@pagopa/io-react-native-wallet 3.1.2 → 3.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/commonjs/credential/issuance/README.md +44 -17
- package/lib/commonjs/credential/issuance/v1.0.0/03-complete-user-authorization.js +5 -2
- package/lib/commonjs/credential/issuance/v1.0.0/03-complete-user-authorization.js.map +1 -1
- package/lib/commonjs/credential/issuance/v1.0.0/05-obtain-credential.js +5 -1
- package/lib/commonjs/credential/issuance/v1.0.0/05-obtain-credential.js.map +1 -1
- package/lib/commonjs/credential/issuance/v1.0.0/index.js +1 -0
- package/lib/commonjs/credential/issuance/v1.0.0/index.js.map +1 -1
- package/lib/commonjs/credential/issuance/v1.3.3/03-complete-user-authorization.js +1 -1
- package/lib/commonjs/credential/issuance/v1.3.3/03-complete-user-authorization.js.map +1 -1
- package/lib/commonjs/credential/issuance/v1.3.3/05-obtain-credential.js +147 -52
- package/lib/commonjs/credential/issuance/v1.3.3/05-obtain-credential.js.map +1 -1
- package/lib/commonjs/credential/issuance/v1.3.3/index.js +1 -0
- package/lib/commonjs/credential/issuance/v1.3.3/index.js.map +1 -1
- package/lib/commonjs/credential/presentation/api/types.js.map +1 -1
- package/lib/commonjs/credential/presentation/v1.0.0/05-verify-request-object.js +18 -12
- package/lib/commonjs/credential/presentation/v1.0.0/05-verify-request-object.js.map +1 -1
- package/lib/commonjs/credential/presentation/v1.0.0/07-send-authorization-response.js +3 -0
- package/lib/commonjs/credential/presentation/v1.0.0/07-send-authorization-response.js.map +1 -1
- package/lib/commonjs/credential/presentation/v1.0.0/index.js +0 -2
- package/lib/commonjs/credential/presentation/v1.0.0/index.js.map +1 -1
- package/lib/commonjs/credential/presentation/v1.0.0/mappers.js +23 -13
- package/lib/commonjs/credential/presentation/v1.0.0/mappers.js.map +1 -1
- package/lib/commonjs/credential/presentation/v1.0.0/types.js +25 -17
- package/lib/commonjs/credential/presentation/v1.0.0/types.js.map +1 -1
- package/lib/commonjs/credential/presentation/v1.3.3/05-verify-request-object.js +29 -6
- package/lib/commonjs/credential/presentation/v1.3.3/05-verify-request-object.js.map +1 -1
- package/lib/commonjs/credential/presentation/v1.3.3/07-send-authorization-response.js +9 -6
- package/lib/commonjs/credential/presentation/v1.3.3/07-send-authorization-response.js.map +1 -1
- package/lib/commonjs/credential/presentation/v1.3.3/mappers.js +25 -13
- package/lib/commonjs/credential/presentation/v1.3.3/mappers.js.map +1 -1
- package/lib/commonjs/credential/presentation/v1.3.3/types.js +6 -3
- package/lib/commonjs/credential/presentation/v1.3.3/types.js.map +1 -1
- package/lib/commonjs/credentials-catalogue/api/DigitalCredentialsCatalogue.js +26 -1
- package/lib/commonjs/credentials-catalogue/api/DigitalCredentialsCatalogue.js.map +1 -1
- package/lib/commonjs/credentials-catalogue/v1.3.3/fetch-and-parse-catalogue.js +4 -0
- package/lib/commonjs/credentials-catalogue/v1.3.3/fetch-and-parse-catalogue.js.map +1 -1
- package/lib/commonjs/credentials-catalogue/v1.3.3/fetch-translations.js +5 -3
- package/lib/commonjs/credentials-catalogue/v1.3.3/fetch-translations.js.map +1 -1
- package/lib/commonjs/credentials-catalogue/v1.3.3/mappers.js +9 -1
- package/lib/commonjs/credentials-catalogue/v1.3.3/mappers.js.map +1 -1
- package/lib/commonjs/credentials-catalogue/v1.3.3/types.js +49 -1
- package/lib/commonjs/credentials-catalogue/v1.3.3/types.js.map +1 -1
- package/lib/commonjs/utils/callbacks.js +25 -6
- package/lib/commonjs/utils/callbacks.js.map +1 -1
- package/lib/commonjs/utils/crypto.js +58 -5
- package/lib/commonjs/utils/crypto.js.map +1 -1
- package/lib/module/credential/issuance/README.md +44 -17
- package/lib/module/credential/issuance/v1.0.0/03-complete-user-authorization.js +6 -3
- package/lib/module/credential/issuance/v1.0.0/03-complete-user-authorization.js.map +1 -1
- package/lib/module/credential/issuance/v1.0.0/05-obtain-credential.js +4 -1
- package/lib/module/credential/issuance/v1.0.0/05-obtain-credential.js.map +1 -1
- package/lib/module/credential/issuance/v1.0.0/index.js +2 -1
- package/lib/module/credential/issuance/v1.0.0/index.js.map +1 -1
- package/lib/module/credential/issuance/v1.3.3/03-complete-user-authorization.js +1 -1
- package/lib/module/credential/issuance/v1.3.3/03-complete-user-authorization.js.map +1 -1
- package/lib/module/credential/issuance/v1.3.3/05-obtain-credential.js +143 -49
- package/lib/module/credential/issuance/v1.3.3/05-obtain-credential.js.map +1 -1
- package/lib/module/credential/issuance/v1.3.3/index.js +2 -1
- package/lib/module/credential/issuance/v1.3.3/index.js.map +1 -1
- package/lib/module/credential/presentation/api/types.js.map +1 -1
- package/lib/module/credential/presentation/v1.0.0/05-verify-request-object.js +13 -7
- package/lib/module/credential/presentation/v1.0.0/05-verify-request-object.js.map +1 -1
- package/lib/module/credential/presentation/v1.0.0/07-send-authorization-response.js +4 -1
- package/lib/module/credential/presentation/v1.0.0/07-send-authorization-response.js.map +1 -1
- package/lib/module/credential/presentation/v1.0.0/index.js +0 -2
- package/lib/module/credential/presentation/v1.0.0/index.js.map +1 -1
- package/lib/module/credential/presentation/v1.0.0/mappers.js +23 -13
- package/lib/module/credential/presentation/v1.0.0/mappers.js.map +1 -1
- package/lib/module/credential/presentation/v1.0.0/types.js +23 -15
- package/lib/module/credential/presentation/v1.0.0/types.js.map +1 -1
- package/lib/module/credential/presentation/v1.3.3/05-verify-request-object.js +28 -6
- package/lib/module/credential/presentation/v1.3.3/05-verify-request-object.js.map +1 -1
- package/lib/module/credential/presentation/v1.3.3/07-send-authorization-response.js +9 -6
- package/lib/module/credential/presentation/v1.3.3/07-send-authorization-response.js.map +1 -1
- package/lib/module/credential/presentation/v1.3.3/mappers.js +25 -13
- package/lib/module/credential/presentation/v1.3.3/mappers.js.map +1 -1
- package/lib/module/credential/presentation/v1.3.3/types.js +5 -2
- package/lib/module/credential/presentation/v1.3.3/types.js.map +1 -1
- package/lib/module/credentials-catalogue/api/DigitalCredentialsCatalogue.js +24 -0
- package/lib/module/credentials-catalogue/api/DigitalCredentialsCatalogue.js.map +1 -1
- package/lib/module/credentials-catalogue/v1.3.3/fetch-and-parse-catalogue.js +5 -1
- package/lib/module/credentials-catalogue/v1.3.3/fetch-and-parse-catalogue.js.map +1 -1
- package/lib/module/credentials-catalogue/v1.3.3/fetch-translations.js +5 -3
- package/lib/module/credentials-catalogue/v1.3.3/fetch-translations.js.map +1 -1
- package/lib/module/credentials-catalogue/v1.3.3/mappers.js +9 -1
- package/lib/module/credentials-catalogue/v1.3.3/mappers.js.map +1 -1
- package/lib/module/credentials-catalogue/v1.3.3/types.js +47 -0
- package/lib/module/credentials-catalogue/v1.3.3/types.js.map +1 -1
- package/lib/module/utils/callbacks.js +26 -7
- package/lib/module/utils/callbacks.js.map +1 -1
- package/lib/module/utils/crypto.js +57 -6
- package/lib/module/utils/crypto.js.map +1 -1
- package/lib/typescript/credential/issuance/api/05-obtain-credential.d.ts +20 -0
- package/lib/typescript/credential/issuance/api/05-obtain-credential.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/v1.0.0/03-complete-user-authorization.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/v1.0.0/05-obtain-credential.d.ts +1 -0
- package/lib/typescript/credential/issuance/v1.0.0/05-obtain-credential.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/v1.0.0/index.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/v1.3.3/05-obtain-credential.d.ts +23 -2
- package/lib/typescript/credential/issuance/v1.3.3/05-obtain-credential.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/v1.3.3/index.d.ts.map +1 -1
- package/lib/typescript/credential/presentation/api/04-verify-certificate-chain.d.ts +9 -2
- package/lib/typescript/credential/presentation/api/04-verify-certificate-chain.d.ts.map +1 -1
- package/lib/typescript/credential/presentation/api/05-verify-request-object.d.ts +2 -2
- package/lib/typescript/credential/presentation/api/05-verify-request-object.d.ts.map +1 -1
- package/lib/typescript/credential/presentation/api/07-send-authorization-response.d.ts +2 -2
- package/lib/typescript/credential/presentation/api/07-send-authorization-response.d.ts.map +1 -1
- package/lib/typescript/credential/presentation/api/types.d.ts +18 -0
- package/lib/typescript/credential/presentation/api/types.d.ts.map +1 -1
- package/lib/typescript/credential/presentation/v1.0.0/05-verify-request-object.d.ts.map +1 -1
- package/lib/typescript/credential/presentation/v1.0.0/07-send-authorization-response.d.ts.map +1 -1
- package/lib/typescript/credential/presentation/v1.0.0/index.d.ts.map +1 -1
- package/lib/typescript/credential/presentation/v1.0.0/mappers.d.ts +21 -13
- package/lib/typescript/credential/presentation/v1.0.0/mappers.d.ts.map +1 -1
- package/lib/typescript/credential/presentation/v1.0.0/types.d.ts +23 -15
- package/lib/typescript/credential/presentation/v1.0.0/types.d.ts.map +1 -1
- package/lib/typescript/credential/presentation/v1.3.3/05-verify-request-object.d.ts.map +1 -1
- package/lib/typescript/credential/presentation/v1.3.3/07-send-authorization-response.d.ts.map +1 -1
- package/lib/typescript/credential/presentation/v1.3.3/mappers.d.ts +89 -79
- package/lib/typescript/credential/presentation/v1.3.3/mappers.d.ts.map +1 -1
- package/lib/typescript/credential/presentation/v1.3.3/types.d.ts +87 -79
- package/lib/typescript/credential/presentation/v1.3.3/types.d.ts.map +1 -1
- package/lib/typescript/credentials-catalogue/api/DigitalCredentialsCatalogue.d.ts +73 -0
- package/lib/typescript/credentials-catalogue/api/DigitalCredentialsCatalogue.d.ts.map +1 -1
- package/lib/typescript/credentials-catalogue/api/index.d.ts +6 -5
- package/lib/typescript/credentials-catalogue/api/index.d.ts.map +1 -1
- package/lib/typescript/credentials-catalogue/v1.0.0/mappers.d.ts +25 -0
- package/lib/typescript/credentials-catalogue/v1.0.0/mappers.d.ts.map +1 -1
- package/lib/typescript/credentials-catalogue/v1.3.3/fetch-and-parse-catalogue.d.ts.map +1 -1
- package/lib/typescript/credentials-catalogue/v1.3.3/fetch-translations.d.ts.map +1 -1
- package/lib/typescript/credentials-catalogue/v1.3.3/mappers.d.ts +51 -0
- package/lib/typescript/credentials-catalogue/v1.3.3/mappers.d.ts.map +1 -1
- package/lib/typescript/credentials-catalogue/v1.3.3/types.d.ts +33 -0
- package/lib/typescript/credentials-catalogue/v1.3.3/types.d.ts.map +1 -1
- package/lib/typescript/utils/callbacks.d.ts.map +1 -1
- package/lib/typescript/utils/crypto.d.ts +32 -15
- package/lib/typescript/utils/crypto.d.ts.map +1 -1
- package/package.json +1 -1
- package/src/credential/issuance/README.md +44 -17
- package/src/credential/issuance/api/05-obtain-credential.ts +24 -0
- package/src/credential/issuance/v1.0.0/03-complete-user-authorization.ts +8 -3
- package/src/credential/issuance/v1.0.0/05-obtain-credential.ts +6 -0
- package/src/credential/issuance/v1.0.0/index.ts +5 -1
- package/src/credential/issuance/v1.3.3/03-complete-user-authorization.ts +1 -1
- package/src/credential/issuance/v1.3.3/05-obtain-credential.ts +175 -80
- package/src/credential/issuance/v1.3.3/index.ts +5 -1
- package/src/credential/presentation/api/04-verify-certificate-chain.ts +9 -2
- package/src/credential/presentation/api/05-verify-request-object.ts +2 -2
- package/src/credential/presentation/api/07-send-authorization-response.ts +2 -2
- package/src/credential/presentation/api/types.ts +16 -0
- package/src/credential/presentation/v1.0.0/05-verify-request-object.ts +21 -10
- package/src/credential/presentation/v1.0.0/07-send-authorization-response.ts +7 -0
- package/src/credential/presentation/v1.0.0/index.ts +0 -2
- package/src/credential/presentation/v1.0.0/mappers.ts +17 -17
- package/src/credential/presentation/v1.0.0/types.ts +23 -15
- package/src/credential/presentation/v1.3.3/05-verify-request-object.ts +63 -10
- package/src/credential/presentation/v1.3.3/07-send-authorization-response.ts +13 -4
- package/src/credential/presentation/v1.3.3/mappers.ts +19 -17
- package/src/credential/presentation/v1.3.3/types.ts +9 -3
- package/src/credentials-catalogue/api/DigitalCredentialsCatalogue.ts +32 -0
- package/src/credentials-catalogue/api/index.ts +6 -3
- package/src/credentials-catalogue/v1.3.3/fetch-and-parse-catalogue.ts +6 -0
- package/src/credentials-catalogue/v1.3.3/fetch-translations.ts +6 -3
- package/src/credentials-catalogue/v1.3.3/mappers.ts +17 -1
- package/src/credentials-catalogue/v1.3.3/types.ts +51 -0
- package/src/utils/callbacks.ts +29 -8
- package/src/utils/crypto.ts +86 -15
- package/lib/commonjs/credential/presentation/v1.0.0/04-verify-certificate-chain.js +0 -12
- package/lib/commonjs/credential/presentation/v1.0.0/04-verify-certificate-chain.js.map +0 -1
- package/lib/module/credential/presentation/v1.0.0/04-verify-certificate-chain.js +0 -5
- package/lib/module/credential/presentation/v1.0.0/04-verify-certificate-chain.js.map +0 -1
- package/lib/typescript/credential/presentation/v1.0.0/04-verify-certificate-chain.d.ts +0 -3
- package/lib/typescript/credential/presentation/v1.0.0/04-verify-certificate-chain.d.ts.map +0 -1
- package/src/credential/presentation/v1.0.0/04-verify-certificate-chain.ts +0 -10
|
@@ -7,7 +7,7 @@ import { ResponseUriResultShape } from "./types";
|
|
|
7
7
|
import { getJwtFromFormPost } from "../../../utils/decoder";
|
|
8
8
|
import { AuthorizationError, AuthorizationIdpError } from "../common/errors";
|
|
9
9
|
import { LogLevel, Logger } from "../../../utils/logging";
|
|
10
|
-
import {
|
|
10
|
+
import { RawRequestObject } from "../../presentation/v1.0.0/types";
|
|
11
11
|
import { RemotePresentation as RemotePresentationFlow } from "../../presentation/v1.0.0";
|
|
12
12
|
export const continueUserAuthorizationWithMRTDPoPChallenge = async authRedirectUrl => {
|
|
13
13
|
Logger.log(LogLevel.DEBUG, `The requested credential is a PersonIdentificationData and requires MRTD PoP, starting MRTD PoP validation from auth redirect`);
|
|
@@ -55,7 +55,10 @@ export const getRequestedCredentialToBePresented = async function (issuerRequest
|
|
|
55
55
|
Logger.log(LogLevel.DEBUG, `Requesting the request object to ${authzRequestEndpoint}?${params.toString()}`);
|
|
56
56
|
const requestObject = await appFetch(`${authzRequestEndpoint}?${params.toString()}`, {
|
|
57
57
|
method: "GET"
|
|
58
|
-
}).then(hasStatusOrThrow(200, IssuerResponseError)).then(res => res.text()).then(jws => decode(jws)).then(reqObj =>
|
|
58
|
+
}).then(hasStatusOrThrow(200, IssuerResponseError)).then(res => res.text()).then(jws => decode(jws)).then(reqObj => RawRequestObject.safeParse({
|
|
59
|
+
header: reqObj.protectedHeader,
|
|
60
|
+
payload: reqObj.payload
|
|
61
|
+
}));
|
|
59
62
|
if (!requestObject.success) {
|
|
60
63
|
Logger.log(LogLevel.ERROR, `Error while validating the response object: ${requestObject.error.message}`);
|
|
61
64
|
throw new ValidationFailed({
|
|
@@ -63,7 +66,7 @@ export const getRequestedCredentialToBePresented = async function (issuerRequest
|
|
|
63
66
|
reason: requestObject.error.message
|
|
64
67
|
});
|
|
65
68
|
}
|
|
66
|
-
return requestObject.data;
|
|
69
|
+
return requestObject.data.payload;
|
|
67
70
|
};
|
|
68
71
|
export const completeUserAuthorizationWithFormPostJwtMode = async (requestObject, _issuerConfig, pid, _ref) => {
|
|
69
72
|
let {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["AuthorizationChallengeResultShape","AuthorizationErrorShape","AuthorizationResultShape","hasStatusOrThrow","parseUrl","IssuerResponseError","ValidationFailed","decode","SignJWT","ResponseUriResultShape","getJwtFromFormPost","AuthorizationError","AuthorizationIdpError","LogLevel","Logger","
|
|
1
|
+
{"version":3,"names":["AuthorizationChallengeResultShape","AuthorizationErrorShape","AuthorizationResultShape","hasStatusOrThrow","parseUrl","IssuerResponseError","ValidationFailed","decode","SignJWT","ResponseUriResultShape","getJwtFromFormPost","AuthorizationError","AuthorizationIdpError","LogLevel","Logger","RawRequestObject","RemotePresentation","RemotePresentationFlow","continueUserAuthorizationWithMRTDPoPChallenge","authRedirectUrl","log","DEBUG","query","authResParsed","safeParse","success","authErr","ERROR","error","message","JSON","stringify","data","error_description","buildAuthorizationUrl","issuerRequestUri","clientId","issuerConf","idpHint","authzRequestEndpoint","authorization_endpoint","params","URLSearchParams","client_id","request_uri","append","authUrl","completeUserAuthorizationWithQueryMode","parseAuthorizationResponse","getRequestedCredentialToBePresented","appFetch","arguments","length","undefined","fetch","toString","requestObject","method","then","res","text","jws","reqObj","header","protectedHeader","payload","reason","completeUserAuthorizationWithFormPostJwtMode","_issuerConfig","pid","_ref","wiaCryptoContext","pidKeyTag","dcqlQueryResult","evaluateDcqlQuery","dcql_query","authRequestObject","nonce","responseUri","response_uri","remotePresentation","prepareRemotePresentations","authzResponsePayload","createAuthzResponsePayload","state","body","response","resUriRes","headers","reqUri","json","redirect_uri","cbRes","decodedJwt","authRes","_ref2","kid","getPublicKey","setProtectedHeader","typ","setPayload","vp_token","presentations","reduce","_ref3","credentialId","vpToken","setIssuedAt","setExpirationTime","sign"],"sourceRoot":"../../../../../src","sources":["credential/issuance/v1.0.0/03-complete-user-authorization.ts"],"mappings":"AAAA,SACEA,iCAAiC,EACjCC,uBAAuB,EACvBC,wBAAwB,QAEnB,qBAAqB;AAC5B,SAASC,gBAAgB,QAAQ,qBAAqB;AACtD,OAAOC,QAAQ,MAAM,WAAW;AAEhC,SAASC,mBAAmB,EAAEC,gBAAgB,QAAQ,uBAAuB;AAC7E,SACEC,MAAM,EACNC,OAAO,QAEF,6BAA6B;AACpC,SAASC,sBAAsB,QAAQ,SAAS;AAChD,SAASC,kBAAkB,QAAQ,wBAAwB;AAC3D,SAASC,kBAAkB,EAAEC,qBAAqB,QAAQ,kBAAkB;AAC5E,SAASC,QAAQ,EAAEC,MAAM,QAAQ,wBAAwB;AACzD,SAASC,gBAAgB,QAAQ,iCAAiC;AAClE,SAASC,kBAAkB,IAAIC,sBAAsB,QAAQ,2BAA2B;AAIxF,OAAO,MAAMC,6CAA2G,GACtH,MAAOC,eAAe,IAAK;EACzBL,MAAM,CAACM,GAAG,CACRP,QAAQ,CAACQ,KAAK,EACb,+HACH,CAAC;EACD,MAAMC,KAAK,GAAGlB,QAAQ,CAACe,eAAe,CAAC,CAACG,KAAK;EAE7C,MAAMC,aAAa,GAAGvB,iCAAiC,CAACwB,SAAS,CAACF,KAAK,CAAC;EACxE,IAAI,CAACC,aAAa,CAACE,OAAO,EAAE;IAC1B,MAAMC,OAAO,GAAGzB,uBAAuB,CAACuB,SAAS,CAACF,KAAK,CAAC;IACxD,IAAI,CAACI,OAAO,CAACD,OAAO,EAAE;MACpBX,MAAM,CAACM,GAAG,CACRP,QAAQ,CAACc,KAAK,EACb,mDAAkDJ,aAAa,CAACK,KAAK,CAACC,OAAQ,EACjF,CAAC;MACD,MAAM,IAAIlB,kBAAkB,CAACY,aAAa,CAACK,KAAK,CAACC,OAAO,CAAC,CAAC,CAAC;IAC7D;;IACAf,MAAM,CAACM,GAAG,CACRP,QAAQ,CAACc,KAAK,EACb,2CAA0CG,IAAI,CAACC,SAAS,CAACL,OAAO,CAAE,EACrE,CAAC;IACD,MAAM,IAAId,qBAAqB,CAC7Bc,OAAO,CAACM,IAAI,CAACJ,KAAK,EAClBF,OAAO,CAACM,IAAI,CAACC,iBACf,CAAC;EACH;EACA,OAAOV,aAAa,CAACS,IAAI;AAC3B,CAAC;AAEH,OAAO,MAAME,qBAA2D,GACtE,MAAAA,CAAOC,gBAAgB,EAAEC,QAAQ,EAAEC,UAAU,EAAEC,OAAO,KAAK;EACzD,MAAMC,oBAAoB,GAAGF,UAAU,CAACG,sBAAsB;EAE9D,MAAMC,MAAM,GAAG,IAAIC,eAAe,CAAC;IACjCC,SAAS,EAAEP,QAAQ;IACnBQ,WAAW,EAAET;EACf,CAAC,CAAC;EAEF,IAAIG,OAAO,EAAE;IACXG,MAAM,CAACI,MAAM,CAAC,SAAS,EAAEP,OAAO,CAAC;EACnC;EAEA,MAAMQ,OAAO,GAAI,GAAEP,oBAAqB,IAAGE,MAAO,EAAC;EAEnD,OAAO;IAAEK;EAAQ,CAAC;AACpB,CAAC;AAEH,OAAO,MAAMC,sCAA6F,GACxG,MAAO5B,eAAe,IAAK;EACzBL,MAAM,CAACM,GAAG,CACRP,QAAQ,CAACQ,KAAK,EACb,2GACH,CAAC;EACD,MAAMC,KAAK,GAAGlB,QAAQ,CAACe,eAAe,CAAC,CAACG,KAAK;EAE7C,OAAO0B,0BAA0B,CAAC1B,KAAK,CAAC;AAC1C,CAAC;AAEH,OAAO,MAAM2B,mCAAuF,GAClG,eAAAA,CAAOd,gBAAgB,EAAEC,QAAQ,EAAEC,UAAU,EAAuB;EAAA,IAArBa,QAAQ,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAGG,KAAK;EAC7DxC,MAAM,CAACM,GAAG,CACRP,QAAQ,CAACQ,KAAK,EACb,sGACH,CAAC;EACD,MAAMkB,oBAAoB,GAAGF,UAAU,CAACG,sBAAsB;EAC9D,MAAMC,MAAM,GAAG,IAAIC,eAAe,CAAC;IACjCC,SAAS,EAAEP,QAAQ;IACnBQ,WAAW,EAAET;EACf,CAAC,CAAC;EAEFrB,MAAM,CAACM,GAAG,CACRP,QAAQ,CAACQ,KAAK,EACb,oCAAmCkB,oBAAqB,IAAGE,MAAM,CAACc,QAAQ,CAAC,CAAE,EAChF,CAAC;EAED,MAAMC,aAAa,GAAG,MAAMN,QAAQ,CACjC,GAAEX,oBAAqB,IAAGE,MAAM,CAACc,QAAQ,CAAC,CAAE,EAAC,EAC9C;IAAEE,MAAM,EAAE;EAAM,CAClB,CAAC,CACEC,IAAI,CAACvD,gBAAgB,CAAC,GAAG,EAAEE,mBAAmB,CAAC,CAAC,CAChDqD,IAAI,CAAEC,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBF,IAAI,CAAEG,GAAG,IAAKtD,MAAM,CAACsD,GAAG,CAAC,CAAC,CAC1BH,IAAI,CAAEI,MAAM,IACX/C,gBAAgB,CAACS,SAAS,CAAC;IACzBuC,MAAM,EAAED,MAAM,CAACE,eAAe;IAC9BC,OAAO,EAAEH,MAAM,CAACG;EAClB,CAAC,CACH,CAAC;EAEH,IAAI,CAACT,aAAa,CAAC/B,OAAO,EAAE;IAC1BX,MAAM,CAACM,GAAG,CACRP,QAAQ,CAACc,KAAK,EACb,+CAA8C6B,aAAa,CAAC5B,KAAK,CAACC,OAAQ,EAC7E,CAAC;IACD,MAAM,IAAIvB,gBAAgB,CAAC;MACzBuB,OAAO,EAAE,kCAAkC;MAC3CqC,MAAM,EAAEV,aAAa,CAAC5B,KAAK,CAACC;IAC9B,CAAC,CAAC;EACJ;EACA,OAAO2B,aAAa,CAACxB,IAAI,CAACiC,OAAO;AACnC,CAAC;AAEH,OAAO,MAAME,4CAAyG,GACpH,MAAAA,CACEX,aAAa,EACbY,aAAa,EACbC,GAAG,EAAAC,IAAA,KAEA;EAAA,IADH;IAAEC,gBAAgB;IAAEC,SAAS;IAAEtB,QAAQ,GAAGI;EAAM,CAAC,GAAAgB,IAAA;EAEjDxD,MAAM,CAACM,GAAG,CACRP,QAAQ,CAACQ,KAAK,EACb,sHACH,CAAC;EAED,MAAMoD,eAAe,GAAG,MAAMxD,sBAAsB,CAACyD,iBAAiB,CACpElB,aAAa,CAACmB,UAAU,EACxB,CAAC,CAACH,SAAS,EAAEH,GAAG,CAAC,CACnB,CAAC;EAED,MAAMO,iBAAiB,GAAG;IACxBC,KAAK,EAAErB,aAAa,CAACqB,KAAK;IAC1BzC,QAAQ,EAAEoB,aAAa,CAACb,SAAS;IACjCmC,WAAW,EAAEtB,aAAa,CAACuB;EAC7B,CAAC;EAED,MAAMC,kBAAkB,GACtB,MAAM/D,sBAAsB,CAACgE,0BAA0B,CACrDR,eAAe,EACfG,iBACF,CAAC;EAEH,MAAMM,oBAAoB,GAAG,MAAMC,0BAA0B,CAAC;IAC5DC,KAAK,EAAE5B,aAAa,CAAC4B,KAAK;IAC1BJ,kBAAkB;IAClBT;EACF,CAAC,CAAC;EAEFzD,MAAM,CAACM,GAAG,CACRP,QAAQ,CAACQ,KAAK,EACb,2BAA0B6D,oBAAqB,EAClD,CAAC;;EAED;EACA;EACA;EACA;EACA;EACA;EACA;EACA;;EAEA,MAAMG,IAAI,GAAG,IAAI3C,eAAe,CAAC;IAC/B4C,QAAQ,EAAEJ;EACZ,CAAC,CAAC,CAAC3B,QAAQ,CAAC,CAAC;EAEb,MAAMgC,SAAS,GAAG,MAAMrC,QAAQ,CAACM,aAAa,CAACuB,YAAY,EAAE;IAC3DtB,MAAM,EAAE,MAAM;IACd+B,OAAO,EAAE;MACP,cAAc,EAAE;IAClB,CAAC;IACDH;EACF,CAAC,CAAC,CACC3B,IAAI,CAACvD,gBAAgB,CAAC,GAAG,EAAEE,mBAAmB,CAAC,CAAC,CAChDqD,IAAI,CAAE+B,MAAM,IAAKA,MAAM,CAACC,IAAI,CAAC,CAAC,CAAC;EAElC,MAAMZ,WAAW,GAAGrE,sBAAsB,CAACe,SAAS,CAAC+D,SAAS,CAAC;EAC/D,IAAI,CAACT,WAAW,CAACrD,OAAO,EAAE;IACxBX,MAAM,CAACM,GAAG,CACRP,QAAQ,CAACc,KAAK,EACb,4CAA2CmD,WAAW,CAAClD,KAAK,CAACC,OAAQ,EACxE,CAAC;IACD,MAAM,IAAIvB,gBAAgB,CAAC;MACzBuB,OAAO,EAAE,gCAAgC;MACzCqC,MAAM,EAAEY,WAAW,CAAClD,KAAK,CAACC;IAC5B,CAAC,CAAC;EACJ;EAEA,OAAO,MAAMqB,QAAQ,CAAC4B,WAAW,CAAC9C,IAAI,CAAC2D,YAAY,CAAC,CACjDjC,IAAI,CAACvD,gBAAgB,CAAC,GAAG,EAAEE,mBAAmB,CAAC,CAAC,CAChDqD,IAAI,CAAEC,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBF,IAAI,CAAChD,kBAAkB,CAAC,CACxBgD,IAAI,CAAEkC,KAAK,IAAK5C,0BAA0B,CAAC4C,KAAK,CAACC,UAAU,CAAC5B,OAAO,CAAC,CAAC;AAC1E,CAAC;;AAEH;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMjB,0BAA0B,GACrC8C,OAAgB,IACQ;EACxB,MAAMvE,aAAa,GAAGrB,wBAAwB,CAACsB,SAAS,CAACsE,OAAO,CAAC;EACjE,IAAI,CAACvE,aAAa,CAACE,OAAO,EAAE;IAC1B,MAAMC,OAAO,GAAGzB,uBAAuB,CAACuB,SAAS,CAACsE,OAAO,CAAC;IAC1D,IAAI,CAACpE,OAAO,CAACD,OAAO,EAAE;MACpBX,MAAM,CAACM,GAAG,CACRP,QAAQ,CAACc,KAAK,EACb,mDAAkDJ,aAAa,CAACK,KAAK,CAACC,OAAQ,EACjF,CAAC;MACD,MAAM,IAAIlB,kBAAkB,CAACY,aAAa,CAACK,KAAK,CAACC,OAAO,CAAC,CAAC,CAAC;IAC7D;;IACAf,MAAM,CAACM,GAAG,CACRP,QAAQ,CAACc,KAAK,EACb,2CAA0CG,IAAI,CAACC,SAAS,CAACL,OAAO,CAAE,EACrE,CAAC;IACD,MAAM,IAAId,qBAAqB,CAC7Bc,OAAO,CAACM,IAAI,CAACJ,KAAK,EAClBF,OAAO,CAACM,IAAI,CAACC,iBACf,CAAC;EACH;EACA,OAAOV,aAAa,CAACS,IAAI;AAC3B,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMmD,0BAA0B,GAAG,MAAAY,KAAA,IAQZ;EAAA,IARmB;IACxCX,KAAK;IACLJ,kBAAkB;IAClBT;EAKF,CAAC,GAAAwB,KAAA;EACC,MAAM;IAAEC;EAAI,CAAC,GAAG,MAAMzB,gBAAgB,CAAC0B,YAAY,CAAC,CAAC;EAErD,OAAO,IAAIzF,OAAO,CAAC+D,gBAAgB,CAAC,CACjC2B,kBAAkB,CAAC;IAClBC,GAAG,EAAE,KAAK;IACVH;EACF,CAAC,CAAC,CACDI,UAAU,CAAC;IACV;AACN;AACA;AACA;AACA;IACM,IAAIhB,KAAK,GAAG;MAAEA;IAAM,CAAC,GAAG,CAAC,CAAC,CAAC;IAC3BiB,QAAQ,EAAErB,kBAAkB,CAACsB,aAAa,CAACC,MAAM,CAC/C,CAACF,QAAQ,EAAAG,KAAA;MAAA,IAAE;QAAEC,YAAY;QAAEC;MAAQ,CAAC,GAAAF,KAAA;MAAA,OAAM;QACxC,GAAGH,QAAQ;QACX,CAACI,YAAY,GAAGC;MAClB,CAAC;IAAA,CAAC,EACF,CAAC,CACH;EACF,CAAC,CAAC,CACDC,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,IAAI,CAAC,CAAC;AACX,CAAC"}
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import { sha256ToBase64, SignJWT } from "@pagopa/io-react-native-jwt";
|
|
2
2
|
import { v4 as uuidv4 } from "uuid";
|
|
3
3
|
import { hasStatusOrThrow } from "../../../utils/misc";
|
|
4
|
-
import { IssuerResponseError, IssuerResponseErrorCodes, ResponseErrorBuilder, UnexpectedStatusCodeError, ValidationFailed } from "../../../utils/errors";
|
|
4
|
+
import { IssuerResponseError, IssuerResponseErrorCodes, ResponseErrorBuilder, UnexpectedStatusCodeError, UnimplementedFeatureError, ValidationFailed } from "../../../utils/errors";
|
|
5
5
|
import { createDPopToken } from "../../../utils/dpop";
|
|
6
6
|
import { LogLevel, Logger } from "../../../utils/logging";
|
|
7
7
|
import { CredentialResponse, NonceResponse } from "./types";
|
|
@@ -137,4 +137,7 @@ const handleObtainCredentialError = e => {
|
|
|
137
137
|
message: "Unable to obtain the requested credential"
|
|
138
138
|
}).buildFrom(e);
|
|
139
139
|
};
|
|
140
|
+
export const obtainCredentialsBatch = () => {
|
|
141
|
+
throw new UnimplementedFeatureError("obtainCredentialsBatch", "1.0.0");
|
|
142
|
+
};
|
|
140
143
|
//# sourceMappingURL=05-obtain-credential.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["sha256ToBase64","SignJWT","v4","uuidv4","hasStatusOrThrow","IssuerResponseError","IssuerResponseErrorCodes","ResponseErrorBuilder","UnexpectedStatusCodeError","ValidationFailed","createDPopToken","LogLevel","Logger","CredentialResponse","NonceResponse","createNonceProof","nonce","issuer","audience","ctx","jwk","getPublicKey","setPayload","setProtectedHeader","typ","setAudience","setIssuer","setIssuedAt","setExpirationTime","sign","obtainCredential","issuerConf","accessToken","clientId","credentialDefinition","context","credentialCryptoContext","appFetch","fetch","dPopCryptoContext","credential_configuration_id","credential_identifier","credentialUrl","credential_endpoint","issuerUrl","credential_issuer","nonceUrl","nonce_endpoint","c_nonce","method","headers","then","res","json","body","parse","signedNonceProof","log","DEBUG","containsCredentialDefinition","authorization_details","some","c","credential_identifiers","includes","ERROR","message","credentialRequestFormBody","proof","jwt","proof_type","JSON","stringify","tokenRequestSignedDPop","htm","htu","jti","ath","access_token","credentialRes","DPoP","Authorization","token_type","safeParse","catch","handleObtainCredentialError","success","error","reason","data","issuerCredentialConfig","credential_configurations_supported","credential","credentials","at","format","e","handle","code","CredentialIssuingNotSynchronous","CredentialInvalidStatus","CredentialRequestFailed","buildFrom"],"sourceRoot":"../../../../../src","sources":["credential/issuance/v1.0.0/05-obtain-credential.ts"],"mappings":"AAAA,SAEEA,cAAc,EACdC,OAAO,QACF,6BAA6B;AACpC,SAASC,EAAE,IAAIC,MAAM,QAAQ,MAAM;AACnC,SAASC,gBAAgB,QAAQ,qBAAqB;AACtD,SACEC,mBAAmB,EACnBC,wBAAwB,EACxBC,oBAAoB,EACpBC,yBAAyB,EACzBC,gBAAgB,QACX,uBAAuB;AAC9B,SAASC,eAAe,QAAQ,qBAAqB;AACrD,SAASC,QAAQ,EAAEC,MAAM,QAAQ,wBAAwB;AAEzD,SAASC,kBAAkB,EAAEC,aAAa,QAAQ,SAAS;AAE3D,OAAO,MAAMC,gBAAgB,GAAG,MAAAA,CAC9BC,KAAa,EACbC,MAAc,EACdC,QAAgB,EAChBC,GAAkB,KACE;EACpB,MAAMC,GAAG,GAAG,MAAMD,GAAG,CAACE,YAAY,CAAC,CAAC;EACpC,OAAO,
|
|
1
|
+
{"version":3,"names":["sha256ToBase64","SignJWT","v4","uuidv4","hasStatusOrThrow","IssuerResponseError","IssuerResponseErrorCodes","ResponseErrorBuilder","UnexpectedStatusCodeError","UnimplementedFeatureError","ValidationFailed","createDPopToken","LogLevel","Logger","CredentialResponse","NonceResponse","createNonceProof","nonce","issuer","audience","ctx","jwk","getPublicKey","setPayload","setProtectedHeader","typ","setAudience","setIssuer","setIssuedAt","setExpirationTime","sign","obtainCredential","issuerConf","accessToken","clientId","credentialDefinition","context","credentialCryptoContext","appFetch","fetch","dPopCryptoContext","credential_configuration_id","credential_identifier","credentialUrl","credential_endpoint","issuerUrl","credential_issuer","nonceUrl","nonce_endpoint","c_nonce","method","headers","then","res","json","body","parse","signedNonceProof","log","DEBUG","containsCredentialDefinition","authorization_details","some","c","credential_identifiers","includes","ERROR","message","credentialRequestFormBody","proof","jwt","proof_type","JSON","stringify","tokenRequestSignedDPop","htm","htu","jti","ath","access_token","credentialRes","DPoP","Authorization","token_type","safeParse","catch","handleObtainCredentialError","success","error","reason","data","issuerCredentialConfig","credential_configurations_supported","credential","credentials","at","format","e","handle","code","CredentialIssuingNotSynchronous","CredentialInvalidStatus","CredentialRequestFailed","buildFrom","obtainCredentialsBatch"],"sourceRoot":"../../../../../src","sources":["credential/issuance/v1.0.0/05-obtain-credential.ts"],"mappings":"AAAA,SAEEA,cAAc,EACdC,OAAO,QACF,6BAA6B;AACpC,SAASC,EAAE,IAAIC,MAAM,QAAQ,MAAM;AACnC,SAASC,gBAAgB,QAAQ,qBAAqB;AACtD,SACEC,mBAAmB,EACnBC,wBAAwB,EACxBC,oBAAoB,EACpBC,yBAAyB,EACzBC,yBAAyB,EACzBC,gBAAgB,QACX,uBAAuB;AAC9B,SAASC,eAAe,QAAQ,qBAAqB;AACrD,SAASC,QAAQ,EAAEC,MAAM,QAAQ,wBAAwB;AAEzD,SAASC,kBAAkB,EAAEC,aAAa,QAAQ,SAAS;AAE3D,OAAO,MAAMC,gBAAgB,GAAG,MAAAA,CAC9BC,KAAa,EACbC,MAAc,EACdC,QAAgB,EAChBC,GAAkB,KACE;EACpB,MAAMC,GAAG,GAAG,MAAMD,GAAG,CAACE,YAAY,CAAC,CAAC;EACpC,OAAO,IAAIrB,OAAO,CAACmB,GAAG,CAAC,CACpBG,UAAU,CAAC;IACVN;EACF,CAAC,CAAC,CACDO,kBAAkB,CAAC;IAClBC,GAAG,EAAE,sBAAsB;IAC3BJ;EACF,CAAC,CAAC,CACDK,WAAW,CAACP,QAAQ,CAAC,CACrBQ,SAAS,CAACT,MAAM,CAAC,CACjBU,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,MAAM,CAAC,CACzBC,IAAI,CAAC,CAAC;AACX,CAAC;AAED,OAAO,MAAMC,gBAAiD,GAAG,MAAAA,CAC/DC,UAAU,EACVC,WAAW,EACXC,QAAQ,EACRC,oBAAoB,EACpBC,OAAO,KACJ;EACH,MAAM;IACJC,uBAAuB;IACvBC,QAAQ,GAAGC,KAAK;IAChBC;EACF,CAAC,GAAGJ,OAAO;EACX,MAAM;IAAEK,2BAA2B;IAAEC;EAAsB,CAAC,GAC1DP,oBAAoB;EAEtB,MAAMQ,aAAa,GAAGX,UAAU,CAACY,mBAAmB;EACpD,MAAMC,SAAS,GAAGb,UAAU,CAACc,iBAAiB;EAC9C,MAAMC,QAAQ,GAAGf,UAAU,CAACgB,cAAc;;EAE1C;EACA,MAAM;IAAEC;EAAQ,CAAC,GAAG,MAAMX,QAAQ,CAACS,QAAQ,EAAE;IAC3CG,MAAM,EAAE,MAAM;IACdC,OAAO,EAAE;MAAE,cAAc,EAAE;IAAmB;EAChD,CAAC,CAAC,CACCC,IAAI,CAAChD,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAC3BgD,IAAI,CAAEC,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBF,IAAI,CAAEG,IAAI,IAAKxC,aAAa,CAACyC,KAAK,CAACD,IAAI,CAAC,CAAC;;EAE5C;AACF;AACA;AACA;AACA;EACE,MAAME,gBAAgB,GAAG,MAAMzC,gBAAgB,CAC7CiC,OAAO,EACPf,QAAQ,EACRW,SAAS,EACTR,uBACF,CAAC;EAEDxB,MAAM,CAAC6C,GAAG,CAAC9C,QAAQ,CAAC+C,KAAK,EAAG,uBAAsBF,gBAAiB,EAAC,CAAC;;EAErE;EACA,MAAMG,4BAA4B,GAAG3B,WAAW,CAAC4B,qBAAqB,CAACC,IAAI,CACxEC,CAAC,IACAA,CAAC,CAACtB,2BAA2B,KAAKA,2BAA2B,KAC5DC,qBAAqB,GAClBqB,CAAC,CAACC,sBAAsB,CAACC,QAAQ,CAACvB,qBAAqB,CAAC,GACxD,IAAI,CACZ,CAAC;EAED,IAAI,CAACkB,4BAA4B,EAAE;IACjC/C,MAAM,CAAC6C,GAAG,CACR9C,QAAQ,CAACsD,KAAK,EACb,gEAA+DjC,WAAW,CAAC4B,qBAAsB,EACpG,CAAC;IACD,MAAM,IAAInD,gBAAgB,CAAC;MACzByD,OAAO,EACL;IACJ,CAAC,CAAC;EACJ;;EAEA;AACF;AACA;AACA;AACA;AACA;EACE,MAAMC,yBAAyB,GAAG1B,qBAAqB,GACnD;IACEA,qBAAqB,EAAEA,qBAAqB;IAC5C2B,KAAK,EAAE;MAAEC,GAAG,EAAEb,gBAAgB;MAAEc,UAAU,EAAE;IAAM;EACpD,CAAC,GACD;IACE9B,2BAA2B,EAAEA,2BAA2B;IACxD4B,KAAK,EAAE;MAAEC,GAAG,EAAEb,gBAAgB;MAAEc,UAAU,EAAE;IAAM;EACpD,CAAC;EAEL1D,MAAM,CAAC6C,GAAG,CACR9C,QAAQ,CAAC+C,KAAK,EACb,4BAA2Ba,IAAI,CAACC,SAAS,CAACL,yBAAyB,CAAE,EACxE,CAAC;EAED,MAAMM,sBAAsB,GAAG,MAAM/D,eAAe,CAClD;IACEgE,GAAG,EAAE,MAAM;IACXC,GAAG,EAAEjC,aAAa;IAClBkC,GAAG,EAAG,GAAE1E,MAAM,CAAC,CAAE,EAAC;IAClB2E,GAAG,EAAE,MAAM9E,cAAc,CAACiC,WAAW,CAAC8C,YAAY;EACpD,CAAC,EACDvC,iBACF,CAAC;EAED3B,MAAM,CAAC6C,GAAG,CAAC9C,QAAQ,CAAC+C,KAAK,EAAG,uBAAsBe,sBAAuB,EAAC,CAAC;EAE3E,MAAMM,aAAa,GAAG,MAAM1C,QAAQ,CAACK,aAAa,EAAE;IAClDO,MAAM,EAAE,MAAM;IACdC,OAAO,EAAE;MACP,cAAc,EAAE,kBAAkB;MAClC8B,IAAI,EAAEP,sBAAsB;MAC5BQ,aAAa,EAAG,GAAEjD,WAAW,CAACkD,UAAW,IAAGlD,WAAW,CAAC8C,YAAa;IACvE,CAAC;IACDxB,IAAI,EAAEiB,IAAI,CAACC,SAAS,CAACL,yBAAyB;EAChD,CAAC,CAAC,CACChB,IAAI,CAAChD,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAC3BgD,IAAI,CAAEC,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBF,IAAI,CAAEG,IAAI,IAAKzC,kBAAkB,CAACsE,SAAS,CAAC7B,IAAI,CAAC,CAAC,CAClD8B,KAAK,CAACC,2BAA2B,CAAC;EAErC,IAAI,CAACN,aAAa,CAACO,OAAO,EAAE;IAC1B1E,MAAM,CAAC6C,GAAG,CACR9C,QAAQ,CAACsD,KAAK,EACb,0CAAyCc,aAAa,CAACQ,KAAK,CAACrB,OAAQ,EACxE,CAAC;IACD,MAAM,IAAIzD,gBAAgB,CAAC;MACzByD,OAAO,EAAE,uCAAuC;MAChDsB,MAAM,EAAET,aAAa,CAACQ,KAAK,CAACrB;IAC9B,CAAC,CAAC;EACJ;EAEAtD,MAAM,CAAC6C,GAAG,CACR9C,QAAQ,CAAC+C,KAAK,EACb,wBAAuBa,IAAI,CAACC,SAAS,CAACO,aAAa,CAACU,IAAI,CAAE,EAC7D,CAAC;;EAED;EACA,MAAMC,sBAAsB,GAC1B3D,UAAU,CAAC4D,mCAAmC,CAACnD,2BAA2B,CAAC;;EAE7E;EACA,OAAO;IACLoD,UAAU,EAAEb,aAAa,CAACU,IAAI,CAACI,WAAW,CAACC,EAAE,CAAC,CAAC,CAAC,CAAEF,UAAU;IAC5DG,MAAM,EAAEL,sBAAsB,CAAEK;EAClC,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA,MAAMV,2BAA2B,GAAIW,CAAU,IAAK;EAClDpF,MAAM,CAAC6C,GAAG,CAAC9C,QAAQ,CAACsD,KAAK,EAAG,8CAA6C+B,CAAE,EAAC,CAAC;EAE7E,IAAI,EAAEA,CAAC,YAAYzF,yBAAyB,CAAC,EAAE;IAC7C,MAAMyF,CAAC;EACT;EAEA,MAAM,IAAI1F,oBAAoB,CAACF,mBAAmB,CAAC,CAChD6F,MAAM,CAAC,GAAG,EAAE;IACX;IACA;IACAC,IAAI,EAAE7F,wBAAwB,CAAC8F,+BAA+B;IAC9DjC,OAAO,EACL;EACJ,CAAC,CAAC,CACD+B,MAAM,CAAC,GAAG,EAAE;IACXC,IAAI,EAAE7F,wBAAwB,CAAC+F,uBAAuB;IACtDlC,OAAO,EAAE;EACX,CAAC,CAAC,CACD+B,MAAM,CAAC,GAAG,EAAE;IACXC,IAAI,EAAE7F,wBAAwB,CAAC+F,uBAAuB;IACtDlC,OAAO,EAAE;EACX,CAAC,CAAC,CACD+B,MAAM,CAAC,GAAG,EAAE;IACXC,IAAI,EAAE7F,wBAAwB,CAACgG,uBAAuB;IACtDnC,OAAO,EAAE;EACX,CAAC,CAAC,CACDoC,SAAS,CAACN,CAAC,CAAC;AACjB,CAAC;AAED,OAAO,MAAMO,sBAA6D,GACxEA,CAAA,KAAM;EACJ,MAAM,IAAI/F,yBAAyB,CAAC,wBAAwB,EAAE,OAAO,CAAC;AACxE,CAAC"}
|
|
@@ -2,7 +2,7 @@ import { evaluateIssuerTrust } from "./01-evaluate-issuer-trust";
|
|
|
2
2
|
import { startUserAuthorization } from "./02-start-user-authorization";
|
|
3
3
|
import { continueUserAuthorizationWithMRTDPoPChallenge, completeUserAuthorizationWithQueryMode, completeUserAuthorizationWithFormPostJwtMode, buildAuthorizationUrl, getRequestedCredentialToBePresented } from "./03-complete-user-authorization";
|
|
4
4
|
import { authorizeAccess } from "./04-authorize-access";
|
|
5
|
-
import { obtainCredential } from "./05-obtain-credential";
|
|
5
|
+
import { obtainCredential, obtainCredentialsBatch } from "./05-obtain-credential";
|
|
6
6
|
import { verifyAndParseCredential } from "./06-verify-and-parse-credential";
|
|
7
7
|
import { MRTDPoP } from "../mrtd-pop";
|
|
8
8
|
export const Issuance = {
|
|
@@ -15,6 +15,7 @@ export const Issuance = {
|
|
|
15
15
|
completeUserAuthorizationWithFormPostJwtMode,
|
|
16
16
|
authorizeAccess,
|
|
17
17
|
obtainCredential,
|
|
18
|
+
obtainCredentialsBatch,
|
|
18
19
|
verifyAndParseCredential,
|
|
19
20
|
MRTDPoP
|
|
20
21
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["evaluateIssuerTrust","startUserAuthorization","continueUserAuthorizationWithMRTDPoPChallenge","completeUserAuthorizationWithQueryMode","completeUserAuthorizationWithFormPostJwtMode","buildAuthorizationUrl","getRequestedCredentialToBePresented","authorizeAccess","obtainCredential","verifyAndParseCredential","MRTDPoP","Issuance"],"sourceRoot":"../../../../../src","sources":["credential/issuance/v1.0.0/index.ts"],"mappings":"AACA,SAASA,mBAAmB,QAAQ,4BAA4B;AAChE,SAASC,sBAAsB,QAAQ,+BAA+B;AACtE,SACEC,6CAA6C,EAC7CC,sCAAsC,EACtCC,4CAA4C,EAC5CC,qBAAqB,EACrBC,mCAAmC,QAC9B,kCAAkC;AACzC,SAASC,eAAe,QAAQ,uBAAuB;AACvD,
|
|
1
|
+
{"version":3,"names":["evaluateIssuerTrust","startUserAuthorization","continueUserAuthorizationWithMRTDPoPChallenge","completeUserAuthorizationWithQueryMode","completeUserAuthorizationWithFormPostJwtMode","buildAuthorizationUrl","getRequestedCredentialToBePresented","authorizeAccess","obtainCredential","obtainCredentialsBatch","verifyAndParseCredential","MRTDPoP","Issuance"],"sourceRoot":"../../../../../src","sources":["credential/issuance/v1.0.0/index.ts"],"mappings":"AACA,SAASA,mBAAmB,QAAQ,4BAA4B;AAChE,SAASC,sBAAsB,QAAQ,+BAA+B;AACtE,SACEC,6CAA6C,EAC7CC,sCAAsC,EACtCC,4CAA4C,EAC5CC,qBAAqB,EACrBC,mCAAmC,QAC9B,kCAAkC;AACzC,SAASC,eAAe,QAAQ,uBAAuB;AACvD,SACEC,gBAAgB,EAChBC,sBAAsB,QACjB,wBAAwB;AAC/B,SAASC,wBAAwB,QAAQ,kCAAkC;AAC3E,SAASC,OAAO,QAAQ,aAAa;AAErC,OAAO,MAAMC,QAAqB,GAAG;EACnCZ,mBAAmB;EACnBC,sBAAsB;EACtBI,qBAAqB;EACrBF,sCAAsC;EACtCD,6CAA6C;EAC7CI,mCAAmC;EACnCF,4CAA4C;EAC5CG,eAAe;EACfC,gBAAgB;EAChBC,sBAAsB;EACtBC,wBAAwB;EACxBC;AACF,CAAC"}
|
|
@@ -8,8 +8,8 @@ import { AuthorizationError, AuthorizationIdpError } from "../common/errors";
|
|
|
8
8
|
import { LogLevel, Logger } from "../../../utils/logging";
|
|
9
9
|
import { RemotePresentation as RemotePresentationFlow } from "../../presentation/v1.3.3";
|
|
10
10
|
import { partialCallbacks } from "../../../utils/callbacks";
|
|
11
|
-
import { IoWalletError, sdkUnexpectedStatusCodeToIssuerError } from "../../../utils/errors";
|
|
12
11
|
import { sdkConfigV1_3 } from "../../../utils/config";
|
|
12
|
+
import { IoWalletError, sdkUnexpectedStatusCodeToIssuerError } from "../../../utils/errors";
|
|
13
13
|
import { mapToRequestObject } from "./mappers";
|
|
14
14
|
export const continueUserAuthorizationWithMRTDPoPChallenge = async authRedirectUrl => {
|
|
15
15
|
Logger.log(LogLevel.DEBUG, `The requested credential is a PersonIdentificationData and requires MRTD PoP, starting MRTD PoP validation from auth redirect`);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["AuthorizationErrorShape","AuthorizationResultShape","parseUrl","fetchAuthorizationRequest","parseAuthorizeRequest","sendAuthorizationResponseAndExtractCode","parseMrtdChallenge","SignJWT","AuthorizationError","AuthorizationIdpError","LogLevel","Logger","RemotePresentation","RemotePresentationFlow","partialCallbacks","
|
|
1
|
+
{"version":3,"names":["AuthorizationErrorShape","AuthorizationResultShape","parseUrl","fetchAuthorizationRequest","parseAuthorizeRequest","sendAuthorizationResponseAndExtractCode","parseMrtdChallenge","SignJWT","AuthorizationError","AuthorizationIdpError","LogLevel","Logger","RemotePresentation","RemotePresentationFlow","partialCallbacks","sdkConfigV1_3","IoWalletError","sdkUnexpectedStatusCodeToIssuerError","mapToRequestObject","continueUserAuthorizationWithMRTDPoPChallenge","authRedirectUrl","log","DEBUG","parsedChallenge","redirectUrl","challenge_info","challengeJwt","err","errorMessage","Error","message","ERROR","buildAuthorizationUrl","issuerRequestUri","clientId","issuerConf","idpHint","authzRequestEndpoint","authorization_endpoint","params","URLSearchParams","client_id","request_uri","append","authUrl","completeUserAuthorizationWithQueryMode","query","parseAuthorizationResponse","getRequestedCredentialToBePresented","appFetch","arguments","length","undefined","fetch","toString","authRequest","authorizeRequestUrl","callbacks","catch","parsedAuthRequest","config","requestObjectJwt","completeUserAuthorizationWithFormPostJwtMode","requestObject","issuerConfig","pid","_ref","wiaCryptoContext","pidKeyTag","dcqlQueryResult","evaluateDcqlQuery","dcql_query","authRequestObject","nonce","responseUri","response_uri","remotePresentation","prepareRemotePresentations","authzResponsePayload","createAuthzResponsePayload","state","issuerSigKey","keys","find","key","use","authorizationResponseJarm","iss","presentationResponseUri","signer","alg","method","publicJwk","authRes","authResParsed","safeParse","success","authErr","error","JSON","stringify","data","error_description","_ref2","kid","getPublicKey","setProtectedHeader","typ","setPayload","vp_token","presentations","reduce","_ref3","credentialId","vpToken","setIssuedAt","setExpirationTime","sign"],"sourceRoot":"../../../../../src","sources":["credential/issuance/v1.3.3/03-complete-user-authorization.ts"],"mappings":"AAAA,SACEA,uBAAuB,EACvBC,wBAAwB,QAEnB,qBAAqB;AAC5B,OAAOC,QAAQ,MAAM,WAAW;AAEhC,SACEC,yBAAyB,EACzBC,qBAAqB,QAChB,0BAA0B;AACjC,SAASC,uCAAuC,QAAQ,2BAA2B;AACnF,SAASC,kBAAkB,QAAQ,0BAA0B;AAC7D,SAASC,OAAO,QAA4B,6BAA6B;AACzE,SAASC,kBAAkB,EAAEC,qBAAqB,QAAQ,kBAAkB;AAC5E,SAASC,QAAQ,EAAEC,MAAM,QAAQ,wBAAwB;AACzD,SAASC,kBAAkB,IAAIC,sBAAsB,QAAQ,2BAA2B;AACxF,SAASC,gBAAgB,QAAQ,0BAA0B;AAC3D,SAASC,aAAa,QAAQ,uBAAuB;AACrD,SACEC,aAAa,EACbC,oCAAoC,QAC/B,uBAAuB;AAE9B,SAASC,kBAAkB,QAAQ,WAAW;AAG9C,OAAO,MAAMC,6CAA2G,GACtH,MAAOC,eAAe,IAAK;EACzBT,MAAM,CAACU,GAAG,CACRX,QAAQ,CAACY,KAAK,EACb,+HACH,CAAC;EACD,IAAI;IACF,MAAMC,eAAe,GAAGjB,kBAAkB,CAAC;MACzCkB,WAAW,EAAEJ;IACf,CAAC,CAAC;IACF,OAAO;MAAEK,cAAc,EAAEF,eAAe,CAACG;IAAa,CAAC;EACzD,CAAC,CAAC,OAAOC,GAAG,EAAE;IACZ,MAAMC,YAAY,GAChBD,GAAG,YAAYE,KAAK,GAAGF,GAAG,CAACG,OAAO,GAAG,+BAA+B;IACtEnB,MAAM,CAACU,GAAG,CACRX,QAAQ,CAACqB,KAAK,EACb,mDAAkDH,YAAa,EAClE,CAAC;IACD,MAAM,IAAIpB,kBAAkB,CAACoB,YAAY,CAAC;EAC5C;AACF,CAAC;AAEH,OAAO,MAAMI,qBAA2D,GACtE,MAAAA,CAAOC,gBAAgB,EAAEC,QAAQ,EAAEC,UAAU,EAAEC,OAAO,KAAK;EACzD,MAAMC,oBAAoB,GAAGF,UAAU,CAACG,sBAAsB;EAE9D,MAAMC,MAAM,GAAG,IAAIC,eAAe,CAAC;IACjCC,SAAS,EAAEP,QAAQ;IACnBQ,WAAW,EAAET;EACf,CAAC,CAAC;EAEF,IAAIG,OAAO,EAAE;IACXG,MAAM,CAACI,MAAM,CAAC,SAAS,EAAEP,OAAO,CAAC;EACnC;EAEA,MAAMQ,OAAO,GAAI,GAAEP,oBAAqB,IAAGE,MAAO,EAAC;EAEnD,OAAO;IAAEK;EAAQ,CAAC;AACpB,CAAC;AAEH,OAAO,MAAMC,sCAA6F,GACxG,MAAOzB,eAAe,IAAK;EACzBT,MAAM,CAACU,GAAG,CACRX,QAAQ,CAACY,KAAK,EACb,2GACH,CAAC;EACD,MAAMwB,KAAK,GAAG5C,QAAQ,CAACkB,eAAe,CAAC,CAAC0B,KAAK;EAE7C,OAAOC,0BAA0B,CAACD,KAAK,CAAC;AAC1C,CAAC;AAEH,OAAO,MAAME,mCAAuF,GAClG,eAAAA,CAAOf,gBAAgB,EAAEC,QAAQ,EAAEC,UAAU,EAAuB;EAAA,IAArBc,QAAQ,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAGG,KAAK;EAC7D1C,MAAM,CAACU,GAAG,CACRX,QAAQ,CAACY,KAAK,EACb,sGACH,CAAC;EAED,MAAMe,oBAAoB,GAAGF,UAAU,CAACG,sBAAsB;EAC9D,MAAMC,MAAM,GAAG,IAAIC,eAAe,CAAC;IACjCC,SAAS,EAAEP,QAAQ;IACnBQ,WAAW,EAAET;EACf,CAAC,CAAC;EAEFtB,MAAM,CAACU,GAAG,CACRX,QAAQ,CAACY,KAAK,EACb,oCAAmCe,oBAAqB,IAAGE,MAAM,CAACe,QAAQ,CAAC,CAAE,EAChF,CAAC;EAED,MAAMC,WAAW,GAAG,MAAMpD,yBAAyB,CAAC;IAClDqD,mBAAmB,EAAG,GAAEnB,oBAAqB,IAAGE,MAAM,CAACe,QAAQ,CAAC,CAAE,EAAC;IACnEG,SAAS,EAAE;MACTJ,KAAK,EAAEJ;IACT;EACF,CAAC,CAAC,CAACS,KAAK,CAACzC,oCAAoC,CAAC;EAE9C,MAAM0C,iBAAiB,GAAG,MAAMvD,qBAAqB,CAAC;IACpDwD,MAAM,EAAE7C,aAAa;IACrB8C,gBAAgB,EAAEN,WAAW,CAACM,gBAAgB;IAC9CJ,SAAS,EAAE3C;EACb,CAAC,CAAC;EAEF,OAAOI,kBAAkB,CAACyC,iBAAiB,CAAC;AAC9C,CAAC;AAEH,OAAO,MAAMG,4CAAyG,GACpH,MAAAA,CACEC,aAAa,EACbC,YAAY,EACZC,GAAG,EAAAC,IAAA,KAEA;EAAA,IADH;IAAEC,gBAAgB;IAAEC,SAAS;IAAEnB,QAAQ,GAAGI;EAAM,CAAC,GAAAa,IAAA;EAEjDvD,MAAM,CAACU,GAAG,CACRX,QAAQ,CAACY,KAAK,EACb,sHACH,CAAC;EAED,MAAM+C,eAAe,GAAG,MAAMxD,sBAAsB,CAACyD,iBAAiB,CACpEP,aAAa,CAACQ,UAAU,EACxB,CAAC,CAACH,SAAS,EAAEH,GAAG,CAAC,CACnB,CAAC;EAED,MAAMO,iBAAiB,GAAG;IACxBC,KAAK,EAAEV,aAAa,CAACU,KAAK;IAC1BvC,QAAQ,EAAE6B,aAAa,CAACtB,SAAS;IACjCiC,WAAW,EAAEX,aAAa,CAACY;EAC7B,CAAC;EAED,MAAMC,kBAAkB,GACtB,MAAM/D,sBAAsB,CAACgE,0BAA0B,CACrDR,eAAe,EACfG,iBACF,CAAC;EAEH,MAAMM,oBAAoB,GAAG,MAAMC,0BAA0B,CAAC;IAC5DC,KAAK,EAAEjB,aAAa,CAACiB,KAAK;IAC1BJ,kBAAkB;IAClBT;EACF,CAAC,CAAC;EAEFxD,MAAM,CAACU,GAAG,CACRX,QAAQ,CAACY,KAAK,EACb,2BAA0BwD,oBAAqB,EAClD,CAAC;EAED,MAAMG,YAAY,GAAGjB,YAAY,CAACkB,IAAI,CAACC,IAAI,CAAEC,GAAG,IAAKA,GAAG,CAACC,GAAG,KAAK,KAAK,CAAC;EACvE,IAAI,CAACJ,YAAY,EAAE;IACjB,MAAMrD,YAAY,GAAG,gDAAgD;IACrEjB,MAAM,CAACU,GAAG,CAACX,QAAQ,CAACqB,KAAK,EAAEH,YAAY,CAAC;IACxC,MAAM,IAAIZ,aAAa,CAACY,YAAY,CAAC;EACvC;EAEA,OAAOvB,uCAAuC,CAAC;IAC7CiF,yBAAyB,EAAER,oBAAoB;IAC/CrB,SAAS,EAAE;MACT,GAAG3C,gBAAgB;MACnBuC,KAAK,EAAEJ;IACT,CAAC;IACDsC,GAAG,EAAExB,aAAa,CAACwB,GAAG;IACtBP,KAAK,EAAEjB,aAAa,CAACiB,KAAM;IAC3BQ,uBAAuB,EAAEzB,aAAa,CAACY,YAAY;IACnDc,MAAM,EAAE;MACNC,GAAG,EAAE,OAAO;MACZC,MAAM,EAAE,KAAK;MACbC,SAAS,EAAEX;IACb;EACF,CAAC,CAAC;AACJ,CAAC;;AAEH;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMlC,0BAA0B,GACrC8C,OAAgB,IACQ;EACxB,MAAMC,aAAa,GAAG7F,wBAAwB,CAAC8F,SAAS,CAACF,OAAO,CAAC;EACjE,IAAI,CAACC,aAAa,CAACE,OAAO,EAAE;IAC1B,MAAMC,OAAO,GAAGjG,uBAAuB,CAAC+F,SAAS,CAACF,OAAO,CAAC;IAC1D,IAAI,CAACI,OAAO,CAACD,OAAO,EAAE;MACpBrF,MAAM,CAACU,GAAG,CACRX,QAAQ,CAACqB,KAAK,EACb,mDAAkD+D,aAAa,CAACI,KAAK,CAACpE,OAAQ,EACjF,CAAC;MACD,MAAM,IAAItB,kBAAkB,CAACsF,aAAa,CAACI,KAAK,CAACpE,OAAO,CAAC,CAAC,CAAC;IAC7D;;IACAnB,MAAM,CAACU,GAAG,CACRX,QAAQ,CAACqB,KAAK,EACb,2CAA0CoE,IAAI,CAACC,SAAS,CAACH,OAAO,CAAE,EACrE,CAAC;IACD,MAAM,IAAIxF,qBAAqB,CAC7BwF,OAAO,CAACI,IAAI,CAACH,KAAK,EAClBD,OAAO,CAACI,IAAI,CAACC,iBACf,CAAC;EACH;EACA,OAAOR,aAAa,CAACO,IAAI;AAC3B,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMtB,0BAA0B,GAAG,MAAAwB,KAAA,IAQZ;EAAA,IARmB;IACxCvB,KAAK;IACLJ,kBAAkB;IAClBT;EAKF,CAAC,GAAAoC,KAAA;EACC,MAAM;IAAEC;EAAI,CAAC,GAAG,MAAMrC,gBAAgB,CAACsC,YAAY,CAAC,CAAC;EAErD,OAAO,IAAIlG,OAAO,CAAC4D,gBAAgB,CAAC,CACjCuC,kBAAkB,CAAC;IAClBC,GAAG,EAAE,KAAK;IACVH;EACF,CAAC,CAAC,CACDI,UAAU,CAAC;IACV;AACN;AACA;AACA;AACA;IACM,IAAI5B,KAAK,GAAG;MAAEA;IAAM,CAAC,GAAG,CAAC,CAAC,CAAC;IAC3B6B,QAAQ,EAAEjC,kBAAkB,CAACkC,aAAa,CAACC,MAAM,CAC/C,CAACF,QAAQ,EAAAG,KAAA;MAAA,IAAE;QAAEC,YAAY;QAAEC;MAAQ,CAAC,GAAAF,KAAA;MAAA,OAAM;QACxC,GAAGH,QAAQ;QACX,CAACI,YAAY,GAAG,CAACC,OAAO;MAC1B,CAAC;IAAA,CAAC,EACF,CAAC,CACH;EACF,CAAC,CAAC,CACDC,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,IAAI,CAAC,CAAC;AACX,CAAC"}
|
|
@@ -8,33 +8,24 @@ import { LogLevel, Logger } from "../../../utils/logging";
|
|
|
8
8
|
import { sdkConfigV1_3 } from "../../../utils/config";
|
|
9
9
|
import { partialCallbacks } from "../../../utils/callbacks";
|
|
10
10
|
import { NonceResponse } from "./types";
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
11
|
+
/**
|
|
12
|
+
* Helper to create a credential request and fetch it from the issuer.
|
|
13
|
+
*
|
|
14
|
+
* When multiple keys are provided as {@link CryptoContext}, a batch is requested.
|
|
15
|
+
*
|
|
16
|
+
* @returns The raw credential response
|
|
17
|
+
*/
|
|
18
|
+
export const requestCredentials = async _ref => {
|
|
19
|
+
let {
|
|
20
|
+
issuerConf,
|
|
21
|
+
accessToken,
|
|
22
|
+
credentialIdentifier,
|
|
23
|
+
clientId,
|
|
24
|
+
keyAttestationJwt,
|
|
25
|
+
credentialCryptoContexts,
|
|
23
26
|
dPopCryptoContext,
|
|
24
|
-
walletUnitAttestation,
|
|
25
27
|
appFetch = fetch
|
|
26
|
-
} =
|
|
27
|
-
if (!walletUnitAttestation) {
|
|
28
|
-
throw new ValidationFailed({
|
|
29
|
-
message: "The Wallet Unit Attestation is required to obtain the credential"
|
|
30
|
-
});
|
|
31
|
-
}
|
|
32
|
-
const {
|
|
33
|
-
credential_configuration_id,
|
|
34
|
-
credential_identifier
|
|
35
|
-
} = credentialDefinition;
|
|
36
|
-
|
|
37
|
-
// Fetch the nonce from the Credential Issuer
|
|
28
|
+
} = _ref;
|
|
38
29
|
const {
|
|
39
30
|
c_nonce
|
|
40
31
|
} = await appFetch(issuerConf.nonce_endpoint, {
|
|
@@ -42,36 +33,61 @@ export const obtainCredential = async (issuerConf, accessToken, clientId, creden
|
|
|
42
33
|
headers: {
|
|
43
34
|
"Content-Type": "application/json"
|
|
44
35
|
}
|
|
45
|
-
}).then(hasStatusOrThrow(200)).then(res => res.json()).then(
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
36
|
+
}).then(hasStatusOrThrow(200)).then(res => res.json()).then(NonceResponse.parse);
|
|
37
|
+
const keys = await Promise.all(credentialCryptoContexts.map(async ctx => {
|
|
38
|
+
const publicJwk = await ctx.getPublicKey();
|
|
39
|
+
return {
|
|
40
|
+
publicJwk,
|
|
41
|
+
cryptoContext: ctx
|
|
42
|
+
};
|
|
43
|
+
}));
|
|
44
|
+
const signJwt = async (jwtSigner, _ref2) => {
|
|
45
|
+
let {
|
|
46
|
+
header,
|
|
47
|
+
payload
|
|
48
|
+
} = _ref2;
|
|
49
|
+
if (jwtSigner.method !== "jwk") {
|
|
50
|
+
throw new IoWalletError(`Unsupported signer method: ${jwtSigner.method}`);
|
|
51
|
+
}
|
|
52
|
+
const {
|
|
53
|
+
cryptoContext
|
|
54
|
+
} = keys.find(_ref3 => {
|
|
55
|
+
let {
|
|
56
|
+
publicJwk
|
|
57
|
+
} = _ref3;
|
|
58
|
+
return publicJwk.kid === jwtSigner.publicJwk.kid;
|
|
59
|
+
}) ?? {};
|
|
60
|
+
if (!cryptoContext) {
|
|
61
|
+
throw new IoWalletError(`Could not find CryptoContext for key ${jwtSigner.publicJwk.kid}`);
|
|
62
|
+
}
|
|
63
|
+
return {
|
|
64
|
+
jwt: await new SignJWT(cryptoContext).setProtectedHeader(header).setPayload(payload).sign(),
|
|
65
|
+
signerJwk: jwtSigner.publicJwk
|
|
66
|
+
};
|
|
67
|
+
};
|
|
68
|
+
const signers = keys.map(_ref4 => {
|
|
69
|
+
let {
|
|
70
|
+
publicJwk
|
|
71
|
+
} = _ref4;
|
|
72
|
+
return {
|
|
73
|
+
alg: "ES256",
|
|
74
|
+
method: "jwk",
|
|
75
|
+
publicJwk
|
|
76
|
+
};
|
|
77
|
+
});
|
|
56
78
|
const credentialRequest = await createCredentialRequest({
|
|
57
79
|
config: sdkConfigV1_3,
|
|
58
80
|
callbacks: {
|
|
59
81
|
hash: partialCallbacks.hash,
|
|
60
|
-
signJwt
|
|
61
|
-
jwt: await new SignJWT(credentialCryptoContext).setPayload(payload).sign(),
|
|
62
|
-
signerJwk
|
|
63
|
-
})
|
|
82
|
+
signJwt
|
|
64
83
|
},
|
|
65
84
|
clientId,
|
|
66
|
-
credential_identifier:
|
|
85
|
+
credential_identifier: credentialIdentifier,
|
|
67
86
|
issuerIdentifier: issuerConf.credential_issuer,
|
|
87
|
+
maxBatchSize: issuerConf.credential_issuance_batch_size,
|
|
68
88
|
nonce: c_nonce,
|
|
69
|
-
keyAttestation:
|
|
70
|
-
signers
|
|
71
|
-
alg: "ES256",
|
|
72
|
-
method: "jwk",
|
|
73
|
-
publicJwk: signerJwk
|
|
74
|
-
}]
|
|
89
|
+
keyAttestation: keyAttestationJwt,
|
|
90
|
+
signers
|
|
75
91
|
});
|
|
76
92
|
const dPopSignerJwk = await dPopCryptoContext.getPublicKey();
|
|
77
93
|
const credentialDPoP = await createTokenDPoP({
|
|
@@ -79,7 +95,7 @@ export const obtainCredential = async (issuerConf, accessToken, clientId, creden
|
|
|
79
95
|
...partialCallbacks,
|
|
80
96
|
signJwt: async (_, payload) => ({
|
|
81
97
|
jwt: await new SignJWT(dPopCryptoContext).setPayload(payload).sign(),
|
|
82
|
-
signerJwk
|
|
98
|
+
signerJwk: dPopSignerJwk
|
|
83
99
|
})
|
|
84
100
|
},
|
|
85
101
|
signer: {
|
|
@@ -93,7 +109,7 @@ export const obtainCredential = async (issuerConf, accessToken, clientId, creden
|
|
|
93
109
|
},
|
|
94
110
|
accessToken: accessToken.access_token
|
|
95
111
|
});
|
|
96
|
-
|
|
112
|
+
return await fetchCredentialResponse({
|
|
97
113
|
callbacks: {
|
|
98
114
|
fetch: appFetch
|
|
99
115
|
},
|
|
@@ -102,6 +118,42 @@ export const obtainCredential = async (issuerConf, accessToken, clientId, creden
|
|
|
102
118
|
accessToken: accessToken.access_token,
|
|
103
119
|
dPoP: credentialDPoP.jwt
|
|
104
120
|
}).catch(handleObtainCredentialError);
|
|
121
|
+
};
|
|
122
|
+
export const obtainCredential = async (issuerConf, accessToken, clientId, credentialDefinition, context) => {
|
|
123
|
+
const {
|
|
124
|
+
credentialCryptoContext,
|
|
125
|
+
dPopCryptoContext,
|
|
126
|
+
walletUnitAttestation,
|
|
127
|
+
appFetch = fetch
|
|
128
|
+
} = context;
|
|
129
|
+
if (!walletUnitAttestation) {
|
|
130
|
+
throw new ValidationFailed({
|
|
131
|
+
message: "The Wallet Unit Attestation is required to obtain the credential"
|
|
132
|
+
});
|
|
133
|
+
}
|
|
134
|
+
const {
|
|
135
|
+
credential_configuration_id,
|
|
136
|
+
credential_identifier
|
|
137
|
+
} = credentialDefinition;
|
|
138
|
+
|
|
139
|
+
// Validation of accessTokenResponse.authorization_details if contain credentialDefinition
|
|
140
|
+
const containsCredentialDefinition = accessToken.authorization_details.some(c => c.credential_configuration_id === credential_configuration_id && (credential_identifier ? c.credential_identifiers.includes(credential_identifier) : true));
|
|
141
|
+
if (!containsCredentialDefinition) {
|
|
142
|
+
Logger.log(LogLevel.ERROR, `Credential definition not found in the access token response ${accessToken.authorization_details}`);
|
|
143
|
+
throw new ValidationFailed({
|
|
144
|
+
message: "The access token response does not contain the requested credential"
|
|
145
|
+
});
|
|
146
|
+
}
|
|
147
|
+
const credentialRes = await requestCredentials({
|
|
148
|
+
issuerConf,
|
|
149
|
+
accessToken,
|
|
150
|
+
clientId,
|
|
151
|
+
credentialCryptoContexts: [credentialCryptoContext],
|
|
152
|
+
credentialIdentifier: credential_identifier,
|
|
153
|
+
dPopCryptoContext,
|
|
154
|
+
keyAttestationJwt: walletUnitAttestation,
|
|
155
|
+
appFetch
|
|
156
|
+
});
|
|
105
157
|
Logger.log(LogLevel.DEBUG, `Credential Response: ${JSON.stringify(credentialRes)}`);
|
|
106
158
|
|
|
107
159
|
// Extract the format corresponding to the credential_configuration_id used
|
|
@@ -116,6 +168,48 @@ export const obtainCredential = async (issuerConf, accessToken, clientId, creden
|
|
|
116
168
|
format: issuerCredentialConfig.format
|
|
117
169
|
};
|
|
118
170
|
};
|
|
171
|
+
export const obtainCredentialsBatch = async (issuerConf, accessToken, clientId, credentialDefinition, context) => {
|
|
172
|
+
const {
|
|
173
|
+
credentialCryptoContexts,
|
|
174
|
+
dPopCryptoContext,
|
|
175
|
+
walletUnitAttestation,
|
|
176
|
+
appFetch = fetch
|
|
177
|
+
} = context;
|
|
178
|
+
if (!walletUnitAttestation) {
|
|
179
|
+
throw new ValidationFailed({
|
|
180
|
+
message: "The Wallet Unit Attestation is required to obtain the credential"
|
|
181
|
+
});
|
|
182
|
+
}
|
|
183
|
+
const {
|
|
184
|
+
credential_configuration_id,
|
|
185
|
+
credential_identifier
|
|
186
|
+
} = credentialDefinition;
|
|
187
|
+
const credentialRes = await requestCredentials({
|
|
188
|
+
issuerConf,
|
|
189
|
+
accessToken,
|
|
190
|
+
clientId,
|
|
191
|
+
credentialCryptoContexts,
|
|
192
|
+
credentialIdentifier: credential_identifier,
|
|
193
|
+
dPopCryptoContext,
|
|
194
|
+
keyAttestationJwt: walletUnitAttestation,
|
|
195
|
+
appFetch
|
|
196
|
+
});
|
|
197
|
+
|
|
198
|
+
// Extract the format corresponding to the credential_configuration_id used
|
|
199
|
+
const issuerCredentialConfig = issuerConf.credential_configurations_supported[credential_configuration_id];
|
|
200
|
+
if ("transaction_id" in credentialRes) {
|
|
201
|
+
throw new IoWalletError("Deferred issuance is not currently supported");
|
|
202
|
+
}
|
|
203
|
+
return credentialRes.credentials.map(_ref5 => {
|
|
204
|
+
let {
|
|
205
|
+
credential
|
|
206
|
+
} = _ref5;
|
|
207
|
+
return {
|
|
208
|
+
credential,
|
|
209
|
+
format: issuerCredentialConfig.format
|
|
210
|
+
};
|
|
211
|
+
});
|
|
212
|
+
};
|
|
119
213
|
|
|
120
214
|
/**
|
|
121
215
|
* Handle the credential error by mapping it to a custom exception.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["SignJWT","createTokenDPoP","fetchCredentialResponse","createCredentialRequest","UnexpectedStatusCodeError","SdkUnexpectedStatusCodeError","hasStatusOrThrow","IoWalletError","IssuerResponseError","IssuerResponseErrorCodes","ResponseErrorBuilder","ValidationFailed","LogLevel","Logger","sdkConfigV1_3","partialCallbacks","NonceResponse","
|
|
1
|
+
{"version":3,"names":["SignJWT","createTokenDPoP","fetchCredentialResponse","createCredentialRequest","UnexpectedStatusCodeError","SdkUnexpectedStatusCodeError","hasStatusOrThrow","IoWalletError","IssuerResponseError","IssuerResponseErrorCodes","ResponseErrorBuilder","ValidationFailed","LogLevel","Logger","sdkConfigV1_3","partialCallbacks","NonceResponse","requestCredentials","_ref","issuerConf","accessToken","credentialIdentifier","clientId","keyAttestationJwt","credentialCryptoContexts","dPopCryptoContext","appFetch","fetch","c_nonce","nonce_endpoint","method","headers","then","res","json","parse","keys","Promise","all","map","ctx","publicJwk","getPublicKey","cryptoContext","signJwt","jwtSigner","_ref2","header","payload","find","_ref3","kid","jwt","setProtectedHeader","setPayload","sign","signerJwk","signers","_ref4","alg","credentialRequest","config","callbacks","hash","credential_identifier","issuerIdentifier","credential_issuer","maxBatchSize","credential_issuance_batch_size","nonce","keyAttestation","dPopSignerJwk","credentialDPoP","_","signer","tokenRequest","url","credential_endpoint","access_token","credentialEndpoint","dPoP","catch","handleObtainCredentialError","obtainCredential","credentialDefinition","context","credentialCryptoContext","walletUnitAttestation","message","credential_configuration_id","containsCredentialDefinition","authorization_details","some","c","credential_identifiers","includes","log","ERROR","credentialRes","DEBUG","JSON","stringify","issuerCredentialConfig","credential_configurations_supported","credential","credentials","at","format","obtainCredentialsBatch","_ref5","e","handle","code","CredentialInvalidStatus","CredentialRequestFailed","buildFrom"],"sourceRoot":"../../../../../src","sources":["credential/issuance/v1.3.3/05-obtain-credential.ts"],"mappings":"AAAA,SAA6BA,OAAO,QAAQ,6BAA6B;AACzE,SACEC,eAAe,QAGV,0BAA0B;AACjC,SACEC,uBAAuB,EACvBC,uBAAuB,QAClB,2BAA2B;AAClC,SAASC,yBAAyB,IAAIC,4BAA4B,QAAQ,yBAAyB;AACnG,SAASC,gBAAgB,QAAkB,qBAAqB;AAChE,SACEC,aAAa,EACbC,mBAAmB,EACnBC,wBAAwB,EACxBC,oBAAoB,EACpBC,gBAAgB,QACX,uBAAuB;AAC9B,SAASC,QAAQ,EAAEC,MAAM,QAAQ,wBAAwB;AACzD,SAASC,aAAa,QAAQ,uBAAuB;AACrD,SAASC,gBAAgB,QAAQ,0BAA0B;AAE3D,SAASC,aAAa,QAAQ,SAAS;AAcvC;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMC,kBAAkB,GAAG,MAAAC,IAAA,IASP;EAAA,IATc;IACvCC,UAAU;IACVC,WAAW;IACXC,oBAAoB;IACpBC,QAAQ;IACRC,iBAAiB;IACjBC,wBAAwB;IACxBC,iBAAiB;IACjBC,QAAQ,GAAGC;EACQ,CAAC,GAAAT,IAAA;EACpB,MAAM;IAAEU;EAAQ,CAAC,GAAG,MAAMF,QAAQ,CAACP,UAAU,CAACU,cAAc,EAAE;IAC5DC,MAAM,EAAE,MAAM;IACdC,OAAO,EAAE;MAAE,cAAc,EAAE;IAAmB;EAChD,CAAC,CAAC,CACCC,IAAI,CAAC1B,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAC3B0B,IAAI,CAAEC,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBF,IAAI,CAAChB,aAAa,CAACmB,KAAK,CAAC;EAE5B,MAAMC,IAAI,GAAG,MAAMC,OAAO,CAACC,GAAG,CAC5Bd,wBAAwB,CAACe,GAAG,CAAC,MAAOC,GAAG,IAAK;IAC1C,MAAMC,SAAS,GAAG,MAAMD,GAAG,CAACE,YAAY,CAAC,CAAC;IAC1C,OAAO;MAAED,SAAS;MAAEE,aAAa,EAAEH;IAAI,CAAC;EAC1C,CAAC,CACH,CAAC;EAED,MAAMI,OAAmC,GAAG,MAAAA,CAC1CC,SAAS,EAAAC,KAAA,KAEN;IAAA,IADH;MAAEC,MAAM;MAAEC;IAAQ,CAAC,GAAAF,KAAA;IAEnB,IAAID,SAAS,CAACf,MAAM,KAAK,KAAK,EAAE;MAC9B,MAAM,IAAIvB,aAAa,CAAE,8BAA6BsC,SAAS,CAACf,MAAO,EAAC,CAAC;IAC3E;IAEA,MAAM;MAAEa;IAAc,CAAC,GACrBP,IAAI,CAACa,IAAI,CAACC,KAAA;MAAA,IAAC;QAAET;MAAU,CAAC,GAAAS,KAAA;MAAA,OAAKT,SAAS,CAACU,GAAG,KAAKN,SAAS,CAACJ,SAAS,CAACU,GAAG;IAAA,EAAC,IACvE,CAAC,CAAC;IAEJ,IAAI,CAACR,aAAa,EAAE;MAClB,MAAM,IAAIpC,aAAa,CACpB,wCAAuCsC,SAAS,CAACJ,SAAS,CAACU,GAAI,EAClE,CAAC;IACH;IAEA,OAAO;MACLC,GAAG,EAAE,MAAM,IAAIpD,OAAO,CAAC2C,aAAa,CAAC,CAClCU,kBAAkB,CAACN,MAAM,CAAC,CAC1BO,UAAU,CAACN,OAAO,CAAC,CACnBO,IAAI,CAAC,CAAC;MACTC,SAAS,EAAEX,SAAS,CAACJ;IACvB,CAAC;EACH,CAAC;EAED,MAAMgB,OAAO,GAAGrB,IAAI,CAACG,GAAG,CAAemB,KAAA;IAAA,IAAC;MAAEjB;IAAU,CAAC,GAAAiB,KAAA;IAAA,OAAM;MACzDC,GAAG,EAAE,OAAO;MACZ7B,MAAM,EAAE,KAAK;MACbW;IACF,CAAC;EAAA,CAAC,CAAC;EAEH,MAAMmB,iBAAiB,GAAG,MAAMzD,uBAAuB,CAAC;IACtD0D,MAAM,EAAE/C,aAAa;IACrBgD,SAAS,EAAE;MACTC,IAAI,EAAEhD,gBAAgB,CAACgD,IAAI;MAC3BnB;IACF,CAAC;IACDtB,QAAQ;IACR0C,qBAAqB,EAAE3C,oBAAoB;IAC3C4C,gBAAgB,EAAE9C,UAAU,CAAC+C,iBAAiB;IAC9CC,YAAY,EAAEhD,UAAU,CAACiD,8BAA8B;IACvDC,KAAK,EAAEzC,OAAO;IACd0C,cAAc,EAAE/C,iBAAiB;IACjCkC;EACF,CAAC,CAAC;EAEF,MAAMc,aAAa,GAAG,MAAM9C,iBAAiB,CAACiB,YAAY,CAAC,CAAC;EAE5D,MAAM8B,cAAc,GAAG,MAAMvE,eAAe,CAAC;IAC3C6D,SAAS,EAAE;MACT,GAAG/C,gBAAgB;MACnB6B,OAAO,EAAE,MAAAA,CAAO6B,CAAC,EAAEzB,OAAO,MAAM;QAC9BI,GAAG,EAAE,MAAM,IAAIpD,OAAO,CAACyB,iBAAiB,CAAC,CAAC6B,UAAU,CAACN,OAAO,CAAC,CAACO,IAAI,CAAC,CAAC;QACpEC,SAAS,EAAEe;MACb,CAAC;IACH,CAAC;IACDG,MAAM,EAAE;MACN5C,MAAM,EAAE,KAAK;MACb6B,GAAG,EAAE,OAAO;MACZlB,SAAS,EAAE8B;IACb,CAAC;IACDI,YAAY,EAAE;MACZ7C,MAAM,EAAE,MAAM;MACd8C,GAAG,EAAEzD,UAAU,CAAC0D;IAClB,CAAC;IACDzD,WAAW,EAAEA,WAAW,CAAC0D;EAC3B,CAAC,CAAC;EAEF,OAAO,MAAM5E,uBAAuB,CAAC;IACnC4D,SAAS,EAAE;MACTnC,KAAK,EAAED;IACT,CAAC;IACDqD,kBAAkB,EAAE5D,UAAU,CAAC0D,mBAAmB;IAClDjB,iBAAiB,EAAEA,iBAAiB;IACpCxC,WAAW,EAAEA,WAAW,CAAC0D,YAAY;IACrCE,IAAI,EAAER,cAAc,CAACpB;EACvB,CAAC,CAAC,CAAC6B,KAAK,CAACC,2BAA2B,CAAC;AACvC,CAAC;AAED,OAAO,MAAMC,gBAAiD,GAAG,MAAAA,CAC/DhE,UAAU,EACVC,WAAW,EACXE,QAAQ,EACR8D,oBAAoB,EACpBC,OAAO,KACJ;EACH,MAAM;IACJC,uBAAuB;IACvB7D,iBAAiB;IACjB8D,qBAAqB;IACrB7D,QAAQ,GAAGC;EACb,CAAC,GAAG0D,OAAO;EACX,IAAI,CAACE,qBAAqB,EAAE;IAC1B,MAAM,IAAI5E,gBAAgB,CAAC;MACzB6E,OAAO,EACL;IACJ,CAAC,CAAC;EACJ;EAEA,MAAM;IAAEC,2BAA2B;IAAEzB;EAAsB,CAAC,GAC1DoB,oBAAoB;;EAEtB;EACA,MAAMM,4BAA4B,GAAGtE,WAAW,CAACuE,qBAAqB,CAACC,IAAI,CACxEC,CAAC,IACAA,CAAC,CAACJ,2BAA2B,KAAKA,2BAA2B,KAC5DzB,qBAAqB,GAClB6B,CAAC,CAACC,sBAAsB,CAACC,QAAQ,CAAC/B,qBAAqB,CAAC,GACxD,IAAI,CACZ,CAAC;EAED,IAAI,CAAC0B,4BAA4B,EAAE;IACjC7E,MAAM,CAACmF,GAAG,CACRpF,QAAQ,CAACqF,KAAK,EACb,gEAA+D7E,WAAW,CAACuE,qBAAsB,EACpG,CAAC;IACD,MAAM,IAAIhF,gBAAgB,CAAC;MACzB6E,OAAO,EACL;IACJ,CAAC,CAAC;EACJ;EAEA,MAAMU,aAAa,GAAG,MAAMjF,kBAAkB,CAAC;IAC7CE,UAAU;IACVC,WAAW;IACXE,QAAQ;IACRE,wBAAwB,EAAE,CAAC8D,uBAAuB,CAAC;IACnDjE,oBAAoB,EAAE2C,qBAAsB;IAC5CvC,iBAAiB;IACjBF,iBAAiB,EAAEgE,qBAAqB;IACxC7D;EACF,CAAC,CAAC;EAEFb,MAAM,CAACmF,GAAG,CACRpF,QAAQ,CAACuF,KAAK,EACb,wBAAuBC,IAAI,CAACC,SAAS,CAACH,aAAa,CAAE,EACxD,CAAC;;EAED;EACA,MAAMI,sBAAsB,GAC1BnF,UAAU,CAACoF,mCAAmC,CAACd,2BAA2B,CAAC;EAE7E,IAAI,gBAAgB,IAAIS,aAAa,EAAE;IACrC,MAAM,IAAI3F,aAAa,CAAC,oCAAoC,CAAC;EAC/D;;EAEA;EACA,OAAO;IACLiG,UAAU,EAAEN,aAAa,CAACO,WAAW,CAACC,EAAE,CAAC,CAAC,CAAC,CAAEF,UAAU;IACvDG,MAAM,EAAEL,sBAAsB,CAAEK;EAClC,CAAC;AACH,CAAC;AAED,OAAO,MAAMC,sBAA6D,GACxE,MAAAA,CAAOzF,UAAU,EAAEC,WAAW,EAAEE,QAAQ,EAAE8D,oBAAoB,EAAEC,OAAO,KAAK;EAC1E,MAAM;IACJ7D,wBAAwB;IACxBC,iBAAiB;IACjB8D,qBAAqB;IACrB7D,QAAQ,GAAGC;EACb,CAAC,GAAG0D,OAAO;EACX,IAAI,CAACE,qBAAqB,EAAE;IAC1B,MAAM,IAAI5E,gBAAgB,CAAC;MACzB6E,OAAO,EACL;IACJ,CAAC,CAAC;EACJ;EAEA,MAAM;IAAEC,2BAA2B;IAAEzB;EAAsB,CAAC,GAC1DoB,oBAAoB;EAEtB,MAAMc,aAAa,GAAG,MAAMjF,kBAAkB,CAAC;IAC7CE,UAAU;IACVC,WAAW;IACXE,QAAQ;IACRE,wBAAwB;IACxBH,oBAAoB,EAAE2C,qBAAqB;IAC3CvC,iBAAiB;IACjBF,iBAAiB,EAAEgE,qBAAqB;IACxC7D;EACF,CAAC,CAAC;;EAEF;EACA,MAAM4E,sBAAsB,GAC1BnF,UAAU,CAACoF,mCAAmC,CAC5Cd,2BAA2B,CAC5B;EAEH,IAAI,gBAAgB,IAAIS,aAAa,EAAE;IACrC,MAAM,IAAI3F,aAAa,CAAC,8CAA8C,CAAC;EACzE;EAEA,OAAO2F,aAAa,CAACO,WAAW,CAAClE,GAAG,CAACsE,KAAA;IAAA,IAAC;MAAEL;IAAW,CAAC,GAAAK,KAAA;IAAA,OAAM;MACxDL,UAAU;MACVG,MAAM,EAAEL,sBAAsB,CAAEK;IAClC,CAAC;EAAA,CAAC,CAAC;AACL,CAAC;;AAEH;AACA;AACA;AACA;AACA;AACA;AACA,MAAMzB,2BAA2B,GAAI4B,CAAU,IAAK;EAClDjG,MAAM,CAACmF,GAAG,CAACpF,QAAQ,CAACqF,KAAK,EAAG,8CAA6Ca,CAAE,EAAC,CAAC;EAE7E,IAAI,EAAEA,CAAC,YAAYzG,4BAA4B,CAAC,EAAE;IAChD,MAAMyG,CAAC;EACT;EAEA,MAAM,IAAIpG,oBAAoB,CAACF,mBAAmB,CAAC,CAChDuG,MAAM,CAAC,GAAG,EAAE;IACXC,IAAI,EAAEvG,wBAAwB,CAACwG,uBAAuB;IACtDzB,OAAO,EAAE;EACX,CAAC,CAAC,CACDuB,MAAM,CAAC,GAAG,EAAE;IACXC,IAAI,EAAEvG,wBAAwB,CAACwG,uBAAuB;IACtDzB,OAAO,EAAE;EACX,CAAC,CAAC,CACDuB,MAAM,CAAC,GAAG,EAAE;IACXC,IAAI,EAAEvG,wBAAwB,CAACyG,uBAAuB;IACtD1B,OAAO,EAAE;EACX,CAAC,CAAC,CACD2B,SAAS,CAACL,CAAC,CAAC;AACjB,CAAC"}
|
|
@@ -2,7 +2,7 @@ import { evaluateIssuerTrust } from "./01-evaluate-issuer-trust";
|
|
|
2
2
|
import { startUserAuthorization } from "./02-start-user-authorization";
|
|
3
3
|
import { continueUserAuthorizationWithMRTDPoPChallenge, completeUserAuthorizationWithQueryMode, completeUserAuthorizationWithFormPostJwtMode, buildAuthorizationUrl, getRequestedCredentialToBePresented } from "./03-complete-user-authorization";
|
|
4
4
|
import { authorizeAccess } from "./04-authorize-access";
|
|
5
|
-
import { obtainCredential } from "./05-obtain-credential";
|
|
5
|
+
import { obtainCredential, obtainCredentialsBatch } from "./05-obtain-credential";
|
|
6
6
|
import { verifyAndParseCredential } from "./06-verify-and-parse-credential";
|
|
7
7
|
import { MRTDPoP } from "../mrtd-pop";
|
|
8
8
|
export const Issuance = {
|
|
@@ -15,6 +15,7 @@ export const Issuance = {
|
|
|
15
15
|
completeUserAuthorizationWithFormPostJwtMode,
|
|
16
16
|
authorizeAccess,
|
|
17
17
|
obtainCredential,
|
|
18
|
+
obtainCredentialsBatch,
|
|
18
19
|
verifyAndParseCredential,
|
|
19
20
|
MRTDPoP
|
|
20
21
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["evaluateIssuerTrust","startUserAuthorization","continueUserAuthorizationWithMRTDPoPChallenge","completeUserAuthorizationWithQueryMode","completeUserAuthorizationWithFormPostJwtMode","buildAuthorizationUrl","getRequestedCredentialToBePresented","authorizeAccess","obtainCredential","verifyAndParseCredential","MRTDPoP","Issuance"],"sourceRoot":"../../../../../src","sources":["credential/issuance/v1.3.3/index.ts"],"mappings":"AACA,SAASA,mBAAmB,QAAQ,4BAA4B;AAChE,SAASC,sBAAsB,QAAQ,+BAA+B;AACtE,SACEC,6CAA6C,EAC7CC,sCAAsC,EACtCC,4CAA4C,EAC5CC,qBAAqB,EACrBC,mCAAmC,QAC9B,kCAAkC;AACzC,SAASC,eAAe,QAAQ,uBAAuB;AACvD,
|
|
1
|
+
{"version":3,"names":["evaluateIssuerTrust","startUserAuthorization","continueUserAuthorizationWithMRTDPoPChallenge","completeUserAuthorizationWithQueryMode","completeUserAuthorizationWithFormPostJwtMode","buildAuthorizationUrl","getRequestedCredentialToBePresented","authorizeAccess","obtainCredential","obtainCredentialsBatch","verifyAndParseCredential","MRTDPoP","Issuance"],"sourceRoot":"../../../../../src","sources":["credential/issuance/v1.3.3/index.ts"],"mappings":"AACA,SAASA,mBAAmB,QAAQ,4BAA4B;AAChE,SAASC,sBAAsB,QAAQ,+BAA+B;AACtE,SACEC,6CAA6C,EAC7CC,sCAAsC,EACtCC,4CAA4C,EAC5CC,qBAAqB,EACrBC,mCAAmC,QAC9B,kCAAkC;AACzC,SAASC,eAAe,QAAQ,uBAAuB;AACvD,SACEC,gBAAgB,EAChBC,sBAAsB,QACjB,wBAAwB;AAC/B,SAASC,wBAAwB,QAAQ,kCAAkC;AAC3E,SAASC,OAAO,QAAQ,aAAa;AAErC,OAAO,MAAMC,QAAqB,GAAG;EACnCZ,mBAAmB;EACnBC,sBAAsB;EACtBI,qBAAqB;EACrBF,sCAAsC;EACtCD,6CAA6C;EAC7CI,mCAAmC;EACnCF,4CAA4C;EAC5CG,eAAe;EACfC,gBAAgB;EAChBC,sBAAsB;EACtBC,wBAAwB;EACxBC;AACF,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["z","PresentationParams","object","client_id","string","nonempty","request","optional","request_uri","url","request_uri_method","enum","state","WalletMetadata","authorization_endpoint","client_id_schemes_supported","array","client_id_prefixes_supported","response_types_supported","response_modes_supported","request_object_signing_alg_values_supported","vp_formats_supported","record","RequestObjectWalletCapabilities","wallet_metadata","wallet_nonce","ErrorResponse"],"sourceRoot":"../../../../../src","sources":["credential/presentation/api/types.ts"],"mappings":"AAAA,OAAO,KAAKA,CAAC,MAAM,KAAK;
|
|
1
|
+
{"version":3,"names":["z","PresentationParams","object","client_id","string","nonempty","request","optional","request_uri","url","request_uri_method","enum","state","WalletMetadata","authorization_endpoint","client_id_schemes_supported","array","client_id_prefixes_supported","response_types_supported","response_modes_supported","request_object_signing_alg_values_supported","vp_formats_supported","record","RequestObjectWalletCapabilities","wallet_metadata","wallet_nonce","ErrorResponse"],"sourceRoot":"../../../../../src","sources":["credential/presentation/api/types.ts"],"mappings":"AAAA,OAAO,KAAKA,CAAC,MAAM,KAAK;AAMxB,OAAO,MAAMC,kBAAkB,GAAGD,CAAC,CAACE,MAAM,CAAC;EACzCC,SAAS,EAAEH,CAAC,CAACI,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EAChCC,OAAO,EAAEN,CAAC,CAACI,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAC9BC,WAAW,EAAER,CAAC,CAACI,MAAM,CAAC,CAAC,CAACK,GAAG,CAAC,CAAC,CAACF,QAAQ,CAAC,CAAC;EACxCG,kBAAkB,EAAEV,CAAC,CAACW,IAAI,CAAC,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC,CAACJ,QAAQ,CAAC,CAAC;EACtDK,KAAK,EAAEZ,CAAC,CAACI,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC;AAC7B,CAAC,CAAC;AAGF,OAAO,MAAMM,cAAc,GAAGb,CAAC,CAACE,MAAM,CAAC;EACrCY,sBAAsB,EAAEd,CAAC,CAACI,MAAM,CAAC,CAAC,CAACK,GAAG,CAAC,CAAC;EACxCM,2BAA2B,EAAEf,CAAC,CAACgB,KAAK,CAAChB,CAAC,CAACI,MAAM,CAAC,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAC3DU,4BAA4B,EAAEjB,CAAC,CAACgB,KAAK,CAAChB,CAAC,CAACI,MAAM,CAAC,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAC5DW,wBAAwB,EAAElB,CAAC,CAACgB,KAAK,CAAChB,CAAC,CAACI,MAAM,CAAC,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EACxDY,wBAAwB,EAAEnB,CAAC,CAACgB,KAAK,CAAChB,CAAC,CAACI,MAAM,CAAC,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EACxDa,2CAA2C,EAAEpB,CAAC,CAACgB,KAAK,CAAChB,CAAC,CAACI,MAAM,CAAC,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAC3Ec,oBAAoB,EAAErB,CAAC,CAACsB,MAAM,CAC5BtB,CAAC,CAACI,MAAM,CAAC,CAAC,EACVJ,CAAC,CAACE,MAAM,CAAC;IACP,mBAAmB,EAAEF,CAAC,CAACgB,KAAK,CAAChB,CAAC,CAACI,MAAM,CAAC,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC,CAAE;EACvD,CAAC,CACH;AACF,CAAC,CAAC;;AAEF;AACA;AACA;AACA;;AAIA,OAAO,MAAMgB,+BAA+B,GAAGvB,CAAC,CAACE,MAAM,CAAC;EACtDsB,eAAe,EAAEX,cAAc;EAC/BY,YAAY,EAAEzB,CAAC,CAACI,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC;AACpC,CAAC,CAAC;;AAEF;AACA;AACA;AACA;AACA;;AAEA,OAAO,MAAMmB,aAAa,GAAG1B,CAAC,CAACW,IAAI,CAAC,CAClC,wBAAwB,EACxB,qBAAqB,EACrB,0BAA0B,EAC1B,iBAAiB,EACjB,eAAe,EACf,gBAAgB,CACjB,CAAC;;AAMF;AACA;AACA;AACA;;AAmBA;AACA;AACA;;AAeA;AACA;AACA;;AAWA;AACA;AACA;;AAGA;AACA;AACA;AACA;;AAKA;AACA;AACA"}
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
import { decode as decodeJwt, verify } from "@pagopa/io-react-native-jwt";
|
|
2
|
+
import { IoWalletError } from "../../../utils/errors";
|
|
2
3
|
import { InvalidRequestObjectError } from "../common/errors";
|
|
3
|
-
import {
|
|
4
|
+
import { RawRequestObject } from "./types";
|
|
4
5
|
import { mapToRequestObject } from "./mappers";
|
|
5
6
|
import { getJwksFromRpConfig } from "./utils.jwks";
|
|
6
7
|
export const verifyRequestObject = async (requestObjectEncodedJwt, _ref) => {
|
|
@@ -9,6 +10,9 @@ export const verifyRequestObject = async (requestObjectEncodedJwt, _ref) => {
|
|
|
9
10
|
rpConf,
|
|
10
11
|
state
|
|
11
12
|
} = _ref;
|
|
13
|
+
if (!rpConf) {
|
|
14
|
+
throw new IoWalletError("Relying Party Configuration is required for OpenID Federation clients");
|
|
15
|
+
}
|
|
12
16
|
const requestObjectJwt = decodeJwt(requestObjectEncodedJwt);
|
|
13
17
|
const pubKey = getSigPublicKey(rpConf, requestObjectJwt.protectedHeader.kid);
|
|
14
18
|
try {
|
|
@@ -19,17 +23,19 @@ export const verifyRequestObject = async (requestObjectEncodedJwt, _ref) => {
|
|
|
19
23
|
} catch (_) {
|
|
20
24
|
throw new InvalidRequestObjectError("The Request Object signature verification failed");
|
|
21
25
|
}
|
|
22
|
-
const
|
|
23
|
-
|
|
26
|
+
const rawRequestObject = validateRequestObjectShape({
|
|
27
|
+
header: requestObjectJwt.protectedHeader,
|
|
28
|
+
payload: requestObjectJwt.payload
|
|
29
|
+
});
|
|
30
|
+
const isClientIdMatch = clientId === rawRequestObject.payload.client_id && clientId === rpConf.subject;
|
|
24
31
|
if (!isClientIdMatch) {
|
|
25
32
|
throw new InvalidRequestObjectError("Client ID does not match Request Object or Entity Configuration");
|
|
26
33
|
}
|
|
27
|
-
|
|
28
|
-
if (!isStateMatch) {
|
|
34
|
+
if (state && state !== rawRequestObject.payload.state) {
|
|
29
35
|
throw new InvalidRequestObjectError("The provided state does not match the Request Object's");
|
|
30
36
|
}
|
|
31
37
|
return {
|
|
32
|
-
requestObject: mapToRequestObject(
|
|
38
|
+
requestObject: mapToRequestObject(rawRequestObject)
|
|
33
39
|
};
|
|
34
40
|
};
|
|
35
41
|
|
|
@@ -41,7 +47,7 @@ export const verifyRequestObject = async (requestObjectEncodedJwt, _ref) => {
|
|
|
41
47
|
* @throws {InvalidRequestObjectError} when the Request Object cannot be parsed
|
|
42
48
|
*/
|
|
43
49
|
const validateRequestObjectShape = payload => {
|
|
44
|
-
const requestObjectParse =
|
|
50
|
+
const requestObjectParse = RawRequestObject.safeParse(payload);
|
|
45
51
|
if (requestObjectParse.success) {
|
|
46
52
|
return requestObjectParse.data;
|
|
47
53
|
}
|