@pagopa/io-react-native-wallet 0.15.3 → 0.16.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (92) hide show
  1. package/lib/commonjs/credential/index.js +3 -1
  2. package/lib/commonjs/credential/index.js.map +1 -1
  3. package/lib/commonjs/credential/issuance/04-complete-user-authorization.js +19 -4
  4. package/lib/commonjs/credential/issuance/04-complete-user-authorization.js.map +1 -1
  5. package/lib/commonjs/credential/issuance/05-authorize-access.js +9 -12
  6. package/lib/commonjs/credential/issuance/05-authorize-access.js.map +1 -1
  7. package/lib/commonjs/credential/issuance/06-obtain-credential.js +13 -2
  8. package/lib/commonjs/credential/issuance/06-obtain-credential.js.map +1 -1
  9. package/lib/commonjs/credential/status/01-start-flow.js +2 -0
  10. package/lib/commonjs/credential/status/01-start-flow.js.map +1 -0
  11. package/lib/commonjs/credential/status/02-status-attestation.js +72 -0
  12. package/lib/commonjs/credential/status/02-status-attestation.js.map +1 -0
  13. package/lib/commonjs/credential/status/03-verify-and-parse-status-attestation.js +52 -0
  14. package/lib/commonjs/credential/status/03-verify-and-parse-status-attestation.js.map +1 -0
  15. package/lib/commonjs/credential/status/errors.js +38 -0
  16. package/lib/commonjs/credential/status/errors.js.map +1 -0
  17. package/lib/commonjs/credential/status/index.js +27 -0
  18. package/lib/commonjs/credential/status/index.js.map +1 -0
  19. package/lib/commonjs/credential/status/types.js +48 -0
  20. package/lib/commonjs/credential/status/types.js.map +1 -0
  21. package/lib/commonjs/utils/errors.js +44 -2
  22. package/lib/commonjs/utils/errors.js.map +1 -1
  23. package/lib/commonjs/utils/misc.js +41 -3
  24. package/lib/commonjs/utils/misc.js.map +1 -1
  25. package/lib/commonjs/utils/par.js +1 -1
  26. package/lib/commonjs/utils/par.js.map +1 -1
  27. package/lib/module/credential/index.js +2 -1
  28. package/lib/module/credential/index.js.map +1 -1
  29. package/lib/module/credential/issuance/04-complete-user-authorization.js +21 -6
  30. package/lib/module/credential/issuance/04-complete-user-authorization.js.map +1 -1
  31. package/lib/module/credential/issuance/05-authorize-access.js +9 -12
  32. package/lib/module/credential/issuance/05-authorize-access.js.map +1 -1
  33. package/lib/module/credential/issuance/06-obtain-credential.js +13 -3
  34. package/lib/module/credential/issuance/06-obtain-credential.js.map +1 -1
  35. package/lib/module/credential/status/01-start-flow.js +2 -0
  36. package/lib/module/credential/status/01-start-flow.js.map +1 -0
  37. package/lib/module/credential/status/02-status-attestation.js +64 -0
  38. package/lib/module/credential/status/02-status-attestation.js.map +1 -0
  39. package/lib/module/credential/status/03-verify-and-parse-status-attestation.js +46 -0
  40. package/lib/module/credential/status/03-verify-and-parse-status-attestation.js.map +1 -0
  41. package/lib/module/credential/status/errors.js +30 -0
  42. package/lib/module/credential/status/errors.js.map +1 -0
  43. package/lib/module/credential/status/index.js +5 -0
  44. package/lib/module/credential/status/index.js.map +1 -0
  45. package/lib/module/credential/status/types.js +40 -0
  46. package/lib/module/credential/status/types.js.map +1 -0
  47. package/lib/module/utils/errors.js +40 -1
  48. package/lib/module/utils/errors.js.map +1 -1
  49. package/lib/module/utils/misc.js +38 -3
  50. package/lib/module/utils/misc.js.map +1 -1
  51. package/lib/module/utils/par.js +1 -1
  52. package/lib/module/utils/par.js.map +1 -1
  53. package/lib/typescript/credential/index.d.ts +2 -1
  54. package/lib/typescript/credential/index.d.ts.map +1 -1
  55. package/lib/typescript/credential/issuance/04-complete-user-authorization.d.ts +3 -1
  56. package/lib/typescript/credential/issuance/04-complete-user-authorization.d.ts.map +1 -1
  57. package/lib/typescript/credential/issuance/05-authorize-access.d.ts +2 -1
  58. package/lib/typescript/credential/issuance/05-authorize-access.d.ts.map +1 -1
  59. package/lib/typescript/credential/issuance/06-obtain-credential.d.ts +3 -1
  60. package/lib/typescript/credential/issuance/06-obtain-credential.d.ts.map +1 -1
  61. package/lib/typescript/credential/status/01-start-flow.d.ts +10 -0
  62. package/lib/typescript/credential/status/01-start-flow.d.ts.map +1 -0
  63. package/lib/typescript/credential/status/02-status-attestation.d.ts +20 -0
  64. package/lib/typescript/credential/status/02-status-attestation.d.ts.map +1 -0
  65. package/lib/typescript/credential/status/03-verify-and-parse-status-attestation.d.ts +24 -0
  66. package/lib/typescript/credential/status/03-verify-and-parse-status-attestation.d.ts.map +1 -0
  67. package/lib/typescript/credential/status/errors.d.ts +14 -0
  68. package/lib/typescript/credential/status/errors.d.ts.map +1 -0
  69. package/lib/typescript/credential/status/index.d.ts +7 -0
  70. package/lib/typescript/credential/status/index.d.ts.map +1 -0
  71. package/lib/typescript/credential/status/types.d.ts +305 -0
  72. package/lib/typescript/credential/status/types.d.ts.map +1 -0
  73. package/lib/typescript/utils/errors.d.ts +31 -0
  74. package/lib/typescript/utils/errors.d.ts.map +1 -1
  75. package/lib/typescript/utils/misc.d.ts +18 -1
  76. package/lib/typescript/utils/misc.d.ts.map +1 -1
  77. package/lib/typescript/utils/par.d.ts +1 -4
  78. package/lib/typescript/utils/par.d.ts.map +1 -1
  79. package/package.json +3 -3
  80. package/src/credential/index.ts +2 -1
  81. package/src/credential/issuance/04-complete-user-authorization.ts +36 -6
  82. package/src/credential/issuance/05-authorize-access.ts +13 -15
  83. package/src/credential/issuance/06-obtain-credential.ts +24 -4
  84. package/src/credential/status/01-start-flow.ts +9 -0
  85. package/src/credential/status/02-status-attestation.ts +101 -0
  86. package/src/credential/status/03-verify-and-parse-status-attestation.ts +60 -0
  87. package/src/credential/status/errors.ts +31 -0
  88. package/src/credential/status/index.ts +22 -0
  89. package/src/credential/status/types.ts +43 -0
  90. package/src/utils/errors.ts +46 -1
  91. package/src/utils/misc.ts +45 -4
  92. package/src/utils/par.ts +2 -2
package/lib/commonjs/credential/index.js CHANGED
@@ -3,11 +3,13 @@
3
3
  Object.defineProperty(exports, "__esModule", {
4
4
  value: true
5
5
  });
6
- exports.Presentation = exports.Issuance = void 0;
6
+ exports.Status = exports.Presentation = exports.Issuance = void 0;
7
7
  var Issuance = _interopRequireWildcard(require("./issuance"));
8
8
  exports.Issuance = Issuance;
9
9
  var Presentation = _interopRequireWildcard(require("./presentation"));
10
10
  exports.Presentation = Presentation;
11
+ var Status = _interopRequireWildcard(require("./status"));
12
+ exports.Status = Status;
11
13
  function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
12
14
  function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
13
15
  //# sourceMappingURL=index.js.map
package/lib/commonjs/credential/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["Issuance","_interopRequireWildcard","require","exports","Presentation","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set"],"sourceRoot":"../../../src","sources":["credential/index.ts"],"mappings":";;;;;;AAAA,IAAAA,QAAA,GAAAC,uBAAA,CAAAC,OAAA;AAAuCC,OAAA,CAAAH,QAAA,GAAAA,QAAA;AACvC,IAAAI,YAAA,GAAAH,uBAAA,CAAAC,OAAA;AAA+CC,OAAA,CAAAC,YAAA,GAAAA,YAAA;AAAA,SAAAC,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAL,wBAAAS,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA"}
1
+ {"version":3,"names":["Issuance","_interopRequireWildcard","require","exports","Presentation","Status","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set"],"sourceRoot":"../../../src","sources":["credential/index.ts"],"mappings":";;;;;;AAAA,IAAAA,QAAA,GAAAC,uBAAA,CAAAC,OAAA;AAAuCC,OAAA,CAAAH,QAAA,GAAAA,QAAA;AACvC,IAAAI,YAAA,GAAAH,uBAAA,CAAAC,OAAA;AAA+CC,OAAA,CAAAC,YAAA,GAAAA,YAAA;AAC/C,IAAAC,MAAA,GAAAJ,uBAAA,CAAAC,OAAA;AAAmCC,OAAA,CAAAE,MAAA,GAAAA,MAAA;AAAA,SAAAC,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAN,wBAAAU,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA"}
package/lib/commonjs/credential/issuance/04-complete-user-authorization.js CHANGED
@@ -32,11 +32,13 @@ function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { de
32
32
  * If not specified, the default browser is used
33
33
  * @param idphint Unique identifier of the SPID IDP selected by the user
34
34
  * @param redirectUri The url to reach to complete the user authorization which is the custom URL scheme that the Wallet Instance is registered to handle, usually a custom URL or deeplink
35
+ * @param signal An optional {@link AbortSignal} to abort the operation when using the default browser
35
36
  * @throws {AuthorizationError} if an error occurs during the authorization process
36
37
  * @throws {AuthorizationIdpError} if an error occurs during the authorization process and the error is related to the IDP
38
+ * @throws {OperationAbortedError} if the caller aborts the operation via the provided signal
37
39
  * @returns the authorization response which contains code, state and iss
38
40
  */
39
- const completeUserAuthorizationWithQueryMode = async (issuerRequestUri, clientId, issuerConf, idpHint, redirectUri, authorizationContext) => {
41
+ const completeUserAuthorizationWithQueryMode = async (issuerRequestUri, clientId, issuerConf, idpHint, redirectUri, authorizationContext, signal) => {
40
42
  const authzRequestEndpoint = issuerConf.oauth_authorization_server.authorization_endpoint;
41
43
  const params = new URLSearchParams({
42
44
  client_id: clientId,
@@ -52,7 +54,7 @@ const completeUserAuthorizationWithQueryMode = async (issuerRequestUri, clientId
52
54
  });
53
55
  } else {
54
56
  // handler for redirectUri
55
- _reactNative.Linking.addEventListener("url", _ref => {
57
+ const urlEventListener = _reactNative.Linking.addEventListener("url", _ref => {
56
58
  let {
57
59
  url
58
60
  } = _ref;
@@ -60,14 +62,27 @@ const completeUserAuthorizationWithQueryMode = async (issuerRequestUri, clientId
60
62
  authRedirectUrl = url;
61
63
  }
62
64
  });
63
- const openAuthUrlInBrowser = _reactNative.Linking.openURL(authUrl);
65
+ const operationIsAborted = signal ? (0, _misc.createAbortPromiseFromSignal)(signal) : undefined;
66
+ await _reactNative.Linking.openURL(authUrl);
64
67
 
65
68
  /*
66
69
  * Waits for 120 seconds for the identificationRedirectUrl variable to be set
67
70
  * by the custom url handler. If the timeout is exceeded, throw an exception
68
71
  */
69
72
  const unitAuthRedirectIsNotUndefined = (0, _misc.until)(() => authRedirectUrl !== undefined, 120);
70
- await Promise.all([openAuthUrlInBrowser, unitAuthRedirectIsNotUndefined]);
73
+
74
+ /**
75
+ * Simultaneously listen for the abort signal (when provided) and the redirect url.
76
+ * The first event that occurs will resolve the promise.
77
+ * This is useful to properly cleanup when the caller aborts this operation.
78
+ */
79
+ const winner = await Promise.race([operationIsAborted === null || operationIsAborted === void 0 ? void 0 : operationIsAborted.listen(), unitAuthRedirectIsNotUndefined].filter(_misc.isDefined)).finally(() => {
80
+ urlEventListener.remove();
81
+ operationIsAborted === null || operationIsAborted === void 0 ? void 0 : operationIsAborted.remove();
82
+ });
83
+ if (winner === "OPERATION_ABORTED") {
84
+ throw new _errors.OperationAbortedError("DefaultQueryModeAuthorization");
85
+ }
71
86
  if (authRedirectUrl === undefined) {
72
87
  throw new _errors.AuthorizationError("Invalid authentication redirect url");
73
88
  }
package/lib/commonjs/credential/issuance/04-complete-user-authorization.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["_auth","require","_misc","_parseUrl","_interopRequireDefault","_errors","_reactNative","_ioReactNativeJwt","_types","_reactNativeUuid","_types2","_decoder","obj","__esModule","default","completeUserAuthorizationWithQueryMode","issuerRequestUri","clientId","issuerConf","idpHint","redirectUri","authorizationContext","authzRequestEndpoint","oauth_authorization_server","authorization_endpoint","params","URLSearchParams","client_id","request_uri","idphint","authUrl","authRedirectUrl","redirectSchema","URL","protocol","replace","authorize","catch","e","AuthorizationError","message","Linking","addEventListener","_ref","url","includes","openAuthUrlInBrowser","openURL","unitAuthRedirectIsNotUndefined","until","undefined","Promise","all","query","parseUrl","parseAuthroizationResponse","exports","getRequestedCredentialToBePresented","appFetch","arguments","length","fetch","requestObject","toString","method","then","hasStatus","res","text","jws","decode","reqObj","RequestObject","safeParse","payload","success","ValidationFailed","error","data","completeUserAuthorizationWithFormPostJwtMode","ctx","wiaCryptoContext","pidCryptoContext","pid","walletInstanceAttestation","wiaWpToken","SignJWT","setProtectedHeader","alg","typ","setPayload","vp","jti","uuid","v4","nonce","setIssuedAt","setExpirationTime","setAudience","response_uri","sign","pidWpToken","presentationSubmission","definition_id","id","descriptor_map","path","format","authzResponsePayload","encodeBase64","JSON","stringify","state","presentation_submission","vp_token","body","response","resUriRes","headers","reqUri","json","responseUri","ResponseUriResultShape","redirect_uri","getJwtFromFormPost","cbRes","decodedJwt","authRes","authResParsed","AuthorizationResultShape","authErr","AuthorizationErrorShape","AuthorizationIdpError","error_description"],"sourceRoot":"../../../../src","sources":["credential/issuance/04-complete-user-authorization.ts"],"mappings":";;;;;;AAAA,IAAAA,KAAA,GAAAC,OAAA;AAMA,IAAAC,KAAA,GAAAD,OAAA;AAEA,IAAAE,SAAA,GAAAC,sBAAA,CAAAH,OAAA;AACA,IAAAI,OAAA,GAAAJ,OAAA;AAMA,IAAAK,YAAA,GAAAL,OAAA;AACA,IAAAM,iBAAA,GAAAN,OAAA;AAMA,IAAAO,MAAA,GAAAP,OAAA;AACA,IAAAQ,gBAAA,GAAAL,sBAAA,CAAAH,OAAA;AACA,IAAAS,OAAA,GAAAT,OAAA;AACA,IAAAU,QAAA,GAAAV,OAAA;AAAyD,SAAAG,uBAAAQ,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAEzD;AACA;AACA;;AA4BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMG,sCAA8E,GACzF,MAAAA,CACEC,gBAAgB,EAChBC,QAAQ,EACRC,UAAU,EACVC,OAAO,EACPC,WAAW,EACXC,oBAAoB,KACjB;EACH,MAAMC,oBAAoB,GACxBJ,UAAU,CAACK,0BAA0B,CAACC,sBAAsB;EAC9D,MAAMC,MAAM,GAAG,IAAIC,eAAe,CAAC;IACjCC,SAAS,EAAEV,QAAQ;IACnBW,WAAW,EAAEZ,gBAAgB;IAC7Ba,OAAO,EAAEV;EACX,CAAC,CAAC;EACF,MAAMW,OAAO,GAAI,GAAER,oBAAqB,IAAGG,MAAO,EAAC;EACnD,IAAIM,eAAmC;EAEvC,IAAIV,oBAAoB,EAAE;IACxB,MAAMW,cAAc,GAAG,IAAIC,GAAG,CAACb,WAAW,CAAC,CAACc,QAAQ,CAACC,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC;IACrEJ,eAAe,GAAG,MAAMV,oBAAoB,CACzCe,SAAS,CAACN,OAAO,EAAEE,cAAc,CAAC,CAClCK,KAAK,CAAEC,CAAC,IAAK;MACZ,MAAM,IAAIC,0BAAkB,CAACD,CAAC,CAACE,OAAO,CAAC;IACzC,CAAC,CAAC;EACN,CAAC,MAAM;IACL;IACAC,oBAAO,CAACC,gBAAgB,CAAC,KAAK,EAAEC,IAAA,IAAa;MAAA,IAAZ;QAAEC;MAAI,CAAC,GAAAD,IAAA;MACtC,IAAIC,GAAG,CAACC,QAAQ,CAACzB,WAAW,CAAC,EAAE;QAC7BW,eAAe,GAAGa,GAAG;MACvB;IACF,CAAC,CAAC;IAEF,MAAME,oBAAoB,GAAGL,oBAAO,CAACM,OAAO,CAACjB,OAAO,CAAC;;IAErD;AACN;AACA;AACA;IACM,MAAMkB,8BAA8B,GAAG,IAAAC,WAAK,EAC1C,MAAMlB,eAAe,KAAKmB,SAAS,EACnC,GACF,CAAC;IAED,MAAMC,OAAO,CAACC,GAAG,CAAC,CAACN,oBAAoB,EAAEE,8BAA8B,CAAC,CAAC;IAEzE,IAAIjB,eAAe,KAAKmB,SAAS,EAAE;MACjC,MAAM,IAAIX,0BAAkB,CAAC,qCAAqC,CAAC;IACrE;EACF;EAEA,MAAMc,KAAK,GAAG,IAAAC,iBAAQ,EAACvB,eAAe,CAAC,CAACsB,KAAK;EAC7C,OAAOE,0BAA0B,CAACF,KAAK,CAAC;AAC1C,CAAC;;AAEH;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAXAG,OAAA,CAAAzC,sCAAA,GAAAA,sCAAA;AAYO,MAAM0C,mCAAwE,GACnF,eAAAA,CAAOzC,gBAAgB,EAAEC,QAAQ,EAAEC,UAAU,EAAuB;EAAA,IAArBwC,QAAQ,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAT,SAAA,GAAAS,SAAA,MAAGE,KAAK;EAC7D,MAAMvC,oBAAoB,GACxBJ,UAAU,CAACK,0BAA0B,CAACC,sBAAsB;EAC9D,MAAMC,MAAM,GAAG,IAAIC,eAAe,CAAC;IACjCC,SAAS,EAAEV,QAAQ;IACnBW,WAAW,EAAEZ;EACf,CAAC,CAAC;EAEF,MAAM8C,aAAa,GAAG,MAAMJ,QAAQ,CACjC,GAAEpC,oBAAqB,IAAGG,MAAM,CAACsC,QAAQ,CAAC,CAAE,EAAC,EAC9C;IAAEC,MAAM,EAAE;EAAM,CAClB,CAAC,CACEC,IAAI,CAAC,IAAAC,eAAS,EAAC,GAAG,CAAC,CAAC,CACpBD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBH,IAAI,CAAEI,GAAG,IAAK,IAAAC,wBAAM,EAACD,GAAG,CAAC,CAAC,CAC1BJ,IAAI,CAAEM,MAAM,IAAKC,oBAAa,CAACC,SAAS,CAACF,MAAM,CAACG,OAAO,CAAC,CAAC;EAE5D,IAAI,CAACZ,aAAa,CAACa,OAAO,EAAE;IAC1B,MAAM,IAAIC,wBAAgB,CACxB,kCAAkC,EAClCd,aAAa,CAACe,KAAK,CAACrC,OACtB,CAAC;EACH;EACA,OAAOsB,aAAa,CAACgB,IAAI;AAC3B,CAAC;;AAEH;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAfAtB,OAAA,CAAAC,mCAAA,GAAAA,mCAAA;AAgBO,MAAMsB,4CAA0F,GACrG,MAAAA,CAAOjB,aAAa,EAAEkB,GAAG,KAAK;EAC5B,MAAM;IACJC,gBAAgB;IAChBC,gBAAgB;IAChBC,GAAG;IACHC,yBAAyB;IACzB1B,QAAQ,GAAGG;EACb,CAAC,GAAGmB,GAAG;EAEP,MAAMK,UAAU,GAAG,MAAM,IAAIC,yBAAO,CAACL,gBAAgB,CAAC,CACnDM,kBAAkB,CAAC;IAClBC,GAAG,EAAE,OAAO;IACZC,GAAG,EAAE;EACP,CAAC,CAAC,CACDC,UAAU,CAAC;IACVC,EAAE,EAAEP,yBAAyB;IAC7BQ,GAAG,EAAEC,wBAAI,CAACC,EAAE,CAAC,CAAC,CAAC/B,QAAQ,CAAC,CAAC;IACzBgC,KAAK,EAAEjC,aAAa,CAACiC;EACvB,CAAC,CAAC,CACDC,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,WAAW,CAACpC,aAAa,CAACqC,YAAY,CAAC,CACvCC,IAAI,CAAC,CAAC;EAET,MAAMC,UAAU,GAAG,MAAM,IAAIf,yBAAO,CAACJ,gBAAgB,CAAC,CACnDK,kBAAkB,CAAC;IAClBC,GAAG,EAAE,OAAO;IACZC,GAAG,EAAE;EACP,CAAC,CAAC,CACDC,UAAU,CAAC;IACVC,EAAE,EAAER,GAAG;IACPS,GAAG,EAAEC,wBAAI,CAACC,EAAE,CAAC,CAAC,CAAC/B,QAAQ,CAAC,CAAC;IACzBgC,KAAK,EAAEjC,aAAa,CAACiC;EACvB,CAAC,CAAC,CACDC,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,WAAW,CAACpC,aAAa,CAACqC,YAAY,CAAC,CACvCC,IAAI,CAAC,CAAC;;EAET;AACJ;AACA;EACI,MAAME,sBAAsB,GAAG;IAC7BC,aAAa,EAAG,GAAEV,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;IAC7BU,EAAE,EAAG,GAAEX,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;IAClBW,cAAc,EAAE,CACd;MACED,EAAE,EAAE,0BAA0B;MAC9BE,IAAI,EAAE,kBAAkB;MACxBC,MAAM,EAAE;IACV,CAAC,EACD;MACEH,EAAE,EAAE,mBAAmB;MACvBE,IAAI,EAAE,kBAAkB;MACxBC,MAAM,EAAE;IACV,CAAC;EAEL,CAAC;EAED,MAAMC,oBAAoB,GAAG,IAAAC,8BAAY,EACvCC,IAAI,CAACC,SAAS,CAAC;IACbC,KAAK,EAAElD,aAAa,CAACkD,KAAK;IAC1BC,uBAAuB,EAAEX,sBAAsB;IAC/CY,QAAQ,EAAE,CAACb,UAAU,EAAEhB,UAAU;EACnC,CAAC,CACH,CAAC;;EAED;EACA;EACA;EACA;EACA;EACA;EACA;EACA;;EAEA,MAAM8B,IAAI,GAAG,IAAIzF,eAAe,CAAC;IAC/B0F,QAAQ,EAAER;EACZ,CAAC,CAAC,CAAC7C,QAAQ,CAAC,CAAC;EACb,MAAMsD,SAAS,GAAG,MAAM3D,QAAQ,CAACI,aAAa,CAACqC,YAAY,EAAE;IAC3DnC,MAAM,EAAE,MAAM;IACdsD,OAAO,EAAE;MACP,cAAc,EAAE;IAClB,CAAC;IACDH;EACF,CAAC,CAAC,CACClD,IAAI,CAAC,IAAAC,eAAS,EAAC,GAAG,CAAC,CAAC,CACpBD,IAAI,CAAEsD,MAAM,IAAKA,MAAM,CAACC,IAAI,CAAC,CAAC,CAAC;EAElC,MAAMC,WAAW,GAAGC,8BAAsB,CAACjD,SAAS,CAAC4C,SAAS,CAAC;EAC/D,IAAI,CAACI,WAAW,CAAC9C,OAAO,EAAE;IACxB,MAAM,IAAIC,wBAAgB,CACxB,gCAAgC,EAChC6C,WAAW,CAAC5C,KAAK,CAACrC,OACpB,CAAC;EACH;EAEA,OAAO,MAAMkB,QAAQ,CAAC+D,WAAW,CAAC3C,IAAI,CAAC6C,YAAY,CAAC,CACjD1D,IAAI,CAAC,IAAAC,eAAS,EAAC,GAAG,CAAC,CAAC,CACpBD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBH,IAAI,CAAC2D,2BAAkB,CAAC,CACxB3D,IAAI,CAAE4D,KAAK,IAAKtE,0BAA0B,CAACsE,KAAK,CAACC,UAAU,CAACpD,OAAO,CAAC,CAAC;AAC1E,CAAC;;AAEH;AACA;AACA;AACA;AACA;AACA;AACA;AANAlB,OAAA,CAAAuB,4CAAA,GAAAA,4CAAA;AAOO,MAAMxB,0BAA0B,GACrCwE,OAAgB,IACQ;EACxB,MAAMC,aAAa,GAAGC,8BAAwB,CAACxD,SAAS,CAACsD,OAAO,CAAC;EACjE,IAAI,CAACC,aAAa,CAACrD,OAAO,EAAE;IAC1B,MAAMuD,OAAO,GAAGC,6BAAuB,CAAC1D,SAAS,CAACsD,OAAO,CAAC;IAC1D,IAAI,CAACG,OAAO,CAACvD,OAAO,EAAE;MACpB,MAAM,IAAIpC,0BAAkB,CAACyF,aAAa,CAACnD,KAAK,CAACrC,OAAO,CAAC,CAAC,CAAC;IAC7D;;IACA,MAAM,IAAI4F,6BAAqB,CAC7BF,OAAO,CAACpD,IAAI,CAACD,KAAK,EAClBqD,OAAO,CAACpD,IAAI,CAACuD,iBACf,CAAC;EACH;EACA,OAAOL,aAAa,CAAClD,IAAI;AAC3B,CAAC;AAACtB,OAAA,CAAAD,0BAAA,GAAAA,0BAAA"}
1
+ {"version":3,"names":["_auth","require","_misc","_parseUrl","_interopRequireDefault","_errors","_reactNative","_ioReactNativeJwt","_types","_reactNativeUuid","_types2","_decoder","obj","__esModule","default","completeUserAuthorizationWithQueryMode","issuerRequestUri","clientId","issuerConf","idpHint","redirectUri","authorizationContext","signal","authzRequestEndpoint","oauth_authorization_server","authorization_endpoint","params","URLSearchParams","client_id","request_uri","idphint","authUrl","authRedirectUrl","redirectSchema","URL","protocol","replace","authorize","catch","e","AuthorizationError","message","urlEventListener","Linking","addEventListener","_ref","url","includes","operationIsAborted","createAbortPromiseFromSignal","undefined","openURL","unitAuthRedirectIsNotUndefined","until","winner","Promise","race","listen","filter","isDefined","finally","remove","OperationAbortedError","query","parseUrl","parseAuthroizationResponse","exports","getRequestedCredentialToBePresented","appFetch","arguments","length","fetch","requestObject","toString","method","then","hasStatus","res","text","jws","decode","reqObj","RequestObject","safeParse","payload","success","ValidationFailed","error","data","completeUserAuthorizationWithFormPostJwtMode","ctx","wiaCryptoContext","pidCryptoContext","pid","walletInstanceAttestation","wiaWpToken","SignJWT","setProtectedHeader","alg","typ","setPayload","vp","jti","uuid","v4","nonce","setIssuedAt","setExpirationTime","setAudience","response_uri","sign","pidWpToken","presentationSubmission","definition_id","id","descriptor_map","path","format","authzResponsePayload","encodeBase64","JSON","stringify","state","presentation_submission","vp_token","body","response","resUriRes","headers","reqUri","json","responseUri","ResponseUriResultShape","redirect_uri","getJwtFromFormPost","cbRes","decodedJwt","authRes","authResParsed","AuthorizationResultShape","authErr","AuthorizationErrorShape","AuthorizationIdpError","error_description"],"sourceRoot":"../../../../src","sources":["credential/issuance/04-complete-user-authorization.ts"],"mappings":";;;;;;AAAA,IAAAA,KAAA,GAAAC,OAAA;AAMA,IAAAC,KAAA,GAAAD,OAAA;AAQA,IAAAE,SAAA,GAAAC,sBAAA,CAAAH,OAAA;AACA,IAAAI,OAAA,GAAAJ,OAAA;AAOA,IAAAK,YAAA,GAAAL,OAAA;AACA,IAAAM,iBAAA,GAAAN,OAAA;AAMA,IAAAO,MAAA,GAAAP,OAAA;AACA,IAAAQ,gBAAA,GAAAL,sBAAA,CAAAH,OAAA;AACA,IAAAS,OAAA,GAAAT,OAAA;AACA,IAAAU,QAAA,GAAAV,OAAA;AAAyD,SAAAG,uBAAAQ,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAEzD;AACA;AACA;;AA6BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMG,sCAA8E,GACzF,MAAAA,CACEC,gBAAgB,EAChBC,QAAQ,EACRC,UAAU,EACVC,OAAO,EACPC,WAAW,EACXC,oBAAoB,EACpBC,MAAM,KACH;EACH,MAAMC,oBAAoB,GACxBL,UAAU,CAACM,0BAA0B,CAACC,sBAAsB;EAC9D,MAAMC,MAAM,GAAG,IAAIC,eAAe,CAAC;IACjCC,SAAS,EAAEX,QAAQ;IACnBY,WAAW,EAAEb,gBAAgB;IAC7Bc,OAAO,EAAEX;EACX,CAAC,CAAC;EACF,MAAMY,OAAO,GAAI,GAAER,oBAAqB,IAAGG,MAAO,EAAC;EACnD,IAAIM,eAAmC;EAEvC,IAAIX,oBAAoB,EAAE;IACxB,MAAMY,cAAc,GAAG,IAAIC,GAAG,CAACd,WAAW,CAAC,CAACe,QAAQ,CAACC,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC;IACrEJ,eAAe,GAAG,MAAMX,oBAAoB,CACzCgB,SAAS,CAACN,OAAO,EAAEE,cAAc,CAAC,CAClCK,KAAK,CAAEC,CAAC,IAAK;MACZ,MAAM,IAAIC,0BAAkB,CAACD,CAAC,CAACE,OAAO,CAAC;IACzC,CAAC,CAAC;EACN,CAAC,MAAM;IACL;IACA,MAAMC,gBAAgB,GAAGC,oBAAO,CAACC,gBAAgB,CAAC,KAAK,EAAEC,IAAA,IAAa;MAAA,IAAZ;QAAEC;MAAI,CAAC,GAAAD,IAAA;MAC/D,IAAIC,GAAG,CAACC,QAAQ,CAAC3B,WAAW,CAAC,EAAE;QAC7BY,eAAe,GAAGc,GAAG;MACvB;IACF,CAAC,CAAC;IAEF,MAAME,kBAAkB,GAAG1B,MAAM,GAC7B,IAAA2B,kCAA4B,EAAC3B,MAAM,CAAC,GACpC4B,SAAS;IACb,MAAMP,oBAAO,CAACQ,OAAO,CAACpB,OAAO,CAAC;;IAE9B;AACN;AACA;AACA;IACM,MAAMqB,8BAA8B,GAAG,IAAAC,WAAK,EAC1C,MAAMrB,eAAe,KAAKkB,SAAS,EACnC,GACF,CAAC;;IAED;AACN;AACA;AACA;AACA;IACM,MAAMI,MAAM,GAAG,MAAMC,OAAO,CAACC,IAAI,CAC/B,CAACR,kBAAkB,aAAlBA,kBAAkB,uBAAlBA,kBAAkB,CAAES,MAAM,CAAC,CAAC,EAAEL,8BAA8B,CAAC,CAACM,MAAM,CACnEC,eACF,CACF,CAAC,CAACC,OAAO,CAAC,MAAM;MACdlB,gBAAgB,CAACmB,MAAM,CAAC,CAAC;MACzBb,kBAAkB,aAAlBA,kBAAkB,uBAAlBA,kBAAkB,CAAEa,MAAM,CAAC,CAAC;IAC9B,CAAC,CAAC;IAEF,IAAIP,MAAM,KAAK,mBAAmB,EAAE;MAClC,MAAM,IAAIQ,6BAAqB,CAAC,+BAA+B,CAAC;IAClE;IAEA,IAAI9B,eAAe,KAAKkB,SAAS,EAAE;MACjC,MAAM,IAAIV,0BAAkB,CAAC,qCAAqC,CAAC;IACrE;EACF;EAEA,MAAMuB,KAAK,GAAG,IAAAC,iBAAQ,EAAChC,eAAe,CAAC,CAAC+B,KAAK;EAC7C,OAAOE,0BAA0B,CAACF,KAAK,CAAC;AAC1C,CAAC;;AAEH;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAXAG,OAAA,CAAAnD,sCAAA,GAAAA,sCAAA;AAYO,MAAMoD,mCAAwE,GACnF,eAAAA,CAAOnD,gBAAgB,EAAEC,QAAQ,EAAEC,UAAU,EAAuB;EAAA,IAArBkD,QAAQ,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAnB,SAAA,GAAAmB,SAAA,MAAGE,KAAK;EAC7D,MAAMhD,oBAAoB,GACxBL,UAAU,CAACM,0BAA0B,CAACC,sBAAsB;EAC9D,MAAMC,MAAM,GAAG,IAAIC,eAAe,CAAC;IACjCC,SAAS,EAAEX,QAAQ;IACnBY,WAAW,EAAEb;EACf,CAAC,CAAC;EAEF,MAAMwD,aAAa,GAAG,MAAMJ,QAAQ,CACjC,GAAE7C,oBAAqB,IAAGG,MAAM,CAAC+C,QAAQ,CAAC,CAAE,EAAC,EAC9C;IAAEC,MAAM,EAAE;EAAM,CAClB,CAAC,CACEC,IAAI,CAAC,IAAAC,eAAS,EAAC,GAAG,CAAC,CAAC,CACpBD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBH,IAAI,CAAEI,GAAG,IAAK,IAAAC,wBAAM,EAACD,GAAG,CAAC,CAAC,CAC1BJ,IAAI,CAAEM,MAAM,IAAKC,oBAAa,CAACC,SAAS,CAACF,MAAM,CAACG,OAAO,CAAC,CAAC;EAE5D,IAAI,CAACZ,aAAa,CAACa,OAAO,EAAE;IAC1B,MAAM,IAAIC,wBAAgB,CACxB,kCAAkC,EAClCd,aAAa,CAACe,KAAK,CAAC9C,OACtB,CAAC;EACH;EACA,OAAO+B,aAAa,CAACgB,IAAI;AAC3B,CAAC;;AAEH;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAfAtB,OAAA,CAAAC,mCAAA,GAAAA,mCAAA;AAgBO,MAAMsB,4CAA0F,GACrG,MAAAA,CAAOjB,aAAa,EAAEkB,GAAG,KAAK;EAC5B,MAAM;IACJC,gBAAgB;IAChBC,gBAAgB;IAChBC,GAAG;IACHC,yBAAyB;IACzB1B,QAAQ,GAAGG;EACb,CAAC,GAAGmB,GAAG;EAEP,MAAMK,UAAU,GAAG,MAAM,IAAIC,yBAAO,CAACL,gBAAgB,CAAC,CACnDM,kBAAkB,CAAC;IAClBC,GAAG,EAAE,OAAO;IACZC,GAAG,EAAE;EACP,CAAC,CAAC,CACDC,UAAU,CAAC;IACVC,EAAE,EAAEP,yBAAyB;IAC7BQ,GAAG,EAAEC,wBAAI,CAACC,EAAE,CAAC,CAAC,CAAC/B,QAAQ,CAAC,CAAC;IACzBgC,KAAK,EAAEjC,aAAa,CAACiC;EACvB,CAAC,CAAC,CACDC,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,WAAW,CAACpC,aAAa,CAACqC,YAAY,CAAC,CACvCC,IAAI,CAAC,CAAC;EAET,MAAMC,UAAU,GAAG,MAAM,IAAIf,yBAAO,CAACJ,gBAAgB,CAAC,CACnDK,kBAAkB,CAAC;IAClBC,GAAG,EAAE,OAAO;IACZC,GAAG,EAAE;EACP,CAAC,CAAC,CACDC,UAAU,CAAC;IACVC,EAAE,EAAER,GAAG;IACPS,GAAG,EAAEC,wBAAI,CAACC,EAAE,CAAC,CAAC,CAAC/B,QAAQ,CAAC,CAAC;IACzBgC,KAAK,EAAEjC,aAAa,CAACiC;EACvB,CAAC,CAAC,CACDC,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,WAAW,CAACpC,aAAa,CAACqC,YAAY,CAAC,CACvCC,IAAI,CAAC,CAAC;;EAET;AACJ;AACA;EACI,MAAME,sBAAsB,GAAG;IAC7BC,aAAa,EAAG,GAAEV,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;IAC7BU,EAAE,EAAG,GAAEX,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;IAClBW,cAAc,EAAE,CACd;MACED,EAAE,EAAE,0BAA0B;MAC9BE,IAAI,EAAE,kBAAkB;MACxBC,MAAM,EAAE;IACV,CAAC,EACD;MACEH,EAAE,EAAE,mBAAmB;MACvBE,IAAI,EAAE,kBAAkB;MACxBC,MAAM,EAAE;IACV,CAAC;EAEL,CAAC;EAED,MAAMC,oBAAoB,GAAG,IAAAC,8BAAY,EACvCC,IAAI,CAACC,SAAS,CAAC;IACbC,KAAK,EAAElD,aAAa,CAACkD,KAAK;IAC1BC,uBAAuB,EAAEX,sBAAsB;IAC/CY,QAAQ,EAAE,CAACb,UAAU,EAAEhB,UAAU;EACnC,CAAC,CACH,CAAC;;EAED;EACA;EACA;EACA;EACA;EACA;EACA;EACA;;EAEA,MAAM8B,IAAI,GAAG,IAAIlG,eAAe,CAAC;IAC/BmG,QAAQ,EAAER;EACZ,CAAC,CAAC,CAAC7C,QAAQ,CAAC,CAAC;EACb,MAAMsD,SAAS,GAAG,MAAM3D,QAAQ,CAACI,aAAa,CAACqC,YAAY,EAAE;IAC3DnC,MAAM,EAAE,MAAM;IACdsD,OAAO,EAAE;MACP,cAAc,EAAE;IAClB,CAAC;IACDH;EACF,CAAC,CAAC,CACClD,IAAI,CAAC,IAAAC,eAAS,EAAC,GAAG,CAAC,CAAC,CACpBD,IAAI,CAAEsD,MAAM,IAAKA,MAAM,CAACC,IAAI,CAAC,CAAC,CAAC;EAElC,MAAMC,WAAW,GAAGC,8BAAsB,CAACjD,SAAS,CAAC4C,SAAS,CAAC;EAC/D,IAAI,CAACI,WAAW,CAAC9C,OAAO,EAAE;IACxB,MAAM,IAAIC,wBAAgB,CACxB,gCAAgC,EAChC6C,WAAW,CAAC5C,KAAK,CAAC9C,OACpB,CAAC;EACH;EAEA,OAAO,MAAM2B,QAAQ,CAAC+D,WAAW,CAAC3C,IAAI,CAAC6C,YAAY,CAAC,CACjD1D,IAAI,CAAC,IAAAC,eAAS,EAAC,GAAG,CAAC,CAAC,CACpBD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBH,IAAI,CAAC2D,2BAAkB,CAAC,CACxB3D,IAAI,CAAE4D,KAAK,IAAKtE,0BAA0B,CAACsE,KAAK,CAACC,UAAU,CAACpD,OAAO,CAAC,CAAC;AAC1E,CAAC;;AAEH;AACA;AACA;AACA;AACA;AACA;AACA;AANAlB,OAAA,CAAAuB,4CAAA,GAAAA,4CAAA;AAOO,MAAMxB,0BAA0B,GACrCwE,OAAgB,IACQ;EACxB,MAAMC,aAAa,GAAGC,8BAAwB,CAACxD,SAAS,CAACsD,OAAO,CAAC;EACjE,IAAI,CAACC,aAAa,CAACrD,OAAO,EAAE;IAC1B,MAAMuD,OAAO,GAAGC,6BAAuB,CAAC1D,SAAS,CAACsD,OAAO,CAAC;IAC1D,IAAI,CAACG,OAAO,CAACvD,OAAO,EAAE;MACpB,MAAM,IAAI7C,0BAAkB,CAACkG,aAAa,CAACnD,KAAK,CAAC9C,OAAO,CAAC,CAAC,CAAC;IAC7D;;IACA,MAAM,IAAIqG,6BAAqB,CAC7BF,OAAO,CAACpD,IAAI,CAACD,KAAK,EAClBqD,OAAO,CAACpD,IAAI,CAACuD,iBACf,CAAC;EACH;EACA,OAAOL,aAAa,CAAClD,IAAI;AAC3B,CAAC;AAACtB,OAAA,CAAAD,0BAAA,GAAAA,0BAAA"}
package/lib/commonjs/credential/issuance/05-authorize-access.js CHANGED
@@ -5,7 +5,6 @@ Object.defineProperty(exports, "__esModule", {
5
5
  });
6
6
  exports.authorizeAccess = void 0;
7
7
  var _misc = require("../../utils/misc");
8
- var _crypto = require("../../utils/crypto");
9
8
  var _dpop = require("../../utils/dpop");
10
9
  var _reactNativeUuid = _interopRequireDefault(require("react-native-uuid"));
11
10
  var _pop = require("../../utils/pop");
@@ -28,6 +27,7 @@ function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { de
28
27
  * @param codeVerifier The code verifier returned by {@link startUserAuthorization}
29
28
  * @param context.walletInstanceAttestation The Wallet Instance's attestation
30
29
  * @param context.wiaCryptoContext The Wallet Instance's crypto context
30
+ * @param context.dPopCryptoContext The DPoP crypto context
31
31
  * @param context.appFetch (optional) fetch api implementation. Default: built-in fetch
32
32
  * @throws {ValidationFailed} if an error occurs while parsing the token response
33
33
  * @return The token response containing the access token along with the token request signed with DPoP which has to be used in the {@link obtainCredential} step.
@@ -36,21 +36,19 @@ const authorizeAccess = async (issuerConf, code, clientId, redirectUri, codeVeri
36
36
  const {
37
37
  appFetch = fetch,
38
38
  walletInstanceAttestation,
39
- wiaCryptoContext
39
+ wiaCryptoContext,
40
+ dPopCryptoContext
40
41
  } = context;
41
42
  const parEndpoint = issuerConf.oauth_authorization_server.pushed_authorization_request_endpoint;
42
43
  const parUrl = new URL(parEndpoint);
43
44
  const aud = `${parUrl.protocol}//${parUrl.hostname}`;
44
45
  const iss = WalletInstanceAttestation.decode(walletInstanceAttestation).payload.cnf.jwk.kid;
45
46
  const tokenUrl = issuerConf.oauth_authorization_server.token_endpoint;
46
- // Use an ephemeral key to be destroyed after use
47
- const tokenRequestSignedDPop = await (0, _crypto.withEphemeralKey)(async ephimeralContext => {
48
- return await (0, _dpop.createDPopToken)({
49
- htm: "POST",
50
- htu: tokenUrl,
51
- jti: `${_reactNativeUuid.default.v4()}`
52
- }, ephimeralContext);
53
- });
47
+ const tokenRequestSignedDPop = await (0, _dpop.createDPopToken)({
48
+ htm: "POST",
49
+ htu: tokenUrl,
50
+ jti: `${_reactNativeUuid.default.v4()}`
51
+ }, dPopCryptoContext);
54
52
  const signedWiaPoP = await (0, _pop.createPopToken)({
55
53
  jti: `${_reactNativeUuid.default.v4()}`,
56
54
  aud,
@@ -78,8 +76,7 @@ const authorizeAccess = async (issuerConf, code, clientId, redirectUri, codeVeri
78
76
  throw new _errors.ValidationFailed(tokenRes.error.message);
79
77
  }
80
78
  return {
81
- accessToken: tokenRes.data,
82
- tokenRequestSignedDPop
79
+ accessToken: tokenRes.data
83
80
  };
84
81
  };
85
82
  exports.authorizeAccess = authorizeAccess;
package/lib/commonjs/credential/issuance/05-authorize-access.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["_misc","require","_crypto","_dpop","_reactNativeUuid","_interopRequireDefault","_pop","WalletInstanceAttestation","_interopRequireWildcard","_const","_types","_errors","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","authorizeAccess","issuerConf","code","clientId","redirectUri","codeVerifier","context","appFetch","fetch","walletInstanceAttestation","wiaCryptoContext","parEndpoint","oauth_authorization_server","pushed_authorization_request_endpoint","parUrl","URL","aud","protocol","hostname","iss","decode","payload","cnf","jwk","kid","tokenUrl","token_endpoint","tokenRequestSignedDPop","withEphemeralKey","ephimeralContext","createDPopToken","htm","htu","jti","uuid","v4","signedWiaPoP","createPopToken","requestBody","grant_type","client_id","redirect_uri","code_verifier","client_assertion_type","ASSERTION_TYPE","client_assertion","authorizationRequestFormBody","URLSearchParams","tokenRes","method","headers","DPoP","body","toString","then","hasStatus","res","json","TokenResponse","safeParse","success","ValidationFailed","error","message","accessToken","data","exports"],"sourceRoot":"../../../../src","sources":["credential/issuance/05-authorize-access.ts"],"mappings":";;;;;;AAAA,IAAAA,KAAA,GAAAC,OAAA;AAGA,IAAAC,OAAA,GAAAD,OAAA;AACA,IAAAE,KAAA,GAAAF,OAAA;AACA,IAAAG,gBAAA,GAAAC,sBAAA,CAAAJ,OAAA;AACA,IAAAK,IAAA,GAAAL,OAAA;AACA,IAAAM,yBAAA,GAAAC,uBAAA,CAAAP,OAAA;AAEA,IAAAQ,MAAA,GAAAR,OAAA;AACA,IAAAS,MAAA,GAAAT,OAAA;AACA,IAAAU,OAAA,GAAAV,OAAA;AAAsD,SAAAW,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAL,wBAAAS,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAAA,SAAAlB,uBAAAY,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAgBtD;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMiB,eAAgC,GAAG,MAAAA,CAC9CC,UAAU,EACVC,IAAI,EACJC,QAAQ,EACRC,WAAW,EACXC,YAAY,EACZC,OAAO,KACJ;EACH,MAAM;IACJC,QAAQ,GAAGC,KAAK;IAChBC,yBAAyB;IACzBC;EACF,CAAC,GAAGJ,OAAO;EAEX,MAAMK,WAAW,GACfV,UAAU,CAACW,0BAA0B,CAACC,qCAAqC;EAC7E,MAAMC,MAAM,GAAG,IAAIC,GAAG,CAACJ,WAAW,CAAC;EACnC,MAAMK,GAAG,GAAI,GAAEF,MAAM,CAACG,QAAS,KAAIH,MAAM,CAACI,QAAS,EAAC;EACpD,MAAMC,GAAG,GAAG9C,yBAAyB,CAAC+C,MAAM,CAACX,yBAAyB,CAAC,CACpEY,OAAO,CAACC,GAAG,CAACC,GAAG,CAACC,GAAG;EAEtB,MAAMC,QAAQ,GAAGxB,UAAU,CAACW,0BAA0B,CAACc,cAAc;EACrE;EACA,MAAMC,sBAAsB,GAAG,MAAM,IAAAC,wBAAgB,EACnD,MAAOC,gBAAgB,IAAK;IAC1B,OAAO,MAAM,IAAAC,qBAAe,EAC1B;MACEC,GAAG,EAAE,MAAM;MACXC,GAAG,EAAEP,QAAQ;MACbQ,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE;IACpB,CAAC,EACDN,gBACF,CAAC;EACH,CACF,CAAC;EAED,MAAMO,YAAY,GAAG,MAAM,IAAAC,mBAAc,EACvC;IACEJ,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;IACnBnB,GAAG;IACHG;EACF,CAAC,EACDT,gBACF,CAAC;EAED,MAAM4B,WAAW,GAAG;IAClBC,UAAU,EAAE,oBAAoB;IAChCC,SAAS,EAAErC,QAAQ;IACnBD,IAAI;IACJuC,YAAY,EAAErC,WAAW;IACzBsC,aAAa,EAAErC,YAAY;IAC3BsC,qBAAqB,EAAEC,qBAAc;IACrCC,gBAAgB,EAAEpC,yBAAyB,GAAG,GAAG,GAAG2B;EACtD,CAAC;EAED,MAAMU,4BAA4B,GAAG,IAAIC,eAAe,CAACT,WAAW,CAAC;EACrE,MAAMU,QAAQ,GAAG,MAAMzC,QAAQ,CAACkB,QAAQ,EAAE;IACxCwB,MAAM,EAAE,MAAM;IACdC,OAAO,EAAE;MACP,cAAc,EAAE,mCAAmC;MACnDC,IAAI,EAAExB;IACR,CAAC;IACDyB,IAAI,EAAEN,4BAA4B,CAACO,QAAQ,CAAC;EAC9C,CAAC,CAAC,CACCC,IAAI,CAAC,IAAAC,eAAS,EAAC,GAAG,CAAC,CAAC,CACpBD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBH,IAAI,CAAEF,IAAI,IAAKM,oBAAa,CAACC,SAAS,CAACP,IAAI,CAAC,CAAC;EAEhD,IAAI,CAACJ,QAAQ,CAACY,OAAO,EAAE;IACrB,MAAM,IAAIC,wBAAgB,CAACb,QAAQ,CAACc,KAAK,CAACC,OAAO,CAAC;EACpD;EAEA,OAAO;IAAEC,WAAW,EAAEhB,QAAQ,CAACiB,IAAI;IAAEtC;EAAuB,CAAC;AAC/D,CAAC;AAACuC,OAAA,CAAAlE,eAAA,GAAAA,eAAA"}
1
+ {"version":3,"names":["_misc","require","_dpop","_reactNativeUuid","_interopRequireDefault","_pop","WalletInstanceAttestation","_interopRequireWildcard","_const","_types","_errors","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","authorizeAccess","issuerConf","code","clientId","redirectUri","codeVerifier","context","appFetch","fetch","walletInstanceAttestation","wiaCryptoContext","dPopCryptoContext","parEndpoint","oauth_authorization_server","pushed_authorization_request_endpoint","parUrl","URL","aud","protocol","hostname","iss","decode","payload","cnf","jwk","kid","tokenUrl","token_endpoint","tokenRequestSignedDPop","createDPopToken","htm","htu","jti","uuid","v4","signedWiaPoP","createPopToken","requestBody","grant_type","client_id","redirect_uri","code_verifier","client_assertion_type","ASSERTION_TYPE","client_assertion","authorizationRequestFormBody","URLSearchParams","tokenRes","method","headers","DPoP","body","toString","then","hasStatus","res","json","TokenResponse","safeParse","success","ValidationFailed","error","message","accessToken","data","exports"],"sourceRoot":"../../../../src","sources":["credential/issuance/05-authorize-access.ts"],"mappings":";;;;;;AAAA,IAAAA,KAAA,GAAAC,OAAA;AAGA,IAAAC,KAAA,GAAAD,OAAA;AACA,IAAAE,gBAAA,GAAAC,sBAAA,CAAAH,OAAA;AACA,IAAAI,IAAA,GAAAJ,OAAA;AACA,IAAAK,yBAAA,GAAAC,uBAAA,CAAAN,OAAA;AAEA,IAAAO,MAAA,GAAAP,OAAA;AACA,IAAAQ,MAAA,GAAAR,OAAA;AACA,IAAAS,OAAA,GAAAT,OAAA;AAAsD,SAAAU,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAL,wBAAAS,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAAA,SAAAlB,uBAAAY,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAiBtD;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMiB,eAAgC,GAAG,MAAAA,CAC9CC,UAAU,EACVC,IAAI,EACJC,QAAQ,EACRC,WAAW,EACXC,YAAY,EACZC,OAAO,KACJ;EACH,MAAM;IACJC,QAAQ,GAAGC,KAAK;IAChBC,yBAAyB;IACzBC,gBAAgB;IAChBC;EACF,CAAC,GAAGL,OAAO;EAEX,MAAMM,WAAW,GACfX,UAAU,CAACY,0BAA0B,CAACC,qCAAqC;EAC7E,MAAMC,MAAM,GAAG,IAAIC,GAAG,CAACJ,WAAW,CAAC;EACnC,MAAMK,GAAG,GAAI,GAAEF,MAAM,CAACG,QAAS,KAAIH,MAAM,CAACI,QAAS,EAAC;EACpD,MAAMC,GAAG,GAAG/C,yBAAyB,CAACgD,MAAM,CAACZ,yBAAyB,CAAC,CACpEa,OAAO,CAACC,GAAG,CAACC,GAAG,CAACC,GAAG;EAEtB,MAAMC,QAAQ,GAAGzB,UAAU,CAACY,0BAA0B,CAACc,cAAc;EAErE,MAAMC,sBAAsB,GAAG,MAAM,IAAAC,qBAAe,EAClD;IACEC,GAAG,EAAE,MAAM;IACXC,GAAG,EAAEL,QAAQ;IACbM,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE;EACpB,CAAC,EACDvB,iBACF,CAAC;EAED,MAAMwB,YAAY,GAAG,MAAM,IAAAC,mBAAc,EACvC;IACEJ,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;IACnBjB,GAAG;IACHG;EACF,CAAC,EACDV,gBACF,CAAC;EAED,MAAM2B,WAAW,GAAG;IAClBC,UAAU,EAAE,oBAAoB;IAChCC,SAAS,EAAEpC,QAAQ;IACnBD,IAAI;IACJsC,YAAY,EAAEpC,WAAW;IACzBqC,aAAa,EAAEpC,YAAY;IAC3BqC,qBAAqB,EAAEC,qBAAc;IACrCC,gBAAgB,EAAEnC,yBAAyB,GAAG,GAAG,GAAG0B;EACtD,CAAC;EAED,MAAMU,4BAA4B,GAAG,IAAIC,eAAe,CAACT,WAAW,CAAC;EACrE,MAAMU,QAAQ,GAAG,MAAMxC,QAAQ,CAACmB,QAAQ,EAAE;IACxCsB,MAAM,EAAE,MAAM;IACdC,OAAO,EAAE;MACP,cAAc,EAAE,mCAAmC;MACnDC,IAAI,EAAEtB;IACR,CAAC;IACDuB,IAAI,EAAEN,4BAA4B,CAACO,QAAQ,CAAC;EAC9C,CAAC,CAAC,CACCC,IAAI,CAAC,IAAAC,eAAS,EAAC,GAAG,CAAC,CAAC,CACpBD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBH,IAAI,CAAEF,IAAI,IAAKM,oBAAa,CAACC,SAAS,CAACP,IAAI,CAAC,CAAC;EAEhD,IAAI,CAACJ,QAAQ,CAACY,OAAO,EAAE;IACrB,MAAM,IAAIC,wBAAgB,CAACb,QAAQ,CAACc,KAAK,CAACC,OAAO,CAAC;EACpD;EAEA,OAAO;IAAEC,WAAW,EAAEhB,QAAQ,CAACiB;EAAK,CAAC;AACvC,CAAC;AAACC,OAAA,CAAAjE,eAAA,GAAAA,eAAA"}
package/lib/commonjs/credential/issuance/06-obtain-credential.js CHANGED
@@ -8,6 +8,9 @@ var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
8
8
  var _misc = require("../../utils/misc");
9
9
  var _errors = require("../../utils/errors");
10
10
  var _types = require("./types");
11
+ var _dpop = require("../../utils/dpop");
12
+ var _reactNativeUuid = _interopRequireDefault(require("react-native-uuid"));
13
+ function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
11
14
  const createNonceProof = async (nonce, issuer, audience, ctx) => {
12
15
  const jwk = await ctx.getPublicKey();
13
16
  return new _ioReactNativeJwt.SignJWT(ctx).setPayload({
@@ -30,14 +33,16 @@ const createNonceProof = async (nonce, issuer, audience, ctx) => {
30
33
  * @param credentialDefinition The credential definition of the credential to be obtained returned by {@link startUserAuthorization}
31
34
  * @param tokenRequestSignedDPop The DPoP signed token request returned by {@link authorizeAccess}
32
35
  * @param context.credentialCryptoContext The crypto context used to obtain the credential
36
+ * @param context.dPopCryptoContext The DPoP crypto context
33
37
  * @param context.appFetch (optional) fetch api implementation. Default: built-in fetch
34
38
  * @returns The credential response containing the credential
35
39
  */
36
40
  exports.createNonceProof = createNonceProof;
37
- const obtainCredential = async (issuerConf, accessToken, clientId, credentialDefinition, tokenRequestSignedDPop, context) => {
41
+ const obtainCredential = async (issuerConf, accessToken, clientId, credentialDefinition, context) => {
38
42
  const {
39
43
  credentialCryptoContext,
40
- appFetch = fetch
44
+ appFetch = fetch,
45
+ dPopCryptoContext
41
46
  } = context;
42
47
  const credentialUrl = issuerConf.openid_credential_issuer.credential_endpoint;
43
48
 
@@ -65,6 +70,12 @@ const obtainCredential = async (issuerConf, accessToken, clientId, credentialDef
65
70
  proof_type: "jwt"
66
71
  }
67
72
  };
73
+ const tokenRequestSignedDPop = await await (0, _dpop.createDPopToken)({
74
+ htm: "POST",
75
+ htu: credentialUrl,
76
+ jti: `${_reactNativeUuid.default.v4()}`,
77
+ ath: await (0, _ioReactNativeJwt.sha256ToBase64)(accessToken.access_token)
78
+ }, dPopCryptoContext);
68
79
  const credentialRes = await appFetch(credentialUrl, {
69
80
  method: "POST",
70
81
  headers: {
package/lib/commonjs/credential/issuance/06-obtain-credential.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["_ioReactNativeJwt","require","_misc","_errors","_types","createNonceProof","nonce","issuer","audience","ctx","jwk","getPublicKey","SignJWT","setPayload","setProtectedHeader","typ","setAudience","setIssuer","setIssuedAt","setExpirationTime","sign","exports","obtainCredential","issuerConf","accessToken","clientId","credentialDefinition","tokenRequestSignedDPop","context","credentialCryptoContext","appFetch","fetch","credentialUrl","openid_credential_issuer","credential_endpoint","signedNonceProof","c_nonce","constainsCredentialDefinition","authorization_details","some","c","credential_configuration_id","format","type","ValidationFailed","credentialRequestFormBody","credential_definition","proof","jwt","proof_type","credentialRes","method","headers","DPoP","Authorization","token_type","access_token","body","JSON","stringify","then","hasStatus","res","json","CredentialResponse","safeParse","success","error","message","data"],"sourceRoot":"../../../../src","sources":["credential/issuance/06-obtain-credential.ts"],"mappings":";;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AAGA,IAAAC,KAAA,GAAAD,OAAA;AAEA,IAAAE,OAAA,GAAAF,OAAA;AACA,IAAAG,MAAA,GAAAH,OAAA;AAcO,MAAMI,gBAAgB,GAAG,MAAAA,CAC9BC,KAAa,EACbC,MAAc,EACdC,QAAgB,EAChBC,GAAkB,KACE;EACpB,MAAMC,GAAG,GAAG,MAAMD,GAAG,CAACE,YAAY,CAAC,CAAC;EACpC,OAAO,IAAIC,yBAAO,CAACH,GAAG,CAAC,CACpBI,UAAU,CAAC;IACVP;EACF,CAAC,CAAC,CACDQ,kBAAkB,CAAC;IAClBC,GAAG,EAAE,sBAAsB;IAC3BL;EACF,CAAC,CAAC,CACDM,WAAW,CAACR,QAAQ,CAAC,CACrBS,SAAS,CAACV,MAAM,CAAC,CACjBW,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,MAAM,CAAC,CACzBC,IAAI,CAAC,CAAC;AACX,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAdAC,OAAA,CAAAhB,gBAAA,GAAAA,gBAAA;AAeO,MAAMiB,gBAAkC,GAAG,MAAAA,CAChDC,UAAU,EACVC,WAAW,EACXC,QAAQ,EACRC,oBAAoB,EACpBC,sBAAsB,EACtBC,OAAO,KACJ;EACH,MAAM;IAAEC,uBAAuB;IAAEC,QAAQ,GAAGC;EAAM,CAAC,GAAGH,OAAO;EAE7D,MAAMI,aAAa,GAAGT,UAAU,CAACU,wBAAwB,CAACC,mBAAmB;;EAE7E;AACF;AACA;AACA;AACA;EACE,MAAMC,gBAAgB,GAAG,MAAM9B,gBAAgB,CAC7CmB,WAAW,CAACY,OAAO,EACnBX,QAAQ,EACRO,aAAa,EACbH,uBACF,CAAC;;EAED;EACA,MAAMQ,6BAA6B,GAAGb,WAAW,CAACc,qBAAqB,CAACC,IAAI,CACzEC,CAAC,IACAA,CAAC,CAACC,2BAA2B,KAC3Bf,oBAAoB,CAACe,2BAA2B,IAClDD,CAAC,CAACE,MAAM,KAAKhB,oBAAoB,CAACgB,MAAM,IACxCF,CAAC,CAACG,IAAI,KAAKjB,oBAAoB,CAACiB,IACpC,CAAC;EAED,IAAI,CAACN,6BAA6B,EAAE;IAClC,MAAM,IAAIO,wBAAgB,CACxB,qEACF,CAAC;EACH;;EAEA;EACA,MAAMC,yBAAyB,GAAG;IAChCC,qBAAqB,EAAE;MACrBH,IAAI,EAAE,CAACjB,oBAAoB,CAACe,2BAA2B;IACzD,CAAC;IACDC,MAAM,EAAEhB,oBAAoB,CAACgB,MAAM;IACnCK,KAAK,EAAE;MACLC,GAAG,EAAEb,gBAAgB;MACrBc,UAAU,EAAE;IACd;EACF,CAAC;EAED,MAAMC,aAAa,GAAG,MAAMpB,QAAQ,CAACE,aAAa,EAAE;IAClDmB,MAAM,EAAE,MAAM;IACdC,OAAO,EAAE;MACP,cAAc,EAAE,kBAAkB;MAClCC,IAAI,EAAE1B,sBAAsB;MAC5B2B,aAAa,EAAG,GAAE9B,WAAW,CAAC+B,UAAW,IAAG/B,WAAW,CAACgC,YAAa;IACvE,CAAC;IACDC,IAAI,EAAEC,IAAI,CAACC,SAAS,CAACd,yBAAyB;EAChD,CAAC,CAAC,CACCe,IAAI,CAAC,IAAAC,eAAS,EAAC,GAAG,CAAC,CAAC,CACpBD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBH,IAAI,CAAEH,IAAI,IAAKO,yBAAkB,CAACC,SAAS,CAACR,IAAI,CAAC,CAAC;EAErD,IAAI,CAACP,aAAa,CAACgB,OAAO,EAAE;IAC1B,MAAM,IAAItB,wBAAgB,CAACM,aAAa,CAACiB,KAAK,CAACC,OAAO,CAAC;EACzD;EAEA,OAAOlB,aAAa,CAACmB,IAAI;AAC3B,CAAC;AAAChD,OAAA,CAAAC,gBAAA,GAAAA,gBAAA"}
1
+ {"version":3,"names":["_ioReactNativeJwt","require","_misc","_errors","_types","_dpop","_reactNativeUuid","_interopRequireDefault","obj","__esModule","default","createNonceProof","nonce","issuer","audience","ctx","jwk","getPublicKey","SignJWT","setPayload","setProtectedHeader","typ","setAudience","setIssuer","setIssuedAt","setExpirationTime","sign","exports","obtainCredential","issuerConf","accessToken","clientId","credentialDefinition","context","credentialCryptoContext","appFetch","fetch","dPopCryptoContext","credentialUrl","openid_credential_issuer","credential_endpoint","signedNonceProof","c_nonce","constainsCredentialDefinition","authorization_details","some","c","credential_configuration_id","format","type","ValidationFailed","credentialRequestFormBody","credential_definition","proof","jwt","proof_type","tokenRequestSignedDPop","createDPopToken","htm","htu","jti","uuid","v4","ath","sha256ToBase64","access_token","credentialRes","method","headers","DPoP","Authorization","token_type","body","JSON","stringify","then","hasStatus","res","json","CredentialResponse","safeParse","success","error","message","data"],"sourceRoot":"../../../../src","sources":["credential/issuance/06-obtain-credential.ts"],"mappings":";;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AAOA,IAAAC,KAAA,GAAAD,OAAA;AAEA,IAAAE,OAAA,GAAAF,OAAA;AACA,IAAAG,MAAA,GAAAH,OAAA;AAEA,IAAAI,KAAA,GAAAJ,OAAA;AACA,IAAAK,gBAAA,GAAAC,sBAAA,CAAAN,OAAA;AAAqC,SAAAM,uBAAAC,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAc9B,MAAMG,gBAAgB,GAAG,MAAAA,CAC9BC,KAAa,EACbC,MAAc,EACdC,QAAgB,EAChBC,GAAkB,KACE;EACpB,MAAMC,GAAG,GAAG,MAAMD,GAAG,CAACE,YAAY,CAAC,CAAC;EACpC,OAAO,IAAIC,yBAAO,CAACH,GAAG,CAAC,CACpBI,UAAU,CAAC;IACVP;EACF,CAAC,CAAC,CACDQ,kBAAkB,CAAC;IAClBC,GAAG,EAAE,sBAAsB;IAC3BL;EACF,CAAC,CAAC,CACDM,WAAW,CAACR,QAAQ,CAAC,CACrBS,SAAS,CAACV,MAAM,CAAC,CACjBW,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,MAAM,CAAC,CACzBC,IAAI,CAAC,CAAC;AACX,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAfAC,OAAA,CAAAhB,gBAAA,GAAAA,gBAAA;AAgBO,MAAMiB,gBAAkC,GAAG,MAAAA,CAChDC,UAAU,EACVC,WAAW,EACXC,QAAQ,EACRC,oBAAoB,EACpBC,OAAO,KACJ;EACH,MAAM;IACJC,uBAAuB;IACvBC,QAAQ,GAAGC,KAAK;IAChBC;EACF,CAAC,GAAGJ,OAAO;EAEX,MAAMK,aAAa,GAAGT,UAAU,CAACU,wBAAwB,CAACC,mBAAmB;;EAE7E;AACF;AACA;AACA;AACA;EACE,MAAMC,gBAAgB,GAAG,MAAM9B,gBAAgB,CAC7CmB,WAAW,CAACY,OAAO,EACnBX,QAAQ,EACRO,aAAa,EACbJ,uBACF,CAAC;;EAED;EACA,MAAMS,6BAA6B,GAAGb,WAAW,CAACc,qBAAqB,CAACC,IAAI,CACzEC,CAAC,IACAA,CAAC,CAACC,2BAA2B,KAC3Bf,oBAAoB,CAACe,2BAA2B,IAClDD,CAAC,CAACE,MAAM,KAAKhB,oBAAoB,CAACgB,MAAM,IACxCF,CAAC,CAACG,IAAI,KAAKjB,oBAAoB,CAACiB,IACpC,CAAC;EAED,IAAI,CAACN,6BAA6B,EAAE;IAClC,MAAM,IAAIO,wBAAgB,CACxB,qEACF,CAAC;EACH;;EAEA;EACA,MAAMC,yBAAyB,GAAG;IAChCC,qBAAqB,EAAE;MACrBH,IAAI,EAAE,CAACjB,oBAAoB,CAACe,2BAA2B;IACzD,CAAC;IACDC,MAAM,EAAEhB,oBAAoB,CAACgB,MAAM;IACnCK,KAAK,EAAE;MACLC,GAAG,EAAEb,gBAAgB;MACrBc,UAAU,EAAE;IACd;EACF,CAAC;EAED,MAAMC,sBAAsB,GAAG,MAAM,MAAM,IAAAC,qBAAe,EACxD;IACEC,GAAG,EAAE,MAAM;IACXC,GAAG,EAAErB,aAAa;IAClBsB,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;IACnBC,GAAG,EAAE,MAAM,IAAAC,gCAAc,EAAClC,WAAW,CAACmC,YAAY;EACpD,CAAC,EACD5B,iBACF,CAAC;EACD,MAAM6B,aAAa,GAAG,MAAM/B,QAAQ,CAACG,aAAa,EAAE;IAClD6B,MAAM,EAAE,MAAM;IACdC,OAAO,EAAE;MACP,cAAc,EAAE,kBAAkB;MAClCC,IAAI,EAAEb,sBAAsB;MAC5Bc,aAAa,EAAG,GAAExC,WAAW,CAACyC,UAAW,IAAGzC,WAAW,CAACmC,YAAa;IACvE,CAAC;IACDO,IAAI,EAAEC,IAAI,CAACC,SAAS,CAACvB,yBAAyB;EAChD,CAAC,CAAC,CACCwB,IAAI,CAAC,IAAAC,eAAS,EAAC,GAAG,CAAC,CAAC,CACpBD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBH,IAAI,CAAEH,IAAI,IAAKO,yBAAkB,CAACC,SAAS,CAACR,IAAI,CAAC,CAAC;EAErD,IAAI,CAACN,aAAa,CAACe,OAAO,EAAE;IAC1B,MAAM,IAAI/B,wBAAgB,CAACgB,aAAa,CAACgB,KAAK,CAACC,OAAO,CAAC;EACzD;EAEA,OAAOjB,aAAa,CAACkB,IAAI;AAC3B,CAAC;AAACzD,OAAA,CAAAC,gBAAA,GAAAA,gBAAA"}
package/lib/commonjs/credential/status/01-start-flow.js ADDED
@@ -0,0 +1,2 @@
1
+ "use strict";
2
+ //# sourceMappingURL=01-start-flow.js.map
package/lib/commonjs/credential/status/01-start-flow.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"names":[],"sourceRoot":"../../../../src","sources":["credential/status/01-start-flow.ts"],"mappings":""}
package/lib/commonjs/credential/status/02-status-attestation.js ADDED
@@ -0,0 +1,72 @@
1
+ "use strict";
2
+
3
+ Object.defineProperty(exports, "__esModule", {
4
+ value: true
5
+ });
6
+ exports.statusAttestation = void 0;
7
+ var _misc = require("../../utils/misc");
8
+ var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
9
+ var _reactNativeUuid = _interopRequireDefault(require("react-native-uuid"));
10
+ var _types = require("./types");
11
+ var _errors = require("../../utils/errors");
12
+ var _errors2 = require("./errors");
13
+ function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
14
+ /**
15
+ * WARNING: This function must be called after {@link startFlow}.
16
+ * Verify the status of the credential attestation.
17
+ * @param issuerConf - The issuer's configuration
18
+ * @param credential - The credential to be verified
19
+ * @param credentialCryptoContext - The credential's crypto context
20
+ * @param context.appFetch (optional) fetch api implementation. Default: built-in fetch
21
+ * @throws {@link StatusAttestationInvalid} if the status attestation is invalid and thus the credential is not valid
22
+ * @throws {@link StatusAttestationError} if an error occurs during the status attestation
23
+ * @returns The credential status attestation
24
+ */
25
+ const statusAttestation = async function (issuerConf, credential, credentialCryptoContext) {
26
+ let appFetch = arguments.length > 3 && arguments[3] !== undefined ? arguments[3] : fetch;
27
+ const jwk = await credentialCryptoContext.getPublicKey();
28
+ const credentialHash = await (0, _misc.getCredentialHashWithouDiscloures)(credential);
29
+ const statusAttUrl = issuerConf.openid_credential_issuer.status_attestation_endpoint;
30
+ const credentialPop = await new _ioReactNativeJwt.SignJWT(credentialCryptoContext).setPayload({
31
+ aud: statusAttUrl,
32
+ jti: _reactNativeUuid.default.v4().toString(),
33
+ credential_hash: credentialHash,
34
+ credential_hash_alg: "S256"
35
+ }).setProtectedHeader({
36
+ alg: "ES256",
37
+ typ: "status-attestation-request+jwt",
38
+ kid: jwk.kid
39
+ }).setIssuedAt().setExpirationTime("5m").sign();
40
+ const body = {
41
+ credential_pop: credentialPop
42
+ };
43
+ const result = await appFetch(statusAttUrl, {
44
+ method: "POST",
45
+ headers: {
46
+ "Content-Type": "application/json"
47
+ },
48
+ body: JSON.stringify(body)
49
+ }).then((0, _misc.hasStatus)(201)).then(raw => raw.json()).then(json => _types.StatusAttestationResponse.parse(json)).catch(handleStatusAttestationError);
50
+ return {
51
+ statusAttestation: result.status_attestation
52
+ };
53
+ };
54
+
55
+ /**
56
+ * Handle the status attestation error by mapping it to a custom exception.
57
+ * If the error is not an instance of {@link UnexpectedStatusCodeError}, it is thrown as is.
58
+ * @param e - The error to be handled
59
+ * @throws {@link StatusAttestationError} if the status code is different from 404
60
+ * @throws {@link StatusAttestationInvalid} if the status code is 404 (meaning the credential is invalid)
61
+ */
62
+ exports.statusAttestation = statusAttestation;
63
+ const handleStatusAttestationError = e => {
64
+ if (!(e instanceof _errors.UnexpectedStatusCodeError)) {
65
+ throw e;
66
+ }
67
+ if (e.statusCode === 404) {
68
+ throw new _errors2.StatusAttestationInvalid("Invalid status found for the given credential", e.message);
69
+ }
70
+ throw new _errors2.StatusAttestationError(`Unable to obtain the status attestation for the given credential [response status code: ${e.statusCode}]`, e.message);
71
+ };
72
+ //# sourceMappingURL=02-status-attestation.js.map
package/lib/commonjs/credential/status/02-status-attestation.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"names":["_misc","require","_ioReactNativeJwt","_reactNativeUuid","_interopRequireDefault","_types","_errors","_errors2","obj","__esModule","default","statusAttestation","issuerConf","credential","credentialCryptoContext","appFetch","arguments","length","undefined","fetch","jwk","getPublicKey","credentialHash","getCredentialHashWithouDiscloures","statusAttUrl","openid_credential_issuer","status_attestation_endpoint","credentialPop","SignJWT","setPayload","aud","jti","uuid","v4","toString","credential_hash","credential_hash_alg","setProtectedHeader","alg","typ","kid","setIssuedAt","setExpirationTime","sign","body","credential_pop","result","method","headers","JSON","stringify","then","hasStatus","raw","json","StatusAttestationResponse","parse","catch","handleStatusAttestationError","status_attestation","exports","e","UnexpectedStatusCodeError","statusCode","StatusAttestationInvalid","message","StatusAttestationError"],"sourceRoot":"../../../../src","sources":["credential/status/02-status-attestation.ts"],"mappings":";;;;;;AAAA,IAAAA,KAAA,GAAAC,OAAA;AAMA,IAAAC,iBAAA,GAAAD,OAAA;AACA,IAAAE,gBAAA,GAAAC,sBAAA,CAAAH,OAAA;AACA,IAAAI,MAAA,GAAAJ,OAAA;AACA,IAAAK,OAAA,GAAAL,OAAA;AACA,IAAAM,QAAA,GAAAN,OAAA;AAA4E,SAAAG,uBAAAI,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAW5E;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMG,iBAAoC,GAAG,eAAAA,CAClDC,UAAU,EACVC,UAAU,EACVC,uBAAuB,EAEpB;EAAA,IADHC,QAA8B,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAGG,KAAK;EAEtC,MAAMC,GAAG,GAAG,MAAMN,uBAAuB,CAACO,YAAY,CAAC,CAAC;EACxD,MAAMC,cAAc,GAAG,MAAM,IAAAC,uCAAiC,EAACV,UAAU,CAAC;EAC1E,MAAMW,YAAY,GAChBZ,UAAU,CAACa,wBAAwB,CAACC,2BAA2B;EACjE,MAAMC,aAAa,GAAG,MAAM,IAAIC,yBAAO,CAACd,uBAAuB,CAAC,CAC7De,UAAU,CAAC;IACVC,GAAG,EAAEN,YAAY;IACjBO,GAAG,EAAEC,wBAAI,CAACC,EAAE,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;IACzBC,eAAe,EAAEb,cAAc;IAC/Bc,mBAAmB,EAAE;EACvB,CAAC,CAAC,CACDC,kBAAkB,CAAC;IAClBC,GAAG,EAAE,OAAO;IACZC,GAAG,EAAE,gCAAgC;IACrCC,GAAG,EAAEpB,GAAG,CAACoB;EACX,CAAC,CAAC,CACDC,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,IAAI,CAAC,CAAC;EAET,MAAMC,IAAI,GAAG;IACXC,cAAc,EAAElB;EAClB,CAAC;EAED,MAAMmB,MAAM,GAAG,MAAM/B,QAAQ,CAACS,YAAY,EAAE;IAC1CuB,MAAM,EAAE,MAAM;IACdC,OAAO,EAAE;MACP,cAAc,EAAE;IAClB,CAAC;IACDJ,IAAI,EAAEK,IAAI,CAACC,SAAS,CAACN,IAAI;EAC3B,CAAC,CAAC,CACCO,IAAI,CAAC,IAAAC,eAAS,EAAC,GAAG,CAAC,CAAC,CACpBD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBH,IAAI,CAAEG,IAAI,IAAKC,gCAAyB,CAACC,KAAK,CAACF,IAAI,CAAC,CAAC,CACrDG,KAAK,CAACC,4BAA4B,CAAC;EAEtC,OAAO;IAAE/C,iBAAiB,EAAEmC,MAAM,CAACa;EAAmB,CAAC;AACzD,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AANAC,OAAA,CAAAjD,iBAAA,GAAAA,iBAAA;AAOA,MAAM+C,4BAA4B,GAAIG,CAAU,IAAK;EACnD,IAAI,EAAEA,CAAC,YAAYC,iCAAyB,CAAC,EAAE;IAC7C,MAAMD,CAAC;EACT;EAEA,IAAIA,CAAC,CAACE,UAAU,KAAK,GAAG,EAAE;IACxB,MAAM,IAAIC,iCAAwB,CAChC,+CAA+C,EAC/CH,CAAC,CAACI,OACJ,CAAC;EACH;EAEA,MAAM,IAAIC,+BAAsB,CAC7B,2FAA0FL,CAAC,CAACE,UAAW,GAAE,EAC1GF,CAAC,CAACI,OACJ,CAAC;AACH,CAAC"}
package/lib/commonjs/credential/status/03-verify-and-parse-status-attestation.js ADDED
@@ -0,0 +1,52 @@
1
+ "use strict";
2
+
3
+ Object.defineProperty(exports, "__esModule", {
4
+ value: true
5
+ });
6
+ exports.verifyAndParseStatusAttestation = void 0;
7
+ var _errors = require("../../utils/errors");
8
+ var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
9
+ var _types = require("./types");
10
+ /**
11
+ * Given a status attestation, verifies that:
12
+ * - It's in the supported format;
13
+ * - The attestation is correctly signed;
14
+ * - It's bound to the given key.
15
+ * @param issuerConf The Issuer configuration returned by {@link evaluateIssuerTrust}
16
+ * @param statusAttestation The encoded status attestation returned by {@link statusAttestation}
17
+ * @param context.credentialCryptoContext The crypto context used to obtain the credential in {@link obtainCredential}
18
+ * @returns A parsed status attestation
19
+ * @throws {IoWalletError} If the credential signature is not verified with the Issuer key set
20
+ * @throws {IoWalletError} If the credential is not bound to the provided user key
21
+ * @throws {IoWalletError} If the credential data fail to parse
22
+ */
23
+ const verifyAndParseStatusAttestation = async (issuerConf, rawStatusAttestation, context) => {
24
+ try {
25
+ const {
26
+ statusAttestation
27
+ } = rawStatusAttestation;
28
+ const {
29
+ credentialCryptoContext
30
+ } = context;
31
+ await (0, _ioReactNativeJwt.verify)(statusAttestation, issuerConf.openid_credential_issuer.jwks.keys);
32
+ const decodedJwt = (0, _ioReactNativeJwt.decode)(statusAttestation);
33
+ const parsedStatusAttestation = _types.ParsedStatusAttestation.parse({
34
+ header: decodedJwt.protectedHeader,
35
+ payload: decodedJwt.payload
36
+ });
37
+ const holderBindingKey = await credentialCryptoContext.getPublicKey();
38
+ const {
39
+ cnf
40
+ } = parsedStatusAttestation.payload;
41
+ if (!cnf.jwk.kid || cnf.jwk.kid !== holderBindingKey.kid) {
42
+ throw new _errors.IoWalletError(`Failed to verify holder binding for status attestation, expected kid: ${holderBindingKey.kid}, got: ${parsedStatusAttestation.payload.cnf.jwk.kid}`);
43
+ }
44
+ return {
45
+ parsedStatusAttestation
46
+ };
47
+ } catch (e) {
48
+ throw new _errors.IoWalletError(`Failed to verify status attestation: ${JSON.stringify(e)}`);
49
+ }
50
+ };
51
+ exports.verifyAndParseStatusAttestation = verifyAndParseStatusAttestation;
52
+ //# sourceMappingURL=03-verify-and-parse-status-attestation.js.map
package/lib/commonjs/credential/status/03-verify-and-parse-status-attestation.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"names":["_errors","require","_ioReactNativeJwt","_types","verifyAndParseStatusAttestation","issuerConf","rawStatusAttestation","context","statusAttestation","credentialCryptoContext","verify","openid_credential_issuer","jwks","keys","decodedJwt","decodeJwt","parsedStatusAttestation","ParsedStatusAttestation","parse","header","protectedHeader","payload","holderBindingKey","getPublicKey","cnf","jwk","kid","IoWalletError","e","JSON","stringify","exports"],"sourceRoot":"../../../../src","sources":["credential/status/03-verify-and-parse-status-attestation.ts"],"mappings":";;;;;;AACA,IAAAA,OAAA,GAAAC,OAAA;AACA,IAAAC,iBAAA,GAAAD,OAAA;AAEA,IAAAE,MAAA,GAAAF,OAAA;AAWA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMG,+BAAgE,GAC3E,MAAAA,CAAOC,UAAU,EAAEC,oBAAoB,EAAEC,OAAO,KAAK;EACnD,IAAI;IACF,MAAM;MAAEC;IAAkB,CAAC,GAAGF,oBAAoB;IAClD,MAAM;MAAEG;IAAwB,CAAC,GAAGF,OAAO;IAE3C,MAAM,IAAAG,wBAAM,EACVF,iBAAiB,EACjBH,UAAU,CAACM,wBAAwB,CAACC,IAAI,CAACC,IAC3C,CAAC;IAED,MAAMC,UAAU,GAAG,IAAAC,wBAAS,EAACP,iBAAiB,CAAC;IAC/C,MAAMQ,uBAAuB,GAAGC,8BAAuB,CAACC,KAAK,CAAC;MAC5DC,MAAM,EAAEL,UAAU,CAACM,eAAe;MAClCC,OAAO,EAAEP,UAAU,CAACO;IACtB,CAAC,CAAC;IAEF,MAAMC,gBAAgB,GAAG,MAAMb,uBAAuB,CAACc,YAAY,CAAC,CAAC;IACrE,MAAM;MAAEC;IAAI,CAAC,GAAGR,uBAAuB,CAACK,OAAO;IAC/C,IAAI,CAACG,GAAG,CAACC,GAAG,CAACC,GAAG,IAAIF,GAAG,CAACC,GAAG,CAACC,GAAG,KAAKJ,gBAAgB,CAACI,GAAG,EAAE;MACxD,MAAM,IAAIC,qBAAa,CACpB,yEAAwEL,gBAAgB,CAACI,GAAI,UAASV,uBAAuB,CAACK,OAAO,CAACG,GAAG,CAACC,GAAG,CAACC,GAAI,EACrJ,CAAC;IACH;IAEA,OAAO;MAAEV;IAAwB,CAAC;EACpC,CAAC,CAAC,OAAOY,CAAC,EAAE;IACV,MAAM,IAAID,qBAAa,CACpB,wCAAuCE,IAAI,CAACC,SAAS,CAACF,CAAC,CAAE,EAC5D,CAAC;EACH;AACF,CAAC;AAACG,OAAA,CAAA3B,+BAAA,GAAAA,+BAAA"}
package/lib/commonjs/credential/status/errors.js ADDED
@@ -0,0 +1,38 @@
1
+ "use strict";
2
+
3
+ Object.defineProperty(exports, "__esModule", {
4
+ value: true
5
+ });
6
+ exports.StatusAttestationInvalid = exports.StatusAttestationError = void 0;
7
+ var _errors = require("../../utils/errors");
8
+ class StatusAttestationInvalid extends _errors.IoWalletError {
9
+ static get code() {
10
+ return "ERR_STATUS_ATTESTATION_INVALID";
11
+ }
12
+ code = "ERR_STATUS_ATTESTATION_INVALID";
13
+ constructor(message) {
14
+ let reason = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : "unspecified";
15
+ super((0, _errors.serializeAttrs)({
16
+ message,
17
+ reason
18
+ }));
19
+ this.reason = reason;
20
+ }
21
+ }
22
+ exports.StatusAttestationInvalid = StatusAttestationInvalid;
23
+ class StatusAttestationError extends _errors.IoWalletError {
24
+ static get code() {
25
+ return "ERR_STATUS_ATTESTATION_ERROR";
26
+ }
27
+ code = "ERR_STATUS_ATTESTATION_ERROR";
28
+ constructor(message) {
29
+ let reason = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : "unspecified";
30
+ super((0, _errors.serializeAttrs)({
31
+ message,
32
+ reason
33
+ }));
34
+ this.reason = reason;
35
+ }
36
+ }
37
+ exports.StatusAttestationError = StatusAttestationError;
38
+ //# sourceMappingURL=errors.js.map
package/lib/commonjs/credential/status/errors.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"names":["_errors","require","StatusAttestationInvalid","IoWalletError","code","constructor","message","reason","arguments","length","undefined","serializeAttrs","exports","StatusAttestationError"],"sourceRoot":"../../../../src","sources":["credential/status/errors.ts"],"mappings":";;;;;;AAAA,IAAAA,OAAA,GAAAC,OAAA;AAEO,MAAMC,wBAAwB,SAASC,qBAAa,CAAC;EAC1D,WAAWC,IAAIA,CAAA,EAAqC;IAClD,OAAO,gCAAgC;EACzC;EAEAA,IAAI,GAAG,gCAAgC;EAIvCC,WAAWA,CAACC,OAAe,EAAkC;IAAA,IAAhCC,MAAc,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACzD,KAAK,CAAC,IAAAG,sBAAc,EAAC;MAAEL,OAAO;MAAEC;IAAO,CAAC,CAAC,CAAC;IAC1C,IAAI,CAACA,MAAM,GAAGA,MAAM;EACtB;AACF;AAACK,OAAA,CAAAV,wBAAA,GAAAA,wBAAA;AAEM,MAAMW,sBAAsB,SAASV,qBAAa,CAAC;EACxD,WAAWC,IAAIA,CAAA,EAAmC;IAChD,OAAO,8BAA8B;EACvC;EAEAA,IAAI,GAAG,8BAA8B;EAIrCC,WAAWA,CAACC,OAAe,EAAkC;IAAA,IAAhCC,MAAc,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACzD,KAAK,CAAC,IAAAG,sBAAc,EAAC;MAAEL,OAAO;MAAEC;IAAO,CAAC,CAAC,CAAC;IAC1C,IAAI,CAACA,MAAM,GAAGA,MAAM;EACtB;AACF;AAACK,OAAA,CAAAC,sBAAA,GAAAA,sBAAA"}
package/lib/commonjs/credential/status/index.js ADDED
@@ -0,0 +1,27 @@
1
+ "use strict";
2
+
3
+ Object.defineProperty(exports, "__esModule", {
4
+ value: true
5
+ });
6
+ Object.defineProperty(exports, "evaluateIssuerTrust", {
7
+ enumerable: true,
8
+ get: function () {
9
+ return _issuance.evaluateIssuerTrust;
10
+ }
11
+ });
12
+ Object.defineProperty(exports, "statusAttestation", {
13
+ enumerable: true,
14
+ get: function () {
15
+ return _statusAttestation.statusAttestation;
16
+ }
17
+ });
18
+ Object.defineProperty(exports, "verifyAndParseStatusAttestation", {
19
+ enumerable: true,
20
+ get: function () {
21
+ return _verifyAndParseStatusAttestation.verifyAndParseStatusAttestation;
22
+ }
23
+ });
24
+ var _statusAttestation = require("./02-status-attestation");
25
+ var _issuance = require("../issuance");
26
+ var _verifyAndParseStatusAttestation = require("./03-verify-and-parse-status-attestation");
27
+ //# sourceMappingURL=index.js.map
package/lib/commonjs/credential/status/index.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"names":["_statusAttestation","require","_issuance","_verifyAndParseStatusAttestation"],"sourceRoot":"../../../../src","sources":["credential/status/index.ts"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;AACA,IAAAA,kBAAA,GAAAC,OAAA;AAIA,IAAAC,SAAA,GAAAD,OAAA;AACA,IAAAE,gCAAA,GAAAF,OAAA"}
package/lib/commonjs/credential/status/types.js ADDED
@@ -0,0 +1,48 @@
1
+ "use strict";
2
+
3
+ Object.defineProperty(exports, "__esModule", {
4
+ value: true
5
+ });
6
+ exports.StatusAttestationResponse = exports.ParsedStatusAttestation = void 0;
7
+ var _types = require("../../sd-jwt/types");
8
+ var _jwk = require("../../utils/jwk");
9
+ var z = _interopRequireWildcard(require("zod"));
10
+ function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
11
+ function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
12
+ /**
13
+ * Shape from parsing a status attestation response in case of 201.
14
+ */
15
+ const StatusAttestationResponse = z.object({
16
+ status_attestation: z.string()
17
+ });
18
+
19
+ /**
20
+ * Type from parsing a status attestation response in case of 201.
21
+ * Inferred from {@link StatusAttestationResponse}.
22
+ */
23
+
24
+ /**
25
+ * Type for a parsed status attestation.
26
+ */
27
+ exports.StatusAttestationResponse = StatusAttestationResponse;
28
+ /**
29
+ * Shape for parsing a status attestation in a JWT.
30
+ */
31
+ const ParsedStatusAttestation = z.object({
32
+ header: z.object({
33
+ typ: z.literal("status-attestation+jwt"),
34
+ alg: z.string(),
35
+ kid: z.string().optional()
36
+ }),
37
+ payload: z.object({
38
+ credential_hash_alg: z.string(),
39
+ credential_hash: z.string(),
40
+ cnf: z.object({
41
+ jwk: _jwk.JWK
42
+ }),
43
+ exp: _types.UnixTime,
44
+ iat: _types.UnixTime
45
+ })
46
+ });
47
+ exports.ParsedStatusAttestation = ParsedStatusAttestation;
48
+ //# sourceMappingURL=types.js.map
package/lib/commonjs/credential/status/types.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"names":["_types","require","_jwk","z","_interopRequireWildcard","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","StatusAttestationResponse","object","status_attestation","string","exports","ParsedStatusAttestation","header","typ","literal","alg","kid","optional","payload","credential_hash_alg","credential_hash","cnf","jwk","JWK","exp","UnixTime","iat"],"sourceRoot":"../../../../src","sources":["credential/status/types.ts"],"mappings":";;;;;;AAAA,IAAAA,MAAA,GAAAC,OAAA;AACA,IAAAC,IAAA,GAAAD,OAAA;AACA,IAAAE,CAAA,GAAAC,uBAAA,CAAAH,OAAA;AAAyB,SAAAI,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAF,wBAAAM,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAEzB;AACA;AACA;AACO,MAAMW,yBAAyB,GAAGxB,CAAC,CAACyB,MAAM,CAAC;EAChDC,kBAAkB,EAAE1B,CAAC,CAAC2B,MAAM,CAAC;AAC/B,CAAC,CAAC;;AAEF;AACA;AACA;AACA;;AAKA;AACA;AACA;AAFAC,OAAA,CAAAJ,yBAAA,GAAAA,yBAAA;AAKA;AACA;AACA;AACO,MAAMK,uBAAuB,GAAG7B,CAAC,CAACyB,MAAM,CAAC;EAC9CK,MAAM,EAAE9B,CAAC,CAACyB,MAAM,CAAC;IACfM,GAAG,EAAE/B,CAAC,CAACgC,OAAO,CAAC,wBAAwB,CAAC;IACxCC,GAAG,EAAEjC,CAAC,CAAC2B,MAAM,CAAC,CAAC;IACfO,GAAG,EAAElC,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACQ,QAAQ,CAAC;EAC3B,CAAC,CAAC;EACFC,OAAO,EAAEpC,CAAC,CAACyB,MAAM,CAAC;IAChBY,mBAAmB,EAAErC,CAAC,CAAC2B,MAAM,CAAC,CAAC;IAC/BW,eAAe,EAAEtC,CAAC,CAAC2B,MAAM,CAAC,CAAC;IAC3BY,GAAG,EAAEvC,CAAC,CAACyB,MAAM,CAAC;MACZe,GAAG,EAAEC;IACP,CAAC,CAAC;IACFC,GAAG,EAAEC,eAAQ;IACbC,GAAG,EAAED;EACP,CAAC;AACH,CAAC,CAAC;AAACf,OAAA,CAAAC,uBAAA,GAAAA,uBAAA"}