@pagopa/io-react-native-wallet 0.12.0 → 0.13.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (205) hide show
  1. package/lib/commonjs/client/generated/wallet-provider.js +22 -22
  2. package/lib/commonjs/client/generated/wallet-provider.js.map +1 -1
  3. package/lib/commonjs/client/index.js +1 -2
  4. package/lib/commonjs/client/index.js.map +1 -1
  5. package/lib/commonjs/credential/issuance/02-evaluate-issuer-trust.js +2 -1
  6. package/lib/commonjs/credential/issuance/02-evaluate-issuer-trust.js.map +1 -1
  7. package/lib/commonjs/credential/issuance/03-start-credential-issuance.js +287 -0
  8. package/lib/commonjs/credential/issuance/03-start-credential-issuance.js.map +1 -0
  9. package/lib/commonjs/credential/issuance/03-start-user-authorization.js +56 -83
  10. package/lib/commonjs/credential/issuance/03-start-user-authorization.js.map +1 -1
  11. package/lib/commonjs/credential/issuance/04-complete-user-authorization.js +88 -0
  12. package/lib/commonjs/credential/issuance/04-complete-user-authorization.js.map +1 -1
  13. package/lib/commonjs/credential/issuance/05-authorize-access.js +56 -33
  14. package/lib/commonjs/credential/issuance/05-authorize-access.js.map +1 -1
  15. package/lib/commonjs/credential/issuance/06-obtain-credential.js +51 -78
  16. package/lib/commonjs/credential/issuance/06-obtain-credential.js.map +1 -1
  17. package/lib/commonjs/credential/issuance/07-verify-and-parse-credential.js +21 -44
  18. package/lib/commonjs/credential/issuance/07-verify-and-parse-credential.js.map +1 -1
  19. package/lib/commonjs/credential/issuance/index.js +7 -0
  20. package/lib/commonjs/credential/issuance/index.js.map +1 -1
  21. package/lib/commonjs/credential/issuance/types.js +28 -0
  22. package/lib/commonjs/credential/issuance/types.js.map +1 -0
  23. package/lib/commonjs/index.js.map +1 -1
  24. package/lib/commonjs/pid/sd-jwt/converters.js +5 -9
  25. package/lib/commonjs/pid/sd-jwt/converters.js.map +1 -1
  26. package/lib/commonjs/pid/sd-jwt/types.js +3 -3
  27. package/lib/commonjs/pid/sd-jwt/types.js.map +1 -1
  28. package/lib/commonjs/sd-jwt/__test__/converters.test.js +1 -1
  29. package/lib/commonjs/sd-jwt/__test__/converters.test.js.map +1 -1
  30. package/lib/commonjs/sd-jwt/__test__/index.test.js +30 -43
  31. package/lib/commonjs/sd-jwt/__test__/index.test.js.map +1 -1
  32. package/lib/commonjs/sd-jwt/__test__/types.test.js +16 -24
  33. package/lib/commonjs/sd-jwt/__test__/types.test.js.map +1 -1
  34. package/lib/commonjs/sd-jwt/index.js +3 -9
  35. package/lib/commonjs/sd-jwt/index.js.map +1 -1
  36. package/lib/commonjs/sd-jwt/types.js +11 -16
  37. package/lib/commonjs/sd-jwt/types.js.map +1 -1
  38. package/lib/commonjs/trust/types.js +70 -29
  39. package/lib/commonjs/trust/types.js.map +1 -1
  40. package/lib/commonjs/utils/auth.js +44 -0
  41. package/lib/commonjs/utils/auth.js.map +1 -0
  42. package/lib/commonjs/utils/errors.js +77 -2
  43. package/lib/commonjs/utils/errors.js.map +1 -1
  44. package/lib/commonjs/utils/misc.js +34 -1
  45. package/lib/commonjs/utils/misc.js.map +1 -1
  46. package/lib/commonjs/utils/par.js +23 -15
  47. package/lib/commonjs/utils/par.js.map +1 -1
  48. package/lib/commonjs/utils/pop.js +33 -0
  49. package/lib/commonjs/utils/pop.js.map +1 -0
  50. package/lib/commonjs/wallet-instance-attestation/issuing.js +17 -2
  51. package/lib/commonjs/wallet-instance-attestation/issuing.js.map +1 -1
  52. package/lib/commonjs/wallet-instance-attestation/types.js +7 -7
  53. package/lib/commonjs/wallet-instance-attestation/types.js.map +1 -1
  54. package/lib/module/client/generated/wallet-provider.js +16 -19
  55. package/lib/module/client/generated/wallet-provider.js.map +1 -1
  56. package/lib/module/client/index.js +1 -2
  57. package/lib/module/client/index.js.map +1 -1
  58. package/lib/module/credential/issuance/02-evaluate-issuer-trust.js +2 -1
  59. package/lib/module/credential/issuance/02-evaluate-issuer-trust.js.map +1 -1
  60. package/lib/module/credential/issuance/03-start-credential-issuance.js +276 -0
  61. package/lib/module/credential/issuance/03-start-credential-issuance.js.map +1 -0
  62. package/lib/module/credential/issuance/03-start-user-authorization.js +56 -80
  63. package/lib/module/credential/issuance/03-start-user-authorization.js.map +1 -1
  64. package/lib/module/credential/issuance/04-complete-user-authorization.js +85 -1
  65. package/lib/module/credential/issuance/04-complete-user-authorization.js.map +1 -1
  66. package/lib/module/credential/issuance/05-authorize-access.js +54 -33
  67. package/lib/module/credential/issuance/05-authorize-access.js.map +1 -1
  68. package/lib/module/credential/issuance/06-obtain-credential.js +50 -75
  69. package/lib/module/credential/issuance/06-obtain-credential.js.map +1 -1
  70. package/lib/module/credential/issuance/07-verify-and-parse-credential.js +21 -44
  71. package/lib/module/credential/issuance/07-verify-and-parse-credential.js.map +1 -1
  72. package/lib/module/credential/issuance/index.js +2 -1
  73. package/lib/module/credential/issuance/index.js.map +1 -1
  74. package/lib/module/credential/issuance/types.js +18 -0
  75. package/lib/module/credential/issuance/types.js.map +1 -0
  76. package/lib/module/index.js.map +1 -1
  77. package/lib/module/pid/sd-jwt/converters.js +5 -9
  78. package/lib/module/pid/sd-jwt/converters.js.map +1 -1
  79. package/lib/module/pid/sd-jwt/types.js +3 -3
  80. package/lib/module/pid/sd-jwt/types.js.map +1 -1
  81. package/lib/module/sd-jwt/__test__/converters.test.js +1 -1
  82. package/lib/module/sd-jwt/__test__/converters.test.js.map +1 -1
  83. package/lib/module/sd-jwt/__test__/index.test.js +30 -43
  84. package/lib/module/sd-jwt/__test__/index.test.js.map +1 -1
  85. package/lib/module/sd-jwt/__test__/types.test.js +16 -24
  86. package/lib/module/sd-jwt/__test__/types.test.js.map +1 -1
  87. package/lib/module/sd-jwt/index.js +3 -9
  88. package/lib/module/sd-jwt/index.js.map +1 -1
  89. package/lib/module/sd-jwt/types.js +11 -16
  90. package/lib/module/sd-jwt/types.js.map +1 -1
  91. package/lib/module/sd-jwt/verifier.js.map +1 -1
  92. package/lib/module/trust/types.js +70 -29
  93. package/lib/module/trust/types.js.map +1 -1
  94. package/lib/module/utils/auth.js +35 -0
  95. package/lib/module/utils/auth.js.map +1 -0
  96. package/lib/module/utils/errors.js +71 -0
  97. package/lib/module/utils/errors.js.map +1 -1
  98. package/lib/module/utils/misc.js +31 -0
  99. package/lib/module/utils/misc.js.map +1 -1
  100. package/lib/module/utils/par.js +24 -16
  101. package/lib/module/utils/par.js.map +1 -1
  102. package/lib/module/utils/pop.js +24 -0
  103. package/lib/module/utils/pop.js.map +1 -0
  104. package/lib/module/wallet-instance-attestation/issuing.js +17 -2
  105. package/lib/module/wallet-instance-attestation/issuing.js.map +1 -1
  106. package/lib/module/wallet-instance-attestation/types.js +7 -7
  107. package/lib/module/wallet-instance-attestation/types.js.map +1 -1
  108. package/lib/typescript/client/generated/wallet-provider.d.ts +35 -13
  109. package/lib/typescript/client/generated/wallet-provider.d.ts.map +1 -1
  110. package/lib/typescript/client/index.d.ts.map +1 -1
  111. package/lib/typescript/credential/issuance/01-start-flow.d.ts +1 -0
  112. package/lib/typescript/credential/issuance/01-start-flow.d.ts.map +1 -1
  113. package/lib/typescript/credential/issuance/02-evaluate-issuer-trust.d.ts +2 -1
  114. package/lib/typescript/credential/issuance/02-evaluate-issuer-trust.d.ts.map +1 -1
  115. package/lib/typescript/credential/issuance/03-start-credential-issuance.d.ts +41 -0
  116. package/lib/typescript/credential/issuance/03-start-credential-issuance.d.ts.map +1 -0
  117. package/lib/typescript/credential/issuance/03-start-user-authorization.d.ts +23 -18
  118. package/lib/typescript/credential/issuance/03-start-user-authorization.d.ts.map +1 -1
  119. package/lib/typescript/credential/issuance/04-complete-user-authorization.d.ts +24 -12
  120. package/lib/typescript/credential/issuance/04-complete-user-authorization.d.ts.map +1 -1
  121. package/lib/typescript/credential/issuance/05-authorize-access.d.ts +22 -16
  122. package/lib/typescript/credential/issuance/05-authorize-access.d.ts.map +1 -1
  123. package/lib/typescript/credential/issuance/06-obtain-credential.d.ts +19 -26
  124. package/lib/typescript/credential/issuance/06-obtain-credential.d.ts.map +1 -1
  125. package/lib/typescript/credential/issuance/07-verify-and-parse-credential.d.ts +10 -15
  126. package/lib/typescript/credential/issuance/07-verify-and-parse-credential.d.ts.map +1 -1
  127. package/lib/typescript/credential/issuance/index.d.ts +3 -4
  128. package/lib/typescript/credential/issuance/index.d.ts.map +1 -1
  129. package/lib/typescript/credential/issuance/types.d.ts +63 -0
  130. package/lib/typescript/credential/issuance/types.d.ts.map +1 -0
  131. package/lib/typescript/credential/presentation/types.d.ts +6 -6
  132. package/lib/typescript/index.d.ts +2 -1
  133. package/lib/typescript/index.d.ts.map +1 -1
  134. package/lib/typescript/pid/sd-jwt/converters.d.ts.map +1 -1
  135. package/lib/typescript/pid/sd-jwt/types.d.ts +36 -36
  136. package/lib/typescript/pid/sd-jwt/types.d.ts.map +1 -1
  137. package/lib/typescript/sd-jwt/index.d.ts +40 -68
  138. package/lib/typescript/sd-jwt/index.d.ts.map +1 -1
  139. package/lib/typescript/sd-jwt/types.d.ts +64 -121
  140. package/lib/typescript/sd-jwt/types.d.ts.map +1 -1
  141. package/lib/typescript/trust/index.d.ts +150 -48
  142. package/lib/typescript/trust/index.d.ts.map +1 -1
  143. package/lib/typescript/trust/types.d.ts +2838 -1740
  144. package/lib/typescript/trust/types.d.ts.map +1 -1
  145. package/lib/typescript/utils/auth.d.ts +52 -0
  146. package/lib/typescript/utils/auth.d.ts.map +1 -0
  147. package/lib/typescript/utils/errors.d.ts +36 -1
  148. package/lib/typescript/utils/errors.d.ts.map +1 -1
  149. package/lib/typescript/utils/integrity.d.ts +1 -1
  150. package/lib/typescript/utils/misc.d.ts +18 -0
  151. package/lib/typescript/utils/misc.d.ts.map +1 -1
  152. package/lib/typescript/utils/par.d.ts +8 -31
  153. package/lib/typescript/utils/par.d.ts.map +1 -1
  154. package/lib/typescript/utils/pop.d.ts +26 -0
  155. package/lib/typescript/utils/pop.d.ts.map +1 -0
  156. package/lib/typescript/wallet-instance-attestation/issuing.d.ts +2 -1
  157. package/lib/typescript/wallet-instance-attestation/issuing.d.ts.map +1 -1
  158. package/lib/typescript/wallet-instance-attestation/types.d.ts +59 -59
  159. package/lib/typescript/wallet-instance-attestation/types.d.ts.map +1 -1
  160. package/package.json +2 -1
  161. package/src/client/generated/wallet-provider.ts +24 -21
  162. package/src/client/index.ts +3 -8
  163. package/src/credential/issuance/01-start-flow.ts +1 -0
  164. package/src/credential/issuance/02-evaluate-issuer-trust.ts +2 -1
  165. package/src/credential/issuance/03-start-credential-issuance.ts +407 -0
  166. package/src/credential/issuance/03-start-user-authorization.ts +91 -92
  167. package/src/credential/issuance/04-complete-user-authorization.ts +114 -13
  168. package/src/credential/issuance/05-authorize-access.ts +74 -49
  169. package/src/credential/issuance/06-obtain-credential.ts +77 -111
  170. package/src/credential/issuance/07-verify-and-parse-credential.ts +30 -67
  171. package/src/credential/issuance/index.ts +6 -4
  172. package/src/credential/issuance/types.ts +25 -0
  173. package/src/index.ts +2 -1
  174. package/src/pid/sd-jwt/converters.ts +5 -11
  175. package/src/pid/sd-jwt/types.ts +8 -6
  176. package/src/sd-jwt/__test__/converters.test.ts +1 -1
  177. package/src/sd-jwt/__test__/index.test.ts +45 -74
  178. package/src/sd-jwt/__test__/types.test.ts +21 -33
  179. package/src/sd-jwt/index.ts +3 -12
  180. package/src/sd-jwt/types.ts +17 -22
  181. package/src/trust/types.ts +64 -32
  182. package/src/utils/auth.ts +37 -0
  183. package/src/utils/errors.ts +85 -1
  184. package/src/utils/integrity.ts +1 -1
  185. package/src/utils/misc.ts +43 -0
  186. package/src/utils/par.ts +29 -17
  187. package/src/utils/pop.ts +34 -0
  188. package/src/wallet-instance-attestation/issuing.ts +39 -2
  189. package/src/wallet-instance-attestation/types.ts +11 -7
  190. package/lib/commonjs/credential/issuance/07-confirm-credential.js +0 -6
  191. package/lib/commonjs/credential/issuance/07-confirm-credential.js.map +0 -1
  192. package/lib/commonjs/credential/issuance/08-confirm-credential.js +0 -6
  193. package/lib/commonjs/credential/issuance/08-confirm-credential.js.map +0 -1
  194. package/lib/module/credential/issuance/07-confirm-credential.js +0 -2
  195. package/lib/module/credential/issuance/07-confirm-credential.js.map +0 -1
  196. package/lib/module/credential/issuance/08-confirm-credential.js +0 -2
  197. package/lib/module/credential/issuance/08-confirm-credential.js.map +0 -1
  198. package/lib/typescript/credential/issuance/07-confirm-credential.d.ts +0 -11
  199. package/lib/typescript/credential/issuance/07-confirm-credential.d.ts.map +0 -1
  200. package/lib/typescript/credential/issuance/08-confirm-credential.d.ts +0 -11
  201. package/lib/typescript/credential/issuance/08-confirm-credential.d.ts.map +0 -1
  202. package/src/credential/issuance/07-confirm-credential.ts +0 -14
  203. package/src/credential/issuance/08-confirm-credential.ts +0 -14
  204. package/src/sd-jwt/__test__/converters.test.js +0 -24
  205. package/src/sd-jwt/verifier.js +0 -12
@@ -1,31 +1,36 @@
1
1
  import type { CryptoContext } from "@pagopa/io-react-native-jwt";
2
- import { type Out } from "../../utils/misc";
3
- import type { StartFlow } from "./01-start-flow";
2
+ import { type Out } from "../../../src/utils/misc";
4
3
  import type { EvaluateIssuerTrust } from "./02-evaluate-issuer-trust";
4
+ import type { StartFlow } from "./01-start-flow";
5
+ import { AuthorizationDetail } from "../../../src/utils/par";
5
6
  export type StartUserAuthorization = (issuerConf: Out<EvaluateIssuerTrust>["issuerConf"], credentialType: Out<StartFlow>["credentialType"], context: {
6
7
  wiaCryptoContext: CryptoContext;
7
8
  walletInstanceAttestation: string;
8
- walletProviderBaseUrl: string;
9
- additionalParams?: Record<string, string>;
9
+ redirectUri: string;
10
10
  appFetch?: GlobalFetch["fetch"];
11
11
  }) => Promise<{
12
- requestUri: string;
12
+ issuerRequestUri: string;
13
13
  clientId: string;
14
+ codeVerifier: string;
15
+ credentialDefinition: AuthorizationDetail;
14
16
  }>;
15
17
  /**
16
- * Start the User authorization phase.
17
- * Perform the Pushed Authorization Request as defined in OAuth 2.0 protocol.
18
- *
19
- * @param issuerConf The Issuer configuration
20
- * @param credentialType The type of the credential to be requested
21
- * @param context.wiaCryptoContext The context to access the key associated with the Wallet Instance Attestation
22
- * @param context.walletInstanceAttestation The Wallet Instance Attestation token
23
- * @param context.walletProviderBaseUrl The base url of the Wallet Provider
24
- * @param context.additionalParams Hash set of parameters to be passed to the authorization endpoint
25
- * (used as a temporary fix until we have a proper User identity in the PID token provider)
26
- * TODO: [SIW-630]
27
- * @param context.appFetch (optional) fetch api implementation. Default: built-in fetch
28
- * @returns The request uri to continue the authorization to
18
+ * WARNING: This function must be called after {@link evaluateIssuerTrust} and {@link startFlow}. The next steam is {@link compeUserAuthorizationWithQueryMode} or {@link compeUserAuthorizationWithFormPostJwtMode}
19
+ * Creates and sends a PAR request to the /as/par endpoint of the authroization server.
20
+ * This starts the authentication flow to obtain an access token.
21
+ * This token enables the Wallet Instance to request a digital credential from the Credential Endpoint of the Credential Issuer.
22
+ * This is an HTTP POST request containing the Wallet Instance identifier (client id), the code challenge and challenge method as specified by PKCE according to RFC 9126
23
+ * along with the WTE and its proof of possession (WTE-PoP).
24
+ * Additionally, it includes a request object, which is a signed JWT encapsulating the type of digital credential requested (authorization_details),
25
+ * the application session identifier on the Wallet Instance side (state),
26
+ * the method (query or form_post.jwt) by which the Authorization Server
27
+ * should transmit the Authorization Response containing the authorization code issued upon the end user's authentication (response_mode)
28
+ * to the Wallet Instance's Token Endpoint to obtain the Access Token, and the redirect_uri of the Wallet Instance where the Authorization Response
29
+ * should be delivered. The redirect is achived by using a custom URL scheme that the Wallet Instance is registered to handle.
30
+ * @param issuerConf The issuer configuration
31
+ * @param credentialType The type of the credential to be requested returned by {@link selectCredentialDefinition}
32
+ * @param ctx The context object containing the Wallet Instance's cryptographic context, the Wallet Instance's attestation, the redirect URI and the fetch implementation
33
+ * @returns The URI to which the end user should be redirected to start the authentication flow, along with the client id, the code verifier and the credential definition
29
34
  */
30
35
  export declare const startUserAuthorization: StartUserAuthorization;
31
36
  //# sourceMappingURL=03-start-user-authorization.d.ts.map
@@ -1 +1 @@
1
- {"version":3,"file":"03-start-user-authorization.d.ts","sourceRoot":"","sources":["../../../../src/credential/issuance/03-start-user-authorization.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAEjE,OAAO,EAAa,KAAK,GAAG,EAAE,MAAM,kBAAkB,CAAC;AACvD,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AACjD,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AA4DtE,MAAM,MAAM,sBAAsB,GAAG,CACnC,UAAU,EAAE,GAAG,CAAC,mBAAmB,CAAC,CAAC,YAAY,CAAC,EAClD,cAAc,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC,gBAAgB,CAAC,EAChD,OAAO,EAAE;IACP,gBAAgB,EAAE,aAAa,CAAC;IAChC,yBAAyB,EAAE,MAAM,CAAC;IAClC,qBAAqB,EAAE,MAAM,CAAC;IAC9B,gBAAgB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC1C,QAAQ,CAAC,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC;CACjC,KACE,OAAO,CAAC;IAAE,UAAU,EAAE,MAAM,CAAC;IAAC,QAAQ,EAAE,MAAM,CAAA;CAAE,CAAC,CAAC;AAEvD;;;;;;;;;;;;;;GAcG;AACH,eAAO,MAAM,sBAAsB,EAAE,sBA2CpC,CAAC"}
1
+ {"version":3,"file":"03-start-user-authorization.d.ts","sourceRoot":"","sources":["../../../../src/credential/issuance/03-start-user-authorization.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAEjE,OAAO,EAEL,KAAK,GAAG,EACT,MAAM,yBAAyB,CAAC;AAEjC,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AACtE,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AACjD,OAAO,EAAE,mBAAmB,EAAkB,MAAM,wBAAwB,CAAC;AAG7E,MAAM,MAAM,sBAAsB,GAAG,CACnC,UAAU,EAAE,GAAG,CAAC,mBAAmB,CAAC,CAAC,YAAY,CAAC,EAClD,cAAc,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC,gBAAgB,CAAC,EAChD,OAAO,EAAE;IACP,gBAAgB,EAAE,aAAa,CAAC;IAChC,yBAAyB,EAAE,MAAM,CAAC;IAClC,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC;CACjC,KACE,OAAO,CAAC;IACX,gBAAgB,EAAE,MAAM,CAAC;IACzB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;IACrB,oBAAoB,EAAE,mBAAmB,CAAC;CAC3C,CAAC,CAAC;AAyDH;;;;;;;;;;;;;;;;;GAiBG;AACH,eAAO,MAAM,sBAAsB,EAAE,sBAmCpC,CAAC"}
@@ -1,16 +1,28 @@
1
- import type { Out } from "../../utils/misc";
1
+ import { type AuthorizationContext, type AuthorizationResult } from "../../../src/utils/auth";
2
+ import { type Out } from "../../utils/misc";
2
3
  import type { StartUserAuthorization } from "./03-start-user-authorization";
4
+ import type { EvaluateIssuerTrust } from "./02-evaluate-issuer-trust";
3
5
  /**
4
- * The interface of the phase to complete User authorization.
5
- * It may be implemented as a Credential presentation
6
- * or with a strong User identification
7
- *
8
- * @param requestUri The url to reach to complete the user authorization.
9
- * @param cliendId Identifies the current client across all the requests of the issuing flow
10
- *
11
- * @returns the access code to use to request the credental
6
+ * The interface of the phase to complete User authorization via strong identification when the response mode is "query" and the request credential is a PersonIdentificationData.
12
7
  */
13
- export type CompleteUserAuthorization = (requestUri: Out<StartUserAuthorization>["requestUri"], clientId: Out<StartUserAuthorization>["clientId"]) => Promise<{
14
- code: string;
15
- }>;
8
+ export type CompleteUserAuthorizationWithQueryMode = (issuerRequestUri: Out<StartUserAuthorization>["issuerRequestUri"], clientId: Out<StartUserAuthorization>["clientId"], issuerConf: Out<EvaluateIssuerTrust>["issuerConf"], idpHint: string, redirectUri: string, authorizationContext?: AuthorizationContext) => Promise<AuthorizationResult>;
9
+ /**
10
+ * WARNING: This function must be called after {@link startUserAuthorization}. The next function to be called is {@link authorizeAccess}.
11
+ * The interface of the phase to complete User authorization via strong identification when the response mode is "query" and the request credential is a PersonIdentificationData.
12
+ * It is used to complete the user authorization by catching the redirectSchema from the authorization server which then contains the authorization response.
13
+ * This function utilizes the authorization context to open an in-app browser capable of catching the redirectSchema to perform a get request to the authorization endpoint.
14
+ * If the 302 redirect happens and the redirectSchema is caught, the function will return the authorization response after parsing it from the query string.
15
+ * @param issuerRequestUri the URI of the issuer where the request is sent
16
+ * @param clientId Identifies the current client across all the requests of the issuing flow returned by {@link startUserAuthorization}
17
+ * @param issuerConf The issuer configuration returned by {@link evaluateIssuerTrust}
18
+ * @param authorizationContext The context to identify the user which will be used to start the authorization. It's needed only when requesting a PersonalIdentificationData credential. The implementantion should open an in-app browser capable of catching the redirectSchema.
19
+ * If not specified, the default browser is used
20
+ * @param idphint Unique identifier of the SPID IDP selected by the user
21
+ * @param redirectUri The url to reach to complete the user authorization which is the custom URL scheme that the Wallet Instance is registered to handle, usually a custom URL or deeplink
22
+ * @throws {AuthorizationError} if an error occurs during the authorization process
23
+ * @throws {AuthorizationIdpError} if an error occurs during the authorization process and the error is related to the IDP
24
+ * @returns the authorization response which contains code, state and iss
25
+ */
26
+ export declare const completeUserAuthorizationWithQueryMode: CompleteUserAuthorizationWithQueryMode;
27
+ export declare const completeUserAuthorizationWithFormPostJwtMode: () => never;
16
28
  //# sourceMappingURL=04-complete-user-authorization.d.ts.map
@@ -1 +1 @@
1
- {"version":3,"file":"04-complete-user-authorization.d.ts","sourceRoot":"","sources":["../../../../src/credential/issuance/04-complete-user-authorization.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,kBAAkB,CAAC;AAC5C,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,+BAA+B,CAAC;AAE5E;;;;;;;;;GASG;AACH,MAAM,MAAM,yBAAyB,GAAG,CACtC,UAAU,EAAE,GAAG,CAAC,sBAAsB,CAAC,CAAC,YAAY,CAAC,EACrD,QAAQ,EAAE,GAAG,CAAC,sBAAsB,CAAC,CAAC,UAAU,CAAC,KAC9C,OAAO,CAAC;IAAE,IAAI,EAAE,MAAM,CAAA;CAAE,CAAC,CAAC"}
1
+ {"version":3,"file":"04-complete-user-authorization.d.ts","sourceRoot":"","sources":["../../../../src/credential/issuance/04-complete-user-authorization.ts"],"names":[],"mappings":"AAAA,OAAO,EAGL,KAAK,oBAAoB,EACzB,KAAK,mBAAmB,EACzB,MAAM,yBAAyB,CAAC;AACjC,OAAO,EAAS,KAAK,GAAG,EAAE,MAAM,kBAAkB,CAAC;AACnD,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,+BAA+B,CAAC;AAG5E,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AAGtE;;GAEG;AACH,MAAM,MAAM,sCAAsC,GAAG,CACnD,gBAAgB,EAAE,GAAG,CAAC,sBAAsB,CAAC,CAAC,kBAAkB,CAAC,EACjE,QAAQ,EAAE,GAAG,CAAC,sBAAsB,CAAC,CAAC,UAAU,CAAC,EACjD,UAAU,EAAE,GAAG,CAAC,mBAAmB,CAAC,CAAC,YAAY,CAAC,EAClD,OAAO,EAAE,MAAM,EACf,WAAW,EAAE,MAAM,EACnB,oBAAoB,CAAC,EAAE,oBAAoB,KACxC,OAAO,CAAC,mBAAmB,CAAC,CAAC;AAElC;;;;;;;;;;;;;;;;GAgBG;AACH,eAAO,MAAM,sCAAsC,EAAE,sCAsElD,CAAC;AAGJ,eAAO,MAAM,4CAA4C,aAExD,CAAC"}
@@ -1,26 +1,32 @@
1
- import type { StartUserAuthorization } from "./03-start-user-authorization";
2
- import { type Out } from "../../utils/misc";
1
+ import { type Out } from "../../../src/utils/misc";
3
2
  import type { EvaluateIssuerTrust } from "./02-evaluate-issuer-trust";
4
- import type { CompleteUserAuthorization } from "./04-complete-user-authorization";
5
- export type AuthorizeAccess = (issuerConf: Out<EvaluateIssuerTrust>["issuerConf"], code: Out<CompleteUserAuthorization>["code"], clientId: Out<StartUserAuthorization>["clientId"], context: {
3
+ import type { StartUserAuthorization } from "./03-start-user-authorization";
4
+ import type { CryptoContext } from "@pagopa/io-react-native-jwt";
5
+ import { TokenResponse } from "./types";
6
+ import type { CompleteUserAuthorizationWithQueryMode } from "./04-complete-user-authorization";
7
+ export type AuthorizeAccess = (issuerConf: Out<EvaluateIssuerTrust>["issuerConf"], code: Out<CompleteUserAuthorizationWithQueryMode>["code"], redirectUri: string, clientId: Out<StartUserAuthorization>["clientId"], codeVerifier: Out<StartUserAuthorization>["codeVerifier"], context: {
6
8
  walletInstanceAttestation: string;
7
- walletProviderBaseUrl: string;
8
9
  appFetch?: GlobalFetch["fetch"];
10
+ wiaCryptoContext: CryptoContext;
9
11
  }) => Promise<{
10
- accessToken: string;
11
- nonce: string;
12
- clientId: string;
12
+ accessToken: TokenResponse;
13
+ tokenRequestSignedDPop: string;
13
14
  }>;
14
15
  /**
15
- * Obtain the access token to finally request the credential
16
- *
17
- * @param issuerConf The Issuer configuration
18
- * @param code The access code from the User authorization phase
19
- * @param clientId Identifies the current client across all the requests of the issuing flow
20
- * @param context.walletInstanceAttestation The Wallet Instance Attestation token
21
- * @param context.walletProviderBaseUrl The base url of the Wallet Provider
16
+ * Creates and sends the DPoP Proof JWT to be presented with the authorization code to the /token endpoint of the authorization server
17
+ * for requesting the issuance of an access token bound to the public key of the Wallet Instance contained within the DPoP.
18
+ * This enables the Wallet Instance to request a digital credential.
19
+ * The DPoP Proof JWT is generated according to the section 4.3 of the DPoP RFC 9449 specification.
20
+ * @param issuerConf The issuer configuration returned by {@link evaluateIssuerTrust}
21
+ * @param code The authorization code returned by {@link completeUserAuthorizationWithQueryMode} or {@link completeUserAuthorizationWithFormPost}
22
+ * @param redirectUri The redirect URI which is the custom URL scheme that the Wallet Instance is registered to handle
23
+ * @param clientId The client id returned by {@link startUserAuthorization}
24
+ * @param codeVerifier The code verifier returned by {@link startUserAuthorization}
25
+ * @param context.walletInstanceAttestation The Wallet Instance's attestation
26
+ * @param context.wiaCryptoContext The Wallet Instance's crypto context
22
27
  * @param context.appFetch (optional) fetch api implementation. Default: built-in fetch
23
- * @returns
28
+ * @throws {ValidationFailed} if an error occurs while parsing the token response
29
+ * @return The token response containing the access token along with the token request signed with DPoP which has to be used in the {@link obtainCredential} step.
24
30
  */
25
31
  export declare const authorizeAccess: AuthorizeAccess;
26
32
  //# sourceMappingURL=05-authorize-access.d.ts.map
@@ -1 +1 @@
1
- {"version":3,"file":"05-authorize-access.d.ts","sourceRoot":"","sources":["../../../../src/credential/issuance/05-authorize-access.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,+BAA+B,CAAC;AAC5E,OAAO,EAAa,KAAK,GAAG,EAAE,MAAM,kBAAkB,CAAC;AACvD,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AAEtE,OAAO,KAAK,EAAE,yBAAyB,EAAE,MAAM,kCAAkC,CAAC;AAElF,MAAM,MAAM,eAAe,GAAG,CAC5B,UAAU,EAAE,GAAG,CAAC,mBAAmB,CAAC,CAAC,YAAY,CAAC,EAClD,IAAI,EAAE,GAAG,CAAC,yBAAyB,CAAC,CAAC,MAAM,CAAC,EAC5C,QAAQ,EAAE,GAAG,CAAC,sBAAsB,CAAC,CAAC,UAAU,CAAC,EACjD,OAAO,EAAE;IACP,yBAAyB,EAAE,MAAM,CAAC;IAClC,qBAAqB,EAAE,MAAM,CAAC;IAC9B,QAAQ,CAAC,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC;CACjC,KACE,OAAO,CAAC;IAEX,WAAW,EAAE,MAAM,CAAC;IAEpB,KAAK,EAAE,MAAM,CAAC;IAEd,QAAQ,EAAE,MAAM,CAAC;CAClB,CAAC,CAAC;AAEH;;;;;;;;;;GAUG;AACH,eAAO,MAAM,eAAe,EAAE,eAqD7B,CAAC"}
1
+ {"version":3,"file":"05-authorize-access.d.ts","sourceRoot":"","sources":["../../../../src/credential/issuance/05-authorize-access.ts"],"names":[],"mappings":"AAAA,OAAO,EAAa,KAAK,GAAG,EAAE,MAAM,yBAAyB,CAAC;AAC9D,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AACtE,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,+BAA+B,CAAC;AAM5E,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAEjE,OAAO,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AAExC,OAAO,KAAK,EAAE,sCAAsC,EAAE,MAAM,kCAAkC,CAAC;AAE/F,MAAM,MAAM,eAAe,GAAG,CAC5B,UAAU,EAAE,GAAG,CAAC,mBAAmB,CAAC,CAAC,YAAY,CAAC,EAClD,IAAI,EAAE,GAAG,CAAC,sCAAsC,CAAC,CAAC,MAAM,CAAC,EACzD,WAAW,EAAE,MAAM,EACnB,QAAQ,EAAE,GAAG,CAAC,sBAAsB,CAAC,CAAC,UAAU,CAAC,EACjD,YAAY,EAAE,GAAG,CAAC,sBAAsB,CAAC,CAAC,cAAc,CAAC,EACzD,OAAO,EAAE;IACP,yBAAyB,EAAE,MAAM,CAAC;IAClC,QAAQ,CAAC,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC;IAChC,gBAAgB,EAAE,aAAa,CAAC;CACjC,KACE,OAAO,CAAC;IAAE,WAAW,EAAE,aAAa,CAAC;IAAC,sBAAsB,EAAE,MAAM,CAAA;CAAE,CAAC,CAAC;AAE7E;;;;;;;;;;;;;;;GAeG;AACH,eAAO,MAAM,eAAe,EAAE,eAyE7B,CAAC"}
@@ -1,35 +1,28 @@
1
1
  import { type CryptoContext } from "@pagopa/io-react-native-jwt";
2
- import type { StartFlow } from "./01-start-flow";
3
- import { type Out } from "../../utils/misc";
4
- import type { EvaluateIssuerTrust } from "./02-evaluate-issuer-trust";
5
2
  import type { AuthorizeAccess } from "./05-authorize-access";
6
- import { SupportedCredentialFormat } from "./const";
7
- /**
8
- * Return the signed jwt for nonce proof of possession
9
- */
10
- export declare const createNonceProof: (nonce: string, issuer: string, audience: string, ctx: CryptoContext) => Promise<string>;
11
- export type ObtainCredential = (issuerConf: Out<EvaluateIssuerTrust>["issuerConf"], accessToken: Out<AuthorizeAccess>["accessToken"], nonce: Out<AuthorizeAccess>["nonce"], clientId: Out<AuthorizeAccess>["clientId"], credentialType: Out<StartFlow>["credentialType"], credentialFormat: SupportedCredentialFormat, context: {
3
+ import type { EvaluateIssuerTrust } from "./02-evaluate-issuer-trust";
4
+ import { type Out } from "../../../src/utils/misc";
5
+ import type { StartUserAuthorization } from "./03-start-user-authorization";
6
+ import { CredentialResponse } from "./types";
7
+ export type ObtainCredential = (issuerConf: Out<EvaluateIssuerTrust>["issuerConf"], accessToken: Out<AuthorizeAccess>["accessToken"], clientId: Out<StartUserAuthorization>["clientId"], credentialDefinition: Out<StartUserAuthorization>["credentialDefinition"], tokenRequestSignedDPop: Out<AuthorizeAccess>["tokenRequestSignedDPop"], context: {
12
8
  credentialCryptoContext: CryptoContext;
13
- walletProviderBaseUrl: string;
14
9
  appFetch?: GlobalFetch["fetch"];
15
- }) => Promise<{
16
- credential: string;
17
- format: SupportedCredentialFormat;
18
- nonce: string;
19
- }>;
10
+ }) => Promise<CredentialResponse>;
11
+ export declare const createNonceProof: (nonce: string, issuer: string, audience: string, ctx: CryptoContext) => Promise<string>;
20
12
  /**
21
- * Fetch a credential from the issuer
22
- *
23
- * @param issuerConf The Issuer configuration
24
- * @param accessToken The access token to grant access to the credential, obtained with the access authorization step
25
- * @param nonce The nonce value to prevent reply attacks, obtained with the access authorization step
26
- * @param clientId Identifies the current client across all the requests of the issuing flow
27
- * @param credentialType The type of the credential to be requested
28
- * @param credentialFormat The format of the requested credential. @see {SupportedCredentialFormat}
29
- * @param context.credentialCryptoContext The context to access the key the Credential will be bound to
30
- * @param context.walletProviderBaseUrl The base url of the Wallet Provider
13
+ * Obtains the credential from the issuer.
14
+ * The key pair of the credentialCryptoContext is used for Openid4vci proof JWT to be presented with the Access Token and the DPoP Proof JWT at the Credential Endpoint
15
+ * of the Credential Issuer to request the issuance of a credential linked to the public key contained in the JWT proof.
16
+ * The Openid4vci proof JWT incapsulates the nonce extracted from the token response from the {@link authorizeAccess} step.
17
+ * The credential request is sent to the Credential Endpoint of the Credential Issuer via HTTP POST with the type of the credential, its format, the access token and the JWT proof.
18
+ * @param issuerConf The issuer configuration returned by {@link evaluateIssuerTrust}
19
+ * @param accessToken The access token response returned by {@link authorizeAccess}
20
+ * @param clientId The client id returned by {@link startUserAuthorization}
21
+ * @param credentialDefinition The credential definition of the credential to be obtained returned by {@link startUserAuthorization}
22
+ * @param tokenRequestSignedDPop The DPoP signed token request returned by {@link authorizeAccess}
23
+ * @param context.credentialCryptoContext The crypto context used to obtain the credential
31
24
  * @param context.appFetch (optional) fetch api implementation. Default: built-in fetch
32
- * @returns The signed credential token
25
+ * @returns The credential response containing the credential
33
26
  */
34
27
  export declare const obtainCredential: ObtainCredential;
35
28
  //# sourceMappingURL=06-obtain-credential.d.ts.map
@@ -1 +1 @@
1
- {"version":3,"file":"06-obtain-credential.d.ts","sourceRoot":"","sources":["../../../../src/credential/issuance/06-obtain-credential.ts"],"names":[],"mappings":"AAEA,OAAO,EAAW,KAAK,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAG1E,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AACjD,OAAO,EAAa,KAAK,GAAG,EAAE,MAAM,kBAAkB,CAAC;AACvD,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AACtE,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AAC7D,OAAO,EAAE,yBAAyB,EAAE,MAAM,SAAS,CAAC;AAEpD;;GAEG;AACH,eAAO,MAAM,gBAAgB,UACpB,MAAM,UACL,MAAM,YACJ,MAAM,OACX,aAAa,KACjB,QAAQ,MAAM,CAchB,CAAC;AAWF,MAAM,MAAM,gBAAgB,GAAG,CAC7B,UAAU,EAAE,GAAG,CAAC,mBAAmB,CAAC,CAAC,YAAY,CAAC,EAClD,WAAW,EAAE,GAAG,CAAC,eAAe,CAAC,CAAC,aAAa,CAAC,EAChD,KAAK,EAAE,GAAG,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,EACpC,QAAQ,EAAE,GAAG,CAAC,eAAe,CAAC,CAAC,UAAU,CAAC,EAC1C,cAAc,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC,gBAAgB,CAAC,EAChD,gBAAgB,EAAE,yBAAyB,EAC3C,OAAO,EAAE;IACP,uBAAuB,EAAE,aAAa,CAAC;IACvC,qBAAqB,EAAE,MAAM,CAAC;IAC9B,QAAQ,CAAC,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC;CACjC,KACE,OAAO,CAAC;IACX,UAAU,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE,yBAAyB,CAAC;IAClC,KAAK,EAAE,MAAM,CAAC;CACf,CAAC,CAAC;AAeH;;;;;;;;;;;;;GAaG;AACH,eAAO,MAAM,gBAAgB,EAAE,gBAuE9B,CAAC"}
1
+ {"version":3,"file":"06-obtain-credential.d.ts","sourceRoot":"","sources":["../../../../src/credential/issuance/06-obtain-credential.ts"],"names":[],"mappings":"AAAA,OAAO,EAAW,KAAK,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAC1E,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AAC7D,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AACtE,OAAO,EAAa,KAAK,GAAG,EAAE,MAAM,yBAAyB,CAAC;AAC9D,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,+BAA+B,CAAC;AAE5E,OAAO,EAAE,kBAAkB,EAAE,MAAM,SAAS,CAAC;AAE7C,MAAM,MAAM,gBAAgB,GAAG,CAC7B,UAAU,EAAE,GAAG,CAAC,mBAAmB,CAAC,CAAC,YAAY,CAAC,EAClD,WAAW,EAAE,GAAG,CAAC,eAAe,CAAC,CAAC,aAAa,CAAC,EAChD,QAAQ,EAAE,GAAG,CAAC,sBAAsB,CAAC,CAAC,UAAU,CAAC,EACjD,oBAAoB,EAAE,GAAG,CAAC,sBAAsB,CAAC,CAAC,sBAAsB,CAAC,EACzE,sBAAsB,EAAE,GAAG,CAAC,eAAe,CAAC,CAAC,wBAAwB,CAAC,EACtE,OAAO,EAAE;IACP,uBAAuB,EAAE,aAAa,CAAC;IACvC,QAAQ,CAAC,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC;CACjC,KACE,OAAO,CAAC,kBAAkB,CAAC,CAAC;AAEjC,eAAO,MAAM,gBAAgB,UACpB,MAAM,UACL,MAAM,YACJ,MAAM,OACX,aAAa,KACjB,QAAQ,MAAM,CAehB,CAAC;AAEF;;;;;;;;;;;;;;GAcG;AACH,eAAO,MAAM,gBAAgB,EAAE,gBAqE9B,CAAC"}
@@ -1,10 +1,9 @@
1
1
  import type { Out } from "../../utils/misc";
2
2
  import type { EvaluateIssuerTrust } from "./02-evaluate-issuer-trust";
3
- import type { ObtainCredential } from "./06-obtain-credential";
4
3
  import type { CryptoContext } from "@pagopa/io-react-native-jwt";
4
+ import type { ObtainCredential } from "./06-obtain-credential";
5
5
  export type VerifyAndParseCredential = (issuerConf: Out<EvaluateIssuerTrust>["issuerConf"], credential: Out<ObtainCredential>["credential"], format: Out<ObtainCredential>["format"], context: {
6
6
  credentialCryptoContext: CryptoContext;
7
- ignoreMissingAttributes?: boolean;
8
7
  }) => Promise<{
9
8
  parsedCredential: ParsedCredential;
10
9
  }>;
@@ -12,24 +11,20 @@ type ParsedCredential = Record<
12
11
  /** Attribute key */
13
12
  string, {
14
13
  /** Human-readable name of the attribute */
15
- name: /* if i18n is provided */ Record<string, string> | /* if no i18n is provided */ string;
16
- /** If in defined as mandatory by the Issuer */
17
- mandatory: boolean;
14
+ name: /* if i18n is provided */ Record<string, string> | /* if no i18n is provided */ string | undefined;
18
15
  /** The actual value of the attribute */
19
16
  value: unknown;
20
17
  }>;
21
18
  /**
22
- * Verify and parse an encoded credential
23
- *
24
- * @param issuerConf The Issuer configuration
25
- * @param credential The encoded credential
26
- * @param format The format of the credentual
27
- * @param context.credentialCryptoContext The context to access the key the Credential will be bound to
28
- * @param context.ignoreMissingAttributes (optional) Whether to fail if a defined attribute is note present in the credentual. Default: false
19
+ * Verify and parse an encoded credential.
20
+ * @param issuerConf The Issuer configuration returned by {@link evaluateIssuerTrust}
21
+ * @param credential The encoded credential returned by {@link obtainCredential}
22
+ * @param format The format of the credentual returned by {@link obtainCredential}
23
+ * @param context.credentialCryptoContext The crypto context used to obtain the credential in {@link obtainCredential}
29
24
  * @returns A parsed credential with attributes in plain value
30
- * @throws If the credential signature is not verified with the Issuer key set
31
- * @throws If the credential is not bound to the provided user key
32
- * @throws If the credential data fail to parse
25
+ * @throws {IoWalletError} If the credential signature is not verified with the Issuer key set
26
+ * @throws {IoWalletError} If the credential is not bound to the provided user key
27
+ * @throws {IoWalletError} If the credential data fail to parse
33
28
  */
34
29
  export declare const verifyAndParseCredential: VerifyAndParseCredential;
35
30
  export {};
@@ -1 +1 @@
1
- {"version":3,"file":"07-verify-and-parse-credential.d.ts","sourceRoot":"","sources":["../../../../src/credential/issuance/07-verify-and-parse-credential.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,kBAAkB,CAAC;AAC5C,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AACtE,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAK/D,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAEjE,MAAM,MAAM,wBAAwB,GAAG,CACrC,UAAU,EAAE,GAAG,CAAC,mBAAmB,CAAC,CAAC,YAAY,CAAC,EAClD,UAAU,EAAE,GAAG,CAAC,gBAAgB,CAAC,CAAC,YAAY,CAAC,EAC/C,MAAM,EAAE,GAAG,CAAC,gBAAgB,CAAC,CAAC,QAAQ,CAAC,EACvC,OAAO,EAAE;IACP,uBAAuB,EAAE,aAAa,CAAC;IACvC,uBAAuB,CAAC,EAAE,OAAO,CAAC;CACnC,KACE,OAAO,CAAC;IAAE,gBAAgB,EAAE,gBAAgB,CAAA;CAAE,CAAC,CAAC;AAGrD,KAAK,gBAAgB,GAAG,MAAM;AAC5B,oBAAoB;AACpB,MAAM,EACN;IACE,2CAA2C;IAC3C,IAAI,EACA,yBAAyB,CAAC,MAAM,CAC9B,MAAM,EACN,MAAM,CACP,GACD,4BAA4B,CAAC,MAAM,CAAC;IACxC,+CAA+C;IAC/C,SAAS,EAAE,OAAO,CAAC;IACnB,wCAAwC;IACxC,KAAK,EAAE,OAAO,CAAC;CAChB,CACF,CAAC;AAkLF;;;;;;;;;;;;GAYG;AACH,eAAO,MAAM,wBAAwB,EAAE,wBAwBtC,CAAC"}
1
+ {"version":3,"file":"07-verify-and-parse-credential.d.ts","sourceRoot":"","sources":["../../../../src/credential/issuance/07-verify-and-parse-credential.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,kBAAkB,CAAC;AAC5C,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AAKtE,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AACjE,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAE/D,MAAM,MAAM,wBAAwB,GAAG,CACrC,UAAU,EAAE,GAAG,CAAC,mBAAmB,CAAC,CAAC,YAAY,CAAC,EAClD,UAAU,EAAE,GAAG,CAAC,gBAAgB,CAAC,CAAC,YAAY,CAAC,EAC/C,MAAM,EAAE,GAAG,CAAC,gBAAgB,CAAC,CAAC,QAAQ,CAAC,EACvC,OAAO,EAAE;IACP,uBAAuB,EAAE,aAAa,CAAC;CACxC,KACE,OAAO,CAAC;IAAE,gBAAgB,EAAE,gBAAgB,CAAA;CAAE,CAAC,CAAC;AAGrD,KAAK,gBAAgB,GAAG,MAAM;AAC5B,oBAAoB;AACpB,MAAM,EACN;IACE,2CAA2C;IAC3C,IAAI,EACA,yBAAyB,CAAC,MAAM,CAC9B,MAAM,EACN,MAAM,CACP,GACD,4BAA4B,CAAC,MAAM,GACnC,SAAS,CAAC;IACd,wCAAwC;IACxC,KAAK,EAAE,OAAO,CAAC;CAChB,CACF,CAAC;AAyJF;;;;;;;;;;GAUG;AACH,eAAO,MAAM,wBAAwB,EAAE,wBAgBtC,CAAC"}
@@ -1,11 +1,10 @@
1
1
  import { type StartFlow } from "./01-start-flow";
2
2
  import { evaluateIssuerTrust, type EvaluateIssuerTrust } from "./02-evaluate-issuer-trust";
3
3
  import { startUserAuthorization, type StartUserAuthorization } from "./03-start-user-authorization";
4
- import { type CompleteUserAuthorization } from "./04-complete-user-authorization";
4
+ import { completeUserAuthorizationWithQueryMode, type CompleteUserAuthorizationWithQueryMode } from "./04-complete-user-authorization";
5
5
  import { authorizeAccess, type AuthorizeAccess } from "./05-authorize-access";
6
6
  import { obtainCredential, type ObtainCredential } from "./06-obtain-credential";
7
7
  import { verifyAndParseCredential, type VerifyAndParseCredential } from "./07-verify-and-parse-credential";
8
- import type { ConfirmCredential } from "./08-confirm-credential";
9
- export { evaluateIssuerTrust, startUserAuthorization, authorizeAccess, obtainCredential, verifyAndParseCredential, };
10
- export type { StartFlow, EvaluateIssuerTrust, StartUserAuthorization, CompleteUserAuthorization, AuthorizeAccess, ObtainCredential, VerifyAndParseCredential, ConfirmCredential, };
8
+ export { evaluateIssuerTrust, startUserAuthorization, completeUserAuthorizationWithQueryMode, authorizeAccess, obtainCredential, verifyAndParseCredential, };
9
+ export type { StartFlow, EvaluateIssuerTrust, StartUserAuthorization, CompleteUserAuthorizationWithQueryMode, AuthorizeAccess, ObtainCredential, VerifyAndParseCredential, };
11
10
  //# sourceMappingURL=index.d.ts.map
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/credential/issuance/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,SAAS,EAAE,MAAM,iBAAiB,CAAC;AACjD,OAAO,EACL,mBAAmB,EACnB,KAAK,mBAAmB,EACzB,MAAM,4BAA4B,CAAC;AACpC,OAAO,EACL,sBAAsB,EACtB,KAAK,sBAAsB,EAC5B,MAAM,+BAA+B,CAAC;AACvC,OAAO,EAAE,KAAK,yBAAyB,EAAE,MAAM,kCAAkC,CAAC;AAClF,OAAO,EAAE,eAAe,EAAE,KAAK,eAAe,EAAE,MAAM,uBAAuB,CAAC;AAC9E,OAAO,EACL,gBAAgB,EAChB,KAAK,gBAAgB,EACtB,MAAM,wBAAwB,CAAC;AAChC,OAAO,EACL,wBAAwB,EACxB,KAAK,wBAAwB,EAC9B,MAAM,kCAAkC,CAAC;AAC1C,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,yBAAyB,CAAC;AAEjE,OAAO,EACL,mBAAmB,EACnB,sBAAsB,EACtB,eAAe,EACf,gBAAgB,EAChB,wBAAwB,GACzB,CAAC;AACF,YAAY,EACV,SAAS,EACT,mBAAmB,EACnB,sBAAsB,EACtB,yBAAyB,EACzB,eAAe,EACf,gBAAgB,EAChB,wBAAwB,EACxB,iBAAiB,GAClB,CAAC"}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/credential/issuance/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,SAAS,EAAE,MAAM,iBAAiB,CAAC;AACjD,OAAO,EACL,mBAAmB,EACnB,KAAK,mBAAmB,EACzB,MAAM,4BAA4B,CAAC;AACpC,OAAO,EACL,sBAAsB,EACtB,KAAK,sBAAsB,EAC5B,MAAM,+BAA+B,CAAC;AACvC,OAAO,EACL,sCAAsC,EACtC,KAAK,sCAAsC,EAC5C,MAAM,kCAAkC,CAAC;AAC1C,OAAO,EAAE,eAAe,EAAE,KAAK,eAAe,EAAE,MAAM,uBAAuB,CAAC;AAC9E,OAAO,EACL,gBAAgB,EAChB,KAAK,gBAAgB,EACtB,MAAM,wBAAwB,CAAC;AAChC,OAAO,EACL,wBAAwB,EACxB,KAAK,wBAAwB,EAC9B,MAAM,kCAAkC,CAAC;AAE1C,OAAO,EACL,mBAAmB,EACnB,sBAAsB,EACtB,sCAAsC,EACtC,eAAe,EACf,gBAAgB,EAChB,wBAAwB,GACzB,CAAC;AACF,YAAY,EACV,SAAS,EACT,mBAAmB,EACnB,sBAAsB,EACtB,sCAAsC,EACtC,eAAe,EACf,gBAAgB,EAChB,wBAAwB,GACzB,CAAC"}
@@ -0,0 +1,63 @@
1
+ import * as z from "zod";
2
+ export type TokenResponse = z.infer<typeof TokenResponse>;
3
+ export declare const TokenResponse: z.ZodObject<{
4
+ access_token: z.ZodString;
5
+ authorization_details: z.ZodArray<z.ZodObject<{
6
+ credential_configuration_id: z.ZodString;
7
+ format: z.ZodUnion<[z.ZodLiteral<"vc+sd-jwt">, z.ZodLiteral<"vc+mdoc-cbor">]>;
8
+ type: z.ZodLiteral<"openid_credential">;
9
+ }, "strip", z.ZodTypeAny, {
10
+ type: "openid_credential";
11
+ format: "vc+sd-jwt" | "vc+mdoc-cbor";
12
+ credential_configuration_id: string;
13
+ }, {
14
+ type: "openid_credential";
15
+ format: "vc+sd-jwt" | "vc+mdoc-cbor";
16
+ credential_configuration_id: string;
17
+ }>, "many">;
18
+ c_nonce: z.ZodString;
19
+ c_nonce_expires_in: z.ZodNumber;
20
+ expires_in: z.ZodNumber;
21
+ token_type: z.ZodString;
22
+ }, "strip", z.ZodTypeAny, {
23
+ authorization_details: {
24
+ type: "openid_credential";
25
+ format: "vc+sd-jwt" | "vc+mdoc-cbor";
26
+ credential_configuration_id: string;
27
+ }[];
28
+ access_token: string;
29
+ c_nonce: string;
30
+ c_nonce_expires_in: number;
31
+ expires_in: number;
32
+ token_type: string;
33
+ }, {
34
+ authorization_details: {
35
+ type: "openid_credential";
36
+ format: "vc+sd-jwt" | "vc+mdoc-cbor";
37
+ credential_configuration_id: string;
38
+ }[];
39
+ access_token: string;
40
+ c_nonce: string;
41
+ c_nonce_expires_in: number;
42
+ expires_in: number;
43
+ token_type: string;
44
+ }>;
45
+ export type CredentialResponse = z.infer<typeof CredentialResponse>;
46
+ export declare const CredentialResponse: z.ZodObject<{
47
+ c_nonce: z.ZodString;
48
+ c_nonce_expires_in: z.ZodNumber;
49
+ credential: z.ZodString;
50
+ format: z.ZodUnion<[z.ZodLiteral<"vc+sd-jwt">, z.ZodLiteral<"vc+mdoc-cbor">]>;
51
+ }, "strip", z.ZodTypeAny, {
52
+ format: "vc+sd-jwt" | "vc+mdoc-cbor";
53
+ c_nonce: string;
54
+ c_nonce_expires_in: number;
55
+ credential: string;
56
+ }, {
57
+ format: "vc+sd-jwt" | "vc+mdoc-cbor";
58
+ c_nonce: string;
59
+ c_nonce_expires_in: number;
60
+ credential: string;
61
+ }>;
62
+ export type ResponseMode = "query" | "form_post.jwt";
63
+ //# sourceMappingURL=types.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../../src/credential/issuance/types.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,CAAC,MAAM,KAAK,CAAC;AAGzB,MAAM,MAAM,aAAa,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,aAAa,CAAC,CAAC;AAE1D,eAAO,MAAM,aAAa;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAOxB,CAAC;AAEH,MAAM,MAAM,kBAAkB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,kBAAkB,CAAC,CAAC;AAEpE,eAAO,MAAM,kBAAkB;;;;;;;;;;;;;;;EAK7B,CAAC;AAEH,MAAM,MAAM,YAAY,GAAG,OAAO,GAAG,eAAe,CAAC"}
@@ -22,28 +22,28 @@ export declare const RequestObject: z.ZodObject<{
22
22
  client_id_scheme: z.ZodLiteral<"entity_id">;
23
23
  scope: z.ZodString;
24
24
  }, "strip", z.ZodTypeAny, {
25
+ state: string;
25
26
  iss: string;
26
27
  iat: number;
27
28
  exp: number;
28
29
  client_id: string;
30
+ scope: string;
29
31
  nonce: string;
30
32
  response_type: "vp_token";
31
- state: string;
32
- response_uri: string;
33
33
  response_mode: "direct_post.jwt";
34
+ response_uri: string;
34
35
  client_id_scheme: "entity_id";
35
- scope: string;
36
36
  }, {
37
+ state: string;
37
38
  iss: string;
38
39
  iat: number;
39
40
  exp: number;
40
41
  client_id: string;
42
+ scope: string;
41
43
  nonce: string;
42
44
  response_type: "vp_token";
43
- state: string;
44
- response_uri: string;
45
45
  response_mode: "direct_post.jwt";
46
+ response_uri: string;
46
47
  client_id_scheme: "entity_id";
47
- scope: string;
48
48
  }>;
49
49
  //# sourceMappingURL=types.d.ts.map
@@ -1,3 +1,4 @@
1
+ import type { AuthorizationContext } from "./utils/auth";
1
2
  import { fixBase64EncodingOnKey } from "./utils/jwk";
2
3
  import "react-native-url-polyfill/auto";
3
4
  import * as Credential from "./credential";
@@ -11,5 +12,5 @@ import { AuthorizationDetail, AuthorizationDetails } from "./utils/par";
11
12
  import { createCryptoContextFor } from "./utils/crypto";
12
13
  import type { IntegrityContext } from "./utils/integrity";
13
14
  export { SdJwt, PID, Credential, WalletInstanceAttestation, WalletInstance, Errors, Trust, createCryptoContextFor, AuthorizationDetail, AuthorizationDetails, fixBase64EncodingOnKey, };
14
- export type { IntegrityContext };
15
+ export type { IntegrityContext, AuthorizationContext };
15
16
  //# sourceMappingURL=index.d.ts.map
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,sBAAsB,EAAE,MAAM,aAAa,CAAC;AAGrD,OAAO,gCAAgC,CAAC;AAExC,OAAO,KAAK,UAAU,MAAM,cAAc,CAAC;AAC3C,OAAO,KAAK,GAAG,MAAM,OAAO,CAAC;AAC7B,OAAO,KAAK,KAAK,MAAM,UAAU,CAAC;AAClC,OAAO,KAAK,MAAM,MAAM,gBAAgB,CAAC;AACzC,OAAO,KAAK,yBAAyB,MAAM,+BAA+B,CAAC;AAC3E,OAAO,KAAK,KAAK,MAAM,SAAS,CAAC;AACjC,OAAO,KAAK,cAAc,MAAM,mBAAmB,CAAC;AACpD,OAAO,EAAE,mBAAmB,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AACxE,OAAO,EAAE,sBAAsB,EAAE,MAAM,gBAAgB,CAAC;AACxD,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AAE1D,OAAO,EACL,KAAK,EACL,GAAG,EACH,UAAU,EACV,yBAAyB,EACzB,cAAc,EACd,MAAM,EACN,KAAK,EACL,sBAAsB,EACtB,mBAAmB,EACnB,oBAAoB,EACpB,sBAAsB,GACvB,CAAC;AAEF,YAAY,EAAE,gBAAgB,EAAE,CAAC"}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,cAAc,CAAC;AACzD,OAAO,EAAE,sBAAsB,EAAE,MAAM,aAAa,CAAC;AAGrD,OAAO,gCAAgC,CAAC;AAExC,OAAO,KAAK,UAAU,MAAM,cAAc,CAAC;AAC3C,OAAO,KAAK,GAAG,MAAM,OAAO,CAAC;AAC7B,OAAO,KAAK,KAAK,MAAM,UAAU,CAAC;AAClC,OAAO,KAAK,MAAM,MAAM,gBAAgB,CAAC;AACzC,OAAO,KAAK,yBAAyB,MAAM,+BAA+B,CAAC;AAC3E,OAAO,KAAK,KAAK,MAAM,SAAS,CAAC;AACjC,OAAO,KAAK,cAAc,MAAM,mBAAmB,CAAC;AACpD,OAAO,EAAE,mBAAmB,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AACxE,OAAO,EAAE,sBAAsB,EAAE,MAAM,gBAAgB,CAAC;AACxD,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AAE1D,OAAO,EACL,KAAK,EACL,GAAG,EACH,UAAU,EACV,yBAAyB,EACzB,cAAc,EACd,MAAM,EACN,KAAK,EACL,sBAAsB,EACtB,mBAAmB,EACnB,oBAAoB,EACpB,sBAAsB,GACvB,CAAC;AAEF,YAAY,EAAE,gBAAgB,EAAE,oBAAoB,EAAE,CAAC"}
@@ -1 +1 @@
1
- {"version":3,"file":"converters.d.ts","sourceRoot":"","sources":["../../../../src/pid/sd-jwt/converters.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAC/D,OAAO,EAAE,GAAG,EAAE,MAAM,SAAS,CAAC;AAE9B,wBAAgB,YAAY,CAAC,KAAK,EAAE,QAAQ,EAAE,WAAW,EAAE,UAAU,EAAE,GAAG,GAAG,CAqB5E"}
1
+ {"version":3,"file":"converters.d.ts","sourceRoot":"","sources":["../../../../src/pid/sd-jwt/converters.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAC/D,OAAO,EAAE,GAAG,EAAE,MAAM,SAAS,CAAC;AAE9B,wBAAgB,YAAY,CAAC,KAAK,EAAE,QAAQ,EAAE,WAAW,EAAE,UAAU,EAAE,GAAG,GAAG,CAe5E"}
@@ -10,7 +10,7 @@ export declare const PID: z.ZodObject<{
10
10
  issuer: z.ZodString;
11
11
  issuedAt: z.ZodDate;
12
12
  expiration: z.ZodDate;
13
- verification: z.ZodObject<{
13
+ verification: z.ZodOptional<z.ZodObject<{
14
14
  trustFramework: z.ZodLiteral<"eidas">;
15
15
  assuranceLevel: z.ZodString;
16
16
  evidence: z.ZodArray<z.ZodObject<{
@@ -94,13 +94,13 @@ export declare const PID: z.ZodObject<{
94
94
  };
95
95
  };
96
96
  }[];
97
- }>;
97
+ }>>;
98
98
  claims: z.ZodObject<{
99
99
  uniqueId: z.ZodString;
100
100
  givenName: z.ZodString;
101
101
  familyName: z.ZodString;
102
- birthdate: z.ZodString;
103
- placeOfBirth: z.ZodObject<{
102
+ birthDate: z.ZodString;
103
+ placeOfBirth: z.ZodOptional<z.ZodObject<{
104
104
  country: z.ZodString;
105
105
  locality: z.ZodString;
106
106
  }, "strip", z.ZodTypeAny, {
@@ -109,31 +109,45 @@ export declare const PID: z.ZodObject<{
109
109
  }, {
110
110
  country: string;
111
111
  locality: string;
112
- }>;
112
+ }>>;
113
113
  taxIdCode: z.ZodString;
114
114
  }, "strip", z.ZodTypeAny, {
115
115
  uniqueId: string;
116
116
  givenName: string;
117
117
  familyName: string;
118
- birthdate: string;
119
- placeOfBirth: {
118
+ birthDate: string;
119
+ taxIdCode: string;
120
+ placeOfBirth?: {
120
121
  country: string;
121
122
  locality: string;
122
- };
123
- taxIdCode: string;
123
+ } | undefined;
124
124
  }, {
125
125
  uniqueId: string;
126
126
  givenName: string;
127
127
  familyName: string;
128
- birthdate: string;
129
- placeOfBirth: {
128
+ birthDate: string;
129
+ taxIdCode: string;
130
+ placeOfBirth?: {
130
131
  country: string;
131
132
  locality: string;
132
- };
133
- taxIdCode: string;
133
+ } | undefined;
134
134
  }>;
135
135
  }, "strip", z.ZodTypeAny, {
136
- verification: {
136
+ claims: {
137
+ uniqueId: string;
138
+ givenName: string;
139
+ familyName: string;
140
+ birthDate: string;
141
+ taxIdCode: string;
142
+ placeOfBirth?: {
143
+ country: string;
144
+ locality: string;
145
+ } | undefined;
146
+ };
147
+ issuer: string;
148
+ issuedAt: Date;
149
+ expiration: Date;
150
+ verification?: {
137
151
  trustFramework: "eidas";
138
152
  assuranceLevel: string;
139
153
  evidence: {
@@ -147,23 +161,23 @@ export declare const PID: z.ZodObject<{
147
161
  };
148
162
  };
149
163
  }[];
150
- };
164
+ } | undefined;
165
+ }, {
151
166
  claims: {
152
167
  uniqueId: string;
153
168
  givenName: string;
154
169
  familyName: string;
155
- birthdate: string;
156
- placeOfBirth: {
170
+ birthDate: string;
171
+ taxIdCode: string;
172
+ placeOfBirth?: {
157
173
  country: string;
158
174
  locality: string;
159
- };
160
- taxIdCode: string;
175
+ } | undefined;
161
176
  };
162
177
  issuer: string;
163
178
  issuedAt: Date;
164
179
  expiration: Date;
165
- }, {
166
- verification: {
180
+ verification?: {
167
181
  trustFramework: "eidas";
168
182
  assuranceLevel: string;
169
183
  evidence: {
@@ -177,20 +191,6 @@ export declare const PID: z.ZodObject<{
177
191
  };
178
192
  };
179
193
  }[];
180
- };
181
- claims: {
182
- uniqueId: string;
183
- givenName: string;
184
- familyName: string;
185
- birthdate: string;
186
- placeOfBirth: {
187
- country: string;
188
- locality: string;
189
- };
190
- taxIdCode: string;
191
- };
192
- issuer: string;
193
- issuedAt: Date;
194
- expiration: Date;
194
+ } | undefined;
195
195
  }>;
196
196
  //# sourceMappingURL=types.d.ts.map
@@ -1 +1 @@
1
- {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../../src/pid/sd-jwt/types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAoBxB;;;;;GAKG;AACH,MAAM,MAAM,GAAG,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,GAAG,CAAC,CAAC;AACtC,eAAO,MAAM,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAgBd,CAAC"}
1
+ {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../../src/pid/sd-jwt/types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAoBxB;;;;;GAKG;AACH,MAAM,MAAM,GAAG,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,GAAG,CAAC,CAAC;AACtC,eAAO,MAAM,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAkBd,CAAC"}