@pagopa/io-react-native-wallet 1.7.1 → 1.8.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/commonjs/client/generated/wallet-provider.js +37 -11
- package/lib/commonjs/client/generated/wallet-provider.js.map +1 -1
- package/lib/commonjs/credential/issuance/02-get-issuer-config.js +69 -3
- package/lib/commonjs/credential/issuance/02-get-issuer-config.js.map +1 -1
- package/lib/commonjs/credential/issuance/03-start-user-authorization.js +5 -7
- package/lib/commonjs/credential/issuance/03-start-user-authorization.js.map +1 -1
- package/lib/commonjs/credential/issuance/06-obtain-credential.js +27 -10
- package/lib/commonjs/credential/issuance/06-obtain-credential.js.map +1 -1
- package/lib/commonjs/credential/issuance/07-verify-and-parse-credential.js +50 -46
- package/lib/commonjs/credential/issuance/07-verify-and-parse-credential.js.map +1 -1
- package/lib/commonjs/credential/issuance/README.md +1 -1
- package/lib/commonjs/credential/issuance/const.js +1 -1
- package/lib/commonjs/credential/issuance/const.js.map +1 -1
- package/lib/commonjs/credential/issuance/index.js +6 -0
- package/lib/commonjs/credential/issuance/index.js.map +1 -1
- package/lib/commonjs/credential/issuance/types.js +19 -10
- package/lib/commonjs/credential/issuance/types.js.map +1 -1
- package/lib/commonjs/credential/presentation/07-evaluate-dcql-query.js +10 -3
- package/lib/commonjs/credential/presentation/07-evaluate-dcql-query.js.map +1 -1
- package/lib/commonjs/credential/presentation/07-evaluate-input-descriptor.js +11 -4
- package/lib/commonjs/credential/presentation/07-evaluate-input-descriptor.js.map +1 -1
- package/lib/commonjs/credential/presentation/08-send-authorization-response.js +3 -3
- package/lib/commonjs/credential/presentation/08-send-authorization-response.js.map +1 -1
- package/lib/commonjs/credential/presentation/types.js.map +1 -1
- package/lib/commonjs/entity/openid-connect/issuer/types.js +2 -2
- package/lib/commonjs/entity/openid-connect/issuer/types.js.map +1 -1
- package/lib/commonjs/entity/trust/types.js +19 -30
- package/lib/commonjs/entity/trust/types.js.map +1 -1
- package/lib/commonjs/index.js +7 -0
- package/lib/commonjs/index.js.map +1 -1
- package/lib/commonjs/mdoc/index.js +3 -3
- package/lib/commonjs/mdoc/index.js.map +1 -1
- package/lib/commonjs/sd-jwt/index.js +2 -2
- package/lib/commonjs/sd-jwt/index.js.map +1 -1
- package/lib/commonjs/sd-jwt/types.js +1 -1
- package/lib/commonjs/sd-jwt/types.js.map +1 -1
- package/lib/commonjs/utils/credential/issuance/07-verify-and-parse-credentials-utils.js +3 -2
- package/lib/commonjs/utils/credential/issuance/07-verify-and-parse-credentials-utils.js.map +1 -1
- package/lib/commonjs/utils/misc.js +23 -1
- package/lib/commonjs/utils/misc.js.map +1 -1
- package/lib/commonjs/utils/pop.js +1 -1
- package/lib/commonjs/utils/pop.js.map +1 -1
- package/lib/commonjs/wallet-instance-attestation/issuing.js +11 -7
- package/lib/commonjs/wallet-instance-attestation/issuing.js.map +1 -1
- package/lib/commonjs/wallet-instance-attestation/types.js +14 -19
- package/lib/commonjs/wallet-instance-attestation/types.js.map +1 -1
- package/lib/module/client/generated/wallet-provider.js +29 -7
- package/lib/module/client/generated/wallet-provider.js.map +1 -1
- package/lib/module/credential/issuance/02-get-issuer-config.js +66 -1
- package/lib/module/credential/issuance/02-get-issuer-config.js.map +1 -1
- package/lib/module/credential/issuance/03-start-user-authorization.js +5 -7
- package/lib/module/credential/issuance/03-start-user-authorization.js.map +1 -1
- package/lib/module/credential/issuance/06-obtain-credential.js +28 -11
- package/lib/module/credential/issuance/06-obtain-credential.js.map +1 -1
- package/lib/module/credential/issuance/07-verify-and-parse-credential.js +50 -46
- package/lib/module/credential/issuance/07-verify-and-parse-credential.js.map +1 -1
- package/lib/module/credential/issuance/README.md +1 -1
- package/lib/module/credential/issuance/const.js +1 -1
- package/lib/module/credential/issuance/const.js.map +1 -1
- package/lib/module/credential/issuance/index.js +2 -2
- package/lib/module/credential/issuance/index.js.map +1 -1
- package/lib/module/credential/issuance/types.js +15 -8
- package/lib/module/credential/issuance/types.js.map +1 -1
- package/lib/module/credential/presentation/07-evaluate-dcql-query.js +10 -3
- package/lib/module/credential/presentation/07-evaluate-dcql-query.js.map +1 -1
- package/lib/module/credential/presentation/07-evaluate-input-descriptor.js +11 -4
- package/lib/module/credential/presentation/07-evaluate-input-descriptor.js.map +1 -1
- package/lib/module/credential/presentation/08-send-authorization-response.js +3 -3
- package/lib/module/credential/presentation/08-send-authorization-response.js.map +1 -1
- package/lib/module/credential/presentation/types.js.map +1 -1
- package/lib/module/entity/openid-connect/issuer/types.js +2 -2
- package/lib/module/entity/openid-connect/issuer/types.js.map +1 -1
- package/lib/module/entity/trust/types.js +19 -30
- package/lib/module/entity/trust/types.js.map +1 -1
- package/lib/module/index.js +2 -1
- package/lib/module/index.js.map +1 -1
- package/lib/module/mdoc/index.js +3 -3
- package/lib/module/mdoc/index.js.map +1 -1
- package/lib/module/sd-jwt/index.js +2 -2
- package/lib/module/sd-jwt/index.js.map +1 -1
- package/lib/module/sd-jwt/types.js +1 -1
- package/lib/module/sd-jwt/types.js.map +1 -1
- package/lib/module/utils/credential/issuance/07-verify-and-parse-credentials-utils.js +3 -2
- package/lib/module/utils/credential/issuance/07-verify-and-parse-credentials-utils.js.map +1 -1
- package/lib/module/utils/misc.js +20 -0
- package/lib/module/utils/misc.js.map +1 -1
- package/lib/module/utils/pop.js +1 -1
- package/lib/module/utils/pop.js.map +1 -1
- package/lib/module/wallet-instance-attestation/issuing.js +13 -9
- package/lib/module/wallet-instance-attestation/issuing.js.map +1 -1
- package/lib/module/wallet-instance-attestation/types.js +12 -17
- package/lib/module/wallet-instance-attestation/types.js.map +1 -1
- package/lib/typescript/client/generated/wallet-provider.d.ts +146 -17
- package/lib/typescript/client/generated/wallet-provider.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/02-get-issuer-config.d.ts +16 -1
- package/lib/typescript/credential/issuance/02-get-issuer-config.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/03-start-user-authorization.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/06-obtain-credential.d.ts +7 -2
- package/lib/typescript/credential/issuance/06-obtain-credential.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/07-verify-and-parse-credential.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/const.d.ts +1 -1
- package/lib/typescript/credential/issuance/const.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/index.d.ts +2 -2
- package/lib/typescript/credential/issuance/index.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/types.d.ts +52 -21
- package/lib/typescript/credential/issuance/types.d.ts.map +1 -1
- package/lib/typescript/credential/presentation/07-evaluate-dcql-query.d.ts.map +1 -1
- package/lib/typescript/credential/presentation/07-evaluate-input-descriptor.d.ts.map +1 -1
- package/lib/typescript/credential/presentation/08-send-authorization-response.d.ts +1 -1
- package/lib/typescript/credential/presentation/types.d.ts +4 -2
- package/lib/typescript/credential/presentation/types.d.ts.map +1 -1
- package/lib/typescript/entity/openid-connect/issuer/types.d.ts +17 -17
- package/lib/typescript/entity/openid-connect/issuer/types.d.ts.map +1 -1
- package/lib/typescript/entity/trust/index.d.ts +150 -140
- package/lib/typescript/entity/trust/index.d.ts.map +1 -1
- package/lib/typescript/entity/trust/types.d.ts +540 -344
- package/lib/typescript/entity/trust/types.d.ts.map +1 -1
- package/lib/typescript/index.d.ts +2 -1
- package/lib/typescript/index.d.ts.map +1 -1
- package/lib/typescript/pid/sd-jwt/types.d.ts +2 -2
- package/lib/typescript/sd-jwt/index.d.ts +12 -12
- package/lib/typescript/sd-jwt/types.d.ts +14 -14
- package/lib/typescript/utils/credential/issuance/07-verify-and-parse-credentials-utils.d.ts.map +1 -1
- package/lib/typescript/utils/misc.d.ts +8 -0
- package/lib/typescript/utils/misc.d.ts.map +1 -1
- package/lib/typescript/wallet-instance-attestation/issuing.d.ts.map +1 -1
- package/lib/typescript/wallet-instance-attestation/types.d.ts +50 -102
- package/lib/typescript/wallet-instance-attestation/types.d.ts.map +1 -1
- package/package.json +1 -1
- package/src/client/generated/wallet-provider.ts +39 -7
- package/src/credential/issuance/02-get-issuer-config.ts +98 -1
- package/src/credential/issuance/03-start-user-authorization.ts +7 -8
- package/src/credential/issuance/06-obtain-credential.ts +41 -14
- package/src/credential/issuance/07-verify-and-parse-credential.ts +7 -3
- package/src/credential/issuance/README.md +1 -1
- package/src/credential/issuance/const.ts +1 -0
- package/src/credential/issuance/index.ts +6 -1
- package/src/credential/issuance/types.ts +21 -8
- package/src/credential/presentation/07-evaluate-dcql-query.ts +15 -5
- package/src/credential/presentation/07-evaluate-input-descriptor.ts +21 -4
- package/src/credential/presentation/08-send-authorization-response.ts +3 -3
- package/src/credential/presentation/types.ts +3 -0
- package/src/entity/openid-connect/issuer/types.ts +2 -1
- package/src/entity/trust/types.ts +22 -20
- package/src/index.ts +2 -0
- package/src/mdoc/index.ts +3 -3
- package/src/sd-jwt/index.ts +2 -2
- package/src/sd-jwt/types.ts +1 -1
- package/src/utils/credential/issuance/07-verify-and-parse-credentials-utils.ts +3 -2
- package/src/utils/misc.ts +24 -0
- package/src/utils/pop.ts +1 -1
- package/src/wallet-instance-attestation/issuing.ts +14 -8
- package/src/wallet-instance-attestation/types.ts +16 -22
|
@@ -1,10 +1,20 @@
|
|
|
1
1
|
import z from "zod";
|
|
2
|
+
export const ApplicationInfo = z.object({
|
|
3
|
+
name: z.string(),
|
|
4
|
+
version: z.string()
|
|
5
|
+
});
|
|
2
6
|
export const NonceDetailView = z.object({
|
|
3
7
|
nonce: z.string()
|
|
4
8
|
});
|
|
5
9
|
export const WalletAttestationView = z.object({
|
|
6
10
|
wallet_attestation: z.string()
|
|
7
11
|
});
|
|
12
|
+
export const WalletAttestationsView = z.object({
|
|
13
|
+
wallet_attestations: z.array(z.object({
|
|
14
|
+
format: z.union([z.literal("jwt"), z.literal("dc+sd-jwt")]),
|
|
15
|
+
wallet_attestation: z.string()
|
|
16
|
+
}))
|
|
17
|
+
});
|
|
8
18
|
export const CreateWalletInstanceBody = z.object({
|
|
9
19
|
challenge: z.string(),
|
|
10
20
|
key_attestation: z.string(),
|
|
@@ -14,12 +24,8 @@ export const CreateWalletAttestationBody = z.object({
|
|
|
14
24
|
grant_type: z.literal("urn:ietf:params:oauth:grant-type:jwt-bearer"),
|
|
15
25
|
assertion: z.string()
|
|
16
26
|
});
|
|
17
|
-
export const
|
|
18
|
-
|
|
19
|
-
title: z.string().optional(),
|
|
20
|
-
status: z.number().optional(),
|
|
21
|
-
detail: z.string().optional(),
|
|
22
|
-
instance: z.string().optional()
|
|
27
|
+
export const CreateWalletAttestationV2Body = z.object({
|
|
28
|
+
assertion: z.string()
|
|
23
29
|
});
|
|
24
30
|
export const SetWalletInstanceStatusBody = z.object({
|
|
25
31
|
status: z.literal("REVOKED")
|
|
@@ -30,6 +36,13 @@ export const WalletInstanceData = z.object({
|
|
|
30
36
|
is_revoked: z.boolean(),
|
|
31
37
|
revocation_reason: z.union([RevocationReason, z.undefined()]).optional()
|
|
32
38
|
});
|
|
39
|
+
export const ProblemDetail = z.object({
|
|
40
|
+
type: z.string().optional(),
|
|
41
|
+
title: z.string().optional(),
|
|
42
|
+
status: z.number().optional(),
|
|
43
|
+
detail: z.string().optional(),
|
|
44
|
+
instance: z.string().optional()
|
|
45
|
+
});
|
|
33
46
|
export const get_GetNonce = {
|
|
34
47
|
method: z.literal("GET"),
|
|
35
48
|
path: z.literal("/nonce"),
|
|
@@ -73,6 +86,14 @@ export const post_CreateWalletAttestation = {
|
|
|
73
86
|
}),
|
|
74
87
|
response: WalletAttestationView
|
|
75
88
|
};
|
|
89
|
+
export const post_CreateWalletAttestationV2 = {
|
|
90
|
+
method: z.literal("POST"),
|
|
91
|
+
path: z.literal("/wallet-attestations"),
|
|
92
|
+
parameters: z.object({
|
|
93
|
+
body: CreateWalletAttestationV2Body
|
|
94
|
+
}),
|
|
95
|
+
response: WalletAttestationsView
|
|
96
|
+
};
|
|
76
97
|
|
|
77
98
|
// <EndpointByMethod>
|
|
78
99
|
export const EndpointByMethod = {
|
|
@@ -82,7 +103,8 @@ export const EndpointByMethod = {
|
|
|
82
103
|
},
|
|
83
104
|
post: {
|
|
84
105
|
"/wallet-instances": post_CreateWalletInstance,
|
|
85
|
-
"/token": post_CreateWalletAttestation
|
|
106
|
+
"/token": post_CreateWalletAttestation,
|
|
107
|
+
"/wallet-attestations": post_CreateWalletAttestationV2
|
|
86
108
|
},
|
|
87
109
|
put: {
|
|
88
110
|
"/wallet-instances/{id}/status": put_SetWalletInstanceStatus
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["z","
|
|
1
|
+
{"version":3,"names":["z","ApplicationInfo","object","name","string","version","NonceDetailView","nonce","WalletAttestationView","wallet_attestation","WalletAttestationsView","wallet_attestations","array","format","union","literal","CreateWalletInstanceBody","challenge","key_attestation","hardware_key_tag","CreateWalletAttestationBody","grant_type","assertion","CreateWalletAttestationV2Body","SetWalletInstanceStatusBody","status","RevocationReason","WalletInstanceData","id","is_revoked","boolean","revocation_reason","undefined","optional","ProblemDetail","type","title","number","detail","instance","get_GetNonce","method","path","parameters","never","response","post_CreateWalletInstance","body","unknown","get_GetWalletInstanceStatus","put_SetWalletInstanceStatus","post_CreateWalletAttestation","post_CreateWalletAttestationV2","EndpointByMethod","get","post","put","ApiClient","baseUrl","constructor","fetcher","setBaseUrl","arguments","length","createApiClient"],"sourceRoot":"../../../../src","sources":["client/generated/wallet-provider.ts"],"mappings":"AAAA,OAAOA,CAAC,MAAM,KAAK;AAGnB,OAAO,MAAMC,eAAe,GAAGD,CAAC,CAACE,MAAM,CAAC;EACtCC,IAAI,EAAEH,CAAC,CAACI,MAAM,CAAC,CAAC;EAChBC,OAAO,EAAEL,CAAC,CAACI,MAAM,CAAC;AACpB,CAAC,CAAC;AAGF,OAAO,MAAME,eAAe,GAAGN,CAAC,CAACE,MAAM,CAAC;EACtCK,KAAK,EAAEP,CAAC,CAACI,MAAM,CAAC;AAClB,CAAC,CAAC;AAGF,OAAO,MAAMI,qBAAqB,GAAGR,CAAC,CAACE,MAAM,CAAC;EAC5CO,kBAAkB,EAAET,CAAC,CAACI,MAAM,CAAC;AAC/B,CAAC,CAAC;AAGF,OAAO,MAAMM,sBAAsB,GAAGV,CAAC,CAACE,MAAM,CAAC;EAC7CS,mBAAmB,EAAEX,CAAC,CAACY,KAAK,CAC1BZ,CAAC,CAACE,MAAM,CAAC;IACPW,MAAM,EAAEb,CAAC,CAACc,KAAK,CAAC,CAACd,CAAC,CAACe,OAAO,CAAC,KAAK,CAAC,EAAEf,CAAC,CAACe,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC;IAC3DN,kBAAkB,EAAET,CAAC,CAACI,MAAM,CAAC;EAC/B,CAAC,CACH;AACF,CAAC,CAAC;AAGF,OAAO,MAAMY,wBAAwB,GAAGhB,CAAC,CAACE,MAAM,CAAC;EAC/Ce,SAAS,EAAEjB,CAAC,CAACI,MAAM,CAAC,CAAC;EACrBc,eAAe,EAAElB,CAAC,CAACI,MAAM,CAAC,CAAC;EAC3Be,gBAAgB,EAAEnB,CAAC,CAACI,MAAM,CAAC;AAC7B,CAAC,CAAC;AAGF,OAAO,MAAMgB,2BAA2B,GAAGpB,CAAC,CAACE,MAAM,CAAC;EAClDmB,UAAU,EAAErB,CAAC,CAACe,OAAO,CAAC,6CAA6C,CAAC;EACpEO,SAAS,EAAEtB,CAAC,CAACI,MAAM,CAAC;AACtB,CAAC,CAAC;AAGF,OAAO,MAAMmB,6BAA6B,GAAGvB,CAAC,CAACE,MAAM,CAAC;EACpDoB,SAAS,EAAEtB,CAAC,CAACI,MAAM,CAAC;AACtB,CAAC,CAAC;AAGF,OAAO,MAAMoB,2BAA2B,GAAGxB,CAAC,CAACE,MAAM,CAAC;EAClDuB,MAAM,EAAEzB,CAAC,CAACe,OAAO,CAAC,SAAS;AAC7B,CAAC,CAAC;AAGF,OAAO,MAAMW,gBAAgB,GAAG1B,CAAC,CAACc,KAAK,CAAC,CACtCd,CAAC,CAACe,OAAO,CAAC,+BAA+B,CAAC,EAC1Cf,CAAC,CAACe,OAAO,CAAC,6BAA6B,CAAC,EACxCf,CAAC,CAACe,OAAO,CAAC,iBAAiB,CAAC,CAC7B,CAAC;AAGF,OAAO,MAAMY,kBAAkB,GAAG3B,CAAC,CAACE,MAAM,CAAC;EACzC0B,EAAE,EAAE5B,CAAC,CAACI,MAAM,CAAC,CAAC;EACdyB,UAAU,EAAE7B,CAAC,CAAC8B,OAAO,CAAC,CAAC;EACvBC,iBAAiB,EAAE/B,CAAC,CAACc,KAAK,CAAC,CAACY,gBAAgB,EAAE1B,CAAC,CAACgC,SAAS,CAAC,CAAC,CAAC,CAAC,CAACC,QAAQ,CAAC;AACzE,CAAC,CAAC;AAGF,OAAO,MAAMC,aAAa,GAAGlC,CAAC,CAACE,MAAM,CAAC;EACpCiC,IAAI,EAAEnC,CAAC,CAACI,MAAM,CAAC,CAAC,CAAC6B,QAAQ,CAAC,CAAC;EAC3BG,KAAK,EAAEpC,CAAC,CAACI,MAAM,CAAC,CAAC,CAAC6B,QAAQ,CAAC,CAAC;EAC5BR,MAAM,EAAEzB,CAAC,CAACqC,MAAM,CAAC,CAAC,CAACJ,QAAQ,CAAC,CAAC;EAC7BK,MAAM,EAAEtC,CAAC,CAACI,MAAM,CAAC,CAAC,CAAC6B,QAAQ,CAAC,CAAC;EAC7BM,QAAQ,EAAEvC,CAAC,CAACI,MAAM,CAAC,CAAC,CAAC6B,QAAQ,CAAC;AAChC,CAAC,CAAC;AAGF,OAAO,MAAMO,YAAY,GAAG;EAC1BC,MAAM,EAAEzC,CAAC,CAACe,OAAO,CAAC,KAAK,CAAC;EACxB2B,IAAI,EAAE1C,CAAC,CAACe,OAAO,CAAC,QAAQ,CAAC;EACzB4B,UAAU,EAAE3C,CAAC,CAAC4C,KAAK,CAAC,CAAC;EACrBC,QAAQ,EAAEvC;AACZ,CAAC;AAGD,OAAO,MAAMwC,yBAAyB,GAAG;EACvCL,MAAM,EAAEzC,CAAC,CAACe,OAAO,CAAC,MAAM,CAAC;EACzB2B,IAAI,EAAE1C,CAAC,CAACe,OAAO,CAAC,mBAAmB,CAAC;EACpC4B,UAAU,EAAE3C,CAAC,CAACE,MAAM,CAAC;IACnB6C,IAAI,EAAE/B;EACR,CAAC,CAAC;EACF6B,QAAQ,EAAE7C,CAAC,CAACgD,OAAO,CAAC;AACtB,CAAC;AAGD,OAAO,MAAMC,2BAA2B,GAAG;EACzCR,MAAM,EAAEzC,CAAC,CAACe,OAAO,CAAC,KAAK,CAAC;EACxB2B,IAAI,EAAE1C,CAAC,CAACe,OAAO,CAAC,+BAA+B,CAAC;EAChD4B,UAAU,EAAE3C,CAAC,CAACE,MAAM,CAAC;IACnBwC,IAAI,EAAE1C,CAAC,CAACE,MAAM,CAAC;MACb0B,EAAE,EAAE5B,CAAC,CAACI,MAAM,CAAC;IACf,CAAC;EACH,CAAC,CAAC;EACFyC,QAAQ,EAAElB;AACZ,CAAC;AAGD,OAAO,MAAMuB,2BAA2B,GAAG;EACzCT,MAAM,EAAEzC,CAAC,CAACe,OAAO,CAAC,KAAK,CAAC;EACxB2B,IAAI,EAAE1C,CAAC,CAACe,OAAO,CAAC,+BAA+B,CAAC;EAChD4B,UAAU,EAAE3C,CAAC,CAACE,MAAM,CAAC;IACnBwC,IAAI,EAAE1C,CAAC,CAACE,MAAM,CAAC;MACb0B,EAAE,EAAE5B,CAAC,CAACI,MAAM,CAAC;IACf,CAAC,CAAC;IACF2C,IAAI,EAAEvB;EACR,CAAC,CAAC;EACFqB,QAAQ,EAAE7C,CAAC,CAACgD,OAAO,CAAC;AACtB,CAAC;AAGD,OAAO,MAAMG,4BAA4B,GAAG;EAC1CV,MAAM,EAAEzC,CAAC,CAACe,OAAO,CAAC,MAAM,CAAC;EACzB2B,IAAI,EAAE1C,CAAC,CAACe,OAAO,CAAC,QAAQ,CAAC;EACzB4B,UAAU,EAAE3C,CAAC,CAACE,MAAM,CAAC;IACnB6C,IAAI,EAAE3B;EACR,CAAC,CAAC;EACFyB,QAAQ,EAAErC;AACZ,CAAC;AAGD,OAAO,MAAM4C,8BAA8B,GAAG;EAC5CX,MAAM,EAAEzC,CAAC,CAACe,OAAO,CAAC,MAAM,CAAC;EACzB2B,IAAI,EAAE1C,CAAC,CAACe,OAAO,CAAC,sBAAsB,CAAC;EACvC4B,UAAU,EAAE3C,CAAC,CAACE,MAAM,CAAC;IACnB6C,IAAI,EAAExB;EACR,CAAC,CAAC;EACFsB,QAAQ,EAAEnC;AACZ,CAAC;;AAED;AACA,OAAO,MAAM2C,gBAAgB,GAAG;EAC9BC,GAAG,EAAE;IACH,QAAQ,EAAEd,YAAY;IACtB,+BAA+B,EAAES;EACnC,CAAC;EACDM,IAAI,EAAE;IACJ,mBAAmB,EAAET,yBAAyB;IAC9C,QAAQ,EAAEK,4BAA4B;IACtC,sBAAsB,EAAEC;EAC1B,CAAC;EACDI,GAAG,EAAE;IACH,+BAA+B,EAAEN;EACnC;AACF,CAAC;;AAED;AAEA;AAKA;AAEA;AAyCA;AAEA;AACA,OAAO,MAAMO,SAAS,CAAC;EACrBC,OAAO,GAAW,EAAE;EAEpBC,WAAWA,CAAQC,OAAgB,EAAE;IAAA,KAAlBA,OAAgB,GAAhBA,OAAgB;EAAG;EAEtCC,UAAUA,CAACH,OAAe,EAAE;IAC1B,IAAI,CAACA,OAAO,GAAGA,OAAO;IACtB,OAAO,IAAI;EACb;;EAEA;EACAJ,GAAGA,CACDZ,IAAU,EAE+B;IACzC,OAAO,IAAI,CAACkB,OAAO,CAAC,KAAK,EAAE,IAAI,CAACF,OAAO,GAAGhB,IAAI,EAAAoB,SAAA,CAAAC,MAAA,QAAA/B,SAAA,GAAA8B,SAAA,GAAW,CAAC;EAC5D;EACA;;EAEA;EACAP,IAAIA,CACFb,IAAU,EAE+B;IACzC,OAAO,IAAI,CAACkB,OAAO,CAAC,MAAM,EAAE,IAAI,CAACF,OAAO,GAAGhB,IAAI,EAAAoB,SAAA,CAAAC,MAAA,QAAA/B,SAAA,GAAA8B,SAAA,GAAW,CAAC;EAC7D;EACA;;EAEA;EACAN,GAAGA,CACDd,IAAU,EAE+B;IACzC,OAAO,IAAI,CAACkB,OAAO,CAAC,KAAK,EAAE,IAAI,CAACF,OAAO,GAAGhB,IAAI,EAAAoB,SAAA,CAAAC,MAAA,QAAA/B,SAAA,GAAA8B,SAAA,GAAW,CAAC;EAC5D;EACA;AACF;;AAEA,OAAO,SAASE,eAAeA,CAACJ,OAAgB,EAAEF,OAAgB,EAAE;EAClE,OAAO,IAAID,SAAS,CAACG,OAAO,CAAC,CAACC,UAAU,CAACH,OAAO,IAAI,EAAE,CAAC;AACzD;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA"}
|
|
@@ -1,4 +1,6 @@
|
|
|
1
|
+
import { pathInsert } from "../../utils/misc";
|
|
1
2
|
import { getCredentialIssuerMetadata } from "../../entity/openid-connect/issuer";
|
|
3
|
+
import { getCredentialIssuerEntityConfiguration } from "@pagopa/io-react-native-wallet";
|
|
2
4
|
|
|
3
5
|
/**
|
|
4
6
|
* Common configuration for the issuer.
|
|
@@ -8,6 +10,8 @@ import { getCredentialIssuerMetadata } from "../../entity/openid-connect/issuer"
|
|
|
8
10
|
|
|
9
11
|
/**
|
|
10
12
|
* WARNING: This function must be called after {@link startFlow}. The next function to be called is {@link startUserAuthorization}.
|
|
13
|
+
* WARNING: This function extracts the {@link IssuerConfig} from the OpenID Connect endpoint. For the OpenID Federation variant, use {@link getIssuerConfigOIDFED}.
|
|
14
|
+
* WARNING: The variants should not be used in conjunction.
|
|
11
15
|
* Get the Issuer's configuration from the Issuer's metadata.
|
|
12
16
|
* Currently it only supports a mixed configuration based on OpenID Connect partial implementation.
|
|
13
17
|
* @param issuerUrl The base url of the Issuer returned by {@link startFlow}
|
|
@@ -22,6 +26,24 @@ export const getIssuerConfig = async function (issuerUrl) {
|
|
|
22
26
|
return credentialIssuerRationalization(res);
|
|
23
27
|
};
|
|
24
28
|
|
|
29
|
+
/**
|
|
30
|
+
* WARNING: This function must be called after {@link startFlow}. The next function to be called is {@link startUserAuthorization}.
|
|
31
|
+
* WARNING: This function extracts the {@link IssuerConfig} from the OpenID Federation EC. For the OpenID Connect variant, use {@link getIssuerConfig}.
|
|
32
|
+
* WARNING: The variants should not be used in conjunction.
|
|
33
|
+
* Get the Issuer's configuration from the Issuer's metadata fetched from the OpenID Federation system.
|
|
34
|
+
* Currently it only supports a mixed configuration based on OpenID Federation partial implementation.
|
|
35
|
+
* @param issuerUrl The base url of the Issuer returned by {@link startFlow}
|
|
36
|
+
* @param context.appFetch (optional) fetch api implementation. Default: built-in fetch
|
|
37
|
+
* @returns The Issuer's configuration
|
|
38
|
+
*/
|
|
39
|
+
export const getIssuerConfigOIDFED = async function (issuerUrl) {
|
|
40
|
+
let context = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {};
|
|
41
|
+
const res = await getCredentialIssuerEntityConfiguration(issuerUrl, {
|
|
42
|
+
appFetch: context.appFetch
|
|
43
|
+
});
|
|
44
|
+
return credentialIssuerRationalizationOIDFED(res);
|
|
45
|
+
};
|
|
46
|
+
|
|
25
47
|
/**
|
|
26
48
|
* Rationalize the issuer's metadata to the issuer's configuration which is then used in our flows to interact with the issuer.
|
|
27
49
|
* @param issuerMetadata - The issuer's metadata
|
|
@@ -35,7 +57,50 @@ const credentialIssuerRationalization = issuerMetadata => {
|
|
|
35
57
|
authorization_endpoint: issuerMetadata.authorization_endpoint,
|
|
36
58
|
token_endpoint: issuerMetadata.token_endpoint,
|
|
37
59
|
credential_endpoint: issuerMetadata.credential_endpoint,
|
|
38
|
-
keys: issuerMetadata.jwks.keys
|
|
60
|
+
keys: issuerMetadata.jwks.keys,
|
|
61
|
+
issuer: issuerMetadata.authorization_endpoint
|
|
62
|
+
}
|
|
63
|
+
};
|
|
64
|
+
};
|
|
65
|
+
|
|
66
|
+
/**
|
|
67
|
+
* Rationalize the issuer's metadata taken from OpenID Federation to the issuer's configuration which is then used in our flows to interact with the issuer.
|
|
68
|
+
* @param issuerMetadata - The issuer's metadata
|
|
69
|
+
* @returns the isssuer configuration to be used later in our flows
|
|
70
|
+
*/
|
|
71
|
+
const credentialIssuerRationalizationOIDFED = issuerMetadata => {
|
|
72
|
+
const adapted_credential_configurations_supported = Object.fromEntries(Object.entries(issuerMetadata.payload.metadata.openid_credential_issuer.credential_configurations_supported).map(_ref => {
|
|
73
|
+
let [key, config] = _ref;
|
|
74
|
+
const claimsRaw = config.claims;
|
|
75
|
+
const claims = Object.entries(claimsRaw).map(_ref2 => {
|
|
76
|
+
let [, v] = _ref2;
|
|
77
|
+
return {
|
|
78
|
+
path: v.path,
|
|
79
|
+
details: {
|
|
80
|
+
mandatory: v.mandatory,
|
|
81
|
+
display: v.display
|
|
82
|
+
}
|
|
83
|
+
};
|
|
84
|
+
}).reduce((cumulated, entry) => pathInsert(cumulated, entry.path, entry.details), {});
|
|
85
|
+
const newConfig = {
|
|
86
|
+
...config,
|
|
87
|
+
claims,
|
|
88
|
+
// cryptographic_suites_supported have been renamed credential_signing_alg_values_supported.
|
|
89
|
+
// We mantain it for Potential compatibility
|
|
90
|
+
cryptographic_suites_supported: config.credential_signing_alg_values_supported
|
|
91
|
+
};
|
|
92
|
+
return [key, newConfig];
|
|
93
|
+
}));
|
|
94
|
+
return {
|
|
95
|
+
issuerConf: {
|
|
96
|
+
credential_configurations_supported: adapted_credential_configurations_supported,
|
|
97
|
+
pushed_authorization_request_endpoint: issuerMetadata.payload.metadata.oauth_authorization_server.pushed_authorization_request_endpoint,
|
|
98
|
+
authorization_endpoint: issuerMetadata.payload.metadata.oauth_authorization_server.authorization_endpoint,
|
|
99
|
+
token_endpoint: issuerMetadata.payload.metadata.oauth_authorization_server.token_endpoint,
|
|
100
|
+
credential_endpoint: issuerMetadata.payload.metadata.openid_credential_issuer.credential_endpoint,
|
|
101
|
+
keys: issuerMetadata.payload.metadata.openid_credential_issuer.jwks.keys,
|
|
102
|
+
issuer: issuerMetadata.payload.metadata.oauth_authorization_server.issuer,
|
|
103
|
+
nonce_endpoint: issuerMetadata.payload.metadata.openid_credential_issuer.nonce_endpoint
|
|
39
104
|
}
|
|
40
105
|
};
|
|
41
106
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["getCredentialIssuerMetadata","getIssuerConfig","issuerUrl","context","arguments","length","undefined","res","appFetch","credentialIssuerRationalization","issuerMetadata","issuerConf","credential_configurations_supported","pushed_authorization_request_endpoint","authorization_endpoint","token_endpoint","credential_endpoint","keys","jwks"],"sourceRoot":"../../../../src","sources":["credential/issuance/02-get-issuer-config.ts"],"mappings":"
|
|
1
|
+
{"version":3,"names":["pathInsert","getCredentialIssuerMetadata","getCredentialIssuerEntityConfiguration","getIssuerConfig","issuerUrl","context","arguments","length","undefined","res","appFetch","credentialIssuerRationalization","getIssuerConfigOIDFED","credentialIssuerRationalizationOIDFED","issuerMetadata","issuerConf","credential_configurations_supported","pushed_authorization_request_endpoint","authorization_endpoint","token_endpoint","credential_endpoint","keys","jwks","issuer","adapted_credential_configurations_supported","Object","fromEntries","entries","payload","metadata","openid_credential_issuer","map","_ref","key","config","claimsRaw","claims","_ref2","v","path","details","mandatory","display","reduce","cumulated","entry","newConfig","cryptographic_suites_supported","credential_signing_alg_values_supported","oauth_authorization_server","nonce_endpoint"],"sourceRoot":"../../../../src","sources":["credential/issuance/02-get-issuer-config.ts"],"mappings":"AACA,SAASA,UAAU,QAAkB,kBAAkB;AAEvD,SAASC,2BAA2B,QAAQ,oCAAoC;AAEhF,SAASC,sCAAsC,QAAQ,gCAAgC;;AASvF;AACA;AACA;AACA;AACA;;AAYA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMC,eAAgC,GAAG,eAAAA,CAC9CC,SAAS,EAEuB;EAAA,IADhCC,OAAO,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EAEZ,MAAMG,GAAG,GAAG,MAAMR,2BAA2B,CAACG,SAAS,EAAE;IACvDM,QAAQ,EAAEL,OAAO,CAACK;EACpB,CAAC,CAAC;EAEF,OAAOC,+BAA+B,CAACF,GAAG,CAAC;AAC7C,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMG,qBAAsC,GAAG,eAAAA,CACpDR,SAAS,EAEuB;EAAA,IADhCC,OAAO,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EAEZ,MAAMG,GAAG,GAAG,MAAMP,sCAAsC,CAACE,SAAS,EAAE;IAClEM,QAAQ,EAAEL,OAAO,CAACK;EACpB,CAAC,CAAC;EAEF,OAAOG,qCAAqC,CAACJ,GAAG,CAAC;AACnD,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA,MAAME,+BAA+B,GACnCG,cAAuE,IAC9B;EACzC,OAAO;IACLC,UAAU,EAAE;MACVC,mCAAmC,EACjCF,cAAc,CAACE,mCAAmC;MACpDC,qCAAqC,EACnCH,cAAc,CAACG,qCAAqC;MACtDC,sBAAsB,EAAEJ,cAAc,CAACI,sBAAsB;MAC7DC,cAAc,EAAEL,cAAc,CAACK,cAAc;MAC7CC,mBAAmB,EAAEN,cAAc,CAACM,mBAAmB;MACvDC,IAAI,EAAEP,cAAc,CAACQ,IAAI,CAACD,IAAI;MAC9BE,MAAM,EAAET,cAAc,CAACI;IACzB;EACF,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA,MAAML,qCAAqC,GACzCC,cAEC,IACwC;EACzC,MAAMU,2CAA6E,GACjFC,MAAM,CAACC,WAAW,CAChBD,MAAM,CAACE,OAAO,CACZb,cAAc,CAACc,OAAO,CAACC,QAAQ,CAACC,wBAAwB,CACrDd,mCACL,CAAC,CAACe,GAAG,CAACC,IAAA,IAAmB;IAAA,IAAlB,CAACC,GAAG,EAAEC,MAAM,CAAC,GAAAF,IAAA;IAClB,MAAMG,SAAS,GAAGD,MAAM,CAACE,MAAM;IAE/B,MAAMA,MAA0D,GAC9DX,MAAM,CAACE,OAAO,CAACQ,SAAS,CAAC,CACtBJ,GAAG,CAACM,KAAA;MAAA,IAAC,GAAGC,CAAC,CAAC,GAAAD,KAAA;MAAA,OAAM;QACfE,IAAI,EAAED,CAAC,CAACC,IAAI;QACZC,OAAO,EAAE;UACPC,SAAS,EAAEH,CAAC,CAACG,SAAS;UACtBC,OAAO,EAAEJ,CAAC,CAACI;QACb;MACF,CAAC;IAAA,CAAC,CAAC,CACFC,MAAM,CACL,CAACC,SAAS,EAAEC,KAAK,KACf7C,UAAU,CAAC4C,SAAS,EAAEC,KAAK,CAACN,IAAI,EAAEM,KAAK,CAACL,OAAO,CAAC,EAClD,CAAC,CACH,CAAC;IAEL,MAAMM,SAAmD,GAAG;MAC1D,GAAGZ,MAAM;MACTE,MAAM;MACN;MACA;MACAW,8BAA8B,EAC5Bb,MAAM,CAACc;IACX,CAAC;IAED,OAAO,CAACf,GAAG,EAAEa,SAAS,CAAC;EACzB,CAAC,CACH,CAAC;EAEH,OAAO;IACL/B,UAAU,EAAE;MACVC,mCAAmC,EACjCQ,2CAA2C;MAC7CP,qCAAqC,EACnCH,cAAc,CAACc,OAAO,CAACC,QAAQ,CAACoB,0BAA0B,CACvDhC,qCAAqC;MAC1CC,sBAAsB,EACpBJ,cAAc,CAACc,OAAO,CAACC,QAAQ,CAACoB,0BAA0B,CACvD/B,sBAAsB;MAC3BC,cAAc,EACZL,cAAc,CAACc,OAAO,CAACC,QAAQ,CAACoB,0BAA0B,CACvD9B,cAAc;MACnBC,mBAAmB,EACjBN,cAAc,CAACc,OAAO,CAACC,QAAQ,CAACC,wBAAwB,CACrDV,mBAAmB;MACxBC,IAAI,EAAEP,cAAc,CAACc,OAAO,CAACC,QAAQ,CAACC,wBAAwB,CAACR,IAAI,CAACD,IAAI;MACxEE,MAAM,EAAET,cAAc,CAACc,OAAO,CAACC,QAAQ,CAACoB,0BAA0B,CAAC1B,MAAM;MACzE2B,cAAc,EACZpC,cAAc,CAACc,OAAO,CAACC,QAAQ,CAACC,wBAAwB,CAACoB;IAC7D;EACF,CAAC;AACH,CAAC"}
|
|
@@ -13,15 +13,13 @@ import { makeParRequest } from "../../utils/par";
|
|
|
13
13
|
*/
|
|
14
14
|
const selectCredentialDefinition = (issuerConf, credentialType) => {
|
|
15
15
|
const credential_configurations_supported = issuerConf.credential_configurations_supported;
|
|
16
|
-
const
|
|
17
|
-
if (!credential) {
|
|
18
|
-
throw new Error(`No credential support the type '${credentialType}'`);
|
|
19
|
-
}
|
|
20
|
-
const result = {
|
|
16
|
+
const [result] = Object.keys(credential_configurations_supported).filter(e => e.includes(credentialType)).map(() => ({
|
|
21
17
|
credential_configuration_id: credentialType,
|
|
22
|
-
format: credential.format,
|
|
23
18
|
type: "openid_credential"
|
|
24
|
-
};
|
|
19
|
+
}));
|
|
20
|
+
if (!result) {
|
|
21
|
+
throw new Error(`No credential support the type '${credentialType}'`);
|
|
22
|
+
}
|
|
25
23
|
return result;
|
|
26
24
|
};
|
|
27
25
|
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["generateRandomAlphaNumericString","makeParRequest","selectCredentialDefinition","issuerConf","credentialType","credential_configurations_supported","
|
|
1
|
+
{"version":3,"names":["generateRandomAlphaNumericString","makeParRequest","selectCredentialDefinition","issuerConf","credentialType","credential_configurations_supported","result","Object","keys","filter","e","includes","map","credential_configuration_id","type","Error","selectResponseMode","responseMode","startUserAuthorization","ctx","wiaCryptoContext","walletInstanceAttestation","redirectUri","appFetch","fetch","clientId","getPublicKey","then","_","kid","codeVerifier","parEndpoint","pushed_authorization_request_endpoint","credentialDefinition","getPar","issuerRequestUri"],"sourceRoot":"../../../../src","sources":["credential/issuance/03-start-user-authorization.ts"],"mappings":"AAEA,SAASA,gCAAgC,QAAkB,kBAAkB;AAE7E,SAA8BC,cAAc,QAAQ,iBAAiB;AAmBrE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMC,0BAA0B,GAAGA,CACjCC,UAA8C,EAC9CC,cAAgD,KACxB;EACxB,MAAMC,mCAAmC,GACvCF,UAAU,CAACE,mCAAmC;EAEhD,MAAM,CAACC,MAAM,CAAC,GAAGC,MAAM,CAACC,IAAI,CAACH,mCAAmC,CAAC,CAC9DI,MAAM,CAAEC,CAAC,IAAKA,CAAC,CAACC,QAAQ,CAACP,cAAc,CAAC,CAAC,CACzCQ,GAAG,CAAC,OAAO;IACVC,2BAA2B,EAAET,cAAc;IAC3CU,IAAI,EAAE;EACR,CAAC,CAAC,CAAC;EAEL,IAAI,CAACR,MAAM,EAAE;IACX,MAAM,IAAIS,KAAK,CAAE,mCAAkCX,cAAe,GAAE,CAAC;EACvE;EAEA,OAAOE,MAAM;AACf,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA,MAAMU,kBAAkB,GACtBZ,cAAgD,IAC/B;EACjB,MAAMa,YAAY,GAChBb,cAAc,KAAK,6BAA6B,GAC5C,OAAO,GACP,eAAe;EAErB,OAAOa,YAAY;AACrB,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMC,sBAA8C,GAAG,MAAAA,CAC5Df,UAAU,EACVC,cAAc,EACde,GAAG,KACA;EACH,MAAM;IACJC,gBAAgB;IAChBC,yBAAyB;IACzBC,WAAW;IACXC,QAAQ,GAAGC;EACb,CAAC,GAAGL,GAAG;EAEP,MAAMM,QAAQ,GAAG,MAAML,gBAAgB,CAACM,YAAY,CAAC,CAAC,CAACC,IAAI,CAAEC,CAAC,IAAKA,CAAC,CAACC,GAAG,CAAC;EACzE,IAAI,CAACJ,QAAQ,EAAE;IACb,MAAM,IAAIV,KAAK,CAAC,qBAAqB,CAAC;EACxC;EACA,MAAMe,YAAY,GAAG9B,gCAAgC,CAAC,EAAE,CAAC;EACzD,MAAM+B,WAAW,GAAG5B,UAAU,CAAC6B,qCAAqC;EACpE,MAAMC,oBAAoB,GAAG/B,0BAA0B,CACrDC,UAAU,EACVC,cACF,CAAC;EACD,MAAMa,YAAY,GAAGD,kBAAkB,CAACZ,cAAc,CAAC;EAEvD,MAAM8B,MAAM,GAAGjC,cAAc,CAAC;IAAEmB,gBAAgB;IAAEG;EAAS,CAAC,CAAC;EAC7D,MAAMY,gBAAgB,GAAG,MAAMD,MAAM,CACnCT,QAAQ,EACRK,YAAY,EACZR,WAAW,EACXL,YAAY,EACZc,WAAW,EACXV,yBAAyB,EACzB,CAACY,oBAAoB,CACvB,CAAC;EAED,OAAO;IAAEE,gBAAgB;IAAEV,QAAQ;IAAEK,YAAY;IAAEG;EAAqB,CAAC;AAC3E,CAAC"}
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import { sha256ToBase64, SignJWT } from "@pagopa/io-react-native-jwt";
|
|
2
2
|
import { hasStatusOrThrow } from "../../utils/misc";
|
|
3
3
|
import { IssuerResponseError, IssuerResponseErrorCodes, ResponseErrorBuilder, UnexpectedStatusCodeError, ValidationFailed } from "../../utils/errors";
|
|
4
|
-
import { CredentialResponse } from "./types";
|
|
4
|
+
import { CredentialResponse, NonceResponse } from "./types";
|
|
5
5
|
import { createDPopToken } from "../../utils/dpop";
|
|
6
6
|
import uuid from "react-native-uuid";
|
|
7
7
|
export const createNonceProof = async (nonce, issuer, audience, ctx) => {
|
|
@@ -37,14 +37,33 @@ export const obtainCredential = async (issuerConf, accessToken, clientId, creden
|
|
|
37
37
|
dPopCryptoContext
|
|
38
38
|
} = context;
|
|
39
39
|
const credentialUrl = issuerConf.credential_endpoint;
|
|
40
|
+
const issuerUrl = issuerConf.issuer;
|
|
41
|
+
const nonceUrl = issuerConf.nonce_endpoint;
|
|
42
|
+
|
|
43
|
+
// Fetch the nonce from the Credential Issuer
|
|
44
|
+
const {
|
|
45
|
+
c_nonce
|
|
46
|
+
} = nonceUrl ? await appFetch(nonceUrl, {
|
|
47
|
+
method: "POST",
|
|
48
|
+
headers: {
|
|
49
|
+
"Content-Type": "application/json"
|
|
50
|
+
}
|
|
51
|
+
}).then(hasStatusOrThrow(200)).then(res => res.json()).then(body => NonceResponse.parse(body)) : accessToken;
|
|
52
|
+
if (!c_nonce) {
|
|
53
|
+
throw new ValidationFailed({
|
|
54
|
+
message: "Nonce Endpoint not found or access token does not contain the c_nonce"
|
|
55
|
+
});
|
|
56
|
+
}
|
|
40
57
|
|
|
41
58
|
/**
|
|
42
59
|
* JWT proof token to bind the request nonce to the key that will bind the holder User with the Credential
|
|
43
60
|
* This is presented along with the access token to the Credential Endpoint as proof of possession of the private key used to sign the Access Token.
|
|
44
61
|
* @see https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0.html#name-proof-types
|
|
45
62
|
*/
|
|
46
|
-
const signedNonceProof = await createNonceProof(
|
|
47
|
-
|
|
63
|
+
const signedNonceProof = await createNonceProof(c_nonce, clientId, issuerUrl, credentialCryptoContext);
|
|
64
|
+
|
|
65
|
+
// Validation of accessTokenResponse.authorization_details if contain credentialDefinition
|
|
66
|
+
const containsCredentialDefinition = accessToken.authorization_details.some(c => c.credential_configuration_id === credentialDefinition.credential_configuration_id && (credentialDefinition.credential_identifier ? c.credential_identifiers.includes(credentialDefinition.credential_identifier) : true));
|
|
48
67
|
if (!containsCredentialDefinition) {
|
|
49
68
|
throw new ValidationFailed({
|
|
50
69
|
message: "The access token response does not contain the requested credential"
|
|
@@ -65,12 +84,7 @@ export const obtainCredential = async (issuerConf, accessToken, clientId, creden
|
|
|
65
84
|
|
|
66
85
|
/** The credential request body */
|
|
67
86
|
const credentialRequestFormBody = {
|
|
68
|
-
|
|
69
|
-
doctype: credentialDefinition.credential_configuration_id
|
|
70
|
-
} : {
|
|
71
|
-
vct: credentialDefinition.credential_configuration_id
|
|
72
|
-
}),
|
|
73
|
-
format,
|
|
87
|
+
credential_identifier: credentialDefinition.credential_configuration_id,
|
|
74
88
|
proof: {
|
|
75
89
|
jwt: signedNonceProof,
|
|
76
90
|
proof_type: "jwt"
|
|
@@ -98,8 +112,11 @@ export const obtainCredential = async (issuerConf, accessToken, clientId, creden
|
|
|
98
112
|
});
|
|
99
113
|
}
|
|
100
114
|
|
|
101
|
-
|
|
102
|
-
return
|
|
115
|
+
// We support only one credential for now
|
|
116
|
+
return {
|
|
117
|
+
format,
|
|
118
|
+
...credentialRes.data.credentials.at(0)
|
|
119
|
+
};
|
|
103
120
|
};
|
|
104
121
|
|
|
105
122
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["sha256ToBase64","SignJWT","hasStatusOrThrow","IssuerResponseError","IssuerResponseErrorCodes","ResponseErrorBuilder","UnexpectedStatusCodeError","ValidationFailed","CredentialResponse","createDPopToken","uuid","createNonceProof","nonce","issuer","audience","ctx","jwk","getPublicKey","setPayload","setProtectedHeader","typ","setAudience","setIssuer","setIssuedAt","setExpirationTime","sign","obtainCredential","issuerConf","accessToken","clientId","credentialDefinition","context","credentialCryptoContext","appFetch","fetch","dPopCryptoContext","credentialUrl","credential_endpoint","
|
|
1
|
+
{"version":3,"names":["sha256ToBase64","SignJWT","hasStatusOrThrow","IssuerResponseError","IssuerResponseErrorCodes","ResponseErrorBuilder","UnexpectedStatusCodeError","ValidationFailed","CredentialResponse","NonceResponse","createDPopToken","uuid","createNonceProof","nonce","issuer","audience","ctx","jwk","getPublicKey","setPayload","setProtectedHeader","typ","setAudience","setIssuer","setIssuedAt","setExpirationTime","sign","obtainCredential","issuerConf","accessToken","clientId","credentialDefinition","context","credentialCryptoContext","appFetch","fetch","dPopCryptoContext","credentialUrl","credential_endpoint","issuerUrl","nonceUrl","nonce_endpoint","c_nonce","method","headers","then","res","json","body","parse","message","signedNonceProof","containsCredentialDefinition","authorization_details","some","c","credential_configuration_id","credential_identifier","credential_identifiers","includes","credential","credential_configurations_supported","format","credentialRequestFormBody","proof","jwt","proof_type","tokenRequestSignedDPop","htm","htu","jti","v4","ath","access_token","credentialRes","DPoP","Authorization","token_type","JSON","stringify","safeParse","catch","handleObtainCredentialError","success","reason","error","data","credentials","at","e","handle","code","CredentialRequestFailed","buildFrom"],"sourceRoot":"../../../../src","sources":["credential/issuance/06-obtain-credential.ts"],"mappings":"AAAA,SAEEA,cAAc,EACdC,OAAO,QACF,6BAA6B;AAGpC,SAASC,gBAAgB,QAAkB,kBAAkB;AAE7D,SACEC,mBAAmB,EACnBC,wBAAwB,EACxBC,oBAAoB,EACpBC,yBAAyB,EACzBC,gBAAgB,QACX,oBAAoB;AAC3B,SAASC,kBAAkB,EAAEC,aAAa,QAAQ,SAAS;AAC3D,SAASC,eAAe,QAAQ,kBAAkB;AAClD,OAAOC,IAAI,MAAM,mBAAmB;AAiBpC,OAAO,MAAMC,gBAAgB,GAAG,MAAAA,CAC9BC,KAAa,EACbC,MAAc,EACdC,QAAgB,EAChBC,GAAkB,KACE;EACpB,MAAMC,GAAG,GAAG,MAAMD,GAAG,CAACE,YAAY,CAAC,CAAC;EACpC,OAAO,IAAIjB,OAAO,CAACe,GAAG,CAAC,CACpBG,UAAU,CAAC;IACVN;EACF,CAAC,CAAC,CACDO,kBAAkB,CAAC;IAClBC,GAAG,EAAE,sBAAsB;IAC3BJ;EACF,CAAC,CAAC,CACDK,WAAW,CAACP,QAAQ,CAAC,CACrBQ,SAAS,CAACT,MAAM,CAAC,CACjBU,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,MAAM,CAAC,CACzBC,IAAI,CAAC,CAAC;AACX,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMC,gBAAkC,GAAG,MAAAA,CAChDC,UAAU,EACVC,WAAW,EACXC,QAAQ,EACRC,oBAAoB,EACpBC,OAAO,KACJ;EACH,MAAM;IACJC,uBAAuB;IACvBC,QAAQ,GAAGC,KAAK;IAChBC;EACF,CAAC,GAAGJ,OAAO;EAEX,MAAMK,aAAa,GAAGT,UAAU,CAACU,mBAAmB;EACpD,MAAMC,SAAS,GAAGX,UAAU,CAACd,MAAM;EACnC,MAAM0B,QAAQ,GAAGZ,UAAU,CAACa,cAAc;;EAE1C;EACA,MAAM;IAAEC;EAAQ,CAAC,GAAGF,QAAQ,GACxB,MAAMN,QAAQ,CAACM,QAAQ,EAAE;IACvBG,MAAM,EAAE,MAAM;IACdC,OAAO,EAAE;MAAE,cAAc,EAAE;IAAmB;EAChD,CAAC,CAAC,CACCC,IAAI,CAAC3C,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAC3B2C,IAAI,CAAEC,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBF,IAAI,CAAEG,IAAI,IAAKvC,aAAa,CAACwC,KAAK,CAACD,IAAI,CAAC,CAAC,GAC5CnB,WAAW;EACf,IAAI,CAACa,OAAO,EAAE;IACZ,MAAM,IAAInC,gBAAgB,CAAC;MACzB2C,OAAO,EACL;IACJ,CAAC,CAAC;EACJ;;EAEA;AACF;AACA;AACA;AACA;EACE,MAAMC,gBAAgB,GAAG,MAAMvC,gBAAgB,CAC7C8B,OAAO,EACPZ,QAAQ,EACRS,SAAS,EACTN,uBACF,CAAC;;EAED;EACA,MAAMmB,4BAA4B,GAAGvB,WAAW,CAACwB,qBAAqB,CAACC,IAAI,CACxEC,CAAC,IACAA,CAAC,CAACC,2BAA2B,KAC3BzB,oBAAoB,CAACyB,2BAA2B,KACjDzB,oBAAoB,CAAC0B,qBAAqB,GACvCF,CAAC,CAACG,sBAAsB,CAACC,QAAQ,CAC/B5B,oBAAoB,CAAC0B,qBACvB,CAAC,GACD,IAAI,CACZ,CAAC;EAED,IAAI,CAACL,4BAA4B,EAAE;IACjC,MAAM,IAAI7C,gBAAgB,CAAC;MACzB2C,OAAO,EACL;IACJ,CAAC,CAAC;EACJ;EAEA,MAAMU,UAAU,GACdhC,UAAU,CAACiC,mCAAmC,CAC5C9B,oBAAoB,CAACyB,2BAA2B,CACjD;EAEH,IAAI,CAACI,UAAU,EAAE;IACf,MAAM,IAAIrD,gBAAgB,CAAC;MACzB2C,OAAO,EAAE;IACX,CAAC,CAAC;EACJ;EAEA,MAAMY,MAAM,GAAGF,UAAU,CAACE,MAAM;EAEhC,IAAI,CAACA,MAAM,EAAE;IACX,MAAM,IAAIvD,gBAAgB,CAAC;MACzB2C,OAAO,EACL;IACJ,CAAC,CAAC;EACJ;;EAEA;EACA,MAAMa,yBAAyB,GAAG;IAChCN,qBAAqB,EAAE1B,oBAAoB,CAACyB,2BAA2B;IACvEQ,KAAK,EAAE;MACLC,GAAG,EAAEd,gBAAgB;MACrBe,UAAU,EAAE;IACd;EACF,CAAC;EAED,MAAMC,sBAAsB,GAAG,MAAMzD,eAAe,CAClD;IACE0D,GAAG,EAAE,MAAM;IACXC,GAAG,EAAEhC,aAAa;IAClBiC,GAAG,EAAG,GAAE3D,IAAI,CAAC4D,EAAE,CAAC,CAAE,EAAC;IACnBC,GAAG,EAAE,MAAMxE,cAAc,CAAC6B,WAAW,CAAC4C,YAAY;EACpD,CAAC,EACDrC,iBACF,CAAC;EACD,MAAMsC,aAAa,GAAG,MAAMxC,QAAQ,CAACG,aAAa,EAAE;IAClDM,MAAM,EAAE,MAAM;IACdC,OAAO,EAAE;MACP,cAAc,EAAE,kBAAkB;MAClC+B,IAAI,EAAER,sBAAsB;MAC5BS,aAAa,EAAG,GAAE/C,WAAW,CAACgD,UAAW,IAAGhD,WAAW,CAAC4C,YAAa;IACvE,CAAC;IACDzB,IAAI,EAAE8B,IAAI,CAACC,SAAS,CAAChB,yBAAyB;EAChD,CAAC,CAAC,CACClB,IAAI,CAAC3C,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAC3B2C,IAAI,CAAEC,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBF,IAAI,CAAEG,IAAI,IAAKxC,kBAAkB,CAACwE,SAAS,CAAChC,IAAI,CAAC,CAAC,CAClDiC,KAAK,CAACC,2BAA2B,CAAC;EAErC,IAAI,CAACR,aAAa,CAACS,OAAO,EAAE;IAC1B,MAAM,IAAI5E,gBAAgB,CAAC;MACzB2C,OAAO,EAAE,uCAAuC;MAChDkC,MAAM,EAAEV,aAAa,CAACW,KAAK,CAACnC;IAC9B,CAAC,CAAC;EACJ;;EAEA;EACA,OAAO;IACLY,MAAM;IACN,GAAGY,aAAa,CAACY,IAAI,CAACC,WAAW,CAACC,EAAE,CAAC,CAAC;EACxC,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA,MAAMN,2BAA2B,GAAIO,CAAU,IAAK;EAClD,IAAI,EAAEA,CAAC,YAAYnF,yBAAyB,CAAC,EAAE;IAC7C,MAAMmF,CAAC;EACT;EAEA,MAAM,IAAIpF,oBAAoB,CAACF,mBAAmB,CAAC,CAChDuF,MAAM,CAAC,GAAG,EAAE;IACXC,IAAI,EAAEvF,wBAAwB,CAACwF,uBAAuB;IACtD1C,OAAO,EAAE;EACX,CAAC,CAAC,CACD2C,SAAS,CAACJ,CAAC,CAAC;AACjB,CAAC"}
|
|
@@ -11,13 +11,17 @@ import { extractElementValueAsDate } from "../../mdoc/converters";
|
|
|
11
11
|
|
|
12
12
|
//Exported for testing purposes
|
|
13
13
|
export const parseCredentialSdJwt = function (credentials_supported, _ref) {
|
|
14
|
+
var _Object$entries$find;
|
|
14
15
|
let {
|
|
15
16
|
sdJwt,
|
|
16
17
|
disclosures
|
|
17
18
|
} = _ref;
|
|
18
19
|
let ignoreMissingAttributes = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : false;
|
|
19
20
|
let includeUndefinedAttributes = arguments.length > 3 && arguments[3] !== undefined ? arguments[3] : false;
|
|
20
|
-
const credentialSubject = credentials_supported
|
|
21
|
+
const credentialSubject = (_Object$entries$find = Object.entries(credentials_supported).find(_ref2 => {
|
|
22
|
+
let [, vl] = _ref2;
|
|
23
|
+
return vl.vct === sdJwt.payload.vct;
|
|
24
|
+
})) === null || _Object$entries$find === void 0 ? void 0 : _Object$entries$find[1];
|
|
21
25
|
if (!credentialSubject) {
|
|
22
26
|
throw new IoWalletError("Credential type not supported by the issuer");
|
|
23
27
|
}
|
|
@@ -34,10 +38,10 @@ export const parseCredentialSdJwt = function (credentials_supported, _ref) {
|
|
|
34
38
|
const attrDefinitions = Object.entries(claims);
|
|
35
39
|
|
|
36
40
|
// the key of the attribute defintion must match the disclosure's name
|
|
37
|
-
const attrsNotInDisclosures = attrDefinitions.filter(
|
|
38
|
-
let [attrKey, definition] =
|
|
39
|
-
return !disclosures.some(
|
|
40
|
-
let [, name] =
|
|
41
|
+
const attrsNotInDisclosures = attrDefinitions.filter(_ref3 => {
|
|
42
|
+
let [attrKey, definition] = _ref3;
|
|
43
|
+
return !disclosures.some(_ref4 => {
|
|
44
|
+
let [, name] = _ref4;
|
|
41
45
|
return name === attrKey;
|
|
42
46
|
}) && definition.mandatory;
|
|
43
47
|
});
|
|
@@ -53,33 +57,33 @@ export const parseCredentialSdJwt = function (credentials_supported, _ref) {
|
|
|
53
57
|
// and are present in the disclosure set
|
|
54
58
|
const definedValues = Object.fromEntries(attrDefinitions
|
|
55
59
|
// retrieve the value from the disclosure set
|
|
56
|
-
.map(
|
|
60
|
+
.map(_ref5 => {
|
|
57
61
|
var _disclosures$find;
|
|
58
|
-
let [attrKey, definition] =
|
|
62
|
+
let [attrKey, definition] = _ref5;
|
|
59
63
|
return [attrKey, {
|
|
60
64
|
...definition,
|
|
61
65
|
value: (_disclosures$find = disclosures.find(_ => _[1 /* name */] === attrKey)) === null || _disclosures$find === void 0 ? void 0 : _disclosures$find[2 /* value */]
|
|
62
66
|
}];
|
|
63
67
|
})
|
|
64
68
|
//filter the not found elements
|
|
65
|
-
.filter(
|
|
66
|
-
let [_, definition] =
|
|
69
|
+
.filter(_ref6 => {
|
|
70
|
+
let [_, definition] = _ref6;
|
|
67
71
|
return definition.value !== undefined;
|
|
68
72
|
})
|
|
69
73
|
// add a human readable attribute name, with i18n, in the form { locale: name }
|
|
70
74
|
// example: { "it-IT": "Nome", "en-EN": "Name", "es-ES": "Nombre" }
|
|
71
|
-
.map(
|
|
75
|
+
.map(_ref7 => {
|
|
72
76
|
let [attrKey, {
|
|
73
77
|
display,
|
|
74
78
|
...definition
|
|
75
|
-
}] =
|
|
79
|
+
}] = _ref7;
|
|
76
80
|
return [attrKey, {
|
|
77
81
|
...definition,
|
|
78
|
-
name: display.reduce((names,
|
|
82
|
+
name: display.reduce((names, _ref8) => {
|
|
79
83
|
let {
|
|
80
84
|
locale,
|
|
81
85
|
name
|
|
82
|
-
} =
|
|
86
|
+
} = _ref8;
|
|
83
87
|
return {
|
|
84
88
|
...names,
|
|
85
89
|
[locale]: name
|
|
@@ -90,8 +94,8 @@ export const parseCredentialSdJwt = function (credentials_supported, _ref) {
|
|
|
90
94
|
if (includeUndefinedAttributes) {
|
|
91
95
|
// attributes that are in the disclosure set
|
|
92
96
|
// but are not defined in the issuer configuration
|
|
93
|
-
const undefinedValues = Object.fromEntries(disclosures.filter(_ => !Object.keys(definedValues).includes(_[1])).map(
|
|
94
|
-
let [, key, value] =
|
|
97
|
+
const undefinedValues = Object.fromEntries(disclosures.filter(_ => !Object.keys(definedValues).includes(_[1])).map(_ref9 => {
|
|
98
|
+
let [, key, value] = _ref9;
|
|
95
99
|
return [key, {
|
|
96
100
|
value,
|
|
97
101
|
name: key
|
|
@@ -106,10 +110,10 @@ export const parseCredentialSdJwt = function (credentials_supported, _ref) {
|
|
|
106
110
|
};
|
|
107
111
|
|
|
108
112
|
//Exported for testing purposes
|
|
109
|
-
export const parseCredentialMDoc = function (credentials_supported, credential_type,
|
|
113
|
+
export const parseCredentialMDoc = function (credentials_supported, credential_type, _ref10) {
|
|
110
114
|
let {
|
|
111
115
|
issuerSigned
|
|
112
|
-
} =
|
|
116
|
+
} = _ref10;
|
|
113
117
|
let ignoreMissingAttributes = arguments.length > 3 && arguments[3] !== undefined ? arguments[3] : false;
|
|
114
118
|
let includeUndefinedAttributes = arguments.length > 4 && arguments[4] !== undefined ? arguments[4] : false;
|
|
115
119
|
const credentialSubject = credentials_supported[credential_type];
|
|
@@ -123,27 +127,27 @@ export const parseCredentialMDoc = function (credentials_supported, credential_t
|
|
|
123
127
|
}
|
|
124
128
|
|
|
125
129
|
const claims = credentialSubject.claims;
|
|
126
|
-
const attrDefinitions = Object.entries(claims).flatMap(
|
|
127
|
-
let [namespace, claimName] =
|
|
128
|
-
return Object.entries(claimName).map(
|
|
129
|
-
let [claimNameKey, definition] =
|
|
130
|
+
const attrDefinitions = Object.entries(claims).flatMap(_ref11 => {
|
|
131
|
+
let [namespace, claimName] = _ref11;
|
|
132
|
+
return Object.entries(claimName).map(_ref12 => {
|
|
133
|
+
let [claimNameKey, definition] = _ref12;
|
|
130
134
|
return [namespace, claimNameKey, definition];
|
|
131
135
|
});
|
|
132
136
|
});
|
|
133
137
|
if (!issuerSigned.nameSpaces) {
|
|
134
138
|
throw new IoWalletError("Missing claims in the credential");
|
|
135
139
|
}
|
|
136
|
-
const flatNamespaces = Object.entries(issuerSigned.nameSpaces).flatMap(
|
|
137
|
-
let [namespace, values] =
|
|
140
|
+
const flatNamespaces = Object.entries(issuerSigned.nameSpaces).flatMap(_ref13 => {
|
|
141
|
+
let [namespace, values] = _ref13;
|
|
138
142
|
return values.map(v => [namespace, v.elementIdentifier, v.elementValue]);
|
|
139
143
|
});
|
|
140
144
|
|
|
141
145
|
// Check that all mandatory attributes defined in the issuer configuration are present in the disclosure set
|
|
142
146
|
// and filter the non present ones
|
|
143
|
-
const attrsNotInDisclosures = attrDefinitions.filter(
|
|
144
|
-
let [attrDefNamespace, attrKey, definition] =
|
|
145
|
-
const isClaimPresent = flatNamespaces.find(
|
|
146
|
-
let [namespace, name] =
|
|
147
|
+
const attrsNotInDisclosures = attrDefinitions.filter(_ref14 => {
|
|
148
|
+
let [attrDefNamespace, attrKey, definition] = _ref14;
|
|
149
|
+
const isClaimPresent = flatNamespaces.find(_ref15 => {
|
|
150
|
+
let [namespace, name] = _ref15;
|
|
147
151
|
return attrDefNamespace === namespace && name === attrKey;
|
|
148
152
|
});
|
|
149
153
|
return isClaimPresent === undefined && definition.mandatory;
|
|
@@ -159,36 +163,36 @@ export const parseCredentialMDoc = function (credentials_supported, credential_t
|
|
|
159
163
|
// Attributes defined in the issuer configuration and present in the disclosure set
|
|
160
164
|
const definedValues = Object.fromEntries(attrDefinitions
|
|
161
165
|
// Retrieve the value from the corresponding disclosure
|
|
162
|
-
.map(
|
|
166
|
+
.map(_ref16 => {
|
|
163
167
|
var _flatNamespaces$find;
|
|
164
|
-
let [attrDefNamespace, attrKey, definition] =
|
|
168
|
+
let [attrDefNamespace, attrKey, definition] = _ref16;
|
|
165
169
|
return [attrKey, {
|
|
166
170
|
...definition,
|
|
167
|
-
value: (_flatNamespaces$find = flatNamespaces.find(
|
|
168
|
-
let [namespace, name] =
|
|
171
|
+
value: (_flatNamespaces$find = flatNamespaces.find(_ref17 => {
|
|
172
|
+
let [namespace, name] = _ref17;
|
|
169
173
|
return attrDefNamespace === namespace && name === attrKey;
|
|
170
174
|
})) === null || _flatNamespaces$find === void 0 ? void 0 : _flatNamespaces$find[2]
|
|
171
175
|
}];
|
|
172
176
|
})
|
|
173
177
|
//filter the not found elements
|
|
174
|
-
.filter(
|
|
175
|
-
let [_, definition] =
|
|
178
|
+
.filter(_ref18 => {
|
|
179
|
+
let [_, definition] = _ref18;
|
|
176
180
|
return definition.value !== undefined;
|
|
177
181
|
})
|
|
178
182
|
// Add a human-readable attribute name, with i18n, in the form { locale: name }
|
|
179
183
|
// Example: { "it-IT": "Nome", "en-EN": "Name", "es-ES": "Nombre" }
|
|
180
|
-
.map(
|
|
184
|
+
.map(_ref19 => {
|
|
181
185
|
let [attrKey, {
|
|
182
186
|
display,
|
|
183
187
|
...definition
|
|
184
|
-
}] =
|
|
188
|
+
}] = _ref19;
|
|
185
189
|
return [attrKey, {
|
|
186
190
|
...definition,
|
|
187
|
-
name: display.reduce((names,
|
|
191
|
+
name: display.reduce((names, _ref20) => {
|
|
188
192
|
let {
|
|
189
193
|
locale,
|
|
190
194
|
name
|
|
191
|
-
} =
|
|
195
|
+
} = _ref20;
|
|
192
196
|
return {
|
|
193
197
|
...names,
|
|
194
198
|
[locale]: name
|
|
@@ -198,11 +202,11 @@ export const parseCredentialMDoc = function (credentials_supported, credential_t
|
|
|
198
202
|
}));
|
|
199
203
|
if (includeUndefinedAttributes) {
|
|
200
204
|
// Attributes that are present in the disclosure set but not defined in the issuer configuration
|
|
201
|
-
const undefinedValues = Object.fromEntries(flatNamespaces.filter(
|
|
202
|
-
let [, key] =
|
|
205
|
+
const undefinedValues = Object.fromEntries(flatNamespaces.filter(_ref21 => {
|
|
206
|
+
let [, key] = _ref21;
|
|
203
207
|
return !Object.keys(definedValues).includes(key);
|
|
204
|
-
}).map(
|
|
205
|
-
let [, key, value] =
|
|
208
|
+
}).map(_ref22 => {
|
|
209
|
+
let [, key, value] = _ref22;
|
|
206
210
|
return [key, {
|
|
207
211
|
value,
|
|
208
212
|
name: key
|
|
@@ -290,12 +294,12 @@ async function verifyCredentialMDoc(rawCredential, issuerKeys, holderBindingCont
|
|
|
290
294
|
|
|
291
295
|
// utility type that specialize VerifyAndParseCredential for given format
|
|
292
296
|
|
|
293
|
-
const verifyAndParseCredentialSdJwt = async (issuerConf, credential, _, __,
|
|
297
|
+
const verifyAndParseCredentialSdJwt = async (issuerConf, credential, _, __, _ref23) => {
|
|
294
298
|
let {
|
|
295
299
|
credentialCryptoContext,
|
|
296
300
|
ignoreMissingAttributes,
|
|
297
301
|
includeUndefinedAttributes
|
|
298
|
-
} =
|
|
302
|
+
} = _ref23;
|
|
299
303
|
const decoded = await verifyCredentialSdJwt(credential, issuerConf.keys, credentialCryptoContext);
|
|
300
304
|
const parsedCredential = parseCredentialSdJwt(issuerConf.credential_configurations_supported, decoded, ignoreMissingAttributes, includeUndefinedAttributes);
|
|
301
305
|
const maybeIssuedAt = getValueFromDisclosures(decoded.disclosures, "iat");
|
|
@@ -305,12 +309,12 @@ const verifyAndParseCredentialSdJwt = async (issuerConf, credential, _, __, _ref
|
|
|
305
309
|
issuedAt: typeof maybeIssuedAt === "number" ? new Date(maybeIssuedAt * 1000) : undefined
|
|
306
310
|
};
|
|
307
311
|
};
|
|
308
|
-
const verifyAndParseCredentialMDoc = async (issuerConf, credential, _, credentialType,
|
|
312
|
+
const verifyAndParseCredentialMDoc = async (issuerConf, credential, _, credentialType, _ref24) => {
|
|
309
313
|
var _parsedCredential$exp, _parsedCredential$iss;
|
|
310
314
|
let {
|
|
311
315
|
credentialCryptoContext,
|
|
312
316
|
ignoreMissingAttributes
|
|
313
|
-
} =
|
|
317
|
+
} = _ref24;
|
|
314
318
|
const decoded = await verifyCredentialMDoc(credential, issuerConf.keys, credentialCryptoContext);
|
|
315
319
|
const parsedCredential = parseCredentialMDoc(issuerConf.credential_configurations_supported, credentialType, decoded, undefined, ignoreMissingAttributes);
|
|
316
320
|
const expirationDate = extractElementValueAsDate(parsedCredential === null || parsedCredential === void 0 || (_parsedCredential$exp = parsedCredential.expiry_date) === null || _parsedCredential$exp === void 0 ? void 0 : _parsedCredential$exp.value);
|
|
@@ -341,7 +345,7 @@ const verifyAndParseCredentialMDoc = async (issuerConf, credential, _, credentia
|
|
|
341
345
|
* @throws {IoWalletError} If the credential data fail to parse
|
|
342
346
|
*/
|
|
343
347
|
export const verifyAndParseCredential = async (issuerConf, credential, format, credentialType, context) => {
|
|
344
|
-
if (format === "vc+sd-jwt") {
|
|
348
|
+
if (format === "vc+sd-jwt" || format === "dc+sd-jwt") {
|
|
345
349
|
return verifyAndParseCredentialSdJwt(issuerConf, credential, format, credentialType, context);
|
|
346
350
|
}
|
|
347
351
|
if (format === "mso_mdoc") {
|