@pagopa/io-react-native-wallet 3.1.2 → 3.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (360) hide show
  1. package/lib/commonjs/credential/issuance/README.md +44 -17
  2. package/lib/commonjs/credential/issuance/common/02-start-user-authorization.js +4 -3
  3. package/lib/commonjs/credential/issuance/common/02-start-user-authorization.js.map +1 -1
  4. package/lib/commonjs/credential/issuance/common/06-verify-and-parse-credential.sdjwt.js +37 -8
  5. package/lib/commonjs/credential/issuance/common/06-verify-and-parse-credential.sdjwt.js.map +1 -1
  6. package/lib/commonjs/credential/issuance/mrtd-pop/02-init-challenge.js +46 -38
  7. package/lib/commonjs/credential/issuance/mrtd-pop/02-init-challenge.js.map +1 -1
  8. package/lib/commonjs/credential/issuance/mrtd-pop/03-validate-challenge.js +58 -51
  9. package/lib/commonjs/credential/issuance/mrtd-pop/03-validate-challenge.js.map +1 -1
  10. package/lib/commonjs/credential/issuance/mrtd-pop/index.js +21 -5
  11. package/lib/commonjs/credential/issuance/mrtd-pop/index.js.map +1 -1
  12. package/lib/commonjs/credential/issuance/v1.0.0/02-start-user-authorization.js +3 -3
  13. package/lib/commonjs/credential/issuance/v1.0.0/02-start-user-authorization.js.map +1 -1
  14. package/lib/commonjs/credential/issuance/v1.0.0/03-complete-user-authorization.js +5 -2
  15. package/lib/commonjs/credential/issuance/v1.0.0/03-complete-user-authorization.js.map +1 -1
  16. package/lib/commonjs/credential/issuance/v1.0.0/05-obtain-credential.js +5 -1
  17. package/lib/commonjs/credential/issuance/v1.0.0/05-obtain-credential.js.map +1 -1
  18. package/lib/commonjs/credential/issuance/v1.0.0/index.js +2 -1
  19. package/lib/commonjs/credential/issuance/v1.0.0/index.js.map +1 -1
  20. package/lib/commonjs/credential/issuance/v1.0.0/mappers.js +1 -1
  21. package/lib/commonjs/credential/issuance/v1.0.0/mappers.js.map +1 -1
  22. package/lib/commonjs/credential/issuance/v1.3.3/01-evaluate-issuer-trust.js +0 -2
  23. package/lib/commonjs/credential/issuance/v1.3.3/01-evaluate-issuer-trust.js.map +1 -1
  24. package/lib/commonjs/credential/issuance/v1.3.3/02-start-user-authorization.js +20 -16
  25. package/lib/commonjs/credential/issuance/v1.3.3/02-start-user-authorization.js.map +1 -1
  26. package/lib/commonjs/credential/issuance/v1.3.3/03-complete-user-authorization.js +1 -1
  27. package/lib/commonjs/credential/issuance/v1.3.3/03-complete-user-authorization.js.map +1 -1
  28. package/lib/commonjs/credential/issuance/v1.3.3/04-authorize-access.js +20 -19
  29. package/lib/commonjs/credential/issuance/v1.3.3/04-authorize-access.js.map +1 -1
  30. package/lib/commonjs/credential/issuance/v1.3.3/05-obtain-credential.js +150 -57
  31. package/lib/commonjs/credential/issuance/v1.3.3/05-obtain-credential.js.map +1 -1
  32. package/lib/commonjs/credential/issuance/v1.3.3/06-verify-and-parse-credential.js +4 -1
  33. package/lib/commonjs/credential/issuance/v1.3.3/06-verify-and-parse-credential.js.map +1 -1
  34. package/lib/commonjs/credential/issuance/v1.3.3/index.js +2 -1
  35. package/lib/commonjs/credential/issuance/v1.3.3/index.js.map +1 -1
  36. package/lib/commonjs/credential/issuance/v1.3.3/mappers.js +1 -1
  37. package/lib/commonjs/credential/issuance/v1.3.3/mappers.js.map +1 -1
  38. package/lib/commonjs/credential/presentation/api/types.js.map +1 -1
  39. package/lib/commonjs/credential/presentation/{v1.3.3/utils.mdoc.js → common/utils/mdoc.js} +2 -2
  40. package/lib/commonjs/credential/presentation/common/utils/mdoc.js.map +1 -0
  41. package/lib/commonjs/credential/presentation/v1.0.0/05-verify-request-object.js +18 -12
  42. package/lib/commonjs/credential/presentation/v1.0.0/05-verify-request-object.js.map +1 -1
  43. package/lib/commonjs/credential/presentation/v1.0.0/07-send-authorization-response.js +3 -0
  44. package/lib/commonjs/credential/presentation/v1.0.0/07-send-authorization-response.js.map +1 -1
  45. package/lib/commonjs/credential/presentation/v1.0.0/index.js +0 -2
  46. package/lib/commonjs/credential/presentation/v1.0.0/index.js.map +1 -1
  47. package/lib/commonjs/credential/presentation/v1.0.0/mappers.js +23 -13
  48. package/lib/commonjs/credential/presentation/v1.0.0/mappers.js.map +1 -1
  49. package/lib/commonjs/credential/presentation/v1.0.0/types.js +25 -17
  50. package/lib/commonjs/credential/presentation/v1.0.0/types.js.map +1 -1
  51. package/lib/commonjs/credential/presentation/v1.3.3/05-verify-request-object.js +29 -6
  52. package/lib/commonjs/credential/presentation/v1.3.3/05-verify-request-object.js.map +1 -1
  53. package/lib/commonjs/credential/presentation/v1.3.3/06-evaluate-dcql-query.js +2 -2
  54. package/lib/commonjs/credential/presentation/v1.3.3/06-evaluate-dcql-query.js.map +1 -1
  55. package/lib/commonjs/credential/presentation/v1.3.3/07-send-authorization-response.js +9 -6
  56. package/lib/commonjs/credential/presentation/v1.3.3/07-send-authorization-response.js.map +1 -1
  57. package/lib/commonjs/credential/presentation/v1.3.3/mappers.js +25 -13
  58. package/lib/commonjs/credential/presentation/v1.3.3/mappers.js.map +1 -1
  59. package/lib/commonjs/credential/presentation/v1.3.3/types.js +6 -3
  60. package/lib/commonjs/credential/presentation/v1.3.3/types.js.map +1 -1
  61. package/lib/commonjs/credential/status/README.md +3 -2
  62. package/lib/commonjs/credential/status/v1.3.3/01-status-list.js +27 -5
  63. package/lib/commonjs/credential/status/v1.3.3/01-status-list.js.map +1 -1
  64. package/lib/commonjs/credential/status/v1.3.3/02-verify-and-parse-status-list.js +17 -6
  65. package/lib/commonjs/credential/status/v1.3.3/02-verify-and-parse-status-list.js.map +1 -1
  66. package/lib/commonjs/credentials-catalogue/api/DigitalCredentialsCatalogue.js +26 -1
  67. package/lib/commonjs/credentials-catalogue/api/DigitalCredentialsCatalogue.js.map +1 -1
  68. package/lib/commonjs/credentials-catalogue/v1.3.3/fetch-and-parse-catalogue.js +4 -0
  69. package/lib/commonjs/credentials-catalogue/v1.3.3/fetch-and-parse-catalogue.js.map +1 -1
  70. package/lib/commonjs/credentials-catalogue/v1.3.3/fetch-translations.js +5 -3
  71. package/lib/commonjs/credentials-catalogue/v1.3.3/fetch-translations.js.map +1 -1
  72. package/lib/commonjs/credentials-catalogue/v1.3.3/mappers.js +9 -1
  73. package/lib/commonjs/credentials-catalogue/v1.3.3/mappers.js.map +1 -1
  74. package/lib/commonjs/credentials-catalogue/v1.3.3/types.js +49 -1
  75. package/lib/commonjs/credentials-catalogue/v1.3.3/types.js.map +1 -1
  76. package/lib/commonjs/mdoc/index.js +3 -24
  77. package/lib/commonjs/mdoc/index.js.map +1 -1
  78. package/lib/commonjs/sd-jwt/__test__/types.test.js +2 -14
  79. package/lib/commonjs/sd-jwt/__test__/types.test.js.map +1 -1
  80. package/lib/commonjs/sd-jwt/__test__/utils.test.js +0 -12
  81. package/lib/commonjs/sd-jwt/__test__/utils.test.js.map +1 -1
  82. package/lib/commonjs/sd-jwt/types.js +1 -14
  83. package/lib/commonjs/sd-jwt/types.js.map +1 -1
  84. package/lib/commonjs/utils/callbacks.js +45 -7
  85. package/lib/commonjs/utils/callbacks.js.map +1 -1
  86. package/lib/commonjs/utils/crypto.js +58 -5
  87. package/lib/commonjs/utils/crypto.js.map +1 -1
  88. package/lib/commonjs/utils/x509.js +34 -0
  89. package/lib/commonjs/utils/x509.js.map +1 -0
  90. package/lib/commonjs/wallet-instance-attestation/api/types.js +0 -2
  91. package/lib/commonjs/wallet-instance-attestation/api/types.js.map +1 -1
  92. package/lib/commonjs/wallet-instance-attestation/v1.3.3/mappers.js +1 -14
  93. package/lib/commonjs/wallet-instance-attestation/v1.3.3/mappers.js.map +1 -1
  94. package/lib/commonjs/wallet-instance-attestation/v1.3.3/types.js +2 -7
  95. package/lib/commonjs/wallet-instance-attestation/v1.3.3/types.js.map +1 -1
  96. package/lib/commonjs/wallet-unit-attestation/api/types.js +0 -11
  97. package/lib/commonjs/wallet-unit-attestation/api/types.js.map +1 -1
  98. package/lib/module/credential/issuance/README.md +44 -17
  99. package/lib/module/credential/issuance/common/02-start-user-authorization.js +4 -3
  100. package/lib/module/credential/issuance/common/02-start-user-authorization.js.map +1 -1
  101. package/lib/module/credential/issuance/common/06-verify-and-parse-credential.sdjwt.js +39 -10
  102. package/lib/module/credential/issuance/common/06-verify-and-parse-credential.sdjwt.js.map +1 -1
  103. package/lib/module/credential/issuance/mrtd-pop/02-init-challenge.js +47 -34
  104. package/lib/module/credential/issuance/mrtd-pop/02-init-challenge.js.map +1 -1
  105. package/lib/module/credential/issuance/mrtd-pop/03-validate-challenge.js +58 -47
  106. package/lib/module/credential/issuance/mrtd-pop/03-validate-challenge.js.map +1 -1
  107. package/lib/module/credential/issuance/mrtd-pop/index.js +20 -5
  108. package/lib/module/credential/issuance/mrtd-pop/index.js.map +1 -1
  109. package/lib/module/credential/issuance/v1.0.0/02-start-user-authorization.js +1 -1
  110. package/lib/module/credential/issuance/v1.0.0/02-start-user-authorization.js.map +1 -1
  111. package/lib/module/credential/issuance/v1.0.0/03-complete-user-authorization.js +6 -3
  112. package/lib/module/credential/issuance/v1.0.0/03-complete-user-authorization.js.map +1 -1
  113. package/lib/module/credential/issuance/v1.0.0/05-obtain-credential.js +4 -1
  114. package/lib/module/credential/issuance/v1.0.0/05-obtain-credential.js.map +1 -1
  115. package/lib/module/credential/issuance/v1.0.0/index.js +4 -3
  116. package/lib/module/credential/issuance/v1.0.0/index.js.map +1 -1
  117. package/lib/module/credential/issuance/v1.0.0/mappers.js +1 -1
  118. package/lib/module/credential/issuance/v1.0.0/mappers.js.map +1 -1
  119. package/lib/module/credential/issuance/v1.3.3/01-evaluate-issuer-trust.js +0 -2
  120. package/lib/module/credential/issuance/v1.3.3/01-evaluate-issuer-trust.js.map +1 -1
  121. package/lib/module/credential/issuance/v1.3.3/02-start-user-authorization.js +20 -16
  122. package/lib/module/credential/issuance/v1.3.3/02-start-user-authorization.js.map +1 -1
  123. package/lib/module/credential/issuance/v1.3.3/03-complete-user-authorization.js +1 -1
  124. package/lib/module/credential/issuance/v1.3.3/03-complete-user-authorization.js.map +1 -1
  125. package/lib/module/credential/issuance/v1.3.3/04-authorize-access.js +22 -19
  126. package/lib/module/credential/issuance/v1.3.3/04-authorize-access.js.map +1 -1
  127. package/lib/module/credential/issuance/v1.3.3/05-obtain-credential.js +147 -55
  128. package/lib/module/credential/issuance/v1.3.3/05-obtain-credential.js.map +1 -1
  129. package/lib/module/credential/issuance/v1.3.3/06-verify-and-parse-credential.js +4 -1
  130. package/lib/module/credential/issuance/v1.3.3/06-verify-and-parse-credential.js.map +1 -1
  131. package/lib/module/credential/issuance/v1.3.3/index.js +4 -3
  132. package/lib/module/credential/issuance/v1.3.3/index.js.map +1 -1
  133. package/lib/module/credential/issuance/v1.3.3/mappers.js +1 -1
  134. package/lib/module/credential/issuance/v1.3.3/mappers.js.map +1 -1
  135. package/lib/module/credential/presentation/api/types.js.map +1 -1
  136. package/lib/module/credential/presentation/{v1.3.3/utils.mdoc.js → common/utils/mdoc.js} +2 -2
  137. package/lib/module/credential/presentation/common/utils/mdoc.js.map +1 -0
  138. package/lib/module/credential/presentation/v1.0.0/05-verify-request-object.js +13 -7
  139. package/lib/module/credential/presentation/v1.0.0/05-verify-request-object.js.map +1 -1
  140. package/lib/module/credential/presentation/v1.0.0/07-send-authorization-response.js +4 -1
  141. package/lib/module/credential/presentation/v1.0.0/07-send-authorization-response.js.map +1 -1
  142. package/lib/module/credential/presentation/v1.0.0/index.js +0 -2
  143. package/lib/module/credential/presentation/v1.0.0/index.js.map +1 -1
  144. package/lib/module/credential/presentation/v1.0.0/mappers.js +23 -13
  145. package/lib/module/credential/presentation/v1.0.0/mappers.js.map +1 -1
  146. package/lib/module/credential/presentation/v1.0.0/types.js +23 -15
  147. package/lib/module/credential/presentation/v1.0.0/types.js.map +1 -1
  148. package/lib/module/credential/presentation/v1.3.3/05-verify-request-object.js +28 -6
  149. package/lib/module/credential/presentation/v1.3.3/05-verify-request-object.js.map +1 -1
  150. package/lib/module/credential/presentation/v1.3.3/06-evaluate-dcql-query.js +2 -3
  151. package/lib/module/credential/presentation/v1.3.3/06-evaluate-dcql-query.js.map +1 -1
  152. package/lib/module/credential/presentation/v1.3.3/07-send-authorization-response.js +9 -6
  153. package/lib/module/credential/presentation/v1.3.3/07-send-authorization-response.js.map +1 -1
  154. package/lib/module/credential/presentation/v1.3.3/mappers.js +25 -13
  155. package/lib/module/credential/presentation/v1.3.3/mappers.js.map +1 -1
  156. package/lib/module/credential/presentation/v1.3.3/types.js +5 -2
  157. package/lib/module/credential/presentation/v1.3.3/types.js.map +1 -1
  158. package/lib/module/credential/status/README.md +3 -2
  159. package/lib/module/credential/status/v1.3.3/01-status-list.js +27 -5
  160. package/lib/module/credential/status/v1.3.3/01-status-list.js.map +1 -1
  161. package/lib/module/credential/status/v1.3.3/02-verify-and-parse-status-list.js +17 -6
  162. package/lib/module/credential/status/v1.3.3/02-verify-and-parse-status-list.js.map +1 -1
  163. package/lib/module/credentials-catalogue/api/DigitalCredentialsCatalogue.js +24 -0
  164. package/lib/module/credentials-catalogue/api/DigitalCredentialsCatalogue.js.map +1 -1
  165. package/lib/module/credentials-catalogue/v1.3.3/fetch-and-parse-catalogue.js +5 -1
  166. package/lib/module/credentials-catalogue/v1.3.3/fetch-and-parse-catalogue.js.map +1 -1
  167. package/lib/module/credentials-catalogue/v1.3.3/fetch-translations.js +5 -3
  168. package/lib/module/credentials-catalogue/v1.3.3/fetch-translations.js.map +1 -1
  169. package/lib/module/credentials-catalogue/v1.3.3/mappers.js +9 -1
  170. package/lib/module/credentials-catalogue/v1.3.3/mappers.js.map +1 -1
  171. package/lib/module/credentials-catalogue/v1.3.3/types.js +47 -0
  172. package/lib/module/credentials-catalogue/v1.3.3/types.js.map +1 -1
  173. package/lib/module/mdoc/index.js +3 -24
  174. package/lib/module/mdoc/index.js.map +1 -1
  175. package/lib/module/sd-jwt/__test__/types.test.js +2 -14
  176. package/lib/module/sd-jwt/__test__/types.test.js.map +1 -1
  177. package/lib/module/sd-jwt/__test__/utils.test.js +0 -12
  178. package/lib/module/sd-jwt/__test__/utils.test.js.map +1 -1
  179. package/lib/module/sd-jwt/types.js +1 -14
  180. package/lib/module/sd-jwt/types.js.map +1 -1
  181. package/lib/module/utils/callbacks.js +45 -8
  182. package/lib/module/utils/callbacks.js.map +1 -1
  183. package/lib/module/utils/crypto.js +57 -6
  184. package/lib/module/utils/crypto.js.map +1 -1
  185. package/lib/module/utils/x509.js +28 -0
  186. package/lib/module/utils/x509.js.map +1 -0
  187. package/lib/module/wallet-instance-attestation/api/types.js +0 -2
  188. package/lib/module/wallet-instance-attestation/api/types.js.map +1 -1
  189. package/lib/module/wallet-instance-attestation/v1.3.3/mappers.js +1 -14
  190. package/lib/module/wallet-instance-attestation/v1.3.3/mappers.js.map +1 -1
  191. package/lib/module/wallet-instance-attestation/v1.3.3/types.js +2 -7
  192. package/lib/module/wallet-instance-attestation/v1.3.3/types.js.map +1 -1
  193. package/lib/module/wallet-unit-attestation/api/types.js +0 -11
  194. package/lib/module/wallet-unit-attestation/api/types.js.map +1 -1
  195. package/lib/typescript/credential/issuance/api/05-obtain-credential.d.ts +20 -0
  196. package/lib/typescript/credential/issuance/api/05-obtain-credential.d.ts.map +1 -1
  197. package/lib/typescript/credential/issuance/api/06-verify-and-parse-credential.d.ts +4 -0
  198. package/lib/typescript/credential/issuance/api/06-verify-and-parse-credential.d.ts.map +1 -1
  199. package/lib/typescript/credential/issuance/common/02-start-user-authorization.d.ts.map +1 -1
  200. package/lib/typescript/credential/issuance/common/06-verify-and-parse-credential.sdjwt.d.ts.map +1 -1
  201. package/lib/typescript/credential/issuance/mrtd-pop/02-init-challenge.d.ts +12 -1
  202. package/lib/typescript/credential/issuance/mrtd-pop/02-init-challenge.d.ts.map +1 -1
  203. package/lib/typescript/credential/issuance/mrtd-pop/03-validate-challenge.d.ts +12 -1
  204. package/lib/typescript/credential/issuance/mrtd-pop/03-validate-challenge.d.ts.map +1 -1
  205. package/lib/typescript/credential/issuance/mrtd-pop/index.d.ts +2 -1
  206. package/lib/typescript/credential/issuance/mrtd-pop/index.d.ts.map +1 -1
  207. package/lib/typescript/credential/issuance/v1.0.0/03-complete-user-authorization.d.ts.map +1 -1
  208. package/lib/typescript/credential/issuance/v1.0.0/05-obtain-credential.d.ts +1 -0
  209. package/lib/typescript/credential/issuance/v1.0.0/05-obtain-credential.d.ts.map +1 -1
  210. package/lib/typescript/credential/issuance/v1.0.0/index.d.ts.map +1 -1
  211. package/lib/typescript/credential/issuance/v1.0.0/mappers.d.ts.map +1 -1
  212. package/lib/typescript/credential/issuance/v1.3.3/01-evaluate-issuer-trust.d.ts.map +1 -1
  213. package/lib/typescript/credential/issuance/v1.3.3/02-start-user-authorization.d.ts.map +1 -1
  214. package/lib/typescript/credential/issuance/v1.3.3/04-authorize-access.d.ts.map +1 -1
  215. package/lib/typescript/credential/issuance/v1.3.3/05-obtain-credential.d.ts +23 -2
  216. package/lib/typescript/credential/issuance/v1.3.3/05-obtain-credential.d.ts.map +1 -1
  217. package/lib/typescript/credential/issuance/v1.3.3/06-verify-and-parse-credential.d.ts.map +1 -1
  218. package/lib/typescript/credential/issuance/v1.3.3/index.d.ts.map +1 -1
  219. package/lib/typescript/credential/issuance/v1.3.3/mappers.d.ts.map +1 -1
  220. package/lib/typescript/credential/presentation/api/04-verify-certificate-chain.d.ts +9 -2
  221. package/lib/typescript/credential/presentation/api/04-verify-certificate-chain.d.ts.map +1 -1
  222. package/lib/typescript/credential/presentation/api/05-verify-request-object.d.ts +2 -2
  223. package/lib/typescript/credential/presentation/api/05-verify-request-object.d.ts.map +1 -1
  224. package/lib/typescript/credential/presentation/api/07-send-authorization-response.d.ts +2 -2
  225. package/lib/typescript/credential/presentation/api/07-send-authorization-response.d.ts.map +1 -1
  226. package/lib/typescript/credential/presentation/api/types.d.ts +18 -0
  227. package/lib/typescript/credential/presentation/api/types.d.ts.map +1 -1
  228. package/lib/typescript/credential/presentation/{v1.3.3/utils.mdoc.d.ts → common/utils/mdoc.d.ts} +2 -2
  229. package/lib/typescript/credential/presentation/common/utils/mdoc.d.ts.map +1 -0
  230. package/lib/typescript/credential/presentation/v1.0.0/05-verify-request-object.d.ts.map +1 -1
  231. package/lib/typescript/credential/presentation/v1.0.0/07-send-authorization-response.d.ts.map +1 -1
  232. package/lib/typescript/credential/presentation/v1.0.0/index.d.ts.map +1 -1
  233. package/lib/typescript/credential/presentation/v1.0.0/mappers.d.ts +21 -13
  234. package/lib/typescript/credential/presentation/v1.0.0/mappers.d.ts.map +1 -1
  235. package/lib/typescript/credential/presentation/v1.0.0/types.d.ts +23 -15
  236. package/lib/typescript/credential/presentation/v1.0.0/types.d.ts.map +1 -1
  237. package/lib/typescript/credential/presentation/v1.3.3/05-verify-request-object.d.ts.map +1 -1
  238. package/lib/typescript/credential/presentation/v1.3.3/06-evaluate-dcql-query.d.ts.map +1 -1
  239. package/lib/typescript/credential/presentation/v1.3.3/07-send-authorization-response.d.ts.map +1 -1
  240. package/lib/typescript/credential/presentation/v1.3.3/mappers.d.ts +89 -79
  241. package/lib/typescript/credential/presentation/v1.3.3/mappers.d.ts.map +1 -1
  242. package/lib/typescript/credential/presentation/v1.3.3/types.d.ts +87 -79
  243. package/lib/typescript/credential/presentation/v1.3.3/types.d.ts.map +1 -1
  244. package/lib/typescript/credential/status/api/status-list.d.ts +8 -4
  245. package/lib/typescript/credential/status/api/status-list.d.ts.map +1 -1
  246. package/lib/typescript/credential/status/v1.3.3/01-status-list.d.ts.map +1 -1
  247. package/lib/typescript/credential/status/v1.3.3/02-verify-and-parse-status-list.d.ts.map +1 -1
  248. package/lib/typescript/credentials-catalogue/api/DigitalCredentialsCatalogue.d.ts +73 -0
  249. package/lib/typescript/credentials-catalogue/api/DigitalCredentialsCatalogue.d.ts.map +1 -1
  250. package/lib/typescript/credentials-catalogue/api/index.d.ts +6 -5
  251. package/lib/typescript/credentials-catalogue/api/index.d.ts.map +1 -1
  252. package/lib/typescript/credentials-catalogue/v1.0.0/mappers.d.ts +25 -0
  253. package/lib/typescript/credentials-catalogue/v1.0.0/mappers.d.ts.map +1 -1
  254. package/lib/typescript/credentials-catalogue/v1.3.3/fetch-and-parse-catalogue.d.ts.map +1 -1
  255. package/lib/typescript/credentials-catalogue/v1.3.3/fetch-translations.d.ts.map +1 -1
  256. package/lib/typescript/credentials-catalogue/v1.3.3/mappers.d.ts +51 -0
  257. package/lib/typescript/credentials-catalogue/v1.3.3/mappers.d.ts.map +1 -1
  258. package/lib/typescript/credentials-catalogue/v1.3.3/types.d.ts +33 -0
  259. package/lib/typescript/credentials-catalogue/v1.3.3/types.d.ts.map +1 -1
  260. package/lib/typescript/mdoc/index.d.ts +1 -1
  261. package/lib/typescript/mdoc/index.d.ts.map +1 -1
  262. package/lib/typescript/mdoc/utils.d.ts +0 -24
  263. package/lib/typescript/mdoc/utils.d.ts.map +1 -1
  264. package/lib/typescript/sd-jwt/types.d.ts +0 -12
  265. package/lib/typescript/sd-jwt/types.d.ts.map +1 -1
  266. package/lib/typescript/utils/callbacks.d.ts +7 -0
  267. package/lib/typescript/utils/callbacks.d.ts.map +1 -1
  268. package/lib/typescript/utils/crypto.d.ts +32 -15
  269. package/lib/typescript/utils/crypto.d.ts.map +1 -1
  270. package/lib/typescript/utils/x509.d.ts +10 -0
  271. package/lib/typescript/utils/x509.d.ts.map +1 -0
  272. package/lib/typescript/wallet-instance-attestation/api/types.d.ts +0 -2
  273. package/lib/typescript/wallet-instance-attestation/api/types.d.ts.map +1 -1
  274. package/lib/typescript/wallet-instance-attestation/v1.0.0/mappers.d.ts +0 -2
  275. package/lib/typescript/wallet-instance-attestation/v1.0.0/mappers.d.ts.map +1 -1
  276. package/lib/typescript/wallet-instance-attestation/v1.3.3/mappers.d.ts +2 -9
  277. package/lib/typescript/wallet-instance-attestation/v1.3.3/mappers.d.ts.map +1 -1
  278. package/lib/typescript/wallet-instance-attestation/v1.3.3/types.d.ts +2 -7
  279. package/lib/typescript/wallet-instance-attestation/v1.3.3/types.d.ts.map +1 -1
  280. package/lib/typescript/wallet-unit-attestation/api/types.d.ts +0 -11
  281. package/lib/typescript/wallet-unit-attestation/api/types.d.ts.map +1 -1
  282. package/lib/typescript/wallet-unit-attestation/v1.3.3/mappers.d.ts +0 -22
  283. package/lib/typescript/wallet-unit-attestation/v1.3.3/mappers.d.ts.map +1 -1
  284. package/lib/typescript/wallet-unit-attestation/v1.3.3/types.d.ts +0 -11
  285. package/lib/typescript/wallet-unit-attestation/v1.3.3/types.d.ts.map +1 -1
  286. package/package.json +6 -6
  287. package/src/credential/issuance/README.md +44 -17
  288. package/src/credential/issuance/api/05-obtain-credential.ts +24 -0
  289. package/src/credential/issuance/api/06-verify-and-parse-credential.ts +4 -0
  290. package/src/credential/issuance/common/02-start-user-authorization.ts +6 -3
  291. package/src/credential/issuance/common/06-verify-and-parse-credential.sdjwt.ts +42 -9
  292. package/src/credential/issuance/mrtd-pop/02-init-challenge.ts +69 -45
  293. package/src/credential/issuance/mrtd-pop/03-validate-challenge.ts +84 -62
  294. package/src/credential/issuance/mrtd-pop/index.ts +13 -5
  295. package/src/credential/issuance/v1.0.0/02-start-user-authorization.ts +1 -1
  296. package/src/credential/issuance/v1.0.0/03-complete-user-authorization.ts +8 -3
  297. package/src/credential/issuance/v1.0.0/05-obtain-credential.ts +6 -0
  298. package/src/credential/issuance/v1.0.0/index.ts +7 -3
  299. package/src/credential/issuance/v1.0.0/mappers.ts +4 -1
  300. package/src/credential/issuance/v1.3.3/01-evaluate-issuer-trust.ts +0 -2
  301. package/src/credential/issuance/v1.3.3/02-start-user-authorization.ts +24 -20
  302. package/src/credential/issuance/v1.3.3/03-complete-user-authorization.ts +1 -1
  303. package/src/credential/issuance/v1.3.3/04-authorize-access.ts +28 -23
  304. package/src/credential/issuance/v1.3.3/05-obtain-credential.ts +182 -87
  305. package/src/credential/issuance/v1.3.3/06-verify-and-parse-credential.ts +2 -1
  306. package/src/credential/issuance/v1.3.3/index.ts +7 -3
  307. package/src/credential/issuance/v1.3.3/mappers.ts +4 -1
  308. package/src/credential/presentation/api/04-verify-certificate-chain.ts +9 -2
  309. package/src/credential/presentation/api/05-verify-request-object.ts +2 -2
  310. package/src/credential/presentation/api/07-send-authorization-response.ts +2 -2
  311. package/src/credential/presentation/api/types.ts +16 -0
  312. package/src/credential/presentation/{v1.3.3/utils.mdoc.ts → common/utils/mdoc.ts} +2 -2
  313. package/src/credential/presentation/v1.0.0/05-verify-request-object.ts +21 -10
  314. package/src/credential/presentation/v1.0.0/07-send-authorization-response.ts +7 -0
  315. package/src/credential/presentation/v1.0.0/index.ts +0 -2
  316. package/src/credential/presentation/v1.0.0/mappers.ts +17 -17
  317. package/src/credential/presentation/v1.0.0/types.ts +23 -15
  318. package/src/credential/presentation/v1.3.3/05-verify-request-object.ts +63 -10
  319. package/src/credential/presentation/v1.3.3/06-evaluate-dcql-query.ts +3 -3
  320. package/src/credential/presentation/v1.3.3/07-send-authorization-response.ts +13 -4
  321. package/src/credential/presentation/v1.3.3/mappers.ts +19 -17
  322. package/src/credential/presentation/v1.3.3/types.ts +9 -3
  323. package/src/credential/status/README.md +3 -2
  324. package/src/credential/status/api/status-list.ts +10 -7
  325. package/src/credential/status/v1.3.3/01-status-list.ts +21 -7
  326. package/src/credential/status/v1.3.3/02-verify-and-parse-status-list.ts +19 -5
  327. package/src/credentials-catalogue/api/DigitalCredentialsCatalogue.ts +32 -0
  328. package/src/credentials-catalogue/api/index.ts +6 -3
  329. package/src/credentials-catalogue/v1.3.3/fetch-and-parse-catalogue.ts +6 -0
  330. package/src/credentials-catalogue/v1.3.3/fetch-translations.ts +6 -3
  331. package/src/credentials-catalogue/v1.3.3/mappers.ts +17 -1
  332. package/src/credentials-catalogue/v1.3.3/types.ts +51 -0
  333. package/src/mdoc/index.ts +5 -41
  334. package/src/sd-jwt/__test__/types.test.ts +1 -13
  335. package/src/sd-jwt/__test__/utils.test.ts +0 -12
  336. package/src/sd-jwt/types.ts +0 -13
  337. package/src/utils/callbacks.ts +57 -9
  338. package/src/utils/crypto.ts +86 -15
  339. package/src/utils/x509.ts +43 -0
  340. package/src/wallet-instance-attestation/api/types.ts +0 -2
  341. package/src/wallet-instance-attestation/v1.3.3/mappers.ts +3 -11
  342. package/src/wallet-instance-attestation/v1.3.3/types.ts +2 -7
  343. package/src/wallet-unit-attestation/api/types.ts +0 -11
  344. package/lib/commonjs/credential/issuance/common/authorization.js +0 -56
  345. package/lib/commonjs/credential/issuance/common/authorization.js.map +0 -1
  346. package/lib/commonjs/credential/presentation/v1.0.0/04-verify-certificate-chain.js +0 -12
  347. package/lib/commonjs/credential/presentation/v1.0.0/04-verify-certificate-chain.js.map +0 -1
  348. package/lib/commonjs/credential/presentation/v1.3.3/utils.mdoc.js.map +0 -1
  349. package/lib/module/credential/issuance/common/authorization.js +0 -48
  350. package/lib/module/credential/issuance/common/authorization.js.map +0 -1
  351. package/lib/module/credential/presentation/v1.0.0/04-verify-certificate-chain.js +0 -5
  352. package/lib/module/credential/presentation/v1.0.0/04-verify-certificate-chain.js.map +0 -1
  353. package/lib/module/credential/presentation/v1.3.3/utils.mdoc.js.map +0 -1
  354. package/lib/typescript/credential/issuance/common/authorization.d.ts +0 -21
  355. package/lib/typescript/credential/issuance/common/authorization.d.ts.map +0 -1
  356. package/lib/typescript/credential/presentation/v1.0.0/04-verify-certificate-chain.d.ts +0 -3
  357. package/lib/typescript/credential/presentation/v1.0.0/04-verify-certificate-chain.d.ts.map +0 -1
  358. package/lib/typescript/credential/presentation/v1.3.3/utils.mdoc.d.ts.map +0 -1
  359. package/src/credential/issuance/common/authorization.ts +0 -89
  360. package/src/credential/presentation/v1.0.0/04-verify-certificate-chain.ts +0 -10
package/lib/commonjs/credential/issuance/README.md CHANGED
@@ -8,6 +8,8 @@ Credentials instead require a simpler authorization flow and they require other
8
8
 
9
9
  The supported credentials are defined in the entity configuration of the issuer which is evaluted and parsed in the `evaluateIssuerTrust` step. Available credentials are identified with a unique `credential_configuration_id`, that must be used when requesting authorization. The Authorization Server returns an array of **credential identifiers** that map to the `credential_configuration_id` provided: to obtain the credential, one of the credential identifiers (or all of them) must be requested to the credential endpoint.
10
10
 
11
+ In the newest versions of IT-Wallet specifications it is mandatory that the cryptographic keys bound to each credential are stored in a WSCD and attested in a **Wallet Unit Attestation**, that must be sent to the Issuer when requesting a credential.
12
+
11
13
  ## Sequence Diagram
12
14
 
13
15
  ```mermaid
@@ -20,8 +22,9 @@ graph TD;
20
22
  C4.1[completeUserAuthorizationWithFormPostJwtMode]
21
23
  E4[completeUserAuthorizationWithQueryMode]
22
24
  5[authorizeAccess]
23
- 6[obtainCredential]
24
- 7[verifyAndParseCredential]
25
+ 6[WalletUnitAttestation.getAttestation]
26
+ 7[obtainCredential]
27
+ 8[verifyAndParseCredential]
25
28
  credSel{Is credential an eID?}
26
29
  proofSel{Requires MRTD PoP?}
27
30
  M1[continueUserAuthorizationWithMRTDPoPChallenge]
@@ -44,6 +47,7 @@ graph TD;
44
47
  E4 --> 5
45
48
  5 --> 6
46
49
  6 --> 7
50
+ 7 --> 8
47
51
 
48
52
  M1 --> M2
49
53
  M2 --> M3
@@ -92,6 +96,10 @@ When the credential is different than an eID, the flow requires the user to pres
92
96
 
93
97
  The expected result from the authentication process is in `form_post.jwt` format as defined in [JWT Secured Authorization Response Mode for OAuth 2.0 (JARM)](https://openid.net/specs/oauth-v2-jarm.html#name-response-mode-form_postjwt).
94
98
 
99
+ ## Batch issuance
100
+
101
+ To obtain a batch of credentials the Issuance module exposes a dedicated method—`obtainCredentialsBatch`—that returns a list of credentials of the same type with different cryptographic data. For this reason the caller must generate multiple keys and attest them in a single Wallet Unit Attestation.
102
+
95
103
  ## Examples
96
104
 
97
105
  <details>
@@ -119,12 +127,28 @@ const { WALLET_PROVIDER_BASE_URL, WALLET_EAA_PROVIDER_BASE_URL, REDIRECT_URI } =
119
127
  * WARNING: The integrity context must be the same used when creating the Wallet Instance with the same keytag.
120
128
  */
121
129
  const walletInstanceAttestation =
122
- await WalletInstanceAttestation.getAttestation({
123
- wiaCryptoContext,
124
- integrityContext,
125
- walletProviderBaseUrl: WALLET_PROVIDER_BASE_URL,
126
- appFetch,
127
- });
130
+ await wallet.WalletInstanceAttestation.getAttestation(
131
+ {
132
+ walletProviderBaseUrl: WALLET_PROVIDER_BASE_URL,
133
+ walletSolutionId: "exampleId",
134
+ walletSolutionVersion: "1.2.3",
135
+ },
136
+ {
137
+ wiaCryptoContext,
138
+ integrityContext,
139
+ appFetch,
140
+ }
141
+ );
142
+
143
+ const credentialKeyTag = uuidv4().toString();
144
+ let walletUnitAttestation: string | undefined;
145
+
146
+ // Obtains a Wallet Unit Attestation if supported
147
+ if (wallet.WalletUnitAttestation.isSupported) {
148
+ walletUnitAttestation = await wallet.WalletUnitAttestation.getAttestation(); // See the Wallet Unit Attestation README for more details
149
+ } else {
150
+ await generate(credentialKeyTag); // Let's assume this function generates a new hardware-backed key pair
151
+ }
128
152
 
129
153
  const pid = {
130
154
  credential: "example",
@@ -133,9 +157,6 @@ const pid = {
133
157
  credentialType: "PersonIdentificationData";
134
158
  };
135
159
 
136
- // Create credential crypto context
137
- const credentialKeyTag = uuidv4().toString();
138
- await generate(credentialKeyTag); // Let's assume this function generates a new hardware-backed key pair
139
160
  const credentialCryptoContext = createCryptoContextFor(credentialKeyTag);
140
161
 
141
162
  // Evaluate issuer trust
@@ -271,12 +292,18 @@ const { WALLET_PROVIDER_BASE_URL, WALLET_EID_PROVIDER_BASE_URL, REDIRECT_URI } =
271
292
  * WARNING: The integrity context must be the same used when creating the Wallet Instance with the same keytag.
272
293
  */
273
294
  const walletInstanceAttestation =
274
- await WalletInstanceAttestation.getAttestation({
275
- wiaCryptoContext,
276
- integrityContext,
277
- walletProviderBaseUrl: WALLET_PROVIDER_BASE_URL,
278
- appFetch,
279
- });
295
+ await wallet.WalletInstanceAttestation.getAttestation(
296
+ {
297
+ walletProviderBaseUrl: WALLET_PROVIDER_BASE_URL,
298
+ walletSolutionId: "exampleId",
299
+ walletSolutionVersion: "1.2.3",
300
+ },
301
+ {
302
+ wiaCryptoContext,
303
+ integrityContext,
304
+ appFetch,
305
+ }
306
+ );
280
307
 
281
308
  const idpHit = "https://example.com"; // Let's assume this is the IDP hint
282
309
 
package/lib/commonjs/credential/issuance/common/02-start-user-authorization.js CHANGED
@@ -4,6 +4,7 @@ Object.defineProperty(exports, "__esModule", {
4
4
  value: true
5
5
  });
6
6
  exports.selectResponseMode = exports.selectCredentialDefinition = void 0;
7
+ var _errors = require("../../../utils/errors");
7
8
  var _logging = require("../../../utils/logging");
8
9
  /**
9
10
  * Ensures that the credential type requested is supported by the issuer and contained in the
@@ -20,7 +21,7 @@ const selectCredentialDefinition = (issuerConf, credentialId) => {
20
21
  }));
21
22
  if (!result) {
22
23
  _logging.Logger.log(_logging.LogLevel.ERROR, `Requested credential ${credentialId} is not supported by the issuer according to its configuration ${JSON.stringify(credential_configurations_supported)}`);
23
- throw new Error(`No credential support the type '${credentialId}'`);
24
+ throw new _errors.IoWalletError(`No credential support the type '${credentialId}'`);
24
25
  }
25
26
  return result;
26
27
  };
@@ -40,14 +41,14 @@ const selectResponseMode = (issuerConf, credentialIds) => {
40
41
  }
41
42
  if (responseModeSet.size !== 1) {
42
43
  _logging.Logger.log(_logging.LogLevel.ERROR, `${credentialIds} have incompatible response_mode: ${[...responseModeSet.values()]}`);
43
- throw new Error("Requested credentials have incompatible response_mode and cannot be requested with the same PAR request");
44
+ throw new _errors.IoWalletError("Requested credentials have incompatible response_mode and cannot be requested with the same PAR request");
44
45
  }
45
46
  const [responseMode] = responseModeSet.values();
46
47
  _logging.Logger.log(_logging.LogLevel.DEBUG, `Selected response mode ${responseMode} for credential IDs ${credentialIds}`);
47
48
  const responseModeSupported = issuerConf.response_modes_supported;
48
49
  if (responseModeSupported && !responseModeSupported.includes(responseMode)) {
49
50
  _logging.Logger.log(_logging.LogLevel.ERROR, `Requested response mode ${responseMode} is not supported by the issuer according to its configuration ${JSON.stringify(responseModeSupported)}`);
50
- throw new Error(`No response mode support for IDs '${credentialIds}'`);
51
+ throw new _errors.IoWalletError(`No response mode support for IDs '${credentialIds}'`);
51
52
  }
52
53
  return responseMode;
53
54
  };
package/lib/commonjs/credential/issuance/common/02-start-user-authorization.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["_logging","require","selectCredentialDefinition","issuerConf","credentialId","credential_configurations_supported","result","Object","keys","filter","e","includes","map","credential_configuration_id","type","Logger","log","LogLevel","ERROR","JSON","stringify","Error","exports","selectResponseMode","credentialIds","responseModeSet","Set","add","match","size","values","responseMode","DEBUG","responseModeSupported","response_modes_supported"],"sourceRoot":"../../../../../src","sources":["credential/issuance/common/02-start-user-authorization.ts"],"mappings":";;;;;;AAAA,IAAAA,QAAA,GAAAC,OAAA;AAMA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMC,0BAA0B,GAAGA,CACxCC,UAAwB,EACxBC,YAAoB,KACI;EACxB,MAAMC,mCAAmC,GACvCF,UAAU,CAACE,mCAAmC;EAEhD,MAAM,CAACC,MAAM,CAAC,GAAGC,MAAM,CAACC,IAAI,CAACH,mCAAmC,CAAC,CAC9DI,MAAM,CAAEC,CAAC,IAAKA,CAAC,CAACC,QAAQ,CAACP,YAAY,CAAC,CAAC,CACvCQ,GAAG,CAAC,OAAO;IACVC,2BAA2B,EAAET,YAAY;IACzCU,IAAI,EAAE;EACR,CAAC,CAAC,CAAC;EAEL,IAAI,CAACR,MAAM,EAAE;IACXS,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACC,KAAK,EACb,wBAAuBd,YAAa,kEAAiEe,IAAI,CAACC,SAAS,CAACf,mCAAmC,CAAE,EAC5J,CAAC;IACD,MAAM,IAAIgB,KAAK,CAAE,mCAAkCjB,YAAa,GAAE,CAAC;EACrE;EACA,OAAOE,MAAM;AACf,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AANAgB,OAAA,CAAApB,0BAAA,GAAAA,0BAAA;AAOO,MAAMqB,kBAAkB,GAAGA,CAChCpB,UAAwB,EACxBqB,aAAuB,KACN;EACjB,MAAMC,eAAe,GAAG,IAAIC,GAAG,CAAe,CAAC;EAE/C,KAAK,MAAMtB,YAAY,IAAIoB,aAAa,EAAE;IACxCC,eAAe,CAACE,GAAG,CACjBvB,YAAY,CAACwB,KAAK,CAAC,2BAA2B,CAAC,GAC3C,OAAO,GACP,eACN,CAAC;EACH;EAEA,IAAIH,eAAe,CAACI,IAAI,KAAK,CAAC,EAAE;IAC9Bd,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACC,KAAK,EACb,GAAEM,aAAc,qCAAoC,CAAC,GAAGC,eAAe,CAACK,MAAM,CAAC,CAAC,CAAE,EACrF,CAAC;IACD,MAAM,IAAIT,KAAK,CACb,yGACF,CAAC;EACH;EAEA,MAAM,CAACU,YAAY,CAAC,GAAGN,eAAe,CAACK,MAAM,CAAC,CAAC;EAE/Cf,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACe,KAAK,EACb,0BAAyBD,YAAa,uBAAsBP,aAAc,EAC7E,CAAC;EAED,MAAMS,qBAAqB,GAAG9B,UAAU,CAAC+B,wBAAwB;EACjE,IAAID,qBAAqB,IAAI,CAACA,qBAAqB,CAACtB,QAAQ,CAACoB,YAAa,CAAC,EAAE;IAC3EhB,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACC,KAAK,EACb,2BAA0Ba,YAAa,kEAAiEZ,IAAI,CAACC,SAAS,CAACa,qBAAqB,CAAE,EACjJ,CAAC;IACD,MAAM,IAAIZ,KAAK,CAAE,qCAAoCG,aAAc,GAAE,CAAC;EACxE;EAEA,OAAOO,YAAY;AACrB,CAAC;AAACT,OAAA,CAAAC,kBAAA,GAAAA,kBAAA"}
1
+ {"version":3,"names":["_errors","require","_logging","selectCredentialDefinition","issuerConf","credentialId","credential_configurations_supported","result","Object","keys","filter","e","includes","map","credential_configuration_id","type","Logger","log","LogLevel","ERROR","JSON","stringify","IoWalletError","exports","selectResponseMode","credentialIds","responseModeSet","Set","add","match","size","values","responseMode","DEBUG","responseModeSupported","response_modes_supported"],"sourceRoot":"../../../../../src","sources":["credential/issuance/common/02-start-user-authorization.ts"],"mappings":";;;;;;AAAA,IAAAA,OAAA,GAAAC,OAAA;AACA,IAAAC,QAAA,GAAAD,OAAA;AAMA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAME,0BAA0B,GAAGA,CACxCC,UAAwB,EACxBC,YAAoB,KACI;EACxB,MAAMC,mCAAmC,GACvCF,UAAU,CAACE,mCAAmC;EAEhD,MAAM,CAACC,MAAM,CAAC,GAAGC,MAAM,CAACC,IAAI,CAACH,mCAAmC,CAAC,CAC9DI,MAAM,CAAEC,CAAC,IAAKA,CAAC,CAACC,QAAQ,CAACP,YAAY,CAAC,CAAC,CACvCQ,GAAG,CAAC,OAAO;IACVC,2BAA2B,EAAET,YAAY;IACzCU,IAAI,EAAE;EACR,CAAC,CAAC,CAAC;EAEL,IAAI,CAACR,MAAM,EAAE;IACXS,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACC,KAAK,EACb,wBAAuBd,YAAa,kEAAiEe,IAAI,CAACC,SAAS,CAACf,mCAAmC,CAAE,EAC5J,CAAC;IACD,MAAM,IAAIgB,qBAAa,CAAE,mCAAkCjB,YAAa,GAAE,CAAC;EAC7E;EACA,OAAOE,MAAM;AACf,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AANAgB,OAAA,CAAApB,0BAAA,GAAAA,0BAAA;AAOO,MAAMqB,kBAAkB,GAAGA,CAChCpB,UAAwB,EACxBqB,aAAuB,KACN;EACjB,MAAMC,eAAe,GAAG,IAAIC,GAAG,CAAe,CAAC;EAE/C,KAAK,MAAMtB,YAAY,IAAIoB,aAAa,EAAE;IACxCC,eAAe,CAACE,GAAG,CACjBvB,YAAY,CAACwB,KAAK,CAAC,2BAA2B,CAAC,GAC3C,OAAO,GACP,eACN,CAAC;EACH;EAEA,IAAIH,eAAe,CAACI,IAAI,KAAK,CAAC,EAAE;IAC9Bd,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACC,KAAK,EACb,GAAEM,aAAc,qCAAoC,CAAC,GAAGC,eAAe,CAACK,MAAM,CAAC,CAAC,CAAE,EACrF,CAAC;IACD,MAAM,IAAIT,qBAAa,CACrB,yGACF,CAAC;EACH;EAEA,MAAM,CAACU,YAAY,CAAC,GAAGN,eAAe,CAACK,MAAM,CAAC,CAAC;EAE/Cf,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACe,KAAK,EACb,0BAAyBD,YAAa,uBAAsBP,aAAc,EAC7E,CAAC;EAED,MAAMS,qBAAqB,GAAG9B,UAAU,CAAC+B,wBAAwB;EACjE,IAAID,qBAAqB,IAAI,CAACA,qBAAqB,CAACtB,QAAQ,CAACoB,YAAa,CAAC,EAAE;IAC3EhB,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACC,KAAK,EACb,2BAA0Ba,YAAa,kEAAiEZ,IAAI,CAACC,SAAS,CAACa,qBAAqB,CAAE,EACjJ,CAAC;IACD,MAAM,IAAIZ,qBAAa,CACpB,qCAAoCG,aAAc,GACrD,CAAC;EACH;EAEA,OAAOO,YAAY;AACrB,CAAC;AAACT,OAAA,CAAAC,kBAAA,GAAAA,kBAAA"}
package/lib/commonjs/credential/issuance/common/06-verify-and-parse-credential.sdjwt.js CHANGED
@@ -12,6 +12,8 @@ var _errors = require("../../../utils/errors");
12
12
  var _logging = require("../../../utils/logging");
13
13
  var _jwk = require("../../../utils/jwk");
14
14
  var _credentials = require("../../../utils/credentials");
15
+ var _x = require("../../../utils/x509");
16
+ var _errors2 = require("../../../trust/common/errors");
15
17
  /**
16
18
  * Parse a Sd-Jwt credential according to the issuer configuration
17
19
  * @param credentialConfig - the list of supported credentials, as defined in the issuer configuration with their claims metadata
@@ -118,6 +120,23 @@ const parseCredentialSdJwt = function (credentialConfig, parsedCredentialRaw) {
118
120
  return processLevel(parsedCredentialRaw, []);
119
121
  };
120
122
 
123
+ /**
124
+ * JWT verifier implementing the interface expected by the SD-JWT library.
125
+ * Verification is delegated to `io-react-native-jwt` to leverage its support for multiple algorithms.
126
+ * @returns Boolean indicating whether the verification succeeded or not
127
+ */
128
+ const sdJwtInstanceVerifier = async (data, signature, options) => {
129
+ if (!(options !== null && options !== void 0 && options.issuerKeys)) {
130
+ return false;
131
+ }
132
+ try {
133
+ await (0, _ioReactNativeJwt.verify)(`${data}.${signature}`, options.issuerKeys);
134
+ return true;
135
+ } catch {
136
+ return false;
137
+ }
138
+ };
139
+
121
140
  /**
122
141
  * Given a credential, verify it's in the supported format
123
142
  * and the credential is correctly signed
@@ -134,15 +153,13 @@ const parseCredentialSdJwt = function (credentialConfig, parsedCredentialRaw) {
134
153
  *
135
154
  */
136
155
  async function verifyCredentialSdJwt(rawCredential, issuerKeys, holderBindingContext) {
137
- const {
138
- protectedHeader
139
- } = (0, _ioReactNativeJwt.decode)(rawCredential);
140
- const verifierJwk = (0, _ioReactNativeJwt.getJwkFromHeader)(protectedHeader, issuerKeys);
141
156
  const sdJwtInstance = new _core.SDJwtInstance({
142
157
  hasher: _cryptoNodejs.digest,
143
- verifier: await _cryptoNodejs.ES256.getVerifier(verifierJwk)
158
+ verifier: sdJwtInstanceVerifier
144
159
  });
145
- const [verifiedCredential, holderBindingKey] = await Promise.all([sdJwtInstance.verify(rawCredential), holderBindingContext.getPublicKey()]);
160
+ const [verifiedCredential, holderBindingKey] = await Promise.all([sdJwtInstance.verify(rawCredential, {
161
+ issuerKeys
162
+ }), holderBindingContext.getPublicKey()]);
146
163
  const {
147
164
  cnf
148
165
  } = verifiedCredential.payload;
@@ -153,14 +170,26 @@ async function verifyCredentialSdJwt(rawCredential, issuerKeys, holderBindingCon
153
170
  }
154
171
  return await sdJwtInstance.decode((0, _credentials.fixLegacyCredentialSdJwt)(rawCredential));
155
172
  }
156
- const verifyAndParseCredentialSdJwt = async (issuerConf, credential, credentialConfigurationId, _ref) => {
173
+ const verifyAndParseCredentialSdJwt = async (issuerConf, credential, credentialConfigurationId, _ref, x509CertRoot) => {
157
174
  let {
158
175
  credentialCryptoContext,
159
176
  ignoreMissingAttributes,
160
- includeUndefinedAttributes
177
+ includeUndefinedAttributes,
178
+ validateCertificateChain
161
179
  } = _ref;
162
180
  const decoded = await verifyCredentialSdJwt(credential, issuerConf.keys, credentialCryptoContext);
163
181
  _logging.Logger.log(_logging.LogLevel.DEBUG, `Decoded credential: ${JSON.stringify(decoded)}`);
182
+ if (validateCertificateChain) {
183
+ var _decoded$jwt;
184
+ if (!x509CertRoot) {
185
+ throw new _errors.IoWalletError("Missing x509CertRoot");
186
+ }
187
+ const x5c = (_decoded$jwt = decoded.jwt) === null || _decoded$jwt === void 0 || (_decoded$jwt = _decoded$jwt.header) === null || _decoded$jwt === void 0 ? void 0 : _decoded$jwt.x5c;
188
+ if (!x5c || !Array.isArray(x5c) || x5c.length === 0) {
189
+ throw new _errors2.MissingX509CertsError("Missing x509 certificates");
190
+ }
191
+ await (0, _x.verifyX509Chain)(x5c, x509CertRoot);
192
+ }
164
193
  const credentialConfig = issuerConf.credential_configurations_supported[credentialConfigurationId];
165
194
  if (!credentialConfig) {
166
195
  _logging.Logger.log(_logging.LogLevel.ERROR, `Credential type not supported by the issuer: ${credentialConfigurationId}`);
package/lib/commonjs/credential/issuance/common/06-verify-and-parse-credential.sdjwt.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["_ioReactNativeJwt","require","_core","_cryptoNodejs","_parser","_errors","_logging","_jwk","_credentials","parseCredentialSdJwt","credentialConfig","parsedCredentialRaw","ignoreMissingAttributes","arguments","length","undefined","includeUndefinedAttributes","claimsMetadata","claims","missingPaths","rootKeysToVerify","Set","map","c","path","filter","p","rootKey","push","missing","join","received","Object","keys","IoWalletError","getDisplayNames","match","find","isPathEqual","nameMap","entry","display","locale","name","processLevel","currentData","currentPath","Array","isArray","item","dataObj","result","processedKeys","configKeysAtThisLevel","claim","isPrefixOf","nextPart","includes","key","stringKey","toString","dataValue","newPath","localizedNames","value","add","entries","has","verifyCredentialSdJwt","rawCredential","issuerKeys","holderBindingContext","protectedHeader","decode","verifierJwk","getJwkFromHeader","sdJwtInstance","SDJwtInstance","hasher","digest","verifier","ES256","getVerifier","verifiedCredential","holderBindingKey","Promise","all","verify","getPublicKey","cnf","payload","isSameThumbprint","jwk","message","kid","Logger","log","LogLevel","ERROR","fixLegacyCredentialSdJwt","verifyAndParseCredentialSdJwt","issuerConf","credential","credentialConfigurationId","_ref","credentialCryptoContext","decoded","DEBUG","JSON","stringify","credential_configurations_supported","getClaims","parsedCredential","issuedAt","iat","Date","exp","expiration","exports"],"sourceRoot":"../../../../../src","sources":["credential/issuance/common/06-verify-and-parse-credential.sdjwt.ts"],"mappings":";;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AAKA,IAAAC,KAAA,GAAAD,OAAA;AACA,IAAAE,aAAA,GAAAF,OAAA;AACA,IAAAG,OAAA,GAAAH,OAAA;AACA,IAAAI,OAAA,GAAAJ,OAAA;AACA,IAAAK,QAAA,GAAAL,OAAA;AACA,IAAAM,IAAA,GAAAN,OAAA;AAEA,IAAAO,YAAA,GAAAP,OAAA;AAMA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMQ,oBAAoB,GAAG,SAAAA,CAC3BC,gBAAgC,EAChCC,mBAA4C,EAGvB;EAAA,IAFrBC,uBAAgC,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,KAAK;EAAA,IACxCG,0BAAmC,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,KAAK;EAE3C,MAAMI,cAAc,GAAGP,gBAAgB,CAACQ,MAAM,IAAI,EAAE;;EAEpD;EACA,IAAI,CAACN,uBAAuB,EAAE;IAC5B,MAAMO,YAAsB,GAAG,EAAE;IACjC,MAAMC,gBAAgB,GAAG,IAAIC,GAAG,CAC9BJ,cAAc,CACXK,GAAG,CAAEC,CAAC,IAAKA,CAAC,CAACC,IAAI,CAAC,CAAC,CAAC,CAAC,CACrBC,MAAM,CAAEC,CAAC,IAAkB,OAAOA,CAAC,KAAK,QAAQ,CACrD,CAAC;IAED,KAAK,MAAMC,OAAO,IAAIP,gBAAgB,EAAE;MACtC,IAAI,EAAEO,OAAO,IAAIhB,mBAAmB,CAAC,EAAE;QACrCQ,YAAY,CAACS,IAAI,CAACD,OAAO,CAAC;MAC5B;IACF;IAEA,IAAIR,YAAY,CAACL,MAAM,GAAG,CAAC,EAAE;MAC3B,MAAMe,OAAO,GAAGV,YAAY,CAACW,IAAI,CAAC,IAAI,CAAC;MACvC,MAAMC,QAAQ,GAAGC,MAAM,CAACC,IAAI,CAACtB,mBAAmB,CAAC,CAACmB,IAAI,CAAC,IAAI,CAAC;MAC5D,MAAM,IAAII,qBAAa,CACpB,4DAA2DL,OAAQ,iBAAgBE,QAAS,GAC/F,CAAC;IACH;EACF;;EAEA;AACF;AACA;EACE,MAAMI,eAAe,GACnBX,IAAgC,IACO;IACvC,MAAMY,KAAK,GAAGnB,cAAc,CAACoB,IAAI,CAAEd,CAAC,IAAK,IAAAe,mBAAW,EAACf,CAAC,CAACC,IAAI,EAAEA,IAAI,CAAC,CAAC;IACnE,IAAI,CAACY,KAAK,EAAE,OAAOrB,SAAS;IAE5B,MAAMwB,OAA+B,GAAG,CAAC,CAAC;IAC1C,KAAK,MAAMC,KAAK,IAAIJ,KAAK,CAACK,OAAO,EAAE;MACjCF,OAAO,CAACC,KAAK,CAACE,MAAM,CAAC,GAAGF,KAAK,CAACG,IAAI;IACpC;IACA,OAAOJ,OAAO;EAChB,CAAC;;EAED;AACF;AACA;EACE,MAAMK,YAAY,GAAGA,CACnBC,WAAoB,EACpBC,WAAuC,KAC3B;IACZ;IACA,IAAIC,KAAK,CAACC,OAAO,CAACH,WAAW,CAAC,EAAE;MAC9B,OAAOA,WAAW,CAACvB,GAAG,CAAE2B,IAAI,IAC1BL,YAAY,CAACK,IAAI,EAAE,CAAC,GAAGH,WAAW,EAAE,IAAI,CAAC,CAC3C,CAAC;IACH;;IAEA;IACA,IAAI,OAAOD,WAAW,KAAK,QAAQ,IAAIA,WAAW,KAAK,IAAI,EAAE;MAC3D,OAAOA,WAAW;IACpB;IAEA,MAAMK,OAAO,GAAGL,WAAsC;IACtD,MAAMM,MAAwB,GAAG,CAAC,CAAC;IACnC,MAAMC,aAAa,GAAG,IAAI/B,GAAG,CAAkB,CAAC;;IAEhD;IACA,MAAMgC,qBAA0C,GAAG,EAAE;IACrD,KAAK,MAAMC,KAAK,IAAIrC,cAAc,EAAE;MAClC;MACA,IAAI,IAAAsC,kBAAU,EAACT,WAAW,EAAEQ,KAAK,CAAC9B,IAAI,CAAC,EAAE;QACvC,MAAMgC,QAAQ,GAAGF,KAAK,CAAC9B,IAAI,CAACsB,WAAW,CAAChC,MAAM,CAAC;QAC/C,IACE,CAAC,OAAO0C,QAAQ,KAAK,QAAQ,IAAI,OAAOA,QAAQ,KAAK,QAAQ,KAC7D,CAACH,qBAAqB,CAACI,QAAQ,CAACD,QAAQ,CAAC,EACzC;UACAH,qBAAqB,CAACzB,IAAI,CAAC4B,QAAQ,CAAC;QACtC;MACF;IACF;;IAEA;IACA,KAAK,MAAME,GAAG,IAAIL,qBAAqB,EAAE;MACvC,MAAMM,SAAS,GAAGD,GAAG,CAACE,QAAQ,CAAC,CAAC;MAChC,MAAMC,SAAS,GAAGX,OAAO,CAACS,SAAS,CAAC;MACpC,IAAIE,SAAS,KAAK9C,SAAS,EAAE;MAE7B,MAAM+C,OAAO,GAAG,CAAC,GAAGhB,WAAW,EAAEY,GAAG,CAAC;MAErC,IAAIK,cAAc,GAAG5B,eAAe,CAAC2B,OAAO,CAAC;;MAE7C;MACA,IAAI,CAACC,cAAc,IAAIhB,KAAK,CAACC,OAAO,CAACa,SAAS,CAAC,EAAE;QAC/CE,cAAc,GAAG5B,eAAe,CAAC,CAAC,GAAG2B,OAAO,EAAE,IAAI,CAAC,CAAC;MACtD;MAEAX,MAAM,CAACQ,SAAS,CAAC,GAAG;QAClBhB,IAAI,EAAEoB,cAAc,IAAIJ,SAAS;QACjCK,KAAK,EAAEpB,YAAY,CAACiB,SAAS,EAAEC,OAAO;MACxC,CAAC;MAEDV,aAAa,CAACa,GAAG,CAACP,GAAG,CAAC;IACxB;;IAEA;IACA,IAAI1C,0BAA0B,EAAE;MAC9B,KAAK,MAAM,CAAC0C,GAAG,EAAEM,KAAK,CAAC,IAAIhC,MAAM,CAACkC,OAAO,CAAChB,OAAO,CAAC,EAAE;QAClD,IAAI,CAACE,aAAa,CAACe,GAAG,CAACT,GAAG,CAAC,EAAE;UAC3BP,MAAM,CAACO,GAAG,CAAC,GAAG;YACZf,IAAI,EAAEe,GAAG;YACTM,KAAK,EAAEA;UACT,CAAC;QACH;MACF;IACF;IAEA,OAAOb,MAAM;EACf,CAAC;EAED,OAAOP,YAAY,CAACjC,mBAAmB,EAAE,EAAE,CAAC;AAC9C,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,eAAeyD,qBAAqBA,CAClCC,aAAqB,EACrBC,UAAiB,EACjBC,oBAAmC,EACnB;EAChB,MAAM;IAAEC;EAAgB,CAAC,GAAG,IAAAC,wBAAM,EAACJ,aAAa,CAAC;EACjD,MAAMK,WAAW,GAAG,IAAAC,kCAAgB,EAACH,eAAe,EAAEF,UAAU,CAAC;EAEjE,MAAMM,aAAa,GAAG,IAAIC,mBAAa,CAAC;IACtCC,MAAM,EAAEC,oBAAM;IACdC,QAAQ,EAAE,MAAMC,mBAAK,CAACC,WAAW,CAACR,WAAW;EAC/C,CAAC,CAAC;EAEF,MAAM,CAACS,kBAAkB,EAAEC,gBAAgB,CAAC,GAAG,MAAMC,OAAO,CAACC,GAAG,CAAC,CAC/DV,aAAa,CAACW,MAAM,CAAClB,aAAa,CAAC,EACnCE,oBAAoB,CAACiB,YAAY,CAAC,CAAC,CACpC,CAAC;EAEF,MAAM;IAAEC;EAAI,CAAC,GAAGN,kBAAkB,CAACO,OAAkC;EACrE,IAAI,EAAE,MAAM,IAAAC,qBAAgB,EAACF,GAAG,CAACG,GAAG,EAAER,gBAAuB,CAAC,CAAC,EAAE;IAC/D,MAAMS,OAAO,GAAI,kDAAiDT,gBAAgB,CAACU,GAAI,UAASL,GAAG,CAACG,GAAG,CAACE,GAAI,EAAC;IAC7GC,eAAM,CAACC,GAAG,CAACC,iBAAQ,CAACC,KAAK,EAAEL,OAAO,CAAC;IACnC,MAAM,IAAI3D,qBAAa,CAAC2D,OAAO,CAAC;EAClC;EAEA,OAAO,MAAMjB,aAAa,CAACH,MAAM,CAAC,IAAA0B,qCAAwB,EAAC9B,aAAa,CAAC,CAAC;AAC5E;AAEO,MAAM+B,6BAAsE,GACjF,MAAAA,CACEC,UAAU,EACVC,UAAU,EACVC,yBAAyB,EAAAC,IAAA,KAMtB;EAAA,IALH;IACEC,uBAAuB;IACvB7F,uBAAuB;IACvBI;EACF,CAAC,GAAAwF,IAAA;EAED,MAAME,OAAO,GAAG,MAAMtC,qBAAqB,CACzCkC,UAAU,EACVD,UAAU,CAACpE,IAAI,EACfwE,uBACF,CAAC;EAEDV,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACU,KAAK,EACb,uBAAsBC,IAAI,CAACC,SAAS,CAACH,OAAO,CAAE,EACjD,CAAC;EAED,MAAMhG,gBAAgB,GACpB2F,UAAU,CAACS,mCAAmC,CAACP,yBAAyB,CAAC;EAE3E,IAAI,CAAC7F,gBAAgB,EAAE;IACrBqF,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACC,KAAK,EACb,gDAA+CK,yBAA0B,EAC5E,CAAC;IACD,MAAM,IAAIrE,qBAAa,CAAC,6CAA6C,CAAC;EACxE;EAEA,MAAMvB,mBAAmB,GAAI,MAAM+F,OAAO,CAACK,SAAS,CAAChC,oBAAM,CAG1D;EAED,MAAMiC,gBAAgB,GAAGvG,oBAAoB,CAC3CC,gBAAgB,EAChBC,mBAAmB,EACnBC,uBAAuB,EACvBI,0BACF,CAAC;EAED,MAAMiG,QAAQ,GACZ,OAAOtG,mBAAmB,CAACuG,GAAG,KAAK,QAAQ,GACvC,IAAIC,IAAI,CAACxG,mBAAmB,CAACuG,GAAG,GAAG,IAAI,CAAC,GACxCnG,SAAS;EAEf,IAAI,OAAOJ,mBAAmB,CAACyG,GAAG,KAAK,QAAQ,EAAE;IAC/C,MAAM,IAAIlF,qBAAa,CAAC,2CAA2C,CAAC;EACtE;EACA,MAAMmF,UAAU,GAAG,IAAIF,IAAI,CAACxG,mBAAmB,CAACyG,GAAG,GAAG,IAAI,CAAC;EAE3DrB,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACU,KAAK,EACb,sBAAqBC,IAAI,CAACC,SAAS,CAACG,gBAAgB,CAAE,gBAAeC,QAAS,EACjF,CAAC;EAED,OAAO;IACLD,gBAAgB;IAChBK,UAAU;IACVJ;EACF,CAAC;AACH,CAAC;AAACK,OAAA,CAAAlB,6BAAA,GAAAA,6BAAA"}
1
+ {"version":3,"names":["_ioReactNativeJwt","require","_core","_cryptoNodejs","_parser","_errors","_logging","_jwk","_credentials","_x","_errors2","parseCredentialSdJwt","credentialConfig","parsedCredentialRaw","ignoreMissingAttributes","arguments","length","undefined","includeUndefinedAttributes","claimsMetadata","claims","missingPaths","rootKeysToVerify","Set","map","c","path","filter","p","rootKey","push","missing","join","received","Object","keys","IoWalletError","getDisplayNames","match","find","isPathEqual","nameMap","entry","display","locale","name","processLevel","currentData","currentPath","Array","isArray","item","dataObj","result","processedKeys","configKeysAtThisLevel","claim","isPrefixOf","nextPart","includes","key","stringKey","toString","dataValue","newPath","localizedNames","value","add","entries","has","sdJwtInstanceVerifier","data","signature","options","issuerKeys","verifyJwt","verifyCredentialSdJwt","rawCredential","holderBindingContext","sdJwtInstance","SDJwtInstance","hasher","digest","verifier","verifiedCredential","holderBindingKey","Promise","all","verify","getPublicKey","cnf","payload","isSameThumbprint","jwk","message","kid","Logger","log","LogLevel","ERROR","decode","fixLegacyCredentialSdJwt","verifyAndParseCredentialSdJwt","issuerConf","credential","credentialConfigurationId","_ref","x509CertRoot","credentialCryptoContext","validateCertificateChain","decoded","DEBUG","JSON","stringify","_decoded$jwt","x5c","jwt","header","MissingX509CertsError","verifyX509Chain","credential_configurations_supported","getClaims","parsedCredential","issuedAt","iat","Date","exp","expiration","exports"],"sourceRoot":"../../../../../src","sources":["credential/issuance/common/06-verify-and-parse-credential.sdjwt.ts"],"mappings":";;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AAIA,IAAAC,KAAA,GAAAD,OAAA;AACA,IAAAE,aAAA,GAAAF,OAAA;AAEA,IAAAG,OAAA,GAAAH,OAAA;AACA,IAAAI,OAAA,GAAAJ,OAAA;AACA,IAAAK,QAAA,GAAAL,OAAA;AACA,IAAAM,IAAA,GAAAN,OAAA;AAEA,IAAAO,YAAA,GAAAP,OAAA;AACA,IAAAQ,EAAA,GAAAR,OAAA;AACA,IAAAS,QAAA,GAAAT,OAAA;AAMA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMU,oBAAoB,GAAG,SAAAA,CAC3BC,gBAAgC,EAChCC,mBAA4C,EAGvB;EAAA,IAFrBC,uBAAgC,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,KAAK;EAAA,IACxCG,0BAAmC,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,KAAK;EAE3C,MAAMI,cAAc,GAAGP,gBAAgB,CAACQ,MAAM,IAAI,EAAE;;EAEpD;EACA,IAAI,CAACN,uBAAuB,EAAE;IAC5B,MAAMO,YAAsB,GAAG,EAAE;IACjC,MAAMC,gBAAgB,GAAG,IAAIC,GAAG,CAC9BJ,cAAc,CACXK,GAAG,CAAEC,CAAC,IAAKA,CAAC,CAACC,IAAI,CAAC,CAAC,CAAC,CAAC,CACrBC,MAAM,CAAEC,CAAC,IAAkB,OAAOA,CAAC,KAAK,QAAQ,CACrD,CAAC;IAED,KAAK,MAAMC,OAAO,IAAIP,gBAAgB,EAAE;MACtC,IAAI,EAAEO,OAAO,IAAIhB,mBAAmB,CAAC,EAAE;QACrCQ,YAAY,CAACS,IAAI,CAACD,OAAO,CAAC;MAC5B;IACF;IAEA,IAAIR,YAAY,CAACL,MAAM,GAAG,CAAC,EAAE;MAC3B,MAAMe,OAAO,GAAGV,YAAY,CAACW,IAAI,CAAC,IAAI,CAAC;MACvC,MAAMC,QAAQ,GAAGC,MAAM,CAACC,IAAI,CAACtB,mBAAmB,CAAC,CAACmB,IAAI,CAAC,IAAI,CAAC;MAC5D,MAAM,IAAII,qBAAa,CACpB,4DAA2DL,OAAQ,iBAAgBE,QAAS,GAC/F,CAAC;IACH;EACF;;EAEA;AACF;AACA;EACE,MAAMI,eAAe,GACnBX,IAAgC,IACO;IACvC,MAAMY,KAAK,GAAGnB,cAAc,CAACoB,IAAI,CAAEd,CAAC,IAAK,IAAAe,mBAAW,EAACf,CAAC,CAACC,IAAI,EAAEA,IAAI,CAAC,CAAC;IACnE,IAAI,CAACY,KAAK,EAAE,OAAOrB,SAAS;IAE5B,MAAMwB,OAA+B,GAAG,CAAC,CAAC;IAC1C,KAAK,MAAMC,KAAK,IAAIJ,KAAK,CAACK,OAAO,EAAE;MACjCF,OAAO,CAACC,KAAK,CAACE,MAAM,CAAC,GAAGF,KAAK,CAACG,IAAI;IACpC;IACA,OAAOJ,OAAO;EAChB,CAAC;;EAED;AACF;AACA;EACE,MAAMK,YAAY,GAAGA,CACnBC,WAAoB,EACpBC,WAAuC,KAC3B;IACZ;IACA,IAAIC,KAAK,CAACC,OAAO,CAACH,WAAW,CAAC,EAAE;MAC9B,OAAOA,WAAW,CAACvB,GAAG,CAAE2B,IAAI,IAC1BL,YAAY,CAACK,IAAI,EAAE,CAAC,GAAGH,WAAW,EAAE,IAAI,CAAC,CAC3C,CAAC;IACH;;IAEA;IACA,IAAI,OAAOD,WAAW,KAAK,QAAQ,IAAIA,WAAW,KAAK,IAAI,EAAE;MAC3D,OAAOA,WAAW;IACpB;IAEA,MAAMK,OAAO,GAAGL,WAAsC;IACtD,MAAMM,MAAwB,GAAG,CAAC,CAAC;IACnC,MAAMC,aAAa,GAAG,IAAI/B,GAAG,CAAkB,CAAC;;IAEhD;IACA,MAAMgC,qBAA0C,GAAG,EAAE;IACrD,KAAK,MAAMC,KAAK,IAAIrC,cAAc,EAAE;MAClC;MACA,IAAI,IAAAsC,kBAAU,EAACT,WAAW,EAAEQ,KAAK,CAAC9B,IAAI,CAAC,EAAE;QACvC,MAAMgC,QAAQ,GAAGF,KAAK,CAAC9B,IAAI,CAACsB,WAAW,CAAChC,MAAM,CAAC;QAC/C,IACE,CAAC,OAAO0C,QAAQ,KAAK,QAAQ,IAAI,OAAOA,QAAQ,KAAK,QAAQ,KAC7D,CAACH,qBAAqB,CAACI,QAAQ,CAACD,QAAQ,CAAC,EACzC;UACAH,qBAAqB,CAACzB,IAAI,CAAC4B,QAAQ,CAAC;QACtC;MACF;IACF;;IAEA;IACA,KAAK,MAAME,GAAG,IAAIL,qBAAqB,EAAE;MACvC,MAAMM,SAAS,GAAGD,GAAG,CAACE,QAAQ,CAAC,CAAC;MAChC,MAAMC,SAAS,GAAGX,OAAO,CAACS,SAAS,CAAC;MACpC,IAAIE,SAAS,KAAK9C,SAAS,EAAE;MAE7B,MAAM+C,OAAO,GAAG,CAAC,GAAGhB,WAAW,EAAEY,GAAG,CAAC;MAErC,IAAIK,cAAc,GAAG5B,eAAe,CAAC2B,OAAO,CAAC;;MAE7C;MACA,IAAI,CAACC,cAAc,IAAIhB,KAAK,CAACC,OAAO,CAACa,SAAS,CAAC,EAAE;QAC/CE,cAAc,GAAG5B,eAAe,CAAC,CAAC,GAAG2B,OAAO,EAAE,IAAI,CAAC,CAAC;MACtD;MAEAX,MAAM,CAACQ,SAAS,CAAC,GAAG;QAClBhB,IAAI,EAAEoB,cAAc,IAAIJ,SAAS;QACjCK,KAAK,EAAEpB,YAAY,CAACiB,SAAS,EAAEC,OAAO;MACxC,CAAC;MAEDV,aAAa,CAACa,GAAG,CAACP,GAAG,CAAC;IACxB;;IAEA;IACA,IAAI1C,0BAA0B,EAAE;MAC9B,KAAK,MAAM,CAAC0C,GAAG,EAAEM,KAAK,CAAC,IAAIhC,MAAM,CAACkC,OAAO,CAAChB,OAAO,CAAC,EAAE;QAClD,IAAI,CAACE,aAAa,CAACe,GAAG,CAACT,GAAG,CAAC,EAAE;UAC3BP,MAAM,CAACO,GAAG,CAAC,GAAG;YACZf,IAAI,EAAEe,GAAG;YACTM,KAAK,EAAEA;UACT,CAAC;QACH;MACF;IACF;IAEA,OAAOb,MAAM;EACf,CAAC;EAED,OAAOP,YAAY,CAACjC,mBAAmB,EAAE,EAAE,CAAC;AAC9C,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA,MAAMyD,qBAAsD,GAAG,MAAAA,CAC7DC,IAAI,EACJC,SAAS,EACTC,OAAO,KACJ;EACH,IAAI,EAACA,OAAO,aAAPA,OAAO,eAAPA,OAAO,CAAEC,UAAU,GAAE;IACxB,OAAO,KAAK;EACd;EACA,IAAI;IACF,MAAM,IAAAC,wBAAS,EAAE,GAAEJ,IAAK,IAAGC,SAAU,EAAC,EAAEC,OAAO,CAACC,UAAU,CAAC;IAC3D,OAAO,IAAI;EACb,CAAC,CAAC,MAAM;IACN,OAAO,KAAK;EACd;AACF,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,eAAeE,qBAAqBA,CAClCC,aAAqB,EACrBH,UAAiB,EACjBI,oBAAmC,EACnB;EAChB,MAAMC,aAAa,GAAG,IAAIC,mBAAa,CAAC;IACtCC,MAAM,EAAEC,oBAAM;IACdC,QAAQ,EAAEb;EACZ,CAAC,CAAC;EAEF,MAAM,CAACc,kBAAkB,EAAEC,gBAAgB,CAAC,GAAG,MAAMC,OAAO,CAACC,GAAG,CAAC,CAC/DR,aAAa,CAACS,MAAM,CAACX,aAAa,EAAE;IAAEH;EAAW,CAAC,CAAC,EACnDI,oBAAoB,CAACW,YAAY,CAAC,CAAC,CACpC,CAAC;EAEF,MAAM;IAAEC;EAAI,CAAC,GAAGN,kBAAkB,CAACO,OAAkC;EACrE,IAAI,EAAE,MAAM,IAAAC,qBAAgB,EAACF,GAAG,CAACG,GAAG,EAAER,gBAAuB,CAAC,CAAC,EAAE;IAC/D,MAAMS,OAAO,GAAI,kDAAiDT,gBAAgB,CAACU,GAAI,UAASL,GAAG,CAACG,GAAG,CAACE,GAAI,EAAC;IAC7GC,eAAM,CAACC,GAAG,CAACC,iBAAQ,CAACC,KAAK,EAAEL,OAAO,CAAC;IACnC,MAAM,IAAI1D,qBAAa,CAAC0D,OAAO,CAAC;EAClC;EAEA,OAAO,MAAMf,aAAa,CAACqB,MAAM,CAAC,IAAAC,qCAAwB,EAACxB,aAAa,CAAC,CAAC;AAC5E;AAEO,MAAMyB,6BAAsE,GACjF,MAAAA,CACEC,UAAU,EACVC,UAAU,EACVC,yBAAyB,EAAAC,IAAA,EAOzBC,YAAY,KACT;EAAA,IAPH;IACEC,uBAAuB;IACvB9F,uBAAuB;IACvBI,0BAA0B;IAC1B2F;EACF,CAAC,GAAAH,IAAA;EAGD,MAAMI,OAAO,GAAG,MAAMlC,qBAAqB,CACzC4B,UAAU,EACVD,UAAU,CAACpE,IAAI,EACfyE,uBACF,CAAC;EAEDZ,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACa,KAAK,EACb,uBAAsBC,IAAI,CAACC,SAAS,CAACH,OAAO,CAAE,EACjD,CAAC;EAED,IAAID,wBAAwB,EAAE;IAAA,IAAAK,YAAA;IAC5B,IAAI,CAACP,YAAY,EAAE;MACjB,MAAM,IAAIvE,qBAAa,CAAC,sBAAsB,CAAC;IACjD;IACA,MAAM+E,GAAG,IAAAD,YAAA,GAAGJ,OAAO,CAACM,GAAG,cAAAF,YAAA,gBAAAA,YAAA,GAAXA,YAAA,CAAaG,MAAM,cAAAH,YAAA,uBAAnBA,YAAA,CAAqBC,GAA2B;IAC5D,IAAI,CAACA,GAAG,IAAI,CAAClE,KAAK,CAACC,OAAO,CAACiE,GAAG,CAAC,IAAIA,GAAG,CAACnG,MAAM,KAAK,CAAC,EAAE;MACnD,MAAM,IAAIsG,8BAAqB,CAAC,2BAA2B,CAAC;IAC9D;IACA,MAAM,IAAAC,kBAAe,EAACJ,GAAG,EAAER,YAAY,CAAC;EAC1C;EAEA,MAAM/F,gBAAgB,GACpB2F,UAAU,CAACiB,mCAAmC,CAACf,yBAAyB,CAAC;EAE3E,IAAI,CAAC7F,gBAAgB,EAAE;IACrBoF,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACC,KAAK,EACb,gDAA+CM,yBAA0B,EAC5E,CAAC;IACD,MAAM,IAAIrE,qBAAa,CAAC,6CAA6C,CAAC;EACxE;EAEA,MAAMvB,mBAAmB,GAAI,MAAMiG,OAAO,CAACW,SAAS,CAACvC,oBAAM,CAG1D;EAED,MAAMwC,gBAAgB,GAAG/G,oBAAoB,CAC3CC,gBAAgB,EAChBC,mBAAmB,EACnBC,uBAAuB,EACvBI,0BACF,CAAC;EAED,MAAMyG,QAAQ,GACZ,OAAO9G,mBAAmB,CAAC+G,GAAG,KAAK,QAAQ,GACvC,IAAIC,IAAI,CAAChH,mBAAmB,CAAC+G,GAAG,GAAG,IAAI,CAAC,GACxC3G,SAAS;EAEf,IAAI,OAAOJ,mBAAmB,CAACiH,GAAG,KAAK,QAAQ,EAAE;IAC/C,MAAM,IAAI1F,qBAAa,CAAC,2CAA2C,CAAC;EACtE;EACA,MAAM2F,UAAU,GAAG,IAAIF,IAAI,CAAChH,mBAAmB,CAACiH,GAAG,GAAG,IAAI,CAAC;EAE3D9B,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACa,KAAK,EACb,sBAAqBC,IAAI,CAACC,SAAS,CAACS,gBAAgB,CAAE,gBAAeC,QAAS,EACjF,CAAC;EAED,OAAO;IACLD,gBAAgB;IAChBK,UAAU;IACVJ;EACF,CAAC;AACH,CAAC;AAACK,OAAA,CAAA1B,6BAAA,GAAAA,6BAAA"}
package/lib/commonjs/credential/issuance/mrtd-pop/02-init-challenge.js CHANGED
@@ -3,50 +3,58 @@
3
3
  Object.defineProperty(exports, "__esModule", {
4
4
  value: true
5
5
  });
6
- exports.initChallenge = void 0;
7
- var _uuid = require("uuid");
6
+ exports.createInitChallenge = createInitChallenge;
8
7
  var _ioWalletOauth = require("@pagopa/io-wallet-oauth2");
9
8
  var _ioWalletUtils = require("@pagopa/io-wallet-utils");
10
- var _pop = require("../../../utils/pop");
11
9
  var _logging = require("../../../utils/logging");
12
- var WalletInstanceAttestation = _interopRequireWildcard(require("../../../wallet-instance-attestation/v1.0.0/utils"));
13
10
  var _errors = require("../../../utils/errors");
14
11
  var _callbacks = require("../../../utils/callbacks");
15
- function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
16
- function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
17
- // TODO: decouple from version 1.0.0
18
-
19
- const initChallenge = async (issuerConf, initUrl, mrtd_auth_session, mrtd_pop_jwt_nonce, context) => {
20
- const {
21
- appFetch = fetch,
22
- walletInstanceAttestation,
23
- wiaCryptoContext
24
- } = context;
25
- const iss = WalletInstanceAttestation.decode(walletInstanceAttestation).payload.cnf.jwk.kid;
26
- const signedWiaPoP = await (0, _pop.createPopToken)({
27
- jti: (0, _uuid.v4)(),
28
- aud: issuerConf.credential_issuer,
29
- iss
30
- }, wiaCryptoContext);
31
- const initResult = await (0, _ioWalletOauth.fetchMrtdPopInit)({
32
- popInitEndpoint: initUrl,
33
- mrtdAuthSession: mrtd_auth_session,
34
- mrtdPopJwtNonce: mrtd_pop_jwt_nonce,
35
- walletAttestation: walletInstanceAttestation,
36
- clientAttestationDPoP: signedWiaPoP,
37
- callbacks: {
38
- verifyJwt: (0, _callbacks.createVerifyJwtFromJwks)(issuerConf.keys),
39
- fetch: appFetch
40
- }
41
- }).catch(handleInitChallengeError);
42
- return {
43
- challenge: initResult.challenge,
44
- mrtd_pop_nonce: initResult.mrtdPopNonce,
45
- pop_verify_endpoint: initResult.popVerifyEndpoint,
46
- mrz: initResult.mrz
12
+ /**
13
+ * Factory function to create `initChallenge` for MRTD PoP flow.
14
+ * The factory is needed to inject version specific SDK configuration.
15
+ * @param config Configuration object containing the IO Wallet SDK configuration
16
+ * @returns `initChallenge` function compliant with the public API
17
+ */
18
+ function createInitChallenge(config) {
19
+ return async function initChallenge(issuerConf, initUrl, mrtd_auth_session, mrtd_pop_jwt_nonce, context) {
20
+ const {
21
+ appFetch = fetch,
22
+ walletInstanceAttestation,
23
+ wiaCryptoContext
24
+ } = context;
25
+ const clientAttestationDPoP = await (0, _ioWalletOauth.createClientAttestationPopJwt)({
26
+ config: config.sdkConfig,
27
+ callbacks: {
28
+ generateRandom: _callbacks.partialCallbacks.generateRandom,
29
+ signJwt: (0, _callbacks.createSignJwtFromCryptoContext)(wiaCryptoContext)
30
+ },
31
+ clientAttestation: walletInstanceAttestation,
32
+ authorizationServer: issuerConf.credential_issuer,
33
+ signer: {
34
+ method: "jwk",
35
+ alg: "ES256",
36
+ publicJwk: await wiaCryptoContext.getPublicKey()
37
+ }
38
+ });
39
+ const initResult = await (0, _ioWalletOauth.fetchMrtdPopInit)({
40
+ popInitEndpoint: initUrl,
41
+ mrtdAuthSession: mrtd_auth_session,
42
+ mrtdPopJwtNonce: mrtd_pop_jwt_nonce,
43
+ walletAttestation: walletInstanceAttestation,
44
+ clientAttestationDPoP,
45
+ callbacks: {
46
+ verifyJwt: (0, _callbacks.createVerifyJwtFromJwks)(issuerConf.keys),
47
+ fetch: appFetch
48
+ }
49
+ }).catch(handleInitChallengeError);
50
+ return {
51
+ challenge: initResult.challenge,
52
+ mrtd_pop_nonce: initResult.mrtdPopNonce,
53
+ pop_verify_endpoint: initResult.popVerifyEndpoint,
54
+ mrz: initResult.mrz
55
+ };
47
56
  };
48
- };
49
- exports.initChallenge = initChallenge;
57
+ }
50
58
  const handleInitChallengeError = e => {
51
59
  _logging.Logger.log(_logging.LogLevel.ERROR, `Failed to get MRTD challenge: ${e}`);
52
60
  if (!(e instanceof _ioWalletUtils.UnexpectedStatusCodeError)) {
package/lib/commonjs/credential/issuance/mrtd-pop/02-init-challenge.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["_uuid","require","_ioWalletOauth","_ioWalletUtils","_pop","_logging","WalletInstanceAttestation","_interopRequireWildcard","_errors","_callbacks","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","initChallenge","issuerConf","initUrl","mrtd_auth_session","mrtd_pop_jwt_nonce","context","appFetch","fetch","walletInstanceAttestation","wiaCryptoContext","iss","decode","payload","cnf","jwk","kid","signedWiaPoP","createPopToken","jti","uuidv4","aud","credential_issuer","initResult","fetchMrtdPopInit","popInitEndpoint","mrtdAuthSession","mrtdPopJwtNonce","walletAttestation","clientAttestationDPoP","callbacks","verifyJwt","createVerifyJwtFromJwks","keys","catch","handleInitChallengeError","challenge","mrtd_pop_nonce","mrtdPopNonce","pop_verify_endpoint","popVerifyEndpoint","mrz","exports","e","Logger","log","LogLevel","ERROR","SdkUnexpectedStatusCodeError","ResponseErrorBuilder","IssuerResponseError","handle","code","IssuerResponseErrorCodes","MrtdChallengeInitRequestFailed","message","buildFrom"],"sourceRoot":"../../../../../src","sources":["credential/issuance/mrtd-pop/02-init-challenge.ts"],"mappings":";;;;;;AAAA,IAAAA,KAAA,GAAAC,OAAA;AACA,IAAAC,cAAA,GAAAD,OAAA;AACA,IAAAE,cAAA,GAAAF,OAAA;AACA,IAAAG,IAAA,GAAAH,OAAA;AACA,IAAAI,QAAA,GAAAJ,OAAA;AACA,IAAAK,yBAAA,GAAAC,uBAAA,CAAAN,OAAA;AACA,IAAAO,OAAA,GAAAP,OAAA;AAMA,IAAAQ,UAAA,GAAAR,OAAA;AAAmE,SAAAS,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAJ,wBAAAQ,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAP6B;;AASzF,MAAMW,aAA0C,GAAG,MAAAA,CACxDC,UAAU,EACVC,OAAO,EACPC,iBAAiB,EACjBC,kBAAkB,EAClBC,OAAO,KACJ;EACH,MAAM;IACJC,QAAQ,GAAGC,KAAK;IAChBC,yBAAyB;IACzBC;EACF,CAAC,GAAGJ,OAAO;EAEX,MAAMK,GAAG,GAAGpC,yBAAyB,CAACqC,MAAM,CAACH,yBAAyB,CAAC,CACpEI,OAAO,CAACC,GAAG,CAACC,GAAG,CAACC,GAAG;EAEtB,MAAMC,YAAY,GAAG,MAAM,IAAAC,mBAAc,EACvC;IACEC,GAAG,EAAE,IAAAC,QAAM,EAAC,CAAC;IACbC,GAAG,EAAEnB,UAAU,CAACoB,iBAAiB;IACjCX;EACF,CAAC,EACDD,gBACF,CAAC;EAED,MAAMa,UAAU,GAAG,MAAM,IAAAC,+BAAgB,EAAC;IACxCC,eAAe,EAAEtB,OAAO;IACxBuB,eAAe,EAAEtB,iBAAiB;IAClCuB,eAAe,EAAEtB,kBAAkB;IACnCuB,iBAAiB,EAAEnB,yBAAyB;IAC5CoB,qBAAqB,EAAEZ,YAAY;IACnCa,SAAS,EAAE;MACTC,SAAS,EAAE,IAAAC,kCAAuB,EAAC9B,UAAU,CAAC+B,IAAI,CAAC;MACnDzB,KAAK,EAAED;IACT;EACF,CAAC,CAAC,CAAC2B,KAAK,CAACC,wBAAwB,CAAC;EAElC,OAAO;IACLC,SAAS,EAAEb,UAAU,CAACa,SAAS;IAC/BC,cAAc,EAAEd,UAAU,CAACe,YAAY;IACvCC,mBAAmB,EAAEhB,UAAU,CAACiB,iBAAiB;IACjDC,GAAG,EAAElB,UAAU,CAACkB;EAClB,CAAC;AACH,CAAC;AAACC,OAAA,CAAAzC,aAAA,GAAAA,aAAA;AAEF,MAAMkC,wBAAwB,GAAIQ,CAAU,IAAK;EAC/CC,eAAM,CAACC,GAAG,CAACC,iBAAQ,CAACC,KAAK,EAAG,iCAAgCJ,CAAE,EAAC,CAAC;EAEhE,IAAI,EAAEA,CAAC,YAAYK,wCAA4B,CAAC,EAAE;IAChD,MAAML,CAAC;EACT;EAEA,MAAM,IAAIM,4BAAoB,CAACC,2BAAmB,CAAC,CAChDC,MAAM,CAAC,GAAG,EAAE;IACXC,IAAI,EAAEC,gCAAwB,CAACC,8BAA8B;IAC7DC,OAAO,EAAE;EACX,CAAC,CAAC,CACDC,SAAS,CAACb,CAAC,CAAC;AACjB,CAAC"}
1
+ {"version":3,"names":["_ioWalletOauth","require","_ioWalletUtils","_logging","_errors","_callbacks","createInitChallenge","config","initChallenge","issuerConf","initUrl","mrtd_auth_session","mrtd_pop_jwt_nonce","context","appFetch","fetch","walletInstanceAttestation","wiaCryptoContext","clientAttestationDPoP","createClientAttestationPopJwt","sdkConfig","callbacks","generateRandom","partialCallbacks","signJwt","createSignJwtFromCryptoContext","clientAttestation","authorizationServer","credential_issuer","signer","method","alg","publicJwk","getPublicKey","initResult","fetchMrtdPopInit","popInitEndpoint","mrtdAuthSession","mrtdPopJwtNonce","walletAttestation","verifyJwt","createVerifyJwtFromJwks","keys","catch","handleInitChallengeError","challenge","mrtd_pop_nonce","mrtdPopNonce","pop_verify_endpoint","popVerifyEndpoint","mrz","e","Logger","log","LogLevel","ERROR","SdkUnexpectedStatusCodeError","ResponseErrorBuilder","IssuerResponseError","handle","code","IssuerResponseErrorCodes","MrtdChallengeInitRequestFailed","message","buildFrom"],"sourceRoot":"../../../../../src","sources":["credential/issuance/mrtd-pop/02-init-challenge.ts"],"mappings":";;;;;;AAAA,IAAAA,cAAA,GAAAC,OAAA;AAIA,IAAAC,cAAA,GAAAD,OAAA;AAIA,IAAAE,QAAA,GAAAF,OAAA;AACA,IAAAG,OAAA,GAAAH,OAAA;AAMA,IAAAI,UAAA,GAAAJ,OAAA;AAUA;AACA;AACA;AACA;AACA;AACA;AACO,SAASK,mBAAmBA,CACjCC,MAAc,EACe;EAC7B,OAAO,eAAeC,aAAaA,CACjCC,UAAU,EACVC,OAAO,EACPC,iBAAiB,EACjBC,kBAAkB,EAClBC,OAAO,EACP;IACA,MAAM;MACJC,QAAQ,GAAGC,KAAK;MAChBC,yBAAyB;MACzBC;IACF,CAAC,GAAGJ,OAAO;IAEX,MAAMK,qBAAqB,GAAG,MAAM,IAAAC,4CAA6B,EAAC;MAChEZ,MAAM,EAAEA,MAAM,CAACa,SAAS;MACxBC,SAAS,EAAE;QACTC,cAAc,EAAEC,2BAAgB,CAACD,cAAc;QAC/CE,OAAO,EAAE,IAAAC,yCAA8B,EAACR,gBAAgB;MAC1D,CAAC;MACDS,iBAAiB,EAAEV,yBAAyB;MAC5CW,mBAAmB,EAAElB,UAAU,CAACmB,iBAAiB;MACjDC,MAAM,EAAE;QACNC,MAAM,EAAE,KAAK;QACbC,GAAG,EAAE,OAAO;QACZC,SAAS,EAAE,MAAMf,gBAAgB,CAACgB,YAAY,CAAC;MACjD;IACF,CAAC,CAAC;IAEF,MAAMC,UAAU,GAAG,MAAM,IAAAC,+BAAgB,EAAC;MACxCC,eAAe,EAAE1B,OAAO;MACxB2B,eAAe,EAAE1B,iBAAiB;MAClC2B,eAAe,EAAE1B,kBAAkB;MACnC2B,iBAAiB,EAAEvB,yBAAyB;MAC5CE,qBAAqB;MACrBG,SAAS,EAAE;QACTmB,SAAS,EAAE,IAAAC,kCAAuB,EAAChC,UAAU,CAACiC,IAAI,CAAC;QACnD3B,KAAK,EAAED;MACT;IACF,CAAC,CAAC,CAAC6B,KAAK,CAACC,wBAAwB,CAAC;IAElC,OAAO;MACLC,SAAS,EAAEX,UAAU,CAACW,SAAS;MAC/BC,cAAc,EAAEZ,UAAU,CAACa,YAAY;MACvCC,mBAAmB,EAAEd,UAAU,CAACe,iBAAiB;MACjDC,GAAG,EAAEhB,UAAU,CAACgB;IAClB,CAAC;EACH,CAAC;AACH;AAEA,MAAMN,wBAAwB,GAAIO,CAAU,IAAK;EAC/CC,eAAM,CAACC,GAAG,CAACC,iBAAQ,CAACC,KAAK,EAAG,iCAAgCJ,CAAE,EAAC,CAAC;EAEhE,IAAI,EAAEA,CAAC,YAAYK,wCAA4B,CAAC,EAAE;IAChD,MAAML,CAAC;EACT;EAEA,MAAM,IAAIM,4BAAoB,CAACC,2BAAmB,CAAC,CAChDC,MAAM,CAAC,GAAG,EAAE;IACXC,IAAI,EAAEC,gCAAwB,CAACC,8BAA8B;IAC7DC,OAAO,EAAE;EACX,CAAC,CAAC,CACDC,SAAS,CAACb,CAAC,CAAC;AACjB,CAAC"}
package/lib/commonjs/credential/issuance/mrtd-pop/03-validate-challenge.js CHANGED
@@ -3,62 +3,69 @@
3
3
  Object.defineProperty(exports, "__esModule", {
4
4
  value: true
5
5
  });
6
- exports.validateChallenge = exports.buildChallengeCallbackUrl = void 0;
6
+ exports.buildChallengeCallbackUrl = void 0;
7
+ exports.createValidateChallenge = createValidateChallenge;
7
8
  var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
8
9
  var _ioWalletOauth = require("@pagopa/io-wallet-oauth2");
9
- var _uuid = require("uuid");
10
- var _pop = require("../../../utils/pop");
11
- var WalletInstanceAttestation = _interopRequireWildcard(require("../../../wallet-instance-attestation/v1.0.0/utils"));
12
10
  var _errors = require("../../../utils/errors");
13
11
  var _callbacks = require("../../../utils/callbacks");
14
- function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
15
- function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
16
- // TODO: decouple from 1.0.0 version
17
-
18
- const validateChallenge = async (issuerConf, verifyUrl, mrtd_auth_session, mrtd_pop_nonce, mrtd, ias, context) => {
19
- const {
20
- appFetch = fetch,
21
- walletInstanceAttestation,
22
- wiaCryptoContext
23
- } = context;
24
- const aud = issuerConf.credential_issuer;
25
- const iss = WalletInstanceAttestation.decode(walletInstanceAttestation).payload.cnf.jwk.kid;
26
- const signedWiaPoP = await (0, _pop.createPopToken)({
27
- jti: (0, _uuid.v4)(),
28
- aud,
29
- iss
30
- }, wiaCryptoContext);
31
- const {
32
- kid
33
- } = await wiaCryptoContext.getPublicKey();
34
- const mrtdValidationJwt = await new _ioReactNativeJwt.SignJWT(wiaCryptoContext).setProtectedHeader({
35
- typ: "mrtd-ias+jwt",
36
- kid
37
- }).setPayload({
38
- iss,
39
- aud,
40
- document_type: "cie",
41
- mrtd,
42
- ias
43
- }).setIssuedAt().setExpirationTime("5m").sign();
44
- const verifyResult = await (0, _ioWalletOauth.fetchMrtdPopVerify)({
45
- popVerifyEndpoint: verifyUrl,
46
- mrtdAuthSession: mrtd_auth_session,
47
- mrtdPopNonce: mrtd_pop_nonce,
48
- clientAttestationDPoP: signedWiaPoP,
49
- mrtdValidationJwt,
50
- walletAttestation: walletInstanceAttestation,
51
- callbacks: {
52
- fetch: appFetch,
53
- ..._callbacks.partialCallbacks
54
- }
55
- }).catch(_errors.sdkUnexpectedStatusCodeToIssuerError);
56
- return {
57
- redirect_uri: verifyResult.redirectUri,
58
- mrtd_val_pop_nonce: verifyResult.mrtdValPopNonce
12
+ /**
13
+ * Factory function to create `validateChallenge` for MRTD PoP flow.
14
+ * The factory is needed to inject version specific SDK configuration.
15
+ * @param config Configuration object containing the IO Wallet SDK configuration
16
+ * @returns `validateChallenge` function compliant with the public API
17
+ */
18
+ function createValidateChallenge(config) {
19
+ return async function validateChallenge(issuerConf, verifyUrl, mrtd_auth_session, mrtd_pop_nonce, mrtd, ias, context) {
20
+ const {
21
+ appFetch = fetch,
22
+ walletInstanceAttestation,
23
+ wiaCryptoContext
24
+ } = context;
25
+ const aud = issuerConf.credential_issuer;
26
+ const wiaPublicJwk = await wiaCryptoContext.getPublicKey();
27
+ const clientAttestationDPoP = await (0, _ioWalletOauth.createClientAttestationPopJwt)({
28
+ config: config.sdkConfig,
29
+ callbacks: {
30
+ generateRandom: _callbacks.partialCallbacks.generateRandom,
31
+ signJwt: (0, _callbacks.createSignJwtFromCryptoContext)(wiaCryptoContext)
32
+ },
33
+ clientAttestation: walletInstanceAttestation,
34
+ authorizationServer: aud,
35
+ signer: {
36
+ method: "jwk",
37
+ alg: "ES256",
38
+ publicJwk: wiaPublicJwk
39
+ }
40
+ });
41
+ const mrtdValidationJwt = await new _ioReactNativeJwt.SignJWT(wiaCryptoContext).setProtectedHeader({
42
+ typ: "mrtd-ias+jwt",
43
+ kid: wiaPublicJwk.kid
44
+ }).setPayload({
45
+ iss: wiaPublicJwk.kid,
46
+ aud,
47
+ document_type: "cie",
48
+ mrtd,
49
+ ias
50
+ }).setIssuedAt().setExpirationTime("5m").sign();
51
+ const verifyResult = await (0, _ioWalletOauth.fetchMrtdPopVerify)({
52
+ popVerifyEndpoint: verifyUrl,
53
+ mrtdAuthSession: mrtd_auth_session,
54
+ mrtdPopNonce: mrtd_pop_nonce,
55
+ clientAttestationDPoP,
56
+ mrtdValidationJwt,
57
+ walletAttestation: walletInstanceAttestation,
58
+ callbacks: {
59
+ fetch: appFetch,
60
+ ..._callbacks.partialCallbacks
61
+ }
62
+ }).catch(_errors.sdkUnexpectedStatusCodeToIssuerError);
63
+ return {
64
+ redirect_uri: verifyResult.redirectUri,
65
+ mrtd_val_pop_nonce: verifyResult.mrtdValPopNonce
66
+ };
59
67
  };
60
- };
61
- exports.validateChallenge = validateChallenge;
68
+ }
62
69
  const buildChallengeCallbackUrl = async (redirectUri, valPopNonce, authSession) => {
63
70
  const params = new URLSearchParams({
64
71
  mrtd_val_pop_nonce: valPopNonce,
package/lib/commonjs/credential/issuance/mrtd-pop/03-validate-challenge.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["_ioReactNativeJwt","require","_ioWalletOauth","_uuid","_pop","WalletInstanceAttestation","_interopRequireWildcard","_errors","_callbacks","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","validateChallenge","issuerConf","verifyUrl","mrtd_auth_session","mrtd_pop_nonce","mrtd","ias","context","appFetch","fetch","walletInstanceAttestation","wiaCryptoContext","aud","credential_issuer","iss","decode","payload","cnf","jwk","kid","signedWiaPoP","createPopToken","jti","uuidv4","getPublicKey","mrtdValidationJwt","SignJWT","setProtectedHeader","typ","setPayload","document_type","setIssuedAt","setExpirationTime","sign","verifyResult","fetchMrtdPopVerify","popVerifyEndpoint","mrtdAuthSession","mrtdPopNonce","clientAttestationDPoP","walletAttestation","callbacks","partialCallbacks","catch","sdkUnexpectedStatusCodeToIssuerError","redirect_uri","redirectUri","mrtd_val_pop_nonce","mrtdValPopNonce","exports","buildChallengeCallbackUrl","valPopNonce","authSession","params","URLSearchParams","callbackUrl"],"sourceRoot":"../../../../../src","sources":["credential/issuance/mrtd-pop/03-validate-challenge.ts"],"mappings":";;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AACA,IAAAC,cAAA,GAAAD,OAAA;AACA,IAAAE,KAAA,GAAAF,OAAA;AACA,IAAAG,IAAA,GAAAH,OAAA;AACA,IAAAI,yBAAA,GAAAC,uBAAA,CAAAL,OAAA;AACA,IAAAM,OAAA,GAAAN,OAAA;AACA,IAAAO,UAAA,GAAAP,OAAA;AAA4D,SAAAQ,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAJ,wBAAAQ,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAFoC;;AAKzF,MAAMW,iBAAkD,GAAG,MAAAA,CAChEC,UAAU,EACVC,SAAS,EACTC,iBAAiB,EACjBC,cAAc,EACdC,IAAI,EACJC,GAAG,EACHC,OAAO,KACJ;EACH,MAAM;IACJC,QAAQ,GAAGC,KAAK;IAChBC,yBAAyB;IACzBC;EACF,CAAC,GAAGJ,OAAO;EAEX,MAAMK,GAAG,GAAGX,UAAU,CAACY,iBAAiB;EACxC,MAAMC,GAAG,GAAGxC,yBAAyB,CAACyC,MAAM,CAACL,yBAAyB,CAAC,CACpEM,OAAO,CAACC,GAAG,CAACC,GAAG,CAACC,GAAG;EAEtB,MAAMC,YAAY,GAAG,MAAM,IAAAC,mBAAc,EACvC;IACEC,GAAG,EAAE,IAAAC,QAAM,EAAC,CAAC;IACbX,GAAG;IACHE;EACF,CAAC,EACDH,gBACF,CAAC;EAED,MAAM;IAAEQ;EAAI,CAAC,GAAG,MAAMR,gBAAgB,CAACa,YAAY,CAAC,CAAC;EAErD,MAAMC,iBAAiB,GAAG,MAAM,IAAIC,yBAAO,CAACf,gBAAgB,CAAC,CAC1DgB,kBAAkB,CAAC;IAClBC,GAAG,EAAE,cAAc;IACnBT;EACF,CAAC,CAAC,CACDU,UAAU,CAAC;IACVf,GAAG;IACHF,GAAG;IACHkB,aAAa,EAAE,KAAK;IACpBzB,IAAI;IACJC;EACF,CAAC,CAAC,CACDyB,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,IAAI,CAAC,CAAC;EAET,MAAMC,YAAY,GAAG,MAAM,IAAAC,iCAAkB,EAAC;IAC5CC,iBAAiB,EAAElC,SAAS;IAC5BmC,eAAe,EAAElC,iBAAiB;IAClCmC,YAAY,EAAElC,cAAc;IAC5BmC,qBAAqB,EAAEnB,YAAY;IACnCK,iBAAiB;IACjBe,iBAAiB,EAAE9B,yBAAyB;IAC5C+B,SAAS,EAAE;MACThC,KAAK,EAAED,QAAQ;MACf,GAAGkC;IACL;EACF,CAAC,CAAC,CAACC,KAAK,CAACC,4CAAoC,CAAC;EAE9C,OAAO;IACLC,YAAY,EAAEX,YAAY,CAACY,WAAW;IACtCC,kBAAkB,EAAEb,YAAY,CAACc;EACnC,CAAC;AACH,CAAC;AAACC,OAAA,CAAAjD,iBAAA,GAAAA,iBAAA;AAEK,MAAMkD,yBAAkE,GAC7E,MAAAA,CAAOJ,WAAW,EAAEK,WAAW,EAAEC,WAAW,KAAK;EAC/C,MAAMC,MAAM,GAAG,IAAIC,eAAe,CAAC;IACjCP,kBAAkB,EAAEI,WAAW;IAC/BhD,iBAAiB,EAAEiD;EACrB,CAAC,CAAC;EAEF,MAAMG,WAAW,GAAI,GAAET,WAAY,IAAGO,MAAO,EAAC;EAC9C,OAAO;IAAEE;EAAY,CAAC;AACxB,CAAC;AAACN,OAAA,CAAAC,yBAAA,GAAAA,yBAAA"}
1
+ {"version":3,"names":["_ioReactNativeJwt","require","_ioWalletOauth","_errors","_callbacks","createValidateChallenge","config","validateChallenge","issuerConf","verifyUrl","mrtd_auth_session","mrtd_pop_nonce","mrtd","ias","context","appFetch","fetch","walletInstanceAttestation","wiaCryptoContext","aud","credential_issuer","wiaPublicJwk","getPublicKey","clientAttestationDPoP","createClientAttestationPopJwt","sdkConfig","callbacks","generateRandom","partialCallbacks","signJwt","createSignJwtFromCryptoContext","clientAttestation","authorizationServer","signer","method","alg","publicJwk","mrtdValidationJwt","SignJWT","setProtectedHeader","typ","kid","setPayload","iss","document_type","setIssuedAt","setExpirationTime","sign","verifyResult","fetchMrtdPopVerify","popVerifyEndpoint","mrtdAuthSession","mrtdPopNonce","walletAttestation","catch","sdkUnexpectedStatusCodeToIssuerError","redirect_uri","redirectUri","mrtd_val_pop_nonce","mrtdValPopNonce","buildChallengeCallbackUrl","valPopNonce","authSession","params","URLSearchParams","callbackUrl","exports"],"sourceRoot":"../../../../../src","sources":["credential/issuance/mrtd-pop/03-validate-challenge.ts"],"mappings":";;;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AACA,IAAAC,cAAA,GAAAD,OAAA;AAKA,IAAAE,OAAA,GAAAF,OAAA;AACA,IAAAG,UAAA,GAAAH,OAAA;AAUA;AACA;AACA;AACA;AACA;AACA;AACO,SAASI,uBAAuBA,CACrCC,MAAc,EACmB;EACjC,OAAO,eAAeC,iBAAiBA,CACrCC,UAAU,EACVC,SAAS,EACTC,iBAAiB,EACjBC,cAAc,EACdC,IAAI,EACJC,GAAG,EACHC,OAAO,EACP;IACA,MAAM;MACJC,QAAQ,GAAGC,KAAK;MAChBC,yBAAyB;MACzBC;IACF,CAAC,GAAGJ,OAAO;IAEX,MAAMK,GAAG,GAAGX,UAAU,CAACY,iBAAiB;IAExC,MAAMC,YAAY,GAAG,MAAMH,gBAAgB,CAACI,YAAY,CAAC,CAAC;IAE1D,MAAMC,qBAAqB,GAAG,MAAM,IAAAC,4CAA6B,EAAC;MAChElB,MAAM,EAAEA,MAAM,CAACmB,SAAS;MACxBC,SAAS,EAAE;QACTC,cAAc,EAAEC,2BAAgB,CAACD,cAAc;QAC/CE,OAAO,EAAE,IAAAC,yCAA8B,EAACZ,gBAAgB;MAC1D,CAAC;MACDa,iBAAiB,EAAEd,yBAAyB;MAC5Ce,mBAAmB,EAAEb,GAAG;MACxBc,MAAM,EAAE;QACNC,MAAM,EAAE,KAAK;QACbC,GAAG,EAAE,OAAO;QACZC,SAAS,EAAEf;MACb;IACF,CAAC,CAAC;IAEF,MAAMgB,iBAAiB,GAAG,MAAM,IAAIC,yBAAO,CAACpB,gBAAgB,CAAC,CAC1DqB,kBAAkB,CAAC;MAClBC,GAAG,EAAE,cAAc;MACnBC,GAAG,EAAEpB,YAAY,CAACoB;IACpB,CAAC,CAAC,CACDC,UAAU,CAAC;MACVC,GAAG,EAAEtB,YAAY,CAACoB,GAAG;MACrBtB,GAAG;MACHyB,aAAa,EAAE,KAAK;MACpBhC,IAAI;MACJC;IACF,CAAC,CAAC,CACDgC,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,IAAI,CAAC,CAAC;IAET,MAAMC,YAAY,GAAG,MAAM,IAAAC,iCAAkB,EAAC;MAC5CC,iBAAiB,EAAEzC,SAAS;MAC5B0C,eAAe,EAAEzC,iBAAiB;MAClC0C,YAAY,EAAEzC,cAAc;MAC5BY,qBAAqB;MACrBc,iBAAiB;MACjBgB,iBAAiB,EAAEpC,yBAAyB;MAC5CS,SAAS,EAAE;QACTV,KAAK,EAAED,QAAQ;QACf,GAAGa;MACL;IACF,CAAC,CAAC,CAAC0B,KAAK,CAACC,4CAAoC,CAAC;IAE9C,OAAO;MACLC,YAAY,EAAER,YAAY,CAACS,WAAW;MACtCC,kBAAkB,EAAEV,YAAY,CAACW;IACnC,CAAC;EACH,CAAC;AACH;AAEO,MAAMC,yBAAkE,GAC7E,MAAAA,CAAOH,WAAW,EAAEI,WAAW,EAAEC,WAAW,KAAK;EAC/C,MAAMC,MAAM,GAAG,IAAIC,eAAe,CAAC;IACjCN,kBAAkB,EAAEG,WAAW;IAC/BnD,iBAAiB,EAAEoD;EACrB,CAAC,CAAC;EAEF,MAAMG,WAAW,GAAI,GAAER,WAAY,IAAGM,MAAO,EAAC;EAC9C,OAAO;IAAEE;EAAY,CAAC;AACxB,CAAC;AAACC,OAAA,CAAAN,yBAAA,GAAAA,yBAAA"}
package/lib/commonjs/credential/issuance/mrtd-pop/index.js CHANGED
@@ -3,15 +3,31 @@
3
3
  Object.defineProperty(exports, "__esModule", {
4
4
  value: true
5
5
  });
6
- exports.MRTDPoP = void 0;
6
+ exports.MRTDPoPv1_3 = exports.MRTDPoPv1_0 = void 0;
7
+ var _config = require("../../../utils/config");
7
8
  var _verifyAndParseChallengeInfo = require("./01-verify-and-parse-challenge-info");
8
9
  var _initChallenge = require("./02-init-challenge");
9
10
  var _validateChallenge = require("./03-validate-challenge");
10
- const MRTDPoP = {
11
+ const MRTDPoPv1_0 = {
11
12
  verifyAndParseChallengeInfo: _verifyAndParseChallengeInfo.verifyAndParseChallengeInfo,
12
- initChallenge: _initChallenge.initChallenge,
13
- validateChallenge: _validateChallenge.validateChallenge,
13
+ initChallenge: (0, _initChallenge.createInitChallenge)({
14
+ sdkConfig: _config.sdkConfigV1_0
15
+ }),
16
+ validateChallenge: (0, _validateChallenge.createValidateChallenge)({
17
+ sdkConfig: _config.sdkConfigV1_0
18
+ }),
14
19
  buildChallengeCallbackUrl: _validateChallenge.buildChallengeCallbackUrl
15
20
  };
16
- exports.MRTDPoP = MRTDPoP;
21
+ exports.MRTDPoPv1_0 = MRTDPoPv1_0;
22
+ const MRTDPoPv1_3 = {
23
+ verifyAndParseChallengeInfo: _verifyAndParseChallengeInfo.verifyAndParseChallengeInfo,
24
+ initChallenge: (0, _initChallenge.createInitChallenge)({
25
+ sdkConfig: _config.sdkConfigV1_3
26
+ }),
27
+ validateChallenge: (0, _validateChallenge.createValidateChallenge)({
28
+ sdkConfig: _config.sdkConfigV1_3
29
+ }),
30
+ buildChallengeCallbackUrl: _validateChallenge.buildChallengeCallbackUrl
31
+ };
32
+ exports.MRTDPoPv1_3 = MRTDPoPv1_3;
17
33
  //# sourceMappingURL=index.js.map
package/lib/commonjs/credential/issuance/mrtd-pop/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["_verifyAndParseChallengeInfo","require","_initChallenge","_validateChallenge","MRTDPoP","verifyAndParseChallengeInfo","initChallenge","validateChallenge","buildChallengeCallbackUrl","exports"],"sourceRoot":"../../../../../src","sources":["credential/issuance/mrtd-pop/index.ts"],"mappings":";;;;;;AACA,IAAAA,4BAAA,GAAAC,OAAA;AACA,IAAAC,cAAA,GAAAD,OAAA;AACA,IAAAE,kBAAA,GAAAF,OAAA;AAKO,MAAMG,OAAmB,GAAG;EACjCC,2BAA2B,EAA3BA,wDAA2B;EAC3BC,aAAa,EAAbA,4BAAa;EACbC,iBAAiB,EAAjBA,oCAAiB;EACjBC,yBAAyB,EAAzBA;AACF,CAAC;AAACC,OAAA,CAAAL,OAAA,GAAAA,OAAA"}
1
+ {"version":3,"names":["_config","require","_verifyAndParseChallengeInfo","_initChallenge","_validateChallenge","MRTDPoPv1_0","verifyAndParseChallengeInfo","initChallenge","createInitChallenge","sdkConfig","sdkConfigV1_0","validateChallenge","createValidateChallenge","buildChallengeCallbackUrl","exports","MRTDPoPv1_3","sdkConfigV1_3"],"sourceRoot":"../../../../../src","sources":["credential/issuance/mrtd-pop/index.ts"],"mappings":";;;;;;AAAA,IAAAA,OAAA,GAAAC,OAAA;AAEA,IAAAC,4BAAA,GAAAD,OAAA;AACA,IAAAE,cAAA,GAAAF,OAAA;AACA,IAAAG,kBAAA,GAAAH,OAAA;AAKO,MAAMI,WAAuB,GAAG;EACrCC,2BAA2B,EAA3BA,wDAA2B;EAC3BC,aAAa,EAAE,IAAAC,kCAAmB,EAAC;IAAEC,SAAS,EAAEC;EAAc,CAAC,CAAC;EAChEC,iBAAiB,EAAE,IAAAC,0CAAuB,EAAC;IAAEH,SAAS,EAAEC;EAAc,CAAC,CAAC;EACxEG,yBAAyB,EAAzBA;AACF,CAAC;AAACC,OAAA,CAAAT,WAAA,GAAAA,WAAA;AAEK,MAAMU,WAAuB,GAAG;EACrCT,2BAA2B,EAA3BA,wDAA2B;EAC3BC,aAAa,EAAE,IAAAC,kCAAmB,EAAC;IAAEC,SAAS,EAAEO;EAAc,CAAC,CAAC;EAChEL,iBAAiB,EAAE,IAAAC,0CAAuB,EAAC;IAAEH,SAAS,EAAEO;EAAc,CAAC,CAAC;EACxEH,yBAAyB,EAAzBA;AACF,CAAC;AAACC,OAAA,CAAAC,WAAA,GAAAA,WAAA"}