@pagopa/io-react-native-wallet 0.2.1 → 0.2.3

package/lib/commonjs/sd-jwt/__test__/index.test.js

@@ -0,0 +1,119 @@
+"use strict";
+
+var _index = require("../index");
+var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
+var _types = require("../types");
+// Examples from https://www.ietf.org/id/draft-terbu-sd-jwt-vc-02.html#name-example-4
+// but adapted to adhere to format declared in https://italia.github.io/eudi-wallet-it-docs/versione-corrente/en/pid-eaa-data-model.html#id2
+// In short, the token is a Frankenstein composed as follows:
+//  - the header is taken from the italian specification, with kid and alg valued according to the signing keys
+//  - disclosures are taken from the SD-JWT-4-VC standard
+//  - payload is taken from the italian specification, but _sd are compiled with:
+//    - "address" is used as verification._sd
+//    - all others disclosures are in claims._sd
+const token = "eyJ0eXAiOiJ2YytzZC1qd3QiLCJhbGciOiJFUzI1NiIsImtpZCI6ImIxODZlYTBjMTkyNTc5MzA5N2JmMDFiOGEyODlhNDVmIiwidHJ1c3RfY2hhaW4iOlsiTkVoUmRFUnBZbmxIWTNNNVdsZFdUV1oyYVVobSAuLi4iLCJleUpoYkdjaU9pSlNVekkxTmlJc0ltdHBaQ0k2IC4uLiIsIklrSllkbVp5Ykc1b1FVMTFTRkl3TjJGcVZXMUIgLi4uIl19.eyJpc3MiOiJodHRwczovL2V4YW1wbGUuY29tL2lzc3VlciIsInN1YiI6Ik56YkxzWGg4dURDY2Q3bm9XWEZaQWZIa3hac1JHQzlYcy4uLiIsImp0aSI6InVybjp1dWlkOjZjNWMwYTQ5LWI1ODktNDMxZC1iYWU3LTIxOTEyMmE5ZWMyYyIsImlhdCI6MTU0MTQ5MzcyNCwiZXhwIjoxNTQxNDkzNzI0LCJzdGF0dXMiOiJodHRwczovL2V4YW1wbGUuY29tL3N0YXR1cyIsImNuZiI6eyJqd2siOnsia3R5IjoiUlNBIiwidXNlIjoic2lnIiwibiI6IjFUYS1zRSIsImUiOiJBUUFCIiwia2lkIjoiWWhORlMzWW5DOXRqaUNhaXZoV0xWVUozQXh3R0d6Xzk4dVJGYXFNRUVzIn19LCJ0eXBlIjoiUGVyc29uSWRlbnRpZmljYXRpb25EYXRhIiwidmVyaWZpZWRfY2xhaW1zIjp7InZlcmlmaWNhdGlvbiI6eyJfc2QiOlsiSnpZakg0c3ZsaUgwUjNQeUVNZmVadTZKdDY5dTVxZWhabzdGN0VQWWxTRSJdLCJ0cnVzdF9mcmFtZXdvcmsiOiJlaWRhcyIsImFzc3VyYW5jZV9sZXZlbCI6ImhpZ2gifSwiY2xhaW1zIjp7Il9zZCI6WyIwOXZLckpNT2x5VFdNMHNqcHVfcGRPQlZCUTJNMXkzS2hwSDUxNW5Ya3BZIiwiMnJzakdiYUMwa3k4bVQwcEpyUGlvV1RxMF9kYXcxc1g3NnBvVWxnQ3diSSIsIkVrTzhkaFcwZEhFSmJ2VUhsRV9WQ2V1Qzl1UkVMT2llTFpoaDdYYlVUdEEiLCJJbER6SUtlaVpkRHdwcXBLNlpmYnlwaEZ2ejVGZ25XYS1zTjZ3cVFYQ2l3IiwiUG9yRmJwS3VWdTZ4eW1KYWd2a0ZzRlhBYlJvYzJKR2xBVUEyQkE0bzdjSSIsIlRHZjRvTGJnd2Q1SlFhSHlLVlFaVTlVZEdFMHc1cnREc3JaemZVYW9tTG8iLCJqZHJURThZY2JZNEVpZnVnaWhpQWVfQlBla3hKUVpJQ2VpVVF3WTlRcXhJIiwianN1OXlWdWx3UVFsaEZsTV8zSmx6TWFTRnpnbGhRRzBEcGZheVF3TFVLNCJdfX0sIl9zZF9hbGciOiJzaGEtMjU2In0.8wwSHCd47wCgzRYXvvPTTRXGS-hk9V8jRzy7WSjRBTZxSHxJkGOSWwBVAA-kpJ-IvQS7699aLWxIMqAvr34sOA~WyIyR0xDNDJzS1F2ZUNmR2ZyeU5STjl3IiwgImdpdmVuX25hbWUiLCAiSm9obiJd~WyJlbHVWNU9nM2dTTklJOEVZbnN4QV9BIiwgImZhbWlseV9uYW1lIiwgIkRvZSJd~WyI2SWo3dE0tYTVpVlBHYm9TNXRtdlZBIiwgImVtYWlsIiwgImpvaG5kb2VAZXhhbXBsZS5jb20iXQ~WyJlSThaV205UW5LUHBOUGVOZW5IZGhRIiwgInBob25lX251bWJlciIsICIrMS0yMDItNTU1LTAxMDEiXQ~WyJBSngtMDk1VlBycFR0TjRRTU9xUk9BIiwgImJpcnRoZGF0ZSIsICIxOTQwLTAxLTAxIl0~WyJQYzMzSk0yTGNoY1VfbEhnZ3ZfdWZRIiwgImlzX292ZXJfMTgiLCB0cnVlXQ~WyJHMDJOU3JRZmpGWFE3SW8wOXN5YWpBIiwgImlzX292ZXJfMjEiLCB0cnVlXQ~WyJsa2x4RjVqTVlsR1RQVW92TU5JdkNBIiwgImlzX292ZXJfNjUiLCB0cnVlXQ~WyJRZ19PNjR6cUF4ZTQxMmExMDhpcm9BIiwgImFkZHJlc3MiLCB7InN0cmVldF9hZGRyZXNzIjogIjEyMyBNYWluIFN0IiwgImxvY2FsaXR5IjogIkFueXRvd24iLCAicmVnaW9uIjogIkFueXN0YXRlIiwgImNvdW50cnkiOiAiVVMifV0";
+const unsigned = "eyJ0eXAiOiJ2YytzZC1qd3QiLCJhbGciOiJFUzI1NiIsImtpZCI6ImIxODZlYTBjMTkyNTc5MzA5N2JmMDFiOGEyODlhNDVmIiwidHJ1c3RfY2hhaW4iOlsiTkVoUmRFUnBZbmxIWTNNNVdsZFdUV1oyYVVobSAuLi4iLCJleUpoYkdjaU9pSlNVekkxTmlJc0ltdHBaQ0k2IC4uLiIsIklrSllkbVp5Ykc1b1FVMTFTRkl3TjJGcVZXMUIgLi4uIl19.eyJpc3MiOiJodHRwczovL2V4YW1wbGUuY29tL2lzc3VlciIsInN1YiI6Ik56YkxzWGg4dURDY2Q3bm9XWEZaQWZIa3hac1JHQzlYcy4uLiIsImp0aSI6InVybjp1dWlkOjZjNWMwYTQ5LWI1ODktNDMxZC1iYWU3LTIxOTEyMmE5ZWMyYyIsImlhdCI6MTU0MTQ5MzcyNCwiZXhwIjoxNTQxNDkzNzI0LCJzdGF0dXMiOiJodHRwczovL2V4YW1wbGUuY29tL3N0YXR1cyIsImNuZiI6eyJqd2siOnsia3R5IjoiUlNBIiwidXNlIjoic2lnIiwibiI6IjFUYS1zRSIsImUiOiJBUUFCIiwia2lkIjoiWWhORlMzWW5DOXRqaUNhaXZoV0xWVUozQXh3R0d6Xzk4dVJGYXFNRUVzIn19LCJ0eXBlIjoiUGVyc29uSWRlbnRpZmljYXRpb25EYXRhIiwidmVyaWZpZWRfY2xhaW1zIjp7InZlcmlmaWNhdGlvbiI6eyJfc2QiOlsiSnpZakg0c3ZsaUgwUjNQeUVNZmVadTZKdDY5dTVxZWhabzdGN0VQWWxTRSJdLCJ0cnVzdF9mcmFtZXdvcmsiOiJlaWRhcyIsImFzc3VyYW5jZV9sZXZlbCI6ImhpZ2gifSwiY2xhaW1zIjp7Il9zZCI6WyIwOXZLckpNT2x5VFdNMHNqcHVfcGRPQlZCUTJNMXkzS2hwSDUxNW5Ya3BZIiwiMnJzakdiYUMwa3k4bVQwcEpyUGlvV1RxMF9kYXcxc1g3NnBvVWxnQ3diSSIsIkVrTzhkaFcwZEhFSmJ2VUhsRV9WQ2V1Qzl1UkVMT2llTFpoaDdYYlVUdEEiLCJJbER6SUtlaVpkRHdwcXBLNlpmYnlwaEZ2ejVGZ25XYS1zTjZ3cVFYQ2l3IiwiUG9yRmJwS3VWdTZ4eW1KYWd2a0ZzRlhBYlJvYzJKR2xBVUEyQkE0bzdjSSIsIlRHZjRvTGJnd2Q1SlFhSHlLVlFaVTlVZEdFMHc1cnREc3JaemZVYW9tTG8iLCJqZHJURThZY2JZNEVpZnVnaWhpQWVfQlBla3hKUVpJQ2VpVVF3WTlRcXhJIiwianN1OXlWdWx3UVFsaEZsTV8zSmx6TWFTRnpnbGhRRzBEcGZheVF3TFVLNCJdfX0sIl9zZF9hbGciOiJzaGEtMjU2In0";
+const signature = "8wwSHCd47wCgzRYXvvPTTRXGS-hk9V8jRzy7WSjRBTZxSHxJkGOSWwBVAA-kpJ-IvQS7699aLWxIMqAvr34sOA";
+const signed = `${unsigned}.${signature}`;
+const tokenizedDisclosures = ["WyIyR0xDNDJzS1F2ZUNmR2ZyeU5STjl3IiwgImdpdmVuX25hbWUiLCAiSm9obiJd", "WyJlbHVWNU9nM2dTTklJOEVZbnN4QV9BIiwgImZhbWlseV9uYW1lIiwgIkRvZSJd", "WyI2SWo3dE0tYTVpVlBHYm9TNXRtdlZBIiwgImVtYWlsIiwgImpvaG5kb2VAZXhhbXBsZS5jb20iXQ", "WyJlSThaV205UW5LUHBOUGVOZW5IZGhRIiwgInBob25lX251bWJlciIsICIrMS0yMDItNTU1LTAxMDEiXQ", "WyJBSngtMDk1VlBycFR0TjRRTU9xUk9BIiwgImJpcnRoZGF0ZSIsICIxOTQwLTAxLTAxIl0", "WyJQYzMzSk0yTGNoY1VfbEhnZ3ZfdWZRIiwgImlzX292ZXJfMTgiLCB0cnVlXQ", "WyJHMDJOU3JRZmpGWFE3SW8wOXN5YWpBIiwgImlzX292ZXJfMjEiLCB0cnVlXQ", "WyJsa2x4RjVqTVlsR1RQVW92TU5JdkNBIiwgImlzX292ZXJfNjUiLCB0cnVlXQ", "WyJRZ19PNjR6cUF4ZTQxMmExMDhpcm9BIiwgImFkZHJlc3MiLCB7InN0cmVldF9hZGRyZXNzIjogIjEyMyBNYWluIFN0IiwgImxvY2FsaXR5IjogIkFueXRvd24iLCAicmVnaW9uIjogIkFueXN0YXRlIiwgImNvdW50cnkiOiAiVVMifV0"];
+const sdJwt = {
+  header: {
+    typ: "vc+sd-jwt",
+    alg: "ES256",
+    kid: "b186ea0c1925793097bf01b8a289a45f",
+    trust_chain: ["NEhRdERpYnlHY3M5WldWTWZ2aUhm ...", "eyJhbGciOiJSUzI1NiIsImtpZCI6 ...", "IkJYdmZybG5oQU11SFIwN2FqVW1B ..."]
+  },
+  payload: {
+    iss: "https://example.com/issuer",
+    sub: "NzbLsXh8uDCcd7noWXFZAfHkxZsRGC9Xs...",
+    jti: "urn:uuid:6c5c0a49-b589-431d-bae7-219122a9ec2c",
+    iat: 1541493724,
+    exp: 1541493724,
+    status: "https://example.com/status",
+    cnf: {
+      jwk: {
+        kty: "RSA",
+        use: "sig",
+        n: "1Ta-sE",
+        e: "AQAB",
+        kid: "YhNFS3YnC9tjiCaivhWLVUJ3AxwGGz_98uRFaqMEEs"
+      }
+    },
+    type: "PersonIdentificationData",
+    verified_claims: {
+      verification: {
+        _sd: ["JzYjH4svliH0R3PyEMfeZu6Jt69u5qehZo7F7EPYlSE"],
+        trust_framework: "eidas",
+        assurance_level: "high"
+      },
+      claims: {
+        _sd: ["09vKrJMOlyTWM0sjpu_pdOBVBQ2M1y3KhpH515nXkpY", "2rsjGbaC0ky8mT0pJrPioWTq0_daw1sX76poUlgCwbI", "EkO8dhW0dHEJbvUHlE_VCeuC9uRELOieLZhh7XbUTtA", "IlDzIKeiZdDwpqpK6ZfbyphFvz5FgnWa-sN6wqQXCiw", "PorFbpKuVu6xymJagvkFsFXAbRoc2JGlAUA2BA4o7cI", "TGf4oLbgwd5JQaHyKVQZU9UdGE0w5rtDsrZzfUaomLo", "jdrTE8YcbY4EifugihiAe_BPekxJQZICeiUQwY9QqxI", "jsu9yVulwQQlhFlM_3JlzMaSFzglhQG0DpfayQwLUK4"]
+      }
+    },
+    _sd_alg: "sha-256"
+  }
+};
+
+// In the very same order than tokenizedDisclosures
+const disclosures = [["2GLC42sKQveCfGfryNRN9w", "given_name", "John"], ["eluV5Og3gSNII8EYnsxA_A", "family_name", "Doe"], ["6Ij7tM-a5iVPGboS5tmvVA", "email", "johndoe@example.com"], ["eI8ZWm9QnKPpNPeNenHdhQ", "phone_number", "+1-202-555-0101"], ["AJx-095VPrpTtN4QMOqROA", "birthdate", "1940-01-01"], ["Pc33JM2LchcU_lHggv_ufQ", "is_over_18", true], ["G02NSrQfjFXQ7Io09syajA", "is_over_21", true], ["lklxF5jMYlGTPUovMNIvCA", "is_over_65", true], ["Qg_O64zqAxe412a108iroA", "address", {
+  street_address: "123 Main St",
+  locality: "Anytown",
+  region: "Anystate",
+  country: "US"
+}]];
+it("Ensures example data correctness", () => {
+  expect(JSON.parse((0, _ioReactNativeJwt.decodeBase64)((0, _ioReactNativeJwt.encodeBase64)(JSON.stringify(sdJwt.header))))).toEqual(sdJwt.header);
+  expect([signed, ...tokenizedDisclosures].join("~")).toBe(token);
+});
+describe("decode", () => {
+  it("should decode a valid token", () => {
+    const result = (0, _index.decode)(token, _types.SdJwt4VC);
+    expect(result).toEqual({
+      sdJwt,
+      disclosures: disclosures.map((decoded, i) => ({
+        decoded,
+        encoded: tokenizedDisclosures[i]
+      }))
+    });
+  });
+});
+describe("disclose", () => {
+  it("should encode a valid sdjwt (one claim)", async () => {
+    const result = await (0, _index.disclose)(token, ["given_name"]);
+    const expected = {
+      token: `${signed}~WyIyR0xDNDJzS1F2ZUNmR2ZyeU5STjl3IiwgImdpdmVuX25hbWUiLCAiSm9obiJd`,
+      paths: [{
+        claim: "given_name",
+        path: "verified_claims.claims._sd[7]"
+      }]
+    };
+    expect(result).toEqual(expected);
+  });
+  it("should encode a valid sdjwt (no claims)", async () => {
+    const result = await (0, _index.disclose)(token, []);
+    const expected = {
+      token: `${signed}`,
+      paths: []
+    };
+    expect(result).toEqual(expected);
+  });
+  it("should encode a valid sdjwt (multiple claims)", async () => {
+    const result = await (0, _index.disclose)(token, ["given_name", "email"]);
+    const expected = {
+      token: `${signed}~WyIyR0xDNDJzS1F2ZUNmR2ZyeU5STjl3IiwgImdpdmVuX25hbWUiLCAiSm9obiJd~WyI2SWo3dE0tYTVpVlBHYm9TNXRtdlZBIiwgImVtYWlsIiwgImpvaG5kb2VAZXhhbXBsZS5jb20iXQ`,
+      paths: [{
+        claim: "given_name",
+        path: "verified_claims.claims._sd[7]"
+      }, {
+        claim: "email",
+        path: "verified_claims.verification._sd[0]"
+      }]
+    };
+    expect(result).toEqual(expected);
+  });
+  it("should fail on unknown claim", async () => {
+    const fn = async () => (0, _index.disclose)(token, ["unknown"]);
+    await expect(fn()).rejects.toEqual(expect.any(Error));
+  });
+});
+//# sourceMappingURL=index.test.js.map

package/lib/commonjs/sd-jwt/__test__/index.test.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["_index","require","_ioReactNativeJwt","_types","token","unsigned","signature","signed","tokenizedDisclosures","sdJwt","header","typ","alg","kid","trust_chain","payload","iss","sub","jti","iat","exp","status","cnf","jwk","kty","use","n","e","type","verified_claims","verification","_sd","trust_framework","assurance_level","claims","_sd_alg","disclosures","street_address","locality","region","country","it","expect","JSON","parse","decodeBase64","encodeBase64","stringify","toEqual","join","toBe","describe","result","decode","SdJwt4VC","map","decoded","i","encoded","disclose","expected","paths","claim","path","fn","rejects","any","Error"],"sourceRoot":"../../../../src","sources":["sd-jwt/__test__/index.test.ts"],"mappings":";;AAAA,IAAAA,MAAA,GAAAC,OAAA;AAEA,IAAAC,iBAAA,GAAAD,OAAA;AACA,IAAAE,MAAA,GAAAF,OAAA;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMG,KAAK,GACT,kvEAAkvE;AAEpvE,MAAMC,QAAQ,GACZ,87CAA87C;AAEh8C,MAAMC,SAAS,GACb,wFAAwF;AAE1F,MAAMC,MAAM,GAAI,GAAEF,QAAS,IAAGC,SAAU,EAAC;AAEzC,MAAME,oBAAoB,GAAG,CAC3B,kEAAkE,EAClE,kEAAkE,EAClE,gFAAgF,EAChF,oFAAoF,EACpF,yEAAyE,EACzE,gEAAgE,EAChE,gEAAgE,EAChE,gEAAgE,EAChE,qLAAqL,CACtL;AAED,MAAMC,KAAK,GAAG;EACZC,MAAM,EAAE;IACNC,GAAG,EAAE,WAAW;IAChBC,GAAG,EAAE,OAAO;IACZC,GAAG,EAAE,kCAAkC;IACvCC,WAAW,EAAE,CACX,kCAAkC,EAClC,kCAAkC,EAClC,kCAAkC;EAEtC,CAAC;EACDC,OAAO,EAAE;IACPC,GAAG,EAAE,4BAA4B;IACjCC,GAAG,EAAE,sCAAsC;IAC3CC,GAAG,EAAE,+CAA+C;IACpDC,GAAG,EAAE,UAAU;IACfC,GAAG,EAAE,UAAU;IACfC,MAAM,EAAE,4BAA4B;IACpCC,GAAG,EAAE;MACHC,GAAG,EAAE;QACHC,GAAG,EAAE,KAAK;QACVC,GAAG,EAAE,KAAK;QACVC,CAAC,EAAE,QAAQ;QACXC,CAAC,EAAE,MAAM;QACTd,GAAG,EAAE;MACP;IACF,CAAC;IACDe,IAAI,EAAE,0BAA0B;IAChCC,eAAe,EAAE;MACfC,YAAY,EAAE;QACZC,GAAG,EAAE,CAAC,6CAA6C,CAAC;QACpDC,eAAe,EAAE,OAAO;QACxBC,eAAe,EAAE;MACnB,CAAC;MACDC,MAAM,EAAE;QACNH,GAAG,EAAE,CACH,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C;MAEjD;IACF,CAAC;IACDI,OAAO,EAAE;EACX;AACF,CAAC;;AAED;AACA,MAAMC,WAAW,GAAG,CAClB,CAAC,wBAAwB,EAAE,YAAY,EAAE,MAAM,CAAC,EAChD,CAAC,wBAAwB,EAAE,aAAa,EAAE,KAAK,CAAC,EAChD,CAAC,wBAAwB,EAAE,OAAO,EAAE,qBAAqB,CAAC,EAC1D,CAAC,wBAAwB,EAAE,cAAc,EAAE,iBAAiB,CAAC,EAC7D,CAAC,wBAAwB,EAAE,WAAW,EAAE,YAAY,CAAC,EACrD,CAAC,wBAAwB,EAAE,YAAY,EAAE,IAAI,CAAC,EAC9C,CAAC,wBAAwB,EAAE,YAAY,EAAE,IAAI,CAAC,EAC9C,CAAC,wBAAwB,EAAE,YAAY,EAAE,IAAI,CAAC,EAC9C,CACE,wBAAwB,EACxB,SAAS,EACT;EACEC,cAAc,EAAE,aAAa;EAC7BC,QAAQ,EAAE,SAAS;EACnBC,MAAM,EAAE,UAAU;EAClBC,OAAO,EAAE;AACX,CAAC,CACF,CACF;AACDC,EAAE,CAAC,kCAAkC,EAAE,MAAM;EAC3CC,MAAM,CACJC,IAAI,CAACC,KAAK,CAAC,IAAAC,8BAAY,EAAC,IAAAC,8BAAY,EAACH,IAAI,CAACI,SAAS,CAACtC,KAAK,CAACC,MAAM,CAAC,CAAC,CAAC,CACrE,CAAC,CAACsC,OAAO,CAACvC,KAAK,CAACC,MAAM,CAAC;EACvBgC,MAAM,CAAC,CAACnC,MAAM,EAAE,GAAGC,oBAAoB,CAAC,CAACyC,IAAI,CAAC,GAAG,CAAC,CAAC,CAACC,IAAI,CAAC9C,KAAK,CAAC;AACjE,CAAC,CAAC;AAEF+C,QAAQ,CAAC,QAAQ,EAAE,MAAM;EACvBV,EAAE,CAAC,6BAA6B,EAAE,MAAM;IACtC,MAAMW,MAAM,GAAG,IAAAC,aAAM,EAACjD,KAAK,EAAEkD,eAAQ,CAAC;IACtCZ,MAAM,CAACU,MAAM,CAAC,CAACJ,OAAO,CAAC;MACrBvC,KAAK;MACL2B,WAAW,EAAEA,WAAW,CAACmB,GAAG,CAAC,CAACC,OAAO,EAAEC,CAAC,MAAM;QAC5CD,OAAO;QACPE,OAAO,EAAElD,oBAAoB,CAACiD,CAAC;MACjC,CAAC,CAAC;IACJ,CAAC,CAAC;EACJ,CAAC,CAAC;AACJ,CAAC,CAAC;AAEFN,QAAQ,CAAC,UAAU,EAAE,MAAM;EACzBV,EAAE,CAAC,yCAAyC,EAAE,YAAY;IACxD,MAAMW,MAAM,GAAG,MAAM,IAAAO,eAAQ,EAACvD,KAAK,EAAE,CAAC,YAAY,CAAC,CAAC;IACpD,MAAMwD,QAAQ,GAAG;MACfxD,KAAK,EAAG,GAAEG,MAAO,mEAAkE;MACnFsD,KAAK,EAAE,CAAC;QAAEC,KAAK,EAAE,YAAY;QAAEC,IAAI,EAAE;MAAgC,CAAC;IACxE,CAAC;IAEDrB,MAAM,CAACU,MAAM,CAAC,CAACJ,OAAO,CAACY,QAAQ,CAAC;EAClC,CAAC,CAAC;EAEFnB,EAAE,CAAC,yCAAyC,EAAE,YAAY;IACxD,MAAMW,MAAM,GAAG,MAAM,IAAAO,eAAQ,EAACvD,KAAK,EAAE,EAAE,CAAC;IACxC,MAAMwD,QAAQ,GAAG;MAAExD,KAAK,EAAG,GAAEG,MAAO,EAAC;MAAEsD,KAAK,EAAE;IAAG,CAAC;IAElDnB,MAAM,CAACU,MAAM,CAAC,CAACJ,OAAO,CAACY,QAAQ,CAAC;EAClC,CAAC,CAAC;EAEFnB,EAAE,CAAC,+CAA+C,EAAE,YAAY;IAC9D,MAAMW,MAAM,GAAG,MAAM,IAAAO,eAAQ,EAACvD,KAAK,EAAE,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;IAC7D,MAAMwD,QAAQ,GAAG;MACfxD,KAAK,EAAG,GAAEG,MAAO,kJAAiJ;MAClKsD,KAAK,EAAE,CACL;QACEC,KAAK,EAAE,YAAY;QACnBC,IAAI,EAAE;MACR,CAAC,EACD;QACED,KAAK,EAAE,OAAO;QACdC,IAAI,EAAE;MACR,CAAC;IAEL,CAAC;IAEDrB,MAAM,CAACU,MAAM,CAAC,CAACJ,OAAO,CAACY,QAAQ,CAAC;EAClC,CAAC,CAAC;EAEFnB,EAAE,CAAC,8BAA8B,EAAE,YAAY;IAC7C,MAAMuB,EAAE,GAAG,MAAAA,CAAA,KAAY,IAAAL,eAAQ,EAACvD,KAAK,EAAE,CAAC,SAAS,CAAC,CAAC;IAEnD,MAAMsC,MAAM,CAACsB,EAAE,CAAC,CAAC,CAAC,CAACC,OAAO,CAACjB,OAAO,CAACN,MAAM,CAACwB,GAAG,CAACC,KAAK,CAAC,CAAC;EACvD,CAAC,CAAC;AACJ,CAAC,CAAC"}

package/lib/commonjs/sd-jwt/index.js

@@ -3,10 +3,19 @@
 Object.defineProperty(exports, "__esModule", {
   value: true
 });
-exports.verify = exports.decode = void 0;
+exports.verify = exports.disclose = exports.decode = void 0;
 var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
 var _types = require("./types");
 var _verifier = require("./verifier");
+var _errors = require("../utils/errors");
+const decodeDisclosure = encoded => {
+  const decoded = _types.Disclosure.parse(JSON.parse((0, _ioReactNativeJwt.decodeBase64)(encoded)));
+  return {
+    decoded,
+    encoded
+  };
+};
+
 /**
  * Decode a given SD-JWT with Disclosures to get the parsed SD-JWT object they define.
  * It ensures provided data is in a valid shape.
@@ -39,13 +48,81 @@ const decode = (token, schema) => {
   // get disclosures as list of triples
   // validate each triple
   // throw a validation error if at least one fails to parse
-  const disclosures = rawDisclosures.map(_ioReactNativeJwt.decodeBase64).map(e => JSON.parse(e)).map(e => _types.Disclosure.parse(e));
+  const disclosures = rawDisclosures.map(decodeDisclosure);
   return {
     sdJwt,
     disclosures
   };
 };
 
+/**
+ * Select disclosures from a given SD-JWT with Disclosures.
+ * Claims relate with disclosures by their name.
+ *
+ * @function
+ * @param token The encoded token that represents a valid sd-jwt for verifiable credentials
+ * @param claims The list of claims to be disclosed
+ *
+ * @throws {ClaimsNotFoundBetweenDislosures} When one or more claims does not relate to any discloure.
+ * @throws {ClaimsNotFoundInToken} When one or more claims are not contained in the SD-JWT token.
+ * @returns The encoded token with only the requested disclosures, along with the path each claim can be found on the SD-JWT token
+ *
+ */
+exports.decode = decode;
+const disclose = async (token, claims) => {
+  const [rawSdJwt, ...rawDisclosures] = token.split("~");
+  const {
+    sdJwt,
+    disclosures
+  } = decode(token, _types.SdJwt4VC);
+
+  // for each claim, return the path on which they are located in the SD-JWT token
+  const paths = await Promise.all(claims.map(async claim => {
+    const disclosure = disclosures.find(_ref => {
+      let {
+        decoded: [, name]
+      } = _ref;
+      return name === claim;
+    });
+
+    // check every claim represents a known disclosure
+    if (!disclosure) {
+      throw new _errors.ClaimsNotFoundBetweenDislosures(claim);
+    }
+    const hash = await (0, _ioReactNativeJwt.sha256ToBase64)(disclosure.encoded);
+
+    // _sd is defined in verified_claims.claims and verified_claims.verification
+    // we must look into both
+    if (sdJwt.payload.verified_claims.claims._sd.includes(hash)) {
+      const index = sdJwt.payload.verified_claims.claims._sd.indexOf(hash);
+      return {
+        claim,
+        path: `verified_claims.claims._sd[${index}]`
+      };
+    } else if (sdJwt.payload.verified_claims.verification._sd.includes(hash)) {
+      const index = sdJwt.payload.verified_claims.verification._sd.indexOf(hash);
+      return {
+        claim,
+        path: `verified_claims.verification._sd[${index}]`
+      };
+    }
+    throw new _errors.ClaimsNotFoundInToken(claim);
+  }));
+  const filteredDisclosures = rawDisclosures.filter(d => {
+    const {
+      decoded: [, name]
+    } = decodeDisclosure(d);
+    return claims.includes(name);
+  });
+
+  // compose the final disclosed token
+  const disclosedToken = [rawSdJwt, ...filteredDisclosures].join("~");
+  return {
+    token: disclosedToken,
+    paths
+  };
+};
+
 /**
  * Verify a given SD-JWT with Disclosures
  * Same as {@link decode} plus:
@@ -62,7 +139,7 @@ const decode = (token, schema) => {
  * @returns The parsed SD-JWT token and the parsed disclosures
  *
  */
-exports.decode = decode;
+exports.disclose = disclose;
 const verify = async (token, publicKey, schema) => {
   // get decoded data
   const [rawSdJwt = ""] = token.split("~");
@@ -74,7 +151,10 @@ const verify = async (token, publicKey, schema) => {
   //Check disclosures in sd-jwt
   const claims = [...decoded.sdJwt.payload.verified_claims.verification._sd, ...decoded.sdJwt.payload.verified_claims.claims._sd];
   await Promise.all(decoded.disclosures.map(async disclosure => await (0, _verifier.verifyDisclosure)(disclosure, claims)));
-  return decoded;
+  return {
+    sdJwt: decoded.sdJwt,
+    disclosures: decoded.disclosures.map(d => d.decoded)
+  };
 };
 exports.verify = verify;
 //# sourceMappingURL=index.js.map

package/lib/commonjs/sd-jwt/index.js.map

@@ -1 +1 @@
-{"version":3,"names":["_ioReactNativeJwt","require","_types","_verifier","decode","token","schema","slice","rawSdJwt","rawDisclosures","split","decodedJwt","decodeJwt","sdJwt","parse","header","protectedHeader","payload","disclosures","map","decodeBase64","e","JSON","Disclosure","exports","verify","publicKey","decoded","verifyJwt","claims","verified_claims","verification","_sd","Promise","all","disclosure","verifyDisclosure"],"sourceRoot":"../../../src","sources":["sd-jwt/index.ts"],"mappings":";;;;;;AAEA,IAAAA,iBAAA,GAAAC,OAAA;AAIA,IAAAC,MAAA,GAAAD,OAAA;AACA,IAAAE,SAAA,GAAAF,OAAA;AAGA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMG,MAAM,GAAGA,CACpBC,KAAa,EACbC,MAAS,KAC4C;EACrD;EACA,IAAID,KAAK,CAACE,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE;IAC3BF,KAAK,GAAGA,KAAK,CAACE,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;EAC5B;EACA,MAAM,CAACC,QAAQ,GAAG,EAAE,EAAE,GAAGC,cAAc,CAAC,GAAGJ,KAAK,CAACK,KAAK,CAAC,GAAG,CAAC;;EAE3D;EACA;EACA,MAAMC,UAAU,GAAG,IAAAC,wBAAS,EAACJ,QAAQ,CAAC;EACtC,MAAMK,KAAK,GAAGP,MAAM,CAACQ,KAAK,CAAC;IACzBC,MAAM,EAAEJ,UAAU,CAACK,eAAe;IAClCC,OAAO,EAAEN,UAAU,CAACM;EACtB,CAAC,CAAC;;EAEF;EACA;EACA;EACA,MAAMC,WAAW,GAAGT,cAAc,CAC/BU,GAAG,CAACC,8BAAY,CAAC,CACjBD,GAAG,CAAEE,CAAC,IAAKC,IAAI,CAACR,KAAK,CAACO,CAAC,CAAC,CAAC,CACzBF,GAAG,CAAEE,CAAC,IAAKE,iBAAU,CAACT,KAAK,CAACO,CAAC,CAAC,CAAC;EAElC,OAAO;IAAER,KAAK;IAAEK;EAAY,CAAC;AAC/B,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAfAM,OAAA,CAAApB,MAAA,GAAAA,MAAA;AAgBO,MAAMqB,MAAM,GAAG,MAAAA,CACpBpB,KAAa,EACbqB,SAAc,EACdpB,MAAS,KACqD;EAC9D;EACA,MAAM,CAACE,QAAQ,GAAG,EAAE,CAAC,GAAGH,KAAK,CAACK,KAAK,CAAC,GAAG,CAAC;EACxC,MAAMiB,OAAO,GAAGvB,MAAM,CAACC,KAAK,EAAEC,MAAM,CAAC;;EAErC;EACA,MAAM,IAAAsB,wBAAS,EAACpB,QAAQ,EAAEkB,SAAS,CAAC;;EAEpC;EACA,MAAMG,MAAM,GAAG,CACb,GAAGF,OAAO,CAACd,KAAK,CAACI,OAAO,CAACa,eAAe,CAACC,YAAY,CAACC,GAAG,EACzD,GAAGL,OAAO,CAACd,KAAK,CAACI,OAAO,CAACa,eAAe,CAACD,MAAM,CAACG,GAAG,CACpD;EAED,MAAMC,OAAO,CAACC,GAAG,CACfP,OAAO,CAACT,WAAW,CAACC,GAAG,CACrB,MAAOgB,UAAU,IAAK,MAAM,IAAAC,0BAAgB,EAACD,UAAU,EAAEN,MAAM,CACjE,CACF,CAAC;EAED,OAAOF,OAAO;AAChB,CAAC;AAACH,OAAA,CAAAC,MAAA,GAAAA,MAAA"}
+{"version":3,"names":["_ioReactNativeJwt","require","_types","_verifier","_errors","decodeDisclosure","encoded","decoded","Disclosure","parse","JSON","decodeBase64","decode","token","schema","slice","rawSdJwt","rawDisclosures","split","decodedJwt","decodeJwt","sdJwt","header","protectedHeader","payload","disclosures","map","exports","disclose","claims","SdJwt4VC","paths","Promise","all","claim","disclosure","find","_ref","name","ClaimsNotFoundBetweenDislosures","hash","sha256ToBase64","verified_claims","_sd","includes","index","indexOf","path","verification","ClaimsNotFoundInToken","filteredDisclosures","filter","d","disclosedToken","join","verify","publicKey","verifyJwt","verifyDisclosure"],"sourceRoot":"../../../src","sources":["sd-jwt/index.ts"],"mappings":";;;;;;AAEA,IAAAA,iBAAA,GAAAC,OAAA;AAKA,IAAAC,MAAA,GAAAD,OAAA;AACA,IAAAE,SAAA,GAAAF,OAAA;AAEA,IAAAG,OAAA,GAAAH,OAAA;AAKA,MAAMI,gBAAgB,GAAIC,OAAe,IAA4B;EACnE,MAAMC,OAAO,GAAGC,iBAAU,CAACC,KAAK,CAACC,IAAI,CAACD,KAAK,CAAC,IAAAE,8BAAY,EAACL,OAAO,CAAC,CAAC,CAAC;EACnE,OAAO;IAAEC,OAAO;IAAED;EAAQ,CAAC;AAC7B,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMM,MAAM,GAAGA,CACpBC,KAAa,EACbC,MAAS,KAIN;EACH;EACA,IAAID,KAAK,CAACE,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE;IAC3BF,KAAK,GAAGA,KAAK,CAACE,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;EAC5B;EACA,MAAM,CAACC,QAAQ,GAAG,EAAE,EAAE,GAAGC,cAAc,CAAC,GAAGJ,KAAK,CAACK,KAAK,CAAC,GAAG,CAAC;;EAE3D;EACA;EACA,MAAMC,UAAU,GAAG,IAAAC,wBAAS,EAACJ,QAAQ,CAAC;EACtC,MAAMK,KAAK,GAAGP,MAAM,CAACL,KAAK,CAAC;IACzBa,MAAM,EAAEH,UAAU,CAACI,eAAe;IAClCC,OAAO,EAAEL,UAAU,CAACK;EACtB,CAAC,CAAC;;EAEF;EACA;EACA;EACA,MAAMC,WAAW,GAAGR,cAAc,CAACS,GAAG,CAACrB,gBAAgB,CAAC;EAExD,OAAO;IAAEgB,KAAK;IAAEI;EAAY,CAAC;AAC/B,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAZAE,OAAA,CAAAf,MAAA,GAAAA,MAAA;AAaO,MAAMgB,QAAQ,GAAG,MAAAA,CACtBf,KAAa,EACbgB,MAAgB,KACyD;EACzE,MAAM,CAACb,QAAQ,EAAE,GAAGC,cAAc,CAAC,GAAGJ,KAAK,CAACK,KAAK,CAAC,GAAG,CAAC;EACtD,MAAM;IAAEG,KAAK;IAAEI;EAAY,CAAC,GAAGb,MAAM,CAACC,KAAK,EAAEiB,eAAQ,CAAC;;EAEtD;EACA,MAAMC,KAAK,GAAG,MAAMC,OAAO,CAACC,GAAG,CAC7BJ,MAAM,CAACH,GAAG,CAAC,MAAOQ,KAAK,IAAK;IAC1B,MAAMC,UAAU,GAAGV,WAAW,CAACW,IAAI,CACjCC,IAAA;MAAA,IAAC;QAAE9B,OAAO,EAAE,GAAG+B,IAAI;MAAE,CAAC,GAAAD,IAAA;MAAA,OAAKC,IAAI,KAAKJ,KAAK;IAAA,CAC3C,CAAC;;IAED;IACA,IAAI,CAACC,UAAU,EAAE;MACf,MAAM,IAAII,uCAA+B,CAACL,KAAK,CAAC;IAClD;IAEA,MAAMM,IAAI,GAAG,MAAM,IAAAC,gCAAc,EAACN,UAAU,CAAC7B,OAAO,CAAC;;IAErD;IACA;IACA,IAAIe,KAAK,CAACG,OAAO,CAACkB,eAAe,CAACb,MAAM,CAACc,GAAG,CAACC,QAAQ,CAACJ,IAAI,CAAC,EAAE;MAC3D,MAAMK,KAAK,GAAGxB,KAAK,CAACG,OAAO,CAACkB,eAAe,CAACb,MAAM,CAACc,GAAG,CAACG,OAAO,CAACN,IAAI,CAAC;MACpE,OAAO;QAAEN,KAAK;QAAEa,IAAI,EAAG,8BAA6BF,KAAM;MAAG,CAAC;IAChE,CAAC,MAAM,IACLxB,KAAK,CAACG,OAAO,CAACkB,eAAe,CAACM,YAAY,CAACL,GAAG,CAACC,QAAQ,CAACJ,IAAI,CAAC,EAC7D;MACA,MAAMK,KAAK,GACTxB,KAAK,CAACG,OAAO,CAACkB,eAAe,CAACM,YAAY,CAACL,GAAG,CAACG,OAAO,CAACN,IAAI,CAAC;MAC9D,OAAO;QAAEN,KAAK;QAAEa,IAAI,EAAG,oCAAmCF,KAAM;MAAG,CAAC;IACtE;IAEA,MAAM,IAAII,6BAAqB,CAACf,KAAK,CAAC;EACxC,CAAC,CACH,CAAC;EAED,MAAMgB,mBAAmB,GAAGjC,cAAc,CAACkC,MAAM,CAAEC,CAAC,IAAK;IACvD,MAAM;MACJ7C,OAAO,EAAE,GAAG+B,IAAI;IAClB,CAAC,GAAGjC,gBAAgB,CAAC+C,CAAC,CAAC;IACvB,OAAOvB,MAAM,CAACe,QAAQ,CAACN,IAAI,CAAC;EAC9B,CAAC,CAAC;;EAEF;EACA,MAAMe,cAAc,GAAG,CAACrC,QAAQ,EAAE,GAAGkC,mBAAmB,CAAC,CAACI,IAAI,CAAC,GAAG,CAAC;EAEnE,OAAO;IAAEzC,KAAK,EAAEwC,cAAc;IAAEtB;EAAM,CAAC;AACzC,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAfAJ,OAAA,CAAAC,QAAA,GAAAA,QAAA;AAgBO,MAAM2B,MAAM,GAAG,MAAAA,CACpB1C,KAAa,EACb2C,SAAc,EACd1C,MAAS,KACqD;EAC9D;EACA,MAAM,CAACE,QAAQ,GAAG,EAAE,CAAC,GAAGH,KAAK,CAACK,KAAK,CAAC,GAAG,CAAC;EACxC,MAAMX,OAAO,GAAGK,MAAM,CAACC,KAAK,EAAEC,MAAM,CAAC;;EAErC;EACA,MAAM,IAAA2C,wBAAS,EAACzC,QAAQ,EAAEwC,SAAS,CAAC;;EAEpC;EACA,MAAM3B,MAAM,GAAG,CACb,GAAGtB,OAAO,CAACc,KAAK,CAACG,OAAO,CAACkB,eAAe,CAACM,YAAY,CAACL,GAAG,EACzD,GAAGpC,OAAO,CAACc,KAAK,CAACG,OAAO,CAACkB,eAAe,CAACb,MAAM,CAACc,GAAG,CACpD;EAED,MAAMX,OAAO,CAACC,GAAG,CACf1B,OAAO,CAACkB,WAAW,CAACC,GAAG,CACrB,MAAOS,UAAU,IAAK,MAAM,IAAAuB,0BAAgB,EAACvB,UAAU,EAAEN,MAAM,CACjE,CACF,CAAC;EAED,OAAO;IACLR,KAAK,EAAEd,OAAO,CAACc,KAAK;IACpBI,WAAW,EAAElB,OAAO,CAACkB,WAAW,CAACC,GAAG,CAAE0B,CAAC,IAAKA,CAAC,CAAC7C,OAAO;EACvD,CAAC;AACH,CAAC;AAACoB,OAAA,CAAA4B,MAAA,GAAAA,MAAA"}

package/lib/commonjs/sd-jwt/types.js

@@ -20,6 +20,15 @@ const ObfuscatedDisclosures = _zod.z.object({
  */
 exports.ObfuscatedDisclosures = ObfuscatedDisclosures;
 const Disclosure = _zod.z.tuple([/* salt */_zod.z.string(), /* claim name */_zod.z.string(), /* claim value */_zod.z.unknown()]);
+
+/**
+ * Encoding depends on the serialization algorithm used when generating the disclosure tokens.
+ * The SD-JWT reference itself take no decision about how to handle whitespaces in serialized objects.
+ * For such reason, we may find conveninent to have encoded and decode values stored explicitly in the same structure.
+ * Please note that `encoded` can always decode into `decode`, but `decode` may or may not be encoded with the same value of `encoded`
+ *
+ * @see https://www.ietf.org/id/draft-ietf-oauth-selective-disclosure-jwt-05.html#name-disclosures-for-object-prop
+ */
 exports.Disclosure = Disclosure;
 const SdJwt4VC = _zod.z.object({
   header: _zod.z.object({

package/lib/commonjs/sd-jwt/types.js.map

@@ -1 +1 @@
-{"version":3,"names":["_jwk","require","_zod","UnixTime","z","number","min","max","exports","ObfuscatedDisclosures","object","_sd","array","string","Disclosure","tuple","unknown","SdJwt4VC","header","typ","literal","alg","kid","optional","trust_chain","payload","iss","sub","jti","iat","exp","status","cnf","jwk","JWK","type","verified_claims","verification","intersection","trust_framework","assurance_level","claims","_sd_alg"],"sourceRoot":"../../../src","sources":["sd-jwt/types.ts"],"mappings":";;;;;;AAAA,IAAAA,IAAA,GAAAC,OAAA;AACA,IAAAC,IAAA,GAAAD,OAAA;AAEO,MAAME,QAAQ,GAAGC,MAAC,CAACC,MAAM,CAAC,CAAC,CAACC,GAAG,CAAC,CAAC,CAAC,CAACC,GAAG,CAAC,aAAa,CAAC;AAACC,OAAA,CAAAL,QAAA,GAAAA,QAAA;AAItD,MAAMM,qBAAqB,GAAGL,MAAC,CAACM,MAAM,CAAC;EAAEC,GAAG,EAAEP,MAAC,CAACQ,KAAK,CAACR,MAAC,CAACS,MAAM,CAAC,CAAC;AAAE,CAAC,CAAC;;AAE3E;AACA;AACA;AACA;AACA;AACA;AALAL,OAAA,CAAAC,qBAAA,GAAAA,qBAAA;AAOO,MAAMK,UAAU,GAAGV,MAAC,CAACW,KAAK,CAAC,CAChC,UAAWX,MAAC,CAACS,MAAM,CAAC,CAAC,EACrB,gBAAiBT,MAAC,CAACS,MAAM,CAAC,CAAC,EAC3B,iBAAkBT,MAAC,CAACY,OAAO,CAAC,CAAC,CAC9B,CAAC;AAACR,OAAA,CAAAM,UAAA,GAAAA,UAAA;AAGI,MAAMG,QAAQ,GAAGb,MAAC,CAACM,MAAM,CAAC;EAC/BQ,MAAM,EAAEd,MAAC,CAACM,MAAM,CAAC;IACfS,GAAG,EAAEf,MAAC,CAACgB,OAAO,CAAC,WAAW,CAAC;IAC3BC,GAAG,EAAEjB,MAAC,CAACS,MAAM,CAAC,CAAC;IACfS,GAAG,EAAElB,MAAC,CAACS,MAAM,CAAC,CAAC,CAACU,QAAQ,CAAC,CAAC;IAC1BC,WAAW,EAAEpB,MAAC,CAACQ,KAAK,CAACR,MAAC,CAACS,MAAM,CAAC,CAAC;EACjC,CAAC,CAAC;EACFY,OAAO,EAAErB,MAAC,CAACM,MAAM,CAAC;IAChBgB,GAAG,EAAEtB,MAAC,CAACS,MAAM,CAAC,CAAC;IACfc,GAAG,EAAEvB,MAAC,CAACS,MAAM,CAAC,CAAC;IACfe,GAAG,EAAExB,MAAC,CAACS,MAAM,CAAC,CAAC;IACfgB,GAAG,EAAE1B,QAAQ;IACb2B,GAAG,EAAE3B,QAAQ;IACb4B,MAAM,EAAE3B,MAAC,CAACS,MAAM,CAAC,CAAC;IAClBmB,GAAG,EAAE5B,MAAC,CAACM,MAAM,CAAC;MACZuB,GAAG,EAAEC;IACP,CAAC,CAAC;IACFC,IAAI,EAAE/B,MAAC,CAACgB,OAAO,CAAC,0BAA0B,CAAC;IAC3CgB,eAAe,EAAEhC,MAAC,CAACM,MAAM,CAAC;MACxB2B,YAAY,EAAEjC,MAAC,CAACkC,YAAY,CAC1BlC,MAAC,CAACM,MAAM,CAAC;QACP6B,eAAe,EAAEnC,MAAC,CAACgB,OAAO,CAAC,OAAO,CAAC;QACnCoB,eAAe,EAAEpC,MAAC,CAACS,MAAM,CAAC;MAC5B,CAAC,CAAC,EACFJ,qBACF,CAAC;MACDgC,MAAM,EAAEhC;IACV,CAAC,CAAC;IACFiC,OAAO,EAAEtC,MAAC,CAACgB,OAAO,CAAC,SAAS;EAC9B,CAAC;AACH,CAAC,CAAC;AAACZ,OAAA,CAAAS,QAAA,GAAAA,QAAA"}
+{"version":3,"names":["_jwk","require","_zod","UnixTime","z","number","min","max","exports","ObfuscatedDisclosures","object","_sd","array","string","Disclosure","tuple","unknown","SdJwt4VC","header","typ","literal","alg","kid","optional","trust_chain","payload","iss","sub","jti","iat","exp","status","cnf","jwk","JWK","type","verified_claims","verification","intersection","trust_framework","assurance_level","claims","_sd_alg"],"sourceRoot":"../../../src","sources":["sd-jwt/types.ts"],"mappings":";;;;;;AAAA,IAAAA,IAAA,GAAAC,OAAA;AACA,IAAAC,IAAA,GAAAD,OAAA;AAEO,MAAME,QAAQ,GAAGC,MAAC,CAACC,MAAM,CAAC,CAAC,CAACC,GAAG,CAAC,CAAC,CAAC,CAACC,GAAG,CAAC,aAAa,CAAC;AAACC,OAAA,CAAAL,QAAA,GAAAA,QAAA;AAItD,MAAMM,qBAAqB,GAAGL,MAAC,CAACM,MAAM,CAAC;EAAEC,GAAG,EAAEP,MAAC,CAACQ,KAAK,CAACR,MAAC,CAACS,MAAM,CAAC,CAAC;AAAE,CAAC,CAAC;;AAE3E;AACA;AACA;AACA;AACA;AACA;AALAL,OAAA,CAAAC,qBAAA,GAAAA,qBAAA;AAOO,MAAMK,UAAU,GAAGV,MAAC,CAACW,KAAK,CAAC,CAChC,UAAWX,MAAC,CAACS,MAAM,CAAC,CAAC,EACrB,gBAAiBT,MAAC,CAACS,MAAM,CAAC,CAAC,EAC3B,iBAAkBT,MAAC,CAACY,OAAO,CAAC,CAAC,CAC9B,CAAC;;AAEF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAPAR,OAAA,CAAAM,UAAA,GAAAA,UAAA;AAcO,MAAMG,QAAQ,GAAGb,MAAC,CAACM,MAAM,CAAC;EAC/BQ,MAAM,EAAEd,MAAC,CAACM,MAAM,CAAC;IACfS,GAAG,EAAEf,MAAC,CAACgB,OAAO,CAAC,WAAW,CAAC;IAC3BC,GAAG,EAAEjB,MAAC,CAACS,MAAM,CAAC,CAAC;IACfS,GAAG,EAAElB,MAAC,CAACS,MAAM,CAAC,CAAC,CAACU,QAAQ,CAAC,CAAC;IAC1BC,WAAW,EAAEpB,MAAC,CAACQ,KAAK,CAACR,MAAC,CAACS,MAAM,CAAC,CAAC;EACjC,CAAC,CAAC;EACFY,OAAO,EAAErB,MAAC,CAACM,MAAM,CAAC;IAChBgB,GAAG,EAAEtB,MAAC,CAACS,MAAM,CAAC,CAAC;IACfc,GAAG,EAAEvB,MAAC,CAACS,MAAM,CAAC,CAAC;IACfe,GAAG,EAAExB,MAAC,CAACS,MAAM,CAAC,CAAC;IACfgB,GAAG,EAAE1B,QAAQ;IACb2B,GAAG,EAAE3B,QAAQ;IACb4B,MAAM,EAAE3B,MAAC,CAACS,MAAM,CAAC,CAAC;IAClBmB,GAAG,EAAE5B,MAAC,CAACM,MAAM,CAAC;MACZuB,GAAG,EAAEC;IACP,CAAC,CAAC;IACFC,IAAI,EAAE/B,MAAC,CAACgB,OAAO,CAAC,0BAA0B,CAAC;IAC3CgB,eAAe,EAAEhC,MAAC,CAACM,MAAM,CAAC;MACxB2B,YAAY,EAAEjC,MAAC,CAACkC,YAAY,CAC1BlC,MAAC,CAACM,MAAM,CAAC;QACP6B,eAAe,EAAEnC,MAAC,CAACgB,OAAO,CAAC,OAAO,CAAC;QACnCoB,eAAe,EAAEpC,MAAC,CAACS,MAAM,CAAC;MAC5B,CAAC,CAAC,EACFJ,qBACF,CAAC;MACDgC,MAAM,EAAEhC;IACV,CAAC,CAAC;IACFiC,OAAO,EAAEtC,MAAC,CAACgB,OAAO,CAAC,SAAS;EAC9B,CAAC;AACH,CAAC,CAAC;AAACZ,OAAA,CAAAS,QAAA,GAAAA,QAAA"}

package/lib/commonjs/sd-jwt/verifier.js

@@ -6,12 +6,14 @@ Object.defineProperty(exports, "__esModule", {
 exports.verifyDisclosure = void 0;
 var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
 var _errors = require("../utils/errors");
-const verifyDisclosure = async (disclosure, claims) => {
-  let disclosureString = JSON.stringify(disclosure);
-  let encodedDisclosure = (0, _ioReactNativeJwt.encodeBase64)(disclosureString);
-  let hash = await (0, _ioReactNativeJwt.sha256ToBase64)(encodedDisclosure);
+const verifyDisclosure = async (_ref, claims) => {
+  let {
+    encoded,
+    decoded
+  } = _ref;
+  let hash = await (0, _ioReactNativeJwt.sha256ToBase64)(encoded);
   if (!claims.includes(hash)) {
-    throw new _errors.ValidationFailed("Validation of disclosure failed", `${disclosure}`, "Disclosure hash not found in claims");
+    throw new _errors.ValidationFailed("Validation of disclosure failed", `${decoded}`, "Disclosure hash not found in claims");
   }
 };
 exports.verifyDisclosure = verifyDisclosure;

package/lib/commonjs/sd-jwt/verifier.js.map

@@ -1 +1 @@
-{"version":3,"names":["_ioReactNativeJwt","require","_errors","verifyDisclosure","disclosure","claims","disclosureString","JSON","stringify","encodedDisclosure","encodeBase64","hash","sha256ToBase64","includes","ValidationFailed","exports"],"sourceRoot":"../../../src","sources":["sd-jwt/verifier.ts"],"mappings":";;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AAEA,IAAAC,OAAA,GAAAD,OAAA;AAGO,MAAME,gBAAgB,GAAG,MAAAA,CAC9BC,UAAsB,EACtBC,MAAoC,KACjC;EACH,IAAIC,gBAAgB,GAAGC,IAAI,CAACC,SAAS,CAACJ,UAAU,CAAC;EACjD,IAAIK,iBAAiB,GAAG,IAAAC,8BAAY,EAACJ,gBAAgB,CAAC;EACtD,IAAIK,IAAI,GAAG,MAAM,IAAAC,gCAAc,EAACH,iBAAiB,CAAC;EAClD,IAAI,CAACJ,MAAM,CAACQ,QAAQ,CAACF,IAAI,CAAC,EAAE;IAC1B,MAAM,IAAIG,wBAAgB,CACxB,iCAAiC,EAChC,GAAEV,UAAW,EAAC,EACf,qCACF,CAAC;EACH;AACF,CAAC;AAACW,OAAA,CAAAZ,gBAAA,GAAAA,gBAAA"}
+{"version":3,"names":["_ioReactNativeJwt","require","_errors","verifyDisclosure","_ref","claims","encoded","decoded","hash","sha256ToBase64","includes","ValidationFailed","exports"],"sourceRoot":"../../../src","sources":["sd-jwt/verifier.ts"],"mappings":";;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AAEA,IAAAC,OAAA,GAAAD,OAAA;AAGO,MAAME,gBAAgB,GAAG,MAAAA,CAAAC,IAAA,EAE9BC,MAAoC,KACjC;EAAA,IAFH;IAAEC,OAAO;IAAEC;EAA+B,CAAC,GAAAH,IAAA;EAG3C,IAAII,IAAI,GAAG,MAAM,IAAAC,gCAAc,EAACH,OAAO,CAAC;EACxC,IAAI,CAACD,MAAM,CAACK,QAAQ,CAACF,IAAI,CAAC,EAAE;IAC1B,MAAM,IAAIG,wBAAgB,CACxB,iCAAiC,EAChC,GAAEJ,OAAQ,EAAC,EACZ,qCACF,CAAC;EACH;AACF,CAAC;AAACK,OAAA,CAAAT,gBAAA,GAAAA,gBAAA"}

package/lib/commonjs/utils/errors.js

@@ -3,7 +3,7 @@
 Object.defineProperty(exports, "__esModule", {
   value: true
 });
-exports.WalletInstanceAttestationIssuingError = exports.ValidationFailed = exports.PidIssuingError = exports.IoWalletError = exports.AuthRequestDecodeError = void 0;
+exports.WalletInstanceAttestationIssuingError = exports.ValidationFailed = exports.PidMetadataError = exports.PidIssuingError = exports.NoSuitableKeysFoundInEntityConfiguration = exports.IoWalletError = exports.ClaimsNotFoundInToken = exports.ClaimsNotFoundBetweenDislosures = exports.AuthRequestDecodeError = void 0;
 /**
  * A generic Error that all other io-wallet specific Error subclasses extend.
  *
@@ -126,5 +126,80 @@ class PidIssuingError extends IoWalletError {
     this.reason = reason;
   }
 }
+
+/**
+ * When claims are requested but not found in the credential
+ *
+ */
 exports.PidIssuingError = PidIssuingError;
+class ClaimsNotFoundBetweenDislosures extends Error {
+  static get code() {
+    return "ERR_CLAIMS_NOT_FOUND";
+  }
+  code = "ERR_CLAIMS_NOT_FOUND";
+
+  /** The Claims not found */
+
+  constructor(claims) {
+    const c = Array.isArray(claims) ? claims : [claims];
+    const message = `Some requested claims are not present in the disclosurable values, claims: ${c.join(", ")}`;
+    super(message);
+    this.claims = c;
+  }
+}
+
+/**
+ * When the SD-JWT does not contain an hashed reference to a given set of claims
+ */
+exports.ClaimsNotFoundBetweenDislosures = ClaimsNotFoundBetweenDislosures;
+class ClaimsNotFoundInToken extends Error {
+  static get code() {
+    return "ERR_CLAIMS_NOT_FOUND_IN_TOKEN";
+  }
+  code = "ERR_CLAIMS_NOT_FOUND_IN_TOKEN";
+
+  /** The Claims not found */
+
+  constructor(claims) {
+    const c = Array.isArray(claims) ? claims : [claims];
+    const message = `Some claims are not found in the given token, claims: ${c.join(", ")}`;
+    super(message);
+    this.claims = c;
+  }
+}
+
+/**
+ * When selecting a public key from an entity configuration, and no one meets the requirements for the scenario
+ *
+ */
+exports.ClaimsNotFoundInToken = ClaimsNotFoundInToken;
+class NoSuitableKeysFoundInEntityConfiguration extends Error {
+  static get code() {
+    return "ERR_NO_SUITABLE_KEYS_NOT_FOUND";
+  }
+  code = "ERR_NO_SUITABLE_KEYS_NOT_FOUND";
+
+  /**
+   * @param scenario describe the scenario in which the error arise
+   */
+  constructor(scenario) {
+    const message = `Entity configuration do not provide any suitable keys (${scenario}).`;
+    super(message);
+  }
+}
+
+/**
+ * When selecting a public key from an entity configuration, and no one meets the requirements for the scenario
+ *
+ */
+exports.NoSuitableKeysFoundInEntityConfiguration = NoSuitableKeysFoundInEntityConfiguration;
+class PidMetadataError extends Error {
+  static get code() {
+    return "PID_METADATA_ERROR";
+  }
+  constructor(message) {
+    super(message);
+  }
+}
+exports.PidMetadataError = PidMetadataError;
 //# sourceMappingURL=errors.js.map

package/lib/commonjs/utils/errors.js.map

@@ -1 +1 @@
-{"version":3,"names":["IoWalletError","Error","code","constructor","message","_Error$captureStackTr","name","captureStackTrace","call","exports","ValidationFailed","claim","arguments","length","undefined","reason","WalletInstanceAttestationIssuingError","AuthRequestDecodeError","PidIssuingError"],"sourceRoot":"../../../src","sources":["utils/errors.ts"],"mappings":";;;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMA,aAAa,SAASC,KAAK,CAAC;EACvC;EACA,WAAWC,IAAIA,CAAA,EAAW;IACxB,OAAO,uBAAuB;EAChC;;EAEA;EACAA,IAAI,GAAW,uBAAuB;EAEtCC,WAAWA,CAACC,OAAgB,EAAE;IAAA,IAAAC,qBAAA;IAC5B,KAAK,CAACD,OAAO,CAAC;IACd,IAAI,CAACE,IAAI,GAAG,IAAI,CAACH,WAAW,CAACG,IAAI;IACjC;IACA,CAAAD,qBAAA,GAAAJ,KAAK,CAACM,iBAAiB,cAAAF,qBAAA,uBAAvBA,qBAAA,CAAAG,IAAA,CAAAP,KAAK,EAAqB,IAAI,EAAE,IAAI,CAACE,WAAW,CAAC;EACnD;AACF;AACA;AACA;AACA;AACA;AAHAM,OAAA,CAAAT,aAAA,GAAAA,aAAA;AAIO,MAAMU,gBAAgB,SAASV,aAAa,CAAC;EAClD,WAAWE,IAAIA,CAAA,EAAsC;IACnD,OAAO,iCAAiC;EAC1C;EAEAA,IAAI,GAAG,iCAAiC;;EAExC;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CO,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACR,OAAO,CAAC;IACd,IAAI,CAACO,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AAHAN,OAAA,CAAAC,gBAAA,GAAAA,gBAAA;AAIO,MAAMM,qCAAqC,SAAShB,aAAa,CAAC;EACvE,WAAWE,IAAIA,CAAA,EAAwD;IACrE,OAAO,mDAAmD;EAC5D;EAEAA,IAAI,GAAG,mDAAmD;;EAE1D;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CO,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACR,OAAO,CAAC;IACd,IAAI,CAACO,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AAHAN,OAAA,CAAAO,qCAAA,GAAAA,qCAAA;AAIO,MAAMC,sBAAsB,SAASjB,aAAa,CAAC;EACxD,WAAWE,IAAIA,CAAA,EAAyD;IACtE,OAAO,oDAAoD;EAC7D;EAEAA,IAAI,GAAG,oDAAoD;;EAE3D;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CO,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACR,OAAO,CAAC;IACd,IAAI,CAACO,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AAHAN,OAAA,CAAAQ,sBAAA,GAAAA,sBAAA;AAIO,MAAMC,eAAe,SAASlB,aAAa,CAAC;EACjD,WAAWE,IAAIA,CAAA,EAAuC;IACpD,OAAO,kCAAkC;EAC3C;EAEAA,IAAI,GAAG,kCAAkC;;EAEzC;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CO,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACR,OAAO,CAAC;IACd,IAAI,CAACO,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;AAACN,OAAA,CAAAS,eAAA,GAAAA,eAAA"}
+{"version":3,"names":["IoWalletError","Error","code","constructor","message","_Error$captureStackTr","name","captureStackTrace","call","exports","ValidationFailed","claim","arguments","length","undefined","reason","WalletInstanceAttestationIssuingError","AuthRequestDecodeError","PidIssuingError","ClaimsNotFoundBetweenDislosures","claims","c","Array","isArray","join","ClaimsNotFoundInToken","NoSuitableKeysFoundInEntityConfiguration","scenario","PidMetadataError"],"sourceRoot":"../../../src","sources":["utils/errors.ts"],"mappings":";;;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMA,aAAa,SAASC,KAAK,CAAC;EACvC;EACA,WAAWC,IAAIA,CAAA,EAAW;IACxB,OAAO,uBAAuB;EAChC;;EAEA;EACAA,IAAI,GAAW,uBAAuB;EAEtCC,WAAWA,CAACC,OAAgB,EAAE;IAAA,IAAAC,qBAAA;IAC5B,KAAK,CAACD,OAAO,CAAC;IACd,IAAI,CAACE,IAAI,GAAG,IAAI,CAACH,WAAW,CAACG,IAAI;IACjC;IACA,CAAAD,qBAAA,GAAAJ,KAAK,CAACM,iBAAiB,cAAAF,qBAAA,uBAAvBA,qBAAA,CAAAG,IAAA,CAAAP,KAAK,EAAqB,IAAI,EAAE,IAAI,CAACE,WAAW,CAAC;EACnD;AACF;AACA;AACA;AACA;AACA;AAHAM,OAAA,CAAAT,aAAA,GAAAA,aAAA;AAIO,MAAMU,gBAAgB,SAASV,aAAa,CAAC;EAClD,WAAWE,IAAIA,CAAA,EAAsC;IACnD,OAAO,iCAAiC;EAC1C;EAEAA,IAAI,GAAG,iCAAiC;;EAExC;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CO,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACR,OAAO,CAAC;IACd,IAAI,CAACO,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AAHAN,OAAA,CAAAC,gBAAA,GAAAA,gBAAA;AAIO,MAAMM,qCAAqC,SAAShB,aAAa,CAAC;EACvE,WAAWE,IAAIA,CAAA,EAAwD;IACrE,OAAO,mDAAmD;EAC5D;EAEAA,IAAI,GAAG,mDAAmD;;EAE1D;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CO,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACR,OAAO,CAAC;IACd,IAAI,CAACO,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AAHAN,OAAA,CAAAO,qCAAA,GAAAA,qCAAA;AAIO,MAAMC,sBAAsB,SAASjB,aAAa,CAAC;EACxD,WAAWE,IAAIA,CAAA,EAAyD;IACtE,OAAO,oDAAoD;EAC7D;EAEAA,IAAI,GAAG,oDAAoD;;EAE3D;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CO,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACR,OAAO,CAAC;IACd,IAAI,CAACO,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AAHAN,OAAA,CAAAQ,sBAAA,GAAAA,sBAAA;AAIO,MAAMC,eAAe,SAASlB,aAAa,CAAC;EACjD,WAAWE,IAAIA,CAAA,EAAuC;IACpD,OAAO,kCAAkC;EAC3C;EAEAA,IAAI,GAAG,kCAAkC;;EAEzC;;EAGA;;EAGAC,WAAWA,CAACC,OAAe,EAAiD;IAAA,IAA/CO,KAAK,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAAEG,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACxE,KAAK,CAACR,OAAO,CAAC;IACd,IAAI,CAACO,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AAHAN,OAAA,CAAAS,eAAA,GAAAA,eAAA;AAIO,MAAMC,+BAA+B,SAASlB,KAAK,CAAC;EACzD,WAAWC,IAAIA,CAAA,EAA2B;IACxC,OAAO,sBAAsB;EAC/B;EAEAA,IAAI,GAAG,sBAAsB;;EAE7B;;EAGAC,WAAWA,CAACiB,MAAyB,EAAE;IACrC,MAAMC,CAAC,GAAGC,KAAK,CAACC,OAAO,CAACH,MAAM,CAAC,GAAGA,MAAM,GAAG,CAACA,MAAM,CAAC;IACnD,MAAMhB,OAAO,GAAI,8EAA6EiB,CAAC,CAACG,IAAI,CAClG,IACF,CAAE,EAAC;IACH,KAAK,CAACpB,OAAO,CAAC;IACd,IAAI,CAACgB,MAAM,GAAGC,CAAC;EACjB;AACF;;AAEA;AACA;AACA;AAFAZ,OAAA,CAAAU,+BAAA,GAAAA,+BAAA;AAGO,MAAMM,qBAAqB,SAASxB,KAAK,CAAC;EAC/C,WAAWC,IAAIA,CAAA,EAAoC;IACjD,OAAO,+BAA+B;EACxC;EAEAA,IAAI,GAAG,+BAA+B;;EAEtC;;EAGAC,WAAWA,CAACiB,MAAyB,EAAE;IACrC,MAAMC,CAAC,GAAGC,KAAK,CAACC,OAAO,CAACH,MAAM,CAAC,GAAGA,MAAM,GAAG,CAACA,MAAM,CAAC;IACnD,MAAMhB,OAAO,GAAI,yDAAwDiB,CAAC,CAACG,IAAI,CAC7E,IACF,CAAE,EAAC;IACH,KAAK,CAACpB,OAAO,CAAC;IACd,IAAI,CAACgB,MAAM,GAAGC,CAAC;EACjB;AACF;;AAEA;AACA;AACA;AACA;AAHAZ,OAAA,CAAAgB,qBAAA,GAAAA,qBAAA;AAIO,MAAMC,wCAAwC,SAASzB,KAAK,CAAC;EAClE,WAAWC,IAAIA,CAAA,EAAqC;IAClD,OAAO,gCAAgC;EACzC;EAEAA,IAAI,GAAG,gCAAgC;;EAEvC;AACF;AACA;EACEC,WAAWA,CAACwB,QAAgB,EAAE;IAC5B,MAAMvB,OAAO,GAAI,0DAAyDuB,QAAS,IAAG;IACtF,KAAK,CAACvB,OAAO,CAAC;EAChB;AACF;;AAEA;AACA;AACA;AACA;AAHAK,OAAA,CAAAiB,wCAAA,GAAAA,wCAAA;AAIO,MAAME,gBAAgB,SAAS3B,KAAK,CAAC;EAC1C,WAAWC,IAAIA,CAAA,EAAyB;IACtC,OAAO,oBAAoB;EAC7B;EAEAC,WAAWA,CAACC,OAAe,EAAE;IAC3B,KAAK,CAACA,OAAO,CAAC;EAChB;AACF;AAACK,OAAA,CAAAmB,gBAAA,GAAAA,gBAAA"}

package/lib/module/index.js

@@ -1,7 +1,11 @@
+// polyfill due to known bugs on URL implementation for react native
+// https://github.com/facebook/react-native/issues/24428
+import "react-native-url-polyfill/auto";
 import * as PID from "./pid";
 import * as RP from "./rp";
 import * as Errors from "./utils/errors";
 import * as WalletInstanceAttestation from "./wallet-instance-attestation";
 import { getUnsignedDPop } from "./utils/dpop";
-export { PID, RP, WalletInstanceAttestation, Errors, getUnsignedDPop };
+import { RelyingPartySolution } from "./rp";
+export { PID, RP, WalletInstanceAttestation, Errors, getUnsignedDPop, RelyingPartySolution };
 //# sourceMappingURL=index.js.map

package/lib/module/index.js.map

@@ -1 +1 @@
-{"version":3,"names":["PID","RP","Errors","WalletInstanceAttestation","getUnsignedDPop"],"sourceRoot":"../../src","sources":["index.ts"],"mappings":"AAAA,OAAO,KAAKA,GAAG,MAAM,OAAO;AAC5B,OAAO,KAAKC,EAAE,MAAM,MAAM;AAC1B,OAAO,KAAKC,MAAM,MAAM,gBAAgB;AACxC,OAAO,KAAKC,yBAAyB,MAAM,+BAA+B;AAC1E,SAASC,eAAe,QAAQ,cAAc;AAE9C,SAASJ,GAAG,EAAEC,EAAE,EAAEE,yBAAyB,EAAED,MAAM,EAAEE,eAAe"}
+{"version":3,"names":["PID","RP","Errors","WalletInstanceAttestation","getUnsignedDPop","RelyingPartySolution"],"sourceRoot":"../../src","sources":["index.ts"],"mappings":"AAAA;AACA;AACA,OAAO,gCAAgC;AAEvC,OAAO,KAAKA,GAAG,MAAM,OAAO;AAC5B,OAAO,KAAKC,EAAE,MAAM,MAAM;AAC1B,OAAO,KAAKC,MAAM,MAAM,gBAAgB;AACxC,OAAO,KAAKC,yBAAyB,MAAM,+BAA+B;AAC1E,SAASC,eAAe,QAAQ,cAAc;AAC9C,SAASC,oBAAoB,QAAQ,MAAM;AAE3C,SACEL,GAAG,EACHC,EAAE,EACFE,yBAAyB,EACzBD,MAAM,EACNE,eAAe,EACfC,oBAAoB"}

package/lib/module/pid/issuing.js

@@ -1,10 +1,11 @@
-import { decode as decodeJwt, sha256ToBase64 } from "@pagopa/io-react-native-jwt";
+import { decode as decodeJwt, verify as verifyJwt, sha256ToBase64 } from "@pagopa/io-react-native-jwt";
 import { SignJWT, thumbprint } from "@pagopa/io-react-native-jwt";
 import { JWK } from "../utils/jwk";
 import uuid from "react-native-uuid";
-import { PidIssuingError } from "../utils/errors";
+import { PidIssuingError, PidMetadataError } from "../utils/errors";
 import { getUnsignedDPop } from "../utils/dpop";
 import { sign, generate, deleteKey } from "@pagopa/io-react-native-crypto";
+import { PidIssuerEntityConfiguration } from "./metadata";
 
 // This is a temporary type that will be used for demo purposes only
 
@@ -221,5 +222,32 @@ export class Issuing {
     }
     throw new PidIssuingError(`Unable to obtain credential!`);
   }
+
+  /**
+   * Obtain the PID issuer metadata
+   *
+   * @function
+   * @returns PID issuer metadata
+   *
+   */
+  async getEntityConfiguration() {
+    const metadataUrl = new URL(".well-known/openid-federation", this.pidProviderBaseUrl).href;
+    const response = await this.appFetch(metadataUrl);
+    if (response.status === 200) {
+      const jwtMetadata = await response.text();
+      const {
+        payload
+      } = decodeJwt(jwtMetadata);
+      const result = PidIssuerEntityConfiguration.safeParse(payload);
+      if (result.success) {
+        const parsedMetadata = result.data;
+        await verifyJwt(jwtMetadata, parsedMetadata.jwks.keys);
+        return parsedMetadata;
+      } else {
+        throw new PidMetadataError(result.error.message);
+      }
+    }
+    throw new PidMetadataError(`Unable to obtain PID metadata. Response: ${await response.text()} with status: ${response.status}`);
+  }
 }
 //# sourceMappingURL=issuing.js.map

package/lib/module/pid/issuing.js.map

@@ -1 +1 @@
-{"version":3,"names":["decode","decodeJwt","sha256ToBase64","SignJWT","thumbprint","JWK","uuid","PidIssuingError","getUnsignedDPop","sign","generate","deleteKey","Issuing","constructor","pidProviderBaseUrl","walletProviderBaseUrl","walletInstanceAttestation","clientId","appFetch","arguments","length","undefined","fetch","state","v4","codeVerifier","authorizationCode","getUnsignedJwtForPar","jwk","parsedJwk","parse","keyThumbprint","publicKey","kid","codeChallenge","unsignedJwtForPar","client_assertion_type","authorization_details","credentialDefinition","type","format","response_type","code_challenge_method","redirect_uri","client_id","code_challenge","setProtectedHeader","alg","setIssuedAt","setExpirationTime","toSign","getPar","signature","signedJwtForPar","appendSignature","parUrl","URL","href","requestBody","client_assertion","request","formBody","URLSearchParams","response","method","headers","body","toString","status","result","json","request_uri","text","getUnsignedDPoP","tokenUrl","dPop","htm","htu","jti","getAuthToken","dPopKeyTag","dPopKey","unsignedDPopForToken","dPopTokenSignature","signedDPop","decodedJwtDPop","payload","grant_type","code","code_verifier","DPoP","getUnsignedNonceProof","nonce","unsignedProof","setAudience","setIssuer","getCredential","unsignedDPopForPid","dPopPidSignature","unsignedNonceProof","nonceProofSignature","accessToken","cieData","signedDPopForPid","signedNonceProof","credentialUrl","credential_definition","JSON","stringify","proof","jwt","proof_type","Authorization"],"sourceRoot":"../../../src","sources":["pid/issuing.ts"],"mappings":"AAAA,SACEA,MAAM,IAAIC,SAAS,EACnBC,cAAc,QACT,6BAA6B;AAEpC,SAASC,OAAO,EAAEC,UAAU,QAAQ,6BAA6B;AACjE,SAASC,GAAG,QAAQ,cAAc;AAClC,OAAOC,IAAI,MAAM,mBAAmB;AACpC,SAASC,eAAe,QAAQ,iBAAiB;AACjD,SAASC,eAAe,QAAQ,eAAe;AAC/C,SAASC,IAAI,EAAEC,QAAQ,EAAEC,SAAS,QAAQ,gCAAgC;;AAE1E;;AAgBA,OAAO,MAAMC,OAAO,CAAC;EAUnBC,WAAWA,CACTC,kBAA0B,EAC1BC,qBAA6B,EAC7BC,yBAAiC,EACjCC,QAAgB,EAEhB;IAAA,IADAC,QAA8B,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAGG,KAAK;IAEtC,IAAI,CAACR,kBAAkB,GAAGA,kBAAkB;IAC5C,IAAI,CAACC,qBAAqB,GAAGA,qBAAqB;IAClD,IAAI,CAACQ,KAAK,GAAI,GAAEjB,IAAI,CAACkB,EAAE,CAAC,CAAE,EAAC;IAC3B,IAAI,CAACC,YAAY,GAAI,GAAEnB,IAAI,CAACkB,EAAE,CAAC,CAAE,EAAC;IAClC,IAAI,CAACE,iBAAiB,GAAI,GAAEpB,IAAI,CAACkB,EAAE,CAAC,CAAE,EAAC;IACvC,IAAI,CAACR,yBAAyB,GAAGA,yBAAyB;IAC1D,IAAI,CAACC,QAAQ,GAAGA,QAAQ;IACxB,IAAI,CAACC,QAAQ,GAAGA,QAAQ;EAC1B;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMS,oBAAoBA,CAACC,GAAQ,EAAmB;IACpD,MAAMC,SAAS,GAAGxB,GAAG,CAACyB,KAAK,CAACF,GAAG,CAAC;IAChC,MAAMG,aAAa,GAAG,MAAM3B,UAAU,CAACyB,SAAS,CAAC;IACjD,MAAMG,SAAS,GAAG;MAAE,GAAGH,SAAS;MAAEI,GAAG,EAAEF;IAAc,CAAC;IACtD,MAAMG,aAAa,GAAG,MAAMhC,cAAc,CAAC,IAAI,CAACuB,YAAY,CAAC;IAE7D,MAAMU,iBAAiB,GAAG,IAAIhC,OAAO,CAAC;MACpCiC,qBAAqB,EACnB,wDAAwD;MAC1DC,qBAAqB,EAAE,CACrB;QACEC,oBAAoB,EAAE;UACpBC,IAAI,EAAE,CAAC,iBAAiB;QAC1B,CAAC;QACDC,MAAM,EAAE,WAAW;QACnBD,IAAI,EAAE;MACR,CAAC,CACF;MACDE,aAAa,EAAE,MAAM;MACrBC,qBAAqB,EAAE,MAAM;MAC7BC,YAAY,EAAE,IAAI,CAAC5B,qBAAqB;MACxCQ,KAAK,EAAE,IAAI,CAACA,KAAK;MACjBqB,SAAS,EAAE,IAAI,CAAC3B,QAAQ;MACxB4B,cAAc,EAAEX;IAClB,CAAC,CAAC,CACCY,kBAAkB,CAAC;MAClBC,GAAG,EAAE,OAAO;MACZd,GAAG,EAAED,SAAS,CAACC;IACjB,CAAC,CAAC,CACDe,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,MAAM,CAAC,CAAC;IAEX,OAAOf,iBAAiB;EAC1B;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMgB,MAAMA,CAAChB,iBAAyB,EAAEiB,SAAiB,EAAmB;IAC1E,MAAMlB,aAAa,GAAG,MAAMhC,cAAc,CAAC,IAAI,CAACuB,YAAY,CAAC;IAC7D,MAAM4B,eAAe,GAAG,MAAMlD,OAAO,CAACmD,eAAe,CACnDnB,iBAAiB,EACjBiB,SACF,CAAC;IAED,MAAMG,MAAM,GAAG,IAAIC,GAAG,CAAC,SAAS,EAAE,IAAI,CAAC1C,kBAAkB,CAAC,CAAC2C,IAAI;IAE/D,MAAMC,WAAW,GAAG;MAClBjB,aAAa,EAAE,MAAM;MACrBG,SAAS,EAAE,IAAI,CAAC3B,QAAQ;MACxB4B,cAAc,EAAEX,aAAa;MAC7BQ,qBAAqB,EAAE,MAAM;MAC7BN,qBAAqB,EACnB,wDAAwD;MAC1DuB,gBAAgB,EAAE,IAAI,CAAC3C,yBAAyB;MAChD4C,OAAO,EAAEP;IACX,CAAC;IAED,IAAIQ,QAAQ,GAAG,IAAIC,eAAe,CAACJ,WAAW,CAAC;IAE/C,MAAMK,QAAQ,GAAG,MAAM,IAAI,CAAC7C,QAAQ,CAACqC,MAAM,EAAE;MAC3CS,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE;MAClB,CAAC;MACDC,IAAI,EAAEL,QAAQ,CAACM,QAAQ,CAAC;IAC1B,CAAC,CAAC;IAEF,IAAIJ,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAMC,MAAM,GAAG,MAAMN,QAAQ,CAACO,IAAI,CAAC,CAAC;MACpC,OAAOD,MAAM,CAACE,WAAW;IAC3B;IAEA,MAAM,IAAIhE,eAAe,CACtB,wCAAuC,MAAMwD,QAAQ,CAACS,IAAI,CAAC,CAAE,EAChE,CAAC;EACH;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMC,eAAeA,CAAC7C,GAAQ,EAAmB;IAC/C,MAAM8C,QAAQ,GAAG,IAAIlB,GAAG,CAAC,QAAQ,EAAE,IAAI,CAAC1C,kBAAkB,CAAC,CAAC2C,IAAI;IAChE,MAAMkB,IAAI,GAAGnE,eAAe,CAACoB,GAAG,EAAE;MAChCgD,GAAG,EAAE,MAAM;MACXC,GAAG,EAAEH,QAAQ;MACbI,GAAG,EAAG,GAAExE,IAAI,CAACkB,EAAE,CAAC,CAAE;IACpB,CAAC,CAAC;IACF,OAAOmD,IAAI;EACb;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;EACE,MAAMI,YAAYA,CAAA,EAA2B;IAC3C;IACA,MAAMC,UAAU,GAAI,GAAE1E,IAAI,CAACkB,EAAE,CAAC,CAAE,EAAC;IACjC,MAAMyD,OAAO,GAAG,MAAMvE,QAAQ,CAACsE,UAAU,CAAC;IAC1C,MAAME,oBAAoB,GAAG,MAAM,IAAI,CAACT,eAAe,CAACQ,OAAO,CAAC;IAChE,MAAME,kBAAkB,GAAG,MAAM1E,IAAI,CAACyE,oBAAoB,EAAEF,UAAU,CAAC;IACvE,MAAMrE,SAAS,CAACqE,UAAU,CAAC;IAE3B,MAAMI,UAAU,GAAG,MAAMjF,OAAO,CAACmD,eAAe,CAC9C4B,oBAAoB,EACpBC,kBACF,CAAC;IACD,MAAME,cAAc,GAAGpF,SAAS,CAACmF,UAAU,CAAC;IAC5C,MAAMV,QAAQ,GAAGW,cAAc,CAACC,OAAO,CAACT,GAAa;IACrD,MAAMnB,WAAW,GAAG;MAClB6B,UAAU,EAAE,oBAAoB;MAChC3C,SAAS,EAAE,IAAI,CAAC3B,QAAQ;MACxBuE,IAAI,EAAE,IAAI,CAAC9D,iBAAiB;MAC5B+D,aAAa,EAAE,IAAI,CAAChE,YAAY;MAChCW,qBAAqB,EACnB,wDAAwD;MAC1DuB,gBAAgB,EAAE,IAAI,CAAC3C,yBAAyB;MAChD2B,YAAY,EAAE,IAAI,CAAC5B;IACrB,CAAC;IACD,IAAI8C,QAAQ,GAAG,IAAIC,eAAe,CAACJ,WAAW,CAAC;IAE/C,MAAMK,QAAQ,GAAG,MAAM,IAAI,CAAC7C,QAAQ,CAACwD,QAAQ,EAAE;MAC7CV,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE,mCAAmC;QACnDyB,IAAI,EAAEN;MACR,CAAC;MACDlB,IAAI,EAAEL,QAAQ,CAACM,QAAQ,CAAC;IAC1B,CAAC,CAAC;IAEF,IAAIJ,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,OAAO,MAAML,QAAQ,CAACO,IAAI,CAAC,CAAC;IAC9B;IAEA,MAAM,IAAI/D,eAAe,CACtB,0CAAyC,MAAMwD,QAAQ,CAACS,IAAI,CAAC,CAAE,EAClE,CAAC;EACH;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMmB,qBAAqBA,CAACC,KAAa,EAAmB;IAC1D,MAAMC,aAAa,GAAG,IAAI1F,OAAO,CAAC;MAChCyF;IACF,CAAC,CAAC,CACC9C,kBAAkB,CAAC;MAClBC,GAAG,EAAE,OAAO;MACZR,IAAI,EAAE;IACR,CAAC,CAAC,CACDuD,WAAW,CAAC,IAAI,CAAC/E,qBAAqB,CAAC,CACvCgF,SAAS,CAAC,IAAI,CAAC9E,QAAQ,CAAC,CACxB+B,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,MAAM,CAAC,CAAC;IACX,OAAO2C,aAAa;EACtB;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMG,aAAaA,CACjBC,kBAA0B,EAC1BC,gBAAwB,EACxBC,kBAA0B,EAC1BC,mBAA2B,EAC3BC,WAAmB,EACnBC,OAAgB,EACM;IACtB,MAAMC,gBAAgB,GAAG,MAAMpG,OAAO,CAACmD,eAAe,CACpD2C,kBAAkB,EAClBC,gBACF,CAAC;IACD,MAAMM,gBAAgB,GAAG,MAAMrG,OAAO,CAACmD,eAAe,CACpD6C,kBAAkB,EAClBC,mBACF,CAAC;IACD,MAAMK,aAAa,GAAG,IAAIjD,GAAG,CAAC,aAAa,EAAE,IAAI,CAAC1C,kBAAkB,CAAC,CAAC2C,IAAI;IAE1E,MAAMC,WAAW,GAAG;MAClBgD,qBAAqB,EAAEC,IAAI,CAACC,SAAS,CAAC;QAAErE,IAAI,EAAE,CAAC,iBAAiB;MAAE,CAAC,CAAC;MACpEC,MAAM,EAAE,WAAW;MACnBqE,KAAK,EAAEF,IAAI,CAACC,SAAS,CAAC;QACpBE,GAAG,EAAEN,gBAAgB;QACrBF,OAAO;QACPS,UAAU,EAAE;MACd,CAAC;IACH,CAAC;IACD,MAAMlD,QAAQ,GAAG,IAAIC,eAAe,CAACJ,WAAW,CAAC;IAEjD,MAAMK,QAAQ,GAAG,MAAM,IAAI,CAAC7C,QAAQ,CAACuF,aAAa,EAAE;MAClDzC,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE,mCAAmC;QACnDyB,IAAI,EAAEa,gBAAgB;QACtBS,aAAa,EAAEX;MACjB,CAAC;MACDnC,IAAI,EAAEL,QAAQ,CAACM,QAAQ,CAAC;IAC1B,CAAC,CAAC;IAEF,IAAIJ,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,OAAO,MAAML,QAAQ,CAACO,IAAI,CAAC,CAAC;IAC9B;IAEA,MAAM,IAAI/D,eAAe,CAAE,8BAA6B,CAAC;EAC3D;AACF"}
+{"version":3,"names":["decode","decodeJwt","verify","verifyJwt","sha256ToBase64","SignJWT","thumbprint","JWK","uuid","PidIssuingError","PidMetadataError","getUnsignedDPop","sign","generate","deleteKey","PidIssuerEntityConfiguration","Issuing","constructor","pidProviderBaseUrl","walletProviderBaseUrl","walletInstanceAttestation","clientId","appFetch","arguments","length","undefined","fetch","state","v4","codeVerifier","authorizationCode","getUnsignedJwtForPar","jwk","parsedJwk","parse","keyThumbprint","publicKey","kid","codeChallenge","unsignedJwtForPar","client_assertion_type","authorization_details","credentialDefinition","type","format","response_type","code_challenge_method","redirect_uri","client_id","code_challenge","setProtectedHeader","alg","setIssuedAt","setExpirationTime","toSign","getPar","signature","signedJwtForPar","appendSignature","parUrl","URL","href","requestBody","client_assertion","request","formBody","URLSearchParams","response","method","headers","body","toString","status","result","json","request_uri","text","getUnsignedDPoP","tokenUrl","dPop","htm","htu","jti","getAuthToken","dPopKeyTag","dPopKey","unsignedDPopForToken","dPopTokenSignature","signedDPop","decodedJwtDPop","payload","grant_type","code","code_verifier","DPoP","getUnsignedNonceProof","nonce","unsignedProof","setAudience","setIssuer","getCredential","unsignedDPopForPid","dPopPidSignature","unsignedNonceProof","nonceProofSignature","accessToken","cieData","signedDPopForPid","signedNonceProof","credentialUrl","credential_definition","JSON","stringify","proof","jwt","proof_type","Authorization","getEntityConfiguration","metadataUrl","jwtMetadata","safeParse","success","parsedMetadata","data","jwks","keys","error","message"],"sourceRoot":"../../../src","sources":["pid/issuing.ts"],"mappings":"AAAA,SACEA,MAAM,IAAIC,SAAS,EACnBC,MAAM,IAAIC,SAAS,EACnBC,cAAc,QACT,6BAA6B;AAEpC,SAASC,OAAO,EAAEC,UAAU,QAAQ,6BAA6B;AACjE,SAASC,GAAG,QAAQ,cAAc;AAClC,OAAOC,IAAI,MAAM,mBAAmB;AACpC,SAASC,eAAe,EAAEC,gBAAgB,QAAQ,iBAAiB;AACnE,SAASC,eAAe,QAAQ,eAAe;AAC/C,SAASC,IAAI,EAAEC,QAAQ,EAAEC,SAAS,QAAQ,gCAAgC;AAC1E,SAASC,4BAA4B,QAAQ,YAAY;;AAEzD;;AAgBA,OAAO,MAAMC,OAAO,CAAC;EAUnBC,WAAWA,CACTC,kBAA0B,EAC1BC,qBAA6B,EAC7BC,yBAAiC,EACjCC,QAAgB,EAEhB;IAAA,IADAC,QAA8B,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAGG,KAAK;IAEtC,IAAI,CAACR,kBAAkB,GAAGA,kBAAkB;IAC5C,IAAI,CAACC,qBAAqB,GAAGA,qBAAqB;IAClD,IAAI,CAACQ,KAAK,GAAI,GAAEnB,IAAI,CAACoB,EAAE,CAAC,CAAE,EAAC;IAC3B,IAAI,CAACC,YAAY,GAAI,GAAErB,IAAI,CAACoB,EAAE,CAAC,CAAE,EAAC;IAClC,IAAI,CAACE,iBAAiB,GAAI,GAAEtB,IAAI,CAACoB,EAAE,CAAC,CAAE,EAAC;IACvC,IAAI,CAACR,yBAAyB,GAAGA,yBAAyB;IAC1D,IAAI,CAACC,QAAQ,GAAGA,QAAQ;IACxB,IAAI,CAACC,QAAQ,GAAGA,QAAQ;EAC1B;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMS,oBAAoBA,CAACC,GAAQ,EAAmB;IACpD,MAAMC,SAAS,GAAG1B,GAAG,CAAC2B,KAAK,CAACF,GAAG,CAAC;IAChC,MAAMG,aAAa,GAAG,MAAM7B,UAAU,CAAC2B,SAAS,CAAC;IACjD,MAAMG,SAAS,GAAG;MAAE,GAAGH,SAAS;MAAEI,GAAG,EAAEF;IAAc,CAAC;IACtD,MAAMG,aAAa,GAAG,MAAMlC,cAAc,CAAC,IAAI,CAACyB,YAAY,CAAC;IAE7D,MAAMU,iBAAiB,GAAG,IAAIlC,OAAO,CAAC;MACpCmC,qBAAqB,EACnB,wDAAwD;MAC1DC,qBAAqB,EAAE,CACrB;QACEC,oBAAoB,EAAE;UACpBC,IAAI,EAAE,CAAC,iBAAiB;QAC1B,CAAC;QACDC,MAAM,EAAE,WAAW;QACnBD,IAAI,EAAE;MACR,CAAC,CACF;MACDE,aAAa,EAAE,MAAM;MACrBC,qBAAqB,EAAE,MAAM;MAC7BC,YAAY,EAAE,IAAI,CAAC5B,qBAAqB;MACxCQ,KAAK,EAAE,IAAI,CAACA,KAAK;MACjBqB,SAAS,EAAE,IAAI,CAAC3B,QAAQ;MACxB4B,cAAc,EAAEX;IAClB,CAAC,CAAC,CACCY,kBAAkB,CAAC;MAClBC,GAAG,EAAE,OAAO;MACZd,GAAG,EAAED,SAAS,CAACC;IACjB,CAAC,CAAC,CACDe,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,MAAM,CAAC,CAAC;IAEX,OAAOf,iBAAiB;EAC1B;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMgB,MAAMA,CAAChB,iBAAyB,EAAEiB,SAAiB,EAAmB;IAC1E,MAAMlB,aAAa,GAAG,MAAMlC,cAAc,CAAC,IAAI,CAACyB,YAAY,CAAC;IAC7D,MAAM4B,eAAe,GAAG,MAAMpD,OAAO,CAACqD,eAAe,CACnDnB,iBAAiB,EACjBiB,SACF,CAAC;IAED,MAAMG,MAAM,GAAG,IAAIC,GAAG,CAAC,SAAS,EAAE,IAAI,CAAC1C,kBAAkB,CAAC,CAAC2C,IAAI;IAE/D,MAAMC,WAAW,GAAG;MAClBjB,aAAa,EAAE,MAAM;MACrBG,SAAS,EAAE,IAAI,CAAC3B,QAAQ;MACxB4B,cAAc,EAAEX,aAAa;MAC7BQ,qBAAqB,EAAE,MAAM;MAC7BN,qBAAqB,EACnB,wDAAwD;MAC1DuB,gBAAgB,EAAE,IAAI,CAAC3C,yBAAyB;MAChD4C,OAAO,EAAEP;IACX,CAAC;IAED,IAAIQ,QAAQ,GAAG,IAAIC,eAAe,CAACJ,WAAW,CAAC;IAE/C,MAAMK,QAAQ,GAAG,MAAM,IAAI,CAAC7C,QAAQ,CAACqC,MAAM,EAAE;MAC3CS,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE;MAClB,CAAC;MACDC,IAAI,EAAEL,QAAQ,CAACM,QAAQ,CAAC;IAC1B,CAAC,CAAC;IAEF,IAAIJ,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAMC,MAAM,GAAG,MAAMN,QAAQ,CAACO,IAAI,CAAC,CAAC;MACpC,OAAOD,MAAM,CAACE,WAAW;IAC3B;IAEA,MAAM,IAAIlE,eAAe,CACtB,wCAAuC,MAAM0D,QAAQ,CAACS,IAAI,CAAC,CAAE,EAChE,CAAC;EACH;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMC,eAAeA,CAAC7C,GAAQ,EAAmB;IAC/C,MAAM8C,QAAQ,GAAG,IAAIlB,GAAG,CAAC,QAAQ,EAAE,IAAI,CAAC1C,kBAAkB,CAAC,CAAC2C,IAAI;IAChE,MAAMkB,IAAI,GAAGpE,eAAe,CAACqB,GAAG,EAAE;MAChCgD,GAAG,EAAE,MAAM;MACXC,GAAG,EAAEH,QAAQ;MACbI,GAAG,EAAG,GAAE1E,IAAI,CAACoB,EAAE,CAAC,CAAE;IACpB,CAAC,CAAC;IACF,OAAOmD,IAAI;EACb;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;EACE,MAAMI,YAAYA,CAAA,EAA2B;IAC3C;IACA,MAAMC,UAAU,GAAI,GAAE5E,IAAI,CAACoB,EAAE,CAAC,CAAE,EAAC;IACjC,MAAMyD,OAAO,GAAG,MAAMxE,QAAQ,CAACuE,UAAU,CAAC;IAC1C,MAAME,oBAAoB,GAAG,MAAM,IAAI,CAACT,eAAe,CAACQ,OAAO,CAAC;IAChE,MAAME,kBAAkB,GAAG,MAAM3E,IAAI,CAAC0E,oBAAoB,EAAEF,UAAU,CAAC;IACvE,MAAMtE,SAAS,CAACsE,UAAU,CAAC;IAE3B,MAAMI,UAAU,GAAG,MAAMnF,OAAO,CAACqD,eAAe,CAC9C4B,oBAAoB,EACpBC,kBACF,CAAC;IACD,MAAME,cAAc,GAAGxF,SAAS,CAACuF,UAAU,CAAC;IAC5C,MAAMV,QAAQ,GAAGW,cAAc,CAACC,OAAO,CAACT,GAAa;IACrD,MAAMnB,WAAW,GAAG;MAClB6B,UAAU,EAAE,oBAAoB;MAChC3C,SAAS,EAAE,IAAI,CAAC3B,QAAQ;MACxBuE,IAAI,EAAE,IAAI,CAAC9D,iBAAiB;MAC5B+D,aAAa,EAAE,IAAI,CAAChE,YAAY;MAChCW,qBAAqB,EACnB,wDAAwD;MAC1DuB,gBAAgB,EAAE,IAAI,CAAC3C,yBAAyB;MAChD2B,YAAY,EAAE,IAAI,CAAC5B;IACrB,CAAC;IACD,IAAI8C,QAAQ,GAAG,IAAIC,eAAe,CAACJ,WAAW,CAAC;IAE/C,MAAMK,QAAQ,GAAG,MAAM,IAAI,CAAC7C,QAAQ,CAACwD,QAAQ,EAAE;MAC7CV,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE,mCAAmC;QACnDyB,IAAI,EAAEN;MACR,CAAC;MACDlB,IAAI,EAAEL,QAAQ,CAACM,QAAQ,CAAC;IAC1B,CAAC,CAAC;IAEF,IAAIJ,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,OAAO,MAAML,QAAQ,CAACO,IAAI,CAAC,CAAC;IAC9B;IAEA,MAAM,IAAIjE,eAAe,CACtB,0CAAyC,MAAM0D,QAAQ,CAACS,IAAI,CAAC,CAAE,EAClE,CAAC;EACH;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMmB,qBAAqBA,CAACC,KAAa,EAAmB;IAC1D,MAAMC,aAAa,GAAG,IAAI5F,OAAO,CAAC;MAChC2F;IACF,CAAC,CAAC,CACC9C,kBAAkB,CAAC;MAClBC,GAAG,EAAE,OAAO;MACZR,IAAI,EAAE;IACR,CAAC,CAAC,CACDuD,WAAW,CAAC,IAAI,CAAC/E,qBAAqB,CAAC,CACvCgF,SAAS,CAAC,IAAI,CAAC9E,QAAQ,CAAC,CACxB+B,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,MAAM,CAAC,CAAC;IACX,OAAO2C,aAAa;EACtB;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMG,aAAaA,CACjBC,kBAA0B,EAC1BC,gBAAwB,EACxBC,kBAA0B,EAC1BC,mBAA2B,EAC3BC,WAAmB,EACnBC,OAAgB,EACM;IACtB,MAAMC,gBAAgB,GAAG,MAAMtG,OAAO,CAACqD,eAAe,CACpD2C,kBAAkB,EAClBC,gBACF,CAAC;IACD,MAAMM,gBAAgB,GAAG,MAAMvG,OAAO,CAACqD,eAAe,CACpD6C,kBAAkB,EAClBC,mBACF,CAAC;IACD,MAAMK,aAAa,GAAG,IAAIjD,GAAG,CAAC,aAAa,EAAE,IAAI,CAAC1C,kBAAkB,CAAC,CAAC2C,IAAI;IAE1E,MAAMC,WAAW,GAAG;MAClBgD,qBAAqB,EAAEC,IAAI,CAACC,SAAS,CAAC;QAAErE,IAAI,EAAE,CAAC,iBAAiB;MAAE,CAAC,CAAC;MACpEC,MAAM,EAAE,WAAW;MACnBqE,KAAK,EAAEF,IAAI,CAACC,SAAS,CAAC;QACpBE,GAAG,EAAEN,gBAAgB;QACrBF,OAAO;QACPS,UAAU,EAAE;MACd,CAAC;IACH,CAAC;IACD,MAAMlD,QAAQ,GAAG,IAAIC,eAAe,CAACJ,WAAW,CAAC;IAEjD,MAAMK,QAAQ,GAAG,MAAM,IAAI,CAAC7C,QAAQ,CAACuF,aAAa,EAAE;MAClDzC,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE,mCAAmC;QACnDyB,IAAI,EAAEa,gBAAgB;QACtBS,aAAa,EAAEX;MACjB,CAAC;MACDnC,IAAI,EAAEL,QAAQ,CAACM,QAAQ,CAAC;IAC1B,CAAC,CAAC;IAEF,IAAIJ,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,OAAO,MAAML,QAAQ,CAACO,IAAI,CAAC,CAAC;IAC9B;IAEA,MAAM,IAAIjE,eAAe,CAAE,8BAA6B,CAAC;EAC3D;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;EACE,MAAM4G,sBAAsBA,CAAA,EAA0C;IACpE,MAAMC,WAAW,GAAG,IAAI1D,GAAG,CACzB,+BAA+B,EAC/B,IAAI,CAAC1C,kBACP,CAAC,CAAC2C,IAAI;IAEN,MAAMM,QAAQ,GAAG,MAAM,IAAI,CAAC7C,QAAQ,CAACgG,WAAW,CAAC;IAEjD,IAAInD,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAM+C,WAAW,GAAG,MAAMpD,QAAQ,CAACS,IAAI,CAAC,CAAC;MACzC,MAAM;QAAEc;MAAQ,CAAC,GAAGzF,SAAS,CAACsH,WAAW,CAAC;MAC1C,MAAM9C,MAAM,GAAG1D,4BAA4B,CAACyG,SAAS,CAAC9B,OAAO,CAAC;MAC9D,IAAIjB,MAAM,CAACgD,OAAO,EAAE;QAClB,MAAMC,cAAc,GAAGjD,MAAM,CAACkD,IAAI;QAClC,MAAMxH,SAAS,CAACoH,WAAW,EAAEG,cAAc,CAACE,IAAI,CAACC,IAAI,CAAC;QACtD,OAAOH,cAAc;MACvB,CAAC,MAAM;QACL,MAAM,IAAIhH,gBAAgB,CAAC+D,MAAM,CAACqD,KAAK,CAACC,OAAO,CAAC;MAClD;IACF;IAEA,MAAM,IAAIrH,gBAAgB,CACvB,4CAA2C,MAAMyD,QAAQ,CAACS,IAAI,CAAC,CAAE,iBAChET,QAAQ,CAACK,MACV,EACH,CAAC;EACH;AACF"}

package/lib/module/pid/metadata.js

@@ -0,0 +1,43 @@
+import { JWK } from "../utils/jwk";
+import { z } from "zod";
+export const PidDisplayMetadata = z.object({
+  name: z.string(),
+  locale: z.string(),
+  logo: z.object({
+    url: z.string(),
+    alt_text: z.string()
+  }),
+  background_color: z.string(),
+  text_color: z.string()
+});
+export const PidIssuerEntityConfiguration = z.object({
+  jwks: z.object({
+    keys: z.array(JWK)
+  }),
+  metadata: z.object({
+    openid_credential_issuer: z.object({
+      credential_issuer: z.string(),
+      authorization_endpoint: z.string(),
+      token_endpoint: z.string(),
+      pushed_authorization_request_endpoint: z.string(),
+      dpop_signing_alg_values_supported: z.array(z.string()),
+      credential_endpoint: z.string(),
+      credentials_supported: z.object({
+        "eu.eudiw.pid.it": z.object({
+          format: z.literal("vc+sd-jwt"),
+          cryptographic_binding_methods_supported: z.array(z.string()),
+          cryptographic_suites_supported: z.array(z.string()),
+          display: z.array(PidDisplayMetadata)
+        })
+      })
+    }),
+    federation_entity: z.object({
+      organization_name: z.string(),
+      homepage_uri: z.string(),
+      policy_uri: z.string(),
+      tos_uri: z.string(),
+      logo_uri: z.string()
+    })
+  })
+});
+//# sourceMappingURL=metadata.js.map

package/lib/module/pid/metadata.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["JWK","z","PidDisplayMetadata","object","name","string","locale","logo","url","alt_text","background_color","text_color","PidIssuerEntityConfiguration","jwks","keys","array","metadata","openid_credential_issuer","credential_issuer","authorization_endpoint","token_endpoint","pushed_authorization_request_endpoint","dpop_signing_alg_values_supported","credential_endpoint","credentials_supported","format","literal","cryptographic_binding_methods_supported","cryptographic_suites_supported","display","federation_entity","organization_name","homepage_uri","policy_uri","tos_uri","logo_uri"],"sourceRoot":"../../../src","sources":["pid/metadata.ts"],"mappings":"AAAA,SAASA,GAAG,QAAQ,cAAc;AAClC,SAASC,CAAC,QAAQ,KAAK;AAGvB,OAAO,MAAMC,kBAAkB,GAAGD,CAAC,CAACE,MAAM,CAAC;EACzCC,IAAI,EAAEH,CAAC,CAACI,MAAM,CAAC,CAAC;EAChBC,MAAM,EAAEL,CAAC,CAACI,MAAM,CAAC,CAAC;EAClBE,IAAI,EAAEN,CAAC,CAACE,MAAM,CAAC;IACbK,GAAG,EAAEP,CAAC,CAACI,MAAM,CAAC,CAAC;IACfI,QAAQ,EAAER,CAAC,CAACI,MAAM,CAAC;EACrB,CAAC,CAAC;EACFK,gBAAgB,EAAET,CAAC,CAACI,MAAM,CAAC,CAAC;EAC5BM,UAAU,EAAEV,CAAC,CAACI,MAAM,CAAC;AACvB,CAAC,CAAC;AAKF,OAAO,MAAMO,4BAA4B,GAAGX,CAAC,CAACE,MAAM,CAAC;EACnDU,IAAI,EAAEZ,CAAC,CAACE,MAAM,CAAC;IAAEW,IAAI,EAAEb,CAAC,CAACc,KAAK,CAACf,GAAG;EAAE,CAAC,CAAC;EACtCgB,QAAQ,EAAEf,CAAC,CAACE,MAAM,CAAC;IACjBc,wBAAwB,EAAEhB,CAAC,CAACE,MAAM,CAAC;MACjCe,iBAAiB,EAAEjB,CAAC,CAACI,MAAM,CAAC,CAAC;MAC7Bc,sBAAsB,EAAElB,CAAC,CAACI,MAAM,CAAC,CAAC;MAClCe,cAAc,EAAEnB,CAAC,CAACI,MAAM,CAAC,CAAC;MAC1BgB,qCAAqC,EAAEpB,CAAC,CAACI,MAAM,CAAC,CAAC;MACjDiB,iCAAiC,EAAErB,CAAC,CAACc,KAAK,CAACd,CAAC,CAACI,MAAM,CAAC,CAAC,CAAC;MACtDkB,mBAAmB,EAAEtB,CAAC,CAACI,MAAM,CAAC,CAAC;MAC/BmB,qBAAqB,EAAEvB,CAAC,CAACE,MAAM,CAAC;QAC9B,iBAAiB,EAAEF,CAAC,CAACE,MAAM,CAAC;UAC1BsB,MAAM,EAAExB,CAAC,CAACyB,OAAO,CAAC,WAAW,CAAC;UAC9BC,uCAAuC,EAAE1B,CAAC,CAACc,KAAK,CAACd,CAAC,CAACI,MAAM,CAAC,CAAC,CAAC;UAC5DuB,8BAA8B,EAAE3B,CAAC,CAACc,KAAK,CAACd,CAAC,CAACI,MAAM,CAAC,CAAC,CAAC;UACnDwB,OAAO,EAAE5B,CAAC,CAACc,KAAK,CAACb,kBAAkB;QACrC,CAAC;MACH,CAAC;IACH,CAAC,CAAC;IACF4B,iBAAiB,EAAE7B,CAAC,CAACE,MAAM,CAAC;MAC1B4B,iBAAiB,EAAE9B,CAAC,CAACI,MAAM,CAAC,CAAC;MAC7B2B,YAAY,EAAE/B,CAAC,CAACI,MAAM,CAAC,CAAC;MACxB4B,UAAU,EAAEhC,CAAC,CAACI,MAAM,CAAC,CAAC;MACtB6B,OAAO,EAAEjC,CAAC,CAACI,MAAM,CAAC,CAAC;MACnB8B,QAAQ,EAAElC,CAAC,CAACI,MAAM,CAAC;IACrB,CAAC;EACH,CAAC;AACH,CAAC,CAAC"}