npm - @pagopa/io-react-native-wallet - Versions diffs - 1.7.0 → 2.0.0-next.0 - Mend

@pagopa/io-react-native-wallet 1.7.0 → 2.0.0-next.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (438) hide show

package/lib/commonjs/credential/presentation/README.md CHANGED Viewed

@@ -1,112 +1,107 @@
 # Credential Presentation
+This flow is used for remote presentation, allowing a user with a valid Wallet Instance to remotely present credentials to a Relying Party (Verifier). The presentation flow adheres to the [IT Wallet 0.9.x specification](https://italia.github.io/eid-wallet-it-docs/v0.9.3/en/relying-party-solution.html).
+The Relying Party provides the Wallet with a Request Object that contains the requested credentials and claims. The Wallet validates the Request Object and asks the user for consent. Then the Wallet creates an encrypted Authorization Response that contains the Verifiable Presentation with the requested data (`vp_token`) and sends it to the Relying Party.
 ## Sequence Diagram
 ```mermaid
 sequenceDiagram
-      autonumber
-      participant I as Individual using EUDI Wallet
-      participant O as Organisational Wallet (Verifier)
-      participant A as Organisational Wallet (Issuer)
-      O->>+I: QR-CODE: Authorisation request (`request_uri`)
-      I->>+O: GET: Request object, resolved from the `request_uri`
-      O->>+I: Respond with the Request object
-      I->>+O: GET: /.well-known/jar-issuer/jwk
-      O->>+I: Respond with the public key
-      I->>+O: POST: VP token response
-      O->>+A: GET: /.well-known/jwt-vc-issuer/jwk
-      A->>+O: Respond with the public key
-      O->>+I: Redirect: Authorisation response
+  autonumber
+  participant I as User (Wallet Instance)
+  participant O as Relying Party (Verifier)
+  O->>+I: QR-CODE: Authorization Request (`request_uri`)
+  I->>+O: GET: Verifier's Entity Configuration
+  O->>+I: Respond with metadata (including public keys)
+  I->>+O: GET: Request Object, resolved from `request_uri`
+  O->>+I: Respond with the Request Object
+  I->>+I: Validate Request Object and give consent
+  I->>+O: POST: Authorization Response with encrypted VP token
+  O->>+I: Respond with optional `redirect_uri`
 ```
 ## Mapped results
+| Error                       | Description|
+| --------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------ |
+| `InvalidRequestObject`      | The Request Object is not valid, for instance it is malformed or its signature cannot be verified.                                                     |
+| `DcqlError`                 | The DCQL query cannot be evaluated because it contains errors.                                                                                         |
+| `CredentialsNotFoundError`  | The presentation cannot be completed because the Wallet does not contain all requested credentials. The missing credentials can be found in `details`. |
+| `RelyingPartyResponseError` | Error in the Relying Party's response. See the next table for more details.                                                                            |
+#### RelyingPartyResponseError
+The following HTTP errors are mapped to a `RelyingPartyResponseError` with specific codes.
+| HTTP Status  | Error Code                              | Description                                                                                                  |
+| ------------ | --------------------------------------- | ------------------------------------------------------------------------------------------------------------ |
+| `400`, `403` | `ERR_RP_INVALID_AUTHORIZATION_RESPONSE` | The Relying Party rejected the Authorization Response sent by the Wallet because it was deemed invalid.      |
+| `*`          | `ERR_RP_GENERIC_ERROR`                  | This is a generic error code to map unexpected errors that occurred when interacting with the Relying Party. |
 ## Examples
 <details>
   <summary>Remote Presentation flow</summary>
+**Note:** To successfully complete a remote presentation, the Wallet Instance must be in a valid state with a valid Wallet Instance Attestation.
 ```ts
-// Scan e retrive qr-code, decode it and get its parameters
-const {requestUri, clientId} = ...
-// Retrieve the integrity key tag from the store and create its context
-const integrityKeyTag = "example"; // Let's assume this is the key tag used to create the wallet instance
-const integrityContext = getIntegrityContext(integrityKeyTag);
-// Let's assume the key esists befor starting the presentation process
-const wiaCryptoContext = createCryptoContextFor(WIA_KEYTAG);
-const { WALLET_PROVIDER_BASE_URL, WALLET_EAA_PROVIDER_BASE_URL, REDIRECT_URI } =
-  env; // Let's assume these are the environment variables
-/**
- * Obtains a new Wallet Instance Attestation.
- * WARNING: The integrity context must be the same used when creating the Wallet Instance with the same keytag.
- */
-const walletInstanceAttestation =
-  await WalletInstanceAttestation.getAttestation({
-    wiaCryptoContext,
-    integrityContext,
-    walletProviderBaseUrl: WALLET_PROVIDER_BASE_URL,
-    appFetch,
-  });
+// Retrieve and scan the qr-code, decode it and get its parameters
+const qrCodeParams = decodeQrCode(qrCode)
 // Start the issuance flow
-const { requestURI, clientId } = Credential.Presentation.startFlowFromQR(requestUri, clientId);
+const {
+  request_uri,
+  client_id,
+  request_uri_method,
+  state
+} = Credential.Presentation.startFlowFromQR(qrCodeParams);
-// If use trust federation: Evaluate issuer trust
-const { rpConf } = await Credential.Presentation.evaluateRelyingPartyTrust(clientId);
+// Get the Relying Party's Entity Configuration and evaluate trust
+const { rpConf } = await Credential.Presentation.evaluateRelyingPartyTrust(client_id);
+// Get the Request Object from the RP
 const { requestObjectEncodedJwt } =
-    await Credential.Presentation.getRequestObject(requestURI, {
-      appFetch: appFetch
-    });
-// Retrieve RP JWK
-// If use trust federation: Fetch Jwks from rpConf
-const jwks = await Credential.Presentation.fetchJwksFromConfig(rpConf);
+  await Credential.Presentation.getRequestObject(request_uri);
-// If not use trust: Fetch Jwks from request object
-const jwks = await Credential.Presentation.fetchJwksFromRequestObject(
+// Validate the Request Object
+const { requestObject } = await Credential.Presentation.verifyRequestObject(
   requestObjectEncodedJwt,
-  { context: { appFetch } }
+  { clientId: client_id, rpConf }
 );
-// Verify signature Request Object
-const { requestObject } =
-    await Credential.Presentation.verifyRequestObjectSignature(
-      requestObjectEncodedJwt,
-      jwks.keys
-    );
+// All the credentials that might be requested by the Relying Party
+const credentialsSdJwt = [
+  ["credential1_keytag", "eyJraWQiOiItRl82VWdhOG4zVmVnalkyVTdZVUhLMXpMb2FELU5QVGM2M1JNSVNuTGF3IiwidHlwIjoidmMrc2Qtand0IiwiYWxnIjoiRVMyNTYifQ.eyJfc2"],
+  ["credential2_keytag", "eyJ0eXAiOiJ2YytzZC1qd3QiLCJhbGciOiJFUzI1NiIsImtpZCI6Ii1GXzZVZ2E4bjNWZWdqWTJVN1lVSEsxekxvYUQtTlBUYzYzUk1JU25MYXcifQ.ew0KIC"]
+];
-const { presentationDefinition } = await Credential.Presentation.fetchPresentDefinition(
-  requestObject,
-  {
-    appFetch: appFetch,
-  },
-  rpConf // If trust federation is used
+const result = Credential.Presentation.evaluateDcqlQuery(
+  credentialsSdJwt,
+  requestObject.dcql_query as DcqlQuery
 );
-// For each credential, find it and evaluate input descriptor and disclosures
-  const { requiredDisclosures } = Credential.Presentation.evaluateInputDescriptionForSdJwt4VC(
-    inputDescriptor,
-    credential.payload,
-    disclosures
-  );
+const credentialsToPresent = result.map(
+  ({ requiredDisclosures, ...rest }) => ({
+    ...rest,
+    requestedClaims: requiredDisclosures.map(([, claimName]) => claimName),
+  })
+);
-// After confirm disclosures in app
-  const authResponse = Credential.Presentation.sendAuthorizationResponse(
-    requestObject,
-    presentationDefinition,
-    jwks,
-    [credential, disclosuresRequested, { appFetch: appFetch }]
+const remotePresentations =
+  await Credential.Presentation.prepareRemotePresentations(
+    credentialsToPresent,
+    requestObject.nonce,
+    requestObject.client_id
   );
+const authResponse = await Credential.Presentation.sendAuthorizationResponse(
+  requestObject,
+  remotePresentations,
+  rpConf
+);
 ```
-</details>
+</details>

package/lib/commonjs/credential/presentation/errors.js CHANGED Viewed

@@ -3,8 +3,16 @@
 Object.defineProperty(exports, "__esModule", {
   value: true
 });
-exports.UnverifiedEntityError = exports.NoSuitableKeysFoundInEntityConfiguration = exports.MissingDataError = exports.CredentialNotFoundError = exports.AuthRequestDecodeError = void 0;
+exports.CredentialsNotFoundError = exports.AuthRequestDecodeError = void 0;
+Object.defineProperty(exports, "DcqlError", {
+  enumerable: true,
+  get: function () {
+    return _dcql.DcqlError;
+  }
+});
+exports.NoSuitableKeysFoundInEntityConfiguration = exports.MissingDataError = exports.InvalidRequestObjectError = exports.InvalidQRCodeError = void 0;
 var _errors = require("../../utils/errors");
+var _dcql = require("dcql");
 /**
  * An error subclass thrown when auth request decode fail
  *
@@ -47,19 +55,34 @@ class NoSuitableKeysFoundInEntityConfiguration extends _errors.IoWalletError {
 }
 /**
- * When the entity is unverified because the Relying Party is not trusted.
+ * When a QR code is not valid.
  *
  */
 exports.NoSuitableKeysFoundInEntityConfiguration = NoSuitableKeysFoundInEntityConfiguration;
-class UnverifiedEntityError extends _errors.IoWalletError {
-  code = "ERR_UNVERIFIED_RP_ENTITY";
+class InvalidQRCodeError extends _errors.IoWalletError {
+  code = "ERR_INVALID_QR_CODE";
+  /** Detailed reason for the QR code validation failure. */
-  /**
-   * @param reason A description of why the entity cannot be verified.
-   */
   constructor(reason) {
-    const message = `Unverified entity: ${reason}.`;
+    super("Invalid QR code");
+    this.reason = reason;
+  }
+}
+/**
+ * When the Request Object sent by the Relying Party is not valid
+ */
+exports.InvalidQRCodeError = InvalidQRCodeError;
+class InvalidRequestObjectError extends _errors.IoWalletError {
+  code = "ERR_INVALID_REQUEST_OBJECT";
+  /** Detailed reason for the Request Object validation failure. */
+  constructor(message) {
+    let reason = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : "unspecified";
     super(message);
+    this.reason = reason;
   }
 }
@@ -67,7 +90,7 @@ class UnverifiedEntityError extends _errors.IoWalletError {
  * When some required data is missing to continue because certain attributes are not contained inside the wallet.
  *
  */
-exports.UnverifiedEntityError = UnverifiedEntityError;
+exports.InvalidRequestObjectError = InvalidRequestObjectError;
 class MissingDataError extends _errors.IoWalletError {
   code = "ERR_MISSING_DATA";
@@ -79,22 +102,20 @@ class MissingDataError extends _errors.IoWalletError {
     super(message);
   }
 }
+exports.MissingDataError = MissingDataError;
 /**
- * When a credential is not found in the wallet.
- *
+ * Error thrown when one or more credentials cannot be found in the wallet
+ * and the presentation request cannot be satisfied.
  */
-exports.MissingDataError = MissingDataError;
-class CredentialNotFoundError extends _errors.IoWalletError {
-  code = "ERR_CREDENTIAL_NOT_FOUND";
+class CredentialsNotFoundError extends _errors.IoWalletError {
+  code = "ERR_CREDENTIALS_NOT_FOUND";
   /**
-   * @param credentialId The ID of the credential that was not found.
+   * @param details The details of the credentials that could not be found.
    */
-  constructor(credentialId) {
-    const message = `Credential not found: ${credentialId}.`;
-    super(message);
+  constructor(details) {
+    super("One or more credentials cannot be found in the wallet");
+    this.details = details;
   }
 }
-exports.CredentialNotFoundError = CredentialNotFoundError;
+exports.CredentialsNotFoundError = CredentialsNotFoundError;
 //# sourceMappingURL=errors.js.map

package/lib/commonjs/credential/presentation/errors.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"names":["_errors","require","AuthRequestDecodeError","IoWalletError","code","constructor","message","claim","arguments","length","undefined","reason","serializeAttrs","exports","NoSuitableKeysFoundInEntityConfiguration","scenario","~~UnverifiedEntityError~~","MissingDataError","missingAttributes","~~CredentialNotFoundError~~","~~credentialId~~"],"sourceRoot":"../../../../src","sources":["credential/presentation/errors.ts"],"mappings":"~~;;;;;;~~AAAA,IAAAA,OAAA,GAAAC,OAAA;AAEA;AACA;AACA;AACA;AACO,~~MAAMC~~,sBAAsB,SAASC,qBAAa,CAAC;EACxDC,IAAI,GAAG,oDAAoD;;EAE3D;;EAGA;;EAGAC,WAAWA,CACTC,OAAe,EAGf;IAAA,IAFAC,KAAa,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAC7BG,MAAc,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAE9B,KAAK,CAAC,IAAAI,sBAAc,EAAC;MAAEN,OAAO;MAAEC,KAAK;MAAEI;IAAO,CAAC,CAAC,CAAC;IACjD,IAAI,CAACJ,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AAHAE,OAAA,CAAAX,sBAAA,GAAAA,sBAAA;AAIO,MAAMY,wCAAwC,SAASX,qBAAa,CAAC;EAC1EC,IAAI,GAAG,gCAAgC;;EAEvC;AACF;AACA;EACEC,WAAWA,CAACU,QAAgB,EAAE;IAC5B,MAAMT,OAAO,GAAI,0DAAyDS,QAAS,IAAG;IACtF,KAAK,CAACT,OAAO,CAAC;EAChB;AACF;;AAEA;AACA;AACA;AACA;AAHAO,OAAA,CAAAC,wCAAA,GAAAA,wCAAA;AAIO,MAAME,~~qBAAqB~~,SAASb,qBAAa,CAAC;~~EACvDC~~,IAAI,GAAG,~~0BAA0B~~;;~~EAEjC~~;AACF;AACA;~~EACEC~~,WAAWA,~~CAACM~~,~~MAAc~~,~~EAAE~~;~~IAC1B~~,~~MAAML~~,~~OAAO~~,~~GAAI~~,~~sBAAqBK~~,~~MAAO~~,~~GAAE~~;~~IAC/C~~,KAAK,~~CAACL~~,OAAO,CAAC;~~EAChB~~;AACF;;AAEA;AACA;AACA;AACA;~~AAHAO~~,OAAA,~~CAAAG~~,~~qBAAA~~,GAAAA,~~qBAAA~~;AAIO,MAAMC,gBAAgB,~~SAASd~~,qBAAa,CAAC;EAClDC,IAAI,GAAG,kBAAkB;;EAEzB;AACF;AACA;EACEC,WAAWA,~~CAACa~~,iBAAyB,EAAE;IACrC,~~MAAMZ~~,OAAO,GAAI,~~kCAAiCY~~,iBAAkB,GAAE;IACtE,KAAK,~~CAACZ~~,OAAO,CAAC;EAChB;AACF~~;;AAEA~~;~~AACA;AACA;AACA;AAHAO~~,OAAA,~~CAAAI~~,gBAAA,GAAAA,gBAAA;~~AAIO~~,MAAME,~~uBAAuB~~,~~SAAShB~~,qBAAa,CAAC;~~EACzDC~~,IAAI,GAAG,~~0BAA0B;;EAEjC~~;AACF;AACA;EACEC,WAAWA,~~CAACe~~,~~YAAoB~~,EAAE;~~IAChC~~,~~MAAMd~~,~~OAAO~~,~~GAAI~~,~~yBAAwBc~~,~~YAAa~~,~~GAAE;IACxD~~,~~KAAK~~,~~CAACd~~,OAAO~~,CAAC~~;~~EAChB~~;AACF;~~AAACO~~,OAAA,~~CAAAM~~,~~uBAAA~~,GAAAA,~~uBAAA~~"}
1	+ {"version":3,"names":["_errors","require","_dcql","AuthRequestDecodeError","IoWalletError","code","constructor","message","claim","arguments","length","undefined","reason","serializeAttrs","exports","NoSuitableKeysFoundInEntityConfiguration","scenario","InvalidQRCodeError","InvalidRequestObjectError","MissingDataError","missingAttributes","CredentialsNotFoundError","details"],"sourceRoot":"../../../../src","sources":["credential/presentation/errors.ts"],"mappings":";;;;;;;;;;;;;AAAA,IAAAA,OAAA,GAAAC,OAAA;AACA,IAAAC,KAAA,GAAAD,OAAA;AAEA;AACA;AACA;AACA;AACO,MAAME,sBAAsB,SAASC,qBAAa,CAAC;EACxDC,IAAI,GAAG,oDAAoD;;EAE3D;;EAGA;;EAGAC,WAAWA,CACTC,OAAe,EAGf;IAAA,IAFAC,KAAa,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAAA,IAC7BG,MAAc,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IAE9B,KAAK,CAAC,IAAAI,sBAAc,EAAC;MAAEN,OAAO;MAAEC,KAAK;MAAEI;IAAO,CAAC,CAAC,CAAC;IACjD,IAAI,CAACJ,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACI,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AAHAE,OAAA,CAAAX,sBAAA,GAAAA,sBAAA;AAIO,MAAMY,wCAAwC,SAASX,qBAAa,CAAC;EAC1EC,IAAI,GAAG,gCAAgC;;EAEvC;AACF;AACA;EACEC,WAAWA,CAACU,QAAgB,EAAE;IAC5B,MAAMT,OAAO,GAAI,0DAAyDS,QAAS,IAAG;IACtF,KAAK,CAACT,OAAO,CAAC;EAChB;AACF;;AAEA;AACA;AACA;AACA;AAHAO,OAAA,CAAAC,wCAAA,GAAAA,wCAAA;AAIO,MAAME,kBAAkB,SAASb,qBAAa,CAAC;EACpDC,IAAI,GAAG,qBAAqB;;EAE5B;;EAGAC,WAAWA,CAACM,MAAc,EAAE;IAC1B,KAAK,CAAC,iBAAiB,CAAC;IACxB,IAAI,CAACA,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AAFAE,OAAA,CAAAG,kBAAA,GAAAA,kBAAA;AAGO,MAAMC,yBAAyB,SAASd,qBAAa,CAAC;EAC3DC,IAAI,GAAG,4BAA4B;;EAEnC;;EAGAC,WAAWA,CAACC,OAAe,EAA0B;IAAA,IAAxBK,MAAM,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,aAAa;IACjD,KAAK,CAACF,OAAO,CAAC;IACd,IAAI,CAACK,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA;AAHAE,OAAA,CAAAI,yBAAA,GAAAA,yBAAA;AAIO,MAAMC,gBAAgB,SAASf,qBAAa,CAAC;EAClDC,IAAI,GAAG,kBAAkB;;EAEzB;AACF;AACA;EACEC,WAAWA,CAACc,iBAAyB,EAAE;IACrC,MAAMb,OAAO,GAAI,kCAAiCa,iBAAkB,GAAE;IACtE,KAAK,CAACb,OAAO,CAAC;EAChB;AACF;AAACO,OAAA,CAAAK,gBAAA,GAAAA,gBAAA;AAQD;AACA;AACA;AACA;AACO,MAAME,wBAAwB,SAASjB,qBAAa,CAAC;EAC1DC,IAAI,GAAG,2BAA2B;EAGlC;AACF;AACA;EACEC,WAAWA,CAACgB,OAAyB,EAAE;IACrC,KAAK,CAAC,uDAAuD,CAAC;IAC9D,IAAI,CAACA,OAAO,GAAGA,OAAO;EACxB;AACF;AAACR,OAAA,CAAAO,wBAAA,GAAAA,wBAAA"}

package/lib/commonjs/credential/presentation/index.js CHANGED Viewed

@@ -22,34 +22,34 @@ Object.defineProperty(exports, "evaluateRelyingPartyTrust", {
     return _evaluateRpTrust.evaluateRelyingPartyTrust;
   }
 });
-Object.defineProperty(exports, "fetchJwksFromConfig", {
+Object.defineProperty(exports, "fetchPresentDefinition", {
   enumerable: true,
   get: function () {
-    return _retrieveRpJwks.fetchJwksFromConfig;
+    return _fetchPresentationDefinition.fetchPresentDefinition;
   }
 });
-Object.defineProperty(exports, "fetchJwksFromRequestObject", {
+Object.defineProperty(exports, "getJwksFromConfig", {
   enumerable: true,
   get: function () {
-    return _retrieveRpJwks.fetchJwksFromRequestObject;
+    return _retrieveRpJwks.getJwksFromConfig;
   }
 });
-Object.defineProperty(exports, "fetchPresentDefinition", {
+Object.defineProperty(exports, "getRequestObject", {
   enumerable: true,
   get: function () {
-    return _fetchPresentationDefinition.fetchPresentDefinition;
+    return _getRequestObject.getRequestObject;
   }
 });
-Object.defineProperty(exports, "getRequestObject", {
+Object.defineProperty(exports, "prepareLegacyRemotePresentations", {
   enumerable: true,
   get: function () {
-    return _getRequestObject.getRequestObject;
+    return _evaluateInputDescriptor.prepareLegacyRemotePresentations;
   }
 });
 Object.defineProperty(exports, "prepareRemotePresentations", {
   enumerable: true,
   get: function () {
-    return _sendAuthorizationResponse.prepareRemotePresentations;
+    return _evaluateDcqlQuery.prepareRemotePresentations;
   }
 });
 Object.defineProperty(exports, "sendAuthorizationErrorResponse", {
@@ -64,10 +64,10 @@ Object.defineProperty(exports, "sendAuthorizationResponse", {
     return _sendAuthorizationResponse.sendAuthorizationResponse;
   }
 });
-Object.defineProperty(exports, "sendAuthorizationResponseDcql", {
+Object.defineProperty(exports, "sendLegacyAuthorizationResponse", {
   enumerable: true,
   get: function () {
-    return _sendAuthorizationResponse.sendAuthorizationResponseDcql;
+    return _sendAuthorizationResponse.sendLegacyAuthorizationResponse;
   }
 });
 Object.defineProperty(exports, "startFlowFromQR", {
@@ -76,10 +76,10 @@ Object.defineProperty(exports, "startFlowFromQR", {
     return _startFlow.startFlowFromQR;
   }
 });
-Object.defineProperty(exports, "verifyRequestObjectSignature", {
+Object.defineProperty(exports, "verifyRequestObject", {
   enumerable: true,
   get: function () {
-    return _verifyRequestObject.verifyRequestObjectSignature;
+    return _verifyRequestObject.verifyRequestObject;
   }
 });
 var _startFlow = require("./01-start-flow");

package/lib/commonjs/credential/presentation/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"names":["_startFlow","require","_evaluateRpTrust","_getRequestObject","_retrieveRpJwks","_verifyRequestObject","_fetchPresentationDefinition","_evaluateInputDescriptor","_evaluateDcqlQuery","_sendAuthorizationResponse","Errors","_interopRequireWildcard","exports","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set"],"sourceRoot":"../../../../src","sources":["credential/presentation/index.ts"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,IAAAA,UAAA,GAAAC,OAAA;AACA,IAAAC,gBAAA,GAAAD,OAAA;AAIA,IAAAE,iBAAA,GAAAF,OAAA;AAIA,IAAAG,eAAA,GAAAH,OAAA;~~AAKA~~,IAAAI,oBAAA,GAAAJ,OAAA;AAIA,IAAAK,4BAAA,GAAAL,OAAA;AAIA,IAAAM,wBAAA,GAAAN,OAAA;~~AAIA~~,IAAAO,kBAAA,GAAAP,OAAA;~~AAIA~~,IAAAQ,0BAAA,GAAAR,OAAA;~~AASA~~,IAAAS,MAAA,GAAAC,uBAAA,CAAAV,OAAA;AAAmCW,OAAA,CAAAF,MAAA,GAAAA,MAAA;AAAA,SAAAG,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAH,wBAAAO,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA"}
1	+ {"version":3,"names":["_startFlow","require","_evaluateRpTrust","_getRequestObject","_retrieveRpJwks","_verifyRequestObject","_fetchPresentationDefinition","_evaluateInputDescriptor","_evaluateDcqlQuery","_sendAuthorizationResponse","Errors","_interopRequireWildcard","exports","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set"],"sourceRoot":"../../../../src","sources":["credential/presentation/index.ts"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,IAAAA,UAAA,GAAAC,OAAA;AACA,IAAAC,gBAAA,GAAAD,OAAA;AAIA,IAAAE,iBAAA,GAAAF,OAAA;AAIA,IAAAG,eAAA,GAAAH,OAAA;AACA,IAAAI,oBAAA,GAAAJ,OAAA;AAIA,IAAAK,4BAAA,GAAAL,OAAA;AAIA,IAAAM,wBAAA,GAAAN,OAAA;AAMA,IAAAO,kBAAA,GAAAP,OAAA;AAMA,IAAAQ,0BAAA,GAAAR,OAAA;AAQA,IAAAS,MAAA,GAAAC,uBAAA,CAAAV,OAAA;AAAmCW,OAAA,CAAAF,MAAA,GAAAA,MAAA;AAAA,SAAAG,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAH,wBAAAO,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA"}

package/lib/commonjs/credential/presentation/types.js CHANGED Viewed

@@ -3,10 +3,9 @@
 Object.defineProperty(exports, "__esModule", {
   value: true
 });
-exports.RequestObject = exports.PresentationDefinition = exports.InputDescriptor = exports.ErrorResponse = exports.DirectAuthorizationBodyPayload = void 0;
+exports.WalletMetadata = exports.RequestObjectWalletCapabilities = exports.RequestObject = exports.PresentationDefinition = exports.InputDescriptor = exports.ErrorResponse = exports.DirectAuthorizationBodyPayload = void 0;
 var _types = require("../../sd-jwt/types");
 var z = _interopRequireWildcard(require("zod"));
-var _jwk = require("../../utils/jwk");
 function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
 function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
 /**
@@ -15,6 +14,13 @@ function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj &&
 /**
  * A object that associate the information needed to multiple remote presentation
+ * Used with `presentation_definition`
+ * @deprecated Use `RemotePresentation`
+ */
+/**
+ * A object that associate the information needed to multiple remote presentation
+ * Used with DCQL queries
  */
 const Fields = z.object({
@@ -82,52 +88,70 @@ const PresentationDefinition = z.object({
 });
 exports.PresentationDefinition = PresentationDefinition;
 const RequestObject = z.object({
-  iss: z.string().optional(),
-  //optional by RFC 7519, mandatory for Potential
-  iat: _types.UnixTime.optional(),
-  exp: _types.UnixTime.optional(),
+  iss: z.string(),
+  iat: _types.UnixTime,
+  exp: _types.UnixTime,
   state: z.string().optional(),
   nonce: z.string(),
   response_uri: z.string(),
+  response_uri_method: z.string().optional(),
   response_type: z.literal("vp_token"),
-  response_mode: z.enum(["direct_post.jwt", "direct_post"]),
+  response_mode: z.literal("direct_post.jwt"),
   client_id: z.string(),
-  client_id_scheme: z.string().optional(),
-  // previous z.literal("entity_id"),
-  client_metadata: z.object({
-    authorization_encrypted_response_alg: z.string().optional(),
-    authorization_encrypted_response_enc: z.string().optional(),
-    jwks_uri: z.string().optional(),
-    jwks: _jwk.JWKS.optional()
-  }).optional(),
-  // previous z.literal("entity_id"),
   dcql_query: z.record(z.string(), z.any()).optional(),
   // Validation happens within the `dcql` library, no need to duplicate it here
   scope: z.string().optional(),
   presentation_definition: PresentationDefinition.optional()
 });
+exports.RequestObject = RequestObject;
+const WalletMetadata = z.object({
+  presentation_definition_uri_supported: z.boolean().optional(),
+  client_id_schemes_supported: z.array(z.string()).optional(),
+  request_object_signing_alg_values_supported: z.array(z.string()).optional(),
+  vp_formats_supported: z.record(z.string(),
+  // TODO [SIW-2110]: use explicit credential format?
+  z.object({
+    "sd-jwt_alg_values": z.array(z.string()).optional() // alg_values_supported?
+  }))
+  // TODO [SIW-2110]: include other metadata?
+});
+/**
+ * Wallet capabilities that must be submitted to get the Request Object
+ * via POST request when the `request_uri_method` is `post`.
+ */
+exports.WalletMetadata = WalletMetadata;
+const RequestObjectWalletCapabilities = z.object({
+  wallet_metadata: WalletMetadata,
+  wallet_nonce: z.string().optional()
+});
 /**
  * This type models the possible error responses the OpenID4VP protocol allows for a presentation of a credential.
- * See https://openid.github.io/OpenID4VP/openid-4-verifiable-presentations-wg-draft.html#name-error-response for more information.
+ * When the Wallet encounters one of these errors, it will notify the Relying Party through the `response_uri` endpoint.
+ * See https://italia.github.io/eid-wallet-it-docs/versione-corrente/en/pid-eaa-presentation.html#authorization-response-errors for more information.
  */
-exports.RequestObject = RequestObject;
-const ErrorResponse = z.enum(["invalid_scope", "invalid_request", "invalid_client", "access_denied"]);
+exports.RequestObjectWalletCapabilities = RequestObjectWalletCapabilities;
+const ErrorResponse = z.enum(["invalid_request_object", "invalid_request_uri", "vp_formats_not_supported", "invalid_request", "access_denied", "invalid_client"]);
 /**
- * Type that defines the possible payload formats accepted by {@link buildDirectPostJwtBody} and {@link buildDirectPostBody}
+ * @deprecated Use `DirectAuthorizationBodyPayload`
  */
 exports.ErrorResponse = ErrorResponse;
+const LegacyDirectAuthorizationBodyPayload = z.object({
+  vp_token: z.union([z.string(), z.array(z.string())]).optional(),
+  presentation_submission: z.record(z.string(), z.unknown())
+});
+/**
+ * Authorization Response payload sent to the Relying Party.
+ */
 const DirectAuthorizationBodyPayload = z.union([z.object({
-  vp_token: z.union([z.string(),
-  // Presentation Definition with one credential
-  z.array(z.string()),
-  // Presentation Definition with more credential
-  z.record(z.string(), z.string()) // DCQL query
-  ]).optional(),
-  presentation_submission: z.record(z.string(), z.unknown()).optional()
+  vp_token: z.record(z.string(), z.string())
 }), z.object({
-  error: ErrorResponse
-})]);
+  error: ErrorResponse,
+  error_description: z.string()
+}), LegacyDirectAuthorizationBodyPayload]);
 exports.DirectAuthorizationBodyPayload = DirectAuthorizationBodyPayload;
 //# sourceMappingURL=types.js.map

package/lib/commonjs/credential/presentation/types.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"names":["_types","require","z","_interopRequireWildcard","~~_jwk","~~_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","Fields","object","path","array","string","min","id","optional","purpose","name","filter","any","boolean","intent_to_retain","Constraints","fields","limit_disclosure","enum","InputDescriptor","format","record","constraints","group","exports","SubmissionRequirement","rule","from","from_nested","count","number","PresentationDefinition","input_descriptors","submission_requirements","RequestObject","iss","iat","UnixTime","exp","state","nonce","response_uri","response_type","literal","response_mode","client_id","~~client_id_scheme~~","~~client_metadata~~","~~authorization_encrypted_response_alg~~","~~authorization_encrypted_response_enc~~","~~jwks_uri~~","~~jwks~~","~~JWKS~~","~~dcql_query~~","~~scope~~","~~presentation_definition~~","~~ErrorResponse~~","~~DirectAuthorizationBodyPayload~~","~~union~~","vp_token","presentation_submission","unknown","error"],"sourceRoot":"../../../../src","sources":["credential/presentation/types.ts"],"mappings":";;;;;;AACA,IAAAA,MAAA,GAAAC,OAAA;AACA,IAAAC,CAAA,GAAAC,uBAAA,CAAAF,OAAA;~~AACA~~,~~IAAAG~~,~~IAAA,GAAAH,OAAA;AAAuC,SAAAI,~~yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,~~SAAAH~~,~~wBAAAO~~,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;~~AAiBvC~~;AACA;AACA;;AAOA;AACA;AACA;;~~AAyBA~~,MAAMW,MAAM,~~GAAGzB~~,CAAC,~~CAAC0B~~,MAAM,CAAC;EACtBC,IAAI,~~EAAE3B~~,CAAC,~~CAAC4B~~,KAAK,~~CAAC5B~~,CAAC,~~CAAC6B~~,MAAM,CAAC,CAAC,CAACC,GAAG,CAAC,CAAC,CAAC,CAAC;EAAE;EAClCC,EAAE,~~EAAE/B~~,CAAC,~~CAAC6B~~,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAAE;EAC3BC,OAAO,~~EAAEjC~~,CAAC,~~CAAC6B~~,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAAE;EAChCE,IAAI,~~EAAElC~~,CAAC,~~CAAC6B~~,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAAE;EAC7BG,MAAM,~~EAAEnC~~,CAAC,~~CAACoC~~,GAAG,CAAC,CAAC,CAACJ,QAAQ,CAAC,CAAC;EAAE;EAC5BA,QAAQ,~~EAAEhC~~,CAAC,~~CAACqC~~,OAAO,CAAC,CAAC,CAACL,QAAQ,CAAC,CAAC;EAAE;EAClCM,gBAAgB,~~EAAEtC~~,CAAC,~~CAACqC~~,OAAO,CAAC,CAAC,CAACL,QAAQ,CAAC,CAAC,CAAE;AAC5C,CAAC,CAAC;;AAEF;AACA,MAAMO,WAAW,~~GAAGvC~~,CAAC,~~CAAC0B~~,MAAM,CAAC;EAC3Bc,MAAM,~~EAAExC~~,CAAC,~~CAAC4B~~,KAAK,CAACH,MAAM,CAAC,CAACO,QAAQ,CAAC,CAAC;EAAE;EACpCS,gBAAgB,~~EAAEzC~~,CAAC,~~CAAC0C~~,IAAI,CAAC,CAAC,UAAU,EAAE,WAAW,CAAC,CAAC,CAACV,QAAQ,CAAC,CAAC,CAAE;AAClE,CAAC,CAAC;;AAEF;;AAEO,MAAMW,eAAe,~~GAAG3C~~,CAAC,~~CAAC0B~~,MAAM,CAAC;EACtCK,EAAE,~~EAAE/B~~,CAAC,~~CAAC6B~~,MAAM,CAAC,CAAC,CAACC,GAAG,CAAC,CAAC,CAAC;EAAE;EACvBI,IAAI,~~EAAElC~~,CAAC,~~CAAC6B~~,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAAE;EAC7BC,OAAO,~~EAAEjC~~,CAAC,~~CAAC6B~~,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAAE;EAChCY,MAAM,~~EAAE5C~~,CAAC,~~CAAC6C~~,MAAM,~~CAAC7C~~,CAAC,~~CAAC6B~~,MAAM,CAAC,CAAC,~~EAAE7B~~,CAAC,~~CAACoC~~,GAAG,CAAC,CAAC,CAAC,CAACJ,QAAQ,CAAC,CAAC;EAAE;EAClDc,WAAW,EAAEP,WAAW;EAAE;EAC1BQ,KAAK,~~EAAE/C~~,CAAC,~~CAAC6B~~,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC,CAAE;AAChC,CAAC,CAAC;AAACgB,OAAA,CAAAL,eAAA,GAAAA,eAAA;AAEH,MAAMM,qBAAqB,~~GAAGjD~~,CAAC,~~CAAC0B~~,MAAM,CAAC;EACrCQ,IAAI,~~EAAElC~~,CAAC,~~CAAC6B~~,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAC3BC,OAAO,~~EAAEjC~~,CAAC,~~CAAC6B~~,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAC9BkB,IAAI,~~EAAElD~~,CAAC,~~CAAC6B~~,MAAM,CAAC,CAAC;EAAE;EAClBsB,IAAI,~~EAAEnD~~,CAAC,~~CAAC6B~~,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAAE;EAC7BoB,WAAW,~~EAAEpD~~,CAAC,~~CACX4B~~,KAAK,~~CACJ5B~~,CAAC,~~CAAC0B~~,MAAM,CAAC;IACPQ,IAAI,~~EAAElC~~,CAAC,~~CAAC6B~~,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;IAC3BC,OAAO,~~EAAEjC~~,CAAC,~~CAAC6B~~,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;IAC9BkB,IAAI,~~EAAElD~~,CAAC,~~CAAC6B~~,MAAM,CAAC,CAAC;IAChBsB,IAAI,~~EAAEnD~~,CAAC,~~CAAC6B~~,MAAM,CAAC;EACjB,CAAC,CACH,CAAC,CACAG,QAAQ,CAAC,CAAC;EACbqB,KAAK,~~EAAErD~~,CAAC,~~CAACsD~~,MAAM,CAAC,CAAC,CAACtB,QAAQ,CAAC;EAC3B;AACF,CAAC,CAAC;;AAGK,MAAMuB,sBAAsB,~~GAAGvD~~,CAAC,~~CAAC0B~~,MAAM,CAAC;EAC7CK,EAAE,~~EAAE/B~~,CAAC,~~CAAC6B~~,MAAM,CAAC,CAAC;EACdK,IAAI,~~EAAElC~~,CAAC,~~CAAC6B~~,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAC3BC,OAAO,~~EAAEjC~~,CAAC,~~CAAC6B~~,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAC9BwB,iBAAiB,~~EAAExD~~,CAAC,~~CAAC4B~~,KAAK,CAACe,eAAe,CAAC;EAC3Cc,uBAAuB,~~EAAEzD~~,CAAC,~~CAAC4B~~,KAAK,CAACqB,qBAAqB,CAAC,CAACjB,QAAQ,CAAC;AACnE,CAAC,CAAC;AAACgB,OAAA,CAAAO,sBAAA,GAAAA,sBAAA;AAGI,MAAMG,aAAa,~~GAAG1D~~,CAAC,~~CAAC0B~~,MAAM,CAAC;EACpCiC,GAAG,~~EAAE3D~~,CAAC,~~CAAC6B~~,MAAM,CAAC,CAAC,~~CAACG~~,~~QAAQ~~,~~CAAC,CAAC~~;~~EAAE;EAC5B4B~~,GAAG,~~EAAEC~~,eAAQ,~~CAAC7B~~,~~QAAQ~~,CAAC,~~CAAC;EACxB8B~~,~~GAAG~~,~~EAAED~~,~~eAAQ~~,~~CAAC7B~~,QAAQ,CAAC,CAAC;~~EACxB+B~~,KAAK,EAAE/D,CAAC,~~CAAC6B~~,MAAM,CAAC,CAAC~~,CAACG,QAAQ,CAAC,CAAC~~;~~EAC5BgC~~,~~KAAK~~,EAAEhE,CAAC,~~CAAC6B~~,MAAM,CAAC,CAAC;~~EACjBoC~~,~~YAAY~~,EAAEjE,CAAC,~~CAAC6B~~,MAAM,CAAC,CAAC;~~EACxBqC~~,aAAa,EAAElE,CAAC,CAACmE,OAAO,CAAC,UAAU,CAAC;EACpCC,aAAa,EAAEpE,CAAC,~~CAAC0C~~,~~IAAI~~,CAAC,~~CAAC,~~iBAAiB,~~EAAE,aAAa,~~CAAC~~,CAAC~~;~~EACzD2B~~,SAAS,EAAErE,CAAC,~~CAAC6B~~,MAAM,CAAC,CAAC;~~EACrByC~~,~~gBAAgB~~,EAAEtE,CAAC,~~CAAC6B~~,MAAM,CAAC,CAAC,~~CAACG~~,QAAQ,CAAC,CAAC;EAAE;~~EACzCuC~~,~~eAAe~~,EAAEvE,CAAC,~~CACf0B~~,MAAM,CAAC~~;IACN8C~~,~~oCAAoC,EAAExE,~~CAAC,~~CAAC6B~~,~~MAAM~~,CAAC,CAAC,~~CAACG~~,QAAQ,CAAC,CAAC;~~IAC3DyC~~,~~oCAAoC~~,~~EAAEzE~~,CAAC,~~CAAC6B~~,MAAM,CAAC,CAAC,~~CAACG~~,QAAQ,CAAC,CAAC;~~IAC3D0C~~,~~QAAQ~~,~~EAAE1E~~,CAAC,~~CAAC6B~~,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;~~IAC/B2C~~,~~IAAI~~,~~EAAEC~~,~~SAAI~~,~~CAAC5C~~,~~QAAQ~~,CAAC~~;EACtB~~,CAAC,CAAC,~~CACDA~~,QAAQ,CAAC,CAAC;~~EAAE;EACf6C~~,~~UAAU~~,EAAE7E,CAAC,~~CAAC6C~~,MAAM,~~CAAC7C~~,CAAC,~~CAAC6B~~,MAAM,CAAC,CAAC,~~EAAE7B~~,CAAC,~~CAACoC~~,~~GAAG~~,CAAC,CAAC,CAAC,~~CAACJ~~,QAAQ,CAAC,CAAC;~~EAAE~~;~~EACtD8C~~,~~KAAK~~,~~EAAE9E~~,CAAC,~~CAAC6B~~,MAAM,CAAC,~~CAAC~~,~~CAACG~~,~~QAAQ~~,~~CAAC~~,CAAC~~;EAC5B+C~~,~~uBAAuB~~,~~EAAExB~~,~~sBAAsB~~,~~CAACvB~~,QAAQ,CAAC;~~AAC3D~~,CAAC,CAAC;;AAEF;AACA;AACA;AACA;~~AAHAgB~~,OAAA,~~CAAAU~~,~~aAAA,~~GAAAA~~,aAAA~~;~~AAKO~~,~~MAAMsB~~,aAAa,~~GAAGhF~~,CAAC,~~CAAC0C~~,IAAI,CAAC,CAClC,~~eAAe~~,~~EACf~~,iBAAiB,EACjB,~~gBAAgB~~,~~EAChB~~,~~eAAe~~,~~CAChB~~,CAAC;;AAEF;AACA;AACA;AAFAM,OAAA,~~CAAAgC~~,aAAA,GAAAA,aAAA;~~AAMO~~,MAAMC,~~8BAA8B~~,~~GAAGjF~~,CAAC,~~CAACkF~~,~~KAAK,CAAC,CACpDlF,CAAC,CAAC0B,~~MAAM,CAAC;~~EACPyD~~,QAAQ,EAAEnF,CAAC,~~CACRkF~~,KAAK,CAAC,~~CACLlF~~,CAAC,~~CAAC6B~~,MAAM,CAAC,CAAC~~;EAAE;EACZ7B~~,CAAC,~~CAAC4B~~,KAAK,~~CAAC5B~~,CAAC,~~CAAC6B~~,MAAM,CAAC,CAAC,CAAC;~~EAAE;EACrB7B~~,CAAC,~~CAAC6C~~,MAAM,~~CAAC7C~~,CAAC,~~CAAC6B~~,MAAM,CAAC,CAAC,~~EAAE7B~~,CAAC,~~CAAC6B~~,~~MAAM~~,CAAC,CAAC,CAAC,~~CAAE~~;~~EAAA~~,~~CACnC~~,CAAC,~~CACDG~~,~~QAAQ~~,CAAC,CAAC;~~EACboD~~,~~uBAAuB~~,~~EAAEpF~~,CAAC,~~CAAC6C~~,MAAM,~~CAAC7C~~,CAAC,~~CAAC6B~~,MAAM,CAAC,CAAC,~~EAAE7B~~,CAAC,~~CAACqF~~,~~OAAO~~,CAAC,CAAC~~,CAAC,CAACrD,QAAQ,CAAC~~;~~AACtE~~,CAAC,CAAC,~~EACFhC~~,CAAC,~~CAAC0B~~,MAAM,CAAC;~~EAAE4D~~,KAAK,~~EAAEN~~;~~AAAc~~,CAAC,CAAC,~~CACnC~~,CAAC;~~AAAChC~~,OAAA,~~CAAAiC~~,8BAAA,GAAAA,8BAAA"}
1	+ {"version":3,"names":["_types","require","z","_interopRequireWildcard","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","Fields","object","path","array","string","min","id","optional","purpose","name","filter","any","boolean","intent_to_retain","Constraints","fields","limit_disclosure","enum","InputDescriptor","format","record","constraints","group","exports","SubmissionRequirement","rule","from","from_nested","count","number","PresentationDefinition","input_descriptors","submission_requirements","RequestObject","iss","iat","UnixTime","exp","state","nonce","response_uri","response_uri_method","response_type","literal","response_mode","client_id","dcql_query","scope","presentation_definition","WalletMetadata","presentation_definition_uri_supported","client_id_schemes_supported","request_object_signing_alg_values_supported","vp_formats_supported","RequestObjectWalletCapabilities","wallet_metadata","wallet_nonce","ErrorResponse","LegacyDirectAuthorizationBodyPayload","vp_token","union","presentation_submission","unknown","DirectAuthorizationBodyPayload","error","error_description"],"sourceRoot":"../../../../src","sources":["credential/presentation/types.ts"],"mappings":";;;;;;AACA,IAAAA,MAAA,GAAAC,OAAA;AACA,IAAAC,CAAA,GAAAC,uBAAA,CAAAF,OAAA;AAAyB,SAAAG,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAF,wBAAAM,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAEzB;AACA;AACA;;AAOA;AACA;AACA;AACA;AACA;;AAQA;AACA;AACA;AACA;;AAQA,MAAMW,MAAM,GAAGxB,CAAC,CAACyB,MAAM,CAAC;EACtBC,IAAI,EAAE1B,CAAC,CAAC2B,KAAK,CAAC3B,CAAC,CAAC4B,MAAM,CAAC,CAAC,CAACC,GAAG,CAAC,CAAC,CAAC,CAAC;EAAE;EAClCC,EAAE,EAAE9B,CAAC,CAAC4B,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAAE;EAC3BC,OAAO,EAAEhC,CAAC,CAAC4B,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAAE;EAChCE,IAAI,EAAEjC,CAAC,CAAC4B,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAAE;EAC7BG,MAAM,EAAElC,CAAC,CAACmC,GAAG,CAAC,CAAC,CAACJ,QAAQ,CAAC,CAAC;EAAE;EAC5BA,QAAQ,EAAE/B,CAAC,CAACoC,OAAO,CAAC,CAAC,CAACL,QAAQ,CAAC,CAAC;EAAE;EAClCM,gBAAgB,EAAErC,CAAC,CAACoC,OAAO,CAAC,CAAC,CAACL,QAAQ,CAAC,CAAC,CAAE;AAC5C,CAAC,CAAC;;AAEF;AACA,MAAMO,WAAW,GAAGtC,CAAC,CAACyB,MAAM,CAAC;EAC3Bc,MAAM,EAAEvC,CAAC,CAAC2B,KAAK,CAACH,MAAM,CAAC,CAACO,QAAQ,CAAC,CAAC;EAAE;EACpCS,gBAAgB,EAAExC,CAAC,CAACyC,IAAI,CAAC,CAAC,UAAU,EAAE,WAAW,CAAC,CAAC,CAACV,QAAQ,CAAC,CAAC,CAAE;AAClE,CAAC,CAAC;;AAEF;;AAEO,MAAMW,eAAe,GAAG1C,CAAC,CAACyB,MAAM,CAAC;EACtCK,EAAE,EAAE9B,CAAC,CAAC4B,MAAM,CAAC,CAAC,CAACC,GAAG,CAAC,CAAC,CAAC;EAAE;EACvBI,IAAI,EAAEjC,CAAC,CAAC4B,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAAE;EAC7BC,OAAO,EAAEhC,CAAC,CAAC4B,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAAE;EAChCY,MAAM,EAAE3C,CAAC,CAAC4C,MAAM,CAAC5C,CAAC,CAAC4B,MAAM,CAAC,CAAC,EAAE5B,CAAC,CAACmC,GAAG,CAAC,CAAC,CAAC,CAACJ,QAAQ,CAAC,CAAC;EAAE;EAClDc,WAAW,EAAEP,WAAW;EAAE;EAC1BQ,KAAK,EAAE9C,CAAC,CAAC4B,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC,CAAE;AAChC,CAAC,CAAC;AAACgB,OAAA,CAAAL,eAAA,GAAAA,eAAA;AAEH,MAAMM,qBAAqB,GAAGhD,CAAC,CAACyB,MAAM,CAAC;EACrCQ,IAAI,EAAEjC,CAAC,CAAC4B,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAC3BC,OAAO,EAAEhC,CAAC,CAAC4B,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAC9BkB,IAAI,EAAEjD,CAAC,CAAC4B,MAAM,CAAC,CAAC;EAAE;EAClBsB,IAAI,EAAElD,CAAC,CAAC4B,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAAE;EAC7BoB,WAAW,EAAEnD,CAAC,CACX2B,KAAK,CACJ3B,CAAC,CAACyB,MAAM,CAAC;IACPQ,IAAI,EAAEjC,CAAC,CAAC4B,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;IAC3BC,OAAO,EAAEhC,CAAC,CAAC4B,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;IAC9BkB,IAAI,EAAEjD,CAAC,CAAC4B,MAAM,CAAC,CAAC;IAChBsB,IAAI,EAAElD,CAAC,CAAC4B,MAAM,CAAC;EACjB,CAAC,CACH,CAAC,CACAG,QAAQ,CAAC,CAAC;EACbqB,KAAK,EAAEpD,CAAC,CAACqD,MAAM,CAAC,CAAC,CAACtB,QAAQ,CAAC;EAC3B;AACF,CAAC,CAAC;;AAGK,MAAMuB,sBAAsB,GAAGtD,CAAC,CAACyB,MAAM,CAAC;EAC7CK,EAAE,EAAE9B,CAAC,CAAC4B,MAAM,CAAC,CAAC;EACdK,IAAI,EAAEjC,CAAC,CAAC4B,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAC3BC,OAAO,EAAEhC,CAAC,CAAC4B,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAC9BwB,iBAAiB,EAAEvD,CAAC,CAAC2B,KAAK,CAACe,eAAe,CAAC;EAC3Cc,uBAAuB,EAAExD,CAAC,CAAC2B,KAAK,CAACqB,qBAAqB,CAAC,CAACjB,QAAQ,CAAC;AACnE,CAAC,CAAC;AAACgB,OAAA,CAAAO,sBAAA,GAAAA,sBAAA;AAGI,MAAMG,aAAa,GAAGzD,CAAC,CAACyB,MAAM,CAAC;EACpCiC,GAAG,EAAE1D,CAAC,CAAC4B,MAAM,CAAC,CAAC;EACf+B,GAAG,EAAEC,eAAQ;EACbC,GAAG,EAAED,eAAQ;EACbE,KAAK,EAAE9D,CAAC,CAAC4B,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAC5BgC,KAAK,EAAE/D,CAAC,CAAC4B,MAAM,CAAC,CAAC;EACjBoC,YAAY,EAAEhE,CAAC,CAAC4B,MAAM,CAAC,CAAC;EACxBqC,mBAAmB,EAAEjE,CAAC,CAAC4B,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAC1CmC,aAAa,EAAElE,CAAC,CAACmE,OAAO,CAAC,UAAU,CAAC;EACpCC,aAAa,EAAEpE,CAAC,CAACmE,OAAO,CAAC,iBAAiB,CAAC;EAC3CE,SAAS,EAAErE,CAAC,CAAC4B,MAAM,CAAC,CAAC;EACrB0C,UAAU,EAAEtE,CAAC,CAAC4C,MAAM,CAAC5C,CAAC,CAAC4B,MAAM,CAAC,CAAC,EAAE5B,CAAC,CAACmC,GAAG,CAAC,CAAC,CAAC,CAACJ,QAAQ,CAAC,CAAC;EAAE;EACtDwC,KAAK,EAAEvE,CAAC,CAAC4B,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAC5ByC,uBAAuB,EAAElB,sBAAsB,CAACvB,QAAQ,CAAC;AAC3D,CAAC,CAAC;AAACgB,OAAA,CAAAU,aAAA,GAAAA,aAAA;AAGI,MAAMgB,cAAc,GAAGzE,CAAC,CAACyB,MAAM,CAAC;EACrCiD,qCAAqC,EAAE1E,CAAC,CAACoC,OAAO,CAAC,CAAC,CAACL,QAAQ,CAAC,CAAC;EAC7D4C,2BAA2B,EAAE3E,CAAC,CAAC2B,KAAK,CAAC3B,CAAC,CAAC4B,MAAM,CAAC,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAC3D6C,2CAA2C,EAAE5E,CAAC,CAAC2B,KAAK,CAAC3B,CAAC,CAAC4B,MAAM,CAAC,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAC3E8C,oBAAoB,EAAE7E,CAAC,CAAC4C,MAAM,CAC5B5C,CAAC,CAAC4B,MAAM,CAAC,CAAC;EAAE;EACZ5B,CAAC,CAACyB,MAAM,CAAC;IACP,mBAAmB,EAAEzB,CAAC,CAAC2B,KAAK,CAAC3B,CAAC,CAAC4B,MAAM,CAAC,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC,CAAE;EACvD,CAAC,CACH;EACA;AACF,CAAC,CAAC;;AAEF;AACA;AACA;AACA;AAHAgB,OAAA,CAAA0B,cAAA,GAAAA,cAAA;AAOO,MAAMK,+BAA+B,GAAG9E,CAAC,CAACyB,MAAM,CAAC;EACtDsD,eAAe,EAAEN,cAAc;EAC/BO,YAAY,EAAEhF,CAAC,CAAC4B,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC;AACpC,CAAC,CAAC;;AAEF;AACA;AACA;AACA;AACA;AAJAgB,OAAA,CAAA+B,+BAAA,GAAAA,+BAAA;AAMO,MAAMG,aAAa,GAAGjF,CAAC,CAACyC,IAAI,CAAC,CAClC,wBAAwB,EACxB,qBAAqB,EACrB,0BAA0B,EAC1B,iBAAiB,EACjB,eAAe,EACf,gBAAgB,CACjB,CAAC;;AAEF;AACA;AACA;AAFAM,OAAA,CAAAkC,aAAA,GAAAA,aAAA;AAGA,MAAMC,oCAAoC,GAAGlF,CAAC,CAACyB,MAAM,CAAC;EACpD0D,QAAQ,EAAEnF,CAAC,CAACoF,KAAK,CAAC,CAACpF,CAAC,CAAC4B,MAAM,CAAC,CAAC,EAAE5B,CAAC,CAAC2B,KAAK,CAAC3B,CAAC,CAAC4B,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAC/DsD,uBAAuB,EAAErF,CAAC,CAAC4C,MAAM,CAAC5C,CAAC,CAAC4B,MAAM,CAAC,CAAC,EAAE5B,CAAC,CAACsF,OAAO,CAAC,CAAC;AAC3D,CAAC,CAAC;;AAEF;AACA;AACA;;AAIO,MAAMC,8BAA8B,GAAGvF,CAAC,CAACoF,KAAK,CAAC,CACpDpF,CAAC,CAACyB,MAAM,CAAC;EACP0D,QAAQ,EAAEnF,CAAC,CAAC4C,MAAM,CAAC5C,CAAC,CAAC4B,MAAM,CAAC,CAAC,EAAE5B,CAAC,CAAC4B,MAAM,CAAC,CAAC;AAC3C,CAAC,CAAC,EACF5B,CAAC,CAACyB,MAAM,CAAC;EAAE+D,KAAK,EAAEP,aAAa;EAAEQ,iBAAiB,EAAEzF,CAAC,CAAC4B,MAAM,CAAC;AAAE,CAAC,CAAC,EACjEsD,oCAAoC,CACrC,CAAC;AAACnC,OAAA,CAAAwC,8BAAA,GAAAA,8BAAA"}

package/lib/commonjs/credential/status/01-start-flow.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ "use strict";
2	+ //# sourceMappingURL=01-start-flow.js.map

package/lib/commonjs/credential/status/01-start-flow.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"names":[],"sourceRoot":"../../../../src","sources":["credential/status/01-start-flow.ts"],"mappings":""}

package/lib/commonjs/credential/status/02-status-attestation.js ADDED Viewed

@@ -0,0 +1,73 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.statusAttestation = void 0;
+var _misc = require("../../utils/misc");
+var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
+var _uuid = require("uuid");
+var _types = require("./types");
+var _errors = require("../../utils/errors");
+var _logging = require("../../utils/logging");
+/**
+ * WARNING: This function must be called after {@link startFlow}.
+ * Verify the status of the credential attestation.
+ * @param issuerConf - The issuer's configuration
+ * @param credential - The credential to be verified
+ * @param credentialCryptoContext - The credential's crypto context
+ * @param context.appFetch (optional) fetch api implementation. Default: built-in fetch
+ * @throws {IssuerResponseError} with a specific code for more context
+ * @returns The credential status attestation
+ */
+const statusAttestation = async function (issuerConf, credential, credentialCryptoContext) {
+  let appFetch = arguments.length > 3 && arguments[3] !== undefined ? arguments[3] : fetch;
+  const jwk = await credentialCryptoContext.getPublicKey();
+  const credentialHash = await (0, _misc.getCredentialHashWithouDiscloures)(credential);
+  const statusAttUrl = issuerConf.openid_credential_issuer.status_attestation_endpoint;
+  const credentialPop = await new _ioReactNativeJwt.SignJWT(credentialCryptoContext).setPayload({
+    aud: statusAttUrl,
+    jti: (0, _uuid.v4)().toString(),
+    credential_hash: credentialHash,
+    credential_hash_alg: "S256"
+  }).setProtectedHeader({
+    alg: "ES256",
+    typ: "status-attestation-request+jwt",
+    kid: jwk.kid
+  }).setIssuedAt().setExpirationTime("5m").sign();
+  const body = {
+    credential_pop: credentialPop
+  };
+  _logging.Logger.log(_logging.LogLevel.DEBUG, `Credential pop: ${credentialPop}`);
+  const result = await appFetch(statusAttUrl, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/json"
+    },
+    body: JSON.stringify(body)
+  }).then((0, _misc.hasStatusOrThrow)(201)).then(raw => raw.json()).then(json => _types.StatusAttestationResponse.parse(json)).catch(handleStatusAttestationError);
+  return {
+    statusAttestation: result.status_attestation
+  };
+};
+/**
+ * Handle the status attestation error by mapping it to a custom exception.
+ * If the error is not an instance of {@link UnexpectedStatusCodeError}, it is thrown as is.
+ * @param e - The error to be handled
+ * @throws {IssuerResponseError} with a specific code for more context
+ */
+exports.statusAttestation = statusAttestation;
+const handleStatusAttestationError = e => {
+  if (!(e instanceof _errors.UnexpectedStatusCodeError)) {
+    throw e;
+  }
+  throw new _errors.ResponseErrorBuilder(_errors.IssuerResponseError).handle(404, {
+    code: _errors.IssuerResponseErrorCodes.CredentialInvalidStatus,
+    message: "Invalid status found for the given credential"
+  }).handle("*", {
+    code: _errors.IssuerResponseErrorCodes.StatusAttestationRequestFailed,
+    message: `Unable to obtain the status attestation for the given credential`
+  }).buildFrom(e);
+};
+//# sourceMappingURL=02-status-attestation.js.map