npm - @pagopa/io-react-native-wallet - Versions diffs - 2.1.1 → 2.3.0 - Mend

@pagopa/io-react-native-wallet 2.1.1 → 2.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (118) hide show

package/lib/commonjs/credential/offer/README.md ADDED Viewed

@@ -0,0 +1,174 @@
+# Credential Offer
+This flow handles the initial step of credential issuance by processing Credential Offers from Credential Issuers. The Credential Offer contains information about what credentials are available and how they can be obtained. Each step in the flow is imported from the related file which is named with a sequential number.
+A Credential Offer can be received by the Wallet in two ways: **by value** (complete offer embedded in the URL) or **by reference** (URL pointing to the offer endpoint). The offer specifies which credentials are available and what authorization flows are supported by the issuer.
+The implementation follows the [OpenID for Verifiable Credential Issuance 1.0](https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0.html#name-credential-offer-endpoint) specification and supports both Authorization Code flow and Pre-Authorized Code flow.
+## Sequence Diagram
+```mermaid
+sequenceDiagram
+  autonumber
+  participant U as User
+  participant W as Wallet
+  participant CI as Credential Issuer
+  CI->>U: QR Code / Deep Link with Credential Offer
+  U->>W: Scan QR / Click Link
+  W->>W: startFlowFromQR: Parse offer parameters
+  alt Credential Offer by Reference
+    W->>CI: fetchCredentialOffer: Fetch offer from URI
+    CI->>W: Return Credential Offer JSON
+  end
+  W->>W: Validate Credential Offer schema
+  W->>W: Determine available grant types
+  Note over W: Flow continues with credential issuance
+```
+## Grant Types
+The Credential Offer supports two OAuth 2.0 grant types that determine how authorization is handled:
+### Authorization Code Flow
+Used for interactive flows where user authentication and consent are required at the Authorization Server.
+- **`issuer_state`** (optional): Binds the authorization request to a specific issuer context
+- **`authorization_server`** (optional): Identifies which authorization server to use when multiple are available
+### Pre-Authorized Code Flow
+Used when the user has already been authenticated and authorized out-of-band. The issuer provides a pre-authorized code that can be exchanged directly for credentials.
+- **`pre-authorized_code`**: Short-lived single-use authorization code
+- **`tx_code`** (optional): Additional transaction code requirements for security
+- **`authorization_server`** (optional): Identifies which authorization server to use
+## Transaction Code Requirements
+When a transaction code is required for Pre-Authorized Code flow, the following parameters control the user experience:
+| Parameter     | Type                    | Description                                          |
+| ------------- | ----------------------- | ---------------------------------------------------- |
+| `input_mode`  | `"numeric"` \| `"text"` | Character set for the code (default: `"numeric"`)    |
+| `length`      | number                  | Expected code length to optimize input UI            |
+| `description` | string                  | User guidance (max 300 chars) for obtaining the code |
+## Credential Offer Transmission
+### By Value
+The complete Credential Offer is embedded in the URL parameter:
+```
+openid-credential-offer://?credential_offer=%7B%22credential_issuer%22...
+```
+### By Reference
+A URL points to an endpoint serving the Credential Offer:
+```
+openid-credential-offer://?credential_offer_uri=https%3A%2F%2Fserver.example.com%2Foffer
+```
+When using by reference, the Wallet fetches the offer via HTTP GET with `Accept: application/json`.
+## Mapped Results
+The following errors are mapped during credential offer processing:
+| Error                         | Description                                                                        |
+| ----------------------------- | ---------------------------------------------------------------------------------- |
+| `InvalidQRCodeError`          | The QR code format is invalid or doesn't contain valid credential offer parameters |
+| `InvalidCredentialOfferError` | The credential offer schema validation failed or contains invalid data             |
+## Examples
+<details>
+  <summary>Credential Offer processing flow</summary>
+```ts
+// Parse QR code or deep link
+const qrCode =
+  "openid-credential-offer://?credential_offer_uri=https%3A%2F%2Fissuer.example.com%2Foffer";
+const { credential_offer_uri } = startFlowFromQR(qrCode);
+// Fetch the credential offer if by reference
+const offer = await fetchCredentialOffer(credential_offer_uri, { appFetch });
+console.log(offer);
+// {
+//   credential_issuer: "https://issuer.example.com",
+//   credential_configuration_ids: ["UniversityDegree", "DriverLicense"],
+//   grants: {
+//     authorization_code: {
+//       issuer_state: "xyz123"
+//     },
+//     "urn:ietf:params:oauth:grant-type:pre-authorized_code": {
+//       "pre-authorized_code": "SplxlOBeZQQYbYS6WxSbIA",
+//       tx_code: {
+//         length: 6,
+//         input_mode: "numeric",
+//         description: "Enter the code sent to your email"
+//       }
+//     }
+//   }
+// }
+```
+</details>
+<details>
+  <summary>Pre-Authorized Code with Transaction Code</summary>
+```ts
+const offer: CredentialOffer = {
+  credential_issuer: "https://university.example.edu",
+  credential_configuration_ids: ["DiplomaCredential"],
+  grants: {
+    "urn:ietf:params:oauth:grant-type:pre-authorized_code": {
+      "pre-authorized_code": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9",
+      tx_code: {
+        length: 4,
+        input_mode: "numeric",
+        description: "Check your email for the verification code",
+      },
+    },
+  },
+};
+// The user would need to:
+// 1. Check their email for a 4-digit numeric code
+// 2. Enter it in the wallet when prompted
+// 3. The wallet uses both pre-authorized_code and tx_code in the token request
+```
+</details>
+<details>
+  <summary>Authorization Code Flow</summary>
+```ts
+const offer: CredentialOffer = {
+  credential_issuer: "https://dmv.example.gov",
+  credential_configuration_ids: ["org.iso.18013.5.1.mDL"],
+  grants: {
+    authorization_code: {
+      issuer_state: "af0ifjsldkj",
+      authorization_server: "https://auth.dmv.example.gov",
+    },
+  },
+};
+// This would lead to:
+// 1. User authentication at the authorization server
+// 2. User consent for credential issuance
+// 3. Authorization code returned to wallet
+// 4. Wallet exchanges code for access token
+// 5. Wallet uses access token to request credential
+```
+</details>

package/lib/commonjs/credential/offer/errors.js ADDED Viewed

@@ -0,0 +1,22 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.InvalidQRCodeError = exports.InvalidCredentialOfferError = void 0;
+var _errors = require("../../utils/errors");
+class InvalidCredentialOfferError extends _errors.IoWalletError {
+  code = "ERR_INVALID_CREDENTIAL_OFFER";
+  constructor(message) {
+    super(message);
+  }
+}
+exports.InvalidCredentialOfferError = InvalidCredentialOfferError;
+class InvalidQRCodeError extends _errors.IoWalletError {
+  code = "ERR_INVALID_QR_CODE";
+  constructor(message) {
+    super(message);
+  }
+}
+exports.InvalidQRCodeError = InvalidQRCodeError;
+//# sourceMappingURL=errors.js.map

package/lib/commonjs/credential/offer/errors.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"names":["_errors","require","InvalidCredentialOfferError","IoWalletError","code","constructor","message","exports","InvalidQRCodeError"],"sourceRoot":"../../../../src","sources":["credential/offer/errors.ts"],"mappings":";;;;;;AAAA,IAAAA,OAAA,GAAAC,OAAA;AAEO,MAAMC,2BAA2B,SAASC,qBAAa,CAAC;EAC7DC,IAAI,GAAG,8BAA8B;EAErCC,WAAWA,CAACC,OAAgB,EAAE;IAC5B,KAAK,CAACA,OAAO,CAAC;EAChB;AACF;AAACC,OAAA,CAAAL,2BAAA,GAAAA,2BAAA;AAEM,MAAMM,kBAAkB,SAASL,qBAAa,CAAC;EACpDC,IAAI,GAAG,qBAAqB;EAE5BC,WAAWA,CAACC,OAAgB,EAAE;IAC5B,KAAK,CAACA,OAAO,CAAC;EAChB;AACF;AAACC,OAAA,CAAAC,kBAAA,GAAAA,kBAAA"}

package/lib/commonjs/credential/offer/index.js ADDED Viewed

@@ -0,0 +1,25 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.Errors = void 0;
+Object.defineProperty(exports, "fetchCredentialOffer", {
+  enumerable: true,
+  get: function () {
+    return _fetchCredentialOffer.fetchCredentialOffer;
+  }
+});
+Object.defineProperty(exports, "startFlowFromQR", {
+  enumerable: true,
+  get: function () {
+    return _startFlow.startFlowFromQR;
+  }
+});
+var _startFlow = require("./01-start-flow");
+var _fetchCredentialOffer = require("./02-fetch-credential-offer");
+var Errors = _interopRequireWildcard(require("./errors"));
+exports.Errors = Errors;
+function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
+function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
+//# sourceMappingURL=index.js.map

package/lib/commonjs/credential/offer/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"names":["_startFlow","require","_fetchCredentialOffer","Errors","_interopRequireWildcard","exports","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set"],"sourceRoot":"../../../../src","sources":["credential/offer/index.ts"],"mappings":";;;;;;;;;;;;;;;;;;AAAA,IAAAA,UAAA,GAAAC,OAAA;AACA,IAAAC,qBAAA,GAAAD,OAAA;AAIA,IAAAE,MAAA,GAAAC,uBAAA,CAAAH,OAAA;AAAmCI,OAAA,CAAAF,MAAA,GAAAA,MAAA;AAAA,SAAAG,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAH,wBAAAO,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA"}

package/lib/commonjs/credential/offer/types.js ADDED Viewed

@@ -0,0 +1,51 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.TransactionCodeSchema = exports.PreAuthorizedCodeGrantSchema = exports.GrantsSchema = exports.CredentialOfferSchema = exports.AuthorizationCodeGrantSchema = void 0;
+var _zod = require("zod");
+/**
+ * OAuth 2.0 Authorization Code flow parameters.
+ */
+const AuthorizationCodeGrantSchema = _zod.z.object({
+  issuer_state: _zod.z.string().optional(),
+  authorization_server: _zod.z.string().url().optional()
+});
+exports.AuthorizationCodeGrantSchema = AuthorizationCodeGrantSchema;
+/**
+ * Transaction Code requirements for Pre-Authorized Code flow.
+ */
+const TransactionCodeSchema = _zod.z.object({
+  input_mode: _zod.z.enum(["numeric", "text"]).optional(),
+  length: _zod.z.number().int().positive().optional(),
+  description: _zod.z.string().max(300).optional()
+});
+exports.TransactionCodeSchema = TransactionCodeSchema;
+/**
+ * Pre-Authorized Code flow parameters.
+ */
+const PreAuthorizedCodeGrantSchema = _zod.z.object({
+  "pre-authorized_code": _zod.z.string(),
+  tx_code: TransactionCodeSchema.optional(),
+  authorization_server: _zod.z.string().url().optional()
+});
+exports.PreAuthorizedCodeGrantSchema = PreAuthorizedCodeGrantSchema;
+/**
+ * Supported grant types for Credential Offer.
+ */
+const GrantsSchema = _zod.z.object({
+  authorization_code: AuthorizationCodeGrantSchema.optional(),
+  "urn:ietf:params:oauth:grant-type:pre-authorized_code": PreAuthorizedCodeGrantSchema.optional()
+});
+exports.GrantsSchema = GrantsSchema;
+/**
+ * Credential Offer object as defined in OpenID4VCI Section 4.1.1.
+ */
+const CredentialOfferSchema = _zod.z.object({
+  credential_issuer: _zod.z.string().url(),
+  credential_configuration_ids: _zod.z.array(_zod.z.string()).min(1),
+  grants: GrantsSchema.optional()
+});
+exports.CredentialOfferSchema = CredentialOfferSchema;
+//# sourceMappingURL=types.js.map

package/lib/commonjs/credential/offer/types.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"names":["_zod","require","AuthorizationCodeGrantSchema","z","object","issuer_state","string","optional","authorization_server","url","exports","TransactionCodeSchema","input_mode","enum","length","number","int","positive","description","max","PreAuthorizedCodeGrantSchema","tx_code","GrantsSchema","authorization_code","CredentialOfferSchema","credential_issuer","credential_configuration_ids","array","min","grants"],"sourceRoot":"../../../../src","sources":["credential/offer/types.ts"],"mappings":";;;;;;AAAA,IAAAA,IAAA,GAAAC,OAAA;AAEA;AACA;AACA;AACO,MAAMC,4BAA4B,GAAGC,MAAC,CAACC,MAAM,CAAC;EACnDC,YAAY,EAAEF,MAAC,CAACG,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EACnCC,oBAAoB,EAAEL,MAAC,CAACG,MAAM,CAAC,CAAC,CAACG,GAAG,CAAC,CAAC,CAACF,QAAQ,CAAC;AAClD,CAAC,CAAC;AAACG,OAAA,CAAAR,4BAAA,GAAAA,4BAAA;AAMH;AACA;AACA;AACO,MAAMS,qBAAqB,GAAGR,MAAC,CAACC,MAAM,CAAC;EAC5CQ,UAAU,EAAET,MAAC,CAACU,IAAI,CAAC,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,CAACN,QAAQ,CAAC,CAAC;EAClDO,MAAM,EAAEX,MAAC,CAACY,MAAM,CAAC,CAAC,CAACC,GAAG,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC,CAACV,QAAQ,CAAC,CAAC;EAC9CW,WAAW,EAAEf,MAAC,CAACG,MAAM,CAAC,CAAC,CAACa,GAAG,CAAC,GAAG,CAAC,CAACZ,QAAQ,CAAC;AAC5C,CAAC,CAAC;AAACG,OAAA,CAAAC,qBAAA,GAAAA,qBAAA;AAIH;AACA;AACA;AACO,MAAMS,4BAA4B,GAAGjB,MAAC,CAACC,MAAM,CAAC;EACnD,qBAAqB,EAAED,MAAC,CAACG,MAAM,CAAC,CAAC;EACjCe,OAAO,EAAEV,qBAAqB,CAACJ,QAAQ,CAAC,CAAC;EACzCC,oBAAoB,EAAEL,MAAC,CAACG,MAAM,CAAC,CAAC,CAACG,GAAG,CAAC,CAAC,CAACF,QAAQ,CAAC;AAClD,CAAC,CAAC;AAACG,OAAA,CAAAU,4BAAA,GAAAA,4BAAA;AAMH;AACA;AACA;AACO,MAAME,YAAY,GAAGnB,MAAC,CAACC,MAAM,CAAC;EACnCmB,kBAAkB,EAAErB,4BAA4B,CAACK,QAAQ,CAAC,CAAC;EAC3D,sDAAsD,EACpDa,4BAA4B,CAACb,QAAQ,CAAC;AAC1C,CAAC,CAAC;AAACG,OAAA,CAAAY,YAAA,GAAAA,YAAA;AAIH;AACA;AACA;AACO,MAAME,qBAAqB,GAAGrB,MAAC,CAACC,MAAM,CAAC;EAC5CqB,iBAAiB,EAAEtB,MAAC,CAACG,MAAM,CAAC,CAAC,CAACG,GAAG,CAAC,CAAC;EACnCiB,4BAA4B,EAAEvB,MAAC,CAACwB,KAAK,CAACxB,MAAC,CAACG,MAAM,CAAC,CAAC,CAAC,CAACsB,GAAG,CAAC,CAAC,CAAC;EACxDC,MAAM,EAAEP,YAAY,CAACf,QAAQ,CAAC;AAChC,CAAC,CAAC;AAACG,OAAA,CAAAc,qBAAA,GAAAA,qBAAA"}

package/lib/commonjs/credential/presentation/01-start-flow.js CHANGED Viewed

@@ -17,7 +17,7 @@ const PresentationParams = z.object({
 /**
  * The beginning of the presentation flow.
- * To be implemented accordind to the user touchpoint
+ * To be implemented according to the user touchpoint
  *
  * @param params Presentation parameters, depending on the starting touchpoint
  * @returns The url for the Relying Party to connect with

package/lib/commonjs/credentials-catalogue/README.md ADDED Viewed

@@ -0,0 +1,15 @@
+# Digital Credentials Catalogue
+Module that manages the [**Digital Credentials Catalogue**](https://italia.github.io/eid-wallet-it-docs/releases/1.1.0/en/registry-catalogue.html) published by the Trust Anchor.
+The module allows:
+- Fetching, verifying and parsing the catalogue's JWT.
+## Usage
+```ts
+// Fetch the catalogue
+const TRUST_ANCHOR_BASE_URL = "https://pre.ta.wallet.ipzs.it";
+const credentialsCatalogue =
+  await CredentialsCatalogue.fetchAndParseCatalogue(TRUST_ANCHOR_BASE_URL);
+```

package/lib/commonjs/credentials-catalogue/fetch-and-parse-catalogue.js ADDED Viewed

@@ -0,0 +1,42 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.fetchAndParseCatalogue = void 0;
+var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
+var _misc = require("../utils/misc");
+var _errors = require("../utils/errors");
+var _types = require("./types");
+var _buildChain = require("../trust/build-chain");
+/**
+ * Fetch and parse the Digital Credential Catalogue from the Trust Anchor.
+ * The catalogue's JWT signature is verified against the Trust Anchor's JWKs.
+ *
+ * @param trustAnchorUrl Base URL of the Trust Anchor
+ * @param context.appFetch (optional) fetch API implementation. Default: built-in fetch
+ * @returns The Digital Credential Catalogue payload
+ */
+const fetchAndParseCatalogue = async function (trustAnchorBaseUrl) {
+  let {
+    appFetch = fetch
+  } = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {};
+  const trustAnchorConfig = await (0, _buildChain.getTrustAnchorEntityConfiguration)(trustAnchorBaseUrl);
+  const responseText = await appFetch(`${trustAnchorConfig.payload.sub}/.well-known/credential-catalogue`, {
+    method: "GET"
+  }).then((0, _misc.hasStatusOrThrow)(200)).then(res => res.text());
+  const responseJwt = (0, _ioReactNativeJwt.decode)(responseText);
+  const catalogueKid = responseJwt.protectedHeader.kid;
+  const trustAnchorJwk = trustAnchorConfig.payload.jwks.keys.find(jwk => jwk.kid === catalogueKid);
+  if (!trustAnchorJwk) {
+    throw new _errors.IoWalletError(`Could not find JWK with kid ${catalogueKid} in Trust Anchor's Entity Configuration`);
+  }
+  await (0, _ioReactNativeJwt.verify)(responseText, trustAnchorJwk);
+  const parsedDigitalCredentialsCatalogue = _types.DigitalCredentialsCatalogue.parse({
+    header: responseJwt.protectedHeader,
+    payload: responseJwt.payload
+  });
+  return parsedDigitalCredentialsCatalogue.payload;
+};
+exports.fetchAndParseCatalogue = fetchAndParseCatalogue;
+//# sourceMappingURL=fetch-and-parse-catalogue.js.map

package/lib/commonjs/credentials-catalogue/fetch-and-parse-catalogue.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"names":["_ioReactNativeJwt","require","_misc","_errors","_types","_buildChain","fetchAndParseCatalogue","trustAnchorBaseUrl","appFetch","fetch","arguments","length","undefined","trustAnchorConfig","getTrustAnchorEntityConfiguration","responseText","payload","sub","method","then","hasStatusOrThrow","res","text","responseJwt","decodeJwt","catalogueKid","protectedHeader","kid","trustAnchorJwk","jwks","keys","find","jwk","IoWalletError","verify","parsedDigitalCredentialsCatalogue","DigitalCredentialsCatalogue","parse","header","exports"],"sourceRoot":"../../../src","sources":["credentials-catalogue/fetch-and-parse-catalogue.ts"],"mappings":";;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AACA,IAAAC,KAAA,GAAAD,OAAA;AACA,IAAAE,OAAA,GAAAF,OAAA;AACA,IAAAG,MAAA,GAAAH,OAAA;AACA,IAAAI,WAAA,GAAAJ,OAAA;AAMA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMK,sBAAsB,GAAG,eAAAA,CACpCC,kBAA0B,EAE0B;EAAA,IADpD;IAAEC,QAAQ,GAAGC;EAA2B,CAAC,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EAE9C,MAAMG,iBAAiB,GACrB,MAAM,IAAAC,6CAAiC,EAACP,kBAAkB,CAAC;EAE7D,MAAMQ,YAAY,GAAG,MAAMP,QAAQ,CAChC,GAAEK,iBAAiB,CAACG,OAAO,CAACC,GAAI,mCAAkC,EACnE;IAAEC,MAAM,EAAE;EAAM,CAClB,CAAC,CACEC,IAAI,CAAC,IAAAC,sBAAgB,EAAC,GAAG,CAAC,CAAC,CAC3BD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC;EAE5B,MAAMC,WAAW,GAAG,IAAAC,wBAAS,EAACT,YAAY,CAAC;EAC3C,MAAMU,YAAY,GAAGF,WAAW,CAACG,eAAe,CAACC,GAAG;EAEpD,MAAMC,cAAc,GAAGf,iBAAiB,CAACG,OAAO,CAACa,IAAI,CAACC,IAAI,CAACC,IAAI,CAC5DC,GAAG,IAAKA,GAAG,CAACL,GAAG,KAAKF,YACvB,CAAC;EAED,IAAI,CAACG,cAAc,EAAE;IACnB,MAAM,IAAIK,qBAAa,CACpB,+BAA8BR,YAAa,yCAC9C,CAAC;EACH;EAEA,MAAM,IAAAS,wBAAM,EAACnB,YAAY,EAAEa,cAAc,CAAC;EAE1C,MAAMO,iCAAiC,GAAGC,kCAA2B,CAACC,KAAK,CAAC;IAC1EC,MAAM,EAAEf,WAAW,CAACG,eAAe;IACnCV,OAAO,EAAEO,WAAW,CAACP;EACvB,CAAC,CAAC;EAEF,OAAOmB,iCAAiC,CAACnB,OAAO;AAClD,CAAC;AAACuB,OAAA,CAAAjC,sBAAA,GAAAA,sBAAA"}

package/lib/commonjs/credentials-catalogue/index.js ADDED Viewed

@@ -0,0 +1,13 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+Object.defineProperty(exports, "fetchAndParseCatalogue", {
+  enumerable: true,
+  get: function () {
+    return _fetchAndParseCatalogue.fetchAndParseCatalogue;
+  }
+});
+var _fetchAndParseCatalogue = require("./fetch-and-parse-catalogue");
+//# sourceMappingURL=index.js.map

package/lib/commonjs/credentials-catalogue/index.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"names":["_fetchAndParseCatalogue","require"],"sourceRoot":"../../../src","sources":["credentials-catalogue/index.ts"],"mappings":";;;;;;;;;;;AAAA,IAAAA,uBAAA,GAAAC,OAAA"}

package/lib/commonjs/credentials-catalogue/types.js ADDED Viewed

@@ -0,0 +1,99 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.DigitalCredentialsCatalogue = exports.DigitalCredential = void 0;
+var z = _interopRequireWildcard(require("zod"));
+var _types = require("../sd-jwt/types");
+function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
+function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
+const CredentialPurpose = z.object({
+  id: z.string(),
+  description: z.string(),
+  category: z.string(),
+  subcategory: z.string(),
+  claims_required: z.array(z.string()),
+  claim_recommended: z.array(z.string())
+});
+const CredentialIssuer = z.object({
+  id: z.string(),
+  organization_name: z.string(),
+  organization_code: z.string(),
+  organization_country: z.string(),
+  contacts: z.array(z.string()).optional(),
+  homepage_uri: z.string().optional(),
+  logo_uri: z.string().optional(),
+  policy_uri: z.string().optional(),
+  tos_uri: z.string().optional()
+});
+const AuthenticSource = z.object({
+  id: z.string(),
+  organization_name: z.string(),
+  organization_code: z.string(),
+  organization_country: z.string(),
+  source_type: z.enum(["public", "private"]),
+  contacts: z.array(z.string()).optional(),
+  homepage_uri: z.string().optional(),
+  logo_uri: z.string().optional(),
+  user_information: z.string().optional()
+});
+const CredentialFormat = z.object({
+  configuration_id: z.string(),
+  format: z.enum(["dc+sd-jwt", "mso_mdoc"]),
+  vct: z.string().url().optional(),
+  docType: z.string().optional(),
+  schema_uri: z.string().url().optional(),
+  "schema_uri#integrity": z.string().optional()
+});
+const Claim = z.object({
+  name: z.string(),
+  taxonomy_ref: z.string(),
+  display_name: z.string()
+});
+const DigitalCredential = z.object({
+  version: z.string(),
+  credential_type: z.string(),
+  legal_type: z.string(),
+  name: z.string(),
+  description: z.string(),
+  validity_info: z.object({
+    max_validity_days: z.number(),
+    status_methods: z.array(z.string()),
+    allowed_states: z.array(z.string())
+  }),
+  authentication: z.object({
+    user_auth_required: z.boolean(),
+    min_loa: z.string(),
+    supported_eid_schemes: z.array(z.string())
+  }),
+  purposes: z.array(CredentialPurpose),
+  issuers: z.array(CredentialIssuer),
+  authentic_sources: z.array(AuthenticSource),
+  formats: z.array(CredentialFormat),
+  claims: z.array(Claim)
+});
+/**
+ * The Digital Credentials Catalogue published by the Trust Anchor
+ *
+ * @version 1.1.0
+ * @see https://italia.github.io/eid-wallet-it-docs/releases/1.1.0/en/registry-catalogue.html
+ */
+exports.DigitalCredential = DigitalCredential;
+const DigitalCredentialsCatalogue = z.object({
+  header: z.object({
+    typ: z.string(),
+    alg: z.string(),
+    kid: z.string()
+  }),
+  payload: z.object({
+    catalog_version: z.string(),
+    taxonomy_uri: z.string().url(),
+    credentials: z.array(DigitalCredential),
+    iat: _types.UnixTime,
+    exp: _types.UnixTime
+  })
+});
+exports.DigitalCredentialsCatalogue = DigitalCredentialsCatalogue;
+//# sourceMappingURL=types.js.map

package/lib/commonjs/credentials-catalogue/types.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"names":["z","_interopRequireWildcard","require","_types","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","CredentialPurpose","object","id","string","description","category","subcategory","claims_required","array","claim_recommended","CredentialIssuer","organization_name","organization_code","organization_country","contacts","optional","homepage_uri","logo_uri","policy_uri","tos_uri","AuthenticSource","source_type","enum","user_information","CredentialFormat","configuration_id","format","vct","url","docType","schema_uri","Claim","name","taxonomy_ref","display_name","DigitalCredential","version","credential_type","legal_type","validity_info","max_validity_days","number","status_methods","allowed_states","authentication","user_auth_required","boolean","min_loa","supported_eid_schemes","purposes","issuers","authentic_sources","formats","claims","exports","DigitalCredentialsCatalogue","header","typ","alg","kid","payload","catalog_version","taxonomy_uri","credentials","iat","UnixTime","exp"],"sourceRoot":"../../../src","sources":["credentials-catalogue/types.ts"],"mappings":";;;;;;AAAA,IAAAA,CAAA,GAAAC,uBAAA,CAAAC,OAAA;AACA,IAAAC,MAAA,GAAAD,OAAA;AAA2C,SAAAE,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAJ,wBAAAQ,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAE3C,MAAMW,iBAAiB,GAAG1B,CAAC,CAAC2B,MAAM,CAAC;EACjCC,EAAE,EAAE5B,CAAC,CAAC6B,MAAM,CAAC,CAAC;EACdC,WAAW,EAAE9B,CAAC,CAAC6B,MAAM,CAAC,CAAC;EACvBE,QAAQ,EAAE/B,CAAC,CAAC6B,MAAM,CAAC,CAAC;EACpBG,WAAW,EAAEhC,CAAC,CAAC6B,MAAM,CAAC,CAAC;EACvBI,eAAe,EAAEjC,CAAC,CAACkC,KAAK,CAAClC,CAAC,CAAC6B,MAAM,CAAC,CAAC,CAAC;EACpCM,iBAAiB,EAAEnC,CAAC,CAACkC,KAAK,CAAClC,CAAC,CAAC6B,MAAM,CAAC,CAAC;AACvC,CAAC,CAAC;AAEF,MAAMO,gBAAgB,GAAGpC,CAAC,CAAC2B,MAAM,CAAC;EAChCC,EAAE,EAAE5B,CAAC,CAAC6B,MAAM,CAAC,CAAC;EACdQ,iBAAiB,EAAErC,CAAC,CAAC6B,MAAM,CAAC,CAAC;EAC7BS,iBAAiB,EAAEtC,CAAC,CAAC6B,MAAM,CAAC,CAAC;EAC7BU,oBAAoB,EAAEvC,CAAC,CAAC6B,MAAM,CAAC,CAAC;EAChCW,QAAQ,EAAExC,CAAC,CAACkC,KAAK,CAAClC,CAAC,CAAC6B,MAAM,CAAC,CAAC,CAAC,CAACY,QAAQ,CAAC,CAAC;EACxCC,YAAY,EAAE1C,CAAC,CAAC6B,MAAM,CAAC,CAAC,CAACY,QAAQ,CAAC,CAAC;EACnCE,QAAQ,EAAE3C,CAAC,CAAC6B,MAAM,CAAC,CAAC,CAACY,QAAQ,CAAC,CAAC;EAC/BG,UAAU,EAAE5C,CAAC,CAAC6B,MAAM,CAAC,CAAC,CAACY,QAAQ,CAAC,CAAC;EACjCI,OAAO,EAAE7C,CAAC,CAAC6B,MAAM,CAAC,CAAC,CAACY,QAAQ,CAAC;AAC/B,CAAC,CAAC;AAEF,MAAMK,eAAe,GAAG9C,CAAC,CAAC2B,MAAM,CAAC;EAC/BC,EAAE,EAAE5B,CAAC,CAAC6B,MAAM,CAAC,CAAC;EACdQ,iBAAiB,EAAErC,CAAC,CAAC6B,MAAM,CAAC,CAAC;EAC7BS,iBAAiB,EAAEtC,CAAC,CAAC6B,MAAM,CAAC,CAAC;EAC7BU,oBAAoB,EAAEvC,CAAC,CAAC6B,MAAM,CAAC,CAAC;EAChCkB,WAAW,EAAE/C,CAAC,CAACgD,IAAI,CAAC,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;EAC1CR,QAAQ,EAAExC,CAAC,CAACkC,KAAK,CAAClC,CAAC,CAAC6B,MAAM,CAAC,CAAC,CAAC,CAACY,QAAQ,CAAC,CAAC;EACxCC,YAAY,EAAE1C,CAAC,CAAC6B,MAAM,CAAC,CAAC,CAACY,QAAQ,CAAC,CAAC;EACnCE,QAAQ,EAAE3C,CAAC,CAAC6B,MAAM,CAAC,CAAC,CAACY,QAAQ,CAAC,CAAC;EAC/BQ,gBAAgB,EAAEjD,CAAC,CAAC6B,MAAM,CAAC,CAAC,CAACY,QAAQ,CAAC;AACxC,CAAC,CAAC;AAEF,MAAMS,gBAAgB,GAAGlD,CAAC,CAAC2B,MAAM,CAAC;EAChCwB,gBAAgB,EAAEnD,CAAC,CAAC6B,MAAM,CAAC,CAAC;EAC5BuB,MAAM,EAAEpD,CAAC,CAACgD,IAAI,CAAC,CAAC,WAAW,EAAE,UAAU,CAAC,CAAC;EACzCK,GAAG,EAAErD,CAAC,CAAC6B,MAAM,CAAC,CAAC,CAACyB,GAAG,CAAC,CAAC,CAACb,QAAQ,CAAC,CAAC;EAChCc,OAAO,EAAEvD,CAAC,CAAC6B,MAAM,CAAC,CAAC,CAACY,QAAQ,CAAC,CAAC;EAC9Be,UAAU,EAAExD,CAAC,CAAC6B,MAAM,CAAC,CAAC,CAACyB,GAAG,CAAC,CAAC,CAACb,QAAQ,CAAC,CAAC;EACvC,sBAAsB,EAAEzC,CAAC,CAAC6B,MAAM,CAAC,CAAC,CAACY,QAAQ,CAAC;AAC9C,CAAC,CAAC;AAEF,MAAMgB,KAAK,GAAGzD,CAAC,CAAC2B,MAAM,CAAC;EACrB+B,IAAI,EAAE1D,CAAC,CAAC6B,MAAM,CAAC,CAAC;EAChB8B,YAAY,EAAE3D,CAAC,CAAC6B,MAAM,CAAC,CAAC;EACxB+B,YAAY,EAAE5D,CAAC,CAAC6B,MAAM,CAAC;AACzB,CAAC,CAAC;AAEK,MAAMgC,iBAAiB,GAAG7D,CAAC,CAAC2B,MAAM,CAAC;EACxCmC,OAAO,EAAE9D,CAAC,CAAC6B,MAAM,CAAC,CAAC;EACnBkC,eAAe,EAAE/D,CAAC,CAAC6B,MAAM,CAAC,CAAC;EAC3BmC,UAAU,EAAEhE,CAAC,CAAC6B,MAAM,CAAC,CAAC;EACtB6B,IAAI,EAAE1D,CAAC,CAAC6B,MAAM,CAAC,CAAC;EAChBC,WAAW,EAAE9B,CAAC,CAAC6B,MAAM,CAAC,CAAC;EACvBoC,aAAa,EAAEjE,CAAC,CAAC2B,MAAM,CAAC;IACtBuC,iBAAiB,EAAElE,CAAC,CAACmE,MAAM,CAAC,CAAC;IAC7BC,cAAc,EAAEpE,CAAC,CAACkC,KAAK,CAAClC,CAAC,CAAC6B,MAAM,CAAC,CAAC,CAAC;IACnCwC,cAAc,EAAErE,CAAC,CAACkC,KAAK,CAAClC,CAAC,CAAC6B,MAAM,CAAC,CAAC;EACpC,CAAC,CAAC;EACFyC,cAAc,EAAEtE,CAAC,CAAC2B,MAAM,CAAC;IACvB4C,kBAAkB,EAAEvE,CAAC,CAACwE,OAAO,CAAC,CAAC;IAC/BC,OAAO,EAAEzE,CAAC,CAAC6B,MAAM,CAAC,CAAC;IACnB6C,qBAAqB,EAAE1E,CAAC,CAACkC,KAAK,CAAClC,CAAC,CAAC6B,MAAM,CAAC,CAAC;EAC3C,CAAC,CAAC;EACF8C,QAAQ,EAAE3E,CAAC,CAACkC,KAAK,CAACR,iBAAiB,CAAC;EACpCkD,OAAO,EAAE5E,CAAC,CAACkC,KAAK,CAACE,gBAAgB,CAAC;EAClCyC,iBAAiB,EAAE7E,CAAC,CAACkC,KAAK,CAACY,eAAe,CAAC;EAC3CgC,OAAO,EAAE9E,CAAC,CAACkC,KAAK,CAACgB,gBAAgB,CAAC;EAClC6B,MAAM,EAAE/E,CAAC,CAACkC,KAAK,CAACuB,KAAK;AACvB,CAAC,CAAC;;AAEF;AACA;AACA;AACA;AACA;AACA;AALAuB,OAAA,CAAAnB,iBAAA,GAAAA,iBAAA;AAMO,MAAMoB,2BAA2B,GAAGjF,CAAC,CAAC2B,MAAM,CAAC;EAClDuD,MAAM,EAAElF,CAAC,CAAC2B,MAAM,CAAC;IACfwD,GAAG,EAAEnF,CAAC,CAAC6B,MAAM,CAAC,CAAC;IACfuD,GAAG,EAAEpF,CAAC,CAAC6B,MAAM,CAAC,CAAC;IACfwD,GAAG,EAAErF,CAAC,CAAC6B,MAAM,CAAC;EAChB,CAAC,CAAC;EACFyD,OAAO,EAAEtF,CAAC,CAAC2B,MAAM,CAAC;IAChB4D,eAAe,EAAEvF,CAAC,CAAC6B,MAAM,CAAC,CAAC;IAC3B2D,YAAY,EAAExF,CAAC,CAAC6B,MAAM,CAAC,CAAC,CAACyB,GAAG,CAAC,CAAC;IAC9BmC,WAAW,EAAEzF,CAAC,CAACkC,KAAK,CAAC2B,iBAAiB,CAAC;IACvC6B,GAAG,EAAEC,eAAQ;IACbC,GAAG,EAAED;EACP,CAAC;AACH,CAAC,CAAC;AAACX,OAAA,CAAAC,2BAAA,GAAAA,2BAAA"}

package/lib/commonjs/index.js CHANGED Viewed

@@ -15,7 +15,7 @@ Object.defineProperty(exports, "AuthorizationDetails", {
     return _par.AuthorizationDetails;
   }
 });
-exports.WalletInstanceAttestation = exports.WalletInstance = exports.Trust = exports.SdJwt = exports.PID = exports.Logging = exports.Errors = exports.Credential = void 0;
+exports.WalletInstanceAttestation = exports.WalletInstance = exports.Trust = exports.SdJwt = exports.PID = exports.Mdoc = exports.Logging = exports.Errors = exports.CredentialsCatalogue = exports.Credential = void 0;
 Object.defineProperty(exports, "createCryptoContextFor", {
   enumerable: true,
   get: function () {
@@ -32,10 +32,14 @@ var _jwk = require("./utils/jwk");
 require("react-native-url-polyfill/auto");
 var Credential = _interopRequireWildcard(require("./credential"));
 exports.Credential = Credential;
+var CredentialsCatalogue = _interopRequireWildcard(require("./credentials-catalogue"));
+exports.CredentialsCatalogue = CredentialsCatalogue;
 var PID = _interopRequireWildcard(require("./pid"));
 exports.PID = PID;
 var SdJwt = _interopRequireWildcard(require("./sd-jwt"));
 exports.SdJwt = SdJwt;
+var Mdoc = _interopRequireWildcard(require("./mdoc"));
+exports.Mdoc = Mdoc;
 var Errors = _interopRequireWildcard(require("./utils/errors"));
 exports.Errors = Errors;
 var WalletInstanceAttestation = _interopRequireWildcard(require("./wallet-instance-attestation"));

package/lib/commonjs/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"names":["_jwk","require","Credential","_interopRequireWildcard","exports","PID","SdJwt","Errors","WalletInstanceAttestation","Trust","WalletInstance","Logging","_par","_crypto","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set"],"sourceRoot":"../../src","sources":["index.ts"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AACA,IAAAA,IAAA,GAAAC,OAAA;AAGAA,OAAA;AAEA,IAAAC,UAAA,GAAAC,uBAAA,CAAAF,OAAA;AAA2CG,OAAA,CAAAF,UAAA,GAAAA,UAAA;AAC3C,IAAAG,~~GAAA~~,GAAAF,uBAAA,CAAAF,OAAA;~~AAA6BG~~,OAAA,CAAAC,GAAA,GAAAA,GAAA;AAC7B,IAAAC,KAAA,~~GAAAH~~,uBAAA,CAAAF,OAAA;AAAkCG,OAAA,~~CAAAE~~,KAAA,GAAAA,KAAA;AAClC,IAAAC,MAAA,~~GAAAJ~~,uBAAA,CAAAF,OAAA;AAAyCG,OAAA,~~CAAAG~~,MAAA,GAAAA,MAAA;AACzC,IAAAC,yBAAA,~~GAAAL~~,uBAAA,CAAAF,OAAA;AAA2EG,OAAA,~~CAAAI~~,yBAAA,GAAAA,yBAAA;AAC3E,IAAAC,KAAA,~~GAAAN~~,uBAAA,CAAAF,OAAA;AAAiCG,OAAA,~~CAAAK~~,KAAA,GAAAA,KAAA;AACjC,IAAAC,cAAA,~~GAAAP~~,uBAAA,CAAAF,OAAA;AAAoDG,OAAA,~~CAAAM~~,cAAA,GAAAA,cAAA;AACpD,IAAAC,OAAA,~~GAAAR~~,uBAAA,CAAAF,OAAA;AAA2CG,OAAA,~~CAAAO~~,OAAA,GAAAA,OAAA;AAC3C,IAAAC,IAAA,~~GAAAX~~,OAAA;AACA,~~IAAAY~~,OAAA,~~GAAAZ~~,OAAA;AAAwD,~~SAAAa~~,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,~~SAAAZ~~,~~wBAAAgB~~,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA"}
1	+ {"version":3,"names":["_jwk","require","Credential","_interopRequireWildcard","exports","CredentialsCatalogue","PID","SdJwt","Mdoc","Errors","WalletInstanceAttestation","Trust","WalletInstance","Logging","_par","_crypto","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set"],"sourceRoot":"../../src","sources":["index.ts"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AACA,IAAAA,IAAA,GAAAC,OAAA;AAGAA,OAAA;AAEA,IAAAC,UAAA,GAAAC,uBAAA,CAAAF,OAAA;AAA2CG,OAAA,CAAAF,UAAA,GAAAA,UAAA;AAC3C,IAAAG,oBAAA,GAAAF,uBAAA,CAAAF,OAAA;AAAgEG,OAAA,CAAAC,oBAAA,GAAAA,oBAAA;AAChE,IAAAC,GAAA,GAAAH,uBAAA,CAAAF,OAAA;AAA6BG,OAAA,CAAAE,GAAA,GAAAA,GAAA;AAC7B,IAAAC,KAAA,GAAAJ,uBAAA,CAAAF,OAAA;AAAkCG,OAAA,CAAAG,KAAA,GAAAA,KAAA;AAClC,IAAAC,IAAA,GAAAL,uBAAA,CAAAF,OAAA;AAA+BG,OAAA,CAAAI,IAAA,GAAAA,IAAA;AAC/B,IAAAC,MAAA,GAAAN,uBAAA,CAAAF,OAAA;AAAyCG,OAAA,CAAAK,MAAA,GAAAA,MAAA;AACzC,IAAAC,yBAAA,GAAAP,uBAAA,CAAAF,OAAA;AAA2EG,OAAA,CAAAM,yBAAA,GAAAA,yBAAA;AAC3E,IAAAC,KAAA,GAAAR,uBAAA,CAAAF,OAAA;AAAiCG,OAAA,CAAAO,KAAA,GAAAA,KAAA;AACjC,IAAAC,cAAA,GAAAT,uBAAA,CAAAF,OAAA;AAAoDG,OAAA,CAAAQ,cAAA,GAAAA,cAAA;AACpD,IAAAC,OAAA,GAAAV,uBAAA,CAAAF,OAAA;AAA2CG,OAAA,CAAAS,OAAA,GAAAA,OAAA;AAC3C,IAAAC,IAAA,GAAAb,OAAA;AACA,IAAAc,OAAA,GAAAd,OAAA;AAAwD,SAAAe,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAd,wBAAAkB,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA"}

package/lib/commonjs/mdoc/index.js CHANGED Viewed

@@ -3,6 +3,9 @@
 Object.defineProperty(exports, "__esModule", {
   value: true
 });
+var _exportNames = {
+  verify: true
+};
 exports.verify = void 0;
 var _ioReactNativeIso = require("@pagopa/io-react-native-iso18013");
 var _jsrsasign = require("jsrsasign");
@@ -10,6 +13,18 @@ var _ioReactNativeCrypto = require("@pagopa/io-react-native-crypto");
 var _errors = require("../trust/errors");
 var _errors2 = require("../utils/errors");
 var _crypto = require("../utils/crypto");
+var _utils = require("./utils");
+Object.keys(_utils).forEach(function (key) {
+  if (key === "default" || key === "__esModule") return;
+  if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
+  if (key in exports && exports[key] === _utils[key]) return;
+  Object.defineProperty(exports, key, {
+    enumerable: true,
+    get: function () {
+      return _utils[key];
+    }
+  });
+});
 const verify = async (token, x509CertRoot) => {
   var _issuerSigned$issuerA;
   // get decoded data

package/lib/commonjs/mdoc/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"names":["_ioReactNativeIso","require","_jsrsasign","_ioReactNativeCrypto","_errors","_errors2","_crypto","verify","token","x509CertRoot","_issuerSigned$issuerA","issuerSigned","CBOR","decodeIssuerSigned","IoWalletError","issuerAuth","unprotectedHeader","x5chain","Array","isArray","length","MissingX509CertsError","map","b64utob64","verifyX5chain","coseSign1","rawValue","verifyMdocSignature","~~exports","~~options","arguments","undefined","connectTimeout","readTimeout","requireCrl","x509ValidationResult","verifyCertificateChain","isValid","X509ValidationError","validationStatus","errorMessage","x509ValidationStatus","x509ErrorMessage","cert","pemcert","convertBase64DerToPem","jwk","getSigninJwkFromCert","x","y","signatureCorrect","COSE","Error"],"sourceRoot":"../../../src","sources":["mdoc/index.ts"],"mappings":"~~;;;;;;~~AAAA,IAAAA,iBAAA,GAAAC,OAAA;AACA,IAAAC,UAAA,GAAAD,OAAA;AACA,IAAAE,oBAAA,GAAAF,OAAA;AAMA,IAAAG,OAAA,GAAAH,OAAA;AACA,IAAAI,QAAA,GAAAJ,OAAA;AACA,IAAAK,OAAA,GAAAL,OAAA;AAEO,~~MAAMM~~,MAAM,GAAG,MAAAA,CACpBC,KAAa,EACbC,YAAoB,KAC6B;EAAA,IAAAC,qBAAA;EACjD;EACA,MAAMC,YAAY,GAAG,MAAMC,sBAAI,CAACC,kBAAkB,CAACL,KAAK,CAAC;EAEzD,IAAI,CAACG,YAAY,EAAE;IACjB,MAAM,IAAIG,sBAAa,CAAC,cAAc,CAAC;EACzC;EAEA,IACE,GAAAJ,qBAAA,GAACC,YAAY,CAACI,UAAU,CAACC,iBAAiB,cAAAN,qBAAA,eAAzCA,qBAAA,CAA2CO,OAAO,MAClD,CAACC,KAAK,CAACC,OAAO,CAACR,YAAY,CAACI,UAAU,CAACC,iBAAiB,CAACC,OAAO,CAAC,IAChEN,YAAY,CAACI,UAAU,CAACC,iBAAiB,CAACC,OAAO,CAACG,MAAM,KAAK,CAAC,CAAC,EACjE;IACA,MAAM,IAAIC,6BAAqB,CAAC,2BAA2B,CAAC;EAC9D;EACA,MAAMJ,OAAO,GACXN,YAAY,CAACI,UAAU,CAACC,iBAAiB,CAACC,OAAO,CAACK,GAAG,CAACC,oBAAS,CAAC;EAClE;EACA,MAAMC,aAAa,CAACP,OAAO,EAAER,YAAY,CAAC;EAE1C,MAAMgB,SAAS,GAAGd,YAAY,CAACI,UAAU,CAACW,QAAQ;EAElD,IAAI,CAACD,SAAS,EAAE;IACd,MAAM,IAAIX,sBAAa,CAAC,mBAAmB,CAAC;EAC9C;EACA;EACA,MAAMa,mBAAmB,CAACF,SAAS,EAAER,OAAO,CAAC,CAAC,CAAE,CAAC;EAEjD,OAAO;IAAEN;EAAa,CAAC;AACzB,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;~~AANAiB~~,OAAA,~~CAAArB~~,MAAA,GAAAA,MAAA;AAOA,MAAMiB,aAAa,GAAG,eAAAA,CACpBP,OAAiB,EACjBR,YAAoB,EAMjB;EAAA,~~IALHoB~~,OAA+B,GAAAC,SAAA,~~CAAAV~~,MAAA,~~QAAAU~~,SAAA,QAAAC,SAAA,GAAAD,SAAA,MAAG;IAChCE,cAAc,EAAE,KAAK;IACrBC,WAAW,EAAE,KAAK;IAClBC,UAAU,EAAE;EACd,CAAC;EAED,MAAMC,oBAAiD,GACrD,MAAM,IAAAC,2CAAsB,~~EAACnB~~,OAAO,EAAER,YAAY,~~EAAEoB~~,OAAO,CAAC;EAE9D,IAAI,CAACM,oBAAoB,CAACE,OAAO,EAAE;IACjC,MAAM,IAAIC,2BAAmB,CAC1B,sDAAqDH,oBAAoB,CAACI,gBAAiB,YAAWJ,oBAAoB,CAACK,YAAa,EAAC,EAC1I;MACEC,oBAAoB,EAAEN,oBAAoB,CAACI,gBAAgB;MAC3DG,gBAAgB,EAAEP,oBAAoB,CAACK;IACzC,CACF,CAAC;EACH;AACF,CAAC;AACD;AACA;AACA;AACA;AACA;AACA;AACA;AACA,~~MAAMb~~,mBAAmB,GAAG,MAAAA,CAAOF,SAAiB,~~EAAEkB~~,IAAY,KAAK;EACrE,MAAMC,OAAO,GAAG,IAAAC,6BAAqB,EAACF,IAAI,CAAC;EAC3C,MAAMG,GAAG,GAAG,IAAAC,4BAAoB,EAACH,OAAO,CAAC;EAEzCE,GAAG,CAACE,CAAC,GAAG,~~IAAAzB~~,oBAAS,~~EAACuB~~,GAAG,CAACE,CAAE,CAAC;EACzBF,GAAG,CAACG,CAAC,GAAG,~~IAAA1B~~,oBAAS,~~EAACuB~~,GAAG,CAACG,CAAE,CAAC;EAEzB,MAAMC,gBAAgB,GAAG,MAAMC,sBAAI,~~CAAC5C~~,MAAM,CAACkB,SAAS,~~EAAEqB~~,GAAgB,CAAC;EAEvE,IAAI,CAACI,gBAAgB,EAAE,MAAM,IAAIE,KAAK,CAAC,wBAAwB,CAAC;AAClE,CAAC"}
1	+ {"version":3,"names":["_ioReactNativeIso","require","_jsrsasign","_ioReactNativeCrypto","_errors","_errors2","_crypto","_utils","Object","keys","forEach","key","prototype","hasOwnProperty","call","_exportNames","exports","defineProperty","enumerable","get","verify","token","x509CertRoot","_issuerSigned$issuerA","issuerSigned","CBOR","decodeIssuerSigned","IoWalletError","issuerAuth","unprotectedHeader","x5chain","Array","isArray","length","MissingX509CertsError","map","b64utob64","verifyX5chain","coseSign1","rawValue","verifyMdocSignature","options","arguments","undefined","connectTimeout","readTimeout","requireCrl","x509ValidationResult","verifyCertificateChain","isValid","X509ValidationError","validationStatus","errorMessage","x509ValidationStatus","x509ErrorMessage","cert","pemcert","convertBase64DerToPem","jwk","getSigninJwkFromCert","x","y","signatureCorrect","COSE","Error"],"sourceRoot":"../../../src","sources":["mdoc/index.ts"],"mappings":";;;;;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AACA,IAAAC,UAAA,GAAAD,OAAA;AACA,IAAAE,oBAAA,GAAAF,OAAA;AAMA,IAAAG,OAAA,GAAAH,OAAA;AACA,IAAAI,QAAA,GAAAJ,OAAA;AACA,IAAAK,OAAA,GAAAL,OAAA;AACA,IAAAM,MAAA,GAAAN,OAAA;AAAAO,MAAA,CAAAC,IAAA,CAAAF,MAAA,EAAAG,OAAA,WAAAC,GAAA;EAAA,IAAAA,GAAA,kBAAAA,GAAA;EAAA,IAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAC,YAAA,EAAAJ,GAAA;EAAA,IAAAA,GAAA,IAAAK,OAAA,IAAAA,OAAA,CAAAL,GAAA,MAAAJ,MAAA,CAAAI,GAAA;EAAAH,MAAA,CAAAS,cAAA,CAAAD,OAAA,EAAAL,GAAA;IAAAO,UAAA;IAAAC,GAAA,WAAAA,CAAA;MAAA,OAAAZ,MAAA,CAAAI,GAAA;IAAA;EAAA;AAAA;AAEO,MAAMS,MAAM,GAAG,MAAAA,CACpBC,KAAa,EACbC,YAAoB,KAC6B;EAAA,IAAAC,qBAAA;EACjD;EACA,MAAMC,YAAY,GAAG,MAAMC,sBAAI,CAACC,kBAAkB,CAACL,KAAK,CAAC;EAEzD,IAAI,CAACG,YAAY,EAAE;IACjB,MAAM,IAAIG,sBAAa,CAAC,cAAc,CAAC;EACzC;EAEA,IACE,GAAAJ,qBAAA,GAACC,YAAY,CAACI,UAAU,CAACC,iBAAiB,cAAAN,qBAAA,eAAzCA,qBAAA,CAA2CO,OAAO,MAClD,CAACC,KAAK,CAACC,OAAO,CAACR,YAAY,CAACI,UAAU,CAACC,iBAAiB,CAACC,OAAO,CAAC,IAChEN,YAAY,CAACI,UAAU,CAACC,iBAAiB,CAACC,OAAO,CAACG,MAAM,KAAK,CAAC,CAAC,EACjE;IACA,MAAM,IAAIC,6BAAqB,CAAC,2BAA2B,CAAC;EAC9D;EACA,MAAMJ,OAAO,GACXN,YAAY,CAACI,UAAU,CAACC,iBAAiB,CAACC,OAAO,CAACK,GAAG,CAACC,oBAAS,CAAC;EAClE;EACA,MAAMC,aAAa,CAACP,OAAO,EAAER,YAAY,CAAC;EAE1C,MAAMgB,SAAS,GAAGd,YAAY,CAACI,UAAU,CAACW,QAAQ;EAElD,IAAI,CAACD,SAAS,EAAE;IACd,MAAM,IAAIX,sBAAa,CAAC,mBAAmB,CAAC;EAC9C;EACA;EACA,MAAMa,mBAAmB,CAACF,SAAS,EAAER,OAAO,CAAC,CAAC,CAAE,CAAC;EAEjD,OAAO;IAAEN;EAAa,CAAC;AACzB,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AANAR,OAAA,CAAAI,MAAA,GAAAA,MAAA;AAOA,MAAMiB,aAAa,GAAG,eAAAA,CACpBP,OAAiB,EACjBR,YAAoB,EAMjB;EAAA,IALHmB,OAA+B,GAAAC,SAAA,CAAAT,MAAA,QAAAS,SAAA,QAAAC,SAAA,GAAAD,SAAA,MAAG;IAChCE,cAAc,EAAE,KAAK;IACrBC,WAAW,EAAE,KAAK;IAClBC,UAAU,EAAE;EACd,CAAC;EAED,MAAMC,oBAAiD,GACrD,MAAM,IAAAC,2CAAsB,EAAClB,OAAO,EAAER,YAAY,EAAEmB,OAAO,CAAC;EAE9D,IAAI,CAACM,oBAAoB,CAACE,OAAO,EAAE;IACjC,MAAM,IAAIC,2BAAmB,CAC1B,sDAAqDH,oBAAoB,CAACI,gBAAiB,YAAWJ,oBAAoB,CAACK,YAAa,EAAC,EAC1I;MACEC,oBAAoB,EAAEN,oBAAoB,CAACI,gBAAgB;MAC3DG,gBAAgB,EAAEP,oBAAoB,CAACK;IACzC,CACF,CAAC;EACH;AACF,CAAC;AACD;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMZ,mBAAmB,GAAG,MAAAA,CAAOF,SAAiB,EAAEiB,IAAY,KAAK;EACrE,MAAMC,OAAO,GAAG,IAAAC,6BAAqB,EAACF,IAAI,CAAC;EAC3C,MAAMG,GAAG,GAAG,IAAAC,4BAAoB,EAACH,OAAO,CAAC;EAEzCE,GAAG,CAACE,CAAC,GAAG,IAAAxB,oBAAS,EAACsB,GAAG,CAACE,CAAE,CAAC;EACzBF,GAAG,CAACG,CAAC,GAAG,IAAAzB,oBAAS,EAACsB,GAAG,CAACG,CAAE,CAAC;EAEzB,MAAMC,gBAAgB,GAAG,MAAMC,sBAAI,CAAC3C,MAAM,CAACkB,SAAS,EAAEoB,GAAgB,CAAC;EAEvE,IAAI,CAACI,gBAAgB,EAAE,MAAM,IAAIE,KAAK,CAAC,wBAAwB,CAAC;AAClE,CAAC"}

package/lib/commonjs/mdoc/utils.js CHANGED Viewed

@@ -3,12 +3,48 @@
 Object.defineProperty(exports, "__esModule", {
   value: true
 });
-exports.getParsedCredentialClaimKey = void 0;
+exports.getVerificationFromParsedCredential = exports.getVerification = exports.getParsedCredentialClaimKey = void 0;
+var _ioReactNativeIso = require("@pagopa/io-react-native-iso18013");
+var _types = require("../sd-jwt/types");
+var _const = require("./const");
 /**
  * @param namespace The mdoc credential `namespace`
  * @param key The claim attribute key
  * @returns A string consisting of the concatenation of the namespace and the claim key, separated by a colon
  */
 const getParsedCredentialClaimKey = (namespace, key) => `${namespace}:${key}`;
+/**
+ * Extract and validate the `verification` claim from an mdoc parsed credential.
+ *
+ * This method is **synchronous**, so it requires a credential that was already parsed.
+ *
+ * @param parsedCredential The parsed mdoc credential
+ * @returns The verification claim or undefined if it wasn't found
+ */
 exports.getParsedCredentialClaimKey = getParsedCredentialClaimKey;
+const getVerificationFromParsedCredential = parsedCredential => {
+  var _parsedCredential$ver;
+  const verificationKey = getParsedCredentialClaimKey(`${_const.MDOC_DEFAULT_NAMESPACE}.IT`, "verification");
+  const verification = (_parsedCredential$ver = parsedCredential[verificationKey]) === null || _parsedCredential$ver === void 0 ? void 0 : _parsedCredential$ver.value;
+  return verification ? _types.Verification.parse(verification) : undefined;
+};
+/**
+ * Extract and validate the `verification` claim from an MDOC credential.
+ *
+ * This method is **asynchronous**. See {@link getVerificationFromParsedCredential} for the synchronous version.
+ *
+ * @param token The raw MDOC credential
+ * @returns The verification claim or undefined if it wasn't found
+ */
+exports.getVerificationFromParsedCredential = getVerificationFromParsedCredential;
+const getVerification = async token => {
+  var _namespace$find;
+  const issuerSigned = await _ioReactNativeIso.CBOR.decodeIssuerSigned(token);
+  const namespace = issuerSigned.nameSpaces[`${_const.MDOC_DEFAULT_NAMESPACE}.IT`];
+  const verification = namespace === null || namespace === void 0 || (_namespace$find = namespace.find(x => x.elementIdentifier === "verification")) === null || _namespace$find === void 0 ? void 0 : _namespace$find.elementValue;
+  return verification ? _types.Verification.parse(verification) : undefined;
+};
+exports.getVerification = getVerification;
 //# sourceMappingURL=utils.js.map