAAkC;MACxCC,GAAG,EAAE;QACHhB,GAAG,EAAEM;MACP;IACF,CAAC,CAAC,CACCW,kBAAkB,CAAC;MAClBC,GAAG,EAAE,OAAO;MACZX,GAAG,EAAED,SAAS,CAACC,GAAG;MAClBY,GAAG,EAAE;IACP,CAAC,CAAC,CACDC,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,MAAM,CAAC,CAAC;IAEX,OAAOd,gCAAgC;EACzC;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMe,cAAcA,CAClBC,kBAA0B,EAC1BC,SAAiB,EACA;IACjB,MAAMC,wBAAwB,GAAG,MAAMjB,yBAAO,CAACkB,eAAe,CAC5DH,kBAAkB,EAClBC,SACF,CAAC;IACD,MAAMG,cAAc,GAAG,IAAAC,wBAAS,EAACH,wBAAwB,CAAC;IAC1D,MAAMI,aAAa,GAAGC,0CAAmC,CAAC5B,KAAK,CAAC;MAC9D6B,OAAO,EAAEJ,cAAc,CAACI,OAAO;MAC/BC,MAAM,EAAEL,cAAc,CAACM;IACzB,CAAC,CAAC;IACF,MAAM5B,SAAS,GAAGwB,aAAa,CAACE,OAAO,CAAChB,GAAG,CAAChB,GAAG;IAE/C,MAAM,IAAAmC,wBAAS,EAACT,wBAAwB,EAAEpB,SAAS,CAAC;IAEpD,MAAM8B,QAAQ,GAAG,IAAIC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC5C,qBAAqB,CAAC,CAAC6C,IAAI;IAClE,MAAMC,WAAW,GAAG;MAClBC,UAAU,EACR,iEAAiE;MACnEC,SAAS,EAAEf;IACb,CAAC;IACD,MAAMgB,QAAQ,GAAG,MAAM,IAAI,CAAChD,QAAQ,CAAC0C,QAAQ,EAAE;MAC7CO,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE;MAClB,CAAC;MACDC,IAAI,EAAEC,IAAI,CAACC,SAAS,CAACR,WAAW;IAClC,CAAC,CAAC;IAEF,IAAIG,QAAQ,CAACM,MAAM,KAAK,GAAG,EAAE;MAC3B,OAAO,MAAMN,QAAQ,CAACO,IAAI,CAAC,CAAC;IAC9B;IAEA,MAAM,IAAIC,6CAAqC,CAC7C,mEAAmE,EAClE,kBAAiBR,QAAQ,CAACM,MAAO,EACpC,CAAC;EACH;AACF;AAACG,OAAA,CAAA5D,OAAA,GAAAA,OAAA"}
@@ -1,7 +1,7 @@
1
1
  import * as PID from "./pid";
2
+ import * as RP from "./rp";
3
+ import * as Errors from "./utils/errors";
2
4
  import * as WalletInstanceAttestation from "./wallet-instance-attestation";
3
- export function multiply(a, b) {
4
- return Promise.resolve(a * b);
5
- }
6
- export { PID, WalletInstanceAttestation };
5
+ import { getUnsignedDPop } from "./utils/dpop";
6
+ export { PID, RP, WalletInstanceAttestation, Errors, getUnsignedDPop };
7
7
  //# sourceMappingURL=index.js.map
@@ -1 +1 @@
1
- {"version":3,"names":["PID","WalletInstanceAttestation","multiply","a","b","Promise","resolve"],"sourceRoot":"../../src","sources":["index.ts"],"mappings":"AAAA,OAAO,KAAKA,GAAG,MAAM,OAAO;AAC5B,OAAO,KAAKC,yBAAyB,MAAM,+BAA+B;AAE1E,OAAO,SAASC,QAAQA,CAACC,CAAS,EAAEC,CAAS,EAAmB;EAC9D,OAAOC,OAAO,CAACC,OAAO,CAACH,CAAC,GAAGC,CAAC,CAAC;AAC/B;AAEA,SAASJ,GAAG,EAAEC,yBAAyB"}
1
+ {"version":3,"names":["PID","RP","Errors","WalletInstanceAttestation","getUnsignedDPop"],"sourceRoot":"../../src","sources":["index.ts"],"mappings":"AAAA,OAAO,KAAKA,GAAG,MAAM,OAAO;AAC5B,OAAO,KAAKC,EAAE,MAAM,MAAM;AAC1B,OAAO,KAAKC,MAAM,MAAM,gBAAgB;AACxC,OAAO,KAAKC,yBAAyB,MAAM,+BAA+B;AAC1E,SAASC,eAAe,QAAQ,cAAc;AAE9C,SAASJ,GAAG,EAAEC,EAAE,EAAEE,yBAAyB,EAAED,MAAM,EAAEE,eAAe"}
@@ -1,3 +1,4 @@
1
1
  import * as SdJwt from "./sd-jwt";
2
- export { SdJwt };
2
+ import { Issuing } from "./issuing";
3
+ export { SdJwt, Issuing };
3
4
  //# sourceMappingURL=index.js.map
@@ -1 +1 @@
1
- {"version":3,"names":["SdJwt"],"sourceRoot":"../../../src","sources":["pid/index.ts"],"mappings":"AAAA,OAAO,KAAKA,KAAK,MAAM,UAAU;AACjC,SAASA,KAAK"}
1
+ {"version":3,"names":["SdJwt","Issuing"],"sourceRoot":"../../../src","sources":["pid/index.ts"],"mappings":"AAAA,OAAO,KAAKA,KAAK,MAAM,UAAU;AACjC,SAASC,OAAO,QAAQ,WAAW;AACnC,SAASD,KAAK,EAAEC,OAAO"}
@@ -0,0 +1,225 @@
1
+ import { decode as decodeJwt, sha256ToBase64 } from "@pagopa/io-react-native-jwt";
2
+ import { SignJWT, thumbprint } from "@pagopa/io-react-native-jwt";
3
+ import { JWK } from "../utils/jwk";
4
+ import uuid from "react-native-uuid";
5
+ import { PidIssuingError } from "../utils/errors";
6
+ import { getUnsignedDPop } from "../utils/dpop";
7
+ import { sign, generate, deleteKey } from "@pagopa/io-react-native-crypto";
8
+
9
+ // This is a temporary type that will be used for demo purposes only
10
+
11
+ export class Issuing {
12
+ constructor(pidProviderBaseUrl, walletProviderBaseUrl, walletInstanceAttestation, clientId) {
13
+ let appFetch = arguments.length > 4 && arguments[4] !== undefined ? arguments[4] : fetch;
14
+ this.pidProviderBaseUrl = pidProviderBaseUrl;
15
+ this.walletProviderBaseUrl = walletProviderBaseUrl;
16
+ this.state = `${uuid.v4()}`;
17
+ this.codeVerifier = `${uuid.v4()}`;
18
+ this.authorizationCode = `${uuid.v4()}`;
19
+ this.walletInstanceAttestation = walletInstanceAttestation;
20
+ this.clientId = clientId;
21
+ this.appFetch = appFetch;
22
+ }
23
+
24
+ /**
25
+ * Return the unsigned jwt to call the PAR request.
26
+ *
27
+ * @function
28
+ * @param jwk The wallet instance attestation public JWK
29
+ *
30
+ * @returns Unsigned jwt
31
+ *
32
+ */
33
+ async getUnsignedJwtForPar(jwk) {
34
+ const parsedJwk = JWK.parse(jwk);
35
+ const keyThumbprint = await thumbprint(parsedJwk);
36
+ const publicKey = {
37
+ ...parsedJwk,
38
+ kid: keyThumbprint
39
+ };
40
+ const codeChallenge = await sha256ToBase64(this.codeVerifier);
41
+ const unsignedJwtForPar = new SignJWT({
42
+ client_assertion_type: "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
43
+ authorization_details: [{
44
+ credentialDefinition: {
45
+ type: ["eu.eudiw.pid.it"]
46
+ },
47
+ format: "vc+sd-jwt",
48
+ type: "type"
49
+ }],
50
+ response_type: "code",
51
+ code_challenge_method: "s256",
52
+ redirect_uri: this.walletProviderBaseUrl,
53
+ state: this.state,
54
+ client_id: this.clientId,
55
+ code_challenge: codeChallenge
56
+ }).setProtectedHeader({
57
+ alg: "ES256",
58
+ kid: publicKey.kid
59
+ }).setIssuedAt().setExpirationTime("1h").toSign();
60
+ return unsignedJwtForPar;
61
+ }
62
+
63
+ /**
64
+ * Make a PAR request to the PID issuer and return the response url
65
+ *
66
+ * @function
67
+ * @param unsignedJwtForPar The unsigned JWT for PAR
68
+ * @param signature The JWT for PAR signature
69
+ *
70
+ * @returns Unsigned PAR url
71
+ *
72
+ */
73
+ async getPar(unsignedJwtForPar, signature) {
74
+ const codeChallenge = await sha256ToBase64(this.codeVerifier);
75
+ const signedJwtForPar = await SignJWT.appendSignature(unsignedJwtForPar, signature);
76
+ const parUrl = new URL("/as/par", this.pidProviderBaseUrl).href;
77
+ const requestBody = {
78
+ response_type: "code",
79
+ client_id: this.clientId,
80
+ code_challenge: codeChallenge,
81
+ code_challenge_method: "S256",
82
+ client_assertion_type: "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
83
+ client_assertion: this.walletInstanceAttestation,
84
+ request: signedJwtForPar
85
+ };
86
+ var formBody = new URLSearchParams(requestBody);
87
+ const response = await this.appFetch(parUrl, {
88
+ method: "POST",
89
+ headers: {
90
+ "Content-Type": "application/x-www-form-urlencoded"
91
+ },
92
+ body: formBody.toString()
93
+ });
94
+ if (response.status === 201) {
95
+ const result = await response.json();
96
+ return result.request_uri;
97
+ }
98
+ throw new PidIssuingError(`Unable to obtain PAR. Response code: ${await response.text()}`);
99
+ }
100
+
101
+ /**
102
+ * Return the unsigned jwt for a generic DPoP
103
+ *
104
+ * @function
105
+ * @param jwk the public key for which the DPoP is to be created
106
+ *
107
+ * @returns Unsigned JWT for DPoP
108
+ *
109
+ */
110
+ async getUnsignedDPoP(jwk) {
111
+ const tokenUrl = new URL("/token", this.pidProviderBaseUrl).href;
112
+ const dPop = getUnsignedDPop(jwk, {
113
+ htm: "POST",
114
+ htu: tokenUrl,
115
+ jti: `${uuid.v4()}`
116
+ });
117
+ return dPop;
118
+ }
119
+
120
+ /**
121
+ * Make an auth token request to the PID issuer
122
+ *
123
+ * @function
124
+ * @returns a token response
125
+ *
126
+ */
127
+ async getAuthToken() {
128
+ //Generate fresh keys for DPoP
129
+ const dPopKeyTag = `${uuid.v4()}`;
130
+ const dPopKey = await generate(dPopKeyTag);
131
+ const unsignedDPopForToken = await this.getUnsignedDPoP(dPopKey);
132
+ const dPopTokenSignature = await sign(unsignedDPopForToken, dPopKeyTag);
133
+ await deleteKey(dPopKeyTag);
134
+ const signedDPop = await SignJWT.appendSignature(unsignedDPopForToken, dPopTokenSignature);
135
+ const decodedJwtDPop = decodeJwt(signedDPop);
136
+ const tokenUrl = decodedJwtDPop.payload.htu;
137
+ const requestBody = {
138
+ grant_type: "authorization code",
139
+ client_id: this.clientId,
140
+ code: this.authorizationCode,
141
+ code_verifier: this.codeVerifier,
142
+ client_assertion_type: "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
143
+ client_assertion: this.walletInstanceAttestation,
144
+ redirect_uri: this.walletProviderBaseUrl
145
+ };
146
+ var formBody = new URLSearchParams(requestBody);
147
+ const response = await this.appFetch(tokenUrl, {
148
+ method: "POST",
149
+ headers: {
150
+ "Content-Type": "application/x-www-form-urlencoded",
151
+ DPoP: signedDPop
152
+ },
153
+ body: formBody.toString()
154
+ });
155
+ if (response.status === 200) {
156
+ return await response.json();
157
+ }
158
+ throw new PidIssuingError(`Unable to obtain token. Response code: ${await response.text()}`);
159
+ }
160
+
161
+ /**
162
+ * Return the unsigned jwt for nonce proof of possession
163
+ *
164
+ * @function
165
+ * @param nonce the nonce
166
+ *
167
+ * @returns Unsigned JWT for nonce proof
168
+ *
169
+ */
170
+ async getUnsignedNonceProof(nonce) {
171
+ const unsignedProof = new SignJWT({
172
+ nonce
173
+ }).setProtectedHeader({
174
+ alg: "ES256",
175
+ type: "openid4vci-proof+jwt"
176
+ }).setAudience(this.walletProviderBaseUrl).setIssuer(this.clientId).setIssuedAt().setExpirationTime("1h").toSign();
177
+ return unsignedProof;
178
+ }
179
+
180
+ /**
181
+ * Make the credential issuing request to the PID issuer
182
+ *
183
+ * @function
184
+ * @param unsignedDPopForPid The unsigned JWT for PID DPoP
185
+ * @param dPopPidSignature The JWT for PID DPoP signature
186
+ * @param unsignedNonceProof The unsigned JWT for nonce proof
187
+ * @param nonceProofSignature The JWT for nonce proof signature
188
+ * @param accessToken The access token obtained with getAuthToken
189
+ * @param cieData Personal data read by the CIE
190
+ *
191
+ * @returns a credential
192
+ *
193
+ */
194
+ async getCredential(unsignedDPopForPid, dPopPidSignature, unsignedNonceProof, nonceProofSignature, accessToken, cieData) {
195
+ const signedDPopForPid = await SignJWT.appendSignature(unsignedDPopForPid, dPopPidSignature);
196
+ const signedNonceProof = await SignJWT.appendSignature(unsignedNonceProof, nonceProofSignature);
197
+ const credentialUrl = new URL("/credential", this.pidProviderBaseUrl).href;
198
+ const requestBody = {
199
+ credential_definition: JSON.stringify({
200
+ type: ["eu.eudiw.pid.it"]
201
+ }),
202
+ format: "vc+sd-jwt",
203
+ proof: JSON.stringify({
204
+ jwt: signedNonceProof,
205
+ cieData,
206
+ proof_type: "jwt"
207
+ })
208
+ };
209
+ const formBody = new URLSearchParams(requestBody);
210
+ const response = await this.appFetch(credentialUrl, {
211
+ method: "POST",
212
+ headers: {
213
+ "Content-Type": "application/x-www-form-urlencoded",
214
+ DPoP: signedDPopForPid,
215
+ Authorization: accessToken
216
+ },
217
+ body: formBody.toString()
218
+ });
219
+ if (response.status === 200) {
220
+ return await response.json();
221
+ }
222
+ throw new PidIssuingError(`Unable to obtain credential!`);
223
+ }
224
+ }
225
+ //# sourceMappingURL=issuing.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"names":["decode","decodeJwt","sha256ToBase64","SignJWT","thumbprint","JWK","uuid","PidIssuingError","getUnsignedDPop","sign","generate","deleteKey","Issuing","constructor","pidProviderBaseUrl","walletProviderBaseUrl","walletInstanceAttestation","clientId","appFetch","arguments","length","undefined","fetch","state","v4","codeVerifier","authorizationCode","getUnsignedJwtForPar","jwk","parsedJwk","parse","keyThumbprint","publicKey","kid","codeChallenge","unsignedJwtForPar","client_assertion_type","authorization_details","credentialDefinition","type","format","response_type","code_challenge_method","redirect_uri","client_id","code_challenge","setProtectedHeader","alg","setIssuedAt","setExpirationTime","toSign","getPar","signature","signedJwtForPar","appendSignature","parUrl","URL","href","requestBody","client_assertion","request","formBody","URLSearchParams","response","method","headers","body","toString","status","result","json","request_uri","text","getUnsignedDPoP","tokenUrl","dPop","htm","htu","jti","getAuthToken","dPopKeyTag","dPopKey","unsignedDPopForToken","dPopTokenSignature","signedDPop","decodedJwtDPop","payload","grant_type","code","code_verifier","DPoP","getUnsignedNonceProof","nonce","unsignedProof","setAudience","setIssuer","getCredential","unsignedDPopForPid","dPopPidSignature","unsignedNonceProof","nonceProofSignature","accessToken","cieData","signedDPopForPid","signedNonceProof","credentialUrl","credential_definition","JSON","stringify","proof","jwt","proof_type","Authorization"],"sourceRoot":"../../../src","sources":["pid/issuing.ts"],"mappings":"AAAA,SACEA,MAAM,IAAIC,SAAS,EACnBC,cAAc,QACT,6BAA6B;AAEpC,SAASC,OAAO,EAAEC,UAAU,QAAQ,6BAA6B;AACjE,SAASC,GAAG,QAAQ,cAAc;AAClC,OAAOC,IAAI,MAAM,mBAAmB;AACpC,SAASC,eAAe,QAAQ,iBAAiB;AACjD,SAASC,eAAe,QAAQ,eAAe;AAC/C,SAASC,IAAI,EAAEC,QAAQ,EAAEC,SAAS,QAAQ,gCAAgC;;AAE1E;;AAgBA,OAAO,MAAMC,OAAO,CAAC;EAUnBC,WAAWA,CACTC,kBAA0B,EAC1BC,qBAA6B,EAC7BC,yBAAiC,EACjCC,QAAgB,EAEhB;IAAA,IADAC,QAA8B,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAGG,KAAK;IAEtC,IAAI,CAACR,kBAAkB,GAAGA,kBAAkB;IAC5C,IAAI,CAACC,qBAAqB,GAAGA,qBAAqB;IAClD,IAAI,CAACQ,KAAK,GAAI,GAAEjB,IAAI,CAACkB,EAAE,CAAC,CAAE,EAAC;IAC3B,IAAI,CAACC,YAAY,GAAI,GAAEnB,IAAI,CAACkB,EAAE,CAAC,CAAE,EAAC;IAClC,IAAI,CAACE,iBAAiB,GAAI,GAAEpB,IAAI,CAACkB,EAAE,CAAC,CAAE,EAAC;IACvC,IAAI,CAACR,yBAAyB,GAAGA,yBAAyB;IAC1D,IAAI,CAACC,QAAQ,GAAGA,QAAQ;IACxB,IAAI,CAACC,QAAQ,GAAGA,QAAQ;EAC1B;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMS,oBAAoBA,CAACC,GAAQ,EAAmB;IACpD,MAAMC,SAAS,GAAGxB,GAAG,CAACyB,KAAK,CAACF,GAAG,CAAC;IAChC,MAAMG,aAAa,GAAG,MAAM3B,UAAU,CAACyB,SAAS,CAAC;IACjD,MAAMG,SAAS,GAAG;MAAE,GAAGH,SAAS;MAAEI,GAAG,EAAEF;IAAc,CAAC;IACtD,MAAMG,aAAa,GAAG,MAAMhC,cAAc,CAAC,IAAI,CAACuB,YAAY,CAAC;IAE7D,MAAMU,iBAAiB,GAAG,IAAIhC,OAAO,CAAC;MACpCiC,qBAAqB,EACnB,wDAAwD;MAC1DC,qBAAqB,EAAE,CACrB;QACEC,oBAAoB,EAAE;UACpBC,IAAI,EAAE,CAAC,iBAAiB;QAC1B,CAAC;QACDC,MAAM,EAAE,WAAW;QACnBD,IAAI,EAAE;MACR,CAAC,CACF;MACDE,aAAa,EAAE,MAAM;MACrBC,qBAAqB,EAAE,MAAM;MAC7BC,YAAY,EAAE,IAAI,CAAC5B,qBAAqB;MACxCQ,KAAK,EAAE,IAAI,CAACA,KAAK;MACjBqB,SAAS,EAAE,IAAI,CAAC3B,QAAQ;MACxB4B,cAAc,EAAEX;IAClB,CAAC,CAAC,CACCY,kBAAkB,CAAC;MAClBC,GAAG,EAAE,OAAO;MACZd,GAAG,EAAED,SAAS,CAACC;IACjB,CAAC,CAAC,CACDe,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,MAAM,CAAC,CAAC;IAEX,OAAOf,iBAAiB;EAC1B;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMgB,MAAMA,CAAChB,iBAAyB,EAAEiB,SAAiB,EAAmB;IAC1E,MAAMlB,aAAa,GAAG,MAAMhC,cAAc,CAAC,IAAI,CAACuB,YAAY,CAAC;IAC7D,MAAM4B,eAAe,GAAG,MAAMlD,OAAO,CAACmD,eAAe,CACnDnB,iBAAiB,EACjBiB,SACF,CAAC;IAED,MAAMG,MAAM,GAAG,IAAIC,GAAG,CAAC,SAAS,EAAE,IAAI,CAAC1C,kBAAkB,CAAC,CAAC2C,IAAI;IAE/D,MAAMC,WAAW,GAAG;MAClBjB,aAAa,EAAE,MAAM;MACrBG,SAAS,EAAE,IAAI,CAAC3B,QAAQ;MACxB4B,cAAc,EAAEX,aAAa;MAC7BQ,qBAAqB,EAAE,MAAM;MAC7BN,qBAAqB,EACnB,wDAAwD;MAC1DuB,gBAAgB,EAAE,IAAI,CAAC3C,yBAAyB;MAChD4C,OAAO,EAAEP;IACX,CAAC;IAED,IAAIQ,QAAQ,GAAG,IAAIC,eAAe,CAACJ,WAAW,CAAC;IAE/C,MAAMK,QAAQ,GAAG,MAAM,IAAI,CAAC7C,QAAQ,CAACqC,MAAM,EAAE;MAC3CS,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE;MAClB,CAAC;MACDC,IAAI,EAAEL,QAAQ,CAACM,QAAQ,CAAC;IAC1B,CAAC,CAAC;IAEF,IAAIJ,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAMC,MAAM,GAAG,MAAMN,QAAQ,CAACO,IAAI,CAAC,CAAC;MACpC,OAAOD,MAAM,CAACE,WAAW;IAC3B;IAEA,MAAM,IAAIhE,eAAe,CACtB,wCAAuC,MAAMwD,QAAQ,CAACS,IAAI,CAAC,CAAE,EAChE,CAAC;EACH;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMC,eAAeA,CAAC7C,GAAQ,EAAmB;IAC/C,MAAM8C,QAAQ,GAAG,IAAIlB,GAAG,CAAC,QAAQ,EAAE,IAAI,CAAC1C,kBAAkB,CAAC,CAAC2C,IAAI;IAChE,MAAMkB,IAAI,GAAGnE,eAAe,CAACoB,GAAG,EAAE;MAChCgD,GAAG,EAAE,MAAM;MACXC,GAAG,EAAEH,QAAQ;MACbI,GAAG,EAAG,GAAExE,IAAI,CAACkB,EAAE,CAAC,CAAE;IACpB,CAAC,CAAC;IACF,OAAOmD,IAAI;EACb;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;EACE,MAAMI,YAAYA,CAAA,EAA2B;IAC3C;IACA,MAAMC,UAAU,GAAI,GAAE1E,IAAI,CAACkB,EAAE,CAAC,CAAE,EAAC;IACjC,MAAMyD,OAAO,GAAG,MAAMvE,QAAQ,CAACsE,UAAU,CAAC;IAC1C,MAAME,oBAAoB,GAAG,MAAM,IAAI,CAACT,eAAe,CAACQ,OAAO,CAAC;IAChE,MAAME,kBAAkB,GAAG,MAAM1E,IAAI,CAACyE,oBAAoB,EAAEF,UAAU,CAAC;IACvE,MAAMrE,SAAS,CAACqE,UAAU,CAAC;IAE3B,MAAMI,UAAU,GAAG,MAAMjF,OAAO,CAACmD,eAAe,CAC9C4B,oBAAoB,EACpBC,kBACF,CAAC;IACD,MAAME,cAAc,GAAGpF,SAAS,CAACmF,UAAU,CAAC;IAC5C,MAAMV,QAAQ,GAAGW,cAAc,CAACC,OAAO,CAACT,GAAa;IACrD,MAAMnB,WAAW,GAAG;MAClB6B,UAAU,EAAE,oBAAoB;MAChC3C,SAAS,EAAE,IAAI,CAAC3B,QAAQ;MACxBuE,IAAI,EAAE,IAAI,CAAC9D,iBAAiB;MAC5B+D,aAAa,EAAE,IAAI,CAAChE,YAAY;MAChCW,qBAAqB,EACnB,wDAAwD;MAC1DuB,gBAAgB,EAAE,IAAI,CAAC3C,yBAAyB;MAChD2B,YAAY,EAAE,IAAI,CAAC5B;IACrB,CAAC;IACD,IAAI8C,QAAQ,GAAG,IAAIC,eAAe,CAACJ,WAAW,CAAC;IAE/C,MAAMK,QAAQ,GAAG,MAAM,IAAI,CAAC7C,QAAQ,CAACwD,QAAQ,EAAE;MAC7CV,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE,mCAAmC;QACnDyB,IAAI,EAAEN;MACR,CAAC;MACDlB,IAAI,EAAEL,QAAQ,CAACM,QAAQ,CAAC;IAC1B,CAAC,CAAC;IAEF,IAAIJ,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,OAAO,MAAML,QAAQ,CAACO,IAAI,CAAC,CAAC;IAC9B;IAEA,MAAM,IAAI/D,eAAe,CACtB,0CAAyC,MAAMwD,QAAQ,CAACS,IAAI,CAAC,CAAE,EAClE,CAAC;EACH;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMmB,qBAAqBA,CAACC,KAAa,EAAmB;IAC1D,MAAMC,aAAa,GAAG,IAAI1F,OAAO,CAAC;MAChCyF;IACF,CAAC,CAAC,CACC9C,kBAAkB,CAAC;MAClBC,GAAG,EAAE,OAAO;MACZR,IAAI,EAAE;IACR,CAAC,CAAC,CACDuD,WAAW,CAAC,IAAI,CAAC/E,qBAAqB,CAAC,CACvCgF,SAAS,CAAC,IAAI,CAAC9E,QAAQ,CAAC,CACxB+B,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,MAAM,CAAC,CAAC;IACX,OAAO2C,aAAa;EACtB;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMG,aAAaA,CACjBC,kBAA0B,EAC1BC,gBAAwB,EACxBC,kBAA0B,EAC1BC,mBAA2B,EAC3BC,WAAmB,EACnBC,OAAgB,EACM;IACtB,MAAMC,gBAAgB,GAAG,MAAMpG,OAAO,CAACmD,eAAe,CACpD2C,kBAAkB,EAClBC,gBACF,CAAC;IACD,MAAMM,gBAAgB,GAAG,MAAMrG,OAAO,CAACmD,eAAe,CACpD6C,kBAAkB,EAClBC,mBACF,CAAC;IACD,MAAMK,aAAa,GAAG,IAAIjD,GAAG,CAAC,aAAa,EAAE,IAAI,CAAC1C,kBAAkB,CAAC,CAAC2C,IAAI;IAE1E,MAAMC,WAAW,GAAG;MAClBgD,qBAAqB,EAAEC,IAAI,CAACC,SAAS,CAAC;QAAErE,IAAI,EAAE,CAAC,iBAAiB;MAAE,CAAC,CAAC;MACpEC,MAAM,EAAE,WAAW;MACnBqE,KAAK,EAAEF,IAAI,CAACC,SAAS,CAAC;QACpBE,GAAG,EAAEN,gBAAgB;QACrBF,OAAO;QACPS,UAAU,EAAE;MACd,CAAC;IACH,CAAC;IACD,MAAMlD,QAAQ,GAAG,IAAIC,eAAe,CAACJ,WAAW,CAAC;IAEjD,MAAMK,QAAQ,GAAG,MAAM,IAAI,CAAC7C,QAAQ,CAACuF,aAAa,EAAE;MAClDzC,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE,mCAAmC;QACnDyB,IAAI,EAAEa,gBAAgB;QACtBS,aAAa,EAAEX;MACjB,CAAC;MACDnC,IAAI,EAAEL,QAAQ,CAACM,QAAQ,CAAC;IAC1B,CAAC,CAAC;IAEF,IAAIJ,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,OAAO,MAAML,QAAQ,CAACO,IAAI,CAAC,CAAC;IAC9B;IAEA,MAAM,IAAI/D,eAAe,CAAE,8BAA6B,CAAC;EAC3D;AACF"}
@@ -0,0 +1,16 @@
1
+ import { RelyingPartySolution } from "..";
2
+ import { AuthRequestDecodeError } from "../../utils/errors";
3
+ const walletInstanceAttestation = "eyJhbGciOiJFUzI1NiIsImtpZCI6IjV0NVlZcEJoTi1FZ0lFRUk1aVV6cjZyME1SMDJMblZRME9tZWttTktjalkiLCJ0cnVzdF9jaGFpbiI6WyJleUpoYkdjaU9pSkZVei4uLjZTMEEiLCJleUpoYkdjaU9pSkZVei4uLmpKTEEiLCJleUpoYkdjaU9pSkZVei4uLkg5Z3ciXSwidHlwIjoidmErand0IiwieDVjIjpbIk1JSUJqRENDIC4uLiBYRmVoZ0tRQT09Il19.eyJpc3MiOiJodHRwczovL3dhbGxldC1wcm92aWRlci5leGFtcGxlLm9yZyIsInN1YiI6InZiZVhKa3NNNDV4cGh0QU5uQ2lHNm1DeXVVNGpmR056b3BHdUt2b2dnOWMiLCJ0eXBlIjoiV2FsbGV0SW5zdGFuY2VBdHRlc3RhdGlvbiIsInBvbGljeV91cmkiOiJodHRwczovL3dhbGxldC1wcm92aWRlci5leGFtcGxlLm9yZy9wcml2YWN5X3BvbGljeSIsInRvc191cmkiOiJodHRwczovL3dhbGxldC1wcm92aWRlci5leGFtcGxlLm9yZy9pbmZvX3BvbGljeSIsImxvZ29fdXJpIjoiaHR0cHM6Ly93YWxsZXQtcHJvdmlkZXIuZXhhbXBsZS5vcmcvbG9nby5zdmciLCJhc2MiOiJodHRwczovL3dhbGxldC1wcm92aWRlci5leGFtcGxlLm9yZy9Mb0EvYmFzaWMiLCJjbmYiOnsiandrIjp7ImNydiI6IlAtMjU2Iiwia3R5IjoiRUMiLCJ4IjoiNEhOcHRJLXhyMnBqeVJKS0dNbno0V21kblFEX3VKU3E0Ujk1Tmo5OGI0NCIsInkiOiJMSVpuU0IzOXZGSmhZZ1MzazdqWEU0cjMtQ29HRlF3WnRQQklScXBObHJnIiwia2lkIjoidmJlWEprc000NXhwaHRBTm5DaUc2bUN5dVU0amZHTnpvcEd1S3ZvZ2c5YyJ9fSwiYXV0aG9yaXphdGlvbl9lbmRwb2ludCI6ImV1ZGl3OiIsInJlc3BvbnNlX3R5cGVzX3N1cHBvcnRlZCI6WyJ2cF90b2tlbiJdLCJ2cF9mb3JtYXRzX3N1cHBvcnRlZCI6eyJqd3RfdnBfanNvbiI6eyJhbGdfdmFsdWVzX3N1cHBvcnRlZCI6WyJFUzI1NiJdfSwiand0X3ZjX2pzb24iOnsiYWxnX3ZhbHVlc19zdXBwb3J0ZWQiOlsiRVMyNTYiXX19LCJyZXF1ZXN0X29iamVjdF9zaWduaW5nX2FsZ192YWx1ZXNfc3VwcG9ydGVkIjpbIkVTMjU2Il0sInByZXNlbnRhdGlvbl9kZWZpbml0aW9uX3VyaV9zdXBwb3J0ZWQiOmZhbHNlLCJpYXQiOjE2ODcyODExOTUsImV4cCI6MTY4NzI4ODM5NX0.OTuPik6p3o9j6VOx-uCyxRvHwoh1pDiiZcBQFNQt2uE3dK-8izGNflJVETi_uhGSZOf25Enkq-UvEin9NrbJNw";
4
+ const rp = new RelyingPartySolution("http://rp.example", walletInstanceAttestation);
5
+ describe("decodeAuthRequestQR", () => {
6
+ it("should return authentication request URL", async () => {
7
+ const qrcode = "ZXVkaXc6Ly9hdXRob3JpemU/Y2xpZW50X2lkPWh0dHBzOi8vdmVyaWZpZXIuZXhhbXBsZS5vcmcmcmVxdWVzdF91cmk9aHR0cHM6Ly92ZXJpZmllci5leGFtcGxlLm9yZy9yZXF1ZXN0X3VyaQ==";
8
+ const result = rp.decodeAuthRequestQR(qrcode);
9
+ expect(result).toEqual("https://verifier.example.org/request_uri");
10
+ });
11
+ it("should throw exception with invalid QR", async () => {
12
+ const qrcode = "aHR0cDovL2dvb2dsZS5pdA==";
13
+ expect(() => rp.decodeAuthRequestQR(qrcode)).toThrowError(AuthRequestDecodeError);
14
+ });
15
+ });
16
+ //# sourceMappingURL=index.test.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"names":["RelyingPartySolution","AuthRequestDecodeError","walletInstanceAttestation","rp","describe","it","qrcode","result","decodeAuthRequestQR","expect","toEqual","toThrowError"],"sourceRoot":"../../../../src","sources":["rp/__test__/index.test.ts"],"mappings":"AAAA,SAASA,oBAAoB,QAAQ,IAAI;AACzC,SAASC,sBAAsB,QAAQ,oBAAoB;AAE3D,MAAMC,yBAAyB,GAC7B,qhDAAqhD;AACvhD,MAAMC,EAAE,GAAG,IAAIH,oBAAoB,CACjC,mBAAmB,EACnBE,yBACF,CAAC;AACDE,QAAQ,CAAC,qBAAqB,EAAE,MAAM;EACpCC,EAAE,CAAC,0CAA0C,EAAE,YAAY;IACzD,MAAMC,MAAM,GACV,sJAAsJ;IACxJ,MAAMC,MAAM,GAAGJ,EAAE,CAACK,mBAAmB,CAACF,MAAM,CAAC;IAC7CG,MAAM,CAACF,MAAM,CAAC,CAACG,OAAO,CAAC,0CAA0C,CAAC;EACpE,CAAC,CAAC;EACFL,EAAE,CAAC,wCAAwC,EAAE,YAAY;IACvD,MAAMC,MAAM,GAAG,0BAA0B;IACzCG,MAAM,CAAC,MAAMN,EAAE,CAACK,mBAAmB,CAACF,MAAM,CAAC,CAAC,CAACK,YAAY,CACvDV,sBACF,CAAC;EACH,CAAC,CAAC;AACJ,CAAC,CAAC"}
@@ -0,0 +1,108 @@
1
+ import { AuthRequestDecodeError, IoWalletError } from "../utils/errors";
2
+ import { decode as decodeJwt, decodeBase64, sha256ToBase64, SignJWT } from "@pagopa/io-react-native-jwt";
3
+ import { RequestObject, RpEntityConfiguration } from "./types";
4
+ import uuid from "react-native-uuid";
5
+ export class RelyingPartySolution {
6
+ constructor(relyingPartyBaseUrl, walletInstanceAttestation) {
7
+ let appFetch = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : fetch;
8
+ this.relyingPartyBaseUrl = relyingPartyBaseUrl;
9
+ this.walletInstanceAttestation = walletInstanceAttestation;
10
+ this.appFetch = appFetch;
11
+ }
12
+
13
+ /**
14
+ * Decode a QR code content to an authentication request url.
15
+ * @function
16
+ * @param qrcode QR code content
17
+ *
18
+ * @returns The authentication request url
19
+ *
20
+ */
21
+ decodeAuthRequestQR(qrcode) {
22
+ try {
23
+ const decoded = decodeBase64(qrcode);
24
+ const decodedUrl = new URL(decoded);
25
+ const requestUri = decodedUrl.searchParams.get("request_uri");
26
+ if (requestUri) {
27
+ return requestUri;
28
+ } else {
29
+ throw new AuthRequestDecodeError("Unable to obtain request_uri from QR code", `${decodedUrl}`);
30
+ }
31
+ } catch {
32
+ throw new AuthRequestDecodeError("Unable to decode QR code authentication request url", qrcode);
33
+ }
34
+ }
35
+ /**
36
+ * Obtain the unsigned wallet instance DPoP for authentication request
37
+ *
38
+ * @function
39
+ * @param walletInstanceAttestationJwk JWT of the Wallet Instance Attestation
40
+ * @param authRequestUrl authentication request url
41
+ *
42
+ * @returns The unsigned wallet instance DPoP
43
+ *
44
+ */
45
+ async getUnsignedWalletInstanceDPoP(walletInstanceAttestationJwk, authRequestUrl) {
46
+ return await new SignJWT({
47
+ jti: `${uuid.v4()}`,
48
+ htm: "GET",
49
+ htu: authRequestUrl,
50
+ ath: await sha256ToBase64(this.walletInstanceAttestation)
51
+ }).setProtectedHeader({
52
+ alg: "ES256",
53
+ jwk: walletInstanceAttestationJwk,
54
+ typ: "dpop+jwt"
55
+ }).setIssuedAt().setExpirationTime("1h").toSign();
56
+ }
57
+
58
+ /**
59
+ * Obtain the Request Object for RP authentication
60
+ *
61
+ * @function
62
+ * @param signedWalletInstanceDPoP JWT of the Wallet Instance Attestation DPoP
63
+ *
64
+ * @returns The Request Object JWT
65
+ *
66
+ */
67
+ async getRequestObject(signedWalletInstanceDPoP) {
68
+ const decodedJwtDPop = await decodeJwt(signedWalletInstanceDPoP);
69
+ const requestUri = decodedJwtDPop.payload.htu;
70
+ const response = await this.appFetch(requestUri, {
71
+ method: "GET",
72
+ headers: {
73
+ Authorization: `DPoP ${this.walletInstanceAttestation}`,
74
+ DPoP: signedWalletInstanceDPoP
75
+ }
76
+ });
77
+ if (response.status === 200) {
78
+ const responseText = await response.text();
79
+ const responseJwt = await decodeJwt(responseText);
80
+ const requestObj = RequestObject.parse({
81
+ header: responseJwt.protectedHeader,
82
+ payload: responseJwt.payload
83
+ });
84
+ return requestObj;
85
+ }
86
+ throw new IoWalletError(`Unable to obtain Request Object. Response code: ${response.status}`);
87
+ }
88
+
89
+ /**
90
+ * Obtain the relying party entity configuration.
91
+ */
92
+ async getEntityConfiguration() {
93
+ const wellKnownUrl = new URL("/.well-known/openid-federation", this.relyingPartyBaseUrl).href;
94
+ const response = await this.appFetch(wellKnownUrl, {
95
+ method: "GET"
96
+ });
97
+ if (response.status === 200) {
98
+ const responseText = await response.text();
99
+ const responseJwt = await decodeJwt(responseText);
100
+ return RpEntityConfiguration.parse({
101
+ header: responseJwt.protectedHeader,
102
+ payload: responseJwt.payload
103
+ });
104
+ }
105
+ throw new IoWalletError(`Unable to obtain RP Entity Configuration. Response code: ${response.status}`);
106
+ }
107
+ }
108
+ //# sourceMappingURL=index.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"names":["AuthRequestDecodeError","IoWalletError","decode","decodeJwt","decodeBase64","sha256ToBase64","SignJWT","RequestObject","RpEntityConfiguration","uuid","RelyingPartySolution","constructor","relyingPartyBaseUrl","walletInstanceAttestation","appFetch","arguments","length","undefined","fetch","decodeAuthRequestQR","qrcode","decoded","decodedUrl","URL","requestUri","searchParams","get","getUnsignedWalletInstanceDPoP","walletInstanceAttestationJwk","authRequestUrl","jti","v4","htm","htu","ath","setProtectedHeader","alg","jwk","typ","setIssuedAt","setExpirationTime","toSign","getRequestObject","signedWalletInstanceDPoP","decodedJwtDPop","payload","response","method","headers","Authorization","DPoP","status","responseText","text","responseJwt","requestObj","parse","header","protectedHeader","getEntityConfiguration","wellKnownUrl","href"],"sourceRoot":"../../../src","sources":["rp/index.ts"],"mappings":"AAAA,SAASA,sBAAsB,EAAEC,aAAa,QAAQ,iBAAiB;AACvE,SACEC,MAAM,IAAIC,SAAS,EACnBC,YAAY,EACZC,cAAc,EACdC,OAAO,QACF,6BAA6B;AACpC,SAASC,aAAa,EAAEC,qBAAqB,QAAQ,SAAS;AAE9D,OAAOC,IAAI,MAAM,mBAAmB;AAGpC,OAAO,MAAMC,oBAAoB,CAAC;EAKhCC,WAAWA,CACTC,mBAA2B,EAC3BC,yBAAiC,EAEjC;IAAA,IADAC,QAA8B,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAGG,KAAK;IAEtC,IAAI,CAACN,mBAAmB,GAAGA,mBAAmB;IAC9C,IAAI,CAACC,yBAAyB,GAAGA,yBAAyB;IAC1D,IAAI,CAACC,QAAQ,GAAGA,QAAQ;EAC1B;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;EACEK,mBAAmBA,CAACC,MAAc,EAAU;IAC1C,IAAI;MACF,MAAMC,OAAO,GAAGjB,YAAY,CAACgB,MAAM,CAAC;MACpC,MAAME,UAAU,GAAG,IAAIC,GAAG,CAACF,OAAO,CAAC;MACnC,MAAMG,UAAU,GAAGF,UAAU,CAACG,YAAY,CAACC,GAAG,CAAC,aAAa,CAAC;MAC7D,IAAIF,UAAU,EAAE;QACd,OAAOA,UAAU;MACnB,CAAC,MAAM;QACL,MAAM,IAAIxB,sBAAsB,CAC9B,2CAA2C,EAC1C,GAAEsB,UAAW,EAChB,CAAC;MACH;IACF,CAAC,CAAC,MAAM;MACN,MAAM,IAAItB,sBAAsB,CAC9B,qDAAqD,EACrDoB,MACF,CAAC;IACH;EACF;EACA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMO,6BAA6BA,CACjCC,4BAAiC,EACjCC,cAAsB,EACL;IACjB,OAAO,MAAM,IAAIvB,OAAO,CAAC;MACvBwB,GAAG,EAAG,GAAErB,IAAI,CAACsB,EAAE,CAAC,CAAE,EAAC;MACnBC,GAAG,EAAE,KAAK;MACVC,GAAG,EAAEJ,cAAc;MACnBK,GAAG,EAAE,MAAM7B,cAAc,CAAC,IAAI,CAACQ,yBAAyB;IAC1D,CAAC,CAAC,CACCsB,kBAAkB,CAAC;MAClBC,GAAG,EAAE,OAAO;MACZC,GAAG,EAAET,4BAA4B;MACjCU,GAAG,EAAE;IACP,CAAC,CAAC,CACDC,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,MAAM,CAAC,CAAC;EACb;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMC,gBAAgBA,CACpBC,wBAAgC,EACR;IACxB,MAAMC,cAAc,GAAG,MAAMzC,SAAS,CAACwC,wBAAwB,CAAC;IAChE,MAAMnB,UAAU,GAAGoB,cAAc,CAACC,OAAO,CAACZ,GAAa;IAEvD,MAAMa,QAAQ,GAAG,MAAM,IAAI,CAAChC,QAAQ,CAACU,UAAU,EAAE;MAC/CuB,MAAM,EAAE,KAAK;MACbC,OAAO,EAAE;QACPC,aAAa,EAAG,QAAO,IAAI,CAACpC,yBAA0B,EAAC;QACvDqC,IAAI,EAAEP;MACR;IACF,CAAC,CAAC;IAEF,IAAIG,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAMC,YAAY,GAAG,MAAMN,QAAQ,CAACO,IAAI,CAAC,CAAC;MAC1C,MAAMC,WAAW,GAAG,MAAMnD,SAAS,CAACiD,YAAY,CAAC;MACjD,MAAMG,UAAU,GAAGhD,aAAa,CAACiD,KAAK,CAAC;QACrCC,MAAM,EAAEH,WAAW,CAACI,eAAe;QACnCb,OAAO,EAAES,WAAW,CAACT;MACvB,CAAC,CAAC;MACF,OAAOU,UAAU;IACnB;IAEA,MAAM,IAAItD,aAAa,CACpB,mDAAkD6C,QAAQ,CAACK,MAAO,EACrE,CAAC;EACH;;EAEA;AACF;AACA;EACE,MAAMQ,sBAAsBA,CAAA,EAAmC;IAC7D,MAAMC,YAAY,GAAG,IAAIrC,GAAG,CAC1B,gCAAgC,EAChC,IAAI,CAACX,mBACP,CAAC,CAACiD,IAAI;IAEN,MAAMf,QAAQ,GAAG,MAAM,IAAI,CAAChC,QAAQ,CAAC8C,YAAY,EAAE;MACjDb,MAAM,EAAE;IACV,CAAC,CAAC;IAEF,IAAID,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAMC,YAAY,GAAG,MAAMN,QAAQ,CAACO,IAAI,CAAC,CAAC;MAC1C,MAAMC,WAAW,GAAG,MAAMnD,SAAS,CAACiD,YAAY,CAAC;MACjD,OAAO5C,qBAAqB,CAACgD,KAAK,CAAC;QACjCC,MAAM,EAAEH,WAAW,CAACI,eAAe;QACnCb,OAAO,EAAES,WAAW,CAACT;MACvB,CAAC,CAAC;IACJ;IAEA,MAAM,IAAI5C,aAAa,CACpB,4DAA2D6C,QAAQ,CAACK,MAAO,EAC9E,CAAC;EACH;AACF"}
@@ -0,0 +1,63 @@
1
+ import { JWK } from "../utils/jwk";
2
+ import { UnixTime } from "../sd-jwt/types";
3
+ import * as z from "zod";
4
+ export const RequestObject = z.object({
5
+ header: z.object({
6
+ typ: z.literal("JWT"),
7
+ alg: z.string(),
8
+ kid: z.string(),
9
+ trust_chain: z.array(z.string())
10
+ }),
11
+ payload: z.object({
12
+ iss: z.string(),
13
+ iat: UnixTime,
14
+ exp: UnixTime,
15
+ state: z.string(),
16
+ nonce: z.string(),
17
+ response_uri: z.string(),
18
+ response_type: z.literal("vp_token"),
19
+ response_mode: z.literal("direct_post.jwt"),
20
+ client_id: z.string(),
21
+ client_id_scheme: z.literal("entity_id"),
22
+ scope: z.string()
23
+ })
24
+ });
25
+
26
+ // TODO: This types is WIP in technical rules
27
+
28
+ export const RpEntityConfiguration = z.object({
29
+ header: z.object({
30
+ typ: z.literal("entity-statement+jwt"),
31
+ alg: z.string(),
32
+ kid: z.string()
33
+ }),
34
+ payload: z.object({
35
+ exp: UnixTime,
36
+ iat: UnixTime,
37
+ iss: z.string(),
38
+ sub: z.string(),
39
+ jwks: z.object({
40
+ keys: z.array(JWK)
41
+ }),
42
+ metadata: z.object({
43
+ wallet_relying_party: z.object({
44
+ application_type: z.string(),
45
+ client_id: z.string(),
46
+ client_name: z.string(),
47
+ jwks: z.object({
48
+ keys: z.array(JWK)
49
+ }),
50
+ contacts: z.array(z.string())
51
+ }),
52
+ federation_entity: z.object({
53
+ organization_name: z.string(),
54
+ homepage_uri: z.string(),
55
+ policy_uri: z.string(),
56
+ logo_uri: z.string(),
57
+ contacts: z.array(z.string())
58
+ })
59
+ }),
60
+ authority_hints: z.array(z.string())
61
+ })
62
+ });
63
+ //# sourceMappingURL=types.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"names":["JWK","UnixTime","z","RequestObject","object","header","typ","literal","alg","string","kid","trust_chain","array","payload","iss","iat","exp","state","nonce","response_uri","response_type","response_mode","client_id","client_id_scheme","scope","RpEntityConfiguration","sub","jwks","keys","metadata","wallet_relying_party","application_type","client_name","contacts","federation_entity","organization_name","homepage_uri","policy_uri","logo_uri","authority_hints"],"sourceRoot":"../../../src","sources":["rp/types.ts"],"mappings":"AAAA,SAASA,GAAG,QAAQ,cAAc;AAClC,SAASC,QAAQ,QAAQ,iBAAiB;AAC1C,OAAO,KAAKC,CAAC,MAAM,KAAK;AAGxB,OAAO,MAAMC,aAAa,GAAGD,CAAC,CAACE,MAAM,CAAC;EACpCC,MAAM,EAAEH,CAAC,CAACE,MAAM,CAAC;IACfE,GAAG,EAAEJ,CAAC,CAACK,OAAO,CAAC,KAAK,CAAC;IACrBC,GAAG,EAAEN,CAAC,CAACO,MAAM,CAAC,CAAC;IACfC,GAAG,EAAER,CAAC,CAACO,MAAM,CAAC,CAAC;IACfE,WAAW,EAAET,CAAC,CAACU,KAAK,CAACV,CAAC,CAACO,MAAM,CAAC,CAAC;EACjC,CAAC,CAAC;EACFI,OAAO,EAAEX,CAAC,CAACE,MAAM,CAAC;IAChBU,GAAG,EAAEZ,CAAC,CAACO,MAAM,CAAC,CAAC;IACfM,GAAG,EAAEd,QAAQ;IACbe,GAAG,EAAEf,QAAQ;IACbgB,KAAK,EAAEf,CAAC,CAACO,MAAM,CAAC,CAAC;IACjBS,KAAK,EAAEhB,CAAC,CAACO,MAAM,CAAC,CAAC;IACjBU,YAAY,EAAEjB,CAAC,CAACO,MAAM,CAAC,CAAC;IACxBW,aAAa,EAAElB,CAAC,CAACK,OAAO,CAAC,UAAU,CAAC;IACpCc,aAAa,EAAEnB,CAAC,CAACK,OAAO,CAAC,iBAAiB,CAAC;IAC3Ce,SAAS,EAAEpB,CAAC,CAACO,MAAM,CAAC,CAAC;IACrBc,gBAAgB,EAAErB,CAAC,CAACK,OAAO,CAAC,WAAW,CAAC;IACxCiB,KAAK,EAAEtB,CAAC,CAACO,MAAM,CAAC;EAClB,CAAC;AACH,CAAC,CAAC;;AAEF;;AAEA,OAAO,MAAMgB,qBAAqB,GAAGvB,CAAC,CAACE,MAAM,CAAC;EAC5CC,MAAM,EAAEH,CAAC,CAACE,MAAM,CAAC;IACfE,GAAG,EAAEJ,CAAC,CAACK,OAAO,CAAC,sBAAsB,CAAC;IACtCC,GAAG,EAAEN,CAAC,CAACO,MAAM,CAAC,CAAC;IACfC,GAAG,EAAER,CAAC,CAACO,MAAM,CAAC;EAChB,CAAC,CAAC;EACFI,OAAO,EAAEX,CAAC,CAACE,MAAM,CAAC;IAChBY,GAAG,EAAEf,QAAQ;IACbc,GAAG,EAAEd,QAAQ;IACba,GAAG,EAAEZ,CAAC,CAACO,MAAM,CAAC,CAAC;IACfiB,GAAG,EAAExB,CAAC,CAACO,MAAM,CAAC,CAAC;IACfkB,IAAI,EAAEzB,CAAC,CAACE,MAAM,CAAC;MACbwB,IAAI,EAAE1B,CAAC,CAACU,KAAK,CAACZ,GAAG;IACnB,CAAC,CAAC;IACF6B,QAAQ,EAAE3B,CAAC,CAACE,MAAM,CAAC;MACjB0B,oBAAoB,EAAE5B,CAAC,CAACE,MAAM,CAAC;QAC7B2B,gBAAgB,EAAE7B,CAAC,CAACO,MAAM,CAAC,CAAC;QAC5Ba,SAAS,EAAEpB,CAAC,CAACO,MAAM,CAAC,CAAC;QACrBuB,WAAW,EAAE9B,CAAC,CAACO,MAAM,CAAC,CAAC;QACvBkB,IAAI,EAAEzB,CAAC,CAACE,MAAM,CAAC;UACbwB,IAAI,EAAE1B,CAAC,CAACU,KAAK,CAACZ,GAAG;QACnB,CAAC,CAAC;QACFiC,QAAQ,EAAE/B,CAAC,CAACU,KAAK,CAACV,CAAC,CAACO,MAAM,CAAC,CAAC;MAC9B,CAAC,CAAC;MACFyB,iBAAiB,EAAEhC,CAAC,CAACE,MAAM,CAAC;QAC1B+B,iBAAiB,EAAEjC,CAAC,CAACO,MAAM,CAAC,CAAC;QAC7B2B,YAAY,EAAElC,CAAC,CAACO,MAAM,CAAC,CAAC;QACxB4B,UAAU,EAAEnC,CAAC,CAACO,MAAM,CAAC,CAAC;QACtB6B,QAAQ,EAAEpC,CAAC,CAACO,MAAM,CAAC,CAAC;QACpBwB,QAAQ,EAAE/B,CAAC,CAACU,KAAK,CAACV,CAAC,CAACO,MAAM,CAAC,CAAC;MAC9B,CAAC;IACH,CAAC,CAAC;IACF8B,eAAe,EAAErC,CAAC,CAACU,KAAK,CAACV,CAAC,CAACO,MAAM,CAAC,CAAC;EACrC,CAAC;AACH,CAAC,CAAC"}
@@ -17,7 +17,7 @@ export const SdJwt4VC = z.object({
17
17
  header: z.object({
18
18
  typ: z.literal("vc+sd-jwt"),
19
19
  alg: z.string(),
20
- kid: z.string(),
20
+ kid: z.string().optional(),
21
21
  trust_chain: z.array(z.string())
22
22
  }),
23
23
  payload: z.object({
@@ -1 +1 @@
1
- {"version":3,"names":["JWK","z","UnixTime","number","min","max","ObfuscatedDisclosures","object","_sd","array","string","Disclosure","tuple","unknown","SdJwt4VC","header","typ","literal","alg","kid","trust_chain","payload","iss","sub","jti","iat","exp","status","cnf","jwk","type","verified_claims","verification","intersection","trust_framework","assurance_level","claims","_sd_alg"],"sourceRoot":"../../../src","sources":["sd-jwt/types.ts"],"mappings":"AAAA,SAASA,GAAG,QAAQ,cAAc;AAClC,SAASC,CAAC,QAAQ,KAAK;AAEvB,OAAO,MAAMC,QAAQ,GAAGD,CAAC,CAACE,MAAM,CAAC,CAAC,CAACC,GAAG,CAAC,CAAC,CAAC,CAACC,GAAG,CAAC,aAAa,CAAC;AAI5D,OAAO,MAAMC,qBAAqB,GAAGL,CAAC,CAACM,MAAM,CAAC;EAAEC,GAAG,EAAEP,CAAC,CAACQ,KAAK,CAACR,CAAC,CAACS,MAAM,CAAC,CAAC;AAAE,CAAC,CAAC;;AAE3E;AACA;AACA;AACA;AACA;AACA;;AAEA,OAAO,MAAMC,UAAU,GAAGV,CAAC,CAACW,KAAK,CAAC,CAChC,UAAWX,CAAC,CAACS,MAAM,CAAC,CAAC,EACrB,gBAAiBT,CAAC,CAACS,MAAM,CAAC,CAAC,EAC3B,iBAAkBT,CAAC,CAACY,OAAO,CAAC,CAAC,CAC9B,CAAC;AAGF,OAAO,MAAMC,QAAQ,GAAGb,CAAC,CAACM,MAAM,CAAC;EAC/BQ,MAAM,EAAEd,CAAC,CAACM,MAAM,CAAC;IACfS,GAAG,EAAEf,CAAC,CAACgB,OAAO,CAAC,WAAW,CAAC;IAC3BC,GAAG,EAAEjB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfS,GAAG,EAAElB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfU,WAAW,EAAEnB,CAAC,CAACQ,KAAK,CAACR,CAAC,CAACS,MAAM,CAAC,CAAC;EACjC,CAAC,CAAC;EACFW,OAAO,EAAEpB,CAAC,CAACM,MAAM,CAAC;IAChBe,GAAG,EAAErB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfa,GAAG,EAAEtB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfc,GAAG,EAAEvB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfe,GAAG,EAAEvB,QAAQ;IACbwB,GAAG,EAAExB,QAAQ;IACbyB,MAAM,EAAE1B,CAAC,CAACS,MAAM,CAAC,CAAC;IAClBkB,GAAG,EAAE3B,CAAC,CAACM,MAAM,CAAC;MACZsB,GAAG,EAAE7B;IACP,CAAC,CAAC;IACF8B,IAAI,EAAE7B,CAAC,CAACgB,OAAO,CAAC,0BAA0B,CAAC;IAC3Cc,eAAe,EAAE9B,CAAC,CAACM,MAAM,CAAC;MACxByB,YAAY,EAAE/B,CAAC,CAACgC,YAAY,CAC1BhC,CAAC,CAACM,MAAM,CAAC;QACP2B,eAAe,EAAEjC,CAAC,CAACgB,OAAO,CAAC,OAAO,CAAC;QACnCkB,eAAe,EAAElC,CAAC,CAACS,MAAM,CAAC;MAC5B,CAAC,CAAC,EACFJ,qBACF,CAAC;MACD8B,MAAM,EAAE9B;IACV,CAAC,CAAC;IACF+B,OAAO,EAAEpC,CAAC,CAACgB,OAAO,CAAC,SAAS;EAC9B,CAAC;AACH,CAAC,CAAC"}
1
+ {"version":3,"names":["JWK","z","UnixTime","number","min","max","ObfuscatedDisclosures","object","_sd","array","string","Disclosure","tuple","unknown","SdJwt4VC","header","typ","literal","alg","kid","optional","trust_chain","payload","iss","sub","jti","iat","exp","status","cnf","jwk","type","verified_claims","verification","intersection","trust_framework","assurance_level","claims","_sd_alg"],"sourceRoot":"../../../src","sources":["sd-jwt/types.ts"],"mappings":"AAAA,SAASA,GAAG,QAAQ,cAAc;AAClC,SAASC,CAAC,QAAQ,KAAK;AAEvB,OAAO,MAAMC,QAAQ,GAAGD,CAAC,CAACE,MAAM,CAAC,CAAC,CAACC,GAAG,CAAC,CAAC,CAAC,CAACC,GAAG,CAAC,aAAa,CAAC;AAI5D,OAAO,MAAMC,qBAAqB,GAAGL,CAAC,CAACM,MAAM,CAAC;EAAEC,GAAG,EAAEP,CAAC,CAACQ,KAAK,CAACR,CAAC,CAACS,MAAM,CAAC,CAAC;AAAE,CAAC,CAAC;;AAE3E;AACA;AACA;AACA;AACA;AACA;;AAEA,OAAO,MAAMC,UAAU,GAAGV,CAAC,CAACW,KAAK,CAAC,CAChC,UAAWX,CAAC,CAACS,MAAM,CAAC,CAAC,EACrB,gBAAiBT,CAAC,CAACS,MAAM,CAAC,CAAC,EAC3B,iBAAkBT,CAAC,CAACY,OAAO,CAAC,CAAC,CAC9B,CAAC;AAGF,OAAO,MAAMC,QAAQ,GAAGb,CAAC,CAACM,MAAM,CAAC;EAC/BQ,MAAM,EAAEd,CAAC,CAACM,MAAM,CAAC;IACfS,GAAG,EAAEf,CAAC,CAACgB,OAAO,CAAC,WAAW,CAAC;IAC3BC,GAAG,EAAEjB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfS,GAAG,EAAElB,CAAC,CAACS,MAAM,CAAC,CAAC,CAACU,QAAQ,CAAC,CAAC;IAC1BC,WAAW,EAAEpB,CAAC,CAACQ,KAAK,CAACR,CAAC,CAACS,MAAM,CAAC,CAAC;EACjC,CAAC,CAAC;EACFY,OAAO,EAAErB,CAAC,CAACM,MAAM,CAAC;IAChBgB,GAAG,EAAEtB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfc,GAAG,EAAEvB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfe,GAAG,EAAExB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfgB,GAAG,EAAExB,QAAQ;IACbyB,GAAG,EAAEzB,QAAQ;IACb0B,MAAM,EAAE3B,CAAC,CAACS,MAAM,CAAC,CAAC;IAClBmB,GAAG,EAAE5B,CAAC,CAACM,MAAM,CAAC;MACZuB,GAAG,EAAE9B;IACP,CAAC,CAAC;IACF+B,IAAI,EAAE9B,CAAC,CAACgB,OAAO,CAAC,0BAA0B,CAAC;IAC3Ce,eAAe,EAAE/B,CAAC,CAACM,MAAM,CAAC;MACxB0B,YAAY,EAAEhC,CAAC,CAACiC,YAAY,CAC1BjC,CAAC,CAACM,MAAM,CAAC;QACP4B,eAAe,EAAElC,CAAC,CAACgB,OAAO,CAAC,OAAO,CAAC;QACnCmB,eAAe,EAAEnC,CAAC,CAACS,MAAM,CAAC;MAC5B,CAAC,CAAC,EACFJ,qBACF,CAAC;MACD+B,MAAM,EAAE/B;IACV,CAAC,CAAC;IACFgC,OAAO,EAAErC,CAAC,CAACgB,OAAO,CAAC,SAAS;EAC9B,CAAC;AACH,CAAC,CAAC"}