@pagopa/io-react-native-wallet 0.2.1 → 0.2.3

package/src/pid/metadata.ts

@@ -0,0 +1,46 @@
+import { JWK } from "../utils/jwk";
+import { z } from "zod";
+
+export type PidDisplayMetadata = z.infer<typeof PidDisplayMetadata>;
+export const PidDisplayMetadata = z.object({
+  name: z.string(),
+  locale: z.string(),
+  logo: z.object({
+    url: z.string(),
+    alt_text: z.string(),
+  }),
+  background_color: z.string(),
+  text_color: z.string(),
+});
+
+export type PidIssuerEntityConfiguration = z.infer<
+  typeof PidIssuerEntityConfiguration
+>;
+export const PidIssuerEntityConfiguration = z.object({
+  jwks: z.object({ keys: z.array(JWK) }),
+  metadata: z.object({
+    openid_credential_issuer: z.object({
+      credential_issuer: z.string(),
+      authorization_endpoint: z.string(),
+      token_endpoint: z.string(),
+      pushed_authorization_request_endpoint: z.string(),
+      dpop_signing_alg_values_supported: z.array(z.string()),
+      credential_endpoint: z.string(),
+      credentials_supported: z.object({
+        "eu.eudiw.pid.it": z.object({
+          format: z.literal("vc+sd-jwt"),
+          cryptographic_binding_methods_supported: z.array(z.string()),
+          cryptographic_suites_supported: z.array(z.string()),
+          display: z.array(PidDisplayMetadata),
+        }),
+      }),
+    }),
+    federation_entity: z.object({
+      organization_name: z.string(),
+      homepage_uri: z.string(),
+      policy_uri: z.string(),
+      tos_uri: z.string(),
+      logo_uri: z.string(),
+    }),
+  }),
+});

package/src/pid/sd-jwt/index.ts

@@ -1,5 +1,4 @@
-import { decode as decodeJwt } from "../../sd-jwt";
-import { verify as verifyJwt } from "../../sd-jwt";
+import { decode as decodeJwt, verify as verifyJwt } from "../../sd-jwt";
 import { PID } from "./types";
 import { pidFromToken } from "./converters";
 import { Disclosure, SdJwt4VC } from "../../sd-jwt/types";
@@ -20,7 +19,11 @@ import { Disclosure, SdJwt4VC } from "../../sd-jwt/types";
  *
  */
 export function decode(token: string): PidWithToken {
-  let { sdJwt, disclosures } = decodeJwt(token, SdJwt4VC);
+  let { sdJwt, disclosures: disclosuresWithOriginal } = decodeJwt(
+    token,
+    SdJwt4VC
+  );
+  const disclosures = disclosuresWithOriginal.map((d) => d.decoded);
   const pid = pidFromToken(sdJwt, disclosures);
 
   return { pid, sdJwt, disclosures };
@@ -54,7 +57,7 @@ export async function verify(token: string): Promise<VerifyResult> {
   return decoded;
 }
 
-type PidWithToken = {
+export type PidWithToken = {
   // The object with the parsed data for PID
   pid: PID;
   // The object with the parsed SD-JWT token that shipped the PID. It will be needed to present PID data.

package/src/rp/__test__/index.test.ts

@@ -1,22 +1,18 @@
 import { RelyingPartySolution } from "..";
 import { AuthRequestDecodeError } from "../../utils/errors";
 
-const walletInstanceAttestation =
-  "eyJhbGciOiJFUzI1NiIsImtpZCI6IjV0NVlZcEJoTi1FZ0lFRUk1aVV6cjZyME1SMDJMblZRME9tZWttTktjalkiLCJ0cnVzdF9jaGFpbiI6WyJleUpoYkdjaU9pSkZVei4uLjZTMEEiLCJleUpoYkdjaU9pSkZVei4uLmpKTEEiLCJleUpoYkdjaU9pSkZVei4uLkg5Z3ciXSwidHlwIjoidmErand0IiwieDVjIjpbIk1JSUJqRENDIC4uLiBYRmVoZ0tRQT09Il19.eyJpc3MiOiJodHRwczovL3dhbGxldC1wcm92aWRlci5leGFtcGxlLm9yZyIsInN1YiI6InZiZVhKa3NNNDV4cGh0QU5uQ2lHNm1DeXVVNGpmR056b3BHdUt2b2dnOWMiLCJ0eXBlIjoiV2FsbGV0SW5zdGFuY2VBdHRlc3RhdGlvbiIsInBvbGljeV91cmkiOiJodHRwczovL3dhbGxldC1wcm92aWRlci5leGFtcGxlLm9yZy9wcml2YWN5X3BvbGljeSIsInRvc191cmkiOiJodHRwczovL3dhbGxldC1wcm92aWRlci5leGFtcGxlLm9yZy9pbmZvX3BvbGljeSIsImxvZ29fdXJpIjoiaHR0cHM6Ly93YWxsZXQtcHJvdmlkZXIuZXhhbXBsZS5vcmcvbG9nby5zdmciLCJhc2MiOiJodHRwczovL3dhbGxldC1wcm92aWRlci5leGFtcGxlLm9yZy9Mb0EvYmFzaWMiLCJjbmYiOnsiandrIjp7ImNydiI6IlAtMjU2Iiwia3R5IjoiRUMiLCJ4IjoiNEhOcHRJLXhyMnBqeVJKS0dNbno0V21kblFEX3VKU3E0Ujk1Tmo5OGI0NCIsInkiOiJMSVpuU0IzOXZGSmhZZ1MzazdqWEU0cjMtQ29HRlF3WnRQQklScXBObHJnIiwia2lkIjoidmJlWEprc000NXhwaHRBTm5DaUc2bUN5dVU0amZHTnpvcEd1S3ZvZ2c5YyJ9fSwiYXV0aG9yaXphdGlvbl9lbmRwb2ludCI6ImV1ZGl3OiIsInJlc3BvbnNlX3R5cGVzX3N1cHBvcnRlZCI6WyJ2cF90b2tlbiJdLCJ2cF9mb3JtYXRzX3N1cHBvcnRlZCI6eyJqd3RfdnBfanNvbiI6eyJhbGdfdmFsdWVzX3N1cHBvcnRlZCI6WyJFUzI1NiJdfSwiand0X3ZjX2pzb24iOnsiYWxnX3ZhbHVlc19zdXBwb3J0ZWQiOlsiRVMyNTYiXX19LCJyZXF1ZXN0X29iamVjdF9zaWduaW5nX2FsZ192YWx1ZXNfc3VwcG9ydGVkIjpbIkVTMjU2Il0sInByZXNlbnRhdGlvbl9kZWZpbml0aW9uX3VyaV9zdXBwb3J0ZWQiOmZhbHNlLCJpYXQiOjE2ODcyODExOTUsImV4cCI6MTY4NzI4ODM5NX0.OTuPik6p3o9j6VOx-uCyxRvHwoh1pDiiZcBQFNQt2uE3dK-8izGNflJVETi_uhGSZOf25Enkq-UvEin9NrbJNw";
-const rp = new RelyingPartySolution(
-  "http://rp.example",
-  walletInstanceAttestation
-);
 describe("decodeAuthRequestQR", () => {
   it("should return authentication request URL", async () => {
     const qrcode =
       "ZXVkaXc6Ly9hdXRob3JpemU/Y2xpZW50X2lkPWh0dHBzOi8vdmVyaWZpZXIuZXhhbXBsZS5vcmcmcmVxdWVzdF91cmk9aHR0cHM6Ly92ZXJpZmllci5leGFtcGxlLm9yZy9yZXF1ZXN0X3VyaQ==";
-    const result = rp.decodeAuthRequestQR(qrcode);
-    expect(result).toEqual("https://verifier.example.org/request_uri");
+    const result = RelyingPartySolution.decodeAuthRequestQR(qrcode);
+    expect(result.requestURI).toEqual(
+      "https://verifier.example.org/request_uri"
+    );
   });
   it("should throw exception with invalid QR", async () => {
     const qrcode = "aHR0cDovL2dvb2dsZS5pdA==";
-    expect(() => rp.decodeAuthRequestQR(qrcode)).toThrowError(
+    expect(() => RelyingPartySolution.decodeAuthRequestQR(qrcode)).toThrowError(
       AuthRequestDecodeError
     );
   });

package/src/rp/index.ts

@@ -1,14 +1,26 @@
-import { AuthRequestDecodeError, IoWalletError } from "../utils/errors";
+import {
+  AuthRequestDecodeError,
+  IoWalletError,
+  NoSuitableKeysFoundInEntityConfiguration,
+} from "../utils/errors";
 import {
   decode as decodeJwt,
   decodeBase64,
   sha256ToBase64,
   SignJWT,
+  EncryptJwe,
+  verify,
 } from "@pagopa/io-react-native-jwt";
-import { RequestObject, RpEntityConfiguration } from "./types";
+import {
+  QRCodePayload,
+  RequestObject,
+  RpEntityConfiguration,
+  type Presentation,
+} from "./types";
 
 import uuid from "react-native-uuid";
 import type { JWK } from "@pagopa/io-react-native-jwt/lib/typescript/types";
+import { disclose } from "../sd-jwt";
 
 export class RelyingPartySolution {
   relyingPartyBaseUrl: string;
@@ -33,24 +45,25 @@ export class RelyingPartySolution {
    * @returns The authentication request url
    *
    */
-  decodeAuthRequestQR(qrcode: string): string {
-    try {
-      const decoded = decodeBase64(qrcode);
-      const decodedUrl = new URL(decoded);
-      const requestUri = decodedUrl.searchParams.get("request_uri");
-      if (requestUri) {
-        return requestUri;
-      } else {
-        throw new AuthRequestDecodeError(
-          "Unable to obtain request_uri from QR code",
-          `${decodedUrl}`
-        );
-      }
-    } catch {
-      throw new AuthRequestDecodeError(
-        "Unable to decode QR code authentication request url",
-        qrcode
-      );
+  static decodeAuthRequestQR(qrcode: string): QRCodePayload {
+    const decoded = decodeBase64(qrcode);
+    const decodedUrl = new URL(decoded);
+    const protocol = decodedUrl.protocol;
+    const resource = decodedUrl.hostname;
+    const requestURI = decodedUrl.searchParams.get("request_uri");
+    const clientId = decodedUrl.searchParams.get("client_id");
+
+    const result = QRCodePayload.safeParse({
+      protocol,
+      resource,
+      requestURI,
+      clientId,
+    });
+
+    if (result.success) {
+      return result.data;
+    } else {
+      throw new AuthRequestDecodeError(result.error.message, `${decodedUrl}`);
     }
   }
   /**
@@ -85,19 +98,21 @@ export class RelyingPartySolution {
 
   /**
    * Obtain the Request Object for RP authentication
+   * @see https://italia.github.io/eudi-wallet-it-docs/versione-corrente/en/relying-party-solution.html
    *
-   * @function
+   * @async @function
    * @param signedWalletInstanceDPoP JWT of the Wallet Instance Attestation DPoP
    *
    * @returns The Request Object JWT
+   * @throws {NoSuitableKeysFoundInEntityConfiguration} When the Request Object is signed with a key not listed in RP's entity configuration
    *
    */
   async getRequestObject(
-    signedWalletInstanceDPoP: string
+    signedWalletInstanceDPoP: string,
+    entity: RpEntityConfiguration
   ): Promise<RequestObject> {
     const decodedJwtDPop = await decodeJwt(signedWalletInstanceDPoP);
     const requestUri = decodedJwtDPop.payload.htu as string;
-
     const response = await this.appFetch(requestUri, {
       method: "GET",
       headers: {
@@ -108,11 +123,28 @@ export class RelyingPartySolution {
 
     if (response.status === 200) {
       const responseText = await response.text();
-      const responseJwt = await decodeJwt(responseText);
+      const responseJwt = decodeJwt(responseText);
+
+      // verify token signature according to RP's entity configuration
+      // to ensure the request object is authentic
+      {
+        const pubKey = entity.payload.jwks.keys.find(
+          ({ kid }) => kid === responseJwt.protectedHeader.kid
+        );
+        if (!pubKey) {
+          throw new NoSuitableKeysFoundInEntityConfiguration(
+            "Request Object signature verification"
+          );
+        }
+        await verify(responseText, pubKey);
+      }
+
+      // parse request object it has the expected shape by specification
       const requestObj = RequestObject.parse({
         header: responseJwt.protectedHeader,
         payload: responseJwt.payload,
       });
+
       return requestObj;
     }
 
@@ -121,6 +153,158 @@ export class RelyingPartySolution {
     );
   }
 
+  /**
+   * Prepare the Verified Presentation token for a received request object in the context of an authorization request flow.
+   * The presentation is prepared by disclosing data from provided credentials, according to requested claims
+   * Each Verified Credential come along with the claims the user accepts to disclose from it.
+   *
+   * The returned token is unsigned (sign should be apply by the caller).
+   *
+   * @todo accept more than a Verified Credential
+   *
+   * @param requestObj The incoming request object, which the requirements for the requested authorization
+   * @param presentation The Verified Credential containing user data along with the list of claims to be disclosed.
+   * @returns The unsigned Verified Presentation token
+   * @throws {ClaimsNotFoundBetweenDislosures} If the Verified Credential does not contain one or more requested claims.
+   *
+   */
+  async prepareVpToken(
+    requestObj: RequestObject,
+    [vc, claims]: Presentation // TODO: [SIW-353] support multiple presentations
+  ): Promise<{
+    vp_token: string;
+    presentation_submission: Record<string, unknown>;
+  }> {
+    // this throws if vc cannot satisfy all the requested claims
+    const { token: vp, paths } = await disclose(vc, claims);
+
+    // TODO: [SIW-359] check all requeste claims of the requestedObj are satisfied
+
+    const vp_token = new SignJWT({ vp })
+      .setAudience(requestObj.payload.response_uri)
+      .setExpirationTime("1h")
+      .setProtectedHeader({
+        typ: "JWT",
+        alg: "ES256",
+      })
+      .toSign();
+
+    const [definition_id, vc_scope] = requestObj.payload.scope;
+    const presentation_submission = {
+      definition_id,
+      id: `${uuid.v4()}`,
+      descriptor_map: paths.map((p) => ({
+        id: vc_scope,
+        path: `$.vp_token.${p.path}`,
+        format: "vc+sd-jwt",
+      })),
+    };
+
+    return { vp_token, presentation_submission };
+  }
+
+  /**
+   * Compose and send an Authorization Response in the context of an authorization request flow.
+   *
+   * @todo MUST add presentation_submission
+   *
+   * @param requestObj The incoming request object, which the requirements for the requested authorization
+   * @param vp_token The signed Verified Presentation token with data to send.
+   * @param presentation_submission
+   * @param entity The RP entity configuration
+   * @returns The response from the RP
+   * @throws {IoWalletError} if the submission fails.
+   * @throws {NoSuitableKeysFoundInEntityConfiguration} If entity do not contain any public key
+   *
+   */
+  async sendAuthorizationResponse(
+    requestObj: RequestObject,
+    vp_token: string,
+    presentation_submission: Record<string, unknown>,
+    entity: RpEntityConfiguration
+  ): Promise<string> {
+    // the request is an unsigned jws without iss, aud, exp
+    // https://openid.net/specs/openid-4-verifiable-presentations-1_0.html#name-signed-and-encrypted-respon
+    const jwk = this.choosePublicKeyToEncrypt(entity);
+    const enc = this.getEncryptionAlgByJwk(jwk);
+
+    const authzResponsePayload = JSON.stringify({
+      state: requestObj.payload.state,
+      presentation_submission,
+      vp_token,
+    });
+    const encrypted = await new EncryptJwe(authzResponsePayload, {
+      alg: jwk.alg,
+      enc,
+    }).encrypt(jwk);
+
+    const formBody = new URLSearchParams({ response: encrypted });
+    const response = await this.appFetch(requestObj.payload.response_uri, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/x-www-form-urlencoded",
+      },
+      body: formBody.toString(),
+    });
+
+    if (response.status === 200) {
+      return response.text();
+    }
+
+    throw new IoWalletError(
+      `Unable to send Authorization Response. Response code: ${response.status}`
+    );
+  }
+
+  /**
+   * Select a public key from those provided by the RP.
+   * Keys with algorithm "RSA-OAEP-256" or "RSA-OAEP" are expected, the firsts to be preferred.
+   *
+   * @param entity The RP entity configuration
+   * @returns A suitable public key with its compatible encryption algorithm
+   * @throws {NoSuitableKeysFoundInEntityConfiguration} If entity do not contain any public key suitable for encrypting
+   */
+  private choosePublicKeyToEncrypt(
+    entity: RpEntityConfiguration
+  ): (JWK & { alg: "RSA-OAEP-256" }) | (JWK & { alg: "RSA-OAEP" }) {
+    // Look for keys using "RSA-OAEP-256", and pick a random one
+    const [usingRsa256] = entity.payload.jwks.keys.filter(
+      <T>(k: T & { alg?: string }): k is T & { alg: "RSA-OAEP-256" } =>
+        typeof k.alg === "string" && k.alg === "RSA-OAEP-256"
+    );
+
+    if (usingRsa256) {
+      return usingRsa256;
+    }
+
+    // Look for keys using "RSA-OAEP", and pick a random one
+    const [usingRsa] = entity.payload.jwks.keys.filter(
+      <T>(k: T & { alg?: string }): k is T & { alg: "RSA-OAEP" } =>
+        typeof k.alg === "string" && k.alg === "RSA-OAEP"
+    );
+
+    if (usingRsa) {
+      return usingRsa;
+    }
+
+    // No suitable key has been found
+    throw new NoSuitableKeysFoundInEntityConfiguration(
+      "Encrypt with RP public key"
+    );
+  }
+
+  private getEncryptionAlgByJwk({
+    alg,
+  }: (JWK & { alg: "RSA-OAEP-256" }) | (JWK & { alg: "RSA-OAEP" })):
+    | "A128CBC-HS256"
+    | "A256CBC-HS512" {
+    if (alg === "RSA-OAEP-256") return "A256CBC-HS512";
+    if (alg === "RSA-OAEP") return "A128CBC-HS256";
+
+    const _: never = alg;
+    throw new Error(`Invalid jwk algorithm: ${_}`);
+  }
+
   /**
    * Obtain the relying party entity configuration.
    */

package/src/rp/types.ts

@@ -62,3 +62,19 @@ export const RpEntityConfiguration = z.object({
     authority_hints: z.array(z.string()),
   }),
 });
+
+export type QRCodePayload = z.infer<typeof QRCodePayload>;
+export const QRCodePayload = z.object({
+  protocol: z.literal("eudiw:"),
+  resource: z.string(), // TODO: refine to known paths using literals
+  clientId: z.string(),
+  requestURI: z.string(),
+});
+
+/**
+ * A pair that associate a tokenized Verified Credential with the claims presented or requested to present.
+ */
+export type Presentation = [
+  /* verified credential token */ string,
+  /* claims */ string[]
+];

package/src/sd-jwt/__test__/index.test.ts

@@ -0,0 +1,171 @@
+import { decode, disclose } from "../index";
+
+import { encodeBase64, decodeBase64 } from "@pagopa/io-react-native-jwt";
+import { SdJwt4VC } from "../types";
+
+// Examples from https://www.ietf.org/id/draft-terbu-sd-jwt-vc-02.html#name-example-4
+// but adapted to adhere to format declared in https://italia.github.io/eudi-wallet-it-docs/versione-corrente/en/pid-eaa-data-model.html#id2
+// In short, the token is a Frankenstein composed as follows:
+//  - the header is taken from the italian specification, with kid and alg valued according to the signing keys
+//  - disclosures are taken from the SD-JWT-4-VC standard
+//  - payload is taken from the italian specification, but _sd are compiled with:
+//    - "address" is used as verification._sd
+//    - all others disclosures are in claims._sd
+const token =
+  "eyJ0eXAiOiJ2YytzZC1qd3QiLCJhbGciOiJFUzI1NiIsImtpZCI6ImIxODZlYTBjMTkyNTc5MzA5N2JmMDFiOGEyODlhNDVmIiwidHJ1c3RfY2hhaW4iOlsiTkVoUmRFUnBZbmxIWTNNNVdsZFdUV1oyYVVobSAuLi4iLCJleUpoYkdjaU9pSlNVekkxTmlJc0ltdHBaQ0k2IC4uLiIsIklrSllkbVp5Ykc1b1FVMTFTRkl3TjJGcVZXMUIgLi4uIl19.eyJpc3MiOiJodHRwczovL2V4YW1wbGUuY29tL2lzc3VlciIsInN1YiI6Ik56YkxzWGg4dURDY2Q3bm9XWEZaQWZIa3hac1JHQzlYcy4uLiIsImp0aSI6InVybjp1dWlkOjZjNWMwYTQ5LWI1ODktNDMxZC1iYWU3LTIxOTEyMmE5ZWMyYyIsImlhdCI6MTU0MTQ5MzcyNCwiZXhwIjoxNTQxNDkzNzI0LCJzdGF0dXMiOiJodHRwczovL2V4YW1wbGUuY29tL3N0YXR1cyIsImNuZiI6eyJqd2siOnsia3R5IjoiUlNBIiwidXNlIjoic2lnIiwibiI6IjFUYS1zRSIsImUiOiJBUUFCIiwia2lkIjoiWWhORlMzWW5DOXRqaUNhaXZoV0xWVUozQXh3R0d6Xzk4dVJGYXFNRUVzIn19LCJ0eXBlIjoiUGVyc29uSWRlbnRpZmljYXRpb25EYXRhIiwidmVyaWZpZWRfY2xhaW1zIjp7InZlcmlmaWNhdGlvbiI6eyJfc2QiOlsiSnpZakg0c3ZsaUgwUjNQeUVNZmVadTZKdDY5dTVxZWhabzdGN0VQWWxTRSJdLCJ0cnVzdF9mcmFtZXdvcmsiOiJlaWRhcyIsImFzc3VyYW5jZV9sZXZlbCI6ImhpZ2gifSwiY2xhaW1zIjp7Il9zZCI6WyIwOXZLckpNT2x5VFdNMHNqcHVfcGRPQlZCUTJNMXkzS2hwSDUxNW5Ya3BZIiwiMnJzakdiYUMwa3k4bVQwcEpyUGlvV1RxMF9kYXcxc1g3NnBvVWxnQ3diSSIsIkVrTzhkaFcwZEhFSmJ2VUhsRV9WQ2V1Qzl1UkVMT2llTFpoaDdYYlVUdEEiLCJJbER6SUtlaVpkRHdwcXBLNlpmYnlwaEZ2ejVGZ25XYS1zTjZ3cVFYQ2l3IiwiUG9yRmJwS3VWdTZ4eW1KYWd2a0ZzRlhBYlJvYzJKR2xBVUEyQkE0bzdjSSIsIlRHZjRvTGJnd2Q1SlFhSHlLVlFaVTlVZEdFMHc1cnREc3JaemZVYW9tTG8iLCJqZHJURThZY2JZNEVpZnVnaWhpQWVfQlBla3hKUVpJQ2VpVVF3WTlRcXhJIiwianN1OXlWdWx3UVFsaEZsTV8zSmx6TWFTRnpnbGhRRzBEcGZheVF3TFVLNCJdfX0sIl9zZF9hbGciOiJzaGEtMjU2In0.8wwSHCd47wCgzRYXvvPTTRXGS-hk9V8jRzy7WSjRBTZxSHxJkGOSWwBVAA-kpJ-IvQS7699aLWxIMqAvr34sOA~WyIyR0xDNDJzS1F2ZUNmR2ZyeU5STjl3IiwgImdpdmVuX25hbWUiLCAiSm9obiJd~WyJlbHVWNU9nM2dTTklJOEVZbnN4QV9BIiwgImZhbWlseV9uYW1lIiwgIkRvZSJd~WyI2SWo3dE0tYTVpVlBHYm9TNXRtdlZBIiwgImVtYWlsIiwgImpvaG5kb2VAZXhhbXBsZS5jb20iXQ~WyJlSThaV205UW5LUHBOUGVOZW5IZGhRIiwgInBob25lX251bWJlciIsICIrMS0yMDItNTU1LTAxMDEiXQ~WyJBSngtMDk1VlBycFR0TjRRTU9xUk9BIiwgImJpcnRoZGF0ZSIsICIxOTQwLTAxLTAxIl0~WyJQYzMzSk0yTGNoY1VfbEhnZ3ZfdWZRIiwgImlzX292ZXJfMTgiLCB0cnVlXQ~WyJHMDJOU3JRZmpGWFE3SW8wOXN5YWpBIiwgImlzX292ZXJfMjEiLCB0cnVlXQ~WyJsa2x4RjVqTVlsR1RQVW92TU5JdkNBIiwgImlzX292ZXJfNjUiLCB0cnVlXQ~WyJRZ19PNjR6cUF4ZTQxMmExMDhpcm9BIiwgImFkZHJlc3MiLCB7InN0cmVldF9hZGRyZXNzIjogIjEyMyBNYWluIFN0IiwgImxvY2FsaXR5IjogIkFueXRvd24iLCAicmVnaW9uIjogIkFueXN0YXRlIiwgImNvdW50cnkiOiAiVVMifV0";
+
+const unsigned =
+  "eyJ0eXAiOiJ2YytzZC1qd3QiLCJhbGciOiJFUzI1NiIsImtpZCI6ImIxODZlYTBjMTkyNTc5MzA5N2JmMDFiOGEyODlhNDVmIiwidHJ1c3RfY2hhaW4iOlsiTkVoUmRFUnBZbmxIWTNNNVdsZFdUV1oyYVVobSAuLi4iLCJleUpoYkdjaU9pSlNVekkxTmlJc0ltdHBaQ0k2IC4uLiIsIklrSllkbVp5Ykc1b1FVMTFTRkl3TjJGcVZXMUIgLi4uIl19.eyJpc3MiOiJodHRwczovL2V4YW1wbGUuY29tL2lzc3VlciIsInN1YiI6Ik56YkxzWGg4dURDY2Q3bm9XWEZaQWZIa3hac1JHQzlYcy4uLiIsImp0aSI6InVybjp1dWlkOjZjNWMwYTQ5LWI1ODktNDMxZC1iYWU3LTIxOTEyMmE5ZWMyYyIsImlhdCI6MTU0MTQ5MzcyNCwiZXhwIjoxNTQxNDkzNzI0LCJzdGF0dXMiOiJodHRwczovL2V4YW1wbGUuY29tL3N0YXR1cyIsImNuZiI6eyJqd2siOnsia3R5IjoiUlNBIiwidXNlIjoic2lnIiwibiI6IjFUYS1zRSIsImUiOiJBUUFCIiwia2lkIjoiWWhORlMzWW5DOXRqaUNhaXZoV0xWVUozQXh3R0d6Xzk4dVJGYXFNRUVzIn19LCJ0eXBlIjoiUGVyc29uSWRlbnRpZmljYXRpb25EYXRhIiwidmVyaWZpZWRfY2xhaW1zIjp7InZlcmlmaWNhdGlvbiI6eyJfc2QiOlsiSnpZakg0c3ZsaUgwUjNQeUVNZmVadTZKdDY5dTVxZWhabzdGN0VQWWxTRSJdLCJ0cnVzdF9mcmFtZXdvcmsiOiJlaWRhcyIsImFzc3VyYW5jZV9sZXZlbCI6ImhpZ2gifSwiY2xhaW1zIjp7Il9zZCI6WyIwOXZLckpNT2x5VFdNMHNqcHVfcGRPQlZCUTJNMXkzS2hwSDUxNW5Ya3BZIiwiMnJzakdiYUMwa3k4bVQwcEpyUGlvV1RxMF9kYXcxc1g3NnBvVWxnQ3diSSIsIkVrTzhkaFcwZEhFSmJ2VUhsRV9WQ2V1Qzl1UkVMT2llTFpoaDdYYlVUdEEiLCJJbER6SUtlaVpkRHdwcXBLNlpmYnlwaEZ2ejVGZ25XYS1zTjZ3cVFYQ2l3IiwiUG9yRmJwS3VWdTZ4eW1KYWd2a0ZzRlhBYlJvYzJKR2xBVUEyQkE0bzdjSSIsIlRHZjRvTGJnd2Q1SlFhSHlLVlFaVTlVZEdFMHc1cnREc3JaemZVYW9tTG8iLCJqZHJURThZY2JZNEVpZnVnaWhpQWVfQlBla3hKUVpJQ2VpVVF3WTlRcXhJIiwianN1OXlWdWx3UVFsaEZsTV8zSmx6TWFTRnpnbGhRRzBEcGZheVF3TFVLNCJdfX0sIl9zZF9hbGciOiJzaGEtMjU2In0";
+
+const signature =
+  "8wwSHCd47wCgzRYXvvPTTRXGS-hk9V8jRzy7WSjRBTZxSHxJkGOSWwBVAA-kpJ-IvQS7699aLWxIMqAvr34sOA";
+
+const signed = `${unsigned}.${signature}`;
+
+const tokenizedDisclosures = [
+  "WyIyR0xDNDJzS1F2ZUNmR2ZyeU5STjl3IiwgImdpdmVuX25hbWUiLCAiSm9obiJd",
+  "WyJlbHVWNU9nM2dTTklJOEVZbnN4QV9BIiwgImZhbWlseV9uYW1lIiwgIkRvZSJd",
+  "WyI2SWo3dE0tYTVpVlBHYm9TNXRtdlZBIiwgImVtYWlsIiwgImpvaG5kb2VAZXhhbXBsZS5jb20iXQ",
+  "WyJlSThaV205UW5LUHBOUGVOZW5IZGhRIiwgInBob25lX251bWJlciIsICIrMS0yMDItNTU1LTAxMDEiXQ",
+  "WyJBSngtMDk1VlBycFR0TjRRTU9xUk9BIiwgImJpcnRoZGF0ZSIsICIxOTQwLTAxLTAxIl0",
+  "WyJQYzMzSk0yTGNoY1VfbEhnZ3ZfdWZRIiwgImlzX292ZXJfMTgiLCB0cnVlXQ",
+  "WyJHMDJOU3JRZmpGWFE3SW8wOXN5YWpBIiwgImlzX292ZXJfMjEiLCB0cnVlXQ",
+  "WyJsa2x4RjVqTVlsR1RQVW92TU5JdkNBIiwgImlzX292ZXJfNjUiLCB0cnVlXQ",
+  "WyJRZ19PNjR6cUF4ZTQxMmExMDhpcm9BIiwgImFkZHJlc3MiLCB7InN0cmVldF9hZGRyZXNzIjogIjEyMyBNYWluIFN0IiwgImxvY2FsaXR5IjogIkFueXRvd24iLCAicmVnaW9uIjogIkFueXN0YXRlIiwgImNvdW50cnkiOiAiVVMifV0",
+];
+
+const sdJwt = {
+  header: {
+    typ: "vc+sd-jwt",
+    alg: "ES256",
+    kid: "b186ea0c1925793097bf01b8a289a45f",
+    trust_chain: [
+      "NEhRdERpYnlHY3M5WldWTWZ2aUhm ...",
+      "eyJhbGciOiJSUzI1NiIsImtpZCI6 ...",
+      "IkJYdmZybG5oQU11SFIwN2FqVW1B ...",
+    ],
+  },
+  payload: {
+    iss: "https://example.com/issuer",
+    sub: "NzbLsXh8uDCcd7noWXFZAfHkxZsRGC9Xs...",
+    jti: "urn:uuid:6c5c0a49-b589-431d-bae7-219122a9ec2c",
+    iat: 1541493724,
+    exp: 1541493724,
+    status: "https://example.com/status",
+    cnf: {
+      jwk: {
+        kty: "RSA",
+        use: "sig",
+        n: "1Ta-sE",
+        e: "AQAB",
+        kid: "YhNFS3YnC9tjiCaivhWLVUJ3AxwGGz_98uRFaqMEEs",
+      },
+    },
+    type: "PersonIdentificationData",
+    verified_claims: {
+      verification: {
+        _sd: ["JzYjH4svliH0R3PyEMfeZu6Jt69u5qehZo7F7EPYlSE"],
+        trust_framework: "eidas",
+        assurance_level: "high",
+      },
+      claims: {
+        _sd: [
+          "09vKrJMOlyTWM0sjpu_pdOBVBQ2M1y3KhpH515nXkpY",
+          "2rsjGbaC0ky8mT0pJrPioWTq0_daw1sX76poUlgCwbI",
+          "EkO8dhW0dHEJbvUHlE_VCeuC9uRELOieLZhh7XbUTtA",
+          "IlDzIKeiZdDwpqpK6ZfbyphFvz5FgnWa-sN6wqQXCiw",
+          "PorFbpKuVu6xymJagvkFsFXAbRoc2JGlAUA2BA4o7cI",
+          "TGf4oLbgwd5JQaHyKVQZU9UdGE0w5rtDsrZzfUaomLo",
+          "jdrTE8YcbY4EifugihiAe_BPekxJQZICeiUQwY9QqxI",
+          "jsu9yVulwQQlhFlM_3JlzMaSFzglhQG0DpfayQwLUK4",
+        ],
+      },
+    },
+    _sd_alg: "sha-256",
+  },
+};
+
+// In the very same order than tokenizedDisclosures
+const disclosures = [
+  ["2GLC42sKQveCfGfryNRN9w", "given_name", "John"],
+  ["eluV5Og3gSNII8EYnsxA_A", "family_name", "Doe"],
+  ["6Ij7tM-a5iVPGboS5tmvVA", "email", "johndoe@example.com"],
+  ["eI8ZWm9QnKPpNPeNenHdhQ", "phone_number", "+1-202-555-0101"],
+  ["AJx-095VPrpTtN4QMOqROA", "birthdate", "1940-01-01"],
+  ["Pc33JM2LchcU_lHggv_ufQ", "is_over_18", true],
+  ["G02NSrQfjFXQ7Io09syajA", "is_over_21", true],
+  ["lklxF5jMYlGTPUovMNIvCA", "is_over_65", true],
+  [
+    "Qg_O64zqAxe412a108iroA",
+    "address",
+    {
+      street_address: "123 Main St",
+      locality: "Anytown",
+      region: "Anystate",
+      country: "US",
+    },
+  ],
+];
+it("Ensures example data correctness", () => {
+  expect(
+    JSON.parse(decodeBase64(encodeBase64(JSON.stringify(sdJwt.header))))
+  ).toEqual(sdJwt.header);
+  expect([signed, ...tokenizedDisclosures].join("~")).toBe(token);
+});
+
+describe("decode", () => {
+  it("should decode a valid token", () => {
+    const result = decode(token, SdJwt4VC);
+    expect(result).toEqual({
+      sdJwt,
+      disclosures: disclosures.map((decoded, i) => ({
+        decoded,
+        encoded: tokenizedDisclosures[i],
+      })),
+    });
+  });
+});
+
+describe("disclose", () => {
+  it("should encode a valid sdjwt (one claim)", async () => {
+    const result = await disclose(token, ["given_name"]);
+    const expected = {
+      token: `${signed}~WyIyR0xDNDJzS1F2ZUNmR2ZyeU5STjl3IiwgImdpdmVuX25hbWUiLCAiSm9obiJd`,
+      paths: [{ claim: "given_name", path: "verified_claims.claims._sd[7]" }],
+    };
+
+    expect(result).toEqual(expected);
+  });
+
+  it("should encode a valid sdjwt (no claims)", async () => {
+    const result = await disclose(token, []);
+    const expected = { token: `${signed}`, paths: [] };
+
+    expect(result).toEqual(expected);
+  });
+
+  it("should encode a valid sdjwt (multiple claims)", async () => {
+    const result = await disclose(token, ["given_name", "email"]);
+    const expected = {
+      token: `${signed}~WyIyR0xDNDJzS1F2ZUNmR2ZyeU5STjl3IiwgImdpdmVuX25hbWUiLCAiSm9obiJd~WyI2SWo3dE0tYTVpVlBHYm9TNXRtdlZBIiwgImVtYWlsIiwgImpvaG5kb2VAZXhhbXBsZS5jb20iXQ`,
+      paths: [
+        {
+          claim: "given_name",
+          path: "verified_claims.claims._sd[7]",
+        },
+        {
+          claim: "email",
+          path: "verified_claims.verification._sd[0]",
+        },
+      ],
+    };
+
+    expect(result).toEqual(expected);
+  });
+
+  it("should fail on unknown claim", async () => {
+    const fn = async () => disclose(token, ["unknown"]);
+
+    await expect(fn()).rejects.toEqual(expect.any(Error));
+  });
+});