@pagopa/io-react-native-wallet 0.1.1 → 0.2.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (57) hide show
  1. package/lib/commonjs/index.js +0 -7
  2. package/lib/commonjs/index.js.map +1 -1
  3. package/lib/commonjs/pid/index.js +7 -0
  4. package/lib/commonjs/pid/index.js.map +1 -1
  5. package/lib/commonjs/pid/issuing.js +231 -0
  6. package/lib/commonjs/pid/issuing.js.map +1 -0
  7. package/lib/commonjs/sd-jwt/index.js +4 -1
  8. package/lib/commonjs/sd-jwt/index.js.map +1 -1
  9. package/lib/commonjs/sd-jwt/types.js +1 -1
  10. package/lib/commonjs/sd-jwt/types.js.map +1 -1
  11. package/lib/commonjs/utils/dpop.js +1 -1
  12. package/lib/commonjs/utils/dpop.js.map +1 -1
  13. package/lib/commonjs/utils/errors.js +25 -1
  14. package/lib/commonjs/utils/errors.js.map +1 -1
  15. package/lib/module/index.js +1 -2
  16. package/lib/module/index.js.map +1 -1
  17. package/lib/module/pid/index.js +2 -1
  18. package/lib/module/pid/index.js.map +1 -1
  19. package/lib/module/pid/issuing.js +225 -0
  20. package/lib/module/pid/issuing.js.map +1 -0
  21. package/lib/module/sd-jwt/index.js +4 -1
  22. package/lib/module/sd-jwt/index.js.map +1 -1
  23. package/lib/module/sd-jwt/types.js +1 -1
  24. package/lib/module/sd-jwt/types.js.map +1 -1
  25. package/lib/module/utils/dpop.js +1 -1
  26. package/lib/module/utils/dpop.js.map +1 -1
  27. package/lib/module/utils/errors.js +23 -0
  28. package/lib/module/utils/errors.js.map +1 -1
  29. package/lib/typescript/index.d.ts +1 -2
  30. package/lib/typescript/index.d.ts.map +1 -1
  31. package/lib/typescript/pid/index.d.ts +2 -1
  32. package/lib/typescript/pid/index.d.ts.map +1 -1
  33. package/lib/typescript/pid/issuing.d.ts +93 -0
  34. package/lib/typescript/pid/issuing.d.ts.map +1 -0
  35. package/lib/typescript/rp/types.d.ts +8 -8
  36. package/lib/typescript/sd-jwt/index.d.ts.map +1 -1
  37. package/lib/typescript/sd-jwt/types.d.ts +5 -5
  38. package/lib/typescript/utils/dpop.d.ts +5 -5
  39. package/lib/typescript/utils/errors.d.ts +13 -0
  40. package/lib/typescript/utils/errors.d.ts.map +1 -1
  41. package/lib/typescript/wallet-instance-attestation/issuing.d.ts +1 -1
  42. package/package.json +4 -2
  43. package/src/index.ts +1 -9
  44. package/src/pid/index.ts +2 -1
  45. package/src/pid/issuing.ts +305 -0
  46. package/src/sd-jwt/index.ts +4 -1
  47. package/src/sd-jwt/types.ts +1 -1
  48. package/src/utils/dpop.ts +1 -1
  49. package/src/utils/errors.ts +24 -0
  50. package/src/wallet-instance-attestation/issuing.ts +1 -1
  51. package/lib/commonjs/utils/signature.js +0 -10
  52. package/lib/commonjs/utils/signature.js.map +0 -1
  53. package/lib/module/utils/signature.js +0 -3
  54. package/lib/module/utils/signature.js.map +0 -1
  55. package/lib/typescript/utils/signature.d.ts +0 -2
  56. package/lib/typescript/utils/signature.d.ts.map +0 -1
  57. package/src/utils/signature.ts +0 -4
@@ -0,0 +1,225 @@
1
+ import { decode as decodeJwt, sha256ToBase64 } from "@pagopa/io-react-native-jwt";
2
+ import { SignJWT, thumbprint } from "@pagopa/io-react-native-jwt";
3
+ import { JWK } from "../utils/jwk";
4
+ import uuid from "react-native-uuid";
5
+ import { PidIssuingError } from "../utils/errors";
6
+ import { getUnsignedDPop } from "../utils/dpop";
7
+ import { sign, generate, deleteKey } from "@pagopa/io-react-native-crypto";
8
+
9
+ // This is a temporary type that will be used for demo purposes only
10
+
11
+ export class Issuing {
12
+ constructor(pidProviderBaseUrl, walletProviderBaseUrl, walletInstanceAttestation, clientId) {
13
+ let appFetch = arguments.length > 4 && arguments[4] !== undefined ? arguments[4] : fetch;
14
+ this.pidProviderBaseUrl = pidProviderBaseUrl;
15
+ this.walletProviderBaseUrl = walletProviderBaseUrl;
16
+ this.state = `${uuid.v4()}`;
17
+ this.codeVerifier = `${uuid.v4()}`;
18
+ this.authorizationCode = `${uuid.v4()}`;
19
+ this.walletInstanceAttestation = walletInstanceAttestation;
20
+ this.clientId = clientId;
21
+ this.appFetch = appFetch;
22
+ }
23
+
24
+ /**
25
+ * Return the unsigned jwt to call the PAR request.
26
+ *
27
+ * @function
28
+ * @param jwk The wallet instance attestation public JWK
29
+ *
30
+ * @returns Unsigned jwt
31
+ *
32
+ */
33
+ async getUnsignedJwtForPar(jwk) {
34
+ const parsedJwk = JWK.parse(jwk);
35
+ const keyThumbprint = await thumbprint(parsedJwk);
36
+ const publicKey = {
37
+ ...parsedJwk,
38
+ kid: keyThumbprint
39
+ };
40
+ const codeChallenge = await sha256ToBase64(this.codeVerifier);
41
+ const unsignedJwtForPar = new SignJWT({
42
+ client_assertion_type: "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
43
+ authorization_details: [{
44
+ credentialDefinition: {
45
+ type: ["eu.eudiw.pid.it"]
46
+ },
47
+ format: "vc+sd-jwt",
48
+ type: "type"
49
+ }],
50
+ response_type: "code",
51
+ code_challenge_method: "s256",
52
+ redirect_uri: this.walletProviderBaseUrl,
53
+ state: this.state,
54
+ client_id: this.clientId,
55
+ code_challenge: codeChallenge
56
+ }).setProtectedHeader({
57
+ alg: "ES256",
58
+ kid: publicKey.kid
59
+ }).setIssuedAt().setExpirationTime("1h").toSign();
60
+ return unsignedJwtForPar;
61
+ }
62
+
63
+ /**
64
+ * Make a PAR request to the PID issuer and return the response url
65
+ *
66
+ * @function
67
+ * @param unsignedJwtForPar The unsigned JWT for PAR
68
+ * @param signature The JWT for PAR signature
69
+ *
70
+ * @returns Unsigned PAR url
71
+ *
72
+ */
73
+ async getPar(unsignedJwtForPar, signature) {
74
+ const codeChallenge = await sha256ToBase64(this.codeVerifier);
75
+ const signedJwtForPar = await SignJWT.appendSignature(unsignedJwtForPar, signature);
76
+ const parUrl = new URL("/as/par", this.pidProviderBaseUrl).href;
77
+ const requestBody = {
78
+ response_type: "code",
79
+ client_id: this.clientId,
80
+ code_challenge: codeChallenge,
81
+ code_challenge_method: "S256",
82
+ client_assertion_type: "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
83
+ client_assertion: this.walletInstanceAttestation,
84
+ request: signedJwtForPar
85
+ };
86
+ var formBody = new URLSearchParams(requestBody);
87
+ const response = await this.appFetch(parUrl, {
88
+ method: "POST",
89
+ headers: {
90
+ "Content-Type": "application/x-www-form-urlencoded"
91
+ },
92
+ body: formBody.toString()
93
+ });
94
+ if (response.status === 201) {
95
+ const result = await response.json();
96
+ return result.request_uri;
97
+ }
98
+ throw new PidIssuingError(`Unable to obtain PAR. Response code: ${await response.text()}`);
99
+ }
100
+
101
+ /**
102
+ * Return the unsigned jwt for a generic DPoP
103
+ *
104
+ * @function
105
+ * @param jwk the public key for which the DPoP is to be created
106
+ *
107
+ * @returns Unsigned JWT for DPoP
108
+ *
109
+ */
110
+ async getUnsignedDPoP(jwk) {
111
+ const tokenUrl = new URL("/token", this.pidProviderBaseUrl).href;
112
+ const dPop = getUnsignedDPop(jwk, {
113
+ htm: "POST",
114
+ htu: tokenUrl,
115
+ jti: `${uuid.v4()}`
116
+ });
117
+ return dPop;
118
+ }
119
+
120
+ /**
121
+ * Make an auth token request to the PID issuer
122
+ *
123
+ * @function
124
+ * @returns a token response
125
+ *
126
+ */
127
+ async getAuthToken() {
128
+ //Generate fresh keys for DPoP
129
+ const dPopKeyTag = `${uuid.v4()}`;
130
+ const dPopKey = await generate(dPopKeyTag);
131
+ const unsignedDPopForToken = await this.getUnsignedDPoP(dPopKey);
132
+ const dPopTokenSignature = await sign(unsignedDPopForToken, dPopKeyTag);
133
+ await deleteKey(dPopKeyTag);
134
+ const signedDPop = await SignJWT.appendSignature(unsignedDPopForToken, dPopTokenSignature);
135
+ const decodedJwtDPop = decodeJwt(signedDPop);
136
+ const tokenUrl = decodedJwtDPop.payload.htu;
137
+ const requestBody = {
138
+ grant_type: "authorization code",
139
+ client_id: this.clientId,
140
+ code: this.authorizationCode,
141
+ code_verifier: this.codeVerifier,
142
+ client_assertion_type: "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
143
+ client_assertion: this.walletInstanceAttestation,
144
+ redirect_uri: this.walletProviderBaseUrl
145
+ };
146
+ var formBody = new URLSearchParams(requestBody);
147
+ const response = await this.appFetch(tokenUrl, {
148
+ method: "POST",
149
+ headers: {
150
+ "Content-Type": "application/x-www-form-urlencoded",
151
+ DPoP: signedDPop
152
+ },
153
+ body: formBody.toString()
154
+ });
155
+ if (response.status === 200) {
156
+ return await response.json();
157
+ }
158
+ throw new PidIssuingError(`Unable to obtain token. Response code: ${await response.text()}`);
159
+ }
160
+
161
+ /**
162
+ * Return the unsigned jwt for nonce proof of possession
163
+ *
164
+ * @function
165
+ * @param nonce the nonce
166
+ *
167
+ * @returns Unsigned JWT for nonce proof
168
+ *
169
+ */
170
+ async getUnsignedNonceProof(nonce) {
171
+ const unsignedProof = new SignJWT({
172
+ nonce
173
+ }).setProtectedHeader({
174
+ alg: "ES256",
175
+ type: "openid4vci-proof+jwt"
176
+ }).setAudience(this.walletProviderBaseUrl).setIssuer(this.clientId).setIssuedAt().setExpirationTime("1h").toSign();
177
+ return unsignedProof;
178
+ }
179
+
180
+ /**
181
+ * Make the credential issuing request to the PID issuer
182
+ *
183
+ * @function
184
+ * @param unsignedDPopForPid The unsigned JWT for PID DPoP
185
+ * @param dPopPidSignature The JWT for PID DPoP signature
186
+ * @param unsignedNonceProof The unsigned JWT for nonce proof
187
+ * @param nonceProofSignature The JWT for nonce proof signature
188
+ * @param accessToken The access token obtained with getAuthToken
189
+ * @param cieData Personal data read by the CIE
190
+ *
191
+ * @returns a credential
192
+ *
193
+ */
194
+ async getCredential(unsignedDPopForPid, dPopPidSignature, unsignedNonceProof, nonceProofSignature, accessToken, cieData) {
195
+ const signedDPopForPid = await SignJWT.appendSignature(unsignedDPopForPid, dPopPidSignature);
196
+ const signedNonceProof = await SignJWT.appendSignature(unsignedNonceProof, nonceProofSignature);
197
+ const credentialUrl = new URL("/credential", this.pidProviderBaseUrl).href;
198
+ const requestBody = {
199
+ credential_definition: JSON.stringify({
200
+ type: ["eu.eudiw.pid.it"]
201
+ }),
202
+ format: "vc+sd-jwt",
203
+ proof: JSON.stringify({
204
+ jwt: signedNonceProof,
205
+ cieData,
206
+ proof_type: "jwt"
207
+ })
208
+ };
209
+ const formBody = new URLSearchParams(requestBody);
210
+ const response = await this.appFetch(credentialUrl, {
211
+ method: "POST",
212
+ headers: {
213
+ "Content-Type": "application/x-www-form-urlencoded",
214
+ DPoP: signedDPopForPid,
215
+ Authorization: accessToken
216
+ },
217
+ body: formBody.toString()
218
+ });
219
+ if (response.status === 200) {
220
+ return await response.json();
221
+ }
222
+ throw new PidIssuingError(`Unable to obtain credential!`);
223
+ }
224
+ }
225
+ //# sourceMappingURL=issuing.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"names":["decode","decodeJwt","sha256ToBase64","SignJWT","thumbprint","JWK","uuid","PidIssuingError","getUnsignedDPop","sign","generate","deleteKey","Issuing","constructor","pidProviderBaseUrl","walletProviderBaseUrl","walletInstanceAttestation","clientId","appFetch","arguments","length","undefined","fetch","state","v4","codeVerifier","authorizationCode","getUnsignedJwtForPar","jwk","parsedJwk","parse","keyThumbprint","publicKey","kid","codeChallenge","unsignedJwtForPar","client_assertion_type","authorization_details","credentialDefinition","type","format","response_type","code_challenge_method","redirect_uri","client_id","code_challenge","setProtectedHeader","alg","setIssuedAt","setExpirationTime","toSign","getPar","signature","signedJwtForPar","appendSignature","parUrl","URL","href","requestBody","client_assertion","request","formBody","URLSearchParams","response","method","headers","body","toString","status","result","json","request_uri","text","getUnsignedDPoP","tokenUrl","dPop","htm","htu","jti","getAuthToken","dPopKeyTag","dPopKey","unsignedDPopForToken","dPopTokenSignature","signedDPop","decodedJwtDPop","payload","grant_type","code","code_verifier","DPoP","getUnsignedNonceProof","nonce","unsignedProof","setAudience","setIssuer","getCredential","unsignedDPopForPid","dPopPidSignature","unsignedNonceProof","nonceProofSignature","accessToken","cieData","signedDPopForPid","signedNonceProof","credentialUrl","credential_definition","JSON","stringify","proof","jwt","proof_type","Authorization"],"sourceRoot":"../../../src","sources":["pid/issuing.ts"],"mappings":"AAAA,SACEA,MAAM,IAAIC,SAAS,EACnBC,cAAc,QACT,6BAA6B;AAEpC,SAASC,OAAO,EAAEC,UAAU,QAAQ,6BAA6B;AACjE,SAASC,GAAG,QAAQ,cAAc;AAClC,OAAOC,IAAI,MAAM,mBAAmB;AACpC,SAASC,eAAe,QAAQ,iBAAiB;AACjD,SAASC,eAAe,QAAQ,eAAe;AAC/C,SAASC,IAAI,EAAEC,QAAQ,EAAEC,SAAS,QAAQ,gCAAgC;;AAE1E;;AAgBA,OAAO,MAAMC,OAAO,CAAC;EAUnBC,WAAWA,CACTC,kBAA0B,EAC1BC,qBAA6B,EAC7BC,yBAAiC,EACjCC,QAAgB,EAEhB;IAAA,IADAC,QAA8B,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAGG,KAAK;IAEtC,IAAI,CAACR,kBAAkB,GAAGA,kBAAkB;IAC5C,IAAI,CAACC,qBAAqB,GAAGA,qBAAqB;IAClD,IAAI,CAACQ,KAAK,GAAI,GAAEjB,IAAI,CAACkB,EAAE,CAAC,CAAE,EAAC;IAC3B,IAAI,CAACC,YAAY,GAAI,GAAEnB,IAAI,CAACkB,EAAE,CAAC,CAAE,EAAC;IAClC,IAAI,CAACE,iBAAiB,GAAI,GAAEpB,IAAI,CAACkB,EAAE,CAAC,CAAE,EAAC;IACvC,IAAI,CAACR,yBAAyB,GAAGA,yBAAyB;IAC1D,IAAI,CAACC,QAAQ,GAAGA,QAAQ;IACxB,IAAI,CAACC,QAAQ,GAAGA,QAAQ;EAC1B;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMS,oBAAoBA,CAACC,GAAQ,EAAmB;IACpD,MAAMC,SAAS,GAAGxB,GAAG,CAACyB,KAAK,CAACF,GAAG,CAAC;IAChC,MAAMG,aAAa,GAAG,MAAM3B,UAAU,CAACyB,SAAS,CAAC;IACjD,MAAMG,SAAS,GAAG;MAAE,GAAGH,SAAS;MAAEI,GAAG,EAAEF;IAAc,CAAC;IACtD,MAAMG,aAAa,GAAG,MAAMhC,cAAc,CAAC,IAAI,CAACuB,YAAY,CAAC;IAE7D,MAAMU,iBAAiB,GAAG,IAAIhC,OAAO,CAAC;MACpCiC,qBAAqB,EACnB,wDAAwD;MAC1DC,qBAAqB,EAAE,CACrB;QACEC,oBAAoB,EAAE;UACpBC,IAAI,EAAE,CAAC,iBAAiB;QAC1B,CAAC;QACDC,MAAM,EAAE,WAAW;QACnBD,IAAI,EAAE;MACR,CAAC,CACF;MACDE,aAAa,EAAE,MAAM;MACrBC,qBAAqB,EAAE,MAAM;MAC7BC,YAAY,EAAE,IAAI,CAAC5B,qBAAqB;MACxCQ,KAAK,EAAE,IAAI,CAACA,KAAK;MACjBqB,SAAS,EAAE,IAAI,CAAC3B,QAAQ;MACxB4B,cAAc,EAAEX;IAClB,CAAC,CAAC,CACCY,kBAAkB,CAAC;MAClBC,GAAG,EAAE,OAAO;MACZd,GAAG,EAAED,SAAS,CAACC;IACjB,CAAC,CAAC,CACDe,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,MAAM,CAAC,CAAC;IAEX,OAAOf,iBAAiB;EAC1B;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMgB,MAAMA,CAAChB,iBAAyB,EAAEiB,SAAiB,EAAmB;IAC1E,MAAMlB,aAAa,GAAG,MAAMhC,cAAc,CAAC,IAAI,CAACuB,YAAY,CAAC;IAC7D,MAAM4B,eAAe,GAAG,MAAMlD,OAAO,CAACmD,eAAe,CACnDnB,iBAAiB,EACjBiB,SACF,CAAC;IAED,MAAMG,MAAM,GAAG,IAAIC,GAAG,CAAC,SAAS,EAAE,IAAI,CAAC1C,kBAAkB,CAAC,CAAC2C,IAAI;IAE/D,MAAMC,WAAW,GAAG;MAClBjB,aAAa,EAAE,MAAM;MACrBG,SAAS,EAAE,IAAI,CAAC3B,QAAQ;MACxB4B,cAAc,EAAEX,aAAa;MAC7BQ,qBAAqB,EAAE,MAAM;MAC7BN,qBAAqB,EACnB,wDAAwD;MAC1DuB,gBAAgB,EAAE,IAAI,CAAC3C,yBAAyB;MAChD4C,OAAO,EAAEP;IACX,CAAC;IAED,IAAIQ,QAAQ,GAAG,IAAIC,eAAe,CAACJ,WAAW,CAAC;IAE/C,MAAMK,QAAQ,GAAG,MAAM,IAAI,CAAC7C,QAAQ,CAACqC,MAAM,EAAE;MAC3CS,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE;MAClB,CAAC;MACDC,IAAI,EAAEL,QAAQ,CAACM,QAAQ,CAAC;IAC1B,CAAC,CAAC;IAEF,IAAIJ,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAMC,MAAM,GAAG,MAAMN,QAAQ,CAACO,IAAI,CAAC,CAAC;MACpC,OAAOD,MAAM,CAACE,WAAW;IAC3B;IAEA,MAAM,IAAIhE,eAAe,CACtB,wCAAuC,MAAMwD,QAAQ,CAACS,IAAI,CAAC,CAAE,EAChE,CAAC;EACH;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMC,eAAeA,CAAC7C,GAAQ,EAAmB;IAC/C,MAAM8C,QAAQ,GAAG,IAAIlB,GAAG,CAAC,QAAQ,EAAE,IAAI,CAAC1C,kBAAkB,CAAC,CAAC2C,IAAI;IAChE,MAAMkB,IAAI,GAAGnE,eAAe,CAACoB,GAAG,EAAE;MAChCgD,GAAG,EAAE,MAAM;MACXC,GAAG,EAAEH,QAAQ;MACbI,GAAG,EAAG,GAAExE,IAAI,CAACkB,EAAE,CAAC,CAAE;IACpB,CAAC,CAAC;IACF,OAAOmD,IAAI;EACb;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;EACE,MAAMI,YAAYA,CAAA,EAA2B;IAC3C;IACA,MAAMC,UAAU,GAAI,GAAE1E,IAAI,CAACkB,EAAE,CAAC,CAAE,EAAC;IACjC,MAAMyD,OAAO,GAAG,MAAMvE,QAAQ,CAACsE,UAAU,CAAC;IAC1C,MAAME,oBAAoB,GAAG,MAAM,IAAI,CAACT,eAAe,CAACQ,OAAO,CAAC;IAChE,MAAME,kBAAkB,GAAG,MAAM1E,IAAI,CAACyE,oBAAoB,EAAEF,UAAU,CAAC;IACvE,MAAMrE,SAAS,CAACqE,UAAU,CAAC;IAE3B,MAAMI,UAAU,GAAG,MAAMjF,OAAO,CAACmD,eAAe,CAC9C4B,oBAAoB,EACpBC,kBACF,CAAC;IACD,MAAME,cAAc,GAAGpF,SAAS,CAACmF,UAAU,CAAC;IAC5C,MAAMV,QAAQ,GAAGW,cAAc,CAACC,OAAO,CAACT,GAAa;IACrD,MAAMnB,WAAW,GAAG;MAClB6B,UAAU,EAAE,oBAAoB;MAChC3C,SAAS,EAAE,IAAI,CAAC3B,QAAQ;MACxBuE,IAAI,EAAE,IAAI,CAAC9D,iBAAiB;MAC5B+D,aAAa,EAAE,IAAI,CAAChE,YAAY;MAChCW,qBAAqB,EACnB,wDAAwD;MAC1DuB,gBAAgB,EAAE,IAAI,CAAC3C,yBAAyB;MAChD2B,YAAY,EAAE,IAAI,CAAC5B;IACrB,CAAC;IACD,IAAI8C,QAAQ,GAAG,IAAIC,eAAe,CAACJ,WAAW,CAAC;IAE/C,MAAMK,QAAQ,GAAG,MAAM,IAAI,CAAC7C,QAAQ,CAACwD,QAAQ,EAAE;MAC7CV,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE,mCAAmC;QACnDyB,IAAI,EAAEN;MACR,CAAC;MACDlB,IAAI,EAAEL,QAAQ,CAACM,QAAQ,CAAC;IAC1B,CAAC,CAAC;IAEF,IAAIJ,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,OAAO,MAAML,QAAQ,CAACO,IAAI,CAAC,CAAC;IAC9B;IAEA,MAAM,IAAI/D,eAAe,CACtB,0CAAyC,MAAMwD,QAAQ,CAACS,IAAI,CAAC,CAAE,EAClE,CAAC;EACH;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMmB,qBAAqBA,CAACC,KAAa,EAAmB;IAC1D,MAAMC,aAAa,GAAG,IAAI1F,OAAO,CAAC;MAChCyF;IACF,CAAC,CAAC,CACC9C,kBAAkB,CAAC;MAClBC,GAAG,EAAE,OAAO;MACZR,IAAI,EAAE;IACR,CAAC,CAAC,CACDuD,WAAW,CAAC,IAAI,CAAC/E,qBAAqB,CAAC,CACvCgF,SAAS,CAAC,IAAI,CAAC9E,QAAQ,CAAC,CACxB+B,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,MAAM,CAAC,CAAC;IACX,OAAO2C,aAAa;EACtB;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMG,aAAaA,CACjBC,kBAA0B,EAC1BC,gBAAwB,EACxBC,kBAA0B,EAC1BC,mBAA2B,EAC3BC,WAAmB,EACnBC,OAAgB,EACM;IACtB,MAAMC,gBAAgB,GAAG,MAAMpG,OAAO,CAACmD,eAAe,CACpD2C,kBAAkB,EAClBC,gBACF,CAAC;IACD,MAAMM,gBAAgB,GAAG,MAAMrG,OAAO,CAACmD,eAAe,CACpD6C,kBAAkB,EAClBC,mBACF,CAAC;IACD,MAAMK,aAAa,GAAG,IAAIjD,GAAG,CAAC,aAAa,EAAE,IAAI,CAAC1C,kBAAkB,CAAC,CAAC2C,IAAI;IAE1E,MAAMC,WAAW,GAAG;MAClBgD,qBAAqB,EAAEC,IAAI,CAACC,SAAS,CAAC;QAAErE,IAAI,EAAE,CAAC,iBAAiB;MAAE,CAAC,CAAC;MACpEC,MAAM,EAAE,WAAW;MACnBqE,KAAK,EAAEF,IAAI,CAACC,SAAS,CAAC;QACpBE,GAAG,EAAEN,gBAAgB;QACrBF,OAAO;QACPS,UAAU,EAAE;MACd,CAAC;IACH,CAAC;IACD,MAAMlD,QAAQ,GAAG,IAAIC,eAAe,CAACJ,WAAW,CAAC;IAEjD,MAAMK,QAAQ,GAAG,MAAM,IAAI,CAAC7C,QAAQ,CAACuF,aAAa,EAAE;MAClDzC,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE,mCAAmC;QACnDyB,IAAI,EAAEa,gBAAgB;QACtBS,aAAa,EAAEX;MACjB,CAAC;MACDnC,IAAI,EAAEL,QAAQ,CAACM,QAAQ,CAAC;IAC1B,CAAC,CAAC;IAEF,IAAIJ,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,OAAO,MAAML,QAAQ,CAACO,IAAI,CAAC,CAAC;IAC9B;IAEA,MAAM,IAAI/D,eAAe,CAAE,8BAA6B,CAAC;EAC3D;AACF"}
@@ -18,7 +18,10 @@ import { verifyDisclosure } from "./verifier";
18
18
  *
19
19
  */
20
20
  export const decode = (token, schema) => {
21
- // token are expected in the form "sd-jwt~disclosure0~disclosure1~...~disclosureN"
21
+ // token are expected in the form "sd-jwt~disclosure0~disclosure1~...~disclosureN~"
22
+ if (token.slice(-1) === "~") {
23
+ token = token.slice(0, -1);
24
+ }
22
25
  const [rawSdJwt = "", ...rawDisclosures] = token.split("~");
23
26
 
24
27
  // get the sd-jwt as object
@@ -1 +1 @@
1
- {"version":3,"names":["decode","decodeJwt","verify","verifyJwt","decodeBase64","Disclosure","verifyDisclosure","token","schema","rawSdJwt","rawDisclosures","split","decodedJwt","sdJwt","parse","header","protectedHeader","payload","disclosures","map","e","JSON","publicKey","decoded","claims","verified_claims","verification","_sd","Promise","all","disclosure"],"sourceRoot":"../../../src","sources":["sd-jwt/index.ts"],"mappings":"AAEA,SAASA,MAAM,IAAIC,SAAS,QAAQ,6BAA6B;AACjE,SAASC,MAAM,IAAIC,SAAS,QAAQ,6BAA6B;AAEjE,SAASC,YAAY,QAAQ,6BAA6B;AAC1D,SAASC,UAAU,QAAQ,SAAS;AACpC,SAASC,gBAAgB,QAAQ,YAAY;AAG7C;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMN,MAAM,GAAGA,CACpBO,KAAa,EACbC,MAAS,KAC4C;EACrD;EACA,MAAM,CAACC,QAAQ,GAAG,EAAE,EAAE,GAAGC,cAAc,CAAC,GAAGH,KAAK,CAACI,KAAK,CAAC,GAAG,CAAC;;EAE3D;EACA;EACA,MAAMC,UAAU,GAAGX,SAAS,CAACQ,QAAQ,CAAC;EACtC,MAAMI,KAAK,GAAGL,MAAM,CAACM,KAAK,CAAC;IACzBC,MAAM,EAAEH,UAAU,CAACI,eAAe;IAClCC,OAAO,EAAEL,UAAU,CAACK;EACtB,CAAC,CAAC;;EAEF;EACA;EACA;EACA,MAAMC,WAAW,GAAGR,cAAc,CAC/BS,GAAG,CAACf,YAAY,CAAC,CACjBe,GAAG,CAAEC,CAAC,IAAKC,IAAI,CAACP,KAAK,CAACM,CAAC,CAAC,CAAC,CACzBD,GAAG,CAAEC,CAAC,IAAKf,UAAU,CAACS,KAAK,CAACM,CAAC,CAAC,CAAC;EAElC,OAAO;IAAEP,KAAK;IAAEK;EAAY,CAAC;AAC/B,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMhB,MAAM,GAAG,MAAAA,CACpBK,KAAa,EACbe,SAAc,EACdd,MAAS,KACqD;EAC9D;EACA,MAAM,CAACC,QAAQ,GAAG,EAAE,CAAC,GAAGF,KAAK,CAACI,KAAK,CAAC,GAAG,CAAC;EACxC,MAAMY,OAAO,GAAGvB,MAAM,CAACO,KAAK,EAAEC,MAAM,CAAC;;EAErC;EACA,MAAML,SAAS,CAACM,QAAQ,EAAEa,SAAS,CAAC;;EAEpC;EACA,MAAME,MAAM,GAAG,CACb,GAAGD,OAAO,CAACV,KAAK,CAACI,OAAO,CAACQ,eAAe,CAACC,YAAY,CAACC,GAAG,EACzD,GAAGJ,OAAO,CAACV,KAAK,CAACI,OAAO,CAACQ,eAAe,CAACD,MAAM,CAACG,GAAG,CACpD;EAED,MAAMC,OAAO,CAACC,GAAG,CACfN,OAAO,CAACL,WAAW,CAACC,GAAG,CACrB,MAAOW,UAAU,IAAK,MAAMxB,gBAAgB,CAACwB,UAAU,EAAEN,MAAM,CACjE,CACF,CAAC;EAED,OAAOD,OAAO;AAChB,CAAC"}
1
+ {"version":3,"names":["decode","decodeJwt","verify","verifyJwt","decodeBase64","Disclosure","verifyDisclosure","token","schema","slice","rawSdJwt","rawDisclosures","split","decodedJwt","sdJwt","parse","header","protectedHeader","payload","disclosures","map","e","JSON","publicKey","decoded","claims","verified_claims","verification","_sd","Promise","all","disclosure"],"sourceRoot":"../../../src","sources":["sd-jwt/index.ts"],"mappings":"AAEA,SAASA,MAAM,IAAIC,SAAS,QAAQ,6BAA6B;AACjE,SAASC,MAAM,IAAIC,SAAS,QAAQ,6BAA6B;AAEjE,SAASC,YAAY,QAAQ,6BAA6B;AAC1D,SAASC,UAAU,QAAQ,SAAS;AACpC,SAASC,gBAAgB,QAAQ,YAAY;AAG7C;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMN,MAAM,GAAGA,CACpBO,KAAa,EACbC,MAAS,KAC4C;EACrD;EACA,IAAID,KAAK,CAACE,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE;IAC3BF,KAAK,GAAGA,KAAK,CAACE,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;EAC5B;EACA,MAAM,CAACC,QAAQ,GAAG,EAAE,EAAE,GAAGC,cAAc,CAAC,GAAGJ,KAAK,CAACK,KAAK,CAAC,GAAG,CAAC;;EAE3D;EACA;EACA,MAAMC,UAAU,GAAGZ,SAAS,CAACS,QAAQ,CAAC;EACtC,MAAMI,KAAK,GAAGN,MAAM,CAACO,KAAK,CAAC;IACzBC,MAAM,EAAEH,UAAU,CAACI,eAAe;IAClCC,OAAO,EAAEL,UAAU,CAACK;EACtB,CAAC,CAAC;;EAEF;EACA;EACA;EACA,MAAMC,WAAW,GAAGR,cAAc,CAC/BS,GAAG,CAAChB,YAAY,CAAC,CACjBgB,GAAG,CAAEC,CAAC,IAAKC,IAAI,CAACP,KAAK,CAACM,CAAC,CAAC,CAAC,CACzBD,GAAG,CAAEC,CAAC,IAAKhB,UAAU,CAACU,KAAK,CAACM,CAAC,CAAC,CAAC;EAElC,OAAO;IAAEP,KAAK;IAAEK;EAAY,CAAC;AAC/B,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMjB,MAAM,GAAG,MAAAA,CACpBK,KAAa,EACbgB,SAAc,EACdf,MAAS,KACqD;EAC9D;EACA,MAAM,CAACE,QAAQ,GAAG,EAAE,CAAC,GAAGH,KAAK,CAACK,KAAK,CAAC,GAAG,CAAC;EACxC,MAAMY,OAAO,GAAGxB,MAAM,CAACO,KAAK,EAAEC,MAAM,CAAC;;EAErC;EACA,MAAML,SAAS,CAACO,QAAQ,EAAEa,SAAS,CAAC;;EAEpC;EACA,MAAME,MAAM,GAAG,CACb,GAAGD,OAAO,CAACV,KAAK,CAACI,OAAO,CAACQ,eAAe,CAACC,YAAY,CAACC,GAAG,EACzD,GAAGJ,OAAO,CAACV,KAAK,CAACI,OAAO,CAACQ,eAAe,CAACD,MAAM,CAACG,GAAG,CACpD;EAED,MAAMC,OAAO,CAACC,GAAG,CACfN,OAAO,CAACL,WAAW,CAACC,GAAG,CACrB,MAAOW,UAAU,IAAK,MAAMzB,gBAAgB,CAACyB,UAAU,EAAEN,MAAM,CACjE,CACF,CAAC;EAED,OAAOD,OAAO;AAChB,CAAC"}
@@ -17,7 +17,7 @@ export const SdJwt4VC = z.object({
17
17
  header: z.object({
18
18
  typ: z.literal("vc+sd-jwt"),
19
19
  alg: z.string(),
20
- kid: z.string(),
20
+ kid: z.string().optional(),
21
21
  trust_chain: z.array(z.string())
22
22
  }),
23
23
  payload: z.object({
@@ -1 +1 @@
1
- {"version":3,"names":["JWK","z","UnixTime","number","min","max","ObfuscatedDisclosures","object","_sd","array","string","Disclosure","tuple","unknown","SdJwt4VC","header","typ","literal","alg","kid","trust_chain","payload","iss","sub","jti","iat","exp","status","cnf","jwk","type","verified_claims","verification","intersection","trust_framework","assurance_level","claims","_sd_alg"],"sourceRoot":"../../../src","sources":["sd-jwt/types.ts"],"mappings":"AAAA,SAASA,GAAG,QAAQ,cAAc;AAClC,SAASC,CAAC,QAAQ,KAAK;AAEvB,OAAO,MAAMC,QAAQ,GAAGD,CAAC,CAACE,MAAM,CAAC,CAAC,CAACC,GAAG,CAAC,CAAC,CAAC,CAACC,GAAG,CAAC,aAAa,CAAC;AAI5D,OAAO,MAAMC,qBAAqB,GAAGL,CAAC,CAACM,MAAM,CAAC;EAAEC,GAAG,EAAEP,CAAC,CAACQ,KAAK,CAACR,CAAC,CAACS,MAAM,CAAC,CAAC;AAAE,CAAC,CAAC;;AAE3E;AACA;AACA;AACA;AACA;AACA;;AAEA,OAAO,MAAMC,UAAU,GAAGV,CAAC,CAACW,KAAK,CAAC,CAChC,UAAWX,CAAC,CAACS,MAAM,CAAC,CAAC,EACrB,gBAAiBT,CAAC,CAACS,MAAM,CAAC,CAAC,EAC3B,iBAAkBT,CAAC,CAACY,OAAO,CAAC,CAAC,CAC9B,CAAC;AAGF,OAAO,MAAMC,QAAQ,GAAGb,CAAC,CAACM,MAAM,CAAC;EAC/BQ,MAAM,EAAEd,CAAC,CAACM,MAAM,CAAC;IACfS,GAAG,EAAEf,CAAC,CAACgB,OAAO,CAAC,WAAW,CAAC;IAC3BC,GAAG,EAAEjB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfS,GAAG,EAAElB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfU,WAAW,EAAEnB,CAAC,CAACQ,KAAK,CAACR,CAAC,CAACS,MAAM,CAAC,CAAC;EACjC,CAAC,CAAC;EACFW,OAAO,EAAEpB,CAAC,CAACM,MAAM,CAAC;IAChBe,GAAG,EAAErB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfa,GAAG,EAAEtB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfc,GAAG,EAAEvB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfe,GAAG,EAAEvB,QAAQ;IACbwB,GAAG,EAAExB,QAAQ;IACbyB,MAAM,EAAE1B,CAAC,CAACS,MAAM,CAAC,CAAC;IAClBkB,GAAG,EAAE3B,CAAC,CAACM,MAAM,CAAC;MACZsB,GAAG,EAAE7B;IACP,CAAC,CAAC;IACF8B,IAAI,EAAE7B,CAAC,CAACgB,OAAO,CAAC,0BAA0B,CAAC;IAC3Cc,eAAe,EAAE9B,CAAC,CAACM,MAAM,CAAC;MACxByB,YAAY,EAAE/B,CAAC,CAACgC,YAAY,CAC1BhC,CAAC,CAACM,MAAM,CAAC;QACP2B,eAAe,EAAEjC,CAAC,CAACgB,OAAO,CAAC,OAAO,CAAC;QACnCkB,eAAe,EAAElC,CAAC,CAACS,MAAM,CAAC;MAC5B,CAAC,CAAC,EACFJ,qBACF,CAAC;MACD8B,MAAM,EAAE9B;IACV,CAAC,CAAC;IACF+B,OAAO,EAAEpC,CAAC,CAACgB,OAAO,CAAC,SAAS;EAC9B,CAAC;AACH,CAAC,CAAC"}
1
+ {"version":3,"names":["JWK","z","UnixTime","number","min","max","ObfuscatedDisclosures","object","_sd","array","string","Disclosure","tuple","unknown","SdJwt4VC","header","typ","literal","alg","kid","optional","trust_chain","payload","iss","sub","jti","iat","exp","status","cnf","jwk","type","verified_claims","verification","intersection","trust_framework","assurance_level","claims","_sd_alg"],"sourceRoot":"../../../src","sources":["sd-jwt/types.ts"],"mappings":"AAAA,SAASA,GAAG,QAAQ,cAAc;AAClC,SAASC,CAAC,QAAQ,KAAK;AAEvB,OAAO,MAAMC,QAAQ,GAAGD,CAAC,CAACE,MAAM,CAAC,CAAC,CAACC,GAAG,CAAC,CAAC,CAAC,CAACC,GAAG,CAAC,aAAa,CAAC;AAI5D,OAAO,MAAMC,qBAAqB,GAAGL,CAAC,CAACM,MAAM,CAAC;EAAEC,GAAG,EAAEP,CAAC,CAACQ,KAAK,CAACR,CAAC,CAACS,MAAM,CAAC,CAAC;AAAE,CAAC,CAAC;;AAE3E;AACA;AACA;AACA;AACA;AACA;;AAEA,OAAO,MAAMC,UAAU,GAAGV,CAAC,CAACW,KAAK,CAAC,CAChC,UAAWX,CAAC,CAACS,MAAM,CAAC,CAAC,EACrB,gBAAiBT,CAAC,CAACS,MAAM,CAAC,CAAC,EAC3B,iBAAkBT,CAAC,CAACY,OAAO,CAAC,CAAC,CAC9B,CAAC;AAGF,OAAO,MAAMC,QAAQ,GAAGb,CAAC,CAACM,MAAM,CAAC;EAC/BQ,MAAM,EAAEd,CAAC,CAACM,MAAM,CAAC;IACfS,GAAG,EAAEf,CAAC,CAACgB,OAAO,CAAC,WAAW,CAAC;IAC3BC,GAAG,EAAEjB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfS,GAAG,EAAElB,CAAC,CAACS,MAAM,CAAC,CAAC,CAACU,QAAQ,CAAC,CAAC;IAC1BC,WAAW,EAAEpB,CAAC,CAACQ,KAAK,CAACR,CAAC,CAACS,MAAM,CAAC,CAAC;EACjC,CAAC,CAAC;EACFY,OAAO,EAAErB,CAAC,CAACM,MAAM,CAAC;IAChBgB,GAAG,EAAEtB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfc,GAAG,EAAEvB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfe,GAAG,EAAExB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfgB,GAAG,EAAExB,QAAQ;IACbyB,GAAG,EAAEzB,QAAQ;IACb0B,MAAM,EAAE3B,CAAC,CAACS,MAAM,CAAC,CAAC;IAClBmB,GAAG,EAAE5B,CAAC,CAACM,MAAM,CAAC;MACZuB,GAAG,EAAE9B;IACP,CAAC,CAAC;IACF+B,IAAI,EAAE9B,CAAC,CAACgB,OAAO,CAAC,0BAA0B,CAAC;IAC3Ce,eAAe,EAAE/B,CAAC,CAACM,MAAM,CAAC;MACxB0B,YAAY,EAAEhC,CAAC,CAACiC,YAAY,CAC1BjC,CAAC,CAACM,MAAM,CAAC;QACP4B,eAAe,EAAElC,CAAC,CAACgB,OAAO,CAAC,OAAO,CAAC;QACnCmB,eAAe,EAAEnC,CAAC,CAACS,MAAM,CAAC;MAC5B,CAAC,CAAC,EACFJ,qBACF,CAAC;MACD+B,MAAM,EAAE/B;IACV,CAAC,CAAC;IACFgC,OAAO,EAAErC,CAAC,CAACgB,OAAO,CAAC,SAAS;EAC9B,CAAC;AACH,CAAC,CAAC"}
@@ -12,6 +12,6 @@ export const DPoPPayload = z.object({
12
12
  jti: z.string(),
13
13
  htm: z.union([z.literal("POST"), z.literal("GET")]),
14
14
  htu: z.string(),
15
- ath: z.string()
15
+ ath: z.string().optional()
16
16
  });
17
17
  //# sourceMappingURL=dpop.js.map
@@ -1 +1 @@
1
- {"version":3,"names":["z","SignJWT","getUnsignedDPop","jwk","payload","dPop","setProtectedHeader","alg","typ","setIssuedAt","setExpirationTime","toSign","DPoPPayload","object","jti","string","htm","union","literal","htu","ath"],"sourceRoot":"../../../src","sources":["utils/dpop.ts"],"mappings":"AAAA,OAAO,KAAKA,CAAC,MAAM,KAAK;AAExB,SAASC,OAAO,QAAQ,6BAA6B;AAGrD,OAAO,MAAMC,eAAe,GAAGA,CAACC,GAAQ,EAAEC,OAAoB,KAAa;EACzE,MAAMC,IAAI,GAAG,IAAIJ,OAAO,CAACG,OAAO,CAAC,CAC9BE,kBAAkB,CAAC;IAClBC,GAAG,EAAE,OAAO;IACZC,GAAG,EAAE,UAAU;IACfL;EACF,CAAC,CAAC,CACDM,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,MAAM,CAAC,CAAC;EACX,OAAON,IAAI;AACb,CAAC;AAGD,OAAO,MAAMO,WAAW,GAAGZ,CAAC,CAACa,MAAM,CAAC;EAClCC,GAAG,EAAEd,CAAC,CAACe,MAAM,CAAC,CAAC;EACfC,GAAG,EAAEhB,CAAC,CAACiB,KAAK,CAAC,CAACjB,CAAC,CAACkB,OAAO,CAAC,MAAM,CAAC,EAAElB,CAAC,CAACkB,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC;EACnDC,GAAG,EAAEnB,CAAC,CAACe,MAAM,CAAC,CAAC;EACfK,GAAG,EAAEpB,CAAC,CAACe,MAAM,CAAC;AAChB,CAAC,CAAC"}
1
+ {"version":3,"names":["z","SignJWT","getUnsignedDPop","jwk","payload","dPop","setProtectedHeader","alg","typ","setIssuedAt","setExpirationTime","toSign","DPoPPayload","object","jti","string","htm","union","literal","htu","ath","optional"],"sourceRoot":"../../../src","sources":["utils/dpop.ts"],"mappings":"AAAA,OAAO,KAAKA,CAAC,MAAM,KAAK;AAExB,SAASC,OAAO,QAAQ,6BAA6B;AAGrD,OAAO,MAAMC,eAAe,GAAGA,CAACC,GAAQ,EAAEC,OAAoB,KAAa;EACzE,MAAMC,IAAI,GAAG,IAAIJ,OAAO,CAACG,OAAO,CAAC,CAC9BE,kBAAkB,CAAC;IAClBC,GAAG,EAAE,OAAO;IACZC,GAAG,EAAE,UAAU;IACfL;EACF,CAAC,CAAC,CACDM,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,MAAM,CAAC,CAAC;EACX,OAAON,IAAI;AACb,CAAC;AAGD,OAAO,MAAMO,WAAW,GAAGZ,CAAC,CAACa,MAAM,CAAC;EAClCC,GAAG,EAAEd,CAAC,CAACe,MAAM,CAAC,CAAC;EACfC,GAAG,EAAEhB,CAAC,CAACiB,KAAK,CAAC,CAACjB,CAAC,CAACkB,OAAO,CAAC,MAAM,CAAC,EAAElB,CAAC,CAACkB,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC;EACnDC,GAAG,EAAEnB,CAAC,CAACe,MAAM,CAAC,CAAC;EACfK,GAAG,EAAEpB,CAAC,CAACe,MAAM,CAAC,CAAC,CAACM,QAAQ,CAAC;AAC3B,CAAC,CAAC"}
@@ -93,4 +93,27 @@ export class AuthRequestDecodeError extends IoWalletError {
93
93
  this.reason = reason;
94
94
  }
95
95
  }
96
+
97
+ /**
98
+ * An error subclass thrown when validation fail
99
+ *
100
+ */
101
+ export class PidIssuingError extends IoWalletError {
102
+ static get code() {
103
+ return "ERR_IO_WALLET_PID_ISSUING_FAILED";
104
+ }
105
+ code = "ERR_IO_WALLET_PID_ISSUING_FAILED";
106
+
107
+ /** The Claim for which the validation failed. */
108
+
109
+ /** Reason code for the validation failure. */
110
+
111
+ constructor(message) {
112
+ let claim = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : "unspecified";
113
+ let reason = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : "unspecified";
114
+ super(message);
115
+ this.claim = claim;
116
+ this.reason = reason;
117
+ }
118
+ }
96
119
  //# sourceMappingURL=errors.js.map
@@ -1 +1 @@
1
- {"version":3,"names":["IoWalletError","Error","code","constructor","message","_Error$captureStackTr","name","captureStackTrace","call","ValidationFailed","claim","arguments","length","undefined","reason","WalletInstanceAttestationIssuingError","AuthRequestDecodeError"],"sourceRoot":"../../../src","sources":["utils/errors.ts"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMA,aAAa,SAASC,KAAK,CAAC;EACvC;EACA,WAAWC,IAAIA,CAAA,EAAW;IACxB,OAAO,uBAAuB;EAChC;;EAEA;EACAA,IAAI,GAAW,uBAAuB;EAEtCC,WAAWA,CAACC,OAAgB,EAAE;IAAA,IAAAC,qBAAA;IAC5B,KAAK,CAACD,OAAO,CAAC;IACd,IAAI,CAACE,IAAI,GAAG,IAAI,CAACH,WAAW,CAACG,IAAI;IACjC;IACA,CAAAD,qBAAA,GAAAJ,KAAK,CAACM,iBAAiB,cAAAF,qBAAA,uBAAvBA,qBAAA,CAAAG,IAAA,CAAAP,KAAK,EAAqB,IAAI,EAAE,IAAI,CAACE,WAAW,CAAC;EACnD;AACF;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMM,gBAAgB,SAAST,aAAa,CAAC;EAClD,WAAWE,IAAIA,CAAA,EAAsC;IACnD,OAAO,iCAAiC;EAC1C;EAEAA,IAAI,GAAG,iCAAiC;;EAExC;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CM,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACP,OAAO,CAAC;IACd,IAAI,CAACM,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AACA,OAAO,MAAMC,qCAAqC,SAASf,aAAa,CAAC;EACvE,WAAWE,IAAIA,CAAA,EAAwD;IACrE,OAAO,mDAAmD;EAC5D;EAEAA,IAAI,GAAG,mDAAmD;;EAE1D;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CM,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACP,OAAO,CAAC;IACd,IAAI,CAACM,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AACA,OAAO,MAAME,sBAAsB,SAAShB,aAAa,CAAC;EACxD,WAAWE,IAAIA,CAAA,EAAyD;IACtE,OAAO,oDAAoD;EAC7D;EAEAA,IAAI,GAAG,oDAAoD;;EAE3D;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CM,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACP,OAAO,CAAC;IACd,IAAI,CAACM,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF"}
1
+ {"version":3,"names":["IoWalletError","Error","code","constructor","message","_Error$captureStackTr","name","captureStackTrace","call","ValidationFailed","claim","arguments","length","undefined","reason","WalletInstanceAttestationIssuingError","AuthRequestDecodeError","PidIssuingError"],"sourceRoot":"../../../src","sources":["utils/errors.ts"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMA,aAAa,SAASC,KAAK,CAAC;EACvC;EACA,WAAWC,IAAIA,CAAA,EAAW;IACxB,OAAO,uBAAuB;EAChC;;EAEA;EACAA,IAAI,GAAW,uBAAuB;EAEtCC,WAAWA,CAACC,OAAgB,EAAE;IAAA,IAAAC,qBAAA;IAC5B,KAAK,CAACD,OAAO,CAAC;IACd,IAAI,CAACE,IAAI,GAAG,IAAI,CAACH,WAAW,CAACG,IAAI;IACjC;IACA,CAAAD,qBAAA,GAAAJ,KAAK,CAACM,iBAAiB,cAAAF,qBAAA,uBAAvBA,qBAAA,CAAAG,IAAA,CAAAP,KAAK,EAAqB,IAAI,EAAE,IAAI,CAACE,WAAW,CAAC;EACnD;AACF;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMM,gBAAgB,SAAST,aAAa,CAAC;EAClD,WAAWE,IAAIA,CAAA,EAAsC;IACnD,OAAO,iCAAiC;EAC1C;EAEAA,IAAI,GAAG,iCAAiC;;EAExC;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CM,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACP,OAAO,CAAC;IACd,IAAI,CAACM,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AACA,OAAO,MAAMC,qCAAqC,SAASf,aAAa,CAAC;EACvE,WAAWE,IAAIA,CAAA,EAAwD;IACrE,OAAO,mDAAmD;EAC5D;EAEAA,IAAI,GAAG,mDAAmD;;EAE1D;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CM,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACP,OAAO,CAAC;IACd,IAAI,CAACM,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AACA,OAAO,MAAME,sBAAsB,SAAShB,aAAa,CAAC;EACxD,WAAWE,IAAIA,CAAA,EAAyD;IACtE,OAAO,oDAAoD;EAC7D;EAEAA,IAAI,GAAG,oDAAoD;;EAE3D;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CM,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACP,OAAO,CAAC;IACd,IAAI,CAACM,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AACA,OAAO,MAAMG,eAAe,SAASjB,aAAa,CAAC;EACjD,WAAWE,IAAIA,CAAA,EAAuC;IACpD,OAAO,kCAAkC;EAC3C;EAEAA,IAAI,GAAG,kCAAkC;;EAEzC;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CM,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACP,OAAO,CAAC;IACd,IAAI,CAACM,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF"}
@@ -3,6 +3,5 @@ import * as RP from "./rp";
3
3
  import * as Errors from "./utils/errors";
4
4
  import * as WalletInstanceAttestation from "./wallet-instance-attestation";
5
5
  import { getUnsignedDPop } from "./utils/dpop";
6
- import { getSignedJwt } from "./utils/signature";
7
- export { PID, RP, WalletInstanceAttestation, Errors, getUnsignedDPop, getSignedJwt, };
6
+ export { PID, RP, WalletInstanceAttestation, Errors, getUnsignedDPop };
8
7
  //# sourceMappingURL=index.d.ts.map
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,GAAG,MAAM,OAAO,CAAC;AAC7B,OAAO,KAAK,EAAE,MAAM,MAAM,CAAC;AAC3B,OAAO,KAAK,MAAM,MAAM,gBAAgB,CAAC;AACzC,OAAO,KAAK,yBAAyB,MAAM,+BAA+B,CAAC;AAC3E,OAAO,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AAC/C,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AAEjD,OAAO,EACL,GAAG,EACH,EAAE,EACF,yBAAyB,EACzB,MAAM,EACN,eAAe,EACf,YAAY,GACb,CAAC"}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,GAAG,MAAM,OAAO,CAAC;AAC7B,OAAO,KAAK,EAAE,MAAM,MAAM,CAAC;AAC3B,OAAO,KAAK,MAAM,MAAM,gBAAgB,CAAC;AACzC,OAAO,KAAK,yBAAyB,MAAM,+BAA+B,CAAC;AAC3E,OAAO,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AAE/C,OAAO,EAAE,GAAG,EAAE,EAAE,EAAE,yBAAyB,EAAE,MAAM,EAAE,eAAe,EAAE,CAAC"}
@@ -1,3 +1,4 @@
1
1
  import * as SdJwt from "./sd-jwt";
2
- export { SdJwt };
2
+ import { Issuing } from "./issuing";
3
+ export { SdJwt, Issuing };
3
4
  //# sourceMappingURL=index.d.ts.map
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/pid/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,KAAK,MAAM,UAAU,CAAC;AAClC,OAAO,EAAE,KAAK,EAAE,CAAC"}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/pid/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,KAAK,MAAM,UAAU,CAAC;AAClC,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC"}
@@ -0,0 +1,93 @@
1
+ import { JWK } from "../utils/jwk";
2
+ export type CieData = {
3
+ birthDate: string;
4
+ fiscalCode: string;
5
+ name: string;
6
+ surname: string;
7
+ };
8
+ export type TokenResponse = {
9
+ access_token: string;
10
+ c_nonce: string;
11
+ };
12
+ export type PidResponse = {
13
+ credential: string;
14
+ c_nonce: string;
15
+ c_nonce_expires_in: number;
16
+ format: string;
17
+ };
18
+ export declare class Issuing {
19
+ pidProviderBaseUrl: string;
20
+ walletProviderBaseUrl: string;
21
+ walletInstanceAttestation: string;
22
+ codeVerifier: string;
23
+ clientId: string;
24
+ state: string;
25
+ authorizationCode: string;
26
+ appFetch: GlobalFetch["fetch"];
27
+ constructor(pidProviderBaseUrl: string, walletProviderBaseUrl: string, walletInstanceAttestation: string, clientId: string, appFetch?: GlobalFetch["fetch"]);
28
+ /**
29
+ * Return the unsigned jwt to call the PAR request.
30
+ *
31
+ * @function
32
+ * @param jwk The wallet instance attestation public JWK
33
+ *
34
+ * @returns Unsigned jwt
35
+ *
36
+ */
37
+ getUnsignedJwtForPar(jwk: JWK): Promise<string>;
38
+ /**
39
+ * Make a PAR request to the PID issuer and return the response url
40
+ *
41
+ * @function
42
+ * @param unsignedJwtForPar The unsigned JWT for PAR
43
+ * @param signature The JWT for PAR signature
44
+ *
45
+ * @returns Unsigned PAR url
46
+ *
47
+ */
48
+ getPar(unsignedJwtForPar: string, signature: string): Promise<string>;
49
+ /**
50
+ * Return the unsigned jwt for a generic DPoP
51
+ *
52
+ * @function
53
+ * @param jwk the public key for which the DPoP is to be created
54
+ *
55
+ * @returns Unsigned JWT for DPoP
56
+ *
57
+ */
58
+ getUnsignedDPoP(jwk: JWK): Promise<string>;
59
+ /**
60
+ * Make an auth token request to the PID issuer
61
+ *
62
+ * @function
63
+ * @returns a token response
64
+ *
65
+ */
66
+ getAuthToken(): Promise<TokenResponse>;
67
+ /**
68
+ * Return the unsigned jwt for nonce proof of possession
69
+ *
70
+ * @function
71
+ * @param nonce the nonce
72
+ *
73
+ * @returns Unsigned JWT for nonce proof
74
+ *
75
+ */
76
+ getUnsignedNonceProof(nonce: string): Promise<string>;
77
+ /**
78
+ * Make the credential issuing request to the PID issuer
79
+ *
80
+ * @function
81
+ * @param unsignedDPopForPid The unsigned JWT for PID DPoP
82
+ * @param dPopPidSignature The JWT for PID DPoP signature
83
+ * @param unsignedNonceProof The unsigned JWT for nonce proof
84
+ * @param nonceProofSignature The JWT for nonce proof signature
85
+ * @param accessToken The access token obtained with getAuthToken
86
+ * @param cieData Personal data read by the CIE
87
+ *
88
+ * @returns a credential
89
+ *
90
+ */
91
+ getCredential(unsignedDPopForPid: string, dPopPidSignature: string, unsignedNonceProof: string, nonceProofSignature: string, accessToken: string, cieData: CieData): Promise<PidResponse>;
92
+ }
93
+ //# sourceMappingURL=issuing.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"issuing.d.ts","sourceRoot":"","sources":["../../../src/pid/issuing.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,GAAG,EAAE,MAAM,cAAc,CAAC;AAOnC,MAAM,MAAM,OAAO,GAAG;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;CACjB,CAAC;AAEF,MAAM,MAAM,aAAa,GAAG;IAAE,YAAY,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,CAAC;AACtE,MAAM,MAAM,WAAW,GAAG;IACxB,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,MAAM,EAAE,MAAM,CAAC;CAChB,CAAC;AAEF,qBAAa,OAAO;IAClB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,qBAAqB,EAAE,MAAM,CAAC;IAC9B,yBAAyB,EAAE,MAAM,CAAC;IAClC,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,iBAAiB,EAAE,MAAM,CAAC;IAC1B,QAAQ,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC;gBAG7B,kBAAkB,EAAE,MAAM,EAC1B,qBAAqB,EAAE,MAAM,EAC7B,yBAAyB,EAAE,MAAM,EACjC,QAAQ,EAAE,MAAM,EAChB,QAAQ,GAAE,WAAW,CAAC,OAAO,CAAS;IAYxC;;;;;;;;OAQG;IACG,oBAAoB,CAAC,GAAG,EAAE,GAAG,GAAG,OAAO,CAAC,MAAM,CAAC;IAoCrD;;;;;;;;;OASG;IACG,MAAM,CAAC,iBAAiB,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAwC3E;;;;;;;;OAQG;IACG,eAAe,CAAC,GAAG,EAAE,GAAG,GAAG,OAAO,CAAC,MAAM,CAAC;IAUhD;;;;;;OAMG;IACG,YAAY,IAAI,OAAO,CAAC,aAAa,CAAC;IA4C5C;;;;;;;;OAQG;IACG,qBAAqB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAgB3D;;;;;;;;;;;;;OAaG;IACG,aAAa,CACjB,kBAAkB,EAAE,MAAM,EAC1B,gBAAgB,EAAE,MAAM,EACxB,kBAAkB,EAAE,MAAM,EAC1B,mBAAmB,EAAE,MAAM,EAC3B,WAAW,EAAE,MAAM,EACnB,OAAO,EAAE,OAAO,GACf,OAAO,CAAC,WAAW,CAAC;CAsCxB"}
@@ -33,24 +33,24 @@ export declare const RequestObject: z.ZodObject<{
33
33
  iss: string;
34
34
  iat: number;
35
35
  exp: number;
36
+ response_type: "vp_token";
36
37
  state: string;
38
+ client_id: string;
37
39
  nonce: string;
38
40
  response_uri: string;
39
- response_type: "vp_token";
40
41
  response_mode: "direct_post.jwt";
41
- client_id: string;
42
42
  client_id_scheme: "entity_id";
43
43
  scope: string;
44
44
  }, {
45
45
  iss: string;
46
46
  iat: number;
47
47
  exp: number;
48
+ response_type: "vp_token";
48
49
  state: string;
50
+ client_id: string;
49
51
  nonce: string;
50
52
  response_uri: string;
51
- response_type: "vp_token";
52
53
  response_mode: "direct_post.jwt";
53
- client_id: string;
54
54
  client_id_scheme: "entity_id";
55
55
  scope: string;
56
56
  }>;
@@ -65,12 +65,12 @@ export declare const RequestObject: z.ZodObject<{
65
65
  iss: string;
66
66
  iat: number;
67
67
  exp: number;
68
+ response_type: "vp_token";
68
69
  state: string;
70
+ client_id: string;
69
71
  nonce: string;
70
72
  response_uri: string;
71
- response_type: "vp_token";
72
73
  response_mode: "direct_post.jwt";
73
- client_id: string;
74
74
  client_id_scheme: "entity_id";
75
75
  scope: string;
76
76
  };
@@ -85,12 +85,12 @@ export declare const RequestObject: z.ZodObject<{
85
85
  iss: string;
86
86
  iat: number;
87
87
  exp: number;
88
+ response_type: "vp_token";
88
89
  state: string;
90
+ client_id: string;
89
91
  nonce: string;
90
92
  response_uri: string;
91
- response_type: "vp_token";
92
93
  response_mode: "direct_post.jwt";
93
- client_id: string;
94
94
  client_id_scheme: "entity_id";
95
95
  scope: string;
96
96
  };
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/sd-jwt/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAMxB,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AAErC,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,eAAe,CAAC;AAEzC;;;;;;;;;;;;;GAaG;AACH,eAAO,MAAM,MAAM,oCACV,MAAM;;iBAEsB,UAAU,EAAE;CAqBhD,CAAC;AAEF;;;;;;;;;;;;;;;GAeG;AACH,eAAO,MAAM,MAAM,oCACV,MAAM,aACF,GAAG;;iBAE6B,UAAU,EAAE;EAqBxD,CAAC"}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/sd-jwt/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAMxB,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AAErC,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,eAAe,CAAC;AAEzC;;;;;;;;;;;;;GAaG;AACH,eAAO,MAAM,MAAM,oCACV,MAAM;;iBAEsB,UAAU,EAAE;CAwBhD,CAAC;AAEF;;;;;;;;;;;;;;;GAeG;AACH,eAAO,MAAM,MAAM,oCACV,MAAM,aACF,GAAG;;iBAE6B,UAAU,EAAE;EAqBxD,CAAC"}
@@ -22,18 +22,18 @@ export declare const SdJwt4VC: z.ZodObject<{
22
22
  header: z.ZodObject<{
23
23
  typ: z.ZodLiteral<"vc+sd-jwt">;
24
24
  alg: z.ZodString;
25
- kid: z.ZodString;
25
+ kid: z.ZodOptional<z.ZodString>;
26
26
  trust_chain: z.ZodArray<z.ZodString, "many">;
27
27
  }, "strip", z.ZodTypeAny, {
28
28
  alg: string;
29
- kid: string;
30
29
  typ: "vc+sd-jwt";
31
30
  trust_chain: string[];
31
+ kid?: string | undefined;
32
32
  }, {
33
33
  alg: string;
34
- kid: string;
35
34
  typ: "vc+sd-jwt";
36
35
  trust_chain: string[];
36
+ kid?: string | undefined;
37
37
  }>;
38
38
  payload: z.ZodObject<{
39
39
  iss: z.ZodString;
@@ -307,9 +307,9 @@ export declare const SdJwt4VC: z.ZodObject<{
307
307
  }, "strip", z.ZodTypeAny, {
308
308
  header: {
309
309
  alg: string;
310
- kid: string;
311
310
  typ: "vc+sd-jwt";
312
311
  trust_chain: string[];
312
+ kid?: string | undefined;
313
313
  };
314
314
  payload: {
315
315
  type: "PersonIdentificationData";
@@ -361,9 +361,9 @@ export declare const SdJwt4VC: z.ZodObject<{
361
361
  }, {
362
362
  header: {
363
363
  alg: string;
364
- kid: string;
365
364
  typ: "vc+sd-jwt";
366
365
  trust_chain: string[];
366
+ kid?: string | undefined;
367
367
  };
368
368
  payload: {
369
369
  type: "PersonIdentificationData";
@@ -6,16 +6,16 @@ export declare const DPoPPayload: z.ZodObject<{
6
6
  jti: z.ZodString;
7
7
  htm: z.ZodUnion<[z.ZodLiteral<"POST">, z.ZodLiteral<"GET">]>;
8
8
  htu: z.ZodString;
9
- ath: z.ZodString;
9
+ ath: z.ZodOptional<z.ZodString>;
10
10
  }, "strip", z.ZodTypeAny, {
11
11
  jti: string;
12
- htm: "GET" | "POST";
12
+ htm: "POST" | "GET";
13
13
  htu: string;
14
- ath: string;
14
+ ath?: string | undefined;
15
15
  }, {
16
16
  jti: string;
17
- htm: "GET" | "POST";
17
+ htm: "POST" | "GET";
18
18
  htu: string;
19
- ath: string;
19
+ ath?: string | undefined;
20
20
  }>;
21
21
  //# sourceMappingURL=dpop.d.ts.map
@@ -55,4 +55,17 @@ export declare class AuthRequestDecodeError extends IoWalletError {
55
55
  reason: string;
56
56
  constructor(message: string, claim?: string, reason?: string);
57
57
  }
58
+ /**
59
+ * An error subclass thrown when validation fail
60
+ *
61
+ */
62
+ export declare class PidIssuingError extends IoWalletError {
63
+ static get code(): "ERR_IO_WALLET_PID_ISSUING_FAILED";
64
+ code: string;
65
+ /** The Claim for which the validation failed. */
66
+ claim: string;
67
+ /** Reason code for the validation failure. */
68
+ reason: string;
69
+ constructor(message: string, claim?: string, reason?: string);
70
+ }
58
71
  //# sourceMappingURL=errors.d.ts.map
@@ -1 +1 @@
1
- {"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../../../src/utils/errors.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AACH,qBAAa,aAAc,SAAQ,KAAK;IACtC,6DAA6D;IAC7D,MAAM,KAAK,IAAI,IAAI,MAAM,CAExB;IAED,6DAA6D;IAC7D,IAAI,EAAE,MAAM,CAA2B;gBAE3B,OAAO,CAAC,EAAE,MAAM;CAM7B;AACD;;;GAGG;AACH,qBAAa,gBAAiB,SAAQ,aAAa;IACjD,MAAM,KAAK,IAAI,IAAI,iCAAiC,CAEnD;IAED,IAAI,SAAqC;IAEzC,iDAAiD;IACjD,KAAK,EAAE,MAAM,CAAC;IAEd,8CAA8C;IAC9C,MAAM,EAAE,MAAM,CAAC;gBAEH,OAAO,EAAE,MAAM,EAAE,KAAK,SAAgB,EAAE,MAAM,SAAgB;CAK3E;AAED;;;GAGG;AACH,qBAAa,qCAAsC,SAAQ,aAAa;IACtE,MAAM,KAAK,IAAI,IAAI,mDAAmD,CAErE;IAED,IAAI,SAAuD;IAE3D,iDAAiD;IACjD,KAAK,EAAE,MAAM,CAAC;IAEd,8CAA8C;IAC9C,MAAM,EAAE,MAAM,CAAC;gBAEH,OAAO,EAAE,MAAM,EAAE,KAAK,SAAgB,EAAE,MAAM,SAAgB;CAK3E;AAED;;;GAGG;AACH,qBAAa,sBAAuB,SAAQ,aAAa;IACvD,MAAM,KAAK,IAAI,IAAI,oDAAoD,CAEtE;IAED,IAAI,SAAwD;IAE5D,iDAAiD;IACjD,KAAK,EAAE,MAAM,CAAC;IAEd,8CAA8C;IAC9C,MAAM,EAAE,MAAM,CAAC;gBAEH,OAAO,EAAE,MAAM,EAAE,KAAK,SAAgB,EAAE,MAAM,SAAgB;CAK3E"}
1
+ {"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../../../src/utils/errors.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AACH,qBAAa,aAAc,SAAQ,KAAK;IACtC,6DAA6D;IAC7D,MAAM,KAAK,IAAI,IAAI,MAAM,CAExB;IAED,6DAA6D;IAC7D,IAAI,EAAE,MAAM,CAA2B;gBAE3B,OAAO,CAAC,EAAE,MAAM;CAM7B;AACD;;;GAGG;AACH,qBAAa,gBAAiB,SAAQ,aAAa;IACjD,MAAM,KAAK,IAAI,IAAI,iCAAiC,CAEnD;IAED,IAAI,SAAqC;IAEzC,iDAAiD;IACjD,KAAK,EAAE,MAAM,CAAC;IAEd,8CAA8C;IAC9C,MAAM,EAAE,MAAM,CAAC;gBAEH,OAAO,EAAE,MAAM,EAAE,KAAK,SAAgB,EAAE,MAAM,SAAgB;CAK3E;AAED;;;GAGG;AACH,qBAAa,qCAAsC,SAAQ,aAAa;IACtE,MAAM,KAAK,IAAI,IAAI,mDAAmD,CAErE;IAED,IAAI,SAAuD;IAE3D,iDAAiD;IACjD,KAAK,EAAE,MAAM,CAAC;IAEd,8CAA8C;IAC9C,MAAM,EAAE,MAAM,CAAC;gBAEH,OAAO,EAAE,MAAM,EAAE,KAAK,SAAgB,EAAE,MAAM,SAAgB;CAK3E;AAED;;;GAGG;AACH,qBAAa,sBAAuB,SAAQ,aAAa;IACvD,MAAM,KAAK,IAAI,IAAI,oDAAoD,CAEtE;IAED,IAAI,SAAwD;IAE5D,iDAAiD;IACjD,KAAK,EAAE,MAAM,CAAC;IAEd,8CAA8C;IAC9C,MAAM,EAAE,MAAM,CAAC;gBAEH,OAAO,EAAE,MAAM,EAAE,KAAK,SAAgB,EAAE,MAAM,SAAgB;CAK3E;AAED;;;GAGG;AACH,qBAAa,eAAgB,SAAQ,aAAa;IAChD,MAAM,KAAK,IAAI,IAAI,kCAAkC,CAEpD;IAED,IAAI,SAAsC;IAE1C,iDAAiD;IACjD,KAAK,EAAE,MAAM,CAAC;IAEd,8CAA8C;IAC9C,MAAM,EAAE,MAAM,CAAC;gBAEH,OAAO,EAAE,MAAM,EAAE,KAAK,SAAgB,EAAE,MAAM,SAAgB;CAK3E"}
@@ -27,6 +27,6 @@ export declare class Issuing {
27
27
  * @returns {string} Wallet Instance Attestation
28
28
  *
29
29
  */
30
- getAttestation(attestationRequest: string, signature: string): Promise<String>;
30
+ getAttestation(attestationRequest: string, signature: string): Promise<string>;
31
31
  }
32
32
  //# sourceMappingURL=issuing.d.ts.map