@pagopa/io-react-native-wallet 0.5.0 → 0.6.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +52 -19
- package/lib/commonjs/index.js +34 -18
- package/lib/commonjs/index.js.map +1 -1
- package/lib/commonjs/pid/issuing.js +22 -28
- package/lib/commonjs/pid/issuing.js.map +1 -1
- package/lib/commonjs/rp/__test__/index.test.js +2 -2
- package/lib/commonjs/rp/__test__/index.test.js.map +1 -1
- package/lib/commonjs/rp/index.js +5 -19
- package/lib/commonjs/rp/index.js.map +1 -1
- package/lib/commonjs/rp/types.js +1 -21
- package/lib/commonjs/rp/types.js.map +1 -1
- package/lib/commonjs/trust/index.js +24 -5
- package/lib/commonjs/trust/index.js.map +1 -1
- package/lib/commonjs/trust/types.js +95 -4
- package/lib/commonjs/trust/types.js.map +1 -1
- package/lib/commonjs/wallet-instance-attestation/issuing.js +5 -13
- package/lib/commonjs/wallet-instance-attestation/issuing.js.map +1 -1
- package/lib/module/index.js +3 -5
- package/lib/module/index.js.map +1 -1
- package/lib/module/pid/issuing.js +16 -23
- package/lib/module/pid/issuing.js.map +1 -1
- package/lib/module/rp/__test__/index.test.js +2 -2
- package/lib/module/rp/__test__/index.test.js.map +1 -1
- package/lib/module/rp/index.js +2 -17
- package/lib/module/rp/index.js.map +1 -1
- package/lib/module/rp/types.js +0 -20
- package/lib/module/rp/types.js.map +1 -1
- package/lib/module/trust/index.js +19 -5
- package/lib/module/trust/index.js.map +1 -1
- package/lib/module/trust/types.js +94 -2
- package/lib/module/trust/types.js.map +1 -1
- package/lib/module/wallet-instance-attestation/issuing.js +5 -13
- package/lib/module/wallet-instance-attestation/issuing.js.map +1 -1
- package/lib/typescript/index.d.ts +3 -5
- package/lib/typescript/index.d.ts.map +1 -1
- package/lib/typescript/pid/issuing.d.ts +3 -12
- package/lib/typescript/pid/issuing.d.ts.map +1 -1
- package/lib/typescript/rp/index.d.ts +4 -12
- package/lib/typescript/rp/index.d.ts.map +1 -1
- package/lib/typescript/rp/types.d.ts +4 -1256
- package/lib/typescript/rp/types.d.ts.map +1 -1
- package/lib/typescript/trust/index.d.ts +806 -3
- package/lib/typescript/trust/index.d.ts.map +1 -1
- package/lib/typescript/trust/types.d.ts +8637 -5
- package/lib/typescript/trust/types.d.ts.map +1 -1
- package/lib/typescript/wallet-instance-attestation/issuing.d.ts +2 -1
- package/lib/typescript/wallet-instance-attestation/issuing.d.ts.map +1 -1
- package/lib/typescript/wallet-instance-attestation/types.d.ts +4 -4
- package/package.json +1 -1
- package/src/index.ts +19 -10
- package/src/pid/issuing.ts +24 -30
- package/src/rp/__test__/index.test.ts +2 -2
- package/src/rp/index.ts +8 -22
- package/src/rp/types.ts +0 -24
- package/src/trust/index.ts +106 -5
- package/src/trust/types.ts +114 -3
- package/src/wallet-instance-attestation/issuing.ts +10 -15
- package/lib/commonjs/pid/metadata.js +0 -52
- package/lib/commonjs/pid/metadata.js.map +0 -1
- package/lib/module/pid/metadata.js +0 -44
- package/lib/module/pid/metadata.js.map +0 -1
- package/lib/typescript/pid/metadata.d.ts +0 -1412
- package/lib/typescript/pid/metadata.d.ts.map +0 -1
- package/src/pid/metadata.ts +0 -51
package/README.md
CHANGED
|
@@ -51,29 +51,38 @@ This package is compatibile with any http client which implements [Fetch API](ht
|
|
|
51
51
|
#### Issuing
|
|
52
52
|
|
|
53
53
|
```ts
|
|
54
|
-
import {
|
|
54
|
+
import {
|
|
55
|
+
PID,
|
|
56
|
+
createCryptoContextFor,
|
|
57
|
+
getCredentialIssuerEntityConfiguration,
|
|
58
|
+
} from "@pagopa/io-react-native-wallet";
|
|
55
59
|
|
|
56
60
|
// Obtain PID metadata
|
|
57
|
-
const pidEntityConfiguration = await
|
|
58
|
-
|
|
61
|
+
const pidEntityConfiguration = await getCredentialIssuerEntityConfiguration(
|
|
62
|
+
"https://pid-provider.example"
|
|
59
63
|
);
|
|
60
64
|
|
|
61
65
|
// Auth Token request
|
|
62
66
|
const authRequest = PID.Issuing.authorizeIssuing({ wiaCryptoContext });
|
|
63
67
|
const authConf = await authRequest(
|
|
64
|
-
instanceAttestation,
|
|
65
|
-
walletProviderBaseUrl,
|
|
68
|
+
/* signed instance attestation */ instanceAttestation,
|
|
69
|
+
/* the relative wallet provided */ walletProviderBaseUrl,
|
|
66
70
|
pidEntityConfiguration
|
|
67
71
|
);
|
|
68
72
|
|
|
69
73
|
// Credential request
|
|
70
74
|
const credentialRequest = PID.Issuing.getCredential({ pidCryptoContext });
|
|
71
|
-
const pid = await credentialRequest(
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
75
|
+
const pid = await credentialRequest(
|
|
76
|
+
authConf,
|
|
77
|
+
pidEntityConfiguration,
|
|
78
|
+
/* Some personal data */
|
|
79
|
+
{
|
|
80
|
+
birthDate: "01/01/1990",
|
|
81
|
+
fiscalCode: "AAABBB00A00A000A",
|
|
82
|
+
name: "NAME",
|
|
83
|
+
surname: "SURNAME",
|
|
84
|
+
}
|
|
85
|
+
);
|
|
77
86
|
```
|
|
78
87
|
|
|
79
88
|
#### Encode and Decode
|
|
@@ -96,17 +105,23 @@ PID.SdJwt.verify("<token>");
|
|
|
96
105
|
import {
|
|
97
106
|
WalletInstanceAttestation,
|
|
98
107
|
createCryptoContextFor,
|
|
108
|
+
getWalletProviderEntityConfiguration,
|
|
99
109
|
} from "@pagopa/io-react-native-wallet";
|
|
100
|
-
// create crypto
|
|
110
|
+
// create crypto context for the key pair associated with the Wallet Instance Attestation
|
|
101
111
|
const wiaCryptoContext = createCryptoContextFor("wia-keytag");
|
|
102
112
|
|
|
113
|
+
// obtain Wallet Provider metadata
|
|
114
|
+
const entityConfiguration = await getWalletProviderEntityConfiguration(
|
|
115
|
+
"https://wallet-provider.example"
|
|
116
|
+
);
|
|
117
|
+
|
|
103
118
|
// prepare the request
|
|
104
119
|
const wiaRequest = WalletInstanceAttestation.getAttestation({
|
|
105
120
|
wiaCryptoContext,
|
|
106
121
|
});
|
|
107
122
|
|
|
108
|
-
// request
|
|
109
|
-
const
|
|
123
|
+
// request the signed Wallet Instance Attestation to the Wallet Provider
|
|
124
|
+
const signedWIA = await wiaRequest(entityConfiguration);
|
|
110
125
|
```
|
|
111
126
|
|
|
112
127
|
#### Encode and Decode
|
|
@@ -119,18 +134,32 @@ WalletInstanceAttestation.decode("<token>");
|
|
|
119
134
|
|
|
120
135
|
### Relying Party
|
|
121
136
|
|
|
122
|
-
#### Credential presentation
|
|
137
|
+
#### Credential presentation (PID)
|
|
123
138
|
|
|
124
139
|
```ts
|
|
125
|
-
import {
|
|
140
|
+
import {
|
|
141
|
+
RelyingPartySolution,
|
|
142
|
+
createCryptoContextFor,
|
|
143
|
+
getRelyingPartyEntityConfiguration,
|
|
144
|
+
} from "@pagopa/io-react-native-wallet";
|
|
145
|
+
|
|
146
|
+
// create crypto context for the key pair associated with the Wallet Instance Attestation
|
|
147
|
+
const wiaCryptoContext = createCryptoContextFor("wia-keytag");
|
|
148
|
+
// create crypto context for the key pair associated with PID stored in the device
|
|
149
|
+
const pidCryptoContext = createCryptoContextFor("pid-keytag");
|
|
150
|
+
|
|
151
|
+
// resolve RP's entity configuration
|
|
152
|
+
const entityConfiguration = await getRelyingPartyEntityConfiguration(
|
|
153
|
+
"https://relying-party.example"
|
|
154
|
+
);
|
|
126
155
|
|
|
127
156
|
// get request object
|
|
128
157
|
const getRequestObject = RelyingPartySolution.getRequestObject({
|
|
129
158
|
wiaCryptoContext,
|
|
130
159
|
});
|
|
131
160
|
const requestObj = await getRequestObject(
|
|
132
|
-
walletInstanceAttestation,
|
|
133
|
-
|
|
161
|
+
/* signed instance attestation */ walletInstanceAttestation,
|
|
162
|
+
/* url to request authorization to */ authorizationUrl,
|
|
134
163
|
entityConfiguration
|
|
135
164
|
);
|
|
136
165
|
|
|
@@ -139,7 +168,11 @@ const sendAuthorizationResponse =
|
|
|
139
168
|
RelyingPartySolution.sendAuthorizationResponse({
|
|
140
169
|
pidCryptoContext,
|
|
141
170
|
});
|
|
142
|
-
|
|
171
|
+
|
|
172
|
+
const result = await sendAuthorizationResponse(requestObj, [
|
|
173
|
+
/* signed PID token */ pidToken,
|
|
174
|
+
/* array of claims to disclose from PID */ claims,
|
|
175
|
+
]);
|
|
143
176
|
```
|
|
144
177
|
|
|
145
178
|
## Example
|
package/lib/commonjs/index.js
CHANGED
|
@@ -3,43 +3,43 @@
|
|
|
3
3
|
Object.defineProperty(exports, "__esModule", {
|
|
4
4
|
value: true
|
|
5
5
|
});
|
|
6
|
-
Object.defineProperty(exports, "
|
|
6
|
+
Object.defineProperty(exports, "CredentialIssuerEntityConfiguration", {
|
|
7
7
|
enumerable: true,
|
|
8
8
|
get: function () {
|
|
9
|
-
return
|
|
9
|
+
return _types.CredentialIssuerEntityConfiguration;
|
|
10
10
|
}
|
|
11
11
|
});
|
|
12
|
-
|
|
12
|
+
exports.RP = exports.PID = exports.Errors = void 0;
|
|
13
|
+
Object.defineProperty(exports, "RelyingPartyEntityConfiguration", {
|
|
13
14
|
enumerable: true,
|
|
14
15
|
get: function () {
|
|
15
|
-
return
|
|
16
|
+
return _types.RelyingPartyEntityConfiguration;
|
|
16
17
|
}
|
|
17
18
|
});
|
|
18
|
-
exports.
|
|
19
|
-
Object.defineProperty(exports, "
|
|
19
|
+
exports.RelyingPartySolution = void 0;
|
|
20
|
+
Object.defineProperty(exports, "TrustAnchorEntityConfiguration", {
|
|
20
21
|
enumerable: true,
|
|
21
22
|
get: function () {
|
|
22
|
-
return
|
|
23
|
+
return _types.TrustAnchorEntityConfiguration;
|
|
23
24
|
}
|
|
24
25
|
});
|
|
25
|
-
exports.
|
|
26
|
-
Object.defineProperty(exports, "
|
|
26
|
+
exports.WalletInstanceAttestation = void 0;
|
|
27
|
+
Object.defineProperty(exports, "WalletProviderEntityConfiguration", {
|
|
27
28
|
enumerable: true,
|
|
28
29
|
get: function () {
|
|
29
|
-
return _types.
|
|
30
|
+
return _types.WalletProviderEntityConfiguration;
|
|
30
31
|
}
|
|
31
32
|
});
|
|
32
|
-
Object.defineProperty(exports, "
|
|
33
|
+
Object.defineProperty(exports, "createCryptoContextFor", {
|
|
33
34
|
enumerable: true,
|
|
34
35
|
get: function () {
|
|
35
|
-
return
|
|
36
|
+
return _crypto.createCryptoContextFor;
|
|
36
37
|
}
|
|
37
38
|
});
|
|
38
|
-
exports
|
|
39
|
-
Object.defineProperty(exports, "createCryptoContextFor", {
|
|
39
|
+
Object.defineProperty(exports, "getCredentialIssuerEntityConfiguration", {
|
|
40
40
|
enumerable: true,
|
|
41
41
|
get: function () {
|
|
42
|
-
return
|
|
42
|
+
return _trust.getCredentialIssuerEntityConfiguration;
|
|
43
43
|
}
|
|
44
44
|
});
|
|
45
45
|
Object.defineProperty(exports, "getEntityConfiguration", {
|
|
@@ -48,6 +48,24 @@ Object.defineProperty(exports, "getEntityConfiguration", {
|
|
|
48
48
|
return _trust.getEntityConfiguration;
|
|
49
49
|
}
|
|
50
50
|
});
|
|
51
|
+
Object.defineProperty(exports, "getRelyingPartyEntityConfiguration", {
|
|
52
|
+
enumerable: true,
|
|
53
|
+
get: function () {
|
|
54
|
+
return _trust.getRelyingPartyEntityConfiguration;
|
|
55
|
+
}
|
|
56
|
+
});
|
|
57
|
+
Object.defineProperty(exports, "getTrustAnchorEntityConfiguration", {
|
|
58
|
+
enumerable: true,
|
|
59
|
+
get: function () {
|
|
60
|
+
return _trust.getTrustAnchorEntityConfiguration;
|
|
61
|
+
}
|
|
62
|
+
});
|
|
63
|
+
Object.defineProperty(exports, "getWalletProviderEntityConfiguration", {
|
|
64
|
+
enumerable: true,
|
|
65
|
+
get: function () {
|
|
66
|
+
return _trust.getWalletProviderEntityConfiguration;
|
|
67
|
+
}
|
|
68
|
+
});
|
|
51
69
|
Object.defineProperty(exports, "verifyTrustChain", {
|
|
52
70
|
enumerable: true,
|
|
53
71
|
get: function () {
|
|
@@ -65,11 +83,9 @@ var Errors = _interopRequireWildcard(require("./utils/errors"));
|
|
|
65
83
|
exports.Errors = Errors;
|
|
66
84
|
var WalletInstanceAttestation = _interopRequireWildcard(require("./wallet-instance-attestation"));
|
|
67
85
|
exports.WalletInstanceAttestation = WalletInstanceAttestation;
|
|
68
|
-
var _types = require("./rp/types");
|
|
69
86
|
var _trust = require("./trust");
|
|
70
|
-
var
|
|
87
|
+
var _types = require("./trust/types");
|
|
71
88
|
var _crypto = require("./utils/crypto");
|
|
72
|
-
var _metadata = require("./pid/metadata");
|
|
73
89
|
function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
|
|
74
90
|
function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
|
|
75
91
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["require","PID","_interopRequireWildcard","exports","RP","RelyingPartySolution","Errors","WalletInstanceAttestation","
|
|
1
|
+
{"version":3,"names":["require","PID","_interopRequireWildcard","exports","RP","RelyingPartySolution","Errors","WalletInstanceAttestation","_trust","_types","_crypto","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set"],"sourceRoot":"../../src","sources":["index.ts"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEAA,OAAA;AAEA,IAAAC,GAAA,GAAAC,uBAAA,CAAAF,OAAA;AAA6BG,OAAA,CAAAF,GAAA,GAAAA,GAAA;AAC7B,IAAAG,EAAA,GAAAF,uBAAA,CAAAF,OAAA;AAA2B,IAAAK,oBAAA,GAAAD,EAAA;AAAAD,OAAA,CAAAC,EAAA,GAAAA,EAAA;AAAAD,OAAA,CAAAE,oBAAA,GAAAD,EAAA;AAC3B,IAAAE,MAAA,GAAAJ,uBAAA,CAAAF,OAAA;AAAyCG,OAAA,CAAAG,MAAA,GAAAA,MAAA;AACzC,IAAAC,yBAAA,GAAAL,uBAAA,CAAAF,OAAA;AAA2EG,OAAA,CAAAI,yBAAA,GAAAA,yBAAA;AAE3E,IAAAC,MAAA,GAAAR,OAAA;AAQA,IAAAS,MAAA,GAAAT,OAAA;AAMA,IAAAU,OAAA,GAAAV,OAAA;AAAwD,SAAAW,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAV,wBAAAc,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA"}
|
|
@@ -3,37 +3,26 @@
|
|
|
3
3
|
Object.defineProperty(exports, "__esModule", {
|
|
4
4
|
value: true
|
|
5
5
|
});
|
|
6
|
-
exports.
|
|
6
|
+
exports.getCredential = exports.authorizeIssuing = void 0;
|
|
7
7
|
var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
|
|
8
8
|
var _jwk = require("../utils/jwk");
|
|
9
9
|
var _reactNativeUuid = _interopRequireDefault(require("react-native-uuid"));
|
|
10
10
|
var _errors = require("../utils/errors");
|
|
11
11
|
var _dpop = require("../utils/dpop");
|
|
12
|
-
var
|
|
13
|
-
var _2 = require("..");
|
|
12
|
+
var WalletInstanceAttestation = _interopRequireWildcard(require("../wallet-instance-attestation"));
|
|
14
13
|
var _ioReactNativeCrypto = require("@pagopa/io-react-native-crypto");
|
|
15
|
-
var
|
|
14
|
+
var _2 = require(".");
|
|
15
|
+
var _crypto = require("../utils/crypto");
|
|
16
|
+
function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
|
|
17
|
+
function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
|
|
16
18
|
function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
|
|
17
19
|
// This is a temporary type that will be used for demo purposes only
|
|
18
20
|
|
|
19
|
-
|
|
20
|
-
* Obtain the PID provider entity configuration.
|
|
21
|
-
*/
|
|
22
|
-
const getEntityConfiguration = function () {
|
|
23
|
-
let {
|
|
24
|
-
appFetch = fetch
|
|
25
|
-
} = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};
|
|
26
|
-
return async relyingPartyBaseUrl => {
|
|
27
|
-
return (0, _2.getEntityConfiguration)(relyingPartyBaseUrl, {
|
|
28
|
-
appFetch: appFetch
|
|
29
|
-
}).then(_metadata.PidIssuerEntityConfiguration.parse);
|
|
30
|
-
};
|
|
31
|
-
};
|
|
21
|
+
const assertionType = "urn:ietf:params:oauth:client-assertion-type:jwt-client-attestation";
|
|
32
22
|
|
|
33
23
|
/**
|
|
34
24
|
* Make a PAR request to the PID issuer and return the response url
|
|
35
25
|
*/
|
|
36
|
-
exports.getEntityConfiguration = getEntityConfiguration;
|
|
37
26
|
const getPar = _ref => {
|
|
38
27
|
let {
|
|
39
28
|
wiaCryptoContext,
|
|
@@ -45,17 +34,21 @@ const getPar = _ref => {
|
|
|
45
34
|
// The signature can be verified by reading the public key from the key set shippet with the it will ship the Wallet Instance Attestation;
|
|
46
35
|
// key is matched by its kid, which is supposed to be the thumbprint of its public key.
|
|
47
36
|
const keyThumbprint = await wiaCryptoContext.getPublicKey().then(_jwk.JWK.parse).then(_ioReactNativeJwt.thumbprint);
|
|
37
|
+
const iss = WalletInstanceAttestation.decode(walletInstanceAttestation).payload.cnf.jwk.kid;
|
|
48
38
|
const codeChallenge = await (0, _ioReactNativeJwt.sha256ToBase64)(codeVerifier);
|
|
49
39
|
const signedJwtForPar = await new _ioReactNativeJwt.SignJWT(wiaCryptoContext).setProtectedHeader({
|
|
50
40
|
kid: keyThumbprint
|
|
51
41
|
}).setPayload({
|
|
52
|
-
|
|
42
|
+
iss,
|
|
43
|
+
aud: pidProviderEntityConfiguration.payload.iss,
|
|
44
|
+
jti: `${_reactNativeUuid.default.v4()}`,
|
|
45
|
+
client_assertion_type: assertionType,
|
|
53
46
|
authorization_details: [{
|
|
54
|
-
|
|
55
|
-
type:
|
|
47
|
+
credential_definition: {
|
|
48
|
+
type: "PersonIdentificationData"
|
|
56
49
|
},
|
|
57
50
|
format: "vc+sd-jwt",
|
|
58
|
-
type: "
|
|
51
|
+
type: "openid_credential"
|
|
59
52
|
}],
|
|
60
53
|
response_type: "code",
|
|
61
54
|
code_challenge_method: "s256",
|
|
@@ -70,7 +63,7 @@ const getPar = _ref => {
|
|
|
70
63
|
client_id: clientId,
|
|
71
64
|
code_challenge: codeChallenge,
|
|
72
65
|
code_challenge_method: "S256",
|
|
73
|
-
client_assertion_type:
|
|
66
|
+
client_assertion_type: assertionType,
|
|
74
67
|
client_assertion: walletInstanceAttestation,
|
|
75
68
|
request: signedJwtForPar
|
|
76
69
|
};
|
|
@@ -119,7 +112,7 @@ const authorizeIssuing = _ref2 => {
|
|
|
119
112
|
// Use an ephemeral key to be destroyed after use
|
|
120
113
|
const keytag = `ephemeral-${_reactNativeUuid.default.v4()}`;
|
|
121
114
|
await (0, _ioReactNativeCrypto.generate)(keytag);
|
|
122
|
-
const ephemeralContext = (0,
|
|
115
|
+
const ephemeralContext = (0, _crypto.createCryptoContextFor)(keytag);
|
|
123
116
|
const signedDPop = await (0, _dpop.createDPopToken)({
|
|
124
117
|
htm: "POST",
|
|
125
118
|
htu: tokenUrl,
|
|
@@ -131,7 +124,7 @@ const authorizeIssuing = _ref2 => {
|
|
|
131
124
|
client_id: clientId,
|
|
132
125
|
code: authorizationCode,
|
|
133
126
|
code_verifier: codeVerifier,
|
|
134
|
-
client_assertion_type:
|
|
127
|
+
client_assertion_type: assertionType,
|
|
135
128
|
client_assertion: walletInstanceAttestation,
|
|
136
129
|
redirect_uri: walletProviderBaseUrl
|
|
137
130
|
};
|
|
@@ -168,7 +161,8 @@ const authorizeIssuing = _ref2 => {
|
|
|
168
161
|
exports.authorizeIssuing = authorizeIssuing;
|
|
169
162
|
const createNonceProof = async (nonce, issuer, audience, ctx) => {
|
|
170
163
|
return new _ioReactNativeJwt.SignJWT(ctx).setPayload({
|
|
171
|
-
nonce
|
|
164
|
+
nonce,
|
|
165
|
+
jwk: await ctx.getPublicKey()
|
|
172
166
|
}).setProtectedHeader({
|
|
173
167
|
type: "openid4vci-proof+jwt"
|
|
174
168
|
}).setAudience(audience).setIssuer(issuer).setIssuedAt().setExpirationTime("1h").sign();
|
|
@@ -204,7 +198,7 @@ const getCredential = _ref3 => {
|
|
|
204
198
|
const credentialUrl = pidProviderEntityConfiguration.payload.metadata.openid_credential_issuer.credential_endpoint;
|
|
205
199
|
const requestBody = {
|
|
206
200
|
credential_definition: JSON.stringify({
|
|
207
|
-
type: ["
|
|
201
|
+
type: ["PersonIdentificationData"]
|
|
208
202
|
}),
|
|
209
203
|
format: "vc+sd-jwt",
|
|
210
204
|
proof: JSON.stringify({
|
|
@@ -233,7 +227,7 @@ const getCredential = _ref3 => {
|
|
|
233
227
|
};
|
|
234
228
|
exports.getCredential = getCredential;
|
|
235
229
|
const validatePid = async (pidJwt, pidCryptoContext) => {
|
|
236
|
-
const decoded =
|
|
230
|
+
const decoded = _2.SdJwt.decode(pidJwt);
|
|
237
231
|
const pidKey = await pidCryptoContext.getPublicKey();
|
|
238
232
|
const holderBindedKey = decoded.sdJwt.payload.cnf.jwk;
|
|
239
233
|
if ((await (0, _ioReactNativeJwt.thumbprint)(pidKey)) !== (await (0, _ioReactNativeJwt.thumbprint)(holderBindedKey))) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_ioReactNativeJwt","require","_jwk","_reactNativeUuid","_interopRequireDefault","_errors","_dpop","
|
|
1
|
+
{"version":3,"names":["_ioReactNativeJwt","require","_jwk","_reactNativeUuid","_interopRequireDefault","_errors","_dpop","WalletInstanceAttestation","_interopRequireWildcard","_ioReactNativeCrypto","_2","_crypto","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","assertionType","getPar","_ref","wiaCryptoContext","appFetch","fetch","clientId","codeVerifier","walletProviderBaseUrl","pidProviderEntityConfiguration","walletInstanceAttestation","keyThumbprint","getPublicKey","then","JWK","parse","thumbprint","iss","decode","payload","cnf","jwk","kid","codeChallenge","sha256ToBase64","signedJwtForPar","SignJWT","setProtectedHeader","setPayload","aud","jti","uuid","v4","client_assertion_type","authorization_details","credential_definition","type","format","response_type","code_challenge_method","redirect_uri","state","client_id","code_challenge","setIssuedAt","setExpirationTime","sign","parUrl","metadata","openid_credential_issuer","pushed_authorization_request_endpoint","requestBody","client_assertion","request","formBody","URLSearchParams","response","method","headers","body","toString","status","result","json","request_uri","PidIssuingError","text","authorizeIssuing","_ref2","_","authorizationCode","tokenUrl","token_endpoint","keytag","generate","ephemeralContext","createCryptoContextFor","signedDPop","createDPopToken","htm","htu","deleteKey","grant_type","code","code_verifier","DPoP","c_nonce","access_token","accessToken","nonce","exports","createNonceProof","issuer","audience","ctx","setAudience","setIssuer","getCredential","_ref3","pidCryptoContext","_ref4","cieData","signedDPopForPid","signedNonceProof","credentialUrl","credential_endpoint","JSON","stringify","proof","jwt","proof_type","Authorization","pidResponse","validatePid","credential","pidJwt","decoded","SdJwt","pidKey","holderBindedKey","sdJwt"],"sourceRoot":"../../../src","sources":["pid/issuing.ts"],"mappings":";;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AAMA,IAAAC,IAAA,GAAAD,OAAA;AACA,IAAAE,gBAAA,GAAAC,sBAAA,CAAAH,OAAA;AACA,IAAAI,OAAA,GAAAJ,OAAA;AACA,IAAAK,KAAA,GAAAL,OAAA;AAEA,IAAAM,yBAAA,GAAAC,uBAAA,CAAAP,OAAA;AACA,IAAAQ,oBAAA,GAAAR,OAAA;AACA,IAAAS,EAAA,GAAAT,OAAA;AACA,IAAAU,OAAA,GAAAV,OAAA;AAAyD,SAAAW,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAL,wBAAAS,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAAA,SAAAnB,uBAAAa,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AACzD;;AAwBA,MAAMiB,aAAa,GACjB,oEAAoE;;AAEtE;AACA;AACA;AACA,MAAMC,MAAM,GACVC,IAAA;EAAA,IAAC;IACCC,gBAAgB;IAChBC,QAAQ,GAAGC;EAIb,CAAC,GAAAH,IAAA;EAAA,OACD,OACEI,QAAgB,EAChBC,YAAoB,EACpBC,qBAA6B,EAC7BC,8BAAmE,EACnEC,yBAAiC,KACb;IACpB;IACA;IACA;IACA;IACA,MAAMC,aAAa,GAAG,MAAMR,gBAAgB,CACzCS,YAAY,CAAC,CAAC,CACdC,IAAI,CAACC,QAAG,CAACC,KAAK,CAAC,CACfF,IAAI,CAACG,4BAAU,CAAC;IAEnB,MAAMC,GAAG,GAAG5C,yBAAyB,CAAC6C,MAAM,CAACR,yBAAyB,CAAC,CACpES,OAAO,CAACC,GAAG,CAACC,GAAG,CAACC,GAAG;IAEtB,MAAMC,aAAa,GAAG,MAAM,IAAAC,gCAAc,EAACjB,YAAY,CAAC;IAExD,MAAMkB,eAAe,GAAG,MAAM,IAAIC,yBAAO,CAACvB,gBAAgB,CAAC,CACxDwB,kBAAkB,CAAC;MAClBL,GAAG,EAAEX;IACP,CAAC,CAAC,CACDiB,UAAU,CAAC;MACVX,GAAG;MACHY,GAAG,EAAEpB,8BAA8B,CAACU,OAAO,CAACF,GAAG;MAC/Ca,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;MACnBC,qBAAqB,EAAEjC,aAAa;MACpCkC,qBAAqB,EAAE,CACrB;QACEC,qBAAqB,EAAE;UACrBC,IAAI,EAAE;QACR,CAAC;QACDC,MAAM,EAAE,WAAW;QACnBD,IAAI,EAAE;MACR,CAAC,CACF;MACDE,aAAa,EAAE,MAAM;MACrBC,qBAAqB,EAAE,MAAM;MAC7BC,YAAY,EAAEhC,qBAAqB;MACnCiC,KAAK,EAAG,GAAEV,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;MACrBU,SAAS,EAAEpC,QAAQ;MACnBqC,cAAc,EAAEpB;IAClB,CAAC,CAAC,CACDqB,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,IAAI,CAAC,CAAC;IAET,MAAMC,MAAM,GACVtC,8BAA8B,CAACU,OAAO,CAAC6B,QAAQ,CAACC,wBAAwB,CACrEC,qCAAqC;IAE1C,MAAMC,WAAW,GAAG;MAClBb,aAAa,EAAE,MAAM;MACrBI,SAAS,EAAEpC,QAAQ;MACnBqC,cAAc,EAAEpB,aAAa;MAC7BgB,qBAAqB,EAAE,MAAM;MAC7BN,qBAAqB,EAAEjC,aAAa;MACpCoD,gBAAgB,EAAE1C,yBAAyB;MAC3C2C,OAAO,EAAE5B;IACX,CAAC;IAED,IAAI6B,QAAQ,GAAG,IAAIC,eAAe,CAACJ,WAAW,CAAC;IAE/C,MAAMK,QAAQ,GAAG,MAAMpD,QAAQ,CAAC2C,MAAM,EAAE;MACtCU,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE;MAClB,CAAC;MACDC,IAAI,EAAEL,QAAQ,CAACM,QAAQ,CAAC;IAC1B,CAAC,CAAC;IAEF,IAAIJ,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAMC,MAAM,GAAG,MAAMN,QAAQ,CAACO,IAAI,CAAC,CAAC;MACpC,OAAOD,MAAM,CAACE,WAAW;IAC3B;IAEA,MAAM,IAAIC,uBAAe,CACtB,wCAAuC,MAAMT,QAAQ,CAACU,IAAI,CAAC,CAAE,EAChE,CAAC;EACH,CAAC;AAAA;;AAEH;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMC,gBAAgB,GAC3BC,KAAA;EAAA,IAAC;IACCjE,gBAAgB;IAChBC,QAAQ,GAAGC;EAIb,CAAC,GAAA+D,KAAA;EAAA,OACD,OACE1D,yBAAiC,EACjCF,qBAA6B,EAC7BC,8BAAmE,KACpC;IAC/B;IACA,MAAMH,QAAQ,GAAG,MAAMH,gBAAgB,CAACS,YAAY,CAAC,CAAC,CAACC,IAAI,CAAEwD,CAAC,IAAKA,CAAC,CAAC/C,GAAG,CAAC;IACzE,MAAMf,YAAY,GAAI,GAAEwB,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;IACnC,MAAMsC,iBAAiB,GAAI,GAAEvC,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;IACxC,MAAMuC,QAAQ,GACZ9D,8BAA8B,CAACU,OAAO,CAAC6B,QAAQ,CAACC,wBAAwB,CACrEuB,cAAc;IAEnB,MAAMvE,MAAM,CAAC;MAAEE,gBAAgB;MAAEC;IAAS,CAAC,CAAC,CAC1CE,QAAQ,EACRC,YAAY,EACZC,qBAAqB,EACrBC,8BAA8B,EAC9BC,yBACF,CAAC;;IAED;IACA,MAAM+D,MAAM,GAAI,aAAY1C,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;IACvC,MAAM,IAAA0C,6BAAQ,EAACD,MAAM,CAAC;IACtB,MAAME,gBAAgB,GAAG,IAAAC,8BAAsB,EAACH,MAAM,CAAC;IAEvD,MAAMI,UAAU,GAAG,MAAM,IAAAC,qBAAe,EACtC;MACEC,GAAG,EAAE,MAAM;MACXC,GAAG,EAAET,QAAQ;MACbzC,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE;IACpB,CAAC,EACD2C,gBACF,CAAC;IAED,MAAM,IAAAM,8BAAS,EAACR,MAAM,CAAC;IAEvB,MAAMtB,WAAW,GAAG;MAClB+B,UAAU,EAAE,oBAAoB;MAChCxC,SAAS,EAAEpC,QAAQ;MACnB6E,IAAI,EAAEb,iBAAiB;MACvBc,aAAa,EAAE7E,YAAY;MAC3B0B,qBAAqB,EAAEjC,aAAa;MACpCoD,gBAAgB,EAAE1C,yBAAyB;MAC3C8B,YAAY,EAAEhC;IAChB,CAAC;IACD,IAAI8C,QAAQ,GAAG,IAAIC,eAAe,CAACJ,WAAW,CAAC;IAE/C,MAAMK,QAAQ,GAAG,MAAMpD,QAAQ,CAACmE,QAAQ,EAAE;MACxCd,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE,mCAAmC;QACnD2B,IAAI,EAAER;MACR,CAAC;MACDlB,IAAI,EAAEL,QAAQ,CAACM,QAAQ,CAAC;IAC1B,CAAC,CAAC;IAEF,IAAIJ,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAM;QAAEyB,OAAO;QAAEC;MAAa,CAAC,GAAG,MAAM/B,QAAQ,CAACO,IAAI,CAAC,CAAC;MACvD,OAAO;QACLyB,WAAW,EAAED,YAAY;QACzBE,KAAK,EAAEH,OAAO;QACdhF,QAAQ;QACRC,YAAY;QACZ+D,iBAAiB;QACjB9D;MACF,CAAC;IACH;IAEA,MAAM,IAAIyD,uBAAe,CACtB,0CAAyC,MAAMT,QAAQ,CAACU,IAAI,CAAC,CAAE,EAClE,CAAC;EACH,CAAC;AAAA;;AAEH;AACA;AACA;AAFAwB,OAAA,CAAAvB,gBAAA,GAAAA,gBAAA;AAGA,MAAMwB,gBAAgB,GAAG,MAAAA,CACvBF,KAAa,EACbG,MAAc,EACdC,QAAgB,EAChBC,GAAkB,KACE;EACpB,OAAO,IAAIpE,yBAAO,CAACoE,GAAG,CAAC,CACpBlE,UAAU,CAAC;IACV6D,KAAK;IACLpE,GAAG,EAAE,MAAMyE,GAAG,CAAClF,YAAY,CAAC;EAC9B,CAAC,CAAC,CACDe,kBAAkB,CAAC;IAClBS,IAAI,EAAE;EACR,CAAC,CAAC,CACD2D,WAAW,CAACF,QAAQ,CAAC,CACrBG,SAAS,CAACJ,MAAM,CAAC,CACjBhD,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,IAAI,CAAC,CAAC;AACX,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMmD,aAAa,GACxBC,KAAA;EAAA,IAAC;IACCC,gBAAgB;IAChB/F,QAAQ,GAAGC;EAIb,CAAC,GAAA6F,KAAA;EAAA,OACD,OAAAE,KAAA,EAEE3F,8BAAmE,EACnE4F,OAAgB,KACS;IAAA,IAHzB;MAAEZ,KAAK;MAAED,WAAW;MAAElF,QAAQ;MAAEE;IAAyC,CAAC,GAAA4F,KAAA;IAI1E,MAAME,gBAAgB,GAAG,MAAM,IAAAxB,qBAAe,EAC5C;MACEC,GAAG,EAAE,MAAM;MACXC,GAAG,EAAEvE,8BAA8B,CAACU,OAAO,CAAC6B,QAAQ,CACjDC,wBAAwB,CAACuB,cAAc;MAC1C1C,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE;IACpB,CAAC,EACDmE,gBACF,CAAC;IACD,MAAMI,gBAAgB,GAAG,MAAMZ,gBAAgB,CAC7CF,KAAK,EACLnF,QAAQ,EACRE,qBAAqB,EACrB2F,gBACF,CAAC;IAED,MAAMK,aAAa,GACjB/F,8BAA8B,CAACU,OAAO,CAAC6B,QAAQ,CAACC,wBAAwB,CACrEwD,mBAAmB;IAExB,MAAMtD,WAAW,GAAG;MAClBhB,qBAAqB,EAAEuE,IAAI,CAACC,SAAS,CAAC;QACpCvE,IAAI,EAAE,CAAC,0BAA0B;MACnC,CAAC,CAAC;MACFC,MAAM,EAAE,WAAW;MACnBuE,KAAK,EAAEF,IAAI,CAACC,SAAS,CAAC;QACpBE,GAAG,EAAEN,gBAAgB;QACrBF,OAAO;QACPS,UAAU,EAAE;MACd,CAAC;IACH,CAAC;IACD,MAAMxD,QAAQ,GAAG,IAAIC,eAAe,CAACJ,WAAW,CAAC;IAEjD,MAAMK,QAAQ,GAAG,MAAMpD,QAAQ,CAACoG,aAAa,EAAE;MAC7C/C,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE,mCAAmC;QACnD2B,IAAI,EAAEiB,gBAAgB;QACtBS,aAAa,EAAEvB;MACjB,CAAC;MACD7B,IAAI,EAAEL,QAAQ,CAACM,QAAQ,CAAC;IAC1B,CAAC,CAAC;IAEF,IAAIJ,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAMmD,WAAW,GAAI,MAAMxD,QAAQ,CAACO,IAAI,CAAC,CAAiB;MAC1D,MAAMkD,WAAW,CAACD,WAAW,CAACE,UAAU,EAAEf,gBAAgB,CAAC;MAC3D,OAAOa,WAAW;IACpB;IAEA,MAAM,IAAI/C,uBAAe,CACtB,oCAAmCuC,aAAc,WAChDhD,QAAQ,CAACK,MACV,SAAQ,MAAML,QAAQ,CAACU,IAAI,CAAC,CAAE,EACjC,CAAC;EACH,CAAC;AAAA;AAACwB,OAAA,CAAAO,aAAA,GAAAA,aAAA;AAEJ,MAAMgB,WAAW,GAAG,MAAAA,CAAOE,MAAc,EAAEhB,gBAA+B,KAAK;EAC7E,MAAMiB,OAAO,GAAGC,QAAK,CAACnG,MAAM,CAACiG,MAAM,CAAC;EACpC,MAAMG,MAAM,GAAG,MAAMnB,gBAAgB,CAACvF,YAAY,CAAC,CAAC;EACpD,MAAM2G,eAAe,GAAGH,OAAO,CAACI,KAAK,CAACrG,OAAO,CAACC,GAAG,CAACC,GAAG;EAErD,IAAI,CAAC,MAAM,IAAAL,4BAAU,EAACsG,MAAM,CAAC,OAAO,MAAM,IAAAtG,4BAAU,EAACuG,eAAe,CAAC,CAAC,EAAE;IACtE,MAAM,IAAItD,uBAAe,CACtB,uGAAsGyC,IAAI,CAACC,SAAS,CACnHW,MACF,CAAE,kCAAiCZ,IAAI,CAACC,SAAS,CAACY,eAAe,CAAE,EACrE,CAAC;EACH;AACF,CAAC"}
|
|
@@ -1,8 +1,8 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
|
|
3
|
+
var _types = require("../../trust/types");
|
|
3
4
|
var RelyingPartySolution = _interopRequireWildcard(require(".."));
|
|
4
5
|
var _errors = require("../../utils/errors");
|
|
5
|
-
var _types = require("../types");
|
|
6
6
|
function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
|
|
7
7
|
function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
|
|
8
8
|
describe("decodeAuthRequestQR", () => {
|
|
@@ -160,7 +160,7 @@ describe("RpEntityConfiguration", () => {
|
|
|
160
160
|
authority_hints: ["https://demo.federation.eudi.wallet.developers.italia.it"]
|
|
161
161
|
}
|
|
162
162
|
};
|
|
163
|
-
const result = _types.
|
|
163
|
+
const result = _types.RelyingPartyEntityConfiguration.safeParse(pp);
|
|
164
164
|
if (result.success === false) {
|
|
165
165
|
throw result.error;
|
|
166
166
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["
|
|
1
|
+
{"version":3,"names":["_types","require","RelyingPartySolution","_interopRequireWildcard","_errors","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","describe","it","qrcode","result","decodeAuthRequestQR","expect","requestURI","toEqual","toThrowError","AuthRequestDecodeError","pp","header","alg","kid","typ","payload","exp","iat","iss","sub","jwks","keys","kty","e","n","metadata","federation_entity","organization_name","homepage_uri","policy_uri","logo_uri","contacts","wallet_relying_party","application_type","authorization_encrypted_response_alg","authorization_encrypted_response_enc","authorization_signed_response_alg","client_id","client_name","default_acr_values","default_max_age","id_token_encrypted_response_alg","id_token_encrypted_response_enc","id_token_signed_response_alg","presentation_definitions","id","input_descriptors","format","constraints","fields","filter","const","type","path","intent_to_retain","limit_disclosure","jwt","mso_mdoc","redirect_uris","request_uris","require_auth_time","subject_type","vp_formats","jwt_vp_json","crv","d","use","x","y","p","q","authority_hints","RelyingPartyEntityConfiguration","safeParse","success","error","toBe"],"sourceRoot":"../../../../src","sources":["rp/__test__/index.test.ts"],"mappings":";;AAAA,IAAAA,MAAA,GAAAC,OAAA;AACA,IAAAC,oBAAA,GAAAC,uBAAA,CAAAF,OAAA;AACA,IAAAG,OAAA,GAAAH,OAAA;AAA4D,SAAAI,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAH,wBAAAO,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAE5DW,QAAQ,CAAC,qBAAqB,EAAE,MAAM;EACpCC,EAAE,CAAC,0CAA0C,EAAE,YAAY;IACzD,MAAMC,MAAM,GACV,sJAAsJ;IACxJ,MAAMC,MAAM,GAAG5B,oBAAoB,CAAC6B,mBAAmB,CAACF,MAAM,CAAC;IAC/DG,MAAM,CAACF,MAAM,CAACG,UAAU,CAAC,CAACC,OAAO,CAC/B,0CACF,CAAC;EACH,CAAC,CAAC;EACFN,EAAE,CAAC,wCAAwC,EAAE,YAAY;IACvD,MAAMC,MAAM,GAAG,0BAA0B;IACzCG,MAAM,CAAC,MAAM9B,oBAAoB,CAAC6B,mBAAmB,CAACF,MAAM,CAAC,CAAC,CAACM,YAAY,CACzEC,8BACF,CAAC;EACH,CAAC,CAAC;AACJ,CAAC,CAAC;AAEFT,QAAQ,CAAC,uBAAuB,EAAE,MAAM;EACtCC,EAAE,CAAC,2BAA2B,EAAE,YAAY;IAC1C,MAAMS,EAAE,GAAG;MACTC,MAAM,EAAE;QACNC,GAAG,EAAE,OAAO;QACZC,GAAG,EAAE,6CAA6C;QAClDC,GAAG,EAAE;MACP,CAAC;MACDC,OAAO,EAAE;QACPC,GAAG,EAAE,UAAU;QACfC,GAAG,EAAE,UAAU;QACfC,GAAG,EAAE,+DAA+D;QACpEC,GAAG,EAAE,+DAA+D;QACpEC,IAAI,EAAE;UACJC,IAAI,EAAE,CACJ;YACEC,GAAG,EAAE,KAAK;YACVT,GAAG,EAAE,6CAA6C;YAClDU,CAAC,EAAE,MAAM;YACTC,CAAC,EAAE;UACL,CAAC;QAEL,CAAC;QACDC,QAAQ,EAAE;UACRC,iBAAiB,EAAE;YACjBC,iBAAiB,EAAE,iBAAiB;YACpCC,YAAY,EAAE,iCAAiC;YAC/CC,UAAU,EAAE,iCAAiC;YAC7CC,QAAQ,EAAE,iCAAiC;YAC3CC,QAAQ,EAAE,CAAC,iCAAiC;UAC9C,CAAC;UACDC,oBAAoB,EAAE;YACpBC,gBAAgB,EAAE,KAAK;YACvBC,oCAAoC,EAAE,CACpC,UAAU,EACV,cAAc,EACd,SAAS,EACT,gBAAgB,EAChB,gBAAgB,EAChB,gBAAgB,CACjB;YACDC,oCAAoC,EAAE,CACpC,eAAe,EACf,eAAe,EACf,eAAe,EACf,SAAS,EACT,SAAS,EACT,SAAS,CACV;YACDC,iCAAiC,EAAE,CACjC,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,CACR;YACDC,SAAS,EACP,+DAA+D;YACjEC,WAAW,EAAE,iCAAiC;YAC9CP,QAAQ,EAAE,CAAC,0BAA0B,CAAC;YACtCQ,kBAAkB,EAAE,CAClB,gCAAgC,EAChC,gCAAgC,CACjC;YACDC,eAAe,EAAE,IAAI;YACrBC,+BAA+B,EAAE,CAC/B,UAAU,EACV,cAAc,EACd,SAAS,EACT,gBAAgB,EAChB,gBAAgB,EAChB,gBAAgB,CACjB;YACDC,+BAA+B,EAAE,CAC/B,eAAe,EACf,eAAe,EACf,eAAe,EACf,SAAS,EACT,SAAS,EACT,SAAS,CACV;YACDC,4BAA4B,EAAE,CAC5B,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,CACR;YACDC,wBAAwB,EAAE,CACxB;cACEC,EAAE,EAAE,6CAA6C;cACjDC,iBAAiB,EAAE,CACjB;gBACED,EAAE,EAAE,6CAA6C;gBACjDE,MAAM,EAAE;kBACNC,WAAW,EAAE;oBACXC,MAAM,EAAE,CACN;sBACEC,MAAM,EAAE;wBACNC,KAAK,EAAE,0BAA0B;wBACjCC,IAAI,EAAE;sBACR,CAAC;sBACDC,IAAI,EAAE,CAAC,eAAe;oBACxB,CAAC,EACD;sBACEH,MAAM,EAAE;wBACNE,IAAI,EAAE;sBACR,CAAC;sBACDC,IAAI,EAAE,CAAC,cAAc;oBACvB,CAAC,EACD;sBACEC,gBAAgB,EAAE,MAAM;sBACxBD,IAAI,EAAE,CAAC,sBAAsB;oBAC/B,CAAC,EACD;sBACEC,gBAAgB,EAAE,MAAM;sBACxBD,IAAI,EAAE,CAAC,qBAAqB;oBAC9B,CAAC,EACD;sBACEC,gBAAgB,EAAE,MAAM;sBACxBD,IAAI,EAAE,CAAC,oBAAoB;oBAC7B,CAAC,CACF;oBACDE,gBAAgB,EAAE;kBACpB,CAAC;kBACDC,GAAG,EAAE;oBACH5C,GAAG,EAAE,CAAC,OAAO,EAAE,OAAO;kBACxB;gBACF;cACF,CAAC;YAEL,CAAC,EACD;cACEiC,EAAE,EAAE,gBAAgB;cACpBC,iBAAiB,EAAE,CACjB;gBACEC,MAAM,EAAE;kBACNC,WAAW,EAAE;oBACXC,MAAM,EAAE,CACN;sBACEC,MAAM,EAAE;wBACNC,KAAK,EAAE,uBAAuB;wBAC9BC,IAAI,EAAE;sBACR,CAAC;sBACDC,IAAI,EAAE,CAAC,gBAAgB;oBACzB,CAAC,EACD;sBACEH,MAAM,EAAE;wBACNC,KAAK,EAAE,mBAAmB;wBAC1BC,IAAI,EAAE;sBACR,CAAC;sBACDC,IAAI,EAAE,CAAC,kBAAkB;oBAC3B,CAAC,EACD;sBACEC,gBAAgB,EAAE,OAAO;sBACzBD,IAAI,EAAE,CAAC,oBAAoB;oBAC7B,CAAC,EACD;sBACEC,gBAAgB,EAAE,OAAO;sBACzBD,IAAI,EAAE,CAAC,iBAAiB;oBAC1B,CAAC,EACD;sBACEC,gBAAgB,EAAE,OAAO;sBACzBD,IAAI,EAAE,CAAC,2BAA2B;oBACpC,CAAC,CACF;oBACDE,gBAAgB,EAAE;kBACpB,CAAC;kBACDE,QAAQ,EAAE;oBACR7C,GAAG,EAAE,CAAC,OAAO,EAAE,OAAO;kBACxB;gBACF,CAAC;gBACDiC,EAAE,EAAE;cACN,CAAC;YAEL,CAAC,CACF;YACDa,aAAa,EAAE,CACb,4EAA4E,CAC7E;YACDC,YAAY,EAAE,CACZ,2EAA2E,CAC5E;YACDC,iBAAiB,EAAE,IAAI;YACvBC,YAAY,EAAE,UAAU;YACxBC,UAAU,EAAE;cACVC,WAAW,EAAE;gBACXnD,GAAG,EAAE,CAAC,OAAO,EAAE,QAAQ;cACzB;YACF,CAAC;YACDQ,IAAI,EAAE,CACJ;cACE4C,GAAG,EAAE,OAAO;cACZC,CAAC,EAAE,6CAA6C;cAChDpD,GAAG,EAAE,6CAA6C;cAClDqD,GAAG,EAAE,KAAK;cACV5C,GAAG,EAAE,IAAI;cACT6C,CAAC,EAAE,6CAA6C;cAChDC,CAAC,EAAE;YACL,CAAC,EACD;cACE9C,GAAG,EAAE,KAAK;cACV2C,CAAC,EAAE,wVAAwV;cAC3V1C,CAAC,EAAE,MAAM;cACT2C,GAAG,EAAE,KAAK;cACVrD,GAAG,EAAE,6CAA6C;cAClDW,CAAC,EAAE,wVAAwV;cAC3V6C,CAAC,EAAE,6KAA6K;cAChLC,CAAC,EAAE;YACL,CAAC;UAEL;QACF,CAAC;QACDC,eAAe,EAAE,CACf,0DAA0D;MAE9D;IACF,CAAC;IACD,MAAMpE,MAAM,GAAGqE,sCAA+B,CAACC,SAAS,CAAC/D,EAAE,CAAC;IAC5D,IAAIP,MAAM,CAACuE,OAAO,KAAK,KAAK,EAAE;MAC5B,MAAMvE,MAAM,CAACwE,KAAK;IACpB;IACAtE,MAAM,CAACF,MAAM,CAACuE,OAAO,CAAC,CAACE,IAAI,CAAC,IAAI,CAAC;EACnC,CAAC,CAAC;AACJ,CAAC,CAAC"}
|
package/lib/commonjs/rp/index.js
CHANGED
|
@@ -3,15 +3,16 @@
|
|
|
3
3
|
Object.defineProperty(exports, "__esModule", {
|
|
4
4
|
value: true
|
|
5
5
|
});
|
|
6
|
-
exports.sendAuthorizationResponse = exports.getRequestObject = exports.
|
|
6
|
+
exports.sendAuthorizationResponse = exports.getRequestObject = exports.decodeAuthRequestQR = void 0;
|
|
7
7
|
var _errors = require("../utils/errors");
|
|
8
8
|
var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
|
|
9
9
|
var _types = require("./types");
|
|
10
10
|
var _reactNativeUuid = _interopRequireDefault(require("react-native-uuid"));
|
|
11
11
|
var _sdJwt = require("../sd-jwt");
|
|
12
|
-
var _trust = require("../trust");
|
|
13
12
|
var _dpop = require("../utils/dpop");
|
|
14
|
-
var
|
|
13
|
+
var WalletInstanceAttestation = _interopRequireWildcard(require("../wallet-instance-attestation"));
|
|
14
|
+
function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
|
|
15
|
+
function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
|
|
15
16
|
function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
|
|
16
17
|
/**
|
|
17
18
|
* Select a RSA public key from those provided by the RP to encrypt.
|
|
@@ -30,20 +31,6 @@ const chooseRSAPublicKeyToEncrypt = entity => {
|
|
|
30
31
|
throw new _errors.NoSuitableKeysFoundInEntityConfiguration("Encrypt with RP public key");
|
|
31
32
|
};
|
|
32
33
|
|
|
33
|
-
/**
|
|
34
|
-
* Obtain the relying party entity configuration.
|
|
35
|
-
*/
|
|
36
|
-
const getEntityConfiguration = function () {
|
|
37
|
-
let {
|
|
38
|
-
appFetch = fetch
|
|
39
|
-
} = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};
|
|
40
|
-
return async relyingPartyBaseUrl => {
|
|
41
|
-
return (0, _trust.getEntityConfiguration)(relyingPartyBaseUrl, {
|
|
42
|
-
appFetch: appFetch
|
|
43
|
-
}).then(_types.RpEntityConfiguration.parse);
|
|
44
|
-
};
|
|
45
|
-
};
|
|
46
|
-
|
|
47
34
|
/**
|
|
48
35
|
* Decode a QR code content to an authentication request url.
|
|
49
36
|
* @function
|
|
@@ -52,7 +39,6 @@ const getEntityConfiguration = function () {
|
|
|
52
39
|
* @returns The authentication request url
|
|
53
40
|
*
|
|
54
41
|
*/
|
|
55
|
-
exports.getEntityConfiguration = getEntityConfiguration;
|
|
56
42
|
const decodeAuthRequestQR = qrcode => {
|
|
57
43
|
const decoded = (0, _ioReactNativeJwt.decodeBase64)(qrcode);
|
|
58
44
|
const decodedUrl = new URL(decoded);
|
|
@@ -161,7 +147,7 @@ const prepareVpToken = _ref3 => {
|
|
|
161
147
|
payload: {
|
|
162
148
|
iss
|
|
163
149
|
}
|
|
164
|
-
} =
|
|
150
|
+
} = WalletInstanceAttestation.decode(walletInstanceAttestation);
|
|
165
151
|
const pidKid = await pidCryptoContext.getPublicKey().then(_ => _.kid);
|
|
166
152
|
|
|
167
153
|
// TODO: [SIW-359] check all requeste claims of the requestedObj are satisfied
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_errors","require","_ioReactNativeJwt","_types","_reactNativeUuid","_interopRequireDefault","_sdJwt","
|
|
1
|
+
{"version":3,"names":["_errors","require","_ioReactNativeJwt","_types","_reactNativeUuid","_interopRequireDefault","_sdJwt","_dpop","WalletInstanceAttestation","_interopRequireWildcard","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","chooseRSAPublicKeyToEncrypt","entity","usingRsa256","payload","metadata","wallet_relying_party","jwks","filter","jwk","use","kty","NoSuitableKeysFoundInEntityConfiguration","decodeAuthRequestQR","qrcode","decoded","decodeBase64","decodedUrl","URL","protocol","resource","hostname","requestURI","searchParams","clientId","result","QRCodePayload","safeParse","success","data","AuthRequestDecodeError","error","message","exports","getRequestObject","_ref","wiaCryptoContext","appFetch","fetch","walletInstanceAttestation","requestUri","rpEntityConfiguration","signedWalletInstanceDPoP","createDPopToken","jti","uuid","v4","htm","htu","ath","sha256ToBase64","response","method","headers","Authorization","DPoP","status","responseJson","json","responseEncodedJwt","responseJwt","decodeJwt","pubKey","find","_ref2","kid","protectedHeader","verify","requestObject","RequestObject","parse","header","IoWalletError","text","prepareVpToken","_ref3","pidCryptoContext","_ref4","_ref5","vc","claims","token","vp","paths","disclose","iss","decode","pidKid","getPublicKey","then","_","vp_token","SignJWT","setProtectedHeader","typ","setPayload","nonce","setAudience","response_uri","setIssuedAt","setExpirationTime","sign","vc_scope","scope","presentation_submission","definition_id","id","descriptor_map","map","p","path","format","sendAuthorizationResponse","_ref6","_ref7","presentation","authzResponsePayload","JSON","stringify","state","encrypted","EncryptJwe","alg","enc","encrypt","formBody","URLSearchParams","body","toString"],"sourceRoot":"../../../src","sources":["rp/index.ts"],"mappings":";;;;;;AAAA,IAAAA,OAAA,GAAAC,OAAA;AAKA,IAAAC,iBAAA,GAAAD,OAAA;AASA,IAAAE,MAAA,GAAAF,OAAA;AAEA,IAAAG,gBAAA,GAAAC,sBAAA,CAAAJ,OAAA;AAEA,IAAAK,MAAA,GAAAL,OAAA;AACA,IAAAM,KAAA,GAAAN,OAAA;AAEA,IAAAO,yBAAA,GAAAC,uBAAA,CAAAR,OAAA;AAA4E,SAAAS,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAF,wBAAAM,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAAA,SAAAhB,uBAAAU,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAE5E;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMiB,2BAA2B,GAC/BC,MAAuC,IAC/B;EACR,MAAM,CAACC,WAAW,CAAC,GACjBD,MAAM,CAACE,OAAO,CAACC,QAAQ,CAACC,oBAAoB,CAACC,IAAI,CAACC,MAAM,CACrDC,GAAG,IAAKA,GAAG,CAACC,GAAG,KAAK,KAAK,IAAID,GAAG,CAACE,GAAG,KAAK,KAC5C,CAAC;EAEH,IAAIR,WAAW,EAAE;IACf,OAAOA,WAAW;EACpB;;EAEA;EACA,MAAM,IAAIS,gDAAwC,CAChD,4BACF,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMC,mBAAmB,GAAIC,MAAc,IAAoB;EACpE,MAAMC,OAAO,GAAG,IAAAC,8BAAY,EAACF,MAAM,CAAC;EACpC,MAAMG,UAAU,GAAG,IAAIC,GAAG,CAACH,OAAO,CAAC;EACnC,MAAMI,QAAQ,GAAGF,UAAU,CAACE,QAAQ;EACpC,MAAMC,QAAQ,GAAGH,UAAU,CAACI,QAAQ;EACpC,MAAMC,UAAU,GAAGL,UAAU,CAACM,YAAY,CAAClC,GAAG,CAAC,aAAa,CAAC;EAC7D,MAAMmC,QAAQ,GAAGP,UAAU,CAACM,YAAY,CAAClC,GAAG,CAAC,WAAW,CAAC;EAEzD,MAAMoC,MAAM,GAAGC,oBAAa,CAACC,SAAS,CAAC;IACrCR,QAAQ;IACRC,QAAQ;IACRE,UAAU;IACVE;EACF,CAAC,CAAC;EAEF,IAAIC,MAAM,CAACG,OAAO,EAAE;IAClB,OAAOH,MAAM,CAACI,IAAI;EACpB,CAAC,MAAM;IACL,MAAM,IAAIC,8BAAsB,CAACL,MAAM,CAACM,KAAK,CAACC,OAAO,EAAG,GAAEf,UAAW,EAAC,CAAC;EACzE;AACF,CAAC;AAACgB,OAAA,CAAApB,mBAAA,GAAAA,mBAAA;AAQF;AACA;AACA;AACA;AACO,MAAMqB,gBAAgB,GAC3BC,IAAA;EAAA,IAAC;IACCC,gBAAgB;IAChBC,QAAQ,GAAGC;EAIb,CAAC,GAAAH,IAAA;EAAA,OACD,OACEI,yBAAiC,EACjCC,UAAkB,EAClBC,qBAAsD,KACvB;IAC/B,MAAMC,wBAAwB,GAAG,MAAM,IAAAC,qBAAe,EACpD;MACEC,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;MACnBC,GAAG,EAAE,KAAK;MACVC,GAAG,EAAER,UAAU;MACfS,GAAG,EAAE,MAAM,IAAAC,gCAAc,EAACX,yBAAyB;IACrD,CAAC,EACDH,gBACF,CAAC;IAED,MAAMe,QAAQ,GAAG,MAAMd,QAAQ,CAACG,UAAU,EAAE;MAC1CY,MAAM,EAAE,KAAK;MACbC,OAAO,EAAE;QACPC,aAAa,EAAG,QAAOf,yBAA0B,EAAC;QAClDgB,IAAI,EAAEb;MACR;IACF,CAAC,CAAC;IAEF,IAAIS,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAMC,YAAY,GAAG,MAAMN,QAAQ,CAACO,IAAI,CAAC,CAAC;MAC1C,MAAMC,kBAAkB,GAAGF,YAAY,CAACN,QAAQ;MAEhD,MAAMS,WAAW,GAAG,IAAAC,wBAAS,EAACF,kBAAkB,CAAC;;MAEjD;MACA;MACA;QACE,MAAMG,MAAM,GACVrB,qBAAqB,CAACrC,OAAO,CAACC,QAAQ,CAACC,oBAAoB,CAACC,IAAI,CAACwD,IAAI,CACnEC,KAAA;UAAA,IAAC;YAAEC;UAAI,CAAC,GAAAD,KAAA;UAAA,OAAKC,GAAG,KAAKL,WAAW,CAACM,eAAe,CAACD,GAAG;QAAA,CACtD,CAAC;QACH,IAAI,CAACH,MAAM,EAAE;UACX,MAAM,IAAIlD,gDAAwC,CAChD,uCACF,CAAC;QACH;QACA,MAAM,IAAAuD,wBAAM,EAACR,kBAAkB,EAAEG,MAAM,CAAC;MAC1C;;MAEA;MACA,MAAMM,aAAa,GAAGC,oBAAa,CAACC,KAAK,CAAC;QACxCC,MAAM,EAAEX,WAAW,CAACM,eAAe;QACnC9D,OAAO,EAAEwD,WAAW,CAACxD;MACvB,CAAC,CAAC;MAEF,OAAO;QACLgE,aAAa;QACb3B,qBAAqB;QACrBF;MACF,CAAC;IACH;IAEA,MAAM,IAAIiC,qBAAa,CACpB,mDAAkDrB,QAAQ,CAACK,MAAO;AACzE,QAAQ,MAAML,QAAQ,CAACsB,IAAI,CAAC,CAAE,EAC1B,CAAC;EACH,CAAC;AAAA;;AAEH;AACA;AACA;AACA;AACA;AACA;AACA;AANAxC,OAAA,CAAAC,gBAAA,GAAAA,gBAAA;AAOA,MAAMwC,cAAc,GAClBC,KAAA;EAAA,IAAC;IAAEC;EAAsD,CAAC,GAAAD,KAAA;EAAA,OAC1D,OAAAE,KAAA,EAAAC,KAAA,KAMM;IAAA,IALJ;MAAEV,aAAa;MAAE7B;IAA6C,CAAC,GAAAsC,KAAA;IAAA,IAC/D,CAACE,EAAE,EAAEC,MAAM,CAAe,GAAAF,KAAA;IAK1B;IACA,MAAM;MAAEG,KAAK,EAAEC,EAAE;MAAEC;IAAM,CAAC,GAAG,MAAM,IAAAC,eAAQ,EAACL,EAAE,EAAEC,MAAM,CAAC;;IAEvD;IACA,MAAM;MACJ5E,OAAO,EAAE;QAAEiF;MAAI;IACjB,CAAC,GAAG5G,yBAAyB,CAAC6G,MAAM,CAAC/C,yBAAyB,CAAC;IAE/D,MAAMgD,MAAM,GAAG,MAAMX,gBAAgB,CAACY,YAAY,CAAC,CAAC,CAACC,IAAI,CAAEC,CAAC,IAAKA,CAAC,CAACzB,GAAG,CAAC;;IAEvE;IACA,MAAM0B,QAAQ,GAAG,MAAM,IAAIC,yBAAO,CAAChB,gBAAgB,CAAC,CACjDiB,kBAAkB,CAAC;MAClBC,GAAG,EAAE,KAAK;MACV7B,GAAG,EAAEsB;IACP,CAAC,CAAC,CACDQ,UAAU,CAAC;MACVb,EAAE,EAAEA,EAAE;MACNtC,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;MACnBuC,GAAG;MACHW,KAAK,EAAE5B,aAAa,CAAChE,OAAO,CAAC4F;IAC/B,CAAC,CAAC,CACDC,WAAW,CAAC7B,aAAa,CAAChE,OAAO,CAAC8F,YAAY,CAAC,CAC/CC,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,IAAI,CAAC,CAAC;IAET,MAAMC,QAAQ,GAAGlC,aAAa,CAAChE,OAAO,CAACmG,KAAK;IAC5C,MAAMC,uBAAuB,GAAG;MAC9BC,aAAa,EAAG,GAAE5D,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;MAC7B4D,EAAE,EAAG,GAAE7D,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;MAClB6D,cAAc,EAAExB,KAAK,CAACyB,GAAG,CAAEC,CAAC,KAAM;QAChCH,EAAE,EAAEJ,QAAQ;QACZQ,IAAI,EAAG,cAAaD,CAAC,CAACC,IAAK,EAAC;QAC5BC,MAAM,EAAE;MACV,CAAC,CAAC;IACJ,CAAC;IAED,OAAO;MAAEpB,QAAQ;MAAEa;IAAwB,CAAC;EAC9C,CAAC;AAAA;;AAEH;AACA;AACA;AACA;AACA;AACA;AACO,MAAMQ,yBAAyB,GACpCC,KAAA;EAAA,IAAC;IACCrC,gBAAgB;IAChBvC,QAAQ,GAAGC;EAIb,CAAC,GAAA2E,KAAA;EAAA,OACD,OAAAC,KAAA,EAMEC,YAA0B,KACN;IAAA,IANpB;MACE/C,aAAa;MACb3B,qBAAqB;MACrBF;IACiB,CAAC,GAAA2E,KAAA;IAGpB;IACA;IACA,MAAMzG,GAAG,GAAGR,2BAA2B,CAACwC,qBAAqB,CAAC;IAE9D,MAAM;MAAEkD,QAAQ;MAAEa;IAAwB,CAAC,GAAG,MAAM9B,cAAc,CAAC;MACjEE;IACF,CAAC,CAAC,CACA;MACER,aAAa;MACb3B,qBAAqB;MACrBF;IACF,CAAC,EACD4E,YACF,CAAC;IAED,MAAMC,oBAAoB,GAAGC,IAAI,CAACC,SAAS,CAAC;MAC1CC,KAAK,EAAEnD,aAAa,CAAChE,OAAO,CAACmH,KAAK;MAClCf,uBAAuB;MACvBR,KAAK,EAAE5B,aAAa,CAAChE,OAAO,CAAC4F,KAAK;MAClCL;IACF,CAAC,CAAC;IAEF,MAAM6B,SAAS,GAAG,MAAM,IAAIC,4BAAU,CAACL,oBAAoB,EAAE;MAC3DM,GAAG,EAAE,cAAc;MACnBC,GAAG,EAAE,eAAe;MACpB1D,GAAG,EAAExD,GAAG,CAACwD;IACX,CAAC,CAAC,CAAC2D,OAAO,CAACnH,GAAG,CAAC;IAEf,MAAMoH,QAAQ,GAAG,IAAIC,eAAe,CAAC;MAAE3E,QAAQ,EAAEqE;IAAU,CAAC,CAAC;IAC7D,MAAMO,IAAI,GAAGF,QAAQ,CAACG,QAAQ,CAAC,CAAC;IAEhC,MAAM7E,QAAQ,GAAG,MAAMd,QAAQ,CAAC+B,aAAa,CAAChE,OAAO,CAAC8F,YAAY,EAAE;MAClE9C,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE;MAClB,CAAC;MACD0E;IACF,CAAC,CAAC;IAEF,IAAI5E,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,OAAO,MAAML,QAAQ,CAACO,IAAI,CAAC,CAAC;IAC9B;IAEA,MAAM,IAAIc,qBAAa,CACpB,oDAAmD,MAAMrB,QAAQ,CAACsB,IAAI,CAAC,CAAE,eACxEtB,QAAQ,CAACK,MACV,EACH,CAAC;EACH,CAAC;AAAA;AAACvB,OAAA,CAAA+E,yBAAA,GAAAA,yBAAA"}
|