@pagopa/io-react-native-wallet 2.0.0-next.3 → 2.0.0-next.5

package/lib/module/credential/status/README.md

@@ -1,16 +1,16 @@
-# Credential Status Attestation
+# Credential Status Assertion
 
-This flow is used to obtain a credential status attestation from its credential issuer. Each step in the flow is imported from the related file which is named with a sequential number.
-The credential status attestation is a JWT which contains the credential status which indicates if the credential is valid or not.
-The status attestation is supposed to be stored securely along with the credential. It has a limited lifetime and should be refreshed periodically according to the `exp` field in the JWT payload.
+This flow is used to obtain a credential status assertion from its credential issuer. Each step in the flow is imported from the related file which is named with a sequential number.
+The credential status assertion is a JWT which contains the credential status which indicates if the credential is valid or not (see [OAuth Status Assertions](https://italia.github.io/eid-wallet-it-docs/versione-corrente/en/credential-revocation.html#oauth-status-assertions)).
+The status assertion is supposed to be stored securely along with the credential. It has a limited lifetime and should be refreshed periodically according to the `exp` field in the JWT payload.
 
 ## Sequence Diagram
 
 ```mermaid
 graph TD;
     0[startFlow]
-    1[statusAttestation]
-    2[verifyAndParseStatusAttestation]
+    1[statusAssertion]
+    2[verifyAndParseStatusAssertion]
 
     0 --> 1
     1 --> 2
@@ -21,14 +21,14 @@ graph TD;
 
 The following errors are mapped to a `IssuerResponseError` with specific codes.
 
-|HTTP Status|Error Code|Description|
-|-----------|----------|-----------|
-|`404 Not Found`|`ERR_CREDENTIAL_INVALID_STATUS`|This response is returned by the credential issuer when the status attestation is invalid. It might contain more details in the `reason` property.|
+|Error Code|Description|
+|----------|-----------|
+|`ERR_CREDENTIAL_INVALID_STATUS`|This error is thrown when the status assertion for a given credential is invalid. It might contain more details in the `reason` property.|
 
 ## Example
 
 <details>
-  <summary>Credential status attestation flow</summary>
+  <summary>Credential status assertion flow</summary>
 
 ```ts
 // Start the issuance flow
@@ -42,24 +42,26 @@ const { issuerUrl } = startFlow();
 // Evaluate issuer trust
 const { issuerConf } = await Credential.Status.evaluateIssuerTrust(issuerUrl);
 
-// Get the credential attestation
-const res = await Credential.Status.statusAttestation(
+// Get the credential assertion
+const res = await Credential.Status.statusAssertion(
   issuerConf,
   credential,
-  credentialCryptoContext
+  format,
+  { credentialCryptoContext, wiaCryptoContext }
 );
 
-// Verify and parse the status attestation
-const { parsedStatusAttestation } =
-  await Credential.Status.verifyAndParseStatusAttestation(
+// Verify and parse the status assertion
+const { parsedStatusAssertion } =
+  await Credential.Status.verifyAndParseStatusAssertion(
     issuerConf,
-    res.statusAttestation,
-    { credentialCryptoContext }
+    res.statusAssertion,
+    credential,
+    format
   );
 
 return {
-  statusAttestation: res.statusAttestation,
-  parsedStatusAttestation,
+  statusAssertion: res.statusAssertion,
+  parsedStatusAssertion,
 };
 ```
 

package/lib/module/credential/status/index.js

@@ -1,5 +1,5 @@
-import { statusAttestation } from "./02-status-attestation";
+import { statusAssertion } from "./02-status-assertion";
 import { evaluateIssuerTrust } from "../issuance";
-import { verifyAndParseStatusAttestation } from "./03-verify-and-parse-status-attestation";
-export { evaluateIssuerTrust, statusAttestation, verifyAndParseStatusAttestation };
+import { verifyAndParseStatusAssertion } from "./03-verify-and-parse-status-assertion";
+export { evaluateIssuerTrust, statusAssertion, verifyAndParseStatusAssertion };
 //# sourceMappingURL=index.js.map

package/lib/module/credential/status/index.js.map

@@ -1 +1 @@
-{"version":3,"names":["statusAttestation","evaluateIssuerTrust","verifyAndParseStatusAttestation"],"sourceRoot":"../../../../src","sources":["credential/status/index.ts"],"mappings":"AACA,SACEA,iBAAiB,QAEZ,yBAAyB;AAChC,SAASC,mBAAmB,QAAkC,aAAa;AAC3E,SACEC,+BAA+B,QAE1B,0CAA0C;AAEjD,SACED,mBAAmB,EACnBD,iBAAiB,EACjBE,+BAA+B"}
+{"version":3,"names":["statusAssertion","evaluateIssuerTrust","verifyAndParseStatusAssertion"],"sourceRoot":"../../../../src","sources":["credential/status/index.ts"],"mappings":"AACA,SAASA,eAAe,QAA8B,uBAAuB;AAC7E,SAASC,mBAAmB,QAAkC,aAAa;AAC3E,SACEC,6BAA6B,QAExB,wCAAwC;AAE/C,SAASD,mBAAmB,EAAED,eAAe,EAAEE,6BAA6B"}

package/lib/module/credential/status/types.js

@@ -3,31 +3,33 @@ import { JWK } from "../../utils/jwk";
 import * as z from "zod";
 
 /**
- * Shape from parsing a status attestation response in case of 201.
+ * Shape from parsing a status assertion response in case of 201.
  */
-export const StatusAttestationResponse = z.object({
-  status_attestation: z.string()
+export const StatusAssertionResponse = z.object({
+  status_assertion_responses: z.array(z.string())
 });
 
 /**
- * Type from parsing a status attestation response in case of 201.
- * Inferred from {@link StatusAttestationResponse}.
+ * Type from parsing a status assertion response in case of 201.
+ * Inferred from {@link StatusAssertionResponse}.
  */
 
 /**
- * Type for a parsed status attestation.
+ * Shape for parsing a successful status assertion in a JWT.
  */
-
-/**
- * Shape for parsing a status attestation in a JWT.
- */
-export const ParsedStatusAttestation = z.object({
+export const ParsedStatusAssertion = z.object({
   header: z.object({
-    typ: z.literal("status-attestation+jwt"),
+    typ: z.literal("status-assertion+jwt"),
     alg: z.string(),
     kid: z.string().optional()
   }),
   payload: z.object({
+    iss: z.string(),
+    credential_status_type: z.string(),
+    credential_status_detail: z.object({
+      state: z.string(),
+      description: z.string()
+    }).optional(),
     credential_hash_alg: z.string(),
     credential_hash: z.string(),
     cnf: z.object({
@@ -37,4 +39,33 @@ export const ParsedStatusAttestation = z.object({
     iat: UnixTime
   })
 });
+/**
+ * The JWT that contains the errors occurred for the status assertion request.
+ * @see https://italia.github.io/eid-wallet-it-docs/versione-corrente/en/credential-revocation.html#http-status-assertion-response
+ */
+export const ParsedStatusAssertionError = z.object({
+  header: z.object({
+    typ: z.literal("status-assertion-error+jwt"),
+    alg: z.string(),
+    kid: z.string().optional()
+  }),
+  payload: z.object({
+    credential_hash_alg: z.string(),
+    credential_hash: z.string(),
+    error: z.string(),
+    error_description: z.string()
+  })
+});
+
+/**
+ * The status assertion response that might include either a successful assertion or an error
+ */
+
+export const ParsedStatusAssertionResponse = z.union([ParsedStatusAssertion, ParsedStatusAssertionError]);
+export let StatusType = /*#__PURE__*/function (StatusType) {
+  StatusType["VALID"] = "0x00";
+  StatusType["INVALID"] = "0x01";
+  StatusType["SUSPENDED"] = "0x02";
+  return StatusType;
+}({});
 //# sourceMappingURL=types.js.map

package/lib/module/credential/status/types.js.map

@@ -1 +1 @@
-{"version":3,"names":["UnixTime","JWK","z","StatusAttestationResponse","object","status_attestation","string","ParsedStatusAttestation","header","typ","literal","alg","kid","optional","payload","credential_hash_alg","credential_hash","cnf","jwk","exp","iat"],"sourceRoot":"../../../../src","sources":["credential/status/types.ts"],"mappings":"AAAA,SAASA,QAAQ,QAAQ,oBAAoB;AAC7C,SAASC,GAAG,QAAQ,iBAAiB;AACrC,OAAO,KAAKC,CAAC,MAAM,KAAK;;AAExB;AACA;AACA;AACA,OAAO,MAAMC,yBAAyB,GAAGD,CAAC,CAACE,MAAM,CAAC;EAChDC,kBAAkB,EAAEH,CAAC,CAACI,MAAM,CAAC;AAC/B,CAAC,CAAC;;AAEF;AACA;AACA;AACA;;AAKA;AACA;AACA;;AAGA;AACA;AACA;AACA,OAAO,MAAMC,uBAAuB,GAAGL,CAAC,CAACE,MAAM,CAAC;EAC9CI,MAAM,EAAEN,CAAC,CAACE,MAAM,CAAC;IACfK,GAAG,EAAEP,CAAC,CAACQ,OAAO,CAAC,wBAAwB,CAAC;IACxCC,GAAG,EAAET,CAAC,CAACI,MAAM,CAAC,CAAC;IACfM,GAAG,EAAEV,CAAC,CAACI,MAAM,CAAC,CAAC,CAACO,QAAQ,CAAC;EAC3B,CAAC,CAAC;EACFC,OAAO,EAAEZ,CAAC,CAACE,MAAM,CAAC;IAChBW,mBAAmB,EAAEb,CAAC,CAACI,MAAM,CAAC,CAAC;IAC/BU,eAAe,EAAEd,CAAC,CAACI,MAAM,CAAC,CAAC;IAC3BW,GAAG,EAAEf,CAAC,CAACE,MAAM,CAAC;MACZc,GAAG,EAAEjB;IACP,CAAC,CAAC;IACFkB,GAAG,EAAEnB,QAAQ;IACboB,GAAG,EAAEpB;EACP,CAAC;AACH,CAAC,CAAC"}
+{"version":3,"names":["UnixTime","JWK","z","StatusAssertionResponse","object","status_assertion_responses","array","string","ParsedStatusAssertion","header","typ","literal","alg","kid","optional","payload","iss","credential_status_type","credential_status_detail","state","description","credential_hash_alg","credential_hash","cnf","jwk","exp","iat","ParsedStatusAssertionError","error","error_description","ParsedStatusAssertionResponse","union","StatusType"],"sourceRoot":"../../../../src","sources":["credential/status/types.ts"],"mappings":"AAAA,SAASA,QAAQ,QAAQ,oBAAoB;AAC7C,SAASC,GAAG,QAAQ,iBAAiB;AACrC,OAAO,KAAKC,CAAC,MAAM,KAAK;;AAExB;AACA;AACA;AACA,OAAO,MAAMC,uBAAuB,GAAGD,CAAC,CAACE,MAAM,CAAC;EAC9CC,0BAA0B,EAAEH,CAAC,CAACI,KAAK,CAACJ,CAAC,CAACK,MAAM,CAAC,CAAC;AAChD,CAAC,CAAC;;AAEF;AACA;AACA;AACA;;AAKA;AACA;AACA;AACA,OAAO,MAAMC,qBAAqB,GAAGN,CAAC,CAACE,MAAM,CAAC;EAC5CK,MAAM,EAAEP,CAAC,CAACE,MAAM,CAAC;IACfM,GAAG,EAAER,CAAC,CAACS,OAAO,CAAC,sBAAsB,CAAC;IACtCC,GAAG,EAAEV,CAAC,CAACK,MAAM,CAAC,CAAC;IACfM,GAAG,EAAEX,CAAC,CAACK,MAAM,CAAC,CAAC,CAACO,QAAQ,CAAC;EAC3B,CAAC,CAAC;EACFC,OAAO,EAAEb,CAAC,CAACE,MAAM,CAAC;IAChBY,GAAG,EAAEd,CAAC,CAACK,MAAM,CAAC,CAAC;IACfU,sBAAsB,EAAEf,CAAC,CAACK,MAAM,CAAC,CAAC;IAClCW,wBAAwB,EAAEhB,CAAC,CACxBE,MAAM,CAAC;MACNe,KAAK,EAAEjB,CAAC,CAACK,MAAM,CAAC,CAAC;MACjBa,WAAW,EAAElB,CAAC,CAACK,MAAM,CAAC;IACxB,CAAC,CAAC,CACDO,QAAQ,CAAC,CAAC;IACbO,mBAAmB,EAAEnB,CAAC,CAACK,MAAM,CAAC,CAAC;IAC/Be,eAAe,EAAEpB,CAAC,CAACK,MAAM,CAAC,CAAC;IAC3BgB,GAAG,EAAErB,CAAC,CAACE,MAAM,CAAC;MACZoB,GAAG,EAAEvB;IACP,CAAC,CAAC;IACFwB,GAAG,EAAEzB,QAAQ;IACb0B,GAAG,EAAE1B;EACP,CAAC;AACH,CAAC,CAAC;AAMF;AACA;AACA;AACA;AACA,OAAO,MAAM2B,0BAA0B,GAAGzB,CAAC,CAACE,MAAM,CAAC;EACjDK,MAAM,EAAEP,CAAC,CAACE,MAAM,CAAC;IACfM,GAAG,EAAER,CAAC,CAACS,OAAO,CAAC,4BAA4B,CAAC;IAC5CC,GAAG,EAAEV,CAAC,CAACK,MAAM,CAAC,CAAC;IACfM,GAAG,EAAEX,CAAC,CAACK,MAAM,CAAC,CAAC,CAACO,QAAQ,CAAC;EAC3B,CAAC,CAAC;EACFC,OAAO,EAAEb,CAAC,CAACE,MAAM,CAAC;IAChBiB,mBAAmB,EAAEnB,CAAC,CAACK,MAAM,CAAC,CAAC;IAC/Be,eAAe,EAAEpB,CAAC,CAACK,MAAM,CAAC,CAAC;IAC3BqB,KAAK,EAAE1B,CAAC,CAACK,MAAM,CAAC,CAAC;IACjBsB,iBAAiB,EAAE3B,CAAC,CAACK,MAAM,CAAC;EAC9B,CAAC;AACH,CAAC,CAAC;;AAEF;AACA;AACA;;AAIA,OAAO,MAAMuB,6BAA6B,GAAG5B,CAAC,CAAC6B,KAAK,CAAC,CACnDvB,qBAAqB,EACrBmB,0BAA0B,CAC3B,CAAC;AAEF,WAAYK,UAAU,0BAAVA,UAAU;EAAVA,UAAU;EAAVA,UAAU;EAAVA,UAAU;EAAA,OAAVA,UAAU;AAAA"}

package/lib/module/sd-jwt/index.js

@@ -103,7 +103,12 @@ export const disclose = async (token, claims) => {
     }
     throw new Errors.ClaimsNotFoundInToken(claim);
   }));
-  const filteredDisclosures = rawDisclosures.filter(d => {
+
+  // The disclosures in the new SD-JWT aligned with version 1.0
+  // include a trailing "~" character.
+  // To avoid parsing errors, it is necessary to filter the array
+  // to remove any empty strings
+  const filteredDisclosures = rawDisclosures.filter(Boolean).filter(d => {
     const {
       decoded: [, name]
     } = decodeDisclosure(d);

package/lib/module/sd-jwt/index.js.map

@@ -1 +1 @@
-{"version":3,"names":["decode","decodeJwt","verify","verifyJwt","SignJWT","sha256ToBase64","Disclosure","SdJwt4VC","verifyDisclosure","Errors","Base64","decodeDisclosure","encoded","utf8String","decoded","parse","JSON","token","customSchema","slice","rawSdJwt","rawDisclosures","split","decodedJwt","parser","sdJwt","header","protectedHeader","payload","disclosures","map","disclose","claims","paths","Promise","all","claim","disclosure","find","_ref","name","ClaimsNotFoundBetweenDisclosures","hash","_sd","includes","index","indexOf","path","ClaimsNotFoundInToken","filteredDisclosures","filter","d","disclosedToken","join","publicKey","prepareVpToken","nonce","client_id","_ref2","verifiableCredential","requestedClaims","cryptoContext","vp","sd_hash","kbJwt","setProtectedHeader","typ","alg","setPayload","setAudience","setIssuedAt","sign","vp_token"],"sourceRoot":"../../../src","sources":["sd-jwt/index.ts"],"mappings":"AAEA,SAASA,MAAM,IAAIC,SAAS,QAAQ,6BAA6B;AACjE,SAASC,MAAM,IAAIC,SAAS,QAAQ,6BAA6B;AACjE,SAASC,OAAO,EAAEC,cAAc,QAAQ,6BAA6B;AACrE,SAASC,UAAU,EAAEC,QAAQ,QAAoC,SAAS;AAC1E,SAASC,gBAAgB,QAAQ,YAAY;AAE7C,OAAO,KAAKC,MAAM,MAAM,UAAU;AAClC,SAASC,MAAM,QAAQ,WAAW;AAGlC,cAAc,SAAS;AAEvB,MAAMC,gBAAgB,GAAIC,OAAe,IAA4B;EACnE,MAAMC,UAAU,GAAGH,MAAM,CAACV,MAAM,CAACY,OAAO,CAAC,CAAC,CAAC;EAC3C,MAAME,OAAO,GAAGR,UAAU,CAACS,KAAK,CAACC,IAAI,CAACD,KAAK,CAACF,UAAU,CAAC,CAAC;EACxD,OAAO;IAAEC,OAAO;IAAEF;EAAQ,CAAC;AAC7B,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMZ,MAAM,GAAGA,CACpBiB,KAAa,EACbC,YAAgB,KAIb;EACH;EACA,IAAID,KAAK,CAACE,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE;IAC3BF,KAAK,GAAGA,KAAK,CAACE,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;EAC5B;EACA,MAAM,CAACC,QAAQ,GAAG,EAAE,EAAE,GAAGC,cAAc,CAAC,GAAGJ,KAAK,CAACK,KAAK,CAAC,GAAG,CAAC;;EAE3D;EACA;EACA,MAAMC,UAAU,GAAGtB,SAAS,CAACmB,QAAQ,CAAC;;EAEtC;EACA,MAAMI,MAAM,GAAGN,YAAY,IAAIX,QAAQ;EAEvC,MAAMkB,KAAK,GAAGD,MAAM,CAACT,KAAK,CAAC;IACzBW,MAAM,EAAEH,UAAU,CAACI,eAAe;IAClCC,OAAO,EAAEL,UAAU,CAACK;EACtB,CAAC,CAAC;;EAEF;EACA;EACA;EACA,MAAMC,WAAW,GAAGR,cAAc,CAACS,GAAG,CAACnB,gBAAgB,CAAC;EAExD,OAAO;IAAEc,KAAK;IAAEI;EAAY,CAAC;AAC/B,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAME,QAAQ,GAAG,MAAAA,CACtBd,KAAa,EACbe,MAAgB,KACyD;EACzE,MAAM,CAACZ,QAAQ,EAAE,GAAGC,cAAc,CAAC,GAAGJ,KAAK,CAACK,KAAK,CAAC,GAAG,CAAC;EACtD,MAAM;IAAEG,KAAK;IAAEI;EAAY,CAAC,GAAG7B,MAAM,CAACiB,KAAK,EAAEV,QAAQ,CAAC;;EAEtD;EACA,MAAM0B,KAAK,GAAG,MAAMC,OAAO,CAACC,GAAG,CAC7BH,MAAM,CAACF,GAAG,CAAC,MAAOM,KAAK,IAAK;IAC1B,MAAMC,UAAU,GAAGR,WAAW,CAACS,IAAI,CACjCC,IAAA;MAAA,IAAC;QAAEzB,OAAO,EAAE,GAAG0B,IAAI;MAAE,CAAC,GAAAD,IAAA;MAAA,OAAKC,IAAI,KAAKJ,KAAK;IAAA,CAC3C,CAAC;;IAED;IACA,IAAI,CAACC,UAAU,EAAE;MACf,MAAM,IAAI5B,MAAM,CAACgC,gCAAgC,CAACL,KAAK,CAAC;IAC1D;IAEA,MAAMM,IAAI,GAAG,MAAMrC,cAAc,CAACgC,UAAU,CAACzB,OAAO,CAAC;;IAErD;IACA;IACA,IAAIa,KAAK,CAACG,OAAO,CAACe,GAAG,CAACC,QAAQ,CAACF,IAAI,CAAC,EAAE;MACpC,MAAMG,KAAK,GAAGpB,KAAK,CAACG,OAAO,CAACe,GAAG,CAACG,OAAO,CAACJ,IAAI,CAAC;MAC7C,OAAO;QAAEN,KAAK;QAAEW,IAAI,EAAG,8BAA6BF,KAAM;MAAG,CAAC;IAChE;IAEA,MAAM,IAAIpC,MAAM,CAACuC,qBAAqB,CAACZ,KAAK,CAAC;EAC/C,CAAC,CACH,CAAC;EAED,MAAMa,mBAAmB,GAAG5B,cAAc,CAAC6B,MAAM,CAAEC,CAAC,IAAK;IACvD,MAAM;MACJrC,OAAO,EAAE,GAAG0B,IAAI;IAClB,CAAC,GAAG7B,gBAAgB,CAACwC,CAAC,CAAC;IACvB,OAAOnB,MAAM,CAACY,QAAQ,CAACJ,IAAI,CAAC;EAC9B,CAAC,CAAC;;EAEF;EACA,MAAMY,cAAc,GAAG,CAAChC,QAAQ,EAAE,GAAG6B,mBAAmB,CAAC,CAACI,IAAI,CAAC,GAAG,CAAC;EAEnE,OAAO;IAAEpC,KAAK,EAAEmC,cAAc;IAAEnB;EAAM,CAAC;AACzC,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAM/B,MAAM,GAAG,MAAAA,CACpBe,KAAa,EACbqC,SAAsB,EACtBpC,YAAgB,KAC8C;EAC9D;EACA,MAAM,CAACE,QAAQ,GAAG,EAAE,CAAC,GAAGH,KAAK,CAACK,KAAK,CAAC,GAAG,CAAC;EACxC,MAAMR,OAAO,GAAGd,MAAM,CAACiB,KAAK,EAAEC,YAAY,CAAC;;EAE3C;EACA,MAAMf,SAAS,CAACiB,QAAQ,EAAEkC,SAAS,CAAC;;EAEpC;EACA,MAAMtB,MAAM,GAAG,CAAC,GAAGlB,OAAO,CAACW,KAAK,CAACG,OAAO,CAACe,GAAG,CAAC;EAE7C,MAAMT,OAAO,CAACC,GAAG,CACfrB,OAAO,CAACe,WAAW,CAACC,GAAG,CACrB,MAAOO,UAAU,IAAK,MAAM7B,gBAAgB,CAAC6B,UAAU,EAAEL,MAAM,CACjE,CACF,CAAC;EAED,OAAO;IACLP,KAAK,EAAEX,OAAO,CAACW,KAAK;IACpBI,WAAW,EAAEf,OAAO,CAACe,WAAW,CAACC,GAAG,CAAEqB,CAAC,IAAKA,CAAC,CAACrC,OAAO;EACvD,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMyC,cAAc,GAAG,MAAAA,CAC5BC,KAAa,EACbC,SAAiB,EAAAC,KAAA,KAIb;EAAA,IAHJ,CAACC,oBAAoB,EAAEC,eAAe,EAAEC,aAAa,CAAe,GAAAH,KAAA;EAIpE;EACA,MAAM;IAAEzC,KAAK,EAAE6C;EAAG,CAAC,GAAG,MAAM/B,QAAQ,CAAC4B,oBAAoB,EAAEC,eAAe,CAAC;;EAE3E;EACA,MAAMG,OAAO,GAAG,MAAM1D,cAAc,CAAE,GAAEyD,EAAG,GAAE,CAAC;EAE9C,MAAME,KAAK,GAAG,MAAM,IAAI5D,OAAO,CAACyD,aAAa,CAAC,CAC3CI,kBAAkB,CAAC;IAClBC,GAAG,EAAE,QAAQ;IACbC,GAAG,EAAE;EACP,CAAC,CAAC,CACDC,UAAU,CAAC;IACVL,OAAO;IACPP,KAAK,EAAEA;EACT,CAAC,CAAC,CACDa,WAAW,CAACZ,SAAS,CAAC,CACtBa,WAAW,CAAC,CAAC,CACbC,IAAI,CAAC,CAAC;;EAET;EACA,MAAMC,QAAQ,GAAG,CAACV,EAAE,EAAEE,KAAK,CAAC,CAACX,IAAI,CAAC,GAAG,CAAC;EAEtC,OAAO;IAAEmB;EAAS,CAAC;AACrB,CAAC;AAED,SAASjE,QAAQ,EAAEE,MAAM"}
+{"version":3,"names":["decode","decodeJwt","verify","verifyJwt","SignJWT","sha256ToBase64","Disclosure","SdJwt4VC","verifyDisclosure","Errors","Base64","decodeDisclosure","encoded","utf8String","decoded","parse","JSON","token","customSchema","slice","rawSdJwt","rawDisclosures","split","decodedJwt","parser","sdJwt","header","protectedHeader","payload","disclosures","map","disclose","claims","paths","Promise","all","claim","disclosure","find","_ref","name","ClaimsNotFoundBetweenDisclosures","hash","_sd","includes","index","indexOf","path","ClaimsNotFoundInToken","filteredDisclosures","filter","Boolean","d","disclosedToken","join","publicKey","prepareVpToken","nonce","client_id","_ref2","verifiableCredential","requestedClaims","cryptoContext","vp","sd_hash","kbJwt","setProtectedHeader","typ","alg","setPayload","setAudience","setIssuedAt","sign","vp_token"],"sourceRoot":"../../../src","sources":["sd-jwt/index.ts"],"mappings":"AAEA,SAASA,MAAM,IAAIC,SAAS,QAAQ,6BAA6B;AACjE,SAASC,MAAM,IAAIC,SAAS,QAAQ,6BAA6B;AACjE,SAASC,OAAO,EAAEC,cAAc,QAAQ,6BAA6B;AACrE,SAASC,UAAU,EAAEC,QAAQ,QAAoC,SAAS;AAC1E,SAASC,gBAAgB,QAAQ,YAAY;AAE7C,OAAO,KAAKC,MAAM,MAAM,UAAU;AAClC,SAASC,MAAM,QAAQ,WAAW;AAGlC,cAAc,SAAS;AAEvB,MAAMC,gBAAgB,GAAIC,OAAe,IAA4B;EACnE,MAAMC,UAAU,GAAGH,MAAM,CAACV,MAAM,CAACY,OAAO,CAAC,CAAC,CAAC;EAC3C,MAAME,OAAO,GAAGR,UAAU,CAACS,KAAK,CAACC,IAAI,CAACD,KAAK,CAACF,UAAU,CAAC,CAAC;EACxD,OAAO;IAAEC,OAAO;IAAEF;EAAQ,CAAC;AAC7B,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMZ,MAAM,GAAGA,CACpBiB,KAAa,EACbC,YAAgB,KAIb;EACH;EACA,IAAID,KAAK,CAACE,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE;IAC3BF,KAAK,GAAGA,KAAK,CAACE,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;EAC5B;EACA,MAAM,CAACC,QAAQ,GAAG,EAAE,EAAE,GAAGC,cAAc,CAAC,GAAGJ,KAAK,CAACK,KAAK,CAAC,GAAG,CAAC;;EAE3D;EACA;EACA,MAAMC,UAAU,GAAGtB,SAAS,CAACmB,QAAQ,CAAC;;EAEtC;EACA,MAAMI,MAAM,GAAGN,YAAY,IAAIX,QAAQ;EAEvC,MAAMkB,KAAK,GAAGD,MAAM,CAACT,KAAK,CAAC;IACzBW,MAAM,EAAEH,UAAU,CAACI,eAAe;IAClCC,OAAO,EAAEL,UAAU,CAACK;EACtB,CAAC,CAAC;;EAEF;EACA;EACA;EACA,MAAMC,WAAW,GAAGR,cAAc,CAACS,GAAG,CAACnB,gBAAgB,CAAC;EAExD,OAAO;IAAEc,KAAK;IAAEI;EAAY,CAAC;AAC/B,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAME,QAAQ,GAAG,MAAAA,CACtBd,KAAa,EACbe,MAAgB,KACyD;EACzE,MAAM,CAACZ,QAAQ,EAAE,GAAGC,cAAc,CAAC,GAAGJ,KAAK,CAACK,KAAK,CAAC,GAAG,CAAC;EACtD,MAAM;IAAEG,KAAK;IAAEI;EAAY,CAAC,GAAG7B,MAAM,CAACiB,KAAK,EAAEV,QAAQ,CAAC;;EAEtD;EACA,MAAM0B,KAAK,GAAG,MAAMC,OAAO,CAACC,GAAG,CAC7BH,MAAM,CAACF,GAAG,CAAC,MAAOM,KAAK,IAAK;IAC1B,MAAMC,UAAU,GAAGR,WAAW,CAACS,IAAI,CACjCC,IAAA;MAAA,IAAC;QAAEzB,OAAO,EAAE,GAAG0B,IAAI;MAAE,CAAC,GAAAD,IAAA;MAAA,OAAKC,IAAI,KAAKJ,KAAK;IAAA,CAC3C,CAAC;;IAED;IACA,IAAI,CAACC,UAAU,EAAE;MACf,MAAM,IAAI5B,MAAM,CAACgC,gCAAgC,CAACL,KAAK,CAAC;IAC1D;IAEA,MAAMM,IAAI,GAAG,MAAMrC,cAAc,CAACgC,UAAU,CAACzB,OAAO,CAAC;;IAErD;IACA;IACA,IAAIa,KAAK,CAACG,OAAO,CAACe,GAAG,CAACC,QAAQ,CAACF,IAAI,CAAC,EAAE;MACpC,MAAMG,KAAK,GAAGpB,KAAK,CAACG,OAAO,CAACe,GAAG,CAACG,OAAO,CAACJ,IAAI,CAAC;MAC7C,OAAO;QAAEN,KAAK;QAAEW,IAAI,EAAG,8BAA6BF,KAAM;MAAG,CAAC;IAChE;IAEA,MAAM,IAAIpC,MAAM,CAACuC,qBAAqB,CAACZ,KAAK,CAAC;EAC/C,CAAC,CACH,CAAC;;EAED;EACA;EACA;EACA;EACA,MAAMa,mBAAmB,GAAG5B,cAAc,CAAC6B,MAAM,CAACC,OAAO,CAAC,CAACD,MAAM,CAAEE,CAAC,IAAK;IACvE,MAAM;MACJtC,OAAO,EAAE,GAAG0B,IAAI;IAClB,CAAC,GAAG7B,gBAAgB,CAACyC,CAAC,CAAC;IACvB,OAAOpB,MAAM,CAACY,QAAQ,CAACJ,IAAI,CAAC;EAC9B,CAAC,CAAC;;EAEF;EACA,MAAMa,cAAc,GAAG,CAACjC,QAAQ,EAAE,GAAG6B,mBAAmB,CAAC,CAACK,IAAI,CAAC,GAAG,CAAC;EAEnE,OAAO;IAAErC,KAAK,EAAEoC,cAAc;IAAEpB;EAAM,CAAC;AACzC,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAM/B,MAAM,GAAG,MAAAA,CACpBe,KAAa,EACbsC,SAAsB,EACtBrC,YAAgB,KAC8C;EAC9D;EACA,MAAM,CAACE,QAAQ,GAAG,EAAE,CAAC,GAAGH,KAAK,CAACK,KAAK,CAAC,GAAG,CAAC;EACxC,MAAMR,OAAO,GAAGd,MAAM,CAACiB,KAAK,EAAEC,YAAY,CAAC;;EAE3C;EACA,MAAMf,SAAS,CAACiB,QAAQ,EAAEmC,SAAS,CAAC;;EAEpC;EACA,MAAMvB,MAAM,GAAG,CAAC,GAAGlB,OAAO,CAACW,KAAK,CAACG,OAAO,CAACe,GAAG,CAAC;EAE7C,MAAMT,OAAO,CAACC,GAAG,CACfrB,OAAO,CAACe,WAAW,CAACC,GAAG,CACrB,MAAOO,UAAU,IAAK,MAAM7B,gBAAgB,CAAC6B,UAAU,EAAEL,MAAM,CACjE,CACF,CAAC;EAED,OAAO;IACLP,KAAK,EAAEX,OAAO,CAACW,KAAK;IACpBI,WAAW,EAAEf,OAAO,CAACe,WAAW,CAACC,GAAG,CAAEsB,CAAC,IAAKA,CAAC,CAACtC,OAAO;EACvD,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAM0C,cAAc,GAAG,MAAAA,CAC5BC,KAAa,EACbC,SAAiB,EAAAC,KAAA,KAIb;EAAA,IAHJ,CAACC,oBAAoB,EAAEC,eAAe,EAAEC,aAAa,CAAe,GAAAH,KAAA;EAIpE;EACA,MAAM;IAAE1C,KAAK,EAAE8C;EAAG,CAAC,GAAG,MAAMhC,QAAQ,CAAC6B,oBAAoB,EAAEC,eAAe,CAAC;;EAE3E;EACA,MAAMG,OAAO,GAAG,MAAM3D,cAAc,CAAE,GAAE0D,EAAG,GAAE,CAAC;EAE9C,MAAME,KAAK,GAAG,MAAM,IAAI7D,OAAO,CAAC0D,aAAa,CAAC,CAC3CI,kBAAkB,CAAC;IAClBC,GAAG,EAAE,QAAQ;IACbC,GAAG,EAAE;EACP,CAAC,CAAC,CACDC,UAAU,CAAC;IACVL,OAAO;IACPP,KAAK,EAAEA;EACT,CAAC,CAAC,CACDa,WAAW,CAACZ,SAAS,CAAC,CACtBa,WAAW,CAAC,CAAC,CACbC,IAAI,CAAC,CAAC;;EAET;EACA,MAAMC,QAAQ,GAAG,CAACV,EAAE,EAAEE,KAAK,CAAC,CAACX,IAAI,CAAC,GAAG,CAAC;EAEtC,OAAO;IAAEmB;EAAS,CAAC;AACrB,CAAC;AAED,SAASlE,QAAQ,EAAEE,MAAM"}

package/lib/module/sd-jwt/types.js

@@ -23,11 +23,23 @@ export const Disclosure = z.tuple([/* salt */z.string(), /* claim name */z.strin
  * @see https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-05.html#name-disclosures-for-object-prop
  */
 
+const StatusAssertion = z.object({
+  credential_hash_alg: z.literal("sha-256")
+});
+
+/**
+ * Type for a Verifiable Credential in SD-JWT format.
+ * It supports both the older and the new data model for backward compatibility.
+ */
+
 export const SdJwt4VC = z.object({
   header: z.object({
-    typ: z.literal("dc+sd-jwt"),
+    typ: z.enum(["vc+sd-jwt", "dc+sd-jwt"]),
     alg: z.string(),
-    kid: z.string().optional()
+    kid: z.string(),
+    trust_chain: z.array(z.string()).optional(),
+    x5c: z.array(z.string()).optional(),
+    vctm: z.array(z.string()).optional()
   }),
   payload: z.intersection(z.object({
     iss: z.string(),
@@ -35,18 +47,22 @@ export const SdJwt4VC = z.object({
     iat: UnixTime.optional(),
     exp: UnixTime,
     _sd_alg: z.literal("sha-256"),
-    status: z.object({
-      status_assertion: z.object({
-        credential_hash_alg: z.literal("sha-256")
-      })
+    status: z.union([
+    // Credentials v1.0
+    z.object({
+      status_assertion: StatusAssertion
     }),
+    // Credentials v0.7.1
+    z.object({
+      status_attestation: StatusAssertion
+    })]).optional(),
     cnf: z.object({
       jwk: JWK
     }),
     vct: z.string(),
-    "vct#integrity": z.string(),
-    issuing_authority: z.string(),
-    issuing_country: z.string()
+    "vct#integrity": z.string().optional(),
+    issuing_authority: z.string().optional(),
+    issuing_country: z.string().optional()
   }), ObfuscatedDisclosures)
 });
 

package/lib/module/sd-jwt/types.js.map

@@ -1 +1 @@
-{"version":3,"names":["JWK","z","UnixTime","number","min","max","ObfuscatedDisclosures","object","_sd","array","string","Disclosure","tuple","unknown","SdJwt4VC","header","typ","literal","alg","kid","optional","payload","intersection","iss","sub","iat","exp","_sd_alg","status","status_assertion","credential_hash_alg","cnf","jwk","vct","issuing_authority","issuing_country","Verification","trust_framework","assurance_level","evidence","type","time","attestation","reference_number","date_of_issuance","voucher","organization","TypeMetadata","name","description","data_source","authentic_source","organization_name","organization_code","contacts","homepage_uri","url","logo_uri"],"sourceRoot":"../../../src","sources":["sd-jwt/types.ts"],"mappings":"AAAA,SAASA,GAAG,QAAQ,cAAc;AAClC,SAASC,CAAC,QAAQ,KAAK;AAEvB,OAAO,MAAMC,QAAQ,GAAGD,CAAC,CAACE,MAAM,CAAC,CAAC,CAACC,GAAG,CAAC,CAAC,CAAC,CAACC,GAAG,CAAC,aAAa,CAAC;AAI5D,OAAO,MAAMC,qBAAqB,GAAGL,CAAC,CAACM,MAAM,CAAC;EAAEC,GAAG,EAAEP,CAAC,CAACQ,KAAK,CAACR,CAAC,CAACS,MAAM,CAAC,CAAC;AAAE,CAAC,CAAC;;AAE3E;AACA;AACA;AACA;AACA;AACA;;AAEA,OAAO,MAAMC,UAAU,GAAGV,CAAC,CAACW,KAAK,CAAC,CAChC,UAAWX,CAAC,CAACS,MAAM,CAAC,CAAC,EACrB,gBAAiBT,CAAC,CAACS,MAAM,CAAC,CAAC,EAC3B,iBAAkBT,CAAC,CAACY,OAAO,CAAC,CAAC,CAC9B,CAAC;;AAEF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAOA,OAAO,MAAMC,QAAQ,GAAGb,CAAC,CAACM,MAAM,CAAC;EAC/BQ,MAAM,EAAEd,CAAC,CAACM,MAAM,CAAC;IACfS,GAAG,EAAEf,CAAC,CAACgB,OAAO,CAAC,WAAW,CAAC;IAC3BC,GAAG,EAAEjB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfS,GAAG,EAAElB,CAAC,CAACS,MAAM,CAAC,CAAC,CAACU,QAAQ,CAAC;EAC3B,CAAC,CAAC;EACFC,OAAO,EAAEpB,CAAC,CAACqB,YAAY,CACrBrB,CAAC,CAACM,MAAM,CAAC;IACPgB,GAAG,EAAEtB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfc,GAAG,EAAEvB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfe,GAAG,EAAEvB,QAAQ,CAACkB,QAAQ,CAAC,CAAC;IACxBM,GAAG,EAAExB,QAAQ;IACbyB,OAAO,EAAE1B,CAAC,CAACgB,OAAO,CAAC,SAAS,CAAC;IAC7BW,MAAM,EAAE3B,CAAC,CAACM,MAAM,CAAC;MACfsB,gBAAgB,EAAE5B,CAAC,CAACM,MAAM,CAAC;QACzBuB,mBAAmB,EAAE7B,CAAC,CAACgB,OAAO,CAAC,SAAS;MAC1C,CAAC;IACH,CAAC,CAAC;IACFc,GAAG,EAAE9B,CAAC,CAACM,MAAM,CAAC;MACZyB,GAAG,EAAEhC;IACP,CAAC,CAAC;IACFiC,GAAG,EAAEhC,CAAC,CAACS,MAAM,CAAC,CAAC;IACf,eAAe,EAAET,CAAC,CAACS,MAAM,CAAC,CAAC;IAC3BwB,iBAAiB,EAAEjC,CAAC,CAACS,MAAM,CAAC,CAAC;IAC7ByB,eAAe,EAAElC,CAAC,CAACS,MAAM,CAAC;EAC5B,CAAC,CAAC,EACFJ,qBACF;AACF,CAAC,CAAC;;AAEF;AACA;AACA;AACA;;AAEA,OAAO,MAAM8B,YAAY,GAAGnC,CAAC,CAACM,MAAM,CAAC;EACnC8B,eAAe,EAAEpC,CAAC,CAACS,MAAM,CAAC,CAAC;EAC3B4B,eAAe,EAAErC,CAAC,CAACS,MAAM,CAAC,CAAC;EAC3B6B,QAAQ,EAAEtC,CAAC,CAACQ,KAAK,CACfR,CAAC,CAACM,MAAM,CAAC;IACPiC,IAAI,EAAEvC,CAAC,CAACgB,OAAO,CAAC,OAAO,CAAC;IACxBwB,IAAI,EAAExC,CAAC,CAACS,MAAM,CAAC,CAAC;IAChBgC,WAAW,EAAEzC,CAAC,CAACM,MAAM,CAAC;MACpBiC,IAAI,EAAEvC,CAAC,CAACgB,OAAO,CAAC,qBAAqB,CAAC;MACtC0B,gBAAgB,EAAE1C,CAAC,CAACS,MAAM,CAAC,CAAC;MAC5BkC,gBAAgB,EAAE3C,CAAC,CAACS,MAAM,CAAC,CAAC;MAC5BmC,OAAO,EAAE5C,CAAC,CAACM,MAAM,CAAC;QAAEuC,YAAY,EAAE7C,CAAC,CAACS,MAAM,CAAC;MAAE,CAAC;IAChD,CAAC;EACH,CAAC,CACH;AACF,CAAC,CAAC;;AAEF;AACA;AACA;AACA;AACA;;AAEA,OAAO,MAAMqC,YAAY,GAAG9C,CAAC,CAACM,MAAM,CAAC;EACnCyC,IAAI,EAAE/C,CAAC,CAACS,MAAM,CAAC,CAAC;EAChBuC,WAAW,EAAEhD,CAAC,CAACS,MAAM,CAAC,CAAC;EACvBwC,WAAW,EAAEjD,CAAC,CAACM,MAAM,CAAC;IACpB8B,eAAe,EAAEpC,CAAC,CAACS,MAAM,CAAC,CAAC;IAC3ByC,gBAAgB,EAAElD,CAAC,CAACM,MAAM,CAAC;MACzB6C,iBAAiB,EAAEnD,CAAC,CAACS,MAAM,CAAC,CAAC;MAC7B2C,iBAAiB,EAAEpD,CAAC,CAACS,MAAM,CAAC,CAAC;MAC7B4C,QAAQ,EAAErD,CAAC,CAACQ,KAAK,CAACR,CAAC,CAACS,MAAM,CAAC,CAAC,CAAC;MAC7B6C,YAAY,EAAEtD,CAAC,CAACS,MAAM,CAAC,CAAC,CAAC8C,GAAG,CAAC,CAAC;MAC9BC,QAAQ,EAAExD,CAAC,CAACS,MAAM,CAAC,CAAC,CAAC8C,GAAG,CAAC;IAC3B,CAAC;EACH,CAAC;EACD;AACF,CAAC,CAAC"}
+{"version":3,"names":["JWK","z","UnixTime","number","min","max","ObfuscatedDisclosures","object","_sd","array","string","Disclosure","tuple","unknown","StatusAssertion","credential_hash_alg","literal","SdJwt4VC","header","typ","enum","alg","kid","trust_chain","optional","x5c","vctm","payload","intersection","iss","sub","iat","exp","_sd_alg","status","union","status_assertion","status_attestation","cnf","jwk","vct","issuing_authority","issuing_country","Verification","trust_framework","assurance_level","evidence","type","time","attestation","reference_number","date_of_issuance","voucher","organization","TypeMetadata","name","description","data_source","authentic_source","organization_name","organization_code","contacts","homepage_uri","url","logo_uri"],"sourceRoot":"../../../src","sources":["sd-jwt/types.ts"],"mappings":"AAAA,SAASA,GAAG,QAAQ,cAAc;AAClC,SAASC,CAAC,QAAQ,KAAK;AAEvB,OAAO,MAAMC,QAAQ,GAAGD,CAAC,CAACE,MAAM,CAAC,CAAC,CAACC,GAAG,CAAC,CAAC,CAAC,CAACC,GAAG,CAAC,aAAa,CAAC;AAI5D,OAAO,MAAMC,qBAAqB,GAAGL,CAAC,CAACM,MAAM,CAAC;EAAEC,GAAG,EAAEP,CAAC,CAACQ,KAAK,CAACR,CAAC,CAACS,MAAM,CAAC,CAAC;AAAE,CAAC,CAAC;;AAE3E;AACA;AACA;AACA;AACA;AACA;;AAEA,OAAO,MAAMC,UAAU,GAAGV,CAAC,CAACW,KAAK,CAAC,CAChC,UAAWX,CAAC,CAACS,MAAM,CAAC,CAAC,EACrB,gBAAiBT,CAAC,CAACS,MAAM,CAAC,CAAC,EAC3B,iBAAkBT,CAAC,CAACY,OAAO,CAAC,CAAC,CAC9B,CAAC;;AAEF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAMA,MAAMC,eAAe,GAAGb,CAAC,CAACM,MAAM,CAAC;EAC/BQ,mBAAmB,EAAEd,CAAC,CAACe,OAAO,CAAC,SAAS;AAC1C,CAAC,CAAC;;AAEF;AACA;AACA;AACA;;AAEA,OAAO,MAAMC,QAAQ,GAAGhB,CAAC,CAACM,MAAM,CAAC;EAC/BW,MAAM,EAAEjB,CAAC,CAACM,MAAM,CAAC;IACfY,GAAG,EAAElB,CAAC,CAACmB,IAAI,CAAC,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC;IACvCC,GAAG,EAAEpB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfY,GAAG,EAAErB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfa,WAAW,EAAEtB,CAAC,CAACQ,KAAK,CAACR,CAAC,CAACS,MAAM,CAAC,CAAC,CAAC,CAACc,QAAQ,CAAC,CAAC;IAC3CC,GAAG,EAAExB,CAAC,CAACQ,KAAK,CAACR,CAAC,CAACS,MAAM,CAAC,CAAC,CAAC,CAACc,QAAQ,CAAC,CAAC;IACnCE,IAAI,EAAEzB,CAAC,CAACQ,KAAK,CAACR,CAAC,CAACS,MAAM,CAAC,CAAC,CAAC,CAACc,QAAQ,CAAC;EACrC,CAAC,CAAC;EACFG,OAAO,EAAE1B,CAAC,CAAC2B,YAAY,CACrB3B,CAAC,CAACM,MAAM,CAAC;IACPsB,GAAG,EAAE5B,CAAC,CAACS,MAAM,CAAC,CAAC;IACfoB,GAAG,EAAE7B,CAAC,CAACS,MAAM,CAAC,CAAC;IACfqB,GAAG,EAAE7B,QAAQ,CAACsB,QAAQ,CAAC,CAAC;IACxBQ,GAAG,EAAE9B,QAAQ;IACb+B,OAAO,EAAEhC,CAAC,CAACe,OAAO,CAAC,SAAS,CAAC;IAC7BkB,MAAM,EAAEjC,CAAC,CACNkC,KAAK,CAAC;IACL;IACAlC,CAAC,CAACM,MAAM,CAAC;MAAE6B,gBAAgB,EAAEtB;IAAgB,CAAC,CAAC;IAC/C;IACAb,CAAC,CAACM,MAAM,CAAC;MAAE8B,kBAAkB,EAAEvB;IAAgB,CAAC,CAAC,CAClD,CAAC,CACDU,QAAQ,CAAC,CAAC;IACbc,GAAG,EAAErC,CAAC,CAACM,MAAM,CAAC;MACZgC,GAAG,EAAEvC;IACP,CAAC,CAAC;IACFwC,GAAG,EAAEvC,CAAC,CAACS,MAAM,CAAC,CAAC;IACf,eAAe,EAAET,CAAC,CAACS,MAAM,CAAC,CAAC,CAACc,QAAQ,CAAC,CAAC;IACtCiB,iBAAiB,EAAExC,CAAC,CAACS,MAAM,CAAC,CAAC,CAACc,QAAQ,CAAC,CAAC;IACxCkB,eAAe,EAAEzC,CAAC,CAACS,MAAM,CAAC,CAAC,CAACc,QAAQ,CAAC;EACvC,CAAC,CAAC,EACFlB,qBACF;AACF,CAAC,CAAC;;AAEF;AACA;AACA;AACA;;AAEA,OAAO,MAAMqC,YAAY,GAAG1C,CAAC,CAACM,MAAM,CAAC;EACnCqC,eAAe,EAAE3C,CAAC,CAACS,MAAM,CAAC,CAAC;EAC3BmC,eAAe,EAAE5C,CAAC,CAACS,MAAM,CAAC,CAAC;EAC3BoC,QAAQ,EAAE7C,CAAC,CAACQ,KAAK,CACfR,CAAC,CAACM,MAAM,CAAC;IACPwC,IAAI,EAAE9C,CAAC,CAACe,OAAO,CAAC,OAAO,CAAC;IACxBgC,IAAI,EAAE/C,CAAC,CAACS,MAAM,CAAC,CAAC;IAChBuC,WAAW,EAAEhD,CAAC,CAACM,MAAM,CAAC;MACpBwC,IAAI,EAAE9C,CAAC,CAACe,OAAO,CAAC,qBAAqB,CAAC;MACtCkC,gBAAgB,EAAEjD,CAAC,CAACS,MAAM,CAAC,CAAC;MAC5ByC,gBAAgB,EAAElD,CAAC,CAACS,MAAM,CAAC,CAAC;MAC5B0C,OAAO,EAAEnD,CAAC,CAACM,MAAM,CAAC;QAAE8C,YAAY,EAAEpD,CAAC,CAACS,MAAM,CAAC;MAAE,CAAC;IAChD,CAAC;EACH,CAAC,CACH;AACF,CAAC,CAAC;;AAEF;AACA;AACA;AACA;AACA;;AAEA,OAAO,MAAM4C,YAAY,GAAGrD,CAAC,CAACM,MAAM,CAAC;EACnCgD,IAAI,EAAEtD,CAAC,CAACS,MAAM,CAAC,CAAC;EAChB8C,WAAW,EAAEvD,CAAC,CAACS,MAAM,CAAC,CAAC;EACvB+C,WAAW,EAAExD,CAAC,CAACM,MAAM,CAAC;IACpBqC,eAAe,EAAE3C,CAAC,CAACS,MAAM,CAAC,CAAC;IAC3BgD,gBAAgB,EAAEzD,CAAC,CAACM,MAAM,CAAC;MACzBoD,iBAAiB,EAAE1D,CAAC,CAACS,MAAM,CAAC,CAAC;MAC7BkD,iBAAiB,EAAE3D,CAAC,CAACS,MAAM,CAAC,CAAC;MAC7BmD,QAAQ,EAAE5D,CAAC,CAACQ,KAAK,CAACR,CAAC,CAACS,MAAM,CAAC,CAAC,CAAC;MAC7BoD,YAAY,EAAE7D,CAAC,CAACS,MAAM,CAAC,CAAC,CAACqD,GAAG,CAAC,CAAC;MAC9BC,QAAQ,EAAE/D,CAAC,CAACS,MAAM,CAAC,CAAC,CAACqD,GAAG,CAAC;IAC3B,CAAC;EACH,CAAC;EACD;AACF,CAAC,CAAC"}

package/lib/module/utils/credentials.js

@@ -0,0 +1,26 @@
+import { decode } from "../sd-jwt";
+import { thumbprint } from "@pagopa/io-react-native-jwt";
+import { IoWalletError } from "./errors";
+const SD_JWT = ["vc+sd-jwt", "dc+sd-jwt"];
+
+/**
+ * Extracts a JWK from a credential.
+ * @param credential - The credential string, which can be in SD-JWT or CBOR format.
+ * @param format - The format of the credential
+ * @return A Promise that resolves to a JWK object if the credential is in SD-JWT format and contains a JWK, or undefined otherwise.
+ */
+export const extractJwkFromCredential = async (credential, format) => {
+  if (SD_JWT.includes(format)) {
+    // 1. SD-JWT case
+    const decoded = decode(credential);
+    const jwk = decoded.sdJwt.payload.cnf.jwk;
+    if (jwk) {
+      return {
+        ...jwk,
+        kid: await thumbprint(jwk)
+      };
+    }
+  }
+  throw new IoWalletError(`Credential format ${format} not supported`);
+};
+//# sourceMappingURL=credentials.js.map

package/lib/module/utils/credentials.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["decode","thumbprint","IoWalletError","SD_JWT","extractJwkFromCredential","credential","format","includes","decoded","jwk","sdJwt","payload","cnf","kid"],"sourceRoot":"../../../src","sources":["utils/credentials.ts"],"mappings":"AAAA,SAASA,MAAM,QAAQ,WAAW;AAClC,SAASC,UAAU,QAAQ,6BAA6B;AAIxD,SAASC,aAAa,QAAQ,UAAU;AAExC,MAAMC,MAAM,GAAG,CAAC,WAAW,EAAE,WAAW,CAAC;;AAEzC;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMC,wBAAwB,GAAG,MAAAA,CACtCC,UAA+C,EAC/CC,MAAuC,KACtB;EACjB,IAAIH,MAAM,CAACI,QAAQ,CAACD,MAAM,CAAC,EAAE;IAC3B;IACA,MAAME,OAAO,GAAGR,MAAM,CAACK,UAAU,CAAC;IAClC,MAAMI,GAAG,GAAGD,OAAO,CAACE,KAAK,CAACC,OAAO,CAACC,GAAG,CAACH,GAAG;IACzC,IAAIA,GAAG,EAAE;MACP,OAAO;QAAE,GAAGA,GAAG;QAAEI,GAAG,EAAE,MAAMZ,UAAU,CAACQ,GAAG;MAAE,CAAC;IAC/C;EACF;EACA,MAAM,IAAIP,aAAa,CAAE,qBAAoBI,MAAO,gBAAe,CAAC;AACtE,CAAC"}

package/lib/module/utils/crypto.js

@@ -1,7 +1,6 @@
-import { getPublicKey, sign, generate, deleteKey } from "@pagopa/io-react-native-crypto";
+import { deleteKey, generate, getPublicKeyFixed, sign } from "@pagopa/io-react-native-crypto";
 import { v4 as uuidv4 } from "uuid";
 import { thumbprint } from "@pagopa/io-react-native-jwt";
-import { fixBase64EncodingOnKey } from "./jwk";
 
 /**
  * Create a CryptoContext bound to a key pair.
@@ -12,13 +11,8 @@ import { fixBase64EncodingOnKey } from "./jwk";
  */
 export const createCryptoContextFor = keytag => {
   return {
-    /**
-     * Retrieve the public key of the pair.
-     * If the key pair doesn't exist yet, an error is raised
-     * @returns The public key.
-     */
     async getPublicKey() {
-      return getPublicKey(keytag).then(fixBase64EncodingOnKey).then(async jwk => ({
+      return getPublicKeyFixed(keytag).then(async jwk => ({
         ...jwk,
         // Keys in the TEE are not stored with their KID, which is supposed to be assigned when they are included in JWK sets.
         // (that is, KID is not a propoerty of the key itself, but it's property used to identify a key in a set).

package/lib/module/utils/crypto.js.map

@@ -1 +1 @@
-{"version":3,"names":["getPublicKey","sign","generate","deleteKey","v4","uuidv4","thumbprint","fixBase64EncodingOnKey","createCryptoContextFor","keytag","then","jwk","kid","getSignature","value","withEphemeralKey","fn","ephemeralContext","finally"],"sourceRoot":"../../../src","sources":["utils/crypto.ts"],"mappings":"AAAA,SACEA,YAAY,EACZC,IAAI,EACJC,QAAQ,EACRC,SAAS,QACJ,gCAAgC;AACvC,SAASC,EAAE,IAAIC,MAAM,QAAQ,MAAM;AACnC,SAASC,UAAU,QAA4B,6BAA6B;AAC5E,SAASC,sBAAsB,QAAQ,OAAO;;AAE9C;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMC,sBAAsB,GAAIC,MAAc,IAAoB;EACvE,OAAO;IACL;AACJ;AACA;AACA;AACA;IACI,MAAMT,YAAYA,CAAA,EAAG;MACnB,OAAOA,YAAY,CAACS,MAAM,CAAC,CACxBC,IAAI,CAACH,sBAAsB,CAAC,CAC5BG,IAAI,CAAC,MAAOC,GAAG,KAAM;QACpB,GAAGA,GAAG;QACN;QACA;QACA;QACA;QACAC,GAAG,EAAE,MAAMN,UAAU,CAACK,GAAG;MAC3B,CAAC,CAAC,CAAC;IACP,CAAC;IACD;AACJ;AACA;AACA;AACA;AACA;IACI,MAAME,YAAYA,CAACC,KAAa,EAAE;MAChC,OAAOb,IAAI,CAACa,KAAK,EAAEL,MAAM,CAAC;IAC5B;EACF,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMM,gBAAgB,GAAG,MAC9BC,EAAmD,IACpC;EACf;EACA,MAAMP,MAAM,GAAI,aAAYJ,MAAM,CAAC,CAAE,EAAC;EACtC,MAAMH,QAAQ,CAACO,MAAM,CAAC;EACtB,MAAMQ,gBAAgB,GAAGT,sBAAsB,CAACC,MAAM,CAAC;EACvD,OAAOO,EAAE,CAACC,gBAAgB,CAAC,CAACC,OAAO,CAAC,MAAMf,SAAS,CAACM,MAAM,CAAC,CAAC;AAC9D,CAAC"}
+{"version":3,"names":["deleteKey","generate","getPublicKeyFixed","sign","v4","uuidv4","thumbprint","createCryptoContextFor","keytag","getPublicKey","then","jwk","kid","getSignature","value","withEphemeralKey","fn","ephemeralContext","finally"],"sourceRoot":"../../../src","sources":["utils/crypto.ts"],"mappings":"AAAA,SACEA,SAAS,EACTC,QAAQ,EACRC,iBAAiB,EACjBC,IAAI,QACC,gCAAgC;AACvC,SAASC,EAAE,IAAIC,MAAM,QAAQ,MAAM;AACnC,SAA6BC,UAAU,QAAQ,6BAA6B;;AAE5E;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMC,sBAAsB,GAAIC,MAAc,IAAoB;EACvE,OAAO;IACL,MAAMC,YAAYA,CAAA,EAAG;MACnB,OAAOP,iBAAiB,CAACM,MAAM,CAAC,CAACE,IAAI,CAAC,MAAOC,GAAG,KAAM;QACpD,GAAGA,GAAG;QACN;QACA;QACA;QACA;QACAC,GAAG,EAAE,MAAMN,UAAU,CAACK,GAAG;MAC3B,CAAC,CAAC,CAAC;IACL,CAAC;IACD;AACJ;AACA;AACA;AACA;AACA;IACI,MAAME,YAAYA,CAACC,KAAa,EAAE;MAChC,OAAOX,IAAI,CAACW,KAAK,EAAEN,MAAM,CAAC;IAC5B;EACF,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMO,gBAAgB,GAAG,MAC9BC,EAAmD,IACpC;EACf;EACA,MAAMR,MAAM,GAAI,aAAYH,MAAM,CAAC,CAAE,EAAC;EACtC,MAAMJ,QAAQ,CAACO,MAAM,CAAC;EACtB,MAAMS,gBAAgB,GAAGV,sBAAsB,CAACC,MAAM,CAAC;EACvD,OAAOQ,EAAE,CAACC,gBAAgB,CAAC,CAACC,OAAO,CAAC,MAAMlB,SAAS,CAACQ,MAAM,CAAC,CAAC;AAC9D,CAAC"}

package/lib/module/utils/jwk.js

@@ -1,4 +1,4 @@
-import { removePadding } from "@pagopa/io-react-native-jwt";
+import { removePadding, thumbprint } from "@pagopa/io-react-native-jwt";
 import { z } from "zod";
 export const JWK = z.object({
   /** JWK "alg" (Algorithm) Parameter. */
@@ -72,4 +72,14 @@ export function fixBase64EncodingOnKey(key) {
 export const JWKS = z.object({
   keys: z.array(JWK)
 });
+/**
+ * Utility function that checks if two JWKs have the same thumbprint.
+ * @param jwkA The first JWK
+ * @param jwkB The second JWK
+ * @returns Whether the thumbprints match
+ */
+export const isSameThumbprint = async (jwkA, jwkB) => {
+  const [thumbprintJwkA, thumbprintJwkB] = await Promise.all([thumbprint(jwkA), thumbprint(jwkB)]);
+  return thumbprintJwkA === thumbprintJwkB;
+};
 //# sourceMappingURL=jwk.js.map

package/lib/module/utils/jwk.js.map

@@ -1 +1 @@
-{"version":3,"names":["removePadding","z","JWK","object","alg","string","optional","crv","d","dp","dq","e","ext","boolean","k","key_ops","array","kid","kty","union","literal","n","p","q","qi","use","x","y","x5c","x5t","x5u","fixBase64EncodingOnKey","key","pk","JWKS","keys"],"sourceRoot":"../../../src","sources":["utils/jwk.ts"],"mappings":"AAAA,SAAiBA,aAAa,QAAQ,6BAA6B;AACnE,SAASC,CAAC,QAAQ,KAAK;AAGvB,OAAO,MAAMC,GAAG,GAAGD,CAAC,CAACE,MAAM,CAAC;EAC1B;EACAC,GAAG,EAAEH,CAAC,CAACI,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EAC1BC,GAAG,EAAEN,CAAC,CAACI,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EAC1BE,CAAC,EAAEP,CAAC,CAACI,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EACxBG,EAAE,EAAER,CAAC,CAACI,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EACzBI,EAAE,EAAET,CAAC,CAACI,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EACzBK,CAAC,EAAEV,CAAC,CAACI,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EACxB;EACAM,GAAG,EAAEX,CAAC,CAACY,OAAO,CAAC,CAAC,CAACP,QAAQ,CAAC,CAAC;EAC3BQ,CAAC,EAAEb,CAAC,CAACI,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EACxB;EACAS,OAAO,EAAEd,CAAC,CAACe,KAAK,CAACf,CAAC,CAACI,MAAM,CAAC,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EACvC;EACAW,GAAG,EAAEhB,CAAC,CAACI,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EAC1B;AACF;AACA;EACEY,GAAG,EAAEjB,CAAC,CAACkB,KAAK,CAAC,CAAClB,CAAC,CAACmB,OAAO,CAAC,KAAK,CAAC,EAAEnB,CAAC,CAACmB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC;EACjDC,CAAC,EAAEpB,CAAC,CAACI,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EACxBgB,CAAC,EAAErB,CAAC,CAACI,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EACxBiB,CAAC,EAAEtB,CAAC,CAACI,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EACxBkB,EAAE,EAAEvB,CAAC,CAACI,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EACzB;EACAmB,GAAG,EAAExB,CAAC,CAACI,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EAC1BoB,CAAC,EAAEzB,CAAC,CAACI,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EACxBqB,CAAC,EAAE1B,CAAC,CAACI,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EACxB;EACAsB,GAAG,EAAE3B,CAAC,CAACe,KAAK,CAACf,CAAC,CAACI,MAAM,CAAC,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EACnC;EACAuB,GAAG,EAAE5B,CAAC,CAACI,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EAC1B;EACA,UAAU,EAAEL,CAAC,CAACI,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EACjC;EACAwB,GAAG,EAAE7B,CAAC,CAACI,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC;AAC3B,CAAC,CAAC;;AAEF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,SAASyB,sBAAsBA,CAACC,GAAQ,EAAO;EACpD,MAAM;IAAEN,CAAC;IAAEC,CAAC;IAAEhB,CAAC;IAAEU,CAAC;IAAE,GAAGY;EAAG,CAAC,GAAGD,GAAG;EAEjC,OAAO;IACL,GAAGC,EAAE;IACL,IAAIP,CAAC,GAAG;MAAEA,CAAC,EAAE1B,aAAa,CAAC0B,CAAC;IAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACrC,IAAIC,CAAC,GAAG;MAAEA,CAAC,EAAE3B,aAAa,CAAC2B,CAAC;IAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACrC,IAAIhB,CAAC,GAAG;MAAEA,CAAC,EAAEX,aAAa,CAACW,CAAC;IAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACrC,IAAIU,CAAC,GAAG;MAAEA,CAAC,EAAErB,aAAa,CAACqB,CAAC;IAAE,CAAC,GAAG,CAAC,CAAC;EACtC,CAAC;AACH;AAGA,OAAO,MAAMa,IAAI,GAAGjC,CAAC,CAACE,MAAM,CAAC;EAC3BgC,IAAI,EAAElC,CAAC,CAACe,KAAK,CAACd,GAAG;AACnB,CAAC,CAAC"}
+{"version":3,"names":["removePadding","thumbprint","z","JWK","object","alg","string","optional","crv","d","dp","dq","e","ext","boolean","k","key_ops","array","kid","kty","union","literal","n","p","q","qi","use","x","y","x5c","x5t","x5u","fixBase64EncodingOnKey","key","pk","JWKS","keys","isSameThumbprint","jwkA","jwkB","thumbprintJwkA","thumbprintJwkB","Promise","all"],"sourceRoot":"../../../src","sources":["utils/jwk.ts"],"mappings":"AAAA,SAAiBA,aAAa,EAAEC,UAAU,QAAQ,6BAA6B;AAC/E,SAASC,CAAC,QAAQ,KAAK;AAGvB,OAAO,MAAMC,GAAG,GAAGD,CAAC,CAACE,MAAM,CAAC;EAC1B;EACAC,GAAG,EAAEH,CAAC,CAACI,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EAC1BC,GAAG,EAAEN,CAAC,CAACI,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EAC1BE,CAAC,EAAEP,CAAC,CAACI,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EACxBG,EAAE,EAAER,CAAC,CAACI,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EACzBI,EAAE,EAAET,CAAC,CAACI,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EACzBK,CAAC,EAAEV,CAAC,CAACI,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EACxB;EACAM,GAAG,EAAEX,CAAC,CAACY,OAAO,CAAC,CAAC,CAACP,QAAQ,CAAC,CAAC;EAC3BQ,CAAC,EAAEb,CAAC,CAACI,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EACxB;EACAS,OAAO,EAAEd,CAAC,CAACe,KAAK,CAACf,CAAC,CAACI,MAAM,CAAC,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EACvC;EACAW,GAAG,EAAEhB,CAAC,CAACI,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EAC1B;AACF;AACA;EACEY,GAAG,EAAEjB,CAAC,CAACkB,KAAK,CAAC,CAAClB,CAAC,CAACmB,OAAO,CAAC,KAAK,CAAC,EAAEnB,CAAC,CAACmB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC;EACjDC,CAAC,EAAEpB,CAAC,CAACI,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EACxBgB,CAAC,EAAErB,CAAC,CAACI,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EACxBiB,CAAC,EAAEtB,CAAC,CAACI,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EACxBkB,EAAE,EAAEvB,CAAC,CAACI,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EACzB;EACAmB,GAAG,EAAExB,CAAC,CAACI,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EAC1BoB,CAAC,EAAEzB,CAAC,CAACI,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EACxBqB,CAAC,EAAE1B,CAAC,CAACI,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EACxB;EACAsB,GAAG,EAAE3B,CAAC,CAACe,KAAK,CAACf,CAAC,CAACI,MAAM,CAAC,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EACnC;EACAuB,GAAG,EAAE5B,CAAC,CAACI,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EAC1B;EACA,UAAU,EAAEL,CAAC,CAACI,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EACjC;EACAwB,GAAG,EAAE7B,CAAC,CAACI,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC;AAC3B,CAAC,CAAC;;AAEF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,SAASyB,sBAAsBA,CAACC,GAAQ,EAAO;EACpD,MAAM;IAAEN,CAAC;IAAEC,CAAC;IAAEhB,CAAC;IAAEU,CAAC;IAAE,GAAGY;EAAG,CAAC,GAAGD,GAAG;EAEjC,OAAO;IACL,GAAGC,EAAE;IACL,IAAIP,CAAC,GAAG;MAAEA,CAAC,EAAE3B,aAAa,CAAC2B,CAAC;IAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACrC,IAAIC,CAAC,GAAG;MAAEA,CAAC,EAAE5B,aAAa,CAAC4B,CAAC;IAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACrC,IAAIhB,CAAC,GAAG;MAAEA,CAAC,EAAEZ,aAAa,CAACY,CAAC;IAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACrC,IAAIU,CAAC,GAAG;MAAEA,CAAC,EAAEtB,aAAa,CAACsB,CAAC;IAAE,CAAC,GAAG,CAAC,CAAC;EACtC,CAAC;AACH;AAGA,OAAO,MAAMa,IAAI,GAAGjC,CAAC,CAACE,MAAM,CAAC;EAC3BgC,IAAI,EAAElC,CAAC,CAACe,KAAK,CAACd,GAAG;AACnB,CAAC,CAAC;AAIF;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMkC,gBAAgB,GAAG,MAAAA,CAAOC,IAAS,EAAEC,IAAS,KAAK;EAC9D,MAAM,CAACC,cAAc,EAAEC,cAAc,CAAC,GAAG,MAAMC,OAAO,CAACC,GAAG,CAAC,CACzD1C,UAAU,CAACqC,IAAI,CAAC,EAChBrC,UAAU,CAACsC,IAAI,CAAC,CACjB,CAAC;EACF,OAAOC,cAAc,KAAKC,cAAc;AAC1C,CAAC"}

package/lib/module/wallet-instance-attestation/types.js

@@ -40,9 +40,8 @@ export const WalletInstanceAttestationRequestJwt = z.object({
 export const WalletInstanceAttestationJwt = z.object({
   header: z.intersection(Jwt.shape.header, z.object({
     typ: z.literal("oauth-client-attestation+jwt"),
-    trust_chain: z.array(z.string()).optional() // TODO: [SIW-2264] Make mandatory
+    trust_chain: z.array(z.string()).optional()
   })),
-
   payload: z.intersection(Jwt.shape.payload, z.object({
     sub: z.string(),
     aal: z.string(),

package/lib/module/wallet-instance-attestation/types.js.map

@@ -1 +1 @@
-{"version":3,"names":["JWK","z","UnixTime","number","min","max","Jwt","object","header","alg","string","kid","typ","x5c","array","optional","trust_chain","payload","iss","iat","exp","cnf","jwk","intersection","WalletInstanceAttestationRequestJwt","shape","literal","aud","nonce","hardware_signature","integrity_assertion","hardware_key_tag","WalletInstanceAttestationJwt","sub","aal","wallet_link","wallet_name","WalletAttestationResponse","wallet_attestations","wallet_attestation","format","enum"],"sourceRoot":"../../../src","sources":["wallet-instance-attestation/types.ts"],"mappings":"AAAA,SAASA,GAAG,QAAQ,cAAc;AAClC,OAAO,KAAKC,CAAC,MAAM,KAAK;AAExB,MAAMC,QAAQ,GAAGD,CAAC,CAACE,MAAM,CAAC,CAAC,CAACC,GAAG,CAAC,CAAC,CAAC,CAACC,GAAG,CAAC,aAAa,CAAC;AAGrD,MAAMC,GAAG,GAAGL,CAAC,CAACM,MAAM,CAAC;EACnBC,MAAM,EAAEP,CAAC,CAACM,MAAM,CAAC;IACfE,GAAG,EAAER,CAAC,CAACS,MAAM,CAAC,CAAC;IACfC,GAAG,EAAEV,CAAC,CAACS,MAAM,CAAC,CAAC;IACfE,GAAG,EAAEX,CAAC,CAACS,MAAM,CAAC,CAAC;IACfG,GAAG,EAAEZ,CAAC,CAACa,KAAK,CAACb,CAAC,CAACS,MAAM,CAAC,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;IACnCC,WAAW,EAAEf,CAAC,CAACa,KAAK,CAACb,CAAC,CAACS,MAAM,CAAC,CAAC,CAAC,CAACK,QAAQ,CAAC;EAC5C,CAAC,CAAC;EACFE,OAAO,EAAEhB,CAAC,CAACM,MAAM,CAAC;IAChBW,GAAG,EAAEjB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfS,GAAG,EAAEjB,QAAQ;IACbkB,GAAG,EAAElB,QAAQ;IACbmB,GAAG,EAAEpB,CAAC,CAACM,MAAM,CAAC;MACZe,GAAG,EAAErB,CAAC,CAACsB,YAAY,CACjBvB,GAAG;MACH;MACAC,CAAC,CAACM,MAAM,CAAC;QAAEI,GAAG,EAAEV,CAAC,CAACS,MAAM,CAAC;MAAE,CAAC,CAC9B;IACF,CAAC;EACH,CAAC;AACH,CAAC,CAAC;AAKF,OAAO,MAAMc,mCAAmC,GAAGvB,CAAC,CAACM,MAAM,CAAC;EAC1DC,MAAM,EAAEP,CAAC,CAACsB,YAAY,CACpBjB,GAAG,CAACmB,KAAK,CAACjB,MAAM,EAChBP,CAAC,CAACM,MAAM,CAAC;IACPK,GAAG,EAAEX,CAAC,CAACyB,OAAO,CAAC,YAAY;EAC7B,CAAC,CACH,CAAC;EACDT,OAAO,EAAEhB,CAAC,CAACsB,YAAY,CACrBjB,GAAG,CAACmB,KAAK,CAACR,OAAO,EACjBhB,CAAC,CAACM,MAAM,CAAC;IACPoB,GAAG,EAAE1B,CAAC,CAACS,MAAM,CAAC,CAAC;IACfkB,KAAK,EAAE3B,CAAC,CAACS,MAAM,CAAC,CAAC;IACjBmB,kBAAkB,EAAE5B,CAAC,CAACS,MAAM,CAAC,CAAC;IAC9BoB,mBAAmB,EAAE7B,CAAC,CAACS,MAAM,CAAC,CAAC;IAC/BqB,gBAAgB,EAAE9B,CAAC,CAACS,MAAM,CAAC;EAC7B,CAAC,CACH;AACF,CAAC,CAAC;;AAEF;AACA;AAIA,OAAO,MAAMsB,4BAA4B,GAAG/B,CAAC,CAACM,MAAM,CAAC;EACnDC,MAAM,EAAEP,CAAC,CAACsB,YAAY,CACpBjB,GAAG,CAACmB,KAAK,CAACjB,MAAM,EAChBP,CAAC,CAACM,MAAM,CAAC;IACPK,GAAG,EAAEX,CAAC,CAACyB,OAAO,CAAC,8BAA8B,CAAC;IAC9CV,WAAW,EAAEf,CAAC,CAACa,KAAK,CAACb,CAAC,CAACS,MAAM,CAAC,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC,CAAE;EAC/C,CAAC,CACH,CAAC;;EACDE,OAAO,EAAEhB,CAAC,CAACsB,YAAY,CACrBjB,GAAG,CAACmB,KAAK,CAACR,OAAO,EACjBhB,CAAC,CAACM,MAAM,CAAC;IACP0B,GAAG,EAAEhC,CAAC,CAACS,MAAM,CAAC,CAAC;IACfwB,GAAG,EAAEjC,CAAC,CAACS,MAAM,CAAC,CAAC;IACfyB,WAAW,EAAElC,CAAC,CAACS,MAAM,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;IAClCqB,WAAW,EAAEnC,CAAC,CAACS,MAAM,CAAC,CAAC,CAACK,QAAQ,CAAC;EACnC,CAAC,CACH;AACF,CAAC,CAAC;AAKF,OAAO,MAAMsB,yBAAyB,GAAGpC,CAAC,CAACM,MAAM,CAAC;EAChD+B,mBAAmB,EAAErC,CAAC,CAACa,KAAK,CAC1Bb,CAAC,CAACM,MAAM,CAAC;IACPgC,kBAAkB,EAAEtC,CAAC,CAACS,MAAM,CAAC,CAAC;IAC9B8B,MAAM,EAAEvC,CAAC,CAACwC,IAAI,CAAC,CAAC,KAAK,EAAE,WAAW,EAAE,UAAU,CAAC;EACjD,CAAC,CACH;AACF,CAAC,CAAC"}
+{"version":3,"names":["JWK","z","UnixTime","number","min","max","Jwt","object","header","alg","string","kid","typ","x5c","array","optional","trust_chain","payload","iss","iat","exp","cnf","jwk","intersection","WalletInstanceAttestationRequestJwt","shape","literal","aud","nonce","hardware_signature","integrity_assertion","hardware_key_tag","WalletInstanceAttestationJwt","sub","aal","wallet_link","wallet_name","WalletAttestationResponse","wallet_attestations","wallet_attestation","format","enum"],"sourceRoot":"../../../src","sources":["wallet-instance-attestation/types.ts"],"mappings":"AAAA,SAASA,GAAG,QAAQ,cAAc;AAClC,OAAO,KAAKC,CAAC,MAAM,KAAK;AAExB,MAAMC,QAAQ,GAAGD,CAAC,CAACE,MAAM,CAAC,CAAC,CAACC,GAAG,CAAC,CAAC,CAAC,CAACC,GAAG,CAAC,aAAa,CAAC;AAGrD,MAAMC,GAAG,GAAGL,CAAC,CAACM,MAAM,CAAC;EACnBC,MAAM,EAAEP,CAAC,CAACM,MAAM,CAAC;IACfE,GAAG,EAAER,CAAC,CAACS,MAAM,CAAC,CAAC;IACfC,GAAG,EAAEV,CAAC,CAACS,MAAM,CAAC,CAAC;IACfE,GAAG,EAAEX,CAAC,CAACS,MAAM,CAAC,CAAC;IACfG,GAAG,EAAEZ,CAAC,CAACa,KAAK,CAACb,CAAC,CAACS,MAAM,CAAC,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;IACnCC,WAAW,EAAEf,CAAC,CAACa,KAAK,CAACb,CAAC,CAACS,MAAM,CAAC,CAAC,CAAC,CAACK,QAAQ,CAAC;EAC5C,CAAC,CAAC;EACFE,OAAO,EAAEhB,CAAC,CAACM,MAAM,CAAC;IAChBW,GAAG,EAAEjB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfS,GAAG,EAAEjB,QAAQ;IACbkB,GAAG,EAAElB,QAAQ;IACbmB,GAAG,EAAEpB,CAAC,CAACM,MAAM,CAAC;MACZe,GAAG,EAAErB,CAAC,CAACsB,YAAY,CACjBvB,GAAG;MACH;MACAC,CAAC,CAACM,MAAM,CAAC;QAAEI,GAAG,EAAEV,CAAC,CAACS,MAAM,CAAC;MAAE,CAAC,CAC9B;IACF,CAAC;EACH,CAAC;AACH,CAAC,CAAC;AAKF,OAAO,MAAMc,mCAAmC,GAAGvB,CAAC,CAACM,MAAM,CAAC;EAC1DC,MAAM,EAAEP,CAAC,CAACsB,YAAY,CACpBjB,GAAG,CAACmB,KAAK,CAACjB,MAAM,EAChBP,CAAC,CAACM,MAAM,CAAC;IACPK,GAAG,EAAEX,CAAC,CAACyB,OAAO,CAAC,YAAY;EAC7B,CAAC,CACH,CAAC;EACDT,OAAO,EAAEhB,CAAC,CAACsB,YAAY,CACrBjB,GAAG,CAACmB,KAAK,CAACR,OAAO,EACjBhB,CAAC,CAACM,MAAM,CAAC;IACPoB,GAAG,EAAE1B,CAAC,CAACS,MAAM,CAAC,CAAC;IACfkB,KAAK,EAAE3B,CAAC,CAACS,MAAM,CAAC,CAAC;IACjBmB,kBAAkB,EAAE5B,CAAC,CAACS,MAAM,CAAC,CAAC;IAC9BoB,mBAAmB,EAAE7B,CAAC,CAACS,MAAM,CAAC,CAAC;IAC/BqB,gBAAgB,EAAE9B,CAAC,CAACS,MAAM,CAAC;EAC7B,CAAC,CACH;AACF,CAAC,CAAC;;AAEF;AACA;AAIA,OAAO,MAAMsB,4BAA4B,GAAG/B,CAAC,CAACM,MAAM,CAAC;EACnDC,MAAM,EAAEP,CAAC,CAACsB,YAAY,CACpBjB,GAAG,CAACmB,KAAK,CAACjB,MAAM,EAChBP,CAAC,CAACM,MAAM,CAAC;IACPK,GAAG,EAAEX,CAAC,CAACyB,OAAO,CAAC,8BAA8B,CAAC;IAC9CV,WAAW,EAAEf,CAAC,CAACa,KAAK,CAACb,CAAC,CAACS,MAAM,CAAC,CAAC,CAAC,CAACK,QAAQ,CAAC;EAC5C,CAAC,CACH,CAAC;EACDE,OAAO,EAAEhB,CAAC,CAACsB,YAAY,CACrBjB,GAAG,CAACmB,KAAK,CAACR,OAAO,EACjBhB,CAAC,CAACM,MAAM,CAAC;IACP0B,GAAG,EAAEhC,CAAC,CAACS,MAAM,CAAC,CAAC;IACfwB,GAAG,EAAEjC,CAAC,CAACS,MAAM,CAAC,CAAC;IACfyB,WAAW,EAAElC,CAAC,CAACS,MAAM,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;IAClCqB,WAAW,EAAEnC,CAAC,CAACS,MAAM,CAAC,CAAC,CAACK,QAAQ,CAAC;EACnC,CAAC,CACH;AACF,CAAC,CAAC;AAKF,OAAO,MAAMsB,yBAAyB,GAAGpC,CAAC,CAACM,MAAM,CAAC;EAChD+B,mBAAmB,EAAErC,CAAC,CAACa,KAAK,CAC1Bb,CAAC,CAACM,MAAM,CAAC;IACPgC,kBAAkB,EAAEtC,CAAC,CAACS,MAAM,CAAC,CAAC;IAC9B8B,MAAM,EAAEvC,CAAC,CAACwC,IAAI,CAAC,CAAC,KAAK,EAAE,WAAW,EAAE,UAAU,CAAC;EACjD,CAAC,CACH;AACF,CAAC,CAAC"}

package/lib/typescript/credential/issuance/04-complete-user-authorization.d.ts

@@ -8,11 +8,9 @@ import { RequestObject } from "../presentation/types";
  * The interface of the phase to complete User authorization via strong identification when the response mode is "query" and the request credential is a PersonIdentificationData.
  */
 export type CompleteUserAuthorizationWithQueryMode = (authRedirectUrl: string) => Promise<AuthorizationResult>;
-export type CompleteUserAuthorizationWithFormPostJwtMode = (requestObject: Out<GetRequestedCredentialToBePresented>, context: {
+export type CompleteUserAuthorizationWithFormPostJwtMode = (requestObject: Out<GetRequestedCredentialToBePresented>, pid: string, context: {
     wiaCryptoContext: CryptoContext;
     pidCryptoContext: CryptoContext;
-    pid: string;
-    walletInstanceAttestation: string;
     appFetch?: GlobalFetch["fetch"];
 }) => Promise<AuthorizationResult>;
 export type GetRequestedCredentialToBePresented = (issuerRequestUri: Out<StartUserAuthorization>["issuerRequestUri"], clientId: Out<StartUserAuthorization>["clientId"], issuerConf: Out<EvaluateIssuerTrust>["issuerConf"], appFetch?: GlobalFetch["fetch"]) => Promise<RequestObject>;
@@ -51,18 +49,13 @@ export declare const completeUserAuthorizationWithQueryMode: CompleteUserAuthori
  */
 export declare const getRequestedCredentialToBePresented: GetRequestedCredentialToBePresented;
 /**
- * WARNING: This function must be called after {@link startUserAuthorization}. The next function to be called is {@link completeUserAuthorizationWithFormPostJwtMode}.
+ * WARNING: This function must be called after {@link getRequestedCredentialToBePresented}. The next function to be called is {@link authorizeAccess}.
  * The interface of the phase to complete User authorization via presentation of existing credentials when the response mode is "form_post.jwt".
- * It is used as a first step to complete the user authorization by obtaining the requested credential to be presented from the authorization server.
- * The information is obtained by performing a GET request to the authorization endpoint with request_uri and client_id parameters.
- * @param issuerRequestUri the URI of the issuer where the request is sent
- * @param clientId Identifies the current client across all the requests of the issuing flow returned by {@link startUserAuthorization}
- * @param issuerConf The issuer configuration returned by {@link evaluateIssuerTrust}
- * @param context.walletInstanceAccestation the Wallet Instance's attestation to be presented
- * @param context.pid the PID to be presented
- * @param context.wiaCryptoContext The Wallet Instance's crypto context associated with the walletInstanceAttestation parameter
- * @param context.pidCryptoContext The PID crypto context associated with the pid parameter
- * @param context.appFetch (optional) fetch api implementation. Default: built-in fetch
+ * The information is obtained by performing a POST request to the endpoint received in the response_uri field of the requestObject, where the Authorization Response payload is posted.
+ * Following this,the redirect_uri from the response is used to obtain the final authorization response.
+ * @param requestObject - The request object containing the necessary parameters for authorization.
+ * @param pid The `PID` that must be presented for the issuance of credentials.
+ * @param appFetch (optional) fetch api implementation. Default: built-in fetch
  * @throws {ValidationFailed} if an error while validating the response
  * @returns the authorization response which contains code, state and iss
  */

package/lib/typescript/credential/issuance/04-complete-user-authorization.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"04-complete-user-authorization.d.ts","sourceRoot":"","sources":["../../../../src/credential/issuance/04-complete-user-authorization.ts"],"names":[],"mappings":"AAAA,OAAO,EAGL,KAAK,mBAAmB,EACzB,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EAAoB,KAAK,GAAG,EAAE,MAAM,kBAAkB,CAAC;AAC9D,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,+BAA+B,CAAC;AAG5E,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AACtE,OAAO,EAIL,KAAK,aAAa,EACnB,MAAM,6BAA6B,CAAC;AACrC,OAAO,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AAOtD;;GAEG;AACH,MAAM,MAAM,sCAAsC,GAAG,CACnD,eAAe,EAAE,MAAM,KACpB,OAAO,CAAC,mBAAmB,CAAC,CAAC;AAElC,MAAM,MAAM,4CAA4C,GAAG,CACzD,aAAa,EAAE,GAAG,CAAC,mCAAmC,CAAC,EACvD,OAAO,EAAE;IACP,gBAAgB,EAAE,aAAa,CAAC;IAChC,gBAAgB,EAAE,aAAa,CAAC;IAChC,GAAG,EAAE,MAAM,CAAC;IACZ,yBAAyB,EAAE,MAAM,CAAC;IAClC,QAAQ,CAAC,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC;CACjC,KACE,OAAO,CAAC,mBAAmB,CAAC,CAAC;AAElC,MAAM,MAAM,mCAAmC,GAAG,CAChD,gBAAgB,EAAE,GAAG,CAAC,sBAAsB,CAAC,CAAC,kBAAkB,CAAC,EACjE,QAAQ,EAAE,GAAG,CAAC,sBAAsB,CAAC,CAAC,UAAU,CAAC,EACjD,UAAU,EAAE,GAAG,CAAC,mBAAmB,CAAC,CAAC,YAAY,CAAC,EAClD,QAAQ,CAAC,EAAE,WAAW,CAAC,OAAO,CAAC,KAC5B,OAAO,CAAC,aAAa,CAAC,CAAC;AAE5B,MAAM,MAAM,qBAAqB,GAAG,CAClC,gBAAgB,EAAE,GAAG,CAAC,sBAAsB,CAAC,CAAC,kBAAkB,CAAC,EACjE,QAAQ,EAAE,GAAG,CAAC,sBAAsB,CAAC,CAAC,UAAU,CAAC,EACjD,UAAU,EAAE,GAAG,CAAC,mBAAmB,CAAC,CAAC,YAAY,CAAC,EAClD,OAAO,CAAC,EAAE,MAAM,KACb,OAAO,CAAC;IACX,OAAO,EAAE,MAAM,CAAC;CACjB,CAAC,CAAC;AAEH;;;;;;;;GAQG;AACH,eAAO,MAAM,qBAAqB,EAAE,qBAqBnC,CAAC;AAEF;;;;;;GAMG;AACH,eAAO,MAAM,sCAAsC,EAAE,sCASlD,CAAC;AAEJ;;;;;;;;;;;GAWG;AACH,eAAO,MAAM,mCAAmC,EAAE,mCAsC/C,CAAC;AAEJ;;;;;;;;;;;;;;;GAeG;AACH,eAAO,MAAM,4CAA4C,EAAE,4CAgIxD,CAAC;AAEJ;;;;;;GAMG;AACH,eAAO,MAAM,0BAA0B,YAC5B,OAAO,KACf,mBAqBF,CAAC"}
+{"version":3,"file":"04-complete-user-authorization.d.ts","sourceRoot":"","sources":["../../../../src/credential/issuance/04-complete-user-authorization.ts"],"names":[],"mappings":"AAAA,OAAO,EAGL,KAAK,mBAAmB,EACzB,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EAAoB,KAAK,GAAG,EAAE,MAAM,kBAAkB,CAAC;AAC9D,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,+BAA+B,CAAC;AAG5E,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AACtE,OAAO,EAGL,KAAK,aAAa,EACnB,MAAM,6BAA6B,CAAC;AACrC,OAAO,EAA2B,aAAa,EAAE,MAAM,uBAAuB,CAAC;AAQ/E;;GAEG;AACH,MAAM,MAAM,sCAAsC,GAAG,CACnD,eAAe,EAAE,MAAM,KACpB,OAAO,CAAC,mBAAmB,CAAC,CAAC;AAElC,MAAM,MAAM,4CAA4C,GAAG,CACzD,aAAa,EAAE,GAAG,CAAC,mCAAmC,CAAC,EACvD,GAAG,EAAE,MAAM,EACX,OAAO,EAAE;IACP,gBAAgB,EAAE,aAAa,CAAC;IAChC,gBAAgB,EAAE,aAAa,CAAC;IAChC,QAAQ,CAAC,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC;CACjC,KACE,OAAO,CAAC,mBAAmB,CAAC,CAAC;AAElC,MAAM,MAAM,mCAAmC,GAAG,CAChD,gBAAgB,EAAE,GAAG,CAAC,sBAAsB,CAAC,CAAC,kBAAkB,CAAC,EACjE,QAAQ,EAAE,GAAG,CAAC,sBAAsB,CAAC,CAAC,UAAU,CAAC,EACjD,UAAU,EAAE,GAAG,CAAC,mBAAmB,CAAC,CAAC,YAAY,CAAC,EAClD,QAAQ,CAAC,EAAE,WAAW,CAAC,OAAO,CAAC,KAC5B,OAAO,CAAC,aAAa,CAAC,CAAC;AAE5B,MAAM,MAAM,qBAAqB,GAAG,CAClC,gBAAgB,EAAE,GAAG,CAAC,sBAAsB,CAAC,CAAC,kBAAkB,CAAC,EACjE,QAAQ,EAAE,GAAG,CAAC,sBAAsB,CAAC,CAAC,UAAU,CAAC,EACjD,UAAU,EAAE,GAAG,CAAC,mBAAmB,CAAC,CAAC,YAAY,CAAC,EAClD,OAAO,CAAC,EAAE,MAAM,KACb,OAAO,CAAC;IACX,OAAO,EAAE,MAAM,CAAC;CACjB,CAAC,CAAC;AAEH;;;;;;;;GAQG;AACH,eAAO,MAAM,qBAAqB,EAAE,qBAqBnC,CAAC;AAEF;;;;;;GAMG;AACH,eAAO,MAAM,sCAAsC,EAAE,sCASlD,CAAC;AAEJ;;;;;;;;;;;GAWG;AACH,eAAO,MAAM,mCAAmC,EAAE,mCAsC/C,CAAC;AAEJ;;;;;;;;;;GAUG;AACH,eAAO,MAAM,4CAA4C,EAAE,4CAoFxD,CAAC;AAEJ;;;;;;GAMG;AACH,eAAO,MAAM,0BAA0B,YAC5B,OAAO,KACf,mBAqBF,CAAC"}

package/lib/typescript/credential/issuance/06-obtain-credential.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"06-obtain-credential.d.ts","sourceRoot":"","sources":["../../../../src/credential/issuance/06-obtain-credential.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,KAAK,aAAa,EAGnB,MAAM,6BAA6B,CAAC;AACrC,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AAC7D,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AACtE,OAAO,EAAoB,KAAK,GAAG,EAAE,MAAM,kBAAkB,CAAC;AAC9D,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,+BAA+B,CAAC;AAa5E,MAAM,MAAM,gBAAgB,GAAG,CAC7B,UAAU,EAAE,GAAG,CAAC,mBAAmB,CAAC,CAAC,YAAY,CAAC,EAClD,WAAW,EAAE,GAAG,CAAC,eAAe,CAAC,CAAC,aAAa,CAAC,EAChD,QAAQ,EAAE,GAAG,CAAC,sBAAsB,CAAC,CAAC,UAAU,CAAC,EACjD,oBAAoB,EAAE;IACpB,2BAA2B,EAAE,MAAM,CAAC;IACpC,qBAAqB,CAAC,EAAE,MAAM,CAAC;CAChC,EACD,OAAO,EAAE;IACP,iBAAiB,EAAE,aAAa,CAAC;IACjC,uBAAuB,EAAE,aAAa,CAAC;IACvC,QAAQ,CAAC,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC;CACjC,EACD,aAAa,CAAC,EAAE,WAAW,KACxB,OAAO,CAAC;IAAE,UAAU,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,MAAM,CAAA;CAAE,CAAC,CAAC;AAErD,eAAO,MAAM,gBAAgB,UACpB,MAAM,UACL,MAAM,YACJ,MAAM,OACX,aAAa,KACjB,QAAQ,MAAM,CAehB,CAAC;AAEF;;;;;;;;;;;;;;;GAeG;AACH,eAAO,MAAM,gBAAgB,EAAE,gBA0I9B,CAAC"}
+{"version":3,"file":"06-obtain-credential.d.ts","sourceRoot":"","sources":["../../../../src/credential/issuance/06-obtain-credential.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,KAAK,aAAa,EAGnB,MAAM,6BAA6B,CAAC;AACrC,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AAC7D,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AACtE,OAAO,EAAoB,KAAK,GAAG,EAAE,MAAM,kBAAkB,CAAC;AAC9D,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,+BAA+B,CAAC;AAa5E,MAAM,MAAM,gBAAgB,GAAG,CAC7B,UAAU,EAAE,GAAG,CAAC,mBAAmB,CAAC,CAAC,YAAY,CAAC,EAClD,WAAW,EAAE,GAAG,CAAC,eAAe,CAAC,CAAC,aAAa,CAAC,EAChD,QAAQ,EAAE,GAAG,CAAC,sBAAsB,CAAC,CAAC,UAAU,CAAC,EACjD,oBAAoB,EAAE;IACpB,2BAA2B,EAAE,MAAM,CAAC;IACpC,qBAAqB,CAAC,EAAE,MAAM,CAAC;CAChC,EACD,OAAO,EAAE;IACP,iBAAiB,EAAE,aAAa,CAAC;IACjC,uBAAuB,EAAE,aAAa,CAAC;IACvC,QAAQ,CAAC,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC;CACjC,EACD,aAAa,CAAC,EAAE,WAAW,KACxB,OAAO,CAAC;IACX,UAAU,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE,MAAM,CAAC;CAChB,CAAC,CAAC;AAEH,eAAO,MAAM,gBAAgB,UACpB,MAAM,UACL,MAAM,YACJ,MAAM,OACX,aAAa,KACjB,QAAQ,MAAM,CAehB,CAAC;AAEF;;;;;;;;;;;;;;;GAeG;AACH,eAAO,MAAM,gBAAgB,EAAE,gBA0I9B,CAAC"}

package/lib/typescript/credential/issuance/07-verify-and-parse-credential.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"07-verify-and-parse-credential.d.ts","sourceRoot":"","sources":["../../../../src/credential/issuance/07-verify-and-parse-credential.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AACjE,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,kBAAkB,CAAC;AAC5C,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AAMtE,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAG/D,KAAK,UAAU,GAAG,GAAG,CAAC,mBAAmB,CAAC,CAAC,YAAY,CAAC,CAAC;AAIzD,MAAM,MAAM,wBAAwB,GAAG,CACrC,UAAU,EAAE,UAAU,EACtB,UAAU,EAAE,GAAG,CAAC,gBAAgB,CAAC,CAAC,YAAY,CAAC,EAC/C,yBAAyB,EAAE,MAAM,EACjC,OAAO,EAAE;IACP,uBAAuB,EAAE,aAAa,CAAC;IACvC;;OAEG;IACH,uBAAuB,CAAC,EAAE,OAAO,CAAC;IAClC;;OAEG;IACH,0BAA0B,CAAC,EAAE,OAAO,CAAC;CACtC,KACE,OAAO,CAAC;IACX,gBAAgB,EAAE,gBAAgB,CAAC;IACnC,UAAU,EAAE,IAAI,CAAC;IACjB,QAAQ,EAAE,IAAI,GAAG,SAAS,CAAC;CAC5B,CAAC,CAAC;AAGH,KAAK,gBAAgB,GAAG,MAAM;AAC5B,oBAAoB;AACpB,MAAM,EACN;IACE,2CAA2C;IAC3C,IAAI,EACA,yBAAyB,CAAC,MAAM,CAC9B,MAAM,EACN,MAAM,CACP,GACD,4BAA4B,CAAC,MAAM,GACnC,SAAS,CAAC;IACd,wCAAwC;IACxC,KAAK,EAAE,OAAO,CAAC;CAChB,CACF,CAAC;AAuLF;;;;;;;;;;;;GAYG;AACH,eAAO,MAAM,wBAAwB,EAAE,wBAwBtC,CAAC"}
+{"version":3,"file":"07-verify-and-parse-credential.d.ts","sourceRoot":"","sources":["../../../../src/credential/issuance/07-verify-and-parse-credential.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AACjE,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,kBAAkB,CAAC;AAC5C,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AAKtE,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAG/D,KAAK,UAAU,GAAG,GAAG,CAAC,mBAAmB,CAAC,CAAC,YAAY,CAAC,CAAC;AAIzD,MAAM,MAAM,wBAAwB,GAAG,CACrC,UAAU,EAAE,UAAU,EACtB,UAAU,EAAE,GAAG,CAAC,gBAAgB,CAAC,CAAC,YAAY,CAAC,EAC/C,yBAAyB,EAAE,MAAM,EACjC,OAAO,EAAE;IACP,uBAAuB,EAAE,aAAa,CAAC;IACvC;;OAEG;IACH,uBAAuB,CAAC,EAAE,OAAO,CAAC;IAClC;;OAEG;IACH,0BAA0B,CAAC,EAAE,OAAO,CAAC;CACtC,KACE,OAAO,CAAC;IACX,gBAAgB,EAAE,gBAAgB,CAAC;IACnC,UAAU,EAAE,IAAI,CAAC;IACjB,QAAQ,EAAE,IAAI,GAAG,SAAS,CAAC;CAC5B,CAAC,CAAC;AAGH,KAAK,gBAAgB,GAAG,MAAM;AAC5B,oBAAoB;AACpB,MAAM,EACN;IACE,2CAA2C;IAC3C,IAAI,EACA,yBAAyB,CAAC,MAAM,CAC9B,MAAM,EACN,MAAM,CACP,GACD,4BAA4B,CAAC,MAAM,GACnC,SAAS,CAAC;IACd,wCAAwC;IACxC,KAAK,EAAE,OAAO,CAAC;CAChB,CACF,CAAC;AAsLF;;;;;;;;;;;;GAYG;AACH,eAAO,MAAM,wBAAwB,EAAE,wBAwBtC,CAAC"}

package/lib/typescript/credential/issuance/types.d.ts

@@ -16,6 +16,7 @@ export declare const AuthorizationDetail: z.ZodObject<{
 export type TokenResponse = z.infer<typeof TokenResponse>;
 export declare const TokenResponse: z.ZodObject<{
     access_token: z.ZodString;
+    refresh_token: z.ZodOptional<z.ZodString>;
     authorization_details: z.ZodArray<z.ZodObject<{
         type: z.ZodLiteral<"openid_credential">;
         credential_configuration_id: z.ZodString;
@@ -40,6 +41,7 @@ export declare const TokenResponse: z.ZodObject<{
     }[];
     expires_in: number;
     token_type: string;
+    refresh_token?: string | undefined;
 }, {
     access_token: string;
     authorization_details: {
@@ -49,6 +51,7 @@ export declare const TokenResponse: z.ZodObject<{
     }[];
     expires_in: number;
     token_type: string;
+    refresh_token?: string | undefined;
 }>;
 export type CredentialResponse = z.infer<typeof CredentialResponse>;
 export declare const CredentialResponse: z.ZodObject<{

package/lib/typescript/credential/issuance/types.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../../src/credential/issuance/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,KAAK,CAAC;AAEzB,MAAM,MAAM,mBAAmB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,mBAAmB,CAAC,CAAC;AACtE,eAAO,MAAM,mBAAmB;;;;;;;;;;;;EAI9B,CAAC;AAEH,MAAM,MAAM,aAAa,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,aAAa,CAAC,CAAC;AAE1D,eAAO,MAAM,aAAa;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAKxB,CAAC;AAEH,MAAM,MAAM,kBAAkB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,kBAAkB,CAAC,CAAC;AAEpE,eAAO,MAAM,kBAAkB;;;;;;;;;;;;;;;;;;;EAO7B,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,sBAAsB;;;;;;EAEjC,CAAC;AAEH,MAAM,MAAM,YAAY,GAAG,OAAO,GAAG,eAAe,CAAC;AAErD,MAAM,MAAM,aAAa,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,aAAa,CAAC,CAAC;AAC1D,eAAO,MAAM,aAAa;;;;;;EAExB,CAAC"}
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../../src/credential/issuance/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,KAAK,CAAC;AAEzB,MAAM,MAAM,mBAAmB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,mBAAmB,CAAC,CAAC;AACtE,eAAO,MAAM,mBAAmB;;;;;;;;;;;;EAI9B,CAAC;AAEH,MAAM,MAAM,aAAa,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,aAAa,CAAC,CAAC;AAE1D,eAAO,MAAM,aAAa;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAMxB,CAAC;AAEH,MAAM,MAAM,kBAAkB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,kBAAkB,CAAC,CAAC;AAEpE,eAAO,MAAM,kBAAkB;;;;;;;;;;;;;;;;;;;EAO7B,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,sBAAsB;;;;;;EAEjC,CAAC;AAEH,MAAM,MAAM,YAAY,GAAG,OAAO,GAAG,eAAe,CAAC;AAErD,MAAM,MAAM,aAAa,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,aAAa,CAAC,CAAC;AAC1D,eAAO,MAAM,aAAa;;;;;;EAExB,CAAC"}

package/lib/typescript/credential/presentation/01-start-flow.d.ts

@@ -5,14 +5,14 @@ declare const PresentationParams: z.ZodObject<{
     request_uri_method: z.ZodEnum<["get", "post"]>;
     state: z.ZodOptional<z.ZodString>;
 }, "strip", z.ZodTypeAny, {
+    request_uri_method: "get" | "post";
     client_id: string;
     request_uri: string;
-    request_uri_method: "get" | "post";
     state?: string | undefined;
 }, {
+    request_uri_method: "get" | "post";
     client_id: string;
     request_uri: string;
-    request_uri_method: "get" | "post";
     state?: string | undefined;
 }>;
 export type PresentationParams = z.infer<typeof PresentationParams>;

package/lib/typescript/credential/presentation/07-evaluate-dcql-query.d.ts

@@ -1,6 +1,7 @@
 import { DcqlQuery } from "dcql";
 import type { Disclosure } from "../../sd-jwt/types";
 import type { RemotePresentation } from "./types";
+import type { CryptoContext } from "@pagopa/io-react-native-jwt";
 /**
  * The purpose for the credential request by the RP.
  */
@@ -8,18 +9,18 @@ type CredentialPurpose = {
     required: boolean;
     description?: string;
 };
-export type EvaluateDcqlQuery = (credentialsSdJwt: [string, string][], query: DcqlQuery.Input) => {
+export type EvaluateDcqlQuery = (credentialsSdJwt: [CryptoContext, string][], query: DcqlQuery.Input) => {
     id: string;
     vct: string;
     credential: string;
-    keyTag: string;
+    cryptoContext: CryptoContext;
     requiredDisclosures: Disclosure[];
     purposes: CredentialPurpose[];
 }[];
 export type PrepareRemotePresentations = (credentials: {
     id: string;
     credential: string;
-    keyTag: string;
+    cryptoContext: CryptoContext;
     requestedClaims: string[];
 }[], nonce: string, clientId: string) => Promise<RemotePresentation[]>;
 export declare const evaluateDcqlQuery: EvaluateDcqlQuery;

package/lib/typescript/credential/presentation/07-evaluate-dcql-query.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"07-evaluate-dcql-query.d.ts","sourceRoot":"","sources":["../../../../src/credential/presentation/07-evaluate-dcql-query.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAA8B,MAAM,MAAM,CAAC;AAG7D,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAErD,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,SAAS,CAAC;AAGlD;;GAEG;AACH,KAAK,iBAAiB,GAAG;IACvB,QAAQ,EAAE,OAAO,CAAC;IAClB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB,CAAC;AAEF,MAAM,MAAM,iBAAiB,GAAG,CAC9B,gBAAgB,EAAE,CAAC,MAAM,EAAe,MAAM,CAAkB,EAAE,EAClE,KAAK,EAAE,SAAS,CAAC,KAAK,KACnB;IACH,EAAE,EAAE,MAAM,CAAC;IACX,GAAG,EAAE,MAAM,CAAC;IACZ,UAAU,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE,MAAM,CAAC;IACf,mBAAmB,EAAE,UAAU,EAAE,CAAC;IAClC,QAAQ,EAAE,iBAAiB,EAAE,CAAC;CAC/B,EAAE,CAAC;AAEJ,MAAM,MAAM,0BAA0B,GAAG,CACvC,WAAW,EAAE;IACX,EAAE,EAAE,MAAM,CAAC;IACX,UAAU,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE,MAAM,CAAC;IACf,eAAe,EAAE,MAAM,EAAE,CAAC;CAC3B,EAAE,EACH,KAAK,EAAE,MAAM,EACb,QAAQ,EAAE,MAAM,KACb,OAAO,CAAC,kBAAkB,EAAE,CAAC,CAAC;AAwEnC,eAAO,MAAM,iBAAiB,EAAE,iBAkE/B,CAAC;AAEF,eAAO,MAAM,0BAA0B,EAAE,0BAqBxC,CAAC"}
+{"version":3,"file":"07-evaluate-dcql-query.d.ts","sourceRoot":"","sources":["../../../../src/credential/presentation/07-evaluate-dcql-query.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAA8B,MAAM,MAAM,CAAC;AAG7D,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AACrD,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,SAAS,CAAC;AAElD,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAEjE;;GAEG;AACH,KAAK,iBAAiB,GAAG;IACvB,QAAQ,EAAE,OAAO,CAAC;IAClB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB,CAAC;AAEF,MAAM,MAAM,iBAAiB,GAAG,CAC9B,gBAAgB,EAAE,CAAC,aAAa,EAAE,MAAM,CAAkB,EAAE,EAC5D,KAAK,EAAE,SAAS,CAAC,KAAK,KACnB;IACH,EAAE,EAAE,MAAM,CAAC;IACX,GAAG,EAAE,MAAM,CAAC;IACZ,UAAU,EAAE,MAAM,CAAC;IACnB,aAAa,EAAE,aAAa,CAAC;IAC7B,mBAAmB,EAAE,UAAU,EAAE,CAAC;IAClC,QAAQ,EAAE,iBAAiB,EAAE,CAAC;CAC/B,EAAE,CAAC;AAEJ,MAAM,MAAM,0BAA0B,GAAG,CACvC,WAAW,EAAE;IACX,EAAE,EAAE,MAAM,CAAC;IACX,UAAU,EAAE,MAAM,CAAC;IACnB,aAAa,EAAE,aAAa,CAAC;IAC7B,eAAe,EAAE,MAAM,EAAE,CAAC;CAC3B,EAAE,EACH,KAAK,EAAE,MAAM,EACb,QAAQ,EAAE,MAAM,KACb,OAAO,CAAC,kBAAkB,EAAE,CAAC,CAAC;AAsEnC,eAAO,MAAM,iBAAiB,EAAE,iBAoE/B,CAAC;AAEF,eAAO,MAAM,0BAA0B,EAAE,0BAoBxC,CAAC"}