@pagopa/io-react-native-wallet 0.27.1 → 0.28.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/commonjs/client/generated/wallet-provider.js +27 -19
- package/lib/commonjs/client/generated/wallet-provider.js.map +1 -1
- package/lib/commonjs/credential/issuance/03-start-user-authorization.js +3 -0
- package/lib/commonjs/credential/issuance/03-start-user-authorization.js.map +1 -1
- package/lib/commonjs/credential/presentation/01-start-flow.js +14 -24
- package/lib/commonjs/credential/presentation/01-start-flow.js.map +1 -1
- package/lib/commonjs/credential/presentation/03-get-request-object.js +30 -42
- package/lib/commonjs/credential/presentation/03-get-request-object.js.map +1 -1
- package/lib/commonjs/credential/presentation/04-retrieve-rp-jwks.js +32 -0
- package/lib/commonjs/credential/presentation/04-retrieve-rp-jwks.js.map +1 -0
- package/lib/commonjs/credential/presentation/05-verify-request-object.js +53 -0
- package/lib/commonjs/credential/presentation/05-verify-request-object.js.map +1 -0
- package/lib/commonjs/credential/presentation/06-fetch-presentation-definition.js +39 -0
- package/lib/commonjs/credential/presentation/06-fetch-presentation-definition.js.map +1 -0
- package/lib/commonjs/credential/presentation/07-evaluate-dcql-query.js +125 -0
- package/lib/commonjs/credential/presentation/07-evaluate-dcql-query.js.map +1 -0
- package/lib/commonjs/credential/presentation/07-evaluate-input-descriptor.js +289 -0
- package/lib/commonjs/credential/presentation/07-evaluate-input-descriptor.js.map +1 -0
- package/lib/commonjs/credential/presentation/08-send-authorization-response.js +170 -0
- package/lib/commonjs/credential/presentation/08-send-authorization-response.js.map +1 -0
- package/lib/commonjs/credential/presentation/errors.js +69 -1
- package/lib/commonjs/credential/presentation/errors.js.map +1 -1
- package/lib/commonjs/credential/presentation/index.js +29 -1
- package/lib/commonjs/credential/presentation/index.js.map +1 -1
- package/lib/commonjs/credential/presentation/types.js +124 -3
- package/lib/commonjs/credential/presentation/types.js.map +1 -1
- package/lib/commonjs/sd-jwt/index.js +41 -1
- package/lib/commonjs/sd-jwt/index.js.map +1 -1
- package/lib/commonjs/trust/chain.js +35 -50
- package/lib/commonjs/trust/chain.js.map +1 -1
- package/lib/commonjs/trust/index.js +139 -16
- package/lib/commonjs/trust/index.js.map +1 -1
- package/lib/commonjs/trust/types.js +36 -12
- package/lib/commonjs/trust/types.js.map +1 -1
- package/lib/commonjs/trust/utils.js +41 -0
- package/lib/commonjs/trust/utils.js.map +1 -0
- package/lib/commonjs/utils/jwk.js +5 -1
- package/lib/commonjs/utils/jwk.js.map +1 -1
- package/lib/commonjs/wallet-instance/index.js +10 -0
- package/lib/commonjs/wallet-instance/index.js.map +1 -1
- package/lib/module/client/generated/wallet-provider.js +22 -15
- package/lib/module/client/generated/wallet-provider.js.map +1 -1
- package/lib/module/credential/issuance/03-start-user-authorization.js +3 -0
- package/lib/module/credential/issuance/03-start-user-authorization.js.map +1 -1
- package/lib/module/credential/presentation/01-start-flow.js +14 -24
- package/lib/module/credential/presentation/01-start-flow.js.map +1 -1
- package/lib/module/credential/presentation/03-get-request-object.js +31 -43
- package/lib/module/credential/presentation/03-get-request-object.js.map +1 -1
- package/lib/module/credential/presentation/04-retrieve-rp-jwks.js +25 -0
- package/lib/module/credential/presentation/04-retrieve-rp-jwks.js.map +1 -0
- package/lib/module/credential/presentation/05-verify-request-object.js +46 -0
- package/lib/module/credential/presentation/05-verify-request-object.js.map +1 -0
- package/lib/module/credential/presentation/06-fetch-presentation-definition.js +32 -0
- package/lib/module/credential/presentation/06-fetch-presentation-definition.js.map +1 -0
- package/lib/module/credential/presentation/07-evaluate-dcql-query.js +117 -0
- package/lib/module/credential/presentation/07-evaluate-dcql-query.js.map +1 -0
- package/lib/module/credential/presentation/07-evaluate-input-descriptor.js +278 -0
- package/lib/module/credential/presentation/07-evaluate-input-descriptor.js.map +1 -0
- package/lib/module/credential/presentation/08-send-authorization-response.js +158 -0
- package/lib/module/credential/presentation/08-send-authorization-response.js.map +1 -0
- package/lib/module/credential/presentation/errors.js +64 -0
- package/lib/module/credential/presentation/errors.js.map +1 -1
- package/lib/module/credential/presentation/index.js +6 -2
- package/lib/module/credential/presentation/index.js.map +1 -1
- package/lib/module/credential/presentation/types.js +121 -2
- package/lib/module/credential/presentation/types.js.map +1 -1
- package/lib/module/sd-jwt/index.js +40 -1
- package/lib/module/sd-jwt/index.js.map +1 -1
- package/lib/module/trust/chain.js +32 -46
- package/lib/module/trust/chain.js.map +1 -1
- package/lib/module/trust/index.js +139 -18
- package/lib/module/trust/index.js.map +1 -1
- package/lib/module/trust/types.js +34 -11
- package/lib/module/trust/types.js.map +1 -1
- package/lib/module/trust/utils.js +33 -0
- package/lib/module/trust/utils.js.map +1 -0
- package/lib/module/utils/jwk.js +3 -0
- package/lib/module/utils/jwk.js.map +1 -1
- package/lib/module/wallet-instance/index.js +9 -0
- package/lib/module/wallet-instance/index.js.map +1 -1
- package/lib/typescript/client/generated/wallet-provider.d.ts +91 -54
- package/lib/typescript/client/generated/wallet-provider.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/03-start-user-authorization.d.ts.map +1 -1
- package/lib/typescript/credential/presentation/01-start-flow.d.ts +26 -5
- package/lib/typescript/credential/presentation/01-start-flow.d.ts.map +1 -1
- package/lib/typescript/credential/presentation/03-get-request-object.d.ts +7 -10
- package/lib/typescript/credential/presentation/03-get-request-object.d.ts.map +1 -1
- package/lib/typescript/credential/presentation/04-retrieve-rp-jwks.d.ts +23 -0
- package/lib/typescript/credential/presentation/04-retrieve-rp-jwks.d.ts.map +1 -0
- package/lib/typescript/credential/presentation/05-verify-request-object.d.ts +18 -0
- package/lib/typescript/credential/presentation/05-verify-request-object.d.ts.map +1 -0
- package/lib/typescript/credential/presentation/06-fetch-presentation-definition.d.ts +21 -0
- package/lib/typescript/credential/presentation/06-fetch-presentation-definition.d.ts.map +1 -0
- package/lib/typescript/credential/presentation/07-evaluate-dcql-query.d.ts +20 -0
- package/lib/typescript/credential/presentation/07-evaluate-dcql-query.d.ts.map +1 -0
- package/lib/typescript/credential/presentation/07-evaluate-input-descriptor.d.ts +88 -0
- package/lib/typescript/credential/presentation/07-evaluate-input-descriptor.d.ts.map +1 -0
- package/lib/typescript/credential/presentation/08-send-authorization-response.d.ts +70 -0
- package/lib/typescript/credential/presentation/08-send-authorization-response.d.ts.map +1 -0
- package/lib/typescript/credential/presentation/errors.d.ts +44 -0
- package/lib/typescript/credential/presentation/errors.d.ts.map +1 -1
- package/lib/typescript/credential/presentation/index.d.ts +7 -3
- package/lib/typescript/credential/presentation/index.d.ts.map +1 -1
- package/lib/typescript/credential/presentation/types.d.ts +747 -10
- package/lib/typescript/credential/presentation/types.d.ts.map +1 -1
- package/lib/typescript/credential/status/types.d.ts +6 -6
- package/lib/typescript/sd-jwt/index.d.ts +31 -12
- package/lib/typescript/sd-jwt/index.d.ts.map +1 -1
- package/lib/typescript/sd-jwt/types.d.ts +6 -6
- package/lib/typescript/trust/chain.d.ts +4 -9
- package/lib/typescript/trust/chain.d.ts.map +1 -1
- package/lib/typescript/trust/index.d.ts +337 -61
- package/lib/typescript/trust/index.d.ts.map +1 -1
- package/lib/typescript/trust/types.d.ts +4074 -407
- package/lib/typescript/trust/types.d.ts.map +1 -1
- package/lib/typescript/trust/utils.d.ts +12 -0
- package/lib/typescript/trust/utils.d.ts.map +1 -0
- package/lib/typescript/utils/decoder.d.ts +1 -1
- package/lib/typescript/utils/decoder.d.ts.map +1 -1
- package/lib/typescript/utils/jwk.d.ts +137 -0
- package/lib/typescript/utils/jwk.d.ts.map +1 -1
- package/lib/typescript/wallet-instance/index.d.ts +8 -0
- package/lib/typescript/wallet-instance/index.d.ts.map +1 -1
- package/lib/typescript/wallet-instance-attestation/types.d.ts +36 -36
- package/package.json +5 -2
- package/src/client/generated/wallet-provider.ts +28 -19
- package/src/credential/issuance/03-start-user-authorization.ts +3 -0
- package/src/credential/presentation/01-start-flow.ts +19 -26
- package/src/credential/presentation/03-get-request-object.ts +35 -58
- package/src/credential/presentation/04-retrieve-rp-jwks.ts +34 -0
- package/src/credential/presentation/05-verify-request-object.ts +52 -0
- package/src/credential/presentation/06-fetch-presentation-definition.ts +48 -0
- package/src/credential/presentation/07-evaluate-dcql-query.ts +166 -0
- package/src/credential/presentation/07-evaluate-input-descriptor.ts +391 -0
- package/src/credential/presentation/08-send-authorization-response.ts +220 -0
- package/src/credential/presentation/errors.ts +64 -0
- package/src/credential/presentation/index.ts +22 -1
- package/src/credential/presentation/types.ts +133 -2
- package/src/sd-jwt/index.ts +49 -1
- package/src/trust/chain.ts +46 -66
- package/src/trust/index.ts +185 -20
- package/src/trust/types.ts +34 -10
- package/src/trust/utils.ts +35 -0
- package/src/utils/decoder.ts +1 -1
- package/src/utils/jwk.ts +8 -1
- package/src/wallet-instance/index.ts +13 -0
- package/lib/commonjs/credential/presentation/04-send-authorization-response.js +0 -138
- package/lib/commonjs/credential/presentation/04-send-authorization-response.js.map +0 -1
- package/lib/module/credential/presentation/04-send-authorization-response.js +0 -128
- package/lib/module/credential/presentation/04-send-authorization-response.js.map +0 -1
- package/lib/typescript/credential/presentation/04-send-authorization-response.d.ts +0 -34
- package/lib/typescript/credential/presentation/04-send-authorization-response.d.ts.map +0 -1
- package/src/credential/presentation/04-send-authorization-response.ts +0 -168
|
@@ -5,7 +5,7 @@ Object.defineProperty(exports, "__esModule", {
|
|
|
5
5
|
});
|
|
6
6
|
exports.WalletInstanceData = exports.WalletAttestationView = exports.SetWalletInstanceStatusBody = exports.RevocationReason = exports.ProblemDetail = exports.NonceDetailView = exports.EndpointByMethod = exports.CreateWalletInstanceBody = exports.CreateWalletAttestationBody = exports.ApiClient = void 0;
|
|
7
7
|
exports.createApiClient = createApiClient;
|
|
8
|
-
exports.put_SetWalletInstanceStatus = exports.post_CreateWalletInstance = exports.post_CreateWalletAttestation = exports.get_GetWalletInstanceStatus = exports.get_GetNonce = void 0;
|
|
8
|
+
exports.put_SetWalletInstanceStatus = exports.post_CreateWalletInstance = exports.post_CreateWalletAttestation = exports.get_GetWalletInstanceStatus = exports.get_GetNonce = exports.get_GetCurrentWalletInstanceStatus = void 0;
|
|
9
9
|
var _zod = _interopRequireDefault(require("zod"));
|
|
10
10
|
function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
|
|
11
11
|
const NonceDetailView = _zod.default.object({
|
|
@@ -27,14 +27,6 @@ const CreateWalletAttestationBody = _zod.default.object({
|
|
|
27
27
|
assertion: _zod.default.string()
|
|
28
28
|
});
|
|
29
29
|
exports.CreateWalletAttestationBody = CreateWalletAttestationBody;
|
|
30
|
-
const ProblemDetail = _zod.default.object({
|
|
31
|
-
type: _zod.default.string().optional(),
|
|
32
|
-
title: _zod.default.string().optional(),
|
|
33
|
-
status: _zod.default.number().optional(),
|
|
34
|
-
detail: _zod.default.string().optional(),
|
|
35
|
-
instance: _zod.default.string().optional()
|
|
36
|
-
});
|
|
37
|
-
exports.ProblemDetail = ProblemDetail;
|
|
38
30
|
const SetWalletInstanceStatusBody = _zod.default.object({
|
|
39
31
|
status: _zod.default.literal("REVOKED")
|
|
40
32
|
});
|
|
@@ -47,6 +39,14 @@ const WalletInstanceData = _zod.default.object({
|
|
|
47
39
|
revocation_reason: _zod.default.union([RevocationReason, _zod.default.undefined()]).optional()
|
|
48
40
|
});
|
|
49
41
|
exports.WalletInstanceData = WalletInstanceData;
|
|
42
|
+
const ProblemDetail = _zod.default.object({
|
|
43
|
+
type: _zod.default.string().optional(),
|
|
44
|
+
title: _zod.default.string().optional(),
|
|
45
|
+
status: _zod.default.number().optional(),
|
|
46
|
+
detail: _zod.default.string().optional(),
|
|
47
|
+
instance: _zod.default.string().optional()
|
|
48
|
+
});
|
|
49
|
+
exports.ProblemDetail = ProblemDetail;
|
|
50
50
|
const get_GetNonce = {
|
|
51
51
|
method: _zod.default.literal("GET"),
|
|
52
52
|
path: _zod.default.literal("/nonce"),
|
|
@@ -63,6 +63,22 @@ const post_CreateWalletInstance = {
|
|
|
63
63
|
response: _zod.default.unknown()
|
|
64
64
|
};
|
|
65
65
|
exports.post_CreateWalletInstance = post_CreateWalletInstance;
|
|
66
|
+
const post_CreateWalletAttestation = {
|
|
67
|
+
method: _zod.default.literal("POST"),
|
|
68
|
+
path: _zod.default.literal("/token"),
|
|
69
|
+
parameters: _zod.default.object({
|
|
70
|
+
body: CreateWalletAttestationBody
|
|
71
|
+
}),
|
|
72
|
+
response: WalletAttestationView
|
|
73
|
+
};
|
|
74
|
+
exports.post_CreateWalletAttestation = post_CreateWalletAttestation;
|
|
75
|
+
const get_GetCurrentWalletInstanceStatus = {
|
|
76
|
+
method: _zod.default.literal("GET"),
|
|
77
|
+
path: _zod.default.literal("/wallet-instances/current/status"),
|
|
78
|
+
parameters: _zod.default.never(),
|
|
79
|
+
response: WalletInstanceData
|
|
80
|
+
};
|
|
81
|
+
exports.get_GetCurrentWalletInstanceStatus = get_GetCurrentWalletInstanceStatus;
|
|
66
82
|
const get_GetWalletInstanceStatus = {
|
|
67
83
|
method: _zod.default.literal("GET"),
|
|
68
84
|
path: _zod.default.literal("/wallet-instances/{id}/status"),
|
|
@@ -85,21 +101,13 @@ const put_SetWalletInstanceStatus = {
|
|
|
85
101
|
}),
|
|
86
102
|
response: _zod.default.unknown()
|
|
87
103
|
};
|
|
88
|
-
exports.put_SetWalletInstanceStatus = put_SetWalletInstanceStatus;
|
|
89
|
-
const post_CreateWalletAttestation = {
|
|
90
|
-
method: _zod.default.literal("POST"),
|
|
91
|
-
path: _zod.default.literal("/token"),
|
|
92
|
-
parameters: _zod.default.object({
|
|
93
|
-
body: CreateWalletAttestationBody
|
|
94
|
-
}),
|
|
95
|
-
response: WalletAttestationView
|
|
96
|
-
};
|
|
97
104
|
|
|
98
105
|
// <EndpointByMethod>
|
|
99
|
-
exports.
|
|
106
|
+
exports.put_SetWalletInstanceStatus = put_SetWalletInstanceStatus;
|
|
100
107
|
const EndpointByMethod = {
|
|
101
108
|
get: {
|
|
102
109
|
"/nonce": get_GetNonce,
|
|
110
|
+
"/wallet-instances/current/status": get_GetCurrentWalletInstanceStatus,
|
|
103
111
|
"/wallet-instances/{id}/status": get_GetWalletInstanceStatus
|
|
104
112
|
},
|
|
105
113
|
post: {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_zod","_interopRequireDefault","require","obj","__esModule","default","NonceDetailView","z","object","nonce","string","exports","WalletAttestationView","wallet_attestation","CreateWalletInstanceBody","challenge","key_attestation","hardware_key_tag","CreateWalletAttestationBody","grant_type","literal","assertion","
|
|
1
|
+
{"version":3,"names":["_zod","_interopRequireDefault","require","obj","__esModule","default","NonceDetailView","z","object","nonce","string","exports","WalletAttestationView","wallet_attestation","CreateWalletInstanceBody","challenge","key_attestation","hardware_key_tag","CreateWalletAttestationBody","grant_type","literal","assertion","SetWalletInstanceStatusBody","status","RevocationReason","union","WalletInstanceData","id","is_revoked","boolean","revocation_reason","undefined","optional","ProblemDetail","type","title","number","detail","instance","get_GetNonce","method","path","parameters","never","response","post_CreateWalletInstance","body","unknown","post_CreateWalletAttestation","get_GetCurrentWalletInstanceStatus","get_GetWalletInstanceStatus","put_SetWalletInstanceStatus","EndpointByMethod","get","post","put","ApiClient","baseUrl","constructor","fetcher","setBaseUrl","arguments","length","createApiClient"],"sourceRoot":"../../../../src","sources":["client/generated/wallet-provider.ts"],"mappings":";;;;;;;;AAAA,IAAAA,IAAA,GAAAC,sBAAA,CAAAC,OAAA;AAAoB,SAAAD,uBAAAE,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAGb,MAAMG,eAAe,GAAGC,YAAC,CAACC,MAAM,CAAC;EACtCC,KAAK,EAAEF,YAAC,CAACG,MAAM,CAAC;AAClB,CAAC,CAAC;AAACC,OAAA,CAAAL,eAAA,GAAAA,eAAA;AAGI,MAAMM,qBAAqB,GAAGL,YAAC,CAACC,MAAM,CAAC;EAC5CK,kBAAkB,EAAEN,YAAC,CAACG,MAAM,CAAC;AAC/B,CAAC,CAAC;AAACC,OAAA,CAAAC,qBAAA,GAAAA,qBAAA;AAGI,MAAME,wBAAwB,GAAGP,YAAC,CAACC,MAAM,CAAC;EAC/CO,SAAS,EAAER,YAAC,CAACG,MAAM,CAAC,CAAC;EACrBM,eAAe,EAAET,YAAC,CAACG,MAAM,CAAC,CAAC;EAC3BO,gBAAgB,EAAEV,YAAC,CAACG,MAAM,CAAC;AAC7B,CAAC,CAAC;AAACC,OAAA,CAAAG,wBAAA,GAAAA,wBAAA;AAGI,MAAMI,2BAA2B,GAAGX,YAAC,CAACC,MAAM,CAAC;EAClDW,UAAU,EAAEZ,YAAC,CAACa,OAAO,CAAC,6CAA6C,CAAC;EACpEC,SAAS,EAAEd,YAAC,CAACG,MAAM,CAAC;AACtB,CAAC,CAAC;AAACC,OAAA,CAAAO,2BAAA,GAAAA,2BAAA;AAGI,MAAMI,2BAA2B,GAAGf,YAAC,CAACC,MAAM,CAAC;EAClDe,MAAM,EAAEhB,YAAC,CAACa,OAAO,CAAC,SAAS;AAC7B,CAAC,CAAC;AAACT,OAAA,CAAAW,2BAAA,GAAAA,2BAAA;AAGI,MAAME,gBAAgB,GAAGjB,YAAC,CAACkB,KAAK,CAAC,CACtClB,YAAC,CAACa,OAAO,CAAC,+BAA+B,CAAC,EAC1Cb,YAAC,CAACa,OAAO,CAAC,6BAA6B,CAAC,EACxCb,YAAC,CAACa,OAAO,CAAC,iBAAiB,CAAC,CAC7B,CAAC;AAACT,OAAA,CAAAa,gBAAA,GAAAA,gBAAA;AAGI,MAAME,kBAAkB,GAAGnB,YAAC,CAACC,MAAM,CAAC;EACzCmB,EAAE,EAAEpB,YAAC,CAACG,MAAM,CAAC,CAAC;EACdkB,UAAU,EAAErB,YAAC,CAACsB,OAAO,CAAC,CAAC;EACvBC,iBAAiB,EAAEvB,YAAC,CAACkB,KAAK,CAAC,CAACD,gBAAgB,EAAEjB,YAAC,CAACwB,SAAS,CAAC,CAAC,CAAC,CAAC,CAACC,QAAQ,CAAC;AACzE,CAAC,CAAC;AAACrB,OAAA,CAAAe,kBAAA,GAAAA,kBAAA;AAGI,MAAMO,aAAa,GAAG1B,YAAC,CAACC,MAAM,CAAC;EACpC0B,IAAI,EAAE3B,YAAC,CAACG,MAAM,CAAC,CAAC,CAACsB,QAAQ,CAAC,CAAC;EAC3BG,KAAK,EAAE5B,YAAC,CAACG,MAAM,CAAC,CAAC,CAACsB,QAAQ,CAAC,CAAC;EAC5BT,MAAM,EAAEhB,YAAC,CAAC6B,MAAM,CAAC,CAAC,CAACJ,QAAQ,CAAC,CAAC;EAC7BK,MAAM,EAAE9B,YAAC,CAACG,MAAM,CAAC,CAAC,CAACsB,QAAQ,CAAC,CAAC;EAC7BM,QAAQ,EAAE/B,YAAC,CAACG,MAAM,CAAC,CAAC,CAACsB,QAAQ,CAAC;AAChC,CAAC,CAAC;AAACrB,OAAA,CAAAsB,aAAA,GAAAA,aAAA;AAGI,MAAMM,YAAY,GAAG;EAC1BC,MAAM,EAAEjC,YAAC,CAACa,OAAO,CAAC,KAAK,CAAC;EACxBqB,IAAI,EAAElC,YAAC,CAACa,OAAO,CAAC,QAAQ,CAAC;EACzBsB,UAAU,EAAEnC,YAAC,CAACoC,KAAK,CAAC,CAAC;EACrBC,QAAQ,EAAEtC;AACZ,CAAC;AAACK,OAAA,CAAA4B,YAAA,GAAAA,YAAA;AAGK,MAAMM,yBAAyB,GAAG;EACvCL,MAAM,EAAEjC,YAAC,CAACa,OAAO,CAAC,MAAM,CAAC;EACzBqB,IAAI,EAAElC,YAAC,CAACa,OAAO,CAAC,mBAAmB,CAAC;EACpCsB,UAAU,EAAEnC,YAAC,CAACC,MAAM,CAAC;IACnBsC,IAAI,EAAEhC;EACR,CAAC,CAAC;EACF8B,QAAQ,EAAErC,YAAC,CAACwC,OAAO,CAAC;AACtB,CAAC;AAACpC,OAAA,CAAAkC,yBAAA,GAAAA,yBAAA;AAGK,MAAMG,4BAA4B,GAAG;EAC1CR,MAAM,EAAEjC,YAAC,CAACa,OAAO,CAAC,MAAM,CAAC;EACzBqB,IAAI,EAAElC,YAAC,CAACa,OAAO,CAAC,QAAQ,CAAC;EACzBsB,UAAU,EAAEnC,YAAC,CAACC,MAAM,CAAC;IACnBsC,IAAI,EAAE5B;EACR,CAAC,CAAC;EACF0B,QAAQ,EAAEhC;AACZ,CAAC;AAACD,OAAA,CAAAqC,4BAAA,GAAAA,4BAAA;AAGK,MAAMC,kCAAkC,GAAG;EAChDT,MAAM,EAAEjC,YAAC,CAACa,OAAO,CAAC,KAAK,CAAC;EACxBqB,IAAI,EAAElC,YAAC,CAACa,OAAO,CAAC,kCAAkC,CAAC;EACnDsB,UAAU,EAAEnC,YAAC,CAACoC,KAAK,CAAC,CAAC;EACrBC,QAAQ,EAAElB;AACZ,CAAC;AAACf,OAAA,CAAAsC,kCAAA,GAAAA,kCAAA;AAGK,MAAMC,2BAA2B,GAAG;EACzCV,MAAM,EAAEjC,YAAC,CAACa,OAAO,CAAC,KAAK,CAAC;EACxBqB,IAAI,EAAElC,YAAC,CAACa,OAAO,CAAC,+BAA+B,CAAC;EAChDsB,UAAU,EAAEnC,YAAC,CAACC,MAAM,CAAC;IACnBiC,IAAI,EAAElC,YAAC,CAACC,MAAM,CAAC;MACbmB,EAAE,EAAEpB,YAAC,CAACG,MAAM,CAAC;IACf,CAAC;EACH,CAAC,CAAC;EACFkC,QAAQ,EAAElB;AACZ,CAAC;AAACf,OAAA,CAAAuC,2BAAA,GAAAA,2BAAA;AAGK,MAAMC,2BAA2B,GAAG;EACzCX,MAAM,EAAEjC,YAAC,CAACa,OAAO,CAAC,KAAK,CAAC;EACxBqB,IAAI,EAAElC,YAAC,CAACa,OAAO,CAAC,+BAA+B,CAAC;EAChDsB,UAAU,EAAEnC,YAAC,CAACC,MAAM,CAAC;IACnBiC,IAAI,EAAElC,YAAC,CAACC,MAAM,CAAC;MACbmB,EAAE,EAAEpB,YAAC,CAACG,MAAM,CAAC;IACf,CAAC,CAAC;IACFoC,IAAI,EAAExB;EACR,CAAC,CAAC;EACFsB,QAAQ,EAAErC,YAAC,CAACwC,OAAO,CAAC;AACtB,CAAC;;AAED;AAAApC,OAAA,CAAAwC,2BAAA,GAAAA,2BAAA;AACO,MAAMC,gBAAgB,GAAG;EAC9BC,GAAG,EAAE;IACH,QAAQ,EAAEd,YAAY;IACtB,kCAAkC,EAAEU,kCAAkC;IACtE,+BAA+B,EAAEC;EACnC,CAAC;EACDI,IAAI,EAAE;IACJ,mBAAmB,EAAET,yBAAyB;IAC9C,QAAQ,EAAEG;EACZ,CAAC;EACDO,GAAG,EAAE;IACH,+BAA+B,EAAEJ;EACnC;AACF,CAAC;;AAED;;AAEA;;AAKA;;AAEA;AAAAxC,OAAA,CAAAyC,gBAAA,GAAAA,gBAAA;AAyCA;;AAEA;AACO,MAAMI,SAAS,CAAC;EACrBC,OAAO,GAAW,EAAE;EAEpBC,WAAWA,CAAQC,OAAgB,EAAE;IAAA,KAAlBA,OAAgB,GAAhBA,OAAgB;EAAG;EAEtCC,UAAUA,CAACH,OAAe,EAAE;IAC1B,IAAI,CAACA,OAAO,GAAGA,OAAO;IACtB,OAAO,IAAI;EACb;;EAEA;EACAJ,GAAGA,CACDZ,IAAU,EAE+B;IACzC,OAAO,IAAI,CAACkB,OAAO,CAAC,KAAK,EAAE,IAAI,CAACF,OAAO,GAAGhB,IAAI,EAAAoB,SAAA,CAAAC,MAAA,QAAA/B,SAAA,GAAA8B,SAAA,GAAW,CAAC;EAC5D;EACA;;EAEA;EACAP,IAAIA,CACFb,IAAU,EAE+B;IACzC,OAAO,IAAI,CAACkB,OAAO,CAAC,MAAM,EAAE,IAAI,CAACF,OAAO,GAAGhB,IAAI,EAAAoB,SAAA,CAAAC,MAAA,QAAA/B,SAAA,GAAA8B,SAAA,GAAW,CAAC;EAC7D;EACA;;EAEA;EACAN,GAAGA,CACDd,IAAU,EAE+B;IACzC,OAAO,IAAI,CAACkB,OAAO,CAAC,KAAK,EAAE,IAAI,CAACF,OAAO,GAAGhB,IAAI,EAAAoB,SAAA,CAAAC,MAAA,QAAA/B,SAAA,GAAA8B,SAAA,GAAW,CAAC;EAC5D;EACA;AACF;AAAClD,OAAA,CAAA6C,SAAA,GAAAA,SAAA;AAEM,SAASO,eAAeA,CAACJ,OAAgB,EAAEF,OAAgB,EAAE;EAClE,OAAO,IAAID,SAAS,CAACG,OAAO,CAAC,CAACC,UAAU,CAACH,OAAO,IAAI,EAAE,CAAC;AACzD;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA"}
|
|
@@ -72,6 +72,9 @@ const startUserAuthorization = async (issuerConf, credentialType, ctx) => {
|
|
|
72
72
|
appFetch = fetch
|
|
73
73
|
} = ctx;
|
|
74
74
|
const clientId = await wiaCryptoContext.getPublicKey().then(_ => _.kid);
|
|
75
|
+
if (!clientId) {
|
|
76
|
+
throw new Error("No public key found");
|
|
77
|
+
}
|
|
75
78
|
const codeVerifier = (0, _misc.generateRandomAlphaNumericString)(64);
|
|
76
79
|
const parEndpoint = issuerConf.oauth_authorization_server.pushed_authorization_request_endpoint;
|
|
77
80
|
const credentialDefinition = selectCredentialDefinition(issuerConf, credentialType);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_misc","require","_par","_const","selectCredentialDefinition","issuerConf","credentialType","credential_configurations_supported","openid_credential_issuer","result","Object","keys","filter","e","includes","map","credential_configuration_id","format","type","Error","selectResponseMode","responseModeSupported","oauth_authorization_server","response_modes_supported","responseMode","startUserAuthorization","ctx","wiaCryptoContext","walletInstanceAttestation","redirectUri","appFetch","fetch","clientId","getPublicKey","then","_","kid","codeVerifier","generateRandomAlphaNumericString","parEndpoint","pushed_authorization_request_endpoint","credentialDefinition","getPar","makeParRequest","issuerRequestUri","ASSERTION_TYPE","exports"],"sourceRoot":"../../../../src","sources":["credential/issuance/03-start-user-authorization.ts"],"mappings":";;;;;;AAEA,IAAAA,KAAA,GAAAC,OAAA;AAGA,IAAAC,IAAA,GAAAD,OAAA;AACA,IAAAE,MAAA,GAAAF,OAAA;AAkBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMG,0BAA0B,GAAGA,CACjCC,UAAkD,EAClDC,cAAgD,KACxB;EACxB,MAAMC,mCAAmC,GACvCF,UAAU,CAACG,wBAAwB,CAACD,mCAAmC;EAEzE,MAAM,CAACE,MAAM,CAAC,GAAGC,MAAM,CAACC,IAAI,CAACJ,mCAAmC,CAAC,CAC9DK,MAAM,CAAEC,CAAC,IAAKA,CAAC,CAACC,QAAQ,CAACR,cAAc,CAAC,CAAC,CACzCS,GAAG,CAAEF,CAAC,KAAM;IACXG,2BAA2B,EAAEV,cAAc;IAC3CW,MAAM,EAAEV,mCAAmC,CAACM,CAAC,CAAC,CAAEI,MAAM;IACtDC,IAAI,EAAE;EACR,CAAC,CAAC,CAAC;EAEL,IAAI,CAACT,MAAM,EAAE;IACX,MAAM,IAAIU,KAAK,CAAE,mCAAkCb,cAAe,GAAE,CAAC;EACvE;EACA,OAAOG,MAAM;AACf,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA,MAAMW,kBAAkB,GAAGA,CACzBf,UAAkD,EAClDC,cAAgD,KAC/B;EACjB,MAAMe,qBAAqB,GACzBhB,UAAU,CAACiB,0BAA0B,CAACC,wBAAwB;EAEhE,MAAMC,YAAY,GAChBlB,cAAc,KAAK,0BAA0B,GAAG,OAAO,GAAG,eAAe;EAE3E,IAAI,CAACe,qBAAqB,CAACP,QAAQ,CAACU,YAAY,CAAC,EAAE;IACjD,MAAM,IAAIL,KAAK,CAAE,sCAAqCb,cAAe,GAAE,CAAC;EAC1E;EAEA,OAAOkB,YAAY;AACrB,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMC,sBAA8C,GAAG,MAAAA,CAC5DpB,UAAU,EACVC,cAAc,EACdoB,GAAG,KACA;EACH,MAAM;IACJC,gBAAgB;IAChBC,yBAAyB;IACzBC,WAAW;IACXC,QAAQ,GAAGC;EACb,CAAC,GAAGL,GAAG;EAEP,MAAMM,QAAQ,GAAG,MAAML,gBAAgB,CAACM,YAAY,CAAC,CAAC,CAACC,IAAI,CAAEC,CAAC,IAAKA,CAAC,CAACC,GAAG,CAAC;EACzE,
|
|
1
|
+
{"version":3,"names":["_misc","require","_par","_const","selectCredentialDefinition","issuerConf","credentialType","credential_configurations_supported","openid_credential_issuer","result","Object","keys","filter","e","includes","map","credential_configuration_id","format","type","Error","selectResponseMode","responseModeSupported","oauth_authorization_server","response_modes_supported","responseMode","startUserAuthorization","ctx","wiaCryptoContext","walletInstanceAttestation","redirectUri","appFetch","fetch","clientId","getPublicKey","then","_","kid","codeVerifier","generateRandomAlphaNumericString","parEndpoint","pushed_authorization_request_endpoint","credentialDefinition","getPar","makeParRequest","issuerRequestUri","ASSERTION_TYPE","exports"],"sourceRoot":"../../../../src","sources":["credential/issuance/03-start-user-authorization.ts"],"mappings":";;;;;;AAEA,IAAAA,KAAA,GAAAC,OAAA;AAGA,IAAAC,IAAA,GAAAD,OAAA;AACA,IAAAE,MAAA,GAAAF,OAAA;AAkBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMG,0BAA0B,GAAGA,CACjCC,UAAkD,EAClDC,cAAgD,KACxB;EACxB,MAAMC,mCAAmC,GACvCF,UAAU,CAACG,wBAAwB,CAACD,mCAAmC;EAEzE,MAAM,CAACE,MAAM,CAAC,GAAGC,MAAM,CAACC,IAAI,CAACJ,mCAAmC,CAAC,CAC9DK,MAAM,CAAEC,CAAC,IAAKA,CAAC,CAACC,QAAQ,CAACR,cAAc,CAAC,CAAC,CACzCS,GAAG,CAAEF,CAAC,KAAM;IACXG,2BAA2B,EAAEV,cAAc;IAC3CW,MAAM,EAAEV,mCAAmC,CAACM,CAAC,CAAC,CAAEI,MAAM;IACtDC,IAAI,EAAE;EACR,CAAC,CAAC,CAAC;EAEL,IAAI,CAACT,MAAM,EAAE;IACX,MAAM,IAAIU,KAAK,CAAE,mCAAkCb,cAAe,GAAE,CAAC;EACvE;EACA,OAAOG,MAAM;AACf,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA,MAAMW,kBAAkB,GAAGA,CACzBf,UAAkD,EAClDC,cAAgD,KAC/B;EACjB,MAAMe,qBAAqB,GACzBhB,UAAU,CAACiB,0BAA0B,CAACC,wBAAwB;EAEhE,MAAMC,YAAY,GAChBlB,cAAc,KAAK,0BAA0B,GAAG,OAAO,GAAG,eAAe;EAE3E,IAAI,CAACe,qBAAqB,CAACP,QAAQ,CAACU,YAAY,CAAC,EAAE;IACjD,MAAM,IAAIL,KAAK,CAAE,sCAAqCb,cAAe,GAAE,CAAC;EAC1E;EAEA,OAAOkB,YAAY;AACrB,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMC,sBAA8C,GAAG,MAAAA,CAC5DpB,UAAU,EACVC,cAAc,EACdoB,GAAG,KACA;EACH,MAAM;IACJC,gBAAgB;IAChBC,yBAAyB;IACzBC,WAAW;IACXC,QAAQ,GAAGC;EACb,CAAC,GAAGL,GAAG;EAEP,MAAMM,QAAQ,GAAG,MAAML,gBAAgB,CAACM,YAAY,CAAC,CAAC,CAACC,IAAI,CAAEC,CAAC,IAAKA,CAAC,CAACC,GAAG,CAAC;EACzE,IAAI,CAACJ,QAAQ,EAAE;IACb,MAAM,IAAIb,KAAK,CAAC,qBAAqB,CAAC;EACxC;EACA,MAAMkB,YAAY,GAAG,IAAAC,sCAAgC,EAAC,EAAE,CAAC;EACzD,MAAMC,WAAW,GACflC,UAAU,CAACiB,0BAA0B,CAACkB,qCAAqC;EAC7E,MAAMC,oBAAoB,GAAGrC,0BAA0B,CACrDC,UAAU,EACVC,cACF,CAAC;EACD,MAAMkB,YAAY,GAAGJ,kBAAkB,CAACf,UAAU,EAAEC,cAAc,CAAC;EAEnE,MAAMoC,MAAM,GAAG,IAAAC,mBAAc,EAAC;IAAEhB,gBAAgB;IAAEG;EAAS,CAAC,CAAC;EAC7D,MAAMc,gBAAgB,GAAG,MAAMF,MAAM,CACnCV,QAAQ,EACRK,YAAY,EACZR,WAAW,EACXL,YAAY,EACZe,WAAW,EACXX,yBAAyB,EACzB,CAACa,oBAAoB,CAAC,EACtBI,qBACF,CAAC;EAED,OAAO;IAAED,gBAAgB;IAAEZ,QAAQ;IAAEK,YAAY;IAAEI;EAAqB,CAAC;AAC3E,CAAC;AAACK,OAAA,CAAArB,sBAAA,GAAAA,sBAAA"}
|
|
@@ -5,50 +5,40 @@ Object.defineProperty(exports, "__esModule", {
|
|
|
5
5
|
});
|
|
6
6
|
exports.startFlowFromQR = void 0;
|
|
7
7
|
var z = _interopRequireWildcard(require("zod"));
|
|
8
|
-
var
|
|
9
|
-
var _errors = require("./errors");
|
|
8
|
+
var _errors = require("../../utils/errors");
|
|
10
9
|
function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
|
|
11
10
|
function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
|
|
12
|
-
const
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
requestURI: z.string()
|
|
11
|
+
const PresentationParams = z.object({
|
|
12
|
+
clientId: z.string().nonempty(),
|
|
13
|
+
requestUri: z.string().url(),
|
|
14
|
+
requestUriMethod: z.enum(["get", "post"]),
|
|
15
|
+
state: z.string().optional()
|
|
18
16
|
});
|
|
19
17
|
|
|
20
18
|
/**
|
|
21
19
|
* The beginning of the presentation flow.
|
|
22
20
|
* To be implemented accordind to the user touchpoint
|
|
23
21
|
*
|
|
24
|
-
* @param
|
|
22
|
+
* @param params Presentation parameters, depending on the starting touchoint
|
|
25
23
|
* @returns The url for the Relying Party to connect with
|
|
26
24
|
*/
|
|
27
25
|
|
|
28
26
|
/**
|
|
29
27
|
* Start a presentation flow by decoding an incoming QR-code
|
|
30
28
|
*
|
|
31
|
-
* @param
|
|
29
|
+
* @param params The encoded QR-code content
|
|
32
30
|
* @returns The url for the Relying Party to connect with
|
|
33
31
|
* @throws If the provided qr code fails to be decoded
|
|
34
32
|
*/
|
|
35
|
-
const startFlowFromQR =
|
|
36
|
-
const
|
|
37
|
-
const decodedUrl = new URL(decoded);
|
|
38
|
-
const protocol = decodedUrl.protocol;
|
|
39
|
-
const resource = decodedUrl.hostname;
|
|
40
|
-
const requestURI = decodedUrl.searchParams.get("request_uri");
|
|
41
|
-
const clientId = decodedUrl.searchParams.get("client_id");
|
|
42
|
-
const result = QRCodePayload.safeParse({
|
|
43
|
-
protocol,
|
|
44
|
-
resource,
|
|
45
|
-
requestURI,
|
|
46
|
-
clientId
|
|
47
|
-
});
|
|
33
|
+
const startFlowFromQR = params => {
|
|
34
|
+
const result = PresentationParams.safeParse(params);
|
|
48
35
|
if (result.success) {
|
|
49
36
|
return result.data;
|
|
50
37
|
} else {
|
|
51
|
-
throw new _errors.
|
|
38
|
+
throw new _errors.ValidationFailed({
|
|
39
|
+
message: "Invalid parameters provided",
|
|
40
|
+
reason: result.error.message
|
|
41
|
+
});
|
|
52
42
|
}
|
|
53
43
|
};
|
|
54
44
|
exports.startFlowFromQR = startFlowFromQR;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["z","_interopRequireWildcard","require","
|
|
1
|
+
{"version":3,"names":["z","_interopRequireWildcard","require","_errors","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","PresentationParams","object","clientId","string","nonempty","requestUri","url","requestUriMethod","enum","state","optional","startFlowFromQR","params","result","safeParse","success","data","ValidationFailed","message","reason","error","exports"],"sourceRoot":"../../../../src","sources":["credential/presentation/01-start-flow.ts"],"mappings":";;;;;;AAAA,IAAAA,CAAA,GAAAC,uBAAA,CAAAC,OAAA;AACA,IAAAC,OAAA,GAAAD,OAAA;AAAsD,SAAAE,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAJ,wBAAAQ,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAEtD,MAAMW,kBAAkB,GAAG1B,CAAC,CAAC2B,MAAM,CAAC;EAClCC,QAAQ,EAAE5B,CAAC,CAAC6B,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EAC/BC,UAAU,EAAE/B,CAAC,CAAC6B,MAAM,CAAC,CAAC,CAACG,GAAG,CAAC,CAAC;EAC5BC,gBAAgB,EAAEjC,CAAC,CAACkC,IAAI,CAAC,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;EACzCC,KAAK,EAAEnC,CAAC,CAAC6B,MAAM,CAAC,CAAC,CAACO,QAAQ,CAAC;AAC7B,CAAC,CAAC;;AAGF;AACA;AACA;AACA;AACA;AACA;AACA;;AAQA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMC,eAA0B,GAAIC,MAAM,IAAK;EACpD,MAAMC,MAAM,GAAGb,kBAAkB,CAACc,SAAS,CAACF,MAAM,CAAC;EAEnD,IAAIC,MAAM,CAACE,OAAO,EAAE;IAClB,OAAOF,MAAM,CAACG,IAAI;EACpB,CAAC,MAAM;IACL,MAAM,IAAIC,wBAAgB,CAAC;MACzBC,OAAO,EAAE,6BAA6B;MACtCC,MAAM,EAAEN,MAAM,CAACO,KAAK,CAACF;IACvB,CAAC,CAAC;EACJ;AACF,CAAC;AAACG,OAAA,CAAAV,eAAA,GAAAA,eAAA"}
|
|
@@ -4,63 +4,51 @@ Object.defineProperty(exports, "__esModule", {
|
|
|
4
4
|
value: true
|
|
5
5
|
});
|
|
6
6
|
exports.getRequestObject = void 0;
|
|
7
|
-
var _uuid = require("uuid");
|
|
8
|
-
var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
|
|
9
|
-
var _dpop = require("../../utils/dpop");
|
|
10
|
-
var _errors = require("./errors");
|
|
11
7
|
var _misc = require("../../utils/misc");
|
|
12
8
|
var _types = require("./types");
|
|
13
9
|
/**
|
|
14
|
-
* Obtain the Request Object for RP authentication
|
|
10
|
+
* Obtain the Request Object for RP authentication. Both the GET and POST `request_uri_method` are supported.
|
|
15
11
|
* @see https://italia.github.io/eudi-wallet-it-docs/versione-corrente/en/relying-party-solution.html
|
|
16
12
|
*
|
|
17
13
|
* @param requestUri The url for the Relying Party to connect with
|
|
18
|
-
* @param rpConf The Relying Party's configuration
|
|
19
|
-
* @param context.
|
|
20
|
-
* @param context.walletInstanceAttestation The Wallet Instance Attestation token
|
|
14
|
+
* @param rpConf The Relying Party's configuration * @param context.walletInstanceAttestation The Wallet Instance Attestation token
|
|
15
|
+
* @param context.walletCapabilities (optional) An object containing the wallet technical capabilities that will be sent with a POST request
|
|
21
16
|
* @param context.appFetch (optional) fetch api implementation. Default: built-in fetch
|
|
22
17
|
* @returns The Request Object that describes the presentation
|
|
23
18
|
*/
|
|
24
|
-
const getRequestObject = async (requestUri,
|
|
19
|
+
const getRequestObject = async (requestUri, _ref) => {
|
|
25
20
|
let {
|
|
26
|
-
wiaCryptoContext,
|
|
27
21
|
appFetch = fetch,
|
|
28
|
-
|
|
22
|
+
walletCapabilities
|
|
29
23
|
} = _ref;
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
}
|
|
42
|
-
}).then((0, _misc.hasStatusOrThrow)(200)).then(res => res.json()).then(responseJson => responseJson.response);
|
|
43
|
-
const responseJwt = (0, _ioReactNativeJwt.decode)(responseEncodedJwt);
|
|
44
|
-
|
|
45
|
-
// verify token signature according to RP's entity configuration
|
|
46
|
-
// to ensure the request object is authentic
|
|
47
|
-
{
|
|
48
|
-
const pubKey = rpConf.wallet_relying_party.jwks.keys.find(_ref2 => {
|
|
49
|
-
let {
|
|
50
|
-
kid
|
|
51
|
-
} = _ref2;
|
|
52
|
-
return kid === responseJwt.protectedHeader.kid;
|
|
24
|
+
if (walletCapabilities) {
|
|
25
|
+
// Validate external input
|
|
26
|
+
const {
|
|
27
|
+
wallet_metadata,
|
|
28
|
+
wallet_nonce
|
|
29
|
+
} = _types.RequestObjectWalletCapabilities.parse(walletCapabilities);
|
|
30
|
+
const formUrlEncodedBody = new URLSearchParams({
|
|
31
|
+
wallet_metadata: JSON.stringify(wallet_metadata),
|
|
32
|
+
...(wallet_nonce && {
|
|
33
|
+
wallet_nonce
|
|
34
|
+
})
|
|
53
35
|
});
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
36
|
+
const requestObjectEncodedJwt = await appFetch(requestUri, {
|
|
37
|
+
method: "POST",
|
|
38
|
+
headers: {
|
|
39
|
+
"Content-Type": "application/x-www-form-urlencoded"
|
|
40
|
+
},
|
|
41
|
+
body: formUrlEncodedBody.toString()
|
|
42
|
+
}).then((0, _misc.hasStatusOrThrow)(200)).then(res => res.text());
|
|
43
|
+
return {
|
|
44
|
+
requestObjectEncodedJwt
|
|
45
|
+
};
|
|
58
46
|
}
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
47
|
+
const requestObjectEncodedJwt = await appFetch(requestUri, {
|
|
48
|
+
method: "GET"
|
|
49
|
+
}).then((0, _misc.hasStatusOrThrow)(200)).then(res => res.text());
|
|
62
50
|
return {
|
|
63
|
-
|
|
51
|
+
requestObjectEncodedJwt
|
|
64
52
|
};
|
|
65
53
|
};
|
|
66
54
|
exports.getRequestObject = getRequestObject;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["
|
|
1
|
+
{"version":3,"names":["_misc","require","_types","getRequestObject","requestUri","_ref","appFetch","fetch","walletCapabilities","wallet_metadata","wallet_nonce","RequestObjectWalletCapabilities","parse","formUrlEncodedBody","URLSearchParams","JSON","stringify","requestObjectEncodedJwt","method","headers","body","toString","then","hasStatusOrThrow","res","text","exports"],"sourceRoot":"../../../../src","sources":["credential/presentation/03-get-request-object.ts"],"mappings":";;;;;;AAAA,IAAAA,KAAA,GAAAC,OAAA;AAEA,IAAAC,MAAA,GAAAD,OAAA;AAWA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAME,gBAAkC,GAAG,MAAAA,CAChDC,UAAU,EAAAC,IAAA,KAEP;EAAA,IADH;IAAEC,QAAQ,GAAGC,KAAK;IAAEC;EAAmB,CAAC,GAAAH,IAAA;EAExC,IAAIG,kBAAkB,EAAE;IACtB;IACA,MAAM;MAAEC,eAAe;MAAEC;IAAa,CAAC,GACrCC,sCAA+B,CAACC,KAAK,CAACJ,kBAAkB,CAAC;IAE3D,MAAMK,kBAAkB,GAAG,IAAIC,eAAe,CAAC;MAC7CL,eAAe,EAAEM,IAAI,CAACC,SAAS,CAACP,eAAe,CAAC;MAChD,IAAIC,YAAY,IAAI;QAAEA;MAAa,CAAC;IACtC,CAAC,CAAC;IAEF,MAAMO,uBAAuB,GAAG,MAAMX,QAAQ,CAACF,UAAU,EAAE;MACzDc,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE;MAClB,CAAC;MACDC,IAAI,EAAEP,kBAAkB,CAACQ,QAAQ,CAAC;IACpC,CAAC,CAAC,CACCC,IAAI,CAAC,IAAAC,sBAAgB,EAAC,GAAG,CAAC,CAAC,CAC3BD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC;IAE5B,OAAO;MACLR;IACF,CAAC;EACH;EAEA,MAAMA,uBAAuB,GAAG,MAAMX,QAAQ,CAACF,UAAU,EAAE;IACzDc,MAAM,EAAE;EACV,CAAC,CAAC,CACCI,IAAI,CAAC,IAAAC,sBAAgB,EAAC,GAAG,CAAC,CAAC,CAC3BD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC;EAE5B,OAAO;IACLR;EACF,CAAC;AACH,CAAC;AAACS,OAAA,CAAAvB,gBAAA,GAAAA,gBAAA"}
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
|
|
3
|
+
Object.defineProperty(exports, "__esModule", {
|
|
4
|
+
value: true
|
|
5
|
+
});
|
|
6
|
+
exports.getJwksFromConfig = void 0;
|
|
7
|
+
/**
|
|
8
|
+
* Defines the signature for a function that retrieves JSON Web Key Sets (JWKS) from a client.
|
|
9
|
+
*
|
|
10
|
+
* @template T - The tuple type representing the function arguments.
|
|
11
|
+
* @param args - The arguments passed to the function.
|
|
12
|
+
* @returns A promise resolving to an object containing an array of JWKs.
|
|
13
|
+
*/
|
|
14
|
+
|
|
15
|
+
/**
|
|
16
|
+
* Retrieves the JSON Web Key Set (JWKS) from a Relying Party's entity configuration.
|
|
17
|
+
*
|
|
18
|
+
* @param rpConfig - The configuration object of the Relying Party entity.
|
|
19
|
+
* @returns An object containing an array of JWKs.
|
|
20
|
+
* @throws Will throw an error if the configuration is invalid or if JWKS is not found.
|
|
21
|
+
*/
|
|
22
|
+
const getJwksFromConfig = rpConfig => {
|
|
23
|
+
const jwks = rpConfig.openid_credential_verifier.jwks;
|
|
24
|
+
if (!jwks || !Array.isArray(jwks.keys)) {
|
|
25
|
+
throw new Error("JWKS not found in Relying Party configuration.");
|
|
26
|
+
}
|
|
27
|
+
return {
|
|
28
|
+
keys: jwks.keys
|
|
29
|
+
};
|
|
30
|
+
};
|
|
31
|
+
exports.getJwksFromConfig = getJwksFromConfig;
|
|
32
|
+
//# sourceMappingURL=04-retrieve-rp-jwks.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["getJwksFromConfig","rpConfig","jwks","openid_credential_verifier","Array","isArray","keys","Error","exports"],"sourceRoot":"../../../../src","sources":["credential/presentation/04-retrieve-rp-jwks.ts"],"mappings":";;;;;;AAGA;AACA;AACA;AACA;AACA;AACA;AACA;;AAKA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMA,iBAEZ,GAAIC,QAAQ,IAAK;EAChB,MAAMC,IAAI,GAAGD,QAAQ,CAACE,0BAA0B,CAACD,IAAI;EAErD,IAAI,CAACA,IAAI,IAAI,CAACE,KAAK,CAACC,OAAO,CAACH,IAAI,CAACI,IAAI,CAAC,EAAE;IACtC,MAAM,IAAIC,KAAK,CAAC,gDAAgD,CAAC;EACnE;EAEA,OAAO;IACLD,IAAI,EAAEJ,IAAI,CAACI;EACb,CAAC;AACH,CAAC;AAACE,OAAA,CAAAR,iBAAA,GAAAA,iBAAA"}
|
|
@@ -0,0 +1,53 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
|
|
3
|
+
Object.defineProperty(exports, "__esModule", {
|
|
4
|
+
value: true
|
|
5
|
+
});
|
|
6
|
+
exports.verifyRequestObject = void 0;
|
|
7
|
+
var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
|
|
8
|
+
var _errors = require("./errors");
|
|
9
|
+
var _types = require("./types");
|
|
10
|
+
var _retrieveRpJwks = require("./04-retrieve-rp-jwks");
|
|
11
|
+
/**
|
|
12
|
+
* Function to verify the Request Object's signature and the client ID.
|
|
13
|
+
* @param requestObjectEncodedJwt The Request Object in JWT format
|
|
14
|
+
* @param context.clientId The client ID to verify
|
|
15
|
+
* @param context.jwkKeys The set of keys to verify the signature
|
|
16
|
+
* @param context.rpConf The Entity Configuration of the Relying Party
|
|
17
|
+
* @returns The verified Request Object
|
|
18
|
+
*/
|
|
19
|
+
const verifyRequestObject = async (requestObjectEncodedJwt, _ref) => {
|
|
20
|
+
let {
|
|
21
|
+
clientId,
|
|
22
|
+
rpConf
|
|
23
|
+
} = _ref;
|
|
24
|
+
const requestObjectJwt = (0, _ioReactNativeJwt.decode)(requestObjectEncodedJwt);
|
|
25
|
+
const {
|
|
26
|
+
keys
|
|
27
|
+
} = (0, _retrieveRpJwks.getJwksFromConfig)(rpConf.metadata);
|
|
28
|
+
|
|
29
|
+
// Verify token signature to ensure the request object is authentic
|
|
30
|
+
const pubKey = keys === null || keys === void 0 ? void 0 : keys.find(_ref2 => {
|
|
31
|
+
let {
|
|
32
|
+
kid
|
|
33
|
+
} = _ref2;
|
|
34
|
+
return kid === requestObjectJwt.protectedHeader.kid;
|
|
35
|
+
});
|
|
36
|
+
if (!pubKey) {
|
|
37
|
+
throw new _errors.UnverifiedEntityError("Request Object signature verification!");
|
|
38
|
+
}
|
|
39
|
+
|
|
40
|
+
// Standard claims are verified within `verify`
|
|
41
|
+
await (0, _ioReactNativeJwt.verify)(requestObjectEncodedJwt, pubKey, {
|
|
42
|
+
issuer: clientId
|
|
43
|
+
});
|
|
44
|
+
const requestObject = _types.RequestObject.parse(requestObjectJwt.payload);
|
|
45
|
+
if (!(clientId === requestObject.client_id && clientId === rpConf.sub)) {
|
|
46
|
+
throw new _errors.UnverifiedEntityError("Client ID does not match Request Object or Entity Configuration");
|
|
47
|
+
}
|
|
48
|
+
return {
|
|
49
|
+
requestObject
|
|
50
|
+
};
|
|
51
|
+
};
|
|
52
|
+
exports.verifyRequestObject = verifyRequestObject;
|
|
53
|
+
//# sourceMappingURL=05-verify-request-object.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["_ioReactNativeJwt","require","_errors","_types","_retrieveRpJwks","verifyRequestObject","requestObjectEncodedJwt","_ref","clientId","rpConf","requestObjectJwt","decodeJwt","keys","getJwksFromConfig","metadata","pubKey","find","_ref2","kid","protectedHeader","UnverifiedEntityError","verify","issuer","requestObject","RequestObject","parse","payload","client_id","sub","exports"],"sourceRoot":"../../../../src","sources":["credential/presentation/05-verify-request-object.ts"],"mappings":";;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AAEA,IAAAC,OAAA,GAAAD,OAAA;AACA,IAAAE,MAAA,GAAAF,OAAA;AACA,IAAAG,eAAA,GAAAH,OAAA;AAWA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMI,mBAAwC,GAAG,MAAAA,CACtDC,uBAAuB,EAAAC,IAAA,KAEpB;EAAA,IADH;IAAEC,QAAQ;IAAEC;EAAO,CAAC,GAAAF,IAAA;EAEpB,MAAMG,gBAAgB,GAAG,IAAAC,wBAAS,EAACL,uBAAuB,CAAC;EAC3D,MAAM;IAAEM;EAAK,CAAC,GAAG,IAAAC,iCAAiB,EAACJ,MAAM,CAACK,QAAQ,CAAC;;EAEnD;EACA,MAAMC,MAAM,GAAGH,IAAI,aAAJA,IAAI,uBAAJA,IAAI,CAAEI,IAAI,CACvBC,KAAA;IAAA,IAAC;MAAEC;IAAI,CAAC,GAAAD,KAAA;IAAA,OAAKC,GAAG,KAAKR,gBAAgB,CAACS,eAAe,CAACD,GAAG;EAAA,CAC3D,CAAC;EAED,IAAI,CAACH,MAAM,EAAE;IACX,MAAM,IAAIK,6BAAqB,CAAC,wCAAwC,CAAC;EAC3E;;EAEA;EACA,MAAM,IAAAC,wBAAM,EAACf,uBAAuB,EAAES,MAAM,EAAE;IAAEO,MAAM,EAAEd;EAAS,CAAC,CAAC;EAEnE,MAAMe,aAAa,GAAGC,oBAAa,CAACC,KAAK,CAACf,gBAAgB,CAACgB,OAAO,CAAC;EAEnE,IAAI,EAAElB,QAAQ,KAAKe,aAAa,CAACI,SAAS,IAAInB,QAAQ,KAAKC,MAAM,CAACmB,GAAG,CAAC,EAAE;IACtE,MAAM,IAAIR,6BAAqB,CAC7B,iEACF,CAAC;EACH;EAEA,OAAO;IAAEG;EAAc,CAAC;AAC1B,CAAC;AAACM,OAAA,CAAAxB,mBAAA,GAAAA,mBAAA"}
|
|
@@ -0,0 +1,39 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
|
|
3
|
+
Object.defineProperty(exports, "__esModule", {
|
|
4
|
+
value: true
|
|
5
|
+
});
|
|
6
|
+
exports.fetchPresentDefinition = void 0;
|
|
7
|
+
/**
|
|
8
|
+
* Retrieves a PresentationDefinition based on the given parameters.
|
|
9
|
+
*
|
|
10
|
+
* The method attempts the following strategies in order:
|
|
11
|
+
* 1. Checks if `presentation_definition` is directly available in the request object.
|
|
12
|
+
* 2. Uses a pre-configured `presentation_definition` from the relying party configuration if the `scope` is present in the request object.
|
|
13
|
+
*
|
|
14
|
+
* If none of the above conditions are met, the function throws an error indicating the definition could not be found. Note that `presentation_definition_uri` is not supported in 0.9.x.
|
|
15
|
+
*
|
|
16
|
+
* @param {RequestObject} requestObject - The request object containing the presentation definition or references to it.
|
|
17
|
+
* @param {RelyingPartyEntityConfiguration["payload"]["metadata"]} [rpConf] - Optional relying party configuration.
|
|
18
|
+
* @returns {Promise<{ presentationDefinition: PresentationDefinition }>} - Resolves with the presentation definition.
|
|
19
|
+
* @throws {Error} - Throws if the presentation definition cannot be found or fetched.
|
|
20
|
+
*/
|
|
21
|
+
const fetchPresentDefinition = async (requestObject, rpConf) => {
|
|
22
|
+
var _rpConf$openid_creden;
|
|
23
|
+
// Check if `presentation_definition` is directly available in the request object
|
|
24
|
+
if (requestObject.presentation_definition) {
|
|
25
|
+
return {
|
|
26
|
+
presentationDefinition: requestObject.presentation_definition
|
|
27
|
+
};
|
|
28
|
+
}
|
|
29
|
+
|
|
30
|
+
// Check if `scope` is present in the request object and a pre-configured presentation definition exists
|
|
31
|
+
if (requestObject.scope && rpConf !== null && rpConf !== void 0 && (_rpConf$openid_creden = rpConf.openid_credential_verifier) !== null && _rpConf$openid_creden !== void 0 && _rpConf$openid_creden.presentation_definition) {
|
|
32
|
+
return {
|
|
33
|
+
presentationDefinition: rpConf.openid_credential_verifier.presentation_definition
|
|
34
|
+
};
|
|
35
|
+
}
|
|
36
|
+
throw new Error("Presentation definition not found");
|
|
37
|
+
};
|
|
38
|
+
exports.fetchPresentDefinition = fetchPresentDefinition;
|
|
39
|
+
//# sourceMappingURL=06-fetch-presentation-definition.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["fetchPresentDefinition","requestObject","rpConf","_rpConf$openid_creden","presentation_definition","presentationDefinition","scope","openid_credential_verifier","Error","exports"],"sourceRoot":"../../../../src","sources":["credential/presentation/06-fetch-presentation-definition.ts"],"mappings":";;;;;;AAUA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMA,sBAAmD,GAAG,MAAAA,CACjEC,aAAa,EACbC,MAAM,KACH;EAAA,IAAAC,qBAAA;EACH;EACA,IAAIF,aAAa,CAACG,uBAAuB,EAAE;IACzC,OAAO;MACLC,sBAAsB,EAAEJ,aAAa,CAACG;IACxC,CAAC;EACH;;EAEA;EACA,IACEH,aAAa,CAACK,KAAK,IACnBJ,MAAM,aAANA,MAAM,gBAAAC,qBAAA,GAAND,MAAM,CAAEK,0BAA0B,cAAAJ,qBAAA,eAAlCA,qBAAA,CAAoCC,uBAAuB,EAC3D;IACA,OAAO;MACLC,sBAAsB,EACpBH,MAAM,CAACK,0BAA0B,CAACH;IACtC,CAAC;EACH;EAEA,MAAM,IAAII,KAAK,CAAC,mCAAmC,CAAC;AACtD,CAAC;AAACC,OAAA,CAAAT,sBAAA,GAAAA,sBAAA"}
|
|
@@ -0,0 +1,125 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
|
|
3
|
+
Object.defineProperty(exports, "__esModule", {
|
|
4
|
+
value: true
|
|
5
|
+
});
|
|
6
|
+
exports.prepareRemotePresentations = exports.evaluateDcqlQuery = void 0;
|
|
7
|
+
var _dcql = require("dcql");
|
|
8
|
+
var _valibot = require("valibot");
|
|
9
|
+
var _sdJwt = require("../../sd-jwt");
|
|
10
|
+
var _errors = require("../../utils/errors");
|
|
11
|
+
var _crypto = require("../../utils/crypto");
|
|
12
|
+
/**
|
|
13
|
+
* Convert a credential in JWT format to an object with claims
|
|
14
|
+
* for correct parsing by the `dcql` library.
|
|
15
|
+
*/
|
|
16
|
+
const mapCredentialToObject = jwt => {
|
|
17
|
+
const {
|
|
18
|
+
sdJwt,
|
|
19
|
+
disclosures
|
|
20
|
+
} = (0, _sdJwt.decode)(jwt);
|
|
21
|
+
const credentialFormat = sdJwt.header.typ;
|
|
22
|
+
|
|
23
|
+
// TODO [SIW-2082]: support MDOC credentials
|
|
24
|
+
if (credentialFormat !== "vc+sd-jwt") {
|
|
25
|
+
throw new Error(`Unsupported credential format: ${credentialFormat}`);
|
|
26
|
+
}
|
|
27
|
+
return {
|
|
28
|
+
vct: sdJwt.payload.vct,
|
|
29
|
+
credential_format: credentialFormat,
|
|
30
|
+
claims: disclosures.reduce((acc, disclosure) => ({
|
|
31
|
+
...acc,
|
|
32
|
+
[disclosure.decoded[1]]: disclosure.decoded
|
|
33
|
+
}), {})
|
|
34
|
+
};
|
|
35
|
+
};
|
|
36
|
+
|
|
37
|
+
/**
|
|
38
|
+
* Extract only successful matches from the DCQL query result.
|
|
39
|
+
*/
|
|
40
|
+
const getDcqlQueryMatches = result => Object.entries(result.credential_matches).filter(_ref => {
|
|
41
|
+
let [, match] = _ref;
|
|
42
|
+
return match.success === true;
|
|
43
|
+
});
|
|
44
|
+
const evaluateDcqlQuery = (credentialsSdJwt, query) => {
|
|
45
|
+
const credentials = credentialsSdJwt.map(_ref2 => {
|
|
46
|
+
let [, credential] = _ref2;
|
|
47
|
+
return mapCredentialToObject(credential);
|
|
48
|
+
});
|
|
49
|
+
try {
|
|
50
|
+
// Validate the query
|
|
51
|
+
const parsedQuery = _dcql.DcqlQuery.parse(query);
|
|
52
|
+
_dcql.DcqlQuery.validate(parsedQuery);
|
|
53
|
+
const queryResult = _dcql.DcqlQuery.query(parsedQuery, credentials);
|
|
54
|
+
if (!queryResult.canBeSatisfied) {
|
|
55
|
+
throw new Error("No credential can satisfy the provided DCQL query");
|
|
56
|
+
}
|
|
57
|
+
|
|
58
|
+
// Build an object vct:credentialJwt to map matched credentials to their JWT
|
|
59
|
+
const credentialsSdJwtByVct = credentials.reduce((acc, c, i) => ({
|
|
60
|
+
...acc,
|
|
61
|
+
[c.vct]: credentialsSdJwt[i]
|
|
62
|
+
}), {});
|
|
63
|
+
return getDcqlQueryMatches(queryResult).map(_ref3 => {
|
|
64
|
+
var _queryResult$credenti;
|
|
65
|
+
let [id, match] = _ref3;
|
|
66
|
+
if (match.output.credential_format !== "vc+sd-jwt") {
|
|
67
|
+
throw new Error("Unsupported format"); // TODO [SIW-2082]: support MDOC credentials
|
|
68
|
+
}
|
|
69
|
+
|
|
70
|
+
const {
|
|
71
|
+
vct,
|
|
72
|
+
claims
|
|
73
|
+
} = match.output;
|
|
74
|
+
|
|
75
|
+
// Find a matching credential set to see whether the credential is optional
|
|
76
|
+
// If no credential set is found, then the credential is required by default
|
|
77
|
+
// NOTE: This is an extra, it might not be necessary
|
|
78
|
+
const credentialSet = (_queryResult$credenti = queryResult.credential_sets) === null || _queryResult$credenti === void 0 ? void 0 : _queryResult$credenti.find(set => {
|
|
79
|
+
var _set$matching_options;
|
|
80
|
+
return (_set$matching_options = set.matching_options) === null || _set$matching_options === void 0 ? void 0 : _set$matching_options.flat().includes(vct);
|
|
81
|
+
});
|
|
82
|
+
const isOptional = credentialSet ? !credentialSet.required : false;
|
|
83
|
+
const [keyTag, credential] = credentialsSdJwtByVct[vct];
|
|
84
|
+
const requiredDisclosures = Object.values(claims);
|
|
85
|
+
return {
|
|
86
|
+
id,
|
|
87
|
+
keyTag,
|
|
88
|
+
credential,
|
|
89
|
+
isOptional,
|
|
90
|
+
requiredDisclosures
|
|
91
|
+
};
|
|
92
|
+
});
|
|
93
|
+
} catch (error) {
|
|
94
|
+
// Invalid DCQL query structure
|
|
95
|
+
if ((0, _valibot.isValiError)(error)) {
|
|
96
|
+
throw new _errors.ValidationFailed({
|
|
97
|
+
message: "Invalid DCQL query",
|
|
98
|
+
reason: error.issues.map(issue => issue.message).join(", ")
|
|
99
|
+
});
|
|
100
|
+
}
|
|
101
|
+
if (error instanceof _dcql.DcqlError) {
|
|
102
|
+
// TODO [SIW-2110]: handle invalid DQCL query or let the error propagate
|
|
103
|
+
}
|
|
104
|
+
if (error instanceof _dcql.DcqlCredentialSetError) {
|
|
105
|
+
// TODO [SIW-2110]: handle missing credentials or let the error propagate
|
|
106
|
+
}
|
|
107
|
+
throw error;
|
|
108
|
+
}
|
|
109
|
+
};
|
|
110
|
+
exports.evaluateDcqlQuery = evaluateDcqlQuery;
|
|
111
|
+
const prepareRemotePresentations = async (credentials, nonce, clientId) => {
|
|
112
|
+
return Promise.all(credentials.map(async item => {
|
|
113
|
+
const {
|
|
114
|
+
vp_token
|
|
115
|
+
} = await (0, _sdJwt.prepareVpToken)(nonce, clientId, [item.credential, item.requestedClaims, (0, _crypto.createCryptoContextFor)(item.keyTag)]);
|
|
116
|
+
return {
|
|
117
|
+
credentialId: item.id,
|
|
118
|
+
requestedClaims: item.requestedClaims,
|
|
119
|
+
vpToken: vp_token,
|
|
120
|
+
format: "vc+sd-jwt"
|
|
121
|
+
};
|
|
122
|
+
}));
|
|
123
|
+
};
|
|
124
|
+
exports.prepareRemotePresentations = prepareRemotePresentations;
|
|
125
|
+
//# sourceMappingURL=07-evaluate-dcql-query.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["_dcql","require","_valibot","_sdJwt","_errors","_crypto","mapCredentialToObject","jwt","sdJwt","disclosures","decode","credentialFormat","header","typ","Error","vct","payload","credential_format","claims","reduce","acc","disclosure","decoded","getDcqlQueryMatches","result","Object","entries","credential_matches","filter","_ref","match","success","evaluateDcqlQuery","credentialsSdJwt","query","credentials","map","_ref2","credential","parsedQuery","DcqlQuery","parse","validate","queryResult","canBeSatisfied","credentialsSdJwtByVct","c","i","_ref3","_queryResult$credenti","id","output","credentialSet","credential_sets","find","set","_set$matching_options","matching_options","flat","includes","isOptional","required","keyTag","requiredDisclosures","values","error","isValiError","ValidationFailed","message","reason","issues","issue","join","DcqlError","DcqlCredentialSetError","exports","prepareRemotePresentations","nonce","clientId","Promise","all","item","vp_token","prepareVpToken","requestedClaims","createCryptoContextFor","credentialId","vpToken","format"],"sourceRoot":"../../../../src","sources":["credential/presentation/07-evaluate-dcql-query.ts"],"mappings":";;;;;;AAAA,IAAAA,KAAA,GAAAC,OAAA;AAMA,IAAAC,QAAA,GAAAD,OAAA;AACA,IAAAE,MAAA,GAAAF,OAAA;AAEA,IAAAG,OAAA,GAAAH,OAAA;AACA,IAAAI,OAAA,GAAAJ,OAAA;AA8BA;AACA;AACA;AACA;AACA,MAAMK,qBAAqB,GAAIC,GAAW,IAAK;EAC7C,MAAM;IAAEC,KAAK;IAAEC;EAAY,CAAC,GAAG,IAAAC,aAAM,EAACH,GAAG,CAAC;EAC1C,MAAMI,gBAAgB,GAAGH,KAAK,CAACI,MAAM,CAACC,GAAG;;EAEzC;EACA,IAAIF,gBAAgB,KAAK,WAAW,EAAE;IACpC,MAAM,IAAIG,KAAK,CAAE,kCAAiCH,gBAAiB,EAAC,CAAC;EACvE;EAEA,OAAO;IACLI,GAAG,EAAEP,KAAK,CAACQ,OAAO,CAACD,GAAG;IACtBE,iBAAiB,EAAEN,gBAAgB;IACnCO,MAAM,EAAET,WAAW,CAACU,MAAM,CACxB,CAACC,GAAG,EAAEC,UAAU,MAAM;MACpB,GAAGD,GAAG;MACN,CAACC,UAAU,CAACC,OAAO,CAAC,CAAC,CAAC,GAAGD,UAAU,CAACC;IACtC,CAAC,CAAC,EACF,CAAC,CACH;EACF,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA,MAAMC,mBAAmB,GAAIC,MAAuB,IAClDC,MAAM,CAACC,OAAO,CAACF,MAAM,CAACG,kBAAkB,CAAC,CAACC,MAAM,CAC9CC,IAAA;EAAA,IAAC,GAAGC,KAAK,CAAC,GAAAD,IAAA;EAAA,OAAKC,KAAK,CAACC,OAAO,KAAK,IAAI;AAAA,CACvC,CAAiC;AAE5B,MAAMC,iBAAoC,GAAGA,CAClDC,gBAAgB,EAChBC,KAAK,KACF;EACH,MAAMC,WAAW,GAAGF,gBAAgB,CAACG,GAAG,CAACC,KAAA;IAAA,IAAC,GAAGC,UAAU,CAAC,GAAAD,KAAA;IAAA,OACtD/B,qBAAqB,CAACgC,UAAU,CAAC;EAAA,CACnC,CAAC;EAED,IAAI;IACF;IACA,MAAMC,WAAW,GAAGC,eAAS,CAACC,KAAK,CAACP,KAAK,CAAC;IAC1CM,eAAS,CAACE,QAAQ,CAACH,WAAW,CAAC;IAE/B,MAAMI,WAAW,GAAGH,eAAS,CAACN,KAAK,CAACK,WAAW,EAAEJ,WAAW,CAAC;IAE7D,IAAI,CAACQ,WAAW,CAACC,cAAc,EAAE;MAC/B,MAAM,IAAI9B,KAAK,CAAC,mDAAmD,CAAC;IACtE;;IAEA;IACA,MAAM+B,qBAAqB,GAAGV,WAAW,CAAChB,MAAM,CAC9C,CAACC,GAAG,EAAE0B,CAAC,EAAEC,CAAC,MAAM;MAAE,GAAG3B,GAAG;MAAE,CAAC0B,CAAC,CAAC/B,GAAG,GAAGkB,gBAAgB,CAACc,CAAC;IAAG,CAAC,CAAC,EAC1D,CAAC,CACH,CAAC;IAED,OAAOxB,mBAAmB,CAACoB,WAAW,CAAC,CAACP,GAAG,CAACY,KAAA,IAAiB;MAAA,IAAAC,qBAAA;MAAA,IAAhB,CAACC,EAAE,EAAEpB,KAAK,CAAC,GAAAkB,KAAA;MACtD,IAAIlB,KAAK,CAACqB,MAAM,CAAClC,iBAAiB,KAAK,WAAW,EAAE;QAClD,MAAM,IAAIH,KAAK,CAAC,oBAAoB,CAAC,CAAC,CAAC;MACzC;;MACA,MAAM;QAAEC,GAAG;QAAEG;MAAO,CAAC,GAAGY,KAAK,CAACqB,MAAM;;MAEpC;MACA;MACA;MACA,MAAMC,aAAa,IAAAH,qBAAA,GAAGN,WAAW,CAACU,eAAe,cAAAJ,qBAAA,uBAA3BA,qBAAA,CAA6BK,IAAI,CAAEC,GAAG;QAAA,IAAAC,qBAAA;QAAA,QAAAA,qBAAA,GAC1DD,GAAG,CAACE,gBAAgB,cAAAD,qBAAA,uBAApBA,qBAAA,CAAsBE,IAAI,CAAC,CAAC,CAACC,QAAQ,CAAC5C,GAAG,CAAC;MAAA,CAC5C,CAAC;MACD,MAAM6C,UAAU,GAAGR,aAAa,GAAG,CAACA,aAAa,CAACS,QAAQ,GAAG,KAAK;MAElE,MAAM,CAACC,MAAM,EAAExB,UAAU,CAAC,GAAGO,qBAAqB,CAAC9B,GAAG,CAAE;MACxD,MAAMgD,mBAAmB,GAAGtC,MAAM,CAACuC,MAAM,CACvC9C,MACF,CAA4B;MAC5B,OAAO;QACLgC,EAAE;QACFY,MAAM;QACNxB,UAAU;QACVsB,UAAU;QACVG;MACF,CAAC;IACH,CAAC,CAAC;EACJ,CAAC,CAAC,OAAOE,KAAK,EAAE;IACd;IACA,IAAI,IAAAC,oBAAW,EAACD,KAAK,CAAC,EAAE;MACtB,MAAM,IAAIE,wBAAgB,CAAC;QACzBC,OAAO,EAAE,oBAAoB;QAC7BC,MAAM,EAAEJ,KAAK,CAACK,MAAM,CAAClC,GAAG,CAAEmC,KAAK,IAAKA,KAAK,CAACH,OAAO,CAAC,CAACI,IAAI,CAAC,IAAI;MAC9D,CAAC,CAAC;IACJ;IAEA,IAAIP,KAAK,YAAYQ,eAAS,EAAE;MAC9B;IAAA;IAEF,IAAIR,KAAK,YAAYS,4BAAsB,EAAE;MAC3C;IAAA;IAEF,MAAMT,KAAK;EACb;AACF,CAAC;AAACU,OAAA,CAAA3C,iBAAA,GAAAA,iBAAA;AAEK,MAAM4C,0BAAsD,GAAG,MAAAA,CACpEzC,WAAW,EACX0C,KAAK,EACLC,QAAQ,KACL;EACH,OAAOC,OAAO,CAACC,GAAG,CAChB7C,WAAW,CAACC,GAAG,CAAC,MAAO6C,IAAI,IAAK;IAC9B,MAAM;MAAEC;IAAS,CAAC,GAAG,MAAM,IAAAC,qBAAc,EAACN,KAAK,EAAEC,QAAQ,EAAE,CACzDG,IAAI,CAAC3C,UAAU,EACf2C,IAAI,CAACG,eAAe,EACpB,IAAAC,8BAAsB,EAACJ,IAAI,CAACnB,MAAM,CAAC,CACpC,CAAC;IAEF,OAAO;MACLwB,YAAY,EAAEL,IAAI,CAAC/B,EAAE;MACrBkC,eAAe,EAAEH,IAAI,CAACG,eAAe;MACrCG,OAAO,EAAEL,QAAQ;MACjBM,MAAM,EAAE;IACV,CAAC;EACH,CAAC,CACH,CAAC;AACH,CAAC;AAACb,OAAA,CAAAC,0BAAA,GAAAA,0BAAA"}
|