npm - @pagopa/io-react-native-wallet - Versions diffs - 2.5.1 → 3.0.0 - Mend

@pagopa/io-react-native-wallet 2.5.1 → 3.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (1551) hide show

package/lib/commonjs/credential/issuance/index.js CHANGED Viewed

@@ -3,83 +3,23 @@
 Object.defineProperty(exports, "__esModule", {
   value: true
 });
-exports.MRTDPoP = exports.Errors = void 0;
-Object.defineProperty(exports, "authorizeAccess", {
+exports.Errors = void 0;
+Object.defineProperty(exports, "V1_0_0", {
   enumerable: true,
   get: function () {
-    return _authorizeAccess.authorizeAccess;
+    return _v.Issuance;
   }
 });
-Object.defineProperty(exports, "buildAuthorizationUrl", {
+Object.defineProperty(exports, "V1_3_3", {
   enumerable: true,
   get: function () {
-    return _completeUserAuthorization.buildAuthorizationUrl;
+    return _v2.Issuance;
   }
 });
-Object.defineProperty(exports, "completeUserAuthorizationWithFormPostJwtMode", {
-  enumerable: true,
-  get: function () {
-    return _completeUserAuthorization.completeUserAuthorizationWithFormPostJwtMode;
-  }
-});
-Object.defineProperty(exports, "completeUserAuthorizationWithQueryMode", {
-  enumerable: true,
-  get: function () {
-    return _completeUserAuthorization.completeUserAuthorizationWithQueryMode;
-  }
-});
-Object.defineProperty(exports, "continueUserAuthorizationWithMRTDPoPChallenge", {
-  enumerable: true,
-  get: function () {
-    return _completeUserAuthorization.continueUserAuthorizationWithMRTDPoPChallenge;
-  }
-});
-Object.defineProperty(exports, "evaluateIssuerTrust", {
-  enumerable: true,
-  get: function () {
-    return _evaluateIssuerTrust.evaluateIssuerTrust;
-  }
-});
-Object.defineProperty(exports, "getRequestedCredentialToBePresented", {
-  enumerable: true,
-  get: function () {
-    return _completeUserAuthorization.getRequestedCredentialToBePresented;
-  }
-});
-Object.defineProperty(exports, "obtainCredential", {
-  enumerable: true,
-  get: function () {
-    return _obtainCredential.obtainCredential;
-  }
-});
-Object.defineProperty(exports, "parseAuthorizationResponse", {
-  enumerable: true,
-  get: function () {
-    return _completeUserAuthorization.parseAuthorizationResponse;
-  }
-});
-Object.defineProperty(exports, "startUserAuthorization", {
-  enumerable: true,
-  get: function () {
-    return _startUserAuthorization.startUserAuthorization;
-  }
-});
-Object.defineProperty(exports, "verifyAndParseCredential", {
-  enumerable: true,
-  get: function () {
-    return _verifyAndParseCredential.verifyAndParseCredential;
-  }
-});
-var _evaluateIssuerTrust = require("./02-evaluate-issuer-trust");
-var _startUserAuthorization = require("./03-start-user-authorization");
-var _completeUserAuthorization = require("./04-complete-user-authorization");
-var _authorizeAccess = require("./05-authorize-access");
-var _obtainCredential = require("./06-obtain-credential");
-var _verifyAndParseCredential = require("./07-verify-and-parse-credential");
-var Errors = _interopRequireWildcard(require("./errors"));
+var Errors = _interopRequireWildcard(require("./common/errors"));
 exports.Errors = Errors;
-var MRTDPoP = _interopRequireWildcard(require("./mrtd-pop"));
-exports.MRTDPoP = MRTDPoP;
+var _v = require("./v1.0.0");
+var _v2 = require("./v1.3.3");
 function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
 function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
 //# sourceMappingURL=index.js.map

package/lib/commonjs/credential/issuance/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"names":["~~_evaluateIssuerTrust~~","~~require~~","~~_startUserAuthorization~~","~~_completeUserAuthorization~~","~~_authorizeAccess~~","~~_obtainCredential~~","~~_verifyAndParseCredential","Errors","_interopRequireWildcard","exports","MRTDPoP","~~_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set"],"sourceRoot":"../../../../src","sources":["credential/issuance/index.ts"],"mappings":"~~;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AACA~~,IAAAA,~~oBAAA,GAAAC,OAAA;AAIA,IAAAC,uBAAA,GAAAD,OAAA;AAIA,IAAAE,0BAAA,GAAAF,OAAA;AAaA,IAAAG,gBAAA,GAAAH,OAAA;AACA,IAAAI,iBAAA,GAAAJ,OAAA;AAIA,IAAAK,yBAAA,GAAAL,OAAA;AAIA,IAAAM,~~MAAA,GAAAC,uBAAA,~~CAAAP~~,OAAA;~~AAAmCQ~~,OAAA,~~CAAAF~~,MAAA,GAAAA,MAAA;~~AACnC~~,~~IAAAG~~,~~OAAA~~,GAAAF,~~uBAAA,CAAAP,~~OAAA;~~AAAsCQ~~,~~OAAA~~,~~CAAAC~~,~~OAAA~~,~~GAAAA,~~OAAA;~~AAAA~~,~~SAAAC~~,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,~~SAAAJ~~,~~wBAAAQ~~,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA"}
1	+ {"version":3,"names":["Errors","_interopRequireWildcard","require","exports","_v","_v2","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set"],"sourceRoot":"../../../../src","sources":["credential/issuance/index.ts"],"mappings":";;;;;;;;;;;;;;;;;;AAAA,IAAAA,MAAA,GAAAC,uBAAA,CAAAC,OAAA;AAA0CC,OAAA,CAAAH,MAAA,GAAAA,MAAA;AAG1C,IAAAI,EAAA,GAAAF,OAAA;AACA,IAAAG,GAAA,GAAAH,OAAA;AAA8C,SAAAI,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAN,wBAAAU,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA"}

package/lib/commonjs/credential/issuance/mrtd-pop/01-verify-and-parse-challenge-info.js CHANGED Viewed

@@ -4,54 +4,25 @@ Object.defineProperty(exports, "__esModule", {
   value: true
 });
 exports.verifyAndParseChallengeInfo = void 0;
-var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
-var _types = require("./types");
+var _ioWalletOauth = require("@pagopa/io-wallet-oauth2");
 var _errors = require("../../../utils/errors");
-/**
- * Verifies and parses the payload of a MRTD Proof Challenge Info JWT obtained after the primary authentication.
- *
- * This function performs the following steps:
- * 1. Validates the JWT signature using the issuer's JWKS.
- * 2. Decodes the JWT and parses its structure according to the {@link MrtdProofChallengeInfo} schema.
- * 3. Verifies that the `aud` claim matches the client's public key ID.
- * 4. Checks that the JWT is not expired and was not issued in the future.
- *
- * @param issuerConf - The issuer configuration containing the JWKS for signature verification.
- * @param challengeInfoJwt - The JWT string representing the MRTD Proof Challenge Info.
- * @param context - The context containing the WIA crypto context used to retrieve the client public key.
- * @returns The parsed payload of the MRTD Proof Challenge Info JWT.
- * @throws {Error} If the JWT signature is invalid, the structure is malformed, the `aud` claim does not match,
- * or the JWT is expired/not yet valid.
- */
+var _callbacks = require("../../../utils/callbacks");
 const verifyAndParseChallengeInfo = async (issuerConf, challengeInfoJwt, _ref) => {
   let {
     wiaCryptoContext
   } = _ref;
-  // Verify JWT signature
-  await (0, _ioReactNativeJwt.verify)(challengeInfoJwt, issuerConf.oauth_authorization_server.jwks.keys);
-  // Decode JWT
-  const challengeInfoDecoded = (0, _ioReactNativeJwt.decode)(challengeInfoJwt);
-  // Parse and validate structure
-  const challengeInfoParsed = _types.MrtdProofChallengeInfo.safeParse(challengeInfoDecoded);
-  if (!challengeInfoParsed.success) {
-    throw new _errors.IoWalletError("Malformed challenge info.");
-  }
-  const payload = challengeInfoParsed.data.payload;
-  // Verify aud claim
-  const clientId = await wiaCryptoContext.getPublicKey().then(_ => _.kid);
-  if (payload.aud !== clientId) {
-    throw new _errors.IoWalletError("aud claim does not match client_id.");
-  }
-  // Verify iat and exp
-  const now = Math.floor(Date.now() / 1000);
-  if (payload.iat > now || payload.exp < now) {
-    throw new _errors.IoWalletError("JWT is not valid (issued in future or expired).");
+  const clientId = await wiaCryptoContext.getPublicKey().then(x => x.kid);
+  if (!clientId) {
+    throw new _errors.IoWalletError("Could not extract client_id from Wallet Attestation");
   }
-  return payload;
+  const verified = await (0, _ioWalletOauth.verifyMrtdChallenge)({
+    challengeJwt: challengeInfoJwt,
+    clientId,
+    callbacks: {
+      verifyJwt: (0, _callbacks.createVerifyJwtFromJwks)(issuerConf.keys)
+    }
+  });
+  return verified.payload;
 };
 exports.verifyAndParseChallengeInfo = verifyAndParseChallengeInfo;
 //# sourceMappingURL=01-verify-and-parse-challenge-info.js.map

package/lib/commonjs/credential/issuance/mrtd-pop/01-verify-and-parse-challenge-info.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"names":["~~_ioReactNativeJwt~~","require","~~_types~~","~~_errors~~","verifyAndParseChallengeInfo","issuerConf","challengeInfoJwt","_ref","wiaCryptoContext","~~verifyJwt~~","~~oauth_authorization_server~~","~~jwks~~","~~keys~~","~~challengeInfoDecoded~~","~~decodeJwt","challengeInfoParsed","MrtdProofChallengeInfo","safeParse","success","~~IoWalletError","~~payload~~","~~data~~","~~clientId~~","~~getPublicKey~~","~~then~~","_","~~kid~~","~~aud~~","~~now","Math","floor","Date","iat","exp","~~exports"],"sourceRoot":"../../../../../src","sources":["credential/issuance/mrtd-pop/01-verify-and-parse-challenge-info.ts"],"mappings":";;;;;;AAAA,IAAAA,~~iBAAA~~,GAAAC,OAAA;~~AAKA~~,IAAAC,~~MAAA~~,GAAAD,OAAA;~~AAGA~~,IAAAE,~~OAAA~~,GAAAF,OAAA;~~AAUA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO~~,MAAMG,~~2BAAwD~~,~~GAAG~~,MAAAA,~~CACtEC~~,UAAU,~~EACVC~~,~~gBAAwB~~,EAAAC,IAAA,~~KAErB~~;EAAA,~~IADH~~;IAAEC;EAAiB,CAAC,GAAAD,IAAA;~~EAEpB;EACA~~,MAAM,IAAAE,wBAAS,EACbH,gBAAgB,EAChBD,UAAU,CAACK,0BAA0B,CAACC,IAAI,CAACC,IAC7C,CAAC;;EAED;EACA,MAAMC,oBAAoB,GAAG,IAAAC,wBAAS,EAACR,gBAAgB,CAAC;;EAExD;EACA,MAAMS,mBAAmB,GACvBC,6BAAsB,CAACC,SAAS,CAACJ,oBAAoB,CAAC;EACxD,IAAI,CAACE,mBAAmB,CAACG,OAAO,EAAE;IAChC,MAAM,IAAIC,qBAAa,CAAC,2BAA2B,CAAC;EACtD;EACA,MAAMC,OAAO,GAAGL,mBAAmB,CAACM,IAAI,CAACD,OAAO;;EAEhD;EACA,MAAME,QAAQ,GAAG,~~MAAMd~~,gBAAgB,~~CAACe~~,YAAY,CAAC,CAAC,CAACC,IAAI,CAAEC,CAAC,IAAKA,CAAC,CAACC,GAAG,CAAC;~~EACzE~~,~~IAAIN~~,~~OAAO~~,~~CAACO,GAAG,KAAKL,~~QAAQ,EAAE;~~IAC5B~~,MAAM,~~IAAIH~~,qBAAa,~~CAAC~~,~~qCAAqC~~,CAAC;~~EAChE;;~~EAEA~~;EACA~~,~~MAAMS~~,GAAG,~~GAAGC~~,~~IAAI~~,~~CAACC~~,~~KAAK~~,~~CAACC~~,~~IAAI~~,~~CAACH~~,~~GAAG~~,~~CAAC~~,~~CAAC,GAAG,IAAI,CAAC~~;~~EACzC~~,~~IAAIR~~,~~OAAO~~,~~CAACY~~,~~GAAG~~,~~GAAGJ~~,~~GAAG~~,~~IAAIR~~,~~OAAO,CAACa,GAAG,GAAGL,GAAG,EAAE~~;~~IAC1C~~,~~MAAM,IAAIT,qBAAa,~~CAAC,~~iDAAiD,~~CAAC;~~EAC5E;EAEA~~,~~OAAOC~~,OAAO;~~AAChB~~,CAAC;~~AAACc~~,OAAA,~~CAAA9B~~,2BAAA,GAAAA,2BAAA"}
1	+ {"version":3,"names":["_ioWalletOauth","require","_errors","_callbacks","verifyAndParseChallengeInfo","issuerConf","challengeInfoJwt","_ref","wiaCryptoContext","clientId","getPublicKey","then","x","kid","IoWalletError","verified","verifyMrtdChallenge","challengeJwt","callbacks","verifyJwt","createVerifyJwtFromJwks","keys","payload","exports"],"sourceRoot":"../../../../../src","sources":["credential/issuance/mrtd-pop/01-verify-and-parse-challenge-info.ts"],"mappings":";;;;;;AAAA,IAAAA,cAAA,GAAAC,OAAA;AACA,IAAAC,OAAA,GAAAD,OAAA;AACA,IAAAE,UAAA,GAAAF,OAAA;AAGO,MAAMG,2BAAsE,GACjF,MAAAA,CAAOC,UAAU,EAAEC,gBAAgB,EAAAC,IAAA,KAA2B;EAAA,IAAzB;IAAEC;EAAiB,CAAC,GAAAD,IAAA;EACvD,MAAME,QAAQ,GAAG,MAAMD,gBAAgB,CAACE,YAAY,CAAC,CAAC,CAACC,IAAI,CAAEC,CAAC,IAAKA,CAAC,CAACC,GAAG,CAAC;EAEzE,IAAI,CAACJ,QAAQ,EAAE;IACb,MAAM,IAAIK,qBAAa,CACrB,qDACF,CAAC;EACH;EAEA,MAAMC,QAAQ,GAAG,MAAM,IAAAC,kCAAmB,EAAC;IACzCC,YAAY,EAAEX,gBAAgB;IAC9BG,QAAQ;IACRS,SAAS,EAAE;MACTC,SAAS,EAAE,IAAAC,kCAAuB,EAACf,UAAU,CAACgB,IAAI;IACpD;EACF,CAAC,CAAC;EAEF,OAAON,QAAQ,CAACO,OAAO;AACzB,CAAC;AAACC,OAAA,CAAAnB,2BAAA,GAAAA,2BAAA"}

package/lib/commonjs/credential/issuance/mrtd-pop/02-init-challenge.js CHANGED Viewed

@@ -4,64 +4,52 @@ Object.defineProperty(exports, "__esModule", {
   value: true
 });
 exports.initChallenge = void 0;
-var _misc = require("../../../utils/misc");
 var _uuid = require("uuid");
+var _ioWalletOauth = require("@pagopa/io-wallet-oauth2");
+var _ioWalletUtils = require("@pagopa/io-wallet-utils");
 var _pop = require("../../../utils/pop");
 var _logging = require("../../../utils/logging");
-var WalletInstanceAttestation = _interopRequireWildcard(require("../../../wallet-instance-attestation"));
+var WalletInstanceAttestation = _interopRequireWildcard(require("../../../wallet-instance-attestation/v1.0.0/utils"));
 var _errors = require("../../../utils/errors");
-var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
-var _types = require("./types");
+var _callbacks = require("../../../utils/callbacks");
 function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
 function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
-/**
- * Initialaizes the MRTD challenge with the data received from the issuer after the primary authentication.
- * This function must be called after {@link verifyAndParseChallengeInfo}.
- *
- * @param issuerConf - The issuer configuration containing the JWKS for signature verification.
- * @param initUrl - The endpoint to call to initialize the challenge.
- * @param mrtd_auth_session - Session identifier for session binding obtained from the MRTD Proof JWT.
- * @param mrtd_pop_jwt_nonce - Nonce value obtained from the MRTD Proof JWT.
- * @param context - The context containing the WIA crypto context used to retrieve the client public key,
- * the wallet instance attestation and an optional fetch implementation.
- * @returns The payload of the MRTD PoP Challenge JWT.
- */
+// TODO: decouple from version 1.0.0
 const initChallenge = async (issuerConf, initUrl, mrtd_auth_session, mrtd_pop_jwt_nonce, context) => {
   const {
     appFetch = fetch,
     walletInstanceAttestation,
     wiaCryptoContext
   } = context;
-  const aud = issuerConf.openid_credential_issuer.credential_issuer;
   const iss = WalletInstanceAttestation.decode(walletInstanceAttestation).payload.cnf.jwk.kid;
   const signedWiaPoP = await (0, _pop.createPopToken)({
-    jti: `${(0, _uuid.v4)()}`,
-    aud,
+    jti: (0, _uuid.v4)(),
+    aud: issuerConf.credential_issuer,
     iss
   }, wiaCryptoContext);
-  const requestBody = {
-    mrtd_auth_session,
-    mrtd_pop_jwt_nonce
+  const initResult = await (0, _ioWalletOauth.fetchMrtdPopInit)({
+    popInitEndpoint: initUrl,
+    mrtdAuthSession: mrtd_auth_session,
+    mrtdPopJwtNonce: mrtd_pop_jwt_nonce,
+    walletAttestation: walletInstanceAttestation,
+    clientAttestationDPoP: signedWiaPoP,
+    callbacks: {
+      verifyJwt: (0, _callbacks.createVerifyJwtFromJwks)(issuerConf.keys),
+      fetch: appFetch
+    }
+  }).catch(handleInitChallengeError);
+  return {
+    challenge: initResult.challenge,
+    mrtd_pop_nonce: initResult.mrtdPopNonce,
+    pop_verify_endpoint: initResult.popVerifyEndpoint,
+    mrz: initResult.mrz
   };
-  const mrtdPoPChallengeJwt = await appFetch(initUrl, {
-    method: "POST",
-    headers: {
-      "Content-Type": "application/json",
-      "OAuth-Client-Attestation": walletInstanceAttestation,
-      "OAuth-Client-Attestation-PoP": signedWiaPoP
-    },
-    body: JSON.stringify(requestBody)
-  }).then((0, _misc.hasStatusOrThrow)(202)).then(res => res.text()).catch(handleInitChallengeError);
-  const mrtdPoPChallengeDecoded = (0, _ioReactNativeJwt.decode)(mrtdPoPChallengeJwt);
-  const {
-    payload
-  } = _types.MrtdPoPChallenge.parse(mrtdPoPChallengeDecoded);
-  return payload;
 };
 exports.initChallenge = initChallenge;
 const handleInitChallengeError = e => {
   _logging.Logger.log(_logging.LogLevel.ERROR, `Failed to get MRTD challenge: ${e}`);
-  if (!(e instanceof _errors.UnexpectedStatusCodeError)) {
+  if (!(e instanceof _ioWalletUtils.UnexpectedStatusCodeError)) {
     throw e;
   }
   throw new _errors.ResponseErrorBuilder(_errors.IssuerResponseError).handle("*", {

package/lib/commonjs/credential/issuance/mrtd-pop/02-init-challenge.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"names":["~~_misc~~","require","~~_uuid~~","_pop","_logging","WalletInstanceAttestation","_interopRequireWildcard","_errors","~~_ioReactNativeJwt~~","~~_types","~~_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","initChallenge","issuerConf","initUrl","mrtd_auth_session","mrtd_pop_jwt_nonce","context","appFetch","fetch","walletInstanceAttestation","wiaCryptoContext","~~aud","openid_credential_issuer","credential_issuer","~~iss","decode","payload","cnf","jwk","kid","signedWiaPoP","createPopToken","jti","uuidv4","~~requestBody~~","~~mrtdPoPChallengeJwt~~","~~method~~","~~headers~~","~~body~~","~~JSON~~","~~stringify~~","~~then~~","~~hasStatusOrThrow~~","~~res~~","~~text~~","catch","handleInitChallengeError","~~mrtdPoPChallengeDecoded~~","~~decodeJwt~~","~~MrtdPoPChallenge~~","~~parse~~","exports","e","Logger","log","LogLevel","ERROR","~~UnexpectedStatusCodeError~~","ResponseErrorBuilder","IssuerResponseError","handle","code","IssuerResponseErrorCodes","MrtdChallengeInitRequestFailed","message","buildFrom"],"sourceRoot":"../../../../../src","sources":["credential/issuance/mrtd-pop/02-init-challenge.ts"],"mappings":";;;;;;AAAA,IAAAA,KAAA,GAAAC,OAAA;~~AAEA~~,IAAAC,~~KAAA~~,GAAAD,OAAA;AACA,IAAAE,~~IAAA~~,GAAAF,OAAA;AACA,IAAAG,~~QAAA~~,GAAAH,OAAA;AACA,IAAAI,~~yBAAA~~,~~GAAAC~~,~~uBAAA,CAAAL,~~OAAA;~~AAEA~~,~~IAAAM~~,~~OAAA~~,~~GAAAN~~,OAAA;~~AAMA~~,IAAAO,~~iBAAA~~,GAAAP,OAAA;~~AACA~~,IAAAQ,~~MAAA~~,GAAAR,OAAA;~~AAA2C~~,SAAAS,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,~~SAAAL~~,~~wBAAAS~~,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;~~AAc3C;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO~~,MAAMW,~~aAA4B~~,GAAG,MAAAA,~~CAC1CC~~,UAAU,EACVC,OAAO,EACPC,iBAAiB,EACjBC,kBAAkB,EAClBC,OAAO,KACJ;EACH,MAAM;IACJC,QAAQ,GAAGC,KAAK;IAChBC,yBAAyB;IACzBC;EACF,CAAC,GAAGJ,OAAO;EAEX,MAAMK,GAAG,~~GAAGT~~,~~UAAU,CAACU,wBAAwB,CAACC,iBAAiB;EACjE,MAAMC,GAAG,GAAGxC,~~yBAAyB,~~CAACyC~~,MAAM,~~CAACN~~,yBAAyB,CAAC,~~CACpEO~~,OAAO,CAACC,GAAG,CAACC,GAAG,CAACC,GAAG;EAEtB,MAAMC,YAAY,GAAG,MAAM,IAAAC,mBAAc,EACvC;IACEC,GAAG,~~EAAG~~,~~GAAE,~~IAAAC,QAAM,EAAC,~~CAAE,EAAC~~;~~IAClBZ~~,GAAG;~~IACHG~~;EACF,CAAC,~~EACDJ~~,gBACF,CAAC;EAED,~~MAAMc~~,~~WAAW~~,GAAG~~;IAClBpB~~,~~iBAAiB;IACjBC;EACF~~,~~CAAC~~;~~EAED~~,~~MAAMoB~~,~~mBAAmB~~,~~GAAG,MAAMlB,QAAQ,CAACJ,~~OAAO~~,EAAE~~;~~IAClDuB~~,~~MAAM~~,~~EAAE~~,~~MAAM~~;~~IACdC~~,~~OAAO~~,~~EAAE;MACP~~,~~cAAc,EAAE,~~kBAAkB;~~MAClC~~,~~0BAA0B~~,~~EAAElB~~,yBAAyB;~~MACrD~~,~~8BAA8B~~,~~EAAEW;IAClC~~,~~CAAC~~;~~IACDQ~~,~~IAAI,EAAEC,IAAI,CAACC,~~SAAS,~~CAACN,WAAW~~;~~EAClC~~,~~CAAC~~,~~CAAC~~,~~CACCO,IAAI,CAAC,~~IAAAC,~~sBAAgB~~,~~EAAC~~,~~GAAG~~,CAAC,~~CAAC,CAC3BD,~~IAAI,~~CAAEE~~,~~GAAG~~,~~IAAKA~~,~~GAAG,CAACC,IAAI,~~CAAC,CAAC,~~CAAC~~,~~CACzBC,~~KAAK,CAACC,wBAAwB,CAAC;EAElC,~~MAAMC~~,~~uBAAuB~~,~~GAAG~~,~~IAAAC~~,~~wBAAS~~,~~EAACb~~,~~mBAAmB~~,~~CAAC;EAC9D~~,~~MAAM~~;~~IAAET;EAAQ~~,~~CAAC~~,~~GAAGuB~~,~~uBAAgB~~,~~CAACC~~,~~KAAK~~,~~CAACH~~,~~uBAAuB~~,~~CAAC~~;~~EAEnE~~,~~OAAOrB,OAAO~~;~~AAChB~~,CAAC;~~AAACyB~~,OAAA,~~CAAAxC~~,aAAA,GAAAA,aAAA;AAEF,~~MAAMmC~~,wBAAwB,~~GAAIM~~,CAAU,IAAK;EAC/CC,eAAM,CAACC,GAAG,CAACC,iBAAQ,CAACC,KAAK,EAAG,iCAAgCJ,CAAE,EAAC,CAAC;EAEhE,IAAI,EAAEA,CAAC,YAAYK,~~iCAAyB~~,CAAC,EAAE;~~IAC7C~~,MAAML,CAAC;EACT;EAEA,MAAM,IAAIM,4BAAoB,CAACC,2BAAmB,CAAC,CAChDC,MAAM,CAAC,GAAG,EAAE;IACXC,IAAI,EAAEC,gCAAwB,CAACC,8BAA8B;IAC7DC,OAAO,EAAE;EACX,CAAC,CAAC,CACDC,SAAS,CAACb,CAAC,CAAC;AACjB,CAAC"}
1	+ {"version":3,"names":["_uuid","require","_ioWalletOauth","_ioWalletUtils","_pop","_logging","WalletInstanceAttestation","_interopRequireWildcard","_errors","_callbacks","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","initChallenge","issuerConf","initUrl","mrtd_auth_session","mrtd_pop_jwt_nonce","context","appFetch","fetch","walletInstanceAttestation","wiaCryptoContext","iss","decode","payload","cnf","jwk","kid","signedWiaPoP","createPopToken","jti","uuidv4","aud","credential_issuer","initResult","fetchMrtdPopInit","popInitEndpoint","mrtdAuthSession","mrtdPopJwtNonce","walletAttestation","clientAttestationDPoP","callbacks","verifyJwt","createVerifyJwtFromJwks","keys","catch","handleInitChallengeError","challenge","mrtd_pop_nonce","mrtdPopNonce","pop_verify_endpoint","popVerifyEndpoint","mrz","exports","e","Logger","log","LogLevel","ERROR","SdkUnexpectedStatusCodeError","ResponseErrorBuilder","IssuerResponseError","handle","code","IssuerResponseErrorCodes","MrtdChallengeInitRequestFailed","message","buildFrom"],"sourceRoot":"../../../../../src","sources":["credential/issuance/mrtd-pop/02-init-challenge.ts"],"mappings":";;;;;;AAAA,IAAAA,KAAA,GAAAC,OAAA;AACA,IAAAC,cAAA,GAAAD,OAAA;AACA,IAAAE,cAAA,GAAAF,OAAA;AACA,IAAAG,IAAA,GAAAH,OAAA;AACA,IAAAI,QAAA,GAAAJ,OAAA;AACA,IAAAK,yBAAA,GAAAC,uBAAA,CAAAN,OAAA;AACA,IAAAO,OAAA,GAAAP,OAAA;AAMA,IAAAQ,UAAA,GAAAR,OAAA;AAAmE,SAAAS,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAJ,wBAAAQ,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAP6B;;AASzF,MAAMW,aAA0C,GAAG,MAAAA,CACxDC,UAAU,EACVC,OAAO,EACPC,iBAAiB,EACjBC,kBAAkB,EAClBC,OAAO,KACJ;EACH,MAAM;IACJC,QAAQ,GAAGC,KAAK;IAChBC,yBAAyB;IACzBC;EACF,CAAC,GAAGJ,OAAO;EAEX,MAAMK,GAAG,GAAGpC,yBAAyB,CAACqC,MAAM,CAACH,yBAAyB,CAAC,CACpEI,OAAO,CAACC,GAAG,CAACC,GAAG,CAACC,GAAG;EAEtB,MAAMC,YAAY,GAAG,MAAM,IAAAC,mBAAc,EACvC;IACEC,GAAG,EAAE,IAAAC,QAAM,EAAC,CAAC;IACbC,GAAG,EAAEnB,UAAU,CAACoB,iBAAiB;IACjCX;EACF,CAAC,EACDD,gBACF,CAAC;EAED,MAAMa,UAAU,GAAG,MAAM,IAAAC,+BAAgB,EAAC;IACxCC,eAAe,EAAEtB,OAAO;IACxBuB,eAAe,EAAEtB,iBAAiB;IAClCuB,eAAe,EAAEtB,kBAAkB;IACnCuB,iBAAiB,EAAEnB,yBAAyB;IAC5CoB,qBAAqB,EAAEZ,YAAY;IACnCa,SAAS,EAAE;MACTC,SAAS,EAAE,IAAAC,kCAAuB,EAAC9B,UAAU,CAAC+B,IAAI,CAAC;MACnDzB,KAAK,EAAED;IACT;EACF,CAAC,CAAC,CAAC2B,KAAK,CAACC,wBAAwB,CAAC;EAElC,OAAO;IACLC,SAAS,EAAEb,UAAU,CAACa,SAAS;IAC/BC,cAAc,EAAEd,UAAU,CAACe,YAAY;IACvCC,mBAAmB,EAAEhB,UAAU,CAACiB,iBAAiB;IACjDC,GAAG,EAAElB,UAAU,CAACkB;EAClB,CAAC;AACH,CAAC;AAACC,OAAA,CAAAzC,aAAA,GAAAA,aAAA;AAEF,MAAMkC,wBAAwB,GAAIQ,CAAU,IAAK;EAC/CC,eAAM,CAACC,GAAG,CAACC,iBAAQ,CAACC,KAAK,EAAG,iCAAgCJ,CAAE,EAAC,CAAC;EAEhE,IAAI,EAAEA,CAAC,YAAYK,wCAA4B,CAAC,EAAE;IAChD,MAAML,CAAC;EACT;EAEA,MAAM,IAAIM,4BAAoB,CAACC,2BAAmB,CAAC,CAChDC,MAAM,CAAC,GAAG,EAAE;IACXC,IAAI,EAAEC,gCAAwB,CAACC,8BAA8B;IAC7DC,OAAO,EAAE;EACX,CAAC,CAAC,CACDC,SAAS,CAACb,CAAC,CAAC;AACjB,CAAC"}

package/lib/commonjs/credential/issuance/mrtd-pop/03-validate-challenge.js CHANGED Viewed

@@ -5,46 +5,33 @@ Object.defineProperty(exports, "__esModule", {
 });
 exports.validateChallenge = exports.buildChallengeCallbackUrl = void 0;
 var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
+var _ioWalletOauth = require("@pagopa/io-wallet-oauth2");
 var _uuid = require("uuid");
-var _errors = require("../../../utils/errors");
-var _misc = require("../../../utils/misc");
 var _pop = require("../../../utils/pop");
-var WalletInstanceAttestation = _interopRequireWildcard(require("../../../wallet-instance-attestation"));
-var _types = require("./types");
+var WalletInstanceAttestation = _interopRequireWildcard(require("../../../wallet-instance-attestation/v1.0.0/utils"));
+var _errors = require("../../../utils/errors");
+var _callbacks = require("../../../utils/callbacks");
 function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
 function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
-/**
- * Validates the MRTD signed challenge by sending the MRTD and IAS payloads to the issuer.
- * This function must be called after {@link initChallenge} and after obtaining the MRTD and IAS payloads
- * through the CIE PACE process.
- *
- * @param issuerConf - The issuer configuration containing the JWKS for signature verification.
- * @param verifyUrl - The endpoint to call to validate the challenge.
- * @param mrtd_auth_session - Session identifier for session binding obtained from the MRTD Proof JWT.
- * @param mrtd_pop_nonce - Nonce value obtained from the MRTD Proof JWT.
- * @param mrtd - MRTD validation data containing Data Groups and SOD.
- * @param ias - IAS validation data containing Anti-Cloning Public Key, and SOD.
- * @param context - The context containing the WIA crypto context used to retrieve the client public key,
- * the wallet instance attestation and an optional fetch implementation.
- * @returns The MRTD PoP Verification Result containing the validation nonce and redirect URI to complete the flow.
- */
+// TODO: decouple from 1.0.0 version
 const validateChallenge = async (issuerConf, verifyUrl, mrtd_auth_session, mrtd_pop_nonce, mrtd, ias, context) => {
   const {
     appFetch = fetch,
     walletInstanceAttestation,
     wiaCryptoContext
   } = context;
-  const aud = issuerConf.openid_credential_issuer.credential_issuer;
+  const aud = issuerConf.credential_issuer;
   const iss = WalletInstanceAttestation.decode(walletInstanceAttestation).payload.cnf.jwk.kid;
   const signedWiaPoP = await (0, _pop.createPopToken)({
-    jti: `${(0, _uuid.v4)()}`,
+    jti: (0, _uuid.v4)(),
     aud,
     iss
   }, wiaCryptoContext);
   const {
     kid
   } = await wiaCryptoContext.getPublicKey();
-  const mrtd_validation_jwt = await new _ioReactNativeJwt.SignJWT(wiaCryptoContext).setProtectedHeader({
+  const mrtdValidationJwt = await new _ioReactNativeJwt.SignJWT(wiaCryptoContext).setProtectedHeader({
     typ: "mrtd-ias+jwt",
     kid
   }).setPayload({
@@ -54,32 +41,23 @@ const validateChallenge = async (issuerConf, verifyUrl, mrtd_auth_session, mrtd_
     mrtd,
     ias
   }).setIssuedAt().setExpirationTime("5m").sign();
-  const requestBody = {
-    mrtd_validation_jwt,
-    mrtd_auth_session,
-    mrtd_pop_nonce
+  const verifyResult = await (0, _ioWalletOauth.fetchMrtdPopVerify)({
+    popVerifyEndpoint: verifyUrl,
+    mrtdAuthSession: mrtd_auth_session,
+    mrtdPopNonce: mrtd_pop_nonce,
+    clientAttestationDPoP: signedWiaPoP,
+    mrtdValidationJwt,
+    walletAttestation: walletInstanceAttestation,
+    callbacks: {
+      fetch: appFetch,
+      ..._callbacks.partialCallbacks
+    }
+  }).catch(_errors.sdkUnexpectedStatusCodeToIssuerError);
+  return {
+    redirect_uri: verifyResult.redirectUri,
+    mrtd_val_pop_nonce: verifyResult.mrtdValPopNonce
   };
-  const verifyResult = await appFetch(verifyUrl, {
-    method: "POST",
-    headers: {
-      "Content-Type": "application/json",
-      "OAuth-Client-Attestation": walletInstanceAttestation,
-      "OAuth-Client-Attestation-PoP": signedWiaPoP
-    },
-    body: JSON.stringify(requestBody)
-  }).then((0, _misc.hasStatusOrThrow)(202, _errors.IssuerResponseError)).then(res => res.json());
-  const verifyResultParsed = _types.MrtdPopVerificationResult.parse(verifyResult);
-  return verifyResultParsed;
 };
-/**
- * WARNING: This function must be called after {@link validateChallenge}. The generated authUrl must be used to open a browser or webview capable of catching the redirectSchema to perform a get request to the authorization endpoint.
- * Builds the callback URL to which the end user should be redirected to continue the authentication flow after the MRTD challenge validation.
- * @param redirectUri - The redirect URI provided by the issuer after the challenge validation to continue the authentication flow.
- * @param valPopNonce - The MRTD validation PoP nonce obtained from the challenge validation response.
- * @param authSession - The MRTD authentication session identifier used for session binding.
- * @returns An object containing the callback URL
- */
 exports.validateChallenge = validateChallenge;
 const buildChallengeCallbackUrl = async (redirectUri, valPopNonce, authSession) => {
   const params = new URLSearchParams({

package/lib/commonjs/credential/issuance/mrtd-pop/03-validate-challenge.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"names":["_ioReactNativeJwt","require","~~_uuid~~","~~_errors~~","~~_misc","~~_pop","WalletInstanceAttestation","_interopRequireWildcard","~~_types~~","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","validateChallenge","issuerConf","verifyUrl","mrtd_auth_session","mrtd_pop_nonce","mrtd","ias","context","appFetch","fetch","walletInstanceAttestation","wiaCryptoContext","aud","~~openid_credential_issuer","~~credential_issuer","iss","decode","payload","cnf","jwk","kid","signedWiaPoP","createPopToken","jti","uuidv4","getPublicKey","~~mrtd_validation_jwt~~","SignJWT","setProtectedHeader","typ","setPayload","document_type","setIssuedAt","setExpirationTime","sign","~~requestBody~~","~~verifyResult~~","~~method~~","~~headers~~","~~body~~","~~JSON~~","~~stringify~~","~~then~~","~~hasStatusOrThrow~~","~~IssuerResponseError~~","~~res~~","~~json~~","~~verifyResultParsed~~","~~MrtdPopVerificationResult~~","~~parse~~","exports","buildChallengeCallbackUrl","~~redirectUri","~~valPopNonce","authSession","params","URLSearchParams","~~mrtd_val_pop_nonce","~~callbackUrl"],"sourceRoot":"../../../../../src","sources":["credential/issuance/mrtd-pop/03-validate-challenge.ts"],"mappings":";;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AACA,IAAAC,~~KAAA~~,GAAAD,OAAA;AACA,IAAAE,~~OAAA~~,GAAAF,OAAA;AACA,IAAAG,~~KAAA~~,GAAAH,OAAA;AACA,IAAAI,~~IAAA~~,~~GAAAJ~~,OAAA;AACA,~~IAAAK~~,~~yBAAA~~,~~GAAAC~~,~~uBAAA,CAAAN,~~OAAA;~~AAEA~~,IAAAO,~~MAAA~~,GAAAP,OAAA;~~AAIiB~~,SAAAQ,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,~~SAAAH~~,~~wBAAAO~~,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;~~AAyBjB;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO~~,MAAMW,~~iBAAoC~~,GAAG,MAAAA,~~CAClDC~~,UAAU,EACVC,SAAS,EACTC,iBAAiB,EACjBC,cAAc,EACdC,IAAI,EACJC,GAAG,EACHC,OAAO,KACJ;EACH,MAAM;IACJC,QAAQ,GAAGC,KAAK;IAChBC,yBAAyB;IACzBC;EACF,CAAC,GAAGJ,OAAO;EAEX,MAAMK,GAAG,GAAGX,UAAU,CAACY,~~wBAAwB,CAACC,~~iBAAiB;~~EACjE~~,MAAMC,GAAG,GAAGxC,yBAAyB,CAACyC,MAAM,~~CAACN~~,yBAAyB,CAAC,~~CACpEO~~,OAAO,CAACC,GAAG,CAACC,GAAG,CAACC,GAAG;EAEtB,MAAMC,YAAY,GAAG,MAAM,IAAAC,mBAAc,EACvC;IACEC,GAAG,~~EAAG~~,~~GAAE,~~IAAAC,QAAM,EAAC,~~CAAE,EAAC~~;~~IAClBZ~~,GAAG;~~IACHG~~;EACF,CAAC,~~EACDJ~~,gBACF,CAAC;EAED,MAAM;~~IAAES~~;EAAI,CAAC,GAAG,~~MAAMT~~,gBAAgB,~~CAACc~~,YAAY,CAAC,CAAC;EAErD,MAAMC,~~mBAAmB~~,GAAG,MAAM,IAAIC,yBAAO,~~CAAChB~~,gBAAgB,CAAC,~~CAC5DiB~~,kBAAkB,CAAC;IAClBC,GAAG,EAAE,cAAc;IACnBT;EACF,CAAC,CAAC,CACDU,UAAU,CAAC;IACVf,GAAG;~~IACHH~~,GAAG;~~IACHmB~~,aAAa,EAAE,KAAK;~~IACpB1B~~,IAAI;IACJC;EACF,CAAC,CAAC,~~CACD0B~~,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,IAAI,CAAC,CAAC;EAET,MAAMC,~~WAAW~~,GAAG~~;IAClBT~~,~~mBAAmB;IACnBvB~~,~~iBAAiB;IACjBC;EACF~~,~~CAAC~~;~~EAED~~,~~MAAMgC~~,~~YAAY~~,~~GAAG,MAAM5B,QAAQ,CAACN,~~SAAS~~,EAAE~~;~~IAC7CmC~~,~~MAAM~~,~~EAAE~~,~~MAAM~~;~~IACdC~~,~~OAAO~~,~~EAAE;MACP~~,cAAc~~,EAAE,kBAAkB~~;~~MAClC~~,~~0BAA0B~~,~~EAAE5B~~,~~yBAAyB~~;~~MACrD~~,~~8BAA8B,EAAEW~~;~~IAClC~~,~~CAAC;IACDkB~~,~~IAAI~~,~~EAAEC~~,~~IAAI,CAACC,~~SAAS,~~CAACN,WAAW~~;~~EAClC~~,~~CAAC~~,~~CAAC~~,~~CACCO~~,~~IAAI~~,CAAC,~~IAAAC,sBAAgB,EAAC,GAAG,EAAEC,2BAAmB,~~CAAC,~~CAAC~~,~~CAChDF~~,~~IAAI,CAAEG,GAAG,IAAKA,GAAG,~~CAACC,~~IAAI~~,CAAC,~~CAAC,CAAC~~;~~EAE5B~~,~~MAAMC~~,~~kBAAkB~~,~~GAAGC~~,~~gCAAyB~~,~~CAACC~~,~~KAAK~~,~~CAACb~~,YAAY,~~CAAC~~;~~EACxE~~,~~OAAOW,kBAAkB~~;~~AAC3B~~,CAAC~~;;AAED~~;~~AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAPAG~~,OAAA,~~CAAAlD~~,iBAAA,GAAAA,iBAAA;~~AAQO~~,~~MAAMmD~~,~~yBAAoD~~,~~GAAG~~,MAAAA,~~CAClEC~~,WAAW,~~EACXC~~,WAAW,~~EACXC~~,WAAW,~~KACR~~;~~EACH~~,MAAMC,MAAM,GAAG,IAAIC,eAAe,CAAC;~~IACjCC~~,kBAAkB,~~EAAEJ~~,WAAW;IAC/~~BlD~~,iBAAiB,~~EAAEmD~~;EACrB,CAAC,CAAC;EAEF,~~MAAMI~~,WAAW,GAAI,~~GAAEN~~,WAAY,~~IAAGG~~,MAAO,EAAC;EAC9C,OAAO;~~IAAEG~~;EAAY,CAAC;AACxB,CAAC;~~AAACR~~,OAAA,CAAAC,yBAAA,GAAAA,yBAAA"}
1	+ {"version":3,"names":["_ioReactNativeJwt","require","_ioWalletOauth","_uuid","_pop","WalletInstanceAttestation","_interopRequireWildcard","_errors","_callbacks","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","validateChallenge","issuerConf","verifyUrl","mrtd_auth_session","mrtd_pop_nonce","mrtd","ias","context","appFetch","fetch","walletInstanceAttestation","wiaCryptoContext","aud","credential_issuer","iss","decode","payload","cnf","jwk","kid","signedWiaPoP","createPopToken","jti","uuidv4","getPublicKey","mrtdValidationJwt","SignJWT","setProtectedHeader","typ","setPayload","document_type","setIssuedAt","setExpirationTime","sign","verifyResult","fetchMrtdPopVerify","popVerifyEndpoint","mrtdAuthSession","mrtdPopNonce","clientAttestationDPoP","walletAttestation","callbacks","partialCallbacks","catch","sdkUnexpectedStatusCodeToIssuerError","redirect_uri","redirectUri","mrtd_val_pop_nonce","mrtdValPopNonce","exports","buildChallengeCallbackUrl","valPopNonce","authSession","params","URLSearchParams","callbackUrl"],"sourceRoot":"../../../../../src","sources":["credential/issuance/mrtd-pop/03-validate-challenge.ts"],"mappings":";;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AACA,IAAAC,cAAA,GAAAD,OAAA;AACA,IAAAE,KAAA,GAAAF,OAAA;AACA,IAAAG,IAAA,GAAAH,OAAA;AACA,IAAAI,yBAAA,GAAAC,uBAAA,CAAAL,OAAA;AACA,IAAAM,OAAA,GAAAN,OAAA;AACA,IAAAO,UAAA,GAAAP,OAAA;AAA4D,SAAAQ,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAJ,wBAAAQ,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAFoC;;AAKzF,MAAMW,iBAAkD,GAAG,MAAAA,CAChEC,UAAU,EACVC,SAAS,EACTC,iBAAiB,EACjBC,cAAc,EACdC,IAAI,EACJC,GAAG,EACHC,OAAO,KACJ;EACH,MAAM;IACJC,QAAQ,GAAGC,KAAK;IAChBC,yBAAyB;IACzBC;EACF,CAAC,GAAGJ,OAAO;EAEX,MAAMK,GAAG,GAAGX,UAAU,CAACY,iBAAiB;EACxC,MAAMC,GAAG,GAAGxC,yBAAyB,CAACyC,MAAM,CAACL,yBAAyB,CAAC,CACpEM,OAAO,CAACC,GAAG,CAACC,GAAG,CAACC,GAAG;EAEtB,MAAMC,YAAY,GAAG,MAAM,IAAAC,mBAAc,EACvC;IACEC,GAAG,EAAE,IAAAC,QAAM,EAAC,CAAC;IACbX,GAAG;IACHE;EACF,CAAC,EACDH,gBACF,CAAC;EAED,MAAM;IAAEQ;EAAI,CAAC,GAAG,MAAMR,gBAAgB,CAACa,YAAY,CAAC,CAAC;EAErD,MAAMC,iBAAiB,GAAG,MAAM,IAAIC,yBAAO,CAACf,gBAAgB,CAAC,CAC1DgB,kBAAkB,CAAC;IAClBC,GAAG,EAAE,cAAc;IACnBT;EACF,CAAC,CAAC,CACDU,UAAU,CAAC;IACVf,GAAG;IACHF,GAAG;IACHkB,aAAa,EAAE,KAAK;IACpBzB,IAAI;IACJC;EACF,CAAC,CAAC,CACDyB,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,IAAI,CAAC,CAAC;EAET,MAAMC,YAAY,GAAG,MAAM,IAAAC,iCAAkB,EAAC;IAC5CC,iBAAiB,EAAElC,SAAS;IAC5BmC,eAAe,EAAElC,iBAAiB;IAClCmC,YAAY,EAAElC,cAAc;IAC5BmC,qBAAqB,EAAEnB,YAAY;IACnCK,iBAAiB;IACjBe,iBAAiB,EAAE9B,yBAAyB;IAC5C+B,SAAS,EAAE;MACThC,KAAK,EAAED,QAAQ;MACf,GAAGkC;IACL;EACF,CAAC,CAAC,CAACC,KAAK,CAACC,4CAAoC,CAAC;EAE9C,OAAO;IACLC,YAAY,EAAEX,YAAY,CAACY,WAAW;IACtCC,kBAAkB,EAAEb,YAAY,CAACc;EACnC,CAAC;AACH,CAAC;AAACC,OAAA,CAAAjD,iBAAA,GAAAA,iBAAA;AAEK,MAAMkD,yBAAkE,GAC7E,MAAAA,CAAOJ,WAAW,EAAEK,WAAW,EAAEC,WAAW,KAAK;EAC/C,MAAMC,MAAM,GAAG,IAAIC,eAAe,CAAC;IACjCP,kBAAkB,EAAEI,WAAW;IAC/BhD,iBAAiB,EAAEiD;EACrB,CAAC,CAAC;EAEF,MAAMG,WAAW,GAAI,GAAET,WAAY,IAAGO,MAAO,EAAC;EAC9C,OAAO;IAAEE;EAAY,CAAC;AACxB,CAAC;AAACN,OAAA,CAAAC,yBAAA,GAAAA,yBAAA"}

package/lib/commonjs/credential/issuance/mrtd-pop/index.js CHANGED Viewed

@@ -3,31 +3,15 @@
 Object.defineProperty(exports, "__esModule", {
   value: true
 });
-Object.defineProperty(exports, "buildChallengeCallbackUrl", {
-  enumerable: true,
-  get: function () {
-    return _validateChallenge.buildChallengeCallbackUrl;
-  }
-});
-Object.defineProperty(exports, "initChallenge", {
-  enumerable: true,
-  get: function () {
-    return _initChallenge.initChallenge;
-  }
-});
-Object.defineProperty(exports, "validateChallenge", {
-  enumerable: true,
-  get: function () {
-    return _validateChallenge.validateChallenge;
-  }
-});
-Object.defineProperty(exports, "verifyAndParseChallengeInfo", {
-  enumerable: true,
-  get: function () {
-    return _verifyAndParseChallengeInfo.verifyAndParseChallengeInfo;
-  }
-});
+exports.MRTDPoP = void 0;
 var _verifyAndParseChallengeInfo = require("./01-verify-and-parse-challenge-info");
 var _initChallenge = require("./02-init-challenge");
 var _validateChallenge = require("./03-validate-challenge");
+const MRTDPoP = {
+  verifyAndParseChallengeInfo: _verifyAndParseChallengeInfo.verifyAndParseChallengeInfo,
+  initChallenge: _initChallenge.initChallenge,
+  validateChallenge: _validateChallenge.validateChallenge,
+  buildChallengeCallbackUrl: _validateChallenge.buildChallengeCallbackUrl
+};
+exports.MRTDPoP = MRTDPoP;
 //# sourceMappingURL=index.js.map

package/lib/commonjs/credential/issuance/mrtd-pop/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"names":["_verifyAndParseChallengeInfo","require","_initChallenge","_validateChallenge"],"sourceRoot":"../../../../../src","sources":["credential/issuance/mrtd-pop/index.ts"],"mappings":"~~;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA~~,IAAAA,4BAAA,GAAAC,OAAA;~~AAIA~~,IAAAC,cAAA,GAAAD,OAAA;AACA,IAAAE,kBAAA,GAAAF,OAAA"}
1	+ {"version":3,"names":["_verifyAndParseChallengeInfo","require","_initChallenge","_validateChallenge","MRTDPoP","verifyAndParseChallengeInfo","initChallenge","validateChallenge","buildChallengeCallbackUrl","exports"],"sourceRoot":"../../../../../src","sources":["credential/issuance/mrtd-pop/index.ts"],"mappings":";;;;;;AACA,IAAAA,4BAAA,GAAAC,OAAA;AACA,IAAAC,cAAA,GAAAD,OAAA;AACA,IAAAE,kBAAA,GAAAF,OAAA;AAKO,MAAMG,OAAmB,GAAG;EACjCC,2BAA2B,EAA3BA,wDAA2B;EAC3BC,aAAa,EAAbA,4BAAa;EACbC,iBAAiB,EAAjBA,oCAAiB;EACjBC,yBAAyB,EAAzBA;AACF,CAAC;AAACC,OAAA,CAAAL,OAAA,GAAAA,OAAA"}

package/lib/commonjs/credential/issuance/v1.0.0/01-evaluate-issuer-trust.js ADDED Viewed

@@ -0,0 +1,19 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.evaluateIssuerTrust = void 0;
+var _entities = require("../../../trust/v1.0.0/entities");
+var _mappers = require("./mappers");
+const evaluateIssuerTrust = async function (issuerUrl) {
+  let context = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {};
+  const issuerConf = await (0, _entities.getCredentialIssuerEntityConfiguration)(issuerUrl, {
+    appFetch: context.appFetch
+  });
+  return {
+    issuerConf: (0, _mappers.mapToIssuerConfig)(issuerConf)
+  };
+};
+exports.evaluateIssuerTrust = evaluateIssuerTrust;
+//# sourceMappingURL=01-evaluate-issuer-trust.js.map

package/lib/commonjs/credential/issuance/v1.0.0/01-evaluate-issuer-trust.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"names":["_entities","require","_mappers","evaluateIssuerTrust","issuerUrl","context","arguments","length","undefined","issuerConf","getCredentialIssuerEntityConfiguration","appFetch","mapToIssuerConfig","exports"],"sourceRoot":"../../../../../src","sources":["credential/issuance/v1.0.0/01-evaluate-issuer-trust.ts"],"mappings":";;;;;;AAAA,IAAAA,SAAA,GAAAC,OAAA;AAEA,IAAAC,QAAA,GAAAD,OAAA;AAEO,MAAME,mBAAuD,GAAG,eAAAA,CACrEC,SAAS,EAEN;EAAA,IADHC,OAAO,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EAEZ,MAAMG,UAAU,GAAG,MAAM,IAAAC,gDAAsC,EAACN,SAAS,EAAE;IACzEO,QAAQ,EAAEN,OAAO,CAACM;EACpB,CAAC,CAAC;EAEF,OAAO;IAAEF,UAAU,EAAE,IAAAG,0BAAiB,EAACH,UAAU;EAAE,CAAC;AACtD,CAAC;AAACI,OAAA,CAAAV,mBAAA,GAAAA,mBAAA"}

package/lib/commonjs/credential/issuance/v1.0.0/02-start-user-authorization.js ADDED Viewed

@@ -0,0 +1,63 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.startUserAuthorization = void 0;
+var _misc = require("../../../utils/misc");
+var _par = require("../../../utils/par");
+var _logging = require("../../../utils/logging");
+var _errors = require("../../../utils/errors");
+var _authorization = require("../common/authorization");
+const startUserAuthorization = async (issuerConf, credentialIds, proof, ctx) => {
+  const {
+    wiaCryptoContext,
+    walletInstanceAttestation,
+    redirectUri,
+    appFetch = fetch
+  } = ctx;
+  const clientId = await wiaCryptoContext.getPublicKey().then(_ => _.kid);
+  if (!clientId) {
+    _logging.Logger.log(_logging.LogLevel.ERROR, `Public key associated with kid ${clientId} not found in the device`);
+    throw new _errors.IoWalletError("No public key found");
+  }
+  const codeVerifier = (0, _misc.generateRandomAlphaNumericString)(64);
+  const parEndpoint = issuerConf.pushed_authorization_request_endpoint;
+  const aud = issuerConf.credential_issuer;
+  const responseMode = (0, _authorization.selectResponseMode)(issuerConf, credentialIds);
+  const getPar = (0, _par.makeParRequest)({
+    wiaCryptoContext,
+    appFetch
+  });
+  const credentialDefinition = credentialIds.map(c => (0, _authorization.selectCredentialDefinition)(issuerConf, c));
+  if (proof.proofType === "mrtd-pop") {
+    /**
+     * When we requests a PID using eID Substantial Authentication with MRTD Verification, we must include
+     * an additional Authorization Details Object in the authorization_details
+     *
+     * See https://italia.github.io/eid-wallet-it-docs/versione-corrente/en/credential-issuance-endpoint.html#pushed-authorization-request-endpoint
+     */
+    credentialDefinition.push({
+      type: "it_l2+document_proof",
+      idphinting: proof.idpHinting,
+      challenge_method: "mrtd+ias",
+      challenge_redirect_uri: redirectUri
+    });
+  }
+  const issuerRequestUri = await getPar(parEndpoint, walletInstanceAttestation, {
+    aud,
+    clientId,
+    codeVerifier,
+    redirectUri,
+    responseMode,
+    authorizationDetails: credentialDefinition
+  });
+  return {
+    issuerRequestUri,
+    clientId,
+    codeVerifier,
+    credentialDefinition
+  };
+};
+exports.startUserAuthorization = startUserAuthorization;
+//# sourceMappingURL=02-start-user-authorization.js.map

package/lib/commonjs/credential/issuance/v1.0.0/02-start-user-authorization.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"names":["_misc","require","_par","_logging","_errors","_authorization","startUserAuthorization","issuerConf","credentialIds","proof","ctx","wiaCryptoContext","walletInstanceAttestation","redirectUri","appFetch","fetch","clientId","getPublicKey","then","_","kid","Logger","log","LogLevel","ERROR","IoWalletError","codeVerifier","generateRandomAlphaNumericString","parEndpoint","pushed_authorization_request_endpoint","aud","credential_issuer","responseMode","selectResponseMode","getPar","makeParRequest","credentialDefinition","map","c","selectCredentialDefinition","proofType","push","type","idphinting","idpHinting","challenge_method","challenge_redirect_uri","issuerRequestUri","authorizationDetails","exports"],"sourceRoot":"../../../../../src","sources":["credential/issuance/v1.0.0/02-start-user-authorization.ts"],"mappings":";;;;;;AAAA,IAAAA,KAAA,GAAAC,OAAA;AACA,IAAAC,IAAA,GAAAD,OAAA;AACA,IAAAE,QAAA,GAAAF,OAAA;AACA,IAAAG,OAAA,GAAAH,OAAA;AAEA,IAAAI,cAAA,GAAAJ,OAAA;AAKO,MAAMK,sBAA6D,GACxE,MAAAA,CAAOC,UAAU,EAAEC,aAAa,EAAEC,KAAK,EAAEC,GAAG,KAAK;EAC/C,MAAM;IACJC,gBAAgB;IAChBC,yBAAyB;IACzBC,WAAW;IACXC,QAAQ,GAAGC;EACb,CAAC,GAAGL,GAAG;EAEP,MAAMM,QAAQ,GAAG,MAAML,gBAAgB,CAACM,YAAY,CAAC,CAAC,CAACC,IAAI,CAAEC,CAAC,IAAKA,CAAC,CAACC,GAAG,CAAC;EAEzE,IAAI,CAACJ,QAAQ,EAAE;IACbK,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACC,KAAK,EACb,kCAAiCR,QAAS,0BAC7C,CAAC;IACD,MAAM,IAAIS,qBAAa,CAAC,qBAAqB,CAAC;EAChD;EACA,MAAMC,YAAY,GAAG,IAAAC,sCAAgC,EAAC,EAAE,CAAC;EACzD,MAAMC,WAAW,GAAGrB,UAAU,CAACsB,qCAAqC;EACpE,MAAMC,GAAG,GAAGvB,UAAU,CAACwB,iBAAiB;EACxC,MAAMC,YAAY,GAAG,IAAAC,iCAAkB,EAAC1B,UAAU,EAAEC,aAAa,CAAC;EAClE,MAAM0B,MAAM,GAAG,IAAAC,mBAAc,EAAC;IAAExB,gBAAgB;IAAEG;EAAS,CAAC,CAAC;EAE7D,MAAMsB,oBAAoB,GAAG5B,aAAa,CAAC6B,GAAG,CAAEC,CAAC,IAC/C,IAAAC,yCAA0B,EAAChC,UAAU,EAAE+B,CAAC,CAC1C,CAAC;EAED,IAAI7B,KAAK,CAAC+B,SAAS,KAAK,UAAU,EAAE;IAClC;AACN;AACA;AACA;AACA;AACA;IACMJ,oBAAoB,CAACK,IAAI,CAAC;MACxBC,IAAI,EAAE,sBAAsB;MAC5BC,UAAU,EAAElC,KAAK,CAACmC,UAAU;MAC5BC,gBAAgB,EAAE,UAAU;MAC5BC,sBAAsB,EAAEjC;IAC1B,CAAC,CAAC;EACJ;EAEA,MAAMkC,gBAAgB,GAAG,MAAMb,MAAM,CACnCN,WAAW,EACXhB,yBAAyB,EACzB;IACEkB,GAAG;IACHd,QAAQ;IACRU,YAAY;IACZb,WAAW;IACXmB,YAAY;IACZgB,oBAAoB,EAAEZ;EACxB,CACF,CAAC;EAED,OAAO;IAAEW,gBAAgB;IAAE/B,QAAQ;IAAEU,YAAY;IAAEU;EAAqB,CAAC;AAC3E,CAAC;AAACa,OAAA,CAAA3C,sBAAA,GAAAA,sBAAA"}