@pagopa/io-react-native-wallet 0.12.0 → 0.13.1
Sign up to get free protection for your applications and to get access to all the features.
- package/lib/commonjs/client/generated/wallet-provider.js +22 -22
- package/lib/commonjs/client/generated/wallet-provider.js.map +1 -1
- package/lib/commonjs/client/index.js +1 -2
- package/lib/commonjs/client/index.js.map +1 -1
- package/lib/commonjs/credential/issuance/02-evaluate-issuer-trust.js +2 -1
- package/lib/commonjs/credential/issuance/02-evaluate-issuer-trust.js.map +1 -1
- package/lib/commonjs/credential/issuance/03-start-credential-issuance.js +287 -0
- package/lib/commonjs/credential/issuance/03-start-credential-issuance.js.map +1 -0
- package/lib/commonjs/credential/issuance/03-start-user-authorization.js +55 -82
- package/lib/commonjs/credential/issuance/03-start-user-authorization.js.map +1 -1
- package/lib/commonjs/credential/issuance/04-complete-user-authorization.js +88 -0
- package/lib/commonjs/credential/issuance/04-complete-user-authorization.js.map +1 -1
- package/lib/commonjs/credential/issuance/05-authorize-access.js +55 -32
- package/lib/commonjs/credential/issuance/05-authorize-access.js.map +1 -1
- package/lib/commonjs/credential/issuance/06-obtain-credential.js +50 -77
- package/lib/commonjs/credential/issuance/06-obtain-credential.js.map +1 -1
- package/lib/commonjs/credential/issuance/07-verify-and-parse-credential.js +21 -44
- package/lib/commonjs/credential/issuance/07-verify-and-parse-credential.js.map +1 -1
- package/lib/commonjs/credential/issuance/index.js +7 -0
- package/lib/commonjs/credential/issuance/index.js.map +1 -1
- package/lib/commonjs/credential/issuance/types.js +28 -0
- package/lib/commonjs/credential/issuance/types.js.map +1 -0
- package/lib/commonjs/index.js.map +1 -1
- package/lib/commonjs/pid/sd-jwt/converters.js +5 -9
- package/lib/commonjs/pid/sd-jwt/converters.js.map +1 -1
- package/lib/commonjs/pid/sd-jwt/types.js +3 -3
- package/lib/commonjs/pid/sd-jwt/types.js.map +1 -1
- package/lib/commonjs/sd-jwt/__test__/converters.test.js +1 -1
- package/lib/commonjs/sd-jwt/__test__/converters.test.js.map +1 -1
- package/lib/commonjs/sd-jwt/__test__/index.test.js +30 -43
- package/lib/commonjs/sd-jwt/__test__/index.test.js.map +1 -1
- package/lib/commonjs/sd-jwt/__test__/types.test.js +16 -24
- package/lib/commonjs/sd-jwt/__test__/types.test.js.map +1 -1
- package/lib/commonjs/sd-jwt/index.js +3 -9
- package/lib/commonjs/sd-jwt/index.js.map +1 -1
- package/lib/commonjs/sd-jwt/types.js +11 -16
- package/lib/commonjs/sd-jwt/types.js.map +1 -1
- package/lib/commonjs/trust/types.js +70 -29
- package/lib/commonjs/trust/types.js.map +1 -1
- package/lib/commonjs/utils/auth.js +44 -0
- package/lib/commonjs/utils/auth.js.map +1 -0
- package/lib/commonjs/utils/errors.js +77 -2
- package/lib/commonjs/utils/errors.js.map +1 -1
- package/lib/commonjs/utils/misc.js +34 -1
- package/lib/commonjs/utils/misc.js.map +1 -1
- package/lib/commonjs/utils/par.js +23 -15
- package/lib/commonjs/utils/par.js.map +1 -1
- package/lib/commonjs/utils/pop.js +33 -0
- package/lib/commonjs/utils/pop.js.map +1 -0
- package/lib/commonjs/wallet-instance-attestation/issuing.js +17 -2
- package/lib/commonjs/wallet-instance-attestation/issuing.js.map +1 -1
- package/lib/commonjs/wallet-instance-attestation/types.js +7 -7
- package/lib/commonjs/wallet-instance-attestation/types.js.map +1 -1
- package/lib/module/client/generated/wallet-provider.js +16 -19
- package/lib/module/client/generated/wallet-provider.js.map +1 -1
- package/lib/module/client/index.js +1 -2
- package/lib/module/client/index.js.map +1 -1
- package/lib/module/credential/issuance/02-evaluate-issuer-trust.js +2 -1
- package/lib/module/credential/issuance/02-evaluate-issuer-trust.js.map +1 -1
- package/lib/module/credential/issuance/03-start-credential-issuance.js +276 -0
- package/lib/module/credential/issuance/03-start-credential-issuance.js.map +1 -0
- package/lib/module/credential/issuance/03-start-user-authorization.js +55 -79
- package/lib/module/credential/issuance/03-start-user-authorization.js.map +1 -1
- package/lib/module/credential/issuance/04-complete-user-authorization.js +85 -1
- package/lib/module/credential/issuance/04-complete-user-authorization.js.map +1 -1
- package/lib/module/credential/issuance/05-authorize-access.js +53 -32
- package/lib/module/credential/issuance/05-authorize-access.js.map +1 -1
- package/lib/module/credential/issuance/06-obtain-credential.js +49 -74
- package/lib/module/credential/issuance/06-obtain-credential.js.map +1 -1
- package/lib/module/credential/issuance/07-verify-and-parse-credential.js +21 -44
- package/lib/module/credential/issuance/07-verify-and-parse-credential.js.map +1 -1
- package/lib/module/credential/issuance/index.js +2 -1
- package/lib/module/credential/issuance/index.js.map +1 -1
- package/lib/module/credential/issuance/types.js +18 -0
- package/lib/module/credential/issuance/types.js.map +1 -0
- package/lib/module/index.js.map +1 -1
- package/lib/module/pid/sd-jwt/converters.js +5 -9
- package/lib/module/pid/sd-jwt/converters.js.map +1 -1
- package/lib/module/pid/sd-jwt/types.js +3 -3
- package/lib/module/pid/sd-jwt/types.js.map +1 -1
- package/lib/module/sd-jwt/__test__/converters.test.js +1 -1
- package/lib/module/sd-jwt/__test__/converters.test.js.map +1 -1
- package/lib/module/sd-jwt/__test__/index.test.js +30 -43
- package/lib/module/sd-jwt/__test__/index.test.js.map +1 -1
- package/lib/module/sd-jwt/__test__/types.test.js +16 -24
- package/lib/module/sd-jwt/__test__/types.test.js.map +1 -1
- package/lib/module/sd-jwt/index.js +3 -9
- package/lib/module/sd-jwt/index.js.map +1 -1
- package/lib/module/sd-jwt/types.js +11 -16
- package/lib/module/sd-jwt/types.js.map +1 -1
- package/lib/module/sd-jwt/verifier.js.map +1 -1
- package/lib/module/trust/types.js +70 -29
- package/lib/module/trust/types.js.map +1 -1
- package/lib/module/utils/auth.js +35 -0
- package/lib/module/utils/auth.js.map +1 -0
- package/lib/module/utils/errors.js +71 -0
- package/lib/module/utils/errors.js.map +1 -1
- package/lib/module/utils/misc.js +31 -0
- package/lib/module/utils/misc.js.map +1 -1
- package/lib/module/utils/par.js +24 -16
- package/lib/module/utils/par.js.map +1 -1
- package/lib/module/utils/pop.js +24 -0
- package/lib/module/utils/pop.js.map +1 -0
- package/lib/module/wallet-instance-attestation/issuing.js +17 -2
- package/lib/module/wallet-instance-attestation/issuing.js.map +1 -1
- package/lib/module/wallet-instance-attestation/types.js +7 -7
- package/lib/module/wallet-instance-attestation/types.js.map +1 -1
- package/lib/typescript/client/generated/wallet-provider.d.ts +35 -13
- package/lib/typescript/client/generated/wallet-provider.d.ts.map +1 -1
- package/lib/typescript/client/index.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/01-start-flow.d.ts +1 -0
- package/lib/typescript/credential/issuance/01-start-flow.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/02-evaluate-issuer-trust.d.ts +2 -1
- package/lib/typescript/credential/issuance/02-evaluate-issuer-trust.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/03-start-credential-issuance.d.ts +41 -0
- package/lib/typescript/credential/issuance/03-start-credential-issuance.d.ts.map +1 -0
- package/lib/typescript/credential/issuance/03-start-user-authorization.d.ts +22 -17
- package/lib/typescript/credential/issuance/03-start-user-authorization.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/04-complete-user-authorization.d.ts +24 -12
- package/lib/typescript/credential/issuance/04-complete-user-authorization.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/05-authorize-access.d.ts +21 -15
- package/lib/typescript/credential/issuance/05-authorize-access.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/06-obtain-credential.d.ts +19 -26
- package/lib/typescript/credential/issuance/06-obtain-credential.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/07-verify-and-parse-credential.d.ts +10 -15
- package/lib/typescript/credential/issuance/07-verify-and-parse-credential.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/index.d.ts +3 -4
- package/lib/typescript/credential/issuance/index.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/types.d.ts +63 -0
- package/lib/typescript/credential/issuance/types.d.ts.map +1 -0
- package/lib/typescript/credential/presentation/types.d.ts +6 -6
- package/lib/typescript/index.d.ts +2 -1
- package/lib/typescript/index.d.ts.map +1 -1
- package/lib/typescript/pid/sd-jwt/converters.d.ts.map +1 -1
- package/lib/typescript/pid/sd-jwt/types.d.ts +36 -36
- package/lib/typescript/pid/sd-jwt/types.d.ts.map +1 -1
- package/lib/typescript/sd-jwt/index.d.ts +40 -68
- package/lib/typescript/sd-jwt/index.d.ts.map +1 -1
- package/lib/typescript/sd-jwt/types.d.ts +64 -121
- package/lib/typescript/sd-jwt/types.d.ts.map +1 -1
- package/lib/typescript/trust/index.d.ts +150 -48
- package/lib/typescript/trust/index.d.ts.map +1 -1
- package/lib/typescript/trust/types.d.ts +2838 -1740
- package/lib/typescript/trust/types.d.ts.map +1 -1
- package/lib/typescript/utils/auth.d.ts +52 -0
- package/lib/typescript/utils/auth.d.ts.map +1 -0
- package/lib/typescript/utils/errors.d.ts +36 -1
- package/lib/typescript/utils/errors.d.ts.map +1 -1
- package/lib/typescript/utils/integrity.d.ts +1 -1
- package/lib/typescript/utils/misc.d.ts +18 -0
- package/lib/typescript/utils/misc.d.ts.map +1 -1
- package/lib/typescript/utils/par.d.ts +8 -31
- package/lib/typescript/utils/par.d.ts.map +1 -1
- package/lib/typescript/utils/pop.d.ts +26 -0
- package/lib/typescript/utils/pop.d.ts.map +1 -0
- package/lib/typescript/wallet-instance-attestation/issuing.d.ts +2 -1
- package/lib/typescript/wallet-instance-attestation/issuing.d.ts.map +1 -1
- package/lib/typescript/wallet-instance-attestation/types.d.ts +59 -59
- package/lib/typescript/wallet-instance-attestation/types.d.ts.map +1 -1
- package/package.json +2 -1
- package/src/client/generated/wallet-provider.ts +24 -21
- package/src/client/index.ts +3 -8
- package/src/credential/issuance/01-start-flow.ts +1 -0
- package/src/credential/issuance/02-evaluate-issuer-trust.ts +2 -1
- package/src/credential/issuance/03-start-credential-issuance.ts +407 -0
- package/src/credential/issuance/03-start-user-authorization.ts +87 -92
- package/src/credential/issuance/04-complete-user-authorization.ts +114 -13
- package/src/credential/issuance/05-authorize-access.ts +73 -48
- package/src/credential/issuance/06-obtain-credential.ts +77 -111
- package/src/credential/issuance/07-verify-and-parse-credential.ts +30 -67
- package/src/credential/issuance/index.ts +6 -4
- package/src/credential/issuance/types.ts +25 -0
- package/src/index.ts +2 -1
- package/src/pid/sd-jwt/converters.ts +5 -11
- package/src/pid/sd-jwt/types.ts +8 -6
- package/src/sd-jwt/__test__/converters.test.ts +1 -1
- package/src/sd-jwt/__test__/index.test.ts +45 -74
- package/src/sd-jwt/__test__/types.test.ts +21 -33
- package/src/sd-jwt/index.ts +3 -12
- package/src/sd-jwt/types.ts +17 -22
- package/src/trust/types.ts +64 -32
- package/src/utils/auth.ts +37 -0
- package/src/utils/errors.ts +85 -1
- package/src/utils/integrity.ts +1 -1
- package/src/utils/misc.ts +43 -0
- package/src/utils/par.ts +29 -17
- package/src/utils/pop.ts +34 -0
- package/src/wallet-instance-attestation/issuing.ts +39 -2
- package/src/wallet-instance-attestation/types.ts +11 -7
- package/lib/commonjs/credential/issuance/07-confirm-credential.js +0 -6
- package/lib/commonjs/credential/issuance/07-confirm-credential.js.map +0 -1
- package/lib/commonjs/credential/issuance/08-confirm-credential.js +0 -6
- package/lib/commonjs/credential/issuance/08-confirm-credential.js.map +0 -1
- package/lib/module/credential/issuance/07-confirm-credential.js +0 -2
- package/lib/module/credential/issuance/07-confirm-credential.js.map +0 -1
- package/lib/module/credential/issuance/08-confirm-credential.js +0 -2
- package/lib/module/credential/issuance/08-confirm-credential.js.map +0 -1
- package/lib/typescript/credential/issuance/07-confirm-credential.d.ts +0 -11
- package/lib/typescript/credential/issuance/07-confirm-credential.d.ts.map +0 -1
- package/lib/typescript/credential/issuance/08-confirm-credential.d.ts +0 -11
- package/lib/typescript/credential/issuance/08-confirm-credential.d.ts.map +0 -1
- package/src/credential/issuance/07-confirm-credential.ts +0 -14
- package/src/credential/issuance/08-confirm-credential.ts +0 -14
- package/src/sd-jwt/__test__/converters.test.js +0 -24
- package/src/sd-jwt/verifier.js +0 -12
@@ -13,99 +13,70 @@ import { SdJwt4VC } from "../types";
|
|
13
13
|
// - "address" is used as verification._sd
|
14
14
|
// - all others disclosures are in claims._sd
|
15
15
|
const token =
|
16
|
-
"
|
16
|
+
"eyJraWQiOiItRl82VWdhOG4zVmVnalkyVTdZVUhLMXpMb2FELU5QVGM2M1JNSVNuTGF3IiwidHlwIjoidmMrc2Qtand0IiwiYWxnIjoiRVMyNTYifQ.eyJfc2QiOlsiMHExRDVKbWF2NnBRYUVoX0pfRmN2X3VOTk1RSWdDeWhRT3hxbFk0bDNxVSIsIktDSi1BVk52ODhkLXhqNnNVSUFPSnhGbmJVaDNySFhES2tJSDFsRnFiUnMiLCJNOWxvOVl4RE5JWHJBcTJxV2VpQ0E0MHpwSl96WWZGZFJfNEFFQUxjUnRVIiwiY3pnalVrMG5xUkNzd1NoQ2hDamRTNkExLXY0N2RfcVRDU0ZJdklIaE1vSSIsIm5HblFyN2NsbTN0ZlRwOHlqTF91SHJEU090elIyUFZiOFM3R2VMZEFxQlEiLCJ4TklWd2xwU3NhWjhDSlNmMGd6NXhfNzVWUldXYzZWMW1scGVqZENycVVzIl0sInN1YiI6IjIxNmY4OTQ2LTllY2ItNDgxOS05MzA5LWMwNzZmMzRhN2UxMSIsIl9zZF9hbGciOiJzaGEtMjU2IiwidmN0IjoiUGVyc29uSWRlbnRpZmljYXRpb25EYXRhIiwiaXNzIjoiaHR0cHM6Ly9wcmUuZWlkLndhbGxldC5pcHpzLml0IiwiY25mIjp7Imp3ayI6eyJrdHkiOiJFQyIsImNydiI6IlAtMjU2Iiwia2lkIjoiUnYzVy1FaUtwdkJUeWs1eVp4dnJldi03TURCNlNselVDQm9fQ1FqamRkVSIsIngiOiIwV294N1F0eVBxQnlnMzVNSF9YeUNjbmQ1TGUtSm0wQVhIbFVnREJBMDNZIiwieSI6ImVFaFZ2ZzFKUHFOZDNEVFNhNG1HREdCbHdZNk5QLUVaYkxiTkZYU1h3SWcifX0sImV4cCI6MTc1MTU0NjU3Niwic3RhdHVzIjp7InN0YXR1c19hdHRlc3RhdGlvbiI6eyJjcmVkZW50aWFsX2hhc2hfYWxnIjoic2hhLTI1NiJ9fX0.qXHA2oqr8trX4fGxpxpUft2GX380TM3pzfo1MYAsDjUC8HsODA-4rdRWAvDe2zYP57x4tJU7eiABkd1Kmln9yQ~WyJrSkRFUDhFYU5URU1CRE9aelp6VDR3IiwidW5pcXVlX2lkIiwiVElOSVQtTFZMREFBODVUNTBHNzAyQiJd~WyJ6SUF5VUZ2UGZJcEUxekJxeEk1aGFRIiwiYmlydGhfZGF0ZSIsIjE5ODUtMTItMTAiXQ~WyJHcjNSM3MyOTBPa1FVbS1ORlR1OTZBIiwidGF4X2lkX2NvZGUiLCJUSU5JVC1MVkxEQUE4NVQ1MEc3MDJCIl0~WyJHeE9SYWxNQWVsZlowZWRGSmpqWVV3IiwiZ2l2ZW5fbmFtZSIsIkFkYSJd~WyJfdlY1UklrbDBJT0VYS290czlrdDF3IiwiZmFtaWx5X25hbWUiLCJMb3ZlbGFjZSJd~WyJDajV0Y2NSNzJKd3J6ZTJUVzRhLXdnIiwiaWF0IiwxNzIwMDEwNTc1XQ";
|
17
17
|
|
18
18
|
const unsigned =
|
19
|
-
"
|
19
|
+
"eyJraWQiOiItRl82VWdhOG4zVmVnalkyVTdZVUhLMXpMb2FELU5QVGM2M1JNSVNuTGF3IiwidHlwIjoidmMrc2Qtand0IiwiYWxnIjoiRVMyNTYifQ.eyJfc2QiOlsiMHExRDVKbWF2NnBRYUVoX0pfRmN2X3VOTk1RSWdDeWhRT3hxbFk0bDNxVSIsIktDSi1BVk52ODhkLXhqNnNVSUFPSnhGbmJVaDNySFhES2tJSDFsRnFiUnMiLCJNOWxvOVl4RE5JWHJBcTJxV2VpQ0E0MHpwSl96WWZGZFJfNEFFQUxjUnRVIiwiY3pnalVrMG5xUkNzd1NoQ2hDamRTNkExLXY0N2RfcVRDU0ZJdklIaE1vSSIsIm5HblFyN2NsbTN0ZlRwOHlqTF91SHJEU090elIyUFZiOFM3R2VMZEFxQlEiLCJ4TklWd2xwU3NhWjhDSlNmMGd6NXhfNzVWUldXYzZWMW1scGVqZENycVVzIl0sInN1YiI6IjIxNmY4OTQ2LTllY2ItNDgxOS05MzA5LWMwNzZmMzRhN2UxMSIsIl9zZF9hbGciOiJzaGEtMjU2IiwidmN0IjoiUGVyc29uSWRlbnRpZmljYXRpb25EYXRhIiwiaXNzIjoiaHR0cHM6Ly9wcmUuZWlkLndhbGxldC5pcHpzLml0IiwiY25mIjp7Imp3ayI6eyJrdHkiOiJFQyIsImNydiI6IlAtMjU2Iiwia2lkIjoiUnYzVy1FaUtwdkJUeWs1eVp4dnJldi03TURCNlNselVDQm9fQ1FqamRkVSIsIngiOiIwV294N1F0eVBxQnlnMzVNSF9YeUNjbmQ1TGUtSm0wQVhIbFVnREJBMDNZIiwieSI6ImVFaFZ2ZzFKUHFOZDNEVFNhNG1HREdCbHdZNk5QLUVaYkxiTkZYU1h3SWcifX0sImV4cCI6MTc1MTU0NjU3Niwic3RhdHVzIjp7InN0YXR1c19hdHRlc3RhdGlvbiI6eyJjcmVkZW50aWFsX2hhc2hfYWxnIjoic2hhLTI1NiJ9fX0";
|
20
20
|
|
21
21
|
const signature =
|
22
|
-
"
|
22
|
+
"qXHA2oqr8trX4fGxpxpUft2GX380TM3pzfo1MYAsDjUC8HsODA-4rdRWAvDe2zYP57x4tJU7eiABkd1Kmln9yQ";
|
23
23
|
|
24
24
|
const signed = `${unsigned}.${signature}`;
|
25
25
|
|
26
26
|
const tokenizedDisclosures = [
|
27
|
-
"
|
28
|
-
"
|
29
|
-
"
|
30
|
-
"
|
31
|
-
"
|
32
|
-
"
|
33
|
-
"WyJHMDJOU3JRZmpGWFE3SW8wOXN5YWpBIiwgImlzX292ZXJfMjEiLCB0cnVlXQ",
|
34
|
-
"WyJsa2x4RjVqTVlsR1RQVW92TU5JdkNBIiwgImlzX292ZXJfNjUiLCB0cnVlXQ",
|
35
|
-
"WyJRZ19PNjR6cUF4ZTQxMmExMDhpcm9BIiwgImFkZHJlc3MiLCB7InN0cmVldF9hZGRyZXNzIjogIjEyMyBNYWluIFN0IiwgImxvY2FsaXR5IjogIkFueXRvd24iLCAicmVnaW9uIjogIkFueXN0YXRlIiwgImNvdW50cnkiOiAiVVMifV0",
|
27
|
+
"WyJrSkRFUDhFYU5URU1CRE9aelp6VDR3IiwidW5pcXVlX2lkIiwiVElOSVQtTFZMREFBODVUNTBHNzAyQiJd",
|
28
|
+
"WyJ6SUF5VUZ2UGZJcEUxekJxeEk1aGFRIiwiYmlydGhfZGF0ZSIsIjE5ODUtMTItMTAiXQ",
|
29
|
+
"WyJHcjNSM3MyOTBPa1FVbS1ORlR1OTZBIiwidGF4X2lkX2NvZGUiLCJUSU5JVC1MVkxEQUE4NVQ1MEc3MDJCIl0",
|
30
|
+
"WyJHeE9SYWxNQWVsZlowZWRGSmpqWVV3IiwiZ2l2ZW5fbmFtZSIsIkFkYSJd",
|
31
|
+
"WyJfdlY1UklrbDBJT0VYS290czlrdDF3IiwiZmFtaWx5X25hbWUiLCJMb3ZlbGFjZSJd",
|
32
|
+
"WyJDajV0Y2NSNzJKd3J6ZTJUVzRhLXdnIiwiaWF0IiwxNzIwMDEwNTc1XQ",
|
36
33
|
];
|
37
34
|
|
38
35
|
const sdJwt = {
|
39
36
|
header: {
|
37
|
+
kid: "-F_6Uga8n3VegjY2U7YUHK1zLoaD-NPTc63RMISnLaw",
|
40
38
|
typ: "vc+sd-jwt",
|
41
39
|
alg: "ES256",
|
42
|
-
kid: "b186ea0c1925793097bf01b8a289a45f",
|
43
|
-
trust_chain: [
|
44
|
-
"NEhRdERpYnlHY3M5WldWTWZ2aUhm ...",
|
45
|
-
"eyJhbGciOiJSUzI1NiIsImtpZCI6 ...",
|
46
|
-
"IkJYdmZybG5oQU11SFIwN2FqVW1B ...",
|
47
|
-
],
|
48
40
|
},
|
49
41
|
payload: {
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
|
54
|
-
|
55
|
-
|
42
|
+
_sd: [
|
43
|
+
"0q1D5Jmav6pQaEh_J_Fcv_uNNMQIgCyhQOxqlY4l3qU",
|
44
|
+
"KCJ-AVNv88d-xj6sUIAOJxFnbUh3rHXDKkIH1lFqbRs",
|
45
|
+
"M9lo9YxDNIXrAq2qWeiCA40zpJ_zYfFdR_4AEALcRtU",
|
46
|
+
"czgjUk0nqRCswShChCjdS6A1-v47d_qTCSFIvIHhMoI",
|
47
|
+
"nGnQr7clm3tfTp8yjL_uHrDSOtzR2PVb8S7GeLdAqBQ",
|
48
|
+
"xNIVwlpSsaZ8CJSf0gz5x_75VRWWc6V1mlpejdCrqUs",
|
49
|
+
],
|
50
|
+
sub: "216f8946-9ecb-4819-9309-c076f34a7e11",
|
51
|
+
_sd_alg: "sha-256",
|
52
|
+
vct: "PersonIdentificationData",
|
53
|
+
iss: "https://pre.eid.wallet.ipzs.it",
|
56
54
|
cnf: {
|
57
55
|
jwk: {
|
58
|
-
kty: "
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
|
56
|
+
kty: "EC",
|
57
|
+
crv: "P-256",
|
58
|
+
kid: "Rv3W-EiKpvBTyk5yZxvrev-7MDB6SlzUCBo_CQjjddU",
|
59
|
+
x: "0Wox7QtyPqByg35MH_XyCcnd5Le-Jm0AXHlUgDBA03Y",
|
60
|
+
y: "eEhVvg1JPqNd3DTSa4mGDGBlwY6NP-EZbLbNFXSXwIg",
|
63
61
|
},
|
64
62
|
},
|
65
|
-
|
66
|
-
|
67
|
-
|
68
|
-
|
69
|
-
trust_framework: "eidas",
|
70
|
-
assurance_level: "high",
|
71
|
-
},
|
72
|
-
claims: {
|
73
|
-
_sd: [
|
74
|
-
"09vKrJMOlyTWM0sjpu_pdOBVBQ2M1y3KhpH515nXkpY",
|
75
|
-
"2rsjGbaC0ky8mT0pJrPioWTq0_daw1sX76poUlgCwbI",
|
76
|
-
"EkO8dhW0dHEJbvUHlE_VCeuC9uRELOieLZhh7XbUTtA",
|
77
|
-
"IlDzIKeiZdDwpqpK6ZfbyphFvz5FgnWa-sN6wqQXCiw",
|
78
|
-
"PorFbpKuVu6xymJagvkFsFXAbRoc2JGlAUA2BA4o7cI",
|
79
|
-
"TGf4oLbgwd5JQaHyKVQZU9UdGE0w5rtDsrZzfUaomLo",
|
80
|
-
"jdrTE8YcbY4EifugihiAe_BPekxJQZICeiUQwY9QqxI",
|
81
|
-
"jsu9yVulwQQlhFlM_3JlzMaSFzglhQG0DpfayQwLUK4",
|
82
|
-
],
|
63
|
+
exp: 1751546576,
|
64
|
+
status: {
|
65
|
+
status_attestation: {
|
66
|
+
credential_hash_alg: "sha-256",
|
83
67
|
},
|
84
68
|
},
|
85
|
-
_sd_alg: "sha-256",
|
86
69
|
},
|
87
70
|
};
|
88
71
|
|
89
72
|
// In the very same order than tokenizedDisclosures
|
90
73
|
const disclosures = [
|
91
|
-
["
|
92
|
-
["
|
93
|
-
["
|
94
|
-
["
|
95
|
-
["
|
96
|
-
["
|
97
|
-
["G02NSrQfjFXQ7Io09syajA", "is_over_21", true],
|
98
|
-
["lklxF5jMYlGTPUovMNIvCA", "is_over_65", true],
|
99
|
-
[
|
100
|
-
"Qg_O64zqAxe412a108iroA",
|
101
|
-
"address",
|
102
|
-
{
|
103
|
-
street_address: "123 Main St",
|
104
|
-
locality: "Anytown",
|
105
|
-
region: "Anystate",
|
106
|
-
country: "US",
|
107
|
-
},
|
108
|
-
],
|
74
|
+
["kJDEP8EaNTEMBDOZzZzT4w", "unique_id", "TINIT-LVLDAA85T50G702B"],
|
75
|
+
["zIAyUFvPfIpE1zBqxI5haQ", "birth_date", "1985-12-10"],
|
76
|
+
["Gr3R3s290OkQUm-NFTu96A", "tax_id_code", "TINIT-LVLDAA85T50G702B"],
|
77
|
+
["GxORalMAelfZ0edFJjjYUw", "given_name", "Ada"],
|
78
|
+
["_vV5RIkl0IOEXKots9kt1w", "family_name", "Lovelace"],
|
79
|
+
["Cj5tccR72Jwrze2TW4a-wg", "iat", 1720010575],
|
109
80
|
];
|
110
81
|
it("Ensures example data correctness", () => {
|
111
82
|
expect(
|
@@ -161,8 +132,8 @@ describe("disclose", () => {
|
|
161
132
|
it("should encode a valid sdjwt (one claim)", async () => {
|
162
133
|
const result = await disclose(token, ["given_name"]);
|
163
134
|
const expected = {
|
164
|
-
token: `${signed}~
|
165
|
-
paths: [{ claim: "given_name", path: "verified_claims.claims._sd[
|
135
|
+
token: `${signed}~WyJHeE9SYWxNQWVsZlowZWRGSmpqWVV3IiwiZ2l2ZW5fbmFtZSIsIkFkYSJd`,
|
136
|
+
paths: [{ claim: "given_name", path: "verified_claims.claims._sd[3]" }],
|
166
137
|
};
|
167
138
|
|
168
139
|
expect(result).toEqual(expected);
|
@@ -176,17 +147,17 @@ describe("disclose", () => {
|
|
176
147
|
});
|
177
148
|
|
178
149
|
it("should encode a valid sdjwt (multiple claims)", async () => {
|
179
|
-
const result = await disclose(token, ["
|
150
|
+
const result = await disclose(token, ["iat", "family_name"]);
|
180
151
|
const expected = {
|
181
|
-
token: `${signed}~
|
152
|
+
token: `${signed}~WyJfdlY1UklrbDBJT0VYS290czlrdDF3IiwiZmFtaWx5X25hbWUiLCJMb3ZlbGFjZSJd~WyJDajV0Y2NSNzJKd3J6ZTJUVzRhLXdnIiwiaWF0IiwxNzIwMDEwNTc1XQ`,
|
182
153
|
paths: [
|
183
154
|
{
|
184
|
-
claim: "
|
185
|
-
path: "verified_claims.claims._sd[
|
155
|
+
claim: "iat",
|
156
|
+
path: "verified_claims.claims._sd[4]",
|
186
157
|
},
|
187
158
|
{
|
188
|
-
claim: "
|
189
|
-
path: "verified_claims.
|
159
|
+
claim: "family_name",
|
160
|
+
path: "verified_claims.claims._sd[0]",
|
190
161
|
},
|
191
162
|
],
|
192
163
|
};
|
@@ -8,47 +8,35 @@ describe("SdJwt4VC", () => {
|
|
8
8
|
typ: "vc+sd-jwt",
|
9
9
|
alg: "RS512",
|
10
10
|
kid: "dB67gL7ck3TFiIAf7N6_7SHvqk0MDYMEQcoGGlkUAAw",
|
11
|
-
trust_chain: [
|
12
|
-
"NEhRdERpYnlHY3M5WldWTWZ2aUhm ...",
|
13
|
-
"eyJhbGciOiJSUzI1NiIsImtpZCI6 ...",
|
14
|
-
"IkJYdmZybG5oQU11SFIwN2FqVW1B ...",
|
15
|
-
],
|
16
11
|
},
|
17
12
|
payload: {
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
13
|
+
_sd: [
|
14
|
+
"0q1D5Jmav6pQaEh_J_Fcv_uNNMQIgCyhQOxqlY4l3qU",
|
15
|
+
"KCJ-AVNv88d-xj6sUIAOJxFnbUh3rHXDKkIH1lFqbRs",
|
16
|
+
"M9lo9YxDNIXrAq2qWeiCA40zpJ_zYfFdR_4AEALcRtU",
|
17
|
+
"czgjUk0nqRCswShChCjdS6A1-v47d_qTCSFIvIHhMoI",
|
18
|
+
"nGnQr7clm3tfTp8yjL_uHrDSOtzR2PVb8S7GeLdAqBQ",
|
19
|
+
"xNIVwlpSsaZ8CJSf0gz5x_75VRWWc6V1mlpejdCrqUs",
|
20
|
+
],
|
21
|
+
sub: "216f8946-9ecb-4819-9309-c076f34a7e11",
|
22
|
+
_sd_alg: "sha-256",
|
23
|
+
vct: "PersonIdentificationData",
|
24
|
+
iss: "https://pidprovider.example.com",
|
24
25
|
cnf: {
|
25
26
|
jwk: {
|
26
|
-
kty: "
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
27
|
+
kty: "EC",
|
28
|
+
crv: "P-256",
|
29
|
+
kid: "zEv_qGSL5r0_F67j2dwEgUJmBgbMNSEJ5K_iH1PYc7A",
|
30
|
+
x: "0Pj7v_afNp9ETJx11JbYgkI7yQpd0rtiYuo5feuAN2o",
|
31
|
+
y: "XB62Um02vHqedkOzSfJ5hdtjPz-zmV9jmWh4sKgdD9o",
|
31
32
|
},
|
32
33
|
},
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
trust_framework: "eidas",
|
38
|
-
assurance_level: "high",
|
39
|
-
},
|
40
|
-
claims: {
|
41
|
-
_sd: [
|
42
|
-
"8JjozBfovMNvQ3HflmPWy4O19Gpxs61FWHjZebU589E",
|
43
|
-
"BoMGktW1rbikntw8Fzx_BeL4YbAndr6AHsdgpatFCig",
|
44
|
-
"CFLGzentGNRFngnLVVQVcoAFi05r6RJUX-rdbLdEfew",
|
45
|
-
"JU_sTaHCngS32X-0ajHrd1-HCLCkpT5YqgcfQme168w",
|
46
|
-
"VQI-S1mT1Kxfq2o8J9io7xMMX2MIxaG9M9PeJVqrMcA",
|
47
|
-
"zVdghcmClMVWlUgGsGpSkCPkEHZ4u9oWj1SlIBlCc1o",
|
48
|
-
],
|
34
|
+
exp: 1751107255,
|
35
|
+
status: {
|
36
|
+
status_attestation: {
|
37
|
+
credential_hash_alg: "sha-256",
|
49
38
|
},
|
50
39
|
},
|
51
|
-
_sd_alg: "sha-256",
|
52
40
|
},
|
53
41
|
};
|
54
42
|
|
package/src/sd-jwt/index.ts
CHANGED
@@ -101,15 +101,9 @@ export const disclose = async (
|
|
101
101
|
|
102
102
|
// _sd is defined in verified_claims.claims and verified_claims.verification
|
103
103
|
// we must look into both
|
104
|
-
if (sdJwt.payload.
|
105
|
-
const index = sdJwt.payload.
|
104
|
+
if (sdJwt.payload._sd.includes(hash)) {
|
105
|
+
const index = sdJwt.payload._sd.indexOf(hash);
|
106
106
|
return { claim, path: `verified_claims.claims._sd[${index}]` };
|
107
|
-
} else if (
|
108
|
-
sdJwt.payload.verified_claims.verification._sd.includes(hash)
|
109
|
-
) {
|
110
|
-
const index =
|
111
|
-
sdJwt.payload.verified_claims.verification._sd.indexOf(hash);
|
112
|
-
return { claim, path: `verified_claims.verification._sd[${index}]` };
|
113
107
|
}
|
114
108
|
|
115
109
|
throw new ClaimsNotFoundInToken(claim);
|
@@ -158,10 +152,7 @@ export const verify = async <S extends z.ZodType<SdJwt4VC>>(
|
|
158
152
|
await verifyJwt(rawSdJwt, publicKey);
|
159
153
|
|
160
154
|
//Check disclosures in sd-jwt
|
161
|
-
const claims = [
|
162
|
-
...decoded.sdJwt.payload.verified_claims.verification._sd,
|
163
|
-
...decoded.sdJwt.payload.verified_claims.claims._sd,
|
164
|
-
];
|
155
|
+
const claims = [...decoded.sdJwt.payload._sd];
|
165
156
|
|
166
157
|
await Promise.all(
|
167
158
|
decoded.disclosures.map(
|
package/src/sd-jwt/types.ts
CHANGED
@@ -39,29 +39,24 @@ export const SdJwt4VC = z.object({
|
|
39
39
|
typ: z.literal("vc+sd-jwt"),
|
40
40
|
alg: z.string(),
|
41
41
|
kid: z.string().optional(),
|
42
|
-
trust_chain: z.array(z.string()),
|
43
42
|
}),
|
44
|
-
payload: z.
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
|
54
|
-
type: z.string(),
|
55
|
-
verified_claims: z.object({
|
56
|
-
verification: z.intersection(
|
57
|
-
z.object({
|
58
|
-
trust_framework: z.literal("eidas"),
|
59
|
-
assurance_level: z.string(),
|
43
|
+
payload: z.intersection(
|
44
|
+
z.object({
|
45
|
+
iss: z.string(),
|
46
|
+
sub: z.string(),
|
47
|
+
iat: UnixTime.optional(),
|
48
|
+
exp: UnixTime,
|
49
|
+
_sd_alg: z.literal("sha-256"),
|
50
|
+
status: z.object({
|
51
|
+
status_attestation: z.object({
|
52
|
+
credential_hash_alg: z.literal("sha-256"),
|
60
53
|
}),
|
61
|
-
|
62
|
-
|
63
|
-
|
54
|
+
}),
|
55
|
+
cnf: z.object({
|
56
|
+
jwk: JWK,
|
57
|
+
}),
|
58
|
+
vct: z.string(),
|
64
59
|
}),
|
65
|
-
|
66
|
-
|
60
|
+
ObfuscatedDisclosures
|
61
|
+
),
|
67
62
|
});
|
package/src/trust/types.ts
CHANGED
@@ -18,38 +18,48 @@ const RelyingPartyMetadata = z.object({
|
|
18
18
|
// instruct the Wallet Solution on how to render the credential correctly
|
19
19
|
type CredentialDisplayMetadata = z.infer<typeof CredentialDisplayMetadata>;
|
20
20
|
const CredentialDisplayMetadata = z.object({
|
21
|
+
name: z.string(),
|
22
|
+
locale: z.string(),
|
23
|
+
logo: z
|
24
|
+
.object({
|
25
|
+
url: z.string(),
|
26
|
+
alt_text: z.string(),
|
27
|
+
})
|
28
|
+
.optional(), // TODO [SIW-1268]: should not be optional
|
29
|
+
background_color: z.string().optional(), // TODO [SIW-1268]: should not be optional
|
30
|
+
text_color: z.string().optional(), // TODO [SIW-1268]: should not be optional
|
31
|
+
});
|
32
|
+
|
33
|
+
// Metadata for displaying issuer information
|
34
|
+
type CredentialIssuerDisplayMetadata = z.infer<
|
35
|
+
typeof CredentialIssuerDisplayMetadata
|
36
|
+
>;
|
37
|
+
const CredentialIssuerDisplayMetadata = z.object({
|
21
38
|
name: z.string(),
|
22
39
|
locale: z.string(),
|
23
40
|
logo: z.object({
|
24
41
|
url: z.string(),
|
25
42
|
alt_text: z.string(),
|
26
43
|
}),
|
27
|
-
background_color: z.string(),
|
28
|
-
text_color: z.string(),
|
29
44
|
});
|
30
45
|
|
31
|
-
type
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
mandatory: z.boolean(),
|
39
|
-
display: z.array(z.object({ name: z.string(), locale: z.string() })),
|
40
|
-
})
|
41
|
-
),
|
42
|
-
});
|
46
|
+
type ClaimsMetadata = z.infer<typeof ClaimsMetadata>;
|
47
|
+
const ClaimsMetadata = z.record(
|
48
|
+
z.object({
|
49
|
+
value_type: z.string(),
|
50
|
+
display: z.array(z.object({ name: z.string(), locale: z.string() })),
|
51
|
+
})
|
52
|
+
);
|
43
53
|
|
44
54
|
// Metadata for a credentia which i supported by a Issuer
|
45
55
|
type SupportedCredentialMetadata = z.infer<typeof SupportedCredentialMetadata>;
|
46
56
|
const SupportedCredentialMetadata = z.object({
|
47
|
-
id: z.string(),
|
48
57
|
format: z.union([z.literal("vc+sd-jwt"), z.literal("vc+mdoc-cbor")]),
|
49
|
-
|
50
|
-
cryptographic_suites_supported: z.array(z.string()),
|
58
|
+
scope: z.string(),
|
51
59
|
display: z.array(CredentialDisplayMetadata),
|
52
|
-
|
60
|
+
claims: ClaimsMetadata,
|
61
|
+
cryptographic_binding_methods_supported: z.array(z.string()),
|
62
|
+
credential_signing_alg_values_supported: z.array(z.string()),
|
53
63
|
});
|
54
64
|
|
55
65
|
export type EntityStatement = z.infer<typeof EntityStatement>;
|
@@ -101,19 +111,19 @@ const BaseEntityConfiguration = z.object({
|
|
101
111
|
header: EntityConfigurationHeader,
|
102
112
|
payload: z
|
103
113
|
.object({
|
104
|
-
exp: UnixTime,
|
105
|
-
iat: UnixTime,
|
106
114
|
iss: z.string(),
|
107
115
|
sub: z.string(),
|
108
|
-
|
109
|
-
|
110
|
-
|
116
|
+
iat: UnixTime,
|
117
|
+
exp: UnixTime,
|
118
|
+
authority_hints: z.array(z.string()).optional(),
|
111
119
|
metadata: z
|
112
120
|
.object({
|
113
121
|
federation_entity: FederationEntityMetadata,
|
114
122
|
})
|
115
123
|
.passthrough(),
|
116
|
-
|
124
|
+
jwks: z.object({
|
125
|
+
keys: z.array(JWK),
|
126
|
+
}),
|
117
127
|
})
|
118
128
|
.passthrough(),
|
119
129
|
});
|
@@ -135,18 +145,42 @@ export const CredentialIssuerEntityConfiguration = BaseEntityConfiguration.and(
|
|
135
145
|
metadata: z.object({
|
136
146
|
openid_credential_issuer: z.object({
|
137
147
|
credential_issuer: z.string(),
|
148
|
+
credential_endpoint: z.string(),
|
149
|
+
revocation_endpoint: z.string(),
|
150
|
+
status_attestation_endpoint: z.string(),
|
151
|
+
display: z.array(CredentialIssuerDisplayMetadata),
|
152
|
+
credential_configurations_supported: z.record(
|
153
|
+
SupportedCredentialMetadata
|
154
|
+
),
|
155
|
+
jwks: z.object({ keys: z.array(JWK) }),
|
156
|
+
}),
|
157
|
+
oauth_authorization_server: z.object({
|
138
158
|
authorization_endpoint: z.string(),
|
139
|
-
token_endpoint: z.string(),
|
140
159
|
pushed_authorization_request_endpoint: z.string(),
|
141
|
-
dpop_signing_alg_values_supported: z.array(z.string()),
|
142
|
-
|
143
|
-
|
160
|
+
dpop_signing_alg_values_supported: z.array(z.string()).optional(), // TODO [SIW-1268]: should not be optional
|
161
|
+
token_endpoint: z.string(),
|
162
|
+
introspection_endpoint: z.string().optional(), // TODO [SIW-1268]: should not be optional
|
163
|
+
client_registration_types_supported: z.array(z.string()),
|
164
|
+
code_challenge_methods_supported: z.array(z.string()),
|
165
|
+
authorization_details_types_supported: z.array(z.string()).optional(), // TODO [SIW-1268]: should not be optional,
|
166
|
+
acr_values_supported: z.array(z.string()),
|
167
|
+
grant_types_supported: z.array(z.string()),
|
168
|
+
issuer: z.string(),
|
144
169
|
jwks: z.object({ keys: z.array(JWK) }),
|
170
|
+
scopes_supported: z.array(z.string()),
|
171
|
+
request_parameter_supported: z.boolean().optional(), // TODO [SIW-1268]: should not be optional
|
172
|
+
request_uri_parameter_supported: z.boolean().optional(), // TODO [SIW-1268]: should not be optional
|
173
|
+
response_types_supported: z.array(z.string()).optional(), // TODO [SIW-1268]: should not be optional
|
174
|
+
response_modes_supported: z.array(z.string()),
|
175
|
+
subject_types_supported: z.array(z.string()).optional(), // TODO [SIW-1268]: should not be optional
|
176
|
+
token_endpoint_auth_methods_supported: z.array(z.string()),
|
177
|
+
token_endpoint_auth_signing_alg_values_supported: z.array(z.string()),
|
178
|
+
request_object_signing_alg_values_supported: z.array(z.string()),
|
145
179
|
}),
|
146
180
|
/** Credential Issuers act as Relying Party
|
147
181
|
when they require the presentation of other credentials.
|
148
182
|
This does not apply for PID issuance, which requires CIE authz. */
|
149
|
-
|
183
|
+
openid_relying_party: RelyingPartyMetadata.optional(),
|
150
184
|
}),
|
151
185
|
}),
|
152
186
|
})
|
@@ -177,9 +211,7 @@ export const WalletProviderEntityConfiguration = BaseEntityConfiguration.and(
|
|
177
211
|
wallet_provider: z
|
178
212
|
.object({
|
179
213
|
token_endpoint: z.string(),
|
180
|
-
|
181
|
-
.array(z.string())
|
182
|
-
.optional(),
|
214
|
+
aal_values_supported: z.array(z.string()).optional(),
|
183
215
|
grant_types_supported: z.array(z.string()),
|
184
216
|
token_endpoint_auth_methods_supported: z.array(z.string()),
|
185
217
|
token_endpoint_auth_signing_alg_values_supported: z.array(
|
@@ -0,0 +1,37 @@
|
|
1
|
+
import * as z from "zod";
|
2
|
+
|
3
|
+
/**
|
4
|
+
* Context for authorization during the {@link 03-start-user-authorization.ts} phase.
|
5
|
+
* It consists of a single method to identify the user which takes a URL and a redirect schema as input.
|
6
|
+
* Once the authorization is completed and the URL calls the redirect schema, the method should return the redirect URL.
|
7
|
+
*/
|
8
|
+
export interface AuthorizationContext {
|
9
|
+
authorize: (url: string, redirectSchema: string) => Promise<string>;
|
10
|
+
}
|
11
|
+
|
12
|
+
/**
|
13
|
+
* The result of the identification process.
|
14
|
+
*/
|
15
|
+
export const AuthorizationResultShape = z.object({
|
16
|
+
code: z.string(),
|
17
|
+
state: z.string(),
|
18
|
+
iss: z.string().optional(),
|
19
|
+
});
|
20
|
+
|
21
|
+
/**
|
22
|
+
* The error of the identification process.
|
23
|
+
* It follows the OAuth/OIDC error response format.
|
24
|
+
* @see https://openid.net/specs/openid-connect-core-1_0.html#AuthError
|
25
|
+
* @see https://datatracker.ietf.org/doc/html/rfc6749#section-4.1.2.1
|
26
|
+
*/
|
27
|
+
export const AuthorizationErrorShape = z.object({
|
28
|
+
error: z.string(), // not enforcing the error code format
|
29
|
+
error_description: z.string().optional(),
|
30
|
+
error_uri: z.string().optional(),
|
31
|
+
state: z.string().optional(),
|
32
|
+
});
|
33
|
+
|
34
|
+
/**
|
35
|
+
* Type of the identification result.
|
36
|
+
*/
|
37
|
+
export type AuthorizationResult = z.infer<typeof AuthorizationResultShape>;
|
package/src/utils/errors.ts
CHANGED
@@ -251,13 +251,97 @@ export class WalletProviderResponseError extends IoWalletError {
|
|
251
251
|
/** Reason code for the validation failure. */
|
252
252
|
reason: string;
|
253
253
|
|
254
|
+
/** HTTP status code */
|
255
|
+
statusCode: number;
|
256
|
+
|
254
257
|
constructor(
|
255
258
|
message: string,
|
256
259
|
claim: string = "unspecified",
|
257
|
-
reason: string = "unspecified"
|
260
|
+
reason: string = "unspecified",
|
261
|
+
statusCode: number
|
258
262
|
) {
|
263
|
+
super(
|
264
|
+
serializeAttrs({
|
265
|
+
message,
|
266
|
+
claim,
|
267
|
+
reason,
|
268
|
+
statusCode: statusCode.toString(),
|
269
|
+
})
|
270
|
+
);
|
271
|
+
this.claim = claim;
|
272
|
+
this.reason = reason;
|
273
|
+
this.statusCode = statusCode;
|
274
|
+
}
|
275
|
+
}
|
276
|
+
|
277
|
+
export class WalletInstanceRevokedError extends IoWalletError {
|
278
|
+
static get code(): "ERR_IO_WALLET_INSTANCE_REVOKED" {
|
279
|
+
return "ERR_IO_WALLET_INSTANCE_REVOKED";
|
280
|
+
}
|
281
|
+
|
282
|
+
code = "ERR_IO_WALLET_INSTANCE_REVOKED";
|
283
|
+
|
284
|
+
claim: string;
|
285
|
+
reason: string;
|
286
|
+
|
287
|
+
constructor(message: string, claim: string, reason: string = "unspecified") {
|
259
288
|
super(serializeAttrs({ message, claim, reason }));
|
289
|
+
this.reason = reason;
|
260
290
|
this.claim = claim;
|
291
|
+
}
|
292
|
+
}
|
293
|
+
|
294
|
+
export class WalletInstanceNotFoundError extends IoWalletError {
|
295
|
+
static get code(): "ERR_IO_WALLET_INSTANCE_NOT_FOUND" {
|
296
|
+
return "ERR_IO_WALLET_INSTANCE_NOT_FOUND";
|
297
|
+
}
|
298
|
+
|
299
|
+
code = "ERR_IO_WALLET_INSTANCE_NOT_FOUND";
|
300
|
+
|
301
|
+
claim: string;
|
302
|
+
reason: string;
|
303
|
+
|
304
|
+
constructor(message: string, claim: string, reason: string = "unspecified") {
|
305
|
+
super(serializeAttrs({ message, claim, reason }));
|
261
306
|
this.reason = reason;
|
307
|
+
this.claim = claim;
|
308
|
+
}
|
309
|
+
}
|
310
|
+
|
311
|
+
/**
|
312
|
+
* An error subclass thrown when an error occurs during the authorization process.
|
313
|
+
*/
|
314
|
+
export class AuthorizationError extends IoWalletError {
|
315
|
+
static get code(): "ERR_IO_WALLET_AUTHORIZATION_ERROR" {
|
316
|
+
return "ERR_IO_WALLET_AUTHORIZATION_ERROR";
|
317
|
+
}
|
318
|
+
|
319
|
+
code = "ERR_IO_WALLET_AUTHORIZATION_ERROR";
|
320
|
+
|
321
|
+
constructor(message?: string) {
|
322
|
+
super(message);
|
323
|
+
}
|
324
|
+
}
|
325
|
+
|
326
|
+
/**
|
327
|
+
* An error subclass thrown when an error occurs during the authorization process with the IDP.
|
328
|
+
* It contains the error and error description returned by the IDP.
|
329
|
+
*/
|
330
|
+
export class AuthorizationIdpError extends IoWalletError {
|
331
|
+
static get code(): "ERR_IO_WALLET_IDENTIFICATION_RESPONSE_ERROR" {
|
332
|
+
return "ERR_IO_WALLET_IDENTIFICATION_RESPONSE_ERROR";
|
333
|
+
}
|
334
|
+
|
335
|
+
code = "ERR_IO_WALLET_IDENTIFICATION_RESPONSE_PARSING_FAILED";
|
336
|
+
|
337
|
+
error: string;
|
338
|
+
errorDescription?: string;
|
339
|
+
|
340
|
+
constructor(error: string, errorDescription?: string) {
|
341
|
+
super(
|
342
|
+
serializeAttrs(errorDescription ? { error, errorDescription } : { error })
|
343
|
+
);
|
344
|
+
this.error = error;
|
345
|
+
this.errorDescription = errorDescription;
|
262
346
|
}
|
263
347
|
}
|
package/src/utils/integrity.ts
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
/**
|
2
2
|
* Interface for the integrity context which provides the necessary functions to interact with the integrity service.
|
3
3
|
* The functions are platform specific and must be implemented in the platform specific code.
|
4
|
-
* getHardwareKeyTag: returns the hardware key tag.
|
4
|
+
* getHardwareKeyTag: returns the hardware key tag in a url safe format (e.g. base64url).
|
5
5
|
* getAttestation: requests the attestation from the integrity service.
|
6
6
|
* getHardwareSignatureWithAuthData: signs the clientData and returns the signature with the authenticator data.
|
7
7
|
*/
|