npm - @pagopa/io-react-native-wallet - Versions diffs - 2.5.0 → 3.0.0 - Mend

@pagopa/io-react-native-wallet 2.5.0 → 3.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (1562) hide show

package/lib/commonjs/credential/issuance/v1.0.0/03-complete-user-authorization.js ADDED Viewed

@@ -0,0 +1,195 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.parseAuthorizationResponse = exports.getRequestedCredentialToBePresented = exports.continueUserAuthorizationWithMRTDPoPChallenge = exports.completeUserAuthorizationWithQueryMode = exports.completeUserAuthorizationWithFormPostJwtMode = exports.buildAuthorizationUrl = void 0;
+var _auth = require("../../../utils/auth");
+var _misc = require("../../../utils/misc");
+var _parseUrl = _interopRequireDefault(require("parse-url"));
+var _errors = require("../../../utils/errors");
+var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
+var _types = require("./types");
+var _decoder = require("../../../utils/decoder");
+var _errors2 = require("../common/errors");
+var _logging = require("../../../utils/logging");
+var _types2 = require("../../presentation/v1.0.0/types");
+var _v = require("../../presentation/v1.0.0");
+function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
+const continueUserAuthorizationWithMRTDPoPChallenge = async authRedirectUrl => {
+  _logging.Logger.log(_logging.LogLevel.DEBUG, `The requested credential is a PersonIdentificationData and requires MRTD PoP, starting MRTD PoP validation from auth redirect`);
+  const query = (0, _parseUrl.default)(authRedirectUrl).query;
+  const authResParsed = _auth.AuthorizationChallengeResultShape.safeParse(query);
+  if (!authResParsed.success) {
+    const authErr = _auth.AuthorizationErrorShape.safeParse(query);
+    if (!authErr.success) {
+      _logging.Logger.log(_logging.LogLevel.ERROR, `Error while parsing the authorization response: ${authResParsed.error.message}`);
+      throw new _errors2.AuthorizationError(authResParsed.error.message); // an error occured while parsing the result and the error
+    }
+    _logging.Logger.log(_logging.LogLevel.ERROR, `Error while authorizating with the idp: ${JSON.stringify(authErr)}`);
+    throw new _errors2.AuthorizationIdpError(authErr.data.error, authErr.data.error_description);
+  }
+  return authResParsed.data;
+};
+exports.continueUserAuthorizationWithMRTDPoPChallenge = continueUserAuthorizationWithMRTDPoPChallenge;
+const buildAuthorizationUrl = async (issuerRequestUri, clientId, issuerConf, idpHint) => {
+  const authzRequestEndpoint = issuerConf.authorization_endpoint;
+  const params = new URLSearchParams({
+    client_id: clientId,
+    request_uri: issuerRequestUri
+  });
+  if (idpHint) {
+    params.append("idphint", idpHint);
+  }
+  const authUrl = `${authzRequestEndpoint}?${params}`;
+  return {
+    authUrl
+  };
+};
+exports.buildAuthorizationUrl = buildAuthorizationUrl;
+const completeUserAuthorizationWithQueryMode = async authRedirectUrl => {
+  _logging.Logger.log(_logging.LogLevel.DEBUG, `The requested credential is a PersonIdentificationData, completing the user authorization with query mode`);
+  const query = (0, _parseUrl.default)(authRedirectUrl).query;
+  return parseAuthorizationResponse(query);
+};
+exports.completeUserAuthorizationWithQueryMode = completeUserAuthorizationWithQueryMode;
+const getRequestedCredentialToBePresented = async function (issuerRequestUri, clientId, issuerConf) {
+  let appFetch = arguments.length > 3 && arguments[3] !== undefined ? arguments[3] : fetch;
+  _logging.Logger.log(_logging.LogLevel.DEBUG, `The requeste credential is not a PersonIdentificationData, requesting the credential to be presented`);
+  const authzRequestEndpoint = issuerConf.authorization_endpoint;
+  const params = new URLSearchParams({
+    client_id: clientId,
+    request_uri: issuerRequestUri
+  });
+  _logging.Logger.log(_logging.LogLevel.DEBUG, `Requesting the request object to ${authzRequestEndpoint}?${params.toString()}`);
+  const requestObject = await appFetch(`${authzRequestEndpoint}?${params.toString()}`, {
+    method: "GET"
+  }).then((0, _misc.hasStatusOrThrow)(200, _errors.IssuerResponseError)).then(res => res.text()).then(jws => (0, _ioReactNativeJwt.decode)(jws)).then(reqObj => _types2.RequestObjectPayload.safeParse(reqObj.payload));
+  if (!requestObject.success) {
+    _logging.Logger.log(_logging.LogLevel.ERROR, `Error while validating the response object: ${requestObject.error.message}`);
+    throw new _errors.ValidationFailed({
+      message: "Request Object validation failed",
+      reason: requestObject.error.message
+    });
+  }
+  return requestObject.data;
+};
+exports.getRequestedCredentialToBePresented = getRequestedCredentialToBePresented;
+const completeUserAuthorizationWithFormPostJwtMode = async (requestObject, _issuerConfig, pid, _ref) => {
+  let {
+    wiaCryptoContext,
+    pidKeyTag,
+    appFetch = fetch
+  } = _ref;
+  _logging.Logger.log(_logging.LogLevel.DEBUG, `The requeste credential is not a PersonIdentificationData, completing the user authorization with form_post.jwt mode`);
+  const dcqlQueryResult = await _v.RemotePresentation.evaluateDcqlQuery(requestObject.dcql_query, [[pidKeyTag, pid]]);
+  const authRequestObject = {
+    nonce: requestObject.nonce,
+    clientId: requestObject.client_id,
+    responseUri: requestObject.response_uri
+  };
+  const remotePresentation = await _v.RemotePresentation.prepareRemotePresentations(dcqlQueryResult, authRequestObject);
+  const authzResponsePayload = await createAuthzResponsePayload({
+    state: requestObject.state,
+    remotePresentation,
+    wiaCryptoContext
+  });
+  _logging.Logger.log(_logging.LogLevel.DEBUG, `Authz response payload: ${authzResponsePayload}`);
+  // Note: according to the spec, the response should be encrypted with the public key of the RP however this is not implemented yet
+  // https://openid.net/specs/openid-4-verifiable-presentations-1_0.html#name-signed-and-encrypted-response
+  // const rsaPublicJwk = chooseRSAPublicKeyToEncrypt(rpConf);
+  // const encrypted = await new EncryptJwe(authzResponsePayload, {
+  //   alg: "RSA-OAEP-256",
+  //   enc: "A256CBC-HS512",
+  //   kid: rsaPublicJwk.kid,
+  // }).encrypt(rsaPublicJwk);
+  const body = new URLSearchParams({
+    response: authzResponsePayload
+  }).toString();
+  const resUriRes = await appFetch(requestObject.response_uri, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/x-www-form-urlencoded"
+    },
+    body
+  }).then((0, _misc.hasStatusOrThrow)(200, _errors.IssuerResponseError)).then(reqUri => reqUri.json());
+  const responseUri = _types.ResponseUriResultShape.safeParse(resUriRes);
+  if (!responseUri.success) {
+    _logging.Logger.log(_logging.LogLevel.ERROR, `Error while validating the response uri: ${responseUri.error.message}`);
+    throw new _errors.ValidationFailed({
+      message: "Response Uri validation failed",
+      reason: responseUri.error.message
+    });
+  }
+  return await appFetch(responseUri.data.redirect_uri).then((0, _misc.hasStatusOrThrow)(200, _errors.IssuerResponseError)).then(res => res.text()).then(_decoder.getJwtFromFormPost).then(cbRes => parseAuthorizationResponse(cbRes.decodedJwt.payload));
+};
+/**
+ * Parse the authorization response and return the result which contains code, state and iss.
+ * @throws {AuthorizationError} if an error occurs during the parsing process
+ * @throws {AuthorizationIdpError} if an error occurs during the parsing process and the error is related to the IDP
+ * @param authRes the authorization response to be parsed
+ * @returns the authorization result which contains code, state and iss
+ */
+exports.completeUserAuthorizationWithFormPostJwtMode = completeUserAuthorizationWithFormPostJwtMode;
+const parseAuthorizationResponse = authRes => {
+  const authResParsed = _auth.AuthorizationResultShape.safeParse(authRes);
+  if (!authResParsed.success) {
+    const authErr = _auth.AuthorizationErrorShape.safeParse(authRes);
+    if (!authErr.success) {
+      _logging.Logger.log(_logging.LogLevel.ERROR, `Error while parsing the authorization response: ${authResParsed.error.message}`);
+      throw new _errors2.AuthorizationError(authResParsed.error.message); // an error occured while parsing the result and the error
+    }
+    _logging.Logger.log(_logging.LogLevel.ERROR, `Error while authorizating with the idp: ${JSON.stringify(authErr)}`);
+    throw new _errors2.AuthorizationIdpError(authErr.data.error, authErr.data.error_description);
+  }
+  return authResParsed.data;
+};
+/**
+ * Creates the authorization response payload to be sent.
+ * This payload includes the state and the VP tokens for the presented credentials.
+ * The payload is encoded in Base64.
+ * @param state - The state parameter from the request object (optional).
+ * @param remotePresentations - An array of remote presentations containing credential IDs and their corresponding VP tokens.
+ * @returns The Base64 encoded authorization response payload.
+ */
+exports.parseAuthorizationResponse = parseAuthorizationResponse;
+const createAuthzResponsePayload = async _ref2 => {
+  let {
+    state,
+    remotePresentation,
+    wiaCryptoContext
+  } = _ref2;
+  const {
+    kid
+  } = await wiaCryptoContext.getPublicKey();
+  return new _ioReactNativeJwt.SignJWT(wiaCryptoContext).setProtectedHeader({
+    typ: "jwt",
+    kid
+  }).setPayload({
+    /**
+     * TODO [SIW-2264]: `state` coming from `requestObject` is marked as `optional`
+     * At the moment, it is not entirely clear whether this value can indeed be omitted
+     * and, if so, what the consequences of its absence might be.
+     */
+    ...(state ? {
+      state
+    } : {}),
+    vp_token: remotePresentation.presentations.reduce((vp_token, _ref3) => {
+      let {
+        credentialId,
+        vpToken
+      } = _ref3;
+      return {
+        ...vp_token,
+        [credentialId]: vpToken
+      };
+    }, {})
+  }).setIssuedAt().setExpirationTime("1h").sign();
+};
+//# sourceMappingURL=03-complete-user-authorization.js.map

package/lib/commonjs/credential/issuance/v1.0.0/03-complete-user-authorization.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"names":["_auth","require","_misc","_parseUrl","_interopRequireDefault","_errors","_ioReactNativeJwt","_types","_decoder","_errors2","_logging","_types2","_v","obj","__esModule","default","continueUserAuthorizationWithMRTDPoPChallenge","authRedirectUrl","Logger","log","LogLevel","DEBUG","query","parseUrl","authResParsed","AuthorizationChallengeResultShape","safeParse","success","authErr","AuthorizationErrorShape","ERROR","error","message","AuthorizationError","JSON","stringify","AuthorizationIdpError","data","error_description","exports","buildAuthorizationUrl","issuerRequestUri","clientId","issuerConf","idpHint","authzRequestEndpoint","authorization_endpoint","params","URLSearchParams","client_id","request_uri","append","authUrl","completeUserAuthorizationWithQueryMode","parseAuthorizationResponse","getRequestedCredentialToBePresented","appFetch","arguments","length","undefined","fetch","toString","requestObject","method","then","hasStatusOrThrow","IssuerResponseError","res","text","jws","decode","reqObj","RequestObjectPayload","payload","ValidationFailed","reason","completeUserAuthorizationWithFormPostJwtMode","_issuerConfig","pid","_ref","wiaCryptoContext","pidKeyTag","dcqlQueryResult","RemotePresentationFlow","evaluateDcqlQuery","dcql_query","authRequestObject","nonce","responseUri","response_uri","remotePresentation","prepareRemotePresentations","authzResponsePayload","createAuthzResponsePayload","state","body","response","resUriRes","headers","reqUri","json","ResponseUriResultShape","redirect_uri","getJwtFromFormPost","cbRes","decodedJwt","authRes","AuthorizationResultShape","_ref2","kid","getPublicKey","SignJWT","setProtectedHeader","typ","setPayload","vp_token","presentations","reduce","_ref3","credentialId","vpToken","setIssuedAt","setExpirationTime","sign"],"sourceRoot":"../../../../../src","sources":["credential/issuance/v1.0.0/03-complete-user-authorization.ts"],"mappings":";;;;;;AAAA,IAAAA,KAAA,GAAAC,OAAA;AAMA,IAAAC,KAAA,GAAAD,OAAA;AACA,IAAAE,SAAA,GAAAC,sBAAA,CAAAH,OAAA;AAEA,IAAAI,OAAA,GAAAJ,OAAA;AACA,IAAAK,iBAAA,GAAAL,OAAA;AAKA,IAAAM,MAAA,GAAAN,OAAA;AACA,IAAAO,QAAA,GAAAP,OAAA;AACA,IAAAQ,QAAA,GAAAR,OAAA;AACA,IAAAS,QAAA,GAAAT,OAAA;AACA,IAAAU,OAAA,GAAAV,OAAA;AACA,IAAAW,EAAA,GAAAX,OAAA;AAAyF,SAAAG,uBAAAS,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAIlF,MAAMG,6CAA2G,GACtH,MAAOC,eAAe,IAAK;EACzBC,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACC,KAAK,EACb,+HACH,CAAC;EACD,MAAMC,KAAK,GAAG,IAAAC,iBAAQ,EAACN,eAAe,CAAC,CAACK,KAAK;EAE7C,MAAME,aAAa,GAAGC,uCAAiC,CAACC,SAAS,CAACJ,KAAK,CAAC;EACxE,IAAI,CAACE,aAAa,CAACG,OAAO,EAAE;IAC1B,MAAMC,OAAO,GAAGC,6BAAuB,CAACH,SAAS,CAACJ,KAAK,CAAC;IACxD,IAAI,CAACM,OAAO,CAACD,OAAO,EAAE;MACpBT,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACU,KAAK,EACb,mDAAkDN,aAAa,CAACO,KAAK,CAACC,OAAQ,EACjF,CAAC;MACD,MAAM,IAAIC,2BAAkB,CAACT,aAAa,CAACO,KAAK,CAACC,OAAO,CAAC,CAAC,CAAC;IAC7D;;IACAd,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACU,KAAK,EACb,2CAA0CI,IAAI,CAACC,SAAS,CAACP,OAAO,CAAE,EACrE,CAAC;IACD,MAAM,IAAIQ,8BAAqB,CAC7BR,OAAO,CAACS,IAAI,CAACN,KAAK,EAClBH,OAAO,CAACS,IAAI,CAACC,iBACf,CAAC;EACH;EACA,OAAOd,aAAa,CAACa,IAAI;AAC3B,CAAC;AAACE,OAAA,CAAAvB,6CAAA,GAAAA,6CAAA;AAEG,MAAMwB,qBAA2D,GACtE,MAAAA,CAAOC,gBAAgB,EAAEC,QAAQ,EAAEC,UAAU,EAAEC,OAAO,KAAK;EACzD,MAAMC,oBAAoB,GAAGF,UAAU,CAACG,sBAAsB;EAE9D,MAAMC,MAAM,GAAG,IAAIC,eAAe,CAAC;IACjCC,SAAS,EAAEP,QAAQ;IACnBQ,WAAW,EAAET;EACf,CAAC,CAAC;EAEF,IAAIG,OAAO,EAAE;IACXG,MAAM,CAACI,MAAM,CAAC,SAAS,EAAEP,OAAO,CAAC;EACnC;EAEA,MAAMQ,OAAO,GAAI,GAAEP,oBAAqB,IAAGE,MAAO,EAAC;EAEnD,OAAO;IAAEK;EAAQ,CAAC;AACpB,CAAC;AAACb,OAAA,CAAAC,qBAAA,GAAAA,qBAAA;AAEG,MAAMa,sCAA6F,GACxG,MAAOpC,eAAe,IAAK;EACzBC,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACC,KAAK,EACb,2GACH,CAAC;EACD,MAAMC,KAAK,GAAG,IAAAC,iBAAQ,EAACN,eAAe,CAAC,CAACK,KAAK;EAE7C,OAAOgC,0BAA0B,CAAChC,KAAK,CAAC;AAC1C,CAAC;AAACiB,OAAA,CAAAc,sCAAA,GAAAA,sCAAA;AAEG,MAAME,mCAAuF,GAClG,eAAAA,CAAOd,gBAAgB,EAAEC,QAAQ,EAAEC,UAAU,EAAuB;EAAA,IAArBa,QAAQ,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAGG,KAAK;EAC7D1C,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACC,KAAK,EACb,sGACH,CAAC;EACD,MAAMwB,oBAAoB,GAAGF,UAAU,CAACG,sBAAsB;EAC9D,MAAMC,MAAM,GAAG,IAAIC,eAAe,CAAC;IACjCC,SAAS,EAAEP,QAAQ;IACnBQ,WAAW,EAAET;EACf,CAAC,CAAC;EAEFvB,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACC,KAAK,EACb,oCAAmCwB,oBAAqB,IAAGE,MAAM,CAACc,QAAQ,CAAC,CAAE,EAChF,CAAC;EAED,MAAMC,aAAa,GAAG,MAAMN,QAAQ,CACjC,GAAEX,oBAAqB,IAAGE,MAAM,CAACc,QAAQ,CAAC,CAAE,EAAC,EAC9C;IAAEE,MAAM,EAAE;EAAM,CAClB,CAAC,CACEC,IAAI,CAAC,IAAAC,sBAAgB,EAAC,GAAG,EAAEC,2BAAmB,CAAC,CAAC,CAChDF,IAAI,CAAEG,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBJ,IAAI,CAAEK,GAAG,IAAK,IAAAC,wBAAM,EAACD,GAAG,CAAC,CAAC,CAC1BL,IAAI,CAAEO,MAAM,IAAKC,4BAAoB,CAAC9C,SAAS,CAAC6C,MAAM,CAACE,OAAO,CAAC,CAAC;EAEnE,IAAI,CAACX,aAAa,CAACnC,OAAO,EAAE;IAC1BT,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACU,KAAK,EACb,+CAA8CgC,aAAa,CAAC/B,KAAK,CAACC,OAAQ,EAC7E,CAAC;IACD,MAAM,IAAI0C,wBAAgB,CAAC;MACzB1C,OAAO,EAAE,kCAAkC;MAC3C2C,MAAM,EAAEb,aAAa,CAAC/B,KAAK,CAACC;IAC9B,CAAC,CAAC;EACJ;EACA,OAAO8B,aAAa,CAACzB,IAAI;AAC3B,CAAC;AAACE,OAAA,CAAAgB,mCAAA,GAAAA,mCAAA;AAEG,MAAMqB,4CAAyG,GACpH,MAAAA,CACEd,aAAa,EACbe,aAAa,EACbC,GAAG,EAAAC,IAAA,KAEA;EAAA,IADH;IAAEC,gBAAgB;IAAEC,SAAS;IAAEzB,QAAQ,GAAGI;EAAM,CAAC,GAAAmB,IAAA;EAEjD7D,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACC,KAAK,EACb,sHACH,CAAC;EAED,MAAM6D,eAAe,GAAG,MAAMC,qBAAsB,CAACC,iBAAiB,CACpEtB,aAAa,CAACuB,UAAU,EACxB,CAAC,CAACJ,SAAS,EAAEH,GAAG,CAAC,CACnB,CAAC;EAED,MAAMQ,iBAAiB,GAAG;IACxBC,KAAK,EAAEzB,aAAa,CAACyB,KAAK;IAC1B7C,QAAQ,EAAEoB,aAAa,CAACb,SAAS;IACjCuC,WAAW,EAAE1B,aAAa,CAAC2B;EAC7B,CAAC;EAED,MAAMC,kBAAkB,GACtB,MAAMP,qBAAsB,CAACQ,0BAA0B,CACrDT,eAAe,EACfI,iBACF,CAAC;EAEH,MAAMM,oBAAoB,GAAG,MAAMC,0BAA0B,CAAC;IAC5DC,KAAK,EAAEhC,aAAa,CAACgC,KAAK;IAC1BJ,kBAAkB;IAClBV;EACF,CAAC,CAAC;EAEF9D,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACC,KAAK,EACb,2BAA0BuE,oBAAqB,EAClD,CAAC;;EAED;EACA;EACA;EACA;EACA;EACA;EACA;EACA;;EAEA,MAAMG,IAAI,GAAG,IAAI/C,eAAe,CAAC;IAC/BgD,QAAQ,EAAEJ;EACZ,CAAC,CAAC,CAAC/B,QAAQ,CAAC,CAAC;EAEb,MAAMoC,SAAS,GAAG,MAAMzC,QAAQ,CAACM,aAAa,CAAC2B,YAAY,EAAE;IAC3D1B,MAAM,EAAE,MAAM;IACdmC,OAAO,EAAE;MACP,cAAc,EAAE;IAClB,CAAC;IACDH;EACF,CAAC,CAAC,CACC/B,IAAI,CAAC,IAAAC,sBAAgB,EAAC,GAAG,EAAEC,2BAAmB,CAAC,CAAC,CAChDF,IAAI,CAAEmC,MAAM,IAAKA,MAAM,CAACC,IAAI,CAAC,CAAC,CAAC;EAElC,MAAMZ,WAAW,GAAGa,6BAAsB,CAAC3E,SAAS,CAACuE,SAAS,CAAC;EAC/D,IAAI,CAACT,WAAW,CAAC7D,OAAO,EAAE;IACxBT,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACU,KAAK,EACb,4CAA2C0D,WAAW,CAACzD,KAAK,CAACC,OAAQ,EACxE,CAAC;IACD,MAAM,IAAI0C,wBAAgB,CAAC;MACzB1C,OAAO,EAAE,gCAAgC;MACzC2C,MAAM,EAAEa,WAAW,CAACzD,KAAK,CAACC;IAC5B,CAAC,CAAC;EACJ;EAEA,OAAO,MAAMwB,QAAQ,CAACgC,WAAW,CAACnD,IAAI,CAACiE,YAAY,CAAC,CACjDtC,IAAI,CAAC,IAAAC,sBAAgB,EAAC,GAAG,EAAEC,2BAAmB,CAAC,CAAC,CAChDF,IAAI,CAAEG,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBJ,IAAI,CAACuC,2BAAkB,CAAC,CACxBvC,IAAI,CAAEwC,KAAK,IAAKlD,0BAA0B,CAACkD,KAAK,CAACC,UAAU,CAAChC,OAAO,CAAC,CAAC;AAC1E,CAAC;;AAEH;AACA;AACA;AACA;AACA;AACA;AACA;AANAlC,OAAA,CAAAqC,4CAAA,GAAAA,4CAAA;AAOO,MAAMtB,0BAA0B,GACrCoD,OAAgB,IACQ;EACxB,MAAMlF,aAAa,GAAGmF,8BAAwB,CAACjF,SAAS,CAACgF,OAAO,CAAC;EACjE,IAAI,CAAClF,aAAa,CAACG,OAAO,EAAE;IAC1B,MAAMC,OAAO,GAAGC,6BAAuB,CAACH,SAAS,CAACgF,OAAO,CAAC;IAC1D,IAAI,CAAC9E,OAAO,CAACD,OAAO,EAAE;MACpBT,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACU,KAAK,EACb,mDAAkDN,aAAa,CAACO,KAAK,CAACC,OAAQ,EACjF,CAAC;MACD,MAAM,IAAIC,2BAAkB,CAACT,aAAa,CAACO,KAAK,CAACC,OAAO,CAAC,CAAC,CAAC;IAC7D;;IACAd,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACU,KAAK,EACb,2CAA0CI,IAAI,CAACC,SAAS,CAACP,OAAO,CAAE,EACrE,CAAC;IACD,MAAM,IAAIQ,8BAAqB,CAC7BR,OAAO,CAACS,IAAI,CAACN,KAAK,EAClBH,OAAO,CAACS,IAAI,CAACC,iBACf,CAAC;EACH;EACA,OAAOd,aAAa,CAACa,IAAI;AAC3B,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAPAE,OAAA,CAAAe,0BAAA,GAAAA,0BAAA;AAQA,MAAMuC,0BAA0B,GAAG,MAAAe,KAAA,IAQZ;EAAA,IARmB;IACxCd,KAAK;IACLJ,kBAAkB;IAClBV;EAKF,CAAC,GAAA4B,KAAA;EACC,MAAM;IAAEC;EAAI,CAAC,GAAG,MAAM7B,gBAAgB,CAAC8B,YAAY,CAAC,CAAC;EAErD,OAAO,IAAIC,yBAAO,CAAC/B,gBAAgB,CAAC,CACjCgC,kBAAkB,CAAC;IAClBC,GAAG,EAAE,KAAK;IACVJ;EACF,CAAC,CAAC,CACDK,UAAU,CAAC;IACV;AACN;AACA;AACA;AACA;IACM,IAAIpB,KAAK,GAAG;MAAEA;IAAM,CAAC,GAAG,CAAC,CAAC,CAAC;IAC3BqB,QAAQ,EAAEzB,kBAAkB,CAAC0B,aAAa,CAACC,MAAM,CAC/C,CAACF,QAAQ,EAAAG,KAAA;MAAA,IAAE;QAAEC,YAAY;QAAEC;MAAQ,CAAC,GAAAF,KAAA;MAAA,OAAM;QACxC,GAAGH,QAAQ;QACX,CAACI,YAAY,GAAGC;MAClB,CAAC;IAAA,CAAC,EACF,CAAC,CACH;EACF,CAAC,CAAC,CACDC,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,IAAI,CAAC,CAAC;AACX,CAAC"}

package/lib/commonjs/credential/issuance/v1.0.0/04-authorize-access.js ADDED Viewed

@@ -0,0 +1,69 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.authorizeAccess = void 0;
+var _uuid = require("uuid");
+var _misc = require("../../../utils/misc");
+var _dpop = require("../../../utils/dpop");
+var _pop = require("../../../utils/pop");
+var _types = require("./types");
+var _errors = require("../../../utils/errors");
+var _logging = require("../../../utils/logging");
+var WalletInstanceAttestation = _interopRequireWildcard(require("../../../wallet-instance-attestation/v1.0.0/utils"));
+function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
+function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
+const authorizeAccess = async (issuerConf, code, redirectUri, codeVerifier, context) => {
+  const {
+    appFetch = fetch,
+    walletInstanceAttestation,
+    wiaCryptoContext,
+    dPopCryptoContext
+  } = context;
+  const aud = issuerConf.credential_issuer;
+  const iss = WalletInstanceAttestation.decode(walletInstanceAttestation).payload.cnf.jwk.kid;
+  const tokenUrl = issuerConf.token_endpoint;
+  const tokenRequestSignedDPop = await (0, _dpop.createDPopToken)({
+    htm: "POST",
+    htu: tokenUrl,
+    jti: `${(0, _uuid.v4)()}`
+  }, dPopCryptoContext);
+  _logging.Logger.log(_logging.LogLevel.DEBUG, `Token request DPoP: ${tokenRequestSignedDPop}`);
+  const signedWiaPoP = await (0, _pop.createPopToken)({
+    jti: `${(0, _uuid.v4)()}`,
+    aud,
+    iss
+  }, wiaCryptoContext);
+  _logging.Logger.log(_logging.LogLevel.DEBUG, `WIA DPoP token: ${signedWiaPoP}`);
+  const requestBody = {
+    grant_type: "authorization_code",
+    code,
+    code_verifier: codeVerifier,
+    redirect_uri: redirectUri
+  };
+  const authorizationRequestFormBody = new URLSearchParams(requestBody);
+  _logging.Logger.log(_logging.LogLevel.DEBUG, `Auth form request body: ${authorizationRequestFormBody}`);
+  const tokenRes = await appFetch(tokenUrl, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/x-www-form-urlencoded",
+      DPoP: tokenRequestSignedDPop,
+      "OAuth-Client-Attestation": walletInstanceAttestation,
+      "OAuth-Client-Attestation-PoP": signedWiaPoP
+    },
+    body: authorizationRequestFormBody.toString()
+  }).then((0, _misc.hasStatusOrThrow)(200, _errors.IssuerResponseError)).then(res => res.json()).then(body => _types.TokenResponse.safeParse(body));
+  if (!tokenRes.success) {
+    _logging.Logger.log(_logging.LogLevel.ERROR, `Token Response validation failed: ${tokenRes.error.message}`);
+    throw new _errors.ValidationFailed({
+      message: "Token Response validation failed",
+      reason: tokenRes.error.message
+    });
+  }
+  return {
+    accessToken: tokenRes.data
+  };
+};
+exports.authorizeAccess = authorizeAccess;
+//# sourceMappingURL=04-authorize-access.js.map

package/lib/commonjs/credential/issuance/v1.0.0/04-authorize-access.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"names":["_uuid","require","_misc","_dpop","_pop","_types","_errors","_logging","WalletInstanceAttestation","_interopRequireWildcard","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","authorizeAccess","issuerConf","code","redirectUri","codeVerifier","context","appFetch","fetch","walletInstanceAttestation","wiaCryptoContext","dPopCryptoContext","aud","credential_issuer","iss","decode","payload","cnf","jwk","kid","tokenUrl","token_endpoint","tokenRequestSignedDPop","createDPopToken","htm","htu","jti","uuidv4","Logger","log","LogLevel","DEBUG","signedWiaPoP","createPopToken","requestBody","grant_type","code_verifier","redirect_uri","authorizationRequestFormBody","URLSearchParams","tokenRes","method","headers","DPoP","body","toString","then","hasStatusOrThrow","IssuerResponseError","res","json","TokenResponse","safeParse","success","ERROR","error","message","ValidationFailed","reason","accessToken","data","exports"],"sourceRoot":"../../../../../src","sources":["credential/issuance/v1.0.0/04-authorize-access.ts"],"mappings":";;;;;;AAAA,IAAAA,KAAA,GAAAC,OAAA;AACA,IAAAC,KAAA,GAAAD,OAAA;AACA,IAAAE,KAAA,GAAAF,OAAA;AACA,IAAAG,IAAA,GAAAH,OAAA;AACA,IAAAI,MAAA,GAAAJ,OAAA;AACA,IAAAK,OAAA,GAAAL,OAAA;AACA,IAAAM,QAAA,GAAAN,OAAA;AAEA,IAAAO,yBAAA,GAAAC,uBAAA,CAAAR,OAAA;AAA+F,SAAAS,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAF,wBAAAM,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAExF,MAAMW,eAA+C,GAAG,MAAAA,CAC7DC,UAAU,EACVC,IAAI,EACJC,WAAW,EACXC,YAAY,EACZC,OAAO,KACJ;EACH,MAAM;IACJC,QAAQ,GAAGC,KAAK;IAChBC,yBAAyB;IACzBC,gBAAgB;IAChBC;EACF,CAAC,GAAGL,OAAO;EACX,MAAMM,GAAG,GAAGV,UAAU,CAACW,iBAAiB;EACxC,MAAMC,GAAG,GAAGrC,yBAAyB,CAACsC,MAAM,CAACN,yBAAyB,CAAC,CACpEO,OAAO,CAACC,GAAG,CAACC,GAAG,CAACC,GAAG;EAEtB,MAAMC,QAAQ,GAAGlB,UAAU,CAACmB,cAAc;EAE1C,MAAMC,sBAAsB,GAAG,MAAM,IAAAC,qBAAe,EAClD;IACEC,GAAG,EAAE,MAAM;IACXC,GAAG,EAAEL,QAAQ;IACbM,GAAG,EAAG,GAAE,IAAAC,QAAM,EAAC,CAAE;EACnB,CAAC,EACDhB,iBACF,CAAC;EAEDiB,eAAM,CAACC,GAAG,CAACC,iBAAQ,CAACC,KAAK,EAAG,uBAAsBT,sBAAuB,EAAC,CAAC;EAE3E,MAAMU,YAAY,GAAG,MAAM,IAAAC,mBAAc,EACvC;IACEP,GAAG,EAAG,GAAE,IAAAC,QAAM,EAAC,CAAE,EAAC;IAClBf,GAAG;IACHE;EACF,CAAC,EACDJ,gBACF,CAAC;EAEDkB,eAAM,CAACC,GAAG,CAACC,iBAAQ,CAACC,KAAK,EAAG,mBAAkBC,YAAa,EAAC,CAAC;EAE7D,MAAME,WAAW,GAAG;IAClBC,UAAU,EAAE,oBAAoB;IAChChC,IAAI;IACJiC,aAAa,EAAE/B,YAAY;IAC3BgC,YAAY,EAAEjC;EAChB,CAAC;EAED,MAAMkC,4BAA4B,GAAG,IAAIC,eAAe,CAACL,WAAW,CAAC;EAErEN,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACC,KAAK,EACb,2BAA0BO,4BAA6B,EAC1D,CAAC;EAED,MAAME,QAAQ,GAAG,MAAMjC,QAAQ,CAACa,QAAQ,EAAE;IACxCqB,MAAM,EAAE,MAAM;IACdC,OAAO,EAAE;MACP,cAAc,EAAE,mCAAmC;MACnDC,IAAI,EAAErB,sBAAsB;MAC5B,0BAA0B,EAAEb,yBAAyB;MACrD,8BAA8B,EAAEuB;IAClC,CAAC;IACDY,IAAI,EAAEN,4BAA4B,CAACO,QAAQ,CAAC;EAC9C,CAAC,CAAC,CACCC,IAAI,CAAC,IAAAC,sBAAgB,EAAC,GAAG,EAAEC,2BAAmB,CAAC,CAAC,CAChDF,IAAI,CAAEG,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBJ,IAAI,CAAEF,IAAI,IAAKO,oBAAa,CAACC,SAAS,CAACR,IAAI,CAAC,CAAC;EAEhD,IAAI,CAACJ,QAAQ,CAACa,OAAO,EAAE;IACrBzB,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACwB,KAAK,EACb,qCAAoCd,QAAQ,CAACe,KAAK,CAACC,OAAQ,EAC9D,CAAC;IAED,MAAM,IAAIC,wBAAgB,CAAC;MACzBD,OAAO,EAAE,kCAAkC;MAC3CE,MAAM,EAAElB,QAAQ,CAACe,KAAK,CAACC;IACzB,CAAC,CAAC;EACJ;EAEA,OAAO;IAAEG,WAAW,EAAEnB,QAAQ,CAACoB;EAAK,CAAC;AACvC,CAAC;AAACC,OAAA,CAAA5D,eAAA,GAAAA,eAAA"}

package/lib/commonjs/credential/issuance/v1.0.0/05-obtain-credential.js ADDED Viewed

@@ -0,0 +1,148 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.obtainCredential = exports.createNonceProof = void 0;
+var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
+var _uuid = require("uuid");
+var _misc = require("../../../utils/misc");
+var _errors = require("../../../utils/errors");
+var _dpop = require("../../../utils/dpop");
+var _logging = require("../../../utils/logging");
+var _types = require("./types");
+const createNonceProof = async (nonce, issuer, audience, ctx) => {
+  const jwk = await ctx.getPublicKey();
+  return new _ioReactNativeJwt.SignJWT(ctx).setPayload({
+    nonce
+  }).setProtectedHeader({
+    typ: "openid4vci-proof+jwt",
+    jwk
+  }).setAudience(audience).setIssuer(issuer).setIssuedAt().setExpirationTime("5min").sign();
+};
+exports.createNonceProof = createNonceProof;
+const obtainCredential = async (issuerConf, accessToken, clientId, credentialDefinition, context) => {
+  const {
+    credentialCryptoContext,
+    appFetch = fetch,
+    dPopCryptoContext
+  } = context;
+  const {
+    credential_configuration_id,
+    credential_identifier
+  } = credentialDefinition;
+  const credentialUrl = issuerConf.credential_endpoint;
+  const issuerUrl = issuerConf.credential_issuer;
+  const nonceUrl = issuerConf.nonce_endpoint;
+  // Fetch the nonce from the Credential Issuer
+  const {
+    c_nonce
+  } = await appFetch(nonceUrl, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/json"
+    }
+  }).then((0, _misc.hasStatusOrThrow)(200)).then(res => res.json()).then(body => _types.NonceResponse.parse(body));
+  /**
+   * JWT proof token to bind the request nonce to the key that will bind the holder User with the Credential
+   * This is presented along with the access token to the Credential Endpoint as proof of possession of the private key used to sign the Access Token.
+   * @see https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0.html#name-proof-types
+   */
+  const signedNonceProof = await createNonceProof(c_nonce, clientId, issuerUrl, credentialCryptoContext);
+  _logging.Logger.log(_logging.LogLevel.DEBUG, `Signed nonce proof: ${signedNonceProof}`);
+  // Validation of accessTokenResponse.authorization_details if contain credentialDefinition
+  const containsCredentialDefinition = accessToken.authorization_details.some(c => c.credential_configuration_id === credential_configuration_id && (credential_identifier ? c.credential_identifiers.includes(credential_identifier) : true));
+  if (!containsCredentialDefinition) {
+    _logging.Logger.log(_logging.LogLevel.ERROR, `Credential definition not found in the access token response ${accessToken.authorization_details}`);
+    throw new _errors.ValidationFailed({
+      message: "The access token response does not contain the requested credential"
+    });
+  }
+  /**
+   * The credential request body.
+   * We accept both `credential_identifier` (recommended) and `credential_configuration_id`
+   * when the Authorization Server does not support `credential_identifier`.
+   * @see https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0-15.html#section-3.3.4
+   */
+  const credentialRequestFormBody = credential_identifier ? {
+    credential_identifier: credential_identifier,
+    proof: {
+      jwt: signedNonceProof,
+      proof_type: "jwt"
+    }
+  } : {
+    credential_configuration_id: credential_configuration_id,
+    proof: {
+      jwt: signedNonceProof,
+      proof_type: "jwt"
+    }
+  };
+  _logging.Logger.log(_logging.LogLevel.DEBUG, `Credential request body: ${JSON.stringify(credentialRequestFormBody)}`);
+  const tokenRequestSignedDPop = await (0, _dpop.createDPopToken)({
+    htm: "POST",
+    htu: credentialUrl,
+    jti: `${(0, _uuid.v4)()}`,
+    ath: await (0, _ioReactNativeJwt.sha256ToBase64)(accessToken.access_token)
+  }, dPopCryptoContext);
+  _logging.Logger.log(_logging.LogLevel.DEBUG, `Token request DPoP: ${tokenRequestSignedDPop}`);
+  const credentialRes = await appFetch(credentialUrl, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/json",
+      DPoP: tokenRequestSignedDPop,
+      Authorization: `${accessToken.token_type} ${accessToken.access_token}`
+    },
+    body: JSON.stringify(credentialRequestFormBody)
+  }).then((0, _misc.hasStatusOrThrow)(200)).then(res => res.json()).then(body => _types.CredentialResponse.safeParse(body)).catch(handleObtainCredentialError);
+  if (!credentialRes.success) {
+    _logging.Logger.log(_logging.LogLevel.ERROR, `Credential Response validation failed: ${credentialRes.error.message}`);
+    throw new _errors.ValidationFailed({
+      message: "Credential Response validation failed",
+      reason: credentialRes.error.message
+    });
+  }
+  _logging.Logger.log(_logging.LogLevel.DEBUG, `Credential Response: ${JSON.stringify(credentialRes.data)}`);
+  // Extract the format corresponding to the credential_configuration_id used
+  const issuerCredentialConfig = issuerConf.credential_configurations_supported[credential_configuration_id];
+  // TODO: [SIW-2264] Handle multiple credentials
+  return {
+    credential: credentialRes.data.credentials.at(0).credential,
+    format: issuerCredentialConfig.format
+  };
+};
+/**
+ * Handle the credential error by mapping it to a custom exception.
+ * If the error is not an instance of {@link UnexpectedStatusCodeError}, it is thrown as is.
+ * @param e - The error to be handled
+ * @throws {IssuerResponseError} with a specific code for more context
+ */
+exports.obtainCredential = obtainCredential;
+const handleObtainCredentialError = e => {
+  _logging.Logger.log(_logging.LogLevel.ERROR, `Error occurred while obtaining credential: ${e}`);
+  if (!(e instanceof _errors.UnexpectedStatusCodeError)) {
+    throw e;
+  }
+  throw new _errors.ResponseErrorBuilder(_errors.IssuerResponseError).handle(201, {
+    // Although it is technically not an error, we handle it as such to avoid
+    // changing the return type of `obtainCredential` and introduce a breaking change.
+    code: _errors.IssuerResponseErrorCodes.CredentialIssuingNotSynchronous,
+    message: "This credential cannot be issued synchronously. It will be available at a later time."
+  }).handle(403, {
+    code: _errors.IssuerResponseErrorCodes.CredentialInvalidStatus,
+    message: "Invalid status found for the given credential"
+  }).handle(404, {
+    code: _errors.IssuerResponseErrorCodes.CredentialInvalidStatus,
+    message: "Invalid status found for the given credential"
+  }).handle("*", {
+    code: _errors.IssuerResponseErrorCodes.CredentialRequestFailed,
+    message: "Unable to obtain the requested credential"
+  }).buildFrom(e);
+};
+//# sourceMappingURL=05-obtain-credential.js.map

package/lib/commonjs/credential/issuance/v1.0.0/05-obtain-credential.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"names":["_ioReactNativeJwt","require","_uuid","_misc","_errors","_dpop","_logging","_types","createNonceProof","nonce","issuer","audience","ctx","jwk","getPublicKey","SignJWT","setPayload","setProtectedHeader","typ","setAudience","setIssuer","setIssuedAt","setExpirationTime","sign","exports","obtainCredential","issuerConf","accessToken","clientId","credentialDefinition","context","credentialCryptoContext","appFetch","fetch","dPopCryptoContext","credential_configuration_id","credential_identifier","credentialUrl","credential_endpoint","issuerUrl","credential_issuer","nonceUrl","nonce_endpoint","c_nonce","method","headers","then","hasStatusOrThrow","res","json","body","NonceResponse","parse","signedNonceProof","Logger","log","LogLevel","DEBUG","containsCredentialDefinition","authorization_details","some","c","credential_identifiers","includes","ERROR","ValidationFailed","message","credentialRequestFormBody","proof","jwt","proof_type","JSON","stringify","tokenRequestSignedDPop","createDPopToken","htm","htu","jti","uuidv4","ath","sha256ToBase64","access_token","credentialRes","DPoP","Authorization","token_type","CredentialResponse","safeParse","catch","handleObtainCredentialError","success","error","reason","data","issuerCredentialConfig","credential_configurations_supported","credential","credentials","at","format","e","UnexpectedStatusCodeError","ResponseErrorBuilder","IssuerResponseError","handle","code","IssuerResponseErrorCodes","CredentialIssuingNotSynchronous","CredentialInvalidStatus","CredentialRequestFailed","buildFrom"],"sourceRoot":"../../../../../src","sources":["credential/issuance/v1.0.0/05-obtain-credential.ts"],"mappings":";;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AAKA,IAAAC,KAAA,GAAAD,OAAA;AACA,IAAAE,KAAA,GAAAF,OAAA;AACA,IAAAG,OAAA,GAAAH,OAAA;AAOA,IAAAI,KAAA,GAAAJ,OAAA;AACA,IAAAK,QAAA,GAAAL,OAAA;AAEA,IAAAM,MAAA,GAAAN,OAAA;AAEO,MAAMO,gBAAgB,GAAG,MAAAA,CAC9BC,KAAa,EACbC,MAAc,EACdC,QAAgB,EAChBC,GAAkB,KACE;EACpB,MAAMC,GAAG,GAAG,MAAMD,GAAG,CAACE,YAAY,CAAC,CAAC;EACpC,OAAO,IAAIC,yBAAO,CAACH,GAAG,CAAC,CACpBI,UAAU,CAAC;IACVP;EACF,CAAC,CAAC,CACDQ,kBAAkB,CAAC;IAClBC,GAAG,EAAE,sBAAsB;IAC3BL;EACF,CAAC,CAAC,CACDM,WAAW,CAACR,QAAQ,CAAC,CACrBS,SAAS,CAACV,MAAM,CAAC,CACjBW,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,MAAM,CAAC,CACzBC,IAAI,CAAC,CAAC;AACX,CAAC;AAACC,OAAA,CAAAhB,gBAAA,GAAAA,gBAAA;AAEK,MAAMiB,gBAAiD,GAAG,MAAAA,CAC/DC,UAAU,EACVC,WAAW,EACXC,QAAQ,EACRC,oBAAoB,EACpBC,OAAO,KACJ;EACH,MAAM;IACJC,uBAAuB;IACvBC,QAAQ,GAAGC,KAAK;IAChBC;EACF,CAAC,GAAGJ,OAAO;EACX,MAAM;IAAEK,2BAA2B;IAAEC;EAAsB,CAAC,GAC1DP,oBAAoB;EAEtB,MAAMQ,aAAa,GAAGX,UAAU,CAACY,mBAAmB;EACpD,MAAMC,SAAS,GAAGb,UAAU,CAACc,iBAAiB;EAC9C,MAAMC,QAAQ,GAAGf,UAAU,CAACgB,cAAc;;EAE1C;EACA,MAAM;IAAEC;EAAQ,CAAC,GAAG,MAAMX,QAAQ,CAACS,QAAQ,EAAE;IAC3CG,MAAM,EAAE,MAAM;IACdC,OAAO,EAAE;MAAE,cAAc,EAAE;IAAmB;EAChD,CAAC,CAAC,CACCC,IAAI,CAAC,IAAAC,sBAAgB,EAAC,GAAG,CAAC,CAAC,CAC3BD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBH,IAAI,CAAEI,IAAI,IAAKC,oBAAa,CAACC,KAAK,CAACF,IAAI,CAAC,CAAC;;EAE5C;AACF;AACA;AACA;AACA;EACE,MAAMG,gBAAgB,GAAG,MAAM7C,gBAAgB,CAC7CmC,OAAO,EACPf,QAAQ,EACRW,SAAS,EACTR,uBACF,CAAC;EAEDuB,eAAM,CAACC,GAAG,CAACC,iBAAQ,CAACC,KAAK,EAAG,uBAAsBJ,gBAAiB,EAAC,CAAC;;EAErE;EACA,MAAMK,4BAA4B,GAAG/B,WAAW,CAACgC,qBAAqB,CAACC,IAAI,CACxEC,CAAC,IACAA,CAAC,CAAC1B,2BAA2B,KAAKA,2BAA2B,KAC5DC,qBAAqB,GAClByB,CAAC,CAACC,sBAAsB,CAACC,QAAQ,CAAC3B,qBAAqB,CAAC,GACxD,IAAI,CACZ,CAAC;EAED,IAAI,CAACsB,4BAA4B,EAAE;IACjCJ,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACQ,KAAK,EACb,gEAA+DrC,WAAW,CAACgC,qBAAsB,EACpG,CAAC;IACD,MAAM,IAAIM,wBAAgB,CAAC;MACzBC,OAAO,EACL;IACJ,CAAC,CAAC;EACJ;;EAEA;AACF;AACA;AACA;AACA;AACA;EACE,MAAMC,yBAAyB,GAAG/B,qBAAqB,GACnD;IACEA,qBAAqB,EAAEA,qBAAqB;IAC5CgC,KAAK,EAAE;MAAEC,GAAG,EAAEhB,gBAAgB;MAAEiB,UAAU,EAAE;IAAM;EACpD,CAAC,GACD;IACEnC,2BAA2B,EAAEA,2BAA2B;IACxDiC,KAAK,EAAE;MAAEC,GAAG,EAAEhB,gBAAgB;MAAEiB,UAAU,EAAE;IAAM;EACpD,CAAC;EAELhB,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACC,KAAK,EACb,4BAA2Bc,IAAI,CAACC,SAAS,CAACL,yBAAyB,CAAE,EACxE,CAAC;EAED,MAAMM,sBAAsB,GAAG,MAAM,IAAAC,qBAAe,EAClD;IACEC,GAAG,EAAE,MAAM;IACXC,GAAG,EAAEvC,aAAa;IAClBwC,GAAG,EAAG,GAAE,IAAAC,QAAM,EAAC,CAAE,EAAC;IAClBC,GAAG,EAAE,MAAM,IAAAC,gCAAc,EAACrD,WAAW,CAACsD,YAAY;EACpD,CAAC,EACD/C,iBACF,CAAC;EAEDoB,eAAM,CAACC,GAAG,CAACC,iBAAQ,CAACC,KAAK,EAAG,uBAAsBgB,sBAAuB,EAAC,CAAC;EAE3E,MAAMS,aAAa,GAAG,MAAMlD,QAAQ,CAACK,aAAa,EAAE;IAClDO,MAAM,EAAE,MAAM;IACdC,OAAO,EAAE;MACP,cAAc,EAAE,kBAAkB;MAClCsC,IAAI,EAAEV,sBAAsB;MAC5BW,aAAa,EAAG,GAAEzD,WAAW,CAAC0D,UAAW,IAAG1D,WAAW,CAACsD,YAAa;IACvE,CAAC;IACD/B,IAAI,EAAEqB,IAAI,CAACC,SAAS,CAACL,yBAAyB;EAChD,CAAC,CAAC,CACCrB,IAAI,CAAC,IAAAC,sBAAgB,EAAC,GAAG,CAAC,CAAC,CAC3BD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBH,IAAI,CAAEI,IAAI,IAAKoC,yBAAkB,CAACC,SAAS,CAACrC,IAAI,CAAC,CAAC,CAClDsC,KAAK,CAACC,2BAA2B,CAAC;EAErC,IAAI,CAACP,aAAa,CAACQ,OAAO,EAAE;IAC1BpC,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACQ,KAAK,EACb,0CAAyCkB,aAAa,CAACS,KAAK,CAACzB,OAAQ,EACxE,CAAC;IACD,MAAM,IAAID,wBAAgB,CAAC;MACzBC,OAAO,EAAE,uCAAuC;MAChD0B,MAAM,EAAEV,aAAa,CAACS,KAAK,CAACzB;IAC9B,CAAC,CAAC;EACJ;EAEAZ,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACC,KAAK,EACb,wBAAuBc,IAAI,CAACC,SAAS,CAACU,aAAa,CAACW,IAAI,CAAE,EAC7D,CAAC;;EAED;EACA,MAAMC,sBAAsB,GAC1BpE,UAAU,CAACqE,mCAAmC,CAAC5D,2BAA2B,CAAC;;EAE7E;EACA,OAAO;IACL6D,UAAU,EAAEd,aAAa,CAACW,IAAI,CAACI,WAAW,CAACC,EAAE,CAAC,CAAC,CAAC,CAAEF,UAAU;IAC5DG,MAAM,EAAEL,sBAAsB,CAAEK;EAClC,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AALA3E,OAAA,CAAAC,gBAAA,GAAAA,gBAAA;AAMA,MAAMgE,2BAA2B,GAAIW,CAAU,IAAK;EAClD9C,eAAM,CAACC,GAAG,CAACC,iBAAQ,CAACQ,KAAK,EAAG,8CAA6CoC,CAAE,EAAC,CAAC;EAE7E,IAAI,EAAEA,CAAC,YAAYC,iCAAyB,CAAC,EAAE;IAC7C,MAAMD,CAAC;EACT;EAEA,MAAM,IAAIE,4BAAoB,CAACC,2BAAmB,CAAC,CAChDC,MAAM,CAAC,GAAG,EAAE;IACX;IACA;IACAC,IAAI,EAAEC,gCAAwB,CAACC,+BAA+B;IAC9DzC,OAAO,EACL;EACJ,CAAC,CAAC,CACDsC,MAAM,CAAC,GAAG,EAAE;IACXC,IAAI,EAAEC,gCAAwB,CAACE,uBAAuB;IACtD1C,OAAO,EAAE;EACX,CAAC,CAAC,CACDsC,MAAM,CAAC,GAAG,EAAE;IACXC,IAAI,EAAEC,gCAAwB,CAACE,uBAAuB;IACtD1C,OAAO,EAAE;EACX,CAAC,CAAC,CACDsC,MAAM,CAAC,GAAG,EAAE;IACXC,IAAI,EAAEC,gCAAwB,CAACG,uBAAuB;IACtD3C,OAAO,EAAE;EACX,CAAC,CAAC,CACD4C,SAAS,CAACV,CAAC,CAAC;AACjB,CAAC"}

package/lib/commonjs/credential/issuance/v1.0.0/06-verify-and-parse-credential.js ADDED Viewed

@@ -0,0 +1,34 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.verifyAndParseCredential = void 0;
+var _errors = require("../../../utils/errors");
+var _logging = require("../../../utils/logging");
+var _verifyAndParseCredential = require("../common/06-verify-and-parse-credential.mdoc");
+var _verifyAndParseCredential2 = require("../common/06-verify-and-parse-credential.sdjwt");
+const verifyAndParseCredential = async (issuerConf, credential, credentialConfigurationId, context, x509CertRoot) => {
+  var _issuerConf$credentia;
+  const format = (_issuerConf$credentia = issuerConf.credential_configurations_supported[credentialConfigurationId]) === null || _issuerConf$credentia === void 0 ? void 0 : _issuerConf$credentia.format;
+  switch (format) {
+    case "dc+sd-jwt":
+      {
+        _logging.Logger.log(_logging.LogLevel.DEBUG, "Parsing credential in dc+sd-jwt format");
+        return (0, _verifyAndParseCredential2.verifyAndParseCredentialSdJwt)(issuerConf, credential, credentialConfigurationId, context);
+      }
+    case "mso_mdoc":
+      {
+        _logging.Logger.log(_logging.LogLevel.DEBUG, "Parsing credential in mso_mdoc format");
+        return (0, _verifyAndParseCredential.verifyAndParseCredentialMDoc)(issuerConf, credential, credentialConfigurationId, context, x509CertRoot);
+      }
+    default:
+      {
+        const message = `Unsupported credential format: ${format}`;
+        _logging.Logger.log(_logging.LogLevel.ERROR, message);
+        throw new _errors.IoWalletError(message);
+      }
+  }
+};
+exports.verifyAndParseCredential = verifyAndParseCredential;
+//# sourceMappingURL=06-verify-and-parse-credential.js.map

package/lib/commonjs/credential/issuance/v1.0.0/06-verify-and-parse-credential.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"names":["_errors","require","_logging","_verifyAndParseCredential","_verifyAndParseCredential2","verifyAndParseCredential","issuerConf","credential","credentialConfigurationId","context","x509CertRoot","_issuerConf$credentia","format","credential_configurations_supported","Logger","log","LogLevel","DEBUG","verifyAndParseCredentialSdJwt","verifyAndParseCredentialMDoc","message","ERROR","IoWalletError","exports"],"sourceRoot":"../../../../../src","sources":["credential/issuance/v1.0.0/06-verify-and-parse-credential.ts"],"mappings":";;;;;;AAAA,IAAAA,OAAA,GAAAC,OAAA;AACA,IAAAC,QAAA,GAAAD,OAAA;AACA,IAAAE,yBAAA,GAAAF,OAAA;AACA,IAAAG,0BAAA,GAAAH,OAAA;AAGO,MAAMI,wBAAiE,GAC5E,MAAAA,CACEC,UAAU,EACVC,UAAU,EACVC,yBAAyB,EACzBC,OAAO,EACPC,YAAY,KACT;EAAA,IAAAC,qBAAA;EACH,MAAMC,MAAM,IAAAD,qBAAA,GACVL,UAAU,CAACO,mCAAmC,CAACL,yBAAyB,CAAC,cAAAG,qBAAA,uBAAzEA,qBAAA,CACIC,MAAM;EAEZ,QAAQA,MAAM;IACZ,KAAK,WAAW;MAAE;QAChBE,eAAM,CAACC,GAAG,CAACC,iBAAQ,CAACC,KAAK,EAAE,wCAAwC,CAAC;QACpE,OAAO,IAAAC,wDAA6B,EAClCZ,UAAU,EACVC,UAAU,EACVC,yBAAyB,EACzBC,OACF,CAAC;MACH;IACA,KAAK,UAAU;MAAE;QACfK,eAAM,CAACC,GAAG,CAACC,iBAAQ,CAACC,KAAK,EAAE,uCAAuC,CAAC;QACnE,OAAO,IAAAE,sDAA4B,EACjCb,UAAU,EACVC,UAAU,EACVC,yBAAyB,EACzBC,OAAO,EACPC,YACF,CAAC;MACH;IAEA;MAAS;QACP,MAAMU,OAAO,GAAI,kCAAiCR,MAAO,EAAC;QAC1DE,eAAM,CAACC,GAAG,CAACC,iBAAQ,CAACK,KAAK,EAAED,OAAO,CAAC;QACnC,MAAM,IAAIE,qBAAa,CAACF,OAAO,CAAC;MAClC;EACF;AACF,CAAC;AAACG,OAAA,CAAAlB,wBAAA,GAAAA,wBAAA"}

package/lib/commonjs/credential/issuance/v1.0.0/index.js ADDED Viewed

@@ -0,0 +1,28 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.Issuance = void 0;
+var _evaluateIssuerTrust = require("./01-evaluate-issuer-trust");
+var _startUserAuthorization = require("./02-start-user-authorization");
+var _completeUserAuthorization = require("./03-complete-user-authorization");
+var _authorizeAccess = require("./04-authorize-access");
+var _obtainCredential = require("./05-obtain-credential");
+var _verifyAndParseCredential = require("./06-verify-and-parse-credential");
+var _mrtdPop = require("../mrtd-pop");
+const Issuance = {
+  evaluateIssuerTrust: _evaluateIssuerTrust.evaluateIssuerTrust,
+  startUserAuthorization: _startUserAuthorization.startUserAuthorization,
+  buildAuthorizationUrl: _completeUserAuthorization.buildAuthorizationUrl,
+  completeUserAuthorizationWithQueryMode: _completeUserAuthorization.completeUserAuthorizationWithQueryMode,
+  continueUserAuthorizationWithMRTDPoPChallenge: _completeUserAuthorization.continueUserAuthorizationWithMRTDPoPChallenge,
+  getRequestedCredentialToBePresented: _completeUserAuthorization.getRequestedCredentialToBePresented,
+  completeUserAuthorizationWithFormPostJwtMode: _completeUserAuthorization.completeUserAuthorizationWithFormPostJwtMode,
+  authorizeAccess: _authorizeAccess.authorizeAccess,
+  obtainCredential: _obtainCredential.obtainCredential,
+  verifyAndParseCredential: _verifyAndParseCredential.verifyAndParseCredential,
+  MRTDPoP: _mrtdPop.MRTDPoP
+};
+exports.Issuance = Issuance;
+//# sourceMappingURL=index.js.map

package/lib/commonjs/credential/issuance/v1.0.0/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"names":["_evaluateIssuerTrust","require","_startUserAuthorization","_completeUserAuthorization","_authorizeAccess","_obtainCredential","_verifyAndParseCredential","_mrtdPop","Issuance","evaluateIssuerTrust","startUserAuthorization","buildAuthorizationUrl","completeUserAuthorizationWithQueryMode","continueUserAuthorizationWithMRTDPoPChallenge","getRequestedCredentialToBePresented","completeUserAuthorizationWithFormPostJwtMode","authorizeAccess","obtainCredential","verifyAndParseCredential","MRTDPoP","exports"],"sourceRoot":"../../../../../src","sources":["credential/issuance/v1.0.0/index.ts"],"mappings":";;;;;;AACA,IAAAA,oBAAA,GAAAC,OAAA;AACA,IAAAC,uBAAA,GAAAD,OAAA;AACA,IAAAE,0BAAA,GAAAF,OAAA;AAOA,IAAAG,gBAAA,GAAAH,OAAA;AACA,IAAAI,iBAAA,GAAAJ,OAAA;AACA,IAAAK,yBAAA,GAAAL,OAAA;AACA,IAAAM,QAAA,GAAAN,OAAA;AAEO,MAAMO,QAAqB,GAAG;EACnCC,mBAAmB,EAAnBA,wCAAmB;EACnBC,sBAAsB,EAAtBA,8CAAsB;EACtBC,qBAAqB,EAArBA,gDAAqB;EACrBC,sCAAsC,EAAtCA,iEAAsC;EACtCC,6CAA6C,EAA7CA,wEAA6C;EAC7CC,mCAAmC,EAAnCA,8DAAmC;EACnCC,4CAA4C,EAA5CA,uEAA4C;EAC5CC,eAAe,EAAfA,gCAAe;EACfC,gBAAgB,EAAhBA,kCAAgB;EAChBC,wBAAwB,EAAxBA,kDAAwB;EACxBC,OAAO,EAAPA;AACF,CAAC;AAACC,OAAA,CAAAZ,QAAA,GAAAA,QAAA"}

package/lib/commonjs/credential/issuance/v1.0.0/mappers.js ADDED Viewed

@@ -0,0 +1,28 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.mapToIssuerConfig = void 0;
+var _mappers = require("../../../utils/mappers");
+const mapToIssuerConfig = (0, _mappers.createMapper)(x => {
+  const {
+    oauth_authorization_server,
+    openid_credential_issuer,
+    federation_entity
+  } = x.payload.metadata;
+  return {
+    authorization_endpoint: oauth_authorization_server.authorization_endpoint,
+    credential_endpoint: openid_credential_issuer.credential_endpoint,
+    credential_issuer: openid_credential_issuer.credential_issuer,
+    credential_configurations_supported: openid_credential_issuer.credential_configurations_supported,
+    keys: openid_credential_issuer.jwks.keys,
+    pushed_authorization_request_endpoint: oauth_authorization_server.pushed_authorization_request_endpoint,
+    token_endpoint: oauth_authorization_server.token_endpoint,
+    status_assertion_endpoint: openid_credential_issuer.status_attestation_endpoint,
+    nonce_endpoint: openid_credential_issuer.nonce_endpoint,
+    federation_entity
+  };
+});
+exports.mapToIssuerConfig = mapToIssuerConfig;
+//# sourceMappingURL=mappers.js.map

package/lib/commonjs/credential/issuance/v1.0.0/mappers.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"names":["_mappers","require","mapToIssuerConfig","createMapper","x","oauth_authorization_server","openid_credential_issuer","federation_entity","payload","metadata","authorization_endpoint","credential_endpoint","credential_issuer","credential_configurations_supported","keys","jwks","pushed_authorization_request_endpoint","token_endpoint","status_assertion_endpoint","status_attestation_endpoint","nonce_endpoint","exports"],"sourceRoot":"../../../../../src","sources":["credential/issuance/v1.0.0/mappers.ts"],"mappings":";;;;;;AACA,IAAAA,QAAA,GAAAC,OAAA;AAGO,MAAMC,iBAAiB,GAAG,IAAAC,qBAAY,EAG1CC,CAAC,IAAK;EACP,MAAM;IACJC,0BAA0B;IAC1BC,wBAAwB;IACxBC;EACF,CAAC,GAAGH,CAAC,CAACI,OAAO,CAACC,QAAQ;EACtB,OAAO;IACLC,sBAAsB,EAAEL,0BAA0B,CAACK,sBAAsB;IACzEC,mBAAmB,EAAEL,wBAAwB,CAACK,mBAAmB;IACjEC,iBAAiB,EAAEN,wBAAwB,CAACM,iBAAiB;IAC7DC,mCAAmC,EACjCP,wBAAwB,CAACO,mCAAmC;IAC9DC,IAAI,EAAER,wBAAwB,CAACS,IAAI,CAACD,IAAI;IACxCE,qCAAqC,EACnCX,0BAA0B,CAACW,qCAAqC;IAClEC,cAAc,EAAEZ,0BAA0B,CAACY,cAAc;IACzDC,yBAAyB,EACvBZ,wBAAwB,CAACa,2BAA2B;IACtDC,cAAc,EAAEd,wBAAwB,CAACc,cAAc;IACvDb;EACF,CAAC;AACH,CAAC,CAAC;AAACc,OAAA,CAAAnB,iBAAA,GAAAA,iBAAA"}

package/lib/commonjs/credential/issuance/v1.0.0/types.js ADDED Viewed

@@ -0,0 +1,44 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+Object.defineProperty(exports, "AuthorizationDetail", {
+  enumerable: true,
+  get: function () {
+    return _types.AuthorizationDetail;
+  }
+});
+exports.ResponseUriResultShape = exports.NonceResponse = exports.CredentialResponse = void 0;
+Object.defineProperty(exports, "TokenResponse", {
+  enumerable: true,
+  get: function () {
+    return _types.TokenResponse;
+  }
+});
+var z = _interopRequireWildcard(require("zod"));
+var _types = require("../api/types");
+function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
+function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
+// Reusing the following API types because they are the same in v1.0.0
+const CredentialResponse = z.object({
+  credentials: z.array(z.object({
+    credential: z.string()
+  })),
+  notification_id: z.string().optional()
+});
+/**
+ * Shape from parsing a response given by a request uri during the EAA credential issuance flow with response mode "form_post.jwt".
+ */
+exports.CredentialResponse = CredentialResponse;
+const ResponseUriResultShape = z.object({
+  redirect_uri: z.string()
+});
+exports.ResponseUriResultShape = ResponseUriResultShape;
+const NonceResponse = z.object({
+  c_nonce: z.string()
+});
+exports.NonceResponse = NonceResponse;
+//# sourceMappingURL=types.js.map

package/lib/commonjs/credential/issuance/v1.0.0/types.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"names":["z","_interopRequireWildcard","require","_types","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","CredentialResponse","object","credentials","array","credential","string","notification_id","optional","exports","ResponseUriResultShape","redirect_uri","NonceResponse","c_nonce"],"sourceRoot":"../../../../../src","sources":["credential/issuance/v1.0.0/types.ts"],"mappings":";;;;;;;;;;;;;;;;;;AAAA,IAAAA,CAAA,GAAAC,uBAAA,CAAAC,OAAA;AACA,IAAAC,MAAA,GAAAD,OAAA;AAAkE,SAAAE,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAJ,wBAAAQ,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAElE;;AAKO,MAAMW,kBAAkB,GAAG1B,CAAC,CAAC2B,MAAM,CAAC;EACzCC,WAAW,EAAE5B,CAAC,CAAC6B,KAAK,CAClB7B,CAAC,CAAC2B,MAAM,CAAC;IACPG,UAAU,EAAE9B,CAAC,CAAC+B,MAAM,CAAC;EACvB,CAAC,CACH,CAAC;EACDC,eAAe,EAAEhC,CAAC,CAAC+B,MAAM,CAAC,CAAC,CAACE,QAAQ,CAAC;AACvC,CAAC,CAAC;;AAEF;AACA;AACA;AAFAC,OAAA,CAAAR,kBAAA,GAAAA,kBAAA;AAGO,MAAMS,sBAAsB,GAAGnC,CAAC,CAAC2B,MAAM,CAAC;EAC7CS,YAAY,EAAEpC,CAAC,CAAC+B,MAAM,CAAC;AACzB,CAAC,CAAC;AAACG,OAAA,CAAAC,sBAAA,GAAAA,sBAAA;AAGI,MAAME,aAAa,GAAGrC,CAAC,CAAC2B,MAAM,CAAC;EACpCW,OAAO,EAAEtC,CAAC,CAAC+B,MAAM,CAAC;AACpB,CAAC,CAAC;AAACG,OAAA,CAAAG,aAAA,GAAAA,aAAA"}