@pagopa/io-react-native-wallet 0.15.3 → 0.16.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (92) hide show
  1. package/lib/commonjs/credential/index.js +3 -1
  2. package/lib/commonjs/credential/index.js.map +1 -1
  3. package/lib/commonjs/credential/issuance/04-complete-user-authorization.js +19 -4
  4. package/lib/commonjs/credential/issuance/04-complete-user-authorization.js.map +1 -1
  5. package/lib/commonjs/credential/issuance/05-authorize-access.js +9 -12
  6. package/lib/commonjs/credential/issuance/05-authorize-access.js.map +1 -1
  7. package/lib/commonjs/credential/issuance/06-obtain-credential.js +13 -2
  8. package/lib/commonjs/credential/issuance/06-obtain-credential.js.map +1 -1
  9. package/lib/commonjs/credential/status/01-start-flow.js +2 -0
  10. package/lib/commonjs/credential/status/01-start-flow.js.map +1 -0
  11. package/lib/commonjs/credential/status/02-status-attestation.js +72 -0
  12. package/lib/commonjs/credential/status/02-status-attestation.js.map +1 -0
  13. package/lib/commonjs/credential/status/03-verify-and-parse-status-attestation.js +52 -0
  14. package/lib/commonjs/credential/status/03-verify-and-parse-status-attestation.js.map +1 -0
  15. package/lib/commonjs/credential/status/errors.js +38 -0
  16. package/lib/commonjs/credential/status/errors.js.map +1 -0
  17. package/lib/commonjs/credential/status/index.js +27 -0
  18. package/lib/commonjs/credential/status/index.js.map +1 -0
  19. package/lib/commonjs/credential/status/types.js +48 -0
  20. package/lib/commonjs/credential/status/types.js.map +1 -0
  21. package/lib/commonjs/utils/errors.js +44 -2
  22. package/lib/commonjs/utils/errors.js.map +1 -1
  23. package/lib/commonjs/utils/misc.js +41 -3
  24. package/lib/commonjs/utils/misc.js.map +1 -1
  25. package/lib/commonjs/utils/par.js +1 -1
  26. package/lib/commonjs/utils/par.js.map +1 -1
  27. package/lib/module/credential/index.js +2 -1
  28. package/lib/module/credential/index.js.map +1 -1
  29. package/lib/module/credential/issuance/04-complete-user-authorization.js +21 -6
  30. package/lib/module/credential/issuance/04-complete-user-authorization.js.map +1 -1
  31. package/lib/module/credential/issuance/05-authorize-access.js +9 -12
  32. package/lib/module/credential/issuance/05-authorize-access.js.map +1 -1
  33. package/lib/module/credential/issuance/06-obtain-credential.js +13 -3
  34. package/lib/module/credential/issuance/06-obtain-credential.js.map +1 -1
  35. package/lib/module/credential/status/01-start-flow.js +2 -0
  36. package/lib/module/credential/status/01-start-flow.js.map +1 -0
  37. package/lib/module/credential/status/02-status-attestation.js +64 -0
  38. package/lib/module/credential/status/02-status-attestation.js.map +1 -0
  39. package/lib/module/credential/status/03-verify-and-parse-status-attestation.js +46 -0
  40. package/lib/module/credential/status/03-verify-and-parse-status-attestation.js.map +1 -0
  41. package/lib/module/credential/status/errors.js +30 -0
  42. package/lib/module/credential/status/errors.js.map +1 -0
  43. package/lib/module/credential/status/index.js +5 -0
  44. package/lib/module/credential/status/index.js.map +1 -0
  45. package/lib/module/credential/status/types.js +40 -0
  46. package/lib/module/credential/status/types.js.map +1 -0
  47. package/lib/module/utils/errors.js +40 -1
  48. package/lib/module/utils/errors.js.map +1 -1
  49. package/lib/module/utils/misc.js +38 -3
  50. package/lib/module/utils/misc.js.map +1 -1
  51. package/lib/module/utils/par.js +1 -1
  52. package/lib/module/utils/par.js.map +1 -1
  53. package/lib/typescript/credential/index.d.ts +2 -1
  54. package/lib/typescript/credential/index.d.ts.map +1 -1
  55. package/lib/typescript/credential/issuance/04-complete-user-authorization.d.ts +3 -1
  56. package/lib/typescript/credential/issuance/04-complete-user-authorization.d.ts.map +1 -1
  57. package/lib/typescript/credential/issuance/05-authorize-access.d.ts +2 -1
  58. package/lib/typescript/credential/issuance/05-authorize-access.d.ts.map +1 -1
  59. package/lib/typescript/credential/issuance/06-obtain-credential.d.ts +3 -1
  60. package/lib/typescript/credential/issuance/06-obtain-credential.d.ts.map +1 -1
  61. package/lib/typescript/credential/status/01-start-flow.d.ts +10 -0
  62. package/lib/typescript/credential/status/01-start-flow.d.ts.map +1 -0
  63. package/lib/typescript/credential/status/02-status-attestation.d.ts +20 -0
  64. package/lib/typescript/credential/status/02-status-attestation.d.ts.map +1 -0
  65. package/lib/typescript/credential/status/03-verify-and-parse-status-attestation.d.ts +24 -0
  66. package/lib/typescript/credential/status/03-verify-and-parse-status-attestation.d.ts.map +1 -0
  67. package/lib/typescript/credential/status/errors.d.ts +14 -0
  68. package/lib/typescript/credential/status/errors.d.ts.map +1 -0
  69. package/lib/typescript/credential/status/index.d.ts +7 -0
  70. package/lib/typescript/credential/status/index.d.ts.map +1 -0
  71. package/lib/typescript/credential/status/types.d.ts +305 -0
  72. package/lib/typescript/credential/status/types.d.ts.map +1 -0
  73. package/lib/typescript/utils/errors.d.ts +31 -0
  74. package/lib/typescript/utils/errors.d.ts.map +1 -1
  75. package/lib/typescript/utils/misc.d.ts +18 -1
  76. package/lib/typescript/utils/misc.d.ts.map +1 -1
  77. package/lib/typescript/utils/par.d.ts +1 -4
  78. package/lib/typescript/utils/par.d.ts.map +1 -1
  79. package/package.json +3 -3
  80. package/src/credential/index.ts +2 -1
  81. package/src/credential/issuance/04-complete-user-authorization.ts +36 -6
  82. package/src/credential/issuance/05-authorize-access.ts +13 -15
  83. package/src/credential/issuance/06-obtain-credential.ts +24 -4
  84. package/src/credential/status/01-start-flow.ts +9 -0
  85. package/src/credential/status/02-status-attestation.ts +101 -0
  86. package/src/credential/status/03-verify-and-parse-status-attestation.ts +60 -0
  87. package/src/credential/status/errors.ts +31 -0
  88. package/src/credential/status/index.ts +22 -0
  89. package/src/credential/status/types.ts +43 -0
  90. package/src/utils/errors.ts +46 -1
  91. package/src/utils/misc.ts +45 -4
  92. package/src/utils/par.ts +2 -2
package/lib/commonjs/credential/index.js CHANGED
@@ -3,11 +3,13 @@
3
3
  Object.defineProperty(exports, "__esModule", {
4
4
  value: true
5
5
  });
6
- exports.Presentation = exports.Issuance = void 0;
6
+ exports.Status = exports.Presentation = exports.Issuance = void 0;
7
7
  var Issuance = _interopRequireWildcard(require("./issuance"));
8
8
  exports.Issuance = Issuance;
9
9
  var Presentation = _interopRequireWildcard(require("./presentation"));
10
10
  exports.Presentation = Presentation;
11
+ var Status = _interopRequireWildcard(require("./status"));
12
+ exports.Status = Status;
11
13
  function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
12
14
  function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
13
15
  //# sourceMappingURL=index.js.map
package/lib/commonjs/credential/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["Issuance","_interopRequireWildcard","require","exports","Presentation","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set"],"sourceRoot":"../../../src","sources":["credential/index.ts"],"mappings":";;;;;;AAAA,IAAAA,QAAA,GAAAC,uBAAA,CAAAC,OAAA;AAAuCC,OAAA,CAAAH,QAAA,GAAAA,QAAA;AACvC,IAAAI,YAAA,GAAAH,uBAAA,CAAAC,OAAA;AAA+CC,OAAA,CAAAC,YAAA,GAAAA,YAAA;AAAA,SAAAC,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAL,wBAAAS,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA"}
1
+ {"version":3,"names":["Issuance","_interopRequireWildcard","require","exports","Presentation","Status","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set"],"sourceRoot":"../../../src","sources":["credential/index.ts"],"mappings":";;;;;;AAAA,IAAAA,QAAA,GAAAC,uBAAA,CAAAC,OAAA;AAAuCC,OAAA,CAAAH,QAAA,GAAAA,QAAA;AACvC,IAAAI,YAAA,GAAAH,uBAAA,CAAAC,OAAA;AAA+CC,OAAA,CAAAC,YAAA,GAAAA,YAAA;AAC/C,IAAAC,MAAA,GAAAJ,uBAAA,CAAAC,OAAA;AAAmCC,OAAA,CAAAE,MAAA,GAAAA,MAAA;AAAA,SAAAC,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAN,wBAAAU,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA"}
package/lib/commonjs/credential/issuance/04-complete-user-authorization.js CHANGED
@@ -32,11 +32,13 @@ function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { de
32
32
  * If not specified, the default browser is used
33
33
  * @param idphint Unique identifier of the SPID IDP selected by the user
34
34
  * @param redirectUri The url to reach to complete the user authorization which is the custom URL scheme that the Wallet Instance is registered to handle, usually a custom URL or deeplink
35
+ * @param signal An optional {@link AbortSignal} to abort the operation when using the default browser
35
36
  * @throws {AuthorizationError} if an error occurs during the authorization process
36
37
  * @throws {AuthorizationIdpError} if an error occurs during the authorization process and the error is related to the IDP
38
+ * @throws {OperationAbortedError} if the caller aborts the operation via the provided signal
37
39
  * @returns the authorization response which contains code, state and iss
38
40
  */
39
- const completeUserAuthorizationWithQueryMode = async (issuerRequestUri, clientId, issuerConf, idpHint, redirectUri, authorizationContext) => {
41
+ const completeUserAuthorizationWithQueryMode = async (issuerRequestUri, clientId, issuerConf, idpHint, redirectUri, authorizationContext, signal) => {
40
42
  const authzRequestEndpoint = issuerConf.oauth_authorization_server.authorization_endpoint;
41
43
  const params = new URLSearchParams({
42
44
  client_id: clientId,
@@ -52,7 +54,7 @@ const completeUserAuthorizationWithQueryMode = async (issuerRequestUri, clientId
52
54
  });
53
55
  } else {
54
56
  // handler for redirectUri
55
- _reactNative.Linking.addEventListener("url", _ref => {
57
+ const urlEventListener = _reactNative.Linking.addEventListener("url", _ref => {
56
58
  let {
57
59
  url
58
60
  } = _ref;
@@ -60,14 +62,27 @@ const completeUserAuthorizationWithQueryMode = async (issuerRequestUri, clientId
60
62
  authRedirectUrl = url;
61
63
  }
62
64
  });
63
- const openAuthUrlInBrowser = _reactNative.Linking.openURL(authUrl);
65
+ const operationIsAborted = signal ? (0, _misc.createAbortPromiseFromSignal)(signal) : undefined;
66
+ await _reactNative.Linking.openURL(authUrl);
64
67
 
65
68
  /*
66
69
  * Waits for 120 seconds for the identificationRedirectUrl variable to be set
67
70
  * by the custom url handler. If the timeout is exceeded, throw an exception
68
71
  */
69
72
  const unitAuthRedirectIsNotUndefined = (0, _misc.until)(() => authRedirectUrl !== undefined, 120);
70
- await Promise.all([openAuthUrlInBrowser, unitAuthRedirectIsNotUndefined]);
73
+
74
+ /**
75
+ * Simultaneously listen for the abort signal (when provided) and the redirect url.
76
+ * The first event that occurs will resolve the promise.
77
+ * This is useful to properly cleanup when the caller aborts this operation.
78
+ */
79
+ const winner = await Promise.race([operationIsAborted === null || operationIsAborted === void 0 ? void 0 : operationIsAborted.listen(), unitAuthRedirectIsNotUndefined].filter(_misc.isDefined)).finally(() => {
80
+ urlEventListener.remove();
81
+ operationIsAborted === null || operationIsAborted === void 0 ? void 0 : operationIsAborted.remove();
82
+ });
83
+ if (winner === "OPERATION_ABORTED") {
84
+ throw new _errors.OperationAbortedError("DefaultQueryModeAuthorization");
85
+ }
71
86
  if (authRedirectUrl === undefined) {
72
87
  throw new _errors.AuthorizationError("Invalid authentication redirect url");
73
88
  }
package/lib/commonjs/credential/issuance/04-complete-user-authorization.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["_auth","require","_misc","_parseUrl","_interopRequireDefault","_errors","_reactNative","_ioReactNativeJwt","_types","_reactNativeUuid","_types2","_decoder","obj","__esModule","default","completeUserAuthorizationWithQueryMode","issuerRequestUri","clientId","issuerConf","idpHint","redirectUri","authorizationContext","authzRequestEndpoint","oauth_authorization_server","authorization_endpoint","params","URLSearchParams","client_id","request_uri","idphint","authUrl","authRedirectUrl","redirectSchema","URL","protocol","replace","authorize","catch","e","AuthorizationError","message","Linking","addEventListener","_ref","url","includes","openAuthUrlInBrowser","openURL","unitAuthRedirectIsNotUndefined","until","undefined","Promise","all","query","parseUrl","parseAuthroizationResponse","exports","getRequestedCredentialToBePresented","appFetch","arguments","length","fetch","requestObject","toString","method","then","hasStatus","res","text","jws","decode","reqObj","RequestObject","safeParse","payload","success","ValidationFailed","error","data","completeUserAuthorizationWithFormPostJwtMode","ctx","wiaCryptoContext","pidCryptoContext","pid","walletInstanceAttestation","wiaWpToken","SignJWT","setProtectedHeader","alg","typ","setPayload","vp","jti","uuid","v4","nonce","setIssuedAt","setExpirationTime","setAudience","response_uri","sign","pidWpToken","presentationSubmission","definition_id","id","descriptor_map","path","format","authzResponsePayload","encodeBase64","JSON","stringify","state","presentation_submission","vp_token","body","response","resUriRes","headers","reqUri","json","responseUri","ResponseUriResultShape","redirect_uri","getJwtFromFormPost","cbRes","decodedJwt","authRes","authResParsed","AuthorizationResultShape","authErr","AuthorizationErrorShape","AuthorizationIdpError","error_description"],"sourceRoot":"../../../../src","sources":["credential/issuance/04-complete-user-authorization.ts"],"mappings":";;;;;;AAAA,IAAAA,KAAA,GAAAC,OAAA;AAMA,IAAAC,KAAA,GAAAD,OAAA;AAEA,IAAAE,SAAA,GAAAC,sBAAA,CAAAH,OAAA;AACA,IAAAI,OAAA,GAAAJ,OAAA;AAMA,IAAAK,YAAA,GAAAL,OAAA;AACA,IAAAM,iBAAA,GAAAN,OAAA;AAMA,IAAAO,MAAA,GAAAP,OAAA;AACA,IAAAQ,gBAAA,GAAAL,sBAAA,CAAAH,OAAA;AACA,IAAAS,OAAA,GAAAT,OAAA;AACA,IAAAU,QAAA,GAAAV,OAAA;AAAyD,SAAAG,uBAAAQ,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAEzD;AACA;AACA;;AA4BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMG,sCAA8E,GACzF,MAAAA,CACEC,gBAAgB,EAChBC,QAAQ,EACRC,UAAU,EACVC,OAAO,EACPC,WAAW,EACXC,oBAAoB,KACjB;EACH,MAAMC,oBAAoB,GACxBJ,UAAU,CAACK,0BAA0B,CAACC,sBAAsB;EAC9D,MAAMC,MAAM,GAAG,IAAIC,eAAe,CAAC;IACjCC,SAAS,EAAEV,QAAQ;IACnBW,WAAW,EAAEZ,gBAAgB;IAC7Ba,OAAO,EAAEV;EACX,CAAC,CAAC;EACF,MAAMW,OAAO,GAAI,GAAER,oBAAqB,IAAGG,MAAO,EAAC;EACnD,IAAIM,eAAmC;EAEvC,IAAIV,oBAAoB,EAAE;IACxB,MAAMW,cAAc,GAAG,IAAIC,GAAG,CAACb,WAAW,CAAC,CAACc,QAAQ,CAACC,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC;IACrEJ,eAAe,GAAG,MAAMV,oBAAoB,CACzCe,SAAS,CAACN,OAAO,EAAEE,cAAc,CAAC,CAClCK,KAAK,CAAEC,CAAC,IAAK;MACZ,MAAM,IAAIC,0BAAkB,CAACD,CAAC,CAACE,OAAO,CAAC;IACzC,CAAC,CAAC;EACN,CAAC,MAAM;IACL;IACAC,oBAAO,CAACC,gBAAgB,CAAC,KAAK,EAAEC,IAAA,IAAa;MAAA,IAAZ;QAAEC;MAAI,CAAC,GAAAD,IAAA;MACtC,IAAIC,GAAG,CAACC,QAAQ,CAACzB,WAAW,CAAC,EAAE;QAC7BW,eAAe,GAAGa,GAAG;MACvB;IACF,CAAC,CAAC;IAEF,MAAME,oBAAoB,GAAGL,oBAAO,CAACM,OAAO,CAACjB,OAAO,CAAC;;IAErD;AACN;AACA;AACA;IACM,MAAMkB,8BAA8B,GAAG,IAAAC,WAAK,EAC1C,MAAMlB,eAAe,KAAKmB,SAAS,EACnC,GACF,CAAC;IAED,MAAMC,OAAO,CAACC,GAAG,CAAC,CAACN,oBAAoB,EAAEE,8BAA8B,CAAC,CAAC;IAEzE,IAAIjB,eAAe,KAAKmB,SAAS,EAAE;MACjC,MAAM,IAAIX,0BAAkB,CAAC,qCAAqC,CAAC;IACrE;EACF;EAEA,MAAMc,KAAK,GAAG,IAAAC,iBAAQ,EAACvB,eAAe,CAAC,CAACsB,KAAK;EAC7C,OAAOE,0BAA0B,CAACF,KAAK,CAAC;AAC1C,CAAC;;AAEH;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAXAG,OAAA,CAAAzC,sCAAA,GAAAA,sCAAA;AAYO,MAAM0C,mCAAwE,GACnF,eAAAA,CAAOzC,gBAAgB,EAAEC,QAAQ,EAAEC,UAAU,EAAuB;EAAA,IAArBwC,QAAQ,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAT,SAAA,GAAAS,SAAA,MAAGE,KAAK;EAC7D,MAAMvC,oBAAoB,GACxBJ,UAAU,CAACK,0BAA0B,CAACC,sBAAsB;EAC9D,MAAMC,MAAM,GAAG,IAAIC,eAAe,CAAC;IACjCC,SAAS,EAAEV,QAAQ;IACnBW,WAAW,EAAEZ;EACf,CAAC,CAAC;EAEF,MAAM8C,aAAa,GAAG,MAAMJ,QAAQ,CACjC,GAAEpC,oBAAqB,IAAGG,MAAM,CAACsC,QAAQ,CAAC,CAAE,EAAC,EAC9C;IAAEC,MAAM,EAAE;EAAM,CAClB,CAAC,CACEC,IAAI,CAAC,IAAAC,eAAS,EAAC,GAAG,CAAC,CAAC,CACpBD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBH,IAAI,CAAEI,GAAG,IAAK,IAAAC,wBAAM,EAACD,GAAG,CAAC,CAAC,CAC1BJ,IAAI,CAAEM,MAAM,IAAKC,oBAAa,CAACC,SAAS,CAACF,MAAM,CAACG,OAAO,CAAC,CAAC;EAE5D,IAAI,CAACZ,aAAa,CAACa,OAAO,EAAE;IAC1B,MAAM,IAAIC,wBAAgB,CACxB,kCAAkC,EAClCd,aAAa,CAACe,KAAK,CAACrC,OACtB,CAAC;EACH;EACA,OAAOsB,aAAa,CAACgB,IAAI;AAC3B,CAAC;;AAEH;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAfAtB,OAAA,CAAAC,mCAAA,GAAAA,mCAAA;AAgBO,MAAMsB,4CAA0F,GACrG,MAAAA,CAAOjB,aAAa,EAAEkB,GAAG,KAAK;EAC5B,MAAM;IACJC,gBAAgB;IAChBC,gBAAgB;IAChBC,GAAG;IACHC,yBAAyB;IACzB1B,QAAQ,GAAGG;EACb,CAAC,GAAGmB,GAAG;EAEP,MAAMK,UAAU,GAAG,MAAM,IAAIC,yBAAO,CAACL,gBAAgB,CAAC,CACnDM,kBAAkB,CAAC;IAClBC,GAAG,EAAE,OAAO;IACZC,GAAG,EAAE;EACP,CAAC,CAAC,CACDC,UAAU,CAAC;IACVC,EAAE,EAAEP,yBAAyB;IAC7BQ,GAAG,EAAEC,wBAAI,CAACC,EAAE,CAAC,CAAC,CAAC/B,QAAQ,CAAC,CAAC;IACzBgC,KAAK,EAAEjC,aAAa,CAACiC;EACvB,CAAC,CAAC,CACDC,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,WAAW,CAACpC,aAAa,CAACqC,YAAY,CAAC,CACvCC,IAAI,CAAC,CAAC;EAET,MAAMC,UAAU,GAAG,MAAM,IAAIf,yBAAO,CAACJ,gBAAgB,CAAC,CACnDK,kBAAkB,CAAC;IAClBC,GAAG,EAAE,OAAO;IACZC,GAAG,EAAE;EACP,CAAC,CAAC,CACDC,UAAU,CAAC;IACVC,EAAE,EAAER,GAAG;IACPS,GAAG,EAAEC,wBAAI,CAACC,EAAE,CAAC,CAAC,CAAC/B,QAAQ,CAAC,CAAC;IACzBgC,KAAK,EAAEjC,aAAa,CAACiC;EACvB,CAAC,CAAC,CACDC,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,WAAW,CAACpC,aAAa,CAACqC,YAAY,CAAC,CACvCC,IAAI,CAAC,CAAC;;EAET;AACJ;AACA;EACI,MAAME,sBAAsB,GAAG;IAC7BC,aAAa,EAAG,GAAEV,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;IAC7BU,EAAE,EAAG,GAAEX,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;IAClBW,cAAc,EAAE,CACd;MACED,EAAE,EAAE,0BAA0B;MAC9BE,IAAI,EAAE,kBAAkB;MACxBC,MAAM,EAAE;IACV,CAAC,EACD;MACEH,EAAE,EAAE,mBAAmB;MACvBE,IAAI,EAAE,kBAAkB;MACxBC,MAAM,EAAE;IACV,CAAC;EAEL,CAAC;EAED,MAAMC,oBAAoB,GAAG,IAAAC,8BAAY,EACvCC,IAAI,CAACC,SAAS,CAAC;IACbC,KAAK,EAAElD,aAAa,CAACkD,KAAK;IAC1BC,uBAAuB,EAAEX,sBAAsB;IAC/CY,QAAQ,EAAE,CAACb,UAAU,EAAEhB,UAAU;EACnC,CAAC,CACH,CAAC;;EAED;EACA;EACA;EACA;EACA;EACA;EACA;EACA;;EAEA,MAAM8B,IAAI,GAAG,IAAIzF,eAAe,CAAC;IAC/B0F,QAAQ,EAAER;EACZ,CAAC,CAAC,CAAC7C,QAAQ,CAAC,CAAC;EACb,MAAMsD,SAAS,GAAG,MAAM3D,QAAQ,CAACI,aAAa,CAACqC,YAAY,EAAE;IAC3DnC,MAAM,EAAE,MAAM;IACdsD,OAAO,EAAE;MACP,cAAc,EAAE;IAClB,CAAC;IACDH;EACF,CAAC,CAAC,CACClD,IAAI,CAAC,IAAAC,eAAS,EAAC,GAAG,CAAC,CAAC,CACpBD,IAAI,CAAEsD,MAAM,IAAKA,MAAM,CAACC,IAAI,CAAC,CAAC,CAAC;EAElC,MAAMC,WAAW,GAAGC,8BAAsB,CAACjD,SAAS,CAAC4C,SAAS,CAAC;EAC/D,IAAI,CAACI,WAAW,CAAC9C,OAAO,EAAE;IACxB,MAAM,IAAIC,wBAAgB,CACxB,gCAAgC,EAChC6C,WAAW,CAAC5C,KAAK,CAACrC,OACpB,CAAC;EACH;EAEA,OAAO,MAAMkB,QAAQ,CAAC+D,WAAW,CAAC3C,IAAI,CAAC6C,YAAY,CAAC,CACjD1D,IAAI,CAAC,IAAAC,eAAS,EAAC,GAAG,CAAC,CAAC,CACpBD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBH,IAAI,CAAC2D,2BAAkB,CAAC,CACxB3D,IAAI,CAAE4D,KAAK,IAAKtE,0BAA0B,CAACsE,KAAK,CAACC,UAAU,CAACpD,OAAO,CAAC,CAAC;AAC1E,CAAC;;AAEH;AACA;AACA;AACA;AACA;AACA;AACA;AANAlB,OAAA,CAAAuB,4CAAA,GAAAA,4CAAA;AAOO,MAAMxB,0BAA0B,GACrCwE,OAAgB,IACQ;EACxB,MAAMC,aAAa,GAAGC,8BAAwB,CAACxD,SAAS,CAACsD,OAAO,CAAC;EACjE,IAAI,CAACC,aAAa,CAACrD,OAAO,EAAE;IAC1B,MAAMuD,OAAO,GAAGC,6BAAuB,CAAC1D,SAAS,CAACsD,OAAO,CAAC;IAC1D,IAAI,CAACG,OAAO,CAACvD,OAAO,EAAE;MACpB,MAAM,IAAIpC,0BAAkB,CAACyF,aAAa,CAACnD,KAAK,CAACrC,OAAO,CAAC,CAAC,CAAC;IAC7D;;IACA,MAAM,IAAI4F,6BAAqB,CAC7BF,OAAO,CAACpD,IAAI,CAACD,KAAK,EAClBqD,OAAO,CAACpD,IAAI,CAACuD,iBACf,CAAC;EACH;EACA,OAAOL,aAAa,CAAClD,IAAI;AAC3B,CAAC;AAACtB,OAAA,CAAAD,0BAAA,GAAAA,0BAAA"}
1
+ {"version":3,"names":["_auth","require","_misc","_parseUrl","_interopRequireDefault","_errors","_reactNative","_ioReactNativeJwt","_types","_reactNativeUuid","_types2","_decoder","obj","__esModule","default","completeUserAuthorizationWithQueryMode","issuerRequestUri","clientId","issuerConf","idpHint","redirectUri","authorizationContext","signal","authzRequestEndpoint","oauth_authorization_server","authorization_endpoint","params","URLSearchParams","client_id","request_uri","idphint","authUrl","authRedirectUrl","redirectSchema","URL","protocol","replace","authorize","catch","e","AuthorizationError","message","urlEventListener","Linking","addEventListener","_ref","url","includes","operationIsAborted","createAbortPromiseFromSignal","undefined","openURL","unitAuthRedirectIsNotUndefined","until","winner","Promise","race","listen","filter","isDefined","finally","remove","OperationAbortedError","query","parseUrl","parseAuthroizationResponse","exports","getRequestedCredentialToBePresented","appFetch","arguments","length","fetch","requestObject","toString","method","then","hasStatus","res","text","jws","decode","reqObj","RequestObject","safeParse","payload","success","ValidationFailed","error","data","completeUserAuthorizationWithFormPostJwtMode","ctx","wiaCryptoContext","pidCryptoContext","pid","walletInstanceAttestation","wiaWpToken","SignJWT","setProtectedHeader","alg","typ","setPayload","vp","jti","uuid","v4","nonce","setIssuedAt","setExpirationTime","setAudience","response_uri","sign","pidWpToken","presentationSubmission","definition_id","id","descriptor_map","path","format","authzResponsePayload","encodeBase64","JSON","stringify","state","presentation_submission","vp_token","body","response","resUriRes","headers","reqUri","json","responseUri","ResponseUriResultShape","redirect_uri","getJwtFromFormPost","cbRes","decodedJwt","authRes","authResParsed","AuthorizationResultShape","authErr","AuthorizationErrorShape","AuthorizationIdpError","error_description"],"sourceRoot":"../../../../src","sources":["credential/issuance/04-complete-user-authorization.ts"],"mappings":";;;;;;AAAA,IAAAA,KAAA,GAAAC,OAAA;AAMA,IAAAC,KAAA,GAAAD,OAAA;AAQA,IAAAE,SAAA,GAAAC,sBAAA,CAAAH,OAAA;AACA,IAAAI,OAAA,GAAAJ,OAAA;AAOA,IAAAK,YAAA,GAAAL,OAAA;AACA,IAAAM,iBAAA,GAAAN,OAAA;AAMA,IAAAO,MAAA,GAAAP,OAAA;AACA,IAAAQ,gBAAA,GAAAL,sBAAA,CAAAH,OAAA;AACA,IAAAS,OAAA,GAAAT,OAAA;AACA,IAAAU,QAAA,GAAAV,OAAA;AAAyD,SAAAG,uBAAAQ,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAEzD;AACA;AACA;;AA6BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMG,sCAA8E,GACzF,MAAAA,CACEC,gBAAgB,EAChBC,QAAQ,EACRC,UAAU,EACVC,OAAO,EACPC,WAAW,EACXC,oBAAoB,EACpBC,MAAM,KACH;EACH,MAAMC,oBAAoB,GACxBL,UAAU,CAACM,0BAA0B,CAACC,sBAAsB;EAC9D,MAAMC,MAAM,GAAG,IAAIC,eAAe,CAAC;IACjCC,SAAS,EAAEX,QAAQ;IACnBY,WAAW,EAAEb,gBAAgB;IAC7Bc,OAAO,EAAEX;EACX,CAAC,CAAC;EACF,MAAMY,OAAO,GAAI,GAAER,oBAAqB,IAAGG,MAAO,EAAC;EACnD,IAAIM,eAAmC;EAEvC,IAAIX,oBAAoB,EAAE;IACxB,MAAMY,cAAc,GAAG,IAAIC,GAAG,CAACd,WAAW,CAAC,CAACe,QAAQ,CAACC,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC;IACrEJ,eAAe,GAAG,MAAMX,oBAAoB,CACzCgB,SAAS,CAACN,OAAO,EAAEE,cAAc,CAAC,CAClCK,KAAK,CAAEC,CAAC,IAAK;MACZ,MAAM,IAAIC,0BAAkB,CAACD,CAAC,CAACE,OAAO,CAAC;IACzC,CAAC,CAAC;EACN,CAAC,MAAM;IACL;IACA,MAAMC,gBAAgB,GAAGC,oBAAO,CAACC,gBAAgB,CAAC,KAAK,EAAEC,IAAA,IAAa;MAAA,IAAZ;QAAEC;MAAI,CAAC,GAAAD,IAAA;MAC/D,IAAIC,GAAG,CAACC,QAAQ,CAAC3B,WAAW,CAAC,EAAE;QAC7BY,eAAe,GAAGc,GAAG;MACvB;IACF,CAAC,CAAC;IAEF,MAAME,kBAAkB,GAAG1B,MAAM,GAC7B,IAAA2B,kCAA4B,EAAC3B,MAAM,CAAC,GACpC4B,SAAS;IACb,MAAMP,oBAAO,CAACQ,OAAO,CAACpB,OAAO,CAAC;;IAE9B;AACN;AACA;AACA;IACM,MAAMqB,8BAA8B,GAAG,IAAAC,WAAK,EAC1C,MAAMrB,eAAe,KAAKkB,SAAS,EACnC,GACF,CAAC;;IAED;AACN;AACA;AACA;AACA;IACM,MAAMI,MAAM,GAAG,MAAMC,OAAO,CAACC,IAAI,CAC/B,CAACR,kBAAkB,aAAlBA,kBAAkB,uBAAlBA,kBAAkB,CAAES,MAAM,CAAC,CAAC,EAAEL,8BAA8B,CAAC,CAACM,MAAM,CACnEC,eACF,CACF,CAAC,CAACC,OAAO,CAAC,MAAM;MACdlB,gBAAgB,CAACmB,MAAM,CAAC,CAAC;MACzBb,kBAAkB,aAAlBA,kBAAkB,uBAAlBA,kBAAkB,CAAEa,MAAM,CAAC,CAAC;IAC9B,CAAC,CAAC;IAEF,IAAIP,MAAM,KAAK,mBAAmB,EAAE;MAClC,MAAM,IAAIQ,6BAAqB,CAAC,+BAA+B,CAAC;IAClE;IAEA,IAAI9B,eAAe,KAAKkB,SAAS,EAAE;MACjC,MAAM,IAAIV,0BAAkB,CAAC,qCAAqC,CAAC;IACrE;EACF;EAEA,MAAMuB,KAAK,GAAG,IAAAC,iBAAQ,EAAChC,eAAe,CAAC,CAAC+B,KAAK;EAC7C,OAAOE,0BAA0B,CAACF,KAAK,CAAC;AAC1C,CAAC;;AAEH;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAXAG,OAAA,CAAAnD,sCAAA,GAAAA,sCAAA;AAYO,MAAMoD,mCAAwE,GACnF,eAAAA,CAAOnD,gBAAgB,EAAEC,QAAQ,EAAEC,UAAU,EAAuB;EAAA,IAArBkD,QAAQ,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAnB,SAAA,GAAAmB,SAAA,MAAGE,KAAK;EAC7D,MAAMhD,oBAAoB,GACxBL,UAAU,CAACM,0BAA0B,CAACC,sBAAsB;EAC9D,MAAMC,MAAM,GAAG,IAAIC,eAAe,CAAC;IACjCC,SAAS,EAAEX,QAAQ;IACnBY,WAAW,EAAEb;EACf,CAAC,CAAC;EAEF,MAAMwD,aAAa,GAAG,MAAMJ,QAAQ,CACjC,GAAE7C,oBAAqB,IAAGG,MAAM,CAAC+C,QAAQ,CAAC,CAAE,EAAC,EAC9C;IAAEC,MAAM,EAAE;EAAM,CAClB,CAAC,CACEC,IAAI,CAAC,IAAAC,eAAS,EAAC,GAAG,CAAC,CAAC,CACpBD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBH,IAAI,CAAEI,GAAG,IAAK,IAAAC,wBAAM,EAACD,GAAG,CAAC,CAAC,CAC1BJ,IAAI,CAAEM,MAAM,IAAKC,oBAAa,CAACC,SAAS,CAACF,MAAM,CAACG,OAAO,CAAC,CAAC;EAE5D,IAAI,CAACZ,aAAa,CAACa,OAAO,EAAE;IAC1B,MAAM,IAAIC,wBAAgB,CACxB,kCAAkC,EAClCd,aAAa,CAACe,KAAK,CAAC9C,OACtB,CAAC;EACH;EACA,OAAO+B,aAAa,CAACgB,IAAI;AAC3B,CAAC;;AAEH;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAfAtB,OAAA,CAAAC,mCAAA,GAAAA,mCAAA;AAgBO,MAAMsB,4CAA0F,GACrG,MAAAA,CAAOjB,aAAa,EAAEkB,GAAG,KAAK;EAC5B,MAAM;IACJC,gBAAgB;IAChBC,gBAAgB;IAChBC,GAAG;IACHC,yBAAyB;IACzB1B,QAAQ,GAAGG;EACb,CAAC,GAAGmB,GAAG;EAEP,MAAMK,UAAU,GAAG,MAAM,IAAIC,yBAAO,CAACL,gBAAgB,CAAC,CACnDM,kBAAkB,CAAC;IAClBC,GAAG,EAAE,OAAO;IACZC,GAAG,EAAE;EACP,CAAC,CAAC,CACDC,UAAU,CAAC;IACVC,EAAE,EAAEP,yBAAyB;IAC7BQ,GAAG,EAAEC,wBAAI,CAACC,EAAE,CAAC,CAAC,CAAC/B,QAAQ,CAAC,CAAC;IACzBgC,KAAK,EAAEjC,aAAa,CAACiC;EACvB,CAAC,CAAC,CACDC,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,WAAW,CAACpC,aAAa,CAACqC,YAAY,CAAC,CACvCC,IAAI,CAAC,CAAC;EAET,MAAMC,UAAU,GAAG,MAAM,IAAIf,yBAAO,CAACJ,gBAAgB,CAAC,CACnDK,kBAAkB,CAAC;IAClBC,GAAG,EAAE,OAAO;IACZC,GAAG,EAAE;EACP,CAAC,CAAC,CACDC,UAAU,CAAC;IACVC,EAAE,EAAER,GAAG;IACPS,GAAG,EAAEC,wBAAI,CAACC,EAAE,CAAC,CAAC,CAAC/B,QAAQ,CAAC,CAAC;IACzBgC,KAAK,EAAEjC,aAAa,CAACiC;EACvB,CAAC,CAAC,CACDC,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,WAAW,CAACpC,aAAa,CAACqC,YAAY,CAAC,CACvCC,IAAI,CAAC,CAAC;;EAET;AACJ;AACA;EACI,MAAME,sBAAsB,GAAG;IAC7BC,aAAa,EAAG,GAAEV,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;IAC7BU,EAAE,EAAG,GAAEX,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;IAClBW,cAAc,EAAE,CACd;MACED,EAAE,EAAE,0BAA0B;MAC9BE,IAAI,EAAE,kBAAkB;MACxBC,MAAM,EAAE;IACV,CAAC,EACD;MACEH,EAAE,EAAE,mBAAmB;MACvBE,IAAI,EAAE,kBAAkB;MACxBC,MAAM,EAAE;IACV,CAAC;EAEL,CAAC;EAED,MAAMC,oBAAoB,GAAG,IAAAC,8BAAY,EACvCC,IAAI,CAACC,SAAS,CAAC;IACbC,KAAK,EAAElD,aAAa,CAACkD,KAAK;IAC1BC,uBAAuB,EAAEX,sBAAsB;IAC/CY,QAAQ,EAAE,CAACb,UAAU,EAAEhB,UAAU;EACnC,CAAC,CACH,CAAC;;EAED;EACA;EACA;EACA;EACA;EACA;EACA;EACA;;EAEA,MAAM8B,IAAI,GAAG,IAAIlG,eAAe,CAAC;IAC/BmG,QAAQ,EAAER;EACZ,CAAC,CAAC,CAAC7C,QAAQ,CAAC,CAAC;EACb,MAAMsD,SAAS,GAAG,MAAM3D,QAAQ,CAACI,aAAa,CAACqC,YAAY,EAAE;IAC3DnC,MAAM,EAAE,MAAM;IACdsD,OAAO,EAAE;MACP,cAAc,EAAE;IAClB,CAAC;IACDH;EACF,CAAC,CAAC,CACClD,IAAI,CAAC,IAAAC,eAAS,EAAC,GAAG,CAAC,CAAC,CACpBD,IAAI,CAAEsD,MAAM,IAAKA,MAAM,CAACC,IAAI,CAAC,CAAC,CAAC;EAElC,MAAMC,WAAW,GAAGC,8BAAsB,CAACjD,SAAS,CAAC4C,SAAS,CAAC;EAC/D,IAAI,CAACI,WAAW,CAAC9C,OAAO,EAAE;IACxB,MAAM,IAAIC,wBAAgB,CACxB,gCAAgC,EAChC6C,WAAW,CAAC5C,KAAK,CAAC9C,OACpB,CAAC;EACH;EAEA,OAAO,MAAM2B,QAAQ,CAAC+D,WAAW,CAAC3C,IAAI,CAAC6C,YAAY,CAAC,CACjD1D,IAAI,CAAC,IAAAC,eAAS,EAAC,GAAG,CAAC,CAAC,CACpBD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBH,IAAI,CAAC2D,2BAAkB,CAAC,CACxB3D,IAAI,CAAE4D,KAAK,IAAKtE,0BAA0B,CAACsE,KAAK,CAACC,UAAU,CAACpD,OAAO,CAAC,CAAC;AAC1E,CAAC;;AAEH;AACA;AACA;AACA;AACA;AACA;AACA;AANAlB,OAAA,CAAAuB,4CAAA,GAAAA,4CAAA;AAOO,MAAMxB,0BAA0B,GACrCwE,OAAgB,IACQ;EACxB,MAAMC,aAAa,GAAGC,8BAAwB,CAACxD,SAAS,CAACsD,OAAO,CAAC;EACjE,IAAI,CAACC,aAAa,CAACrD,OAAO,EAAE;IAC1B,MAAMuD,OAAO,GAAGC,6BAAuB,CAAC1D,SAAS,CAACsD,OAAO,CAAC;IAC1D,IAAI,CAACG,OAAO,CAACvD,OAAO,EAAE;MACpB,MAAM,IAAI7C,0BAAkB,CAACkG,aAAa,CAACnD,KAAK,CAAC9C,OAAO,CAAC,CAAC,CAAC;IAC7D;;IACA,MAAM,IAAIqG,6BAAqB,CAC7BF,OAAO,CAACpD,IAAI,CAACD,KAAK,EAClBqD,OAAO,CAACpD,IAAI,CAACuD,iBACf,CAAC;EACH;EACA,OAAOL,aAAa,CAAClD,IAAI;AAC3B,CAAC;AAACtB,OAAA,CAAAD,0BAAA,GAAAA,0BAAA"}
package/lib/commonjs/credential/issuance/05-authorize-access.js CHANGED
@@ -5,7 +5,6 @@ Object.defineProperty(exports, "__esModule", {
5
5
  });
6
6
  exports.authorizeAccess = void 0;
7
7
  var _misc = require("../../utils/misc");
8
- var _crypto = require("../../utils/crypto");
9
8
  var _dpop = require("../../utils/dpop");
10
9
  var _reactNativeUuid = _interopRequireDefault(require("react-native-uuid"));
11
10
  var _pop = require("../../utils/pop");
@@ -28,6 +27,7 @@ function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { de
28
27
  * @param codeVerifier The code verifier returned by {@link startUserAuthorization}
29
28
  * @param context.walletInstanceAttestation The Wallet Instance's attestation
30
29
  * @param context.wiaCryptoContext The Wallet Instance's crypto context
30
+ * @param context.dPopCryptoContext The DPoP crypto context
31
31
  * @param context.appFetch (optional) fetch api implementation. Default: built-in fetch
32
32
  * @throws {ValidationFailed} if an error occurs while parsing the token response
33
33
  * @return The token response containing the access token along with the token request signed with DPoP which has to be used in the {@link obtainCredential} step.
@@ -36,21 +36,19 @@ const authorizeAccess = async (issuerConf, code, clientId, redirectUri, codeVeri
36
36
  const {
37
37
  appFetch = fetch,
38
38
  walletInstanceAttestation,
39
- wiaCryptoContext
39
+ wiaCryptoContext,
40
+ dPopCryptoContext
40
41
  } = context;
41
42
  const parEndpoint = issuerConf.oauth_authorization_server.pushed_authorization_request_endpoint;
42
43
  const parUrl = new URL(parEndpoint);
43
44
  const aud = `${parUrl.protocol}//${parUrl.hostname}`;
44
45
  const iss = WalletInstanceAttestation.decode(walletInstanceAttestation).payload.cnf.jwk.kid;
45
46
  const tokenUrl = issuerConf.oauth_authorization_server.token_endpoint;
46
- // Use an ephemeral key to be destroyed after use
47
- const tokenRequestSignedDPop = await (0, _crypto.withEphemeralKey)(async ephimeralContext => {
48
- return await (0, _dpop.createDPopToken)({
49
- htm: "POST",
50
- htu: tokenUrl,
51
- jti: `${_reactNativeUuid.default.v4()}`
52
- }, ephimeralContext);
53
- });
47
+ const tokenRequestSignedDPop = await (0, _dpop.createDPopToken)({
48
+ htm: "POST",
49
+ htu: tokenUrl,
50
+ jti: `${_reactNativeUuid.default.v4()}`
51
+ }, dPopCryptoContext);
54
52
  const signedWiaPoP = await (0, _pop.createPopToken)({
55
53
  jti: `${_reactNativeUuid.default.v4()}`,
56
54
  aud,
@@ -78,8 +76,7 @@ const authorizeAccess = async (issuerConf, code, clientId, redirectUri, codeVeri
78
76
  throw new _errors.ValidationFailed(tokenRes.error.message);
79
77
  }
80
78
  return {
81
- accessToken: tokenRes.data,
82
- tokenRequestSignedDPop
79
+ accessToken: tokenRes.data
83
80
  };
84
81
  };
85
82
  exports.authorizeAccess = authorizeAccess;
package/lib/commonjs/credential/issuance/05-authorize-access.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["_misc","require","_crypto","_dpop","_reactNativeUuid","_interopRequireDefault","_pop","WalletInstanceAttestation","_interopRequireWildcard","_const","_types","_errors","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","authorizeAccess","issuerConf","code","clientId","redirectUri","codeVerifier","context","appFetch","fetch","walletInstanceAttestation","wiaCryptoContext","parEndpoint","oauth_authorization_server","pushed_authorization_request_endpoint","parUrl","URL","aud","protocol","hostname","iss","decode","payload","cnf","jwk","kid","tokenUrl","token_endpoint","tokenRequestSignedDPop","withEphemeralKey","ephimeralContext","createDPopToken","htm","htu","jti","uuid","v4","signedWiaPoP","createPopToken","requestBody","grant_type","client_id","redirect_uri","code_verifier","client_assertion_type","ASSERTION_TYPE","client_assertion","authorizationRequestFormBody","URLSearchParams","tokenRes","method","headers","DPoP","body","toString","then","hasStatus","res","json","TokenResponse","safeParse","success","ValidationFailed","error","message","accessToken","data","exports"],"sourceRoot":"../../../../src","sources":["credential/issuance/05-authorize-access.ts"],"mappings":";;;;;;AAAA,IAAAA,KAAA,GAAAC,OAAA;AAGA,IAAAC,OAAA,GAAAD,OAAA;AACA,IAAAE,KAAA,GAAAF,OAAA;AACA,IAAAG,gBAAA,GAAAC,sBAAA,CAAAJ,OAAA;AACA,IAAAK,IAAA,GAAAL,OAAA;AACA,IAAAM,yBAAA,GAAAC,uBAAA,CAAAP,OAAA;AAEA,IAAAQ,MAAA,GAAAR,OAAA;AACA,IAAAS,MAAA,GAAAT,OAAA;AACA,IAAAU,OAAA,GAAAV,OAAA;AAAsD,SAAAW,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAL,wBAAAS,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAAA,SAAAlB,uBAAAY,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAgBtD;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMiB,eAAgC,GAAG,MAAAA,CAC9CC,UAAU,EACVC,IAAI,EACJC,QAAQ,EACRC,WAAW,EACXC,YAAY,EACZC,OAAO,KACJ;EACH,MAAM;IACJC,QAAQ,GAAGC,KAAK;IAChBC,yBAAyB;IACzBC;EACF,CAAC,GAAGJ,OAAO;EAEX,MAAMK,WAAW,GACfV,UAAU,CAACW,0BAA0B,CAACC,qCAAqC;EAC7E,MAAMC,MAAM,GAAG,IAAIC,GAAG,CAACJ,WAAW,CAAC;EACnC,MAAMK,GAAG,GAAI,GAAEF,MAAM,CAACG,QAAS,KAAIH,MAAM,CAACI,QAAS,EAAC;EACpD,MAAMC,GAAG,GAAG9C,yBAAyB,CAAC+C,MAAM,CAACX,yBAAyB,CAAC,CACpEY,OAAO,CAACC,GAAG,CAACC,GAAG,CAACC,GAAG;EAEtB,MAAMC,QAAQ,GAAGxB,UAAU,CAACW,0BAA0B,CAACc,cAAc;EACrE;EACA,MAAMC,sBAAsB,GAAG,MAAM,IAAAC,wBAAgB,EACnD,MAAOC,gBAAgB,IAAK;IAC1B,OAAO,MAAM,IAAAC,qBAAe,EAC1B;MACEC,GAAG,EAAE,MAAM;MACXC,GAAG,EAAEP,QAAQ;MACbQ,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE;IACpB,CAAC,EACDN,gBACF,CAAC;EACH,CACF,CAAC;EAED,MAAMO,YAAY,GAAG,MAAM,IAAAC,mBAAc,EACvC;IACEJ,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;IACnBnB,GAAG;IACHG;EACF,CAAC,EACDT,gBACF,CAAC;EAED,MAAM4B,WAAW,GAAG;IAClBC,UAAU,EAAE,oBAAoB;IAChCC,SAAS,EAAErC,QAAQ;IACnBD,IAAI;IACJuC,YAAY,EAAErC,WAAW;IACzBsC,aAAa,EAAErC,YAAY;IAC3BsC,qBAAqB,EAAEC,qBAAc;IACrCC,gBAAgB,EAAEpC,yBAAyB,GAAG,GAAG,GAAG2B;EACtD,CAAC;EAED,MAAMU,4BAA4B,GAAG,IAAIC,eAAe,CAACT,WAAW,CAAC;EACrE,MAAMU,QAAQ,GAAG,MAAMzC,QAAQ,CAACkB,QAAQ,EAAE;IACxCwB,MAAM,EAAE,MAAM;IACdC,OAAO,EAAE;MACP,cAAc,EAAE,mCAAmC;MACnDC,IAAI,EAAExB;IACR,CAAC;IACDyB,IAAI,EAAEN,4BAA4B,CAACO,QAAQ,CAAC;EAC9C,CAAC,CAAC,CACCC,IAAI,CAAC,IAAAC,eAAS,EAAC,GAAG,CAAC,CAAC,CACpBD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBH,IAAI,CAAEF,IAAI,IAAKM,oBAAa,CAACC,SAAS,CAACP,IAAI,CAAC,CAAC;EAEhD,IAAI,CAACJ,QAAQ,CAACY,OAAO,EAAE;IACrB,MAAM,IAAIC,wBAAgB,CAACb,QAAQ,CAACc,KAAK,CAACC,OAAO,CAAC;EACpD;EAEA,OAAO;IAAEC,WAAW,EAAEhB,QAAQ,CAACiB,IAAI;IAAEtC;EAAuB,CAAC;AAC/D,CAAC;AAACuC,OAAA,CAAAlE,eAAA,GAAAA,eAAA"}
1
+ {"version":3,"names":["_misc","require","_dpop","_reactNativeUuid","_interopRequireDefault","_pop","WalletInstanceAttestation","_interopRequireWildcard","_const","_types","_errors","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","authorizeAccess","issuerConf","code","clientId","redirectUri","codeVerifier","context","appFetch","fetch","walletInstanceAttestation","wiaCryptoContext","dPopCryptoContext","parEndpoint","oauth_authorization_server","pushed_authorization_request_endpoint","parUrl","URL","aud","protocol","hostname","iss","decode","payload","cnf","jwk","kid","tokenUrl","token_endpoint","tokenRequestSignedDPop","createDPopToken","htm","htu","jti","uuid","v4","signedWiaPoP","createPopToken","requestBody","grant_type","client_id","redirect_uri","code_verifier","client_assertion_type","ASSERTION_TYPE","client_assertion","authorizationRequestFormBody","URLSearchParams","tokenRes","method","headers","DPoP","body","toString","then","hasStatus","res","json","TokenResponse","safeParse","success","ValidationFailed","error","message","accessToken","data","exports"],"sourceRoot":"../../../../src","sources":["credential/issuance/05-authorize-access.ts"],"mappings":";;;;;;AAAA,IAAAA,KAAA,GAAAC,OAAA;AAGA,IAAAC,KAAA,GAAAD,OAAA;AACA,IAAAE,gBAAA,GAAAC,sBAAA,CAAAH,OAAA;AACA,IAAAI,IAAA,GAAAJ,OAAA;AACA,IAAAK,yBAAA,GAAAC,uBAAA,CAAAN,OAAA;AAEA,IAAAO,MAAA,GAAAP,OAAA;AACA,IAAAQ,MAAA,GAAAR,OAAA;AACA,IAAAS,OAAA,GAAAT,OAAA;AAAsD,SAAAU,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAL,wBAAAS,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAAA,SAAAlB,uBAAAY,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAiBtD;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMiB,eAAgC,GAAG,MAAAA,CAC9CC,UAAU,EACVC,IAAI,EACJC,QAAQ,EACRC,WAAW,EACXC,YAAY,EACZC,OAAO,KACJ;EACH,MAAM;IACJC,QAAQ,GAAGC,KAAK;IAChBC,yBAAyB;IACzBC,gBAAgB;IAChBC;EACF,CAAC,GAAGL,OAAO;EAEX,MAAMM,WAAW,GACfX,UAAU,CAACY,0BAA0B,CAACC,qCAAqC;EAC7E,MAAMC,MAAM,GAAG,IAAIC,GAAG,CAACJ,WAAW,CAAC;EACnC,MAAMK,GAAG,GAAI,GAAEF,MAAM,CAACG,QAAS,KAAIH,MAAM,CAACI,QAAS,EAAC;EACpD,MAAMC,GAAG,GAAG/C,yBAAyB,CAACgD,MAAM,CAACZ,yBAAyB,CAAC,CACpEa,OAAO,CAACC,GAAG,CAACC,GAAG,CAACC,GAAG;EAEtB,MAAMC,QAAQ,GAAGzB,UAAU,CAACY,0BAA0B,CAACc,cAAc;EAErE,MAAMC,sBAAsB,GAAG,MAAM,IAAAC,qBAAe,EAClD;IACEC,GAAG,EAAE,MAAM;IACXC,GAAG,EAAEL,QAAQ;IACbM,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE;EACpB,CAAC,EACDvB,iBACF,CAAC;EAED,MAAMwB,YAAY,GAAG,MAAM,IAAAC,mBAAc,EACvC;IACEJ,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;IACnBjB,GAAG;IACHG;EACF,CAAC,EACDV,gBACF,CAAC;EAED,MAAM2B,WAAW,GAAG;IAClBC,UAAU,EAAE,oBAAoB;IAChCC,SAAS,EAAEpC,QAAQ;IACnBD,IAAI;IACJsC,YAAY,EAAEpC,WAAW;IACzBqC,aAAa,EAAEpC,YAAY;IAC3BqC,qBAAqB,EAAEC,qBAAc;IACrCC,gBAAgB,EAAEnC,yBAAyB,GAAG,GAAG,GAAG0B;EACtD,CAAC;EAED,MAAMU,4BAA4B,GAAG,IAAIC,eAAe,CAACT,WAAW,CAAC;EACrE,MAAMU,QAAQ,GAAG,MAAMxC,QAAQ,CAACmB,QAAQ,EAAE;IACxCsB,MAAM,EAAE,MAAM;IACdC,OAAO,EAAE;MACP,cAAc,EAAE,mCAAmC;MACnDC,IAAI,EAAEtB;IACR,CAAC;IACDuB,IAAI,EAAEN,4BAA4B,CAACO,QAAQ,CAAC;EAC9C,CAAC,CAAC,CACCC,IAAI,CAAC,IAAAC,eAAS,EAAC,GAAG,CAAC,CAAC,CACpBD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBH,IAAI,CAAEF,IAAI,IAAKM,oBAAa,CAACC,SAAS,CAACP,IAAI,CAAC,CAAC;EAEhD,IAAI,CAACJ,QAAQ,CAACY,OAAO,EAAE;IACrB,MAAM,IAAIC,wBAAgB,CAACb,QAAQ,CAACc,KAAK,CAACC,OAAO,CAAC;EACpD;EAEA,OAAO;IAAEC,WAAW,EAAEhB,QAAQ,CAACiB;EAAK,CAAC;AACvC,CAAC;AAACC,OAAA,CAAAjE,eAAA,GAAAA,eAAA"}
package/lib/commonjs/credential/issuance/06-obtain-credential.js CHANGED
@@ -8,6 +8,9 @@ var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
8
8
  var _misc = require("../../utils/misc");
9
9
  var _errors = require("../../utils/errors");
10
10
  var _types = require("./types");
11
+ var _dpop = require("../../utils/dpop");
12
+ var _reactNativeUuid = _interopRequireDefault(require("react-native-uuid"));
13
+ function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
11
14
  const createNonceProof = async (nonce, issuer, audience, ctx) => {
12
15
  const jwk = await ctx.getPublicKey();
13
16
  return new _ioReactNativeJwt.SignJWT(ctx).setPayload({
@@ -30,14 +33,16 @@ const createNonceProof = async (nonce, issuer, audience, ctx) => {
30
33
  * @param credentialDefinition The credential definition of the credential to be obtained returned by {@link startUserAuthorization}
31
34
  * @param tokenRequestSignedDPop The DPoP signed token request returned by {@link authorizeAccess}
32
35
  * @param context.credentialCryptoContext The crypto context used to obtain the credential
36
+ * @param context.dPopCryptoContext The DPoP crypto context
33
37
  * @param context.appFetch (optional) fetch api implementation. Default: built-in fetch
34
38
  * @returns The credential response containing the credential
35
39
  */
36
40
  exports.createNonceProof = createNonceProof;
37
- const obtainCredential = async (issuerConf, accessToken, clientId, credentialDefinition, tokenRequestSignedDPop, context) => {
41
+ const obtainCredential = async (issuerConf, accessToken, clientId, credentialDefinition, context) => {
38
42
  const {
39
43
  credentialCryptoContext,
40
- appFetch = fetch
44
+ appFetch = fetch,
45
+ dPopCryptoContext
41
46
  } = context;
42
47
  const credentialUrl = issuerConf.openid_credential_issuer.credential_endpoint;
43
48
 
@@ -65,6 +70,12 @@ const obtainCredential = async (issuerConf, accessToken, clientId, credentialDef
65
70
  proof_type: "jwt"
66
71
  }
67
72
  };
73
+ const tokenRequestSignedDPop = await await (0, _dpop.createDPopToken)({
74
+ htm: "POST",
75
+ htu: credentialUrl,
76
+ jti: `${_reactNativeUuid.default.v4()}`,
77
+ ath: await (0, _ioReactNativeJwt.sha256ToBase64)(accessToken.access_token)
78
+ }, dPopCryptoContext);
68
79
  const credentialRes = await appFetch(credentialUrl, {
69
80
  method: "POST",
70
81
  headers: {
package/lib/commonjs/credential/issuance/06-obtain-credential.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["_ioReactNativeJwt","require","_misc","_errors","_types","createNonceProof","nonce","issuer","audience","ctx","jwk","getPublicKey","SignJWT","setPayload","setProtectedHeader","typ","setAudience","setIssuer","setIssuedAt","setExpirationTime","sign","exports","obtainCredential","issuerConf","accessToken","clientId","credentialDefinition","tokenRequestSignedDPop","context","credentialCryptoContext","appFetch","fetch","credentialUrl","openid_credential_issuer","credential_endpoint","signedNonceProof","c_nonce","constainsCredentialDefinition","authorization_details","some","c","credential_configuration_id","format","type","ValidationFailed","credentialRequestFormBody","credential_definition","proof","jwt","proof_type","credentialRes","method","headers","DPoP","Authorization","token_type","access_token","body","JSON","stringify","then","hasStatus","res","json","CredentialResponse","safeParse","success","error","message","data"],"sourceRoot":"../../../../src","sources":["credential/issuance/06-obtain-credential.ts"],"mappings":";;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AAGA,IAAAC,KAAA,GAAAD,OAAA;AAEA,IAAAE,OAAA,GAAAF,OAAA;AACA,IAAAG,MAAA,GAAAH,OAAA;AAcO,MAAMI,gBAAgB,GAAG,MAAAA,CAC9BC,KAAa,EACbC,MAAc,EACdC,QAAgB,EAChBC,GAAkB,KACE;EACpB,MAAMC,GAAG,GAAG,MAAMD,GAAG,CAACE,YAAY,CAAC,CAAC;EACpC,OAAO,IAAIC,yBAAO,CAACH,GAAG,CAAC,CACpBI,UAAU,CAAC;IACVP;EACF,CAAC,CAAC,CACDQ,kBAAkB,CAAC;IAClBC,GAAG,EAAE,sBAAsB;IAC3BL;EACF,CAAC,CAAC,CACDM,WAAW,CAACR,QAAQ,CAAC,CACrBS,SAAS,CAACV,MAAM,CAAC,CACjBW,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,MAAM,CAAC,CACzBC,IAAI,CAAC,CAAC;AACX,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAdAC,OAAA,CAAAhB,gBAAA,GAAAA,gBAAA;AAeO,MAAMiB,gBAAkC,GAAG,MAAAA,CAChDC,UAAU,EACVC,WAAW,EACXC,QAAQ,EACRC,oBAAoB,EACpBC,sBAAsB,EACtBC,OAAO,KACJ;EACH,MAAM;IAAEC,uBAAuB;IAAEC,QAAQ,GAAGC;EAAM,CAAC,GAAGH,OAAO;EAE7D,MAAMI,aAAa,GAAGT,UAAU,CAACU,wBAAwB,CAACC,mBAAmB;;EAE7E;AACF;AACA;AACA;AACA;EACE,MAAMC,gBAAgB,GAAG,MAAM9B,gBAAgB,CAC7CmB,WAAW,CAACY,OAAO,EACnBX,QAAQ,EACRO,aAAa,EACbH,uBACF,CAAC;;EAED;EACA,MAAMQ,6BAA6B,GAAGb,WAAW,CAACc,qBAAqB,CAACC,IAAI,CACzEC,CAAC,IACAA,CAAC,CAACC,2BAA2B,KAC3Bf,oBAAoB,CAACe,2BAA2B,IAClDD,CAAC,CAACE,MAAM,KAAKhB,oBAAoB,CAACgB,MAAM,IACxCF,CAAC,CAACG,IAAI,KAAKjB,oBAAoB,CAACiB,IACpC,CAAC;EAED,IAAI,CAACN,6BAA6B,EAAE;IAClC,MAAM,IAAIO,wBAAgB,CACxB,qEACF,CAAC;EACH;;EAEA;EACA,MAAMC,yBAAyB,GAAG;IAChCC,qBAAqB,EAAE;MACrBH,IAAI,EAAE,CAACjB,oBAAoB,CAACe,2BAA2B;IACzD,CAAC;IACDC,MAAM,EAAEhB,oBAAoB,CAACgB,MAAM;IACnCK,KAAK,EAAE;MACLC,GAAG,EAAEb,gBAAgB;MACrBc,UAAU,EAAE;IACd;EACF,CAAC;EAED,MAAMC,aAAa,GAAG,MAAMpB,QAAQ,CAACE,aAAa,EAAE;IAClDmB,MAAM,EAAE,MAAM;IACdC,OAAO,EAAE;MACP,cAAc,EAAE,kBAAkB;MAClCC,IAAI,EAAE1B,sBAAsB;MAC5B2B,aAAa,EAAG,GAAE9B,WAAW,CAAC+B,UAAW,IAAG/B,WAAW,CAACgC,YAAa;IACvE,CAAC;IACDC,IAAI,EAAEC,IAAI,CAACC,SAAS,CAACd,yBAAyB;EAChD,CAAC,CAAC,CACCe,IAAI,CAAC,IAAAC,eAAS,EAAC,GAAG,CAAC,CAAC,CACpBD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBH,IAAI,CAAEH,IAAI,IAAKO,yBAAkB,CAACC,SAAS,CAACR,IAAI,CAAC,CAAC;EAErD,IAAI,CAACP,aAAa,CAACgB,OAAO,EAAE;IAC1B,MAAM,IAAItB,wBAAgB,CAACM,aAAa,CAACiB,KAAK,CAACC,OAAO,CAAC;EACzD;EAEA,OAAOlB,aAAa,CAACmB,IAAI;AAC3B,CAAC;AAAChD,OAAA,CAAAC,gBAAA,GAAAA,gBAAA"}
1
+ {"version":3,"names":["_ioReactNativeJwt","require","_misc","_errors","_types","_dpop","_reactNativeUuid","_interopRequireDefault","obj","__esModule","default","createNonceProof","nonce","issuer","audience","ctx","jwk","getPublicKey","SignJWT","setPayload","setProtectedHeader","typ","setAudience","setIssuer","setIssuedAt","setExpirationTime","sign","exports","obtainCredential","issuerConf","accessToken","clientId","credentialDefinition","context","credentialCryptoContext","appFetch","fetch","dPopCryptoContext","credentialUrl","openid_credential_issuer","credential_endpoint","signedNonceProof","c_nonce","constainsCredentialDefinition","authorization_details","some","c","credential_configuration_id","format","type","ValidationFailed","credentialRequestFormBody","credential_definition","proof","jwt","proof_type","tokenRequestSignedDPop","createDPopToken","htm","htu","jti","uuid","v4","ath","sha256ToBase64","access_token","credentialRes","method","headers","DPoP","Authorization","token_type","body","JSON","stringify","then","hasStatus","res","json","CredentialResponse","safeParse","success","error","message","data"],"sourceRoot":"../../../../src","sources":["credential/issuance/06-obtain-credential.ts"],"mappings":";;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AAOA,IAAAC,KAAA,GAAAD,OAAA;AAEA,IAAAE,OAAA,GAAAF,OAAA;AACA,IAAAG,MAAA,GAAAH,OAAA;AAEA,IAAAI,KAAA,GAAAJ,OAAA;AACA,IAAAK,gBAAA,GAAAC,sBAAA,CAAAN,OAAA;AAAqC,SAAAM,uBAAAC,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAc9B,MAAMG,gBAAgB,GAAG,MAAAA,CAC9BC,KAAa,EACbC,MAAc,EACdC,QAAgB,EAChBC,GAAkB,KACE;EACpB,MAAMC,GAAG,GAAG,MAAMD,GAAG,CAACE,YAAY,CAAC,CAAC;EACpC,OAAO,IAAIC,yBAAO,CAACH,GAAG,CAAC,CACpBI,UAAU,CAAC;IACVP;EACF,CAAC,CAAC,CACDQ,kBAAkB,CAAC;IAClBC,GAAG,EAAE,sBAAsB;IAC3BL;EACF,CAAC,CAAC,CACDM,WAAW,CAACR,QAAQ,CAAC,CACrBS,SAAS,CAACV,MAAM,CAAC,CACjBW,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,MAAM,CAAC,CACzBC,IAAI,CAAC,CAAC;AACX,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAfAC,OAAA,CAAAhB,gBAAA,GAAAA,gBAAA;AAgBO,MAAMiB,gBAAkC,GAAG,MAAAA,CAChDC,UAAU,EACVC,WAAW,EACXC,QAAQ,EACRC,oBAAoB,EACpBC,OAAO,KACJ;EACH,MAAM;IACJC,uBAAuB;IACvBC,QAAQ,GAAGC,KAAK;IAChBC;EACF,CAAC,GAAGJ,OAAO;EAEX,MAAMK,aAAa,GAAGT,UAAU,CAACU,wBAAwB,CAACC,mBAAmB;;EAE7E;AACF;AACA;AACA;AACA;EACE,MAAMC,gBAAgB,GAAG,MAAM9B,gBAAgB,CAC7CmB,WAAW,CAACY,OAAO,EACnBX,QAAQ,EACRO,aAAa,EACbJ,uBACF,CAAC;;EAED;EACA,MAAMS,6BAA6B,GAAGb,WAAW,CAACc,qBAAqB,CAACC,IAAI,CACzEC,CAAC,IACAA,CAAC,CAACC,2BAA2B,KAC3Bf,oBAAoB,CAACe,2BAA2B,IAClDD,CAAC,CAACE,MAAM,KAAKhB,oBAAoB,CAACgB,MAAM,IACxCF,CAAC,CAACG,IAAI,KAAKjB,oBAAoB,CAACiB,IACpC,CAAC;EAED,IAAI,CAACN,6BAA6B,EAAE;IAClC,MAAM,IAAIO,wBAAgB,CACxB,qEACF,CAAC;EACH;;EAEA;EACA,MAAMC,yBAAyB,GAAG;IAChCC,qBAAqB,EAAE;MACrBH,IAAI,EAAE,CAACjB,oBAAoB,CAACe,2BAA2B;IACzD,CAAC;IACDC,MAAM,EAAEhB,oBAAoB,CAACgB,MAAM;IACnCK,KAAK,EAAE;MACLC,GAAG,EAAEb,gBAAgB;MACrBc,UAAU,EAAE;IACd;EACF,CAAC;EAED,MAAMC,sBAAsB,GAAG,MAAM,MAAM,IAAAC,qBAAe,EACxD;IACEC,GAAG,EAAE,MAAM;IACXC,GAAG,EAAErB,aAAa;IAClBsB,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;IACnBC,GAAG,EAAE,MAAM,IAAAC,gCAAc,EAAClC,WAAW,CAACmC,YAAY;EACpD,CAAC,EACD5B,iBACF,CAAC;EACD,MAAM6B,aAAa,GAAG,MAAM/B,QAAQ,CAACG,aAAa,EAAE;IAClD6B,MAAM,EAAE,MAAM;IACdC,OAAO,EAAE;MACP,cAAc,EAAE,kBAAkB;MAClCC,IAAI,EAAEb,sBAAsB;MAC5Bc,aAAa,EAAG,GAAExC,WAAW,CAACyC,UAAW,IAAGzC,WAAW,CAACmC,YAAa;IACvE,CAAC;IACDO,IAAI,EAAEC,IAAI,CAACC,SAAS,CAACvB,yBAAyB;EAChD,CAAC,CAAC,CACCwB,IAAI,CAAC,IAAAC,eAAS,EAAC,GAAG,CAAC,CAAC,CACpBD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBH,IAAI,CAAEH,IAAI,IAAKO,yBAAkB,CAACC,SAAS,CAACR,IAAI,CAAC,CAAC;EAErD,IAAI,CAACN,aAAa,CAACe,OAAO,EAAE;IAC1B,MAAM,IAAI/B,wBAAgB,CAACgB,aAAa,CAACgB,KAAK,CAACC,OAAO,CAAC;EACzD;EAEA,OAAOjB,aAAa,CAACkB,IAAI;AAC3B,CAAC;AAACzD,OAAA,CAAAC,gBAAA,GAAAA,gBAAA"}
package/lib/commonjs/credential/status/01-start-flow.js ADDED
@@ -0,0 +1,2 @@
1
+ "use strict";
2
+ //# sourceMappingURL=01-start-flow.js.map
package/lib/commonjs/credential/status/01-start-flow.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"names":[],"sourceRoot":"../../../../src","sources":["credential/status/01-start-flow.ts"],"mappings":""}
package/lib/commonjs/credential/status/02-status-attestation.js ADDED
@@ -0,0 +1,72 @@
1
+ "use strict";
2
+
3
+ Object.defineProperty(exports, "__esModule", {
4
+ value: true
5
+ });
6
+ exports.statusAttestation = void 0;
7
+ var _misc = require("../../utils/misc");
8
+ var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
9
+ var _reactNativeUuid = _interopRequireDefault(require("react-native-uuid"));
10
+ var _types = require("./types");
11
+ var _errors = require("../../utils/errors");
12
+ var _errors2 = require("./errors");
13
+ function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
14
+ /**
15
+ * WARNING: This function must be called after {@link startFlow}.
16
+ * Verify the status of the credential attestation.
17
+ * @param issuerConf - The issuer's configuration
18
+ * @param credential - The credential to be verified
19
+ * @param credentialCryptoContext - The credential's crypto context
20
+ * @param context.appFetch (optional) fetch api implementation. Default: built-in fetch
21
+ * @throws {@link StatusAttestationInvalid} if the status attestation is invalid and thus the credential is not valid
22
+ * @throws {@link StatusAttestationError} if an error occurs during the status attestation
23
+ * @returns The credential status attestation
24
+ */
25
+ const statusAttestation = async function (issuerConf, credential, credentialCryptoContext) {
26
+ let appFetch = arguments.length > 3 && arguments[3] !== undefined ? arguments[3] : fetch;
27
+ const jwk = await credentialCryptoContext.getPublicKey();
28
+ const credentialHash = await (0, _misc.getCredentialHashWithouDiscloures)(credential);
29
+ const statusAttUrl = issuerConf.openid_credential_issuer.status_attestation_endpoint;
30
+ const credentialPop = await new _ioReactNativeJwt.SignJWT(credentialCryptoContext).setPayload({
31
+ aud: statusAttUrl,
32
+ jti: _reactNativeUuid.default.v4().toString(),
33
+ credential_hash: credentialHash,
34
+ credential_hash_alg: "S256"
35
+ }).setProtectedHeader({
36
+ alg: "ES256",
37
+ typ: "status-attestation-request+jwt",
38
+ kid: jwk.kid
39
+ }).setIssuedAt().setExpirationTime("5m").sign();
40
+ const body = {
41
+ credential_pop: credentialPop
42
+ };
43
+ const result = await appFetch(statusAttUrl, {
44
+ method: "POST",
45
+ headers: {
46
+ "Content-Type": "application/json"
47
+ },
48
+ body: JSON.stringify(body)
49
+ }).then((0, _misc.hasStatus)(201)).then(raw => raw.json()).then(json => _types.StatusAttestationResponse.parse(json)).catch(handleStatusAttestationError);
50
+ return {
51
+ statusAttestation: result.status_attestation
52
+ };
53
+ };
54
+
55
+ /**
56
+ * Handle the status attestation error by mapping it to a custom exception.
57
+ * If the error is not an instance of {@link UnexpectedStatusCodeError}, it is thrown as is.
58
+ * @param e - The error to be handled
59
+ * @throws {@link StatusAttestationError} if the status code is different from 404
60
+ * @throws {@link StatusAttestationInvalid} if the status code is 404 (meaning the credential is invalid)
61
+ */
62
+ exports.statusAttestation = statusAttestation;
63
+ const handleStatusAttestationError = e => {
64
+ if (!(e instanceof _errors.UnexpectedStatusCodeError)) {
65
+ throw e;
66
+ }
67
+ if (e.statusCode === 404) {
68
+ throw new _errors2.StatusAttestationInvalid("Invalid status found for the given credential", e.message);
69
+ }
70
+ throw new _errors2.StatusAttestationError(`Unable to obtain the status attestation for the given credential [response status code: ${e.statusCode}]`, e.message);
71
+ };
72
+ //# sourceMappingURL=02-status-attestation.js.map
package/lib/commonjs/credential/status/02-status-attestation.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"names":["_misc","require","_ioReactNativeJwt","_reactNativeUuid","_interopRequireDefault","_types","_errors","_errors2","obj","__esModule","default","statusAttestation","issuerConf","credential","credentialCryptoContext","appFetch","arguments","length","undefined","fetch","jwk","getPublicKey","credentialHash","getCredentialHashWithouDiscloures","statusAttUrl","openid_credential_issuer","status_attestation_endpoint","credentialPop","SignJWT","setPayload","aud","jti","uuid","v4","toString","credential_hash","credential_hash_alg","setProtectedHeader","alg","typ","kid","setIssuedAt","setExpirationTime","sign","body","credential_pop","result","method","headers","JSON","stringify","then","hasStatus","raw","json","StatusAttestationResponse","parse","catch","handleStatusAttestationError","status_attestation","exports","e","UnexpectedStatusCodeError","statusCode","StatusAttestationInvalid","message","StatusAttestationError"],"sourceRoot":"../../../../src","sources":["credential/status/02-status-attestation.ts"],"mappings":";;;;;;AAAA,IAAAA,KAAA,GAAAC,OAAA;AAMA,IAAAC,iBAAA,GAAAD,OAAA;AACA,IAAAE,gBAAA,GAAAC,sBAAA,CAAAH,OAAA;AACA,IAAAI,MAAA,GAAAJ,OAAA;AACA,IAAAK,OAAA,GAAAL,OAAA;AACA,IAAAM,QAAA,GAAAN,OAAA;AAA4E,SAAAG,uBAAAI,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAW5E;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMG,iBAAoC,GAAG,eAAAA,CAClDC,UAAU,EACVC,UAAU,EACVC,uBAAuB,EAEpB;EAAA,IADHC,QAA8B,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAGG,KAAK;EAEtC,MAAMC,GAAG,GAAG,MAAMN,uBAAuB,CAACO,YAAY,CAAC,CAAC;EACxD,MAAMC,cAAc,GAAG,MAAM,IAAAC,uCAAiC,EAACV,UAAU,CAAC;EAC1E,MAAMW,YAAY,GAChBZ,UAAU,CAACa,wBAAwB,CAACC,2BAA2B;EACjE,MAAMC,aAAa,GAAG,MAAM,IAAIC,yBAAO,CAACd,uBAAuB,CAAC,CAC7De,UAAU,CAAC;IACVC,GAAG,EAAEN,YAAY;IACjBO,GAAG,EAAEC,wBAAI,CAACC,EAAE,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;IACzBC,eAAe,EAAEb,cAAc;IAC/Bc,mBAAmB,EAAE;EACvB,CAAC,CAAC,CACDC,kBAAkB,CAAC;IAClBC,GAAG,EAAE,OAAO;IACZC,GAAG,EAAE,gCAAgC;IACrCC,GAAG,EAAEpB,GAAG,CAACoB;EACX,CAAC,CAAC,CACDC,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,IAAI,CAAC,CAAC;EAET,MAAMC,IAAI,GAAG;IACXC,cAAc,EAAElB;EAClB,CAAC;EAED,MAAMmB,MAAM,GAAG,MAAM/B,QAAQ,CAACS,YAAY,EAAE;IAC1CuB,MAAM,EAAE,MAAM;IACdC,OAAO,EAAE;MACP,cAAc,EAAE;IAClB,CAAC;IACDJ,IAAI,EAAEK,IAAI,CAACC,SAAS,CAACN,IAAI;EAC3B,CAAC,CAAC,CACCO,IAAI,CAAC,IAAAC,eAAS,EAAC,GAAG,CAAC,CAAC,CACpBD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBH,IAAI,CAAEG,IAAI,IAAKC,gCAAyB,CAACC,KAAK,CAACF,IAAI,CAAC,CAAC,CACrDG,KAAK,CAACC,4BAA4B,CAAC;EAEtC,OAAO;IAAE/C,iBAAiB,EAAEmC,MAAM,CAACa;EAAmB,CAAC;AACzD,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AANAC,OAAA,CAAAjD,iBAAA,GAAAA,iBAAA;AAOA,MAAM+C,4BAA4B,GAAIG,CAAU,IAAK;EACnD,IAAI,EAAEA,CAAC,YAAYC,iCAAyB,CAAC,EAAE;IAC7C,MAAMD,CAAC;EACT;EAEA,IAAIA,CAAC,CAACE,UAAU,KAAK,GAAG,EAAE;IACxB,MAAM,IAAIC,iCAAwB,CAChC,+CAA+C,EAC/CH,CAAC,CAACI,OACJ,CAAC;EACH;EAEA,MAAM,IAAIC,+BAAsB,CAC7B,2FAA0FL,CAAC,CAACE,UAAW,GAAE,EAC1GF,CAAC,CAACI,OACJ,CAAC;AACH,CAAC"}
package/lib/commonjs/credential/status/03-verify-and-parse-status-attestation.js ADDED
@@ -0,0 +1,52 @@
1
+ "use strict";
2
+
3
+ Object.defineProperty(exports, "__esModule", {
4
+ value: true
5
+ });
6
+ exports.verifyAndParseStatusAttestation = void 0;
7
+ var _errors = require("../../utils/errors");
8
+ var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
9
+ var _types = require("./types");
10
+ /**
11
+ * Given a status attestation, verifies that:
12
+ * - It's in the supported format;
13
+ * - The attestation is correctly signed;
14
+ * - It's bound to the given key.
15
+ * @param issuerConf The Issuer configuration returned by {@link evaluateIssuerTrust}
16
+ * @param statusAttestation The encoded status attestation returned by {@link statusAttestation}
17
+ * @param context.credentialCryptoContext The crypto context used to obtain the credential in {@link obtainCredential}
18
+ * @returns A parsed status attestation
19
+ * @throws {IoWalletError} If the credential signature is not verified with the Issuer key set
20
+ * @throws {IoWalletError} If the credential is not bound to the provided user key
21
+ * @throws {IoWalletError} If the credential data fail to parse
22
+ */
23
+ const verifyAndParseStatusAttestation = async (issuerConf, rawStatusAttestation, context) => {
24
+ try {
25
+ const {
26
+ statusAttestation
27
+ } = rawStatusAttestation;
28
+ const {
29
+ credentialCryptoContext
30
+ } = context;
31
+ await (0, _ioReactNativeJwt.verify)(statusAttestation, issuerConf.openid_credential_issuer.jwks.keys);
32
+ const decodedJwt = (0, _ioReactNativeJwt.decode)(statusAttestation);
33
+ const parsedStatusAttestation = _types.ParsedStatusAttestation.parse({
34
+ header: decodedJwt.protectedHeader,
35
+ payload: decodedJwt.payload
36
+ });
37
+ const holderBindingKey = await credentialCryptoContext.getPublicKey();
38
+ const {
39
+ cnf
40
+ } = parsedStatusAttestation.payload;
41
+ if (!cnf.jwk.kid || cnf.jwk.kid !== holderBindingKey.kid) {
42
+ throw new _errors.IoWalletError(`Failed to verify holder binding for status attestation, expected kid: ${holderBindingKey.kid}, got: ${parsedStatusAttestation.payload.cnf.jwk.kid}`);
43
+ }
44
+ return {
45
+ parsedStatusAttestation
46
+ };
47
+ } catch (e) {
48
+ throw new _errors.IoWalletError(`Failed to verify status attestation: ${JSON.stringify(e)}`);
49
+ }
50
+ };
51
+ exports.verifyAndParseStatusAttestation = verifyAndParseStatusAttestation;
52
+ //# sourceMappingURL=03-verify-and-parse-status-attestation.js.map
package/lib/commonjs/credential/status/03-verify-and-parse-status-attestation.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"names":["_errors","require","_ioReactNativeJwt","_types","verifyAndParseStatusAttestation","issuerConf","rawStatusAttestation","context","statusAttestation","credentialCryptoContext","verify","openid_credential_issuer","jwks","keys","decodedJwt","decodeJwt","parsedStatusAttestation","ParsedStatusAttestation","parse","header","protectedHeader","payload","holderBindingKey","getPublicKey","cnf","jwk","kid","IoWalletError","e","JSON","stringify","exports"],"sourceRoot":"../../../../src","sources":["credential/status/03-verify-and-parse-status-attestation.ts"],"mappings":";;;;;;AACA,IAAAA,OAAA,GAAAC,OAAA;AACA,IAAAC,iBAAA,GAAAD,OAAA;AAEA,IAAAE,MAAA,GAAAF,OAAA;AAWA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMG,+BAAgE,GAC3E,MAAAA,CAAOC,UAAU,EAAEC,oBAAoB,EAAEC,OAAO,KAAK;EACnD,IAAI;IACF,MAAM;MAAEC;IAAkB,CAAC,GAAGF,oBAAoB;IAClD,MAAM;MAAEG;IAAwB,CAAC,GAAGF,OAAO;IAE3C,MAAM,IAAAG,wBAAM,EACVF,iBAAiB,EACjBH,UAAU,CAACM,wBAAwB,CAACC,IAAI,CAACC,IAC3C,CAAC;IAED,MAAMC,UAAU,GAAG,IAAAC,wBAAS,EAACP,iBAAiB,CAAC;IAC/C,MAAMQ,uBAAuB,GAAGC,8BAAuB,CAACC,KAAK,CAAC;MAC5DC,MAAM,EAAEL,UAAU,CAACM,eAAe;MAClCC,OAAO,EAAEP,UAAU,CAACO;IACtB,CAAC,CAAC;IAEF,MAAMC,gBAAgB,GAAG,MAAMb,uBAAuB,CAACc,YAAY,CAAC,CAAC;IACrE,MAAM;MAAEC;IAAI,CAAC,GAAGR,uBAAuB,CAACK,OAAO;IAC/C,IAAI,CAACG,GAAG,CAACC,GAAG,CAACC,GAAG,IAAIF,GAAG,CAACC,GAAG,CAACC,GAAG,KAAKJ,gBAAgB,CAACI,GAAG,EAAE;MACxD,MAAM,IAAIC,qBAAa,CACpB,yEAAwEL,gBAAgB,CAACI,GAAI,UAASV,uBAAuB,CAACK,OAAO,CAACG,GAAG,CAACC,GAAG,CAACC,GAAI,EACrJ,CAAC;IACH;IAEA,OAAO;MAAEV;IAAwB,CAAC;EACpC,CAAC,CAAC,OAAOY,CAAC,EAAE;IACV,MAAM,IAAID,qBAAa,CACpB,wCAAuCE,IAAI,CAACC,SAAS,CAACF,CAAC,CAAE,EAC5D,CAAC;EACH;AACF,CAAC;AAACG,OAAA,CAAA3B,+BAAA,GAAAA,+BAAA"}
package/lib/commonjs/credential/status/errors.js ADDED
@@ -0,0 +1,38 @@
1
+ "use strict";
2
+
3
+ Object.defineProperty(exports, "__esModule", {
4
+ value: true
5
+ });
6
+ exports.StatusAttestationInvalid = exports.StatusAttestationError = void 0;
7
+ var _errors = require("../../utils/errors");
8
+ class StatusAttestationInvalid extends _errors.IoWalletError {
9
+ static get code() {
10
+ return "ERR_STATUS_ATTESTATION_INVALID";
11
+ }
12
+ code = "ERR_STATUS_ATTESTATION_INVALID";
13
+ constructor(message) {
14
+ let reason = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : "unspecified";
15
+ super((0, _errors.serializeAttrs)({
16
+ message,
17
+ reason
18
+ }));
19
+ this.reason = reason;
20
+ }
21
+ }
22
+ exports.StatusAttestationInvalid = StatusAttestationInvalid;
23
+ class StatusAttestationError extends _errors.IoWalletError {
24
+ static get code() {
25
+ return "ERR_STATUS_ATTESTATION_ERROR";
26
+ }
27
+ code = "ERR_STATUS_ATTESTATION_ERROR";
28
+ constructor(message) {
29
+ let reason = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : "unspecified";
30
+ super((0, _errors.serializeAttrs)({
31
+ message,
32
+ reason
33
+ }));
34
+ this.reason = reason;
35
+ }
36
+ }
37
+ exports.StatusAttestationError = StatusAttestationError;
38
+ //# sourceMappingURL=errors.js.map
package/lib/commonjs/credential/status/errors.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"names":["_errors","require","StatusAttestationInvalid","IoWalletError","code","constructor","message","reason","arguments","length","undefined","serializeAttrs","exports","StatusAttestationError"],"sourceRoot":"../../../../src","sources":["credential/status/errors.ts"],"mappings":";;;;;;AAAA,IAAAA,OAAA,GAAAC,OAAA;AAEO,MAAMC,wBAAwB,SAASC,qBAAa,CAAC;EAC1D,WAAWC,IAAIA,CAAA,EAAqC;IAClD,OAAO,gCAAgC;EACzC;EAEAA,IAAI,GAAG,gCAAgC;EAIvCC,WAAWA,CAACC,OAAe,EAAkC;IAAA,IAAhCC,MAAc,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACzD,KAAK,CAAC,IAAAG,sBAAc,EAAC;MAAEL,OAAO;MAAEC;IAAO,CAAC,CAAC,CAAC;IAC1C,IAAI,CAACA,MAAM,GAAGA,MAAM;EACtB;AACF;AAACK,OAAA,CAAAV,wBAAA,GAAAA,wBAAA;AAEM,MAAMW,sBAAsB,SAASV,qBAAa,CAAC;EACxD,WAAWC,IAAIA,CAAA,EAAmC;IAChD,OAAO,8BAA8B;EACvC;EAEAA,IAAI,GAAG,8BAA8B;EAIrCC,WAAWA,CAACC,OAAe,EAAkC;IAAA,IAAhCC,MAAc,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACzD,KAAK,CAAC,IAAAG,sBAAc,EAAC;MAAEL,OAAO;MAAEC;IAAO,CAAC,CAAC,CAAC;IAC1C,IAAI,CAACA,MAAM,GAAGA,MAAM;EACtB;AACF;AAACK,OAAA,CAAAC,sBAAA,GAAAA,sBAAA"}
package/lib/commonjs/credential/status/index.js ADDED
@@ -0,0 +1,27 @@
1
+ "use strict";
2
+
3
+ Object.defineProperty(exports, "__esModule", {
4
+ value: true
5
+ });
6
+ Object.defineProperty(exports, "evaluateIssuerTrust", {
7
+ enumerable: true,
8
+ get: function () {
9
+ return _issuance.evaluateIssuerTrust;
10
+ }
11
+ });
12
+ Object.defineProperty(exports, "statusAttestation", {
13
+ enumerable: true,
14
+ get: function () {
15
+ return _statusAttestation.statusAttestation;
16
+ }
17
+ });
18
+ Object.defineProperty(exports, "verifyAndParseStatusAttestation", {
19
+ enumerable: true,
20
+ get: function () {
21
+ return _verifyAndParseStatusAttestation.verifyAndParseStatusAttestation;
22
+ }
23
+ });
24
+ var _statusAttestation = require("./02-status-attestation");
25
+ var _issuance = require("../issuance");
26
+ var _verifyAndParseStatusAttestation = require("./03-verify-and-parse-status-attestation");
27
+ //# sourceMappingURL=index.js.map
package/lib/commonjs/credential/status/index.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"names":["_statusAttestation","require","_issuance","_verifyAndParseStatusAttestation"],"sourceRoot":"../../../../src","sources":["credential/status/index.ts"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;AACA,IAAAA,kBAAA,GAAAC,OAAA;AAIA,IAAAC,SAAA,GAAAD,OAAA;AACA,IAAAE,gCAAA,GAAAF,OAAA"}
package/lib/commonjs/credential/status/types.js ADDED
@@ -0,0 +1,48 @@
1
+ "use strict";
2
+
3
+ Object.defineProperty(exports, "__esModule", {
4
+ value: true
5
+ });
6
+ exports.StatusAttestationResponse = exports.ParsedStatusAttestation = void 0;
7
+ var _types = require("../../sd-jwt/types");
8
+ var _jwk = require("../../utils/jwk");
9
+ var z = _interopRequireWildcard(require("zod"));
10
+ function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
11
+ function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
12
+ /**
13
+ * Shape from parsing a status attestation response in case of 201.
14
+ */
15
+ const StatusAttestationResponse = z.object({
16
+ status_attestation: z.string()
17
+ });
18
+
19
+ /**
20
+ * Type from parsing a status attestation response in case of 201.
21
+ * Inferred from {@link StatusAttestationResponse}.
22
+ */
23
+
24
+ /**
25
+ * Type for a parsed status attestation.
26
+ */
27
+ exports.StatusAttestationResponse = StatusAttestationResponse;
28
+ /**
29
+ * Shape for parsing a status attestation in a JWT.
30
+ */
31
+ const ParsedStatusAttestation = z.object({
32
+ header: z.object({
33
+ typ: z.literal("status-attestation+jwt"),
34
+ alg: z.string(),
35
+ kid: z.string().optional()
36
+ }),
37
+ payload: z.object({
38
+ credential_hash_alg: z.string(),
39
+ credential_hash: z.string(),
40
+ cnf: z.object({
41
+ jwk: _jwk.JWK
42
+ }),
43
+ exp: _types.UnixTime,
44
+ iat: _types.UnixTime
45
+ })
46
+ });
47
+ exports.ParsedStatusAttestation = ParsedStatusAttestation;
48
+ //# sourceMappingURL=types.js.map
package/lib/commonjs/credential/status/types.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"names":["_types","require","_jwk","z","_interopRequireWildcard","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","StatusAttestationResponse","object","status_attestation","string","exports","ParsedStatusAttestation","header","typ","literal","alg","kid","optional","payload","credential_hash_alg","credential_hash","cnf","jwk","JWK","exp","UnixTime","iat"],"sourceRoot":"../../../../src","sources":["credential/status/types.ts"],"mappings":";;;;;;AAAA,IAAAA,MAAA,GAAAC,OAAA;AACA,IAAAC,IAAA,GAAAD,OAAA;AACA,IAAAE,CAAA,GAAAC,uBAAA,CAAAH,OAAA;AAAyB,SAAAI,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAF,wBAAAM,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAEzB;AACA;AACA;AACO,MAAMW,yBAAyB,GAAGxB,CAAC,CAACyB,MAAM,CAAC;EAChDC,kBAAkB,EAAE1B,CAAC,CAAC2B,MAAM,CAAC;AAC/B,CAAC,CAAC;;AAEF;AACA;AACA;AACA;;AAKA;AACA;AACA;AAFAC,OAAA,CAAAJ,yBAAA,GAAAA,yBAAA;AAKA;AACA;AACA;AACO,MAAMK,uBAAuB,GAAG7B,CAAC,CAACyB,MAAM,CAAC;EAC9CK,MAAM,EAAE9B,CAAC,CAACyB,MAAM,CAAC;IACfM,GAAG,EAAE/B,CAAC,CAACgC,OAAO,CAAC,wBAAwB,CAAC;IACxCC,GAAG,EAAEjC,CAAC,CAAC2B,MAAM,CAAC,CAAC;IACfO,GAAG,EAAElC,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACQ,QAAQ,CAAC;EAC3B,CAAC,CAAC;EACFC,OAAO,EAAEpC,CAAC,CAACyB,MAAM,CAAC;IAChBY,mBAAmB,EAAErC,CAAC,CAAC2B,MAAM,CAAC,CAAC;IAC/BW,eAAe,EAAEtC,CAAC,CAAC2B,MAAM,CAAC,CAAC;IAC3BY,GAAG,EAAEvC,CAAC,CAACyB,MAAM,CAAC;MACZe,GAAG,EAAEC;IACP,CAAC,CAAC;IACFC,GAAG,EAAEC,eAAQ;IACbC,GAAG,EAAED;EACP,CAAC;AACH,CAAC,CAAC;AAACf,OAAA,CAAAC,uBAAA,GAAAA,uBAAA"}