npm - @pagopa/io-react-native-wallet - Versions diffs - 3.0.0 → 3.1.0 - Mend

@pagopa/io-react-native-wallet 3.0.0 → 3.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (409) hide show

package/src/sd-jwt/index.ts CHANGED Viewed

@@ -2,7 +2,8 @@ import { sha256ToBase64, SignJWT } from "@pagopa/io-react-native-jwt";
 import { decodeSdJwtSync } from "@sd-jwt/decode";
 import { present } from "@sd-jwt/present";
 import { digest } from "@sd-jwt/crypto-nodejs";
-import type { Presentation } from "src/credential/presentation";
+import { fixLegacyCredentialSdJwt } from "../utils/credentials";
+import type { Presentation } from "../credential/presentation";
 import { SdJwt4VCBase } from "./types";
 export * from "./utils";
@@ -17,7 +18,7 @@ export * from "./utils";
  * @returns The parsed SD-JWT token and the parsed disclosures
  */
 export const decode = (token: string) => {
-  const decoded = decodeSdJwtSync(token, digest);
+  const decoded = decodeSdJwtSync(fixLegacyCredentialSdJwt(token), digest);
   const sdJwt = SdJwt4VCBase.parse({
     header: decoded.jwt.header,
@@ -53,7 +54,11 @@ export const prepareVpToken = async (
   vp_token: string;
 }> => {
   // Produce a VP token with only requested claims from the verifiable credential
-  const vp = await present(verifiableCredential, presentationFrame, digest);
+  const vp = await present(
+    fixLegacyCredentialSdJwt(verifiableCredential),
+    presentationFrame,
+    digest
+  );
   // <Issuer-signed JWT>~<Disclosure 1>~<Disclosure N>~
   const sd_hash = await sha256ToBase64(vp);

package/src/sd-jwt/utils.ts CHANGED Viewed

@@ -8,6 +8,7 @@ import {
   IssuerResponseError,
   ValidationFailed,
 } from "../utils/errors";
+import { fixLegacyCredentialSdJwt } from "../utils/credentials";
 /**
  * Retrieve the Type Metadata for a credential and verify its integrity.
@@ -62,7 +63,10 @@ export const fetchTypeMetadata = async (
 export const getVerification = (
   credentialSdJwt: string
 ): Verification | undefined => {
-  const decoded = decodeSdJwtSync(credentialSdJwt, digest);
+  const decoded = decodeSdJwtSync(
+    fixLegacyCredentialSdJwt(credentialSdJwt),
+    digest
+  );
   const claims = getClaimsSync<Record<string, unknown>>(
     decoded.jwt.payload,

package/src/trust/common/types.ts CHANGED Viewed

@@ -50,7 +50,7 @@ export const FederationEntityMetadata = z
     logo_uri: z.string().optional(),
     contacts: z.array(z.string()).optional(),
   })
-  .passthrough();
+  .loose();
 // Structure common to every Entity Configuration document
 export type BaseEntityConfiguration = z.infer<typeof BaseEntityConfiguration>;
@@ -67,12 +67,12 @@ export const BaseEntityConfiguration = z.object({
         .object({
           federation_entity: FederationEntityMetadata,
         })
-        .passthrough(),
+        .loose(),
       jwks: z.object({
         keys: z.array(JWK),
       }),
     })
-    .passthrough(),
+    .loose(),
 });
 export const FederationListResponse = z.array(z.string());

package/src/trust/v1.0.0/types.ts CHANGED Viewed

@@ -1,7 +1,7 @@
 import * as z from "zod";
+import { jsonWebKeySchema } from "@pagopa/io-wallet-oid-federation";
 import { JWK } from "../../utils/jwk";
 import { BaseEntityConfiguration } from "../common/types";
-import { jsonWebKeySchema } from "@openid-federation/core";
 const RelyingPartyMetadata = z.object({
   application_type: z.string().optional(),
@@ -65,7 +65,9 @@ const SupportedCredentialMetadata = z.intersection(
     cryptographic_binding_methods_supported: z.array(z.string()),
     credential_signing_alg_values_supported: z.array(z.string()),
     authentic_source: z.string().optional(),
-    issuance_errors_supported: z.record(IssuanceErrorSupported).optional(),
+    issuance_errors_supported: z
+      .record(z.string(), IssuanceErrorSupported)
+      .optional(),
   })
 );
@@ -92,6 +94,7 @@ export const CredentialIssuerEntityConfiguration = BaseEntityConfiguration.and(
           status_attestation_endpoint: z.string(),
           display: z.array(CredentialIssuerDisplayMetadata),
           credential_configurations_supported: z.record(
+            z.string(),
             SupportedCredentialMetadata
           ),
           jwks: z.object({ keys: z.array(JWK) }),
@@ -157,7 +160,7 @@ export const WalletProviderEntityConfiguration = BaseEntityConfiguration.and(
             ),
             jwks: z.object({ keys: z.array(JWK) }),
           })
-          .passthrough(),
+          .loose(),
       }),
     }),
   })
@@ -165,14 +168,11 @@ export const WalletProviderEntityConfiguration = BaseEntityConfiguration.and(
 // Maps any entity configuration by the union of every possible shapes
 export type EntityConfiguration = z.infer<typeof EntityConfiguration>;
-export const EntityConfiguration = z.union(
-  [
+export const EntityConfiguration = z
+  .union([
     WalletProviderEntityConfiguration,
     CredentialIssuerEntityConfiguration,
     TrustAnchorEntityConfiguration,
     RelyingPartyEntityConfiguration,
-  ],
-  {
-    description: "Any kind of Entity Configuration allowed in the ecosystem",
-  }
-);
+  ])
+  .describe("Any kind of Entity Configuration allowed in the ecosystem");

package/src/trust/v1.3.3/types.ts CHANGED Viewed

@@ -56,13 +56,10 @@ export const WalletProviderEntityConfiguration = BaseEntityConfiguration.and(
 // Maps any entity configuration by the union of every possible shapes
 export type EntityConfiguration = z.infer<typeof EntityConfiguration>;
-export const EntityConfiguration = z.union(
-  [
+export const EntityConfiguration = z
+  .union([
     WalletProviderEntityConfiguration,
     CredentialIssuerEntityConfiguration,
     RelyingPartyEntityConfiguration,
-  ],
-  {
-    description: "Any kind of Entity Configuration allowed in the ecosystem",
-  }
-);
+  ])
+  .describe("Any kind of Entity Configuration allowed in the ecosystem");

package/src/utils/callbacks.ts CHANGED Viewed

@@ -12,6 +12,12 @@ type PartialCallbackContext = Omit<
   "signJwt" | "clientAuthentication"
 >;
+// Fix incompatibility between ArrayBuffer types
+type DigestFixed = (
+  data: string | ArrayBuffer | ArrayBufferView,
+  algorithm?: string
+) => Uint8Array;
 /**
  * Shared callbacks with React Native implementations for use
  * in IO Wallet SDK. Callbacks not found here must be provided by the caller,
@@ -19,7 +25,7 @@ type PartialCallbackContext = Omit<
  */
 export const partialCallbacks: PartialCallbackContext = {
   generateRandom: generateRandomBytes,
-  hash: digest,
+  hash: digest as DigestFixed,
   encryptJwe: async ({ publicJwk, alg, enc, kid }, data) => ({
     // @ts-expect-error `alg` and `enc` are strings, but EncryptJwe expects specific string literals
     jwe: await new EncryptJwe(data, { alg, enc, kid }).encrypt(publicJwk),

package/src/utils/credentials.ts CHANGED Viewed

@@ -24,7 +24,10 @@ export const extractJwkFromCredential = async (
 ): Promise<JWK> => {
   if (SD_JWT.includes(format)) {
     // 1. SD-JWT case
-    const decoded = decodeSdJwtSync(credential, digest);
+    const decoded = decodeSdJwtSync(
+      fixLegacyCredentialSdJwt(credential),
+      digest
+    );
     const { cnf } = decoded.jwt.payload as SdJwt4VCBase["payload"];
     if (cnf.jwk) {
       return { ...cnf.jwk, kid: await thumbprint(cnf.jwk) };
@@ -32,3 +35,16 @@ export const extractJwkFromCredential = async (
   }
   throw new IoWalletError(`Credential format ${format} not supported`);
 };
+/**
+ * Legacy credentials do not end with `~`. This function adds `~` when needed
+ * to avoid decoding errors in the @sd-jwt libraries.
+ */
+export const fixLegacyCredentialSdJwt = (token: string) => {
+  if (!token.endsWith("~")) {
+    const hasKeyBindingJwt = token.split("~").at(-1)?.split(".").length === 3;
+    // Either we have a key binding JWT or it is a legacy 0.7.1 credential
+    return hasKeyBindingJwt ? token : `${token}~`;
+  }
+  return token;
+};

package/src/utils/crypto.ts CHANGED Viewed

@@ -90,3 +90,21 @@ export const getSigninJwkFromCert = (pemCert: string): JWK => {
     "Unable to find the signing key inside the PEM certificate"
   );
 };
+/**
+ * Extension of the {@link CryptoContext} that adds key generation with optional key attestation.
+ *
+ * This context requires the consumer to provide an additional method for **key generation**;
+ * on Android this method should also generate a key attestation as a certificate chain
+ * to ensure the key pair is hardware-backed.
+ */
+export type KeyAttestationCryptoContext = CryptoContext & {
+  /**
+   * Generate a key pair with an **optional key attestation** (Android).
+   * @param challenge The challenge for the key attestation.
+   * @returns An object with a success flag and a key attestation, if it was generated.
+   */
+  generateKeyWithAttestation(
+    challenge: string
+  ): Promise<{ success: boolean; attestation?: string }>;
+};

package/src/utils/dpop.ts CHANGED Viewed

@@ -29,7 +29,7 @@ export const createDPopToken = async (
 export type DPoPPayload = z.infer<typeof DPoPPayload>;
 export const DPoPPayload = z.object({
   jti: z.string(),
-  htm: z.union([z.literal("POST"), z.literal("GET")]),
+  htm: z.enum(["POST", "GET"]),
   htu: z.string(),
   ath: z.string().optional(),
 });

package/src/utils/jwk.ts CHANGED Viewed

@@ -20,7 +20,7 @@ export const JWK = z.object({
   /** JWK "kty" (Key Type) Parameter.
    * This attribute is required to discriminate the
    * type of EC/RSA algorithm */
-  kty: z.union([z.literal("RSA"), z.literal("EC")]),
+  kty: z.enum(["RSA", "EC"]),
   n: z.string().optional(),
   p: z.string().optional(),
   q: z.string().optional(),

package/src/utils/mappers.ts CHANGED Viewed

@@ -33,8 +33,8 @@ export function createMapper<I, O>(
 export function createMapper<I, O>(
   mapper: (input: I) => O,
   config?: {
-    inputSchema?: z.ZodType<I>;
-    outputSchema: z.ZodType<O>;
+    inputSchema?: z.ZodType<I, any>;
+    outputSchema: z.ZodType<O, any>;
   }
 ) {
   if (!config) {

package/src/utils/zod.ts CHANGED Viewed

@@ -11,7 +11,11 @@ type Literal = z.infer<typeof literalSchema>;
 type Json = Literal | { [key: string]: Json } | Json[];
 const jsonSchema: z.ZodType<Json> = z.lazy(() =>
-  z.union([literalSchema, z.array(jsonSchema), z.record(jsonSchema)])
+  z.union([
+    literalSchema,
+    z.array(jsonSchema),
+    z.record(z.string(), jsonSchema),
+  ])
 );
 export const json = () => jsonSchema;

package/src/wallet-instance-attestation/README.md CHANGED Viewed

@@ -30,16 +30,19 @@ const { WALLET_PROVIDER_BASE_URL } = env; // Let's assume env is an object conta
  * WARNING: The integrity context must be the same used when creating the Wallet Instance with the same keytag.
  */
 const wallet = new IoWallet({ version: "1.0.0" });
-const issuedAttestation = await wallet.WalletInstanceAttestation.getAttestation({
-  wiaCryptoContext,
-  integrityContext,
-  walletProviderBaseUrl: WALLET_PROVIDER_BASE_URL,
-  appFetch,
-});
-// [
-//   { type: "wallet_instance_attestation", "format": "jwt", "attestation": "ey..." },
-//   { type: "wallet_instance_attestation", "format": "dc+sd-jwt", "attestation": "ey..." }
-// ]
+const issuedAttestation = await wallet.WalletInstanceAttestation.getAttestation(
+  {
+    walletProviderBaseUrl: WALLET_PROVIDER_BASE_URL,
+    walletSolutionId: "exampleId",
+    walletSolutionVersion: "1.2.3",
+  },
+  {
+    wiaCryptoContext,
+    integrityContext,
+    appFetch,
+  }
+);
+// [{ "format": "jwt", "attestation": "ey..." }, { "format": "dc+sd-jwt", "attestation": "ey..." }]
 return issuedAttestation;
 ```

package/src/wallet-instance-attestation/api/index.ts CHANGED Viewed

@@ -1,24 +1,31 @@
 import type { CryptoContext } from "@pagopa/io-react-native-jwt";
 import type { IntegrityContext } from "../../utils/integrity";
-import type { DecodedAttestationJwt, WalletAttestation } from "./types";
+import type {
+  DecodedWalletInstanceAttestation,
+  WalletAttestation,
+  WalletAttestationRequestParams,
+} from "./types";
 export interface WalletInstanceAttestationApi {
   /**
    * Request a Wallet Instance Attestation (WIA) to the Wallet provider.
-   * The Wallet Attestation may be issued in different formats and components (Wallet App and Wallet Unit).
+   * The Wallet Instance Attestation may be issued in different formats.
    *
-   * @param params.wiaCryptoContext The key pair associated with the WIA. Will be use to prove the ownership of the attestation.
-   * @param params.appFetch (optional) Http client
-   * @param walletProviderBaseUrl Base url for the Wallet Provider
+   * @param requestParams Wallet Provider data for the Wallet Attestation request
+   * @param ctx.wiaCryptoContext The key pair associated with the WIA. Will be use to prove the ownership of the attestation.
+   * @param ctx.integrityContext The hardware key pair associated with the Wallet Instance
+   * @param ctx.appFetch (optional) Http client
    * @returns The retrieved Wallet Instance Attestation tokens
    * @throws {WalletProviderResponseError} with a specific code for more context
    */
-  getAttestation(ctx: {
-    wiaCryptoContext: CryptoContext;
-    integrityContext: IntegrityContext;
-    walletProviderBaseUrl: string;
-    appFetch?: GlobalFetch["fetch"];
-  }): Promise<WalletAttestation[]>;
+  getAttestation(
+    requestParams: WalletAttestationRequestParams,
+    ctx: {
+      wiaCryptoContext: CryptoContext;
+      integrityContext: IntegrityContext;
+      appFetch?: GlobalFetch["fetch"];
+    }
+  ): Promise<WalletAttestation[]>;
   /**
    * Decode a given JWT to get the parsed Wallet Instance Attestation object they define.
@@ -32,7 +39,7 @@ export interface WalletInstanceAttestationApi {
    * @throws A decoding error if the token doesn't resolve in a valid JWT
    * @throws A validation error if the provided data doesn't result in a valid Wallet Instance Attestation
    */
-  decode(token: string): DecodedAttestationJwt;
+  decode(token: string): DecodedWalletInstanceAttestation;
   /**
    * Verify a given JWT to get the parsed Wallet Instance Attestation object they define.
@@ -44,5 +51,5 @@ export interface WalletInstanceAttestationApi {
    * @throws A validation error if the provided data doesn't result in a valid Wallet Instance Attestation
    * @throws Invalid signature error if the token signature is not valid
    */
-  verify(token: string): Promise<DecodedAttestationJwt>;
+  verify(token: string): Promise<DecodedWalletInstanceAttestation>;
 }

package/src/wallet-instance-attestation/api/types.ts CHANGED Viewed

@@ -3,23 +3,35 @@ import { UnixTime } from "../../utils/zod";
 import { JWK } from "../../utils/jwk";
 /**
- * Common Wallet Attestation shape. This object is
+ * Common Wallet Instance Attestation shape. This object is
  * an abstraction over the version-specific JWTs.
  */
-export type DecodedAttestationJwt = z.infer<typeof DecodedAttestationJwt>;
-export const DecodedAttestationJwt = z.object({
+export type DecodedWalletInstanceAttestation = z.infer<
+  typeof DecodedWalletInstanceAttestation
+>;
+export const DecodedWalletInstanceAttestation = z.object({
   iss: z.string(),
   iat: UnixTime,
   exp: UnixTime,
   cnf: z.object({ jwk: JWK }),
   sub: z.string(),
+  wallet_provider_name: z.string().optional(),
+  wallet_solution_id: z.string().optional(),
+  /** @deprecated */
   wallet_link: z.string().optional(),
+  /** @deprecated */
   wallet_name: z.string().optional(),
+  /** @deprecated */
   aal: z.string().optional(),
 });
 export type WalletAttestation = {
-  type: "wallet_instance_attestation" | "wallet_unit_attestation";
   format: string;
   attestation: string;
 };
+export type WalletAttestationRequestParams = {
+  walletProviderBaseUrl: string;
+  walletSolutionId: string;
+  walletSolutionVersion: string;
+};

package/src/wallet-instance-attestation/v1.0.0/index.ts CHANGED Viewed

@@ -2,10 +2,10 @@ import type { WalletInstanceAttestationApi } from "../api";
 import { withMapper, withMapperAsync } from "../../utils/mappers";
 import { getAttestation } from "./issuing";
 import { decode, verify } from "./utils";
-import { mapToDecodedAttestationJwt } from "./mappers";
+import { mapToDecodedWalletInstanceAttestation } from "./mappers";
 export const WalletInstanceAttestation: WalletInstanceAttestationApi = {
   getAttestation,
-  decode: withMapper(mapToDecodedAttestationJwt, decode),
-  verify: withMapperAsync(mapToDecodedAttestationJwt, verify),
+  decode: withMapper(mapToDecodedWalletInstanceAttestation, decode),
+  verify: withMapperAsync(mapToDecodedWalletInstanceAttestation, verify),
 };

package/src/wallet-instance-attestation/v1.0.0/issuing.ts CHANGED Viewed

@@ -69,14 +69,12 @@ async function getAttestationRequest(
 }
 export const getAttestation: WalletInstanceAttestationApi["getAttestation"] =
-  async ({
-    wiaCryptoContext,
-    integrityContext,
-    walletProviderBaseUrl,
-    appFetch = fetch,
-  }) => {
+  async (
+    requestParams,
+    { wiaCryptoContext, integrityContext, appFetch = fetch }
+  ) => {
     const api = getWalletProviderClient({
-      walletProviderBaseUrl,
+      walletProviderBaseUrl: requestParams.walletProviderBaseUrl,
       appFetch,
     });
@@ -86,7 +84,7 @@ export const getAttestation: WalletInstanceAttestationApi["getAttestation"] =
       .then((response) => response.nonce);
     Logger.log(
       LogLevel.DEBUG,
-      `Challenge obtained from ${walletProviderBaseUrl}: ${challenge} `
+      `Challenge obtained from ${requestParams.walletProviderBaseUrl}: ${challenge} `
     );
     // 2. Get a signed attestation request
@@ -94,7 +92,7 @@ export const getAttestation: WalletInstanceAttestationApi["getAttestation"] =
       challenge,
       wiaCryptoContext,
       integrityContext,
-      walletProviderBaseUrl
+      requestParams.walletProviderBaseUrl
     );
     Logger.log(
       LogLevel.DEBUG,

package/src/wallet-instance-attestation/v1.0.0/mappers.ts CHANGED Viewed

@@ -1,15 +1,18 @@
 import { createMapper } from "../../utils/mappers";
-import { DecodedAttestationJwt, type WalletAttestation } from "../api/types";
+import {
+  DecodedWalletInstanceAttestation,
+  type WalletAttestation,
+} from "../api/types";
 import {
   WalletAttestationResponse,
   WalletInstanceAttestationJwt,
 } from "./types";
-export const mapToDecodedAttestationJwt = createMapper<
+export const mapToDecodedWalletInstanceAttestation = createMapper<
   WalletInstanceAttestationJwt,
-  DecodedAttestationJwt
+  DecodedWalletInstanceAttestation
 >((x) => x.payload, {
-  outputSchema: DecodedAttestationJwt,
+  outputSchema: DecodedWalletInstanceAttestation,
 });
 export const mapToWalletAttestations = createMapper<
@@ -17,7 +20,6 @@ export const mapToWalletAttestations = createMapper<
   WalletAttestation[]
 >((x) =>
   x.wallet_attestations.map((wa) => ({
-    type: "wallet_instance_attestation",
     format: wa.format,
     attestation: wa.wallet_attestation,
   }))

package/src/wallet-instance-attestation/v1.3.3/index.ts CHANGED Viewed

@@ -1,13 +1,11 @@
-import { UnimplementedFeatureError } from "../../utils/errors";
+import { withMapper, withMapperAsync } from "../../utils/mappers";
 import type { WalletInstanceAttestationApi } from "../api";
 import { getAttestation } from "./issuing";
+import { decode, verify } from "./utils";
+import { mapToDecodedWalletInstanceAttestation } from "./mappers";
 export const WalletInstanceAttestation: WalletInstanceAttestationApi = {
   getAttestation,
-  decode: () => {
-    throw new UnimplementedFeatureError("decode", "1.3.3");
-  },
-  verify: () => {
-    throw new UnimplementedFeatureError("verify", "1.3.3");
-  },
+  decode: withMapper(mapToDecodedWalletInstanceAttestation, decode),
+  verify: withMapperAsync(mapToDecodedWalletInstanceAttestation, verify),
 };

package/src/wallet-instance-attestation/v1.3.3/issuing.ts CHANGED Viewed

@@ -1,7 +1,111 @@
-import { UnimplementedFeatureError } from "../../utils/errors";
+import { Platform } from "react-native";
+import {
+  thumbprint,
+  type CryptoContext,
+  SignJWT,
+} from "@pagopa/io-react-native-jwt";
+import type { IntegrityContext } from "../../utils/integrity";
+import { LogLevel, Logger } from "../../utils/logging";
+import { fixBase64EncodingOnKey, JWK } from "../../utils/jwk";
+import { getWalletProviderClient } from "../../client";
+import type { WalletAttestationRequestParams } from "../api/types";
 import type { WalletInstanceAttestationApi } from "../api";
+import { WalletInstanceAttestationResponse } from "./types";
+async function getAttestationRequest(
+  {
+    challenge,
+    walletSolutionId,
+    walletSolutionVersion,
+  }: WalletAttestationRequestParams & { challenge: string },
+  wiaCryptoContext: CryptoContext,
+  integrityContext: IntegrityContext
+): Promise<string> {
+  const jwk = await wiaCryptoContext.getPublicKey();
+  const parsedJwk = JWK.parse(jwk);
+  const keyThumbprint = await thumbprint(parsedJwk);
+  const publicKey = { ...parsedJwk, kid: keyThumbprint };
+  const clientData = {
+    challenge,
+    jwk_thumbprint: keyThumbprint,
+  };
+  const hardwareKeyTag = integrityContext.getHardwareKeyTag();
+  const { signature, authenticatorData } =
+    await integrityContext.getHardwareSignatureWithAuthData(
+      JSON.stringify(clientData)
+    );
+  return new SignJWT(wiaCryptoContext)
+    .setPayload({
+      iss: hardwareKeyTag,
+      nonce: challenge,
+      platform: Platform.OS,
+      hardware_signature: signature,
+      integrity_assertion: authenticatorData,
+      hardware_key_tag: hardwareKeyTag,
+      wallet_solution_id: walletSolutionId,
+      wallet_solution_version: walletSolutionVersion,
+      cnf: {
+        jwk: fixBase64EncodingOnKey(publicKey),
+      },
+    })
+    .setProtectedHeader({
+      kid: publicKey.kid,
+      typ: "wia-request+jwt",
+    })
+    .setIssuedAt()
+    .setExpirationTime("1h")
+    .sign();
+}
 export const getAttestation: WalletInstanceAttestationApi["getAttestation"] =
-  () => {
-    throw new UnimplementedFeatureError("getAttestation", "1.3.3");
+  async (
+    requestParams,
+    { wiaCryptoContext, integrityContext, appFetch = fetch }
+  ) => {
+    const api = getWalletProviderClient({
+      walletProviderBaseUrl: requestParams.walletProviderBaseUrl,
+      appFetch,
+    });
+    const challenge = await api
+      .get("/nonce")
+      .then((response) => response.nonce);
+    Logger.log(
+      LogLevel.DEBUG,
+      `Challenge obtained from ${requestParams.walletProviderBaseUrl}: ${challenge} `
+    );
+    const signedAttestationRequest = await getAttestationRequest(
+      { challenge, ...requestParams },
+      wiaCryptoContext,
+      integrityContext
+    );
+    Logger.log(
+      LogLevel.DEBUG,
+      `Signed attestation request: ${signedAttestationRequest}`
+    );
+    const response = await api
+      .post("/wallet-instance-attestations", {
+        header: {
+          "Content-Type": "text/plain",
+        },
+        body: signedAttestationRequest,
+      })
+      .then(WalletInstanceAttestationResponse.parse);
+    Logger.log(
+      LogLevel.DEBUG,
+      `Obtained Wallet Instance Attestation in jwt format: ${response.wallet_instance_attestation}`
+    );
+    return [
+      {
+        format: "jwt",
+        attestation: response.wallet_instance_attestation,
+      },
+    ];
   };

package/src/wallet-instance-attestation/v1.3.3/mappers.ts ADDED Viewed

@@ -0,0 +1,18 @@
+import { createMapper } from "../../utils/mappers";
+import { DecodedWalletInstanceAttestation } from "../api/types";
+import { WalletInstanceAttestationJwt } from "./types";
+export const mapToDecodedWalletInstanceAttestation = createMapper<
+  WalletInstanceAttestationJwt,
+  DecodedWalletInstanceAttestation
+>(
+  ({ payload }) => {
+    const { eudi_wallet_info, ...rest } = payload;
+    return {
+      ...rest,
+      wallet_provider_name: eudi_wallet_info.general_info.wallet_provider_name,
+      wallet_solution_id: eudi_wallet_info.general_info.wallet_solution_id,
+    };
+  },
+  { outputSchema: DecodedWalletInstanceAttestation }
+);