@pagopa/io-react-native-wallet 2.0.0-next.1 → 2.0.0-next.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (174) hide show
  1. package/lib/commonjs/credential/issuance/02-evaluate-issuer-trust.js +2 -2
  2. package/lib/commonjs/credential/issuance/02-evaluate-issuer-trust.js.map +1 -1
  3. package/lib/commonjs/credential/issuance/03-start-user-authorization.js +38 -24
  4. package/lib/commonjs/credential/issuance/03-start-user-authorization.js.map +1 -1
  5. package/lib/commonjs/credential/issuance/05-authorize-access.js +6 -10
  6. package/lib/commonjs/credential/issuance/05-authorize-access.js.map +1 -1
  7. package/lib/commonjs/credential/issuance/06-obtain-credential.js +43 -11
  8. package/lib/commonjs/credential/issuance/06-obtain-credential.js.map +1 -1
  9. package/lib/commonjs/credential/issuance/07-verify-and-parse-credential.js +51 -48
  10. package/lib/commonjs/credential/issuance/07-verify-and-parse-credential.js.map +1 -1
  11. package/lib/commonjs/credential/issuance/README.md +34 -13
  12. package/lib/commonjs/credential/issuance/const.js +1 -1
  13. package/lib/commonjs/credential/issuance/types.js +16 -10
  14. package/lib/commonjs/credential/issuance/types.js.map +1 -1
  15. package/lib/commonjs/credential/presentation/02-evaluate-rp-trust.js +2 -2
  16. package/lib/commonjs/credential/presentation/02-evaluate-rp-trust.js.map +1 -1
  17. package/lib/commonjs/credential/presentation/05-verify-request-object.js.map +1 -1
  18. package/lib/commonjs/credential/presentation/07-evaluate-dcql-query.js +4 -4
  19. package/lib/commonjs/credential/presentation/07-evaluate-input-descriptor.js +3 -3
  20. package/lib/commonjs/credential/presentation/08-send-authorization-response.js.map +1 -1
  21. package/lib/commonjs/credential/status/README.md +0 -1
  22. package/lib/commonjs/sd-jwt/__test__/index.test.js +11 -15
  23. package/lib/commonjs/sd-jwt/__test__/index.test.js.map +1 -1
  24. package/lib/commonjs/sd-jwt/__test__/types.test.js +5 -2
  25. package/lib/commonjs/sd-jwt/__test__/types.test.js.map +1 -1
  26. package/lib/commonjs/sd-jwt/__test__/utils.test.js +37 -0
  27. package/lib/commonjs/sd-jwt/__test__/utils.test.js.map +1 -0
  28. package/lib/commonjs/sd-jwt/index.js +20 -0
  29. package/lib/commonjs/sd-jwt/index.js.map +1 -1
  30. package/lib/commonjs/sd-jwt/types.js +51 -4
  31. package/lib/commonjs/sd-jwt/types.js.map +1 -1
  32. package/lib/commonjs/sd-jwt/utils.js +64 -0
  33. package/lib/commonjs/sd-jwt/utils.js.map +1 -0
  34. package/lib/commonjs/trust/build-chain.js +252 -0
  35. package/lib/commonjs/trust/build-chain.js.map +1 -0
  36. package/lib/commonjs/trust/index.js +11 -282
  37. package/lib/commonjs/trust/index.js.map +1 -1
  38. package/lib/commonjs/trust/types.js +18 -13
  39. package/lib/commonjs/trust/types.js.map +1 -1
  40. package/lib/commonjs/trust/{chain.js → verify-chain.js} +40 -5
  41. package/lib/commonjs/trust/verify-chain.js.map +1 -0
  42. package/lib/commonjs/utils/errors.js.map +1 -1
  43. package/lib/commonjs/utils/par.js +32 -22
  44. package/lib/commonjs/utils/par.js.map +1 -1
  45. package/lib/commonjs/utils/pop.js +1 -1
  46. package/lib/commonjs/utils/pop.js.map +1 -1
  47. package/lib/commonjs/wallet-instance-attestation/types.js +5 -1
  48. package/lib/commonjs/wallet-instance-attestation/types.js.map +1 -1
  49. package/lib/module/credential/issuance/02-evaluate-issuer-trust.js +1 -1
  50. package/lib/module/credential/issuance/02-evaluate-issuer-trust.js.map +1 -1
  51. package/lib/module/credential/issuance/03-start-user-authorization.js +38 -24
  52. package/lib/module/credential/issuance/03-start-user-authorization.js.map +1 -1
  53. package/lib/module/credential/issuance/05-authorize-access.js +6 -10
  54. package/lib/module/credential/issuance/05-authorize-access.js.map +1 -1
  55. package/lib/module/credential/issuance/06-obtain-credential.js +44 -12
  56. package/lib/module/credential/issuance/06-obtain-credential.js.map +1 -1
  57. package/lib/module/credential/issuance/07-verify-and-parse-credential.js +51 -48
  58. package/lib/module/credential/issuance/07-verify-and-parse-credential.js.map +1 -1
  59. package/lib/module/credential/issuance/README.md +34 -13
  60. package/lib/module/credential/issuance/const.js +1 -1
  61. package/lib/module/credential/issuance/types.js +12 -8
  62. package/lib/module/credential/issuance/types.js.map +1 -1
  63. package/lib/module/credential/presentation/02-evaluate-rp-trust.js +1 -1
  64. package/lib/module/credential/presentation/02-evaluate-rp-trust.js.map +1 -1
  65. package/lib/module/credential/presentation/05-verify-request-object.js.map +1 -1
  66. package/lib/module/credential/presentation/07-evaluate-dcql-query.js +4 -4
  67. package/lib/module/credential/presentation/07-evaluate-input-descriptor.js +3 -3
  68. package/lib/module/credential/presentation/08-send-authorization-response.js +1 -1
  69. package/lib/module/credential/presentation/08-send-authorization-response.js.map +1 -1
  70. package/lib/module/credential/status/README.md +0 -1
  71. package/lib/module/sd-jwt/__test__/index.test.js +11 -16
  72. package/lib/module/sd-jwt/__test__/index.test.js.map +1 -1
  73. package/lib/module/sd-jwt/__test__/types.test.js +5 -2
  74. package/lib/module/sd-jwt/__test__/types.test.js.map +1 -1
  75. package/lib/module/sd-jwt/__test__/utils.test.js +35 -0
  76. package/lib/module/sd-jwt/__test__/utils.test.js.map +1 -0
  77. package/lib/module/sd-jwt/index.js +1 -0
  78. package/lib/module/sd-jwt/index.js.map +1 -1
  79. package/lib/module/sd-jwt/types.js +50 -3
  80. package/lib/module/sd-jwt/types.js.map +1 -1
  81. package/lib/module/sd-jwt/utils.js +57 -0
  82. package/lib/module/sd-jwt/utils.js.map +1 -0
  83. package/lib/module/trust/build-chain.js +235 -0
  84. package/lib/module/trust/build-chain.js.map +1 -0
  85. package/lib/module/trust/index.js +5 -268
  86. package/lib/module/trust/index.js.map +1 -1
  87. package/lib/module/trust/types.js +18 -13
  88. package/lib/module/trust/types.js.map +1 -1
  89. package/lib/module/trust/{chain.js → verify-chain.js} +36 -2
  90. package/lib/module/trust/verify-chain.js.map +1 -0
  91. package/lib/module/utils/errors.js +1 -1
  92. package/lib/module/utils/errors.js.map +1 -1
  93. package/lib/module/utils/par.js +29 -20
  94. package/lib/module/utils/par.js.map +1 -1
  95. package/lib/module/utils/pop.js +1 -1
  96. package/lib/module/utils/pop.js.map +1 -1
  97. package/lib/module/wallet-instance-attestation/types.js +5 -1
  98. package/lib/module/wallet-instance-attestation/types.js.map +1 -1
  99. package/lib/typescript/client/generated/wallet-provider.d.ts +12 -12
  100. package/lib/typescript/credential/issuance/01-start-flow.d.ts +2 -2
  101. package/lib/typescript/credential/issuance/01-start-flow.d.ts.map +1 -1
  102. package/lib/typescript/credential/issuance/02-evaluate-issuer-trust.d.ts.map +1 -1
  103. package/lib/typescript/credential/issuance/03-start-user-authorization.d.ts +7 -6
  104. package/lib/typescript/credential/issuance/03-start-user-authorization.d.ts.map +1 -1
  105. package/lib/typescript/credential/issuance/05-authorize-access.d.ts.map +1 -1
  106. package/lib/typescript/credential/issuance/06-obtain-credential.d.ts +10 -5
  107. package/lib/typescript/credential/issuance/06-obtain-credential.d.ts.map +1 -1
  108. package/lib/typescript/credential/issuance/07-verify-and-parse-credential.d.ts +3 -2
  109. package/lib/typescript/credential/issuance/07-verify-and-parse-credential.d.ts.map +1 -1
  110. package/lib/typescript/credential/issuance/const.d.ts +1 -1
  111. package/lib/typescript/credential/issuance/types.d.ts +46 -26
  112. package/lib/typescript/credential/issuance/types.d.ts.map +1 -1
  113. package/lib/typescript/credential/presentation/02-evaluate-rp-trust.d.ts.map +1 -1
  114. package/lib/typescript/credential/presentation/05-verify-request-object.d.ts +1 -1
  115. package/lib/typescript/credential/presentation/05-verify-request-object.d.ts.map +1 -1
  116. package/lib/typescript/credential/presentation/08-send-authorization-response.d.ts +2 -2
  117. package/lib/typescript/credential/presentation/08-send-authorization-response.d.ts.map +1 -1
  118. package/lib/typescript/credential/presentation/types.d.ts +4 -4
  119. package/lib/typescript/pid/sd-jwt/types.d.ts +7 -7
  120. package/lib/typescript/sd-jwt/__test__/utils.test.d.ts +2 -0
  121. package/lib/typescript/sd-jwt/__test__/utils.test.d.ts.map +1 -0
  122. package/lib/typescript/sd-jwt/index.d.ts +21 -8
  123. package/lib/typescript/sd-jwt/index.d.ts.map +1 -1
  124. package/lib/typescript/sd-jwt/types.d.ts +194 -12
  125. package/lib/typescript/sd-jwt/types.d.ts.map +1 -1
  126. package/lib/typescript/sd-jwt/utils.d.ts +18 -0
  127. package/lib/typescript/sd-jwt/utils.d.ts.map +1 -0
  128. package/lib/typescript/trust/build-chain.d.ts +1300 -0
  129. package/lib/typescript/trust/build-chain.d.ts.map +1 -0
  130. package/lib/typescript/trust/index.d.ts +5 -1301
  131. package/lib/typescript/trust/index.d.ts.map +1 -1
  132. package/lib/typescript/trust/types.d.ts +788 -624
  133. package/lib/typescript/trust/types.d.ts.map +1 -1
  134. package/lib/typescript/trust/{chain.d.ts → verify-chain.d.ts} +17 -1
  135. package/lib/typescript/trust/verify-chain.d.ts.map +1 -0
  136. package/lib/typescript/utils/errors.d.ts +2 -2
  137. package/lib/typescript/utils/errors.d.ts.map +1 -1
  138. package/lib/typescript/utils/par.d.ts +29 -13
  139. package/lib/typescript/utils/par.d.ts.map +1 -1
  140. package/lib/typescript/wallet-instance-attestation/types.d.ts +9 -9
  141. package/lib/typescript/wallet-instance-attestation/types.d.ts.map +1 -1
  142. package/package.json +1 -1
  143. package/src/credential/issuance/01-start-flow.ts +2 -2
  144. package/src/credential/issuance/02-evaluate-issuer-trust.ts +1 -1
  145. package/src/credential/issuance/03-start-user-authorization.ts +57 -38
  146. package/src/credential/issuance/05-authorize-access.ts +5 -11
  147. package/src/credential/issuance/06-obtain-credential.ts +53 -23
  148. package/src/credential/issuance/07-verify-and-parse-credential.ts +54 -62
  149. package/src/credential/issuance/README.md +34 -13
  150. package/src/credential/issuance/const.ts +1 -1
  151. package/src/credential/issuance/types.ts +18 -8
  152. package/src/credential/presentation/02-evaluate-rp-trust.ts +1 -1
  153. package/src/credential/presentation/05-verify-request-object.ts +1 -1
  154. package/src/credential/presentation/07-evaluate-dcql-query.ts +4 -4
  155. package/src/credential/presentation/07-evaluate-input-descriptor.ts +3 -3
  156. package/src/credential/presentation/08-send-authorization-response.ts +4 -4
  157. package/src/credential/status/README.md +0 -1
  158. package/src/sd-jwt/__test__/index.test.ts +8 -29
  159. package/src/sd-jwt/__test__/types.test.ts +6 -2
  160. package/src/sd-jwt/__test__/utils.test.ts +37 -0
  161. package/src/sd-jwt/index.ts +2 -0
  162. package/src/sd-jwt/types.ts +49 -2
  163. package/src/sd-jwt/utils.ts +73 -0
  164. package/src/trust/build-chain.ts +395 -0
  165. package/src/trust/index.ts +5 -442
  166. package/src/trust/types.ts +23 -17
  167. package/src/trust/{chain.ts → verify-chain.ts} +41 -1
  168. package/src/utils/errors.ts +4 -4
  169. package/src/utils/par.ts +37 -21
  170. package/src/utils/pop.ts +1 -1
  171. package/src/wallet-instance-attestation/types.ts +3 -1
  172. package/lib/commonjs/trust/chain.js.map +0 -1
  173. package/lib/module/trust/chain.js.map +0 -1
  174. package/lib/typescript/trust/chain.d.ts.map +0 -1
package/lib/typescript/trust/build-chain.d.ts ADDED
@@ -0,0 +1,1300 @@
1
+ import type { JWK } from "../utils/jwk";
2
+ import { CredentialIssuerEntityConfiguration, EntityConfiguration, RelyingPartyEntityConfiguration, TrustAnchorEntityConfiguration, WalletProviderEntityConfiguration } from "./types";
3
+ /**
4
+ * Fetch and parse the entity configuration document for a given federation entity.
5
+ * This is an inner method to serve public interfaces.
6
+ *
7
+ * To add another entity configuration type (example: Foo entity type):
8
+ * - create its zod schema and type by inherit from the base type (example: FooEntityConfiguration = BaseEntityConfiguration.and(...))
9
+ * - add such type to EntityConfiguration union
10
+ * - add an overload to this function
11
+ * - create a public function which use such type (example: getFooEntityConfiguration = (url, options) => Promise<FooEntityConfiguration>)
12
+ *
13
+ * @param entityBaseUrl The base url of the entity.
14
+ * @param schema The expected schema of the entity configuration, according to the kind of entity we are fetching from.
15
+ * @param options An optional object with additional options.
16
+ * @param options.appFetch An optional instance of the http client to be used.
17
+ * @returns The parsed entity configuration object
18
+ * @throws {IoWalletError} If the http request fails
19
+ * @throws Parse error if the document is not in the expected shape.
20
+ */
21
+ declare function fetchAndParseEntityConfiguration(entityBaseUrl: string, schema: typeof WalletProviderEntityConfiguration, options?: {
22
+ appFetch?: GlobalFetch["fetch"];
23
+ }): Promise<WalletProviderEntityConfiguration>;
24
+ declare function fetchAndParseEntityConfiguration(entityBaseUrl: string, schema: typeof RelyingPartyEntityConfiguration, options?: {
25
+ appFetch?: GlobalFetch["fetch"];
26
+ }): Promise<RelyingPartyEntityConfiguration>;
27
+ declare function fetchAndParseEntityConfiguration(entityBaseUrl: string, schema: typeof TrustAnchorEntityConfiguration, options?: {
28
+ appFetch?: GlobalFetch["fetch"];
29
+ }): Promise<TrustAnchorEntityConfiguration>;
30
+ declare function fetchAndParseEntityConfiguration(entityBaseUrl: string, schema: typeof CredentialIssuerEntityConfiguration, options?: {
31
+ appFetch?: GlobalFetch["fetch"];
32
+ }): Promise<CredentialIssuerEntityConfiguration>;
33
+ declare function fetchAndParseEntityConfiguration(entityBaseUrl: string, schema: typeof EntityConfiguration, options?: {
34
+ appFetch?: GlobalFetch["fetch"];
35
+ }): Promise<EntityConfiguration>;
36
+ export declare const getWalletProviderEntityConfiguration: (entityBaseUrl: Parameters<typeof fetchAndParseEntityConfiguration>[0], options?: Parameters<typeof fetchAndParseEntityConfiguration>[2]) => Promise<{
37
+ header: {
38
+ alg: string;
39
+ kid: string;
40
+ typ: "entity-statement+jwt";
41
+ };
42
+ payload: {
43
+ iss: string;
44
+ sub: string;
45
+ iat: number;
46
+ exp: number;
47
+ jwks: {
48
+ keys: {
49
+ kty: "RSA" | "EC";
50
+ alg?: string | undefined;
51
+ crv?: string | undefined;
52
+ d?: string | undefined;
53
+ dp?: string | undefined;
54
+ dq?: string | undefined;
55
+ e?: string | undefined;
56
+ ext?: boolean | undefined;
57
+ k?: string | undefined;
58
+ key_ops?: string[] | undefined;
59
+ kid?: string | undefined;
60
+ n?: string | undefined;
61
+ p?: string | undefined;
62
+ q?: string | undefined;
63
+ qi?: string | undefined;
64
+ use?: string | undefined;
65
+ x?: string | undefined;
66
+ y?: string | undefined;
67
+ x5c?: string[] | undefined;
68
+ x5t?: string | undefined;
69
+ "x5t#S256"?: string | undefined;
70
+ x5u?: string | undefined;
71
+ }[];
72
+ };
73
+ metadata: {
74
+ federation_entity: {
75
+ federation_fetch_endpoint?: string | undefined;
76
+ federation_list_endpoint?: string | undefined;
77
+ federation_resolve_endpoint?: string | undefined;
78
+ federation_trust_mark_status_endpoint?: string | undefined;
79
+ federation_trust_mark_list_endpoint?: string | undefined;
80
+ federation_trust_mark_endpoint?: string | undefined;
81
+ federation_historical_keys_endpoint?: string | undefined;
82
+ endpoint_auth_signing_alg_values_supported?: string | undefined;
83
+ organization_name?: string | undefined;
84
+ homepage_uri?: string | undefined;
85
+ policy_uri?: string | undefined;
86
+ logo_uri?: string | undefined;
87
+ contacts?: string[] | undefined;
88
+ } & {
89
+ [k: string]: unknown;
90
+ };
91
+ } & {
92
+ [k: string]: unknown;
93
+ };
94
+ authority_hints?: string[] | undefined;
95
+ } & {
96
+ [k: string]: unknown;
97
+ };
98
+ } & {
99
+ payload: {
100
+ metadata: {
101
+ wallet_provider: {
102
+ jwks: {
103
+ keys: {
104
+ kty: "RSA" | "EC";
105
+ alg?: string | undefined;
106
+ crv?: string | undefined;
107
+ d?: string | undefined;
108
+ dp?: string | undefined;
109
+ dq?: string | undefined;
110
+ e?: string | undefined;
111
+ ext?: boolean | undefined;
112
+ k?: string | undefined;
113
+ key_ops?: string[] | undefined;
114
+ kid?: string | undefined;
115
+ n?: string | undefined;
116
+ p?: string | undefined;
117
+ q?: string | undefined;
118
+ qi?: string | undefined;
119
+ use?: string | undefined;
120
+ x?: string | undefined;
121
+ y?: string | undefined;
122
+ x5c?: string[] | undefined;
123
+ x5t?: string | undefined;
124
+ "x5t#S256"?: string | undefined;
125
+ x5u?: string | undefined;
126
+ }[];
127
+ };
128
+ token_endpoint: string;
129
+ grant_types_supported: string[];
130
+ token_endpoint_auth_methods_supported: string[];
131
+ token_endpoint_auth_signing_alg_values_supported: string[];
132
+ aal_values_supported?: string[] | undefined;
133
+ } & {
134
+ [k: string]: unknown;
135
+ };
136
+ };
137
+ };
138
+ }>;
139
+ export declare const getCredentialIssuerEntityConfiguration: (entityBaseUrl: Parameters<typeof fetchAndParseEntityConfiguration>[0], options?: Parameters<typeof fetchAndParseEntityConfiguration>[2]) => Promise<{
140
+ header: {
141
+ alg: string;
142
+ kid: string;
143
+ typ: "entity-statement+jwt";
144
+ };
145
+ payload: {
146
+ iss: string;
147
+ sub: string;
148
+ iat: number;
149
+ exp: number;
150
+ jwks: {
151
+ keys: {
152
+ kty: "RSA" | "EC";
153
+ alg?: string | undefined;
154
+ crv?: string | undefined;
155
+ d?: string | undefined;
156
+ dp?: string | undefined;
157
+ dq?: string | undefined;
158
+ e?: string | undefined;
159
+ ext?: boolean | undefined;
160
+ k?: string | undefined;
161
+ key_ops?: string[] | undefined;
162
+ kid?: string | undefined;
163
+ n?: string | undefined;
164
+ p?: string | undefined;
165
+ q?: string | undefined;
166
+ qi?: string | undefined;
167
+ use?: string | undefined;
168
+ x?: string | undefined;
169
+ y?: string | undefined;
170
+ x5c?: string[] | undefined;
171
+ x5t?: string | undefined;
172
+ "x5t#S256"?: string | undefined;
173
+ x5u?: string | undefined;
174
+ }[];
175
+ };
176
+ metadata: {
177
+ federation_entity: {
178
+ federation_fetch_endpoint?: string | undefined;
179
+ federation_list_endpoint?: string | undefined;
180
+ federation_resolve_endpoint?: string | undefined;
181
+ federation_trust_mark_status_endpoint?: string | undefined;
182
+ federation_trust_mark_list_endpoint?: string | undefined;
183
+ federation_trust_mark_endpoint?: string | undefined;
184
+ federation_historical_keys_endpoint?: string | undefined;
185
+ endpoint_auth_signing_alg_values_supported?: string | undefined;
186
+ organization_name?: string | undefined;
187
+ homepage_uri?: string | undefined;
188
+ policy_uri?: string | undefined;
189
+ logo_uri?: string | undefined;
190
+ contacts?: string[] | undefined;
191
+ } & {
192
+ [k: string]: unknown;
193
+ };
194
+ } & {
195
+ [k: string]: unknown;
196
+ };
197
+ authority_hints?: string[] | undefined;
198
+ } & {
199
+ [k: string]: unknown;
200
+ };
201
+ } & {
202
+ payload: {
203
+ jwks: {
204
+ keys: {
205
+ kty: "RSA" | "EC";
206
+ alg?: string | undefined;
207
+ crv?: string | undefined;
208
+ d?: string | undefined;
209
+ dp?: string | undefined;
210
+ dq?: string | undefined;
211
+ e?: string | undefined;
212
+ ext?: boolean | undefined;
213
+ k?: string | undefined;
214
+ key_ops?: string[] | undefined;
215
+ kid?: string | undefined;
216
+ n?: string | undefined;
217
+ p?: string | undefined;
218
+ q?: string | undefined;
219
+ qi?: string | undefined;
220
+ use?: string | undefined;
221
+ x?: string | undefined;
222
+ y?: string | undefined;
223
+ x5c?: string[] | undefined;
224
+ x5t?: string | undefined;
225
+ "x5t#S256"?: string | undefined;
226
+ x5u?: string | undefined;
227
+ }[];
228
+ };
229
+ metadata: {
230
+ openid_credential_issuer: {
231
+ jwks: {
232
+ keys: {
233
+ kty: "RSA" | "EC";
234
+ alg?: string | undefined;
235
+ crv?: string | undefined;
236
+ d?: string | undefined;
237
+ dp?: string | undefined;
238
+ dq?: string | undefined;
239
+ e?: string | undefined;
240
+ ext?: boolean | undefined;
241
+ k?: string | undefined;
242
+ key_ops?: string[] | undefined;
243
+ kid?: string | undefined;
244
+ n?: string | undefined;
245
+ p?: string | undefined;
246
+ q?: string | undefined;
247
+ qi?: string | undefined;
248
+ use?: string | undefined;
249
+ x?: string | undefined;
250
+ y?: string | undefined;
251
+ x5c?: string[] | undefined;
252
+ x5t?: string | undefined;
253
+ "x5t#S256"?: string | undefined;
254
+ x5u?: string | undefined;
255
+ }[];
256
+ };
257
+ display: {
258
+ name: string;
259
+ locale: string;
260
+ }[];
261
+ credential_issuer: string;
262
+ credential_endpoint: string;
263
+ nonce_endpoint: string;
264
+ status_attestation_endpoint: string;
265
+ credential_configurations_supported: Record<string, ({
266
+ vct: string;
267
+ format: "dc+sd-jwt";
268
+ } | {
269
+ format: "mso_mdoc";
270
+ doctype: string;
271
+ }) & {
272
+ scope: string;
273
+ display: {
274
+ name: string;
275
+ locale: string;
276
+ }[];
277
+ claims: {
278
+ path: string[];
279
+ display: {
280
+ name: string;
281
+ locale: string;
282
+ }[];
283
+ }[];
284
+ cryptographic_binding_methods_supported: string[];
285
+ credential_signing_alg_values_supported: string[];
286
+ authentic_source?: string | undefined;
287
+ issuance_errors_supported?: Record<string, {
288
+ display: {
289
+ description: string;
290
+ locale: string;
291
+ title: string;
292
+ }[];
293
+ }> | undefined;
294
+ }>;
295
+ trust_frameworks_supported: string[];
296
+ evidence_supported: string[];
297
+ revocation_endpoint?: string | undefined;
298
+ };
299
+ oauth_authorization_server: {
300
+ request_object_signing_alg_values_supported: string[];
301
+ jwks: {
302
+ keys: {
303
+ kty: "RSA" | "EC";
304
+ alg?: string | undefined;
305
+ crv?: string | undefined;
306
+ d?: string | undefined;
307
+ dp?: string | undefined;
308
+ dq?: string | undefined;
309
+ e?: string | undefined;
310
+ ext?: boolean | undefined;
311
+ k?: string | undefined;
312
+ key_ops?: string[] | undefined;
313
+ kid?: string | undefined;
314
+ n?: string | undefined;
315
+ p?: string | undefined;
316
+ q?: string | undefined;
317
+ qi?: string | undefined;
318
+ use?: string | undefined;
319
+ x?: string | undefined;
320
+ y?: string | undefined;
321
+ x5c?: string[] | undefined;
322
+ x5t?: string | undefined;
323
+ "x5t#S256"?: string | undefined;
324
+ x5u?: string | undefined;
325
+ }[];
326
+ };
327
+ authorization_endpoint: string;
328
+ pushed_authorization_request_endpoint: string;
329
+ token_endpoint: string;
330
+ client_registration_types_supported: string[];
331
+ code_challenge_methods_supported: string[];
332
+ acr_values_supported: string[];
333
+ grant_types_supported: string[];
334
+ issuer: string;
335
+ scopes_supported: string[];
336
+ response_modes_supported: string[];
337
+ token_endpoint_auth_methods_supported: string[];
338
+ token_endpoint_auth_signing_alg_values_supported: string[];
339
+ };
340
+ openid_credential_verifier?: {
341
+ jwks: {
342
+ keys: {
343
+ kty: "RSA" | "EC";
344
+ alg?: string | undefined;
345
+ crv?: string | undefined;
346
+ d?: string | undefined;
347
+ dp?: string | undefined;
348
+ dq?: string | undefined;
349
+ e?: string | undefined;
350
+ ext?: boolean | undefined;
351
+ k?: string | undefined;
352
+ key_ops?: string[] | undefined;
353
+ kid?: string | undefined;
354
+ n?: string | undefined;
355
+ p?: string | undefined;
356
+ q?: string | undefined;
357
+ qi?: string | undefined;
358
+ use?: string | undefined;
359
+ x?: string | undefined;
360
+ y?: string | undefined;
361
+ x5c?: string[] | undefined;
362
+ x5t?: string | undefined;
363
+ "x5t#S256"?: string | undefined;
364
+ x5u?: string | undefined;
365
+ }[];
366
+ };
367
+ application_type?: string | undefined;
368
+ client_id?: string | undefined;
369
+ client_name?: string | undefined;
370
+ contacts?: string[] | undefined;
371
+ presentation_definition?: {
372
+ id: string;
373
+ input_descriptors: {
374
+ id: string;
375
+ constraints: {
376
+ fields?: {
377
+ path: string[];
378
+ id?: string | undefined;
379
+ purpose?: string | undefined;
380
+ name?: string | undefined;
381
+ filter?: any;
382
+ optional?: boolean | undefined;
383
+ intent_to_retain?: boolean | undefined;
384
+ }[] | undefined;
385
+ limit_disclosure?: "required" | "preferred" | undefined;
386
+ };
387
+ name?: string | undefined;
388
+ purpose?: string | undefined;
389
+ format?: Record<string, any> | undefined;
390
+ group?: string | undefined;
391
+ }[];
392
+ name?: string | undefined;
393
+ purpose?: string | undefined;
394
+ submission_requirements?: {
395
+ rule: string;
396
+ name?: string | undefined;
397
+ purpose?: string | undefined;
398
+ from?: string | undefined;
399
+ from_nested?: {
400
+ rule: string;
401
+ from: string;
402
+ name?: string | undefined;
403
+ purpose?: string | undefined;
404
+ }[] | undefined;
405
+ count?: number | undefined;
406
+ }[] | undefined;
407
+ } | undefined;
408
+ request_uris?: string[] | undefined;
409
+ authorization_signed_response_alg?: string | undefined;
410
+ authorization_encrypted_response_alg?: string | undefined;
411
+ authorization_encrypted_response_enc?: string | undefined;
412
+ } | undefined;
413
+ };
414
+ };
415
+ }>;
416
+ export declare const getTrustAnchorEntityConfiguration: (entityBaseUrl: Parameters<typeof fetchAndParseEntityConfiguration>[0], options?: Parameters<typeof fetchAndParseEntityConfiguration>[2]) => Promise<{
417
+ header: {
418
+ alg: string;
419
+ kid: string;
420
+ typ: "entity-statement+jwt";
421
+ };
422
+ payload: {
423
+ iss: string;
424
+ sub: string;
425
+ iat: number;
426
+ exp: number;
427
+ jwks: {
428
+ keys: {
429
+ kty: "RSA" | "EC";
430
+ alg?: string | undefined;
431
+ crv?: string | undefined;
432
+ d?: string | undefined;
433
+ dp?: string | undefined;
434
+ dq?: string | undefined;
435
+ e?: string | undefined;
436
+ ext?: boolean | undefined;
437
+ k?: string | undefined;
438
+ key_ops?: string[] | undefined;
439
+ kid?: string | undefined;
440
+ n?: string | undefined;
441
+ p?: string | undefined;
442
+ q?: string | undefined;
443
+ qi?: string | undefined;
444
+ use?: string | undefined;
445
+ x?: string | undefined;
446
+ y?: string | undefined;
447
+ x5c?: string[] | undefined;
448
+ x5t?: string | undefined;
449
+ "x5t#S256"?: string | undefined;
450
+ x5u?: string | undefined;
451
+ }[];
452
+ };
453
+ metadata: {
454
+ federation_entity: {
455
+ federation_fetch_endpoint?: string | undefined;
456
+ federation_list_endpoint?: string | undefined;
457
+ federation_resolve_endpoint?: string | undefined;
458
+ federation_trust_mark_status_endpoint?: string | undefined;
459
+ federation_trust_mark_list_endpoint?: string | undefined;
460
+ federation_trust_mark_endpoint?: string | undefined;
461
+ federation_historical_keys_endpoint?: string | undefined;
462
+ endpoint_auth_signing_alg_values_supported?: string | undefined;
463
+ organization_name?: string | undefined;
464
+ homepage_uri?: string | undefined;
465
+ policy_uri?: string | undefined;
466
+ logo_uri?: string | undefined;
467
+ contacts?: string[] | undefined;
468
+ } & {
469
+ [k: string]: unknown;
470
+ };
471
+ } & {
472
+ [k: string]: unknown;
473
+ };
474
+ authority_hints?: string[] | undefined;
475
+ } & {
476
+ [k: string]: unknown;
477
+ };
478
+ }>;
479
+ export declare const getRelyingPartyEntityConfiguration: (entityBaseUrl: Parameters<typeof fetchAndParseEntityConfiguration>[0], options?: Parameters<typeof fetchAndParseEntityConfiguration>[2]) => Promise<{
480
+ header: {
481
+ alg: string;
482
+ kid: string;
483
+ typ: "entity-statement+jwt";
484
+ };
485
+ payload: {
486
+ iss: string;
487
+ sub: string;
488
+ iat: number;
489
+ exp: number;
490
+ jwks: {
491
+ keys: {
492
+ kty: "RSA" | "EC";
493
+ alg?: string | undefined;
494
+ crv?: string | undefined;
495
+ d?: string | undefined;
496
+ dp?: string | undefined;
497
+ dq?: string | undefined;
498
+ e?: string | undefined;
499
+ ext?: boolean | undefined;
500
+ k?: string | undefined;
501
+ key_ops?: string[] | undefined;
502
+ kid?: string | undefined;
503
+ n?: string | undefined;
504
+ p?: string | undefined;
505
+ q?: string | undefined;
506
+ qi?: string | undefined;
507
+ use?: string | undefined;
508
+ x?: string | undefined;
509
+ y?: string | undefined;
510
+ x5c?: string[] | undefined;
511
+ x5t?: string | undefined;
512
+ "x5t#S256"?: string | undefined;
513
+ x5u?: string | undefined;
514
+ }[];
515
+ };
516
+ metadata: {
517
+ federation_entity: {
518
+ federation_fetch_endpoint?: string | undefined;
519
+ federation_list_endpoint?: string | undefined;
520
+ federation_resolve_endpoint?: string | undefined;
521
+ federation_trust_mark_status_endpoint?: string | undefined;
522
+ federation_trust_mark_list_endpoint?: string | undefined;
523
+ federation_trust_mark_endpoint?: string | undefined;
524
+ federation_historical_keys_endpoint?: string | undefined;
525
+ endpoint_auth_signing_alg_values_supported?: string | undefined;
526
+ organization_name?: string | undefined;
527
+ homepage_uri?: string | undefined;
528
+ policy_uri?: string | undefined;
529
+ logo_uri?: string | undefined;
530
+ contacts?: string[] | undefined;
531
+ } & {
532
+ [k: string]: unknown;
533
+ };
534
+ } & {
535
+ [k: string]: unknown;
536
+ };
537
+ authority_hints?: string[] | undefined;
538
+ } & {
539
+ [k: string]: unknown;
540
+ };
541
+ } & {
542
+ payload: {
543
+ metadata: {
544
+ openid_credential_verifier: {
545
+ jwks: {
546
+ keys: {
547
+ kty: "RSA" | "EC";
548
+ alg?: string | undefined;
549
+ crv?: string | undefined;
550
+ d?: string | undefined;
551
+ dp?: string | undefined;
552
+ dq?: string | undefined;
553
+ e?: string | undefined;
554
+ ext?: boolean | undefined;
555
+ k?: string | undefined;
556
+ key_ops?: string[] | undefined;
557
+ kid?: string | undefined;
558
+ n?: string | undefined;
559
+ p?: string | undefined;
560
+ q?: string | undefined;
561
+ qi?: string | undefined;
562
+ use?: string | undefined;
563
+ x?: string | undefined;
564
+ y?: string | undefined;
565
+ x5c?: string[] | undefined;
566
+ x5t?: string | undefined;
567
+ "x5t#S256"?: string | undefined;
568
+ x5u?: string | undefined;
569
+ }[];
570
+ };
571
+ application_type?: string | undefined;
572
+ client_id?: string | undefined;
573
+ client_name?: string | undefined;
574
+ contacts?: string[] | undefined;
575
+ presentation_definition?: {
576
+ id: string;
577
+ input_descriptors: {
578
+ id: string;
579
+ constraints: {
580
+ fields?: {
581
+ path: string[];
582
+ id?: string | undefined;
583
+ purpose?: string | undefined;
584
+ name?: string | undefined;
585
+ filter?: any;
586
+ optional?: boolean | undefined;
587
+ intent_to_retain?: boolean | undefined;
588
+ }[] | undefined;
589
+ limit_disclosure?: "required" | "preferred" | undefined;
590
+ };
591
+ name?: string | undefined;
592
+ purpose?: string | undefined;
593
+ format?: Record<string, any> | undefined;
594
+ group?: string | undefined;
595
+ }[];
596
+ name?: string | undefined;
597
+ purpose?: string | undefined;
598
+ submission_requirements?: {
599
+ rule: string;
600
+ name?: string | undefined;
601
+ purpose?: string | undefined;
602
+ from?: string | undefined;
603
+ from_nested?: {
604
+ rule: string;
605
+ from: string;
606
+ name?: string | undefined;
607
+ purpose?: string | undefined;
608
+ }[] | undefined;
609
+ count?: number | undefined;
610
+ }[] | undefined;
611
+ } | undefined;
612
+ request_uris?: string[] | undefined;
613
+ authorization_signed_response_alg?: string | undefined;
614
+ authorization_encrypted_response_alg?: string | undefined;
615
+ authorization_encrypted_response_enc?: string | undefined;
616
+ };
617
+ };
618
+ };
619
+ }>;
620
+ export declare const getEntityConfiguration: (entityBaseUrl: Parameters<typeof fetchAndParseEntityConfiguration>[0], options?: Parameters<typeof fetchAndParseEntityConfiguration>[2]) => Promise<{
621
+ header: {
622
+ alg: string;
623
+ kid: string;
624
+ typ: "entity-statement+jwt";
625
+ };
626
+ payload: {
627
+ iss: string;
628
+ sub: string;
629
+ iat: number;
630
+ exp: number;
631
+ jwks: {
632
+ keys: {
633
+ kty: "RSA" | "EC";
634
+ alg?: string | undefined;
635
+ crv?: string | undefined;
636
+ d?: string | undefined;
637
+ dp?: string | undefined;
638
+ dq?: string | undefined;
639
+ e?: string | undefined;
640
+ ext?: boolean | undefined;
641
+ k?: string | undefined;
642
+ key_ops?: string[] | undefined;
643
+ kid?: string | undefined;
644
+ n?: string | undefined;
645
+ p?: string | undefined;
646
+ q?: string | undefined;
647
+ qi?: string | undefined;
648
+ use?: string | undefined;
649
+ x?: string | undefined;
650
+ y?: string | undefined;
651
+ x5c?: string[] | undefined;
652
+ x5t?: string | undefined;
653
+ "x5t#S256"?: string | undefined;
654
+ x5u?: string | undefined;
655
+ }[];
656
+ };
657
+ metadata: {
658
+ federation_entity: {
659
+ federation_fetch_endpoint?: string | undefined;
660
+ federation_list_endpoint?: string | undefined;
661
+ federation_resolve_endpoint?: string | undefined;
662
+ federation_trust_mark_status_endpoint?: string | undefined;
663
+ federation_trust_mark_list_endpoint?: string | undefined;
664
+ federation_trust_mark_endpoint?: string | undefined;
665
+ federation_historical_keys_endpoint?: string | undefined;
666
+ endpoint_auth_signing_alg_values_supported?: string | undefined;
667
+ organization_name?: string | undefined;
668
+ homepage_uri?: string | undefined;
669
+ policy_uri?: string | undefined;
670
+ logo_uri?: string | undefined;
671
+ contacts?: string[] | undefined;
672
+ } & {
673
+ [k: string]: unknown;
674
+ };
675
+ } & {
676
+ [k: string]: unknown;
677
+ };
678
+ authority_hints?: string[] | undefined;
679
+ } & {
680
+ [k: string]: unknown;
681
+ };
682
+ } | ({
683
+ header: {
684
+ alg: string;
685
+ kid: string;
686
+ typ: "entity-statement+jwt";
687
+ };
688
+ payload: {
689
+ iss: string;
690
+ sub: string;
691
+ iat: number;
692
+ exp: number;
693
+ jwks: {
694
+ keys: {
695
+ kty: "RSA" | "EC";
696
+ alg?: string | undefined;
697
+ crv?: string | undefined;
698
+ d?: string | undefined;
699
+ dp?: string | undefined;
700
+ dq?: string | undefined;
701
+ e?: string | undefined;
702
+ ext?: boolean | undefined;
703
+ k?: string | undefined;
704
+ key_ops?: string[] | undefined;
705
+ kid?: string | undefined;
706
+ n?: string | undefined;
707
+ p?: string | undefined;
708
+ q?: string | undefined;
709
+ qi?: string | undefined;
710
+ use?: string | undefined;
711
+ x?: string | undefined;
712
+ y?: string | undefined;
713
+ x5c?: string[] | undefined;
714
+ x5t?: string | undefined;
715
+ "x5t#S256"?: string | undefined;
716
+ x5u?: string | undefined;
717
+ }[];
718
+ };
719
+ metadata: {
720
+ federation_entity: {
721
+ federation_fetch_endpoint?: string | undefined;
722
+ federation_list_endpoint?: string | undefined;
723
+ federation_resolve_endpoint?: string | undefined;
724
+ federation_trust_mark_status_endpoint?: string | undefined;
725
+ federation_trust_mark_list_endpoint?: string | undefined;
726
+ federation_trust_mark_endpoint?: string | undefined;
727
+ federation_historical_keys_endpoint?: string | undefined;
728
+ endpoint_auth_signing_alg_values_supported?: string | undefined;
729
+ organization_name?: string | undefined;
730
+ homepage_uri?: string | undefined;
731
+ policy_uri?: string | undefined;
732
+ logo_uri?: string | undefined;
733
+ contacts?: string[] | undefined;
734
+ } & {
735
+ [k: string]: unknown;
736
+ };
737
+ } & {
738
+ [k: string]: unknown;
739
+ };
740
+ authority_hints?: string[] | undefined;
741
+ } & {
742
+ [k: string]: unknown;
743
+ };
744
+ } & {
745
+ payload: {
746
+ jwks: {
747
+ keys: {
748
+ kty: "RSA" | "EC";
749
+ alg?: string | undefined;
750
+ crv?: string | undefined;
751
+ d?: string | undefined;
752
+ dp?: string | undefined;
753
+ dq?: string | undefined;
754
+ e?: string | undefined;
755
+ ext?: boolean | undefined;
756
+ k?: string | undefined;
757
+ key_ops?: string[] | undefined;
758
+ kid?: string | undefined;
759
+ n?: string | undefined;
760
+ p?: string | undefined;
761
+ q?: string | undefined;
762
+ qi?: string | undefined;
763
+ use?: string | undefined;
764
+ x?: string | undefined;
765
+ y?: string | undefined;
766
+ x5c?: string[] | undefined;
767
+ x5t?: string | undefined;
768
+ "x5t#S256"?: string | undefined;
769
+ x5u?: string | undefined;
770
+ }[];
771
+ };
772
+ metadata: {
773
+ openid_credential_issuer: {
774
+ jwks: {
775
+ keys: {
776
+ kty: "RSA" | "EC";
777
+ alg?: string | undefined;
778
+ crv?: string | undefined;
779
+ d?: string | undefined;
780
+ dp?: string | undefined;
781
+ dq?: string | undefined;
782
+ e?: string | undefined;
783
+ ext?: boolean | undefined;
784
+ k?: string | undefined;
785
+ key_ops?: string[] | undefined;
786
+ kid?: string | undefined;
787
+ n?: string | undefined;
788
+ p?: string | undefined;
789
+ q?: string | undefined;
790
+ qi?: string | undefined;
791
+ use?: string | undefined;
792
+ x?: string | undefined;
793
+ y?: string | undefined;
794
+ x5c?: string[] | undefined;
795
+ x5t?: string | undefined;
796
+ "x5t#S256"?: string | undefined;
797
+ x5u?: string | undefined;
798
+ }[];
799
+ };
800
+ display: {
801
+ name: string;
802
+ locale: string;
803
+ }[];
804
+ credential_issuer: string;
805
+ credential_endpoint: string;
806
+ nonce_endpoint: string;
807
+ status_attestation_endpoint: string;
808
+ credential_configurations_supported: Record<string, ({
809
+ vct: string;
810
+ format: "dc+sd-jwt";
811
+ } | {
812
+ format: "mso_mdoc";
813
+ doctype: string;
814
+ }) & {
815
+ scope: string;
816
+ display: {
817
+ name: string;
818
+ locale: string;
819
+ }[];
820
+ claims: {
821
+ path: string[];
822
+ display: {
823
+ name: string;
824
+ locale: string;
825
+ }[];
826
+ }[];
827
+ cryptographic_binding_methods_supported: string[];
828
+ credential_signing_alg_values_supported: string[];
829
+ authentic_source?: string | undefined;
830
+ issuance_errors_supported?: Record<string, {
831
+ display: {
832
+ description: string;
833
+ locale: string;
834
+ title: string;
835
+ }[];
836
+ }> | undefined;
837
+ }>;
838
+ trust_frameworks_supported: string[];
839
+ evidence_supported: string[];
840
+ revocation_endpoint?: string | undefined;
841
+ };
842
+ oauth_authorization_server: {
843
+ request_object_signing_alg_values_supported: string[];
844
+ jwks: {
845
+ keys: {
846
+ kty: "RSA" | "EC";
847
+ alg?: string | undefined;
848
+ crv?: string | undefined;
849
+ d?: string | undefined;
850
+ dp?: string | undefined;
851
+ dq?: string | undefined;
852
+ e?: string | undefined;
853
+ ext?: boolean | undefined;
854
+ k?: string | undefined;
855
+ key_ops?: string[] | undefined;
856
+ kid?: string | undefined;
857
+ n?: string | undefined;
858
+ p?: string | undefined;
859
+ q?: string | undefined;
860
+ qi?: string | undefined;
861
+ use?: string | undefined;
862
+ x?: string | undefined;
863
+ y?: string | undefined;
864
+ x5c?: string[] | undefined;
865
+ x5t?: string | undefined;
866
+ "x5t#S256"?: string | undefined;
867
+ x5u?: string | undefined;
868
+ }[];
869
+ };
870
+ authorization_endpoint: string;
871
+ pushed_authorization_request_endpoint: string;
872
+ token_endpoint: string;
873
+ client_registration_types_supported: string[];
874
+ code_challenge_methods_supported: string[];
875
+ acr_values_supported: string[];
876
+ grant_types_supported: string[];
877
+ issuer: string;
878
+ scopes_supported: string[];
879
+ response_modes_supported: string[];
880
+ token_endpoint_auth_methods_supported: string[];
881
+ token_endpoint_auth_signing_alg_values_supported: string[];
882
+ };
883
+ openid_credential_verifier?: {
884
+ jwks: {
885
+ keys: {
886
+ kty: "RSA" | "EC";
887
+ alg?: string | undefined;
888
+ crv?: string | undefined;
889
+ d?: string | undefined;
890
+ dp?: string | undefined;
891
+ dq?: string | undefined;
892
+ e?: string | undefined;
893
+ ext?: boolean | undefined;
894
+ k?: string | undefined;
895
+ key_ops?: string[] | undefined;
896
+ kid?: string | undefined;
897
+ n?: string | undefined;
898
+ p?: string | undefined;
899
+ q?: string | undefined;
900
+ qi?: string | undefined;
901
+ use?: string | undefined;
902
+ x?: string | undefined;
903
+ y?: string | undefined;
904
+ x5c?: string[] | undefined;
905
+ x5t?: string | undefined;
906
+ "x5t#S256"?: string | undefined;
907
+ x5u?: string | undefined;
908
+ }[];
909
+ };
910
+ application_type?: string | undefined;
911
+ client_id?: string | undefined;
912
+ client_name?: string | undefined;
913
+ contacts?: string[] | undefined;
914
+ presentation_definition?: {
915
+ id: string;
916
+ input_descriptors: {
917
+ id: string;
918
+ constraints: {
919
+ fields?: {
920
+ path: string[];
921
+ id?: string | undefined;
922
+ purpose?: string | undefined;
923
+ name?: string | undefined;
924
+ filter?: any;
925
+ optional?: boolean | undefined;
926
+ intent_to_retain?: boolean | undefined;
927
+ }[] | undefined;
928
+ limit_disclosure?: "required" | "preferred" | undefined;
929
+ };
930
+ name?: string | undefined;
931
+ purpose?: string | undefined;
932
+ format?: Record<string, any> | undefined;
933
+ group?: string | undefined;
934
+ }[];
935
+ name?: string | undefined;
936
+ purpose?: string | undefined;
937
+ submission_requirements?: {
938
+ rule: string;
939
+ name?: string | undefined;
940
+ purpose?: string | undefined;
941
+ from?: string | undefined;
942
+ from_nested?: {
943
+ rule: string;
944
+ from: string;
945
+ name?: string | undefined;
946
+ purpose?: string | undefined;
947
+ }[] | undefined;
948
+ count?: number | undefined;
949
+ }[] | undefined;
950
+ } | undefined;
951
+ request_uris?: string[] | undefined;
952
+ authorization_signed_response_alg?: string | undefined;
953
+ authorization_encrypted_response_alg?: string | undefined;
954
+ authorization_encrypted_response_enc?: string | undefined;
955
+ } | undefined;
956
+ };
957
+ };
958
+ }) | ({
959
+ header: {
960
+ alg: string;
961
+ kid: string;
962
+ typ: "entity-statement+jwt";
963
+ };
964
+ payload: {
965
+ iss: string;
966
+ sub: string;
967
+ iat: number;
968
+ exp: number;
969
+ jwks: {
970
+ keys: {
971
+ kty: "RSA" | "EC";
972
+ alg?: string | undefined;
973
+ crv?: string | undefined;
974
+ d?: string | undefined;
975
+ dp?: string | undefined;
976
+ dq?: string | undefined;
977
+ e?: string | undefined;
978
+ ext?: boolean | undefined;
979
+ k?: string | undefined;
980
+ key_ops?: string[] | undefined;
981
+ kid?: string | undefined;
982
+ n?: string | undefined;
983
+ p?: string | undefined;
984
+ q?: string | undefined;
985
+ qi?: string | undefined;
986
+ use?: string | undefined;
987
+ x?: string | undefined;
988
+ y?: string | undefined;
989
+ x5c?: string[] | undefined;
990
+ x5t?: string | undefined;
991
+ "x5t#S256"?: string | undefined;
992
+ x5u?: string | undefined;
993
+ }[];
994
+ };
995
+ metadata: {
996
+ federation_entity: {
997
+ federation_fetch_endpoint?: string | undefined;
998
+ federation_list_endpoint?: string | undefined;
999
+ federation_resolve_endpoint?: string | undefined;
1000
+ federation_trust_mark_status_endpoint?: string | undefined;
1001
+ federation_trust_mark_list_endpoint?: string | undefined;
1002
+ federation_trust_mark_endpoint?: string | undefined;
1003
+ federation_historical_keys_endpoint?: string | undefined;
1004
+ endpoint_auth_signing_alg_values_supported?: string | undefined;
1005
+ organization_name?: string | undefined;
1006
+ homepage_uri?: string | undefined;
1007
+ policy_uri?: string | undefined;
1008
+ logo_uri?: string | undefined;
1009
+ contacts?: string[] | undefined;
1010
+ } & {
1011
+ [k: string]: unknown;
1012
+ };
1013
+ } & {
1014
+ [k: string]: unknown;
1015
+ };
1016
+ authority_hints?: string[] | undefined;
1017
+ } & {
1018
+ [k: string]: unknown;
1019
+ };
1020
+ } & {
1021
+ payload: {
1022
+ metadata: {
1023
+ openid_credential_verifier: {
1024
+ jwks: {
1025
+ keys: {
1026
+ kty: "RSA" | "EC";
1027
+ alg?: string | undefined;
1028
+ crv?: string | undefined;
1029
+ d?: string | undefined;
1030
+ dp?: string | undefined;
1031
+ dq?: string | undefined;
1032
+ e?: string | undefined;
1033
+ ext?: boolean | undefined;
1034
+ k?: string | undefined;
1035
+ key_ops?: string[] | undefined;
1036
+ kid?: string | undefined;
1037
+ n?: string | undefined;
1038
+ p?: string | undefined;
1039
+ q?: string | undefined;
1040
+ qi?: string | undefined;
1041
+ use?: string | undefined;
1042
+ x?: string | undefined;
1043
+ y?: string | undefined;
1044
+ x5c?: string[] | undefined;
1045
+ x5t?: string | undefined;
1046
+ "x5t#S256"?: string | undefined;
1047
+ x5u?: string | undefined;
1048
+ }[];
1049
+ };
1050
+ application_type?: string | undefined;
1051
+ client_id?: string | undefined;
1052
+ client_name?: string | undefined;
1053
+ contacts?: string[] | undefined;
1054
+ presentation_definition?: {
1055
+ id: string;
1056
+ input_descriptors: {
1057
+ id: string;
1058
+ constraints: {
1059
+ fields?: {
1060
+ path: string[];
1061
+ id?: string | undefined;
1062
+ purpose?: string | undefined;
1063
+ name?: string | undefined;
1064
+ filter?: any;
1065
+ optional?: boolean | undefined;
1066
+ intent_to_retain?: boolean | undefined;
1067
+ }[] | undefined;
1068
+ limit_disclosure?: "required" | "preferred" | undefined;
1069
+ };
1070
+ name?: string | undefined;
1071
+ purpose?: string | undefined;
1072
+ format?: Record<string, any> | undefined;
1073
+ group?: string | undefined;
1074
+ }[];
1075
+ name?: string | undefined;
1076
+ purpose?: string | undefined;
1077
+ submission_requirements?: {
1078
+ rule: string;
1079
+ name?: string | undefined;
1080
+ purpose?: string | undefined;
1081
+ from?: string | undefined;
1082
+ from_nested?: {
1083
+ rule: string;
1084
+ from: string;
1085
+ name?: string | undefined;
1086
+ purpose?: string | undefined;
1087
+ }[] | undefined;
1088
+ count?: number | undefined;
1089
+ }[] | undefined;
1090
+ } | undefined;
1091
+ request_uris?: string[] | undefined;
1092
+ authorization_signed_response_alg?: string | undefined;
1093
+ authorization_encrypted_response_alg?: string | undefined;
1094
+ authorization_encrypted_response_enc?: string | undefined;
1095
+ };
1096
+ };
1097
+ };
1098
+ }) | ({
1099
+ header: {
1100
+ alg: string;
1101
+ kid: string;
1102
+ typ: "entity-statement+jwt";
1103
+ };
1104
+ payload: {
1105
+ iss: string;
1106
+ sub: string;
1107
+ iat: number;
1108
+ exp: number;
1109
+ jwks: {
1110
+ keys: {
1111
+ kty: "RSA" | "EC";
1112
+ alg?: string | undefined;
1113
+ crv?: string | undefined;
1114
+ d?: string | undefined;
1115
+ dp?: string | undefined;
1116
+ dq?: string | undefined;
1117
+ e?: string | undefined;
1118
+ ext?: boolean | undefined;
1119
+ k?: string | undefined;
1120
+ key_ops?: string[] | undefined;
1121
+ kid?: string | undefined;
1122
+ n?: string | undefined;
1123
+ p?: string | undefined;
1124
+ q?: string | undefined;
1125
+ qi?: string | undefined;
1126
+ use?: string | undefined;
1127
+ x?: string | undefined;
1128
+ y?: string | undefined;
1129
+ x5c?: string[] | undefined;
1130
+ x5t?: string | undefined;
1131
+ "x5t#S256"?: string | undefined;
1132
+ x5u?: string | undefined;
1133
+ }[];
1134
+ };
1135
+ metadata: {
1136
+ federation_entity: {
1137
+ federation_fetch_endpoint?: string | undefined;
1138
+ federation_list_endpoint?: string | undefined;
1139
+ federation_resolve_endpoint?: string | undefined;
1140
+ federation_trust_mark_status_endpoint?: string | undefined;
1141
+ federation_trust_mark_list_endpoint?: string | undefined;
1142
+ federation_trust_mark_endpoint?: string | undefined;
1143
+ federation_historical_keys_endpoint?: string | undefined;
1144
+ endpoint_auth_signing_alg_values_supported?: string | undefined;
1145
+ organization_name?: string | undefined;
1146
+ homepage_uri?: string | undefined;
1147
+ policy_uri?: string | undefined;
1148
+ logo_uri?: string | undefined;
1149
+ contacts?: string[] | undefined;
1150
+ } & {
1151
+ [k: string]: unknown;
1152
+ };
1153
+ } & {
1154
+ [k: string]: unknown;
1155
+ };
1156
+ authority_hints?: string[] | undefined;
1157
+ } & {
1158
+ [k: string]: unknown;
1159
+ };
1160
+ } & {
1161
+ payload: {
1162
+ metadata: {
1163
+ wallet_provider: {
1164
+ jwks: {
1165
+ keys: {
1166
+ kty: "RSA" | "EC";
1167
+ alg?: string | undefined;
1168
+ crv?: string | undefined;
1169
+ d?: string | undefined;
1170
+ dp?: string | undefined;
1171
+ dq?: string | undefined;
1172
+ e?: string | undefined;
1173
+ ext?: boolean | undefined;
1174
+ k?: string | undefined;
1175
+ key_ops?: string[] | undefined;
1176
+ kid?: string | undefined;
1177
+ n?: string | undefined;
1178
+ p?: string | undefined;
1179
+ q?: string | undefined;
1180
+ qi?: string | undefined;
1181
+ use?: string | undefined;
1182
+ x?: string | undefined;
1183
+ y?: string | undefined;
1184
+ x5c?: string[] | undefined;
1185
+ x5t?: string | undefined;
1186
+ "x5t#S256"?: string | undefined;
1187
+ x5u?: string | undefined;
1188
+ }[];
1189
+ };
1190
+ token_endpoint: string;
1191
+ grant_types_supported: string[];
1192
+ token_endpoint_auth_methods_supported: string[];
1193
+ token_endpoint_auth_signing_alg_values_supported: string[];
1194
+ aal_values_supported?: string[] | undefined;
1195
+ } & {
1196
+ [k: string]: unknown;
1197
+ };
1198
+ };
1199
+ };
1200
+ })>;
1201
+ /**
1202
+ * Fetch and parse the entity statement document for a given federation entity.
1203
+ *
1204
+ * @param accreditationBodyBaseUrl The base url of the accreditation body which holds and signs the required entity statement
1205
+ * @param subordinatedEntityBaseUrl The url that identifies the subordinate entity
1206
+ * @param appFetch An optional instance of the http client to be used.
1207
+ * @returns The parsed entity configuration object
1208
+ * @throws {IoWalletError} If the http request fails
1209
+ */
1210
+ export declare function getEntityStatement(accreditationBodyBaseUrl: string, subordinatedEntityBaseUrl: string, { appFetch, }?: {
1211
+ appFetch?: GlobalFetch["fetch"];
1212
+ }): Promise<{
1213
+ header: {
1214
+ alg: string;
1215
+ kid: string;
1216
+ typ: "entity-statement+jwt";
1217
+ };
1218
+ payload: {
1219
+ iss: string;
1220
+ sub: string;
1221
+ iat: number;
1222
+ exp: number;
1223
+ jwks: {
1224
+ keys: {
1225
+ kty: "RSA" | "EC";
1226
+ alg?: string | undefined;
1227
+ crv?: string | undefined;
1228
+ d?: string | undefined;
1229
+ dp?: string | undefined;
1230
+ dq?: string | undefined;
1231
+ e?: string | undefined;
1232
+ ext?: boolean | undefined;
1233
+ k?: string | undefined;
1234
+ key_ops?: string[] | undefined;
1235
+ kid?: string | undefined;
1236
+ n?: string | undefined;
1237
+ p?: string | undefined;
1238
+ q?: string | undefined;
1239
+ qi?: string | undefined;
1240
+ use?: string | undefined;
1241
+ x?: string | undefined;
1242
+ y?: string | undefined;
1243
+ x5c?: string[] | undefined;
1244
+ x5t?: string | undefined;
1245
+ "x5t#S256"?: string | undefined;
1246
+ x5u?: string | undefined;
1247
+ }[];
1248
+ };
1249
+ trust_marks?: {
1250
+ id: string;
1251
+ trust_mark: string;
1252
+ }[] | undefined;
1253
+ };
1254
+ }>;
1255
+ /**
1256
+ * Fetch the signed entity configuration token for an entity
1257
+ *
1258
+ * @param entityBaseUrl The url of the entity to fetch
1259
+ * @param appFetch (optional) fetch api implementation
1260
+ * @returns The signed Entity Configuration token
1261
+ */
1262
+ export declare function getSignedEntityConfiguration(entityBaseUrl: string, { appFetch, }?: {
1263
+ appFetch?: GlobalFetch["fetch"];
1264
+ }): Promise<string>;
1265
+ /**
1266
+ * Fetch the entity statement document for a given federation entity.
1267
+ *
1268
+ * @param federationFetchEndpoint The exact endpoint provided by the parent EC's metadata.
1269
+ * @param subordinatedEntityBaseUrl The url that identifies the subordinate entity.
1270
+ * @param appFetch An optional instance of the http client to be used.
1271
+ * @returns The signed entity statement token.
1272
+ * @throws {IoWalletError} If the http request fails.
1273
+ */
1274
+ export declare function getSignedEntityStatement(federationFetchEndpoint: string, subordinatedEntityBaseUrl: string, { appFetch, }?: {
1275
+ appFetch?: GlobalFetch["fetch"];
1276
+ }): Promise<string>;
1277
+ /**
1278
+ * Fetch the federation list document from a given endpoint.
1279
+ *
1280
+ * @param federationListEndpoint The URL of the federation list endpoint.
1281
+ * @param appFetch An optional instance of the http client to be used.
1282
+ * @returns The federation list as an array of strings.
1283
+ * @throws {IoWalletError} If the HTTP request fails.
1284
+ * @throws {FederationError} If the result is not in the expected format.
1285
+ */
1286
+ export declare function getFederationList(federationListEndpoint: string, { appFetch, }?: {
1287
+ appFetch?: GlobalFetch["fetch"];
1288
+ }): Promise<string[]>;
1289
+ /**
1290
+ * Build a not-verified trust chain for a given Relying Party (RP) entity.
1291
+ *
1292
+ * @param relyingPartyEntityBaseUrl The base URL of the RP entity
1293
+ * @param trustAnchorKey The public key of the Trust Anchor (TA) entity
1294
+ * @param appFetch An optional instance of the http client to be used.
1295
+ * @returns A list of signed tokens that represent the trust chain, in the order of the chain (from the RP to the Trust Anchor)
1296
+ * @throws {FederationError} When an element of the chain fails to parse or other build steps fail.
1297
+ */
1298
+ export declare function buildTrustChain(relyingPartyEntityBaseUrl: string, trustAnchorKey: JWK, appFetch?: GlobalFetch["fetch"]): Promise<string[]>;
1299
+ export {};
1300
+ //# sourceMappingURL=build-chain.d.ts.map