npm - @pagopa/io-react-native-wallet - Versions diffs - 1.7.0 → 2.0.0-next.0 - Mend

@pagopa/io-react-native-wallet 1.7.0 → 2.0.0-next.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (438) hide show

package/src/utils/par.ts CHANGED Viewed

@@ -3,16 +3,18 @@ import {
   type CryptoContext,
   SignJWT,
 } from "@pagopa/io-react-native-jwt";
-import uuid from "react-native-uuid";
+import { v4 as uuidv4 } from "uuid";
 import * as z from "zod";
 import * as WalletInstanceAttestation from "../wallet-instance-attestation";
 import { generateRandomAlphaNumericString, hasStatusOrThrow } from "./misc";
 import { createPopToken } from "./pop";
 import { IssuerResponseError } from "./errors";
+import { LogLevel, Logger } from "./logging";
 export type AuthorizationDetail = z.infer<typeof AuthorizationDetail>;
 export const AuthorizationDetail = z.object({
   credential_configuration_id: z.string(),
+  format: z.union([z.literal("vc+sd-jwt"), z.literal("vc+mdoc-cbor")]),
   type: z.literal("openid_credential"),
 });
@@ -37,7 +39,8 @@ export const makeParRequest =
     responseMode: string,
     parEndpoint: string,
     walletInstanceAttestation: string,
-    authorizationDetails: AuthorizationDetails
+    authorizationDetails: AuthorizationDetails,
+    assertionType: string
   ): Promise<string> => {
     const wiaPublicKey = await wiaCryptoContext.getPublicKey();
@@ -49,7 +52,7 @@ export const makeParRequest =
     const signedWiaPoP = await createPopToken(
       {
-        jti: `${uuid.v4()}`,
+        jti: `${uuidv4()}`,
         aud,
         iss,
       },
@@ -72,7 +75,7 @@ export const makeParRequest =
         kid: wiaPublicKey.kid,
       })
       .setPayload({
-        jti: `${uuid.v4()}`,
+        jti: `${uuidv4()}`,
         aud,
         response_type: "code",
         response_mode: responseMode,
@@ -83,6 +86,8 @@ export const makeParRequest =
         code_challenge_method: codeChallengeMethod,
         authorization_details: authorizationDetails,
         redirect_uri: redirectUri,
+        client_assertion_type: assertionType,
+        client_assertion: walletInstanceAttestation + "~" + signedWiaPoP,
       })
       .setIssuedAt() //iat is set to now
       .setExpirationTime("5min")
@@ -90,16 +95,24 @@ export const makeParRequest =
     /** The request body for the Pushed Authorization Request */
     var formBody = new URLSearchParams({
+      response_type: "code",
       client_id: clientId,
+      code_challenge: codeChallenge,
+      code_challenge_method: "S256",
       request: signedJwtForPar,
+      client_assertion_type: assertionType,
+      client_assertion: walletInstanceAttestation + "~" + signedWiaPoP,
     });
+    Logger.log(
+      LogLevel.DEBUG,
+      `Sending to PAR endpoint ${parEndpoint}: ${formBody}`
+    );
     return await appFetch(parEndpoint, {
       method: "POST",
       headers: {
         "Content-Type": "application/x-www-form-urlencoded",
-        "OAuth-Client-Attestation": walletInstanceAttestation,
-        "OAuth-Client-Attestation-PoP": signedWiaPoP,
       },
       body: formBody.toString(),
     })

package/src/utils/string.ts CHANGED Viewed

@@ -43,13 +43,3 @@ export const obfuscateString = (
   return chars.join("");
 };
-/**
- * Converts a base64 string to a Base64 URL-encoded string.
- *
- * @param byteString - The input string in base64 format.
- * @returns The Base64 URL-encoded string.
- */
-export const base64ToBase64Url = (base64: string): string => {
-  return base64.replace(/\+/g, "-").replace(/\//g, "_").replace(/[=]+$/, "");
-};

package/src/wallet-instance/index.ts CHANGED Viewed

@@ -6,6 +6,7 @@ import {
 } from "../utils/errors";
 import type { WalletInstanceData } from "../client/generated/wallet-provider";
 import type { IntegrityContext } from "..";
+import { LogLevel, Logger } from "../utils/logging";
 export async function createWalletInstance(context: {
   integrityContext: IntegrityContext;
@@ -13,15 +14,25 @@ export async function createWalletInstance(context: {
   appFetch?: GlobalFetch["fetch"];
 }) {
   const { integrityContext } = context;
   const api = getWalletProviderClient(context);
   //1. Obtain nonce
   const challenge = await api.get("/nonce").then((response) => response.nonce);
+  Logger.log(
+    LogLevel.DEBUG,
+    `Challenge obtained from ${context.walletProviderBaseUrl}: ${challenge}`
+  );
   const keyAttestation = await integrityContext.getAttestation(challenge);
   const hardwareKeyTag = integrityContext.getHardwareKeyTag();
+  Logger.log(
+    LogLevel.DEBUG,
+    `Key attestation: ${keyAttestation}\nAssociated hardware key tag: ${hardwareKeyTag}`
+  );
   //2. Create Wallet Instance
   await api
     .post("/wallet-instances", {
@@ -37,6 +48,11 @@ export async function createWalletInstance(context: {
 }
 const handleCreateWalletInstanceError = (e: unknown) => {
+  Logger.log(
+    LogLevel.ERROR,
+    `An error occurred while calling /wallet-instances endpoint: ${e}`
+  );
   if (!(e instanceof WalletProviderResponseError)) {
     throw e;
   }
@@ -87,3 +103,16 @@ export async function getWalletInstanceStatus(context: {
     path: { id: context.id },
   });
 }
+/**
+ * Get the status of the current Wallet Instance.
+ * @returns Details on the status of the current Wallet Instance
+ */
+export async function getCurrentWalletInstanceStatus(context: {
+  walletProviderBaseUrl: string;
+  appFetch?: GlobalFetch["fetch"];
+}): Promise<WalletInstanceData> {
+  const api = getWalletProviderClient(context);
+  return api.get("/wallet-instances/current/status");
+}

package/src/wallet-instance-attestation/README.md CHANGED Viewed

@@ -1,7 +1,11 @@
 # Wallet Instance Attestation
-This flow consists of a single step and is used to obtain a Wallet Instance Attestation. The wallet provider must implement its endpoints based on the OpenAPI specification provided in the [wallet-instance.yaml](../../openapi/wallet-provider.yaml) file.
-In order to require a status attestation the consumer application must provide:
+This flow consists of a single step and is used to obtain a Wallet Instance Attestation. The attestation is issued in multiple formats:
+- `jwt`
+- `dc+sd-jwt`
+- `mso_mdoc`
+The wallet provider must implement its endpoints based on the OpenAPI specification provided in the [wallet-instance.yaml](../../openapi/wallet-provider.yaml) file. In order to require a status attestation the consumer application must provide:
 - `wiaCryptoContext` object that is used to sign the attestation request. The key must be generated before creating the crypto context;
 - `integrityContext` object that is used to verify the integrity of the device where the app is running. The key tag must be the same used when creating the Wallet Instance;
@@ -29,10 +33,11 @@ const issuedAttestation = await WalletInstanceAttestation.getAttestation({
   walletProviderBaseUrl: WALLET_PROVIDER_BASE_URL,
   appFetch,
 });
+// [{ "format": "jwt", "wallet_attestation": "ey..." }, { "format": "dc+sd-jwt", "wallet_attestation": "ey..." }]
 return issuedAttestation;
 ```
-The returned `issuedAttestation` is supposed to be stored and used for any future operation that requires a Wallet Instance Attestation. The wallet attestation has a limited validity and must be regenerated when it expires.
+The returned `issuedAttestation` is supposed to be stored and used for any future operation that requires a Wallet Instance Attestation in one of the available formats. The wallet attestation has a limited validity and must be regenerated when it expires.
 ## Mapped results

package/src/wallet-instance-attestation/index.ts CHANGED Viewed

@@ -2,8 +2,8 @@ import { WalletInstanceAttestationJwt } from "./types";
 import { decode as decodeJwt } from "@pagopa/io-react-native-jwt";
 import { verify as verifyJwt } from "@pagopa/io-react-native-jwt";
-import { getAttestation } from "./issuing";
-export { getAttestation };
+export { getAttestation } from "./issuing";
 /**
  * Decode a given JWT to get the parsed Wallet Instance Attestation object they define.
  * It ensures provided data is in a valid shape.

package/src/wallet-instance-attestation/issuing.ts CHANGED Viewed

@@ -5,13 +5,14 @@ import {
 } from "@pagopa/io-react-native-jwt";
 import { fixBase64EncodingOnKey, JWK } from "../utils/jwk";
 import { getWalletProviderClient } from "../client";
-import type { IntegrityContext } from "..";
+import type { IntegrityContext } from "../utils/integrity";
+import { LogLevel, Logger } from "../utils/logging";
 import {
   ResponseErrorBuilder,
   WalletProviderResponseError,
   WalletProviderResponseErrorCodes,
 } from "../utils/errors";
-import { TokenResponse } from "./types";
+import { WalletAttestationResponse } from "./types";
 /**
  * Getter for an attestation request. The attestation request is a JWT that will be sent to the Wallet Provider to request a Wallet Instance Attestation.
@@ -47,8 +48,8 @@ export async function getAttestationRequest(
   return new SignJWT(wiaCryptoContext)
     .setPayload({
       iss: keyThumbprint,
-      sub: walletProviderBaseUrl,
-      challenge,
+      aud: walletProviderBaseUrl,
+      nonce: challenge,
       hardware_signature: signature,
       integrity_assertion: authenticatorData,
       hardware_key_tag: hardwareKeyTag,
@@ -58,7 +59,7 @@ export async function getAttestationRequest(
     })
     .setProtectedHeader({
       kid: publicKey.kid,
-      typ: "war+jwt",
+      typ: "wp-war+jwt",
     })
     .setIssuedAt()
     .setExpirationTime("1h")
@@ -67,6 +68,7 @@ export async function getAttestationRequest(
 /**
  * Request a Wallet Instance Attestation (WIA) to the Wallet provider
+ * @version 1.0.0
  *
  * @param params.wiaCryptoContext The key pair associated with the WIA. Will be use to prove the ownership of the attestation.
  * @param params.appFetch (optional) Http client
@@ -84,7 +86,7 @@ export const getAttestation = async ({
   integrityContext: IntegrityContext;
   walletProviderBaseUrl: string;
   appFetch?: GlobalFetch["fetch"];
-}): Promise<string> => {
+}): Promise<WalletAttestationResponse["wallet_attestations"]> => {
   const api = getWalletProviderClient({
     walletProviderBaseUrl,
     appFetch,
@@ -92,6 +94,10 @@ export const getAttestation = async ({
   // 1. Get nonce from backend
   const challenge = await api.get("/nonce").then((response) => response.nonce);
+  Logger.log(
+    LogLevel.DEBUG,
+    `Challenge obtained from ${walletProviderBaseUrl}: ${challenge} `
+  );
   // 2. Get a signed attestation request
   const signedAttestationRequest = await getAttestationRequest(
@@ -100,22 +106,37 @@ export const getAttestation = async ({
     integrityContext,
     walletProviderBaseUrl
   );
+  Logger.log(
+    LogLevel.DEBUG,
+    `Signed attestation request: ${signedAttestationRequest}`
+  );
-  // 3. Request WIA
-  const tokenResponse = await api
-    .post("/token", {
+  // 3. Request WIA in multiple formats
+  const response = await api
+    .post("/wallet-attestations", {
       body: {
-        grant_type: "urn:ietf:params:oauth:grant-type:jwt-bearer",
         assertion: signedAttestationRequest,
       },
     })
-    .then((result) => TokenResponse.parse(result))
+    .then(WalletAttestationResponse.parse)
     .catch(handleAttestationCreationError);
-  return tokenResponse.wallet_attestation;
+  for (const attestation of response.wallet_attestations) {
+    Logger.log(
+      LogLevel.DEBUG,
+      `Obtained wallet attestation in ${attestation.format} format: ${attestation.wallet_attestation}`
+    );
+  }
+  return response.wallet_attestations;
 };
 const handleAttestationCreationError = (e: unknown) => {
+  Logger.log(
+    LogLevel.ERROR,
+    `An error occurred while calling /wallet-attestation endpoint: ${e}`
+  );
   if (!(e instanceof WalletProviderResponseError)) {
     throw e;
   }

package/src/wallet-instance-attestation/types.ts CHANGED Viewed

@@ -33,15 +33,17 @@ export const WalletInstanceAttestationRequestJwt = z.object({
   header: z.intersection(
     Jwt.shape.header,
     z.object({
-      typ: z.literal("war+jwt"),
+      typ: z.literal("wp-war+jwt"),
     })
   ),
   payload: z.intersection(
     Jwt.shape.payload,
     z.object({
       aud: z.string(),
-      jti: z.string(),
       nonce: z.string(),
+      hardware_signature: z.string(),
+      integrity_assertion: z.string(),
+      hardware_key_tag: z.string(),
     })
   ),
 });
@@ -53,7 +55,8 @@ export const WalletInstanceAttestationJwt = z.object({
   header: z.intersection(
     Jwt.shape.header,
     z.object({
-      typ: z.literal("wallet-attestation+jwt"),
+      typ: z.literal("oauth-client-attestation+jwt"),
+      trust_chain: z.array(z.string()),
     })
   ),
   payload: z.intersection(
@@ -61,27 +64,20 @@ export const WalletInstanceAttestationJwt = z.object({
     z.object({
       sub: z.string(),
       aal: z.string(),
-      authorization_endpoint: z.string(),
-      response_types_supported: z.array(z.string()),
-      vp_formats_supported: z.object({
-        "vc+sd-jwt": z
-          .object({
-            "sd-jwt_alg_values": z.array(z.string()),
-          })
-          .optional(),
-        "vp+sd-jwt": z
-          .object({
-            "sd-jwt_alg_values": z.array(z.string()),
-          })
-          .optional(),
-      }),
-      request_object_signing_alg_values_supported: z.array(z.string()),
-      presentation_definition_uri_supported: z.boolean(),
+      wallet_link: z.string().optional(),
+      wallet_name: z.string().optional(),
     })
   ),
 });
-export type TokenResponse = z.infer<typeof TokenResponse>;
-export const TokenResponse = z.object({
-  wallet_attestation: z.string(),
+export type WalletAttestationResponse = z.infer<
+  typeof WalletAttestationResponse
+>;
+export const WalletAttestationResponse = z.object({
+  wallet_attestations: z.array(
+    z.object({
+      wallet_attestation: z.string(),
+      format: z.enum(["jwt", "dc+sd-jwt", "mso_mdoc"]),
+    })
+  ),
 });

package/lib/commonjs/credential/issuance/02-get-issuer-config.js DELETED Viewed

@@ -1,48 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", {
-  value: true
-});
-exports.getIssuerConfig = void 0;
-var _issuer = require("../../entity/openid-connect/issuer");
-/**
- * Common configuration for the issuer.
- * This is needed to have a common configuration for the issuer to be used in our flows.
- * It allows to support multiple issuers with different configurations, defining a common interface to interact with them.
- */
-/**
- * WARNING: This function must be called after {@link startFlow}. The next function to be called is {@link startUserAuthorization}.
- * Get the Issuer's configuration from the Issuer's metadata.
- * Currently it only supports a mixed configuration based on OpenID Connect partial implementation.
- * @param issuerUrl The base url of the Issuer returned by {@link startFlow}
- * @param context.appFetch (optional) fetch api implementation. Default: built-in fetch
- * @returns The Issuer's configuration
- */
-const getIssuerConfig = async function (issuerUrl) {
-  let context = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {};
-  const res = await (0, _issuer.getCredentialIssuerMetadata)(issuerUrl, {
-    appFetch: context.appFetch
-  });
-  return credentialIssuerRationalization(res);
-};
-/**
- * Rationalize the issuer's metadata to the issuer's configuration which is then used in our flows to interact with the issuer.
- * @param issuerMetadata - The issuer's metadata
- * @returns the isssuer configuration to be used later in our flows
- */
-exports.getIssuerConfig = getIssuerConfig;
-const credentialIssuerRationalization = issuerMetadata => {
-  return {
-    issuerConf: {
-      credential_configurations_supported: issuerMetadata.credential_configurations_supported,
-      pushed_authorization_request_endpoint: issuerMetadata.pushed_authorization_request_endpoint,
-      authorization_endpoint: issuerMetadata.authorization_endpoint,
-      token_endpoint: issuerMetadata.token_endpoint,
-      credential_endpoint: issuerMetadata.credential_endpoint,
-      keys: issuerMetadata.jwks.keys
-    }
-  };
-};
-//# sourceMappingURL=02-get-issuer-config.js.map

package/lib/commonjs/credential/issuance/02-get-issuer-config.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"names":["_issuer","require","getIssuerConfig","issuerUrl","context","arguments","length","undefined","res","getCredentialIssuerMetadata","appFetch","credentialIssuerRationalization","exports","issuerMetadata","issuerConf","credential_configurations_supported","pushed_authorization_request_endpoint","authorization_endpoint","token_endpoint","credential_endpoint","keys","jwks"],"sourceRoot":"../../../../src","sources":["credential/issuance/02-get-issuer-config.ts"],"mappings":";;;;;;AAGA,IAAAA,OAAA,GAAAC,OAAA;AAUA;AACA;AACA;AACA;AACA;;AAUA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMC,eAAgC,GAAG,eAAAA,CAC9CC,SAAS,EAEuB;EAAA,IADhCC,OAAO,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EAEZ,MAAMG,GAAG,GAAG,MAAM,IAAAC,mCAA2B,EAACN,SAAS,EAAE;IACvDO,QAAQ,EAAEN,OAAO,CAACM;EACpB,CAAC,CAAC;EAEF,OAAOC,+BAA+B,CAACH,GAAG,CAAC;AAC7C,CAAC;;AAED;AACA;AACA;AACA;AACA;AAJAI,OAAA,CAAAV,eAAA,GAAAA,eAAA;AAKA,MAAMS,+BAA+B,GACnCE,cAAuE,IAC9B;EACzC,OAAO;IACLC,UAAU,EAAE;MACVC,mCAAmC,EACjCF,cAAc,CAACE,mCAAmC;MACpDC,qCAAqC,EACnCH,cAAc,CAACG,qCAAqC;MACtDC,sBAAsB,EAAEJ,cAAc,CAACI,sBAAsB;MAC7DC,cAAc,EAAEL,cAAc,CAACK,cAAc;MAC7CC,mBAAmB,EAAEN,cAAc,CAACM,mBAAmB;MACvDC,IAAI,EAAEP,cAAc,CAACQ,IAAI,CAACD;IAC5B;EACF,CAAC;AACH,CAAC"}

package/lib/commonjs/entity/openid-connect/issuer/index.js DELETED Viewed

@@ -1,25 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", {
-  value: true
-});
-exports.getCredentialIssuerMetadata = getCredentialIssuerMetadata;
-var _misc = require("../../../utils/misc");
-var _types = require("./types");
-/**
- * Fetch the signed entity configuration token for an entity
- *
- * @param entityBaseUrl The url of the entity to fetch
- * @param param.appFetch (optional) fetch api implemention
- * @returns The signed Entity Configuration token
- */
-async function getCredentialIssuerMetadata(entityBaseUrl) {
-  let {
-    appFetch = fetch
-  } = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {};
-  const wellKnownUrl = `${entityBaseUrl}/.well-known/openid-credential-issuer`;
-  return await appFetch(wellKnownUrl, {
-    method: "GET"
-  }).then((0, _misc.hasStatusOrThrow)(200)).then(res => res.json()).then(_types.CredentialIssuerConfiguration.parse);
-}
-//# sourceMappingURL=index.js.map

package/lib/commonjs/entity/openid-connect/issuer/index.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"names":["_misc","require","_types","getCredentialIssuerMetadata","entityBaseUrl","appFetch","fetch","arguments","length","undefined","wellKnownUrl","method","then","hasStatusOrThrow","res","json","CredentialIssuerConfiguration","parse"],"sourceRoot":"../../../../../src","sources":["entity/openid-connect/issuer/index.ts"],"mappings":";;;;;;AAAA,IAAAA,KAAA,GAAAC,OAAA;AACA,IAAAC,MAAA,GAAAD,OAAA;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,eAAeE,2BAA2BA,CAC/CC,aAAqB,EAMmB;EAAA,IALxC;IACEC,QAAQ,GAAGC;EAGb,CAAC,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EAEN,MAAMG,YAAY,GAAI,GAAEN,aAAc,uCAAsC;EAE5E,OAAO,MAAMC,QAAQ,CAACK,YAAY,EAAE;IAClCC,MAAM,EAAE;EACV,CAAC,CAAC,CACCC,IAAI,CAAC,IAAAC,sBAAgB,EAAC,GAAG,CAAC,CAAC,CAC3BD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBH,IAAI,CAACI,oCAA6B,CAACC,KAAK,CAAC;AAC9C"}

package/lib/commonjs/entity/openid-connect/issuer/types.js DELETED Viewed

@@ -1,64 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", {
-  value: true
-});
-exports.CredentialSdJwtClaims = exports.CredentialIssuerKeys = exports.CredentialIssuerConfiguration = exports.CredentialFormat = exports.CredentialDisplay = exports.CredentialConfigurationSupported = exports.CredentialClaimDisplay = exports.CredentialClaim = void 0;
-var _jwk = require("../../../utils/jwk");
-var z = _interopRequireWildcard(require("zod"));
-function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
-function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
-// Display metadata for a credential, used by the issuer to
-// instruct the Wallet Solution on how to render the credential correctly
-const CredentialDisplay = z.object({
-  name: z.string(),
-  locale: z.string(),
-  logo: z.object({
-    url: z.string(),
-    alt_text: z.string()
-  }).optional(),
-  background_color: z.string().optional(),
-  text_color: z.string().optional()
-});
-exports.CredentialDisplay = CredentialDisplay;
-const CredentialClaimDisplay = z.object({
-  name: z.string(),
-  locale: z.string()
-});
-exports.CredentialClaimDisplay = CredentialClaimDisplay;
-const CredentialFormat = z.union([z.literal("vc+sd-jwt"), z.literal("mso_mdoc")]);
-exports.CredentialFormat = CredentialFormat;
-const CredentialClaim = z.object({
-  mandatory: z.boolean(),
-  display: z.array(CredentialClaimDisplay)
-});
-exports.CredentialClaim = CredentialClaim;
-const CredentialSdJwtClaims = z.record(CredentialClaim);
-exports.CredentialSdJwtClaims = CredentialSdJwtClaims;
-const CredentialConfigurationSupported = z.record(z.object({
-  cryptographic_suites_supported: z.array(z.string()),
-  vct: z.string().optional(),
-  scope: z.string().optional(),
-  cryptographic_binding_methods_supported: z.array(z.string()),
-  display: z.array(CredentialDisplay),
-  format: CredentialFormat,
-  claims: z.union([CredentialSdJwtClaims, z.record(z.string(), CredentialSdJwtClaims)]).optional()
-}));
-exports.CredentialConfigurationSupported = CredentialConfigurationSupported;
-const CredentialIssuerKeys = z.object({
-  keys: z.array(_jwk.JWK)
-});
-exports.CredentialIssuerKeys = CredentialIssuerKeys;
-const CredentialIssuerConfiguration = z.object({
-  credential_configurations_supported: CredentialConfigurationSupported,
-  pushed_authorization_request_endpoint: z.string(),
-  dpop_signing_alg_values_supported: z.array(z.string()),
-  jwks: CredentialIssuerKeys,
-  credential_issuer: z.string(),
-  authorization_endpoint: z.string(),
-  token_endpoint: z.string(),
-  credential_endpoint: z.string()
-});
-exports.CredentialIssuerConfiguration = CredentialIssuerConfiguration;
-//# sourceMappingURL=types.js.map

package/lib/commonjs/entity/openid-connect/issuer/types.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"names":["_jwk","require","z","_interopRequireWildcard","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","CredentialDisplay","object","name","string","locale","logo","url","alt_text","optional","background_color","text_color","exports","CredentialClaimDisplay","CredentialFormat","union","literal","CredentialClaim","mandatory","boolean","display","array","CredentialSdJwtClaims","record","CredentialConfigurationSupported","cryptographic_suites_supported","vct","scope","cryptographic_binding_methods_supported","format","claims","CredentialIssuerKeys","keys","JWK","CredentialIssuerConfiguration","credential_configurations_supported","pushed_authorization_request_endpoint","dpop_signing_alg_values_supported","jwks","credential_issuer","authorization_endpoint","token_endpoint","credential_endpoint"],"sourceRoot":"../../../../../src","sources":["entity/openid-connect/issuer/types.ts"],"mappings":";;;;;;AAAA,IAAAA,IAAA,GAAAC,OAAA;AACA,IAAAC,CAAA,GAAAC,uBAAA,CAAAF,OAAA;AAAyB,SAAAG,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAF,wBAAAM,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAEzB;AACA;;AAEO,MAAMW,iBAAiB,GAAGxB,CAAC,CAACyB,MAAM,CAAC;EACxCC,IAAI,EAAE1B,CAAC,CAAC2B,MAAM,CAAC,CAAC;EAChBC,MAAM,EAAE5B,CAAC,CAAC2B,MAAM,CAAC,CAAC;EAClBE,IAAI,EAAE7B,CAAC,CACJyB,MAAM,CAAC;IACNK,GAAG,EAAE9B,CAAC,CAAC2B,MAAM,CAAC,CAAC;IACfI,QAAQ,EAAE/B,CAAC,CAAC2B,MAAM,CAAC;EACrB,CAAC,CAAC,CACDK,QAAQ,CAAC,CAAC;EACbC,gBAAgB,EAAEjC,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;EACvCE,UAAU,EAAElC,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACK,QAAQ,CAAC;AAClC,CAAC,CAAC;AAACG,OAAA,CAAAX,iBAAA,GAAAA,iBAAA;AAEI,MAAMY,sBAAsB,GAAGpC,CAAC,CAACyB,MAAM,CAAC;EAC7CC,IAAI,EAAE1B,CAAC,CAAC2B,MAAM,CAAC,CAAC;EAChBC,MAAM,EAAE5B,CAAC,CAAC2B,MAAM,CAAC;AACnB,CAAC,CAAC;AAACQ,OAAA,CAAAC,sBAAA,GAAAA,sBAAA;AAEI,MAAMC,gBAAgB,GAAGrC,CAAC,CAACsC,KAAK,CAAC,CACtCtC,CAAC,CAACuC,OAAO,CAAC,WAAW,CAAC,EACtBvC,CAAC,CAACuC,OAAO,CAAC,UAAU,CAAC,CACtB,CAAC;AAACJ,OAAA,CAAAE,gBAAA,GAAAA,gBAAA;AAGI,MAAMG,eAAe,GAAGxC,CAAC,CAACyB,MAAM,CAAC;EACtCgB,SAAS,EAAEzC,CAAC,CAAC0C,OAAO,CAAC,CAAC;EACtBC,OAAO,EAAE3C,CAAC,CAAC4C,KAAK,CAACR,sBAAsB;AACzC,CAAC,CAAC;AAACD,OAAA,CAAAK,eAAA,GAAAA,eAAA;AAGI,MAAMK,qBAAqB,GAAG7C,CAAC,CAAC8C,MAAM,CAACN,eAAe,CAAC;AAACL,OAAA,CAAAU,qBAAA,GAAAA,qBAAA;AAKxD,MAAME,gCAAgC,GAAG/C,CAAC,CAAC8C,MAAM,CACtD9C,CAAC,CAACyB,MAAM,CAAC;EACPuB,8BAA8B,EAAEhD,CAAC,CAAC4C,KAAK,CAAC5C,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAAC;EACnDsB,GAAG,EAAEjD,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;EAC1BkB,KAAK,EAAElD,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;EAC5BmB,uCAAuC,EAAEnD,CAAC,CAAC4C,KAAK,CAAC5C,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAAC;EAC5DgB,OAAO,EAAE3C,CAAC,CAAC4C,KAAK,CAACpB,iBAAiB,CAAC;EACnC4B,MAAM,EAAEf,gBAAgB;EACxBgB,MAAM,EAAErD,CAAC,CACNsC,KAAK,CAAC,CACLO,qBAAqB,EACrB7C,CAAC,CAAC8C,MAAM,CAAC9C,CAAC,CAAC2B,MAAM,CAAC,CAAC,EAAEkB,qBAAqB,CAAC,CAC5C,CAAC,CACDb,QAAQ,CAAC;AACd,CAAC,CACH,CAAC;AAACG,OAAA,CAAAY,gCAAA,GAAAA,gCAAA;AAGK,MAAMO,oBAAoB,GAAGtD,CAAC,CAACyB,MAAM,CAAC;EAC3C8B,IAAI,EAAEvD,CAAC,CAAC4C,KAAK,CAACY,QAAG;AACnB,CAAC,CAAC;AAACrB,OAAA,CAAAmB,oBAAA,GAAAA,oBAAA;AAKI,MAAMG,6BAA6B,GAAGzD,CAAC,CAACyB,MAAM,CAAC;EACpDiC,mCAAmC,EAAEX,gCAAgC;EACrEY,qCAAqC,EAAE3D,CAAC,CAAC2B,MAAM,CAAC,CAAC;EACjDiC,iCAAiC,EAAE5D,CAAC,CAAC4C,KAAK,CAAC5C,CAAC,CAAC2B,MAAM,CAAC,CAAC,CAAC;EACtDkC,IAAI,EAAEP,oBAAoB;EAC1BQ,iBAAiB,EAAE9D,CAAC,CAAC2B,MAAM,CAAC,CAAC;EAC7BoC,sBAAsB,EAAE/D,CAAC,CAAC2B,MAAM,CAAC,CAAC;EAClCqC,cAAc,EAAEhE,CAAC,CAAC2B,MAAM,CAAC,CAAC;EAC1BsC,mBAAmB,EAAEjE,CAAC,CAAC2B,MAAM,CAAC;AAChC,CAAC,CAAC;AAACQ,OAAA,CAAAsB,6BAAA,GAAAA,6BAAA"}

package/lib/commonjs/entity/trust/chain.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"names":["_ioReactNativeJwt","require","_types","_errors","z","_interopRequireWildcard","_","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","verify","token","kid","jwks","jwk","find","k","Error","protectedHeader","header","payload","verifyJwt","decode","decodeJwt","FirstElementShape","EntityConfiguration","MiddleElementShape","EntityStatement","LastElementShape","union","TrustAnchorEntityConfiguration","validateTrustChain","trustAnchorEntity","chain","length","IoWalletError","selectTokenShape","elementIndex","selectKid","currentIndex","shape","parse","selectKeys","keys","nextIndex","nextToken","Promise","all","map","i","args","renewTrustChain","appFetch","arguments","undefined","fetch","e","safeParse","_ref","es","ec","success","getSignedEntityConfiguration","data","iss","getSignedEntityStatement","sub","reject"],"sourceRoot":"../../../../src","sources":["entity/trust/chain.ts"],"mappings":";;;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AAIA,IAAAC,MAAA,GAAAD,OAAA;AAMA,IAAAE,OAAA,GAAAF,OAAA;AACA,IAAAG,CAAA,GAAAC,uBAAA,CAAAJ,OAAA;AACA,IAAAK,CAAA,GAAAL,OAAA;AAA2E,SAAAM,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAH,wBAAAO,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAO3E;AACA;AACA,MAAMW,MAAM,GAAG,MAAAA,CACbC,KAAa,EACbC,GAAW,EACXC,IAAW,KACc;EACzB,MAAMC,GAAG,GAAGD,IAAI,CAACE,IAAI,CAAEC,CAAC,IAAKA,CAAC,CAACJ,GAAG,KAAKA,GAAG,CAAC;EAC3C,IAAI,CAACE,GAAG,EAAE;IACR,MAAM,IAAIG,KAAK,CAAE,gBAAeL,GAAI,YAAWD,KAAM,EAAC,CAAC;EACzD;EACA,MAAM;IAAEO,eAAe,EAAEC,MAAM;IAAEC;EAAQ,CAAC,GAAG,MAAM,IAAAC,wBAAS,EAACV,KAAK,EAAEG,GAAG,CAAC;EACxE,OAAO;IAAEK,MAAM;IAAEC;EAAQ,CAAC;AAC5B,CAAC;AAED,MAAME,MAAM,GAAIX,KAAa,IAAK;EAChC,MAAM;IAAEO,eAAe,EAAEC,MAAM;IAAEC;EAAQ,CAAC,GAAG,IAAAG,wBAAS,EAACZ,KAAK,CAAC;EAC7D,OAAO;IAAEQ,MAAM;IAAEC;EAAQ,CAAC;AAC5B,CAAC;;AAED;AACA,MAAMI,iBAAiB,GAAGC,0BAAmB;AAC7C;AACA,MAAMC,kBAAkB,GAAGC,sBAAe;AAC1C;AACA;AACA,MAAMC,gBAAgB,GAAG3C,CAAC,CAAC4C,KAAK,CAAC,CAC/BF,sBAAe,EACfG,qCAA8B,CAC/B,CAAC;;AAEF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,eAAeC,kBAAkBA,CACtCC,iBAAiD,EACjDC,KAAe,EACS;EACxB;EACA,IAAIA,KAAK,CAACC,MAAM,KAAK,CAAC,EAAE;IACtB,MAAM,IAAIC,qBAAa,CAAC,iCAAiC,CAAC;EAC5D;;EAEA;EACA,MAAMC,gBAAgB,GAAIC,YAAoB,IAC5CA,YAAY,KAAK,CAAC,GACdb,iBAAiB,GACjBa,YAAY,KAAKJ,KAAK,CAACC,MAAM,GAAG,CAAC,GAC/BN,gBAAgB,GAChBF,kBAAkB;;EAE1B;EACA,MAAMY,SAAS,GAAIC,YAAoB,IAAa;IAClD,MAAM5B,KAAK,GAAGsB,KAAK,CAACM,YAAY,CAAC;IACjC,IAAI,CAAC5B,KAAK,EAAE;MACV,MAAM,IAAIwB,qBAAa,CAAE,gCAA+B,CAAC;IAC3D;IACA,MAAMK,KAAK,GAAGJ,gBAAgB,CAACG,YAAY,CAAC;IAC5C,OAAOC,KAAK,CAACC,KAAK,CAACnB,MAAM,CAACX,KAAK,CAAC,CAAC,CAACQ,MAAM,CAACP,GAAG;EAC9C,CAAC;;EAED;EACA;EACA,MAAM8B,UAAU,GAAIH,YAAoB,IAAY;IAClD,IAAIA,YAAY,KAAKN,KAAK,CAACC,MAAM,GAAG,CAAC,EAAE;MACrC,OAAOF,iBAAiB,CAACZ,OAAO,CAACP,IAAI,CAAC8B,IAAI;IAC5C;IAEA,MAAMC,SAAS,GAAGL,YAAY,GAAG,CAAC;IAClC,MAAMM,SAAS,GAAGZ,KAAK,CAACW,SAAS,CAAC;IAClC,IAAI,CAACC,SAAS,EAAE;MACd,MAAM,IAAIV,qBAAa,CAAE,qCAAoC,CAAC;IAChE;IACA,MAAMK,KAAK,GAAGJ,gBAAgB,CAACQ,SAAS,CAAC;IACzC,OAAOJ,KAAK,CAACC,KAAK,CAACnB,MAAM,CAACuB,SAAS,CAAC,CAAC,CAACzB,OAAO,CAACP,IAAI,CAAC8B,IAAI;EACzD,CAAC;;EAED;EACA;EACA,OAAOG,OAAO,CAACC,GAAG,CAChBd,KAAK,CACFe,GAAG,CAAC,CAACrC,KAAK,EAAEsC,CAAC,KAAK,CAACtC,KAAK,EAAE2B,SAAS,CAACW,CAAC,CAAC,EAAEP,UAAU,CAACO,CAAC,CAAC,CAAU,CAAC,CAChED,GAAG,CAAEE,IAAI,IAAKxC,MAAM,CAAC,GAAGwC,IAAI,CAAC,CAClC,CAAC;AACH;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,SAASC,eAAeA,CAC7BlB,KAAe,EAEf;EAAA,IADAmB,QAA8B,GAAAC,SAAA,CAAAnB,MAAA,QAAAmB,SAAA,QAAAC,SAAA,GAAAD,SAAA,MAAGE,KAAK;EAEtC,OAAOT,OAAO,CAACC,GAAG,CAChBd;EACE;EAAA,CACCe,GAAG,CAAC1B,MAAM,CAAC,CACX0B,GAAG,CACDQ,CAAC,IACA,CACE7B,sBAAe,CAAC8B,SAAS,CAACD,CAAC,CAAC,EAC5B/B,0BAAmB,CAACgC,SAAS,CAACD,CAAC,CAAC,CAEtC;EACA;EAAA,CACCR,GAAG,CAAC,CAAAU,IAAA,EAAWT,CAAC;IAAA,IAAX,CAACU,EAAE,EAAEC,EAAE,CAAC,GAAAF,IAAA;IAAA,OACZE,EAAE,CAACC,OAAO,GACN,IAAAC,8BAA4B,EAACF,EAAE,CAACG,IAAI,CAAC3C,OAAO,CAAC4C,GAAG,EAAE;MAAEZ;IAAS,CAAC,CAAC,GAC/DO,EAAE,CAACE,OAAO,GACR,IAAAI,0BAAwB,EACtBN,EAAE,CAACI,IAAI,CAAC3C,OAAO,CAAC4C,GAAG,EACnBL,EAAE,CAACI,IAAI,CAAC3C,OAAO,CAAC8C,GAAG,EACnB;MACEd;IACF,CACF,CAAC;IACD;IACAN,OAAO,CAACqB,MAAM,CACZ,IAAIhC,qBAAa,CACd,iDAAgDc,CAAE,uBACrD,CACF,CAAC;EAAA,CACT,CACJ,CAAC;AACH"}