@pagopa/io-react-native-wallet 1.2.3 → 1.2.4

package/lib/module/credential/presentation/01-start-flow.js

@@ -1,11 +1,8 @@
 import * as z from "zod";
-import { InvalidQRCodeError } from "./errors";
-const QRCodePayload = z.object({
-  protocol: z.string(),
-  resource: z.string(),
-  // TODO: refine to known paths using literals
-  clientId: z.string(),
-  requestURI: z.string()
+import { ValidationFailed } from "../../utils/errors";
+const PresentationParams = z.object({
+  clientId: z.string().nonempty(),
+  requestUri: z.string().url()
 });
 
 /**
@@ -17,37 +14,24 @@ const QRCodePayload = z.object({
  */
 
 /**
- * Start a presentation flow by decoding an incoming QR-code
+ * Start a presentation flow by decoding the parameters needed to start the presentation flow.
  *
  * @param qrcode The encoded QR-code content
  * @returns The url for the Relying Party to connect with
  * @throws If the provided qr code fails to be decoded
  */
-export const startFlowFromQR = qrcode => {
-  let decodedUrl;
-  try {
-    var _originalQrCode$;
-    // splitting qrcode to identify which is link format
-    const originalQrCode = qrcode.split("://");
-    const replacedQrcode = (_originalQrCode$ = originalQrCode[1]) !== null && _originalQrCode$ !== void 0 && _originalQrCode$.startsWith("?") ? qrcode.replace(`${originalQrCode[0]}://`, "https://wallet.example/") : qrcode;
-    decodedUrl = new URL(replacedQrcode);
-  } catch (error) {
-    throw new InvalidQRCodeError(`Failed to decode QR code:  ${qrcode}`);
-  }
-  const protocol = decodedUrl.protocol;
-  const resource = decodedUrl.hostname;
-  const requestURI = decodedUrl.searchParams.get("request_uri");
-  const clientId = decodedUrl.searchParams.get("client_id");
-  const result = QRCodePayload.safeParse({
-    protocol,
-    resource,
-    requestURI,
+export const startFlowFromQR = (requestUri, clientId) => {
+  const result = PresentationParams.safeParse({
+    requestUri,
     clientId
   });
   if (result.success) {
     return result.data;
   } else {
-    throw new InvalidQRCodeError(`${result.error.message}, ${decodedUrl}`);
+    throw new ValidationFailed({
+      message: "Invalid parameters provided",
+      reason: result.error.message
+    });
   }
 };
 //# sourceMappingURL=01-start-flow.js.map

package/lib/module/credential/presentation/01-start-flow.js.map

@@ -1 +1 @@
-{"version":3,"names":["z","InvalidQRCodeError","QRCodePayload","object","protocol","string","resource","clientId","requestURI","startFlowFromQR","qrcode","decodedUrl","_originalQrCode$","originalQrCode","split","replacedQrcode","startsWith","replace","URL","error","hostname","searchParams","get","result","safeParse","success","data","message"],"sourceRoot":"../../../../src","sources":["credential/presentation/01-start-flow.ts"],"mappings":"AAAA,OAAO,KAAKA,CAAC,MAAM,KAAK;AACxB,SAASC,kBAAkB,QAAQ,UAAU;AAE7C,MAAMC,aAAa,GAAGF,CAAC,CAACG,MAAM,CAAC;EAC7BC,QAAQ,EAAEJ,CAAC,CAACK,MAAM,CAAC,CAAC;EACpBC,QAAQ,EAAEN,CAAC,CAACK,MAAM,CAAC,CAAC;EAAE;EACtBE,QAAQ,EAAEP,CAAC,CAACK,MAAM,CAAC,CAAC;EACpBG,UAAU,EAAER,CAAC,CAACK,MAAM,CAAC;AACvB,CAAC,CAAC;;AAEF;AACA;AACA;AACA;AACA;AACA;AACA;;AAMA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMI,eAAoC,GAAIC,MAAM,IAAK;EAC9D,IAAIC,UAAe;EACnB,IAAI;IAAA,IAAAC,gBAAA;IACF;IACA,MAAMC,cAAc,GAAGH,MAAM,CAACI,KAAK,CAAC,KAAK,CAAC;IAC1C,MAAMC,cAAc,GAAG,CAAAH,gBAAA,GAAAC,cAAc,CAAC,CAAC,CAAC,cAAAD,gBAAA,eAAjBA,gBAAA,CAAmBI,UAAU,CAAC,GAAG,CAAC,GACrDN,MAAM,CAACO,OAAO,CAAE,GAAEJ,cAAc,CAAC,CAAC,CAAE,KAAI,EAAE,yBAAyB,CAAC,GACpEH,MAAM;IAEVC,UAAU,GAAG,IAAIO,GAAG,CAACH,cAAc,CAAC;EACtC,CAAC,CAAC,OAAOI,KAAK,EAAE;IACd,MAAM,IAAIlB,kBAAkB,CAAE,8BAA6BS,MAAO,EAAC,CAAC;EACtE;EAEA,MAAMN,QAAQ,GAAGO,UAAU,CAACP,QAAQ;EACpC,MAAME,QAAQ,GAAGK,UAAU,CAACS,QAAQ;EACpC,MAAMZ,UAAU,GAAGG,UAAU,CAACU,YAAY,CAACC,GAAG,CAAC,aAAa,CAAC;EAC7D,MAAMf,QAAQ,GAAGI,UAAU,CAACU,YAAY,CAACC,GAAG,CAAC,WAAW,CAAC;EAEzD,MAAMC,MAAM,GAAGrB,aAAa,CAACsB,SAAS,CAAC;IACrCpB,QAAQ;IACRE,QAAQ;IACRE,UAAU;IACVD;EACF,CAAC,CAAC;EAEF,IAAIgB,MAAM,CAACE,OAAO,EAAE;IAClB,OAAOF,MAAM,CAACG,IAAI;EACpB,CAAC,MAAM;IACL,MAAM,IAAIzB,kBAAkB,CAAE,GAAEsB,MAAM,CAACJ,KAAK,CAACQ,OAAQ,KAAIhB,UAAW,EAAC,CAAC;EACxE;AACF,CAAC"}
+{"version":3,"names":["z","ValidationFailed","PresentationParams","object","clientId","string","nonempty","requestUri","url","startFlowFromQR","result","safeParse","success","data","message","reason","error"],"sourceRoot":"../../../../src","sources":["credential/presentation/01-start-flow.ts"],"mappings":"AAAA,OAAO,KAAKA,CAAC,MAAM,KAAK;AACxB,SAASC,gBAAgB,QAAQ,oBAAoB;AAErD,MAAMC,kBAAkB,GAAGF,CAAC,CAACG,MAAM,CAAC;EAClCC,QAAQ,EAAEJ,CAAC,CAACK,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EAC/BC,UAAU,EAAEP,CAAC,CAACK,MAAM,CAAC,CAAC,CAACG,GAAG,CAAC;AAC7B,CAAC,CAAC;;AAEF;AACA;AACA;AACA;AACA;AACA;AACA;;AAMA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMC,eAA4C,GAAGA,CAC1DF,UAAkB,EAClBH,QAAgB,KACb;EACH,MAAMM,MAAM,GAAGR,kBAAkB,CAACS,SAAS,CAAC;IAC1CJ,UAAU;IACVH;EACF,CAAC,CAAC;EAEF,IAAIM,MAAM,CAACE,OAAO,EAAE;IAClB,OAAOF,MAAM,CAACG,IAAI;EACpB,CAAC,MAAM;IACL,MAAM,IAAIZ,gBAAgB,CAAC;MACzBa,OAAO,EAAE,6BAA6B;MACtCC,MAAM,EAAEL,MAAM,CAACM,KAAK,CAACF;IACvB,CAAC,CAAC;EACJ;AACF,CAAC"}

package/lib/module/credential/presentation/04-retrieve-rp-jwks.js

@@ -2,6 +2,8 @@ import { JWKS, JWK } from "../../utils/jwk";
 import { hasStatusOrThrow } from "../../utils/misc";
 import { decode as decodeJwt } from "@pagopa/io-react-native-jwt";
 import { NoSuitableKeysFoundInEntityConfiguration } from "./errors";
+import { RequestObject } from "./types";
+import { convertCertToPem, parsePublicKey, getSigningJwk } from "../../utils/crypto";
 
 /**
  * Defines the signature for a function that retrieves JSON Web Key Sets (JWKS) from a client.
@@ -12,15 +14,68 @@ import { NoSuitableKeysFoundInEntityConfiguration } from "./errors";
  */
 
 /**
- * Retrieves the JSON Web Key Set (JWKS) from the specified client's well-known endpoint.
- * It is formed using `{issUrl.base}/.well-known/jar-issuer${issUrl.pah}` as explained in SD-JWT VC issuer metadata section
+ * Fetches and parses JWKS from a given URI.
  *
- * @param requestObjectEncodedJwt - Request Object in JWT format.
- * @param options - Optional context containing a custom fetch implementation.
- * @param options.context - Optional context object.
- * @param options.context.appFetch - Optional custom fetch function to use instead of the global `fetch`.
- * @returns A promise resolving to an object containing an array of JWKs.
- * @throws Will throw an error if the JWKS retrieval fails.
+ * @param jwksUri - The JWKS URI.
+ * @param fetchFn - The fetch function to use.
+ * @returns An array of JWKs.
+ */
+const fetchJwksFromUri = async (jwksUri, appFetch) => {
+  const jwks = await appFetch(jwksUri, {
+    method: "GET"
+  }).then(hasStatusOrThrow(200)).then(raw => raw.json()).then(json => json.jwks ? JWKS.parse(json.jwks) : JWKS.parse(json));
+  return jwks.keys;
+};
+
+/**
+ * Retrieves JWKS when the client ID scheme includes x509 SAN DNS.
+ *
+ * @param decodedJwt - The decoded JWT.
+ * @param fetchFn - The fetch function to use.
+ * @returns An array of JWKs.
+ * @throws Will throw an error if no suitable keys are found.
+ */
+const getJwksFromX509Cert = async certChain => {
+  if (!Array.isArray(certChain) || certChain.length === 0 || !certChain[0]) {
+    throw new NoSuitableKeysFoundInEntityConfiguration("No RP encrypt key found!");
+  }
+  const pemCert = convertCertToPem(certChain[0]);
+  const publicKey = parsePublicKey(pemCert);
+  if (!publicKey) {
+    throw new NoSuitableKeysFoundInEntityConfiguration("Unsupported public key type.");
+  }
+  const signingJwk = getSigningJwk(publicKey);
+  return [signingJwk];
+};
+
+/**
+ * Constructs the well-known JWKS URL based on the issuer claim.
+ *
+ * @param issuer - The issuer URL.
+ * @returns The well-known JWKS URL.
+ */
+const constructWellKnownJwksUrl = issuer => {
+  const issuerUrl = new URL(issuer);
+  return new URL(`/.well-known/jar-issuer${issuerUrl.pathname}`, `${issuerUrl.protocol}//${issuerUrl.host}`).toString();
+};
+
+/**
+ * Fetches the JSON Web Key Set (JWKS) based on the provided Request Object encoded as a JWT.
+ * The retrieval process follows these steps in order:
+ *
+ * 1. **Direct JWK Retrieval**: If the JWT's protected header contains a `jwk` attribute, it uses this key directly.
+ * 2. **X.509 Certificate Retrieval**: If the protected header includes an `x5c` attribute, it extracts the JWKs from the provided X.509 certificate chain.
+ * 3. **Issuer's Well-Known Endpoint**: If neither `jwk` nor `x5c` are present, it constructs the JWKS URL using the issuer (`iss`) claim and fetches the keys from the issuer's well-known JWKS endpoint.
+ *
+ * The JWKS URL is constructed in the format `{issUrl.base}/.well-known/jar-issuer${issUrl.path}`,
+ * as detailed in the SD-JWT VC issuer metadata specification.
+ *
+ * @param requestObjectEncodedJwt - The Request Object encoded as a JWT.
+ * @param options - Optional parameters for fetching the JWKS.
+ * @param options.context - Optional context providing a custom fetch implementation.
+ * @param options.context.appFetch - A custom fetch function to replace the global `fetch` if provided.
+ * @returns A promise that resolves to an object containing an array of JSON Web Keys (JWKs).
+ * @throws {NoSuitableKeysFoundInEntityConfiguration} Throws an error if JWKS retrieval or key extraction fails.
  */
 export const fetchJwksFromRequestObject = async function (requestObjectEncodedJwt) {
   var _requestObjectJwt$pro, _requestObjectJwt$pay;
@@ -31,29 +86,46 @@ export const fetchJwksFromRequestObject = async function (requestObjectEncodedJw
     appFetch = fetch
   } = context;
   const requestObjectJwt = decodeJwt(requestObjectEncodedJwt);
+  const jwks = [];
 
   // 1. check if request object jwt contains the 'jwk' attribute
   if ((_requestObjectJwt$pro = requestObjectJwt.protectedHeader) !== null && _requestObjectJwt$pro !== void 0 && _requestObjectJwt$pro.jwk) {
-    return {
-      keys: [JWK.parse(requestObjectJwt.protectedHeader.jwk)]
-    };
+    const keys = [JWK.parse(requestObjectJwt.protectedHeader.jwk)];
+    jwks.push(...keys);
+  }
+
+  // 2. check if request object jwt contains the 'x5c' attribute
+  if (requestObjectJwt.protectedHeader.x5c) {
+    const keys = await getJwksFromX509Cert(requestObjectJwt.protectedHeader.x5c);
+    jwks.push(...keys);
   }
 
-  // 2. According to Potential profile, retrieve from RP endpoint using iss claim
-  const issClaimValue = (_requestObjectJwt$pay = requestObjectJwt.payload) === null || _requestObjectJwt$pay === void 0 ? void 0 : _requestObjectJwt$pay.iss;
-  if (issClaimValue) {
-    const issUrl = new URL(issClaimValue);
-    const wellKnownUrl = new URL(`/.well-known/jar-issuer${issUrl.pathname}`, `${issUrl.protocol}//${issUrl.host}`).toString();
+  // 3. check if client_metadata contains the 'jwks' or 'jwks_uri' attribute
+  const requestObject = RequestObject.parse(requestObjectJwt.payload);
+  const {
+    client_metadata
+  } = requestObject;
+  if (client_metadata !== null && client_metadata !== void 0 && client_metadata.jwks_uri) {
+    const fetchedJwks = await fetchJwksFromUri(new URL(client_metadata.jwks_uri).toString(), appFetch);
+    jwks.push(...fetchedJwks);
+  }
+  if (client_metadata !== null && client_metadata !== void 0 && client_metadata.jwks) {
+    jwks.push(...client_metadata.jwks.keys);
+  }
 
-    // Fetches the JWKS from a specific endpoint of the entity's well-known configuration
-    const jwks = await appFetch(wellKnownUrl, {
-      method: "GET"
-    }).then(hasStatusOrThrow(200)).then(raw => raw.json()).then(json => JWKS.parse(json.jwks));
-    return {
-      keys: jwks.keys
-    };
+  // 3. According to Potential profile, retrieve from RP endpoint using iss claim
+  const issuer = (_requestObjectJwt$pay = requestObjectJwt.payload) === null || _requestObjectJwt$pay === void 0 ? void 0 : _requestObjectJwt$pay.iss;
+  if (jwks.length === 0 && typeof issuer === "string") {
+    const wellKnownJwksUrl = constructWellKnownJwksUrl(issuer);
+    const jwksKeys = await fetchJwksFromUri(wellKnownJwksUrl, appFetch);
+    jwks.push(...jwksKeys);
   }
-  throw new NoSuitableKeysFoundInEntityConfiguration("Request Object signature verification");
+  if (jwks.length === 0) {
+    throw new NoSuitableKeysFoundInEntityConfiguration("Request Object signature verification");
+  }
+  return {
+    keys: jwks
+  };
 };
 
 /**

package/lib/module/credential/presentation/04-retrieve-rp-jwks.js.map

@@ -1 +1 @@
-{"version":3,"names":["JWKS","JWK","hasStatusOrThrow","decode","decodeJwt","NoSuitableKeysFoundInEntityConfiguration","fetchJwksFromRequestObject","requestObjectEncodedJwt","_requestObjectJwt$pro","_requestObjectJwt$pay","context","arguments","length","undefined","appFetch","fetch","requestObjectJwt","protectedHeader","jwk","keys","parse","issClaimValue","payload","iss","issUrl","URL","wellKnownUrl","pathname","protocol","host","toString","jwks","method","then","raw","json","fetchJwksFromConfig","rpConfig","wallet_relying_party","Array","isArray","Error"],"sourceRoot":"../../../../src","sources":["credential/presentation/04-retrieve-rp-jwks.ts"],"mappings":"AAAA,SAASA,IAAI,EAAEC,GAAG,QAAQ,iBAAiB;AAC3C,SAASC,gBAAgB,QAAQ,kBAAkB;AAEnD,SAASC,MAAM,IAAIC,SAAS,QAAQ,6BAA6B;AACjE,SAASC,wCAAwC,QAAQ,UAAU;;AAEnE;AACA;AACA;AACA;AACA;AACA;AACA;;AAKA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMC,0BAEZ,GAAG,eAAAA,CAAOC,uBAAuB,EAA4B;EAAA,IAAAC,qBAAA,EAAAC,qBAAA;EAAA,IAA1B;IAAEC,OAAO,GAAG,CAAC;EAAE,CAAC,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EACvD,MAAM;IAAEG,QAAQ,GAAGC;EAAM,CAAC,GAAGL,OAAO;EACpC,MAAMM,gBAAgB,GAAGZ,SAAS,CAACG,uBAAuB,CAAC;;EAE3D;EACA,KAAAC,qBAAA,GAAIQ,gBAAgB,CAACC,eAAe,cAAAT,qBAAA,eAAhCA,qBAAA,CAAkCU,GAAG,EAAE;IACzC,OAAO;MACLC,IAAI,EAAE,CAAClB,GAAG,CAACmB,KAAK,CAACJ,gBAAgB,CAACC,eAAe,CAACC,GAAG,CAAC;IACxD,CAAC;EACH;;EAEA;EACA,MAAMG,aAAa,IAAAZ,qBAAA,GAAGO,gBAAgB,CAACM,OAAO,cAAAb,qBAAA,uBAAxBA,qBAAA,CAA0Bc,GAAa;EAC7D,IAAIF,aAAa,EAAE;IACjB,MAAMG,MAAM,GAAG,IAAIC,GAAG,CAACJ,aAAa,CAAC;IACrC,MAAMK,YAAY,GAAG,IAAID,GAAG,CACzB,0BAAyBD,MAAM,CAACG,QAAS,EAAC,EAC1C,GAAEH,MAAM,CAACI,QAAS,KAAIJ,MAAM,CAACK,IAAK,EACrC,CAAC,CAACC,QAAQ,CAAC,CAAC;;IAEZ;IACA,MAAMC,IAAI,GAAG,MAAMjB,QAAQ,CAACY,YAAY,EAAE;MACxCM,MAAM,EAAE;IACV,CAAC,CAAC,CACCC,IAAI,CAAC/B,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAC3B+B,IAAI,CAAEC,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBF,IAAI,CAAEE,IAAI,IAAKnC,IAAI,CAACoB,KAAK,CAACe,IAAI,CAACJ,IAAI,CAAC,CAAC;IAExC,OAAO;MACLZ,IAAI,EAAEY,IAAI,CAACZ;IACb,CAAC;EACH;EAEA,MAAM,IAAId,wCAAwC,CAChD,uCACF,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAM+B,mBAEZ,GAAG,MAAOC,QAAQ,IAAK;EACtB,MAAMN,IAAI,GAAGM,QAAQ,CAACC,oBAAoB,CAACP,IAAI;EAE/C,IAAI,CAACA,IAAI,IAAI,CAACQ,KAAK,CAACC,OAAO,CAACT,IAAI,CAACZ,IAAI,CAAC,EAAE;IACtC,MAAM,IAAIsB,KAAK,CAAC,gDAAgD,CAAC;EACnE;EAEA,OAAO;IACLtB,IAAI,EAAEY,IAAI,CAACZ;EACb,CAAC;AACH,CAAC"}
+{"version":3,"names":["JWKS","JWK","hasStatusOrThrow","decode","decodeJwt","NoSuitableKeysFoundInEntityConfiguration","RequestObject","convertCertToPem","parsePublicKey","getSigningJwk","fetchJwksFromUri","jwksUri","appFetch","jwks","method","then","raw","json","parse","keys","getJwksFromX509Cert","certChain","Array","isArray","length","pemCert","publicKey","signingJwk","constructWellKnownJwksUrl","issuer","issuerUrl","URL","pathname","protocol","host","toString","fetchJwksFromRequestObject","requestObjectEncodedJwt","_requestObjectJwt$pro","_requestObjectJwt$pay","context","arguments","undefined","fetch","requestObjectJwt","protectedHeader","jwk","push","x5c","requestObject","payload","client_metadata","jwks_uri","fetchedJwks","iss","wellKnownJwksUrl","jwksKeys","fetchJwksFromConfig","rpConfig","wallet_relying_party","Error"],"sourceRoot":"../../../../src","sources":["credential/presentation/04-retrieve-rp-jwks.ts"],"mappings":"AAAA,SAASA,IAAI,EAAEC,GAAG,QAAQ,iBAAiB;AAC3C,SAASC,gBAAgB,QAAQ,kBAAkB;AAEnD,SAASC,MAAM,IAAIC,SAAS,QAAQ,6BAA6B;AACjE,SAASC,wCAAwC,QAAQ,UAAU;AACnE,SAASC,aAAa,QAAQ,SAAS;AACvC,SACEC,gBAAgB,EAChBC,cAAc,EACdC,aAAa,QACR,oBAAoB;;AAE3B;AACA;AACA;AACA;AACA;AACA;AACA;;AAKA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMC,gBAAgB,GAAG,MAAAA,CACvBC,OAAe,EACfC,QAA8B,KACX;EACnB,MAAMC,IAAI,GAAG,MAAMD,QAAQ,CAACD,OAAO,EAAE;IACnCG,MAAM,EAAE;EACV,CAAC,CAAC,CACCC,IAAI,CAACb,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAC3Ba,IAAI,CAAEC,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBF,IAAI,CAAEE,IAAI,IAAMA,IAAI,CAACJ,IAAI,GAAGb,IAAI,CAACkB,KAAK,CAACD,IAAI,CAACJ,IAAI,CAAC,GAAGb,IAAI,CAACkB,KAAK,CAACD,IAAI,CAAE,CAAC;EACzE,OAAOJ,IAAI,CAACM,IAAI;AAClB,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMC,mBAAmB,GAAG,MAAOC,SAAmB,IAAqB;EACzE,IAAI,CAACC,KAAK,CAACC,OAAO,CAACF,SAAS,CAAC,IAAIA,SAAS,CAACG,MAAM,KAAK,CAAC,IAAI,CAACH,SAAS,CAAC,CAAC,CAAC,EAAE;IACxE,MAAM,IAAIhB,wCAAwC,CAChD,0BACF,CAAC;EACH;EAEA,MAAMoB,OAAO,GAAGlB,gBAAgB,CAACc,SAAS,CAAC,CAAC,CAAC,CAAC;EAC9C,MAAMK,SAAS,GAAGlB,cAAc,CAACiB,OAAO,CAAC;EACzC,IAAI,CAACC,SAAS,EAAE;IACd,MAAM,IAAIrB,wCAAwC,CAChD,8BACF,CAAC;EACH;EACA,MAAMsB,UAAU,GAAGlB,aAAa,CAACiB,SAAS,CAAC;EAE3C,OAAO,CAACC,UAAU,CAAC;AACrB,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA,MAAMC,yBAAyB,GAAIC,MAAc,IAAa;EAC5D,MAAMC,SAAS,GAAG,IAAIC,GAAG,CAACF,MAAM,CAAC;EACjC,OAAO,IAAIE,GAAG,CACX,0BAAyBD,SAAS,CAACE,QAAS,EAAC,EAC7C,GAAEF,SAAS,CAACG,QAAS,KAAIH,SAAS,CAACI,IAAK,EAC3C,CAAC,CAACC,QAAQ,CAAC,CAAC;AACd,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMC,0BAEZ,GAAG,eAAAA,CAAOC,uBAAuB,EAA4B;EAAA,IAAAC,qBAAA,EAAAC,qBAAA;EAAA,IAA1B;IAAEC,OAAO,GAAG,CAAC;EAAE,CAAC,GAAAC,SAAA,CAAAjB,MAAA,QAAAiB,SAAA,QAAAC,SAAA,GAAAD,SAAA,MAAG,CAAC,CAAC;EACvD,MAAM;IAAE7B,QAAQ,GAAG+B;EAAM,CAAC,GAAGH,OAAO;EACpC,MAAMI,gBAAgB,GAAGxC,SAAS,CAACiC,uBAAuB,CAAC;EAC3D,MAAMxB,IAAW,GAAG,EAAE;;EAEtB;EACA,KAAAyB,qBAAA,GAAIM,gBAAgB,CAACC,eAAe,cAAAP,qBAAA,eAAhCA,qBAAA,CAAkCQ,GAAG,EAAE;IACzC,MAAM3B,IAAI,GAAG,CAAClB,GAAG,CAACiB,KAAK,CAAC0B,gBAAgB,CAACC,eAAe,CAACC,GAAG,CAAC,CAAC;IAC9DjC,IAAI,CAACkC,IAAI,CAAC,GAAG5B,IAAI,CAAC;EACpB;;EAEA;EACA,IAAIyB,gBAAgB,CAACC,eAAe,CAACG,GAAG,EAAE;IACxC,MAAM7B,IAAI,GAAG,MAAMC,mBAAmB,CACpCwB,gBAAgB,CAACC,eAAe,CAACG,GACnC,CAAC;IACDnC,IAAI,CAACkC,IAAI,CAAC,GAAG5B,IAAI,CAAC;EACpB;;EAEA;EACA,MAAM8B,aAAa,GAAG3C,aAAa,CAACY,KAAK,CAAC0B,gBAAgB,CAACM,OAAO,CAAC;EACnE,MAAM;IAAEC;EAAgB,CAAC,GAAGF,aAAa;EAEzC,IAAIE,eAAe,aAAfA,eAAe,eAAfA,eAAe,CAAEC,QAAQ,EAAE;IAC7B,MAAMC,WAAW,GAAG,MAAM3C,gBAAgB,CACxC,IAAIqB,GAAG,CAACoB,eAAe,CAACC,QAAQ,CAAC,CAACjB,QAAQ,CAAC,CAAC,EAC5CvB,QACF,CAAC;IACDC,IAAI,CAACkC,IAAI,CAAC,GAAGM,WAAW,CAAC;EAC3B;EAEA,IAAIF,eAAe,aAAfA,eAAe,eAAfA,eAAe,CAAEtC,IAAI,EAAE;IACzBA,IAAI,CAACkC,IAAI,CAAC,GAAGI,eAAe,CAACtC,IAAI,CAACM,IAAI,CAAC;EACzC;;EAEA;EACA,MAAMU,MAAM,IAAAU,qBAAA,GAAGK,gBAAgB,CAACM,OAAO,cAAAX,qBAAA,uBAAxBA,qBAAA,CAA0Be,GAAG;EAC5C,IAAIzC,IAAI,CAACW,MAAM,KAAK,CAAC,IAAI,OAAOK,MAAM,KAAK,QAAQ,EAAE;IACnD,MAAM0B,gBAAgB,GAAG3B,yBAAyB,CAACC,MAAM,CAAC;IAC1D,MAAM2B,QAAQ,GAAG,MAAM9C,gBAAgB,CAAC6C,gBAAgB,EAAE3C,QAAQ,CAAC;IACnEC,IAAI,CAACkC,IAAI,CAAC,GAAGS,QAAQ,CAAC;EACxB;EAEA,IAAI3C,IAAI,CAACW,MAAM,KAAK,CAAC,EAAE;IACrB,MAAM,IAAInB,wCAAwC,CAChD,uCACF,CAAC;EACH;EAEA,OAAO;IAAEc,IAAI,EAAEN;EAAK,CAAC;AACvB,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAM4C,mBAEZ,GAAG,MAAOC,QAAQ,IAAK;EACtB,MAAM7C,IAAI,GAAG6C,QAAQ,CAACC,oBAAoB,CAAC9C,IAAI;EAE/C,IAAI,CAACA,IAAI,IAAI,CAACS,KAAK,CAACC,OAAO,CAACV,IAAI,CAACM,IAAI,CAAC,EAAE;IACtC,MAAM,IAAIyC,KAAK,CAAC,gDAAgD,CAAC;EACnE;EAEA,OAAO;IACLzC,IAAI,EAAEN,IAAI,CAACM;EACb,CAAC;AACH,CAAC"}

package/lib/module/credential/presentation/05-verify-request-object.js

@@ -5,12 +5,17 @@ export const verifyRequestObjectSignature = async (requestObjectEncodedJwt, jwkK
   const requestObjectJwt = decodeJwt(requestObjectEncodedJwt);
 
   // verify token signature to ensure the request object is authentic
-  const pubKey = jwkKeys === null || jwkKeys === void 0 ? void 0 : jwkKeys.find(_ref => {
+  const pubKey = (jwkKeys === null || jwkKeys === void 0 ? void 0 : jwkKeys.find(_ref => {
     let {
       kid
     } = _ref;
     return kid === requestObjectJwt.protectedHeader.kid;
-  });
+  })) || (jwkKeys === null || jwkKeys === void 0 ? void 0 : jwkKeys.find(_ref2 => {
+    let {
+      use
+    } = _ref2;
+    return use === "sig";
+  }));
   if (!pubKey) {
     throw new UnverifiedEntityError("Request Object signature verification!");
   }

package/lib/module/credential/presentation/05-verify-request-object.js.map

@@ -1 +1 @@
-{"version":3,"names":["UnverifiedEntityError","decode","decodeJwt","verify","RequestObject","verifyRequestObjectSignature","requestObjectEncodedJwt","jwkKeys","requestObjectJwt","pubKey","find","_ref","kid","protectedHeader","requestObject","parse","payload","exp","Date","now"],"sourceRoot":"../../../../src","sources":["credential/presentation/05-verify-request-object.ts"],"mappings":"AAAA,SAASA,qBAAqB,QAAQ,UAAU;AAEhD,SAASC,MAAM,IAAIC,SAAS,EAAEC,MAAM,QAAQ,6BAA6B;AACzE,SAASC,aAAa,QAAQ,SAAS;AASvC,OAAO,MAAMC,4BAA0D,GACrE,MAAAA,CAAOC,uBAAuB,EAAEC,OAAO,KAAK;EAC1C,MAAMC,gBAAgB,GAAGN,SAAS,CAACI,uBAAuB,CAAC;;EAE3D;EACA,MAAMG,MAAM,GAAGF,OAAO,aAAPA,OAAO,uBAAPA,OAAO,CAAEG,IAAI,CAC1BC,IAAA;IAAA,IAAC;MAAEC;IAAI,CAAC,GAAAD,IAAA;IAAA,OAAKC,GAAG,KAAKJ,gBAAgB,CAACK,eAAe,CAACD,GAAG;EAAA,CAC3D,CAAC;EAED,IAAI,CAACH,MAAM,EAAE;IACX,MAAM,IAAIT,qBAAqB,CAAC,wCAAwC,CAAC;EAC3E;EACA,MAAMG,MAAM,CAACG,uBAAuB,EAAEG,MAAM,CAAC;EAE7C,MAAMK,aAAa,GAAGV,aAAa,CAACW,KAAK,CAACP,gBAAgB,CAACQ,OAAO,CAAC;EACnE;EACA;EACA,IAAIF,aAAa,CAACG,GAAG,IAAIH,aAAa,CAACG,GAAG,IAAIC,IAAI,CAACC,GAAG,CAAC,CAAC,GAAG,IAAI,EAAE;IAC/D,MAAM,IAAInB,qBAAqB,CAAC,4BAA4B,CAAC;EAC/D;EAEA,OAAO;IAAEc;EAAc,CAAC;AAC1B,CAAC"}
+{"version":3,"names":["UnverifiedEntityError","decode","decodeJwt","verify","RequestObject","verifyRequestObjectSignature","requestObjectEncodedJwt","jwkKeys","requestObjectJwt","pubKey","find","_ref","kid","protectedHeader","_ref2","use","requestObject","parse","payload","exp","Date","now"],"sourceRoot":"../../../../src","sources":["credential/presentation/05-verify-request-object.ts"],"mappings":"AAAA,SAASA,qBAAqB,QAAQ,UAAU;AAEhD,SAASC,MAAM,IAAIC,SAAS,EAAEC,MAAM,QAAQ,6BAA6B;AACzE,SAASC,aAAa,QAAQ,SAAS;AASvC,OAAO,MAAMC,4BAA0D,GACrE,MAAAA,CAAOC,uBAAuB,EAAEC,OAAO,KAAK;EAC1C,MAAMC,gBAAgB,GAAGN,SAAS,CAACI,uBAAuB,CAAC;;EAE3D;EACA,MAAMG,MAAM,GACV,CAAAF,OAAO,aAAPA,OAAO,uBAAPA,OAAO,CAAEG,IAAI,CACXC,IAAA;IAAA,IAAC;MAAEC;IAAI,CAAC,GAAAD,IAAA;IAAA,OAAKC,GAAG,KAAKJ,gBAAgB,CAACK,eAAe,CAACD,GAAG;EAAA,CAC3D,CAAC,MAAIL,OAAO,aAAPA,OAAO,uBAAPA,OAAO,CAAEG,IAAI,CAACI,KAAA;IAAA,IAAC;MAAEC;IAAI,CAAC,GAAAD,KAAA;IAAA,OAAKC,GAAG,KAAK,KAAK;EAAA,EAAC;EAEhD,IAAI,CAACN,MAAM,EAAE;IACX,MAAM,IAAIT,qBAAqB,CAAC,wCAAwC,CAAC;EAC3E;EACA,MAAMG,MAAM,CAACG,uBAAuB,EAAEG,MAAM,CAAC;EAE7C,MAAMO,aAAa,GAAGZ,aAAa,CAACa,KAAK,CAACT,gBAAgB,CAACU,OAAO,CAAC;EACnE;EACA;EACA,IAAIF,aAAa,CAACG,GAAG,IAAIH,aAAa,CAACG,GAAG,IAAIC,IAAI,CAACC,GAAG,CAAC,CAAC,GAAG,IAAI,EAAE;IAC/D,MAAM,IAAIrB,qBAAqB,CAAC,4BAA4B,CAAC;EAC/D;EAEA,OAAO;IAAEgB;EAAc,CAAC;AAC1B,CAAC"}

package/lib/module/credential/presentation/07-evaluate-input-descriptor.js

@@ -82,8 +82,8 @@ const extractClaimName = path => {
  * - Validates whether required fields are present (unless marked optional)
  *   and match any specified JSONPath.
  * - If a field includes a JSON Schema filter, validates the claim value against that schema.
- * - Enforces `limit_disclosure` rules by returning only disclosures matching the specified fields
- *   if set to "required". Otherwise return the array of all disclosures.
+ * - Enforces `limit_disclosure` rules by returning only disclosures, required and optional, matching the specified fields
+ *   if set to "required". Otherwise also return the array unrequestedDisclosures with disclosures which can be passed for a particular use case.
  * - Throws an error if a required field is invalid or missing.
  *
  * @param inputDescriptor - Describes constraints (fields, filters, etc.) that must be satisfied.
@@ -98,7 +98,8 @@ export const evaluateInputDescriptorForSdJwt4VC = (inputDescriptor, payloadCrede
     // No validation, all field are optional
     return {
       requiredDisclosures: [],
-      optionalDisclosures: disclosures
+      optionalDisclosures: [],
+      unrequestedDisclosures: disclosures
     };
   }
   const requiredClaimNames = [];
@@ -150,12 +151,15 @@ export const evaluateInputDescriptorForSdJwt4VC = (inputDescriptor, payloadCrede
   }
 
   // Categorizes disclosures into required and optional based on claim names and disclosure constraints.
-  const isNotLimitDisclosure = !(inputDescriptor.constraints.limit_disclosure === "required");
+
   const requiredDisclosures = disclosures.filter(disclosure => requiredClaimNames.includes(disclosure.decoded[INDEX_CLAIM_NAME]));
   const optionalDisclosures = disclosures.filter(disclosure => optionalClaimNames.includes(disclosure.decoded[INDEX_CLAIM_NAME]) || isNotLimitDisclosure && !requiredClaimNames.includes(disclosure.decoded[INDEX_CLAIM_NAME]));
+  const isNotLimitDisclosure = !(inputDescriptor.constraints.limit_disclosure === "required");
+  const unrequestedDisclosures = isNotLimitDisclosure ? disclosures.filter(disclosure => !optionalClaimNames.includes(disclosure.decoded[INDEX_CLAIM_NAME]) && !requiredClaimNames.includes(disclosure.decoded[INDEX_CLAIM_NAME])) : [];
   return {
     requiredDisclosures,
-    optionalDisclosures
+    optionalDisclosures,
+    unrequestedDisclosures
   };
 };
 //# sourceMappingURL=07-evaluate-input-descriptor.js.map

package/lib/module/credential/presentation/07-evaluate-input-descriptor.js.map

@@ -1 +1 @@
-{"version":3,"names":["JSONPath","MissingDataError","Ajv","ajv","allErrors","INDEX_CLAIM_NAME","mapDisclosuresToObject","disclosures","reduce","obj","_ref","decoded","claimName","claimValue","findMatchedClaim","paths","payload","matchedPath","matchedValue","some","singlePath","result","path","json","length","error","extractClaimName","regex","match","Error","evaluateInputDescriptorForSdJwt4VC","inputDescriptor","payloadCredential","_inputDescriptor$cons","constraints","fields","requiredDisclosures","optionalDisclosures","requiredClaimNames","optionalClaimNames","disclosuresAsPayload","allFieldsValid","every","field","optional","push","filter","validateSchema","compile","isNotLimitDisclosure","limit_disclosure","disclosure","includes"],"sourceRoot":"../../../../src","sources":["credential/presentation/07-evaluate-input-descriptor.ts"],"mappings":"AAEA,SAASA,QAAQ,QAAQ,eAAe;AACxC,SAASC,gBAAgB,QAAQ,UAAU;AAC3C,OAAOC,GAAG,MAAM,KAAK;AACrB,MAAMC,GAAG,GAAG,IAAID,GAAG,CAAC;EAAEE,SAAS,EAAE;AAAK,CAAC,CAAC;AACxC,MAAMC,gBAAgB,GAAG,CAAC;AAa1B;AACA;AACA;AACA;AACA;AACA,MAAMC,sBAAsB,GAC1BC,WAAoC,IACR;EAC5B,OAAOA,WAAW,CAACC,MAAM,CAAC,CAACC,GAAG,EAAAC,IAAA,KAAkB;IAAA,IAAhB;MAAEC;IAAQ,CAAC,GAAAD,IAAA;IACzC,MAAM,GAAGE,SAAS,EAAEC,UAAU,CAAC,GAAGF,OAAO;IACzCF,GAAG,CAACG,SAAS,CAAC,GAAGC,UAAU;IAC3B,OAAOJ,GAAG;EACZ,CAAC,EAAE,CAAC,CAA4B,CAAC;AACnC,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA,MAAMK,gBAAgB,GAAGA,CACvBC,KAAe,EACfC,OAAY,KACW;EACvB,IAAIC,WAAW;EACf,IAAIC,YAAY;EAChBH,KAAK,CAACI,IAAI,CAAEC,UAAU,IAAK;IACzB,IAAI;MACF,MAAMC,MAAM,GAAGrB,QAAQ,CAAC;QAAEsB,IAAI,EAAEF,UAAU;QAAEG,IAAI,EAAEP;MAAQ,CAAC,CAAC;MAC5D,IAAIK,MAAM,CAACG,MAAM,GAAG,CAAC,EAAE;QACrBP,WAAW,GAAGG,UAAU;QACxBF,YAAY,GAAGG,MAAM,CAAC,CAAC,CAAC;QACxB,OAAO,IAAI;MACb;IACF,CAAC,CAAC,OAAOI,KAAK,EAAE;MACd,MAAM,IAAIxB,gBAAgB,CACvB,iBAAgBmB,UAAW,wCAC9B,CAAC;IACH;IACA,OAAO,KAAK;EACd,CAAC,CAAC;EAEF,OAAO,CAACH,WAAW,EAAEC,YAAY,CAAC;AACpC,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMQ,gBAAgB,GAAIJ,IAAY,IAAyB;EAC7D;EACA;EACA;EACA,MAAMK,KAAK,GAAG,yCAAyC;EAEvD,MAAMC,KAAK,GAAGN,IAAI,CAACM,KAAK,CAACD,KAAK,CAAC;EAC/B,IAAIC,KAAK,EAAE;IACT;IACA;IACA,OAAOA,KAAK,CAAC,CAAC,CAAC,IAAIA,KAAK,CAAC,CAAC,CAAC;EAC7B;;EAEA;;EAEA,MAAM,IAAIC,KAAK,CACZ,0BAAyBP,IAAK,wFACjC,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMQ,kCAAmE,GAC9EA,CAACC,eAAe,EAAEC,iBAAiB,EAAEzB,WAAW,KAAK;EAAA,IAAA0B,qBAAA;EACnD,IAAI,EAACF,eAAe,aAAfA,eAAe,gBAAAE,qBAAA,GAAfF,eAAe,CAAEG,WAAW,cAAAD,qBAAA,eAA5BA,qBAAA,CAA8BE,MAAM,GAAE;IACzC;IACA,OAAO;MACLC,mBAAmB,EAAE,EAAE;MACvBC,mBAAmB,EAAE9B;IACvB,CAAC;EACH;EACA,MAAM+B,kBAA4B,GAAG,EAAE;EACvC,MAAMC,kBAA4B,GAAG,EAAE;;EAEvC;EACA,MAAMC,oBAAoB,GAAGlC,sBAAsB,CAACC,WAAW,CAAC;;EAEhE;EACA;EACA,MAAMkC,cAAc,GAAGV,eAAe,CAACG,WAAW,CAACC,MAAM,CAACO,KAAK,CAAEC,KAAK,IAAK;IACzE;IACA;IACA;IACA,IAAI,CAAC1B,WAAW,EAAEC,YAAY,CAAC,GAAGJ,gBAAgB,CAChD6B,KAAK,CAACrB,IAAI,EACVkB,oBACF,CAAC;IAED,IAAI,CAACvB,WAAW,EAAE;MAChB,CAACA,WAAW,EAAEC,YAAY,CAAC,GAAGJ,gBAAgB,CAC5C6B,KAAK,CAACrB,IAAI,EACVU,iBACF,CAAC;MAED,IAAI,CAACf,WAAW,EAAE;QAChB;QACA,OAAO0B,KAAK,aAALA,KAAK,uBAALA,KAAK,CAAEC,QAAQ;MACxB;IACF,CAAC,MAAM;MACL;MACA,MAAMhC,SAAS,GAAGc,gBAAgB,CAACT,WAAW,CAAC;MAC/C,IAAIL,SAAS,EAAE;QACb,CAAC+B,KAAK,aAALA,KAAK,eAALA,KAAK,CAAEC,QAAQ,GAAGL,kBAAkB,GAAGD,kBAAkB,EAAEO,IAAI,CAC9DjC,SACF,CAAC;MACH;IACF;;IAEA;IACA;IACA,IAAI+B,KAAK,CAACG,MAAM,EAAE;MAChB,IAAI;QACF,MAAMC,cAAc,GAAG5C,GAAG,CAAC6C,OAAO,CAACL,KAAK,CAACG,MAAM,CAAC;QAChD,IAAI,CAACC,cAAc,CAAC7B,YAAY,CAAC,EAAE;UACjC,MAAM,IAAIjB,gBAAgB,CACvB,gBAAeiB,YAAa,eAAcD,WAAY,4CACzD,CAAC;QACH;MACF,CAAC,CAAC,OAAOQ,KAAK,EAAE;QACd,OAAO,KAAK;MACd;IACF;IACA;IACA;;IAEA,OAAO,IAAI;EACb,CAAC,CAAC;EAEF,IAAI,CAACgB,cAAc,EAAE;IACnB,MAAM,IAAIxC,gBAAgB,CACxB,iGACF,CAAC;EACH;;EAEA;EACA,MAAMgD,oBAAoB,GAAG,EAC3BlB,eAAe,CAACG,WAAW,CAACgB,gBAAgB,KAAK,UAAU,CAC5D;EAED,MAAMd,mBAAmB,GAAG7B,WAAW,CAACuC,MAAM,CAAEK,UAAU,IACxDb,kBAAkB,CAACc,QAAQ,CAACD,UAAU,CAACxC,OAAO,CAACN,gBAAgB,CAAC,CAClE,CAAC;EAED,MAAMgC,mBAAmB,GAAG9B,WAAW,CAACuC,MAAM,CAC3CK,UAAU,IACTZ,kBAAkB,CAACa,QAAQ,CAACD,UAAU,CAACxC,OAAO,CAACN,gBAAgB,CAAC,CAAC,IAChE4C,oBAAoB,IACnB,CAACX,kBAAkB,CAACc,QAAQ,CAACD,UAAU,CAACxC,OAAO,CAACN,gBAAgB,CAAC,CACvE,CAAC;EAED,OAAO;IACL+B,mBAAmB;IACnBC;EACF,CAAC;AACH,CAAC"}
+{"version":3,"names":["JSONPath","MissingDataError","Ajv","ajv","allErrors","INDEX_CLAIM_NAME","mapDisclosuresToObject","disclosures","reduce","obj","_ref","decoded","claimName","claimValue","findMatchedClaim","paths","payload","matchedPath","matchedValue","some","singlePath","result","path","json","length","error","extractClaimName","regex","match","Error","evaluateInputDescriptorForSdJwt4VC","inputDescriptor","payloadCredential","_inputDescriptor$cons","constraints","fields","requiredDisclosures","optionalDisclosures","unrequestedDisclosures","requiredClaimNames","optionalClaimNames","disclosuresAsPayload","allFieldsValid","every","field","optional","push","filter","validateSchema","compile","disclosure","includes","isNotLimitDisclosure","limit_disclosure"],"sourceRoot":"../../../../src","sources":["credential/presentation/07-evaluate-input-descriptor.ts"],"mappings":"AAEA,SAASA,QAAQ,QAAQ,eAAe;AACxC,SAASC,gBAAgB,QAAQ,UAAU;AAC3C,OAAOC,GAAG,MAAM,KAAK;AACrB,MAAMC,GAAG,GAAG,IAAID,GAAG,CAAC;EAAEE,SAAS,EAAE;AAAK,CAAC,CAAC;AACxC,MAAMC,gBAAgB,GAAG,CAAC;AAc1B;AACA;AACA;AACA;AACA;AACA,MAAMC,sBAAsB,GAC1BC,WAAoC,IACR;EAC5B,OAAOA,WAAW,CAACC,MAAM,CAAC,CAACC,GAAG,EAAAC,IAAA,KAAkB;IAAA,IAAhB;MAAEC;IAAQ,CAAC,GAAAD,IAAA;IACzC,MAAM,GAAGE,SAAS,EAAEC,UAAU,CAAC,GAAGF,OAAO;IACzCF,GAAG,CAACG,SAAS,CAAC,GAAGC,UAAU;IAC3B,OAAOJ,GAAG;EACZ,CAAC,EAAE,CAAC,CAA4B,CAAC;AACnC,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA,MAAMK,gBAAgB,GAAGA,CACvBC,KAAe,EACfC,OAAY,KACW;EACvB,IAAIC,WAAW;EACf,IAAIC,YAAY;EAChBH,KAAK,CAACI,IAAI,CAAEC,UAAU,IAAK;IACzB,IAAI;MACF,MAAMC,MAAM,GAAGrB,QAAQ,CAAC;QAAEsB,IAAI,EAAEF,UAAU;QAAEG,IAAI,EAAEP;MAAQ,CAAC,CAAC;MAC5D,IAAIK,MAAM,CAACG,MAAM,GAAG,CAAC,EAAE;QACrBP,WAAW,GAAGG,UAAU;QACxBF,YAAY,GAAGG,MAAM,CAAC,CAAC,CAAC;QACxB,OAAO,IAAI;MACb;IACF,CAAC,CAAC,OAAOI,KAAK,EAAE;MACd,MAAM,IAAIxB,gBAAgB,CACvB,iBAAgBmB,UAAW,wCAC9B,CAAC;IACH;IACA,OAAO,KAAK;EACd,CAAC,CAAC;EAEF,OAAO,CAACH,WAAW,EAAEC,YAAY,CAAC;AACpC,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMQ,gBAAgB,GAAIJ,IAAY,IAAyB;EAC7D;EACA;EACA;EACA,MAAMK,KAAK,GAAG,yCAAyC;EAEvD,MAAMC,KAAK,GAAGN,IAAI,CAACM,KAAK,CAACD,KAAK,CAAC;EAC/B,IAAIC,KAAK,EAAE;IACT;IACA;IACA,OAAOA,KAAK,CAAC,CAAC,CAAC,IAAIA,KAAK,CAAC,CAAC,CAAC;EAC7B;;EAEA;;EAEA,MAAM,IAAIC,KAAK,CACZ,0BAAyBP,IAAK,wFACjC,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMQ,kCAAmE,GAC9EA,CAACC,eAAe,EAAEC,iBAAiB,EAAEzB,WAAW,KAAK;EAAA,IAAA0B,qBAAA;EACnD,IAAI,EAACF,eAAe,aAAfA,eAAe,gBAAAE,qBAAA,GAAfF,eAAe,CAAEG,WAAW,cAAAD,qBAAA,eAA5BA,qBAAA,CAA8BE,MAAM,GAAE;IACzC;IACA,OAAO;MACLC,mBAAmB,EAAE,EAAE;MACvBC,mBAAmB,EAAE,EAAE;MACvBC,sBAAsB,EAAE/B;IAC1B,CAAC;EACH;EACA,MAAMgC,kBAA4B,GAAG,EAAE;EACvC,MAAMC,kBAA4B,GAAG,EAAE;;EAEvC;EACA,MAAMC,oBAAoB,GAAGnC,sBAAsB,CAACC,WAAW,CAAC;;EAEhE;EACA;EACA,MAAMmC,cAAc,GAAGX,eAAe,CAACG,WAAW,CAACC,MAAM,CAACQ,KAAK,CAAEC,KAAK,IAAK;IACzE;IACA;IACA;IACA,IAAI,CAAC3B,WAAW,EAAEC,YAAY,CAAC,GAAGJ,gBAAgB,CAChD8B,KAAK,CAACtB,IAAI,EACVmB,oBACF,CAAC;IAED,IAAI,CAACxB,WAAW,EAAE;MAChB,CAACA,WAAW,EAAEC,YAAY,CAAC,GAAGJ,gBAAgB,CAC5C8B,KAAK,CAACtB,IAAI,EACVU,iBACF,CAAC;MAED,IAAI,CAACf,WAAW,EAAE;QAChB;QACA,OAAO2B,KAAK,aAALA,KAAK,uBAALA,KAAK,CAAEC,QAAQ;MACxB;IACF,CAAC,MAAM;MACL;MACA,MAAMjC,SAAS,GAAGc,gBAAgB,CAACT,WAAW,CAAC;MAC/C,IAAIL,SAAS,EAAE;QACb,CAACgC,KAAK,aAALA,KAAK,eAALA,KAAK,CAAEC,QAAQ,GAAGL,kBAAkB,GAAGD,kBAAkB,EAAEO,IAAI,CAC9DlC,SACF,CAAC;MACH;IACF;;IAEA;IACA;IACA,IAAIgC,KAAK,CAACG,MAAM,EAAE;MAChB,IAAI;QACF,MAAMC,cAAc,GAAG7C,GAAG,CAAC8C,OAAO,CAACL,KAAK,CAACG,MAAM,CAAC;QAChD,IAAI,CAACC,cAAc,CAAC9B,YAAY,CAAC,EAAE;UACjC,MAAM,IAAIjB,gBAAgB,CACvB,gBAAeiB,YAAa,eAAcD,WAAY,4CACzD,CAAC;QACH;MACF,CAAC,CAAC,OAAOQ,KAAK,EAAE;QACd,OAAO,KAAK;MACd;IACF;IACA;IACA;;IAEA,OAAO,IAAI;EACb,CAAC,CAAC;EAEF,IAAI,CAACiB,cAAc,EAAE;IACnB,MAAM,IAAIzC,gBAAgB,CACxB,iGACF,CAAC;EACH;;EAEA;;EAEA,MAAMmC,mBAAmB,GAAG7B,WAAW,CAACwC,MAAM,CAAEG,UAAU,IACxDX,kBAAkB,CAACY,QAAQ,CAACD,UAAU,CAACvC,OAAO,CAACN,gBAAgB,CAAC,CAClE,CAAC;EAED,MAAMgC,mBAAmB,GAAG9B,WAAW,CAACwC,MAAM,CAC3CG,UAAU,IACTV,kBAAkB,CAACW,QAAQ,CAACD,UAAU,CAACvC,OAAO,CAACN,gBAAgB,CAAC,CAAC,IAChE+C,oBAAoB,IACnB,CAACb,kBAAkB,CAACY,QAAQ,CAACD,UAAU,CAACvC,OAAO,CAACN,gBAAgB,CAAC,CACvE,CAAC;EAED,MAAM+C,oBAAoB,GAAG,EAC3BrB,eAAe,CAACG,WAAW,CAACmB,gBAAgB,KAAK,UAAU,CAC5D;EAED,MAAMf,sBAAsB,GAAGc,oBAAoB,GAC/C7C,WAAW,CAACwC,MAAM,CACfG,UAAU,IACT,CAACV,kBAAkB,CAACW,QAAQ,CAC1BD,UAAU,CAACvC,OAAO,CAACN,gBAAgB,CACrC,CAAC,IACD,CAACkC,kBAAkB,CAACY,QAAQ,CAACD,UAAU,CAACvC,OAAO,CAACN,gBAAgB,CAAC,CACrE,CAAC,GACD,EAAE;EAEN,OAAO;IACL+B,mBAAmB;IACnBC,mBAAmB;IACnBC;EACF,CAAC;AACH,CAAC"}

package/lib/module/credential/presentation/README.md

@@ -29,8 +29,8 @@ sequenceDiagram
   <summary>Remote Presentation flow</summary>
 
 ```ts
-// Scan e retrive qr-code
-const qrcode = ...
+// Scan e retrive qr-code, decode it and get its parameters
+const {requestUri, clientId} = ...
 
 // Retrieve the integrity key tag from the store and create its context
 const integrityKeyTag = "example"; // Let's assume this is the key tag used to create the wallet instance
@@ -55,7 +55,7 @@ const walletInstanceAttestation =
   });
 
 // Start the issuance flow
-const { requestURI, clientId } = Credential.Presentation.startFlowFromQR(qrcode);
+const { requestURI, clientId } = Credential.Presentation.startFlowFromQR(requestUri, clientId);
 
 // If use trust federation: Evaluate issuer trust
 const { rpConf } = await Credential.Presentation.evaluateRelyingPartyTrust(clientId);
@@ -111,4 +111,4 @@ const { presentationDefinition } = await Credential.Presentation.fetchPresentDef
 
 ```
 
-</details>
+</details>

package/lib/module/credential/presentation/errors.js

@@ -40,22 +40,6 @@ export class NoSuitableKeysFoundInEntityConfiguration extends IoWalletError {
   }
 }
 
-/**
- * When a QR code is not valid.
- *
- */
-export class InvalidQRCodeError extends IoWalletError {
-  code = "ERR_INVALID_QR_CODE";
-
-  /**
-   * @param detail A description of why the QR code is considered invalid.
-   */
-  constructor(detail) {
-    const message = `QR code is not valid: ${detail}.`;
-    super(message);
-  }
-}
-
 /**
  * When the entity is unverified because the Relying Party is not trusted.
  *

package/lib/module/credential/presentation/errors.js.map

@@ -1 +1 @@
-{"version":3,"names":["IoWalletError","serializeAttrs","AuthRequestDecodeError","code","constructor","message","claim","arguments","length","undefined","reason","NoSuitableKeysFoundInEntityConfiguration","scenario","InvalidQRCodeError","detail","UnverifiedEntityError","MissingDataError","missingAttributes"],"sourceRoot":"../../../../src","sources":["credential/presentation/errors.ts"],"mappings":"AAAA,SAASA,aAAa,EAAEC,cAAc,QAAQ,oBAAoB;;AAElE;AACA;AACA;AACA;AACA,OAAO,MAAMC,sBAAsB,SAASF,aAAa,CAAC;EACxDG,IAAI,GAAG,oDAAoD;;EAE3D;;EAGA;;EAGAC,WAAWA,CACTC,OAAe,EAGf;IAAA,IAFAC,KAAa,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAC7BG,MAAc,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAE9B,KAAK,CAACN,cAAc,CAAC;MAAEI,OAAO;MAAEC,KAAK;MAAEI;IAAO,CAAC,CAAC,CAAC;IACjD,IAAI,CAACJ,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AACA,OAAO,MAAMC,wCAAwC,SAASX,aAAa,CAAC;EAC1EG,IAAI,GAAG,gCAAgC;;EAEvC;AACF;AACA;EACEC,WAAWA,CAACQ,QAAgB,EAAE;IAC5B,MAAMP,OAAO,GAAI,0DAAyDO,QAAS,IAAG;IACtF,KAAK,CAACP,OAAO,CAAC;EAChB;AACF;;AAEA;AACA;AACA;AACA;AACA,OAAO,MAAMQ,kBAAkB,SAASb,aAAa,CAAC;EACpDG,IAAI,GAAG,qBAAqB;;EAE5B;AACF;AACA;EACEC,WAAWA,CAACU,MAAc,EAAE;IAC1B,MAAMT,OAAO,GAAI,yBAAwBS,MAAO,GAAE;IAClD,KAAK,CAACT,OAAO,CAAC;EAChB;AACF;;AAEA;AACA;AACA;AACA;AACA,OAAO,MAAMU,qBAAqB,SAASf,aAAa,CAAC;EACvDG,IAAI,GAAG,0BAA0B;;EAEjC;AACF;AACA;EACEC,WAAWA,CAACM,MAAc,EAAE;IAC1B,MAAML,OAAO,GAAI,sBAAqBK,MAAO,GAAE;IAC/C,KAAK,CAACL,OAAO,CAAC;EAChB;AACF;;AAEA;AACA;AACA;AACA;AACA,OAAO,MAAMW,gBAAgB,SAAShB,aAAa,CAAC;EAClDG,IAAI,GAAG,kBAAkB;;EAEzB;AACF;AACA;EACEC,WAAWA,CAACa,iBAAyB,EAAE;IACrC,MAAMZ,OAAO,GAAI,kCAAiCY,iBAAkB,GAAE;IACtE,KAAK,CAACZ,OAAO,CAAC;EAChB;AACF"}
+{"version":3,"names":["IoWalletError","serializeAttrs","AuthRequestDecodeError","code","constructor","message","claim","arguments","length","undefined","reason","NoSuitableKeysFoundInEntityConfiguration","scenario","UnverifiedEntityError","MissingDataError","missingAttributes"],"sourceRoot":"../../../../src","sources":["credential/presentation/errors.ts"],"mappings":"AAAA,SAASA,aAAa,EAAEC,cAAc,QAAQ,oBAAoB;;AAElE;AACA;AACA;AACA;AACA,OAAO,MAAMC,sBAAsB,SAASF,aAAa,CAAC;EACxDG,IAAI,GAAG,oDAAoD;;EAE3D;;EAGA;;EAGAC,WAAWA,CACTC,OAAe,EAGf;IAAA,IAFAC,KAAa,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAC7BG,MAAc,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAE9B,KAAK,CAACN,cAAc,CAAC;MAAEI,OAAO;MAAEC,KAAK;MAAEI;IAAO,CAAC,CAAC,CAAC;IACjD,IAAI,CAACJ,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AACA,OAAO,MAAMC,wCAAwC,SAASX,aAAa,CAAC;EAC1EG,IAAI,GAAG,gCAAgC;;EAEvC;AACF;AACA;EACEC,WAAWA,CAACQ,QAAgB,EAAE;IAC5B,MAAMP,OAAO,GAAI,0DAAyDO,QAAS,IAAG;IACtF,KAAK,CAACP,OAAO,CAAC;EAChB;AACF;;AAEA;AACA;AACA;AACA;AACA,OAAO,MAAMQ,qBAAqB,SAASb,aAAa,CAAC;EACvDG,IAAI,GAAG,0BAA0B;;EAEjC;AACF;AACA;EACEC,WAAWA,CAACM,MAAc,EAAE;IAC1B,MAAML,OAAO,GAAI,sBAAqBK,MAAO,GAAE;IAC/C,KAAK,CAACL,OAAO,CAAC;EAChB;AACF;;AAEA;AACA;AACA;AACA;AACA,OAAO,MAAMS,gBAAgB,SAASd,aAAa,CAAC;EAClDG,IAAI,GAAG,kBAAkB;;EAEzB;AACF;AACA;EACEC,WAAWA,CAACW,iBAAyB,EAAE;IACrC,MAAMV,OAAO,GAAI,kCAAiCU,iBAAkB,GAAE;IACtE,KAAK,CAACV,OAAO,CAAC;EAChB;AACF"}

package/lib/module/credential/presentation/types.js

@@ -1,5 +1,6 @@
 import { UnixTime } from "../../sd-jwt/types";
 import * as z from "zod";
+import { JWKS } from "../../utils/jwk";
 
 /**
  * A pair that associate a tokenized Verified Credential with the claims presented or requested to present.
@@ -79,7 +80,12 @@ export const RequestObject = z.object({
   response_type: z.literal("vp_token"),
   response_mode: z.enum(["direct_post.jwt", "direct_post"]),
   client_id: z.string(),
-  client_id_scheme: z.string(),
+  client_id_scheme: z.string().optional(),
+  // previous z.literal("entity_id"),
+  client_metadata: z.object({
+    jwks_uri: z.string().optional(),
+    jwks: JWKS.optional()
+  }).optional(),
   // previous z.literal("entity_id"),
   scope: z.string().optional(),
   presentation_definition: PresentationDefinition.optional()

package/lib/module/credential/presentation/types.js.map

@@ -1 +1 @@
-{"version":3,"names":["UnixTime","z","Fields","object","path","array","string","min","id","optional","purpose","name","filter","any","boolean","intent_to_retain","Constraints","fields","limit_disclosure","enum","InputDescriptor","format","record","constraints","group","SubmissionRequirement","rule","from","from_nested","count","number","PresentationDefinition","input_descriptors","submission_requirements","RequestObject","iss","iat","exp","state","nonce","response_uri","response_type","literal","response_mode","client_id","client_id_scheme","scope","presentation_definition"],"sourceRoot":"../../../../src","sources":["credential/presentation/types.ts"],"mappings":"AACA,SAASA,QAAQ,QAAQ,oBAAoB;AAC7C,OAAO,KAAKC,CAAC,MAAM,KAAK;;AAExB;AACA;AACA;;AAOA,MAAMC,MAAM,GAAGD,CAAC,CAACE,MAAM,CAAC;EACtBC,IAAI,EAAEH,CAAC,CAACI,KAAK,CAACJ,CAAC,CAACK,MAAM,CAAC,CAAC,CAACC,GAAG,CAAC,CAAC,CAAC,CAAC;EAAE;EAClCC,EAAE,EAAEP,CAAC,CAACK,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAAE;EAC3BC,OAAO,EAAET,CAAC,CAACK,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAAE;EAChCE,IAAI,EAAEV,CAAC,CAACK,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAAE;EAC7BG,MAAM,EAAEX,CAAC,CAACY,GAAG,CAAC,CAAC,CAACJ,QAAQ,CAAC,CAAC;EAAE;EAC5BA,QAAQ,EAAER,CAAC,CAACa,OAAO,CAAC,CAAC,CAACL,QAAQ,CAAC,CAAC;EAAE;EAClCM,gBAAgB,EAAEd,CAAC,CAACa,OAAO,CAAC,CAAC,CAACL,QAAQ,CAAC,CAAC,CAAE;AAC5C,CAAC,CAAC;;AAEF;AACA,MAAMO,WAAW,GAAGf,CAAC,CAACE,MAAM,CAAC;EAC3Bc,MAAM,EAAEhB,CAAC,CAACI,KAAK,CAACH,MAAM,CAAC,CAACO,QAAQ,CAAC,CAAC;EAAE;EACpCS,gBAAgB,EAAEjB,CAAC,CAACkB,IAAI,CAAC,CAAC,UAAU,EAAE,WAAW,CAAC,CAAC,CAACV,QAAQ,CAAC,CAAC,CAAE;AAClE,CAAC,CAAC;;AAEF;;AAEA,OAAO,MAAMW,eAAe,GAAGnB,CAAC,CAACE,MAAM,CAAC;EACtCK,EAAE,EAAEP,CAAC,CAACK,MAAM,CAAC,CAAC,CAACC,GAAG,CAAC,CAAC,CAAC;EAAE;EACvBI,IAAI,EAAEV,CAAC,CAACK,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAAE;EAC7BC,OAAO,EAAET,CAAC,CAACK,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAAE;EAChCY,MAAM,EAAEpB,CAAC,CAACqB,MAAM,CAACrB,CAAC,CAACK,MAAM,CAAC,CAAC,EAAEL,CAAC,CAACY,GAAG,CAAC,CAAC,CAAC,CAACJ,QAAQ,CAAC,CAAC;EAAE;EAClDc,WAAW,EAAEP,WAAW;EAAE;EAC1BQ,KAAK,EAAEvB,CAAC,CAACK,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC,CAAE;AAChC,CAAC,CAAC;;AAEF,MAAMgB,qBAAqB,GAAGxB,CAAC,CAACE,MAAM,CAAC;EACrCQ,IAAI,EAAEV,CAAC,CAACK,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAC3BC,OAAO,EAAET,CAAC,CAACK,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAC9BiB,IAAI,EAAEzB,CAAC,CAACK,MAAM,CAAC,CAAC;EAAE;EAClBqB,IAAI,EAAE1B,CAAC,CAACK,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAAE;EAC7BmB,WAAW,EAAE3B,CAAC,CACXI,KAAK,CACJJ,CAAC,CAACE,MAAM,CAAC;IACPQ,IAAI,EAAEV,CAAC,CAACK,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;IAC3BC,OAAO,EAAET,CAAC,CAACK,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;IAC9BiB,IAAI,EAAEzB,CAAC,CAACK,MAAM,CAAC,CAAC;IAChBqB,IAAI,EAAE1B,CAAC,CAACK,MAAM,CAAC;EACjB,CAAC,CACH,CAAC,CACAG,QAAQ,CAAC,CAAC;EACboB,KAAK,EAAE5B,CAAC,CAAC6B,MAAM,CAAC,CAAC,CAACrB,QAAQ,CAAC;EAC3B;AACF,CAAC,CAAC;;AAGF,OAAO,MAAMsB,sBAAsB,GAAG9B,CAAC,CAACE,MAAM,CAAC;EAC7CK,EAAE,EAAEP,CAAC,CAACK,MAAM,CAAC,CAAC;EACdK,IAAI,EAAEV,CAAC,CAACK,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAC3BC,OAAO,EAAET,CAAC,CAACK,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAC9BuB,iBAAiB,EAAE/B,CAAC,CAACI,KAAK,CAACe,eAAe,CAAC;EAC3Ca,uBAAuB,EAAEhC,CAAC,CAACI,KAAK,CAACoB,qBAAqB,CAAC,CAAChB,QAAQ,CAAC;AACnE,CAAC,CAAC;AAGF,OAAO,MAAMyB,aAAa,GAAGjC,CAAC,CAACE,MAAM,CAAC;EACpCgC,GAAG,EAAElC,CAAC,CAACK,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAAE;EAC5B2B,GAAG,EAAEpC,QAAQ,CAACS,QAAQ,CAAC,CAAC;EACxB4B,GAAG,EAAErC,QAAQ,CAACS,QAAQ,CAAC,CAAC;EACxB6B,KAAK,EAAErC,CAAC,CAACK,MAAM,CAAC,CAAC;EACjBiC,KAAK,EAAEtC,CAAC,CAACK,MAAM,CAAC,CAAC;EACjBkC,YAAY,EAAEvC,CAAC,CAACK,MAAM,CAAC,CAAC;EACxBmC,aAAa,EAAExC,CAAC,CAACyC,OAAO,CAAC,UAAU,CAAC;EACpCC,aAAa,EAAE1C,CAAC,CAACkB,IAAI,CAAC,CAAC,iBAAiB,EAAE,aAAa,CAAC,CAAC;EACzDyB,SAAS,EAAE3C,CAAC,CAACK,MAAM,CAAC,CAAC;EACrBuC,gBAAgB,EAAE5C,CAAC,CAACK,MAAM,CAAC,CAAC;EAAE;EAC9BwC,KAAK,EAAE7C,CAAC,CAACK,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAC5BsC,uBAAuB,EAAEhB,sBAAsB,CAACtB,QAAQ,CAAC;AAC3D,CAAC,CAAC"}
+{"version":3,"names":["UnixTime","z","JWKS","Fields","object","path","array","string","min","id","optional","purpose","name","filter","any","boolean","intent_to_retain","Constraints","fields","limit_disclosure","enum","InputDescriptor","format","record","constraints","group","SubmissionRequirement","rule","from","from_nested","count","number","PresentationDefinition","input_descriptors","submission_requirements","RequestObject","iss","iat","exp","state","nonce","response_uri","response_type","literal","response_mode","client_id","client_id_scheme","client_metadata","jwks_uri","jwks","scope","presentation_definition"],"sourceRoot":"../../../../src","sources":["credential/presentation/types.ts"],"mappings":"AACA,SAASA,QAAQ,QAAQ,oBAAoB;AAC7C,OAAO,KAAKC,CAAC,MAAM,KAAK;AACxB,SAASC,IAAI,QAAQ,iBAAiB;;AAEtC;AACA;AACA;;AAOA,MAAMC,MAAM,GAAGF,CAAC,CAACG,MAAM,CAAC;EACtBC,IAAI,EAAEJ,CAAC,CAACK,KAAK,CAACL,CAAC,CAACM,MAAM,CAAC,CAAC,CAACC,GAAG,CAAC,CAAC,CAAC,CAAC;EAAE;EAClCC,EAAE,EAAER,CAAC,CAACM,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAAE;EAC3BC,OAAO,EAAEV,CAAC,CAACM,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAAE;EAChCE,IAAI,EAAEX,CAAC,CAACM,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAAE;EAC7BG,MAAM,EAAEZ,CAAC,CAACa,GAAG,CAAC,CAAC,CAACJ,QAAQ,CAAC,CAAC;EAAE;EAC5BA,QAAQ,EAAET,CAAC,CAACc,OAAO,CAAC,CAAC,CAACL,QAAQ,CAAC,CAAC;EAAE;EAClCM,gBAAgB,EAAEf,CAAC,CAACc,OAAO,CAAC,CAAC,CAACL,QAAQ,CAAC,CAAC,CAAE;AAC5C,CAAC,CAAC;;AAEF;AACA,MAAMO,WAAW,GAAGhB,CAAC,CAACG,MAAM,CAAC;EAC3Bc,MAAM,EAAEjB,CAAC,CAACK,KAAK,CAACH,MAAM,CAAC,CAACO,QAAQ,CAAC,CAAC;EAAE;EACpCS,gBAAgB,EAAElB,CAAC,CAACmB,IAAI,CAAC,CAAC,UAAU,EAAE,WAAW,CAAC,CAAC,CAACV,QAAQ,CAAC,CAAC,CAAE;AAClE,CAAC,CAAC;;AAEF;;AAEA,OAAO,MAAMW,eAAe,GAAGpB,CAAC,CAACG,MAAM,CAAC;EACtCK,EAAE,EAAER,CAAC,CAACM,MAAM,CAAC,CAAC,CAACC,GAAG,CAAC,CAAC,CAAC;EAAE;EACvBI,IAAI,EAAEX,CAAC,CAACM,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAAE;EAC7BC,OAAO,EAAEV,CAAC,CAACM,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAAE;EAChCY,MAAM,EAAErB,CAAC,CAACsB,MAAM,CAACtB,CAAC,CAACM,MAAM,CAAC,CAAC,EAAEN,CAAC,CAACa,GAAG,CAAC,CAAC,CAAC,CAACJ,QAAQ,CAAC,CAAC;EAAE;EAClDc,WAAW,EAAEP,WAAW;EAAE;EAC1BQ,KAAK,EAAExB,CAAC,CAACM,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC,CAAE;AAChC,CAAC,CAAC;;AAEF,MAAMgB,qBAAqB,GAAGzB,CAAC,CAACG,MAAM,CAAC;EACrCQ,IAAI,EAAEX,CAAC,CAACM,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAC3BC,OAAO,EAAEV,CAAC,CAACM,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAC9BiB,IAAI,EAAE1B,CAAC,CAACM,MAAM,CAAC,CAAC;EAAE;EAClBqB,IAAI,EAAE3B,CAAC,CAACM,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAAE;EAC7BmB,WAAW,EAAE5B,CAAC,CACXK,KAAK,CACJL,CAAC,CAACG,MAAM,CAAC;IACPQ,IAAI,EAAEX,CAAC,CAACM,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;IAC3BC,OAAO,EAAEV,CAAC,CAACM,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;IAC9BiB,IAAI,EAAE1B,CAAC,CAACM,MAAM,CAAC,CAAC;IAChBqB,IAAI,EAAE3B,CAAC,CAACM,MAAM,CAAC;EACjB,CAAC,CACH,CAAC,CACAG,QAAQ,CAAC,CAAC;EACboB,KAAK,EAAE7B,CAAC,CAAC8B,MAAM,CAAC,CAAC,CAACrB,QAAQ,CAAC;EAC3B;AACF,CAAC,CAAC;;AAGF,OAAO,MAAMsB,sBAAsB,GAAG/B,CAAC,CAACG,MAAM,CAAC;EAC7CK,EAAE,EAAER,CAAC,CAACM,MAAM,CAAC,CAAC;EACdK,IAAI,EAAEX,CAAC,CAACM,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAC3BC,OAAO,EAAEV,CAAC,CAACM,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAC9BuB,iBAAiB,EAAEhC,CAAC,CAACK,KAAK,CAACe,eAAe,CAAC;EAC3Ca,uBAAuB,EAAEjC,CAAC,CAACK,KAAK,CAACoB,qBAAqB,CAAC,CAAChB,QAAQ,CAAC;AACnE,CAAC,CAAC;AAGF,OAAO,MAAMyB,aAAa,GAAGlC,CAAC,CAACG,MAAM,CAAC;EACpCgC,GAAG,EAAEnC,CAAC,CAACM,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAAE;EAC5B2B,GAAG,EAAErC,QAAQ,CAACU,QAAQ,CAAC,CAAC;EACxB4B,GAAG,EAAEtC,QAAQ,CAACU,QAAQ,CAAC,CAAC;EACxB6B,KAAK,EAAEtC,CAAC,CAACM,MAAM,CAAC,CAAC;EACjBiC,KAAK,EAAEvC,CAAC,CAACM,MAAM,CAAC,CAAC;EACjBkC,YAAY,EAAExC,CAAC,CAACM,MAAM,CAAC,CAAC;EACxBmC,aAAa,EAAEzC,CAAC,CAAC0C,OAAO,CAAC,UAAU,CAAC;EACpCC,aAAa,EAAE3C,CAAC,CAACmB,IAAI,CAAC,CAAC,iBAAiB,EAAE,aAAa,CAAC,CAAC;EACzDyB,SAAS,EAAE5C,CAAC,CAACM,MAAM,CAAC,CAAC;EACrBuC,gBAAgB,EAAE7C,CAAC,CAACM,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAAE;EACzCqC,eAAe,EAAE9C,CAAC,CACfG,MAAM,CAAC;IACN4C,QAAQ,EAAE/C,CAAC,CAACM,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;IAC/BuC,IAAI,EAAE/C,IAAI,CAACQ,QAAQ,CAAC;EACtB,CAAC,CAAC,CACDA,QAAQ,CAAC,CAAC;EAAE;EACfwC,KAAK,EAAEjD,CAAC,CAACM,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAC5ByC,uBAAuB,EAAEnB,sBAAsB,CAACtB,QAAQ,CAAC;AAC3D,CAAC,CAAC"}

package/lib/module/utils/crypto.js

@@ -2,6 +2,8 @@ import { getPublicKey, sign, generate, deleteKey } from "@pagopa/io-react-native
 import uuid from "react-native-uuid";
 import { thumbprint } from "@pagopa/io-react-native-jwt";
 import { fixBase64EncodingOnKey } from "./jwk";
+import { X509, KEYUTIL, RSAKey, KJUR } from "jsrsasign";
+import { JWK } from "./jwk";
 
 /**
  * Create a CryptoContext bound to a key pair.
@@ -54,4 +56,40 @@ export const withEphemeralKey = async fn => {
   const ephemeralContext = createCryptoContextFor(keytag);
   return fn(ephemeralContext).finally(() => deleteKey(keytag));
 };
+
+/**
+ * Converts a certificate string to PEM format.
+ *
+ * @param certificate - The certificate string.
+ * @returns The PEM-formatted certificate.
+ */
+export const convertCertToPem = certificate => `-----BEGIN CERTIFICATE-----\n${certificate}\n-----END CERTIFICATE-----`;
+
+/**
+ * Parses the public key from a PEM-formatted certificate.
+ *
+ * @param pemCert - The PEM-formatted certificate.
+ * @returns The public key object.
+ * @throws Will throw an error if the public key is unsupported.
+ */
+export const parsePublicKey = pemCert => {
+  const x509 = new X509();
+  x509.readCertPEM(pemCert);
+  const publicKey = x509.getPublicKey();
+  if (publicKey instanceof RSAKey || publicKey instanceof KJUR.crypto.ECDSA) {
+    return publicKey;
+  }
+  return undefined;
+};
+
+/**
+ * Retrieves the signing JWK from the public key.
+ *
+ * @param publicKey - The public key object.
+ * @returns The signing JWK.
+ */
+export const getSigningJwk = publicKey => ({
+  ...JWK.parse(KEYUTIL.getJWKFromKey(publicKey)),
+  use: "sig"
+});
 //# sourceMappingURL=crypto.js.map

package/lib/module/utils/crypto.js.map

@@ -1 +1 @@
-{"version":3,"names":["getPublicKey","sign","generate","deleteKey","uuid","thumbprint","fixBase64EncodingOnKey","createCryptoContextFor","keytag","then","jwk","kid","getSignature","value","withEphemeralKey","fn","v4","ephemeralContext","finally"],"sourceRoot":"../../../src","sources":["utils/crypto.ts"],"mappings":"AAAA,SACEA,YAAY,EACZC,IAAI,EACJC,QAAQ,EACRC,SAAS,QACJ,gCAAgC;AACvC,OAAOC,IAAI,MAAM,mBAAmB;AACpC,SAASC,UAAU,QAA4B,6BAA6B;AAC5E,SAASC,sBAAsB,QAAQ,OAAO;;AAE9C;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMC,sBAAsB,GAAIC,MAAc,IAAoB;EACvE,OAAO;IACL;AACJ;AACA;AACA;AACA;IACI,MAAMR,YAAYA,CAAA,EAAG;MACnB,OAAOA,YAAY,CAACQ,MAAM,CAAC,CACxBC,IAAI,CAACH,sBAAsB,CAAC,CAC5BG,IAAI,CAAC,MAAOC,GAAG,KAAM;QACpB,GAAGA,GAAG;QACN;QACA;QACA;QACA;QACAC,GAAG,EAAE,MAAMN,UAAU,CAACK,GAAG;MAC3B,CAAC,CAAC,CAAC;IACP,CAAC;IACD;AACJ;AACA;AACA;AACA;AACA;IACI,MAAME,YAAYA,CAACC,KAAa,EAAE;MAChC,OAAOZ,IAAI,CAACY,KAAK,EAAEL,MAAM,CAAC;IAC5B;EACF,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMM,gBAAgB,GAAG,MAC9BC,EAAmD,IACpC;EACf;EACA,MAAMP,MAAM,GAAI,aAAYJ,IAAI,CAACY,EAAE,CAAC,CAAE,EAAC;EACvC,MAAMd,QAAQ,CAACM,MAAM,CAAC;EACtB,MAAMS,gBAAgB,GAAGV,sBAAsB,CAACC,MAAM,CAAC;EACvD,OAAOO,EAAE,CAACE,gBAAgB,CAAC,CAACC,OAAO,CAAC,MAAMf,SAAS,CAACK,MAAM,CAAC,CAAC;AAC9D,CAAC"}
+{"version":3,"names":["getPublicKey","sign","generate","deleteKey","uuid","thumbprint","fixBase64EncodingOnKey","X509","KEYUTIL","RSAKey","KJUR","JWK","createCryptoContextFor","keytag","then","jwk","kid","getSignature","value","withEphemeralKey","fn","v4","ephemeralContext","finally","convertCertToPem","certificate","parsePublicKey","pemCert","x509","readCertPEM","publicKey","crypto","ECDSA","undefined","getSigningJwk","parse","getJWKFromKey","use"],"sourceRoot":"../../../src","sources":["utils/crypto.ts"],"mappings":"AAAA,SACEA,YAAY,EACZC,IAAI,EACJC,QAAQ,EACRC,SAAS,QACJ,gCAAgC;AACvC,OAAOC,IAAI,MAAM,mBAAmB;AACpC,SAASC,UAAU,QAA4B,6BAA6B;AAC5E,SAASC,sBAAsB,QAAQ,OAAO;AAC9C,SAASC,IAAI,EAAEC,OAAO,EAAEC,MAAM,EAAEC,IAAI,QAAQ,WAAW;AACvD,SAASC,GAAG,QAAQ,OAAO;;AAE3B;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMC,sBAAsB,GAAIC,MAAc,IAAoB;EACvE,OAAO;IACL;AACJ;AACA;AACA;AACA;IACI,MAAMb,YAAYA,CAAA,EAAG;MACnB,OAAOA,YAAY,CAACa,MAAM,CAAC,CACxBC,IAAI,CAACR,sBAAsB,CAAC,CAC5BQ,IAAI,CAAC,MAAOC,GAAG,KAAM;QACpB,GAAGA,GAAG;QACN;QACA;QACA;QACA;QACAC,GAAG,EAAE,MAAMX,UAAU,CAACU,GAAG;MAC3B,CAAC,CAAC,CAAC;IACP,CAAC;IACD;AACJ;AACA;AACA;AACA;AACA;IACI,MAAME,YAAYA,CAACC,KAAa,EAAE;MAChC,OAAOjB,IAAI,CAACiB,KAAK,EAAEL,MAAM,CAAC;IAC5B;EACF,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMM,gBAAgB,GAAG,MAC9BC,EAAmD,IACpC;EACf;EACA,MAAMP,MAAM,GAAI,aAAYT,IAAI,CAACiB,EAAE,CAAC,CAAE,EAAC;EACvC,MAAMnB,QAAQ,CAACW,MAAM,CAAC;EACtB,MAAMS,gBAAgB,GAAGV,sBAAsB,CAACC,MAAM,CAAC;EACvD,OAAOO,EAAE,CAACE,gBAAgB,CAAC,CAACC,OAAO,CAAC,MAAMpB,SAAS,CAACU,MAAM,CAAC,CAAC;AAC9D,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMW,gBAAgB,GAAIC,WAAmB,IACjD,gCAA+BA,WAAY,6BAA4B;;AAE1E;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMC,cAAc,GACzBC,OAAe,IAC4B;EAC3C,MAAMC,IAAI,GAAG,IAAIrB,IAAI,CAAC,CAAC;EACvBqB,IAAI,CAACC,WAAW,CAACF,OAAO,CAAC;EACzB,MAAMG,SAAS,GAAGF,IAAI,CAAC5B,YAAY,CAAC,CAAC;EAErC,IAAI8B,SAAS,YAAYrB,MAAM,IAAIqB,SAAS,YAAYpB,IAAI,CAACqB,MAAM,CAACC,KAAK,EAAE;IACzE,OAAOF,SAAS;EAClB;EAEA,OAAOG,SAAS;AAClB,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMC,aAAa,GAAIJ,SAAqC,KAAW;EAC5E,GAAGnB,GAAG,CAACwB,KAAK,CAAC3B,OAAO,CAAC4B,aAAa,CAACN,SAAS,CAAC,CAAC;EAC9CO,GAAG,EAAE;AACP,CAAC,CAAC"}

package/lib/typescript/credential/presentation/01-start-flow.d.ts

@@ -6,15 +6,15 @@
  * @returns The url for the Relying Party to connect with
  */
 export type StartFlow<T extends Array<unknown> = []> = (...args: T) => {
-    requestURI: string;
+    requestUri: string;
     clientId: string;
 };
 /**
- * Start a presentation flow by decoding an incoming QR-code
+ * Start a presentation flow by decoding the parameters needed to start the presentation flow.
  *
  * @param qrcode The encoded QR-code content
  * @returns The url for the Relying Party to connect with
  * @throws If the provided qr code fails to be decoded
  */
-export declare const startFlowFromQR: StartFlow<[string]>;
+export declare const startFlowFromQR: StartFlow<[string, string]>;
 //# sourceMappingURL=01-start-flow.d.ts.map

package/lib/typescript/credential/presentation/01-start-flow.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"01-start-flow.d.ts","sourceRoot":"","sources":["../../../../src/credential/presentation/01-start-flow.ts"],"names":[],"mappings":"AAUA;;;;;;GAMG;AACH,MAAM,MAAM,SAAS,CAAC,CAAC,SAAS,KAAK,CAAC,OAAO,CAAC,GAAG,EAAE,IAAI,CAAC,GAAG,IAAI,EAAE,CAAC,KAAK;IACrE,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;CAClB,CAAC;AAEF;;;;;;GAMG;AACH,eAAO,MAAM,eAAe,EAAE,SAAS,CAAC,CAAC,MAAM,CAAC,CA+B/C,CAAC"}
+{"version":3,"file":"01-start-flow.d.ts","sourceRoot":"","sources":["../../../../src/credential/presentation/01-start-flow.ts"],"names":[],"mappings":"AAQA;;;;;;GAMG;AACH,MAAM,MAAM,SAAS,CAAC,CAAC,SAAS,KAAK,CAAC,OAAO,CAAC,GAAG,EAAE,IAAI,CAAC,GAAG,IAAI,EAAE,CAAC,KAAK;IACrE,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;CAClB,CAAC;AAEF;;;;;;GAMG;AACH,eAAO,MAAM,eAAe,EAAE,SAAS,CAAC,CAAC,MAAM,EAAE,MAAM,CAAC,CAiBvD,CAAC"}

package/lib/typescript/credential/presentation/03-get-request-object.d.ts

@@ -1,7 +1,7 @@
 import { type CryptoContext } from "@pagopa/io-react-native-jwt";
 import { type Out } from "../../utils/misc";
 import type { StartFlow } from "./01-start-flow";
-export type GetRequestObject = (requestUri: Out<StartFlow>["requestURI"], context: {
+export type GetRequestObject = (requestUri: Out<StartFlow>["requestUri"], context: {
     wiaCryptoContext: CryptoContext;
     appFetch?: GlobalFetch["fetch"];
     walletInstanceAttestation: string;

package/lib/typescript/credential/presentation/04-retrieve-rp-jwks.d.ts

@@ -11,15 +11,22 @@ export type FetchJwks<T extends Array<unknown> = []> = (...args: T) => Promise<{
     keys: JWK[];
 }>;
 /**
- * Retrieves the JSON Web Key Set (JWKS) from the specified client's well-known endpoint.
- * It is formed using `{issUrl.base}/.well-known/jar-issuer${issUrl.pah}` as explained in SD-JWT VC issuer metadata section
+ * Fetches the JSON Web Key Set (JWKS) based on the provided Request Object encoded as a JWT.
+ * The retrieval process follows these steps in order:
  *
- * @param requestObjectEncodedJwt - Request Object in JWT format.
- * @param options - Optional context containing a custom fetch implementation.
- * @param options.context - Optional context object.
- * @param options.context.appFetch - Optional custom fetch function to use instead of the global `fetch`.
- * @returns A promise resolving to an object containing an array of JWKs.
- * @throws Will throw an error if the JWKS retrieval fails.
+ * 1. **Direct JWK Retrieval**: If the JWT's protected header contains a `jwk` attribute, it uses this key directly.
+ * 2. **X.509 Certificate Retrieval**: If the protected header includes an `x5c` attribute, it extracts the JWKs from the provided X.509 certificate chain.
+ * 3. **Issuer's Well-Known Endpoint**: If neither `jwk` nor `x5c` are present, it constructs the JWKS URL using the issuer (`iss`) claim and fetches the keys from the issuer's well-known JWKS endpoint.
+ *
+ * The JWKS URL is constructed in the format `{issUrl.base}/.well-known/jar-issuer${issUrl.path}`,
+ * as detailed in the SD-JWT VC issuer metadata specification.
+ *
+ * @param requestObjectEncodedJwt - The Request Object encoded as a JWT.
+ * @param options - Optional parameters for fetching the JWKS.
+ * @param options.context - Optional context providing a custom fetch implementation.
+ * @param options.context.appFetch - A custom fetch function to replace the global `fetch` if provided.
+ * @returns A promise that resolves to an object containing an array of JSON Web Keys (JWKs).
+ * @throws {NoSuitableKeysFoundInEntityConfiguration} Throws an error if JWKS retrieval or key extraction fails.
  */
 export declare const fetchJwksFromRequestObject: FetchJwks<[
     string,

package/lib/typescript/credential/presentation/04-retrieve-rp-jwks.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"04-retrieve-rp-jwks.d.ts","sourceRoot":"","sources":["../../../../src/credential/presentation/04-retrieve-rp-jwks.ts"],"names":[],"mappings":"AAAA,OAAO,EAAQ,GAAG,EAAE,MAAM,iBAAiB,CAAC;AAE5C,OAAO,EAAE,+BAA+B,EAAE,MAAM,0BAA0B,CAAC;AAI3E;;;;;;GAMG;AACH,MAAM,MAAM,SAAS,CAAC,CAAC,SAAS,KAAK,CAAC,OAAO,CAAC,GAAG,EAAE,IAAI,CAAC,GAAG,IAAI,EAAE,CAAC,KAAK,OAAO,CAAC;IAC7E,IAAI,EAAE,GAAG,EAAE,CAAC;CACb,CAAC,CAAC;AAEH;;;;;;;;;;GAUG;AACH,eAAO,MAAM,0BAA0B,EAAE,SAAS,CAChD;IAAC,MAAM;IAAE;QAAE,OAAO,CAAC,EAAE;YAAE,QAAQ,CAAC,EAAE,WAAW,CAAC,OAAO,CAAC,CAAA;SAAE,CAAA;KAAE,CAAC;CAAC,CAqC7D,CAAC;AAEF;;;;;;GAMG;AACH,eAAO,MAAM,mBAAmB,EAAE,SAAS,CACzC;IAAC,+BAA+B,CAAC,SAAS,CAAC,CAAC,UAAU,CAAC;CAAC,CAWzD,CAAC"}
+{"version":3,"file":"04-retrieve-rp-jwks.d.ts","sourceRoot":"","sources":["../../../../src/credential/presentation/04-retrieve-rp-jwks.ts"],"names":[],"mappings":"AAAA,OAAO,EAAQ,GAAG,EAAE,MAAM,iBAAiB,CAAC;AAE5C,OAAO,EAAE,+BAA+B,EAAE,MAAM,0BAA0B,CAAC;AAU3E;;;;;;GAMG;AACH,MAAM,MAAM,SAAS,CAAC,CAAC,SAAS,KAAK,CAAC,OAAO,CAAC,GAAG,EAAE,IAAI,CAAC,GAAG,IAAI,EAAE,CAAC,KAAK,OAAO,CAAC;IAC7E,IAAI,EAAE,GAAG,EAAE,CAAC;CACb,CAAC,CAAC;AA+DH;;;;;;;;;;;;;;;;;GAiBG;AACH,eAAO,MAAM,0BAA0B,EAAE,SAAS,CAChD;IAAC,MAAM;IAAE;QAAE,OAAO,CAAC,EAAE;YAAE,QAAQ,CAAC,EAAE,WAAW,CAAC,OAAO,CAAC,CAAA;SAAE,CAAA;KAAE,CAAC;CAAC,CAmD7D,CAAC;AAEF;;;;;;GAMG;AACH,eAAO,MAAM,mBAAmB,EAAE,SAAS,CACzC;IAAC,+BAA+B,CAAC,SAAS,CAAC,CAAC,UAAU,CAAC;CAAC,CAWzD,CAAC"}

package/lib/typescript/credential/presentation/05-verify-request-object.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"05-verify-request-object.d.ts","sourceRoot":"","sources":["../../../../src/credential/presentation/05-verify-request-object.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AACxC,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AACvD,OAAO,EAAE,KAAK,GAAG,EAAE,MAAM,kBAAkB,CAAC;AAE5C,MAAM,MAAM,4BAA4B,GAAG,CACzC,uBAAuB,EAAE,MAAM,EAC/B,OAAO,CAAC,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC,KAC7B,OAAO,CAAC;IAAE,aAAa,EAAE,aAAa,CAAA;CAAE,CAAC,CAAC;AAE/C,eAAO,MAAM,4BAA4B,EAAE,4BAsBxC,CAAC"}
+{"version":3,"file":"05-verify-request-object.d.ts","sourceRoot":"","sources":["../../../../src/credential/presentation/05-verify-request-object.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AACxC,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AACvD,OAAO,EAAE,KAAK,GAAG,EAAE,MAAM,kBAAkB,CAAC;AAE5C,MAAM,MAAM,4BAA4B,GAAG,CACzC,uBAAuB,EAAE,MAAM,EAC/B,OAAO,CAAC,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC,KAC7B,OAAO,CAAC;IAAE,aAAa,EAAE,aAAa,CAAA;CAAE,CAAC,CAAC;AAE/C,eAAO,MAAM,4BAA4B,EAAE,4BAuBxC,CAAC"}