@pagopa/io-react-native-wallet 0.7.3 → 0.9.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (211) hide show
  1. package/README.md +49 -31
  2. package/lib/commonjs/credential/index.js +13 -0
  3. package/lib/commonjs/credential/index.js.map +1 -0
  4. package/lib/commonjs/credential/issuance/01-start-flow.js +2 -0
  5. package/lib/commonjs/credential/issuance/01-start-flow.js.map +1 -0
  6. package/lib/commonjs/credential/issuance/02-evaluate-issuer-trust.js +26 -0
  7. package/lib/commonjs/credential/issuance/02-evaluate-issuer-trust.js.map +1 -0
  8. package/lib/commonjs/credential/issuance/03-start-user-authorization.js +119 -0
  9. package/lib/commonjs/credential/issuance/03-start-user-authorization.js.map +1 -0
  10. package/lib/commonjs/credential/issuance/04-complete-user-authorization.js +6 -0
  11. package/lib/commonjs/credential/issuance/04-complete-user-authorization.js.map +1 -0
  12. package/lib/commonjs/credential/issuance/05-authorize-access.js +63 -0
  13. package/lib/commonjs/credential/issuance/05-authorize-access.js.map +1 -0
  14. package/lib/commonjs/credential/issuance/06-obtain-credential.js +128 -0
  15. package/lib/commonjs/credential/issuance/06-obtain-credential.js.map +1 -0
  16. package/lib/commonjs/credential/issuance/07-confirm-credential.js +6 -0
  17. package/lib/commonjs/credential/issuance/07-confirm-credential.js.map +1 -0
  18. package/lib/commonjs/credential/issuance/const.js +9 -0
  19. package/lib/commonjs/credential/issuance/const.js.map +1 -0
  20. package/lib/commonjs/credential/issuance/index.js +34 -0
  21. package/lib/commonjs/credential/issuance/index.js.map +1 -0
  22. package/lib/commonjs/credential/presentation/01-start-flow.js +55 -0
  23. package/lib/commonjs/credential/presentation/01-start-flow.js.map +1 -0
  24. package/lib/commonjs/credential/presentation/02-evaluate-rp-trust.js +32 -0
  25. package/lib/commonjs/credential/presentation/02-evaluate-rp-trust.js.map +1 -0
  26. package/lib/commonjs/credential/presentation/03-get-request-object.js +68 -0
  27. package/lib/commonjs/credential/presentation/03-get-request-object.js.map +1 -0
  28. package/lib/commonjs/credential/presentation/04-send-authorization-response.js +139 -0
  29. package/lib/commonjs/credential/presentation/04-send-authorization-response.js.map +1 -0
  30. package/lib/commonjs/credential/presentation/index.js +34 -0
  31. package/lib/commonjs/credential/presentation/index.js.map +1 -0
  32. package/lib/commonjs/{rp → credential/presentation}/types.js +17 -34
  33. package/lib/commonjs/credential/presentation/types.js.map +1 -0
  34. package/lib/commonjs/index.js +10 -61
  35. package/lib/commonjs/index.js.map +1 -1
  36. package/lib/commonjs/pid/index.js +1 -3
  37. package/lib/commonjs/pid/index.js.map +1 -1
  38. package/lib/commonjs/sd-jwt/index.js +1 -1
  39. package/lib/commonjs/sd-jwt/index.js.map +1 -1
  40. package/lib/commonjs/sd-jwt/types.js +1 -1
  41. package/lib/commonjs/sd-jwt/types.js.map +1 -1
  42. package/lib/commonjs/trust/chain.js +32 -4
  43. package/lib/commonjs/trust/chain.js.map +1 -1
  44. package/lib/commonjs/trust/index.js +105 -20
  45. package/lib/commonjs/trust/index.js.map +1 -1
  46. package/lib/commonjs/trust/types.js +54 -35
  47. package/lib/commonjs/trust/types.js.map +1 -1
  48. package/lib/commonjs/utils/crypto.js +4 -10
  49. package/lib/commonjs/utils/crypto.js.map +1 -1
  50. package/lib/commonjs/utils/misc.js +23 -0
  51. package/lib/commonjs/utils/misc.js.map +1 -0
  52. package/lib/commonjs/utils/par.js +86 -0
  53. package/lib/commonjs/utils/par.js.map +1 -0
  54. package/lib/module/credential/index.js +4 -0
  55. package/lib/module/credential/index.js.map +1 -0
  56. package/lib/module/credential/issuance/01-start-flow.js +2 -0
  57. package/lib/module/credential/issuance/01-start-flow.js.map +1 -0
  58. package/lib/module/credential/issuance/02-evaluate-issuer-trust.js +19 -0
  59. package/lib/module/credential/issuance/02-evaluate-issuer-trust.js.map +1 -0
  60. package/lib/module/credential/issuance/03-start-user-authorization.js +109 -0
  61. package/lib/module/credential/issuance/03-start-user-authorization.js.map +1 -0
  62. package/lib/module/credential/issuance/04-complete-user-authorization.js +2 -0
  63. package/lib/module/credential/issuance/04-complete-user-authorization.js.map +1 -0
  64. package/lib/module/credential/issuance/05-authorize-access.js +55 -0
  65. package/lib/module/credential/issuance/05-authorize-access.js.map +1 -0
  66. package/lib/module/credential/issuance/06-obtain-credential.js +117 -0
  67. package/lib/module/credential/issuance/06-obtain-credential.js.map +1 -0
  68. package/lib/module/credential/issuance/07-confirm-credential.js +2 -0
  69. package/lib/module/credential/issuance/07-confirm-credential.js.map +1 -0
  70. package/lib/module/credential/issuance/const.js +2 -0
  71. package/lib/module/credential/issuance/const.js.map +1 -0
  72. package/lib/module/credential/issuance/index.js +6 -0
  73. package/lib/module/credential/issuance/index.js.map +1 -0
  74. package/lib/module/credential/presentation/01-start-flow.js +46 -0
  75. package/lib/module/credential/presentation/01-start-flow.js.map +1 -0
  76. package/lib/module/credential/presentation/02-evaluate-rp-trust.js +25 -0
  77. package/lib/module/credential/presentation/02-evaluate-rp-trust.js.map +1 -0
  78. package/lib/module/credential/presentation/03-get-request-object.js +60 -0
  79. package/lib/module/credential/presentation/03-get-request-object.js.map +1 -0
  80. package/lib/module/credential/presentation/04-send-authorization-response.js +128 -0
  81. package/lib/module/credential/presentation/04-send-authorization-response.js.map +1 -0
  82. package/lib/module/credential/presentation/index.js +6 -0
  83. package/lib/module/credential/presentation/index.js.map +1 -0
  84. package/lib/module/credential/presentation/types.js +21 -0
  85. package/lib/module/credential/presentation/types.js.map +1 -0
  86. package/lib/module/index.js +4 -5
  87. package/lib/module/index.js.map +1 -1
  88. package/lib/module/pid/index.js +1 -2
  89. package/lib/module/pid/index.js.map +1 -1
  90. package/lib/module/sd-jwt/index.js +1 -1
  91. package/lib/module/sd-jwt/index.js.map +1 -1
  92. package/lib/module/sd-jwt/types.js +1 -1
  93. package/lib/module/sd-jwt/types.js.map +1 -1
  94. package/lib/module/trust/chain.js +30 -3
  95. package/lib/module/trust/chain.js.map +1 -1
  96. package/lib/module/trust/index.js +99 -16
  97. package/lib/module/trust/index.js.map +1 -1
  98. package/lib/module/trust/types.js +50 -31
  99. package/lib/module/trust/types.js.map +1 -1
  100. package/lib/module/utils/crypto.js +2 -8
  101. package/lib/module/utils/crypto.js.map +1 -1
  102. package/lib/module/utils/misc.js +17 -0
  103. package/lib/module/utils/misc.js.map +1 -0
  104. package/lib/module/utils/par.js +74 -0
  105. package/lib/module/utils/par.js.map +1 -0
  106. package/lib/typescript/credential/index.d.ts +4 -0
  107. package/lib/typescript/credential/index.d.ts.map +1 -0
  108. package/lib/typescript/credential/issuance/01-start-flow.d.ts +11 -0
  109. package/lib/typescript/credential/issuance/01-start-flow.d.ts.map +1 -0
  110. package/lib/typescript/credential/issuance/02-evaluate-issuer-trust.d.ts +18 -0
  111. package/lib/typescript/credential/issuance/02-evaluate-issuer-trust.d.ts.map +1 -0
  112. package/lib/typescript/credential/issuance/03-start-user-authorization.d.ts +31 -0
  113. package/lib/typescript/credential/issuance/03-start-user-authorization.d.ts.map +1 -0
  114. package/lib/typescript/credential/issuance/04-complete-user-authorization.d.ts +16 -0
  115. package/lib/typescript/credential/issuance/04-complete-user-authorization.d.ts.map +1 -0
  116. package/lib/typescript/credential/issuance/05-authorize-access.d.ts +26 -0
  117. package/lib/typescript/credential/issuance/05-authorize-access.d.ts.map +1 -0
  118. package/lib/typescript/credential/issuance/06-obtain-credential.d.ts +32 -0
  119. package/lib/typescript/credential/issuance/06-obtain-credential.d.ts.map +1 -0
  120. package/lib/typescript/credential/issuance/07-confirm-credential.d.ts +11 -0
  121. package/lib/typescript/credential/issuance/07-confirm-credential.d.ts.map +1 -0
  122. package/lib/typescript/credential/issuance/const.d.ts +2 -0
  123. package/lib/typescript/credential/issuance/const.d.ts.map +1 -0
  124. package/lib/typescript/credential/issuance/index.d.ts +10 -0
  125. package/lib/typescript/credential/issuance/index.d.ts.map +1 -0
  126. package/lib/typescript/credential/presentation/01-start-flow.d.ts +20 -0
  127. package/lib/typescript/credential/presentation/01-start-flow.d.ts.map +1 -0
  128. package/lib/typescript/credential/presentation/02-evaluate-rp-trust.d.ts +18 -0
  129. package/lib/typescript/credential/presentation/02-evaluate-rp-trust.d.ts.map +1 -0
  130. package/lib/typescript/credential/presentation/03-get-request-object.d.ts +25 -0
  131. package/lib/typescript/credential/presentation/03-get-request-object.d.ts.map +1 -0
  132. package/lib/typescript/credential/presentation/04-send-authorization-response.d.ts +34 -0
  133. package/lib/typescript/credential/presentation/04-send-authorization-response.d.ts.map +1 -0
  134. package/lib/typescript/credential/presentation/index.d.ts +7 -0
  135. package/lib/typescript/credential/presentation/index.d.ts.map +1 -0
  136. package/lib/typescript/credential/presentation/types.d.ts +49 -0
  137. package/lib/typescript/credential/presentation/types.d.ts.map +1 -0
  138. package/lib/typescript/index.d.ts +4 -5
  139. package/lib/typescript/index.d.ts.map +1 -1
  140. package/lib/typescript/pid/index.d.ts +1 -2
  141. package/lib/typescript/pid/index.d.ts.map +1 -1
  142. package/lib/typescript/sd-jwt/index.d.ts +2 -2
  143. package/lib/typescript/sd-jwt/index.d.ts.map +1 -1
  144. package/lib/typescript/sd-jwt/types.d.ts +5 -5
  145. package/lib/typescript/trust/chain.d.ts +12 -3
  146. package/lib/typescript/trust/chain.d.ts.map +1 -1
  147. package/lib/typescript/trust/index.d.ts +198 -24
  148. package/lib/typescript/trust/index.d.ts.map +1 -1
  149. package/lib/typescript/trust/types.d.ts +1299 -623
  150. package/lib/typescript/trust/types.d.ts.map +1 -1
  151. package/lib/typescript/utils/crypto.d.ts +1 -1
  152. package/lib/typescript/utils/crypto.d.ts.map +1 -1
  153. package/lib/typescript/utils/dpop.d.ts +2 -2
  154. package/lib/typescript/utils/misc.d.ts +8 -0
  155. package/lib/typescript/utils/misc.d.ts.map +1 -0
  156. package/lib/typescript/utils/par.d.ts +68 -0
  157. package/lib/typescript/utils/par.d.ts.map +1 -0
  158. package/package.json +2 -2
  159. package/src/credential/index.ts +4 -0
  160. package/src/credential/issuance/01-start-flow.ts +10 -0
  161. package/src/credential/issuance/02-evaluate-issuer-trust.ts +31 -0
  162. package/src/credential/issuance/03-start-user-authorization.ts +138 -0
  163. package/src/credential/issuance/04-complete-user-authorization.ts +17 -0
  164. package/src/credential/issuance/05-authorize-access.ts +92 -0
  165. package/src/credential/issuance/06-obtain-credential.ts +179 -0
  166. package/src/credential/issuance/07-confirm-credential.ts +14 -0
  167. package/src/credential/issuance/const.ts +2 -0
  168. package/src/credential/issuance/index.ts +32 -0
  169. package/src/credential/presentation/01-start-flow.ts +51 -0
  170. package/src/credential/presentation/02-evaluate-rp-trust.ts +33 -0
  171. package/src/credential/presentation/03-get-request-object.ts +85 -0
  172. package/src/credential/presentation/04-send-authorization-response.ts +168 -0
  173. package/src/credential/presentation/index.ts +26 -0
  174. package/src/credential/presentation/types.ts +27 -0
  175. package/src/index.ts +7 -28
  176. package/src/pid/index.ts +1 -2
  177. package/src/sd-jwt/index.ts +2 -2
  178. package/src/sd-jwt/types.ts +1 -1
  179. package/src/trust/chain.ts +45 -3
  180. package/src/trust/index.ts +136 -19
  181. package/src/trust/types.ts +57 -35
  182. package/src/utils/crypto.ts +2 -8
  183. package/src/utils/misc.ts +23 -0
  184. package/src/utils/par.ts +103 -0
  185. package/lib/commonjs/pid/issuing.js +0 -276
  186. package/lib/commonjs/pid/issuing.js.map +0 -1
  187. package/lib/commonjs/rp/__test__/index.test.js +0 -172
  188. package/lib/commonjs/rp/__test__/index.test.js.map +0 -1
  189. package/lib/commonjs/rp/index.js +0 -239
  190. package/lib/commonjs/rp/index.js.map +0 -1
  191. package/lib/commonjs/rp/types.js.map +0 -1
  192. package/lib/module/pid/issuing.js +0 -266
  193. package/lib/module/pid/issuing.js.map +0 -1
  194. package/lib/module/rp/__test__/index.test.js +0 -168
  195. package/lib/module/rp/__test__/index.test.js.map +0 -1
  196. package/lib/module/rp/index.js +0 -228
  197. package/lib/module/rp/index.js.map +0 -1
  198. package/lib/module/rp/types.js +0 -36
  199. package/lib/module/rp/types.js.map +0 -1
  200. package/lib/typescript/pid/issuing.d.ts +0 -57
  201. package/lib/typescript/pid/issuing.d.ts.map +0 -1
  202. package/lib/typescript/rp/__test__/index.test.d.ts +0 -2
  203. package/lib/typescript/rp/__test__/index.test.d.ts.map +0 -1
  204. package/lib/typescript/rp/index.d.ts +0 -43
  205. package/lib/typescript/rp/index.d.ts.map +0 -1
  206. package/lib/typescript/rp/types.d.ts +0 -122
  207. package/lib/typescript/rp/types.d.ts.map +0 -1
  208. package/src/pid/issuing.ts +0 -405
  209. package/src/rp/__test__/index.test.ts +0 -250
  210. package/src/rp/index.ts +0 -287
  211. package/src/rp/types.ts +0 -42
@@ -1,276 +0,0 @@
1
- "use strict";
2
-
3
- Object.defineProperty(exports, "__esModule", {
4
- value: true
5
- });
6
- exports.getCredential = exports.authorizeIssuing = void 0;
7
- var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
8
- var _jwk = require("../utils/jwk");
9
- var _reactNativeUuid = _interopRequireDefault(require("react-native-uuid"));
10
- var _errors = require("../utils/errors");
11
- var _dpop = require("../utils/dpop");
12
- var WalletInstanceAttestation = _interopRequireWildcard(require("../wallet-instance-attestation"));
13
- var _2 = require(".");
14
- var _crypto = require("../utils/crypto");
15
- var z = _interopRequireWildcard(require("zod"));
16
- var _decoder = require("../utils/decoder");
17
- function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
18
- function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
19
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
20
- // This is a temporary type that will be used for demo purposes only
21
-
22
- const AuthenticationRequestResponse = z.object({
23
- code: z.string(),
24
- state: z.string(),
25
- // TODO: refine to known paths using literals
26
- iss: z.string()
27
- });
28
- const assertionType = "urn:ietf:params:oauth:client-assertion-type:jwt-client-attestation";
29
-
30
- /**
31
- * Make a PAR request to the PID issuer and return the response url
32
- */
33
- const getPar = _ref => {
34
- let {
35
- wiaCryptoContext,
36
- appFetch = fetch
37
- } = _ref;
38
- return async (clientId, codeVerifier, walletProviderBaseUrl, pidProviderEntityConfiguration, walletInstanceAttestation) => {
39
- // Calculate the thumbprint of the public key of the Wallet Instance Attestation.
40
- // The PAR request token is signed used the Wallet Instance Attestation key.
41
- // The signature can be verified by reading the public key from the key set shippet with the it will ship the Wallet Instance Attestation;
42
- // key is matched by its kid, which is supposed to be the thumbprint of its public key.
43
- const keyThumbprint = await wiaCryptoContext.getPublicKey().then(_jwk.JWK.parse).then(_ioReactNativeJwt.thumbprint);
44
- const iss = WalletInstanceAttestation.decode(walletInstanceAttestation).payload.cnf.jwk.kid;
45
- const codeChallenge = await (0, _ioReactNativeJwt.sha256ToBase64)(codeVerifier);
46
- const signedJwtForPar = await new _ioReactNativeJwt.SignJWT(wiaCryptoContext).setProtectedHeader({
47
- kid: keyThumbprint
48
- }).setPayload({
49
- iss,
50
- aud: pidProviderEntityConfiguration.payload.iss,
51
- jti: `${_reactNativeUuid.default.v4()}`,
52
- client_assertion_type: assertionType,
53
- authorization_details: [{
54
- credential_definition: {
55
- type: "PersonIdentificationData"
56
- },
57
- format: "vc+sd-jwt",
58
- type: "openid_credential"
59
- }],
60
- response_type: "code",
61
- code_challenge_method: "s256",
62
- redirect_uri: walletProviderBaseUrl,
63
- state: `${_reactNativeUuid.default.v4()}`,
64
- client_id: clientId,
65
- code_challenge: codeChallenge
66
- }).setIssuedAt().setExpirationTime("1h").sign();
67
- const parUrl = pidProviderEntityConfiguration.payload.metadata.openid_credential_issuer.pushed_authorization_request_endpoint;
68
- const requestBody = {
69
- response_type: "code",
70
- client_id: clientId,
71
- code_challenge: codeChallenge,
72
- code_challenge_method: "S256",
73
- client_assertion_type: assertionType,
74
- client_assertion: walletInstanceAttestation,
75
- request: signedJwtForPar
76
- };
77
- var formBody = new URLSearchParams(requestBody);
78
- const response = await appFetch(parUrl, {
79
- method: "POST",
80
- headers: {
81
- "Content-Type": "application/x-www-form-urlencoded"
82
- },
83
- body: formBody.toString()
84
- });
85
- if (response.status === 201) {
86
- const result = await response.json();
87
- return result.request_uri;
88
- }
89
- throw new _errors.PidIssuingError(`Unable to obtain PAR. Response code: ${await response.text()}`);
90
- };
91
- };
92
-
93
- /**
94
- * Make an authorization request
95
- */
96
- const getAuthenticationRequest = _ref2 => {
97
- let {
98
- appFetch = fetch
99
- } = _ref2;
100
- return async (clientId, requestUri, pidProviderEntityConfiguration, cieData) => {
101
- const authzRequestEndpoint = pidProviderEntityConfiguration.payload.metadata.openid_credential_issuer.authorization_endpoint;
102
-
103
- /* User's personal data is not supposed to transit in this flow,
104
- * but to be provided to the PID issuer directly by its chosen authentication method (CIE).
105
- * Being the project in an initial phase, and being we were still unable to fully comply with authentication,
106
- * we temporarily provide data from the App's logged user.
107
- * */
108
- const params = new URLSearchParams({
109
- client_id: clientId,
110
- request_uri: requestUri,
111
- name: cieData.name,
112
- surname: cieData.surname,
113
- birth_date: cieData.birthDate,
114
- fiscal_code: cieData.fiscalCode
115
- });
116
- const response = await appFetch(authzRequestEndpoint + "?" + params, {
117
- method: "GET"
118
- });
119
- if (response.status === 200) {
120
- const formData = await response.text();
121
- const {
122
- decodedJwt
123
- } = await (0, _decoder.getJwtFromFormPost)(formData);
124
- const parsed = AuthenticationRequestResponse.parse(decodedJwt.payload);
125
- return parsed;
126
- }
127
- throw new _errors.PidIssuingError(`Unable to obtain Authorization Request. Response code: ${await response.text()}`);
128
- };
129
- };
130
-
131
- /**
132
- * Start the issuing flow by generating an authorization request to the PID Provider. Obtain from the PID Provider an access token to be used to complete the issuing flow.
133
- *
134
- * @param params.wiaCryptoContext The key pair associated with the WIA. Will be use to prove the ownership of the attestation.
135
- * @param params.appFetch (optional) Http client
136
- * @param walletInstanceAttestation Wallet Instance Attestation token.
137
- * @param walletProviderBaseUrl Base url for the Wallet Provider.
138
- * @param pidProviderEntityConfiguration The Entity Configuration of the PID Provider, from which discover public endooints.
139
- * @param cieData Data red from the CIE login process
140
- * @returns The access token along with the values that identify the issuing session.
141
- */
142
- const authorizeIssuing = _ref3 => {
143
- let {
144
- wiaCryptoContext,
145
- appFetch = fetch
146
- } = _ref3;
147
- return async (walletInstanceAttestation, walletProviderBaseUrl, pidProviderEntityConfiguration, cieData) => {
148
- // FIXME: do better
149
- const clientId = await wiaCryptoContext.getPublicKey().then(_ => _.kid);
150
- const codeVerifier = `${_reactNativeUuid.default.v4()}`;
151
- const tokenUrl = pidProviderEntityConfiguration.payload.metadata.openid_credential_issuer.token_endpoint;
152
- const requestUri = await getPar({
153
- wiaCryptoContext,
154
- appFetch
155
- })(clientId, codeVerifier, walletProviderBaseUrl, pidProviderEntityConfiguration, walletInstanceAttestation);
156
- const authenticationRequest = await getAuthenticationRequest({})(clientId, requestUri, pidProviderEntityConfiguration, cieData);
157
- const authorizationCode = authenticationRequest.code;
158
- const signedDPop = await (0, _crypto.useEphemeralKey)(ctx => (0, _dpop.createDPopToken)({
159
- htm: "POST",
160
- htu: tokenUrl,
161
- jti: `${_reactNativeUuid.default.v4()}`
162
- }, ctx));
163
- const requestBody = {
164
- grant_type: "authorization code",
165
- client_id: clientId,
166
- code: authorizationCode,
167
- code_verifier: codeVerifier,
168
- client_assertion_type: assertionType,
169
- client_assertion: walletInstanceAttestation,
170
- redirect_uri: walletProviderBaseUrl
171
- };
172
- var formBody = new URLSearchParams(requestBody);
173
- const response = await appFetch(tokenUrl, {
174
- method: "POST",
175
- headers: {
176
- "Content-Type": "application/x-www-form-urlencoded",
177
- DPoP: signedDPop
178
- },
179
- body: formBody.toString()
180
- });
181
- if (response.status === 200) {
182
- const {
183
- c_nonce,
184
- access_token
185
- } = await response.json();
186
- return {
187
- accessToken: access_token,
188
- nonce: c_nonce,
189
- clientId,
190
- codeVerifier,
191
- authorizationCode,
192
- walletProviderBaseUrl
193
- };
194
- }
195
- throw new _errors.PidIssuingError(`Unable to obtain token. Response code: ${await response.text()}`);
196
- };
197
- };
198
-
199
- /**
200
- * Return the signed jwt for nonce proof of possession
201
- */
202
- exports.authorizeIssuing = authorizeIssuing;
203
- const createNonceProof = async (nonce, issuer, audience, ctx) => {
204
- return new _ioReactNativeJwt.SignJWT(ctx).setPayload({
205
- nonce,
206
- jwk: await ctx.getPublicKey()
207
- }).setProtectedHeader({
208
- type: "openid4vci-proof+jwt"
209
- }).setAudience(audience).setIssuer(issuer).setIssuedAt().setExpirationTime("1h").sign();
210
- };
211
-
212
- /**
213
- * Complete the issuing flow and get the PID credential.
214
- *
215
- * @param params.pidCryptoContext The key pair associated with the PID. Will be use to prove the ownership of the credential.
216
- * @param params.appFetch (optional) Http client
217
- * @param authConf The authorization configuration retrieved with the access token
218
- * @returns The PID credential token
219
- */
220
- const getCredential = _ref4 => {
221
- let {
222
- pidCryptoContext,
223
- appFetch = fetch
224
- } = _ref4;
225
- return async (_ref5, pidProviderEntityConfiguration) => {
226
- let {
227
- nonce,
228
- accessToken,
229
- clientId,
230
- walletProviderBaseUrl
231
- } = _ref5;
232
- const credentialUrl = pidProviderEntityConfiguration.payload.metadata.openid_credential_issuer.credential_endpoint;
233
- const signedDPopForPid = await (0, _dpop.createDPopToken)({
234
- htm: "POST",
235
- htu: credentialUrl,
236
- jti: `${_reactNativeUuid.default.v4()}`
237
- }, pidCryptoContext);
238
- const signedNonceProof = await createNonceProof(nonce, clientId, walletProviderBaseUrl, pidCryptoContext);
239
- const requestBody = {
240
- credential_definition: JSON.stringify({
241
- type: ["PersonIdentificationData"]
242
- }),
243
- format: "vc+sd-jwt",
244
- proof: JSON.stringify({
245
- jwt: signedNonceProof,
246
- proof_type: "jwt"
247
- })
248
- };
249
- const formBody = new URLSearchParams(requestBody);
250
- const response = await appFetch(credentialUrl, {
251
- method: "POST",
252
- headers: {
253
- "Content-Type": "application/x-www-form-urlencoded",
254
- DPoP: signedDPopForPid,
255
- Authorization: accessToken
256
- },
257
- body: formBody.toString()
258
- });
259
- if (response.status === 200) {
260
- const pidResponse = await response.json();
261
- await validatePid(pidResponse.credential, pidCryptoContext);
262
- return pidResponse;
263
- }
264
- throw new _errors.PidIssuingError(`Unable to obtain credential! url=${credentialUrl} status=${response.status} body=${await response.text()}`);
265
- };
266
- };
267
- exports.getCredential = getCredential;
268
- const validatePid = async (pidJwt, pidCryptoContext) => {
269
- const decoded = _2.SdJwt.decode(pidJwt);
270
- const pidKey = await pidCryptoContext.getPublicKey();
271
- const holderBindedKey = decoded.sdJwt.payload.cnf.jwk;
272
- if ((await (0, _ioReactNativeJwt.thumbprint)(pidKey)) !== (await (0, _ioReactNativeJwt.thumbprint)(holderBindedKey))) {
273
- throw new _errors.PidIssuingError(`The obtained pid does not seem to be valid according to your configuration. Your PID public key is: ${JSON.stringify(pidKey)} but PID holder binded key is: ${JSON.stringify(holderBindedKey)}`);
274
- }
275
- };
276
- //# sourceMappingURL=issuing.js.map
@@ -1 +0,0 @@
1
- {"version":3,"names":["_ioReactNativeJwt","require","_jwk","_reactNativeUuid","_interopRequireDefault","_errors","_dpop","WalletInstanceAttestation","_interopRequireWildcard","_2","_crypto","z","_decoder","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","AuthenticationRequestResponse","object","code","string","state","iss","assertionType","getPar","_ref","wiaCryptoContext","appFetch","fetch","clientId","codeVerifier","walletProviderBaseUrl","pidProviderEntityConfiguration","walletInstanceAttestation","keyThumbprint","getPublicKey","then","JWK","parse","thumbprint","decode","payload","cnf","jwk","kid","codeChallenge","sha256ToBase64","signedJwtForPar","SignJWT","setProtectedHeader","setPayload","aud","jti","uuid","v4","client_assertion_type","authorization_details","credential_definition","type","format","response_type","code_challenge_method","redirect_uri","client_id","code_challenge","setIssuedAt","setExpirationTime","sign","parUrl","metadata","openid_credential_issuer","pushed_authorization_request_endpoint","requestBody","client_assertion","request","formBody","URLSearchParams","response","method","headers","body","toString","status","result","json","request_uri","PidIssuingError","text","getAuthenticationRequest","_ref2","requestUri","cieData","authzRequestEndpoint","authorization_endpoint","params","name","surname","birth_date","birthDate","fiscal_code","fiscalCode","formData","decodedJwt","getJwtFromFormPost","parsed","authorizeIssuing","_ref3","_","tokenUrl","token_endpoint","authenticationRequest","authorizationCode","signedDPop","useEphemeralKey","ctx","createDPopToken","htm","htu","grant_type","code_verifier","DPoP","c_nonce","access_token","accessToken","nonce","exports","createNonceProof","issuer","audience","setAudience","setIssuer","getCredential","_ref4","pidCryptoContext","_ref5","credentialUrl","credential_endpoint","signedDPopForPid","signedNonceProof","JSON","stringify","proof","jwt","proof_type","Authorization","pidResponse","validatePid","credential","pidJwt","decoded","SdJwt","pidKey","holderBindedKey","sdJwt"],"sourceRoot":"../../../src","sources":["pid/issuing.ts"],"mappings":";;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AAOA,IAAAC,IAAA,GAAAD,OAAA;AACA,IAAAE,gBAAA,GAAAC,sBAAA,CAAAH,OAAA;AACA,IAAAI,OAAA,GAAAJ,OAAA;AACA,IAAAK,KAAA,GAAAL,OAAA;AAEA,IAAAM,yBAAA,GAAAC,uBAAA,CAAAP,OAAA;AACA,IAAAQ,EAAA,GAAAR,OAAA;AACA,IAAAS,OAAA,GAAAT,OAAA;AAEA,IAAAU,CAAA,GAAAH,uBAAA,CAAAP,OAAA;AACA,IAAAW,QAAA,GAAAX,OAAA;AAAsD,SAAAY,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAN,wBAAAU,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAAA,SAAApB,uBAAAc,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAEtD;;AA2BA,MAAMiB,6BAA6B,GAAGxB,CAAC,CAACyB,MAAM,CAAC;EAC7CC,IAAI,EAAE1B,CAAC,CAAC2B,MAAM,CAAC,CAAC;EAChBC,KAAK,EAAE5B,CAAC,CAAC2B,MAAM,CAAC,CAAC;EAAE;EACnBE,GAAG,EAAE7B,CAAC,CAAC2B,MAAM,CAAC;AAChB,CAAC,CAAC;AAEF,MAAMG,aAAa,GACjB,oEAAoE;;AAEtE;AACA;AACA;AACA,MAAMC,MAAM,GACVC,IAAA;EAAA,IAAC;IACCC,gBAAgB;IAChBC,QAAQ,GAAGC;EAIb,CAAC,GAAAH,IAAA;EAAA,OACD,OACEI,QAAgB,EAChBC,YAAoB,EACpBC,qBAA6B,EAC7BC,8BAAmE,EACnEC,yBAAiC,KACb;IACpB;IACA;IACA;IACA;IACA,MAAMC,aAAa,GAAG,MAAMR,gBAAgB,CACzCS,YAAY,CAAC,CAAC,CACdC,IAAI,CAACC,QAAG,CAACC,KAAK,CAAC,CACfF,IAAI,CAACG,4BAAU,CAAC;IAEnB,MAAMjB,GAAG,GAAGjC,yBAAyB,CAACmD,MAAM,CAACP,yBAAyB,CAAC,CACpEQ,OAAO,CAACC,GAAG,CAACC,GAAG,CAACC,GAAG;IAEtB,MAAMC,aAAa,GAAG,MAAM,IAAAC,gCAAc,EAAChB,YAAY,CAAC;IAExD,MAAMiB,eAAe,GAAG,MAAM,IAAIC,yBAAO,CAACtB,gBAAgB,CAAC,CACxDuB,kBAAkB,CAAC;MAClBL,GAAG,EAAEV;IACP,CAAC,CAAC,CACDgB,UAAU,CAAC;MACV5B,GAAG;MACH6B,GAAG,EAAEnB,8BAA8B,CAACS,OAAO,CAACnB,GAAG;MAC/C8B,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;MACnBC,qBAAqB,EAAEhC,aAAa;MACpCiC,qBAAqB,EAAE,CACrB;QACEC,qBAAqB,EAAE;UACrBC,IAAI,EAAE;QACR,CAAC;QACDC,MAAM,EAAE,WAAW;QACnBD,IAAI,EAAE;MACR,CAAC,CACF;MACDE,aAAa,EAAE,MAAM;MACrBC,qBAAqB,EAAE,MAAM;MAC7BC,YAAY,EAAE/B,qBAAqB;MACnCV,KAAK,EAAG,GAAEgC,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;MACrBS,SAAS,EAAElC,QAAQ;MACnBmC,cAAc,EAAEnB;IAClB,CAAC,CAAC,CACDoB,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,IAAI,CAAC,CAAC;IAET,MAAMC,MAAM,GACVpC,8BAA8B,CAACS,OAAO,CAAC4B,QAAQ,CAACC,wBAAwB,CACrEC,qCAAqC;IAE1C,MAAMC,WAAW,GAAG;MAClBZ,aAAa,EAAE,MAAM;MACrBG,SAAS,EAAElC,QAAQ;MACnBmC,cAAc,EAAEnB,aAAa;MAC7BgB,qBAAqB,EAAE,MAAM;MAC7BN,qBAAqB,EAAEhC,aAAa;MACpCkD,gBAAgB,EAAExC,yBAAyB;MAC3CyC,OAAO,EAAE3B;IACX,CAAC;IAED,IAAI4B,QAAQ,GAAG,IAAIC,eAAe,CAACJ,WAAW,CAAC;IAE/C,MAAMK,QAAQ,GAAG,MAAMlD,QAAQ,CAACyC,MAAM,EAAE;MACtCU,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE;MAClB,CAAC;MACDC,IAAI,EAAEL,QAAQ,CAACM,QAAQ,CAAC;IAC1B,CAAC,CAAC;IAEF,IAAIJ,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAMC,MAAM,GAAG,MAAMN,QAAQ,CAACO,IAAI,CAAC,CAAC;MACpC,OAAOD,MAAM,CAACE,WAAW;IAC3B;IAEA,MAAM,IAAIC,uBAAe,CACtB,wCAAuC,MAAMT,QAAQ,CAACU,IAAI,CAAC,CAAE,EAChE,CAAC;EACH,CAAC;AAAA;;AAEH;AACA;AACA;AACA,MAAMC,wBAAwB,GAC5BC,KAAA;EAAA,IAAC;IAAE9D,QAAQ,GAAGC;EAA2C,CAAC,GAAA6D,KAAA;EAAA,OAC1D,OACE5D,QAAgB,EAChB6D,UAAkB,EAClB1D,8BAAmE,EACnE2D,OAAgB,KAC2B;IAC3C,MAAMC,oBAAoB,GACxB5D,8BAA8B,CAACS,OAAO,CAAC4B,QAAQ,CAACC,wBAAwB,CACrEuB,sBAAsB;;IAE3B;AACJ;AACA;AACA;AACA;IACI,MAAMC,MAAM,GAAG,IAAIlB,eAAe,CAAC;MACjCb,SAAS,EAAElC,QAAQ;MACnBwD,WAAW,EAAEK,UAAU;MACvBK,IAAI,EAAEJ,OAAO,CAACI,IAAI;MAClBC,OAAO,EAAEL,OAAO,CAACK,OAAO;MACxBC,UAAU,EAAEN,OAAO,CAACO,SAAS;MAC7BC,WAAW,EAAER,OAAO,CAACS;IACvB,CAAC,CAAC;IAEF,MAAMvB,QAAQ,GAAG,MAAMlD,QAAQ,CAACiE,oBAAoB,GAAG,GAAG,GAAGE,MAAM,EAAE;MACnEhB,MAAM,EAAE;IACV,CAAC,CAAC;IAEF,IAAID,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAMmB,QAAQ,GAAG,MAAMxB,QAAQ,CAACU,IAAI,CAAC,CAAC;MACtC,MAAM;QAAEe;MAAW,CAAC,GAAG,MAAM,IAAAC,2BAAkB,EAACF,QAAQ,CAAC;MACzD,MAAMG,MAAM,GAAGvF,6BAA6B,CAACqB,KAAK,CAACgE,UAAU,CAAC7D,OAAO,CAAC;MACtE,OAAO+D,MAAM;IACf;IAEA,MAAM,IAAIlB,uBAAe,CACtB,0DAAyD,MAAMT,QAAQ,CAACU,IAAI,CAAC,CAAE,EAClF,CAAC;EACH,CAAC;AAAA;;AAEH;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMkB,gBAAgB,GAC3BC,KAAA;EAAA,IAAC;IACChF,gBAAgB;IAChBC,QAAQ,GAAGC;EAIb,CAAC,GAAA8E,KAAA;EAAA,OACD,OACEzE,yBAAiC,EACjCF,qBAA6B,EAC7BC,8BAAmE,EACnE2D,OAAgB,KACe;IAC/B;IACA,MAAM9D,QAAQ,GAAG,MAAMH,gBAAgB,CAACS,YAAY,CAAC,CAAC,CAACC,IAAI,CAAEuE,CAAC,IAAKA,CAAC,CAAC/D,GAAG,CAAC;IACzE,MAAMd,YAAY,GAAI,GAAEuB,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;IAEnC,MAAMsD,QAAQ,GACZ5E,8BAA8B,CAACS,OAAO,CAAC4B,QAAQ,CAACC,wBAAwB,CACrEuC,cAAc;IAEnB,MAAMnB,UAAU,GAAG,MAAMlE,MAAM,CAAC;MAAEE,gBAAgB;MAAEC;IAAS,CAAC,CAAC,CAC7DE,QAAQ,EACRC,YAAY,EACZC,qBAAqB,EACrBC,8BAA8B,EAC9BC,yBACF,CAAC;IAED,MAAM6E,qBAAqB,GAAG,MAAMtB,wBAAwB,CAAC,CAAC,CAAC,CAAC,CAC9D3D,QAAQ,EACR6D,UAAU,EACV1D,8BAA8B,EAC9B2D,OACF,CAAC;IAED,MAAMoB,iBAAiB,GAAGD,qBAAqB,CAAC3F,IAAI;IAEpD,MAAM6F,UAAU,GAAG,MAAM,IAAAC,uBAAe,EAAEC,GAAG,IAC3C,IAAAC,qBAAe,EACb;MACEC,GAAG,EAAE,MAAM;MACXC,GAAG,EAAET,QAAQ;MACbxD,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE;IACpB,CAAC,EACD4D,GACF,CACF,CAAC;IAED,MAAM1C,WAAW,GAAG;MAClB8C,UAAU,EAAE,oBAAoB;MAChCvD,SAAS,EAAElC,QAAQ;MACnBV,IAAI,EAAE4F,iBAAiB;MACvBQ,aAAa,EAAEzF,YAAY;MAC3ByB,qBAAqB,EAAEhC,aAAa;MACpCkD,gBAAgB,EAAExC,yBAAyB;MAC3C6B,YAAY,EAAE/B;IAChB,CAAC;IACD,IAAI4C,QAAQ,GAAG,IAAIC,eAAe,CAACJ,WAAW,CAAC;IAE/C,MAAMK,QAAQ,GAAG,MAAMlD,QAAQ,CAACiF,QAAQ,EAAE;MACxC9B,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE,mCAAmC;QACnDyC,IAAI,EAAER;MACR,CAAC;MACDhC,IAAI,EAAEL,QAAQ,CAACM,QAAQ,CAAC;IAC1B,CAAC,CAAC;IAEF,IAAIJ,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAM;QAAEuC,OAAO;QAAEC;MAAa,CAAC,GAAG,MAAM7C,QAAQ,CAACO,IAAI,CAAC,CAAC;MACvD,OAAO;QACLuC,WAAW,EAAED,YAAY;QACzBE,KAAK,EAAEH,OAAO;QACd5F,QAAQ;QACRC,YAAY;QACZiF,iBAAiB;QACjBhF;MACF,CAAC;IACH;IAEA,MAAM,IAAIuD,uBAAe,CACtB,0CAAyC,MAAMT,QAAQ,CAACU,IAAI,CAAC,CAAE,EAClE,CAAC;EACH,CAAC;AAAA;;AAEH;AACA;AACA;AAFAsC,OAAA,CAAApB,gBAAA,GAAAA,gBAAA;AAGA,MAAMqB,gBAAgB,GAAG,MAAAA,CACvBF,KAAa,EACbG,MAAc,EACdC,QAAgB,EAChBd,GAAkB,KACE;EACpB,OAAO,IAAIlE,yBAAO,CAACkE,GAAG,CAAC,CACpBhE,UAAU,CAAC;IACV0E,KAAK;IACLjF,GAAG,EAAE,MAAMuE,GAAG,CAAC/E,YAAY,CAAC;EAC9B,CAAC,CAAC,CACDc,kBAAkB,CAAC;IAClBS,IAAI,EAAE;EACR,CAAC,CAAC,CACDuE,WAAW,CAACD,QAAQ,CAAC,CACrBE,SAAS,CAACH,MAAM,CAAC,CACjB9D,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,IAAI,CAAC,CAAC;AACX,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMgE,aAAa,GACxBC,KAAA;EAAA,IAAC;IACCC,gBAAgB;IAChB1G,QAAQ,GAAGC;EAIb,CAAC,GAAAwG,KAAA;EAAA,OACD,OAAAE,KAAA,EAEEtG,8BAAmE,KAC1C;IAAA,IAFzB;MAAE4F,KAAK;MAAED,WAAW;MAAE9F,QAAQ;MAAEE;IAAyC,CAAC,GAAAuG,KAAA;IAG1E,MAAMC,aAAa,GACjBvG,8BAA8B,CAACS,OAAO,CAAC4B,QAAQ,CAACC,wBAAwB,CACrEkE,mBAAmB;IAExB,MAAMC,gBAAgB,GAAG,MAAM,IAAAtB,qBAAe,EAC5C;MACEC,GAAG,EAAE,MAAM;MACXC,GAAG,EAAEkB,aAAa;MAClBnF,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE;IACpB,CAAC,EACD+E,gBACF,CAAC;IAED,MAAMK,gBAAgB,GAAG,MAAMZ,gBAAgB,CAC7CF,KAAK,EACL/F,QAAQ,EACRE,qBAAqB,EACrBsG,gBACF,CAAC;IAED,MAAM7D,WAAW,GAAG;MAClBf,qBAAqB,EAAEkF,IAAI,CAACC,SAAS,CAAC;QACpClF,IAAI,EAAE,CAAC,0BAA0B;MACnC,CAAC,CAAC;MACFC,MAAM,EAAE,WAAW;MACnBkF,KAAK,EAAEF,IAAI,CAACC,SAAS,CAAC;QACpBE,GAAG,EAAEJ,gBAAgB;QACrBK,UAAU,EAAE;MACd,CAAC;IACH,CAAC;IACD,MAAMpE,QAAQ,GAAG,IAAIC,eAAe,CAACJ,WAAW,CAAC;IAEjD,MAAMK,QAAQ,GAAG,MAAMlD,QAAQ,CAAC4G,aAAa,EAAE;MAC7CzD,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE,mCAAmC;QACnDyC,IAAI,EAAEiB,gBAAgB;QACtBO,aAAa,EAAErB;MACjB,CAAC;MACD3C,IAAI,EAAEL,QAAQ,CAACM,QAAQ,CAAC;IAC1B,CAAC,CAAC;IAEF,IAAIJ,QAAQ,CAACK,MAAM,KAAK,GAAG,EAAE;MAC3B,MAAM+D,WAAW,GAAI,MAAMpE,QAAQ,CAACO,IAAI,CAAC,CAAiB;MAC1D,MAAM8D,WAAW,CAACD,WAAW,CAACE,UAAU,EAAEd,gBAAgB,CAAC;MAC3D,OAAOY,WAAW;IACpB;IAEA,MAAM,IAAI3D,uBAAe,CACtB,oCAAmCiD,aAAc,WAChD1D,QAAQ,CAACK,MACV,SAAQ,MAAML,QAAQ,CAACU,IAAI,CAAC,CAAE,EACjC,CAAC;EACH,CAAC;AAAA;AAACsC,OAAA,CAAAM,aAAA,GAAAA,aAAA;AAEJ,MAAMe,WAAW,GAAG,MAAAA,CAAOE,MAAc,EAAEf,gBAA+B,KAAK;EAC7E,MAAMgB,OAAO,GAAGC,QAAK,CAAC9G,MAAM,CAAC4G,MAAM,CAAC;EACpC,MAAMG,MAAM,GAAG,MAAMlB,gBAAgB,CAAClG,YAAY,CAAC,CAAC;EACpD,MAAMqH,eAAe,GAAGH,OAAO,CAACI,KAAK,CAAChH,OAAO,CAACC,GAAG,CAACC,GAAG;EAErD,IAAI,CAAC,MAAM,IAAAJ,4BAAU,EAACgH,MAAM,CAAC,OAAO,MAAM,IAAAhH,4BAAU,EAACiH,eAAe,CAAC,CAAC,EAAE;IACtE,MAAM,IAAIlE,uBAAe,CACtB,uGAAsGqD,IAAI,CAACC,SAAS,CACnHW,MACF,CAAE,kCAAiCZ,IAAI,CAACC,SAAS,CAACY,eAAe,CAAE,EACrE,CAAC;EACH;AACF,CAAC"}
@@ -1,172 +0,0 @@
1
- "use strict";
2
-
3
- var _types = require("../../trust/types");
4
- var RelyingPartySolution = _interopRequireWildcard(require(".."));
5
- var _errors = require("../../utils/errors");
6
- function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
7
- function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
8
- describe("decodeAuthRequestQR", () => {
9
- it("should return authentication request URL", async () => {
10
- const qrcode = "ZXVkaXc6Ly9hdXRob3JpemU/Y2xpZW50X2lkPWh0dHBzOi8vdmVyaWZpZXIuZXhhbXBsZS5vcmcmcmVxdWVzdF91cmk9aHR0cHM6Ly92ZXJpZmllci5leGFtcGxlLm9yZy9yZXF1ZXN0X3VyaQ==";
11
- const result = RelyingPartySolution.decodeAuthRequestQR(qrcode);
12
- expect(result.requestURI).toEqual("https://verifier.example.org/request_uri");
13
- });
14
- it("should throw exception with invalid QR", async () => {
15
- const qrcode = "aHR0cDovL2dvb2dsZS5pdA==";
16
- expect(() => RelyingPartySolution.decodeAuthRequestQR(qrcode)).toThrowError(_errors.AuthRequestDecodeError);
17
- });
18
- });
19
- describe("RpEntityConfiguration", () => {
20
- it("should parse a valid conf", async () => {
21
- const pp = {
22
- header: {
23
- alg: "RS256",
24
- kid: "9Cquk0X-fNPSdePQIgQcQZtD6J0IjIRrFigW2PPK_-w",
25
- typ: "entity-statement+jwt"
26
- },
27
- payload: {
28
- exp: 1692625747,
29
- iat: 1692625387,
30
- iss: "https://demo.proxy.eudi.wallet.developers.italia.it/OpenID4VP",
31
- sub: "https://demo.proxy.eudi.wallet.developers.italia.it/OpenID4VP",
32
- jwks: {
33
- keys: [{
34
- kty: "RSA",
35
- kid: "9Cquk0X-fNPSdePQIgQcQZtD6J0IjIRrFigW2PPK_-w",
36
- e: "AQAB",
37
- n: "utqtxbs-jnK0cPsV7aRkkZKA9t4S-WSZa3nCZtYIKDpgLnR_qcpeF0diJZvKOqXmj2cXaKFUE-8uHKAHo7BL7T-Rj2x3vGESh7SG1pE0thDGlXj4yNsg0qNvCXtk703L2H3i1UXwx6nq1uFxD2EcOE4a6qDYBI16Zl71TUZktJwmOejoHl16CPWqDLGo9GUSk_MmHOV20m4wXWkB4qbvpWVY8H6b2a0rB1B1YPOs5ZLYarSYZgjDEg6DMtZ4NgiwZ-4N1aaLwyO-GLwt9Vf-NBKwoxeRyD3zWE2FXRFBbhKGksMrCGnFDsNl5JTlPjaM3kYyImE941ggcuc495m-Fw"
38
- }]
39
- },
40
- metadata: {
41
- federation_entity: {
42
- organization_name: "wallet-provider",
43
- homepage_uri: "https://wallet-provider.example",
44
- policy_uri: "https://wallet-provider.example",
45
- logo_uri: "https://wallet-provider.example",
46
- contacts: ["https://wallet-provider.example"]
47
- },
48
- wallet_relying_party: {
49
- application_type: "web",
50
- authorization_encrypted_response_alg: ["RSA-OAEP", "RSA-OAEP-256", "ECDH-ES", "ECDH-ES+A128KW", "ECDH-ES+A192KW", "ECDH-ES+A256KW"],
51
- authorization_encrypted_response_enc: ["A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512", "A128GCM", "A192GCM", "A256GCM"],
52
- authorization_signed_response_alg: ["RS256", "RS384", "RS512", "ES256", "ES384", "ES512"],
53
- client_id: "https://demo.proxy.eudi.wallet.developers.italia.it/OpenID4VP",
54
- client_name: "Name of an example organization",
55
- contacts: ["ops@verifier.example.org"],
56
- default_acr_values: ["https://www.spid.gov.it/SpidL2", "https://www.spid.gov.it/SpidL3"],
57
- default_max_age: 1111,
58
- id_token_encrypted_response_alg: ["RSA-OAEP", "RSA-OAEP-256", "ECDH-ES", "ECDH-ES+A128KW", "ECDH-ES+A192KW", "ECDH-ES+A256KW"],
59
- id_token_encrypted_response_enc: ["A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512", "A128GCM", "A192GCM", "A256GCM"],
60
- id_token_signed_response_alg: ["RS256", "RS384", "RS512", "ES256", "ES384", "ES512"],
61
- presentation_definitions: [{
62
- id: "pid-sd-jwt:unique_id+given_name+family_name",
63
- input_descriptors: [{
64
- id: "pid-sd-jwt:unique_id+given_name+family_name",
65
- format: {
66
- constraints: {
67
- fields: [{
68
- filter: {
69
- const: "PersonIdentificationData",
70
- type: "string"
71
- },
72
- path: ["$.sd-jwt.type"]
73
- }, {
74
- filter: {
75
- type: "object"
76
- },
77
- path: ["$.sd-jwt.cnf"]
78
- }, {
79
- intent_to_retain: "true",
80
- path: ["$.sd-jwt.family_name"]
81
- }, {
82
- intent_to_retain: "true",
83
- path: ["$.sd-jwt.given_name"]
84
- }, {
85
- intent_to_retain: "true",
86
- path: ["$.sd-jwt.unique_id"]
87
- }],
88
- limit_disclosure: "required"
89
- },
90
- jwt: {
91
- alg: ["EdDSA", "ES256"]
92
- }
93
- }
94
- }]
95
- }, {
96
- id: "mDL-sample-req",
97
- input_descriptors: [{
98
- format: {
99
- constraints: {
100
- fields: [{
101
- filter: {
102
- const: "org.iso.18013.5.1.mDL",
103
- type: "string"
104
- },
105
- path: ["$.mdoc.doctype"]
106
- }, {
107
- filter: {
108
- const: "org.iso.18013.5.1",
109
- type: "string"
110
- },
111
- path: ["$.mdoc.namespace"]
112
- }, {
113
- intent_to_retain: "false",
114
- path: ["$.mdoc.family_name"]
115
- }, {
116
- intent_to_retain: "false",
117
- path: ["$.mdoc.portrait"]
118
- }, {
119
- intent_to_retain: "false",
120
- path: ["$.mdoc.driving_privileges"]
121
- }],
122
- limit_disclosure: "required"
123
- },
124
- mso_mdoc: {
125
- alg: ["EdDSA", "ES256"]
126
- }
127
- },
128
- id: "mDL"
129
- }]
130
- }],
131
- redirect_uris: ["https://demo.proxy.eudi.wallet.developers.italia.it/OpenID4VP/redirect-uri"],
132
- request_uris: ["https://demo.proxy.eudi.wallet.developers.italia.it/OpenID4VP/request-uri"],
133
- require_auth_time: true,
134
- subject_type: "pairwise",
135
- vp_formats: {
136
- jwt_vp_json: {
137
- alg: ["EdDSA", "ES256K"]
138
- }
139
- },
140
- jwks: {
141
- keys: [{
142
- crv: "P-256",
143
- d: "KzQBowMMoPmSZe7G8QsdEWc1IvR2nsgE8qTOYmMcLtc",
144
- kid: "dDwPWXz5sCtczj7CJbqgPGJ2qQ83gZ9Sfs-tJyULi6s",
145
- use: "sig",
146
- kty: "EC",
147
- x: "TSO-KOqdnUj5SUuasdlRB2VVFSqtJOxuR5GftUTuBdk",
148
- y: "ByWgQt1wGBSnF56jQqLdoO1xKUynMY-BHIDB3eXlR7"
149
- }, {
150
- kty: "RSA",
151
- d: "QUZsh1NqvpueootsdSjFQz-BUvxwd3Qnzm5qNb-WeOsvt3rWMEv0Q8CZrla2tndHTJhwioo1U4NuQey7znijhZ177bUwPPxSW1r68dEnL2U74nKwwoYeeMdEXnUfZSPxzs7nY6b7vtyCoA-AjiVYFOlgKNAItspv1HxeyGCLhLYhKvS_YoTdAeLuegETU5D6K1xGQIuw0nS13Icjz79Y8jC10TX4FdZwdX-NmuIEDP5-s95V9DMENtVqJAVE3L-wO-NdDilyjyOmAbntgsCzYVGH9U3W_djh4t3qVFCv3r0S-DA2FD3THvlrFi655L0QHR3gu_Fbj3b9Ybtajpue_Q",
152
- e: "AQAB",
153
- use: "enc",
154
- kid: "9Cquk0X-fNPSdePQIgQcQZtD6J0IjIRrFigW2PPK_-w",
155
- n: "utqtxbs-jnK0cPsV7aRkkZKA9t4S-WSZa3nCZtYIKDpgLnR_qcpeF0diJZvKOqXmj2cXaKFUE-8uHKAHo7BL7T-Rj2x3vGESh7SG1pE0thDGlXj4yNsg0qNvCXtk703L2H3i1UXwx6nq1uFxD2EcOE4a6qDYBI16Zl71TUZktJwmOejoHl16CPWqDLGo9GUSk_MmHOV20m4wXWkB4qbvpWVY8H6b2a0rB1B1YPOs5ZLYarSYZgjDEg6DMtZ4NgiwZ-4N1aaLwyO-GLwt9Vf-NBKwoxeRyD3zWE2FXRFBbhKGksMrCGnFDsNl5JTlPjaM3kYyImE941ggcuc495m-Fw",
156
- p: "2zmGXIMCEHPphw778YjVTar1eycih6fFSJ4I4bl1iq167GqO0PjlOx6CZ1-OdBTVU7HfrYRiUK_BnGRdPDn-DQghwwkB79ZdHWL14wXnpB5y-boHz_LxvjsEqXtuQYcIkidOGaMG68XNT1nM4F9a8UKFr5hHYT5_UIQSwsxlRQ0",
157
- q: "2jMFt2iFrdaYabdXuB4QMboVjPvbLA-IVb6_0hSG_-EueGBvgcBxdFGIZaG6kqHqlB7qMsSzdptU0vn6IgmCZnX-Hlt6c5X7JB_q91PZMLTO01pbZ2Bk58GloalCHnw_mjPh0YPviH5jGoWM5RHyl_HDDMI-UeLkzP7ImxGizrM"
158
- }]
159
- }
160
- }
161
- },
162
- authority_hints: ["https://demo.federation.eudi.wallet.developers.italia.it"]
163
- }
164
- };
165
- const result = _types.RelyingPartyEntityConfiguration.safeParse(pp);
166
- if (result.success === false) {
167
- throw result.error;
168
- }
169
- expect(result.success).toBe(true);
170
- });
171
- });
172
- //# sourceMappingURL=index.test.js.map
@@ -1 +0,0 @@
1
- {"version":3,"names":["_types","require","RelyingPartySolution","_interopRequireWildcard","_errors","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","describe","it","qrcode","result","decodeAuthRequestQR","expect","requestURI","toEqual","toThrowError","AuthRequestDecodeError","pp","header","alg","kid","typ","payload","exp","iat","iss","sub","jwks","keys","kty","e","n","metadata","federation_entity","organization_name","homepage_uri","policy_uri","logo_uri","contacts","wallet_relying_party","application_type","authorization_encrypted_response_alg","authorization_encrypted_response_enc","authorization_signed_response_alg","client_id","client_name","default_acr_values","default_max_age","id_token_encrypted_response_alg","id_token_encrypted_response_enc","id_token_signed_response_alg","presentation_definitions","id","input_descriptors","format","constraints","fields","filter","const","type","path","intent_to_retain","limit_disclosure","jwt","mso_mdoc","redirect_uris","request_uris","require_auth_time","subject_type","vp_formats","jwt_vp_json","crv","d","use","x","y","p","q","authority_hints","RelyingPartyEntityConfiguration","safeParse","success","error","toBe"],"sourceRoot":"../../../../src","sources":["rp/__test__/index.test.ts"],"mappings":";;AAAA,IAAAA,MAAA,GAAAC,OAAA;AACA,IAAAC,oBAAA,GAAAC,uBAAA,CAAAF,OAAA;AACA,IAAAG,OAAA,GAAAH,OAAA;AAA4D,SAAAI,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAH,wBAAAO,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAE5DW,QAAQ,CAAC,qBAAqB,EAAE,MAAM;EACpCC,EAAE,CAAC,0CAA0C,EAAE,YAAY;IACzD,MAAMC,MAAM,GACV,sJAAsJ;IACxJ,MAAMC,MAAM,GAAG5B,oBAAoB,CAAC6B,mBAAmB,CAACF,MAAM,CAAC;IAC/DG,MAAM,CAACF,MAAM,CAACG,UAAU,CAAC,CAACC,OAAO,CAC/B,0CACF,CAAC;EACH,CAAC,CAAC;EACFN,EAAE,CAAC,wCAAwC,EAAE,YAAY;IACvD,MAAMC,MAAM,GAAG,0BAA0B;IACzCG,MAAM,CAAC,MAAM9B,oBAAoB,CAAC6B,mBAAmB,CAACF,MAAM,CAAC,CAAC,CAACM,YAAY,CACzEC,8BACF,CAAC;EACH,CAAC,CAAC;AACJ,CAAC,CAAC;AAEFT,QAAQ,CAAC,uBAAuB,EAAE,MAAM;EACtCC,EAAE,CAAC,2BAA2B,EAAE,YAAY;IAC1C,MAAMS,EAAE,GAAG;MACTC,MAAM,EAAE;QACNC,GAAG,EAAE,OAAO;QACZC,GAAG,EAAE,6CAA6C;QAClDC,GAAG,EAAE;MACP,CAAC;MACDC,OAAO,EAAE;QACPC,GAAG,EAAE,UAAU;QACfC,GAAG,EAAE,UAAU;QACfC,GAAG,EAAE,+DAA+D;QACpEC,GAAG,EAAE,+DAA+D;QACpEC,IAAI,EAAE;UACJC,IAAI,EAAE,CACJ;YACEC,GAAG,EAAE,KAAK;YACVT,GAAG,EAAE,6CAA6C;YAClDU,CAAC,EAAE,MAAM;YACTC,CAAC,EAAE;UACL,CAAC;QAEL,CAAC;QACDC,QAAQ,EAAE;UACRC,iBAAiB,EAAE;YACjBC,iBAAiB,EAAE,iBAAiB;YACpCC,YAAY,EAAE,iCAAiC;YAC/CC,UAAU,EAAE,iCAAiC;YAC7CC,QAAQ,EAAE,iCAAiC;YAC3CC,QAAQ,EAAE,CAAC,iCAAiC;UAC9C,CAAC;UACDC,oBAAoB,EAAE;YACpBC,gBAAgB,EAAE,KAAK;YACvBC,oCAAoC,EAAE,CACpC,UAAU,EACV,cAAc,EACd,SAAS,EACT,gBAAgB,EAChB,gBAAgB,EAChB,gBAAgB,CACjB;YACDC,oCAAoC,EAAE,CACpC,eAAe,EACf,eAAe,EACf,eAAe,EACf,SAAS,EACT,SAAS,EACT,SAAS,CACV;YACDC,iCAAiC,EAAE,CACjC,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,CACR;YACDC,SAAS,EACP,+DAA+D;YACjEC,WAAW,EAAE,iCAAiC;YAC9CP,QAAQ,EAAE,CAAC,0BAA0B,CAAC;YACtCQ,kBAAkB,EAAE,CAClB,gCAAgC,EAChC,gCAAgC,CACjC;YACDC,eAAe,EAAE,IAAI;YACrBC,+BAA+B,EAAE,CAC/B,UAAU,EACV,cAAc,EACd,SAAS,EACT,gBAAgB,EAChB,gBAAgB,EAChB,gBAAgB,CACjB;YACDC,+BAA+B,EAAE,CAC/B,eAAe,EACf,eAAe,EACf,eAAe,EACf,SAAS,EACT,SAAS,EACT,SAAS,CACV;YACDC,4BAA4B,EAAE,CAC5B,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,CACR;YACDC,wBAAwB,EAAE,CACxB;cACEC,EAAE,EAAE,6CAA6C;cACjDC,iBAAiB,EAAE,CACjB;gBACED,EAAE,EAAE,6CAA6C;gBACjDE,MAAM,EAAE;kBACNC,WAAW,EAAE;oBACXC,MAAM,EAAE,CACN;sBACEC,MAAM,EAAE;wBACNC,KAAK,EAAE,0BAA0B;wBACjCC,IAAI,EAAE;sBACR,CAAC;sBACDC,IAAI,EAAE,CAAC,eAAe;oBACxB,CAAC,EACD;sBACEH,MAAM,EAAE;wBACNE,IAAI,EAAE;sBACR,CAAC;sBACDC,IAAI,EAAE,CAAC,cAAc;oBACvB,CAAC,EACD;sBACEC,gBAAgB,EAAE,MAAM;sBACxBD,IAAI,EAAE,CAAC,sBAAsB;oBAC/B,CAAC,EACD;sBACEC,gBAAgB,EAAE,MAAM;sBACxBD,IAAI,EAAE,CAAC,qBAAqB;oBAC9B,CAAC,EACD;sBACEC,gBAAgB,EAAE,MAAM;sBACxBD,IAAI,EAAE,CAAC,oBAAoB;oBAC7B,CAAC,CACF;oBACDE,gBAAgB,EAAE;kBACpB,CAAC;kBACDC,GAAG,EAAE;oBACH5C,GAAG,EAAE,CAAC,OAAO,EAAE,OAAO;kBACxB;gBACF;cACF,CAAC;YAEL,CAAC,EACD;cACEiC,EAAE,EAAE,gBAAgB;cACpBC,iBAAiB,EAAE,CACjB;gBACEC,MAAM,EAAE;kBACNC,WAAW,EAAE;oBACXC,MAAM,EAAE,CACN;sBACEC,MAAM,EAAE;wBACNC,KAAK,EAAE,uBAAuB;wBAC9BC,IAAI,EAAE;sBACR,CAAC;sBACDC,IAAI,EAAE,CAAC,gBAAgB;oBACzB,CAAC,EACD;sBACEH,MAAM,EAAE;wBACNC,KAAK,EAAE,mBAAmB;wBAC1BC,IAAI,EAAE;sBACR,CAAC;sBACDC,IAAI,EAAE,CAAC,kBAAkB;oBAC3B,CAAC,EACD;sBACEC,gBAAgB,EAAE,OAAO;sBACzBD,IAAI,EAAE,CAAC,oBAAoB;oBAC7B,CAAC,EACD;sBACEC,gBAAgB,EAAE,OAAO;sBACzBD,IAAI,EAAE,CAAC,iBAAiB;oBAC1B,CAAC,EACD;sBACEC,gBAAgB,EAAE,OAAO;sBACzBD,IAAI,EAAE,CAAC,2BAA2B;oBACpC,CAAC,CACF;oBACDE,gBAAgB,EAAE;kBACpB,CAAC;kBACDE,QAAQ,EAAE;oBACR7C,GAAG,EAAE,CAAC,OAAO,EAAE,OAAO;kBACxB;gBACF,CAAC;gBACDiC,EAAE,EAAE;cACN,CAAC;YAEL,CAAC,CACF;YACDa,aAAa,EAAE,CACb,4EAA4E,CAC7E;YACDC,YAAY,EAAE,CACZ,2EAA2E,CAC5E;YACDC,iBAAiB,EAAE,IAAI;YACvBC,YAAY,EAAE,UAAU;YACxBC,UAAU,EAAE;cACVC,WAAW,EAAE;gBACXnD,GAAG,EAAE,CAAC,OAAO,EAAE,QAAQ;cACzB;YACF,CAAC;YACDQ,IAAI,EAAE;cACJC,IAAI,EAAE,CACJ;gBACE2C,GAAG,EAAE,OAAO;gBACZC,CAAC,EAAE,6CAA6C;gBAChDpD,GAAG,EAAE,6CAA6C;gBAClDqD,GAAG,EAAE,KAAK;gBACV5C,GAAG,EAAE,IAAI;gBACT6C,CAAC,EAAE,6CAA6C;gBAChDC,CAAC,EAAE;cACL,CAAC,EACD;gBACE9C,GAAG,EAAE,KAAK;gBACV2C,CAAC,EAAE,wVAAwV;gBAC3V1C,CAAC,EAAE,MAAM;gBACT2C,GAAG,EAAE,KAAK;gBACVrD,GAAG,EAAE,6CAA6C;gBAClDW,CAAC,EAAE,wVAAwV;gBAC3V6C,CAAC,EAAE,6KAA6K;gBAChLC,CAAC,EAAE;cACL,CAAC;YAEL;UACF;QACF,CAAC;QACDC,eAAe,EAAE,CACf,0DAA0D;MAE9D;IACF,CAAC;IACD,MAAMpE,MAAM,GAAGqE,sCAA+B,CAACC,SAAS,CAAC/D,EAAE,CAAC;IAC5D,IAAIP,MAAM,CAACuE,OAAO,KAAK,KAAK,EAAE;MAC5B,MAAMvE,MAAM,CAACwE,KAAK;IACpB;IACAtE,MAAM,CAACF,MAAM,CAACuE,OAAO,CAAC,CAACE,IAAI,CAAC,IAAI,CAAC;EACnC,CAAC,CAAC;AACJ,CAAC,CAAC"}