@pagopa/io-react-native-wallet 2.5.0 → 3.0.0

package/lib/module/wallet-instance/index.js

@@ -1,79 +1,3 @@
-import { getWalletProviderClient } from "../client";
-import { ResponseErrorBuilder, WalletProviderResponseError, WalletProviderResponseErrorCodes } from "../utils/errors";
-import { LogLevel, Logger } from "../utils/logging";
-export async function createWalletInstance(context) {
-  const {
-    integrityContext
-  } = context;
-  const api = getWalletProviderClient(context);
-
-  //1. Obtain nonce
-  const challenge = await api.get("/nonce").then(response => response.nonce);
-  Logger.log(LogLevel.DEBUG, `Challenge obtained from ${context.walletProviderBaseUrl}: ${challenge}`);
-  const keyAttestation = await integrityContext.getAttestation(challenge);
-  const hardwareKeyTag = integrityContext.getHardwareKeyTag();
-  Logger.log(LogLevel.DEBUG, `Key attestation: ${keyAttestation}\nAssociated hardware key tag: ${hardwareKeyTag}`);
-
-  //2. Create Wallet Instance
-  await api.post("/wallet-instances", {
-    body: {
-      challenge,
-      key_attestation: keyAttestation,
-      hardware_key_tag: hardwareKeyTag
-    }
-  }).catch(handleCreateWalletInstanceError);
-  return hardwareKeyTag;
-}
-const handleCreateWalletInstanceError = e => {
-  Logger.log(LogLevel.ERROR, `An error occurred while calling /wallet-instances endpoint: ${e}`);
-  if (!(e instanceof WalletProviderResponseError)) {
-    throw e;
-  }
-  throw new ResponseErrorBuilder(WalletProviderResponseError).handle(409, {
-    code: WalletProviderResponseErrorCodes.WalletInstanceIntegrityFailed,
-    message: "Unable to create a wallet instance with a device that failed the integrity check"
-  }).handle("*", {
-    code: WalletProviderResponseErrorCodes.WalletInstanceCreationFailed,
-    message: "Unable to create wallet instance"
-  }).buildFrom(e);
-};
-
-/**
- * Revoke a Wallet Instance by ID.
- * @param context.id The Wallet Instance ID. It matches the hardware key tag used for creation.
- */
-export async function revokeWalletInstance(context) {
-  const api = getWalletProviderClient(context);
-  await api.put("/wallet-instances/{id}/status", {
-    path: {
-      id: context.id
-    },
-    body: {
-      status: "REVOKED"
-    }
-  });
-}
-
-/**
- * Get the status of a Wallet Instance by ID.
- * @param context.id The Wallet Instance ID. It matches the hardware key tag used for creation.
- * @returns Details on the status of the Wallet Instance
- */
-export async function getWalletInstanceStatus(context) {
-  const api = getWalletProviderClient(context);
-  return api.get("/wallet-instances/{id}/status", {
-    path: {
-      id: context.id
-    }
-  });
-}
-
-/**
- * Get the status of the current Wallet Instance.
- * @returns Details on the status of the current Wallet Instance
- */
-export async function getCurrentWalletInstanceStatus(context) {
-  const api = getWalletProviderClient(context);
-  return api.get("/wallet-instances/current/status");
-}
+export { WalletInstance as V1_0_0 } from "./v1.0.0";
+export { WalletInstance as V1_3_3 } from "./v1.3.3";
 //# sourceMappingURL=index.js.map

package/lib/module/wallet-instance/index.js.map

@@ -1 +1 @@
-{"version":3,"names":["getWalletProviderClient","ResponseErrorBuilder","WalletProviderResponseError","WalletProviderResponseErrorCodes","LogLevel","Logger","createWalletInstance","context","integrityContext","api","challenge","get","then","response","nonce","log","DEBUG","walletProviderBaseUrl","keyAttestation","getAttestation","hardwareKeyTag","getHardwareKeyTag","post","body","key_attestation","hardware_key_tag","catch","handleCreateWalletInstanceError","e","ERROR","handle","code","WalletInstanceIntegrityFailed","message","WalletInstanceCreationFailed","buildFrom","revokeWalletInstance","put","path","id","status","getWalletInstanceStatus","getCurrentWalletInstanceStatus"],"sourceRoot":"../../../src","sources":["wallet-instance/index.ts"],"mappings":"AAAA,SAASA,uBAAuB,QAAQ,WAAW;AACnD,SACEC,oBAAoB,EACpBC,2BAA2B,EAC3BC,gCAAgC,QAC3B,iBAAiB;AAGxB,SAASC,QAAQ,EAAEC,MAAM,QAAQ,kBAAkB;AAEnD,OAAO,eAAeC,oBAAoBA,CAACC,OAI1C,EAAE;EACD,MAAM;IAAEC;EAAiB,CAAC,GAAGD,OAAO;EACpC,MAAME,GAAG,GAAGT,uBAAuB,CAACO,OAAO,CAAC;;EAE5C;EACA,MAAMG,SAAS,GAAG,MAAMD,GAAG,CAACE,GAAG,CAAC,QAAQ,CAAC,CAACC,IAAI,CAAEC,QAAQ,IAAKA,QAAQ,CAACC,KAAK,CAAC;EAE5ET,MAAM,CAACU,GAAG,CACRX,QAAQ,CAACY,KAAK,EACb,2BAA0BT,OAAO,CAACU,qBAAsB,KAAIP,SAAU,EACzE,CAAC;EAED,MAAMQ,cAAc,GAAG,MAAMV,gBAAgB,CAACW,cAAc,CAACT,SAAS,CAAC;EAEvE,MAAMU,cAAc,GAAGZ,gBAAgB,CAACa,iBAAiB,CAAC,CAAC;EAE3DhB,MAAM,CAACU,GAAG,CACRX,QAAQ,CAACY,KAAK,EACb,oBAAmBE,cAAe,kCAAiCE,cAAe,EACrF,CAAC;;EAED;EACA,MAAMX,GAAG,CACNa,IAAI,CAAC,mBAAmB,EAAE;IACzBC,IAAI,EAAE;MACJb,SAAS;MACTc,eAAe,EAAEN,cAAc;MAC/BO,gBAAgB,EAAEL;IACpB;EACF,CAAC,CAAC,CACDM,KAAK,CAACC,+BAA+B,CAAC;EAEzC,OAAOP,cAAc;AACvB;AAEA,MAAMO,+BAA+B,GAAIC,CAAU,IAAK;EACtDvB,MAAM,CAACU,GAAG,CACRX,QAAQ,CAACyB,KAAK,EACb,+DAA8DD,CAAE,EACnE,CAAC;EAED,IAAI,EAAEA,CAAC,YAAY1B,2BAA2B,CAAC,EAAE;IAC/C,MAAM0B,CAAC;EACT;EAEA,MAAM,IAAI3B,oBAAoB,CAACC,2BAA2B,CAAC,CACxD4B,MAAM,CAAC,GAAG,EAAE;IACXC,IAAI,EAAE5B,gCAAgC,CAAC6B,6BAA6B;IACpEC,OAAO,EACL;EACJ,CAAC,CAAC,CACDH,MAAM,CAAC,GAAG,EAAE;IACXC,IAAI,EAAE5B,gCAAgC,CAAC+B,4BAA4B;IACnED,OAAO,EAAE;EACX,CAAC,CAAC,CACDE,SAAS,CAACP,CAAC,CAAC;AACjB,CAAC;;AAED;AACA;AACA;AACA;AACA,OAAO,eAAeQ,oBAAoBA,CAAC7B,OAI1C,EAAiB;EAChB,MAAME,GAAG,GAAGT,uBAAuB,CAACO,OAAO,CAAC;EAE5C,MAAME,GAAG,CAAC4B,GAAG,CAAC,+BAA+B,EAAE;IAC7CC,IAAI,EAAE;MAAEC,EAAE,EAAEhC,OAAO,CAACgC;IAAG,CAAC;IACxBhB,IAAI,EAAE;MAAEiB,MAAM,EAAE;IAAU;EAC5B,CAAC,CAAC;AACJ;;AAEA;AACA;AACA;AACA;AACA;AACA,OAAO,eAAeC,uBAAuBA,CAAClC,OAI7C,EAA+B;EAC9B,MAAME,GAAG,GAAGT,uBAAuB,CAACO,OAAO,CAAC;EAE5C,OAAOE,GAAG,CAACE,GAAG,CAAC,+BAA+B,EAAE;IAC9C2B,IAAI,EAAE;MAAEC,EAAE,EAAEhC,OAAO,CAACgC;IAAG;EACzB,CAAC,CAAC;AACJ;;AAEA;AACA;AACA;AACA;AACA,OAAO,eAAeG,8BAA8BA,CAACnC,OAGpD,EAA+B;EAC9B,MAAME,GAAG,GAAGT,uBAAuB,CAACO,OAAO,CAAC;EAE5C,OAAOE,GAAG,CAACE,GAAG,CAAC,kCAAkC,CAAC;AACpD"}
+{"version":3,"names":["WalletInstance","V1_0_0","V1_3_3"],"sourceRoot":"../../../src","sources":["wallet-instance/index.ts"],"mappings":"AACA,SAASA,cAAc,IAAIC,MAAM,QAAQ,UAAU;AACnD,SAASD,cAAc,IAAIE,MAAM,QAAQ,UAAU"}

package/lib/module/wallet-instance/v1.0.0/index.js

@@ -0,0 +1,8 @@
+import { createWalletInstance, revokeWalletInstance, getWalletInstanceStatus, getCurrentWalletInstanceStatus } from "../common/wallet-instance";
+export const WalletInstance = {
+  createWalletInstance,
+  revokeWalletInstance,
+  getWalletInstanceStatus,
+  getCurrentWalletInstanceStatus
+};
+//# sourceMappingURL=index.js.map

package/lib/module/wallet-instance/v1.0.0/index.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["createWalletInstance","revokeWalletInstance","getWalletInstanceStatus","getCurrentWalletInstanceStatus","WalletInstance"],"sourceRoot":"../../../../src","sources":["wallet-instance/v1.0.0/index.ts"],"mappings":"AACA,SACEA,oBAAoB,EACpBC,oBAAoB,EACpBC,uBAAuB,EACvBC,8BAA8B,QACzB,2BAA2B;AAElC,OAAO,MAAMC,cAAiC,GAAG;EAC/CJ,oBAAoB;EACpBC,oBAAoB;EACpBC,uBAAuB;EACvBC;AACF,CAAC"}

package/lib/module/wallet-instance/v1.3.3/index.js

@@ -0,0 +1,8 @@
+import { createWalletInstance, revokeWalletInstance, getWalletInstanceStatus, getCurrentWalletInstanceStatus } from "../common/wallet-instance";
+export const WalletInstance = {
+  createWalletInstance,
+  revokeWalletInstance,
+  getWalletInstanceStatus,
+  getCurrentWalletInstanceStatus
+};
+//# sourceMappingURL=index.js.map

package/lib/module/wallet-instance/v1.3.3/index.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["createWalletInstance","revokeWalletInstance","getWalletInstanceStatus","getCurrentWalletInstanceStatus","WalletInstance"],"sourceRoot":"../../../../src","sources":["wallet-instance/v1.3.3/index.ts"],"mappings":"AACA,SACEA,oBAAoB,EACpBC,oBAAoB,EACpBC,uBAAuB,EACvBC,8BAA8B,QACzB,2BAA2B;AAElC,OAAO,MAAMC,cAAiC,GAAG;EAC/CJ,oBAAoB;EACpBC,oBAAoB;EACpBC,uBAAuB;EACvBC;AACF,CAAC"}

package/lib/module/wallet-instance-attestation/README.md

@@ -11,6 +11,8 @@ The wallet provider must implement its endpoints based on the OpenAPI specificat
 - `integrityContext` object that is used to verify the integrity of the device where the app is running. The key tag must be the same used when creating the Wallet Instance;
 
 ```ts
+import { IoWallet } from "@pagopa/io-react-native-wallet";
+
 // Retrieve the integrity key tag from the store and create its context
 const integrityKeyTag = "example"; // Let's assume this is the same key used when creating the Wallet Instance
 const integrityContext = getIntegrityContext(integrityKeyTag);
@@ -27,13 +29,17 @@ const { WALLET_PROVIDER_BASE_URL } = env; // Let's assume env is an object conta
  * Obtains a new Wallet Instance Attestation.
  * WARNING: The integrity context must be the same used when creating the Wallet Instance with the same keytag.
  */
-const issuedAttestation = await WalletInstanceAttestation.getAttestation({
+const wallet = new IoWallet({ version: "1.0.0" });
+const issuedAttestation = await wallet.WalletInstanceAttestation.getAttestation({
   wiaCryptoContext,
   integrityContext,
   walletProviderBaseUrl: WALLET_PROVIDER_BASE_URL,
   appFetch,
 });
-// [{ "format": "jwt", "wallet_attestation": "ey..." }, { "format": "dc+sd-jwt", "wallet_attestation": "ey..." }]
+// [
+//   { type: "wallet_instance_attestation", "format": "jwt", "attestation": "ey..." },
+//   { type: "wallet_instance_attestation", "format": "dc+sd-jwt", "attestation": "ey..." }
+// ]
 return issuedAttestation;
 ```
 

package/lib/module/wallet-instance-attestation/api/index.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=index.js.map

package/lib/module/wallet-instance-attestation/api/index.js.map

@@ -0,0 +1 @@
+{"version":3,"names":[],"sourceRoot":"../../../../src","sources":["wallet-instance-attestation/api/index.ts"],"mappings":""}

package/lib/module/wallet-instance-attestation/api/types.js

@@ -0,0 +1,22 @@
+import * as z from "zod";
+import { UnixTime } from "../../utils/zod";
+import { JWK } from "../../utils/jwk";
+
+/**
+ * Common Wallet Attestation shape. This object is
+ * an abstraction over the version-specific JWTs.
+ */
+
+export const DecodedAttestationJwt = z.object({
+  iss: z.string(),
+  iat: UnixTime,
+  exp: UnixTime,
+  cnf: z.object({
+    jwk: JWK
+  }),
+  sub: z.string(),
+  wallet_link: z.string().optional(),
+  wallet_name: z.string().optional(),
+  aal: z.string().optional()
+});
+//# sourceMappingURL=types.js.map

package/lib/module/wallet-instance-attestation/api/types.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["z","UnixTime","JWK","DecodedAttestationJwt","object","iss","string","iat","exp","cnf","jwk","sub","wallet_link","optional","wallet_name","aal"],"sourceRoot":"../../../../src","sources":["wallet-instance-attestation/api/types.ts"],"mappings":"AAAA,OAAO,KAAKA,CAAC,MAAM,KAAK;AACxB,SAASC,QAAQ,QAAQ,iBAAiB;AAC1C,SAASC,GAAG,QAAQ,iBAAiB;;AAErC;AACA;AACA;AACA;;AAEA,OAAO,MAAMC,qBAAqB,GAAGH,CAAC,CAACI,MAAM,CAAC;EAC5CC,GAAG,EAAEL,CAAC,CAACM,MAAM,CAAC,CAAC;EACfC,GAAG,EAAEN,QAAQ;EACbO,GAAG,EAAEP,QAAQ;EACbQ,GAAG,EAAET,CAAC,CAACI,MAAM,CAAC;IAAEM,GAAG,EAAER;EAAI,CAAC,CAAC;EAC3BS,GAAG,EAAEX,CAAC,CAACM,MAAM,CAAC,CAAC;EACfM,WAAW,EAAEZ,CAAC,CAACM,MAAM,CAAC,CAAC,CAACO,QAAQ,CAAC,CAAC;EAClCC,WAAW,EAAEd,CAAC,CAACM,MAAM,CAAC,CAAC,CAACO,QAAQ,CAAC,CAAC;EAClCE,GAAG,EAAEf,CAAC,CAACM,MAAM,CAAC,CAAC,CAACO,QAAQ,CAAC;AAC3B,CAAC,CAAC"}

package/lib/module/wallet-instance-attestation/common/types.js

@@ -0,0 +1,25 @@
+import * as z from "zod";
+import { UnixTime } from "../../utils/zod";
+import { JWK } from "../../utils/jwk";
+export const Jwt = z.object({
+  header: z.object({
+    alg: z.string(),
+    kid: z.string(),
+    typ: z.string(),
+    x5c: z.array(z.string()).optional(),
+    trust_chain: z.array(z.string()).optional()
+  }),
+  payload: z.object({
+    iss: z.string(),
+    iat: UnixTime,
+    exp: UnixTime,
+    cnf: z.object({
+      jwk: z.intersection(JWK,
+      // this key requires a kid because it must be referenced for DPoP
+      z.object({
+        kid: z.string()
+      }))
+    })
+  })
+});
+//# sourceMappingURL=types.js.map

package/lib/module/wallet-instance-attestation/common/types.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["z","UnixTime","JWK","Jwt","object","header","alg","string","kid","typ","x5c","array","optional","trust_chain","payload","iss","iat","exp","cnf","jwk","intersection"],"sourceRoot":"../../../../src","sources":["wallet-instance-attestation/common/types.ts"],"mappings":"AAAA,OAAO,KAAKA,CAAC,MAAM,KAAK;AACxB,SAASC,QAAQ,QAAQ,iBAAiB;AAC1C,SAASC,GAAG,QAAQ,iBAAiB;AAErC,OAAO,MAAMC,GAAG,GAAGH,CAAC,CAACI,MAAM,CAAC;EAC1BC,MAAM,EAAEL,CAAC,CAACI,MAAM,CAAC;IACfE,GAAG,EAAEN,CAAC,CAACO,MAAM,CAAC,CAAC;IACfC,GAAG,EAAER,CAAC,CAACO,MAAM,CAAC,CAAC;IACfE,GAAG,EAAET,CAAC,CAACO,MAAM,CAAC,CAAC;IACfG,GAAG,EAAEV,CAAC,CAACW,KAAK,CAACX,CAAC,CAACO,MAAM,CAAC,CAAC,CAAC,CAACK,QAAQ,CAAC,CAAC;IACnCC,WAAW,EAAEb,CAAC,CAACW,KAAK,CAACX,CAAC,CAACO,MAAM,CAAC,CAAC,CAAC,CAACK,QAAQ,CAAC;EAC5C,CAAC,CAAC;EACFE,OAAO,EAAEd,CAAC,CAACI,MAAM,CAAC;IAChBW,GAAG,EAAEf,CAAC,CAACO,MAAM,CAAC,CAAC;IACfS,GAAG,EAAEf,QAAQ;IACbgB,GAAG,EAAEhB,QAAQ;IACbiB,GAAG,EAAElB,CAAC,CAACI,MAAM,CAAC;MACZe,GAAG,EAAEnB,CAAC,CAACoB,YAAY,CACjBlB,GAAG;MACH;MACAF,CAAC,CAACI,MAAM,CAAC;QAAEI,GAAG,EAAER,CAAC,CAACO,MAAM,CAAC;MAAE,CAAC,CAC9B;IACF,CAAC;EACH,CAAC;AACH,CAAC,CAAC"}

package/lib/module/wallet-instance-attestation/index.js

@@ -1,52 +1,3 @@
-import { WalletInstanceAttestationJwt } from "./types";
-import { decode as decodeJwt } from "@pagopa/io-react-native-jwt";
-import { verify as verifyJwt } from "@pagopa/io-react-native-jwt";
-export { getAttestation } from "./issuing";
-
-/**
- * Decode a given JWT to get the parsed Wallet Instance Attestation object they define.
- * It ensures provided data is in a valid shape.
- *
- * It DOES NOT verify token signature nor check disclosures are correctly referenced by the JWT.
- * Use {@link verify} instead
- *
- * @function
- * @param token The encoded token that represents a valid jwt for Wallet Instance Attestation
- *
- * @returns The validated Wallet Instance Attestation object
- * @throws A decoding error if the token doesn't resolve in a valid JWT
- * @throws A validation error if the provided data doesn't result in a valid Wallet Instance Attestation
- *
- */
-export function decode(token) {
-  // decode JWT parts
-  const decodedJwt = decodeJwt(token);
-  // parse JWT to ensure it has the shape of a WalletInstanceAttestationJwt
-  return WalletInstanceAttestationJwt.parse({
-    header: decodedJwt.protectedHeader,
-    payload: decodedJwt.payload
-  });
-}
-
-/**
- * Verify a given JWT to get the parsed Wallet Instance Attestation object they define.
- * Same as {@link decode} plus token signature verification
- *
- * @async @function
- *
- *
- * @param token The encoded token that represents a valid jwt
- *
- * @returns {WalletInstanceAttestationJwt} The validated Wallet Instance Attestation object
- * @throws A decoding error if the token doesn't resolve in a valid JWT
- * @throws A validation error if the provided data doesn't result in a valid Wallet Instance Attestation
- * @throws Invalid signature error if the token signature is not valid
- *
- */
-export async function verify(token) {
-  const decoded = decode(token);
-  const pubKey = decoded.payload.cnf.jwk;
-  await verifyJwt(token, pubKey);
-  return decoded;
-}
+export { WalletInstanceAttestation as V1_0_0 } from "./v1.0.0";
+export { WalletInstanceAttestation as V1_3_3 } from "./v1.3.3";
 //# sourceMappingURL=index.js.map

package/lib/module/wallet-instance-attestation/index.js.map

@@ -1 +1 @@
-{"version":3,"names":["WalletInstanceAttestationJwt","decode","decodeJwt","verify","verifyJwt","getAttestation","token","decodedJwt","parse","header","protectedHeader","payload","decoded","pubKey","cnf","jwk"],"sourceRoot":"../../../src","sources":["wallet-instance-attestation/index.ts"],"mappings":"AAAA,SAASA,4BAA4B,QAAQ,SAAS;AACtD,SAASC,MAAM,IAAIC,SAAS,QAAQ,6BAA6B;AACjE,SAASC,MAAM,IAAIC,SAAS,QAAQ,6BAA6B;AAEjE,SAASC,cAAc,QAAQ,WAAW;;AAE1C;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,SAASJ,MAAMA,CAACK,KAAa,EAAgC;EAClE;EACA,MAAMC,UAAU,GAAGL,SAAS,CAACI,KAAK,CAAC;EACnC;EACA,OAAON,4BAA4B,CAACQ,KAAK,CAAC;IACxCC,MAAM,EAAEF,UAAU,CAACG,eAAe;IAClCC,OAAO,EAAEJ,UAAU,CAACI;EACtB,CAAC,CAAC;AACJ;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,eAAeR,MAAMA,CAC1BG,KAAa,EAC0B;EACvC,MAAMM,OAAO,GAAGX,MAAM,CAACK,KAAK,CAAC;EAC7B,MAAMO,MAAM,GAAGD,OAAO,CAACD,OAAO,CAACG,GAAG,CAACC,GAAG;EAEtC,MAAMX,SAAS,CAACE,KAAK,EAAEO,MAAM,CAAC;EAE9B,OAAOD,OAAO;AAChB"}
+{"version":3,"names":["WalletInstanceAttestation","V1_0_0","V1_3_3"],"sourceRoot":"../../../src","sources":["wallet-instance-attestation/index.ts"],"mappings":"AACA,SAASA,yBAAyB,IAAIC,MAAM,QAAQ,UAAU;AAC9D,SAASD,yBAAyB,IAAIE,MAAM,QAAQ,UAAU"}

package/lib/module/wallet-instance-attestation/v1.0.0/index.js

@@ -0,0 +1,10 @@
+import { withMapper, withMapperAsync } from "../../utils/mappers";
+import { getAttestation } from "./issuing";
+import { decode, verify } from "./utils";
+import { mapToDecodedAttestationJwt } from "./mappers";
+export const WalletInstanceAttestation = {
+  getAttestation,
+  decode: withMapper(mapToDecodedAttestationJwt, decode),
+  verify: withMapperAsync(mapToDecodedAttestationJwt, verify)
+};
+//# sourceMappingURL=index.js.map

package/lib/module/wallet-instance-attestation/v1.0.0/index.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["withMapper","withMapperAsync","getAttestation","decode","verify","mapToDecodedAttestationJwt","WalletInstanceAttestation"],"sourceRoot":"../../../../src","sources":["wallet-instance-attestation/v1.0.0/index.ts"],"mappings":"AACA,SAASA,UAAU,EAAEC,eAAe,QAAQ,qBAAqB;AACjE,SAASC,cAAc,QAAQ,WAAW;AAC1C,SAASC,MAAM,EAAEC,MAAM,QAAQ,SAAS;AACxC,SAASC,0BAA0B,QAAQ,WAAW;AAEtD,OAAO,MAAMC,yBAAuD,GAAG;EACrEJ,cAAc;EACdC,MAAM,EAAEH,UAAU,CAACK,0BAA0B,EAAEF,MAAM,CAAC;EACtDC,MAAM,EAAEH,eAAe,CAACI,0BAA0B,EAAED,MAAM;AAC5D,CAAC"}

package/lib/module/wallet-instance-attestation/v1.0.0/issuing.js

@@ -0,0 +1,100 @@
+import { SignJWT, thumbprint } from "@pagopa/io-react-native-jwt";
+import { fixBase64EncodingOnKey, JWK } from "../../utils/jwk";
+import { getWalletProviderClient } from "../../client";
+import { LogLevel, Logger } from "../../utils/logging";
+import { ResponseErrorBuilder, WalletProviderResponseError, WalletProviderResponseErrorCodes } from "../../utils/errors";
+import { WalletAttestationResponse } from "./types";
+import { mapToWalletAttestations } from "./mappers";
+
+/**
+ * Getter for an attestation request. The attestation request is a JWT that will be sent to the Wallet Provider to request a Wallet Instance Attestation.
+ *
+ * @param challenge - The nonce received from the Wallet Provider which is part of the signed clientData
+ * @param wiaCryptoContext - The key pair associated with the WIA. Will be use to prove the ownership of the attestation
+ * @param integrityContext - The integrity context which exposes a set of functions to interact with the device integrity service
+ * @param walletProviderBaseUrl - Base url for the Wallet Provider
+ * @returns A JWT containing the attestation request
+ */
+async function getAttestationRequest(challenge, wiaCryptoContext, integrityContext, walletProviderBaseUrl) {
+  const jwk = await wiaCryptoContext.getPublicKey();
+  const parsedJwk = JWK.parse(jwk);
+  const keyThumbprint = await thumbprint(parsedJwk);
+  const publicKey = {
+    ...parsedJwk,
+    kid: keyThumbprint
+  };
+  const clientData = {
+    challenge,
+    jwk_thumbprint: keyThumbprint
+  };
+  const hardwareKeyTag = integrityContext.getHardwareKeyTag();
+  const {
+    signature,
+    authenticatorData
+  } = await integrityContext.getHardwareSignatureWithAuthData(JSON.stringify(clientData));
+  return new SignJWT(wiaCryptoContext).setPayload({
+    iss: keyThumbprint,
+    aud: walletProviderBaseUrl,
+    nonce: challenge,
+    hardware_signature: signature,
+    integrity_assertion: authenticatorData,
+    hardware_key_tag: hardwareKeyTag,
+    cnf: {
+      jwk: fixBase64EncodingOnKey(publicKey)
+    }
+  }).setProtectedHeader({
+    kid: publicKey.kid,
+    typ: "wp-war+jwt"
+  }).setIssuedAt().setExpirationTime("1h").sign();
+}
+export const getAttestation = async _ref => {
+  let {
+    wiaCryptoContext,
+    integrityContext,
+    walletProviderBaseUrl,
+    appFetch = fetch
+  } = _ref;
+  const api = getWalletProviderClient({
+    walletProviderBaseUrl,
+    appFetch
+  });
+
+  // 1. Get nonce from backend
+  const challenge = await api.get("/nonce").then(response => response.nonce);
+  Logger.log(LogLevel.DEBUG, `Challenge obtained from ${walletProviderBaseUrl}: ${challenge} `);
+
+  // 2. Get a signed attestation request
+  const signedAttestationRequest = await getAttestationRequest(challenge, wiaCryptoContext, integrityContext, walletProviderBaseUrl);
+  Logger.log(LogLevel.DEBUG, `Signed attestation request: ${signedAttestationRequest}`);
+
+  // 3. Request WIA in multiple formats
+  const response = await api.post("/wallet-attestations", {
+    body: {
+      assertion: signedAttestationRequest
+    }
+  }).then(WalletAttestationResponse.parse).catch(handleAttestationCreationError);
+  for (const attestation of response.wallet_attestations) {
+    Logger.log(LogLevel.DEBUG, `Obtained wallet attestation in ${attestation.format} format: ${attestation.wallet_attestation}`);
+  }
+  return mapToWalletAttestations(response);
+};
+const handleAttestationCreationError = e => {
+  Logger.log(LogLevel.ERROR, `An error occurred while calling /wallet-attestation endpoint: ${e}`);
+  if (!(e instanceof WalletProviderResponseError)) {
+    throw e;
+  }
+  throw new ResponseErrorBuilder(WalletProviderResponseError).handle(403, {
+    code: WalletProviderResponseErrorCodes.WalletInstanceRevoked,
+    message: "Unable to get an attestation for a revoked Wallet Instance"
+  }).handle(404, {
+    code: WalletProviderResponseErrorCodes.WalletInstanceNotFound,
+    message: "Unable to get an attestation for a Wallet Instance that does not exist"
+  }).handle(409, {
+    code: WalletProviderResponseErrorCodes.WalletInstanceIntegrityFailed,
+    message: "Unable to get an attestation for a Wallet Instance that failed the integrity check"
+  }).handle("*", {
+    code: WalletProviderResponseErrorCodes.WalletInstanceAttestationIssuingFailed,
+    message: "Unable to obtain wallet instance attestation"
+  }).buildFrom(e);
+};
+//# sourceMappingURL=issuing.js.map

package/lib/module/wallet-instance-attestation/v1.0.0/issuing.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["SignJWT","thumbprint","fixBase64EncodingOnKey","JWK","getWalletProviderClient","LogLevel","Logger","ResponseErrorBuilder","WalletProviderResponseError","WalletProviderResponseErrorCodes","WalletAttestationResponse","mapToWalletAttestations","getAttestationRequest","challenge","wiaCryptoContext","integrityContext","walletProviderBaseUrl","jwk","getPublicKey","parsedJwk","parse","keyThumbprint","publicKey","kid","clientData","jwk_thumbprint","hardwareKeyTag","getHardwareKeyTag","signature","authenticatorData","getHardwareSignatureWithAuthData","JSON","stringify","setPayload","iss","aud","nonce","hardware_signature","integrity_assertion","hardware_key_tag","cnf","setProtectedHeader","typ","setIssuedAt","setExpirationTime","sign","getAttestation","_ref","appFetch","fetch","api","get","then","response","log","DEBUG","signedAttestationRequest","post","body","assertion","catch","handleAttestationCreationError","attestation","wallet_attestations","format","wallet_attestation","e","ERROR","handle","code","WalletInstanceRevoked","message","WalletInstanceNotFound","WalletInstanceIntegrityFailed","WalletInstanceAttestationIssuingFailed","buildFrom"],"sourceRoot":"../../../../src","sources":["wallet-instance-attestation/v1.0.0/issuing.ts"],"mappings":"AAAA,SAEEA,OAAO,EACPC,UAAU,QACL,6BAA6B;AACpC,SAASC,sBAAsB,EAAEC,GAAG,QAAQ,iBAAiB;AAC7D,SAASC,uBAAuB,QAAQ,cAAc;AAEtD,SAASC,QAAQ,EAAEC,MAAM,QAAQ,qBAAqB;AACtD,SACEC,oBAAoB,EACpBC,2BAA2B,EAC3BC,gCAAgC,QAC3B,oBAAoB;AAC3B,SAASC,yBAAyB,QAAQ,SAAS;AAEnD,SAASC,uBAAuB,QAAQ,WAAW;;AAEnD;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,eAAeC,qBAAqBA,CAClCC,SAAiB,EACjBC,gBAA+B,EAC/BC,gBAAkC,EAClCC,qBAA6B,EACZ;EACjB,MAAMC,GAAG,GAAG,MAAMH,gBAAgB,CAACI,YAAY,CAAC,CAAC;EACjD,MAAMC,SAAS,GAAGhB,GAAG,CAACiB,KAAK,CAACH,GAAG,CAAC;EAChC,MAAMI,aAAa,GAAG,MAAMpB,UAAU,CAACkB,SAAS,CAAC;EACjD,MAAMG,SAAS,GAAG;IAAE,GAAGH,SAAS;IAAEI,GAAG,EAAEF;EAAc,CAAC;EAEtD,MAAMG,UAAU,GAAG;IACjBX,SAAS;IACTY,cAAc,EAAEJ;EAClB,CAAC;EAED,MAAMK,cAAc,GAAGX,gBAAgB,CAACY,iBAAiB,CAAC,CAAC;EAC3D,MAAM;IAAEC,SAAS;IAAEC;EAAkB,CAAC,GACpC,MAAMd,gBAAgB,CAACe,gCAAgC,CACrDC,IAAI,CAACC,SAAS,CAACR,UAAU,CAC3B,CAAC;EAEH,OAAO,IAAIxB,OAAO,CAACc,gBAAgB,CAAC,CACjCmB,UAAU,CAAC;IACVC,GAAG,EAAEb,aAAa;IAClBc,GAAG,EAAEnB,qBAAqB;IAC1BoB,KAAK,EAAEvB,SAAS;IAChBwB,kBAAkB,EAAET,SAAS;IAC7BU,mBAAmB,EAAET,iBAAiB;IACtCU,gBAAgB,EAAEb,cAAc;IAChCc,GAAG,EAAE;MACHvB,GAAG,EAAEf,sBAAsB,CAACoB,SAAS;IACvC;EACF,CAAC,CAAC,CACDmB,kBAAkB,CAAC;IAClBlB,GAAG,EAAED,SAAS,CAACC,GAAG;IAClBmB,GAAG,EAAE;EACP,CAAC,CAAC,CACDC,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,IAAI,CAAC,CAAC;AACX;AAEA,OAAO,MAAMC,cAA8D,GACzE,MAAAC,IAAA,IAKM;EAAA,IALC;IACLjC,gBAAgB;IAChBC,gBAAgB;IAChBC,qBAAqB;IACrBgC,QAAQ,GAAGC;EACb,CAAC,GAAAF,IAAA;EACC,MAAMG,GAAG,GAAG9C,uBAAuB,CAAC;IAClCY,qBAAqB;IACrBgC;EACF,CAAC,CAAC;;EAEF;EACA,MAAMnC,SAAS,GAAG,MAAMqC,GAAG,CACxBC,GAAG,CAAC,QAAQ,CAAC,CACbC,IAAI,CAAEC,QAAQ,IAAKA,QAAQ,CAACjB,KAAK,CAAC;EACrC9B,MAAM,CAACgD,GAAG,CACRjD,QAAQ,CAACkD,KAAK,EACb,2BAA0BvC,qBAAsB,KAAIH,SAAU,GACjE,CAAC;;EAED;EACA,MAAM2C,wBAAwB,GAAG,MAAM5C,qBAAqB,CAC1DC,SAAS,EACTC,gBAAgB,EAChBC,gBAAgB,EAChBC,qBACF,CAAC;EACDV,MAAM,CAACgD,GAAG,CACRjD,QAAQ,CAACkD,KAAK,EACb,+BAA8BC,wBAAyB,EAC1D,CAAC;;EAED;EACA,MAAMH,QAAQ,GAAG,MAAMH,GAAG,CACvBO,IAAI,CAAC,sBAAsB,EAAE;IAC5BC,IAAI,EAAE;MACJC,SAAS,EAAEH;IACb;EACF,CAAC,CAAC,CACDJ,IAAI,CAAC1C,yBAAyB,CAACU,KAAK,CAAC,CACrCwC,KAAK,CAACC,8BAA8B,CAAC;EAExC,KAAK,MAAMC,WAAW,IAAIT,QAAQ,CAACU,mBAAmB,EAAE;IACtDzD,MAAM,CAACgD,GAAG,CACRjD,QAAQ,CAACkD,KAAK,EACb,kCAAiCO,WAAW,CAACE,MAAO,YAAWF,WAAW,CAACG,kBAAmB,EACjG,CAAC;EACH;EAEA,OAAOtD,uBAAuB,CAAC0C,QAAQ,CAAC;AAC1C,CAAC;AAEH,MAAMQ,8BAA8B,GAAIK,CAAU,IAAK;EACrD5D,MAAM,CAACgD,GAAG,CACRjD,QAAQ,CAAC8D,KAAK,EACb,iEAAgED,CAAE,EACrE,CAAC;EAED,IAAI,EAAEA,CAAC,YAAY1D,2BAA2B,CAAC,EAAE;IAC/C,MAAM0D,CAAC;EACT;EAEA,MAAM,IAAI3D,oBAAoB,CAACC,2BAA2B,CAAC,CACxD4D,MAAM,CAAC,GAAG,EAAE;IACXC,IAAI,EAAE5D,gCAAgC,CAAC6D,qBAAqB;IAC5DC,OAAO,EAAE;EACX,CAAC,CAAC,CACDH,MAAM,CAAC,GAAG,EAAE;IACXC,IAAI,EAAE5D,gCAAgC,CAAC+D,sBAAsB;IAC7DD,OAAO,EACL;EACJ,CAAC,CAAC,CACDH,MAAM,CAAC,GAAG,EAAE;IACXC,IAAI,EAAE5D,gCAAgC,CAACgE,6BAA6B;IACpEF,OAAO,EACL;EACJ,CAAC,CAAC,CACDH,MAAM,CAAC,GAAG,EAAE;IACXC,IAAI,EAAE5D,gCAAgC,CAACiE,sCAAsC;IAC7EH,OAAO,EAAE;EACX,CAAC,CAAC,CACDI,SAAS,CAACT,CAAC,CAAC;AACjB,CAAC"}

package/lib/module/wallet-instance-attestation/v1.0.0/mappers.js

@@ -0,0 +1,11 @@
+import { createMapper } from "../../utils/mappers";
+import { DecodedAttestationJwt } from "../api/types";
+export const mapToDecodedAttestationJwt = createMapper(x => x.payload, {
+  outputSchema: DecodedAttestationJwt
+});
+export const mapToWalletAttestations = createMapper(x => x.wallet_attestations.map(wa => ({
+  type: "wallet_instance_attestation",
+  format: wa.format,
+  attestation: wa.wallet_attestation
+})));
+//# sourceMappingURL=mappers.js.map

package/lib/module/wallet-instance-attestation/v1.0.0/mappers.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["createMapper","DecodedAttestationJwt","mapToDecodedAttestationJwt","x","payload","outputSchema","mapToWalletAttestations","wallet_attestations","map","wa","type","format","attestation","wallet_attestation"],"sourceRoot":"../../../../src","sources":["wallet-instance-attestation/v1.0.0/mappers.ts"],"mappings":"AAAA,SAASA,YAAY,QAAQ,qBAAqB;AAClD,SAASC,qBAAqB,QAAgC,cAAc;AAM5E,OAAO,MAAMC,0BAA0B,GAAGF,YAAY,CAGnDG,CAAC,IAAKA,CAAC,CAACC,OAAO,EAAE;EAClBC,YAAY,EAAEJ;AAChB,CAAC,CAAC;AAEF,OAAO,MAAMK,uBAAuB,GAAGN,YAAY,CAGhDG,CAAC,IACFA,CAAC,CAACI,mBAAmB,CAACC,GAAG,CAAEC,EAAE,KAAM;EACjCC,IAAI,EAAE,6BAA6B;EACnCC,MAAM,EAAEF,EAAE,CAACE,MAAM;EACjBC,WAAW,EAAEH,EAAE,CAACI;AAClB,CAAC,CAAC,CACJ,CAAC"}

package/lib/module/wallet-instance-attestation/v1.0.0/types.js

@@ -0,0 +1,35 @@
+import * as z from "zod";
+import { Jwt } from "../common/types";
+export const WalletInstanceAttestationRequestJwt = z.object({
+  header: z.intersection(Jwt.shape.header, z.object({
+    typ: z.literal("wp-war+jwt")
+  })),
+  payload: z.intersection(Jwt.shape.payload, z.object({
+    aud: z.string(),
+    nonce: z.string(),
+    hardware_signature: z.string(),
+    integrity_assertion: z.string(),
+    hardware_key_tag: z.string()
+  }))
+});
+
+// TODO: [SIW-2089] add type for Wallet Attestation in SD-JWT and MDOC format
+// See https://italia.github.io/eid-wallet-it-docs/versione-corrente/en/wallet-solution.html#wallet-attestation-issuance step 18
+export const WalletInstanceAttestationJwt = z.object({
+  header: z.intersection(Jwt.shape.header, z.object({
+    typ: z.literal("oauth-client-attestation+jwt")
+  })),
+  payload: z.intersection(Jwt.shape.payload, z.object({
+    sub: z.string(),
+    aal: z.string(),
+    wallet_link: z.string().optional(),
+    wallet_name: z.string().optional()
+  }))
+});
+export const WalletAttestationResponse = z.object({
+  wallet_attestations: z.array(z.object({
+    wallet_attestation: z.string(),
+    format: z.enum(["jwt", "dc+sd-jwt", "mso_mdoc"])
+  }))
+});
+//# sourceMappingURL=types.js.map

package/lib/module/wallet-instance-attestation/v1.0.0/types.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["z","Jwt","WalletInstanceAttestationRequestJwt","object","header","intersection","shape","typ","literal","payload","aud","string","nonce","hardware_signature","integrity_assertion","hardware_key_tag","WalletInstanceAttestationJwt","sub","aal","wallet_link","optional","wallet_name","WalletAttestationResponse","wallet_attestations","array","wallet_attestation","format","enum"],"sourceRoot":"../../../../src","sources":["wallet-instance-attestation/v1.0.0/types.ts"],"mappings":"AAAA,OAAO,KAAKA,CAAC,MAAM,KAAK;AACxB,SAASC,GAAG,QAAQ,iBAAiB;AAKrC,OAAO,MAAMC,mCAAmC,GAAGF,CAAC,CAACG,MAAM,CAAC;EAC1DC,MAAM,EAAEJ,CAAC,CAACK,YAAY,CACpBJ,GAAG,CAACK,KAAK,CAACF,MAAM,EAChBJ,CAAC,CAACG,MAAM,CAAC;IACPI,GAAG,EAAEP,CAAC,CAACQ,OAAO,CAAC,YAAY;EAC7B,CAAC,CACH,CAAC;EACDC,OAAO,EAAET,CAAC,CAACK,YAAY,CACrBJ,GAAG,CAACK,KAAK,CAACG,OAAO,EACjBT,CAAC,CAACG,MAAM,CAAC;IACPO,GAAG,EAAEV,CAAC,CAACW,MAAM,CAAC,CAAC;IACfC,KAAK,EAAEZ,CAAC,CAACW,MAAM,CAAC,CAAC;IACjBE,kBAAkB,EAAEb,CAAC,CAACW,MAAM,CAAC,CAAC;IAC9BG,mBAAmB,EAAEd,CAAC,CAACW,MAAM,CAAC,CAAC;IAC/BI,gBAAgB,EAAEf,CAAC,CAACW,MAAM,CAAC;EAC7B,CAAC,CACH;AACF,CAAC,CAAC;;AAEF;AACA;AAIA,OAAO,MAAMK,4BAA4B,GAAGhB,CAAC,CAACG,MAAM,CAAC;EACnDC,MAAM,EAAEJ,CAAC,CAACK,YAAY,CACpBJ,GAAG,CAACK,KAAK,CAACF,MAAM,EAChBJ,CAAC,CAACG,MAAM,CAAC;IACPI,GAAG,EAAEP,CAAC,CAACQ,OAAO,CAAC,8BAA8B;EAC/C,CAAC,CACH,CAAC;EACDC,OAAO,EAAET,CAAC,CAACK,YAAY,CACrBJ,GAAG,CAACK,KAAK,CAACG,OAAO,EACjBT,CAAC,CAACG,MAAM,CAAC;IACPc,GAAG,EAAEjB,CAAC,CAACW,MAAM,CAAC,CAAC;IACfO,GAAG,EAAElB,CAAC,CAACW,MAAM,CAAC,CAAC;IACfQ,WAAW,EAAEnB,CAAC,CAACW,MAAM,CAAC,CAAC,CAACS,QAAQ,CAAC,CAAC;IAClCC,WAAW,EAAErB,CAAC,CAACW,MAAM,CAAC,CAAC,CAACS,QAAQ,CAAC;EACnC,CAAC,CACH;AACF,CAAC,CAAC;AAKF,OAAO,MAAME,yBAAyB,GAAGtB,CAAC,CAACG,MAAM,CAAC;EAChDoB,mBAAmB,EAAEvB,CAAC,CAACwB,KAAK,CAC1BxB,CAAC,CAACG,MAAM,CAAC;IACPsB,kBAAkB,EAAEzB,CAAC,CAACW,MAAM,CAAC,CAAC;IAC9Be,MAAM,EAAE1B,CAAC,CAAC2B,IAAI,CAAC,CAAC,KAAK,EAAE,WAAW,EAAE,UAAU,CAAC;EACjD,CAAC,CACH;AACF,CAAC,CAAC"}

package/lib/module/wallet-instance-attestation/v1.0.0/utils.js

@@ -0,0 +1,31 @@
+import { WalletInstanceAttestationJwt } from "./types";
+import { decode as decodeJwt, verify as verifyJwt } from "@pagopa/io-react-native-jwt";
+
+/**
+ * Decode a given JWT to get the parsed Wallet Instance Attestation object they define.
+ * It ensures provided data is in a valid shape.
+ *
+ * It DOES NOT verify token signature nor check disclosures are correctly referenced by the JWT.
+ * Use {@link verify} instead
+ */
+export function decode(token) {
+  // decode JWT parts
+  const decodedJwt = decodeJwt(token);
+  // parse JWT to ensure it has the shape of a WalletInstanceAttestationJwt
+  return WalletInstanceAttestationJwt.parse({
+    header: decodedJwt.protectedHeader,
+    payload: decodedJwt.payload
+  });
+}
+
+/**
+ * Verify a given JWT to get the parsed Wallet Instance Attestation object they define.
+ * Same as {@link decode} plus token signature verification
+ */
+export async function verify(token) {
+  const decoded = decode(token);
+  const pubKey = decoded.payload.cnf.jwk;
+  await verifyJwt(token, pubKey);
+  return decoded;
+}
+//# sourceMappingURL=utils.js.map

package/lib/module/wallet-instance-attestation/v1.0.0/utils.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["WalletInstanceAttestationJwt","decode","decodeJwt","verify","verifyJwt","token","decodedJwt","parse","header","protectedHeader","payload","decoded","pubKey","cnf","jwk"],"sourceRoot":"../../../../src","sources":["wallet-instance-attestation/v1.0.0/utils.ts"],"mappings":"AAAA,SAASA,4BAA4B,QAAQ,SAAS;AACtD,SACEC,MAAM,IAAIC,SAAS,EACnBC,MAAM,IAAIC,SAAS,QACd,6BAA6B;;AAEpC;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,SAASH,MAAMA,CAACI,KAAa,EAAgC;EAClE;EACA,MAAMC,UAAU,GAAGJ,SAAS,CAACG,KAAK,CAAC;EACnC;EACA,OAAOL,4BAA4B,CAACO,KAAK,CAAC;IACxCC,MAAM,EAAEF,UAAU,CAACG,eAAe;IAClCC,OAAO,EAAEJ,UAAU,CAACI;EACtB,CAAC,CAAC;AACJ;;AAEA;AACA;AACA;AACA;AACA,OAAO,eAAeP,MAAMA,CAC1BE,KAAa,EAC0B;EACvC,MAAMM,OAAO,GAAGV,MAAM,CAACI,KAAK,CAAC;EAC7B,MAAMO,MAAM,GAAGD,OAAO,CAACD,OAAO,CAACG,GAAG,CAACC,GAAG;EAEtC,MAAMV,SAAS,CAACC,KAAK,EAAEO,MAAM,CAAC;EAE9B,OAAOD,OAAO;AAChB"}

package/lib/module/wallet-instance-attestation/v1.3.3/index.js

@@ -0,0 +1,12 @@
+import { UnimplementedFeatureError } from "../../utils/errors";
+import { getAttestation } from "./issuing";
+export const WalletInstanceAttestation = {
+  getAttestation,
+  decode: () => {
+    throw new UnimplementedFeatureError("decode", "1.3.3");
+  },
+  verify: () => {
+    throw new UnimplementedFeatureError("verify", "1.3.3");
+  }
+};
+//# sourceMappingURL=index.js.map

package/lib/module/wallet-instance-attestation/v1.3.3/index.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["UnimplementedFeatureError","getAttestation","WalletInstanceAttestation","decode","verify"],"sourceRoot":"../../../../src","sources":["wallet-instance-attestation/v1.3.3/index.ts"],"mappings":"AAAA,SAASA,yBAAyB,QAAQ,oBAAoB;AAE9D,SAASC,cAAc,QAAQ,WAAW;AAE1C,OAAO,MAAMC,yBAAuD,GAAG;EACrED,cAAc;EACdE,MAAM,EAAEA,CAAA,KAAM;IACZ,MAAM,IAAIH,yBAAyB,CAAC,QAAQ,EAAE,OAAO,CAAC;EACxD,CAAC;EACDI,MAAM,EAAEA,CAAA,KAAM;IACZ,MAAM,IAAIJ,yBAAyB,CAAC,QAAQ,EAAE,OAAO,CAAC;EACxD;AACF,CAAC"}

package/lib/module/wallet-instance-attestation/v1.3.3/issuing.js

@@ -0,0 +1,5 @@
+import { UnimplementedFeatureError } from "../../utils/errors";
+export const getAttestation = () => {
+  throw new UnimplementedFeatureError("getAttestation", "1.3.3");
+};
+//# sourceMappingURL=issuing.js.map

package/lib/module/wallet-instance-attestation/v1.3.3/issuing.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["UnimplementedFeatureError","getAttestation"],"sourceRoot":"../../../../src","sources":["wallet-instance-attestation/v1.3.3/issuing.ts"],"mappings":"AAAA,SAASA,yBAAyB,QAAQ,oBAAoB;AAG9D,OAAO,MAAMC,cAA8D,GACzEA,CAAA,KAAM;EACJ,MAAM,IAAID,yBAAyB,CAAC,gBAAgB,EAAE,OAAO,CAAC;AAChE,CAAC"}

package/lib/module/wallet-instance-attestation/v1.3.3/types.js

@@ -0,0 +1,32 @@
+import * as z from "zod";
+import { JWK } from "../../utils/jwk";
+import { Jwt } from "../common/types";
+const Status = z.object({
+  status_list: z.object({
+    idx: z.number(),
+    uri: z.string()
+  })
+});
+export const WalletAppAttestationJwt = z.object({
+  header: z.intersection(Jwt.shape.header, z.object({
+    typ: z.literal("oauth-client-attestation+jwt")
+  })),
+  payload: z.intersection(Jwt.shape.payload, z.object({
+    sub: z.string(),
+    wallet_link: z.string().optional(),
+    wallet_name: z.string().optional(),
+    status: Status.optional()
+  }))
+});
+export const WalletUnitAttestationJwt = z.object({
+  header: z.intersection(Jwt.shape.header, z.object({
+    typ: z.literal("key-attestation+jwt")
+  })),
+  payload: z.intersection(Jwt.shape.payload, z.object({
+    attested_keys: z.array(JWK),
+    user_authentication: z.array(z.string()),
+    key_storage: z.array(z.string()),
+    status: Status
+  }))
+});
+//# sourceMappingURL=types.js.map

package/lib/module/wallet-instance-attestation/v1.3.3/types.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["z","JWK","Jwt","Status","object","status_list","idx","number","uri","string","WalletAppAttestationJwt","header","intersection","shape","typ","literal","payload","sub","wallet_link","optional","wallet_name","status","WalletUnitAttestationJwt","attested_keys","array","user_authentication","key_storage"],"sourceRoot":"../../../../src","sources":["wallet-instance-attestation/v1.3.3/types.ts"],"mappings":"AAAA,OAAO,KAAKA,CAAC,MAAM,KAAK;AACxB,SAASC,GAAG,QAAQ,iBAAiB;AACrC,SAASC,GAAG,QAAQ,iBAAiB;AAErC,MAAMC,MAAM,GAAGH,CAAC,CAACI,MAAM,CAAC;EACtBC,WAAW,EAAEL,CAAC,CAACI,MAAM,CAAC;IACpBE,GAAG,EAAEN,CAAC,CAACO,MAAM,CAAC,CAAC;IACfC,GAAG,EAAER,CAAC,CAACS,MAAM,CAAC;EAChB,CAAC;AACH,CAAC,CAAC;AAGF,OAAO,MAAMC,uBAAuB,GAAGV,CAAC,CAACI,MAAM,CAAC;EAC9CO,MAAM,EAAEX,CAAC,CAACY,YAAY,CACpBV,GAAG,CAACW,KAAK,CAACF,MAAM,EAChBX,CAAC,CAACI,MAAM,CAAC;IACPU,GAAG,EAAEd,CAAC,CAACe,OAAO,CAAC,8BAA8B;EAC/C,CAAC,CACH,CAAC;EACDC,OAAO,EAAEhB,CAAC,CAACY,YAAY,CACrBV,GAAG,CAACW,KAAK,CAACG,OAAO,EACjBhB,CAAC,CAACI,MAAM,CAAC;IACPa,GAAG,EAAEjB,CAAC,CAACS,MAAM,CAAC,CAAC;IACfS,WAAW,EAAElB,CAAC,CAACS,MAAM,CAAC,CAAC,CAACU,QAAQ,CAAC,CAAC;IAClCC,WAAW,EAAEpB,CAAC,CAACS,MAAM,CAAC,CAAC,CAACU,QAAQ,CAAC,CAAC;IAClCE,MAAM,EAAElB,MAAM,CAACgB,QAAQ,CAAC;EAC1B,CAAC,CACH;AACF,CAAC,CAAC;AAGF,OAAO,MAAMG,wBAAwB,GAAGtB,CAAC,CAACI,MAAM,CAAC;EAC/CO,MAAM,EAAEX,CAAC,CAACY,YAAY,CACpBV,GAAG,CAACW,KAAK,CAACF,MAAM,EAChBX,CAAC,CAACI,MAAM,CAAC;IACPU,GAAG,EAAEd,CAAC,CAACe,OAAO,CAAC,qBAAqB;EACtC,CAAC,CACH,CAAC;EACDC,OAAO,EAAEhB,CAAC,CAACY,YAAY,CACrBV,GAAG,CAACW,KAAK,CAACG,OAAO,EACjBhB,CAAC,CAACI,MAAM,CAAC;IACPmB,aAAa,EAAEvB,CAAC,CAACwB,KAAK,CAACvB,GAAG,CAAC;IAC3BwB,mBAAmB,EAAEzB,CAAC,CAACwB,KAAK,CAACxB,CAAC,CAACS,MAAM,CAAC,CAAC,CAAC;IACxCiB,WAAW,EAAE1B,CAAC,CAACwB,KAAK,CAACxB,CAAC,CAACS,MAAM,CAAC,CAAC,CAAC;IAChCY,MAAM,EAAElB;EACV,CAAC,CACH;AACF,CAAC,CAAC"}

package/lib/typescript/IoWallet.d.ts

@@ -0,0 +1,28 @@
+import { type IoWalletApi, type ItwVersion } from "./api";
+type DigitalWalletConfig = {
+    /**
+     * IT-Wallet specifications version.
+     */
+    version: ItwVersion;
+};
+/**
+ * Instantiate `IoWallet` SDK for a specific IT-Wallet version.
+ *
+ * After initialization, each feature can be accessed under the corresponding namespace.
+ *
+ * @example
+ * const wallet = new IoWallet({ version: "1.0.0" })
+ * wallet.Credential.Issuance.exampleMethod()
+ */
+export declare class IoWallet {
+    #private;
+    /**
+     * Get the IT-Wallet specifications version bound to this instance.
+     */
+    get version(): ItwVersion;
+    constructor({ version }: DigitalWalletConfig);
+}
+export interface IoWallet extends IoWalletApi {
+}
+export {};
+//# sourceMappingURL=IoWallet.d.ts.map

package/lib/typescript/IoWallet.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"IoWallet.d.ts","sourceRoot":"","sources":["../../src/IoWallet.ts"],"names":[],"mappings":"AAAA,OAAO,EAAwB,KAAK,WAAW,EAAE,KAAK,UAAU,EAAE,MAAM,OAAO,CAAC;AAEhF,KAAK,mBAAmB,GAAG;IACzB;;OAEG;IACH,OAAO,EAAE,UAAU,CAAC;CACrB,CAAC;AAEF;;;;;;;;GAQG;AACH,qBAAa,QAAQ;;IAGnB;;OAEG;IACH,IAAI,OAAO,eAEV;gBAEW,EAAE,OAAO,EAAE,EAAE,mBAAmB;CAmB7C;AAED,MAAM,WAAW,QAAS,SAAQ,WAAW;CAAG"}

package/lib/typescript/api/index.d.ts

@@ -0,0 +1,29 @@
+import * as WalletInstance from "../wallet-instance";
+import * as WIA from "../wallet-instance-attestation";
+import * as Trust from "../trust";
+import * as CredentialIssuance from "../credential/issuance";
+import * as CredentialStatus from "../credential/status";
+import * as RemotePresentation from "../credential/presentation";
+import * as CredentialsCatalogue from "../credentials-catalogue";
+import * as Trustmark from "../credential/trustmark";
+import * as CredentialsOffer from "../credential/offer";
+export type ItwVersion = "1.0.0" | "1.3.3";
+/**
+ * The Wallet public API.
+ */
+export interface IoWalletApi {
+    WalletInstance: WalletInstance.WalletInstanceApi;
+    WalletInstanceAttestation: WIA.WalletInstanceAttestationApi;
+    Trust: Trust.TrustApi;
+    CredentialIssuance: CredentialIssuance.IssuanceApi;
+    CredentialStatus: CredentialStatus.CredentialStatusApi;
+    RemotePresentation: RemotePresentation.RemotePresentationApi;
+    CredentialsCatalogue: CredentialsCatalogue.CredentialsCatalogueApi;
+    Trustmark: Trustmark.TrustmarkApi;
+    CredentialsOffer: CredentialsOffer.OfferApi;
+}
+/**
+ * The Wallet API implementations grouped by IT-Wallet specifications version.
+ */
+export declare const ioWalletApiByVersion: Record<ItwVersion, IoWalletApi>;
+//# sourceMappingURL=index.d.ts.map