@pagopa/io-react-native-wallet 0.27.0 → 1.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/commonjs/credential/index.js +1 -5
- package/lib/commonjs/credential/index.js.map +1 -1
- package/lib/commonjs/credential/issuance/02-get-issuer-config.js +48 -0
- package/lib/commonjs/credential/issuance/02-get-issuer-config.js.map +1 -0
- package/lib/commonjs/credential/issuance/03-start-user-authorization.js +16 -20
- package/lib/commonjs/credential/issuance/03-start-user-authorization.js.map +1 -1
- package/lib/commonjs/credential/issuance/04-complete-user-authorization.js +8 -8
- package/lib/commonjs/credential/issuance/04-complete-user-authorization.js.map +1 -1
- package/lib/commonjs/credential/issuance/05-authorize-access.js +8 -9
- package/lib/commonjs/credential/issuance/05-authorize-access.js.map +1 -1
- package/lib/commonjs/credential/issuance/06-obtain-credential.js +18 -21
- package/lib/commonjs/credential/issuance/06-obtain-credential.js.map +1 -1
- package/lib/commonjs/credential/issuance/07-verify-and-parse-credential.js +3 -3
- package/lib/commonjs/credential/issuance/07-verify-and-parse-credential.js.map +1 -1
- package/lib/commonjs/credential/issuance/README.md +18 -21
- package/lib/commonjs/credential/issuance/index.js +3 -3
- package/lib/commonjs/credential/issuance/index.js.map +1 -1
- package/lib/commonjs/credential/issuance/types.js +1 -1
- package/lib/commonjs/credential/issuance/types.js.map +1 -1
- package/lib/commonjs/credential/presentation/01-start-flow.js +7 -2
- package/lib/commonjs/credential/presentation/01-start-flow.js.map +1 -1
- package/lib/commonjs/credential/presentation/02-evaluate-rp-trust.js +2 -2
- package/lib/commonjs/credential/presentation/02-evaluate-rp-trust.js.map +1 -1
- package/lib/commonjs/credential/presentation/03-retrieve-jwks.js +68 -0
- package/lib/commonjs/credential/presentation/03-retrieve-jwks.js.map +1 -0
- package/lib/commonjs/credential/presentation/{03-get-request-object.js → 04-get-request-object.js} +27 -13
- package/lib/commonjs/credential/presentation/04-get-request-object.js.map +1 -0
- package/lib/commonjs/credential/presentation/{04-send-authorization-response.js → 05-send-authorization-response.js} +1 -1
- package/lib/commonjs/credential/presentation/{04-send-authorization-response.js.map → 05-send-authorization-response.js.map} +1 -1
- package/lib/commonjs/credential/presentation/README.md +74 -2
- package/lib/commonjs/credential/presentation/index.js +15 -2
- package/lib/commonjs/credential/presentation/index.js.map +1 -1
- package/lib/commonjs/credential/presentation/types.js +5 -3
- package/lib/commonjs/credential/presentation/types.js.map +1 -1
- package/lib/commonjs/entity/openid-connect/issuer/index.js +25 -0
- package/lib/commonjs/entity/openid-connect/issuer/index.js.map +1 -0
- package/lib/commonjs/entity/openid-connect/issuer/types.js +61 -0
- package/lib/commonjs/entity/openid-connect/issuer/types.js.map +1 -0
- package/lib/commonjs/{trust → entity/trust}/chain.js +1 -1
- package/lib/commonjs/entity/trust/chain.js.map +1 -0
- package/lib/commonjs/{trust → entity/trust}/index.js +1 -1
- package/lib/commonjs/entity/trust/index.js.map +1 -0
- package/lib/commonjs/{trust → entity/trust}/types.js +2 -2
- package/lib/commonjs/entity/trust/types.js.map +1 -0
- package/lib/commonjs/index.js +1 -3
- package/lib/commonjs/index.js.map +1 -1
- package/lib/commonjs/pid/sd-jwt/types.js +2 -18
- package/lib/commonjs/pid/sd-jwt/types.js.map +1 -1
- package/lib/commonjs/sd-jwt/__test__/index.test.js +32 -23
- package/lib/commonjs/sd-jwt/__test__/index.test.js.map +1 -1
- package/lib/commonjs/sd-jwt/__test__/types.test.js +20 -11
- package/lib/commonjs/sd-jwt/__test__/types.test.js.map +1 -1
- package/lib/commonjs/sd-jwt/types.js +18 -5
- package/lib/commonjs/sd-jwt/types.js.map +1 -1
- package/lib/commonjs/utils/error-codes.js +1 -13
- package/lib/commonjs/utils/error-codes.js.map +1 -1
- package/lib/commonjs/utils/errors.js +2 -53
- package/lib/commonjs/utils/errors.js.map +1 -1
- package/lib/commonjs/utils/jwk.js +5 -1
- package/lib/commonjs/utils/jwk.js.map +1 -1
- package/lib/commonjs/utils/par.js +6 -12
- package/lib/commonjs/utils/par.js.map +1 -1
- package/lib/module/credential/index.js +1 -3
- package/lib/module/credential/index.js.map +1 -1
- package/lib/module/credential/issuance/02-get-issuer-config.js +42 -0
- package/lib/module/credential/issuance/02-get-issuer-config.js.map +1 -0
- package/lib/module/credential/issuance/03-start-user-authorization.js +16 -20
- package/lib/module/credential/issuance/03-start-user-authorization.js.map +1 -1
- package/lib/module/credential/issuance/04-complete-user-authorization.js +8 -8
- package/lib/module/credential/issuance/04-complete-user-authorization.js.map +1 -1
- package/lib/module/credential/issuance/05-authorize-access.js +8 -9
- package/lib/module/credential/issuance/05-authorize-access.js.map +1 -1
- package/lib/module/credential/issuance/06-obtain-credential.js +18 -21
- package/lib/module/credential/issuance/06-obtain-credential.js.map +1 -1
- package/lib/module/credential/issuance/07-verify-and-parse-credential.js +3 -3
- package/lib/module/credential/issuance/07-verify-and-parse-credential.js.map +1 -1
- package/lib/module/credential/issuance/README.md +18 -21
- package/lib/module/credential/issuance/index.js +2 -2
- package/lib/module/credential/issuance/index.js.map +1 -1
- package/lib/module/credential/issuance/types.js +1 -1
- package/lib/module/credential/issuance/types.js.map +1 -1
- package/lib/module/credential/presentation/01-start-flow.js +7 -2
- package/lib/module/credential/presentation/01-start-flow.js.map +1 -1
- package/lib/module/credential/presentation/02-evaluate-rp-trust.js +1 -1
- package/lib/module/credential/presentation/02-evaluate-rp-trust.js.map +1 -1
- package/lib/module/credential/presentation/03-retrieve-jwks.js +61 -0
- package/lib/module/credential/presentation/03-retrieve-jwks.js.map +1 -0
- package/lib/module/credential/presentation/{03-get-request-object.js → 04-get-request-object.js} +26 -12
- package/lib/module/credential/presentation/04-get-request-object.js.map +1 -0
- package/lib/module/credential/presentation/{04-send-authorization-response.js → 05-send-authorization-response.js} +1 -1
- package/lib/module/credential/presentation/{04-send-authorization-response.js.map → 05-send-authorization-response.js.map} +1 -1
- package/lib/module/credential/presentation/README.md +74 -2
- package/lib/module/credential/presentation/index.js +4 -3
- package/lib/module/credential/presentation/index.js.map +1 -1
- package/lib/module/credential/presentation/types.js +5 -3
- package/lib/module/credential/presentation/types.js.map +1 -1
- package/lib/module/entity/openid-connect/issuer/index.js +20 -0
- package/lib/module/entity/openid-connect/issuer/index.js.map +1 -0
- package/lib/module/entity/openid-connect/issuer/types.js +47 -0
- package/lib/module/entity/openid-connect/issuer/types.js.map +1 -0
- package/lib/module/{trust → entity/trust}/chain.js +1 -1
- package/lib/module/entity/trust/chain.js.map +1 -0
- package/lib/module/{trust → entity/trust}/index.js +1 -1
- package/lib/module/entity/trust/index.js.map +1 -0
- package/lib/module/{trust → entity/trust}/types.js +2 -2
- package/lib/module/entity/trust/types.js.map +1 -0
- package/lib/module/index.js +1 -2
- package/lib/module/index.js.map +1 -1
- package/lib/module/pid/sd-jwt/types.js +1 -16
- package/lib/module/pid/sd-jwt/types.js.map +1 -1
- package/lib/module/sd-jwt/__test__/index.test.js +32 -23
- package/lib/module/sd-jwt/__test__/index.test.js.map +1 -1
- package/lib/module/sd-jwt/__test__/types.test.js +20 -11
- package/lib/module/sd-jwt/__test__/types.test.js.map +1 -1
- package/lib/module/sd-jwt/types.js +16 -4
- package/lib/module/sd-jwt/types.js.map +1 -1
- package/lib/module/utils/error-codes.js +1 -13
- package/lib/module/utils/error-codes.js.map +1 -1
- package/lib/module/utils/errors.js +0 -48
- package/lib/module/utils/errors.js.map +1 -1
- package/lib/module/utils/jwk.js +3 -0
- package/lib/module/utils/jwk.js.map +1 -1
- package/lib/module/utils/par.js +6 -12
- package/lib/module/utils/par.js.map +1 -1
- package/lib/typescript/credential/index.d.ts +1 -3
- package/lib/typescript/credential/index.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/01-start-flow.d.ts +1 -1
- package/lib/typescript/credential/issuance/02-get-issuer-config.d.ts +32 -0
- package/lib/typescript/credential/issuance/02-get-issuer-config.d.ts.map +1 -0
- package/lib/typescript/credential/issuance/03-start-user-authorization.d.ts +3 -3
- package/lib/typescript/credential/issuance/03-start-user-authorization.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/04-complete-user-authorization.d.ts +8 -8
- package/lib/typescript/credential/issuance/04-complete-user-authorization.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/05-authorize-access.d.ts +3 -3
- package/lib/typescript/credential/issuance/05-authorize-access.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/06-obtain-credential.d.ts +3 -3
- package/lib/typescript/credential/issuance/06-obtain-credential.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/07-verify-and-parse-credential.d.ts +3 -3
- package/lib/typescript/credential/issuance/07-verify-and-parse-credential.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/index.d.ts +3 -3
- package/lib/typescript/credential/issuance/index.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/types.d.ts +4 -9
- package/lib/typescript/credential/issuance/types.d.ts.map +1 -1
- package/lib/typescript/credential/presentation/01-start-flow.d.ts.map +1 -1
- package/lib/typescript/credential/presentation/02-evaluate-rp-trust.d.ts +1 -1
- package/lib/typescript/credential/presentation/02-evaluate-rp-trust.d.ts.map +1 -1
- package/lib/typescript/credential/presentation/03-retrieve-jwks.d.ts +41 -0
- package/lib/typescript/credential/presentation/03-retrieve-jwks.d.ts.map +1 -0
- package/lib/typescript/credential/presentation/{03-get-request-object.d.ts → 04-get-request-object.d.ts} +4 -4
- package/lib/typescript/credential/presentation/04-get-request-object.d.ts.map +1 -0
- package/lib/typescript/credential/presentation/{04-send-authorization-response.d.ts → 05-send-authorization-response.d.ts} +2 -2
- package/lib/typescript/credential/presentation/{04-send-authorization-response.d.ts.map → 05-send-authorization-response.d.ts.map} +1 -1
- package/lib/typescript/credential/presentation/index.d.ts +5 -4
- package/lib/typescript/credential/presentation/index.d.ts.map +1 -1
- package/lib/typescript/credential/presentation/types.d.ts +15 -15
- package/lib/typescript/entity/openid-connect/issuer/index.d.ts +12 -0
- package/lib/typescript/entity/openid-connect/issuer/index.d.ts.map +1 -0
- package/lib/typescript/entity/openid-connect/issuer/types.d.ts +641 -0
- package/lib/typescript/entity/openid-connect/issuer/types.d.ts.map +1 -0
- package/lib/typescript/entity/trust/chain.d.ts.map +1 -0
- package/lib/typescript/{trust → entity/trust}/index.d.ts +97 -97
- package/lib/typescript/entity/trust/index.d.ts.map +1 -0
- package/lib/typescript/{trust → entity/trust}/types.d.ts +597 -597
- package/lib/typescript/{trust → entity/trust}/types.d.ts.map +1 -1
- package/lib/typescript/index.d.ts +1 -2
- package/lib/typescript/index.d.ts.map +1 -1
- package/lib/typescript/pid/sd-jwt/types.d.ts +25 -103
- package/lib/typescript/pid/sd-jwt/types.d.ts.map +1 -1
- package/lib/typescript/sd-jwt/index.d.ts +60 -20
- package/lib/typescript/sd-jwt/index.d.ts.map +1 -1
- package/lib/typescript/sd-jwt/types.d.ts +114 -24
- package/lib/typescript/sd-jwt/types.d.ts.map +1 -1
- package/lib/typescript/utils/error-codes.d.ts +0 -12
- package/lib/typescript/utils/error-codes.d.ts.map +1 -1
- package/lib/typescript/utils/errors.d.ts +6 -37
- package/lib/typescript/utils/errors.d.ts.map +1 -1
- package/lib/typescript/utils/jwk.d.ts +135 -0
- package/lib/typescript/utils/jwk.d.ts.map +1 -1
- package/lib/typescript/utils/par.d.ts +1 -8
- package/lib/typescript/utils/par.d.ts.map +1 -1
- package/lib/typescript/wallet-instance-attestation/types.d.ts +12 -12
- package/package.json +1 -1
- package/src/credential/index.ts +1 -4
- package/src/credential/issuance/01-start-flow.ts +1 -1
- package/src/credential/issuance/02-get-issuer-config.ts +67 -0
- package/src/credential/issuance/03-start-user-authorization.ts +22 -30
- package/src/credential/issuance/04-complete-user-authorization.ts +11 -13
- package/src/credential/issuance/05-authorize-access.ts +8 -10
- package/src/credential/issuance/06-obtain-credential.ts +30 -31
- package/src/credential/issuance/07-verify-and-parse-credential.ts +6 -6
- package/src/credential/issuance/README.md +18 -21
- package/src/credential/issuance/index.ts +3 -6
- package/src/credential/issuance/types.ts +1 -1
- package/src/credential/presentation/01-start-flow.ts +8 -2
- package/src/credential/presentation/02-evaluate-rp-trust.ts +2 -2
- package/src/credential/presentation/03-retrieve-jwks.ts +73 -0
- package/src/credential/presentation/{03-get-request-object.ts → 04-get-request-object.ts} +33 -15
- package/src/credential/presentation/{04-send-authorization-response.ts → 05-send-authorization-response.ts} +1 -1
- package/src/credential/presentation/README.md +74 -2
- package/src/credential/presentation/index.ts +10 -2
- package/src/credential/presentation/types.ts +3 -3
- package/src/entity/openid-connect/issuer/index.ts +27 -0
- package/src/entity/openid-connect/issuer/types.ts +68 -0
- package/src/{trust → entity/trust}/chain.ts +2 -2
- package/src/{trust → entity/trust}/index.ts +1 -1
- package/src/{trust → entity/trust}/types.ts +2 -2
- package/src/index.ts +0 -2
- package/src/pid/sd-jwt/types.ts +1 -18
- package/src/sd-jwt/__test__/index.test.ts +47 -37
- package/src/sd-jwt/__test__/types.test.ts +26 -16
- package/src/sd-jwt/types.ts +16 -2
- package/src/utils/error-codes.ts +0 -12
- package/src/utils/errors.ts +12 -86
- package/src/utils/jwk.ts +5 -0
- package/src/utils/par.ts +3 -10
- package/lib/commonjs/credential/issuance/02-evaluate-issuer-trust.js +0 -27
- package/lib/commonjs/credential/issuance/02-evaluate-issuer-trust.js.map +0 -1
- package/lib/commonjs/credential/presentation/03-get-request-object.js.map +0 -1
- package/lib/commonjs/credential/status/01-start-flow.js +0 -2
- package/lib/commonjs/credential/status/01-start-flow.js.map +0 -1
- package/lib/commonjs/credential/status/02-status-attestation.js +0 -72
- package/lib/commonjs/credential/status/02-status-attestation.js.map +0 -1
- package/lib/commonjs/credential/status/03-verify-and-parse-status-attestation.js +0 -52
- package/lib/commonjs/credential/status/03-verify-and-parse-status-attestation.js.map +0 -1
- package/lib/commonjs/credential/status/README.md +0 -67
- package/lib/commonjs/credential/status/index.js +0 -27
- package/lib/commonjs/credential/status/index.js.map +0 -1
- package/lib/commonjs/credential/status/types.js +0 -48
- package/lib/commonjs/credential/status/types.js.map +0 -1
- package/lib/commonjs/credential/trustmark/README.md +0 -62
- package/lib/commonjs/credential/trustmark/get-credential-trustmark.js +0 -81
- package/lib/commonjs/credential/trustmark/get-credential-trustmark.js.map +0 -1
- package/lib/commonjs/credential/trustmark/index.js +0 -13
- package/lib/commonjs/credential/trustmark/index.js.map +0 -1
- package/lib/commonjs/trust/chain.js.map +0 -1
- package/lib/commonjs/trust/index.js.map +0 -1
- package/lib/commonjs/trust/types.js.map +0 -1
- package/lib/module/credential/issuance/02-evaluate-issuer-trust.js +0 -20
- package/lib/module/credential/issuance/02-evaluate-issuer-trust.js.map +0 -1
- package/lib/module/credential/presentation/03-get-request-object.js.map +0 -1
- package/lib/module/credential/status/01-start-flow.js +0 -2
- package/lib/module/credential/status/01-start-flow.js.map +0 -1
- package/lib/module/credential/status/02-status-attestation.js +0 -64
- package/lib/module/credential/status/02-status-attestation.js.map +0 -1
- package/lib/module/credential/status/03-verify-and-parse-status-attestation.js +0 -46
- package/lib/module/credential/status/03-verify-and-parse-status-attestation.js.map +0 -1
- package/lib/module/credential/status/README.md +0 -67
- package/lib/module/credential/status/index.js +0 -5
- package/lib/module/credential/status/index.js.map +0 -1
- package/lib/module/credential/status/types.js +0 -40
- package/lib/module/credential/status/types.js.map +0 -1
- package/lib/module/credential/trustmark/README.md +0 -62
- package/lib/module/credential/trustmark/get-credential-trustmark.js +0 -72
- package/lib/module/credential/trustmark/get-credential-trustmark.js.map +0 -1
- package/lib/module/credential/trustmark/index.js +0 -3
- package/lib/module/credential/trustmark/index.js.map +0 -1
- package/lib/module/trust/chain.js.map +0 -1
- package/lib/module/trust/index.js.map +0 -1
- package/lib/module/trust/types.js.map +0 -1
- package/lib/typescript/credential/issuance/02-evaluate-issuer-trust.d.ts +0 -19
- package/lib/typescript/credential/issuance/02-evaluate-issuer-trust.d.ts.map +0 -1
- package/lib/typescript/credential/presentation/03-get-request-object.d.ts.map +0 -1
- package/lib/typescript/credential/status/01-start-flow.d.ts +0 -10
- package/lib/typescript/credential/status/01-start-flow.d.ts.map +0 -1
- package/lib/typescript/credential/status/02-status-attestation.d.ts +0 -19
- package/lib/typescript/credential/status/02-status-attestation.d.ts.map +0 -1
- package/lib/typescript/credential/status/03-verify-and-parse-status-attestation.d.ts +0 -24
- package/lib/typescript/credential/status/03-verify-and-parse-status-attestation.d.ts.map +0 -1
- package/lib/typescript/credential/status/index.d.ts +0 -7
- package/lib/typescript/credential/status/index.d.ts.map +0 -1
- package/lib/typescript/credential/status/types.d.ts +0 -305
- package/lib/typescript/credential/status/types.d.ts.map +0 -1
- package/lib/typescript/credential/trustmark/get-credential-trustmark.d.ts +0 -52
- package/lib/typescript/credential/trustmark/get-credential-trustmark.d.ts.map +0 -1
- package/lib/typescript/credential/trustmark/index.d.ts +0 -4
- package/lib/typescript/credential/trustmark/index.d.ts.map +0 -1
- package/lib/typescript/trust/chain.d.ts.map +0 -1
- package/lib/typescript/trust/index.d.ts.map +0 -1
- package/src/credential/issuance/02-evaluate-issuer-trust.ts +0 -32
- package/src/credential/status/01-start-flow.ts +0 -9
- package/src/credential/status/02-status-attestation.ts +0 -102
- package/src/credential/status/03-verify-and-parse-status-attestation.ts +0 -60
- package/src/credential/status/README.md +0 -67
- package/src/credential/status/index.ts +0 -22
- package/src/credential/status/types.ts +0 -43
- package/src/credential/trustmark/README.md +0 -62
- package/src/credential/trustmark/get-credential-trustmark.ts +0 -120
- package/src/credential/trustmark/index.ts +0 -8
- /package/lib/typescript/{trust → entity/trust}/chain.d.ts +0 -0
|
@@ -6,7 +6,7 @@ There's a fork in the flow which is based on the type of the credential that is
|
|
|
6
6
|
This is due to the fact that eID credentials require a different authorization flow than other credentials, which is accomplished by a strong authentication method like SPID or CIE.
|
|
7
7
|
Credentials instead require a simpler authorization flow and they require other credentials to be presented in order to be issued.
|
|
8
8
|
|
|
9
|
-
The supported credentials are defined in the entity configuration of the issuer which is evaluted and parsed in the `
|
|
9
|
+
The supported credentials are defined in the entity configuration of the issuer which is evaluted and parsed in the `getIssuerConfig` step.
|
|
10
10
|
|
|
11
11
|
## Sequence Diagram
|
|
12
12
|
|
|
@@ -14,7 +14,7 @@ The supported credentials are defined in the entity configuration of the issuer
|
|
|
14
14
|
graph TD;
|
|
15
15
|
0[WalletInstanceAttestation.getAttestation]
|
|
16
16
|
1[startFlow]
|
|
17
|
-
2[
|
|
17
|
+
2[getIssuerConfig]
|
|
18
18
|
3[startUserAuthorization]
|
|
19
19
|
C4[getRequestedCredentialToBePresented]
|
|
20
20
|
C4.1[completeUserAuthorizationWithFormPostJwtMode]
|
|
@@ -41,12 +41,9 @@ graph TD;
|
|
|
41
41
|
|
|
42
42
|
The following errors are mapped to a `IssuerResponseError` with specific codes.
|
|
43
43
|
|
|
44
|
-
|HTTP Status|Error Code|Description|
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|`403 Forbidden`|`ERR_CREDENTIAL_INVALID_STATUS`|This response is returned by the credential issuer when the requested credential has an invalid status. It might contain more details in the `reason` property.|
|
|
48
|
-
|`404 Not Found`|`ERR_CREDENTIAL_INVALID_STATUS`| This response is returned by the credential issuer when the authenticated user is not entitled to receive the requested credential. It might contain more details in the `reason` property.|
|
|
49
|
-
|`*`|`ERR_ISSUER_GENERIC_ERROR`|This is a generic error code to map unexpected errors that occurred when interacting with the Issuer.|
|
|
44
|
+
| HTTP Status | Error Code | Description |
|
|
45
|
+
| ----------- | -------------------------- | ----------------------------------------------------------------------------------------------------- |
|
|
46
|
+
| `*` | `ERR_ISSUER_GENERIC_ERROR` | This is a generic error code to map unexpected errors that occurred when interacting with the Issuer. |
|
|
50
47
|
|
|
51
48
|
## Strong authentication for eID issuance (Query Mode)
|
|
52
49
|
|
|
@@ -121,7 +118,7 @@ const startFlow: Credential.Issuance.StartFlow = () => ({
|
|
|
121
118
|
const { issuerUrl } = startFlow();
|
|
122
119
|
|
|
123
120
|
// Evaluate issuer trust
|
|
124
|
-
const { issuerConf } = await Credential.Issuance.
|
|
121
|
+
const { issuerConf } = await Credential.Issuance.getIssuerConfig(issuerUrl);
|
|
125
122
|
|
|
126
123
|
// Start user authorization
|
|
127
124
|
const { issuerRequestUri, clientId, codeVerifier, credentialDefinition } =
|
|
@@ -251,17 +248,16 @@ const credentialCryptoContext = createCryptoContextFor(credentialKeyTag);
|
|
|
251
248
|
// Start the issuance flow
|
|
252
249
|
const startFlow: Credential.Issuance.StartFlow = () => ({
|
|
253
250
|
issuerUrl: WALLET_EID_PROVIDER_BASE_URL,
|
|
254
|
-
credentialType: "
|
|
251
|
+
credentialType: "urn:eu.europa.ec.eudi:pid:1",
|
|
255
252
|
appFetch,
|
|
256
253
|
});
|
|
257
254
|
|
|
258
255
|
const { issuerUrl } = startFlow();
|
|
259
256
|
|
|
260
257
|
// Evaluate issuer trust
|
|
261
|
-
const { issuerConf } = await Credential.Issuance.
|
|
262
|
-
|
|
263
|
-
|
|
264
|
-
);
|
|
258
|
+
const { issuerConf } = await Credential.Issuance.getIssuerConfig(issuerUrl, {
|
|
259
|
+
appFetch,
|
|
260
|
+
});
|
|
265
261
|
|
|
266
262
|
// Start user authorization
|
|
267
263
|
const { issuerRequestUri, clientId, codeVerifier, credentialDefinition } =
|
|
@@ -315,12 +311,13 @@ const { credential, format } = await Credential.Issuance.obtainCredential(
|
|
|
315
311
|
);
|
|
316
312
|
|
|
317
313
|
// Parse and verify the eID credential
|
|
318
|
-
const { parsedCredential, issuedAt, expiration } =
|
|
319
|
-
|
|
320
|
-
|
|
321
|
-
|
|
322
|
-
|
|
323
|
-
|
|
314
|
+
const { parsedCredential, issuedAt, expiration } =
|
|
315
|
+
await Credential.Issuance.verifyAndParseCredential(
|
|
316
|
+
issuerConf,
|
|
317
|
+
credential,
|
|
318
|
+
format,
|
|
319
|
+
{ credentialCryptoContext }
|
|
320
|
+
);
|
|
324
321
|
|
|
325
322
|
return {
|
|
326
323
|
parsedCredential,
|
|
@@ -328,7 +325,7 @@ return {
|
|
|
328
325
|
keyTag: credentialKeyTag,
|
|
329
326
|
credentialType,
|
|
330
327
|
issuedAt,
|
|
331
|
-
expiration
|
|
328
|
+
expiration,
|
|
332
329
|
};
|
|
333
330
|
```
|
|
334
331
|
|
|
@@ -28,10 +28,10 @@ Object.defineProperty(exports, "completeUserAuthorizationWithQueryMode", {
|
|
|
28
28
|
return _completeUserAuthorization.completeUserAuthorizationWithQueryMode;
|
|
29
29
|
}
|
|
30
30
|
});
|
|
31
|
-
Object.defineProperty(exports, "
|
|
31
|
+
Object.defineProperty(exports, "getIssuerConfig", {
|
|
32
32
|
enumerable: true,
|
|
33
33
|
get: function () {
|
|
34
|
-
return
|
|
34
|
+
return _getIssuerConfig.getIssuerConfig;
|
|
35
35
|
}
|
|
36
36
|
});
|
|
37
37
|
Object.defineProperty(exports, "getRequestedCredentialToBePresented", {
|
|
@@ -64,7 +64,7 @@ Object.defineProperty(exports, "verifyAndParseCredential", {
|
|
|
64
64
|
return _verifyAndParseCredential.verifyAndParseCredential;
|
|
65
65
|
}
|
|
66
66
|
});
|
|
67
|
-
var
|
|
67
|
+
var _getIssuerConfig = require("./02-get-issuer-config");
|
|
68
68
|
var _startUserAuthorization = require("./03-start-user-authorization");
|
|
69
69
|
var _completeUserAuthorization = require("./04-complete-user-authorization");
|
|
70
70
|
var _authorizeAccess = require("./05-authorize-access");
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["
|
|
1
|
+
{"version":3,"names":["_getIssuerConfig","require","_startUserAuthorization","_completeUserAuthorization","_authorizeAccess","_obtainCredential","_verifyAndParseCredential","Errors","_interopRequireWildcard","exports","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set"],"sourceRoot":"../../../../src","sources":["credential/issuance/index.ts"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AACA,IAAAA,gBAAA,GAAAC,OAAA;AACA,IAAAC,uBAAA,GAAAD,OAAA;AAIA,IAAAE,0BAAA,GAAAF,OAAA;AAWA,IAAAG,gBAAA,GAAAH,OAAA;AACA,IAAAI,iBAAA,GAAAJ,OAAA;AAIA,IAAAK,yBAAA,GAAAL,OAAA;AAIA,IAAAM,MAAA,GAAAC,uBAAA,CAAAP,OAAA;AAAmCQ,OAAA,CAAAF,MAAA,GAAAA,MAAA;AAAA,SAAAG,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAH,wBAAAO,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA"}
|
|
@@ -11,7 +11,7 @@ function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "functio
|
|
|
11
11
|
function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
|
|
12
12
|
const TokenResponse = z.object({
|
|
13
13
|
access_token: z.string(),
|
|
14
|
-
authorization_details:
|
|
14
|
+
authorization_details: _par.AuthorizationDetail,
|
|
15
15
|
c_nonce: z.string(),
|
|
16
16
|
c_nonce_expires_in: z.number(),
|
|
17
17
|
expires_in: z.number(),
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_par","require","z","_interopRequireWildcard","_const","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","TokenResponse","object","access_token","string","authorization_details","
|
|
1
|
+
{"version":3,"names":["_par","require","z","_interopRequireWildcard","_const","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","TokenResponse","object","access_token","string","authorization_details","AuthorizationDetail","c_nonce","c_nonce_expires_in","number","expires_in","token_type","exports","CredentialResponse","credential","format","SupportedCredentialFormat","ResponseUriResultShape","redirect_uri"],"sourceRoot":"../../../../src","sources":["credential/issuance/types.ts"],"mappings":";;;;;;AAAA,IAAAA,IAAA,GAAAC,OAAA;AACA,IAAAC,CAAA,GAAAC,uBAAA,CAAAF,OAAA;AACA,IAAAG,MAAA,GAAAH,OAAA;AAAoD,SAAAI,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAH,wBAAAO,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAI7C,MAAMW,aAAa,GAAGzB,CAAC,CAAC0B,MAAM,CAAC;EACpCC,YAAY,EAAE3B,CAAC,CAAC4B,MAAM,CAAC,CAAC;EACxBC,qBAAqB,EAAEC,wBAAmB;EAC1CC,OAAO,EAAE/B,CAAC,CAAC4B,MAAM,CAAC,CAAC;EACnBI,kBAAkB,EAAEhC,CAAC,CAACiC,MAAM,CAAC,CAAC;EAC9BC,UAAU,EAAElC,CAAC,CAACiC,MAAM,CAAC,CAAC;EACtBE,UAAU,EAAEnC,CAAC,CAAC4B,MAAM,CAAC;AACvB,CAAC,CAAC;AAACQ,OAAA,CAAAX,aAAA,GAAAA,aAAA;AAII,MAAMY,kBAAkB,GAAGrC,CAAC,CAAC0B,MAAM,CAAC;EACzCK,OAAO,EAAE/B,CAAC,CAAC4B,MAAM,CAAC,CAAC;EACnBI,kBAAkB,EAAEhC,CAAC,CAACiC,MAAM,CAAC,CAAC;EAC9BK,UAAU,EAAEtC,CAAC,CAAC4B,MAAM,CAAC,CAAC;EACtBW,MAAM,EAAEC;AACV,CAAC,CAAC;;AAEF;AACA;AACA;AAFAJ,OAAA,CAAAC,kBAAA,GAAAA,kBAAA;AAGO,MAAMI,sBAAsB,GAAGzC,CAAC,CAAC0B,MAAM,CAAC;EAC7CgB,YAAY,EAAE1C,CAAC,CAAC4B,MAAM,CAAC;AACzB,CAAC,CAAC;AAACQ,OAAA,CAAAK,sBAAA,GAAAA,sBAAA"}
|
|
@@ -33,8 +33,13 @@ const QRCodePayload = z.object({
|
|
|
33
33
|
* @throws If the provided qr code fails to be decoded
|
|
34
34
|
*/
|
|
35
35
|
const startFlowFromQR = qrcode => {
|
|
36
|
-
|
|
37
|
-
|
|
36
|
+
let decodedUrl;
|
|
37
|
+
try {
|
|
38
|
+
const decoded = (0, _ioReactNativeJwt.decodeBase64)(qrcode);
|
|
39
|
+
decodedUrl = new URL(decoded);
|
|
40
|
+
} catch (error) {
|
|
41
|
+
throw new _errors.AuthRequestDecodeError("Failed to decode QR code: ", qrcode);
|
|
42
|
+
}
|
|
38
43
|
const protocol = decodedUrl.protocol;
|
|
39
44
|
const resource = decodedUrl.hostname;
|
|
40
45
|
const requestURI = decodedUrl.searchParams.get("request_uri");
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["z","_interopRequireWildcard","require","_ioReactNativeJwt","_errors","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","QRCodePayload","object","protocol","string","resource","clientId","requestURI","startFlowFromQR","qrcode","decoded","decodeBase64","
|
|
1
|
+
{"version":3,"names":["z","_interopRequireWildcard","require","_ioReactNativeJwt","_errors","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","QRCodePayload","object","protocol","string","resource","clientId","requestURI","startFlowFromQR","qrcode","decodedUrl","decoded","decodeBase64","URL","error","AuthRequestDecodeError","hostname","searchParams","result","safeParse","success","data","message","exports"],"sourceRoot":"../../../../src","sources":["credential/presentation/01-start-flow.ts"],"mappings":";;;;;;AAAA,IAAAA,CAAA,GAAAC,uBAAA,CAAAC,OAAA;AACA,IAAAC,iBAAA,GAAAD,OAAA;AACA,IAAAE,OAAA,GAAAF,OAAA;AAAkD,SAAAG,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAL,wBAAAS,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAElD,MAAMW,aAAa,GAAG3B,CAAC,CAAC4B,MAAM,CAAC;EAC7BC,QAAQ,EAAE7B,CAAC,CAAC8B,MAAM,CAAC,CAAC;EACpBC,QAAQ,EAAE/B,CAAC,CAAC8B,MAAM,CAAC,CAAC;EAAE;EACtBE,QAAQ,EAAEhC,CAAC,CAAC8B,MAAM,CAAC,CAAC;EACpBG,UAAU,EAAEjC,CAAC,CAAC8B,MAAM,CAAC;AACvB,CAAC,CAAC;;AAEF;AACA;AACA;AACA;AACA;AACA;AACA;;AAMA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMI,eAAoC,GAAIC,MAAM,IAAK;EAC9D,IAAIC,UAAe;EACnB,IAAI;IACF,MAAMC,OAAO,GAAG,IAAAC,8BAAY,EAACH,MAAM,CAAC;IACpCC,UAAU,GAAG,IAAIG,GAAG,CAACF,OAAO,CAAC;EAC/B,CAAC,CAAC,OAAOG,KAAK,EAAE;IACd,MAAM,IAAIC,8BAAsB,CAAC,4BAA4B,EAAEN,MAAM,CAAC;EACxE;EAEA,MAAMN,QAAQ,GAAGO,UAAU,CAACP,QAAQ;EACpC,MAAME,QAAQ,GAAGK,UAAU,CAACM,QAAQ;EACpC,MAAMT,UAAU,GAAGG,UAAU,CAACO,YAAY,CAAC5B,GAAG,CAAC,aAAa,CAAC;EAC7D,MAAMiB,QAAQ,GAAGI,UAAU,CAACO,YAAY,CAAC5B,GAAG,CAAC,WAAW,CAAC;EAEzD,MAAM6B,MAAM,GAAGjB,aAAa,CAACkB,SAAS,CAAC;IACrChB,QAAQ;IACRE,QAAQ;IACRE,UAAU;IACVD;EACF,CAAC,CAAC;EAEF,IAAIY,MAAM,CAACE,OAAO,EAAE;IAClB,OAAOF,MAAM,CAACG,IAAI;EACpB,CAAC,MAAM;IACL,MAAM,IAAIN,8BAAsB,CAACG,MAAM,CAACJ,KAAK,CAACQ,OAAO,EAAG,GAAEZ,UAAW,EAAC,CAAC;EACzE;AACF,CAAC;AAACa,OAAA,CAAAf,eAAA,GAAAA,eAAA"}
|
|
@@ -4,7 +4,7 @@ Object.defineProperty(exports, "__esModule", {
|
|
|
4
4
|
value: true
|
|
5
5
|
});
|
|
6
6
|
exports.evaluateRelyingPartyTrust = void 0;
|
|
7
|
-
var
|
|
7
|
+
var _index = require("../../entity/trust/index");
|
|
8
8
|
/**
|
|
9
9
|
* The Relying Party trust evaluation phase.
|
|
10
10
|
* Fetch the Relying Party's configuration and verify trust.
|
|
@@ -21,7 +21,7 @@ const evaluateRelyingPartyTrust = async function (rpUrl) {
|
|
|
21
21
|
payload: {
|
|
22
22
|
metadata: rpConf
|
|
23
23
|
}
|
|
24
|
-
} = await (0,
|
|
24
|
+
} = await (0, _index.getRelyingPartyEntityConfiguration)(rpUrl, {
|
|
25
25
|
appFetch
|
|
26
26
|
});
|
|
27
27
|
return {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["
|
|
1
|
+
{"version":3,"names":["_index","require","evaluateRelyingPartyTrust","rpUrl","appFetch","fetch","arguments","length","undefined","payload","metadata","rpConf","getRelyingPartyEntityConfiguration","exports"],"sourceRoot":"../../../../src","sources":["credential/presentation/02-evaluate-rp-trust.ts"],"mappings":";;;;;;AAAA,IAAAA,MAAA,GAAAC,OAAA;AAcA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMC,yBAAoD,GAAG,eAAAA,CAClEC,KAAK,EAEF;EAAA,IADH;IAAEC,QAAQ,GAAGC;EAAM,CAAC,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EAEzB,MAAM;IACJG,OAAO,EAAE;MAAEC,QAAQ,EAAEC;IAAO;EAC9B,CAAC,GAAG,MAAM,IAAAC,yCAAkC,EAACT,KAAK,EAAE;IAClDC;EACF,CAAC,CAAC;EACF,OAAO;IAAEO;EAAO,CAAC;AACnB,CAAC;AAACE,OAAA,CAAAX,yBAAA,GAAAA,yBAAA"}
|
|
@@ -0,0 +1,68 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
|
|
3
|
+
Object.defineProperty(exports, "__esModule", {
|
|
4
|
+
value: true
|
|
5
|
+
});
|
|
6
|
+
exports.fetchJwksFromUri = exports.fetchJwksFromConfig = void 0;
|
|
7
|
+
var _jwk = require("../../utils/jwk");
|
|
8
|
+
var _misc = require("../../utils/misc");
|
|
9
|
+
var _types = require("../../entity/trust/types");
|
|
10
|
+
/**
|
|
11
|
+
* Defines the signature for a function that retrieves JSON Web Key Sets (JWKS) from a client.
|
|
12
|
+
*
|
|
13
|
+
* @template T - The tuple type representing the function arguments.
|
|
14
|
+
* @param args - The arguments passed to the function.
|
|
15
|
+
* @returns A promise resolving to an object containing an array of JWKs.
|
|
16
|
+
*/
|
|
17
|
+
|
|
18
|
+
/**
|
|
19
|
+
* Retrieves the JSON Web Key Set (JWKS) from the specified client's well-known endpoint.
|
|
20
|
+
*
|
|
21
|
+
* @param clientUrl - The base URL of the client entity from which to retrieve the JWKS.
|
|
22
|
+
* @param options - Optional context containing a custom fetch implementation.
|
|
23
|
+
* @param options.context - Optional context object.
|
|
24
|
+
* @param options.context.appFetch - Optional custom fetch function to use instead of the global `fetch`.
|
|
25
|
+
* @returns A promise resolving to an object containing an array of JWKs.
|
|
26
|
+
* @throws Will throw an error if the JWKS retrieval fails.
|
|
27
|
+
*/
|
|
28
|
+
const fetchJwksFromUri = async function (clientUrl) {
|
|
29
|
+
let {
|
|
30
|
+
context = {}
|
|
31
|
+
} = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {};
|
|
32
|
+
const {
|
|
33
|
+
appFetch = fetch
|
|
34
|
+
} = context;
|
|
35
|
+
const wellKnownUrl = new URL("/.well-known/jar-issuer/jwk", clientUrl).toString();
|
|
36
|
+
|
|
37
|
+
// Fetches the JWKS from a specific endpoint of the entity's well-known configuration
|
|
38
|
+
const jwks = await appFetch(wellKnownUrl, {
|
|
39
|
+
method: "GET"
|
|
40
|
+
}).then((0, _misc.hasStatusOrThrow)(200)).then(raw => raw.json()).then(json => _jwk.JWKS.parse(json));
|
|
41
|
+
return {
|
|
42
|
+
keys: jwks.keys
|
|
43
|
+
};
|
|
44
|
+
};
|
|
45
|
+
|
|
46
|
+
/**
|
|
47
|
+
* Retrieves the JSON Web Key Set (JWKS) from a Relying Party's entity configuration.
|
|
48
|
+
*
|
|
49
|
+
* @param rpConfig - The configuration object of the Relying Party entity.
|
|
50
|
+
* @returns An object containing an array of JWKs.
|
|
51
|
+
* @throws Will throw an error if the configuration is invalid or if JWKS is not found.
|
|
52
|
+
*/
|
|
53
|
+
exports.fetchJwksFromUri = fetchJwksFromUri;
|
|
54
|
+
const fetchJwksFromConfig = async rpConfig => {
|
|
55
|
+
const parsedConfig = _types.RelyingPartyEntityConfiguration.safeParse(rpConfig);
|
|
56
|
+
if (!parsedConfig.success) {
|
|
57
|
+
throw new Error("Invalid Relying Party configuration.");
|
|
58
|
+
}
|
|
59
|
+
const jwks = parsedConfig.data.payload.metadata.wallet_relying_party.jwks;
|
|
60
|
+
if (!jwks || !Array.isArray(jwks.keys)) {
|
|
61
|
+
throw new Error("JWKS not found in Relying Party configuration.");
|
|
62
|
+
}
|
|
63
|
+
return {
|
|
64
|
+
keys: jwks.keys
|
|
65
|
+
};
|
|
66
|
+
};
|
|
67
|
+
exports.fetchJwksFromConfig = fetchJwksFromConfig;
|
|
68
|
+
//# sourceMappingURL=03-retrieve-jwks.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["_jwk","require","_misc","_types","fetchJwksFromUri","clientUrl","context","arguments","length","undefined","appFetch","fetch","wellKnownUrl","URL","toString","jwks","method","then","hasStatusOrThrow","raw","json","JWKS","parse","keys","exports","fetchJwksFromConfig","rpConfig","parsedConfig","RelyingPartyEntityConfiguration","safeParse","success","Error","data","payload","metadata","wallet_relying_party","Array","isArray"],"sourceRoot":"../../../../src","sources":["credential/presentation/03-retrieve-jwks.ts"],"mappings":";;;;;;AAAA,IAAAA,IAAA,GAAAC,OAAA;AACA,IAAAC,KAAA,GAAAD,OAAA;AACA,IAAAE,MAAA,GAAAF,OAAA;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;;AAKA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMG,gBAEZ,GAAG,eAAAA,CAAOC,SAAS,EAA4B;EAAA,IAA1B;IAAEC,OAAO,GAAG,CAAC;EAAE,CAAC,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EACzC,MAAM;IAAEG,QAAQ,GAAGC;EAAM,CAAC,GAAGL,OAAO;EAEpC,MAAMM,YAAY,GAAG,IAAIC,GAAG,CAC1B,6BAA6B,EAC7BR,SACF,CAAC,CAACS,QAAQ,CAAC,CAAC;;EAEZ;EACA,MAAMC,IAAI,GAAG,MAAML,QAAQ,CAACE,YAAY,EAAE;IACxCI,MAAM,EAAE;EACV,CAAC,CAAC,CACCC,IAAI,CAAC,IAAAC,sBAAgB,EAAC,GAAG,CAAC,CAAC,CAC3BD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBH,IAAI,CAAEG,IAAI,IAAKC,SAAI,CAACC,KAAK,CAACF,IAAI,CAAC,CAAC;EAEnC,OAAO;IACLG,IAAI,EAAER,IAAI,CAACQ;EACb,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AANAC,OAAA,CAAApB,gBAAA,GAAAA,gBAAA;AAOO,MAAMqB,mBAEZ,GAAG,MAAOC,QAAQ,IAAK;EACtB,MAAMC,YAAY,GAAGC,sCAA+B,CAACC,SAAS,CAACH,QAAQ,CAAC;EACxE,IAAI,CAACC,YAAY,CAACG,OAAO,EAAE;IACzB,MAAM,IAAIC,KAAK,CAAC,sCAAsC,CAAC;EACzD;EAEA,MAAMhB,IAAI,GAAGY,YAAY,CAACK,IAAI,CAACC,OAAO,CAACC,QAAQ,CAACC,oBAAoB,CAACpB,IAAI;EAEzE,IAAI,CAACA,IAAI,IAAI,CAACqB,KAAK,CAACC,OAAO,CAACtB,IAAI,CAACQ,IAAI,CAAC,EAAE;IACtC,MAAM,IAAIQ,KAAK,CAAC,gDAAgD,CAAC;EACnE;EAEA,OAAO;IACLR,IAAI,EAAER,IAAI,CAACQ;EACb,CAAC;AACH,CAAC;AAACC,OAAA,CAAAC,mBAAA,GAAAA,mBAAA"}
|
package/lib/commonjs/credential/presentation/{03-get-request-object.js → 04-get-request-object.js}
RENAMED
|
@@ -22,7 +22,7 @@ function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { de
|
|
|
22
22
|
* @param context.appFetch (optional) fetch api implementation. Default: built-in fetch
|
|
23
23
|
* @returns The Request Object that describes the presentation
|
|
24
24
|
*/
|
|
25
|
-
const getRequestObject = async (requestUri,
|
|
25
|
+
const getRequestObject = async (requestUri, _ref, jwkKeys) => {
|
|
26
26
|
let {
|
|
27
27
|
wiaCryptoContext,
|
|
28
28
|
appFetch = fetch,
|
|
@@ -42,11 +42,21 @@ const getRequestObject = async (requestUri, rpConf, _ref) => {
|
|
|
42
42
|
}
|
|
43
43
|
}).then((0, _misc.hasStatusOrThrow)(200)).then(res => res.json()).then(responseJson => responseJson.response);
|
|
44
44
|
const responseJwt = (0, _ioReactNativeJwt.decode)(responseEncodedJwt);
|
|
45
|
+
await verifyTokenSignature(jwkKeys, responseJwt);
|
|
45
46
|
|
|
46
|
-
//
|
|
47
|
-
|
|
48
|
-
{
|
|
49
|
-
|
|
47
|
+
// Ensure that the request object conforms to the expected specification.
|
|
48
|
+
const requestObject = _types.RequestObject.parse(responseJwt.payload);
|
|
49
|
+
return {
|
|
50
|
+
requestObject
|
|
51
|
+
};
|
|
52
|
+
};
|
|
53
|
+
exports.getRequestObject = getRequestObject;
|
|
54
|
+
const verifyTokenSignature = async (jwkKeys, responseJwt) => {
|
|
55
|
+
var _responseJwt$protecte;
|
|
56
|
+
// verify token signature to ensure the request object is authentic
|
|
57
|
+
// 1. according to entity configuration if present
|
|
58
|
+
if (jwkKeys) {
|
|
59
|
+
const pubKey = jwkKeys.find(_ref2 => {
|
|
50
60
|
let {
|
|
51
61
|
kid
|
|
52
62
|
} = _ref2;
|
|
@@ -55,14 +65,18 @@ const getRequestObject = async (requestUri, rpConf, _ref) => {
|
|
|
55
65
|
if (!pubKey) {
|
|
56
66
|
throw new _errors.NoSuitableKeysFoundInEntityConfiguration("Request Object signature verification");
|
|
57
67
|
}
|
|
58
|
-
await (0, _ioReactNativeJwt.verify)(
|
|
68
|
+
await (0, _ioReactNativeJwt.verify)(responseJwt, pubKey);
|
|
69
|
+
return;
|
|
59
70
|
}
|
|
60
71
|
|
|
61
|
-
//
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
72
|
+
// 2. If jwk is not retrieved from entity config, check if the token contains the 'jwk' attribute
|
|
73
|
+
if ((_responseJwt$protecte = responseJwt.protectedHeader) !== null && _responseJwt$protecte !== void 0 && _responseJwt$protecte.jwk) {
|
|
74
|
+
const pubKey = responseJwt.protectedHeader.jwk;
|
|
75
|
+
await (0, _ioReactNativeJwt.verify)(responseJwt, pubKey);
|
|
76
|
+
return;
|
|
77
|
+
}
|
|
78
|
+
|
|
79
|
+
// No verification condition matched: skipping signature verification for now.
|
|
80
|
+
// TODO: [EUDIW-215] Remove skipping signature verification
|
|
66
81
|
};
|
|
67
|
-
|
|
68
|
-
//# sourceMappingURL=03-get-request-object.js.map
|
|
82
|
+
//# sourceMappingURL=04-get-request-object.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["_reactNativeUuid","_interopRequireDefault","require","_ioReactNativeJwt","_dpop","_errors","_misc","_types","obj","__esModule","default","getRequestObject","requestUri","_ref","jwkKeys","wiaCryptoContext","appFetch","fetch","walletInstanceAttestation","signedWalletInstanceDPoP","createDPopToken","jti","uuid","v4","htm","htu","ath","sha256ToBase64","responseEncodedJwt","method","headers","Authorization","DPoP","then","hasStatusOrThrow","res","json","responseJson","response","responseJwt","decodeJwt","verifyTokenSignature","requestObject","RequestObject","parse","payload","exports","_responseJwt$protecte","pubKey","find","_ref2","kid","protectedHeader","NoSuitableKeysFoundInEntityConfiguration","verify","jwk"],"sourceRoot":"../../../../src","sources":["credential/presentation/04-get-request-object.ts"],"mappings":";;;;;;AAAA,IAAAA,gBAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,iBAAA,GAAAD,OAAA;AAOA,IAAAE,KAAA,GAAAF,OAAA;AACA,IAAAG,OAAA,GAAAH,OAAA;AAEA,IAAAI,KAAA,GAAAJ,OAAA;AAEA,IAAAK,MAAA,GAAAL,OAAA;AAAwC,SAAAD,uBAAAO,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAYxC;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMG,gBAAkC,GAAG,MAAAA,CAChDC,UAAU,EAAAC,IAAA,EAEVC,OAAO,KACJ;EAAA,IAFH;IAAEC,gBAAgB;IAAEC,QAAQ,GAAGC,KAAK;IAAEC;EAA0B,CAAC,GAAAL,IAAA;EAGjE,MAAMM,wBAAwB,GAAG,MAAM,IAAAC,qBAAe,EACpD;IACEC,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;IACnBC,GAAG,EAAE,KAAK;IACVC,GAAG,EAAEb,UAAU;IACfc,GAAG,EAAE,MAAM,IAAAC,gCAAc,EAACT,yBAAyB;EACrD,CAAC,EACDH,gBACF,CAAC;EAED,MAAMa,kBAAkB,GAAG,MAAMZ,QAAQ,CAACJ,UAAU,EAAE;IACpDiB,MAAM,EAAE,KAAK;IACbC,OAAO,EAAE;MACPC,aAAa,EAAG,QAAOb,yBAA0B,EAAC;MAClDc,IAAI,EAAEb;IACR;EACF,CAAC,CAAC,CACCc,IAAI,CAAC,IAAAC,sBAAgB,EAAC,GAAG,CAAC,CAAC,CAC3BD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBH,IAAI,CAAEI,YAAY,IAAKA,YAAY,CAACC,QAAQ,CAAC;EAEhD,MAAMC,WAAW,GAAG,IAAAC,wBAAS,EAACZ,kBAAkB,CAAC;EAEjD,MAAMa,oBAAoB,CAAC3B,OAAO,EAAEyB,WAAW,CAAC;;EAEhD;EACA,MAAMG,aAAa,GAAGC,oBAAa,CAACC,KAAK,CAACL,WAAW,CAACM,OAAO,CAAC;EAE9D,OAAO;IACLH;EACF,CAAC;AACH,CAAC;AAACI,OAAA,CAAAnC,gBAAA,GAAAA,gBAAA;AAEF,MAAM8B,oBAAoB,GAAG,MAAAA,CAC3B3B,OAAgC,EAChCyB,WAAiB,KACC;EAAA,IAAAQ,qBAAA;EAClB;EACA;EACA,IAAIjC,OAAO,EAAE;IACX,MAAMkC,MAAM,GAAGlC,OAAO,CAACmC,IAAI,CACzBC,KAAA;MAAA,IAAC;QAAEC;MAAI,CAAC,GAAAD,KAAA;MAAA,OAAKC,GAAG,KAAKZ,WAAW,CAACa,eAAe,CAACD,GAAG;IAAA,CACtD,CAAC;IACD,IAAI,CAACH,MAAM,EAAE;MACX,MAAM,IAAIK,gDAAwC,CAChD,uCACF,CAAC;IACH;IACA,MAAM,IAAAC,wBAAM,EAACf,WAAW,EAAES,MAAM,CAAC;IACjC;EACF;;EAEA;EACA,KAAAD,qBAAA,GAAIR,WAAW,CAACa,eAAe,cAAAL,qBAAA,eAA3BA,qBAAA,CAA6BQ,GAAG,EAAE;IACpC,MAAMP,MAAM,GAAGT,WAAW,CAACa,eAAe,CAACG,GAAG;IAC9C,MAAM,IAAAD,wBAAM,EAACf,WAAW,EAAES,MAAM,CAAC;IACjC;EACF;;EAEA;EACA;AACF,CAAC"}
|
|
@@ -136,4 +136,4 @@ const sendAuthorizationResponse = async (requestObject, rpConf, presentation, _r
|
|
|
136
136
|
}).then((0, _misc.hasStatusOrThrow)(200)).then(res => res.json()).then(AuthorizationResponse.parse);
|
|
137
137
|
};
|
|
138
138
|
exports.sendAuthorizationResponse = sendAuthorizationResponse;
|
|
139
|
-
//# sourceMappingURL=
|
|
139
|
+
//# sourceMappingURL=05-send-authorization-response.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_ioReactNativeJwt","require","_reactNativeUuid","_interopRequireDefault","WalletInstanceAttestation","_interopRequireWildcard","_errors","_misc","_sdJwt","z","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","AuthorizationResponse","object","status","string","response_code","optional","exports","chooseRSAPublicKeyToEncrypt","entity","usingRsa256","wallet_relying_party","jwks","keys","filter","jwk","use","kty","NoSuitableKeysFoundInEntityConfiguration","prepareVpToken","requestObject","walletInstanceAttestation","_ref","vc","claims","cryptoCtx","token","vp","paths","disclose","payload","iss","decode","pidKid","getPublicKey","then","_","kid","vp_token","SignJWT","setProtectedHeader","typ","setPayload","jti","uuid","v4","nonce","setAudience","response_uri","setIssuedAt","setExpirationTime","sign","vc_scope","scope","presentation_submission","definition_id","id","descriptor_map","map","p","path","format","sendAuthorizationResponse","rpConf","presentation","_ref2","appFetch","fetch","rsaPublicJwk","authzResponsePayload","JSON","stringify","state","encrypted","EncryptJwe","alg","enc","encrypt","formBody","URLSearchParams","response","body","toString","method","headers","hasStatusOrThrow","res","json","parse"],"sourceRoot":"../../../../src","sources":["credential/presentation/
|
|
1
|
+
{"version":3,"names":["_ioReactNativeJwt","require","_reactNativeUuid","_interopRequireDefault","WalletInstanceAttestation","_interopRequireWildcard","_errors","_misc","_sdJwt","z","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","AuthorizationResponse","object","status","string","response_code","optional","exports","chooseRSAPublicKeyToEncrypt","entity","usingRsa256","wallet_relying_party","jwks","keys","filter","jwk","use","kty","NoSuitableKeysFoundInEntityConfiguration","prepareVpToken","requestObject","walletInstanceAttestation","_ref","vc","claims","cryptoCtx","token","vp","paths","disclose","payload","iss","decode","pidKid","getPublicKey","then","_","kid","vp_token","SignJWT","setProtectedHeader","typ","setPayload","jti","uuid","v4","nonce","setAudience","response_uri","setIssuedAt","setExpirationTime","sign","vc_scope","scope","presentation_submission","definition_id","id","descriptor_map","map","p","path","format","sendAuthorizationResponse","rpConf","presentation","_ref2","appFetch","fetch","rsaPublicJwk","authzResponsePayload","JSON","stringify","state","encrypted","EncryptJwe","alg","enc","encrypt","formBody","URLSearchParams","response","body","toString","method","headers","hasStatusOrThrow","res","json","parse"],"sourceRoot":"../../../../src","sources":["credential/presentation/05-send-authorization-response.ts"],"mappings":";;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AACA,IAAAC,gBAAA,GAAAC,sBAAA,CAAAF,OAAA;AACA,IAAAG,yBAAA,GAAAC,uBAAA,CAAAJ,OAAA;AAEA,IAAAK,OAAA,GAAAL,OAAA;AACA,IAAAM,KAAA,GAAAN,OAAA;AAEA,IAAAO,MAAA,GAAAP,OAAA;AAGA,IAAAQ,CAAA,GAAAJ,uBAAA,CAAAJ,OAAA;AAAyB,SAAAS,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAN,wBAAAU,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAAA,SAAAlB,uBAAAY,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAGlB,MAAMiB,qBAAqB,GAAGvB,CAAC,CAACwB,MAAM,CAAC;EAC5CC,MAAM,EAAEzB,CAAC,CAAC0B,MAAM,CAAC,CAAC;EAClBC,aAAa,EAAE3B,CAAC,CACb0B,MAAM,CAAC,CAAC,CAAC;AACd;AACA;AACA;AACA,8BAJc,CAKTE,QAAQ,CAAC;AACd,CAAC,CAAC;;AAEF;AACA;AACA;AACA;AACA;AACA;AACA;AANAC,OAAA,CAAAN,qBAAA,GAAAA,qBAAA;AAOA,MAAMO,2BAA2B,GAC/BC,MAAgD,IACxC;EACR,MAAM,CAACC,WAAW,CAAC,GAAGD,MAAM,CAACE,oBAAoB,CAACC,IAAI,CAACC,IAAI,CAACC,MAAM,CAC/DC,GAAG,IAAKA,GAAG,CAACC,GAAG,KAAK,KAAK,IAAID,GAAG,CAACE,GAAG,KAAK,KAC5C,CAAC;EAED,IAAIP,WAAW,EAAE;IACf,OAAOA,WAAW;EACpB;;EAEA;EACA,MAAM,IAAIQ,gDAAwC,CAChD,4BACF,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMC,cAAc,GAAG,MAAAA,CACrBC,aAAqD,EACrDC,yBAAiC,EAAAC,IAAA,KAK7B;EAAA,IAJJ,CAACC,EAAE,EAAEC,MAAM,EAAEC,SAAS,CAAe,GAAAH,IAAA;EAKrC;EACA,MAAM;IAAEI,KAAK,EAAEC,EAAE;IAAEC;EAAM,CAAC,GAAG,MAAM,IAAAC,eAAQ,EAACN,EAAE,EAAEC,MAAM,CAAC;;EAEvD;EACA,MAAM;IACJM,OAAO,EAAE;MAAEC;IAAI;EACjB,CAAC,GAAG1D,yBAAyB,CAAC2D,MAAM,CAACX,yBAAyB,CAAC;EAE/D,MAAMY,MAAM,GAAG,MAAMR,SAAS,CAACS,YAAY,CAAC,CAAC,CAACC,IAAI,CAAEC,CAAC,IAAKA,CAAC,CAACC,GAAG,CAAC;;EAEhE;EACA,MAAMC,QAAQ,GAAG,MAAM,IAAIC,yBAAO,CAACd,SAAS,CAAC,CAC1Ce,kBAAkB,CAAC;IAClBC,GAAG,EAAE,KAAK;IACVJ,GAAG,EAAEJ;EACP,CAAC,CAAC,CACDS,UAAU,CAAC;IACVf,EAAE,EAAEA,EAAE;IACNgB,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;IACnBd,GAAG;IACHe,KAAK,EAAE1B,aAAa,CAAC0B;EACvB,CAAC,CAAC,CACDC,WAAW,CAAC3B,aAAa,CAAC4B,YAAY,CAAC,CACvCC,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,IAAI,CAAC,CAAC;EAET,MAAMC,QAAQ,GAAGhC,aAAa,CAACiC,KAAK;EACpC,MAAMC,uBAAuB,GAAG;IAC9BC,aAAa,EAAG,GAAEX,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;IAC7BW,EAAE,EAAG,GAAEZ,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;IAClBY,cAAc,EAAE7B,KAAK,CAAC8B,GAAG,CAAEC,CAAC,KAAM;MAChCH,EAAE,EAAEJ,QAAQ;MACZQ,IAAI,EAAG,cAAaD,CAAC,CAACC,IAAK,EAAC;MAC5BC,MAAM,EAAE;IACV,CAAC,CAAC;EACJ,CAAC;EAED,OAAO;IAAEvB,QAAQ;IAAEgB;EAAwB,CAAC;AAC9C,CAAC;AAYD;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMQ,yBAAoD,GAAG,MAAAA,CAClE1C,aAAa,EACb2C,MAAM,EACNC,YAAY,EAAAC,KAAA,KAEuB;EAAA,IADnC;IAAEC,QAAQ,GAAGC,KAAK;IAAE9C;EAA0B,CAAC,GAAA4C,KAAA;EAE/C;EACA;EACA,MAAMG,YAAY,GAAG5D,2BAA2B,CAACuD,MAAM,CAAC;EAExD,MAAM;IAAEzB,QAAQ;IAAEgB;EAAwB,CAAC,GAAG,MAAMnC,cAAc,CAChEC,aAAa,EACbC,yBAAyB,EACzB2C,YACF,CAAC;EAED,MAAMK,oBAAoB,GAAGC,IAAI,CAACC,SAAS,CAAC;IAC1CC,KAAK,EAAEpD,aAAa,CAACoD,KAAK;IAC1BlB,uBAAuB;IACvBR,KAAK,EAAE1B,aAAa,CAAC0B,KAAK;IAC1BR;EACF,CAAC,CAAC;EAEF,MAAMmC,SAAS,GAAG,MAAM,IAAIC,4BAAU,CAACL,oBAAoB,EAAE;IAC3DM,GAAG,EAAE,cAAc;IACnBC,GAAG,EAAE,eAAe;IACpBvC,GAAG,EAAE+B,YAAY,CAAC/B;EACpB,CAAC,CAAC,CAACwC,OAAO,CAACT,YAAY,CAAC;EAExB,MAAMU,QAAQ,GAAG,IAAIC,eAAe,CAAC;IAAEC,QAAQ,EAAEP;EAAU,CAAC,CAAC;EAC7D,MAAMQ,IAAI,GAAGH,QAAQ,CAACI,QAAQ,CAAC,CAAC;EAEhC,OAAOhB,QAAQ,CAAC9C,aAAa,CAAC4B,YAAY,EAAE;IAC1CmC,MAAM,EAAE,MAAM;IACdC,OAAO,EAAE;MACP,cAAc,EAAE;IAClB,CAAC;IACDH;EACF,CAAC,CAAC,CACC9C,IAAI,CAAC,IAAAkD,sBAAgB,EAAC,GAAG,CAAC,CAAC,CAC3BlD,IAAI,CAAEmD,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBpD,IAAI,CAAClC,qBAAqB,CAACuF,KAAK,CAAC;AACtC,CAAC;AAACjF,OAAA,CAAAuD,yBAAA,GAAAA,yBAAA"}
|
|
@@ -1,3 +1,75 @@
|
|
|
1
|
-
# Credential
|
|
1
|
+
# Credential Presentation
|
|
2
2
|
|
|
3
|
-
|
|
3
|
+
## Sequence Diagram
|
|
4
|
+
|
|
5
|
+
```mermaid
|
|
6
|
+
sequenceDiagram
|
|
7
|
+
autonumber
|
|
8
|
+
participant I as Individual using EUDI Wallet
|
|
9
|
+
participant O as Organisational Wallet (Verifier)
|
|
10
|
+
participant A as Organisational Wallet (Issuer)
|
|
11
|
+
|
|
12
|
+
O->>+I: QR-CODE: Authorisation request (`request_uri`)
|
|
13
|
+
I->>+O: GET: Request object, resolved from the `request_uri`
|
|
14
|
+
O->>+I: Respond with the Request object
|
|
15
|
+
I->>+O: GET: /.well-known/jar-issuer/jwk
|
|
16
|
+
O->>+I: Respond with the public key
|
|
17
|
+
|
|
18
|
+
I->>+O: POST: VP token response
|
|
19
|
+
O->>+A: GET: /.well-known/jwt-vc-issuer/jwk
|
|
20
|
+
A->>+O: Respond with the public key
|
|
21
|
+
O->>+I: Redirect: Authorisation response
|
|
22
|
+
```
|
|
23
|
+
|
|
24
|
+
## Mapped results
|
|
25
|
+
|
|
26
|
+
## Examples
|
|
27
|
+
|
|
28
|
+
<details>
|
|
29
|
+
<summary>Remote Presentation flow</summary>
|
|
30
|
+
|
|
31
|
+
```ts
|
|
32
|
+
// Scan e retrive qr-code
|
|
33
|
+
const qrcode = ...
|
|
34
|
+
|
|
35
|
+
// Retrieve the integrity key tag from the store and create its context
|
|
36
|
+
const integrityKeyTag = "example"; // Let's assume this is the key tag used to create the wallet instance
|
|
37
|
+
const integrityContext = getIntegrityContext(integrityKeyTag);
|
|
38
|
+
|
|
39
|
+
// Let's assume the key esists befor starting the presentation process
|
|
40
|
+
const wiaCryptoContext = createCryptoContextFor(WIA_KEYTAG);
|
|
41
|
+
|
|
42
|
+
const { WALLET_PROVIDER_BASE_URL, WALLET_EAA_PROVIDER_BASE_URL, REDIRECT_URI } =
|
|
43
|
+
env; // Let's assume these are the environment variables
|
|
44
|
+
|
|
45
|
+
/**
|
|
46
|
+
* Obtains a new Wallet Instance Attestation.
|
|
47
|
+
* WARNING: The integrity context must be the same used when creating the Wallet Instance with the same keytag.
|
|
48
|
+
*/
|
|
49
|
+
const walletInstanceAttestation =
|
|
50
|
+
await WalletInstanceAttestation.getAttestation({
|
|
51
|
+
wiaCryptoContext,
|
|
52
|
+
integrityContext,
|
|
53
|
+
walletProviderBaseUrl: WALLET_PROVIDER_BASE_URL,
|
|
54
|
+
appFetch,
|
|
55
|
+
});
|
|
56
|
+
|
|
57
|
+
// Start the issuance flow
|
|
58
|
+
const { requestURI, clientId } = Credential.Presentation.startFlowFromQR(qrcode);
|
|
59
|
+
|
|
60
|
+
// If use trust federation: Evaluate issuer trust
|
|
61
|
+
const { rpConf } = await Credential.Presentation.evaluateRelyingPartyTrust(clientId);
|
|
62
|
+
|
|
63
|
+
// If use trust federation: Fetch Jwks from rpConf
|
|
64
|
+
const jwks = await Credential.Presentation.fetchJwksFromConfig(rpConf);
|
|
65
|
+
|
|
66
|
+
// If not use trust: Fetch Jwks from well-know
|
|
67
|
+
const jwks = await Credential.Presentation.fetchJwksFromUri(
|
|
68
|
+
requestURI,
|
|
69
|
+
appFetch,
|
|
70
|
+
);
|
|
71
|
+
|
|
72
|
+
|
|
73
|
+
```
|
|
74
|
+
|
|
75
|
+
</details>
|
|
@@ -10,6 +10,18 @@ Object.defineProperty(exports, "evaluateRelyingPartyTrust", {
|
|
|
10
10
|
return _evaluateRpTrust.evaluateRelyingPartyTrust;
|
|
11
11
|
}
|
|
12
12
|
});
|
|
13
|
+
Object.defineProperty(exports, "fetchJwksFromConfig", {
|
|
14
|
+
enumerable: true,
|
|
15
|
+
get: function () {
|
|
16
|
+
return _retrieveJwks.fetchJwksFromConfig;
|
|
17
|
+
}
|
|
18
|
+
});
|
|
19
|
+
Object.defineProperty(exports, "fetchJwksFromUri", {
|
|
20
|
+
enumerable: true,
|
|
21
|
+
get: function () {
|
|
22
|
+
return _retrieveJwks.fetchJwksFromUri;
|
|
23
|
+
}
|
|
24
|
+
});
|
|
13
25
|
Object.defineProperty(exports, "getRequestObject", {
|
|
14
26
|
enumerable: true,
|
|
15
27
|
get: function () {
|
|
@@ -30,8 +42,9 @@ Object.defineProperty(exports, "startFlowFromQR", {
|
|
|
30
42
|
});
|
|
31
43
|
var _startFlow = require("./01-start-flow");
|
|
32
44
|
var _evaluateRpTrust = require("./02-evaluate-rp-trust");
|
|
33
|
-
var
|
|
34
|
-
var
|
|
45
|
+
var _retrieveJwks = require("./03-retrieve-jwks");
|
|
46
|
+
var _getRequestObject = require("./04-get-request-object");
|
|
47
|
+
var _sendAuthorizationResponse = require("./05-send-authorization-response");
|
|
35
48
|
var Errors = _interopRequireWildcard(require("./errors"));
|
|
36
49
|
exports.Errors = Errors;
|
|
37
50
|
function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_startFlow","require","_evaluateRpTrust","_getRequestObject","_sendAuthorizationResponse","Errors","_interopRequireWildcard","exports","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set"],"sourceRoot":"../../../../src","sources":["credential/presentation/index.ts"],"mappings":"
|
|
1
|
+
{"version":3,"names":["_startFlow","require","_evaluateRpTrust","_retrieveJwks","_getRequestObject","_sendAuthorizationResponse","Errors","_interopRequireWildcard","exports","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set"],"sourceRoot":"../../../../src","sources":["credential/presentation/index.ts"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,IAAAA,UAAA,GAAAC,OAAA;AACA,IAAAC,gBAAA,GAAAD,OAAA;AAIA,IAAAE,aAAA,GAAAF,OAAA;AAKA,IAAAG,iBAAA,GAAAH,OAAA;AAIA,IAAAI,0BAAA,GAAAJ,OAAA;AAIA,IAAAK,MAAA,GAAAC,uBAAA,CAAAN,OAAA;AAAmCO,OAAA,CAAAF,MAAA,GAAAA,MAAA;AAAA,SAAAG,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAH,wBAAAO,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA"}
|
|
@@ -13,16 +13,18 @@ function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj &&
|
|
|
13
13
|
*/
|
|
14
14
|
|
|
15
15
|
const RequestObject = z.object({
|
|
16
|
-
iss: z.string(),
|
|
16
|
+
iss: z.string().optional(),
|
|
17
|
+
//optional by RFC 7519, mandatory for Potential
|
|
17
18
|
iat: _types.UnixTime,
|
|
18
|
-
exp: _types.UnixTime,
|
|
19
|
+
exp: _types.UnixTime.optional(),
|
|
19
20
|
state: z.string(),
|
|
20
21
|
nonce: z.string(),
|
|
21
22
|
response_uri: z.string(),
|
|
22
23
|
response_type: z.literal("vp_token"),
|
|
23
24
|
response_mode: z.literal("direct_post.jwt"),
|
|
24
25
|
client_id: z.string(),
|
|
25
|
-
client_id_scheme: z.
|
|
26
|
+
client_id_scheme: z.string(),
|
|
27
|
+
// previous z.literal("entity_id"),
|
|
26
28
|
scope: z.string()
|
|
27
29
|
});
|
|
28
30
|
exports.RequestObject = RequestObject;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_types","require","z","_interopRequireWildcard","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","RequestObject","object","iss","string","iat","UnixTime","exp","state","nonce","response_uri","response_type","literal","response_mode","client_id","client_id_scheme","scope","exports"],"sourceRoot":"../../../../src","sources":["credential/presentation/types.ts"],"mappings":";;;;;;AACA,IAAAA,MAAA,GAAAC,OAAA;AACA,IAAAC,CAAA,GAAAC,uBAAA,CAAAF,OAAA;AAAyB,SAAAG,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAF,wBAAAM,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAEzB;AACA;AACA;;AAQO,MAAMW,aAAa,GAAGxB,CAAC,CAACyB,MAAM,CAAC;EACpCC,GAAG,EAAE1B,CAAC,CAAC2B,MAAM,CAAC,CAAC;
|
|
1
|
+
{"version":3,"names":["_types","require","z","_interopRequireWildcard","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","RequestObject","object","iss","string","optional","iat","UnixTime","exp","state","nonce","response_uri","response_type","literal","response_mode","client_id","client_id_scheme","scope","exports"],"sourceRoot":"../../../../src","sources":["credential/presentation/types.ts"],"mappings":";;;;;;AACA,IAAAA,MAAA,GAAAC,OAAA;AACA,IAAAC,CAAA,GAAAC,uBAAA,CAAAF,OAAA;AAAyB,SAAAG,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAF,wBAAAM,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAEzB;AACA;AACA;;AAQO,MAAMW,aAAa,GAAGxB,CAAC,CAACyB,MAAM,CAAC;EACpCC,GAAG,EAAE1B,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EAAE;EAC5BC,GAAG,EAAEC,eAAQ;EACbC,GAAG,EAAED,eAAQ,CAACF,QAAQ,CAAC,CAAC;EACxBI,KAAK,EAAEhC,CAAC,CAAC2B,MAAM,CAAC,CAAC;EACjBM,KAAK,EAAEjC,CAAC,CAAC2B,MAAM,CAAC,CAAC;EACjBO,YAAY,EAAElC,CAAC,CAAC2B,MAAM,CAAC,CAAC;EACxBQ,aAAa,EAAEnC,CAAC,CAACoC,OAAO,CAAC,UAAU,CAAC;EACpCC,aAAa,EAAErC,CAAC,CAACoC,OAAO,CAAC,iBAAiB,CAAC;EAC3CE,SAAS,EAAEtC,CAAC,CAAC2B,MAAM,CAAC,CAAC;EACrBY,gBAAgB,EAAEvC,CAAC,CAAC2B,MAAM,CAAC,CAAC;EAAE;EAC9Ba,KAAK,EAAExC,CAAC,CAAC2B,MAAM,CAAC;AAClB,CAAC,CAAC;AAACc,OAAA,CAAAjB,aAAA,GAAAA,aAAA"}
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
|
|
3
|
+
Object.defineProperty(exports, "__esModule", {
|
|
4
|
+
value: true
|
|
5
|
+
});
|
|
6
|
+
exports.getCredentialIssuerMetadata = getCredentialIssuerMetadata;
|
|
7
|
+
var _misc = require("../../../utils/misc");
|
|
8
|
+
var _types = require("./types");
|
|
9
|
+
/**
|
|
10
|
+
* Fetch the signed entity configuration token for an entity
|
|
11
|
+
*
|
|
12
|
+
* @param entityBaseUrl The url of the entity to fetch
|
|
13
|
+
* @param param.appFetch (optional) fetch api implemention
|
|
14
|
+
* @returns The signed Entity Configuration token
|
|
15
|
+
*/
|
|
16
|
+
async function getCredentialIssuerMetadata(entityBaseUrl) {
|
|
17
|
+
let {
|
|
18
|
+
appFetch = fetch
|
|
19
|
+
} = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {};
|
|
20
|
+
const wellKnownUrl = `${entityBaseUrl}/.well-known/openid-credential-issuer`;
|
|
21
|
+
return await appFetch(wellKnownUrl, {
|
|
22
|
+
method: "GET"
|
|
23
|
+
}).then((0, _misc.hasStatusOrThrow)(200)).then(res => res.json()).then(_types.CredentialIssuerConfiguration.parse);
|
|
24
|
+
}
|
|
25
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["_misc","require","_types","getCredentialIssuerMetadata","entityBaseUrl","appFetch","fetch","arguments","length","undefined","wellKnownUrl","method","then","hasStatusOrThrow","res","json","CredentialIssuerConfiguration","parse"],"sourceRoot":"../../../../../src","sources":["entity/openid-connect/issuer/index.ts"],"mappings":";;;;;;AAAA,IAAAA,KAAA,GAAAC,OAAA;AACA,IAAAC,MAAA,GAAAD,OAAA;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,eAAeE,2BAA2BA,CAC/CC,aAAqB,EAMmB;EAAA,IALxC;IACEC,QAAQ,GAAGC;EAGb,CAAC,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EAEN,MAAMG,YAAY,GAAI,GAAEN,aAAc,uCAAsC;EAE5E,OAAO,MAAMC,QAAQ,CAACK,YAAY,EAAE;IAClCC,MAAM,EAAE;EACV,CAAC,CAAC,CACCC,IAAI,CAAC,IAAAC,sBAAgB,EAAC,GAAG,CAAC,CAAC,CAC3BD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBH,IAAI,CAACI,oCAA6B,CAACC,KAAK,CAAC;AAC9C"}
|