@pagopa/io-react-native-wallet 2.0.0-next.2 → 2.0.0-next.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/commonjs/credential/issuance/03-start-user-authorization.js +38 -24
- package/lib/commonjs/credential/issuance/03-start-user-authorization.js.map +1 -1
- package/lib/commonjs/credential/issuance/05-authorize-access.js +6 -10
- package/lib/commonjs/credential/issuance/05-authorize-access.js.map +1 -1
- package/lib/commonjs/credential/issuance/06-obtain-credential.js +43 -11
- package/lib/commonjs/credential/issuance/06-obtain-credential.js.map +1 -1
- package/lib/commonjs/credential/issuance/07-verify-and-parse-credential.js +51 -48
- package/lib/commonjs/credential/issuance/07-verify-and-parse-credential.js.map +1 -1
- package/lib/commonjs/credential/issuance/README.md +34 -13
- package/lib/commonjs/credential/issuance/const.js +1 -1
- package/lib/commonjs/credential/issuance/types.js +16 -10
- package/lib/commonjs/credential/issuance/types.js.map +1 -1
- package/lib/commonjs/credential/presentation/07-evaluate-dcql-query.js +4 -4
- package/lib/commonjs/credential/presentation/07-evaluate-input-descriptor.js +3 -3
- package/lib/commonjs/credential/status/README.md +0 -1
- package/lib/commonjs/sd-jwt/__test__/index.test.js +11 -15
- package/lib/commonjs/sd-jwt/__test__/index.test.js.map +1 -1
- package/lib/commonjs/sd-jwt/__test__/types.test.js +5 -2
- package/lib/commonjs/sd-jwt/__test__/types.test.js.map +1 -1
- package/lib/commonjs/sd-jwt/__test__/utils.test.js +37 -0
- package/lib/commonjs/sd-jwt/__test__/utils.test.js.map +1 -0
- package/lib/commonjs/sd-jwt/index.js +20 -0
- package/lib/commonjs/sd-jwt/index.js.map +1 -1
- package/lib/commonjs/sd-jwt/types.js +51 -4
- package/lib/commonjs/sd-jwt/types.js.map +1 -1
- package/lib/commonjs/sd-jwt/utils.js +64 -0
- package/lib/commonjs/sd-jwt/utils.js.map +1 -0
- package/lib/commonjs/trust/types.js +18 -13
- package/lib/commonjs/trust/types.js.map +1 -1
- package/lib/commonjs/utils/par.js +32 -22
- package/lib/commonjs/utils/par.js.map +1 -1
- package/lib/commonjs/utils/pop.js +1 -1
- package/lib/commonjs/utils/pop.js.map +1 -1
- package/lib/commonjs/wallet-instance-attestation/types.js +5 -1
- package/lib/commonjs/wallet-instance-attestation/types.js.map +1 -1
- package/lib/module/credential/issuance/03-start-user-authorization.js +38 -24
- package/lib/module/credential/issuance/03-start-user-authorization.js.map +1 -1
- package/lib/module/credential/issuance/05-authorize-access.js +6 -10
- package/lib/module/credential/issuance/05-authorize-access.js.map +1 -1
- package/lib/module/credential/issuance/06-obtain-credential.js +44 -12
- package/lib/module/credential/issuance/06-obtain-credential.js.map +1 -1
- package/lib/module/credential/issuance/07-verify-and-parse-credential.js +51 -48
- package/lib/module/credential/issuance/07-verify-and-parse-credential.js.map +1 -1
- package/lib/module/credential/issuance/README.md +34 -13
- package/lib/module/credential/issuance/const.js +1 -1
- package/lib/module/credential/issuance/types.js +12 -8
- package/lib/module/credential/issuance/types.js.map +1 -1
- package/lib/module/credential/presentation/07-evaluate-dcql-query.js +4 -4
- package/lib/module/credential/presentation/07-evaluate-input-descriptor.js +3 -3
- package/lib/module/credential/status/README.md +0 -1
- package/lib/module/sd-jwt/__test__/index.test.js +11 -16
- package/lib/module/sd-jwt/__test__/index.test.js.map +1 -1
- package/lib/module/sd-jwt/__test__/types.test.js +5 -2
- package/lib/module/sd-jwt/__test__/types.test.js.map +1 -1
- package/lib/module/sd-jwt/__test__/utils.test.js +35 -0
- package/lib/module/sd-jwt/__test__/utils.test.js.map +1 -0
- package/lib/module/sd-jwt/index.js +1 -0
- package/lib/module/sd-jwt/index.js.map +1 -1
- package/lib/module/sd-jwt/types.js +50 -3
- package/lib/module/sd-jwt/types.js.map +1 -1
- package/lib/module/sd-jwt/utils.js +57 -0
- package/lib/module/sd-jwt/utils.js.map +1 -0
- package/lib/module/trust/types.js +18 -13
- package/lib/module/trust/types.js.map +1 -1
- package/lib/module/utils/par.js +29 -20
- package/lib/module/utils/par.js.map +1 -1
- package/lib/module/utils/pop.js +1 -1
- package/lib/module/utils/pop.js.map +1 -1
- package/lib/module/wallet-instance-attestation/types.js +5 -1
- package/lib/module/wallet-instance-attestation/types.js.map +1 -1
- package/lib/typescript/client/generated/wallet-provider.d.ts +12 -12
- package/lib/typescript/credential/issuance/01-start-flow.d.ts +2 -2
- package/lib/typescript/credential/issuance/01-start-flow.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/03-start-user-authorization.d.ts +7 -6
- package/lib/typescript/credential/issuance/03-start-user-authorization.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/05-authorize-access.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/06-obtain-credential.d.ts +10 -5
- package/lib/typescript/credential/issuance/06-obtain-credential.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/07-verify-and-parse-credential.d.ts +3 -2
- package/lib/typescript/credential/issuance/07-verify-and-parse-credential.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/const.d.ts +1 -1
- package/lib/typescript/credential/issuance/types.d.ts +46 -26
- package/lib/typescript/credential/issuance/types.d.ts.map +1 -1
- package/lib/typescript/pid/sd-jwt/types.d.ts +7 -7
- package/lib/typescript/sd-jwt/__test__/utils.test.d.ts +2 -0
- package/lib/typescript/sd-jwt/__test__/utils.test.d.ts.map +1 -0
- package/lib/typescript/sd-jwt/index.d.ts +21 -8
- package/lib/typescript/sd-jwt/index.d.ts.map +1 -1
- package/lib/typescript/sd-jwt/types.d.ts +194 -12
- package/lib/typescript/sd-jwt/types.d.ts.map +1 -1
- package/lib/typescript/sd-jwt/utils.d.ts +18 -0
- package/lib/typescript/sd-jwt/utils.d.ts.map +1 -0
- package/lib/typescript/trust/build-chain.d.ts +30 -14
- package/lib/typescript/trust/build-chain.d.ts.map +1 -1
- package/lib/typescript/trust/types.d.ts +322 -158
- package/lib/typescript/trust/types.d.ts.map +1 -1
- package/lib/typescript/utils/par.d.ts +29 -13
- package/lib/typescript/utils/par.d.ts.map +1 -1
- package/lib/typescript/wallet-instance-attestation/types.d.ts +9 -9
- package/lib/typescript/wallet-instance-attestation/types.d.ts.map +1 -1
- package/package.json +1 -1
- package/src/credential/issuance/01-start-flow.ts +2 -2
- package/src/credential/issuance/03-start-user-authorization.ts +57 -38
- package/src/credential/issuance/05-authorize-access.ts +5 -11
- package/src/credential/issuance/06-obtain-credential.ts +53 -23
- package/src/credential/issuance/07-verify-and-parse-credential.ts +54 -62
- package/src/credential/issuance/README.md +34 -13
- package/src/credential/issuance/const.ts +1 -1
- package/src/credential/issuance/types.ts +18 -8
- package/src/credential/presentation/07-evaluate-dcql-query.ts +4 -4
- package/src/credential/presentation/07-evaluate-input-descriptor.ts +3 -3
- package/src/credential/status/README.md +0 -1
- package/src/sd-jwt/__test__/index.test.ts +8 -29
- package/src/sd-jwt/__test__/types.test.ts +6 -2
- package/src/sd-jwt/__test__/utils.test.ts +37 -0
- package/src/sd-jwt/index.ts +2 -0
- package/src/sd-jwt/types.ts +49 -2
- package/src/sd-jwt/utils.ts +73 -0
- package/src/trust/types.ts +23 -17
- package/src/utils/par.ts +37 -21
- package/src/utils/pop.ts +1 -1
- package/src/wallet-instance-attestation/types.ts +3 -1
|
@@ -2,24 +2,16 @@ import { z } from "zod";
|
|
|
2
2
|
import { decode, disclose } from "../index";
|
|
3
3
|
import { encodeBase64, decodeBase64 } from "@pagopa/io-react-native-jwt";
|
|
4
4
|
import { SdJwt4VC } from "../types";
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
// - payload is taken from the italian specification, but _sd are compiled with:
|
|
12
|
-
// - "address" is used as verification._sd
|
|
13
|
-
// - all others disclosures are in claims._sd
|
|
14
|
-
const token = "eyJraWQiOiItRl82VWdhOG4zVmVnalkyVTdZVUhLMXpMb2FELU5QVGM2M1JNSVNuTGF3IiwidHlwIjoidmMrc2Qtand0IiwiYWxnIjoiRVMyNTYifQ.eyJfc2QiOlsiMHExRDVKbWF2NnBRYUVoX0pfRmN2X3VOTk1RSWdDeWhRT3hxbFk0bDNxVSIsIktDSi1BVk52ODhkLXhqNnNVSUFPSnhGbmJVaDNySFhES2tJSDFsRnFiUnMiLCJNOWxvOVl4RE5JWHJBcTJxV2VpQ0E0MHpwSl96WWZGZFJfNEFFQUxjUnRVIiwiY3pnalVrMG5xUkNzd1NoQ2hDamRTNkExLXY0N2RfcVRDU0ZJdklIaE1vSSIsIm5HblFyN2NsbTN0ZlRwOHlqTF91SHJEU090elIyUFZiOFM3R2VMZEFxQlEiLCJ4TklWd2xwU3NhWjhDSlNmMGd6NXhfNzVWUldXYzZWMW1scGVqZENycVVzIl0sInN1YiI6IjIxNmY4OTQ2LTllY2ItNDgxOS05MzA5LWMwNzZmMzRhN2UxMSIsIl9zZF9hbGciOiJzaGEtMjU2IiwidmN0IjoiUGVyc29uSWRlbnRpZmljYXRpb25EYXRhIiwiaXNzIjoiaHR0cHM6Ly9wcmUuZWlkLndhbGxldC5pcHpzLml0IiwiY25mIjp7Imp3ayI6eyJrdHkiOiJFQyIsImNydiI6IlAtMjU2Iiwia2lkIjoiUnYzVy1FaUtwdkJUeWs1eVp4dnJldi03TURCNlNselVDQm9fQ1FqamRkVSIsIngiOiIwV294N1F0eVBxQnlnMzVNSF9YeUNjbmQ1TGUtSm0wQVhIbFVnREJBMDNZIiwieSI6ImVFaFZ2ZzFKUHFOZDNEVFNhNG1HREdCbHdZNk5QLUVaYkxiTkZYU1h3SWcifX0sImV4cCI6MTc1MTU0NjU3Niwic3RhdHVzIjp7InN0YXR1c19hdHRlc3RhdGlvbiI6eyJjcmVkZW50aWFsX2hhc2hfYWxnIjoic2hhLTI1NiJ9fX0.qXHA2oqr8trX4fGxpxpUft2GX380TM3pzfo1MYAsDjUC8HsODA-4rdRWAvDe2zYP57x4tJU7eiABkd1Kmln9yQ~WyJrSkRFUDhFYU5URU1CRE9aelp6VDR3IiwidW5pcXVlX2lkIiwiVElOSVQtTFZMREFBODVUNTBHNzAyQiJd~WyJ6SUF5VUZ2UGZJcEUxekJxeEk1aGFRIiwiYmlydGhfZGF0ZSIsIjE5ODUtMTItMTAiXQ~WyJHcjNSM3MyOTBPa1FVbS1ORlR1OTZBIiwidGF4X2lkX2NvZGUiLCJUSU5JVC1MVkxEQUE4NVQ1MEc3MDJCIl0~WyJHeE9SYWxNQWVsZlowZWRGSmpqWVV3IiwiZ2l2ZW5fbmFtZSIsIkFkYSJd~WyJfdlY1UklrbDBJT0VYS290czlrdDF3IiwiZmFtaWx5X25hbWUiLCJMb3ZlbGFjZSJd~WyJDajV0Y2NSNzJKd3J6ZTJUVzRhLXdnIiwiaWF0IiwxNzIwMDEwNTc1XQ";
|
|
15
|
-
const unsigned = "eyJraWQiOiItRl82VWdhOG4zVmVnalkyVTdZVUhLMXpMb2FELU5QVGM2M1JNSVNuTGF3IiwidHlwIjoidmMrc2Qtand0IiwiYWxnIjoiRVMyNTYifQ.eyJfc2QiOlsiMHExRDVKbWF2NnBRYUVoX0pfRmN2X3VOTk1RSWdDeWhRT3hxbFk0bDNxVSIsIktDSi1BVk52ODhkLXhqNnNVSUFPSnhGbmJVaDNySFhES2tJSDFsRnFiUnMiLCJNOWxvOVl4RE5JWHJBcTJxV2VpQ0E0MHpwSl96WWZGZFJfNEFFQUxjUnRVIiwiY3pnalVrMG5xUkNzd1NoQ2hDamRTNkExLXY0N2RfcVRDU0ZJdklIaE1vSSIsIm5HblFyN2NsbTN0ZlRwOHlqTF91SHJEU090elIyUFZiOFM3R2VMZEFxQlEiLCJ4TklWd2xwU3NhWjhDSlNmMGd6NXhfNzVWUldXYzZWMW1scGVqZENycVVzIl0sInN1YiI6IjIxNmY4OTQ2LTllY2ItNDgxOS05MzA5LWMwNzZmMzRhN2UxMSIsIl9zZF9hbGciOiJzaGEtMjU2IiwidmN0IjoiUGVyc29uSWRlbnRpZmljYXRpb25EYXRhIiwiaXNzIjoiaHR0cHM6Ly9wcmUuZWlkLndhbGxldC5pcHpzLml0IiwiY25mIjp7Imp3ayI6eyJrdHkiOiJFQyIsImNydiI6IlAtMjU2Iiwia2lkIjoiUnYzVy1FaUtwdkJUeWs1eVp4dnJldi03TURCNlNselVDQm9fQ1FqamRkVSIsIngiOiIwV294N1F0eVBxQnlnMzVNSF9YeUNjbmQ1TGUtSm0wQVhIbFVnREJBMDNZIiwieSI6ImVFaFZ2ZzFKUHFOZDNEVFNhNG1HREdCbHdZNk5QLUVaYkxiTkZYU1h3SWcifX0sImV4cCI6MTc1MTU0NjU3Niwic3RhdHVzIjp7InN0YXR1c19hdHRlc3RhdGlvbiI6eyJjcmVkZW50aWFsX2hhc2hfYWxnIjoic2hhLTI1NiJ9fX0";
|
|
16
|
-
const signature = "qXHA2oqr8trX4fGxpxpUft2GX380TM3pzfo1MYAsDjUC8HsODA-4rdRWAvDe2zYP57x4tJU7eiABkd1Kmln9yQ";
|
|
17
|
-
const signed = `${unsigned}.${signature}`;
|
|
18
|
-
const tokenizedDisclosures = ["WyJrSkRFUDhFYU5URU1CRE9aelp6VDR3IiwidW5pcXVlX2lkIiwiVElOSVQtTFZMREFBODVUNTBHNzAyQiJd", "WyJ6SUF5VUZ2UGZJcEUxekJxeEk1aGFRIiwiYmlydGhfZGF0ZSIsIjE5ODUtMTItMTAiXQ", "WyJHcjNSM3MyOTBPa1FVbS1ORlR1OTZBIiwidGF4X2lkX2NvZGUiLCJUSU5JVC1MVkxEQUE4NVQ1MEc3MDJCIl0", "WyJHeE9SYWxNQWVsZlowZWRGSmpqWVV3IiwiZ2l2ZW5fbmFtZSIsIkFkYSJd", "WyJfdlY1UklrbDBJT0VYS290czlrdDF3IiwiZmFtaWx5X25hbWUiLCJMb3ZlbGFjZSJd", "WyJDajV0Y2NSNzJKd3J6ZTJUVzRhLXdnIiwiaWF0IiwxNzIwMDEwNTc1XQ"];
|
|
5
|
+
import { pid } from "../__mocks__/sd-jwt";
|
|
6
|
+
const {
|
|
7
|
+
token,
|
|
8
|
+
signed,
|
|
9
|
+
tokenizedDisclosures
|
|
10
|
+
} = pid;
|
|
19
11
|
const sdJwt = {
|
|
20
12
|
header: {
|
|
21
13
|
kid: "-F_6Uga8n3VegjY2U7YUHK1zLoaD-NPTc63RMISnLaw",
|
|
22
|
-
typ: "
|
|
14
|
+
typ: "dc+sd-jwt",
|
|
23
15
|
alg: "ES256"
|
|
24
16
|
},
|
|
25
17
|
payload: {
|
|
@@ -27,7 +19,10 @@ const sdJwt = {
|
|
|
27
19
|
sub: "216f8946-9ecb-4819-9309-c076f34a7e11",
|
|
28
20
|
_sd_alg: "sha-256",
|
|
29
21
|
vct: "PersonIdentificationData",
|
|
22
|
+
"vct#integrity": "13e25888ac7b8a3a6d61440da787fccc81654e61085732bcacd89b36aec32675",
|
|
30
23
|
iss: "https://pre.eid.wallet.ipzs.it",
|
|
24
|
+
issuing_country: "IT",
|
|
25
|
+
issuing_authority: "Istituto Poligrafico e Zecca dello Stato",
|
|
31
26
|
cnf: {
|
|
32
27
|
jwk: {
|
|
33
28
|
kty: "EC",
|
|
@@ -39,7 +34,7 @@ const sdJwt = {
|
|
|
39
34
|
},
|
|
40
35
|
exp: 1751546576,
|
|
41
36
|
status: {
|
|
42
|
-
|
|
37
|
+
status_assertion: {
|
|
43
38
|
credential_hash_alg: "sha-256"
|
|
44
39
|
}
|
|
45
40
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["z","decode","disclose","encodeBase64","decodeBase64","SdJwt4VC","
|
|
1
|
+
{"version":3,"names":["z","decode","disclose","encodeBase64","decodeBase64","SdJwt4VC","pid","token","signed","tokenizedDisclosures","sdJwt","header","kid","typ","alg","payload","_sd","sub","_sd_alg","vct","iss","issuing_country","issuing_authority","cnf","jwk","kty","crv","x","y","exp","status","status_assertion","credential_hash_alg","disclosures","it","expect","JSON","parse","stringify","toEqual","join","toBe","describe","result","map","decoded","i","encoded","validDecoder","and","object","customField","string","invalidDecoder","error","expected","paths","claim","path","fn","rejects","any","Error"],"sourceRoot":"../../../../src","sources":["sd-jwt/__test__/index.test.ts"],"mappings":"AAAA,SAASA,CAAC,QAAQ,KAAK;AACvB,SAASC,MAAM,EAAEC,QAAQ,QAAQ,UAAU;AAE3C,SAASC,YAAY,EAAEC,YAAY,QAAQ,6BAA6B;AACxE,SAASC,QAAQ,QAAQ,UAAU;AACnC,SAASC,GAAG,QAAQ,qBAAqB;AAEzC,MAAM;EAAEC,KAAK;EAAEC,MAAM;EAAEC;AAAqB,CAAC,GAAGH,GAAG;AAEnD,MAAMI,KAAK,GAAG;EACZC,MAAM,EAAE;IACNC,GAAG,EAAE,6CAA6C;IAClDC,GAAG,EAAE,WAAW;IAChBC,GAAG,EAAE;EACP,CAAC;EACDC,OAAO,EAAE;IACPC,GAAG,EAAE,CACH,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,CAC9C;IACDC,GAAG,EAAE,sCAAsC;IAC3CC,OAAO,EAAE,SAAS;IAClBC,GAAG,EAAE,0BAA0B;IAC/B,eAAe,EACb,kEAAkE;IACpEC,GAAG,EAAE,gCAAgC;IACrCC,eAAe,EAAE,IAAI;IACrBC,iBAAiB,EAAE,0CAA0C;IAC7DC,GAAG,EAAE;MACHC,GAAG,EAAE;QACHC,GAAG,EAAE,IAAI;QACTC,GAAG,EAAE,OAAO;QACZd,GAAG,EAAE,6CAA6C;QAClDe,CAAC,EAAE,6CAA6C;QAChDC,CAAC,EAAE;MACL;IACF,CAAC;IACDC,GAAG,EAAE,UAAU;IACfC,MAAM,EAAE;MACNC,gBAAgB,EAAE;QAChBC,mBAAmB,EAAE;MACvB;IACF;EACF;AACF,CAAC;;AAED;AACA,MAAMC,WAAW,GAAG,CAClB,CAAC,wBAAwB,EAAE,WAAW,EAAE,wBAAwB,CAAC,EACjE,CAAC,wBAAwB,EAAE,YAAY,EAAE,YAAY,CAAC,EACtD,CAAC,wBAAwB,EAAE,aAAa,EAAE,wBAAwB,CAAC,EACnE,CAAC,wBAAwB,EAAE,YAAY,EAAE,KAAK,CAAC,EAC/C,CAAC,wBAAwB,EAAE,aAAa,EAAE,UAAU,CAAC,EACrD,CAAC,wBAAwB,EAAE,KAAK,EAAE,UAAU,CAAC,CAC9C;AACDC,EAAE,CAAC,kCAAkC,EAAE,MAAM;EAC3CC,MAAM,CACJC,IAAI,CAACC,KAAK,CAACjC,YAAY,CAACD,YAAY,CAACiC,IAAI,CAACE,SAAS,CAAC5B,KAAK,CAACC,MAAM,CAAC,CAAC,CAAC,CACrE,CAAC,CAAC4B,OAAO,CAAC7B,KAAK,CAACC,MAAM,CAAC;EACvBwB,MAAM,CAAC,CAAC3B,MAAM,EAAE,GAAGC,oBAAoB,CAAC,CAAC+B,IAAI,CAAC,GAAG,CAAC,CAAC,CAACC,IAAI,CAAClC,KAAK,CAAC;AACjE,CAAC,CAAC;AAEFmC,QAAQ,CAAC,QAAQ,EAAE,MAAM;EACvBR,EAAE,CAAC,6BAA6B,EAAE,MAAM;IACtC,MAAMS,MAAM,GAAG1C,MAAM,CAACM,KAAK,EAAEF,QAAQ,CAAC;IACtC8B,MAAM,CAACQ,MAAM,CAAC,CAACJ,OAAO,CAAC;MACrB7B,KAAK;MACLuB,WAAW,EAAEA,WAAW,CAACW,GAAG,CAAC,CAACC,OAAO,EAAEC,CAAC,MAAM;QAC5CD,OAAO;QACPE,OAAO,EAAEtC,oBAAoB,CAACqC,CAAC;MACjC,CAAC,CAAC;IACJ,CAAC,CAAC;EACJ,CAAC,CAAC;EAEFZ,EAAE,CAAC,oCAAoC,EAAE,MAAM;IAC7C,MAAMS,MAAM,GAAG1C,MAAM,CAACM,KAAK,CAAC;IAC5B4B,MAAM,CAACQ,MAAM,CAAC,CAACJ,OAAO,CAAC;MACrB7B,KAAK;MACLuB,WAAW,EAAEA,WAAW,CAACW,GAAG,CAAC,CAACC,OAAO,EAAEC,CAAC,MAAM;QAC5CD,OAAO;QACPE,OAAO,EAAEtC,oBAAoB,CAACqC,CAAC;MACjC,CAAC,CAAC;IACJ,CAAC,CAAC;EACJ,CAAC,CAAC;EAEFZ,EAAE,CAAC,kDAAkD,EAAE,MAAM;IAC3D,MAAMc,YAAY,GAAG3C,QAAQ,CAAC4C,GAAG,CAC/BjD,CAAC,CAACkD,MAAM,CAAC;MAAEnC,OAAO,EAAEf,CAAC,CAACkD,MAAM,CAAC;QAAEC,WAAW,EAAEnD,CAAC,CAACoD,MAAM,CAAC;MAAE,CAAC;IAAE,CAAC,CAC7D,CAAC;IACD,MAAMC,cAAc,GAAGrD,CAAC,CAACkD,MAAM,CAAC;MAC9BnC,OAAO,EAAEf,CAAC,CAACkD,MAAM,CAAC;QAAEC,WAAW,EAAEnD,CAAC,CAACoD,MAAM,CAAC;MAAE,CAAC;IAC/C,CAAC,CAAC;IAEF,IAAI;MACF;MACAnD,MAAM,CAACM,KAAK,EAAEyC,YAAY,CAAC;MAC3B;MACA/C,MAAM,CAACM,KAAK,EAAE8C,cAAc,CAAC;IAC/B,CAAC,CAAC,OAAOC,KAAK,EAAE;MACd;MACA;IAAA;EAEJ,CAAC,CAAC;AACJ,CAAC,CAAC;AAEFZ,QAAQ,CAAC,UAAU,EAAE,MAAM;EACzBR,EAAE,CAAC,yCAAyC,EAAE,YAAY;IACxD,MAAMS,MAAM,GAAG,MAAMzC,QAAQ,CAACK,KAAK,EAAE,CAAC,YAAY,CAAC,CAAC;IACpD,MAAMgD,QAAQ,GAAG;MACfhD,KAAK,EAAG,GAAEC,MAAO,+DAA8D;MAC/EgD,KAAK,EAAE,CAAC;QAAEC,KAAK,EAAE,YAAY;QAAEC,IAAI,EAAE;MAAgC,CAAC;IACxE,CAAC;IAEDvB,MAAM,CAACQ,MAAM,CAAC,CAACJ,OAAO,CAACgB,QAAQ,CAAC;EAClC,CAAC,CAAC;EAEFrB,EAAE,CAAC,yCAAyC,EAAE,YAAY;IACxD,MAAMS,MAAM,GAAG,MAAMzC,QAAQ,CAACK,KAAK,EAAE,EAAE,CAAC;IACxC,MAAMgD,QAAQ,GAAG;MAAEhD,KAAK,EAAG,GAAEC,MAAO,EAAC;MAAEgD,KAAK,EAAE;IAAG,CAAC;IAElDrB,MAAM,CAACQ,MAAM,CAAC,CAACJ,OAAO,CAACgB,QAAQ,CAAC;EAClC,CAAC,CAAC;EAEFrB,EAAE,CAAC,+CAA+C,EAAE,YAAY;IAC9D,MAAMS,MAAM,GAAG,MAAMzC,QAAQ,CAACK,KAAK,EAAE,CAAC,KAAK,EAAE,aAAa,CAAC,CAAC;IAC5D,MAAMgD,QAAQ,GAAG;MACfhD,KAAK,EAAG,GAAEC,MAAO,kIAAiI;MAClJgD,KAAK,EAAE,CACL;QACEC,KAAK,EAAE,KAAK;QACZC,IAAI,EAAE;MACR,CAAC,EACD;QACED,KAAK,EAAE,aAAa;QACpBC,IAAI,EAAE;MACR,CAAC;IAEL,CAAC;IAEDvB,MAAM,CAACQ,MAAM,CAAC,CAACJ,OAAO,CAACgB,QAAQ,CAAC;EAClC,CAAC,CAAC;EAEFrB,EAAE,CAAC,8BAA8B,EAAE,YAAY;IAC7C,MAAMyB,EAAE,GAAG,MAAAA,CAAA,KAAYzD,QAAQ,CAACK,KAAK,EAAE,CAAC,SAAS,CAAC,CAAC;IAEnD,MAAM4B,MAAM,CAACwB,EAAE,CAAC,CAAC,CAAC,CAACC,OAAO,CAACrB,OAAO,CAACJ,MAAM,CAAC0B,GAAG,CAACC,KAAK,CAAC,CAAC;EACvD,CAAC,CAAC;AACJ,CAAC,CAAC"}
|
|
@@ -4,7 +4,7 @@ describe("SdJwt4VC", () => {
|
|
|
4
4
|
// example provided at https://italia.github.io/eidas-it-wallet-docs/en/pid-data-model.html
|
|
5
5
|
const token = {
|
|
6
6
|
header: {
|
|
7
|
-
typ: "
|
|
7
|
+
typ: "dc+sd-jwt",
|
|
8
8
|
alg: "RS512",
|
|
9
9
|
kid: "dB67gL7ck3TFiIAf7N6_7SHvqk0MDYMEQcoGGlkUAAw"
|
|
10
10
|
},
|
|
@@ -13,7 +13,10 @@ describe("SdJwt4VC", () => {
|
|
|
13
13
|
sub: "216f8946-9ecb-4819-9309-c076f34a7e11",
|
|
14
14
|
_sd_alg: "sha-256",
|
|
15
15
|
vct: "PersonIdentificationData",
|
|
16
|
+
"vct#integrity": "13e25888ac7b8a3a6d61440da787fccc81654e61085732bcacd89b36aec32675",
|
|
16
17
|
iss: "https://pidprovider.example.com",
|
|
18
|
+
issuing_country: "IT",
|
|
19
|
+
issuing_authority: "Istituto Poligrafico e Zecca dello Stato",
|
|
17
20
|
cnf: {
|
|
18
21
|
jwk: {
|
|
19
22
|
kty: "EC",
|
|
@@ -25,7 +28,7 @@ describe("SdJwt4VC", () => {
|
|
|
25
28
|
},
|
|
26
29
|
exp: 1751107255,
|
|
27
30
|
status: {
|
|
28
|
-
|
|
31
|
+
status_assertion: {
|
|
29
32
|
credential_hash_alg: "sha-256"
|
|
30
33
|
}
|
|
31
34
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["Disclosure","SdJwt4VC","describe","it","token","header","typ","alg","kid","payload","_sd","sub","_sd_alg","vct","iss","cnf","jwk","kty","crv","x","y","exp","status","
|
|
1
|
+
{"version":3,"names":["Disclosure","SdJwt4VC","describe","it","token","header","typ","alg","kid","payload","_sd","sub","_sd_alg","vct","iss","issuing_country","issuing_authority","cnf","jwk","kty","crv","x","y","exp","status","status_assertion","credential_hash_alg","success","safeParse","expect","toBe","value","type","record","source","organization_name","organization_id","country_code"],"sourceRoot":"../../../../src","sources":["sd-jwt/__test__/types.test.ts"],"mappings":"AAAA,SAASA,UAAU,EAAEC,QAAQ,QAAQ,UAAU;AAE/CC,QAAQ,CAAC,UAAU,EAAE,MAAM;EACzBC,EAAE,CAAC,6BAA6B,EAAE,MAAM;IACtC;IACA,MAAMC,KAAK,GAAG;MACZC,MAAM,EAAE;QACNC,GAAG,EAAE,WAAW;QAChBC,GAAG,EAAE,OAAO;QACZC,GAAG,EAAE;MACP,CAAC;MACDC,OAAO,EAAE;QACPC,GAAG,EAAE,CACH,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,CAC9C;QACDC,GAAG,EAAE,sCAAsC;QAC3CC,OAAO,EAAE,SAAS;QAClBC,GAAG,EAAE,0BAA0B;QAC/B,eAAe,EACb,kEAAkE;QACpEC,GAAG,EAAE,iCAAiC;QACtCC,eAAe,EAAE,IAAI;QACrBC,iBAAiB,EAAE,0CAA0C;QAC7DC,GAAG,EAAE;UACHC,GAAG,EAAE;YACHC,GAAG,EAAE,IAAI;YACTC,GAAG,EAAE,OAAO;YACZZ,GAAG,EAAE,6CAA6C;YAClDa,CAAC,EAAE,6CAA6C;YAChDC,CAAC,EAAE;UACL;QACF,CAAC;QACDC,GAAG,EAAE,UAAU;QACfC,MAAM,EAAE;UACNC,gBAAgB,EAAE;YAChBC,mBAAmB,EAAE;UACvB;QACF;MACF;IACF,CAAC;IAED,MAAM;MAAEC;IAAQ,CAAC,GAAG1B,QAAQ,CAAC2B,SAAS,CAACxB,KAAK,CAAC;IAE7CyB,MAAM,CAACF,OAAO,CAAC,CAACG,IAAI,CAAC,IAAI,CAAC;EAC5B,CAAC,CAAC;AACJ,CAAC,CAAC;AAEF5B,QAAQ,CAAC,YAAY,EAAE,MAAM;EAC3BC,EAAE,CAAC,kCAAkC,EAAE,MAAM;IAC3C;IACA,MAAM4B,KAAK,GAAG,CACZ,wBAAwB,EACxB,UAAU,EACV,CACE;MACEC,IAAI,EAAE,mBAAmB;MACzBC,MAAM,EAAE;QACND,IAAI,EAAE,cAAc;QACpBE,MAAM,EAAE;UACNC,iBAAiB,EAAE,wBAAwB;UAC3CC,eAAe,EAAE,MAAM;UACvBC,YAAY,EAAE;QAChB;MACF;IACF,CAAC,CACF,CACF;IAED,MAAM;MAAEV;IAAQ,CAAC,GAAG3B,UAAU,CAAC4B,SAAS,CAACG,KAAK,CAAC;IAC/CF,MAAM,CAACF,OAAO,CAAC,CAACG,IAAI,CAAC,IAAI,CAAC;EAC5B,CAAC,CAAC;AACJ,CAAC,CAAC"}
|
|
@@ -0,0 +1,35 @@
|
|
|
1
|
+
import { getVerification } from "..";
|
|
2
|
+
import { pid } from "../__mocks__/sd-jwt";
|
|
3
|
+
const {
|
|
4
|
+
signed,
|
|
5
|
+
token
|
|
6
|
+
} = pid;
|
|
7
|
+
describe("SD-JWT getVerification", () => {
|
|
8
|
+
it("extracts the verification claims correctly", () => {
|
|
9
|
+
const disclosure = "WyJxTGxVdkNKY3hwX3d4MVY5dHFPbFFRIiwidmVyaWZpY2F0aW9uIix7ImV2aWRlbmNlIjpbeyJhdHRlc3RhdGlvbiI6eyJkYXRlX29mX2lzc3VhbmNlIjoiMjAyNS0wNi0yMyIsInZvdWNoZXIiOnsib3JnYW5pemF0aW9uIjoiTWluaXN0ZXJvIGRlbGwnSW50ZXJubyJ9LCJ0eXBlIjoiZGlnaXRhbF9hdHRlc3RhdGlvbiIsInJlZmVyZW5jZV9udW1iZXIiOiIxMjM0NTY3ODkifSwidGltZSI6IjIwMjUtMDYtMjNUMTM6MTQ6MjVaIiwidHlwZSI6InZvdWNoIn1dLCJ0cnVzdF9mcmFtZXdvcmsiOiJpdF9jaWUiLCJhc3N1cmFuY2VfbGV2ZWwiOiJoaWdoIn1d";
|
|
10
|
+
expect(getVerification(`${signed}~${disclosure}`)).toEqual({
|
|
11
|
+
evidence: [{
|
|
12
|
+
attestation: {
|
|
13
|
+
date_of_issuance: "2025-06-23",
|
|
14
|
+
voucher: {
|
|
15
|
+
organization: "Ministero dell'Interno"
|
|
16
|
+
},
|
|
17
|
+
type: "digital_attestation",
|
|
18
|
+
reference_number: "123456789"
|
|
19
|
+
},
|
|
20
|
+
time: "2025-06-23T13:14:25Z",
|
|
21
|
+
type: "vouch"
|
|
22
|
+
}],
|
|
23
|
+
trust_framework: "it_cie",
|
|
24
|
+
assurance_level: "high"
|
|
25
|
+
});
|
|
26
|
+
});
|
|
27
|
+
it("returns undefined when the verification claim is not found", () => {
|
|
28
|
+
expect(getVerification(token)).toBeUndefined();
|
|
29
|
+
});
|
|
30
|
+
it("throws when the verification claim is invalid", () => {
|
|
31
|
+
const disclosure = "WyJxTGxVdkNKY3hwX3d4MVY5dHFPbFFRIiwidmVyaWZpY2F0aW9uIix7InRydXN0X2ZyYW1ld29yayI6ICJpdF9jaWUiLCJhc3N1cmFuY2VfbGV2ZWwiOiAic3Vic3RhbnRpYWwifV0";
|
|
32
|
+
expect(() => getVerification(`${signed}~${disclosure}`)).toThrow();
|
|
33
|
+
});
|
|
34
|
+
});
|
|
35
|
+
//# sourceMappingURL=utils.test.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["getVerification","pid","signed","token","describe","it","disclosure","expect","toEqual","evidence","attestation","date_of_issuance","voucher","organization","type","reference_number","time","trust_framework","assurance_level","toBeUndefined","toThrow"],"sourceRoot":"../../../../src","sources":["sd-jwt/__test__/utils.test.ts"],"mappings":"AAAA,SAASA,eAAe,QAAQ,IAAI;AACpC,SAASC,GAAG,QAAQ,qBAAqB;AAEzC,MAAM;EAAEC,MAAM;EAAEC;AAAM,CAAC,GAAGF,GAAG;AAE7BG,QAAQ,CAAC,wBAAwB,EAAE,MAAM;EACvCC,EAAE,CAAC,4CAA4C,EAAE,MAAM;IACrD,MAAMC,UAAU,GACd,saAAsa;IACxaC,MAAM,CAACP,eAAe,CAAE,GAAEE,MAAO,IAAGI,UAAW,EAAC,CAAC,CAAC,CAACE,OAAO,CAAC;MACzDC,QAAQ,EAAE,CACR;QACEC,WAAW,EAAE;UACXC,gBAAgB,EAAE,YAAY;UAC9BC,OAAO,EAAE;YAAEC,YAAY,EAAE;UAAyB,CAAC;UACnDC,IAAI,EAAE,qBAAqB;UAC3BC,gBAAgB,EAAE;QACpB,CAAC;QACDC,IAAI,EAAE,sBAAsB;QAC5BF,IAAI,EAAE;MACR,CAAC,CACF;MACDG,eAAe,EAAE,QAAQ;MACzBC,eAAe,EAAE;IACnB,CAAC,CAAC;EACJ,CAAC,CAAC;EAEFb,EAAE,CAAC,4DAA4D,EAAE,MAAM;IACrEE,MAAM,CAACP,eAAe,CAACG,KAAK,CAAC,CAAC,CAACgB,aAAa,CAAC,CAAC;EAChD,CAAC,CAAC;EAEFd,EAAE,CAAC,+CAA+C,EAAE,MAAM;IACxD,MAAMC,UAAU,GACd,6IAA6I;IAC/IC,MAAM,CAAC,MAAMP,eAAe,CAAE,GAAEE,MAAO,IAAGI,UAAW,EAAC,CAAC,CAAC,CAACc,OAAO,CAAC,CAAC;EACpE,CAAC,CAAC;AACJ,CAAC,CAAC"}
|
|
@@ -5,6 +5,7 @@ import { Disclosure, SdJwt4VC } from "./types";
|
|
|
5
5
|
import { verifyDisclosure } from "./verifier";
|
|
6
6
|
import * as Errors from "./errors";
|
|
7
7
|
import { Base64 } from "js-base64";
|
|
8
|
+
export * from "./utils";
|
|
8
9
|
const decodeDisclosure = encoded => {
|
|
9
10
|
const utf8String = Base64.decode(encoded); // Decode Base64 into UTF-8 string
|
|
10
11
|
const decoded = Disclosure.parse(JSON.parse(utf8String));
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["decode","decodeJwt","verify","verifyJwt","SignJWT","sha256ToBase64","Disclosure","SdJwt4VC","verifyDisclosure","Errors","Base64","decodeDisclosure","encoded","utf8String","decoded","parse","JSON","token","customSchema","slice","rawSdJwt","rawDisclosures","split","decodedJwt","parser","sdJwt","header","protectedHeader","payload","disclosures","map","disclose","claims","paths","Promise","all","claim","disclosure","find","_ref","name","ClaimsNotFoundBetweenDisclosures","hash","_sd","includes","index","indexOf","path","ClaimsNotFoundInToken","filteredDisclosures","filter","d","disclosedToken","join","publicKey","prepareVpToken","nonce","client_id","_ref2","verifiableCredential","requestedClaims","cryptoContext","vp","sd_hash","kbJwt","setProtectedHeader","typ","alg","setPayload","setAudience","setIssuedAt","sign","vp_token"],"sourceRoot":"../../../src","sources":["sd-jwt/index.ts"],"mappings":"AAEA,SAASA,MAAM,IAAIC,SAAS,QAAQ,6BAA6B;AACjE,SAASC,MAAM,IAAIC,SAAS,QAAQ,6BAA6B;AACjE,SAASC,OAAO,EAAEC,cAAc,QAAQ,6BAA6B;AACrE,SAASC,UAAU,EAAEC,QAAQ,QAAoC,SAAS;AAC1E,SAASC,gBAAgB,QAAQ,YAAY;AAE7C,OAAO,KAAKC,MAAM,MAAM,UAAU;AAClC,SAASC,MAAM,QAAQ,WAAW;AAGlC,MAAMC,gBAAgB,GAAIC,OAAe,IAA4B;EACnE,MAAMC,UAAU,GAAGH,MAAM,CAACV,MAAM,CAACY,OAAO,CAAC,CAAC,CAAC;EAC3C,MAAME,OAAO,GAAGR,UAAU,CAACS,KAAK,CAACC,IAAI,CAACD,KAAK,CAACF,UAAU,CAAC,CAAC;EACxD,OAAO;IAAEC,OAAO;IAAEF;EAAQ,CAAC;AAC7B,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMZ,MAAM,GAAGA,CACpBiB,KAAa,EACbC,YAAgB,KAIb;EACH;EACA,IAAID,KAAK,CAACE,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE;IAC3BF,KAAK,GAAGA,KAAK,CAACE,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;EAC5B;EACA,MAAM,CAACC,QAAQ,GAAG,EAAE,EAAE,GAAGC,cAAc,CAAC,GAAGJ,KAAK,CAACK,KAAK,CAAC,GAAG,CAAC;;EAE3D;EACA;EACA,MAAMC,UAAU,GAAGtB,SAAS,CAACmB,QAAQ,CAAC;;EAEtC;EACA,MAAMI,MAAM,GAAGN,YAAY,IAAIX,QAAQ;EAEvC,MAAMkB,KAAK,GAAGD,MAAM,CAACT,KAAK,CAAC;IACzBW,MAAM,EAAEH,UAAU,CAACI,eAAe;IAClCC,OAAO,EAAEL,UAAU,CAACK;EACtB,CAAC,CAAC;;EAEF;EACA;EACA;EACA,MAAMC,WAAW,GAAGR,cAAc,CAACS,GAAG,CAACnB,gBAAgB,CAAC;EAExD,OAAO;IAAEc,KAAK;IAAEI;EAAY,CAAC;AAC/B,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAME,QAAQ,GAAG,MAAAA,CACtBd,KAAa,EACbe,MAAgB,KACyD;EACzE,MAAM,CAACZ,QAAQ,EAAE,GAAGC,cAAc,CAAC,GAAGJ,KAAK,CAACK,KAAK,CAAC,GAAG,CAAC;EACtD,MAAM;IAAEG,KAAK;IAAEI;EAAY,CAAC,GAAG7B,MAAM,CAACiB,KAAK,EAAEV,QAAQ,CAAC;;EAEtD;EACA,MAAM0B,KAAK,GAAG,MAAMC,OAAO,CAACC,GAAG,CAC7BH,MAAM,CAACF,GAAG,CAAC,MAAOM,KAAK,IAAK;IAC1B,MAAMC,UAAU,GAAGR,WAAW,CAACS,IAAI,CACjCC,IAAA;MAAA,IAAC;QAAEzB,OAAO,EAAE,GAAG0B,IAAI;MAAE,CAAC,GAAAD,IAAA;MAAA,OAAKC,IAAI,KAAKJ,KAAK;IAAA,CAC3C,CAAC;;IAED;IACA,IAAI,CAACC,UAAU,EAAE;MACf,MAAM,IAAI5B,MAAM,CAACgC,gCAAgC,CAACL,KAAK,CAAC;IAC1D;IAEA,MAAMM,IAAI,GAAG,MAAMrC,cAAc,CAACgC,UAAU,CAACzB,OAAO,CAAC;;IAErD;IACA;IACA,IAAIa,KAAK,CAACG,OAAO,CAACe,GAAG,CAACC,QAAQ,CAACF,IAAI,CAAC,EAAE;MACpC,MAAMG,KAAK,GAAGpB,KAAK,CAACG,OAAO,CAACe,GAAG,CAACG,OAAO,CAACJ,IAAI,CAAC;MAC7C,OAAO;QAAEN,KAAK;QAAEW,IAAI,EAAG,8BAA6BF,KAAM;MAAG,CAAC;IAChE;IAEA,MAAM,IAAIpC,MAAM,CAACuC,qBAAqB,CAACZ,KAAK,CAAC;EAC/C,CAAC,CACH,CAAC;EAED,MAAMa,mBAAmB,GAAG5B,cAAc,CAAC6B,MAAM,CAAEC,CAAC,IAAK;IACvD,MAAM;MACJrC,OAAO,EAAE,GAAG0B,IAAI;IAClB,CAAC,GAAG7B,gBAAgB,CAACwC,CAAC,CAAC;IACvB,OAAOnB,MAAM,CAACY,QAAQ,CAACJ,IAAI,CAAC;EAC9B,CAAC,CAAC;;EAEF;EACA,MAAMY,cAAc,GAAG,CAAChC,QAAQ,EAAE,GAAG6B,mBAAmB,CAAC,CAACI,IAAI,CAAC,GAAG,CAAC;EAEnE,OAAO;IAAEpC,KAAK,EAAEmC,cAAc;IAAEnB;EAAM,CAAC;AACzC,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAM/B,MAAM,GAAG,MAAAA,CACpBe,KAAa,EACbqC,SAAsB,EACtBpC,YAAgB,KAC8C;EAC9D;EACA,MAAM,CAACE,QAAQ,GAAG,EAAE,CAAC,GAAGH,KAAK,CAACK,KAAK,CAAC,GAAG,CAAC;EACxC,MAAMR,OAAO,GAAGd,MAAM,CAACiB,KAAK,EAAEC,YAAY,CAAC;;EAE3C;EACA,MAAMf,SAAS,CAACiB,QAAQ,EAAEkC,SAAS,CAAC;;EAEpC;EACA,MAAMtB,MAAM,GAAG,CAAC,GAAGlB,OAAO,CAACW,KAAK,CAACG,OAAO,CAACe,GAAG,CAAC;EAE7C,MAAMT,OAAO,CAACC,GAAG,CACfrB,OAAO,CAACe,WAAW,CAACC,GAAG,CACrB,MAAOO,UAAU,IAAK,MAAM7B,gBAAgB,CAAC6B,UAAU,EAAEL,MAAM,CACjE,CACF,CAAC;EAED,OAAO;IACLP,KAAK,EAAEX,OAAO,CAACW,KAAK;IACpBI,WAAW,EAAEf,OAAO,CAACe,WAAW,CAACC,GAAG,CAAEqB,CAAC,IAAKA,CAAC,CAACrC,OAAO;EACvD,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMyC,cAAc,GAAG,MAAAA,CAC5BC,KAAa,EACbC,SAAiB,EAAAC,KAAA,KAIb;EAAA,IAHJ,CAACC,oBAAoB,EAAEC,eAAe,EAAEC,aAAa,CAAe,GAAAH,KAAA;EAIpE;EACA,MAAM;IAAEzC,KAAK,EAAE6C;EAAG,CAAC,GAAG,MAAM/B,QAAQ,CAAC4B,oBAAoB,EAAEC,eAAe,CAAC;;EAE3E;EACA,MAAMG,OAAO,GAAG,MAAM1D,cAAc,CAAE,GAAEyD,EAAG,GAAE,CAAC;EAE9C,MAAME,KAAK,GAAG,MAAM,IAAI5D,OAAO,CAACyD,aAAa,CAAC,CAC3CI,kBAAkB,CAAC;IAClBC,GAAG,EAAE,QAAQ;IACbC,GAAG,EAAE;EACP,CAAC,CAAC,CACDC,UAAU,CAAC;IACVL,OAAO;IACPP,KAAK,EAAEA;EACT,CAAC,CAAC,CACDa,WAAW,CAACZ,SAAS,CAAC,CACtBa,WAAW,CAAC,CAAC,CACbC,IAAI,CAAC,CAAC;;EAET;EACA,MAAMC,QAAQ,GAAG,CAACV,EAAE,EAAEE,KAAK,CAAC,CAACX,IAAI,CAAC,GAAG,CAAC;EAEtC,OAAO;IAAEmB;EAAS,CAAC;AACrB,CAAC;AAED,SAASjE,QAAQ,EAAEE,MAAM"}
|
|
1
|
+
{"version":3,"names":["decode","decodeJwt","verify","verifyJwt","SignJWT","sha256ToBase64","Disclosure","SdJwt4VC","verifyDisclosure","Errors","Base64","decodeDisclosure","encoded","utf8String","decoded","parse","JSON","token","customSchema","slice","rawSdJwt","rawDisclosures","split","decodedJwt","parser","sdJwt","header","protectedHeader","payload","disclosures","map","disclose","claims","paths","Promise","all","claim","disclosure","find","_ref","name","ClaimsNotFoundBetweenDisclosures","hash","_sd","includes","index","indexOf","path","ClaimsNotFoundInToken","filteredDisclosures","filter","d","disclosedToken","join","publicKey","prepareVpToken","nonce","client_id","_ref2","verifiableCredential","requestedClaims","cryptoContext","vp","sd_hash","kbJwt","setProtectedHeader","typ","alg","setPayload","setAudience","setIssuedAt","sign","vp_token"],"sourceRoot":"../../../src","sources":["sd-jwt/index.ts"],"mappings":"AAEA,SAASA,MAAM,IAAIC,SAAS,QAAQ,6BAA6B;AACjE,SAASC,MAAM,IAAIC,SAAS,QAAQ,6BAA6B;AACjE,SAASC,OAAO,EAAEC,cAAc,QAAQ,6BAA6B;AACrE,SAASC,UAAU,EAAEC,QAAQ,QAAoC,SAAS;AAC1E,SAASC,gBAAgB,QAAQ,YAAY;AAE7C,OAAO,KAAKC,MAAM,MAAM,UAAU;AAClC,SAASC,MAAM,QAAQ,WAAW;AAGlC,cAAc,SAAS;AAEvB,MAAMC,gBAAgB,GAAIC,OAAe,IAA4B;EACnE,MAAMC,UAAU,GAAGH,MAAM,CAACV,MAAM,CAACY,OAAO,CAAC,CAAC,CAAC;EAC3C,MAAME,OAAO,GAAGR,UAAU,CAACS,KAAK,CAACC,IAAI,CAACD,KAAK,CAACF,UAAU,CAAC,CAAC;EACxD,OAAO;IAAEC,OAAO;IAAEF;EAAQ,CAAC;AAC7B,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMZ,MAAM,GAAGA,CACpBiB,KAAa,EACbC,YAAgB,KAIb;EACH;EACA,IAAID,KAAK,CAACE,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE;IAC3BF,KAAK,GAAGA,KAAK,CAACE,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;EAC5B;EACA,MAAM,CAACC,QAAQ,GAAG,EAAE,EAAE,GAAGC,cAAc,CAAC,GAAGJ,KAAK,CAACK,KAAK,CAAC,GAAG,CAAC;;EAE3D;EACA;EACA,MAAMC,UAAU,GAAGtB,SAAS,CAACmB,QAAQ,CAAC;;EAEtC;EACA,MAAMI,MAAM,GAAGN,YAAY,IAAIX,QAAQ;EAEvC,MAAMkB,KAAK,GAAGD,MAAM,CAACT,KAAK,CAAC;IACzBW,MAAM,EAAEH,UAAU,CAACI,eAAe;IAClCC,OAAO,EAAEL,UAAU,CAACK;EACtB,CAAC,CAAC;;EAEF;EACA;EACA;EACA,MAAMC,WAAW,GAAGR,cAAc,CAACS,GAAG,CAACnB,gBAAgB,CAAC;EAExD,OAAO;IAAEc,KAAK;IAAEI;EAAY,CAAC;AAC/B,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAME,QAAQ,GAAG,MAAAA,CACtBd,KAAa,EACbe,MAAgB,KACyD;EACzE,MAAM,CAACZ,QAAQ,EAAE,GAAGC,cAAc,CAAC,GAAGJ,KAAK,CAACK,KAAK,CAAC,GAAG,CAAC;EACtD,MAAM;IAAEG,KAAK;IAAEI;EAAY,CAAC,GAAG7B,MAAM,CAACiB,KAAK,EAAEV,QAAQ,CAAC;;EAEtD;EACA,MAAM0B,KAAK,GAAG,MAAMC,OAAO,CAACC,GAAG,CAC7BH,MAAM,CAACF,GAAG,CAAC,MAAOM,KAAK,IAAK;IAC1B,MAAMC,UAAU,GAAGR,WAAW,CAACS,IAAI,CACjCC,IAAA;MAAA,IAAC;QAAEzB,OAAO,EAAE,GAAG0B,IAAI;MAAE,CAAC,GAAAD,IAAA;MAAA,OAAKC,IAAI,KAAKJ,KAAK;IAAA,CAC3C,CAAC;;IAED;IACA,IAAI,CAACC,UAAU,EAAE;MACf,MAAM,IAAI5B,MAAM,CAACgC,gCAAgC,CAACL,KAAK,CAAC;IAC1D;IAEA,MAAMM,IAAI,GAAG,MAAMrC,cAAc,CAACgC,UAAU,CAACzB,OAAO,CAAC;;IAErD;IACA;IACA,IAAIa,KAAK,CAACG,OAAO,CAACe,GAAG,CAACC,QAAQ,CAACF,IAAI,CAAC,EAAE;MACpC,MAAMG,KAAK,GAAGpB,KAAK,CAACG,OAAO,CAACe,GAAG,CAACG,OAAO,CAACJ,IAAI,CAAC;MAC7C,OAAO;QAAEN,KAAK;QAAEW,IAAI,EAAG,8BAA6BF,KAAM;MAAG,CAAC;IAChE;IAEA,MAAM,IAAIpC,MAAM,CAACuC,qBAAqB,CAACZ,KAAK,CAAC;EAC/C,CAAC,CACH,CAAC;EAED,MAAMa,mBAAmB,GAAG5B,cAAc,CAAC6B,MAAM,CAAEC,CAAC,IAAK;IACvD,MAAM;MACJrC,OAAO,EAAE,GAAG0B,IAAI;IAClB,CAAC,GAAG7B,gBAAgB,CAACwC,CAAC,CAAC;IACvB,OAAOnB,MAAM,CAACY,QAAQ,CAACJ,IAAI,CAAC;EAC9B,CAAC,CAAC;;EAEF;EACA,MAAMY,cAAc,GAAG,CAAChC,QAAQ,EAAE,GAAG6B,mBAAmB,CAAC,CAACI,IAAI,CAAC,GAAG,CAAC;EAEnE,OAAO;IAAEpC,KAAK,EAAEmC,cAAc;IAAEnB;EAAM,CAAC;AACzC,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAM/B,MAAM,GAAG,MAAAA,CACpBe,KAAa,EACbqC,SAAsB,EACtBpC,YAAgB,KAC8C;EAC9D;EACA,MAAM,CAACE,QAAQ,GAAG,EAAE,CAAC,GAAGH,KAAK,CAACK,KAAK,CAAC,GAAG,CAAC;EACxC,MAAMR,OAAO,GAAGd,MAAM,CAACiB,KAAK,EAAEC,YAAY,CAAC;;EAE3C;EACA,MAAMf,SAAS,CAACiB,QAAQ,EAAEkC,SAAS,CAAC;;EAEpC;EACA,MAAMtB,MAAM,GAAG,CAAC,GAAGlB,OAAO,CAACW,KAAK,CAACG,OAAO,CAACe,GAAG,CAAC;EAE7C,MAAMT,OAAO,CAACC,GAAG,CACfrB,OAAO,CAACe,WAAW,CAACC,GAAG,CACrB,MAAOO,UAAU,IAAK,MAAM7B,gBAAgB,CAAC6B,UAAU,EAAEL,MAAM,CACjE,CACF,CAAC;EAED,OAAO;IACLP,KAAK,EAAEX,OAAO,CAACW,KAAK;IACpBI,WAAW,EAAEf,OAAO,CAACe,WAAW,CAACC,GAAG,CAAEqB,CAAC,IAAKA,CAAC,CAACrC,OAAO;EACvD,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMyC,cAAc,GAAG,MAAAA,CAC5BC,KAAa,EACbC,SAAiB,EAAAC,KAAA,KAIb;EAAA,IAHJ,CAACC,oBAAoB,EAAEC,eAAe,EAAEC,aAAa,CAAe,GAAAH,KAAA;EAIpE;EACA,MAAM;IAAEzC,KAAK,EAAE6C;EAAG,CAAC,GAAG,MAAM/B,QAAQ,CAAC4B,oBAAoB,EAAEC,eAAe,CAAC;;EAE3E;EACA,MAAMG,OAAO,GAAG,MAAM1D,cAAc,CAAE,GAAEyD,EAAG,GAAE,CAAC;EAE9C,MAAME,KAAK,GAAG,MAAM,IAAI5D,OAAO,CAACyD,aAAa,CAAC,CAC3CI,kBAAkB,CAAC;IAClBC,GAAG,EAAE,QAAQ;IACbC,GAAG,EAAE;EACP,CAAC,CAAC,CACDC,UAAU,CAAC;IACVL,OAAO;IACPP,KAAK,EAAEA;EACT,CAAC,CAAC,CACDa,WAAW,CAACZ,SAAS,CAAC,CACtBa,WAAW,CAAC,CAAC,CACbC,IAAI,CAAC,CAAC;;EAET;EACA,MAAMC,QAAQ,GAAG,CAACV,EAAE,EAAEE,KAAK,CAAC,CAACX,IAAI,CAAC,GAAG,CAAC;EAEtC,OAAO;IAAEmB;EAAS,CAAC;AACrB,CAAC;AAED,SAASjE,QAAQ,EAAEE,MAAM"}
|
|
@@ -25,7 +25,7 @@ export const Disclosure = z.tuple([/* salt */z.string(), /* claim name */z.strin
|
|
|
25
25
|
|
|
26
26
|
export const SdJwt4VC = z.object({
|
|
27
27
|
header: z.object({
|
|
28
|
-
typ: z.literal("
|
|
28
|
+
typ: z.literal("dc+sd-jwt"),
|
|
29
29
|
alg: z.string(),
|
|
30
30
|
kid: z.string().optional()
|
|
31
31
|
}),
|
|
@@ -36,14 +36,61 @@ export const SdJwt4VC = z.object({
|
|
|
36
36
|
exp: UnixTime,
|
|
37
37
|
_sd_alg: z.literal("sha-256"),
|
|
38
38
|
status: z.object({
|
|
39
|
-
|
|
39
|
+
status_assertion: z.object({
|
|
40
40
|
credential_hash_alg: z.literal("sha-256")
|
|
41
41
|
})
|
|
42
42
|
}),
|
|
43
43
|
cnf: z.object({
|
|
44
44
|
jwk: JWK
|
|
45
45
|
}),
|
|
46
|
-
vct: z.string()
|
|
46
|
+
vct: z.string(),
|
|
47
|
+
"vct#integrity": z.string(),
|
|
48
|
+
issuing_authority: z.string(),
|
|
49
|
+
issuing_country: z.string()
|
|
47
50
|
}), ObfuscatedDisclosures)
|
|
48
51
|
});
|
|
52
|
+
|
|
53
|
+
/**
|
|
54
|
+
* Object containing User authentication and User data verification information.
|
|
55
|
+
* Useful to extract the assurance level to determine L2/L3 authentication.
|
|
56
|
+
*/
|
|
57
|
+
|
|
58
|
+
export const Verification = z.object({
|
|
59
|
+
trust_framework: z.string(),
|
|
60
|
+
assurance_level: z.string(),
|
|
61
|
+
evidence: z.array(z.object({
|
|
62
|
+
type: z.literal("vouch"),
|
|
63
|
+
time: z.string(),
|
|
64
|
+
attestation: z.object({
|
|
65
|
+
type: z.literal("digital_attestation"),
|
|
66
|
+
reference_number: z.string(),
|
|
67
|
+
date_of_issuance: z.string(),
|
|
68
|
+
voucher: z.object({
|
|
69
|
+
organization: z.string()
|
|
70
|
+
})
|
|
71
|
+
})
|
|
72
|
+
}))
|
|
73
|
+
});
|
|
74
|
+
|
|
75
|
+
/**
|
|
76
|
+
* Metadata for a digital credential. This information is retrieved from the URL defined in the `vct` claim.
|
|
77
|
+
*
|
|
78
|
+
* @see https://italia.github.io/eid-wallet-it-docs/v0.9.1/en/pid-eaa-data-model.html#digital-credential-metadata-type
|
|
79
|
+
*/
|
|
80
|
+
|
|
81
|
+
export const TypeMetadata = z.object({
|
|
82
|
+
name: z.string(),
|
|
83
|
+
description: z.string(),
|
|
84
|
+
data_source: z.object({
|
|
85
|
+
trust_framework: z.string(),
|
|
86
|
+
authentic_source: z.object({
|
|
87
|
+
organization_name: z.string(),
|
|
88
|
+
organization_code: z.string(),
|
|
89
|
+
contacts: z.array(z.string()),
|
|
90
|
+
homepage_uri: z.string().url(),
|
|
91
|
+
logo_uri: z.string().url()
|
|
92
|
+
})
|
|
93
|
+
})
|
|
94
|
+
// TODO: add more fields
|
|
95
|
+
});
|
|
49
96
|
//# sourceMappingURL=types.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["JWK","z","UnixTime","number","min","max","ObfuscatedDisclosures","object","_sd","array","string","Disclosure","tuple","unknown","SdJwt4VC","header","typ","literal","alg","kid","optional","payload","intersection","iss","sub","iat","exp","_sd_alg","status","
|
|
1
|
+
{"version":3,"names":["JWK","z","UnixTime","number","min","max","ObfuscatedDisclosures","object","_sd","array","string","Disclosure","tuple","unknown","SdJwt4VC","header","typ","literal","alg","kid","optional","payload","intersection","iss","sub","iat","exp","_sd_alg","status","status_assertion","credential_hash_alg","cnf","jwk","vct","issuing_authority","issuing_country","Verification","trust_framework","assurance_level","evidence","type","time","attestation","reference_number","date_of_issuance","voucher","organization","TypeMetadata","name","description","data_source","authentic_source","organization_name","organization_code","contacts","homepage_uri","url","logo_uri"],"sourceRoot":"../../../src","sources":["sd-jwt/types.ts"],"mappings":"AAAA,SAASA,GAAG,QAAQ,cAAc;AAClC,SAASC,CAAC,QAAQ,KAAK;AAEvB,OAAO,MAAMC,QAAQ,GAAGD,CAAC,CAACE,MAAM,CAAC,CAAC,CAACC,GAAG,CAAC,CAAC,CAAC,CAACC,GAAG,CAAC,aAAa,CAAC;AAI5D,OAAO,MAAMC,qBAAqB,GAAGL,CAAC,CAACM,MAAM,CAAC;EAAEC,GAAG,EAAEP,CAAC,CAACQ,KAAK,CAACR,CAAC,CAACS,MAAM,CAAC,CAAC;AAAE,CAAC,CAAC;;AAE3E;AACA;AACA;AACA;AACA;AACA;;AAEA,OAAO,MAAMC,UAAU,GAAGV,CAAC,CAACW,KAAK,CAAC,CAChC,UAAWX,CAAC,CAACS,MAAM,CAAC,CAAC,EACrB,gBAAiBT,CAAC,CAACS,MAAM,CAAC,CAAC,EAC3B,iBAAkBT,CAAC,CAACY,OAAO,CAAC,CAAC,CAC9B,CAAC;;AAEF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAOA,OAAO,MAAMC,QAAQ,GAAGb,CAAC,CAACM,MAAM,CAAC;EAC/BQ,MAAM,EAAEd,CAAC,CAACM,MAAM,CAAC;IACfS,GAAG,EAAEf,CAAC,CAACgB,OAAO,CAAC,WAAW,CAAC;IAC3BC,GAAG,EAAEjB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfS,GAAG,EAAElB,CAAC,CAACS,MAAM,CAAC,CAAC,CAACU,QAAQ,CAAC;EAC3B,CAAC,CAAC;EACFC,OAAO,EAAEpB,CAAC,CAACqB,YAAY,CACrBrB,CAAC,CAACM,MAAM,CAAC;IACPgB,GAAG,EAAEtB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfc,GAAG,EAAEvB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfe,GAAG,EAAEvB,QAAQ,CAACkB,QAAQ,CAAC,CAAC;IACxBM,GAAG,EAAExB,QAAQ;IACbyB,OAAO,EAAE1B,CAAC,CAACgB,OAAO,CAAC,SAAS,CAAC;IAC7BW,MAAM,EAAE3B,CAAC,CAACM,MAAM,CAAC;MACfsB,gBAAgB,EAAE5B,CAAC,CAACM,MAAM,CAAC;QACzBuB,mBAAmB,EAAE7B,CAAC,CAACgB,OAAO,CAAC,SAAS;MAC1C,CAAC;IACH,CAAC,CAAC;IACFc,GAAG,EAAE9B,CAAC,CAACM,MAAM,CAAC;MACZyB,GAAG,EAAEhC;IACP,CAAC,CAAC;IACFiC,GAAG,EAAEhC,CAAC,CAACS,MAAM,CAAC,CAAC;IACf,eAAe,EAAET,CAAC,CAACS,MAAM,CAAC,CAAC;IAC3BwB,iBAAiB,EAAEjC,CAAC,CAACS,MAAM,CAAC,CAAC;IAC7ByB,eAAe,EAAElC,CAAC,CAACS,MAAM,CAAC;EAC5B,CAAC,CAAC,EACFJ,qBACF;AACF,CAAC,CAAC;;AAEF;AACA;AACA;AACA;;AAEA,OAAO,MAAM8B,YAAY,GAAGnC,CAAC,CAACM,MAAM,CAAC;EACnC8B,eAAe,EAAEpC,CAAC,CAACS,MAAM,CAAC,CAAC;EAC3B4B,eAAe,EAAErC,CAAC,CAACS,MAAM,CAAC,CAAC;EAC3B6B,QAAQ,EAAEtC,CAAC,CAACQ,KAAK,CACfR,CAAC,CAACM,MAAM,CAAC;IACPiC,IAAI,EAAEvC,CAAC,CAACgB,OAAO,CAAC,OAAO,CAAC;IACxBwB,IAAI,EAAExC,CAAC,CAACS,MAAM,CAAC,CAAC;IAChBgC,WAAW,EAAEzC,CAAC,CAACM,MAAM,CAAC;MACpBiC,IAAI,EAAEvC,CAAC,CAACgB,OAAO,CAAC,qBAAqB,CAAC;MACtC0B,gBAAgB,EAAE1C,CAAC,CAACS,MAAM,CAAC,CAAC;MAC5BkC,gBAAgB,EAAE3C,CAAC,CAACS,MAAM,CAAC,CAAC;MAC5BmC,OAAO,EAAE5C,CAAC,CAACM,MAAM,CAAC;QAAEuC,YAAY,EAAE7C,CAAC,CAACS,MAAM,CAAC;MAAE,CAAC;IAChD,CAAC;EACH,CAAC,CACH;AACF,CAAC,CAAC;;AAEF;AACA;AACA;AACA;AACA;;AAEA,OAAO,MAAMqC,YAAY,GAAG9C,CAAC,CAACM,MAAM,CAAC;EACnCyC,IAAI,EAAE/C,CAAC,CAACS,MAAM,CAAC,CAAC;EAChBuC,WAAW,EAAEhD,CAAC,CAACS,MAAM,CAAC,CAAC;EACvBwC,WAAW,EAAEjD,CAAC,CAACM,MAAM,CAAC;IACpB8B,eAAe,EAAEpC,CAAC,CAACS,MAAM,CAAC,CAAC;IAC3ByC,gBAAgB,EAAElD,CAAC,CAACM,MAAM,CAAC;MACzB6C,iBAAiB,EAAEnD,CAAC,CAACS,MAAM,CAAC,CAAC;MAC7B2C,iBAAiB,EAAEpD,CAAC,CAACS,MAAM,CAAC,CAAC;MAC7B4C,QAAQ,EAAErD,CAAC,CAACQ,KAAK,CAACR,CAAC,CAACS,MAAM,CAAC,CAAC,CAAC;MAC7B6C,YAAY,EAAEtD,CAAC,CAACS,MAAM,CAAC,CAAC,CAAC8C,GAAG,CAAC,CAAC;MAC9BC,QAAQ,EAAExD,CAAC,CAACS,MAAM,CAAC,CAAC,CAAC8C,GAAG,CAAC;IAC3B,CAAC;EACH,CAAC;EACD;AACF,CAAC,CAAC"}
|
|
@@ -0,0 +1,57 @@
|
|
|
1
|
+
import { sha256ToBase64 } from "@pagopa/io-react-native-jwt";
|
|
2
|
+
import { hasStatusOrThrow } from "../utils/misc";
|
|
3
|
+
import { TypeMetadata, Verification } from "./types";
|
|
4
|
+
import { IoWalletError, IssuerResponseError, ValidationFailed } from "../utils/errors";
|
|
5
|
+
import { decode } from ".";
|
|
6
|
+
import { getValueFromDisclosures } from "./converters";
|
|
7
|
+
|
|
8
|
+
/**
|
|
9
|
+
* Retrieve the Type Metadata for a credential and verify its integrity.
|
|
10
|
+
* @param vct The VCT as a valid HTTPS url
|
|
11
|
+
* @param vctIntegrity The integrity hash
|
|
12
|
+
* @param context.appFetch (optional) fetch api implementation. Default: built-in fetch
|
|
13
|
+
* @returns The credential metadata {@link TypeMetadata}
|
|
14
|
+
*/
|
|
15
|
+
export const fetchTypeMetadata = async function (vct, vctIntegrity) {
|
|
16
|
+
let context = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : {};
|
|
17
|
+
const {
|
|
18
|
+
appFetch = fetch
|
|
19
|
+
} = context;
|
|
20
|
+
const {
|
|
21
|
+
origin,
|
|
22
|
+
pathname
|
|
23
|
+
} = new URL(vct);
|
|
24
|
+
const metadata = await appFetch(`${origin}/.well-known/vct${pathname}`, {
|
|
25
|
+
headers: {
|
|
26
|
+
"Content-Type": "application/json"
|
|
27
|
+
}
|
|
28
|
+
}).then(hasStatusOrThrow(200, IssuerResponseError)).then(res => res.json()).then(TypeMetadata.parse);
|
|
29
|
+
const [alg, hash] = vctIntegrity.split(/-(.*)/s);
|
|
30
|
+
if (alg !== "sha256") {
|
|
31
|
+
throw new IoWalletError(`${alg} algorithm is not supported`);
|
|
32
|
+
}
|
|
33
|
+
|
|
34
|
+
// TODO: [SIW-2264] check if the hash is correctly calculated
|
|
35
|
+
const metadataHash = await sha256ToBase64(JSON.stringify(metadata));
|
|
36
|
+
if (metadataHash !== hash) {
|
|
37
|
+
throw new ValidationFailed({
|
|
38
|
+
message: "Unable to verify VCT integrity",
|
|
39
|
+
reason: "vct#integrity does not match the metadata hash"
|
|
40
|
+
});
|
|
41
|
+
}
|
|
42
|
+
return metadata;
|
|
43
|
+
};
|
|
44
|
+
|
|
45
|
+
/**
|
|
46
|
+
* Extract and validate the `verification` claim from disclosures.
|
|
47
|
+
* @param credentialSdJwt The raw credential SD-JWT
|
|
48
|
+
* @returns The verification claim or undefined if it wasn't found
|
|
49
|
+
*/
|
|
50
|
+
export const getVerification = credentialSdJwt => {
|
|
51
|
+
const {
|
|
52
|
+
disclosures
|
|
53
|
+
} = decode(credentialSdJwt);
|
|
54
|
+
const verificationDisclosure = getValueFromDisclosures(disclosures.map(d => d.decoded), "verification");
|
|
55
|
+
return verificationDisclosure ? Verification.parse(verificationDisclosure) : undefined;
|
|
56
|
+
};
|
|
57
|
+
//# sourceMappingURL=utils.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["sha256ToBase64","hasStatusOrThrow","TypeMetadata","Verification","IoWalletError","IssuerResponseError","ValidationFailed","decode","getValueFromDisclosures","fetchTypeMetadata","vct","vctIntegrity","context","arguments","length","undefined","appFetch","fetch","origin","pathname","URL","metadata","headers","then","res","json","parse","alg","hash","split","metadataHash","JSON","stringify","message","reason","getVerification","credentialSdJwt","disclosures","verificationDisclosure","map","d","decoded"],"sourceRoot":"../../../src","sources":["sd-jwt/utils.ts"],"mappings":"AAAA,SAASA,cAAc,QAAQ,6BAA6B;AAC5D,SAASC,gBAAgB,QAAQ,eAAe;AAChD,SAASC,YAAY,EAAEC,YAAY,QAAQ,SAAS;AACpD,SACEC,aAAa,EACbC,mBAAmB,EACnBC,gBAAgB,QACX,iBAAiB;AACxB,SAASC,MAAM,QAAQ,GAAG;AAC1B,SAASC,uBAAuB,QAAQ,cAAc;;AAEtD;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMC,iBAAiB,GAAG,eAAAA,CAC/BC,GAAW,EACXC,YAAoB,EAIM;EAAA,IAH1BC,OAEC,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EAEN,MAAM;IAAEG,QAAQ,GAAGC;EAAM,CAAC,GAAGL,OAAO;EACpC,MAAM;IAAEM,MAAM;IAAEC;EAAS,CAAC,GAAG,IAAIC,GAAG,CAACV,GAAG,CAAC;EAEzC,MAAMW,QAAQ,GAAG,MAAML,QAAQ,CAAE,GAAEE,MAAO,mBAAkBC,QAAS,EAAC,EAAE;IACtEG,OAAO,EAAE;MACP,cAAc,EAAE;IAClB;EACF,CAAC,CAAC,CACCC,IAAI,CAACtB,gBAAgB,CAAC,GAAG,EAAEI,mBAAmB,CAAC,CAAC,CAChDkB,IAAI,CAAEC,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBF,IAAI,CAACrB,YAAY,CAACwB,KAAK,CAAC;EAE3B,MAAM,CAACC,GAAG,EAAEC,IAAI,CAAC,GAAGjB,YAAY,CAACkB,KAAK,CAAC,QAAQ,CAAC;EAEhD,IAAIF,GAAG,KAAK,QAAQ,EAAE;IACpB,MAAM,IAAIvB,aAAa,CAAE,GAAEuB,GAAI,6BAA4B,CAAC;EAC9D;;EAEA;EACA,MAAMG,YAAY,GAAG,MAAM9B,cAAc,CAAC+B,IAAI,CAACC,SAAS,CAACX,QAAQ,CAAC,CAAC;EAEnE,IAAIS,YAAY,KAAKF,IAAI,EAAE;IACzB,MAAM,IAAItB,gBAAgB,CAAC;MACzB2B,OAAO,EAAE,gCAAgC;MACzCC,MAAM,EAAE;IACV,CAAC,CAAC;EACJ;EAEA,OAAOb,QAAQ;AACjB,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMc,eAAe,GAC1BC,eAAuB,IACM;EAC7B,MAAM;IAAEC;EAAY,CAAC,GAAG9B,MAAM,CAAC6B,eAAe,CAAC;EAC/C,MAAME,sBAAsB,GAAG9B,uBAAuB,CACpD6B,WAAW,CAACE,GAAG,CAAEC,CAAC,IAAKA,CAAC,CAACC,OAAO,CAAC,EACjC,cACF,CAAC;EACD,OAAOH,sBAAsB,GACzBnC,YAAY,CAACuB,KAAK,CAACY,sBAAsB,CAAC,GAC1CvB,SAAS;AACf,CAAC"}
|
|
@@ -34,13 +34,10 @@ const CredentialIssuerDisplayMetadata = z.object({
|
|
|
34
34
|
name: z.string(),
|
|
35
35
|
locale: z.string()
|
|
36
36
|
});
|
|
37
|
-
const ClaimsMetadata = z.
|
|
38
|
-
|
|
39
|
-
display: z.array(
|
|
40
|
-
|
|
41
|
-
locale: z.string()
|
|
42
|
-
}))
|
|
43
|
-
}));
|
|
37
|
+
const ClaimsMetadata = z.object({
|
|
38
|
+
path: z.array(z.string()),
|
|
39
|
+
display: z.array(CredentialDisplayMetadata)
|
|
40
|
+
});
|
|
44
41
|
const IssuanceErrorSupported = z.object({
|
|
45
42
|
display: z.array(z.object({
|
|
46
43
|
title: z.string(),
|
|
@@ -51,16 +48,21 @@ const IssuanceErrorSupported = z.object({
|
|
|
51
48
|
|
|
52
49
|
// Metadata for a credential which is supported by an Issuer
|
|
53
50
|
|
|
54
|
-
const SupportedCredentialMetadata = z.object({
|
|
55
|
-
format: z.
|
|
51
|
+
const SupportedCredentialMetadata = z.intersection(z.discriminatedUnion("format", [z.object({
|
|
52
|
+
format: z.literal("dc+sd-jwt"),
|
|
53
|
+
vct: z.string()
|
|
54
|
+
}), z.object({
|
|
55
|
+
format: z.literal("mso_mdoc"),
|
|
56
|
+
doctype: z.string()
|
|
57
|
+
})]), z.object({
|
|
56
58
|
scope: z.string(),
|
|
57
59
|
display: z.array(CredentialDisplayMetadata),
|
|
58
|
-
claims: ClaimsMetadata,
|
|
60
|
+
claims: z.array(ClaimsMetadata),
|
|
59
61
|
cryptographic_binding_methods_supported: z.array(z.string()),
|
|
60
62
|
credential_signing_alg_values_supported: z.array(z.string()),
|
|
61
63
|
authentic_source: z.string().optional(),
|
|
62
64
|
issuance_errors_supported: z.record(IssuanceErrorSupported).optional()
|
|
63
|
-
});
|
|
65
|
+
}));
|
|
64
66
|
export const EntityStatement = z.object({
|
|
65
67
|
header: z.object({
|
|
66
68
|
typ: z.literal("entity-statement+jwt"),
|
|
@@ -136,13 +138,16 @@ export const CredentialIssuerEntityConfiguration = BaseEntityConfiguration.and(z
|
|
|
136
138
|
openid_credential_issuer: z.object({
|
|
137
139
|
credential_issuer: z.string(),
|
|
138
140
|
credential_endpoint: z.string(),
|
|
139
|
-
revocation_endpoint: z.string(),
|
|
141
|
+
revocation_endpoint: z.string().optional(),
|
|
142
|
+
nonce_endpoint: z.string(),
|
|
140
143
|
status_attestation_endpoint: z.string(),
|
|
141
144
|
display: z.array(CredentialIssuerDisplayMetadata),
|
|
142
145
|
credential_configurations_supported: z.record(SupportedCredentialMetadata),
|
|
143
146
|
jwks: z.object({
|
|
144
147
|
keys: z.array(JWK)
|
|
145
|
-
})
|
|
148
|
+
}),
|
|
149
|
+
trust_frameworks_supported: z.array(z.string()),
|
|
150
|
+
evidence_supported: z.array(z.string())
|
|
146
151
|
}),
|
|
147
152
|
oauth_authorization_server: z.object({
|
|
148
153
|
authorization_endpoint: z.string(),
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["UnixTime","JWK","z","PresentationDefinition","TrustMark","object","id","string","trust_mark","RelyingPartyMetadata","application_type","optional","client_id","client_name","jwks","keys","array","contacts","presentation_definition","request_uris","authorization_signed_response_alg","authorization_encrypted_response_alg","authorization_encrypted_response_enc","CredentialDisplayMetadata","name","locale","CredentialIssuerDisplayMetadata","ClaimsMetadata","record","value_type","display","IssuanceErrorSupported","title","description","SupportedCredentialMetadata","format","union","literal","scope","claims","cryptographic_binding_methods_supported","credential_signing_alg_values_supported","authentic_source","issuance_errors_supported","EntityStatement","header","typ","alg","kid","payload","iss","sub","trust_marks","iat","number","exp","EntityConfigurationHeader","FederationEntityMetadata","federation_fetch_endpoint","federation_list_endpoint","federation_resolve_endpoint","federation_trust_mark_status_endpoint","federation_trust_mark_list_endpoint","federation_trust_mark_endpoint","federation_historical_keys_endpoint","endpoint_auth_signing_alg_values_supported","organization_name","homepage_uri","policy_uri","logo_uri","passthrough","BaseEntityConfiguration","authority_hints","metadata","federation_entity","TrustAnchorEntityConfiguration","CredentialIssuerEntityConfiguration","and","openid_credential_issuer","credential_issuer","credential_endpoint","revocation_endpoint","status_attestation_endpoint","credential_configurations_supported","oauth_authorization_server","authorization_endpoint","pushed_authorization_request_endpoint","token_endpoint","client_registration_types_supported","code_challenge_methods_supported","acr_values_supported","grant_types_supported","issuer","scopes_supported","response_modes_supported","token_endpoint_auth_methods_supported","token_endpoint_auth_signing_alg_values_supported","request_object_signing_alg_values_supported","openid_credential_verifier","RelyingPartyEntityConfiguration","WalletProviderEntityConfiguration","wallet_provider","aal_values_supported","EntityConfiguration","FederationListResponse"],"sourceRoot":"../../../src","sources":["trust/types.ts"],"mappings":"AAAA,SAASA,QAAQ,QAAQ,iBAAiB;AAC1C,SAASC,GAAG,QAAQ,cAAc;AAClC,OAAO,KAAKC,CAAC,MAAM,KAAK;AACxB,SAASC,sBAAsB,QAAQ,kCAAkC;AAEzE,OAAO,MAAMC,SAAS,GAAGF,CAAC,CAACG,MAAM,CAAC;EAAEC,EAAE,EAAEJ,CAAC,CAACK,MAAM,CAAC,CAAC;EAAEC,UAAU,EAAEN,CAAC,CAACK,MAAM,CAAC;AAAE,CAAC,CAAC;AAG7E,MAAME,oBAAoB,GAAGP,CAAC,CAACG,MAAM,CAAC;EACpCK,gBAAgB,EAAER,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EACvCC,SAAS,EAAEV,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EAChCE,WAAW,EAAEX,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EAClCG,IAAI,EAAEZ,CAAC,CAACG,MAAM,CAAC;IAAEU,IAAI,EAAEb,CAAC,CAACc,KAAK,CAACf,GAAG;EAAE,CAAC,CAAC;EACtCgB,QAAQ,EAAEf,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EACxCO,uBAAuB,EAAEf,sBAAsB,CAACQ,QAAQ,CAAC,CAAC;EAC1DQ,YAAY,EAAEjB,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EAC5CS,iCAAiC,EAAElB,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EACxDU,oCAAoC,EAAEnB,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EAC3DW,oCAAoC,EAAEpB,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC;AAC5D,CAAC,CAAC;;AAEF;AACA;AAEA,MAAMY,yBAAyB,GAAGrB,CAAC,CAACG,MAAM,CAAC;EACzCmB,IAAI,EAAEtB,CAAC,CAACK,MAAM,CAAC,CAAC;EAChBkB,MAAM,EAAEvB,CAAC,CAACK,MAAM,CAAC;AACnB,CAAC,CAAC;;AAEF;;AAIA,MAAMmB,+BAA+B,GAAGxB,CAAC,CAACG,MAAM,CAAC;EAC/CmB,IAAI,EAAEtB,CAAC,CAACK,MAAM,CAAC,CAAC;EAChBkB,MAAM,EAAEvB,CAAC,CAACK,MAAM,CAAC;AACnB,CAAC,CAAC;AAGF,MAAMoB,cAAc,GAAGzB,CAAC,CAAC0B,MAAM,CAC7B1B,CAAC,CAACG,MAAM,CAAC;EACPwB,UAAU,EAAE3B,CAAC,CAACK,MAAM,CAAC,CAAC;EACtBuB,OAAO,EAAE5B,CAAC,CAACc,KAAK,CAACd,CAAC,CAACG,MAAM,CAAC;IAAEmB,IAAI,EAAEtB,CAAC,CAACK,MAAM,CAAC,CAAC;IAAEkB,MAAM,EAAEvB,CAAC,CAACK,MAAM,CAAC;EAAE,CAAC,CAAC;AACrE,CAAC,CACH,CAAC;AAGD,MAAMwB,sBAAsB,GAAG7B,CAAC,CAACG,MAAM,CAAC;EACtCyB,OAAO,EAAE5B,CAAC,CAACc,KAAK,CACdd,CAAC,CAACG,MAAM,CAAC;IACP2B,KAAK,EAAE9B,CAAC,CAACK,MAAM,CAAC,CAAC;IACjB0B,WAAW,EAAE/B,CAAC,CAACK,MAAM,CAAC,CAAC;IACvBkB,MAAM,EAAEvB,CAAC,CAACK,MAAM,CAAC;EACnB,CAAC,CACH;AACF,CAAC,CAAC;;AAEF;;AAEA,MAAM2B,2BAA2B,GAAGhC,CAAC,CAACG,MAAM,CAAC;EAC3C8B,MAAM,EAAEjC,CAAC,CAACkC,KAAK,CAAC,CAAClC,CAAC,CAACmC,OAAO,CAAC,WAAW,CAAC,EAAEnC,CAAC,CAACmC,OAAO,CAAC,cAAc,CAAC,CAAC,CAAC;EACpEC,KAAK,EAAEpC,CAAC,CAACK,MAAM,CAAC,CAAC;EACjBuB,OAAO,EAAE5B,CAAC,CAACc,KAAK,CAACO,yBAAyB,CAAC;EAC3CgB,MAAM,EAAEZ,cAAc;EACtBa,uCAAuC,EAAEtC,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;EAC5DkC,uCAAuC,EAAEvC,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;EAC5DmC,gBAAgB,EAAExC,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EACvCgC,yBAAyB,EAAEzC,CAAC,CAAC0B,MAAM,CAACG,sBAAsB,CAAC,CAACpB,QAAQ,CAAC;AACvE,CAAC,CAAC;AAGF,OAAO,MAAMiC,eAAe,GAAG1C,CAAC,CAACG,MAAM,CAAC;EACtCwC,MAAM,EAAE3C,CAAC,CAACG,MAAM,CAAC;IACfyC,GAAG,EAAE5C,CAAC,CAACmC,OAAO,CAAC,sBAAsB,CAAC;IACtCU,GAAG,EAAE7C,CAAC,CAACK,MAAM,CAAC,CAAC;IACfyC,GAAG,EAAE9C,CAAC,CAACK,MAAM,CAAC;EAChB,CAAC,CAAC;EACF0C,OAAO,EAAE/C,CAAC,CAACG,MAAM,CAAC;IAChB6C,GAAG,EAAEhD,CAAC,CAACK,MAAM,CAAC,CAAC;IACf4C,GAAG,EAAEjD,CAAC,CAACK,MAAM,CAAC,CAAC;IACfO,IAAI,EAAEZ,CAAC,CAACG,MAAM,CAAC;MAAEU,IAAI,EAAEb,CAAC,CAACc,KAAK,CAACf,GAAG;IAAE,CAAC,CAAC;IACtCmD,WAAW,EAAElD,CAAC,CAACc,KAAK,CAACZ,SAAS,CAAC,CAACO,QAAQ,CAAC,CAAC;IAC1C0C,GAAG,EAAEnD,CAAC,CAACoD,MAAM,CAAC,CAAC;IACfC,GAAG,EAAErD,CAAC,CAACoD,MAAM,CAAC;EAChB,CAAC;AACH,CAAC,CAAC;AAKF,OAAO,MAAME,yBAAyB,GAAGtD,CAAC,CAACG,MAAM,CAAC;EAChDyC,GAAG,EAAE5C,CAAC,CAACmC,OAAO,CAAC,sBAAsB,CAAC;EACtCU,GAAG,EAAE7C,CAAC,CAACK,MAAM,CAAC,CAAC;EACfyC,GAAG,EAAE9C,CAAC,CAACK,MAAM,CAAC;AAChB,CAAC,CAAC;;AAEF;AACA;AACA;AACA,MAAMkD,wBAAwB,GAAGvD,CAAC,CAC/BG,MAAM,CAAC;EACNqD,yBAAyB,EAAExD,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EAChDgD,wBAAwB,EAAEzD,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EAC/CiD,2BAA2B,EAAE1D,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EAClDkD,qCAAqC,EAAE3D,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EAC5DmD,mCAAmC,EAAE5D,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EAC1DoD,8BAA8B,EAAE7D,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EACrDqD,mCAAmC,EAAE9D,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EAC1DsD,0CAA0C,EAAE/D,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EACjEuD,iBAAiB,EAAEhE,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EACxCwD,YAAY,EAAEjE,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EACnCyD,UAAU,EAAElE,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EACjC0D,QAAQ,EAAEnE,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EAC/BM,QAAQ,EAAEf,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC,CAACI,QAAQ,CAAC;AACzC,CAAC,CAAC,CACD2D,WAAW,CAAC,CAAC;;AAEhB;AACA,MAAMC,uBAAuB,GAAGrE,CAAC,CAACG,MAAM,CAAC;EACvCwC,MAAM,EAAEW,yBAAyB;EACjCP,OAAO,EAAE/C,CAAC,CACPG,MAAM,CAAC;IACN6C,GAAG,EAAEhD,CAAC,CAACK,MAAM,CAAC,CAAC;IACf4C,GAAG,EAAEjD,CAAC,CAACK,MAAM,CAAC,CAAC;IACf8C,GAAG,EAAErD,QAAQ;IACbuD,GAAG,EAAEvD,QAAQ;IACbwE,eAAe,EAAEtE,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;IAC/C8D,QAAQ,EAAEvE,CAAC,CACRG,MAAM,CAAC;MACNqE,iBAAiB,EAAEjB;IACrB,CAAC,CAAC,CACDa,WAAW,CAAC,CAAC;IAChBxD,IAAI,EAAEZ,CAAC,CAACG,MAAM,CAAC;MACbU,IAAI,EAAEb,CAAC,CAACc,KAAK,CAACf,GAAG;IACnB,CAAC;EACH,CAAC,CAAC,CACDqE,WAAW,CAAC;AACjB,CAAC,CAAC;;AAEF;;AAIA,OAAO,MAAMK,8BAA8B,GAAGJ,uBAAuB;;AAErE;;AAIA,OAAO,MAAMK,mCAAmC,GAAGL,uBAAuB,CAACM,GAAG,CAC5E3E,CAAC,CAACG,MAAM,CAAC;EACP4C,OAAO,EAAE/C,CAAC,CAACG,MAAM,CAAC;IAChBS,IAAI,EAAEZ,CAAC,CAACG,MAAM,CAAC;MAAEU,IAAI,EAAEb,CAAC,CAACc,KAAK,CAACf,GAAG;IAAE,CAAC,CAAC;IACtCwE,QAAQ,EAAEvE,CAAC,CAACG,MAAM,CAAC;MACjByE,wBAAwB,EAAE5E,CAAC,CAACG,MAAM,CAAC;QACjC0E,iBAAiB,EAAE7E,CAAC,CAACK,MAAM,CAAC,CAAC;QAC7ByE,mBAAmB,EAAE9E,CAAC,CAACK,MAAM,CAAC,CAAC;QAC/B0E,mBAAmB,EAAE/E,CAAC,CAACK,MAAM,CAAC,CAAC;QAC/B2E,2BAA2B,EAAEhF,CAAC,CAACK,MAAM,CAAC,CAAC;QACvCuB,OAAO,EAAE5B,CAAC,CAACc,KAAK,CAACU,+BAA+B,CAAC;QACjDyD,mCAAmC,EAAEjF,CAAC,CAAC0B,MAAM,CAC3CM,2BACF,CAAC;QACDpB,IAAI,EAAEZ,CAAC,CAACG,MAAM,CAAC;UAAEU,IAAI,EAAEb,CAAC,CAACc,KAAK,CAACf,GAAG;QAAE,CAAC;MACvC,CAAC,CAAC;MACFmF,0BAA0B,EAAElF,CAAC,CAACG,MAAM,CAAC;QACnCgF,sBAAsB,EAAEnF,CAAC,CAACK,MAAM,CAAC,CAAC;QAClC+E,qCAAqC,EAAEpF,CAAC,CAACK,MAAM,CAAC,CAAC;QACjDgF,cAAc,EAAErF,CAAC,CAACK,MAAM,CAAC,CAAC;QAC1BiF,mCAAmC,EAAEtF,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;QACxDkF,gCAAgC,EAAEvF,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;QACrDmF,oBAAoB,EAAExF,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;QACzCoF,qBAAqB,EAAEzF,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;QAC1CqF,MAAM,EAAE1F,CAAC,CAACK,MAAM,CAAC,CAAC;QAClBO,IAAI,EAAEZ,CAAC,CAACG,MAAM,CAAC;UAAEU,IAAI,EAAEb,CAAC,CAACc,KAAK,CAACf,GAAG;QAAE,CAAC,CAAC;QACtC4F,gBAAgB,EAAE3F,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;QACrCuF,wBAAwB,EAAE5F,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;QAC7CwF,qCAAqC,EAAE7F,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;QAC1DyF,gDAAgD,EAAE9F,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;QACrE0F,2CAA2C,EAAE/F,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC;MACjE,CAAC,CAAC;MACF;AACR;AACA;AACA;MACQ2F,0BAA0B,EAAEzF,oBAAoB,CAACE,QAAQ,CAAC;IAC5D,CAAC;EACH,CAAC;AACH,CAAC,CACH,CAAC;;AAED;;AAIA,OAAO,MAAMwF,+BAA+B,GAAG5B,uBAAuB,CAACM,GAAG,CACxE3E,CAAC,CAACG,MAAM,CAAC;EACP4C,OAAO,EAAE/C,CAAC,CAACG,MAAM,CAAC;IAChBoE,QAAQ,EAAEvE,CAAC,CAACG,MAAM,CAAC;MACjB6F,0BAA0B,EAAEzF;IAC9B,CAAC;EACH,CAAC;AACH,CAAC,CACH,CAAC;;AAED;;AAIA,OAAO,MAAM2F,iCAAiC,GAAG7B,uBAAuB,CAACM,GAAG,CAC1E3E,CAAC,CAACG,MAAM,CAAC;EACP4C,OAAO,EAAE/C,CAAC,CAACG,MAAM,CAAC;IAChBoE,QAAQ,EAAEvE,CAAC,CAACG,MAAM,CAAC;MACjBgG,eAAe,EAAEnG,CAAC,CACfG,MAAM,CAAC;QACNkF,cAAc,EAAErF,CAAC,CAACK,MAAM,CAAC,CAAC;QAC1B+F,oBAAoB,EAAEpG,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;QACpDgF,qBAAqB,EAAEzF,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;QAC1CwF,qCAAqC,EAAE7F,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;QAC1DyF,gDAAgD,EAAE9F,CAAC,CAACc,KAAK,CACvDd,CAAC,CAACK,MAAM,CAAC,CACX,CAAC;QACDO,IAAI,EAAEZ,CAAC,CAACG,MAAM,CAAC;UAAEU,IAAI,EAAEb,CAAC,CAACc,KAAK,CAACf,GAAG;QAAE,CAAC;MACvC,CAAC,CAAC,CACDqE,WAAW,CAAC;IACjB,CAAC;EACH,CAAC;AACH,CAAC,CACH,CAAC;;AAED;;AAEA,OAAO,MAAMiC,mBAAmB,GAAGrG,CAAC,CAACkC,KAAK,CACxC,CACEgE,iCAAiC,EACjCxB,mCAAmC,EACnCD,8BAA8B,EAC9BwB,+BAA+B,CAChC,EACD;EACElE,WAAW,EAAE;AACf,CACF,CAAC;AAED,OAAO,MAAMuE,sBAAsB,GAAGtG,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC"}
|
|
1
|
+
{"version":3,"names":["UnixTime","JWK","z","PresentationDefinition","TrustMark","object","id","string","trust_mark","RelyingPartyMetadata","application_type","optional","client_id","client_name","jwks","keys","array","contacts","presentation_definition","request_uris","authorization_signed_response_alg","authorization_encrypted_response_alg","authorization_encrypted_response_enc","CredentialDisplayMetadata","name","locale","CredentialIssuerDisplayMetadata","ClaimsMetadata","path","display","IssuanceErrorSupported","title","description","SupportedCredentialMetadata","intersection","discriminatedUnion","format","literal","vct","doctype","scope","claims","cryptographic_binding_methods_supported","credential_signing_alg_values_supported","authentic_source","issuance_errors_supported","record","EntityStatement","header","typ","alg","kid","payload","iss","sub","trust_marks","iat","number","exp","EntityConfigurationHeader","FederationEntityMetadata","federation_fetch_endpoint","federation_list_endpoint","federation_resolve_endpoint","federation_trust_mark_status_endpoint","federation_trust_mark_list_endpoint","federation_trust_mark_endpoint","federation_historical_keys_endpoint","endpoint_auth_signing_alg_values_supported","organization_name","homepage_uri","policy_uri","logo_uri","passthrough","BaseEntityConfiguration","authority_hints","metadata","federation_entity","TrustAnchorEntityConfiguration","CredentialIssuerEntityConfiguration","and","openid_credential_issuer","credential_issuer","credential_endpoint","revocation_endpoint","nonce_endpoint","status_attestation_endpoint","credential_configurations_supported","trust_frameworks_supported","evidence_supported","oauth_authorization_server","authorization_endpoint","pushed_authorization_request_endpoint","token_endpoint","client_registration_types_supported","code_challenge_methods_supported","acr_values_supported","grant_types_supported","issuer","scopes_supported","response_modes_supported","token_endpoint_auth_methods_supported","token_endpoint_auth_signing_alg_values_supported","request_object_signing_alg_values_supported","openid_credential_verifier","RelyingPartyEntityConfiguration","WalletProviderEntityConfiguration","wallet_provider","aal_values_supported","EntityConfiguration","union","FederationListResponse"],"sourceRoot":"../../../src","sources":["trust/types.ts"],"mappings":"AAAA,SAASA,QAAQ,QAAQ,iBAAiB;AAC1C,SAASC,GAAG,QAAQ,cAAc;AAClC,OAAO,KAAKC,CAAC,MAAM,KAAK;AACxB,SAASC,sBAAsB,QAAQ,kCAAkC;AAEzE,OAAO,MAAMC,SAAS,GAAGF,CAAC,CAACG,MAAM,CAAC;EAAEC,EAAE,EAAEJ,CAAC,CAACK,MAAM,CAAC,CAAC;EAAEC,UAAU,EAAEN,CAAC,CAACK,MAAM,CAAC;AAAE,CAAC,CAAC;AAG7E,MAAME,oBAAoB,GAAGP,CAAC,CAACG,MAAM,CAAC;EACpCK,gBAAgB,EAAER,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EACvCC,SAAS,EAAEV,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EAChCE,WAAW,EAAEX,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EAClCG,IAAI,EAAEZ,CAAC,CAACG,MAAM,CAAC;IAAEU,IAAI,EAAEb,CAAC,CAACc,KAAK,CAACf,GAAG;EAAE,CAAC,CAAC;EACtCgB,QAAQ,EAAEf,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EACxCO,uBAAuB,EAAEf,sBAAsB,CAACQ,QAAQ,CAAC,CAAC;EAC1DQ,YAAY,EAAEjB,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EAC5CS,iCAAiC,EAAElB,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EACxDU,oCAAoC,EAAEnB,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EAC3DW,oCAAoC,EAAEpB,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC;AAC5D,CAAC,CAAC;;AAEF;AACA;AAEA,MAAMY,yBAAyB,GAAGrB,CAAC,CAACG,MAAM,CAAC;EACzCmB,IAAI,EAAEtB,CAAC,CAACK,MAAM,CAAC,CAAC;EAChBkB,MAAM,EAAEvB,CAAC,CAACK,MAAM,CAAC;AACnB,CAAC,CAAC;;AAEF;;AAIA,MAAMmB,+BAA+B,GAAGxB,CAAC,CAACG,MAAM,CAAC;EAC/CmB,IAAI,EAAEtB,CAAC,CAACK,MAAM,CAAC,CAAC;EAChBkB,MAAM,EAAEvB,CAAC,CAACK,MAAM,CAAC;AACnB,CAAC,CAAC;AAGF,MAAMoB,cAAc,GAAGzB,CAAC,CAACG,MAAM,CAAC;EAC9BuB,IAAI,EAAE1B,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;EACzBsB,OAAO,EAAE3B,CAAC,CAACc,KAAK,CAACO,yBAAyB;AAC5C,CAAC,CAAC;AAGF,MAAMO,sBAAsB,GAAG5B,CAAC,CAACG,MAAM,CAAC;EACtCwB,OAAO,EAAE3B,CAAC,CAACc,KAAK,CACdd,CAAC,CAACG,MAAM,CAAC;IACP0B,KAAK,EAAE7B,CAAC,CAACK,MAAM,CAAC,CAAC;IACjByB,WAAW,EAAE9B,CAAC,CAACK,MAAM,CAAC,CAAC;IACvBkB,MAAM,EAAEvB,CAAC,CAACK,MAAM,CAAC;EACnB,CAAC,CACH;AACF,CAAC,CAAC;;AAEF;;AAEA,MAAM0B,2BAA2B,GAAG/B,CAAC,CAACgC,YAAY,CAChDhC,CAAC,CAACiC,kBAAkB,CAAC,QAAQ,EAAE,CAC7BjC,CAAC,CAACG,MAAM,CAAC;EAAE+B,MAAM,EAAElC,CAAC,CAACmC,OAAO,CAAC,WAAW,CAAC;EAAEC,GAAG,EAAEpC,CAAC,CAACK,MAAM,CAAC;AAAE,CAAC,CAAC,EAC7DL,CAAC,CAACG,MAAM,CAAC;EAAE+B,MAAM,EAAElC,CAAC,CAACmC,OAAO,CAAC,UAAU,CAAC;EAAEE,OAAO,EAAErC,CAAC,CAACK,MAAM,CAAC;AAAE,CAAC,CAAC,CACjE,CAAC,EACFL,CAAC,CAACG,MAAM,CAAC;EACPmC,KAAK,EAAEtC,CAAC,CAACK,MAAM,CAAC,CAAC;EACjBsB,OAAO,EAAE3B,CAAC,CAACc,KAAK,CAACO,yBAAyB,CAAC;EAC3CkB,MAAM,EAAEvC,CAAC,CAACc,KAAK,CAACW,cAAc,CAAC;EAC/Be,uCAAuC,EAAExC,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;EAC5DoC,uCAAuC,EAAEzC,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;EAC5DqC,gBAAgB,EAAE1C,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EACvCkC,yBAAyB,EAAE3C,CAAC,CAAC4C,MAAM,CAAChB,sBAAsB,CAAC,CAACnB,QAAQ,CAAC;AACvE,CAAC,CACH,CAAC;AAGD,OAAO,MAAMoC,eAAe,GAAG7C,CAAC,CAACG,MAAM,CAAC;EACtC2C,MAAM,EAAE9C,CAAC,CAACG,MAAM,CAAC;IACf4C,GAAG,EAAE/C,CAAC,CAACmC,OAAO,CAAC,sBAAsB,CAAC;IACtCa,GAAG,EAAEhD,CAAC,CAACK,MAAM,CAAC,CAAC;IACf4C,GAAG,EAAEjD,CAAC,CAACK,MAAM,CAAC;EAChB,CAAC,CAAC;EACF6C,OAAO,EAAElD,CAAC,CAACG,MAAM,CAAC;IAChBgD,GAAG,EAAEnD,CAAC,CAACK,MAAM,CAAC,CAAC;IACf+C,GAAG,EAAEpD,CAAC,CAACK,MAAM,CAAC,CAAC;IACfO,IAAI,EAAEZ,CAAC,CAACG,MAAM,CAAC;MAAEU,IAAI,EAAEb,CAAC,CAACc,KAAK,CAACf,GAAG;IAAE,CAAC,CAAC;IACtCsD,WAAW,EAAErD,CAAC,CAACc,KAAK,CAACZ,SAAS,CAAC,CAACO,QAAQ,CAAC,CAAC;IAC1C6C,GAAG,EAAEtD,CAAC,CAACuD,MAAM,CAAC,CAAC;IACfC,GAAG,EAAExD,CAAC,CAACuD,MAAM,CAAC;EAChB,CAAC;AACH,CAAC,CAAC;AAKF,OAAO,MAAME,yBAAyB,GAAGzD,CAAC,CAACG,MAAM,CAAC;EAChD4C,GAAG,EAAE/C,CAAC,CAACmC,OAAO,CAAC,sBAAsB,CAAC;EACtCa,GAAG,EAAEhD,CAAC,CAACK,MAAM,CAAC,CAAC;EACf4C,GAAG,EAAEjD,CAAC,CAACK,MAAM,CAAC;AAChB,CAAC,CAAC;;AAEF;AACA;AACA;AACA,MAAMqD,wBAAwB,GAAG1D,CAAC,CAC/BG,MAAM,CAAC;EACNwD,yBAAyB,EAAE3D,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EAChDmD,wBAAwB,EAAE5D,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EAC/CoD,2BAA2B,EAAE7D,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EAClDqD,qCAAqC,EAAE9D,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EAC5DsD,mCAAmC,EAAE/D,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EAC1DuD,8BAA8B,EAAEhE,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EACrDwD,mCAAmC,EAAEjE,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EAC1DyD,0CAA0C,EAAElE,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EACjE0D,iBAAiB,EAAEnE,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EACxC2D,YAAY,EAAEpE,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EACnC4D,UAAU,EAAErE,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EACjC6D,QAAQ,EAAEtE,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EAC/BM,QAAQ,EAAEf,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC,CAACI,QAAQ,CAAC;AACzC,CAAC,CAAC,CACD8D,WAAW,CAAC,CAAC;;AAEhB;AACA,MAAMC,uBAAuB,GAAGxE,CAAC,CAACG,MAAM,CAAC;EACvC2C,MAAM,EAAEW,yBAAyB;EACjCP,OAAO,EAAElD,CAAC,CACPG,MAAM,CAAC;IACNgD,GAAG,EAAEnD,CAAC,CAACK,MAAM,CAAC,CAAC;IACf+C,GAAG,EAAEpD,CAAC,CAACK,MAAM,CAAC,CAAC;IACfiD,GAAG,EAAExD,QAAQ;IACb0D,GAAG,EAAE1D,QAAQ;IACb2E,eAAe,EAAEzE,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;IAC/CiE,QAAQ,EAAE1E,CAAC,CACRG,MAAM,CAAC;MACNwE,iBAAiB,EAAEjB;IACrB,CAAC,CAAC,CACDa,WAAW,CAAC,CAAC;IAChB3D,IAAI,EAAEZ,CAAC,CAACG,MAAM,CAAC;MACbU,IAAI,EAAEb,CAAC,CAACc,KAAK,CAACf,GAAG;IACnB,CAAC;EACH,CAAC,CAAC,CACDwE,WAAW,CAAC;AACjB,CAAC,CAAC;;AAEF;;AAIA,OAAO,MAAMK,8BAA8B,GAAGJ,uBAAuB;;AAErE;;AAIA,OAAO,MAAMK,mCAAmC,GAAGL,uBAAuB,CAACM,GAAG,CAC5E9E,CAAC,CAACG,MAAM,CAAC;EACP+C,OAAO,EAAElD,CAAC,CAACG,MAAM,CAAC;IAChBS,IAAI,EAAEZ,CAAC,CAACG,MAAM,CAAC;MAAEU,IAAI,EAAEb,CAAC,CAACc,KAAK,CAACf,GAAG;IAAE,CAAC,CAAC;IACtC2E,QAAQ,EAAE1E,CAAC,CAACG,MAAM,CAAC;MACjB4E,wBAAwB,EAAE/E,CAAC,CAACG,MAAM,CAAC;QACjC6E,iBAAiB,EAAEhF,CAAC,CAACK,MAAM,CAAC,CAAC;QAC7B4E,mBAAmB,EAAEjF,CAAC,CAACK,MAAM,CAAC,CAAC;QAC/B6E,mBAAmB,EAAElF,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;QAC1C0E,cAAc,EAAEnF,CAAC,CAACK,MAAM,CAAC,CAAC;QAC1B+E,2BAA2B,EAAEpF,CAAC,CAACK,MAAM,CAAC,CAAC;QACvCsB,OAAO,EAAE3B,CAAC,CAACc,KAAK,CAACU,+BAA+B,CAAC;QACjD6D,mCAAmC,EAAErF,CAAC,CAAC4C,MAAM,CAC3Cb,2BACF,CAAC;QACDnB,IAAI,EAAEZ,CAAC,CAACG,MAAM,CAAC;UAAEU,IAAI,EAAEb,CAAC,CAACc,KAAK,CAACf,GAAG;QAAE,CAAC,CAAC;QACtCuF,0BAA0B,EAAEtF,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;QAC/CkF,kBAAkB,EAAEvF,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC;MACxC,CAAC,CAAC;MACFmF,0BAA0B,EAAExF,CAAC,CAACG,MAAM,CAAC;QACnCsF,sBAAsB,EAAEzF,CAAC,CAACK,MAAM,CAAC,CAAC;QAClCqF,qCAAqC,EAAE1F,CAAC,CAACK,MAAM,CAAC,CAAC;QACjDsF,cAAc,EAAE3F,CAAC,CAACK,MAAM,CAAC,CAAC;QAC1BuF,mCAAmC,EAAE5F,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;QACxDwF,gCAAgC,EAAE7F,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;QACrDyF,oBAAoB,EAAE9F,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;QACzC0F,qBAAqB,EAAE/F,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;QAC1C2F,MAAM,EAAEhG,CAAC,CAACK,MAAM,CAAC,CAAC;QAClBO,IAAI,EAAEZ,CAAC,CAACG,MAAM,CAAC;UAAEU,IAAI,EAAEb,CAAC,CAACc,KAAK,CAACf,GAAG;QAAE,CAAC,CAAC;QACtCkG,gBAAgB,EAAEjG,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;QACrC6F,wBAAwB,EAAElG,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;QAC7C8F,qCAAqC,EAAEnG,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;QAC1D+F,gDAAgD,EAAEpG,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;QACrEgG,2CAA2C,EAAErG,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC;MACjE,CAAC,CAAC;MACF;AACR;AACA;AACA;MACQiG,0BAA0B,EAAE/F,oBAAoB,CAACE,QAAQ,CAAC;IAC5D,CAAC;EACH,CAAC;AACH,CAAC,CACH,CAAC;;AAED;;AAIA,OAAO,MAAM8F,+BAA+B,GAAG/B,uBAAuB,CAACM,GAAG,CACxE9E,CAAC,CAACG,MAAM,CAAC;EACP+C,OAAO,EAAElD,CAAC,CAACG,MAAM,CAAC;IAChBuE,QAAQ,EAAE1E,CAAC,CAACG,MAAM,CAAC;MACjBmG,0BAA0B,EAAE/F;IAC9B,CAAC;EACH,CAAC;AACH,CAAC,CACH,CAAC;;AAED;;AAIA,OAAO,MAAMiG,iCAAiC,GAAGhC,uBAAuB,CAACM,GAAG,CAC1E9E,CAAC,CAACG,MAAM,CAAC;EACP+C,OAAO,EAAElD,CAAC,CAACG,MAAM,CAAC;IAChBuE,QAAQ,EAAE1E,CAAC,CAACG,MAAM,CAAC;MACjBsG,eAAe,EAAEzG,CAAC,CACfG,MAAM,CAAC;QACNwF,cAAc,EAAE3F,CAAC,CAACK,MAAM,CAAC,CAAC;QAC1BqG,oBAAoB,EAAE1G,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;QACpDsF,qBAAqB,EAAE/F,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;QAC1C8F,qCAAqC,EAAEnG,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;QAC1D+F,gDAAgD,EAAEpG,CAAC,CAACc,KAAK,CACvDd,CAAC,CAACK,MAAM,CAAC,CACX,CAAC;QACDO,IAAI,EAAEZ,CAAC,CAACG,MAAM,CAAC;UAAEU,IAAI,EAAEb,CAAC,CAACc,KAAK,CAACf,GAAG;QAAE,CAAC;MACvC,CAAC,CAAC,CACDwE,WAAW,CAAC;IACjB,CAAC;EACH,CAAC;AACH,CAAC,CACH,CAAC;;AAED;;AAEA,OAAO,MAAMoC,mBAAmB,GAAG3G,CAAC,CAAC4G,KAAK,CACxC,CACEJ,iCAAiC,EACjC3B,mCAAmC,EACnCD,8BAA8B,EAC9B2B,+BAA+B,CAChC,EACD;EACEzE,WAAW,EAAE;AACf,CACF,CAAC;AAED,OAAO,MAAM+E,sBAAsB,GAAG7G,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC"}
|
package/lib/module/utils/par.js
CHANGED
|
@@ -7,12 +7,14 @@ import { createPopToken } from "./pop";
|
|
|
7
7
|
import { IssuerResponseError } from "./errors";
|
|
8
8
|
import { LogLevel, Logger } from "./logging";
|
|
9
9
|
export const AuthorizationDetail = z.object({
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
type: z.literal("openid_credential")
|
|
10
|
+
type: z.literal("openid_credential"),
|
|
11
|
+
credential_configuration_id: z.string()
|
|
13
12
|
});
|
|
14
13
|
export const AuthorizationDetails = z.array(AuthorizationDetail);
|
|
15
|
-
|
|
14
|
+
export const ParResponse = z.object({
|
|
15
|
+
request_uri: z.string(),
|
|
16
|
+
expires_in: z.number()
|
|
17
|
+
});
|
|
16
18
|
/**
|
|
17
19
|
* Make a PAR request to the issuer and return the response url
|
|
18
20
|
*/
|
|
@@ -21,10 +23,17 @@ export const makeParRequest = _ref => {
|
|
|
21
23
|
wiaCryptoContext,
|
|
22
24
|
appFetch
|
|
23
25
|
} = _ref;
|
|
24
|
-
return async (
|
|
26
|
+
return async (parEndpoint, walletInstanceAttestation, _ref2) => {
|
|
27
|
+
let {
|
|
28
|
+
codeVerifier,
|
|
29
|
+
responseMode,
|
|
30
|
+
clientId,
|
|
31
|
+
redirectUri,
|
|
32
|
+
authorizationDetails,
|
|
33
|
+
scope,
|
|
34
|
+
aud
|
|
35
|
+
} = _ref2;
|
|
25
36
|
const wiaPublicKey = await wiaCryptoContext.getPublicKey();
|
|
26
|
-
const parUrl = new URL(parEndpoint);
|
|
27
|
-
const aud = `${parUrl.protocol}//${parUrl.hostname}`;
|
|
28
37
|
const iss = WalletInstanceAttestation.decode(walletInstanceAttestation).payload.cnf.jwk.kid;
|
|
29
38
|
const signedWiaPoP = await createPopToken({
|
|
30
39
|
jti: `${uuidv4()}`,
|
|
@@ -43,7 +52,7 @@ export const makeParRequest = _ref => {
|
|
|
43
52
|
with the it will ship the Wallet Instance Attestation.
|
|
44
53
|
The key is matched by its kid */
|
|
45
54
|
const signedJwtForPar = await new SignJWT(wiaCryptoContext).setProtectedHeader({
|
|
46
|
-
typ: "
|
|
55
|
+
typ: "jwt",
|
|
47
56
|
kid: wiaPublicKey.kid
|
|
48
57
|
}).setPayload({
|
|
49
58
|
jti: `${uuidv4()}`,
|
|
@@ -55,31 +64,31 @@ export const makeParRequest = _ref => {
|
|
|
55
64
|
state: generateRandomAlphaNumericString(32),
|
|
56
65
|
code_challenge: codeChallenge,
|
|
57
66
|
code_challenge_method: codeChallengeMethod,
|
|
58
|
-
authorization_details: authorizationDetails,
|
|
59
67
|
redirect_uri: redirectUri,
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
68
|
+
...(authorizationDetails && {
|
|
69
|
+
authorization_details: authorizationDetails
|
|
70
|
+
}),
|
|
71
|
+
...(scope && {
|
|
72
|
+
scope
|
|
73
|
+
})
|
|
74
|
+
}).setIssuedAt() // iat is set to now
|
|
63
75
|
.setExpirationTime("5min").sign();
|
|
64
76
|
|
|
65
77
|
/** The request body for the Pushed Authorization Request */
|
|
66
78
|
var formBody = new URLSearchParams({
|
|
67
|
-
response_type: "code",
|
|
68
79
|
client_id: clientId,
|
|
69
|
-
|
|
70
|
-
code_challenge_method: "S256",
|
|
71
|
-
request: signedJwtForPar,
|
|
72
|
-
client_assertion_type: assertionType,
|
|
73
|
-
client_assertion: walletInstanceAttestation + "~" + signedWiaPoP
|
|
80
|
+
request: signedJwtForPar
|
|
74
81
|
});
|
|
75
82
|
Logger.log(LogLevel.DEBUG, `Sending to PAR endpoint ${parEndpoint}: ${formBody}`);
|
|
76
83
|
return await appFetch(parEndpoint, {
|
|
77
84
|
method: "POST",
|
|
78
85
|
headers: {
|
|
79
|
-
"Content-Type": "application/x-www-form-urlencoded"
|
|
86
|
+
"Content-Type": "application/x-www-form-urlencoded",
|
|
87
|
+
"OAuth-Client-Attestation": walletInstanceAttestation,
|
|
88
|
+
"OAuth-Client-Attestation-PoP": signedWiaPoP
|
|
80
89
|
},
|
|
81
90
|
body: formBody.toString()
|
|
82
|
-
}).then(hasStatusOrThrow(201, IssuerResponseError)).then(res => res.json()).then(result => result.request_uri);
|
|
91
|
+
}).then(hasStatusOrThrow(201, IssuerResponseError)).then(res => res.json()).then(ParResponse.parse).then(result => result.request_uri);
|
|
83
92
|
};
|
|
84
93
|
};
|
|
85
94
|
//# sourceMappingURL=par.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["sha256ToBase64","SignJWT","v4","uuidv4","z","WalletInstanceAttestation","generateRandomAlphaNumericString","hasStatusOrThrow","createPopToken","IssuerResponseError","LogLevel","Logger","AuthorizationDetail","object","
|
|
1
|
+
{"version":3,"names":["sha256ToBase64","SignJWT","v4","uuidv4","z","WalletInstanceAttestation","generateRandomAlphaNumericString","hasStatusOrThrow","createPopToken","IssuerResponseError","LogLevel","Logger","AuthorizationDetail","object","type","literal","credential_configuration_id","string","AuthorizationDetails","array","ParResponse","request_uri","expires_in","number","makeParRequest","_ref","wiaCryptoContext","appFetch","parEndpoint","walletInstanceAttestation","_ref2","codeVerifier","responseMode","clientId","redirectUri","authorizationDetails","scope","aud","wiaPublicKey","getPublicKey","iss","decode","payload","cnf","jwk","kid","signedWiaPoP","jti","codeChallengeMethod","codeChallenge","signedJwtForPar","setProtectedHeader","typ","setPayload","response_type","response_mode","client_id","state","code_challenge","code_challenge_method","redirect_uri","authorization_details","setIssuedAt","setExpirationTime","sign","formBody","URLSearchParams","request","log","DEBUG","method","headers","body","toString","then","res","json","parse","result"],"sourceRoot":"../../../src","sources":["utils/par.ts"],"mappings":"AAAA,SACEA,cAAc,EAEdC,OAAO,QACF,6BAA6B;AACpC,SAASC,EAAE,IAAIC,MAAM,QAAQ,MAAM;AACnC,OAAO,KAAKC,CAAC,MAAM,KAAK;AACxB,OAAO,KAAKC,yBAAyB,MAAM,gCAAgC;AAC3E,SAASC,gCAAgC,EAAEC,gBAAgB,QAAQ,QAAQ;AAC3E,SAASC,cAAc,QAAQ,OAAO;AACtC,SAASC,mBAAmB,QAAQ,UAAU;AAC9C,SAASC,QAAQ,EAAEC,MAAM,QAAQ,WAAW;AAG5C,OAAO,MAAMC,mBAAmB,GAAGR,CAAC,CAACS,MAAM,CAAC;EAC1CC,IAAI,EAAEV,CAAC,CAACW,OAAO,CAAC,mBAAmB,CAAC;EACpCC,2BAA2B,EAAEZ,CAAC,CAACa,MAAM,CAAC;AACxC,CAAC,CAAC;AAGF,OAAO,MAAMC,oBAAoB,GAAGd,CAAC,CAACe,KAAK,CAACP,mBAAmB,CAAC;AAGhE,OAAO,MAAMQ,WAAW,GAAGhB,CAAC,CAACS,MAAM,CAAC;EAClCQ,WAAW,EAAEjB,CAAC,CAACa,MAAM,CAAC,CAAC;EACvBK,UAAU,EAAElB,CAAC,CAACmB,MAAM,CAAC;AACvB,CAAC,CAAC;AAcF;AACA;AACA;AACA,OAAO,MAAMC,cAAc,GACzBC,IAAA;EAAA,IAAC;IACCC,gBAAgB;IAChBC;EAIF,CAAC,GAAAF,IAAA;EAAA,OACD,OACEG,WAAmB,EACnBC,yBAAiC,EAAAC,KAAA,KAUb;IAAA,IATpB;MACEC,YAAY;MACZC,YAAY;MACZC,QAAQ;MACRC,WAAW;MACXC,oBAAoB;MACpBC,KAAK;MACLC;IACiB,CAAC,GAAAP,KAAA;IAEpB,MAAMQ,YAAY,GAAG,MAAMZ,gBAAgB,CAACa,YAAY,CAAC,CAAC;IAE1D,MAAMC,GAAG,GAAGnC,yBAAyB,CAACoC,MAAM,CAACZ,yBAAyB,CAAC,CACpEa,OAAO,CAACC,GAAG,CAACC,GAAG,CAACC,GAAG;IAEtB,MAAMC,YAAY,GAAG,MAAMtC,cAAc,CACvC;MACEuC,GAAG,EAAG,GAAE5C,MAAM,CAAC,CAAE,EAAC;MAClBkC,GAAG;MACHG;IACF,CAAC,EACDd,gBACF,CAAC;;IAED;AACJ;AACA;IACI,MAAMsB,mBAAmB,GAAG,MAAM;IAClC,MAAMC,aAAa,GAAG,MAAMjD,cAAc,CAAC+B,YAAY,CAAC;;IAExD;AACJ;AACA;AACA;IACI,MAAMmB,eAAe,GAAG,MAAM,IAAIjD,OAAO,CAACyB,gBAAgB,CAAC,CACxDyB,kBAAkB,CAAC;MAClBC,GAAG,EAAE,KAAK;MACVP,GAAG,EAAEP,YAAY,CAACO;IACpB,CAAC,CAAC,CACDQ,UAAU,CAAC;MACVN,GAAG,EAAG,GAAE5C,MAAM,CAAC,CAAE,EAAC;MAClBkC,GAAG;MACHiB,aAAa,EAAE,MAAM;MACrBC,aAAa,EAAEvB,YAAY;MAC3BwB,SAAS,EAAEvB,QAAQ;MACnBO,GAAG;MACHiB,KAAK,EAAEnD,gCAAgC,CAAC,EAAE,CAAC;MAC3CoD,cAAc,EAAET,aAAa;MAC7BU,qBAAqB,EAAEX,mBAAmB;MAC1CY,YAAY,EAAE1B,WAAW;MACzB,IAAIC,oBAAoB,IAAI;QAC1B0B,qBAAqB,EAAE1B;MACzB,CAAC,CAAC;MACF,IAAIC,KAAK,IAAI;QAAEA;MAAM,CAAC;IACxB,CAAC,CAAC,CACD0B,WAAW,CAAC,CAAC,CAAC;IAAA,CACdC,iBAAiB,CAAC,MAAM,CAAC,CACzBC,IAAI,CAAC,CAAC;;IAET;IACA,IAAIC,QAAQ,GAAG,IAAIC,eAAe,CAAC;MACjCV,SAAS,EAAEvB,QAAQ;MACnBkC,OAAO,EAAEjB;IACX,CAAC,CAAC;IAEFvC,MAAM,CAACyD,GAAG,CACR1D,QAAQ,CAAC2D,KAAK,EACb,2BAA0BzC,WAAY,KAAIqC,QAAS,EACtD,CAAC;IAED,OAAO,MAAMtC,QAAQ,CAACC,WAAW,EAAE;MACjC0C,MAAM,EAAE,MAAM;MACdC,OAAO,EAAE;QACP,cAAc,EAAE,mCAAmC;QACnD,0BAA0B,EAAE1C,yBAAyB;QACrD,8BAA8B,EAAEiB;MAClC,CAAC;MACD0B,IAAI,EAAEP,QAAQ,CAACQ,QAAQ,CAAC;IAC1B,CAAC,CAAC,CACCC,IAAI,CAACnE,gBAAgB,CAAC,GAAG,EAAEE,mBAAmB,CAAC,CAAC,CAChDiE,IAAI,CAAEC,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBF,IAAI,CAACtD,WAAW,CAACyD,KAAK,CAAC,CACvBH,IAAI,CAAEI,MAAM,IAAKA,MAAM,CAACzD,WAAW,CAAC;EACzC,CAAC;AAAA"}
|
package/lib/module/utils/pop.js
CHANGED
|
@@ -12,7 +12,7 @@ import { SignJWT } from "@pagopa/io-react-native-jwt";
|
|
|
12
12
|
export const createPopToken = async (payload, crypto) => {
|
|
13
13
|
const kid = await crypto.getPublicKey().then(_ => _.kid);
|
|
14
14
|
return new SignJWT(crypto).setPayload(payload).setProtectedHeader({
|
|
15
|
-
typ: "
|
|
15
|
+
typ: "oauth-client-attestation-pop+jwt",
|
|
16
16
|
kid
|
|
17
17
|
}).setIssuedAt().setExpirationTime("5min").sign();
|
|
18
18
|
};
|