@pagopa/io-react-native-wallet 0.4.3 → 0.6.0

package/lib/module/pid/issuing.js

@@ -1,92 +1,65 @@
-import { decode as decodeJwt, verify as verifyJwt, sha256ToBase64 } from "@pagopa/io-react-native-jwt";
-import { SignJWT, thumbprint } from "@pagopa/io-react-native-jwt";
+import { sha256ToBase64, SignJWT, thumbprint } from "@pagopa/io-react-native-jwt";
 import { JWK } from "../utils/jwk";
 import uuid from "react-native-uuid";
-import { PidIssuingError, PidMetadataError } from "../utils/errors";
-import { getUnsignedDPop } from "../utils/dpop";
-import { sign, generate, deleteKey } from "@pagopa/io-react-native-crypto";
-import { PidIssuerEntityConfiguration } from "./metadata";
-import { fixBase64EncodingOnKey } from "./../utils/jwk";
-
+import { PidIssuingError } from "../utils/errors";
+import { createDPopToken } from "../utils/dpop";
+import * as WalletInstanceAttestation from "../wallet-instance-attestation";
+import { generate, deleteKey } from "@pagopa/io-react-native-crypto";
+import { SdJwt } from ".";
+import { createCryptoContextFor } from "../utils/crypto";
 // This is a temporary type that will be used for demo purposes only
 
-export class Issuing {
-  constructor(pidProviderBaseUrl, walletProviderBaseUrl, walletInstanceAttestation, clientId) {
-    let appFetch = arguments.length > 4 && arguments[4] !== undefined ? arguments[4] : fetch;
-    this.pidProviderBaseUrl = pidProviderBaseUrl;
-    this.walletProviderBaseUrl = walletProviderBaseUrl;
-    this.state = `${uuid.v4()}`;
-    this.codeVerifier = `${uuid.v4()}`;
-    this.authorizationCode = `${uuid.v4()}`;
-    this.walletInstanceAttestation = walletInstanceAttestation;
-    this.clientId = clientId;
-    this.appFetch = appFetch;
-  }
+const assertionType = "urn:ietf:params:oauth:client-assertion-type:jwt-client-attestation";
 
-  /**
-   * Return the unsigned jwt to call the PAR request.
-   *
-   * @function
-   * @param jwk The wallet instance attestation public JWK
-   *
-   * @returns Unsigned jwt
-   *
-   */
-  async getUnsignedJwtForPar(jwk) {
-    const parsedJwk = JWK.parse(jwk);
-    const keyThumbprint = await thumbprint(parsedJwk);
-    const publicKey = {
-      ...parsedJwk,
+/**
+ * Make a PAR request to the PID issuer and return the response url
+ */
+const getPar = _ref => {
+  let {
+    wiaCryptoContext,
+    appFetch = fetch
+  } = _ref;
+  return async (clientId, codeVerifier, walletProviderBaseUrl, pidProviderEntityConfiguration, walletInstanceAttestation) => {
+    // Calculate the thumbprint of the public key of the Wallet Instance Attestation.
+    // The PAR request token is signed used the Wallet Instance Attestation key.
+    // The signature can be verified by reading the public key from the key set shippet with the it will ship the Wallet Instance Attestation;
+    //  key is matched by its kid, which is supposed to be the thumbprint of its public key.
+    const keyThumbprint = await wiaCryptoContext.getPublicKey().then(JWK.parse).then(thumbprint);
+    const iss = WalletInstanceAttestation.decode(walletInstanceAttestation).payload.cnf.jwk.kid;
+    const codeChallenge = await sha256ToBase64(codeVerifier);
+    const signedJwtForPar = await new SignJWT(wiaCryptoContext).setProtectedHeader({
       kid: keyThumbprint
-    };
-    const codeChallenge = await sha256ToBase64(this.codeVerifier);
-    const unsignedJwtForPar = new SignJWT({
-      client_assertion_type: "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
+    }).setPayload({
+      iss,
+      aud: pidProviderEntityConfiguration.payload.iss,
+      jti: `${uuid.v4()}`,
+      client_assertion_type: assertionType,
       authorization_details: [{
-        credentialDefinition: {
-          type: ["eu.eudiw.pid.it"]
+        credential_definition: {
+          type: "PersonIdentificationData"
         },
         format: "vc+sd-jwt",
-        type: "type"
+        type: "openid_credential"
       }],
       response_type: "code",
       code_challenge_method: "s256",
-      redirect_uri: this.walletProviderBaseUrl,
-      state: this.state,
-      client_id: this.clientId,
+      redirect_uri: walletProviderBaseUrl,
+      state: `${uuid.v4()}`,
+      client_id: clientId,
       code_challenge: codeChallenge
-    }).setProtectedHeader({
-      alg: "ES256",
-      kid: publicKey.kid
-    }).setIssuedAt().setExpirationTime("1h").toSign();
-    return unsignedJwtForPar;
-  }
-
-  /**
-   * Make a PAR request to the PID issuer and return the response url
-   *
-   * @function
-   * @param unsignedJwtForPar The unsigned JWT for PAR
-   * @param signature The JWT for PAR signature
-   *
-   * @returns Unsigned PAR url
-   *
-   */
-  async getPar(unsignedJwtForPar, signature) {
-    const codeChallenge = await sha256ToBase64(this.codeVerifier);
-    const signedJwtForPar = await SignJWT.appendSignature(unsignedJwtForPar, signature);
-    const parUrl = new URL("/as/par", this.pidProviderBaseUrl).href;
+    }).setIssuedAt().setExpirationTime("1h").sign();
+    const parUrl = pidProviderEntityConfiguration.payload.metadata.openid_credential_issuer.pushed_authorization_request_endpoint;
     const requestBody = {
       response_type: "code",
-      client_id: this.clientId,
+      client_id: clientId,
       code_challenge: codeChallenge,
       code_challenge_method: "S256",
-      client_assertion_type: "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
-      client_assertion: this.walletInstanceAttestation,
+      client_assertion_type: assertionType,
+      client_assertion: walletInstanceAttestation,
       request: signedJwtForPar
     };
     var formBody = new URLSearchParams(requestBody);
-    const response = await this.appFetch(parUrl, {
+    const response = await appFetch(parUrl, {
       method: "POST",
       headers: {
         "Content-Type": "application/x-www-form-urlencoded"
@@ -98,55 +71,56 @@ export class Issuing {
       return result.request_uri;
     }
     throw new PidIssuingError(`Unable to obtain PAR. Response code: ${await response.text()}`);
-  }
+  };
+};
+
+/**
+ * Start the issuing flow by generating an authorization request to the PID Provider. Obtain from the PID Provider an access token to be used to complete the issuing flow.
+ *
+ * @param params.wiaCryptoContext The key pair associated with the WIA. Will be use to prove the ownership of the attestation.
+ * @param params.appFetch (optional) Http client
+ * @param walletInstanceAttestation Wallet Instance Attestation token.
+ * @param walletProviderBaseUrl Base url for the Wallet Provider
+ * @param pidProviderEntityConfiguration The Entity Configuration of the PID Provider, from which discover public endooints.
+ * @returns The access token along with the values that identify the issuing session.
+ */
+export const authorizeIssuing = _ref2 => {
+  let {
+    wiaCryptoContext,
+    appFetch = fetch
+  } = _ref2;
+  return async (walletInstanceAttestation, walletProviderBaseUrl, pidProviderEntityConfiguration) => {
+    // FIXME: do better
+    const clientId = await wiaCryptoContext.getPublicKey().then(_ => _.kid);
+    const codeVerifier = `${uuid.v4()}`;
+    const authorizationCode = `${uuid.v4()}`;
+    const tokenUrl = pidProviderEntityConfiguration.payload.metadata.openid_credential_issuer.token_endpoint;
+    await getPar({
+      wiaCryptoContext,
+      appFetch
+    })(clientId, codeVerifier, walletProviderBaseUrl, pidProviderEntityConfiguration, walletInstanceAttestation);
 
-  /**
-   * Return the unsigned jwt for a generic DPoP
-   *
-   * @function
-   * @param jwk the public key for which the DPoP is to be created
-   *
-   * @returns Unsigned JWT for DPoP
-   *
-   */
-  async getUnsignedDPoP(jwk) {
-    const tokenUrl = new URL("/token", this.pidProviderBaseUrl).href;
-    const dPop = getUnsignedDPop(fixBase64EncodingOnKey(jwk), {
+    // Use an ephemeral key to be destroyed after use
+    const keytag = `ephemeral-${uuid.v4()}`;
+    await generate(keytag);
+    const ephemeralContext = createCryptoContextFor(keytag);
+    const signedDPop = await createDPopToken({
       htm: "POST",
       htu: tokenUrl,
       jti: `${uuid.v4()}`
-    });
-    return dPop;
-  }
-
-  /**
-   * Make an auth token request to the PID issuer
-   *
-   * @function
-   * @returns a token response
-   *
-   */
-  async getAuthToken() {
-    //Generate fresh keys for DPoP
-    const dPopKeyTag = `${uuid.v4()}`;
-    const dPopKey = await generate(dPopKeyTag);
-    const unsignedDPopForToken = await this.getUnsignedDPoP(dPopKey);
-    const dPopTokenSignature = await sign(unsignedDPopForToken, dPopKeyTag);
-    await deleteKey(dPopKeyTag);
-    const signedDPop = await SignJWT.appendSignature(unsignedDPopForToken, dPopTokenSignature);
-    const decodedJwtDPop = decodeJwt(signedDPop);
-    const tokenUrl = decodedJwtDPop.payload.htu;
+    }, ephemeralContext);
+    await deleteKey(keytag);
     const requestBody = {
       grant_type: "authorization code",
-      client_id: this.clientId,
-      code: this.authorizationCode,
-      code_verifier: this.codeVerifier,
-      client_assertion_type: "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
-      client_assertion: this.walletInstanceAttestation,
-      redirect_uri: this.walletProviderBaseUrl
+      client_id: clientId,
+      code: authorizationCode,
+      code_verifier: codeVerifier,
+      client_assertion_type: assertionType,
+      client_assertion: walletInstanceAttestation,
+      redirect_uri: walletProviderBaseUrl
     };
     var formBody = new URLSearchParams(requestBody);
-    const response = await this.appFetch(tokenUrl, {
+    const response = await appFetch(tokenUrl, {
       method: "POST",
       headers: {
         "Content-Type": "application/x-www-form-urlencoded",
@@ -155,51 +129,66 @@ export class Issuing {
       body: formBody.toString()
     });
     if (response.status === 200) {
-      return await response.json();
+      const {
+        c_nonce,
+        access_token
+      } = await response.json();
+      return {
+        accessToken: access_token,
+        nonce: c_nonce,
+        clientId,
+        codeVerifier,
+        authorizationCode,
+        walletProviderBaseUrl
+      };
     }
     throw new PidIssuingError(`Unable to obtain token. Response code: ${await response.text()}`);
-  }
+  };
+};
 
-  /**
-   * Return the unsigned jwt for nonce proof of possession
-   *
-   * @function
-   * @param nonce the nonce
-   *
-   * @returns Unsigned JWT for nonce proof
-   *
-   */
-  async getUnsignedNonceProof(nonce) {
-    const unsignedProof = new SignJWT({
-      nonce
-    }).setProtectedHeader({
-      alg: "ES256",
-      type: "openid4vci-proof+jwt"
-    }).setAudience(this.walletProviderBaseUrl).setIssuer(this.clientId).setIssuedAt().setExpirationTime("1h").toSign();
-    return unsignedProof;
-  }
+/**
+ * Return the signed jwt for nonce proof of possession
+ */
+const createNonceProof = async (nonce, issuer, audience, ctx) => {
+  return new SignJWT(ctx).setPayload({
+    nonce,
+    jwk: await ctx.getPublicKey()
+  }).setProtectedHeader({
+    type: "openid4vci-proof+jwt"
+  }).setAudience(audience).setIssuer(issuer).setIssuedAt().setExpirationTime("1h").sign();
+};
 
-  /**
-   * Make the credential issuing request to the PID issuer
-   *
-   * @function
-   * @param unsignedDPopForPid The unsigned JWT for PID DPoP
-   * @param dPopPidSignature The JWT for PID DPoP signature
-   * @param unsignedNonceProof The unsigned JWT for nonce proof
-   * @param nonceProofSignature The JWT for nonce proof signature
-   * @param accessToken The access token obtained with getAuthToken
-   * @param cieData Personal data read by the CIE
-   *
-   * @returns a credential
-   *
-   */
-  async getCredential(unsignedDPopForPid, dPopPidSignature, unsignedNonceProof, nonceProofSignature, accessToken, cieData) {
-    const signedDPopForPid = await SignJWT.appendSignature(unsignedDPopForPid, dPopPidSignature);
-    const signedNonceProof = await SignJWT.appendSignature(unsignedNonceProof, nonceProofSignature);
-    const credentialUrl = new URL("/credential", this.pidProviderBaseUrl).href;
+/**
+ * Complete the issuing flow and get the PID credential.
+ *
+ * @param params.pidCryptoContext The key pair associated with the PID. Will be use to prove the ownership of the credential.
+ * @param params.appFetch (optional) Http client
+ * @param authConf The authorization configuration retrieved with the access token
+ * @param cieData Data red from the CIE login process
+ * @returns The PID credential token
+ */
+export const getCredential = _ref3 => {
+  let {
+    pidCryptoContext,
+    appFetch = fetch
+  } = _ref3;
+  return async (_ref4, pidProviderEntityConfiguration, cieData) => {
+    let {
+      nonce,
+      accessToken,
+      clientId,
+      walletProviderBaseUrl
+    } = _ref4;
+    const signedDPopForPid = await createDPopToken({
+      htm: "POST",
+      htu: pidProviderEntityConfiguration.payload.metadata.openid_credential_issuer.token_endpoint,
+      jti: `${uuid.v4()}`
+    }, pidCryptoContext);
+    const signedNonceProof = await createNonceProof(nonce, clientId, walletProviderBaseUrl, pidCryptoContext);
+    const credentialUrl = pidProviderEntityConfiguration.payload.metadata.openid_credential_issuer.credential_endpoint;
     const requestBody = {
       credential_definition: JSON.stringify({
-        type: ["eu.eudiw.pid.it"]
+        type: ["PersonIdentificationData"]
       }),
       format: "vc+sd-jwt",
       proof: JSON.stringify({
@@ -209,7 +198,7 @@ export class Issuing {
       })
     };
     const formBody = new URLSearchParams(requestBody);
-    const response = await this.appFetch(credentialUrl, {
+    const response = await appFetch(credentialUrl, {
       method: "POST",
       headers: {
         "Content-Type": "application/x-www-form-urlencoded",
@@ -219,36 +208,19 @@ export class Issuing {
       body: formBody.toString()
     });
     if (response.status === 200) {
-      return await response.json();
-    }
-    throw new PidIssuingError(`Unable to obtain credential!`);
-  }
-
-  /**
-   * Obtain the PID issuer metadata
-   *
-   * @function
-   * @returns PID issuer metadata
-   *
-   */
-  async getEntityConfiguration() {
-    const metadataUrl = new URL("ci/.well-known/openid-federation", this.pidProviderBaseUrl).href;
-    const response = await this.appFetch(metadataUrl);
-    if (response.status === 200) {
-      const jwtMetadata = await response.text();
-      const {
-        payload
-      } = decodeJwt(jwtMetadata);
-      const result = PidIssuerEntityConfiguration.safeParse(payload);
-      if (result.success) {
-        const parsedMetadata = result.data;
-        await verifyJwt(jwtMetadata, parsedMetadata.jwks.keys);
-        return parsedMetadata;
-      } else {
-        throw new PidMetadataError(result.error.message);
-      }
+      const pidResponse = await response.json();
+      await validatePid(pidResponse.credential, pidCryptoContext);
+      return pidResponse;
     }
-    throw new PidMetadataError(`Unable to obtain PID metadata. Response: ${await response.text()} with status: ${response.status}`);
+    throw new PidIssuingError(`Unable to obtain credential! url=${credentialUrl} status=${response.status} body=${await response.text()}`);
+  };
+};
+const validatePid = async (pidJwt, pidCryptoContext) => {
+  const decoded = SdJwt.decode(pidJwt);
+  const pidKey = await pidCryptoContext.getPublicKey();
+  const holderBindedKey = decoded.sdJwt.payload.cnf.jwk;
+  if ((await thumbprint(pidKey)) !== (await thumbprint(holderBindedKey))) {
+    throw new PidIssuingError(`The obtained pid does not seem to be valid according to your configuration. Your PID public key is: ${JSON.stringify(pidKey)} but PID holder binded key is: ${JSON.stringify(holderBindedKey)}`);
   }
-}
+};
 //# sourceMappingURL=issuing.js.map

package/lib/module/pid/issuing.js.map

@@ -1 +1 @@
-{"version":3,"names":["decode","decodeJwt","verify","verifyJwt","sha256ToBase64","SignJWT","thumbprint","JWK","uuid","PidIssuingError","PidMetadataError","getUnsignedDPop","sign","generate","deleteKey","PidIssuerEntityConfiguration","fixBase64EncodingOnKey","Issuing","constructor","pidProviderBaseUrl","walletProviderBaseUrl","walletInstanceAttestation","clientId","appFetch","arguments","length","undefined","fetch","state","v4","codeVerifier","authorizationCode","getUnsignedJwtForPar","jwk","parsedJwk","parse","keyThumbprint","publicKey","kid","codeChallenge","unsignedJwtForPar","client_assertion_type","authorization_details","credentialDefinition","type","format","response_type","code_challenge_method","redirect_uri","client_id","code_challenge","setProtectedHeader","alg","setIssuedAt","setExpirationTime","toSign","getPar","signature","signedJwtForPar","appendSignature","parUrl","URL","href","requestBody","client_assertion","request","formBody","URLSearchParams","response","method","headers","body","toString","status","result","json","request_uri","text","getUnsignedDPoP","tokenUrl","dPop","htm","htu","jti","getAuthToken","dPopKeyTag","dPopKey","unsignedDPopForToken","dPopTokenSignature","signedDPop","decodedJwtDPop","payload","grant_type","code","code_verifier","DPoP","getUnsignedNonceProof","nonce","unsignedProof","setAudience","setIssuer","getCredential","unsignedDPopForPid","dPopPidSignature","unsignedNonceProof","nonceProofSignature","accessToken","cieData","signedDPopForPid","signedNonceProof","credentialUrl","credential_definition","JSON","stringify","proof","jwt","proof_type","Authorization","getEntityConfiguration","metadataUrl","jwtMetadata","safeParse","success","parsedMetadata","data","jwks","keys","error","message"],"sourceRoot":"../../../src","sources":["pid/issuing.ts"],"mappings":"AAAA,SACEA,MAAM,IAAIC,SAAS,EACnBC,MAAM,IAAIC,SAAS,EACnBC,cAAc,QACT,6BAA6B;AAEpC,SAASC,OAAO,EAAEC,UAAU,QAAQ,6BAA6B;AACjE,SAASC,GAAG,QAAQ,cAAc;AAClC,OAAOC,IAAI,MAAM,mBAAmB;AACpC,SAASC,eAAe,EAAEC,gBAAgB,QAAQ,iBAAiB;AACnE,SAASC,eAAe,QAAQ,eAAe;AAC/C,SAASC,IAAI,EAAEC,QAAQ,EAAEC,SAAS,QAAQ,gCAAgC;AAC1E,SAASC,4BAA4B,QAAQ,YAAY;AACzD,SAASC,sBAAsB,QAAQ,gBAAgB;;AAEvD;;AAgBA,OAAO,MAAMC,OAAO,CAAC;EAUnBC,WAAWA,CACTC,kBAA0B,EAC1BC,qBAA6B,EAC7BC,yBAAiC,EACjCC,QAAgB,EAEhB;IAAA,IADAC,QAA8B,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAGG,KAAK;IAEtC,IAAI,CAACR,kBAAkB,GAAGA,kBAAkB;IAC5C,IAAI,CAACC,qBAAqB,GAAGA,qBAAqB;IAClD,IAAI,CAACQ,KAAK,GAAI,GAAEpB,IAAI,CAACqB,EAAE,CAAC,CAAE,EAAC;IAC3B,IAAI,CAACC,YAAY,GAAI,GAAEtB,IAAI,CAACqB,EAAE,CAAC,CAAE,EAAC;IAClC,IAAI,CAACE,iBAAiB,GAAI,GAAEvB,IAAI,CAACqB,EAAE,CAAC,CAAE,EAAC;IACvC,IAAI,CAACR,yBAAyB,GAAGA,yBAAyB;IAC1D,IAAI,CAACC,QAAQ,GAAGA,QAAQ;IACxB,IAAI,CAACC,QAAQ,GAAGA,QAAQ;EAC1B;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMS,oBAAoBA,CAACC,GAAQ,EAAmB;IACpD,MAAMC,SAAS,GAAG3B,GAAG,CAAC4B,KAAK,CAACF,GAAG,CAAC;IAChC,MAAMG,aAAa,GAAG,MAAM9B,UAAU,CAAC4B,SAAS,CAAC;IACjD,MAAMG,SAAS,GAAG;MAAE,GAAGH,SAAS;MAAEI,GAAG,EAAEF;IAAc,CAAC;IACtD,MAAMG,aAAa,GAAG,MAAMnC,cAAc,CAAC,IAAI,CAAC0B,YAAY,CAAC;IAE7D,MAAMU,iBAAiB,GAAG,IAAInC,OAAO,CAAC;MACpCoC,qBAAqB,EACnB,wDAAwD;MAC1DC,qBAAqB,EAAE,CACrB;QACEC,oBAAoB,EAAE;UACpBC,IAAI,EAAE,CAAC,iBAAiB;QAC1B,CAAC;QACDC,MAAM,EAAE,WAAW;QACnBD,IAAI,EAAE;MACR,CAAC,CACF;MACDE,aAAa,EAAE,MAAM;MACrBC,qBAAqB,EAAE,MAAM;MAC7BC,YAAY,EAAE,IAAI,CAAC5B,qBAAqB;MACxCQ,KAAK,EAAE,IAAI,CAACA,KAAK;MACjBqB,SAAS,EAAE,IAAI,CAAC3B,QAAQ;MACxB4B,cAAc,EAAEX;IAClB,CAAC,CAAC,CACCY,kBAAkB,CAAC;MAClBC,GAAG,EAAE,OAAO;MACZd,GAAG,EAAED,SAAS,CAACC;IACjB,CAAC,CAAC,CACDe,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,MAAM,CAAC,CAAC;IAEX,OAAOf,iBAAiB;EAC1B;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMgB,MAAMA,CAAChB,iBAAyB,EAAEiB,SAAiB,EAAmB;IAC1E,MAAMlB,aAAa,GAAG,MAAMnC,cAAc,CAAC,IAAI,CAAC0B,YAAY,CAAC;IAC7D,MAAM4B,eAAe,GAAG,MAAMrD,OAAO,CAACsD,eAAe,CACnDnB,iBAAiB,EACjBiB,SACF,CAAC;IAED,MAAMG,MAAM,GAAG,IAAIC,GAAG,CAAC,SAAS,EAAE,IAAI,CAAC1C,kBAAkB,CAAC,CAAC2C,IAAI;IAE/D,MAAMC,WAAW,GAAG;MAClBjB,aAAa,EAAE,MAAM;MACrBG,SAAS,EAAE,IAAI,CAAC3B,QAAQ;MACxB4B,cAAc,EAAEX,aAAa;MAC7BQ,qBAAqB,EAAE,MAAM;MAC7BN,qBAAqB,EACnB,wDAAwD;MAC1DuB,gBAAgB,EAAE,IAAI,CAAC3C,yBAAyB;MAChD4C,OAAO,EAAEP;IACX,CAAC;IAED,IAAIQ,QAAQ,GAAG,IAAIC,eAAe,CAACJ,WAAW,CAAC;IAE/C,MAAMK,QAAQ,GAAG,MAAM,IAAI,CAAC7C,QAAQ,CAACqC,MAAM,EAAE;MAC3CS,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE;MAClB,CAAC;MACDC,IAAI,EAAEL,QAAQ,CAACM,QAAQ,CAAC;IAC1B,CAAC,CAAC;IAEF,IAAIJ,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAMC,MAAM,GAAG,MAAMN,QAAQ,CAACO,IAAI,CAAC,CAAC;MACpC,OAAOD,MAAM,CAACE,WAAW;IAC3B;IAEA,MAAM,IAAInE,eAAe,CACtB,wCAAuC,MAAM2D,QAAQ,CAACS,IAAI,CAAC,CAAE,EAChE,CAAC;EACH;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMC,eAAeA,CAAC7C,GAAQ,EAAmB;IAC/C,MAAM8C,QAAQ,GAAG,IAAIlB,GAAG,CAAC,QAAQ,EAAE,IAAI,CAAC1C,kBAAkB,CAAC,CAAC2C,IAAI;IAChE,MAAMkB,IAAI,GAAGrE,eAAe,CAACK,sBAAsB,CAACiB,GAAG,CAAC,EAAE;MACxDgD,GAAG,EAAE,MAAM;MACXC,GAAG,EAAEH,QAAQ;MACbI,GAAG,EAAG,GAAE3E,IAAI,CAACqB,EAAE,CAAC,CAAE;IACpB,CAAC,CAAC;IACF,OAAOmD,IAAI;EACb;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;EACE,MAAMI,YAAYA,CAAA,EAA2B;IAC3C;IACA,MAAMC,UAAU,GAAI,GAAE7E,IAAI,CAACqB,EAAE,CAAC,CAAE,EAAC;IACjC,MAAMyD,OAAO,GAAG,MAAMzE,QAAQ,CAACwE,UAAU,CAAC;IAC1C,MAAME,oBAAoB,GAAG,MAAM,IAAI,CAACT,eAAe,CAACQ,OAAO,CAAC;IAChE,MAAME,kBAAkB,GAAG,MAAM5E,IAAI,CAAC2E,oBAAoB,EAAEF,UAAU,CAAC;IACvE,MAAMvE,SAAS,CAACuE,UAAU,CAAC;IAE3B,MAAMI,UAAU,GAAG,MAAMpF,OAAO,CAACsD,eAAe,CAC9C4B,oBAAoB,EACpBC,kBACF,CAAC;IACD,MAAME,cAAc,GAAGzF,SAAS,CAACwF,UAAU,CAAC;IAC5C,MAAMV,QAAQ,GAAGW,cAAc,CAACC,OAAO,CAACT,GAAa;IACrD,MAAMnB,WAAW,GAAG;MAClB6B,UAAU,EAAE,oBAAoB;MAChC3C,SAAS,EAAE,IAAI,CAAC3B,QAAQ;MACxBuE,IAAI,EAAE,IAAI,CAAC9D,iBAAiB;MAC5B+D,aAAa,EAAE,IAAI,CAAChE,YAAY;MAChCW,qBAAqB,EACnB,wDAAwD;MAC1DuB,gBAAgB,EAAE,IAAI,CAAC3C,yBAAyB;MAChD2B,YAAY,EAAE,IAAI,CAAC5B;IACrB,CAAC;IACD,IAAI8C,QAAQ,GAAG,IAAIC,eAAe,CAACJ,WAAW,CAAC;IAE/C,MAAMK,QAAQ,GAAG,MAAM,IAAI,CAAC7C,QAAQ,CAACwD,QAAQ,EAAE;MAC7CV,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE,mCAAmC;QACnDyB,IAAI,EAAEN;MACR,CAAC;MACDlB,IAAI,EAAEL,QAAQ,CAACM,QAAQ,CAAC;IAC1B,CAAC,CAAC;IAEF,IAAIJ,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,OAAO,MAAML,QAAQ,CAACO,IAAI,CAAC,CAAC;IAC9B;IAEA,MAAM,IAAIlE,eAAe,CACtB,0CAAyC,MAAM2D,QAAQ,CAACS,IAAI,CAAC,CAAE,EAClE,CAAC;EACH;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMmB,qBAAqBA,CAACC,KAAa,EAAmB;IAC1D,MAAMC,aAAa,GAAG,IAAI7F,OAAO,CAAC;MAChC4F;IACF,CAAC,CAAC,CACC9C,kBAAkB,CAAC;MAClBC,GAAG,EAAE,OAAO;MACZR,IAAI,EAAE;IACR,CAAC,CAAC,CACDuD,WAAW,CAAC,IAAI,CAAC/E,qBAAqB,CAAC,CACvCgF,SAAS,CAAC,IAAI,CAAC9E,QAAQ,CAAC,CACxB+B,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,MAAM,CAAC,CAAC;IACX,OAAO2C,aAAa;EACtB;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,MAAMG,aAAaA,CACjBC,kBAA0B,EAC1BC,gBAAwB,EACxBC,kBAA0B,EAC1BC,mBAA2B,EAC3BC,WAAmB,EACnBC,OAAgB,EACM;IACtB,MAAMC,gBAAgB,GAAG,MAAMvG,OAAO,CAACsD,eAAe,CACpD2C,kBAAkB,EAClBC,gBACF,CAAC;IACD,MAAMM,gBAAgB,GAAG,MAAMxG,OAAO,CAACsD,eAAe,CACpD6C,kBAAkB,EAClBC,mBACF,CAAC;IACD,MAAMK,aAAa,GAAG,IAAIjD,GAAG,CAAC,aAAa,EAAE,IAAI,CAAC1C,kBAAkB,CAAC,CAAC2C,IAAI;IAE1E,MAAMC,WAAW,GAAG;MAClBgD,qBAAqB,EAAEC,IAAI,CAACC,SAAS,CAAC;QAAErE,IAAI,EAAE,CAAC,iBAAiB;MAAE,CAAC,CAAC;MACpEC,MAAM,EAAE,WAAW;MACnBqE,KAAK,EAAEF,IAAI,CAACC,SAAS,CAAC;QACpBE,GAAG,EAAEN,gBAAgB;QACrBF,OAAO;QACPS,UAAU,EAAE;MACd,CAAC;IACH,CAAC;IACD,MAAMlD,QAAQ,GAAG,IAAIC,eAAe,CAACJ,WAAW,CAAC;IAEjD,MAAMK,QAAQ,GAAG,MAAM,IAAI,CAAC7C,QAAQ,CAACuF,aAAa,EAAE;MAClDzC,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE,mCAAmC;QACnDyB,IAAI,EAAEa,gBAAgB;QACtBS,aAAa,EAAEX;MACjB,CAAC;MACDnC,IAAI,EAAEL,QAAQ,CAACM,QAAQ,CAAC;IAC1B,CAAC,CAAC;IAEF,IAAIJ,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,OAAO,MAAML,QAAQ,CAACO,IAAI,CAAC,CAAC;IAC9B;IAEA,MAAM,IAAIlE,eAAe,CAAE,8BAA6B,CAAC;EAC3D;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;EACE,MAAM6G,sBAAsBA,CAAA,EAA0C;IACpE,MAAMC,WAAW,GAAG,IAAI1D,GAAG,CACzB,kCAAkC,EAClC,IAAI,CAAC1C,kBACP,CAAC,CAAC2C,IAAI;IAEN,MAAMM,QAAQ,GAAG,MAAM,IAAI,CAAC7C,QAAQ,CAACgG,WAAW,CAAC;IAEjD,IAAInD,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAM+C,WAAW,GAAG,MAAMpD,QAAQ,CAACS,IAAI,CAAC,CAAC;MACzC,MAAM;QAAEc;MAAQ,CAAC,GAAG1F,SAAS,CAACuH,WAAW,CAAC;MAC1C,MAAM9C,MAAM,GAAG3D,4BAA4B,CAAC0G,SAAS,CAAC9B,OAAO,CAAC;MAC9D,IAAIjB,MAAM,CAACgD,OAAO,EAAE;QAClB,MAAMC,cAAc,GAAGjD,MAAM,CAACkD,IAAI;QAClC,MAAMzH,SAAS,CAACqH,WAAW,EAAEG,cAAc,CAACE,IAAI,CAACC,IAAI,CAAC;QACtD,OAAOH,cAAc;MACvB,CAAC,MAAM;QACL,MAAM,IAAIjH,gBAAgB,CAACgE,MAAM,CAACqD,KAAK,CAACC,OAAO,CAAC;MAClD;IACF;IAEA,MAAM,IAAItH,gBAAgB,CACvB,4CAA2C,MAAM0D,QAAQ,CAACS,IAAI,CAAC,CAAE,iBAChET,QAAQ,CAACK,MACV,EACH,CAAC;EACH;AACF"}
+{"version":3,"names":["sha256ToBase64","SignJWT","thumbprint","JWK","uuid","PidIssuingError","createDPopToken","WalletInstanceAttestation","generate","deleteKey","SdJwt","createCryptoContextFor","assertionType","getPar","_ref","wiaCryptoContext","appFetch","fetch","clientId","codeVerifier","walletProviderBaseUrl","pidProviderEntityConfiguration","walletInstanceAttestation","keyThumbprint","getPublicKey","then","parse","iss","decode","payload","cnf","jwk","kid","codeChallenge","signedJwtForPar","setProtectedHeader","setPayload","aud","jti","v4","client_assertion_type","authorization_details","credential_definition","type","format","response_type","code_challenge_method","redirect_uri","state","client_id","code_challenge","setIssuedAt","setExpirationTime","sign","parUrl","metadata","openid_credential_issuer","pushed_authorization_request_endpoint","requestBody","client_assertion","request","formBody","URLSearchParams","response","method","headers","body","toString","status","result","json","request_uri","text","authorizeIssuing","_ref2","_","authorizationCode","tokenUrl","token_endpoint","keytag","ephemeralContext","signedDPop","htm","htu","grant_type","code","code_verifier","DPoP","c_nonce","access_token","accessToken","nonce","createNonceProof","issuer","audience","ctx","setAudience","setIssuer","getCredential","_ref3","pidCryptoContext","_ref4","cieData","signedDPopForPid","signedNonceProof","credentialUrl","credential_endpoint","JSON","stringify","proof","jwt","proof_type","Authorization","pidResponse","validatePid","credential","pidJwt","decoded","pidKey","holderBindedKey","sdJwt"],"sourceRoot":"../../../src","sources":["pid/issuing.ts"],"mappings":"AAAA,SACEA,cAAc,EAEdC,OAAO,EACPC,UAAU,QACL,6BAA6B;AACpC,SAASC,GAAG,QAAQ,cAAc;AAClC,OAAOC,IAAI,MAAM,mBAAmB;AACpC,SAASC,eAAe,QAAQ,iBAAiB;AACjD,SAASC,eAAe,QAAQ,eAAe;AAE/C,OAAO,KAAKC,yBAAyB,MAAM,gCAAgC;AAC3E,SAASC,QAAQ,EAAEC,SAAS,QAAQ,gCAAgC;AACpE,SAASC,KAAK,QAAQ,GAAG;AACzB,SAASC,sBAAsB,QAAQ,iBAAiB;AACxD;;AAwBA,MAAMC,aAAa,GACjB,oEAAoE;;AAEtE;AACA;AACA;AACA,MAAMC,MAAM,GACVC,IAAA;EAAA,IAAC;IACCC,gBAAgB;IAChBC,QAAQ,GAAGC;EAIb,CAAC,GAAAH,IAAA;EAAA,OACD,OACEI,QAAgB,EAChBC,YAAoB,EACpBC,qBAA6B,EAC7BC,8BAAmE,EACnEC,yBAAiC,KACb;IACpB;IACA;IACA;IACA;IACA,MAAMC,aAAa,GAAG,MAAMR,gBAAgB,CACzCS,YAAY,CAAC,CAAC,CACdC,IAAI,CAACtB,GAAG,CAACuB,KAAK,CAAC,CACfD,IAAI,CAACvB,UAAU,CAAC;IAEnB,MAAMyB,GAAG,GAAGpB,yBAAyB,CAACqB,MAAM,CAACN,yBAAyB,CAAC,CACpEO,OAAO,CAACC,GAAG,CAACC,GAAG,CAACC,GAAG;IAEtB,MAAMC,aAAa,GAAG,MAAMjC,cAAc,CAACmB,YAAY,CAAC;IAExD,MAAMe,eAAe,GAAG,MAAM,IAAIjC,OAAO,CAACc,gBAAgB,CAAC,CACxDoB,kBAAkB,CAAC;MAClBH,GAAG,EAAET;IACP,CAAC,CAAC,CACDa,UAAU,CAAC;MACVT,GAAG;MACHU,GAAG,EAAEhB,8BAA8B,CAACQ,OAAO,CAACF,GAAG;MAC/CW,GAAG,EAAG,GAAElC,IAAI,CAACmC,EAAE,CAAC,CAAE,EAAC;MACnBC,qBAAqB,EAAE5B,aAAa;MACpC6B,qBAAqB,EAAE,CACrB;QACEC,qBAAqB,EAAE;UACrBC,IAAI,EAAE;QACR,CAAC;QACDC,MAAM,EAAE,WAAW;QACnBD,IAAI,EAAE;MACR,CAAC,CACF;MACDE,aAAa,EAAE,MAAM;MACrBC,qBAAqB,EAAE,MAAM;MAC7BC,YAAY,EAAE3B,qBAAqB;MACnC4B,KAAK,EAAG,GAAE5C,IAAI,CAACmC,EAAE,CAAC,CAAE,EAAC;MACrBU,SAAS,EAAE/B,QAAQ;MACnBgC,cAAc,EAAEjB;IAClB,CAAC,CAAC,CACDkB,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,IAAI,CAAC,CAAC;IAET,MAAMC,MAAM,GACVjC,8BAA8B,CAACQ,OAAO,CAAC0B,QAAQ,CAACC,wBAAwB,CACrEC,qCAAqC;IAE1C,MAAMC,WAAW,GAAG;MAClBb,aAAa,EAAE,MAAM;MACrBI,SAAS,EAAE/B,QAAQ;MACnBgC,cAAc,EAAEjB,aAAa;MAC7Ba,qBAAqB,EAAE,MAAM;MAC7BN,qBAAqB,EAAE5B,aAAa;MACpC+C,gBAAgB,EAAErC,yBAAyB;MAC3CsC,OAAO,EAAE1B;IACX,CAAC;IAED,IAAI2B,QAAQ,GAAG,IAAIC,eAAe,CAACJ,WAAW,CAAC;IAE/C,MAAMK,QAAQ,GAAG,MAAM/C,QAAQ,CAACsC,MAAM,EAAE;MACtCU,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE;MAClB,CAAC;MACDC,IAAI,EAAEL,QAAQ,CAACM,QAAQ,CAAC;IAC1B,CAAC,CAAC;IAEF,IAAIJ,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAMC,MAAM,GAAG,MAAMN,QAAQ,CAACO,IAAI,CAAC,CAAC;MACpC,OAAOD,MAAM,CAACE,WAAW;IAC3B;IAEA,MAAM,IAAIlE,eAAe,CACtB,wCAAuC,MAAM0D,QAAQ,CAACS,IAAI,CAAC,CAAE,EAChE,CAAC;EACH,CAAC;AAAA;;AAEH;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMC,gBAAgB,GAC3BC,KAAA;EAAA,IAAC;IACC3D,gBAAgB;IAChBC,QAAQ,GAAGC;EAIb,CAAC,GAAAyD,KAAA;EAAA,OACD,OACEpD,yBAAiC,EACjCF,qBAA6B,EAC7BC,8BAAmE,KACpC;IAC/B;IACA,MAAMH,QAAQ,GAAG,MAAMH,gBAAgB,CAACS,YAAY,CAAC,CAAC,CAACC,IAAI,CAAEkD,CAAC,IAAKA,CAAC,CAAC3C,GAAG,CAAC;IACzE,MAAMb,YAAY,GAAI,GAAEf,IAAI,CAACmC,EAAE,CAAC,CAAE,EAAC;IACnC,MAAMqC,iBAAiB,GAAI,GAAExE,IAAI,CAACmC,EAAE,CAAC,CAAE,EAAC;IACxC,MAAMsC,QAAQ,GACZxD,8BAA8B,CAACQ,OAAO,CAAC0B,QAAQ,CAACC,wBAAwB,CACrEsB,cAAc;IAEnB,MAAMjE,MAAM,CAAC;MAAEE,gBAAgB;MAAEC;IAAS,CAAC,CAAC,CAC1CE,QAAQ,EACRC,YAAY,EACZC,qBAAqB,EACrBC,8BAA8B,EAC9BC,yBACF,CAAC;;IAED;IACA,MAAMyD,MAAM,GAAI,aAAY3E,IAAI,CAACmC,EAAE,CAAC,CAAE,EAAC;IACvC,MAAM/B,QAAQ,CAACuE,MAAM,CAAC;IACtB,MAAMC,gBAAgB,GAAGrE,sBAAsB,CAACoE,MAAM,CAAC;IAEvD,MAAME,UAAU,GAAG,MAAM3E,eAAe,CACtC;MACE4E,GAAG,EAAE,MAAM;MACXC,GAAG,EAAEN,QAAQ;MACbvC,GAAG,EAAG,GAAElC,IAAI,CAACmC,EAAE,CAAC,CAAE;IACpB,CAAC,EACDyC,gBACF,CAAC;IAED,MAAMvE,SAAS,CAACsE,MAAM,CAAC;IAEvB,MAAMrB,WAAW,GAAG;MAClB0B,UAAU,EAAE,oBAAoB;MAChCnC,SAAS,EAAE/B,QAAQ;MACnBmE,IAAI,EAAET,iBAAiB;MACvBU,aAAa,EAAEnE,YAAY;MAC3BqB,qBAAqB,EAAE5B,aAAa;MACpC+C,gBAAgB,EAAErC,yBAAyB;MAC3CyB,YAAY,EAAE3B;IAChB,CAAC;IACD,IAAIyC,QAAQ,GAAG,IAAIC,eAAe,CAACJ,WAAW,CAAC;IAE/C,MAAMK,QAAQ,GAAG,MAAM/C,QAAQ,CAAC6D,QAAQ,EAAE;MACxCb,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE,mCAAmC;QACnDsB,IAAI,EAAEN;MACR,CAAC;MACDf,IAAI,EAAEL,QAAQ,CAACM,QAAQ,CAAC;IAC1B,CAAC,CAAC;IAEF,IAAIJ,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAM;QAAEoB,OAAO;QAAEC;MAAa,CAAC,GAAG,MAAM1B,QAAQ,CAACO,IAAI,CAAC,CAAC;MACvD,OAAO;QACLoB,WAAW,EAAED,YAAY;QACzBE,KAAK,EAAEH,OAAO;QACdtE,QAAQ;QACRC,YAAY;QACZyD,iBAAiB;QACjBxD;MACF,CAAC;IACH;IAEA,MAAM,IAAIf,eAAe,CACtB,0CAAyC,MAAM0D,QAAQ,CAACS,IAAI,CAAC,CAAE,EAClE,CAAC;EACH,CAAC;AAAA;;AAEH;AACA;AACA;AACA,MAAMoB,gBAAgB,GAAG,MAAAA,CACvBD,KAAa,EACbE,MAAc,EACdC,QAAgB,EAChBC,GAAkB,KACE;EACpB,OAAO,IAAI9F,OAAO,CAAC8F,GAAG,CAAC,CACpB3D,UAAU,CAAC;IACVuD,KAAK;IACL5D,GAAG,EAAE,MAAMgE,GAAG,CAACvE,YAAY,CAAC;EAC9B,CAAC,CAAC,CACDW,kBAAkB,CAAC;IAClBQ,IAAI,EAAE;EACR,CAAC,CAAC,CACDqD,WAAW,CAACF,QAAQ,CAAC,CACrBG,SAAS,CAACJ,MAAM,CAAC,CACjB1C,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,IAAI,CAAC,CAAC;AACX,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAM6C,aAAa,GACxBC,KAAA;EAAA,IAAC;IACCC,gBAAgB;IAChBpF,QAAQ,GAAGC;EAIb,CAAC,GAAAkF,KAAA;EAAA,OACD,OAAAE,KAAA,EAEEhF,8BAAmE,EACnEiF,OAAgB,KACS;IAAA,IAHzB;MAAEX,KAAK;MAAED,WAAW;MAAExE,QAAQ;MAAEE;IAAyC,CAAC,GAAAiF,KAAA;IAI1E,MAAME,gBAAgB,GAAG,MAAMjG,eAAe,CAC5C;MACE4E,GAAG,EAAE,MAAM;MACXC,GAAG,EAAE9D,8BAA8B,CAACQ,OAAO,CAAC0B,QAAQ,CACjDC,wBAAwB,CAACsB,cAAc;MAC1CxC,GAAG,EAAG,GAAElC,IAAI,CAACmC,EAAE,CAAC,CAAE;IACpB,CAAC,EACD6D,gBACF,CAAC;IACD,MAAMI,gBAAgB,GAAG,MAAMZ,gBAAgB,CAC7CD,KAAK,EACLzE,QAAQ,EACRE,qBAAqB,EACrBgF,gBACF,CAAC;IAED,MAAMK,aAAa,GACjBpF,8BAA8B,CAACQ,OAAO,CAAC0B,QAAQ,CAACC,wBAAwB,CACrEkD,mBAAmB;IAExB,MAAMhD,WAAW,GAAG;MAClBhB,qBAAqB,EAAEiE,IAAI,CAACC,SAAS,CAAC;QACpCjE,IAAI,EAAE,CAAC,0BAA0B;MACnC,CAAC,CAAC;MACFC,MAAM,EAAE,WAAW;MACnBiE,KAAK,EAAEF,IAAI,CAACC,SAAS,CAAC;QACpBE,GAAG,EAAEN,gBAAgB;QACrBF,OAAO;QACPS,UAAU,EAAE;MACd,CAAC;IACH,CAAC;IACD,MAAMlD,QAAQ,GAAG,IAAIC,eAAe,CAACJ,WAAW,CAAC;IAEjD,MAAMK,QAAQ,GAAG,MAAM/C,QAAQ,CAACyF,aAAa,EAAE;MAC7CzC,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE,mCAAmC;QACnDsB,IAAI,EAAEgB,gBAAgB;QACtBS,aAAa,EAAEtB;MACjB,CAAC;MACDxB,IAAI,EAAEL,QAAQ,CAACM,QAAQ,CAAC;IAC1B,CAAC,CAAC;IAEF,IAAIJ,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAM6C,WAAW,GAAI,MAAMlD,QAAQ,CAACO,IAAI,CAAC,CAAiB;MAC1D,MAAM4C,WAAW,CAACD,WAAW,CAACE,UAAU,EAAEf,gBAAgB,CAAC;MAC3D,OAAOa,WAAW;IACpB;IAEA,MAAM,IAAI5G,eAAe,CACtB,oCAAmCoG,aAAc,WAChD1C,QAAQ,CAACK,MACV,SAAQ,MAAML,QAAQ,CAACS,IAAI,CAAC,CAAE,EACjC,CAAC;EACH,CAAC;AAAA;AAEH,MAAM0C,WAAW,GAAG,MAAAA,CAAOE,MAAc,EAAEhB,gBAA+B,KAAK;EAC7E,MAAMiB,OAAO,GAAG3G,KAAK,CAACkB,MAAM,CAACwF,MAAM,CAAC;EACpC,MAAME,MAAM,GAAG,MAAMlB,gBAAgB,CAAC5E,YAAY,CAAC,CAAC;EACpD,MAAM+F,eAAe,GAAGF,OAAO,CAACG,KAAK,CAAC3F,OAAO,CAACC,GAAG,CAACC,GAAG;EAErD,IAAI,CAAC,MAAM7B,UAAU,CAACoH,MAAM,CAAC,OAAO,MAAMpH,UAAU,CAACqH,eAAe,CAAC,CAAC,EAAE;IACtE,MAAM,IAAIlH,eAAe,CACtB,uGAAsGsG,IAAI,CAACC,SAAS,CACnHU,MACF,CAAE,kCAAiCX,IAAI,CAACC,SAAS,CAACW,eAAe,CAAE,EACrE,CAAC;EACH;AACF,CAAC"}

package/lib/module/rp/__test__/index.test.js

@@ -1,6 +1,6 @@
-import { RelyingPartySolution } from "..";
+import { RelyingPartyEntityConfiguration } from "../../trust/types";
+import * as RelyingPartySolution from "..";
 import { AuthRequestDecodeError } from "../../utils/errors";
-import { RpEntityConfiguration } from "../types";
 describe("decodeAuthRequestQR", () => {
   it("should return authentication request URL", async () => {
     const qrcode = "ZXVkaXc6Ly9hdXRob3JpemU/Y2xpZW50X2lkPWh0dHBzOi8vdmVyaWZpZXIuZXhhbXBsZS5vcmcmcmVxdWVzdF91cmk9aHR0cHM6Ly92ZXJpZmllci5leGFtcGxlLm9yZy9yZXF1ZXN0X3VyaQ==";
@@ -156,7 +156,7 @@ describe("RpEntityConfiguration", () => {
         authority_hints: ["https://demo.federation.eudi.wallet.developers.italia.it"]
       }
     };
-    const result = RpEntityConfiguration.safeParse(pp);
+    const result = RelyingPartyEntityConfiguration.safeParse(pp);
     if (result.success === false) {
       throw result.error;
     }

package/lib/module/rp/__test__/index.test.js.map

@@ -1 +1 @@
-{"version":3,"names":["RelyingPartySolution","AuthRequestDecodeError","RpEntityConfiguration","describe","it","qrcode","result","decodeAuthRequestQR","expect","requestURI","toEqual","toThrowError","pp","header","alg","kid","typ","payload","exp","iat","iss","sub","jwks","keys","kty","e","n","metadata","federation_entity","organization_name","homepage_uri","policy_uri","logo_uri","contacts","wallet_relying_party","application_type","authorization_encrypted_response_alg","authorization_encrypted_response_enc","authorization_signed_response_alg","client_id","client_name","default_acr_values","default_max_age","id_token_encrypted_response_alg","id_token_encrypted_response_enc","id_token_signed_response_alg","presentation_definitions","id","input_descriptors","format","constraints","fields","filter","const","type","path","intent_to_retain","limit_disclosure","jwt","mso_mdoc","redirect_uris","request_uris","require_auth_time","subject_type","vp_formats","jwt_vp_json","crv","d","use","x","y","p","q","authority_hints","safeParse","success","error","toBe"],"sourceRoot":"../../../../src","sources":["rp/__test__/index.test.ts"],"mappings":"AAAA,SAASA,oBAAoB,QAAQ,IAAI;AACzC,SAASC,sBAAsB,QAAQ,oBAAoB;AAC3D,SAASC,qBAAqB,QAAQ,UAAU;AAEhDC,QAAQ,CAAC,qBAAqB,EAAE,MAAM;EACpCC,EAAE,CAAC,0CAA0C,EAAE,YAAY;IACzD,MAAMC,MAAM,GACV,sJAAsJ;IACxJ,MAAMC,MAAM,GAAGN,oBAAoB,CAACO,mBAAmB,CAACF,MAAM,CAAC;IAC/DG,MAAM,CAACF,MAAM,CAACG,UAAU,CAAC,CAACC,OAAO,CAC/B,0CACF,CAAC;EACH,CAAC,CAAC;EACFN,EAAE,CAAC,wCAAwC,EAAE,YAAY;IACvD,MAAMC,MAAM,GAAG,0BAA0B;IACzCG,MAAM,CAAC,MAAMR,oBAAoB,CAACO,mBAAmB,CAACF,MAAM,CAAC,CAAC,CAACM,YAAY,CACzEV,sBACF,CAAC;EACH,CAAC,CAAC;AACJ,CAAC,CAAC;AAEFE,QAAQ,CAAC,uBAAuB,EAAE,MAAM;EACtCC,EAAE,CAAC,2BAA2B,EAAE,YAAY;IAC1C,MAAMQ,EAAE,GAAG;MACTC,MAAM,EAAE;QACNC,GAAG,EAAE,OAAO;QACZC,GAAG,EAAE,6CAA6C;QAClDC,GAAG,EAAE;MACP,CAAC;MACDC,OAAO,EAAE;QACPC,GAAG,EAAE,UAAU;QACfC,GAAG,EAAE,UAAU;QACfC,GAAG,EAAE,+DAA+D;QACpEC,GAAG,EAAE,+DAA+D;QACpEC,IAAI,EAAE;UACJC,IAAI,EAAE,CACJ;YACEC,GAAG,EAAE,KAAK;YACVT,GAAG,EAAE,6CAA6C;YAClDU,CAAC,EAAE,MAAM;YACTC,CAAC,EAAE;UACL,CAAC;QAEL,CAAC;QACDC,QAAQ,EAAE;UACRC,iBAAiB,EAAE;YACjBC,iBAAiB,EAAE,iBAAiB;YACpCC,YAAY,EAAE,iCAAiC;YAC/CC,UAAU,EAAE,iCAAiC;YAC7CC,QAAQ,EAAE,iCAAiC;YAC3CC,QAAQ,EAAE,CAAC,iCAAiC;UAC9C,CAAC;UACDC,oBAAoB,EAAE;YACpBC,gBAAgB,EAAE,KAAK;YACvBC,oCAAoC,EAAE,CACpC,UAAU,EACV,cAAc,EACd,SAAS,EACT,gBAAgB,EAChB,gBAAgB,EAChB,gBAAgB,CACjB;YACDC,oCAAoC,EAAE,CACpC,eAAe,EACf,eAAe,EACf,eAAe,EACf,SAAS,EACT,SAAS,EACT,SAAS,CACV;YACDC,iCAAiC,EAAE,CACjC,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,CACR;YACDC,SAAS,EACP,+DAA+D;YACjEC,WAAW,EAAE,iCAAiC;YAC9CP,QAAQ,EAAE,CAAC,0BAA0B,CAAC;YACtCQ,kBAAkB,EAAE,CAClB,gCAAgC,EAChC,gCAAgC,CACjC;YACDC,eAAe,EAAE,IAAI;YACrBC,+BAA+B,EAAE,CAC/B,UAAU,EACV,cAAc,EACd,SAAS,EACT,gBAAgB,EAChB,gBAAgB,EAChB,gBAAgB,CACjB;YACDC,+BAA+B,EAAE,CAC/B,eAAe,EACf,eAAe,EACf,eAAe,EACf,SAAS,EACT,SAAS,EACT,SAAS,CACV;YACDC,4BAA4B,EAAE,CAC5B,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,CACR;YACDC,wBAAwB,EAAE,CACxB;cACEC,EAAE,EAAE,6CAA6C;cACjDC,iBAAiB,EAAE,CACjB;gBACED,EAAE,EAAE,6CAA6C;gBACjDE,MAAM,EAAE;kBACNC,WAAW,EAAE;oBACXC,MAAM,EAAE,CACN;sBACEC,MAAM,EAAE;wBACNC,KAAK,EAAE,0BAA0B;wBACjCC,IAAI,EAAE;sBACR,CAAC;sBACDC,IAAI,EAAE,CAAC,eAAe;oBACxB,CAAC,EACD;sBACEH,MAAM,EAAE;wBACNE,IAAI,EAAE;sBACR,CAAC;sBACDC,IAAI,EAAE,CAAC,cAAc;oBACvB,CAAC,EACD;sBACEC,gBAAgB,EAAE,MAAM;sBACxBD,IAAI,EAAE,CAAC,sBAAsB;oBAC/B,CAAC,EACD;sBACEC,gBAAgB,EAAE,MAAM;sBACxBD,IAAI,EAAE,CAAC,qBAAqB;oBAC9B,CAAC,EACD;sBACEC,gBAAgB,EAAE,MAAM;sBACxBD,IAAI,EAAE,CAAC,oBAAoB;oBAC7B,CAAC,CACF;oBACDE,gBAAgB,EAAE;kBACpB,CAAC;kBACDC,GAAG,EAAE;oBACH5C,GAAG,EAAE,CAAC,OAAO,EAAE,OAAO;kBACxB;gBACF;cACF,CAAC;YAEL,CAAC,EACD;cACEiC,EAAE,EAAE,gBAAgB;cACpBC,iBAAiB,EAAE,CACjB;gBACEC,MAAM,EAAE;kBACNC,WAAW,EAAE;oBACXC,MAAM,EAAE,CACN;sBACEC,MAAM,EAAE;wBACNC,KAAK,EAAE,uBAAuB;wBAC9BC,IAAI,EAAE;sBACR,CAAC;sBACDC,IAAI,EAAE,CAAC,gBAAgB;oBACzB,CAAC,EACD;sBACEH,MAAM,EAAE;wBACNC,KAAK,EAAE,mBAAmB;wBAC1BC,IAAI,EAAE;sBACR,CAAC;sBACDC,IAAI,EAAE,CAAC,kBAAkB;oBAC3B,CAAC,EACD;sBACEC,gBAAgB,EAAE,OAAO;sBACzBD,IAAI,EAAE,CAAC,oBAAoB;oBAC7B,CAAC,EACD;sBACEC,gBAAgB,EAAE,OAAO;sBACzBD,IAAI,EAAE,CAAC,iBAAiB;oBAC1B,CAAC,EACD;sBACEC,gBAAgB,EAAE,OAAO;sBACzBD,IAAI,EAAE,CAAC,2BAA2B;oBACpC,CAAC,CACF;oBACDE,gBAAgB,EAAE;kBACpB,CAAC;kBACDE,QAAQ,EAAE;oBACR7C,GAAG,EAAE,CAAC,OAAO,EAAE,OAAO;kBACxB;gBACF,CAAC;gBACDiC,EAAE,EAAE;cACN,CAAC;YAEL,CAAC,CACF;YACDa,aAAa,EAAE,CACb,4EAA4E,CAC7E;YACDC,YAAY,EAAE,CACZ,2EAA2E,CAC5E;YACDC,iBAAiB,EAAE,IAAI;YACvBC,YAAY,EAAE,UAAU;YACxBC,UAAU,EAAE;cACVC,WAAW,EAAE;gBACXnD,GAAG,EAAE,CAAC,OAAO,EAAE,QAAQ;cACzB;YACF,CAAC;YACDQ,IAAI,EAAE,CACJ;cACE4C,GAAG,EAAE,OAAO;cACZC,CAAC,EAAE,6CAA6C;cAChDpD,GAAG,EAAE,6CAA6C;cAClDqD,GAAG,EAAE,KAAK;cACV5C,GAAG,EAAE,IAAI;cACT6C,CAAC,EAAE,6CAA6C;cAChDC,CAAC,EAAE;YACL,CAAC,EACD;cACE9C,GAAG,EAAE,KAAK;cACV2C,CAAC,EAAE,wVAAwV;cAC3V1C,CAAC,EAAE,MAAM;cACT2C,GAAG,EAAE,KAAK;cACVrD,GAAG,EAAE,6CAA6C;cAClDW,CAAC,EAAE,wVAAwV;cAC3V6C,CAAC,EAAE,6KAA6K;cAChLC,CAAC,EAAE;YACL,CAAC;UAEL;QACF,CAAC;QACDC,eAAe,EAAE,CACf,0DAA0D;MAE9D;IACF,CAAC;IACD,MAAMnE,MAAM,GAAGJ,qBAAqB,CAACwE,SAAS,CAAC9D,EAAE,CAAC;IAClD,IAAIN,MAAM,CAACqE,OAAO,KAAK,KAAK,EAAE;MAC5B,MAAMrE,MAAM,CAACsE,KAAK;IACpB;IACApE,MAAM,CAACF,MAAM,CAACqE,OAAO,CAAC,CAACE,IAAI,CAAC,IAAI,CAAC;EACnC,CAAC,CAAC;AACJ,CAAC,CAAC"}
+{"version":3,"names":["RelyingPartyEntityConfiguration","RelyingPartySolution","AuthRequestDecodeError","describe","it","qrcode","result","decodeAuthRequestQR","expect","requestURI","toEqual","toThrowError","pp","header","alg","kid","typ","payload","exp","iat","iss","sub","jwks","keys","kty","e","n","metadata","federation_entity","organization_name","homepage_uri","policy_uri","logo_uri","contacts","wallet_relying_party","application_type","authorization_encrypted_response_alg","authorization_encrypted_response_enc","authorization_signed_response_alg","client_id","client_name","default_acr_values","default_max_age","id_token_encrypted_response_alg","id_token_encrypted_response_enc","id_token_signed_response_alg","presentation_definitions","id","input_descriptors","format","constraints","fields","filter","const","type","path","intent_to_retain","limit_disclosure","jwt","mso_mdoc","redirect_uris","request_uris","require_auth_time","subject_type","vp_formats","jwt_vp_json","crv","d","use","x","y","p","q","authority_hints","safeParse","success","error","toBe"],"sourceRoot":"../../../../src","sources":["rp/__test__/index.test.ts"],"mappings":"AAAA,SAASA,+BAA+B,QAAQ,mBAAmB;AACnE,OAAO,KAAKC,oBAAoB,MAAM,IAAI;AAC1C,SAASC,sBAAsB,QAAQ,oBAAoB;AAE3DC,QAAQ,CAAC,qBAAqB,EAAE,MAAM;EACpCC,EAAE,CAAC,0CAA0C,EAAE,YAAY;IACzD,MAAMC,MAAM,GACV,sJAAsJ;IACxJ,MAAMC,MAAM,GAAGL,oBAAoB,CAACM,mBAAmB,CAACF,MAAM,CAAC;IAC/DG,MAAM,CAACF,MAAM,CAACG,UAAU,CAAC,CAACC,OAAO,CAC/B,0CACF,CAAC;EACH,CAAC,CAAC;EACFN,EAAE,CAAC,wCAAwC,EAAE,YAAY;IACvD,MAAMC,MAAM,GAAG,0BAA0B;IACzCG,MAAM,CAAC,MAAMP,oBAAoB,CAACM,mBAAmB,CAACF,MAAM,CAAC,CAAC,CAACM,YAAY,CACzET,sBACF,CAAC;EACH,CAAC,CAAC;AACJ,CAAC,CAAC;AAEFC,QAAQ,CAAC,uBAAuB,EAAE,MAAM;EACtCC,EAAE,CAAC,2BAA2B,EAAE,YAAY;IAC1C,MAAMQ,EAAE,GAAG;MACTC,MAAM,EAAE;QACNC,GAAG,EAAE,OAAO;QACZC,GAAG,EAAE,6CAA6C;QAClDC,GAAG,EAAE;MACP,CAAC;MACDC,OAAO,EAAE;QACPC,GAAG,EAAE,UAAU;QACfC,GAAG,EAAE,UAAU;QACfC,GAAG,EAAE,+DAA+D;QACpEC,GAAG,EAAE,+DAA+D;QACpEC,IAAI,EAAE;UACJC,IAAI,EAAE,CACJ;YACEC,GAAG,EAAE,KAAK;YACVT,GAAG,EAAE,6CAA6C;YAClDU,CAAC,EAAE,MAAM;YACTC,CAAC,EAAE;UACL,CAAC;QAEL,CAAC;QACDC,QAAQ,EAAE;UACRC,iBAAiB,EAAE;YACjBC,iBAAiB,EAAE,iBAAiB;YACpCC,YAAY,EAAE,iCAAiC;YAC/CC,UAAU,EAAE,iCAAiC;YAC7CC,QAAQ,EAAE,iCAAiC;YAC3CC,QAAQ,EAAE,CAAC,iCAAiC;UAC9C,CAAC;UACDC,oBAAoB,EAAE;YACpBC,gBAAgB,EAAE,KAAK;YACvBC,oCAAoC,EAAE,CACpC,UAAU,EACV,cAAc,EACd,SAAS,EACT,gBAAgB,EAChB,gBAAgB,EAChB,gBAAgB,CACjB;YACDC,oCAAoC,EAAE,CACpC,eAAe,EACf,eAAe,EACf,eAAe,EACf,SAAS,EACT,SAAS,EACT,SAAS,CACV;YACDC,iCAAiC,EAAE,CACjC,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,CACR;YACDC,SAAS,EACP,+DAA+D;YACjEC,WAAW,EAAE,iCAAiC;YAC9CP,QAAQ,EAAE,CAAC,0BAA0B,CAAC;YACtCQ,kBAAkB,EAAE,CAClB,gCAAgC,EAChC,gCAAgC,CACjC;YACDC,eAAe,EAAE,IAAI;YACrBC,+BAA+B,EAAE,CAC/B,UAAU,EACV,cAAc,EACd,SAAS,EACT,gBAAgB,EAChB,gBAAgB,EAChB,gBAAgB,CACjB;YACDC,+BAA+B,EAAE,CAC/B,eAAe,EACf,eAAe,EACf,eAAe,EACf,SAAS,EACT,SAAS,EACT,SAAS,CACV;YACDC,4BAA4B,EAAE,CAC5B,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,CACR;YACDC,wBAAwB,EAAE,CACxB;cACEC,EAAE,EAAE,6CAA6C;cACjDC,iBAAiB,EAAE,CACjB;gBACED,EAAE,EAAE,6CAA6C;gBACjDE,MAAM,EAAE;kBACNC,WAAW,EAAE;oBACXC,MAAM,EAAE,CACN;sBACEC,MAAM,EAAE;wBACNC,KAAK,EAAE,0BAA0B;wBACjCC,IAAI,EAAE;sBACR,CAAC;sBACDC,IAAI,EAAE,CAAC,eAAe;oBACxB,CAAC,EACD;sBACEH,MAAM,EAAE;wBACNE,IAAI,EAAE;sBACR,CAAC;sBACDC,IAAI,EAAE,CAAC,cAAc;oBACvB,CAAC,EACD;sBACEC,gBAAgB,EAAE,MAAM;sBACxBD,IAAI,EAAE,CAAC,sBAAsB;oBAC/B,CAAC,EACD;sBACEC,gBAAgB,EAAE,MAAM;sBACxBD,IAAI,EAAE,CAAC,qBAAqB;oBAC9B,CAAC,EACD;sBACEC,gBAAgB,EAAE,MAAM;sBACxBD,IAAI,EAAE,CAAC,oBAAoB;oBAC7B,CAAC,CACF;oBACDE,gBAAgB,EAAE;kBACpB,CAAC;kBACDC,GAAG,EAAE;oBACH5C,GAAG,EAAE,CAAC,OAAO,EAAE,OAAO;kBACxB;gBACF;cACF,CAAC;YAEL,CAAC,EACD;cACEiC,EAAE,EAAE,gBAAgB;cACpBC,iBAAiB,EAAE,CACjB;gBACEC,MAAM,EAAE;kBACNC,WAAW,EAAE;oBACXC,MAAM,EAAE,CACN;sBACEC,MAAM,EAAE;wBACNC,KAAK,EAAE,uBAAuB;wBAC9BC,IAAI,EAAE;sBACR,CAAC;sBACDC,IAAI,EAAE,CAAC,gBAAgB;oBACzB,CAAC,EACD;sBACEH,MAAM,EAAE;wBACNC,KAAK,EAAE,mBAAmB;wBAC1BC,IAAI,EAAE;sBACR,CAAC;sBACDC,IAAI,EAAE,CAAC,kBAAkB;oBAC3B,CAAC,EACD;sBACEC,gBAAgB,EAAE,OAAO;sBACzBD,IAAI,EAAE,CAAC,oBAAoB;oBAC7B,CAAC,EACD;sBACEC,gBAAgB,EAAE,OAAO;sBACzBD,IAAI,EAAE,CAAC,iBAAiB;oBAC1B,CAAC,EACD;sBACEC,gBAAgB,EAAE,OAAO;sBACzBD,IAAI,EAAE,CAAC,2BAA2B;oBACpC,CAAC,CACF;oBACDE,gBAAgB,EAAE;kBACpB,CAAC;kBACDE,QAAQ,EAAE;oBACR7C,GAAG,EAAE,CAAC,OAAO,EAAE,OAAO;kBACxB;gBACF,CAAC;gBACDiC,EAAE,EAAE;cACN,CAAC;YAEL,CAAC,CACF;YACDa,aAAa,EAAE,CACb,4EAA4E,CAC7E;YACDC,YAAY,EAAE,CACZ,2EAA2E,CAC5E;YACDC,iBAAiB,EAAE,IAAI;YACvBC,YAAY,EAAE,UAAU;YACxBC,UAAU,EAAE;cACVC,WAAW,EAAE;gBACXnD,GAAG,EAAE,CAAC,OAAO,EAAE,QAAQ;cACzB;YACF,CAAC;YACDQ,IAAI,EAAE,CACJ;cACE4C,GAAG,EAAE,OAAO;cACZC,CAAC,EAAE,6CAA6C;cAChDpD,GAAG,EAAE,6CAA6C;cAClDqD,GAAG,EAAE,KAAK;cACV5C,GAAG,EAAE,IAAI;cACT6C,CAAC,EAAE,6CAA6C;cAChDC,CAAC,EAAE;YACL,CAAC,EACD;cACE9C,GAAG,EAAE,KAAK;cACV2C,CAAC,EAAE,wVAAwV;cAC3V1C,CAAC,EAAE,MAAM;cACT2C,GAAG,EAAE,KAAK;cACVrD,GAAG,EAAE,6CAA6C;cAClDW,CAAC,EAAE,wVAAwV;cAC3V6C,CAAC,EAAE,6KAA6K;cAChLC,CAAC,EAAE;YACL,CAAC;UAEL;QACF,CAAC;QACDC,eAAe,EAAE,CACf,0DAA0D;MAE9D;IACF,CAAC;IACD,MAAMnE,MAAM,GAAGN,+BAA+B,CAAC0E,SAAS,CAAC9D,EAAE,CAAC;IAC5D,IAAIN,MAAM,CAACqE,OAAO,KAAK,KAAK,EAAE;MAC5B,MAAMrE,MAAM,CAACsE,KAAK;IACpB;IACApE,MAAM,CAACF,MAAM,CAACqE,OAAO,CAAC,CAACE,IAAI,CAAC,IAAI,CAAC;EACnC,CAAC,CAAC;AACJ,CAAC,CAAC"}