@pagopa/io-react-native-wallet 3.2.0 → 3.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/commonjs/credential/issuance/common/02-start-user-authorization.js +4 -3
- package/lib/commonjs/credential/issuance/common/02-start-user-authorization.js.map +1 -1
- package/lib/commonjs/credential/issuance/common/06-verify-and-parse-credential.sdjwt.js +37 -8
- package/lib/commonjs/credential/issuance/common/06-verify-and-parse-credential.sdjwt.js.map +1 -1
- package/lib/commonjs/credential/issuance/mrtd-pop/02-init-challenge.js +46 -38
- package/lib/commonjs/credential/issuance/mrtd-pop/02-init-challenge.js.map +1 -1
- package/lib/commonjs/credential/issuance/mrtd-pop/03-validate-challenge.js +58 -51
- package/lib/commonjs/credential/issuance/mrtd-pop/03-validate-challenge.js.map +1 -1
- package/lib/commonjs/credential/issuance/mrtd-pop/index.js +21 -5
- package/lib/commonjs/credential/issuance/mrtd-pop/index.js.map +1 -1
- package/lib/commonjs/credential/issuance/v1.0.0/02-start-user-authorization.js +3 -3
- package/lib/commonjs/credential/issuance/v1.0.0/02-start-user-authorization.js.map +1 -1
- package/lib/commonjs/credential/issuance/v1.0.0/index.js +1 -1
- package/lib/commonjs/credential/issuance/v1.0.0/index.js.map +1 -1
- package/lib/commonjs/credential/issuance/v1.0.0/mappers.js +1 -1
- package/lib/commonjs/credential/issuance/v1.0.0/mappers.js.map +1 -1
- package/lib/commonjs/credential/issuance/v1.3.3/01-evaluate-issuer-trust.js +0 -2
- package/lib/commonjs/credential/issuance/v1.3.3/01-evaluate-issuer-trust.js.map +1 -1
- package/lib/commonjs/credential/issuance/v1.3.3/02-start-user-authorization.js +20 -16
- package/lib/commonjs/credential/issuance/v1.3.3/02-start-user-authorization.js.map +1 -1
- package/lib/commonjs/credential/issuance/v1.3.3/04-authorize-access.js +20 -19
- package/lib/commonjs/credential/issuance/v1.3.3/04-authorize-access.js.map +1 -1
- package/lib/commonjs/credential/issuance/v1.3.3/05-obtain-credential.js +4 -6
- package/lib/commonjs/credential/issuance/v1.3.3/05-obtain-credential.js.map +1 -1
- package/lib/commonjs/credential/issuance/v1.3.3/06-verify-and-parse-credential.js +4 -1
- package/lib/commonjs/credential/issuance/v1.3.3/06-verify-and-parse-credential.js.map +1 -1
- package/lib/commonjs/credential/issuance/v1.3.3/index.js +1 -1
- package/lib/commonjs/credential/issuance/v1.3.3/index.js.map +1 -1
- package/lib/commonjs/credential/issuance/v1.3.3/mappers.js +1 -1
- package/lib/commonjs/credential/issuance/v1.3.3/mappers.js.map +1 -1
- package/lib/commonjs/credential/presentation/{v1.3.3/utils.mdoc.js → common/utils/mdoc.js} +2 -2
- package/lib/commonjs/credential/presentation/common/utils/mdoc.js.map +1 -0
- package/lib/commonjs/credential/presentation/v1.3.3/06-evaluate-dcql-query.js +2 -2
- package/lib/commonjs/credential/presentation/v1.3.3/06-evaluate-dcql-query.js.map +1 -1
- package/lib/commonjs/credential/status/README.md +3 -2
- package/lib/commonjs/credential/status/v1.3.3/01-status-list.js +27 -5
- package/lib/commonjs/credential/status/v1.3.3/01-status-list.js.map +1 -1
- package/lib/commonjs/credential/status/v1.3.3/02-verify-and-parse-status-list.js +17 -6
- package/lib/commonjs/credential/status/v1.3.3/02-verify-and-parse-status-list.js.map +1 -1
- package/lib/commonjs/mdoc/index.js +3 -24
- package/lib/commonjs/mdoc/index.js.map +1 -1
- package/lib/commonjs/sd-jwt/__test__/types.test.js +2 -14
- package/lib/commonjs/sd-jwt/__test__/types.test.js.map +1 -1
- package/lib/commonjs/sd-jwt/__test__/utils.test.js +0 -12
- package/lib/commonjs/sd-jwt/__test__/utils.test.js.map +1 -1
- package/lib/commonjs/sd-jwt/types.js +1 -14
- package/lib/commonjs/sd-jwt/types.js.map +1 -1
- package/lib/commonjs/utils/callbacks.js +20 -1
- package/lib/commonjs/utils/callbacks.js.map +1 -1
- package/lib/commonjs/utils/x509.js +34 -0
- package/lib/commonjs/utils/x509.js.map +1 -0
- package/lib/commonjs/wallet-instance-attestation/api/types.js +0 -2
- package/lib/commonjs/wallet-instance-attestation/api/types.js.map +1 -1
- package/lib/commonjs/wallet-instance-attestation/v1.3.3/mappers.js +1 -14
- package/lib/commonjs/wallet-instance-attestation/v1.3.3/mappers.js.map +1 -1
- package/lib/commonjs/wallet-instance-attestation/v1.3.3/types.js +2 -7
- package/lib/commonjs/wallet-instance-attestation/v1.3.3/types.js.map +1 -1
- package/lib/commonjs/wallet-unit-attestation/api/types.js +0 -11
- package/lib/commonjs/wallet-unit-attestation/api/types.js.map +1 -1
- package/lib/module/credential/issuance/common/02-start-user-authorization.js +4 -3
- package/lib/module/credential/issuance/common/02-start-user-authorization.js.map +1 -1
- package/lib/module/credential/issuance/common/06-verify-and-parse-credential.sdjwt.js +39 -10
- package/lib/module/credential/issuance/common/06-verify-and-parse-credential.sdjwt.js.map +1 -1
- package/lib/module/credential/issuance/mrtd-pop/02-init-challenge.js +47 -34
- package/lib/module/credential/issuance/mrtd-pop/02-init-challenge.js.map +1 -1
- package/lib/module/credential/issuance/mrtd-pop/03-validate-challenge.js +58 -47
- package/lib/module/credential/issuance/mrtd-pop/03-validate-challenge.js.map +1 -1
- package/lib/module/credential/issuance/mrtd-pop/index.js +20 -5
- package/lib/module/credential/issuance/mrtd-pop/index.js.map +1 -1
- package/lib/module/credential/issuance/v1.0.0/02-start-user-authorization.js +1 -1
- package/lib/module/credential/issuance/v1.0.0/02-start-user-authorization.js.map +1 -1
- package/lib/module/credential/issuance/v1.0.0/index.js +2 -2
- package/lib/module/credential/issuance/v1.0.0/index.js.map +1 -1
- package/lib/module/credential/issuance/v1.0.0/mappers.js +1 -1
- package/lib/module/credential/issuance/v1.0.0/mappers.js.map +1 -1
- package/lib/module/credential/issuance/v1.3.3/01-evaluate-issuer-trust.js +0 -2
- package/lib/module/credential/issuance/v1.3.3/01-evaluate-issuer-trust.js.map +1 -1
- package/lib/module/credential/issuance/v1.3.3/02-start-user-authorization.js +20 -16
- package/lib/module/credential/issuance/v1.3.3/02-start-user-authorization.js.map +1 -1
- package/lib/module/credential/issuance/v1.3.3/04-authorize-access.js +22 -19
- package/lib/module/credential/issuance/v1.3.3/04-authorize-access.js.map +1 -1
- package/lib/module/credential/issuance/v1.3.3/05-obtain-credential.js +5 -7
- package/lib/module/credential/issuance/v1.3.3/05-obtain-credential.js.map +1 -1
- package/lib/module/credential/issuance/v1.3.3/06-verify-and-parse-credential.js +4 -1
- package/lib/module/credential/issuance/v1.3.3/06-verify-and-parse-credential.js.map +1 -1
- package/lib/module/credential/issuance/v1.3.3/index.js +2 -2
- package/lib/module/credential/issuance/v1.3.3/index.js.map +1 -1
- package/lib/module/credential/issuance/v1.3.3/mappers.js +1 -1
- package/lib/module/credential/issuance/v1.3.3/mappers.js.map +1 -1
- package/lib/module/credential/presentation/{v1.3.3/utils.mdoc.js → common/utils/mdoc.js} +2 -2
- package/lib/module/credential/presentation/common/utils/mdoc.js.map +1 -0
- package/lib/module/credential/presentation/v1.3.3/06-evaluate-dcql-query.js +2 -3
- package/lib/module/credential/presentation/v1.3.3/06-evaluate-dcql-query.js.map +1 -1
- package/lib/module/credential/status/README.md +3 -2
- package/lib/module/credential/status/v1.3.3/01-status-list.js +27 -5
- package/lib/module/credential/status/v1.3.3/01-status-list.js.map +1 -1
- package/lib/module/credential/status/v1.3.3/02-verify-and-parse-status-list.js +17 -6
- package/lib/module/credential/status/v1.3.3/02-verify-and-parse-status-list.js.map +1 -1
- package/lib/module/mdoc/index.js +3 -24
- package/lib/module/mdoc/index.js.map +1 -1
- package/lib/module/sd-jwt/__test__/types.test.js +2 -14
- package/lib/module/sd-jwt/__test__/types.test.js.map +1 -1
- package/lib/module/sd-jwt/__test__/utils.test.js +0 -12
- package/lib/module/sd-jwt/__test__/utils.test.js.map +1 -1
- package/lib/module/sd-jwt/types.js +1 -14
- package/lib/module/sd-jwt/types.js.map +1 -1
- package/lib/module/utils/callbacks.js +19 -1
- package/lib/module/utils/callbacks.js.map +1 -1
- package/lib/module/utils/x509.js +28 -0
- package/lib/module/utils/x509.js.map +1 -0
- package/lib/module/wallet-instance-attestation/api/types.js +0 -2
- package/lib/module/wallet-instance-attestation/api/types.js.map +1 -1
- package/lib/module/wallet-instance-attestation/v1.3.3/mappers.js +1 -14
- package/lib/module/wallet-instance-attestation/v1.3.3/mappers.js.map +1 -1
- package/lib/module/wallet-instance-attestation/v1.3.3/types.js +2 -7
- package/lib/module/wallet-instance-attestation/v1.3.3/types.js.map +1 -1
- package/lib/module/wallet-unit-attestation/api/types.js +0 -11
- package/lib/module/wallet-unit-attestation/api/types.js.map +1 -1
- package/lib/typescript/credential/issuance/api/06-verify-and-parse-credential.d.ts +4 -0
- package/lib/typescript/credential/issuance/api/06-verify-and-parse-credential.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/common/02-start-user-authorization.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/common/06-verify-and-parse-credential.sdjwt.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/mrtd-pop/02-init-challenge.d.ts +12 -1
- package/lib/typescript/credential/issuance/mrtd-pop/02-init-challenge.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/mrtd-pop/03-validate-challenge.d.ts +12 -1
- package/lib/typescript/credential/issuance/mrtd-pop/03-validate-challenge.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/mrtd-pop/index.d.ts +2 -1
- package/lib/typescript/credential/issuance/mrtd-pop/index.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/v1.0.0/mappers.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/v1.3.3/01-evaluate-issuer-trust.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/v1.3.3/02-start-user-authorization.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/v1.3.3/04-authorize-access.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/v1.3.3/05-obtain-credential.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/v1.3.3/06-verify-and-parse-credential.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/v1.3.3/mappers.d.ts.map +1 -1
- package/lib/typescript/credential/presentation/{v1.3.3/utils.mdoc.d.ts → common/utils/mdoc.d.ts} +2 -2
- package/lib/typescript/credential/presentation/common/utils/mdoc.d.ts.map +1 -0
- package/lib/typescript/credential/presentation/v1.3.3/06-evaluate-dcql-query.d.ts.map +1 -1
- package/lib/typescript/credential/status/api/status-list.d.ts +8 -4
- package/lib/typescript/credential/status/api/status-list.d.ts.map +1 -1
- package/lib/typescript/credential/status/v1.3.3/01-status-list.d.ts.map +1 -1
- package/lib/typescript/credential/status/v1.3.3/02-verify-and-parse-status-list.d.ts.map +1 -1
- package/lib/typescript/mdoc/index.d.ts +1 -1
- package/lib/typescript/mdoc/index.d.ts.map +1 -1
- package/lib/typescript/mdoc/utils.d.ts +0 -24
- package/lib/typescript/mdoc/utils.d.ts.map +1 -1
- package/lib/typescript/sd-jwt/types.d.ts +0 -12
- package/lib/typescript/sd-jwt/types.d.ts.map +1 -1
- package/lib/typescript/utils/callbacks.d.ts +7 -0
- package/lib/typescript/utils/callbacks.d.ts.map +1 -1
- package/lib/typescript/utils/x509.d.ts +10 -0
- package/lib/typescript/utils/x509.d.ts.map +1 -0
- package/lib/typescript/wallet-instance-attestation/api/types.d.ts +0 -2
- package/lib/typescript/wallet-instance-attestation/api/types.d.ts.map +1 -1
- package/lib/typescript/wallet-instance-attestation/v1.0.0/mappers.d.ts +0 -2
- package/lib/typescript/wallet-instance-attestation/v1.0.0/mappers.d.ts.map +1 -1
- package/lib/typescript/wallet-instance-attestation/v1.3.3/mappers.d.ts +2 -9
- package/lib/typescript/wallet-instance-attestation/v1.3.3/mappers.d.ts.map +1 -1
- package/lib/typescript/wallet-instance-attestation/v1.3.3/types.d.ts +2 -7
- package/lib/typescript/wallet-instance-attestation/v1.3.3/types.d.ts.map +1 -1
- package/lib/typescript/wallet-unit-attestation/api/types.d.ts +0 -11
- package/lib/typescript/wallet-unit-attestation/api/types.d.ts.map +1 -1
- package/lib/typescript/wallet-unit-attestation/v1.3.3/mappers.d.ts +0 -22
- package/lib/typescript/wallet-unit-attestation/v1.3.3/mappers.d.ts.map +1 -1
- package/lib/typescript/wallet-unit-attestation/v1.3.3/types.d.ts +0 -11
- package/lib/typescript/wallet-unit-attestation/v1.3.3/types.d.ts.map +1 -1
- package/package.json +6 -6
- package/src/credential/issuance/api/06-verify-and-parse-credential.ts +4 -0
- package/src/credential/issuance/common/02-start-user-authorization.ts +6 -3
- package/src/credential/issuance/common/06-verify-and-parse-credential.sdjwt.ts +42 -9
- package/src/credential/issuance/mrtd-pop/02-init-challenge.ts +69 -45
- package/src/credential/issuance/mrtd-pop/03-validate-challenge.ts +84 -62
- package/src/credential/issuance/mrtd-pop/index.ts +13 -5
- package/src/credential/issuance/v1.0.0/02-start-user-authorization.ts +1 -1
- package/src/credential/issuance/v1.0.0/index.ts +2 -2
- package/src/credential/issuance/v1.0.0/mappers.ts +4 -1
- package/src/credential/issuance/v1.3.3/01-evaluate-issuer-trust.ts +0 -2
- package/src/credential/issuance/v1.3.3/02-start-user-authorization.ts +24 -20
- package/src/credential/issuance/v1.3.3/04-authorize-access.ts +28 -23
- package/src/credential/issuance/v1.3.3/05-obtain-credential.ts +8 -8
- package/src/credential/issuance/v1.3.3/06-verify-and-parse-credential.ts +2 -1
- package/src/credential/issuance/v1.3.3/index.ts +2 -2
- package/src/credential/issuance/v1.3.3/mappers.ts +4 -1
- package/src/credential/presentation/{v1.3.3/utils.mdoc.ts → common/utils/mdoc.ts} +2 -2
- package/src/credential/presentation/v1.3.3/06-evaluate-dcql-query.ts +3 -3
- package/src/credential/status/README.md +3 -2
- package/src/credential/status/api/status-list.ts +10 -7
- package/src/credential/status/v1.3.3/01-status-list.ts +21 -7
- package/src/credential/status/v1.3.3/02-verify-and-parse-status-list.ts +19 -5
- package/src/mdoc/index.ts +5 -41
- package/src/sd-jwt/__test__/types.test.ts +1 -13
- package/src/sd-jwt/__test__/utils.test.ts +0 -12
- package/src/sd-jwt/types.ts +0 -13
- package/src/utils/callbacks.ts +28 -1
- package/src/utils/x509.ts +43 -0
- package/src/wallet-instance-attestation/api/types.ts +0 -2
- package/src/wallet-instance-attestation/v1.3.3/mappers.ts +3 -11
- package/src/wallet-instance-attestation/v1.3.3/types.ts +2 -7
- package/src/wallet-unit-attestation/api/types.ts +0 -11
- package/lib/commonjs/credential/issuance/common/authorization.js +0 -56
- package/lib/commonjs/credential/issuance/common/authorization.js.map +0 -1
- package/lib/commonjs/credential/presentation/v1.3.3/utils.mdoc.js.map +0 -1
- package/lib/module/credential/issuance/common/authorization.js +0 -48
- package/lib/module/credential/issuance/common/authorization.js.map +0 -1
- package/lib/module/credential/presentation/v1.3.3/utils.mdoc.js.map +0 -1
- package/lib/typescript/credential/issuance/common/authorization.d.ts +0 -21
- package/lib/typescript/credential/issuance/common/authorization.d.ts.map +0 -1
- package/lib/typescript/credential/presentation/v1.3.3/utils.mdoc.d.ts.map +0 -1
- package/src/credential/issuance/common/authorization.ts +0 -89
|
@@ -2,11 +2,12 @@ import { SignJWT } from "@pagopa/io-react-native-jwt";
|
|
|
2
2
|
import { createTokenDPoP } from "@pagopa/io-wallet-oauth2";
|
|
3
3
|
import { fetchCredentialResponse, createCredentialRequest } from "@pagopa/io-wallet-oid4vci";
|
|
4
4
|
import { UnexpectedStatusCodeError as SdkUnexpectedStatusCodeError } from "@pagopa/io-wallet-utils";
|
|
5
|
+
import { v4 as uuidv4 } from "uuid";
|
|
5
6
|
import { hasStatusOrThrow } from "../../../utils/misc";
|
|
6
7
|
import { IoWalletError, IssuerResponseError, IssuerResponseErrorCodes, ResponseErrorBuilder, ValidationFailed } from "../../../utils/errors";
|
|
7
8
|
import { LogLevel, Logger } from "../../../utils/logging";
|
|
8
9
|
import { sdkConfigV1_3 } from "../../../utils/config";
|
|
9
|
-
import { partialCallbacks } from "../../../utils/callbacks";
|
|
10
|
+
import { createSignJwtFromCryptoContext, partialCallbacks } from "../../../utils/callbacks";
|
|
10
11
|
import { NonceResponse } from "./types";
|
|
11
12
|
/**
|
|
12
13
|
* Helper to create a credential request and fetch it from the issuer.
|
|
@@ -89,20 +90,17 @@ export const requestCredentials = async _ref => {
|
|
|
89
90
|
keyAttestation: keyAttestationJwt,
|
|
90
91
|
signers
|
|
91
92
|
});
|
|
92
|
-
const dPopSignerJwk = await dPopCryptoContext.getPublicKey();
|
|
93
93
|
const credentialDPoP = await createTokenDPoP({
|
|
94
94
|
callbacks: {
|
|
95
95
|
...partialCallbacks,
|
|
96
|
-
signJwt:
|
|
97
|
-
jwt: await new SignJWT(dPopCryptoContext).setPayload(payload).sign(),
|
|
98
|
-
signerJwk: dPopSignerJwk
|
|
99
|
-
})
|
|
96
|
+
signJwt: createSignJwtFromCryptoContext(dPopCryptoContext)
|
|
100
97
|
},
|
|
101
98
|
signer: {
|
|
102
99
|
method: "jwk",
|
|
103
100
|
alg: "ES256",
|
|
104
|
-
publicJwk:
|
|
101
|
+
publicJwk: await dPopCryptoContext.getPublicKey()
|
|
105
102
|
},
|
|
103
|
+
jti: uuidv4(),
|
|
106
104
|
tokenRequest: {
|
|
107
105
|
method: "POST",
|
|
108
106
|
url: issuerConf.credential_endpoint
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["SignJWT","createTokenDPoP","fetchCredentialResponse","createCredentialRequest","UnexpectedStatusCodeError","SdkUnexpectedStatusCodeError","hasStatusOrThrow","IoWalletError","IssuerResponseError","IssuerResponseErrorCodes","ResponseErrorBuilder","ValidationFailed","LogLevel","Logger","sdkConfigV1_3","partialCallbacks","NonceResponse","requestCredentials","_ref","issuerConf","accessToken","credentialIdentifier","clientId","keyAttestationJwt","credentialCryptoContexts","dPopCryptoContext","appFetch","fetch","c_nonce","nonce_endpoint","method","headers","then","res","json","parse","keys","Promise","all","map","ctx","publicJwk","getPublicKey","cryptoContext","signJwt","jwtSigner","_ref2","header","payload","find","_ref3","kid","jwt","setProtectedHeader","setPayload","sign","signerJwk","signers","_ref4","alg","credentialRequest","config","callbacks","hash","credential_identifier","issuerIdentifier","credential_issuer","maxBatchSize","credential_issuance_batch_size","nonce","keyAttestation","
|
|
1
|
+
{"version":3,"names":["SignJWT","createTokenDPoP","fetchCredentialResponse","createCredentialRequest","UnexpectedStatusCodeError","SdkUnexpectedStatusCodeError","v4","uuidv4","hasStatusOrThrow","IoWalletError","IssuerResponseError","IssuerResponseErrorCodes","ResponseErrorBuilder","ValidationFailed","LogLevel","Logger","sdkConfigV1_3","createSignJwtFromCryptoContext","partialCallbacks","NonceResponse","requestCredentials","_ref","issuerConf","accessToken","credentialIdentifier","clientId","keyAttestationJwt","credentialCryptoContexts","dPopCryptoContext","appFetch","fetch","c_nonce","nonce_endpoint","method","headers","then","res","json","parse","keys","Promise","all","map","ctx","publicJwk","getPublicKey","cryptoContext","signJwt","jwtSigner","_ref2","header","payload","find","_ref3","kid","jwt","setProtectedHeader","setPayload","sign","signerJwk","signers","_ref4","alg","credentialRequest","config","callbacks","hash","credential_identifier","issuerIdentifier","credential_issuer","maxBatchSize","credential_issuance_batch_size","nonce","keyAttestation","credentialDPoP","signer","jti","tokenRequest","url","credential_endpoint","access_token","credentialEndpoint","dPoP","catch","handleObtainCredentialError","obtainCredential","credentialDefinition","context","credentialCryptoContext","walletUnitAttestation","message","credential_configuration_id","containsCredentialDefinition","authorization_details","some","c","credential_identifiers","includes","log","ERROR","credentialRes","DEBUG","JSON","stringify","issuerCredentialConfig","credential_configurations_supported","credential","credentials","at","format","obtainCredentialsBatch","_ref5","e","handle","code","CredentialInvalidStatus","CredentialRequestFailed","buildFrom"],"sourceRoot":"../../../../../src","sources":["credential/issuance/v1.3.3/05-obtain-credential.ts"],"mappings":"AAAA,SAA6BA,OAAO,QAAQ,6BAA6B;AACzE,SACEC,eAAe,QAGV,0BAA0B;AACjC,SACEC,uBAAuB,EACvBC,uBAAuB,QAClB,2BAA2B;AAClC,SAASC,yBAAyB,IAAIC,4BAA4B,QAAQ,yBAAyB;AACnG,SAASC,EAAE,IAAIC,MAAM,QAAQ,MAAM;AACnC,SAASC,gBAAgB,QAAkB,qBAAqB;AAChE,SACEC,aAAa,EACbC,mBAAmB,EACnBC,wBAAwB,EACxBC,oBAAoB,EACpBC,gBAAgB,QACX,uBAAuB;AAC9B,SAASC,QAAQ,EAAEC,MAAM,QAAQ,wBAAwB;AACzD,SAASC,aAAa,QAAQ,uBAAuB;AACrD,SACEC,8BAA8B,EAC9BC,gBAAgB,QACX,0BAA0B;AAEjC,SAASC,aAAa,QAAQ,SAAS;AAcvC;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMC,kBAAkB,GAAG,MAAAC,IAAA,IASP;EAAA,IATc;IACvCC,UAAU;IACVC,WAAW;IACXC,oBAAoB;IACpBC,QAAQ;IACRC,iBAAiB;IACjBC,wBAAwB;IACxBC,iBAAiB;IACjBC,QAAQ,GAAGC;EACQ,CAAC,GAAAT,IAAA;EACpB,MAAM;IAAEU;EAAQ,CAAC,GAAG,MAAMF,QAAQ,CAACP,UAAU,CAACU,cAAc,EAAE;IAC5DC,MAAM,EAAE,MAAM;IACdC,OAAO,EAAE;MAAE,cAAc,EAAE;IAAmB;EAChD,CAAC,CAAC,CACCC,IAAI,CAAC3B,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAC3B2B,IAAI,CAAEC,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBF,IAAI,CAAChB,aAAa,CAACmB,KAAK,CAAC;EAE5B,MAAMC,IAAI,GAAG,MAAMC,OAAO,CAACC,GAAG,CAC5Bd,wBAAwB,CAACe,GAAG,CAAC,MAAOC,GAAG,IAAK;IAC1C,MAAMC,SAAS,GAAG,MAAMD,GAAG,CAACE,YAAY,CAAC,CAAC;IAC1C,OAAO;MAAED,SAAS;MAAEE,aAAa,EAAEH;IAAI,CAAC;EAC1C,CAAC,CACH,CAAC;EAED,MAAMI,OAAmC,GAAG,MAAAA,CAC1CC,SAAS,EAAAC,KAAA,KAEN;IAAA,IADH;MAAEC,MAAM;MAAEC;IAAQ,CAAC,GAAAF,KAAA;IAEnB,IAAID,SAAS,CAACf,MAAM,KAAK,KAAK,EAAE;MAC9B,MAAM,IAAIxB,aAAa,CAAE,8BAA6BuC,SAAS,CAACf,MAAO,EAAC,CAAC;IAC3E;IAEA,MAAM;MAAEa;IAAc,CAAC,GACrBP,IAAI,CAACa,IAAI,CAACC,KAAA;MAAA,IAAC;QAAET;MAAU,CAAC,GAAAS,KAAA;MAAA,OAAKT,SAAS,CAACU,GAAG,KAAKN,SAAS,CAACJ,SAAS,CAACU,GAAG;IAAA,EAAC,IACvE,CAAC,CAAC;IAEJ,IAAI,CAACR,aAAa,EAAE;MAClB,MAAM,IAAIrC,aAAa,CACpB,wCAAuCuC,SAAS,CAACJ,SAAS,CAACU,GAAI,EAClE,CAAC;IACH;IAEA,OAAO;MACLC,GAAG,EAAE,MAAM,IAAIvD,OAAO,CAAC8C,aAAa,CAAC,CAClCU,kBAAkB,CAACN,MAAM,CAAC,CAC1BO,UAAU,CAACN,OAAO,CAAC,CACnBO,IAAI,CAAC,CAAC;MACTC,SAAS,EAAEX,SAAS,CAACJ;IACvB,CAAC;EACH,CAAC;EAED,MAAMgB,OAAO,GAAGrB,IAAI,CAACG,GAAG,CAAemB,KAAA;IAAA,IAAC;MAAEjB;IAAU,CAAC,GAAAiB,KAAA;IAAA,OAAM;MACzDC,GAAG,EAAE,OAAO;MACZ7B,MAAM,EAAE,KAAK;MACbW;IACF,CAAC;EAAA,CAAC,CAAC;EAEH,MAAMmB,iBAAiB,GAAG,MAAM5D,uBAAuB,CAAC;IACtD6D,MAAM,EAAEhD,aAAa;IACrBiD,SAAS,EAAE;MACTC,IAAI,EAAEhD,gBAAgB,CAACgD,IAAI;MAC3BnB;IACF,CAAC;IACDtB,QAAQ;IACR0C,qBAAqB,EAAE3C,oBAAoB;IAC3C4C,gBAAgB,EAAE9C,UAAU,CAAC+C,iBAAiB;IAC9CC,YAAY,EAAEhD,UAAU,CAACiD,8BAA8B;IACvDC,KAAK,EAAEzC,OAAO;IACd0C,cAAc,EAAE/C,iBAAiB;IACjCkC;EACF,CAAC,CAAC;EAEF,MAAMc,cAAc,GAAG,MAAMzE,eAAe,CAAC;IAC3CgE,SAAS,EAAE;MACT,GAAG/C,gBAAgB;MACnB6B,OAAO,EAAE9B,8BAA8B,CAACW,iBAAiB;IAC3D,CAAC;IACD+C,MAAM,EAAE;MACN1C,MAAM,EAAE,KAAK;MACb6B,GAAG,EAAE,OAAO;MACZlB,SAAS,EAAE,MAAMhB,iBAAiB,CAACiB,YAAY,CAAC;IAClD,CAAC;IACD+B,GAAG,EAAErE,MAAM,CAAC,CAAC;IACbsE,YAAY,EAAE;MACZ5C,MAAM,EAAE,MAAM;MACd6C,GAAG,EAAExD,UAAU,CAACyD;IAClB,CAAC;IACDxD,WAAW,EAAEA,WAAW,CAACyD;EAC3B,CAAC,CAAC;EAEF,OAAO,MAAM9E,uBAAuB,CAAC;IACnC+D,SAAS,EAAE;MACTnC,KAAK,EAAED;IACT,CAAC;IACDoD,kBAAkB,EAAE3D,UAAU,CAACyD,mBAAmB;IAClDhB,iBAAiB,EAAEA,iBAAiB;IACpCxC,WAAW,EAAEA,WAAW,CAACyD,YAAY;IACrCE,IAAI,EAAER,cAAc,CAACnB;EACvB,CAAC,CAAC,CAAC4B,KAAK,CAACC,2BAA2B,CAAC;AACvC,CAAC;AAED,OAAO,MAAMC,gBAAiD,GAAG,MAAAA,CAC/D/D,UAAU,EACVC,WAAW,EACXE,QAAQ,EACR6D,oBAAoB,EACpBC,OAAO,KACJ;EACH,MAAM;IACJC,uBAAuB;IACvB5D,iBAAiB;IACjB6D,qBAAqB;IACrB5D,QAAQ,GAAGC;EACb,CAAC,GAAGyD,OAAO;EACX,IAAI,CAACE,qBAAqB,EAAE;IAC1B,MAAM,IAAI5E,gBAAgB,CAAC;MACzB6E,OAAO,EACL;IACJ,CAAC,CAAC;EACJ;EAEA,MAAM;IAAEC,2BAA2B;IAAExB;EAAsB,CAAC,GAC1DmB,oBAAoB;;EAEtB;EACA,MAAMM,4BAA4B,GAAGrE,WAAW,CAACsE,qBAAqB,CAACC,IAAI,CACxEC,CAAC,IACAA,CAAC,CAACJ,2BAA2B,KAAKA,2BAA2B,KAC5DxB,qBAAqB,GAClB4B,CAAC,CAACC,sBAAsB,CAACC,QAAQ,CAAC9B,qBAAqB,CAAC,GACxD,IAAI,CACZ,CAAC;EAED,IAAI,CAACyB,4BAA4B,EAAE;IACjC7E,MAAM,CAACmF,GAAG,CACRpF,QAAQ,CAACqF,KAAK,EACb,gEAA+D5E,WAAW,CAACsE,qBAAsB,EACpG,CAAC;IACD,MAAM,IAAIhF,gBAAgB,CAAC;MACzB6E,OAAO,EACL;IACJ,CAAC,CAAC;EACJ;EAEA,MAAMU,aAAa,GAAG,MAAMhF,kBAAkB,CAAC;IAC7CE,UAAU;IACVC,WAAW;IACXE,QAAQ;IACRE,wBAAwB,EAAE,CAAC6D,uBAAuB,CAAC;IACnDhE,oBAAoB,EAAE2C,qBAAsB;IAC5CvC,iBAAiB;IACjBF,iBAAiB,EAAE+D,qBAAqB;IACxC5D;EACF,CAAC,CAAC;EAEFd,MAAM,CAACmF,GAAG,CACRpF,QAAQ,CAACuF,KAAK,EACb,wBAAuBC,IAAI,CAACC,SAAS,CAACH,aAAa,CAAE,EACxD,CAAC;;EAED;EACA,MAAMI,sBAAsB,GAC1BlF,UAAU,CAACmF,mCAAmC,CAACd,2BAA2B,CAAC;EAE7E,IAAI,gBAAgB,IAAIS,aAAa,EAAE;IACrC,MAAM,IAAI3F,aAAa,CAAC,oCAAoC,CAAC;EAC/D;;EAEA;EACA,OAAO;IACLiG,UAAU,EAAEN,aAAa,CAACO,WAAW,CAACC,EAAE,CAAC,CAAC,CAAC,CAAEF,UAAU;IACvDG,MAAM,EAAEL,sBAAsB,CAAEK;EAClC,CAAC;AACH,CAAC;AAED,OAAO,MAAMC,sBAA6D,GACxE,MAAAA,CAAOxF,UAAU,EAAEC,WAAW,EAAEE,QAAQ,EAAE6D,oBAAoB,EAAEC,OAAO,KAAK;EAC1E,MAAM;IACJ5D,wBAAwB;IACxBC,iBAAiB;IACjB6D,qBAAqB;IACrB5D,QAAQ,GAAGC;EACb,CAAC,GAAGyD,OAAO;EACX,IAAI,CAACE,qBAAqB,EAAE;IAC1B,MAAM,IAAI5E,gBAAgB,CAAC;MACzB6E,OAAO,EACL;IACJ,CAAC,CAAC;EACJ;EAEA,MAAM;IAAEC,2BAA2B;IAAExB;EAAsB,CAAC,GAC1DmB,oBAAoB;EAEtB,MAAMc,aAAa,GAAG,MAAMhF,kBAAkB,CAAC;IAC7CE,UAAU;IACVC,WAAW;IACXE,QAAQ;IACRE,wBAAwB;IACxBH,oBAAoB,EAAE2C,qBAAqB;IAC3CvC,iBAAiB;IACjBF,iBAAiB,EAAE+D,qBAAqB;IACxC5D;EACF,CAAC,CAAC;;EAEF;EACA,MAAM2E,sBAAsB,GAC1BlF,UAAU,CAACmF,mCAAmC,CAC5Cd,2BAA2B,CAC5B;EAEH,IAAI,gBAAgB,IAAIS,aAAa,EAAE;IACrC,MAAM,IAAI3F,aAAa,CAAC,8CAA8C,CAAC;EACzE;EAEA,OAAO2F,aAAa,CAACO,WAAW,CAACjE,GAAG,CAACqE,KAAA;IAAA,IAAC;MAAEL;IAAW,CAAC,GAAAK,KAAA;IAAA,OAAM;MACxDL,UAAU;MACVG,MAAM,EAAEL,sBAAsB,CAAEK;IAClC,CAAC;EAAA,CAAC,CAAC;AACL,CAAC;;AAEH;AACA;AACA;AACA;AACA;AACA;AACA,MAAMzB,2BAA2B,GAAI4B,CAAU,IAAK;EAClDjG,MAAM,CAACmF,GAAG,CAACpF,QAAQ,CAACqF,KAAK,EAAG,8CAA6Ca,CAAE,EAAC,CAAC;EAE7E,IAAI,EAAEA,CAAC,YAAY3G,4BAA4B,CAAC,EAAE;IAChD,MAAM2G,CAAC;EACT;EAEA,MAAM,IAAIpG,oBAAoB,CAACF,mBAAmB,CAAC,CAChDuG,MAAM,CAAC,GAAG,EAAE;IACXC,IAAI,EAAEvG,wBAAwB,CAACwG,uBAAuB;IACtDzB,OAAO,EAAE;EACX,CAAC,CAAC,CACDuB,MAAM,CAAC,GAAG,EAAE;IACXC,IAAI,EAAEvG,wBAAwB,CAACwG,uBAAuB;IACtDzB,OAAO,EAAE;EACX,CAAC,CAAC,CACDuB,MAAM,CAAC,GAAG,EAAE;IACXC,IAAI,EAAEvG,wBAAwB,CAACyG,uBAAuB;IACtD1B,OAAO,EAAE;EACX,CAAC,CAAC,CACD2B,SAAS,CAACL,CAAC,CAAC;AACjB,CAAC"}
|
|
@@ -9,7 +9,10 @@ export const verifyAndParseCredential = async (issuerConf, credential, credentia
|
|
|
9
9
|
case "dc+sd-jwt":
|
|
10
10
|
{
|
|
11
11
|
Logger.log(LogLevel.DEBUG, "Parsing credential in dc+sd-jwt format");
|
|
12
|
-
return verifyAndParseCredentialSdJwt(issuerConf, credential, credentialConfigurationId,
|
|
12
|
+
return verifyAndParseCredentialSdJwt(issuerConf, credential, credentialConfigurationId, {
|
|
13
|
+
validateCertificateChain: true,
|
|
14
|
+
...context
|
|
15
|
+
}, x509CertRoot);
|
|
13
16
|
}
|
|
14
17
|
case "mso_mdoc":
|
|
15
18
|
{
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["IoWalletError","Logger","LogLevel","verifyAndParseCredentialMDoc","verifyAndParseCredentialSdJwt","verifyAndParseCredential","issuerConf","credential","credentialConfigurationId","context","x509CertRoot","_issuerConf$credentia","format","credential_configurations_supported","log","DEBUG","message","ERROR"],"sourceRoot":"../../../../../src","sources":["credential/issuance/v1.3.3/06-verify-and-parse-credential.ts"],"mappings":"AAAA,SAASA,aAAa,QAAQ,uBAAuB;AACrD,SAASC,MAAM,EAAEC,QAAQ,QAAQ,wBAAwB;AAEzD,SAASC,4BAA4B,QAAQ,+CAA+C;AAC5F,SAASC,6BAA6B,QAAQ,gDAAgD;AAE9F,OAAO,MAAMC,wBAAiE,GAC5E,MAAAA,CACEC,UAAU,EACVC,UAAU,EACVC,yBAAyB,EACzBC,OAAO,EACPC,YAAY,KACT;EAAA,IAAAC,qBAAA;EACH,MAAMC,MAAM,IAAAD,qBAAA,GACVL,UAAU,CAACO,mCAAmC,CAACL,yBAAyB,CAAC,cAAAG,qBAAA,uBAAzEA,qBAAA,CACIC,MAAM;EAEZ,QAAQA,MAAM;IACZ,KAAK,WAAW;MAAE;QAChBX,MAAM,CAACa,GAAG,CAACZ,QAAQ,CAACa,KAAK,EAAE,wCAAwC,CAAC;QACpE,OAAOX,6BAA6B,CAClCE,UAAU,EACVC,UAAU,EACVC,yBAAyB,
|
|
1
|
+
{"version":3,"names":["IoWalletError","Logger","LogLevel","verifyAndParseCredentialMDoc","verifyAndParseCredentialSdJwt","verifyAndParseCredential","issuerConf","credential","credentialConfigurationId","context","x509CertRoot","_issuerConf$credentia","format","credential_configurations_supported","log","DEBUG","validateCertificateChain","message","ERROR"],"sourceRoot":"../../../../../src","sources":["credential/issuance/v1.3.3/06-verify-and-parse-credential.ts"],"mappings":"AAAA,SAASA,aAAa,QAAQ,uBAAuB;AACrD,SAASC,MAAM,EAAEC,QAAQ,QAAQ,wBAAwB;AAEzD,SAASC,4BAA4B,QAAQ,+CAA+C;AAC5F,SAASC,6BAA6B,QAAQ,gDAAgD;AAE9F,OAAO,MAAMC,wBAAiE,GAC5E,MAAAA,CACEC,UAAU,EACVC,UAAU,EACVC,yBAAyB,EACzBC,OAAO,EACPC,YAAY,KACT;EAAA,IAAAC,qBAAA;EACH,MAAMC,MAAM,IAAAD,qBAAA,GACVL,UAAU,CAACO,mCAAmC,CAACL,yBAAyB,CAAC,cAAAG,qBAAA,uBAAzEA,qBAAA,CACIC,MAAM;EAEZ,QAAQA,MAAM;IACZ,KAAK,WAAW;MAAE;QAChBX,MAAM,CAACa,GAAG,CAACZ,QAAQ,CAACa,KAAK,EAAE,wCAAwC,CAAC;QACpE,OAAOX,6BAA6B,CAClCE,UAAU,EACVC,UAAU,EACVC,yBAAyB,EACzB;UAAEQ,wBAAwB,EAAE,IAAI;UAAE,GAAGP;QAAQ,CAAC,EAC9CC,YACF,CAAC;MACH;IACA,KAAK,UAAU;MAAE;QACfT,MAAM,CAACa,GAAG,CAACZ,QAAQ,CAACa,KAAK,EAAE,uCAAuC,CAAC;QACnE,OAAOZ,4BAA4B,CACjCG,UAAU,EACVC,UAAU,EACVC,yBAAyB,EACzBC,OAAO,EACPC,YACF,CAAC;MACH;IAEA;MAAS;QACP,MAAMO,OAAO,GAAI,kCAAiCL,MAAO,EAAC;QAC1DX,MAAM,CAACa,GAAG,CAACZ,QAAQ,CAACgB,KAAK,EAAED,OAAO,CAAC;QACnC,MAAM,IAAIjB,aAAa,CAACiB,OAAO,CAAC;MAClC;EACF;AACF,CAAC"}
|
|
@@ -4,7 +4,7 @@ import { continueUserAuthorizationWithMRTDPoPChallenge, completeUserAuthorizatio
|
|
|
4
4
|
import { authorizeAccess } from "./04-authorize-access";
|
|
5
5
|
import { obtainCredential, obtainCredentialsBatch } from "./05-obtain-credential";
|
|
6
6
|
import { verifyAndParseCredential } from "./06-verify-and-parse-credential";
|
|
7
|
-
import {
|
|
7
|
+
import { MRTDPoPv1_3 } from "../mrtd-pop";
|
|
8
8
|
export const Issuance = {
|
|
9
9
|
evaluateIssuerTrust,
|
|
10
10
|
startUserAuthorization,
|
|
@@ -17,6 +17,6 @@ export const Issuance = {
|
|
|
17
17
|
obtainCredential,
|
|
18
18
|
obtainCredentialsBatch,
|
|
19
19
|
verifyAndParseCredential,
|
|
20
|
-
MRTDPoP
|
|
20
|
+
MRTDPoP: MRTDPoPv1_3
|
|
21
21
|
};
|
|
22
22
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["evaluateIssuerTrust","startUserAuthorization","continueUserAuthorizationWithMRTDPoPChallenge","completeUserAuthorizationWithQueryMode","completeUserAuthorizationWithFormPostJwtMode","buildAuthorizationUrl","getRequestedCredentialToBePresented","authorizeAccess","obtainCredential","obtainCredentialsBatch","verifyAndParseCredential","
|
|
1
|
+
{"version":3,"names":["evaluateIssuerTrust","startUserAuthorization","continueUserAuthorizationWithMRTDPoPChallenge","completeUserAuthorizationWithQueryMode","completeUserAuthorizationWithFormPostJwtMode","buildAuthorizationUrl","getRequestedCredentialToBePresented","authorizeAccess","obtainCredential","obtainCredentialsBatch","verifyAndParseCredential","MRTDPoPv1_3","Issuance","MRTDPoP"],"sourceRoot":"../../../../../src","sources":["credential/issuance/v1.3.3/index.ts"],"mappings":"AACA,SAASA,mBAAmB,QAAQ,4BAA4B;AAChE,SAASC,sBAAsB,QAAQ,+BAA+B;AACtE,SACEC,6CAA6C,EAC7CC,sCAAsC,EACtCC,4CAA4C,EAC5CC,qBAAqB,EACrBC,mCAAmC,QAC9B,kCAAkC;AACzC,SAASC,eAAe,QAAQ,uBAAuB;AACvD,SACEC,gBAAgB,EAChBC,sBAAsB,QACjB,wBAAwB;AAC/B,SAASC,wBAAwB,QAAQ,kCAAkC;AAC3E,SAASC,WAAW,QAAQ,aAAa;AAEzC,OAAO,MAAMC,QAAqB,GAAG;EACnCZ,mBAAmB;EACnBC,sBAAsB;EACtBI,qBAAqB;EACrBF,sCAAsC;EACtCD,6CAA6C;EAC7CI,mCAAmC;EACnCF,4CAA4C;EAC5CG,eAAe;EACfC,gBAAgB;EAChBC,sBAAsB;EACtBC,wBAAwB;EACxBG,OAAO,EAAEF;AACX,CAAC"}
|
|
@@ -35,7 +35,7 @@ export const mapToIssuerConfig = createMapper(x => {
|
|
|
35
35
|
credential_endpoint: openid_credential_issuer.credential_endpoint,
|
|
36
36
|
credential_issuer: openid_credential_issuer.credential_issuer,
|
|
37
37
|
credential_configurations_supported: mapCredentialConfigurationsSupported(openid_credential_issuer),
|
|
38
|
-
keys: openid_credential_issuer.jwks.keys,
|
|
38
|
+
keys: [...openid_credential_issuer.jwks.keys, ...oauth_authorization_server.jwks.keys],
|
|
39
39
|
pushed_authorization_request_endpoint: oauth_authorization_server.pushed_authorization_request_endpoint,
|
|
40
40
|
token_endpoint: oauth_authorization_server.token_endpoint,
|
|
41
41
|
nonce_endpoint: openid_credential_issuer.nonce_endpoint,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["assert","createMapper","IssuerConfig","mapCredentialConfigurationsSupported","oidIssuer","Object","entries","credential_configurations_supported","reduce","acc","_ref","_config$credential_me","key","config","format","vct","doctype","scope","display","credential_metadata","claims","map","claim","path","mapToIssuerConfig","x","_openid_credential_is","oauth_authorization_server","openid_credential_issuer","federation_entity","metadata","authorization_endpoint","credential_endpoint","credential_issuer","keys","jwks","pushed_authorization_request_endpoint","token_endpoint","nonce_endpoint","credential_issuance_batch_size","batch_credential_issuance","batch_size","outputSchema","mapToRequestObject","_ref2","payload","iss","client_id","dcql_query","nonce","response_uri","state","response_mode","response_type"],"sourceRoot":"../../../../../src","sources":["credential/issuance/v1.3.3/mappers.ts"],"mappings":"AAEA,SAASA,MAAM,QAAQ,qBAAqB;AAC5C,SAASC,YAAY,QAAQ,wBAAwB;AAGrD,SAASC,YAAY,QAAQ,qBAAqB;AAOlD,MAAMC,oCAAoC,GACxCC,SAA8C,IAE9CC,MAAM,CAACC,OAAO,CAACF,SAAS,CAACG,mCAAmC,CAAC,CAACC,MAAM,CAClE,CAACC,GAAG,EAAAC,IAAA,KAAoB;EAAA,IAAAC,qBAAA;EAAA,IAAlB,CAACC,GAAG,EAAEC,MAAM,CAAC,GAAAH,IAAA;EACjBD,GAAG,CAACG,GAAG,CAAC,GAAG;IACT,IAAIC,MAAM,CAACC,MAAM,KAAK,WAAW,GAC7B;MAAEA,MAAM,EAAED,MAAM,CAACC,MAAM;MAAEC,GAAG,EAAEF,MAAM,CAACE;IAAI,CAAC,GAC1C;MAAED,MAAM,EAAED,MAAM,CAACC,MAAM;MAAEE,OAAO,EAAEH,MAAM,CAACG;IAAQ,CAAC,CAAC;IACvDC,KAAK,EAAEJ,MAAM,CAACI,KAAK;IACnBC,OAAO,EAAEL,MAAM,CAACM,mBAAmB,CAACD,OAAQ;IAC5CE,MAAM,EACJ,EAAAT,qBAAA,GAAAE,MAAM,CAACM,mBAAmB,CAACC,MAAM,cAAAT,qBAAA,uBAAjCA,qBAAA,CAAmCU,GAAG,CAAEC,KAAK,KAAM;MACjDC,IAAI,EAAED,KAAK,CAACC,IAAI;MAChBL,OAAO,EAAEI,KAAK,CAACJ,OAAO,IAAI;IAC5B,CAAC,CAAC,CAAC,KAAI;EACX,CAAC;EACD,OAAOT,GAAG;AACZ,CAAC,EACD,CAAC,CACH,CAAC;AAEH,OAAO,MAAMe,iBAAiB,GAAGvB,YAAY,CAI1CwB,CAAC,IAAK;EAAA,IAAAC,qBAAA;EACL,MAAM;IACJC,0BAA0B;IAC1BC,wBAAwB;IACxBC;EACF,CAAC,GAAGJ,CAAC,CAACK,QAAQ;EAEd9B,MAAM,CACJ2B,0BAA0B,EAC1B,2DACF,CAAC;EACD3B,MAAM,CACJ4B,wBAAwB,EACxB,yDACF,CAAC;EAED,OAAO;IACLG,sBAAsB,EAAEJ,0BAA0B,CAACI,sBAAsB;IACzEC,mBAAmB,EAAEJ,wBAAwB,CAACI,mBAAmB;IACjEC,iBAAiB,EAAEL,wBAAwB,CAACK,iBAAiB;IAC7D1B,mCAAmC,EAAEJ,oCAAoC,CACvEyB,wBACF,CAAC;IACDM,IAAI,
|
|
1
|
+
{"version":3,"names":["assert","createMapper","IssuerConfig","mapCredentialConfigurationsSupported","oidIssuer","Object","entries","credential_configurations_supported","reduce","acc","_ref","_config$credential_me","key","config","format","vct","doctype","scope","display","credential_metadata","claims","map","claim","path","mapToIssuerConfig","x","_openid_credential_is","oauth_authorization_server","openid_credential_issuer","federation_entity","metadata","authorization_endpoint","credential_endpoint","credential_issuer","keys","jwks","pushed_authorization_request_endpoint","token_endpoint","nonce_endpoint","credential_issuance_batch_size","batch_credential_issuance","batch_size","outputSchema","mapToRequestObject","_ref2","payload","iss","client_id","dcql_query","nonce","response_uri","state","response_mode","response_type"],"sourceRoot":"../../../../../src","sources":["credential/issuance/v1.3.3/mappers.ts"],"mappings":"AAEA,SAASA,MAAM,QAAQ,qBAAqB;AAC5C,SAASC,YAAY,QAAQ,wBAAwB;AAGrD,SAASC,YAAY,QAAQ,qBAAqB;AAOlD,MAAMC,oCAAoC,GACxCC,SAA8C,IAE9CC,MAAM,CAACC,OAAO,CAACF,SAAS,CAACG,mCAAmC,CAAC,CAACC,MAAM,CAClE,CAACC,GAAG,EAAAC,IAAA,KAAoB;EAAA,IAAAC,qBAAA;EAAA,IAAlB,CAACC,GAAG,EAAEC,MAAM,CAAC,GAAAH,IAAA;EACjBD,GAAG,CAACG,GAAG,CAAC,GAAG;IACT,IAAIC,MAAM,CAACC,MAAM,KAAK,WAAW,GAC7B;MAAEA,MAAM,EAAED,MAAM,CAACC,MAAM;MAAEC,GAAG,EAAEF,MAAM,CAACE;IAAI,CAAC,GAC1C;MAAED,MAAM,EAAED,MAAM,CAACC,MAAM;MAAEE,OAAO,EAAEH,MAAM,CAACG;IAAQ,CAAC,CAAC;IACvDC,KAAK,EAAEJ,MAAM,CAACI,KAAK;IACnBC,OAAO,EAAEL,MAAM,CAACM,mBAAmB,CAACD,OAAQ;IAC5CE,MAAM,EACJ,EAAAT,qBAAA,GAAAE,MAAM,CAACM,mBAAmB,CAACC,MAAM,cAAAT,qBAAA,uBAAjCA,qBAAA,CAAmCU,GAAG,CAAEC,KAAK,KAAM;MACjDC,IAAI,EAAED,KAAK,CAACC,IAAI;MAChBL,OAAO,EAAEI,KAAK,CAACJ,OAAO,IAAI;IAC5B,CAAC,CAAC,CAAC,KAAI;EACX,CAAC;EACD,OAAOT,GAAG;AACZ,CAAC,EACD,CAAC,CACH,CAAC;AAEH,OAAO,MAAMe,iBAAiB,GAAGvB,YAAY,CAI1CwB,CAAC,IAAK;EAAA,IAAAC,qBAAA;EACL,MAAM;IACJC,0BAA0B;IAC1BC,wBAAwB;IACxBC;EACF,CAAC,GAAGJ,CAAC,CAACK,QAAQ;EAEd9B,MAAM,CACJ2B,0BAA0B,EAC1B,2DACF,CAAC;EACD3B,MAAM,CACJ4B,wBAAwB,EACxB,yDACF,CAAC;EAED,OAAO;IACLG,sBAAsB,EAAEJ,0BAA0B,CAACI,sBAAsB;IACzEC,mBAAmB,EAAEJ,wBAAwB,CAACI,mBAAmB;IACjEC,iBAAiB,EAAEL,wBAAwB,CAACK,iBAAiB;IAC7D1B,mCAAmC,EAAEJ,oCAAoC,CACvEyB,wBACF,CAAC;IACDM,IAAI,EAAE,CACJ,GAAGN,wBAAwB,CAACO,IAAI,CAACD,IAAI,EACrC,GAAGP,0BAA0B,CAACQ,IAAI,CAACD,IAAI,CAC/B;IACVE,qCAAqC,EACnCT,0BAA0B,CAACS,qCAAqC;IAClEC,cAAc,EAAEV,0BAA0B,CAACU,cAAc;IACzDC,cAAc,EAAEV,wBAAwB,CAACU,cAAe;IACxDT,iBAAiB,EAAEA,iBAAiB,IAAI,CAAC,CAAC;IAC1CU,8BAA8B,GAAAb,qBAAA,GAC5BE,wBAAwB,CAACY,yBAAyB,cAAAd,qBAAA,uBAAlDA,qBAAA,CAAoDe;EACxD,CAAC;AACH,CAAC,EACD;EAAEC,YAAY,EAAExC;AAAa,CAAC,CAAC;AACjC,CAAC;;AAED,OAAO,MAAMyC,kBAAkB,GAAG1C,YAAY,CAG5C2C,KAAA;EAAA,IAAC;IAAEC;EAAQ,CAAC,GAAAD,KAAA;EAAA,OAAM;IAClBE,GAAG,EAAED,OAAO,CAACC,GAAG,IAAI,gBAAgB;IACpCC,SAAS,EAAEF,OAAO,CAACE,SAAS;IAC5BC,UAAU,EAAEH,OAAO,CAACG,UAAU;IAC9BC,KAAK,EAAEJ,OAAO,CAACI,KAAK;IACpBC,YAAY,EAAEL,OAAO,CAACK,YAAY;IAClCC,KAAK,EAAEN,OAAO,CAACM,KAAK;IACpBC,aAAa,EAAEP,OAAO,CAACO,aAAa;IACpCC,aAAa,EAAER,OAAO,CAACQ;EACzB,CAAC;AAAA,CAAC,CAAC"}
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import { CBOR } from "@pagopa/io-react-native-iso18013";
|
|
2
2
|
import { b64utob64 } from "jsrsasign";
|
|
3
|
-
import { getValidDcqlClaims } from "
|
|
3
|
+
import { getValidDcqlClaims } from "./dcql";
|
|
4
4
|
/**
|
|
5
5
|
* Convert a list of credential in mdoc format to a list of objects
|
|
6
6
|
* with namespaces for correct parsing by the `dcql` library.
|
|
@@ -76,4 +76,4 @@ export const getPresentationFrameFromClaims = (requestedClaims, docType) => ({
|
|
|
76
76
|
return acc;
|
|
77
77
|
}, {})
|
|
78
78
|
});
|
|
79
|
-
//# sourceMappingURL=
|
|
79
|
+
//# sourceMappingURL=mdoc.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["CBOR","b64utob64","getValidDcqlClaims","mapCredentialsToObj","credentialsMdoc","Promise","all","map","credential","issuerSigned","decodeIssuerSigned","namespaces","Object","entries","nameSpaces","reduce","acc","_ref","ns","nsClaims","flattenNsClaims","ac","_ref2","el","elementIdentifier","elementValue","credential_format","doctype","issuerAuth","payload","docType","cryptographic_holder_binding","original_credential","getClaimsFromDcqlMatch","match","flatMap","_ref3","output","_ref4","keys","claimName","namespace","name","value","getPresentationFrameFromClaims","requestedClaims","_ref5","existingNamespace"],"sourceRoot":"../../../../../../src","sources":["credential/presentation/common/utils/mdoc.ts"],"mappings":"AAAA,SAASA,IAAI,QAAQ,kCAAkC;AACvD,SAASC,SAAS,QAAQ,WAAW;AAOrC,SAASC,kBAAkB,QAAQ,QAAQ;AAM3C;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMC,mBAAmB,GAAG,MACjCC,eAAkC,IACM;EACxC,OAAO,MAAMC,OAAO,CAACC,GAAG,CACtBF,eAAe,CAACG,GAAG,CAAC,MAAOC,UAAU,IAAK;IACxC,MAAMC,YAAY,GAAG,MAAMT,IAAI,CAACU,kBAAkB,CAChDT,SAAS,CAACO,UAAU,CAAC,CAAC,CAAC,CACzB,CAAC;IAED,MAAMG,UAAU,GAAGC,MAAM,CAACC,OAAO,CAACJ,YAAY,CAACK,UAAU,CAAC,CAACC,MAAM,CAC/D,CAACC,GAAG,EAAAC,IAAA,KAAqB;MAAA,IAAnB,CAACC,EAAE,EAAEC,QAAQ,CAAC,GAAAF,IAAA;MAClB,MAAMG,eAAe,GAAGR,MAAM,CAACC,OAAO,CAACM,QAAQ,CAAC,CAACJ,MAAM,CACrD,CAACM,EAAE,EAAAC,KAAA;QAAA,IAAE,GAAGC,EAAE,CAAC,GAAAD,KAAA;QAAA,OAAM;UACf,GAAGD,EAAE;UACL,CAACE,EAAE,CAACC,iBAAiB,GAAGD,EAAE,CAACE;QAC7B,CAAC;MAAA,CAAC,EACF,CAAC,CACH,CAAC;MAED,OAAO;QACL,GAAGT,GAAG;QACN,CAACE,EAAE,GAAGE;MACR,CAAC;IACH,CAAC,EACD,CAAC,CACH,CAAC;IAED,OAAO;MACLM,iBAAiB,EAAE,UAAU;MAC7BC,OAAO,EAAElB,YAAY,CAACmB,UAAU,CAACC,OAAO,CAACC,OAAO,IAAI,iBAAiB;MACrEC,4BAA4B,EAAE,IAAI;MAClCpB,UAAU;MACVqB,mBAAmB,EAAExB;IACvB,CAAC;EACH,CAAC,CACH,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMyB,sBAAsB,GACjCC,KAAsC,IAEtChC,kBAAkB,CAACgC,KAAK,CAAC,CAACC,OAAO,CAACC,KAAA;EAAA,IAAC;IAAEC;EAAO,CAAC,GAAAD,KAAA;EAAA,OAC3CxB,MAAM,CAACC,OAAO,CAACwB,MAAM,CAAC,CAACF,OAAO,CAACG,KAAA;IAAA,IAAC,CAACpB,EAAE,EAAEC,QAAQ,CAAC,GAAAmB,KAAA;IAAA,OAC5C1B,MAAM,CAAC2B,IAAI,CAACpB,QAAQ,CAAC,CAACZ,GAAG,CAAEiC,SAAS,KAAM;MACxCC,SAAS,EAAEvB,EAAE;MACbwB,IAAI,EAAEF,SAAS;MACfG,KAAK,EAAExB,QAAQ,CAACqB,SAAS;IAC3B,CAAC,CAAC,CAAC;EAAA,CACL,CAAC;AAAA,CACH,CAAC;;AAEH;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMI,8BAA8B,GAAGA,CAC5CC,eAAsC,EACtCf,OAAe,MACQ;EACvB,CAACA,OAAO,GAAGe,eAAe,CAAC9B,MAAM,CAAC,CAACC,GAAG,EAAA8B,KAAA,KAA0B;IAAA,IAAxB;MAAEJ,IAAI;MAAED;IAAU,CAAC,GAAAK,KAAA;IACzD,IAAIL,SAAS,EAAE;MACbzB,GAAG,CAACyB,SAAS,CAAC,KAAK,CAAC,CAAC;MACrB,MAAMM,iBAAiB,GAAG/B,GAAG,CAACyB,SAAS,CAA4B;MACnEM,iBAAiB,CAACL,IAAI,CAAC,GAAG,IAAI;IAChC,CAAC,MAAM;MACL1B,GAAG,CAAC0B,IAAI,CAAC,GAAG,IAAI;IAClB;IACA,OAAO1B,GAAG;EACZ,CAAC,EAAE,CAAC,CAAsB;AAC5B,CAAC,CAAC"}
|
|
@@ -1,10 +1,9 @@
|
|
|
1
1
|
import { DcqlQuery, DcqlError } from "dcql";
|
|
2
2
|
import { isValiError } from "valibot";
|
|
3
3
|
import { CredentialsNotFoundError } from "../common/errors";
|
|
4
|
-
import * as mdocUtils from "./utils.mdoc";
|
|
5
4
|
import * as sdJwtUtils from "../common/utils/sd-jwt";
|
|
6
|
-
import
|
|
7
|
-
import { extractFailedCredentialsDetails, getDcqlQueryMatches, getPresentationFrameFromDcqlMatch } from "../common/utils/dcql";
|
|
5
|
+
import * as mdocUtils from "../common/utils/mdoc";
|
|
6
|
+
import { extractFailedCredentialsDetails, getDcqlQueryMatches, getClaimsFromDcqlMatch, getPresentationFrameFromDcqlMatch } from "../common/utils/dcql";
|
|
8
7
|
export const evaluateDcqlQuery = async function (query, credentialsSdJwt) {
|
|
9
8
|
let credentialsMdoc = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : [];
|
|
10
9
|
const credentials = (await Promise.all([sdJwtUtils.mapCredentialsToObj(credentialsSdJwt), mdocUtils.mapCredentialsToObj(credentialsMdoc)])).flat();
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["DcqlQuery","DcqlError","isValiError","CredentialsNotFoundError","
|
|
1
|
+
{"version":3,"names":["DcqlQuery","DcqlError","isValiError","CredentialsNotFoundError","sdJwtUtils","mdocUtils","extractFailedCredentialsDetails","getDcqlQueryMatches","getClaimsFromDcqlMatch","getPresentationFrameFromDcqlMatch","evaluateDcqlQuery","query","credentialsSdJwt","credentialsMdoc","arguments","length","undefined","credentials","Promise","all","mapCredentialsToObj","flat","credentialsById","reduce","acc","c","vct","doctype","original_credential","parsedQuery","parse","validate","queryResult","can_be_satisfied","map","_ref","_queryResult$credenti","_match$valid_credenti","id","match","purposes","credential_sets","filter","set","_set$matching_options","matching_options","includes","credentialSet","_credentialSet$purpos","description","purpose","toString","required","Boolean","matchOutput","valid_credentials","meta","output","credential_format","keyTag","credential","requiredDisclosures","presentationFrame","format","getPresentationFrameFromClaims","Error","error","message","code","cause","issues"],"sourceRoot":"../../../../../src","sources":["credential/presentation/v1.3.3/06-evaluate-dcql-query.ts"],"mappings":"AAAA,SAASA,SAAS,EAAEC,SAAS,QAAQ,MAAM;AAC3C,SAASC,WAAW,QAAQ,SAAS;AACrC,SAASC,wBAAwB,QAAQ,kBAAkB;AAE3D,OAAO,KAAKC,UAAU,MAAM,wBAAwB;AACpD,OAAO,KAAKC,SAAS,MAAM,sBAAsB;AAEjD,SACEC,+BAA+B,EAC/BC,mBAAmB,EACnBC,sBAAsB,EACtBC,iCAAiC,QAC5B,sBAAsB;AAE7B,OAAO,MAAMC,iBAA6D,GACxE,eAAAA,CAAOC,KAAK,EAAEC,gBAAgB,EAA2B;EAAA,IAAzBC,eAAe,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,EAAE;EAClD,MAAMG,WAAW,GAAG,CAClB,MAAMC,OAAO,CAACC,GAAG,CAAC,CAChBf,UAAU,CAACgB,mBAAmB,CAACR,gBAAgB,CAAC,EAChDP,SAAS,CAACe,mBAAmB,CAACP,eAAe,CAAC,CAC/C,CAAC,EACFQ,IAAI,CAAC,CAAC;;EAER;EACA,MAAMC,eAAe,GAAGL,WAAW,CAACM,MAAM,CACxC,CAACC,GAAG,EAAEC,CAAC,MAAM;IACX,GAAGD,GAAG;IACN,CAAC,KAAK,IAAIC,CAAC,GAAGA,CAAC,CAACC,GAAG,GAAGD,CAAC,CAACE,OAAO,GAAGF,CAAC,CAACG;EACtC,CAAC,CAAC,EACF,CAAC,CACH,CAAC;EAED,IAAI;IACF;IACA,MAAMC,WAAW,GAAG7B,SAAS,CAAC8B,KAAK,CAACnB,KAAK,CAAC;IAC1CX,SAAS,CAAC+B,QAAQ,CAACF,WAAW,CAAC;IAE/B,MAAMG,WAAW,GAAGhC,SAAS,CAACW,KAAK,CAACkB,WAAW,EAAEZ,WAAW,CAAC;IAE7D,IAAI,CAACe,WAAW,CAACC,gBAAgB,EAAE;MACjC,MAAM,IAAI9B,wBAAwB,CAChCG,+BAA+B,CAAC0B,WAAW,CAC7C,CAAC;IACH;IAEA,OAAOzB,mBAAmB,CAACyB,WAAW,CAAC,CAACE,GAAG,CAACC,IAAA,IAAiB;MAAA,IAAAC,qBAAA,EAAAC,qBAAA;MAAA,IAAhB,CAACC,EAAE,EAAEC,KAAK,CAAC,GAAAJ,IAAA;MACtD,MAAMK,QAAQ,IAAAJ,qBAAA,GAAGJ,WAAW,CAACS,eAAe,cAAAL,qBAAA,gBAAAA,qBAAA,GAA3BA,qBAAA,CACbM,MAAM,CAAEC,GAAG;QAAA,IAAAC,qBAAA;QAAA,QAAAA,qBAAA,GAAKD,GAAG,CAACE,gBAAgB,cAAAD,qBAAA,uBAApBA,qBAAA,CAAsBvB,IAAI,CAAC,CAAC,CAACyB,QAAQ,CAACR,EAAE,CAAC;MAAA,EAAC,cAAAF,qBAAA,uBAD7CA,qBAAA,CAEbF,GAAG,CAAqBa,aAAa;QAAA,IAAAC,qBAAA;QAAA,OAAM;UAC3CC,WAAW,GAAAD,qBAAA,GAAED,aAAa,CAACG,OAAO,cAAAF,qBAAA,uBAArBA,qBAAA,CAAuBG,QAAQ,CAAC,CAAC;UAC9CC,QAAQ,EAAEC,OAAO,CAACN,aAAa,CAACK,QAAQ;QAC1C,CAAC;MAAA,CAAC,CAAC;MAEL,MAAME,WAAW,IAAAjB,qBAAA,GAAGE,KAAK,CAACgB,iBAAiB,CAAC,CAAC,CAAC,cAAAlB,qBAAA,uBAA1BA,qBAAA,CAA4BmB,IAAI,CAACC,MAAM;MAE3D,IAAI,CAAAH,WAAW,aAAXA,WAAW,uBAAXA,WAAW,CAAEI,iBAAiB,MAAK,WAAW,EAAE;QAClD,MAAM;UAAEhC;QAAI,CAAC,GAAG4B,WAAW;QAC3B,MAAM,CAACK,MAAM,EAAEC,UAAU,CAAC,GAAGtC,eAAe,CAACI,GAAG,CAAE;QAElD,MAAMmC,mBAAmB,GAAGrD,sBAAsB,CAAC+B,KAAK,CAAC;QACzD,MAAMuB,iBAAiB,GAAGrD,iCAAiC,CACzD8B,KAAK,EACLV,WACF,CAAC;QAED,OAAO;UACLS,EAAE;UACFZ,GAAG;UACHiC,MAAM;UACNI,MAAM,EAAET,WAAW,CAACI,iBAAiB;UACrCE,UAAU;UACVC,mBAAmB;UACnBC,iBAAiB;UACjB;UACA;UACAtB,QAAQ,EAAEA,QAAQ,IAAI,CAAC;YAAEY,QAAQ,EAAE;UAAK,CAAC;QAC3C,CAAC;MACH;MAEA,IAAI,CAAAE,WAAW,aAAXA,WAAW,uBAAXA,WAAW,CAAEI,iBAAiB,MAAK,UAAU,EAAE;QACjD,MAAM;UAAE/B;QAAQ,CAAC,GAAG2B,WAAW;QAC/B,MAAM,CAACK,MAAM,EAAEC,UAAU,CAAC,GAAGtC,eAAe,CAACK,OAAO,CAAE;QAEtD,MAAMkC,mBAAmB,GAAGxD,SAAS,CAACG,sBAAsB,CAAC+B,KAAK,CAAC;QACnE,MAAMuB,iBAAiB,GAAGzD,SAAS,CAAC2D,8BAA8B,CAChEH,mBAAmB,EACnBlC,OACF,CAAC;QAED,OAAO;UACLW,EAAE;UACFX,OAAO;UACPgC,MAAM;UACNI,MAAM,EAAET,WAAW,CAACI,iBAAiB;UACrCE,UAAU;UACVC,mBAAmB;UACnBC,iBAAiB;UACjBtB,QAAQ,EAAEA,QAAQ,IAAI,CAAC;YAAEY,QAAQ,EAAE;UAAK,CAAC;QAC3C,CAAC;MACH;MAEA,MAAM,IAAIa,KAAK,CACZ,kCAAiCX,WAAW,aAAXA,WAAW,uBAAXA,WAAW,CAAEI,iBAAkB,EACnE,CAAC;IACH,CAAC,CAAC;EACJ,CAAC,CAAC,OAAOQ,KAAK,EAAE;IACd;IACA,IAAIhE,WAAW,CAACgE,KAAK,CAAC,EAAE;MACtB,MAAM,IAAIjE,SAAS,CAAC;QAClBkE,OAAO,EAAE,yCAAyC;QAClDC,IAAI,EAAE,aAAa;QACnBC,KAAK,EAAEH,KAAK,CAACI;MACf,CAAC,CAAC;IACJ;;IAEA;IACA,MAAMJ,KAAK;EACb;AACF,CAAC"}
|
|
@@ -111,15 +111,16 @@ const res = await wallet.CredentialStatus.statusList.get(
|
|
|
111
111
|
);
|
|
112
112
|
|
|
113
113
|
// Verify and parse the status list response to get the credential status
|
|
114
|
-
const { status } =
|
|
114
|
+
const { status, statusBit } =
|
|
115
115
|
await wallet.CredentialStatus.statusList.verifyAndParse(
|
|
116
|
-
issuerConf,
|
|
116
|
+
issuerConf.keys,
|
|
117
117
|
res
|
|
118
118
|
);
|
|
119
119
|
|
|
120
120
|
return {
|
|
121
121
|
statusList: res.statusList,
|
|
122
122
|
status,
|
|
123
|
+
statusBit,
|
|
123
124
|
};
|
|
124
125
|
```
|
|
125
126
|
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import { CBOR } from "@pagopa/io-react-native-iso18013";
|
|
2
|
+
import { decode as decodeJwt } from "@pagopa/io-react-native-jwt";
|
|
2
3
|
import { getStatusListFromJWT } from "@sd-jwt/jwt-status-list";
|
|
3
4
|
import { IoWalletError } from "../../../utils/errors";
|
|
4
5
|
import { hasStatusOrThrow } from "../../../utils/misc";
|
|
@@ -26,11 +27,32 @@ export const getStatusList = async function (credential, format) {
|
|
|
26
27
|
uri,
|
|
27
28
|
idx
|
|
28
29
|
} = await getStatusListEntry(credential, format);
|
|
29
|
-
const
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
30
|
+
const fetchStatusList = function () {
|
|
31
|
+
let options = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};
|
|
32
|
+
return appFetch(uri, {
|
|
33
|
+
headers: {
|
|
34
|
+
Accept: "application/statuslist+jwt",
|
|
35
|
+
...(options.cacheDisabled && {
|
|
36
|
+
"Cache-Control": "no-cache"
|
|
37
|
+
})
|
|
38
|
+
}
|
|
39
|
+
}).then(hasStatusOrThrow(200)).then(response => response.text());
|
|
40
|
+
};
|
|
41
|
+
|
|
42
|
+
// When the HTTP response includes cache headers, fetch will return a cached response and the JWT might be expired
|
|
43
|
+
let statusList = await fetchStatusList();
|
|
44
|
+
const decoded = decodeJwt(statusList);
|
|
45
|
+
const {
|
|
46
|
+
exp
|
|
47
|
+
} = decoded.payload;
|
|
48
|
+
|
|
49
|
+
// If the status list JWT is expired, try to fetch it again bypassing the HTTP cache.
|
|
50
|
+
// If it is still expired after the refetch, `verifyAndParseStatusList` will throw.
|
|
51
|
+
if (exp && exp < Math.floor(Date.now() / 1000)) {
|
|
52
|
+
statusList = await fetchStatusList({
|
|
53
|
+
cacheDisabled: true
|
|
54
|
+
});
|
|
55
|
+
}
|
|
34
56
|
return {
|
|
35
57
|
statusList,
|
|
36
58
|
uri,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["CBOR","getStatusListFromJWT","IoWalletError","hasStatusOrThrow","getStatusListEntry","credential","format","statusListEntry","_decoded$issuerAuth","decoded","
|
|
1
|
+
{"version":3,"names":["CBOR","decode","decodeJwt","getStatusListFromJWT","IoWalletError","hasStatusOrThrow","getStatusListEntry","credential","format","statusListEntry","_decoded$issuerAuth","decoded","issuerAuth","payload","status","status_list","getStatusList","appFetch","fetch","arguments","length","undefined","uri","idx","fetchStatusList","options","headers","Accept","cacheDisabled","then","response","text","statusList","exp","Math","floor","Date","now"],"sourceRoot":"../../../../../src","sources":["credential/status/v1.3.3/01-status-list.ts"],"mappings":"AAAA,SAASA,IAAI,QAAQ,kCAAkC;AACvD,SAASC,MAAM,IAAIC,SAAS,QAAQ,6BAA6B;AACjE,SACEC,oBAAoB,QAEf,yBAAyB;AAChC,SAASC,aAAa,QAAQ,uBAAuB;AACrD,SAASC,gBAAgB,QAAQ,qBAAqB;AAItD,MAAMC,kBAAkB,GAAG,MAAAA,CACzBC,UAAkB,EAClBC,MAAwB,KACK;EAC7B,IAAIC,eAA4C;EAEhD,IAAID,MAAM,KAAK,UAAU,EAAE;IAAA,IAAAE,mBAAA;IACzB;IACA,MAAMC,OAAO,GAAG,MAAMX,IAAI,CAACC,MAAM,CAACM,UAAU,CAAC;IAC7CE,eAAe,IAAAC,mBAAA,GAAGC,OAAO,CAACC,UAAU,cAAAF,mBAAA,gBAAAA,mBAAA,GAAlBA,mBAAA,CAAoBG,OAAO,cAAAH,mBAAA,gBAAAA,mBAAA,GAA3BA,mBAAA,CAA6BI,MAAM,cAAAJ,mBAAA,uBAAnCA,mBAAA,CAAqCK,WAAW;EACpE;EAEA,IAAIP,MAAM,KAAK,WAAW,EAAE;IAC1BC,eAAe,GAAGN,oBAAoB,CAACI,UAAU,CAAC;EACpD;EAEA,IAAI,CAACE,eAAe,EAAE;IACpB,MAAM,IAAIL,aAAa,CAAC,+CAA+C,CAAC;EAC1E;EAEA,OAAOK,eAAe;AACxB,CAAC;AAED,OAAO,MAAMO,aAAmC,GAAG,eAAAA,CACjDT,UAAU,EACVC,MAAM,EAEH;EAAA,IADH;IAAES,QAAQ,GAAGC;EAAM,CAAC,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EAEzB,MAAM;IAAEG,GAAG;IAAEC;EAAI,CAAC,GAAG,MAAMjB,kBAAkB,CAACC,UAAU,EAAEC,MAAM,CAAC;EAEjE,MAAMgB,eAAe,GAAG,SAAAA,CAAA;IAAA,IAACC,OAAoC,GAAAN,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;IAAA,OAChEF,QAAQ,CAACK,GAAG,EAAE;MACZI,OAAO,EAAE;QACPC,MAAM,EAAE,4BAA4B;QACpC,IAAIF,OAAO,CAACG,aAAa,IAAI;UAAE,eAAe,EAAE;QAAW,CAAC;MAC9D;IACF,CAAC,CAAC,CACCC,IAAI,CAACxB,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAC3BwB,IAAI,CAAEC,QAAQ,IAAKA,QAAQ,CAACC,IAAI,CAAC,CAAC,CAAC;EAAA;;EAExC;EACA,IAAIC,UAAU,GAAG,MAAMR,eAAe,CAAC,CAAC;EACxC,MAAMb,OAAO,GAAGT,SAAS,CAAC8B,UAAU,CAAC;EAErC,MAAM;IAAEC;EAAI,CAAC,GAAGtB,OAAO,CAACE,OAAO;;EAE/B;EACA;EACA,IAAIoB,GAAG,IAAIA,GAAG,GAAGC,IAAI,CAACC,KAAK,CAACC,IAAI,CAACC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,EAAE;IAC9CL,UAAU,GAAG,MAAMR,eAAe,CAAC;MAAEI,aAAa,EAAE;IAAK,CAAC,CAAC;EAC7D;EACA,OAAO;IAAEI,UAAU;IAAEV,GAAG;IAAEC,GAAG;IAAEf,MAAM,EAAE;EAAM,CAAC;AAChD,CAAC"}
|
|
@@ -1,17 +1,28 @@
|
|
|
1
1
|
import { verify } from "@pagopa/io-react-native-jwt";
|
|
2
2
|
import { getListFromStatusListJWT } from "@sd-jwt/jwt-status-list";
|
|
3
|
-
|
|
3
|
+
/**
|
|
4
|
+
* Mapping of status bits to their corresponding meaning as defined in the specification.
|
|
5
|
+
* @see https://italia.github.io/eid-wallet-it-docs/releases/1.3.3/en/credential-revocation.html#token-status-lists
|
|
6
|
+
*/
|
|
7
|
+
const CredentialStatusMap = {
|
|
8
|
+
0x00: "VALID",
|
|
9
|
+
0x01: "INVALID",
|
|
10
|
+
0x02: "SUSPENDED",
|
|
11
|
+
0x03: "UPDATE",
|
|
12
|
+
0x0b: "ATTRIBUTE_UPDATE"
|
|
13
|
+
};
|
|
14
|
+
export const verifyAndParseStatusList = async (keys, _ref) => {
|
|
4
15
|
let {
|
|
5
16
|
statusList: rawStatusList,
|
|
6
17
|
idx
|
|
7
18
|
} = _ref;
|
|
8
|
-
await verify(rawStatusList,
|
|
19
|
+
await verify(rawStatusList, keys);
|
|
9
20
|
const statusList = getListFromStatusListJWT(rawStatusList);
|
|
10
|
-
const
|
|
11
|
-
|
|
12
|
-
// TODO: [SIW-3992] Improve the return object with additional data, throw CredentialInvalidStatus when invalid
|
|
21
|
+
const statusBit = statusList.getStatus(idx);
|
|
22
|
+
const status = CredentialStatusMap[statusBit];
|
|
13
23
|
return {
|
|
14
|
-
status
|
|
24
|
+
status,
|
|
25
|
+
statusBit: `0x${statusBit.toString(16).padStart(2, "0").toUpperCase()}`
|
|
15
26
|
};
|
|
16
27
|
};
|
|
17
28
|
//# sourceMappingURL=02-verify-and-parse-status-list.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["verify","getListFromStatusListJWT","verifyAndParseStatusList","
|
|
1
|
+
{"version":3,"names":["verify","getListFromStatusListJWT","CredentialStatusMap","verifyAndParseStatusList","keys","_ref","statusList","rawStatusList","idx","statusBit","getStatus","status","toString","padStart","toUpperCase"],"sourceRoot":"../../../../../src","sources":["credential/status/v1.3.3/02-verify-and-parse-status-list.ts"],"mappings":"AAAA,SAASA,MAAM,QAAQ,6BAA6B;AACpD,SAASC,wBAAwB,QAAQ,yBAAyB;AAGlE;AACA;AACA;AACA;AACA,MAAMC,mBAAmB,GAAG;EAC1B,IAAI,EAAE,OAAO;EACb,IAAI,EAAE,SAAS;EACf,IAAI,EAAE,WAAW;EACjB,IAAI,EAAE,QAAQ;EACd,IAAI,EAAE;AACR,CAAU;AAIV,OAAO,MAAMC,wBAAyD,GAAG,MAAAA,CACvEC,IAAI,EAAAC,IAAA,KAED;EAAA,IADH;IAAEC,UAAU,EAAEC,aAAa;IAAEC;EAAI,CAAC,GAAAH,IAAA;EAElC,MAAML,MAAM,CAACO,aAAa,EAAEH,IAAI,CAAC;EAEjC,MAAME,UAAU,GAAGL,wBAAwB,CAACM,aAAa,CAAC;EAC1D,MAAME,SAAS,GAAGH,UAAU,CAACI,SAAS,CAACF,GAAG,CAAwB;EAClE,MAAMG,MAAM,GAAGT,mBAAmB,CAACO,SAAS,CAAC;EAE7C,OAAO;IACLE,MAAM;IACNF,SAAS,EAAG,KAAIA,SAAS,CAACG,QAAQ,CAAC,EAAE,CAAC,CAACC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAACC,WAAW,CAAC,CAAE;EACxE,CAAC;AACH,CAAC"}
|
package/lib/module/mdoc/index.js
CHANGED
|
@@ -1,10 +1,10 @@
|
|
|
1
1
|
import { CBOR, COSE, ISO18013_7 } from "@pagopa/io-react-native-iso18013";
|
|
2
2
|
import { b64utob64 } from "jsrsasign";
|
|
3
|
-
import {
|
|
4
|
-
import { MissingX509CertsError, X509ValidationError } from "../trust/common/errors";
|
|
3
|
+
import { MissingX509CertsError } from "../trust/common/errors";
|
|
5
4
|
import { IoWalletError } from "../utils/errors";
|
|
6
5
|
import { convertBase64DerToPem, getSigninJwkFromCert } from "../utils/crypto";
|
|
7
6
|
import { removePadding } from "@pagopa/io-react-native-jwt";
|
|
7
|
+
import { verifyX509Chain } from "../utils/x509";
|
|
8
8
|
export * from "./utils";
|
|
9
9
|
export const verify = async (token, x509CertRoot) => {
|
|
10
10
|
var _issuerSigned$issuerA;
|
|
@@ -18,7 +18,7 @@ export const verify = async (token, x509CertRoot) => {
|
|
|
18
18
|
}
|
|
19
19
|
const x5chain = issuerSigned.issuerAuth.unprotectedHeader.x5chain.map(b64utob64);
|
|
20
20
|
// Verify the x5chain
|
|
21
|
-
await
|
|
21
|
+
await verifyX509Chain(x5chain, x509CertRoot);
|
|
22
22
|
const coseSign1 = issuerSigned.issuerAuth.rawValue;
|
|
23
23
|
if (!coseSign1) {
|
|
24
24
|
throw new IoWalletError("Missing coseSign1");
|
|
@@ -30,27 +30,6 @@ export const verify = async (token, x509CertRoot) => {
|
|
|
30
30
|
};
|
|
31
31
|
};
|
|
32
32
|
|
|
33
|
-
/**
|
|
34
|
-
* This function checks whether the x509 certificate chain is valid against a specified Certificate Authority (CA)
|
|
35
|
-
*
|
|
36
|
-
* @param x5chain The mdoc's x509 certificate chain
|
|
37
|
-
* @param x509CertRoot The Trust Anchor CA
|
|
38
|
-
* @param options Options for certificate validation
|
|
39
|
-
*/
|
|
40
|
-
const verifyX5chain = async function (x5chain, x509CertRoot) {
|
|
41
|
-
let options = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : {
|
|
42
|
-
connectTimeout: 10000,
|
|
43
|
-
readTimeout: 10000,
|
|
44
|
-
requireCrl: true
|
|
45
|
-
};
|
|
46
|
-
const x509ValidationResult = await verifyCertificateChain(x5chain, x509CertRoot, options);
|
|
47
|
-
if (!x509ValidationResult.isValid) {
|
|
48
|
-
throw new X509ValidationError(`X.509 certificate chain validation failed. Status: ${x509ValidationResult.validationStatus}. Error: ${x509ValidationResult.errorMessage}`, {
|
|
49
|
-
x509ValidationStatus: x509ValidationResult.validationStatus,
|
|
50
|
-
x509ErrorMessage: x509ValidationResult.errorMessage
|
|
51
|
-
});
|
|
52
|
-
}
|
|
53
|
-
};
|
|
54
33
|
/**
|
|
55
34
|
* This function verifies that the signature is valid for the given certificate.
|
|
56
35
|
* If not, it throws an error
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["CBOR","COSE","ISO18013_7","b64utob64","
|
|
1
|
+
{"version":3,"names":["CBOR","COSE","ISO18013_7","b64utob64","MissingX509CertsError","IoWalletError","convertBase64DerToPem","getSigninJwkFromCert","removePadding","verifyX509Chain","verify","token","x509CertRoot","_issuerSigned$issuerA","issuerSigned","decodeIssuerSigned","issuerAuth","unprotectedHeader","x5chain","Array","isArray","length","map","coseSign1","rawValue","verifyMdocSignature","cert","pemcert","jwk","x","y","signatureCorrect","Error","prepareVpTokenMdoc","requestNonce","generatedNonce","clientId","responseUri","docType","keyTag","_ref","verifiableCredential","presentationFrame","documents","issuerSignedContent","alias","vp_token","generateOID4VPDeviceResponse"],"sourceRoot":"../../../src","sources":["mdoc/index.ts"],"mappings":"AAAA,SAASA,IAAI,EAAEC,IAAI,EAAEC,UAAU,QAAQ,kCAAkC;AACzE,SAASC,SAAS,QAAQ,WAAW;AAErC,SAASC,qBAAqB,QAAQ,wBAAwB;AAC9D,SAASC,aAAa,QAAQ,iBAAiB;AAC/C,SAASC,qBAAqB,EAAEC,oBAAoB,QAAQ,iBAAiB;AAE7E,SAASC,aAAa,QAAQ,6BAA6B;AAC3D,SAASC,eAAe,QAAQ,eAAe;AAC/C,cAAc,SAAS;AAEvB,OAAO,MAAMC,MAAM,GAAG,MAAAA,CACpBC,KAAa,EACbC,YAAoB,KAC6B;EAAA,IAAAC,qBAAA;EACjD;EACA,MAAMC,YAAY,GAAG,MAAMd,IAAI,CAACe,kBAAkB,CAACJ,KAAK,CAAC;EAEzD,IAAI,CAACG,YAAY,EAAE;IACjB,MAAM,IAAIT,aAAa,CAAC,cAAc,CAAC;EACzC;EAEA,IACE,GAAAQ,qBAAA,GAACC,YAAY,CAACE,UAAU,CAACC,iBAAiB,cAAAJ,qBAAA,eAAzCA,qBAAA,CAA2CK,OAAO,MAClD,CAACC,KAAK,CAACC,OAAO,CAACN,YAAY,CAACE,UAAU,CAACC,iBAAiB,CAACC,OAAO,CAAC,IAChEJ,YAAY,CAACE,UAAU,CAACC,iBAAiB,CAACC,OAAO,CAACG,MAAM,KAAK,CAAC,CAAC,EACjE;IACA,MAAM,IAAIjB,qBAAqB,CAAC,2BAA2B,CAAC;EAC9D;EACA,MAAMc,OAAO,GACXJ,YAAY,CAACE,UAAU,CAACC,iBAAiB,CAACC,OAAO,CAACI,GAAG,CAACnB,SAAS,CAAC;EAClE;EACA,MAAMM,eAAe,CAACS,OAAO,EAAEN,YAAY,CAAC;EAE5C,MAAMW,SAAS,GAAGT,YAAY,CAACE,UAAU,CAACQ,QAAQ;EAElD,IAAI,CAACD,SAAS,EAAE;IACd,MAAM,IAAIlB,aAAa,CAAC,mBAAmB,CAAC;EAC9C;EACA;EACA,MAAMoB,mBAAmB,CAACF,SAAS,EAAEL,OAAO,CAAC,CAAC,CAAE,CAAC;EAEjD,OAAO;IAAEJ;EAAa,CAAC;AACzB,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMW,mBAAmB,GAAG,MAAAA,CAAOF,SAAiB,EAAEG,IAAY,KAAK;EACrE,MAAMC,OAAO,GAAGrB,qBAAqB,CAACoB,IAAI,CAAC;EAC3C,MAAME,GAAG,GAAGrB,oBAAoB,CAACoB,OAAO,CAAC;EAEzCC,GAAG,CAACC,CAAC,GAAG1B,SAAS,CAACyB,GAAG,CAACC,CAAE,CAAC;EACzBD,GAAG,CAACE,CAAC,GAAG3B,SAAS,CAACyB,GAAG,CAACE,CAAE,CAAC;EAEzB,MAAMC,gBAAgB,GAAG,MAAM9B,IAAI,CAACS,MAAM,CAACa,SAAS,EAAEK,GAAgB,CAAC;EAEvE,IAAI,CAACG,gBAAgB,EAAE,MAAM,IAAIC,KAAK,CAAC,wBAAwB,CAAC;AAClE,CAAC;AAED,OAAO,MAAMC,kBAAkB,GAAG,MAAAA,CAChCC,YAAoB,EACpBC,cAAsB,EACtBC,QAAgB,EAChBC,WAAmB,EACnBC,OAAe,EACfC,MAAc,EAAAC,IAAA,KAIV;EAAA,IAHJ,CAACC,oBAAoB,EAAEC,iBAAiB,CAAe,GAAAF,IAAA;EAIvD;EACA,MAAMG,SAAS,GAAG,CAChB;IACEC,mBAAmB,EAAEzC,SAAS,CAACsC,oBAAoB,CAAC;IACpDI,KAAK,EAAEN,MAAM;IACbD;EACF,CAAC,CACF;;EAED;EACA;EACA,MAAMQ,QAAQ,GAAG,MAAM5C,UAAU,CAAC6C,4BAA4B,CAC5DX,QAAQ,EACRC,WAAW,EACXH,YAAY,EACZC,cAAc,EACdQ,SAAS,EACTD,iBACF,CAAC;EAED,OAAO;IACLI,QAAQ,EAAEtC,aAAa,CAACsC,QAAQ;EAClC,CAAC;AACH,CAAC"}
|
|
@@ -21,20 +21,8 @@ describe("Verification.time", () => {
|
|
|
21
21
|
});
|
|
22
22
|
it("rejects invalid type", () => {
|
|
23
23
|
const value = {
|
|
24
|
-
trust_framework: "eidas",
|
|
25
|
-
assurance_level: "high"
|
|
26
|
-
evidence: [{
|
|
27
|
-
type: "vouch",
|
|
28
|
-
time: null,
|
|
29
|
-
attestation: {
|
|
30
|
-
type: "digital_attestation",
|
|
31
|
-
reference_number: "abc",
|
|
32
|
-
date_of_issuance: "2025-09-02",
|
|
33
|
-
voucher: {
|
|
34
|
-
organization: "IPZS"
|
|
35
|
-
}
|
|
36
|
-
}
|
|
37
|
-
}]
|
|
24
|
+
trust_framework: ["eidas"],
|
|
25
|
+
assurance_level: "high"
|
|
38
26
|
};
|
|
39
27
|
expect(Verification.safeParse(value).success).toBe(false);
|
|
40
28
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["Verification","describe","test","each","_label","time","value","trust_framework","assurance_level","evidence","type","attestation","reference_number","date_of_issuance","voucher","organization","expect","safeParse","success","toBe","it"],"sourceRoot":"../../../../src","sources":["sd-jwt/__test__/types.test.ts"],"mappings":"AAAA,SAASA,YAAY,QAAQ,UAAU;AAEvCC,QAAQ,CAAC,mBAAmB,EAAE,MAAM;EAClCC,IAAI,CAACC,IAAI,CAAC,CACR,CAAC,YAAY,EAAE,sBAAsB,CAAC,EACtC,CAAC,cAAc,EAAE,UAAU,CAAC,EAC5B,CAAC,mBAAmB,EAAE,aAAa,CAAC,CACrC,CAAC,CAAC,YAAY,EAAE,CAACC,MAAM,EAAEC,IAAI,KAAK;IACjC,MAAMC,KAAK,GAAG;MACZC,eAAe,EAAE,OAAO;MACxBC,eAAe,EAAE,MAAM;MACvBC,QAAQ,EAAE,CACR;QACEC,IAAI,EAAE,OAAO;QACbL,IAAI;QACJM,WAAW,EAAE;UACXD,IAAI,EAAE,qBAAqB;UAC3BE,gBAAgB,EAAE,KAAK;UACvBC,gBAAgB,EAAE,YAAY;UAC9BC,OAAO,EAAE;YAAEC,YAAY,EAAE;UAAO;QAClC;MACF,CAAC;IAEL,CAAC;IAEDC,MAAM,CAAChB,YAAY,CAACiB,SAAS,CAACX,KAAK,CAAC,CAACY,OAAO,CAAC,CAACC,IAAI,CAAC,IAAI,CAAC;EAC1D,CAAC,CAAC;EAEFC,EAAE,CAAC,sBAAsB,EAAE,MAAM;IAC/B,MAAMd,KAAK,GAAG;MACZC,eAAe,EAAE,
|
|
1
|
+
{"version":3,"names":["Verification","describe","test","each","_label","time","value","trust_framework","assurance_level","evidence","type","attestation","reference_number","date_of_issuance","voucher","organization","expect","safeParse","success","toBe","it"],"sourceRoot":"../../../../src","sources":["sd-jwt/__test__/types.test.ts"],"mappings":"AAAA,SAASA,YAAY,QAAQ,UAAU;AAEvCC,QAAQ,CAAC,mBAAmB,EAAE,MAAM;EAClCC,IAAI,CAACC,IAAI,CAAC,CACR,CAAC,YAAY,EAAE,sBAAsB,CAAC,EACtC,CAAC,cAAc,EAAE,UAAU,CAAC,EAC5B,CAAC,mBAAmB,EAAE,aAAa,CAAC,CACrC,CAAC,CAAC,YAAY,EAAE,CAACC,MAAM,EAAEC,IAAI,KAAK;IACjC,MAAMC,KAAK,GAAG;MACZC,eAAe,EAAE,OAAO;MACxBC,eAAe,EAAE,MAAM;MACvBC,QAAQ,EAAE,CACR;QACEC,IAAI,EAAE,OAAO;QACbL,IAAI;QACJM,WAAW,EAAE;UACXD,IAAI,EAAE,qBAAqB;UAC3BE,gBAAgB,EAAE,KAAK;UACvBC,gBAAgB,EAAE,YAAY;UAC9BC,OAAO,EAAE;YAAEC,YAAY,EAAE;UAAO;QAClC;MACF,CAAC;IAEL,CAAC;IAEDC,MAAM,CAAChB,YAAY,CAACiB,SAAS,CAACX,KAAK,CAAC,CAACY,OAAO,CAAC,CAACC,IAAI,CAAC,IAAI,CAAC;EAC1D,CAAC,CAAC;EAEFC,EAAE,CAAC,sBAAsB,EAAE,MAAM;IAC/B,MAAMd,KAAK,GAAG;MACZC,eAAe,EAAE,CAAC,OAAO,CAAC;MAC1BC,eAAe,EAAE;IACnB,CAAC;IAEDQ,MAAM,CAAChB,YAAY,CAACiB,SAAS,CAACX,KAAK,CAAC,CAACY,OAAO,CAAC,CAACC,IAAI,CAAC,KAAK,CAAC;EAC3D,CAAC,CAAC;AACJ,CAAC,CAAC"}
|
|
@@ -3,18 +3,6 @@ import { getVerification } from "..";
|
|
|
3
3
|
describe("SD-JWT getVerification", () => {
|
|
4
4
|
it("extracts the verification claims correctly", () => {
|
|
5
5
|
expect(getVerification(pid)).toEqual({
|
|
6
|
-
evidence: [{
|
|
7
|
-
attestation: {
|
|
8
|
-
date_of_issuance: "2025-06-23",
|
|
9
|
-
voucher: {
|
|
10
|
-
organization: "Ministero dell'Interno"
|
|
11
|
-
},
|
|
12
|
-
type: "digital_attestation",
|
|
13
|
-
reference_number: "123456789"
|
|
14
|
-
},
|
|
15
|
-
time: "2025-06-23T13:14:25Z",
|
|
16
|
-
type: "vouch"
|
|
17
|
-
}],
|
|
18
6
|
trust_framework: "it_cie",
|
|
19
7
|
assurance_level: "high"
|
|
20
8
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["legacyPid","pid","getVerification","describe","it","expect","toEqual","
|
|
1
|
+
{"version":3,"names":["legacyPid","pid","getVerification","describe","it","expect","toEqual","trust_framework","assurance_level","toBeUndefined"],"sourceRoot":"../../../../src","sources":["sd-jwt/__test__/utils.test.ts"],"mappings":"AAAA,SAASA,SAAS,EAAEC,GAAG,QAAQ,qBAAqB;AACpD,SAASC,eAAe,QAAQ,IAAI;AAEpCC,QAAQ,CAAC,wBAAwB,EAAE,MAAM;EACvCC,EAAE,CAAC,4CAA4C,EAAE,MAAM;IACrDC,MAAM,CAACH,eAAe,CAACD,GAAG,CAAC,CAAC,CAACK,OAAO,CAAC;MACnCC,eAAe,EAAE,QAAQ;MACzBC,eAAe,EAAE;IACnB,CAAC,CAAC;EACJ,CAAC,CAAC;EAEFJ,EAAE,CAAC,4DAA4D,EAAE,MAAM;IACrEC,MAAM,CAACH,eAAe,CAACF,SAAS,CAAC,CAAC,CAACS,aAAa,CAAC,CAAC;EACpD,CAAC,CAAC;AACJ,CAAC,CAAC"}
|
|
@@ -58,20 +58,7 @@ export const SdJwt4VCBase = z.object({
|
|
|
58
58
|
|
|
59
59
|
export const Verification = z.object({
|
|
60
60
|
trust_framework: z.string(),
|
|
61
|
-
assurance_level: z.string()
|
|
62
|
-
evidence: z.array(z.object({
|
|
63
|
-
type: z.literal("vouch"),
|
|
64
|
-
// Support both string and UNIX timestamp for backward compatibility
|
|
65
|
-
time: z.union([z.string(), z.number()]),
|
|
66
|
-
attestation: z.object({
|
|
67
|
-
type: z.literal("digital_attestation"),
|
|
68
|
-
reference_number: z.string(),
|
|
69
|
-
date_of_issuance: z.string(),
|
|
70
|
-
voucher: z.object({
|
|
71
|
-
organization: z.string()
|
|
72
|
-
})
|
|
73
|
-
})
|
|
74
|
-
}))
|
|
61
|
+
assurance_level: z.string()
|
|
75
62
|
});
|
|
76
63
|
|
|
77
64
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["z","UnixTime","JWK","LEGACY_SD_JWT","StatusAssertion","object","credential_hash_alg","literal","StatusList","idx","string","uri","SdJwt4VCBase","header","typ","enum","alg","kid","trust_chain","array","optional","x5c","vctm","payload","_sd","_sd_alg","iss","sub","iat","exp","cnf","jwk","status","union","status_list","status_assertion","vct","Verification","trust_framework","assurance_level","
|
|
1
|
+
{"version":3,"names":["z","UnixTime","JWK","LEGACY_SD_JWT","StatusAssertion","object","credential_hash_alg","literal","StatusList","idx","string","uri","SdJwt4VCBase","header","typ","enum","alg","kid","trust_chain","array","optional","x5c","vctm","payload","_sd","_sd_alg","iss","sub","iat","exp","cnf","jwk","status","union","status_list","status_assertion","vct","Verification","trust_framework","assurance_level","TypeMetadata","name","description","data_source","authentic_source","organization_name","organization_code","contacts","homepage_uri","url","logo_uri"],"sourceRoot":"../../../src","sources":["sd-jwt/types.ts"],"mappings":"AAAA,SAASA,CAAC,QAAQ,KAAK;AACvB,SAASC,QAAQ,QAAQ,cAAc;AACvC,SAASC,GAAG,QAAQ,cAAc;;AAElC;AACA;AACA;AACA;;AAEA,OAAO,MAAMC,aAAa,GAAG,WAAW;AAExC,MAAMC,eAAe,GAAGJ,CAAC,CAACK,MAAM,CAAC;EAC/BC,mBAAmB,EAAEN,CAAC,CAACO,OAAO,CAAC,SAAS;AAC1C,CAAC,CAAC;AAEF,MAAMC,UAAU,GAAGR,CAAC,CAACK,MAAM,CAAC;EAC1BI,GAAG,EAAET,CAAC,CAACU,MAAM,CAAC,CAAC;EACfC,GAAG,EAAEX,CAAC,CAACU,MAAM,CAAC;AAChB,CAAC,CAAC;;AAEF;AACA;AACA;AACA;;AAEA,OAAO,MAAME,YAAY,GAAGZ,CAAC,CAACK,MAAM,CAAC;EACnCQ,MAAM,EAAEb,CAAC,CAACK,MAAM,CAAC;IACfS,GAAG,EAAEd,CAAC,CAACe,IAAI,CAAC,CAAC,WAAW,EAAEZ,aAAa,CAAC,CAAC;IACzCa,GAAG,EAAEhB,CAAC,CAACU,MAAM,CAAC,CAAC;IACfO,GAAG,EAAEjB,CAAC,CAACU,MAAM,CAAC,CAAC;IACfQ,WAAW,EAAElB,CAAC,CAACmB,KAAK,CAACnB,CAAC,CAACU,MAAM,CAAC,CAAC,CAAC,CAACU,QAAQ,CAAC,CAAC;IAC3CC,GAAG,EAAErB,CAAC,CAACmB,KAAK,CAACnB,CAAC,CAACU,MAAM,CAAC,CAAC,CAAC,CAACU,QAAQ,CAAC,CAAC;IACnCE,IAAI,EAAEtB,CAAC,CAACmB,KAAK,CAACnB,CAAC,CAACU,MAAM,CAAC,CAAC,CAAC,CAACU,QAAQ,CAAC;EACrC,CAAC,CAAC;EACFG,OAAO,EAAEvB,CAAC,CAACK,MAAM,CAAC;IAChBmB,GAAG,EAAExB,CAAC,CAACmB,KAAK,CAACnB,CAAC,CAACU,MAAM,CAAC,CAAC,CAAC;IACxBe,OAAO,EAAEzB,CAAC,CAACO,OAAO,CAAC,SAAS,CAAC;IAC7BmB,GAAG,EAAE1B,CAAC,CAACU,MAAM,CAAC,CAAC;IACfiB,GAAG,EAAE3B,CAAC,CAACU,MAAM,CAAC,CAAC;IACfkB,GAAG,EAAE3B,QAAQ,CAACmB,QAAQ,CAAC,CAAC;IACxBS,GAAG,EAAE5B,QAAQ;IACb6B,GAAG,EAAE9B,CAAC,CAACK,MAAM,CAAC;MACZ0B,GAAG,EAAE7B;IACP,CAAC,CAAC;IACF8B,MAAM,EAAEhC,CAAC,CAACiC,KAAK,CAAC,CACdjC,CAAC,CAACK,MAAM,CAAC;MACP6B,WAAW,EAAE1B;IACf,CAAC,CAAC,EACFR,CAAC,CAACK,MAAM,CAAC;MACP;MACA8B,gBAAgB,EAAE/B;IACpB,CAAC,CAAC,CACH,CAAC;IACFgC,GAAG,EAAEpC,CAAC,CAACU,MAAM,CAAC,CAAC;IACf,eAAe,EAAEV,CAAC,CAACU,MAAM,CAAC,CAAC,CAACU,QAAQ,CAAC;EACvC,CAAC;AACH,CAAC,CAAC;;AAEF;AACA;AACA;AACA;;AAEA,OAAO,MAAMiB,YAAY,GAAGrC,CAAC,CAACK,MAAM,CAAC;EACnCiC,eAAe,EAAEtC,CAAC,CAACU,MAAM,CAAC,CAAC;EAC3B6B,eAAe,EAAEvC,CAAC,CAACU,MAAM,CAAC;AAC5B,CAAC,CAAC;;AAEF;AACA;AACA;AACA;AACA;;AAEA,OAAO,MAAM8B,YAAY,GAAGxC,CAAC,CAACK,MAAM,CAAC;EACnCoC,IAAI,EAAEzC,CAAC,CAACU,MAAM,CAAC,CAAC;EAChBgC,WAAW,EAAE1C,CAAC,CAACU,MAAM,CAAC,CAAC;EACvBiC,WAAW,EAAE3C,CAAC,CAACK,MAAM,CAAC;IACpBiC,eAAe,EAAEtC,CAAC,CAACU,MAAM,CAAC,CAAC;IAC3BkC,gBAAgB,EAAE5C,CAAC,CAACK,MAAM,CAAC;MACzBwC,iBAAiB,EAAE7C,CAAC,CAACU,MAAM,CAAC,CAAC;MAC7BoC,iBAAiB,EAAE9C,CAAC,CAACU,MAAM,CAAC,CAAC;MAC7BqC,QAAQ,EAAE/C,CAAC,CAACmB,KAAK,CAACnB,CAAC,CAACU,MAAM,CAAC,CAAC,CAAC;MAC7BsC,YAAY,EAAEhD,CAAC,CAACU,MAAM,CAAC,CAAC,CAACuC,GAAG,CAAC,CAAC;MAC9BC,QAAQ,EAAElD,CAAC,CAACU,MAAM,CAAC,CAAC,CAACuC,GAAG,CAAC;IAC3B,CAAC;EACH,CAAC;AACH,CAAC,CAAC"}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { EncryptJwe, getJwkFromHeader } from "@pagopa/io-react-native-jwt";
|
|
1
|
+
import { EncryptJwe, getJwkFromHeader, SignJWT } from "@pagopa/io-react-native-jwt";
|
|
2
2
|
import { verify } from "@pagopa/io-react-native-jwt";
|
|
3
3
|
import { digest } from "@sd-jwt/crypto-nodejs";
|
|
4
4
|
import { X509 } from "jsrsasign";
|
|
@@ -113,4 +113,22 @@ export const createVerifyJwtFromJwks = jwks => {
|
|
|
113
113
|
}
|
|
114
114
|
};
|
|
115
115
|
};
|
|
116
|
+
|
|
117
|
+
/**
|
|
118
|
+
* Create a signJwt implementation that signs a JWT using the provided CryptoContext.
|
|
119
|
+
* @param cryptoContext The CryptoContext to use for signing the JWT
|
|
120
|
+
* @returns Function that implements `signJwt` callback
|
|
121
|
+
*/
|
|
122
|
+
export const createSignJwtFromCryptoContext = cryptoContext => {
|
|
123
|
+
return async function signJwt(jwtSigner, _ref2) {
|
|
124
|
+
let {
|
|
125
|
+
header,
|
|
126
|
+
payload
|
|
127
|
+
} = _ref2;
|
|
128
|
+
return {
|
|
129
|
+
jwt: await new SignJWT(cryptoContext).setProtectedHeader(header).setPayload(payload).sign(),
|
|
130
|
+
signerJwk: jwtSigner.method === "jwk" ? jwtSigner.publicJwk : await cryptoContext.getPublicKey()
|
|
131
|
+
};
|
|
132
|
+
};
|
|
133
|
+
};
|
|
116
134
|
//# sourceMappingURL=callbacks.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["EncryptJwe","getJwkFromHeader","verify","digest","X509","IoWalletError","assert","generateRandomBytes","getJwkFromCertificateChain","getJwkFromTrustChain","getJwkFromSigner","signer","method","x5c","trustChain","length","kid","publicJwk","partialCallbacks","generateRandom","hash","encryptJwe","_ref","data","alg","enc","jwe","encrypt","encryptionJwk","verifyJwt","jwtSigner","jwt","signerJwk","compact","verified","decryptJwe","getX509CertificateMetadata","certificate","x509","readCertPEM","sanExt","getExtSubjectAltName","sanDnsNames","sanUriNames","item","array","push","dns","uri","createVerifyJwtFromJwks","jwks","_","header"],"sourceRoot":"../../../src","sources":["utils/callbacks.ts"],"mappings":"AAAA,
|
|
1
|
+
{"version":3,"names":["EncryptJwe","getJwkFromHeader","SignJWT","verify","digest","X509","IoWalletError","assert","generateRandomBytes","getJwkFromCertificateChain","getJwkFromTrustChain","getJwkFromSigner","signer","method","x5c","trustChain","length","kid","publicJwk","partialCallbacks","generateRandom","hash","encryptJwe","_ref","data","alg","enc","jwe","encrypt","encryptionJwk","verifyJwt","jwtSigner","jwt","signerJwk","compact","verified","decryptJwe","getX509CertificateMetadata","certificate","x509","readCertPEM","sanExt","getExtSubjectAltName","sanDnsNames","sanUriNames","item","array","push","dns","uri","createVerifyJwtFromJwks","jwks","_","header","createSignJwtFromCryptoContext","cryptoContext","signJwt","_ref2","payload","setProtectedHeader","setPayload","sign","getPublicKey"],"sourceRoot":"../../../src","sources":["utils/callbacks.ts"],"mappings":"AAAA,SACEA,UAAU,EACVC,gBAAgB,EAChBC,OAAO,QAEF,6BAA6B;AACpC,SAASC,MAAM,QAAQ,6BAA6B;AAEpD,SAASC,MAAM,QAAQ,uBAAuB;AAC9C,SAASC,IAAI,QAAQ,WAAW;AAChC,SAASC,aAAa,QAAQ,UAAU;AACxC,SAASC,MAAM,EAAEC,mBAAmB,QAAQ,QAAQ;AAEpD,SAASC,0BAA0B,EAAEC,oBAAoB,QAAQ,UAAU;;AAO3E;;AAMA;AACA;AACA;AACA;AACA;AACA,MAAMC,gBAAgB,GAAG,MAAOC,MAAiB,IAAmB;EAClE,QAAQA,MAAM,CAACC,MAAM;IACnB,KAAK,KAAK;MACR,OAAOJ,0BAA0B,CAACG,MAAM,CAACE,GAAG,CAAC;IAC/C,KAAK,YAAY;MAAE;QACjBP,MAAM,CACJK,MAAM,CAACG,UAAU,IAAIH,MAAM,CAACG,UAAU,CAACC,MAAM,GAAG,CAAC,EACjD,+CACF,CAAC;QACD,OAAON,oBAAoB,CAACE,MAAM,CAACG,UAAU,EAAEH,MAAM,CAACK,GAAG,CAAC;MAC5D;IACA,KAAK,KAAK;MACR,OAAOL,MAAM,CAACM,SAAS;IACzB;MACE,MAAM,IAAIZ,aAAa,CAAE,8BAA6BM,MAAM,CAACC,MAAO,EAAC,CAAC;EAC1E;AACF,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMM,gBAAwC,GAAG;EACtDC,cAAc,EAAEZ,mBAAmB;EACnCa,IAAI,EAAEjB,MAAqB;EAC3BkB,UAAU,EAAE,MAAAA,CAAAC,IAAA,EAAqCC,IAAI;IAAA,IAAlC;MAAEN,SAAS;MAAEO,GAAG;MAAEC,GAAG;MAAET;IAAI,CAAC,GAAAM,IAAA;IAAA,OAAY;MACzD;MACAI,GAAG,EAAE,MAAM,IAAI3B,UAAU,CAACwB,IAAI,EAAE;QAAEC,GAAG;QAAEC,GAAG;QAAET;MAAI,CAAC,CAAC,CAACW,OAAO,CAACV,SAAS,CAAC;MACrEW,aAAa,EAAEX;IACjB,CAAC;EAAA,CAAC;EACFY,SAAS,EAAE,MAAAA,CAAOC,SAAS,EAAEC,GAAG,KAAK;IACnC,IAAI;MACF,MAAMC,SAAS,GAAG,MAAMtB,gBAAgB,CAACoB,SAAS,CAAC;MACnD,MAAM5B,MAAM,CAAC6B,GAAG,CAACE,OAAO,EAAED,SAAS,CAAC;MACpC,OAAO;QAAEE,QAAQ,EAAE,IAAI;QAAEF;MAAU,CAAC;IACtC,CAAC,CAAC,MAAM;MACN,OAAO;QAAEE,QAAQ,EAAE;MAAM,CAAC;IAC5B;EACF,CAAC;EACDC,UAAU,EAAEA,CAAA,KAAM;IAChB,MAAM,IAAI9B,aAAa,CAAC,+BAA+B,CAAC;EAC1D,CAAC;EACD+B,0BAA0B,EAAGC,WAAW,IAAK;IAC3C,MAAMC,IAAI,GAAG,IAAIlC,IAAI,CAAC,CAAC;IACvBkC,IAAI,CAACC,WAAW,CAACF,WAAW,CAAC;IAC7B,MAAMG,MAAM,GAAGF,IAAI,CAACG,oBAAoB,CAACJ,WAAW,CAAC;IAErD,MAAMK,WAAqB,GAAG,EAAE;IAChC,MAAMC,WAAqB,GAAG,EAAE;IAEhC,KAAK,MAAMC,IAAI,IAAIJ,MAAM,CAACK,KAAK,EAAE;MAC/B,IAAI,CAACD,IAAI,EAAE;MACX,IAAI,KAAK,IAAIA,IAAI,EAAEF,WAAW,CAACI,IAAI,CAACF,IAAI,CAACG,GAAG,CAAC;MAC7C,IAAI,KAAK,IAAIH,IAAI,EAAED,WAAW,CAACG,IAAI,CAACF,IAAI,CAACI,GAAG,CAAC;IAC/C;IAEA,OAAO;MAAEN,WAAW;MAAEC;IAAY,CAAC;EACrC;AACF,CAAC;AAID;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMM,uBAAuB,GAClCC,IAAW,IACsB;EACjC,OAAO,eAAerB,SAASA,CAACsB,CAAC,EAAEpB,GAAG,EAAE;IACtC,IAAI;MACF,MAAMC,SAAS,GAAGhC,gBAAgB,CAAC+B,GAAG,CAACqB,MAAM,EAAeF,IAAI,CAAC;MACjE,MAAMhD,MAAM,CAAC6B,GAAG,CAACE,OAAO,EAAED,SAAS,CAAC;MACpC,OAAO;QAAEE,QAAQ,EAAE,IAAI;QAAEF;MAAU,CAAC;IACtC,CAAC,CAAC,MAAM;MACN,OAAO;QAAEE,QAAQ,EAAE;MAAM,CAAC;IAC5B;EACF,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMmB,8BAA8B,GACzCC,aAA4B,IACG;EAC/B,OAAO,eAAeC,OAAOA,CAACzB,SAAS,EAAA0B,KAAA,EAAuB;IAAA,IAArB;MAAEJ,MAAM;MAAEK;IAAQ,CAAC,GAAAD,KAAA;IAC1D,OAAO;MACLzB,GAAG,EAAE,MAAM,IAAI9B,OAAO,CAACqD,aAAa,CAAC,CAClCI,kBAAkB,CAACN,MAAM,CAAC,CAC1BO,UAAU,CAACF,OAAO,CAAC,CACnBG,IAAI,CAAC,CAAC;MACT5B,SAAS,EACPF,SAAS,CAAClB,MAAM,KAAK,KAAK,GACtBkB,SAAS,CAACb,SAAS,GACnB,MAAMqC,aAAa,CAACO,YAAY,CAAC;IACzC,CAAC;EACH,CAAC;AACH,CAAC"}
|