@pagopa/io-react-native-wallet 0.11.1 → 0.12.0

package/lib/module/client/generated/wallet-provider.js

@@ -0,0 +1,105 @@
+import z from "zod";
+export const ProblemDetail = z.object({
+  type: z.string().optional(),
+  title: z.string().optional(),
+  status: z.number().optional(),
+  detail: z.string().optional(),
+  instance: z.string().optional()
+});
+export const FiscalCode = z.string();
+export const Id = z.string();
+export const get_GetEntityConfiguration = {
+  method: z.literal("GET"),
+  path: z.literal("/.well-known/openid-federation"),
+  parameters: z.never(),
+  response: z.unknown()
+};
+export const get_GetNonce = {
+  method: z.literal("GET"),
+  path: z.literal("/nonce"),
+  parameters: z.never(),
+  response: z.object({
+    nonce: z.string()
+  })
+};
+export const post_CreateWalletInstance = {
+  method: z.literal("POST"),
+  path: z.literal("/wallet-instances"),
+  parameters: z.object({
+    body: z.object({
+      challenge: z.string(),
+      key_attestation: z.string(),
+      hardware_key_tag: z.string()
+    })
+  }),
+  response: z.unknown()
+};
+export const post_CreateWalletAttestation = {
+  method: z.literal("POST"),
+  path: z.literal("/token"),
+  parameters: z.object({
+    body: z.object({
+      grant_type: z.literal("urn:ietf:params:oauth:grant-type:jwt-bearer"),
+      assertion: z.string()
+    })
+  }),
+  response: z.unknown()
+};
+
+// <EndpointByMethod>
+export const EndpointByMethod = {
+  get: {
+    "/.well-known/openid-federation": get_GetEntityConfiguration,
+    "/nonce": get_GetNonce
+  },
+  post: {
+    "/wallet-instances": post_CreateWalletInstance,
+    "/token": post_CreateWalletAttestation
+  }
+};
+
+// </EndpointByMethod>
+// <EndpointByMethod.Shorthands>
+// </EndpointByMethod.Shorthands>
+// <ApiClientTypes>
+// </ApiClientTypes>
+// <ApiClient>
+export class ApiClient {
+  baseUrl = "";
+  constructor(fetcher) {
+    this.fetcher = fetcher;
+  }
+  setBaseUrl(baseUrl) {
+    this.baseUrl = baseUrl;
+    return this;
+  }
+
+  // <ApiClient.get>
+  get(path) {
+    return this.fetcher("get", this.baseUrl + path, arguments.length <= 1 ? undefined : arguments[1]);
+  }
+  // </ApiClient.get>
+
+  // <ApiClient.post>
+  post(path) {
+    return this.fetcher("post", this.baseUrl + path, arguments.length <= 1 ? undefined : arguments[1]);
+  }
+  // </ApiClient.post>
+}
+
+export function createApiClient(fetcher, baseUrl) {
+  return new ApiClient(fetcher).setBaseUrl(baseUrl ?? "");
+}
+
+/**
+ Example usage:
+ const api = createApiClient((method, url, params) =>
+   fetch(url, { method, body: JSON.stringify(params) }).then((res) => res.json()),
+ );
+ api.get("/users").then((users) => console.log(users));
+ api.post("/users", { body: { name: "John" } }).then((user) => console.log(user));
+ api.put("/users/:id", { path: { id: 1 }, body: { name: "John" } }).then((user) => console.log(user));
+*/
+
+// </ApiClient
+//# sourceMappingURL=wallet-provider.js.map

package/lib/module/client/generated/wallet-provider.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["z","ProblemDetail","object","type","string","optional","title","status","number","detail","instance","FiscalCode","Id","get_GetEntityConfiguration","method","literal","path","parameters","never","response","unknown","get_GetNonce","nonce","post_CreateWalletInstance","body","challenge","key_attestation","hardware_key_tag","post_CreateWalletAttestation","grant_type","assertion","EndpointByMethod","get","post","ApiClient","baseUrl","constructor","fetcher","setBaseUrl","arguments","length","undefined","createApiClient"],"sourceRoot":"../../../../src","sources":["client/generated/wallet-provider.ts"],"mappings":"AAAA,OAAOA,CAAC,MAAM,KAAK;AAGnB,OAAO,MAAMC,aAAa,GAAGD,CAAC,CAACE,MAAM,CAAC;EACpCC,IAAI,EAAEH,CAAC,CAACI,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EAC3BC,KAAK,EAAEN,CAAC,CAACI,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EAC5BE,MAAM,EAAEP,CAAC,CAACQ,MAAM,CAAC,CAAC,CAACH,QAAQ,CAAC,CAAC;EAC7BI,MAAM,EAAET,CAAC,CAACI,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EAC7BK,QAAQ,EAAEV,CAAC,CAACI,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC;AAChC,CAAC,CAAC;AAGF,OAAO,MAAMM,UAAU,GAAGX,CAAC,CAACI,MAAM,CAAC,CAAC;AAGpC,OAAO,MAAMQ,EAAE,GAAGZ,CAAC,CAACI,MAAM,CAAC,CAAC;AAG5B,OAAO,MAAMS,0BAA0B,GAAG;EACxCC,MAAM,EAAEd,CAAC,CAACe,OAAO,CAAC,KAAK,CAAC;EACxBC,IAAI,EAAEhB,CAAC,CAACe,OAAO,CAAC,gCAAgC,CAAC;EACjDE,UAAU,EAAEjB,CAAC,CAACkB,KAAK,CAAC,CAAC;EACrBC,QAAQ,EAAEnB,CAAC,CAACoB,OAAO,CAAC;AACtB,CAAC;AAGD,OAAO,MAAMC,YAAY,GAAG;EAC1BP,MAAM,EAAEd,CAAC,CAACe,OAAO,CAAC,KAAK,CAAC;EACxBC,IAAI,EAAEhB,CAAC,CAACe,OAAO,CAAC,QAAQ,CAAC;EACzBE,UAAU,EAAEjB,CAAC,CAACkB,KAAK,CAAC,CAAC;EACrBC,QAAQ,EAAEnB,CAAC,CAACE,MAAM,CAAC;IACjBoB,KAAK,EAAEtB,CAAC,CAACI,MAAM,CAAC;EAClB,CAAC;AACH,CAAC;AAGD,OAAO,MAAMmB,yBAAyB,GAAG;EACvCT,MAAM,EAAEd,CAAC,CAACe,OAAO,CAAC,MAAM,CAAC;EACzBC,IAAI,EAAEhB,CAAC,CAACe,OAAO,CAAC,mBAAmB,CAAC;EACpCE,UAAU,EAAEjB,CAAC,CAACE,MAAM,CAAC;IACnBsB,IAAI,EAAExB,CAAC,CAACE,MAAM,CAAC;MACbuB,SAAS,EAAEzB,CAAC,CAACI,MAAM,CAAC,CAAC;MACrBsB,eAAe,EAAE1B,CAAC,CAACI,MAAM,CAAC,CAAC;MAC3BuB,gBAAgB,EAAE3B,CAAC,CAACI,MAAM,CAAC;IAC7B,CAAC;EACH,CAAC,CAAC;EACFe,QAAQ,EAAEnB,CAAC,CAACoB,OAAO,CAAC;AACtB,CAAC;AAGD,OAAO,MAAMQ,4BAA4B,GAAG;EAC1Cd,MAAM,EAAEd,CAAC,CAACe,OAAO,CAAC,MAAM,CAAC;EACzBC,IAAI,EAAEhB,CAAC,CAACe,OAAO,CAAC,QAAQ,CAAC;EACzBE,UAAU,EAAEjB,CAAC,CAACE,MAAM,CAAC;IACnBsB,IAAI,EAAExB,CAAC,CAACE,MAAM,CAAC;MACb2B,UAAU,EAAE7B,CAAC,CAACe,OAAO,CAAC,6CAA6C,CAAC;MACpEe,SAAS,EAAE9B,CAAC,CAACI,MAAM,CAAC;IACtB,CAAC;EACH,CAAC,CAAC;EACFe,QAAQ,EAAEnB,CAAC,CAACoB,OAAO,CAAC;AACtB,CAAC;;AAED;AACA,OAAO,MAAMW,gBAAgB,GAAG;EAC9BC,GAAG,EAAE;IACH,gCAAgC,EAAEnB,0BAA0B;IAC5D,QAAQ,EAAEQ;EACZ,CAAC;EACDY,IAAI,EAAE;IACJ,mBAAmB,EAAEV,yBAAyB;IAC9C,QAAQ,EAAEK;EACZ;AACF,CAAC;;AAED;AAEA;AAIA;AAEA;AAyCA;AAEA;AACA,OAAO,MAAMM,SAAS,CAAC;EACrBC,OAAO,GAAW,EAAE;EAEpBC,WAAWA,CAAQC,OAAgB,EAAE;IAAA,KAAlBA,OAAgB,GAAhBA,OAAgB;EAAG;EAEtCC,UAAUA,CAACH,OAAe,EAAE;IAC1B,IAAI,CAACA,OAAO,GAAGA,OAAO;IACtB,OAAO,IAAI;EACb;;EAEA;EACAH,GAAGA,CACDhB,IAAU,EAE+B;IACzC,OAAO,IAAI,CAACqB,OAAO,CAAC,KAAK,EAAE,IAAI,CAACF,OAAO,GAAGnB,IAAI,EAAAuB,SAAA,CAAAC,MAAA,QAAAC,SAAA,GAAAF,SAAA,GAAW,CAAC;EAC5D;EACA;;EAEA;EACAN,IAAIA,CACFjB,IAAU,EAE+B;IACzC,OAAO,IAAI,CAACqB,OAAO,CAAC,MAAM,EAAE,IAAI,CAACF,OAAO,GAAGnB,IAAI,EAAAuB,SAAA,CAAAC,MAAA,QAAAC,SAAA,GAAAF,SAAA,GAAW,CAAC;EAC7D;EACA;AACF;;AAEA,OAAO,SAASG,eAAeA,CAACL,OAAgB,EAAEF,OAAgB,EAAE;EAClE,OAAO,IAAID,SAAS,CAACG,OAAO,CAAC,CAACC,UAAU,CAACH,OAAO,IAAI,EAAE,CAAC;AACzD;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA"}

package/lib/module/client/index.js

@@ -0,0 +1,34 @@
+import { WalletProviderResponseError } from "../utils/errors";
+import { ProblemDetail, createApiClient as createWalletProviderApiClient } from "./generated/wallet-provider";
+const validateResponse = async response => {
+  if (!response.ok) {
+    let problemDetail = {};
+    try {
+      problemDetail = ProblemDetail.parse(await response.json());
+    } catch {
+      problemDetail = {
+        title: "Invalid response from Wallet Provider"
+      };
+    }
+    let statusResponse = `Response status code: ${response.status}`;
+    throw new WalletProviderResponseError(problemDetail.title ? problemDetail.title : "Invalid response from Wallet Provider", problemDetail.type, problemDetail.detail ? statusResponse : `${statusResponse} with detail: ${problemDetail.detail}`);
+  }
+  return response;
+};
+export const getWalletProviderClient = context => {
+  const {
+    walletProviderBaseUrl,
+    appFetch = fetch
+  } = context;
+  return createWalletProviderApiClient((method, url, params) => appFetch(url, {
+    method,
+    body: params ? JSON.stringify(params.body) : undefined
+  }).then(validateResponse).then(res => {
+    const contentType = res.headers.get("content-type");
+    if (contentType === "application/json") {
+      return res.json();
+    }
+    return res.text();
+  }), walletProviderBaseUrl);
+};
+//# sourceMappingURL=index.js.map

package/lib/module/client/index.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["WalletProviderResponseError","ProblemDetail","createApiClient","createWalletProviderApiClient","validateResponse","response","ok","problemDetail","parse","json","title","statusResponse","status","type","detail","getWalletProviderClient","context","walletProviderBaseUrl","appFetch","fetch","method","url","params","body","JSON","stringify","undefined","then","res","contentType","headers","get","text"],"sourceRoot":"../../../src","sources":["client/index.ts"],"mappings":"AAAA,SAASA,2BAA2B,QAAQ,iBAAiB;AAC7D,SACEC,aAAa,EACbC,eAAe,IAAIC,6BAA6B,QAC3C,6BAA6B;AAKpC,MAAMC,gBAAgB,GAAG,MAAOC,QAAkB,IAAK;EACrD,IAAI,CAACA,QAAQ,CAACC,EAAE,EAAE;IAChB,IAAIC,aAA4B,GAAG,CAAC,CAAC;IACrC,IAAI;MACFA,aAAa,GAAGN,aAAa,CAACO,KAAK,CAAC,MAAMH,QAAQ,CAACI,IAAI,CAAC,CAAC,CAAC;IAC5D,CAAC,CAAC,MAAM;MACNF,aAAa,GAAG;QACdG,KAAK,EAAE;MACT,CAAC;IACH;IAEA,IAAIC,cAAc,GAAI,yBAAwBN,QAAQ,CAACO,MAAO,EAAC;IAE/D,MAAM,IAAIZ,2BAA2B,CACnCO,aAAa,CAACG,KAAK,GACfH,aAAa,CAACG,KAAK,GACnB,uCAAuC,EAC3CH,aAAa,CAACM,IAAI,EAClBN,aAAa,CAACO,MAAM,GAChBH,cAAc,GACb,GAAEA,cAAe,iBAAgBJ,aAAa,CAACO,MAAO,EAC7D,CAAC;EACH;EACA,OAAOT,QAAQ;AACjB,CAAC;AAED,OAAO,MAAMU,uBAAuB,GAAIC,OAGvC,IAAK;EACJ,MAAM;IAAEC,qBAAqB;IAAEC,QAAQ,GAAGC;EAAM,CAAC,GAAGH,OAAO;EAE3D,OAAOb,6BAA6B,CAClC,CAACiB,MAAM,EAAEC,GAAG,EAAEC,MAAM,KAClBJ,QAAQ,CAACG,GAAG,EAAE;IACZD,MAAM;IACNG,IAAI,EAAED,MAAM,GAAGE,IAAI,CAACC,SAAS,CAACH,MAAM,CAACC,IAAI,CAAC,GAAGG;EAC/C,CAAC,CAAC,CACCC,IAAI,CAACvB,gBAAgB,CAAC,CACtBuB,IAAI,CAAEC,GAAG,IAAK;IACb,MAAMC,WAAW,GAAGD,GAAG,CAACE,OAAO,CAACC,GAAG,CAAC,cAAc,CAAC;IACnD,IAAIF,WAAW,KAAK,kBAAkB,EAAE;MACtC,OAAOD,GAAG,CAACnB,IAAI,CAAC,CAAC;IACnB;IACA,OAAOmB,GAAG,CAACI,IAAI,CAAC,CAAC;EACnB,CAAC,CAAC,EACNf,qBACF,CAAC;AACH,CAAC"}

package/lib/module/index.js

@@ -1,3 +1,4 @@
+import { fixBase64EncodingOnKey } from "./utils/jwk";
 // polyfill due to known bugs on URL implementation for react native
 // https://github.com/facebook/react-native/issues/24428
 import "react-native-url-polyfill/auto";
@@ -7,7 +8,8 @@ import * as SdJwt from "./sd-jwt";
 import * as Errors from "./utils/errors";
 import * as WalletInstanceAttestation from "./wallet-instance-attestation";
 import * as Trust from "./trust";
+import * as WalletInstance from "./wallet-instance";
 import { AuthorizationDetail, AuthorizationDetails } from "./utils/par";
 import { createCryptoContextFor } from "./utils/crypto";
-export { SdJwt, PID, Credential, WalletInstanceAttestation, Errors, Trust, createCryptoContextFor, AuthorizationDetail, AuthorizationDetails };
+export { SdJwt, PID, Credential, WalletInstanceAttestation, WalletInstance, Errors, Trust, createCryptoContextFor, AuthorizationDetail, AuthorizationDetails, fixBase64EncodingOnKey };
 //# sourceMappingURL=index.js.map

package/lib/module/index.js.map

@@ -1 +1 @@
-{"version":3,"names":["Credential","PID","SdJwt","Errors","WalletInstanceAttestation","Trust","AuthorizationDetail","AuthorizationDetails","createCryptoContextFor"],"sourceRoot":"../../src","sources":["index.ts"],"mappings":"AAAA;AACA;AACA,OAAO,gCAAgC;AAEvC,OAAO,KAAKA,UAAU,MAAM,cAAc;AAC1C,OAAO,KAAKC,GAAG,MAAM,OAAO;AAC5B,OAAO,KAAKC,KAAK,MAAM,UAAU;AACjC,OAAO,KAAKC,MAAM,MAAM,gBAAgB;AACxC,OAAO,KAAKC,yBAAyB,MAAM,+BAA+B;AAC1E,OAAO,KAAKC,KAAK,MAAM,SAAS;AAChC,SAASC,mBAAmB,EAAEC,oBAAoB,QAAQ,aAAa;AACvE,SAASC,sBAAsB,QAAQ,gBAAgB;AAEvD,SACEN,KAAK,EACLD,GAAG,EACHD,UAAU,EACVI,yBAAyB,EACzBD,MAAM,EACNE,KAAK,EACLG,sBAAsB,EACtBF,mBAAmB,EACnBC,oBAAoB"}
+{"version":3,"names":["fixBase64EncodingOnKey","Credential","PID","SdJwt","Errors","WalletInstanceAttestation","Trust","WalletInstance","AuthorizationDetail","AuthorizationDetails","createCryptoContextFor"],"sourceRoot":"../../src","sources":["index.ts"],"mappings":"AAAA,SAASA,sBAAsB,QAAQ,aAAa;AACpD;AACA;AACA,OAAO,gCAAgC;AAEvC,OAAO,KAAKC,UAAU,MAAM,cAAc;AAC1C,OAAO,KAAKC,GAAG,MAAM,OAAO;AAC5B,OAAO,KAAKC,KAAK,MAAM,UAAU;AACjC,OAAO,KAAKC,MAAM,MAAM,gBAAgB;AACxC,OAAO,KAAKC,yBAAyB,MAAM,+BAA+B;AAC1E,OAAO,KAAKC,KAAK,MAAM,SAAS;AAChC,OAAO,KAAKC,cAAc,MAAM,mBAAmB;AACnD,SAASC,mBAAmB,EAAEC,oBAAoB,QAAQ,aAAa;AACvE,SAASC,sBAAsB,QAAQ,gBAAgB;AAGvD,SACEP,KAAK,EACLD,GAAG,EACHD,UAAU,EACVI,yBAAyB,EACzBE,cAAc,EACdH,MAAM,EACNE,KAAK,EACLI,sBAAsB,EACtBF,mBAAmB,EACnBC,oBAAoB,EACpBT,sBAAsB"}

package/lib/module/sd-jwt/verifier.js.map

@@ -1 +1 @@
-{"version":3,"names":["sha256ToBase64","ValidationFailed","verifyDisclosure","_ref","claims","encoded","decoded","hash","includes"],"sourceRoot":"../../../src","sources":["sd-jwt/verifier.ts"],"mappings":"AAAA,SAASA,cAAc,QAAQ,6BAA6B;AAE5D,SAASC,gBAAgB,QAAQ,iBAAiB;AAGlD,OAAO,MAAMC,gBAAgB,GAAG,MAAAA,CAAAC,IAAA,EAE9BC,MAAoC,KACjC;EAAA,IAFH;IAAEC,OAAO;IAAEC;EAA+B,CAAC,GAAAH,IAAA;EAG3C,IAAII,IAAI,GAAG,MAAMP,cAAc,CAACK,OAAO,CAAC;EACxC,IAAI,CAACD,MAAM,CAACI,QAAQ,CAACD,IAAI,CAAC,EAAE;IAC1B,MAAM,IAAIN,gBAAgB,CACxB,iCAAiC,EAChC,GAAEK,OAAQ,EAAC,EACZ,qCACF,CAAC;EACH;AACF,CAAC"}
+{"version":3,"names":["sha256ToBase64","ValidationFailed","verifyDisclosure","_ref","claims","encoded","decoded","hash","includes"],"sourceRoot":"../../../src","sources":["sd-jwt/verifier.js"],"mappings":"AAAA,SAASA,cAAc,QAAQ,6BAA6B;AAC5D,SAASC,gBAAgB,QAAQ,iBAAiB;AAClD,OAAO,MAAMC,gBAAgB,GAAG,MAAAA,CAAAC,IAAA,EAA6BC,MAAM,KAAK;EAAA,IAAjC;IAAEC,OAAO;IAAEC;EAAQ,CAAC,GAAAH,IAAA;EACzD,IAAII,IAAI,GAAG,MAAMP,cAAc,CAACK,OAAO,CAAC;EACxC,IAAI,CAACD,MAAM,CAACI,QAAQ,CAACD,IAAI,CAAC,EAAE;IAC1B,MAAM,IAAIN,gBAAgB,CACxB,iCAAiC,EAChC,GAAEK,OAAQ,EAAC,EACZ,qCACF,CAAC;EACH;AACF,CAAC"}

package/lib/module/utils/errors.js

@@ -218,4 +218,31 @@ export class PidMetadataError extends Error {
     super(message);
   }
 }
+
+/**
+ * An error subclass thrown when a Wallet Provider http request fail
+ *
+ */
+export class WalletProviderResponseError extends IoWalletError {
+  static get code() {
+    return "ERR_IO_WALLET_PROVIDER_RESPONSE_FAILED";
+  }
+  code = "ERR_IO_WALLET_PROVIDER_RESPONSE_FAILED";
+
+  /** The Claim for which the validation failed. */
+
+  /** Reason code for the validation failure. */
+
+  constructor(message) {
+    let claim = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : "unspecified";
+    let reason = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : "unspecified";
+    super(serializeAttrs({
+      message,
+      claim,
+      reason
+    }));
+    this.claim = claim;
+    this.reason = reason;
+  }
+}
 //# sourceMappingURL=errors.js.map

package/lib/module/utils/errors.js.map

@@ -1 +1 @@
-{"version":3,"names":["serializeAttrs","attrs","Object","entries","map","_ref","k","v","Array","isArray","join","_","IoWalletError","Error","code","constructor","message","_Error$captureStackTr","name","captureStackTrace","call","ValidationFailed","claim","arguments","length","undefined","reason","WalletInstanceAttestationIssuingError","AuthRequestDecodeError","PidIssuingError","ClaimsNotFoundBetweenDislosures","claims","c","ClaimsNotFoundInToken","NoSuitableKeysFoundInEntityConfiguration","scenario","PidMetadataError"],"sourceRoot":"../../../src","sources":["utils/errors.ts"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMA,cAAc,GAAIC,KAAsC,IAC5DC,MAAM,CAACC,OAAO,CAACF,KAAK,CAAC,CAClBG,GAAG,CAACC,IAAA;EAAA,IAAC,CAACC,CAAC,EAAEC,CAAC,CAAC,GAAAF,IAAA;EAAA,OAAK,CAACC,CAAC,EAAEE,KAAK,CAACC,OAAO,CAACF,CAAC,CAAC,GAAI,IAAGA,CAAC,CAACG,IAAI,CAAC,IAAI,CAAE,GAAE,GAAGH,CAAC,CAAC;AAAA,EAAC,CAChEH,GAAG,CAAEO,CAAC,IAAKA,CAAC,CAACD,IAAI,CAAC,GAAG,CAAC,CAAC,CACvBA,IAAI,CAAC,GAAG,CAAC;;AAEd;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAME,aAAa,SAASC,KAAK,CAAC;EACvC;EACA,WAAWC,IAAIA,CAAA,EAAW;IACxB,OAAO,uBAAuB;EAChC;;EAEA;EACAA,IAAI,GAAW,uBAAuB;EAEtCC,WAAWA,CAACC,OAAgB,EAAE;IAAA,IAAAC,qBAAA;IAC5B,KAAK,CAACD,OAAO,CAAC;IACd,IAAI,CAACE,IAAI,GAAG,IAAI,CAACH,WAAW,CAACG,IAAI;IACjC;IACA,CAAAD,qBAAA,GAAAJ,KAAK,CAACM,iBAAiB,cAAAF,qBAAA,uBAAvBA,qBAAA,CAAAG,IAAA,CAAAP,KAAK,EAAqB,IAAI,EAAE,IAAI,CAACE,WAAW,CAAC;EACnD;AACF;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMM,gBAAgB,SAAST,aAAa,CAAC;EAClD,WAAWE,IAAIA,CAAA,EAAsC;IACnD,OAAO,iCAAiC;EAC1C;EAEAA,IAAI,GAAG,iCAAiC;;EAExC;;EAGA;;EAGAC,WAAWA,CACTC,OAAe,EAGf;IAAA,IAFAM,KAAa,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAC7BG,MAAc,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAE9B,KAAK,CAACvB,cAAc,CAAC;MAAEgB,OAAO;MAAEM,KAAK;MAAEI;IAAO,CAAC,CAAC,CAAC;IACjD,IAAI,CAACJ,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AACA,OAAO,MAAMC,qCAAqC,SAASf,aAAa,CAAC;EACvE,WAAWE,IAAIA,CAAA,EAAwD;IACrE,OAAO,mDAAmD;EAC5D;EAEAA,IAAI,GAAG,mDAAmD;;EAE1D;;EAGA;;EAGAC,WAAWA,CACTC,OAAe,EAGf;IAAA,IAFAM,KAAa,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAC7BG,MAAc,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAE9B,KAAK,CAACvB,cAAc,CAAC;MAAEgB,OAAO;MAAEM,KAAK;MAAEI;IAAO,CAAC,CAAC,CAAC;IACjD,IAAI,CAACJ,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AACA,OAAO,MAAME,sBAAsB,SAAShB,aAAa,CAAC;EACxD,WAAWE,IAAIA,CAAA,EAAyD;IACtE,OAAO,oDAAoD;EAC7D;EAEAA,IAAI,GAAG,oDAAoD;;EAE3D;;EAGA;;EAGAC,WAAWA,CACTC,OAAe,EAGf;IAAA,IAFAM,KAAa,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAC7BG,MAAc,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAE9B,KAAK,CAACvB,cAAc,CAAC;MAAEgB,OAAO;MAAEM,KAAK;MAAEI;IAAO,CAAC,CAAC,CAAC;IACjD,IAAI,CAACJ,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AACA,OAAO,MAAMG,eAAe,SAASjB,aAAa,CAAC;EACjD,WAAWE,IAAIA,CAAA,EAAuC;IACpD,OAAO,kCAAkC;EAC3C;EAEAA,IAAI,GAAG,kCAAkC;;EAEzC;;EAGA;;EAGAC,WAAWA,CACTC,OAAe,EAGf;IAAA,IAFAM,KAAa,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAC7BG,MAAc,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAE9B,KAAK,CAACvB,cAAc,CAAC;MAAEgB,OAAO;MAAEM,KAAK;MAAEI;IAAO,CAAC,CAAC,CAAC;IACjD,IAAI,CAACJ,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AACA,OAAO,MAAMI,+BAA+B,SAASjB,KAAK,CAAC;EACzD,WAAWC,IAAIA,CAAA,EAA2B;IACxC,OAAO,sBAAsB;EAC/B;EAEAA,IAAI,GAAG,sBAAsB;;EAE7B;;EAGAC,WAAWA,CAACgB,MAAyB,EAAE;IACrC,MAAMC,CAAC,GAAGxB,KAAK,CAACC,OAAO,CAACsB,MAAM,CAAC,GAAGA,MAAM,GAAG,CAACA,MAAM,CAAC;IACnD,MAAMf,OAAO,GAAI,8EAA6EgB,CAAC,CAACtB,IAAI,CAClG,IACF,CAAE,EAAC;IACH,KAAK,CAACM,OAAO,CAAC;IACd,IAAI,CAACe,MAAM,GAAGC,CAAC;EACjB;AACF;;AAEA;AACA;AACA;AACA,OAAO,MAAMC,qBAAqB,SAASpB,KAAK,CAAC;EAC/C,WAAWC,IAAIA,CAAA,EAAoC;IACjD,OAAO,+BAA+B;EACxC;EAEAA,IAAI,GAAG,+BAA+B;;EAEtC;;EAGAC,WAAWA,CAACgB,MAAyB,EAAE;IACrC,MAAMC,CAAC,GAAGxB,KAAK,CAACC,OAAO,CAACsB,MAAM,CAAC,GAAGA,MAAM,GAAG,CAACA,MAAM,CAAC;IACnD,MAAMf,OAAO,GAAI,yDAAwDgB,CAAC,CAACtB,IAAI,CAC7E,IACF,CAAE,EAAC;IACH,KAAK,CAACM,OAAO,CAAC;IACd,IAAI,CAACe,MAAM,GAAGC,CAAC;EACjB;AACF;;AAEA;AACA;AACA;AACA;AACA,OAAO,MAAME,wCAAwC,SAASrB,KAAK,CAAC;EAClE,WAAWC,IAAIA,CAAA,EAAqC;IAClD,OAAO,gCAAgC;EACzC;EAEAA,IAAI,GAAG,gCAAgC;;EAEvC;AACF;AACA;EACEC,WAAWA,CAACoB,QAAgB,EAAE;IAC5B,MAAMnB,OAAO,GAAI,0DAAyDmB,QAAS,IAAG;IACtF,KAAK,CAACnB,OAAO,CAAC;EAChB;AACF;;AAEA;AACA;AACA;AACA;AACA,OAAO,MAAMoB,gBAAgB,SAASvB,KAAK,CAAC;EAC1C,WAAWC,IAAIA,CAAA,EAAyB;IACtC,OAAO,oBAAoB;EAC7B;EAEAC,WAAWA,CAACC,OAAe,EAAE;IAC3B,KAAK,CAACA,OAAO,CAAC;EAChB;AACF"}
+{"version":3,"names":["serializeAttrs","attrs","Object","entries","map","_ref","k","v","Array","isArray","join","_","IoWalletError","Error","code","constructor","message","_Error$captureStackTr","name","captureStackTrace","call","ValidationFailed","claim","arguments","length","undefined","reason","WalletInstanceAttestationIssuingError","AuthRequestDecodeError","PidIssuingError","ClaimsNotFoundBetweenDislosures","claims","c","ClaimsNotFoundInToken","NoSuitableKeysFoundInEntityConfiguration","scenario","PidMetadataError","WalletProviderResponseError"],"sourceRoot":"../../../src","sources":["utils/errors.ts"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMA,cAAc,GAAIC,KAAsC,IAC5DC,MAAM,CAACC,OAAO,CAACF,KAAK,CAAC,CAClBG,GAAG,CAACC,IAAA;EAAA,IAAC,CAACC,CAAC,EAAEC,CAAC,CAAC,GAAAF,IAAA;EAAA,OAAK,CAACC,CAAC,EAAEE,KAAK,CAACC,OAAO,CAACF,CAAC,CAAC,GAAI,IAAGA,CAAC,CAACG,IAAI,CAAC,IAAI,CAAE,GAAE,GAAGH,CAAC,CAAC;AAAA,EAAC,CAChEH,GAAG,CAAEO,CAAC,IAAKA,CAAC,CAACD,IAAI,CAAC,GAAG,CAAC,CAAC,CACvBA,IAAI,CAAC,GAAG,CAAC;;AAEd;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAME,aAAa,SAASC,KAAK,CAAC;EACvC;EACA,WAAWC,IAAIA,CAAA,EAAW;IACxB,OAAO,uBAAuB;EAChC;;EAEA;EACAA,IAAI,GAAW,uBAAuB;EAEtCC,WAAWA,CAACC,OAAgB,EAAE;IAAA,IAAAC,qBAAA;IAC5B,KAAK,CAACD,OAAO,CAAC;IACd,IAAI,CAACE,IAAI,GAAG,IAAI,CAACH,WAAW,CAACG,IAAI;IACjC;IACA,CAAAD,qBAAA,GAAAJ,KAAK,CAACM,iBAAiB,cAAAF,qBAAA,uBAAvBA,qBAAA,CAAAG,IAAA,CAAAP,KAAK,EAAqB,IAAI,EAAE,IAAI,CAACE,WAAW,CAAC;EACnD;AACF;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMM,gBAAgB,SAAST,aAAa,CAAC;EAClD,WAAWE,IAAIA,CAAA,EAAsC;IACnD,OAAO,iCAAiC;EAC1C;EAEAA,IAAI,GAAG,iCAAiC;;EAExC;;EAGA;;EAGAC,WAAWA,CACTC,OAAe,EAGf;IAAA,IAFAM,KAAa,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAC7BG,MAAc,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAE9B,KAAK,CAACvB,cAAc,CAAC;MAAEgB,OAAO;MAAEM,KAAK;MAAEI;IAAO,CAAC,CAAC,CAAC;IACjD,IAAI,CAACJ,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AACA,OAAO,MAAMC,qCAAqC,SAASf,aAAa,CAAC;EACvE,WAAWE,IAAIA,CAAA,EAAwD;IACrE,OAAO,mDAAmD;EAC5D;EAEAA,IAAI,GAAG,mDAAmD;;EAE1D;;EAGA;;EAGAC,WAAWA,CACTC,OAAe,EAGf;IAAA,IAFAM,KAAa,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAC7BG,MAAc,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAE9B,KAAK,CAACvB,cAAc,CAAC;MAAEgB,OAAO;MAAEM,KAAK;MAAEI;IAAO,CAAC,CAAC,CAAC;IACjD,IAAI,CAACJ,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AACA,OAAO,MAAME,sBAAsB,SAAShB,aAAa,CAAC;EACxD,WAAWE,IAAIA,CAAA,EAAyD;IACtE,OAAO,oDAAoD;EAC7D;EAEAA,IAAI,GAAG,oDAAoD;;EAE3D;;EAGA;;EAGAC,WAAWA,CACTC,OAAe,EAGf;IAAA,IAFAM,KAAa,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAC7BG,MAAc,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAE9B,KAAK,CAACvB,cAAc,CAAC;MAAEgB,OAAO;MAAEM,KAAK;MAAEI;IAAO,CAAC,CAAC,CAAC;IACjD,IAAI,CAACJ,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AACA,OAAO,MAAMG,eAAe,SAASjB,aAAa,CAAC;EACjD,WAAWE,IAAIA,CAAA,EAAuC;IACpD,OAAO,kCAAkC;EAC3C;EAEAA,IAAI,GAAG,kCAAkC;;EAEzC;;EAGA;;EAGAC,WAAWA,CACTC,OAAe,EAGf;IAAA,IAFAM,KAAa,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAC7BG,MAAc,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAE9B,KAAK,CAACvB,cAAc,CAAC;MAAEgB,OAAO;MAAEM,KAAK;MAAEI;IAAO,CAAC,CAAC,CAAC;IACjD,IAAI,CAACJ,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AACA,OAAO,MAAMI,+BAA+B,SAASjB,KAAK,CAAC;EACzD,WAAWC,IAAIA,CAAA,EAA2B;IACxC,OAAO,sBAAsB;EAC/B;EAEAA,IAAI,GAAG,sBAAsB;;EAE7B;;EAGAC,WAAWA,CAACgB,MAAyB,EAAE;IACrC,MAAMC,CAAC,GAAGxB,KAAK,CAACC,OAAO,CAACsB,MAAM,CAAC,GAAGA,MAAM,GAAG,CAACA,MAAM,CAAC;IACnD,MAAMf,OAAO,GAAI,8EAA6EgB,CAAC,CAACtB,IAAI,CAClG,IACF,CAAE,EAAC;IACH,KAAK,CAACM,OAAO,CAAC;IACd,IAAI,CAACe,MAAM,GAAGC,CAAC;EACjB;AACF;;AAEA;AACA;AACA;AACA,OAAO,MAAMC,qBAAqB,SAASpB,KAAK,CAAC;EAC/C,WAAWC,IAAIA,CAAA,EAAoC;IACjD,OAAO,+BAA+B;EACxC;EAEAA,IAAI,GAAG,+BAA+B;;EAEtC;;EAGAC,WAAWA,CAACgB,MAAyB,EAAE;IACrC,MAAMC,CAAC,GAAGxB,KAAK,CAACC,OAAO,CAACsB,MAAM,CAAC,GAAGA,MAAM,GAAG,CAACA,MAAM,CAAC;IACnD,MAAMf,OAAO,GAAI,yDAAwDgB,CAAC,CAACtB,IAAI,CAC7E,IACF,CAAE,EAAC;IACH,KAAK,CAACM,OAAO,CAAC;IACd,IAAI,CAACe,MAAM,GAAGC,CAAC;EACjB;AACF;;AAEA;AACA;AACA;AACA;AACA,OAAO,MAAME,wCAAwC,SAASrB,KAAK,CAAC;EAClE,WAAWC,IAAIA,CAAA,EAAqC;IAClD,OAAO,gCAAgC;EACzC;EAEAA,IAAI,GAAG,gCAAgC;;EAEvC;AACF;AACA;EACEC,WAAWA,CAACoB,QAAgB,EAAE;IAC5B,MAAMnB,OAAO,GAAI,0DAAyDmB,QAAS,IAAG;IACtF,KAAK,CAACnB,OAAO,CAAC;EAChB;AACF;;AAEA;AACA;AACA;AACA;AACA,OAAO,MAAMoB,gBAAgB,SAASvB,KAAK,CAAC;EAC1C,WAAWC,IAAIA,CAAA,EAAyB;IACtC,OAAO,oBAAoB;EAC7B;EAEAC,WAAWA,CAACC,OAAe,EAAE;IAC3B,KAAK,CAACA,OAAO,CAAC;EAChB;AACF;;AAEA;AACA;AACA;AACA;AACA,OAAO,MAAMqB,2BAA2B,SAASzB,aAAa,CAAC;EAC7D,WAAWE,IAAIA,CAAA,EAA6C;IAC1D,OAAO,wCAAwC;EACjD;EAEAA,IAAI,GAAG,wCAAwC;;EAE/C;;EAGA;;EAGAC,WAAWA,CACTC,OAAe,EAGf;IAAA,IAFAM,KAAa,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAC7BG,MAAc,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAE9B,KAAK,CAACvB,cAAc,CAAC;MAAEgB,OAAO;MAAEM,KAAK;MAAEI;IAAO,CAAC,CAAC,CAAC;IACjD,IAAI,CAACJ,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF"}

package/lib/module/utils/integrity.js

@@ -0,0 +1,2 @@
+
+//# sourceMappingURL=integrity.js.map

package/lib/module/utils/integrity.js.map

@@ -0,0 +1 @@
+{"version":3,"names":[],"sourceRoot":"../../../src","sources":["utils/integrity.ts"],"mappings":""}

package/lib/module/wallet-instance/index.js

@@ -0,0 +1,23 @@
+import { getWalletProviderClient } from "../client";
+export async function createWalletInstance(context) {
+  const {
+    integrityContext
+  } = context;
+  const api = getWalletProviderClient(context);
+
+  //1. Obtain nonce
+  const challenge = await api.get("/nonce").then(response => response.nonce);
+  const keyAttestation = await integrityContext.getAttestation(challenge);
+  const hardwareKeyTag = integrityContext.getHardwareKeyTag();
+
+  //2. Create Wallet Instance
+  await api.post("/wallet-instances", {
+    body: {
+      challenge,
+      key_attestation: keyAttestation,
+      hardware_key_tag: hardwareKeyTag
+    }
+  });
+  return hardwareKeyTag;
+}
+//# sourceMappingURL=index.js.map

package/lib/module/wallet-instance/index.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["getWalletProviderClient","createWalletInstance","context","integrityContext","api","challenge","get","then","response","nonce","keyAttestation","getAttestation","hardwareKeyTag","getHardwareKeyTag","post","body","key_attestation","hardware_key_tag"],"sourceRoot":"../../../src","sources":["wallet-instance/index.ts"],"mappings":"AAAA,SAASA,uBAAuB,QAAQ,WAAW;AAGnD,OAAO,eAAeC,oBAAoBA,CAACC,OAI1C,EAAE;EACD,MAAM;IAAEC;EAAiB,CAAC,GAAGD,OAAO;EAEpC,MAAME,GAAG,GAAGJ,uBAAuB,CAACE,OAAO,CAAC;;EAE5C;EACA,MAAMG,SAAS,GAAG,MAAMD,GAAG,CAACE,GAAG,CAAC,QAAQ,CAAC,CAACC,IAAI,CAAEC,QAAQ,IAAKA,QAAQ,CAACC,KAAK,CAAC;EAE5E,MAAMC,cAAc,GAAG,MAAMP,gBAAgB,CAACQ,cAAc,CAACN,SAAS,CAAC;EACvE,MAAMO,cAAc,GAAGT,gBAAgB,CAACU,iBAAiB,CAAC,CAAC;;EAE3D;EACA,MAAMT,GAAG,CAACU,IAAI,CAAC,mBAAmB,EAAE;IAClCC,IAAI,EAAE;MACJV,SAAS;MACTW,eAAe,EAAEN,cAAc;MAC/BO,gBAAgB,EAAEL;IACpB;EACF,CAAC,CAAC;EAEF,OAAOA,cAAc;AACvB"}

package/lib/module/wallet-instance-attestation/issuing.js

@@ -1,11 +1,18 @@
-import { decode as decodeJwt } from "@pagopa/io-react-native-jwt";
-import { verify as verifyJwt } from "@pagopa/io-react-native-jwt";
 import { SignJWT, thumbprint } from "@pagopa/io-react-native-jwt";
 import { JWK, fixBase64EncodingOnKey } from "../utils/jwk";
-import { WalletInstanceAttestationRequestJwt } from "./types";
-import uuid from "react-native-uuid";
-import { WalletInstanceAttestationIssuingError } from "../utils/errors";
-async function getAttestationRequest(wiaCryptoContext, walletProviderEntityConfiguration) {
+import { getWalletProviderClient } from "../client";
+import { z } from "zod";
+
+/**
+ * Getter for an attestation request. The attestation request is a JWT that will be sent to the Wallet Provider to request a Wallet Instance Attestation.
+ *
+ * @param challenge - The nonce received from the Wallet Provider which is part of the signed clientData
+ * @param wiaCryptoContext - The key pair associated with the WIA. Will be use to prove the ownership of the attestation
+ * @param integrityContext - The integrity context which exposes a set of functions to interact with the device integrity service
+ * @param walletProviderBaseUrl - Base url for the Wallet Provider
+ * @returns A JWT containing the attestation request
+ */
+export async function getAttestationRequest(challenge, wiaCryptoContext, integrityContext, walletProviderBaseUrl) {
   const jwk = await wiaCryptoContext.getPublicKey();
   const parsedJwk = JWK.parse(jwk);
   const keyThumbprint = await thumbprint(parsedJwk);
@@ -13,50 +20,31 @@ async function getAttestationRequest(wiaCryptoContext, walletProviderEntityConfi
     ...parsedJwk,
     kid: keyThumbprint
   };
+  const clientData = {
+    challenge,
+    jwk_thumbprint: keyThumbprint
+  };
+  const hardwareKeyTag = integrityContext.getHardwareKeyTag();
+  const {
+    signature,
+    authenticatorData
+  } = await integrityContext.getHardwareSignatureWithAuthData(JSON.stringify(clientData));
   return new SignJWT(wiaCryptoContext).setPayload({
     iss: keyThumbprint,
-    aud: walletProviderEntityConfiguration.payload.iss,
-    jti: `${uuid.v4()}`,
-    nonce: `${uuid.v4()}`,
+    sub: walletProviderBaseUrl,
+    challenge,
+    hardware_signature: signature,
+    integrity_assertion: authenticatorData,
+    hardware_key_tag: hardwareKeyTag,
     cnf: {
       jwk: fixBase64EncodingOnKey(publicKey)
     }
   }).setProtectedHeader({
     kid: publicKey.kid,
-    typ: "wiar+jwt"
+    typ: "war+jwt"
   }).setIssuedAt().setExpirationTime("1h").sign();
 }
 
-/**
- * Validate a Wallet Instance Attestation token.
- * Either return true or throw an exception.
- *
- * @param wia Signed Wallet Instance Attestation token
- * @param walletProviderEntityConfiguration Entity Configuration object for the issuing Wallet Provider
- * @returns The token is valid
- * @throws {WalletInstanceAttestationIssuingError} When the received token fails to validate. This can happen due to invalid signature, expired token or malformed JWT token.
- */
-async function verifyWalletInstanceAttestation(wia, walletProviderEntityConfiguration) {
-  const {
-    payload: {
-      sub,
-      metadata: {
-        wallet_provider: {
-          jwks: {
-            keys
-          }
-        }
-      }
-    }
-  } = walletProviderEntityConfiguration;
-  return verifyJwt(wia, keys, {
-    issuer: sub
-  }).then(_ => true).catch(ex => {
-    const reason = ex && ex instanceof Error ? ex.message : "unknown reason";
-    throw new WalletInstanceAttestationIssuingError("Unable to validate received wallet instance attestation", reason);
-  });
-}
-
 /**
  * Request a Wallet Instance Attestation (WIA) to the Wallet provider
  *
@@ -65,38 +53,31 @@ async function verifyWalletInstanceAttestation(wia, walletProviderEntityConfigur
  * @param walletProviderBaseUrl Base url for the Wallet Provider
  * @returns The retrieved Wallet Instance Attestation token
  */
-export const getAttestation = _ref => {
+export const getAttestation = async _ref => {
   let {
     wiaCryptoContext,
+    integrityContext,
+    walletProviderBaseUrl,
     appFetch = fetch
   } = _ref;
-  return async walletProviderEntityConfiguration => {
-    const signedAttestationRequest = await getAttestationRequest(wiaCryptoContext, walletProviderEntityConfiguration);
-    const decodedRequest = decodeJwt(signedAttestationRequest);
-    const parsedRequest = WalletInstanceAttestationRequestJwt.parse({
-      payload: decodedRequest.payload,
-      header: decodedRequest.protectedHeader
-    });
-    const publicKey = parsedRequest.payload.cnf.jwk;
-    await verifyJwt(signedAttestationRequest, publicKey);
-    const tokenUrl = walletProviderEntityConfiguration.payload.metadata.wallet_provider.token_endpoint;
-    const requestBody = {
-      grant_type: "urn:ietf:params:oauth:client-assertion-type:jwt-client-attestation",
+  const api = getWalletProviderClient({
+    walletProviderBaseUrl,
+    appFetch
+  });
+
+  // 1. Get nonce from backend
+  const challenge = await api.get("/nonce").then(response => response.nonce);
+
+  // 2. Get a signed attestation request
+  const signedAttestationRequest = await getAttestationRequest(challenge, wiaCryptoContext, integrityContext, walletProviderBaseUrl);
+
+  // 3. Request WIA
+  const wia = await api.post("/token", {
+    body: {
+      grant_type: "urn:ietf:params:oauth:grant-type:jwt-bearer",
       assertion: signedAttestationRequest
-    };
-    const response = await appFetch(tokenUrl, {
-      method: "POST",
-      headers: {
-        "Content-Type": "application/json"
-      },
-      body: JSON.stringify(requestBody)
-    });
-    if (response.status !== 201) {
-      throw new WalletInstanceAttestationIssuingError("Unable to obtain wallet instance attestation from wallet provider", `Response code: ${response.status}`);
     }
-    const wia = await response.text();
-    await verifyWalletInstanceAttestation(wia, walletProviderEntityConfiguration);
-    return wia;
-  };
+  }).then(result => z.string().parse(result));
+  return wia;
 };
 //# sourceMappingURL=issuing.js.map

package/lib/module/wallet-instance-attestation/issuing.js.map

@@ -1 +1 @@
-{"version":3,"names":["decode","decodeJwt","verify","verifyJwt","SignJWT","thumbprint","JWK","fixBase64EncodingOnKey","WalletInstanceAttestationRequestJwt","uuid","WalletInstanceAttestationIssuingError","getAttestationRequest","wiaCryptoContext","walletProviderEntityConfiguration","jwk","getPublicKey","parsedJwk","parse","keyThumbprint","publicKey","kid","setPayload","iss","aud","payload","jti","v4","nonce","cnf","setProtectedHeader","typ","setIssuedAt","setExpirationTime","sign","verifyWalletInstanceAttestation","wia","sub","metadata","wallet_provider","jwks","keys","issuer","then","_","catch","ex","reason","Error","message","getAttestation","_ref","appFetch","fetch","signedAttestationRequest","decodedRequest","parsedRequest","header","protectedHeader","tokenUrl","token_endpoint","requestBody","grant_type","assertion","response","method","headers","body","JSON","stringify","status","text"],"sourceRoot":"../../../src","sources":["wallet-instance-attestation/issuing.ts"],"mappings":"AAAA,SAEEA,MAAM,IAAIC,SAAS,QACd,6BAA6B;AACpC,SAASC,MAAM,IAAIC,SAAS,QAAQ,6BAA6B;AACjE,SAASC,OAAO,EAAEC,UAAU,QAAQ,6BAA6B;AACjE,SAASC,GAAG,EAAEC,sBAAsB,QAAQ,cAAc;AAC1D,SAASC,mCAAmC,QAAQ,SAAS;AAC7D,OAAOC,IAAI,MAAM,mBAAmB;AACpC,SAASC,qCAAqC,QAAQ,iBAAiB;AAGvE,eAAeC,qBAAqBA,CAClCC,gBAA+B,EAC/BC,iCAAoE,EACnD;EACjB,MAAMC,GAAG,GAAG,MAAMF,gBAAgB,CAACG,YAAY,CAAC,CAAC;EACjD,MAAMC,SAAS,GAAGV,GAAG,CAACW,KAAK,CAACH,GAAG,CAAC;EAChC,MAAMI,aAAa,GAAG,MAAMb,UAAU,CAACW,SAAS,CAAC;EACjD,MAAMG,SAAS,GAAG;IAAE,GAAGH,SAAS;IAAEI,GAAG,EAAEF;EAAc,CAAC;EAEtD,OAAO,IAAId,OAAO,CAACQ,gBAAgB,CAAC,CACjCS,UAAU,CAAC;IACVC,GAAG,EAAEJ,aAAa;IAClBK,GAAG,EAAEV,iCAAiC,CAACW,OAAO,CAACF,GAAG;IAClDG,GAAG,EAAG,GAAEhB,IAAI,CAACiB,EAAE,CAAC,CAAE,EAAC;IACnBC,KAAK,EAAG,GAAElB,IAAI,CAACiB,EAAE,CAAC,CAAE,EAAC;IACrBE,GAAG,EAAE;MACHd,GAAG,EAAEP,sBAAsB,CAACY,SAAS;IACvC;EACF,CAAC,CAAC,CACDU,kBAAkB,CAAC;IAClBT,GAAG,EAAED,SAAS,CAACC,GAAG;IAClBU,GAAG,EAAE;EACP,CAAC,CAAC,CACDC,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,IAAI,CAAC,CAAC;AACX;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,eAAeC,+BAA+BA,CAC5CC,GAAW,EACXtB,iCAAoE,EACrD;EACf,MAAM;IACJW,OAAO,EAAE;MACPY,GAAG;MACHC,QAAQ,EAAE;QACRC,eAAe,EAAE;UACfC,IAAI,EAAE;YAAEC;UAAK;QACf;MACF;IACF;EACF,CAAC,GAAG3B,iCAAiC;EACrC,OAAOV,SAAS,CAACgC,GAAG,EAAEK,IAAI,EAAE;IAAEC,MAAM,EAAEL;EAAI,CAAC,CAAC,CACzCM,IAAI,CAAEC,CAAC,IAAK,IAAa,CAAC,CAC1BC,KAAK,CAAEC,EAAE,IAAK;IACb,MAAMC,MAAM,GAAGD,EAAE,IAAIA,EAAE,YAAYE,KAAK,GAAGF,EAAE,CAACG,OAAO,GAAG,gBAAgB;IACxE,MAAM,IAAItC,qCAAqC,CAC7C,yDAAyD,EACzDoC,MACF,CAAC;EACH,CAAC,CAAC;AACN;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMG,cAAc,GACzBC,IAAA;EAAA,IAAC;IACCtC,gBAAgB;IAChBuC,QAAQ,GAAGC;EAIb,CAAC,GAAAF,IAAA;EAAA,OACD,MACErC,iCAAoE,IAChD;IACpB,MAAMwC,wBAAwB,GAAG,MAAM1C,qBAAqB,CAC1DC,gBAAgB,EAChBC,iCACF,CAAC;IAED,MAAMyC,cAAc,GAAGrD,SAAS,CAACoD,wBAAwB,CAAC;IAC1D,MAAME,aAAa,GAAG/C,mCAAmC,CAACS,KAAK,CAAC;MAC9DO,OAAO,EAAE8B,cAAc,CAAC9B,OAAO;MAC/BgC,MAAM,EAAEF,cAAc,CAACG;IACzB,CAAC,CAAC;IACF,MAAMtC,SAAS,GAAGoC,aAAa,CAAC/B,OAAO,CAACI,GAAG,CAACd,GAAG;IAE/C,MAAMX,SAAS,CAACkD,wBAAwB,EAAElC,SAAS,CAAC;IAEpD,MAAMuC,QAAQ,GACZ7C,iCAAiC,CAACW,OAAO,CAACa,QAAQ,CAACC,eAAe,CAC/DqB,cAAc;IACnB,MAAMC,WAAW,GAAG;MAClBC,UAAU,EACR,oEAAoE;MACtEC,SAAS,EAAET;IACb,CAAC;IACD,MAAMU,QAAQ,GAAG,MAAMZ,QAAQ,CAACO,QAAQ,EAAE;MACxCM,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE;MAClB,CAAC;MACDC,IAAI,EAAEC,IAAI,CAACC,SAAS,CAACR,WAAW;IAClC,CAAC,CAAC;IAEF,IAAIG,QAAQ,CAACM,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAM,IAAI3D,qCAAqC,CAC7C,mEAAmE,EAClE,kBAAiBqD,QAAQ,CAACM,MAAO,EACpC,CAAC;IACH;IAEA,MAAMlC,GAAG,GAAG,MAAM4B,QAAQ,CAACO,IAAI,CAAC,CAAC;IAEjC,MAAMpC,+BAA+B,CACnCC,GAAG,EACHtB,iCACF,CAAC;IAED,OAAOsB,GAAG;EACZ,CAAC;AAAA"}
+{"version":3,"names":["SignJWT","thumbprint","JWK","fixBase64EncodingOnKey","getWalletProviderClient","z","getAttestationRequest","challenge","wiaCryptoContext","integrityContext","walletProviderBaseUrl","jwk","getPublicKey","parsedJwk","parse","keyThumbprint","publicKey","kid","clientData","jwk_thumbprint","hardwareKeyTag","getHardwareKeyTag","signature","authenticatorData","getHardwareSignatureWithAuthData","JSON","stringify","setPayload","iss","sub","hardware_signature","integrity_assertion","hardware_key_tag","cnf","setProtectedHeader","typ","setIssuedAt","setExpirationTime","sign","getAttestation","_ref","appFetch","fetch","api","get","then","response","nonce","signedAttestationRequest","wia","post","body","grant_type","assertion","result","string"],"sourceRoot":"../../../src","sources":["wallet-instance-attestation/issuing.ts"],"mappings":"AACA,SAASA,OAAO,EAAEC,UAAU,QAAQ,6BAA6B;AACjE,SAASC,GAAG,EAAEC,sBAAsB,QAAQ,cAAc;AAC1D,SAASC,uBAAuB,QAAQ,WAAW;AAEnD,SAASC,CAAC,QAAQ,KAAK;;AAEvB;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,eAAeC,qBAAqBA,CACzCC,SAAiB,EACjBC,gBAA+B,EAC/BC,gBAAkC,EAClCC,qBAA6B,EACZ;EACjB,MAAMC,GAAG,GAAG,MAAMH,gBAAgB,CAACI,YAAY,CAAC,CAAC;EACjD,MAAMC,SAAS,GAAGX,GAAG,CAACY,KAAK,CAACH,GAAG,CAAC;EAChC,MAAMI,aAAa,GAAG,MAAMd,UAAU,CAACY,SAAS,CAAC;EACjD,MAAMG,SAAS,GAAG;IAAE,GAAGH,SAAS;IAAEI,GAAG,EAAEF;EAAc,CAAC;EAEtD,MAAMG,UAAU,GAAG;IACjBX,SAAS;IACTY,cAAc,EAAEJ;EAClB,CAAC;EAED,MAAMK,cAAc,GAAGX,gBAAgB,CAACY,iBAAiB,CAAC,CAAC;EAC3D,MAAM;IAAEC,SAAS;IAAEC;EAAkB,CAAC,GACpC,MAAMd,gBAAgB,CAACe,gCAAgC,CACrDC,IAAI,CAACC,SAAS,CAACR,UAAU,CAC3B,CAAC;EAEH,OAAO,IAAIlB,OAAO,CAACQ,gBAAgB,CAAC,CACjCmB,UAAU,CAAC;IACVC,GAAG,EAAEb,aAAa;IAClBc,GAAG,EAAEnB,qBAAqB;IAC1BH,SAAS;IACTuB,kBAAkB,EAAER,SAAS;IAC7BS,mBAAmB,EAAER,iBAAiB;IACtCS,gBAAgB,EAAEZ,cAAc;IAChCa,GAAG,EAAE;MACHtB,GAAG,EAAER,sBAAsB,CAACa,SAAS;IACvC;EACF,CAAC,CAAC,CACDkB,kBAAkB,CAAC;IAClBjB,GAAG,EAAED,SAAS,CAACC,GAAG;IAClBkB,GAAG,EAAE;EACP,CAAC,CAAC,CACDC,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,IAAI,CAAC,CAAC;AACX;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMC,cAAc,GAAG,MAAAC,IAAA,IAUP;EAAA,IAVc;IACnChC,gBAAgB;IAChBC,gBAAgB;IAChBC,qBAAqB;IACrB+B,QAAQ,GAAGC;EAMb,CAAC,GAAAF,IAAA;EACC,MAAMG,GAAG,GAAGvC,uBAAuB,CAAC;IAClCM,qBAAqB;IACrB+B;EACF,CAAC,CAAC;;EAEF;EACA,MAAMlC,SAAS,GAAG,MAAMoC,GAAG,CAACC,GAAG,CAAC,QAAQ,CAAC,CAACC,IAAI,CAAEC,QAAQ,IAAKA,QAAQ,CAACC,KAAK,CAAC;;EAE5E;EACA,MAAMC,wBAAwB,GAAG,MAAM1C,qBAAqB,CAC1DC,SAAS,EACTC,gBAAgB,EAChBC,gBAAgB,EAChBC,qBACF,CAAC;;EAED;EACA,MAAMuC,GAAG,GAAG,MAAMN,GAAG,CAClBO,IAAI,CAAC,QAAQ,EAAE;IACdC,IAAI,EAAE;MACJC,UAAU,EAAE,6CAA6C;MACzDC,SAAS,EAAEL;IACb;EACF,CAAC,CAAC,CACDH,IAAI,CAAES,MAAM,IAAKjD,CAAC,CAACkD,MAAM,CAAC,CAAC,CAACzC,KAAK,CAACwC,MAAM,CAAC,CAAC;EAE7C,OAAOL,GAAG;AACZ,CAAC"}

package/lib/module/wallet-instance-attestation/types.js

@@ -24,7 +24,7 @@ const Jwt = z.object({
 });
 export const WalletInstanceAttestationRequestJwt = z.object({
   header: z.intersection(Jwt.shape.header, z.object({
-    typ: z.literal("wiar+jwt")
+    typ: z.literal("war+jwt")
   })),
   payload: z.intersection(Jwt.shape.payload, z.object({
     aud: z.string(),

package/lib/module/wallet-instance-attestation/types.js.map

@@ -1 +1 @@
-{"version":3,"names":["JWK","z","UnixTime","number","min","max","Jwt","object","header","alg","string","kid","typ","x5c","array","optional","trust_chain","payload","iss","iat","exp","cnf","jwk","intersection","WalletInstanceAttestationRequestJwt","shape","literal","aud","jti","nonce","WalletInstanceAttestationJwt","sub","attested_security_context","authorization_endpoint","response_types_supported","vp_formats_supported","jwt_vp_json","alg_values_supported","jwt_vc_json","request_object_signing_alg_values_supported","presentation_definition_uri_supported","boolean"],"sourceRoot":"../../../src","sources":["wallet-instance-attestation/types.ts"],"mappings":"AAAA,SAASA,GAAG,QAAQ,cAAc;AAClC,OAAO,KAAKC,CAAC,MAAM,KAAK;AAExB,MAAMC,QAAQ,GAAGD,CAAC,CAACE,MAAM,CAAC,CAAC,CAACC,GAAG,CAAC,CAAC,CAAC,CAACC,GAAG,CAAC,aAAa,CAAC;AAGrD,MAAMC,GAAG,GAAGL,CAAC,CAACM,MAAM,CAAC;EACnBC,MAAM,EAAEP,CAAC,CAACM,MAAM,CAAC;IACfE,GAAG,EAAER,CAAC,CAACS,MAAM,CAAC,CAAC;IACfC,GAAG,EAAEV,CAAC,CAACS,MAAM,CAAC,CAAC;IACfE,GAAG,EAAEX,CAAC,CAACS,MAAM,CAAC,CAAC;IACfG,GAAG,EAAEZ,CAAC,CAACa,KAAK,CAACb,CAAC,CAACS,MAAM,CAAC,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;IACnCC,WAAW,EAAEf,CAAC,CAACa,KAAK,CAACb,CAAC,CAACS,MAAM,CAAC,CAAC,CAAC,CAACK,QAAQ,CAAC;EAC5C,CAAC,CAAC;EACFE,OAAO,EAAEhB,CAAC,CAACM,MAAM,CAAC;IAChBW,GAAG,EAAEjB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfS,GAAG,EAAEjB,QAAQ;IACbkB,GAAG,EAAElB,QAAQ;IACbmB,GAAG,EAAEpB,CAAC,CAACM,MAAM,CAAC;MACZe,GAAG,EAAErB,CAAC,CAACsB,YAAY,CACjBvB,GAAG;MACH;MACAC,CAAC,CAACM,MAAM,CAAC;QAAEI,GAAG,EAAEV,CAAC,CAACS,MAAM,CAAC;MAAE,CAAC,CAC9B;IACF,CAAC;EACH,CAAC;AACH,CAAC,CAAC;AAKF,OAAO,MAAMc,mCAAmC,GAAGvB,CAAC,CAACM,MAAM,CAAC;EAC1DC,MAAM,EAAEP,CAAC,CAACsB,YAAY,CACpBjB,GAAG,CAACmB,KAAK,CAACjB,MAAM,EAChBP,CAAC,CAACM,MAAM,CAAC;IACPK,GAAG,EAAEX,CAAC,CAACyB,OAAO,CAAC,UAAU;EAC3B,CAAC,CACH,CAAC;EACDT,OAAO,EAAEhB,CAAC,CAACsB,YAAY,CACrBjB,GAAG,CAACmB,KAAK,CAACR,OAAO,EACjBhB,CAAC,CAACM,MAAM,CAAC;IACPoB,GAAG,EAAE1B,CAAC,CAACS,MAAM,CAAC,CAAC;IACfkB,GAAG,EAAE3B,CAAC,CAACS,MAAM,CAAC,CAAC;IACfmB,KAAK,EAAE5B,CAAC,CAACS,MAAM,CAAC;EAClB,CAAC,CACH;AACF,CAAC,CAAC;AAKF,OAAO,MAAMoB,4BAA4B,GAAG7B,CAAC,CAACM,MAAM,CAAC;EACnDC,MAAM,EAAEP,CAAC,CAACsB,YAAY,CACpBjB,GAAG,CAACmB,KAAK,CAACjB,MAAM,EAChBP,CAAC,CAACM,MAAM,CAAC;IACPK,GAAG,EAAEX,CAAC,CAACyB,OAAO,CAAC,wBAAwB;EACzC,CAAC,CACH,CAAC;EACDT,OAAO,EAAEhB,CAAC,CAACsB,YAAY,CACrBjB,GAAG,CAACmB,KAAK,CAACR,OAAO,EACjBhB,CAAC,CAACM,MAAM,CAAC;IACPwB,GAAG,EAAE9B,CAAC,CAACS,MAAM,CAAC,CAAC;IACfsB,yBAAyB,EAAE/B,CAAC,CAACS,MAAM,CAAC,CAAC;IACrCuB,sBAAsB,EAAEhC,CAAC,CAACS,MAAM,CAAC,CAAC;IAClCwB,wBAAwB,EAAEjC,CAAC,CAACa,KAAK,CAACb,CAAC,CAACS,MAAM,CAAC,CAAC,CAAC;IAC7CyB,oBAAoB,EAAElC,CAAC,CAACM,MAAM,CAAC;MAC7B6B,WAAW,EAAEnC,CAAC,CAACM,MAAM,CAAC;QACpB8B,oBAAoB,EAAEpC,CAAC,CAACa,KAAK,CAACb,CAAC,CAACS,MAAM,CAAC,CAAC;MAC1C,CAAC,CAAC;MACF4B,WAAW,EAAErC,CAAC,CAACM,MAAM,CAAC;QACpB8B,oBAAoB,EAAEpC,CAAC,CAACa,KAAK,CAACb,CAAC,CAACS,MAAM,CAAC,CAAC;MAC1C,CAAC;IACH,CAAC,CAAC;IACF6B,2CAA2C,EAAEtC,CAAC,CAACa,KAAK,CAACb,CAAC,CAACS,MAAM,CAAC,CAAC,CAAC;IAChE8B,qCAAqC,EAAEvC,CAAC,CAACwC,OAAO,CAAC;EACnD,CAAC,CACH;AACF,CAAC,CAAC"}
+{"version":3,"names":["JWK","z","UnixTime","number","min","max","Jwt","object","header","alg","string","kid","typ","x5c","array","optional","trust_chain","payload","iss","iat","exp","cnf","jwk","intersection","WalletInstanceAttestationRequestJwt","shape","literal","aud","jti","nonce","WalletInstanceAttestationJwt","sub","attested_security_context","authorization_endpoint","response_types_supported","vp_formats_supported","jwt_vp_json","alg_values_supported","jwt_vc_json","request_object_signing_alg_values_supported","presentation_definition_uri_supported","boolean"],"sourceRoot":"../../../src","sources":["wallet-instance-attestation/types.ts"],"mappings":"AAAA,SAASA,GAAG,QAAQ,cAAc;AAClC,OAAO,KAAKC,CAAC,MAAM,KAAK;AAExB,MAAMC,QAAQ,GAAGD,CAAC,CAACE,MAAM,CAAC,CAAC,CAACC,GAAG,CAAC,CAAC,CAAC,CAACC,GAAG,CAAC,aAAa,CAAC;AAGrD,MAAMC,GAAG,GAAGL,CAAC,CAACM,MAAM,CAAC;EACnBC,MAAM,EAAEP,CAAC,CAACM,MAAM,CAAC;IACfE,GAAG,EAAER,CAAC,CAACS,MAAM,CAAC,CAAC;IACfC,GAAG,EAAEV,CAAC,CAACS,MAAM,CAAC,CAAC;IACfE,GAAG,EAAEX,CAAC,CAACS,MAAM,CAAC,CAAC;IACfG,GAAG,EAAEZ,CAAC,CAACa,KAAK,CAACb,CAAC,CAACS,MAAM,CAAC,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;IACnCC,WAAW,EAAEf,CAAC,CAACa,KAAK,CAACb,CAAC,CAACS,MAAM,CAAC,CAAC,CAAC,CAACK,QAAQ,CAAC;EAC5C,CAAC,CAAC;EACFE,OAAO,EAAEhB,CAAC,CAACM,MAAM,CAAC;IAChBW,GAAG,EAAEjB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfS,GAAG,EAAEjB,QAAQ;IACbkB,GAAG,EAAElB,QAAQ;IACbmB,GAAG,EAAEpB,CAAC,CAACM,MAAM,CAAC;MACZe,GAAG,EAAErB,CAAC,CAACsB,YAAY,CACjBvB,GAAG;MACH;MACAC,CAAC,CAACM,MAAM,CAAC;QAAEI,GAAG,EAAEV,CAAC,CAACS,MAAM,CAAC;MAAE,CAAC,CAC9B;IACF,CAAC;EACH,CAAC;AACH,CAAC,CAAC;AAKF,OAAO,MAAMc,mCAAmC,GAAGvB,CAAC,CAACM,MAAM,CAAC;EAC1DC,MAAM,EAAEP,CAAC,CAACsB,YAAY,CACpBjB,GAAG,CAACmB,KAAK,CAACjB,MAAM,EAChBP,CAAC,CAACM,MAAM,CAAC;IACPK,GAAG,EAAEX,CAAC,CAACyB,OAAO,CAAC,SAAS;EAC1B,CAAC,CACH,CAAC;EACDT,OAAO,EAAEhB,CAAC,CAACsB,YAAY,CACrBjB,GAAG,CAACmB,KAAK,CAACR,OAAO,EACjBhB,CAAC,CAACM,MAAM,CAAC;IACPoB,GAAG,EAAE1B,CAAC,CAACS,MAAM,CAAC,CAAC;IACfkB,GAAG,EAAE3B,CAAC,CAACS,MAAM,CAAC,CAAC;IACfmB,KAAK,EAAE5B,CAAC,CAACS,MAAM,CAAC;EAClB,CAAC,CACH;AACF,CAAC,CAAC;AAKF,OAAO,MAAMoB,4BAA4B,GAAG7B,CAAC,CAACM,MAAM,CAAC;EACnDC,MAAM,EAAEP,CAAC,CAACsB,YAAY,CACpBjB,GAAG,CAACmB,KAAK,CAACjB,MAAM,EAChBP,CAAC,CAACM,MAAM,CAAC;IACPK,GAAG,EAAEX,CAAC,CAACyB,OAAO,CAAC,wBAAwB;EACzC,CAAC,CACH,CAAC;EACDT,OAAO,EAAEhB,CAAC,CAACsB,YAAY,CACrBjB,GAAG,CAACmB,KAAK,CAACR,OAAO,EACjBhB,CAAC,CAACM,MAAM,CAAC;IACPwB,GAAG,EAAE9B,CAAC,CAACS,MAAM,CAAC,CAAC;IACfsB,yBAAyB,EAAE/B,CAAC,CAACS,MAAM,CAAC,CAAC;IACrCuB,sBAAsB,EAAEhC,CAAC,CAACS,MAAM,CAAC,CAAC;IAClCwB,wBAAwB,EAAEjC,CAAC,CAACa,KAAK,CAACb,CAAC,CAACS,MAAM,CAAC,CAAC,CAAC;IAC7CyB,oBAAoB,EAAElC,CAAC,CAACM,MAAM,CAAC;MAC7B6B,WAAW,EAAEnC,CAAC,CAACM,MAAM,CAAC;QACpB8B,oBAAoB,EAAEpC,CAAC,CAACa,KAAK,CAACb,CAAC,CAACS,MAAM,CAAC,CAAC;MAC1C,CAAC,CAAC;MACF4B,WAAW,EAAErC,CAAC,CAACM,MAAM,CAAC;QACpB8B,oBAAoB,EAAEpC,CAAC,CAACa,KAAK,CAACb,CAAC,CAACS,MAAM,CAAC,CAAC;MAC1C,CAAC;IACH,CAAC,CAAC;IACF6B,2CAA2C,EAAEtC,CAAC,CAACa,KAAK,CAACb,CAAC,CAACS,MAAM,CAAC,CAAC,CAAC;IAChE8B,qCAAqC,EAAEvC,CAAC,CAACwC,OAAO,CAAC;EACnD,CAAC,CACH;AACF,CAAC,CAAC"}