@pagopa/io-react-native-wallet 0.1.0 → 0.2.0

package/lib/commonjs/utils/errors.js

@@ -3,7 +3,7 @@
 Object.defineProperty(exports, "__esModule", {
   value: true
 });
-exports.WalletInstanceAttestationIssuingError = exports.ValidationFailed = exports.IoWalletError = void 0;
+exports.WalletInstanceAttestationIssuingError = exports.ValidationFailed = exports.PidIssuingError = exports.IoWalletError = exports.AuthRequestDecodeError = void 0;
 /**
  * A generic Error that all other io-wallet specific Error subclasses extend.
  *
@@ -78,5 +78,53 @@ class WalletInstanceAttestationIssuingError extends IoWalletError {
     this.reason = reason;
   }
 }
+
+/**
+ * An error subclass thrown when auth request decode fail
+ *
+ */
 exports.WalletInstanceAttestationIssuingError = WalletInstanceAttestationIssuingError;
+class AuthRequestDecodeError extends IoWalletError {
+  static get code() {
+    return "ERR_IO_WALLET_AUTHENTICATION_REQUEST_DECODE_FAILED";
+  }
+  code = "ERR_IO_WALLET_AUTHENTICATION_REQUEST_DECODE_FAILED";
+
+  /** The Claim for which the validation failed. */
+
+  /** Reason code for the validation failure. */
+
+  constructor(message) {
+    let claim = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : "unspecified";
+    let reason = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : "unspecified";
+    super(message);
+    this.claim = claim;
+    this.reason = reason;
+  }
+}
+
+/**
+ * An error subclass thrown when validation fail
+ *
+ */
+exports.AuthRequestDecodeError = AuthRequestDecodeError;
+class PidIssuingError extends IoWalletError {
+  static get code() {
+    return "ERR_IO_WALLET_PID_ISSUING_FAILED";
+  }
+  code = "ERR_IO_WALLET_PID_ISSUING_FAILED";
+
+  /** The Claim for which the validation failed. */
+
+  /** Reason code for the validation failure. */
+
+  constructor(message) {
+    let claim = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : "unspecified";
+    let reason = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : "unspecified";
+    super(message);
+    this.claim = claim;
+    this.reason = reason;
+  }
+}
+exports.PidIssuingError = PidIssuingError;
 //# sourceMappingURL=errors.js.map

package/lib/commonjs/utils/errors.js.map

@@ -1 +1 @@
-{"version":3,"names":["IoWalletError","Error","code","constructor","message","_Error$captureStackTr","name","captureStackTrace","call","exports","ValidationFailed","claim","arguments","length","undefined","reason","WalletInstanceAttestationIssuingError"],"sourceRoot":"../../../src","sources":["utils/errors.ts"],"mappings":";;;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMA,aAAa,SAASC,KAAK,CAAC;EACvC;EACA,WAAWC,IAAIA,CAAA,EAAW;IACxB,OAAO,uBAAuB;EAChC;;EAEA;EACAA,IAAI,GAAW,uBAAuB;EAEtCC,WAAWA,CAACC,OAAgB,EAAE;IAAA,IAAAC,qBAAA;IAC5B,KAAK,CAACD,OAAO,CAAC;IACd,IAAI,CAACE,IAAI,GAAG,IAAI,CAACH,WAAW,CAACG,IAAI;IACjC;IACA,CAAAD,qBAAA,GAAAJ,KAAK,CAACM,iBAAiB,cAAAF,qBAAA,uBAAvBA,qBAAA,CAAAG,IAAA,CAAAP,KAAK,EAAqB,IAAI,EAAE,IAAI,CAACE,WAAW,CAAC;EACnD;AACF;AACA;AACA;AACA;AACA;AAHAM,OAAA,CAAAT,aAAA,GAAAA,aAAA;AAIO,MAAMU,gBAAgB,SAASV,aAAa,CAAC;EAClD,WAAWE,IAAIA,CAAA,EAAsC;IACnD,OAAO,iCAAiC;EAC1C;EAEAA,IAAI,GAAG,iCAAiC;;EAExC;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CO,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACR,OAAO,CAAC;IACd,IAAI,CAACO,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AAHAN,OAAA,CAAAC,gBAAA,GAAAA,gBAAA;AAIO,MAAMM,qCAAqC,SAAShB,aAAa,CAAC;EACvE,WAAWE,IAAIA,CAAA,EAAwD;IACrE,OAAO,mDAAmD;EAC5D;EAEAA,IAAI,GAAG,mDAAmD;;EAE1D;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CO,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACR,OAAO,CAAC;IACd,IAAI,CAACO,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;AAACN,OAAA,CAAAO,qCAAA,GAAAA,qCAAA"}
+{"version":3,"names":["IoWalletError","Error","code","constructor","message","_Error$captureStackTr","name","captureStackTrace","call","exports","ValidationFailed","claim","arguments","length","undefined","reason","WalletInstanceAttestationIssuingError","AuthRequestDecodeError","PidIssuingError"],"sourceRoot":"../../../src","sources":["utils/errors.ts"],"mappings":";;;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMA,aAAa,SAASC,KAAK,CAAC;EACvC;EACA,WAAWC,IAAIA,CAAA,EAAW;IACxB,OAAO,uBAAuB;EAChC;;EAEA;EACAA,IAAI,GAAW,uBAAuB;EAEtCC,WAAWA,CAACC,OAAgB,EAAE;IAAA,IAAAC,qBAAA;IAC5B,KAAK,CAACD,OAAO,CAAC;IACd,IAAI,CAACE,IAAI,GAAG,IAAI,CAACH,WAAW,CAACG,IAAI;IACjC;IACA,CAAAD,qBAAA,GAAAJ,KAAK,CAACM,iBAAiB,cAAAF,qBAAA,uBAAvBA,qBAAA,CAAAG,IAAA,CAAAP,KAAK,EAAqB,IAAI,EAAE,IAAI,CAACE,WAAW,CAAC;EACnD;AACF;AACA;AACA;AACA;AACA;AAHAM,OAAA,CAAAT,aAAA,GAAAA,aAAA;AAIO,MAAMU,gBAAgB,SAASV,aAAa,CAAC;EAClD,WAAWE,IAAIA,CAAA,EAAsC;IACnD,OAAO,iCAAiC;EAC1C;EAEAA,IAAI,GAAG,iCAAiC;;EAExC;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CO,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACR,OAAO,CAAC;IACd,IAAI,CAACO,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AAHAN,OAAA,CAAAC,gBAAA,GAAAA,gBAAA;AAIO,MAAMM,qCAAqC,SAAShB,aAAa,CAAC;EACvE,WAAWE,IAAIA,CAAA,EAAwD;IACrE,OAAO,mDAAmD;EAC5D;EAEAA,IAAI,GAAG,mDAAmD;;EAE1D;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CO,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACR,OAAO,CAAC;IACd,IAAI,CAACO,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AAHAN,OAAA,CAAAO,qCAAA,GAAAA,qCAAA;AAIO,MAAMC,sBAAsB,SAASjB,aAAa,CAAC;EACxD,WAAWE,IAAIA,CAAA,EAAyD;IACtE,OAAO,oDAAoD;EAC7D;EAEAA,IAAI,GAAG,oDAAoD;;EAE3D;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CO,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACR,OAAO,CAAC;IACd,IAAI,CAACO,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AAHAN,OAAA,CAAAQ,sBAAA,GAAAA,sBAAA;AAIO,MAAMC,eAAe,SAASlB,aAAa,CAAC;EACjD,WAAWE,IAAIA,CAAA,EAAuC;IACpD,OAAO,kCAAkC;EAC3C;EAEAA,IAAI,GAAG,kCAAkC;;EAEzC;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CO,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACR,OAAO,CAAC;IACd,IAAI,CAACO,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;AAACN,OAAA,CAAAS,eAAA,GAAAA,eAAA"}

package/lib/commonjs/wallet-instance-attestation/issuing.js

@@ -12,7 +12,9 @@ var _errors = require("../utils/errors");
 function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
 class Issuing {
   constructor(walletProviderBaseUrl) {
+    let appFetch = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : fetch;
     this.walletProviderBaseUrl = walletProviderBaseUrl;
+    this.appFetch = appFetch;
   }
 
   /**
@@ -57,15 +59,11 @@ class Issuing {
    * @param attestationRequest Wallet Instance Attestaion Request
    * obtained with {@link getAttestationRequestToSign}
    * @param signature Signature of the Wallet Instance Attestaion Request
-   * @param appFetch Optional object with fetch function to use
    *
    * @returns {string} Wallet Instance Attestation
    *
    */
   async getAttestation(attestationRequest, signature) {
-    let appFetch = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : {
-      fetch
-    };
     const signedAttestationRequest = await _ioReactNativeJwt.SignJWT.appendSignature(attestationRequest, signature);
     const decodedRequest = (0, _ioReactNativeJwt.decode)(signedAttestationRequest);
     const parsedRequest = _types.WalletInstanceAttestationRequestJwt.parse({
@@ -79,7 +77,7 @@ class Issuing {
       grant_type: "urn:ietf:params:oauth:client-assertion-type:jwt-key-attestation",
       assertion: signedAttestationRequest
     };
-    const response = await appFetch.fetch(tokenUrl, {
+    const response = await this.appFetch(tokenUrl, {
       method: "POST",
       headers: {
         "Content-Type": "application/json"

package/lib/commonjs/wallet-instance-attestation/issuing.js.map

@@ -1 +1 @@
-{"version":3,"names":["_ioReactNativeJwt","require","_jwk","_types","_reactNativeUuid","_interopRequireDefault","_errors","obj","__esModule","default","Issuing","constructor","walletProviderBaseUrl","getAttestationRequestToSign","jwk","parsedJwk","JWK","parse","keyThumbprint","thumbprint","publicKey","kid","walletInstanceAttestationRequest","SignJWT","iss","sub","jti","uuid","v4","type","cnf","setProtectedHeader","alg","typ","setIssuedAt","setExpirationTime","toSign","getAttestation","attestationRequest","signature","appFetch","arguments","length","undefined","fetch","signedAttestationRequest","appendSignature","decodedRequest","decodeJwt","parsedRequest","WalletInstanceAttestationRequestJwt","payload","header","protectedHeader","verifyJwt","tokenUrl","URL","href","requestBody","grant_type","assertion","response","method","headers","body","JSON","stringify","status","text","WalletInstanceAttestationIssuingError","exports"],"sourceRoot":"../../../src","sources":["wallet-instance-attestation/issuing.ts"],"mappings":";;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AAGA,IAAAC,IAAA,GAAAD,OAAA;AACA,IAAAE,MAAA,GAAAF,OAAA;AACA,IAAAG,gBAAA,GAAAC,sBAAA,CAAAJ,OAAA;AACA,IAAAK,OAAA,GAAAL,OAAA;AAAwE,SAAAI,uBAAAE,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAEjE,MAAMG,OAAO,CAAC;EAGnBC,WAAWA,CAACC,qBAA6B,EAAE;IACzC,IAAI,CAACA,qBAAqB,GAAGA,qBAAqB;EACpD;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMC,2BAA2BA,CAACC,GAAQ,EAAmB;IAC3D,MAAMC,SAAS,GAAGC,QAAG,CAACC,KAAK,CAACH,GAAG,CAAC;IAChC,MAAMI,aAAa,GAAG,MAAM,IAAAC,4BAAU,EAACJ,SAAS,CAAC;IACjD,MAAMK,SAAS,GAAG;MAAE,GAAGL,SAAS;MAAEM,GAAG,EAAEH;IAAc,CAAC;IAEtD,MAAMI,gCAAgC,GAAG,IAAIC,yBAAO,CAAC;MACnDC,GAAG,EAAEN,aAAa;MAClBO,GAAG,EAAE,IAAI,CAACb,qBAAqB;MAC/Bc,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;MACnBC,IAAI,EAAE,kCAAkC;MACxCC,GAAG,EAAE;QACHhB,GAAG,EAAEM;MACP;IACF,CAAC,CAAC,CACCW,kBAAkB,CAAC;MAClBC,GAAG,EAAE,OAAO;MACZX,GAAG,EAAED,SAAS,CAACC,GAAG;MAClBY,GAAG,EAAE;IACP,CAAC,CAAC,CACDC,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,MAAM,CAAC,CAAC;IAEX,OAAOd,gCAAgC;EACzC;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMe,cAAcA,CAClBC,kBAA0B,EAC1BC,SAAiB,EAEA;IAAA,IADjBC,QAAqB,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG;MAAEG;IAAM,CAAC;IAEjC,MAAMC,wBAAwB,GAAG,MAAMtB,yBAAO,CAACuB,eAAe,CAC5DR,kBAAkB,EAClBC,SACF,CAAC;IACD,MAAMQ,cAAc,GAAG,IAAAC,wBAAS,EAACH,wBAAwB,CAAC;IAC1D,MAAMI,aAAa,GAAGC,0CAAmC,CAACjC,KAAK,CAAC;MAC9DkC,OAAO,EAAEJ,cAAc,CAACI,OAAO;MAC/BC,MAAM,EAAEL,cAAc,CAACM;IACzB,CAAC,CAAC;IACF,MAAMjC,SAAS,GAAG6B,aAAa,CAACE,OAAO,CAACrB,GAAG,CAAChB,GAAG;IAE/C,MAAM,IAAAwC,wBAAS,EAACT,wBAAwB,EAAEzB,SAAS,CAAC;IAEpD,MAAMmC,QAAQ,GAAG,IAAIC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC5C,qBAAqB,CAAC,CAAC6C,IAAI;IAClE,MAAMC,WAAW,GAAG;MAClBC,UAAU,EACR,iEAAiE;MACnEC,SAAS,EAAEf;IACb,CAAC;IACD,MAAMgB,QAAQ,GAAG,MAAMrB,QAAQ,CAACI,KAAK,CAACW,QAAQ,EAAE;MAC9CO,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE;MAClB,CAAC;MACDC,IAAI,EAAEC,IAAI,CAACC,SAAS,CAACR,WAAW;IAClC,CAAC,CAAC;IAEF,IAAIG,QAAQ,CAACM,MAAM,KAAK,GAAG,EAAE;MAC3B,OAAO,MAAMN,QAAQ,CAACO,IAAI,CAAC,CAAC;IAC9B;IAEA,MAAM,IAAIC,6CAAqC,CAC7C,mEAAmE,EAClE,kBAAiBR,QAAQ,CAACM,MAAO,EACpC,CAAC;EACH;AACF;AAACG,OAAA,CAAA5D,OAAA,GAAAA,OAAA"}
+{"version":3,"names":["_ioReactNativeJwt","require","_jwk","_types","_reactNativeUuid","_interopRequireDefault","_errors","obj","__esModule","default","Issuing","constructor","walletProviderBaseUrl","appFetch","arguments","length","undefined","fetch","getAttestationRequestToSign","jwk","parsedJwk","JWK","parse","keyThumbprint","thumbprint","publicKey","kid","walletInstanceAttestationRequest","SignJWT","iss","sub","jti","uuid","v4","type","cnf","setProtectedHeader","alg","typ","setIssuedAt","setExpirationTime","toSign","getAttestation","attestationRequest","signature","signedAttestationRequest","appendSignature","decodedRequest","decodeJwt","parsedRequest","WalletInstanceAttestationRequestJwt","payload","header","protectedHeader","verifyJwt","tokenUrl","URL","href","requestBody","grant_type","assertion","response","method","headers","body","JSON","stringify","status","text","WalletInstanceAttestationIssuingError","exports"],"sourceRoot":"../../../src","sources":["wallet-instance-attestation/issuing.ts"],"mappings":";;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AAGA,IAAAC,IAAA,GAAAD,OAAA;AACA,IAAAE,MAAA,GAAAF,OAAA;AACA,IAAAG,gBAAA,GAAAC,sBAAA,CAAAJ,OAAA;AACA,IAAAK,OAAA,GAAAL,OAAA;AAAwE,SAAAI,uBAAAE,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAEjE,MAAMG,OAAO,CAAC;EAGnBC,WAAWA,CACTC,qBAA6B,EAE7B;IAAA,IADAC,QAA8B,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAGG,KAAK;IAEtC,IAAI,CAACL,qBAAqB,GAAGA,qBAAqB;IAClD,IAAI,CAACC,QAAQ,GAAGA,QAAQ;EAC1B;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMK,2BAA2BA,CAACC,GAAQ,EAAmB;IAC3D,MAAMC,SAAS,GAAGC,QAAG,CAACC,KAAK,CAACH,GAAG,CAAC;IAChC,MAAMI,aAAa,GAAG,MAAM,IAAAC,4BAAU,EAACJ,SAAS,CAAC;IACjD,MAAMK,SAAS,GAAG;MAAE,GAAGL,SAAS;MAAEM,GAAG,EAAEH;IAAc,CAAC;IAEtD,MAAMI,gCAAgC,GAAG,IAAIC,yBAAO,CAAC;MACnDC,GAAG,EAAEN,aAAa;MAClBO,GAAG,EAAE,IAAI,CAAClB,qBAAqB;MAC/BmB,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;MACnBC,IAAI,EAAE,kCAAkC;MACxCC,GAAG,EAAE;QACHhB,GAAG,EAAEM;MACP;IACF,CAAC,CAAC,CACCW,kBAAkB,CAAC;MAClBC,GAAG,EAAE,OAAO;MACZX,GAAG,EAAED,SAAS,CAACC,GAAG;MAClBY,GAAG,EAAE;IACP,CAAC,CAAC,CACDC,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,MAAM,CAAC,CAAC;IAEX,OAAOd,gCAAgC;EACzC;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMe,cAAcA,CAClBC,kBAA0B,EAC1BC,SAAiB,EACA;IACjB,MAAMC,wBAAwB,GAAG,MAAMjB,yBAAO,CAACkB,eAAe,CAC5DH,kBAAkB,EAClBC,SACF,CAAC;IACD,MAAMG,cAAc,GAAG,IAAAC,wBAAS,EAACH,wBAAwB,CAAC;IAC1D,MAAMI,aAAa,GAAGC,0CAAmC,CAAC5B,KAAK,CAAC;MAC9D6B,OAAO,EAAEJ,cAAc,CAACI,OAAO;MAC/BC,MAAM,EAAEL,cAAc,CAACM;IACzB,CAAC,CAAC;IACF,MAAM5B,SAAS,GAAGwB,aAAa,CAACE,OAAO,CAAChB,GAAG,CAAChB,GAAG;IAE/C,MAAM,IAAAmC,wBAAS,EAACT,wBAAwB,EAAEpB,SAAS,CAAC;IAEpD,MAAM8B,QAAQ,GAAG,IAAIC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC5C,qBAAqB,CAAC,CAAC6C,IAAI;IAClE,MAAMC,WAAW,GAAG;MAClBC,UAAU,EACR,iEAAiE;MACnEC,SAAS,EAAEf;IACb,CAAC;IACD,MAAMgB,QAAQ,GAAG,MAAM,IAAI,CAAChD,QAAQ,CAAC0C,QAAQ,EAAE;MAC7CO,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE;MAClB,CAAC;MACDC,IAAI,EAAEC,IAAI,CAACC,SAAS,CAACR,WAAW;IAClC,CAAC,CAAC;IAEF,IAAIG,QAAQ,CAACM,MAAM,KAAK,GAAG,EAAE;MAC3B,OAAO,MAAMN,QAAQ,CAACO,IAAI,CAAC,CAAC;IAC9B;IAEA,MAAM,IAAIC,6CAAqC,CAC7C,mEAAmE,EAClE,kBAAiBR,QAAQ,CAACM,MAAO,EACpC,CAAC;EACH;AACF;AAACG,OAAA,CAAA5D,OAAA,GAAAA,OAAA"}

package/lib/module/index.js

@@ -1,7 +1,7 @@
 import * as PID from "./pid";
+import * as RP from "./rp";
+import * as Errors from "./utils/errors";
 import * as WalletInstanceAttestation from "./wallet-instance-attestation";
-export function multiply(a, b) {
-  return Promise.resolve(a * b);
-}
-export { PID, WalletInstanceAttestation };
+import { getUnsignedDPop } from "./utils/dpop";
+export { PID, RP, WalletInstanceAttestation, Errors, getUnsignedDPop };
 //# sourceMappingURL=index.js.map

package/lib/module/index.js.map

@@ -1 +1 @@
-{"version":3,"names":["PID","WalletInstanceAttestation","multiply","a","b","Promise","resolve"],"sourceRoot":"../../src","sources":["index.ts"],"mappings":"AAAA,OAAO,KAAKA,GAAG,MAAM,OAAO;AAC5B,OAAO,KAAKC,yBAAyB,MAAM,+BAA+B;AAE1E,OAAO,SAASC,QAAQA,CAACC,CAAS,EAAEC,CAAS,EAAmB;EAC9D,OAAOC,OAAO,CAACC,OAAO,CAACH,CAAC,GAAGC,CAAC,CAAC;AAC/B;AAEA,SAASJ,GAAG,EAAEC,yBAAyB"}
+{"version":3,"names":["PID","RP","Errors","WalletInstanceAttestation","getUnsignedDPop"],"sourceRoot":"../../src","sources":["index.ts"],"mappings":"AAAA,OAAO,KAAKA,GAAG,MAAM,OAAO;AAC5B,OAAO,KAAKC,EAAE,MAAM,MAAM;AAC1B,OAAO,KAAKC,MAAM,MAAM,gBAAgB;AACxC,OAAO,KAAKC,yBAAyB,MAAM,+BAA+B;AAC1E,SAASC,eAAe,QAAQ,cAAc;AAE9C,SAASJ,GAAG,EAAEC,EAAE,EAAEE,yBAAyB,EAAED,MAAM,EAAEE,eAAe"}

package/lib/module/pid/index.js

@@ -1,3 +1,4 @@
 import * as SdJwt from "./sd-jwt";
-export { SdJwt };
+import { Issuing } from "./issuing";
+export { SdJwt, Issuing };
 //# sourceMappingURL=index.js.map

package/lib/module/pid/index.js.map

@@ -1 +1 @@
-{"version":3,"names":["SdJwt"],"sourceRoot":"../../../src","sources":["pid/index.ts"],"mappings":"AAAA,OAAO,KAAKA,KAAK,MAAM,UAAU;AACjC,SAASA,KAAK"}
+{"version":3,"names":["SdJwt","Issuing"],"sourceRoot":"../../../src","sources":["pid/index.ts"],"mappings":"AAAA,OAAO,KAAKA,KAAK,MAAM,UAAU;AACjC,SAASC,OAAO,QAAQ,WAAW;AACnC,SAASD,KAAK,EAAEC,OAAO"}

package/lib/module/pid/issuing.js

@@ -0,0 +1,225 @@
+import { decode as decodeJwt, sha256ToBase64 } from "@pagopa/io-react-native-jwt";
+import { SignJWT, thumbprint } from "@pagopa/io-react-native-jwt";
+import { JWK } from "../utils/jwk";
+import uuid from "react-native-uuid";
+import { PidIssuingError } from "../utils/errors";
+import { getUnsignedDPop } from "../utils/dpop";
+import { sign, generate, deleteKey } from "@pagopa/io-react-native-crypto";
+
+// This is a temporary type that will be used for demo purposes only
+
+export class Issuing {
+  constructor(pidProviderBaseUrl, walletProviderBaseUrl, walletInstanceAttestation, clientId) {
+    let appFetch = arguments.length > 4 && arguments[4] !== undefined ? arguments[4] : fetch;
+    this.pidProviderBaseUrl = pidProviderBaseUrl;
+    this.walletProviderBaseUrl = walletProviderBaseUrl;
+    this.state = `${uuid.v4()}`;
+    this.codeVerifier = `${uuid.v4()}`;
+    this.authorizationCode = `${uuid.v4()}`;
+    this.walletInstanceAttestation = walletInstanceAttestation;
+    this.clientId = clientId;
+    this.appFetch = appFetch;
+  }
+
+  /**
+   * Return the unsigned jwt to call the PAR request.
+   *
+   * @function
+   * @param jwk The wallet instance attestation public JWK
+   *
+   * @returns Unsigned jwt
+   *
+   */
+  async getUnsignedJwtForPar(jwk) {
+    const parsedJwk = JWK.parse(jwk);
+    const keyThumbprint = await thumbprint(parsedJwk);
+    const publicKey = {
+      ...parsedJwk,
+      kid: keyThumbprint
+    };
+    const codeChallenge = await sha256ToBase64(this.codeVerifier);
+    const unsignedJwtForPar = new SignJWT({
+      client_assertion_type: "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
+      authorization_details: [{
+        credentialDefinition: {
+          type: ["eu.eudiw.pid.it"]
+        },
+        format: "vc+sd-jwt",
+        type: "type"
+      }],
+      response_type: "code",
+      code_challenge_method: "s256",
+      redirect_uri: this.walletProviderBaseUrl,
+      state: this.state,
+      client_id: this.clientId,
+      code_challenge: codeChallenge
+    }).setProtectedHeader({
+      alg: "ES256",
+      kid: publicKey.kid
+    }).setIssuedAt().setExpirationTime("1h").toSign();
+    return unsignedJwtForPar;
+  }
+
+  /**
+   * Make a PAR request to the PID issuer and return the response url
+   *
+   * @function
+   * @param unsignedJwtForPar The unsigned JWT for PAR
+   * @param signature The JWT for PAR signature
+   *
+   * @returns Unsigned PAR url
+   *
+   */
+  async getPar(unsignedJwtForPar, signature) {
+    const codeChallenge = await sha256ToBase64(this.codeVerifier);
+    const signedJwtForPar = await SignJWT.appendSignature(unsignedJwtForPar, signature);
+    const parUrl = new URL("/as/par", this.pidProviderBaseUrl).href;
+    const requestBody = {
+      response_type: "code",
+      client_id: this.clientId,
+      code_challenge: codeChallenge,
+      code_challenge_method: "S256",
+      client_assertion_type: "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
+      client_assertion: this.walletInstanceAttestation,
+      request: signedJwtForPar
+    };
+    var formBody = new URLSearchParams(requestBody);
+    const response = await this.appFetch(parUrl, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/x-www-form-urlencoded"
+      },
+      body: formBody.toString()
+    });
+    if (response.status === 201) {
+      const result = await response.json();
+      return result.request_uri;
+    }
+    throw new PidIssuingError(`Unable to obtain PAR. Response code: ${await response.text()}`);
+  }
+
+  /**
+   * Return the unsigned jwt for a generic DPoP
+   *
+   * @function
+   * @param jwk the public key for which the DPoP is to be created
+   *
+   * @returns Unsigned JWT for DPoP
+   *
+   */
+  async getUnsignedDPoP(jwk) {
+    const tokenUrl = new URL("/token", this.pidProviderBaseUrl).href;
+    const dPop = getUnsignedDPop(jwk, {
+      htm: "POST",
+      htu: tokenUrl,
+      jti: `${uuid.v4()}`
+    });
+    return dPop;
+  }
+
+  /**
+   * Make an auth token request to the PID issuer
+   *
+   * @function
+   * @returns a token response
+   *
+   */
+  async getAuthToken() {
+    //Generate fresh keys for DPoP
+    const dPopKeyTag = `${uuid.v4()}`;
+    const dPopKey = await generate(dPopKeyTag);
+    const unsignedDPopForToken = await this.getUnsignedDPoP(dPopKey);
+    const dPopTokenSignature = await sign(unsignedDPopForToken, dPopKeyTag);
+    await deleteKey(dPopKeyTag);
+    const signedDPop = await SignJWT.appendSignature(unsignedDPopForToken, dPopTokenSignature);
+    const decodedJwtDPop = decodeJwt(signedDPop);
+    const tokenUrl = decodedJwtDPop.payload.htu;
+    const requestBody = {
+      grant_type: "authorization code",
+      client_id: this.clientId,
+      code: this.authorizationCode,
+      code_verifier: this.codeVerifier,
+      client_assertion_type: "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
+      client_assertion: this.walletInstanceAttestation,
+      redirect_uri: this.walletProviderBaseUrl
+    };
+    var formBody = new URLSearchParams(requestBody);
+    const response = await this.appFetch(tokenUrl, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/x-www-form-urlencoded",
+        DPoP: signedDPop
+      },
+      body: formBody.toString()
+    });
+    if (response.status === 200) {
+      return await response.json();
+    }
+    throw new PidIssuingError(`Unable to obtain token. Response code: ${await response.text()}`);
+  }
+
+  /**
+   * Return the unsigned jwt for nonce proof of possession
+   *
+   * @function
+   * @param nonce the nonce
+   *
+   * @returns Unsigned JWT for nonce proof
+   *
+   */
+  async getUnsignedNonceProof(nonce) {
+    const unsignedProof = new SignJWT({
+      nonce
+    }).setProtectedHeader({
+      alg: "ES256",
+      type: "openid4vci-proof+jwt"
+    }).setAudience(this.walletProviderBaseUrl).setIssuer(this.clientId).setIssuedAt().setExpirationTime("1h").toSign();
+    return unsignedProof;
+  }
+
+  /**
+   * Make the credential issuing request to the PID issuer
+   *
+   * @function
+   * @param unsignedDPopForPid The unsigned JWT for PID DPoP
+   * @param dPopPidSignature The JWT for PID DPoP signature
+   * @param unsignedNonceProof The unsigned JWT for nonce proof
+   * @param nonceProofSignature The JWT for nonce proof signature
+   * @param accessToken The access token obtained with getAuthToken
+   * @param cieData Personal data read by the CIE
+   *
+   * @returns a credential
+   *
+   */
+  async getCredential(unsignedDPopForPid, dPopPidSignature, unsignedNonceProof, nonceProofSignature, accessToken, cieData) {
+    const signedDPopForPid = await SignJWT.appendSignature(unsignedDPopForPid, dPopPidSignature);
+    const signedNonceProof = await SignJWT.appendSignature(unsignedNonceProof, nonceProofSignature);
+    const credentialUrl = new URL("/credential", this.pidProviderBaseUrl).href;
+    const requestBody = {
+      credential_definition: JSON.stringify({
+        type: ["eu.eudiw.pid.it"]
+      }),
+      format: "vc+sd-jwt",
+      proof: JSON.stringify({
+        jwt: signedNonceProof,
+        cieData,
+        proof_type: "jwt"
+      })
+    };
+    const formBody = new URLSearchParams(requestBody);
+    const response = await this.appFetch(credentialUrl, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/x-www-form-urlencoded",
+        DPoP: signedDPopForPid,
+        Authorization: accessToken
+      },
+      body: formBody.toString()
+    });
+    if (response.status === 200) {
+      return await response.json();
+    }
+    throw new PidIssuingError(`Unable to obtain credential!`);
+  }
+}
+//# sourceMappingURL=issuing.js.map

package/lib/module/pid/issuing.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["decode","decodeJwt","sha256ToBase64","SignJWT","thumbprint","JWK","uuid","PidIssuingError","getUnsignedDPop","sign","generate","deleteKey","Issuing","constructor","pidProviderBaseUrl","walletProviderBaseUrl","walletInstanceAttestation","clientId","appFetch","arguments","length","undefined","fetch","state","v4","codeVerifier","authorizationCode","getUnsignedJwtForPar","jwk","parsedJwk","parse","keyThumbprint","publicKey","kid","codeChallenge","unsignedJwtForPar","client_assertion_type","authorization_details","credentialDefinition","type","format","response_type","code_challenge_method","redirect_uri","client_id","code_challenge","setProtectedHeader","alg","setIssuedAt","setExpirationTime","toSign","getPar","signature","signedJwtForPar","appendSignature","parUrl","URL","href","requestBody","client_assertion","request","formBody","URLSearchParams","response","method","headers","body","toString","status","result","json","request_uri","text","getUnsignedDPoP","tokenUrl","dPop","htm","htu","jti","getAuthToken","dPopKeyTag","dPopKey","unsignedDPopForToken","dPopTokenSignature","signedDPop","decodedJwtDPop","payload","grant_type","code","code_verifier","DPoP","getUnsignedNonceProof","nonce","unsignedProof","setAudience","setIssuer","getCredential","unsignedDPopForPid","dPopPidSignature","unsignedNonceProof","nonceProofSignature","accessToken","cieData","signedDPopForPid","signedNonceProof","credentialUrl","credential_definition","JSON","stringify","proof","jwt","proof_type","Authorization"],"sourceRoot":"../../../src","sources":["pid/issuing.ts"],"mappings":"AAAA,SACEA,MAAM,IAAIC,SAAS,EACnBC,cAAc,QACT,6BAA6B;AAEpC,SAASC,OAAO,EAAEC,UAAU,QAAQ,6BAA6B;AACjE,SAASC,GAAG,QAAQ,cAAc;AAClC,OAAOC,IAAI,MAAM,mBAAmB;AACpC,SAASC,eAAe,QAAQ,iBAAiB;AACjD,SAASC,eAAe,QAAQ,eAAe;AAC/C,SAASC,IAAI,EAAEC,QAAQ,EAAEC,SAAS,QAAQ,gCAAgC;;AAE1E;;AAgBA,OAAO,MAAMC,OAAO,CAAC;EAUnBC,WAAWA,CACTC,kBAA0B,EAC1BC,qBAA6B,EAC7BC,yBAAiC,EACjCC,QAAgB,EAEhB;IAAA,IADAC,QAA8B,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAGG,KAAK;IAEtC,IAAI,CAACR,kBAAkB,GAAGA,kBAAkB;IAC5C,IAAI,CAACC,qBAAqB,GAAGA,qBAAqB;IAClD,IAAI,CAACQ,KAAK,GAAI,GAAEjB,IAAI,CAACkB,EAAE,CAAC,CAAE,EAAC;IAC3B,IAAI,CAACC,YAAY,GAAI,GAAEnB,IAAI,CAACkB,EAAE,CAAC,CAAE,EAAC;IAClC,IAAI,CAACE,iBAAiB,GAAI,GAAEpB,IAAI,CAACkB,EAAE,CAAC,CAAE,EAAC;IACvC,IAAI,CAACR,yBAAyB,GAAGA,yBAAyB;IAC1D,IAAI,CAACC,QAAQ,GAAGA,QAAQ;IACxB,IAAI,CAACC,QAAQ,GAAGA,QAAQ;EAC1B;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMS,oBAAoBA,CAACC,GAAQ,EAAmB;IACpD,MAAMC,SAAS,GAAGxB,GAAG,CAACyB,KAAK,CAACF,GAAG,CAAC;IAChC,MAAMG,aAAa,GAAG,MAAM3B,UAAU,CAACyB,SAAS,CAAC;IACjD,MAAMG,SAAS,GAAG;MAAE,GAAGH,SAAS;MAAEI,GAAG,EAAEF;IAAc,CAAC;IACtD,MAAMG,aAAa,GAAG,MAAMhC,cAAc,CAAC,IAAI,CAACuB,YAAY,CAAC;IAE7D,MAAMU,iBAAiB,GAAG,IAAIhC,OAAO,CAAC;MACpCiC,qBAAqB,EACnB,wDAAwD;MAC1DC,qBAAqB,EAAE,CACrB;QACEC,oBAAoB,EAAE;UACpBC,IAAI,EAAE,CAAC,iBAAiB;QAC1B,CAAC;QACDC,MAAM,EAAE,WAAW;QACnBD,IAAI,EAAE;MACR,CAAC,CACF;MACDE,aAAa,EAAE,MAAM;MACrBC,qBAAqB,EAAE,MAAM;MAC7BC,YAAY,EAAE,IAAI,CAAC5B,qBAAqB;MACxCQ,KAAK,EAAE,IAAI,CAACA,KAAK;MACjBqB,SAAS,EAAE,IAAI,CAAC3B,QAAQ;MACxB4B,cAAc,EAAEX;IAClB,CAAC,CAAC,CACCY,kBAAkB,CAAC;MAClBC,GAAG,EAAE,OAAO;MACZd,GAAG,EAAED,SAAS,CAACC;IACjB,CAAC,CAAC,CACDe,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,MAAM,CAAC,CAAC;IAEX,OAAOf,iBAAiB;EAC1B;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMgB,MAAMA,CAAChB,iBAAyB,EAAEiB,SAAiB,EAAmB;IAC1E,MAAMlB,aAAa,GAAG,MAAMhC,cAAc,CAAC,IAAI,CAACuB,YAAY,CAAC;IAC7D,MAAM4B,eAAe,GAAG,MAAMlD,OAAO,CAACmD,eAAe,CACnDnB,iBAAiB,EACjBiB,SACF,CAAC;IAED,MAAMG,MAAM,GAAG,IAAIC,GAAG,CAAC,SAAS,EAAE,IAAI,CAAC1C,kBAAkB,CAAC,CAAC2C,IAAI;IAE/D,MAAMC,WAAW,GAAG;MAClBjB,aAAa,EAAE,MAAM;MACrBG,SAAS,EAAE,IAAI,CAAC3B,QAAQ;MACxB4B,cAAc,EAAEX,aAAa;MAC7BQ,qBAAqB,EAAE,MAAM;MAC7BN,qBAAqB,EACnB,wDAAwD;MAC1DuB,gBAAgB,EAAE,IAAI,CAAC3C,yBAAyB;MAChD4C,OAAO,EAAEP;IACX,CAAC;IAED,IAAIQ,QAAQ,GAAG,IAAIC,eAAe,CAACJ,WAAW,CAAC;IAE/C,MAAMK,QAAQ,GAAG,MAAM,IAAI,CAAC7C,QAAQ,CAACqC,MAAM,EAAE;MAC3CS,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE;MAClB,CAAC;MACDC,IAAI,EAAEL,QAAQ,CAACM,QAAQ,CAAC;IAC1B,CAAC,CAAC;IAEF,IAAIJ,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAMC,MAAM,GAAG,MAAMN,QAAQ,CAACO,IAAI,CAAC,CAAC;MACpC,OAAOD,MAAM,CAACE,WAAW;IAC3B;IAEA,MAAM,IAAIhE,eAAe,CACtB,wCAAuC,MAAMwD,QAAQ,CAACS,IAAI,CAAC,CAAE,EAChE,CAAC;EACH;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMC,eAAeA,CAAC7C,GAAQ,EAAmB;IAC/C,MAAM8C,QAAQ,GAAG,IAAIlB,GAAG,CAAC,QAAQ,EAAE,IAAI,CAAC1C,kBAAkB,CAAC,CAAC2C,IAAI;IAChE,MAAMkB,IAAI,GAAGnE,eAAe,CAACoB,GAAG,EAAE;MAChCgD,GAAG,EAAE,MAAM;MACXC,GAAG,EAAEH,QAAQ;MACbI,GAAG,EAAG,GAAExE,IAAI,CAACkB,EAAE,CAAC,CAAE;IACpB,CAAC,CAAC;IACF,OAAOmD,IAAI;EACb;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;EACE,MAAMI,YAAYA,CAAA,EAA2B;IAC3C;IACA,MAAMC,UAAU,GAAI,GAAE1E,IAAI,CAACkB,EAAE,CAAC,CAAE,EAAC;IACjC,MAAMyD,OAAO,GAAG,MAAMvE,QAAQ,CAACsE,UAAU,CAAC;IAC1C,MAAME,oBAAoB,GAAG,MAAM,IAAI,CAACT,eAAe,CAACQ,OAAO,CAAC;IAChE,MAAME,kBAAkB,GAAG,MAAM1E,IAAI,CAACyE,oBAAoB,EAAEF,UAAU,CAAC;IACvE,MAAMrE,SAAS,CAACqE,UAAU,CAAC;IAE3B,MAAMI,UAAU,GAAG,MAAMjF,OAAO,CAACmD,eAAe,CAC9C4B,oBAAoB,EACpBC,kBACF,CAAC;IACD,MAAME,cAAc,GAAGpF,SAAS,CAACmF,UAAU,CAAC;IAC5C,MAAMV,QAAQ,GAAGW,cAAc,CAACC,OAAO,CAACT,GAAa;IACrD,MAAMnB,WAAW,GAAG;MAClB6B,UAAU,EAAE,oBAAoB;MAChC3C,SAAS,EAAE,IAAI,CAAC3B,QAAQ;MACxBuE,IAAI,EAAE,IAAI,CAAC9D,iBAAiB;MAC5B+D,aAAa,EAAE,IAAI,CAAChE,YAAY;MAChCW,qBAAqB,EACnB,wDAAwD;MAC1DuB,gBAAgB,EAAE,IAAI,CAAC3C,yBAAyB;MAChD2B,YAAY,EAAE,IAAI,CAAC5B;IACrB,CAAC;IACD,IAAI8C,QAAQ,GAAG,IAAIC,eAAe,CAACJ,WAAW,CAAC;IAE/C,MAAMK,QAAQ,GAAG,MAAM,IAAI,CAAC7C,QAAQ,CAACwD,QAAQ,EAAE;MAC7CV,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE,mCAAmC;QACnDyB,IAAI,EAAEN;MACR,CAAC;MACDlB,IAAI,EAAEL,QAAQ,CAACM,QAAQ,CAAC;IAC1B,CAAC,CAAC;IAEF,IAAIJ,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,OAAO,MAAML,QAAQ,CAACO,IAAI,CAAC,CAAC;IAC9B;IAEA,MAAM,IAAI/D,eAAe,CACtB,0CAAyC,MAAMwD,QAAQ,CAACS,IAAI,CAAC,CAAE,EAClE,CAAC;EACH;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMmB,qBAAqBA,CAACC,KAAa,EAAmB;IAC1D,MAAMC,aAAa,GAAG,IAAI1F,OAAO,CAAC;MAChCyF;IACF,CAAC,CAAC,CACC9C,kBAAkB,CAAC;MAClBC,GAAG,EAAE,OAAO;MACZR,IAAI,EAAE;IACR,CAAC,CAAC,CACDuD,WAAW,CAAC,IAAI,CAAC/E,qBAAqB,CAAC,CACvCgF,SAAS,CAAC,IAAI,CAAC9E,QAAQ,CAAC,CACxB+B,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,MAAM,CAAC,CAAC;IACX,OAAO2C,aAAa;EACtB;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMG,aAAaA,CACjBC,kBAA0B,EAC1BC,gBAAwB,EACxBC,kBAA0B,EAC1BC,mBAA2B,EAC3BC,WAAmB,EACnBC,OAAgB,EACM;IACtB,MAAMC,gBAAgB,GAAG,MAAMpG,OAAO,CAACmD,eAAe,CACpD2C,kBAAkB,EAClBC,gBACF,CAAC;IACD,MAAMM,gBAAgB,GAAG,MAAMrG,OAAO,CAACmD,eAAe,CACpD6C,kBAAkB,EAClBC,mBACF,CAAC;IACD,MAAMK,aAAa,GAAG,IAAIjD,GAAG,CAAC,aAAa,EAAE,IAAI,CAAC1C,kBAAkB,CAAC,CAAC2C,IAAI;IAE1E,MAAMC,WAAW,GAAG;MAClBgD,qBAAqB,EAAEC,IAAI,CAACC,SAAS,CAAC;QAAErE,IAAI,EAAE,CAAC,iBAAiB;MAAE,CAAC,CAAC;MACpEC,MAAM,EAAE,WAAW;MACnBqE,KAAK,EAAEF,IAAI,CAACC,SAAS,CAAC;QACpBE,GAAG,EAAEN,gBAAgB;QACrBF,OAAO;QACPS,UAAU,EAAE;MACd,CAAC;IACH,CAAC;IACD,MAAMlD,QAAQ,GAAG,IAAIC,eAAe,CAACJ,WAAW,CAAC;IAEjD,MAAMK,QAAQ,GAAG,MAAM,IAAI,CAAC7C,QAAQ,CAACuF,aAAa,EAAE;MAClDzC,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE,mCAAmC;QACnDyB,IAAI,EAAEa,gBAAgB;QACtBS,aAAa,EAAEX;MACjB,CAAC;MACDnC,IAAI,EAAEL,QAAQ,CAACM,QAAQ,CAAC;IAC1B,CAAC,CAAC;IAEF,IAAIJ,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,OAAO,MAAML,QAAQ,CAACO,IAAI,CAAC,CAAC;IAC9B;IAEA,MAAM,IAAI/D,eAAe,CAAE,8BAA6B,CAAC;EAC3D;AACF"}

package/lib/module/rp/__test__/index.test.js

@@ -0,0 +1,16 @@
+import { RelyingPartySolution } from "..";
+import { AuthRequestDecodeError } from "../../utils/errors";
+const walletInstanceAttestation = "eyJhbGciOiJFUzI1NiIsImtpZCI6IjV0NVlZcEJoTi1FZ0lFRUk1aVV6cjZyME1SMDJMblZRME9tZWttTktjalkiLCJ0cnVzdF9jaGFpbiI6WyJleUpoYkdjaU9pSkZVei4uLjZTMEEiLCJleUpoYkdjaU9pSkZVei4uLmpKTEEiLCJleUpoYkdjaU9pSkZVei4uLkg5Z3ciXSwidHlwIjoidmErand0IiwieDVjIjpbIk1JSUJqRENDIC4uLiBYRmVoZ0tRQT09Il19.eyJpc3MiOiJodHRwczovL3dhbGxldC1wcm92aWRlci5leGFtcGxlLm9yZyIsInN1YiI6InZiZVhKa3NNNDV4cGh0QU5uQ2lHNm1DeXVVNGpmR056b3BHdUt2b2dnOWMiLCJ0eXBlIjoiV2FsbGV0SW5zdGFuY2VBdHRlc3RhdGlvbiIsInBvbGljeV91cmkiOiJodHRwczovL3dhbGxldC1wcm92aWRlci5leGFtcGxlLm9yZy9wcml2YWN5X3BvbGljeSIsInRvc191cmkiOiJodHRwczovL3dhbGxldC1wcm92aWRlci5leGFtcGxlLm9yZy9pbmZvX3BvbGljeSIsImxvZ29fdXJpIjoiaHR0cHM6Ly93YWxsZXQtcHJvdmlkZXIuZXhhbXBsZS5vcmcvbG9nby5zdmciLCJhc2MiOiJodHRwczovL3dhbGxldC1wcm92aWRlci5leGFtcGxlLm9yZy9Mb0EvYmFzaWMiLCJjbmYiOnsiandrIjp7ImNydiI6IlAtMjU2Iiwia3R5IjoiRUMiLCJ4IjoiNEhOcHRJLXhyMnBqeVJKS0dNbno0V21kblFEX3VKU3E0Ujk1Tmo5OGI0NCIsInkiOiJMSVpuU0IzOXZGSmhZZ1MzazdqWEU0cjMtQ29HRlF3WnRQQklScXBObHJnIiwia2lkIjoidmJlWEprc000NXhwaHRBTm5DaUc2bUN5dVU0amZHTnpvcEd1S3ZvZ2c5YyJ9fSwiYXV0aG9yaXphdGlvbl9lbmRwb2ludCI6ImV1ZGl3OiIsInJlc3BvbnNlX3R5cGVzX3N1cHBvcnRlZCI6WyJ2cF90b2tlbiJdLCJ2cF9mb3JtYXRzX3N1cHBvcnRlZCI6eyJqd3RfdnBfanNvbiI6eyJhbGdfdmFsdWVzX3N1cHBvcnRlZCI6WyJFUzI1NiJdfSwiand0X3ZjX2pzb24iOnsiYWxnX3ZhbHVlc19zdXBwb3J0ZWQiOlsiRVMyNTYiXX19LCJyZXF1ZXN0X29iamVjdF9zaWduaW5nX2FsZ192YWx1ZXNfc3VwcG9ydGVkIjpbIkVTMjU2Il0sInByZXNlbnRhdGlvbl9kZWZpbml0aW9uX3VyaV9zdXBwb3J0ZWQiOmZhbHNlLCJpYXQiOjE2ODcyODExOTUsImV4cCI6MTY4NzI4ODM5NX0.OTuPik6p3o9j6VOx-uCyxRvHwoh1pDiiZcBQFNQt2uE3dK-8izGNflJVETi_uhGSZOf25Enkq-UvEin9NrbJNw";
+const rp = new RelyingPartySolution("http://rp.example", walletInstanceAttestation);
+describe("decodeAuthRequestQR", () => {
+  it("should return authentication request URL", async () => {
+    const qrcode = "ZXVkaXc6Ly9hdXRob3JpemU/Y2xpZW50X2lkPWh0dHBzOi8vdmVyaWZpZXIuZXhhbXBsZS5vcmcmcmVxdWVzdF91cmk9aHR0cHM6Ly92ZXJpZmllci5leGFtcGxlLm9yZy9yZXF1ZXN0X3VyaQ==";
+    const result = rp.decodeAuthRequestQR(qrcode);
+    expect(result).toEqual("https://verifier.example.org/request_uri");
+  });
+  it("should throw exception with invalid QR", async () => {
+    const qrcode = "aHR0cDovL2dvb2dsZS5pdA==";
+    expect(() => rp.decodeAuthRequestQR(qrcode)).toThrowError(AuthRequestDecodeError);
+  });
+});
+//# sourceMappingURL=index.test.js.map

package/lib/module/rp/__test__/index.test.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["RelyingPartySolution","AuthRequestDecodeError","walletInstanceAttestation","rp","describe","it","qrcode","result","decodeAuthRequestQR","expect","toEqual","toThrowError"],"sourceRoot":"../../../../src","sources":["rp/__test__/index.test.ts"],"mappings":"AAAA,SAASA,oBAAoB,QAAQ,IAAI;AACzC,SAASC,sBAAsB,QAAQ,oBAAoB;AAE3D,MAAMC,yBAAyB,GAC7B,qhDAAqhD;AACvhD,MAAMC,EAAE,GAAG,IAAIH,oBAAoB,CACjC,mBAAmB,EACnBE,yBACF,CAAC;AACDE,QAAQ,CAAC,qBAAqB,EAAE,MAAM;EACpCC,EAAE,CAAC,0CAA0C,EAAE,YAAY;IACzD,MAAMC,MAAM,GACV,sJAAsJ;IACxJ,MAAMC,MAAM,GAAGJ,EAAE,CAACK,mBAAmB,CAACF,MAAM,CAAC;IAC7CG,MAAM,CAACF,MAAM,CAAC,CAACG,OAAO,CAAC,0CAA0C,CAAC;EACpE,CAAC,CAAC;EACFL,EAAE,CAAC,wCAAwC,EAAE,YAAY;IACvD,MAAMC,MAAM,GAAG,0BAA0B;IACzCG,MAAM,CAAC,MAAMN,EAAE,CAACK,mBAAmB,CAACF,MAAM,CAAC,CAAC,CAACK,YAAY,CACvDV,sBACF,CAAC;EACH,CAAC,CAAC;AACJ,CAAC,CAAC"}

package/lib/module/rp/index.js

@@ -0,0 +1,108 @@
+import { AuthRequestDecodeError, IoWalletError } from "../utils/errors";
+import { decode as decodeJwt, decodeBase64, sha256ToBase64, SignJWT } from "@pagopa/io-react-native-jwt";
+import { RequestObject, RpEntityConfiguration } from "./types";
+import uuid from "react-native-uuid";
+export class RelyingPartySolution {
+  constructor(relyingPartyBaseUrl, walletInstanceAttestation) {
+    let appFetch = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : fetch;
+    this.relyingPartyBaseUrl = relyingPartyBaseUrl;
+    this.walletInstanceAttestation = walletInstanceAttestation;
+    this.appFetch = appFetch;
+  }
+
+  /**
+   * Decode a QR code content to an authentication request url.
+   * @function
+   * @param qrcode QR code content
+   *
+   * @returns The authentication request url
+   *
+   */
+  decodeAuthRequestQR(qrcode) {
+    try {
+      const decoded = decodeBase64(qrcode);
+      const decodedUrl = new URL(decoded);
+      const requestUri = decodedUrl.searchParams.get("request_uri");
+      if (requestUri) {
+        return requestUri;
+      } else {
+        throw new AuthRequestDecodeError("Unable to obtain request_uri from QR code", `${decodedUrl}`);
+      }
+    } catch {
+      throw new AuthRequestDecodeError("Unable to decode QR code authentication request url", qrcode);
+    }
+  }
+  /**
+   * Obtain the unsigned wallet instance DPoP for authentication request
+   *
+   * @function
+   * @param walletInstanceAttestationJwk JWT of the Wallet Instance Attestation
+   * @param authRequestUrl authentication request url
+   *
+   * @returns The unsigned wallet instance DPoP
+   *
+   */
+  async getUnsignedWalletInstanceDPoP(walletInstanceAttestationJwk, authRequestUrl) {
+    return await new SignJWT({
+      jti: `${uuid.v4()}`,
+      htm: "GET",
+      htu: authRequestUrl,
+      ath: await sha256ToBase64(this.walletInstanceAttestation)
+    }).setProtectedHeader({
+      alg: "ES256",
+      jwk: walletInstanceAttestationJwk,
+      typ: "dpop+jwt"
+    }).setIssuedAt().setExpirationTime("1h").toSign();
+  }
+
+  /**
+   * Obtain the Request Object for RP authentication
+   *
+   * @function
+   * @param signedWalletInstanceDPoP JWT of the Wallet Instance Attestation DPoP
+   *
+   * @returns The Request Object JWT
+   *
+   */
+  async getRequestObject(signedWalletInstanceDPoP) {
+    const decodedJwtDPop = await decodeJwt(signedWalletInstanceDPoP);
+    const requestUri = decodedJwtDPop.payload.htu;
+    const response = await this.appFetch(requestUri, {
+      method: "GET",
+      headers: {
+        Authorization: `DPoP ${this.walletInstanceAttestation}`,
+        DPoP: signedWalletInstanceDPoP
+      }
+    });
+    if (response.status === 200) {
+      const responseText = await response.text();
+      const responseJwt = await decodeJwt(responseText);
+      const requestObj = RequestObject.parse({
+        header: responseJwt.protectedHeader,
+        payload: responseJwt.payload
+      });
+      return requestObj;
+    }
+    throw new IoWalletError(`Unable to obtain Request Object. Response code: ${response.status}`);
+  }
+
+  /**
+   * Obtain the relying party entity configuration.
+   */
+  async getEntityConfiguration() {
+    const wellKnownUrl = new URL("/.well-known/openid-federation", this.relyingPartyBaseUrl).href;
+    const response = await this.appFetch(wellKnownUrl, {
+      method: "GET"
+    });
+    if (response.status === 200) {
+      const responseText = await response.text();
+      const responseJwt = await decodeJwt(responseText);
+      return RpEntityConfiguration.parse({
+        header: responseJwt.protectedHeader,
+        payload: responseJwt.payload
+      });
+    }
+    throw new IoWalletError(`Unable to obtain RP Entity Configuration. Response code: ${response.status}`);
+  }
+}
+//# sourceMappingURL=index.js.map

package/lib/module/rp/index.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["AuthRequestDecodeError","IoWalletError","decode","decodeJwt","decodeBase64","sha256ToBase64","SignJWT","RequestObject","RpEntityConfiguration","uuid","RelyingPartySolution","constructor","relyingPartyBaseUrl","walletInstanceAttestation","appFetch","arguments","length","undefined","fetch","decodeAuthRequestQR","qrcode","decoded","decodedUrl","URL","requestUri","searchParams","get","getUnsignedWalletInstanceDPoP","walletInstanceAttestationJwk","authRequestUrl","jti","v4","htm","htu","ath","setProtectedHeader","alg","jwk","typ","setIssuedAt","setExpirationTime","toSign","getRequestObject","signedWalletInstanceDPoP","decodedJwtDPop","payload","response","method","headers","Authorization","DPoP","status","responseText","text","responseJwt","requestObj","parse","header","protectedHeader","getEntityConfiguration","wellKnownUrl","href"],"sourceRoot":"../../../src","sources":["rp/index.ts"],"mappings":"AAAA,SAASA,sBAAsB,EAAEC,aAAa,QAAQ,iBAAiB;AACvE,SACEC,MAAM,IAAIC,SAAS,EACnBC,YAAY,EACZC,cAAc,EACdC,OAAO,QACF,6BAA6B;AACpC,SAASC,aAAa,EAAEC,qBAAqB,QAAQ,SAAS;AAE9D,OAAOC,IAAI,MAAM,mBAAmB;AAGpC,OAAO,MAAMC,oBAAoB,CAAC;EAKhCC,WAAWA,CACTC,mBAA2B,EAC3BC,yBAAiC,EAEjC;IAAA,IADAC,QAA8B,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAGG,KAAK;IAEtC,IAAI,CAACN,mBAAmB,GAAGA,mBAAmB;IAC9C,IAAI,CAACC,yBAAyB,GAAGA,yBAAyB;IAC1D,IAAI,CAACC,QAAQ,GAAGA,QAAQ;EAC1B;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;EACEK,mBAAmBA,CAACC,MAAc,EAAU;IAC1C,IAAI;MACF,MAAMC,OAAO,GAAGjB,YAAY,CAACgB,MAAM,CAAC;MACpC,MAAME,UAAU,GAAG,IAAIC,GAAG,CAACF,OAAO,CAAC;MACnC,MAAMG,UAAU,GAAGF,UAAU,CAACG,YAAY,CAACC,GAAG,CAAC,aAAa,CAAC;MAC7D,IAAIF,UAAU,EAAE;QACd,OAAOA,UAAU;MACnB,CAAC,MAAM;QACL,MAAM,IAAIxB,sBAAsB,CAC9B,2CAA2C,EAC1C,GAAEsB,UAAW,EAChB,CAAC;MACH;IACF,CAAC,CAAC,MAAM;MACN,MAAM,IAAItB,sBAAsB,CAC9B,qDAAqD,EACrDoB,MACF,CAAC;IACH;EACF;EACA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMO,6BAA6BA,CACjCC,4BAAiC,EACjCC,cAAsB,EACL;IACjB,OAAO,MAAM,IAAIvB,OAAO,CAAC;MACvBwB,GAAG,EAAG,GAAErB,IAAI,CAACsB,EAAE,CAAC,CAAE,EAAC;MACnBC,GAAG,EAAE,KAAK;MACVC,GAAG,EAAEJ,cAAc;MACnBK,GAAG,EAAE,MAAM7B,cAAc,CAAC,IAAI,CAACQ,yBAAyB;IAC1D,CAAC,CAAC,CACCsB,kBAAkB,CAAC;MAClBC,GAAG,EAAE,OAAO;MACZC,GAAG,EAAET,4BAA4B;MACjCU,GAAG,EAAE;IACP,CAAC,CAAC,CACDC,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,MAAM,CAAC,CAAC;EACb;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMC,gBAAgBA,CACpBC,wBAAgC,EACR;IACxB,MAAMC,cAAc,GAAG,MAAMzC,SAAS,CAACwC,wBAAwB,CAAC;IAChE,MAAMnB,UAAU,GAAGoB,cAAc,CAACC,OAAO,CAACZ,GAAa;IAEvD,MAAMa,QAAQ,GAAG,MAAM,IAAI,CAAChC,QAAQ,CAACU,UAAU,EAAE;MAC/CuB,MAAM,EAAE,KAAK;MACbC,OAAO,EAAE;QACPC,aAAa,EAAG,QAAO,IAAI,CAACpC,yBAA0B,EAAC;QACvDqC,IAAI,EAAEP;MACR;IACF,CAAC,CAAC;IAEF,IAAIG,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAMC,YAAY,GAAG,MAAMN,QAAQ,CAACO,IAAI,CAAC,CAAC;MAC1C,MAAMC,WAAW,GAAG,MAAMnD,SAAS,CAACiD,YAAY,CAAC;MACjD,MAAMG,UAAU,GAAGhD,aAAa,CAACiD,KAAK,CAAC;QACrCC,MAAM,EAAEH,WAAW,CAACI,eAAe;QACnCb,OAAO,EAAES,WAAW,CAACT;MACvB,CAAC,CAAC;MACF,OAAOU,UAAU;IACnB;IAEA,MAAM,IAAItD,aAAa,CACpB,mDAAkD6C,QAAQ,CAACK,MAAO,EACrE,CAAC;EACH;;EAEA;AACF;AACA;EACE,MAAMQ,sBAAsBA,CAAA,EAAmC;IAC7D,MAAMC,YAAY,GAAG,IAAIrC,GAAG,CAC1B,gCAAgC,EAChC,IAAI,CAACX,mBACP,CAAC,CAACiD,IAAI;IAEN,MAAMf,QAAQ,GAAG,MAAM,IAAI,CAAChC,QAAQ,CAAC8C,YAAY,EAAE;MACjDb,MAAM,EAAE;IACV,CAAC,CAAC;IAEF,IAAID,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAMC,YAAY,GAAG,MAAMN,QAAQ,CAACO,IAAI,CAAC,CAAC;MAC1C,MAAMC,WAAW,GAAG,MAAMnD,SAAS,CAACiD,YAAY,CAAC;MACjD,OAAO5C,qBAAqB,CAACgD,KAAK,CAAC;QACjCC,MAAM,EAAEH,WAAW,CAACI,eAAe;QACnCb,OAAO,EAAES,WAAW,CAACT;MACvB,CAAC,CAAC;IACJ;IAEA,MAAM,IAAI5C,aAAa,CACpB,4DAA2D6C,QAAQ,CAACK,MAAO,EAC9E,CAAC;EACH;AACF"}

package/lib/module/rp/types.js

@@ -0,0 +1,63 @@
+import { JWK } from "../utils/jwk";
+import { UnixTime } from "../sd-jwt/types";
+import * as z from "zod";
+export const RequestObject = z.object({
+  header: z.object({
+    typ: z.literal("JWT"),
+    alg: z.string(),
+    kid: z.string(),
+    trust_chain: z.array(z.string())
+  }),
+  payload: z.object({
+    iss: z.string(),
+    iat: UnixTime,
+    exp: UnixTime,
+    state: z.string(),
+    nonce: z.string(),
+    response_uri: z.string(),
+    response_type: z.literal("vp_token"),
+    response_mode: z.literal("direct_post.jwt"),
+    client_id: z.string(),
+    client_id_scheme: z.literal("entity_id"),
+    scope: z.string()
+  })
+});
+
+// TODO: This types is WIP in technical rules
+
+export const RpEntityConfiguration = z.object({
+  header: z.object({
+    typ: z.literal("entity-statement+jwt"),
+    alg: z.string(),
+    kid: z.string()
+  }),
+  payload: z.object({
+    exp: UnixTime,
+    iat: UnixTime,
+    iss: z.string(),
+    sub: z.string(),
+    jwks: z.object({
+      keys: z.array(JWK)
+    }),
+    metadata: z.object({
+      wallet_relying_party: z.object({
+        application_type: z.string(),
+        client_id: z.string(),
+        client_name: z.string(),
+        jwks: z.object({
+          keys: z.array(JWK)
+        }),
+        contacts: z.array(z.string())
+      }),
+      federation_entity: z.object({
+        organization_name: z.string(),
+        homepage_uri: z.string(),
+        policy_uri: z.string(),
+        logo_uri: z.string(),
+        contacts: z.array(z.string())
+      })
+    }),
+    authority_hints: z.array(z.string())
+  })
+});
+//# sourceMappingURL=types.js.map

package/lib/module/rp/types.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["JWK","UnixTime","z","RequestObject","object","header","typ","literal","alg","string","kid","trust_chain","array","payload","iss","iat","exp","state","nonce","response_uri","response_type","response_mode","client_id","client_id_scheme","scope","RpEntityConfiguration","sub","jwks","keys","metadata","wallet_relying_party","application_type","client_name","contacts","federation_entity","organization_name","homepage_uri","policy_uri","logo_uri","authority_hints"],"sourceRoot":"../../../src","sources":["rp/types.ts"],"mappings":"AAAA,SAASA,GAAG,QAAQ,cAAc;AAClC,SAASC,QAAQ,QAAQ,iBAAiB;AAC1C,OAAO,KAAKC,CAAC,MAAM,KAAK;AAGxB,OAAO,MAAMC,aAAa,GAAGD,CAAC,CAACE,MAAM,CAAC;EACpCC,MAAM,EAAEH,CAAC,CAACE,MAAM,CAAC;IACfE,GAAG,EAAEJ,CAAC,CAACK,OAAO,CAAC,KAAK,CAAC;IACrBC,GAAG,EAAEN,CAAC,CAACO,MAAM,CAAC,CAAC;IACfC,GAAG,EAAER,CAAC,CAACO,MAAM,CAAC,CAAC;IACfE,WAAW,EAAET,CAAC,CAACU,KAAK,CAACV,CAAC,CAACO,MAAM,CAAC,CAAC;EACjC,CAAC,CAAC;EACFI,OAAO,EAAEX,CAAC,CAACE,MAAM,CAAC;IAChBU,GAAG,EAAEZ,CAAC,CAACO,MAAM,CAAC,CAAC;IACfM,GAAG,EAAEd,QAAQ;IACbe,GAAG,EAAEf,QAAQ;IACbgB,KAAK,EAAEf,CAAC,CAACO,MAAM,CAAC,CAAC;IACjBS,KAAK,EAAEhB,CAAC,CAACO,MAAM,CAAC,CAAC;IACjBU,YAAY,EAAEjB,CAAC,CAACO,MAAM,CAAC,CAAC;IACxBW,aAAa,EAAElB,CAAC,CAACK,OAAO,CAAC,UAAU,CAAC;IACpCc,aAAa,EAAEnB,CAAC,CAACK,OAAO,CAAC,iBAAiB,CAAC;IAC3Ce,SAAS,EAAEpB,CAAC,CAACO,MAAM,CAAC,CAAC;IACrBc,gBAAgB,EAAErB,CAAC,CAACK,OAAO,CAAC,WAAW,CAAC;IACxCiB,KAAK,EAAEtB,CAAC,CAACO,MAAM,CAAC;EAClB,CAAC;AACH,CAAC,CAAC;;AAEF;;AAEA,OAAO,MAAMgB,qBAAqB,GAAGvB,CAAC,CAACE,MAAM,CAAC;EAC5CC,MAAM,EAAEH,CAAC,CAACE,MAAM,CAAC;IACfE,GAAG,EAAEJ,CAAC,CAACK,OAAO,CAAC,sBAAsB,CAAC;IACtCC,GAAG,EAAEN,CAAC,CAACO,MAAM,CAAC,CAAC;IACfC,GAAG,EAAER,CAAC,CAACO,MAAM,CAAC;EAChB,CAAC,CAAC;EACFI,OAAO,EAAEX,CAAC,CAACE,MAAM,CAAC;IAChBY,GAAG,EAAEf,QAAQ;IACbc,GAAG,EAAEd,QAAQ;IACba,GAAG,EAAEZ,CAAC,CAACO,MAAM,CAAC,CAAC;IACfiB,GAAG,EAAExB,CAAC,CAACO,MAAM,CAAC,CAAC;IACfkB,IAAI,EAAEzB,CAAC,CAACE,MAAM,CAAC;MACbwB,IAAI,EAAE1B,CAAC,CAACU,KAAK,CAACZ,GAAG;IACnB,CAAC,CAAC;IACF6B,QAAQ,EAAE3B,CAAC,CAACE,MAAM,CAAC;MACjB0B,oBAAoB,EAAE5B,CAAC,CAACE,MAAM,CAAC;QAC7B2B,gBAAgB,EAAE7B,CAAC,CAACO,MAAM,CAAC,CAAC;QAC5Ba,SAAS,EAAEpB,CAAC,CAACO,MAAM,CAAC,CAAC;QACrBuB,WAAW,EAAE9B,CAAC,CAACO,MAAM,CAAC,CAAC;QACvBkB,IAAI,EAAEzB,CAAC,CAACE,MAAM,CAAC;UACbwB,IAAI,EAAE1B,CAAC,CAACU,KAAK,CAACZ,GAAG;QACnB,CAAC,CAAC;QACFiC,QAAQ,EAAE/B,CAAC,CAACU,KAAK,CAACV,CAAC,CAACO,MAAM,CAAC,CAAC;MAC9B,CAAC,CAAC;MACFyB,iBAAiB,EAAEhC,CAAC,CAACE,MAAM,CAAC;QAC1B+B,iBAAiB,EAAEjC,CAAC,CAACO,MAAM,CAAC,CAAC;QAC7B2B,YAAY,EAAElC,CAAC,CAACO,MAAM,CAAC,CAAC;QACxB4B,UAAU,EAAEnC,CAAC,CAACO,MAAM,CAAC,CAAC;QACtB6B,QAAQ,EAAEpC,CAAC,CAACO,MAAM,CAAC,CAAC;QACpBwB,QAAQ,EAAE/B,CAAC,CAACU,KAAK,CAACV,CAAC,CAACO,MAAM,CAAC,CAAC;MAC9B,CAAC;IACH,CAAC,CAAC;IACF8B,eAAe,EAAErC,CAAC,CAACU,KAAK,CAACV,CAAC,CAACO,MAAM,CAAC,CAAC;EACrC,CAAC;AACH,CAAC,CAAC"}

package/lib/module/sd-jwt/types.js

@@ -17,7 +17,7 @@ export const SdJwt4VC = z.object({
   header: z.object({
     typ: z.literal("vc+sd-jwt"),
     alg: z.string(),
-    kid: z.string(),
+    kid: z.string().optional(),
     trust_chain: z.array(z.string())
   }),
   payload: z.object({

package/lib/module/sd-jwt/types.js.map

@@ -1 +1 @@
-{"version":3,"names":["JWK","z","UnixTime","number","min","max","ObfuscatedDisclosures","object","_sd","array","string","Disclosure","tuple","unknown","SdJwt4VC","header","typ","literal","alg","kid","trust_chain","payload","iss","sub","jti","iat","exp","status","cnf","jwk","type","verified_claims","verification","intersection","trust_framework","assurance_level","claims","_sd_alg"],"sourceRoot":"../../../src","sources":["sd-jwt/types.ts"],"mappings":"AAAA,SAASA,GAAG,QAAQ,cAAc;AAClC,SAASC,CAAC,QAAQ,KAAK;AAEvB,OAAO,MAAMC,QAAQ,GAAGD,CAAC,CAACE,MAAM,CAAC,CAAC,CAACC,GAAG,CAAC,CAAC,CAAC,CAACC,GAAG,CAAC,aAAa,CAAC;AAI5D,OAAO,MAAMC,qBAAqB,GAAGL,CAAC,CAACM,MAAM,CAAC;EAAEC,GAAG,EAAEP,CAAC,CAACQ,KAAK,CAACR,CAAC,CAACS,MAAM,CAAC,CAAC;AAAE,CAAC,CAAC;;AAE3E;AACA;AACA;AACA;AACA;AACA;;AAEA,OAAO,MAAMC,UAAU,GAAGV,CAAC,CAACW,KAAK,CAAC,CAChC,UAAWX,CAAC,CAACS,MAAM,CAAC,CAAC,EACrB,gBAAiBT,CAAC,CAACS,MAAM,CAAC,CAAC,EAC3B,iBAAkBT,CAAC,CAACY,OAAO,CAAC,CAAC,CAC9B,CAAC;AAGF,OAAO,MAAMC,QAAQ,GAAGb,CAAC,CAACM,MAAM,CAAC;EAC/BQ,MAAM,EAAEd,CAAC,CAACM,MAAM,CAAC;IACfS,GAAG,EAAEf,CAAC,CAACgB,OAAO,CAAC,WAAW,CAAC;IAC3BC,GAAG,EAAEjB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfS,GAAG,EAAElB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfU,WAAW,EAAEnB,CAAC,CAACQ,KAAK,CAACR,CAAC,CAACS,MAAM,CAAC,CAAC;EACjC,CAAC,CAAC;EACFW,OAAO,EAAEpB,CAAC,CAACM,MAAM,CAAC;IAChBe,GAAG,EAAErB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfa,GAAG,EAAEtB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfc,GAAG,EAAEvB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfe,GAAG,EAAEvB,QAAQ;IACbwB,GAAG,EAAExB,QAAQ;IACbyB,MAAM,EAAE1B,CAAC,CAACS,MAAM,CAAC,CAAC;IAClBkB,GAAG,EAAE3B,CAAC,CAACM,MAAM,CAAC;MACZsB,GAAG,EAAE7B;IACP,CAAC,CAAC;IACF8B,IAAI,EAAE7B,CAAC,CAACgB,OAAO,CAAC,0BAA0B,CAAC;IAC3Cc,eAAe,EAAE9B,CAAC,CAACM,MAAM,CAAC;MACxByB,YAAY,EAAE/B,CAAC,CAACgC,YAAY,CAC1BhC,CAAC,CAACM,MAAM,CAAC;QACP2B,eAAe,EAAEjC,CAAC,CAACgB,OAAO,CAAC,OAAO,CAAC;QACnCkB,eAAe,EAAElC,CAAC,CAACS,MAAM,CAAC;MAC5B,CAAC,CAAC,EACFJ,qBACF,CAAC;MACD8B,MAAM,EAAE9B;IACV,CAAC,CAAC;IACF+B,OAAO,EAAEpC,CAAC,CAACgB,OAAO,CAAC,SAAS;EAC9B,CAAC;AACH,CAAC,CAAC"}
+{"version":3,"names":["JWK","z","UnixTime","number","min","max","ObfuscatedDisclosures","object","_sd","array","string","Disclosure","tuple","unknown","SdJwt4VC","header","typ","literal","alg","kid","optional","trust_chain","payload","iss","sub","jti","iat","exp","status","cnf","jwk","type","verified_claims","verification","intersection","trust_framework","assurance_level","claims","_sd_alg"],"sourceRoot":"../../../src","sources":["sd-jwt/types.ts"],"mappings":"AAAA,SAASA,GAAG,QAAQ,cAAc;AAClC,SAASC,CAAC,QAAQ,KAAK;AAEvB,OAAO,MAAMC,QAAQ,GAAGD,CAAC,CAACE,MAAM,CAAC,CAAC,CAACC,GAAG,CAAC,CAAC,CAAC,CAACC,GAAG,CAAC,aAAa,CAAC;AAI5D,OAAO,MAAMC,qBAAqB,GAAGL,CAAC,CAACM,MAAM,CAAC;EAAEC,GAAG,EAAEP,CAAC,CAACQ,KAAK,CAACR,CAAC,CAACS,MAAM,CAAC,CAAC;AAAE,CAAC,CAAC;;AAE3E;AACA;AACA;AACA;AACA;AACA;;AAEA,OAAO,MAAMC,UAAU,GAAGV,CAAC,CAACW,KAAK,CAAC,CAChC,UAAWX,CAAC,CAACS,MAAM,CAAC,CAAC,EACrB,gBAAiBT,CAAC,CAACS,MAAM,CAAC,CAAC,EAC3B,iBAAkBT,CAAC,CAACY,OAAO,CAAC,CAAC,CAC9B,CAAC;AAGF,OAAO,MAAMC,QAAQ,GAAGb,CAAC,CAACM,MAAM,CAAC;EAC/BQ,MAAM,EAAEd,CAAC,CAACM,MAAM,CAAC;IACfS,GAAG,EAAEf,CAAC,CAACgB,OAAO,CAAC,WAAW,CAAC;IAC3BC,GAAG,EAAEjB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfS,GAAG,EAAElB,CAAC,CAACS,MAAM,CAAC,CAAC,CAACU,QAAQ,CAAC,CAAC;IAC1BC,WAAW,EAAEpB,CAAC,CAACQ,KAAK,CAACR,CAAC,CAACS,MAAM,CAAC,CAAC;EACjC,CAAC,CAAC;EACFY,OAAO,EAAErB,CAAC,CAACM,MAAM,CAAC;IAChBgB,GAAG,EAAEtB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfc,GAAG,EAAEvB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfe,GAAG,EAAExB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfgB,GAAG,EAAExB,QAAQ;IACbyB,GAAG,EAAEzB,QAAQ;IACb0B,MAAM,EAAE3B,CAAC,CAACS,MAAM,CAAC,CAAC;IAClBmB,GAAG,EAAE5B,CAAC,CAACM,MAAM,CAAC;MACZuB,GAAG,EAAE9B;IACP,CAAC,CAAC;IACF+B,IAAI,EAAE9B,CAAC,CAACgB,OAAO,CAAC,0BAA0B,CAAC;IAC3Ce,eAAe,EAAE/B,CAAC,CAACM,MAAM,CAAC;MACxB0B,YAAY,EAAEhC,CAAC,CAACiC,YAAY,CAC1BjC,CAAC,CAACM,MAAM,CAAC;QACP4B,eAAe,EAAElC,CAAC,CAACgB,OAAO,CAAC,OAAO,CAAC;QACnCmB,eAAe,EAAEnC,CAAC,CAACS,MAAM,CAAC;MAC5B,CAAC,CAAC,EACFJ,qBACF,CAAC;MACD+B,MAAM,EAAE/B;IACV,CAAC,CAAC;IACFgC,OAAO,EAAErC,CAAC,CAACgB,OAAO,CAAC,SAAS;EAC9B,CAAC;AACH,CAAC,CAAC"}