@pagopa/io-react-native-wallet 0.27.0 → 1.1.0
Sign up to get free protection for your applications and to get access to all the features.
- package/lib/commonjs/credential/index.js +1 -5
- package/lib/commonjs/credential/index.js.map +1 -1
- package/lib/commonjs/credential/issuance/02-get-issuer-config.js +48 -0
- package/lib/commonjs/credential/issuance/02-get-issuer-config.js.map +1 -0
- package/lib/commonjs/credential/issuance/03-start-user-authorization.js +16 -20
- package/lib/commonjs/credential/issuance/03-start-user-authorization.js.map +1 -1
- package/lib/commonjs/credential/issuance/04-complete-user-authorization.js +8 -8
- package/lib/commonjs/credential/issuance/04-complete-user-authorization.js.map +1 -1
- package/lib/commonjs/credential/issuance/05-authorize-access.js +8 -9
- package/lib/commonjs/credential/issuance/05-authorize-access.js.map +1 -1
- package/lib/commonjs/credential/issuance/06-obtain-credential.js +18 -21
- package/lib/commonjs/credential/issuance/06-obtain-credential.js.map +1 -1
- package/lib/commonjs/credential/issuance/07-verify-and-parse-credential.js +3 -3
- package/lib/commonjs/credential/issuance/07-verify-and-parse-credential.js.map +1 -1
- package/lib/commonjs/credential/issuance/README.md +18 -21
- package/lib/commonjs/credential/issuance/index.js +3 -3
- package/lib/commonjs/credential/issuance/index.js.map +1 -1
- package/lib/commonjs/credential/issuance/types.js +1 -1
- package/lib/commonjs/credential/issuance/types.js.map +1 -1
- package/lib/commonjs/credential/presentation/01-start-flow.js +7 -2
- package/lib/commonjs/credential/presentation/01-start-flow.js.map +1 -1
- package/lib/commonjs/credential/presentation/02-evaluate-rp-trust.js +2 -2
- package/lib/commonjs/credential/presentation/02-evaluate-rp-trust.js.map +1 -1
- package/lib/commonjs/credential/presentation/03-retrieve-jwks.js +68 -0
- package/lib/commonjs/credential/presentation/03-retrieve-jwks.js.map +1 -0
- package/lib/commonjs/credential/presentation/{03-get-request-object.js → 04-get-request-object.js} +27 -13
- package/lib/commonjs/credential/presentation/04-get-request-object.js.map +1 -0
- package/lib/commonjs/credential/presentation/{04-send-authorization-response.js → 05-send-authorization-response.js} +1 -1
- package/lib/commonjs/credential/presentation/{04-send-authorization-response.js.map → 05-send-authorization-response.js.map} +1 -1
- package/lib/commonjs/credential/presentation/README.md +74 -2
- package/lib/commonjs/credential/presentation/index.js +15 -2
- package/lib/commonjs/credential/presentation/index.js.map +1 -1
- package/lib/commonjs/credential/presentation/types.js +5 -3
- package/lib/commonjs/credential/presentation/types.js.map +1 -1
- package/lib/commonjs/entity/openid-connect/issuer/index.js +25 -0
- package/lib/commonjs/entity/openid-connect/issuer/index.js.map +1 -0
- package/lib/commonjs/entity/openid-connect/issuer/types.js +61 -0
- package/lib/commonjs/entity/openid-connect/issuer/types.js.map +1 -0
- package/lib/commonjs/{trust → entity/trust}/chain.js +1 -1
- package/lib/commonjs/entity/trust/chain.js.map +1 -0
- package/lib/commonjs/{trust → entity/trust}/index.js +1 -1
- package/lib/commonjs/entity/trust/index.js.map +1 -0
- package/lib/commonjs/{trust → entity/trust}/types.js +2 -2
- package/lib/commonjs/entity/trust/types.js.map +1 -0
- package/lib/commonjs/index.js +1 -3
- package/lib/commonjs/index.js.map +1 -1
- package/lib/commonjs/pid/sd-jwt/types.js +2 -18
- package/lib/commonjs/pid/sd-jwt/types.js.map +1 -1
- package/lib/commonjs/sd-jwt/__test__/index.test.js +32 -23
- package/lib/commonjs/sd-jwt/__test__/index.test.js.map +1 -1
- package/lib/commonjs/sd-jwt/__test__/types.test.js +20 -11
- package/lib/commonjs/sd-jwt/__test__/types.test.js.map +1 -1
- package/lib/commonjs/sd-jwt/types.js +18 -5
- package/lib/commonjs/sd-jwt/types.js.map +1 -1
- package/lib/commonjs/utils/error-codes.js +1 -13
- package/lib/commonjs/utils/error-codes.js.map +1 -1
- package/lib/commonjs/utils/errors.js +2 -53
- package/lib/commonjs/utils/errors.js.map +1 -1
- package/lib/commonjs/utils/jwk.js +5 -1
- package/lib/commonjs/utils/jwk.js.map +1 -1
- package/lib/commonjs/utils/par.js +6 -12
- package/lib/commonjs/utils/par.js.map +1 -1
- package/lib/module/credential/index.js +1 -3
- package/lib/module/credential/index.js.map +1 -1
- package/lib/module/credential/issuance/02-get-issuer-config.js +42 -0
- package/lib/module/credential/issuance/02-get-issuer-config.js.map +1 -0
- package/lib/module/credential/issuance/03-start-user-authorization.js +16 -20
- package/lib/module/credential/issuance/03-start-user-authorization.js.map +1 -1
- package/lib/module/credential/issuance/04-complete-user-authorization.js +8 -8
- package/lib/module/credential/issuance/04-complete-user-authorization.js.map +1 -1
- package/lib/module/credential/issuance/05-authorize-access.js +8 -9
- package/lib/module/credential/issuance/05-authorize-access.js.map +1 -1
- package/lib/module/credential/issuance/06-obtain-credential.js +18 -21
- package/lib/module/credential/issuance/06-obtain-credential.js.map +1 -1
- package/lib/module/credential/issuance/07-verify-and-parse-credential.js +3 -3
- package/lib/module/credential/issuance/07-verify-and-parse-credential.js.map +1 -1
- package/lib/module/credential/issuance/README.md +18 -21
- package/lib/module/credential/issuance/index.js +2 -2
- package/lib/module/credential/issuance/index.js.map +1 -1
- package/lib/module/credential/issuance/types.js +1 -1
- package/lib/module/credential/issuance/types.js.map +1 -1
- package/lib/module/credential/presentation/01-start-flow.js +7 -2
- package/lib/module/credential/presentation/01-start-flow.js.map +1 -1
- package/lib/module/credential/presentation/02-evaluate-rp-trust.js +1 -1
- package/lib/module/credential/presentation/02-evaluate-rp-trust.js.map +1 -1
- package/lib/module/credential/presentation/03-retrieve-jwks.js +61 -0
- package/lib/module/credential/presentation/03-retrieve-jwks.js.map +1 -0
- package/lib/module/credential/presentation/{03-get-request-object.js → 04-get-request-object.js} +26 -12
- package/lib/module/credential/presentation/04-get-request-object.js.map +1 -0
- package/lib/module/credential/presentation/{04-send-authorization-response.js → 05-send-authorization-response.js} +1 -1
- package/lib/module/credential/presentation/{04-send-authorization-response.js.map → 05-send-authorization-response.js.map} +1 -1
- package/lib/module/credential/presentation/README.md +74 -2
- package/lib/module/credential/presentation/index.js +4 -3
- package/lib/module/credential/presentation/index.js.map +1 -1
- package/lib/module/credential/presentation/types.js +5 -3
- package/lib/module/credential/presentation/types.js.map +1 -1
- package/lib/module/entity/openid-connect/issuer/index.js +20 -0
- package/lib/module/entity/openid-connect/issuer/index.js.map +1 -0
- package/lib/module/entity/openid-connect/issuer/types.js +47 -0
- package/lib/module/entity/openid-connect/issuer/types.js.map +1 -0
- package/lib/module/{trust → entity/trust}/chain.js +1 -1
- package/lib/module/entity/trust/chain.js.map +1 -0
- package/lib/module/{trust → entity/trust}/index.js +1 -1
- package/lib/module/entity/trust/index.js.map +1 -0
- package/lib/module/{trust → entity/trust}/types.js +2 -2
- package/lib/module/entity/trust/types.js.map +1 -0
- package/lib/module/index.js +1 -2
- package/lib/module/index.js.map +1 -1
- package/lib/module/pid/sd-jwt/types.js +1 -16
- package/lib/module/pid/sd-jwt/types.js.map +1 -1
- package/lib/module/sd-jwt/__test__/index.test.js +32 -23
- package/lib/module/sd-jwt/__test__/index.test.js.map +1 -1
- package/lib/module/sd-jwt/__test__/types.test.js +20 -11
- package/lib/module/sd-jwt/__test__/types.test.js.map +1 -1
- package/lib/module/sd-jwt/types.js +16 -4
- package/lib/module/sd-jwt/types.js.map +1 -1
- package/lib/module/utils/error-codes.js +1 -13
- package/lib/module/utils/error-codes.js.map +1 -1
- package/lib/module/utils/errors.js +0 -48
- package/lib/module/utils/errors.js.map +1 -1
- package/lib/module/utils/jwk.js +3 -0
- package/lib/module/utils/jwk.js.map +1 -1
- package/lib/module/utils/par.js +6 -12
- package/lib/module/utils/par.js.map +1 -1
- package/lib/typescript/credential/index.d.ts +1 -3
- package/lib/typescript/credential/index.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/01-start-flow.d.ts +1 -1
- package/lib/typescript/credential/issuance/02-get-issuer-config.d.ts +32 -0
- package/lib/typescript/credential/issuance/02-get-issuer-config.d.ts.map +1 -0
- package/lib/typescript/credential/issuance/03-start-user-authorization.d.ts +3 -3
- package/lib/typescript/credential/issuance/03-start-user-authorization.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/04-complete-user-authorization.d.ts +8 -8
- package/lib/typescript/credential/issuance/04-complete-user-authorization.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/05-authorize-access.d.ts +3 -3
- package/lib/typescript/credential/issuance/05-authorize-access.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/06-obtain-credential.d.ts +3 -3
- package/lib/typescript/credential/issuance/06-obtain-credential.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/07-verify-and-parse-credential.d.ts +3 -3
- package/lib/typescript/credential/issuance/07-verify-and-parse-credential.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/index.d.ts +3 -3
- package/lib/typescript/credential/issuance/index.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/types.d.ts +4 -9
- package/lib/typescript/credential/issuance/types.d.ts.map +1 -1
- package/lib/typescript/credential/presentation/01-start-flow.d.ts.map +1 -1
- package/lib/typescript/credential/presentation/02-evaluate-rp-trust.d.ts +1 -1
- package/lib/typescript/credential/presentation/02-evaluate-rp-trust.d.ts.map +1 -1
- package/lib/typescript/credential/presentation/03-retrieve-jwks.d.ts +41 -0
- package/lib/typescript/credential/presentation/03-retrieve-jwks.d.ts.map +1 -0
- package/lib/typescript/credential/presentation/{03-get-request-object.d.ts → 04-get-request-object.d.ts} +4 -4
- package/lib/typescript/credential/presentation/04-get-request-object.d.ts.map +1 -0
- package/lib/typescript/credential/presentation/{04-send-authorization-response.d.ts → 05-send-authorization-response.d.ts} +2 -2
- package/lib/typescript/credential/presentation/{04-send-authorization-response.d.ts.map → 05-send-authorization-response.d.ts.map} +1 -1
- package/lib/typescript/credential/presentation/index.d.ts +5 -4
- package/lib/typescript/credential/presentation/index.d.ts.map +1 -1
- package/lib/typescript/credential/presentation/types.d.ts +15 -15
- package/lib/typescript/entity/openid-connect/issuer/index.d.ts +12 -0
- package/lib/typescript/entity/openid-connect/issuer/index.d.ts.map +1 -0
- package/lib/typescript/entity/openid-connect/issuer/types.d.ts +641 -0
- package/lib/typescript/entity/openid-connect/issuer/types.d.ts.map +1 -0
- package/lib/typescript/entity/trust/chain.d.ts.map +1 -0
- package/lib/typescript/{trust → entity/trust}/index.d.ts +97 -97
- package/lib/typescript/entity/trust/index.d.ts.map +1 -0
- package/lib/typescript/{trust → entity/trust}/types.d.ts +597 -597
- package/lib/typescript/{trust → entity/trust}/types.d.ts.map +1 -1
- package/lib/typescript/index.d.ts +1 -2
- package/lib/typescript/index.d.ts.map +1 -1
- package/lib/typescript/pid/sd-jwt/types.d.ts +25 -103
- package/lib/typescript/pid/sd-jwt/types.d.ts.map +1 -1
- package/lib/typescript/sd-jwt/index.d.ts +60 -20
- package/lib/typescript/sd-jwt/index.d.ts.map +1 -1
- package/lib/typescript/sd-jwt/types.d.ts +114 -24
- package/lib/typescript/sd-jwt/types.d.ts.map +1 -1
- package/lib/typescript/utils/error-codes.d.ts +0 -12
- package/lib/typescript/utils/error-codes.d.ts.map +1 -1
- package/lib/typescript/utils/errors.d.ts +6 -37
- package/lib/typescript/utils/errors.d.ts.map +1 -1
- package/lib/typescript/utils/jwk.d.ts +135 -0
- package/lib/typescript/utils/jwk.d.ts.map +1 -1
- package/lib/typescript/utils/par.d.ts +1 -8
- package/lib/typescript/utils/par.d.ts.map +1 -1
- package/lib/typescript/wallet-instance-attestation/types.d.ts +12 -12
- package/package.json +1 -1
- package/src/credential/index.ts +1 -4
- package/src/credential/issuance/01-start-flow.ts +1 -1
- package/src/credential/issuance/02-get-issuer-config.ts +67 -0
- package/src/credential/issuance/03-start-user-authorization.ts +22 -30
- package/src/credential/issuance/04-complete-user-authorization.ts +11 -13
- package/src/credential/issuance/05-authorize-access.ts +8 -10
- package/src/credential/issuance/06-obtain-credential.ts +30 -31
- package/src/credential/issuance/07-verify-and-parse-credential.ts +6 -6
- package/src/credential/issuance/README.md +18 -21
- package/src/credential/issuance/index.ts +3 -6
- package/src/credential/issuance/types.ts +1 -1
- package/src/credential/presentation/01-start-flow.ts +8 -2
- package/src/credential/presentation/02-evaluate-rp-trust.ts +2 -2
- package/src/credential/presentation/03-retrieve-jwks.ts +73 -0
- package/src/credential/presentation/{03-get-request-object.ts → 04-get-request-object.ts} +33 -15
- package/src/credential/presentation/{04-send-authorization-response.ts → 05-send-authorization-response.ts} +1 -1
- package/src/credential/presentation/README.md +74 -2
- package/src/credential/presentation/index.ts +10 -2
- package/src/credential/presentation/types.ts +3 -3
- package/src/entity/openid-connect/issuer/index.ts +27 -0
- package/src/entity/openid-connect/issuer/types.ts +68 -0
- package/src/{trust → entity/trust}/chain.ts +2 -2
- package/src/{trust → entity/trust}/index.ts +1 -1
- package/src/{trust → entity/trust}/types.ts +2 -2
- package/src/index.ts +0 -2
- package/src/pid/sd-jwt/types.ts +1 -18
- package/src/sd-jwt/__test__/index.test.ts +47 -37
- package/src/sd-jwt/__test__/types.test.ts +26 -16
- package/src/sd-jwt/types.ts +16 -2
- package/src/utils/error-codes.ts +0 -12
- package/src/utils/errors.ts +12 -86
- package/src/utils/jwk.ts +5 -0
- package/src/utils/par.ts +3 -10
- package/lib/commonjs/credential/issuance/02-evaluate-issuer-trust.js +0 -27
- package/lib/commonjs/credential/issuance/02-evaluate-issuer-trust.js.map +0 -1
- package/lib/commonjs/credential/presentation/03-get-request-object.js.map +0 -1
- package/lib/commonjs/credential/status/01-start-flow.js +0 -2
- package/lib/commonjs/credential/status/01-start-flow.js.map +0 -1
- package/lib/commonjs/credential/status/02-status-attestation.js +0 -72
- package/lib/commonjs/credential/status/02-status-attestation.js.map +0 -1
- package/lib/commonjs/credential/status/03-verify-and-parse-status-attestation.js +0 -52
- package/lib/commonjs/credential/status/03-verify-and-parse-status-attestation.js.map +0 -1
- package/lib/commonjs/credential/status/README.md +0 -67
- package/lib/commonjs/credential/status/index.js +0 -27
- package/lib/commonjs/credential/status/index.js.map +0 -1
- package/lib/commonjs/credential/status/types.js +0 -48
- package/lib/commonjs/credential/status/types.js.map +0 -1
- package/lib/commonjs/credential/trustmark/README.md +0 -62
- package/lib/commonjs/credential/trustmark/get-credential-trustmark.js +0 -81
- package/lib/commonjs/credential/trustmark/get-credential-trustmark.js.map +0 -1
- package/lib/commonjs/credential/trustmark/index.js +0 -13
- package/lib/commonjs/credential/trustmark/index.js.map +0 -1
- package/lib/commonjs/trust/chain.js.map +0 -1
- package/lib/commonjs/trust/index.js.map +0 -1
- package/lib/commonjs/trust/types.js.map +0 -1
- package/lib/module/credential/issuance/02-evaluate-issuer-trust.js +0 -20
- package/lib/module/credential/issuance/02-evaluate-issuer-trust.js.map +0 -1
- package/lib/module/credential/presentation/03-get-request-object.js.map +0 -1
- package/lib/module/credential/status/01-start-flow.js +0 -2
- package/lib/module/credential/status/01-start-flow.js.map +0 -1
- package/lib/module/credential/status/02-status-attestation.js +0 -64
- package/lib/module/credential/status/02-status-attestation.js.map +0 -1
- package/lib/module/credential/status/03-verify-and-parse-status-attestation.js +0 -46
- package/lib/module/credential/status/03-verify-and-parse-status-attestation.js.map +0 -1
- package/lib/module/credential/status/README.md +0 -67
- package/lib/module/credential/status/index.js +0 -5
- package/lib/module/credential/status/index.js.map +0 -1
- package/lib/module/credential/status/types.js +0 -40
- package/lib/module/credential/status/types.js.map +0 -1
- package/lib/module/credential/trustmark/README.md +0 -62
- package/lib/module/credential/trustmark/get-credential-trustmark.js +0 -72
- package/lib/module/credential/trustmark/get-credential-trustmark.js.map +0 -1
- package/lib/module/credential/trustmark/index.js +0 -3
- package/lib/module/credential/trustmark/index.js.map +0 -1
- package/lib/module/trust/chain.js.map +0 -1
- package/lib/module/trust/index.js.map +0 -1
- package/lib/module/trust/types.js.map +0 -1
- package/lib/typescript/credential/issuance/02-evaluate-issuer-trust.d.ts +0 -19
- package/lib/typescript/credential/issuance/02-evaluate-issuer-trust.d.ts.map +0 -1
- package/lib/typescript/credential/presentation/03-get-request-object.d.ts.map +0 -1
- package/lib/typescript/credential/status/01-start-flow.d.ts +0 -10
- package/lib/typescript/credential/status/01-start-flow.d.ts.map +0 -1
- package/lib/typescript/credential/status/02-status-attestation.d.ts +0 -19
- package/lib/typescript/credential/status/02-status-attestation.d.ts.map +0 -1
- package/lib/typescript/credential/status/03-verify-and-parse-status-attestation.d.ts +0 -24
- package/lib/typescript/credential/status/03-verify-and-parse-status-attestation.d.ts.map +0 -1
- package/lib/typescript/credential/status/index.d.ts +0 -7
- package/lib/typescript/credential/status/index.d.ts.map +0 -1
- package/lib/typescript/credential/status/types.d.ts +0 -305
- package/lib/typescript/credential/status/types.d.ts.map +0 -1
- package/lib/typescript/credential/trustmark/get-credential-trustmark.d.ts +0 -52
- package/lib/typescript/credential/trustmark/get-credential-trustmark.d.ts.map +0 -1
- package/lib/typescript/credential/trustmark/index.d.ts +0 -4
- package/lib/typescript/credential/trustmark/index.d.ts.map +0 -1
- package/lib/typescript/trust/chain.d.ts.map +0 -1
- package/lib/typescript/trust/index.d.ts.map +0 -1
- package/src/credential/issuance/02-evaluate-issuer-trust.ts +0 -32
- package/src/credential/status/01-start-flow.ts +0 -9
- package/src/credential/status/02-status-attestation.ts +0 -102
- package/src/credential/status/03-verify-and-parse-status-attestation.ts +0 -60
- package/src/credential/status/README.md +0 -67
- package/src/credential/status/index.ts +0 -22
- package/src/credential/status/types.ts +0 -43
- package/src/credential/trustmark/README.md +0 -62
- package/src/credential/trustmark/get-credential-trustmark.ts +0 -120
- package/src/credential/trustmark/index.ts +0 -8
- /package/lib/typescript/{trust → entity/trust}/chain.d.ts +0 -0
|
@@ -6,7 +6,7 @@ There's a fork in the flow which is based on the type of the credential that is
|
|
|
6
6
|
This is due to the fact that eID credentials require a different authorization flow than other credentials, which is accomplished by a strong authentication method like SPID or CIE.
|
|
7
7
|
Credentials instead require a simpler authorization flow and they require other credentials to be presented in order to be issued.
|
|
8
8
|
|
|
9
|
-
The supported credentials are defined in the entity configuration of the issuer which is evaluted and parsed in the `
|
|
9
|
+
The supported credentials are defined in the entity configuration of the issuer which is evaluted and parsed in the `getIssuerConfig` step.
|
|
10
10
|
|
|
11
11
|
## Sequence Diagram
|
|
12
12
|
|
|
@@ -14,7 +14,7 @@ The supported credentials are defined in the entity configuration of the issuer
|
|
|
14
14
|
graph TD;
|
|
15
15
|
0[WalletInstanceAttestation.getAttestation]
|
|
16
16
|
1[startFlow]
|
|
17
|
-
2[
|
|
17
|
+
2[getIssuerConfig]
|
|
18
18
|
3[startUserAuthorization]
|
|
19
19
|
C4[getRequestedCredentialToBePresented]
|
|
20
20
|
C4.1[completeUserAuthorizationWithFormPostJwtMode]
|
|
@@ -41,12 +41,9 @@ graph TD;
|
|
|
41
41
|
|
|
42
42
|
The following errors are mapped to a `IssuerResponseError` with specific codes.
|
|
43
43
|
|
|
44
|
-
|HTTP Status|Error Code|Description|
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|`403 Forbidden`|`ERR_CREDENTIAL_INVALID_STATUS`|This response is returned by the credential issuer when the requested credential has an invalid status. It might contain more details in the `reason` property.|
|
|
48
|
-
|`404 Not Found`|`ERR_CREDENTIAL_INVALID_STATUS`| This response is returned by the credential issuer when the authenticated user is not entitled to receive the requested credential. It might contain more details in the `reason` property.|
|
|
49
|
-
|`*`|`ERR_ISSUER_GENERIC_ERROR`|This is a generic error code to map unexpected errors that occurred when interacting with the Issuer.|
|
|
44
|
+
| HTTP Status | Error Code | Description |
|
|
45
|
+
| ----------- | -------------------------- | ----------------------------------------------------------------------------------------------------- |
|
|
46
|
+
| `*` | `ERR_ISSUER_GENERIC_ERROR` | This is a generic error code to map unexpected errors that occurred when interacting with the Issuer. |
|
|
50
47
|
|
|
51
48
|
## Strong authentication for eID issuance (Query Mode)
|
|
52
49
|
|
|
@@ -121,7 +118,7 @@ const startFlow: Credential.Issuance.StartFlow = () => ({
|
|
|
121
118
|
const { issuerUrl } = startFlow();
|
|
122
119
|
|
|
123
120
|
// Evaluate issuer trust
|
|
124
|
-
const { issuerConf } = await Credential.Issuance.
|
|
121
|
+
const { issuerConf } = await Credential.Issuance.getIssuerConfig(issuerUrl);
|
|
125
122
|
|
|
126
123
|
// Start user authorization
|
|
127
124
|
const { issuerRequestUri, clientId, codeVerifier, credentialDefinition } =
|
|
@@ -251,17 +248,16 @@ const credentialCryptoContext = createCryptoContextFor(credentialKeyTag);
|
|
|
251
248
|
// Start the issuance flow
|
|
252
249
|
const startFlow: Credential.Issuance.StartFlow = () => ({
|
|
253
250
|
issuerUrl: WALLET_EID_PROVIDER_BASE_URL,
|
|
254
|
-
credentialType: "
|
|
251
|
+
credentialType: "urn:eu.europa.ec.eudi:pid:1",
|
|
255
252
|
appFetch,
|
|
256
253
|
});
|
|
257
254
|
|
|
258
255
|
const { issuerUrl } = startFlow();
|
|
259
256
|
|
|
260
257
|
// Evaluate issuer trust
|
|
261
|
-
const { issuerConf } = await Credential.Issuance.
|
|
262
|
-
|
|
263
|
-
|
|
264
|
-
);
|
|
258
|
+
const { issuerConf } = await Credential.Issuance.getIssuerConfig(issuerUrl, {
|
|
259
|
+
appFetch,
|
|
260
|
+
});
|
|
265
261
|
|
|
266
262
|
// Start user authorization
|
|
267
263
|
const { issuerRequestUri, clientId, codeVerifier, credentialDefinition } =
|
|
@@ -315,12 +311,13 @@ const { credential, format } = await Credential.Issuance.obtainCredential(
|
|
|
315
311
|
);
|
|
316
312
|
|
|
317
313
|
// Parse and verify the eID credential
|
|
318
|
-
const { parsedCredential, issuedAt, expiration } =
|
|
319
|
-
|
|
320
|
-
|
|
321
|
-
|
|
322
|
-
|
|
323
|
-
|
|
314
|
+
const { parsedCredential, issuedAt, expiration } =
|
|
315
|
+
await Credential.Issuance.verifyAndParseCredential(
|
|
316
|
+
issuerConf,
|
|
317
|
+
credential,
|
|
318
|
+
format,
|
|
319
|
+
{ credentialCryptoContext }
|
|
320
|
+
);
|
|
324
321
|
|
|
325
322
|
return {
|
|
326
323
|
parsedCredential,
|
|
@@ -328,7 +325,7 @@ return {
|
|
|
328
325
|
keyTag: credentialKeyTag,
|
|
329
326
|
credentialType,
|
|
330
327
|
issuedAt,
|
|
331
|
-
expiration
|
|
328
|
+
expiration,
|
|
332
329
|
};
|
|
333
330
|
```
|
|
334
331
|
|
|
@@ -28,10 +28,10 @@ Object.defineProperty(exports, "completeUserAuthorizationWithQueryMode", {
|
|
|
28
28
|
return _completeUserAuthorization.completeUserAuthorizationWithQueryMode;
|
|
29
29
|
}
|
|
30
30
|
});
|
|
31
|
-
Object.defineProperty(exports, "
|
|
31
|
+
Object.defineProperty(exports, "getIssuerConfig", {
|
|
32
32
|
enumerable: true,
|
|
33
33
|
get: function () {
|
|
34
|
-
return
|
|
34
|
+
return _getIssuerConfig.getIssuerConfig;
|
|
35
35
|
}
|
|
36
36
|
});
|
|
37
37
|
Object.defineProperty(exports, "getRequestedCredentialToBePresented", {
|
|
@@ -64,7 +64,7 @@ Object.defineProperty(exports, "verifyAndParseCredential", {
|
|
|
64
64
|
return _verifyAndParseCredential.verifyAndParseCredential;
|
|
65
65
|
}
|
|
66
66
|
});
|
|
67
|
-
var
|
|
67
|
+
var _getIssuerConfig = require("./02-get-issuer-config");
|
|
68
68
|
var _startUserAuthorization = require("./03-start-user-authorization");
|
|
69
69
|
var _completeUserAuthorization = require("./04-complete-user-authorization");
|
|
70
70
|
var _authorizeAccess = require("./05-authorize-access");
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["
|
|
1
|
+
{"version":3,"names":["_getIssuerConfig","require","_startUserAuthorization","_completeUserAuthorization","_authorizeAccess","_obtainCredential","_verifyAndParseCredential","Errors","_interopRequireWildcard","exports","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set"],"sourceRoot":"../../../../src","sources":["credential/issuance/index.ts"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AACA,IAAAA,gBAAA,GAAAC,OAAA;AACA,IAAAC,uBAAA,GAAAD,OAAA;AAIA,IAAAE,0BAAA,GAAAF,OAAA;AAWA,IAAAG,gBAAA,GAAAH,OAAA;AACA,IAAAI,iBAAA,GAAAJ,OAAA;AAIA,IAAAK,yBAAA,GAAAL,OAAA;AAIA,IAAAM,MAAA,GAAAC,uBAAA,CAAAP,OAAA;AAAmCQ,OAAA,CAAAF,MAAA,GAAAA,MAAA;AAAA,SAAAG,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAH,wBAAAO,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA"}
|
|
@@ -11,7 +11,7 @@ function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "functio
|
|
|
11
11
|
function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
|
|
12
12
|
const TokenResponse = z.object({
|
|
13
13
|
access_token: z.string(),
|
|
14
|
-
authorization_details:
|
|
14
|
+
authorization_details: _par.AuthorizationDetail,
|
|
15
15
|
c_nonce: z.string(),
|
|
16
16
|
c_nonce_expires_in: z.number(),
|
|
17
17
|
expires_in: z.number(),
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_par","require","z","_interopRequireWildcard","_const","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","TokenResponse","object","access_token","string","authorization_details","
|
|
1
|
+
{"version":3,"names":["_par","require","z","_interopRequireWildcard","_const","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","TokenResponse","object","access_token","string","authorization_details","AuthorizationDetail","c_nonce","c_nonce_expires_in","number","expires_in","token_type","exports","CredentialResponse","credential","format","SupportedCredentialFormat","ResponseUriResultShape","redirect_uri"],"sourceRoot":"../../../../src","sources":["credential/issuance/types.ts"],"mappings":";;;;;;AAAA,IAAAA,IAAA,GAAAC,OAAA;AACA,IAAAC,CAAA,GAAAC,uBAAA,CAAAF,OAAA;AACA,IAAAG,MAAA,GAAAH,OAAA;AAAoD,SAAAI,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAH,wBAAAO,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAI7C,MAAMW,aAAa,GAAGzB,CAAC,CAAC0B,MAAM,CAAC;EACpCC,YAAY,EAAE3B,CAAC,CAAC4B,MAAM,CAAC,CAAC;EACxBC,qBAAqB,EAAEC,wBAAmB;EAC1CC,OAAO,EAAE/B,CAAC,CAAC4B,MAAM,CAAC,CAAC;EACnBI,kBAAkB,EAAEhC,CAAC,CAACiC,MAAM,CAAC,CAAC;EAC9BC,UAAU,EAAElC,CAAC,CAACiC,MAAM,CAAC,CAAC;EACtBE,UAAU,EAAEnC,CAAC,CAAC4B,MAAM,CAAC;AACvB,CAAC,CAAC;AAACQ,OAAA,CAAAX,aAAA,GAAAA,aAAA;AAII,MAAMY,kBAAkB,GAAGrC,CAAC,CAAC0B,MAAM,CAAC;EACzCK,OAAO,EAAE/B,CAAC,CAAC4B,MAAM,CAAC,CAAC;EACnBI,kBAAkB,EAAEhC,CAAC,CAACiC,MAAM,CAAC,CAAC;EAC9BK,UAAU,EAAEtC,CAAC,CAAC4B,MAAM,CAAC,CAAC;EACtBW,MAAM,EAAEC;AACV,CAAC,CAAC;;AAEF;AACA;AACA;AAFAJ,OAAA,CAAAC,kBAAA,GAAAA,kBAAA;AAGO,MAAMI,sBAAsB,GAAGzC,CAAC,CAAC0B,MAAM,CAAC;EAC7CgB,YAAY,EAAE1C,CAAC,CAAC4B,MAAM,CAAC;AACzB,CAAC,CAAC;AAACQ,OAAA,CAAAK,sBAAA,GAAAA,sBAAA"}
|
|
@@ -33,8 +33,13 @@ const QRCodePayload = z.object({
|
|
|
33
33
|
* @throws If the provided qr code fails to be decoded
|
|
34
34
|
*/
|
|
35
35
|
const startFlowFromQR = qrcode => {
|
|
36
|
-
|
|
37
|
-
|
|
36
|
+
let decodedUrl;
|
|
37
|
+
try {
|
|
38
|
+
const decoded = (0, _ioReactNativeJwt.decodeBase64)(qrcode);
|
|
39
|
+
decodedUrl = new URL(decoded);
|
|
40
|
+
} catch (error) {
|
|
41
|
+
throw new _errors.AuthRequestDecodeError("Failed to decode QR code: ", qrcode);
|
|
42
|
+
}
|
|
38
43
|
const protocol = decodedUrl.protocol;
|
|
39
44
|
const resource = decodedUrl.hostname;
|
|
40
45
|
const requestURI = decodedUrl.searchParams.get("request_uri");
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["z","_interopRequireWildcard","require","_ioReactNativeJwt","_errors","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","QRCodePayload","object","protocol","string","resource","clientId","requestURI","startFlowFromQR","qrcode","decoded","decodeBase64","
|
|
1
|
+
{"version":3,"names":["z","_interopRequireWildcard","require","_ioReactNativeJwt","_errors","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","QRCodePayload","object","protocol","string","resource","clientId","requestURI","startFlowFromQR","qrcode","decodedUrl","decoded","decodeBase64","URL","error","AuthRequestDecodeError","hostname","searchParams","result","safeParse","success","data","message","exports"],"sourceRoot":"../../../../src","sources":["credential/presentation/01-start-flow.ts"],"mappings":";;;;;;AAAA,IAAAA,CAAA,GAAAC,uBAAA,CAAAC,OAAA;AACA,IAAAC,iBAAA,GAAAD,OAAA;AACA,IAAAE,OAAA,GAAAF,OAAA;AAAkD,SAAAG,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAL,wBAAAS,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAElD,MAAMW,aAAa,GAAG3B,CAAC,CAAC4B,MAAM,CAAC;EAC7BC,QAAQ,EAAE7B,CAAC,CAAC8B,MAAM,CAAC,CAAC;EACpBC,QAAQ,EAAE/B,CAAC,CAAC8B,MAAM,CAAC,CAAC;EAAE;EACtBE,QAAQ,EAAEhC,CAAC,CAAC8B,MAAM,CAAC,CAAC;EACpBG,UAAU,EAAEjC,CAAC,CAAC8B,MAAM,CAAC;AACvB,CAAC,CAAC;;AAEF;AACA;AACA;AACA;AACA;AACA;AACA;;AAMA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMI,eAAoC,GAAIC,MAAM,IAAK;EAC9D,IAAIC,UAAe;EACnB,IAAI;IACF,MAAMC,OAAO,GAAG,IAAAC,8BAAY,EAACH,MAAM,CAAC;IACpCC,UAAU,GAAG,IAAIG,GAAG,CAACF,OAAO,CAAC;EAC/B,CAAC,CAAC,OAAOG,KAAK,EAAE;IACd,MAAM,IAAIC,8BAAsB,CAAC,4BAA4B,EAAEN,MAAM,CAAC;EACxE;EAEA,MAAMN,QAAQ,GAAGO,UAAU,CAACP,QAAQ;EACpC,MAAME,QAAQ,GAAGK,UAAU,CAACM,QAAQ;EACpC,MAAMT,UAAU,GAAGG,UAAU,CAACO,YAAY,CAAC5B,GAAG,CAAC,aAAa,CAAC;EAC7D,MAAMiB,QAAQ,GAAGI,UAAU,CAACO,YAAY,CAAC5B,GAAG,CAAC,WAAW,CAAC;EAEzD,MAAM6B,MAAM,GAAGjB,aAAa,CAACkB,SAAS,CAAC;IACrChB,QAAQ;IACRE,QAAQ;IACRE,UAAU;IACVD;EACF,CAAC,CAAC;EAEF,IAAIY,MAAM,CAACE,OAAO,EAAE;IAClB,OAAOF,MAAM,CAACG,IAAI;EACpB,CAAC,MAAM;IACL,MAAM,IAAIN,8BAAsB,CAACG,MAAM,CAACJ,KAAK,CAACQ,OAAO,EAAG,GAAEZ,UAAW,EAAC,CAAC;EACzE;AACF,CAAC;AAACa,OAAA,CAAAf,eAAA,GAAAA,eAAA"}
|
|
@@ -4,7 +4,7 @@ Object.defineProperty(exports, "__esModule", {
|
|
|
4
4
|
value: true
|
|
5
5
|
});
|
|
6
6
|
exports.evaluateRelyingPartyTrust = void 0;
|
|
7
|
-
var
|
|
7
|
+
var _index = require("../../entity/trust/index");
|
|
8
8
|
/**
|
|
9
9
|
* The Relying Party trust evaluation phase.
|
|
10
10
|
* Fetch the Relying Party's configuration and verify trust.
|
|
@@ -21,7 +21,7 @@ const evaluateRelyingPartyTrust = async function (rpUrl) {
|
|
|
21
21
|
payload: {
|
|
22
22
|
metadata: rpConf
|
|
23
23
|
}
|
|
24
|
-
} = await (0,
|
|
24
|
+
} = await (0, _index.getRelyingPartyEntityConfiguration)(rpUrl, {
|
|
25
25
|
appFetch
|
|
26
26
|
});
|
|
27
27
|
return {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["
|
|
1
|
+
{"version":3,"names":["_index","require","evaluateRelyingPartyTrust","rpUrl","appFetch","fetch","arguments","length","undefined","payload","metadata","rpConf","getRelyingPartyEntityConfiguration","exports"],"sourceRoot":"../../../../src","sources":["credential/presentation/02-evaluate-rp-trust.ts"],"mappings":";;;;;;AAAA,IAAAA,MAAA,GAAAC,OAAA;AAcA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMC,yBAAoD,GAAG,eAAAA,CAClEC,KAAK,EAEF;EAAA,IADH;IAAEC,QAAQ,GAAGC;EAAM,CAAC,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EAEzB,MAAM;IACJG,OAAO,EAAE;MAAEC,QAAQ,EAAEC;IAAO;EAC9B,CAAC,GAAG,MAAM,IAAAC,yCAAkC,EAACT,KAAK,EAAE;IAClDC;EACF,CAAC,CAAC;EACF,OAAO;IAAEO;EAAO,CAAC;AACnB,CAAC;AAACE,OAAA,CAAAX,yBAAA,GAAAA,yBAAA"}
|
|
@@ -0,0 +1,68 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
|
|
3
|
+
Object.defineProperty(exports, "__esModule", {
|
|
4
|
+
value: true
|
|
5
|
+
});
|
|
6
|
+
exports.fetchJwksFromUri = exports.fetchJwksFromConfig = void 0;
|
|
7
|
+
var _jwk = require("../../utils/jwk");
|
|
8
|
+
var _misc = require("../../utils/misc");
|
|
9
|
+
var _types = require("../../entity/trust/types");
|
|
10
|
+
/**
|
|
11
|
+
* Defines the signature for a function that retrieves JSON Web Key Sets (JWKS) from a client.
|
|
12
|
+
*
|
|
13
|
+
* @template T - The tuple type representing the function arguments.
|
|
14
|
+
* @param args - The arguments passed to the function.
|
|
15
|
+
* @returns A promise resolving to an object containing an array of JWKs.
|
|
16
|
+
*/
|
|
17
|
+
|
|
18
|
+
/**
|
|
19
|
+
* Retrieves the JSON Web Key Set (JWKS) from the specified client's well-known endpoint.
|
|
20
|
+
*
|
|
21
|
+
* @param clientUrl - The base URL of the client entity from which to retrieve the JWKS.
|
|
22
|
+
* @param options - Optional context containing a custom fetch implementation.
|
|
23
|
+
* @param options.context - Optional context object.
|
|
24
|
+
* @param options.context.appFetch - Optional custom fetch function to use instead of the global `fetch`.
|
|
25
|
+
* @returns A promise resolving to an object containing an array of JWKs.
|
|
26
|
+
* @throws Will throw an error if the JWKS retrieval fails.
|
|
27
|
+
*/
|
|
28
|
+
const fetchJwksFromUri = async function (clientUrl) {
|
|
29
|
+
let {
|
|
30
|
+
context = {}
|
|
31
|
+
} = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {};
|
|
32
|
+
const {
|
|
33
|
+
appFetch = fetch
|
|
34
|
+
} = context;
|
|
35
|
+
const wellKnownUrl = new URL("/.well-known/jar-issuer/jwk", clientUrl).toString();
|
|
36
|
+
|
|
37
|
+
// Fetches the JWKS from a specific endpoint of the entity's well-known configuration
|
|
38
|
+
const jwks = await appFetch(wellKnownUrl, {
|
|
39
|
+
method: "GET"
|
|
40
|
+
}).then((0, _misc.hasStatusOrThrow)(200)).then(raw => raw.json()).then(json => _jwk.JWKS.parse(json));
|
|
41
|
+
return {
|
|
42
|
+
keys: jwks.keys
|
|
43
|
+
};
|
|
44
|
+
};
|
|
45
|
+
|
|
46
|
+
/**
|
|
47
|
+
* Retrieves the JSON Web Key Set (JWKS) from a Relying Party's entity configuration.
|
|
48
|
+
*
|
|
49
|
+
* @param rpConfig - The configuration object of the Relying Party entity.
|
|
50
|
+
* @returns An object containing an array of JWKs.
|
|
51
|
+
* @throws Will throw an error if the configuration is invalid or if JWKS is not found.
|
|
52
|
+
*/
|
|
53
|
+
exports.fetchJwksFromUri = fetchJwksFromUri;
|
|
54
|
+
const fetchJwksFromConfig = async rpConfig => {
|
|
55
|
+
const parsedConfig = _types.RelyingPartyEntityConfiguration.safeParse(rpConfig);
|
|
56
|
+
if (!parsedConfig.success) {
|
|
57
|
+
throw new Error("Invalid Relying Party configuration.");
|
|
58
|
+
}
|
|
59
|
+
const jwks = parsedConfig.data.payload.metadata.wallet_relying_party.jwks;
|
|
60
|
+
if (!jwks || !Array.isArray(jwks.keys)) {
|
|
61
|
+
throw new Error("JWKS not found in Relying Party configuration.");
|
|
62
|
+
}
|
|
63
|
+
return {
|
|
64
|
+
keys: jwks.keys
|
|
65
|
+
};
|
|
66
|
+
};
|
|
67
|
+
exports.fetchJwksFromConfig = fetchJwksFromConfig;
|
|
68
|
+
//# sourceMappingURL=03-retrieve-jwks.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["_jwk","require","_misc","_types","fetchJwksFromUri","clientUrl","context","arguments","length","undefined","appFetch","fetch","wellKnownUrl","URL","toString","jwks","method","then","hasStatusOrThrow","raw","json","JWKS","parse","keys","exports","fetchJwksFromConfig","rpConfig","parsedConfig","RelyingPartyEntityConfiguration","safeParse","success","Error","data","payload","metadata","wallet_relying_party","Array","isArray"],"sourceRoot":"../../../../src","sources":["credential/presentation/03-retrieve-jwks.ts"],"mappings":";;;;;;AAAA,IAAAA,IAAA,GAAAC,OAAA;AACA,IAAAC,KAAA,GAAAD,OAAA;AACA,IAAAE,MAAA,GAAAF,OAAA;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;;AAKA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMG,gBAEZ,GAAG,eAAAA,CAAOC,SAAS,EAA4B;EAAA,IAA1B;IAAEC,OAAO,GAAG,CAAC;EAAE,CAAC,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EACzC,MAAM;IAAEG,QAAQ,GAAGC;EAAM,CAAC,GAAGL,OAAO;EAEpC,MAAMM,YAAY,GAAG,IAAIC,GAAG,CAC1B,6BAA6B,EAC7BR,SACF,CAAC,CAACS,QAAQ,CAAC,CAAC;;EAEZ;EACA,MAAMC,IAAI,GAAG,MAAML,QAAQ,CAACE,YAAY,EAAE;IACxCI,MAAM,EAAE;EACV,CAAC,CAAC,CACCC,IAAI,CAAC,IAAAC,sBAAgB,EAAC,GAAG,CAAC,CAAC,CAC3BD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBH,IAAI,CAAEG,IAAI,IAAKC,SAAI,CAACC,KAAK,CAACF,IAAI,CAAC,CAAC;EAEnC,OAAO;IACLG,IAAI,EAAER,IAAI,CAACQ;EACb,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AANAC,OAAA,CAAApB,gBAAA,GAAAA,gBAAA;AAOO,MAAMqB,mBAEZ,GAAG,MAAOC,QAAQ,IAAK;EACtB,MAAMC,YAAY,GAAGC,sCAA+B,CAACC,SAAS,CAACH,QAAQ,CAAC;EACxE,IAAI,CAACC,YAAY,CAACG,OAAO,EAAE;IACzB,MAAM,IAAIC,KAAK,CAAC,sCAAsC,CAAC;EACzD;EAEA,MAAMhB,IAAI,GAAGY,YAAY,CAACK,IAAI,CAACC,OAAO,CAACC,QAAQ,CAACC,oBAAoB,CAACpB,IAAI;EAEzE,IAAI,CAACA,IAAI,IAAI,CAACqB,KAAK,CAACC,OAAO,CAACtB,IAAI,CAACQ,IAAI,CAAC,EAAE;IACtC,MAAM,IAAIQ,KAAK,CAAC,gDAAgD,CAAC;EACnE;EAEA,OAAO;IACLR,IAAI,EAAER,IAAI,CAACQ;EACb,CAAC;AACH,CAAC;AAACC,OAAA,CAAAC,mBAAA,GAAAA,mBAAA"}
|
package/lib/commonjs/credential/presentation/{03-get-request-object.js → 04-get-request-object.js}
RENAMED
|
@@ -22,7 +22,7 @@ function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { de
|
|
|
22
22
|
* @param context.appFetch (optional) fetch api implementation. Default: built-in fetch
|
|
23
23
|
* @returns The Request Object that describes the presentation
|
|
24
24
|
*/
|
|
25
|
-
const getRequestObject = async (requestUri,
|
|
25
|
+
const getRequestObject = async (requestUri, _ref, jwkKeys) => {
|
|
26
26
|
let {
|
|
27
27
|
wiaCryptoContext,
|
|
28
28
|
appFetch = fetch,
|
|
@@ -42,11 +42,21 @@ const getRequestObject = async (requestUri, rpConf, _ref) => {
|
|
|
42
42
|
}
|
|
43
43
|
}).then((0, _misc.hasStatusOrThrow)(200)).then(res => res.json()).then(responseJson => responseJson.response);
|
|
44
44
|
const responseJwt = (0, _ioReactNativeJwt.decode)(responseEncodedJwt);
|
|
45
|
+
await verifyTokenSignature(jwkKeys, responseJwt);
|
|
45
46
|
|
|
46
|
-
//
|
|
47
|
-
|
|
48
|
-
{
|
|
49
|
-
|
|
47
|
+
// Ensure that the request object conforms to the expected specification.
|
|
48
|
+
const requestObject = _types.RequestObject.parse(responseJwt.payload);
|
|
49
|
+
return {
|
|
50
|
+
requestObject
|
|
51
|
+
};
|
|
52
|
+
};
|
|
53
|
+
exports.getRequestObject = getRequestObject;
|
|
54
|
+
const verifyTokenSignature = async (jwkKeys, responseJwt) => {
|
|
55
|
+
var _responseJwt$protecte;
|
|
56
|
+
// verify token signature to ensure the request object is authentic
|
|
57
|
+
// 1. according to entity configuration if present
|
|
58
|
+
if (jwkKeys) {
|
|
59
|
+
const pubKey = jwkKeys.find(_ref2 => {
|
|
50
60
|
let {
|
|
51
61
|
kid
|
|
52
62
|
} = _ref2;
|
|
@@ -55,14 +65,18 @@ const getRequestObject = async (requestUri, rpConf, _ref) => {
|
|
|
55
65
|
if (!pubKey) {
|
|
56
66
|
throw new _errors.NoSuitableKeysFoundInEntityConfiguration("Request Object signature verification");
|
|
57
67
|
}
|
|
58
|
-
await (0, _ioReactNativeJwt.verify)(
|
|
68
|
+
await (0, _ioReactNativeJwt.verify)(responseJwt, pubKey);
|
|
69
|
+
return;
|
|
59
70
|
}
|
|
60
71
|
|
|
61
|
-
//
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
72
|
+
// 2. If jwk is not retrieved from entity config, check if the token contains the 'jwk' attribute
|
|
73
|
+
if ((_responseJwt$protecte = responseJwt.protectedHeader) !== null && _responseJwt$protecte !== void 0 && _responseJwt$protecte.jwk) {
|
|
74
|
+
const pubKey = responseJwt.protectedHeader.jwk;
|
|
75
|
+
await (0, _ioReactNativeJwt.verify)(responseJwt, pubKey);
|
|
76
|
+
return;
|
|
77
|
+
}
|
|
78
|
+
|
|
79
|
+
// No verification condition matched: skipping signature verification for now.
|
|
80
|
+
// TODO: [EUDIW-215] Remove skipping signature verification
|
|
66
81
|
};
|
|
67
|
-
|
|
68
|
-
//# sourceMappingURL=03-get-request-object.js.map
|
|
82
|
+
//# sourceMappingURL=04-get-request-object.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["_reactNativeUuid","_interopRequireDefault","require","_ioReactNativeJwt","_dpop","_errors","_misc","_types","obj","__esModule","default","getRequestObject","requestUri","_ref","jwkKeys","wiaCryptoContext","appFetch","fetch","walletInstanceAttestation","signedWalletInstanceDPoP","createDPopToken","jti","uuid","v4","htm","htu","ath","sha256ToBase64","responseEncodedJwt","method","headers","Authorization","DPoP","then","hasStatusOrThrow","res","json","responseJson","response","responseJwt","decodeJwt","verifyTokenSignature","requestObject","RequestObject","parse","payload","exports","_responseJwt$protecte","pubKey","find","_ref2","kid","protectedHeader","NoSuitableKeysFoundInEntityConfiguration","verify","jwk"],"sourceRoot":"../../../../src","sources":["credential/presentation/04-get-request-object.ts"],"mappings":";;;;;;AAAA,IAAAA,gBAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,iBAAA,GAAAD,OAAA;AAOA,IAAAE,KAAA,GAAAF,OAAA;AACA,IAAAG,OAAA,GAAAH,OAAA;AAEA,IAAAI,KAAA,GAAAJ,OAAA;AAEA,IAAAK,MAAA,GAAAL,OAAA;AAAwC,SAAAD,uBAAAO,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAYxC;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMG,gBAAkC,GAAG,MAAAA,CAChDC,UAAU,EAAAC,IAAA,EAEVC,OAAO,KACJ;EAAA,IAFH;IAAEC,gBAAgB;IAAEC,QAAQ,GAAGC,KAAK;IAAEC;EAA0B,CAAC,GAAAL,IAAA;EAGjE,MAAMM,wBAAwB,GAAG,MAAM,IAAAC,qBAAe,EACpD;IACEC,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;IACnBC,GAAG,EAAE,KAAK;IACVC,GAAG,EAAEb,UAAU;IACfc,GAAG,EAAE,MAAM,IAAAC,gCAAc,EAACT,yBAAyB;EACrD,CAAC,EACDH,gBACF,CAAC;EAED,MAAMa,kBAAkB,GAAG,MAAMZ,QAAQ,CAACJ,UAAU,EAAE;IACpDiB,MAAM,EAAE,KAAK;IACbC,OAAO,EAAE;MACPC,aAAa,EAAG,QAAOb,yBAA0B,EAAC;MAClDc,IAAI,EAAEb;IACR;EACF,CAAC,CAAC,CACCc,IAAI,CAAC,IAAAC,sBAAgB,EAAC,GAAG,CAAC,CAAC,CAC3BD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBH,IAAI,CAAEI,YAAY,IAAKA,YAAY,CAACC,QAAQ,CAAC;EAEhD,MAAMC,WAAW,GAAG,IAAAC,wBAAS,EAACZ,kBAAkB,CAAC;EAEjD,MAAMa,oBAAoB,CAAC3B,OAAO,EAAEyB,WAAW,CAAC;;EAEhD;EACA,MAAMG,aAAa,GAAGC,oBAAa,CAACC,KAAK,CAACL,WAAW,CAACM,OAAO,CAAC;EAE9D,OAAO;IACLH;EACF,CAAC;AACH,CAAC;AAACI,OAAA,CAAAnC,gBAAA,GAAAA,gBAAA;AAEF,MAAM8B,oBAAoB,GAAG,MAAAA,CAC3B3B,OAAgC,EAChCyB,WAAiB,KACC;EAAA,IAAAQ,qBAAA;EAClB;EACA;EACA,IAAIjC,OAAO,EAAE;IACX,MAAMkC,MAAM,GAAGlC,OAAO,CAACmC,IAAI,CACzBC,KAAA;MAAA,IAAC;QAAEC;MAAI,CAAC,GAAAD,KAAA;MAAA,OAAKC,GAAG,KAAKZ,WAAW,CAACa,eAAe,CAACD,GAAG;IAAA,CACtD,CAAC;IACD,IAAI,CAACH,MAAM,EAAE;MACX,MAAM,IAAIK,gDAAwC,CAChD,uCACF,CAAC;IACH;IACA,MAAM,IAAAC,wBAAM,EAACf,WAAW,EAAES,MAAM,CAAC;IACjC;EACF;;EAEA;EACA,KAAAD,qBAAA,GAAIR,WAAW,CAACa,eAAe,cAAAL,qBAAA,eAA3BA,qBAAA,CAA6BQ,GAAG,EAAE;IACpC,MAAMP,MAAM,GAAGT,WAAW,CAACa,eAAe,CAACG,GAAG;IAC9C,MAAM,IAAAD,wBAAM,EAACf,WAAW,EAAES,MAAM,CAAC;IACjC;EACF;;EAEA;EACA;AACF,CAAC"}
|
|
@@ -136,4 +136,4 @@ const sendAuthorizationResponse = async (requestObject, rpConf, presentation, _r
|
|
|
136
136
|
}).then((0, _misc.hasStatusOrThrow)(200)).then(res => res.json()).then(AuthorizationResponse.parse);
|
|
137
137
|
};
|
|
138
138
|
exports.sendAuthorizationResponse = sendAuthorizationResponse;
|
|
139
|
-
//# sourceMappingURL=
|
|
139
|
+
//# sourceMappingURL=05-send-authorization-response.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_ioReactNativeJwt","require","_reactNativeUuid","_interopRequireDefault","WalletInstanceAttestation","_interopRequireWildcard","_errors","_misc","_sdJwt","z","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","AuthorizationResponse","object","status","string","response_code","optional","exports","chooseRSAPublicKeyToEncrypt","entity","usingRsa256","wallet_relying_party","jwks","keys","filter","jwk","use","kty","NoSuitableKeysFoundInEntityConfiguration","prepareVpToken","requestObject","walletInstanceAttestation","_ref","vc","claims","cryptoCtx","token","vp","paths","disclose","payload","iss","decode","pidKid","getPublicKey","then","_","kid","vp_token","SignJWT","setProtectedHeader","typ","setPayload","jti","uuid","v4","nonce","setAudience","response_uri","setIssuedAt","setExpirationTime","sign","vc_scope","scope","presentation_submission","definition_id","id","descriptor_map","map","p","path","format","sendAuthorizationResponse","rpConf","presentation","_ref2","appFetch","fetch","rsaPublicJwk","authzResponsePayload","JSON","stringify","state","encrypted","EncryptJwe","alg","enc","encrypt","formBody","URLSearchParams","response","body","toString","method","headers","hasStatusOrThrow","res","json","parse"],"sourceRoot":"../../../../src","sources":["credential/presentation/
|
|
1
|
+
{"version":3,"names":["_ioReactNativeJwt","require","_reactNativeUuid","_interopRequireDefault","WalletInstanceAttestation","_interopRequireWildcard","_errors","_misc","_sdJwt","z","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","AuthorizationResponse","object","status","string","response_code","optional","exports","chooseRSAPublicKeyToEncrypt","entity","usingRsa256","wallet_relying_party","jwks","keys","filter","jwk","use","kty","NoSuitableKeysFoundInEntityConfiguration","prepareVpToken","requestObject","walletInstanceAttestation","_ref","vc","claims","cryptoCtx","token","vp","paths","disclose","payload","iss","decode","pidKid","getPublicKey","then","_","kid","vp_token","SignJWT","setProtectedHeader","typ","setPayload","jti","uuid","v4","nonce","setAudience","response_uri","setIssuedAt","setExpirationTime","sign","vc_scope","scope","presentation_submission","definition_id","id","descriptor_map","map","p","path","format","sendAuthorizationResponse","rpConf","presentation","_ref2","appFetch","fetch","rsaPublicJwk","authzResponsePayload","JSON","stringify","state","encrypted","EncryptJwe","alg","enc","encrypt","formBody","URLSearchParams","response","body","toString","method","headers","hasStatusOrThrow","res","json","parse"],"sourceRoot":"../../../../src","sources":["credential/presentation/05-send-authorization-response.ts"],"mappings":";;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AACA,IAAAC,gBAAA,GAAAC,sBAAA,CAAAF,OAAA;AACA,IAAAG,yBAAA,GAAAC,uBAAA,CAAAJ,OAAA;AAEA,IAAAK,OAAA,GAAAL,OAAA;AACA,IAAAM,KAAA,GAAAN,OAAA;AAEA,IAAAO,MAAA,GAAAP,OAAA;AAGA,IAAAQ,CAAA,GAAAJ,uBAAA,CAAAJ,OAAA;AAAyB,SAAAS,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAN,wBAAAU,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAAA,SAAAlB,uBAAAY,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAGlB,MAAMiB,qBAAqB,GAAGvB,CAAC,CAACwB,MAAM,CAAC;EAC5CC,MAAM,EAAEzB,CAAC,CAAC0B,MAAM,CAAC,CAAC;EAClBC,aAAa,EAAE3B,CAAC,CACb0B,MAAM,CAAC,CAAC,CAAC;AACd;AACA;AACA;AACA,8BAJc,CAKTE,QAAQ,CAAC;AACd,CAAC,CAAC;;AAEF;AACA;AACA;AACA;AACA;AACA;AACA;AANAC,OAAA,CAAAN,qBAAA,GAAAA,qBAAA;AAOA,MAAMO,2BAA2B,GAC/BC,MAAgD,IACxC;EACR,MAAM,CAACC,WAAW,CAAC,GAAGD,MAAM,CAACE,oBAAoB,CAACC,IAAI,CAACC,IAAI,CAACC,MAAM,CAC/DC,GAAG,IAAKA,GAAG,CAACC,GAAG,KAAK,KAAK,IAAID,GAAG,CAACE,GAAG,KAAK,KAC5C,CAAC;EAED,IAAIP,WAAW,EAAE;IACf,OAAOA,WAAW;EACpB;;EAEA;EACA,MAAM,IAAIQ,gDAAwC,CAChD,4BACF,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMC,cAAc,GAAG,MAAAA,CACrBC,aAAqD,EACrDC,yBAAiC,EAAAC,IAAA,KAK7B;EAAA,IAJJ,CAACC,EAAE,EAAEC,MAAM,EAAEC,SAAS,CAAe,GAAAH,IAAA;EAKrC;EACA,MAAM;IAAEI,KAAK,EAAEC,EAAE;IAAEC;EAAM,CAAC,GAAG,MAAM,IAAAC,eAAQ,EAACN,EAAE,EAAEC,MAAM,CAAC;;EAEvD;EACA,MAAM;IACJM,OAAO,EAAE;MAAEC;IAAI;EACjB,CAAC,GAAG1D,yBAAyB,CAAC2D,MAAM,CAACX,yBAAyB,CAAC;EAE/D,MAAMY,MAAM,GAAG,MAAMR,SAAS,CAACS,YAAY,CAAC,CAAC,CAACC,IAAI,CAAEC,CAAC,IAAKA,CAAC,CAACC,GAAG,CAAC;;EAEhE;EACA,MAAMC,QAAQ,GAAG,MAAM,IAAIC,yBAAO,CAACd,SAAS,CAAC,CAC1Ce,kBAAkB,CAAC;IAClBC,GAAG,EAAE,KAAK;IACVJ,GAAG,EAAEJ;EACP,CAAC,CAAC,CACDS,UAAU,CAAC;IACVf,EAAE,EAAEA,EAAE;IACNgB,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;IACnBd,GAAG;IACHe,KAAK,EAAE1B,aAAa,CAAC0B;EACvB,CAAC,CAAC,CACDC,WAAW,CAAC3B,aAAa,CAAC4B,YAAY,CAAC,CACvCC,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,IAAI,CAAC,CAAC;EAET,MAAMC,QAAQ,GAAGhC,aAAa,CAACiC,KAAK;EACpC,MAAMC,uBAAuB,GAAG;IAC9BC,aAAa,EAAG,GAAEX,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;IAC7BW,EAAE,EAAG,GAAEZ,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;IAClBY,cAAc,EAAE7B,KAAK,CAAC8B,GAAG,CAAEC,CAAC,KAAM;MAChCH,EAAE,EAAEJ,QAAQ;MACZQ,IAAI,EAAG,cAAaD,CAAC,CAACC,IAAK,EAAC;MAC5BC,MAAM,EAAE;IACV,CAAC,CAAC;EACJ,CAAC;EAED,OAAO;IAAEvB,QAAQ;IAAEgB;EAAwB,CAAC;AAC9C,CAAC;AAYD;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMQ,yBAAoD,GAAG,MAAAA,CAClE1C,aAAa,EACb2C,MAAM,EACNC,YAAY,EAAAC,KAAA,KAEuB;EAAA,IADnC;IAAEC,QAAQ,GAAGC,KAAK;IAAE9C;EAA0B,CAAC,GAAA4C,KAAA;EAE/C;EACA;EACA,MAAMG,YAAY,GAAG5D,2BAA2B,CAACuD,MAAM,CAAC;EAExD,MAAM;IAAEzB,QAAQ;IAAEgB;EAAwB,CAAC,GAAG,MAAMnC,cAAc,CAChEC,aAAa,EACbC,yBAAyB,EACzB2C,YACF,CAAC;EAED,MAAMK,oBAAoB,GAAGC,IAAI,CAACC,SAAS,CAAC;IAC1CC,KAAK,EAAEpD,aAAa,CAACoD,KAAK;IAC1BlB,uBAAuB;IACvBR,KAAK,EAAE1B,aAAa,CAAC0B,KAAK;IAC1BR;EACF,CAAC,CAAC;EAEF,MAAMmC,SAAS,GAAG,MAAM,IAAIC,4BAAU,CAACL,oBAAoB,EAAE;IAC3DM,GAAG,EAAE,cAAc;IACnBC,GAAG,EAAE,eAAe;IACpBvC,GAAG,EAAE+B,YAAY,CAAC/B;EACpB,CAAC,CAAC,CAACwC,OAAO,CAACT,YAAY,CAAC;EAExB,MAAMU,QAAQ,GAAG,IAAIC,eAAe,CAAC;IAAEC,QAAQ,EAAEP;EAAU,CAAC,CAAC;EAC7D,MAAMQ,IAAI,GAAGH,QAAQ,CAACI,QAAQ,CAAC,CAAC;EAEhC,OAAOhB,QAAQ,CAAC9C,aAAa,CAAC4B,YAAY,EAAE;IAC1CmC,MAAM,EAAE,MAAM;IACdC,OAAO,EAAE;MACP,cAAc,EAAE;IAClB,CAAC;IACDH;EACF,CAAC,CAAC,CACC9C,IAAI,CAAC,IAAAkD,sBAAgB,EAAC,GAAG,CAAC,CAAC,CAC3BlD,IAAI,CAAEmD,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBpD,IAAI,CAAClC,qBAAqB,CAACuF,KAAK,CAAC;AACtC,CAAC;AAACjF,OAAA,CAAAuD,yBAAA,GAAAA,yBAAA"}
|
|
@@ -1,3 +1,75 @@
|
|
|
1
|
-
# Credential
|
|
1
|
+
# Credential Presentation
|
|
2
2
|
|
|
3
|
-
|
|
3
|
+
## Sequence Diagram
|
|
4
|
+
|
|
5
|
+
```mermaid
|
|
6
|
+
sequenceDiagram
|
|
7
|
+
autonumber
|
|
8
|
+
participant I as Individual using EUDI Wallet
|
|
9
|
+
participant O as Organisational Wallet (Verifier)
|
|
10
|
+
participant A as Organisational Wallet (Issuer)
|
|
11
|
+
|
|
12
|
+
O->>+I: QR-CODE: Authorisation request (`request_uri`)
|
|
13
|
+
I->>+O: GET: Request object, resolved from the `request_uri`
|
|
14
|
+
O->>+I: Respond with the Request object
|
|
15
|
+
I->>+O: GET: /.well-known/jar-issuer/jwk
|
|
16
|
+
O->>+I: Respond with the public key
|
|
17
|
+
|
|
18
|
+
I->>+O: POST: VP token response
|
|
19
|
+
O->>+A: GET: /.well-known/jwt-vc-issuer/jwk
|
|
20
|
+
A->>+O: Respond with the public key
|
|
21
|
+
O->>+I: Redirect: Authorisation response
|
|
22
|
+
```
|
|
23
|
+
|
|
24
|
+
## Mapped results
|
|
25
|
+
|
|
26
|
+
## Examples
|
|
27
|
+
|
|
28
|
+
<details>
|
|
29
|
+
<summary>Remote Presentation flow</summary>
|
|
30
|
+
|
|
31
|
+
```ts
|
|
32
|
+
// Scan e retrive qr-code
|
|
33
|
+
const qrcode = ...
|
|
34
|
+
|
|
35
|
+
// Retrieve the integrity key tag from the store and create its context
|
|
36
|
+
const integrityKeyTag = "example"; // Let's assume this is the key tag used to create the wallet instance
|
|
37
|
+
const integrityContext = getIntegrityContext(integrityKeyTag);
|
|
38
|
+
|
|
39
|
+
// Let's assume the key esists befor starting the presentation process
|
|
40
|
+
const wiaCryptoContext = createCryptoContextFor(WIA_KEYTAG);
|
|
41
|
+
|
|
42
|
+
const { WALLET_PROVIDER_BASE_URL, WALLET_EAA_PROVIDER_BASE_URL, REDIRECT_URI } =
|
|
43
|
+
env; // Let's assume these are the environment variables
|
|
44
|
+
|
|
45
|
+
/**
|
|
46
|
+
* Obtains a new Wallet Instance Attestation.
|
|
47
|
+
* WARNING: The integrity context must be the same used when creating the Wallet Instance with the same keytag.
|
|
48
|
+
*/
|
|
49
|
+
const walletInstanceAttestation =
|
|
50
|
+
await WalletInstanceAttestation.getAttestation({
|
|
51
|
+
wiaCryptoContext,
|
|
52
|
+
integrityContext,
|
|
53
|
+
walletProviderBaseUrl: WALLET_PROVIDER_BASE_URL,
|
|
54
|
+
appFetch,
|
|
55
|
+
});
|
|
56
|
+
|
|
57
|
+
// Start the issuance flow
|
|
58
|
+
const { requestURI, clientId } = Credential.Presentation.startFlowFromQR(qrcode);
|
|
59
|
+
|
|
60
|
+
// If use trust federation: Evaluate issuer trust
|
|
61
|
+
const { rpConf } = await Credential.Presentation.evaluateRelyingPartyTrust(clientId);
|
|
62
|
+
|
|
63
|
+
// If use trust federation: Fetch Jwks from rpConf
|
|
64
|
+
const jwks = await Credential.Presentation.fetchJwksFromConfig(rpConf);
|
|
65
|
+
|
|
66
|
+
// If not use trust: Fetch Jwks from well-know
|
|
67
|
+
const jwks = await Credential.Presentation.fetchJwksFromUri(
|
|
68
|
+
requestURI,
|
|
69
|
+
appFetch,
|
|
70
|
+
);
|
|
71
|
+
|
|
72
|
+
|
|
73
|
+
```
|
|
74
|
+
|
|
75
|
+
</details>
|
|
@@ -10,6 +10,18 @@ Object.defineProperty(exports, "evaluateRelyingPartyTrust", {
|
|
|
10
10
|
return _evaluateRpTrust.evaluateRelyingPartyTrust;
|
|
11
11
|
}
|
|
12
12
|
});
|
|
13
|
+
Object.defineProperty(exports, "fetchJwksFromConfig", {
|
|
14
|
+
enumerable: true,
|
|
15
|
+
get: function () {
|
|
16
|
+
return _retrieveJwks.fetchJwksFromConfig;
|
|
17
|
+
}
|
|
18
|
+
});
|
|
19
|
+
Object.defineProperty(exports, "fetchJwksFromUri", {
|
|
20
|
+
enumerable: true,
|
|
21
|
+
get: function () {
|
|
22
|
+
return _retrieveJwks.fetchJwksFromUri;
|
|
23
|
+
}
|
|
24
|
+
});
|
|
13
25
|
Object.defineProperty(exports, "getRequestObject", {
|
|
14
26
|
enumerable: true,
|
|
15
27
|
get: function () {
|
|
@@ -30,8 +42,9 @@ Object.defineProperty(exports, "startFlowFromQR", {
|
|
|
30
42
|
});
|
|
31
43
|
var _startFlow = require("./01-start-flow");
|
|
32
44
|
var _evaluateRpTrust = require("./02-evaluate-rp-trust");
|
|
33
|
-
var
|
|
34
|
-
var
|
|
45
|
+
var _retrieveJwks = require("./03-retrieve-jwks");
|
|
46
|
+
var _getRequestObject = require("./04-get-request-object");
|
|
47
|
+
var _sendAuthorizationResponse = require("./05-send-authorization-response");
|
|
35
48
|
var Errors = _interopRequireWildcard(require("./errors"));
|
|
36
49
|
exports.Errors = Errors;
|
|
37
50
|
function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_startFlow","require","_evaluateRpTrust","_getRequestObject","_sendAuthorizationResponse","Errors","_interopRequireWildcard","exports","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set"],"sourceRoot":"../../../../src","sources":["credential/presentation/index.ts"],"mappings":"
|
|
1
|
+
{"version":3,"names":["_startFlow","require","_evaluateRpTrust","_retrieveJwks","_getRequestObject","_sendAuthorizationResponse","Errors","_interopRequireWildcard","exports","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set"],"sourceRoot":"../../../../src","sources":["credential/presentation/index.ts"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,IAAAA,UAAA,GAAAC,OAAA;AACA,IAAAC,gBAAA,GAAAD,OAAA;AAIA,IAAAE,aAAA,GAAAF,OAAA;AAKA,IAAAG,iBAAA,GAAAH,OAAA;AAIA,IAAAI,0BAAA,GAAAJ,OAAA;AAIA,IAAAK,MAAA,GAAAC,uBAAA,CAAAN,OAAA;AAAmCO,OAAA,CAAAF,MAAA,GAAAA,MAAA;AAAA,SAAAG,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAH,wBAAAO,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA"}
|
|
@@ -13,16 +13,18 @@ function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj &&
|
|
|
13
13
|
*/
|
|
14
14
|
|
|
15
15
|
const RequestObject = z.object({
|
|
16
|
-
iss: z.string(),
|
|
16
|
+
iss: z.string().optional(),
|
|
17
|
+
//optional by RFC 7519, mandatory for Potential
|
|
17
18
|
iat: _types.UnixTime,
|
|
18
|
-
exp: _types.UnixTime,
|
|
19
|
+
exp: _types.UnixTime.optional(),
|
|
19
20
|
state: z.string(),
|
|
20
21
|
nonce: z.string(),
|
|
21
22
|
response_uri: z.string(),
|
|
22
23
|
response_type: z.literal("vp_token"),
|
|
23
24
|
response_mode: z.literal("direct_post.jwt"),
|
|
24
25
|
client_id: z.string(),
|
|
25
|
-
client_id_scheme: z.
|
|
26
|
+
client_id_scheme: z.string(),
|
|
27
|
+
// previous z.literal("entity_id"),
|
|
26
28
|
scope: z.string()
|
|
27
29
|
});
|
|
28
30
|
exports.RequestObject = RequestObject;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_types","require","z","_interopRequireWildcard","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","RequestObject","object","iss","string","iat","UnixTime","exp","state","nonce","response_uri","response_type","literal","response_mode","client_id","client_id_scheme","scope","exports"],"sourceRoot":"../../../../src","sources":["credential/presentation/types.ts"],"mappings":";;;;;;AACA,IAAAA,MAAA,GAAAC,OAAA;AACA,IAAAC,CAAA,GAAAC,uBAAA,CAAAF,OAAA;AAAyB,SAAAG,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAF,wBAAAM,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAEzB;AACA;AACA;;AAQO,MAAMW,aAAa,GAAGxB,CAAC,CAACyB,MAAM,CAAC;EACpCC,GAAG,EAAE1B,CAAC,CAAC2B,MAAM,CAAC,CAAC;
|
|
1
|
+
{"version":3,"names":["_types","require","z","_interopRequireWildcard","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","RequestObject","object","iss","string","optional","iat","UnixTime","exp","state","nonce","response_uri","response_type","literal","response_mode","client_id","client_id_scheme","scope","exports"],"sourceRoot":"../../../../src","sources":["credential/presentation/types.ts"],"mappings":";;;;;;AACA,IAAAA,MAAA,GAAAC,OAAA;AACA,IAAAC,CAAA,GAAAC,uBAAA,CAAAF,OAAA;AAAyB,SAAAG,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAF,wBAAAM,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAEzB;AACA;AACA;;AAQO,MAAMW,aAAa,GAAGxB,CAAC,CAACyB,MAAM,CAAC;EACpCC,GAAG,EAAE1B,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EAAE;EAC5BC,GAAG,EAAEC,eAAQ;EACbC,GAAG,EAAED,eAAQ,CAACF,QAAQ,CAAC,CAAC;EACxBI,KAAK,EAAEhC,CAAC,CAAC2B,MAAM,CAAC,CAAC;EACjBM,KAAK,EAAEjC,CAAC,CAAC2B,MAAM,CAAC,CAAC;EACjBO,YAAY,EAAElC,CAAC,CAAC2B,MAAM,CAAC,CAAC;EACxBQ,aAAa,EAAEnC,CAAC,CAACoC,OAAO,CAAC,UAAU,CAAC;EACpCC,aAAa,EAAErC,CAAC,CAACoC,OAAO,CAAC,iBAAiB,CAAC;EAC3CE,SAAS,EAAEtC,CAAC,CAAC2B,MAAM,CAAC,CAAC;EACrBY,gBAAgB,EAAEvC,CAAC,CAAC2B,MAAM,CAAC,CAAC;EAAE;EAC9Ba,KAAK,EAAExC,CAAC,CAAC2B,MAAM,CAAC;AAClB,CAAC,CAAC;AAACc,OAAA,CAAAjB,aAAA,GAAAA,aAAA"}
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
|
|
3
|
+
Object.defineProperty(exports, "__esModule", {
|
|
4
|
+
value: true
|
|
5
|
+
});
|
|
6
|
+
exports.getCredentialIssuerMetadata = getCredentialIssuerMetadata;
|
|
7
|
+
var _misc = require("../../../utils/misc");
|
|
8
|
+
var _types = require("./types");
|
|
9
|
+
/**
|
|
10
|
+
* Fetch the signed entity configuration token for an entity
|
|
11
|
+
*
|
|
12
|
+
* @param entityBaseUrl The url of the entity to fetch
|
|
13
|
+
* @param param.appFetch (optional) fetch api implemention
|
|
14
|
+
* @returns The signed Entity Configuration token
|
|
15
|
+
*/
|
|
16
|
+
async function getCredentialIssuerMetadata(entityBaseUrl) {
|
|
17
|
+
let {
|
|
18
|
+
appFetch = fetch
|
|
19
|
+
} = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {};
|
|
20
|
+
const wellKnownUrl = `${entityBaseUrl}/.well-known/openid-credential-issuer`;
|
|
21
|
+
return await appFetch(wellKnownUrl, {
|
|
22
|
+
method: "GET"
|
|
23
|
+
}).then((0, _misc.hasStatusOrThrow)(200)).then(res => res.json()).then(_types.CredentialIssuerConfiguration.parse);
|
|
24
|
+
}
|
|
25
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["_misc","require","_types","getCredentialIssuerMetadata","entityBaseUrl","appFetch","fetch","arguments","length","undefined","wellKnownUrl","method","then","hasStatusOrThrow","res","json","CredentialIssuerConfiguration","parse"],"sourceRoot":"../../../../../src","sources":["entity/openid-connect/issuer/index.ts"],"mappings":";;;;;;AAAA,IAAAA,KAAA,GAAAC,OAAA;AACA,IAAAC,MAAA,GAAAD,OAAA;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,eAAeE,2BAA2BA,CAC/CC,aAAqB,EAMmB;EAAA,IALxC;IACEC,QAAQ,GAAGC;EAGb,CAAC,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EAEN,MAAMG,YAAY,GAAI,GAAEN,aAAc,uCAAsC;EAE5E,OAAO,MAAMC,QAAQ,CAACK,YAAY,EAAE;IAClCC,MAAM,EAAE;EACV,CAAC,CAAC,CACCC,IAAI,CAAC,IAAAC,sBAAgB,EAAC,GAAG,CAAC,CAAC,CAC3BD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBH,IAAI,CAACI,oCAA6B,CAACC,KAAK,CAAC;AAC9C"}
|