@pagopa/io-react-native-wallet 0.11.1 → 0.13.0

package/lib/commonjs/credential/issuance/06-obtain-credential.js

@@ -4,107 +4,80 @@ Object.defineProperty(exports, "__esModule", {
   value: true
 });
 exports.obtainCredential = exports.createNonceProof = void 0;
-var z = _interopRequireWildcard(require("zod"));
-var _reactNativeUuid = _interopRequireDefault(require("react-native-uuid"));
 var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
-var _dpop = require("../../utils/dpop");
-var _misc = require("../../utils/misc");
-var _const = require("./const");
-function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
-function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
-function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
-/**
- * Return the signed jwt for nonce proof of possession
- */
+var _misc = require("../../../src/utils/misc");
+var _errors = require("../../../src/utils/errors");
+var _types = require("./types");
 const createNonceProof = async (nonce, issuer, audience, ctx) => {
+  const jwk = await ctx.getPublicKey();
   return new _ioReactNativeJwt.SignJWT(ctx).setPayload({
-    nonce,
-    jwk: await ctx.getPublicKey()
+    nonce
   }).setProtectedHeader({
-    type: "openid4vci-proof+jwt"
-  }).setAudience(audience).setIssuer(issuer).setIssuedAt().setExpirationTime("1h").sign();
+    typ: "openid4vci-proof+jwt",
+    jwk
+  }).setAudience(audience).setIssuer(issuer).setIssuedAt().setExpirationTime("5min").sign();
 };
-exports.createNonceProof = createNonceProof;
-const CredentialEndpointResponse = z.object({
-  credential: z.string(),
-  format: _const.SupportedCredentialFormat,
-  // nonce used to perform multiple credential requests
-  // re-using the same authorization profile
-  c_nonce: z.string(),
-  c_nonce_expires_in: z.number()
-});
-// Checks whether in the Entity confoguration at least one credential
-// is defined for the given type and format
-const isCredentialAvailable = (issuerConf, credentialType, credentialFormat) => issuerConf.openid_credential_issuer.credentials_supported.some(c => c.format === credentialFormat && c.credential_definition.type.includes(credentialType));
 
 /**
- * Fetch a credential from the issuer
- *
- * @param issuerConf The Issuer configuration
- * @param accessToken The access token to grant access to the credential, obtained with the access authorization step
- * @param nonce The nonce value to prevent reply attacks, obtained with the access authorization step
- * @param clientId Identifies the current client across all the requests of the issuing flow
- * @param credentialType The type of the credential to be requested
- * @param credentialFormat The format of the requested credential. @see {SupportedCredentialFormat}
- * @param context.credentialCryptoContext The context to access the key the Credential will be bound to
- * @param context.walletProviderBaseUrl The base url of the Wallet Provider
+ * Obtains the credential from the issuer.
+ * The key pair of the credentialCryptoContext is used for Openid4vci proof JWT to be presented with the Access Token and the DPoP Proof JWT at the Credential Endpoint
+ * of the Credential Issuer to request the issuance of a credential linked to the public key contained in the JWT proof.
+ * The Openid4vci proof JWT incapsulates the nonce extracted from the token response from the {@link authorizeAccess} step.
+ * The credential request is sent to the Credential Endpoint of the Credential Issuer via HTTP POST with the type of the credential, its format, the access token and the JWT proof.
+ * @param issuerConf The issuer configuration returned by {@link evaluateIssuerTrust}
+ * @param accessToken The access token response returned by {@link authorizeAccess}
+ * @param clientId The client id returned by {@link startUserAuthorization}
+ * @param credentialDefinition The credential definition of the credential to be obtained returned by {@link startUserAuthorization}
+ * @param tokenRequestSignedDPop The DPoP signed token request returned by {@link authorizeAccess}
+ * @param context.credentialCryptoContext The crypto context used to obtain the credential
  * @param context.appFetch (optional) fetch api implementation. Default: built-in fetch
- * @returns The signed credential token
+ * @returns The credential response containing the credential
  */
-const obtainCredential = async (issuerConf, accessToken, nonce, clientId, credentialType, credentialFormat, context) => {
+exports.createNonceProof = createNonceProof;
+const obtainCredential = async (issuerConf, accessToken, clientId, credentialDefinition, tokenRequestSignedDPop, context) => {
   const {
     credentialCryptoContext,
-    walletProviderBaseUrl,
     appFetch = fetch
   } = context;
-  if (!isCredentialAvailable(issuerConf, credentialType, credentialFormat)) {
-    throw new Error(`The Issuer provides no credential for type ${credentialType} and format ${credentialFormat}`);
-  }
   const credentialUrl = issuerConf.openid_credential_issuer.credential_endpoint;
 
-  /** DPoP token for demonstating the possession
-      of the key that will bind the holder User with the Credential
-      @see https://datatracker.ietf.org/doc/html/rfc9449 */
-  const signedDPopForPid = await (0, _dpop.createDPopToken)({
-    htm: "POST",
-    htu: credentialUrl,
-    jti: `${_reactNativeUuid.default.v4()}`
-  }, credentialCryptoContext);
+  /**
+   * JWT proof token to bind the request nonce to the key that will bind the holder User with the Credential
+   * This is presented along with the access token to the Credential Endpoint as proof of possession of the private key used to sign the Access Token.
+   * @see https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0.html#name-proof-types
+   */
+  const signedNonceProof = await createNonceProof(accessToken.c_nonce, clientId, credentialUrl, credentialCryptoContext);
 
-  /** JWT proof token to bind the request nonce
-      to the key that will bind the holder User with the Credential
-      @see https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0.html#name-proof-types */
-  const signedNonceProof = await createNonceProof(nonce, clientId, walletProviderBaseUrl, credentialCryptoContext);
+  // Validation of accessTokenResponse.authorization_details if contain credentialDefinition
+  const constainsCredentialDefinition = accessToken.authorization_details.some(c => c.credential_configuration_id === credentialDefinition.credential_configuration_id && c.format === credentialDefinition.format && c.type === credentialDefinition.type);
+  if (!constainsCredentialDefinition) {
+    throw new _errors.ValidationFailed("The access token response does not contain the requested credential");
+  }
 
   /** The credential request body */
-  const formBody = new URLSearchParams({
-    credential_definition: JSON.stringify({
-      type: [credentialType]
-    }),
-    format: credentialFormat,
-    proof: JSON.stringify({
+  const credentialRequestFormBody = {
+    credential_definition: {
+      type: [credentialDefinition.credential_configuration_id]
+    },
+    format: credentialDefinition.format,
+    proof: {
       jwt: signedNonceProof,
       proof_type: "jwt"
-    })
-  });
-  const {
-    credential,
-    format,
-    c_nonce
-  } = await appFetch(credentialUrl, {
+    }
+  };
+  const credentialRes = await appFetch(credentialUrl, {
     method: "POST",
     headers: {
-      "Content-Type": "application/x-www-form-urlencoded",
-      DPoP: signedDPopForPid,
-      Authorization: accessToken
+      "Content-Type": "application/json",
+      DPoP: tokenRequestSignedDPop,
+      Authorization: `${accessToken.token_type} ${accessToken.access_token}`
     },
-    body: formBody.toString()
-  }).then((0, _misc.hasStatus)(200)).then(res => res.json()).then(CredentialEndpointResponse.parse);
-  return {
-    credential,
-    format,
-    nonce: c_nonce
-  };
+    body: JSON.stringify(credentialRequestFormBody)
+  }).then((0, _misc.hasStatus)(200)).then(res => res.json()).then(body => _types.CredentialResponse.safeParse(body));
+  if (!credentialRes.success) {
+    throw new _errors.ValidationFailed(credentialRes.error.message);
+  }
+  return credentialRes.data;
 };
 exports.obtainCredential = obtainCredential;
 //# sourceMappingURL=06-obtain-credential.js.map

package/lib/commonjs/credential/issuance/06-obtain-credential.js.map

@@ -1 +1 @@
-{"version":3,"names":["z","_interopRequireWildcard","require","_reactNativeUuid","_interopRequireDefault","_ioReactNativeJwt","_dpop","_misc","_const","obj","__esModule","default","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","createNonceProof","nonce","issuer","audience","ctx","SignJWT","setPayload","jwk","getPublicKey","setProtectedHeader","type","setAudience","setIssuer","setIssuedAt","setExpirationTime","sign","exports","CredentialEndpointResponse","object","credential","string","format","SupportedCredentialFormat","c_nonce","c_nonce_expires_in","number","isCredentialAvailable","issuerConf","credentialType","credentialFormat","openid_credential_issuer","credentials_supported","some","c","credential_definition","includes","obtainCredential","accessToken","clientId","context","credentialCryptoContext","walletProviderBaseUrl","appFetch","fetch","Error","credentialUrl","credential_endpoint","signedDPopForPid","createDPopToken","htm","htu","jti","uuid","v4","signedNonceProof","formBody","URLSearchParams","JSON","stringify","proof","jwt","proof_type","method","headers","DPoP","Authorization","body","toString","then","hasStatus","res","json","parse"],"sourceRoot":"../../../../src","sources":["credential/issuance/06-obtain-credential.ts"],"mappings":";;;;;;AAAA,IAAAA,CAAA,GAAAC,uBAAA,CAAAC,OAAA;AACA,IAAAC,gBAAA,GAAAC,sBAAA,CAAAF,OAAA;AACA,IAAAG,iBAAA,GAAAH,OAAA;AACA,IAAAI,KAAA,GAAAJ,OAAA;AAGA,IAAAK,KAAA,GAAAL,OAAA;AAGA,IAAAM,MAAA,GAAAN,OAAA;AAAoD,SAAAE,uBAAAK,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAAA,SAAAG,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAZ,wBAAAQ,GAAA,EAAAI,WAAA,SAAAA,WAAA,IAAAJ,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAQ,KAAA,GAAAL,wBAAA,CAAAC,WAAA,OAAAI,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAT,GAAA,YAAAQ,KAAA,CAAAE,GAAA,CAAAV,GAAA,SAAAW,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAhB,GAAA,QAAAgB,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAnB,GAAA,EAAAgB,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAf,GAAA,EAAAgB,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAhB,GAAA,CAAAgB,GAAA,SAAAL,MAAA,CAAAT,OAAA,GAAAF,GAAA,MAAAQ,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAArB,GAAA,EAAAW,MAAA,YAAAA,MAAA;AAEpD;AACA;AACA;AACO,MAAMW,gBAAgB,GAAG,MAAAA,CAC9BC,KAAa,EACbC,MAAc,EACdC,QAAgB,EAChBC,GAAkB,KACE;EACpB,OAAO,IAAIC,yBAAO,CAACD,GAAG,CAAC,CACpBE,UAAU,CAAC;IACVL,KAAK;IACLM,GAAG,EAAE,MAAMH,GAAG,CAACI,YAAY,CAAC;EAC9B,CAAC,CAAC,CACDC,kBAAkB,CAAC;IAClBC,IAAI,EAAE;EACR,CAAC,CAAC,CACDC,WAAW,CAACR,QAAQ,CAAC,CACrBS,SAAS,CAACV,MAAM,CAAC,CACjBW,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,IAAI,CAAC,CAAC;AACX,CAAC;AAACC,OAAA,CAAAhB,gBAAA,GAAAA,gBAAA;AAEF,MAAMiB,0BAA0B,GAAGhD,CAAC,CAACiD,MAAM,CAAC;EAC1CC,UAAU,EAAElD,CAAC,CAACmD,MAAM,CAAC,CAAC;EACtBC,MAAM,EAAEC,gCAAyB;EACjC;EACA;EACAC,OAAO,EAAEtD,CAAC,CAACmD,MAAM,CAAC,CAAC;EACnBI,kBAAkB,EAAEvD,CAAC,CAACwD,MAAM,CAAC;AAC/B,CAAC,CAAC;AAoBF;AACA;AACA,MAAMC,qBAAqB,GAAGA,CAC5BC,UAAkD,EAClDC,cAAgD,EAChDC,gBAA2C,KAE3CF,UAAU,CAACG,wBAAwB,CAACC,qBAAqB,CAACC,IAAI,CAC3DC,CAAC,IACAA,CAAC,CAACZ,MAAM,KAAKQ,gBAAgB,IAC7BI,CAAC,CAACC,qBAAqB,CAACxB,IAAI,CAACyB,QAAQ,CAACP,cAAc,CACxD,CAAC;;AAEH;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMQ,gBAAkC,GAAG,MAAAA,CAChDT,UAAU,EACVU,WAAW,EACXpC,KAAK,EACLqC,QAAQ,EACRV,cAAc,EACdC,gBAAgB,EAChBU,OAAO,KACJ;EACH,MAAM;IACJC,uBAAuB;IACvBC,qBAAqB;IACrBC,QAAQ,GAAGC;EACb,CAAC,GAAGJ,OAAO;EAEX,IAAI,CAACb,qBAAqB,CAACC,UAAU,EAAEC,cAAc,EAAEC,gBAAgB,CAAC,EAAE;IACxE,MAAM,IAAIe,KAAK,CACZ,8CAA6ChB,cAAe,eAAcC,gBAAiB,EAC9F,CAAC;EACH;EAEA,MAAMgB,aAAa,GAAGlB,UAAU,CAACG,wBAAwB,CAACgB,mBAAmB;;EAE7E;AACF;AACA;EACE,MAAMC,gBAAgB,GAAG,MAAM,IAAAC,qBAAe,EAC5C;IACEC,GAAG,EAAE,MAAM;IACXC,GAAG,EAAEL,aAAa;IAClBM,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE;EACpB,CAAC,EACDb,uBACF,CAAC;;EAED;AACF;AACA;EACE,MAAMc,gBAAgB,GAAG,MAAMtD,gBAAgB,CAC7CC,KAAK,EACLqC,QAAQ,EACRG,qBAAqB,EACrBD,uBACF,CAAC;;EAED;EACA,MAAMe,QAAQ,GAAG,IAAIC,eAAe,CAAC;IACnCtB,qBAAqB,EAAEuB,IAAI,CAACC,SAAS,CAAC;MACpChD,IAAI,EAAE,CAACkB,cAAc;IACvB,CAAC,CAAC;IACFP,MAAM,EAAEQ,gBAAgB;IACxB8B,KAAK,EAAEF,IAAI,CAACC,SAAS,CAAC;MACpBE,GAAG,EAAEN,gBAAgB;MACrBO,UAAU,EAAE;IACd,CAAC;EACH,CAAC,CAAC;EAEF,MAAM;IAAE1C,UAAU;IAAEE,MAAM;IAAEE;EAAQ,CAAC,GAAG,MAAMmB,QAAQ,CAACG,aAAa,EAAE;IACpEiB,MAAM,EAAE,MAAM;IACdC,OAAO,EAAE;MACP,cAAc,EAAE,mCAAmC;MACnDC,IAAI,EAAEjB,gBAAgB;MACtBkB,aAAa,EAAE5B;IACjB,CAAC;IACD6B,IAAI,EAAEX,QAAQ,CAACY,QAAQ,CAAC;EAC1B,CAAC,CAAC,CACCC,IAAI,CAAC,IAAAC,eAAS,EAAC,GAAG,CAAC,CAAC,CACpBD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBH,IAAI,CAACnD,0BAA0B,CAACuD,KAAK,CAAC;EAEzC,OAAO;IAAErD,UAAU;IAAEE,MAAM;IAAEpB,KAAK,EAAEsB;EAAQ,CAAC;AAC/C,CAAC;AAACP,OAAA,CAAAoB,gBAAA,GAAAA,gBAAA"}
+{"version":3,"names":["_ioReactNativeJwt","require","_misc","_errors","_types","createNonceProof","nonce","issuer","audience","ctx","jwk","getPublicKey","SignJWT","setPayload","setProtectedHeader","typ","setAudience","setIssuer","setIssuedAt","setExpirationTime","sign","exports","obtainCredential","issuerConf","accessToken","clientId","credentialDefinition","tokenRequestSignedDPop","context","credentialCryptoContext","appFetch","fetch","credentialUrl","openid_credential_issuer","credential_endpoint","signedNonceProof","c_nonce","constainsCredentialDefinition","authorization_details","some","c","credential_configuration_id","format","type","ValidationFailed","credentialRequestFormBody","credential_definition","proof","jwt","proof_type","credentialRes","method","headers","DPoP","Authorization","token_type","access_token","body","JSON","stringify","then","hasStatus","res","json","CredentialResponse","safeParse","success","error","message","data"],"sourceRoot":"../../../../src","sources":["credential/issuance/06-obtain-credential.ts"],"mappings":";;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AAGA,IAAAC,KAAA,GAAAD,OAAA;AAEA,IAAAE,OAAA,GAAAF,OAAA;AACA,IAAAG,MAAA,GAAAH,OAAA;AAcO,MAAMI,gBAAgB,GAAG,MAAAA,CAC9BC,KAAa,EACbC,MAAc,EACdC,QAAgB,EAChBC,GAAkB,KACE;EACpB,MAAMC,GAAG,GAAG,MAAMD,GAAG,CAACE,YAAY,CAAC,CAAC;EACpC,OAAO,IAAIC,yBAAO,CAACH,GAAG,CAAC,CACpBI,UAAU,CAAC;IACVP;EACF,CAAC,CAAC,CACDQ,kBAAkB,CAAC;IAClBC,GAAG,EAAE,sBAAsB;IAC3BL;EACF,CAAC,CAAC,CACDM,WAAW,CAACR,QAAQ,CAAC,CACrBS,SAAS,CAACV,MAAM,CAAC,CACjBW,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,MAAM,CAAC,CACzBC,IAAI,CAAC,CAAC;AACX,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAdAC,OAAA,CAAAhB,gBAAA,GAAAA,gBAAA;AAeO,MAAMiB,gBAAkC,GAAG,MAAAA,CAChDC,UAAU,EACVC,WAAW,EACXC,QAAQ,EACRC,oBAAoB,EACpBC,sBAAsB,EACtBC,OAAO,KACJ;EACH,MAAM;IAAEC,uBAAuB;IAAEC,QAAQ,GAAGC;EAAM,CAAC,GAAGH,OAAO;EAE7D,MAAMI,aAAa,GAAGT,UAAU,CAACU,wBAAwB,CAACC,mBAAmB;;EAE7E;AACF;AACA;AACA;AACA;EACE,MAAMC,gBAAgB,GAAG,MAAM9B,gBAAgB,CAC7CmB,WAAW,CAACY,OAAO,EACnBX,QAAQ,EACRO,aAAa,EACbH,uBACF,CAAC;;EAED;EACA,MAAMQ,6BAA6B,GAAGb,WAAW,CAACc,qBAAqB,CAACC,IAAI,CACzEC,CAAC,IACAA,CAAC,CAACC,2BAA2B,KAC3Bf,oBAAoB,CAACe,2BAA2B,IAClDD,CAAC,CAACE,MAAM,KAAKhB,oBAAoB,CAACgB,MAAM,IACxCF,CAAC,CAACG,IAAI,KAAKjB,oBAAoB,CAACiB,IACpC,CAAC;EAED,IAAI,CAACN,6BAA6B,EAAE;IAClC,MAAM,IAAIO,wBAAgB,CACxB,qEACF,CAAC;EACH;;EAEA;EACA,MAAMC,yBAAyB,GAAG;IAChCC,qBAAqB,EAAE;MACrBH,IAAI,EAAE,CAACjB,oBAAoB,CAACe,2BAA2B;IACzD,CAAC;IACDC,MAAM,EAAEhB,oBAAoB,CAACgB,MAAM;IACnCK,KAAK,EAAE;MACLC,GAAG,EAAEb,gBAAgB;MACrBc,UAAU,EAAE;IACd;EACF,CAAC;EAED,MAAMC,aAAa,GAAG,MAAMpB,QAAQ,CAACE,aAAa,EAAE;IAClDmB,MAAM,EAAE,MAAM;IACdC,OAAO,EAAE;MACP,cAAc,EAAE,kBAAkB;MAClCC,IAAI,EAAE1B,sBAAsB;MAC5B2B,aAAa,EAAG,GAAE9B,WAAW,CAAC+B,UAAW,IAAG/B,WAAW,CAACgC,YAAa;IACvE,CAAC;IACDC,IAAI,EAAEC,IAAI,CAACC,SAAS,CAACd,yBAAyB;EAChD,CAAC,CAAC,CACCe,IAAI,CAAC,IAAAC,eAAS,EAAC,GAAG,CAAC,CAAC,CACpBD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBH,IAAI,CAAEH,IAAI,IAAKO,yBAAkB,CAACC,SAAS,CAACR,IAAI,CAAC,CAAC;EAErD,IAAI,CAACP,aAAa,CAACgB,OAAO,EAAE;IAC1B,MAAM,IAAItB,wBAAgB,CAACM,aAAa,CAACiB,KAAK,CAACC,OAAO,CAAC;EACzD;EAEA,OAAOlB,aAAa,CAACmB,IAAI;AAC3B,CAAC;AAAChD,OAAA,CAAAC,gBAAA,GAAAA,gBAAA"}

package/lib/commonjs/credential/issuance/07-verify-and-parse-credential.js

@@ -11,33 +11,26 @@ var _sdJwt = require("../../sd-jwt");
 
 // handy alias
 
-const parseCredentialSdJwt = function (credentials_supported, _ref) {
-  var _credentials_supporte;
+const parseCredentialSdJwt = (credentials_supported, _ref) => {
   let {
     sdJwt,
     disclosures
   } = _ref;
-  let ignoreMissingAttributes = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : false;
-  // find the definition that matches the received credential's type
-  // warning: if more then a defintion is found, the first is retrieved
-  const credentialSubject = (_credentials_supporte = credentials_supported.find(c => c.format === "vc+sd-jwt" && c.credential_definition.type.includes(sdJwt.payload.type))) === null || _credentials_supporte === void 0 ? void 0 : _credentials_supporte.credential_definition.credentialSubject;
-
-  // the received credential matches no supported credential, throw an exception
+  const credentialSubject = credentials_supported[sdJwt.payload.vct];
   if (!credentialSubject) {
-    const expected = credentials_supported.flatMap(_ => _.credential_definition.type).join(", ");
-    throw new _errors.IoWalletError(`Received credential is of an unknwown type. Expected one of [${expected}], received '${sdJwt.payload.type}', `);
+    throw new _errors.IoWalletError("Credential type not supported by the issuer");
+  }
+  if (credentialSubject.format !== sdJwt.header.typ) {
+    throw new _errors.IoWalletError(`Received credential is of an unknwown type. Expected one of [${credentialSubject.format}], received '${sdJwt.header.typ}', `);
   }
 
   // transfrom a record { key: value } in an iterable of pairs [key, value]
-  const attrDefinitions = Object.entries(credentialSubject);
+  const attrDefinitions = Object.entries(credentialSubject.claims);
 
-  // every mandatory attribute must be present in the credential's disclosures
   // the key of the attribute defintion must match the disclosure's name
   const attrsNotInDisclosures = attrDefinitions.filter(_ref2 => {
-    let [attrKey, {
-      mandatory
-    }] = _ref2;
-    return mandatory && !disclosures.some(_ref3 => {
+    let [attrKey] = _ref2;
+    return !disclosures.some(_ref3 => {
       let [, name] = _ref3;
       return name === attrKey;
     });
@@ -45,12 +38,7 @@ const parseCredentialSdJwt = function (credentials_supported, _ref) {
   if (attrsNotInDisclosures.length > 0) {
     const missing = attrsNotInDisclosures.map(_ => _[0 /* key */]).join(", ");
     const received = disclosures.map(_ => _[1 /* name */]).join(", ");
-    // the rationale of this condition is that we may want to be permissive
-    // on incomplete credentials in the test phase of the project.
-    // we might want to be strict once in production, hence remove this condition
-    if (!ignoreMissingAttributes) {
-      throw new _errors.IoWalletError(`Some attributes are missing in the credential. Missing: [${missing}], received: [${received}]`);
-    }
+    throw new _errors.IoWalletError(`Some attributes are missing in the credential. Missing: [${missing}], received: [${received}]`);
   }
 
   // attributes that are defined in the issuer configuration
@@ -93,7 +81,6 @@ const parseCredentialSdJwt = function (credentials_supported, _ref) {
     let [, key, value] = _ref7;
     return [key, {
       value,
-      mandatory: false,
       name: key
     }];
   }));
@@ -135,41 +122,31 @@ async function verifyCredentialSdJwt(rawCredential, issuerKeys, holderBindingCon
 
 const verifyAndParseCredentialSdJwt = async (issuerConf, credential, _, _ref8) => {
   let {
-    credentialCryptoContext,
-    ignoreMissingAttributes
+    credentialCryptoContext
   } = _ref8;
   const decoded = await verifyCredentialSdJwt(credential, issuerConf.openid_credential_issuer.jwks.keys, credentialCryptoContext);
-  const parsedCredential = parseCredentialSdJwt(issuerConf.openid_credential_issuer.credentials_supported, decoded, ignoreMissingAttributes);
+  const parsedCredential = parseCredentialSdJwt(issuerConf.openid_credential_issuer.credential_configurations_supported, decoded);
   return {
     parsedCredential
   };
 };
-const verifyAndParseCredentialMdoc = async (_issuerConf, _credential, _, _ctx) => {
-  // TODO: [SIW-686] decode MDOC credentials
-  throw new Error("verifyAndParseCredentialMdoc not implemented yet");
-};
 
 /**
- * Verify and parse an encoded credential
- *
- * @param issuerConf The Issuer configuration
- * @param credential The encoded credential
- * @param format The format of the credentual
- * @param context.credentialCryptoContext The context to access the key the Credential will be bound to
- * @param context.ignoreMissingAttributes (optional) Whether to fail if a defined attribute is note present in the credentual. Default: false
+ * Verify and parse an encoded credential.
+ * @param issuerConf The Issuer configuration returned by {@link evaluateIssuerTrust}
+ * @param credential The encoded credential returned by {@link obtainCredential}
+ * @param format The format of the credentual returned by {@link obtainCredential}
+ * @param context.credentialCryptoContext The crypto context used to obtain the credential in {@link obtainCredential}
  * @returns A parsed credential with attributes in plain value
- * @throws If the credential signature is not verified with the Issuer key set
- * @throws If the credential is not bound to the provided user key
- * @throws If the credential data fail to parse
+ * @throws {IoWalletError} If the credential signature is not verified with the Issuer key set
+ * @throws {IoWalletError} If the credential is not bound to the provided user key
+ * @throws {IoWalletError} If the credential data fail to parse
  */
 const verifyAndParseCredential = async (issuerConf, credential, format, context) => {
   if (format === "vc+sd-jwt") {
     return verifyAndParseCredentialSdJwt(issuerConf, credential, format, context);
-  } else if (format === "vc+mdoc-cbor") {
-    return verifyAndParseCredentialMdoc(issuerConf, credential, format, context);
   }
-  const _ = format;
-  throw new _errors.IoWalletError(`Unsupported credential format: ${_}`);
+  throw new _errors.IoWalletError(`Unsupported credential format: ${format}`);
 };
 exports.verifyAndParseCredential = verifyAndParseCredential;
 //# sourceMappingURL=07-verify-and-parse-credential.js.map

package/lib/commonjs/credential/issuance/07-verify-and-parse-credential.js.map

@@ -1 +1 @@
-{"version":3,"names":["_errors","require","_types","_sdJwt","parseCredentialSdJwt","credentials_supported","_ref","_credentials_supporte","sdJwt","disclosures","ignoreMissingAttributes","arguments","length","undefined","credentialSubject","find","c","format","credential_definition","type","includes","payload","expected","flatMap","_","join","IoWalletError","attrDefinitions","Object","entries","attrsNotInDisclosures","filter","_ref2","attrKey","mandatory","some","_ref3","name","missing","map","received","definedValues","fromEntries","_ref4","_disclosures$find","definition","value","_ref5","display","reduce","names","_ref6","locale","undefinedValues","keys","_ref7","key","verifyCredentialSdJwt","rawCredential","issuerKeys","holderBindingContext","decodedCredential","holderBindingKey","Promise","all","verifySdJwt","SdJwt4VC","getPublicKey","cnf","jwk","kid","verifyAndParseCredentialSdJwt","issuerConf","credential","_ref8","credentialCryptoContext","decoded","openid_credential_issuer","jwks","parsedCredential","verifyAndParseCredentialMdoc","_issuerConf","_credential","_ctx","Error","verifyAndParseCredential","context","exports"],"sourceRoot":"../../../../src","sources":["credential/issuance/07-verify-and-parse-credential.ts"],"mappings":";;;;;;AAGA,IAAAA,OAAA,GAAAC,OAAA;AACA,IAAAC,MAAA,GAAAD,OAAA;AACA,IAAAE,MAAA,GAAAF,OAAA;AAcA;;AAmBA;;AAKA,MAAMG,oBAAoB,GAAG,SAAAA,CAE3BC,qBAAkH,EAAAC,IAAA,EAG7F;EAAA,IAAAC,qBAAA;EAAA,IAFrB;IAAEC,KAAK;IAAEC;EAAoC,CAAC,GAAAH,IAAA;EAAA,IAC9CI,uBAAgC,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,KAAK;EAExC;EACA;EACA,MAAMG,iBAAiB,IAAAP,qBAAA,GAAGF,qBAAqB,CAACU,IAAI,CACjDC,CAAC,IACAA,CAAC,CAACC,MAAM,KAAK,WAAW,IACxBD,CAAC,CAACE,qBAAqB,CAACC,IAAI,CAACC,QAAQ,CAACZ,KAAK,CAACa,OAAO,CAACF,IAAI,CAC5D,CAAC,cAAAZ,qBAAA,uBAJyBA,qBAAA,CAIvBW,qBAAqB,CAACJ,iBAAiB;;EAE1C;EACA,IAAI,CAACA,iBAAiB,EAAE;IACtB,MAAMQ,QAAQ,GAAGjB,qBAAqB,CACnCkB,OAAO,CAAEC,CAAC,IAAKA,CAAC,CAACN,qBAAqB,CAACC,IAAI,CAAC,CAC5CM,IAAI,CAAC,IAAI,CAAC;IACb,MAAM,IAAIC,qBAAa,CACpB,gEAA+DJ,QAAS,gBAAed,KAAK,CAACa,OAAO,CAACF,IAAK,KAC7G,CAAC;EACH;;EAEA;EACA,MAAMQ,eAAe,GAAGC,MAAM,CAACC,OAAO,CAACf,iBAAiB,CAAC;;EAEzD;EACA;EACA,MAAMgB,qBAAqB,GAAGH,eAAe,CAACI,MAAM,CAClDC,KAAA;IAAA,IAAC,CAACC,OAAO,EAAE;MAAEC;IAAU,CAAC,CAAC,GAAAF,KAAA;IAAA,OACvBE,SAAS,IAAI,CAACzB,WAAW,CAAC0B,IAAI,CAACC,KAAA;MAAA,IAAC,GAAGC,IAAI,CAAC,GAAAD,KAAA;MAAA,OAAKC,IAAI,KAAKJ,OAAO;IAAA,EAAC;EAAA,CAClE,CAAC;EACD,IAAIH,qBAAqB,CAAClB,MAAM,GAAG,CAAC,EAAE;IACpC,MAAM0B,OAAO,GAAGR,qBAAqB,CAACS,GAAG,CAAEf,CAAC,IAAKA,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAACC,IAAI,CAAC,IAAI,CAAC;IAC3E,MAAMe,QAAQ,GAAG/B,WAAW,CAAC8B,GAAG,CAAEf,CAAC,IAAKA,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAACC,IAAI,CAAC,IAAI,CAAC;IACnE;IACA;IACA;IACA,IAAI,CAACf,uBAAuB,EAAE;MAC5B,MAAM,IAAIgB,qBAAa,CACpB,4DAA2DY,OAAQ,iBAAgBE,QAAS,GAC/F,CAAC;IACH;EACF;;EAEA;EACA;EACA,MAAMC,aAAa,GAAGb,MAAM,CAACc,WAAW,CACtCf;EACE;EAAA,CACCY,GAAG,CACFI,KAAA;IAAA,IAAAC,iBAAA;IAAA,IAAC,CAACX,OAAO,EAAEY,UAAU,CAAC,GAAAF,KAAA;IAAA,OACpB,CACEV,OAAO,EACP;MACE,GAAGY,UAAU;MACbC,KAAK,GAAAF,iBAAA,GAAEnC,WAAW,CAACM,IAAI,CACpBS,CAAC,IAAKA,CAAC,CAAC,CAAC,CAAC,WAAW,KAAKS,OAC7B,CAAC,cAAAW,iBAAA,uBAFMA,iBAAA,CAEH,CAAC,CAAC;IACR,CAAC,CACF;EAAA,CACL;EACA;EACA;EAAA,CACCL,GAAG,CACFQ,KAAA;IAAA,IAAC,CAACd,OAAO,EAAE;MAAEe,OAAO;MAAE,GAAGH;IAAW,CAAC,CAAC,GAAAE,KAAA;IAAA,OACpC,CACEd,OAAO,EACP;MACE,GAAGY,UAAU;MACbR,IAAI,EAAEW,OAAO,CAACC,MAAM,CAClB,CAACC,KAAK,EAAAC,KAAA;QAAA,IAAE;UAAEC,MAAM;UAAEf;QAAK,CAAC,GAAAc,KAAA;QAAA,OAAM;UAAE,GAAGD,KAAK;UAAE,CAACE,MAAM,GAAGf;QAAK,CAAC;MAAA,CAAC,EAC3D,CAAC,CACH;IACF,CAAC,CACF;EAAA,CACL,CACJ,CAAC;;EAED;EACA;EACA,MAAMgB,eAAe,GAAGzB,MAAM,CAACc,WAAW,CACxCjC,WAAW,CACRsB,MAAM,CAAEP,CAAC,IAAK,CAACI,MAAM,CAAC0B,IAAI,CAACb,aAAa,CAAC,CAACrB,QAAQ,CAACI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CACzDe,GAAG,CAACgB,KAAA;IAAA,IAAC,GAAGC,GAAG,EAAEV,KAAK,CAAC,GAAAS,KAAA;IAAA,OAAK,CAACC,GAAG,EAAE;MAAEV,KAAK;MAAEZ,SAAS,EAAE,KAAK;MAAEG,IAAI,EAAEmB;IAAI,CAAC,CAAC;EAAA,EAC1E,CAAC;EAED,OAAO;IACL,GAAGf,aAAa;IAChB,GAAGY;EACL,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,eAAeI,qBAAqBA,CAClCC,aAAqB,EACrBC,UAAiB,EACjBC,oBAAmC,EACF;EACjC,MAAM,CAACC,iBAAiB,EAAEC,gBAAgB,CAAC;EACzC;EACA,MAAMC,OAAO,CAACC,GAAG,CAAC,CAChB,IAAAC,aAAW,EAACP,aAAa,EAAEC,UAAU,EAAEO,eAAQ,CAAC,EAChDN,oBAAoB,CAACO,YAAY,CAAC,CAAC,CACpC,CAAC;EAEJ,MAAM;IAAEC;EAAI,CAAC,GAAGP,iBAAiB,CAACrD,KAAK,CAACa,OAAO;EAE/C,IAAI,CAAC+C,GAAG,CAACC,GAAG,CAACC,GAAG,IAAIF,GAAG,CAACC,GAAG,CAACC,GAAG,KAAKR,gBAAgB,CAACQ,GAAG,EAAE;IACxD,MAAM,IAAI5C,qBAAa,CACpB,kDAAiDoC,gBAAgB,CAACQ,GAAI,UAAST,iBAAiB,CAACrD,KAAK,CAACa,OAAO,CAAC+C,GAAG,CAACC,GAAG,CAACC,GAAI,EAC9H,CAAC;EACH;EAEA,OAAOT,iBAAiB;AAC1B;;AAEA;;AAQA,MAAMU,6BAAsD,GAAG,MAAAA,CAC7DC,UAAU,EACVC,UAAU,EACVjD,CAAC,EAAAkD,KAAA,KAEE;EAAA,IADH;IAAEC,uBAAuB;IAAEjE;EAAwB,CAAC,GAAAgE,KAAA;EAEpD,MAAME,OAAO,GAAG,MAAMnB,qBAAqB,CACzCgB,UAAU,EACVD,UAAU,CAACK,wBAAwB,CAACC,IAAI,CAACxB,IAAI,EAC7CqB,uBACF,CAAC;EAED,MAAMI,gBAAgB,GAAG3E,oBAAoB,CAC3CoE,UAAU,CAACK,wBAAwB,CAACxE,qBAAqB,EACzDuE,OAAO,EACPlE,uBACF,CAAC;EAED,OAAO;IAAEqE;EAAiB,CAAC;AAC7B,CAAC;AAED,MAAMC,4BAAwD,GAAG,MAAAA,CAC/DC,WAAW,EACXC,WAAW,EACX1D,CAAC,EACD2D,IAAI,KACD;EACH;EACA,MAAM,IAAIC,KAAK,CAAC,kDAAkD,CAAC;AACrE,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMC,wBAAkD,GAAG,MAAAA,CAChEb,UAAU,EACVC,UAAU,EACVxD,MAAM,EACNqE,OAAO,KACJ;EACH,IAAIrE,MAAM,KAAK,WAAW,EAAE;IAC1B,OAAOsD,6BAA6B,CAClCC,UAAU,EACVC,UAAU,EACVxD,MAAM,EACNqE,OACF,CAAC;EACH,CAAC,MAAM,IAAIrE,MAAM,KAAK,cAAc,EAAE;IACpC,OAAO+D,4BAA4B,CACjCR,UAAU,EACVC,UAAU,EACVxD,MAAM,EACNqE,OACF,CAAC;EACH;EAEA,MAAM9D,CAAQ,GAAGP,MAAM;EACvB,MAAM,IAAIS,qBAAa,CAAE,kCAAiCF,CAAE,EAAC,CAAC;AAChE,CAAC;AAAC+D,OAAA,CAAAF,wBAAA,GAAAA,wBAAA"}
+{"version":3,"names":["_errors","require","_types","_sdJwt","parseCredentialSdJwt","credentials_supported","_ref","sdJwt","disclosures","credentialSubject","payload","vct","IoWalletError","format","header","typ","attrDefinitions","Object","entries","claims","attrsNotInDisclosures","filter","_ref2","attrKey","some","_ref3","name","length","missing","map","_","join","received","definedValues","fromEntries","_ref4","_disclosures$find","definition","value","find","_ref5","display","reduce","names","_ref6","locale","undefinedValues","keys","includes","_ref7","key","verifyCredentialSdJwt","rawCredential","issuerKeys","holderBindingContext","decodedCredential","holderBindingKey","Promise","all","verifySdJwt","SdJwt4VC","getPublicKey","cnf","jwk","kid","verifyAndParseCredentialSdJwt","issuerConf","credential","_ref8","credentialCryptoContext","decoded","openid_credential_issuer","jwks","parsedCredential","credential_configurations_supported","verifyAndParseCredential","context","exports"],"sourceRoot":"../../../../src","sources":["credential/issuance/07-verify-and-parse-credential.ts"],"mappings":";;;;;;AAEA,IAAAA,OAAA,GAAAC,OAAA;AACA,IAAAC,MAAA,GAAAD,OAAA;AACA,IAAAE,MAAA,GAAAF,OAAA;AAcA;;AAkBA;;AAKA,MAAMG,oBAAoB,GAAGA,CAE3BC,qBAAgI,EAAAC,IAAA,KAE3G;EAAA,IADrB;IAAEC,KAAK;IAAEC;EAAoC,CAAC,GAAAF,IAAA;EAE9C,MAAMG,iBAAiB,GAAGJ,qBAAqB,CAACE,KAAK,CAACG,OAAO,CAACC,GAAG,CAAC;EAElE,IAAI,CAACF,iBAAiB,EAAE;IACtB,MAAM,IAAIG,qBAAa,CAAC,6CAA6C,CAAC;EACxE;EAEA,IAAIH,iBAAiB,CAACI,MAAM,KAAKN,KAAK,CAACO,MAAM,CAACC,GAAG,EAAE;IACjD,MAAM,IAAIH,qBAAa,CACpB,gEAA+DH,iBAAiB,CAACI,MAAO,gBAAeN,KAAK,CAACO,MAAM,CAACC,GAAI,KAC3H,CAAC;EACH;;EAEA;EACA,MAAMC,eAAe,GAAGC,MAAM,CAACC,OAAO,CAACT,iBAAiB,CAACU,MAAM,CAAC;;EAEhE;EACA,MAAMC,qBAAqB,GAAGJ,eAAe,CAACK,MAAM,CAClDC,KAAA;IAAA,IAAC,CAACC,OAAO,CAAC,GAAAD,KAAA;IAAA,OAAK,CAACd,WAAW,CAACgB,IAAI,CAACC,KAAA;MAAA,IAAC,GAAGC,IAAI,CAAC,GAAAD,KAAA;MAAA,OAAKC,IAAI,KAAKH,OAAO;IAAA,EAAC;EAAA,CAClE,CAAC;EACD,IAAIH,qBAAqB,CAACO,MAAM,GAAG,CAAC,EAAE;IACpC,MAAMC,OAAO,GAAGR,qBAAqB,CAACS,GAAG,CAAEC,CAAC,IAAKA,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAACC,IAAI,CAAC,IAAI,CAAC;IAC3E,MAAMC,QAAQ,GAAGxB,WAAW,CAACqB,GAAG,CAAEC,CAAC,IAAKA,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAACC,IAAI,CAAC,IAAI,CAAC;IACnE,MAAM,IAAInB,qBAAa,CACpB,4DAA2DgB,OAAQ,iBAAgBI,QAAS,GAC/F,CAAC;EACH;;EAEA;EACA;EACA,MAAMC,aAAa,GAAGhB,MAAM,CAACiB,WAAW,CACtClB;EACE;EAAA,CACCa,GAAG,CACFM,KAAA;IAAA,IAAAC,iBAAA;IAAA,IAAC,CAACb,OAAO,EAAEc,UAAU,CAAC,GAAAF,KAAA;IAAA,OACpB,CACEZ,OAAO,EACP;MACE,GAAGc,UAAU;MACbC,KAAK,GAAAF,iBAAA,GAAE5B,WAAW,CAAC+B,IAAI,CACpBT,CAAC,IAAKA,CAAC,CAAC,CAAC,CAAC,WAAW,KAAKP,OAC7B,CAAC,cAAAa,iBAAA,uBAFMA,iBAAA,CAEH,CAAC,CAAC;IACR,CAAC,CACF;EAAA,CACL;EACA;EACA;EAAA,CACCP,GAAG,CACFW,KAAA;IAAA,IAAC,CAACjB,OAAO,EAAE;MAAEkB,OAAO;MAAE,GAAGJ;IAAW,CAAC,CAAC,GAAAG,KAAA;IAAA,OACpC,CACEjB,OAAO,EACP;MACE,GAAGc,UAAU;MACbX,IAAI,EAAEe,OAAO,CAACC,MAAM,CAClB,CAACC,KAAK,EAAAC,KAAA;QAAA,IAAE;UAAEC,MAAM;UAAEnB;QAAK,CAAC,GAAAkB,KAAA;QAAA,OAAM;UAAE,GAAGD,KAAK;UAAE,CAACE,MAAM,GAAGnB;QAAK,CAAC;MAAA,CAAC,EAC3D,CAAC,CACH;IACF,CAAC,CACF;EAAA,CACL,CACJ,CAAC;;EAED;EACA;EACA,MAAMoB,eAAe,GAAG7B,MAAM,CAACiB,WAAW,CACxC1B,WAAW,CACRa,MAAM,CAAES,CAAC,IAAK,CAACb,MAAM,CAAC8B,IAAI,CAACd,aAAa,CAAC,CAACe,QAAQ,CAAClB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CACzDD,GAAG,CAACoB,KAAA;IAAA,IAAC,GAAGC,GAAG,EAAEZ,KAAK,CAAC,GAAAW,KAAA;IAAA,OAAK,CAACC,GAAG,EAAE;MAAEZ,KAAK;MAAEZ,IAAI,EAAEwB;IAAI,CAAC,CAAC;EAAA,EACxD,CAAC;EAED,OAAO;IACL,GAAGjB,aAAa;IAChB,GAAGa;EACL,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,eAAeK,qBAAqBA,CAClCC,aAAqB,EACrBC,UAAiB,EACjBC,oBAAmC,EACF;EACjC,MAAM,CAACC,iBAAiB,EAAEC,gBAAgB,CAAC;EACzC;EACA,MAAMC,OAAO,CAACC,GAAG,CAAC,CAChB,IAAAC,aAAW,EAACP,aAAa,EAAEC,UAAU,EAAEO,eAAQ,CAAC,EAChDN,oBAAoB,CAACO,YAAY,CAAC,CAAC,CACpC,CAAC;EAEJ,MAAM;IAAEC;EAAI,CAAC,GAAGP,iBAAiB,CAAChD,KAAK,CAACG,OAAO;EAE/C,IAAI,CAACoD,GAAG,CAACC,GAAG,CAACC,GAAG,IAAIF,GAAG,CAACC,GAAG,CAACC,GAAG,KAAKR,gBAAgB,CAACQ,GAAG,EAAE;IACxD,MAAM,IAAIpD,qBAAa,CACpB,kDAAiD4C,gBAAgB,CAACQ,GAAI,UAAST,iBAAiB,CAAChD,KAAK,CAACG,OAAO,CAACoD,GAAG,CAACC,GAAG,CAACC,GAAI,EAC9H,CAAC;EACH;EAEA,OAAOT,iBAAiB;AAC1B;;AAEA;;AAQA,MAAMU,6BAAsD,GAAG,MAAAA,CAC7DC,UAAU,EACVC,UAAU,EACVrC,CAAC,EAAAsC,KAAA,KAEE;EAAA,IADH;IAAEC;EAAwB,CAAC,GAAAD,KAAA;EAE3B,MAAME,OAAO,GAAG,MAAMnB,qBAAqB,CACzCgB,UAAU,EACVD,UAAU,CAACK,wBAAwB,CAACC,IAAI,CAACzB,IAAI,EAC7CsB,uBACF,CAAC;EAED,MAAMI,gBAAgB,GAAGrE,oBAAoB,CAC3C8D,UAAU,CAACK,wBAAwB,CAACG,mCAAmC,EACvEJ,OACF,CAAC;EAED,OAAO;IAAEG;EAAiB,CAAC;AAC7B,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAME,wBAAkD,GAAG,MAAAA,CAChET,UAAU,EACVC,UAAU,EACVtD,MAAM,EACN+D,OAAO,KACJ;EACH,IAAI/D,MAAM,KAAK,WAAW,EAAE;IAC1B,OAAOoD,6BAA6B,CAClCC,UAAU,EACVC,UAAU,EACVtD,MAAM,EACN+D,OACF,CAAC;EACH;EAEA,MAAM,IAAIhE,qBAAa,CAAE,kCAAiCC,MAAO,EAAC,CAAC;AACrE,CAAC;AAACgE,OAAA,CAAAF,wBAAA,GAAAA,wBAAA"}

package/lib/commonjs/credential/issuance/index.js

@@ -9,6 +9,12 @@ Object.defineProperty(exports, "authorizeAccess", {
     return _authorizeAccess.authorizeAccess;
   }
 });
+Object.defineProperty(exports, "completeUserAuthorizationWithQueryMode", {
+  enumerable: true,
+  get: function () {
+    return _completeUserAuthorization.completeUserAuthorizationWithQueryMode;
+  }
+});
 Object.defineProperty(exports, "evaluateIssuerTrust", {
   enumerable: true,
   get: function () {
@@ -35,6 +41,7 @@ Object.defineProperty(exports, "verifyAndParseCredential", {
 });
 var _evaluateIssuerTrust = require("./02-evaluate-issuer-trust");
 var _startUserAuthorization = require("./03-start-user-authorization");
+var _completeUserAuthorization = require("./04-complete-user-authorization");
 var _authorizeAccess = require("./05-authorize-access");
 var _obtainCredential = require("./06-obtain-credential");
 var _verifyAndParseCredential = require("./07-verify-and-parse-credential");

package/lib/commonjs/credential/issuance/index.js.map

@@ -1 +1 @@
-{"version":3,"names":["_evaluateIssuerTrust","require","_startUserAuthorization","_authorizeAccess","_obtainCredential","_verifyAndParseCredential"],"sourceRoot":"../../../../src","sources":["credential/issuance/index.ts"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AACA,IAAAA,oBAAA,GAAAC,OAAA;AAIA,IAAAC,uBAAA,GAAAD,OAAA;AAKA,IAAAE,gBAAA,GAAAF,OAAA;AACA,IAAAG,iBAAA,GAAAH,OAAA;AAIA,IAAAI,yBAAA,GAAAJ,OAAA"}
+{"version":3,"names":["_evaluateIssuerTrust","require","_startUserAuthorization","_completeUserAuthorization","_authorizeAccess","_obtainCredential","_verifyAndParseCredential"],"sourceRoot":"../../../../src","sources":["credential/issuance/index.ts"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AACA,IAAAA,oBAAA,GAAAC,OAAA;AAIA,IAAAC,uBAAA,GAAAD,OAAA;AAIA,IAAAE,0BAAA,GAAAF,OAAA;AAIA,IAAAG,gBAAA,GAAAH,OAAA;AACA,IAAAI,iBAAA,GAAAJ,OAAA;AAIA,IAAAK,yBAAA,GAAAL,OAAA"}

package/lib/commonjs/credential/issuance/types.js

@@ -0,0 +1,28 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.TokenResponse = exports.CredentialResponse = void 0;
+var _par = require("../../utils/par");
+var z = _interopRequireWildcard(require("zod"));
+var _const = require("./const");
+function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
+function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
+const TokenResponse = z.object({
+  access_token: z.string(),
+  authorization_details: z.array(_par.AuthorizationDetail),
+  c_nonce: z.string(),
+  c_nonce_expires_in: z.number(),
+  expires_in: z.number(),
+  token_type: z.string()
+});
+exports.TokenResponse = TokenResponse;
+const CredentialResponse = z.object({
+  c_nonce: z.string(),
+  c_nonce_expires_in: z.number(),
+  credential: z.string(),
+  format: _const.SupportedCredentialFormat
+});
+exports.CredentialResponse = CredentialResponse;
+//# sourceMappingURL=types.js.map

package/lib/commonjs/credential/issuance/types.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["_par","require","z","_interopRequireWildcard","_const","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","TokenResponse","object","access_token","string","authorization_details","array","AuthorizationDetail","c_nonce","c_nonce_expires_in","number","expires_in","token_type","exports","CredentialResponse","credential","format","SupportedCredentialFormat"],"sourceRoot":"../../../../src","sources":["credential/issuance/types.ts"],"mappings":";;;;;;AAAA,IAAAA,IAAA,GAAAC,OAAA;AACA,IAAAC,CAAA,GAAAC,uBAAA,CAAAF,OAAA;AACA,IAAAG,MAAA,GAAAH,OAAA;AAAoD,SAAAI,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAH,wBAAAO,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAI7C,MAAMW,aAAa,GAAGzB,CAAC,CAAC0B,MAAM,CAAC;EACpCC,YAAY,EAAE3B,CAAC,CAAC4B,MAAM,CAAC,CAAC;EACxBC,qBAAqB,EAAE7B,CAAC,CAAC8B,KAAK,CAACC,wBAAmB,CAAC;EACnDC,OAAO,EAAEhC,CAAC,CAAC4B,MAAM,CAAC,CAAC;EACnBK,kBAAkB,EAAEjC,CAAC,CAACkC,MAAM,CAAC,CAAC;EAC9BC,UAAU,EAAEnC,CAAC,CAACkC,MAAM,CAAC,CAAC;EACtBE,UAAU,EAAEpC,CAAC,CAAC4B,MAAM,CAAC;AACvB,CAAC,CAAC;AAACS,OAAA,CAAAZ,aAAA,GAAAA,aAAA;AAII,MAAMa,kBAAkB,GAAGtC,CAAC,CAAC0B,MAAM,CAAC;EACzCM,OAAO,EAAEhC,CAAC,CAAC4B,MAAM,CAAC,CAAC;EACnBK,kBAAkB,EAAEjC,CAAC,CAACkC,MAAM,CAAC,CAAC;EAC9BK,UAAU,EAAEvC,CAAC,CAAC4B,MAAM,CAAC,CAAC;EACtBY,MAAM,EAAEC;AACV,CAAC,CAAC;AAACJ,OAAA,CAAAC,kBAAA,GAAAA,kBAAA"}

package/lib/commonjs/index.js

@@ -15,13 +15,20 @@ Object.defineProperty(exports, "AuthorizationDetails", {
     return _par.AuthorizationDetails;
   }
 });
-exports.WalletInstanceAttestation = exports.Trust = exports.SdJwt = exports.PID = exports.Errors = exports.Credential = void 0;
+exports.WalletInstanceAttestation = exports.WalletInstance = exports.Trust = exports.SdJwt = exports.PID = exports.Errors = exports.Credential = void 0;
 Object.defineProperty(exports, "createCryptoContextFor", {
   enumerable: true,
   get: function () {
     return _crypto.createCryptoContextFor;
   }
 });
+Object.defineProperty(exports, "fixBase64EncodingOnKey", {
+  enumerable: true,
+  get: function () {
+    return _jwk.fixBase64EncodingOnKey;
+  }
+});
+var _jwk = require("./utils/jwk");
 require("react-native-url-polyfill/auto");
 var Credential = _interopRequireWildcard(require("./credential"));
 exports.Credential = Credential;
@@ -35,6 +42,8 @@ var WalletInstanceAttestation = _interopRequireWildcard(require("./wallet-instan
 exports.WalletInstanceAttestation = WalletInstanceAttestation;
 var Trust = _interopRequireWildcard(require("./trust"));
 exports.Trust = Trust;
+var WalletInstance = _interopRequireWildcard(require("./wallet-instance"));
+exports.WalletInstance = WalletInstance;
 var _par = require("./utils/par");
 var _crypto = require("./utils/crypto");
 function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }

package/lib/commonjs/index.js.map

@@ -1 +1 @@
-{"version":3,"names":["require","Credential","_interopRequireWildcard","exports","PID","SdJwt","Errors","WalletInstanceAttestation","Trust","_par","_crypto","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set"],"sourceRoot":"../../src","sources":["index.ts"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAEAA,OAAA;AAEA,IAAAC,UAAA,GAAAC,uBAAA,CAAAF,OAAA;AAA2CG,OAAA,CAAAF,UAAA,GAAAA,UAAA;AAC3C,IAAAG,GAAA,GAAAF,uBAAA,CAAAF,OAAA;AAA6BG,OAAA,CAAAC,GAAA,GAAAA,GAAA;AAC7B,IAAAC,KAAA,GAAAH,uBAAA,CAAAF,OAAA;AAAkCG,OAAA,CAAAE,KAAA,GAAAA,KAAA;AAClC,IAAAC,MAAA,GAAAJ,uBAAA,CAAAF,OAAA;AAAyCG,OAAA,CAAAG,MAAA,GAAAA,MAAA;AACzC,IAAAC,yBAAA,GAAAL,uBAAA,CAAAF,OAAA;AAA2EG,OAAA,CAAAI,yBAAA,GAAAA,yBAAA;AAC3E,IAAAC,KAAA,GAAAN,uBAAA,CAAAF,OAAA;AAAiCG,OAAA,CAAAK,KAAA,GAAAA,KAAA;AACjC,IAAAC,IAAA,GAAAT,OAAA;AACA,IAAAU,OAAA,GAAAV,OAAA;AAAwD,SAAAW,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAV,wBAAAc,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA"}
+{"version":3,"names":["_jwk","require","Credential","_interopRequireWildcard","exports","PID","SdJwt","Errors","WalletInstanceAttestation","Trust","WalletInstance","_par","_crypto","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set"],"sourceRoot":"../../src","sources":["index.ts"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AACA,IAAAA,IAAA,GAAAC,OAAA;AAGAA,OAAA;AAEA,IAAAC,UAAA,GAAAC,uBAAA,CAAAF,OAAA;AAA2CG,OAAA,CAAAF,UAAA,GAAAA,UAAA;AAC3C,IAAAG,GAAA,GAAAF,uBAAA,CAAAF,OAAA;AAA6BG,OAAA,CAAAC,GAAA,GAAAA,GAAA;AAC7B,IAAAC,KAAA,GAAAH,uBAAA,CAAAF,OAAA;AAAkCG,OAAA,CAAAE,KAAA,GAAAA,KAAA;AAClC,IAAAC,MAAA,GAAAJ,uBAAA,CAAAF,OAAA;AAAyCG,OAAA,CAAAG,MAAA,GAAAA,MAAA;AACzC,IAAAC,yBAAA,GAAAL,uBAAA,CAAAF,OAAA;AAA2EG,OAAA,CAAAI,yBAAA,GAAAA,yBAAA;AAC3E,IAAAC,KAAA,GAAAN,uBAAA,CAAAF,OAAA;AAAiCG,OAAA,CAAAK,KAAA,GAAAA,KAAA;AACjC,IAAAC,cAAA,GAAAP,uBAAA,CAAAF,OAAA;AAAoDG,OAAA,CAAAM,cAAA,GAAAA,cAAA;AACpD,IAAAC,IAAA,GAAAV,OAAA;AACA,IAAAW,OAAA,GAAAX,OAAA;AAAwD,SAAAY,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAX,wBAAAe,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA"}

package/lib/commonjs/pid/sd-jwt/converters.js

@@ -7,22 +7,18 @@ exports.pidFromToken = pidFromToken;
 var _converters = require("../../sd-jwt/converters");
 var _types = require("./types");
 function pidFromToken(sdJwt, disclosures) {
+  const placeOfBirth = (0, _converters.getValueFromDisclosures)(disclosures, "place_of_birth");
   return _types.PID.parse({
     issuer: sdJwt.payload.iss,
-    issuedAt: new Date(sdJwt.payload.iat * 1000),
+    issuedAt: new Date((0, _converters.getValueFromDisclosures)(disclosures, "iat") * 1000),
     expiration: new Date(sdJwt.payload.exp * 1000),
-    verification: {
-      trustFramework: sdJwt.payload.verified_claims.verification.trust_framework,
-      assuranceLevel: sdJwt.payload.verified_claims.verification.assurance_level,
-      evidence: (0, _converters.getValueFromDisclosures)(disclosures, "evidence")
-    },
     claims: {
       uniqueId: (0, _converters.getValueFromDisclosures)(disclosures, "unique_id"),
       givenName: (0, _converters.getValueFromDisclosures)(disclosures, "given_name"),
       familyName: (0, _converters.getValueFromDisclosures)(disclosures, "family_name"),
-      birthdate: (0, _converters.getValueFromDisclosures)(disclosures, "birthdate"),
-      placeOfBirth: (0, _converters.getValueFromDisclosures)(disclosures, "place_of_birth"),
-      taxIdCode: (0, _converters.getValueFromDisclosures)(disclosures, "tax_id_number")
+      birthDate: (0, _converters.getValueFromDisclosures)(disclosures, "birth_date"),
+      ...(placeOfBirth && placeOfBirth),
+      taxIdCode: (0, _converters.getValueFromDisclosures)(disclosures, "tax_id_code")
     }
   });
 }

package/lib/commonjs/pid/sd-jwt/converters.js.map

@@ -1 +1 @@
-{"version":3,"names":["_converters","require","_types","pidFromToken","sdJwt","disclosures","PID","parse","issuer","payload","iss","issuedAt","Date","iat","expiration","exp","verification","trustFramework","verified_claims","trust_framework","assuranceLevel","assurance_level","evidence","getValueFromDisclosures","claims","uniqueId","givenName","familyName","birthdate","placeOfBirth","taxIdCode"],"sourceRoot":"../../../../src","sources":["pid/sd-jwt/converters.ts"],"mappings":";;;;;;AAAA,IAAAA,WAAA,GAAAC,OAAA;AAEA,IAAAC,MAAA,GAAAD,OAAA;AAEO,SAASE,YAAYA,CAACC,KAAe,EAAEC,WAAyB,EAAO;EAC5E,OAAOC,UAAG,CAACC,KAAK,CAAC;IACfC,MAAM,EAAEJ,KAAK,CAACK,OAAO,CAACC,GAAG;IACzBC,QAAQ,EAAE,IAAIC,IAAI,CAACR,KAAK,CAACK,OAAO,CAACI,GAAG,GAAG,IAAI,CAAC;IAC5CC,UAAU,EAAE,IAAIF,IAAI,CAACR,KAAK,CAACK,OAAO,CAACM,GAAG,GAAG,IAAI,CAAC;IAC9CC,YAAY,EAAE;MACZC,cAAc,EACZb,KAAK,CAACK,OAAO,CAACS,eAAe,CAACF,YAAY,CAACG,eAAe;MAC5DC,cAAc,EACZhB,KAAK,CAACK,OAAO,CAACS,eAAe,CAACF,YAAY,CAACK,eAAe;MAC5DC,QAAQ,EAAE,IAAAC,mCAAuB,EAAClB,WAAW,EAAE,UAAU;IAC3D,CAAC;IACDmB,MAAM,EAAE;MACNC,QAAQ,EAAE,IAAAF,mCAAuB,EAAClB,WAAW,EAAE,WAAW,CAAC;MAC3DqB,SAAS,EAAE,IAAAH,mCAAuB,EAAClB,WAAW,EAAE,YAAY,CAAC;MAC7DsB,UAAU,EAAE,IAAAJ,mCAAuB,EAAClB,WAAW,EAAE,aAAa,CAAC;MAC/DuB,SAAS,EAAE,IAAAL,mCAAuB,EAAClB,WAAW,EAAE,WAAW,CAAC;MAC5DwB,YAAY,EAAE,IAAAN,mCAAuB,EAAClB,WAAW,EAAE,gBAAgB,CAAC;MACpEyB,SAAS,EAAE,IAAAP,mCAAuB,EAAClB,WAAW,EAAE,eAAe;IACjE;EACF,CAAC,CAAC;AACJ"}
+{"version":3,"names":["_converters","require","_types","pidFromToken","sdJwt","disclosures","placeOfBirth","getValueFromDisclosures","PID","parse","issuer","payload","iss","issuedAt","Date","expiration","exp","claims","uniqueId","givenName","familyName","birthDate","taxIdCode"],"sourceRoot":"../../../../src","sources":["pid/sd-jwt/converters.ts"],"mappings":";;;;;;AAAA,IAAAA,WAAA,GAAAC,OAAA;AAEA,IAAAC,MAAA,GAAAD,OAAA;AAEO,SAASE,YAAYA,CAACC,KAAe,EAAEC,WAAyB,EAAO;EAC5E,MAAMC,YAAY,GAAG,IAAAC,mCAAuB,EAACF,WAAW,EAAE,gBAAgB,CAAC;EAC3E,OAAOG,UAAG,CAACC,KAAK,CAAC;IACfC,MAAM,EAAEN,KAAK,CAACO,OAAO,CAACC,GAAG;IACzBC,QAAQ,EAAE,IAAIC,IAAI,CAAC,IAAAP,mCAAuB,EAACF,WAAW,EAAE,KAAK,CAAC,GAAG,IAAI,CAAC;IACtEU,UAAU,EAAE,IAAID,IAAI,CAACV,KAAK,CAACO,OAAO,CAACK,GAAG,GAAG,IAAI,CAAC;IAC9CC,MAAM,EAAE;MACNC,QAAQ,EAAE,IAAAX,mCAAuB,EAACF,WAAW,EAAE,WAAW,CAAC;MAC3Dc,SAAS,EAAE,IAAAZ,mCAAuB,EAACF,WAAW,EAAE,YAAY,CAAC;MAC7De,UAAU,EAAE,IAAAb,mCAAuB,EAACF,WAAW,EAAE,aAAa,CAAC;MAC/DgB,SAAS,EAAE,IAAAd,mCAAuB,EAACF,WAAW,EAAE,YAAY,CAAC;MAC7D,IAAIC,YAAY,IAAIA,YAAY,CAAC;MACjCgB,SAAS,EAAE,IAAAf,mCAAuB,EAACF,WAAW,EAAE,aAAa;IAC/D;EACF,CAAC,CAAC;AACJ"}

package/lib/commonjs/pid/sd-jwt/types.js

@@ -33,16 +33,16 @@ const PID = _zod.z.object({
   issuer: _zod.z.string(),
   issuedAt: _zod.z.date(),
   expiration: _zod.z.date(),
-  verification: Verification,
+  verification: Verification.optional(),
   claims: _zod.z.object({
     uniqueId: _zod.z.string(),
     givenName: _zod.z.string(),
     familyName: _zod.z.string(),
-    birthdate: _zod.z.string(),
+    birthDate: _zod.z.string(),
     placeOfBirth: _zod.z.object({
       country: _zod.z.string(),
       locality: _zod.z.string()
-    }),
+    }).optional(),
     taxIdCode: _zod.z.string()
   })
 });

package/lib/commonjs/pid/sd-jwt/types.js.map

@@ -1 +1 @@
-{"version":3,"names":["_zod","require","VerificationEvidence","z","object","type","string","record","source","organization_name","organization_id","country_code","Verification","trustFramework","literal","assuranceLevel","evidence","array","PID","issuer","issuedAt","date","expiration","verification","claims","uniqueId","givenName","familyName","birthdate","placeOfBirth","country","locality","taxIdCode","exports"],"sourceRoot":"../../../../src","sources":["pid/sd-jwt/types.ts"],"mappings":";;;;;;AAAA,IAAAA,IAAA,GAAAC,OAAA;AAEA,MAAMC,oBAAoB,GAAGC,MAAC,CAACC,MAAM,CAAC;EACpCC,IAAI,EAAEF,MAAC,CAACG,MAAM,CAAC,CAAC;EAChBC,MAAM,EAAEJ,MAAC,CAACC,MAAM,CAAC;IACfC,IAAI,EAAEF,MAAC,CAACG,MAAM,CAAC,CAAC;IAChBE,MAAM,EAAEL,MAAC,CAACC,MAAM,CAAC;MACfK,iBAAiB,EAAEN,MAAC,CAACG,MAAM,CAAC,CAAC;MAC7BI,eAAe,EAAEP,MAAC,CAACG,MAAM,CAAC,CAAC;MAC3BK,YAAY,EAAER,MAAC,CAACG,MAAM,CAAC;IACzB,CAAC;EACH,CAAC;AACH,CAAC,CAAC;AAEF,MAAMM,YAAY,GAAGT,MAAC,CAACC,MAAM,CAAC;EAC5BS,cAAc,EAAEV,MAAC,CAACW,OAAO,CAAC,OAAO,CAAC;EAClCC,cAAc,EAAEZ,MAAC,CAACG,MAAM,CAAC,CAAC;EAC1BU,QAAQ,EAAEb,MAAC,CAACc,KAAK,CAACf,oBAAoB;AACxC,CAAC,CAAC;;AAEF;AACA;AACA;AACA;AACA;AACA;;AAEO,MAAMgB,GAAG,GAAGf,MAAC,CAACC,MAAM,CAAC;EAC1Be,MAAM,EAAEhB,MAAC,CAACG,MAAM,CAAC,CAAC;EAClBc,QAAQ,EAAEjB,MAAC,CAACkB,IAAI,CAAC,CAAC;EAClBC,UAAU,EAAEnB,MAAC,CAACkB,IAAI,CAAC,CAAC;EACpBE,YAAY,EAAEX,YAAY;EAC1BY,MAAM,EAAErB,MAAC,CAACC,MAAM,CAAC;IACfqB,QAAQ,EAAEtB,MAAC,CAACG,MAAM,CAAC,CAAC;IACpBoB,SAAS,EAAEvB,MAAC,CAACG,MAAM,CAAC,CAAC;IACrBqB,UAAU,EAAExB,MAAC,CAACG,MAAM,CAAC,CAAC;IACtBsB,SAAS,EAAEzB,MAAC,CAACG,MAAM,CAAC,CAAC;IACrBuB,YAAY,EAAE1B,MAAC,CAACC,MAAM,CAAC;MACrB0B,OAAO,EAAE3B,MAAC,CAACG,MAAM,CAAC,CAAC;MACnByB,QAAQ,EAAE5B,MAAC,CAACG,MAAM,CAAC;IACrB,CAAC,CAAC;IACF0B,SAAS,EAAE7B,MAAC,CAACG,MAAM,CAAC;EACtB,CAAC;AACH,CAAC,CAAC;AAAC2B,OAAA,CAAAf,GAAA,GAAAA,GAAA"}
+{"version":3,"names":["_zod","require","VerificationEvidence","z","object","type","string","record","source","organization_name","organization_id","country_code","Verification","trustFramework","literal","assuranceLevel","evidence","array","PID","issuer","issuedAt","date","expiration","verification","optional","claims","uniqueId","givenName","familyName","birthDate","placeOfBirth","country","locality","taxIdCode","exports"],"sourceRoot":"../../../../src","sources":["pid/sd-jwt/types.ts"],"mappings":";;;;;;AAAA,IAAAA,IAAA,GAAAC,OAAA;AAEA,MAAMC,oBAAoB,GAAGC,MAAC,CAACC,MAAM,CAAC;EACpCC,IAAI,EAAEF,MAAC,CAACG,MAAM,CAAC,CAAC;EAChBC,MAAM,EAAEJ,MAAC,CAACC,MAAM,CAAC;IACfC,IAAI,EAAEF,MAAC,CAACG,MAAM,CAAC,CAAC;IAChBE,MAAM,EAAEL,MAAC,CAACC,MAAM,CAAC;MACfK,iBAAiB,EAAEN,MAAC,CAACG,MAAM,CAAC,CAAC;MAC7BI,eAAe,EAAEP,MAAC,CAACG,MAAM,CAAC,CAAC;MAC3BK,YAAY,EAAER,MAAC,CAACG,MAAM,CAAC;IACzB,CAAC;EACH,CAAC;AACH,CAAC,CAAC;AAEF,MAAMM,YAAY,GAAGT,MAAC,CAACC,MAAM,CAAC;EAC5BS,cAAc,EAAEV,MAAC,CAACW,OAAO,CAAC,OAAO,CAAC;EAClCC,cAAc,EAAEZ,MAAC,CAACG,MAAM,CAAC,CAAC;EAC1BU,QAAQ,EAAEb,MAAC,CAACc,KAAK,CAACf,oBAAoB;AACxC,CAAC,CAAC;;AAEF;AACA;AACA;AACA;AACA;AACA;;AAEO,MAAMgB,GAAG,GAAGf,MAAC,CAACC,MAAM,CAAC;EAC1Be,MAAM,EAAEhB,MAAC,CAACG,MAAM,CAAC,CAAC;EAClBc,QAAQ,EAAEjB,MAAC,CAACkB,IAAI,CAAC,CAAC;EAClBC,UAAU,EAAEnB,MAAC,CAACkB,IAAI,CAAC,CAAC;EACpBE,YAAY,EAAEX,YAAY,CAACY,QAAQ,CAAC,CAAC;EACrCC,MAAM,EAAEtB,MAAC,CAACC,MAAM,CAAC;IACfsB,QAAQ,EAAEvB,MAAC,CAACG,MAAM,CAAC,CAAC;IACpBqB,SAAS,EAAExB,MAAC,CAACG,MAAM,CAAC,CAAC;IACrBsB,UAAU,EAAEzB,MAAC,CAACG,MAAM,CAAC,CAAC;IACtBuB,SAAS,EAAE1B,MAAC,CAACG,MAAM,CAAC,CAAC;IACrBwB,YAAY,EAAE3B,MAAC,CACZC,MAAM,CAAC;MACN2B,OAAO,EAAE5B,MAAC,CAACG,MAAM,CAAC,CAAC;MACnB0B,QAAQ,EAAE7B,MAAC,CAACG,MAAM,CAAC;IACrB,CAAC,CAAC,CACDkB,QAAQ,CAAC,CAAC;IACbS,SAAS,EAAE9B,MAAC,CAACG,MAAM,CAAC;EACtB,CAAC;AACH,CAAC,CAAC;AAAC4B,OAAA,CAAAhB,GAAA,GAAAA,GAAA"}

package/lib/commonjs/sd-jwt/__test__/converters.test.js

@@ -1,7 +1,7 @@
 "use strict";
 
 var _converters = require("../converters");
-const disclosures = [["6w1_soRXFgaHKfpYn3cvfQ", "given_name", "Mario"], ["fuNp97Hf3wV6y48y-QZhIg", "birthdate", "1980-10-01"], ["p-9LzyWHZBVDvhXDWkN2xA", "place_of_birth", {
+const disclosures = [["6w1_soRXFgaHKfpYn3cvfQ", "given_name", "Mario"], ["fuNp97Hf3wV6y48y-QZhIg", "birth_date", "1980-10-01"], ["p-9LzyWHZBVDvhXDWkN2xA", "place_of_birth", {
   country: "IT",
   locality: "Rome"
 }]];

package/lib/commonjs/sd-jwt/__test__/converters.test.js.map

@@ -1 +1 @@
-{"version":3,"names":["_converters","require","disclosures","country","locality","describe","it","success","getValueFromDisclosures","expect","toBe","toEqual","toBeUndefined"],"sourceRoot":"../../../../src","sources":["sd-jwt/__test__/converters.test.ts"],"mappings":";;AAAA,IAAAA,WAAA,GAAAC,OAAA;AAGA,MAAMC,WAAyB,GAAG,CAChC,CAAC,wBAAwB,EAAE,YAAY,EAAE,OAAO,CAAC,EACjD,CAAC,wBAAwB,EAAE,WAAW,EAAE,YAAY,CAAC,EACrD,CACE,wBAAwB,EACxB,gBAAgB,EAChB;EAAEC,OAAO,EAAE,IAAI;EAAEC,QAAQ,EAAE;AAAO,CAAC,CACpC,CACF;AAEDC,QAAQ,CAAC,yBAAyB,EAAE,MAAM;EACxCC,EAAE,CAAC,4CAA4C,EAAE,MAAM;IACrD,MAAMC,OAAO,GAAG,IAAAC,mCAAuB,EAACN,WAAW,EAAE,YAAY,CAAC;IAClEO,MAAM,CAACF,OAAO,CAAC,CAACG,IAAI,CAAC,OAAO,CAAC;EAC/B,CAAC,CAAC;EACFJ,EAAE,CAAC,gDAAgD,EAAE,MAAM;IACzD,MAAMC,OAAO,GAAG,IAAAC,mCAAuB,EAACN,WAAW,EAAE,gBAAgB,CAAC;IACtEO,MAAM,CAACF,OAAO,CAAC,CAACI,OAAO,CAAC;MAAER,OAAO,EAAE,IAAI;MAAEC,QAAQ,EAAE;IAAO,CAAC,CAAC;EAC9D,CAAC,CAAC;EACFE,EAAE,CAAC,aAAa,EAAE,MAAM;IACtB,MAAMC,OAAO,GAAG,IAAAC,mCAAuB,EAACN,WAAW,EAAE,eAAe,CAAC;IACrEO,MAAM,CAACF,OAAO,CAAC,CAACK,aAAa,CAAC,CAAC;EACjC,CAAC,CAAC;AACJ,CAAC,CAAC"}
+{"version":3,"names":["_converters","require","disclosures","country","locality","describe","it","success","getValueFromDisclosures","expect","toBe","toEqual","toBeUndefined"],"sourceRoot":"../../../../src","sources":["sd-jwt/__test__/converters.test.ts"],"mappings":";;AAAA,IAAAA,WAAA,GAAAC,OAAA;AAGA,MAAMC,WAAyB,GAAG,CAChC,CAAC,wBAAwB,EAAE,YAAY,EAAE,OAAO,CAAC,EACjD,CAAC,wBAAwB,EAAE,YAAY,EAAE,YAAY,CAAC,EACtD,CACE,wBAAwB,EACxB,gBAAgB,EAChB;EAAEC,OAAO,EAAE,IAAI;EAAEC,QAAQ,EAAE;AAAO,CAAC,CACpC,CACF;AAEDC,QAAQ,CAAC,yBAAyB,EAAE,MAAM;EACxCC,EAAE,CAAC,4CAA4C,EAAE,MAAM;IACrD,MAAMC,OAAO,GAAG,IAAAC,mCAAuB,EAACN,WAAW,EAAE,YAAY,CAAC;IAClEO,MAAM,CAACF,OAAO,CAAC,CAACG,IAAI,CAAC,OAAO,CAAC;EAC/B,CAAC,CAAC;EACFJ,EAAE,CAAC,gDAAgD,EAAE,MAAM;IACzD,MAAMC,OAAO,GAAG,IAAAC,mCAAuB,EAACN,WAAW,EAAE,gBAAgB,CAAC;IACtEO,MAAM,CAACF,OAAO,CAAC,CAACI,OAAO,CAAC;MAAER,OAAO,EAAE,IAAI;MAAEC,QAAQ,EAAE;IAAO,CAAC,CAAC;EAC9D,CAAC,CAAC;EACFE,EAAE,CAAC,aAAa,EAAE,MAAM;IACtB,MAAMC,OAAO,GAAG,IAAAC,mCAAuB,EAACN,WAAW,EAAE,eAAe,CAAC;IACrEO,MAAM,CAACF,OAAO,CAAC,CAACK,aAAa,CAAC,CAAC;EACjC,CAAC,CAAC;AACJ,CAAC,CAAC"}