@pagopa/io-react-native-wallet 0.1.0

package/lib/commonjs/utils/errors.js

@@ -0,0 +1,82 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.WalletInstanceAttestationIssuingError = exports.ValidationFailed = exports.IoWalletError = void 0;
+/**
+ * A generic Error that all other io-wallet specific Error subclasses extend.
+ *
+ * @example Checking thrown error is a io-wallet one
+ *
+ * ```js
+ * if (err instanceof errors.IoWalletError) {
+ *   // ...
+ * }
+ * ```
+ */
+class IoWalletError extends Error {
+  /** A unique error code for the particular error subclass. */
+  static get code() {
+    return "ERR_IO_WALLET_GENERIC";
+  }
+
+  /** A unique error code for the particular error subclass. */
+  code = "ERR_IO_WALLET_GENERIC";
+  constructor(message) {
+    var _Error$captureStackTr;
+    super(message);
+    this.name = this.constructor.name;
+    // @ts-ignore
+    (_Error$captureStackTr = Error.captureStackTrace) === null || _Error$captureStackTr === void 0 ? void 0 : _Error$captureStackTr.call(Error, this, this.constructor);
+  }
+}
+/**
+ * An error subclass thrown when validation fail
+ *
+ */
+exports.IoWalletError = IoWalletError;
+class ValidationFailed extends IoWalletError {
+  static get code() {
+    return "ERR_IO_WALLET_VALIDATION_FAILED";
+  }
+  code = "ERR_IO_WALLET_VALIDATION_FAILED";
+
+  /** The Claim for which the validation failed. */
+
+  /** Reason code for the validation failure. */
+
+  constructor(message) {
+    let claim = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : "unspecified";
+    let reason = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : "unspecified";
+    super(message);
+    this.claim = claim;
+    this.reason = reason;
+  }
+}
+
+/**
+ * An error subclass thrown when validation fail
+ *
+ */
+exports.ValidationFailed = ValidationFailed;
+class WalletInstanceAttestationIssuingError extends IoWalletError {
+  static get code() {
+    return "ERR_IO_WALLET_INSTANCE_ATTESTATION_ISSUING_FAILED";
+  }
+  code = "ERR_IO_WALLET_INSTANCE_ATTESTATION_ISSUING_FAILED";
+
+  /** The Claim for which the validation failed. */
+
+  /** Reason code for the validation failure. */
+
+  constructor(message) {
+    let claim = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : "unspecified";
+    let reason = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : "unspecified";
+    super(message);
+    this.claim = claim;
+    this.reason = reason;
+  }
+}
+exports.WalletInstanceAttestationIssuingError = WalletInstanceAttestationIssuingError;
+//# sourceMappingURL=errors.js.map

package/lib/commonjs/utils/errors.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["IoWalletError","Error","code","constructor","message","_Error$captureStackTr","name","captureStackTrace","call","exports","ValidationFailed","claim","arguments","length","undefined","reason","WalletInstanceAttestationIssuingError"],"sourceRoot":"../../../src","sources":["utils/errors.ts"],"mappings":";;;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMA,aAAa,SAASC,KAAK,CAAC;EACvC;EACA,WAAWC,IAAIA,CAAA,EAAW;IACxB,OAAO,uBAAuB;EAChC;;EAEA;EACAA,IAAI,GAAW,uBAAuB;EAEtCC,WAAWA,CAACC,OAAgB,EAAE;IAAA,IAAAC,qBAAA;IAC5B,KAAK,CAACD,OAAO,CAAC;IACd,IAAI,CAACE,IAAI,GAAG,IAAI,CAACH,WAAW,CAACG,IAAI;IACjC;IACA,CAAAD,qBAAA,GAAAJ,KAAK,CAACM,iBAAiB,cAAAF,qBAAA,uBAAvBA,qBAAA,CAAAG,IAAA,CAAAP,KAAK,EAAqB,IAAI,EAAE,IAAI,CAACE,WAAW,CAAC;EACnD;AACF;AACA;AACA;AACA;AACA;AAHAM,OAAA,CAAAT,aAAA,GAAAA,aAAA;AAIO,MAAMU,gBAAgB,SAASV,aAAa,CAAC;EAClD,WAAWE,IAAIA,CAAA,EAAsC;IACnD,OAAO,iCAAiC;EAC1C;EAEAA,IAAI,GAAG,iCAAiC;;EAExC;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CO,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACR,OAAO,CAAC;IACd,IAAI,CAACO,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AAHAN,OAAA,CAAAC,gBAAA,GAAAA,gBAAA;AAIO,MAAMM,qCAAqC,SAAShB,aAAa,CAAC;EACvE,WAAWE,IAAIA,CAAA,EAAwD;IACrE,OAAO,mDAAmD;EAC5D;EAEAA,IAAI,GAAG,mDAAmD;;EAE1D;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CO,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACR,OAAO,CAAC;IACd,IAAI,CAACO,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;AAACN,OAAA,CAAAO,qCAAA,GAAAA,qCAAA"}

package/lib/commonjs/utils/jwk.js

@@ -0,0 +1,45 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.JWK = void 0;
+var _zod = require("zod");
+const JWK = _zod.z.object({
+  /** JWK "alg" (Algorithm) Parameter. */
+  alg: _zod.z.string().optional(),
+  crv: _zod.z.string().optional(),
+  d: _zod.z.string().optional(),
+  dp: _zod.z.string().optional(),
+  dq: _zod.z.string().optional(),
+  e: _zod.z.string().optional(),
+  /** JWK "ext" (Extractable) Parameter. */
+  ext: _zod.z.boolean().optional(),
+  k: _zod.z.string().optional(),
+  /** JWK "key_ops" (Key Operations) Parameter. */
+  key_ops: _zod.z.array(_zod.z.string()).optional(),
+  /** JWK "kid" (Key ID) Parameter. */
+  kid: _zod.z.string().optional(),
+  /** JWK "kty" (Key Type) Parameter.
+   * This attribute is required to discriminate the
+   * type of EC/RSA algorithm */
+  kty: _zod.z.union([_zod.z.literal("RSA"), _zod.z.literal("EC")]),
+  n: _zod.z.string().optional(),
+  p: _zod.z.string().optional(),
+  q: _zod.z.string().optional(),
+  qi: _zod.z.string().optional(),
+  /** JWK "use" (Public Key Use) Parameter. */
+  use: _zod.z.string().optional(),
+  x: _zod.z.string().optional(),
+  y: _zod.z.string().optional(),
+  /** JWK "x5c" (X.509 Certificate Chain) Parameter. */
+  x5c: _zod.z.array(_zod.z.string()).optional(),
+  /** JWK "x5t" (X.509 Certificate SHA-1 Thumbprint) Parameter. */
+  x5t: _zod.z.string().optional(),
+  /** "x5t#S256" (X.509 Certificate SHA-256 Thumbprint) Parameter. */
+  "x5t#S256": _zod.z.string().optional(),
+  /** JWK "x5u" (X.509 URL) Parameter. */
+  x5u: _zod.z.string().optional()
+});
+exports.JWK = JWK;
+//# sourceMappingURL=jwk.js.map

package/lib/commonjs/utils/jwk.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["_zod","require","JWK","z","object","alg","string","optional","crv","d","dp","dq","e","ext","boolean","k","key_ops","array","kid","kty","union","literal","n","p","q","qi","use","x","y","x5c","x5t","x5u","exports"],"sourceRoot":"../../../src","sources":["utils/jwk.ts"],"mappings":";;;;;;AAAA,IAAAA,IAAA,GAAAC,OAAA;AAGO,MAAMC,GAAG,GAAGC,MAAC,CAACC,MAAM,CAAC;EAC1B;EACAC,GAAG,EAAEF,MAAC,CAACG,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EAC1BC,GAAG,EAAEL,MAAC,CAACG,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EAC1BE,CAAC,EAAEN,MAAC,CAACG,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EACxBG,EAAE,EAAEP,MAAC,CAACG,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EACzBI,EAAE,EAAER,MAAC,CAACG,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EACzBK,CAAC,EAAET,MAAC,CAACG,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EACxB;EACAM,GAAG,EAAEV,MAAC,CAACW,OAAO,CAAC,CAAC,CAACP,QAAQ,CAAC,CAAC;EAC3BQ,CAAC,EAAEZ,MAAC,CAACG,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EACxB;EACAS,OAAO,EAAEb,MAAC,CAACc,KAAK,CAACd,MAAC,CAACG,MAAM,CAAC,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EACvC;EACAW,GAAG,EAAEf,MAAC,CAACG,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EAC1B;AACF;AACA;EACEY,GAAG,EAAEhB,MAAC,CAACiB,KAAK,CAAC,CAACjB,MAAC,CAACkB,OAAO,CAAC,KAAK,CAAC,EAAElB,MAAC,CAACkB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC;EACjDC,CAAC,EAAEnB,MAAC,CAACG,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EACxBgB,CAAC,EAAEpB,MAAC,CAACG,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EACxBiB,CAAC,EAAErB,MAAC,CAACG,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EACxBkB,EAAE,EAAEtB,MAAC,CAACG,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EACzB;EACAmB,GAAG,EAAEvB,MAAC,CAACG,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EAC1BoB,CAAC,EAAExB,MAAC,CAACG,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EACxBqB,CAAC,EAAEzB,MAAC,CAACG,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EACxB;EACAsB,GAAG,EAAE1B,MAAC,CAACc,KAAK,CAACd,MAAC,CAACG,MAAM,CAAC,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EACnC;EACAuB,GAAG,EAAE3B,MAAC,CAACG,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EAC1B;EACA,UAAU,EAAEJ,MAAC,CAACG,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EACjC;EACAwB,GAAG,EAAE5B,MAAC,CAACG,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC;AAC3B,CAAC,CAAC;AAACyB,OAAA,CAAA9B,GAAA,GAAAA,GAAA"}

package/lib/commonjs/wallet-instance-attestation/index.js

@@ -0,0 +1,63 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+Object.defineProperty(exports, "Issuing", {
+  enumerable: true,
+  get: function () {
+    return _issuing.Issuing;
+  }
+});
+exports.decode = decode;
+exports.verify = verify;
+var _types = require("./types");
+var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
+var _issuing = require("./issuing");
+/**
+ * Decode a given JWT to get the parsed Wallet Instance Attestation object they define.
+ * It ensures provided data is in a valid shape.
+ *
+ * It DOES NOT verify token signature nor check disclosures are correctly referenced by the JWT.
+ * Use {@link verify} instead
+ *
+ * @function
+ * @param token The encoded token that represents a valid jwt for Wallet Instance Attestation
+ *
+ * @returns The validated Wallet Instance Attestation object
+ * @throws A decoding error if the token doesn't resolve in a valid JWT
+ * @throws A validation error if the provided data doesn't result in a valid Wallet Instance Attestation
+ *
+ */
+function decode(token) {
+  // decode JWT parts
+  const decodedJwt = (0, _ioReactNativeJwt.decode)(token);
+  // parse JWT to ensure it has the shape of a WalletInstanceAttestationJwt
+  return _types.WalletInstanceAttestationJwt.parse({
+    header: decodedJwt.protectedHeader,
+    payload: decodedJwt.payload
+  });
+}
+
+/**
+ * Verify a given JWT to get the parsed Wallet Instance Attestation object they define.
+ * Same as {@link decode} plus token signature verification
+ *
+ * @async @function
+ *
+ *
+ * @param token The encoded token that represents a valid jwt
+ *
+ * @returns {WalletInstanceAttestationJwt} The validated Wallet Instance Attestation object
+ * @throws A decoding error if the token doesn't resolve in a valid JWT
+ * @throws A validation error if the provided data doesn't result in a valid Wallet Instance Attestation
+ * @throws Invalid signature error if the token signature is not valid
+ *
+ */
+async function verify(token) {
+  const decoded = decode(token);
+  const pubKey = decoded.payload.cnf.jwk;
+  await (0, _ioReactNativeJwt.verify)(token, pubKey);
+  return decoded;
+}
+//# sourceMappingURL=index.js.map

package/lib/commonjs/wallet-instance-attestation/index.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["_types","require","_ioReactNativeJwt","_issuing","decode","token","decodedJwt","decodeJwt","WalletInstanceAttestationJwt","parse","header","protectedHeader","payload","verify","decoded","pubKey","cnf","jwk","verifyJwt"],"sourceRoot":"../../../src","sources":["wallet-instance-attestation/index.ts"],"mappings":";;;;;;;;;;;;;AAAA,IAAAA,MAAA,GAAAC,OAAA;AACA,IAAAC,iBAAA,GAAAD,OAAA;AAGA,IAAAE,QAAA,GAAAF,OAAA;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,SAASG,MAAMA,CAACC,KAAa,EAAgC;EAClE;EACA,MAAMC,UAAU,GAAG,IAAAC,wBAAS,EAACF,KAAK,CAAC;EACnC;EACA,OAAOG,mCAA4B,CAACC,KAAK,CAAC;IACxCC,MAAM,EAAEJ,UAAU,CAACK,eAAe;IAClCC,OAAO,EAAEN,UAAU,CAACM;EACtB,CAAC,CAAC;AACJ;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,eAAeC,MAAMA,CAC1BR,KAAa,EAC0B;EACvC,MAAMS,OAAO,GAAGV,MAAM,CAACC,KAAK,CAAC;EAC7B,MAAMU,MAAM,GAAGD,OAAO,CAACF,OAAO,CAACI,GAAG,CAACC,GAAG;EAEtC,MAAM,IAAAC,wBAAS,EAACb,KAAK,EAAEU,MAAM,CAAC;EAE9B,OAAOD,OAAO;AAChB"}

package/lib/commonjs/wallet-instance-attestation/issuing.js

@@ -0,0 +1,96 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.Issuing = void 0;
+var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
+var _jwk = require("../utils/jwk");
+var _types = require("./types");
+var _reactNativeUuid = _interopRequireDefault(require("react-native-uuid"));
+var _errors = require("../utils/errors");
+function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
+class Issuing {
+  constructor(walletProviderBaseUrl) {
+    this.walletProviderBaseUrl = walletProviderBaseUrl;
+  }
+
+  /**
+   * Get the Wallet Instance Attestation Request to sign
+   *
+   * @async @function
+   *
+   * @param jwk Public key of the wallet instance
+   *
+   * @returns {string} Wallet Instance Attestation Request to sign
+   *
+   */
+  async getAttestationRequestToSign(jwk) {
+    const parsedJwk = _jwk.JWK.parse(jwk);
+    const keyThumbprint = await (0, _ioReactNativeJwt.thumbprint)(parsedJwk);
+    const publicKey = {
+      ...parsedJwk,
+      kid: keyThumbprint
+    };
+    const walletInstanceAttestationRequest = new _ioReactNativeJwt.SignJWT({
+      iss: keyThumbprint,
+      sub: this.walletProviderBaseUrl,
+      jti: `${_reactNativeUuid.default.v4()}`,
+      type: "WalletInstanceAttestationRequest",
+      cnf: {
+        jwk: publicKey
+      }
+    }).setProtectedHeader({
+      alg: "ES256",
+      kid: publicKey.kid,
+      typ: "var+jwt"
+    }).setIssuedAt().setExpirationTime("1h").toSign();
+    return walletInstanceAttestationRequest;
+  }
+
+  /**
+   * Get the Wallet Instance Attestation given a
+   * Wallet Instance Attestation Request and signature
+   *
+   * @async @function
+   *
+   * @param attestationRequest Wallet Instance Attestaion Request
+   * obtained with {@link getAttestationRequestToSign}
+   * @param signature Signature of the Wallet Instance Attestaion Request
+   * @param appFetch Optional object with fetch function to use
+   *
+   * @returns {string} Wallet Instance Attestation
+   *
+   */
+  async getAttestation(attestationRequest, signature) {
+    let appFetch = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : {
+      fetch
+    };
+    const signedAttestationRequest = await _ioReactNativeJwt.SignJWT.appendSignature(attestationRequest, signature);
+    const decodedRequest = (0, _ioReactNativeJwt.decode)(signedAttestationRequest);
+    const parsedRequest = _types.WalletInstanceAttestationRequestJwt.parse({
+      payload: decodedRequest.payload,
+      header: decodedRequest.protectedHeader
+    });
+    const publicKey = parsedRequest.payload.cnf.jwk;
+    await (0, _ioReactNativeJwt.verify)(signedAttestationRequest, publicKey);
+    const tokenUrl = new URL("token", this.walletProviderBaseUrl).href;
+    const requestBody = {
+      grant_type: "urn:ietf:params:oauth:client-assertion-type:jwt-key-attestation",
+      assertion: signedAttestationRequest
+    };
+    const response = await appFetch.fetch(tokenUrl, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json"
+      },
+      body: JSON.stringify(requestBody)
+    });
+    if (response.status === 201) {
+      return await response.text();
+    }
+    throw new _errors.WalletInstanceAttestationIssuingError("Unable to obtain wallet instance attestation from wallet provider", `Response code: ${response.status}`);
+  }
+}
+exports.Issuing = Issuing;
+//# sourceMappingURL=issuing.js.map

package/lib/commonjs/wallet-instance-attestation/issuing.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["_ioReactNativeJwt","require","_jwk","_types","_reactNativeUuid","_interopRequireDefault","_errors","obj","__esModule","default","Issuing","constructor","walletProviderBaseUrl","getAttestationRequestToSign","jwk","parsedJwk","JWK","parse","keyThumbprint","thumbprint","publicKey","kid","walletInstanceAttestationRequest","SignJWT","iss","sub","jti","uuid","v4","type","cnf","setProtectedHeader","alg","typ","setIssuedAt","setExpirationTime","toSign","getAttestation","attestationRequest","signature","appFetch","arguments","length","undefined","fetch","signedAttestationRequest","appendSignature","decodedRequest","decodeJwt","parsedRequest","WalletInstanceAttestationRequestJwt","payload","header","protectedHeader","verifyJwt","tokenUrl","URL","href","requestBody","grant_type","assertion","response","method","headers","body","JSON","stringify","status","text","WalletInstanceAttestationIssuingError","exports"],"sourceRoot":"../../../src","sources":["wallet-instance-attestation/issuing.ts"],"mappings":";;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AAGA,IAAAC,IAAA,GAAAD,OAAA;AACA,IAAAE,MAAA,GAAAF,OAAA;AACA,IAAAG,gBAAA,GAAAC,sBAAA,CAAAJ,OAAA;AACA,IAAAK,OAAA,GAAAL,OAAA;AAAwE,SAAAI,uBAAAE,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAEjE,MAAMG,OAAO,CAAC;EAGnBC,WAAWA,CAACC,qBAA6B,EAAE;IACzC,IAAI,CAACA,qBAAqB,GAAGA,qBAAqB;EACpD;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMC,2BAA2BA,CAACC,GAAQ,EAAmB;IAC3D,MAAMC,SAAS,GAAGC,QAAG,CAACC,KAAK,CAACH,GAAG,CAAC;IAChC,MAAMI,aAAa,GAAG,MAAM,IAAAC,4BAAU,EAACJ,SAAS,CAAC;IACjD,MAAMK,SAAS,GAAG;MAAE,GAAGL,SAAS;MAAEM,GAAG,EAAEH;IAAc,CAAC;IAEtD,MAAMI,gCAAgC,GAAG,IAAIC,yBAAO,CAAC;MACnDC,GAAG,EAAEN,aAAa;MAClBO,GAAG,EAAE,IAAI,CAACb,qBAAqB;MAC/Bc,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;MACnBC,IAAI,EAAE,kCAAkC;MACxCC,GAAG,EAAE;QACHhB,GAAG,EAAEM;MACP;IACF,CAAC,CAAC,CACCW,kBAAkB,CAAC;MAClBC,GAAG,EAAE,OAAO;MACZX,GAAG,EAAED,SAAS,CAACC,GAAG;MAClBY,GAAG,EAAE;IACP,CAAC,CAAC,CACDC,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,MAAM,CAAC,CAAC;IAEX,OAAOd,gCAAgC;EACzC;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMe,cAAcA,CAClBC,kBAA0B,EAC1BC,SAAiB,EAEA;IAAA,IADjBC,QAAqB,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG;MAAEG;IAAM,CAAC;IAEjC,MAAMC,wBAAwB,GAAG,MAAMtB,yBAAO,CAACuB,eAAe,CAC5DR,kBAAkB,EAClBC,SACF,CAAC;IACD,MAAMQ,cAAc,GAAG,IAAAC,wBAAS,EAACH,wBAAwB,CAAC;IAC1D,MAAMI,aAAa,GAAGC,0CAAmC,CAACjC,KAAK,CAAC;MAC9DkC,OAAO,EAAEJ,cAAc,CAACI,OAAO;MAC/BC,MAAM,EAAEL,cAAc,CAACM;IACzB,CAAC,CAAC;IACF,MAAMjC,SAAS,GAAG6B,aAAa,CAACE,OAAO,CAACrB,GAAG,CAAChB,GAAG;IAE/C,MAAM,IAAAwC,wBAAS,EAACT,wBAAwB,EAAEzB,SAAS,CAAC;IAEpD,MAAMmC,QAAQ,GAAG,IAAIC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC5C,qBAAqB,CAAC,CAAC6C,IAAI;IAClE,MAAMC,WAAW,GAAG;MAClBC,UAAU,EACR,iEAAiE;MACnEC,SAAS,EAAEf;IACb,CAAC;IACD,MAAMgB,QAAQ,GAAG,MAAMrB,QAAQ,CAACI,KAAK,CAACW,QAAQ,EAAE;MAC9CO,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE;MAClB,CAAC;MACDC,IAAI,EAAEC,IAAI,CAACC,SAAS,CAACR,WAAW;IAClC,CAAC,CAAC;IAEF,IAAIG,QAAQ,CAACM,MAAM,KAAK,GAAG,EAAE;MAC3B,OAAO,MAAMN,QAAQ,CAACO,IAAI,CAAC,CAAC;IAC9B;IAEA,MAAM,IAAIC,6CAAqC,CAC7C,mEAAmE,EAClE,kBAAiBR,QAAQ,CAACM,MAAO,EACpC,CAAC;EACH;AACF;AAACG,OAAA,CAAA5D,OAAA,GAAAA,OAAA"}

package/lib/commonjs/wallet-instance-attestation/types.js

@@ -0,0 +1,65 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.WalletInstanceAttestationRequestJwt = exports.WalletInstanceAttestationJwt = void 0;
+var _jwk = require("../utils/jwk");
+var z = _interopRequireWildcard(require("zod"));
+function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
+function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
+const UnixTime = z.number().min(0).max(2147483647000);
+const Jwt = z.object({
+  header: z.object({
+    alg: z.string(),
+    kid: z.string(),
+    typ: z.string(),
+    x5c: z.array(z.string()).optional(),
+    trust_chain: z.array(z.string()).optional()
+  }),
+  payload: z.object({
+    iss: z.string(),
+    sub: z.string(),
+    iat: UnixTime,
+    exp: UnixTime,
+    cnf: z.object({
+      jwk: _jwk.JWK
+    })
+  })
+});
+const WalletInstanceAttestationRequestJwt = z.object({
+  header: z.intersection(Jwt.shape.header, z.object({
+    typ: z.literal("var+jwt")
+  })),
+  payload: z.intersection(Jwt.shape.payload, z.object({
+    jti: z.string(),
+    type: z.literal("WalletInstanceAttestationRequest")
+  }))
+});
+exports.WalletInstanceAttestationRequestJwt = WalletInstanceAttestationRequestJwt;
+const WalletInstanceAttestationJwt = z.object({
+  header: z.intersection(Jwt.shape.header, z.object({
+    typ: z.literal("va+jwt")
+  })),
+  payload: z.intersection(Jwt.shape.payload, z.object({
+    type: z.literal("WalletInstanceAttestation"),
+    policy_uri: z.string().url(),
+    tos_uri: z.string().url(),
+    logo_uri: z.string().url(),
+    asc: z.string(),
+    authorization_endpoint: z.string().url(),
+    response_types_supported: z.array(z.string()),
+    vp_formats_supported: z.object({
+      jwt_vp_json: z.object({
+        alg_values_supported: z.array(z.string())
+      }),
+      jwt_vc_json: z.object({
+        alg_values_supported: z.array(z.string())
+      })
+    }),
+    request_object_signing_alg_values_supported: z.array(z.string()),
+    presentation_definition_uri_supported: z.boolean()
+  }))
+});
+exports.WalletInstanceAttestationJwt = WalletInstanceAttestationJwt;
+//# sourceMappingURL=types.js.map

package/lib/commonjs/wallet-instance-attestation/types.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["_jwk","require","z","_interopRequireWildcard","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","UnixTime","number","min","max","Jwt","object","header","alg","string","kid","typ","x5c","array","optional","trust_chain","payload","iss","sub","iat","exp","cnf","jwk","JWK","WalletInstanceAttestationRequestJwt","intersection","shape","literal","jti","type","exports","WalletInstanceAttestationJwt","policy_uri","url","tos_uri","logo_uri","asc","authorization_endpoint","response_types_supported","vp_formats_supported","jwt_vp_json","alg_values_supported","jwt_vc_json","request_object_signing_alg_values_supported","presentation_definition_uri_supported","boolean"],"sourceRoot":"../../../src","sources":["wallet-instance-attestation/types.ts"],"mappings":";;;;;;AAAA,IAAAA,IAAA,GAAAC,OAAA;AACA,IAAAC,CAAA,GAAAC,uBAAA,CAAAF,OAAA;AAAyB,SAAAG,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAF,wBAAAM,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAEzB,MAAMW,QAAQ,GAAGxB,CAAC,CAACyB,MAAM,CAAC,CAAC,CAACC,GAAG,CAAC,CAAC,CAAC,CAACC,GAAG,CAAC,aAAa,CAAC;AAGrD,MAAMC,GAAG,GAAG5B,CAAC,CAAC6B,MAAM,CAAC;EACnBC,MAAM,EAAE9B,CAAC,CAAC6B,MAAM,CAAC;IACfE,GAAG,EAAE/B,CAAC,CAACgC,MAAM,CAAC,CAAC;IACfC,GAAG,EAAEjC,CAAC,CAACgC,MAAM,CAAC,CAAC;IACfE,GAAG,EAAElC,CAAC,CAACgC,MAAM,CAAC,CAAC;IACfG,GAAG,EAAEnC,CAAC,CAACoC,KAAK,CAACpC,CAAC,CAACgC,MAAM,CAAC,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;IACnCC,WAAW,EAAEtC,CAAC,CAACoC,KAAK,CAACpC,CAAC,CAACgC,MAAM,CAAC,CAAC,CAAC,CAACK,QAAQ,CAAC;EAC5C,CAAC,CAAC;EACFE,OAAO,EAAEvC,CAAC,CAAC6B,MAAM,CAAC;IAChBW,GAAG,EAAExC,CAAC,CAACgC,MAAM,CAAC,CAAC;IACfS,GAAG,EAAEzC,CAAC,CAACgC,MAAM,CAAC,CAAC;IACfU,GAAG,EAAElB,QAAQ;IACbmB,GAAG,EAAEnB,QAAQ;IACboB,GAAG,EAAE5C,CAAC,CAAC6B,MAAM,CAAC;MACZgB,GAAG,EAAEC;IACP,CAAC;EACH,CAAC;AACH,CAAC,CAAC;AAKK,MAAMC,mCAAmC,GAAG/C,CAAC,CAAC6B,MAAM,CAAC;EAC1DC,MAAM,EAAE9B,CAAC,CAACgD,YAAY,CACpBpB,GAAG,CAACqB,KAAK,CAACnB,MAAM,EAChB9B,CAAC,CAAC6B,MAAM,CAAC;IACPK,GAAG,EAAElC,CAAC,CAACkD,OAAO,CAAC,SAAS;EAC1B,CAAC,CACH,CAAC;EACDX,OAAO,EAAEvC,CAAC,CAACgD,YAAY,CACrBpB,GAAG,CAACqB,KAAK,CAACV,OAAO,EACjBvC,CAAC,CAAC6B,MAAM,CAAC;IACPsB,GAAG,EAAEnD,CAAC,CAACgC,MAAM,CAAC,CAAC;IACfoB,IAAI,EAAEpD,CAAC,CAACkD,OAAO,CAAC,kCAAkC;EACpD,CAAC,CACH;AACF,CAAC,CAAC;AAACG,OAAA,CAAAN,mCAAA,GAAAA,mCAAA;AAKI,MAAMO,4BAA4B,GAAGtD,CAAC,CAAC6B,MAAM,CAAC;EACnDC,MAAM,EAAE9B,CAAC,CAACgD,YAAY,CACpBpB,GAAG,CAACqB,KAAK,CAACnB,MAAM,EAChB9B,CAAC,CAAC6B,MAAM,CAAC;IACPK,GAAG,EAAElC,CAAC,CAACkD,OAAO,CAAC,QAAQ;EACzB,CAAC,CACH,CAAC;EACDX,OAAO,EAAEvC,CAAC,CAACgD,YAAY,CACrBpB,GAAG,CAACqB,KAAK,CAACV,OAAO,EACjBvC,CAAC,CAAC6B,MAAM,CAAC;IACPuB,IAAI,EAAEpD,CAAC,CAACkD,OAAO,CAAC,2BAA2B,CAAC;IAC5CK,UAAU,EAAEvD,CAAC,CAACgC,MAAM,CAAC,CAAC,CAACwB,GAAG,CAAC,CAAC;IAC5BC,OAAO,EAAEzD,CAAC,CAACgC,MAAM,CAAC,CAAC,CAACwB,GAAG,CAAC,CAAC;IACzBE,QAAQ,EAAE1D,CAAC,CAACgC,MAAM,CAAC,CAAC,CAACwB,GAAG,CAAC,CAAC;IAC1BG,GAAG,EAAE3D,CAAC,CAACgC,MAAM,CAAC,CAAC;IACf4B,sBAAsB,EAAE5D,CAAC,CAACgC,MAAM,CAAC,CAAC,CAACwB,GAAG,CAAC,CAAC;IACxCK,wBAAwB,EAAE7D,CAAC,CAACoC,KAAK,CAACpC,CAAC,CAACgC,MAAM,CAAC,CAAC,CAAC;IAC7C8B,oBAAoB,EAAE9D,CAAC,CAAC6B,MAAM,CAAC;MAC7BkC,WAAW,EAAE/D,CAAC,CAAC6B,MAAM,CAAC;QACpBmC,oBAAoB,EAAEhE,CAAC,CAACoC,KAAK,CAACpC,CAAC,CAACgC,MAAM,CAAC,CAAC;MAC1C,CAAC,CAAC;MACFiC,WAAW,EAAEjE,CAAC,CAAC6B,MAAM,CAAC;QACpBmC,oBAAoB,EAAEhE,CAAC,CAACoC,KAAK,CAACpC,CAAC,CAACgC,MAAM,CAAC,CAAC;MAC1C,CAAC;IACH,CAAC,CAAC;IACFkC,2CAA2C,EAAElE,CAAC,CAACoC,KAAK,CAACpC,CAAC,CAACgC,MAAM,CAAC,CAAC,CAAC;IAChEmC,qCAAqC,EAAEnE,CAAC,CAACoE,OAAO,CAAC;EACnD,CAAC,CACH;AACF,CAAC,CAAC;AAACf,OAAA,CAAAC,4BAAA,GAAAA,4BAAA"}

package/lib/module/index.js

@@ -0,0 +1,7 @@
+import * as PID from "./pid";
+import * as WalletInstanceAttestation from "./wallet-instance-attestation";
+export function multiply(a, b) {
+  return Promise.resolve(a * b);
+}
+export { PID, WalletInstanceAttestation };
+//# sourceMappingURL=index.js.map

package/lib/module/index.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["PID","WalletInstanceAttestation","multiply","a","b","Promise","resolve"],"sourceRoot":"../../src","sources":["index.ts"],"mappings":"AAAA,OAAO,KAAKA,GAAG,MAAM,OAAO;AAC5B,OAAO,KAAKC,yBAAyB,MAAM,+BAA+B;AAE1E,OAAO,SAASC,QAAQA,CAACC,CAAS,EAAEC,CAAS,EAAmB;EAC9D,OAAOC,OAAO,CAACC,OAAO,CAACH,CAAC,GAAGC,CAAC,CAAC;AAC/B;AAEA,SAASJ,GAAG,EAAEC,yBAAyB"}

package/lib/module/pid/index.js

@@ -0,0 +1,3 @@
+import * as SdJwt from "./sd-jwt";
+export { SdJwt };
+//# sourceMappingURL=index.js.map

package/lib/module/pid/index.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["SdJwt"],"sourceRoot":"../../../src","sources":["pid/index.ts"],"mappings":"AAAA,OAAO,KAAKA,KAAK,MAAM,UAAU;AACjC,SAASA,KAAK"}

package/lib/module/pid/sd-jwt/converters.js

@@ -0,0 +1,23 @@
+import { getValueFromDisclosures } from "../../sd-jwt/converters";
+import { PID } from "./types";
+export function pidFromToken(sdJwt, disclosures) {
+  return PID.parse({
+    issuer: sdJwt.payload.iss,
+    issuedAt: new Date(sdJwt.payload.iat * 1000),
+    expiration: new Date(sdJwt.payload.exp * 1000),
+    verification: {
+      trustFramework: sdJwt.payload.verified_claims.verification.trust_framework,
+      assuranceLevel: sdJwt.payload.verified_claims.verification.assurance_level,
+      evidence: getValueFromDisclosures(disclosures, "evidence")
+    },
+    claims: {
+      uniqueId: getValueFromDisclosures(disclosures, "unique_id"),
+      givenName: getValueFromDisclosures(disclosures, "given_name"),
+      familyName: getValueFromDisclosures(disclosures, "family_name"),
+      birthdate: getValueFromDisclosures(disclosures, "birthdate"),
+      placeOfBirth: getValueFromDisclosures(disclosures, "place_of_birth"),
+      taxIdCode: getValueFromDisclosures(disclosures, "tax_id_number")
+    }
+  });
+}
+//# sourceMappingURL=converters.js.map

package/lib/module/pid/sd-jwt/converters.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["getValueFromDisclosures","PID","pidFromToken","sdJwt","disclosures","parse","issuer","payload","iss","issuedAt","Date","iat","expiration","exp","verification","trustFramework","verified_claims","trust_framework","assuranceLevel","assurance_level","evidence","claims","uniqueId","givenName","familyName","birthdate","placeOfBirth","taxIdCode"],"sourceRoot":"../../../../src","sources":["pid/sd-jwt/converters.ts"],"mappings":"AAAA,SAASA,uBAAuB,QAAQ,yBAAyB;AAEjE,SAASC,GAAG,QAAQ,SAAS;AAE7B,OAAO,SAASC,YAAYA,CAACC,KAAe,EAAEC,WAAyB,EAAO;EAC5E,OAAOH,GAAG,CAACI,KAAK,CAAC;IACfC,MAAM,EAAEH,KAAK,CAACI,OAAO,CAACC,GAAG;IACzBC,QAAQ,EAAE,IAAIC,IAAI,CAACP,KAAK,CAACI,OAAO,CAACI,GAAG,GAAG,IAAI,CAAC;IAC5CC,UAAU,EAAE,IAAIF,IAAI,CAACP,KAAK,CAACI,OAAO,CAACM,GAAG,GAAG,IAAI,CAAC;IAC9CC,YAAY,EAAE;MACZC,cAAc,EACZZ,KAAK,CAACI,OAAO,CAACS,eAAe,CAACF,YAAY,CAACG,eAAe;MAC5DC,cAAc,EACZf,KAAK,CAACI,OAAO,CAACS,eAAe,CAACF,YAAY,CAACK,eAAe;MAC5DC,QAAQ,EAAEpB,uBAAuB,CAACI,WAAW,EAAE,UAAU;IAC3D,CAAC;IACDiB,MAAM,EAAE;MACNC,QAAQ,EAAEtB,uBAAuB,CAACI,WAAW,EAAE,WAAW,CAAC;MAC3DmB,SAAS,EAAEvB,uBAAuB,CAACI,WAAW,EAAE,YAAY,CAAC;MAC7DoB,UAAU,EAAExB,uBAAuB,CAACI,WAAW,EAAE,aAAa,CAAC;MAC/DqB,SAAS,EAAEzB,uBAAuB,CAACI,WAAW,EAAE,WAAW,CAAC;MAC5DsB,YAAY,EAAE1B,uBAAuB,CAACI,WAAW,EAAE,gBAAgB,CAAC;MACpEuB,SAAS,EAAE3B,uBAAuB,CAACI,WAAW,EAAE,eAAe;IACjE;EACF,CAAC,CAAC;AACJ"}

package/lib/module/pid/sd-jwt/index.js

@@ -0,0 +1,66 @@
+import { decode as decodeJwt } from "../../sd-jwt";
+import { verify as verifyJwt } from "../../sd-jwt";
+import { pidFromToken } from "./converters";
+import { SdJwt4VC } from "../../sd-jwt/types";
+
+/**
+ * Decode a given SD-JWT with Disclosures to get the parsed PID object they define.
+ * It ensures provided data is in a valid shape.
+ *
+ * It DOES NOT verify token signature nor check disclosures are correctly referenced by the SD-JWT.
+ * Use {@link verify} instead
+ *
+ * @function
+ * @param token The encoded token that represents a valid sd-jwt for verifiable credentials
+ *
+ * @returns The validated PID object along with the parsed SD-JWT token and the parsed disclosures
+ * @throws A decoding error if the token doesn't resolve in a valid SD-JWT
+ * @throws A validation error if the provided data doesn't result in a valid PID
+ *
+ */
+export function decode(token) {
+  let {
+    sdJwt,
+    disclosures
+  } = decodeJwt(token, SdJwt4VC);
+  const pid = pidFromToken(sdJwt, disclosures);
+  return {
+    pid,
+    sdJwt,
+    disclosures
+  };
+}
+
+/**
+ * Verify a given SD-JWT with Disclosures to get the parsed PID object they define.
+ * Same as {@link decode} plus:
+ *   - token signature verification
+ *   - ensure disclosures are well-defined inside the SD-JWT
+ *
+ * @async @function
+ *
+ * @todo implement signature validation
+ * @todo check disclosures in sd-jwt
+ *
+ * @param token The encoded token that represents a valid sd-jwt for verifiable credentials
+ *
+ * @returns {VerifyResult} The validated PID object along with the parsed SD-JWT token and the parsed disclosures
+ * @throws A decoding error if the token doesn't resolve in a valid SD-JWT
+ * @throws A validation error if the provided data doesn't result in a valid PID
+ * @throws A validation error if the provided disclosures are not defined in the SD-JWT
+ * @throws Invalid signature error if the token signature is not valid
+ *
+ */
+export async function verify(token) {
+  const decoded = decode(token);
+  const publicKey = decoded.sdJwt.payload.cnf.jwk;
+  await verifyJwt(token, publicKey, SdJwt4VC);
+  return decoded;
+}
+
+/**
+ * Result object for {@link verify}
+ */
+
+export { PID } from "./types";
+//# sourceMappingURL=index.js.map

package/lib/module/pid/sd-jwt/index.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["decode","decodeJwt","verify","verifyJwt","pidFromToken","SdJwt4VC","token","sdJwt","disclosures","pid","decoded","publicKey","payload","cnf","jwk","PID"],"sourceRoot":"../../../../src","sources":["pid/sd-jwt/index.ts"],"mappings":"AAAA,SAASA,MAAM,IAAIC,SAAS,QAAQ,cAAc;AAClD,SAASC,MAAM,IAAIC,SAAS,QAAQ,cAAc;AAElD,SAASC,YAAY,QAAQ,cAAc;AAC3C,SAAqBC,QAAQ,QAAQ,oBAAoB;;AAEzD;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,SAASL,MAAMA,CAACM,KAAa,EAAgB;EAClD,IAAI;IAAEC,KAAK;IAAEC;EAAY,CAAC,GAAGP,SAAS,CAACK,KAAK,EAAED,QAAQ,CAAC;EACvD,MAAMI,GAAG,GAAGL,YAAY,CAACG,KAAK,EAAEC,WAAW,CAAC;EAE5C,OAAO;IAAEC,GAAG;IAAEF,KAAK;IAAEC;EAAY,CAAC;AACpC;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,eAAeN,MAAMA,CAACI,KAAa,EAAyB;EACjE,MAAMI,OAAO,GAAGV,MAAM,CAACM,KAAK,CAAC;EAC7B,MAAMK,SAAS,GAAGD,OAAO,CAACH,KAAK,CAACK,OAAO,CAACC,GAAG,CAACC,GAAG;EAC/C,MAAMX,SAAS,CAACG,KAAK,EAAEK,SAAS,EAAEN,QAAQ,CAAC;EAE3C,OAAOK,OAAO;AAChB;;AAWA;AACA;AACA;;AAGA,SAASK,GAAG,QAAQ,SAAS"}

package/lib/module/pid/sd-jwt/types.js

@@ -0,0 +1,43 @@
+import { z } from "zod";
+const VerificationEvidence = z.object({
+  type: z.string(),
+  record: z.object({
+    type: z.string(),
+    source: z.object({
+      organization_name: z.string(),
+      organization_id: z.string(),
+      country_code: z.string()
+    })
+  })
+});
+const Verification = z.object({
+  trustFramework: z.literal("eidas"),
+  assuranceLevel: z.string(),
+  evidence: z.array(VerificationEvidence)
+});
+
+/**
+ * Data structure for the PID.
+ * It contains PID claims in plain text as well as verification data with the issuer's information
+ *
+ * @see https://italia.github.io/eidas-it-wallet-docs/en/pid-data-model.html
+ */
+
+export const PID = z.object({
+  issuer: z.string(),
+  issuedAt: z.date(),
+  expiration: z.date(),
+  verification: Verification,
+  claims: z.object({
+    uniqueId: z.string(),
+    givenName: z.string(),
+    familyName: z.string(),
+    birthdate: z.string(),
+    placeOfBirth: z.object({
+      country: z.string(),
+      locality: z.string()
+    }),
+    taxIdCode: z.string()
+  })
+});
+//# sourceMappingURL=types.js.map

package/lib/module/pid/sd-jwt/types.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["z","VerificationEvidence","object","type","string","record","source","organization_name","organization_id","country_code","Verification","trustFramework","literal","assuranceLevel","evidence","array","PID","issuer","issuedAt","date","expiration","verification","claims","uniqueId","givenName","familyName","birthdate","placeOfBirth","country","locality","taxIdCode"],"sourceRoot":"../../../../src","sources":["pid/sd-jwt/types.ts"],"mappings":"AAAA,SAASA,CAAC,QAAQ,KAAK;AAEvB,MAAMC,oBAAoB,GAAGD,CAAC,CAACE,MAAM,CAAC;EACpCC,IAAI,EAAEH,CAAC,CAACI,MAAM,CAAC,CAAC;EAChBC,MAAM,EAAEL,CAAC,CAACE,MAAM,CAAC;IACfC,IAAI,EAAEH,CAAC,CAACI,MAAM,CAAC,CAAC;IAChBE,MAAM,EAAEN,CAAC,CAACE,MAAM,CAAC;MACfK,iBAAiB,EAAEP,CAAC,CAACI,MAAM,CAAC,CAAC;MAC7BI,eAAe,EAAER,CAAC,CAACI,MAAM,CAAC,CAAC;MAC3BK,YAAY,EAAET,CAAC,CAACI,MAAM,CAAC;IACzB,CAAC;EACH,CAAC;AACH,CAAC,CAAC;AAEF,MAAMM,YAAY,GAAGV,CAAC,CAACE,MAAM,CAAC;EAC5BS,cAAc,EAAEX,CAAC,CAACY,OAAO,CAAC,OAAO,CAAC;EAClCC,cAAc,EAAEb,CAAC,CAACI,MAAM,CAAC,CAAC;EAC1BU,QAAQ,EAAEd,CAAC,CAACe,KAAK,CAACd,oBAAoB;AACxC,CAAC,CAAC;;AAEF;AACA;AACA;AACA;AACA;AACA;;AAEA,OAAO,MAAMe,GAAG,GAAGhB,CAAC,CAACE,MAAM,CAAC;EAC1Be,MAAM,EAAEjB,CAAC,CAACI,MAAM,CAAC,CAAC;EAClBc,QAAQ,EAAElB,CAAC,CAACmB,IAAI,CAAC,CAAC;EAClBC,UAAU,EAAEpB,CAAC,CAACmB,IAAI,CAAC,CAAC;EACpBE,YAAY,EAAEX,YAAY;EAC1BY,MAAM,EAAEtB,CAAC,CAACE,MAAM,CAAC;IACfqB,QAAQ,EAAEvB,CAAC,CAACI,MAAM,CAAC,CAAC;IACpBoB,SAAS,EAAExB,CAAC,CAACI,MAAM,CAAC,CAAC;IACrBqB,UAAU,EAAEzB,CAAC,CAACI,MAAM,CAAC,CAAC;IACtBsB,SAAS,EAAE1B,CAAC,CAACI,MAAM,CAAC,CAAC;IACrBuB,YAAY,EAAE3B,CAAC,CAACE,MAAM,CAAC;MACrB0B,OAAO,EAAE5B,CAAC,CAACI,MAAM,CAAC,CAAC;MACnByB,QAAQ,EAAE7B,CAAC,CAACI,MAAM,CAAC;IACrB,CAAC,CAAC;IACF0B,SAAS,EAAE9B,CAAC,CAACI,MAAM,CAAC;EACtB,CAAC;AACH,CAAC,CAAC"}

package/lib/module/sd-jwt/__test__/converters.test.js

@@ -0,0 +1,23 @@
+import { getValueFromDisclosures } from "../converters";
+const disclosures = [["6w1_soRXFgaHKfpYn3cvfQ", "given_name", "Mario"], ["fuNp97Hf3wV6y48y-QZhIg", "birthdate", "1980-10-01"], ["p-9LzyWHZBVDvhXDWkN2xA", "place_of_birth", {
+  country: "IT",
+  locality: "Rome"
+}]];
+describe("getValueFromDisclosures", () => {
+  it("should return correct value for given_name", () => {
+    const success = getValueFromDisclosures(disclosures, "given_name");
+    expect(success).toBe("Mario");
+  });
+  it("should return correct value for place_of_birth", () => {
+    const success = getValueFromDisclosures(disclosures, "place_of_birth");
+    expect(success).toEqual({
+      country: "IT",
+      locality: "Rome"
+    });
+  });
+  it("should fail", () => {
+    const success = getValueFromDisclosures(disclosures, "given_surname");
+    expect(success).toBeUndefined();
+  });
+});
+//# sourceMappingURL=converters.test.js.map

package/lib/module/sd-jwt/__test__/converters.test.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["getValueFromDisclosures","disclosures","country","locality","describe","it","success","expect","toBe","toEqual","toBeUndefined"],"sourceRoot":"../../../../src","sources":["sd-jwt/__test__/converters.test.ts"],"mappings":"AAAA,SAASA,uBAAuB,QAAQ,eAAe;AAGvD,MAAMC,WAAyB,GAAG,CAChC,CAAC,wBAAwB,EAAE,YAAY,EAAE,OAAO,CAAC,EACjD,CAAC,wBAAwB,EAAE,WAAW,EAAE,YAAY,CAAC,EACrD,CACE,wBAAwB,EACxB,gBAAgB,EAChB;EAAEC,OAAO,EAAE,IAAI;EAAEC,QAAQ,EAAE;AAAO,CAAC,CACpC,CACF;AAEDC,QAAQ,CAAC,yBAAyB,EAAE,MAAM;EACxCC,EAAE,CAAC,4CAA4C,EAAE,MAAM;IACrD,MAAMC,OAAO,GAAGN,uBAAuB,CAACC,WAAW,EAAE,YAAY,CAAC;IAClEM,MAAM,CAACD,OAAO,CAAC,CAACE,IAAI,CAAC,OAAO,CAAC;EAC/B,CAAC,CAAC;EACFH,EAAE,CAAC,gDAAgD,EAAE,MAAM;IACzD,MAAMC,OAAO,GAAGN,uBAAuB,CAACC,WAAW,EAAE,gBAAgB,CAAC;IACtEM,MAAM,CAACD,OAAO,CAAC,CAACG,OAAO,CAAC;MAAEP,OAAO,EAAE,IAAI;MAAEC,QAAQ,EAAE;IAAO,CAAC,CAAC;EAC9D,CAAC,CAAC;EACFE,EAAE,CAAC,aAAa,EAAE,MAAM;IACtB,MAAMC,OAAO,GAAGN,uBAAuB,CAACC,WAAW,EAAE,eAAe,CAAC;IACrEM,MAAM,CAACD,OAAO,CAAC,CAACI,aAAa,CAAC,CAAC;EACjC,CAAC,CAAC;AACJ,CAAC,CAAC"}