@pagopa/io-react-native-wallet 0.11.1 → 0.13.0

package/lib/module/utils/pop.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["z","SignJWT","createPopToken","payload","crypto","kid","getPublicKey","then","_","setPayload","setProtectedHeader","typ","setIssuedAt","setExpirationTime","sign","PoPPayload","object","jti","string","aud","iss"],"sourceRoot":"../../../src","sources":["utils/pop.ts"],"mappings":"AAAA,OAAO,KAAKA,CAAC,MAAM,KAAK;AAExB,SAASC,OAAO,QAA4B,6BAA6B;;AAEzE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMC,cAAc,GAAG,MAAAA,CAC5BC,OAAmB,EACnBC,MAAqB,KACD;EACpB,MAAMC,GAAG,GAAG,MAAMD,MAAM,CAACE,YAAY,CAAC,CAAC,CAACC,IAAI,CAAEC,CAAC,IAAKA,CAAC,CAACH,GAAG,CAAC;EAC1D,OAAO,IAAIJ,OAAO,CAACG,MAAM,CAAC,CACvBK,UAAU,CAACN,OAAO,CAAC,CACnBO,kBAAkB,CAAC;IAClBC,GAAG,EAAE,4BAA4B;IACjCN;EACF,CAAC,CAAC,CACDO,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,MAAM,CAAC,CACzBC,IAAI,CAAC,CAAC;AACX,CAAC;AAGD,OAAO,MAAMC,UAAU,GAAGf,CAAC,CAACgB,MAAM,CAAC;EACjCC,GAAG,EAAEjB,CAAC,CAACkB,MAAM,CAAC,CAAC;EACfC,GAAG,EAAEnB,CAAC,CAACkB,MAAM,CAAC,CAAC;EACfE,GAAG,EAAEpB,CAAC,CAACkB,MAAM,CAAC;AAChB,CAAC,CAAC"}

package/lib/module/wallet-instance/index.js

@@ -0,0 +1,23 @@
+import { getWalletProviderClient } from "../client";
+export async function createWalletInstance(context) {
+  const {
+    integrityContext
+  } = context;
+  const api = getWalletProviderClient(context);
+
+  //1. Obtain nonce
+  const challenge = await api.get("/nonce").then(response => response.nonce);
+  const keyAttestation = await integrityContext.getAttestation(challenge);
+  const hardwareKeyTag = integrityContext.getHardwareKeyTag();
+
+  //2. Create Wallet Instance
+  await api.post("/wallet-instances", {
+    body: {
+      challenge,
+      key_attestation: keyAttestation,
+      hardware_key_tag: hardwareKeyTag
+    }
+  });
+  return hardwareKeyTag;
+}
+//# sourceMappingURL=index.js.map

package/lib/module/wallet-instance/index.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["getWalletProviderClient","createWalletInstance","context","integrityContext","api","challenge","get","then","response","nonce","keyAttestation","getAttestation","hardwareKeyTag","getHardwareKeyTag","post","body","key_attestation","hardware_key_tag"],"sourceRoot":"../../../src","sources":["wallet-instance/index.ts"],"mappings":"AAAA,SAASA,uBAAuB,QAAQ,WAAW;AAGnD,OAAO,eAAeC,oBAAoBA,CAACC,OAI1C,EAAE;EACD,MAAM;IAAEC;EAAiB,CAAC,GAAGD,OAAO;EAEpC,MAAME,GAAG,GAAGJ,uBAAuB,CAACE,OAAO,CAAC;;EAE5C;EACA,MAAMG,SAAS,GAAG,MAAMD,GAAG,CAACE,GAAG,CAAC,QAAQ,CAAC,CAACC,IAAI,CAAEC,QAAQ,IAAKA,QAAQ,CAACC,KAAK,CAAC;EAE5E,MAAMC,cAAc,GAAG,MAAMP,gBAAgB,CAACQ,cAAc,CAACN,SAAS,CAAC;EACvE,MAAMO,cAAc,GAAGT,gBAAgB,CAACU,iBAAiB,CAAC,CAAC;;EAE3D;EACA,MAAMT,GAAG,CAACU,IAAI,CAAC,mBAAmB,EAAE;IAClCC,IAAI,EAAE;MACJV,SAAS;MACTW,eAAe,EAAEN,cAAc;MAC/BO,gBAAgB,EAAEL;IACpB;EACF,CAAC,CAAC;EAEF,OAAOA,cAAc;AACvB"}

package/lib/module/wallet-instance-attestation/issuing.js

@@ -1,11 +1,19 @@
-import { decode as decodeJwt } from "@pagopa/io-react-native-jwt";
-import { verify as verifyJwt } from "@pagopa/io-react-native-jwt";
 import { SignJWT, thumbprint } from "@pagopa/io-react-native-jwt";
+import { z } from "zod";
 import { JWK, fixBase64EncodingOnKey } from "../utils/jwk";
-import { WalletInstanceAttestationRequestJwt } from "./types";
-import uuid from "react-native-uuid";
-import { WalletInstanceAttestationIssuingError } from "../utils/errors";
-async function getAttestationRequest(wiaCryptoContext, walletProviderEntityConfiguration) {
+import { getWalletProviderClient } from "../client";
+import { WalletProviderResponseError, WalletInstanceRevokedError, WalletInstanceNotFoundError, WalletInstanceAttestationIssuingError } from "../utils/errors";
+
+/**
+ * Getter for an attestation request. The attestation request is a JWT that will be sent to the Wallet Provider to request a Wallet Instance Attestation.
+ *
+ * @param challenge - The nonce received from the Wallet Provider which is part of the signed clientData
+ * @param wiaCryptoContext - The key pair associated with the WIA. Will be use to prove the ownership of the attestation
+ * @param integrityContext - The integrity context which exposes a set of functions to interact with the device integrity service
+ * @param walletProviderBaseUrl - Base url for the Wallet Provider
+ * @returns A JWT containing the attestation request
+ */
+export async function getAttestationRequest(challenge, wiaCryptoContext, integrityContext, walletProviderBaseUrl) {
   const jwk = await wiaCryptoContext.getPublicKey();
   const parsedJwk = JWK.parse(jwk);
   const keyThumbprint = await thumbprint(parsedJwk);
@@ -13,50 +21,31 @@ async function getAttestationRequest(wiaCryptoContext, walletProviderEntityConfi
     ...parsedJwk,
     kid: keyThumbprint
   };
+  const clientData = {
+    challenge,
+    jwk_thumbprint: keyThumbprint
+  };
+  const hardwareKeyTag = integrityContext.getHardwareKeyTag();
+  const {
+    signature,
+    authenticatorData
+  } = await integrityContext.getHardwareSignatureWithAuthData(JSON.stringify(clientData));
   return new SignJWT(wiaCryptoContext).setPayload({
     iss: keyThumbprint,
-    aud: walletProviderEntityConfiguration.payload.iss,
-    jti: `${uuid.v4()}`,
-    nonce: `${uuid.v4()}`,
+    sub: walletProviderBaseUrl,
+    challenge,
+    hardware_signature: signature,
+    integrity_assertion: authenticatorData,
+    hardware_key_tag: hardwareKeyTag,
     cnf: {
       jwk: fixBase64EncodingOnKey(publicKey)
     }
   }).setProtectedHeader({
     kid: publicKey.kid,
-    typ: "wiar+jwt"
+    typ: "war+jwt"
   }).setIssuedAt().setExpirationTime("1h").sign();
 }
 
-/**
- * Validate a Wallet Instance Attestation token.
- * Either return true or throw an exception.
- *
- * @param wia Signed Wallet Instance Attestation token
- * @param walletProviderEntityConfiguration Entity Configuration object for the issuing Wallet Provider
- * @returns The token is valid
- * @throws {WalletInstanceAttestationIssuingError} When the received token fails to validate. This can happen due to invalid signature, expired token or malformed JWT token.
- */
-async function verifyWalletInstanceAttestation(wia, walletProviderEntityConfiguration) {
-  const {
-    payload: {
-      sub,
-      metadata: {
-        wallet_provider: {
-          jwks: {
-            keys
-          }
-        }
-      }
-    }
-  } = walletProviderEntityConfiguration;
-  return verifyJwt(wia, keys, {
-    issuer: sub
-  }).then(_ => true).catch(ex => {
-    const reason = ex && ex instanceof Error ? ex.message : "unknown reason";
-    throw new WalletInstanceAttestationIssuingError("Unable to validate received wallet instance attestation", reason);
-  });
-}
-
 /**
  * Request a Wallet Instance Attestation (WIA) to the Wallet provider
  *
@@ -64,39 +53,46 @@ async function verifyWalletInstanceAttestation(wia, walletProviderEntityConfigur
  * @param params.appFetch (optional) Http client
  * @param walletProviderBaseUrl Base url for the Wallet Provider
  * @returns The retrieved Wallet Instance Attestation token
+ * @throws {WalletInstanceRevokedError} The Wallet Instance was revoked
+ * @throws {WalletInstanceNotFoundError} The Wallet Instance does not exist
  */
-export const getAttestation = _ref => {
+export const getAttestation = async _ref => {
   let {
     wiaCryptoContext,
+    integrityContext,
+    walletProviderBaseUrl,
     appFetch = fetch
   } = _ref;
-  return async walletProviderEntityConfiguration => {
-    const signedAttestationRequest = await getAttestationRequest(wiaCryptoContext, walletProviderEntityConfiguration);
-    const decodedRequest = decodeJwt(signedAttestationRequest);
-    const parsedRequest = WalletInstanceAttestationRequestJwt.parse({
-      payload: decodedRequest.payload,
-      header: decodedRequest.protectedHeader
-    });
-    const publicKey = parsedRequest.payload.cnf.jwk;
-    await verifyJwt(signedAttestationRequest, publicKey);
-    const tokenUrl = walletProviderEntityConfiguration.payload.metadata.wallet_provider.token_endpoint;
-    const requestBody = {
-      grant_type: "urn:ietf:params:oauth:client-assertion-type:jwt-client-attestation",
+  const api = getWalletProviderClient({
+    walletProviderBaseUrl,
+    appFetch
+  });
+
+  // 1. Get nonce from backend
+  const challenge = await api.get("/nonce").then(response => response.nonce);
+
+  // 2. Get a signed attestation request
+  const signedAttestationRequest = await getAttestationRequest(challenge, wiaCryptoContext, integrityContext, walletProviderBaseUrl);
+
+  // 3. Request WIA
+  const wia = await api.post("/token", {
+    body: {
+      grant_type: "urn:ietf:params:oauth:grant-type:jwt-bearer",
       assertion: signedAttestationRequest
-    };
-    const response = await appFetch(tokenUrl, {
-      method: "POST",
-      headers: {
-        "Content-Type": "application/json"
-      },
-      body: JSON.stringify(requestBody)
-    });
-    if (response.status !== 201) {
-      throw new WalletInstanceAttestationIssuingError("Unable to obtain wallet instance attestation from wallet provider", `Response code: ${response.status}`);
     }
-    const wia = await response.text();
-    await verifyWalletInstanceAttestation(wia, walletProviderEntityConfiguration);
-    return wia;
-  };
+  }).then(result => z.string().parse(result)).catch(handleAttestationCreationError);
+  return wia;
+};
+const handleAttestationCreationError = e => {
+  if (!(e instanceof WalletProviderResponseError)) {
+    throw e;
+  }
+  if (e.statusCode === 403) {
+    throw new WalletInstanceRevokedError("Unable to get an attestation for a revoked Wallet Instance", e.claim, e.reason);
+  }
+  if (e.statusCode === 404) {
+    throw new WalletInstanceNotFoundError("Unable to get an attestation for a Wallet Instance that does not exist", e.claim, e.reason);
+  }
+  throw new WalletInstanceAttestationIssuingError(`Unable to obtain wallet instance attestation [response status code: ${e.statusCode}]`, e.claim, e.reason);
 };
 //# sourceMappingURL=issuing.js.map

package/lib/module/wallet-instance-attestation/issuing.js.map

@@ -1 +1 @@
-{"version":3,"names":["decode","decodeJwt","verify","verifyJwt","SignJWT","thumbprint","JWK","fixBase64EncodingOnKey","WalletInstanceAttestationRequestJwt","uuid","WalletInstanceAttestationIssuingError","getAttestationRequest","wiaCryptoContext","walletProviderEntityConfiguration","jwk","getPublicKey","parsedJwk","parse","keyThumbprint","publicKey","kid","setPayload","iss","aud","payload","jti","v4","nonce","cnf","setProtectedHeader","typ","setIssuedAt","setExpirationTime","sign","verifyWalletInstanceAttestation","wia","sub","metadata","wallet_provider","jwks","keys","issuer","then","_","catch","ex","reason","Error","message","getAttestation","_ref","appFetch","fetch","signedAttestationRequest","decodedRequest","parsedRequest","header","protectedHeader","tokenUrl","token_endpoint","requestBody","grant_type","assertion","response","method","headers","body","JSON","stringify","status","text"],"sourceRoot":"../../../src","sources":["wallet-instance-attestation/issuing.ts"],"mappings":"AAAA,SAEEA,MAAM,IAAIC,SAAS,QACd,6BAA6B;AACpC,SAASC,MAAM,IAAIC,SAAS,QAAQ,6BAA6B;AACjE,SAASC,OAAO,EAAEC,UAAU,QAAQ,6BAA6B;AACjE,SAASC,GAAG,EAAEC,sBAAsB,QAAQ,cAAc;AAC1D,SAASC,mCAAmC,QAAQ,SAAS;AAC7D,OAAOC,IAAI,MAAM,mBAAmB;AACpC,SAASC,qCAAqC,QAAQ,iBAAiB;AAGvE,eAAeC,qBAAqBA,CAClCC,gBAA+B,EAC/BC,iCAAoE,EACnD;EACjB,MAAMC,GAAG,GAAG,MAAMF,gBAAgB,CAACG,YAAY,CAAC,CAAC;EACjD,MAAMC,SAAS,GAAGV,GAAG,CAACW,KAAK,CAACH,GAAG,CAAC;EAChC,MAAMI,aAAa,GAAG,MAAMb,UAAU,CAACW,SAAS,CAAC;EACjD,MAAMG,SAAS,GAAG;IAAE,GAAGH,SAAS;IAAEI,GAAG,EAAEF;EAAc,CAAC;EAEtD,OAAO,IAAId,OAAO,CAACQ,gBAAgB,CAAC,CACjCS,UAAU,CAAC;IACVC,GAAG,EAAEJ,aAAa;IAClBK,GAAG,EAAEV,iCAAiC,CAACW,OAAO,CAACF,GAAG;IAClDG,GAAG,EAAG,GAAEhB,IAAI,CAACiB,EAAE,CAAC,CAAE,EAAC;IACnBC,KAAK,EAAG,GAAElB,IAAI,CAACiB,EAAE,CAAC,CAAE,EAAC;IACrBE,GAAG,EAAE;MACHd,GAAG,EAAEP,sBAAsB,CAACY,SAAS;IACvC;EACF,CAAC,CAAC,CACDU,kBAAkB,CAAC;IAClBT,GAAG,EAAED,SAAS,CAACC,GAAG;IAClBU,GAAG,EAAE;EACP,CAAC,CAAC,CACDC,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,IAAI,CAAC,CAAC;AACX;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,eAAeC,+BAA+BA,CAC5CC,GAAW,EACXtB,iCAAoE,EACrD;EACf,MAAM;IACJW,OAAO,EAAE;MACPY,GAAG;MACHC,QAAQ,EAAE;QACRC,eAAe,EAAE;UACfC,IAAI,EAAE;YAAEC;UAAK;QACf;MACF;IACF;EACF,CAAC,GAAG3B,iCAAiC;EACrC,OAAOV,SAAS,CAACgC,GAAG,EAAEK,IAAI,EAAE;IAAEC,MAAM,EAAEL;EAAI,CAAC,CAAC,CACzCM,IAAI,CAAEC,CAAC,IAAK,IAAa,CAAC,CAC1BC,KAAK,CAAEC,EAAE,IAAK;IACb,MAAMC,MAAM,GAAGD,EAAE,IAAIA,EAAE,YAAYE,KAAK,GAAGF,EAAE,CAACG,OAAO,GAAG,gBAAgB;IACxE,MAAM,IAAItC,qCAAqC,CAC7C,yDAAyD,EACzDoC,MACF,CAAC;EACH,CAAC,CAAC;AACN;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMG,cAAc,GACzBC,IAAA;EAAA,IAAC;IACCtC,gBAAgB;IAChBuC,QAAQ,GAAGC;EAIb,CAAC,GAAAF,IAAA;EAAA,OACD,MACErC,iCAAoE,IAChD;IACpB,MAAMwC,wBAAwB,GAAG,MAAM1C,qBAAqB,CAC1DC,gBAAgB,EAChBC,iCACF,CAAC;IAED,MAAMyC,cAAc,GAAGrD,SAAS,CAACoD,wBAAwB,CAAC;IAC1D,MAAME,aAAa,GAAG/C,mCAAmC,CAACS,KAAK,CAAC;MAC9DO,OAAO,EAAE8B,cAAc,CAAC9B,OAAO;MAC/BgC,MAAM,EAAEF,cAAc,CAACG;IACzB,CAAC,CAAC;IACF,MAAMtC,SAAS,GAAGoC,aAAa,CAAC/B,OAAO,CAACI,GAAG,CAACd,GAAG;IAE/C,MAAMX,SAAS,CAACkD,wBAAwB,EAAElC,SAAS,CAAC;IAEpD,MAAMuC,QAAQ,GACZ7C,iCAAiC,CAACW,OAAO,CAACa,QAAQ,CAACC,eAAe,CAC/DqB,cAAc;IACnB,MAAMC,WAAW,GAAG;MAClBC,UAAU,EACR,oEAAoE;MACtEC,SAAS,EAAET;IACb,CAAC;IACD,MAAMU,QAAQ,GAAG,MAAMZ,QAAQ,CAACO,QAAQ,EAAE;MACxCM,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE;MAClB,CAAC;MACDC,IAAI,EAAEC,IAAI,CAACC,SAAS,CAACR,WAAW;IAClC,CAAC,CAAC;IAEF,IAAIG,QAAQ,CAACM,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAM,IAAI3D,qCAAqC,CAC7C,mEAAmE,EAClE,kBAAiBqD,QAAQ,CAACM,MAAO,EACpC,CAAC;IACH;IAEA,MAAMlC,GAAG,GAAG,MAAM4B,QAAQ,CAACO,IAAI,CAAC,CAAC;IAEjC,MAAMpC,+BAA+B,CACnCC,GAAG,EACHtB,iCACF,CAAC;IAED,OAAOsB,GAAG;EACZ,CAAC;AAAA"}
+{"version":3,"names":["SignJWT","thumbprint","z","JWK","fixBase64EncodingOnKey","getWalletProviderClient","WalletProviderResponseError","WalletInstanceRevokedError","WalletInstanceNotFoundError","WalletInstanceAttestationIssuingError","getAttestationRequest","challenge","wiaCryptoContext","integrityContext","walletProviderBaseUrl","jwk","getPublicKey","parsedJwk","parse","keyThumbprint","publicKey","kid","clientData","jwk_thumbprint","hardwareKeyTag","getHardwareKeyTag","signature","authenticatorData","getHardwareSignatureWithAuthData","JSON","stringify","setPayload","iss","sub","hardware_signature","integrity_assertion","hardware_key_tag","cnf","setProtectedHeader","typ","setIssuedAt","setExpirationTime","sign","getAttestation","_ref","appFetch","fetch","api","get","then","response","nonce","signedAttestationRequest","wia","post","body","grant_type","assertion","result","string","catch","handleAttestationCreationError","e","statusCode","claim","reason"],"sourceRoot":"../../../src","sources":["wallet-instance-attestation/issuing.ts"],"mappings":"AACA,SAASA,OAAO,EAAEC,UAAU,QAAQ,6BAA6B;AACjE,SAASC,CAAC,QAAQ,KAAK;AACvB,SAASC,GAAG,EAAEC,sBAAsB,QAAQ,cAAc;AAC1D,SAASC,uBAAuB,QAAQ,WAAW;AAEnD,SACEC,2BAA2B,EAC3BC,0BAA0B,EAC1BC,2BAA2B,EAC3BC,qCAAqC,QAChC,iBAAiB;;AAExB;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,eAAeC,qBAAqBA,CACzCC,SAAiB,EACjBC,gBAA+B,EAC/BC,gBAAkC,EAClCC,qBAA6B,EACZ;EACjB,MAAMC,GAAG,GAAG,MAAMH,gBAAgB,CAACI,YAAY,CAAC,CAAC;EACjD,MAAMC,SAAS,GAAGd,GAAG,CAACe,KAAK,CAACH,GAAG,CAAC;EAChC,MAAMI,aAAa,GAAG,MAAMlB,UAAU,CAACgB,SAAS,CAAC;EACjD,MAAMG,SAAS,GAAG;IAAE,GAAGH,SAAS;IAAEI,GAAG,EAAEF;EAAc,CAAC;EAEtD,MAAMG,UAAU,GAAG;IACjBX,SAAS;IACTY,cAAc,EAAEJ;EAClB,CAAC;EAED,MAAMK,cAAc,GAAGX,gBAAgB,CAACY,iBAAiB,CAAC,CAAC;EAC3D,MAAM;IAAEC,SAAS;IAAEC;EAAkB,CAAC,GACpC,MAAMd,gBAAgB,CAACe,gCAAgC,CACrDC,IAAI,CAACC,SAAS,CAACR,UAAU,CAC3B,CAAC;EAEH,OAAO,IAAItB,OAAO,CAACY,gBAAgB,CAAC,CACjCmB,UAAU,CAAC;IACVC,GAAG,EAAEb,aAAa;IAClBc,GAAG,EAAEnB,qBAAqB;IAC1BH,SAAS;IACTuB,kBAAkB,EAAER,SAAS;IAC7BS,mBAAmB,EAAER,iBAAiB;IACtCS,gBAAgB,EAAEZ,cAAc;IAChCa,GAAG,EAAE;MACHtB,GAAG,EAAEX,sBAAsB,CAACgB,SAAS;IACvC;EACF,CAAC,CAAC,CACDkB,kBAAkB,CAAC;IAClBjB,GAAG,EAAED,SAAS,CAACC,GAAG;IAClBkB,GAAG,EAAE;EACP,CAAC,CAAC,CACDC,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,IAAI,CAAC,CAAC;AACX;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMC,cAAc,GAAG,MAAAC,IAAA,IAUP;EAAA,IAVc;IACnChC,gBAAgB;IAChBC,gBAAgB;IAChBC,qBAAqB;IACrB+B,QAAQ,GAAGC;EAMb,CAAC,GAAAF,IAAA;EACC,MAAMG,GAAG,GAAG1C,uBAAuB,CAAC;IAClCS,qBAAqB;IACrB+B;EACF,CAAC,CAAC;;EAEF;EACA,MAAMlC,SAAS,GAAG,MAAMoC,GAAG,CAACC,GAAG,CAAC,QAAQ,CAAC,CAACC,IAAI,CAAEC,QAAQ,IAAKA,QAAQ,CAACC,KAAK,CAAC;;EAE5E;EACA,MAAMC,wBAAwB,GAAG,MAAM1C,qBAAqB,CAC1DC,SAAS,EACTC,gBAAgB,EAChBC,gBAAgB,EAChBC,qBACF,CAAC;;EAED;EACA,MAAMuC,GAAG,GAAG,MAAMN,GAAG,CAClBO,IAAI,CAAC,QAAQ,EAAE;IACdC,IAAI,EAAE;MACJC,UAAU,EAAE,6CAA6C;MACzDC,SAAS,EAAEL;IACb;EACF,CAAC,CAAC,CACDH,IAAI,CAAES,MAAM,IAAKxD,CAAC,CAACyD,MAAM,CAAC,CAAC,CAACzC,KAAK,CAACwC,MAAM,CAAC,CAAC,CAC1CE,KAAK,CAACC,8BAA8B,CAAC;EAExC,OAAOR,GAAG;AACZ,CAAC;AAED,MAAMQ,8BAA8B,GAAIC,CAAU,IAAK;EACrD,IAAI,EAAEA,CAAC,YAAYxD,2BAA2B,CAAC,EAAE;IAC/C,MAAMwD,CAAC;EACT;EAEA,IAAIA,CAAC,CAACC,UAAU,KAAK,GAAG,EAAE;IACxB,MAAM,IAAIxD,0BAA0B,CAClC,4DAA4D,EAC5DuD,CAAC,CAACE,KAAK,EACPF,CAAC,CAACG,MACJ,CAAC;EACH;EAEA,IAAIH,CAAC,CAACC,UAAU,KAAK,GAAG,EAAE;IACxB,MAAM,IAAIvD,2BAA2B,CACnC,wEAAwE,EACxEsD,CAAC,CAACE,KAAK,EACPF,CAAC,CAACG,MACJ,CAAC;EACH;EAEA,MAAM,IAAIxD,qCAAqC,CAC5C,uEAAsEqD,CAAC,CAACC,UAAW,GAAE,EACtFD,CAAC,CAACE,KAAK,EACPF,CAAC,CAACG,MACJ,CAAC;AACH,CAAC"}

package/lib/module/wallet-instance-attestation/types.js

@@ -24,7 +24,7 @@ const Jwt = z.object({
 });
 export const WalletInstanceAttestationRequestJwt = z.object({
   header: z.intersection(Jwt.shape.header, z.object({
-    typ: z.literal("wiar+jwt")
+    typ: z.literal("war+jwt")
   })),
   payload: z.intersection(Jwt.shape.payload, z.object({
     aud: z.string(),
@@ -38,16 +38,16 @@ export const WalletInstanceAttestationJwt = z.object({
   })),
   payload: z.intersection(Jwt.shape.payload, z.object({
     sub: z.string(),
-    attested_security_context: z.string(),
+    aal: z.string(),
     authorization_endpoint: z.string(),
     response_types_supported: z.array(z.string()),
     vp_formats_supported: z.object({
-      jwt_vp_json: z.object({
-        alg_values_supported: z.array(z.string())
-      }),
-      jwt_vc_json: z.object({
-        alg_values_supported: z.array(z.string())
-      })
+      "vc+sd-jwt": z.object({
+        "sd-jwt_alg_values": z.array(z.string())
+      }).optional(),
+      "vp+sd-jwt": z.object({
+        "sd-jwt_alg_values": z.array(z.string())
+      }).optional()
     }),
     request_object_signing_alg_values_supported: z.array(z.string()),
     presentation_definition_uri_supported: z.boolean()

package/lib/module/wallet-instance-attestation/types.js.map

@@ -1 +1 @@
-{"version":3,"names":["JWK","z","UnixTime","number","min","max","Jwt","object","header","alg","string","kid","typ","x5c","array","optional","trust_chain","payload","iss","iat","exp","cnf","jwk","intersection","WalletInstanceAttestationRequestJwt","shape","literal","aud","jti","nonce","WalletInstanceAttestationJwt","sub","attested_security_context","authorization_endpoint","response_types_supported","vp_formats_supported","jwt_vp_json","alg_values_supported","jwt_vc_json","request_object_signing_alg_values_supported","presentation_definition_uri_supported","boolean"],"sourceRoot":"../../../src","sources":["wallet-instance-attestation/types.ts"],"mappings":"AAAA,SAASA,GAAG,QAAQ,cAAc;AAClC,OAAO,KAAKC,CAAC,MAAM,KAAK;AAExB,MAAMC,QAAQ,GAAGD,CAAC,CAACE,MAAM,CAAC,CAAC,CAACC,GAAG,CAAC,CAAC,CAAC,CAACC,GAAG,CAAC,aAAa,CAAC;AAGrD,MAAMC,GAAG,GAAGL,CAAC,CAACM,MAAM,CAAC;EACnBC,MAAM,EAAEP,CAAC,CAACM,MAAM,CAAC;IACfE,GAAG,EAAER,CAAC,CAACS,MAAM,CAAC,CAAC;IACfC,GAAG,EAAEV,CAAC,CAACS,MAAM,CAAC,CAAC;IACfE,GAAG,EAAEX,CAAC,CAACS,MAAM,CAAC,CAAC;IACfG,GAAG,EAAEZ,CAAC,CAACa,KAAK,CAACb,CAAC,CAACS,MAAM,CAAC,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;IACnCC,WAAW,EAAEf,CAAC,CAACa,KAAK,CAACb,CAAC,CAACS,MAAM,CAAC,CAAC,CAAC,CAACK,QAAQ,CAAC;EAC5C,CAAC,CAAC;EACFE,OAAO,EAAEhB,CAAC,CAACM,MAAM,CAAC;IAChBW,GAAG,EAAEjB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfS,GAAG,EAAEjB,QAAQ;IACbkB,GAAG,EAAElB,QAAQ;IACbmB,GAAG,EAAEpB,CAAC,CAACM,MAAM,CAAC;MACZe,GAAG,EAAErB,CAAC,CAACsB,YAAY,CACjBvB,GAAG;MACH;MACAC,CAAC,CAACM,MAAM,CAAC;QAAEI,GAAG,EAAEV,CAAC,CAACS,MAAM,CAAC;MAAE,CAAC,CAC9B;IACF,CAAC;EACH,CAAC;AACH,CAAC,CAAC;AAKF,OAAO,MAAMc,mCAAmC,GAAGvB,CAAC,CAACM,MAAM,CAAC;EAC1DC,MAAM,EAAEP,CAAC,CAACsB,YAAY,CACpBjB,GAAG,CAACmB,KAAK,CAACjB,MAAM,EAChBP,CAAC,CAACM,MAAM,CAAC;IACPK,GAAG,EAAEX,CAAC,CAACyB,OAAO,CAAC,UAAU;EAC3B,CAAC,CACH,CAAC;EACDT,OAAO,EAAEhB,CAAC,CAACsB,YAAY,CACrBjB,GAAG,CAACmB,KAAK,CAACR,OAAO,EACjBhB,CAAC,CAACM,MAAM,CAAC;IACPoB,GAAG,EAAE1B,CAAC,CAACS,MAAM,CAAC,CAAC;IACfkB,GAAG,EAAE3B,CAAC,CAACS,MAAM,CAAC,CAAC;IACfmB,KAAK,EAAE5B,CAAC,CAACS,MAAM,CAAC;EAClB,CAAC,CACH;AACF,CAAC,CAAC;AAKF,OAAO,MAAMoB,4BAA4B,GAAG7B,CAAC,CAACM,MAAM,CAAC;EACnDC,MAAM,EAAEP,CAAC,CAACsB,YAAY,CACpBjB,GAAG,CAACmB,KAAK,CAACjB,MAAM,EAChBP,CAAC,CAACM,MAAM,CAAC;IACPK,GAAG,EAAEX,CAAC,CAACyB,OAAO,CAAC,wBAAwB;EACzC,CAAC,CACH,CAAC;EACDT,OAAO,EAAEhB,CAAC,CAACsB,YAAY,CACrBjB,GAAG,CAACmB,KAAK,CAACR,OAAO,EACjBhB,CAAC,CAACM,MAAM,CAAC;IACPwB,GAAG,EAAE9B,CAAC,CAACS,MAAM,CAAC,CAAC;IACfsB,yBAAyB,EAAE/B,CAAC,CAACS,MAAM,CAAC,CAAC;IACrCuB,sBAAsB,EAAEhC,CAAC,CAACS,MAAM,CAAC,CAAC;IAClCwB,wBAAwB,EAAEjC,CAAC,CAACa,KAAK,CAACb,CAAC,CAACS,MAAM,CAAC,CAAC,CAAC;IAC7CyB,oBAAoB,EAAElC,CAAC,CAACM,MAAM,CAAC;MAC7B6B,WAAW,EAAEnC,CAAC,CAACM,MAAM,CAAC;QACpB8B,oBAAoB,EAAEpC,CAAC,CAACa,KAAK,CAACb,CAAC,CAACS,MAAM,CAAC,CAAC;MAC1C,CAAC,CAAC;MACF4B,WAAW,EAAErC,CAAC,CAACM,MAAM,CAAC;QACpB8B,oBAAoB,EAAEpC,CAAC,CAACa,KAAK,CAACb,CAAC,CAACS,MAAM,CAAC,CAAC;MAC1C,CAAC;IACH,CAAC,CAAC;IACF6B,2CAA2C,EAAEtC,CAAC,CAACa,KAAK,CAACb,CAAC,CAACS,MAAM,CAAC,CAAC,CAAC;IAChE8B,qCAAqC,EAAEvC,CAAC,CAACwC,OAAO,CAAC;EACnD,CAAC,CACH;AACF,CAAC,CAAC"}
+{"version":3,"names":["JWK","z","UnixTime","number","min","max","Jwt","object","header","alg","string","kid","typ","x5c","array","optional","trust_chain","payload","iss","iat","exp","cnf","jwk","intersection","WalletInstanceAttestationRequestJwt","shape","literal","aud","jti","nonce","WalletInstanceAttestationJwt","sub","aal","authorization_endpoint","response_types_supported","vp_formats_supported","request_object_signing_alg_values_supported","presentation_definition_uri_supported","boolean"],"sourceRoot":"../../../src","sources":["wallet-instance-attestation/types.ts"],"mappings":"AAAA,SAASA,GAAG,QAAQ,cAAc;AAClC,OAAO,KAAKC,CAAC,MAAM,KAAK;AAExB,MAAMC,QAAQ,GAAGD,CAAC,CAACE,MAAM,CAAC,CAAC,CAACC,GAAG,CAAC,CAAC,CAAC,CAACC,GAAG,CAAC,aAAa,CAAC;AAGrD,MAAMC,GAAG,GAAGL,CAAC,CAACM,MAAM,CAAC;EACnBC,MAAM,EAAEP,CAAC,CAACM,MAAM,CAAC;IACfE,GAAG,EAAER,CAAC,CAACS,MAAM,CAAC,CAAC;IACfC,GAAG,EAAEV,CAAC,CAACS,MAAM,CAAC,CAAC;IACfE,GAAG,EAAEX,CAAC,CAACS,MAAM,CAAC,CAAC;IACfG,GAAG,EAAEZ,CAAC,CAACa,KAAK,CAACb,CAAC,CAACS,MAAM,CAAC,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;IACnCC,WAAW,EAAEf,CAAC,CAACa,KAAK,CAACb,CAAC,CAACS,MAAM,CAAC,CAAC,CAAC,CAACK,QAAQ,CAAC;EAC5C,CAAC,CAAC;EACFE,OAAO,EAAEhB,CAAC,CAACM,MAAM,CAAC;IAChBW,GAAG,EAAEjB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfS,GAAG,EAAEjB,QAAQ;IACbkB,GAAG,EAAElB,QAAQ;IACbmB,GAAG,EAAEpB,CAAC,CAACM,MAAM,CAAC;MACZe,GAAG,EAAErB,CAAC,CAACsB,YAAY,CACjBvB,GAAG;MACH;MACAC,CAAC,CAACM,MAAM,CAAC;QAAEI,GAAG,EAAEV,CAAC,CAACS,MAAM,CAAC;MAAE,CAAC,CAC9B;IACF,CAAC;EACH,CAAC;AACH,CAAC,CAAC;AAKF,OAAO,MAAMc,mCAAmC,GAAGvB,CAAC,CAACM,MAAM,CAAC;EAC1DC,MAAM,EAAEP,CAAC,CAACsB,YAAY,CACpBjB,GAAG,CAACmB,KAAK,CAACjB,MAAM,EAChBP,CAAC,CAACM,MAAM,CAAC;IACPK,GAAG,EAAEX,CAAC,CAACyB,OAAO,CAAC,SAAS;EAC1B,CAAC,CACH,CAAC;EACDT,OAAO,EAAEhB,CAAC,CAACsB,YAAY,CACrBjB,GAAG,CAACmB,KAAK,CAACR,OAAO,EACjBhB,CAAC,CAACM,MAAM,CAAC;IACPoB,GAAG,EAAE1B,CAAC,CAACS,MAAM,CAAC,CAAC;IACfkB,GAAG,EAAE3B,CAAC,CAACS,MAAM,CAAC,CAAC;IACfmB,KAAK,EAAE5B,CAAC,CAACS,MAAM,CAAC;EAClB,CAAC,CACH;AACF,CAAC,CAAC;AAKF,OAAO,MAAMoB,4BAA4B,GAAG7B,CAAC,CAACM,MAAM,CAAC;EACnDC,MAAM,EAAEP,CAAC,CAACsB,YAAY,CACpBjB,GAAG,CAACmB,KAAK,CAACjB,MAAM,EAChBP,CAAC,CAACM,MAAM,CAAC;IACPK,GAAG,EAAEX,CAAC,CAACyB,OAAO,CAAC,wBAAwB;EACzC,CAAC,CACH,CAAC;EACDT,OAAO,EAAEhB,CAAC,CAACsB,YAAY,CACrBjB,GAAG,CAACmB,KAAK,CAACR,OAAO,EACjBhB,CAAC,CAACM,MAAM,CAAC;IACPwB,GAAG,EAAE9B,CAAC,CAACS,MAAM,CAAC,CAAC;IACfsB,GAAG,EAAE/B,CAAC,CAACS,MAAM,CAAC,CAAC;IACfuB,sBAAsB,EAAEhC,CAAC,CAACS,MAAM,CAAC,CAAC;IAClCwB,wBAAwB,EAAEjC,CAAC,CAACa,KAAK,CAACb,CAAC,CAACS,MAAM,CAAC,CAAC,CAAC;IAC7CyB,oBAAoB,EAAElC,CAAC,CAACM,MAAM,CAAC;MAC7B,WAAW,EAAEN,CAAC,CACXM,MAAM,CAAC;QACN,mBAAmB,EAAEN,CAAC,CAACa,KAAK,CAACb,CAAC,CAACS,MAAM,CAAC,CAAC;MACzC,CAAC,CAAC,CACDK,QAAQ,CAAC,CAAC;MACb,WAAW,EAAEd,CAAC,CACXM,MAAM,CAAC;QACN,mBAAmB,EAAEN,CAAC,CAACa,KAAK,CAACb,CAAC,CAACS,MAAM,CAAC,CAAC;MACzC,CAAC,CAAC,CACDK,QAAQ,CAAC;IACd,CAAC,CAAC;IACFqB,2CAA2C,EAAEnC,CAAC,CAACa,KAAK,CAACb,CAAC,CAACS,MAAM,CAAC,CAAC,CAAC;IAChE2B,qCAAqC,EAAEpC,CAAC,CAACqC,OAAO,CAAC;EACnD,CAAC,CACH;AACF,CAAC,CAAC"}

package/lib/typescript/client/generated/wallet-provider.d.ts

@@ -0,0 +1,264 @@
+import z from "zod";
+export type NonceDetailView = z.infer<typeof NonceDetailView>;
+export declare const NonceDetailView: z.ZodObject<{
+    nonce: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    nonce: string;
+}, {
+    nonce: string;
+}>;
+export type WalletAttestationView = z.infer<typeof WalletAttestationView>;
+export declare const WalletAttestationView: z.ZodString;
+export type CreateWalletInstanceBody = z.infer<typeof CreateWalletInstanceBody>;
+export declare const CreateWalletInstanceBody: z.ZodObject<{
+    challenge: z.ZodString;
+    key_attestation: z.ZodString;
+    hardware_key_tag: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    challenge: string;
+    key_attestation: string;
+    hardware_key_tag: string;
+}, {
+    challenge: string;
+    key_attestation: string;
+    hardware_key_tag: string;
+}>;
+export type CreateWalletAttestationBody = z.infer<typeof CreateWalletAttestationBody>;
+export declare const CreateWalletAttestationBody: z.ZodObject<{
+    grant_type: z.ZodLiteral<"urn:ietf:params:oauth:grant-type:jwt-bearer">;
+    assertion: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    grant_type: "urn:ietf:params:oauth:grant-type:jwt-bearer";
+    assertion: string;
+}, {
+    grant_type: "urn:ietf:params:oauth:grant-type:jwt-bearer";
+    assertion: string;
+}>;
+export type ProblemDetail = z.infer<typeof ProblemDetail>;
+export declare const ProblemDetail: z.ZodObject<{
+    type: z.ZodOptional<z.ZodString>;
+    title: z.ZodOptional<z.ZodString>;
+    status: z.ZodOptional<z.ZodNumber>;
+    detail: z.ZodOptional<z.ZodString>;
+    instance: z.ZodOptional<z.ZodString>;
+}, "strip", z.ZodTypeAny, {
+    type?: string | undefined;
+    title?: string | undefined;
+    status?: number | undefined;
+    detail?: string | undefined;
+    instance?: string | undefined;
+}, {
+    type?: string | undefined;
+    title?: string | undefined;
+    status?: number | undefined;
+    detail?: string | undefined;
+    instance?: string | undefined;
+}>;
+export type FiscalCode = z.infer<typeof FiscalCode>;
+export declare const FiscalCode: z.ZodString;
+export type Id = z.infer<typeof Id>;
+export declare const Id: z.ZodString;
+export type get_GetNonce = typeof get_GetNonce;
+export declare const get_GetNonce: {
+    method: z.ZodLiteral<"GET">;
+    path: z.ZodLiteral<"/nonce">;
+    parameters: z.ZodNever;
+    response: z.ZodObject<{
+        nonce: z.ZodString;
+    }, "strip", z.ZodTypeAny, {
+        nonce: string;
+    }, {
+        nonce: string;
+    }>;
+};
+export type post_CreateWalletInstance = typeof post_CreateWalletInstance;
+export declare const post_CreateWalletInstance: {
+    method: z.ZodLiteral<"POST">;
+    path: z.ZodLiteral<"/wallet-instances">;
+    parameters: z.ZodObject<{
+        body: z.ZodObject<{
+            challenge: z.ZodString;
+            key_attestation: z.ZodString;
+            hardware_key_tag: z.ZodString;
+        }, "strip", z.ZodTypeAny, {
+            challenge: string;
+            key_attestation: string;
+            hardware_key_tag: string;
+        }, {
+            challenge: string;
+            key_attestation: string;
+            hardware_key_tag: string;
+        }>;
+    }, "strip", z.ZodTypeAny, {
+        body: {
+            challenge: string;
+            key_attestation: string;
+            hardware_key_tag: string;
+        };
+    }, {
+        body: {
+            challenge: string;
+            key_attestation: string;
+            hardware_key_tag: string;
+        };
+    }>;
+    response: z.ZodUnknown;
+};
+export type post_CreateWalletAttestation = typeof post_CreateWalletAttestation;
+export declare const post_CreateWalletAttestation: {
+    method: z.ZodLiteral<"POST">;
+    path: z.ZodLiteral<"/token">;
+    parameters: z.ZodObject<{
+        body: z.ZodObject<{
+            grant_type: z.ZodLiteral<"urn:ietf:params:oauth:grant-type:jwt-bearer">;
+            assertion: z.ZodString;
+        }, "strip", z.ZodTypeAny, {
+            grant_type: "urn:ietf:params:oauth:grant-type:jwt-bearer";
+            assertion: string;
+        }, {
+            grant_type: "urn:ietf:params:oauth:grant-type:jwt-bearer";
+            assertion: string;
+        }>;
+    }, "strip", z.ZodTypeAny, {
+        body: {
+            grant_type: "urn:ietf:params:oauth:grant-type:jwt-bearer";
+            assertion: string;
+        };
+    }, {
+        body: {
+            grant_type: "urn:ietf:params:oauth:grant-type:jwt-bearer";
+            assertion: string;
+        };
+    }>;
+    response: z.ZodUnknown;
+};
+export declare const EndpointByMethod: {
+    get: {
+        "/nonce": {
+            method: z.ZodLiteral<"GET">;
+            path: z.ZodLiteral<"/nonce">;
+            parameters: z.ZodNever;
+            response: z.ZodObject<{
+                nonce: z.ZodString;
+            }, "strip", z.ZodTypeAny, {
+                nonce: string;
+            }, {
+                nonce: string;
+            }>;
+        };
+    };
+    post: {
+        "/wallet-instances": {
+            method: z.ZodLiteral<"POST">;
+            path: z.ZodLiteral<"/wallet-instances">;
+            parameters: z.ZodObject<{
+                body: z.ZodObject<{
+                    challenge: z.ZodString;
+                    key_attestation: z.ZodString;
+                    hardware_key_tag: z.ZodString;
+                }, "strip", z.ZodTypeAny, {
+                    challenge: string;
+                    key_attestation: string;
+                    hardware_key_tag: string;
+                }, {
+                    challenge: string;
+                    key_attestation: string;
+                    hardware_key_tag: string;
+                }>;
+            }, "strip", z.ZodTypeAny, {
+                body: {
+                    challenge: string;
+                    key_attestation: string;
+                    hardware_key_tag: string;
+                };
+            }, {
+                body: {
+                    challenge: string;
+                    key_attestation: string;
+                    hardware_key_tag: string;
+                };
+            }>;
+            response: z.ZodUnknown;
+        };
+        "/token": {
+            method: z.ZodLiteral<"POST">;
+            path: z.ZodLiteral<"/token">;
+            parameters: z.ZodObject<{
+                body: z.ZodObject<{
+                    grant_type: z.ZodLiteral<"urn:ietf:params:oauth:grant-type:jwt-bearer">;
+                    assertion: z.ZodString;
+                }, "strip", z.ZodTypeAny, {
+                    grant_type: "urn:ietf:params:oauth:grant-type:jwt-bearer";
+                    assertion: string;
+                }, {
+                    grant_type: "urn:ietf:params:oauth:grant-type:jwt-bearer";
+                    assertion: string;
+                }>;
+            }, "strip", z.ZodTypeAny, {
+                body: {
+                    grant_type: "urn:ietf:params:oauth:grant-type:jwt-bearer";
+                    assertion: string;
+                };
+            }, {
+                body: {
+                    grant_type: "urn:ietf:params:oauth:grant-type:jwt-bearer";
+                    assertion: string;
+                };
+            }>;
+            response: z.ZodUnknown;
+        };
+    };
+};
+export type EndpointByMethod = typeof EndpointByMethod;
+export type GetEndpoints = EndpointByMethod["get"];
+export type PostEndpoints = EndpointByMethod["post"];
+export type AllEndpoints = EndpointByMethod[keyof EndpointByMethod];
+export type EndpointParameters = {
+    body?: unknown;
+    query?: Record<string, unknown>;
+    header?: Record<string, unknown>;
+    path?: Record<string, unknown>;
+};
+export type MutationMethod = "post" | "put" | "patch" | "delete";
+export type Method = "get" | "head" | MutationMethod;
+export type DefaultEndpoint = {
+    parameters?: EndpointParameters | undefined;
+    response: unknown;
+};
+export type Endpoint<TConfig extends DefaultEndpoint = DefaultEndpoint> = {
+    operationId: string;
+    method: Method;
+    path: string;
+    parameters?: TConfig["parameters"];
+    meta: {
+        alias: string;
+        hasParameters: boolean;
+        areParametersRequired: boolean;
+    };
+    response: TConfig["response"];
+};
+type Fetcher = (method: Method, url: string, parameters?: EndpointParameters | undefined) => Promise<Endpoint["response"]>;
+type RequiredKeys<T> = {
+    [P in keyof T]-?: undefined extends T[P] ? never : P;
+}[keyof T];
+type MaybeOptionalArg<T> = RequiredKeys<T> extends never ? [config?: T] : [config: T];
+export declare class ApiClient {
+    fetcher: Fetcher;
+    baseUrl: string;
+    constructor(fetcher: Fetcher);
+    setBaseUrl(baseUrl: string): this;
+    get<Path extends keyof GetEndpoints, TEndpoint extends GetEndpoints[Path]>(path: Path, ...params: MaybeOptionalArg<z.infer<TEndpoint["parameters"]>>): Promise<z.infer<TEndpoint["response"]>>;
+    post<Path extends keyof PostEndpoints, TEndpoint extends PostEndpoints[Path]>(path: Path, ...params: MaybeOptionalArg<z.infer<TEndpoint["parameters"]>>): Promise<z.infer<TEndpoint["response"]>>;
+}
+export declare function createApiClient(fetcher: Fetcher, baseUrl?: string): ApiClient;
+export {};
+/**
+ Example usage:
+ const api = createApiClient((method, url, params) =>
+   fetch(url, { method, body: JSON.stringify(params) }).then((res) => res.json()),
+ );
+ api.get("/users").then((users) => console.log(users));
+ api.post("/users", { body: { name: "John" } }).then((user) => console.log(user));
+ api.put("/users/:id", { path: { id: 1 }, body: { name: "John" } }).then((user) => console.log(user));
+*/
+//# sourceMappingURL=wallet-provider.d.ts.map

package/lib/typescript/client/generated/wallet-provider.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"wallet-provider.d.ts","sourceRoot":"","sources":["../../../../src/client/generated/wallet-provider.ts"],"names":[],"mappings":"AAAA,OAAO,CAAC,MAAM,KAAK,CAAC;AAEpB,MAAM,MAAM,eAAe,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,eAAe,CAAC,CAAC;AAC9D,eAAO,MAAM,eAAe;;;;;;EAE1B,CAAC;AAEH,MAAM,MAAM,qBAAqB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,qBAAqB,CAAC,CAAC;AAC1E,eAAO,MAAM,qBAAqB,aAAa,CAAC;AAEhD,MAAM,MAAM,wBAAwB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,wBAAwB,CAAC,CAAC;AAChF,eAAO,MAAM,wBAAwB;;;;;;;;;;;;EAInC,CAAC;AAEH,MAAM,MAAM,2BAA2B,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,2BAA2B,CAAC,CAAC;AACtF,eAAO,MAAM,2BAA2B;;;;;;;;;EAGtC,CAAC;AAEH,MAAM,MAAM,aAAa,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,aAAa,CAAC,CAAC;AAC1D,eAAO,MAAM,aAAa;;;;;;;;;;;;;;;;;;EAMxB,CAAC;AAEH,MAAM,MAAM,UAAU,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,UAAU,CAAC,CAAC;AACpD,eAAO,MAAM,UAAU,aAAa,CAAC;AAErC,MAAM,MAAM,EAAE,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;AACpC,eAAO,MAAM,EAAE,aAAa,CAAC;AAE7B,MAAM,MAAM,YAAY,GAAG,OAAO,YAAY,CAAC;AAC/C,eAAO,MAAM,YAAY;;;;;;;;;;;CAKxB,CAAC;AAEF,MAAM,MAAM,yBAAyB,GAAG,OAAO,yBAAyB,CAAC;AACzE,eAAO,MAAM,yBAAyB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAOrC,CAAC;AAEF,MAAM,MAAM,4BAA4B,GAAG,OAAO,4BAA4B,CAAC;AAC/E,eAAO,MAAM,4BAA4B;;;;;;;;;;;;;;;;;;;;;;;;;;CAOxC,CAAC;AAGF,eAAO,MAAM,gBAAgB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAQ5B,CAAC;AACF,MAAM,MAAM,gBAAgB,GAAG,OAAO,gBAAgB,CAAC;AAIvD,MAAM,MAAM,YAAY,GAAG,gBAAgB,CAAC,KAAK,CAAC,CAAC;AACnD,MAAM,MAAM,aAAa,GAAG,gBAAgB,CAAC,MAAM,CAAC,CAAC;AACrD,MAAM,MAAM,YAAY,GAAG,gBAAgB,CAAC,MAAM,gBAAgB,CAAC,CAAC;AAIpE,MAAM,MAAM,kBAAkB,GAAG;IAC/B,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAChC,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACjC,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CAChC,CAAC;AAEF,MAAM,MAAM,cAAc,GAAG,MAAM,GAAG,KAAK,GAAG,OAAO,GAAG,QAAQ,CAAC;AACjE,MAAM,MAAM,MAAM,GAAG,KAAK,GAAG,MAAM,GAAG,cAAc,CAAC;AAErD,MAAM,MAAM,eAAe,GAAG;IAC5B,UAAU,CAAC,EAAE,kBAAkB,GAAG,SAAS,CAAC;IAC5C,QAAQ,EAAE,OAAO,CAAC;CACnB,CAAC;AAEF,MAAM,MAAM,QAAQ,CAAC,OAAO,SAAS,eAAe,GAAG,eAAe,IAAI;IACxE,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,CAAC,EAAE,OAAO,CAAC,YAAY,CAAC,CAAC;IACnC,IAAI,EAAE;QACJ,KAAK,EAAE,MAAM,CAAC;QACd,aAAa,EAAE,OAAO,CAAC;QACvB,qBAAqB,EAAE,OAAO,CAAC;KAChC,CAAC;IACF,QAAQ,EAAE,OAAO,CAAC,UAAU,CAAC,CAAC;CAC/B,CAAC;AAEF,KAAK,OAAO,GAAG,CACb,MAAM,EAAE,MAAM,EACd,GAAG,EAAE,MAAM,EACX,UAAU,CAAC,EAAE,kBAAkB,GAAG,SAAS,KACxC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,CAAC;AAEnC,KAAK,YAAY,CAAC,CAAC,IAAI;KACpB,CAAC,IAAI,MAAM,CAAC,CAAC,CAAC,GAAG,SAAS,SAAS,CAAC,CAAC,CAAC,CAAC,GAAG,KAAK,GAAG,CAAC;CACrD,CAAC,MAAM,CAAC,CAAC,CAAC;AAEX,KAAK,gBAAgB,CAAC,CAAC,IAAI,YAAY,CAAC,CAAC,CAAC,SAAS,KAAK,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;AAKtF,qBAAa,SAAS;IAGD,OAAO,EAAE,OAAO;IAFnC,OAAO,EAAE,MAAM,CAAM;gBAEF,OAAO,EAAE,OAAO;IAEnC,UAAU,CAAC,OAAO,EAAE,MAAM;IAM1B,GAAG,CAAC,IAAI,SAAS,MAAM,YAAY,EAAE,SAAS,SAAS,YAAY,CAAC,IAAI,CAAC,EACvE,IAAI,EAAE,IAAI,EACV,GAAG,MAAM,EAAE,gBAAgB,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC,CAAC,GAC5D,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC;IAM1C,IAAI,CAAC,IAAI,SAAS,MAAM,aAAa,EAAE,SAAS,SAAS,aAAa,CAAC,IAAI,CAAC,EAC1E,IAAI,EAAE,IAAI,EACV,GAAG,MAAM,EAAE,gBAAgB,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC,CAAC,GAC5D,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC;CAI3C;AAED,wBAAgB,eAAe,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC,EAAE,MAAM,aAEjE;;AAED;;;;;;;;EAQE"}

package/lib/typescript/client/index.d.ts

@@ -0,0 +1,7 @@
+import { ApiClient as WalletProviderApiClient } from "./generated/wallet-provider";
+export type WalletProviderClient = WalletProviderApiClient;
+export declare const getWalletProviderClient: (context: {
+    walletProviderBaseUrl: string;
+    appFetch?: GlobalFetch["fetch"];
+}) => WalletProviderApiClient;
+//# sourceMappingURL=index.d.ts.map

package/lib/typescript/client/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/client/index.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,SAAS,IAAI,uBAAuB,EAAE,MAAM,6BAA6B,CAAC;AAEnF,MAAM,MAAM,oBAAoB,GAAG,uBAAuB,CAAC;AAuB3D,eAAO,MAAM,uBAAuB,YAAa;IAC/C,qBAAqB,EAAE,MAAM,CAAC;IAC9B,QAAQ,CAAC,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC;CACjC,4BAmBA,CAAC"}

package/lib/typescript/credential/issuance/01-start-flow.d.ts

@@ -1,4 +1,5 @@
 /**
+ * WARNING: This is the first function to be called in the issuing flow. The next function to be called is {@link evaluateIssuerTrust}.
  * The beginning of the issuing flow.
  * To be implemented accordind to the user touchpoint
  *

package/lib/typescript/credential/issuance/01-start-flow.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"01-start-flow.d.ts","sourceRoot":"","sources":["../../../../src/credential/issuance/01-start-flow.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AACH,MAAM,MAAM,SAAS,GAAG,MAAM;IAC5B,SAAS,EAAE,MAAM,CAAC;IAClB,cAAc,EAAE,MAAM,CAAC;CACxB,CAAC"}
+{"version":3,"file":"01-start-flow.d.ts","sourceRoot":"","sources":["../../../../src/credential/issuance/01-start-flow.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AACH,MAAM,MAAM,SAAS,GAAG,MAAM;IAC5B,SAAS,EAAE,MAAM,CAAC;IAClB,cAAc,EAAE,MAAM,CAAC;CACxB,CAAC"}

package/lib/typescript/credential/issuance/02-evaluate-issuer-trust.d.ts

@@ -7,10 +7,11 @@ export type EvaluateIssuerTrust = (issuerUrl: Out<StartFlow>["issuerUrl"], conte
     issuerConf: CredentialIssuerEntityConfiguration["payload"]["metadata"];
 }>;
 /**
+ * WARNING: This function must be called after {@link startFlow}. The next function to be called is {@link startUserAuthorization}.
  * The Issuer trust evaluation phase.
  * Fetch the Issuer's configuration and verify trust.
  *
- * @param issuerUrl The base url of the Issuer
+ * @param issuerUrl The base url of the Issuer returned by {@link startFlow}
  * @param context.appFetch (optional) fetch api implementation. Default: built-in fetch
  * @returns The Issuer's configuration
  */

package/lib/typescript/credential/issuance/02-evaluate-issuer-trust.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"02-evaluate-issuer-trust.d.ts","sourceRoot":"","sources":["../../../../src/credential/issuance/02-evaluate-issuer-trust.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,mCAAmC,EAAE,MAAM,mBAAmB,CAAC;AACxE,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AACjD,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,kBAAkB,CAAC;AAE5C,MAAM,MAAM,mBAAmB,GAAG,CAChC,SAAS,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC,WAAW,CAAC,EACtC,OAAO,CAAC,EAAE;IACR,QAAQ,CAAC,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC;CACjC,KACE,OAAO,CAAC;IACX,UAAU,EAAE,mCAAmC,CAAC,SAAS,CAAC,CAAC,UAAU,CAAC,CAAC;CACxE,CAAC,CAAC;AAEH;;;;;;;GAOG;AACH,eAAO,MAAM,mBAAmB,EAAE,mBAQjC,CAAC"}
+{"version":3,"file":"02-evaluate-issuer-trust.d.ts","sourceRoot":"","sources":["../../../../src/credential/issuance/02-evaluate-issuer-trust.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,mCAAmC,EAAE,MAAM,mBAAmB,CAAC;AACxE,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AACjD,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,kBAAkB,CAAC;AAE5C,MAAM,MAAM,mBAAmB,GAAG,CAChC,SAAS,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC,WAAW,CAAC,EACtC,OAAO,CAAC,EAAE;IACR,QAAQ,CAAC,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC;CACjC,KACE,OAAO,CAAC;IACX,UAAU,EAAE,mCAAmC,CAAC,SAAS,CAAC,CAAC,UAAU,CAAC,CAAC;CACxE,CAAC,CAAC;AAEH;;;;;;;;GAQG;AACH,eAAO,MAAM,mBAAmB,EAAE,mBAQjC,CAAC"}

package/lib/typescript/credential/issuance/03-start-credential-issuance.d.ts

@@ -0,0 +1,41 @@
+import { type CryptoContext } from "@pagopa/io-react-native-jwt";
+import { type Out } from "../../utils/misc";
+import type { StartFlow } from "./01-start-flow";
+import type { EvaluateIssuerTrust } from "./02-evaluate-issuer-trust";
+import { type AuthorizationContext, type AuthorizationResult } from "../../utils/auth";
+import { CredentialResponse } from "./types";
+export type StartCredentialIssuance = (issuerConf: Out<EvaluateIssuerTrust>["issuerConf"], credentialType: Out<StartFlow>["credentialType"], context: {
+    wiaCryptoContext: CryptoContext;
+    credentialCryptoContext: CryptoContext;
+    authorizationContext?: AuthorizationContext;
+    walletInstanceAttestation: string;
+    redirectUri: string;
+    idphint: string;
+    appFetch?: GlobalFetch["fetch"];
+}) => Promise<CredentialResponse>;
+/**
+ * Starts the credential issuance flow to obtain a credential from the issuer.
+ * @param issuerConf The Issuer configuration
+ * @param credentialType The type of the credential to be requested
+ * @param context.wiaCryptoContext The context to access the key associated with the Wallet Instance Attestation
+ * @param context.credentialCryptoContext The context to access the key to associat with credential
+ * @param context.walletInstanceAttestation The Wallet Instance Attestation token
+ * @param context.authorizationContext The context to identify the user which will be used to start the authorization. It's needed only when requesting a PersonalIdentificationData credential. The implementantion should open an in-app browser capable of catching the redirectSchema. If not specified, the default browser is used.
+ * @param context.redirectUri The internal URL to which to redirect has passed the in-app browser login phase. If you don't use authorizationContext remember to register this URL as customUrl or deepLink. See https://reactnative.dev/docs/linking
+ * @param context.idphint Unique identifier of the SPID IDP
+ * @param context.appFetch (optional) fetch api implementation. Default: built-in fetch
+ * @throws {AuthorizationError} When the response from the authorization response is not parsable
+ * @returns The credential obtained
+ */
+export declare const startCredentialIssuance: StartCredentialIssuance;
+/**
+ * Authorizes the user using the query mode and the authorization context.
+ * @param authzRequestEndpoint The authorization endpoint of the authorization server
+ * @param params The query parameters to be used in the request
+ * @param redirectUri The URL to which the redirect is made is usually a custom URL or deeplink
+ * @param authorizationContext The AuthorizationContext to manage the internal webview. If not specified, the default browser is used
+ * @returns The authrozation result containing the authorization code, state and issuer
+ */
+export declare const authorizeUserWithQueryMode: (authzRequestEndpoint: string, params: URLSearchParams, redirectUri: string, authorizationContext?: AuthorizationContext) => Promise<AuthorizationResult>;
+export declare const createNonceProof: (nonce: string, issuer: string, audience: string, ctx: CryptoContext) => Promise<string>;
+//# sourceMappingURL=03-start-credential-issuance.d.ts.map