npm - @pagopa/io-react-native-wallet - Versions diffs - 2.0.0-next.0 → 2.0.0-next.2 - Mend

@pagopa/io-react-native-wallet 2.0.0-next.0 → 2.0.0-next.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (77) hide show

package/lib/module/trust/index.js CHANGED Viewed

@@ -1,263 +1,6 @@
-import { decode, verify } from "./utils";
-import { decode as decodeJwt } from "@pagopa/io-react-native-jwt";
-import { CredentialIssuerEntityConfiguration, EntityConfiguration, EntityStatement, FederationListResponse, RelyingPartyEntityConfiguration, TrustAnchorEntityConfiguration, WalletProviderEntityConfiguration } from "./types";
-import { renewTrustChain, validateTrustChain } from "./chain";
-import { hasStatusOrThrow } from "../utils/misc";
-import { BuildTrustChainError, FederationListParseError, MissingFederationFetchEndpointError, RelyingPartyNotAuthorizedError, TrustAnchorKidMissingError } from "./errors";
-/**
- * Verify a given trust chain is actually valid.
- * It can handle fast chain renewal, which means we try to fetch a fresh version of each statement.
- *
- * @param trustAnchorEntity The entity configuration of the known trust anchor
- * @param chain The chain of statements to be validated
- * @param renewOnFail Whether to renew the provided chain if the validation fails at first. Default: true
- * @param appFetch Fetch api implementation. Default: the built-in implementation
- * @returns The result of the chain validation
- * @throws {FederationError} If the chain is not valid
- */
-export async function verifyTrustChain(trustAnchorEntity, chain) {
-  let {
-    appFetch = fetch,
-    renewOnFail = true
-  } = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : {};
-  try {
-    return validateTrustChain(trustAnchorEntity, chain);
-  } catch (error) {
-    if (renewOnFail) {
-      const renewedChain = await renewTrustChain(chain, appFetch);
-      return validateTrustChain(trustAnchorEntity, renewedChain);
-    } else {
-      throw error;
-    }
-  }
-}
-/**
- * Fetch the signed entity configuration token for an entity
- *
- * @param entityBaseUrl The url of the entity to fetch
- * @param appFetch (optional) fetch api implementation
- * @returns The signed Entity Configuration token
- */
-export async function getSignedEntityConfiguration(entityBaseUrl) {
-  let {
-    appFetch = fetch
-  } = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {};
-  const wellKnownUrl = `${entityBaseUrl}/.well-known/openid-federation`;
-  return await appFetch(wellKnownUrl, {
-    method: "GET"
-  }).then(hasStatusOrThrow(200)).then(res => res.text());
-}
-/**
- * Fetch and parse the entity configuration document for a given federation entity.
- * This is an inner method to serve public interfaces.
- *
- * To add another entity configuration type (example: Foo entity type):
- *  - create its zod schema and type by inherit from the base type (example: FooEntityConfiguration = BaseEntityConfiguration.and(...))
- *  - add such type to EntityConfiguration union
- *  - add an overload to this function
- *  - create a public function which use such type (example: getFooEntityConfiguration = (url, options) => Promise<FooEntityConfiguration>)
- *
- * @param entityBaseUrl The base url of the entity.
- * @param schema The expected schema of the entity configuration, according to the kind of entity we are fetching from.
- * @param options An optional object with additional options.
- * @param options.appFetch An optional instance of the http client to be used.
- * @returns The parsed entity configuration object
- * @throws {IoWalletError} If the http request fails
- * @throws Parse error if the document is not in the expected shape.
- */
-async function fetchAndParseEntityConfiguration(entityBaseUrl, schema) {
-  let {
-    appFetch = fetch
-  } = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : {};
-  const responseText = await getSignedEntityConfiguration(entityBaseUrl, {
-    appFetch
-  });
-  const responseJwt = decodeJwt(responseText);
-  return schema.parse({
-    header: responseJwt.protectedHeader,
-    payload: responseJwt.payload
-  });
-}
-export const getWalletProviderEntityConfiguration = (entityBaseUrl, options) => fetchAndParseEntityConfiguration(entityBaseUrl, WalletProviderEntityConfiguration, options);
-export const getCredentialIssuerEntityConfiguration = (entityBaseUrl, options) => fetchAndParseEntityConfiguration(entityBaseUrl, CredentialIssuerEntityConfiguration, options);
-export const getTrustAnchorEntityConfiguration = (entityBaseUrl, options) => fetchAndParseEntityConfiguration(entityBaseUrl, TrustAnchorEntityConfiguration, options);
-export const getRelyingPartyEntityConfiguration = (entityBaseUrl, options) => fetchAndParseEntityConfiguration(entityBaseUrl, RelyingPartyEntityConfiguration, options);
-export const getEntityConfiguration = (entityBaseUrl, options) => fetchAndParseEntityConfiguration(entityBaseUrl, EntityConfiguration, options);
-/**
- * Fetch and parse the entity statement document for a given federation entity.
- *
- * @param accreditationBodyBaseUrl The base url of the accreditation body which holds and signs the required entity statement
- * @param subordinatedEntityBaseUrl The url that identifies the subordinate entity
- * @param appFetch An optional instance of the http client to be used.
- * @returns The parsed entity configuration object
- * @throws {IoWalletError} If the http request fails
- */
-export async function getEntityStatement(accreditationBodyBaseUrl, subordinatedEntityBaseUrl) {
-  let {
-    appFetch = fetch
-  } = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : {};
-  const responseText = await getSignedEntityStatement(accreditationBodyBaseUrl, subordinatedEntityBaseUrl, {
-    appFetch
-  });
-  const responseJwt = decodeJwt(responseText);
-  return EntityStatement.parse({
-    header: responseJwt.protectedHeader,
-    payload: responseJwt.payload
-  });
-}
-/**
- * Fetch the entity statement document for a given federation entity.
- *
- * @param federationFetchEndpoint The exact endpoint provided by the parent EC's metadata.
- * @param subordinatedEntityBaseUrl The url that identifies the subordinate entity.
- * @param appFetch An optional instance of the http client to be used.
- * @returns The signed entity statement token.
- * @throws {IoWalletError} If the http request fails.
- */
-export async function getSignedEntityStatement(federationFetchEndpoint, subordinatedEntityBaseUrl) {
-  let {
-    appFetch = fetch
-  } = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : {};
-  const url = new URL(federationFetchEndpoint);
-  url.searchParams.set("sub", subordinatedEntityBaseUrl);
-  return await appFetch(url.toString(), {
-    method: "GET"
-  }).then(hasStatusOrThrow(200)).then(res => res.text());
-}
-/**
- * Fetch the federation list document from a given endpoint.
- *
- * @param federationListEndpoint The URL of the federation list endpoint.
- * @param appFetch An optional instance of the http client to be used.
- * @returns The federation list as an array of strings.
- * @throws {IoWalletError} If the HTTP request fails.
- * @throws {FederationError} If the result is not in the expected format.
- */
-export async function getFederationList(federationListEndpoint) {
-  let {
-    appFetch = fetch
-  } = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {};
-  return await appFetch(federationListEndpoint, {
-    method: "GET"
-  }).then(hasStatusOrThrow(200)).then(res => res.json()).then(json => {
-    const result = FederationListResponse.safeParse(json);
-    if (!result.success) {
-      throw new FederationListParseError(`Invalid federation list format received from ${federationListEndpoint}. Error: ${result.error.message}`, {
-        url: federationListEndpoint,
-        parseError: result.error.toString()
-      });
-    }
-    return result.data;
-  });
-}
-/**
- * Build a not-verified trust chain for a given Relying Party (RP) entity.
- *
- * @param relyingPartyEntityBaseUrl The base URL of the RP entity
- * @param trustAnchorKey The public key of the Trust Anchor (TA) entity
- * @param appFetch An optional instance of the http client to be used.
- * @returns A list of signed tokens that represent the trust chain, in the order of the chain (from the RP to the Trust Anchor)
- * @throws {FederationError} When an element of the chain fails to parse or other build steps fail.
- */
-export async function buildTrustChain(relyingPartyEntityBaseUrl, trustAnchorKey) {
-  let appFetch = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : fetch;
-  // 1: Recursively gather the trust chain from the RP up to the Trust Anchor
-  const trustChain = await gatherTrustChain(relyingPartyEntityBaseUrl, appFetch);
-  // 2: Trust Anchor signature verification
-  const trustAnchorJwt = trustChain[trustChain.length - 1];
-  if (!trustAnchorJwt) {
-    throw new BuildTrustChainError("Cannot verify trust anchor: missing entity configuration in gathered chain.", {
-      relyingPartyUrl: relyingPartyEntityBaseUrl
-    });
-  }
-  if (!trustAnchorKey.kid) {
-    throw new TrustAnchorKidMissingError();
-  }
-  await verify(trustAnchorJwt, trustAnchorKey.kid, [trustAnchorKey]);
-  // 3: Check the federation list
-  const trustAnchorConfig = EntityConfiguration.parse(decode(trustAnchorJwt));
-  const federationListEndpoint = trustAnchorConfig.payload.metadata.federation_entity.federation_list_endpoint;
-  if (federationListEndpoint) {
-    const federationList = await getFederationList(federationListEndpoint, {
-      appFetch
-    });
-    if (!federationList.includes(relyingPartyEntityBaseUrl)) {
-      throw new RelyingPartyNotAuthorizedError("Relying Party entity base URL is not authorized by the Trust Anchor's federation list.", {
-        relyingPartyUrl: relyingPartyEntityBaseUrl,
-        federationListEndpoint
-      });
-    }
-  }
-  return trustChain;
-}
-/**
- * Recursively gather the trust chain for an entity and all its superiors.
- * @param entityBaseUrl The base URL of the entity for which to gather the chain.
- * @param appFetch An optional instance of the http client to be used.
- * @param isLeaf Whether the current entity is the leaf of the chain.
- * @returns A full ordered list of JWTs (ECs and ESs) forming the trust chain.
- * @throws {FederationError} If any of the fetched documents fail to parse or other errors occur during the gathering process.
- */
-async function gatherTrustChain(entityBaseUrl, appFetch) {
-  let isLeaf = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : true;
-  const chain = [];
-  // Fetch self-signed EC (only needed for the leaf)
-  const entityECJwt = await getSignedEntityConfiguration(entityBaseUrl, {
-    appFetch
-  });
-  const entityEC = EntityConfiguration.parse(decode(entityECJwt));
-  if (isLeaf) {
-    // Only push EC for the leaf
-    chain.push(entityECJwt);
-  }
-  // Find authority_hints (parent, if any)
-  const authorityHints = entityEC.payload.authority_hints ?? [];
-  if (authorityHints.length === 0) {
-    // This is the Trust Anchor (no parent)
-    if (!isLeaf) {
-      chain.push(entityECJwt);
-    }
-    return chain;
-  }
-  const parentEntityBaseUrl = authorityHints[0];
-  // Fetch parent EC
-  const parentECJwt = await getSignedEntityConfiguration(parentEntityBaseUrl, {
-    appFetch
-  });
-  const parentEC = EntityConfiguration.parse(decode(parentECJwt));
-  // Fetch ES
-  const federationFetchEndpoint = parentEC.payload.metadata.federation_entity.federation_fetch_endpoint;
-  if (!federationFetchEndpoint) {
-    throw new MissingFederationFetchEndpointError(`Missing federation_fetch_endpoint in parent's (${parentEntityBaseUrl}) configuration when gathering chain for ${entityBaseUrl}.`, {
-      entityBaseUrl,
-      missingInEntityUrl: parentEntityBaseUrl
-    });
-  }
-  const entityStatementJwt = await getSignedEntityStatement(federationFetchEndpoint, entityBaseUrl, {
-    appFetch
-  });
-  // Validate the ES
-  EntityStatement.parse(decode(entityStatementJwt));
-  // Push this ES into the chain
-  chain.push(entityStatementJwt);
-  // Recurse into the parent
-  const parentChain = await gatherTrustChain(parentEntityBaseUrl, appFetch, false);
-  return chain.concat(parentChain);
-}
+import * as Build from "./build-chain";
+import * as Verify from "./verify-chain";
+import * as Errors from "./errors";
+import * as Types from "./types";
+export { Build, Verify, Errors, Types };
 //# sourceMappingURL=index.js.map

package/lib/module/trust/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"names":["~~decode~~","~~verify~~","~~decodeJwt~~","~~CredentialIssuerEntityConfiguration~~","EntityConfiguration","EntityStatement","FederationListResponse","RelyingPartyEntityConfiguration","TrustAnchorEntityConfiguration","WalletProviderEntityConfiguration","renewTrustChain","validateTrustChain","hasStatusOrThrow","BuildTrustChainError","FederationListParseError","MissingFederationFetchEndpointError","RelyingPartyNotAuthorizedError","TrustAnchorKidMissingError","verifyTrustChain","trustAnchorEntity","chain","appFetch","fetch","renewOnFail","arguments","length","undefined","error","renewedChain","getSignedEntityConfiguration","entityBaseUrl","wellKnownUrl","method","then","res","text","fetchAndParseEntityConfiguration","schema","responseText","responseJwt","parse","header","protectedHeader","payload","getWalletProviderEntityConfiguration","options","getCredentialIssuerEntityConfiguration","getTrustAnchorEntityConfiguration","getRelyingPartyEntityConfiguration","getEntityConfiguration","getEntityStatement","accreditationBodyBaseUrl","subordinatedEntityBaseUrl","getSignedEntityStatement","federationFetchEndpoint","url","URL","searchParams","set","toString","getFederationList","federationListEndpoint","json","result","safeParse","success","message","parseError","data","buildTrustChain","relyingPartyEntityBaseUrl","trustAnchorKey","trustChain","gatherTrustChain","trustAnchorJwt","relyingPartyUrl","kid","trustAnchorConfig","metadata","federation_entity","federation_list_endpoint","federationList","includes","isLeaf","entityECJwt","entityEC","push","authorityHints","authority_hints","parentEntityBaseUrl","parentECJwt","parentEC","federation_fetch_endpoint","missingInEntityUrl","entityStatementJwt","parentChain","concat"],"sourceRoot":"../../../src","sources":["trust/index.ts"],"mappings":"AAAA,SAASA,MAAM,EAAEC,MAAM,QAAQ,SAAS;AACxC,SAASD,MAAM,IAAIE,SAAS,QAAQ,6BAA6B;AACjE,SACEC,mCAAmC,EACnCC,mBAAmB,EACnBC,eAAe,EACfC,sBAAsB,EACtBC,+BAA+B,EAC/BC,8BAA8B,EAC9BC,iCAAiC,QAC5B,SAAS;AAChB,SAASC,eAAe,EAAEC,kBAAkB,QAAQ,SAAS;AAC7D,SAASC,gBAAgB,QAAQ,eAAe;AAEhD,SACEC,oBAAoB,EACpBC,wBAAwB,EACxBC,mCAAmC,EACnCC,8BAA8B,EAC9BC,0BAA0B,QACrB,UAAU;AAWjB;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,~~eAAeC~~,~~gBAAgBA,CACpCC,iBAAiD,EACjDC,KAAe,EAKiC;EAAA,IAJhD;IACEC,QAAQ,GAAGC,~~KAAK~~;IAChBC~~,WAAW,GAAG;EAC4C,CAAC,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EAElE,IAAI;IACF,OAAOb,kBAAkB,CAACQ,iBAAiB,EAAEC,KAAK,CAAC;EACrD,CAAC,CAAC,OAAOO,KAAK,EAAE;IACd,IAAIJ,WAAW,EAAE;MACf,MAAMK,YAAY,GAAG,MAAMlB,eAAe,CAACU,KAAK,EAAEC,QAAQ,CAAC;MAC3D,OAAOV,kBAAkB,CAACQ,iBAAiB,EAAES,YAAY,CAAC;IAC5D,CAAC,MAAM~~;MACL~~,MAAMD,KAAK;IACb;EACF;AACF;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,eAAeE,4BAA4BA,CAChDC,aAAqB,EAMJ;EAAA,IALjB;IACET,QAAQ,GAAGC;EAGb,CAAC,GAAAE,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EAEN,MAAMO,YAAY,GAAI,GAAED,aAAc,gCAA+B;EAErE,OAAO,MAAMT,QAAQ,CAACU,YAAY,EAAE;IAClCC,MAAM,EAAE;EACV,CAAC,CAAC,CACCC,IAAI,CAACrB,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAC3BqB,IAAI,CAAEC,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC;AAC9B;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAoCA,eAAeC,gCAAgCA,CAC7CN,aAAqB,EACrBO,MAK8B,EAM9B;EAAA,IALA;IACEhB,QAAQ,GAAGC;EAGb,CAAC,GAAAE,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EAEN,MAAMc,YAAY,GAAG,MAAMT,4BAA4B,CAACC,aAAa,EAAE;IACrET;EACF,CAAC,CAAC;EAEF,MAAMkB,WAAW,GAAGrC,SAAS,CAACoC,YAAY,CAAC;EAC3C,OAAOD,MAAM,CAACG,KAAK,CAAC;IAClBC,MAAM,EAAEF,WAAW,CAACG,eAAe;~~IACnCC~~,OAAO,~~EAAEJ~~,WAAW,CAACI;EACvB,CAAC,CAAC;AACJ;AAEA,OAAO,MAAMC,oCAAoC,GAAGA,CAClDd,aAAqE,EACrEe,OAAgE,KAEhET,gCAAgC,CAC9BN,aAAa,EACbrB,iCAAiC,EACjCoC,OACF,CAAC;AAEH,OAAO,MAAMC,sCAAsC,GAAGA,CACpDhB,aAAqE,EACrEe,OAAgE,KAEhET,gCAAgC,CAC9BN,aAAa,EACb3B,mCAAmC,EACnC0C,OACF,CAAC;AAEH,OAAO,MAAME,iCAAiC,GAAGA,CAC/CjB,aAAqE,EACrEe,OAAgE,KAEhET,gCAAgC,CAC9BN,aAAa,EACbtB,8BAA8B,EAC9BqC,OACF,CAAC;AAEH,OAAO,MAAMG,kCAAkC,GAAGA,CAChDlB,aAAqE,EACrEe,OAAgE,KAEhET,gCAAgC,CAC9BN,aAAa,EACbvB,+BAA+B,EAC/BsC,OACF,CAAC;AAEH,OAAO,MAAMI,sBAAsB,GAAGA,CACpCnB,aAAqE,EACrEe,OAAgE,KAEhET,gCAAgC,CAACN,aAAa,EAAE1B,mBAAmB,EAAEyC,OAAO,CAAC;;AAE/E;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,eAAeK,kBAAkBA,CACtCC,wBAAgC,EAChCC,yBAAiC,EAMjC;EAAA,IALA;IACE/B,QAAQ,GAAGC;EAGb,CAAC,GAAAE,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EAEN,MAAMc,YAAY,GAAG,MAAMe,wBAAwB,CACjDF,wBAAwB,EACxBC,yBAAyB,EACzB;IACE/B;EACF,CACF,CAAC;EAED,MAAMkB,WAAW,GAAGrC,SAAS,CAACoC,YAAY,CAAC;EAC3C,OAAOjC,eAAe,CAACmC,KAAK,CAAC;IAC3BC,MAAM,EAAEF,WAAW,CAACG,eAAe;IACnCC,OAAO,EAAEJ,WAAW,CAACI;EACvB,CAAC,CAAC;AACJ;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,eAAeU,wBAAwBA,CAC5CC,uBAA+B,EAC/BF,yBAAiC,EAMjC;EAAA,IALA;IACE/B,QAAQ,GAAGC;EAGb,CAAC,GAAAE,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EAEN,MAAM+B,GAAG,GAAG,IAAIC,GAAG,CAACF,uBAAuB,CAAC;EAC5CC,GAAG,CAACE,YAAY,CAACC,GAAG,CAAC,KAAK,EAAEN,yBAAyB,CAAC;EAEtD,OAAO,MAAM/B,QAAQ,CAACkC,GAAG,CAACI,QAAQ,CAAC,CAAC,EAAE;IACpC3B,MAAM,EAAE;EACV,CAAC,CAAC,CACCC,IAAI,CAACrB,gBAAgB~~,CAAC,GAAG,CAAC,CAAC,CAC3BqB,IAAI,CAAEC,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC~~;~~AAC9B;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA~~,OAAO,~~eAAeyB~~,~~iBAAiBA,CACrCC,sBAA8B,EAMX;EAAA,IALnB;IACExC,QAAQ,GAAGC;EAGb,CAAC,GAAAE,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EAEN,OAAO,MAAMH,QAAQ,CAACwC,sBAAsB,EAAE;IAC5C7B,~~MAAM,~~EAAE;EACV,CAAC,CAAC,CACCC,IAAI,CAACrB,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAC3BqB,IAAI,CAAEC,GAAG,IAAKA,GAAG,CAAC4B,IAAI,CAAC,CAAC,CAAC,CACzB7B,IAAI,CAAE6B,IAAI,IAAK;IACd,MAAMC,~~MAAM,GAAGzD,sBAAsB,CAAC0D,SAAS,CAACF,IAAI,CAAC;IACrD,IAAI,CAACC,MAAM,CAACE,OAAO,EAAE;MACnB,MAAM,IAAInD,wBAAwB,CAC/B,gDAA+C+C,sBAAuB,YAAWE,MAAM,CAACpC,KAAK,CAACuC,OAAQ,EAAC,EACxG;QAAEX,GAAG,EAAEM,sBAAsB;QAAEM,UAAU~~,EAAEJ,MAAM,CAACpC,KAAK,CAACgC,QAAQ,CAAC~~;~~MAAE~~,~~CACrE,CAAC;IACH;IACA,OAAOI,MAAM,CAACK,IAAI;EACpB,CAAC,CAAC;AACN;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,~~OAAO,~~eAAeC~~,~~eAAeA,CACnCC,yBAAiC,EACjCC,cAAmB,EAEA;EAAA,IADnBlD,QAA8B,GAAAG,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAGF,~~KAAK~~;EAEtC;EACA~~,~~MAAMkD,UAAU,GAAG,MAAMC,gBAAgB,CACvCH,yBAAyB,EACzBjD,QACF,CAAC;;EAED;EACA,MAAMqD,cAAc,GAAGF,UAAU,CAACA,UAAU,CAAC/C,~~MAAM,~~GAAG,CAAC,CAAC~~;~~EACxD~~,~~IAAI~~,CAACiD,cAAc,EAAE;IACnB,MAAM,IAAI7D,oBAAoB,CAC5B,6EAA6E,EAC7E;MAAE8D,eAAe,EAAEL;IAA0B,CAC/C,CAAC;EACH;EAEA,IAAI,CAACC,cAAc,CAACK,GAAG,EAAE;IACvB,MAAM,IAAI3D,0BAA0B,CAAC,CAAC;EACxC;EAEA,MAAMhB,MAAM,CAACyE,cAAc,EAAEH,cAAc,CAACK,GAAG,EAAE,CAACL,cAAc,CAAC,CAAC;;EAElE;EACA,MAAMM,iBAAiB,GAAGzE,mBAAmB,CAACoC,KAAK,~~CAACxC~~,MAAM,~~CAAC0E~~,cAAc,CAAC,CAAC;EAC3E,MAAMb,sBAAsB,GAC1BgB,iBAAiB,CAAClC,OAAO,CAACmC,QAAQ,CAACC,iBAAiB,CACjDC,wBAAwB;EAE7B,IAAInB,sBAAsB,EAAE;IAC1B,MAAMoB,cAAc,GAAG,MAAMrB,iBAAiB,CAACC,sBAAsB,EAAE;MACrExC;IACF,CAAC,CAAC;IAEF,IAAI,CAAC4D,cAAc,CAACC,QAAQ,CAACZ,yBAAyB,CAAC,EAAE;MACvD,MAAM,~~IAAItD~~,8BAA8B,CACtC,wFAAwF,EACxF;QAAE2D,eAAe,EAAEL,yBAAyB;QAAET;MAAuB,CACvE,CAAC;IACH;EACF;EAEA,OAAOW,UAAU;AACnB;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,eAAeC,gBAAgBA,CAC7B3C,aAAqB,EACrBT,QAA8B,EAEX;EAAA,IADnB8D,MAAe,GAAA3D,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,IAAI;EAEtB,MAAMJ,KAAe,GAAG,EAAE;;EAE1B;EACA,MAAMgE,WAAW,GAAG,MAAMvD,4BAA4B,CAACC,aAAa,EAAE;IACpET;EACF,CAAC,CAAC;EACF,MAAMgE,QAAQ,GAAGjF,mBAAmB,CAACoC,KAAK,CAACxC,MAAM,CAACoF,WAAW,CAAC,CAAC;EAE/D,IAAID,MAAM,EAAE;IACV;IACA/D,KAAK,CAACkE,IAAI,CAACF,WAAW,CAAC;EACzB;;EAEA;EACA,MAAMG,cAAc,GAAGF,QAAQ,CAAC1C,OAAO,CAAC6C,eAAe,IAAI,EAAE;EAC7D,IAAID,cAAc,CAAC9D,MAAM,KAAK,CAAC,EAAE;IAC/B;IACA,IAAI,CAAC0D,MAAM,EAAE;MACX/D,KAAK,CAACkE,IAAI,CAACF,WAAW,CAAC;IACzB;IACA,OAAOhE,KAAK;EACd;EAEA,MAAMqE,mBAAmB,GAAGF,cAAc,CAAC,CAAC,CAAE;;EAE9C;EACA,MAAMG,WAAW,GAAG,MAAM7D,4BAA4B,CAAC4D,mBAAmB,EAAE;IAC1EpE;EACF,CAAC,CAAC;EACF,MAAMsE,QAAQ,GAAGvF,mBAAmB,CAACoC,KAAK,CAACxC,MAAM,CAAC0F,WAAW,CAAC,CAAC;;EAE/D;EACA,MAAMpC,uBAAuB,GAC3BqC,QAAQ,CAAChD,OAAO,CAACmC,QAAQ,CAACC,iBAAiB,CAACa,yBAAyB;EACvE,IAAI,CAACtC,uBAAuB,EAAE;IAC5B,MAAM,IAAIvC,mCAAmC,CAC1C,kDAAiD0E,mBAAoB,4CAA2C3D,aAAc,GAAE,EACjI;MAAEA,aAAa;MAAE+D,kBAAkB,EAAEJ;IAAoB,CAC3D,CAAC;EACH;EAEA,MAAMK,kBAAkB,GAAG,MAAMzC,wBAAwB,CACvDC,uBAAuB,EACvBxB,aAAa,EACb;IAAET;EAAS,CACb,CAAC;EACD;EACAhB,eAAe,CAACmC,KAAK,CAACxC,MAAM,CAAC8F,kBAAkB,CAAC,CAAC;;EAEjD;EACA1E,KAAK,CAACkE,IAAI,CAACQ,kBAAkB,CAAC;;EAE9B;EACA,MAAMC,WAAW,GAAG,MAAMtB,gBAAgB,CACxCgB,mBAAmB,EACnBpE,QAAQ,EACR,KACF,CAAC;EAED,OAAOD,KAAK,CAAC4E,MAAM,CAACD,WAAW,CAAC;AAClC"}
1	+ {"version":3,"names":["Build","Verify","Errors","Types"],"sourceRoot":"../../../src","sources":["trust/index.ts"],"mappings":"AAAA,OAAO,KAAKA,KAAK,MAAM,eAAe;AACtC,OAAO,KAAKC,MAAM,MAAM,gBAAgB;AACxC,OAAO,KAAKC,MAAM,MAAM,UAAU;AAClC,OAAO,KAAKC,KAAK,MAAM,SAAS;AAEhC,SAASH,KAAK,EAAEC,MAAM,EAAEC,MAAM,EAAEC,KAAK"}

package/lib/module/trust/utils.js CHANGED Viewed

@@ -1,4 +1,5 @@
 import { decode as decodeJwt, verify as verifyJwt } from "@pagopa/io-react-native-jwt";
+import { FederationError } from "./errors";
 // Verify a token signature
 // The kid is extracted from the token header
 export const verify = async (token, kid, jwks) => {
@@ -30,4 +31,30 @@ export const decode = token => {
     payload
   };
 };
+/**
+ * Extracts the X.509 Trust Anchor certificate (Base64 encoded) from the
+ * Trust Anchor's Entity Configuration.
+ *
+ * @param trustAnchorEntity The entity configuration of the known trust anchor.
+ * @returns The Base64 encoded X.509 certificate string.
+ * @throws {FederationError} If the certificate cannot be derived.
+ */
+export function getTrustAnchorX509Certificate(trustAnchorEntity) {
+  const taHeaderKid = trustAnchorEntity.header.kid;
+  const taSigningJwk = trustAnchorEntity.payload.jwks.keys.find(key => key.kid === taHeaderKid);
+  if (!taSigningJwk) {
+    throw new FederationError(`Cannot derive X.509 Trust Anchor certificate: JWK with kid '${taHeaderKid}' not found in Trust Anchor's JWKS.`, {
+      trustAnchorKid: taHeaderKid,
+      reason: "JWK not found for header kid"
+    });
+  }
+  if (taSigningJwk.x5c && taSigningJwk.x5c.length > 0 && taSigningJwk.x5c[0]) {
+    return taSigningJwk.x5c[0];
+  }
+  throw new FederationError(`Cannot derive X.509 Trust Anchor certificate: JWK with kid '${taHeaderKid}' does not contain a valid 'x5c' certificate array.`, {
+    trustAnchorKid: taHeaderKid,
+    reason: "Missing or empty x5c in JWK"
+  });
+}
 //# sourceMappingURL=utils.js.map

package/lib/module/trust/utils.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"names":["decode","decodeJwt","verify","verifyJwt","token","kid","jwks","jwk","find","k","Error","protectedHeader","header","payload"],"sourceRoot":"../../../src","sources":["trust/utils.ts"],"mappings":"AAAA,SACEA,MAAM,IAAIC,SAAS,EACnBC,MAAM,IAAIC,SAAS,QACd,6BAA6B;~~AASpC~~;AACA;AACA,OAAO,~~MAAMD~~,MAAM,GAAG,MAAAA,~~CACpBE~~,KAAa,EACbC,GAAW,EACXC,IAAW,KACc;EACzB,MAAMC,GAAG,GAAGD,IAAI,CAACE,IAAI,CAAEC,CAAC,IAAKA,CAAC,CAACJ,GAAG,KAAKA,GAAG,CAAC;EAC3C,IAAI,CAACE,GAAG,EAAE;IACR,MAAM,IAAIG,KAAK,CAAE,gBAAeL,GAAI,YAAWD,KAAM,EAAC,CAAC;EACzD;EACA,MAAM;IAAEO,eAAe,EAAEC,MAAM;IAAEC;EAAQ,CAAC,GAAG,~~MAAMV~~,SAAS,~~CAACC~~,KAAK,EAAEG,GAAG,CAAC;EACxE,OAAO;IAAEK,MAAM;IAAEC;EAAQ,CAAC;AAC5B,CAAC;;AAED;AACA;AACA;AACA;AACA,OAAO,~~MAAMb~~,MAAM,~~GAAII~~,KAAa,IAAkB;EACpD,MAAM;IAAEO,eAAe,EAAEC,MAAM;IAAEC;EAAQ,CAAC,~~GAAGZ~~,SAAS,~~CAACG~~,KAAK,CAAC;EAC7D,OAAO;IAAEQ,MAAM;IAAEC;EAAQ,CAAC;AAC5B,CAAC"}
1	+ {"version":3,"names":["decode","decodeJwt","verify","verifyJwt","FederationError","token","kid","jwks","jwk","find","k","Error","protectedHeader","header","payload","getTrustAnchorX509Certificate","trustAnchorEntity","taHeaderKid","taSigningJwk","keys","key","trustAnchorKid","reason","x5c","length"],"sourceRoot":"../../../src","sources":["trust/utils.ts"],"mappings":"AAAA,SACEA,MAAM,IAAIC,SAAS,EACnBC,MAAM,IAAIC,SAAS,QACd,6BAA6B;AAGpC,SAASC,eAAe,QAAQ,UAAU;AAQ1C;AACA;AACA,OAAO,MAAMF,MAAM,GAAG,MAAAA,CACpBG,KAAa,EACbC,GAAW,EACXC,IAAW,KACc;EACzB,MAAMC,GAAG,GAAGD,IAAI,CAACE,IAAI,CAAEC,CAAC,IAAKA,CAAC,CAACJ,GAAG,KAAKA,GAAG,CAAC;EAC3C,IAAI,CAACE,GAAG,EAAE;IACR,MAAM,IAAIG,KAAK,CAAE,gBAAeL,GAAI,YAAWD,KAAM,EAAC,CAAC;EACzD;EACA,MAAM;IAAEO,eAAe,EAAEC,MAAM;IAAEC;EAAQ,CAAC,GAAG,MAAMX,SAAS,CAACE,KAAK,EAAEG,GAAG,CAAC;EACxE,OAAO;IAAEK,MAAM;IAAEC;EAAQ,CAAC;AAC5B,CAAC;;AAED;AACA;AACA;AACA;AACA,OAAO,MAAMd,MAAM,GAAIK,KAAa,IAAkB;EACpD,MAAM;IAAEO,eAAe,EAAEC,MAAM;IAAEC;EAAQ,CAAC,GAAGb,SAAS,CAACI,KAAK,CAAC;EAC7D,OAAO;IAAEQ,MAAM;IAAEC;EAAQ,CAAC;AAC5B,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,SAASC,6BAA6BA,CAC3CC,iBAAiD,EACzC;EACR,MAAMC,WAAW,GAAGD,iBAAiB,CAACH,MAAM,CAACP,GAAG;EAChD,MAAMY,YAAY,GAAGF,iBAAiB,CAACF,OAAO,CAACP,IAAI,CAACY,IAAI,CAACV,IAAI,CAC1DW,GAAG,IAAKA,GAAG,CAACd,GAAG,KAAKW,WACvB,CAAC;EAED,IAAI,CAACC,YAAY,EAAE;IACjB,MAAM,IAAId,eAAe,CACtB,+DAA8Da,WAAY,qCAAoC,EAC/G;MAAEI,cAAc,EAAEJ,WAAW;MAAEK,MAAM,EAAE;IAA+B,CACxE,CAAC;EACH;EAEA,IAAIJ,YAAY,CAACK,GAAG,IAAIL,YAAY,CAACK,GAAG,CAACC,MAAM,GAAG,CAAC,IAAIN,YAAY,CAACK,GAAG,CAAC,CAAC,CAAC,EAAE;IAC1E,OAAOL,YAAY,CAACK,GAAG,CAAC,CAAC,CAAC;EAC5B;EAEA,MAAM,IAAInB,eAAe,CACtB,+DAA8Da,WAAY,qDAAoD,EAC/H;IAAEI,cAAc,EAAEJ,WAAW;IAAEK,MAAM,EAAE;EAA8B,CACvE,CAAC;AACH"}

package/lib/module/trust/{chain.js → verify-chain.js} RENAMED Viewed

@@ -1,8 +1,9 @@
 import { EntityConfiguration, EntityStatement, TrustAnchorEntityConfiguration } from "./types";
 import * as z from "zod";
-import { getSignedEntityConfiguration, getSignedEntityStatement } from ".";
-import { decode, verify } from "./utils";
-import { MissingFederationFetchEndpointError, TrustChainEmptyError, TrustChainRenewalError, TrustChainTokenMissingError } from "./errors";
+import { decode, getTrustAnchorX509Certificate, verify } from "./utils";
+import { FederationError, MissingFederationFetchEndpointError, MissingX509CertsError, TrustChainEmptyError, TrustChainRenewalError, TrustChainTokenMissingError, X509ValidationError } from "./errors";
+import { verifyCertificateChain } from "@pagopa/io-react-native-crypto";
+import { getSignedEntityConfiguration, getSignedEntityStatement } from "./build-chain";
 // The first element of the chain is supposed to be the Entity Configuration for the document issuer
 const FirstElementShape = EntityConfiguration;
@@ -13,14 +14,15 @@ const MiddleElementShape = EntityStatement;
 const LastElementShape = z.union([EntityStatement, TrustAnchorEntityConfiguration]);
 /**
- * Validates a provided trust chain against a known trust
+ * Validates a provided trust chain against a known trust anchor, including X.509 certificate checks.
  *
- * @param trustAnchorEntity The entity configuration of the known trust anchor
- * @param chain The chain of statements to be validated
- * @returns The list of parsed token representing the chain
- * @throws {FederationError} If the chain is not valid
+ * @param trustAnchorEntity The entity configuration of the known trust anchor (for JWT validation).
+ * @param chain The chain of statements to be validated.
+ * @param x509Options Options for X.509 certificate validation.
+ * @returns The list of parsed tokens representing the chain.
+ * @throws {FederationError} If the chain is not valid (JWT or X.509). Specific errors like TrustChainEmptyError, X509ValidationError may be thrown.
  */
-export async function validateTrustChain(trustAnchorEntity, chain) {
+export async function validateTrustChain(trustAnchorEntity, chain, x509Options) {
   // If the chain is empty, fail
   if (chain.length === 0) {
     throw new TrustChainEmptyError("Cannot verify empty trust chain.");
@@ -29,7 +31,7 @@ export async function validateTrustChain(trustAnchorEntity, chain) {
   // Select the expected token shape
   const selectTokenShape = elementIndex => elementIndex === 0 ? FirstElementShape : elementIndex === chain.length - 1 ? LastElementShape : MiddleElementShape;
-  // select the kid from the current index
+  // Select the kid from the current index
   const selectKid = currentIndex => {
     const token = chain[currentIndex];
     if (!token) {
@@ -41,8 +43,8 @@ export async function validateTrustChain(trustAnchorEntity, chain) {
     return shape.parse(decode(token)).header.kid;
   };
-  // select keys from the next token
-  // if the current token is the last, keys from trust anchor will be used
+  // Select keys from the next token
+  // If the current token is the last, keys from trust anchor will be used
   const selectKeys = currentIndex => {
     if (currentIndex === chain.length - 1) {
       return trustAnchorEntity.payload.jwks.keys;
@@ -57,10 +59,45 @@ export async function validateTrustChain(trustAnchorEntity, chain) {
     const shape = selectTokenShape(nextIndex);
     return shape.parse(decode(nextToken)).payload.jwks.keys;
   };
+  const x509TrustAnchorCertBase64 = getTrustAnchorX509Certificate(trustAnchorEntity);
   // Iterate the chain and validate each element's signature against the public keys of its next
   // If there is no next, hence it's the end of the chain, and it must be verified by the Trust Anchor
-  return Promise.all(chain.map((token, i) => [token, selectKid(i), selectKeys(i)]).map(args => verify(...args)));
+  const validationPromises = chain.map(async (tokenString, i) => {
+    const kidFromTokenHeader = selectKid(i);
+    const signerJwks = selectKeys(i);
+    // Step 1: Verify JWT signature
+    const parsedToken = await verify(tokenString, kidFromTokenHeader, signerJwks);
+    // Step 2: X.509 Certificate Chain Validation
+    const jwkUsedForVerification = signerJwks.find(k => k.kid === kidFromTokenHeader);
+    if (!jwkUsedForVerification) {
+      throw new FederationError(`JWK with kid '${kidFromTokenHeader}' was not found in signer's JWKS for token at index ${i}, though JWT verification passed.`, {
+        tokenIndex: i,
+        kid: kidFromTokenHeader
+      });
+    }
+    if (!jwkUsedForVerification.x5c || jwkUsedForVerification.x5c.length === 0) {
+      throw new MissingX509CertsError(`JWK with kid '${kidFromTokenHeader}' does not contain an X.509 certificate chain (x5c) for token at index ${i}.`);
+    }
+    // If the chain has more than one certificate AND
+    // the last certificate in the x5c chain is the same as the trust anchor,
+    // remove the anchor from the chain being passed, as it's supplied separately.
+    const certChainBase64 = jwkUsedForVerification.x5c.length > 1 && jwkUsedForVerification.x5c.at(-1) === x509TrustAnchorCertBase64 ? jwkUsedForVerification.x5c.slice(0, -1) : jwkUsedForVerification.x5c;
+    const x509ValidationResult = await verifyCertificateChain(certChainBase64, x509TrustAnchorCertBase64, x509Options);
+    if (!x509ValidationResult.isValid) {
+      throw new X509ValidationError(`X.509 certificate chain validation failed for token at index ${i} (kid: ${kidFromTokenHeader}). Status: ${x509ValidationResult.validationStatus}. Error: ${x509ValidationResult.errorMessage}`, {
+        tokenIndex: i,
+        kid: kidFromTokenHeader,
+        x509ValidationStatus: x509ValidationResult.validationStatus,
+        x509ErrorMessage: x509ValidationResult.errorMessage
+      });
+    }
+    return parsedToken;
+  });
+  return Promise.all(validationPromises);
 }
 /**
@@ -105,4 +142,38 @@ export async function renewTrustChain(chain) {
     });
   }));
 }
-//# sourceMappingURL=chain.js.map
+/**
+ * Verify a given trust chain is actually valid.
+ * It can handle fast chain renewal, which means we try to fetch a fresh version of each statement.
+ *
+ * @param trustAnchorEntity The entity configuration of the known trust anchor
+ * @param chain The chain of statements to be validated
+ * @param x509Options Options for the verification process
+ * @param appFetch (optional) fetch api implementation
+ * @param renewOnFail Whether to attempt to renew the trust chain if the initial validation fails
+ * @returns The result of the chain validation
+ * @throws {FederationError} If the chain is not valid
+ */
+export async function verifyTrustChain(trustAnchorEntity, chain) {
+  let x509Options = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : {
+    connectTimeout: 10000,
+    readTimeout: 10000,
+    requireCrl: true
+  };
+  let {
+    appFetch = fetch,
+    renewOnFail = true
+  } = arguments.length > 3 && arguments[3] !== undefined ? arguments[3] : {};
+  try {
+    return validateTrustChain(trustAnchorEntity, chain, x509Options);
+  } catch (error) {
+    if (renewOnFail) {
+      const renewedChain = await renewTrustChain(chain, appFetch);
+      return validateTrustChain(trustAnchorEntity, renewedChain, x509Options);
+    } else {
+      throw error;
+    }
+  }
+}
+//# sourceMappingURL=verify-chain.js.map

package/lib/module/trust/verify-chain.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"names":["EntityConfiguration","EntityStatement","TrustAnchorEntityConfiguration","z","decode","getTrustAnchorX509Certificate","verify","FederationError","MissingFederationFetchEndpointError","MissingX509CertsError","TrustChainEmptyError","TrustChainRenewalError","TrustChainTokenMissingError","X509ValidationError","verifyCertificateChain","getSignedEntityConfiguration","getSignedEntityStatement","FirstElementShape","MiddleElementShape","LastElementShape","union","validateTrustChain","trustAnchorEntity","chain","x509Options","length","selectTokenShape","elementIndex","selectKid","currentIndex","token","index","shape","parse","header","kid","selectKeys","payload","jwks","keys","nextIndex","nextToken","x509TrustAnchorCertBase64","validationPromises","map","tokenString","i","kidFromTokenHeader","signerJwks","parsedToken","jwkUsedForVerification","find","k","tokenIndex","x5c","certChainBase64","at","slice","x509ValidationResult","isValid","validationStatus","errorMessage","x509ValidationStatus","x509ErrorMessage","Promise","all","renewTrustChain","appFetch","arguments","undefined","fetch","decoded","entityStatementResult","safeParse","entityConfigurationResult","success","data","iss","entityStatement","parentBaseUrl","parentECJwt","parentEC","federationFetchEndpoint","metadata","federation_entity","federation_fetch_endpoint","sub","entityBaseUrl","missingInEntityUrl","originalChain","verifyTrustChain","connectTimeout","readTimeout","requireCrl","renewOnFail","error","renewedChain"],"sourceRoot":"../../../src","sources":["trust/verify-chain.ts"],"mappings":"AAAA,SACEA,mBAAmB,EACnBC,eAAe,EACfC,8BAA8B,QACzB,SAAS;AAEhB,OAAO,KAAKC,CAAC,MAAM,KAAK;AACxB,SACEC,MAAM,EACNC,6BAA6B,EAE7BC,MAAM,QACD,SAAS;AAChB,SACEC,eAAe,EACfC,mCAAmC,EACnCC,qBAAqB,EACrBC,oBAAoB,EACpBC,sBAAsB,EACtBC,2BAA2B,EAC3BC,mBAAmB,QACd,UAAU;AACjB,SAEEC,sBAAsB,QAEjB,gCAAgC;AACvC,SACEC,4BAA4B,EAC5BC,wBAAwB,QACnB,eAAe;;AAEtB;AACA,MAAMC,iBAAiB,GAAGjB,mBAAmB;AAC7C;AACA,MAAMkB,kBAAkB,GAAGjB,eAAe;AAC1C;AACA;AACA,MAAMkB,gBAAgB,GAAGhB,CAAC,CAACiB,KAAK,CAAC,CAC/BnB,eAAe,EACfC,8BAA8B,CAC/B,CAAC;;AAEF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,eAAemB,kBAAkBA,CACtCC,iBAAiD,EACjDC,KAAe,EACfC,WAAmC,EACX;EACxB;EACA,IAAID,KAAK,CAACE,MAAM,KAAK,CAAC,EAAE;IACtB,MAAM,IAAIf,oBAAoB,CAAC,kCAAkC,CAAC;EACpE;;EAEA;EACA,MAAMgB,gBAAgB,GAAIC,YAAoB,IAC5CA,YAAY,KAAK,CAAC,GACdV,iBAAiB,GACjBU,YAAY,KAAKJ,KAAK,CAACE,MAAM,GAAG,CAAC,GAC/BN,gBAAgB,GAChBD,kBAAkB;;EAE1B;EACA,MAAMU,SAAS,GAAIC,YAAoB,IAAa;IAClD,MAAMC,KAAK,GAAGP,KAAK,CAACM,YAAY,CAAC;IACjC,IAAI,CAACC,KAAK,EAAE;MACV,MAAM,IAAIlB,2BAA2B,CAClC,0BAAyBiB,YAAa,kBAAiB,EACxD;QAAEE,KAAK,EAAEF;MAAa,CACxB,CAAC;IACH;IACA,MAAMG,KAAK,GAAGN,gBAAgB,CAACG,YAAY,CAAC;IAC5C,OAAOG,KAAK,CAACC,KAAK,CAAC7B,MAAM,CAAC0B,KAAK,CAAC,CAAC,CAACI,MAAM,CAACC,GAAG;EAC9C,CAAC;;EAED;EACA;EACA,MAAMC,UAAU,GAAIP,YAAoB,IAAY;IAClD,IAAIA,YAAY,KAAKN,KAAK,CAACE,MAAM,GAAG,CAAC,EAAE;MACrC,OAAOH,iBAAiB,CAACe,OAAO,CAACC,IAAI,CAACC,IAAI;IAC5C;IAEA,MAAMC,SAAS,GAAGX,YAAY,GAAG,CAAC;IAClC,MAAMY,SAAS,GAAGlB,KAAK,CAACiB,SAAS,CAAC;IAClC,IAAI,CAACC,SAAS,EAAE;MACd,MAAM,IAAI7B,2BAA2B,CAClC,+BAA8B4B,SAAU,kCAAiCX,YAAa,IAAG,EAC1F;QAAEE,KAAK,EAAES;MAAU,CACrB,CAAC;IACH;IACA,MAAMR,KAAK,GAAGN,gBAAgB,CAACc,SAAS,CAAC;IACzC,OAAOR,KAAK,CAACC,KAAK,CAAC7B,MAAM,CAACqC,SAAS,CAAC,CAAC,CAACJ,OAAO,CAACC,IAAI,CAACC,IAAI;EACzD,CAAC;EAED,MAAMG,yBAAyB,GAC7BrC,6BAA6B,CAACiB,iBAAiB,CAAC;;EAElD;EACA;EACA,MAAMqB,kBAAkB,GAAGpB,KAAK,CAACqB,GAAG,CAAC,OAAOC,WAAW,EAAEC,CAAC,KAAK;IAC7D,MAAMC,kBAAkB,GAAGnB,SAAS,CAACkB,CAAC,CAAC;IACvC,MAAME,UAAU,GAAGZ,UAAU,CAACU,CAAC,CAAC;;IAEhC;IACA,MAAMG,WAAW,GAAG,MAAM3C,MAAM,CAC9BuC,WAAW,EACXE,kBAAkB,EAClBC,UACF,CAAC;;IAED;IACA,MAAME,sBAAsB,GAAGF,UAAU,CAACG,IAAI,CAC3CC,CAAC,IAAKA,CAAC,CAACjB,GAAG,KAAKY,kBACnB,CAAC;IAED,IAAI,CAACG,sBAAsB,EAAE;MAC3B,MAAM,IAAI3C,eAAe,CACtB,iBAAgBwC,kBAAmB,uDAAsDD,CAAE,mCAAkC,EAC9H;QAAEO,UAAU,EAAEP,CAAC;QAAEX,GAAG,EAAEY;MAAmB,CAC3C,CAAC;IACH;IAEA,IACE,CAACG,sBAAsB,CAACI,GAAG,IAC3BJ,sBAAsB,CAACI,GAAG,CAAC7B,MAAM,KAAK,CAAC,EACvC;MACA,MAAM,IAAIhB,qBAAqB,CAC5B,iBAAgBsC,kBAAmB,0EAAyED,CAAE,GACjH,CAAC;IACH;;IAEA;IACA;IACA;IACA,MAAMS,eAAe,GACnBL,sBAAsB,CAACI,GAAG,CAAC7B,MAAM,GAAG,CAAC,IACrCyB,sBAAsB,CAACI,GAAG,CAACE,EAAE,CAAC,CAAC,CAAC,CAAC,KAAKd,yBAAyB,GAC3DQ,sBAAsB,CAACI,GAAG,CAACG,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GACvCP,sBAAsB,CAACI,GAAG;IAEhC,MAAMI,oBAAiD,GACrD,MAAM5C,sBAAsB,CAC1ByC,eAAe,EACfb,yBAAyB,EACzBlB,WACF,CAAC;IAEH,IAAI,CAACkC,oBAAoB,CAACC,OAAO,EAAE;MACjC,MAAM,IAAI9C,mBAAmB,CAC1B,gEAA+DiC,CAAE,UAASC,kBAAmB,cAAaW,oBAAoB,CAACE,gBAAiB,YAAWF,oBAAoB,CAACG,YAAa,EAAC,EAC/L;QACER,UAAU,EAAEP,CAAC;QACbX,GAAG,EAAEY,kBAAkB;QACvBe,oBAAoB,EAAEJ,oBAAoB,CAACE,gBAAgB;QAC3DG,gBAAgB,EAAEL,oBAAoB,CAACG;MACzC,CACF,CAAC;IACH;IACA,OAAOZ,WAAW;EACpB,CAAC,CAAC;EAEF,OAAOe,OAAO,CAACC,GAAG,CAACtB,kBAAkB,CAAC;AACxC;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,eAAeuB,eAAeA,CACnC3C,KAAe,EAEI;EAAA,IADnB4C,QAA8B,GAAAC,SAAA,CAAA3C,MAAA,QAAA2C,SAAA,QAAAC,SAAA,GAAAD,SAAA,MAAGE,KAAK;EAEtC,OAAON,OAAO,CAACC,GAAG,CAChB1C,KAAK,CAACqB,GAAG,CAAC,OAAOd,KAAK,EAAEC,KAAK,KAAK;IAChC,MAAMwC,OAAO,GAAGnE,MAAM,CAAC0B,KAAK,CAAC;IAE7B,MAAM0C,qBAAqB,GAAGvE,eAAe,CAACwE,SAAS,CAACF,OAAO,CAAC;IAChE,MAAMG,yBAAyB,GAAG1E,mBAAmB,CAACyE,SAAS,CAACF,OAAO,CAAC;IAExE,IAAIG,yBAAyB,CAACC,OAAO,EAAE;MACrC,OAAO5D,4BAA4B,CACjC2D,yBAAyB,CAACE,IAAI,CAACvC,OAAO,CAACwC,GAAG,EAC1C;QAAEV;MAAS,CACb,CAAC;IACH;IACA,IAAIK,qBAAqB,CAACG,OAAO,EAAE;MACjC,MAAMG,eAAe,GAAGN,qBAAqB,CAACI,IAAI;MAElD,MAAMG,aAAa,GAAGD,eAAe,CAACzC,OAAO,CAACwC,GAAG;MACjD,MAAMG,WAAW,GAAG,MAAMjE,4BAA4B,CAACgE,aAAa,EAAE;QACpEZ;MACF,CAAC,CAAC;MACF,MAAMc,QAAQ,GAAGjF,mBAAmB,CAACiC,KAAK,CAAC7B,MAAM,CAAC4E,WAAW,CAAC,CAAC;MAE/D,MAAME,uBAAuB,GAC3BD,QAAQ,CAAC5C,OAAO,CAAC8C,QAAQ,CAACC,iBAAiB,CAACC,yBAAyB;MACvE,IAAI,CAACH,uBAAuB,EAAE;QAC5B,MAAM,IAAI1E,mCAAmC,CAC1C,gBAAeuE,aAAc,8DAA6DD,eAAe,CAACzC,OAAO,CAACiD,GAAI,GAAE,EACzH;UACEC,aAAa,EAAET,eAAe,CAACzC,OAAO,CAACiD,GAAG;UAC1CE,kBAAkB,EAAET;QACtB,CACF,CAAC;MACH;MACA,OAAO/D,wBAAwB,CAC7BkE,uBAAuB,EACvBJ,eAAe,CAACzC,OAAO,CAACiD,GAAG,EAC3B;QAAEnB;MAAS,CACb,CAAC;IACH;IACA,MAAM,IAAIxD,sBAAsB,CAC7B,iDAAgDoB,KAAM,mBAAkB,EACzE;MAAE0D,aAAa,EAAElE;IAAM,CACzB,CAAC;EACH,CAAC,CACH,CAAC;AACH;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,eAAemE,gBAAgBA,CACpCpE,iBAAiD,EACjDC,KAAe,EAUiC;EAAA,IAThDC,WAAmC,GAAA4C,SAAA,CAAA3C,MAAA,QAAA2C,SAAA,QAAAC,SAAA,GAAAD,SAAA,MAAG;IACpCuB,cAAc,EAAE,KAAK;IACrBC,WAAW,EAAE,KAAK;IAClBC,UAAU,EAAE;EACd,CAAC;EAAA,IACD;IACE1B,QAAQ,GAAGG,KAAK;IAChBwB,WAAW,GAAG;EAC4C,CAAC,GAAA1B,SAAA,CAAA3C,MAAA,QAAA2C,SAAA,QAAAC,SAAA,GAAAD,SAAA,MAAG,CAAC,CAAC;EAElE,IAAI;IACF,OAAO/C,kBAAkB,CAACC,iBAAiB,EAAEC,KAAK,EAAEC,WAAW,CAAC;EAClE,CAAC,CAAC,OAAOuE,KAAK,EAAE;IACd,IAAID,WAAW,EAAE;MACf,MAAME,YAAY,GAAG,MAAM9B,eAAe,CAAC3C,KAAK,EAAE4C,QAAQ,CAAC;MAC3D,OAAO9C,kBAAkB,CAACC,iBAAiB,EAAE0E,YAAY,EAAExE,WAAW,CAAC;IACzE,CAAC,MAAM;MACL,MAAMuE,KAAK;IACb;EACF;AACF"}

package/lib/module/utils/errors.js CHANGED Viewed

@@ -1,4 +1,4 @@
-import { IssuerResponseErrorCodes, WalletProviderResponseErrorCodes, RelyingPartyResponseErrorCodes } from "./error-codes";
+import { IssuerResponseErrorCodes, RelyingPartyResponseErrorCodes, WalletProviderResponseErrorCodes } from "./error-codes";
 export { IssuerResponseErrorCodes, WalletProviderResponseErrorCodes, RelyingPartyResponseErrorCodes };
 // An error reason that supports both a string and a generic JSON object

package/lib/module/utils/errors.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"names":["IssuerResponseErrorCodes","~~WalletProviderResponseErrorCodes~~","~~RelyingPartyResponseErrorCodes~~","serializeAttrs","attrs","Object","entries","filter","_ref","v","undefined","map","_ref2","k","Array","isArray","join","JSON","stringify","_","IoWalletError","Error","code","constructor","message","name","ValidationFailed","_ref3","claim","reason","UnexpectedStatusCodeError","_ref4","statusCode","IssuerResponseError","params","IssuerGenericError","WalletProviderResponseError","WalletProviderGenericError","RelyingPartyResponseError","RelyingPartyGenericError","extractErrorMessageFromIssuerConf","errorCode","_ref5","issuerConf","credentialType","credentialConfiguration","openid_credential_issuer","credential_configurations_supported","issuance_errors_supported","localesList","display","reduce","acc","_ref6","locale","rest","makeErrorTypeGuard","ErrorClass","error","isIssuerResponseError","isWalletProviderResponseError","isRelyingPartyResponseError","ResponseErrorBuilder","errorCases","handle","status","buildFrom","originalError"],"sourceRoot":"../../../src","sources":["utils/errors.ts"],"mappings":"~~AAEA~~,~~SACEA~~,wBAAwB,~~EACxBC~~,~~gCAAgC~~,~~EAChCC~~,~~8BAA8B~~,~~QAIzB~~,eAAe;~~AAEtB~~,SACEF,wBAAwB,~~EACxBC~~,gCAAgC,~~EAChCC~~,8BAA8B;;AAGhC;;AAGA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,~~MAAMC~~,cAAc,GACzBC,KAA8E,IAE9EC,MAAM,CAACC,OAAO,CAACF,KAAK,CAAC,CAClBG,MAAM,CAACC,IAAA;EAAA,IAAC,GAAGC,CAAC,CAAC,GAAAD,IAAA;EAAA,OAAKC,CAAC,KAAKC,SAAS;AAAA,EAAC,CAClCC,GAAG,CAACC,KAAA,IAAY;EAAA,IAAX,CAACC,CAAC,EAAEJ,CAAC,CAAC,GAAAG,KAAA;EACV,IAAIE,KAAK,CAACC,OAAO,CAACN,CAAC,CAAC,EAAE,OAAO,CAACI,CAAC,EAAG,IAAGJ,CAAC,CAACO,IAAI,CAAC,IAAI,CAAE,GAAE,CAAC;EACrD,IAAI,OAAOP,CAAC,KAAK,QAAQ,EAAE,OAAO,CAACI,CAAC,EAAEI,IAAI,CAACC,SAAS,CAACT,CAAC,CAAC,CAAC;EACxD,OAAO,CAACI,CAAC,EAAEJ,CAAC,CAAC;AACf,CAAC,CAAC,CACDE,GAAG,CAAEQ,CAAC,IAAKA,CAAC,CAACH,IAAI,CAAC,GAAG,CAAC,CAAC,CACvBA,IAAI,CAAC,GAAG,CAAC;;AAEd;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMI,aAAa,SAASC,KAAK,CAAC;EACvC;EACAC,IAAI,GAAW,uBAAuB;EAEtCC,WAAWA,CAACC,OAAgB,EAAE;IAC5B,KAAK,CAACA,OAAO,CAAC;IACd,IAAI,CAACC,IAAI,GAAG,IAAI,CAACF,WAAW,CAACE,IAAI;EACnC;AACF;;AAEA;AACA;AACA;AACA;AACA,OAAO,MAAMC,gBAAgB,SAASN,aAAa,CAAC;EAClDE,IAAI,GAAG,iCAAiC;;EAExC;;EAGA;;EAGAC,WAAWA,CAAAI,KAAA,EAQR;IAAA,IARS;MACVH,OAAO;MACPI,KAAK,GAAG,aAAa;MACrBC,MAAM,GAAG;IAKX,CAAC,GAAAF,KAAA;IACC,KAAK,CAACxB,cAAc,CAAC;MAAEqB,OAAO;MAAEI,KAAK;MAAEC;IAAO,CAAC,CAAC,CAAC;IACjD,IAAI,CAACD,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACC,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA,OAAO,MAAMC,yBAAyB,SAASV,aAAa,CAAC;EAC3DE,IAAI,GAAW,4BAA4B;EAI3CC,WAAWA,CAAAQ,KAAA,EAQR;IAAA,IARS;MACVP,OAAO;MACPK,MAAM;MACNG;IAKF,CAAC,GAAAD,KAAA;IACC,KAAK,CAAC5B,cAAc,CAAC;MAAEqB,OAAO;MAAEK,MAAM;MAAEG;IAAW,CAAC,CAAC,CAAC;IACtD,IAAI,CAACH,MAAM,GAAGA,MAAM;IACpB,IAAI,CAACG,UAAU,GAAGA,UAAU;EAC9B;AACF;;AAEA;AACA;AACA;AACA;AACA,OAAO,MAAMC,mBAAmB,SAASH,yBAAyB,CAAC;EAGjEP,WAAWA,CAACW,MAKX,EAAE;IACD,KAAK,CAACA,MAAM,CAAC;IACb,IAAI,CAACZ,IAAI,GAAGY,MAAM,CAACZ,IAAI,IAAItB,wBAAwB,CAACmC,kBAAkB;EACxE;AACF;;AAEA;AACA;AACA;AACA;AACA,OAAO,MAAMC,2BAA2B,SAASN,yBAAyB,CAAC;EAIzEP,WAAWA,CAACW,MAKX,EAAE;IACD,KAAK,CAACA,MAAM,CAAC;IACb,IAAI,CAACL,MAAM,GAAGK,MAAM,CAACL,MAAM;IAC3B,IAAI,CAACP,IAAI,GACPY,MAAM,CAACZ,IAAI,~~IACXrB~~,gCAAgC,~~CAACoC~~,0BAA0B;EAC/D;AACF;;AAEA;AACA;AACA;AACA;AACA,OAAO,MAAMC,yBAAyB,SAASR,yBAAyB,CAAC;EAGvEP,WAAWA,CAACW,MAKX,EAAE;IACD,KAAK,CAACA,MAAM,CAAC;IACb,IAAI,CAACZ,IAAI,GACPY,MAAM,CAACZ,IAAI,~~IAAIpB~~,8BAA8B,~~CAACqC~~,wBAAwB;EAC1E;AACF;AASA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,SAASC,iCAAiCA,CAC/CC,SAAiB,EAAAC,KAAA,EAQmB;EAAA,IAPpC;IACEC,UAAU;IACVC;EAIF,CAAC,GAAAF,KAAA;EAED,MAAMG,uBAAuB,GAC3BF,UAAU,CAACG,wBAAwB,CAACC,mCAAmC,CACrEH,cAAc,CACf;EAEH,IAAI,CAACC,uBAAuB,EAAE;IAC5B,MAAM,IAAIzB,aAAa,CACpB,8BAA6BwB,cAAe,qBAC/C,CAAC;EACH;EAEA,MAAM;IAAEI;EAA0B,CAAC,GAAGH,uBAAuB;EAE7D,IAAI,EAACG,yBAAyB,aAAzBA,yBAAyB,eAAzBA,yBAAyB,CAAGP,SAAS,CAAC,GAAE;IAC3C,OAAO/B,SAAS;EAClB;EAEA,MAAMuC,WAAW,GAAGD,yBAAyB,CAACP,SAAS,CAAC,CAAES,OAAO;EAEjE,OAAOD,WAAW,CAACE,MAAM,CACvB,CAACC,GAAG,EAAAC,KAAA;IAAA,IAAE;MAAEC,MAAM;MAAE,GAAGC;IAAK,CAAC,GAAAF,KAAA;IAAA,OAAM;MAAE,GAAGD,GAAG;MAAE,CAACE,MAAM,GAAGC;IAAK,CAAC;EAAA,CAAC,EAC1D,CAAC,CACH,CAAC;AACH;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMC,kBAAkB,GACuBC,UAAa,IAC1D,CAACC,KAAc,EAAEpC,IAA0B,KACzCoC,KAAK,YAAYD,UAAU,IAAIC,KAAK,CAACpC,IAAI,MAAMA,IAAI,IAAIoC,KAAK,CAACpC,IAAI,CAAC;AAEtE,OAAO,MAAMqC,qBAAqB,GAAGH,kBAAkB,CAACvB,mBAAmB,CAAC;AAC5E,OAAO,MAAM2B,6BAA6B,GAAGJ,kBAAkB,CAC7DpB,2BACF,CAAC;AACD,OAAO,MAAMyB,2BAA2B,GAAGL,kBAAkB,CAC3DlB,yBACF,CAAC;;AAED;;AAuBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMwB,oBAAoB,CAA6C;EACpEC,UAAU,GAEd,CAAC,CAAC;EAENxC,WAAWA,CAASkC,UAAa,EAAE;IAAA,KAAfA,UAAa,GAAbA,UAAa;EAAG;EAEpCO,MAAMA,CAACC,MAAoB,EAAE/B,MAAoB,EAAE;IACjD,IAAI,CAAC6B,UAAU,CAACE,MAAM,CAAC,GAAG/B,MAAM;IAChC,OAAO,IAAI;EACb;EAEAgC,SAASA,CAACC,aAAwC,EAAE;IAClD,MAAMjC,MAAM,GACV,IAAI,CAAC6B,UAAU,CAACI,aAAa,CAACnC,UAAU,CAAC,IAAI,IAAI,CAAC+B,UAAU,CAAC,GAAG,CAAC;IAEnE,IAAI7B,MAAM,EAAE;MACV,OAAO,IAAI,IAAI,CAACuB,UAAU,CAAC;QAAE,GAAGU,aAAa;QAAE,GAAGjC;MAAO,CAAC,CAAC;IAC7D;IAEA,OAAOiC,aAAa;EACtB;AACF"}
1	+ {"version":3,"names":["IssuerResponseErrorCodes","RelyingPartyResponseErrorCodes","WalletProviderResponseErrorCodes","serializeAttrs","attrs","Object","entries","filter","_ref","v","undefined","map","_ref2","k","Array","isArray","join","JSON","stringify","_","IoWalletError","Error","code","constructor","message","name","ValidationFailed","_ref3","claim","reason","UnexpectedStatusCodeError","_ref4","statusCode","IssuerResponseError","params","IssuerGenericError","WalletProviderResponseError","WalletProviderGenericError","RelyingPartyResponseError","RelyingPartyGenericError","extractErrorMessageFromIssuerConf","errorCode","_ref5","issuerConf","credentialType","credentialConfiguration","openid_credential_issuer","credential_configurations_supported","issuance_errors_supported","localesList","display","reduce","acc","_ref6","locale","rest","makeErrorTypeGuard","ErrorClass","error","isIssuerResponseError","isWalletProviderResponseError","isRelyingPartyResponseError","ResponseErrorBuilder","errorCases","handle","status","buildFrom","originalError"],"sourceRoot":"../../../src","sources":["utils/errors.ts"],"mappings":"AACA,SAEEA,wBAAwB,EAExBC,8BAA8B,EAE9BC,gCAAgC,QAC3B,eAAe;AAGtB,SACEF,wBAAwB,EACxBE,gCAAgC,EAChCD,8BAA8B;;AAGhC;;AAGA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAME,cAAc,GACzBC,KAA8E,IAE9EC,MAAM,CAACC,OAAO,CAACF,KAAK,CAAC,CAClBG,MAAM,CAACC,IAAA;EAAA,IAAC,GAAGC,CAAC,CAAC,GAAAD,IAAA;EAAA,OAAKC,CAAC,KAAKC,SAAS;AAAA,EAAC,CAClCC,GAAG,CAACC,KAAA,IAAY;EAAA,IAAX,CAACC,CAAC,EAAEJ,CAAC,CAAC,GAAAG,KAAA;EACV,IAAIE,KAAK,CAACC,OAAO,CAACN,CAAC,CAAC,EAAE,OAAO,CAACI,CAAC,EAAG,IAAGJ,CAAC,CAACO,IAAI,CAAC,IAAI,CAAE,GAAE,CAAC;EACrD,IAAI,OAAOP,CAAC,KAAK,QAAQ,EAAE,OAAO,CAACI,CAAC,EAAEI,IAAI,CAACC,SAAS,CAACT,CAAC,CAAC,CAAC;EACxD,OAAO,CAACI,CAAC,EAAEJ,CAAC,CAAC;AACf,CAAC,CAAC,CACDE,GAAG,CAAEQ,CAAC,IAAKA,CAAC,CAACH,IAAI,CAAC,GAAG,CAAC,CAAC,CACvBA,IAAI,CAAC,GAAG,CAAC;;AAEd;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMI,aAAa,SAASC,KAAK,CAAC;EACvC;EACAC,IAAI,GAAW,uBAAuB;EAEtCC,WAAWA,CAACC,OAAgB,EAAE;IAC5B,KAAK,CAACA,OAAO,CAAC;IACd,IAAI,CAACC,IAAI,GAAG,IAAI,CAACF,WAAW,CAACE,IAAI;EACnC;AACF;;AAEA;AACA;AACA;AACA;AACA,OAAO,MAAMC,gBAAgB,SAASN,aAAa,CAAC;EAClDE,IAAI,GAAG,iCAAiC;;EAExC;;EAGA;;EAGAC,WAAWA,CAAAI,KAAA,EAQR;IAAA,IARS;MACVH,OAAO;MACPI,KAAK,GAAG,aAAa;MACrBC,MAAM,GAAG;IAKX,CAAC,GAAAF,KAAA;IACC,KAAK,CAACxB,cAAc,CAAC;MAAEqB,OAAO;MAAEI,KAAK;MAAEC;IAAO,CAAC,CAAC,CAAC;IACjD,IAAI,CAACD,KAAK,GAAGA,KAAK;IAClB,IAAI,CAACC,MAAM,GAAGA,MAAM;EACtB;AACF;;AAEA;AACA;AACA;AACA,OAAO,MAAMC,yBAAyB,SAASV,aAAa,CAAC;EAC3DE,IAAI,GAAW,4BAA4B;EAI3CC,WAAWA,CAAAQ,KAAA,EAQR;IAAA,IARS;MACVP,OAAO;MACPK,MAAM;MACNG;IAKF,CAAC,GAAAD,KAAA;IACC,KAAK,CAAC5B,cAAc,CAAC;MAAEqB,OAAO;MAAEK,MAAM;MAAEG;IAAW,CAAC,CAAC,CAAC;IACtD,IAAI,CAACH,MAAM,GAAGA,MAAM;IACpB,IAAI,CAACG,UAAU,GAAGA,UAAU;EAC9B;AACF;;AAEA;AACA;AACA;AACA;AACA,OAAO,MAAMC,mBAAmB,SAASH,yBAAyB,CAAC;EAGjEP,WAAWA,CAACW,MAKX,EAAE;IACD,KAAK,CAACA,MAAM,CAAC;IACb,IAAI,CAACZ,IAAI,GAAGY,MAAM,CAACZ,IAAI,IAAItB,wBAAwB,CAACmC,kBAAkB;EACxE;AACF;;AAEA;AACA;AACA;AACA;AACA,OAAO,MAAMC,2BAA2B,SAASN,yBAAyB,CAAC;EAIzEP,WAAWA,CAACW,MAKX,EAAE;IACD,KAAK,CAACA,MAAM,CAAC;IACb,IAAI,CAACL,MAAM,GAAGK,MAAM,CAACL,MAAM;IAC3B,IAAI,CAACP,IAAI,GACPY,MAAM,CAACZ,IAAI,IACXpB,gCAAgC,CAACmC,0BAA0B;EAC/D;AACF;;AAEA;AACA;AACA;AACA;AACA,OAAO,MAAMC,yBAAyB,SAASR,yBAAyB,CAAC;EAGvEP,WAAWA,CAACW,MAKX,EAAE;IACD,KAAK,CAACA,MAAM,CAAC;IACb,IAAI,CAACZ,IAAI,GACPY,MAAM,CAACZ,IAAI,IAAIrB,8BAA8B,CAACsC,wBAAwB;EAC1E;AACF;AASA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,SAASC,iCAAiCA,CAC/CC,SAAiB,EAAAC,KAAA,EAQmB;EAAA,IAPpC;IACEC,UAAU;IACVC;EAIF,CAAC,GAAAF,KAAA;EAED,MAAMG,uBAAuB,GAC3BF,UAAU,CAACG,wBAAwB,CAACC,mCAAmC,CACrEH,cAAc,CACf;EAEH,IAAI,CAACC,uBAAuB,EAAE;IAC5B,MAAM,IAAIzB,aAAa,CACpB,8BAA6BwB,cAAe,qBAC/C,CAAC;EACH;EAEA,MAAM;IAAEI;EAA0B,CAAC,GAAGH,uBAAuB;EAE7D,IAAI,EAACG,yBAAyB,aAAzBA,yBAAyB,eAAzBA,yBAAyB,CAAGP,SAAS,CAAC,GAAE;IAC3C,OAAO/B,SAAS;EAClB;EAEA,MAAMuC,WAAW,GAAGD,yBAAyB,CAACP,SAAS,CAAC,CAAES,OAAO;EAEjE,OAAOD,WAAW,CAACE,MAAM,CACvB,CAACC,GAAG,EAAAC,KAAA;IAAA,IAAE;MAAEC,MAAM;MAAE,GAAGC;IAAK,CAAC,GAAAF,KAAA;IAAA,OAAM;MAAE,GAAGD,GAAG;MAAE,CAACE,MAAM,GAAGC;IAAK,CAAC;EAAA,CAAC,EAC1D,CAAC,CACH,CAAC;AACH;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMC,kBAAkB,GACuBC,UAAa,IAC1D,CAACC,KAAc,EAAEpC,IAA0B,KACzCoC,KAAK,YAAYD,UAAU,IAAIC,KAAK,CAACpC,IAAI,MAAMA,IAAI,IAAIoC,KAAK,CAACpC,IAAI,CAAC;AAEtE,OAAO,MAAMqC,qBAAqB,GAAGH,kBAAkB,CAACvB,mBAAmB,CAAC;AAC5E,OAAO,MAAM2B,6BAA6B,GAAGJ,kBAAkB,CAC7DpB,2BACF,CAAC;AACD,OAAO,MAAMyB,2BAA2B,GAAGL,kBAAkB,CAC3DlB,yBACF,CAAC;;AAED;;AAuBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMwB,oBAAoB,CAA6C;EACpEC,UAAU,GAEd,CAAC,CAAC;EAENxC,WAAWA,CAASkC,UAAa,EAAE;IAAA,KAAfA,UAAa,GAAbA,UAAa;EAAG;EAEpCO,MAAMA,CAACC,MAAoB,EAAE/B,MAAoB,EAAE;IACjD,IAAI,CAAC6B,UAAU,CAACE,MAAM,CAAC,GAAG/B,MAAM;IAChC,OAAO,IAAI;EACb;EAEAgC,SAASA,CAACC,aAAwC,EAAE;IAClD,MAAMjC,MAAM,GACV,IAAI,CAAC6B,UAAU,CAACI,aAAa,CAACnC,UAAU,CAAC,IAAI,IAAI,CAAC+B,UAAU,CAAC,GAAG,CAAC;IAEnE,IAAI7B,MAAM,EAAE;MACV,OAAO,IAAI,IAAI,CAACuB,UAAU,CAAC;QAAE,GAAGU,aAAa;QAAE,GAAGjC;MAAO,CAAC,CAAC;IAC7D;IAEA,OAAOiC,aAAa;EACtB;AACF"}

package/lib/typescript/credential/issuance/02-evaluate-issuer-trust.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"02-evaluate-issuer-trust.d.ts","sourceRoot":"","sources":["../../../../src/credential/issuance/02-evaluate-issuer-trust.ts"],"names":[],"mappings":"~~AACA~~,OAAO,EAAE,mCAAmC,EAAE,MAAM,mBAAmB,CAAC;AACxE,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AACjD,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,kBAAkB,CAAC;~~AAE5C~~,MAAM,MAAM,mBAAmB,GAAG,CAChC,SAAS,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC,WAAW,CAAC,EACtC,OAAO,CAAC,EAAE;IACR,QAAQ,CAAC,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC;CACjC,KACE,OAAO,CAAC;IACX,UAAU,EAAE,mCAAmC,CAAC,SAAS,CAAC,CAAC,UAAU,CAAC,CAAC;CACxE,CAAC,CAAC;AAEH;;;;;;;;GAQG;AACH,eAAO,MAAM,mBAAmB,EAAE,mBAQjC,CAAC"}
1	+ {"version":3,"file":"02-evaluate-issuer-trust.d.ts","sourceRoot":"","sources":["../../../../src/credential/issuance/02-evaluate-issuer-trust.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,mCAAmC,EAAE,MAAM,mBAAmB,CAAC;AACxE,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AACjD,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,kBAAkB,CAAC;AAG5C,MAAM,MAAM,mBAAmB,GAAG,CAChC,SAAS,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC,WAAW,CAAC,EACtC,OAAO,CAAC,EAAE;IACR,QAAQ,CAAC,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC;CACjC,KACE,OAAO,CAAC;IACX,UAAU,EAAE,mCAAmC,CAAC,SAAS,CAAC,CAAC,UAAU,CAAC,CAAC;CACxE,CAAC,CAAC;AAEH;;;;;;;;GAQG;AACH,eAAO,MAAM,mBAAmB,EAAE,mBAQjC,CAAC"}

package/lib/typescript/credential/presentation/02-evaluate-rp-trust.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"02-evaluate-rp-trust.d.ts","sourceRoot":"","sources":["../../../../src/credential/presentation/02-evaluate-rp-trust.ts"],"names":[],"mappings":"~~AACA~~,OAAO,EAAE,+BAA+B,EAAE,MAAM,mBAAmB,CAAC;AACpE,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAC;AAC3D,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,kBAAkB,CAAC;~~AAE5C~~,MAAM,MAAM,yBAAyB,GAAG,CACtC,KAAK,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC,WAAW,CAAC,EAClC,OAAO,CAAC,EAAE;IACR,QAAQ,CAAC,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC;CACjC,KACE,OAAO,CAAC;IACX,MAAM,EAAE,+BAA+B,CAAC,SAAS,CAAC,CAAC,UAAU,CAAC,CAAC;IAC/D,OAAO,EAAE,MAAM,CAAC;CACjB,CAAC,CAAC;AAEH;;;;;;;GAOG;AACH,eAAO,MAAM,yBAAyB,EAAE,yBAUvC,CAAC"}
1	+ {"version":3,"file":"02-evaluate-rp-trust.d.ts","sourceRoot":"","sources":["../../../../src/credential/presentation/02-evaluate-rp-trust.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,+BAA+B,EAAE,MAAM,mBAAmB,CAAC;AACpE,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAC;AAC3D,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,kBAAkB,CAAC;AAG5C,MAAM,MAAM,yBAAyB,GAAG,CACtC,KAAK,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC,WAAW,CAAC,EAClC,OAAO,CAAC,EAAE;IACR,QAAQ,CAAC,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC;CACjC,KACE,OAAO,CAAC;IACX,MAAM,EAAE,+BAA+B,CAAC,SAAS,CAAC,CAAC,UAAU,CAAC,CAAC;IAC/D,OAAO,EAAE,MAAM,CAAC;CACjB,CAAC,CAAC;AAEH;;;;;;;GAOG;AACH,eAAO,MAAM,yBAAyB,EAAE,yBAUvC,CAAC"}

package/lib/typescript/credential/presentation/05-verify-request-object.d.ts CHANGED Viewed

@@ -1,5 +1,5 @@
-import type { RelyingPartyEntityConfiguration } from "../../trust";
 import { RequestObject } from "./types";
+import type { RelyingPartyEntityConfiguration } from "../../trust/types";
 export type VerifyRequestObject = (requestObjectEncodedJwt: string, context: {
     clientId: string;
     rpConf: RelyingPartyEntityConfiguration["payload"]["metadata"];

package/lib/typescript/credential/presentation/05-verify-request-object.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"05-verify-request-object.d.ts","sourceRoot":"","sources":["../../../../src/credential/presentation/05-verify-request-object.ts"],"names":[],"mappings":"~~AACA~~,OAAO,~~KAAK,~~EAAE~~,+BAA+B~~,EAAE,MAAM,~~aAAa~~,CAAC;~~AAEnE~~,OAAO,EAAE,~~aAAa,~~EAAE,MAAM,~~SAAS~~,CAAC;~~AAGxC~~,MAAM,MAAM,mBAAmB,GAAG,CAChC,uBAAuB,EAAE,MAAM,EAC/B,OAAO,EAAE;IACP,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,+BAA+B,CAAC,SAAS,CAAC,CAAC,UAAU,CAAC,CAAC;IAC/D,SAAS,EAAE,MAAM,CAAC;IAClB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB,KACE,OAAO,CAAC;IAAE,aAAa,EAAE,aAAa,CAAA;CAAE,CAAC,CAAC;AAE/C;;;;;;;;GAQG;AACH,eAAO,MAAM,mBAAmB,EAAE,mBAsCjC,CAAC"}
1	+ {"version":3,"file":"05-verify-request-object.d.ts","sourceRoot":"","sources":["../../../../src/credential/presentation/05-verify-request-object.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AAExC,OAAO,KAAK,EAAE,+BAA+B,EAAE,MAAM,mBAAmB,CAAC;AAEzE,MAAM,MAAM,mBAAmB,GAAG,CAChC,uBAAuB,EAAE,MAAM,EAC/B,OAAO,EAAE;IACP,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,+BAA+B,CAAC,SAAS,CAAC,CAAC,UAAU,CAAC,CAAC;IAC/D,SAAS,EAAE,MAAM,CAAC;IAClB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB,KACE,OAAO,CAAC;IAAE,aAAa,EAAE,aAAa,CAAA;CAAE,CAAC,CAAC;AAE/C;;;;;;;;GAQG;AACH,eAAO,MAAM,mBAAmB,EAAE,mBAsCjC,CAAC"}

package/lib/typescript/credential/presentation/08-send-authorization-response.d.ts CHANGED Viewed

@@ -1,10 +1,10 @@
 import { type FetchJwks } from "./04-retrieve-rp-jwks";
 import type { VerifyRequestObject } from "./05-verify-request-object";
 import { type Out } from "../../utils/misc";
-import { type RemotePresentation, DirectAuthorizationBodyPayload, ErrorResponse, type LegacyRemotePresentation } from "./types";
+import { DirectAuthorizationBodyPayload, ErrorResponse, type LegacyRemotePresentation, type RemotePresentation } from "./types";
 import * as z from "zod";
 import type { JWK } from "../../utils/jwk";
-import type { RelyingPartyEntityConfiguration } from "../../trust";
+import type { RelyingPartyEntityConfiguration } from "../../trust/types";
 export type AuthorizationResponse = z.infer<typeof AuthorizationResponse>;
 export declare const AuthorizationResponse: z.ZodObject<{
     status: z.ZodOptional<z.ZodString>;

package/lib/typescript/credential/presentation/08-send-authorization-response.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"08-send-authorization-response.d.ts","sourceRoot":"","sources":["../../../../src/credential/presentation/08-send-authorization-response.ts"],"names":[],"mappings":"AAEA,OAAO,~~EAAqB~~,KAAK,SAAS,~~EAAE~~,MAAM,uBAAuB,CAAC;AAC1E,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AAEtE,OAAO,EAAoB,KAAK,GAAG,EAAE,MAAM,kBAAkB,CAAC;AAC9D,OAAO,EACL,~~KAAK,kBAAkB,EACvB,~~8BAA8B,EAC9B,aAAa,EACb,KAAK,wBAAwB,~~EAC9B~~,MAAM,SAAS,CAAC;AACjB,OAAO,KAAK,CAAC,MAAM,KAAK,CAAC;AACzB,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,iBAAiB,CAAC;~~AAC3C~~,OAAO,KAAK,EAAE,+BAA+B,EAAE,MAAM,~~aAAa~~,CAAC;~~AAQnE~~,MAAM,MAAM,qBAAqB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,qBAAqB,CAAC,CAAC;AAC1E,eAAO,MAAM,qBAAqB;;;;;;;;;;;;EAUhC,CAAC;AAEH;;;;;;;GAOG;AACH,eAAO,MAAM,wBAAwB,cACxB,IAAI,SAAS,CAAC,CAAC,MAAM,CAAC,KAChC,GAWF,CAAC;AAEF;;;;;;;GAOG;AACH,eAAO,MAAM,sBAAsB,kBAClB,IAAI,mBAAmB,CAAC,CAAC,eAAe,CAAC,UAChD,+BAA+B,CAAC,SAAS,CAAC,CAAC,UAAU,CAAC,WACrD,8BAA8B,KACtC,QAAQ,MAAM,CAkChB,CAAC;AAEF;;;;;;GAMG;AACH,eAAO,MAAM,mBAAmB,kBACf,IAAI,mBAAmB,CAAC,CAAC,eAAe,CAAC,WAC/C,8BAA8B,KACtC,QAAQ,MAAM,CAgBhB,CAAC;AAEF;;;;;GAKG;AACH,MAAM,MAAM,+BAA+B,GAAG,CAC5C,aAAa,EAAE,GAAG,CAAC,mBAAmB,CAAC,CAAC,eAAe,CAAC,EACxD,wBAAwB,EAAE,MAAM,EAChC,mBAAmB,EAAE,wBAAwB,EAAE,EAC/C,MAAM,EAAE,+BAA+B,CAAC,SAAS,CAAC,CAAC,UAAU,CAAC,EAC9D,OAAO,CAAC,EAAE;IACR,QAAQ,CAAC,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC;CACjC,KACE,OAAO,CAAC,qBAAqB,CAAC,CAAC;AAEpC;;;;;;;;;;GAUG;AACH,eAAO,MAAM,+BAA+B,EAAE,+BAkD3C,CAAC;AAEJ;;;;GAIG;AACH,MAAM,MAAM,yBAAyB,GAAG,CACtC,aAAa,EAAE,GAAG,CAAC,mBAAmB,CAAC,CAAC,eAAe,CAAC,EACxD,mBAAmB,EAAE,kBAAkB,EAAE,EACzC,MAAM,EAAE,+BAA+B,CAAC,SAAS,CAAC,CAAC,UAAU,CAAC,EAC9D,OAAO,CAAC,EAAE;IACR,QAAQ,CAAC,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC;CACjC,KACE,OAAO,CAAC,qBAAqB,CAAC,CAAC;AAEpC,eAAO,MAAM,yBAAyB,EAAE,yBA6BvC,CAAC;AAEF;;;GAGG;AACH,MAAM,MAAM,8BAA8B,GAAG,CAC3C,aAAa,EAAE,GAAG,CAAC,mBAAmB,CAAC,CAAC,eAAe,CAAC,EACxD,KAAK,EAAE;IAAE,KAAK,EAAE,aAAa,CAAC;IAAC,gBAAgB,EAAE,MAAM,CAAA;CAAE,EACzD,OAAO,CAAC,EAAE;IACR,QAAQ,CAAC,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC;CACjC,KACE,OAAO,CAAC,qBAAqB,CAAC,CAAC;AAEpC;;;;;;;;GAQG;AACH,eAAO,MAAM,8BAA8B,EAAE,8BAqB1C,CAAC"}
1	+ {"version":3,"file":"08-send-authorization-response.d.ts","sourceRoot":"","sources":["../../../../src/credential/presentation/08-send-authorization-response.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,KAAK,SAAS,EAAqB,MAAM,uBAAuB,CAAC;AAC1E,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AAEtE,OAAO,EAAoB,KAAK,GAAG,EAAE,MAAM,kBAAkB,CAAC;AAC9D,OAAO,EACL,8BAA8B,EAC9B,aAAa,EACb,KAAK,wBAAwB,EAC7B,KAAK,kBAAkB,EACxB,MAAM,SAAS,CAAC;AACjB,OAAO,KAAK,CAAC,MAAM,KAAK,CAAC;AACzB,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,iBAAiB,CAAC;AAO3C,OAAO,KAAK,EAAE,+BAA+B,EAAE,MAAM,mBAAmB,CAAC;AAEzE,MAAM,MAAM,qBAAqB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,qBAAqB,CAAC,CAAC;AAC1E,eAAO,MAAM,qBAAqB;;;;;;;;;;;;EAUhC,CAAC;AAEH;;;;;;;GAOG;AACH,eAAO,MAAM,wBAAwB,cACxB,IAAI,SAAS,CAAC,CAAC,MAAM,CAAC,KAChC,GAWF,CAAC;AAEF;;;;;;;GAOG;AACH,eAAO,MAAM,sBAAsB,kBAClB,IAAI,mBAAmB,CAAC,CAAC,eAAe,CAAC,UAChD,+BAA+B,CAAC,SAAS,CAAC,CAAC,UAAU,CAAC,WACrD,8BAA8B,KACtC,QAAQ,MAAM,CAkChB,CAAC;AAEF;;;;;;GAMG;AACH,eAAO,MAAM,mBAAmB,kBACf,IAAI,mBAAmB,CAAC,CAAC,eAAe,CAAC,WAC/C,8BAA8B,KACtC,QAAQ,MAAM,CAgBhB,CAAC;AAEF;;;;;GAKG;AACH,MAAM,MAAM,+BAA+B,GAAG,CAC5C,aAAa,EAAE,GAAG,CAAC,mBAAmB,CAAC,CAAC,eAAe,CAAC,EACxD,wBAAwB,EAAE,MAAM,EAChC,mBAAmB,EAAE,wBAAwB,EAAE,EAC/C,MAAM,EAAE,+BAA+B,CAAC,SAAS,CAAC,CAAC,UAAU,CAAC,EAC9D,OAAO,CAAC,EAAE;IACR,QAAQ,CAAC,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC;CACjC,KACE,OAAO,CAAC,qBAAqB,CAAC,CAAC;AAEpC;;;;;;;;;;GAUG;AACH,eAAO,MAAM,+BAA+B,EAAE,+BAkD3C,CAAC;AAEJ;;;;GAIG;AACH,MAAM,MAAM,yBAAyB,GAAG,CACtC,aAAa,EAAE,GAAG,CAAC,mBAAmB,CAAC,CAAC,eAAe,CAAC,EACxD,mBAAmB,EAAE,kBAAkB,EAAE,EACzC,MAAM,EAAE,+BAA+B,CAAC,SAAS,CAAC,CAAC,UAAU,CAAC,EAC9D,OAAO,CAAC,EAAE;IACR,QAAQ,CAAC,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC;CACjC,KACE,OAAO,CAAC,qBAAqB,CAAC,CAAC;AAEpC,eAAO,MAAM,yBAAyB,EAAE,yBA6BvC,CAAC;AAEF;;;GAGG;AACH,MAAM,MAAM,8BAA8B,GAAG,CAC3C,aAAa,EAAE,GAAG,CAAC,mBAAmB,CAAC,CAAC,eAAe,CAAC,EACxD,KAAK,EAAE;IAAE,KAAK,EAAE,aAAa,CAAC;IAAC,gBAAgB,EAAE,MAAM,CAAA;CAAE,EACzD,OAAO,CAAC,EAAE;IACR,QAAQ,CAAC,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC;CACjC,KACE,OAAO,CAAC,qBAAqB,CAAC,CAAC;AAEpC;;;;;;;;GAQG;AACH,eAAO,MAAM,8BAA8B,EAAE,8BAqB1C,CAAC"}

package/lib/typescript/credential/status/types.d.ts CHANGED Viewed

@@ -226,6 +226,11 @@ export declare const ParsedStatusAttestation: z.ZodObject<{
         credential_hash: string;
     }>;
 }, "strip", z.ZodTypeAny, {
+    header: {
+        alg: string;
+        typ: "status-attestation+jwt";
+        kid?: string | undefined;
+    };
     payload: {
         iat: number;
         exp: number;
@@ -258,12 +263,12 @@ export declare const ParsedStatusAttestation: z.ZodObject<{
         };
         credential_hash: string;
     };
+}, {
     header: {
         alg: string;
         typ: "status-attestation+jwt";
         kid?: string | undefined;
     };
-}, {
     payload: {
         iat: number;
         exp: number;
@@ -296,10 +301,5 @@ export declare const ParsedStatusAttestation: z.ZodObject<{
         };
         credential_hash: string;
     };
-    header: {
-        alg: string;
-        typ: "status-attestation+jwt";
-        kid?: string | undefined;
-    };
 }>;
 //# sourceMappingURL=types.d.ts.map