@pagopa/io-react-native-wallet 2.0.0-next.0 → 2.0.0-next.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (77) hide show
  1. package/lib/commonjs/credential/issuance/02-evaluate-issuer-trust.js +2 -2
  2. package/lib/commonjs/credential/issuance/02-evaluate-issuer-trust.js.map +1 -1
  3. package/lib/commonjs/credential/presentation/02-evaluate-rp-trust.js +2 -2
  4. package/lib/commonjs/credential/presentation/02-evaluate-rp-trust.js.map +1 -1
  5. package/lib/commonjs/credential/presentation/05-verify-request-object.js.map +1 -1
  6. package/lib/commonjs/credential/presentation/08-send-authorization-response.js.map +1 -1
  7. package/lib/commonjs/trust/README.md +147 -0
  8. package/lib/commonjs/trust/build-chain.js +252 -0
  9. package/lib/commonjs/trust/build-chain.js.map +1 -0
  10. package/lib/commonjs/trust/errors.js +24 -1
  11. package/lib/commonjs/trust/errors.js.map +1 -1
  12. package/lib/commonjs/trust/index.js +11 -276
  13. package/lib/commonjs/trust/index.js.map +1 -1
  14. package/lib/commonjs/trust/utils.js +30 -1
  15. package/lib/commonjs/trust/utils.js.map +1 -1
  16. package/lib/commonjs/trust/{chain.js → verify-chain.js} +87 -15
  17. package/lib/commonjs/trust/verify-chain.js.map +1 -0
  18. package/lib/commonjs/utils/errors.js.map +1 -1
  19. package/lib/module/credential/issuance/02-evaluate-issuer-trust.js +1 -1
  20. package/lib/module/credential/issuance/02-evaluate-issuer-trust.js.map +1 -1
  21. package/lib/module/credential/presentation/02-evaluate-rp-trust.js +1 -1
  22. package/lib/module/credential/presentation/02-evaluate-rp-trust.js.map +1 -1
  23. package/lib/module/credential/presentation/05-verify-request-object.js.map +1 -1
  24. package/lib/module/credential/presentation/08-send-authorization-response.js +1 -1
  25. package/lib/module/credential/presentation/08-send-authorization-response.js.map +1 -1
  26. package/lib/module/trust/README.md +147 -0
  27. package/lib/module/trust/build-chain.js +235 -0
  28. package/lib/module/trust/build-chain.js.map +1 -0
  29. package/lib/module/trust/errors.js +23 -2
  30. package/lib/module/trust/errors.js.map +1 -1
  31. package/lib/module/trust/index.js +5 -262
  32. package/lib/module/trust/index.js.map +1 -1
  33. package/lib/module/trust/utils.js +27 -0
  34. package/lib/module/trust/utils.js.map +1 -1
  35. package/lib/module/trust/{chain.js → verify-chain.js} +85 -14
  36. package/lib/module/trust/verify-chain.js.map +1 -0
  37. package/lib/module/utils/errors.js +1 -1
  38. package/lib/module/utils/errors.js.map +1 -1
  39. package/lib/typescript/credential/issuance/02-evaluate-issuer-trust.d.ts.map +1 -1
  40. package/lib/typescript/credential/presentation/02-evaluate-rp-trust.d.ts.map +1 -1
  41. package/lib/typescript/credential/presentation/05-verify-request-object.d.ts +1 -1
  42. package/lib/typescript/credential/presentation/05-verify-request-object.d.ts.map +1 -1
  43. package/lib/typescript/credential/presentation/08-send-authorization-response.d.ts +2 -2
  44. package/lib/typescript/credential/presentation/08-send-authorization-response.d.ts.map +1 -1
  45. package/lib/typescript/credential/status/types.d.ts +6 -6
  46. package/lib/typescript/sd-jwt/index.d.ts +12 -12
  47. package/lib/typescript/sd-jwt/types.d.ts +6 -6
  48. package/lib/typescript/trust/build-chain.d.ts +1284 -0
  49. package/lib/typescript/trust/build-chain.d.ts.map +1 -0
  50. package/lib/typescript/trust/errors.d.ts +22 -0
  51. package/lib/typescript/trust/errors.d.ts.map +1 -1
  52. package/lib/typescript/trust/index.d.ts +5 -1299
  53. package/lib/typescript/trust/index.d.ts.map +1 -1
  54. package/lib/typescript/trust/types.d.ts +54 -54
  55. package/lib/typescript/trust/utils.d.ts +10 -0
  56. package/lib/typescript/trust/utils.d.ts.map +1 -1
  57. package/lib/typescript/trust/verify-chain.d.ts +39 -0
  58. package/lib/typescript/trust/verify-chain.d.ts.map +1 -0
  59. package/lib/typescript/utils/errors.d.ts +2 -2
  60. package/lib/typescript/utils/errors.d.ts.map +1 -1
  61. package/lib/typescript/wallet-instance-attestation/types.d.ts +21 -21
  62. package/package.json +2 -2
  63. package/src/credential/issuance/02-evaluate-issuer-trust.ts +1 -1
  64. package/src/credential/presentation/02-evaluate-rp-trust.ts +1 -1
  65. package/src/credential/presentation/05-verify-request-object.ts +1 -1
  66. package/src/credential/presentation/08-send-authorization-response.ts +4 -4
  67. package/src/trust/README.md +147 -0
  68. package/src/trust/build-chain.ts +395 -0
  69. package/src/trust/errors.ts +32 -1
  70. package/src/trust/index.ts +5 -435
  71. package/src/trust/utils.ts +35 -0
  72. package/src/trust/{chain.ts → verify-chain.ts} +132 -16
  73. package/src/utils/errors.ts +4 -4
  74. package/lib/commonjs/trust/chain.js.map +0 -1
  75. package/lib/module/trust/chain.js.map +0 -1
  76. package/lib/typescript/trust/chain.d.ts +0 -21
  77. package/lib/typescript/trust/chain.d.ts.map +0 -1
package/lib/typescript/trust/build-chain.d.ts ADDED
@@ -0,0 +1,1284 @@
1
+ import type { JWK } from "../utils/jwk";
2
+ import { CredentialIssuerEntityConfiguration, EntityConfiguration, RelyingPartyEntityConfiguration, TrustAnchorEntityConfiguration, WalletProviderEntityConfiguration } from "./types";
3
+ /**
4
+ * Fetch and parse the entity configuration document for a given federation entity.
5
+ * This is an inner method to serve public interfaces.
6
+ *
7
+ * To add another entity configuration type (example: Foo entity type):
8
+ * - create its zod schema and type by inherit from the base type (example: FooEntityConfiguration = BaseEntityConfiguration.and(...))
9
+ * - add such type to EntityConfiguration union
10
+ * - add an overload to this function
11
+ * - create a public function which use such type (example: getFooEntityConfiguration = (url, options) => Promise<FooEntityConfiguration>)
12
+ *
13
+ * @param entityBaseUrl The base url of the entity.
14
+ * @param schema The expected schema of the entity configuration, according to the kind of entity we are fetching from.
15
+ * @param options An optional object with additional options.
16
+ * @param options.appFetch An optional instance of the http client to be used.
17
+ * @returns The parsed entity configuration object
18
+ * @throws {IoWalletError} If the http request fails
19
+ * @throws Parse error if the document is not in the expected shape.
20
+ */
21
+ declare function fetchAndParseEntityConfiguration(entityBaseUrl: string, schema: typeof WalletProviderEntityConfiguration, options?: {
22
+ appFetch?: GlobalFetch["fetch"];
23
+ }): Promise<WalletProviderEntityConfiguration>;
24
+ declare function fetchAndParseEntityConfiguration(entityBaseUrl: string, schema: typeof RelyingPartyEntityConfiguration, options?: {
25
+ appFetch?: GlobalFetch["fetch"];
26
+ }): Promise<RelyingPartyEntityConfiguration>;
27
+ declare function fetchAndParseEntityConfiguration(entityBaseUrl: string, schema: typeof TrustAnchorEntityConfiguration, options?: {
28
+ appFetch?: GlobalFetch["fetch"];
29
+ }): Promise<TrustAnchorEntityConfiguration>;
30
+ declare function fetchAndParseEntityConfiguration(entityBaseUrl: string, schema: typeof CredentialIssuerEntityConfiguration, options?: {
31
+ appFetch?: GlobalFetch["fetch"];
32
+ }): Promise<CredentialIssuerEntityConfiguration>;
33
+ declare function fetchAndParseEntityConfiguration(entityBaseUrl: string, schema: typeof EntityConfiguration, options?: {
34
+ appFetch?: GlobalFetch["fetch"];
35
+ }): Promise<EntityConfiguration>;
36
+ export declare const getWalletProviderEntityConfiguration: (entityBaseUrl: Parameters<typeof fetchAndParseEntityConfiguration>[0], options?: Parameters<typeof fetchAndParseEntityConfiguration>[2]) => Promise<{
37
+ header: {
38
+ alg: string;
39
+ kid: string;
40
+ typ: "entity-statement+jwt";
41
+ };
42
+ payload: {
43
+ iss: string;
44
+ sub: string;
45
+ iat: number;
46
+ exp: number;
47
+ jwks: {
48
+ keys: {
49
+ kty: "RSA" | "EC";
50
+ alg?: string | undefined;
51
+ crv?: string | undefined;
52
+ d?: string | undefined;
53
+ dp?: string | undefined;
54
+ dq?: string | undefined;
55
+ e?: string | undefined;
56
+ ext?: boolean | undefined;
57
+ k?: string | undefined;
58
+ key_ops?: string[] | undefined;
59
+ kid?: string | undefined;
60
+ n?: string | undefined;
61
+ p?: string | undefined;
62
+ q?: string | undefined;
63
+ qi?: string | undefined;
64
+ use?: string | undefined;
65
+ x?: string | undefined;
66
+ y?: string | undefined;
67
+ x5c?: string[] | undefined;
68
+ x5t?: string | undefined;
69
+ "x5t#S256"?: string | undefined;
70
+ x5u?: string | undefined;
71
+ }[];
72
+ };
73
+ metadata: {
74
+ federation_entity: {
75
+ federation_fetch_endpoint?: string | undefined;
76
+ federation_list_endpoint?: string | undefined;
77
+ federation_resolve_endpoint?: string | undefined;
78
+ federation_trust_mark_status_endpoint?: string | undefined;
79
+ federation_trust_mark_list_endpoint?: string | undefined;
80
+ federation_trust_mark_endpoint?: string | undefined;
81
+ federation_historical_keys_endpoint?: string | undefined;
82
+ endpoint_auth_signing_alg_values_supported?: string | undefined;
83
+ organization_name?: string | undefined;
84
+ homepage_uri?: string | undefined;
85
+ policy_uri?: string | undefined;
86
+ logo_uri?: string | undefined;
87
+ contacts?: string[] | undefined;
88
+ } & {
89
+ [k: string]: unknown;
90
+ };
91
+ } & {
92
+ [k: string]: unknown;
93
+ };
94
+ authority_hints?: string[] | undefined;
95
+ } & {
96
+ [k: string]: unknown;
97
+ };
98
+ } & {
99
+ payload: {
100
+ metadata: {
101
+ wallet_provider: {
102
+ jwks: {
103
+ keys: {
104
+ kty: "RSA" | "EC";
105
+ alg?: string | undefined;
106
+ crv?: string | undefined;
107
+ d?: string | undefined;
108
+ dp?: string | undefined;
109
+ dq?: string | undefined;
110
+ e?: string | undefined;
111
+ ext?: boolean | undefined;
112
+ k?: string | undefined;
113
+ key_ops?: string[] | undefined;
114
+ kid?: string | undefined;
115
+ n?: string | undefined;
116
+ p?: string | undefined;
117
+ q?: string | undefined;
118
+ qi?: string | undefined;
119
+ use?: string | undefined;
120
+ x?: string | undefined;
121
+ y?: string | undefined;
122
+ x5c?: string[] | undefined;
123
+ x5t?: string | undefined;
124
+ "x5t#S256"?: string | undefined;
125
+ x5u?: string | undefined;
126
+ }[];
127
+ };
128
+ token_endpoint: string;
129
+ grant_types_supported: string[];
130
+ token_endpoint_auth_methods_supported: string[];
131
+ token_endpoint_auth_signing_alg_values_supported: string[];
132
+ aal_values_supported?: string[] | undefined;
133
+ } & {
134
+ [k: string]: unknown;
135
+ };
136
+ };
137
+ };
138
+ }>;
139
+ export declare const getCredentialIssuerEntityConfiguration: (entityBaseUrl: Parameters<typeof fetchAndParseEntityConfiguration>[0], options?: Parameters<typeof fetchAndParseEntityConfiguration>[2]) => Promise<{
140
+ header: {
141
+ alg: string;
142
+ kid: string;
143
+ typ: "entity-statement+jwt";
144
+ };
145
+ payload: {
146
+ iss: string;
147
+ sub: string;
148
+ iat: number;
149
+ exp: number;
150
+ jwks: {
151
+ keys: {
152
+ kty: "RSA" | "EC";
153
+ alg?: string | undefined;
154
+ crv?: string | undefined;
155
+ d?: string | undefined;
156
+ dp?: string | undefined;
157
+ dq?: string | undefined;
158
+ e?: string | undefined;
159
+ ext?: boolean | undefined;
160
+ k?: string | undefined;
161
+ key_ops?: string[] | undefined;
162
+ kid?: string | undefined;
163
+ n?: string | undefined;
164
+ p?: string | undefined;
165
+ q?: string | undefined;
166
+ qi?: string | undefined;
167
+ use?: string | undefined;
168
+ x?: string | undefined;
169
+ y?: string | undefined;
170
+ x5c?: string[] | undefined;
171
+ x5t?: string | undefined;
172
+ "x5t#S256"?: string | undefined;
173
+ x5u?: string | undefined;
174
+ }[];
175
+ };
176
+ metadata: {
177
+ federation_entity: {
178
+ federation_fetch_endpoint?: string | undefined;
179
+ federation_list_endpoint?: string | undefined;
180
+ federation_resolve_endpoint?: string | undefined;
181
+ federation_trust_mark_status_endpoint?: string | undefined;
182
+ federation_trust_mark_list_endpoint?: string | undefined;
183
+ federation_trust_mark_endpoint?: string | undefined;
184
+ federation_historical_keys_endpoint?: string | undefined;
185
+ endpoint_auth_signing_alg_values_supported?: string | undefined;
186
+ organization_name?: string | undefined;
187
+ homepage_uri?: string | undefined;
188
+ policy_uri?: string | undefined;
189
+ logo_uri?: string | undefined;
190
+ contacts?: string[] | undefined;
191
+ } & {
192
+ [k: string]: unknown;
193
+ };
194
+ } & {
195
+ [k: string]: unknown;
196
+ };
197
+ authority_hints?: string[] | undefined;
198
+ } & {
199
+ [k: string]: unknown;
200
+ };
201
+ } & {
202
+ payload: {
203
+ jwks: {
204
+ keys: {
205
+ kty: "RSA" | "EC";
206
+ alg?: string | undefined;
207
+ crv?: string | undefined;
208
+ d?: string | undefined;
209
+ dp?: string | undefined;
210
+ dq?: string | undefined;
211
+ e?: string | undefined;
212
+ ext?: boolean | undefined;
213
+ k?: string | undefined;
214
+ key_ops?: string[] | undefined;
215
+ kid?: string | undefined;
216
+ n?: string | undefined;
217
+ p?: string | undefined;
218
+ q?: string | undefined;
219
+ qi?: string | undefined;
220
+ use?: string | undefined;
221
+ x?: string | undefined;
222
+ y?: string | undefined;
223
+ x5c?: string[] | undefined;
224
+ x5t?: string | undefined;
225
+ "x5t#S256"?: string | undefined;
226
+ x5u?: string | undefined;
227
+ }[];
228
+ };
229
+ metadata: {
230
+ openid_credential_issuer: {
231
+ jwks: {
232
+ keys: {
233
+ kty: "RSA" | "EC";
234
+ alg?: string | undefined;
235
+ crv?: string | undefined;
236
+ d?: string | undefined;
237
+ dp?: string | undefined;
238
+ dq?: string | undefined;
239
+ e?: string | undefined;
240
+ ext?: boolean | undefined;
241
+ k?: string | undefined;
242
+ key_ops?: string[] | undefined;
243
+ kid?: string | undefined;
244
+ n?: string | undefined;
245
+ p?: string | undefined;
246
+ q?: string | undefined;
247
+ qi?: string | undefined;
248
+ use?: string | undefined;
249
+ x?: string | undefined;
250
+ y?: string | undefined;
251
+ x5c?: string[] | undefined;
252
+ x5t?: string | undefined;
253
+ "x5t#S256"?: string | undefined;
254
+ x5u?: string | undefined;
255
+ }[];
256
+ };
257
+ display: {
258
+ name: string;
259
+ locale: string;
260
+ }[];
261
+ credential_issuer: string;
262
+ credential_endpoint: string;
263
+ revocation_endpoint: string;
264
+ status_attestation_endpoint: string;
265
+ credential_configurations_supported: Record<string, {
266
+ format: "vc+sd-jwt" | "vc+mdoc-cbor";
267
+ scope: string;
268
+ display: {
269
+ name: string;
270
+ locale: string;
271
+ }[];
272
+ claims: Record<string, {
273
+ value_type: string;
274
+ display: {
275
+ name: string;
276
+ locale: string;
277
+ }[];
278
+ }>;
279
+ cryptographic_binding_methods_supported: string[];
280
+ credential_signing_alg_values_supported: string[];
281
+ authentic_source?: string | undefined;
282
+ issuance_errors_supported?: Record<string, {
283
+ display: {
284
+ locale: string;
285
+ title: string;
286
+ description: string;
287
+ }[];
288
+ }> | undefined;
289
+ }>;
290
+ };
291
+ oauth_authorization_server: {
292
+ request_object_signing_alg_values_supported: string[];
293
+ jwks: {
294
+ keys: {
295
+ kty: "RSA" | "EC";
296
+ alg?: string | undefined;
297
+ crv?: string | undefined;
298
+ d?: string | undefined;
299
+ dp?: string | undefined;
300
+ dq?: string | undefined;
301
+ e?: string | undefined;
302
+ ext?: boolean | undefined;
303
+ k?: string | undefined;
304
+ key_ops?: string[] | undefined;
305
+ kid?: string | undefined;
306
+ n?: string | undefined;
307
+ p?: string | undefined;
308
+ q?: string | undefined;
309
+ qi?: string | undefined;
310
+ use?: string | undefined;
311
+ x?: string | undefined;
312
+ y?: string | undefined;
313
+ x5c?: string[] | undefined;
314
+ x5t?: string | undefined;
315
+ "x5t#S256"?: string | undefined;
316
+ x5u?: string | undefined;
317
+ }[];
318
+ };
319
+ authorization_endpoint: string;
320
+ pushed_authorization_request_endpoint: string;
321
+ token_endpoint: string;
322
+ client_registration_types_supported: string[];
323
+ code_challenge_methods_supported: string[];
324
+ acr_values_supported: string[];
325
+ grant_types_supported: string[];
326
+ issuer: string;
327
+ scopes_supported: string[];
328
+ response_modes_supported: string[];
329
+ token_endpoint_auth_methods_supported: string[];
330
+ token_endpoint_auth_signing_alg_values_supported: string[];
331
+ };
332
+ openid_credential_verifier?: {
333
+ jwks: {
334
+ keys: {
335
+ kty: "RSA" | "EC";
336
+ alg?: string | undefined;
337
+ crv?: string | undefined;
338
+ d?: string | undefined;
339
+ dp?: string | undefined;
340
+ dq?: string | undefined;
341
+ e?: string | undefined;
342
+ ext?: boolean | undefined;
343
+ k?: string | undefined;
344
+ key_ops?: string[] | undefined;
345
+ kid?: string | undefined;
346
+ n?: string | undefined;
347
+ p?: string | undefined;
348
+ q?: string | undefined;
349
+ qi?: string | undefined;
350
+ use?: string | undefined;
351
+ x?: string | undefined;
352
+ y?: string | undefined;
353
+ x5c?: string[] | undefined;
354
+ x5t?: string | undefined;
355
+ "x5t#S256"?: string | undefined;
356
+ x5u?: string | undefined;
357
+ }[];
358
+ };
359
+ application_type?: string | undefined;
360
+ client_id?: string | undefined;
361
+ client_name?: string | undefined;
362
+ contacts?: string[] | undefined;
363
+ presentation_definition?: {
364
+ id: string;
365
+ input_descriptors: {
366
+ id: string;
367
+ constraints: {
368
+ fields?: {
369
+ path: string[];
370
+ id?: string | undefined;
371
+ purpose?: string | undefined;
372
+ name?: string | undefined;
373
+ filter?: any;
374
+ optional?: boolean | undefined;
375
+ intent_to_retain?: boolean | undefined;
376
+ }[] | undefined;
377
+ limit_disclosure?: "required" | "preferred" | undefined;
378
+ };
379
+ name?: string | undefined;
380
+ purpose?: string | undefined;
381
+ format?: Record<string, any> | undefined;
382
+ group?: string | undefined;
383
+ }[];
384
+ name?: string | undefined;
385
+ purpose?: string | undefined;
386
+ submission_requirements?: {
387
+ rule: string;
388
+ name?: string | undefined;
389
+ purpose?: string | undefined;
390
+ from?: string | undefined;
391
+ from_nested?: {
392
+ rule: string;
393
+ from: string;
394
+ name?: string | undefined;
395
+ purpose?: string | undefined;
396
+ }[] | undefined;
397
+ count?: number | undefined;
398
+ }[] | undefined;
399
+ } | undefined;
400
+ request_uris?: string[] | undefined;
401
+ authorization_signed_response_alg?: string | undefined;
402
+ authorization_encrypted_response_alg?: string | undefined;
403
+ authorization_encrypted_response_enc?: string | undefined;
404
+ } | undefined;
405
+ };
406
+ };
407
+ }>;
408
+ export declare const getTrustAnchorEntityConfiguration: (entityBaseUrl: Parameters<typeof fetchAndParseEntityConfiguration>[0], options?: Parameters<typeof fetchAndParseEntityConfiguration>[2]) => Promise<{
409
+ header: {
410
+ alg: string;
411
+ kid: string;
412
+ typ: "entity-statement+jwt";
413
+ };
414
+ payload: {
415
+ iss: string;
416
+ sub: string;
417
+ iat: number;
418
+ exp: number;
419
+ jwks: {
420
+ keys: {
421
+ kty: "RSA" | "EC";
422
+ alg?: string | undefined;
423
+ crv?: string | undefined;
424
+ d?: string | undefined;
425
+ dp?: string | undefined;
426
+ dq?: string | undefined;
427
+ e?: string | undefined;
428
+ ext?: boolean | undefined;
429
+ k?: string | undefined;
430
+ key_ops?: string[] | undefined;
431
+ kid?: string | undefined;
432
+ n?: string | undefined;
433
+ p?: string | undefined;
434
+ q?: string | undefined;
435
+ qi?: string | undefined;
436
+ use?: string | undefined;
437
+ x?: string | undefined;
438
+ y?: string | undefined;
439
+ x5c?: string[] | undefined;
440
+ x5t?: string | undefined;
441
+ "x5t#S256"?: string | undefined;
442
+ x5u?: string | undefined;
443
+ }[];
444
+ };
445
+ metadata: {
446
+ federation_entity: {
447
+ federation_fetch_endpoint?: string | undefined;
448
+ federation_list_endpoint?: string | undefined;
449
+ federation_resolve_endpoint?: string | undefined;
450
+ federation_trust_mark_status_endpoint?: string | undefined;
451
+ federation_trust_mark_list_endpoint?: string | undefined;
452
+ federation_trust_mark_endpoint?: string | undefined;
453
+ federation_historical_keys_endpoint?: string | undefined;
454
+ endpoint_auth_signing_alg_values_supported?: string | undefined;
455
+ organization_name?: string | undefined;
456
+ homepage_uri?: string | undefined;
457
+ policy_uri?: string | undefined;
458
+ logo_uri?: string | undefined;
459
+ contacts?: string[] | undefined;
460
+ } & {
461
+ [k: string]: unknown;
462
+ };
463
+ } & {
464
+ [k: string]: unknown;
465
+ };
466
+ authority_hints?: string[] | undefined;
467
+ } & {
468
+ [k: string]: unknown;
469
+ };
470
+ }>;
471
+ export declare const getRelyingPartyEntityConfiguration: (entityBaseUrl: Parameters<typeof fetchAndParseEntityConfiguration>[0], options?: Parameters<typeof fetchAndParseEntityConfiguration>[2]) => Promise<{
472
+ header: {
473
+ alg: string;
474
+ kid: string;
475
+ typ: "entity-statement+jwt";
476
+ };
477
+ payload: {
478
+ iss: string;
479
+ sub: string;
480
+ iat: number;
481
+ exp: number;
482
+ jwks: {
483
+ keys: {
484
+ kty: "RSA" | "EC";
485
+ alg?: string | undefined;
486
+ crv?: string | undefined;
487
+ d?: string | undefined;
488
+ dp?: string | undefined;
489
+ dq?: string | undefined;
490
+ e?: string | undefined;
491
+ ext?: boolean | undefined;
492
+ k?: string | undefined;
493
+ key_ops?: string[] | undefined;
494
+ kid?: string | undefined;
495
+ n?: string | undefined;
496
+ p?: string | undefined;
497
+ q?: string | undefined;
498
+ qi?: string | undefined;
499
+ use?: string | undefined;
500
+ x?: string | undefined;
501
+ y?: string | undefined;
502
+ x5c?: string[] | undefined;
503
+ x5t?: string | undefined;
504
+ "x5t#S256"?: string | undefined;
505
+ x5u?: string | undefined;
506
+ }[];
507
+ };
508
+ metadata: {
509
+ federation_entity: {
510
+ federation_fetch_endpoint?: string | undefined;
511
+ federation_list_endpoint?: string | undefined;
512
+ federation_resolve_endpoint?: string | undefined;
513
+ federation_trust_mark_status_endpoint?: string | undefined;
514
+ federation_trust_mark_list_endpoint?: string | undefined;
515
+ federation_trust_mark_endpoint?: string | undefined;
516
+ federation_historical_keys_endpoint?: string | undefined;
517
+ endpoint_auth_signing_alg_values_supported?: string | undefined;
518
+ organization_name?: string | undefined;
519
+ homepage_uri?: string | undefined;
520
+ policy_uri?: string | undefined;
521
+ logo_uri?: string | undefined;
522
+ contacts?: string[] | undefined;
523
+ } & {
524
+ [k: string]: unknown;
525
+ };
526
+ } & {
527
+ [k: string]: unknown;
528
+ };
529
+ authority_hints?: string[] | undefined;
530
+ } & {
531
+ [k: string]: unknown;
532
+ };
533
+ } & {
534
+ payload: {
535
+ metadata: {
536
+ openid_credential_verifier: {
537
+ jwks: {
538
+ keys: {
539
+ kty: "RSA" | "EC";
540
+ alg?: string | undefined;
541
+ crv?: string | undefined;
542
+ d?: string | undefined;
543
+ dp?: string | undefined;
544
+ dq?: string | undefined;
545
+ e?: string | undefined;
546
+ ext?: boolean | undefined;
547
+ k?: string | undefined;
548
+ key_ops?: string[] | undefined;
549
+ kid?: string | undefined;
550
+ n?: string | undefined;
551
+ p?: string | undefined;
552
+ q?: string | undefined;
553
+ qi?: string | undefined;
554
+ use?: string | undefined;
555
+ x?: string | undefined;
556
+ y?: string | undefined;
557
+ x5c?: string[] | undefined;
558
+ x5t?: string | undefined;
559
+ "x5t#S256"?: string | undefined;
560
+ x5u?: string | undefined;
561
+ }[];
562
+ };
563
+ application_type?: string | undefined;
564
+ client_id?: string | undefined;
565
+ client_name?: string | undefined;
566
+ contacts?: string[] | undefined;
567
+ presentation_definition?: {
568
+ id: string;
569
+ input_descriptors: {
570
+ id: string;
571
+ constraints: {
572
+ fields?: {
573
+ path: string[];
574
+ id?: string | undefined;
575
+ purpose?: string | undefined;
576
+ name?: string | undefined;
577
+ filter?: any;
578
+ optional?: boolean | undefined;
579
+ intent_to_retain?: boolean | undefined;
580
+ }[] | undefined;
581
+ limit_disclosure?: "required" | "preferred" | undefined;
582
+ };
583
+ name?: string | undefined;
584
+ purpose?: string | undefined;
585
+ format?: Record<string, any> | undefined;
586
+ group?: string | undefined;
587
+ }[];
588
+ name?: string | undefined;
589
+ purpose?: string | undefined;
590
+ submission_requirements?: {
591
+ rule: string;
592
+ name?: string | undefined;
593
+ purpose?: string | undefined;
594
+ from?: string | undefined;
595
+ from_nested?: {
596
+ rule: string;
597
+ from: string;
598
+ name?: string | undefined;
599
+ purpose?: string | undefined;
600
+ }[] | undefined;
601
+ count?: number | undefined;
602
+ }[] | undefined;
603
+ } | undefined;
604
+ request_uris?: string[] | undefined;
605
+ authorization_signed_response_alg?: string | undefined;
606
+ authorization_encrypted_response_alg?: string | undefined;
607
+ authorization_encrypted_response_enc?: string | undefined;
608
+ };
609
+ };
610
+ };
611
+ }>;
612
+ export declare const getEntityConfiguration: (entityBaseUrl: Parameters<typeof fetchAndParseEntityConfiguration>[0], options?: Parameters<typeof fetchAndParseEntityConfiguration>[2]) => Promise<{
613
+ header: {
614
+ alg: string;
615
+ kid: string;
616
+ typ: "entity-statement+jwt";
617
+ };
618
+ payload: {
619
+ iss: string;
620
+ sub: string;
621
+ iat: number;
622
+ exp: number;
623
+ jwks: {
624
+ keys: {
625
+ kty: "RSA" | "EC";
626
+ alg?: string | undefined;
627
+ crv?: string | undefined;
628
+ d?: string | undefined;
629
+ dp?: string | undefined;
630
+ dq?: string | undefined;
631
+ e?: string | undefined;
632
+ ext?: boolean | undefined;
633
+ k?: string | undefined;
634
+ key_ops?: string[] | undefined;
635
+ kid?: string | undefined;
636
+ n?: string | undefined;
637
+ p?: string | undefined;
638
+ q?: string | undefined;
639
+ qi?: string | undefined;
640
+ use?: string | undefined;
641
+ x?: string | undefined;
642
+ y?: string | undefined;
643
+ x5c?: string[] | undefined;
644
+ x5t?: string | undefined;
645
+ "x5t#S256"?: string | undefined;
646
+ x5u?: string | undefined;
647
+ }[];
648
+ };
649
+ metadata: {
650
+ federation_entity: {
651
+ federation_fetch_endpoint?: string | undefined;
652
+ federation_list_endpoint?: string | undefined;
653
+ federation_resolve_endpoint?: string | undefined;
654
+ federation_trust_mark_status_endpoint?: string | undefined;
655
+ federation_trust_mark_list_endpoint?: string | undefined;
656
+ federation_trust_mark_endpoint?: string | undefined;
657
+ federation_historical_keys_endpoint?: string | undefined;
658
+ endpoint_auth_signing_alg_values_supported?: string | undefined;
659
+ organization_name?: string | undefined;
660
+ homepage_uri?: string | undefined;
661
+ policy_uri?: string | undefined;
662
+ logo_uri?: string | undefined;
663
+ contacts?: string[] | undefined;
664
+ } & {
665
+ [k: string]: unknown;
666
+ };
667
+ } & {
668
+ [k: string]: unknown;
669
+ };
670
+ authority_hints?: string[] | undefined;
671
+ } & {
672
+ [k: string]: unknown;
673
+ };
674
+ } | ({
675
+ header: {
676
+ alg: string;
677
+ kid: string;
678
+ typ: "entity-statement+jwt";
679
+ };
680
+ payload: {
681
+ iss: string;
682
+ sub: string;
683
+ iat: number;
684
+ exp: number;
685
+ jwks: {
686
+ keys: {
687
+ kty: "RSA" | "EC";
688
+ alg?: string | undefined;
689
+ crv?: string | undefined;
690
+ d?: string | undefined;
691
+ dp?: string | undefined;
692
+ dq?: string | undefined;
693
+ e?: string | undefined;
694
+ ext?: boolean | undefined;
695
+ k?: string | undefined;
696
+ key_ops?: string[] | undefined;
697
+ kid?: string | undefined;
698
+ n?: string | undefined;
699
+ p?: string | undefined;
700
+ q?: string | undefined;
701
+ qi?: string | undefined;
702
+ use?: string | undefined;
703
+ x?: string | undefined;
704
+ y?: string | undefined;
705
+ x5c?: string[] | undefined;
706
+ x5t?: string | undefined;
707
+ "x5t#S256"?: string | undefined;
708
+ x5u?: string | undefined;
709
+ }[];
710
+ };
711
+ metadata: {
712
+ federation_entity: {
713
+ federation_fetch_endpoint?: string | undefined;
714
+ federation_list_endpoint?: string | undefined;
715
+ federation_resolve_endpoint?: string | undefined;
716
+ federation_trust_mark_status_endpoint?: string | undefined;
717
+ federation_trust_mark_list_endpoint?: string | undefined;
718
+ federation_trust_mark_endpoint?: string | undefined;
719
+ federation_historical_keys_endpoint?: string | undefined;
720
+ endpoint_auth_signing_alg_values_supported?: string | undefined;
721
+ organization_name?: string | undefined;
722
+ homepage_uri?: string | undefined;
723
+ policy_uri?: string | undefined;
724
+ logo_uri?: string | undefined;
725
+ contacts?: string[] | undefined;
726
+ } & {
727
+ [k: string]: unknown;
728
+ };
729
+ } & {
730
+ [k: string]: unknown;
731
+ };
732
+ authority_hints?: string[] | undefined;
733
+ } & {
734
+ [k: string]: unknown;
735
+ };
736
+ } & {
737
+ payload: {
738
+ jwks: {
739
+ keys: {
740
+ kty: "RSA" | "EC";
741
+ alg?: string | undefined;
742
+ crv?: string | undefined;
743
+ d?: string | undefined;
744
+ dp?: string | undefined;
745
+ dq?: string | undefined;
746
+ e?: string | undefined;
747
+ ext?: boolean | undefined;
748
+ k?: string | undefined;
749
+ key_ops?: string[] | undefined;
750
+ kid?: string | undefined;
751
+ n?: string | undefined;
752
+ p?: string | undefined;
753
+ q?: string | undefined;
754
+ qi?: string | undefined;
755
+ use?: string | undefined;
756
+ x?: string | undefined;
757
+ y?: string | undefined;
758
+ x5c?: string[] | undefined;
759
+ x5t?: string | undefined;
760
+ "x5t#S256"?: string | undefined;
761
+ x5u?: string | undefined;
762
+ }[];
763
+ };
764
+ metadata: {
765
+ openid_credential_issuer: {
766
+ jwks: {
767
+ keys: {
768
+ kty: "RSA" | "EC";
769
+ alg?: string | undefined;
770
+ crv?: string | undefined;
771
+ d?: string | undefined;
772
+ dp?: string | undefined;
773
+ dq?: string | undefined;
774
+ e?: string | undefined;
775
+ ext?: boolean | undefined;
776
+ k?: string | undefined;
777
+ key_ops?: string[] | undefined;
778
+ kid?: string | undefined;
779
+ n?: string | undefined;
780
+ p?: string | undefined;
781
+ q?: string | undefined;
782
+ qi?: string | undefined;
783
+ use?: string | undefined;
784
+ x?: string | undefined;
785
+ y?: string | undefined;
786
+ x5c?: string[] | undefined;
787
+ x5t?: string | undefined;
788
+ "x5t#S256"?: string | undefined;
789
+ x5u?: string | undefined;
790
+ }[];
791
+ };
792
+ display: {
793
+ name: string;
794
+ locale: string;
795
+ }[];
796
+ credential_issuer: string;
797
+ credential_endpoint: string;
798
+ revocation_endpoint: string;
799
+ status_attestation_endpoint: string;
800
+ credential_configurations_supported: Record<string, {
801
+ format: "vc+sd-jwt" | "vc+mdoc-cbor";
802
+ scope: string;
803
+ display: {
804
+ name: string;
805
+ locale: string;
806
+ }[];
807
+ claims: Record<string, {
808
+ value_type: string;
809
+ display: {
810
+ name: string;
811
+ locale: string;
812
+ }[];
813
+ }>;
814
+ cryptographic_binding_methods_supported: string[];
815
+ credential_signing_alg_values_supported: string[];
816
+ authentic_source?: string | undefined;
817
+ issuance_errors_supported?: Record<string, {
818
+ display: {
819
+ locale: string;
820
+ title: string;
821
+ description: string;
822
+ }[];
823
+ }> | undefined;
824
+ }>;
825
+ };
826
+ oauth_authorization_server: {
827
+ request_object_signing_alg_values_supported: string[];
828
+ jwks: {
829
+ keys: {
830
+ kty: "RSA" | "EC";
831
+ alg?: string | undefined;
832
+ crv?: string | undefined;
833
+ d?: string | undefined;
834
+ dp?: string | undefined;
835
+ dq?: string | undefined;
836
+ e?: string | undefined;
837
+ ext?: boolean | undefined;
838
+ k?: string | undefined;
839
+ key_ops?: string[] | undefined;
840
+ kid?: string | undefined;
841
+ n?: string | undefined;
842
+ p?: string | undefined;
843
+ q?: string | undefined;
844
+ qi?: string | undefined;
845
+ use?: string | undefined;
846
+ x?: string | undefined;
847
+ y?: string | undefined;
848
+ x5c?: string[] | undefined;
849
+ x5t?: string | undefined;
850
+ "x5t#S256"?: string | undefined;
851
+ x5u?: string | undefined;
852
+ }[];
853
+ };
854
+ authorization_endpoint: string;
855
+ pushed_authorization_request_endpoint: string;
856
+ token_endpoint: string;
857
+ client_registration_types_supported: string[];
858
+ code_challenge_methods_supported: string[];
859
+ acr_values_supported: string[];
860
+ grant_types_supported: string[];
861
+ issuer: string;
862
+ scopes_supported: string[];
863
+ response_modes_supported: string[];
864
+ token_endpoint_auth_methods_supported: string[];
865
+ token_endpoint_auth_signing_alg_values_supported: string[];
866
+ };
867
+ openid_credential_verifier?: {
868
+ jwks: {
869
+ keys: {
870
+ kty: "RSA" | "EC";
871
+ alg?: string | undefined;
872
+ crv?: string | undefined;
873
+ d?: string | undefined;
874
+ dp?: string | undefined;
875
+ dq?: string | undefined;
876
+ e?: string | undefined;
877
+ ext?: boolean | undefined;
878
+ k?: string | undefined;
879
+ key_ops?: string[] | undefined;
880
+ kid?: string | undefined;
881
+ n?: string | undefined;
882
+ p?: string | undefined;
883
+ q?: string | undefined;
884
+ qi?: string | undefined;
885
+ use?: string | undefined;
886
+ x?: string | undefined;
887
+ y?: string | undefined;
888
+ x5c?: string[] | undefined;
889
+ x5t?: string | undefined;
890
+ "x5t#S256"?: string | undefined;
891
+ x5u?: string | undefined;
892
+ }[];
893
+ };
894
+ application_type?: string | undefined;
895
+ client_id?: string | undefined;
896
+ client_name?: string | undefined;
897
+ contacts?: string[] | undefined;
898
+ presentation_definition?: {
899
+ id: string;
900
+ input_descriptors: {
901
+ id: string;
902
+ constraints: {
903
+ fields?: {
904
+ path: string[];
905
+ id?: string | undefined;
906
+ purpose?: string | undefined;
907
+ name?: string | undefined;
908
+ filter?: any;
909
+ optional?: boolean | undefined;
910
+ intent_to_retain?: boolean | undefined;
911
+ }[] | undefined;
912
+ limit_disclosure?: "required" | "preferred" | undefined;
913
+ };
914
+ name?: string | undefined;
915
+ purpose?: string | undefined;
916
+ format?: Record<string, any> | undefined;
917
+ group?: string | undefined;
918
+ }[];
919
+ name?: string | undefined;
920
+ purpose?: string | undefined;
921
+ submission_requirements?: {
922
+ rule: string;
923
+ name?: string | undefined;
924
+ purpose?: string | undefined;
925
+ from?: string | undefined;
926
+ from_nested?: {
927
+ rule: string;
928
+ from: string;
929
+ name?: string | undefined;
930
+ purpose?: string | undefined;
931
+ }[] | undefined;
932
+ count?: number | undefined;
933
+ }[] | undefined;
934
+ } | undefined;
935
+ request_uris?: string[] | undefined;
936
+ authorization_signed_response_alg?: string | undefined;
937
+ authorization_encrypted_response_alg?: string | undefined;
938
+ authorization_encrypted_response_enc?: string | undefined;
939
+ } | undefined;
940
+ };
941
+ };
942
+ }) | ({
943
+ header: {
944
+ alg: string;
945
+ kid: string;
946
+ typ: "entity-statement+jwt";
947
+ };
948
+ payload: {
949
+ iss: string;
950
+ sub: string;
951
+ iat: number;
952
+ exp: number;
953
+ jwks: {
954
+ keys: {
955
+ kty: "RSA" | "EC";
956
+ alg?: string | undefined;
957
+ crv?: string | undefined;
958
+ d?: string | undefined;
959
+ dp?: string | undefined;
960
+ dq?: string | undefined;
961
+ e?: string | undefined;
962
+ ext?: boolean | undefined;
963
+ k?: string | undefined;
964
+ key_ops?: string[] | undefined;
965
+ kid?: string | undefined;
966
+ n?: string | undefined;
967
+ p?: string | undefined;
968
+ q?: string | undefined;
969
+ qi?: string | undefined;
970
+ use?: string | undefined;
971
+ x?: string | undefined;
972
+ y?: string | undefined;
973
+ x5c?: string[] | undefined;
974
+ x5t?: string | undefined;
975
+ "x5t#S256"?: string | undefined;
976
+ x5u?: string | undefined;
977
+ }[];
978
+ };
979
+ metadata: {
980
+ federation_entity: {
981
+ federation_fetch_endpoint?: string | undefined;
982
+ federation_list_endpoint?: string | undefined;
983
+ federation_resolve_endpoint?: string | undefined;
984
+ federation_trust_mark_status_endpoint?: string | undefined;
985
+ federation_trust_mark_list_endpoint?: string | undefined;
986
+ federation_trust_mark_endpoint?: string | undefined;
987
+ federation_historical_keys_endpoint?: string | undefined;
988
+ endpoint_auth_signing_alg_values_supported?: string | undefined;
989
+ organization_name?: string | undefined;
990
+ homepage_uri?: string | undefined;
991
+ policy_uri?: string | undefined;
992
+ logo_uri?: string | undefined;
993
+ contacts?: string[] | undefined;
994
+ } & {
995
+ [k: string]: unknown;
996
+ };
997
+ } & {
998
+ [k: string]: unknown;
999
+ };
1000
+ authority_hints?: string[] | undefined;
1001
+ } & {
1002
+ [k: string]: unknown;
1003
+ };
1004
+ } & {
1005
+ payload: {
1006
+ metadata: {
1007
+ openid_credential_verifier: {
1008
+ jwks: {
1009
+ keys: {
1010
+ kty: "RSA" | "EC";
1011
+ alg?: string | undefined;
1012
+ crv?: string | undefined;
1013
+ d?: string | undefined;
1014
+ dp?: string | undefined;
1015
+ dq?: string | undefined;
1016
+ e?: string | undefined;
1017
+ ext?: boolean | undefined;
1018
+ k?: string | undefined;
1019
+ key_ops?: string[] | undefined;
1020
+ kid?: string | undefined;
1021
+ n?: string | undefined;
1022
+ p?: string | undefined;
1023
+ q?: string | undefined;
1024
+ qi?: string | undefined;
1025
+ use?: string | undefined;
1026
+ x?: string | undefined;
1027
+ y?: string | undefined;
1028
+ x5c?: string[] | undefined;
1029
+ x5t?: string | undefined;
1030
+ "x5t#S256"?: string | undefined;
1031
+ x5u?: string | undefined;
1032
+ }[];
1033
+ };
1034
+ application_type?: string | undefined;
1035
+ client_id?: string | undefined;
1036
+ client_name?: string | undefined;
1037
+ contacts?: string[] | undefined;
1038
+ presentation_definition?: {
1039
+ id: string;
1040
+ input_descriptors: {
1041
+ id: string;
1042
+ constraints: {
1043
+ fields?: {
1044
+ path: string[];
1045
+ id?: string | undefined;
1046
+ purpose?: string | undefined;
1047
+ name?: string | undefined;
1048
+ filter?: any;
1049
+ optional?: boolean | undefined;
1050
+ intent_to_retain?: boolean | undefined;
1051
+ }[] | undefined;
1052
+ limit_disclosure?: "required" | "preferred" | undefined;
1053
+ };
1054
+ name?: string | undefined;
1055
+ purpose?: string | undefined;
1056
+ format?: Record<string, any> | undefined;
1057
+ group?: string | undefined;
1058
+ }[];
1059
+ name?: string | undefined;
1060
+ purpose?: string | undefined;
1061
+ submission_requirements?: {
1062
+ rule: string;
1063
+ name?: string | undefined;
1064
+ purpose?: string | undefined;
1065
+ from?: string | undefined;
1066
+ from_nested?: {
1067
+ rule: string;
1068
+ from: string;
1069
+ name?: string | undefined;
1070
+ purpose?: string | undefined;
1071
+ }[] | undefined;
1072
+ count?: number | undefined;
1073
+ }[] | undefined;
1074
+ } | undefined;
1075
+ request_uris?: string[] | undefined;
1076
+ authorization_signed_response_alg?: string | undefined;
1077
+ authorization_encrypted_response_alg?: string | undefined;
1078
+ authorization_encrypted_response_enc?: string | undefined;
1079
+ };
1080
+ };
1081
+ };
1082
+ }) | ({
1083
+ header: {
1084
+ alg: string;
1085
+ kid: string;
1086
+ typ: "entity-statement+jwt";
1087
+ };
1088
+ payload: {
1089
+ iss: string;
1090
+ sub: string;
1091
+ iat: number;
1092
+ exp: number;
1093
+ jwks: {
1094
+ keys: {
1095
+ kty: "RSA" | "EC";
1096
+ alg?: string | undefined;
1097
+ crv?: string | undefined;
1098
+ d?: string | undefined;
1099
+ dp?: string | undefined;
1100
+ dq?: string | undefined;
1101
+ e?: string | undefined;
1102
+ ext?: boolean | undefined;
1103
+ k?: string | undefined;
1104
+ key_ops?: string[] | undefined;
1105
+ kid?: string | undefined;
1106
+ n?: string | undefined;
1107
+ p?: string | undefined;
1108
+ q?: string | undefined;
1109
+ qi?: string | undefined;
1110
+ use?: string | undefined;
1111
+ x?: string | undefined;
1112
+ y?: string | undefined;
1113
+ x5c?: string[] | undefined;
1114
+ x5t?: string | undefined;
1115
+ "x5t#S256"?: string | undefined;
1116
+ x5u?: string | undefined;
1117
+ }[];
1118
+ };
1119
+ metadata: {
1120
+ federation_entity: {
1121
+ federation_fetch_endpoint?: string | undefined;
1122
+ federation_list_endpoint?: string | undefined;
1123
+ federation_resolve_endpoint?: string | undefined;
1124
+ federation_trust_mark_status_endpoint?: string | undefined;
1125
+ federation_trust_mark_list_endpoint?: string | undefined;
1126
+ federation_trust_mark_endpoint?: string | undefined;
1127
+ federation_historical_keys_endpoint?: string | undefined;
1128
+ endpoint_auth_signing_alg_values_supported?: string | undefined;
1129
+ organization_name?: string | undefined;
1130
+ homepage_uri?: string | undefined;
1131
+ policy_uri?: string | undefined;
1132
+ logo_uri?: string | undefined;
1133
+ contacts?: string[] | undefined;
1134
+ } & {
1135
+ [k: string]: unknown;
1136
+ };
1137
+ } & {
1138
+ [k: string]: unknown;
1139
+ };
1140
+ authority_hints?: string[] | undefined;
1141
+ } & {
1142
+ [k: string]: unknown;
1143
+ };
1144
+ } & {
1145
+ payload: {
1146
+ metadata: {
1147
+ wallet_provider: {
1148
+ jwks: {
1149
+ keys: {
1150
+ kty: "RSA" | "EC";
1151
+ alg?: string | undefined;
1152
+ crv?: string | undefined;
1153
+ d?: string | undefined;
1154
+ dp?: string | undefined;
1155
+ dq?: string | undefined;
1156
+ e?: string | undefined;
1157
+ ext?: boolean | undefined;
1158
+ k?: string | undefined;
1159
+ key_ops?: string[] | undefined;
1160
+ kid?: string | undefined;
1161
+ n?: string | undefined;
1162
+ p?: string | undefined;
1163
+ q?: string | undefined;
1164
+ qi?: string | undefined;
1165
+ use?: string | undefined;
1166
+ x?: string | undefined;
1167
+ y?: string | undefined;
1168
+ x5c?: string[] | undefined;
1169
+ x5t?: string | undefined;
1170
+ "x5t#S256"?: string | undefined;
1171
+ x5u?: string | undefined;
1172
+ }[];
1173
+ };
1174
+ token_endpoint: string;
1175
+ grant_types_supported: string[];
1176
+ token_endpoint_auth_methods_supported: string[];
1177
+ token_endpoint_auth_signing_alg_values_supported: string[];
1178
+ aal_values_supported?: string[] | undefined;
1179
+ } & {
1180
+ [k: string]: unknown;
1181
+ };
1182
+ };
1183
+ };
1184
+ })>;
1185
+ /**
1186
+ * Fetch and parse the entity statement document for a given federation entity.
1187
+ *
1188
+ * @param accreditationBodyBaseUrl The base url of the accreditation body which holds and signs the required entity statement
1189
+ * @param subordinatedEntityBaseUrl The url that identifies the subordinate entity
1190
+ * @param appFetch An optional instance of the http client to be used.
1191
+ * @returns The parsed entity configuration object
1192
+ * @throws {IoWalletError} If the http request fails
1193
+ */
1194
+ export declare function getEntityStatement(accreditationBodyBaseUrl: string, subordinatedEntityBaseUrl: string, { appFetch, }?: {
1195
+ appFetch?: GlobalFetch["fetch"];
1196
+ }): Promise<{
1197
+ header: {
1198
+ alg: string;
1199
+ kid: string;
1200
+ typ: "entity-statement+jwt";
1201
+ };
1202
+ payload: {
1203
+ iss: string;
1204
+ sub: string;
1205
+ iat: number;
1206
+ exp: number;
1207
+ jwks: {
1208
+ keys: {
1209
+ kty: "RSA" | "EC";
1210
+ alg?: string | undefined;
1211
+ crv?: string | undefined;
1212
+ d?: string | undefined;
1213
+ dp?: string | undefined;
1214
+ dq?: string | undefined;
1215
+ e?: string | undefined;
1216
+ ext?: boolean | undefined;
1217
+ k?: string | undefined;
1218
+ key_ops?: string[] | undefined;
1219
+ kid?: string | undefined;
1220
+ n?: string | undefined;
1221
+ p?: string | undefined;
1222
+ q?: string | undefined;
1223
+ qi?: string | undefined;
1224
+ use?: string | undefined;
1225
+ x?: string | undefined;
1226
+ y?: string | undefined;
1227
+ x5c?: string[] | undefined;
1228
+ x5t?: string | undefined;
1229
+ "x5t#S256"?: string | undefined;
1230
+ x5u?: string | undefined;
1231
+ }[];
1232
+ };
1233
+ trust_marks?: {
1234
+ id: string;
1235
+ trust_mark: string;
1236
+ }[] | undefined;
1237
+ };
1238
+ }>;
1239
+ /**
1240
+ * Fetch the signed entity configuration token for an entity
1241
+ *
1242
+ * @param entityBaseUrl The url of the entity to fetch
1243
+ * @param appFetch (optional) fetch api implementation
1244
+ * @returns The signed Entity Configuration token
1245
+ */
1246
+ export declare function getSignedEntityConfiguration(entityBaseUrl: string, { appFetch, }?: {
1247
+ appFetch?: GlobalFetch["fetch"];
1248
+ }): Promise<string>;
1249
+ /**
1250
+ * Fetch the entity statement document for a given federation entity.
1251
+ *
1252
+ * @param federationFetchEndpoint The exact endpoint provided by the parent EC's metadata.
1253
+ * @param subordinatedEntityBaseUrl The url that identifies the subordinate entity.
1254
+ * @param appFetch An optional instance of the http client to be used.
1255
+ * @returns The signed entity statement token.
1256
+ * @throws {IoWalletError} If the http request fails.
1257
+ */
1258
+ export declare function getSignedEntityStatement(federationFetchEndpoint: string, subordinatedEntityBaseUrl: string, { appFetch, }?: {
1259
+ appFetch?: GlobalFetch["fetch"];
1260
+ }): Promise<string>;
1261
+ /**
1262
+ * Fetch the federation list document from a given endpoint.
1263
+ *
1264
+ * @param federationListEndpoint The URL of the federation list endpoint.
1265
+ * @param appFetch An optional instance of the http client to be used.
1266
+ * @returns The federation list as an array of strings.
1267
+ * @throws {IoWalletError} If the HTTP request fails.
1268
+ * @throws {FederationError} If the result is not in the expected format.
1269
+ */
1270
+ export declare function getFederationList(federationListEndpoint: string, { appFetch, }?: {
1271
+ appFetch?: GlobalFetch["fetch"];
1272
+ }): Promise<string[]>;
1273
+ /**
1274
+ * Build a not-verified trust chain for a given Relying Party (RP) entity.
1275
+ *
1276
+ * @param relyingPartyEntityBaseUrl The base URL of the RP entity
1277
+ * @param trustAnchorKey The public key of the Trust Anchor (TA) entity
1278
+ * @param appFetch An optional instance of the http client to be used.
1279
+ * @returns A list of signed tokens that represent the trust chain, in the order of the chain (from the RP to the Trust Anchor)
1280
+ * @throws {FederationError} When an element of the chain fails to parse or other build steps fail.
1281
+ */
1282
+ export declare function buildTrustChain(relyingPartyEntityBaseUrl: string, trustAnchorKey: JWK, appFetch?: GlobalFetch["fetch"]): Promise<string[]>;
1283
+ export {};
1284
+ //# sourceMappingURL=build-chain.d.ts.map