@pagopa/io-react-native-wallet 1.5.0 → 1.6.1

package/lib/commonjs/credential/issuance/06-obtain-credential.js

@@ -73,7 +73,11 @@ const obtainCredential = async (issuerConf, accessToken, clientId, credentialDef
 
   /** The credential request body */
   const credentialRequestFormBody = {
-    vct: credentialDefinition.credential_configuration_id,
+    ...(format === "mso_mdoc" ? {
+      doctype: credentialDefinition.credential_configuration_id
+    } : {
+      vct: credentialDefinition.credential_configuration_id
+    }),
     format,
     proof: {
       jwt: signedNonceProof,

package/lib/commonjs/credential/issuance/06-obtain-credential.js.map

@@ -1 +1 @@
-{"version":3,"names":["_ioReactNativeJwt","require","_misc","_errors","_types","_dpop","_reactNativeUuid","_interopRequireDefault","obj","__esModule","default","createNonceProof","nonce","issuer","audience","ctx","jwk","getPublicKey","SignJWT","setPayload","setProtectedHeader","typ","setAudience","setIssuer","setIssuedAt","setExpirationTime","sign","exports","obtainCredential","issuerConf","accessToken","clientId","credentialDefinition","context","credentialCryptoContext","appFetch","fetch","dPopCryptoContext","credentialUrl","credential_endpoint","signedNonceProof","c_nonce","containsCredentialDefinition","authorization_details","some","detail","credential_configuration_id","type","ValidationFailed","message","credential","credential_configurations_supported","format","credentialRequestFormBody","vct","proof","jwt","proof_type","tokenRequestSignedDPop","createDPopToken","htm","htu","jti","uuid","v4","ath","sha256ToBase64","access_token","credentialRes","method","headers","DPoP","Authorization","token_type","body","JSON","stringify","then","hasStatusOrThrow","res","json","CredentialResponse","safeParse","catch","handleObtainCredentialError","success","reason","error","data","e","UnexpectedStatusCodeError","ResponseErrorBuilder","IssuerResponseError","handle","code","IssuerResponseErrorCodes","CredentialRequestFailed","buildFrom"],"sourceRoot":"../../../../src","sources":["credential/issuance/06-obtain-credential.ts"],"mappings":";;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AAOA,IAAAC,KAAA,GAAAD,OAAA;AAEA,IAAAE,OAAA,GAAAF,OAAA;AAOA,IAAAG,MAAA,GAAAH,OAAA;AACA,IAAAI,KAAA,GAAAJ,OAAA;AACA,IAAAK,gBAAA,GAAAC,sBAAA,CAAAN,OAAA;AAAqC,SAAAM,uBAAAC,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAc9B,MAAMG,gBAAgB,GAAG,MAAAA,CAC9BC,KAAa,EACbC,MAAc,EACdC,QAAgB,EAChBC,GAAkB,KACE;EACpB,MAAMC,GAAG,GAAG,MAAMD,GAAG,CAACE,YAAY,CAAC,CAAC;EACpC,OAAO,IAAIC,yBAAO,CAACH,GAAG,CAAC,CACpBI,UAAU,CAAC;IACVP;EACF,CAAC,CAAC,CACDQ,kBAAkB,CAAC;IAClBC,GAAG,EAAE,sBAAsB;IAC3BL;EACF,CAAC,CAAC,CACDM,WAAW,CAACR,QAAQ,CAAC,CACrBS,SAAS,CAACV,MAAM,CAAC,CACjBW,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,MAAM,CAAC,CACzBC,IAAI,CAAC,CAAC;AACX,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAfAC,OAAA,CAAAhB,gBAAA,GAAAA,gBAAA;AAgBO,MAAMiB,gBAAkC,GAAG,MAAAA,CAChDC,UAAU,EACVC,WAAW,EACXC,QAAQ,EACRC,oBAAoB,EACpBC,OAAO,KACJ;EACH,MAAM;IACJC,uBAAuB;IACvBC,QAAQ,GAAGC,KAAK;IAChBC;EACF,CAAC,GAAGJ,OAAO;EAEX,MAAMK,aAAa,GAAGT,UAAU,CAACU,mBAAmB;;EAEpD;AACF;AACA;AACA;AACA;EACE,MAAMC,gBAAgB,GAAG,MAAM7B,gBAAgB,CAC7CmB,WAAW,CAACW,OAAO,EACnBV,QAAQ,EACRO,aAAa,EACbJ,uBACF,CAAC;EAED,MAAMQ,4BAA4B,GAAGZ,WAAW,CAACa,qBAAqB,CAACC,IAAI,CACxEC,MAAM,IACLA,MAAM,CAACC,2BAA2B,KAChCd,oBAAoB,CAACc,2BAA2B,IAClDD,MAAM,CAACE,IAAI,KAAKf,oBAAoB,CAACe,IACzC,CAAC;EAED,IAAI,CAACL,4BAA4B,EAAE;IACjC,MAAM,IAAIM,wBAAgB,CAAC;MACzBC,OAAO,EACL;IACJ,CAAC,CAAC;EACJ;EAEA,MAAMC,UAAU,GACdrB,UAAU,CAACsB,mCAAmC,CAC5CnB,oBAAoB,CAACc,2BAA2B,CACjD;EAEH,IAAI,CAACI,UAAU,EAAE;IACf,MAAM,IAAIF,wBAAgB,CAAC;MACzBC,OAAO,EAAE;IACX,CAAC,CAAC;EACJ;EAEA,MAAMG,MAAM,GAAGF,UAAU,CAACE,MAAM;EAEhC,IAAI,CAACA,MAAM,EAAE;IACX,MAAM,IAAIJ,wBAAgB,CAAC;MACzBC,OAAO,EACL;IACJ,CAAC,CAAC;EACJ;;EAEA;EACA,MAAMI,yBAAyB,GAAG;IAChCC,GAAG,EAAEtB,oBAAoB,CAACc,2BAA2B;IACrDM,MAAM;IACNG,KAAK,EAAE;MACLC,GAAG,EAAEhB,gBAAgB;MACrBiB,UAAU,EAAE;IACd;EACF,CAAC;EAED,MAAMC,sBAAsB,GAAG,MAAM,IAAAC,qBAAe,EAClD;IACEC,GAAG,EAAE,MAAM;IACXC,GAAG,EAAEvB,aAAa;IAClBwB,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;IACnBC,GAAG,EAAE,MAAM,IAAAC,gCAAc,EAACpC,WAAW,CAACqC,YAAY;EACpD,CAAC,EACD9B,iBACF,CAAC;EACD,MAAM+B,aAAa,GAAG,MAAMjC,QAAQ,CAACG,aAAa,EAAE;IAClD+B,MAAM,EAAE,MAAM;IACdC,OAAO,EAAE;MACP,cAAc,EAAE,kBAAkB;MAClCC,IAAI,EAAEb,sBAAsB;MAC5Bc,aAAa,EAAG,GAAE1C,WAAW,CAAC2C,UAAW,IAAG3C,WAAW,CAACqC,YAAa;IACvE,CAAC;IACDO,IAAI,EAAEC,IAAI,CAACC,SAAS,CAACvB,yBAAyB;EAChD,CAAC,CAAC,CACCwB,IAAI,CAAC,IAAAC,sBAAgB,EAAC,GAAG,CAAC,CAAC,CAC3BD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBH,IAAI,CAAEH,IAAI,IAAKO,yBAAkB,CAACC,SAAS,CAACR,IAAI,CAAC,CAAC,CAClDS,KAAK,CAACC,2BAA2B,CAAC;EAErC,IAAI,CAAChB,aAAa,CAACiB,OAAO,EAAE;IAC1B,MAAM,IAAIrC,wBAAgB,CAAC;MACzBC,OAAO,EAAE,uCAAuC;MAChDqC,MAAM,EAAElB,aAAa,CAACmB,KAAK,CAACtC;IAC9B,CAAC,CAAC;EACJ;;EAEA;EACA,OAAOmB,aAAa,CAACoB,IAAI;AAC3B,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AALA7D,OAAA,CAAAC,gBAAA,GAAAA,gBAAA;AAMA,MAAMwD,2BAA2B,GAAIK,CAAU,IAAK;EAClD,IAAI,EAAEA,CAAC,YAAYC,iCAAyB,CAAC,EAAE;IAC7C,MAAMD,CAAC;EACT;EAEA,MAAM,IAAIE,4BAAoB,CAACC,2BAAmB,CAAC,CAChDC,MAAM,CAAC,GAAG,EAAE;IACXC,IAAI,EAAEC,gCAAwB,CAACC,uBAAuB;IACtD/C,OAAO,EAAE;EACX,CAAC,CAAC,CACDgD,SAAS,CAACR,CAAC,CAAC;AACjB,CAAC"}
+{"version":3,"names":["_ioReactNativeJwt","require","_misc","_errors","_types","_dpop","_reactNativeUuid","_interopRequireDefault","obj","__esModule","default","createNonceProof","nonce","issuer","audience","ctx","jwk","getPublicKey","SignJWT","setPayload","setProtectedHeader","typ","setAudience","setIssuer","setIssuedAt","setExpirationTime","sign","exports","obtainCredential","issuerConf","accessToken","clientId","credentialDefinition","context","credentialCryptoContext","appFetch","fetch","dPopCryptoContext","credentialUrl","credential_endpoint","signedNonceProof","c_nonce","containsCredentialDefinition","authorization_details","some","detail","credential_configuration_id","type","ValidationFailed","message","credential","credential_configurations_supported","format","credentialRequestFormBody","doctype","vct","proof","jwt","proof_type","tokenRequestSignedDPop","createDPopToken","htm","htu","jti","uuid","v4","ath","sha256ToBase64","access_token","credentialRes","method","headers","DPoP","Authorization","token_type","body","JSON","stringify","then","hasStatusOrThrow","res","json","CredentialResponse","safeParse","catch","handleObtainCredentialError","success","reason","error","data","e","UnexpectedStatusCodeError","ResponseErrorBuilder","IssuerResponseError","handle","code","IssuerResponseErrorCodes","CredentialRequestFailed","buildFrom"],"sourceRoot":"../../../../src","sources":["credential/issuance/06-obtain-credential.ts"],"mappings":";;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AAOA,IAAAC,KAAA,GAAAD,OAAA;AAEA,IAAAE,OAAA,GAAAF,OAAA;AAOA,IAAAG,MAAA,GAAAH,OAAA;AACA,IAAAI,KAAA,GAAAJ,OAAA;AACA,IAAAK,gBAAA,GAAAC,sBAAA,CAAAN,OAAA;AAAqC,SAAAM,uBAAAC,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAc9B,MAAMG,gBAAgB,GAAG,MAAAA,CAC9BC,KAAa,EACbC,MAAc,EACdC,QAAgB,EAChBC,GAAkB,KACE;EACpB,MAAMC,GAAG,GAAG,MAAMD,GAAG,CAACE,YAAY,CAAC,CAAC;EACpC,OAAO,IAAIC,yBAAO,CAACH,GAAG,CAAC,CACpBI,UAAU,CAAC;IACVP;EACF,CAAC,CAAC,CACDQ,kBAAkB,CAAC;IAClBC,GAAG,EAAE,sBAAsB;IAC3BL;EACF,CAAC,CAAC,CACDM,WAAW,CAACR,QAAQ,CAAC,CACrBS,SAAS,CAACV,MAAM,CAAC,CACjBW,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,MAAM,CAAC,CACzBC,IAAI,CAAC,CAAC;AACX,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAfAC,OAAA,CAAAhB,gBAAA,GAAAA,gBAAA;AAgBO,MAAMiB,gBAAkC,GAAG,MAAAA,CAChDC,UAAU,EACVC,WAAW,EACXC,QAAQ,EACRC,oBAAoB,EACpBC,OAAO,KACJ;EACH,MAAM;IACJC,uBAAuB;IACvBC,QAAQ,GAAGC,KAAK;IAChBC;EACF,CAAC,GAAGJ,OAAO;EAEX,MAAMK,aAAa,GAAGT,UAAU,CAACU,mBAAmB;;EAEpD;AACF;AACA;AACA;AACA;EACE,MAAMC,gBAAgB,GAAG,MAAM7B,gBAAgB,CAC7CmB,WAAW,CAACW,OAAO,EACnBV,QAAQ,EACRO,aAAa,EACbJ,uBACF,CAAC;EAED,MAAMQ,4BAA4B,GAAGZ,WAAW,CAACa,qBAAqB,CAACC,IAAI,CACxEC,MAAM,IACLA,MAAM,CAACC,2BAA2B,KAChCd,oBAAoB,CAACc,2BAA2B,IAClDD,MAAM,CAACE,IAAI,KAAKf,oBAAoB,CAACe,IACzC,CAAC;EAED,IAAI,CAACL,4BAA4B,EAAE;IACjC,MAAM,IAAIM,wBAAgB,CAAC;MACzBC,OAAO,EACL;IACJ,CAAC,CAAC;EACJ;EAEA,MAAMC,UAAU,GACdrB,UAAU,CAACsB,mCAAmC,CAC5CnB,oBAAoB,CAACc,2BAA2B,CACjD;EAEH,IAAI,CAACI,UAAU,EAAE;IACf,MAAM,IAAIF,wBAAgB,CAAC;MACzBC,OAAO,EAAE;IACX,CAAC,CAAC;EACJ;EAEA,MAAMG,MAAM,GAAGF,UAAU,CAACE,MAAM;EAEhC,IAAI,CAACA,MAAM,EAAE;IACX,MAAM,IAAIJ,wBAAgB,CAAC;MACzBC,OAAO,EACL;IACJ,CAAC,CAAC;EACJ;;EAEA;EACA,MAAMI,yBAAyB,GAAG;IAChC,IAAID,MAAM,KAAK,UAAU,GACrB;MAAEE,OAAO,EAAEtB,oBAAoB,CAACc;IAA4B,CAAC,GAC7D;MAAES,GAAG,EAAEvB,oBAAoB,CAACc;IAA4B,CAAC,CAAC;IAC9DM,MAAM;IACNI,KAAK,EAAE;MACLC,GAAG,EAAEjB,gBAAgB;MACrBkB,UAAU,EAAE;IACd;EACF,CAAC;EAED,MAAMC,sBAAsB,GAAG,MAAM,IAAAC,qBAAe,EAClD;IACEC,GAAG,EAAE,MAAM;IACXC,GAAG,EAAExB,aAAa;IAClByB,GAAG,EAAG,GAAEC,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;IACnBC,GAAG,EAAE,MAAM,IAAAC,gCAAc,EAACrC,WAAW,CAACsC,YAAY;EACpD,CAAC,EACD/B,iBACF,CAAC;EACD,MAAMgC,aAAa,GAAG,MAAMlC,QAAQ,CAACG,aAAa,EAAE;IAClDgC,MAAM,EAAE,MAAM;IACdC,OAAO,EAAE;MACP,cAAc,EAAE,kBAAkB;MAClCC,IAAI,EAAEb,sBAAsB;MAC5Bc,aAAa,EAAG,GAAE3C,WAAW,CAAC4C,UAAW,IAAG5C,WAAW,CAACsC,YAAa;IACvE,CAAC;IACDO,IAAI,EAAEC,IAAI,CAACC,SAAS,CAACxB,yBAAyB;EAChD,CAAC,CAAC,CACCyB,IAAI,CAAC,IAAAC,sBAAgB,EAAC,GAAG,CAAC,CAAC,CAC3BD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBH,IAAI,CAAEH,IAAI,IAAKO,yBAAkB,CAACC,SAAS,CAACR,IAAI,CAAC,CAAC,CAClDS,KAAK,CAACC,2BAA2B,CAAC;EAErC,IAAI,CAAChB,aAAa,CAACiB,OAAO,EAAE;IAC1B,MAAM,IAAItC,wBAAgB,CAAC;MACzBC,OAAO,EAAE,uCAAuC;MAChDsC,MAAM,EAAElB,aAAa,CAACmB,KAAK,CAACvC;IAC9B,CAAC,CAAC;EACJ;;EAEA;EACA,OAAOoB,aAAa,CAACoB,IAAI;AAC3B,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AALA9D,OAAA,CAAAC,gBAAA,GAAAA,gBAAA;AAMA,MAAMyD,2BAA2B,GAAIK,CAAU,IAAK;EAClD,IAAI,EAAEA,CAAC,YAAYC,iCAAyB,CAAC,EAAE;IAC7C,MAAMD,CAAC;EACT;EAEA,MAAM,IAAIE,4BAAoB,CAACC,2BAAmB,CAAC,CAChDC,MAAM,CAAC,GAAG,EAAE;IACXC,IAAI,EAAEC,gCAAwB,CAACC,uBAAuB;IACtDhD,OAAO,EAAE;EACX,CAAC,CAAC,CACDiD,SAAS,CAACR,CAAC,CAAC;AACjB,CAAC"}

package/lib/commonjs/credential/issuance/07-verify-and-parse-credential.js

@@ -103,12 +103,12 @@ const parseCredentialSdJwt = function (credentials_supported, _ref) {
   }
   return definedValues;
 };
-const parseCredentialMDoc = function (credentials_supported, _ref8) {
+const parseCredentialMDoc = function (credentials_supported, credential_type, _ref8) {
   let {
-    mDoc
+    issuerSigned
   } = _ref8;
-  let includeUndefinedAttributes = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : false;
-  const credentialSubject = credentials_supported[mDoc.docType];
+  let includeUndefinedAttributes = arguments.length > 3 && arguments[3] !== undefined ? arguments[3] : false;
+  const credentialSubject = credentials_supported[credential_type];
   if (!credentialSubject) {
     throw new _errors.IoWalletError("Credential type not supported by the issuer");
   }
@@ -126,10 +126,10 @@ const parseCredentialMDoc = function (credentials_supported, _ref8) {
       return [namespace, claimNameKey, definition];
     });
   });
-  if (!mDoc.issuerSigned.nameSpaces) {
+  if (!issuerSigned.nameSpaces) {
     throw new _errors.IoWalletError("Missing claims in the credential");
   }
-  const flatNamespaces = Object.entries(mDoc.issuerSigned.nameSpaces).flatMap(_ref11 => {
+  const flatNamespaces = Object.entries(issuerSigned.nameSpaces).flatMap(_ref11 => {
     let [namespace, values] = _ref11;
     return values.map(v => [namespace, v.elementIdentifier, v.elementValue]);
   });
@@ -233,25 +233,37 @@ async function verifyCredentialSdJwt(rawCredential, issuerKeys, holderBindingCon
  *
  */
 async function verifyCredentialMDoc(rawCredential, issuerKeys, holderBindingContext) {
-  const [decodedCredential] =
+  /**
+   * For the moment, being that issues in the crypto key generation
+   * have been found on Android, the check for the deviceKey inside
+   * of the mDoc is skipped, so we are not interested in the holderBindingKey
+   */
+  const [decodedCredential, _] =
   // parallel for optimization
   await Promise.all([(0, _mdoc.verify)(rawCredential, issuerKeys), holderBindingContext.getPublicKey()]);
-
-  // TODO Implement the holder binding verification for MDOC
-
-  // Get only the first decoded credential
-
   if (!decodedCredential) {
     throw new _errors.IoWalletError("No MDOC credentials found!");
   }
-  return {
-    mDoc: decodedCredential.mDoc
-  };
+
+  /**
+   * For the moment, being that issues in the crypto key generation
+   * have been found on Android, the check for the deviceKey inside
+   * of the mDoc is skipped.
+   */
+  //const key = decodedCredential.mDoc.issuerSigned.issuerAuth.payload.deviceKeyInfo.deviceKey;
+  //
+  //if (!compareKeysByThumbprint(key, holderBindingKey as PublicKey)) {
+  //  throw new IoWalletError(
+  //    `Failed to verify holder binding, holder binding key and mDoc deviceKey don't match`
+  //  );
+  //}
+
+  return decodedCredential;
 }
 
 // utility type that specialize VerifyAndParseCredential for given format
 
-const verifyAndParseCredentialSdJwt = async (issuerConf, credential, _, _ref18) => {
+const verifyAndParseCredentialSdJwt = async (issuerConf, credential, _, __, _ref18) => {
   let {
     credentialCryptoContext,
     ignoreMissingAttributes,
@@ -266,14 +278,14 @@ const verifyAndParseCredentialSdJwt = async (issuerConf, credential, _, _ref18)
     issuedAt: typeof maybeIssuedAt === "number" ? new Date(maybeIssuedAt * 1000) : undefined
   };
 };
-const verifyAndParseCredentialMDoc = async (issuerConf, credential, _, _ref19) => {
+const verifyAndParseCredentialMDoc = async (issuerConf, credential, _, credentialType, _ref19) => {
   var _parsedCredential$exp, _parsedCredential$iss;
   let {
     credentialCryptoContext,
     ignoreMissingAttributes
   } = _ref19;
   const decoded = await verifyCredentialMDoc(credential, issuerConf.keys, credentialCryptoContext);
-  const parsedCredential = parseCredentialMDoc(issuerConf.credential_configurations_supported, decoded, ignoreMissingAttributes);
+  const parsedCredential = parseCredentialMDoc(issuerConf.credential_configurations_supported, credentialType, decoded, ignoreMissingAttributes);
   const expirationDate = (0, _converters2.extractElementValueAsDate)(parsedCredential === null || parsedCredential === void 0 || (_parsedCredential$exp = parsedCredential.expiry_date) === null || _parsedCredential$exp === void 0 ? void 0 : _parsedCredential$exp.value);
   if (!expirationDate) {
     throw new _errors.IoWalletError(`expirationDate must be present!!`);
@@ -301,12 +313,12 @@ const verifyAndParseCredentialMDoc = async (issuerConf, credential, _, _ref19) =
  * @throws {IoWalletError} If the credential is not bound to the provided user key
  * @throws {IoWalletError} If the credential data fail to parse
  */
-const verifyAndParseCredential = async (issuerConf, credential, format, context) => {
+const verifyAndParseCredential = async (issuerConf, credential, format, credentialType, context) => {
   if (format === "vc+sd-jwt") {
-    return verifyAndParseCredentialSdJwt(issuerConf, credential, format, context);
+    return verifyAndParseCredentialSdJwt(issuerConf, credential, format, credentialType, context);
   }
   if (format === "mso_mdoc") {
-    return verifyAndParseCredentialMDoc(issuerConf, credential, format, context);
+    return verifyAndParseCredentialMDoc(issuerConf, credential, format, credentialType, context);
   }
   throw new _errors.IoWalletError(`Unsupported credential format: ${format}`);
 };

package/lib/commonjs/credential/issuance/07-verify-and-parse-credential.js.map

@@ -1 +1 @@
-{"version":3,"names":["_errors","require","_types","_sdJwt","_mdoc","_converters","_converters2","parseCredentialSdJwt","credentials_supported","_ref","sdJwt","disclosures","ignoreMissingAttributes","arguments","length","undefined","includeUndefinedAttributes","credentialSubject","payload","vct","IoWalletError","format","header","typ","claims","attrDefinitions","Object","entries","attrsNotInDisclosures","filter","_ref2","attrKey","some","_ref3","name","missing","map","_","join","received","definedValues","fromEntries","_ref4","_disclosures$find","definition","value","find","_ref5","display","reduce","names","_ref6","locale","undefinedValues","keys","includes","_ref7","key","parseCredentialMDoc","_ref8","mDoc","docType","flatMap","_ref9","namespace","claimName","_ref10","claimNameKey","issuerSigned","nameSpaces","flatNamespaces","_ref11","values","v","elementIdentifier","elementValue","_ref12","_flatNamespaces$find","attrDefNamespace","_ref13","_ref14","_ref15","_ref16","_ref17","verifyCredentialSdJwt","rawCredential","issuerKeys","holderBindingContext","decodedCredential","holderBindingKey","Promise","all","verifySdJwt","SdJwt4VC","getPublicKey","cnf","jwk","kid","verifyCredentialMDoc","verifyMdoc","verifyAndParseCredentialSdJwt","issuerConf","credential","_ref18","credentialCryptoContext","decoded","parsedCredential","credential_configurations_supported","maybeIssuedAt","getValueFromDisclosures","expiration","Date","exp","issuedAt","verifyAndParseCredentialMDoc","_ref19","_parsedCredential$exp","_parsedCredential$iss","expirationDate","extractElementValueAsDate","expiry_date","setDate","getDate","issue_date","verifyAndParseCredential","context","exports"],"sourceRoot":"../../../../src","sources":["credential/issuance/07-verify-and-parse-credential.ts"],"mappings":";;;;;;AAIA,IAAAA,OAAA,GAAAC,OAAA;AACA,IAAAC,MAAA,GAAAD,OAAA;AACA,IAAAE,MAAA,GAAAF,OAAA;AACA,IAAAG,KAAA,GAAAH,OAAA;AACA,IAAAI,WAAA,GAAAJ,OAAA;AAOA,IAAAK,YAAA,GAAAL,OAAA;AAuBA;;AAkBA;;AASA,MAAMM,oBAAoB,GAAG,SAAAA,CAE3BC,qBAAgG,EAAAC,IAAA,EAI3E;EAAA,IAHrB;IAAEC,KAAK;IAAEC;EAAoC,CAAC,GAAAF,IAAA;EAAA,IAC9CG,uBAAgC,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,KAAK;EAAA,IACxCG,0BAAmC,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,KAAK;EAE3C,MAAMI,iBAAiB,GAAGT,qBAAqB,CAACE,KAAK,CAACQ,OAAO,CAACC,GAAG,CAAC;EAElE,IAAI,CAACF,iBAAiB,EAAE;IACtB,MAAM,IAAIG,qBAAa,CAAC,6CAA6C,CAAC;EACxE;EAEA,IAAIH,iBAAiB,CAACI,MAAM,KAAKX,KAAK,CAACY,MAAM,CAACC,GAAG,EAAE;IACjD,MAAM,IAAIH,qBAAa,CACpB,gEAA+DH,iBAAiB,CAACI,MAAO,gBAAeX,KAAK,CAACY,MAAM,CAACC,GAAI,KAC3H,CAAC;EACH;;EAEA;EACA,IAAI,CAACN,iBAAiB,CAACO,MAAM,EAAE;IAC7B,MAAM,IAAIJ,qBAAa,CAAC,0CAA0C,CAAC,CAAC,CAAC;EACvE;;EACA,MAAMI,MAAM,GAAGP,iBAAiB,CAACO,MAA+B;EAChE,MAAMC,eAAe,GAAGC,MAAM,CAACC,OAAO,CAACH,MAAM,CAAC;;EAE9C;EACA,MAAMI,qBAAqB,GAAGH,eAAe,CAACI,MAAM,CAClDC,KAAA;IAAA,IAAC,CAACC,OAAO,CAAC,GAAAD,KAAA;IAAA,OAAK,CAACnB,WAAW,CAACqB,IAAI,CAACC,KAAA;MAAA,IAAC,GAAGC,IAAI,CAAC,GAAAD,KAAA;MAAA,OAAKC,IAAI,KAAKH,OAAO;IAAA,EAAC;EAAA,CAClE,CAAC;EACD,IAAIH,qBAAqB,CAACd,MAAM,GAAG,CAAC,EAAE;IACpC,MAAMqB,OAAO,GAAGP,qBAAqB,CAACQ,GAAG,CAAEC,CAAC,IAAKA,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAACC,IAAI,CAAC,IAAI,CAAC;IAC3E,MAAMC,QAAQ,GAAG5B,WAAW,CAACyB,GAAG,CAAEC,CAAC,IAAKA,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAACC,IAAI,CAAC,IAAI,CAAC;IACnE,IAAI,CAAC1B,uBAAuB,EAAE;MAC5B,MAAM,IAAIQ,qBAAa,CACpB,4DAA2De,OAAQ,iBAAgBI,QAAS,GAC/F,CAAC;IACH;EACF;;EAEA;EACA;EACA,MAAMC,aAAa,GAAGd,MAAM,CAACe,WAAW,CACtChB;EACE;EAAA,CACCW,GAAG,CACFM,KAAA;IAAA,IAAAC,iBAAA;IAAA,IAAC,CAACZ,OAAO,EAAEa,UAAU,CAAC,GAAAF,KAAA;IAAA,OACpB,CACEX,OAAO,EACP;MACE,GAAGa,UAAU;MACbC,KAAK,GAAAF,iBAAA,GAAEhC,WAAW,CAACmC,IAAI,CACpBT,CAAC,IAAKA,CAAC,CAAC,CAAC,CAAC,WAAW,KAAKN,OAC7B,CAAC,cAAAY,iBAAA,uBAFMA,iBAAA,CAEH,CAAC,CAAC;IACR,CAAC,CACF;EAAA,CACL;EACA;EACA;EAAA,CACCP,GAAG,CACFW,KAAA;IAAA,IAAC,CAAChB,OAAO,EAAE;MAAEiB,OAAO;MAAE,GAAGJ;IAAW,CAAC,CAAC,GAAAG,KAAA;IAAA,OACpC,CACEhB,OAAO,EACP;MACE,GAAGa,UAAU;MACbV,IAAI,EAAEc,OAAO,CAACC,MAAM,CAClB,CAACC,KAAK,EAAAC,KAAA;QAAA,IAAE;UAAEC,MAAM;UAAElB;QAAK,CAAC,GAAAiB,KAAA;QAAA,OAAM;UAAE,GAAGD,KAAK;UAAE,CAACE,MAAM,GAAGlB;QAAK,CAAC;MAAA,CAAC,EAC3D,CAAC,CACH;IACF,CAAC,CACF;EAAA,CACL,CACJ,CAAC;EAED,IAAIlB,0BAA0B,EAAE;IAC9B;IACA;IACA,MAAMqC,eAAe,GAAG3B,MAAM,CAACe,WAAW,CACxC9B,WAAW,CACRkB,MAAM,CAAEQ,CAAC,IAAK,CAACX,MAAM,CAAC4B,IAAI,CAACd,aAAa,CAAC,CAACe,QAAQ,CAAClB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CACzDD,GAAG,CAACoB,KAAA;MAAA,IAAC,GAAGC,GAAG,EAAEZ,KAAK,CAAC,GAAAW,KAAA;MAAA,OAAK,CAACC,GAAG,EAAE;QAAEZ,KAAK;QAAEX,IAAI,EAAEuB;MAAI,CAAC,CAAC;IAAA,EACxD,CAAC;IACD,OAAO;MACL,GAAGjB,aAAa;MAChB,GAAGa;IACL,CAAC;EACH;EAEA,OAAOb,aAAa;AACtB,CAAC;AAED,MAAMkB,mBAAmB,GAAG,SAAAA,CAE1BlD,qBAAgG,EAAAmD,KAAA,EAG3E;EAAA,IAFrB;IAAEC;EAA4B,CAAC,GAAAD,KAAA;EAAA,IAC/B3C,0BAAmC,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,KAAK;EAE3C,MAAMI,iBAAiB,GAAGT,qBAAqB,CAACoD,IAAI,CAACC,OAAO,CAAC;EAE7D,IAAI,CAAC5C,iBAAiB,EAAE;IACtB,MAAM,IAAIG,qBAAa,CAAC,6CAA6C,CAAC;EACxE;;EAEA;EACA,IAAI,CAACH,iBAAiB,CAACO,MAAM,EAAE;IAC7B,MAAM,IAAIJ,qBAAa,CAAC,0CAA0C,CAAC,CAAC,CAAC;EACvE;;EAEA,MAAMI,MAAM,GAAGP,iBAAiB,CAACO,MAGhC;EAED,MAAMC,eAAoD,GAAGC,MAAM,CAACC,OAAO,CACzEH,MACF,CAAC,CAACsC,OAAO,CAACC,KAAA;IAAA,IAAC,CAACC,SAAS,EAAEC,SAAS,CAAC,GAAAF,KAAA;IAAA,OAC/BrC,MAAM,CAACC,OAAO,CAACsC,SAAS,CAAC,CAAC7B,GAAG,CAC3B8B,MAAA;MAAA,IAAC,CAACC,YAAY,EAAEvB,UAAU,CAAC,GAAAsB,MAAA;MAAA,OACzB,CAACF,SAAS,EAAEG,YAAY,EAAEvB,UAAU,CAAC;IAAA,CAKzC,CAAC;EAAA,CACH,CAAC;EAED,IAAI,CAACgB,IAAI,CAACQ,YAAY,CAACC,UAAU,EAAE;IACjC,MAAM,IAAIjD,qBAAa,CAAC,kCAAkC,CAAC;EAC7D;EAEA,MAAMkD,cAA0C,GAAG5C,MAAM,CAACC,OAAO,CAC/DiC,IAAI,CAACQ,YAAY,CAACC,UACpB,CAAC,CAACP,OAAO,CAACS,MAAA;IAAA,IAAC,CAACP,SAAS,EAAEQ,MAAM,CAAC,GAAAD,MAAA;IAAA,OAC5BC,MAAM,CAACpC,GAAG,CACPqC,CAAC,IACA,CAACT,SAAS,EAAES,CAAC,CAACC,iBAAiB,EAAED,CAAC,CAACE,YAAY,CAKnD,CAAC;EAAA,CACH,CAAC;;EAED;EACA,MAAMnC,aAAa,GAAGd,MAAM,CAACe,WAAW,CACtChB;EACE;EAAA,CACCW,GAAG,CACFwC,MAAA;IAAA,IAAAC,oBAAA;IAAA,IAAC,CAACC,gBAAgB,EAAE/C,OAAO,EAAEa,UAAU,CAAC,GAAAgC,MAAA;IAAA,OACtC,CACE7C,OAAO,EACP;MACE,GAAGa,UAAU;MACbC,KAAK,GAAAgC,oBAAA,GAAEP,cAAc,CAACxB,IAAI,CACxBiC,MAAA;QAAA,IAAC,CAACf,SAAS,EAAE9B,IAAI,CAAC,GAAA6C,MAAA;QAAA,OAChBD,gBAAgB,KAAKd,SAAS,IAAI9B,IAAI,KAAKH,OAAO;MAAA,CACtD,CAAC,cAAA8C,oBAAA,uBAHMA,oBAAA,CAGH,CAAC;IACP,CAAC,CACF;EAAA,CACL;EACA;EACA;EAAA,CACCzC,GAAG,CACF4C,MAAA;IAAA,IAAC,CAACjD,OAAO,EAAE;MAAEiB,OAAO;MAAE,GAAGJ;IAAW,CAAC,CAAC,GAAAoC,MAAA;IAAA,OACpC,CACEjD,OAAO,EACP;MACE,GAAGa,UAAU;MACbV,IAAI,EAAEc,OAAO,CAACC,MAAM,CAClB,CAACC,KAAK,EAAA+B,MAAA;QAAA,IAAE;UAAE7B,MAAM;UAAElB;QAAK,CAAC,GAAA+C,MAAA;QAAA,OAAM;UAAE,GAAG/B,KAAK;UAAE,CAACE,MAAM,GAAGlB;QAAK,CAAC;MAAA,CAAC,EAC3D,CAAC,CACH;IACF,CAAC,CACF;EAAA,CACL,CACJ,CAAC;EAED,IAAIlB,0BAA0B,EAAE;IAC9B;IACA,MAAMqC,eAAe,GAAG3B,MAAM,CAACe,WAAW,CACxC6B,cAAc,CACXzC,MAAM,CAACqD,MAAA;MAAA,IAAC,GAAGzB,GAAG,CAAC,GAAAyB,MAAA;MAAA,OAAK,CAACxD,MAAM,CAAC4B,IAAI,CAACd,aAAa,CAAC,CAACe,QAAQ,CAACE,GAAG,CAAC;IAAA,EAAC,CAC9DrB,GAAG,CAAC+C,MAAA;MAAA,IAAC,GAAG1B,GAAG,EAAEZ,KAAK,CAAC,GAAAsC,MAAA;MAAA,OAAK,CAAC1B,GAAG,EAAE;QAAEZ,KAAK;QAAEX,IAAI,EAAEuB;MAAI,CAAC,CAAC;IAAA,EACxD,CAAC;IACD,OAAO;MACL,GAAGjB,aAAa;MAChB,GAAGa;IACL,CAAC;EACH;EAEA,OAAOb,aAAa;AACtB,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,eAAe4C,qBAAqBA,CAClCC,aAAqB,EACrBC,UAAiB,EACjBC,oBAAmC,EACF;EACjC,MAAM,CAACC,iBAAiB,EAAEC,gBAAgB,CAAC;EACzC;EACA,MAAMC,OAAO,CAACC,GAAG,CAAC,CAChB,IAAAC,aAAW,EAACP,aAAa,EAAEC,UAAU,EAAEO,eAAQ,CAAC,EAChDN,oBAAoB,CAACO,YAAY,CAAC,CAAC,CACpC,CAAC;EAEJ,MAAM;IAAEC;EAAI,CAAC,GAAGP,iBAAiB,CAAC9E,KAAK,CAACQ,OAAO;EAE/C,IAAI,CAAC6E,GAAG,CAACC,GAAG,CAACC,GAAG,IAAIF,GAAG,CAACC,GAAG,CAACC,GAAG,KAAKR,gBAAgB,CAACQ,GAAG,EAAE;IACxD,MAAM,IAAI7E,qBAAa,CACpB,kDAAiDqE,gBAAgB,CAACQ,GAAI,UAAST,iBAAiB,CAAC9E,KAAK,CAACQ,OAAO,CAAC6E,GAAG,CAACC,GAAG,CAACC,GAAI,EAC9H,CAAC;EACH;EAEA,OAAOT,iBAAiB;AAC1B;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,eAAeU,oBAAoBA,CACjCb,aAAqB,EACrBC,UAAiB,EACjBC,oBAAmC,EACH;EAChC,MAAM,CAACC,iBAAiB,CAAC;EACvB;EACA,MAAME,OAAO,CAACC,GAAG,CAAC,CAChB,IAAAQ,YAAU,EAACd,aAAa,EAAEC,UAAU,CAAC,EACrCC,oBAAoB,CAACO,YAAY,CAAC,CAAC,CACpC,CAAC;;EAEJ;;EAEA;;EAEA,IAAI,CAACN,iBAAiB,EAAE;IACtB,MAAM,IAAIpE,qBAAa,CAAC,4BAA4B,CAAC;EACvD;EAEA,OAAO;IACLwC,IAAI,EAAE4B,iBAAiB,CAAC5B;EAC1B,CAAC;AACH;;AAEA;;AAQA,MAAMwC,6BAAsD,GAAG,MAAAA,CAC7DC,UAAU,EACVC,UAAU,EACVjE,CAAC,EAAAkE,MAAA,KAME;EAAA,IALH;IACEC,uBAAuB;IACvB5F,uBAAuB;IACvBI;EACF,CAAC,GAAAuF,MAAA;EAED,MAAME,OAAO,GAAG,MAAMrB,qBAAqB,CACzCkB,UAAU,EACVD,UAAU,CAAC/C,IAAI,EACfkD,uBACF,CAAC;EAED,MAAME,gBAAgB,GAAGnG,oBAAoB,CAC3C8F,UAAU,CAACM,mCAAmC,EAC9CF,OAAO,EACP7F,uBAAuB,EACvBI,0BACF,CAAC;EAED,MAAM4F,aAAa,GAAG,IAAAC,mCAAuB,EAACJ,OAAO,CAAC9F,WAAW,EAAE,KAAK,CAAC;EAEzE,OAAO;IACL+F,gBAAgB;IAChBI,UAAU,EAAE,IAAIC,IAAI,CAACN,OAAO,CAAC/F,KAAK,CAACQ,OAAO,CAAC8F,GAAG,GAAG,IAAI,CAAC;IACtDC,QAAQ,EACN,OAAOL,aAAa,KAAK,QAAQ,GAC7B,IAAIG,IAAI,CAACH,aAAa,GAAG,IAAI,CAAC,GAC9B7F;EACR,CAAC;AACH,CAAC;AAED,MAAMmG,4BAAoD,GAAG,MAAAA,CAC3Db,UAAU,EACVC,UAAU,EACVjE,CAAC,EAAA8E,MAAA,KAEE;EAAA,IAAAC,qBAAA,EAAAC,qBAAA;EAAA,IADH;IAAEb,uBAAuB;IAAE5F;EAAwB,CAAC,GAAAuG,MAAA;EAEpD,MAAMV,OAAO,GAAG,MAAMP,oBAAoB,CACxCI,UAAU,EACVD,UAAU,CAAC/C,IAAI,EACfkD,uBACF,CAAC;EAED,MAAME,gBAAgB,GAAGhD,mBAAmB,CAC1C2C,UAAU,CAACM,mCAAmC,EAC9CF,OAAO,EACP7F,uBACF,CAAC;EAED,MAAM0G,cAAc,GAAG,IAAAC,sCAAyB,EAC9Cb,gBAAgB,aAAhBA,gBAAgB,gBAAAU,qBAAA,GAAhBV,gBAAgB,CAAEc,WAAW,cAAAJ,qBAAA,uBAA7BA,qBAAA,CAA+BvE,KACjC,CAAC;EACD,IAAI,CAACyE,cAAc,EAAE;IACnB,MAAM,IAAIlG,qBAAa,CAAE,kCAAiC,CAAC;EAC7D;EACAkG,cAAc,aAAdA,cAAc,uBAAdA,cAAc,CAAEG,OAAO,CAACH,cAAc,CAACI,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC;EAErD,MAAMd,aAAa,GAAG,IAAAW,sCAAyB,EAC7Cb,gBAAgB,aAAhBA,gBAAgB,gBAAAW,qBAAA,GAAhBX,gBAAgB,CAAEiB,UAAU,cAAAN,qBAAA,uBAA5BA,qBAAA,CAA8BxE,KAChC,CAAC;EACD+D,aAAa,aAAbA,aAAa,uBAAbA,aAAa,CAAEa,OAAO,CAACb,aAAa,CAACc,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC;EAEnD,OAAO;IACLhB,gBAAgB;IAChBI,UAAU,EAAEQ,cAAc,IAAI,IAAIP,IAAI,CAAC,CAAC;IACxCE,QAAQ,EAAEL,aAAa,IAAI7F;EAC7B,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAM6G,wBAAkD,GAAG,MAAAA,CAChEvB,UAAU,EACVC,UAAU,EACVjF,MAAM,EACNwG,OAAO,KACJ;EACH,IAAIxG,MAAM,KAAK,WAAW,EAAE;IAC1B,OAAO+E,6BAA6B,CAClCC,UAAU,EACVC,UAAU,EACVjF,MAAM,EACNwG,OACF,CAAC;EACH;EACA,IAAIxG,MAAM,KAAK,UAAU,EAAE;IACzB,OAAO6F,4BAA4B,CACjCb,UAAU,EACVC,UAAU,EACVjF,MAAM,EACNwG,OACF,CAAC;EACH;EAEA,MAAM,IAAIzG,qBAAa,CAAE,kCAAiCC,MAAO,EAAC,CAAC;AACrE,CAAC;AAACyG,OAAA,CAAAF,wBAAA,GAAAA,wBAAA"}
+{"version":3,"names":["_errors","require","_types","_sdJwt","_mdoc","_converters","_converters2","parseCredentialSdJwt","credentials_supported","_ref","sdJwt","disclosures","ignoreMissingAttributes","arguments","length","undefined","includeUndefinedAttributes","credentialSubject","payload","vct","IoWalletError","format","header","typ","claims","attrDefinitions","Object","entries","attrsNotInDisclosures","filter","_ref2","attrKey","some","_ref3","name","missing","map","_","join","received","definedValues","fromEntries","_ref4","_disclosures$find","definition","value","find","_ref5","display","reduce","names","_ref6","locale","undefinedValues","keys","includes","_ref7","key","parseCredentialMDoc","credential_type","_ref8","issuerSigned","flatMap","_ref9","namespace","claimName","_ref10","claimNameKey","nameSpaces","flatNamespaces","_ref11","values","v","elementIdentifier","elementValue","_ref12","_flatNamespaces$find","attrDefNamespace","_ref13","_ref14","_ref15","_ref16","_ref17","verifyCredentialSdJwt","rawCredential","issuerKeys","holderBindingContext","decodedCredential","holderBindingKey","Promise","all","verifySdJwt","SdJwt4VC","getPublicKey","cnf","jwk","kid","verifyCredentialMDoc","verifyMdoc","verifyAndParseCredentialSdJwt","issuerConf","credential","__","_ref18","credentialCryptoContext","decoded","parsedCredential","credential_configurations_supported","maybeIssuedAt","getValueFromDisclosures","expiration","Date","exp","issuedAt","verifyAndParseCredentialMDoc","credentialType","_ref19","_parsedCredential$exp","_parsedCredential$iss","expirationDate","extractElementValueAsDate","expiry_date","setDate","getDate","issue_date","verifyAndParseCredential","context","exports"],"sourceRoot":"../../../../src","sources":["credential/issuance/07-verify-and-parse-credential.ts"],"mappings":";;;;;;AAIA,IAAAA,OAAA,GAAAC,OAAA;AACA,IAAAC,MAAA,GAAAD,OAAA;AACA,IAAAE,MAAA,GAAAF,OAAA;AACA,IAAAG,KAAA,GAAAH,OAAA;AACA,IAAAI,WAAA,GAAAJ,OAAA;AAOA,IAAAK,YAAA,GAAAL,OAAA;AAwBA;;AAkBA;;AASA,MAAMM,oBAAoB,GAAG,SAAAA,CAE3BC,qBAAgG,EAAAC,IAAA,EAI3E;EAAA,IAHrB;IAAEC,KAAK;IAAEC;EAAoC,CAAC,GAAAF,IAAA;EAAA,IAC9CG,uBAAgC,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,KAAK;EAAA,IACxCG,0BAAmC,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,KAAK;EAE3C,MAAMI,iBAAiB,GAAGT,qBAAqB,CAACE,KAAK,CAACQ,OAAO,CAACC,GAAG,CAAC;EAElE,IAAI,CAACF,iBAAiB,EAAE;IACtB,MAAM,IAAIG,qBAAa,CAAC,6CAA6C,CAAC;EACxE;EAEA,IAAIH,iBAAiB,CAACI,MAAM,KAAKX,KAAK,CAACY,MAAM,CAACC,GAAG,EAAE;IACjD,MAAM,IAAIH,qBAAa,CACpB,gEAA+DH,iBAAiB,CAACI,MAAO,gBAAeX,KAAK,CAACY,MAAM,CAACC,GAAI,KAC3H,CAAC;EACH;;EAEA;EACA,IAAI,CAACN,iBAAiB,CAACO,MAAM,EAAE;IAC7B,MAAM,IAAIJ,qBAAa,CAAC,0CAA0C,CAAC,CAAC,CAAC;EACvE;;EACA,MAAMI,MAAM,GAAGP,iBAAiB,CAACO,MAA+B;EAChE,MAAMC,eAAe,GAAGC,MAAM,CAACC,OAAO,CAACH,MAAM,CAAC;;EAE9C;EACA,MAAMI,qBAAqB,GAAGH,eAAe,CAACI,MAAM,CAClDC,KAAA;IAAA,IAAC,CAACC,OAAO,CAAC,GAAAD,KAAA;IAAA,OAAK,CAACnB,WAAW,CAACqB,IAAI,CAACC,KAAA;MAAA,IAAC,GAAGC,IAAI,CAAC,GAAAD,KAAA;MAAA,OAAKC,IAAI,KAAKH,OAAO;IAAA,EAAC;EAAA,CAClE,CAAC;EACD,IAAIH,qBAAqB,CAACd,MAAM,GAAG,CAAC,EAAE;IACpC,MAAMqB,OAAO,GAAGP,qBAAqB,CAACQ,GAAG,CAAEC,CAAC,IAAKA,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAACC,IAAI,CAAC,IAAI,CAAC;IAC3E,MAAMC,QAAQ,GAAG5B,WAAW,CAACyB,GAAG,CAAEC,CAAC,IAAKA,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAACC,IAAI,CAAC,IAAI,CAAC;IACnE,IAAI,CAAC1B,uBAAuB,EAAE;MAC5B,MAAM,IAAIQ,qBAAa,CACpB,4DAA2De,OAAQ,iBAAgBI,QAAS,GAC/F,CAAC;IACH;EACF;;EAEA;EACA;EACA,MAAMC,aAAa,GAAGd,MAAM,CAACe,WAAW,CACtChB;EACE;EAAA,CACCW,GAAG,CACFM,KAAA;IAAA,IAAAC,iBAAA;IAAA,IAAC,CAACZ,OAAO,EAAEa,UAAU,CAAC,GAAAF,KAAA;IAAA,OACpB,CACEX,OAAO,EACP;MACE,GAAGa,UAAU;MACbC,KAAK,GAAAF,iBAAA,GAAEhC,WAAW,CAACmC,IAAI,CACpBT,CAAC,IAAKA,CAAC,CAAC,CAAC,CAAC,WAAW,KAAKN,OAC7B,CAAC,cAAAY,iBAAA,uBAFMA,iBAAA,CAEH,CAAC,CAAC;IACR,CAAC,CACF;EAAA,CACL;EACA;EACA;EAAA,CACCP,GAAG,CACFW,KAAA;IAAA,IAAC,CAAChB,OAAO,EAAE;MAAEiB,OAAO;MAAE,GAAGJ;IAAW,CAAC,CAAC,GAAAG,KAAA;IAAA,OACpC,CACEhB,OAAO,EACP;MACE,GAAGa,UAAU;MACbV,IAAI,EAAEc,OAAO,CAACC,MAAM,CAClB,CAACC,KAAK,EAAAC,KAAA;QAAA,IAAE;UAAEC,MAAM;UAAElB;QAAK,CAAC,GAAAiB,KAAA;QAAA,OAAM;UAAE,GAAGD,KAAK;UAAE,CAACE,MAAM,GAAGlB;QAAK,CAAC;MAAA,CAAC,EAC3D,CAAC,CACH;IACF,CAAC,CACF;EAAA,CACL,CACJ,CAAC;EAED,IAAIlB,0BAA0B,EAAE;IAC9B;IACA;IACA,MAAMqC,eAAe,GAAG3B,MAAM,CAACe,WAAW,CACxC9B,WAAW,CACRkB,MAAM,CAAEQ,CAAC,IAAK,CAACX,MAAM,CAAC4B,IAAI,CAACd,aAAa,CAAC,CAACe,QAAQ,CAAClB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CACzDD,GAAG,CAACoB,KAAA;MAAA,IAAC,GAAGC,GAAG,EAAEZ,KAAK,CAAC,GAAAW,KAAA;MAAA,OAAK,CAACC,GAAG,EAAE;QAAEZ,KAAK;QAAEX,IAAI,EAAEuB;MAAI,CAAC,CAAC;IAAA,EACxD,CAAC;IACD,OAAO;MACL,GAAGjB,aAAa;MAChB,GAAGa;IACL,CAAC;EACH;EAEA,OAAOb,aAAa;AACtB,CAAC;AAED,MAAMkB,mBAAmB,GAAG,SAAAA,CAE1BlD,qBAAgG,EAChGmD,eAAuB,EAAAC,KAAA,EAGF;EAAA,IAFrB;IAAEC;EAAoC,CAAC,GAAAD,KAAA;EAAA,IACvC5C,0BAAmC,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,KAAK;EAE3C,MAAMI,iBAAiB,GAAGT,qBAAqB,CAACmD,eAAe,CAAC;EAEhE,IAAI,CAAC1C,iBAAiB,EAAE;IACtB,MAAM,IAAIG,qBAAa,CAAC,6CAA6C,CAAC;EACxE;;EAEA;EACA,IAAI,CAACH,iBAAiB,CAACO,MAAM,EAAE;IAC7B,MAAM,IAAIJ,qBAAa,CAAC,0CAA0C,CAAC,CAAC,CAAC;EACvE;;EAEA,MAAMI,MAAM,GAAGP,iBAAiB,CAACO,MAGhC;EAED,MAAMC,eAAoD,GAAGC,MAAM,CAACC,OAAO,CACzEH,MACF,CAAC,CAACsC,OAAO,CAACC,KAAA;IAAA,IAAC,CAACC,SAAS,EAAEC,SAAS,CAAC,GAAAF,KAAA;IAAA,OAC/BrC,MAAM,CAACC,OAAO,CAACsC,SAAS,CAAC,CAAC7B,GAAG,CAC3B8B,MAAA;MAAA,IAAC,CAACC,YAAY,EAAEvB,UAAU,CAAC,GAAAsB,MAAA;MAAA,OACzB,CAACF,SAAS,EAAEG,YAAY,EAAEvB,UAAU,CAAC;IAAA,CAKzC,CAAC;EAAA,CACH,CAAC;EAED,IAAI,CAACiB,YAAY,CAACO,UAAU,EAAE;IAC5B,MAAM,IAAIhD,qBAAa,CAAC,kCAAkC,CAAC;EAC7D;EAEA,MAAMiD,cAA0C,GAAG3C,MAAM,CAACC,OAAO,CAC/DkC,YAAY,CAACO,UACf,CAAC,CAACN,OAAO,CAACQ,MAAA;IAAA,IAAC,CAACN,SAAS,EAAEO,MAAM,CAAC,GAAAD,MAAA;IAAA,OAC5BC,MAAM,CAACnC,GAAG,CACPoC,CAAC,IACA,CAACR,SAAS,EAAEQ,CAAC,CAACC,iBAAiB,EAAED,CAAC,CAACE,YAAY,CAKnD,CAAC;EAAA,CACH,CAAC;;EAED;EACA,MAAMlC,aAAa,GAAGd,MAAM,CAACe,WAAW,CACtChB;EACE;EAAA,CACCW,GAAG,CACFuC,MAAA;IAAA,IAAAC,oBAAA;IAAA,IAAC,CAACC,gBAAgB,EAAE9C,OAAO,EAAEa,UAAU,CAAC,GAAA+B,MAAA;IAAA,OACtC,CACE5C,OAAO,EACP;MACE,GAAGa,UAAU;MACbC,KAAK,GAAA+B,oBAAA,GAAEP,cAAc,CAACvB,IAAI,CACxBgC,MAAA;QAAA,IAAC,CAACd,SAAS,EAAE9B,IAAI,CAAC,GAAA4C,MAAA;QAAA,OAChBD,gBAAgB,KAAKb,SAAS,IAAI9B,IAAI,KAAKH,OAAO;MAAA,CACtD,CAAC,cAAA6C,oBAAA,uBAHMA,oBAAA,CAGH,CAAC;IACP,CAAC,CACF;EAAA,CACL;EACA;EACA;EAAA,CACCxC,GAAG,CACF2C,MAAA;IAAA,IAAC,CAAChD,OAAO,EAAE;MAAEiB,OAAO;MAAE,GAAGJ;IAAW,CAAC,CAAC,GAAAmC,MAAA;IAAA,OACpC,CACEhD,OAAO,EACP;MACE,GAAGa,UAAU;MACbV,IAAI,EAAEc,OAAO,CAACC,MAAM,CAClB,CAACC,KAAK,EAAA8B,MAAA;QAAA,IAAE;UAAE5B,MAAM;UAAElB;QAAK,CAAC,GAAA8C,MAAA;QAAA,OAAM;UAAE,GAAG9B,KAAK;UAAE,CAACE,MAAM,GAAGlB;QAAK,CAAC;MAAA,CAAC,EAC3D,CAAC,CACH;IACF,CAAC,CACF;EAAA,CACL,CACJ,CAAC;EAED,IAAIlB,0BAA0B,EAAE;IAC9B;IACA,MAAMqC,eAAe,GAAG3B,MAAM,CAACe,WAAW,CACxC4B,cAAc,CACXxC,MAAM,CAACoD,MAAA;MAAA,IAAC,GAAGxB,GAAG,CAAC,GAAAwB,MAAA;MAAA,OAAK,CAACvD,MAAM,CAAC4B,IAAI,CAACd,aAAa,CAAC,CAACe,QAAQ,CAACE,GAAG,CAAC;IAAA,EAAC,CAC9DrB,GAAG,CAAC8C,MAAA;MAAA,IAAC,GAAGzB,GAAG,EAAEZ,KAAK,CAAC,GAAAqC,MAAA;MAAA,OAAK,CAACzB,GAAG,EAAE;QAAEZ,KAAK;QAAEX,IAAI,EAAEuB;MAAI,CAAC,CAAC;IAAA,EACxD,CAAC;IACD,OAAO;MACL,GAAGjB,aAAa;MAChB,GAAGa;IACL,CAAC;EACH;EAEA,OAAOb,aAAa;AACtB,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,eAAe2C,qBAAqBA,CAClCC,aAAqB,EACrBC,UAAiB,EACjBC,oBAAmC,EACF;EACjC,MAAM,CAACC,iBAAiB,EAAEC,gBAAgB,CAAC;EACzC;EACA,MAAMC,OAAO,CAACC,GAAG,CAAC,CAChB,IAAAC,aAAW,EAACP,aAAa,EAAEC,UAAU,EAAEO,eAAQ,CAAC,EAChDN,oBAAoB,CAACO,YAAY,CAAC,CAAC,CACpC,CAAC;EAEJ,MAAM;IAAEC;EAAI,CAAC,GAAGP,iBAAiB,CAAC7E,KAAK,CAACQ,OAAO;EAE/C,IAAI,CAAC4E,GAAG,CAACC,GAAG,CAACC,GAAG,IAAIF,GAAG,CAACC,GAAG,CAACC,GAAG,KAAKR,gBAAgB,CAACQ,GAAG,EAAE;IACxD,MAAM,IAAI5E,qBAAa,CACpB,kDAAiDoE,gBAAgB,CAACQ,GAAI,UAAST,iBAAiB,CAAC7E,KAAK,CAACQ,OAAO,CAAC4E,GAAG,CAACC,GAAG,CAACC,GAAI,EAC9H,CAAC;EACH;EAEA,OAAOT,iBAAiB;AAC1B;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,eAAeU,oBAAoBA,CACjCb,aAAqB,EACrBC,UAAiB,EACjBC,oBAAmC,EACH;EAChC;AACF;AACA;AACA;AACA;EACE,MAAM,CAACC,iBAAiB,EAAElD,CAAC,CAAC;EAC1B;EACA,MAAMoD,OAAO,CAACC,GAAG,CAAC,CAChB,IAAAQ,YAAU,EAACd,aAAa,EAAEC,UAAU,CAAC,EACrCC,oBAAoB,CAACO,YAAY,CAAC,CAAC,CACpC,CAAC;EAEJ,IAAI,CAACN,iBAAiB,EAAE;IACtB,MAAM,IAAInE,qBAAa,CAAC,4BAA4B,CAAC;EACvD;;EAEA;AACF;AACA;AACA;AACA;EACE;EACA;EACA;EACA;EACA;EACA;EACA;;EAEA,OAAOmE,iBAAiB;AAC1B;;AAEA;;AASA,MAAMY,6BAAsD,GAAG,MAAAA,CAC7DC,UAAU,EACVC,UAAU,EACVhE,CAAC,EACDiE,EAAE,EAAAC,MAAA,KAMC;EAAA,IALH;IACEC,uBAAuB;IACvB5F,uBAAuB;IACvBI;EACF,CAAC,GAAAuF,MAAA;EAED,MAAME,OAAO,GAAG,MAAMtB,qBAAqB,CACzCkB,UAAU,EACVD,UAAU,CAAC9C,IAAI,EACfkD,uBACF,CAAC;EAED,MAAME,gBAAgB,GAAGnG,oBAAoB,CAC3C6F,UAAU,CAACO,mCAAmC,EAC9CF,OAAO,EACP7F,uBAAuB,EACvBI,0BACF,CAAC;EAED,MAAM4F,aAAa,GAAG,IAAAC,mCAAuB,EAACJ,OAAO,CAAC9F,WAAW,EAAE,KAAK,CAAC;EAEzE,OAAO;IACL+F,gBAAgB;IAChBI,UAAU,EAAE,IAAIC,IAAI,CAACN,OAAO,CAAC/F,KAAK,CAACQ,OAAO,CAAC8F,GAAG,GAAG,IAAI,CAAC;IACtDC,QAAQ,EACN,OAAOL,aAAa,KAAK,QAAQ,GAC7B,IAAIG,IAAI,CAACH,aAAa,GAAG,IAAI,CAAC,GAC9B7F;EACR,CAAC;AACH,CAAC;AAED,MAAMmG,4BAAoD,GAAG,MAAAA,CAC3Dd,UAAU,EACVC,UAAU,EACVhE,CAAC,EACD8E,cAAc,EAAAC,MAAA,KAEX;EAAA,IAAAC,qBAAA,EAAAC,qBAAA;EAAA,IADH;IAAEd,uBAAuB;IAAE5F;EAAwB,CAAC,GAAAwG,MAAA;EAEpD,MAAMX,OAAO,GAAG,MAAMR,oBAAoB,CACxCI,UAAU,EACVD,UAAU,CAAC9C,IAAI,EACfkD,uBACF,CAAC;EAED,MAAME,gBAAgB,GAAGhD,mBAAmB,CAC1C0C,UAAU,CAACO,mCAAmC,EAC9CQ,cAAc,EACdV,OAAO,EACP7F,uBACF,CAAC;EAED,MAAM2G,cAAc,GAAG,IAAAC,sCAAyB,EAC9Cd,gBAAgB,aAAhBA,gBAAgB,gBAAAW,qBAAA,GAAhBX,gBAAgB,CAAEe,WAAW,cAAAJ,qBAAA,uBAA7BA,qBAAA,CAA+BxE,KACjC,CAAC;EACD,IAAI,CAAC0E,cAAc,EAAE;IACnB,MAAM,IAAInG,qBAAa,CAAE,kCAAiC,CAAC;EAC7D;EACAmG,cAAc,aAAdA,cAAc,uBAAdA,cAAc,CAAEG,OAAO,CAACH,cAAc,CAACI,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC;EAErD,MAAMf,aAAa,GAAG,IAAAY,sCAAyB,EAC7Cd,gBAAgB,aAAhBA,gBAAgB,gBAAAY,qBAAA,GAAhBZ,gBAAgB,CAAEkB,UAAU,cAAAN,qBAAA,uBAA5BA,qBAAA,CAA8BzE,KAChC,CAAC;EACD+D,aAAa,aAAbA,aAAa,uBAAbA,aAAa,CAAEc,OAAO,CAACd,aAAa,CAACe,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC;EAEnD,OAAO;IACLjB,gBAAgB;IAChBI,UAAU,EAAES,cAAc,IAAI,IAAIR,IAAI,CAAC,CAAC;IACxCE,QAAQ,EAAEL,aAAa,IAAI7F;EAC7B,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAM8G,wBAAkD,GAAG,MAAAA,CAChEzB,UAAU,EACVC,UAAU,EACVhF,MAAM,EACN8F,cAAc,EACdW,OAAO,KACJ;EACH,IAAIzG,MAAM,KAAK,WAAW,EAAE;IAC1B,OAAO8E,6BAA6B,CAClCC,UAAU,EACVC,UAAU,EACVhF,MAAM,EACN8F,cAAc,EACdW,OACF,CAAC;EACH;EACA,IAAIzG,MAAM,KAAK,UAAU,EAAE;IACzB,OAAO6F,4BAA4B,CACjCd,UAAU,EACVC,UAAU,EACVhF,MAAM,EACN8F,cAAc,EACdW,OACF,CAAC;EACH;EAEA,MAAM,IAAI1G,qBAAa,CAAE,kCAAiCC,MAAO,EAAC,CAAC;AACrE,CAAC;AAAC0G,OAAA,CAAAF,wBAAA,GAAAA,wBAAA"}

package/lib/commonjs/credential/presentation/07-evaluate-input-descriptor.js

@@ -3,19 +3,27 @@
 Object.defineProperty(exports, "__esModule", {
   value: true
 });
-exports.prepareRemotePresentations = exports.findCredentialSdJwt = exports.evaluateInputDescriptors = exports.evaluateInputDescriptorForSdJwt4VC = void 0;
+exports.prepareRemotePresentations = exports.findCredentialSdJwt = exports.findCredentialMDoc = exports.evaluateInputDescriptors = exports.evaluateInputDescriptorForSdJwt4VC = exports.evaluateInputDescriptorForMdoc = exports.disclosureWithEncodedToEvaluatedDisclosure = void 0;
 var _sdJwt = require("../../sd-jwt");
 var _crypto = require("../../utils/crypto");
 var _jsonpathPlus = require("jsonpath-plus");
 var _errors = require("./errors");
 var _ajv = _interopRequireDefault(require("ajv"));
-var _string = require("../../utils/string");
 var _ioReactNativeCbor = require("@pagopa/io-react-native-cbor");
+var _mdoc = require("../../mdoc");
+var _misc = require("../../utils/misc");
 function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
 const ajv = new _ajv.default({
   allErrors: true
 });
-const INDEX_CLAIM_NAME = 1;
+const disclosureWithEncodedToEvaluatedDisclosure = disclosure => {
+  const [, claimName, claimValue] = disclosure.decoded;
+  return {
+    name: claimName,
+    value: claimValue
+  };
+};
+exports.disclosureWithEncodedToEvaluatedDisclosure = disclosureWithEncodedToEvaluatedDisclosure;
 /**
  * Transforms an array of DisclosureWithEncoded objects into a key-value map.
  * @param disclosures - An array of DisclosureWithEncoded, each containing a decoded property with [?, claimName, claimValue].
@@ -32,6 +40,22 @@ const mapDisclosuresToObject = disclosures => {
   }, {});
 };
 
+/**
+ * Transforms the issuer's namespaces from a CBOR structure into a plain JavaScript object.
+ *
+ * @param namespaces - The CBOR-based namespaces object where each key corresponds to a namespace,
+ *                     and each value is an array of elements containing identifiers and values.
+ * @returns A record (plain object) where each key is a namespace, and its value is another object
+ *          mapping element identifiers to their corresponding element values.
+ */
+const mapNamespacesToObject = namespaces => {
+  return Object.entries(namespaces).reduce((obj, _ref2) => {
+    let [namespace, elements] = _ref2;
+    obj[namespace] = Object.fromEntries(elements.map(element => [element.elementIdentifier, element.elementValue]));
+    return obj;
+  }, {});
+};
+
 /**
  * Finds a claim within the payload based on provided JSONPath expressions.
  * @param paths - An array of JSONPath expressions to search for in the payload.
@@ -79,10 +103,91 @@ const extractClaimName = path => {
     // match[2] corresponds to the second capture group (\w+) inside [""] or ['']
     return match[1] || match[2];
   }
+  throw new Error(`Invalid input format: "${path}". Expected formats are "$.propertyName", "$['propertyName']", or '$["propertyName"]'.`);
+};
 
-  // If the input doesn't match any of the expected formats, return null
+/**
+ * Extracts the namespace and claim name from a path in the following format:
+ * $['nameSpace']['propertyName']
+ *
+ * @param path - The path string containing the claim reference.
+ * @returns An object with the extracted namespace and claim name.
+ * @throws An error if the input format is invalid.
+ */
+const extractNamespaceAndClaimName = path => {
+  const regex = /^\$\[(?:'|")([^'"\]]+)(?:'|")\]\[(?:'|")([^'"\]]+)(?:'|")\]$/;
+  const match = path.match(regex);
+  if (match) {
+    return {
+      nameSpace: match[1],
+      propertyName: match[2]
+    };
+  }
+  throw new Error(`Invalid input format: "${path}". Expected format is "$['nameSpace']['propertyName']".`);
+};
+/**
+ * Evaluates the input descriptor for an mDoc by verifying that the issuerSigned claims meet
+ * the constraints defined in the input descriptor. It categorizes disclosures as either required
+ * or optional based on the field definitions.
+ *
+ * @param inputDescriptor - Contains constraints and field definitions specifying required/optional claims.
+ * @param issuerSigned - Contains the issuerSigned with namespaces and their associated claims.
+ * @returns An object with two arrays: one for required disclosures and one for optional disclosures.
+ * @throws MissingDataError - If a required field is missing or if a claim fails JSON Schema validation.
+ */
+const evaluateInputDescriptorForMdoc = (inputDescriptor, issuerSigned) => {
+  var _inputDescriptor$cons;
+  if (!(inputDescriptor !== null && inputDescriptor !== void 0 && (_inputDescriptor$cons = inputDescriptor.constraints) !== null && _inputDescriptor$cons !== void 0 && _inputDescriptor$cons.fields)) {
+    // No validation, no field are required
+    return {
+      requiredDisclosures: [],
+      optionalDisclosures: []
+    };
+  }
+  const requiredDisclosures = [];
+  const optionalDisclosures = [];
 
-  throw new Error(`Invalid input format: "${path}". Expected formats are "$.propertyName", "$['propertyName']", or '$["propertyName"]'.`);
+  // Convert issuer's namespaces into an object for easier lookup of claim values.
+  const namespacesAsPayload = mapNamespacesToObject(issuerSigned.nameSpaces);
+  const allFieldsValid = inputDescriptor.constraints.fields.every(field => {
+    const [matchedPath, matchedValue] = findMatchedClaim(field.path, namespacesAsPayload);
+
+    // If no matching claim is found, the field is valid only if it's marked as optional.
+    if (matchedValue === undefined || !matchedPath) {
+      return field === null || field === void 0 ? void 0 : field.optional;
+    } else {
+      // Extract the namespace and property name from the matched path.
+      const {
+        nameSpace,
+        propertyName
+      } = extractNamespaceAndClaimName(matchedPath);
+      if (nameSpace && propertyName) {
+        (field !== null && field !== void 0 && field.optional ? optionalDisclosures : requiredDisclosures).push({
+          namespace: nameSpace,
+          name: propertyName,
+          value: matchedValue
+        });
+      }
+    }
+    if (field.filter) {
+      try {
+        const validateSchema = ajv.compile(field.filter);
+        if (!validateSchema(matchedValue)) {
+          throw new _errors.MissingDataError(`Claim value "${matchedValue}" for path "${matchedPath}" does not match the provided JSON Schema.`);
+        }
+      } catch (error) {
+        return false;
+      }
+    }
+    return true;
+  });
+  if (!allFieldsValid) {
+    throw new _errors.MissingDataError("Credential validation failed: Required fields are missing or do not match the input descriptor.");
+  }
+  return {
+    requiredDisclosures,
+    optionalDisclosures
+  };
 };
 
 /**
@@ -93,30 +198,28 @@ const extractClaimName = path => {
  * - Validates whether required fields are present (unless marked optional)
  *   and match any specified JSONPath.
  * - If a field includes a JSON Schema filter, validates the claim value against that schema.
- * - Enforces `limit_disclosure` rules by returning only disclosures, required and optional, matching the specified fields
- *   if set to "required". Otherwise also return the array unrequestedDisclosures with disclosures which can be passed for a particular use case.
  * - Throws an error if a required field is invalid or missing.
  *
  * @param inputDescriptor - Describes constraints (fields, filters, etc.) that must be satisfied.
  * @param payloadCredential - The credential payload to check against.
  * @param disclosures - An array of DisclosureWithEncoded objects representing selective disclosures.
- * @returns A filtered list of disclosures satisfying the descriptor constraints, or throws an error if not.
+ * @returns An object with two arrays: one for required disclosures and one for optional disclosures.
  * @throws Will throw an error if any required constraint fails or if JSONPath lookups are invalid.
  */
+exports.evaluateInputDescriptorForMdoc = evaluateInputDescriptorForMdoc;
 const evaluateInputDescriptorForSdJwt4VC = (inputDescriptor, payloadCredential, disclosures) => {
-  var _inputDescriptor$cons;
-  if (!(inputDescriptor !== null && inputDescriptor !== void 0 && (_inputDescriptor$cons = inputDescriptor.constraints) !== null && _inputDescriptor$cons !== void 0 && _inputDescriptor$cons.fields)) {
+  var _inputDescriptor$cons2;
+  if (!(inputDescriptor !== null && inputDescriptor !== void 0 && (_inputDescriptor$cons2 = inputDescriptor.constraints) !== null && _inputDescriptor$cons2 !== void 0 && _inputDescriptor$cons2.fields)) {
     // No validation, all field are optional
     return {
       requiredDisclosures: [],
-      optionalDisclosures: [],
-      unrequestedDisclosures: disclosures
+      optionalDisclosures: []
     };
   }
-  const requiredClaimNames = [];
-  const optionalClaimNames = [];
+  const requiredDisclosures = [];
+  const optionalDisclosures = [];
 
-  // Transform disclosures to find claim using JSONPath
+  // Transform disclosures into an object for easier lookup of claim values.
   const disclosuresAsPayload = mapDisclosuresToObject(disclosures);
 
   // For each field, we need at least one matching path
@@ -136,7 +239,10 @@ const evaluateInputDescriptorForSdJwt4VC = (inputDescriptor, payloadCredential,
       // if match a disclouse we save which is required or optional
       const claimName = extractClaimName(matchedPath);
       if (claimName) {
-        (field !== null && field !== void 0 && field.optional ? optionalClaimNames : requiredClaimNames).push(claimName);
+        (field !== null && field !== void 0 && field.optional ? optionalDisclosures : requiredDisclosures).push({
+          value: matchedValue,
+          name: claimName
+        });
       }
     }
 
@@ -160,26 +266,19 @@ const evaluateInputDescriptorForSdJwt4VC = (inputDescriptor, payloadCredential,
   if (!allFieldsValid) {
     throw new _errors.MissingDataError("Credential validation failed: Required fields are missing or do not match the input descriptor.");
   }
-
-  // Categorizes disclosures into required and optional based on claim names and disclosure constraints.
-
-  const requiredDisclosures = disclosures.filter(disclosure => requiredClaimNames.includes(disclosure.decoded[INDEX_CLAIM_NAME]));
-  const optionalDisclosures = disclosures.filter(disclosure => optionalClaimNames.includes(disclosure.decoded[INDEX_CLAIM_NAME]));
-  const isNotLimitDisclosure = !(inputDescriptor.constraints.limit_disclosure === "required");
-  const unrequestedDisclosures = isNotLimitDisclosure ? disclosures.filter(disclosure => !optionalClaimNames.includes(disclosure.decoded[INDEX_CLAIM_NAME]) && !requiredClaimNames.includes(disclosure.decoded[INDEX_CLAIM_NAME])) : [];
   return {
     requiredDisclosures,
-    optionalDisclosures,
-    unrequestedDisclosures
+    optionalDisclosures
   };
 };
-exports.evaluateInputDescriptorForSdJwt4VC = evaluateInputDescriptorForSdJwt4VC;
+
 /**
  * Finds the first credential that satisfies the input descriptor constraints.
  * @param inputDescriptor The input descriptor to evaluate.
  * @param decodedSdJwtCredentials An array of decoded SD-JWT credentials.
  * @returns An object containing the matched evaluation, keyTag, and credential.
  */
+exports.evaluateInputDescriptorForSdJwt4VC = evaluateInputDescriptorForSdJwt4VC;
 const findCredentialSdJwt = (inputDescriptor, decodedSdJwtCredentials) => {
   for (const {
     keyTag,
@@ -202,6 +301,34 @@ const findCredentialSdJwt = (inputDescriptor, decodedSdJwtCredentials) => {
   throw new _errors.CredentialNotFoundError("None of the vc+sd-jwt credentials satisfy the requirements.");
 };
 
+/**
+ * Finds the first credential that satisfies the input descriptor constraints.
+ * @param inputDescriptor The input descriptor to evaluate.
+ * @param decodedMdocCredentials An array of decoded MDOC credentials.
+ * @returns An object containing the matched evaluation, keyTag, and credential.
+ */
+exports.findCredentialSdJwt = findCredentialSdJwt;
+const findCredentialMDoc = (inputDescriptor, decodedMDocCredentials) => {
+  for (const {
+    keyTag,
+    credential,
+    issuerSigned
+  } of decodedMDocCredentials) {
+    try {
+      const evaluatedDisclosure = evaluateInputDescriptorForMdoc(inputDescriptor, issuerSigned);
+      return {
+        matchedEvaluation: evaluatedDisclosure,
+        matchedKeyTag: keyTag,
+        matchedCredential: credential
+      };
+    } catch {
+      // skip to next credential
+      continue;
+    }
+  }
+  throw new _errors.CredentialNotFoundError("None of the mso_mdoc credentials satisfy the requirements.");
+};
+
 /**
  * Evaluates multiple input descriptors against provided SD-JWT and MDOC credentials.
  *
@@ -217,11 +344,11 @@ const findCredentialSdJwt = (inputDescriptor, decodedSdJwtCredentials) => {
  *          the input descriptor, the credential, and the keyTag.
  * @throws {CredentialNotFoundError} When the credential format is unsupported.
  */
-exports.findCredentialSdJwt = findCredentialSdJwt;
+exports.findCredentialMDoc = findCredentialMDoc;
 const evaluateInputDescriptors = async (inputDescriptors, credentialsSdJwt, credentialsMdoc) => {
   // We need decode SD-JWT credentials for evaluation
-  const decodedSdJwtCredentials = (credentialsSdJwt === null || credentialsSdJwt === void 0 ? void 0 : credentialsSdJwt.map(_ref2 => {
-    let [keyTag, credential] = _ref2;
+  const decodedSdJwtCredentials = (credentialsSdJwt === null || credentialsSdJwt === void 0 ? void 0 : credentialsSdJwt.map(_ref3 => {
+    let [keyTag, credential] = _ref3;
     const {
       sdJwt,
       disclosures
@@ -233,38 +360,36 @@ const evaluateInputDescriptors = async (inputDescriptors, credentialsSdJwt, cred
       disclosures
     };
   })) || [];
+
+  // We need decode Mdoc credentials for evaluation
+  const decodedMdocCredentials = (await Promise.all(credentialsMdoc === null || credentialsMdoc === void 0 ? void 0 : credentialsMdoc.map(async _ref4 => {
+    let [keyTag, credential] = _ref4;
+    const issuerSigned = await _ioReactNativeCbor.CBOR.decodeIssuerSigned(credential);
+    if (!issuerSigned) {
+      throw new _errors.CredentialNotFoundError("mso_mdoc credential is not present.");
+    }
+    return {
+      keyTag,
+      credential,
+      issuerSigned
+    };
+  }))) || [];
   const results = Promise.all(inputDescriptors.map(async descriptor => {
     var _descriptor$format, _descriptor$format2;
     if ((_descriptor$format = descriptor.format) !== null && _descriptor$format !== void 0 && _descriptor$format.mso_mdoc) {
-      if (!credentialsMdoc || !credentialsMdoc[0]) {
+      if (!credentialsMdoc.length) {
         throw new _errors.CredentialNotFoundError("mso_mdoc credential is not supported.");
       }
-      /**
-       * The current implementation for the "mso_mdoc" format is temporary and always returns the first credential (mDL).
-       * [WLEO-266] This will be replaced with the real implementation once the evaluateInputDescriptorForMdoc function is available.
-       **/
-      const [keyTag, credential] = credentialsMdoc[0];
-      const mdoc = await _ioReactNativeCbor.CBOR.decodeDocuments(credential);
-      if (!mdoc || !mdoc.documents || !mdoc.documents[0]) {
-        throw new _errors.CredentialNotFoundError("mso_mdoc credential is not present.");
-      }
-      const document = mdoc.documents[0];
-      // We set requiredDisclosures to all the elements in the document, as we don't have a real implementation for this yet.
+      const {
+        matchedEvaluation,
+        matchedKeyTag,
+        matchedCredential
+      } = findCredentialMDoc(descriptor, decodedMdocCredentials);
       return {
-        evaluatedDisclosure: {
-          requiredDisclosures: Object.entries(document.issuerSigned.nameSpaces).flatMap(_ref3 => {
-            let [, elements] = _ref3;
-            return elements.map(element => ({
-              encoded: "",
-              decoded: ["", element.elementIdentifier, element.elementValue]
-            }));
-          }),
-          optionalDisclosures: [],
-          unrequestedDisclosures: []
-        },
+        evaluatedDisclosure: matchedEvaluation,
         inputDescriptor: descriptor,
-        credential,
-        keyTag
+        credential: matchedCredential,
+        keyTag: matchedKeyTag
       };
     }
     if ((_descriptor$format2 = descriptor.format) !== null && _descriptor$format2 !== void 0 && _descriptor$format2["vc+sd-jwt"]) {
@@ -303,22 +428,27 @@ const evaluateInputDescriptors = async (inputDescriptors, credentialsSdJwt, cred
  * @throws {CredentialNotFoundError} When the credential format is unsupported.
  */
 exports.evaluateInputDescriptors = evaluateInputDescriptors;
-const prepareRemotePresentations = async (credentialAndDescriptors, nonce, client_id) => {
-  return Promise.all(credentialAndDescriptors.map(async item => {
+const prepareRemotePresentations = async (credentialAndDescriptors, authRequestObject) => {
+  /* In case of ISO 18013-7 we need a nonce, it shall have a minimum entropy of 16  */
+  const generatedNonce = (0, _misc.generateRandomAlphaNumericString)(16);
+  const presentations = await Promise.all(credentialAndDescriptors.map(async item => {
     var _descriptor$format3, _descriptor$format4;
     const descriptor = item.inputDescriptor;
     if ((_descriptor$format3 = descriptor.format) !== null && _descriptor$format3 !== void 0 && _descriptor$format3.mso_mdoc) {
+      const {
+        vp_token
+      } = await (0, _mdoc.prepareVpTokenMdoc)(authRequestObject.nonce, generatedNonce, authRequestObject.clientId, authRequestObject.responseUri, descriptor.id, item.keyTag, [item.credential, item.requestedClaims, (0, _crypto.createCryptoContextFor)(item.keyTag)]);
       return {
         requestedClaims: item.requestedClaims,
         inputDescriptor: descriptor,
-        vpToken: (0, _string.base64ToBase64Url)(item.credential),
+        vpToken: vp_token,
         format: "mso_mdoc"
       };
     }
     if ((_descriptor$format4 = descriptor.format) !== null && _descriptor$format4 !== void 0 && _descriptor$format4["vc+sd-jwt"]) {
       const {
         vp_token
-      } = await (0, _sdJwt.prepareVpToken)(nonce, client_id, [item.credential, item.requestedClaims, (0, _crypto.createCryptoContextFor)(item.keyTag)]);
+      } = await (0, _sdJwt.prepareVpToken)(authRequestObject.nonce, authRequestObject.clientId, [item.credential, item.requestedClaims, (0, _crypto.createCryptoContextFor)(item.keyTag)]);
       return {
         requestedClaims: item.requestedClaims,
         inputDescriptor: descriptor,
@@ -328,6 +458,10 @@ const prepareRemotePresentations = async (credentialAndDescriptors, nonce, clien
     }
     throw new _errors.CredentialNotFoundError(`${descriptor.format} format is not supported.`);
   }));
+  return {
+    presentations,
+    generatedNonce
+  };
 };
 exports.prepareRemotePresentations = prepareRemotePresentations;
 //# sourceMappingURL=07-evaluate-input-descriptor.js.map