@pagopa/io-react-native-wallet 0.1.1 → 0.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (57) hide show
  1. package/lib/commonjs/index.js +0 -7
  2. package/lib/commonjs/index.js.map +1 -1
  3. package/lib/commonjs/pid/index.js +7 -0
  4. package/lib/commonjs/pid/index.js.map +1 -1
  5. package/lib/commonjs/pid/issuing.js +231 -0
  6. package/lib/commonjs/pid/issuing.js.map +1 -0
  7. package/lib/commonjs/sd-jwt/index.js +4 -1
  8. package/lib/commonjs/sd-jwt/index.js.map +1 -1
  9. package/lib/commonjs/sd-jwt/types.js +1 -1
  10. package/lib/commonjs/sd-jwt/types.js.map +1 -1
  11. package/lib/commonjs/utils/dpop.js +1 -1
  12. package/lib/commonjs/utils/dpop.js.map +1 -1
  13. package/lib/commonjs/utils/errors.js +25 -1
  14. package/lib/commonjs/utils/errors.js.map +1 -1
  15. package/lib/module/index.js +1 -2
  16. package/lib/module/index.js.map +1 -1
  17. package/lib/module/pid/index.js +2 -1
  18. package/lib/module/pid/index.js.map +1 -1
  19. package/lib/module/pid/issuing.js +225 -0
  20. package/lib/module/pid/issuing.js.map +1 -0
  21. package/lib/module/sd-jwt/index.js +4 -1
  22. package/lib/module/sd-jwt/index.js.map +1 -1
  23. package/lib/module/sd-jwt/types.js +1 -1
  24. package/lib/module/sd-jwt/types.js.map +1 -1
  25. package/lib/module/utils/dpop.js +1 -1
  26. package/lib/module/utils/dpop.js.map +1 -1
  27. package/lib/module/utils/errors.js +23 -0
  28. package/lib/module/utils/errors.js.map +1 -1
  29. package/lib/typescript/index.d.ts +1 -2
  30. package/lib/typescript/index.d.ts.map +1 -1
  31. package/lib/typescript/pid/index.d.ts +2 -1
  32. package/lib/typescript/pid/index.d.ts.map +1 -1
  33. package/lib/typescript/pid/issuing.d.ts +93 -0
  34. package/lib/typescript/pid/issuing.d.ts.map +1 -0
  35. package/lib/typescript/rp/types.d.ts +8 -8
  36. package/lib/typescript/sd-jwt/index.d.ts.map +1 -1
  37. package/lib/typescript/sd-jwt/types.d.ts +5 -5
  38. package/lib/typescript/utils/dpop.d.ts +5 -5
  39. package/lib/typescript/utils/errors.d.ts +13 -0
  40. package/lib/typescript/utils/errors.d.ts.map +1 -1
  41. package/lib/typescript/wallet-instance-attestation/issuing.d.ts +1 -1
  42. package/package.json +4 -2
  43. package/src/index.ts +1 -9
  44. package/src/pid/index.ts +2 -1
  45. package/src/pid/issuing.ts +305 -0
  46. package/src/sd-jwt/index.ts +4 -1
  47. package/src/sd-jwt/types.ts +1 -1
  48. package/src/utils/dpop.ts +1 -1
  49. package/src/utils/errors.ts +24 -0
  50. package/src/wallet-instance-attestation/issuing.ts +1 -1
  51. package/lib/commonjs/utils/signature.js +0 -10
  52. package/lib/commonjs/utils/signature.js.map +0 -1
  53. package/lib/module/utils/signature.js +0 -3
  54. package/lib/module/utils/signature.js.map +0 -1
  55. package/lib/typescript/utils/signature.d.ts +0 -2
  56. package/lib/typescript/utils/signature.d.ts.map +0 -1
  57. package/src/utils/signature.ts +0 -4
@@ -0,0 +1,225 @@
1
+ import { decode as decodeJwt, sha256ToBase64 } from "@pagopa/io-react-native-jwt";
2
+ import { SignJWT, thumbprint } from "@pagopa/io-react-native-jwt";
3
+ import { JWK } from "../utils/jwk";
4
+ import uuid from "react-native-uuid";
5
+ import { PidIssuingError } from "../utils/errors";
6
+ import { getUnsignedDPop } from "../utils/dpop";
7
+ import { sign, generate, deleteKey } from "@pagopa/io-react-native-crypto";
8
+
9
+ // This is a temporary type that will be used for demo purposes only
10
+
11
+ export class Issuing {
12
+ constructor(pidProviderBaseUrl, walletProviderBaseUrl, walletInstanceAttestation, clientId) {
13
+ let appFetch = arguments.length > 4 && arguments[4] !== undefined ? arguments[4] : fetch;
14
+ this.pidProviderBaseUrl = pidProviderBaseUrl;
15
+ this.walletProviderBaseUrl = walletProviderBaseUrl;
16
+ this.state = `${uuid.v4()}`;
17
+ this.codeVerifier = `${uuid.v4()}`;
18
+ this.authorizationCode = `${uuid.v4()}`;
19
+ this.walletInstanceAttestation = walletInstanceAttestation;
20
+ this.clientId = clientId;
21
+ this.appFetch = appFetch;
22
+ }
23
+
24
+ /**
25
+ * Return the unsigned jwt to call the PAR request.
26
+ *
27
+ * @function
28
+ * @param jwk The wallet instance attestation public JWK
29
+ *
30
+ * @returns Unsigned jwt
31
+ *
32
+ */
33
+ async getUnsignedJwtForPar(jwk) {
34
+ const parsedJwk = JWK.parse(jwk);
35
+ const keyThumbprint = await thumbprint(parsedJwk);
36
+ const publicKey = {
37
+ ...parsedJwk,
38
+ kid: keyThumbprint
39
+ };
40
+ const codeChallenge = await sha256ToBase64(this.codeVerifier);
41
+ const unsignedJwtForPar = new SignJWT({
42
+ client_assertion_type: "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
43
+ authorization_details: [{
44
+ credentialDefinition: {
45
+ type: ["eu.eudiw.pid.it"]
46
+ },
47
+ format: "vc+sd-jwt",
48
+ type: "type"
49
+ }],
50
+ response_type: "code",
51
+ code_challenge_method: "s256",
52
+ redirect_uri: this.walletProviderBaseUrl,
53
+ state: this.state,
54
+ client_id: this.clientId,
55
+ code_challenge: codeChallenge
56
+ }).setProtectedHeader({
57
+ alg: "ES256",
58
+ kid: publicKey.kid
59
+ }).setIssuedAt().setExpirationTime("1h").toSign();
60
+ return unsignedJwtForPar;
61
+ }
62
+
63
+ /**
64
+ * Make a PAR request to the PID issuer and return the response url
65
+ *
66
+ * @function
67
+ * @param unsignedJwtForPar The unsigned JWT for PAR
68
+ * @param signature The JWT for PAR signature
69
+ *
70
+ * @returns Unsigned PAR url
71
+ *
72
+ */
73
+ async getPar(unsignedJwtForPar, signature) {
74
+ const codeChallenge = await sha256ToBase64(this.codeVerifier);
75
+ const signedJwtForPar = await SignJWT.appendSignature(unsignedJwtForPar, signature);
76
+ const parUrl = new URL("/as/par", this.pidProviderBaseUrl).href;
77
+ const requestBody = {
78
+ response_type: "code",
79
+ client_id: this.clientId,
80
+ code_challenge: codeChallenge,
81
+ code_challenge_method: "S256",
82
+ client_assertion_type: "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
83
+ client_assertion: this.walletInstanceAttestation,
84
+ request: signedJwtForPar
85
+ };
86
+ var formBody = new URLSearchParams(requestBody);
87
+ const response = await this.appFetch(parUrl, {
88
+ method: "POST",
89
+ headers: {
90
+ "Content-Type": "application/x-www-form-urlencoded"
91
+ },
92
+ body: formBody.toString()
93
+ });
94
+ if (response.status === 201) {
95
+ const result = await response.json();
96
+ return result.request_uri;
97
+ }
98
+ throw new PidIssuingError(`Unable to obtain PAR. Response code: ${await response.text()}`);
99
+ }
100
+
101
+ /**
102
+ * Return the unsigned jwt for a generic DPoP
103
+ *
104
+ * @function
105
+ * @param jwk the public key for which the DPoP is to be created
106
+ *
107
+ * @returns Unsigned JWT for DPoP
108
+ *
109
+ */
110
+ async getUnsignedDPoP(jwk) {
111
+ const tokenUrl = new URL("/token", this.pidProviderBaseUrl).href;
112
+ const dPop = getUnsignedDPop(jwk, {
113
+ htm: "POST",
114
+ htu: tokenUrl,
115
+ jti: `${uuid.v4()}`
116
+ });
117
+ return dPop;
118
+ }
119
+
120
+ /**
121
+ * Make an auth token request to the PID issuer
122
+ *
123
+ * @function
124
+ * @returns a token response
125
+ *
126
+ */
127
+ async getAuthToken() {
128
+ //Generate fresh keys for DPoP
129
+ const dPopKeyTag = `${uuid.v4()}`;
130
+ const dPopKey = await generate(dPopKeyTag);
131
+ const unsignedDPopForToken = await this.getUnsignedDPoP(dPopKey);
132
+ const dPopTokenSignature = await sign(unsignedDPopForToken, dPopKeyTag);
133
+ await deleteKey(dPopKeyTag);
134
+ const signedDPop = await SignJWT.appendSignature(unsignedDPopForToken, dPopTokenSignature);
135
+ const decodedJwtDPop = decodeJwt(signedDPop);
136
+ const tokenUrl = decodedJwtDPop.payload.htu;
137
+ const requestBody = {
138
+ grant_type: "authorization code",
139
+ client_id: this.clientId,
140
+ code: this.authorizationCode,
141
+ code_verifier: this.codeVerifier,
142
+ client_assertion_type: "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
143
+ client_assertion: this.walletInstanceAttestation,
144
+ redirect_uri: this.walletProviderBaseUrl
145
+ };
146
+ var formBody = new URLSearchParams(requestBody);
147
+ const response = await this.appFetch(tokenUrl, {
148
+ method: "POST",
149
+ headers: {
150
+ "Content-Type": "application/x-www-form-urlencoded",
151
+ DPoP: signedDPop
152
+ },
153
+ body: formBody.toString()
154
+ });
155
+ if (response.status === 200) {
156
+ return await response.json();
157
+ }
158
+ throw new PidIssuingError(`Unable to obtain token. Response code: ${await response.text()}`);
159
+ }
160
+
161
+ /**
162
+ * Return the unsigned jwt for nonce proof of possession
163
+ *
164
+ * @function
165
+ * @param nonce the nonce
166
+ *
167
+ * @returns Unsigned JWT for nonce proof
168
+ *
169
+ */
170
+ async getUnsignedNonceProof(nonce) {
171
+ const unsignedProof = new SignJWT({
172
+ nonce
173
+ }).setProtectedHeader({
174
+ alg: "ES256",
175
+ type: "openid4vci-proof+jwt"
176
+ }).setAudience(this.walletProviderBaseUrl).setIssuer(this.clientId).setIssuedAt().setExpirationTime("1h").toSign();
177
+ return unsignedProof;
178
+ }
179
+
180
+ /**
181
+ * Make the credential issuing request to the PID issuer
182
+ *
183
+ * @function
184
+ * @param unsignedDPopForPid The unsigned JWT for PID DPoP
185
+ * @param dPopPidSignature The JWT for PID DPoP signature
186
+ * @param unsignedNonceProof The unsigned JWT for nonce proof
187
+ * @param nonceProofSignature The JWT for nonce proof signature
188
+ * @param accessToken The access token obtained with getAuthToken
189
+ * @param cieData Personal data read by the CIE
190
+ *
191
+ * @returns a credential
192
+ *
193
+ */
194
+ async getCredential(unsignedDPopForPid, dPopPidSignature, unsignedNonceProof, nonceProofSignature, accessToken, cieData) {
195
+ const signedDPopForPid = await SignJWT.appendSignature(unsignedDPopForPid, dPopPidSignature);
196
+ const signedNonceProof = await SignJWT.appendSignature(unsignedNonceProof, nonceProofSignature);
197
+ const credentialUrl = new URL("/credential", this.pidProviderBaseUrl).href;
198
+ const requestBody = {
199
+ credential_definition: JSON.stringify({
200
+ type: ["eu.eudiw.pid.it"]
201
+ }),
202
+ format: "vc+sd-jwt",
203
+ proof: JSON.stringify({
204
+ jwt: signedNonceProof,
205
+ cieData,
206
+ proof_type: "jwt"
207
+ })
208
+ };
209
+ const formBody = new URLSearchParams(requestBody);
210
+ const response = await this.appFetch(credentialUrl, {
211
+ method: "POST",
212
+ headers: {
213
+ "Content-Type": "application/x-www-form-urlencoded",
214
+ DPoP: signedDPopForPid,
215
+ Authorization: accessToken
216
+ },
217
+ body: formBody.toString()
218
+ });
219
+ if (response.status === 200) {
220
+ return await response.json();
221
+ }
222
+ throw new PidIssuingError(`Unable to obtain credential!`);
223
+ }
224
+ }
225
+ //# sourceMappingURL=issuing.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"names":["decode","decodeJwt","sha256ToBase64","SignJWT","thumbprint","JWK","uuid","PidIssuingError","getUnsignedDPop","sign","generate","deleteKey","Issuing","constructor","pidProviderBaseUrl","walletProviderBaseUrl","walletInstanceAttestation","clientId","appFetch","arguments","length","undefined","fetch","state","v4","codeVerifier","authorizationCode","getUnsignedJwtForPar","jwk","parsedJwk","parse","keyThumbprint","publicKey","kid","codeChallenge","unsignedJwtForPar","client_assertion_type","authorization_details","credentialDefinition","type","format","response_type","code_challenge_method","redirect_uri","client_id","code_challenge","setProtectedHeader","alg","setIssuedAt","setExpirationTime","toSign","getPar","signature","signedJwtForPar","appendSignature","parUrl","URL","href","requestBody","client_assertion","request","formBody","URLSearchParams","response","method","headers","body","toString","status","result","json","request_uri","text","getUnsignedDPoP","tokenUrl","dPop","htm","htu","jti","getAuthToken","dPopKeyTag","dPopKey","unsignedDPopForToken","dPopTokenSignature","signedDPop","decodedJwtDPop","payload","grant_type","code","code_verifier","DPoP","getUnsignedNonceProof","nonce","unsignedProof","setAudience","setIssuer","getCredential","unsignedDPopForPid","dPopPidSignature","unsignedNonceProof","nonceProofSignature","accessToken","cieData","signedDPopForPid","signedNonceProof","credentialUrl","credential_definition","JSON","stringify","proof","jwt","proof_type","Authorization"],"sourceRoot":"../../../src","sources":["pid/issuing.ts"],"mappings":"AAAA,SACEA,MAAM,IAAIC,SAAS,EACnBC,cAAc,QACT,6BAA6B;AAEpC,SAASC,OAAO,EAAEC,UAAU,QAAQ,6BAA6B;AACjE,SAASC,GAAG,QAAQ,cAAc;AAClC,OAAOC,IAAI,MAAM,mBAAmB;AACpC,SAASC,eAAe,QAAQ,iBAAiB;AACjD,SAASC,eAAe,QAAQ,eAAe;AAC/C,SAASC,IAAI,EAAEC,QAAQ,EAAEC,SAAS,QAAQ,gCAAgC;;AAE1E;;AAgBA,OAAO,MAAMC,OAAO,CAAC;EAUnBC,WAAWA,CACTC,kBAA0B,EAC1BC,qBAA6B,EAC7BC,yBAAiC,EACjCC,QAAgB,EAEhB;IAAA,IADAC,QAA8B,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAGG,KAAK;IAEtC,IAAI,CAACR,kBAAkB,GAAGA,kBAAkB;IAC5C,IAAI,CAACC,qBAAqB,GAAGA,qBAAqB;IAClD,IAAI,CAACQ,KAAK,GAAI,GAAEjB,IAAI,CAACkB,EAAE,CAAC,CAAE,EAAC;IAC3B,IAAI,CAACC,YAAY,GAAI,GAAEnB,IAAI,CAACkB,EAAE,CAAC,CAAE,EAAC;IAClC,IAAI,CAACE,iBAAiB,GAAI,GAAEpB,IAAI,CAACkB,EAAE,CAAC,CAAE,EAAC;IACvC,IAAI,CAACR,yBAAyB,GAAGA,yBAAyB;IAC1D,IAAI,CAACC,QAAQ,GAAGA,QAAQ;IACxB,IAAI,CAACC,QAAQ,GAAGA,QAAQ;EAC1B;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMS,oBAAoBA,CAACC,GAAQ,EAAmB;IACpD,MAAMC,SAAS,GAAGxB,GAAG,CAACyB,KAAK,CAACF,GAAG,CAAC;IAChC,MAAMG,aAAa,GAAG,MAAM3B,UAAU,CAACyB,SAAS,CAAC;IACjD,MAAMG,SAAS,GAAG;MAAE,GAAGH,SAAS;MAAEI,GAAG,EAAEF;IAAc,CAAC;IACtD,MAAMG,aAAa,GAAG,MAAMhC,cAAc,CAAC,IAAI,CAACuB,YAAY,CAAC;IAE7D,MAAMU,iBAAiB,GAAG,IAAIhC,OAAO,CAAC;MACpCiC,qBAAqB,EACnB,wDAAwD;MAC1DC,qBAAqB,EAAE,CACrB;QACEC,oBAAoB,EAAE;UACpBC,IAAI,EAAE,CAAC,iBAAiB;QAC1B,CAAC;QACDC,MAAM,EAAE,WAAW;QACnBD,IAAI,EAAE;MACR,CAAC,CACF;MACDE,aAAa,EAAE,MAAM;MACrBC,qBAAqB,EAAE,MAAM;MAC7BC,YAAY,EAAE,IAAI,CAAC5B,qBAAqB;MACxCQ,KAAK,EAAE,IAAI,CAACA,KAAK;MACjBqB,SAAS,EAAE,IAAI,CAAC3B,QAAQ;MACxB4B,cAAc,EAAEX;IAClB,CAAC,CAAC,CACCY,kBAAkB,CAAC;MAClBC,GAAG,EAAE,OAAO;MACZd,GAAG,EAAED,SAAS,CAACC;IACjB,CAAC,CAAC,CACDe,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,MAAM,CAAC,CAAC;IAEX,OAAOf,iBAAiB;EAC1B;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMgB,MAAMA,CAAChB,iBAAyB,EAAEiB,SAAiB,EAAmB;IAC1E,MAAMlB,aAAa,GAAG,MAAMhC,cAAc,CAAC,IAAI,CAACuB,YAAY,CAAC;IAC7D,MAAM4B,eAAe,GAAG,MAAMlD,OAAO,CAACmD,eAAe,CACnDnB,iBAAiB,EACjBiB,SACF,CAAC;IAED,MAAMG,MAAM,GAAG,IAAIC,GAAG,CAAC,SAAS,EAAE,IAAI,CAAC1C,kBAAkB,CAAC,CAAC2C,IAAI;IAE/D,MAAMC,WAAW,GAAG;MAClBjB,aAAa,EAAE,MAAM;MACrBG,SAAS,EAAE,IAAI,CAAC3B,QAAQ;MACxB4B,cAAc,EAAEX,aAAa;MAC7BQ,qBAAqB,EAAE,MAAM;MAC7BN,qBAAqB,EACnB,wDAAwD;MAC1DuB,gBAAgB,EAAE,IAAI,CAAC3C,yBAAyB;MAChD4C,OAAO,EAAEP;IACX,CAAC;IAED,IAAIQ,QAAQ,GAAG,IAAIC,eAAe,CAACJ,WAAW,CAAC;IAE/C,MAAMK,QAAQ,GAAG,MAAM,IAAI,CAAC7C,QAAQ,CAACqC,MAAM,EAAE;MAC3CS,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE;MAClB,CAAC;MACDC,IAAI,EAAEL,QAAQ,CAACM,QAAQ,CAAC;IAC1B,CAAC,CAAC;IAEF,IAAIJ,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAMC,MAAM,GAAG,MAAMN,QAAQ,CAACO,IAAI,CAAC,CAAC;MACpC,OAAOD,MAAM,CAACE,WAAW;IAC3B;IAEA,MAAM,IAAIhE,eAAe,CACtB,wCAAuC,MAAMwD,QAAQ,CAACS,IAAI,CAAC,CAAE,EAChE,CAAC;EACH;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMC,eAAeA,CAAC7C,GAAQ,EAAmB;IAC/C,MAAM8C,QAAQ,GAAG,IAAIlB,GAAG,CAAC,QAAQ,EAAE,IAAI,CAAC1C,kBAAkB,CAAC,CAAC2C,IAAI;IAChE,MAAMkB,IAAI,GAAGnE,eAAe,CAACoB,GAAG,EAAE;MAChCgD,GAAG,EAAE,MAAM;MACXC,GAAG,EAAEH,QAAQ;MACbI,GAAG,EAAG,GAAExE,IAAI,CAACkB,EAAE,CAAC,CAAE;IACpB,CAAC,CAAC;IACF,OAAOmD,IAAI;EACb;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;EACE,MAAMI,YAAYA,CAAA,EAA2B;IAC3C;IACA,MAAMC,UAAU,GAAI,GAAE1E,IAAI,CAACkB,EAAE,CAAC,CAAE,EAAC;IACjC,MAAMyD,OAAO,GAAG,MAAMvE,QAAQ,CAACsE,UAAU,CAAC;IAC1C,MAAME,oBAAoB,GAAG,MAAM,IAAI,CAACT,eAAe,CAACQ,OAAO,CAAC;IAChE,MAAME,kBAAkB,GAAG,MAAM1E,IAAI,CAACyE,oBAAoB,EAAEF,UAAU,CAAC;IACvE,MAAMrE,SAAS,CAACqE,UAAU,CAAC;IAE3B,MAAMI,UAAU,GAAG,MAAMjF,OAAO,CAACmD,eAAe,CAC9C4B,oBAAoB,EACpBC,kBACF,CAAC;IACD,MAAME,cAAc,GAAGpF,SAAS,CAACmF,UAAU,CAAC;IAC5C,MAAMV,QAAQ,GAAGW,cAAc,CAACC,OAAO,CAACT,GAAa;IACrD,MAAMnB,WAAW,GAAG;MAClB6B,UAAU,EAAE,oBAAoB;MAChC3C,SAAS,EAAE,IAAI,CAAC3B,QAAQ;MACxBuE,IAAI,EAAE,IAAI,CAAC9D,iBAAiB;MAC5B+D,aAAa,EAAE,IAAI,CAAChE,YAAY;MAChCW,qBAAqB,EACnB,wDAAwD;MAC1DuB,gBAAgB,EAAE,IAAI,CAAC3C,yBAAyB;MAChD2B,YAAY,EAAE,IAAI,CAAC5B;IACrB,CAAC;IACD,IAAI8C,QAAQ,GAAG,IAAIC,eAAe,CAACJ,WAAW,CAAC;IAE/C,MAAMK,QAAQ,GAAG,MAAM,IAAI,CAAC7C,QAAQ,CAACwD,QAAQ,EAAE;MAC7CV,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE,mCAAmC;QACnDyB,IAAI,EAAEN;MACR,CAAC;MACDlB,IAAI,EAAEL,QAAQ,CAACM,QAAQ,CAAC;IAC1B,CAAC,CAAC;IAEF,IAAIJ,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,OAAO,MAAML,QAAQ,CAACO,IAAI,CAAC,CAAC;IAC9B;IAEA,MAAM,IAAI/D,eAAe,CACtB,0CAAyC,MAAMwD,QAAQ,CAACS,IAAI,CAAC,CAAE,EAClE,CAAC;EACH;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMmB,qBAAqBA,CAACC,KAAa,EAAmB;IAC1D,MAAMC,aAAa,GAAG,IAAI1F,OAAO,CAAC;MAChCyF;IACF,CAAC,CAAC,CACC9C,kBAAkB,CAAC;MAClBC,GAAG,EAAE,OAAO;MACZR,IAAI,EAAE;IACR,CAAC,CAAC,CACDuD,WAAW,CAAC,IAAI,CAAC/E,qBAAqB,CAAC,CACvCgF,SAAS,CAAC,IAAI,CAAC9E,QAAQ,CAAC,CACxB+B,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,MAAM,CAAC,CAAC;IACX,OAAO2C,aAAa;EACtB;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMG,aAAaA,CACjBC,kBAA0B,EAC1BC,gBAAwB,EACxBC,kBAA0B,EAC1BC,mBAA2B,EAC3BC,WAAmB,EACnBC,OAAgB,EACM;IACtB,MAAMC,gBAAgB,GAAG,MAAMpG,OAAO,CAACmD,eAAe,CACpD2C,kBAAkB,EAClBC,gBACF,CAAC;IACD,MAAMM,gBAAgB,GAAG,MAAMrG,OAAO,CAACmD,eAAe,CACpD6C,kBAAkB,EAClBC,mBACF,CAAC;IACD,MAAMK,aAAa,GAAG,IAAIjD,GAAG,CAAC,aAAa,EAAE,IAAI,CAAC1C,kBAAkB,CAAC,CAAC2C,IAAI;IAE1E,MAAMC,WAAW,GAAG;MAClBgD,qBAAqB,EAAEC,IAAI,CAACC,SAAS,CAAC;QAAErE,IAAI,EAAE,CAAC,iBAAiB;MAAE,CAAC,CAAC;MACpEC,MAAM,EAAE,WAAW;MACnBqE,KAAK,EAAEF,IAAI,CAACC,SAAS,CAAC;QACpBE,GAAG,EAAEN,gBAAgB;QACrBF,OAAO;QACPS,UAAU,EAAE;MACd,CAAC;IACH,CAAC;IACD,MAAMlD,QAAQ,GAAG,IAAIC,eAAe,CAACJ,WAAW,CAAC;IAEjD,MAAMK,QAAQ,GAAG,MAAM,IAAI,CAAC7C,QAAQ,CAACuF,aAAa,EAAE;MAClDzC,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE,mCAAmC;QACnDyB,IAAI,EAAEa,gBAAgB;QACtBS,aAAa,EAAEX;MACjB,CAAC;MACDnC,IAAI,EAAEL,QAAQ,CAACM,QAAQ,CAAC;IAC1B,CAAC,CAAC;IAEF,IAAIJ,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,OAAO,MAAML,QAAQ,CAACO,IAAI,CAAC,CAAC;IAC9B;IAEA,MAAM,IAAI/D,eAAe,CAAE,8BAA6B,CAAC;EAC3D;AACF"}
@@ -18,7 +18,10 @@ import { verifyDisclosure } from "./verifier";
18
18
  *
19
19
  */
20
20
  export const decode = (token, schema) => {
21
- // token are expected in the form "sd-jwt~disclosure0~disclosure1~...~disclosureN"
21
+ // token are expected in the form "sd-jwt~disclosure0~disclosure1~...~disclosureN~"
22
+ if (token.slice(-1) === "~") {
23
+ token = token.slice(0, -1);
24
+ }
22
25
  const [rawSdJwt = "", ...rawDisclosures] = token.split("~");
23
26
 
24
27
  // get the sd-jwt as object
@@ -1 +1 @@
1
- {"version":3,"names":["decode","decodeJwt","verify","verifyJwt","decodeBase64","Disclosure","verifyDisclosure","token","schema","rawSdJwt","rawDisclosures","split","decodedJwt","sdJwt","parse","header","protectedHeader","payload","disclosures","map","e","JSON","publicKey","decoded","claims","verified_claims","verification","_sd","Promise","all","disclosure"],"sourceRoot":"../../../src","sources":["sd-jwt/index.ts"],"mappings":"AAEA,SAASA,MAAM,IAAIC,SAAS,QAAQ,6BAA6B;AACjE,SAASC,MAAM,IAAIC,SAAS,QAAQ,6BAA6B;AAEjE,SAASC,YAAY,QAAQ,6BAA6B;AAC1D,SAASC,UAAU,QAAQ,SAAS;AACpC,SAASC,gBAAgB,QAAQ,YAAY;AAG7C;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMN,MAAM,GAAGA,CACpBO,KAAa,EACbC,MAAS,KAC4C;EACrD;EACA,MAAM,CAACC,QAAQ,GAAG,EAAE,EAAE,GAAGC,cAAc,CAAC,GAAGH,KAAK,CAACI,KAAK,CAAC,GAAG,CAAC;;EAE3D;EACA;EACA,MAAMC,UAAU,GAAGX,SAAS,CAACQ,QAAQ,CAAC;EACtC,MAAMI,KAAK,GAAGL,MAAM,CAACM,KAAK,CAAC;IACzBC,MAAM,EAAEH,UAAU,CAACI,eAAe;IAClCC,OAAO,EAAEL,UAAU,CAACK;EACtB,CAAC,CAAC;;EAEF;EACA;EACA;EACA,MAAMC,WAAW,GAAGR,cAAc,CAC/BS,GAAG,CAACf,YAAY,CAAC,CACjBe,GAAG,CAAEC,CAAC,IAAKC,IAAI,CAACP,KAAK,CAACM,CAAC,CAAC,CAAC,CACzBD,GAAG,CAAEC,CAAC,IAAKf,UAAU,CAACS,KAAK,CAACM,CAAC,CAAC,CAAC;EAElC,OAAO;IAAEP,KAAK;IAAEK;EAAY,CAAC;AAC/B,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMhB,MAAM,GAAG,MAAAA,CACpBK,KAAa,EACbe,SAAc,EACdd,MAAS,KACqD;EAC9D;EACA,MAAM,CAACC,QAAQ,GAAG,EAAE,CAAC,GAAGF,KAAK,CAACI,KAAK,CAAC,GAAG,CAAC;EACxC,MAAMY,OAAO,GAAGvB,MAAM,CAACO,KAAK,EAAEC,MAAM,CAAC;;EAErC;EACA,MAAML,SAAS,CAACM,QAAQ,EAAEa,SAAS,CAAC;;EAEpC;EACA,MAAME,MAAM,GAAG,CACb,GAAGD,OAAO,CAACV,KAAK,CAACI,OAAO,CAACQ,eAAe,CAACC,YAAY,CAACC,GAAG,EACzD,GAAGJ,OAAO,CAACV,KAAK,CAACI,OAAO,CAACQ,eAAe,CAACD,MAAM,CAACG,GAAG,CACpD;EAED,MAAMC,OAAO,CAACC,GAAG,CACfN,OAAO,CAACL,WAAW,CAACC,GAAG,CACrB,MAAOW,UAAU,IAAK,MAAMxB,gBAAgB,CAACwB,UAAU,EAAEN,MAAM,CACjE,CACF,CAAC;EAED,OAAOD,OAAO;AAChB,CAAC"}
1
+ {"version":3,"names":["decode","decodeJwt","verify","verifyJwt","decodeBase64","Disclosure","verifyDisclosure","token","schema","slice","rawSdJwt","rawDisclosures","split","decodedJwt","sdJwt","parse","header","protectedHeader","payload","disclosures","map","e","JSON","publicKey","decoded","claims","verified_claims","verification","_sd","Promise","all","disclosure"],"sourceRoot":"../../../src","sources":["sd-jwt/index.ts"],"mappings":"AAEA,SAASA,MAAM,IAAIC,SAAS,QAAQ,6BAA6B;AACjE,SAASC,MAAM,IAAIC,SAAS,QAAQ,6BAA6B;AAEjE,SAASC,YAAY,QAAQ,6BAA6B;AAC1D,SAASC,UAAU,QAAQ,SAAS;AACpC,SAASC,gBAAgB,QAAQ,YAAY;AAG7C;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMN,MAAM,GAAGA,CACpBO,KAAa,EACbC,MAAS,KAC4C;EACrD;EACA,IAAID,KAAK,CAACE,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE;IAC3BF,KAAK,GAAGA,KAAK,CAACE,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;EAC5B;EACA,MAAM,CAACC,QAAQ,GAAG,EAAE,EAAE,GAAGC,cAAc,CAAC,GAAGJ,KAAK,CAACK,KAAK,CAAC,GAAG,CAAC;;EAE3D;EACA;EACA,MAAMC,UAAU,GAAGZ,SAAS,CAACS,QAAQ,CAAC;EACtC,MAAMI,KAAK,GAAGN,MAAM,CAACO,KAAK,CAAC;IACzBC,MAAM,EAAEH,UAAU,CAACI,eAAe;IAClCC,OAAO,EAAEL,UAAU,CAACK;EACtB,CAAC,CAAC;;EAEF;EACA;EACA;EACA,MAAMC,WAAW,GAAGR,cAAc,CAC/BS,GAAG,CAAChB,YAAY,CAAC,CACjBgB,GAAG,CAAEC,CAAC,IAAKC,IAAI,CAACP,KAAK,CAACM,CAAC,CAAC,CAAC,CACzBD,GAAG,CAAEC,CAAC,IAAKhB,UAAU,CAACU,KAAK,CAACM,CAAC,CAAC,CAAC;EAElC,OAAO;IAAEP,KAAK;IAAEK;EAAY,CAAC;AAC/B,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMjB,MAAM,GAAG,MAAAA,CACpBK,KAAa,EACbgB,SAAc,EACdf,MAAS,KACqD;EAC9D;EACA,MAAM,CAACE,QAAQ,GAAG,EAAE,CAAC,GAAGH,KAAK,CAACK,KAAK,CAAC,GAAG,CAAC;EACxC,MAAMY,OAAO,GAAGxB,MAAM,CAACO,KAAK,EAAEC,MAAM,CAAC;;EAErC;EACA,MAAML,SAAS,CAACO,QAAQ,EAAEa,SAAS,CAAC;;EAEpC;EACA,MAAME,MAAM,GAAG,CACb,GAAGD,OAAO,CAACV,KAAK,CAACI,OAAO,CAACQ,eAAe,CAACC,YAAY,CAACC,GAAG,EACzD,GAAGJ,OAAO,CAACV,KAAK,CAACI,OAAO,CAACQ,eAAe,CAACD,MAAM,CAACG,GAAG,CACpD;EAED,MAAMC,OAAO,CAACC,GAAG,CACfN,OAAO,CAACL,WAAW,CAACC,GAAG,CACrB,MAAOW,UAAU,IAAK,MAAMzB,gBAAgB,CAACyB,UAAU,EAAEN,MAAM,CACjE,CACF,CAAC;EAED,OAAOD,OAAO;AAChB,CAAC"}
@@ -17,7 +17,7 @@ export const SdJwt4VC = z.object({
17
17
  header: z.object({
18
18
  typ: z.literal("vc+sd-jwt"),
19
19
  alg: z.string(),
20
- kid: z.string(),
20
+ kid: z.string().optional(),
21
21
  trust_chain: z.array(z.string())
22
22
  }),
23
23
  payload: z.object({
@@ -1 +1 @@
1
- {"version":3,"names":["JWK","z","UnixTime","number","min","max","ObfuscatedDisclosures","object","_sd","array","string","Disclosure","tuple","unknown","SdJwt4VC","header","typ","literal","alg","kid","trust_chain","payload","iss","sub","jti","iat","exp","status","cnf","jwk","type","verified_claims","verification","intersection","trust_framework","assurance_level","claims","_sd_alg"],"sourceRoot":"../../../src","sources":["sd-jwt/types.ts"],"mappings":"AAAA,SAASA,GAAG,QAAQ,cAAc;AAClC,SAASC,CAAC,QAAQ,KAAK;AAEvB,OAAO,MAAMC,QAAQ,GAAGD,CAAC,CAACE,MAAM,CAAC,CAAC,CAACC,GAAG,CAAC,CAAC,CAAC,CAACC,GAAG,CAAC,aAAa,CAAC;AAI5D,OAAO,MAAMC,qBAAqB,GAAGL,CAAC,CAACM,MAAM,CAAC;EAAEC,GAAG,EAAEP,CAAC,CAACQ,KAAK,CAACR,CAAC,CAACS,MAAM,CAAC,CAAC;AAAE,CAAC,CAAC;;AAE3E;AACA;AACA;AACA;AACA;AACA;;AAEA,OAAO,MAAMC,UAAU,GAAGV,CAAC,CAACW,KAAK,CAAC,CAChC,UAAWX,CAAC,CAACS,MAAM,CAAC,CAAC,EACrB,gBAAiBT,CAAC,CAACS,MAAM,CAAC,CAAC,EAC3B,iBAAkBT,CAAC,CAACY,OAAO,CAAC,CAAC,CAC9B,CAAC;AAGF,OAAO,MAAMC,QAAQ,GAAGb,CAAC,CAACM,MAAM,CAAC;EAC/BQ,MAAM,EAAEd,CAAC,CAACM,MAAM,CAAC;IACfS,GAAG,EAAEf,CAAC,CAACgB,OAAO,CAAC,WAAW,CAAC;IAC3BC,GAAG,EAAEjB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfS,GAAG,EAAElB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfU,WAAW,EAAEnB,CAAC,CAACQ,KAAK,CAACR,CAAC,CAACS,MAAM,CAAC,CAAC;EACjC,CAAC,CAAC;EACFW,OAAO,EAAEpB,CAAC,CAACM,MAAM,CAAC;IAChBe,GAAG,EAAErB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfa,GAAG,EAAEtB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfc,GAAG,EAAEvB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfe,GAAG,EAAEvB,QAAQ;IACbwB,GAAG,EAAExB,QAAQ;IACbyB,MAAM,EAAE1B,CAAC,CAACS,MAAM,CAAC,CAAC;IAClBkB,GAAG,EAAE3B,CAAC,CAACM,MAAM,CAAC;MACZsB,GAAG,EAAE7B;IACP,CAAC,CAAC;IACF8B,IAAI,EAAE7B,CAAC,CAACgB,OAAO,CAAC,0BAA0B,CAAC;IAC3Cc,eAAe,EAAE9B,CAAC,CAACM,MAAM,CAAC;MACxByB,YAAY,EAAE/B,CAAC,CAACgC,YAAY,CAC1BhC,CAAC,CAACM,MAAM,CAAC;QACP2B,eAAe,EAAEjC,CAAC,CAACgB,OAAO,CAAC,OAAO,CAAC;QACnCkB,eAAe,EAAElC,CAAC,CAACS,MAAM,CAAC;MAC5B,CAAC,CAAC,EACFJ,qBACF,CAAC;MACD8B,MAAM,EAAE9B;IACV,CAAC,CAAC;IACF+B,OAAO,EAAEpC,CAAC,CAACgB,OAAO,CAAC,SAAS;EAC9B,CAAC;AACH,CAAC,CAAC"}
1
+ {"version":3,"names":["JWK","z","UnixTime","number","min","max","ObfuscatedDisclosures","object","_sd","array","string","Disclosure","tuple","unknown","SdJwt4VC","header","typ","literal","alg","kid","optional","trust_chain","payload","iss","sub","jti","iat","exp","status","cnf","jwk","type","verified_claims","verification","intersection","trust_framework","assurance_level","claims","_sd_alg"],"sourceRoot":"../../../src","sources":["sd-jwt/types.ts"],"mappings":"AAAA,SAASA,GAAG,QAAQ,cAAc;AAClC,SAASC,CAAC,QAAQ,KAAK;AAEvB,OAAO,MAAMC,QAAQ,GAAGD,CAAC,CAACE,MAAM,CAAC,CAAC,CAACC,GAAG,CAAC,CAAC,CAAC,CAACC,GAAG,CAAC,aAAa,CAAC;AAI5D,OAAO,MAAMC,qBAAqB,GAAGL,CAAC,CAACM,MAAM,CAAC;EAAEC,GAAG,EAAEP,CAAC,CAACQ,KAAK,CAACR,CAAC,CAACS,MAAM,CAAC,CAAC;AAAE,CAAC,CAAC;;AAE3E;AACA;AACA;AACA;AACA;AACA;;AAEA,OAAO,MAAMC,UAAU,GAAGV,CAAC,CAACW,KAAK,CAAC,CAChC,UAAWX,CAAC,CAACS,MAAM,CAAC,CAAC,EACrB,gBAAiBT,CAAC,CAACS,MAAM,CAAC,CAAC,EAC3B,iBAAkBT,CAAC,CAACY,OAAO,CAAC,CAAC,CAC9B,CAAC;AAGF,OAAO,MAAMC,QAAQ,GAAGb,CAAC,CAACM,MAAM,CAAC;EAC/BQ,MAAM,EAAEd,CAAC,CAACM,MAAM,CAAC;IACfS,GAAG,EAAEf,CAAC,CAACgB,OAAO,CAAC,WAAW,CAAC;IAC3BC,GAAG,EAAEjB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfS,GAAG,EAAElB,CAAC,CAACS,MAAM,CAAC,CAAC,CAACU,QAAQ,CAAC,CAAC;IAC1BC,WAAW,EAAEpB,CAAC,CAACQ,KAAK,CAACR,CAAC,CAACS,MAAM,CAAC,CAAC;EACjC,CAAC,CAAC;EACFY,OAAO,EAAErB,CAAC,CAACM,MAAM,CAAC;IAChBgB,GAAG,EAAEtB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfc,GAAG,EAAEvB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfe,GAAG,EAAExB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfgB,GAAG,EAAExB,QAAQ;IACbyB,GAAG,EAAEzB,QAAQ;IACb0B,MAAM,EAAE3B,CAAC,CAACS,MAAM,CAAC,CAAC;IAClBmB,GAAG,EAAE5B,CAAC,CAACM,MAAM,CAAC;MACZuB,GAAG,EAAE9B;IACP,CAAC,CAAC;IACF+B,IAAI,EAAE9B,CAAC,CAACgB,OAAO,CAAC,0BAA0B,CAAC;IAC3Ce,eAAe,EAAE/B,CAAC,CAACM,MAAM,CAAC;MACxB0B,YAAY,EAAEhC,CAAC,CAACiC,YAAY,CAC1BjC,CAAC,CAACM,MAAM,CAAC;QACP4B,eAAe,EAAElC,CAAC,CAACgB,OAAO,CAAC,OAAO,CAAC;QACnCmB,eAAe,EAAEnC,CAAC,CAACS,MAAM,CAAC;MAC5B,CAAC,CAAC,EACFJ,qBACF,CAAC;MACD+B,MAAM,EAAE/B;IACV,CAAC,CAAC;IACFgC,OAAO,EAAErC,CAAC,CAACgB,OAAO,CAAC,SAAS;EAC9B,CAAC;AACH,CAAC,CAAC"}
@@ -12,6 +12,6 @@ export const DPoPPayload = z.object({
12
12
  jti: z.string(),
13
13
  htm: z.union([z.literal("POST"), z.literal("GET")]),
14
14
  htu: z.string(),
15
- ath: z.string()
15
+ ath: z.string().optional()
16
16
  });
17
17
  //# sourceMappingURL=dpop.js.map
@@ -1 +1 @@
1
- {"version":3,"names":["z","SignJWT","getUnsignedDPop","jwk","payload","dPop","setProtectedHeader","alg","typ","setIssuedAt","setExpirationTime","toSign","DPoPPayload","object","jti","string","htm","union","literal","htu","ath"],"sourceRoot":"../../../src","sources":["utils/dpop.ts"],"mappings":"AAAA,OAAO,KAAKA,CAAC,MAAM,KAAK;AAExB,SAASC,OAAO,QAAQ,6BAA6B;AAGrD,OAAO,MAAMC,eAAe,GAAGA,CAACC,GAAQ,EAAEC,OAAoB,KAAa;EACzE,MAAMC,IAAI,GAAG,IAAIJ,OAAO,CAACG,OAAO,CAAC,CAC9BE,kBAAkB,CAAC;IAClBC,GAAG,EAAE,OAAO;IACZC,GAAG,EAAE,UAAU;IACfL;EACF,CAAC,CAAC,CACDM,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,MAAM,CAAC,CAAC;EACX,OAAON,IAAI;AACb,CAAC;AAGD,OAAO,MAAMO,WAAW,GAAGZ,CAAC,CAACa,MAAM,CAAC;EAClCC,GAAG,EAAEd,CAAC,CAACe,MAAM,CAAC,CAAC;EACfC,GAAG,EAAEhB,CAAC,CAACiB,KAAK,CAAC,CAACjB,CAAC,CAACkB,OAAO,CAAC,MAAM,CAAC,EAAElB,CAAC,CAACkB,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC;EACnDC,GAAG,EAAEnB,CAAC,CAACe,MAAM,CAAC,CAAC;EACfK,GAAG,EAAEpB,CAAC,CAACe,MAAM,CAAC;AAChB,CAAC,CAAC"}
1
+ {"version":3,"names":["z","SignJWT","getUnsignedDPop","jwk","payload","dPop","setProtectedHeader","alg","typ","setIssuedAt","setExpirationTime","toSign","DPoPPayload","object","jti","string","htm","union","literal","htu","ath","optional"],"sourceRoot":"../../../src","sources":["utils/dpop.ts"],"mappings":"AAAA,OAAO,KAAKA,CAAC,MAAM,KAAK;AAExB,SAASC,OAAO,QAAQ,6BAA6B;AAGrD,OAAO,MAAMC,eAAe,GAAGA,CAACC,GAAQ,EAAEC,OAAoB,KAAa;EACzE,MAAMC,IAAI,GAAG,IAAIJ,OAAO,CAACG,OAAO,CAAC,CAC9BE,kBAAkB,CAAC;IAClBC,GAAG,EAAE,OAAO;IACZC,GAAG,EAAE,UAAU;IACfL;EACF,CAAC,CAAC,CACDM,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,MAAM,CAAC,CAAC;EACX,OAAON,IAAI;AACb,CAAC;AAGD,OAAO,MAAMO,WAAW,GAAGZ,CAAC,CAACa,MAAM,CAAC;EAClCC,GAAG,EAAEd,CAAC,CAACe,MAAM,CAAC,CAAC;EACfC,GAAG,EAAEhB,CAAC,CAACiB,KAAK,CAAC,CAACjB,CAAC,CAACkB,OAAO,CAAC,MAAM,CAAC,EAAElB,CAAC,CAACkB,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC;EACnDC,GAAG,EAAEnB,CAAC,CAACe,MAAM,CAAC,CAAC;EACfK,GAAG,EAAEpB,CAAC,CAACe,MAAM,CAAC,CAAC,CAACM,QAAQ,CAAC;AAC3B,CAAC,CAAC"}
@@ -93,4 +93,27 @@ export class AuthRequestDecodeError extends IoWalletError {
93
93
  this.reason = reason;
94
94
  }
95
95
  }
96
+
97
+ /**
98
+ * An error subclass thrown when validation fail
99
+ *
100
+ */
101
+ export class PidIssuingError extends IoWalletError {
102
+ static get code() {
103
+ return "ERR_IO_WALLET_PID_ISSUING_FAILED";
104
+ }
105
+ code = "ERR_IO_WALLET_PID_ISSUING_FAILED";
106
+
107
+ /** The Claim for which the validation failed. */
108
+
109
+ /** Reason code for the validation failure. */
110
+
111
+ constructor(message) {
112
+ let claim = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : "unspecified";
113
+ let reason = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : "unspecified";
114
+ super(message);
115
+ this.claim = claim;
116
+ this.reason = reason;
117
+ }
118
+ }
96
119
  //# sourceMappingURL=errors.js.map
@@ -1 +1 @@
1
- {"version":3,"names":["IoWalletError","Error","code","constructor","message","_Error$captureStackTr","name","captureStackTrace","call","ValidationFailed","claim","arguments","length","undefined","reason","WalletInstanceAttestationIssuingError","AuthRequestDecodeError"],"sourceRoot":"../../../src","sources":["utils/errors.ts"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMA,aAAa,SAASC,KAAK,CAAC;EACvC;EACA,WAAWC,IAAIA,CAAA,EAAW;IACxB,OAAO,uBAAuB;EAChC;;EAEA;EACAA,IAAI,GAAW,uBAAuB;EAEtCC,WAAWA,CAACC,OAAgB,EAAE;IAAA,IAAAC,qBAAA;IAC5B,KAAK,CAACD,OAAO,CAAC;IACd,IAAI,CAACE,IAAI,GAAG,IAAI,CAACH,WAAW,CAACG,IAAI;IACjC;IACA,CAAAD,qBAAA,GAAAJ,KAAK,CAACM,iBAAiB,cAAAF,qBAAA,uBAAvBA,qBAAA,CAAAG,IAAA,CAAAP,KAAK,EAAqB,IAAI,EAAE,IAAI,CAACE,WAAW,CAAC;EACnD;AACF;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMM,gBAAgB,SAAST,aAAa,CAAC;EAClD,WAAWE,IAAIA,CAAA,EAAsC;IACnD,OAAO,iCAAiC;EAC1C;EAEAA,IAAI,GAAG,iCAAiC;;EAExC;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CM,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACP,OAAO,CAAC;IACd,IAAI,CAACM,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AACA,OAAO,MAAMC,qCAAqC,SAASf,aAAa,CAAC;EACvE,WAAWE,IAAIA,CAAA,EAAwD;IACrE,OAAO,mDAAmD;EAC5D;EAEAA,IAAI,GAAG,mDAAmD;;EAE1D;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CM,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACP,OAAO,CAAC;IACd,IAAI,CAACM,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AACA,OAAO,MAAME,sBAAsB,SAAShB,aAAa,CAAC;EACxD,WAAWE,IAAIA,CAAA,EAAyD;IACtE,OAAO,oDAAoD;EAC7D;EAEAA,IAAI,GAAG,oDAAoD;;EAE3D;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CM,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACP,OAAO,CAAC;IACd,IAAI,CAACM,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF"}
1
+ {"version":3,"names":["IoWalletError","Error","code","constructor","message","_Error$captureStackTr","name","captureStackTrace","call","ValidationFailed","claim","arguments","length","undefined","reason","WalletInstanceAttestationIssuingError","AuthRequestDecodeError","PidIssuingError"],"sourceRoot":"../../../src","sources":["utils/errors.ts"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMA,aAAa,SAASC,KAAK,CAAC;EACvC;EACA,WAAWC,IAAIA,CAAA,EAAW;IACxB,OAAO,uBAAuB;EAChC;;EAEA;EACAA,IAAI,GAAW,uBAAuB;EAEtCC,WAAWA,CAACC,OAAgB,EAAE;IAAA,IAAAC,qBAAA;IAC5B,KAAK,CAACD,OAAO,CAAC;IACd,IAAI,CAACE,IAAI,GAAG,IAAI,CAACH,WAAW,CAACG,IAAI;IACjC;IACA,CAAAD,qBAAA,GAAAJ,KAAK,CAACM,iBAAiB,cAAAF,qBAAA,uBAAvBA,qBAAA,CAAAG,IAAA,CAAAP,KAAK,EAAqB,IAAI,EAAE,IAAI,CAACE,WAAW,CAAC;EACnD;AACF;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMM,gBAAgB,SAAST,aAAa,CAAC;EAClD,WAAWE,IAAIA,CAAA,EAAsC;IACnD,OAAO,iCAAiC;EAC1C;EAEAA,IAAI,GAAG,iCAAiC;;EAExC;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CM,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACP,OAAO,CAAC;IACd,IAAI,CAACM,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AACA,OAAO,MAAMC,qCAAqC,SAASf,aAAa,CAAC;EACvE,WAAWE,IAAIA,CAAA,EAAwD;IACrE,OAAO,mDAAmD;EAC5D;EAEAA,IAAI,GAAG,mDAAmD;;EAE1D;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CM,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACP,OAAO,CAAC;IACd,IAAI,CAACM,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AACA,OAAO,MAAME,sBAAsB,SAAShB,aAAa,CAAC;EACxD,WAAWE,IAAIA,CAAA,EAAyD;IACtE,OAAO,oDAAoD;EAC7D;EAEAA,IAAI,GAAG,oDAAoD;;EAE3D;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CM,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACP,OAAO,CAAC;IACd,IAAI,CAACM,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AACA,OAAO,MAAMG,eAAe,SAASjB,aAAa,CAAC;EACjD,WAAWE,IAAIA,CAAA,EAAuC;IACpD,OAAO,kCAAkC;EAC3C;EAEAA,IAAI,GAAG,kCAAkC;;EAEzC;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CM,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACP,OAAO,CAAC;IACd,IAAI,CAACM,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF"}
@@ -3,6 +3,5 @@ import * as RP from "./rp";
3
3
  import * as Errors from "./utils/errors";
4
4
  import * as WalletInstanceAttestation from "./wallet-instance-attestation";
5
5
  import { getUnsignedDPop } from "./utils/dpop";
6
- import { getSignedJwt } from "./utils/signature";
7
- export { PID, RP, WalletInstanceAttestation, Errors, getUnsignedDPop, getSignedJwt, };
6
+ export { PID, RP, WalletInstanceAttestation, Errors, getUnsignedDPop };
8
7
  //# sourceMappingURL=index.d.ts.map
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,GAAG,MAAM,OAAO,CAAC;AAC7B,OAAO,KAAK,EAAE,MAAM,MAAM,CAAC;AAC3B,OAAO,KAAK,MAAM,MAAM,gBAAgB,CAAC;AACzC,OAAO,KAAK,yBAAyB,MAAM,+BAA+B,CAAC;AAC3E,OAAO,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AAC/C,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AAEjD,OAAO,EACL,GAAG,EACH,EAAE,EACF,yBAAyB,EACzB,MAAM,EACN,eAAe,EACf,YAAY,GACb,CAAC"}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,GAAG,MAAM,OAAO,CAAC;AAC7B,OAAO,KAAK,EAAE,MAAM,MAAM,CAAC;AAC3B,OAAO,KAAK,MAAM,MAAM,gBAAgB,CAAC;AACzC,OAAO,KAAK,yBAAyB,MAAM,+BAA+B,CAAC;AAC3E,OAAO,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AAE/C,OAAO,EAAE,GAAG,EAAE,EAAE,EAAE,yBAAyB,EAAE,MAAM,EAAE,eAAe,EAAE,CAAC"}
@@ -1,3 +1,4 @@
1
1
  import * as SdJwt from "./sd-jwt";
2
- export { SdJwt };
2
+ import { Issuing } from "./issuing";
3
+ export { SdJwt, Issuing };
3
4
  //# sourceMappingURL=index.d.ts.map
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/pid/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,KAAK,MAAM,UAAU,CAAC;AAClC,OAAO,EAAE,KAAK,EAAE,CAAC"}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/pid/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,KAAK,MAAM,UAAU,CAAC;AAClC,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC"}
@@ -0,0 +1,93 @@
1
+ import { JWK } from "../utils/jwk";
2
+ export type CieData = {
3
+ birthDate: string;
4
+ fiscalCode: string;
5
+ name: string;
6
+ surname: string;
7
+ };
8
+ export type TokenResponse = {
9
+ access_token: string;
10
+ c_nonce: string;
11
+ };
12
+ export type PidResponse = {
13
+ credential: string;
14
+ c_nonce: string;
15
+ c_nonce_expires_in: number;
16
+ format: string;
17
+ };
18
+ export declare class Issuing {
19
+ pidProviderBaseUrl: string;
20
+ walletProviderBaseUrl: string;
21
+ walletInstanceAttestation: string;
22
+ codeVerifier: string;
23
+ clientId: string;
24
+ state: string;
25
+ authorizationCode: string;
26
+ appFetch: GlobalFetch["fetch"];
27
+ constructor(pidProviderBaseUrl: string, walletProviderBaseUrl: string, walletInstanceAttestation: string, clientId: string, appFetch?: GlobalFetch["fetch"]);
28
+ /**
29
+ * Return the unsigned jwt to call the PAR request.
30
+ *
31
+ * @function
32
+ * @param jwk The wallet instance attestation public JWK
33
+ *
34
+ * @returns Unsigned jwt
35
+ *
36
+ */
37
+ getUnsignedJwtForPar(jwk: JWK): Promise<string>;
38
+ /**
39
+ * Make a PAR request to the PID issuer and return the response url
40
+ *
41
+ * @function
42
+ * @param unsignedJwtForPar The unsigned JWT for PAR
43
+ * @param signature The JWT for PAR signature
44
+ *
45
+ * @returns Unsigned PAR url
46
+ *
47
+ */
48
+ getPar(unsignedJwtForPar: string, signature: string): Promise<string>;
49
+ /**
50
+ * Return the unsigned jwt for a generic DPoP
51
+ *
52
+ * @function
53
+ * @param jwk the public key for which the DPoP is to be created
54
+ *
55
+ * @returns Unsigned JWT for DPoP
56
+ *
57
+ */
58
+ getUnsignedDPoP(jwk: JWK): Promise<string>;
59
+ /**
60
+ * Make an auth token request to the PID issuer
61
+ *
62
+ * @function
63
+ * @returns a token response
64
+ *
65
+ */
66
+ getAuthToken(): Promise<TokenResponse>;
67
+ /**
68
+ * Return the unsigned jwt for nonce proof of possession
69
+ *
70
+ * @function
71
+ * @param nonce the nonce
72
+ *
73
+ * @returns Unsigned JWT for nonce proof
74
+ *
75
+ */
76
+ getUnsignedNonceProof(nonce: string): Promise<string>;
77
+ /**
78
+ * Make the credential issuing request to the PID issuer
79
+ *
80
+ * @function
81
+ * @param unsignedDPopForPid The unsigned JWT for PID DPoP
82
+ * @param dPopPidSignature The JWT for PID DPoP signature
83
+ * @param unsignedNonceProof The unsigned JWT for nonce proof
84
+ * @param nonceProofSignature The JWT for nonce proof signature
85
+ * @param accessToken The access token obtained with getAuthToken
86
+ * @param cieData Personal data read by the CIE
87
+ *
88
+ * @returns a credential
89
+ *
90
+ */
91
+ getCredential(unsignedDPopForPid: string, dPopPidSignature: string, unsignedNonceProof: string, nonceProofSignature: string, accessToken: string, cieData: CieData): Promise<PidResponse>;
92
+ }
93
+ //# sourceMappingURL=issuing.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"issuing.d.ts","sourceRoot":"","sources":["../../../src/pid/issuing.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,GAAG,EAAE,MAAM,cAAc,CAAC;AAOnC,MAAM,MAAM,OAAO,GAAG;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;CACjB,CAAC;AAEF,MAAM,MAAM,aAAa,GAAG;IAAE,YAAY,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,CAAC;AACtE,MAAM,MAAM,WAAW,GAAG;IACxB,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,MAAM,EAAE,MAAM,CAAC;CAChB,CAAC;AAEF,qBAAa,OAAO;IAClB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,qBAAqB,EAAE,MAAM,CAAC;IAC9B,yBAAyB,EAAE,MAAM,CAAC;IAClC,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,iBAAiB,EAAE,MAAM,CAAC;IAC1B,QAAQ,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC;gBAG7B,kBAAkB,EAAE,MAAM,EAC1B,qBAAqB,EAAE,MAAM,EAC7B,yBAAyB,EAAE,MAAM,EACjC,QAAQ,EAAE,MAAM,EAChB,QAAQ,GAAE,WAAW,CAAC,OAAO,CAAS;IAYxC;;;;;;;;OAQG;IACG,oBAAoB,CAAC,GAAG,EAAE,GAAG,GAAG,OAAO,CAAC,MAAM,CAAC;IAoCrD;;;;;;;;;OASG;IACG,MAAM,CAAC,iBAAiB,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAwC3E;;;;;;;;OAQG;IACG,eAAe,CAAC,GAAG,EAAE,GAAG,GAAG,OAAO,CAAC,MAAM,CAAC;IAUhD;;;;;;OAMG;IACG,YAAY,IAAI,OAAO,CAAC,aAAa,CAAC;IA4C5C;;;;;;;;OAQG;IACG,qBAAqB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAgB3D;;;;;;;;;;;;;OAaG;IACG,aAAa,CACjB,kBAAkB,EAAE,MAAM,EAC1B,gBAAgB,EAAE,MAAM,EACxB,kBAAkB,EAAE,MAAM,EAC1B,mBAAmB,EAAE,MAAM,EAC3B,WAAW,EAAE,MAAM,EACnB,OAAO,EAAE,OAAO,GACf,OAAO,CAAC,WAAW,CAAC;CAsCxB"}
@@ -33,24 +33,24 @@ export declare const RequestObject: z.ZodObject<{
33
33
  iss: string;
34
34
  iat: number;
35
35
  exp: number;
36
+ response_type: "vp_token";
36
37
  state: string;
38
+ client_id: string;
37
39
  nonce: string;
38
40
  response_uri: string;
39
- response_type: "vp_token";
40
41
  response_mode: "direct_post.jwt";
41
- client_id: string;
42
42
  client_id_scheme: "entity_id";
43
43
  scope: string;
44
44
  }, {
45
45
  iss: string;
46
46
  iat: number;
47
47
  exp: number;
48
+ response_type: "vp_token";
48
49
  state: string;
50
+ client_id: string;
49
51
  nonce: string;
50
52
  response_uri: string;
51
- response_type: "vp_token";
52
53
  response_mode: "direct_post.jwt";
53
- client_id: string;
54
54
  client_id_scheme: "entity_id";
55
55
  scope: string;
56
56
  }>;
@@ -65,12 +65,12 @@ export declare const RequestObject: z.ZodObject<{
65
65
  iss: string;
66
66
  iat: number;
67
67
  exp: number;
68
+ response_type: "vp_token";
68
69
  state: string;
70
+ client_id: string;
69
71
  nonce: string;
70
72
  response_uri: string;
71
- response_type: "vp_token";
72
73
  response_mode: "direct_post.jwt";
73
- client_id: string;
74
74
  client_id_scheme: "entity_id";
75
75
  scope: string;
76
76
  };
@@ -85,12 +85,12 @@ export declare const RequestObject: z.ZodObject<{
85
85
  iss: string;
86
86
  iat: number;
87
87
  exp: number;
88
+ response_type: "vp_token";
88
89
  state: string;
90
+ client_id: string;
89
91
  nonce: string;
90
92
  response_uri: string;
91
- response_type: "vp_token";
92
93
  response_mode: "direct_post.jwt";
93
- client_id: string;
94
94
  client_id_scheme: "entity_id";
95
95
  scope: string;
96
96
  };
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/sd-jwt/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAMxB,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AAErC,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,eAAe,CAAC;AAEzC;;;;;;;;;;;;;GAaG;AACH,eAAO,MAAM,MAAM,oCACV,MAAM;;iBAEsB,UAAU,EAAE;CAqBhD,CAAC;AAEF;;;;;;;;;;;;;;;GAeG;AACH,eAAO,MAAM,MAAM,oCACV,MAAM,aACF,GAAG;;iBAE6B,UAAU,EAAE;EAqBxD,CAAC"}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/sd-jwt/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAMxB,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AAErC,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,eAAe,CAAC;AAEzC;;;;;;;;;;;;;GAaG;AACH,eAAO,MAAM,MAAM,oCACV,MAAM;;iBAEsB,UAAU,EAAE;CAwBhD,CAAC;AAEF;;;;;;;;;;;;;;;GAeG;AACH,eAAO,MAAM,MAAM,oCACV,MAAM,aACF,GAAG;;iBAE6B,UAAU,EAAE;EAqBxD,CAAC"}
@@ -22,18 +22,18 @@ export declare const SdJwt4VC: z.ZodObject<{
22
22
  header: z.ZodObject<{
23
23
  typ: z.ZodLiteral<"vc+sd-jwt">;
24
24
  alg: z.ZodString;
25
- kid: z.ZodString;
25
+ kid: z.ZodOptional<z.ZodString>;
26
26
  trust_chain: z.ZodArray<z.ZodString, "many">;
27
27
  }, "strip", z.ZodTypeAny, {
28
28
  alg: string;
29
- kid: string;
30
29
  typ: "vc+sd-jwt";
31
30
  trust_chain: string[];
31
+ kid?: string | undefined;
32
32
  }, {
33
33
  alg: string;
34
- kid: string;
35
34
  typ: "vc+sd-jwt";
36
35
  trust_chain: string[];
36
+ kid?: string | undefined;
37
37
  }>;
38
38
  payload: z.ZodObject<{
39
39
  iss: z.ZodString;
@@ -307,9 +307,9 @@ export declare const SdJwt4VC: z.ZodObject<{
307
307
  }, "strip", z.ZodTypeAny, {
308
308
  header: {
309
309
  alg: string;
310
- kid: string;
311
310
  typ: "vc+sd-jwt";
312
311
  trust_chain: string[];
312
+ kid?: string | undefined;
313
313
  };
314
314
  payload: {
315
315
  type: "PersonIdentificationData";
@@ -361,9 +361,9 @@ export declare const SdJwt4VC: z.ZodObject<{
361
361
  }, {
362
362
  header: {
363
363
  alg: string;
364
- kid: string;
365
364
  typ: "vc+sd-jwt";
366
365
  trust_chain: string[];
366
+ kid?: string | undefined;
367
367
  };
368
368
  payload: {
369
369
  type: "PersonIdentificationData";
@@ -6,16 +6,16 @@ export declare const DPoPPayload: z.ZodObject<{
6
6
  jti: z.ZodString;
7
7
  htm: z.ZodUnion<[z.ZodLiteral<"POST">, z.ZodLiteral<"GET">]>;
8
8
  htu: z.ZodString;
9
- ath: z.ZodString;
9
+ ath: z.ZodOptional<z.ZodString>;
10
10
  }, "strip", z.ZodTypeAny, {
11
11
  jti: string;
12
- htm: "GET" | "POST";
12
+ htm: "POST" | "GET";
13
13
  htu: string;
14
- ath: string;
14
+ ath?: string | undefined;
15
15
  }, {
16
16
  jti: string;
17
- htm: "GET" | "POST";
17
+ htm: "POST" | "GET";
18
18
  htu: string;
19
- ath: string;
19
+ ath?: string | undefined;
20
20
  }>;
21
21
  //# sourceMappingURL=dpop.d.ts.map
@@ -55,4 +55,17 @@ export declare class AuthRequestDecodeError extends IoWalletError {
55
55
  reason: string;
56
56
  constructor(message: string, claim?: string, reason?: string);
57
57
  }
58
+ /**
59
+ * An error subclass thrown when validation fail
60
+ *
61
+ */
62
+ export declare class PidIssuingError extends IoWalletError {
63
+ static get code(): "ERR_IO_WALLET_PID_ISSUING_FAILED";
64
+ code: string;
65
+ /** The Claim for which the validation failed. */
66
+ claim: string;
67
+ /** Reason code for the validation failure. */
68
+ reason: string;
69
+ constructor(message: string, claim?: string, reason?: string);
70
+ }
58
71
  //# sourceMappingURL=errors.d.ts.map
@@ -1 +1 @@
1
- {"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../../../src/utils/errors.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AACH,qBAAa,aAAc,SAAQ,KAAK;IACtC,6DAA6D;IAC7D,MAAM,KAAK,IAAI,IAAI,MAAM,CAExB;IAED,6DAA6D;IAC7D,IAAI,EAAE,MAAM,CAA2B;gBAE3B,OAAO,CAAC,EAAE,MAAM;CAM7B;AACD;;;GAGG;AACH,qBAAa,gBAAiB,SAAQ,aAAa;IACjD,MAAM,KAAK,IAAI,IAAI,iCAAiC,CAEnD;IAED,IAAI,SAAqC;IAEzC,iDAAiD;IACjD,KAAK,EAAE,MAAM,CAAC;IAEd,8CAA8C;IAC9C,MAAM,EAAE,MAAM,CAAC;gBAEH,OAAO,EAAE,MAAM,EAAE,KAAK,SAAgB,EAAE,MAAM,SAAgB;CAK3E;AAED;;;GAGG;AACH,qBAAa,qCAAsC,SAAQ,aAAa;IACtE,MAAM,KAAK,IAAI,IAAI,mDAAmD,CAErE;IAED,IAAI,SAAuD;IAE3D,iDAAiD;IACjD,KAAK,EAAE,MAAM,CAAC;IAEd,8CAA8C;IAC9C,MAAM,EAAE,MAAM,CAAC;gBAEH,OAAO,EAAE,MAAM,EAAE,KAAK,SAAgB,EAAE,MAAM,SAAgB;CAK3E;AAED;;;GAGG;AACH,qBAAa,sBAAuB,SAAQ,aAAa;IACvD,MAAM,KAAK,IAAI,IAAI,oDAAoD,CAEtE;IAED,IAAI,SAAwD;IAE5D,iDAAiD;IACjD,KAAK,EAAE,MAAM,CAAC;IAEd,8CAA8C;IAC9C,MAAM,EAAE,MAAM,CAAC;gBAEH,OAAO,EAAE,MAAM,EAAE,KAAK,SAAgB,EAAE,MAAM,SAAgB;CAK3E"}
1
+ {"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../../../src/utils/errors.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AACH,qBAAa,aAAc,SAAQ,KAAK;IACtC,6DAA6D;IAC7D,MAAM,KAAK,IAAI,IAAI,MAAM,CAExB;IAED,6DAA6D;IAC7D,IAAI,EAAE,MAAM,CAA2B;gBAE3B,OAAO,CAAC,EAAE,MAAM;CAM7B;AACD;;;GAGG;AACH,qBAAa,gBAAiB,SAAQ,aAAa;IACjD,MAAM,KAAK,IAAI,IAAI,iCAAiC,CAEnD;IAED,IAAI,SAAqC;IAEzC,iDAAiD;IACjD,KAAK,EAAE,MAAM,CAAC;IAEd,8CAA8C;IAC9C,MAAM,EAAE,MAAM,CAAC;gBAEH,OAAO,EAAE,MAAM,EAAE,KAAK,SAAgB,EAAE,MAAM,SAAgB;CAK3E;AAED;;;GAGG;AACH,qBAAa,qCAAsC,SAAQ,aAAa;IACtE,MAAM,KAAK,IAAI,IAAI,mDAAmD,CAErE;IAED,IAAI,SAAuD;IAE3D,iDAAiD;IACjD,KAAK,EAAE,MAAM,CAAC;IAEd,8CAA8C;IAC9C,MAAM,EAAE,MAAM,CAAC;gBAEH,OAAO,EAAE,MAAM,EAAE,KAAK,SAAgB,EAAE,MAAM,SAAgB;CAK3E;AAED;;;GAGG;AACH,qBAAa,sBAAuB,SAAQ,aAAa;IACvD,MAAM,KAAK,IAAI,IAAI,oDAAoD,CAEtE;IAED,IAAI,SAAwD;IAE5D,iDAAiD;IACjD,KAAK,EAAE,MAAM,CAAC;IAEd,8CAA8C;IAC9C,MAAM,EAAE,MAAM,CAAC;gBAEH,OAAO,EAAE,MAAM,EAAE,KAAK,SAAgB,EAAE,MAAM,SAAgB;CAK3E;AAED;;;GAGG;AACH,qBAAa,eAAgB,SAAQ,aAAa;IAChD,MAAM,KAAK,IAAI,IAAI,kCAAkC,CAEpD;IAED,IAAI,SAAsC;IAE1C,iDAAiD;IACjD,KAAK,EAAE,MAAM,CAAC;IAEd,8CAA8C;IAC9C,MAAM,EAAE,MAAM,CAAC;gBAEH,OAAO,EAAE,MAAM,EAAE,KAAK,SAAgB,EAAE,MAAM,SAAgB;CAK3E"}
@@ -27,6 +27,6 @@ export declare class Issuing {
27
27
  * @returns {string} Wallet Instance Attestation
28
28
  *
29
29
  */
30
- getAttestation(attestationRequest: string, signature: string): Promise<String>;
30
+ getAttestation(attestationRequest: string, signature: string): Promise<string>;
31
31
  }
32
32
  //# sourceMappingURL=issuing.d.ts.map