@pagopa/io-react-native-wallet 3.2.0 → 3.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/lib/commonjs/credential/issuance/README.md +32 -14
- package/lib/commonjs/credential/issuance/api/IssuerConfig.js +1 -0
- package/lib/commonjs/credential/issuance/api/IssuerConfig.js.map +1 -1
- package/lib/commonjs/credential/issuance/common/02-start-user-authorization.js +4 -3
- package/lib/commonjs/credential/issuance/common/02-start-user-authorization.js.map +1 -1
- package/lib/commonjs/credential/issuance/common/06-verify-and-parse-credential.sdjwt.js +39 -8
- package/lib/commonjs/credential/issuance/common/06-verify-and-parse-credential.sdjwt.js.map +1 -1
- package/lib/commonjs/credential/issuance/mrtd-pop/02-init-challenge.js +46 -38
- package/lib/commonjs/credential/issuance/mrtd-pop/02-init-challenge.js.map +1 -1
- package/lib/commonjs/credential/issuance/mrtd-pop/03-validate-challenge.js +58 -51
- package/lib/commonjs/credential/issuance/mrtd-pop/03-validate-challenge.js.map +1 -1
- package/lib/commonjs/credential/issuance/mrtd-pop/index.js +21 -5
- package/lib/commonjs/credential/issuance/mrtd-pop/index.js.map +1 -1
- package/lib/commonjs/credential/issuance/v1.0.0/02-start-user-authorization.js +5 -4
- package/lib/commonjs/credential/issuance/v1.0.0/02-start-user-authorization.js.map +1 -1
- package/lib/commonjs/credential/issuance/v1.0.0/03-complete-user-authorization.js +8 -5
- package/lib/commonjs/credential/issuance/v1.0.0/03-complete-user-authorization.js.map +1 -1
- package/lib/commonjs/credential/issuance/v1.0.0/index.js +3 -2
- package/lib/commonjs/credential/issuance/v1.0.0/index.js.map +1 -1
- package/lib/commonjs/credential/issuance/v1.0.0/mappers.js +4 -2
- package/lib/commonjs/credential/issuance/v1.0.0/mappers.js.map +1 -1
- package/lib/commonjs/credential/issuance/v1.3.3/01-evaluate-issuer-trust.js +0 -2
- package/lib/commonjs/credential/issuance/v1.3.3/01-evaluate-issuer-trust.js.map +1 -1
- package/lib/commonjs/credential/issuance/v1.3.3/02-start-user-authorization.js +21 -17
- package/lib/commonjs/credential/issuance/v1.3.3/02-start-user-authorization.js.map +1 -1
- package/lib/commonjs/credential/issuance/v1.3.3/03-complete-user-authorization.js +108 -69
- package/lib/commonjs/credential/issuance/v1.3.3/03-complete-user-authorization.js.map +1 -1
- package/lib/commonjs/credential/issuance/v1.3.3/04-authorize-access.js +20 -19
- package/lib/commonjs/credential/issuance/v1.3.3/04-authorize-access.js.map +1 -1
- package/lib/commonjs/credential/issuance/v1.3.3/05-obtain-credential.js +5 -7
- package/lib/commonjs/credential/issuance/v1.3.3/05-obtain-credential.js.map +1 -1
- package/lib/commonjs/credential/issuance/v1.3.3/06-verify-and-parse-credential.js +4 -1
- package/lib/commonjs/credential/issuance/v1.3.3/06-verify-and-parse-credential.js.map +1 -1
- package/lib/commonjs/credential/issuance/v1.3.3/index.js +3 -2
- package/lib/commonjs/credential/issuance/v1.3.3/index.js.map +1 -1
- package/lib/commonjs/credential/issuance/v1.3.3/mappers.js +10 -11
- package/lib/commonjs/credential/issuance/v1.3.3/mappers.js.map +1 -1
- package/lib/commonjs/credential/presentation/api/types.js.map +1 -1
- package/lib/commonjs/credential/presentation/common/utils/http.js +9 -4
- package/lib/commonjs/credential/presentation/common/utils/http.js.map +1 -1
- package/lib/commonjs/credential/presentation/{v1.3.3/utils.mdoc.js → common/utils/mdoc.js} +2 -2
- package/lib/commonjs/credential/presentation/common/utils/mdoc.js.map +1 -0
- package/lib/commonjs/credential/presentation/v1.0.0/07-send-authorization-response.js +3 -1
- package/lib/commonjs/credential/presentation/v1.0.0/07-send-authorization-response.js.map +1 -1
- package/lib/commonjs/credential/presentation/v1.3.3/05-verify-request-object.js +11 -10
- package/lib/commonjs/credential/presentation/v1.3.3/05-verify-request-object.js.map +1 -1
- package/lib/commonjs/credential/presentation/v1.3.3/06-evaluate-dcql-query.js +2 -2
- package/lib/commonjs/credential/presentation/v1.3.3/06-evaluate-dcql-query.js.map +1 -1
- package/lib/commonjs/credential/presentation/v1.3.3/07-send-authorization-response.js +2 -0
- package/lib/commonjs/credential/presentation/v1.3.3/07-send-authorization-response.js.map +1 -1
- package/lib/commonjs/credential/presentation/v1.3.3/mappers.js +1 -1
- package/lib/commonjs/credential/presentation/v1.3.3/mappers.js.map +1 -1
- package/lib/commonjs/credential/status/README.md +3 -2
- package/lib/commonjs/credential/status/v1.3.3/01-status-list.js +27 -5
- package/lib/commonjs/credential/status/v1.3.3/01-status-list.js.map +1 -1
- package/lib/commonjs/credential/status/v1.3.3/02-verify-and-parse-status-list.js +17 -6
- package/lib/commonjs/credential/status/v1.3.3/02-verify-and-parse-status-list.js.map +1 -1
- package/lib/commonjs/credentials-catalogue/api/DigitalCredentialsCatalogue.js +2 -1
- package/lib/commonjs/credentials-catalogue/api/DigitalCredentialsCatalogue.js.map +1 -1
- package/lib/commonjs/credentials-catalogue/common/get-status-l10n-ids.js +23 -0
- package/lib/commonjs/credentials-catalogue/common/get-status-l10n-ids.js.map +1 -0
- package/lib/commonjs/credentials-catalogue/v1.0.0/index.js +3 -1
- package/lib/commonjs/credentials-catalogue/v1.0.0/index.js.map +1 -1
- package/lib/commonjs/credentials-catalogue/v1.3.3/index.js +3 -1
- package/lib/commonjs/credentials-catalogue/v1.3.3/index.js.map +1 -1
- package/lib/commonjs/mdoc/index.js +3 -24
- package/lib/commonjs/mdoc/index.js.map +1 -1
- package/lib/commonjs/sd-jwt/__test__/types.test.js +2 -14
- package/lib/commonjs/sd-jwt/__test__/types.test.js.map +1 -1
- package/lib/commonjs/sd-jwt/__test__/utils.test.js +0 -12
- package/lib/commonjs/sd-jwt/__test__/utils.test.js.map +1 -1
- package/lib/commonjs/sd-jwt/types.js +1 -14
- package/lib/commonjs/sd-jwt/types.js.map +1 -1
- package/lib/commonjs/utils/callbacks.js +20 -1
- package/lib/commonjs/utils/callbacks.js.map +1 -1
- package/lib/commonjs/utils/config.js +9 -1
- package/lib/commonjs/utils/config.js.map +1 -1
- package/lib/commonjs/utils/x509.js +34 -0
- package/lib/commonjs/utils/x509.js.map +1 -0
- package/lib/commonjs/wallet-instance-attestation/api/types.js +0 -2
- package/lib/commonjs/wallet-instance-attestation/api/types.js.map +1 -1
- package/lib/commonjs/wallet-instance-attestation/v1.3.3/mappers.js +1 -14
- package/lib/commonjs/wallet-instance-attestation/v1.3.3/mappers.js.map +1 -1
- package/lib/commonjs/wallet-instance-attestation/v1.3.3/types.js +2 -7
- package/lib/commonjs/wallet-instance-attestation/v1.3.3/types.js.map +1 -1
- package/lib/commonjs/wallet-unit-attestation/api/types.js +0 -11
- package/lib/commonjs/wallet-unit-attestation/api/types.js.map +1 -1
- package/lib/module/credential/issuance/README.md +32 -14
- package/lib/module/credential/issuance/api/IssuerConfig.js +1 -0
- package/lib/module/credential/issuance/api/IssuerConfig.js.map +1 -1
- package/lib/module/credential/issuance/common/02-start-user-authorization.js +4 -3
- package/lib/module/credential/issuance/common/02-start-user-authorization.js.map +1 -1
- package/lib/module/credential/issuance/common/06-verify-and-parse-credential.sdjwt.js +41 -10
- package/lib/module/credential/issuance/common/06-verify-and-parse-credential.sdjwt.js.map +1 -1
- package/lib/module/credential/issuance/mrtd-pop/02-init-challenge.js +47 -34
- package/lib/module/credential/issuance/mrtd-pop/02-init-challenge.js.map +1 -1
- package/lib/module/credential/issuance/mrtd-pop/03-validate-challenge.js +58 -47
- package/lib/module/credential/issuance/mrtd-pop/03-validate-challenge.js.map +1 -1
- package/lib/module/credential/issuance/mrtd-pop/index.js +20 -5
- package/lib/module/credential/issuance/mrtd-pop/index.js.map +1 -1
- package/lib/module/credential/issuance/v1.0.0/02-start-user-authorization.js +3 -2
- package/lib/module/credential/issuance/v1.0.0/02-start-user-authorization.js.map +1 -1
- package/lib/module/credential/issuance/v1.0.0/03-complete-user-authorization.js +6 -4
- package/lib/module/credential/issuance/v1.0.0/03-complete-user-authorization.js.map +1 -1
- package/lib/module/credential/issuance/v1.0.0/index.js +5 -4
- package/lib/module/credential/issuance/v1.0.0/index.js.map +1 -1
- package/lib/module/credential/issuance/v1.0.0/mappers.js +4 -2
- package/lib/module/credential/issuance/v1.0.0/mappers.js.map +1 -1
- package/lib/module/credential/issuance/v1.3.3/01-evaluate-issuer-trust.js +0 -2
- package/lib/module/credential/issuance/v1.3.3/01-evaluate-issuer-trust.js.map +1 -1
- package/lib/module/credential/issuance/v1.3.3/02-start-user-authorization.js +21 -17
- package/lib/module/credential/issuance/v1.3.3/02-start-user-authorization.js.map +1 -1
- package/lib/module/credential/issuance/v1.3.3/03-complete-user-authorization.js +108 -70
- package/lib/module/credential/issuance/v1.3.3/03-complete-user-authorization.js.map +1 -1
- package/lib/module/credential/issuance/v1.3.3/04-authorize-access.js +22 -19
- package/lib/module/credential/issuance/v1.3.3/04-authorize-access.js.map +1 -1
- package/lib/module/credential/issuance/v1.3.3/05-obtain-credential.js +6 -8
- package/lib/module/credential/issuance/v1.3.3/05-obtain-credential.js.map +1 -1
- package/lib/module/credential/issuance/v1.3.3/06-verify-and-parse-credential.js +4 -1
- package/lib/module/credential/issuance/v1.3.3/06-verify-and-parse-credential.js.map +1 -1
- package/lib/module/credential/issuance/v1.3.3/index.js +5 -4
- package/lib/module/credential/issuance/v1.3.3/index.js.map +1 -1
- package/lib/module/credential/issuance/v1.3.3/mappers.js +10 -11
- package/lib/module/credential/issuance/v1.3.3/mappers.js.map +1 -1
- package/lib/module/credential/presentation/api/types.js.map +1 -1
- package/lib/module/credential/presentation/common/utils/http.js +9 -4
- package/lib/module/credential/presentation/common/utils/http.js.map +1 -1
- package/lib/module/credential/presentation/{v1.3.3/utils.mdoc.js → common/utils/mdoc.js} +2 -2
- package/lib/module/credential/presentation/common/utils/mdoc.js.map +1 -0
- package/lib/module/credential/presentation/v1.0.0/07-send-authorization-response.js +3 -1
- package/lib/module/credential/presentation/v1.0.0/07-send-authorization-response.js.map +1 -1
- package/lib/module/credential/presentation/v1.3.3/05-verify-request-object.js +11 -10
- package/lib/module/credential/presentation/v1.3.3/05-verify-request-object.js.map +1 -1
- package/lib/module/credential/presentation/v1.3.3/06-evaluate-dcql-query.js +2 -3
- package/lib/module/credential/presentation/v1.3.3/06-evaluate-dcql-query.js.map +1 -1
- package/lib/module/credential/presentation/v1.3.3/07-send-authorization-response.js +2 -0
- package/lib/module/credential/presentation/v1.3.3/07-send-authorization-response.js.map +1 -1
- package/lib/module/credential/presentation/v1.3.3/mappers.js +1 -1
- package/lib/module/credential/presentation/v1.3.3/mappers.js.map +1 -1
- package/lib/module/credential/status/README.md +3 -2
- package/lib/module/credential/status/v1.3.3/01-status-list.js +27 -5
- package/lib/module/credential/status/v1.3.3/01-status-list.js.map +1 -1
- package/lib/module/credential/status/v1.3.3/02-verify-and-parse-status-list.js +17 -6
- package/lib/module/credential/status/v1.3.3/02-verify-and-parse-status-list.js.map +1 -1
- package/lib/module/credentials-catalogue/api/DigitalCredentialsCatalogue.js +1 -1
- package/lib/module/credentials-catalogue/api/DigitalCredentialsCatalogue.js.map +1 -1
- package/lib/module/credentials-catalogue/common/get-status-l10n-ids.js +16 -0
- package/lib/module/credentials-catalogue/common/get-status-l10n-ids.js.map +1 -0
- package/lib/module/credentials-catalogue/v1.0.0/index.js +3 -1
- package/lib/module/credentials-catalogue/v1.0.0/index.js.map +1 -1
- package/lib/module/credentials-catalogue/v1.3.3/index.js +3 -1
- package/lib/module/credentials-catalogue/v1.3.3/index.js.map +1 -1
- package/lib/module/mdoc/index.js +3 -24
- package/lib/module/mdoc/index.js.map +1 -1
- package/lib/module/sd-jwt/__test__/types.test.js +2 -14
- package/lib/module/sd-jwt/__test__/types.test.js.map +1 -1
- package/lib/module/sd-jwt/__test__/utils.test.js +0 -12
- package/lib/module/sd-jwt/__test__/utils.test.js.map +1 -1
- package/lib/module/sd-jwt/types.js +1 -14
- package/lib/module/sd-jwt/types.js.map +1 -1
- package/lib/module/utils/callbacks.js +19 -1
- package/lib/module/utils/callbacks.js.map +1 -1
- package/lib/module/utils/config.js +7 -0
- package/lib/module/utils/config.js.map +1 -1
- package/lib/module/utils/x509.js +28 -0
- package/lib/module/utils/x509.js.map +1 -0
- package/lib/module/wallet-instance-attestation/api/types.js +0 -2
- package/lib/module/wallet-instance-attestation/api/types.js.map +1 -1
- package/lib/module/wallet-instance-attestation/v1.3.3/mappers.js +1 -14
- package/lib/module/wallet-instance-attestation/v1.3.3/mappers.js.map +1 -1
- package/lib/module/wallet-instance-attestation/v1.3.3/types.js +2 -7
- package/lib/module/wallet-instance-attestation/v1.3.3/types.js.map +1 -1
- package/lib/module/wallet-unit-attestation/api/types.js +0 -11
- package/lib/module/wallet-unit-attestation/api/types.js.map +1 -1
- package/lib/typescript/credential/issuance/api/02-start-user-authorization.d.ts +1 -0
- package/lib/typescript/credential/issuance/api/02-start-user-authorization.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/api/03-complete-user-authorization.d.ts +19 -5
- package/lib/typescript/credential/issuance/api/03-complete-user-authorization.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/api/06-verify-and-parse-credential.d.ts +4 -0
- package/lib/typescript/credential/issuance/api/06-verify-and-parse-credential.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/api/IssuerConfig.d.ts +1 -0
- package/lib/typescript/credential/issuance/api/IssuerConfig.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/common/02-start-user-authorization.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/common/06-verify-and-parse-credential.sdjwt.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/mrtd-pop/02-init-challenge.d.ts +12 -1
- package/lib/typescript/credential/issuance/mrtd-pop/02-init-challenge.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/mrtd-pop/03-validate-challenge.d.ts +12 -1
- package/lib/typescript/credential/issuance/mrtd-pop/03-validate-challenge.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/mrtd-pop/index.d.ts +2 -1
- package/lib/typescript/credential/issuance/mrtd-pop/index.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/v1.0.0/02-start-user-authorization.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/v1.0.0/03-complete-user-authorization.d.ts +2 -1
- package/lib/typescript/credential/issuance/v1.0.0/03-complete-user-authorization.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/v1.0.0/index.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/v1.0.0/mappers.d.ts +1 -0
- package/lib/typescript/credential/issuance/v1.0.0/mappers.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/v1.3.3/01-evaluate-issuer-trust.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/v1.3.3/02-start-user-authorization.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/v1.3.3/03-complete-user-authorization.d.ts +2 -1
- package/lib/typescript/credential/issuance/v1.3.3/03-complete-user-authorization.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/v1.3.3/04-authorize-access.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/v1.3.3/05-obtain-credential.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/v1.3.3/06-verify-and-parse-credential.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/v1.3.3/index.d.ts.map +1 -1
- package/lib/typescript/credential/issuance/v1.3.3/mappers.d.ts +7 -4
- package/lib/typescript/credential/issuance/v1.3.3/mappers.d.ts.map +1 -1
- package/lib/typescript/credential/presentation/api/05-verify-request-object.d.ts +1 -1
- package/lib/typescript/credential/presentation/api/types.d.ts +3 -7
- package/lib/typescript/credential/presentation/api/types.d.ts.map +1 -1
- package/lib/typescript/credential/presentation/common/utils/http.d.ts +1 -1
- package/lib/typescript/credential/presentation/common/utils/http.d.ts.map +1 -1
- package/lib/typescript/credential/presentation/{v1.3.3/utils.mdoc.d.ts → common/utils/mdoc.d.ts} +2 -2
- package/lib/typescript/credential/presentation/common/utils/mdoc.d.ts.map +1 -0
- package/lib/typescript/credential/presentation/v1.3.3/05-verify-request-object.d.ts.map +1 -1
- package/lib/typescript/credential/presentation/v1.3.3/06-evaluate-dcql-query.d.ts.map +1 -1
- package/lib/typescript/credential/presentation/v1.3.3/07-send-authorization-response.d.ts.map +1 -1
- package/lib/typescript/credential/presentation/v1.3.3/mappers.d.ts +8 -8
- package/lib/typescript/credential/presentation/v1.3.3/types.d.ts +8 -8
- package/lib/typescript/credential/status/api/status-list.d.ts +8 -4
- package/lib/typescript/credential/status/api/status-list.d.ts.map +1 -1
- package/lib/typescript/credential/status/v1.3.3/01-status-list.d.ts.map +1 -1
- package/lib/typescript/credential/status/v1.3.3/02-verify-and-parse-status-list.d.ts.map +1 -1
- package/lib/typescript/credentials-catalogue/api/DigitalCredentialsCatalogue.d.ts +6 -0
- package/lib/typescript/credentials-catalogue/api/DigitalCredentialsCatalogue.d.ts.map +1 -1
- package/lib/typescript/credentials-catalogue/api/index.d.ts +14 -2
- package/lib/typescript/credentials-catalogue/api/index.d.ts.map +1 -1
- package/lib/typescript/credentials-catalogue/common/get-status-l10n-ids.d.ts +9 -0
- package/lib/typescript/credentials-catalogue/common/get-status-l10n-ids.d.ts.map +1 -0
- package/lib/typescript/credentials-catalogue/v1.0.0/index.d.ts.map +1 -1
- package/lib/typescript/credentials-catalogue/v1.3.3/index.d.ts.map +1 -1
- package/lib/typescript/mdoc/index.d.ts +1 -1
- package/lib/typescript/mdoc/index.d.ts.map +1 -1
- package/lib/typescript/mdoc/utils.d.ts +0 -24
- package/lib/typescript/mdoc/utils.d.ts.map +1 -1
- package/lib/typescript/sd-jwt/types.d.ts +0 -12
- package/lib/typescript/sd-jwt/types.d.ts.map +1 -1
- package/lib/typescript/trust/v1.3.3/types.d.ts +6 -4
- package/lib/typescript/trust/v1.3.3/types.d.ts.map +1 -1
- package/lib/typescript/utils/callbacks.d.ts +7 -0
- package/lib/typescript/utils/callbacks.d.ts.map +1 -1
- package/lib/typescript/utils/config.d.ts +4 -0
- package/lib/typescript/utils/config.d.ts.map +1 -1
- package/lib/typescript/utils/x509.d.ts +10 -0
- package/lib/typescript/utils/x509.d.ts.map +1 -0
- package/lib/typescript/wallet-instance-attestation/api/types.d.ts +0 -2
- package/lib/typescript/wallet-instance-attestation/api/types.d.ts.map +1 -1
- package/lib/typescript/wallet-instance-attestation/v1.0.0/mappers.d.ts +0 -2
- package/lib/typescript/wallet-instance-attestation/v1.0.0/mappers.d.ts.map +1 -1
- package/lib/typescript/wallet-instance-attestation/v1.3.3/mappers.d.ts +2 -9
- package/lib/typescript/wallet-instance-attestation/v1.3.3/mappers.d.ts.map +1 -1
- package/lib/typescript/wallet-instance-attestation/v1.3.3/types.d.ts +2 -7
- package/lib/typescript/wallet-instance-attestation/v1.3.3/types.d.ts.map +1 -1
- package/lib/typescript/wallet-unit-attestation/api/types.d.ts +0 -11
- package/lib/typescript/wallet-unit-attestation/api/types.d.ts.map +1 -1
- package/lib/typescript/wallet-unit-attestation/v1.3.3/mappers.d.ts +0 -22
- package/lib/typescript/wallet-unit-attestation/v1.3.3/mappers.d.ts.map +1 -1
- package/lib/typescript/wallet-unit-attestation/v1.3.3/types.d.ts +0 -11
- package/lib/typescript/wallet-unit-attestation/v1.3.3/types.d.ts.map +1 -1
- package/package.json +6 -6
- package/src/credential/issuance/README.md +32 -14
- package/src/credential/issuance/api/02-start-user-authorization.ts +1 -0
- package/src/credential/issuance/api/03-complete-user-authorization.ts +26 -5
- package/src/credential/issuance/api/06-verify-and-parse-credential.ts +4 -0
- package/src/credential/issuance/api/IssuerConfig.ts +1 -0
- package/src/credential/issuance/common/02-start-user-authorization.ts +6 -3
- package/src/credential/issuance/common/06-verify-and-parse-credential.sdjwt.ts +47 -10
- package/src/credential/issuance/mrtd-pop/02-init-challenge.ts +69 -45
- package/src/credential/issuance/mrtd-pop/03-validate-challenge.ts +84 -62
- package/src/credential/issuance/mrtd-pop/index.ts +13 -5
- package/src/credential/issuance/v1.0.0/02-start-user-authorization.ts +8 -2
- package/src/credential/issuance/v1.0.0/03-complete-user-authorization.ts +16 -4
- package/src/credential/issuance/v1.0.0/index.ts +6 -4
- package/src/credential/issuance/v1.0.0/mappers.ts +9 -1
- package/src/credential/issuance/v1.3.3/01-evaluate-issuer-trust.ts +0 -2
- package/src/credential/issuance/v1.3.3/02-start-user-authorization.ts +25 -21
- package/src/credential/issuance/v1.3.3/03-complete-user-authorization.ts +138 -94
- package/src/credential/issuance/v1.3.3/04-authorize-access.ts +28 -23
- package/src/credential/issuance/v1.3.3/05-obtain-credential.ts +9 -9
- package/src/credential/issuance/v1.3.3/06-verify-and-parse-credential.ts +2 -1
- package/src/credential/issuance/v1.3.3/index.ts +6 -4
- package/src/credential/issuance/v1.3.3/mappers.ts +13 -11
- package/src/credential/presentation/api/05-verify-request-object.ts +1 -1
- package/src/credential/presentation/api/types.ts +3 -7
- package/src/credential/presentation/common/utils/http.ts +2 -2
- package/src/credential/presentation/{v1.3.3/utils.mdoc.ts → common/utils/mdoc.ts} +2 -2
- package/src/credential/presentation/v1.0.0/07-send-authorization-response.ts +1 -1
- package/src/credential/presentation/v1.3.3/05-verify-request-object.ts +15 -14
- package/src/credential/presentation/v1.3.3/06-evaluate-dcql-query.ts +3 -3
- package/src/credential/presentation/v1.3.3/07-send-authorization-response.ts +2 -0
- package/src/credential/presentation/v1.3.3/mappers.ts +1 -1
- package/src/credential/status/README.md +3 -2
- package/src/credential/status/api/status-list.ts +10 -7
- package/src/credential/status/v1.3.3/01-status-list.ts +21 -7
- package/src/credential/status/v1.3.3/02-verify-and-parse-status-list.ts +19 -5
- package/src/credentials-catalogue/api/DigitalCredentialsCatalogue.ts +4 -1
- package/src/credentials-catalogue/api/index.ts +15 -0
- package/src/credentials-catalogue/common/get-status-l10n-ids.ts +25 -0
- package/src/credentials-catalogue/v1.0.0/index.ts +2 -0
- package/src/credentials-catalogue/v1.3.3/index.ts +2 -0
- package/src/mdoc/index.ts +5 -41
- package/src/sd-jwt/__test__/types.test.ts +1 -13
- package/src/sd-jwt/__test__/utils.test.ts +0 -12
- package/src/sd-jwt/types.ts +0 -13
- package/src/utils/callbacks.ts +28 -1
- package/src/utils/config.ts +7 -0
- package/src/utils/x509.ts +43 -0
- package/src/wallet-instance-attestation/api/types.ts +0 -2
- package/src/wallet-instance-attestation/v1.3.3/mappers.ts +3 -11
- package/src/wallet-instance-attestation/v1.3.3/types.ts +2 -7
- package/src/wallet-unit-attestation/api/types.ts +0 -11
- package/lib/commonjs/credential/issuance/common/authorization.js +0 -56
- package/lib/commonjs/credential/issuance/common/authorization.js.map +0 -1
- package/lib/commonjs/credential/presentation/common/utils.js +0 -28
- package/lib/commonjs/credential/presentation/common/utils.js.map +0 -1
- package/lib/commonjs/credential/presentation/v1.3.3/utils.mdoc.js.map +0 -1
- package/lib/module/credential/issuance/common/authorization.js +0 -48
- package/lib/module/credential/issuance/common/authorization.js.map +0 -1
- package/lib/module/credential/presentation/common/utils.js +0 -21
- package/lib/module/credential/presentation/common/utils.js.map +0 -1
- package/lib/module/credential/presentation/v1.3.3/utils.mdoc.js.map +0 -1
- package/lib/typescript/credential/issuance/common/authorization.d.ts +0 -21
- package/lib/typescript/credential/issuance/common/authorization.d.ts.map +0 -1
- package/lib/typescript/credential/presentation/common/utils.d.ts +0 -11
- package/lib/typescript/credential/presentation/common/utils.d.ts.map +0 -1
- package/lib/typescript/credential/presentation/v1.3.3/utils.mdoc.d.ts.map +0 -1
- package/src/credential/issuance/common/authorization.ts +0 -89
- package/src/credential/presentation/common/utils.ts +0 -30
|
@@ -6,9 +6,11 @@ Object.defineProperty(exports, "__esModule", {
|
|
|
6
6
|
exports.CredentialsCatalogue = void 0;
|
|
7
7
|
var _fetchAndParseCatalogue = require("./fetch-and-parse-catalogue");
|
|
8
8
|
var _fetchTranslations = require("./fetch-translations");
|
|
9
|
+
var _getStatusL10nIds = require("../common/get-status-l10n-ids");
|
|
9
10
|
const CredentialsCatalogue = {
|
|
10
11
|
fetchAndParseCatalogue: _fetchAndParseCatalogue.fetchAndParseCatalogue,
|
|
11
|
-
fetchTranslations: _fetchTranslations.fetchTranslations
|
|
12
|
+
fetchTranslations: _fetchTranslations.fetchTranslations,
|
|
13
|
+
getStatusL10nIds: _getStatusL10nIds.getStatusL10nIds
|
|
12
14
|
};
|
|
13
15
|
exports.CredentialsCatalogue = CredentialsCatalogue;
|
|
14
16
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_fetchAndParseCatalogue","require","_fetchTranslations","CredentialsCatalogue","fetchAndParseCatalogue","fetchTranslations","exports"],"sourceRoot":"../../../../src","sources":["credentials-catalogue/v1.3.3/index.ts"],"mappings":";;;;;;AACA,IAAAA,uBAAA,GAAAC,OAAA;AACA,IAAAC,kBAAA,GAAAD,OAAA;AAEO,
|
|
1
|
+
{"version":3,"names":["_fetchAndParseCatalogue","require","_fetchTranslations","_getStatusL10nIds","CredentialsCatalogue","fetchAndParseCatalogue","fetchTranslations","getStatusL10nIds","exports"],"sourceRoot":"../../../../src","sources":["credentials-catalogue/v1.3.3/index.ts"],"mappings":";;;;;;AACA,IAAAA,uBAAA,GAAAC,OAAA;AACA,IAAAC,kBAAA,GAAAD,OAAA;AACA,IAAAE,iBAAA,GAAAF,OAAA;AAEO,MAAMG,oBAA6C,GAAG;EAC3DC,sBAAsB,EAAtBA,8CAAsB;EACtBC,iBAAiB,EAAjBA,oCAAiB;EACjBC,gBAAgB,EAAhBA;AACF,CAAC;AAACC,OAAA,CAAAJ,oBAAA,GAAAA,oBAAA"}
|
|
@@ -10,11 +10,11 @@ var _exportNames = {
|
|
|
10
10
|
exports.verify = exports.prepareVpTokenMdoc = void 0;
|
|
11
11
|
var _ioReactNativeIso = require("@pagopa/io-react-native-iso18013");
|
|
12
12
|
var _jsrsasign = require("jsrsasign");
|
|
13
|
-
var _ioReactNativeCrypto = require("@pagopa/io-react-native-crypto");
|
|
14
13
|
var _errors = require("../trust/common/errors");
|
|
15
14
|
var _errors2 = require("../utils/errors");
|
|
16
15
|
var _crypto = require("../utils/crypto");
|
|
17
16
|
var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
|
|
17
|
+
var _x = require("../utils/x509");
|
|
18
18
|
var _utils = require("./utils");
|
|
19
19
|
Object.keys(_utils).forEach(function (key) {
|
|
20
20
|
if (key === "default" || key === "__esModule") return;
|
|
@@ -39,7 +39,7 @@ const verify = async (token, x509CertRoot) => {
|
|
|
39
39
|
}
|
|
40
40
|
const x5chain = issuerSigned.issuerAuth.unprotectedHeader.x5chain.map(_jsrsasign.b64utob64);
|
|
41
41
|
// Verify the x5chain
|
|
42
|
-
await
|
|
42
|
+
await (0, _x.verifyX509Chain)(x5chain, x509CertRoot);
|
|
43
43
|
const coseSign1 = issuerSigned.issuerAuth.rawValue;
|
|
44
44
|
if (!coseSign1) {
|
|
45
45
|
throw new _errors2.IoWalletError("Missing coseSign1");
|
|
@@ -51,28 +51,6 @@ const verify = async (token, x509CertRoot) => {
|
|
|
51
51
|
};
|
|
52
52
|
};
|
|
53
53
|
|
|
54
|
-
/**
|
|
55
|
-
* This function checks whether the x509 certificate chain is valid against a specified Certificate Authority (CA)
|
|
56
|
-
*
|
|
57
|
-
* @param x5chain The mdoc's x509 certificate chain
|
|
58
|
-
* @param x509CertRoot The Trust Anchor CA
|
|
59
|
-
* @param options Options for certificate validation
|
|
60
|
-
*/
|
|
61
|
-
exports.verify = verify;
|
|
62
|
-
const verifyX5chain = async function (x5chain, x509CertRoot) {
|
|
63
|
-
let options = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : {
|
|
64
|
-
connectTimeout: 10000,
|
|
65
|
-
readTimeout: 10000,
|
|
66
|
-
requireCrl: true
|
|
67
|
-
};
|
|
68
|
-
const x509ValidationResult = await (0, _ioReactNativeCrypto.verifyCertificateChain)(x5chain, x509CertRoot, options);
|
|
69
|
-
if (!x509ValidationResult.isValid) {
|
|
70
|
-
throw new _errors.X509ValidationError(`X.509 certificate chain validation failed. Status: ${x509ValidationResult.validationStatus}. Error: ${x509ValidationResult.errorMessage}`, {
|
|
71
|
-
x509ValidationStatus: x509ValidationResult.validationStatus,
|
|
72
|
-
x509ErrorMessage: x509ValidationResult.errorMessage
|
|
73
|
-
});
|
|
74
|
-
}
|
|
75
|
-
};
|
|
76
54
|
/**
|
|
77
55
|
* This function verifies that the signature is valid for the given certificate.
|
|
78
56
|
* If not, it throws an error
|
|
@@ -80,6 +58,7 @@ const verifyX5chain = async function (x5chain, x509CertRoot) {
|
|
|
80
58
|
* @param coseSign1 The COSE-Sign1 object encoded in base64 or base64url
|
|
81
59
|
* @param cert The `x5chain`'s leaf certificate
|
|
82
60
|
*/
|
|
61
|
+
exports.verify = verify;
|
|
83
62
|
const verifyMdocSignature = async (coseSign1, cert) => {
|
|
84
63
|
const pemcert = (0, _crypto.convertBase64DerToPem)(cert);
|
|
85
64
|
const jwk = (0, _crypto.getSigninJwkFromCert)(pemcert);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_ioReactNativeIso","require","_jsrsasign","
|
|
1
|
+
{"version":3,"names":["_ioReactNativeIso","require","_jsrsasign","_errors","_errors2","_crypto","_ioReactNativeJwt","_x","_utils","Object","keys","forEach","key","prototype","hasOwnProperty","call","_exportNames","exports","defineProperty","enumerable","get","verify","token","x509CertRoot","_issuerSigned$issuerA","issuerSigned","CBOR","decodeIssuerSigned","IoWalletError","issuerAuth","unprotectedHeader","x5chain","Array","isArray","length","MissingX509CertsError","map","b64utob64","verifyX509Chain","coseSign1","rawValue","verifyMdocSignature","cert","pemcert","convertBase64DerToPem","jwk","getSigninJwkFromCert","x","y","signatureCorrect","COSE","Error","prepareVpTokenMdoc","requestNonce","generatedNonce","clientId","responseUri","docType","keyTag","_ref","verifiableCredential","presentationFrame","documents","issuerSignedContent","alias","vp_token","ISO18013_7","generateOID4VPDeviceResponse","removePadding"],"sourceRoot":"../../../src","sources":["mdoc/index.ts"],"mappings":";;;;;;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AACA,IAAAC,UAAA,GAAAD,OAAA;AAEA,IAAAE,OAAA,GAAAF,OAAA;AACA,IAAAG,QAAA,GAAAH,OAAA;AACA,IAAAI,OAAA,GAAAJ,OAAA;AAEA,IAAAK,iBAAA,GAAAL,OAAA;AACA,IAAAM,EAAA,GAAAN,OAAA;AACA,IAAAO,MAAA,GAAAP,OAAA;AAAAQ,MAAA,CAAAC,IAAA,CAAAF,MAAA,EAAAG,OAAA,WAAAC,GAAA;EAAA,IAAAA,GAAA,kBAAAA,GAAA;EAAA,IAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAC,YAAA,EAAAJ,GAAA;EAAA,IAAAA,GAAA,IAAAK,OAAA,IAAAA,OAAA,CAAAL,GAAA,MAAAJ,MAAA,CAAAI,GAAA;EAAAH,MAAA,CAAAS,cAAA,CAAAD,OAAA,EAAAL,GAAA;IAAAO,UAAA;IAAAC,GAAA,WAAAA,CAAA;MAAA,OAAAZ,MAAA,CAAAI,GAAA;IAAA;EAAA;AAAA;AAEO,MAAMS,MAAM,GAAG,MAAAA,CACpBC,KAAa,EACbC,YAAoB,KAC6B;EAAA,IAAAC,qBAAA;EACjD;EACA,MAAMC,YAAY,GAAG,MAAMC,sBAAI,CAACC,kBAAkB,CAACL,KAAK,CAAC;EAEzD,IAAI,CAACG,YAAY,EAAE;IACjB,MAAM,IAAIG,sBAAa,CAAC,cAAc,CAAC;EACzC;EAEA,IACE,GAAAJ,qBAAA,GAACC,YAAY,CAACI,UAAU,CAACC,iBAAiB,cAAAN,qBAAA,eAAzCA,qBAAA,CAA2CO,OAAO,MAClD,CAACC,KAAK,CAACC,OAAO,CAACR,YAAY,CAACI,UAAU,CAACC,iBAAiB,CAACC,OAAO,CAAC,IAChEN,YAAY,CAACI,UAAU,CAACC,iBAAiB,CAACC,OAAO,CAACG,MAAM,KAAK,CAAC,CAAC,EACjE;IACA,MAAM,IAAIC,6BAAqB,CAAC,2BAA2B,CAAC;EAC9D;EACA,MAAMJ,OAAO,GACXN,YAAY,CAACI,UAAU,CAACC,iBAAiB,CAACC,OAAO,CAACK,GAAG,CAACC,oBAAS,CAAC;EAClE;EACA,MAAM,IAAAC,kBAAe,EAACP,OAAO,EAAER,YAAY,CAAC;EAE5C,MAAMgB,SAAS,GAAGd,YAAY,CAACI,UAAU,CAACW,QAAQ;EAElD,IAAI,CAACD,SAAS,EAAE;IACd,MAAM,IAAIX,sBAAa,CAAC,mBAAmB,CAAC;EAC9C;EACA;EACA,MAAMa,mBAAmB,CAACF,SAAS,EAAER,OAAO,CAAC,CAAC,CAAE,CAAC;EAEjD,OAAO;IAAEN;EAAa,CAAC;AACzB,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AANAR,OAAA,CAAAI,MAAA,GAAAA,MAAA;AAOA,MAAMoB,mBAAmB,GAAG,MAAAA,CAAOF,SAAiB,EAAEG,IAAY,KAAK;EACrE,MAAMC,OAAO,GAAG,IAAAC,6BAAqB,EAACF,IAAI,CAAC;EAC3C,MAAMG,GAAG,GAAG,IAAAC,4BAAoB,EAACH,OAAO,CAAC;EAEzCE,GAAG,CAACE,CAAC,GAAG,IAAAV,oBAAS,EAACQ,GAAG,CAACE,CAAE,CAAC;EACzBF,GAAG,CAACG,CAAC,GAAG,IAAAX,oBAAS,EAACQ,GAAG,CAACG,CAAE,CAAC;EAEzB,MAAMC,gBAAgB,GAAG,MAAMC,sBAAI,CAAC7B,MAAM,CAACkB,SAAS,EAAEM,GAAgB,CAAC;EAEvE,IAAI,CAACI,gBAAgB,EAAE,MAAM,IAAIE,KAAK,CAAC,wBAAwB,CAAC;AAClE,CAAC;AAEM,MAAMC,kBAAkB,GAAG,MAAAA,CAChCC,YAAoB,EACpBC,cAAsB,EACtBC,QAAgB,EAChBC,WAAmB,EACnBC,OAAe,EACfC,MAAc,EAAAC,IAAA,KAIV;EAAA,IAHJ,CAACC,oBAAoB,EAAEC,iBAAiB,CAAe,GAAAF,IAAA;EAIvD;EACA,MAAMG,SAAS,GAAG,CAChB;IACEC,mBAAmB,EAAE,IAAA1B,oBAAS,EAACuB,oBAAoB,CAAC;IACpDI,KAAK,EAAEN,MAAM;IACbD;EACF,CAAC,CACF;;EAED;EACA;EACA,MAAMQ,QAAQ,GAAG,MAAMC,4BAAU,CAACC,4BAA4B,CAC5DZ,QAAQ,EACRC,WAAW,EACXH,YAAY,EACZC,cAAc,EACdQ,SAAS,EACTD,iBACF,CAAC;EAED,OAAO;IACLI,QAAQ,EAAE,IAAAG,+BAAa,EAACH,QAAQ;EAClC,CAAC;AACH,CAAC;AAAChD,OAAA,CAAAmC,kBAAA,GAAAA,kBAAA"}
|
|
@@ -23,20 +23,8 @@ describe("Verification.time", () => {
|
|
|
23
23
|
});
|
|
24
24
|
it("rejects invalid type", () => {
|
|
25
25
|
const value = {
|
|
26
|
-
trust_framework: "eidas",
|
|
27
|
-
assurance_level: "high"
|
|
28
|
-
evidence: [{
|
|
29
|
-
type: "vouch",
|
|
30
|
-
time: null,
|
|
31
|
-
attestation: {
|
|
32
|
-
type: "digital_attestation",
|
|
33
|
-
reference_number: "abc",
|
|
34
|
-
date_of_issuance: "2025-09-02",
|
|
35
|
-
voucher: {
|
|
36
|
-
organization: "IPZS"
|
|
37
|
-
}
|
|
38
|
-
}
|
|
39
|
-
}]
|
|
26
|
+
trust_framework: ["eidas"],
|
|
27
|
+
assurance_level: "high"
|
|
40
28
|
};
|
|
41
29
|
expect(_types.Verification.safeParse(value).success).toBe(false);
|
|
42
30
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_types","require","describe","test","each","_label","time","value","trust_framework","assurance_level","evidence","type","attestation","reference_number","date_of_issuance","voucher","organization","expect","Verification","safeParse","success","toBe","it"],"sourceRoot":"../../../../src","sources":["sd-jwt/__test__/types.test.ts"],"mappings":";;AAAA,IAAAA,MAAA,GAAAC,OAAA;AAEAC,QAAQ,CAAC,mBAAmB,EAAE,MAAM;EAClCC,IAAI,CAACC,IAAI,CAAC,CACR,CAAC,YAAY,EAAE,sBAAsB,CAAC,EACtC,CAAC,cAAc,EAAE,UAAU,CAAC,EAC5B,CAAC,mBAAmB,EAAE,aAAa,CAAC,CACrC,CAAC,CAAC,YAAY,EAAE,CAACC,MAAM,EAAEC,IAAI,KAAK;IACjC,MAAMC,KAAK,GAAG;MACZC,eAAe,EAAE,OAAO;MACxBC,eAAe,EAAE,MAAM;MACvBC,QAAQ,EAAE,CACR;QACEC,IAAI,EAAE,OAAO;QACbL,IAAI;QACJM,WAAW,EAAE;UACXD,IAAI,EAAE,qBAAqB;UAC3BE,gBAAgB,EAAE,KAAK;UACvBC,gBAAgB,EAAE,YAAY;UAC9BC,OAAO,EAAE;YAAEC,YAAY,EAAE;UAAO;QAClC;MACF,CAAC;IAEL,CAAC;IAEDC,MAAM,CAACC,mBAAY,CAACC,SAAS,CAACZ,KAAK,CAAC,CAACa,OAAO,CAAC,CAACC,IAAI,CAAC,IAAI,CAAC;EAC1D,CAAC,CAAC;EAEFC,EAAE,CAAC,sBAAsB,EAAE,MAAM;IAC/B,MAAMf,KAAK,GAAG;MACZC,eAAe,EAAE,
|
|
1
|
+
{"version":3,"names":["_types","require","describe","test","each","_label","time","value","trust_framework","assurance_level","evidence","type","attestation","reference_number","date_of_issuance","voucher","organization","expect","Verification","safeParse","success","toBe","it"],"sourceRoot":"../../../../src","sources":["sd-jwt/__test__/types.test.ts"],"mappings":";;AAAA,IAAAA,MAAA,GAAAC,OAAA;AAEAC,QAAQ,CAAC,mBAAmB,EAAE,MAAM;EAClCC,IAAI,CAACC,IAAI,CAAC,CACR,CAAC,YAAY,EAAE,sBAAsB,CAAC,EACtC,CAAC,cAAc,EAAE,UAAU,CAAC,EAC5B,CAAC,mBAAmB,EAAE,aAAa,CAAC,CACrC,CAAC,CAAC,YAAY,EAAE,CAACC,MAAM,EAAEC,IAAI,KAAK;IACjC,MAAMC,KAAK,GAAG;MACZC,eAAe,EAAE,OAAO;MACxBC,eAAe,EAAE,MAAM;MACvBC,QAAQ,EAAE,CACR;QACEC,IAAI,EAAE,OAAO;QACbL,IAAI;QACJM,WAAW,EAAE;UACXD,IAAI,EAAE,qBAAqB;UAC3BE,gBAAgB,EAAE,KAAK;UACvBC,gBAAgB,EAAE,YAAY;UAC9BC,OAAO,EAAE;YAAEC,YAAY,EAAE;UAAO;QAClC;MACF,CAAC;IAEL,CAAC;IAEDC,MAAM,CAACC,mBAAY,CAACC,SAAS,CAACZ,KAAK,CAAC,CAACa,OAAO,CAAC,CAACC,IAAI,CAAC,IAAI,CAAC;EAC1D,CAAC,CAAC;EAEFC,EAAE,CAAC,sBAAsB,EAAE,MAAM;IAC/B,MAAMf,KAAK,GAAG;MACZC,eAAe,EAAE,CAAC,OAAO,CAAC;MAC1BC,eAAe,EAAE;IACnB,CAAC;IAEDQ,MAAM,CAACC,mBAAY,CAACC,SAAS,CAACZ,KAAK,CAAC,CAACa,OAAO,CAAC,CAACC,IAAI,CAAC,KAAK,CAAC;EAC3D,CAAC,CAAC;AACJ,CAAC,CAAC"}
|
|
@@ -5,18 +5,6 @@ var _ = require("..");
|
|
|
5
5
|
describe("SD-JWT getVerification", () => {
|
|
6
6
|
it("extracts the verification claims correctly", () => {
|
|
7
7
|
expect((0, _.getVerification)(_sdJwt.pid)).toEqual({
|
|
8
|
-
evidence: [{
|
|
9
|
-
attestation: {
|
|
10
|
-
date_of_issuance: "2025-06-23",
|
|
11
|
-
voucher: {
|
|
12
|
-
organization: "Ministero dell'Interno"
|
|
13
|
-
},
|
|
14
|
-
type: "digital_attestation",
|
|
15
|
-
reference_number: "123456789"
|
|
16
|
-
},
|
|
17
|
-
time: "2025-06-23T13:14:25Z",
|
|
18
|
-
type: "vouch"
|
|
19
|
-
}],
|
|
20
8
|
trust_framework: "it_cie",
|
|
21
9
|
assurance_level: "high"
|
|
22
10
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_sdJwt","require","_","describe","it","expect","getVerification","pid","toEqual","
|
|
1
|
+
{"version":3,"names":["_sdJwt","require","_","describe","it","expect","getVerification","pid","toEqual","trust_framework","assurance_level","legacyPid","toBeUndefined"],"sourceRoot":"../../../../src","sources":["sd-jwt/__test__/utils.test.ts"],"mappings":";;AAAA,IAAAA,MAAA,GAAAC,OAAA;AACA,IAAAC,CAAA,GAAAD,OAAA;AAEAE,QAAQ,CAAC,wBAAwB,EAAE,MAAM;EACvCC,EAAE,CAAC,4CAA4C,EAAE,MAAM;IACrDC,MAAM,CAAC,IAAAC,iBAAe,EAACC,UAAG,CAAC,CAAC,CAACC,OAAO,CAAC;MACnCC,eAAe,EAAE,QAAQ;MACzBC,eAAe,EAAE;IACnB,CAAC,CAAC;EACJ,CAAC,CAAC;EAEFN,EAAE,CAAC,4DAA4D,EAAE,MAAM;IACrEC,MAAM,CAAC,IAAAC,iBAAe,EAACK,gBAAS,CAAC,CAAC,CAACC,aAAa,CAAC,CAAC;EACpD,CAAC,CAAC;AACJ,CAAC,CAAC"}
|
|
@@ -64,20 +64,7 @@ const SdJwt4VCBase = _zod.z.object({
|
|
|
64
64
|
exports.SdJwt4VCBase = SdJwt4VCBase;
|
|
65
65
|
const Verification = _zod.z.object({
|
|
66
66
|
trust_framework: _zod.z.string(),
|
|
67
|
-
assurance_level: _zod.z.string()
|
|
68
|
-
evidence: _zod.z.array(_zod.z.object({
|
|
69
|
-
type: _zod.z.literal("vouch"),
|
|
70
|
-
// Support both string and UNIX timestamp for backward compatibility
|
|
71
|
-
time: _zod.z.union([_zod.z.string(), _zod.z.number()]),
|
|
72
|
-
attestation: _zod.z.object({
|
|
73
|
-
type: _zod.z.literal("digital_attestation"),
|
|
74
|
-
reference_number: _zod.z.string(),
|
|
75
|
-
date_of_issuance: _zod.z.string(),
|
|
76
|
-
voucher: _zod.z.object({
|
|
77
|
-
organization: _zod.z.string()
|
|
78
|
-
})
|
|
79
|
-
})
|
|
80
|
-
}))
|
|
67
|
+
assurance_level: _zod.z.string()
|
|
81
68
|
});
|
|
82
69
|
|
|
83
70
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_zod","require","_zod2","_jwk","LEGACY_SD_JWT","exports","StatusAssertion","z","object","credential_hash_alg","literal","StatusList","idx","string","uri","SdJwt4VCBase","header","typ","enum","alg","kid","trust_chain","array","optional","x5c","vctm","payload","_sd","_sd_alg","iss","sub","iat","UnixTime","exp","cnf","jwk","JWK","status","union","status_list","status_assertion","vct","Verification","trust_framework","assurance_level","
|
|
1
|
+
{"version":3,"names":["_zod","require","_zod2","_jwk","LEGACY_SD_JWT","exports","StatusAssertion","z","object","credential_hash_alg","literal","StatusList","idx","string","uri","SdJwt4VCBase","header","typ","enum","alg","kid","trust_chain","array","optional","x5c","vctm","payload","_sd","_sd_alg","iss","sub","iat","UnixTime","exp","cnf","jwk","JWK","status","union","status_list","status_assertion","vct","Verification","trust_framework","assurance_level","TypeMetadata","name","description","data_source","authentic_source","organization_name","organization_code","contacts","homepage_uri","url","logo_uri"],"sourceRoot":"../../../src","sources":["sd-jwt/types.ts"],"mappings":";;;;;;AAAA,IAAAA,IAAA,GAAAC,OAAA;AACA,IAAAC,KAAA,GAAAD,OAAA;AACA,IAAAE,IAAA,GAAAF,OAAA;AAEA;AACA;AACA;AACA;;AAEO,MAAMG,aAAa,GAAG,WAAW;AAACC,OAAA,CAAAD,aAAA,GAAAA,aAAA;AAEzC,MAAME,eAAe,GAAGC,MAAC,CAACC,MAAM,CAAC;EAC/BC,mBAAmB,EAAEF,MAAC,CAACG,OAAO,CAAC,SAAS;AAC1C,CAAC,CAAC;AAEF,MAAMC,UAAU,GAAGJ,MAAC,CAACC,MAAM,CAAC;EAC1BI,GAAG,EAAEL,MAAC,CAACM,MAAM,CAAC,CAAC;EACfC,GAAG,EAAEP,MAAC,CAACM,MAAM,CAAC;AAChB,CAAC,CAAC;;AAEF;AACA;AACA;AACA;;AAEO,MAAME,YAAY,GAAGR,MAAC,CAACC,MAAM,CAAC;EACnCQ,MAAM,EAAET,MAAC,CAACC,MAAM,CAAC;IACfS,GAAG,EAAEV,MAAC,CAACW,IAAI,CAAC,CAAC,WAAW,EAAEd,aAAa,CAAC,CAAC;IACzCe,GAAG,EAAEZ,MAAC,CAACM,MAAM,CAAC,CAAC;IACfO,GAAG,EAAEb,MAAC,CAACM,MAAM,CAAC,CAAC;IACfQ,WAAW,EAAEd,MAAC,CAACe,KAAK,CAACf,MAAC,CAACM,MAAM,CAAC,CAAC,CAAC,CAACU,QAAQ,CAAC,CAAC;IAC3CC,GAAG,EAAEjB,MAAC,CAACe,KAAK,CAACf,MAAC,CAACM,MAAM,CAAC,CAAC,CAAC,CAACU,QAAQ,CAAC,CAAC;IACnCE,IAAI,EAAElB,MAAC,CAACe,KAAK,CAACf,MAAC,CAACM,MAAM,CAAC,CAAC,CAAC,CAACU,QAAQ,CAAC;EACrC,CAAC,CAAC;EACFG,OAAO,EAAEnB,MAAC,CAACC,MAAM,CAAC;IAChBmB,GAAG,EAAEpB,MAAC,CAACe,KAAK,CAACf,MAAC,CAACM,MAAM,CAAC,CAAC,CAAC;IACxBe,OAAO,EAAErB,MAAC,CAACG,OAAO,CAAC,SAAS,CAAC;IAC7BmB,GAAG,EAAEtB,MAAC,CAACM,MAAM,CAAC,CAAC;IACfiB,GAAG,EAAEvB,MAAC,CAACM,MAAM,CAAC,CAAC;IACfkB,GAAG,EAAEC,cAAQ,CAACT,QAAQ,CAAC,CAAC;IACxBU,GAAG,EAAED,cAAQ;IACbE,GAAG,EAAE3B,MAAC,CAACC,MAAM,CAAC;MACZ2B,GAAG,EAAEC;IACP,CAAC,CAAC;IACFC,MAAM,EAAE9B,MAAC,CAAC+B,KAAK,CAAC,CACd/B,MAAC,CAACC,MAAM,CAAC;MACP+B,WAAW,EAAE5B;IACf,CAAC,CAAC,EACFJ,MAAC,CAACC,MAAM,CAAC;MACP;MACAgC,gBAAgB,EAAElC;IACpB,CAAC,CAAC,CACH,CAAC;IACFmC,GAAG,EAAElC,MAAC,CAACM,MAAM,CAAC,CAAC;IACf,eAAe,EAAEN,MAAC,CAACM,MAAM,CAAC,CAAC,CAACU,QAAQ,CAAC;EACvC,CAAC;AACH,CAAC,CAAC;;AAEF;AACA;AACA;AACA;AAHAlB,OAAA,CAAAU,YAAA,GAAAA,YAAA;AAKO,MAAM2B,YAAY,GAAGnC,MAAC,CAACC,MAAM,CAAC;EACnCmC,eAAe,EAAEpC,MAAC,CAACM,MAAM,CAAC,CAAC;EAC3B+B,eAAe,EAAErC,MAAC,CAACM,MAAM,CAAC;AAC5B,CAAC,CAAC;;AAEF;AACA;AACA;AACA;AACA;AAJAR,OAAA,CAAAqC,YAAA,GAAAA,YAAA;AAMO,MAAMG,YAAY,GAAGtC,MAAC,CAACC,MAAM,CAAC;EACnCsC,IAAI,EAAEvC,MAAC,CAACM,MAAM,CAAC,CAAC;EAChBkC,WAAW,EAAExC,MAAC,CAACM,MAAM,CAAC,CAAC;EACvBmC,WAAW,EAAEzC,MAAC,CAACC,MAAM,CAAC;IACpBmC,eAAe,EAAEpC,MAAC,CAACM,MAAM,CAAC,CAAC;IAC3BoC,gBAAgB,EAAE1C,MAAC,CAACC,MAAM,CAAC;MACzB0C,iBAAiB,EAAE3C,MAAC,CAACM,MAAM,CAAC,CAAC;MAC7BsC,iBAAiB,EAAE5C,MAAC,CAACM,MAAM,CAAC,CAAC;MAC7BuC,QAAQ,EAAE7C,MAAC,CAACe,KAAK,CAACf,MAAC,CAACM,MAAM,CAAC,CAAC,CAAC;MAC7BwC,YAAY,EAAE9C,MAAC,CAACM,MAAM,CAAC,CAAC,CAACyC,GAAG,CAAC,CAAC;MAC9BC,QAAQ,EAAEhD,MAAC,CAACM,MAAM,CAAC,CAAC,CAACyC,GAAG,CAAC;IAC3B,CAAC;EACH,CAAC;AACH,CAAC,CAAC;AAACjD,OAAA,CAAAwC,YAAA,GAAAA,YAAA"}
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
Object.defineProperty(exports, "__esModule", {
|
|
4
4
|
value: true
|
|
5
5
|
});
|
|
6
|
-
exports.partialCallbacks = exports.createVerifyJwtFromJwks = void 0;
|
|
6
|
+
exports.partialCallbacks = exports.createVerifyJwtFromJwks = exports.createSignJwtFromCryptoContext = void 0;
|
|
7
7
|
var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
|
|
8
8
|
var _cryptoNodejs = require("@sd-jwt/crypto-nodejs");
|
|
9
9
|
var _jsrsasign = require("jsrsasign");
|
|
@@ -118,5 +118,24 @@ const createVerifyJwtFromJwks = jwks => {
|
|
|
118
118
|
}
|
|
119
119
|
};
|
|
120
120
|
};
|
|
121
|
+
|
|
122
|
+
/**
|
|
123
|
+
* Create a signJwt implementation that signs a JWT using the provided CryptoContext.
|
|
124
|
+
* @param cryptoContext The CryptoContext to use for signing the JWT
|
|
125
|
+
* @returns Function that implements `signJwt` callback
|
|
126
|
+
*/
|
|
121
127
|
exports.createVerifyJwtFromJwks = createVerifyJwtFromJwks;
|
|
128
|
+
const createSignJwtFromCryptoContext = cryptoContext => {
|
|
129
|
+
return async function signJwt(jwtSigner, _ref2) {
|
|
130
|
+
let {
|
|
131
|
+
header,
|
|
132
|
+
payload
|
|
133
|
+
} = _ref2;
|
|
134
|
+
return {
|
|
135
|
+
jwt: await new _ioReactNativeJwt.SignJWT(cryptoContext).setProtectedHeader(header).setPayload(payload).sign(),
|
|
136
|
+
signerJwk: jwtSigner.method === "jwk" ? jwtSigner.publicJwk : await cryptoContext.getPublicKey()
|
|
137
|
+
};
|
|
138
|
+
};
|
|
139
|
+
};
|
|
140
|
+
exports.createSignJwtFromCryptoContext = createSignJwtFromCryptoContext;
|
|
122
141
|
//# sourceMappingURL=callbacks.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_ioReactNativeJwt","require","_cryptoNodejs","_jsrsasign","_errors","_misc","_crypto","getJwkFromSigner","signer","method","getJwkFromCertificateChain","x5c","assert","trustChain","length","getJwkFromTrustChain","kid","publicJwk","IoWalletError","partialCallbacks","generateRandom","generateRandomBytes","hash","digest","encryptJwe","_ref","data","alg","enc","jwe","EncryptJwe","encrypt","encryptionJwk","verifyJwt","jwtSigner","jwt","signerJwk","verify","compact","verified","decryptJwe","getX509CertificateMetadata","certificate","x509","X509","readCertPEM","sanExt","getExtSubjectAltName","sanDnsNames","sanUriNames","item","array","push","dns","uri","exports","createVerifyJwtFromJwks","jwks","_","getJwkFromHeader","header"],"sourceRoot":"../../../src","sources":["utils/callbacks.ts"],"mappings":";;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;
|
|
1
|
+
{"version":3,"names":["_ioReactNativeJwt","require","_cryptoNodejs","_jsrsasign","_errors","_misc","_crypto","getJwkFromSigner","signer","method","getJwkFromCertificateChain","x5c","assert","trustChain","length","getJwkFromTrustChain","kid","publicJwk","IoWalletError","partialCallbacks","generateRandom","generateRandomBytes","hash","digest","encryptJwe","_ref","data","alg","enc","jwe","EncryptJwe","encrypt","encryptionJwk","verifyJwt","jwtSigner","jwt","signerJwk","verify","compact","verified","decryptJwe","getX509CertificateMetadata","certificate","x509","X509","readCertPEM","sanExt","getExtSubjectAltName","sanDnsNames","sanUriNames","item","array","push","dns","uri","exports","createVerifyJwtFromJwks","jwks","_","getJwkFromHeader","header","createSignJwtFromCryptoContext","cryptoContext","signJwt","_ref2","payload","SignJWT","setProtectedHeader","setPayload","sign","getPublicKey"],"sourceRoot":"../../../src","sources":["utils/callbacks.ts"],"mappings":";;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AAQA,IAAAC,aAAA,GAAAD,OAAA;AACA,IAAAE,UAAA,GAAAF,OAAA;AACA,IAAAG,OAAA,GAAAH,OAAA;AACA,IAAAI,KAAA,GAAAJ,OAAA;AAEA,IAAAK,OAAA,GAAAL,OAAA;AAOA;;AAMA;AACA;AACA;AACA;AACA;AACA,MAAMM,gBAAgB,GAAG,MAAOC,MAAiB,IAAmB;EAClE,QAAQA,MAAM,CAACC,MAAM;IACnB,KAAK,KAAK;MACR,OAAO,IAAAC,kCAA0B,EAACF,MAAM,CAACG,GAAG,CAAC;IAC/C,KAAK,YAAY;MAAE;QACjB,IAAAC,YAAM,EACJJ,MAAM,CAACK,UAAU,IAAIL,MAAM,CAACK,UAAU,CAACC,MAAM,GAAG,CAAC,EACjD,+CACF,CAAC;QACD,OAAO,IAAAC,4BAAoB,EAACP,MAAM,CAACK,UAAU,EAAEL,MAAM,CAACQ,GAAG,CAAC;MAC5D;IACA,KAAK,KAAK;MACR,OAAOR,MAAM,CAACS,SAAS;IACzB;MACE,MAAM,IAAIC,qBAAa,CAAE,8BAA6BV,MAAM,CAACC,MAAO,EAAC,CAAC;EAC1E;AACF,CAAC;;AAED;AACA;AACA;AACA;AACA;AACO,MAAMU,gBAAwC,GAAG;EACtDC,cAAc,EAAEC,yBAAmB;EACnCC,IAAI,EAAEC,oBAAqB;EAC3BC,UAAU,EAAE,MAAAA,CAAAC,IAAA,EAAqCC,IAAI;IAAA,IAAlC;MAAET,SAAS;MAAEU,GAAG;MAAEC,GAAG;MAAEZ;IAAI,CAAC,GAAAS,IAAA;IAAA,OAAY;MACzD;MACAI,GAAG,EAAE,MAAM,IAAIC,4BAAU,CAACJ,IAAI,EAAE;QAAEC,GAAG;QAAEC,GAAG;QAAEZ;MAAI,CAAC,CAAC,CAACe,OAAO,CAACd,SAAS,CAAC;MACrEe,aAAa,EAAEf;IACjB,CAAC;EAAA,CAAC;EACFgB,SAAS,EAAE,MAAAA,CAAOC,SAAS,EAAEC,GAAG,KAAK;IACnC,IAAI;MACF,MAAMC,SAAS,GAAG,MAAM7B,gBAAgB,CAAC2B,SAAS,CAAC;MACnD,MAAM,IAAAG,wBAAM,EAACF,GAAG,CAACG,OAAO,EAAEF,SAAS,CAAC;MACpC,OAAO;QAAEG,QAAQ,EAAE,IAAI;QAAEH;MAAU,CAAC;IACtC,CAAC,CAAC,MAAM;MACN,OAAO;QAAEG,QAAQ,EAAE;MAAM,CAAC;IAC5B;EACF,CAAC;EACDC,UAAU,EAAEA,CAAA,KAAM;IAChB,MAAM,IAAItB,qBAAa,CAAC,+BAA+B,CAAC;EAC1D,CAAC;EACDuB,0BAA0B,EAAGC,WAAW,IAAK;IAC3C,MAAMC,IAAI,GAAG,IAAIC,eAAI,CAAC,CAAC;IACvBD,IAAI,CAACE,WAAW,CAACH,WAAW,CAAC;IAC7B,MAAMI,MAAM,GAAGH,IAAI,CAACI,oBAAoB,CAACL,WAAW,CAAC;IAErD,MAAMM,WAAqB,GAAG,EAAE;IAChC,MAAMC,WAAqB,GAAG,EAAE;IAEhC,KAAK,MAAMC,IAAI,IAAIJ,MAAM,CAACK,KAAK,EAAE;MAC/B,IAAI,CAACD,IAAI,EAAE;MACX,IAAI,KAAK,IAAIA,IAAI,EAAEF,WAAW,CAACI,IAAI,CAACF,IAAI,CAACG,GAAG,CAAC;MAC7C,IAAI,KAAK,IAAIH,IAAI,EAAED,WAAW,CAACG,IAAI,CAACF,IAAI,CAACI,GAAG,CAAC;IAC/C;IAEA,OAAO;MAAEN,WAAW;MAAEC;IAAY,CAAC;EACrC;AACF,CAAC;AAACM,OAAA,CAAApC,gBAAA,GAAAA,gBAAA;AAIF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMqC,uBAAuB,GAClCC,IAAW,IACsB;EACjC,OAAO,eAAexB,SAASA,CAACyB,CAAC,EAAEvB,GAAG,EAAE;IACtC,IAAI;MACF,MAAMC,SAAS,GAAG,IAAAuB,kCAAgB,EAACxB,GAAG,CAACyB,MAAM,EAAeH,IAAI,CAAC;MACjE,MAAM,IAAApB,wBAAM,EAACF,GAAG,CAACG,OAAO,EAAEF,SAAS,CAAC;MACpC,OAAO;QAAEG,QAAQ,EAAE,IAAI;QAAEH;MAAU,CAAC;IACtC,CAAC,CAAC,MAAM;MACN,OAAO;QAAEG,QAAQ,EAAE;MAAM,CAAC;IAC5B;EACF,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA;AACA;AAJAgB,OAAA,CAAAC,uBAAA,GAAAA,uBAAA;AAKO,MAAMK,8BAA8B,GACzCC,aAA4B,IACG;EAC/B,OAAO,eAAeC,OAAOA,CAAC7B,SAAS,EAAA8B,KAAA,EAAuB;IAAA,IAArB;MAAEJ,MAAM;MAAEK;IAAQ,CAAC,GAAAD,KAAA;IAC1D,OAAO;MACL7B,GAAG,EAAE,MAAM,IAAI+B,yBAAO,CAACJ,aAAa,CAAC,CAClCK,kBAAkB,CAACP,MAAM,CAAC,CAC1BQ,UAAU,CAACH,OAAO,CAAC,CACnBI,IAAI,CAAC,CAAC;MACTjC,SAAS,EACPF,SAAS,CAACzB,MAAM,KAAK,KAAK,GACtByB,SAAS,CAACjB,SAAS,GACnB,MAAM6C,aAAa,CAACQ,YAAY,CAAC;IACzC,CAAC;EACH,CAAC;AACH,CAAC;AAACf,OAAA,CAAAM,8BAAA,GAAAA,8BAAA"}
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
Object.defineProperty(exports, "__esModule", {
|
|
4
4
|
value: true
|
|
5
5
|
});
|
|
6
|
-
exports.sdkConfigV1_3 = exports.sdkConfigV1_0 = void 0;
|
|
6
|
+
exports.sdkConfigV1_4 = exports.sdkConfigV1_3 = exports.sdkConfigV1_0 = void 0;
|
|
7
7
|
var _ioWalletUtils = require("@pagopa/io-wallet-utils");
|
|
8
8
|
/**
|
|
9
9
|
* IO Wallet SDK configuration object for v1.0 specs.
|
|
@@ -19,5 +19,13 @@ exports.sdkConfigV1_0 = sdkConfigV1_0;
|
|
|
19
19
|
const sdkConfigV1_3 = new _ioWalletUtils.IoWalletSdkConfig({
|
|
20
20
|
itWalletSpecsVersion: _ioWalletUtils.ItWalletSpecsVersion.V1_3
|
|
21
21
|
});
|
|
22
|
+
|
|
23
|
+
/**
|
|
24
|
+
* IO Wallet SDK configuration object for v1.4 specs.
|
|
25
|
+
*/
|
|
22
26
|
exports.sdkConfigV1_3 = sdkConfigV1_3;
|
|
27
|
+
const sdkConfigV1_4 = new _ioWalletUtils.IoWalletSdkConfig({
|
|
28
|
+
itWalletSpecsVersion: _ioWalletUtils.ItWalletSpecsVersion.V1_4
|
|
29
|
+
});
|
|
30
|
+
exports.sdkConfigV1_4 = sdkConfigV1_4;
|
|
23
31
|
//# sourceMappingURL=config.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_ioWalletUtils","require","sdkConfigV1_0","IoWalletSdkConfig","itWalletSpecsVersion","ItWalletSpecsVersion","V1_0","exports","sdkConfigV1_3","V1_3"],"sourceRoot":"../../../src","sources":["utils/config.ts"],"mappings":";;;;;;AAAA,IAAAA,cAAA,GAAAC,OAAA;AAKA;AACA;AACA;AACO,MAAMC,aAAa,GAAG,IAAIC,gCAAiB,CAAC;EACjDC,oBAAoB,EAAEC,mCAAoB,CAACC;AAC7C,CAAC,CAAC;;AAEF;AACA;AACA;AAFAC,OAAA,CAAAL,aAAA,GAAAA,aAAA;AAGO,MAAMM,aAAa,GAAG,IAAIL,gCAAiB,CAAC;EACjDC,oBAAoB,EAAEC,mCAAoB,CAACI;AAC7C,CAAC,CAAC;
|
|
1
|
+
{"version":3,"names":["_ioWalletUtils","require","sdkConfigV1_0","IoWalletSdkConfig","itWalletSpecsVersion","ItWalletSpecsVersion","V1_0","exports","sdkConfigV1_3","V1_3","sdkConfigV1_4","V1_4"],"sourceRoot":"../../../src","sources":["utils/config.ts"],"mappings":";;;;;;AAAA,IAAAA,cAAA,GAAAC,OAAA;AAKA;AACA;AACA;AACO,MAAMC,aAAa,GAAG,IAAIC,gCAAiB,CAAC;EACjDC,oBAAoB,EAAEC,mCAAoB,CAACC;AAC7C,CAAC,CAAC;;AAEF;AACA;AACA;AAFAC,OAAA,CAAAL,aAAA,GAAAA,aAAA;AAGO,MAAMM,aAAa,GAAG,IAAIL,gCAAiB,CAAC;EACjDC,oBAAoB,EAAEC,mCAAoB,CAACI;AAC7C,CAAC,CAAC;;AAEF;AACA;AACA;AAFAF,OAAA,CAAAC,aAAA,GAAAA,aAAA;AAGO,MAAME,aAAa,GAAG,IAAIP,gCAAiB,CAAC;EACjDC,oBAAoB,EAAEC,mCAAoB,CAACM;AAC7C,CAAC,CAAC;AAACJ,OAAA,CAAAG,aAAA,GAAAA,aAAA"}
|
|
@@ -0,0 +1,34 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
|
|
3
|
+
Object.defineProperty(exports, "__esModule", {
|
|
4
|
+
value: true
|
|
5
|
+
});
|
|
6
|
+
exports.verifyX509Chain = void 0;
|
|
7
|
+
var _ioReactNativeCrypto = require("@pagopa/io-react-native-crypto");
|
|
8
|
+
var _errors = require("../trust/common/errors");
|
|
9
|
+
/**
|
|
10
|
+
* This function checks whether the x509 certificate chain is valid against a specified Certificate Authority (CA)
|
|
11
|
+
*
|
|
12
|
+
* @param x5chain The mdoc's x509 certificate chain
|
|
13
|
+
* @param x509CertRoot The Trust Anchor CA
|
|
14
|
+
* @param options Options for certificate validation
|
|
15
|
+
*/
|
|
16
|
+
const verifyX509Chain = async function (x5chain, x509CertRoot) {
|
|
17
|
+
let options = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : {
|
|
18
|
+
connectTimeout: 10000,
|
|
19
|
+
readTimeout: 10000,
|
|
20
|
+
requireCrl: true
|
|
21
|
+
};
|
|
22
|
+
// Strip the trust anchor from the chain if the issuer included it,
|
|
23
|
+
// since verifyCertificateChain expects it passed separately.
|
|
24
|
+
const certChain = x5chain.length > 1 && x5chain.at(-1) === x509CertRoot ? x5chain.slice(0, -1) : x5chain;
|
|
25
|
+
const x509ValidationResult = await (0, _ioReactNativeCrypto.verifyCertificateChain)(certChain, x509CertRoot, options);
|
|
26
|
+
if (!x509ValidationResult.isValid) {
|
|
27
|
+
throw new _errors.X509ValidationError(`X.509 certificate chain validation failed. Status: ${x509ValidationResult.validationStatus}. Error: ${x509ValidationResult.errorMessage}`, {
|
|
28
|
+
x509ValidationStatus: x509ValidationResult.validationStatus,
|
|
29
|
+
x509ErrorMessage: x509ValidationResult.errorMessage
|
|
30
|
+
});
|
|
31
|
+
}
|
|
32
|
+
};
|
|
33
|
+
exports.verifyX509Chain = verifyX509Chain;
|
|
34
|
+
//# sourceMappingURL=x509.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["_ioReactNativeCrypto","require","_errors","verifyX509Chain","x5chain","x509CertRoot","options","arguments","length","undefined","connectTimeout","readTimeout","requireCrl","certChain","at","slice","x509ValidationResult","verifyCertificateChain","isValid","X509ValidationError","validationStatus","errorMessage","x509ValidationStatus","x509ErrorMessage","exports"],"sourceRoot":"../../../src","sources":["utils/x509.ts"],"mappings":";;;;;;AAAA,IAAAA,oBAAA,GAAAC,OAAA;AAKA,IAAAC,OAAA,GAAAD,OAAA;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAME,eAAe,GAAG,eAAAA,CAC7BC,OAAiB,EACjBC,YAAoB,EAMjB;EAAA,IALHC,OAA+B,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG;IAChCG,cAAc,EAAE,KAAK;IACrBC,WAAW,EAAE,KAAK;IAClBC,UAAU,EAAE;EACd,CAAC;EAED;EACA;EACA,MAAMC,SAAS,GACbT,OAAO,CAACI,MAAM,GAAG,CAAC,IAAIJ,OAAO,CAACU,EAAE,CAAC,CAAC,CAAC,CAAC,KAAKT,YAAY,GACjDD,OAAO,CAACW,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GACpBX,OAAO;EAEb,MAAMY,oBAAiD,GACrD,MAAM,IAAAC,2CAAsB,EAACJ,SAAS,EAAER,YAAY,EAAEC,OAAO,CAAC;EAEhE,IAAI,CAACU,oBAAoB,CAACE,OAAO,EAAE;IACjC,MAAM,IAAIC,2BAAmB,CAC1B,sDAAqDH,oBAAoB,CAACI,gBAAiB,YAAWJ,oBAAoB,CAACK,YAAa,EAAC,EAC1I;MACEC,oBAAoB,EAAEN,oBAAoB,CAACI,gBAAgB;MAC3DG,gBAAgB,EAAEP,oBAAoB,CAACK;IACzC,CACF,CAAC;EACH;AACF,CAAC;AAACG,OAAA,CAAArB,eAAA,GAAAA,eAAA"}
|
|
@@ -22,8 +22,6 @@ const DecodedWalletInstanceAttestation = z.object({
|
|
|
22
22
|
jwk: _jwk.JWK
|
|
23
23
|
}),
|
|
24
24
|
sub: z.string(),
|
|
25
|
-
wallet_provider_name: z.string().optional(),
|
|
26
|
-
wallet_solution_id: z.string().optional(),
|
|
27
25
|
/** @deprecated */
|
|
28
26
|
wallet_link: z.string().optional(),
|
|
29
27
|
/** @deprecated */
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["z","_interopRequireWildcard","require","_zod2","_jwk","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","DecodedWalletInstanceAttestation","object","iss","string","iat","UnixTime","exp","cnf","jwk","JWK","sub","
|
|
1
|
+
{"version":3,"names":["z","_interopRequireWildcard","require","_zod2","_jwk","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","DecodedWalletInstanceAttestation","object","iss","string","iat","UnixTime","exp","cnf","jwk","JWK","sub","wallet_link","optional","wallet_name","aal","exports"],"sourceRoot":"../../../../src","sources":["wallet-instance-attestation/api/types.ts"],"mappings":";;;;;;AAAA,IAAAA,CAAA,GAAAC,uBAAA,CAAAC,OAAA;AACA,IAAAC,KAAA,GAAAD,OAAA;AACA,IAAAE,IAAA,GAAAF,OAAA;AAAsC,SAAAG,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAL,wBAAAS,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAEtC;AACA;AACA;AACA;;AAIO,MAAMW,gCAAgC,GAAG3B,CAAC,CAAC4B,MAAM,CAAC;EACvDC,GAAG,EAAE7B,CAAC,CAAC8B,MAAM,CAAC,CAAC;EACfC,GAAG,EAAEC,cAAQ;EACbC,GAAG,EAAED,cAAQ;EACbE,GAAG,EAAElC,CAAC,CAAC4B,MAAM,CAAC;IAAEO,GAAG,EAAEC;EAAI,CAAC,CAAC;EAC3BC,GAAG,EAAErC,CAAC,CAAC8B,MAAM,CAAC,CAAC;EACf;EACAQ,WAAW,EAAEtC,CAAC,CAAC8B,MAAM,CAAC,CAAC,CAACS,QAAQ,CAAC,CAAC;EAClC;EACAC,WAAW,EAAExC,CAAC,CAAC8B,MAAM,CAAC,CAAC,CAACS,QAAQ,CAAC,CAAC;EAClC;EACAE,GAAG,EAAEzC,CAAC,CAAC8B,MAAM,CAAC,CAAC,CAACS,QAAQ,CAAC;AAC3B,CAAC,CAAC;AAACG,OAAA,CAAAf,gCAAA,GAAAA,gCAAA"}
|
|
@@ -6,20 +6,7 @@ Object.defineProperty(exports, "__esModule", {
|
|
|
6
6
|
exports.mapToDecodedWalletInstanceAttestation = void 0;
|
|
7
7
|
var _mappers = require("../../utils/mappers");
|
|
8
8
|
var _types = require("../api/types");
|
|
9
|
-
const mapToDecodedWalletInstanceAttestation = (0, _mappers.createMapper)(
|
|
10
|
-
let {
|
|
11
|
-
payload
|
|
12
|
-
} = _ref;
|
|
13
|
-
const {
|
|
14
|
-
eudi_wallet_info,
|
|
15
|
-
...rest
|
|
16
|
-
} = payload;
|
|
17
|
-
return {
|
|
18
|
-
...rest,
|
|
19
|
-
wallet_provider_name: eudi_wallet_info.general_info.wallet_provider_name,
|
|
20
|
-
wallet_solution_id: eudi_wallet_info.general_info.wallet_solution_id
|
|
21
|
-
};
|
|
22
|
-
}, {
|
|
9
|
+
const mapToDecodedWalletInstanceAttestation = (0, _mappers.createMapper)(x => x.payload, {
|
|
23
10
|
outputSchema: _types.DecodedWalletInstanceAttestation
|
|
24
11
|
});
|
|
25
12
|
exports.mapToDecodedWalletInstanceAttestation = mapToDecodedWalletInstanceAttestation;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_mappers","require","_types","mapToDecodedWalletInstanceAttestation","createMapper","
|
|
1
|
+
{"version":3,"names":["_mappers","require","_types","mapToDecodedWalletInstanceAttestation","createMapper","x","payload","outputSchema","DecodedWalletInstanceAttestation","exports"],"sourceRoot":"../../../../src","sources":["wallet-instance-attestation/v1.3.3/mappers.ts"],"mappings":";;;;;;AAAA,IAAAA,QAAA,GAAAC,OAAA;AACA,IAAAC,MAAA,GAAAD,OAAA;AAGO,MAAME,qCAAqC,GAAG,IAAAC,qBAAY,EAG9DC,CAAC,IAAKA,CAAC,CAACC,OAAO,EAAE;EAClBC,YAAY,EAAEC;AAChB,CAAC,CAAC;AAACC,OAAA,CAAAN,qCAAA,GAAAA,qCAAA"}
|
|
@@ -14,13 +14,8 @@ const WalletInstanceAttestationJwt = z.object({
|
|
|
14
14
|
})),
|
|
15
15
|
payload: z.intersection(_types.Jwt.shape.payload, z.object({
|
|
16
16
|
sub: z.string(),
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
wallet_provider_name: z.string(),
|
|
20
|
-
wallet_solution_id: z.string(),
|
|
21
|
-
wallet_solution_version: z.string()
|
|
22
|
-
})
|
|
23
|
-
})
|
|
17
|
+
wallet_link: z.string().optional(),
|
|
18
|
+
wallet_name: z.string().optional()
|
|
24
19
|
}))
|
|
25
20
|
});
|
|
26
21
|
exports.WalletInstanceAttestationJwt = WalletInstanceAttestationJwt;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["z","_interopRequireWildcard","require","_types","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","WalletInstanceAttestationJwt","object","header","intersection","Jwt","shape","typ","literal","payload","sub","string","
|
|
1
|
+
{"version":3,"names":["z","_interopRequireWildcard","require","_types","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","WalletInstanceAttestationJwt","object","header","intersection","Jwt","shape","typ","literal","payload","sub","string","wallet_link","optional","wallet_name","exports","WalletInstanceAttestationResponse","wallet_instance_attestation"],"sourceRoot":"../../../../src","sources":["wallet-instance-attestation/v1.3.3/types.ts"],"mappings":";;;;;;AAAA,IAAAA,CAAA,GAAAC,uBAAA,CAAAC,OAAA;AACA,IAAAC,MAAA,GAAAD,OAAA;AAAsC,SAAAE,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAJ,wBAAAQ,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAK/B,MAAMW,4BAA4B,GAAG1B,CAAC,CAAC2B,MAAM,CAAC;EACnDC,MAAM,EAAE5B,CAAC,CAAC6B,YAAY,CACpBC,UAAG,CAACC,KAAK,CAACH,MAAM,EAChB5B,CAAC,CAAC2B,MAAM,CAAC;IACPK,GAAG,EAAEhC,CAAC,CAACiC,OAAO,CAAC,8BAA8B;EAC/C,CAAC,CACH,CAAC;EACDC,OAAO,EAAElC,CAAC,CAAC6B,YAAY,CACrBC,UAAG,CAACC,KAAK,CAACG,OAAO,EACjBlC,CAAC,CAAC2B,MAAM,CAAC;IACPQ,GAAG,EAAEnC,CAAC,CAACoC,MAAM,CAAC,CAAC;IACfC,WAAW,EAAErC,CAAC,CAACoC,MAAM,CAAC,CAAC,CAACE,QAAQ,CAAC,CAAC;IAClCC,WAAW,EAAEvC,CAAC,CAACoC,MAAM,CAAC,CAAC,CAACE,QAAQ,CAAC;EACnC,CAAC,CACH;AACF,CAAC,CAAC;AAACE,OAAA,CAAAd,4BAAA,GAAAA,4BAAA;AAKI,MAAMe,iCAAiC,GAAGzC,CAAC,CAAC2B,MAAM,CAAC;EACxDe,2BAA2B,EAAE1C,CAAC,CAACoC,MAAM,CAAC;AACxC,CAAC,CAAC;AAACI,OAAA,CAAAC,iCAAA,GAAAA,iCAAA"}
|
|
@@ -26,17 +26,6 @@ const DecodedWalletUnitAttestation = z.object({
|
|
|
26
26
|
user_authentication: z.array(z.string()),
|
|
27
27
|
key_storage: z.array(z.string()),
|
|
28
28
|
status: Status,
|
|
29
|
-
eudi_wallet_info: z.object({
|
|
30
|
-
general_info: z.object({
|
|
31
|
-
wallet_provider_name: z.string(),
|
|
32
|
-
wallet_solution_id: z.string(),
|
|
33
|
-
wallet_solution_version: z.string()
|
|
34
|
-
}),
|
|
35
|
-
key_storage_info: z.object({
|
|
36
|
-
keys_exportable: z.boolean(),
|
|
37
|
-
storage_type: z.string()
|
|
38
|
-
})
|
|
39
|
-
}),
|
|
40
29
|
iss: z.string(),
|
|
41
30
|
iat: _zod2.UnixTime,
|
|
42
31
|
exp: _zod2.UnixTime
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["z","_interopRequireWildcard","require","_zod2","_jwk","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","Status","object","status_list","idx","number","uri","string","DecodedWalletUnitAttestation","attested_keys","array","JWK","user_authentication","key_storage","status","
|
|
1
|
+
{"version":3,"names":["z","_interopRequireWildcard","require","_zod2","_jwk","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","Status","object","status_list","idx","number","uri","string","DecodedWalletUnitAttestation","attested_keys","array","JWK","user_authentication","key_storage","status","iss","iat","UnixTime","exp","exports"],"sourceRoot":"../../../../src","sources":["wallet-unit-attestation/api/types.ts"],"mappings":";;;;;;AAAA,IAAAA,CAAA,GAAAC,uBAAA,CAAAC,OAAA;AACA,IAAAC,KAAA,GAAAD,OAAA;AACA,IAAAE,IAAA,GAAAF,OAAA;AAAsC,SAAAG,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAL,wBAAAS,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAEtC,MAAMW,MAAM,GAAG3B,CAAC,CAAC4B,MAAM,CAAC;EACtBC,WAAW,EAAE7B,CAAC,CAAC4B,MAAM,CAAC;IACpBE,GAAG,EAAE9B,CAAC,CAAC+B,MAAM,CAAC,CAAC;IACfC,GAAG,EAAEhC,CAAC,CAACiC,MAAM,CAAC;EAChB,CAAC;AACH,CAAC,CAAC;;AAEF;AACA;AACA;AACA;;AAIO,MAAMC,4BAA4B,GAAGlC,CAAC,CAAC4B,MAAM,CAAC;EACnDO,aAAa,EAAEnC,CAAC,CAACoC,KAAK,CAACC,QAAG,CAAC;EAC3BC,mBAAmB,EAAEtC,CAAC,CAACoC,KAAK,CAACpC,CAAC,CAACiC,MAAM,CAAC,CAAC,CAAC;EACxCM,WAAW,EAAEvC,CAAC,CAACoC,KAAK,CAACpC,CAAC,CAACiC,MAAM,CAAC,CAAC,CAAC;EAChCO,MAAM,EAAEb,MAAM;EACdc,GAAG,EAAEzC,CAAC,CAACiC,MAAM,CAAC,CAAC;EACfS,GAAG,EAAEC,cAAQ;EACbC,GAAG,EAAED;AACP,CAAC,CAAC;AAACE,OAAA,CAAAX,4BAAA,GAAAA,4BAAA"}
|
|
@@ -19,8 +19,8 @@ graph TD;
|
|
|
19
19
|
2[evaluateIssuerTrust]
|
|
20
20
|
3[startUserAuthorization]
|
|
21
21
|
C4[getRequestedCredentialToBePresented]
|
|
22
|
-
C4.1[
|
|
23
|
-
E4[
|
|
22
|
+
C4.1[completeEaaUserAuthorizationWithQueryMode]
|
|
23
|
+
E4[completePidUserAuthorizationWithQueryMode]
|
|
24
24
|
5[authorizeAccess]
|
|
25
25
|
6[WalletUnitAttestation.getAttestation]
|
|
26
26
|
7[obtainCredential]
|
|
@@ -86,11 +86,15 @@ MRTD Verification is a sub-flow of the Issuance flow and is used when the reques
|
|
|
86
86
|
1. **Primary Authentication**: LoA3 electronic identification (SPID or CIEid L2).
|
|
87
87
|
2. **MRTD Proof of Possession (PoP)**: Electronic document reading and cryptographic verification.
|
|
88
88
|
|
|
89
|
-
This process is initiated by the Authorization Server responding to the primary authentication step with a redirect that includes a challenge in the query string, which is handled by the `continueUserAuthorizationWithMRTDPoPChallenge` function. Once the MRTD PoP is completed, the user must continue the PID issuance flow with the `
|
|
89
|
+
This process is initiated by the Authorization Server responding to the primary authentication step with a redirect that includes a challenge in the query string, which is handled by the `continueUserAuthorizationWithMRTDPoPChallenge` function. Once the MRTD PoP is completed, the user must continue the PID issuance flow with the `completePidUserAuthorizationWithQueryMode` function.
|
|
90
90
|
|
|
91
91
|
Complete documentation for the MRTD PoP flow can be found here: [mrtd-pop](./mrtd-pop/README.md)
|
|
92
92
|
|
|
93
|
-
## Authentication through credentials (
|
|
93
|
+
## Authentication through credentials (Query Mode) - v1.3
|
|
94
|
+
|
|
95
|
+
When the credential is different than an eID, the flow requires the user to present other credentials in order to obtain the requested one. Starting from IT-Wallet specifications v1.3, the EAA issuance flow uses the query mode to complete the user authorization. This is done through the `getRequestedCredentialToBePresented` followed by the `completeEaaUserAuthorizationWithQueryMode`.
|
|
96
|
+
|
|
97
|
+
## Authentication through credentials (Form Post JWT Mode) - v1.0
|
|
94
98
|
|
|
95
99
|
When the credential is different than an eID, the flow requires the user to present other credentials in order to obtain the requested one. This is done through the `getRequestedCredentialToBePresented` followed by the `completeUserAuthorizationWithFormPostJwtMode`.
|
|
96
100
|
|
|
@@ -163,7 +167,7 @@ const credentialCryptoContext = createCryptoContextFor(credentialKeyTag);
|
|
|
163
167
|
const { issuerConf } = await wallet.CredentialIssuance.evaluateIssuerTrust(WALLET_EAA_PROVIDER_BASE_URL);
|
|
164
168
|
|
|
165
169
|
// Start user authorization
|
|
166
|
-
const { issuerRequestUri, clientId, codeVerifier } =
|
|
170
|
+
const { issuerRequestUri, clientId, codeVerifier, responseMode } =
|
|
167
171
|
await wallet.CredentialIssuance.startUserAuthorization(
|
|
168
172
|
issuerConf,
|
|
169
173
|
["someCredentialId"],
|
|
@@ -184,13 +188,27 @@ const requestObject =
|
|
|
184
188
|
appFetch
|
|
185
189
|
);
|
|
186
190
|
|
|
187
|
-
|
|
188
|
-
|
|
189
|
-
|
|
190
|
-
|
|
191
|
-
|
|
192
|
-
|
|
193
|
-
|
|
191
|
+
let code: string;
|
|
192
|
+
if (responseMode === "form_post.jwt") {
|
|
193
|
+
// Complete the user authorization via form_post.jwt mode
|
|
194
|
+
({ code } =
|
|
195
|
+
await wallet.CredentialIssuance.completeUserAuthorizationWithFormPostJwtMode(
|
|
196
|
+
requestObject,
|
|
197
|
+
issuerConf,
|
|
198
|
+
[pid.keyTag, pid.credential],
|
|
199
|
+
{ wiaCryptoContext, appFetch }
|
|
200
|
+
));
|
|
201
|
+
} else {
|
|
202
|
+
// Complete the user authorization via query mode
|
|
203
|
+
({ code } =
|
|
204
|
+
await wallet.CredentialIssuance.completeEaaUserAuthorizationWithQueryMode(
|
|
205
|
+
requestObject,
|
|
206
|
+
issuerConf,
|
|
207
|
+
[pid.keyTag, pid.credential],
|
|
208
|
+
REDIRECT_URI,
|
|
209
|
+
{ appFetch }
|
|
210
|
+
));
|
|
211
|
+
}
|
|
194
212
|
|
|
195
213
|
// Generate the DPoP context which will be used for the whole issuance flow
|
|
196
214
|
await regenerateCryptoKey(DPOP_KEYTAG); // Let's assume this function regenerates this ephemeral key for the DPoP
|
|
@@ -330,7 +348,7 @@ const { issuerConf } = await wallet.CredentialIssuance.evaluateIssuerTrust(
|
|
|
330
348
|
const { issuerRequestUri, clientId, codeVerifier, credentialDefinition } =
|
|
331
349
|
await wallet.CredentialIssuance.startUserAuthorization(
|
|
332
350
|
issuerConf,
|
|
333
|
-
["
|
|
351
|
+
["dc_sd_jwt_pid"], // Request authorization for one or more credentials
|
|
334
352
|
{ proofType: "none" },
|
|
335
353
|
{
|
|
336
354
|
walletInstanceAttestation,
|
|
@@ -342,7 +360,7 @@ const { issuerRequestUri, clientId, codeVerifier, credentialDefinition } =
|
|
|
342
360
|
|
|
343
361
|
// Complete the authorization process with query mode with the authorizationContext which opens the browser
|
|
344
362
|
const { code } =
|
|
345
|
-
await wallet.CredentialIssuance.
|
|
363
|
+
await wallet.CredentialIssuance.completePidUserAuthorizationWithQueryMode(
|
|
346
364
|
issuerRequestUri
|
|
347
365
|
);
|
|
348
366
|
|
|
@@ -52,6 +52,7 @@ export const IssuerConfig = z.object({
|
|
|
52
52
|
credential_configurations_supported: z.record(z.string(), CredentialConfig),
|
|
53
53
|
federation_entity: FederationEntityMetadata,
|
|
54
54
|
credential_issuance_batch_size: z.number().optional(),
|
|
55
|
+
encrypted_response_enc_values_supported: z.array(z.string()).optional(),
|
|
55
56
|
/**
|
|
56
57
|
* @deprecated
|
|
57
58
|
*/
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["z","JWK","FederationEntityMetadata","DisplayConfig","object","name","string","locale","ClaimConfig","path","array","union","number","null","display","IssuanceErrorSupported","title","description","CredentialConfig","intersection","discriminatedUnion","format","literal","vct","doctype","scope","claims","authentic_source","optional","issuance_errors_supported","record","IssuerConfig","credential_issuer","pushed_authorization_request_endpoint","authorization_endpoint","token_endpoint","nonce_endpoint","status_assertion_endpoint","credential_endpoint","keys","credential_configurations_supported","federation_entity","credential_issuance_batch_size","response_modes_supported"],"sourceRoot":"../../../../../src","sources":["credential/issuance/api/IssuerConfig.ts"],"mappings":"AAAA,SAASA,CAAC,QAAQ,KAAK;AACvB,SAASC,GAAG,QAAQ,oBAAoB;AACxC,SAASC,wBAAwB,QAAQ,6BAA6B;AAEtE,MAAMC,aAAa,GAAGH,CAAC,CAACI,MAAM,CAAC;EAC7BC,IAAI,EAAEL,CAAC,CAACM,MAAM,CAAC,CAAC;EAChBC,MAAM,EAAEP,CAAC,CAACM,MAAM,CAAC;AACnB,CAAC,CAAC;AAEF,MAAME,WAAW,GAAGR,CAAC,CAACI,MAAM,CAAC;EAC3BK,IAAI,EAAET,CAAC,CAACU,KAAK,CAACV,CAAC,CAACW,KAAK,CAAC,CAACX,CAAC,CAACM,MAAM,CAAC,CAAC,EAAEN,CAAC,CAACY,MAAM,CAAC,CAAC,EAAEZ,CAAC,CAACa,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;EAC1DC,OAAO,EAAEd,CAAC,CAACU,KAAK,CAACP,aAAa;AAChC,CAAC,CAAC;AAEF,MAAMY,sBAAsB,GAAGf,CAAC,CAACI,MAAM,CAAC;EACtCU,OAAO,EAAEd,CAAC,CAACU,KAAK,CACdV,CAAC,CAACI,MAAM,CAAC;IACPY,KAAK,EAAEhB,CAAC,CAACM,MAAM,CAAC,CAAC;IACjBW,WAAW,EAAEjB,CAAC,CAACM,MAAM,CAAC,CAAC;IACvBC,MAAM,EAAEP,CAAC,CAACM,MAAM,CAAC;EACnB,CAAC,CACH;AACF,CAAC,CAAC;AAEF,MAAMY,gBAAgB,GAAGlB,CAAC,CAACmB,YAAY,CACrCnB,CAAC,CAACoB,kBAAkB,CAAC,QAAQ,EAAE,CAC7BpB,CAAC,CAACI,MAAM,CAAC;EAAEiB,MAAM,EAAErB,CAAC,CAACsB,OAAO,CAAC,WAAW,CAAC;EAAEC,GAAG,EAAEvB,CAAC,CAACM,MAAM,CAAC;AAAE,CAAC,CAAC,EAC7DN,CAAC,CAACI,MAAM,CAAC;EAAEiB,MAAM,EAAErB,CAAC,CAACsB,OAAO,CAAC,UAAU,CAAC;EAAEE,OAAO,EAAExB,CAAC,CAACM,MAAM,CAAC;AAAE,CAAC,CAAC,CACjE,CAAC,EACFN,CAAC,CAACI,MAAM,CAAC;EACPqB,KAAK,EAAEzB,CAAC,CAACM,MAAM,CAAC,CAAC;EACjBQ,OAAO,EAAEd,CAAC,CAACU,KAAK,CAACP,aAAa,CAAC;EAC/BuB,MAAM,EAAE1B,CAAC,CAACU,KAAK,CAACF,WAAW,CAAC;EAC5B;AACJ;AACA;EACImB,gBAAgB,EAAE3B,CAAC,CAACM,MAAM,CAAC,CAAC,CAACsB,QAAQ,CAAC,CAAC;EACvC;AACJ;AACA;EACIC,yBAAyB,EAAE7B,CAAC,CACzB8B,MAAM,CAAC9B,CAAC,CAACM,MAAM,CAAC,CAAC,EAAES,sBAAsB,CAAC,CAC1Ca,QAAQ,CAAC;AACd,CAAC,CACH,CAAC;;AAED;AACA;AACA;;AAEA,OAAO,MAAMG,YAAY,GAAG/B,CAAC,CAACI,MAAM,CAAC;EACnC4B,iBAAiB,EAAEhC,CAAC,CAACM,MAAM,CAAC,CAAC;EAC7B2B,qCAAqC,EAAEjC,CAAC,CAACM,MAAM,CAAC,CAAC;EACjD4B,sBAAsB,EAAElC,CAAC,CAACM,MAAM,CAAC,CAAC;EAClC6B,cAAc,EAAEnC,CAAC,CAACM,MAAM,CAAC,CAAC;EAC1B8B,cAAc,EAAEpC,CAAC,CAACM,MAAM,CAAC,CAAC;EAC1B+B,yBAAyB,EAAErC,CAAC,CAACM,MAAM,CAAC,CAAC,CAACsB,QAAQ,CAAC,CAAC;EAChDU,mBAAmB,EAAEtC,CAAC,CAACM,MAAM,CAAC,CAAC;EAC/BiC,IAAI,EAAEvC,CAAC,CAACU,KAAK,CAACT,GAAG,CAAC;EAClBuC,mCAAmC,EAAExC,CAAC,CAAC8B,MAAM,CAAC9B,CAAC,CAACM,MAAM,CAAC,CAAC,EAAEY,gBAAgB,CAAC;EAC3EuB,iBAAiB,EAAEvC,wBAAwB;EAC3CwC,8BAA8B,EAAE1C,CAAC,CAACY,MAAM,CAAC,CAAC,CAACgB,QAAQ,CAAC,CAAC;
|
|
1
|
+
{"version":3,"names":["z","JWK","FederationEntityMetadata","DisplayConfig","object","name","string","locale","ClaimConfig","path","array","union","number","null","display","IssuanceErrorSupported","title","description","CredentialConfig","intersection","discriminatedUnion","format","literal","vct","doctype","scope","claims","authentic_source","optional","issuance_errors_supported","record","IssuerConfig","credential_issuer","pushed_authorization_request_endpoint","authorization_endpoint","token_endpoint","nonce_endpoint","status_assertion_endpoint","credential_endpoint","keys","credential_configurations_supported","federation_entity","credential_issuance_batch_size","encrypted_response_enc_values_supported","response_modes_supported"],"sourceRoot":"../../../../../src","sources":["credential/issuance/api/IssuerConfig.ts"],"mappings":"AAAA,SAASA,CAAC,QAAQ,KAAK;AACvB,SAASC,GAAG,QAAQ,oBAAoB;AACxC,SAASC,wBAAwB,QAAQ,6BAA6B;AAEtE,MAAMC,aAAa,GAAGH,CAAC,CAACI,MAAM,CAAC;EAC7BC,IAAI,EAAEL,CAAC,CAACM,MAAM,CAAC,CAAC;EAChBC,MAAM,EAAEP,CAAC,CAACM,MAAM,CAAC;AACnB,CAAC,CAAC;AAEF,MAAME,WAAW,GAAGR,CAAC,CAACI,MAAM,CAAC;EAC3BK,IAAI,EAAET,CAAC,CAACU,KAAK,CAACV,CAAC,CAACW,KAAK,CAAC,CAACX,CAAC,CAACM,MAAM,CAAC,CAAC,EAAEN,CAAC,CAACY,MAAM,CAAC,CAAC,EAAEZ,CAAC,CAACa,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;EAC1DC,OAAO,EAAEd,CAAC,CAACU,KAAK,CAACP,aAAa;AAChC,CAAC,CAAC;AAEF,MAAMY,sBAAsB,GAAGf,CAAC,CAACI,MAAM,CAAC;EACtCU,OAAO,EAAEd,CAAC,CAACU,KAAK,CACdV,CAAC,CAACI,MAAM,CAAC;IACPY,KAAK,EAAEhB,CAAC,CAACM,MAAM,CAAC,CAAC;IACjBW,WAAW,EAAEjB,CAAC,CAACM,MAAM,CAAC,CAAC;IACvBC,MAAM,EAAEP,CAAC,CAACM,MAAM,CAAC;EACnB,CAAC,CACH;AACF,CAAC,CAAC;AAEF,MAAMY,gBAAgB,GAAGlB,CAAC,CAACmB,YAAY,CACrCnB,CAAC,CAACoB,kBAAkB,CAAC,QAAQ,EAAE,CAC7BpB,CAAC,CAACI,MAAM,CAAC;EAAEiB,MAAM,EAAErB,CAAC,CAACsB,OAAO,CAAC,WAAW,CAAC;EAAEC,GAAG,EAAEvB,CAAC,CAACM,MAAM,CAAC;AAAE,CAAC,CAAC,EAC7DN,CAAC,CAACI,MAAM,CAAC;EAAEiB,MAAM,EAAErB,CAAC,CAACsB,OAAO,CAAC,UAAU,CAAC;EAAEE,OAAO,EAAExB,CAAC,CAACM,MAAM,CAAC;AAAE,CAAC,CAAC,CACjE,CAAC,EACFN,CAAC,CAACI,MAAM,CAAC;EACPqB,KAAK,EAAEzB,CAAC,CAACM,MAAM,CAAC,CAAC;EACjBQ,OAAO,EAAEd,CAAC,CAACU,KAAK,CAACP,aAAa,CAAC;EAC/BuB,MAAM,EAAE1B,CAAC,CAACU,KAAK,CAACF,WAAW,CAAC;EAC5B;AACJ;AACA;EACImB,gBAAgB,EAAE3B,CAAC,CAACM,MAAM,CAAC,CAAC,CAACsB,QAAQ,CAAC,CAAC;EACvC;AACJ;AACA;EACIC,yBAAyB,EAAE7B,CAAC,CACzB8B,MAAM,CAAC9B,CAAC,CAACM,MAAM,CAAC,CAAC,EAAES,sBAAsB,CAAC,CAC1Ca,QAAQ,CAAC;AACd,CAAC,CACH,CAAC;;AAED;AACA;AACA;;AAEA,OAAO,MAAMG,YAAY,GAAG/B,CAAC,CAACI,MAAM,CAAC;EACnC4B,iBAAiB,EAAEhC,CAAC,CAACM,MAAM,CAAC,CAAC;EAC7B2B,qCAAqC,EAAEjC,CAAC,CAACM,MAAM,CAAC,CAAC;EACjD4B,sBAAsB,EAAElC,CAAC,CAACM,MAAM,CAAC,CAAC;EAClC6B,cAAc,EAAEnC,CAAC,CAACM,MAAM,CAAC,CAAC;EAC1B8B,cAAc,EAAEpC,CAAC,CAACM,MAAM,CAAC,CAAC;EAC1B+B,yBAAyB,EAAErC,CAAC,CAACM,MAAM,CAAC,CAAC,CAACsB,QAAQ,CAAC,CAAC;EAChDU,mBAAmB,EAAEtC,CAAC,CAACM,MAAM,CAAC,CAAC;EAC/BiC,IAAI,EAAEvC,CAAC,CAACU,KAAK,CAACT,GAAG,CAAC;EAClBuC,mCAAmC,EAAExC,CAAC,CAAC8B,MAAM,CAAC9B,CAAC,CAACM,MAAM,CAAC,CAAC,EAAEY,gBAAgB,CAAC;EAC3EuB,iBAAiB,EAAEvC,wBAAwB;EAC3CwC,8BAA8B,EAAE1C,CAAC,CAACY,MAAM,CAAC,CAAC,CAACgB,QAAQ,CAAC,CAAC;EACrDe,uCAAuC,EAAE3C,CAAC,CAACU,KAAK,CAACV,CAAC,CAACM,MAAM,CAAC,CAAC,CAAC,CAACsB,QAAQ,CAAC,CAAC;EACvE;AACF;AACA;EACEgB,wBAAwB,EAAE5C,CAAC,CAACU,KAAK,CAACV,CAAC,CAACM,MAAM,CAAC,CAAC,CAAC,CAACsB,QAAQ,CAAC;AACzD,CAAC,CAAC"}
|