@pagopa/io-react-native-wallet 2.0.0-next.2 → 2.0.0-next.4

package/lib/module/sd-jwt/__test__/index.test.js

@@ -2,24 +2,16 @@ import { z } from "zod";
 import { decode, disclose } from "../index";
 import { encodeBase64, decodeBase64 } from "@pagopa/io-react-native-jwt";
 import { SdJwt4VC } from "../types";
-
-// Examples from https://www.ietf.org/archive/id/draft-terbu-sd-jwt-vc-02.html#name-example-4
-// but adapted to adhere to format declared in https://italia.github.io/eudi-wallet-it-docs/versione-corrente/en/pid-eaa-data-model.html#id2
-// In short, the token is a Frankenstein composed as follows:
-//  - the header is taken from the italian specification, with kid and alg valued according to the signing keys
-//  - disclosures are taken from the SD-JWT-4-VC standard
-//  - payload is taken from the italian specification, but _sd are compiled with:
-//    - "address" is used as verification._sd
-//    - all others disclosures are in claims._sd
-const token = "eyJraWQiOiItRl82VWdhOG4zVmVnalkyVTdZVUhLMXpMb2FELU5QVGM2M1JNSVNuTGF3IiwidHlwIjoidmMrc2Qtand0IiwiYWxnIjoiRVMyNTYifQ.eyJfc2QiOlsiMHExRDVKbWF2NnBRYUVoX0pfRmN2X3VOTk1RSWdDeWhRT3hxbFk0bDNxVSIsIktDSi1BVk52ODhkLXhqNnNVSUFPSnhGbmJVaDNySFhES2tJSDFsRnFiUnMiLCJNOWxvOVl4RE5JWHJBcTJxV2VpQ0E0MHpwSl96WWZGZFJfNEFFQUxjUnRVIiwiY3pnalVrMG5xUkNzd1NoQ2hDamRTNkExLXY0N2RfcVRDU0ZJdklIaE1vSSIsIm5HblFyN2NsbTN0ZlRwOHlqTF91SHJEU090elIyUFZiOFM3R2VMZEFxQlEiLCJ4TklWd2xwU3NhWjhDSlNmMGd6NXhfNzVWUldXYzZWMW1scGVqZENycVVzIl0sInN1YiI6IjIxNmY4OTQ2LTllY2ItNDgxOS05MzA5LWMwNzZmMzRhN2UxMSIsIl9zZF9hbGciOiJzaGEtMjU2IiwidmN0IjoiUGVyc29uSWRlbnRpZmljYXRpb25EYXRhIiwiaXNzIjoiaHR0cHM6Ly9wcmUuZWlkLndhbGxldC5pcHpzLml0IiwiY25mIjp7Imp3ayI6eyJrdHkiOiJFQyIsImNydiI6IlAtMjU2Iiwia2lkIjoiUnYzVy1FaUtwdkJUeWs1eVp4dnJldi03TURCNlNselVDQm9fQ1FqamRkVSIsIngiOiIwV294N1F0eVBxQnlnMzVNSF9YeUNjbmQ1TGUtSm0wQVhIbFVnREJBMDNZIiwieSI6ImVFaFZ2ZzFKUHFOZDNEVFNhNG1HREdCbHdZNk5QLUVaYkxiTkZYU1h3SWcifX0sImV4cCI6MTc1MTU0NjU3Niwic3RhdHVzIjp7InN0YXR1c19hdHRlc3RhdGlvbiI6eyJjcmVkZW50aWFsX2hhc2hfYWxnIjoic2hhLTI1NiJ9fX0.qXHA2oqr8trX4fGxpxpUft2GX380TM3pzfo1MYAsDjUC8HsODA-4rdRWAvDe2zYP57x4tJU7eiABkd1Kmln9yQ~WyJrSkRFUDhFYU5URU1CRE9aelp6VDR3IiwidW5pcXVlX2lkIiwiVElOSVQtTFZMREFBODVUNTBHNzAyQiJd~WyJ6SUF5VUZ2UGZJcEUxekJxeEk1aGFRIiwiYmlydGhfZGF0ZSIsIjE5ODUtMTItMTAiXQ~WyJHcjNSM3MyOTBPa1FVbS1ORlR1OTZBIiwidGF4X2lkX2NvZGUiLCJUSU5JVC1MVkxEQUE4NVQ1MEc3MDJCIl0~WyJHeE9SYWxNQWVsZlowZWRGSmpqWVV3IiwiZ2l2ZW5fbmFtZSIsIkFkYSJd~WyJfdlY1UklrbDBJT0VYS290czlrdDF3IiwiZmFtaWx5X25hbWUiLCJMb3ZlbGFjZSJd~WyJDajV0Y2NSNzJKd3J6ZTJUVzRhLXdnIiwiaWF0IiwxNzIwMDEwNTc1XQ";
-const unsigned = "eyJraWQiOiItRl82VWdhOG4zVmVnalkyVTdZVUhLMXpMb2FELU5QVGM2M1JNSVNuTGF3IiwidHlwIjoidmMrc2Qtand0IiwiYWxnIjoiRVMyNTYifQ.eyJfc2QiOlsiMHExRDVKbWF2NnBRYUVoX0pfRmN2X3VOTk1RSWdDeWhRT3hxbFk0bDNxVSIsIktDSi1BVk52ODhkLXhqNnNVSUFPSnhGbmJVaDNySFhES2tJSDFsRnFiUnMiLCJNOWxvOVl4RE5JWHJBcTJxV2VpQ0E0MHpwSl96WWZGZFJfNEFFQUxjUnRVIiwiY3pnalVrMG5xUkNzd1NoQ2hDamRTNkExLXY0N2RfcVRDU0ZJdklIaE1vSSIsIm5HblFyN2NsbTN0ZlRwOHlqTF91SHJEU090elIyUFZiOFM3R2VMZEFxQlEiLCJ4TklWd2xwU3NhWjhDSlNmMGd6NXhfNzVWUldXYzZWMW1scGVqZENycVVzIl0sInN1YiI6IjIxNmY4OTQ2LTllY2ItNDgxOS05MzA5LWMwNzZmMzRhN2UxMSIsIl9zZF9hbGciOiJzaGEtMjU2IiwidmN0IjoiUGVyc29uSWRlbnRpZmljYXRpb25EYXRhIiwiaXNzIjoiaHR0cHM6Ly9wcmUuZWlkLndhbGxldC5pcHpzLml0IiwiY25mIjp7Imp3ayI6eyJrdHkiOiJFQyIsImNydiI6IlAtMjU2Iiwia2lkIjoiUnYzVy1FaUtwdkJUeWs1eVp4dnJldi03TURCNlNselVDQm9fQ1FqamRkVSIsIngiOiIwV294N1F0eVBxQnlnMzVNSF9YeUNjbmQ1TGUtSm0wQVhIbFVnREJBMDNZIiwieSI6ImVFaFZ2ZzFKUHFOZDNEVFNhNG1HREdCbHdZNk5QLUVaYkxiTkZYU1h3SWcifX0sImV4cCI6MTc1MTU0NjU3Niwic3RhdHVzIjp7InN0YXR1c19hdHRlc3RhdGlvbiI6eyJjcmVkZW50aWFsX2hhc2hfYWxnIjoic2hhLTI1NiJ9fX0";
-const signature = "qXHA2oqr8trX4fGxpxpUft2GX380TM3pzfo1MYAsDjUC8HsODA-4rdRWAvDe2zYP57x4tJU7eiABkd1Kmln9yQ";
-const signed = `${unsigned}.${signature}`;
-const tokenizedDisclosures = ["WyJrSkRFUDhFYU5URU1CRE9aelp6VDR3IiwidW5pcXVlX2lkIiwiVElOSVQtTFZMREFBODVUNTBHNzAyQiJd", "WyJ6SUF5VUZ2UGZJcEUxekJxeEk1aGFRIiwiYmlydGhfZGF0ZSIsIjE5ODUtMTItMTAiXQ", "WyJHcjNSM3MyOTBPa1FVbS1ORlR1OTZBIiwidGF4X2lkX2NvZGUiLCJUSU5JVC1MVkxEQUE4NVQ1MEc3MDJCIl0", "WyJHeE9SYWxNQWVsZlowZWRGSmpqWVV3IiwiZ2l2ZW5fbmFtZSIsIkFkYSJd", "WyJfdlY1UklrbDBJT0VYS290czlrdDF3IiwiZmFtaWx5X25hbWUiLCJMb3ZlbGFjZSJd", "WyJDajV0Y2NSNzJKd3J6ZTJUVzRhLXdnIiwiaWF0IiwxNzIwMDEwNTc1XQ"];
+import { pid } from "../__mocks__/sd-jwt";
+const {
+  token,
+  signed,
+  tokenizedDisclosures
+} = pid;
 const sdJwt = {
   header: {
     kid: "-F_6Uga8n3VegjY2U7YUHK1zLoaD-NPTc63RMISnLaw",
-    typ: "vc+sd-jwt",
+    typ: "dc+sd-jwt",
     alg: "ES256"
   },
   payload: {
@@ -27,7 +19,10 @@ const sdJwt = {
     sub: "216f8946-9ecb-4819-9309-c076f34a7e11",
     _sd_alg: "sha-256",
     vct: "PersonIdentificationData",
+    "vct#integrity": "13e25888ac7b8a3a6d61440da787fccc81654e61085732bcacd89b36aec32675",
     iss: "https://pre.eid.wallet.ipzs.it",
+    issuing_country: "IT",
+    issuing_authority: "Istituto Poligrafico e Zecca dello Stato",
     cnf: {
       jwk: {
         kty: "EC",
@@ -39,7 +34,7 @@ const sdJwt = {
     },
     exp: 1751546576,
     status: {
-      status_attestation: {
+      status_assertion: {
         credential_hash_alg: "sha-256"
       }
     }

package/lib/module/sd-jwt/__test__/index.test.js.map

@@ -1 +1 @@
-{"version":3,"names":["z","decode","disclose","encodeBase64","decodeBase64","SdJwt4VC","token","unsigned","signature","signed","tokenizedDisclosures","sdJwt","header","kid","typ","alg","payload","_sd","sub","_sd_alg","vct","iss","cnf","jwk","kty","crv","x","y","exp","status","status_attestation","credential_hash_alg","disclosures","it","expect","JSON","parse","stringify","toEqual","join","toBe","describe","result","map","decoded","i","encoded","validDecoder","and","object","customField","string","invalidDecoder","error","expected","paths","claim","path","fn","rejects","any","Error"],"sourceRoot":"../../../../src","sources":["sd-jwt/__test__/index.test.ts"],"mappings":"AAAA,SAASA,CAAC,QAAQ,KAAK;AACvB,SAASC,MAAM,EAAEC,QAAQ,QAAQ,UAAU;AAE3C,SAASC,YAAY,EAAEC,YAAY,QAAQ,6BAA6B;AACxE,SAASC,QAAQ,QAAQ,UAAU;;AAEnC;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMC,KAAK,GACT,giDAAgiD;AAEliD,MAAMC,QAAQ,GACZ,whCAAwhC;AAE1hC,MAAMC,SAAS,GACb,wFAAwF;AAE1F,MAAMC,MAAM,GAAI,GAAEF,QAAS,IAAGC,SAAU,EAAC;AAEzC,MAAME,oBAAoB,GAAG,CAC3B,sFAAsF,EACtF,wEAAwE,EACxE,yFAAyF,EACzF,8DAA8D,EAC9D,sEAAsE,EACtE,4DAA4D,CAC7D;AAED,MAAMC,KAAK,GAAG;EACZC,MAAM,EAAE;IACNC,GAAG,EAAE,6CAA6C;IAClDC,GAAG,EAAE,WAAW;IAChBC,GAAG,EAAE;EACP,CAAC;EACDC,OAAO,EAAE;IACPC,GAAG,EAAE,CACH,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,CAC9C;IACDC,GAAG,EAAE,sCAAsC;IAC3CC,OAAO,EAAE,SAAS;IAClBC,GAAG,EAAE,0BAA0B;IAC/BC,GAAG,EAAE,gCAAgC;IACrCC,GAAG,EAAE;MACHC,GAAG,EAAE;QACHC,GAAG,EAAE,IAAI;QACTC,GAAG,EAAE,OAAO;QACZZ,GAAG,EAAE,6CAA6C;QAClDa,CAAC,EAAE,6CAA6C;QAChDC,CAAC,EAAE;MACL;IACF,CAAC;IACDC,GAAG,EAAE,UAAU;IACfC,MAAM,EAAE;MACNC,kBAAkB,EAAE;QAClBC,mBAAmB,EAAE;MACvB;IACF;EACF;AACF,CAAC;;AAED;AACA,MAAMC,WAAW,GAAG,CAClB,CAAC,wBAAwB,EAAE,WAAW,EAAE,wBAAwB,CAAC,EACjE,CAAC,wBAAwB,EAAE,YAAY,EAAE,YAAY,CAAC,EACtD,CAAC,wBAAwB,EAAE,aAAa,EAAE,wBAAwB,CAAC,EACnE,CAAC,wBAAwB,EAAE,YAAY,EAAE,KAAK,CAAC,EAC/C,CAAC,wBAAwB,EAAE,aAAa,EAAE,UAAU,CAAC,EACrD,CAAC,wBAAwB,EAAE,KAAK,EAAE,UAAU,CAAC,CAC9C;AACDC,EAAE,CAAC,kCAAkC,EAAE,MAAM;EAC3CC,MAAM,CACJC,IAAI,CAACC,KAAK,CAAChC,YAAY,CAACD,YAAY,CAACgC,IAAI,CAACE,SAAS,CAAC1B,KAAK,CAACC,MAAM,CAAC,CAAC,CAAC,CACrE,CAAC,CAAC0B,OAAO,CAAC3B,KAAK,CAACC,MAAM,CAAC;EACvBsB,MAAM,CAAC,CAACzB,MAAM,EAAE,GAAGC,oBAAoB,CAAC,CAAC6B,IAAI,CAAC,GAAG,CAAC,CAAC,CAACC,IAAI,CAAClC,KAAK,CAAC;AACjE,CAAC,CAAC;AAEFmC,QAAQ,CAAC,QAAQ,EAAE,MAAM;EACvBR,EAAE,CAAC,6BAA6B,EAAE,MAAM;IACtC,MAAMS,MAAM,GAAGzC,MAAM,CAACK,KAAK,EAAED,QAAQ,CAAC;IACtC6B,MAAM,CAACQ,MAAM,CAAC,CAACJ,OAAO,CAAC;MACrB3B,KAAK;MACLqB,WAAW,EAAEA,WAAW,CAACW,GAAG,CAAC,CAACC,OAAO,EAAEC,CAAC,MAAM;QAC5CD,OAAO;QACPE,OAAO,EAAEpC,oBAAoB,CAACmC,CAAC;MACjC,CAAC,CAAC;IACJ,CAAC,CAAC;EACJ,CAAC,CAAC;EAEFZ,EAAE,CAAC,oCAAoC,EAAE,MAAM;IAC7C,MAAMS,MAAM,GAAGzC,MAAM,CAACK,KAAK,CAAC;IAC5B4B,MAAM,CAACQ,MAAM,CAAC,CAACJ,OAAO,CAAC;MACrB3B,KAAK;MACLqB,WAAW,EAAEA,WAAW,CAACW,GAAG,CAAC,CAACC,OAAO,EAAEC,CAAC,MAAM;QAC5CD,OAAO;QACPE,OAAO,EAAEpC,oBAAoB,CAACmC,CAAC;MACjC,CAAC,CAAC;IACJ,CAAC,CAAC;EACJ,CAAC,CAAC;EAEFZ,EAAE,CAAC,kDAAkD,EAAE,MAAM;IAC3D,MAAMc,YAAY,GAAG1C,QAAQ,CAAC2C,GAAG,CAC/BhD,CAAC,CAACiD,MAAM,CAAC;MAAEjC,OAAO,EAAEhB,CAAC,CAACiD,MAAM,CAAC;QAAEC,WAAW,EAAElD,CAAC,CAACmD,MAAM,CAAC;MAAE,CAAC;IAAE,CAAC,CAC7D,CAAC;IACD,MAAMC,cAAc,GAAGpD,CAAC,CAACiD,MAAM,CAAC;MAC9BjC,OAAO,EAAEhB,CAAC,CAACiD,MAAM,CAAC;QAAEC,WAAW,EAAElD,CAAC,CAACmD,MAAM,CAAC;MAAE,CAAC;IAC/C,CAAC,CAAC;IAEF,IAAI;MACF;MACAlD,MAAM,CAACK,KAAK,EAAEyC,YAAY,CAAC;MAC3B;MACA9C,MAAM,CAACK,KAAK,EAAE8C,cAAc,CAAC;IAC/B,CAAC,CAAC,OAAOC,KAAK,EAAE;MACd;MACA;IAAA;EAEJ,CAAC,CAAC;AACJ,CAAC,CAAC;AAEFZ,QAAQ,CAAC,UAAU,EAAE,MAAM;EACzBR,EAAE,CAAC,yCAAyC,EAAE,YAAY;IACxD,MAAMS,MAAM,GAAG,MAAMxC,QAAQ,CAACI,KAAK,EAAE,CAAC,YAAY,CAAC,CAAC;IACpD,MAAMgD,QAAQ,GAAG;MACfhD,KAAK,EAAG,GAAEG,MAAO,+DAA8D;MAC/E8C,KAAK,EAAE,CAAC;QAAEC,KAAK,EAAE,YAAY;QAAEC,IAAI,EAAE;MAAgC,CAAC;IACxE,CAAC;IAEDvB,MAAM,CAACQ,MAAM,CAAC,CAACJ,OAAO,CAACgB,QAAQ,CAAC;EAClC,CAAC,CAAC;EAEFrB,EAAE,CAAC,yCAAyC,EAAE,YAAY;IACxD,MAAMS,MAAM,GAAG,MAAMxC,QAAQ,CAACI,KAAK,EAAE,EAAE,CAAC;IACxC,MAAMgD,QAAQ,GAAG;MAAEhD,KAAK,EAAG,GAAEG,MAAO,EAAC;MAAE8C,KAAK,EAAE;IAAG,CAAC;IAElDrB,MAAM,CAACQ,MAAM,CAAC,CAACJ,OAAO,CAACgB,QAAQ,CAAC;EAClC,CAAC,CAAC;EAEFrB,EAAE,CAAC,+CAA+C,EAAE,YAAY;IAC9D,MAAMS,MAAM,GAAG,MAAMxC,QAAQ,CAACI,KAAK,EAAE,CAAC,KAAK,EAAE,aAAa,CAAC,CAAC;IAC5D,MAAMgD,QAAQ,GAAG;MACfhD,KAAK,EAAG,GAAEG,MAAO,kIAAiI;MAClJ8C,KAAK,EAAE,CACL;QACEC,KAAK,EAAE,KAAK;QACZC,IAAI,EAAE;MACR,CAAC,EACD;QACED,KAAK,EAAE,aAAa;QACpBC,IAAI,EAAE;MACR,CAAC;IAEL,CAAC;IAEDvB,MAAM,CAACQ,MAAM,CAAC,CAACJ,OAAO,CAACgB,QAAQ,CAAC;EAClC,CAAC,CAAC;EAEFrB,EAAE,CAAC,8BAA8B,EAAE,YAAY;IAC7C,MAAMyB,EAAE,GAAG,MAAAA,CAAA,KAAYxD,QAAQ,CAACI,KAAK,EAAE,CAAC,SAAS,CAAC,CAAC;IAEnD,MAAM4B,MAAM,CAACwB,EAAE,CAAC,CAAC,CAAC,CAACC,OAAO,CAACrB,OAAO,CAACJ,MAAM,CAAC0B,GAAG,CAACC,KAAK,CAAC,CAAC;EACvD,CAAC,CAAC;AACJ,CAAC,CAAC"}
+{"version":3,"names":["z","decode","disclose","encodeBase64","decodeBase64","SdJwt4VC","pid","token","signed","tokenizedDisclosures","sdJwt","header","kid","typ","alg","payload","_sd","sub","_sd_alg","vct","iss","issuing_country","issuing_authority","cnf","jwk","kty","crv","x","y","exp","status","status_assertion","credential_hash_alg","disclosures","it","expect","JSON","parse","stringify","toEqual","join","toBe","describe","result","map","decoded","i","encoded","validDecoder","and","object","customField","string","invalidDecoder","error","expected","paths","claim","path","fn","rejects","any","Error"],"sourceRoot":"../../../../src","sources":["sd-jwt/__test__/index.test.ts"],"mappings":"AAAA,SAASA,CAAC,QAAQ,KAAK;AACvB,SAASC,MAAM,EAAEC,QAAQ,QAAQ,UAAU;AAE3C,SAASC,YAAY,EAAEC,YAAY,QAAQ,6BAA6B;AACxE,SAASC,QAAQ,QAAQ,UAAU;AACnC,SAASC,GAAG,QAAQ,qBAAqB;AAEzC,MAAM;EAAEC,KAAK;EAAEC,MAAM;EAAEC;AAAqB,CAAC,GAAGH,GAAG;AAEnD,MAAMI,KAAK,GAAG;EACZC,MAAM,EAAE;IACNC,GAAG,EAAE,6CAA6C;IAClDC,GAAG,EAAE,WAAW;IAChBC,GAAG,EAAE;EACP,CAAC;EACDC,OAAO,EAAE;IACPC,GAAG,EAAE,CACH,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,CAC9C;IACDC,GAAG,EAAE,sCAAsC;IAC3CC,OAAO,EAAE,SAAS;IAClBC,GAAG,EAAE,0BAA0B;IAC/B,eAAe,EACb,kEAAkE;IACpEC,GAAG,EAAE,gCAAgC;IACrCC,eAAe,EAAE,IAAI;IACrBC,iBAAiB,EAAE,0CAA0C;IAC7DC,GAAG,EAAE;MACHC,GAAG,EAAE;QACHC,GAAG,EAAE,IAAI;QACTC,GAAG,EAAE,OAAO;QACZd,GAAG,EAAE,6CAA6C;QAClDe,CAAC,EAAE,6CAA6C;QAChDC,CAAC,EAAE;MACL;IACF,CAAC;IACDC,GAAG,EAAE,UAAU;IACfC,MAAM,EAAE;MACNC,gBAAgB,EAAE;QAChBC,mBAAmB,EAAE;MACvB;IACF;EACF;AACF,CAAC;;AAED;AACA,MAAMC,WAAW,GAAG,CAClB,CAAC,wBAAwB,EAAE,WAAW,EAAE,wBAAwB,CAAC,EACjE,CAAC,wBAAwB,EAAE,YAAY,EAAE,YAAY,CAAC,EACtD,CAAC,wBAAwB,EAAE,aAAa,EAAE,wBAAwB,CAAC,EACnE,CAAC,wBAAwB,EAAE,YAAY,EAAE,KAAK,CAAC,EAC/C,CAAC,wBAAwB,EAAE,aAAa,EAAE,UAAU,CAAC,EACrD,CAAC,wBAAwB,EAAE,KAAK,EAAE,UAAU,CAAC,CAC9C;AACDC,EAAE,CAAC,kCAAkC,EAAE,MAAM;EAC3CC,MAAM,CACJC,IAAI,CAACC,KAAK,CAACjC,YAAY,CAACD,YAAY,CAACiC,IAAI,CAACE,SAAS,CAAC5B,KAAK,CAACC,MAAM,CAAC,CAAC,CAAC,CACrE,CAAC,CAAC4B,OAAO,CAAC7B,KAAK,CAACC,MAAM,CAAC;EACvBwB,MAAM,CAAC,CAAC3B,MAAM,EAAE,GAAGC,oBAAoB,CAAC,CAAC+B,IAAI,CAAC,GAAG,CAAC,CAAC,CAACC,IAAI,CAAClC,KAAK,CAAC;AACjE,CAAC,CAAC;AAEFmC,QAAQ,CAAC,QAAQ,EAAE,MAAM;EACvBR,EAAE,CAAC,6BAA6B,EAAE,MAAM;IACtC,MAAMS,MAAM,GAAG1C,MAAM,CAACM,KAAK,EAAEF,QAAQ,CAAC;IACtC8B,MAAM,CAACQ,MAAM,CAAC,CAACJ,OAAO,CAAC;MACrB7B,KAAK;MACLuB,WAAW,EAAEA,WAAW,CAACW,GAAG,CAAC,CAACC,OAAO,EAAEC,CAAC,MAAM;QAC5CD,OAAO;QACPE,OAAO,EAAEtC,oBAAoB,CAACqC,CAAC;MACjC,CAAC,CAAC;IACJ,CAAC,CAAC;EACJ,CAAC,CAAC;EAEFZ,EAAE,CAAC,oCAAoC,EAAE,MAAM;IAC7C,MAAMS,MAAM,GAAG1C,MAAM,CAACM,KAAK,CAAC;IAC5B4B,MAAM,CAACQ,MAAM,CAAC,CAACJ,OAAO,CAAC;MACrB7B,KAAK;MACLuB,WAAW,EAAEA,WAAW,CAACW,GAAG,CAAC,CAACC,OAAO,EAAEC,CAAC,MAAM;QAC5CD,OAAO;QACPE,OAAO,EAAEtC,oBAAoB,CAACqC,CAAC;MACjC,CAAC,CAAC;IACJ,CAAC,CAAC;EACJ,CAAC,CAAC;EAEFZ,EAAE,CAAC,kDAAkD,EAAE,MAAM;IAC3D,MAAMc,YAAY,GAAG3C,QAAQ,CAAC4C,GAAG,CAC/BjD,CAAC,CAACkD,MAAM,CAAC;MAAEnC,OAAO,EAAEf,CAAC,CAACkD,MAAM,CAAC;QAAEC,WAAW,EAAEnD,CAAC,CAACoD,MAAM,CAAC;MAAE,CAAC;IAAE,CAAC,CAC7D,CAAC;IACD,MAAMC,cAAc,GAAGrD,CAAC,CAACkD,MAAM,CAAC;MAC9BnC,OAAO,EAAEf,CAAC,CAACkD,MAAM,CAAC;QAAEC,WAAW,EAAEnD,CAAC,CAACoD,MAAM,CAAC;MAAE,CAAC;IAC/C,CAAC,CAAC;IAEF,IAAI;MACF;MACAnD,MAAM,CAACM,KAAK,EAAEyC,YAAY,CAAC;MAC3B;MACA/C,MAAM,CAACM,KAAK,EAAE8C,cAAc,CAAC;IAC/B,CAAC,CAAC,OAAOC,KAAK,EAAE;MACd;MACA;IAAA;EAEJ,CAAC,CAAC;AACJ,CAAC,CAAC;AAEFZ,QAAQ,CAAC,UAAU,EAAE,MAAM;EACzBR,EAAE,CAAC,yCAAyC,EAAE,YAAY;IACxD,MAAMS,MAAM,GAAG,MAAMzC,QAAQ,CAACK,KAAK,EAAE,CAAC,YAAY,CAAC,CAAC;IACpD,MAAMgD,QAAQ,GAAG;MACfhD,KAAK,EAAG,GAAEC,MAAO,+DAA8D;MAC/EgD,KAAK,EAAE,CAAC;QAAEC,KAAK,EAAE,YAAY;QAAEC,IAAI,EAAE;MAAgC,CAAC;IACxE,CAAC;IAEDvB,MAAM,CAACQ,MAAM,CAAC,CAACJ,OAAO,CAACgB,QAAQ,CAAC;EAClC,CAAC,CAAC;EAEFrB,EAAE,CAAC,yCAAyC,EAAE,YAAY;IACxD,MAAMS,MAAM,GAAG,MAAMzC,QAAQ,CAACK,KAAK,EAAE,EAAE,CAAC;IACxC,MAAMgD,QAAQ,GAAG;MAAEhD,KAAK,EAAG,GAAEC,MAAO,EAAC;MAAEgD,KAAK,EAAE;IAAG,CAAC;IAElDrB,MAAM,CAACQ,MAAM,CAAC,CAACJ,OAAO,CAACgB,QAAQ,CAAC;EAClC,CAAC,CAAC;EAEFrB,EAAE,CAAC,+CAA+C,EAAE,YAAY;IAC9D,MAAMS,MAAM,GAAG,MAAMzC,QAAQ,CAACK,KAAK,EAAE,CAAC,KAAK,EAAE,aAAa,CAAC,CAAC;IAC5D,MAAMgD,QAAQ,GAAG;MACfhD,KAAK,EAAG,GAAEC,MAAO,kIAAiI;MAClJgD,KAAK,EAAE,CACL;QACEC,KAAK,EAAE,KAAK;QACZC,IAAI,EAAE;MACR,CAAC,EACD;QACED,KAAK,EAAE,aAAa;QACpBC,IAAI,EAAE;MACR,CAAC;IAEL,CAAC;IAEDvB,MAAM,CAACQ,MAAM,CAAC,CAACJ,OAAO,CAACgB,QAAQ,CAAC;EAClC,CAAC,CAAC;EAEFrB,EAAE,CAAC,8BAA8B,EAAE,YAAY;IAC7C,MAAMyB,EAAE,GAAG,MAAAA,CAAA,KAAYzD,QAAQ,CAACK,KAAK,EAAE,CAAC,SAAS,CAAC,CAAC;IAEnD,MAAM4B,MAAM,CAACwB,EAAE,CAAC,CAAC,CAAC,CAACC,OAAO,CAACrB,OAAO,CAACJ,MAAM,CAAC0B,GAAG,CAACC,KAAK,CAAC,CAAC;EACvD,CAAC,CAAC;AACJ,CAAC,CAAC"}

package/lib/module/sd-jwt/__test__/types.test.js

@@ -4,7 +4,7 @@ describe("SdJwt4VC", () => {
     // example provided at https://italia.github.io/eidas-it-wallet-docs/en/pid-data-model.html
     const token = {
       header: {
-        typ: "vc+sd-jwt",
+        typ: "dc+sd-jwt",
         alg: "RS512",
         kid: "dB67gL7ck3TFiIAf7N6_7SHvqk0MDYMEQcoGGlkUAAw"
       },
@@ -13,7 +13,10 @@ describe("SdJwt4VC", () => {
         sub: "216f8946-9ecb-4819-9309-c076f34a7e11",
         _sd_alg: "sha-256",
         vct: "PersonIdentificationData",
+        "vct#integrity": "13e25888ac7b8a3a6d61440da787fccc81654e61085732bcacd89b36aec32675",
         iss: "https://pidprovider.example.com",
+        issuing_country: "IT",
+        issuing_authority: "Istituto Poligrafico e Zecca dello Stato",
         cnf: {
           jwk: {
             kty: "EC",
@@ -25,7 +28,7 @@ describe("SdJwt4VC", () => {
         },
         exp: 1751107255,
         status: {
-          status_attestation: {
+          status_assertion: {
             credential_hash_alg: "sha-256"
           }
         }

package/lib/module/sd-jwt/__test__/types.test.js.map

@@ -1 +1 @@
-{"version":3,"names":["Disclosure","SdJwt4VC","describe","it","token","header","typ","alg","kid","payload","_sd","sub","_sd_alg","vct","iss","cnf","jwk","kty","crv","x","y","exp","status","status_attestation","credential_hash_alg","success","safeParse","expect","toBe","value","type","record","source","organization_name","organization_id","country_code"],"sourceRoot":"../../../../src","sources":["sd-jwt/__test__/types.test.ts"],"mappings":"AAAA,SAASA,UAAU,EAAEC,QAAQ,QAAQ,UAAU;AAE/CC,QAAQ,CAAC,UAAU,EAAE,MAAM;EACzBC,EAAE,CAAC,6BAA6B,EAAE,MAAM;IACtC;IACA,MAAMC,KAAK,GAAG;MACZC,MAAM,EAAE;QACNC,GAAG,EAAE,WAAW;QAChBC,GAAG,EAAE,OAAO;QACZC,GAAG,EAAE;MACP,CAAC;MACDC,OAAO,EAAE;QACPC,GAAG,EAAE,CACH,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,CAC9C;QACDC,GAAG,EAAE,sCAAsC;QAC3CC,OAAO,EAAE,SAAS;QAClBC,GAAG,EAAE,0BAA0B;QAC/BC,GAAG,EAAE,iCAAiC;QACtCC,GAAG,EAAE;UACHC,GAAG,EAAE;YACHC,GAAG,EAAE,IAAI;YACTC,GAAG,EAAE,OAAO;YACZV,GAAG,EAAE,6CAA6C;YAClDW,CAAC,EAAE,6CAA6C;YAChDC,CAAC,EAAE;UACL;QACF,CAAC;QACDC,GAAG,EAAE,UAAU;QACfC,MAAM,EAAE;UACNC,kBAAkB,EAAE;YAClBC,mBAAmB,EAAE;UACvB;QACF;MACF;IACF,CAAC;IAED,MAAM;MAAEC;IAAQ,CAAC,GAAGxB,QAAQ,CAACyB,SAAS,CAACtB,KAAK,CAAC;IAE7CuB,MAAM,CAACF,OAAO,CAAC,CAACG,IAAI,CAAC,IAAI,CAAC;EAC5B,CAAC,CAAC;AACJ,CAAC,CAAC;AAEF1B,QAAQ,CAAC,YAAY,EAAE,MAAM;EAC3BC,EAAE,CAAC,kCAAkC,EAAE,MAAM;IAC3C;IACA,MAAM0B,KAAK,GAAG,CACZ,wBAAwB,EACxB,UAAU,EACV,CACE;MACEC,IAAI,EAAE,mBAAmB;MACzBC,MAAM,EAAE;QACND,IAAI,EAAE,cAAc;QACpBE,MAAM,EAAE;UACNC,iBAAiB,EAAE,wBAAwB;UAC3CC,eAAe,EAAE,MAAM;UACvBC,YAAY,EAAE;QAChB;MACF;IACF,CAAC,CACF,CACF;IAED,MAAM;MAAEV;IAAQ,CAAC,GAAGzB,UAAU,CAAC0B,SAAS,CAACG,KAAK,CAAC;IAC/CF,MAAM,CAACF,OAAO,CAAC,CAACG,IAAI,CAAC,IAAI,CAAC;EAC5B,CAAC,CAAC;AACJ,CAAC,CAAC"}
+{"version":3,"names":["Disclosure","SdJwt4VC","describe","it","token","header","typ","alg","kid","payload","_sd","sub","_sd_alg","vct","iss","issuing_country","issuing_authority","cnf","jwk","kty","crv","x","y","exp","status","status_assertion","credential_hash_alg","success","safeParse","expect","toBe","value","type","record","source","organization_name","organization_id","country_code"],"sourceRoot":"../../../../src","sources":["sd-jwt/__test__/types.test.ts"],"mappings":"AAAA,SAASA,UAAU,EAAEC,QAAQ,QAAQ,UAAU;AAE/CC,QAAQ,CAAC,UAAU,EAAE,MAAM;EACzBC,EAAE,CAAC,6BAA6B,EAAE,MAAM;IACtC;IACA,MAAMC,KAAK,GAAG;MACZC,MAAM,EAAE;QACNC,GAAG,EAAE,WAAW;QAChBC,GAAG,EAAE,OAAO;QACZC,GAAG,EAAE;MACP,CAAC;MACDC,OAAO,EAAE;QACPC,GAAG,EAAE,CACH,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,CAC9C;QACDC,GAAG,EAAE,sCAAsC;QAC3CC,OAAO,EAAE,SAAS;QAClBC,GAAG,EAAE,0BAA0B;QAC/B,eAAe,EACb,kEAAkE;QACpEC,GAAG,EAAE,iCAAiC;QACtCC,eAAe,EAAE,IAAI;QACrBC,iBAAiB,EAAE,0CAA0C;QAC7DC,GAAG,EAAE;UACHC,GAAG,EAAE;YACHC,GAAG,EAAE,IAAI;YACTC,GAAG,EAAE,OAAO;YACZZ,GAAG,EAAE,6CAA6C;YAClDa,CAAC,EAAE,6CAA6C;YAChDC,CAAC,EAAE;UACL;QACF,CAAC;QACDC,GAAG,EAAE,UAAU;QACfC,MAAM,EAAE;UACNC,gBAAgB,EAAE;YAChBC,mBAAmB,EAAE;UACvB;QACF;MACF;IACF,CAAC;IAED,MAAM;MAAEC;IAAQ,CAAC,GAAG1B,QAAQ,CAAC2B,SAAS,CAACxB,KAAK,CAAC;IAE7CyB,MAAM,CAACF,OAAO,CAAC,CAACG,IAAI,CAAC,IAAI,CAAC;EAC5B,CAAC,CAAC;AACJ,CAAC,CAAC;AAEF5B,QAAQ,CAAC,YAAY,EAAE,MAAM;EAC3BC,EAAE,CAAC,kCAAkC,EAAE,MAAM;IAC3C;IACA,MAAM4B,KAAK,GAAG,CACZ,wBAAwB,EACxB,UAAU,EACV,CACE;MACEC,IAAI,EAAE,mBAAmB;MACzBC,MAAM,EAAE;QACND,IAAI,EAAE,cAAc;QACpBE,MAAM,EAAE;UACNC,iBAAiB,EAAE,wBAAwB;UAC3CC,eAAe,EAAE,MAAM;UACvBC,YAAY,EAAE;QAChB;MACF;IACF,CAAC,CACF,CACF;IAED,MAAM;MAAEV;IAAQ,CAAC,GAAG3B,UAAU,CAAC4B,SAAS,CAACG,KAAK,CAAC;IAC/CF,MAAM,CAACF,OAAO,CAAC,CAACG,IAAI,CAAC,IAAI,CAAC;EAC5B,CAAC,CAAC;AACJ,CAAC,CAAC"}

package/lib/module/sd-jwt/__test__/utils.test.js

@@ -0,0 +1,35 @@
+import { getVerification } from "..";
+import { pid } from "../__mocks__/sd-jwt";
+const {
+  signed,
+  token
+} = pid;
+describe("SD-JWT getVerification", () => {
+  it("extracts the verification claims correctly", () => {
+    const disclosure = "WyJxTGxVdkNKY3hwX3d4MVY5dHFPbFFRIiwidmVyaWZpY2F0aW9uIix7ImV2aWRlbmNlIjpbeyJhdHRlc3RhdGlvbiI6eyJkYXRlX29mX2lzc3VhbmNlIjoiMjAyNS0wNi0yMyIsInZvdWNoZXIiOnsib3JnYW5pemF0aW9uIjoiTWluaXN0ZXJvIGRlbGwnSW50ZXJubyJ9LCJ0eXBlIjoiZGlnaXRhbF9hdHRlc3RhdGlvbiIsInJlZmVyZW5jZV9udW1iZXIiOiIxMjM0NTY3ODkifSwidGltZSI6IjIwMjUtMDYtMjNUMTM6MTQ6MjVaIiwidHlwZSI6InZvdWNoIn1dLCJ0cnVzdF9mcmFtZXdvcmsiOiJpdF9jaWUiLCJhc3N1cmFuY2VfbGV2ZWwiOiJoaWdoIn1d";
+    expect(getVerification(`${signed}~${disclosure}`)).toEqual({
+      evidence: [{
+        attestation: {
+          date_of_issuance: "2025-06-23",
+          voucher: {
+            organization: "Ministero dell'Interno"
+          },
+          type: "digital_attestation",
+          reference_number: "123456789"
+        },
+        time: "2025-06-23T13:14:25Z",
+        type: "vouch"
+      }],
+      trust_framework: "it_cie",
+      assurance_level: "high"
+    });
+  });
+  it("returns undefined when the verification claim is not found", () => {
+    expect(getVerification(token)).toBeUndefined();
+  });
+  it("throws when the verification claim is invalid", () => {
+    const disclosure = "WyJxTGxVdkNKY3hwX3d4MVY5dHFPbFFRIiwidmVyaWZpY2F0aW9uIix7InRydXN0X2ZyYW1ld29yayI6ICJpdF9jaWUiLCJhc3N1cmFuY2VfbGV2ZWwiOiAic3Vic3RhbnRpYWwifV0";
+    expect(() => getVerification(`${signed}~${disclosure}`)).toThrow();
+  });
+});
+//# sourceMappingURL=utils.test.js.map

package/lib/module/sd-jwt/__test__/utils.test.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["getVerification","pid","signed","token","describe","it","disclosure","expect","toEqual","evidence","attestation","date_of_issuance","voucher","organization","type","reference_number","time","trust_framework","assurance_level","toBeUndefined","toThrow"],"sourceRoot":"../../../../src","sources":["sd-jwt/__test__/utils.test.ts"],"mappings":"AAAA,SAASA,eAAe,QAAQ,IAAI;AACpC,SAASC,GAAG,QAAQ,qBAAqB;AAEzC,MAAM;EAAEC,MAAM;EAAEC;AAAM,CAAC,GAAGF,GAAG;AAE7BG,QAAQ,CAAC,wBAAwB,EAAE,MAAM;EACvCC,EAAE,CAAC,4CAA4C,EAAE,MAAM;IACrD,MAAMC,UAAU,GACd,saAAsa;IACxaC,MAAM,CAACP,eAAe,CAAE,GAAEE,MAAO,IAAGI,UAAW,EAAC,CAAC,CAAC,CAACE,OAAO,CAAC;MACzDC,QAAQ,EAAE,CACR;QACEC,WAAW,EAAE;UACXC,gBAAgB,EAAE,YAAY;UAC9BC,OAAO,EAAE;YAAEC,YAAY,EAAE;UAAyB,CAAC;UACnDC,IAAI,EAAE,qBAAqB;UAC3BC,gBAAgB,EAAE;QACpB,CAAC;QACDC,IAAI,EAAE,sBAAsB;QAC5BF,IAAI,EAAE;MACR,CAAC,CACF;MACDG,eAAe,EAAE,QAAQ;MACzBC,eAAe,EAAE;IACnB,CAAC,CAAC;EACJ,CAAC,CAAC;EAEFb,EAAE,CAAC,4DAA4D,EAAE,MAAM;IACrEE,MAAM,CAACP,eAAe,CAACG,KAAK,CAAC,CAAC,CAACgB,aAAa,CAAC,CAAC;EAChD,CAAC,CAAC;EAEFd,EAAE,CAAC,+CAA+C,EAAE,MAAM;IACxD,MAAMC,UAAU,GACd,6IAA6I;IAC/IC,MAAM,CAAC,MAAMP,eAAe,CAAE,GAAEE,MAAO,IAAGI,UAAW,EAAC,CAAC,CAAC,CAACc,OAAO,CAAC,CAAC;EACpE,CAAC,CAAC;AACJ,CAAC,CAAC"}

package/lib/module/sd-jwt/index.js

@@ -5,6 +5,7 @@ import { Disclosure, SdJwt4VC } from "./types";
 import { verifyDisclosure } from "./verifier";
 import * as Errors from "./errors";
 import { Base64 } from "js-base64";
+export * from "./utils";
 const decodeDisclosure = encoded => {
   const utf8String = Base64.decode(encoded); // Decode Base64 into UTF-8 string
   const decoded = Disclosure.parse(JSON.parse(utf8String));
@@ -102,7 +103,12 @@ export const disclose = async (token, claims) => {
     }
     throw new Errors.ClaimsNotFoundInToken(claim);
   }));
-  const filteredDisclosures = rawDisclosures.filter(d => {
+
+  // The disclosures in the new SD-JWT aligned with version 1.0
+  // include a trailing "~" character.
+  // To avoid parsing errors, it is necessary to filter the array
+  // to remove any empty strings
+  const filteredDisclosures = rawDisclosures.filter(Boolean).filter(d => {
     const {
       decoded: [, name]
     } = decodeDisclosure(d);

package/lib/module/sd-jwt/index.js.map

@@ -1 +1 @@
-{"version":3,"names":["decode","decodeJwt","verify","verifyJwt","SignJWT","sha256ToBase64","Disclosure","SdJwt4VC","verifyDisclosure","Errors","Base64","decodeDisclosure","encoded","utf8String","decoded","parse","JSON","token","customSchema","slice","rawSdJwt","rawDisclosures","split","decodedJwt","parser","sdJwt","header","protectedHeader","payload","disclosures","map","disclose","claims","paths","Promise","all","claim","disclosure","find","_ref","name","ClaimsNotFoundBetweenDisclosures","hash","_sd","includes","index","indexOf","path","ClaimsNotFoundInToken","filteredDisclosures","filter","d","disclosedToken","join","publicKey","prepareVpToken","nonce","client_id","_ref2","verifiableCredential","requestedClaims","cryptoContext","vp","sd_hash","kbJwt","setProtectedHeader","typ","alg","setPayload","setAudience","setIssuedAt","sign","vp_token"],"sourceRoot":"../../../src","sources":["sd-jwt/index.ts"],"mappings":"AAEA,SAASA,MAAM,IAAIC,SAAS,QAAQ,6BAA6B;AACjE,SAASC,MAAM,IAAIC,SAAS,QAAQ,6BAA6B;AACjE,SAASC,OAAO,EAAEC,cAAc,QAAQ,6BAA6B;AACrE,SAASC,UAAU,EAAEC,QAAQ,QAAoC,SAAS;AAC1E,SAASC,gBAAgB,QAAQ,YAAY;AAE7C,OAAO,KAAKC,MAAM,MAAM,UAAU;AAClC,SAASC,MAAM,QAAQ,WAAW;AAGlC,MAAMC,gBAAgB,GAAIC,OAAe,IAA4B;EACnE,MAAMC,UAAU,GAAGH,MAAM,CAACV,MAAM,CAACY,OAAO,CAAC,CAAC,CAAC;EAC3C,MAAME,OAAO,GAAGR,UAAU,CAACS,KAAK,CAACC,IAAI,CAACD,KAAK,CAACF,UAAU,CAAC,CAAC;EACxD,OAAO;IAAEC,OAAO;IAAEF;EAAQ,CAAC;AAC7B,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMZ,MAAM,GAAGA,CACpBiB,KAAa,EACbC,YAAgB,KAIb;EACH;EACA,IAAID,KAAK,CAACE,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE;IAC3BF,KAAK,GAAGA,KAAK,CAACE,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;EAC5B;EACA,MAAM,CAACC,QAAQ,GAAG,EAAE,EAAE,GAAGC,cAAc,CAAC,GAAGJ,KAAK,CAACK,KAAK,CAAC,GAAG,CAAC;;EAE3D;EACA;EACA,MAAMC,UAAU,GAAGtB,SAAS,CAACmB,QAAQ,CAAC;;EAEtC;EACA,MAAMI,MAAM,GAAGN,YAAY,IAAIX,QAAQ;EAEvC,MAAMkB,KAAK,GAAGD,MAAM,CAACT,KAAK,CAAC;IACzBW,MAAM,EAAEH,UAAU,CAACI,eAAe;IAClCC,OAAO,EAAEL,UAAU,CAACK;EACtB,CAAC,CAAC;;EAEF;EACA;EACA;EACA,MAAMC,WAAW,GAAGR,cAAc,CAACS,GAAG,CAACnB,gBAAgB,CAAC;EAExD,OAAO;IAAEc,KAAK;IAAEI;EAAY,CAAC;AAC/B,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAME,QAAQ,GAAG,MAAAA,CACtBd,KAAa,EACbe,MAAgB,KACyD;EACzE,MAAM,CAACZ,QAAQ,EAAE,GAAGC,cAAc,CAAC,GAAGJ,KAAK,CAACK,KAAK,CAAC,GAAG,CAAC;EACtD,MAAM;IAAEG,KAAK;IAAEI;EAAY,CAAC,GAAG7B,MAAM,CAACiB,KAAK,EAAEV,QAAQ,CAAC;;EAEtD;EACA,MAAM0B,KAAK,GAAG,MAAMC,OAAO,CAACC,GAAG,CAC7BH,MAAM,CAACF,GAAG,CAAC,MAAOM,KAAK,IAAK;IAC1B,MAAMC,UAAU,GAAGR,WAAW,CAACS,IAAI,CACjCC,IAAA;MAAA,IAAC;QAAEzB,OAAO,EAAE,GAAG0B,IAAI;MAAE,CAAC,GAAAD,IAAA;MAAA,OAAKC,IAAI,KAAKJ,KAAK;IAAA,CAC3C,CAAC;;IAED;IACA,IAAI,CAACC,UAAU,EAAE;MACf,MAAM,IAAI5B,MAAM,CAACgC,gCAAgC,CAACL,KAAK,CAAC;IAC1D;IAEA,MAAMM,IAAI,GAAG,MAAMrC,cAAc,CAACgC,UAAU,CAACzB,OAAO,CAAC;;IAErD;IACA;IACA,IAAIa,KAAK,CAACG,OAAO,CAACe,GAAG,CAACC,QAAQ,CAACF,IAAI,CAAC,EAAE;MACpC,MAAMG,KAAK,GAAGpB,KAAK,CAACG,OAAO,CAACe,GAAG,CAACG,OAAO,CAACJ,IAAI,CAAC;MAC7C,OAAO;QAAEN,KAAK;QAAEW,IAAI,EAAG,8BAA6BF,KAAM;MAAG,CAAC;IAChE;IAEA,MAAM,IAAIpC,MAAM,CAACuC,qBAAqB,CAACZ,KAAK,CAAC;EAC/C,CAAC,CACH,CAAC;EAED,MAAMa,mBAAmB,GAAG5B,cAAc,CAAC6B,MAAM,CAAEC,CAAC,IAAK;IACvD,MAAM;MACJrC,OAAO,EAAE,GAAG0B,IAAI;IAClB,CAAC,GAAG7B,gBAAgB,CAACwC,CAAC,CAAC;IACvB,OAAOnB,MAAM,CAACY,QAAQ,CAACJ,IAAI,CAAC;EAC9B,CAAC,CAAC;;EAEF;EACA,MAAMY,cAAc,GAAG,CAAChC,QAAQ,EAAE,GAAG6B,mBAAmB,CAAC,CAACI,IAAI,CAAC,GAAG,CAAC;EAEnE,OAAO;IAAEpC,KAAK,EAAEmC,cAAc;IAAEnB;EAAM,CAAC;AACzC,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAM/B,MAAM,GAAG,MAAAA,CACpBe,KAAa,EACbqC,SAAsB,EACtBpC,YAAgB,KAC8C;EAC9D;EACA,MAAM,CAACE,QAAQ,GAAG,EAAE,CAAC,GAAGH,KAAK,CAACK,KAAK,CAAC,GAAG,CAAC;EACxC,MAAMR,OAAO,GAAGd,MAAM,CAACiB,KAAK,EAAEC,YAAY,CAAC;;EAE3C;EACA,MAAMf,SAAS,CAACiB,QAAQ,EAAEkC,SAAS,CAAC;;EAEpC;EACA,MAAMtB,MAAM,GAAG,CAAC,GAAGlB,OAAO,CAACW,KAAK,CAACG,OAAO,CAACe,GAAG,CAAC;EAE7C,MAAMT,OAAO,CAACC,GAAG,CACfrB,OAAO,CAACe,WAAW,CAACC,GAAG,CACrB,MAAOO,UAAU,IAAK,MAAM7B,gBAAgB,CAAC6B,UAAU,EAAEL,MAAM,CACjE,CACF,CAAC;EAED,OAAO;IACLP,KAAK,EAAEX,OAAO,CAACW,KAAK;IACpBI,WAAW,EAAEf,OAAO,CAACe,WAAW,CAACC,GAAG,CAAEqB,CAAC,IAAKA,CAAC,CAACrC,OAAO;EACvD,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMyC,cAAc,GAAG,MAAAA,CAC5BC,KAAa,EACbC,SAAiB,EAAAC,KAAA,KAIb;EAAA,IAHJ,CAACC,oBAAoB,EAAEC,eAAe,EAAEC,aAAa,CAAe,GAAAH,KAAA;EAIpE;EACA,MAAM;IAAEzC,KAAK,EAAE6C;EAAG,CAAC,GAAG,MAAM/B,QAAQ,CAAC4B,oBAAoB,EAAEC,eAAe,CAAC;;EAE3E;EACA,MAAMG,OAAO,GAAG,MAAM1D,cAAc,CAAE,GAAEyD,EAAG,GAAE,CAAC;EAE9C,MAAME,KAAK,GAAG,MAAM,IAAI5D,OAAO,CAACyD,aAAa,CAAC,CAC3CI,kBAAkB,CAAC;IAClBC,GAAG,EAAE,QAAQ;IACbC,GAAG,EAAE;EACP,CAAC,CAAC,CACDC,UAAU,CAAC;IACVL,OAAO;IACPP,KAAK,EAAEA;EACT,CAAC,CAAC,CACDa,WAAW,CAACZ,SAAS,CAAC,CACtBa,WAAW,CAAC,CAAC,CACbC,IAAI,CAAC,CAAC;;EAET;EACA,MAAMC,QAAQ,GAAG,CAACV,EAAE,EAAEE,KAAK,CAAC,CAACX,IAAI,CAAC,GAAG,CAAC;EAEtC,OAAO;IAAEmB;EAAS,CAAC;AACrB,CAAC;AAED,SAASjE,QAAQ,EAAEE,MAAM"}
+{"version":3,"names":["decode","decodeJwt","verify","verifyJwt","SignJWT","sha256ToBase64","Disclosure","SdJwt4VC","verifyDisclosure","Errors","Base64","decodeDisclosure","encoded","utf8String","decoded","parse","JSON","token","customSchema","slice","rawSdJwt","rawDisclosures","split","decodedJwt","parser","sdJwt","header","protectedHeader","payload","disclosures","map","disclose","claims","paths","Promise","all","claim","disclosure","find","_ref","name","ClaimsNotFoundBetweenDisclosures","hash","_sd","includes","index","indexOf","path","ClaimsNotFoundInToken","filteredDisclosures","filter","Boolean","d","disclosedToken","join","publicKey","prepareVpToken","nonce","client_id","_ref2","verifiableCredential","requestedClaims","cryptoContext","vp","sd_hash","kbJwt","setProtectedHeader","typ","alg","setPayload","setAudience","setIssuedAt","sign","vp_token"],"sourceRoot":"../../../src","sources":["sd-jwt/index.ts"],"mappings":"AAEA,SAASA,MAAM,IAAIC,SAAS,QAAQ,6BAA6B;AACjE,SAASC,MAAM,IAAIC,SAAS,QAAQ,6BAA6B;AACjE,SAASC,OAAO,EAAEC,cAAc,QAAQ,6BAA6B;AACrE,SAASC,UAAU,EAAEC,QAAQ,QAAoC,SAAS;AAC1E,SAASC,gBAAgB,QAAQ,YAAY;AAE7C,OAAO,KAAKC,MAAM,MAAM,UAAU;AAClC,SAASC,MAAM,QAAQ,WAAW;AAGlC,cAAc,SAAS;AAEvB,MAAMC,gBAAgB,GAAIC,OAAe,IAA4B;EACnE,MAAMC,UAAU,GAAGH,MAAM,CAACV,MAAM,CAACY,OAAO,CAAC,CAAC,CAAC;EAC3C,MAAME,OAAO,GAAGR,UAAU,CAACS,KAAK,CAACC,IAAI,CAACD,KAAK,CAACF,UAAU,CAAC,CAAC;EACxD,OAAO;IAAEC,OAAO;IAAEF;EAAQ,CAAC;AAC7B,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMZ,MAAM,GAAGA,CACpBiB,KAAa,EACbC,YAAgB,KAIb;EACH;EACA,IAAID,KAAK,CAACE,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE;IAC3BF,KAAK,GAAGA,KAAK,CAACE,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;EAC5B;EACA,MAAM,CAACC,QAAQ,GAAG,EAAE,EAAE,GAAGC,cAAc,CAAC,GAAGJ,KAAK,CAACK,KAAK,CAAC,GAAG,CAAC;;EAE3D;EACA;EACA,MAAMC,UAAU,GAAGtB,SAAS,CAACmB,QAAQ,CAAC;;EAEtC;EACA,MAAMI,MAAM,GAAGN,YAAY,IAAIX,QAAQ;EAEvC,MAAMkB,KAAK,GAAGD,MAAM,CAACT,KAAK,CAAC;IACzBW,MAAM,EAAEH,UAAU,CAACI,eAAe;IAClCC,OAAO,EAAEL,UAAU,CAACK;EACtB,CAAC,CAAC;;EAEF;EACA;EACA;EACA,MAAMC,WAAW,GAAGR,cAAc,CAACS,GAAG,CAACnB,gBAAgB,CAAC;EAExD,OAAO;IAAEc,KAAK;IAAEI;EAAY,CAAC;AAC/B,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAME,QAAQ,GAAG,MAAAA,CACtBd,KAAa,EACbe,MAAgB,KACyD;EACzE,MAAM,CAACZ,QAAQ,EAAE,GAAGC,cAAc,CAAC,GAAGJ,KAAK,CAACK,KAAK,CAAC,GAAG,CAAC;EACtD,MAAM;IAAEG,KAAK;IAAEI;EAAY,CAAC,GAAG7B,MAAM,CAACiB,KAAK,EAAEV,QAAQ,CAAC;;EAEtD;EACA,MAAM0B,KAAK,GAAG,MAAMC,OAAO,CAACC,GAAG,CAC7BH,MAAM,CAACF,GAAG,CAAC,MAAOM,KAAK,IAAK;IAC1B,MAAMC,UAAU,GAAGR,WAAW,CAACS,IAAI,CACjCC,IAAA;MAAA,IAAC;QAAEzB,OAAO,EAAE,GAAG0B,IAAI;MAAE,CAAC,GAAAD,IAAA;MAAA,OAAKC,IAAI,KAAKJ,KAAK;IAAA,CAC3C,CAAC;;IAED;IACA,IAAI,CAACC,UAAU,EAAE;MACf,MAAM,IAAI5B,MAAM,CAACgC,gCAAgC,CAACL,KAAK,CAAC;IAC1D;IAEA,MAAMM,IAAI,GAAG,MAAMrC,cAAc,CAACgC,UAAU,CAACzB,OAAO,CAAC;;IAErD;IACA;IACA,IAAIa,KAAK,CAACG,OAAO,CAACe,GAAG,CAACC,QAAQ,CAACF,IAAI,CAAC,EAAE;MACpC,MAAMG,KAAK,GAAGpB,KAAK,CAACG,OAAO,CAACe,GAAG,CAACG,OAAO,CAACJ,IAAI,CAAC;MAC7C,OAAO;QAAEN,KAAK;QAAEW,IAAI,EAAG,8BAA6BF,KAAM;MAAG,CAAC;IAChE;IAEA,MAAM,IAAIpC,MAAM,CAACuC,qBAAqB,CAACZ,KAAK,CAAC;EAC/C,CAAC,CACH,CAAC;;EAED;EACA;EACA;EACA;EACA,MAAMa,mBAAmB,GAAG5B,cAAc,CAAC6B,MAAM,CAACC,OAAO,CAAC,CAACD,MAAM,CAAEE,CAAC,IAAK;IACvE,MAAM;MACJtC,OAAO,EAAE,GAAG0B,IAAI;IAClB,CAAC,GAAG7B,gBAAgB,CAACyC,CAAC,CAAC;IACvB,OAAOpB,MAAM,CAACY,QAAQ,CAACJ,IAAI,CAAC;EAC9B,CAAC,CAAC;;EAEF;EACA,MAAMa,cAAc,GAAG,CAACjC,QAAQ,EAAE,GAAG6B,mBAAmB,CAAC,CAACK,IAAI,CAAC,GAAG,CAAC;EAEnE,OAAO;IAAErC,KAAK,EAAEoC,cAAc;IAAEpB;EAAM,CAAC;AACzC,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAM/B,MAAM,GAAG,MAAAA,CACpBe,KAAa,EACbsC,SAAsB,EACtBrC,YAAgB,KAC8C;EAC9D;EACA,MAAM,CAACE,QAAQ,GAAG,EAAE,CAAC,GAAGH,KAAK,CAACK,KAAK,CAAC,GAAG,CAAC;EACxC,MAAMR,OAAO,GAAGd,MAAM,CAACiB,KAAK,EAAEC,YAAY,CAAC;;EAE3C;EACA,MAAMf,SAAS,CAACiB,QAAQ,EAAEmC,SAAS,CAAC;;EAEpC;EACA,MAAMvB,MAAM,GAAG,CAAC,GAAGlB,OAAO,CAACW,KAAK,CAACG,OAAO,CAACe,GAAG,CAAC;EAE7C,MAAMT,OAAO,CAACC,GAAG,CACfrB,OAAO,CAACe,WAAW,CAACC,GAAG,CACrB,MAAOO,UAAU,IAAK,MAAM7B,gBAAgB,CAAC6B,UAAU,EAAEL,MAAM,CACjE,CACF,CAAC;EAED,OAAO;IACLP,KAAK,EAAEX,OAAO,CAACW,KAAK;IACpBI,WAAW,EAAEf,OAAO,CAACe,WAAW,CAACC,GAAG,CAAEsB,CAAC,IAAKA,CAAC,CAACtC,OAAO;EACvD,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAM0C,cAAc,GAAG,MAAAA,CAC5BC,KAAa,EACbC,SAAiB,EAAAC,KAAA,KAIb;EAAA,IAHJ,CAACC,oBAAoB,EAAEC,eAAe,EAAEC,aAAa,CAAe,GAAAH,KAAA;EAIpE;EACA,MAAM;IAAE1C,KAAK,EAAE8C;EAAG,CAAC,GAAG,MAAMhC,QAAQ,CAAC6B,oBAAoB,EAAEC,eAAe,CAAC;;EAE3E;EACA,MAAMG,OAAO,GAAG,MAAM3D,cAAc,CAAE,GAAE0D,EAAG,GAAE,CAAC;EAE9C,MAAME,KAAK,GAAG,MAAM,IAAI7D,OAAO,CAAC0D,aAAa,CAAC,CAC3CI,kBAAkB,CAAC;IAClBC,GAAG,EAAE,QAAQ;IACbC,GAAG,EAAE;EACP,CAAC,CAAC,CACDC,UAAU,CAAC;IACVL,OAAO;IACPP,KAAK,EAAEA;EACT,CAAC,CAAC,CACDa,WAAW,CAACZ,SAAS,CAAC,CACtBa,WAAW,CAAC,CAAC,CACbC,IAAI,CAAC,CAAC;;EAET;EACA,MAAMC,QAAQ,GAAG,CAACV,EAAE,EAAEE,KAAK,CAAC,CAACX,IAAI,CAAC,GAAG,CAAC;EAEtC,OAAO;IAAEmB;EAAS,CAAC;AACrB,CAAC;AAED,SAASlE,QAAQ,EAAEE,MAAM"}

package/lib/module/sd-jwt/types.js

@@ -23,11 +23,23 @@ export const Disclosure = z.tuple([/* salt */z.string(), /* claim name */z.strin
  * @see https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-05.html#name-disclosures-for-object-prop
  */
 
+const StatusAssertion = z.object({
+  credential_hash_alg: z.literal("sha-256")
+});
+
+/**
+ * Type for a Verifiable Credential in SD-JWT format.
+ * It supports both the older and the new data model for backward compatibility.
+ */
+
 export const SdJwt4VC = z.object({
   header: z.object({
-    typ: z.literal("vc+sd-jwt"),
+    typ: z.enum(["vc+sd-jwt", "dc+sd-jwt"]),
     alg: z.string(),
-    kid: z.string().optional()
+    kid: z.string(),
+    trust_chain: z.array(z.string()).optional(),
+    x5c: z.array(z.string()).optional(),
+    vctm: z.array(z.string()).optional()
   }),
   payload: z.intersection(z.object({
     iss: z.string(),
@@ -35,15 +47,66 @@ export const SdJwt4VC = z.object({
     iat: UnixTime.optional(),
     exp: UnixTime,
     _sd_alg: z.literal("sha-256"),
-    status: z.object({
-      status_attestation: z.object({
-        credential_hash_alg: z.literal("sha-256")
-      })
+    status: z.union([
+    // Credentials v1.0
+    z.object({
+      status_assertion: StatusAssertion
     }),
+    // Credentials v0.7.1
+    z.object({
+      status_attestation: StatusAssertion
+    })]).optional(),
     cnf: z.object({
       jwk: JWK
     }),
-    vct: z.string()
+    vct: z.string(),
+    "vct#integrity": z.string().optional(),
+    issuing_authority: z.string().optional(),
+    issuing_country: z.string().optional()
   }), ObfuscatedDisclosures)
 });
+
+/**
+ * Object containing User authentication and User data verification information.
+ * Useful to extract the assurance level to determine L2/L3 authentication.
+ */
+
+export const Verification = z.object({
+  trust_framework: z.string(),
+  assurance_level: z.string(),
+  evidence: z.array(z.object({
+    type: z.literal("vouch"),
+    time: z.string(),
+    attestation: z.object({
+      type: z.literal("digital_attestation"),
+      reference_number: z.string(),
+      date_of_issuance: z.string(),
+      voucher: z.object({
+        organization: z.string()
+      })
+    })
+  }))
+});
+
+/**
+ * Metadata for a digital credential. This information is retrieved from the URL defined in the `vct` claim.
+ *
+ * @see https://italia.github.io/eid-wallet-it-docs/v0.9.1/en/pid-eaa-data-model.html#digital-credential-metadata-type
+ */
+
+export const TypeMetadata = z.object({
+  name: z.string(),
+  description: z.string(),
+  data_source: z.object({
+    trust_framework: z.string(),
+    authentic_source: z.object({
+      organization_name: z.string(),
+      organization_code: z.string(),
+      contacts: z.array(z.string()),
+      homepage_uri: z.string().url(),
+      logo_uri: z.string().url()
+    })
+  })
+  // TODO: add more fields
+});
 //# sourceMappingURL=types.js.map

package/lib/module/sd-jwt/types.js.map

@@ -1 +1 @@
-{"version":3,"names":["JWK","z","UnixTime","number","min","max","ObfuscatedDisclosures","object","_sd","array","string","Disclosure","tuple","unknown","SdJwt4VC","header","typ","literal","alg","kid","optional","payload","intersection","iss","sub","iat","exp","_sd_alg","status","status_attestation","credential_hash_alg","cnf","jwk","vct"],"sourceRoot":"../../../src","sources":["sd-jwt/types.ts"],"mappings":"AAAA,SAASA,GAAG,QAAQ,cAAc;AAClC,SAASC,CAAC,QAAQ,KAAK;AAEvB,OAAO,MAAMC,QAAQ,GAAGD,CAAC,CAACE,MAAM,CAAC,CAAC,CAACC,GAAG,CAAC,CAAC,CAAC,CAACC,GAAG,CAAC,aAAa,CAAC;AAI5D,OAAO,MAAMC,qBAAqB,GAAGL,CAAC,CAACM,MAAM,CAAC;EAAEC,GAAG,EAAEP,CAAC,CAACQ,KAAK,CAACR,CAAC,CAACS,MAAM,CAAC,CAAC;AAAE,CAAC,CAAC;;AAE3E;AACA;AACA;AACA;AACA;AACA;;AAEA,OAAO,MAAMC,UAAU,GAAGV,CAAC,CAACW,KAAK,CAAC,CAChC,UAAWX,CAAC,CAACS,MAAM,CAAC,CAAC,EACrB,gBAAiBT,CAAC,CAACS,MAAM,CAAC,CAAC,EAC3B,iBAAkBT,CAAC,CAACY,OAAO,CAAC,CAAC,CAC9B,CAAC;;AAEF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAOA,OAAO,MAAMC,QAAQ,GAAGb,CAAC,CAACM,MAAM,CAAC;EAC/BQ,MAAM,EAAEd,CAAC,CAACM,MAAM,CAAC;IACfS,GAAG,EAAEf,CAAC,CAACgB,OAAO,CAAC,WAAW,CAAC;IAC3BC,GAAG,EAAEjB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfS,GAAG,EAAElB,CAAC,CAACS,MAAM,CAAC,CAAC,CAACU,QAAQ,CAAC;EAC3B,CAAC,CAAC;EACFC,OAAO,EAAEpB,CAAC,CAACqB,YAAY,CACrBrB,CAAC,CAACM,MAAM,CAAC;IACPgB,GAAG,EAAEtB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfc,GAAG,EAAEvB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfe,GAAG,EAAEvB,QAAQ,CAACkB,QAAQ,CAAC,CAAC;IACxBM,GAAG,EAAExB,QAAQ;IACbyB,OAAO,EAAE1B,CAAC,CAACgB,OAAO,CAAC,SAAS,CAAC;IAC7BW,MAAM,EAAE3B,CAAC,CAACM,MAAM,CAAC;MACfsB,kBAAkB,EAAE5B,CAAC,CAACM,MAAM,CAAC;QAC3BuB,mBAAmB,EAAE7B,CAAC,CAACgB,OAAO,CAAC,SAAS;MAC1C,CAAC;IACH,CAAC,CAAC;IACFc,GAAG,EAAE9B,CAAC,CAACM,MAAM,CAAC;MACZyB,GAAG,EAAEhC;IACP,CAAC,CAAC;IACFiC,GAAG,EAAEhC,CAAC,CAACS,MAAM,CAAC;EAChB,CAAC,CAAC,EACFJ,qBACF;AACF,CAAC,CAAC"}
+{"version":3,"names":["JWK","z","UnixTime","number","min","max","ObfuscatedDisclosures","object","_sd","array","string","Disclosure","tuple","unknown","StatusAssertion","credential_hash_alg","literal","SdJwt4VC","header","typ","enum","alg","kid","trust_chain","optional","x5c","vctm","payload","intersection","iss","sub","iat","exp","_sd_alg","status","union","status_assertion","status_attestation","cnf","jwk","vct","issuing_authority","issuing_country","Verification","trust_framework","assurance_level","evidence","type","time","attestation","reference_number","date_of_issuance","voucher","organization","TypeMetadata","name","description","data_source","authentic_source","organization_name","organization_code","contacts","homepage_uri","url","logo_uri"],"sourceRoot":"../../../src","sources":["sd-jwt/types.ts"],"mappings":"AAAA,SAASA,GAAG,QAAQ,cAAc;AAClC,SAASC,CAAC,QAAQ,KAAK;AAEvB,OAAO,MAAMC,QAAQ,GAAGD,CAAC,CAACE,MAAM,CAAC,CAAC,CAACC,GAAG,CAAC,CAAC,CAAC,CAACC,GAAG,CAAC,aAAa,CAAC;AAI5D,OAAO,MAAMC,qBAAqB,GAAGL,CAAC,CAACM,MAAM,CAAC;EAAEC,GAAG,EAAEP,CAAC,CAACQ,KAAK,CAACR,CAAC,CAACS,MAAM,CAAC,CAAC;AAAE,CAAC,CAAC;;AAE3E;AACA;AACA;AACA;AACA;AACA;;AAEA,OAAO,MAAMC,UAAU,GAAGV,CAAC,CAACW,KAAK,CAAC,CAChC,UAAWX,CAAC,CAACS,MAAM,CAAC,CAAC,EACrB,gBAAiBT,CAAC,CAACS,MAAM,CAAC,CAAC,EAC3B,iBAAkBT,CAAC,CAACY,OAAO,CAAC,CAAC,CAC9B,CAAC;;AAEF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAMA,MAAMC,eAAe,GAAGb,CAAC,CAACM,MAAM,CAAC;EAC/BQ,mBAAmB,EAAEd,CAAC,CAACe,OAAO,CAAC,SAAS;AAC1C,CAAC,CAAC;;AAEF;AACA;AACA;AACA;;AAEA,OAAO,MAAMC,QAAQ,GAAGhB,CAAC,CAACM,MAAM,CAAC;EAC/BW,MAAM,EAAEjB,CAAC,CAACM,MAAM,CAAC;IACfY,GAAG,EAAElB,CAAC,CAACmB,IAAI,CAAC,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC;IACvCC,GAAG,EAAEpB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfY,GAAG,EAAErB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfa,WAAW,EAAEtB,CAAC,CAACQ,KAAK,CAACR,CAAC,CAACS,MAAM,CAAC,CAAC,CAAC,CAACc,QAAQ,CAAC,CAAC;IAC3CC,GAAG,EAAExB,CAAC,CAACQ,KAAK,CAACR,CAAC,CAACS,MAAM,CAAC,CAAC,CAAC,CAACc,QAAQ,CAAC,CAAC;IACnCE,IAAI,EAAEzB,CAAC,CAACQ,KAAK,CAACR,CAAC,CAACS,MAAM,CAAC,CAAC,CAAC,CAACc,QAAQ,CAAC;EACrC,CAAC,CAAC;EACFG,OAAO,EAAE1B,CAAC,CAAC2B,YAAY,CACrB3B,CAAC,CAACM,MAAM,CAAC;IACPsB,GAAG,EAAE5B,CAAC,CAACS,MAAM,CAAC,CAAC;IACfoB,GAAG,EAAE7B,CAAC,CAACS,MAAM,CAAC,CAAC;IACfqB,GAAG,EAAE7B,QAAQ,CAACsB,QAAQ,CAAC,CAAC;IACxBQ,GAAG,EAAE9B,QAAQ;IACb+B,OAAO,EAAEhC,CAAC,CAACe,OAAO,CAAC,SAAS,CAAC;IAC7BkB,MAAM,EAAEjC,CAAC,CACNkC,KAAK,CAAC;IACL;IACAlC,CAAC,CAACM,MAAM,CAAC;MAAE6B,gBAAgB,EAAEtB;IAAgB,CAAC,CAAC;IAC/C;IACAb,CAAC,CAACM,MAAM,CAAC;MAAE8B,kBAAkB,EAAEvB;IAAgB,CAAC,CAAC,CAClD,CAAC,CACDU,QAAQ,CAAC,CAAC;IACbc,GAAG,EAAErC,CAAC,CAACM,MAAM,CAAC;MACZgC,GAAG,EAAEvC;IACP,CAAC,CAAC;IACFwC,GAAG,EAAEvC,CAAC,CAACS,MAAM,CAAC,CAAC;IACf,eAAe,EAAET,CAAC,CAACS,MAAM,CAAC,CAAC,CAACc,QAAQ,CAAC,CAAC;IACtCiB,iBAAiB,EAAExC,CAAC,CAACS,MAAM,CAAC,CAAC,CAACc,QAAQ,CAAC,CAAC;IACxCkB,eAAe,EAAEzC,CAAC,CAACS,MAAM,CAAC,CAAC,CAACc,QAAQ,CAAC;EACvC,CAAC,CAAC,EACFlB,qBACF;AACF,CAAC,CAAC;;AAEF;AACA;AACA;AACA;;AAEA,OAAO,MAAMqC,YAAY,GAAG1C,CAAC,CAACM,MAAM,CAAC;EACnCqC,eAAe,EAAE3C,CAAC,CAACS,MAAM,CAAC,CAAC;EAC3BmC,eAAe,EAAE5C,CAAC,CAACS,MAAM,CAAC,CAAC;EAC3BoC,QAAQ,EAAE7C,CAAC,CAACQ,KAAK,CACfR,CAAC,CAACM,MAAM,CAAC;IACPwC,IAAI,EAAE9C,CAAC,CAACe,OAAO,CAAC,OAAO,CAAC;IACxBgC,IAAI,EAAE/C,CAAC,CAACS,MAAM,CAAC,CAAC;IAChBuC,WAAW,EAAEhD,CAAC,CAACM,MAAM,CAAC;MACpBwC,IAAI,EAAE9C,CAAC,CAACe,OAAO,CAAC,qBAAqB,CAAC;MACtCkC,gBAAgB,EAAEjD,CAAC,CAACS,MAAM,CAAC,CAAC;MAC5ByC,gBAAgB,EAAElD,CAAC,CAACS,MAAM,CAAC,CAAC;MAC5B0C,OAAO,EAAEnD,CAAC,CAACM,MAAM,CAAC;QAAE8C,YAAY,EAAEpD,CAAC,CAACS,MAAM,CAAC;MAAE,CAAC;IAChD,CAAC;EACH,CAAC,CACH;AACF,CAAC,CAAC;;AAEF;AACA;AACA;AACA;AACA;;AAEA,OAAO,MAAM4C,YAAY,GAAGrD,CAAC,CAACM,MAAM,CAAC;EACnCgD,IAAI,EAAEtD,CAAC,CAACS,MAAM,CAAC,CAAC;EAChB8C,WAAW,EAAEvD,CAAC,CAACS,MAAM,CAAC,CAAC;EACvB+C,WAAW,EAAExD,CAAC,CAACM,MAAM,CAAC;IACpBqC,eAAe,EAAE3C,CAAC,CAACS,MAAM,CAAC,CAAC;IAC3BgD,gBAAgB,EAAEzD,CAAC,CAACM,MAAM,CAAC;MACzBoD,iBAAiB,EAAE1D,CAAC,CAACS,MAAM,CAAC,CAAC;MAC7BkD,iBAAiB,EAAE3D,CAAC,CAACS,MAAM,CAAC,CAAC;MAC7BmD,QAAQ,EAAE5D,CAAC,CAACQ,KAAK,CAACR,CAAC,CAACS,MAAM,CAAC,CAAC,CAAC;MAC7BoD,YAAY,EAAE7D,CAAC,CAACS,MAAM,CAAC,CAAC,CAACqD,GAAG,CAAC,CAAC;MAC9BC,QAAQ,EAAE/D,CAAC,CAACS,MAAM,CAAC,CAAC,CAACqD,GAAG,CAAC;IAC3B,CAAC;EACH,CAAC;EACD;AACF,CAAC,CAAC"}

package/lib/module/sd-jwt/utils.js

@@ -0,0 +1,57 @@
+import { sha256ToBase64 } from "@pagopa/io-react-native-jwt";
+import { hasStatusOrThrow } from "../utils/misc";
+import { TypeMetadata, Verification } from "./types";
+import { IoWalletError, IssuerResponseError, ValidationFailed } from "../utils/errors";
+import { decode } from ".";
+import { getValueFromDisclosures } from "./converters";
+
+/**
+ * Retrieve the Type Metadata for a credential and verify its integrity.
+ * @param vct The VCT as a valid HTTPS url
+ * @param vctIntegrity The integrity hash
+ * @param context.appFetch (optional) fetch api implementation. Default: built-in fetch
+ * @returns The credential metadata {@link TypeMetadata}
+ */
+export const fetchTypeMetadata = async function (vct, vctIntegrity) {
+  let context = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : {};
+  const {
+    appFetch = fetch
+  } = context;
+  const {
+    origin,
+    pathname
+  } = new URL(vct);
+  const metadata = await appFetch(`${origin}/.well-known/vct${pathname}`, {
+    headers: {
+      "Content-Type": "application/json"
+    }
+  }).then(hasStatusOrThrow(200, IssuerResponseError)).then(res => res.json()).then(TypeMetadata.parse);
+  const [alg, hash] = vctIntegrity.split(/-(.*)/s);
+  if (alg !== "sha256") {
+    throw new IoWalletError(`${alg} algorithm is not supported`);
+  }
+
+  // TODO: [SIW-2264] check if the hash is correctly calculated
+  const metadataHash = await sha256ToBase64(JSON.stringify(metadata));
+  if (metadataHash !== hash) {
+    throw new ValidationFailed({
+      message: "Unable to verify VCT integrity",
+      reason: "vct#integrity does not match the metadata hash"
+    });
+  }
+  return metadata;
+};
+
+/**
+ * Extract and validate the `verification` claim from disclosures.
+ * @param credentialSdJwt The raw credential SD-JWT
+ * @returns The verification claim or undefined if it wasn't found
+ */
+export const getVerification = credentialSdJwt => {
+  const {
+    disclosures
+  } = decode(credentialSdJwt);
+  const verificationDisclosure = getValueFromDisclosures(disclosures.map(d => d.decoded), "verification");
+  return verificationDisclosure ? Verification.parse(verificationDisclosure) : undefined;
+};
+//# sourceMappingURL=utils.js.map

package/lib/module/sd-jwt/utils.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["sha256ToBase64","hasStatusOrThrow","TypeMetadata","Verification","IoWalletError","IssuerResponseError","ValidationFailed","decode","getValueFromDisclosures","fetchTypeMetadata","vct","vctIntegrity","context","arguments","length","undefined","appFetch","fetch","origin","pathname","URL","metadata","headers","then","res","json","parse","alg","hash","split","metadataHash","JSON","stringify","message","reason","getVerification","credentialSdJwt","disclosures","verificationDisclosure","map","d","decoded"],"sourceRoot":"../../../src","sources":["sd-jwt/utils.ts"],"mappings":"AAAA,SAASA,cAAc,QAAQ,6BAA6B;AAC5D,SAASC,gBAAgB,QAAQ,eAAe;AAChD,SAASC,YAAY,EAAEC,YAAY,QAAQ,SAAS;AACpD,SACEC,aAAa,EACbC,mBAAmB,EACnBC,gBAAgB,QACX,iBAAiB;AACxB,SAASC,MAAM,QAAQ,GAAG;AAC1B,SAASC,uBAAuB,QAAQ,cAAc;;AAEtD;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMC,iBAAiB,GAAG,eAAAA,CAC/BC,GAAW,EACXC,YAAoB,EAIM;EAAA,IAH1BC,OAEC,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EAEN,MAAM;IAAEG,QAAQ,GAAGC;EAAM,CAAC,GAAGL,OAAO;EACpC,MAAM;IAAEM,MAAM;IAAEC;EAAS,CAAC,GAAG,IAAIC,GAAG,CAACV,GAAG,CAAC;EAEzC,MAAMW,QAAQ,GAAG,MAAML,QAAQ,CAAE,GAAEE,MAAO,mBAAkBC,QAAS,EAAC,EAAE;IACtEG,OAAO,EAAE;MACP,cAAc,EAAE;IAClB;EACF,CAAC,CAAC,CACCC,IAAI,CAACtB,gBAAgB,CAAC,GAAG,EAAEI,mBAAmB,CAAC,CAAC,CAChDkB,IAAI,CAAEC,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBF,IAAI,CAACrB,YAAY,CAACwB,KAAK,CAAC;EAE3B,MAAM,CAACC,GAAG,EAAEC,IAAI,CAAC,GAAGjB,YAAY,CAACkB,KAAK,CAAC,QAAQ,CAAC;EAEhD,IAAIF,GAAG,KAAK,QAAQ,EAAE;IACpB,MAAM,IAAIvB,aAAa,CAAE,GAAEuB,GAAI,6BAA4B,CAAC;EAC9D;;EAEA;EACA,MAAMG,YAAY,GAAG,MAAM9B,cAAc,CAAC+B,IAAI,CAACC,SAAS,CAACX,QAAQ,CAAC,CAAC;EAEnE,IAAIS,YAAY,KAAKF,IAAI,EAAE;IACzB,MAAM,IAAItB,gBAAgB,CAAC;MACzB2B,OAAO,EAAE,gCAAgC;MACzCC,MAAM,EAAE;IACV,CAAC,CAAC;EACJ;EAEA,OAAOb,QAAQ;AACjB,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMc,eAAe,GAC1BC,eAAuB,IACM;EAC7B,MAAM;IAAEC;EAAY,CAAC,GAAG9B,MAAM,CAAC6B,eAAe,CAAC;EAC/C,MAAME,sBAAsB,GAAG9B,uBAAuB,CACpD6B,WAAW,CAACE,GAAG,CAAEC,CAAC,IAAKA,CAAC,CAACC,OAAO,CAAC,EACjC,cACF,CAAC;EACD,OAAOH,sBAAsB,GACzBnC,YAAY,CAACuB,KAAK,CAACY,sBAAsB,CAAC,GAC1CvB,SAAS;AACf,CAAC"}

package/lib/module/trust/types.js

@@ -34,13 +34,10 @@ const CredentialIssuerDisplayMetadata = z.object({
   name: z.string(),
   locale: z.string()
 });
-const ClaimsMetadata = z.record(z.object({
-  value_type: z.string(),
-  display: z.array(z.object({
-    name: z.string(),
-    locale: z.string()
-  }))
-}));
+const ClaimsMetadata = z.object({
+  path: z.array(z.string()),
+  display: z.array(CredentialDisplayMetadata)
+});
 const IssuanceErrorSupported = z.object({
   display: z.array(z.object({
     title: z.string(),
@@ -51,16 +48,21 @@ const IssuanceErrorSupported = z.object({
 
 // Metadata for a credential which is supported by an Issuer
 
-const SupportedCredentialMetadata = z.object({
-  format: z.union([z.literal("vc+sd-jwt"), z.literal("vc+mdoc-cbor")]),
+const SupportedCredentialMetadata = z.intersection(z.discriminatedUnion("format", [z.object({
+  format: z.literal("dc+sd-jwt"),
+  vct: z.string()
+}), z.object({
+  format: z.literal("mso_mdoc"),
+  doctype: z.string()
+})]), z.object({
   scope: z.string(),
   display: z.array(CredentialDisplayMetadata),
-  claims: ClaimsMetadata,
+  claims: z.array(ClaimsMetadata),
   cryptographic_binding_methods_supported: z.array(z.string()),
   credential_signing_alg_values_supported: z.array(z.string()),
   authentic_source: z.string().optional(),
   issuance_errors_supported: z.record(IssuanceErrorSupported).optional()
-});
+}));
 export const EntityStatement = z.object({
   header: z.object({
     typ: z.literal("entity-statement+jwt"),
@@ -136,13 +138,16 @@ export const CredentialIssuerEntityConfiguration = BaseEntityConfiguration.and(z
       openid_credential_issuer: z.object({
         credential_issuer: z.string(),
         credential_endpoint: z.string(),
-        revocation_endpoint: z.string(),
+        revocation_endpoint: z.string().optional(),
+        nonce_endpoint: z.string(),
         status_attestation_endpoint: z.string(),
         display: z.array(CredentialIssuerDisplayMetadata),
         credential_configurations_supported: z.record(SupportedCredentialMetadata),
         jwks: z.object({
           keys: z.array(JWK)
-        })
+        }),
+        trust_frameworks_supported: z.array(z.string()),
+        evidence_supported: z.array(z.string())
       }),
       oauth_authorization_server: z.object({
         authorization_endpoint: z.string(),

package/lib/module/trust/types.js.map

@@ -1 +1 @@
-{"version":3,"names":["UnixTime","JWK","z","PresentationDefinition","TrustMark","object","id","string","trust_mark","RelyingPartyMetadata","application_type","optional","client_id","client_name","jwks","keys","array","contacts","presentation_definition","request_uris","authorization_signed_response_alg","authorization_encrypted_response_alg","authorization_encrypted_response_enc","CredentialDisplayMetadata","name","locale","CredentialIssuerDisplayMetadata","ClaimsMetadata","record","value_type","display","IssuanceErrorSupported","title","description","SupportedCredentialMetadata","format","union","literal","scope","claims","cryptographic_binding_methods_supported","credential_signing_alg_values_supported","authentic_source","issuance_errors_supported","EntityStatement","header","typ","alg","kid","payload","iss","sub","trust_marks","iat","number","exp","EntityConfigurationHeader","FederationEntityMetadata","federation_fetch_endpoint","federation_list_endpoint","federation_resolve_endpoint","federation_trust_mark_status_endpoint","federation_trust_mark_list_endpoint","federation_trust_mark_endpoint","federation_historical_keys_endpoint","endpoint_auth_signing_alg_values_supported","organization_name","homepage_uri","policy_uri","logo_uri","passthrough","BaseEntityConfiguration","authority_hints","metadata","federation_entity","TrustAnchorEntityConfiguration","CredentialIssuerEntityConfiguration","and","openid_credential_issuer","credential_issuer","credential_endpoint","revocation_endpoint","status_attestation_endpoint","credential_configurations_supported","oauth_authorization_server","authorization_endpoint","pushed_authorization_request_endpoint","token_endpoint","client_registration_types_supported","code_challenge_methods_supported","acr_values_supported","grant_types_supported","issuer","scopes_supported","response_modes_supported","token_endpoint_auth_methods_supported","token_endpoint_auth_signing_alg_values_supported","request_object_signing_alg_values_supported","openid_credential_verifier","RelyingPartyEntityConfiguration","WalletProviderEntityConfiguration","wallet_provider","aal_values_supported","EntityConfiguration","FederationListResponse"],"sourceRoot":"../../../src","sources":["trust/types.ts"],"mappings":"AAAA,SAASA,QAAQ,QAAQ,iBAAiB;AAC1C,SAASC,GAAG,QAAQ,cAAc;AAClC,OAAO,KAAKC,CAAC,MAAM,KAAK;AACxB,SAASC,sBAAsB,QAAQ,kCAAkC;AAEzE,OAAO,MAAMC,SAAS,GAAGF,CAAC,CAACG,MAAM,CAAC;EAAEC,EAAE,EAAEJ,CAAC,CAACK,MAAM,CAAC,CAAC;EAAEC,UAAU,EAAEN,CAAC,CAACK,MAAM,CAAC;AAAE,CAAC,CAAC;AAG7E,MAAME,oBAAoB,GAAGP,CAAC,CAACG,MAAM,CAAC;EACpCK,gBAAgB,EAAER,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EACvCC,SAAS,EAAEV,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EAChCE,WAAW,EAAEX,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EAClCG,IAAI,EAAEZ,CAAC,CAACG,MAAM,CAAC;IAAEU,IAAI,EAAEb,CAAC,CAACc,KAAK,CAACf,GAAG;EAAE,CAAC,CAAC;EACtCgB,QAAQ,EAAEf,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EACxCO,uBAAuB,EAAEf,sBAAsB,CAACQ,QAAQ,CAAC,CAAC;EAC1DQ,YAAY,EAAEjB,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EAC5CS,iCAAiC,EAAElB,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EACxDU,oCAAoC,EAAEnB,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EAC3DW,oCAAoC,EAAEpB,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC;AAC5D,CAAC,CAAC;;AAEF;AACA;AAEA,MAAMY,yBAAyB,GAAGrB,CAAC,CAACG,MAAM,CAAC;EACzCmB,IAAI,EAAEtB,CAAC,CAACK,MAAM,CAAC,CAAC;EAChBkB,MAAM,EAAEvB,CAAC,CAACK,MAAM,CAAC;AACnB,CAAC,CAAC;;AAEF;;AAIA,MAAMmB,+BAA+B,GAAGxB,CAAC,CAACG,MAAM,CAAC;EAC/CmB,IAAI,EAAEtB,CAAC,CAACK,MAAM,CAAC,CAAC;EAChBkB,MAAM,EAAEvB,CAAC,CAACK,MAAM,CAAC;AACnB,CAAC,CAAC;AAGF,MAAMoB,cAAc,GAAGzB,CAAC,CAAC0B,MAAM,CAC7B1B,CAAC,CAACG,MAAM,CAAC;EACPwB,UAAU,EAAE3B,CAAC,CAACK,MAAM,CAAC,CAAC;EACtBuB,OAAO,EAAE5B,CAAC,CAACc,KAAK,CAACd,CAAC,CAACG,MAAM,CAAC;IAAEmB,IAAI,EAAEtB,CAAC,CAACK,MAAM,CAAC,CAAC;IAAEkB,MAAM,EAAEvB,CAAC,CAACK,MAAM,CAAC;EAAE,CAAC,CAAC;AACrE,CAAC,CACH,CAAC;AAGD,MAAMwB,sBAAsB,GAAG7B,CAAC,CAACG,MAAM,CAAC;EACtCyB,OAAO,EAAE5B,CAAC,CAACc,KAAK,CACdd,CAAC,CAACG,MAAM,CAAC;IACP2B,KAAK,EAAE9B,CAAC,CAACK,MAAM,CAAC,CAAC;IACjB0B,WAAW,EAAE/B,CAAC,CAACK,MAAM,CAAC,CAAC;IACvBkB,MAAM,EAAEvB,CAAC,CAACK,MAAM,CAAC;EACnB,CAAC,CACH;AACF,CAAC,CAAC;;AAEF;;AAEA,MAAM2B,2BAA2B,GAAGhC,CAAC,CAACG,MAAM,CAAC;EAC3C8B,MAAM,EAAEjC,CAAC,CAACkC,KAAK,CAAC,CAAClC,CAAC,CAACmC,OAAO,CAAC,WAAW,CAAC,EAAEnC,CAAC,CAACmC,OAAO,CAAC,cAAc,CAAC,CAAC,CAAC;EACpEC,KAAK,EAAEpC,CAAC,CAACK,MAAM,CAAC,CAAC;EACjBuB,OAAO,EAAE5B,CAAC,CAACc,KAAK,CAACO,yBAAyB,CAAC;EAC3CgB,MAAM,EAAEZ,cAAc;EACtBa,uCAAuC,EAAEtC,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;EAC5DkC,uCAAuC,EAAEvC,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;EAC5DmC,gBAAgB,EAAExC,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EACvCgC,yBAAyB,EAAEzC,CAAC,CAAC0B,MAAM,CAACG,sBAAsB,CAAC,CAACpB,QAAQ,CAAC;AACvE,CAAC,CAAC;AAGF,OAAO,MAAMiC,eAAe,GAAG1C,CAAC,CAACG,MAAM,CAAC;EACtCwC,MAAM,EAAE3C,CAAC,CAACG,MAAM,CAAC;IACfyC,GAAG,EAAE5C,CAAC,CAACmC,OAAO,CAAC,sBAAsB,CAAC;IACtCU,GAAG,EAAE7C,CAAC,CAACK,MAAM,CAAC,CAAC;IACfyC,GAAG,EAAE9C,CAAC,CAACK,MAAM,CAAC;EAChB,CAAC,CAAC;EACF0C,OAAO,EAAE/C,CAAC,CAACG,MAAM,CAAC;IAChB6C,GAAG,EAAEhD,CAAC,CAACK,MAAM,CAAC,CAAC;IACf4C,GAAG,EAAEjD,CAAC,CAACK,MAAM,CAAC,CAAC;IACfO,IAAI,EAAEZ,CAAC,CAACG,MAAM,CAAC;MAAEU,IAAI,EAAEb,CAAC,CAACc,KAAK,CAACf,GAAG;IAAE,CAAC,CAAC;IACtCmD,WAAW,EAAElD,CAAC,CAACc,KAAK,CAACZ,SAAS,CAAC,CAACO,QAAQ,CAAC,CAAC;IAC1C0C,GAAG,EAAEnD,CAAC,CAACoD,MAAM,CAAC,CAAC;IACfC,GAAG,EAAErD,CAAC,CAACoD,MAAM,CAAC;EAChB,CAAC;AACH,CAAC,CAAC;AAKF,OAAO,MAAME,yBAAyB,GAAGtD,CAAC,CAACG,MAAM,CAAC;EAChDyC,GAAG,EAAE5C,CAAC,CAACmC,OAAO,CAAC,sBAAsB,CAAC;EACtCU,GAAG,EAAE7C,CAAC,CAACK,MAAM,CAAC,CAAC;EACfyC,GAAG,EAAE9C,CAAC,CAACK,MAAM,CAAC;AAChB,CAAC,CAAC;;AAEF;AACA;AACA;AACA,MAAMkD,wBAAwB,GAAGvD,CAAC,CAC/BG,MAAM,CAAC;EACNqD,yBAAyB,EAAExD,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EAChDgD,wBAAwB,EAAEzD,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EAC/CiD,2BAA2B,EAAE1D,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EAClDkD,qCAAqC,EAAE3D,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EAC5DmD,mCAAmC,EAAE5D,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EAC1DoD,8BAA8B,EAAE7D,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EACrDqD,mCAAmC,EAAE9D,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EAC1DsD,0CAA0C,EAAE/D,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EACjEuD,iBAAiB,EAAEhE,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EACxCwD,YAAY,EAAEjE,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EACnCyD,UAAU,EAAElE,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EACjC0D,QAAQ,EAAEnE,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EAC/BM,QAAQ,EAAEf,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC,CAACI,QAAQ,CAAC;AACzC,CAAC,CAAC,CACD2D,WAAW,CAAC,CAAC;;AAEhB;AACA,MAAMC,uBAAuB,GAAGrE,CAAC,CAACG,MAAM,CAAC;EACvCwC,MAAM,EAAEW,yBAAyB;EACjCP,OAAO,EAAE/C,CAAC,CACPG,MAAM,CAAC;IACN6C,GAAG,EAAEhD,CAAC,CAACK,MAAM,CAAC,CAAC;IACf4C,GAAG,EAAEjD,CAAC,CAACK,MAAM,CAAC,CAAC;IACf8C,GAAG,EAAErD,QAAQ;IACbuD,GAAG,EAAEvD,QAAQ;IACbwE,eAAe,EAAEtE,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;IAC/C8D,QAAQ,EAAEvE,CAAC,CACRG,MAAM,CAAC;MACNqE,iBAAiB,EAAEjB;IACrB,CAAC,CAAC,CACDa,WAAW,CAAC,CAAC;IAChBxD,IAAI,EAAEZ,CAAC,CAACG,MAAM,CAAC;MACbU,IAAI,EAAEb,CAAC,CAACc,KAAK,CAACf,GAAG;IACnB,CAAC;EACH,CAAC,CAAC,CACDqE,WAAW,CAAC;AACjB,CAAC,CAAC;;AAEF;;AAIA,OAAO,MAAMK,8BAA8B,GAAGJ,uBAAuB;;AAErE;;AAIA,OAAO,MAAMK,mCAAmC,GAAGL,uBAAuB,CAACM,GAAG,CAC5E3E,CAAC,CAACG,MAAM,CAAC;EACP4C,OAAO,EAAE/C,CAAC,CAACG,MAAM,CAAC;IAChBS,IAAI,EAAEZ,CAAC,CAACG,MAAM,CAAC;MAAEU,IAAI,EAAEb,CAAC,CAACc,KAAK,CAACf,GAAG;IAAE,CAAC,CAAC;IACtCwE,QAAQ,EAAEvE,CAAC,CAACG,MAAM,CAAC;MACjByE,wBAAwB,EAAE5E,CAAC,CAACG,MAAM,CAAC;QACjC0E,iBAAiB,EAAE7E,CAAC,CAACK,MAAM,CAAC,CAAC;QAC7ByE,mBAAmB,EAAE9E,CAAC,CAACK,MAAM,CAAC,CAAC;QAC/B0E,mBAAmB,EAAE/E,CAAC,CAACK,MAAM,CAAC,CAAC;QAC/B2E,2BAA2B,EAAEhF,CAAC,CAACK,MAAM,CAAC,CAAC;QACvCuB,OAAO,EAAE5B,CAAC,CAACc,KAAK,CAACU,+BAA+B,CAAC;QACjDyD,mCAAmC,EAAEjF,CAAC,CAAC0B,MAAM,CAC3CM,2BACF,CAAC;QACDpB,IAAI,EAAEZ,CAAC,CAACG,MAAM,CAAC;UAAEU,IAAI,EAAEb,CAAC,CAACc,KAAK,CAACf,GAAG;QAAE,CAAC;MACvC,CAAC,CAAC;MACFmF,0BAA0B,EAAElF,CAAC,CAACG,MAAM,CAAC;QACnCgF,sBAAsB,EAAEnF,CAAC,CAACK,MAAM,CAAC,CAAC;QAClC+E,qCAAqC,EAAEpF,CAAC,CAACK,MAAM,CAAC,CAAC;QACjDgF,cAAc,EAAErF,CAAC,CAACK,MAAM,CAAC,CAAC;QAC1BiF,mCAAmC,EAAEtF,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;QACxDkF,gCAAgC,EAAEvF,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;QACrDmF,oBAAoB,EAAExF,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;QACzCoF,qBAAqB,EAAEzF,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;QAC1CqF,MAAM,EAAE1F,CAAC,CAACK,MAAM,CAAC,CAAC;QAClBO,IAAI,EAAEZ,CAAC,CAACG,MAAM,CAAC;UAAEU,IAAI,EAAEb,CAAC,CAACc,KAAK,CAACf,GAAG;QAAE,CAAC,CAAC;QACtC4F,gBAAgB,EAAE3F,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;QACrCuF,wBAAwB,EAAE5F,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;QAC7CwF,qCAAqC,EAAE7F,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;QAC1DyF,gDAAgD,EAAE9F,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;QACrE0F,2CAA2C,EAAE/F,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC;MACjE,CAAC,CAAC;MACF;AACR;AACA;AACA;MACQ2F,0BAA0B,EAAEzF,oBAAoB,CAACE,QAAQ,CAAC;IAC5D,CAAC;EACH,CAAC;AACH,CAAC,CACH,CAAC;;AAED;;AAIA,OAAO,MAAMwF,+BAA+B,GAAG5B,uBAAuB,CAACM,GAAG,CACxE3E,CAAC,CAACG,MAAM,CAAC;EACP4C,OAAO,EAAE/C,CAAC,CAACG,MAAM,CAAC;IAChBoE,QAAQ,EAAEvE,CAAC,CAACG,MAAM,CAAC;MACjB6F,0BAA0B,EAAEzF;IAC9B,CAAC;EACH,CAAC;AACH,CAAC,CACH,CAAC;;AAED;;AAIA,OAAO,MAAM2F,iCAAiC,GAAG7B,uBAAuB,CAACM,GAAG,CAC1E3E,CAAC,CAACG,MAAM,CAAC;EACP4C,OAAO,EAAE/C,CAAC,CAACG,MAAM,CAAC;IAChBoE,QAAQ,EAAEvE,CAAC,CAACG,MAAM,CAAC;MACjBgG,eAAe,EAAEnG,CAAC,CACfG,MAAM,CAAC;QACNkF,cAAc,EAAErF,CAAC,CAACK,MAAM,CAAC,CAAC;QAC1B+F,oBAAoB,EAAEpG,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;QACpDgF,qBAAqB,EAAEzF,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;QAC1CwF,qCAAqC,EAAE7F,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;QAC1DyF,gDAAgD,EAAE9F,CAAC,CAACc,KAAK,CACvDd,CAAC,CAACK,MAAM,CAAC,CACX,CAAC;QACDO,IAAI,EAAEZ,CAAC,CAACG,MAAM,CAAC;UAAEU,IAAI,EAAEb,CAAC,CAACc,KAAK,CAACf,GAAG;QAAE,CAAC;MACvC,CAAC,CAAC,CACDqE,WAAW,CAAC;IACjB,CAAC;EACH,CAAC;AACH,CAAC,CACH,CAAC;;AAED;;AAEA,OAAO,MAAMiC,mBAAmB,GAAGrG,CAAC,CAACkC,KAAK,CACxC,CACEgE,iCAAiC,EACjCxB,mCAAmC,EACnCD,8BAA8B,EAC9BwB,+BAA+B,CAChC,EACD;EACElE,WAAW,EAAE;AACf,CACF,CAAC;AAED,OAAO,MAAMuE,sBAAsB,GAAGtG,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC"}
+{"version":3,"names":["UnixTime","JWK","z","PresentationDefinition","TrustMark","object","id","string","trust_mark","RelyingPartyMetadata","application_type","optional","client_id","client_name","jwks","keys","array","contacts","presentation_definition","request_uris","authorization_signed_response_alg","authorization_encrypted_response_alg","authorization_encrypted_response_enc","CredentialDisplayMetadata","name","locale","CredentialIssuerDisplayMetadata","ClaimsMetadata","path","display","IssuanceErrorSupported","title","description","SupportedCredentialMetadata","intersection","discriminatedUnion","format","literal","vct","doctype","scope","claims","cryptographic_binding_methods_supported","credential_signing_alg_values_supported","authentic_source","issuance_errors_supported","record","EntityStatement","header","typ","alg","kid","payload","iss","sub","trust_marks","iat","number","exp","EntityConfigurationHeader","FederationEntityMetadata","federation_fetch_endpoint","federation_list_endpoint","federation_resolve_endpoint","federation_trust_mark_status_endpoint","federation_trust_mark_list_endpoint","federation_trust_mark_endpoint","federation_historical_keys_endpoint","endpoint_auth_signing_alg_values_supported","organization_name","homepage_uri","policy_uri","logo_uri","passthrough","BaseEntityConfiguration","authority_hints","metadata","federation_entity","TrustAnchorEntityConfiguration","CredentialIssuerEntityConfiguration","and","openid_credential_issuer","credential_issuer","credential_endpoint","revocation_endpoint","nonce_endpoint","status_attestation_endpoint","credential_configurations_supported","trust_frameworks_supported","evidence_supported","oauth_authorization_server","authorization_endpoint","pushed_authorization_request_endpoint","token_endpoint","client_registration_types_supported","code_challenge_methods_supported","acr_values_supported","grant_types_supported","issuer","scopes_supported","response_modes_supported","token_endpoint_auth_methods_supported","token_endpoint_auth_signing_alg_values_supported","request_object_signing_alg_values_supported","openid_credential_verifier","RelyingPartyEntityConfiguration","WalletProviderEntityConfiguration","wallet_provider","aal_values_supported","EntityConfiguration","union","FederationListResponse"],"sourceRoot":"../../../src","sources":["trust/types.ts"],"mappings":"AAAA,SAASA,QAAQ,QAAQ,iBAAiB;AAC1C,SAASC,GAAG,QAAQ,cAAc;AAClC,OAAO,KAAKC,CAAC,MAAM,KAAK;AACxB,SAASC,sBAAsB,QAAQ,kCAAkC;AAEzE,OAAO,MAAMC,SAAS,GAAGF,CAAC,CAACG,MAAM,CAAC;EAAEC,EAAE,EAAEJ,CAAC,CAACK,MAAM,CAAC,CAAC;EAAEC,UAAU,EAAEN,CAAC,CAACK,MAAM,CAAC;AAAE,CAAC,CAAC;AAG7E,MAAME,oBAAoB,GAAGP,CAAC,CAACG,MAAM,CAAC;EACpCK,gBAAgB,EAAER,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EACvCC,SAAS,EAAEV,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EAChCE,WAAW,EAAEX,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EAClCG,IAAI,EAAEZ,CAAC,CAACG,MAAM,CAAC;IAAEU,IAAI,EAAEb,CAAC,CAACc,KAAK,CAACf,GAAG;EAAE,CAAC,CAAC;EACtCgB,QAAQ,EAAEf,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EACxCO,uBAAuB,EAAEf,sBAAsB,CAACQ,QAAQ,CAAC,CAAC;EAC1DQ,YAAY,EAAEjB,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EAC5CS,iCAAiC,EAAElB,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EACxDU,oCAAoC,EAAEnB,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EAC3DW,oCAAoC,EAAEpB,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC;AAC5D,CAAC,CAAC;;AAEF;AACA;AAEA,MAAMY,yBAAyB,GAAGrB,CAAC,CAACG,MAAM,CAAC;EACzCmB,IAAI,EAAEtB,CAAC,CAACK,MAAM,CAAC,CAAC;EAChBkB,MAAM,EAAEvB,CAAC,CAACK,MAAM,CAAC;AACnB,CAAC,CAAC;;AAEF;;AAIA,MAAMmB,+BAA+B,GAAGxB,CAAC,CAACG,MAAM,CAAC;EAC/CmB,IAAI,EAAEtB,CAAC,CAACK,MAAM,CAAC,CAAC;EAChBkB,MAAM,EAAEvB,CAAC,CAACK,MAAM,CAAC;AACnB,CAAC,CAAC;AAGF,MAAMoB,cAAc,GAAGzB,CAAC,CAACG,MAAM,CAAC;EAC9BuB,IAAI,EAAE1B,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;EACzBsB,OAAO,EAAE3B,CAAC,CAACc,KAAK,CAACO,yBAAyB;AAC5C,CAAC,CAAC;AAGF,MAAMO,sBAAsB,GAAG5B,CAAC,CAACG,MAAM,CAAC;EACtCwB,OAAO,EAAE3B,CAAC,CAACc,KAAK,CACdd,CAAC,CAACG,MAAM,CAAC;IACP0B,KAAK,EAAE7B,CAAC,CAACK,MAAM,CAAC,CAAC;IACjByB,WAAW,EAAE9B,CAAC,CAACK,MAAM,CAAC,CAAC;IACvBkB,MAAM,EAAEvB,CAAC,CAACK,MAAM,CAAC;EACnB,CAAC,CACH;AACF,CAAC,CAAC;;AAEF;;AAEA,MAAM0B,2BAA2B,GAAG/B,CAAC,CAACgC,YAAY,CAChDhC,CAAC,CAACiC,kBAAkB,CAAC,QAAQ,EAAE,CAC7BjC,CAAC,CAACG,MAAM,CAAC;EAAE+B,MAAM,EAAElC,CAAC,CAACmC,OAAO,CAAC,WAAW,CAAC;EAAEC,GAAG,EAAEpC,CAAC,CAACK,MAAM,CAAC;AAAE,CAAC,CAAC,EAC7DL,CAAC,CAACG,MAAM,CAAC;EAAE+B,MAAM,EAAElC,CAAC,CAACmC,OAAO,CAAC,UAAU,CAAC;EAAEE,OAAO,EAAErC,CAAC,CAACK,MAAM,CAAC;AAAE,CAAC,CAAC,CACjE,CAAC,EACFL,CAAC,CAACG,MAAM,CAAC;EACPmC,KAAK,EAAEtC,CAAC,CAACK,MAAM,CAAC,CAAC;EACjBsB,OAAO,EAAE3B,CAAC,CAACc,KAAK,CAACO,yBAAyB,CAAC;EAC3CkB,MAAM,EAAEvC,CAAC,CAACc,KAAK,CAACW,cAAc,CAAC;EAC/Be,uCAAuC,EAAExC,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;EAC5DoC,uCAAuC,EAAEzC,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;EAC5DqC,gBAAgB,EAAE1C,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EACvCkC,yBAAyB,EAAE3C,CAAC,CAAC4C,MAAM,CAAChB,sBAAsB,CAAC,CAACnB,QAAQ,CAAC;AACvE,CAAC,CACH,CAAC;AAGD,OAAO,MAAMoC,eAAe,GAAG7C,CAAC,CAACG,MAAM,CAAC;EACtC2C,MAAM,EAAE9C,CAAC,CAACG,MAAM,CAAC;IACf4C,GAAG,EAAE/C,CAAC,CAACmC,OAAO,CAAC,sBAAsB,CAAC;IACtCa,GAAG,EAAEhD,CAAC,CAACK,MAAM,CAAC,CAAC;IACf4C,GAAG,EAAEjD,CAAC,CAACK,MAAM,CAAC;EAChB,CAAC,CAAC;EACF6C,OAAO,EAAElD,CAAC,CAACG,MAAM,CAAC;IAChBgD,GAAG,EAAEnD,CAAC,CAACK,MAAM,CAAC,CAAC;IACf+C,GAAG,EAAEpD,CAAC,CAACK,MAAM,CAAC,CAAC;IACfO,IAAI,EAAEZ,CAAC,CAACG,MAAM,CAAC;MAAEU,IAAI,EAAEb,CAAC,CAACc,KAAK,CAACf,GAAG;IAAE,CAAC,CAAC;IACtCsD,WAAW,EAAErD,CAAC,CAACc,KAAK,CAACZ,SAAS,CAAC,CAACO,QAAQ,CAAC,CAAC;IAC1C6C,GAAG,EAAEtD,CAAC,CAACuD,MAAM,CAAC,CAAC;IACfC,GAAG,EAAExD,CAAC,CAACuD,MAAM,CAAC;EAChB,CAAC;AACH,CAAC,CAAC;AAKF,OAAO,MAAME,yBAAyB,GAAGzD,CAAC,CAACG,MAAM,CAAC;EAChD4C,GAAG,EAAE/C,CAAC,CAACmC,OAAO,CAAC,sBAAsB,CAAC;EACtCa,GAAG,EAAEhD,CAAC,CAACK,MAAM,CAAC,CAAC;EACf4C,GAAG,EAAEjD,CAAC,CAACK,MAAM,CAAC;AAChB,CAAC,CAAC;;AAEF;AACA;AACA;AACA,MAAMqD,wBAAwB,GAAG1D,CAAC,CAC/BG,MAAM,CAAC;EACNwD,yBAAyB,EAAE3D,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EAChDmD,wBAAwB,EAAE5D,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EAC/CoD,2BAA2B,EAAE7D,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EAClDqD,qCAAqC,EAAE9D,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EAC5DsD,mCAAmC,EAAE/D,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EAC1DuD,8BAA8B,EAAEhE,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EACrDwD,mCAAmC,EAAEjE,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EAC1DyD,0CAA0C,EAAElE,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EACjE0D,iBAAiB,EAAEnE,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EACxC2D,YAAY,EAAEpE,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EACnC4D,UAAU,EAAErE,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EACjC6D,QAAQ,EAAEtE,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;EAC/BM,QAAQ,EAAEf,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC,CAACI,QAAQ,CAAC;AACzC,CAAC,CAAC,CACD8D,WAAW,CAAC,CAAC;;AAEhB;AACA,MAAMC,uBAAuB,GAAGxE,CAAC,CAACG,MAAM,CAAC;EACvC2C,MAAM,EAAEW,yBAAyB;EACjCP,OAAO,EAAElD,CAAC,CACPG,MAAM,CAAC;IACNgD,GAAG,EAAEnD,CAAC,CAACK,MAAM,CAAC,CAAC;IACf+C,GAAG,EAAEpD,CAAC,CAACK,MAAM,CAAC,CAAC;IACfiD,GAAG,EAAExD,QAAQ;IACb0D,GAAG,EAAE1D,QAAQ;IACb2E,eAAe,EAAEzE,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;IAC/CiE,QAAQ,EAAE1E,CAAC,CACRG,MAAM,CAAC;MACNwE,iBAAiB,EAAEjB;IACrB,CAAC,CAAC,CACDa,WAAW,CAAC,CAAC;IAChB3D,IAAI,EAAEZ,CAAC,CAACG,MAAM,CAAC;MACbU,IAAI,EAAEb,CAAC,CAACc,KAAK,CAACf,GAAG;IACnB,CAAC;EACH,CAAC,CAAC,CACDwE,WAAW,CAAC;AACjB,CAAC,CAAC;;AAEF;;AAIA,OAAO,MAAMK,8BAA8B,GAAGJ,uBAAuB;;AAErE;;AAIA,OAAO,MAAMK,mCAAmC,GAAGL,uBAAuB,CAACM,GAAG,CAC5E9E,CAAC,CAACG,MAAM,CAAC;EACP+C,OAAO,EAAElD,CAAC,CAACG,MAAM,CAAC;IAChBS,IAAI,EAAEZ,CAAC,CAACG,MAAM,CAAC;MAAEU,IAAI,EAAEb,CAAC,CAACc,KAAK,CAACf,GAAG;IAAE,CAAC,CAAC;IACtC2E,QAAQ,EAAE1E,CAAC,CAACG,MAAM,CAAC;MACjB4E,wBAAwB,EAAE/E,CAAC,CAACG,MAAM,CAAC;QACjC6E,iBAAiB,EAAEhF,CAAC,CAACK,MAAM,CAAC,CAAC;QAC7B4E,mBAAmB,EAAEjF,CAAC,CAACK,MAAM,CAAC,CAAC;QAC/B6E,mBAAmB,EAAElF,CAAC,CAACK,MAAM,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;QAC1C0E,cAAc,EAAEnF,CAAC,CAACK,MAAM,CAAC,CAAC;QAC1B+E,2BAA2B,EAAEpF,CAAC,CAACK,MAAM,CAAC,CAAC;QACvCsB,OAAO,EAAE3B,CAAC,CAACc,KAAK,CAACU,+BAA+B,CAAC;QACjD6D,mCAAmC,EAAErF,CAAC,CAAC4C,MAAM,CAC3Cb,2BACF,CAAC;QACDnB,IAAI,EAAEZ,CAAC,CAACG,MAAM,CAAC;UAAEU,IAAI,EAAEb,CAAC,CAACc,KAAK,CAACf,GAAG;QAAE,CAAC,CAAC;QACtCuF,0BAA0B,EAAEtF,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;QAC/CkF,kBAAkB,EAAEvF,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC;MACxC,CAAC,CAAC;MACFmF,0BAA0B,EAAExF,CAAC,CAACG,MAAM,CAAC;QACnCsF,sBAAsB,EAAEzF,CAAC,CAACK,MAAM,CAAC,CAAC;QAClCqF,qCAAqC,EAAE1F,CAAC,CAACK,MAAM,CAAC,CAAC;QACjDsF,cAAc,EAAE3F,CAAC,CAACK,MAAM,CAAC,CAAC;QAC1BuF,mCAAmC,EAAE5F,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;QACxDwF,gCAAgC,EAAE7F,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;QACrDyF,oBAAoB,EAAE9F,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;QACzC0F,qBAAqB,EAAE/F,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;QAC1C2F,MAAM,EAAEhG,CAAC,CAACK,MAAM,CAAC,CAAC;QAClBO,IAAI,EAAEZ,CAAC,CAACG,MAAM,CAAC;UAAEU,IAAI,EAAEb,CAAC,CAACc,KAAK,CAACf,GAAG;QAAE,CAAC,CAAC;QACtCkG,gBAAgB,EAAEjG,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;QACrC6F,wBAAwB,EAAElG,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;QAC7C8F,qCAAqC,EAAEnG,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;QAC1D+F,gDAAgD,EAAEpG,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;QACrEgG,2CAA2C,EAAErG,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC;MACjE,CAAC,CAAC;MACF;AACR;AACA;AACA;MACQiG,0BAA0B,EAAE/F,oBAAoB,CAACE,QAAQ,CAAC;IAC5D,CAAC;EACH,CAAC;AACH,CAAC,CACH,CAAC;;AAED;;AAIA,OAAO,MAAM8F,+BAA+B,GAAG/B,uBAAuB,CAACM,GAAG,CACxE9E,CAAC,CAACG,MAAM,CAAC;EACP+C,OAAO,EAAElD,CAAC,CAACG,MAAM,CAAC;IAChBuE,QAAQ,EAAE1E,CAAC,CAACG,MAAM,CAAC;MACjBmG,0BAA0B,EAAE/F;IAC9B,CAAC;EACH,CAAC;AACH,CAAC,CACH,CAAC;;AAED;;AAIA,OAAO,MAAMiG,iCAAiC,GAAGhC,uBAAuB,CAACM,GAAG,CAC1E9E,CAAC,CAACG,MAAM,CAAC;EACP+C,OAAO,EAAElD,CAAC,CAACG,MAAM,CAAC;IAChBuE,QAAQ,EAAE1E,CAAC,CAACG,MAAM,CAAC;MACjBsG,eAAe,EAAEzG,CAAC,CACfG,MAAM,CAAC;QACNwF,cAAc,EAAE3F,CAAC,CAACK,MAAM,CAAC,CAAC;QAC1BqG,oBAAoB,EAAE1G,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC,CAACI,QAAQ,CAAC,CAAC;QACpDsF,qBAAqB,EAAE/F,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;QAC1C8F,qCAAqC,EAAEnG,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC;QAC1D+F,gDAAgD,EAAEpG,CAAC,CAACc,KAAK,CACvDd,CAAC,CAACK,MAAM,CAAC,CACX,CAAC;QACDO,IAAI,EAAEZ,CAAC,CAACG,MAAM,CAAC;UAAEU,IAAI,EAAEb,CAAC,CAACc,KAAK,CAACf,GAAG;QAAE,CAAC;MACvC,CAAC,CAAC,CACDwE,WAAW,CAAC;IACjB,CAAC;EACH,CAAC;AACH,CAAC,CACH,CAAC;;AAED;;AAEA,OAAO,MAAMoC,mBAAmB,GAAG3G,CAAC,CAAC4G,KAAK,CACxC,CACEJ,iCAAiC,EACjC3B,mCAAmC,EACnCD,8BAA8B,EAC9B2B,+BAA+B,CAChC,EACD;EACEzE,WAAW,EAAE;AACf,CACF,CAAC;AAED,OAAO,MAAM+E,sBAAsB,GAAG7G,CAAC,CAACc,KAAK,CAACd,CAAC,CAACK,MAAM,CAAC,CAAC,CAAC"}

package/lib/module/utils/par.js

@@ -7,12 +7,14 @@ import { createPopToken } from "./pop";
 import { IssuerResponseError } from "./errors";
 import { LogLevel, Logger } from "./logging";
 export const AuthorizationDetail = z.object({
-  credential_configuration_id: z.string(),
-  format: z.union([z.literal("vc+sd-jwt"), z.literal("vc+mdoc-cbor")]),
-  type: z.literal("openid_credential")
+  type: z.literal("openid_credential"),
+  credential_configuration_id: z.string()
 });
 export const AuthorizationDetails = z.array(AuthorizationDetail);
-
+export const ParResponse = z.object({
+  request_uri: z.string(),
+  expires_in: z.number()
+});
 /**
  * Make a PAR request to the issuer and return the response url
  */
@@ -21,10 +23,17 @@ export const makeParRequest = _ref => {
     wiaCryptoContext,
     appFetch
   } = _ref;
-  return async (clientId, codeVerifier, redirectUri, responseMode, parEndpoint, walletInstanceAttestation, authorizationDetails, assertionType) => {
+  return async (parEndpoint, walletInstanceAttestation, _ref2) => {
+    let {
+      codeVerifier,
+      responseMode,
+      clientId,
+      redirectUri,
+      authorizationDetails,
+      scope,
+      aud
+    } = _ref2;
     const wiaPublicKey = await wiaCryptoContext.getPublicKey();
-    const parUrl = new URL(parEndpoint);
-    const aud = `${parUrl.protocol}//${parUrl.hostname}`;
     const iss = WalletInstanceAttestation.decode(walletInstanceAttestation).payload.cnf.jwk.kid;
     const signedWiaPoP = await createPopToken({
       jti: `${uuidv4()}`,
@@ -43,7 +52,7 @@ export const makeParRequest = _ref => {
         with the it will ship the Wallet Instance Attestation.
         The key is matched by its kid */
     const signedJwtForPar = await new SignJWT(wiaCryptoContext).setProtectedHeader({
-      typ: "jwk",
+      typ: "jwt",
       kid: wiaPublicKey.kid
     }).setPayload({
       jti: `${uuidv4()}`,
@@ -55,31 +64,31 @@ export const makeParRequest = _ref => {
       state: generateRandomAlphaNumericString(32),
       code_challenge: codeChallenge,
       code_challenge_method: codeChallengeMethod,
-      authorization_details: authorizationDetails,
       redirect_uri: redirectUri,
-      client_assertion_type: assertionType,
-      client_assertion: walletInstanceAttestation + "~" + signedWiaPoP
-    }).setIssuedAt() //iat is set to now
+      ...(authorizationDetails && {
+        authorization_details: authorizationDetails
+      }),
+      ...(scope && {
+        scope
+      })
+    }).setIssuedAt() // iat is set to now
     .setExpirationTime("5min").sign();
 
     /** The request body for the Pushed Authorization Request */
     var formBody = new URLSearchParams({
-      response_type: "code",
       client_id: clientId,
-      code_challenge: codeChallenge,
-      code_challenge_method: "S256",
-      request: signedJwtForPar,
-      client_assertion_type: assertionType,
-      client_assertion: walletInstanceAttestation + "~" + signedWiaPoP
+      request: signedJwtForPar
     });
     Logger.log(LogLevel.DEBUG, `Sending to PAR endpoint ${parEndpoint}: ${formBody}`);
     return await appFetch(parEndpoint, {
       method: "POST",
       headers: {
-        "Content-Type": "application/x-www-form-urlencoded"
+        "Content-Type": "application/x-www-form-urlencoded",
+        "OAuth-Client-Attestation": walletInstanceAttestation,
+        "OAuth-Client-Attestation-PoP": signedWiaPoP
       },
       body: formBody.toString()
-    }).then(hasStatusOrThrow(201, IssuerResponseError)).then(res => res.json()).then(result => result.request_uri);
+    }).then(hasStatusOrThrow(201, IssuerResponseError)).then(res => res.json()).then(ParResponse.parse).then(result => result.request_uri);
   };
 };
 //# sourceMappingURL=par.js.map