npm - @pagopa/io-react-native-wallet - Versions diffs - 2.0.0-next.1 → 2.0.0-next.3 - Mend

@pagopa/io-react-native-wallet 2.0.0-next.1 → 2.0.0-next.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (174) hide show

package/lib/commonjs/sd-jwt/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"names":["_ioReactNativeJwt","require","_types","_verifier","Errors","_interopRequireWildcard","exports","_jsBase","~~_getRequireWildcardCache~~","~~nodeInterop~~","~~WeakMap~~","~~cacheBabelInterop~~","~~cacheNodeInterop~~","~~obj~~","~~__esModule~~","~~default~~","~~cache~~","~~has~~","get","~~newObj~~","~~hasPropertyDescriptor~~","~~Object~~","~~defineProperty~~","~~getOwnPropertyDescriptor~~","~~key~~","~~prototype~~","~~hasOwnProperty~~","~~call~~","desc","set","decodeDisclosure","encoded","utf8String","Base64","decode","decoded","Disclosure","parse","JSON","token","customSchema","slice","rawSdJwt","rawDisclosures","split","decodedJwt","decodeJwt","parser","SdJwt4VC","sdJwt","header","protectedHeader","payload","disclosures","map","disclose","claims","paths","Promise","all","claim","disclosure","find","_ref","name","ClaimsNotFoundBetweenDisclosures","hash","sha256ToBase64","_sd","includes","index","indexOf","path","ClaimsNotFoundInToken","filteredDisclosures","filter","d","disclosedToken","join","verify","publicKey","verifyJwt","verifyDisclosure","prepareVpToken","nonce","client_id","_ref2","verifiableCredential","requestedClaims","cryptoContext","vp","sd_hash","kbJwt","SignJWT","setProtectedHeader","typ","alg","setPayload","setAudience","setIssuedAt","sign","vp_token"],"sourceRoot":"../../../src","sources":["sd-jwt/index.ts"],"mappings":"~~;;;;;;;;;;;;;~~AAEA,IAAAA,iBAAA,GAAAC,OAAA;AAGA,IAAAC,MAAA,GAAAD,OAAA;AACA,IAAAE,SAAA,GAAAF,OAAA;AAEA,IAAAG,MAAA,GAAAC,uBAAA,CAAAJ,OAAA;AAAmCK,OAAA,CAAAF,MAAA,GAAAA,MAAA;AACnC,IAAAG,OAAA,GAAAN,OAAA;~~AAAmC~~,~~SAAAO~~,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,~~SAAAJ~~,~~wBAAAQ~~,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,~~CAAAE~~,GAAA,~~CAAAL~~,GAAA,~~SAAAM~~,MAAA,WAAAC,qBAAA,~~GAAAC~~,MAAA,~~CAAAC~~,cAAA,~~IAAAD~~,MAAA,~~CAAAE~~,wBAAA,~~WAAAC~~,GAAA,~~IAAAX~~,GAAA,~~QAAAW~~,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,~~CAAAd~~,GAAA,~~EAAAW~~,GAAA,~~SAAAI~~,IAAA,~~GAAAR~~,qBAAA,~~GAAAC~~,MAAA,~~CAAAE~~,wBAAA,~~CAAAV~~,GAAA,~~EAAAW~~,GAAA,~~cAAAI~~,IAAA,KAAAA,IAAA,~~CAAAV~~,GAAA,~~IAAAU~~,IAAA,CAAAC,GAAA,~~KAAAR~~,MAAA,~~CAAAC~~,cAAA,~~CAAAH~~,MAAA,~~EAAAK~~,GAAA,~~EAAAI~~,IAAA,~~YAAAT~~,MAAA,~~CAAAK~~,GAAA,~~IAAAX~~,GAAA,~~CAAAW~~,GAAA,~~SAAAL~~,MAAA,~~CAAAJ~~,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,~~CAAAa~~,GAAA,~~CAAAhB~~,GAAA,~~EAAAM~~,MAAA,YAAAA,MAAA;~~AAGnC~~,~~MAAMW~~,gBAAgB,GAAIC,OAAe,IAA4B;EACnE,MAAMC,UAAU,GAAGC,cAAM,CAACC,MAAM,CAACH,OAAO,CAAC,CAAC,CAAC;EAC3C,MAAMI,OAAO,GAAGC,iBAAU,CAACC,KAAK,CAACC,IAAI,CAACD,KAAK,CAACL,UAAU,CAAC,CAAC;EACxD,OAAO;IAAEG,OAAO;IAAEJ;EAAQ,CAAC;AAC7B,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMG,MAAM,GAAGA,CACpBK,KAAa,EACbC,YAAgB,KAIb;EACH;EACA,IAAID,KAAK,CAACE,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE;IAC3BF,KAAK,GAAGA,KAAK,CAACE,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;EAC5B;EACA,MAAM,CAACC,QAAQ,GAAG,EAAE,EAAE,GAAGC,cAAc,CAAC,GAAGJ,KAAK,CAACK,KAAK,CAAC,GAAG,CAAC;;EAE3D;EACA;EACA,MAAMC,UAAU,GAAG,IAAAC,wBAAS,EAACJ,QAAQ,CAAC;;EAEtC;EACA,MAAMK,MAAM,GAAGP,YAAY,IAAIQ,eAAQ;EAEvC,MAAMC,KAAK,GAAGF,MAAM,CAACV,KAAK,CAAC;IACzBa,MAAM,EAAEL,UAAU,CAACM,eAAe;IAClCC,OAAO,EAAEP,UAAU,CAACO;EACtB,CAAC,CAAC;;EAEF;EACA;EACA;EACA,MAAMC,WAAW,GAAGV,cAAc,CAACW,GAAG,CAACxB,gBAAgB,CAAC;EAExD,OAAO;IAAEmB,KAAK;IAAEI;EAAY,CAAC;AAC/B,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;~~AAZA/C~~,OAAA,~~CAAA4B~~,MAAA,GAAAA,MAAA;AAaO,MAAMqB,QAAQ,GAAG,MAAAA,CACtBhB,KAAa,EACbiB,MAAgB,KACyD;EACzE,MAAM,CAACd,QAAQ,EAAE,GAAGC,cAAc,CAAC,GAAGJ,KAAK,CAACK,KAAK,CAAC,GAAG,CAAC;EACtD,MAAM;IAAEK,KAAK;IAAEI;EAAY,CAAC,GAAGnB,MAAM,CAACK,KAAK,EAAES,eAAQ,CAAC;;EAEtD;EACA,MAAMS,KAAK,GAAG,MAAMC,OAAO,CAACC,GAAG,CAC7BH,MAAM,CAACF,GAAG,CAAC,MAAOM,KAAK,IAAK;IAC1B,MAAMC,UAAU,GAAGR,WAAW,CAACS,IAAI,CACjCC,IAAA;MAAA,IAAC;QAAE5B,OAAO,EAAE,GAAG6B,IAAI;MAAE,CAAC,GAAAD,IAAA;MAAA,OAAKC,IAAI,KAAKJ,KAAK;IAAA,CAC3C,CAAC;;IAED;IACA,IAAI,CAACC,UAAU,EAAE;MACf,MAAM,~~IAAIzD~~,MAAM,~~CAAC6D~~,gCAAgC,CAACL,KAAK,CAAC;IAC1D;IAEA,MAAMM,IAAI,GAAG,MAAM,IAAAC,gCAAc,EAACN,UAAU,CAAC9B,OAAO,CAAC;;IAErD;IACA;IACA,IAAIkB,KAAK,CAACG,OAAO,CAACgB,GAAG,CAACC,QAAQ,CAACH,IAAI,CAAC,EAAE;MACpC,MAAMI,KAAK,GAAGrB,KAAK,CAACG,OAAO,CAACgB,GAAG,CAACG,OAAO,CAACL,IAAI,CAAC;MAC7C,OAAO;QAAEN,KAAK;QAAEY,IAAI,EAAG,8BAA6BF,KAAM;MAAG,CAAC;IAChE;IAEA,MAAM,~~IAAIlE~~,MAAM,~~CAACqE~~,qBAAqB,CAACb,KAAK,CAAC;EAC/C,CAAC,CACH,CAAC;EAED,MAAMc,mBAAmB,GAAG/B,cAAc,CAACgC,MAAM,CAAEC,CAAC,IAAK;IACvD,MAAM;MACJzC,OAAO,EAAE,GAAG6B,IAAI;IAClB,CAAC,GAAGlC,gBAAgB,CAAC8C,CAAC,CAAC;IACvB,OAAOpB,MAAM,CAACa,QAAQ,CAACL,IAAI,CAAC;EAC9B,CAAC,CAAC;;EAEF;EACA,MAAMa,cAAc,GAAG,CAACnC,QAAQ,EAAE,GAAGgC,mBAAmB,CAAC,CAACI,IAAI,CAAC,GAAG,CAAC;EAEnE,OAAO;IAAEvC,KAAK,EAAEsC,cAAc;IAAEpB;EAAM,CAAC;AACzC,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;~~AAfAnD~~,OAAA,~~CAAAiD~~,QAAA,GAAAA,QAAA;AAgBO,MAAMwB,MAAM,GAAG,MAAAA,CACpBxC,KAAa,EACbyC,SAAsB,EACtBxC,YAAgB,KAC8C;EAC9D;EACA,MAAM,CAACE,QAAQ,GAAG,EAAE,CAAC,GAAGH,KAAK,CAACK,KAAK,CAAC,GAAG,CAAC;EACxC,MAAMT,OAAO,GAAGD,MAAM,CAACK,KAAK,EAAEC,YAAY,CAAC;;EAE3C;EACA,MAAM,IAAAyC,wBAAS,EAACvC,QAAQ,EAAEsC,SAAS,CAAC;;EAEpC;EACA,MAAMxB,MAAM,GAAG,CAAC,GAAGrB,OAAO,CAACc,KAAK,CAACG,OAAO,CAACgB,GAAG,CAAC;EAE7C,MAAMV,OAAO,CAACC,GAAG,CACfxB,OAAO,CAACkB,WAAW,CAACC,GAAG,CACrB,MAAOO,UAAU,IAAK,MAAM,IAAAqB,0BAAgB,EAACrB,UAAU,EAAEL,MAAM,CACjE,CACF,CAAC;EAED,OAAO;IACLP,KAAK,EAAEd,OAAO,CAACc,KAAK;IACpBI,WAAW,EAAElB,OAAO,CAACkB,WAAW,CAACC,GAAG,CAAEsB,CAAC,IAAKA,CAAC,CAACzC,OAAO;EACvD,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;~~AAdA7B~~,OAAA,~~CAAAyE~~,MAAA,GAAAA,MAAA;AAeO,MAAMI,cAAc,GAAG,MAAAA,CAC5BC,KAAa,EACbC,SAAiB,EAAAC,KAAA,KAIb;EAAA,IAHJ,CAACC,oBAAoB,EAAEC,eAAe,EAAEC,aAAa,CAAe,GAAAH,KAAA;EAIpE;EACA,MAAM;IAAE/C,KAAK,EAAEmD;EAAG,CAAC,GAAG,MAAMnC,QAAQ,CAACgC,oBAAoB,EAAEC,eAAe,CAAC;;EAE3E;EACA,MAAMG,OAAO,GAAG,MAAM,IAAAxB,gCAAc,EAAE,GAAEuB,EAAG,GAAE,CAAC;EAE9C,MAAME,KAAK,GAAG,MAAM,IAAIC,yBAAO,CAACJ,aAAa,CAAC,CAC3CK,kBAAkB,CAAC;IAClBC,GAAG,EAAE,QAAQ;IACbC,GAAG,EAAE;EACP,CAAC,CAAC,CACDC,UAAU,CAAC;IACVN,OAAO;IACPP,KAAK,EAAEA;EACT,CAAC,CAAC,CACDc,WAAW,CAACb,SAAS,CAAC,CACtBc,WAAW,CAAC,CAAC,CACbC,IAAI,CAAC,CAAC;;EAET;EACA,MAAMC,QAAQ,GAAG,CAACX,EAAE,EAAEE,KAAK,CAAC,CAACd,IAAI,CAAC,GAAG,CAAC;EAEtC,OAAO;IAAEuB;EAAS,CAAC;AACrB,CAAC;~~AAAC/F~~,OAAA,~~CAAA6E~~,cAAA,GAAAA,cAAA"}
1	+ {"version":3,"names":["_ioReactNativeJwt","require","_types","_verifier","Errors","_interopRequireWildcard","exports","_jsBase","_utils","Object","keys","forEach","key","prototype","hasOwnProperty","call","_exportNames","defineProperty","enumerable","get","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","newObj","hasPropertyDescriptor","getOwnPropertyDescriptor","desc","set","decodeDisclosure","encoded","utf8String","Base64","decode","decoded","Disclosure","parse","JSON","token","customSchema","slice","rawSdJwt","rawDisclosures","split","decodedJwt","decodeJwt","parser","SdJwt4VC","sdJwt","header","protectedHeader","payload","disclosures","map","disclose","claims","paths","Promise","all","claim","disclosure","find","_ref","name","ClaimsNotFoundBetweenDisclosures","hash","sha256ToBase64","_sd","includes","index","indexOf","path","ClaimsNotFoundInToken","filteredDisclosures","filter","d","disclosedToken","join","verify","publicKey","verifyJwt","verifyDisclosure","prepareVpToken","nonce","client_id","_ref2","verifiableCredential","requestedClaims","cryptoContext","vp","sd_hash","kbJwt","SignJWT","setProtectedHeader","typ","alg","setPayload","setAudience","setIssuedAt","sign","vp_token"],"sourceRoot":"../../../src","sources":["sd-jwt/index.ts"],"mappings":";;;;;;;;;;;;;;;;;;;;;AAEA,IAAAA,iBAAA,GAAAC,OAAA;AAGA,IAAAC,MAAA,GAAAD,OAAA;AACA,IAAAE,SAAA,GAAAF,OAAA;AAEA,IAAAG,MAAA,GAAAC,uBAAA,CAAAJ,OAAA;AAAmCK,OAAA,CAAAF,MAAA,GAAAA,MAAA;AACnC,IAAAG,OAAA,GAAAN,OAAA;AAGA,IAAAO,MAAA,GAAAP,OAAA;AAAAQ,MAAA,CAAAC,IAAA,CAAAF,MAAA,EAAAG,OAAA,WAAAC,GAAA;EAAA,IAAAA,GAAA,kBAAAA,GAAA;EAAA,IAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAC,YAAA,EAAAJ,GAAA;EAAA,IAAAA,GAAA,IAAAN,OAAA,IAAAA,OAAA,CAAAM,GAAA,MAAAJ,MAAA,CAAAI,GAAA;EAAAH,MAAA,CAAAQ,cAAA,CAAAX,OAAA,EAAAM,GAAA;IAAAM,UAAA;IAAAC,GAAA,WAAAA,CAAA;MAAA,OAAAX,MAAA,CAAAI,GAAA;IAAA;EAAA;AAAA;AAAwB,SAAAQ,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAhB,wBAAAoB,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAT,GAAA,CAAAM,GAAA,SAAAK,MAAA,WAAAC,qBAAA,GAAAtB,MAAA,CAAAQ,cAAA,IAAAR,MAAA,CAAAuB,wBAAA,WAAApB,GAAA,IAAAa,GAAA,QAAAb,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAU,GAAA,EAAAb,GAAA,SAAAqB,IAAA,GAAAF,qBAAA,GAAAtB,MAAA,CAAAuB,wBAAA,CAAAP,GAAA,EAAAb,GAAA,cAAAqB,IAAA,KAAAA,IAAA,CAAAd,GAAA,IAAAc,IAAA,CAAAC,GAAA,KAAAzB,MAAA,CAAAQ,cAAA,CAAAa,MAAA,EAAAlB,GAAA,EAAAqB,IAAA,YAAAH,MAAA,CAAAlB,GAAA,IAAAa,GAAA,CAAAb,GAAA,SAAAkB,MAAA,CAAAH,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAM,GAAA,CAAAT,GAAA,EAAAK,MAAA,YAAAA,MAAA;AAExB,MAAMK,gBAAgB,GAAIC,OAAe,IAA4B;EACnE,MAAMC,UAAU,GAAGC,cAAM,CAACC,MAAM,CAACH,OAAO,CAAC,CAAC,CAAC;EAC3C,MAAMI,OAAO,GAAGC,iBAAU,CAACC,KAAK,CAACC,IAAI,CAACD,KAAK,CAACL,UAAU,CAAC,CAAC;EACxD,OAAO;IAAEG,OAAO;IAAEJ;EAAQ,CAAC;AAC7B,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMG,MAAM,GAAGA,CACpBK,KAAa,EACbC,YAAgB,KAIb;EACH;EACA,IAAID,KAAK,CAACE,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE;IAC3BF,KAAK,GAAGA,KAAK,CAACE,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;EAC5B;EACA,MAAM,CAACC,QAAQ,GAAG,EAAE,EAAE,GAAGC,cAAc,CAAC,GAAGJ,KAAK,CAACK,KAAK,CAAC,GAAG,CAAC;;EAE3D;EACA;EACA,MAAMC,UAAU,GAAG,IAAAC,wBAAS,EAACJ,QAAQ,CAAC;;EAEtC;EACA,MAAMK,MAAM,GAAGP,YAAY,IAAIQ,eAAQ;EAEvC,MAAMC,KAAK,GAAGF,MAAM,CAACV,KAAK,CAAC;IACzBa,MAAM,EAAEL,UAAU,CAACM,eAAe;IAClCC,OAAO,EAAEP,UAAU,CAACO;EACtB,CAAC,CAAC;;EAEF;EACA;EACA;EACA,MAAMC,WAAW,GAAGV,cAAc,CAACW,GAAG,CAACxB,gBAAgB,CAAC;EAExD,OAAO;IAAEmB,KAAK;IAAEI;EAAY,CAAC;AAC/B,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAZApD,OAAA,CAAAiC,MAAA,GAAAA,MAAA;AAaO,MAAMqB,QAAQ,GAAG,MAAAA,CACtBhB,KAAa,EACbiB,MAAgB,KACyD;EACzE,MAAM,CAACd,QAAQ,EAAE,GAAGC,cAAc,CAAC,GAAGJ,KAAK,CAACK,KAAK,CAAC,GAAG,CAAC;EACtD,MAAM;IAAEK,KAAK;IAAEI;EAAY,CAAC,GAAGnB,MAAM,CAACK,KAAK,EAAES,eAAQ,CAAC;;EAEtD;EACA,MAAMS,KAAK,GAAG,MAAMC,OAAO,CAACC,GAAG,CAC7BH,MAAM,CAACF,GAAG,CAAC,MAAOM,KAAK,IAAK;IAC1B,MAAMC,UAAU,GAAGR,WAAW,CAACS,IAAI,CACjCC,IAAA;MAAA,IAAC;QAAE5B,OAAO,EAAE,GAAG6B,IAAI;MAAE,CAAC,GAAAD,IAAA;MAAA,OAAKC,IAAI,KAAKJ,KAAK;IAAA,CAC3C,CAAC;;IAED;IACA,IAAI,CAACC,UAAU,EAAE;MACf,MAAM,IAAI9D,MAAM,CAACkE,gCAAgC,CAACL,KAAK,CAAC;IAC1D;IAEA,MAAMM,IAAI,GAAG,MAAM,IAAAC,gCAAc,EAACN,UAAU,CAAC9B,OAAO,CAAC;;IAErD;IACA;IACA,IAAIkB,KAAK,CAACG,OAAO,CAACgB,GAAG,CAACC,QAAQ,CAACH,IAAI,CAAC,EAAE;MACpC,MAAMI,KAAK,GAAGrB,KAAK,CAACG,OAAO,CAACgB,GAAG,CAACG,OAAO,CAACL,IAAI,CAAC;MAC7C,OAAO;QAAEN,KAAK;QAAEY,IAAI,EAAG,8BAA6BF,KAAM;MAAG,CAAC;IAChE;IAEA,MAAM,IAAIvE,MAAM,CAAC0E,qBAAqB,CAACb,KAAK,CAAC;EAC/C,CAAC,CACH,CAAC;EAED,MAAMc,mBAAmB,GAAG/B,cAAc,CAACgC,MAAM,CAAEC,CAAC,IAAK;IACvD,MAAM;MACJzC,OAAO,EAAE,GAAG6B,IAAI;IAClB,CAAC,GAAGlC,gBAAgB,CAAC8C,CAAC,CAAC;IACvB,OAAOpB,MAAM,CAACa,QAAQ,CAACL,IAAI,CAAC;EAC9B,CAAC,CAAC;;EAEF;EACA,MAAMa,cAAc,GAAG,CAACnC,QAAQ,EAAE,GAAGgC,mBAAmB,CAAC,CAACI,IAAI,CAAC,GAAG,CAAC;EAEnE,OAAO;IAAEvC,KAAK,EAAEsC,cAAc;IAAEpB;EAAM,CAAC;AACzC,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAfAxD,OAAA,CAAAsD,QAAA,GAAAA,QAAA;AAgBO,MAAMwB,MAAM,GAAG,MAAAA,CACpBxC,KAAa,EACbyC,SAAsB,EACtBxC,YAAgB,KAC8C;EAC9D;EACA,MAAM,CAACE,QAAQ,GAAG,EAAE,CAAC,GAAGH,KAAK,CAACK,KAAK,CAAC,GAAG,CAAC;EACxC,MAAMT,OAAO,GAAGD,MAAM,CAACK,KAAK,EAAEC,YAAY,CAAC;;EAE3C;EACA,MAAM,IAAAyC,wBAAS,EAACvC,QAAQ,EAAEsC,SAAS,CAAC;;EAEpC;EACA,MAAMxB,MAAM,GAAG,CAAC,GAAGrB,OAAO,CAACc,KAAK,CAACG,OAAO,CAACgB,GAAG,CAAC;EAE7C,MAAMV,OAAO,CAACC,GAAG,CACfxB,OAAO,CAACkB,WAAW,CAACC,GAAG,CACrB,MAAOO,UAAU,IAAK,MAAM,IAAAqB,0BAAgB,EAACrB,UAAU,EAAEL,MAAM,CACjE,CACF,CAAC;EAED,OAAO;IACLP,KAAK,EAAEd,OAAO,CAACc,KAAK;IACpBI,WAAW,EAAElB,OAAO,CAACkB,WAAW,CAACC,GAAG,CAAEsB,CAAC,IAAKA,CAAC,CAACzC,OAAO;EACvD,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAdAlC,OAAA,CAAA8E,MAAA,GAAAA,MAAA;AAeO,MAAMI,cAAc,GAAG,MAAAA,CAC5BC,KAAa,EACbC,SAAiB,EAAAC,KAAA,KAIb;EAAA,IAHJ,CAACC,oBAAoB,EAAEC,eAAe,EAAEC,aAAa,CAAe,GAAAH,KAAA;EAIpE;EACA,MAAM;IAAE/C,KAAK,EAAEmD;EAAG,CAAC,GAAG,MAAMnC,QAAQ,CAACgC,oBAAoB,EAAEC,eAAe,CAAC;;EAE3E;EACA,MAAMG,OAAO,GAAG,MAAM,IAAAxB,gCAAc,EAAE,GAAEuB,EAAG,GAAE,CAAC;EAE9C,MAAME,KAAK,GAAG,MAAM,IAAIC,yBAAO,CAACJ,aAAa,CAAC,CAC3CK,kBAAkB,CAAC;IAClBC,GAAG,EAAE,QAAQ;IACbC,GAAG,EAAE;EACP,CAAC,CAAC,CACDC,UAAU,CAAC;IACVN,OAAO;IACPP,KAAK,EAAEA;EACT,CAAC,CAAC,CACDc,WAAW,CAACb,SAAS,CAAC,CACtBc,WAAW,CAAC,CAAC,CACbC,IAAI,CAAC,CAAC;;EAET;EACA,MAAMC,QAAQ,GAAG,CAACX,EAAE,EAAEE,KAAK,CAAC,CAACd,IAAI,CAAC,GAAG,CAAC;EAEtC,OAAO;IAAEuB;EAAS,CAAC;AACrB,CAAC;AAACpG,OAAA,CAAAkF,cAAA,GAAAA,cAAA"}

package/lib/commonjs/sd-jwt/types.js CHANGED Viewed

@@ -3,7 +3,7 @@
 Object.defineProperty(exports, "__esModule", {
   value: true
 });
-exports.UnixTime = exports.SdJwt4VC = exports.ObfuscatedDisclosures = exports.Disclosure = void 0;
+exports.Verification = exports.UnixTime = exports.TypeMetadata = exports.SdJwt4VC = exports.ObfuscatedDisclosures = exports.Disclosure = void 0;
 var _jwk = require("../utils/jwk");
 var _zod = require("zod");
 const UnixTime = _zod.z.number().min(0).max(2147483647000);
@@ -32,7 +32,7 @@ const Disclosure = _zod.z.tuple([/* salt */_zod.z.string(), /* claim name */_zod
 exports.Disclosure = Disclosure;
 const SdJwt4VC = _zod.z.object({
   header: _zod.z.object({
-    typ: _zod.z.literal("vc+sd-jwt"),
+    typ: _zod.z.literal("dc+sd-jwt"),
     alg: _zod.z.string(),
     kid: _zod.z.string().optional()
   }),
@@ -43,15 +43,62 @@ const SdJwt4VC = _zod.z.object({
     exp: UnixTime,
     _sd_alg: _zod.z.literal("sha-256"),
     status: _zod.z.object({
-      status_attestation: _zod.z.object({
+      status_assertion: _zod.z.object({
         credential_hash_alg: _zod.z.literal("sha-256")
       })
     }),
     cnf: _zod.z.object({
       jwk: _jwk.JWK
     }),
-    vct: _zod.z.string()
+    vct: _zod.z.string(),
+    "vct#integrity": _zod.z.string(),
+    issuing_authority: _zod.z.string(),
+    issuing_country: _zod.z.string()
   }), ObfuscatedDisclosures)
 });
+/**
+ * Object containing User authentication and User data verification information.
+ * Useful to extract the assurance level to determine L2/L3 authentication.
+ */
 exports.SdJwt4VC = SdJwt4VC;
+const Verification = _zod.z.object({
+  trust_framework: _zod.z.string(),
+  assurance_level: _zod.z.string(),
+  evidence: _zod.z.array(_zod.z.object({
+    type: _zod.z.literal("vouch"),
+    time: _zod.z.string(),
+    attestation: _zod.z.object({
+      type: _zod.z.literal("digital_attestation"),
+      reference_number: _zod.z.string(),
+      date_of_issuance: _zod.z.string(),
+      voucher: _zod.z.object({
+        organization: _zod.z.string()
+      })
+    })
+  }))
+});
+/**
+ * Metadata for a digital credential. This information is retrieved from the URL defined in the `vct` claim.
+ *
+ * @see https://italia.github.io/eid-wallet-it-docs/v0.9.1/en/pid-eaa-data-model.html#digital-credential-metadata-type
+ */
+exports.Verification = Verification;
+const TypeMetadata = _zod.z.object({
+  name: _zod.z.string(),
+  description: _zod.z.string(),
+  data_source: _zod.z.object({
+    trust_framework: _zod.z.string(),
+    authentic_source: _zod.z.object({
+      organization_name: _zod.z.string(),
+      organization_code: _zod.z.string(),
+      contacts: _zod.z.array(_zod.z.string()),
+      homepage_uri: _zod.z.string().url(),
+      logo_uri: _zod.z.string().url()
+    })
+  })
+  // TODO: add more fields
+});
+exports.TypeMetadata = TypeMetadata;
 //# sourceMappingURL=types.js.map

package/lib/commonjs/sd-jwt/types.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"names":["_jwk","require","_zod","UnixTime","z","number","min","max","exports","ObfuscatedDisclosures","object","_sd","array","string","Disclosure","tuple","unknown","SdJwt4VC","header","typ","literal","alg","kid","optional","payload","intersection","iss","sub","iat","exp","_sd_alg","status","~~status_attestation~~","credential_hash_alg","cnf","jwk","JWK","vct"],"sourceRoot":"../../../src","sources":["sd-jwt/types.ts"],"mappings":";;;;;;AAAA,IAAAA,IAAA,GAAAC,OAAA;AACA,IAAAC,IAAA,GAAAD,OAAA;AAEO,MAAME,QAAQ,GAAGC,MAAC,CAACC,MAAM,CAAC,CAAC,CAACC,GAAG,CAAC,CAAC,CAAC,CAACC,GAAG,CAAC,aAAa,CAAC;AAACC,OAAA,CAAAL,QAAA,GAAAA,QAAA;AAItD,MAAMM,qBAAqB,GAAGL,MAAC,CAACM,MAAM,CAAC;EAAEC,GAAG,EAAEP,MAAC,CAACQ,KAAK,CAACR,MAAC,CAACS,MAAM,CAAC,CAAC;AAAE,CAAC,CAAC;;AAE3E;AACA;AACA;AACA;AACA;AACA;AALAL,OAAA,CAAAC,qBAAA,GAAAA,qBAAA;AAOO,MAAMK,UAAU,GAAGV,MAAC,CAACW,KAAK,CAAC,CAChC,UAAWX,MAAC,CAACS,MAAM,CAAC,CAAC,EACrB,gBAAiBT,MAAC,CAACS,MAAM,CAAC,CAAC,EAC3B,iBAAkBT,MAAC,CAACY,OAAO,CAAC,CAAC,CAC9B,CAAC;;AAEF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAPAR,OAAA,CAAAM,UAAA,GAAAA,UAAA;AAcO,MAAMG,QAAQ,GAAGb,MAAC,CAACM,MAAM,CAAC;EAC/BQ,MAAM,EAAEd,MAAC,CAACM,MAAM,CAAC;IACfS,GAAG,EAAEf,MAAC,CAACgB,OAAO,CAAC,WAAW,CAAC;IAC3BC,GAAG,EAAEjB,MAAC,CAACS,MAAM,CAAC,CAAC;IACfS,GAAG,EAAElB,MAAC,CAACS,MAAM,CAAC,CAAC,CAACU,QAAQ,CAAC;EAC3B,CAAC,CAAC;EACFC,OAAO,EAAEpB,MAAC,CAACqB,YAAY,CACrBrB,MAAC,CAACM,MAAM,CAAC;IACPgB,GAAG,EAAEtB,MAAC,CAACS,MAAM,CAAC,CAAC;IACfc,GAAG,EAAEvB,MAAC,CAACS,MAAM,CAAC,CAAC;IACfe,GAAG,EAAEzB,QAAQ,CAACoB,QAAQ,CAAC,CAAC;IACxBM,GAAG,EAAE1B,QAAQ;IACb2B,OAAO,EAAE1B,MAAC,CAACgB,OAAO,CAAC,SAAS,CAAC;IAC7BW,MAAM,EAAE3B,MAAC,CAACM,MAAM,CAAC;MACfsB,~~kBAAkB~~,EAAE5B,MAAC,CAACM,MAAM,CAAC;~~QAC3BuB~~,mBAAmB,EAAE7B,MAAC,CAACgB,OAAO,CAAC,SAAS;MAC1C,CAAC;IACH,CAAC,CAAC;IACFc,GAAG,EAAE9B,MAAC,CAACM,MAAM,CAAC;MACZyB,GAAG,EAAEC;IACP,CAAC,CAAC;IACFC,GAAG,EAAEjC,MAAC,CAACS,MAAM,CAAC;~~EAChB~~,CAAC,CAAC,EACFJ,qBACF;AACF,CAAC,CAAC;~~AAACD~~,OAAA,CAAAS,QAAA,GAAAA,QAAA"}
1	+ {"version":3,"names":["_jwk","require","_zod","UnixTime","z","number","min","max","exports","ObfuscatedDisclosures","object","_sd","array","string","Disclosure","tuple","unknown","SdJwt4VC","header","typ","literal","alg","kid","optional","payload","intersection","iss","sub","iat","exp","_sd_alg","status","status_assertion","credential_hash_alg","cnf","jwk","JWK","vct","issuing_authority","issuing_country","Verification","trust_framework","assurance_level","evidence","type","time","attestation","reference_number","date_of_issuance","voucher","organization","TypeMetadata","name","description","data_source","authentic_source","organization_name","organization_code","contacts","homepage_uri","url","logo_uri"],"sourceRoot":"../../../src","sources":["sd-jwt/types.ts"],"mappings":";;;;;;AAAA,IAAAA,IAAA,GAAAC,OAAA;AACA,IAAAC,IAAA,GAAAD,OAAA;AAEO,MAAME,QAAQ,GAAGC,MAAC,CAACC,MAAM,CAAC,CAAC,CAACC,GAAG,CAAC,CAAC,CAAC,CAACC,GAAG,CAAC,aAAa,CAAC;AAACC,OAAA,CAAAL,QAAA,GAAAA,QAAA;AAItD,MAAMM,qBAAqB,GAAGL,MAAC,CAACM,MAAM,CAAC;EAAEC,GAAG,EAAEP,MAAC,CAACQ,KAAK,CAACR,MAAC,CAACS,MAAM,CAAC,CAAC;AAAE,CAAC,CAAC;;AAE3E;AACA;AACA;AACA;AACA;AACA;AALAL,OAAA,CAAAC,qBAAA,GAAAA,qBAAA;AAOO,MAAMK,UAAU,GAAGV,MAAC,CAACW,KAAK,CAAC,CAChC,UAAWX,MAAC,CAACS,MAAM,CAAC,CAAC,EACrB,gBAAiBT,MAAC,CAACS,MAAM,CAAC,CAAC,EAC3B,iBAAkBT,MAAC,CAACY,OAAO,CAAC,CAAC,CAC9B,CAAC;;AAEF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAPAR,OAAA,CAAAM,UAAA,GAAAA,UAAA;AAcO,MAAMG,QAAQ,GAAGb,MAAC,CAACM,MAAM,CAAC;EAC/BQ,MAAM,EAAEd,MAAC,CAACM,MAAM,CAAC;IACfS,GAAG,EAAEf,MAAC,CAACgB,OAAO,CAAC,WAAW,CAAC;IAC3BC,GAAG,EAAEjB,MAAC,CAACS,MAAM,CAAC,CAAC;IACfS,GAAG,EAAElB,MAAC,CAACS,MAAM,CAAC,CAAC,CAACU,QAAQ,CAAC;EAC3B,CAAC,CAAC;EACFC,OAAO,EAAEpB,MAAC,CAACqB,YAAY,CACrBrB,MAAC,CAACM,MAAM,CAAC;IACPgB,GAAG,EAAEtB,MAAC,CAACS,MAAM,CAAC,CAAC;IACfc,GAAG,EAAEvB,MAAC,CAACS,MAAM,CAAC,CAAC;IACfe,GAAG,EAAEzB,QAAQ,CAACoB,QAAQ,CAAC,CAAC;IACxBM,GAAG,EAAE1B,QAAQ;IACb2B,OAAO,EAAE1B,MAAC,CAACgB,OAAO,CAAC,SAAS,CAAC;IAC7BW,MAAM,EAAE3B,MAAC,CAACM,MAAM,CAAC;MACfsB,gBAAgB,EAAE5B,MAAC,CAACM,MAAM,CAAC;QACzBuB,mBAAmB,EAAE7B,MAAC,CAACgB,OAAO,CAAC,SAAS;MAC1C,CAAC;IACH,CAAC,CAAC;IACFc,GAAG,EAAE9B,MAAC,CAACM,MAAM,CAAC;MACZyB,GAAG,EAAEC;IACP,CAAC,CAAC;IACFC,GAAG,EAAEjC,MAAC,CAACS,MAAM,CAAC,CAAC;IACf,eAAe,EAAET,MAAC,CAACS,MAAM,CAAC,CAAC;IAC3ByB,iBAAiB,EAAElC,MAAC,CAACS,MAAM,CAAC,CAAC;IAC7B0B,eAAe,EAAEnC,MAAC,CAACS,MAAM,CAAC;EAC5B,CAAC,CAAC,EACFJ,qBACF;AACF,CAAC,CAAC;;AAEF;AACA;AACA;AACA;AAHAD,OAAA,CAAAS,QAAA,GAAAA,QAAA;AAKO,MAAMuB,YAAY,GAAGpC,MAAC,CAACM,MAAM,CAAC;EACnC+B,eAAe,EAAErC,MAAC,CAACS,MAAM,CAAC,CAAC;EAC3B6B,eAAe,EAAEtC,MAAC,CAACS,MAAM,CAAC,CAAC;EAC3B8B,QAAQ,EAAEvC,MAAC,CAACQ,KAAK,CACfR,MAAC,CAACM,MAAM,CAAC;IACPkC,IAAI,EAAExC,MAAC,CAACgB,OAAO,CAAC,OAAO,CAAC;IACxByB,IAAI,EAAEzC,MAAC,CAACS,MAAM,CAAC,CAAC;IAChBiC,WAAW,EAAE1C,MAAC,CAACM,MAAM,CAAC;MACpBkC,IAAI,EAAExC,MAAC,CAACgB,OAAO,CAAC,qBAAqB,CAAC;MACtC2B,gBAAgB,EAAE3C,MAAC,CAACS,MAAM,CAAC,CAAC;MAC5BmC,gBAAgB,EAAE5C,MAAC,CAACS,MAAM,CAAC,CAAC;MAC5BoC,OAAO,EAAE7C,MAAC,CAACM,MAAM,CAAC;QAAEwC,YAAY,EAAE9C,MAAC,CAACS,MAAM,CAAC;MAAE,CAAC;IAChD,CAAC;EACH,CAAC,CACH;AACF,CAAC,CAAC;;AAEF;AACA;AACA;AACA;AACA;AAJAL,OAAA,CAAAgC,YAAA,GAAAA,YAAA;AAMO,MAAMW,YAAY,GAAG/C,MAAC,CAACM,MAAM,CAAC;EACnC0C,IAAI,EAAEhD,MAAC,CAACS,MAAM,CAAC,CAAC;EAChBwC,WAAW,EAAEjD,MAAC,CAACS,MAAM,CAAC,CAAC;EACvByC,WAAW,EAAElD,MAAC,CAACM,MAAM,CAAC;IACpB+B,eAAe,EAAErC,MAAC,CAACS,MAAM,CAAC,CAAC;IAC3B0C,gBAAgB,EAAEnD,MAAC,CAACM,MAAM,CAAC;MACzB8C,iBAAiB,EAAEpD,MAAC,CAACS,MAAM,CAAC,CAAC;MAC7B4C,iBAAiB,EAAErD,MAAC,CAACS,MAAM,CAAC,CAAC;MAC7B6C,QAAQ,EAAEtD,MAAC,CAACQ,KAAK,CAACR,MAAC,CAACS,MAAM,CAAC,CAAC,CAAC;MAC7B8C,YAAY,EAAEvD,MAAC,CAACS,MAAM,CAAC,CAAC,CAAC+C,GAAG,CAAC,CAAC;MAC9BC,QAAQ,EAAEzD,MAAC,CAACS,MAAM,CAAC,CAAC,CAAC+C,GAAG,CAAC;IAC3B,CAAC;EACH,CAAC;EACD;AACF,CAAC,CAAC;AAACpD,OAAA,CAAA2C,YAAA,GAAAA,YAAA"}

package/lib/commonjs/sd-jwt/utils.js ADDED Viewed

@@ -0,0 +1,64 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.getVerification = exports.fetchTypeMetadata = void 0;
+var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
+var _misc = require("../utils/misc");
+var _types = require("./types");
+var _errors = require("../utils/errors");
+var _ = require(".");
+var _converters = require("./converters");
+/**
+ * Retrieve the Type Metadata for a credential and verify its integrity.
+ * @param vct The VCT as a valid HTTPS url
+ * @param vctIntegrity The integrity hash
+ * @param context.appFetch (optional) fetch api implementation. Default: built-in fetch
+ * @returns The credential metadata {@link TypeMetadata}
+ */
+const fetchTypeMetadata = async function (vct, vctIntegrity) {
+  let context = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : {};
+  const {
+    appFetch = fetch
+  } = context;
+  const {
+    origin,
+    pathname
+  } = new URL(vct);
+  const metadata = await appFetch(`${origin}/.well-known/vct${pathname}`, {
+    headers: {
+      "Content-Type": "application/json"
+    }
+  }).then((0, _misc.hasStatusOrThrow)(200, _errors.IssuerResponseError)).then(res => res.json()).then(_types.TypeMetadata.parse);
+  const [alg, hash] = vctIntegrity.split(/-(.*)/s);
+  if (alg !== "sha256") {
+    throw new _errors.IoWalletError(`${alg} algorithm is not supported`);
+  }
+  // TODO: [SIW-2264] check if the hash is correctly calculated
+  const metadataHash = await (0, _ioReactNativeJwt.sha256ToBase64)(JSON.stringify(metadata));
+  if (metadataHash !== hash) {
+    throw new _errors.ValidationFailed({
+      message: "Unable to verify VCT integrity",
+      reason: "vct#integrity does not match the metadata hash"
+    });
+  }
+  return metadata;
+};
+/**
+ * Extract and validate the `verification` claim from disclosures.
+ * @param credentialSdJwt The raw credential SD-JWT
+ * @returns The verification claim or undefined if it wasn't found
+ */
+exports.fetchTypeMetadata = fetchTypeMetadata;
+const getVerification = credentialSdJwt => {
+  const {
+    disclosures
+  } = (0, _.decode)(credentialSdJwt);
+  const verificationDisclosure = (0, _converters.getValueFromDisclosures)(disclosures.map(d => d.decoded), "verification");
+  return verificationDisclosure ? _types.Verification.parse(verificationDisclosure) : undefined;
+};
+exports.getVerification = getVerification;
+//# sourceMappingURL=utils.js.map

package/lib/commonjs/sd-jwt/utils.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"names":["_ioReactNativeJwt","require","_misc","_types","_errors","_","_converters","fetchTypeMetadata","vct","vctIntegrity","context","arguments","length","undefined","appFetch","fetch","origin","pathname","URL","metadata","headers","then","hasStatusOrThrow","IssuerResponseError","res","json","TypeMetadata","parse","alg","hash","split","IoWalletError","metadataHash","sha256ToBase64","JSON","stringify","ValidationFailed","message","reason","exports","getVerification","credentialSdJwt","disclosures","decode","verificationDisclosure","getValueFromDisclosures","map","d","decoded","Verification"],"sourceRoot":"../../../src","sources":["sd-jwt/utils.ts"],"mappings":";;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AACA,IAAAC,KAAA,GAAAD,OAAA;AACA,IAAAE,MAAA,GAAAF,OAAA;AACA,IAAAG,OAAA,GAAAH,OAAA;AAKA,IAAAI,CAAA,GAAAJ,OAAA;AACA,IAAAK,WAAA,GAAAL,OAAA;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMM,iBAAiB,GAAG,eAAAA,CAC/BC,GAAW,EACXC,YAAoB,EAIM;EAAA,IAH1BC,OAEC,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EAEN,MAAM;IAAEG,QAAQ,GAAGC;EAAM,CAAC,GAAGL,OAAO;EACpC,MAAM;IAAEM,MAAM;IAAEC;EAAS,CAAC,GAAG,IAAIC,GAAG,CAACV,GAAG,CAAC;EAEzC,MAAMW,QAAQ,GAAG,MAAML,QAAQ,CAAE,GAAEE,MAAO,mBAAkBC,QAAS,EAAC,EAAE;IACtEG,OAAO,EAAE;MACP,cAAc,EAAE;IAClB;EACF,CAAC,CAAC,CACCC,IAAI,CAAC,IAAAC,sBAAgB,EAAC,GAAG,EAAEC,2BAAmB,CAAC,CAAC,CAChDF,IAAI,CAAEG,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBJ,IAAI,CAACK,mBAAY,CAACC,KAAK,CAAC;EAE3B,MAAM,CAACC,GAAG,EAAEC,IAAI,CAAC,GAAGpB,YAAY,CAACqB,KAAK,CAAC,QAAQ,CAAC;EAEhD,IAAIF,GAAG,KAAK,QAAQ,EAAE;IACpB,MAAM,IAAIG,qBAAa,CAAE,GAAEH,GAAI,6BAA4B,CAAC;EAC9D;;EAEA;EACA,MAAMI,YAAY,GAAG,MAAM,IAAAC,gCAAc,EAACC,IAAI,CAACC,SAAS,CAAChB,QAAQ,CAAC,CAAC;EAEnE,IAAIa,YAAY,KAAKH,IAAI,EAAE;IACzB,MAAM,IAAIO,wBAAgB,CAAC;MACzBC,OAAO,EAAE,gCAAgC;MACzCC,MAAM,EAAE;IACV,CAAC,CAAC;EACJ;EAEA,OAAOnB,QAAQ;AACjB,CAAC;;AAED;AACA;AACA;AACA;AACA;AAJAoB,OAAA,CAAAhC,iBAAA,GAAAA,iBAAA;AAKO,MAAMiC,eAAe,GAC1BC,eAAuB,IACM;EAC7B,MAAM;IAAEC;EAAY,CAAC,GAAG,IAAAC,QAAM,EAACF,eAAe,CAAC;EAC/C,MAAMG,sBAAsB,GAAG,IAAAC,mCAAuB,EACpDH,WAAW,CAACI,GAAG,CAAEC,CAAC,IAAKA,CAAC,CAACC,OAAO,CAAC,EACjC,cACF,CAAC;EACD,OAAOJ,sBAAsB,GACzBK,mBAAY,CAACtB,KAAK,CAACiB,sBAAsB,CAAC,GAC1C/B,SAAS;AACf,CAAC;AAAC0B,OAAA,CAAAC,eAAA,GAAAA,eAAA"}

package/lib/commonjs/trust/build-chain.js ADDED Viewed

@@ -0,0 +1,252 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.buildTrustChain = buildTrustChain;
+exports.getEntityConfiguration = exports.getCredentialIssuerEntityConfiguration = void 0;
+exports.getEntityStatement = getEntityStatement;
+exports.getFederationList = getFederationList;
+exports.getRelyingPartyEntityConfiguration = void 0;
+exports.getSignedEntityConfiguration = getSignedEntityConfiguration;
+exports.getSignedEntityStatement = getSignedEntityStatement;
+exports.getWalletProviderEntityConfiguration = exports.getTrustAnchorEntityConfiguration = void 0;
+var _errors = require("./errors");
+var _utils = require("./utils");
+var _types = require("./types");
+var _misc = require("../utils/misc");
+var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
+/**
+ * Fetch and parse the entity configuration document for a given federation entity.
+ * This is an inner method to serve public interfaces.
+ *
+ * To add another entity configuration type (example: Foo entity type):
+ *  - create its zod schema and type by inherit from the base type (example: FooEntityConfiguration = BaseEntityConfiguration.and(...))
+ *  - add such type to EntityConfiguration union
+ *  - add an overload to this function
+ *  - create a public function which use such type (example: getFooEntityConfiguration = (url, options) => Promise<FooEntityConfiguration>)
+ *
+ * @param entityBaseUrl The base url of the entity.
+ * @param schema The expected schema of the entity configuration, according to the kind of entity we are fetching from.
+ * @param options An optional object with additional options.
+ * @param options.appFetch An optional instance of the http client to be used.
+ * @returns The parsed entity configuration object
+ * @throws {IoWalletError} If the http request fails
+ * @throws Parse error if the document is not in the expected shape.
+ */
+async function fetchAndParseEntityConfiguration(entityBaseUrl, schema) {
+  let {
+    appFetch = fetch
+  } = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : {};
+  const responseText = await getSignedEntityConfiguration(entityBaseUrl, {
+    appFetch
+  });
+  const responseJwt = (0, _ioReactNativeJwt.decode)(responseText);
+  return schema.parse({
+    header: responseJwt.protectedHeader,
+    payload: responseJwt.payload
+  });
+}
+const getWalletProviderEntityConfiguration = (entityBaseUrl, options) => fetchAndParseEntityConfiguration(entityBaseUrl, _types.WalletProviderEntityConfiguration, options);
+exports.getWalletProviderEntityConfiguration = getWalletProviderEntityConfiguration;
+const getCredentialIssuerEntityConfiguration = (entityBaseUrl, options) => fetchAndParseEntityConfiguration(entityBaseUrl, _types.CredentialIssuerEntityConfiguration, options);
+exports.getCredentialIssuerEntityConfiguration = getCredentialIssuerEntityConfiguration;
+const getTrustAnchorEntityConfiguration = (entityBaseUrl, options) => fetchAndParseEntityConfiguration(entityBaseUrl, _types.TrustAnchorEntityConfiguration, options);
+exports.getTrustAnchorEntityConfiguration = getTrustAnchorEntityConfiguration;
+const getRelyingPartyEntityConfiguration = (entityBaseUrl, options) => fetchAndParseEntityConfiguration(entityBaseUrl, _types.RelyingPartyEntityConfiguration, options);
+exports.getRelyingPartyEntityConfiguration = getRelyingPartyEntityConfiguration;
+const getEntityConfiguration = (entityBaseUrl, options) => fetchAndParseEntityConfiguration(entityBaseUrl, _types.EntityConfiguration, options);
+/**
+ * Fetch and parse the entity statement document for a given federation entity.
+ *
+ * @param accreditationBodyBaseUrl The base url of the accreditation body which holds and signs the required entity statement
+ * @param subordinatedEntityBaseUrl The url that identifies the subordinate entity
+ * @param appFetch An optional instance of the http client to be used.
+ * @returns The parsed entity configuration object
+ * @throws {IoWalletError} If the http request fails
+ */
+exports.getEntityConfiguration = getEntityConfiguration;
+async function getEntityStatement(accreditationBodyBaseUrl, subordinatedEntityBaseUrl) {
+  let {
+    appFetch = fetch
+  } = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : {};
+  const responseText = await getSignedEntityStatement(accreditationBodyBaseUrl, subordinatedEntityBaseUrl, {
+    appFetch
+  });
+  const responseJwt = (0, _ioReactNativeJwt.decode)(responseText);
+  return _types.EntityStatement.parse({
+    header: responseJwt.protectedHeader,
+    payload: responseJwt.payload
+  });
+}
+/**
+ * Fetch the signed entity configuration token for an entity
+ *
+ * @param entityBaseUrl The url of the entity to fetch
+ * @param appFetch (optional) fetch api implementation
+ * @returns The signed Entity Configuration token
+ */
+async function getSignedEntityConfiguration(entityBaseUrl) {
+  let {
+    appFetch = fetch
+  } = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {};
+  const wellKnownUrl = `${entityBaseUrl}/.well-known/openid-federation`;
+  return await appFetch(wellKnownUrl, {
+    method: "GET"
+  }).then((0, _misc.hasStatusOrThrow)(200)).then(res => res.text());
+}
+/**
+ * Fetch the entity statement document for a given federation entity.
+ *
+ * @param federationFetchEndpoint The exact endpoint provided by the parent EC's metadata.
+ * @param subordinatedEntityBaseUrl The url that identifies the subordinate entity.
+ * @param appFetch An optional instance of the http client to be used.
+ * @returns The signed entity statement token.
+ * @throws {IoWalletError} If the http request fails.
+ */
+async function getSignedEntityStatement(federationFetchEndpoint, subordinatedEntityBaseUrl) {
+  let {
+    appFetch = fetch
+  } = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : {};
+  const url = new URL(federationFetchEndpoint);
+  url.searchParams.set("sub", subordinatedEntityBaseUrl);
+  return await appFetch(url.toString(), {
+    method: "GET"
+  }).then((0, _misc.hasStatusOrThrow)(200)).then(res => res.text());
+}
+/**
+ * Fetch the federation list document from a given endpoint.
+ *
+ * @param federationListEndpoint The URL of the federation list endpoint.
+ * @param appFetch An optional instance of the http client to be used.
+ * @returns The federation list as an array of strings.
+ * @throws {IoWalletError} If the HTTP request fails.
+ * @throws {FederationError} If the result is not in the expected format.
+ */
+async function getFederationList(federationListEndpoint) {
+  let {
+    appFetch = fetch
+  } = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {};
+  return await appFetch(federationListEndpoint, {
+    method: "GET"
+  }).then((0, _misc.hasStatusOrThrow)(200)).then(res => res.json()).then(json => {
+    const result = _types.FederationListResponse.safeParse(json);
+    if (!result.success) {
+      throw new _errors.FederationListParseError(`Invalid federation list format received from ${federationListEndpoint}. Error: ${result.error.message}`, {
+        url: federationListEndpoint,
+        parseError: result.error.toString()
+      });
+    }
+    return result.data;
+  });
+}
+/**
+ * Build a not-verified trust chain for a given Relying Party (RP) entity.
+ *
+ * @param relyingPartyEntityBaseUrl The base URL of the RP entity
+ * @param trustAnchorKey The public key of the Trust Anchor (TA) entity
+ * @param appFetch An optional instance of the http client to be used.
+ * @returns A list of signed tokens that represent the trust chain, in the order of the chain (from the RP to the Trust Anchor)
+ * @throws {FederationError} When an element of the chain fails to parse or other build steps fail.
+ */
+async function buildTrustChain(relyingPartyEntityBaseUrl, trustAnchorKey) {
+  let appFetch = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : fetch;
+  // 1: Recursively gather the trust chain from the RP up to the Trust Anchor
+  const trustChain = await gatherTrustChain(relyingPartyEntityBaseUrl, appFetch);
+  // 2: Trust Anchor signature verification
+  const trustAnchorJwt = trustChain[trustChain.length - 1];
+  if (!trustAnchorJwt) {
+    throw new _errors.BuildTrustChainError("Cannot verify trust anchor: missing entity configuration in gathered chain.", {
+      relyingPartyUrl: relyingPartyEntityBaseUrl
+    });
+  }
+  if (!trustAnchorKey.kid) {
+    throw new _errors.TrustAnchorKidMissingError();
+  }
+  await (0, _utils.verify)(trustAnchorJwt, trustAnchorKey.kid, [trustAnchorKey]);
+  // 3: Check the federation list
+  const trustAnchorConfig = _types.EntityConfiguration.parse((0, _utils.decode)(trustAnchorJwt));
+  const federationListEndpoint = trustAnchorConfig.payload.metadata.federation_entity.federation_list_endpoint;
+  if (federationListEndpoint) {
+    const federationList = await getFederationList(federationListEndpoint, {
+      appFetch
+    });
+    if (!federationList.includes(relyingPartyEntityBaseUrl)) {
+      throw new _errors.RelyingPartyNotAuthorizedError("Relying Party entity base URL is not authorized by the Trust Anchor's federation list.", {
+        relyingPartyUrl: relyingPartyEntityBaseUrl,
+        federationListEndpoint
+      });
+    }
+  }
+  return trustChain;
+}
+/**
+ * Recursively gather the trust chain for an entity and all its superiors.
+ * @param entityBaseUrl The base URL of the entity for which to gather the chain.
+ * @param appFetch An optional instance of the http client to be used.
+ * @param isLeaf Whether the current entity is the leaf of the chain.
+ * @returns A full ordered list of JWTs (ECs and ESs) forming the trust chain.
+ * @throws {FederationError} If any of the fetched documents fail to parse or other errors occur during the gathering process.
+ */
+async function gatherTrustChain(entityBaseUrl, appFetch) {
+  let isLeaf = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : true;
+  const chain = [];
+  // Fetch self-signed EC (only needed for the leaf)
+  const entityECJwt = await getSignedEntityConfiguration(entityBaseUrl, {
+    appFetch
+  });
+  const entityEC = _types.EntityConfiguration.parse((0, _utils.decode)(entityECJwt));
+  if (isLeaf) {
+    // Only push EC for the leaf
+    chain.push(entityECJwt);
+  }
+  // Find authority_hints (parent, if any)
+  const authorityHints = entityEC.payload.authority_hints ?? [];
+  if (authorityHints.length === 0) {
+    // This is the Trust Anchor (no parent)
+    if (!isLeaf) {
+      chain.push(entityECJwt);
+    }
+    return chain;
+  }
+  const parentEntityBaseUrl = authorityHints[0];
+  // Fetch parent EC
+  const parentECJwt = await getSignedEntityConfiguration(parentEntityBaseUrl, {
+    appFetch
+  });
+  const parentEC = _types.EntityConfiguration.parse((0, _utils.decode)(parentECJwt));
+  // Fetch ES
+  const federationFetchEndpoint = parentEC.payload.metadata.federation_entity.federation_fetch_endpoint;
+  if (!federationFetchEndpoint) {
+    throw new _errors.MissingFederationFetchEndpointError(`Missing federation_fetch_endpoint in parent's (${parentEntityBaseUrl}) configuration when gathering chain for ${entityBaseUrl}.`, {
+      entityBaseUrl,
+      missingInEntityUrl: parentEntityBaseUrl
+    });
+  }
+  const entityStatementJwt = await getSignedEntityStatement(federationFetchEndpoint, entityBaseUrl, {
+    appFetch
+  });
+  // Validate the ES
+  _types.EntityStatement.parse((0, _utils.decode)(entityStatementJwt));
+  // Push this ES into the chain
+  chain.push(entityStatementJwt);
+  // Recurse into the parent
+  const parentChain = await gatherTrustChain(parentEntityBaseUrl, appFetch, false);
+  return chain.concat(parentChain);
+}
+//# sourceMappingURL=build-chain.js.map

package/lib/commonjs/trust/build-chain.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"names":["_errors","require","_utils","_types","_misc","_ioReactNativeJwt","fetchAndParseEntityConfiguration","entityBaseUrl","schema","appFetch","fetch","arguments","length","undefined","responseText","getSignedEntityConfiguration","responseJwt","decodeJwt","parse","header","protectedHeader","payload","getWalletProviderEntityConfiguration","options","WalletProviderEntityConfiguration","exports","getCredentialIssuerEntityConfiguration","CredentialIssuerEntityConfiguration","getTrustAnchorEntityConfiguration","TrustAnchorEntityConfiguration","getRelyingPartyEntityConfiguration","RelyingPartyEntityConfiguration","getEntityConfiguration","EntityConfiguration","getEntityStatement","accreditationBodyBaseUrl","subordinatedEntityBaseUrl","getSignedEntityStatement","EntityStatement","wellKnownUrl","method","then","hasStatusOrThrow","res","text","federationFetchEndpoint","url","URL","searchParams","set","toString","getFederationList","federationListEndpoint","json","result","FederationListResponse","safeParse","success","FederationListParseError","error","message","parseError","data","buildTrustChain","relyingPartyEntityBaseUrl","trustAnchorKey","trustChain","gatherTrustChain","trustAnchorJwt","BuildTrustChainError","relyingPartyUrl","kid","TrustAnchorKidMissingError","verify","trustAnchorConfig","decode","metadata","federation_entity","federation_list_endpoint","federationList","includes","RelyingPartyNotAuthorizedError","isLeaf","chain","entityECJwt","entityEC","push","authorityHints","authority_hints","parentEntityBaseUrl","parentECJwt","parentEC","federation_fetch_endpoint","MissingFederationFetchEndpointError","missingInEntityUrl","entityStatementJwt","parentChain","concat"],"sourceRoot":"../../../src","sources":["trust/build-chain.ts"],"mappings":";;;;;;;;;;;;;AACA,IAAAA,OAAA,GAAAC,OAAA;AAOA,IAAAC,MAAA,GAAAD,OAAA;AACA,IAAAE,MAAA,GAAAF,OAAA;AASA,IAAAG,KAAA,GAAAH,OAAA;AACA,IAAAI,iBAAA,GAAAJ,OAAA;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAoCA,eAAeK,gCAAgCA,CAC7CC,aAAqB,EACrBC,MAK8B,EAM9B;EAAA,IALA;IACEC,QAAQ,GAAGC;EAGb,CAAC,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EAEN,MAAMG,YAAY,GAAG,MAAMC,4BAA4B,CAACR,aAAa,EAAE;IACrEE;EACF,CAAC,CAAC;EAEF,MAAMO,WAAW,GAAG,IAAAC,wBAAS,EAACH,YAAY,CAAC;EAC3C,OAAON,MAAM,CAACU,KAAK,CAAC;IAClBC,MAAM,EAAEH,WAAW,CAACI,eAAe;IACnCC,OAAO,EAAEL,WAAW,CAACK;EACvB,CAAC,CAAC;AACJ;AAEO,MAAMC,oCAAoC,GAAGA,CAClDf,aAAqE,EACrEgB,OAAgE,KAEhEjB,gCAAgC,CAC9BC,aAAa,EACbiB,wCAAiC,EACjCD,OACF,CAAC;AAACE,OAAA,CAAAH,oCAAA,GAAAA,oCAAA;AAEG,MAAMI,sCAAsC,GAAGA,CACpDnB,aAAqE,EACrEgB,OAAgE,KAEhEjB,gCAAgC,CAC9BC,aAAa,EACboB,0CAAmC,EACnCJ,OACF,CAAC;AAACE,OAAA,CAAAC,sCAAA,GAAAA,sCAAA;AAEG,MAAME,iCAAiC,GAAGA,CAC/CrB,aAAqE,EACrEgB,OAAgE,KAEhEjB,gCAAgC,CAC9BC,aAAa,EACbsB,qCAA8B,EAC9BN,OACF,CAAC;AAACE,OAAA,CAAAG,iCAAA,GAAAA,iCAAA;AAEG,MAAME,kCAAkC,GAAGA,CAChDvB,aAAqE,EACrEgB,OAAgE,KAEhEjB,gCAAgC,CAC9BC,aAAa,EACbwB,sCAA+B,EAC/BR,OACF,CAAC;AAACE,OAAA,CAAAK,kCAAA,GAAAA,kCAAA;AAEG,MAAME,sBAAsB,GAAGA,CACpCzB,aAAqE,EACrEgB,OAAgE,KAEhEjB,gCAAgC,CAACC,aAAa,EAAE0B,0BAAmB,EAAEV,OAAO,CAAC;;AAE/E;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AARAE,OAAA,CAAAO,sBAAA,GAAAA,sBAAA;AASO,eAAeE,kBAAkBA,CACtCC,wBAAgC,EAChCC,yBAAiC,EAMjC;EAAA,IALA;IACE3B,QAAQ,GAAGC;EAGb,CAAC,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EAEN,MAAMG,YAAY,GAAG,MAAMuB,wBAAwB,CACjDF,wBAAwB,EACxBC,yBAAyB,EACzB;IACE3B;EACF,CACF,CAAC;EAED,MAAMO,WAAW,GAAG,IAAAC,wBAAS,EAACH,YAAY,CAAC;EAC3C,OAAOwB,sBAAe,CAACpB,KAAK,CAAC;IAC3BC,MAAM,EAAEH,WAAW,CAACI,eAAe;IACnCC,OAAO,EAAEL,WAAW,CAACK;EACvB,CAAC,CAAC;AACJ;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,eAAeN,4BAA4BA,CAChDR,aAAqB,EAMJ;EAAA,IALjB;IACEE,QAAQ,GAAGC;EAGb,CAAC,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EAEN,MAAM4B,YAAY,GAAI,GAAEhC,aAAc,gCAA+B;EAErE,OAAO,MAAME,QAAQ,CAAC8B,YAAY,EAAE;IAClCC,MAAM,EAAE;EACV,CAAC,CAAC,CACCC,IAAI,CAAC,IAAAC,sBAAgB,EAAC,GAAG,CAAC,CAAC,CAC3BD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC;AAC9B;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,eAAeP,wBAAwBA,CAC5CQ,uBAA+B,EAC/BT,yBAAiC,EAMjC;EAAA,IALA;IACE3B,QAAQ,GAAGC;EAGb,CAAC,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EAEN,MAAMmC,GAAG,GAAG,IAAIC,GAAG,CAACF,uBAAuB,CAAC;EAC5CC,GAAG,CAACE,YAAY,CAACC,GAAG,CAAC,KAAK,EAAEb,yBAAyB,CAAC;EAEtD,OAAO,MAAM3B,QAAQ,CAACqC,GAAG,CAACI,QAAQ,CAAC,CAAC,EAAE;IACpCV,MAAM,EAAE;EACV,CAAC,CAAC,CACCC,IAAI,CAAC,IAAAC,sBAAgB,EAAC,GAAG,CAAC,CAAC,CAC3BD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC;AAC9B;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,eAAeO,iBAAiBA,CACrCC,sBAA8B,EAMX;EAAA,IALnB;IACE3C,QAAQ,GAAGC;EAGb,CAAC,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EAEN,OAAO,MAAMF,QAAQ,CAAC2C,sBAAsB,EAAE;IAC5CZ,MAAM,EAAE;EACV,CAAC,CAAC,CACCC,IAAI,CAAC,IAAAC,sBAAgB,EAAC,GAAG,CAAC,CAAC,CAC3BD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACU,IAAI,CAAC,CAAC,CAAC,CACzBZ,IAAI,CAAEY,IAAI,IAAK;IACd,MAAMC,MAAM,GAAGC,6BAAsB,CAACC,SAAS,CAACH,IAAI,CAAC;IACrD,IAAI,CAACC,MAAM,CAACG,OAAO,EAAE;MACnB,MAAM,IAAIC,gCAAwB,CAC/B,gDAA+CN,sBAAuB,YAAWE,MAAM,CAACK,KAAK,CAACC,OAAQ,EAAC,EACxG;QAAEd,GAAG,EAAEM,sBAAsB;QAAES,UAAU,EAAEP,MAAM,CAACK,KAAK,CAACT,QAAQ,CAAC;MAAE,CACrE,CAAC;IACH;IACA,OAAOI,MAAM,CAACQ,IAAI;EACpB,CAAC,CAAC;AACN;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,eAAeC,eAAeA,CACnCC,yBAAiC,EACjCC,cAAmB,EAEA;EAAA,IADnBxD,QAA8B,GAAAE,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAGD,KAAK;EAEtC;EACA,MAAMwD,UAAU,GAAG,MAAMC,gBAAgB,CACvCH,yBAAyB,EACzBvD,QACF,CAAC;;EAED;EACA,MAAM2D,cAAc,GAAGF,UAAU,CAACA,UAAU,CAACtD,MAAM,GAAG,CAAC,CAAC;EACxD,IAAI,CAACwD,cAAc,EAAE;IACnB,MAAM,IAAIC,4BAAoB,CAC5B,6EAA6E,EAC7E;MAAEC,eAAe,EAAEN;IAA0B,CAC/C,CAAC;EACH;EAEA,IAAI,CAACC,cAAc,CAACM,GAAG,EAAE;IACvB,MAAM,IAAIC,kCAA0B,CAAC,CAAC;EACxC;EAEA,MAAM,IAAAC,aAAM,EAACL,cAAc,EAAEH,cAAc,CAACM,GAAG,EAAE,CAACN,cAAc,CAAC,CAAC;;EAElE;EACA,MAAMS,iBAAiB,GAAGzC,0BAAmB,CAACf,KAAK,CAAC,IAAAyD,aAAM,EAACP,cAAc,CAAC,CAAC;EAC3E,MAAMhB,sBAAsB,GAC1BsB,iBAAiB,CAACrD,OAAO,CAACuD,QAAQ,CAACC,iBAAiB,CACjDC,wBAAwB;EAE7B,IAAI1B,sBAAsB,EAAE;IAC1B,MAAM2B,cAAc,GAAG,MAAM5B,iBAAiB,CAACC,sBAAsB,EAAE;MACrE3C;IACF,CAAC,CAAC;IAEF,IAAI,CAACsE,cAAc,CAACC,QAAQ,CAAChB,yBAAyB,CAAC,EAAE;MACvD,MAAM,IAAIiB,sCAA8B,CACtC,wFAAwF,EACxF;QAAEX,eAAe,EAAEN,yBAAyB;QAAEZ;MAAuB,CACvE,CAAC;IACH;EACF;EAEA,OAAOc,UAAU;AACnB;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,eAAeC,gBAAgBA,CAC7B5D,aAAqB,EACrBE,QAA8B,EAEX;EAAA,IADnByE,MAAe,GAAAvE,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,IAAI;EAEtB,MAAMwE,KAAe,GAAG,EAAE;;EAE1B;EACA,MAAMC,WAAW,GAAG,MAAMrE,4BAA4B,CAACR,aAAa,EAAE;IACpEE;EACF,CAAC,CAAC;EACF,MAAM4E,QAAQ,GAAGpD,0BAAmB,CAACf,KAAK,CAAC,IAAAyD,aAAM,EAACS,WAAW,CAAC,CAAC;EAE/D,IAAIF,MAAM,EAAE;IACV;IACAC,KAAK,CAACG,IAAI,CAACF,WAAW,CAAC;EACzB;;EAEA;EACA,MAAMG,cAAc,GAAGF,QAAQ,CAAChE,OAAO,CAACmE,eAAe,IAAI,EAAE;EAC7D,IAAID,cAAc,CAAC3E,MAAM,KAAK,CAAC,EAAE;IAC/B;IACA,IAAI,CAACsE,MAAM,EAAE;MACXC,KAAK,CAACG,IAAI,CAACF,WAAW,CAAC;IACzB;IACA,OAAOD,KAAK;EACd;EAEA,MAAMM,mBAAmB,GAAGF,cAAc,CAAC,CAAC,CAAE;;EAE9C;EACA,MAAMG,WAAW,GAAG,MAAM3E,4BAA4B,CAAC0E,mBAAmB,EAAE;IAC1EhF;EACF,CAAC,CAAC;EACF,MAAMkF,QAAQ,GAAG1D,0BAAmB,CAACf,KAAK,CAAC,IAAAyD,aAAM,EAACe,WAAW,CAAC,CAAC;;EAE/D;EACA,MAAM7C,uBAAuB,GAC3B8C,QAAQ,CAACtE,OAAO,CAACuD,QAAQ,CAACC,iBAAiB,CAACe,yBAAyB;EACvE,IAAI,CAAC/C,uBAAuB,EAAE;IAC5B,MAAM,IAAIgD,2CAAmC,CAC1C,kDAAiDJ,mBAAoB,4CAA2ClF,aAAc,GAAE,EACjI;MAAEA,aAAa;MAAEuF,kBAAkB,EAAEL;IAAoB,CAC3D,CAAC;EACH;EAEA,MAAMM,kBAAkB,GAAG,MAAM1D,wBAAwB,CACvDQ,uBAAuB,EACvBtC,aAAa,EACb;IAAEE;EAAS,CACb,CAAC;EACD;EACA6B,sBAAe,CAACpB,KAAK,CAAC,IAAAyD,aAAM,EAACoB,kBAAkB,CAAC,CAAC;;EAEjD;EACAZ,KAAK,CAACG,IAAI,CAACS,kBAAkB,CAAC;;EAE9B;EACA,MAAMC,WAAW,GAAG,MAAM7B,gBAAgB,CACxCsB,mBAAmB,EACnBhF,QAAQ,EACR,KACF,CAAC;EAED,OAAO0E,KAAK,CAACc,MAAM,CAACD,WAAW,CAAC;AAClC"}