@pagopa/io-react-native-wallet 3.2.0 → 3.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (328) hide show
  1. package/README.md +1 -1
  2. package/lib/commonjs/credential/issuance/README.md +32 -14
  3. package/lib/commonjs/credential/issuance/api/IssuerConfig.js +1 -0
  4. package/lib/commonjs/credential/issuance/api/IssuerConfig.js.map +1 -1
  5. package/lib/commonjs/credential/issuance/common/02-start-user-authorization.js +4 -3
  6. package/lib/commonjs/credential/issuance/common/02-start-user-authorization.js.map +1 -1
  7. package/lib/commonjs/credential/issuance/common/06-verify-and-parse-credential.sdjwt.js +39 -8
  8. package/lib/commonjs/credential/issuance/common/06-verify-and-parse-credential.sdjwt.js.map +1 -1
  9. package/lib/commonjs/credential/issuance/mrtd-pop/02-init-challenge.js +46 -38
  10. package/lib/commonjs/credential/issuance/mrtd-pop/02-init-challenge.js.map +1 -1
  11. package/lib/commonjs/credential/issuance/mrtd-pop/03-validate-challenge.js +58 -51
  12. package/lib/commonjs/credential/issuance/mrtd-pop/03-validate-challenge.js.map +1 -1
  13. package/lib/commonjs/credential/issuance/mrtd-pop/index.js +21 -5
  14. package/lib/commonjs/credential/issuance/mrtd-pop/index.js.map +1 -1
  15. package/lib/commonjs/credential/issuance/v1.0.0/02-start-user-authorization.js +5 -4
  16. package/lib/commonjs/credential/issuance/v1.0.0/02-start-user-authorization.js.map +1 -1
  17. package/lib/commonjs/credential/issuance/v1.0.0/03-complete-user-authorization.js +8 -5
  18. package/lib/commonjs/credential/issuance/v1.0.0/03-complete-user-authorization.js.map +1 -1
  19. package/lib/commonjs/credential/issuance/v1.0.0/index.js +3 -2
  20. package/lib/commonjs/credential/issuance/v1.0.0/index.js.map +1 -1
  21. package/lib/commonjs/credential/issuance/v1.0.0/mappers.js +4 -2
  22. package/lib/commonjs/credential/issuance/v1.0.0/mappers.js.map +1 -1
  23. package/lib/commonjs/credential/issuance/v1.3.3/01-evaluate-issuer-trust.js +0 -2
  24. package/lib/commonjs/credential/issuance/v1.3.3/01-evaluate-issuer-trust.js.map +1 -1
  25. package/lib/commonjs/credential/issuance/v1.3.3/02-start-user-authorization.js +21 -17
  26. package/lib/commonjs/credential/issuance/v1.3.3/02-start-user-authorization.js.map +1 -1
  27. package/lib/commonjs/credential/issuance/v1.3.3/03-complete-user-authorization.js +108 -69
  28. package/lib/commonjs/credential/issuance/v1.3.3/03-complete-user-authorization.js.map +1 -1
  29. package/lib/commonjs/credential/issuance/v1.3.3/04-authorize-access.js +20 -19
  30. package/lib/commonjs/credential/issuance/v1.3.3/04-authorize-access.js.map +1 -1
  31. package/lib/commonjs/credential/issuance/v1.3.3/05-obtain-credential.js +5 -7
  32. package/lib/commonjs/credential/issuance/v1.3.3/05-obtain-credential.js.map +1 -1
  33. package/lib/commonjs/credential/issuance/v1.3.3/06-verify-and-parse-credential.js +4 -1
  34. package/lib/commonjs/credential/issuance/v1.3.3/06-verify-and-parse-credential.js.map +1 -1
  35. package/lib/commonjs/credential/issuance/v1.3.3/index.js +3 -2
  36. package/lib/commonjs/credential/issuance/v1.3.3/index.js.map +1 -1
  37. package/lib/commonjs/credential/issuance/v1.3.3/mappers.js +10 -11
  38. package/lib/commonjs/credential/issuance/v1.3.3/mappers.js.map +1 -1
  39. package/lib/commonjs/credential/presentation/api/types.js.map +1 -1
  40. package/lib/commonjs/credential/presentation/common/utils/http.js +9 -4
  41. package/lib/commonjs/credential/presentation/common/utils/http.js.map +1 -1
  42. package/lib/commonjs/credential/presentation/{v1.3.3/utils.mdoc.js → common/utils/mdoc.js} +2 -2
  43. package/lib/commonjs/credential/presentation/common/utils/mdoc.js.map +1 -0
  44. package/lib/commonjs/credential/presentation/v1.0.0/07-send-authorization-response.js +3 -1
  45. package/lib/commonjs/credential/presentation/v1.0.0/07-send-authorization-response.js.map +1 -1
  46. package/lib/commonjs/credential/presentation/v1.3.3/05-verify-request-object.js +11 -10
  47. package/lib/commonjs/credential/presentation/v1.3.3/05-verify-request-object.js.map +1 -1
  48. package/lib/commonjs/credential/presentation/v1.3.3/06-evaluate-dcql-query.js +2 -2
  49. package/lib/commonjs/credential/presentation/v1.3.3/06-evaluate-dcql-query.js.map +1 -1
  50. package/lib/commonjs/credential/presentation/v1.3.3/07-send-authorization-response.js +2 -0
  51. package/lib/commonjs/credential/presentation/v1.3.3/07-send-authorization-response.js.map +1 -1
  52. package/lib/commonjs/credential/presentation/v1.3.3/mappers.js +1 -1
  53. package/lib/commonjs/credential/presentation/v1.3.3/mappers.js.map +1 -1
  54. package/lib/commonjs/credential/status/README.md +3 -2
  55. package/lib/commonjs/credential/status/v1.3.3/01-status-list.js +27 -5
  56. package/lib/commonjs/credential/status/v1.3.3/01-status-list.js.map +1 -1
  57. package/lib/commonjs/credential/status/v1.3.3/02-verify-and-parse-status-list.js +17 -6
  58. package/lib/commonjs/credential/status/v1.3.3/02-verify-and-parse-status-list.js.map +1 -1
  59. package/lib/commonjs/credentials-catalogue/api/DigitalCredentialsCatalogue.js +2 -1
  60. package/lib/commonjs/credentials-catalogue/api/DigitalCredentialsCatalogue.js.map +1 -1
  61. package/lib/commonjs/credentials-catalogue/common/get-status-l10n-ids.js +23 -0
  62. package/lib/commonjs/credentials-catalogue/common/get-status-l10n-ids.js.map +1 -0
  63. package/lib/commonjs/credentials-catalogue/v1.0.0/index.js +3 -1
  64. package/lib/commonjs/credentials-catalogue/v1.0.0/index.js.map +1 -1
  65. package/lib/commonjs/credentials-catalogue/v1.3.3/index.js +3 -1
  66. package/lib/commonjs/credentials-catalogue/v1.3.3/index.js.map +1 -1
  67. package/lib/commonjs/mdoc/index.js +3 -24
  68. package/lib/commonjs/mdoc/index.js.map +1 -1
  69. package/lib/commonjs/sd-jwt/__test__/types.test.js +2 -14
  70. package/lib/commonjs/sd-jwt/__test__/types.test.js.map +1 -1
  71. package/lib/commonjs/sd-jwt/__test__/utils.test.js +0 -12
  72. package/lib/commonjs/sd-jwt/__test__/utils.test.js.map +1 -1
  73. package/lib/commonjs/sd-jwt/types.js +1 -14
  74. package/lib/commonjs/sd-jwt/types.js.map +1 -1
  75. package/lib/commonjs/utils/callbacks.js +20 -1
  76. package/lib/commonjs/utils/callbacks.js.map +1 -1
  77. package/lib/commonjs/utils/config.js +9 -1
  78. package/lib/commonjs/utils/config.js.map +1 -1
  79. package/lib/commonjs/utils/x509.js +34 -0
  80. package/lib/commonjs/utils/x509.js.map +1 -0
  81. package/lib/commonjs/wallet-instance-attestation/api/types.js +0 -2
  82. package/lib/commonjs/wallet-instance-attestation/api/types.js.map +1 -1
  83. package/lib/commonjs/wallet-instance-attestation/v1.3.3/mappers.js +1 -14
  84. package/lib/commonjs/wallet-instance-attestation/v1.3.3/mappers.js.map +1 -1
  85. package/lib/commonjs/wallet-instance-attestation/v1.3.3/types.js +2 -7
  86. package/lib/commonjs/wallet-instance-attestation/v1.3.3/types.js.map +1 -1
  87. package/lib/commonjs/wallet-unit-attestation/api/types.js +0 -11
  88. package/lib/commonjs/wallet-unit-attestation/api/types.js.map +1 -1
  89. package/lib/module/credential/issuance/README.md +32 -14
  90. package/lib/module/credential/issuance/api/IssuerConfig.js +1 -0
  91. package/lib/module/credential/issuance/api/IssuerConfig.js.map +1 -1
  92. package/lib/module/credential/issuance/common/02-start-user-authorization.js +4 -3
  93. package/lib/module/credential/issuance/common/02-start-user-authorization.js.map +1 -1
  94. package/lib/module/credential/issuance/common/06-verify-and-parse-credential.sdjwt.js +41 -10
  95. package/lib/module/credential/issuance/common/06-verify-and-parse-credential.sdjwt.js.map +1 -1
  96. package/lib/module/credential/issuance/mrtd-pop/02-init-challenge.js +47 -34
  97. package/lib/module/credential/issuance/mrtd-pop/02-init-challenge.js.map +1 -1
  98. package/lib/module/credential/issuance/mrtd-pop/03-validate-challenge.js +58 -47
  99. package/lib/module/credential/issuance/mrtd-pop/03-validate-challenge.js.map +1 -1
  100. package/lib/module/credential/issuance/mrtd-pop/index.js +20 -5
  101. package/lib/module/credential/issuance/mrtd-pop/index.js.map +1 -1
  102. package/lib/module/credential/issuance/v1.0.0/02-start-user-authorization.js +3 -2
  103. package/lib/module/credential/issuance/v1.0.0/02-start-user-authorization.js.map +1 -1
  104. package/lib/module/credential/issuance/v1.0.0/03-complete-user-authorization.js +6 -4
  105. package/lib/module/credential/issuance/v1.0.0/03-complete-user-authorization.js.map +1 -1
  106. package/lib/module/credential/issuance/v1.0.0/index.js +5 -4
  107. package/lib/module/credential/issuance/v1.0.0/index.js.map +1 -1
  108. package/lib/module/credential/issuance/v1.0.0/mappers.js +4 -2
  109. package/lib/module/credential/issuance/v1.0.0/mappers.js.map +1 -1
  110. package/lib/module/credential/issuance/v1.3.3/01-evaluate-issuer-trust.js +0 -2
  111. package/lib/module/credential/issuance/v1.3.3/01-evaluate-issuer-trust.js.map +1 -1
  112. package/lib/module/credential/issuance/v1.3.3/02-start-user-authorization.js +21 -17
  113. package/lib/module/credential/issuance/v1.3.3/02-start-user-authorization.js.map +1 -1
  114. package/lib/module/credential/issuance/v1.3.3/03-complete-user-authorization.js +108 -70
  115. package/lib/module/credential/issuance/v1.3.3/03-complete-user-authorization.js.map +1 -1
  116. package/lib/module/credential/issuance/v1.3.3/04-authorize-access.js +22 -19
  117. package/lib/module/credential/issuance/v1.3.3/04-authorize-access.js.map +1 -1
  118. package/lib/module/credential/issuance/v1.3.3/05-obtain-credential.js +6 -8
  119. package/lib/module/credential/issuance/v1.3.3/05-obtain-credential.js.map +1 -1
  120. package/lib/module/credential/issuance/v1.3.3/06-verify-and-parse-credential.js +4 -1
  121. package/lib/module/credential/issuance/v1.3.3/06-verify-and-parse-credential.js.map +1 -1
  122. package/lib/module/credential/issuance/v1.3.3/index.js +5 -4
  123. package/lib/module/credential/issuance/v1.3.3/index.js.map +1 -1
  124. package/lib/module/credential/issuance/v1.3.3/mappers.js +10 -11
  125. package/lib/module/credential/issuance/v1.3.3/mappers.js.map +1 -1
  126. package/lib/module/credential/presentation/api/types.js.map +1 -1
  127. package/lib/module/credential/presentation/common/utils/http.js +9 -4
  128. package/lib/module/credential/presentation/common/utils/http.js.map +1 -1
  129. package/lib/module/credential/presentation/{v1.3.3/utils.mdoc.js → common/utils/mdoc.js} +2 -2
  130. package/lib/module/credential/presentation/common/utils/mdoc.js.map +1 -0
  131. package/lib/module/credential/presentation/v1.0.0/07-send-authorization-response.js +3 -1
  132. package/lib/module/credential/presentation/v1.0.0/07-send-authorization-response.js.map +1 -1
  133. package/lib/module/credential/presentation/v1.3.3/05-verify-request-object.js +11 -10
  134. package/lib/module/credential/presentation/v1.3.3/05-verify-request-object.js.map +1 -1
  135. package/lib/module/credential/presentation/v1.3.3/06-evaluate-dcql-query.js +2 -3
  136. package/lib/module/credential/presentation/v1.3.3/06-evaluate-dcql-query.js.map +1 -1
  137. package/lib/module/credential/presentation/v1.3.3/07-send-authorization-response.js +2 -0
  138. package/lib/module/credential/presentation/v1.3.3/07-send-authorization-response.js.map +1 -1
  139. package/lib/module/credential/presentation/v1.3.3/mappers.js +1 -1
  140. package/lib/module/credential/presentation/v1.3.3/mappers.js.map +1 -1
  141. package/lib/module/credential/status/README.md +3 -2
  142. package/lib/module/credential/status/v1.3.3/01-status-list.js +27 -5
  143. package/lib/module/credential/status/v1.3.3/01-status-list.js.map +1 -1
  144. package/lib/module/credential/status/v1.3.3/02-verify-and-parse-status-list.js +17 -6
  145. package/lib/module/credential/status/v1.3.3/02-verify-and-parse-status-list.js.map +1 -1
  146. package/lib/module/credentials-catalogue/api/DigitalCredentialsCatalogue.js +1 -1
  147. package/lib/module/credentials-catalogue/api/DigitalCredentialsCatalogue.js.map +1 -1
  148. package/lib/module/credentials-catalogue/common/get-status-l10n-ids.js +16 -0
  149. package/lib/module/credentials-catalogue/common/get-status-l10n-ids.js.map +1 -0
  150. package/lib/module/credentials-catalogue/v1.0.0/index.js +3 -1
  151. package/lib/module/credentials-catalogue/v1.0.0/index.js.map +1 -1
  152. package/lib/module/credentials-catalogue/v1.3.3/index.js +3 -1
  153. package/lib/module/credentials-catalogue/v1.3.3/index.js.map +1 -1
  154. package/lib/module/mdoc/index.js +3 -24
  155. package/lib/module/mdoc/index.js.map +1 -1
  156. package/lib/module/sd-jwt/__test__/types.test.js +2 -14
  157. package/lib/module/sd-jwt/__test__/types.test.js.map +1 -1
  158. package/lib/module/sd-jwt/__test__/utils.test.js +0 -12
  159. package/lib/module/sd-jwt/__test__/utils.test.js.map +1 -1
  160. package/lib/module/sd-jwt/types.js +1 -14
  161. package/lib/module/sd-jwt/types.js.map +1 -1
  162. package/lib/module/utils/callbacks.js +19 -1
  163. package/lib/module/utils/callbacks.js.map +1 -1
  164. package/lib/module/utils/config.js +7 -0
  165. package/lib/module/utils/config.js.map +1 -1
  166. package/lib/module/utils/x509.js +28 -0
  167. package/lib/module/utils/x509.js.map +1 -0
  168. package/lib/module/wallet-instance-attestation/api/types.js +0 -2
  169. package/lib/module/wallet-instance-attestation/api/types.js.map +1 -1
  170. package/lib/module/wallet-instance-attestation/v1.3.3/mappers.js +1 -14
  171. package/lib/module/wallet-instance-attestation/v1.3.3/mappers.js.map +1 -1
  172. package/lib/module/wallet-instance-attestation/v1.3.3/types.js +2 -7
  173. package/lib/module/wallet-instance-attestation/v1.3.3/types.js.map +1 -1
  174. package/lib/module/wallet-unit-attestation/api/types.js +0 -11
  175. package/lib/module/wallet-unit-attestation/api/types.js.map +1 -1
  176. package/lib/typescript/credential/issuance/api/02-start-user-authorization.d.ts +1 -0
  177. package/lib/typescript/credential/issuance/api/02-start-user-authorization.d.ts.map +1 -1
  178. package/lib/typescript/credential/issuance/api/03-complete-user-authorization.d.ts +19 -5
  179. package/lib/typescript/credential/issuance/api/03-complete-user-authorization.d.ts.map +1 -1
  180. package/lib/typescript/credential/issuance/api/06-verify-and-parse-credential.d.ts +4 -0
  181. package/lib/typescript/credential/issuance/api/06-verify-and-parse-credential.d.ts.map +1 -1
  182. package/lib/typescript/credential/issuance/api/IssuerConfig.d.ts +1 -0
  183. package/lib/typescript/credential/issuance/api/IssuerConfig.d.ts.map +1 -1
  184. package/lib/typescript/credential/issuance/common/02-start-user-authorization.d.ts.map +1 -1
  185. package/lib/typescript/credential/issuance/common/06-verify-and-parse-credential.sdjwt.d.ts.map +1 -1
  186. package/lib/typescript/credential/issuance/mrtd-pop/02-init-challenge.d.ts +12 -1
  187. package/lib/typescript/credential/issuance/mrtd-pop/02-init-challenge.d.ts.map +1 -1
  188. package/lib/typescript/credential/issuance/mrtd-pop/03-validate-challenge.d.ts +12 -1
  189. package/lib/typescript/credential/issuance/mrtd-pop/03-validate-challenge.d.ts.map +1 -1
  190. package/lib/typescript/credential/issuance/mrtd-pop/index.d.ts +2 -1
  191. package/lib/typescript/credential/issuance/mrtd-pop/index.d.ts.map +1 -1
  192. package/lib/typescript/credential/issuance/v1.0.0/02-start-user-authorization.d.ts.map +1 -1
  193. package/lib/typescript/credential/issuance/v1.0.0/03-complete-user-authorization.d.ts +2 -1
  194. package/lib/typescript/credential/issuance/v1.0.0/03-complete-user-authorization.d.ts.map +1 -1
  195. package/lib/typescript/credential/issuance/v1.0.0/index.d.ts.map +1 -1
  196. package/lib/typescript/credential/issuance/v1.0.0/mappers.d.ts +1 -0
  197. package/lib/typescript/credential/issuance/v1.0.0/mappers.d.ts.map +1 -1
  198. package/lib/typescript/credential/issuance/v1.3.3/01-evaluate-issuer-trust.d.ts.map +1 -1
  199. package/lib/typescript/credential/issuance/v1.3.3/02-start-user-authorization.d.ts.map +1 -1
  200. package/lib/typescript/credential/issuance/v1.3.3/03-complete-user-authorization.d.ts +2 -1
  201. package/lib/typescript/credential/issuance/v1.3.3/03-complete-user-authorization.d.ts.map +1 -1
  202. package/lib/typescript/credential/issuance/v1.3.3/04-authorize-access.d.ts.map +1 -1
  203. package/lib/typescript/credential/issuance/v1.3.3/05-obtain-credential.d.ts.map +1 -1
  204. package/lib/typescript/credential/issuance/v1.3.3/06-verify-and-parse-credential.d.ts.map +1 -1
  205. package/lib/typescript/credential/issuance/v1.3.3/index.d.ts.map +1 -1
  206. package/lib/typescript/credential/issuance/v1.3.3/mappers.d.ts +7 -4
  207. package/lib/typescript/credential/issuance/v1.3.3/mappers.d.ts.map +1 -1
  208. package/lib/typescript/credential/presentation/api/05-verify-request-object.d.ts +1 -1
  209. package/lib/typescript/credential/presentation/api/types.d.ts +3 -7
  210. package/lib/typescript/credential/presentation/api/types.d.ts.map +1 -1
  211. package/lib/typescript/credential/presentation/common/utils/http.d.ts +1 -1
  212. package/lib/typescript/credential/presentation/common/utils/http.d.ts.map +1 -1
  213. package/lib/typescript/credential/presentation/{v1.3.3/utils.mdoc.d.ts → common/utils/mdoc.d.ts} +2 -2
  214. package/lib/typescript/credential/presentation/common/utils/mdoc.d.ts.map +1 -0
  215. package/lib/typescript/credential/presentation/v1.3.3/05-verify-request-object.d.ts.map +1 -1
  216. package/lib/typescript/credential/presentation/v1.3.3/06-evaluate-dcql-query.d.ts.map +1 -1
  217. package/lib/typescript/credential/presentation/v1.3.3/07-send-authorization-response.d.ts.map +1 -1
  218. package/lib/typescript/credential/presentation/v1.3.3/mappers.d.ts +8 -8
  219. package/lib/typescript/credential/presentation/v1.3.3/types.d.ts +8 -8
  220. package/lib/typescript/credential/status/api/status-list.d.ts +8 -4
  221. package/lib/typescript/credential/status/api/status-list.d.ts.map +1 -1
  222. package/lib/typescript/credential/status/v1.3.3/01-status-list.d.ts.map +1 -1
  223. package/lib/typescript/credential/status/v1.3.3/02-verify-and-parse-status-list.d.ts.map +1 -1
  224. package/lib/typescript/credentials-catalogue/api/DigitalCredentialsCatalogue.d.ts +6 -0
  225. package/lib/typescript/credentials-catalogue/api/DigitalCredentialsCatalogue.d.ts.map +1 -1
  226. package/lib/typescript/credentials-catalogue/api/index.d.ts +14 -2
  227. package/lib/typescript/credentials-catalogue/api/index.d.ts.map +1 -1
  228. package/lib/typescript/credentials-catalogue/common/get-status-l10n-ids.d.ts +9 -0
  229. package/lib/typescript/credentials-catalogue/common/get-status-l10n-ids.d.ts.map +1 -0
  230. package/lib/typescript/credentials-catalogue/v1.0.0/index.d.ts.map +1 -1
  231. package/lib/typescript/credentials-catalogue/v1.3.3/index.d.ts.map +1 -1
  232. package/lib/typescript/mdoc/index.d.ts +1 -1
  233. package/lib/typescript/mdoc/index.d.ts.map +1 -1
  234. package/lib/typescript/mdoc/utils.d.ts +0 -24
  235. package/lib/typescript/mdoc/utils.d.ts.map +1 -1
  236. package/lib/typescript/sd-jwt/types.d.ts +0 -12
  237. package/lib/typescript/sd-jwt/types.d.ts.map +1 -1
  238. package/lib/typescript/trust/v1.3.3/types.d.ts +6 -4
  239. package/lib/typescript/trust/v1.3.3/types.d.ts.map +1 -1
  240. package/lib/typescript/utils/callbacks.d.ts +7 -0
  241. package/lib/typescript/utils/callbacks.d.ts.map +1 -1
  242. package/lib/typescript/utils/config.d.ts +4 -0
  243. package/lib/typescript/utils/config.d.ts.map +1 -1
  244. package/lib/typescript/utils/x509.d.ts +10 -0
  245. package/lib/typescript/utils/x509.d.ts.map +1 -0
  246. package/lib/typescript/wallet-instance-attestation/api/types.d.ts +0 -2
  247. package/lib/typescript/wallet-instance-attestation/api/types.d.ts.map +1 -1
  248. package/lib/typescript/wallet-instance-attestation/v1.0.0/mappers.d.ts +0 -2
  249. package/lib/typescript/wallet-instance-attestation/v1.0.0/mappers.d.ts.map +1 -1
  250. package/lib/typescript/wallet-instance-attestation/v1.3.3/mappers.d.ts +2 -9
  251. package/lib/typescript/wallet-instance-attestation/v1.3.3/mappers.d.ts.map +1 -1
  252. package/lib/typescript/wallet-instance-attestation/v1.3.3/types.d.ts +2 -7
  253. package/lib/typescript/wallet-instance-attestation/v1.3.3/types.d.ts.map +1 -1
  254. package/lib/typescript/wallet-unit-attestation/api/types.d.ts +0 -11
  255. package/lib/typescript/wallet-unit-attestation/api/types.d.ts.map +1 -1
  256. package/lib/typescript/wallet-unit-attestation/v1.3.3/mappers.d.ts +0 -22
  257. package/lib/typescript/wallet-unit-attestation/v1.3.3/mappers.d.ts.map +1 -1
  258. package/lib/typescript/wallet-unit-attestation/v1.3.3/types.d.ts +0 -11
  259. package/lib/typescript/wallet-unit-attestation/v1.3.3/types.d.ts.map +1 -1
  260. package/package.json +6 -6
  261. package/src/credential/issuance/README.md +32 -14
  262. package/src/credential/issuance/api/02-start-user-authorization.ts +1 -0
  263. package/src/credential/issuance/api/03-complete-user-authorization.ts +26 -5
  264. package/src/credential/issuance/api/06-verify-and-parse-credential.ts +4 -0
  265. package/src/credential/issuance/api/IssuerConfig.ts +1 -0
  266. package/src/credential/issuance/common/02-start-user-authorization.ts +6 -3
  267. package/src/credential/issuance/common/06-verify-and-parse-credential.sdjwt.ts +47 -10
  268. package/src/credential/issuance/mrtd-pop/02-init-challenge.ts +69 -45
  269. package/src/credential/issuance/mrtd-pop/03-validate-challenge.ts +84 -62
  270. package/src/credential/issuance/mrtd-pop/index.ts +13 -5
  271. package/src/credential/issuance/v1.0.0/02-start-user-authorization.ts +8 -2
  272. package/src/credential/issuance/v1.0.0/03-complete-user-authorization.ts +16 -4
  273. package/src/credential/issuance/v1.0.0/index.ts +6 -4
  274. package/src/credential/issuance/v1.0.0/mappers.ts +9 -1
  275. package/src/credential/issuance/v1.3.3/01-evaluate-issuer-trust.ts +0 -2
  276. package/src/credential/issuance/v1.3.3/02-start-user-authorization.ts +25 -21
  277. package/src/credential/issuance/v1.3.3/03-complete-user-authorization.ts +138 -94
  278. package/src/credential/issuance/v1.3.3/04-authorize-access.ts +28 -23
  279. package/src/credential/issuance/v1.3.3/05-obtain-credential.ts +9 -9
  280. package/src/credential/issuance/v1.3.3/06-verify-and-parse-credential.ts +2 -1
  281. package/src/credential/issuance/v1.3.3/index.ts +6 -4
  282. package/src/credential/issuance/v1.3.3/mappers.ts +13 -11
  283. package/src/credential/presentation/api/05-verify-request-object.ts +1 -1
  284. package/src/credential/presentation/api/types.ts +3 -7
  285. package/src/credential/presentation/common/utils/http.ts +2 -2
  286. package/src/credential/presentation/{v1.3.3/utils.mdoc.ts → common/utils/mdoc.ts} +2 -2
  287. package/src/credential/presentation/v1.0.0/07-send-authorization-response.ts +1 -1
  288. package/src/credential/presentation/v1.3.3/05-verify-request-object.ts +15 -14
  289. package/src/credential/presentation/v1.3.3/06-evaluate-dcql-query.ts +3 -3
  290. package/src/credential/presentation/v1.3.3/07-send-authorization-response.ts +2 -0
  291. package/src/credential/presentation/v1.3.3/mappers.ts +1 -1
  292. package/src/credential/status/README.md +3 -2
  293. package/src/credential/status/api/status-list.ts +10 -7
  294. package/src/credential/status/v1.3.3/01-status-list.ts +21 -7
  295. package/src/credential/status/v1.3.3/02-verify-and-parse-status-list.ts +19 -5
  296. package/src/credentials-catalogue/api/DigitalCredentialsCatalogue.ts +4 -1
  297. package/src/credentials-catalogue/api/index.ts +15 -0
  298. package/src/credentials-catalogue/common/get-status-l10n-ids.ts +25 -0
  299. package/src/credentials-catalogue/v1.0.0/index.ts +2 -0
  300. package/src/credentials-catalogue/v1.3.3/index.ts +2 -0
  301. package/src/mdoc/index.ts +5 -41
  302. package/src/sd-jwt/__test__/types.test.ts +1 -13
  303. package/src/sd-jwt/__test__/utils.test.ts +0 -12
  304. package/src/sd-jwt/types.ts +0 -13
  305. package/src/utils/callbacks.ts +28 -1
  306. package/src/utils/config.ts +7 -0
  307. package/src/utils/x509.ts +43 -0
  308. package/src/wallet-instance-attestation/api/types.ts +0 -2
  309. package/src/wallet-instance-attestation/v1.3.3/mappers.ts +3 -11
  310. package/src/wallet-instance-attestation/v1.3.3/types.ts +2 -7
  311. package/src/wallet-unit-attestation/api/types.ts +0 -11
  312. package/lib/commonjs/credential/issuance/common/authorization.js +0 -56
  313. package/lib/commonjs/credential/issuance/common/authorization.js.map +0 -1
  314. package/lib/commonjs/credential/presentation/common/utils.js +0 -28
  315. package/lib/commonjs/credential/presentation/common/utils.js.map +0 -1
  316. package/lib/commonjs/credential/presentation/v1.3.3/utils.mdoc.js.map +0 -1
  317. package/lib/module/credential/issuance/common/authorization.js +0 -48
  318. package/lib/module/credential/issuance/common/authorization.js.map +0 -1
  319. package/lib/module/credential/presentation/common/utils.js +0 -21
  320. package/lib/module/credential/presentation/common/utils.js.map +0 -1
  321. package/lib/module/credential/presentation/v1.3.3/utils.mdoc.js.map +0 -1
  322. package/lib/typescript/credential/issuance/common/authorization.d.ts +0 -21
  323. package/lib/typescript/credential/issuance/common/authorization.d.ts.map +0 -1
  324. package/lib/typescript/credential/presentation/common/utils.d.ts +0 -11
  325. package/lib/typescript/credential/presentation/common/utils.d.ts.map +0 -1
  326. package/lib/typescript/credential/presentation/v1.3.3/utils.mdoc.d.ts.map +0 -1
  327. package/src/credential/issuance/common/authorization.ts +0 -89
  328. package/src/credential/presentation/common/utils.ts +0 -30
package/README.md CHANGED
@@ -6,7 +6,7 @@ It is designed to **support multiple versions of IT-Wallet specifications** via
6
6
 
7
7
  Follows the [eudi-wallet-it-docs](https://github.com/italia/eudi-wallet-it-docs) specifications:
8
8
  - Version [1.0.0](https://github.com/italia/eudi-wallet-it-docs/releases/tag/1.0.0)
9
- - Version [1.3.3](https://github.com/italia/eudi-wallet-it-docs/releases/tag/1.3.3) - 🚧 WIP
9
+ - Version [1.3.3](https://github.com/italia/eudi-wallet-it-docs/releases/tag/1.3.3)
10
10
 
11
11
  The following table highlights the relationship between `io-react-native-wallet` and IT-Wallet specifications.
12
12
 
package/lib/commonjs/credential/issuance/README.md CHANGED
@@ -19,8 +19,8 @@ graph TD;
19
19
  2[evaluateIssuerTrust]
20
20
  3[startUserAuthorization]
21
21
  C4[getRequestedCredentialToBePresented]
22
- C4.1[completeUserAuthorizationWithFormPostJwtMode]
23
- E4[completeUserAuthorizationWithQueryMode]
22
+ C4.1[completeEaaUserAuthorizationWithQueryMode]
23
+ E4[completePidUserAuthorizationWithQueryMode]
24
24
  5[authorizeAccess]
25
25
  6[WalletUnitAttestation.getAttestation]
26
26
  7[obtainCredential]
@@ -86,11 +86,15 @@ MRTD Verification is a sub-flow of the Issuance flow and is used when the reques
86
86
  1. **Primary Authentication**: LoA3 electronic identification (SPID or CIEid L2).
87
87
  2. **MRTD Proof of Possession (PoP)**: Electronic document reading and cryptographic verification.
88
88
 
89
- This process is initiated by the Authorization Server responding to the primary authentication step with a redirect that includes a challenge in the query string, which is handled by the `continueUserAuthorizationWithMRTDPoPChallenge` function. Once the MRTD PoP is completed, the user must continue the PID issuance flow with the `completeUserAuthorizationWithQueryMode` function.
89
+ This process is initiated by the Authorization Server responding to the primary authentication step with a redirect that includes a challenge in the query string, which is handled by the `continueUserAuthorizationWithMRTDPoPChallenge` function. Once the MRTD PoP is completed, the user must continue the PID issuance flow with the `completePidUserAuthorizationWithQueryMode` function.
90
90
 
91
91
  Complete documentation for the MRTD PoP flow can be found here: [mrtd-pop](./mrtd-pop/README.md)
92
92
 
93
- ## Authentication through credentials (Form Post JWT Mode)
93
+ ## Authentication through credentials (Query Mode) - v1.3
94
+
95
+ When the credential is different than an eID, the flow requires the user to present other credentials in order to obtain the requested one. Starting from IT-Wallet specifications v1.3, the EAA issuance flow uses the query mode to complete the user authorization. This is done through the `getRequestedCredentialToBePresented` followed by the `completeEaaUserAuthorizationWithQueryMode`.
96
+
97
+ ## Authentication through credentials (Form Post JWT Mode) - v1.0
94
98
 
95
99
  When the credential is different than an eID, the flow requires the user to present other credentials in order to obtain the requested one. This is done through the `getRequestedCredentialToBePresented` followed by the `completeUserAuthorizationWithFormPostJwtMode`.
96
100
 
@@ -163,7 +167,7 @@ const credentialCryptoContext = createCryptoContextFor(credentialKeyTag);
163
167
  const { issuerConf } = await wallet.CredentialIssuance.evaluateIssuerTrust(WALLET_EAA_PROVIDER_BASE_URL);
164
168
 
165
169
  // Start user authorization
166
- const { issuerRequestUri, clientId, codeVerifier } =
170
+ const { issuerRequestUri, clientId, codeVerifier, responseMode } =
167
171
  await wallet.CredentialIssuance.startUserAuthorization(
168
172
  issuerConf,
169
173
  ["someCredentialId"],
@@ -184,13 +188,27 @@ const requestObject =
184
188
  appFetch
185
189
  );
186
190
 
187
- // Complete the user authorization via form_post.jwt mode
188
- const { code } =
189
- await wallet.CredentialIssuance.completeUserAuthorizationWithFormPostJwtMode(
190
- requestObject,
191
- pid.credential,
192
- { wiaCryptoContext, pidCryptoContext: createCryptoContextFor(pid.keyTag) }
193
- );
191
+ let code: string;
192
+ if (responseMode === "form_post.jwt") {
193
+ // Complete the user authorization via form_post.jwt mode
194
+ ({ code } =
195
+ await wallet.CredentialIssuance.completeUserAuthorizationWithFormPostJwtMode(
196
+ requestObject,
197
+ issuerConf,
198
+ [pid.keyTag, pid.credential],
199
+ { wiaCryptoContext, appFetch }
200
+ ));
201
+ } else {
202
+ // Complete the user authorization via query mode
203
+ ({ code } =
204
+ await wallet.CredentialIssuance.completeEaaUserAuthorizationWithQueryMode(
205
+ requestObject,
206
+ issuerConf,
207
+ [pid.keyTag, pid.credential],
208
+ REDIRECT_URI,
209
+ { appFetch }
210
+ ));
211
+ }
194
212
 
195
213
  // Generate the DPoP context which will be used for the whole issuance flow
196
214
  await regenerateCryptoKey(DPOP_KEYTAG); // Let's assume this function regenerates this ephemeral key for the DPoP
@@ -330,7 +348,7 @@ const { issuerConf } = await wallet.CredentialIssuance.evaluateIssuerTrust(
330
348
  const { issuerRequestUri, clientId, codeVerifier, credentialDefinition } =
331
349
  await wallet.CredentialIssuance.startUserAuthorization(
332
350
  issuerConf,
333
- ["dc_sd_jwt_PersonIdentificationData"], // Request authorization for one or more credentials
351
+ ["dc_sd_jwt_pid"], // Request authorization for one or more credentials
334
352
  { proofType: "none" },
335
353
  {
336
354
  walletInstanceAttestation,
@@ -342,7 +360,7 @@ const { issuerRequestUri, clientId, codeVerifier, credentialDefinition } =
342
360
 
343
361
  // Complete the authorization process with query mode with the authorizationContext which opens the browser
344
362
  const { code } =
345
- await wallet.CredentialIssuance.completeUserAuthorizationWithQueryMode(
363
+ await wallet.CredentialIssuance.completePidUserAuthorizationWithQueryMode(
346
364
  issuerRequestUri
347
365
  );
348
366
 
package/lib/commonjs/credential/issuance/api/IssuerConfig.js CHANGED
@@ -58,6 +58,7 @@ const IssuerConfig = _zod.z.object({
58
58
  credential_configurations_supported: _zod.z.record(_zod.z.string(), CredentialConfig),
59
59
  federation_entity: _types.FederationEntityMetadata,
60
60
  credential_issuance_batch_size: _zod.z.number().optional(),
61
+ encrypted_response_enc_values_supported: _zod.z.array(_zod.z.string()).optional(),
61
62
  /**
62
63
  * @deprecated
63
64
  */
package/lib/commonjs/credential/issuance/api/IssuerConfig.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["_zod","require","_jwk","_types","DisplayConfig","z","object","name","string","locale","ClaimConfig","path","array","union","number","null","display","IssuanceErrorSupported","title","description","CredentialConfig","intersection","discriminatedUnion","format","literal","vct","doctype","scope","claims","authentic_source","optional","issuance_errors_supported","record","IssuerConfig","credential_issuer","pushed_authorization_request_endpoint","authorization_endpoint","token_endpoint","nonce_endpoint","status_assertion_endpoint","credential_endpoint","keys","JWK","credential_configurations_supported","federation_entity","FederationEntityMetadata","credential_issuance_batch_size","response_modes_supported","exports"],"sourceRoot":"../../../../../src","sources":["credential/issuance/api/IssuerConfig.ts"],"mappings":";;;;;;AAAA,IAAAA,IAAA,GAAAC,OAAA;AACA,IAAAC,IAAA,GAAAD,OAAA;AACA,IAAAE,MAAA,GAAAF,OAAA;AAEA,MAAMG,aAAa,GAAGC,MAAC,CAACC,MAAM,CAAC;EAC7BC,IAAI,EAAEF,MAAC,CAACG,MAAM,CAAC,CAAC;EAChBC,MAAM,EAAEJ,MAAC,CAACG,MAAM,CAAC;AACnB,CAAC,CAAC;AAEF,MAAME,WAAW,GAAGL,MAAC,CAACC,MAAM,CAAC;EAC3BK,IAAI,EAAEN,MAAC,CAACO,KAAK,CAACP,MAAC,CAACQ,KAAK,CAAC,CAACR,MAAC,CAACG,MAAM,CAAC,CAAC,EAAEH,MAAC,CAACS,MAAM,CAAC,CAAC,EAAET,MAAC,CAACU,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;EAC1DC,OAAO,EAAEX,MAAC,CAACO,KAAK,CAACR,aAAa;AAChC,CAAC,CAAC;AAEF,MAAMa,sBAAsB,GAAGZ,MAAC,CAACC,MAAM,CAAC;EACtCU,OAAO,EAAEX,MAAC,CAACO,KAAK,CACdP,MAAC,CAACC,MAAM,CAAC;IACPY,KAAK,EAAEb,MAAC,CAACG,MAAM,CAAC,CAAC;IACjBW,WAAW,EAAEd,MAAC,CAACG,MAAM,CAAC,CAAC;IACvBC,MAAM,EAAEJ,MAAC,CAACG,MAAM,CAAC;EACnB,CAAC,CACH;AACF,CAAC,CAAC;AAEF,MAAMY,gBAAgB,GAAGf,MAAC,CAACgB,YAAY,CACrChB,MAAC,CAACiB,kBAAkB,CAAC,QAAQ,EAAE,CAC7BjB,MAAC,CAACC,MAAM,CAAC;EAAEiB,MAAM,EAAElB,MAAC,CAACmB,OAAO,CAAC,WAAW,CAAC;EAAEC,GAAG,EAAEpB,MAAC,CAACG,MAAM,CAAC;AAAE,CAAC,CAAC,EAC7DH,MAAC,CAACC,MAAM,CAAC;EAAEiB,MAAM,EAAElB,MAAC,CAACmB,OAAO,CAAC,UAAU,CAAC;EAAEE,OAAO,EAAErB,MAAC,CAACG,MAAM,CAAC;AAAE,CAAC,CAAC,CACjE,CAAC,EACFH,MAAC,CAACC,MAAM,CAAC;EACPqB,KAAK,EAAEtB,MAAC,CAACG,MAAM,CAAC,CAAC;EACjBQ,OAAO,EAAEX,MAAC,CAACO,KAAK,CAACR,aAAa,CAAC;EAC/BwB,MAAM,EAAEvB,MAAC,CAACO,KAAK,CAACF,WAAW,CAAC;EAC5B;AACJ;AACA;EACImB,gBAAgB,EAAExB,MAAC,CAACG,MAAM,CAAC,CAAC,CAACsB,QAAQ,CAAC,CAAC;EACvC;AACJ;AACA;EACIC,yBAAyB,EAAE1B,MAAC,CACzB2B,MAAM,CAAC3B,MAAC,CAACG,MAAM,CAAC,CAAC,EAAES,sBAAsB,CAAC,CAC1Ca,QAAQ,CAAC;AACd,CAAC,CACH,CAAC;;AAED;AACA;AACA;;AAEO,MAAMG,YAAY,GAAG5B,MAAC,CAACC,MAAM,CAAC;EACnC4B,iBAAiB,EAAE7B,MAAC,CAACG,MAAM,CAAC,CAAC;EAC7B2B,qCAAqC,EAAE9B,MAAC,CAACG,MAAM,CAAC,CAAC;EACjD4B,sBAAsB,EAAE/B,MAAC,CAACG,MAAM,CAAC,CAAC;EAClC6B,cAAc,EAAEhC,MAAC,CAACG,MAAM,CAAC,CAAC;EAC1B8B,cAAc,EAAEjC,MAAC,CAACG,MAAM,CAAC,CAAC;EAC1B+B,yBAAyB,EAAElC,MAAC,CAACG,MAAM,CAAC,CAAC,CAACsB,QAAQ,CAAC,CAAC;EAChDU,mBAAmB,EAAEnC,MAAC,CAACG,MAAM,CAAC,CAAC;EAC/BiC,IAAI,EAAEpC,MAAC,CAACO,KAAK,CAAC8B,QAAG,CAAC;EAClBC,mCAAmC,EAAEtC,MAAC,CAAC2B,MAAM,CAAC3B,MAAC,CAACG,MAAM,CAAC,CAAC,EAAEY,gBAAgB,CAAC;EAC3EwB,iBAAiB,EAAEC,+BAAwB;EAC3CC,8BAA8B,EAAEzC,MAAC,CAACS,MAAM,CAAC,CAAC,CAACgB,QAAQ,CAAC,CAAC;EACrD;AACF;AACA;EACEiB,wBAAwB,EAAE1C,MAAC,CAACO,KAAK,CAACP,MAAC,CAACG,MAAM,CAAC,CAAC,CAAC,CAACsB,QAAQ,CAAC;AACzD,CAAC,CAAC;AAACkB,OAAA,CAAAf,YAAA,GAAAA,YAAA"}
1
+ {"version":3,"names":["_zod","require","_jwk","_types","DisplayConfig","z","object","name","string","locale","ClaimConfig","path","array","union","number","null","display","IssuanceErrorSupported","title","description","CredentialConfig","intersection","discriminatedUnion","format","literal","vct","doctype","scope","claims","authentic_source","optional","issuance_errors_supported","record","IssuerConfig","credential_issuer","pushed_authorization_request_endpoint","authorization_endpoint","token_endpoint","nonce_endpoint","status_assertion_endpoint","credential_endpoint","keys","JWK","credential_configurations_supported","federation_entity","FederationEntityMetadata","credential_issuance_batch_size","encrypted_response_enc_values_supported","response_modes_supported","exports"],"sourceRoot":"../../../../../src","sources":["credential/issuance/api/IssuerConfig.ts"],"mappings":";;;;;;AAAA,IAAAA,IAAA,GAAAC,OAAA;AACA,IAAAC,IAAA,GAAAD,OAAA;AACA,IAAAE,MAAA,GAAAF,OAAA;AAEA,MAAMG,aAAa,GAAGC,MAAC,CAACC,MAAM,CAAC;EAC7BC,IAAI,EAAEF,MAAC,CAACG,MAAM,CAAC,CAAC;EAChBC,MAAM,EAAEJ,MAAC,CAACG,MAAM,CAAC;AACnB,CAAC,CAAC;AAEF,MAAME,WAAW,GAAGL,MAAC,CAACC,MAAM,CAAC;EAC3BK,IAAI,EAAEN,MAAC,CAACO,KAAK,CAACP,MAAC,CAACQ,KAAK,CAAC,CAACR,MAAC,CAACG,MAAM,CAAC,CAAC,EAAEH,MAAC,CAACS,MAAM,CAAC,CAAC,EAAET,MAAC,CAACU,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;EAC1DC,OAAO,EAAEX,MAAC,CAACO,KAAK,CAACR,aAAa;AAChC,CAAC,CAAC;AAEF,MAAMa,sBAAsB,GAAGZ,MAAC,CAACC,MAAM,CAAC;EACtCU,OAAO,EAAEX,MAAC,CAACO,KAAK,CACdP,MAAC,CAACC,MAAM,CAAC;IACPY,KAAK,EAAEb,MAAC,CAACG,MAAM,CAAC,CAAC;IACjBW,WAAW,EAAEd,MAAC,CAACG,MAAM,CAAC,CAAC;IACvBC,MAAM,EAAEJ,MAAC,CAACG,MAAM,CAAC;EACnB,CAAC,CACH;AACF,CAAC,CAAC;AAEF,MAAMY,gBAAgB,GAAGf,MAAC,CAACgB,YAAY,CACrChB,MAAC,CAACiB,kBAAkB,CAAC,QAAQ,EAAE,CAC7BjB,MAAC,CAACC,MAAM,CAAC;EAAEiB,MAAM,EAAElB,MAAC,CAACmB,OAAO,CAAC,WAAW,CAAC;EAAEC,GAAG,EAAEpB,MAAC,CAACG,MAAM,CAAC;AAAE,CAAC,CAAC,EAC7DH,MAAC,CAACC,MAAM,CAAC;EAAEiB,MAAM,EAAElB,MAAC,CAACmB,OAAO,CAAC,UAAU,CAAC;EAAEE,OAAO,EAAErB,MAAC,CAACG,MAAM,CAAC;AAAE,CAAC,CAAC,CACjE,CAAC,EACFH,MAAC,CAACC,MAAM,CAAC;EACPqB,KAAK,EAAEtB,MAAC,CAACG,MAAM,CAAC,CAAC;EACjBQ,OAAO,EAAEX,MAAC,CAACO,KAAK,CAACR,aAAa,CAAC;EAC/BwB,MAAM,EAAEvB,MAAC,CAACO,KAAK,CAACF,WAAW,CAAC;EAC5B;AACJ;AACA;EACImB,gBAAgB,EAAExB,MAAC,CAACG,MAAM,CAAC,CAAC,CAACsB,QAAQ,CAAC,CAAC;EACvC;AACJ;AACA;EACIC,yBAAyB,EAAE1B,MAAC,CACzB2B,MAAM,CAAC3B,MAAC,CAACG,MAAM,CAAC,CAAC,EAAES,sBAAsB,CAAC,CAC1Ca,QAAQ,CAAC;AACd,CAAC,CACH,CAAC;;AAED;AACA;AACA;;AAEO,MAAMG,YAAY,GAAG5B,MAAC,CAACC,MAAM,CAAC;EACnC4B,iBAAiB,EAAE7B,MAAC,CAACG,MAAM,CAAC,CAAC;EAC7B2B,qCAAqC,EAAE9B,MAAC,CAACG,MAAM,CAAC,CAAC;EACjD4B,sBAAsB,EAAE/B,MAAC,CAACG,MAAM,CAAC,CAAC;EAClC6B,cAAc,EAAEhC,MAAC,CAACG,MAAM,CAAC,CAAC;EAC1B8B,cAAc,EAAEjC,MAAC,CAACG,MAAM,CAAC,CAAC;EAC1B+B,yBAAyB,EAAElC,MAAC,CAACG,MAAM,CAAC,CAAC,CAACsB,QAAQ,CAAC,CAAC;EAChDU,mBAAmB,EAAEnC,MAAC,CAACG,MAAM,CAAC,CAAC;EAC/BiC,IAAI,EAAEpC,MAAC,CAACO,KAAK,CAAC8B,QAAG,CAAC;EAClBC,mCAAmC,EAAEtC,MAAC,CAAC2B,MAAM,CAAC3B,MAAC,CAACG,MAAM,CAAC,CAAC,EAAEY,gBAAgB,CAAC;EAC3EwB,iBAAiB,EAAEC,+BAAwB;EAC3CC,8BAA8B,EAAEzC,MAAC,CAACS,MAAM,CAAC,CAAC,CAACgB,QAAQ,CAAC,CAAC;EACrDiB,uCAAuC,EAAE1C,MAAC,CAACO,KAAK,CAACP,MAAC,CAACG,MAAM,CAAC,CAAC,CAAC,CAACsB,QAAQ,CAAC,CAAC;EACvE;AACF;AACA;EACEkB,wBAAwB,EAAE3C,MAAC,CAACO,KAAK,CAACP,MAAC,CAACG,MAAM,CAAC,CAAC,CAAC,CAACsB,QAAQ,CAAC;AACzD,CAAC,CAAC;AAACmB,OAAA,CAAAhB,YAAA,GAAAA,YAAA"}
package/lib/commonjs/credential/issuance/common/02-start-user-authorization.js CHANGED
@@ -4,6 +4,7 @@ Object.defineProperty(exports, "__esModule", {
4
4
  value: true
5
5
  });
6
6
  exports.selectResponseMode = exports.selectCredentialDefinition = void 0;
7
+ var _errors = require("../../../utils/errors");
7
8
  var _logging = require("../../../utils/logging");
8
9
  /**
9
10
  * Ensures that the credential type requested is supported by the issuer and contained in the
@@ -20,7 +21,7 @@ const selectCredentialDefinition = (issuerConf, credentialId) => {
20
21
  }));
21
22
  if (!result) {
22
23
  _logging.Logger.log(_logging.LogLevel.ERROR, `Requested credential ${credentialId} is not supported by the issuer according to its configuration ${JSON.stringify(credential_configurations_supported)}`);
23
- throw new Error(`No credential support the type '${credentialId}'`);
24
+ throw new _errors.IoWalletError(`No credential support the type '${credentialId}'`);
24
25
  }
25
26
  return result;
26
27
  };
@@ -40,14 +41,14 @@ const selectResponseMode = (issuerConf, credentialIds) => {
40
41
  }
41
42
  if (responseModeSet.size !== 1) {
42
43
  _logging.Logger.log(_logging.LogLevel.ERROR, `${credentialIds} have incompatible response_mode: ${[...responseModeSet.values()]}`);
43
- throw new Error("Requested credentials have incompatible response_mode and cannot be requested with the same PAR request");
44
+ throw new _errors.IoWalletError("Requested credentials have incompatible response_mode and cannot be requested with the same PAR request");
44
45
  }
45
46
  const [responseMode] = responseModeSet.values();
46
47
  _logging.Logger.log(_logging.LogLevel.DEBUG, `Selected response mode ${responseMode} for credential IDs ${credentialIds}`);
47
48
  const responseModeSupported = issuerConf.response_modes_supported;
48
49
  if (responseModeSupported && !responseModeSupported.includes(responseMode)) {
49
50
  _logging.Logger.log(_logging.LogLevel.ERROR, `Requested response mode ${responseMode} is not supported by the issuer according to its configuration ${JSON.stringify(responseModeSupported)}`);
50
- throw new Error(`No response mode support for IDs '${credentialIds}'`);
51
+ throw new _errors.IoWalletError(`No response mode support for IDs '${credentialIds}'`);
51
52
  }
52
53
  return responseMode;
53
54
  };
package/lib/commonjs/credential/issuance/common/02-start-user-authorization.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["_logging","require","selectCredentialDefinition","issuerConf","credentialId","credential_configurations_supported","result","Object","keys","filter","e","includes","map","credential_configuration_id","type","Logger","log","LogLevel","ERROR","JSON","stringify","Error","exports","selectResponseMode","credentialIds","responseModeSet","Set","add","match","size","values","responseMode","DEBUG","responseModeSupported","response_modes_supported"],"sourceRoot":"../../../../../src","sources":["credential/issuance/common/02-start-user-authorization.ts"],"mappings":";;;;;;AAAA,IAAAA,QAAA,GAAAC,OAAA;AAMA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMC,0BAA0B,GAAGA,CACxCC,UAAwB,EACxBC,YAAoB,KACI;EACxB,MAAMC,mCAAmC,GACvCF,UAAU,CAACE,mCAAmC;EAEhD,MAAM,CAACC,MAAM,CAAC,GAAGC,MAAM,CAACC,IAAI,CAACH,mCAAmC,CAAC,CAC9DI,MAAM,CAAEC,CAAC,IAAKA,CAAC,CAACC,QAAQ,CAACP,YAAY,CAAC,CAAC,CACvCQ,GAAG,CAAC,OAAO;IACVC,2BAA2B,EAAET,YAAY;IACzCU,IAAI,EAAE;EACR,CAAC,CAAC,CAAC;EAEL,IAAI,CAACR,MAAM,EAAE;IACXS,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACC,KAAK,EACb,wBAAuBd,YAAa,kEAAiEe,IAAI,CAACC,SAAS,CAACf,mCAAmC,CAAE,EAC5J,CAAC;IACD,MAAM,IAAIgB,KAAK,CAAE,mCAAkCjB,YAAa,GAAE,CAAC;EACrE;EACA,OAAOE,MAAM;AACf,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AANAgB,OAAA,CAAApB,0BAAA,GAAAA,0BAAA;AAOO,MAAMqB,kBAAkB,GAAGA,CAChCpB,UAAwB,EACxBqB,aAAuB,KACN;EACjB,MAAMC,eAAe,GAAG,IAAIC,GAAG,CAAe,CAAC;EAE/C,KAAK,MAAMtB,YAAY,IAAIoB,aAAa,EAAE;IACxCC,eAAe,CAACE,GAAG,CACjBvB,YAAY,CAACwB,KAAK,CAAC,2BAA2B,CAAC,GAC3C,OAAO,GACP,eACN,CAAC;EACH;EAEA,IAAIH,eAAe,CAACI,IAAI,KAAK,CAAC,EAAE;IAC9Bd,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACC,KAAK,EACb,GAAEM,aAAc,qCAAoC,CAAC,GAAGC,eAAe,CAACK,MAAM,CAAC,CAAC,CAAE,EACrF,CAAC;IACD,MAAM,IAAIT,KAAK,CACb,yGACF,CAAC;EACH;EAEA,MAAM,CAACU,YAAY,CAAC,GAAGN,eAAe,CAACK,MAAM,CAAC,CAAC;EAE/Cf,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACe,KAAK,EACb,0BAAyBD,YAAa,uBAAsBP,aAAc,EAC7E,CAAC;EAED,MAAMS,qBAAqB,GAAG9B,UAAU,CAAC+B,wBAAwB;EACjE,IAAID,qBAAqB,IAAI,CAACA,qBAAqB,CAACtB,QAAQ,CAACoB,YAAa,CAAC,EAAE;IAC3EhB,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACC,KAAK,EACb,2BAA0Ba,YAAa,kEAAiEZ,IAAI,CAACC,SAAS,CAACa,qBAAqB,CAAE,EACjJ,CAAC;IACD,MAAM,IAAIZ,KAAK,CAAE,qCAAoCG,aAAc,GAAE,CAAC;EACxE;EAEA,OAAOO,YAAY;AACrB,CAAC;AAACT,OAAA,CAAAC,kBAAA,GAAAA,kBAAA"}
1
+ {"version":3,"names":["_errors","require","_logging","selectCredentialDefinition","issuerConf","credentialId","credential_configurations_supported","result","Object","keys","filter","e","includes","map","credential_configuration_id","type","Logger","log","LogLevel","ERROR","JSON","stringify","IoWalletError","exports","selectResponseMode","credentialIds","responseModeSet","Set","add","match","size","values","responseMode","DEBUG","responseModeSupported","response_modes_supported"],"sourceRoot":"../../../../../src","sources":["credential/issuance/common/02-start-user-authorization.ts"],"mappings":";;;;;;AAAA,IAAAA,OAAA,GAAAC,OAAA;AACA,IAAAC,QAAA,GAAAD,OAAA;AAMA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAME,0BAA0B,GAAGA,CACxCC,UAAwB,EACxBC,YAAoB,KACI;EACxB,MAAMC,mCAAmC,GACvCF,UAAU,CAACE,mCAAmC;EAEhD,MAAM,CAACC,MAAM,CAAC,GAAGC,MAAM,CAACC,IAAI,CAACH,mCAAmC,CAAC,CAC9DI,MAAM,CAAEC,CAAC,IAAKA,CAAC,CAACC,QAAQ,CAACP,YAAY,CAAC,CAAC,CACvCQ,GAAG,CAAC,OAAO;IACVC,2BAA2B,EAAET,YAAY;IACzCU,IAAI,EAAE;EACR,CAAC,CAAC,CAAC;EAEL,IAAI,CAACR,MAAM,EAAE;IACXS,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACC,KAAK,EACb,wBAAuBd,YAAa,kEAAiEe,IAAI,CAACC,SAAS,CAACf,mCAAmC,CAAE,EAC5J,CAAC;IACD,MAAM,IAAIgB,qBAAa,CAAE,mCAAkCjB,YAAa,GAAE,CAAC;EAC7E;EACA,OAAOE,MAAM;AACf,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AANAgB,OAAA,CAAApB,0BAAA,GAAAA,0BAAA;AAOO,MAAMqB,kBAAkB,GAAGA,CAChCpB,UAAwB,EACxBqB,aAAuB,KACN;EACjB,MAAMC,eAAe,GAAG,IAAIC,GAAG,CAAe,CAAC;EAE/C,KAAK,MAAMtB,YAAY,IAAIoB,aAAa,EAAE;IACxCC,eAAe,CAACE,GAAG,CACjBvB,YAAY,CAACwB,KAAK,CAAC,2BAA2B,CAAC,GAC3C,OAAO,GACP,eACN,CAAC;EACH;EAEA,IAAIH,eAAe,CAACI,IAAI,KAAK,CAAC,EAAE;IAC9Bd,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACC,KAAK,EACb,GAAEM,aAAc,qCAAoC,CAAC,GAAGC,eAAe,CAACK,MAAM,CAAC,CAAC,CAAE,EACrF,CAAC;IACD,MAAM,IAAIT,qBAAa,CACrB,yGACF,CAAC;EACH;EAEA,MAAM,CAACU,YAAY,CAAC,GAAGN,eAAe,CAACK,MAAM,CAAC,CAAC;EAE/Cf,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACe,KAAK,EACb,0BAAyBD,YAAa,uBAAsBP,aAAc,EAC7E,CAAC;EAED,MAAMS,qBAAqB,GAAG9B,UAAU,CAAC+B,wBAAwB;EACjE,IAAID,qBAAqB,IAAI,CAACA,qBAAqB,CAACtB,QAAQ,CAACoB,YAAa,CAAC,EAAE;IAC3EhB,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACC,KAAK,EACb,2BAA0Ba,YAAa,kEAAiEZ,IAAI,CAACC,SAAS,CAACa,qBAAqB,CAAE,EACjJ,CAAC;IACD,MAAM,IAAIZ,qBAAa,CACpB,qCAAoCG,aAAc,GACrD,CAAC;EACH;EAEA,OAAOO,YAAY;AACrB,CAAC;AAACT,OAAA,CAAAC,kBAAA,GAAAA,kBAAA"}
package/lib/commonjs/credential/issuance/common/06-verify-and-parse-credential.sdjwt.js CHANGED
@@ -12,6 +12,8 @@ var _errors = require("../../../utils/errors");
12
12
  var _logging = require("../../../utils/logging");
13
13
  var _jwk = require("../../../utils/jwk");
14
14
  var _credentials = require("../../../utils/credentials");
15
+ var _x = require("../../../utils/x509");
16
+ var _errors2 = require("../../../trust/common/errors");
15
17
  /**
16
18
  * Parse a Sd-Jwt credential according to the issuer configuration
17
19
  * @param credentialConfig - the list of supported credentials, as defined in the issuer configuration with their claims metadata
@@ -117,6 +119,24 @@ const parseCredentialSdJwt = function (credentialConfig, parsedCredentialRaw) {
117
119
  };
118
120
  return processLevel(parsedCredentialRaw, []);
119
121
  };
122
+ /**
123
+ * JWT verifier implementing the interface expected by the SD-JWT library.
124
+ * Verification is delegated to `io-react-native-jwt` to leverage its support for multiple algorithms.
125
+ * @returns Boolean indicating whether the verification succeeded or not
126
+ */
127
+ const sdJwtInstanceVerifier = async (data, signature, options) => {
128
+ if (!(options !== null && options !== void 0 && options.issuerKeys)) {
129
+ return false;
130
+ }
131
+ try {
132
+ await (0, _ioReactNativeJwt.verify)(`${data}.${signature}`, options.issuerKeys, {
133
+ clockTolerance: options.skewSeconds
134
+ });
135
+ return true;
136
+ } catch {
137
+ return false;
138
+ }
139
+ };
120
140
 
121
141
  /**
122
142
  * Given a credential, verify it's in the supported format
@@ -134,15 +154,14 @@ const parseCredentialSdJwt = function (credentialConfig, parsedCredentialRaw) {
134
154
  *
135
155
  */
136
156
  async function verifyCredentialSdJwt(rawCredential, issuerKeys, holderBindingContext) {
137
- const {
138
- protectedHeader
139
- } = (0, _ioReactNativeJwt.decode)(rawCredential);
140
- const verifierJwk = (0, _ioReactNativeJwt.getJwkFromHeader)(protectedHeader, issuerKeys);
141
157
  const sdJwtInstance = new _core.SDJwtInstance({
142
158
  hasher: _cryptoNodejs.digest,
143
- verifier: await _cryptoNodejs.ES256.getVerifier(verifierJwk)
159
+ verifier: sdJwtInstanceVerifier
144
160
  });
145
- const [verifiedCredential, holderBindingKey] = await Promise.all([sdJwtInstance.verify(rawCredential), holderBindingContext.getPublicKey()]);
161
+ const [verifiedCredential, holderBindingKey] = await Promise.all([sdJwtInstance.verify(rawCredential, {
162
+ issuerKeys,
163
+ skewSeconds: 30
164
+ }), holderBindingContext.getPublicKey()]);
146
165
  const {
147
166
  cnf
148
167
  } = verifiedCredential.payload;
@@ -153,14 +172,26 @@ async function verifyCredentialSdJwt(rawCredential, issuerKeys, holderBindingCon
153
172
  }
154
173
  return await sdJwtInstance.decode((0, _credentials.fixLegacyCredentialSdJwt)(rawCredential));
155
174
  }
156
- const verifyAndParseCredentialSdJwt = async (issuerConf, credential, credentialConfigurationId, _ref) => {
175
+ const verifyAndParseCredentialSdJwt = async (issuerConf, credential, credentialConfigurationId, _ref, x509CertRoot) => {
157
176
  let {
158
177
  credentialCryptoContext,
159
178
  ignoreMissingAttributes,
160
- includeUndefinedAttributes
179
+ includeUndefinedAttributes,
180
+ validateCertificateChain
161
181
  } = _ref;
162
182
  const decoded = await verifyCredentialSdJwt(credential, issuerConf.keys, credentialCryptoContext);
163
183
  _logging.Logger.log(_logging.LogLevel.DEBUG, `Decoded credential: ${JSON.stringify(decoded)}`);
184
+ if (validateCertificateChain) {
185
+ var _decoded$jwt;
186
+ if (!x509CertRoot) {
187
+ throw new _errors.IoWalletError("Missing x509CertRoot");
188
+ }
189
+ const x5c = (_decoded$jwt = decoded.jwt) === null || _decoded$jwt === void 0 || (_decoded$jwt = _decoded$jwt.header) === null || _decoded$jwt === void 0 ? void 0 : _decoded$jwt.x5c;
190
+ if (!x5c || !Array.isArray(x5c) || x5c.length === 0) {
191
+ throw new _errors2.MissingX509CertsError("Missing x509 certificates");
192
+ }
193
+ await (0, _x.verifyX509Chain)(x5c, x509CertRoot);
194
+ }
164
195
  const credentialConfig = issuerConf.credential_configurations_supported[credentialConfigurationId];
165
196
  if (!credentialConfig) {
166
197
  _logging.Logger.log(_logging.LogLevel.ERROR, `Credential type not supported by the issuer: ${credentialConfigurationId}`);
package/lib/commonjs/credential/issuance/common/06-verify-and-parse-credential.sdjwt.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["_ioReactNativeJwt","require","_core","_cryptoNodejs","_parser","_errors","_logging","_jwk","_credentials","parseCredentialSdJwt","credentialConfig","parsedCredentialRaw","ignoreMissingAttributes","arguments","length","undefined","includeUndefinedAttributes","claimsMetadata","claims","missingPaths","rootKeysToVerify","Set","map","c","path","filter","p","rootKey","push","missing","join","received","Object","keys","IoWalletError","getDisplayNames","match","find","isPathEqual","nameMap","entry","display","locale","name","processLevel","currentData","currentPath","Array","isArray","item","dataObj","result","processedKeys","configKeysAtThisLevel","claim","isPrefixOf","nextPart","includes","key","stringKey","toString","dataValue","newPath","localizedNames","value","add","entries","has","verifyCredentialSdJwt","rawCredential","issuerKeys","holderBindingContext","protectedHeader","decode","verifierJwk","getJwkFromHeader","sdJwtInstance","SDJwtInstance","hasher","digest","verifier","ES256","getVerifier","verifiedCredential","holderBindingKey","Promise","all","verify","getPublicKey","cnf","payload","isSameThumbprint","jwk","message","kid","Logger","log","LogLevel","ERROR","fixLegacyCredentialSdJwt","verifyAndParseCredentialSdJwt","issuerConf","credential","credentialConfigurationId","_ref","credentialCryptoContext","decoded","DEBUG","JSON","stringify","credential_configurations_supported","getClaims","parsedCredential","issuedAt","iat","Date","exp","expiration","exports"],"sourceRoot":"../../../../../src","sources":["credential/issuance/common/06-verify-and-parse-credential.sdjwt.ts"],"mappings":";;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AAKA,IAAAC,KAAA,GAAAD,OAAA;AACA,IAAAE,aAAA,GAAAF,OAAA;AACA,IAAAG,OAAA,GAAAH,OAAA;AACA,IAAAI,OAAA,GAAAJ,OAAA;AACA,IAAAK,QAAA,GAAAL,OAAA;AACA,IAAAM,IAAA,GAAAN,OAAA;AAEA,IAAAO,YAAA,GAAAP,OAAA;AAMA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMQ,oBAAoB,GAAG,SAAAA,CAC3BC,gBAAgC,EAChCC,mBAA4C,EAGvB;EAAA,IAFrBC,uBAAgC,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,KAAK;EAAA,IACxCG,0BAAmC,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,KAAK;EAE3C,MAAMI,cAAc,GAAGP,gBAAgB,CAACQ,MAAM,IAAI,EAAE;;EAEpD;EACA,IAAI,CAACN,uBAAuB,EAAE;IAC5B,MAAMO,YAAsB,GAAG,EAAE;IACjC,MAAMC,gBAAgB,GAAG,IAAIC,GAAG,CAC9BJ,cAAc,CACXK,GAAG,CAAEC,CAAC,IAAKA,CAAC,CAACC,IAAI,CAAC,CAAC,CAAC,CAAC,CACrBC,MAAM,CAAEC,CAAC,IAAkB,OAAOA,CAAC,KAAK,QAAQ,CACrD,CAAC;IAED,KAAK,MAAMC,OAAO,IAAIP,gBAAgB,EAAE;MACtC,IAAI,EAAEO,OAAO,IAAIhB,mBAAmB,CAAC,EAAE;QACrCQ,YAAY,CAACS,IAAI,CAACD,OAAO,CAAC;MAC5B;IACF;IAEA,IAAIR,YAAY,CAACL,MAAM,GAAG,CAAC,EAAE;MAC3B,MAAMe,OAAO,GAAGV,YAAY,CAACW,IAAI,CAAC,IAAI,CAAC;MACvC,MAAMC,QAAQ,GAAGC,MAAM,CAACC,IAAI,CAACtB,mBAAmB,CAAC,CAACmB,IAAI,CAAC,IAAI,CAAC;MAC5D,MAAM,IAAII,qBAAa,CACpB,4DAA2DL,OAAQ,iBAAgBE,QAAS,GAC/F,CAAC;IACH;EACF;;EAEA;AACF;AACA;EACE,MAAMI,eAAe,GACnBX,IAAgC,IACO;IACvC,MAAMY,KAAK,GAAGnB,cAAc,CAACoB,IAAI,CAAEd,CAAC,IAAK,IAAAe,mBAAW,EAACf,CAAC,CAACC,IAAI,EAAEA,IAAI,CAAC,CAAC;IACnE,IAAI,CAACY,KAAK,EAAE,OAAOrB,SAAS;IAE5B,MAAMwB,OAA+B,GAAG,CAAC,CAAC;IAC1C,KAAK,MAAMC,KAAK,IAAIJ,KAAK,CAACK,OAAO,EAAE;MACjCF,OAAO,CAACC,KAAK,CAACE,MAAM,CAAC,GAAGF,KAAK,CAACG,IAAI;IACpC;IACA,OAAOJ,OAAO;EAChB,CAAC;;EAED;AACF;AACA;EACE,MAAMK,YAAY,GAAGA,CACnBC,WAAoB,EACpBC,WAAuC,KAC3B;IACZ;IACA,IAAIC,KAAK,CAACC,OAAO,CAACH,WAAW,CAAC,EAAE;MAC9B,OAAOA,WAAW,CAACvB,GAAG,CAAE2B,IAAI,IAC1BL,YAAY,CAACK,IAAI,EAAE,CAAC,GAAGH,WAAW,EAAE,IAAI,CAAC,CAC3C,CAAC;IACH;;IAEA;IACA,IAAI,OAAOD,WAAW,KAAK,QAAQ,IAAIA,WAAW,KAAK,IAAI,EAAE;MAC3D,OAAOA,WAAW;IACpB;IAEA,MAAMK,OAAO,GAAGL,WAAsC;IACtD,MAAMM,MAAwB,GAAG,CAAC,CAAC;IACnC,MAAMC,aAAa,GAAG,IAAI/B,GAAG,CAAkB,CAAC;;IAEhD;IACA,MAAMgC,qBAA0C,GAAG,EAAE;IACrD,KAAK,MAAMC,KAAK,IAAIrC,cAAc,EAAE;MAClC;MACA,IAAI,IAAAsC,kBAAU,EAACT,WAAW,EAAEQ,KAAK,CAAC9B,IAAI,CAAC,EAAE;QACvC,MAAMgC,QAAQ,GAAGF,KAAK,CAAC9B,IAAI,CAACsB,WAAW,CAAChC,MAAM,CAAC;QAC/C,IACE,CAAC,OAAO0C,QAAQ,KAAK,QAAQ,IAAI,OAAOA,QAAQ,KAAK,QAAQ,KAC7D,CAACH,qBAAqB,CAACI,QAAQ,CAACD,QAAQ,CAAC,EACzC;UACAH,qBAAqB,CAACzB,IAAI,CAAC4B,QAAQ,CAAC;QACtC;MACF;IACF;;IAEA;IACA,KAAK,MAAME,GAAG,IAAIL,qBAAqB,EAAE;MACvC,MAAMM,SAAS,GAAGD,GAAG,CAACE,QAAQ,CAAC,CAAC;MAChC,MAAMC,SAAS,GAAGX,OAAO,CAACS,SAAS,CAAC;MACpC,IAAIE,SAAS,KAAK9C,SAAS,EAAE;MAE7B,MAAM+C,OAAO,GAAG,CAAC,GAAGhB,WAAW,EAAEY,GAAG,CAAC;MAErC,IAAIK,cAAc,GAAG5B,eAAe,CAAC2B,OAAO,CAAC;;MAE7C;MACA,IAAI,CAACC,cAAc,IAAIhB,KAAK,CAACC,OAAO,CAACa,SAAS,CAAC,EAAE;QAC/CE,cAAc,GAAG5B,eAAe,CAAC,CAAC,GAAG2B,OAAO,EAAE,IAAI,CAAC,CAAC;MACtD;MAEAX,MAAM,CAACQ,SAAS,CAAC,GAAG;QAClBhB,IAAI,EAAEoB,cAAc,IAAIJ,SAAS;QACjCK,KAAK,EAAEpB,YAAY,CAACiB,SAAS,EAAEC,OAAO;MACxC,CAAC;MAEDV,aAAa,CAACa,GAAG,CAACP,GAAG,CAAC;IACxB;;IAEA;IACA,IAAI1C,0BAA0B,EAAE;MAC9B,KAAK,MAAM,CAAC0C,GAAG,EAAEM,KAAK,CAAC,IAAIhC,MAAM,CAACkC,OAAO,CAAChB,OAAO,CAAC,EAAE;QAClD,IAAI,CAACE,aAAa,CAACe,GAAG,CAACT,GAAG,CAAC,EAAE;UAC3BP,MAAM,CAACO,GAAG,CAAC,GAAG;YACZf,IAAI,EAAEe,GAAG;YACTM,KAAK,EAAEA;UACT,CAAC;QACH;MACF;IACF;IAEA,OAAOb,MAAM;EACf,CAAC;EAED,OAAOP,YAAY,CAACjC,mBAAmB,EAAE,EAAE,CAAC;AAC9C,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,eAAeyD,qBAAqBA,CAClCC,aAAqB,EACrBC,UAAiB,EACjBC,oBAAmC,EACnB;EAChB,MAAM;IAAEC;EAAgB,CAAC,GAAG,IAAAC,wBAAM,EAACJ,aAAa,CAAC;EACjD,MAAMK,WAAW,GAAG,IAAAC,kCAAgB,EAACH,eAAe,EAAEF,UAAU,CAAC;EAEjE,MAAMM,aAAa,GAAG,IAAIC,mBAAa,CAAC;IACtCC,MAAM,EAAEC,oBAAM;IACdC,QAAQ,EAAE,MAAMC,mBAAK,CAACC,WAAW,CAACR,WAAW;EAC/C,CAAC,CAAC;EAEF,MAAM,CAACS,kBAAkB,EAAEC,gBAAgB,CAAC,GAAG,MAAMC,OAAO,CAACC,GAAG,CAAC,CAC/DV,aAAa,CAACW,MAAM,CAAClB,aAAa,CAAC,EACnCE,oBAAoB,CAACiB,YAAY,CAAC,CAAC,CACpC,CAAC;EAEF,MAAM;IAAEC;EAAI,CAAC,GAAGN,kBAAkB,CAACO,OAAkC;EACrE,IAAI,EAAE,MAAM,IAAAC,qBAAgB,EAACF,GAAG,CAACG,GAAG,EAAER,gBAAuB,CAAC,CAAC,EAAE;IAC/D,MAAMS,OAAO,GAAI,kDAAiDT,gBAAgB,CAACU,GAAI,UAASL,GAAG,CAACG,GAAG,CAACE,GAAI,EAAC;IAC7GC,eAAM,CAACC,GAAG,CAACC,iBAAQ,CAACC,KAAK,EAAEL,OAAO,CAAC;IACnC,MAAM,IAAI3D,qBAAa,CAAC2D,OAAO,CAAC;EAClC;EAEA,OAAO,MAAMjB,aAAa,CAACH,MAAM,CAAC,IAAA0B,qCAAwB,EAAC9B,aAAa,CAAC,CAAC;AAC5E;AAEO,MAAM+B,6BAAsE,GACjF,MAAAA,CACEC,UAAU,EACVC,UAAU,EACVC,yBAAyB,EAAAC,IAAA,KAMtB;EAAA,IALH;IACEC,uBAAuB;IACvB7F,uBAAuB;IACvBI;EACF,CAAC,GAAAwF,IAAA;EAED,MAAME,OAAO,GAAG,MAAMtC,qBAAqB,CACzCkC,UAAU,EACVD,UAAU,CAACpE,IAAI,EACfwE,uBACF,CAAC;EAEDV,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACU,KAAK,EACb,uBAAsBC,IAAI,CAACC,SAAS,CAACH,OAAO,CAAE,EACjD,CAAC;EAED,MAAMhG,gBAAgB,GACpB2F,UAAU,CAACS,mCAAmC,CAACP,yBAAyB,CAAC;EAE3E,IAAI,CAAC7F,gBAAgB,EAAE;IACrBqF,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACC,KAAK,EACb,gDAA+CK,yBAA0B,EAC5E,CAAC;IACD,MAAM,IAAIrE,qBAAa,CAAC,6CAA6C,CAAC;EACxE;EAEA,MAAMvB,mBAAmB,GAAI,MAAM+F,OAAO,CAACK,SAAS,CAAChC,oBAAM,CAG1D;EAED,MAAMiC,gBAAgB,GAAGvG,oBAAoB,CAC3CC,gBAAgB,EAChBC,mBAAmB,EACnBC,uBAAuB,EACvBI,0BACF,CAAC;EAED,MAAMiG,QAAQ,GACZ,OAAOtG,mBAAmB,CAACuG,GAAG,KAAK,QAAQ,GACvC,IAAIC,IAAI,CAACxG,mBAAmB,CAACuG,GAAG,GAAG,IAAI,CAAC,GACxCnG,SAAS;EAEf,IAAI,OAAOJ,mBAAmB,CAACyG,GAAG,KAAK,QAAQ,EAAE;IAC/C,MAAM,IAAIlF,qBAAa,CAAC,2CAA2C,CAAC;EACtE;EACA,MAAMmF,UAAU,GAAG,IAAIF,IAAI,CAACxG,mBAAmB,CAACyG,GAAG,GAAG,IAAI,CAAC;EAE3DrB,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACU,KAAK,EACb,sBAAqBC,IAAI,CAACC,SAAS,CAACG,gBAAgB,CAAE,gBAAeC,QAAS,EACjF,CAAC;EAED,OAAO;IACLD,gBAAgB;IAChBK,UAAU;IACVJ;EACF,CAAC;AACH,CAAC;AAACK,OAAA,CAAAlB,6BAAA,GAAAA,6BAAA"}
1
+ {"version":3,"names":["_ioReactNativeJwt","require","_core","_cryptoNodejs","_parser","_errors","_logging","_jwk","_credentials","_x","_errors2","parseCredentialSdJwt","credentialConfig","parsedCredentialRaw","ignoreMissingAttributes","arguments","length","undefined","includeUndefinedAttributes","claimsMetadata","claims","missingPaths","rootKeysToVerify","Set","map","c","path","filter","p","rootKey","push","missing","join","received","Object","keys","IoWalletError","getDisplayNames","match","find","isPathEqual","nameMap","entry","display","locale","name","processLevel","currentData","currentPath","Array","isArray","item","dataObj","result","processedKeys","configKeysAtThisLevel","claim","isPrefixOf","nextPart","includes","key","stringKey","toString","dataValue","newPath","localizedNames","value","add","entries","has","sdJwtInstanceVerifier","data","signature","options","issuerKeys","verifyJwt","clockTolerance","skewSeconds","verifyCredentialSdJwt","rawCredential","holderBindingContext","sdJwtInstance","SDJwtInstance","hasher","digest","verifier","verifiedCredential","holderBindingKey","Promise","all","verify","getPublicKey","cnf","payload","isSameThumbprint","jwk","message","kid","Logger","log","LogLevel","ERROR","decode","fixLegacyCredentialSdJwt","verifyAndParseCredentialSdJwt","issuerConf","credential","credentialConfigurationId","_ref","x509CertRoot","credentialCryptoContext","validateCertificateChain","decoded","DEBUG","JSON","stringify","_decoded$jwt","x5c","jwt","header","MissingX509CertsError","verifyX509Chain","credential_configurations_supported","getClaims","parsedCredential","issuedAt","iat","Date","exp","expiration","exports"],"sourceRoot":"../../../../../src","sources":["credential/issuance/common/06-verify-and-parse-credential.sdjwt.ts"],"mappings":";;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AAIA,IAAAC,KAAA,GAAAD,OAAA;AACA,IAAAE,aAAA,GAAAF,OAAA;AAEA,IAAAG,OAAA,GAAAH,OAAA;AACA,IAAAI,OAAA,GAAAJ,OAAA;AACA,IAAAK,QAAA,GAAAL,OAAA;AACA,IAAAM,IAAA,GAAAN,OAAA;AAEA,IAAAO,YAAA,GAAAP,OAAA;AACA,IAAAQ,EAAA,GAAAR,OAAA;AACA,IAAAS,QAAA,GAAAT,OAAA;AAMA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMU,oBAAoB,GAAG,SAAAA,CAC3BC,gBAAgC,EAChCC,mBAA4C,EAGvB;EAAA,IAFrBC,uBAAgC,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,KAAK;EAAA,IACxCG,0BAAmC,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,KAAK;EAE3C,MAAMI,cAAc,GAAGP,gBAAgB,CAACQ,MAAM,IAAI,EAAE;;EAEpD;EACA,IAAI,CAACN,uBAAuB,EAAE;IAC5B,MAAMO,YAAsB,GAAG,EAAE;IACjC,MAAMC,gBAAgB,GAAG,IAAIC,GAAG,CAC9BJ,cAAc,CACXK,GAAG,CAAEC,CAAC,IAAKA,CAAC,CAACC,IAAI,CAAC,CAAC,CAAC,CAAC,CACrBC,MAAM,CAAEC,CAAC,IAAkB,OAAOA,CAAC,KAAK,QAAQ,CACrD,CAAC;IAED,KAAK,MAAMC,OAAO,IAAIP,gBAAgB,EAAE;MACtC,IAAI,EAAEO,OAAO,IAAIhB,mBAAmB,CAAC,EAAE;QACrCQ,YAAY,CAACS,IAAI,CAACD,OAAO,CAAC;MAC5B;IACF;IAEA,IAAIR,YAAY,CAACL,MAAM,GAAG,CAAC,EAAE;MAC3B,MAAMe,OAAO,GAAGV,YAAY,CAACW,IAAI,CAAC,IAAI,CAAC;MACvC,MAAMC,QAAQ,GAAGC,MAAM,CAACC,IAAI,CAACtB,mBAAmB,CAAC,CAACmB,IAAI,CAAC,IAAI,CAAC;MAC5D,MAAM,IAAII,qBAAa,CACpB,4DAA2DL,OAAQ,iBAAgBE,QAAS,GAC/F,CAAC;IACH;EACF;;EAEA;AACF;AACA;EACE,MAAMI,eAAe,GACnBX,IAAgC,IACO;IACvC,MAAMY,KAAK,GAAGnB,cAAc,CAACoB,IAAI,CAAEd,CAAC,IAAK,IAAAe,mBAAW,EAACf,CAAC,CAACC,IAAI,EAAEA,IAAI,CAAC,CAAC;IACnE,IAAI,CAACY,KAAK,EAAE,OAAOrB,SAAS;IAE5B,MAAMwB,OAA+B,GAAG,CAAC,CAAC;IAC1C,KAAK,MAAMC,KAAK,IAAIJ,KAAK,CAACK,OAAO,EAAE;MACjCF,OAAO,CAACC,KAAK,CAACE,MAAM,CAAC,GAAGF,KAAK,CAACG,IAAI;IACpC;IACA,OAAOJ,OAAO;EAChB,CAAC;;EAED;AACF;AACA;EACE,MAAMK,YAAY,GAAGA,CACnBC,WAAoB,EACpBC,WAAuC,KAC3B;IACZ;IACA,IAAIC,KAAK,CAACC,OAAO,CAACH,WAAW,CAAC,EAAE;MAC9B,OAAOA,WAAW,CAACvB,GAAG,CAAE2B,IAAI,IAC1BL,YAAY,CAACK,IAAI,EAAE,CAAC,GAAGH,WAAW,EAAE,IAAI,CAAC,CAC3C,CAAC;IACH;;IAEA;IACA,IAAI,OAAOD,WAAW,KAAK,QAAQ,IAAIA,WAAW,KAAK,IAAI,EAAE;MAC3D,OAAOA,WAAW;IACpB;IAEA,MAAMK,OAAO,GAAGL,WAAsC;IACtD,MAAMM,MAAwB,GAAG,CAAC,CAAC;IACnC,MAAMC,aAAa,GAAG,IAAI/B,GAAG,CAAkB,CAAC;;IAEhD;IACA,MAAMgC,qBAA0C,GAAG,EAAE;IACrD,KAAK,MAAMC,KAAK,IAAIrC,cAAc,EAAE;MAClC;MACA,IAAI,IAAAsC,kBAAU,EAACT,WAAW,EAAEQ,KAAK,CAAC9B,IAAI,CAAC,EAAE;QACvC,MAAMgC,QAAQ,GAAGF,KAAK,CAAC9B,IAAI,CAACsB,WAAW,CAAChC,MAAM,CAAC;QAC/C,IACE,CAAC,OAAO0C,QAAQ,KAAK,QAAQ,IAAI,OAAOA,QAAQ,KAAK,QAAQ,KAC7D,CAACH,qBAAqB,CAACI,QAAQ,CAACD,QAAQ,CAAC,EACzC;UACAH,qBAAqB,CAACzB,IAAI,CAAC4B,QAAQ,CAAC;QACtC;MACF;IACF;;IAEA;IACA,KAAK,MAAME,GAAG,IAAIL,qBAAqB,EAAE;MACvC,MAAMM,SAAS,GAAGD,GAAG,CAACE,QAAQ,CAAC,CAAC;MAChC,MAAMC,SAAS,GAAGX,OAAO,CAACS,SAAS,CAAC;MACpC,IAAIE,SAAS,KAAK9C,SAAS,EAAE;MAE7B,MAAM+C,OAAO,GAAG,CAAC,GAAGhB,WAAW,EAAEY,GAAG,CAAC;MAErC,IAAIK,cAAc,GAAG5B,eAAe,CAAC2B,OAAO,CAAC;;MAE7C;MACA,IAAI,CAACC,cAAc,IAAIhB,KAAK,CAACC,OAAO,CAACa,SAAS,CAAC,EAAE;QAC/CE,cAAc,GAAG5B,eAAe,CAAC,CAAC,GAAG2B,OAAO,EAAE,IAAI,CAAC,CAAC;MACtD;MAEAX,MAAM,CAACQ,SAAS,CAAC,GAAG;QAClBhB,IAAI,EAAEoB,cAAc,IAAIJ,SAAS;QACjCK,KAAK,EAAEpB,YAAY,CAACiB,SAAS,EAAEC,OAAO;MACxC,CAAC;MAEDV,aAAa,CAACa,GAAG,CAACP,GAAG,CAAC;IACxB;;IAEA;IACA,IAAI1C,0BAA0B,EAAE;MAC9B,KAAK,MAAM,CAAC0C,GAAG,EAAEM,KAAK,CAAC,IAAIhC,MAAM,CAACkC,OAAO,CAAChB,OAAO,CAAC,EAAE;QAClD,IAAI,CAACE,aAAa,CAACe,GAAG,CAACT,GAAG,CAAC,EAAE;UAC3BP,MAAM,CAACO,GAAG,CAAC,GAAG;YACZf,IAAI,EAAEe,GAAG;YACTM,KAAK,EAAEA;UACT,CAAC;QACH;MACF;IACF;IAEA,OAAOb,MAAM;EACf,CAAC;EAED,OAAOP,YAAY,CAACjC,mBAAmB,EAAE,EAAE,CAAC;AAC9C,CAAC;AAID;AACA;AACA;AACA;AACA;AACA,MAAMyD,qBAA4C,GAAG,MAAAA,CACnDC,IAAI,EACJC,SAAS,EACTC,OAAO,KACJ;EACH,IAAI,EAACA,OAAO,aAAPA,OAAO,eAAPA,OAAO,CAAEC,UAAU,GAAE;IACxB,OAAO,KAAK;EACd;EACA,IAAI;IACF,MAAM,IAAAC,wBAAS,EAAE,GAAEJ,IAAK,IAAGC,SAAU,EAAC,EAAEC,OAAO,CAACC,UAAU,EAAE;MAC1DE,cAAc,EAAEH,OAAO,CAACI;IAC1B,CAAC,CAAC;IACF,OAAO,IAAI;EACb,CAAC,CAAC,MAAM;IACN,OAAO,KAAK;EACd;AACF,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,eAAeC,qBAAqBA,CAClCC,aAAqB,EACrBL,UAAiB,EACjBM,oBAAmC,EACnB;EAChB,MAAMC,aAAa,GAAG,IAAIC,mBAAa,CAAC;IACtCC,MAAM,EAAEC,oBAAM;IACdC,QAAQ,EAAEf;EACZ,CAAC,CAAC;EAEF,MAAM,CAACgB,kBAAkB,EAAEC,gBAAgB,CAAC,GAAG,MAAMC,OAAO,CAACC,GAAG,CAAC,CAC/DR,aAAa,CAACS,MAAM,CAACX,aAAa,EAAE;IAAEL,UAAU;IAAEG,WAAW,EAAE;EAAG,CAAC,CAAC,EACpEG,oBAAoB,CAACW,YAAY,CAAC,CAAC,CACpC,CAAC;EAEF,MAAM;IAAEC;EAAI,CAAC,GAAGN,kBAAkB,CAACO,OAAkC;EACrE,IAAI,EAAE,MAAM,IAAAC,qBAAgB,EAACF,GAAG,CAACG,GAAG,EAAER,gBAAuB,CAAC,CAAC,EAAE;IAC/D,MAAMS,OAAO,GAAI,kDAAiDT,gBAAgB,CAACU,GAAI,UAASL,GAAG,CAACG,GAAG,CAACE,GAAI,EAAC;IAC7GC,eAAM,CAACC,GAAG,CAACC,iBAAQ,CAACC,KAAK,EAAEL,OAAO,CAAC;IACnC,MAAM,IAAI5D,qBAAa,CAAC4D,OAAO,CAAC;EAClC;EAEA,OAAO,MAAMf,aAAa,CAACqB,MAAM,CAAC,IAAAC,qCAAwB,EAACxB,aAAa,CAAC,CAAC;AAC5E;AAEO,MAAMyB,6BAAsE,GACjF,MAAAA,CACEC,UAAU,EACVC,UAAU,EACVC,yBAAyB,EAAAC,IAAA,EAOzBC,YAAY,KACT;EAAA,IAPH;IACEC,uBAAuB;IACvBhG,uBAAuB;IACvBI,0BAA0B;IAC1B6F;EACF,CAAC,GAAAH,IAAA;EAGD,MAAMI,OAAO,GAAG,MAAMlC,qBAAqB,CACzC4B,UAAU,EACVD,UAAU,CAACtE,IAAI,EACf2E,uBACF,CAAC;EAEDZ,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACa,KAAK,EACb,uBAAsBC,IAAI,CAACC,SAAS,CAACH,OAAO,CAAE,EACjD,CAAC;EAED,IAAID,wBAAwB,EAAE;IAAA,IAAAK,YAAA;IAC5B,IAAI,CAACP,YAAY,EAAE;MACjB,MAAM,IAAIzE,qBAAa,CAAC,sBAAsB,CAAC;IACjD;IACA,MAAMiF,GAAG,IAAAD,YAAA,GAAGJ,OAAO,CAACM,GAAG,cAAAF,YAAA,gBAAAA,YAAA,GAAXA,YAAA,CAAaG,MAAM,cAAAH,YAAA,uBAAnBA,YAAA,CAAqBC,GAA2B;IAC5D,IAAI,CAACA,GAAG,IAAI,CAACpE,KAAK,CAACC,OAAO,CAACmE,GAAG,CAAC,IAAIA,GAAG,CAACrG,MAAM,KAAK,CAAC,EAAE;MACnD,MAAM,IAAIwG,8BAAqB,CAAC,2BAA2B,CAAC;IAC9D;IACA,MAAM,IAAAC,kBAAe,EAACJ,GAAG,EAAER,YAAY,CAAC;EAC1C;EAEA,MAAMjG,gBAAgB,GACpB6F,UAAU,CAACiB,mCAAmC,CAACf,yBAAyB,CAAC;EAE3E,IAAI,CAAC/F,gBAAgB,EAAE;IACrBsF,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACC,KAAK,EACb,gDAA+CM,yBAA0B,EAC5E,CAAC;IACD,MAAM,IAAIvE,qBAAa,CAAC,6CAA6C,CAAC;EACxE;EAEA,MAAMvB,mBAAmB,GAAI,MAAMmG,OAAO,CAACW,SAAS,CAACvC,oBAAM,CAG1D;EAED,MAAMwC,gBAAgB,GAAGjH,oBAAoB,CAC3CC,gBAAgB,EAChBC,mBAAmB,EACnBC,uBAAuB,EACvBI,0BACF,CAAC;EAED,MAAM2G,QAAQ,GACZ,OAAOhH,mBAAmB,CAACiH,GAAG,KAAK,QAAQ,GACvC,IAAIC,IAAI,CAAClH,mBAAmB,CAACiH,GAAG,GAAG,IAAI,CAAC,GACxC7G,SAAS;EAEf,IAAI,OAAOJ,mBAAmB,CAACmH,GAAG,KAAK,QAAQ,EAAE;IAC/C,MAAM,IAAI5F,qBAAa,CAAC,2CAA2C,CAAC;EACtE;EACA,MAAM6F,UAAU,GAAG,IAAIF,IAAI,CAAClH,mBAAmB,CAACmH,GAAG,GAAG,IAAI,CAAC;EAE3D9B,eAAM,CAACC,GAAG,CACRC,iBAAQ,CAACa,KAAK,EACb,sBAAqBC,IAAI,CAACC,SAAS,CAACS,gBAAgB,CAAE,gBAAeC,QAAS,EACjF,CAAC;EAED,OAAO;IACLD,gBAAgB;IAChBK,UAAU;IACVJ;EACF,CAAC;AACH,CAAC;AAACK,OAAA,CAAA1B,6BAAA,GAAAA,6BAAA"}
package/lib/commonjs/credential/issuance/mrtd-pop/02-init-challenge.js CHANGED
@@ -3,50 +3,58 @@
3
3
  Object.defineProperty(exports, "__esModule", {
4
4
  value: true
5
5
  });
6
- exports.initChallenge = void 0;
7
- var _uuid = require("uuid");
6
+ exports.createInitChallenge = createInitChallenge;
8
7
  var _ioWalletOauth = require("@pagopa/io-wallet-oauth2");
9
8
  var _ioWalletUtils = require("@pagopa/io-wallet-utils");
10
- var _pop = require("../../../utils/pop");
11
9
  var _logging = require("../../../utils/logging");
12
- var WalletInstanceAttestation = _interopRequireWildcard(require("../../../wallet-instance-attestation/v1.0.0/utils"));
13
10
  var _errors = require("../../../utils/errors");
14
11
  var _callbacks = require("../../../utils/callbacks");
15
- function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
16
- function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
17
- // TODO: decouple from version 1.0.0
18
-
19
- const initChallenge = async (issuerConf, initUrl, mrtd_auth_session, mrtd_pop_jwt_nonce, context) => {
20
- const {
21
- appFetch = fetch,
22
- walletInstanceAttestation,
23
- wiaCryptoContext
24
- } = context;
25
- const iss = WalletInstanceAttestation.decode(walletInstanceAttestation).payload.cnf.jwk.kid;
26
- const signedWiaPoP = await (0, _pop.createPopToken)({
27
- jti: (0, _uuid.v4)(),
28
- aud: issuerConf.credential_issuer,
29
- iss
30
- }, wiaCryptoContext);
31
- const initResult = await (0, _ioWalletOauth.fetchMrtdPopInit)({
32
- popInitEndpoint: initUrl,
33
- mrtdAuthSession: mrtd_auth_session,
34
- mrtdPopJwtNonce: mrtd_pop_jwt_nonce,
35
- walletAttestation: walletInstanceAttestation,
36
- clientAttestationDPoP: signedWiaPoP,
37
- callbacks: {
38
- verifyJwt: (0, _callbacks.createVerifyJwtFromJwks)(issuerConf.keys),
39
- fetch: appFetch
40
- }
41
- }).catch(handleInitChallengeError);
42
- return {
43
- challenge: initResult.challenge,
44
- mrtd_pop_nonce: initResult.mrtdPopNonce,
45
- pop_verify_endpoint: initResult.popVerifyEndpoint,
46
- mrz: initResult.mrz
12
+ /**
13
+ * Factory function to create `initChallenge` for MRTD PoP flow.
14
+ * The factory is needed to inject version specific SDK configuration.
15
+ * @param config Configuration object containing the IO Wallet SDK configuration
16
+ * @returns `initChallenge` function compliant with the public API
17
+ */
18
+ function createInitChallenge(config) {
19
+ return async function initChallenge(issuerConf, initUrl, mrtd_auth_session, mrtd_pop_jwt_nonce, context) {
20
+ const {
21
+ appFetch = fetch,
22
+ walletInstanceAttestation,
23
+ wiaCryptoContext
24
+ } = context;
25
+ const clientAttestationDPoP = await (0, _ioWalletOauth.createClientAttestationPopJwt)({
26
+ config: config.sdkConfig,
27
+ callbacks: {
28
+ generateRandom: _callbacks.partialCallbacks.generateRandom,
29
+ signJwt: (0, _callbacks.createSignJwtFromCryptoContext)(wiaCryptoContext)
30
+ },
31
+ clientAttestation: walletInstanceAttestation,
32
+ authorizationServer: issuerConf.credential_issuer,
33
+ signer: {
34
+ method: "jwk",
35
+ alg: "ES256",
36
+ publicJwk: await wiaCryptoContext.getPublicKey()
37
+ }
38
+ });
39
+ const initResult = await (0, _ioWalletOauth.fetchMrtdPopInit)({
40
+ popInitEndpoint: initUrl,
41
+ mrtdAuthSession: mrtd_auth_session,
42
+ mrtdPopJwtNonce: mrtd_pop_jwt_nonce,
43
+ walletAttestation: walletInstanceAttestation,
44
+ clientAttestationDPoP,
45
+ callbacks: {
46
+ verifyJwt: (0, _callbacks.createVerifyJwtFromJwks)(issuerConf.keys),
47
+ fetch: appFetch
48
+ }
49
+ }).catch(handleInitChallengeError);
50
+ return {
51
+ challenge: initResult.challenge,
52
+ mrtd_pop_nonce: initResult.mrtdPopNonce,
53
+ pop_verify_endpoint: initResult.popVerifyEndpoint,
54
+ mrz: initResult.mrz
55
+ };
47
56
  };
48
- };
49
- exports.initChallenge = initChallenge;
57
+ }
50
58
  const handleInitChallengeError = e => {
51
59
  _logging.Logger.log(_logging.LogLevel.ERROR, `Failed to get MRTD challenge: ${e}`);
52
60
  if (!(e instanceof _ioWalletUtils.UnexpectedStatusCodeError)) {
package/lib/commonjs/credential/issuance/mrtd-pop/02-init-challenge.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["_uuid","require","_ioWalletOauth","_ioWalletUtils","_pop","_logging","WalletInstanceAttestation","_interopRequireWildcard","_errors","_callbacks","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","initChallenge","issuerConf","initUrl","mrtd_auth_session","mrtd_pop_jwt_nonce","context","appFetch","fetch","walletInstanceAttestation","wiaCryptoContext","iss","decode","payload","cnf","jwk","kid","signedWiaPoP","createPopToken","jti","uuidv4","aud","credential_issuer","initResult","fetchMrtdPopInit","popInitEndpoint","mrtdAuthSession","mrtdPopJwtNonce","walletAttestation","clientAttestationDPoP","callbacks","verifyJwt","createVerifyJwtFromJwks","keys","catch","handleInitChallengeError","challenge","mrtd_pop_nonce","mrtdPopNonce","pop_verify_endpoint","popVerifyEndpoint","mrz","exports","e","Logger","log","LogLevel","ERROR","SdkUnexpectedStatusCodeError","ResponseErrorBuilder","IssuerResponseError","handle","code","IssuerResponseErrorCodes","MrtdChallengeInitRequestFailed","message","buildFrom"],"sourceRoot":"../../../../../src","sources":["credential/issuance/mrtd-pop/02-init-challenge.ts"],"mappings":";;;;;;AAAA,IAAAA,KAAA,GAAAC,OAAA;AACA,IAAAC,cAAA,GAAAD,OAAA;AACA,IAAAE,cAAA,GAAAF,OAAA;AACA,IAAAG,IAAA,GAAAH,OAAA;AACA,IAAAI,QAAA,GAAAJ,OAAA;AACA,IAAAK,yBAAA,GAAAC,uBAAA,CAAAN,OAAA;AACA,IAAAO,OAAA,GAAAP,OAAA;AAMA,IAAAQ,UAAA,GAAAR,OAAA;AAAmE,SAAAS,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAJ,wBAAAQ,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAP6B;;AASzF,MAAMW,aAA0C,GAAG,MAAAA,CACxDC,UAAU,EACVC,OAAO,EACPC,iBAAiB,EACjBC,kBAAkB,EAClBC,OAAO,KACJ;EACH,MAAM;IACJC,QAAQ,GAAGC,KAAK;IAChBC,yBAAyB;IACzBC;EACF,CAAC,GAAGJ,OAAO;EAEX,MAAMK,GAAG,GAAGpC,yBAAyB,CAACqC,MAAM,CAACH,yBAAyB,CAAC,CACpEI,OAAO,CAACC,GAAG,CAACC,GAAG,CAACC,GAAG;EAEtB,MAAMC,YAAY,GAAG,MAAM,IAAAC,mBAAc,EACvC;IACEC,GAAG,EAAE,IAAAC,QAAM,EAAC,CAAC;IACbC,GAAG,EAAEnB,UAAU,CAACoB,iBAAiB;IACjCX;EACF,CAAC,EACDD,gBACF,CAAC;EAED,MAAMa,UAAU,GAAG,MAAM,IAAAC,+BAAgB,EAAC;IACxCC,eAAe,EAAEtB,OAAO;IACxBuB,eAAe,EAAEtB,iBAAiB;IAClCuB,eAAe,EAAEtB,kBAAkB;IACnCuB,iBAAiB,EAAEnB,yBAAyB;IAC5CoB,qBAAqB,EAAEZ,YAAY;IACnCa,SAAS,EAAE;MACTC,SAAS,EAAE,IAAAC,kCAAuB,EAAC9B,UAAU,CAAC+B,IAAI,CAAC;MACnDzB,KAAK,EAAED;IACT;EACF,CAAC,CAAC,CAAC2B,KAAK,CAACC,wBAAwB,CAAC;EAElC,OAAO;IACLC,SAAS,EAAEb,UAAU,CAACa,SAAS;IAC/BC,cAAc,EAAEd,UAAU,CAACe,YAAY;IACvCC,mBAAmB,EAAEhB,UAAU,CAACiB,iBAAiB;IACjDC,GAAG,EAAElB,UAAU,CAACkB;EAClB,CAAC;AACH,CAAC;AAACC,OAAA,CAAAzC,aAAA,GAAAA,aAAA;AAEF,MAAMkC,wBAAwB,GAAIQ,CAAU,IAAK;EAC/CC,eAAM,CAACC,GAAG,CAACC,iBAAQ,CAACC,KAAK,EAAG,iCAAgCJ,CAAE,EAAC,CAAC;EAEhE,IAAI,EAAEA,CAAC,YAAYK,wCAA4B,CAAC,EAAE;IAChD,MAAML,CAAC;EACT;EAEA,MAAM,IAAIM,4BAAoB,CAACC,2BAAmB,CAAC,CAChDC,MAAM,CAAC,GAAG,EAAE;IACXC,IAAI,EAAEC,gCAAwB,CAACC,8BAA8B;IAC7DC,OAAO,EAAE;EACX,CAAC,CAAC,CACDC,SAAS,CAACb,CAAC,CAAC;AACjB,CAAC"}
1
+ {"version":3,"names":["_ioWalletOauth","require","_ioWalletUtils","_logging","_errors","_callbacks","createInitChallenge","config","initChallenge","issuerConf","initUrl","mrtd_auth_session","mrtd_pop_jwt_nonce","context","appFetch","fetch","walletInstanceAttestation","wiaCryptoContext","clientAttestationDPoP","createClientAttestationPopJwt","sdkConfig","callbacks","generateRandom","partialCallbacks","signJwt","createSignJwtFromCryptoContext","clientAttestation","authorizationServer","credential_issuer","signer","method","alg","publicJwk","getPublicKey","initResult","fetchMrtdPopInit","popInitEndpoint","mrtdAuthSession","mrtdPopJwtNonce","walletAttestation","verifyJwt","createVerifyJwtFromJwks","keys","catch","handleInitChallengeError","challenge","mrtd_pop_nonce","mrtdPopNonce","pop_verify_endpoint","popVerifyEndpoint","mrz","e","Logger","log","LogLevel","ERROR","SdkUnexpectedStatusCodeError","ResponseErrorBuilder","IssuerResponseError","handle","code","IssuerResponseErrorCodes","MrtdChallengeInitRequestFailed","message","buildFrom"],"sourceRoot":"../../../../../src","sources":["credential/issuance/mrtd-pop/02-init-challenge.ts"],"mappings":";;;;;;AAAA,IAAAA,cAAA,GAAAC,OAAA;AAIA,IAAAC,cAAA,GAAAD,OAAA;AAIA,IAAAE,QAAA,GAAAF,OAAA;AACA,IAAAG,OAAA,GAAAH,OAAA;AAMA,IAAAI,UAAA,GAAAJ,OAAA;AAUA;AACA;AACA;AACA;AACA;AACA;AACO,SAASK,mBAAmBA,CACjCC,MAAc,EACe;EAC7B,OAAO,eAAeC,aAAaA,CACjCC,UAAU,EACVC,OAAO,EACPC,iBAAiB,EACjBC,kBAAkB,EAClBC,OAAO,EACP;IACA,MAAM;MACJC,QAAQ,GAAGC,KAAK;MAChBC,yBAAyB;MACzBC;IACF,CAAC,GAAGJ,OAAO;IAEX,MAAMK,qBAAqB,GAAG,MAAM,IAAAC,4CAA6B,EAAC;MAChEZ,MAAM,EAAEA,MAAM,CAACa,SAAS;MACxBC,SAAS,EAAE;QACTC,cAAc,EAAEC,2BAAgB,CAACD,cAAc;QAC/CE,OAAO,EAAE,IAAAC,yCAA8B,EAACR,gBAAgB;MAC1D,CAAC;MACDS,iBAAiB,EAAEV,yBAAyB;MAC5CW,mBAAmB,EAAElB,UAAU,CAACmB,iBAAiB;MACjDC,MAAM,EAAE;QACNC,MAAM,EAAE,KAAK;QACbC,GAAG,EAAE,OAAO;QACZC,SAAS,EAAE,MAAMf,gBAAgB,CAACgB,YAAY,CAAC;MACjD;IACF,CAAC,CAAC;IAEF,MAAMC,UAAU,GAAG,MAAM,IAAAC,+BAAgB,EAAC;MACxCC,eAAe,EAAE1B,OAAO;MACxB2B,eAAe,EAAE1B,iBAAiB;MAClC2B,eAAe,EAAE1B,kBAAkB;MACnC2B,iBAAiB,EAAEvB,yBAAyB;MAC5CE,qBAAqB;MACrBG,SAAS,EAAE;QACTmB,SAAS,EAAE,IAAAC,kCAAuB,EAAChC,UAAU,CAACiC,IAAI,CAAC;QACnD3B,KAAK,EAAED;MACT;IACF,CAAC,CAAC,CAAC6B,KAAK,CAACC,wBAAwB,CAAC;IAElC,OAAO;MACLC,SAAS,EAAEX,UAAU,CAACW,SAAS;MAC/BC,cAAc,EAAEZ,UAAU,CAACa,YAAY;MACvCC,mBAAmB,EAAEd,UAAU,CAACe,iBAAiB;MACjDC,GAAG,EAAEhB,UAAU,CAACgB;IAClB,CAAC;EACH,CAAC;AACH;AAEA,MAAMN,wBAAwB,GAAIO,CAAU,IAAK;EAC/CC,eAAM,CAACC,GAAG,CAACC,iBAAQ,CAACC,KAAK,EAAG,iCAAgCJ,CAAE,EAAC,CAAC;EAEhE,IAAI,EAAEA,CAAC,YAAYK,wCAA4B,CAAC,EAAE;IAChD,MAAML,CAAC;EACT;EAEA,MAAM,IAAIM,4BAAoB,CAACC,2BAAmB,CAAC,CAChDC,MAAM,CAAC,GAAG,EAAE;IACXC,IAAI,EAAEC,gCAAwB,CAACC,8BAA8B;IAC7DC,OAAO,EAAE;EACX,CAAC,CAAC,CACDC,SAAS,CAACb,CAAC,CAAC;AACjB,CAAC"}
package/lib/commonjs/credential/issuance/mrtd-pop/03-validate-challenge.js CHANGED
@@ -3,62 +3,69 @@
3
3
  Object.defineProperty(exports, "__esModule", {
4
4
  value: true
5
5
  });
6
- exports.validateChallenge = exports.buildChallengeCallbackUrl = void 0;
6
+ exports.buildChallengeCallbackUrl = void 0;
7
+ exports.createValidateChallenge = createValidateChallenge;
7
8
  var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
8
9
  var _ioWalletOauth = require("@pagopa/io-wallet-oauth2");
9
- var _uuid = require("uuid");
10
- var _pop = require("../../../utils/pop");
11
- var WalletInstanceAttestation = _interopRequireWildcard(require("../../../wallet-instance-attestation/v1.0.0/utils"));
12
10
  var _errors = require("../../../utils/errors");
13
11
  var _callbacks = require("../../../utils/callbacks");
14
- function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
15
- function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
16
- // TODO: decouple from 1.0.0 version
17
-
18
- const validateChallenge = async (issuerConf, verifyUrl, mrtd_auth_session, mrtd_pop_nonce, mrtd, ias, context) => {
19
- const {
20
- appFetch = fetch,
21
- walletInstanceAttestation,
22
- wiaCryptoContext
23
- } = context;
24
- const aud = issuerConf.credential_issuer;
25
- const iss = WalletInstanceAttestation.decode(walletInstanceAttestation).payload.cnf.jwk.kid;
26
- const signedWiaPoP = await (0, _pop.createPopToken)({
27
- jti: (0, _uuid.v4)(),
28
- aud,
29
- iss
30
- }, wiaCryptoContext);
31
- const {
32
- kid
33
- } = await wiaCryptoContext.getPublicKey();
34
- const mrtdValidationJwt = await new _ioReactNativeJwt.SignJWT(wiaCryptoContext).setProtectedHeader({
35
- typ: "mrtd-ias+jwt",
36
- kid
37
- }).setPayload({
38
- iss,
39
- aud,
40
- document_type: "cie",
41
- mrtd,
42
- ias
43
- }).setIssuedAt().setExpirationTime("5m").sign();
44
- const verifyResult = await (0, _ioWalletOauth.fetchMrtdPopVerify)({
45
- popVerifyEndpoint: verifyUrl,
46
- mrtdAuthSession: mrtd_auth_session,
47
- mrtdPopNonce: mrtd_pop_nonce,
48
- clientAttestationDPoP: signedWiaPoP,
49
- mrtdValidationJwt,
50
- walletAttestation: walletInstanceAttestation,
51
- callbacks: {
52
- fetch: appFetch,
53
- ..._callbacks.partialCallbacks
54
- }
55
- }).catch(_errors.sdkUnexpectedStatusCodeToIssuerError);
56
- return {
57
- redirect_uri: verifyResult.redirectUri,
58
- mrtd_val_pop_nonce: verifyResult.mrtdValPopNonce
12
+ /**
13
+ * Factory function to create `validateChallenge` for MRTD PoP flow.
14
+ * The factory is needed to inject version specific SDK configuration.
15
+ * @param config Configuration object containing the IO Wallet SDK configuration
16
+ * @returns `validateChallenge` function compliant with the public API
17
+ */
18
+ function createValidateChallenge(config) {
19
+ return async function validateChallenge(issuerConf, verifyUrl, mrtd_auth_session, mrtd_pop_nonce, mrtd, ias, context) {
20
+ const {
21
+ appFetch = fetch,
22
+ walletInstanceAttestation,
23
+ wiaCryptoContext
24
+ } = context;
25
+ const aud = issuerConf.credential_issuer;
26
+ const wiaPublicJwk = await wiaCryptoContext.getPublicKey();
27
+ const clientAttestationDPoP = await (0, _ioWalletOauth.createClientAttestationPopJwt)({
28
+ config: config.sdkConfig,
29
+ callbacks: {
30
+ generateRandom: _callbacks.partialCallbacks.generateRandom,
31
+ signJwt: (0, _callbacks.createSignJwtFromCryptoContext)(wiaCryptoContext)
32
+ },
33
+ clientAttestation: walletInstanceAttestation,
34
+ authorizationServer: aud,
35
+ signer: {
36
+ method: "jwk",
37
+ alg: "ES256",
38
+ publicJwk: wiaPublicJwk
39
+ }
40
+ });
41
+ const mrtdValidationJwt = await new _ioReactNativeJwt.SignJWT(wiaCryptoContext).setProtectedHeader({
42
+ typ: "mrtd-ias+jwt",
43
+ kid: wiaPublicJwk.kid
44
+ }).setPayload({
45
+ iss: wiaPublicJwk.kid,
46
+ aud,
47
+ document_type: "cie",
48
+ mrtd,
49
+ ias
50
+ }).setIssuedAt().setExpirationTime("5m").sign();
51
+ const verifyResult = await (0, _ioWalletOauth.fetchMrtdPopVerify)({
52
+ popVerifyEndpoint: verifyUrl,
53
+ mrtdAuthSession: mrtd_auth_session,
54
+ mrtdPopNonce: mrtd_pop_nonce,
55
+ clientAttestationDPoP,
56
+ mrtdValidationJwt,
57
+ walletAttestation: walletInstanceAttestation,
58
+ callbacks: {
59
+ fetch: appFetch,
60
+ ..._callbacks.partialCallbacks
61
+ }
62
+ }).catch(_errors.sdkUnexpectedStatusCodeToIssuerError);
63
+ return {
64
+ redirect_uri: verifyResult.redirectUri,
65
+ mrtd_val_pop_nonce: verifyResult.mrtdValPopNonce
66
+ };
59
67
  };
60
- };
61
- exports.validateChallenge = validateChallenge;
68
+ }
62
69
  const buildChallengeCallbackUrl = async (redirectUri, valPopNonce, authSession) => {
63
70
  const params = new URLSearchParams({
64
71
  mrtd_val_pop_nonce: valPopNonce,
package/lib/commonjs/credential/issuance/mrtd-pop/03-validate-challenge.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["_ioReactNativeJwt","require","_ioWalletOauth","_uuid","_pop","WalletInstanceAttestation","_interopRequireWildcard","_errors","_callbacks","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","validateChallenge","issuerConf","verifyUrl","mrtd_auth_session","mrtd_pop_nonce","mrtd","ias","context","appFetch","fetch","walletInstanceAttestation","wiaCryptoContext","aud","credential_issuer","iss","decode","payload","cnf","jwk","kid","signedWiaPoP","createPopToken","jti","uuidv4","getPublicKey","mrtdValidationJwt","SignJWT","setProtectedHeader","typ","setPayload","document_type","setIssuedAt","setExpirationTime","sign","verifyResult","fetchMrtdPopVerify","popVerifyEndpoint","mrtdAuthSession","mrtdPopNonce","clientAttestationDPoP","walletAttestation","callbacks","partialCallbacks","catch","sdkUnexpectedStatusCodeToIssuerError","redirect_uri","redirectUri","mrtd_val_pop_nonce","mrtdValPopNonce","exports","buildChallengeCallbackUrl","valPopNonce","authSession","params","URLSearchParams","callbackUrl"],"sourceRoot":"../../../../../src","sources":["credential/issuance/mrtd-pop/03-validate-challenge.ts"],"mappings":";;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AACA,IAAAC,cAAA,GAAAD,OAAA;AACA,IAAAE,KAAA,GAAAF,OAAA;AACA,IAAAG,IAAA,GAAAH,OAAA;AACA,IAAAI,yBAAA,GAAAC,uBAAA,CAAAL,OAAA;AACA,IAAAM,OAAA,GAAAN,OAAA;AACA,IAAAO,UAAA,GAAAP,OAAA;AAA4D,SAAAQ,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAJ,wBAAAQ,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAFoC;;AAKzF,MAAMW,iBAAkD,GAAG,MAAAA,CAChEC,UAAU,EACVC,SAAS,EACTC,iBAAiB,EACjBC,cAAc,EACdC,IAAI,EACJC,GAAG,EACHC,OAAO,KACJ;EACH,MAAM;IACJC,QAAQ,GAAGC,KAAK;IAChBC,yBAAyB;IACzBC;EACF,CAAC,GAAGJ,OAAO;EAEX,MAAMK,GAAG,GAAGX,UAAU,CAACY,iBAAiB;EACxC,MAAMC,GAAG,GAAGxC,yBAAyB,CAACyC,MAAM,CAACL,yBAAyB,CAAC,CACpEM,OAAO,CAACC,GAAG,CAACC,GAAG,CAACC,GAAG;EAEtB,MAAMC,YAAY,GAAG,MAAM,IAAAC,mBAAc,EACvC;IACEC,GAAG,EAAE,IAAAC,QAAM,EAAC,CAAC;IACbX,GAAG;IACHE;EACF,CAAC,EACDH,gBACF,CAAC;EAED,MAAM;IAAEQ;EAAI,CAAC,GAAG,MAAMR,gBAAgB,CAACa,YAAY,CAAC,CAAC;EAErD,MAAMC,iBAAiB,GAAG,MAAM,IAAIC,yBAAO,CAACf,gBAAgB,CAAC,CAC1DgB,kBAAkB,CAAC;IAClBC,GAAG,EAAE,cAAc;IACnBT;EACF,CAAC,CAAC,CACDU,UAAU,CAAC;IACVf,GAAG;IACHF,GAAG;IACHkB,aAAa,EAAE,KAAK;IACpBzB,IAAI;IACJC;EACF,CAAC,CAAC,CACDyB,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,IAAI,CAAC,CAAC;EAET,MAAMC,YAAY,GAAG,MAAM,IAAAC,iCAAkB,EAAC;IAC5CC,iBAAiB,EAAElC,SAAS;IAC5BmC,eAAe,EAAElC,iBAAiB;IAClCmC,YAAY,EAAElC,cAAc;IAC5BmC,qBAAqB,EAAEnB,YAAY;IACnCK,iBAAiB;IACjBe,iBAAiB,EAAE9B,yBAAyB;IAC5C+B,SAAS,EAAE;MACThC,KAAK,EAAED,QAAQ;MACf,GAAGkC;IACL;EACF,CAAC,CAAC,CAACC,KAAK,CAACC,4CAAoC,CAAC;EAE9C,OAAO;IACLC,YAAY,EAAEX,YAAY,CAACY,WAAW;IACtCC,kBAAkB,EAAEb,YAAY,CAACc;EACnC,CAAC;AACH,CAAC;AAACC,OAAA,CAAAjD,iBAAA,GAAAA,iBAAA;AAEK,MAAMkD,yBAAkE,GAC7E,MAAAA,CAAOJ,WAAW,EAAEK,WAAW,EAAEC,WAAW,KAAK;EAC/C,MAAMC,MAAM,GAAG,IAAIC,eAAe,CAAC;IACjCP,kBAAkB,EAAEI,WAAW;IAC/BhD,iBAAiB,EAAEiD;EACrB,CAAC,CAAC;EAEF,MAAMG,WAAW,GAAI,GAAET,WAAY,IAAGO,MAAO,EAAC;EAC9C,OAAO;IAAEE;EAAY,CAAC;AACxB,CAAC;AAACN,OAAA,CAAAC,yBAAA,GAAAA,yBAAA"}
1
+ {"version":3,"names":["_ioReactNativeJwt","require","_ioWalletOauth","_errors","_callbacks","createValidateChallenge","config","validateChallenge","issuerConf","verifyUrl","mrtd_auth_session","mrtd_pop_nonce","mrtd","ias","context","appFetch","fetch","walletInstanceAttestation","wiaCryptoContext","aud","credential_issuer","wiaPublicJwk","getPublicKey","clientAttestationDPoP","createClientAttestationPopJwt","sdkConfig","callbacks","generateRandom","partialCallbacks","signJwt","createSignJwtFromCryptoContext","clientAttestation","authorizationServer","signer","method","alg","publicJwk","mrtdValidationJwt","SignJWT","setProtectedHeader","typ","kid","setPayload","iss","document_type","setIssuedAt","setExpirationTime","sign","verifyResult","fetchMrtdPopVerify","popVerifyEndpoint","mrtdAuthSession","mrtdPopNonce","walletAttestation","catch","sdkUnexpectedStatusCodeToIssuerError","redirect_uri","redirectUri","mrtd_val_pop_nonce","mrtdValPopNonce","buildChallengeCallbackUrl","valPopNonce","authSession","params","URLSearchParams","callbackUrl","exports"],"sourceRoot":"../../../../../src","sources":["credential/issuance/mrtd-pop/03-validate-challenge.ts"],"mappings":";;;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AACA,IAAAC,cAAA,GAAAD,OAAA;AAKA,IAAAE,OAAA,GAAAF,OAAA;AACA,IAAAG,UAAA,GAAAH,OAAA;AAUA;AACA;AACA;AACA;AACA;AACA;AACO,SAASI,uBAAuBA,CACrCC,MAAc,EACmB;EACjC,OAAO,eAAeC,iBAAiBA,CACrCC,UAAU,EACVC,SAAS,EACTC,iBAAiB,EACjBC,cAAc,EACdC,IAAI,EACJC,GAAG,EACHC,OAAO,EACP;IACA,MAAM;MACJC,QAAQ,GAAGC,KAAK;MAChBC,yBAAyB;MACzBC;IACF,CAAC,GAAGJ,OAAO;IAEX,MAAMK,GAAG,GAAGX,UAAU,CAACY,iBAAiB;IAExC,MAAMC,YAAY,GAAG,MAAMH,gBAAgB,CAACI,YAAY,CAAC,CAAC;IAE1D,MAAMC,qBAAqB,GAAG,MAAM,IAAAC,4CAA6B,EAAC;MAChElB,MAAM,EAAEA,MAAM,CAACmB,SAAS;MACxBC,SAAS,EAAE;QACTC,cAAc,EAAEC,2BAAgB,CAACD,cAAc;QAC/CE,OAAO,EAAE,IAAAC,yCAA8B,EAACZ,gBAAgB;MAC1D,CAAC;MACDa,iBAAiB,EAAEd,yBAAyB;MAC5Ce,mBAAmB,EAAEb,GAAG;MACxBc,MAAM,EAAE;QACNC,MAAM,EAAE,KAAK;QACbC,GAAG,EAAE,OAAO;QACZC,SAAS,EAAEf;MACb;IACF,CAAC,CAAC;IAEF,MAAMgB,iBAAiB,GAAG,MAAM,IAAIC,yBAAO,CAACpB,gBAAgB,CAAC,CAC1DqB,kBAAkB,CAAC;MAClBC,GAAG,EAAE,cAAc;MACnBC,GAAG,EAAEpB,YAAY,CAACoB;IACpB,CAAC,CAAC,CACDC,UAAU,CAAC;MACVC,GAAG,EAAEtB,YAAY,CAACoB,GAAG;MACrBtB,GAAG;MACHyB,aAAa,EAAE,KAAK;MACpBhC,IAAI;MACJC;IACF,CAAC,CAAC,CACDgC,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,IAAI,CAAC,CAAC;IAET,MAAMC,YAAY,GAAG,MAAM,IAAAC,iCAAkB,EAAC;MAC5CC,iBAAiB,EAAEzC,SAAS;MAC5B0C,eAAe,EAAEzC,iBAAiB;MAClC0C,YAAY,EAAEzC,cAAc;MAC5BY,qBAAqB;MACrBc,iBAAiB;MACjBgB,iBAAiB,EAAEpC,yBAAyB;MAC5CS,SAAS,EAAE;QACTV,KAAK,EAAED,QAAQ;QACf,GAAGa;MACL;IACF,CAAC,CAAC,CAAC0B,KAAK,CAACC,4CAAoC,CAAC;IAE9C,OAAO;MACLC,YAAY,EAAER,YAAY,CAACS,WAAW;MACtCC,kBAAkB,EAAEV,YAAY,CAACW;IACnC,CAAC;EACH,CAAC;AACH;AAEO,MAAMC,yBAAkE,GAC7E,MAAAA,CAAOH,WAAW,EAAEI,WAAW,EAAEC,WAAW,KAAK;EAC/C,MAAMC,MAAM,GAAG,IAAIC,eAAe,CAAC;IACjCN,kBAAkB,EAAEG,WAAW;IAC/BnD,iBAAiB,EAAEoD;EACrB,CAAC,CAAC;EAEF,MAAMG,WAAW,GAAI,GAAER,WAAY,IAAGM,MAAO,EAAC;EAC9C,OAAO;IAAEE;EAAY,CAAC;AACxB,CAAC;AAACC,OAAA,CAAAN,yBAAA,GAAAA,yBAAA"}