@pagopa/io-react-native-wallet 1.2.3 → 1.3.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (82) hide show
  1. package/lib/commonjs/credential/issuance/03-start-user-authorization.js +3 -0
  2. package/lib/commonjs/credential/issuance/03-start-user-authorization.js.map +1 -1
  3. package/lib/commonjs/credential/presentation/01-start-flow.js +12 -28
  4. package/lib/commonjs/credential/presentation/01-start-flow.js.map +1 -1
  5. package/lib/commonjs/credential/presentation/04-retrieve-rp-jwks.js +96 -24
  6. package/lib/commonjs/credential/presentation/04-retrieve-rp-jwks.js.map +1 -1
  7. package/lib/commonjs/credential/presentation/05-verify-request-object.js +7 -2
  8. package/lib/commonjs/credential/presentation/05-verify-request-object.js.map +1 -1
  9. package/lib/commonjs/credential/presentation/07-evaluate-input-descriptor.js +9 -5
  10. package/lib/commonjs/credential/presentation/07-evaluate-input-descriptor.js.map +1 -1
  11. package/lib/commonjs/credential/presentation/08-send-authorization-response.js +20 -16
  12. package/lib/commonjs/credential/presentation/08-send-authorization-response.js.map +1 -1
  13. package/lib/commonjs/credential/presentation/README.md +4 -4
  14. package/lib/commonjs/credential/presentation/errors.js +2 -19
  15. package/lib/commonjs/credential/presentation/errors.js.map +1 -1
  16. package/lib/commonjs/credential/presentation/types.js +9 -1
  17. package/lib/commonjs/credential/presentation/types.js.map +1 -1
  18. package/lib/commonjs/entity/trust/chain.js.map +1 -1
  19. package/lib/commonjs/utils/crypto.js +41 -1
  20. package/lib/commonjs/utils/crypto.js.map +1 -1
  21. package/lib/commonjs/utils/decoder.js.map +1 -1
  22. package/lib/module/credential/issuance/03-start-user-authorization.js +3 -0
  23. package/lib/module/credential/issuance/03-start-user-authorization.js.map +1 -1
  24. package/lib/module/credential/presentation/01-start-flow.js +12 -28
  25. package/lib/module/credential/presentation/01-start-flow.js.map +1 -1
  26. package/lib/module/credential/presentation/04-retrieve-rp-jwks.js +96 -24
  27. package/lib/module/credential/presentation/04-retrieve-rp-jwks.js.map +1 -1
  28. package/lib/module/credential/presentation/05-verify-request-object.js +7 -2
  29. package/lib/module/credential/presentation/05-verify-request-object.js.map +1 -1
  30. package/lib/module/credential/presentation/07-evaluate-input-descriptor.js +9 -5
  31. package/lib/module/credential/presentation/07-evaluate-input-descriptor.js.map +1 -1
  32. package/lib/module/credential/presentation/08-send-authorization-response.js +18 -14
  33. package/lib/module/credential/presentation/08-send-authorization-response.js.map +1 -1
  34. package/lib/module/credential/presentation/README.md +4 -4
  35. package/lib/module/credential/presentation/errors.js +0 -16
  36. package/lib/module/credential/presentation/errors.js.map +1 -1
  37. package/lib/module/credential/presentation/types.js +9 -1
  38. package/lib/module/credential/presentation/types.js.map +1 -1
  39. package/lib/module/entity/trust/chain.js.map +1 -1
  40. package/lib/module/utils/crypto.js +38 -0
  41. package/lib/module/utils/crypto.js.map +1 -1
  42. package/lib/module/utils/decoder.js +0 -1
  43. package/lib/module/utils/decoder.js.map +1 -1
  44. package/lib/module/utils/jwk.js.map +1 -1
  45. package/lib/typescript/credential/issuance/03-start-user-authorization.d.ts.map +1 -1
  46. package/lib/typescript/credential/presentation/01-start-flow.d.ts +3 -3
  47. package/lib/typescript/credential/presentation/01-start-flow.d.ts.map +1 -1
  48. package/lib/typescript/credential/presentation/03-get-request-object.d.ts +1 -1
  49. package/lib/typescript/credential/presentation/04-retrieve-rp-jwks.d.ts +15 -8
  50. package/lib/typescript/credential/presentation/04-retrieve-rp-jwks.d.ts.map +1 -1
  51. package/lib/typescript/credential/presentation/05-verify-request-object.d.ts.map +1 -1
  52. package/lib/typescript/credential/presentation/07-evaluate-input-descriptor.d.ts +3 -2
  53. package/lib/typescript/credential/presentation/07-evaluate-input-descriptor.d.ts.map +1 -1
  54. package/lib/typescript/credential/presentation/08-send-authorization-response.d.ts +5 -5
  55. package/lib/typescript/credential/presentation/08-send-authorization-response.d.ts.map +1 -1
  56. package/lib/typescript/credential/presentation/errors.d.ts +0 -11
  57. package/lib/typescript/credential/presentation/errors.d.ts.map +1 -1
  58. package/lib/typescript/credential/presentation/types.d.ts +252 -3
  59. package/lib/typescript/credential/presentation/types.d.ts.map +1 -1
  60. package/lib/typescript/entity/trust/chain.d.ts +1 -1
  61. package/lib/typescript/entity/trust/chain.d.ts.map +1 -1
  62. package/lib/typescript/utils/crypto.d.ts +24 -0
  63. package/lib/typescript/utils/crypto.d.ts.map +1 -1
  64. package/lib/typescript/utils/decoder.d.ts +1 -1
  65. package/lib/typescript/utils/decoder.d.ts.map +1 -1
  66. package/lib/typescript/utils/jwk.d.ts +2 -0
  67. package/lib/typescript/utils/jwk.d.ts.map +1 -1
  68. package/package.json +4 -2
  69. package/src/credential/issuance/03-start-user-authorization.ts +3 -0
  70. package/src/credential/presentation/01-start-flow.ts +16 -32
  71. package/src/credential/presentation/03-get-request-object.ts +1 -1
  72. package/src/credential/presentation/04-retrieve-rp-jwks.ts +122 -34
  73. package/src/credential/presentation/05-verify-request-object.ts +4 -3
  74. package/src/credential/presentation/07-evaluate-input-descriptor.ts +20 -6
  75. package/src/credential/presentation/08-send-authorization-response.ts +25 -17
  76. package/src/credential/presentation/README.md +4 -4
  77. package/src/credential/presentation/errors.ts +0 -16
  78. package/src/credential/presentation/types.ts +10 -1
  79. package/src/entity/trust/chain.ts +1 -2
  80. package/src/utils/crypto.ts +43 -0
  81. package/src/utils/decoder.ts +1 -1
  82. package/src/utils/jwk.ts +3 -1
package/lib/commonjs/credential/issuance/03-start-user-authorization.js CHANGED
@@ -68,6 +68,9 @@ const startUserAuthorization = async (issuerConf, credentialType, ctx) => {
68
68
  appFetch = fetch
69
69
  } = ctx;
70
70
  const clientId = await wiaCryptoContext.getPublicKey().then(_ => _.kid);
71
+ if (!clientId) {
72
+ throw new Error("No public key found");
73
+ }
71
74
  const codeVerifier = (0, _misc.generateRandomAlphaNumericString)(64);
72
75
  const parEndpoint = issuerConf.pushed_authorization_request_endpoint;
73
76
  const credentialDefinition = selectCredentialDefinition(issuerConf, credentialType);
package/lib/commonjs/credential/issuance/03-start-user-authorization.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["_misc","require","_par","selectCredentialDefinition","issuerConf","credentialType","credential_configurations_supported","credential","Error","result","credential_configuration_id","format","type","selectResponseMode","responseMode","startUserAuthorization","ctx","wiaCryptoContext","walletInstanceAttestation","redirectUri","appFetch","fetch","clientId","getPublicKey","then","_","kid","codeVerifier","generateRandomAlphaNumericString","parEndpoint","pushed_authorization_request_endpoint","credentialDefinition","getPar","makeParRequest","issuerRequestUri","exports"],"sourceRoot":"../../../../src","sources":["credential/issuance/03-start-user-authorization.ts"],"mappings":";;;;;;AAEA,IAAAA,KAAA,GAAAC,OAAA;AAEA,IAAAC,IAAA,GAAAD,OAAA;AAmBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAME,0BAA0B,GAAGA,CACjCC,UAA8C,EAC9CC,cAAgD,KACxB;EACxB,MAAMC,mCAAmC,GACvCF,UAAU,CAACE,mCAAmC;EAEhD,MAAMC,UAAU,GAAGD,mCAAmC,CAACD,cAAc,CAAC;EAEtE,IAAI,CAACE,UAAU,EAAE;IACf,MAAM,IAAIC,KAAK,CAAE,mCAAkCH,cAAe,GAAE,CAAC;EACvE;EAEA,MAAMI,MAAM,GAAG;IACbC,2BAA2B,EAAEL,cAAc;IAC3CM,MAAM,EAAEJ,UAAU,CAACI,MAAM;IACzBC,IAAI,EAAE;EACR,CAAC;EAED,OAAOH,MAAM;AACf,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA,MAAMI,kBAAkB,GACtBR,cAAgD,IAC/B;EACjB,MAAMS,YAAY,GAChBT,cAAc,KAAK,6BAA6B,GAC5C,OAAO,GACP,eAAe;EAErB,OAAOS,YAAY;AACrB,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMC,sBAA8C,GAAG,MAAAA,CAC5DX,UAAU,EACVC,cAAc,EACdW,GAAG,KACA;EACH,MAAM;IACJC,gBAAgB;IAChBC,yBAAyB;IACzBC,WAAW;IACXC,QAAQ,GAAGC;EACb,CAAC,GAAGL,GAAG;EAEP,MAAMM,QAAQ,GAAG,MAAML,gBAAgB,CAACM,YAAY,CAAC,CAAC,CAACC,IAAI,CAAEC,CAAC,IAAKA,CAAC,CAACC,GAAG,CAAC;EACzE,MAAMC,YAAY,GAAG,IAAAC,sCAAgC,EAAC,EAAE,CAAC;EACzD,MAAMC,WAAW,GAAGzB,UAAU,CAAC0B,qCAAqC;EACpE,MAAMC,oBAAoB,GAAG5B,0BAA0B,CACrDC,UAAU,EACVC,cACF,CAAC;EACD,MAAMS,YAAY,GAAGD,kBAAkB,CAACR,cAAc,CAAC;EAEvD,MAAM2B,MAAM,GAAG,IAAAC,mBAAc,EAAC;IAAEhB,gBAAgB;IAAEG;EAAS,CAAC,CAAC;EAC7D,MAAMc,gBAAgB,GAAG,MAAMF,MAAM,CACnCV,QAAQ,EACRK,YAAY,EACZR,WAAW,EACXL,YAAY,EACZe,WAAW,EACXX,yBAAyB,EACzB,CAACa,oBAAoB,CACvB,CAAC;EAED,OAAO;IAAEG,gBAAgB;IAAEZ,QAAQ;IAAEK,YAAY;IAAEI;EAAqB,CAAC;AAC3E,CAAC;AAACI,OAAA,CAAApB,sBAAA,GAAAA,sBAAA"}
1
+ {"version":3,"names":["_misc","require","_par","selectCredentialDefinition","issuerConf","credentialType","credential_configurations_supported","credential","Error","result","credential_configuration_id","format","type","selectResponseMode","responseMode","startUserAuthorization","ctx","wiaCryptoContext","walletInstanceAttestation","redirectUri","appFetch","fetch","clientId","getPublicKey","then","_","kid","codeVerifier","generateRandomAlphaNumericString","parEndpoint","pushed_authorization_request_endpoint","credentialDefinition","getPar","makeParRequest","issuerRequestUri","exports"],"sourceRoot":"../../../../src","sources":["credential/issuance/03-start-user-authorization.ts"],"mappings":";;;;;;AAEA,IAAAA,KAAA,GAAAC,OAAA;AAEA,IAAAC,IAAA,GAAAD,OAAA;AAmBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAME,0BAA0B,GAAGA,CACjCC,UAA8C,EAC9CC,cAAgD,KACxB;EACxB,MAAMC,mCAAmC,GACvCF,UAAU,CAACE,mCAAmC;EAEhD,MAAMC,UAAU,GAAGD,mCAAmC,CAACD,cAAc,CAAC;EAEtE,IAAI,CAACE,UAAU,EAAE;IACf,MAAM,IAAIC,KAAK,CAAE,mCAAkCH,cAAe,GAAE,CAAC;EACvE;EAEA,MAAMI,MAAM,GAAG;IACbC,2BAA2B,EAAEL,cAAc;IAC3CM,MAAM,EAAEJ,UAAU,CAACI,MAAM;IACzBC,IAAI,EAAE;EACR,CAAC;EAED,OAAOH,MAAM;AACf,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA,MAAMI,kBAAkB,GACtBR,cAAgD,IAC/B;EACjB,MAAMS,YAAY,GAChBT,cAAc,KAAK,6BAA6B,GAC5C,OAAO,GACP,eAAe;EAErB,OAAOS,YAAY;AACrB,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMC,sBAA8C,GAAG,MAAAA,CAC5DX,UAAU,EACVC,cAAc,EACdW,GAAG,KACA;EACH,MAAM;IACJC,gBAAgB;IAChBC,yBAAyB;IACzBC,WAAW;IACXC,QAAQ,GAAGC;EACb,CAAC,GAAGL,GAAG;EAEP,MAAMM,QAAQ,GAAG,MAAML,gBAAgB,CAACM,YAAY,CAAC,CAAC,CAACC,IAAI,CAAEC,CAAC,IAAKA,CAAC,CAACC,GAAG,CAAC;EACzE,IAAI,CAACJ,QAAQ,EAAE;IACb,MAAM,IAAId,KAAK,CAAC,qBAAqB,CAAC;EACxC;EACA,MAAMmB,YAAY,GAAG,IAAAC,sCAAgC,EAAC,EAAE,CAAC;EACzD,MAAMC,WAAW,GAAGzB,UAAU,CAAC0B,qCAAqC;EACpE,MAAMC,oBAAoB,GAAG5B,0BAA0B,CACrDC,UAAU,EACVC,cACF,CAAC;EACD,MAAMS,YAAY,GAAGD,kBAAkB,CAACR,cAAc,CAAC;EAEvD,MAAM2B,MAAM,GAAG,IAAAC,mBAAc,EAAC;IAAEhB,gBAAgB;IAAEG;EAAS,CAAC,CAAC;EAC7D,MAAMc,gBAAgB,GAAG,MAAMF,MAAM,CACnCV,QAAQ,EACRK,YAAY,EACZR,WAAW,EACXL,YAAY,EACZe,WAAW,EACXX,yBAAyB,EACzB,CAACa,oBAAoB,CACvB,CAAC;EAED,OAAO;IAAEG,gBAAgB;IAAEZ,QAAQ;IAAEK,YAAY;IAAEI;EAAqB,CAAC;AAC3E,CAAC;AAACI,OAAA,CAAApB,sBAAA,GAAAA,sBAAA"}
package/lib/commonjs/credential/presentation/01-start-flow.js CHANGED
@@ -5,15 +5,12 @@ Object.defineProperty(exports, "__esModule", {
5
5
  });
6
6
  exports.startFlowFromQR = void 0;
7
7
  var z = _interopRequireWildcard(require("zod"));
8
- var _errors = require("./errors");
8
+ var _errors = require("../../utils/errors");
9
9
  function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
10
10
  function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
11
- const QRCodePayload = z.object({
12
- protocol: z.string(),
13
- resource: z.string(),
14
- // TODO: refine to known paths using literals
15
- clientId: z.string(),
16
- requestURI: z.string()
11
+ const PresentationParams = z.object({
12
+ clientId: z.string().nonempty(),
13
+ requestUri: z.string().url()
17
14
  });
18
15
 
19
16
  /**
@@ -25,37 +22,24 @@ const QRCodePayload = z.object({
25
22
  */
26
23
 
27
24
  /**
28
- * Start a presentation flow by decoding an incoming QR-code
25
+ * Start a presentation flow by decoding the parameters needed to start the presentation flow.
29
26
  *
30
27
  * @param qrcode The encoded QR-code content
31
28
  * @returns The url for the Relying Party to connect with
32
29
  * @throws If the provided qr code fails to be decoded
33
30
  */
34
- const startFlowFromQR = qrcode => {
35
- let decodedUrl;
36
- try {
37
- var _originalQrCode$;
38
- // splitting qrcode to identify which is link format
39
- const originalQrCode = qrcode.split("://");
40
- const replacedQrcode = (_originalQrCode$ = originalQrCode[1]) !== null && _originalQrCode$ !== void 0 && _originalQrCode$.startsWith("?") ? qrcode.replace(`${originalQrCode[0]}://`, "https://wallet.example/") : qrcode;
41
- decodedUrl = new URL(replacedQrcode);
42
- } catch (error) {
43
- throw new _errors.InvalidQRCodeError(`Failed to decode QR code: ${qrcode}`);
44
- }
45
- const protocol = decodedUrl.protocol;
46
- const resource = decodedUrl.hostname;
47
- const requestURI = decodedUrl.searchParams.get("request_uri");
48
- const clientId = decodedUrl.searchParams.get("client_id");
49
- const result = QRCodePayload.safeParse({
50
- protocol,
51
- resource,
52
- requestURI,
31
+ const startFlowFromQR = (requestUri, clientId) => {
32
+ const result = PresentationParams.safeParse({
33
+ requestUri,
53
34
  clientId
54
35
  });
55
36
  if (result.success) {
56
37
  return result.data;
57
38
  } else {
58
- throw new _errors.InvalidQRCodeError(`${result.error.message}, ${decodedUrl}`);
39
+ throw new _errors.ValidationFailed({
40
+ message: "Invalid parameters provided",
41
+ reason: result.error.message
42
+ });
59
43
  }
60
44
  };
61
45
  exports.startFlowFromQR = startFlowFromQR;
package/lib/commonjs/credential/presentation/01-start-flow.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["z","_interopRequireWildcard","require","_errors","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","QRCodePayload","object","protocol","string","resource","clientId","requestURI","startFlowFromQR","qrcode","decodedUrl","_originalQrCode$","originalQrCode","split","replacedQrcode","startsWith","replace","URL","error","InvalidQRCodeError","hostname","searchParams","result","safeParse","success","data","message","exports"],"sourceRoot":"../../../../src","sources":["credential/presentation/01-start-flow.ts"],"mappings":";;;;;;AAAA,IAAAA,CAAA,GAAAC,uBAAA,CAAAC,OAAA;AACA,IAAAC,OAAA,GAAAD,OAAA;AAA8C,SAAAE,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAJ,wBAAAQ,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAE9C,MAAMW,aAAa,GAAG1B,CAAC,CAAC2B,MAAM,CAAC;EAC7BC,QAAQ,EAAE5B,CAAC,CAAC6B,MAAM,CAAC,CAAC;EACpBC,QAAQ,EAAE9B,CAAC,CAAC6B,MAAM,CAAC,CAAC;EAAE;EACtBE,QAAQ,EAAE/B,CAAC,CAAC6B,MAAM,CAAC,CAAC;EACpBG,UAAU,EAAEhC,CAAC,CAAC6B,MAAM,CAAC;AACvB,CAAC,CAAC;;AAEF;AACA;AACA;AACA;AACA;AACA;AACA;;AAMA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMI,eAAoC,GAAIC,MAAM,IAAK;EAC9D,IAAIC,UAAe;EACnB,IAAI;IAAA,IAAAC,gBAAA;IACF;IACA,MAAMC,cAAc,GAAGH,MAAM,CAACI,KAAK,CAAC,KAAK,CAAC;IAC1C,MAAMC,cAAc,GAAG,CAAAH,gBAAA,GAAAC,cAAc,CAAC,CAAC,CAAC,cAAAD,gBAAA,eAAjBA,gBAAA,CAAmBI,UAAU,CAAC,GAAG,CAAC,GACrDN,MAAM,CAACO,OAAO,CAAE,GAAEJ,cAAc,CAAC,CAAC,CAAE,KAAI,EAAE,yBAAyB,CAAC,GACpEH,MAAM;IAEVC,UAAU,GAAG,IAAIO,GAAG,CAACH,cAAc,CAAC;EACtC,CAAC,CAAC,OAAOI,KAAK,EAAE;IACd,MAAM,IAAIC,0BAAkB,CAAE,8BAA6BV,MAAO,EAAC,CAAC;EACtE;EAEA,MAAMN,QAAQ,GAAGO,UAAU,CAACP,QAAQ;EACpC,MAAME,QAAQ,GAAGK,UAAU,CAACU,QAAQ;EACpC,MAAMb,UAAU,GAAGG,UAAU,CAACW,YAAY,CAAChC,GAAG,CAAC,aAAa,CAAC;EAC7D,MAAMiB,QAAQ,GAAGI,UAAU,CAACW,YAAY,CAAChC,GAAG,CAAC,WAAW,CAAC;EAEzD,MAAMiC,MAAM,GAAGrB,aAAa,CAACsB,SAAS,CAAC;IACrCpB,QAAQ;IACRE,QAAQ;IACRE,UAAU;IACVD;EACF,CAAC,CAAC;EAEF,IAAIgB,MAAM,CAACE,OAAO,EAAE;IAClB,OAAOF,MAAM,CAACG,IAAI;EACpB,CAAC,MAAM;IACL,MAAM,IAAIN,0BAAkB,CAAE,GAAEG,MAAM,CAACJ,KAAK,CAACQ,OAAQ,KAAIhB,UAAW,EAAC,CAAC;EACxE;AACF,CAAC;AAACiB,OAAA,CAAAnB,eAAA,GAAAA,eAAA"}
1
+ {"version":3,"names":["z","_interopRequireWildcard","require","_errors","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","PresentationParams","object","clientId","string","nonempty","requestUri","url","startFlowFromQR","result","safeParse","success","data","ValidationFailed","message","reason","error","exports"],"sourceRoot":"../../../../src","sources":["credential/presentation/01-start-flow.ts"],"mappings":";;;;;;AAAA,IAAAA,CAAA,GAAAC,uBAAA,CAAAC,OAAA;AACA,IAAAC,OAAA,GAAAD,OAAA;AAAsD,SAAAE,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAJ,wBAAAQ,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAEtD,MAAMW,kBAAkB,GAAG1B,CAAC,CAAC2B,MAAM,CAAC;EAClCC,QAAQ,EAAE5B,CAAC,CAAC6B,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EAC/BC,UAAU,EAAE/B,CAAC,CAAC6B,MAAM,CAAC,CAAC,CAACG,GAAG,CAAC;AAC7B,CAAC,CAAC;;AAEF;AACA;AACA;AACA;AACA;AACA;AACA;;AAMA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMC,eAA4C,GAAGA,CAC1DF,UAAkB,EAClBH,QAAgB,KACb;EACH,MAAMM,MAAM,GAAGR,kBAAkB,CAACS,SAAS,CAAC;IAC1CJ,UAAU;IACVH;EACF,CAAC,CAAC;EAEF,IAAIM,MAAM,CAACE,OAAO,EAAE;IAClB,OAAOF,MAAM,CAACG,IAAI;EACpB,CAAC,MAAM;IACL,MAAM,IAAIC,wBAAgB,CAAC;MACzBC,OAAO,EAAE,6BAA6B;MACtCC,MAAM,EAAEN,MAAM,CAACO,KAAK,CAACF;IACvB,CAAC,CAAC;EACJ;AACF,CAAC;AAACG,OAAA,CAAAT,eAAA,GAAAA,eAAA"}
package/lib/commonjs/credential/presentation/04-retrieve-rp-jwks.js CHANGED
@@ -8,6 +8,8 @@ var _jwk = require("../../utils/jwk");
8
8
  var _misc = require("../../utils/misc");
9
9
  var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
10
10
  var _errors = require("./errors");
11
+ var _types = require("./types");
12
+ var _crypto = require("../../utils/crypto");
11
13
  /**
12
14
  * Defines the signature for a function that retrieves JSON Web Key Sets (JWKS) from a client.
13
15
  *
@@ -17,15 +19,68 @@ var _errors = require("./errors");
17
19
  */
18
20
 
19
21
  /**
20
- * Retrieves the JSON Web Key Set (JWKS) from the specified client's well-known endpoint.
21
- * It is formed using `{issUrl.base}/.well-known/jar-issuer${issUrl.pah}` as explained in SD-JWT VC issuer metadata section
22
+ * Fetches and parses JWKS from a given URI.
22
23
  *
23
- * @param requestObjectEncodedJwt - Request Object in JWT format.
24
- * @param options - Optional context containing a custom fetch implementation.
25
- * @param options.context - Optional context object.
26
- * @param options.context.appFetch - Optional custom fetch function to use instead of the global `fetch`.
27
- * @returns A promise resolving to an object containing an array of JWKs.
28
- * @throws Will throw an error if the JWKS retrieval fails.
24
+ * @param jwksUri - The JWKS URI.
25
+ * @param fetchFn - The fetch function to use.
26
+ * @returns An array of JWKs.
27
+ */
28
+ const fetchJwksFromUri = async (jwksUri, appFetch) => {
29
+ const jwks = await appFetch(jwksUri, {
30
+ method: "GET"
31
+ }).then((0, _misc.hasStatusOrThrow)(200)).then(raw => raw.json()).then(json => json.jwks ? _jwk.JWKS.parse(json.jwks) : _jwk.JWKS.parse(json));
32
+ return jwks.keys;
33
+ };
34
+
35
+ /**
36
+ * Retrieves JWKS when the client ID scheme includes x509 SAN DNS.
37
+ *
38
+ * @param decodedJwt - The decoded JWT.
39
+ * @param fetchFn - The fetch function to use.
40
+ * @returns An array of JWKs.
41
+ * @throws Will throw an error if no suitable keys are found.
42
+ */
43
+ const getJwksFromX509Cert = async certChain => {
44
+ if (!Array.isArray(certChain) || certChain.length === 0 || !certChain[0]) {
45
+ throw new _errors.NoSuitableKeysFoundInEntityConfiguration("No RP encrypt key found!");
46
+ }
47
+ const pemCert = (0, _crypto.convertCertToPem)(certChain[0]);
48
+ const publicKey = (0, _crypto.parsePublicKey)(pemCert);
49
+ if (!publicKey) {
50
+ throw new _errors.NoSuitableKeysFoundInEntityConfiguration("Unsupported public key type.");
51
+ }
52
+ const signingJwk = (0, _crypto.getSigningJwk)(publicKey);
53
+ return [signingJwk];
54
+ };
55
+
56
+ /**
57
+ * Constructs the well-known JWKS URL based on the issuer claim.
58
+ *
59
+ * @param issuer - The issuer URL.
60
+ * @returns The well-known JWKS URL.
61
+ */
62
+ const constructWellKnownJwksUrl = issuer => {
63
+ const issuerUrl = new URL(issuer);
64
+ return new URL(`/.well-known/jar-issuer${issuerUrl.pathname}`, `${issuerUrl.protocol}//${issuerUrl.host}`).toString();
65
+ };
66
+
67
+ /**
68
+ * Fetches the JSON Web Key Set (JWKS) based on the provided Request Object encoded as a JWT.
69
+ * The retrieval process follows these steps in order:
70
+ *
71
+ * 1. **Direct JWK Retrieval**: If the JWT's protected header contains a `jwk` attribute, it uses this key directly.
72
+ * 2. **X.509 Certificate Retrieval**: If the protected header includes an `x5c` attribute, it extracts the JWKs from the provided X.509 certificate chain.
73
+ * 3. **Issuer's Well-Known Endpoint**: If neither `jwk` nor `x5c` are present, it constructs the JWKS URL using the issuer (`iss`) claim and fetches the keys from the issuer's well-known JWKS endpoint.
74
+ *
75
+ * The JWKS URL is constructed in the format `{issUrl.base}/.well-known/jar-issuer${issUrl.path}`,
76
+ * as detailed in the SD-JWT VC issuer metadata specification.
77
+ *
78
+ * @param requestObjectEncodedJwt - The Request Object encoded as a JWT.
79
+ * @param options - Optional parameters for fetching the JWKS.
80
+ * @param options.context - Optional context providing a custom fetch implementation.
81
+ * @param options.context.appFetch - A custom fetch function to replace the global `fetch` if provided.
82
+ * @returns A promise that resolves to an object containing an array of JSON Web Keys (JWKs).
83
+ * @throws {NoSuitableKeysFoundInEntityConfiguration} Throws an error if JWKS retrieval or key extraction fails.
29
84
  */
30
85
  const fetchJwksFromRequestObject = async function (requestObjectEncodedJwt) {
31
86
  var _requestObjectJwt$pro, _requestObjectJwt$pay;
@@ -36,29 +91,46 @@ const fetchJwksFromRequestObject = async function (requestObjectEncodedJwt) {
36
91
  appFetch = fetch
37
92
  } = context;
38
93
  const requestObjectJwt = (0, _ioReactNativeJwt.decode)(requestObjectEncodedJwt);
94
+ const jwks = [];
39
95
 
40
96
  // 1. check if request object jwt contains the 'jwk' attribute
41
97
  if ((_requestObjectJwt$pro = requestObjectJwt.protectedHeader) !== null && _requestObjectJwt$pro !== void 0 && _requestObjectJwt$pro.jwk) {
42
- return {
43
- keys: [_jwk.JWK.parse(requestObjectJwt.protectedHeader.jwk)]
44
- };
98
+ const keys = [_jwk.JWK.parse(requestObjectJwt.protectedHeader.jwk)];
99
+ jwks.push(...keys);
100
+ }
101
+
102
+ // 2. check if request object jwt contains the 'x5c' attribute
103
+ if (requestObjectJwt.protectedHeader.x5c) {
104
+ const keys = await getJwksFromX509Cert(requestObjectJwt.protectedHeader.x5c);
105
+ jwks.push(...keys);
45
106
  }
46
107
 
47
- // 2. According to Potential profile, retrieve from RP endpoint using iss claim
48
- const issClaimValue = (_requestObjectJwt$pay = requestObjectJwt.payload) === null || _requestObjectJwt$pay === void 0 ? void 0 : _requestObjectJwt$pay.iss;
49
- if (issClaimValue) {
50
- const issUrl = new URL(issClaimValue);
51
- const wellKnownUrl = new URL(`/.well-known/jar-issuer${issUrl.pathname}`, `${issUrl.protocol}//${issUrl.host}`).toString();
108
+ // 3. check if client_metadata contains the 'jwks' or 'jwks_uri' attribute
109
+ const requestObject = _types.RequestObject.parse(requestObjectJwt.payload);
110
+ const {
111
+ client_metadata
112
+ } = requestObject;
113
+ if (client_metadata !== null && client_metadata !== void 0 && client_metadata.jwks_uri) {
114
+ const fetchedJwks = await fetchJwksFromUri(new URL(client_metadata.jwks_uri).toString(), appFetch);
115
+ jwks.push(...fetchedJwks);
116
+ }
117
+ if (client_metadata !== null && client_metadata !== void 0 && client_metadata.jwks) {
118
+ jwks.push(...client_metadata.jwks.keys);
119
+ }
52
120
 
53
- // Fetches the JWKS from a specific endpoint of the entity's well-known configuration
54
- const jwks = await appFetch(wellKnownUrl, {
55
- method: "GET"
56
- }).then((0, _misc.hasStatusOrThrow)(200)).then(raw => raw.json()).then(json => _jwk.JWKS.parse(json.jwks));
57
- return {
58
- keys: jwks.keys
59
- };
121
+ // 3. According to Potential profile, retrieve from RP endpoint using iss claim
122
+ const issuer = (_requestObjectJwt$pay = requestObjectJwt.payload) === null || _requestObjectJwt$pay === void 0 ? void 0 : _requestObjectJwt$pay.iss;
123
+ if (jwks.length === 0 && typeof issuer === "string") {
124
+ const wellKnownJwksUrl = constructWellKnownJwksUrl(issuer);
125
+ const jwksKeys = await fetchJwksFromUri(wellKnownJwksUrl, appFetch);
126
+ jwks.push(...jwksKeys);
60
127
  }
61
- throw new _errors.NoSuitableKeysFoundInEntityConfiguration("Request Object signature verification");
128
+ if (jwks.length === 0) {
129
+ throw new _errors.NoSuitableKeysFoundInEntityConfiguration("Request Object signature verification");
130
+ }
131
+ return {
132
+ keys: jwks
133
+ };
62
134
  };
63
135
 
64
136
  /**
package/lib/commonjs/credential/presentation/04-retrieve-rp-jwks.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["_jwk","require","_misc","_ioReactNativeJwt","_errors","fetchJwksFromRequestObject","requestObjectEncodedJwt","_requestObjectJwt$pro","_requestObjectJwt$pay","context","arguments","length","undefined","appFetch","fetch","requestObjectJwt","decodeJwt","protectedHeader","jwk","keys","JWK","parse","issClaimValue","payload","iss","issUrl","URL","wellKnownUrl","pathname","protocol","host","toString","jwks","method","then","hasStatusOrThrow","raw","json","JWKS","NoSuitableKeysFoundInEntityConfiguration","exports","fetchJwksFromConfig","rpConfig","wallet_relying_party","Array","isArray","Error"],"sourceRoot":"../../../../src","sources":["credential/presentation/04-retrieve-rp-jwks.ts"],"mappings":";;;;;;AAAA,IAAAA,IAAA,GAAAC,OAAA;AACA,IAAAC,KAAA,GAAAD,OAAA;AAEA,IAAAE,iBAAA,GAAAF,OAAA;AACA,IAAAG,OAAA,GAAAH,OAAA;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;;AAKA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMI,0BAEZ,GAAG,eAAAA,CAAOC,uBAAuB,EAA4B;EAAA,IAAAC,qBAAA,EAAAC,qBAAA;EAAA,IAA1B;IAAEC,OAAO,GAAG,CAAC;EAAE,CAAC,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EACvD,MAAM;IAAEG,QAAQ,GAAGC;EAAM,CAAC,GAAGL,OAAO;EACpC,MAAMM,gBAAgB,GAAG,IAAAC,wBAAS,EAACV,uBAAuB,CAAC;;EAE3D;EACA,KAAAC,qBAAA,GAAIQ,gBAAgB,CAACE,eAAe,cAAAV,qBAAA,eAAhCA,qBAAA,CAAkCW,GAAG,EAAE;IACzC,OAAO;MACLC,IAAI,EAAE,CAACC,QAAG,CAACC,KAAK,CAACN,gBAAgB,CAACE,eAAe,CAACC,GAAG,CAAC;IACxD,CAAC;EACH;;EAEA;EACA,MAAMI,aAAa,IAAAd,qBAAA,GAAGO,gBAAgB,CAACQ,OAAO,cAAAf,qBAAA,uBAAxBA,qBAAA,CAA0BgB,GAAa;EAC7D,IAAIF,aAAa,EAAE;IACjB,MAAMG,MAAM,GAAG,IAAIC,GAAG,CAACJ,aAAa,CAAC;IACrC,MAAMK,YAAY,GAAG,IAAID,GAAG,CACzB,0BAAyBD,MAAM,CAACG,QAAS,EAAC,EAC1C,GAAEH,MAAM,CAACI,QAAS,KAAIJ,MAAM,CAACK,IAAK,EACrC,CAAC,CAACC,QAAQ,CAAC,CAAC;;IAEZ;IACA,MAAMC,IAAI,GAAG,MAAMnB,QAAQ,CAACc,YAAY,EAAE;MACxCM,MAAM,EAAE;IACV,CAAC,CAAC,CACCC,IAAI,CAAC,IAAAC,sBAAgB,EAAC,GAAG,CAAC,CAAC,CAC3BD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBH,IAAI,CAAEG,IAAI,IAAKC,SAAI,CAACjB,KAAK,CAACgB,IAAI,CAACL,IAAI,CAAC,CAAC;IAExC,OAAO;MACLb,IAAI,EAAEa,IAAI,CAACb;IACb,CAAC;EACH;EAEA,MAAM,IAAIoB,gDAAwC,CAChD,uCACF,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AANAC,OAAA,CAAAnC,0BAAA,GAAAA,0BAAA;AAOO,MAAMoC,mBAEZ,GAAG,MAAOC,QAAQ,IAAK;EACtB,MAAMV,IAAI,GAAGU,QAAQ,CAACC,oBAAoB,CAACX,IAAI;EAE/C,IAAI,CAACA,IAAI,IAAI,CAACY,KAAK,CAACC,OAAO,CAACb,IAAI,CAACb,IAAI,CAAC,EAAE;IACtC,MAAM,IAAI2B,KAAK,CAAC,gDAAgD,CAAC;EACnE;EAEA,OAAO;IACL3B,IAAI,EAAEa,IAAI,CAACb;EACb,CAAC;AACH,CAAC;AAACqB,OAAA,CAAAC,mBAAA,GAAAA,mBAAA"}
1
+ {"version":3,"names":["_jwk","require","_misc","_ioReactNativeJwt","_errors","_types","_crypto","fetchJwksFromUri","jwksUri","appFetch","jwks","method","then","hasStatusOrThrow","raw","json","JWKS","parse","keys","getJwksFromX509Cert","certChain","Array","isArray","length","NoSuitableKeysFoundInEntityConfiguration","pemCert","convertCertToPem","publicKey","parsePublicKey","signingJwk","getSigningJwk","constructWellKnownJwksUrl","issuer","issuerUrl","URL","pathname","protocol","host","toString","fetchJwksFromRequestObject","requestObjectEncodedJwt","_requestObjectJwt$pro","_requestObjectJwt$pay","context","arguments","undefined","fetch","requestObjectJwt","decodeJwt","protectedHeader","jwk","JWK","push","x5c","requestObject","RequestObject","payload","client_metadata","jwks_uri","fetchedJwks","iss","wellKnownJwksUrl","jwksKeys","exports","fetchJwksFromConfig","rpConfig","wallet_relying_party","Error"],"sourceRoot":"../../../../src","sources":["credential/presentation/04-retrieve-rp-jwks.ts"],"mappings":";;;;;;AAAA,IAAAA,IAAA,GAAAC,OAAA;AACA,IAAAC,KAAA,GAAAD,OAAA;AAEA,IAAAE,iBAAA,GAAAF,OAAA;AACA,IAAAG,OAAA,GAAAH,OAAA;AACA,IAAAI,MAAA,GAAAJ,OAAA;AACA,IAAAK,OAAA,GAAAL,OAAA;AAMA;AACA;AACA;AACA;AACA;AACA;AACA;;AAKA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMM,gBAAgB,GAAG,MAAAA,CACvBC,OAAe,EACfC,QAA8B,KACX;EACnB,MAAMC,IAAI,GAAG,MAAMD,QAAQ,CAACD,OAAO,EAAE;IACnCG,MAAM,EAAE;EACV,CAAC,CAAC,CACCC,IAAI,CAAC,IAAAC,sBAAgB,EAAC,GAAG,CAAC,CAAC,CAC3BD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBH,IAAI,CAAEG,IAAI,IAAMA,IAAI,CAACL,IAAI,GAAGM,SAAI,CAACC,KAAK,CAACF,IAAI,CAACL,IAAI,CAAC,GAAGM,SAAI,CAACC,KAAK,CAACF,IAAI,CAAE,CAAC;EACzE,OAAOL,IAAI,CAACQ,IAAI;AAClB,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMC,mBAAmB,GAAG,MAAOC,SAAmB,IAAqB;EACzE,IAAI,CAACC,KAAK,CAACC,OAAO,CAACF,SAAS,CAAC,IAAIA,SAAS,CAACG,MAAM,KAAK,CAAC,IAAI,CAACH,SAAS,CAAC,CAAC,CAAC,EAAE;IACxE,MAAM,IAAII,gDAAwC,CAChD,0BACF,CAAC;EACH;EAEA,MAAMC,OAAO,GAAG,IAAAC,wBAAgB,EAACN,SAAS,CAAC,CAAC,CAAC,CAAC;EAC9C,MAAMO,SAAS,GAAG,IAAAC,sBAAc,EAACH,OAAO,CAAC;EACzC,IAAI,CAACE,SAAS,EAAE;IACd,MAAM,IAAIH,gDAAwC,CAChD,8BACF,CAAC;EACH;EACA,MAAMK,UAAU,GAAG,IAAAC,qBAAa,EAACH,SAAS,CAAC;EAE3C,OAAO,CAACE,UAAU,CAAC;AACrB,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA,MAAME,yBAAyB,GAAIC,MAAc,IAAa;EAC5D,MAAMC,SAAS,GAAG,IAAIC,GAAG,CAACF,MAAM,CAAC;EACjC,OAAO,IAAIE,GAAG,CACX,0BAAyBD,SAAS,CAACE,QAAS,EAAC,EAC7C,GAAEF,SAAS,CAACG,QAAS,KAAIH,SAAS,CAACI,IAAK,EAC3C,CAAC,CAACC,QAAQ,CAAC,CAAC;AACd,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMC,0BAEZ,GAAG,eAAAA,CAAOC,uBAAuB,EAA4B;EAAA,IAAAC,qBAAA,EAAAC,qBAAA;EAAA,IAA1B;IAAEC,OAAO,GAAG,CAAC;EAAE,CAAC,GAAAC,SAAA,CAAArB,MAAA,QAAAqB,SAAA,QAAAC,SAAA,GAAAD,SAAA,MAAG,CAAC,CAAC;EACvD,MAAM;IAAEnC,QAAQ,GAAGqC;EAAM,CAAC,GAAGH,OAAO;EACpC,MAAMI,gBAAgB,GAAG,IAAAC,wBAAS,EAACR,uBAAuB,CAAC;EAC3D,MAAM9B,IAAW,GAAG,EAAE;;EAEtB;EACA,KAAA+B,qBAAA,GAAIM,gBAAgB,CAACE,eAAe,cAAAR,qBAAA,eAAhCA,qBAAA,CAAkCS,GAAG,EAAE;IACzC,MAAMhC,IAAI,GAAG,CAACiC,QAAG,CAAClC,KAAK,CAAC8B,gBAAgB,CAACE,eAAe,CAACC,GAAG,CAAC,CAAC;IAC9DxC,IAAI,CAAC0C,IAAI,CAAC,GAAGlC,IAAI,CAAC;EACpB;;EAEA;EACA,IAAI6B,gBAAgB,CAACE,eAAe,CAACI,GAAG,EAAE;IACxC,MAAMnC,IAAI,GAAG,MAAMC,mBAAmB,CACpC4B,gBAAgB,CAACE,eAAe,CAACI,GACnC,CAAC;IACD3C,IAAI,CAAC0C,IAAI,CAAC,GAAGlC,IAAI,CAAC;EACpB;;EAEA;EACA,MAAMoC,aAAa,GAAGC,oBAAa,CAACtC,KAAK,CAAC8B,gBAAgB,CAACS,OAAO,CAAC;EACnE,MAAM;IAAEC;EAAgB,CAAC,GAAGH,aAAa;EAEzC,IAAIG,eAAe,aAAfA,eAAe,eAAfA,eAAe,CAAEC,QAAQ,EAAE;IAC7B,MAAMC,WAAW,GAAG,MAAMpD,gBAAgB,CACxC,IAAI2B,GAAG,CAACuB,eAAe,CAACC,QAAQ,CAAC,CAACpB,QAAQ,CAAC,CAAC,EAC5C7B,QACF,CAAC;IACDC,IAAI,CAAC0C,IAAI,CAAC,GAAGO,WAAW,CAAC;EAC3B;EAEA,IAAIF,eAAe,aAAfA,eAAe,eAAfA,eAAe,CAAE/C,IAAI,EAAE;IACzBA,IAAI,CAAC0C,IAAI,CAAC,GAAGK,eAAe,CAAC/C,IAAI,CAACQ,IAAI,CAAC;EACzC;;EAEA;EACA,MAAMc,MAAM,IAAAU,qBAAA,GAAGK,gBAAgB,CAACS,OAAO,cAAAd,qBAAA,uBAAxBA,qBAAA,CAA0BkB,GAAG;EAC5C,IAAIlD,IAAI,CAACa,MAAM,KAAK,CAAC,IAAI,OAAOS,MAAM,KAAK,QAAQ,EAAE;IACnD,MAAM6B,gBAAgB,GAAG9B,yBAAyB,CAACC,MAAM,CAAC;IAC1D,MAAM8B,QAAQ,GAAG,MAAMvD,gBAAgB,CAACsD,gBAAgB,EAAEpD,QAAQ,CAAC;IACnEC,IAAI,CAAC0C,IAAI,CAAC,GAAGU,QAAQ,CAAC;EACxB;EAEA,IAAIpD,IAAI,CAACa,MAAM,KAAK,CAAC,EAAE;IACrB,MAAM,IAAIC,gDAAwC,CAChD,uCACF,CAAC;EACH;EAEA,OAAO;IAAEN,IAAI,EAAER;EAAK,CAAC;AACvB,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AANAqD,OAAA,CAAAxB,0BAAA,GAAAA,0BAAA;AAOO,MAAMyB,mBAEZ,GAAG,MAAOC,QAAQ,IAAK;EACtB,MAAMvD,IAAI,GAAGuD,QAAQ,CAACC,oBAAoB,CAACxD,IAAI;EAE/C,IAAI,CAACA,IAAI,IAAI,CAACW,KAAK,CAACC,OAAO,CAACZ,IAAI,CAACQ,IAAI,CAAC,EAAE;IACtC,MAAM,IAAIiD,KAAK,CAAC,gDAAgD,CAAC;EACnE;EAEA,OAAO;IACLjD,IAAI,EAAER,IAAI,CAACQ;EACb,CAAC;AACH,CAAC;AAAC6C,OAAA,CAAAC,mBAAA,GAAAA,mBAAA"}
package/lib/commonjs/credential/presentation/05-verify-request-object.js CHANGED
@@ -11,12 +11,17 @@ const verifyRequestObjectSignature = async (requestObjectEncodedJwt, jwkKeys) =>
11
11
  const requestObjectJwt = (0, _ioReactNativeJwt.decode)(requestObjectEncodedJwt);
12
12
 
13
13
  // verify token signature to ensure the request object is authentic
14
- const pubKey = jwkKeys === null || jwkKeys === void 0 ? void 0 : jwkKeys.find(_ref => {
14
+ const pubKey = (jwkKeys === null || jwkKeys === void 0 ? void 0 : jwkKeys.find(_ref => {
15
15
  let {
16
16
  kid
17
17
  } = _ref;
18
18
  return kid === requestObjectJwt.protectedHeader.kid;
19
- });
19
+ })) || (jwkKeys === null || jwkKeys === void 0 ? void 0 : jwkKeys.find(_ref2 => {
20
+ let {
21
+ use
22
+ } = _ref2;
23
+ return use === "sig";
24
+ }));
20
25
  if (!pubKey) {
21
26
  throw new _errors.UnverifiedEntityError("Request Object signature verification!");
22
27
  }
package/lib/commonjs/credential/presentation/05-verify-request-object.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["_errors","require","_ioReactNativeJwt","_types","verifyRequestObjectSignature","requestObjectEncodedJwt","jwkKeys","requestObjectJwt","decodeJwt","pubKey","find","_ref","kid","protectedHeader","UnverifiedEntityError","verify","requestObject","RequestObject","parse","payload","exp","Date","now","exports"],"sourceRoot":"../../../../src","sources":["credential/presentation/05-verify-request-object.ts"],"mappings":";;;;;;AAAA,IAAAA,OAAA,GAAAC,OAAA;AAEA,IAAAC,iBAAA,GAAAD,OAAA;AACA,IAAAE,MAAA,GAAAF,OAAA;AASO,MAAMG,4BAA0D,GACrE,MAAAA,CAAOC,uBAAuB,EAAEC,OAAO,KAAK;EAC1C,MAAMC,gBAAgB,GAAG,IAAAC,wBAAS,EAACH,uBAAuB,CAAC;;EAE3D;EACA,MAAMI,MAAM,GAAGH,OAAO,aAAPA,OAAO,uBAAPA,OAAO,CAAEI,IAAI,CAC1BC,IAAA;IAAA,IAAC;MAAEC;IAAI,CAAC,GAAAD,IAAA;IAAA,OAAKC,GAAG,KAAKL,gBAAgB,CAACM,eAAe,CAACD,GAAG;EAAA,CAC3D,CAAC;EAED,IAAI,CAACH,MAAM,EAAE;IACX,MAAM,IAAIK,6BAAqB,CAAC,wCAAwC,CAAC;EAC3E;EACA,MAAM,IAAAC,wBAAM,EAACV,uBAAuB,EAAEI,MAAM,CAAC;EAE7C,MAAMO,aAAa,GAAGC,oBAAa,CAACC,KAAK,CAACX,gBAAgB,CAACY,OAAO,CAAC;EACnE;EACA;EACA,IAAIH,aAAa,CAACI,GAAG,IAAIJ,aAAa,CAACI,GAAG,IAAIC,IAAI,CAACC,GAAG,CAAC,CAAC,GAAG,IAAI,EAAE;IAC/D,MAAM,IAAIR,6BAAqB,CAAC,4BAA4B,CAAC;EAC/D;EAEA,OAAO;IAAEE;EAAc,CAAC;AAC1B,CAAC;AAACO,OAAA,CAAAnB,4BAAA,GAAAA,4BAAA"}
1
+ {"version":3,"names":["_errors","require","_ioReactNativeJwt","_types","verifyRequestObjectSignature","requestObjectEncodedJwt","jwkKeys","requestObjectJwt","decodeJwt","pubKey","find","_ref","kid","protectedHeader","_ref2","use","UnverifiedEntityError","verify","requestObject","RequestObject","parse","payload","exp","Date","now","exports"],"sourceRoot":"../../../../src","sources":["credential/presentation/05-verify-request-object.ts"],"mappings":";;;;;;AAAA,IAAAA,OAAA,GAAAC,OAAA;AAEA,IAAAC,iBAAA,GAAAD,OAAA;AACA,IAAAE,MAAA,GAAAF,OAAA;AASO,MAAMG,4BAA0D,GACrE,MAAAA,CAAOC,uBAAuB,EAAEC,OAAO,KAAK;EAC1C,MAAMC,gBAAgB,GAAG,IAAAC,wBAAS,EAACH,uBAAuB,CAAC;;EAE3D;EACA,MAAMI,MAAM,GACV,CAAAH,OAAO,aAAPA,OAAO,uBAAPA,OAAO,CAAEI,IAAI,CACXC,IAAA;IAAA,IAAC;MAAEC;IAAI,CAAC,GAAAD,IAAA;IAAA,OAAKC,GAAG,KAAKL,gBAAgB,CAACM,eAAe,CAACD,GAAG;EAAA,CAC3D,CAAC,MAAIN,OAAO,aAAPA,OAAO,uBAAPA,OAAO,CAAEI,IAAI,CAACI,KAAA;IAAA,IAAC;MAAEC;IAAI,CAAC,GAAAD,KAAA;IAAA,OAAKC,GAAG,KAAK,KAAK;EAAA,EAAC;EAEhD,IAAI,CAACN,MAAM,EAAE;IACX,MAAM,IAAIO,6BAAqB,CAAC,wCAAwC,CAAC;EAC3E;EACA,MAAM,IAAAC,wBAAM,EAACZ,uBAAuB,EAAEI,MAAM,CAAC;EAE7C,MAAMS,aAAa,GAAGC,oBAAa,CAACC,KAAK,CAACb,gBAAgB,CAACc,OAAO,CAAC;EACnE;EACA;EACA,IAAIH,aAAa,CAACI,GAAG,IAAIJ,aAAa,CAACI,GAAG,IAAIC,IAAI,CAACC,GAAG,CAAC,CAAC,GAAG,IAAI,EAAE;IAC/D,MAAM,IAAIR,6BAAqB,CAAC,4BAA4B,CAAC;EAC/D;EAEA,OAAO;IAAEE;EAAc,CAAC;AAC1B,CAAC;AAACO,OAAA,CAAArB,4BAAA,GAAAA,4BAAA"}
package/lib/commonjs/credential/presentation/07-evaluate-input-descriptor.js CHANGED
@@ -89,8 +89,8 @@ const extractClaimName = path => {
89
89
  * - Validates whether required fields are present (unless marked optional)
90
90
  * and match any specified JSONPath.
91
91
  * - If a field includes a JSON Schema filter, validates the claim value against that schema.
92
- * - Enforces `limit_disclosure` rules by returning only disclosures matching the specified fields
93
- * if set to "required". Otherwise return the array of all disclosures.
92
+ * - Enforces `limit_disclosure` rules by returning only disclosures, required and optional, matching the specified fields
93
+ * if set to "required". Otherwise also return the array unrequestedDisclosures with disclosures which can be passed for a particular use case.
94
94
  * - Throws an error if a required field is invalid or missing.
95
95
  *
96
96
  * @param inputDescriptor - Describes constraints (fields, filters, etc.) that must be satisfied.
@@ -105,7 +105,8 @@ const evaluateInputDescriptorForSdJwt4VC = (inputDescriptor, payloadCredential,
105
105
  // No validation, all field are optional
106
106
  return {
107
107
  requiredDisclosures: [],
108
- optionalDisclosures: disclosures
108
+ optionalDisclosures: [],
109
+ unrequestedDisclosures: disclosures
109
110
  };
110
111
  }
111
112
  const requiredClaimNames = [];
@@ -157,12 +158,15 @@ const evaluateInputDescriptorForSdJwt4VC = (inputDescriptor, payloadCredential,
157
158
  }
158
159
 
159
160
  // Categorizes disclosures into required and optional based on claim names and disclosure constraints.
160
- const isNotLimitDisclosure = !(inputDescriptor.constraints.limit_disclosure === "required");
161
+
161
162
  const requiredDisclosures = disclosures.filter(disclosure => requiredClaimNames.includes(disclosure.decoded[INDEX_CLAIM_NAME]));
162
163
  const optionalDisclosures = disclosures.filter(disclosure => optionalClaimNames.includes(disclosure.decoded[INDEX_CLAIM_NAME]) || isNotLimitDisclosure && !requiredClaimNames.includes(disclosure.decoded[INDEX_CLAIM_NAME]));
164
+ const isNotLimitDisclosure = !(inputDescriptor.constraints.limit_disclosure === "required");
165
+ const unrequestedDisclosures = isNotLimitDisclosure ? disclosures.filter(disclosure => !optionalClaimNames.includes(disclosure.decoded[INDEX_CLAIM_NAME]) && !requiredClaimNames.includes(disclosure.decoded[INDEX_CLAIM_NAME])) : [];
163
166
  return {
164
167
  requiredDisclosures,
165
- optionalDisclosures
168
+ optionalDisclosures,
169
+ unrequestedDisclosures
166
170
  };
167
171
  };
168
172
  exports.evaluateInputDescriptorForSdJwt4VC = evaluateInputDescriptorForSdJwt4VC;
package/lib/commonjs/credential/presentation/07-evaluate-input-descriptor.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["_jsonpathPlus","require","_errors","_ajv","_interopRequireDefault","obj","__esModule","default","ajv","Ajv","allErrors","INDEX_CLAIM_NAME","mapDisclosuresToObject","disclosures","reduce","_ref","decoded","claimName","claimValue","findMatchedClaim","paths","payload","matchedPath","matchedValue","some","singlePath","result","JSONPath","path","json","length","error","MissingDataError","extractClaimName","regex","match","Error","evaluateInputDescriptorForSdJwt4VC","inputDescriptor","payloadCredential","_inputDescriptor$cons","constraints","fields","requiredDisclosures","optionalDisclosures","requiredClaimNames","optionalClaimNames","disclosuresAsPayload","allFieldsValid","every","field","optional","push","filter","validateSchema","compile","isNotLimitDisclosure","limit_disclosure","disclosure","includes","exports"],"sourceRoot":"../../../../src","sources":["credential/presentation/07-evaluate-input-descriptor.ts"],"mappings":";;;;;;AAEA,IAAAA,aAAA,GAAAC,OAAA;AACA,IAAAC,OAAA,GAAAD,OAAA;AACA,IAAAE,IAAA,GAAAC,sBAAA,CAAAH,OAAA;AAAsB,SAAAG,uBAAAC,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AACtB,MAAMG,GAAG,GAAG,IAAIC,YAAG,CAAC;EAAEC,SAAS,EAAE;AAAK,CAAC,CAAC;AACxC,MAAMC,gBAAgB,GAAG,CAAC;AAa1B;AACA;AACA;AACA;AACA;AACA,MAAMC,sBAAsB,GAC1BC,WAAoC,IACR;EAC5B,OAAOA,WAAW,CAACC,MAAM,CAAC,CAACT,GAAG,EAAAU,IAAA,KAAkB;IAAA,IAAhB;MAAEC;IAAQ,CAAC,GAAAD,IAAA;IACzC,MAAM,GAAGE,SAAS,EAAEC,UAAU,CAAC,GAAGF,OAAO;IACzCX,GAAG,CAACY,SAAS,CAAC,GAAGC,UAAU;IAC3B,OAAOb,GAAG;EACZ,CAAC,EAAE,CAAC,CAA4B,CAAC;AACnC,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA,MAAMc,gBAAgB,GAAGA,CACvBC,KAAe,EACfC,OAAY,KACW;EACvB,IAAIC,WAAW;EACf,IAAIC,YAAY;EAChBH,KAAK,CAACI,IAAI,CAAEC,UAAU,IAAK;IACzB,IAAI;MACF,MAAMC,MAAM,GAAG,IAAAC,sBAAQ,EAAC;QAAEC,IAAI,EAAEH,UAAU;QAAEI,IAAI,EAAER;MAAQ,CAAC,CAAC;MAC5D,IAAIK,MAAM,CAACI,MAAM,GAAG,CAAC,EAAE;QACrBR,WAAW,GAAGG,UAAU;QACxBF,YAAY,GAAGG,MAAM,CAAC,CAAC,CAAC;QACxB,OAAO,IAAI;MACb;IACF,CAAC,CAAC,OAAOK,KAAK,EAAE;MACd,MAAM,IAAIC,wBAAgB,CACvB,iBAAgBP,UAAW,wCAC9B,CAAC;IACH;IACA,OAAO,KAAK;EACd,CAAC,CAAC;EAEF,OAAO,CAACH,WAAW,EAAEC,YAAY,CAAC;AACpC,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMU,gBAAgB,GAAIL,IAAY,IAAyB;EAC7D;EACA;EACA;EACA,MAAMM,KAAK,GAAG,yCAAyC;EAEvD,MAAMC,KAAK,GAAGP,IAAI,CAACO,KAAK,CAACD,KAAK,CAAC;EAC/B,IAAIC,KAAK,EAAE;IACT;IACA;IACA,OAAOA,KAAK,CAAC,CAAC,CAAC,IAAIA,KAAK,CAAC,CAAC,CAAC;EAC7B;;EAEA;;EAEA,MAAM,IAAIC,KAAK,CACZ,0BAAyBR,IAAK,wFACjC,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMS,kCAAmE,GAC9EA,CAACC,eAAe,EAAEC,iBAAiB,EAAE1B,WAAW,KAAK;EAAA,IAAA2B,qBAAA;EACnD,IAAI,EAACF,eAAe,aAAfA,eAAe,gBAAAE,qBAAA,GAAfF,eAAe,CAAEG,WAAW,cAAAD,qBAAA,eAA5BA,qBAAA,CAA8BE,MAAM,GAAE;IACzC;IACA,OAAO;MACLC,mBAAmB,EAAE,EAAE;MACvBC,mBAAmB,EAAE/B;IACvB,CAAC;EACH;EACA,MAAMgC,kBAA4B,GAAG,EAAE;EACvC,MAAMC,kBAA4B,GAAG,EAAE;;EAEvC;EACA,MAAMC,oBAAoB,GAAGnC,sBAAsB,CAACC,WAAW,CAAC;;EAEhE;EACA;EACA,MAAMmC,cAAc,GAAGV,eAAe,CAACG,WAAW,CAACC,MAAM,CAACO,KAAK,CAAEC,KAAK,IAAK;IACzE;IACA;IACA;IACA,IAAI,CAAC5B,WAAW,EAAEC,YAAY,CAAC,GAAGJ,gBAAgB,CAChD+B,KAAK,CAACtB,IAAI,EACVmB,oBACF,CAAC;IAED,IAAI,CAACzB,WAAW,EAAE;MAChB,CAACA,WAAW,EAAEC,YAAY,CAAC,GAAGJ,gBAAgB,CAC5C+B,KAAK,CAACtB,IAAI,EACVW,iBACF,CAAC;MAED,IAAI,CAACjB,WAAW,EAAE;QAChB;QACA,OAAO4B,KAAK,aAALA,KAAK,uBAALA,KAAK,CAAEC,QAAQ;MACxB;IACF,CAAC,MAAM;MACL;MACA,MAAMlC,SAAS,GAAGgB,gBAAgB,CAACX,WAAW,CAAC;MAC/C,IAAIL,SAAS,EAAE;QACb,CAACiC,KAAK,aAALA,KAAK,eAALA,KAAK,CAAEC,QAAQ,GAAGL,kBAAkB,GAAGD,kBAAkB,EAAEO,IAAI,CAC9DnC,SACF,CAAC;MACH;IACF;;IAEA;IACA;IACA,IAAIiC,KAAK,CAACG,MAAM,EAAE;MAChB,IAAI;QACF,MAAMC,cAAc,GAAG9C,GAAG,CAAC+C,OAAO,CAACL,KAAK,CAACG,MAAM,CAAC;QAChD,IAAI,CAACC,cAAc,CAAC/B,YAAY,CAAC,EAAE;UACjC,MAAM,IAAIS,wBAAgB,CACvB,gBAAeT,YAAa,eAAcD,WAAY,4CACzD,CAAC;QACH;MACF,CAAC,CAAC,OAAOS,KAAK,EAAE;QACd,OAAO,KAAK;MACd;IACF;IACA;IACA;;IAEA,OAAO,IAAI;EACb,CAAC,CAAC;EAEF,IAAI,CAACiB,cAAc,EAAE;IACnB,MAAM,IAAIhB,wBAAgB,CACxB,iGACF,CAAC;EACH;;EAEA;EACA,MAAMwB,oBAAoB,GAAG,EAC3BlB,eAAe,CAACG,WAAW,CAACgB,gBAAgB,KAAK,UAAU,CAC5D;EAED,MAAMd,mBAAmB,GAAG9B,WAAW,CAACwC,MAAM,CAAEK,UAAU,IACxDb,kBAAkB,CAACc,QAAQ,CAACD,UAAU,CAAC1C,OAAO,CAACL,gBAAgB,CAAC,CAClE,CAAC;EAED,MAAMiC,mBAAmB,GAAG/B,WAAW,CAACwC,MAAM,CAC3CK,UAAU,IACTZ,kBAAkB,CAACa,QAAQ,CAACD,UAAU,CAAC1C,OAAO,CAACL,gBAAgB,CAAC,CAAC,IAChE6C,oBAAoB,IACnB,CAACX,kBAAkB,CAACc,QAAQ,CAACD,UAAU,CAAC1C,OAAO,CAACL,gBAAgB,CAAC,CACvE,CAAC;EAED,OAAO;IACLgC,mBAAmB;IACnBC;EACF,CAAC;AACH,CAAC;AAACgB,OAAA,CAAAvB,kCAAA,GAAAA,kCAAA"}
1
+ {"version":3,"names":["_jsonpathPlus","require","_errors","_ajv","_interopRequireDefault","obj","__esModule","default","ajv","Ajv","allErrors","INDEX_CLAIM_NAME","mapDisclosuresToObject","disclosures","reduce","_ref","decoded","claimName","claimValue","findMatchedClaim","paths","payload","matchedPath","matchedValue","some","singlePath","result","JSONPath","path","json","length","error","MissingDataError","extractClaimName","regex","match","Error","evaluateInputDescriptorForSdJwt4VC","inputDescriptor","payloadCredential","_inputDescriptor$cons","constraints","fields","requiredDisclosures","optionalDisclosures","unrequestedDisclosures","requiredClaimNames","optionalClaimNames","disclosuresAsPayload","allFieldsValid","every","field","optional","push","filter","validateSchema","compile","disclosure","includes","isNotLimitDisclosure","limit_disclosure","exports"],"sourceRoot":"../../../../src","sources":["credential/presentation/07-evaluate-input-descriptor.ts"],"mappings":";;;;;;AAEA,IAAAA,aAAA,GAAAC,OAAA;AACA,IAAAC,OAAA,GAAAD,OAAA;AACA,IAAAE,IAAA,GAAAC,sBAAA,CAAAH,OAAA;AAAsB,SAAAG,uBAAAC,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AACtB,MAAMG,GAAG,GAAG,IAAIC,YAAG,CAAC;EAAEC,SAAS,EAAE;AAAK,CAAC,CAAC;AACxC,MAAMC,gBAAgB,GAAG,CAAC;AAc1B;AACA;AACA;AACA;AACA;AACA,MAAMC,sBAAsB,GAC1BC,WAAoC,IACR;EAC5B,OAAOA,WAAW,CAACC,MAAM,CAAC,CAACT,GAAG,EAAAU,IAAA,KAAkB;IAAA,IAAhB;MAAEC;IAAQ,CAAC,GAAAD,IAAA;IACzC,MAAM,GAAGE,SAAS,EAAEC,UAAU,CAAC,GAAGF,OAAO;IACzCX,GAAG,CAACY,SAAS,CAAC,GAAGC,UAAU;IAC3B,OAAOb,GAAG;EACZ,CAAC,EAAE,CAAC,CAA4B,CAAC;AACnC,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA,MAAMc,gBAAgB,GAAGA,CACvBC,KAAe,EACfC,OAAY,KACW;EACvB,IAAIC,WAAW;EACf,IAAIC,YAAY;EAChBH,KAAK,CAACI,IAAI,CAAEC,UAAU,IAAK;IACzB,IAAI;MACF,MAAMC,MAAM,GAAG,IAAAC,sBAAQ,EAAC;QAAEC,IAAI,EAAEH,UAAU;QAAEI,IAAI,EAAER;MAAQ,CAAC,CAAC;MAC5D,IAAIK,MAAM,CAACI,MAAM,GAAG,CAAC,EAAE;QACrBR,WAAW,GAAGG,UAAU;QACxBF,YAAY,GAAGG,MAAM,CAAC,CAAC,CAAC;QACxB,OAAO,IAAI;MACb;IACF,CAAC,CAAC,OAAOK,KAAK,EAAE;MACd,MAAM,IAAIC,wBAAgB,CACvB,iBAAgBP,UAAW,wCAC9B,CAAC;IACH;IACA,OAAO,KAAK;EACd,CAAC,CAAC;EAEF,OAAO,CAACH,WAAW,EAAEC,YAAY,CAAC;AACpC,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMU,gBAAgB,GAAIL,IAAY,IAAyB;EAC7D;EACA;EACA;EACA,MAAMM,KAAK,GAAG,yCAAyC;EAEvD,MAAMC,KAAK,GAAGP,IAAI,CAACO,KAAK,CAACD,KAAK,CAAC;EAC/B,IAAIC,KAAK,EAAE;IACT;IACA;IACA,OAAOA,KAAK,CAAC,CAAC,CAAC,IAAIA,KAAK,CAAC,CAAC,CAAC;EAC7B;;EAEA;;EAEA,MAAM,IAAIC,KAAK,CACZ,0BAAyBR,IAAK,wFACjC,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMS,kCAAmE,GAC9EA,CAACC,eAAe,EAAEC,iBAAiB,EAAE1B,WAAW,KAAK;EAAA,IAAA2B,qBAAA;EACnD,IAAI,EAACF,eAAe,aAAfA,eAAe,gBAAAE,qBAAA,GAAfF,eAAe,CAAEG,WAAW,cAAAD,qBAAA,eAA5BA,qBAAA,CAA8BE,MAAM,GAAE;IACzC;IACA,OAAO;MACLC,mBAAmB,EAAE,EAAE;MACvBC,mBAAmB,EAAE,EAAE;MACvBC,sBAAsB,EAAEhC;IAC1B,CAAC;EACH;EACA,MAAMiC,kBAA4B,GAAG,EAAE;EACvC,MAAMC,kBAA4B,GAAG,EAAE;;EAEvC;EACA,MAAMC,oBAAoB,GAAGpC,sBAAsB,CAACC,WAAW,CAAC;;EAEhE;EACA;EACA,MAAMoC,cAAc,GAAGX,eAAe,CAACG,WAAW,CAACC,MAAM,CAACQ,KAAK,CAAEC,KAAK,IAAK;IACzE;IACA;IACA;IACA,IAAI,CAAC7B,WAAW,EAAEC,YAAY,CAAC,GAAGJ,gBAAgB,CAChDgC,KAAK,CAACvB,IAAI,EACVoB,oBACF,CAAC;IAED,IAAI,CAAC1B,WAAW,EAAE;MAChB,CAACA,WAAW,EAAEC,YAAY,CAAC,GAAGJ,gBAAgB,CAC5CgC,KAAK,CAACvB,IAAI,EACVW,iBACF,CAAC;MAED,IAAI,CAACjB,WAAW,EAAE;QAChB;QACA,OAAO6B,KAAK,aAALA,KAAK,uBAALA,KAAK,CAAEC,QAAQ;MACxB;IACF,CAAC,MAAM;MACL;MACA,MAAMnC,SAAS,GAAGgB,gBAAgB,CAACX,WAAW,CAAC;MAC/C,IAAIL,SAAS,EAAE;QACb,CAACkC,KAAK,aAALA,KAAK,eAALA,KAAK,CAAEC,QAAQ,GAAGL,kBAAkB,GAAGD,kBAAkB,EAAEO,IAAI,CAC9DpC,SACF,CAAC;MACH;IACF;;IAEA;IACA;IACA,IAAIkC,KAAK,CAACG,MAAM,EAAE;MAChB,IAAI;QACF,MAAMC,cAAc,GAAG/C,GAAG,CAACgD,OAAO,CAACL,KAAK,CAACG,MAAM,CAAC;QAChD,IAAI,CAACC,cAAc,CAAChC,YAAY,CAAC,EAAE;UACjC,MAAM,IAAIS,wBAAgB,CACvB,gBAAeT,YAAa,eAAcD,WAAY,4CACzD,CAAC;QACH;MACF,CAAC,CAAC,OAAOS,KAAK,EAAE;QACd,OAAO,KAAK;MACd;IACF;IACA;IACA;;IAEA,OAAO,IAAI;EACb,CAAC,CAAC;EAEF,IAAI,CAACkB,cAAc,EAAE;IACnB,MAAM,IAAIjB,wBAAgB,CACxB,iGACF,CAAC;EACH;;EAEA;;EAEA,MAAMW,mBAAmB,GAAG9B,WAAW,CAACyC,MAAM,CAAEG,UAAU,IACxDX,kBAAkB,CAACY,QAAQ,CAACD,UAAU,CAACzC,OAAO,CAACL,gBAAgB,CAAC,CAClE,CAAC;EAED,MAAMiC,mBAAmB,GAAG/B,WAAW,CAACyC,MAAM,CAC3CG,UAAU,IACTV,kBAAkB,CAACW,QAAQ,CAACD,UAAU,CAACzC,OAAO,CAACL,gBAAgB,CAAC,CAAC,IAChEgD,oBAAoB,IACnB,CAACb,kBAAkB,CAACY,QAAQ,CAACD,UAAU,CAACzC,OAAO,CAACL,gBAAgB,CAAC,CACvE,CAAC;EAED,MAAMgD,oBAAoB,GAAG,EAC3BrB,eAAe,CAACG,WAAW,CAACmB,gBAAgB,KAAK,UAAU,CAC5D;EAED,MAAMf,sBAAsB,GAAGc,oBAAoB,GAC/C9C,WAAW,CAACyC,MAAM,CACfG,UAAU,IACT,CAACV,kBAAkB,CAACW,QAAQ,CAC1BD,UAAU,CAACzC,OAAO,CAACL,gBAAgB,CACrC,CAAC,IACD,CAACmC,kBAAkB,CAACY,QAAQ,CAACD,UAAU,CAACzC,OAAO,CAACL,gBAAgB,CAAC,CACrE,CAAC,GACD,EAAE;EAEN,OAAO;IACLgC,mBAAmB;IACnBC,mBAAmB;IACnBC;EACF,CAAC;AACH,CAAC;AAACgB,OAAA,CAAAxB,kCAAA,GAAAA,kCAAA"}
package/lib/commonjs/credential/presentation/08-send-authorization-response.js CHANGED
@@ -3,7 +3,7 @@
3
3
  Object.defineProperty(exports, "__esModule", {
4
4
  value: true
5
5
  });
6
- exports.sendAuthorizationResponse = exports.prepareVpToken = exports.chooseRSAPublicKeyToEncrypt = exports.buildDirectPostJwtBody = exports.buildDirectPostBody = exports.AuthorizationResponse = void 0;
6
+ exports.sendAuthorizationResponse = exports.prepareVpToken = exports.choosePublicKeyToEncrypt = exports.buildDirectPostJwtBody = exports.buildDirectPostBody = exports.AuthorizationResponse = void 0;
7
7
  var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
8
8
  var _reactNativeUuid = _interopRequireDefault(require("react-native-uuid"));
9
9
  var _errors = require("./errors");
@@ -24,22 +24,22 @@ const AuthorizationResponse = z.object({
24
24
  });
25
25
 
26
26
  /**
27
- * Selects an RSA public key (with `use = enc` and `kty = RSA`) from the set of JWK keys
27
+ * Selects a public key (with `use = enc`) from the set of JWK keys
28
28
  * offered by the Relying Party (RP) for encryption.
29
29
  *
30
30
  * @param rpJwkKeys - The array of JWKs retrieved from the RP entity configuration.
31
- * @returns The first suitable RSA public key found in the list.
32
- * @throws {NoSuitableKeysFoundInEntityConfiguration} If no suitable RSA encryption key is found.
31
+ * @returns The first suitable public key found in the list.
32
+ * @throws {NoSuitableKeysFoundInEntityConfiguration} If no suitable encryption key is found.
33
33
  */
34
34
  exports.AuthorizationResponse = AuthorizationResponse;
35
- const chooseRSAPublicKeyToEncrypt = rpJwkKeys => {
36
- const [rsaEncKey] = rpJwkKeys.filter(jwk => jwk.use === "enc" && jwk.kty === "RSA");
37
- if (rsaEncKey) {
38
- return rsaEncKey;
35
+ const choosePublicKeyToEncrypt = rpJwkKeys => {
36
+ const [encKey] = rpJwkKeys.filter(jwk => jwk.use === "enc");
37
+ if (encKey) {
38
+ return encKey;
39
39
  }
40
40
 
41
41
  // No suitable key found
42
- throw new _errors.NoSuitableKeysFoundInEntityConfiguration("No suitable RSA public key found for encryption.");
42
+ throw new _errors.NoSuitableKeysFoundInEntityConfiguration("No suitable public key found for encryption.");
43
43
  };
44
44
 
45
45
  /**
@@ -67,7 +67,7 @@ const chooseRSAPublicKeyToEncrypt = rpJwkKeys => {
67
67
  *
68
68
  * @todo [SIW-353] Support multiple verifiable credentials in a single request.
69
69
  */
70
- exports.chooseRSAPublicKeyToEncrypt = chooseRSAPublicKeyToEncrypt;
70
+ exports.choosePublicKeyToEncrypt = choosePublicKeyToEncrypt;
71
71
  const prepareVpToken = async (requestObject, presentationDefinition, _ref) => {
72
72
  var _presentationDefiniti;
73
73
  let [verifiableCredential, requestedClaims, cryptoContext] = _ref;
@@ -144,18 +144,22 @@ const buildDirectPostJwtBody = async (jwkKeys, requestObject, vpToken, presentat
144
144
  });
145
145
 
146
146
  // Choose a suitable RSA public key for encryption
147
- const rsaPublicJwk = chooseRSAPublicKeyToEncrypt(jwkKeys);
147
+ const encPublicJwk = choosePublicKeyToEncrypt(jwkKeys);
148
148
 
149
149
  // Encrypt the authorization payload
150
+ const {
151
+ client_metadata
152
+ } = requestObject;
150
153
  const encryptedResponse = await new _ioReactNativeJwt.EncryptJwe(authzResponsePayload, {
151
- alg: "RSA-OAEP-256",
152
- enc: "A256CBC-HS512",
153
- kid: rsaPublicJwk.kid
154
- }).encrypt(rsaPublicJwk);
154
+ alg: (client_metadata === null || client_metadata === void 0 ? void 0 : client_metadata.authorization_encrypted_response_alg) || "RSA-OAEP-256",
155
+ enc: (client_metadata === null || client_metadata === void 0 ? void 0 : client_metadata.authorization_encrypted_response_enc) || "A256CBC-HS512",
156
+ kid: encPublicJwk.kid
157
+ }).encrypt(encPublicJwk);
155
158
 
156
159
  // Build the x-www-form-urlencoded form body
157
160
  const formBody = new URLSearchParams({
158
- response: encryptedResponse
161
+ response: encryptedResponse,
162
+ state: requestObject.state
159
163
  });
160
164
  return formBody.toString();
161
165
  };
package/lib/commonjs/credential/presentation/08-send-authorization-response.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["_ioReactNativeJwt","require","_reactNativeUuid","_interopRequireDefault","_errors","_misc","_sdJwt","z","_interopRequireWildcard","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","AuthorizationResponse","object","status","string","optional","response_code","redirect_uri","exports","chooseRSAPublicKeyToEncrypt","rpJwkKeys","rsaEncKey","filter","jwk","use","kty","NoSuitableKeysFoundInEntityConfiguration","prepareVpToken","requestObject","presentationDefinition","_ref","_presentationDefiniti","verifiableCredential","requestedClaims","cryptoContext","token","vp","disclose","sd_hash","sha256ToBase64","kbJwt","SignJWT","setProtectedHeader","typ","alg","setPayload","nonce","setAudience","client_id","setIssuedAt","sign","vp_token","join","presentation_submission","id","uuid","v4","definition_id","descriptor_map","input_descriptors","path","format","buildDirectPostBody","vpToken","presentationSubmission","formUrlEncodedBody","URLSearchParams","state","JSON","stringify","toString","buildDirectPostJwtBody","jwkKeys","authzResponsePayload","rsaPublicJwk","encryptedResponse","EncryptJwe","enc","kid","encrypt","formBody","response","sendAuthorizationResponse","presentation","appFetch","fetch","arguments","length","undefined","requestBody","response_mode","response_uri","method","headers","body","then","hasStatusOrThrow","res","json","parse"],"sourceRoot":"../../../../src","sources":["credential/presentation/08-send-authorization-response.ts"],"mappings":";;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AAKA,IAAAC,gBAAA,GAAAC,sBAAA,CAAAF,OAAA;AAIA,IAAAG,OAAA,GAAAH,OAAA;AACA,IAAAI,KAAA,GAAAJ,OAAA;AACA,IAAAK,MAAA,GAAAL,OAAA;AAEA,IAAAM,CAAA,GAAAC,uBAAA,CAAAP,OAAA;AAAyB,SAAAQ,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAF,wBAAAM,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAAA,SAAAjB,uBAAAW,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAGlB,MAAMiB,qBAAqB,GAAGxB,CAAC,CAACyB,MAAM,CAAC;EAC5CC,MAAM,EAAE1B,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EAC7BC,aAAa,EAAE7B,CAAC,CACb2B,MAAM,CAAC,CAAC,CAAC;AACd;AACA;AACA;AACA,8BAJc,CAKTC,QAAQ,CAAC,CAAC;EACbE,YAAY,EAAE9B,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC;AACpC,CAAC,CAAC;;AAEF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAPAG,OAAA,CAAAP,qBAAA,GAAAA,qBAAA;AAQO,MAAMQ,2BAA2B,GACtCC,SAAiC,IACzB;EACR,MAAM,CAACC,SAAS,CAAC,GAAGD,SAAS,CAACE,MAAM,CACjCC,GAAG,IAAKA,GAAG,CAACC,GAAG,KAAK,KAAK,IAAID,GAAG,CAACE,GAAG,KAAK,KAC5C,CAAC;EAED,IAAIJ,SAAS,EAAE;IACb,OAAOA,SAAS;EAClB;;EAEA;EACA,MAAM,IAAIK,gDAAwC,CAChD,kDACF,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAxBAR,OAAA,CAAAC,2BAAA,GAAAA,2BAAA;AAyBO,MAAMQ,cAAc,GAAG,MAAAA,CAC5BC,aAAiE,EACjEC,sBAA8C,EAAAC,IAAA,KAK1C;EAAA,IAAAC,qBAAA;EAAA,IAJJ,CAACC,oBAAoB,EAAEC,eAAe,EAAEC,aAAa,CAAe,GAAAJ,IAAA;EAKpE;EACA,MAAM;IAAEK,KAAK,EAAEC;EAAG,CAAC,GAAG,MAAM,IAAAC,eAAQ,EAACL,oBAAoB,EAAEC,eAAe,CAAC;;EAE3E;EACA,MAAMK,OAAO,GAAG,MAAM,IAAAC,gCAAc,EAAE,GAAEH,EAAG,GAAE,CAAC;EAE9C,MAAMI,KAAK,GAAG,MAAM,IAAIC,yBAAO,CAACP,aAAa,CAAC,CAC3CQ,kBAAkB,CAAC;IAClBC,GAAG,EAAE,QAAQ;IACbC,GAAG,EAAE;EACP,CAAC,CAAC,CACDC,UAAU,CAAC;IACVP,OAAO;IACPQ,KAAK,EAAElB,aAAa,CAACkB;EACvB,CAAC,CAAC,CACDC,WAAW,CAACnB,aAAa,CAACoB,SAAS,CAAC,CACpCC,WAAW,CAAC,CAAC,CACbC,IAAI,CAAC,CAAC;;EAET;EACA,MAAMC,QAAQ,GAAG,CAACf,EAAE,EAAEI,KAAK,CAAC,CAACY,IAAI,CAAC,GAAG,CAAC;;EAEtC;EACA;EACA,MAAMC,uBAAuB,GAAG;IAC9BC,EAAE,EAAEC,wBAAI,CAACC,EAAE,CAAC,CAAC;IACbC,aAAa,EAAE5B,sBAAsB,CAACyB,EAAE;IACxCI,cAAc,EAAE,CACd;MACEJ,EAAE,EAAEzB,sBAAsB,aAAtBA,sBAAsB,gBAAAE,qBAAA,GAAtBF,sBAAsB,CAAE8B,iBAAiB,CAAC,CAAC,CAAC,cAAA5B,qBAAA,uBAA5CA,qBAAA,CAA8CuB,EAAE;MACpDM,IAAI,EAAG,GAAE;MACTC,MAAM,EAAE;IACV,CAAC;EAEL,CAAC;EAED,OAAO;IAAEV,QAAQ;IAAEE;EAAwB,CAAC;AAC9C,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAPAnC,OAAA,CAAAS,cAAA,GAAAA,cAAA;AAQO,MAAMmC,mBAAmB,GAAG,MAAAA,CACjClC,aAAiE,EACjEmC,OAAe,EACfC,sBAA+C,KAC3B;EACpB,MAAMC,kBAAkB,GAAG,IAAIC,eAAe,CAAC;IAC7CC,KAAK,EAAEvC,aAAa,CAACuC,KAAK;IAC1Bd,uBAAuB,EAAEe,IAAI,CAACC,SAAS,CAACL,sBAAsB,CAAC;IAC/Db,QAAQ,EAAEY;EACZ,CAAC,CAAC;EAEF,OAAOE,kBAAkB,CAACK,QAAQ,CAAC,CAAC;AACtC,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AATApD,OAAA,CAAA4C,mBAAA,GAAAA,mBAAA;AAUO,MAAMS,sBAAsB,GAAG,MAAAA,CACpCC,OAA+B,EAC/B5C,aAAiE,EACjEmC,OAAe,EACfC,sBAA+C,KAC3B;EACpB;EACA,MAAMS,oBAAoB,GAAGL,IAAI,CAACC,SAAS,CAAC;IAC1CF,KAAK,EAAEvC,aAAa,CAACuC,KAAK;IAC1Bd,uBAAuB,EAAEW,sBAAsB;IAC/Cb,QAAQ,EAAEY;EACZ,CAAC,CAAC;;EAEF;EACA,MAAMW,YAAY,GAAGvD,2BAA2B,CAACqD,OAAO,CAAC;;EAEzD;EACA,MAAMG,iBAAiB,GAAG,MAAM,IAAIC,4BAAU,CAACH,oBAAoB,EAAE;IACnE7B,GAAG,EAAE,cAAc;IACnBiC,GAAG,EAAE,eAAe;IACpBC,GAAG,EAAEJ,YAAY,CAACI;EACpB,CAAC,CAAC,CAACC,OAAO,CAACL,YAAY,CAAC;;EAExB;EACA,MAAMM,QAAQ,GAAG,IAAId,eAAe,CAAC;IAAEe,QAAQ,EAAEN;EAAkB,CAAC,CAAC;EACrE,OAAOK,QAAQ,CAACV,QAAQ,CAAC,CAAC;AAC5B,CAAC;;AAED;AACA;AACA;AACA;AAHApD,OAAA,CAAAqD,sBAAA,GAAAA,sBAAA;AAcA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMW,yBAAoD,GAAG,eAAAA,CAClEtD,aAAa,EACbC,sBAAsB,EACtB2C,OAAO,EACPW,YAAY,EAEuB;EAAA,IADnC;IAAEC,QAAQ,GAAGC;EAAM,CAAC,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EAEzB;EACA,MAAM;IAAEnC,QAAQ;IAAEE;EAAwB,CAAC,GAAG,MAAM1B,cAAc,CAChEC,aAAa,EACbC,sBAAsB,EACtBsD,YACF,CAAC;;EAED;EACA,MAAMM,WAAW,GACf7D,aAAa,CAAC8D,aAAa,KAAK,iBAAiB,GAC7C,MAAMnB,sBAAsB,CAC1BC,OAAO,EACP5C,aAAa,EACbuB,QAAQ,EACRE,uBACF,CAAC,GACD,MAAMS,mBAAmB,CACvBlC,aAAa,EACbuB,QAAQ,EACRE,uBACF,CAAC;;EAEP;EACA,OAAO,MAAM+B,QAAQ,CAACxD,aAAa,CAAC+D,YAAY,EAAE;IAChDC,MAAM,EAAE,MAAM;IACdC,OAAO,EAAE;MACP,cAAc,EAAE;IAClB,CAAC;IACDC,IAAI,EAAEL;EACR,CAAC,CAAC,CACCM,IAAI,CAAC,IAAAC,sBAAgB,EAAC,GAAG,CAAC,CAAC,CAC3BD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBH,IAAI,CAACpF,qBAAqB,CAACwF,KAAK,CAAC;AACtC,CAAC;AAACjF,OAAA,CAAAgE,yBAAA,GAAAA,yBAAA"}
1
+ {"version":3,"names":["_ioReactNativeJwt","require","_reactNativeUuid","_interopRequireDefault","_errors","_misc","_sdJwt","z","_interopRequireWildcard","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","AuthorizationResponse","object","status","string","optional","response_code","redirect_uri","exports","choosePublicKeyToEncrypt","rpJwkKeys","encKey","filter","jwk","use","NoSuitableKeysFoundInEntityConfiguration","prepareVpToken","requestObject","presentationDefinition","_ref","_presentationDefiniti","verifiableCredential","requestedClaims","cryptoContext","token","vp","disclose","sd_hash","sha256ToBase64","kbJwt","SignJWT","setProtectedHeader","typ","alg","setPayload","nonce","setAudience","client_id","setIssuedAt","sign","vp_token","join","presentation_submission","id","uuid","v4","definition_id","descriptor_map","input_descriptors","path","format","buildDirectPostBody","vpToken","presentationSubmission","formUrlEncodedBody","URLSearchParams","state","JSON","stringify","toString","buildDirectPostJwtBody","jwkKeys","authzResponsePayload","encPublicJwk","client_metadata","encryptedResponse","EncryptJwe","authorization_encrypted_response_alg","enc","authorization_encrypted_response_enc","kid","encrypt","formBody","response","sendAuthorizationResponse","presentation","appFetch","fetch","arguments","length","undefined","requestBody","response_mode","response_uri","method","headers","body","then","hasStatusOrThrow","res","json","parse"],"sourceRoot":"../../../../src","sources":["credential/presentation/08-send-authorization-response.ts"],"mappings":";;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AAKA,IAAAC,gBAAA,GAAAC,sBAAA,CAAAF,OAAA;AAGA,IAAAG,OAAA,GAAAH,OAAA;AACA,IAAAI,KAAA,GAAAJ,OAAA;AACA,IAAAK,MAAA,GAAAL,OAAA;AAEA,IAAAM,CAAA,GAAAC,uBAAA,CAAAP,OAAA;AAAyB,SAAAQ,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAF,wBAAAM,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAAA,SAAAjB,uBAAAW,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAIlB,MAAMiB,qBAAqB,GAAGxB,CAAC,CAACyB,MAAM,CAAC;EAC5CC,MAAM,EAAE1B,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EAC7BC,aAAa,EAAE7B,CAAC,CACb2B,MAAM,CAAC,CAAC,CAAC;AACd;AACA;AACA;AACA,8BAJc,CAKTC,QAAQ,CAAC,CAAC;EACbE,YAAY,EAAE9B,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC;AACpC,CAAC,CAAC;;AAEF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAPAG,OAAA,CAAAP,qBAAA,GAAAA,qBAAA;AAQO,MAAMQ,wBAAwB,GACnCC,SAAiC,IACzB;EACR,MAAM,CAACC,MAAM,CAAC,GAAGD,SAAS,CAACE,MAAM,CAAEC,GAAG,IAAKA,GAAG,CAACC,GAAG,KAAK,KAAK,CAAC;EAE7D,IAAIH,MAAM,EAAE;IACV,OAAOA,MAAM;EACf;;EAEA;EACA,MAAM,IAAII,gDAAwC,CAChD,8CACF,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAxBAP,OAAA,CAAAC,wBAAA,GAAAA,wBAAA;AAyBO,MAAMO,cAAc,GAAG,MAAAA,CAC5BC,aAAiE,EACjEC,sBAA8C,EAAAC,IAAA,KAK1C;EAAA,IAAAC,qBAAA;EAAA,IAJJ,CAACC,oBAAoB,EAAEC,eAAe,EAAEC,aAAa,CAAe,GAAAJ,IAAA;EAKpE;EACA,MAAM;IAAEK,KAAK,EAAEC;EAAG,CAAC,GAAG,MAAM,IAAAC,eAAQ,EAACL,oBAAoB,EAAEC,eAAe,CAAC;;EAE3E;EACA,MAAMK,OAAO,GAAG,MAAM,IAAAC,gCAAc,EAAE,GAAEH,EAAG,GAAE,CAAC;EAE9C,MAAMI,KAAK,GAAG,MAAM,IAAIC,yBAAO,CAACP,aAAa,CAAC,CAC3CQ,kBAAkB,CAAC;IAClBC,GAAG,EAAE,QAAQ;IACbC,GAAG,EAAE;EACP,CAAC,CAAC,CACDC,UAAU,CAAC;IACVP,OAAO;IACPQ,KAAK,EAAElB,aAAa,CAACkB;EACvB,CAAC,CAAC,CACDC,WAAW,CAACnB,aAAa,CAACoB,SAAS,CAAC,CACpCC,WAAW,CAAC,CAAC,CACbC,IAAI,CAAC,CAAC;;EAET;EACA,MAAMC,QAAQ,GAAG,CAACf,EAAE,EAAEI,KAAK,CAAC,CAACY,IAAI,CAAC,GAAG,CAAC;;EAEtC;EACA;EACA,MAAMC,uBAAuB,GAAG;IAC9BC,EAAE,EAAEC,wBAAI,CAACC,EAAE,CAAC,CAAC;IACbC,aAAa,EAAE5B,sBAAsB,CAACyB,EAAE;IACxCI,cAAc,EAAE,CACd;MACEJ,EAAE,EAAEzB,sBAAsB,aAAtBA,sBAAsB,gBAAAE,qBAAA,GAAtBF,sBAAsB,CAAE8B,iBAAiB,CAAC,CAAC,CAAC,cAAA5B,qBAAA,uBAA5CA,qBAAA,CAA8CuB,EAAE;MACpDM,IAAI,EAAG,GAAE;MACTC,MAAM,EAAE;IACV,CAAC;EAEL,CAAC;EAED,OAAO;IAAEV,QAAQ;IAAEE;EAAwB,CAAC;AAC9C,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAPAlC,OAAA,CAAAQ,cAAA,GAAAA,cAAA;AAQO,MAAMmC,mBAAmB,GAAG,MAAAA,CACjClC,aAAiE,EACjEmC,OAAe,EACfC,sBAA+C,KAC3B;EACpB,MAAMC,kBAAkB,GAAG,IAAIC,eAAe,CAAC;IAC7CC,KAAK,EAAEvC,aAAa,CAACuC,KAAK;IAC1Bd,uBAAuB,EAAEe,IAAI,CAACC,SAAS,CAACL,sBAAsB,CAAC;IAC/Db,QAAQ,EAAEY;EACZ,CAAC,CAAC;EAEF,OAAOE,kBAAkB,CAACK,QAAQ,CAAC,CAAC;AACtC,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AATAnD,OAAA,CAAA2C,mBAAA,GAAAA,mBAAA;AAUO,MAAMS,sBAAsB,GAAG,MAAAA,CACpCC,OAA+B,EAC/B5C,aAAiE,EACjEmC,OAAe,EACfC,sBAA+C,KAC3B;EACpB;EACA,MAAMS,oBAAoB,GAAGL,IAAI,CAACC,SAAS,CAAC;IAC1CF,KAAK,EAAEvC,aAAa,CAACuC,KAAK;IAC1Bd,uBAAuB,EAAEW,sBAAsB;IAC/Cb,QAAQ,EAAEY;EACZ,CAAC,CAAC;;EAEF;EACA,MAAMW,YAAY,GAAGtD,wBAAwB,CAACoD,OAAO,CAAC;;EAEtD;EACA,MAAM;IAAEG;EAAgB,CAAC,GAAG/C,aAAa;EACzC,MAAMgD,iBAAiB,GAAG,MAAM,IAAIC,4BAAU,CAACJ,oBAAoB,EAAE;IACnE7B,GAAG,EACD,CAAC+B,eAAe,aAAfA,eAAe,uBAAfA,eAAe,CAAEG,oCAAoC,KAEnC,cAAc;IACnCC,GAAG,EACD,CAACJ,eAAe,aAAfA,eAAe,uBAAfA,eAAe,CAAEK,oCAAoC,KAE9B,eAAe;IACzCC,GAAG,EAAEP,YAAY,CAACO;EACpB,CAAC,CAAC,CAACC,OAAO,CAACR,YAAY,CAAC;;EAExB;EACA,MAAMS,QAAQ,GAAG,IAAIjB,eAAe,CAAC;IACnCkB,QAAQ,EAAER,iBAAiB;IAC3BT,KAAK,EAAEvC,aAAa,CAACuC;EACvB,CAAC,CAAC;EACF,OAAOgB,QAAQ,CAACb,QAAQ,CAAC,CAAC;AAC5B,CAAC;;AAED;AACA;AACA;AACA;AAHAnD,OAAA,CAAAoD,sBAAA,GAAAA,sBAAA;AAcA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMc,yBAAoD,GAAG,eAAAA,CAClEzD,aAAa,EACbC,sBAAsB,EACtB2C,OAAO,EACPc,YAAY,EAEuB;EAAA,IADnC;IAAEC,QAAQ,GAAGC;EAAM,CAAC,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EAEzB;EACA,MAAM;IAAEtC,QAAQ;IAAEE;EAAwB,CAAC,GAAG,MAAM1B,cAAc,CAChEC,aAAa,EACbC,sBAAsB,EACtByD,YACF,CAAC;;EAED;EACA,MAAMM,WAAW,GACfhE,aAAa,CAACiE,aAAa,KAAK,iBAAiB,GAC7C,MAAMtB,sBAAsB,CAC1BC,OAAO,EACP5C,aAAa,EACbuB,QAAQ,EACRE,uBACF,CAAC,GACD,MAAMS,mBAAmB,CACvBlC,aAAa,EACbuB,QAAQ,EACRE,uBACF,CAAC;;EAEP;EACA,OAAO,MAAMkC,QAAQ,CAAC3D,aAAa,CAACkE,YAAY,EAAE;IAChDC,MAAM,EAAE,MAAM;IACdC,OAAO,EAAE;MACP,cAAc,EAAE;IAClB,CAAC;IACDC,IAAI,EAAEL;EACR,CAAC,CAAC,CACCM,IAAI,CAAC,IAAAC,sBAAgB,EAAC,GAAG,CAAC,CAAC,CAC3BD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBH,IAAI,CAACtF,qBAAqB,CAAC0F,KAAK,CAAC;AACtC,CAAC;AAACnF,OAAA,CAAAkE,yBAAA,GAAAA,yBAAA"}
package/lib/commonjs/credential/presentation/README.md CHANGED
@@ -29,8 +29,8 @@ sequenceDiagram
29
29
  <summary>Remote Presentation flow</summary>
30
30
 
31
31
  ```ts
32
- // Scan e retrive qr-code
33
- const qrcode = ...
32
+ // Scan e retrive qr-code, decode it and get its parameters
33
+ const {requestUri, clientId} = ...
34
34
 
35
35
  // Retrieve the integrity key tag from the store and create its context
36
36
  const integrityKeyTag = "example"; // Let's assume this is the key tag used to create the wallet instance
@@ -55,7 +55,7 @@ const walletInstanceAttestation =
55
55
  });
56
56
 
57
57
  // Start the issuance flow
58
- const { requestURI, clientId } = Credential.Presentation.startFlowFromQR(qrcode);
58
+ const { requestURI, clientId } = Credential.Presentation.startFlowFromQR(requestUri, clientId);
59
59
 
60
60
  // If use trust federation: Evaluate issuer trust
61
61
  const { rpConf } = await Credential.Presentation.evaluateRelyingPartyTrust(clientId);
@@ -111,4 +111,4 @@ const { presentationDefinition } = await Credential.Presentation.fetchPresentDef
111
111
 
112
112
  ```
113
113
 
114
- </details>
114
+ </details>
package/lib/commonjs/credential/presentation/errors.js CHANGED
@@ -3,7 +3,7 @@
3
3
  Object.defineProperty(exports, "__esModule", {
4
4
  value: true
5
5
  });
6
- exports.UnverifiedEntityError = exports.NoSuitableKeysFoundInEntityConfiguration = exports.MissingDataError = exports.InvalidQRCodeError = exports.AuthRequestDecodeError = void 0;
6
+ exports.UnverifiedEntityError = exports.NoSuitableKeysFoundInEntityConfiguration = exports.MissingDataError = exports.AuthRequestDecodeError = void 0;
7
7
  var _errors = require("../../utils/errors");
8
8
  /**
9
9
  * An error subclass thrown when auth request decode fail
@@ -46,28 +46,11 @@ class NoSuitableKeysFoundInEntityConfiguration extends _errors.IoWalletError {
46
46
  }
47
47
  }
48
48
 
49
- /**
50
- * When a QR code is not valid.
51
- *
52
- */
53
- exports.NoSuitableKeysFoundInEntityConfiguration = NoSuitableKeysFoundInEntityConfiguration;
54
- class InvalidQRCodeError extends _errors.IoWalletError {
55
- code = "ERR_INVALID_QR_CODE";
56
-
57
- /**
58
- * @param detail A description of why the QR code is considered invalid.
59
- */
60
- constructor(detail) {
61
- const message = `QR code is not valid: ${detail}.`;
62
- super(message);
63
- }
64
- }
65
-
66
49
  /**
67
50
  * When the entity is unverified because the Relying Party is not trusted.
68
51
  *
69
52
  */
70
- exports.InvalidQRCodeError = InvalidQRCodeError;
53
+ exports.NoSuitableKeysFoundInEntityConfiguration = NoSuitableKeysFoundInEntityConfiguration;
71
54
  class UnverifiedEntityError extends _errors.IoWalletError {
72
55
  code = "ERR_UNVERIFIED_RP_ENTITY";
73
56
 
package/lib/commonjs/credential/presentation/errors.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["_errors","require","AuthRequestDecodeError","IoWalletError","code","constructor","message","claim","arguments","length","undefined","reason","serializeAttrs","exports","NoSuitableKeysFoundInEntityConfiguration","scenario","InvalidQRCodeError","detail","UnverifiedEntityError","MissingDataError","missingAttributes"],"sourceRoot":"../../../../src","sources":["credential/presentation/errors.ts"],"mappings":";;;;;;AAAA,IAAAA,OAAA,GAAAC,OAAA;AAEA;AACA;AACA;AACA;AACO,MAAMC,sBAAsB,SAASC,qBAAa,CAAC;EACxDC,IAAI,GAAG,oDAAoD;;EAE3D;;EAGA;;EAGAC,WAAWA,CACTC,OAAe,EAGf;IAAA,IAFAC,KAAa,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAC7BG,MAAc,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAE9B,KAAK,CAAC,IAAAI,sBAAc,EAAC;MAAEN,OAAO;MAAEC,KAAK;MAAEI;IAAO,CAAC,CAAC,CAAC;IACjD,IAAI,CAACJ,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AAHAE,OAAA,CAAAX,sBAAA,GAAAA,sBAAA;AAIO,MAAMY,wCAAwC,SAASX,qBAAa,CAAC;EAC1EC,IAAI,GAAG,gCAAgC;;EAEvC;AACF;AACA;EACEC,WAAWA,CAACU,QAAgB,EAAE;IAC5B,MAAMT,OAAO,GAAI,0DAAyDS,QAAS,IAAG;IACtF,KAAK,CAACT,OAAO,CAAC;EAChB;AACF;;AAEA;AACA;AACA;AACA;AAHAO,OAAA,CAAAC,wCAAA,GAAAA,wCAAA;AAIO,MAAME,kBAAkB,SAASb,qBAAa,CAAC;EACpDC,IAAI,GAAG,qBAAqB;;EAE5B;AACF;AACA;EACEC,WAAWA,CAACY,MAAc,EAAE;IAC1B,MAAMX,OAAO,GAAI,yBAAwBW,MAAO,GAAE;IAClD,KAAK,CAACX,OAAO,CAAC;EAChB;AACF;;AAEA;AACA;AACA;AACA;AAHAO,OAAA,CAAAG,kBAAA,GAAAA,kBAAA;AAIO,MAAME,qBAAqB,SAASf,qBAAa,CAAC;EACvDC,IAAI,GAAG,0BAA0B;;EAEjC;AACF;AACA;EACEC,WAAWA,CAACM,MAAc,EAAE;IAC1B,MAAML,OAAO,GAAI,sBAAqBK,MAAO,GAAE;IAC/C,KAAK,CAACL,OAAO,CAAC;EAChB;AACF;;AAEA;AACA;AACA;AACA;AAHAO,OAAA,CAAAK,qBAAA,GAAAA,qBAAA;AAIO,MAAMC,gBAAgB,SAAShB,qBAAa,CAAC;EAClDC,IAAI,GAAG,kBAAkB;;EAEzB;AACF;AACA;EACEC,WAAWA,CAACe,iBAAyB,EAAE;IACrC,MAAMd,OAAO,GAAI,kCAAiCc,iBAAkB,GAAE;IACtE,KAAK,CAACd,OAAO,CAAC;EAChB;AACF;AAACO,OAAA,CAAAM,gBAAA,GAAAA,gBAAA"}
1
+ {"version":3,"names":["_errors","require","AuthRequestDecodeError","IoWalletError","code","constructor","message","claim","arguments","length","undefined","reason","serializeAttrs","exports","NoSuitableKeysFoundInEntityConfiguration","scenario","UnverifiedEntityError","MissingDataError","missingAttributes"],"sourceRoot":"../../../../src","sources":["credential/presentation/errors.ts"],"mappings":";;;;;;AAAA,IAAAA,OAAA,GAAAC,OAAA;AAEA;AACA;AACA;AACA;AACO,MAAMC,sBAAsB,SAASC,qBAAa,CAAC;EACxDC,IAAI,GAAG,oDAAoD;;EAE3D;;EAGA;;EAGAC,WAAWA,CACTC,OAAe,EAGf;IAAA,IAFAC,KAAa,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAC7BG,MAAc,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAE9B,KAAK,CAAC,IAAAI,sBAAc,EAAC;MAAEN,OAAO;MAAEC,KAAK;MAAEI;IAAO,CAAC,CAAC,CAAC;IACjD,IAAI,CAACJ,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AAHAE,OAAA,CAAAX,sBAAA,GAAAA,sBAAA;AAIO,MAAMY,wCAAwC,SAASX,qBAAa,CAAC;EAC1EC,IAAI,GAAG,gCAAgC;;EAEvC;AACF;AACA;EACEC,WAAWA,CAACU,QAAgB,EAAE;IAC5B,MAAMT,OAAO,GAAI,0DAAyDS,QAAS,IAAG;IACtF,KAAK,CAACT,OAAO,CAAC;EAChB;AACF;;AAEA;AACA;AACA;AACA;AAHAO,OAAA,CAAAC,wCAAA,GAAAA,wCAAA;AAIO,MAAME,qBAAqB,SAASb,qBAAa,CAAC;EACvDC,IAAI,GAAG,0BAA0B;;EAEjC;AACF;AACA;EACEC,WAAWA,CAACM,MAAc,EAAE;IAC1B,MAAML,OAAO,GAAI,sBAAqBK,MAAO,GAAE;IAC/C,KAAK,CAACL,OAAO,CAAC;EAChB;AACF;;AAEA;AACA;AACA;AACA;AAHAO,OAAA,CAAAG,qBAAA,GAAAA,qBAAA;AAIO,MAAMC,gBAAgB,SAASd,qBAAa,CAAC;EAClDC,IAAI,GAAG,kBAAkB;;EAEzB;AACF;AACA;EACEC,WAAWA,CAACa,iBAAyB,EAAE;IACrC,MAAMZ,OAAO,GAAI,kCAAiCY,iBAAkB,GAAE;IACtE,KAAK,CAACZ,OAAO,CAAC;EAChB;AACF;AAACO,OAAA,CAAAI,gBAAA,GAAAA,gBAAA"}
package/lib/commonjs/credential/presentation/types.js CHANGED
@@ -6,6 +6,7 @@ Object.defineProperty(exports, "__esModule", {
6
6
  exports.RequestObject = exports.PresentationDefinition = exports.InputDescriptor = void 0;
7
7
  var _types = require("../../sd-jwt/types");
8
8
  var z = _interopRequireWildcard(require("zod"));
9
+ var _jwk = require("../../utils/jwk");
9
10
  function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
10
11
  function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
11
12
  /**
@@ -87,7 +88,14 @@ const RequestObject = z.object({
87
88
  response_type: z.literal("vp_token"),
88
89
  response_mode: z.enum(["direct_post.jwt", "direct_post"]),
89
90
  client_id: z.string(),
90
- client_id_scheme: z.string(),
91
+ client_id_scheme: z.string().optional(),
92
+ // previous z.literal("entity_id"),
93
+ client_metadata: z.object({
94
+ authorization_encrypted_response_alg: z.string().optional(),
95
+ authorization_encrypted_response_enc: z.string().optional(),
96
+ jwks_uri: z.string().optional(),
97
+ jwks: _jwk.JWKS.optional()
98
+ }).optional(),
91
99
  // previous z.literal("entity_id"),
92
100
  scope: z.string().optional(),
93
101
  presentation_definition: PresentationDefinition.optional()