@pagopa/io-react-native-wallet 3.2.0 → 3.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (328) hide show
  1. package/README.md +1 -1
  2. package/lib/commonjs/credential/issuance/README.md +32 -14
  3. package/lib/commonjs/credential/issuance/api/IssuerConfig.js +1 -0
  4. package/lib/commonjs/credential/issuance/api/IssuerConfig.js.map +1 -1
  5. package/lib/commonjs/credential/issuance/common/02-start-user-authorization.js +4 -3
  6. package/lib/commonjs/credential/issuance/common/02-start-user-authorization.js.map +1 -1
  7. package/lib/commonjs/credential/issuance/common/06-verify-and-parse-credential.sdjwt.js +39 -8
  8. package/lib/commonjs/credential/issuance/common/06-verify-and-parse-credential.sdjwt.js.map +1 -1
  9. package/lib/commonjs/credential/issuance/mrtd-pop/02-init-challenge.js +46 -38
  10. package/lib/commonjs/credential/issuance/mrtd-pop/02-init-challenge.js.map +1 -1
  11. package/lib/commonjs/credential/issuance/mrtd-pop/03-validate-challenge.js +58 -51
  12. package/lib/commonjs/credential/issuance/mrtd-pop/03-validate-challenge.js.map +1 -1
  13. package/lib/commonjs/credential/issuance/mrtd-pop/index.js +21 -5
  14. package/lib/commonjs/credential/issuance/mrtd-pop/index.js.map +1 -1
  15. package/lib/commonjs/credential/issuance/v1.0.0/02-start-user-authorization.js +5 -4
  16. package/lib/commonjs/credential/issuance/v1.0.0/02-start-user-authorization.js.map +1 -1
  17. package/lib/commonjs/credential/issuance/v1.0.0/03-complete-user-authorization.js +8 -5
  18. package/lib/commonjs/credential/issuance/v1.0.0/03-complete-user-authorization.js.map +1 -1
  19. package/lib/commonjs/credential/issuance/v1.0.0/index.js +3 -2
  20. package/lib/commonjs/credential/issuance/v1.0.0/index.js.map +1 -1
  21. package/lib/commonjs/credential/issuance/v1.0.0/mappers.js +4 -2
  22. package/lib/commonjs/credential/issuance/v1.0.0/mappers.js.map +1 -1
  23. package/lib/commonjs/credential/issuance/v1.3.3/01-evaluate-issuer-trust.js +0 -2
  24. package/lib/commonjs/credential/issuance/v1.3.3/01-evaluate-issuer-trust.js.map +1 -1
  25. package/lib/commonjs/credential/issuance/v1.3.3/02-start-user-authorization.js +21 -17
  26. package/lib/commonjs/credential/issuance/v1.3.3/02-start-user-authorization.js.map +1 -1
  27. package/lib/commonjs/credential/issuance/v1.3.3/03-complete-user-authorization.js +108 -69
  28. package/lib/commonjs/credential/issuance/v1.3.3/03-complete-user-authorization.js.map +1 -1
  29. package/lib/commonjs/credential/issuance/v1.3.3/04-authorize-access.js +20 -19
  30. package/lib/commonjs/credential/issuance/v1.3.3/04-authorize-access.js.map +1 -1
  31. package/lib/commonjs/credential/issuance/v1.3.3/05-obtain-credential.js +5 -7
  32. package/lib/commonjs/credential/issuance/v1.3.3/05-obtain-credential.js.map +1 -1
  33. package/lib/commonjs/credential/issuance/v1.3.3/06-verify-and-parse-credential.js +4 -1
  34. package/lib/commonjs/credential/issuance/v1.3.3/06-verify-and-parse-credential.js.map +1 -1
  35. package/lib/commonjs/credential/issuance/v1.3.3/index.js +3 -2
  36. package/lib/commonjs/credential/issuance/v1.3.3/index.js.map +1 -1
  37. package/lib/commonjs/credential/issuance/v1.3.3/mappers.js +10 -11
  38. package/lib/commonjs/credential/issuance/v1.3.3/mappers.js.map +1 -1
  39. package/lib/commonjs/credential/presentation/api/types.js.map +1 -1
  40. package/lib/commonjs/credential/presentation/common/utils/http.js +9 -4
  41. package/lib/commonjs/credential/presentation/common/utils/http.js.map +1 -1
  42. package/lib/commonjs/credential/presentation/{v1.3.3/utils.mdoc.js → common/utils/mdoc.js} +2 -2
  43. package/lib/commonjs/credential/presentation/common/utils/mdoc.js.map +1 -0
  44. package/lib/commonjs/credential/presentation/v1.0.0/07-send-authorization-response.js +3 -1
  45. package/lib/commonjs/credential/presentation/v1.0.0/07-send-authorization-response.js.map +1 -1
  46. package/lib/commonjs/credential/presentation/v1.3.3/05-verify-request-object.js +11 -10
  47. package/lib/commonjs/credential/presentation/v1.3.3/05-verify-request-object.js.map +1 -1
  48. package/lib/commonjs/credential/presentation/v1.3.3/06-evaluate-dcql-query.js +2 -2
  49. package/lib/commonjs/credential/presentation/v1.3.3/06-evaluate-dcql-query.js.map +1 -1
  50. package/lib/commonjs/credential/presentation/v1.3.3/07-send-authorization-response.js +2 -0
  51. package/lib/commonjs/credential/presentation/v1.3.3/07-send-authorization-response.js.map +1 -1
  52. package/lib/commonjs/credential/presentation/v1.3.3/mappers.js +1 -1
  53. package/lib/commonjs/credential/presentation/v1.3.3/mappers.js.map +1 -1
  54. package/lib/commonjs/credential/status/README.md +3 -2
  55. package/lib/commonjs/credential/status/v1.3.3/01-status-list.js +27 -5
  56. package/lib/commonjs/credential/status/v1.3.3/01-status-list.js.map +1 -1
  57. package/lib/commonjs/credential/status/v1.3.3/02-verify-and-parse-status-list.js +17 -6
  58. package/lib/commonjs/credential/status/v1.3.3/02-verify-and-parse-status-list.js.map +1 -1
  59. package/lib/commonjs/credentials-catalogue/api/DigitalCredentialsCatalogue.js +2 -1
  60. package/lib/commonjs/credentials-catalogue/api/DigitalCredentialsCatalogue.js.map +1 -1
  61. package/lib/commonjs/credentials-catalogue/common/get-status-l10n-ids.js +23 -0
  62. package/lib/commonjs/credentials-catalogue/common/get-status-l10n-ids.js.map +1 -0
  63. package/lib/commonjs/credentials-catalogue/v1.0.0/index.js +3 -1
  64. package/lib/commonjs/credentials-catalogue/v1.0.0/index.js.map +1 -1
  65. package/lib/commonjs/credentials-catalogue/v1.3.3/index.js +3 -1
  66. package/lib/commonjs/credentials-catalogue/v1.3.3/index.js.map +1 -1
  67. package/lib/commonjs/mdoc/index.js +3 -24
  68. package/lib/commonjs/mdoc/index.js.map +1 -1
  69. package/lib/commonjs/sd-jwt/__test__/types.test.js +2 -14
  70. package/lib/commonjs/sd-jwt/__test__/types.test.js.map +1 -1
  71. package/lib/commonjs/sd-jwt/__test__/utils.test.js +0 -12
  72. package/lib/commonjs/sd-jwt/__test__/utils.test.js.map +1 -1
  73. package/lib/commonjs/sd-jwt/types.js +1 -14
  74. package/lib/commonjs/sd-jwt/types.js.map +1 -1
  75. package/lib/commonjs/utils/callbacks.js +20 -1
  76. package/lib/commonjs/utils/callbacks.js.map +1 -1
  77. package/lib/commonjs/utils/config.js +9 -1
  78. package/lib/commonjs/utils/config.js.map +1 -1
  79. package/lib/commonjs/utils/x509.js +34 -0
  80. package/lib/commonjs/utils/x509.js.map +1 -0
  81. package/lib/commonjs/wallet-instance-attestation/api/types.js +0 -2
  82. package/lib/commonjs/wallet-instance-attestation/api/types.js.map +1 -1
  83. package/lib/commonjs/wallet-instance-attestation/v1.3.3/mappers.js +1 -14
  84. package/lib/commonjs/wallet-instance-attestation/v1.3.3/mappers.js.map +1 -1
  85. package/lib/commonjs/wallet-instance-attestation/v1.3.3/types.js +2 -7
  86. package/lib/commonjs/wallet-instance-attestation/v1.3.3/types.js.map +1 -1
  87. package/lib/commonjs/wallet-unit-attestation/api/types.js +0 -11
  88. package/lib/commonjs/wallet-unit-attestation/api/types.js.map +1 -1
  89. package/lib/module/credential/issuance/README.md +32 -14
  90. package/lib/module/credential/issuance/api/IssuerConfig.js +1 -0
  91. package/lib/module/credential/issuance/api/IssuerConfig.js.map +1 -1
  92. package/lib/module/credential/issuance/common/02-start-user-authorization.js +4 -3
  93. package/lib/module/credential/issuance/common/02-start-user-authorization.js.map +1 -1
  94. package/lib/module/credential/issuance/common/06-verify-and-parse-credential.sdjwt.js +41 -10
  95. package/lib/module/credential/issuance/common/06-verify-and-parse-credential.sdjwt.js.map +1 -1
  96. package/lib/module/credential/issuance/mrtd-pop/02-init-challenge.js +47 -34
  97. package/lib/module/credential/issuance/mrtd-pop/02-init-challenge.js.map +1 -1
  98. package/lib/module/credential/issuance/mrtd-pop/03-validate-challenge.js +58 -47
  99. package/lib/module/credential/issuance/mrtd-pop/03-validate-challenge.js.map +1 -1
  100. package/lib/module/credential/issuance/mrtd-pop/index.js +20 -5
  101. package/lib/module/credential/issuance/mrtd-pop/index.js.map +1 -1
  102. package/lib/module/credential/issuance/v1.0.0/02-start-user-authorization.js +3 -2
  103. package/lib/module/credential/issuance/v1.0.0/02-start-user-authorization.js.map +1 -1
  104. package/lib/module/credential/issuance/v1.0.0/03-complete-user-authorization.js +6 -4
  105. package/lib/module/credential/issuance/v1.0.0/03-complete-user-authorization.js.map +1 -1
  106. package/lib/module/credential/issuance/v1.0.0/index.js +5 -4
  107. package/lib/module/credential/issuance/v1.0.0/index.js.map +1 -1
  108. package/lib/module/credential/issuance/v1.0.0/mappers.js +4 -2
  109. package/lib/module/credential/issuance/v1.0.0/mappers.js.map +1 -1
  110. package/lib/module/credential/issuance/v1.3.3/01-evaluate-issuer-trust.js +0 -2
  111. package/lib/module/credential/issuance/v1.3.3/01-evaluate-issuer-trust.js.map +1 -1
  112. package/lib/module/credential/issuance/v1.3.3/02-start-user-authorization.js +21 -17
  113. package/lib/module/credential/issuance/v1.3.3/02-start-user-authorization.js.map +1 -1
  114. package/lib/module/credential/issuance/v1.3.3/03-complete-user-authorization.js +108 -70
  115. package/lib/module/credential/issuance/v1.3.3/03-complete-user-authorization.js.map +1 -1
  116. package/lib/module/credential/issuance/v1.3.3/04-authorize-access.js +22 -19
  117. package/lib/module/credential/issuance/v1.3.3/04-authorize-access.js.map +1 -1
  118. package/lib/module/credential/issuance/v1.3.3/05-obtain-credential.js +6 -8
  119. package/lib/module/credential/issuance/v1.3.3/05-obtain-credential.js.map +1 -1
  120. package/lib/module/credential/issuance/v1.3.3/06-verify-and-parse-credential.js +4 -1
  121. package/lib/module/credential/issuance/v1.3.3/06-verify-and-parse-credential.js.map +1 -1
  122. package/lib/module/credential/issuance/v1.3.3/index.js +5 -4
  123. package/lib/module/credential/issuance/v1.3.3/index.js.map +1 -1
  124. package/lib/module/credential/issuance/v1.3.3/mappers.js +10 -11
  125. package/lib/module/credential/issuance/v1.3.3/mappers.js.map +1 -1
  126. package/lib/module/credential/presentation/api/types.js.map +1 -1
  127. package/lib/module/credential/presentation/common/utils/http.js +9 -4
  128. package/lib/module/credential/presentation/common/utils/http.js.map +1 -1
  129. package/lib/module/credential/presentation/{v1.3.3/utils.mdoc.js → common/utils/mdoc.js} +2 -2
  130. package/lib/module/credential/presentation/common/utils/mdoc.js.map +1 -0
  131. package/lib/module/credential/presentation/v1.0.0/07-send-authorization-response.js +3 -1
  132. package/lib/module/credential/presentation/v1.0.0/07-send-authorization-response.js.map +1 -1
  133. package/lib/module/credential/presentation/v1.3.3/05-verify-request-object.js +11 -10
  134. package/lib/module/credential/presentation/v1.3.3/05-verify-request-object.js.map +1 -1
  135. package/lib/module/credential/presentation/v1.3.3/06-evaluate-dcql-query.js +2 -3
  136. package/lib/module/credential/presentation/v1.3.3/06-evaluate-dcql-query.js.map +1 -1
  137. package/lib/module/credential/presentation/v1.3.3/07-send-authorization-response.js +2 -0
  138. package/lib/module/credential/presentation/v1.3.3/07-send-authorization-response.js.map +1 -1
  139. package/lib/module/credential/presentation/v1.3.3/mappers.js +1 -1
  140. package/lib/module/credential/presentation/v1.3.3/mappers.js.map +1 -1
  141. package/lib/module/credential/status/README.md +3 -2
  142. package/lib/module/credential/status/v1.3.3/01-status-list.js +27 -5
  143. package/lib/module/credential/status/v1.3.3/01-status-list.js.map +1 -1
  144. package/lib/module/credential/status/v1.3.3/02-verify-and-parse-status-list.js +17 -6
  145. package/lib/module/credential/status/v1.3.3/02-verify-and-parse-status-list.js.map +1 -1
  146. package/lib/module/credentials-catalogue/api/DigitalCredentialsCatalogue.js +1 -1
  147. package/lib/module/credentials-catalogue/api/DigitalCredentialsCatalogue.js.map +1 -1
  148. package/lib/module/credentials-catalogue/common/get-status-l10n-ids.js +16 -0
  149. package/lib/module/credentials-catalogue/common/get-status-l10n-ids.js.map +1 -0
  150. package/lib/module/credentials-catalogue/v1.0.0/index.js +3 -1
  151. package/lib/module/credentials-catalogue/v1.0.0/index.js.map +1 -1
  152. package/lib/module/credentials-catalogue/v1.3.3/index.js +3 -1
  153. package/lib/module/credentials-catalogue/v1.3.3/index.js.map +1 -1
  154. package/lib/module/mdoc/index.js +3 -24
  155. package/lib/module/mdoc/index.js.map +1 -1
  156. package/lib/module/sd-jwt/__test__/types.test.js +2 -14
  157. package/lib/module/sd-jwt/__test__/types.test.js.map +1 -1
  158. package/lib/module/sd-jwt/__test__/utils.test.js +0 -12
  159. package/lib/module/sd-jwt/__test__/utils.test.js.map +1 -1
  160. package/lib/module/sd-jwt/types.js +1 -14
  161. package/lib/module/sd-jwt/types.js.map +1 -1
  162. package/lib/module/utils/callbacks.js +19 -1
  163. package/lib/module/utils/callbacks.js.map +1 -1
  164. package/lib/module/utils/config.js +7 -0
  165. package/lib/module/utils/config.js.map +1 -1
  166. package/lib/module/utils/x509.js +28 -0
  167. package/lib/module/utils/x509.js.map +1 -0
  168. package/lib/module/wallet-instance-attestation/api/types.js +0 -2
  169. package/lib/module/wallet-instance-attestation/api/types.js.map +1 -1
  170. package/lib/module/wallet-instance-attestation/v1.3.3/mappers.js +1 -14
  171. package/lib/module/wallet-instance-attestation/v1.3.3/mappers.js.map +1 -1
  172. package/lib/module/wallet-instance-attestation/v1.3.3/types.js +2 -7
  173. package/lib/module/wallet-instance-attestation/v1.3.3/types.js.map +1 -1
  174. package/lib/module/wallet-unit-attestation/api/types.js +0 -11
  175. package/lib/module/wallet-unit-attestation/api/types.js.map +1 -1
  176. package/lib/typescript/credential/issuance/api/02-start-user-authorization.d.ts +1 -0
  177. package/lib/typescript/credential/issuance/api/02-start-user-authorization.d.ts.map +1 -1
  178. package/lib/typescript/credential/issuance/api/03-complete-user-authorization.d.ts +19 -5
  179. package/lib/typescript/credential/issuance/api/03-complete-user-authorization.d.ts.map +1 -1
  180. package/lib/typescript/credential/issuance/api/06-verify-and-parse-credential.d.ts +4 -0
  181. package/lib/typescript/credential/issuance/api/06-verify-and-parse-credential.d.ts.map +1 -1
  182. package/lib/typescript/credential/issuance/api/IssuerConfig.d.ts +1 -0
  183. package/lib/typescript/credential/issuance/api/IssuerConfig.d.ts.map +1 -1
  184. package/lib/typescript/credential/issuance/common/02-start-user-authorization.d.ts.map +1 -1
  185. package/lib/typescript/credential/issuance/common/06-verify-and-parse-credential.sdjwt.d.ts.map +1 -1
  186. package/lib/typescript/credential/issuance/mrtd-pop/02-init-challenge.d.ts +12 -1
  187. package/lib/typescript/credential/issuance/mrtd-pop/02-init-challenge.d.ts.map +1 -1
  188. package/lib/typescript/credential/issuance/mrtd-pop/03-validate-challenge.d.ts +12 -1
  189. package/lib/typescript/credential/issuance/mrtd-pop/03-validate-challenge.d.ts.map +1 -1
  190. package/lib/typescript/credential/issuance/mrtd-pop/index.d.ts +2 -1
  191. package/lib/typescript/credential/issuance/mrtd-pop/index.d.ts.map +1 -1
  192. package/lib/typescript/credential/issuance/v1.0.0/02-start-user-authorization.d.ts.map +1 -1
  193. package/lib/typescript/credential/issuance/v1.0.0/03-complete-user-authorization.d.ts +2 -1
  194. package/lib/typescript/credential/issuance/v1.0.0/03-complete-user-authorization.d.ts.map +1 -1
  195. package/lib/typescript/credential/issuance/v1.0.0/index.d.ts.map +1 -1
  196. package/lib/typescript/credential/issuance/v1.0.0/mappers.d.ts +1 -0
  197. package/lib/typescript/credential/issuance/v1.0.0/mappers.d.ts.map +1 -1
  198. package/lib/typescript/credential/issuance/v1.3.3/01-evaluate-issuer-trust.d.ts.map +1 -1
  199. package/lib/typescript/credential/issuance/v1.3.3/02-start-user-authorization.d.ts.map +1 -1
  200. package/lib/typescript/credential/issuance/v1.3.3/03-complete-user-authorization.d.ts +2 -1
  201. package/lib/typescript/credential/issuance/v1.3.3/03-complete-user-authorization.d.ts.map +1 -1
  202. package/lib/typescript/credential/issuance/v1.3.3/04-authorize-access.d.ts.map +1 -1
  203. package/lib/typescript/credential/issuance/v1.3.3/05-obtain-credential.d.ts.map +1 -1
  204. package/lib/typescript/credential/issuance/v1.3.3/06-verify-and-parse-credential.d.ts.map +1 -1
  205. package/lib/typescript/credential/issuance/v1.3.3/index.d.ts.map +1 -1
  206. package/lib/typescript/credential/issuance/v1.3.3/mappers.d.ts +7 -4
  207. package/lib/typescript/credential/issuance/v1.3.3/mappers.d.ts.map +1 -1
  208. package/lib/typescript/credential/presentation/api/05-verify-request-object.d.ts +1 -1
  209. package/lib/typescript/credential/presentation/api/types.d.ts +3 -7
  210. package/lib/typescript/credential/presentation/api/types.d.ts.map +1 -1
  211. package/lib/typescript/credential/presentation/common/utils/http.d.ts +1 -1
  212. package/lib/typescript/credential/presentation/common/utils/http.d.ts.map +1 -1
  213. package/lib/typescript/credential/presentation/{v1.3.3/utils.mdoc.d.ts → common/utils/mdoc.d.ts} +2 -2
  214. package/lib/typescript/credential/presentation/common/utils/mdoc.d.ts.map +1 -0
  215. package/lib/typescript/credential/presentation/v1.3.3/05-verify-request-object.d.ts.map +1 -1
  216. package/lib/typescript/credential/presentation/v1.3.3/06-evaluate-dcql-query.d.ts.map +1 -1
  217. package/lib/typescript/credential/presentation/v1.3.3/07-send-authorization-response.d.ts.map +1 -1
  218. package/lib/typescript/credential/presentation/v1.3.3/mappers.d.ts +8 -8
  219. package/lib/typescript/credential/presentation/v1.3.3/types.d.ts +8 -8
  220. package/lib/typescript/credential/status/api/status-list.d.ts +8 -4
  221. package/lib/typescript/credential/status/api/status-list.d.ts.map +1 -1
  222. package/lib/typescript/credential/status/v1.3.3/01-status-list.d.ts.map +1 -1
  223. package/lib/typescript/credential/status/v1.3.3/02-verify-and-parse-status-list.d.ts.map +1 -1
  224. package/lib/typescript/credentials-catalogue/api/DigitalCredentialsCatalogue.d.ts +6 -0
  225. package/lib/typescript/credentials-catalogue/api/DigitalCredentialsCatalogue.d.ts.map +1 -1
  226. package/lib/typescript/credentials-catalogue/api/index.d.ts +14 -2
  227. package/lib/typescript/credentials-catalogue/api/index.d.ts.map +1 -1
  228. package/lib/typescript/credentials-catalogue/common/get-status-l10n-ids.d.ts +9 -0
  229. package/lib/typescript/credentials-catalogue/common/get-status-l10n-ids.d.ts.map +1 -0
  230. package/lib/typescript/credentials-catalogue/v1.0.0/index.d.ts.map +1 -1
  231. package/lib/typescript/credentials-catalogue/v1.3.3/index.d.ts.map +1 -1
  232. package/lib/typescript/mdoc/index.d.ts +1 -1
  233. package/lib/typescript/mdoc/index.d.ts.map +1 -1
  234. package/lib/typescript/mdoc/utils.d.ts +0 -24
  235. package/lib/typescript/mdoc/utils.d.ts.map +1 -1
  236. package/lib/typescript/sd-jwt/types.d.ts +0 -12
  237. package/lib/typescript/sd-jwt/types.d.ts.map +1 -1
  238. package/lib/typescript/trust/v1.3.3/types.d.ts +6 -4
  239. package/lib/typescript/trust/v1.3.3/types.d.ts.map +1 -1
  240. package/lib/typescript/utils/callbacks.d.ts +7 -0
  241. package/lib/typescript/utils/callbacks.d.ts.map +1 -1
  242. package/lib/typescript/utils/config.d.ts +4 -0
  243. package/lib/typescript/utils/config.d.ts.map +1 -1
  244. package/lib/typescript/utils/x509.d.ts +10 -0
  245. package/lib/typescript/utils/x509.d.ts.map +1 -0
  246. package/lib/typescript/wallet-instance-attestation/api/types.d.ts +0 -2
  247. package/lib/typescript/wallet-instance-attestation/api/types.d.ts.map +1 -1
  248. package/lib/typescript/wallet-instance-attestation/v1.0.0/mappers.d.ts +0 -2
  249. package/lib/typescript/wallet-instance-attestation/v1.0.0/mappers.d.ts.map +1 -1
  250. package/lib/typescript/wallet-instance-attestation/v1.3.3/mappers.d.ts +2 -9
  251. package/lib/typescript/wallet-instance-attestation/v1.3.3/mappers.d.ts.map +1 -1
  252. package/lib/typescript/wallet-instance-attestation/v1.3.3/types.d.ts +2 -7
  253. package/lib/typescript/wallet-instance-attestation/v1.3.3/types.d.ts.map +1 -1
  254. package/lib/typescript/wallet-unit-attestation/api/types.d.ts +0 -11
  255. package/lib/typescript/wallet-unit-attestation/api/types.d.ts.map +1 -1
  256. package/lib/typescript/wallet-unit-attestation/v1.3.3/mappers.d.ts +0 -22
  257. package/lib/typescript/wallet-unit-attestation/v1.3.3/mappers.d.ts.map +1 -1
  258. package/lib/typescript/wallet-unit-attestation/v1.3.3/types.d.ts +0 -11
  259. package/lib/typescript/wallet-unit-attestation/v1.3.3/types.d.ts.map +1 -1
  260. package/package.json +6 -6
  261. package/src/credential/issuance/README.md +32 -14
  262. package/src/credential/issuance/api/02-start-user-authorization.ts +1 -0
  263. package/src/credential/issuance/api/03-complete-user-authorization.ts +26 -5
  264. package/src/credential/issuance/api/06-verify-and-parse-credential.ts +4 -0
  265. package/src/credential/issuance/api/IssuerConfig.ts +1 -0
  266. package/src/credential/issuance/common/02-start-user-authorization.ts +6 -3
  267. package/src/credential/issuance/common/06-verify-and-parse-credential.sdjwt.ts +47 -10
  268. package/src/credential/issuance/mrtd-pop/02-init-challenge.ts +69 -45
  269. package/src/credential/issuance/mrtd-pop/03-validate-challenge.ts +84 -62
  270. package/src/credential/issuance/mrtd-pop/index.ts +13 -5
  271. package/src/credential/issuance/v1.0.0/02-start-user-authorization.ts +8 -2
  272. package/src/credential/issuance/v1.0.0/03-complete-user-authorization.ts +16 -4
  273. package/src/credential/issuance/v1.0.0/index.ts +6 -4
  274. package/src/credential/issuance/v1.0.0/mappers.ts +9 -1
  275. package/src/credential/issuance/v1.3.3/01-evaluate-issuer-trust.ts +0 -2
  276. package/src/credential/issuance/v1.3.3/02-start-user-authorization.ts +25 -21
  277. package/src/credential/issuance/v1.3.3/03-complete-user-authorization.ts +138 -94
  278. package/src/credential/issuance/v1.3.3/04-authorize-access.ts +28 -23
  279. package/src/credential/issuance/v1.3.3/05-obtain-credential.ts +9 -9
  280. package/src/credential/issuance/v1.3.3/06-verify-and-parse-credential.ts +2 -1
  281. package/src/credential/issuance/v1.3.3/index.ts +6 -4
  282. package/src/credential/issuance/v1.3.3/mappers.ts +13 -11
  283. package/src/credential/presentation/api/05-verify-request-object.ts +1 -1
  284. package/src/credential/presentation/api/types.ts +3 -7
  285. package/src/credential/presentation/common/utils/http.ts +2 -2
  286. package/src/credential/presentation/{v1.3.3/utils.mdoc.ts → common/utils/mdoc.ts} +2 -2
  287. package/src/credential/presentation/v1.0.0/07-send-authorization-response.ts +1 -1
  288. package/src/credential/presentation/v1.3.3/05-verify-request-object.ts +15 -14
  289. package/src/credential/presentation/v1.3.3/06-evaluate-dcql-query.ts +3 -3
  290. package/src/credential/presentation/v1.3.3/07-send-authorization-response.ts +2 -0
  291. package/src/credential/presentation/v1.3.3/mappers.ts +1 -1
  292. package/src/credential/status/README.md +3 -2
  293. package/src/credential/status/api/status-list.ts +10 -7
  294. package/src/credential/status/v1.3.3/01-status-list.ts +21 -7
  295. package/src/credential/status/v1.3.3/02-verify-and-parse-status-list.ts +19 -5
  296. package/src/credentials-catalogue/api/DigitalCredentialsCatalogue.ts +4 -1
  297. package/src/credentials-catalogue/api/index.ts +15 -0
  298. package/src/credentials-catalogue/common/get-status-l10n-ids.ts +25 -0
  299. package/src/credentials-catalogue/v1.0.0/index.ts +2 -0
  300. package/src/credentials-catalogue/v1.3.3/index.ts +2 -0
  301. package/src/mdoc/index.ts +5 -41
  302. package/src/sd-jwt/__test__/types.test.ts +1 -13
  303. package/src/sd-jwt/__test__/utils.test.ts +0 -12
  304. package/src/sd-jwt/types.ts +0 -13
  305. package/src/utils/callbacks.ts +28 -1
  306. package/src/utils/config.ts +7 -0
  307. package/src/utils/x509.ts +43 -0
  308. package/src/wallet-instance-attestation/api/types.ts +0 -2
  309. package/src/wallet-instance-attestation/v1.3.3/mappers.ts +3 -11
  310. package/src/wallet-instance-attestation/v1.3.3/types.ts +2 -7
  311. package/src/wallet-unit-attestation/api/types.ts +0 -11
  312. package/lib/commonjs/credential/issuance/common/authorization.js +0 -56
  313. package/lib/commonjs/credential/issuance/common/authorization.js.map +0 -1
  314. package/lib/commonjs/credential/presentation/common/utils.js +0 -28
  315. package/lib/commonjs/credential/presentation/common/utils.js.map +0 -1
  316. package/lib/commonjs/credential/presentation/v1.3.3/utils.mdoc.js.map +0 -1
  317. package/lib/module/credential/issuance/common/authorization.js +0 -48
  318. package/lib/module/credential/issuance/common/authorization.js.map +0 -1
  319. package/lib/module/credential/presentation/common/utils.js +0 -21
  320. package/lib/module/credential/presentation/common/utils.js.map +0 -1
  321. package/lib/module/credential/presentation/v1.3.3/utils.mdoc.js.map +0 -1
  322. package/lib/typescript/credential/issuance/common/authorization.d.ts +0 -21
  323. package/lib/typescript/credential/issuance/common/authorization.d.ts.map +0 -1
  324. package/lib/typescript/credential/presentation/common/utils.d.ts +0 -11
  325. package/lib/typescript/credential/presentation/common/utils.d.ts.map +0 -1
  326. package/lib/typescript/credential/presentation/v1.3.3/utils.mdoc.d.ts.map +0 -1
  327. package/src/credential/issuance/common/authorization.ts +0 -89
  328. package/src/credential/presentation/common/utils.ts +0 -30
package/lib/module/credential/issuance/common/02-start-user-authorization.js CHANGED
@@ -1,3 +1,4 @@
1
+ import { IoWalletError } from "../../../utils/errors";
1
2
  import { LogLevel, Logger } from "../../../utils/logging";
2
3
  /**
3
4
  * Ensures that the credential type requested is supported by the issuer and contained in the
@@ -14,7 +15,7 @@ export const selectCredentialDefinition = (issuerConf, credentialId) => {
14
15
  }));
15
16
  if (!result) {
16
17
  Logger.log(LogLevel.ERROR, `Requested credential ${credentialId} is not supported by the issuer according to its configuration ${JSON.stringify(credential_configurations_supported)}`);
17
- throw new Error(`No credential support the type '${credentialId}'`);
18
+ throw new IoWalletError(`No credential support the type '${credentialId}'`);
18
19
  }
19
20
  return result;
20
21
  };
@@ -33,14 +34,14 @@ export const selectResponseMode = (issuerConf, credentialIds) => {
33
34
  }
34
35
  if (responseModeSet.size !== 1) {
35
36
  Logger.log(LogLevel.ERROR, `${credentialIds} have incompatible response_mode: ${[...responseModeSet.values()]}`);
36
- throw new Error("Requested credentials have incompatible response_mode and cannot be requested with the same PAR request");
37
+ throw new IoWalletError("Requested credentials have incompatible response_mode and cannot be requested with the same PAR request");
37
38
  }
38
39
  const [responseMode] = responseModeSet.values();
39
40
  Logger.log(LogLevel.DEBUG, `Selected response mode ${responseMode} for credential IDs ${credentialIds}`);
40
41
  const responseModeSupported = issuerConf.response_modes_supported;
41
42
  if (responseModeSupported && !responseModeSupported.includes(responseMode)) {
42
43
  Logger.log(LogLevel.ERROR, `Requested response mode ${responseMode} is not supported by the issuer according to its configuration ${JSON.stringify(responseModeSupported)}`);
43
- throw new Error(`No response mode support for IDs '${credentialIds}'`);
44
+ throw new IoWalletError(`No response mode support for IDs '${credentialIds}'`);
44
45
  }
45
46
  return responseMode;
46
47
  };
package/lib/module/credential/issuance/common/02-start-user-authorization.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["LogLevel","Logger","selectCredentialDefinition","issuerConf","credentialId","credential_configurations_supported","result","Object","keys","filter","e","includes","map","credential_configuration_id","type","log","ERROR","JSON","stringify","Error","selectResponseMode","credentialIds","responseModeSet","Set","add","match","size","values","responseMode","DEBUG","responseModeSupported","response_modes_supported"],"sourceRoot":"../../../../../src","sources":["credential/issuance/common/02-start-user-authorization.ts"],"mappings":"AAAA,SAASA,QAAQ,EAAEC,MAAM,QAAQ,wBAAwB;AAMzD;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMC,0BAA0B,GAAGA,CACxCC,UAAwB,EACxBC,YAAoB,KACI;EACxB,MAAMC,mCAAmC,GACvCF,UAAU,CAACE,mCAAmC;EAEhD,MAAM,CAACC,MAAM,CAAC,GAAGC,MAAM,CAACC,IAAI,CAACH,mCAAmC,CAAC,CAC9DI,MAAM,CAAEC,CAAC,IAAKA,CAAC,CAACC,QAAQ,CAACP,YAAY,CAAC,CAAC,CACvCQ,GAAG,CAAC,OAAO;IACVC,2BAA2B,EAAET,YAAY;IACzCU,IAAI,EAAE;EACR,CAAC,CAAC,CAAC;EAEL,IAAI,CAACR,MAAM,EAAE;IACXL,MAAM,CAACc,GAAG,CACRf,QAAQ,CAACgB,KAAK,EACb,wBAAuBZ,YAAa,kEAAiEa,IAAI,CAACC,SAAS,CAACb,mCAAmC,CAAE,EAC5J,CAAC;IACD,MAAM,IAAIc,KAAK,CAAE,mCAAkCf,YAAa,GAAE,CAAC;EACrE;EACA,OAAOE,MAAM;AACf,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMc,kBAAkB,GAAGA,CAChCjB,UAAwB,EACxBkB,aAAuB,KACN;EACjB,MAAMC,eAAe,GAAG,IAAIC,GAAG,CAAe,CAAC;EAE/C,KAAK,MAAMnB,YAAY,IAAIiB,aAAa,EAAE;IACxCC,eAAe,CAACE,GAAG,CACjBpB,YAAY,CAACqB,KAAK,CAAC,2BAA2B,CAAC,GAC3C,OAAO,GACP,eACN,CAAC;EACH;EAEA,IAAIH,eAAe,CAACI,IAAI,KAAK,CAAC,EAAE;IAC9BzB,MAAM,CAACc,GAAG,CACRf,QAAQ,CAACgB,KAAK,EACb,GAAEK,aAAc,qCAAoC,CAAC,GAAGC,eAAe,CAACK,MAAM,CAAC,CAAC,CAAE,EACrF,CAAC;IACD,MAAM,IAAIR,KAAK,CACb,yGACF,CAAC;EACH;EAEA,MAAM,CAACS,YAAY,CAAC,GAAGN,eAAe,CAACK,MAAM,CAAC,CAAC;EAE/C1B,MAAM,CAACc,GAAG,CACRf,QAAQ,CAAC6B,KAAK,EACb,0BAAyBD,YAAa,uBAAsBP,aAAc,EAC7E,CAAC;EAED,MAAMS,qBAAqB,GAAG3B,UAAU,CAAC4B,wBAAwB;EACjE,IAAID,qBAAqB,IAAI,CAACA,qBAAqB,CAACnB,QAAQ,CAACiB,YAAa,CAAC,EAAE;IAC3E3B,MAAM,CAACc,GAAG,CACRf,QAAQ,CAACgB,KAAK,EACb,2BAA0BY,YAAa,kEAAiEX,IAAI,CAACC,SAAS,CAACY,qBAAqB,CAAE,EACjJ,CAAC;IACD,MAAM,IAAIX,KAAK,CAAE,qCAAoCE,aAAc,GAAE,CAAC;EACxE;EAEA,OAAOO,YAAY;AACrB,CAAC"}
1
+ {"version":3,"names":["IoWalletError","LogLevel","Logger","selectCredentialDefinition","issuerConf","credentialId","credential_configurations_supported","result","Object","keys","filter","e","includes","map","credential_configuration_id","type","log","ERROR","JSON","stringify","selectResponseMode","credentialIds","responseModeSet","Set","add","match","size","values","responseMode","DEBUG","responseModeSupported","response_modes_supported"],"sourceRoot":"../../../../../src","sources":["credential/issuance/common/02-start-user-authorization.ts"],"mappings":"AAAA,SAASA,aAAa,QAAQ,uBAAuB;AACrD,SAASC,QAAQ,EAAEC,MAAM,QAAQ,wBAAwB;AAMzD;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMC,0BAA0B,GAAGA,CACxCC,UAAwB,EACxBC,YAAoB,KACI;EACxB,MAAMC,mCAAmC,GACvCF,UAAU,CAACE,mCAAmC;EAEhD,MAAM,CAACC,MAAM,CAAC,GAAGC,MAAM,CAACC,IAAI,CAACH,mCAAmC,CAAC,CAC9DI,MAAM,CAAEC,CAAC,IAAKA,CAAC,CAACC,QAAQ,CAACP,YAAY,CAAC,CAAC,CACvCQ,GAAG,CAAC,OAAO;IACVC,2BAA2B,EAAET,YAAY;IACzCU,IAAI,EAAE;EACR,CAAC,CAAC,CAAC;EAEL,IAAI,CAACR,MAAM,EAAE;IACXL,MAAM,CAACc,GAAG,CACRf,QAAQ,CAACgB,KAAK,EACb,wBAAuBZ,YAAa,kEAAiEa,IAAI,CAACC,SAAS,CAACb,mCAAmC,CAAE,EAC5J,CAAC;IACD,MAAM,IAAIN,aAAa,CAAE,mCAAkCK,YAAa,GAAE,CAAC;EAC7E;EACA,OAAOE,MAAM;AACf,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMa,kBAAkB,GAAGA,CAChChB,UAAwB,EACxBiB,aAAuB,KACN;EACjB,MAAMC,eAAe,GAAG,IAAIC,GAAG,CAAe,CAAC;EAE/C,KAAK,MAAMlB,YAAY,IAAIgB,aAAa,EAAE;IACxCC,eAAe,CAACE,GAAG,CACjBnB,YAAY,CAACoB,KAAK,CAAC,2BAA2B,CAAC,GAC3C,OAAO,GACP,eACN,CAAC;EACH;EAEA,IAAIH,eAAe,CAACI,IAAI,KAAK,CAAC,EAAE;IAC9BxB,MAAM,CAACc,GAAG,CACRf,QAAQ,CAACgB,KAAK,EACb,GAAEI,aAAc,qCAAoC,CAAC,GAAGC,eAAe,CAACK,MAAM,CAAC,CAAC,CAAE,EACrF,CAAC;IACD,MAAM,IAAI3B,aAAa,CACrB,yGACF,CAAC;EACH;EAEA,MAAM,CAAC4B,YAAY,CAAC,GAAGN,eAAe,CAACK,MAAM,CAAC,CAAC;EAE/CzB,MAAM,CAACc,GAAG,CACRf,QAAQ,CAAC4B,KAAK,EACb,0BAAyBD,YAAa,uBAAsBP,aAAc,EAC7E,CAAC;EAED,MAAMS,qBAAqB,GAAG1B,UAAU,CAAC2B,wBAAwB;EACjE,IAAID,qBAAqB,IAAI,CAACA,qBAAqB,CAAClB,QAAQ,CAACgB,YAAa,CAAC,EAAE;IAC3E1B,MAAM,CAACc,GAAG,CACRf,QAAQ,CAACgB,KAAK,EACb,2BAA0BW,YAAa,kEAAiEV,IAAI,CAACC,SAAS,CAACW,qBAAqB,CAAE,EACjJ,CAAC;IACD,MAAM,IAAI9B,aAAa,CACpB,qCAAoCqB,aAAc,GACrD,CAAC;EACH;EAEA,OAAOO,YAAY;AACrB,CAAC"}
package/lib/module/credential/issuance/common/06-verify-and-parse-credential.sdjwt.js CHANGED
@@ -1,11 +1,13 @@
1
- import { getJwkFromHeader, decode } from "@pagopa/io-react-native-jwt";
1
+ import { verify as verifyJwt } from "@pagopa/io-react-native-jwt";
2
2
  import { SDJwtInstance } from "@sd-jwt/core";
3
- import { digest, ES256 } from "@sd-jwt/crypto-nodejs";
3
+ import { digest } from "@sd-jwt/crypto-nodejs";
4
4
  import { isPathEqual, isPrefixOf } from "../../../utils/parser";
5
5
  import { IoWalletError } from "../../../utils/errors";
6
6
  import { LogLevel, Logger } from "../../../utils/logging";
7
7
  import { isSameThumbprint } from "../../../utils/jwk";
8
8
  import { fixLegacyCredentialSdJwt } from "../../../utils/credentials";
9
+ import { verifyX509Chain } from "../../../utils/x509";
10
+ import { MissingX509CertsError } from "../../../trust/common/errors";
9
11
  /**
10
12
  * Parse a Sd-Jwt credential according to the issuer configuration
11
13
  * @param credentialConfig - the list of supported credentials, as defined in the issuer configuration with their claims metadata
@@ -111,6 +113,24 @@ const parseCredentialSdJwt = function (credentialConfig, parsedCredentialRaw) {
111
113
  };
112
114
  return processLevel(parsedCredentialRaw, []);
113
115
  };
116
+ /**
117
+ * JWT verifier implementing the interface expected by the SD-JWT library.
118
+ * Verification is delegated to `io-react-native-jwt` to leverage its support for multiple algorithms.
119
+ * @returns Boolean indicating whether the verification succeeded or not
120
+ */
121
+ const sdJwtInstanceVerifier = async (data, signature, options) => {
122
+ if (!(options !== null && options !== void 0 && options.issuerKeys)) {
123
+ return false;
124
+ }
125
+ try {
126
+ await verifyJwt(`${data}.${signature}`, options.issuerKeys, {
127
+ clockTolerance: options.skewSeconds
128
+ });
129
+ return true;
130
+ } catch {
131
+ return false;
132
+ }
133
+ };
114
134
 
115
135
  /**
116
136
  * Given a credential, verify it's in the supported format
@@ -128,15 +148,14 @@ const parseCredentialSdJwt = function (credentialConfig, parsedCredentialRaw) {
128
148
  *
129
149
  */
130
150
  async function verifyCredentialSdJwt(rawCredential, issuerKeys, holderBindingContext) {
131
- const {
132
- protectedHeader
133
- } = decode(rawCredential);
134
- const verifierJwk = getJwkFromHeader(protectedHeader, issuerKeys);
135
151
  const sdJwtInstance = new SDJwtInstance({
136
152
  hasher: digest,
137
- verifier: await ES256.getVerifier(verifierJwk)
153
+ verifier: sdJwtInstanceVerifier
138
154
  });
139
- const [verifiedCredential, holderBindingKey] = await Promise.all([sdJwtInstance.verify(rawCredential), holderBindingContext.getPublicKey()]);
155
+ const [verifiedCredential, holderBindingKey] = await Promise.all([sdJwtInstance.verify(rawCredential, {
156
+ issuerKeys,
157
+ skewSeconds: 30
158
+ }), holderBindingContext.getPublicKey()]);
140
159
  const {
141
160
  cnf
142
161
  } = verifiedCredential.payload;
@@ -147,14 +166,26 @@ async function verifyCredentialSdJwt(rawCredential, issuerKeys, holderBindingCon
147
166
  }
148
167
  return await sdJwtInstance.decode(fixLegacyCredentialSdJwt(rawCredential));
149
168
  }
150
- export const verifyAndParseCredentialSdJwt = async (issuerConf, credential, credentialConfigurationId, _ref) => {
169
+ export const verifyAndParseCredentialSdJwt = async (issuerConf, credential, credentialConfigurationId, _ref, x509CertRoot) => {
151
170
  let {
152
171
  credentialCryptoContext,
153
172
  ignoreMissingAttributes,
154
- includeUndefinedAttributes
173
+ includeUndefinedAttributes,
174
+ validateCertificateChain
155
175
  } = _ref;
156
176
  const decoded = await verifyCredentialSdJwt(credential, issuerConf.keys, credentialCryptoContext);
157
177
  Logger.log(LogLevel.DEBUG, `Decoded credential: ${JSON.stringify(decoded)}`);
178
+ if (validateCertificateChain) {
179
+ var _decoded$jwt;
180
+ if (!x509CertRoot) {
181
+ throw new IoWalletError("Missing x509CertRoot");
182
+ }
183
+ const x5c = (_decoded$jwt = decoded.jwt) === null || _decoded$jwt === void 0 || (_decoded$jwt = _decoded$jwt.header) === null || _decoded$jwt === void 0 ? void 0 : _decoded$jwt.x5c;
184
+ if (!x5c || !Array.isArray(x5c) || x5c.length === 0) {
185
+ throw new MissingX509CertsError("Missing x509 certificates");
186
+ }
187
+ await verifyX509Chain(x5c, x509CertRoot);
188
+ }
158
189
  const credentialConfig = issuerConf.credential_configurations_supported[credentialConfigurationId];
159
190
  if (!credentialConfig) {
160
191
  Logger.log(LogLevel.ERROR, `Credential type not supported by the issuer: ${credentialConfigurationId}`);
package/lib/module/credential/issuance/common/06-verify-and-parse-credential.sdjwt.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["getJwkFromHeader","decode","SDJwtInstance","digest","ES256","isPathEqual","isPrefixOf","IoWalletError","LogLevel","Logger","isSameThumbprint","fixLegacyCredentialSdJwt","parseCredentialSdJwt","credentialConfig","parsedCredentialRaw","ignoreMissingAttributes","arguments","length","undefined","includeUndefinedAttributes","claimsMetadata","claims","missingPaths","rootKeysToVerify","Set","map","c","path","filter","p","rootKey","push","missing","join","received","Object","keys","getDisplayNames","match","find","nameMap","entry","display","locale","name","processLevel","currentData","currentPath","Array","isArray","item","dataObj","result","processedKeys","configKeysAtThisLevel","claim","nextPart","includes","key","stringKey","toString","dataValue","newPath","localizedNames","value","add","entries","has","verifyCredentialSdJwt","rawCredential","issuerKeys","holderBindingContext","protectedHeader","verifierJwk","sdJwtInstance","hasher","verifier","getVerifier","verifiedCredential","holderBindingKey","Promise","all","verify","getPublicKey","cnf","payload","jwk","message","kid","log","ERROR","verifyAndParseCredentialSdJwt","issuerConf","credential","credentialConfigurationId","_ref","credentialCryptoContext","decoded","DEBUG","JSON","stringify","credential_configurations_supported","getClaims","parsedCredential","issuedAt","iat","Date","exp","expiration"],"sourceRoot":"../../../../../src","sources":["credential/issuance/common/06-verify-and-parse-credential.sdjwt.ts"],"mappings":"AAAA,SACEA,gBAAgB,EAEhBC,MAAM,QACD,6BAA6B;AACpC,SAAqBC,aAAa,QAAQ,cAAc;AACxD,SAASC,MAAM,EAAEC,KAAK,QAAQ,uBAAuB;AACrD,SAASC,WAAW,EAAEC,UAAU,QAAQ,uBAAuB;AAC/D,SAASC,aAAa,QAAQ,uBAAuB;AACrD,SAASC,QAAQ,EAAEC,MAAM,QAAQ,wBAAwB;AACzD,SAASC,gBAAgB,QAAkB,oBAAoB;AAE/D,SAASC,wBAAwB,QAAQ,4BAA4B;AAMrE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMC,oBAAoB,GAAG,SAAAA,CAC3BC,gBAAgC,EAChCC,mBAA4C,EAGvB;EAAA,IAFrBC,uBAAgC,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,KAAK;EAAA,IACxCG,0BAAmC,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,KAAK;EAE3C,MAAMI,cAAc,GAAGP,gBAAgB,CAACQ,MAAM,IAAI,EAAE;;EAEpD;EACA,IAAI,CAACN,uBAAuB,EAAE;IAC5B,MAAMO,YAAsB,GAAG,EAAE;IACjC,MAAMC,gBAAgB,GAAG,IAAIC,GAAG,CAC9BJ,cAAc,CACXK,GAAG,CAAEC,CAAC,IAAKA,CAAC,CAACC,IAAI,CAAC,CAAC,CAAC,CAAC,CACrBC,MAAM,CAAEC,CAAC,IAAkB,OAAOA,CAAC,KAAK,QAAQ,CACrD,CAAC;IAED,KAAK,MAAMC,OAAO,IAAIP,gBAAgB,EAAE;MACtC,IAAI,EAAEO,OAAO,IAAIhB,mBAAmB,CAAC,EAAE;QACrCQ,YAAY,CAACS,IAAI,CAACD,OAAO,CAAC;MAC5B;IACF;IAEA,IAAIR,YAAY,CAACL,MAAM,GAAG,CAAC,EAAE;MAC3B,MAAMe,OAAO,GAAGV,YAAY,CAACW,IAAI,CAAC,IAAI,CAAC;MACvC,MAAMC,QAAQ,GAAGC,MAAM,CAACC,IAAI,CAACtB,mBAAmB,CAAC,CAACmB,IAAI,CAAC,IAAI,CAAC;MAC5D,MAAM,IAAI1B,aAAa,CACpB,4DAA2DyB,OAAQ,iBAAgBE,QAAS,GAC/F,CAAC;IACH;EACF;;EAEA;AACF;AACA;EACE,MAAMG,eAAe,GACnBV,IAAgC,IACO;IACvC,MAAMW,KAAK,GAAGlB,cAAc,CAACmB,IAAI,CAAEb,CAAC,IAAKrB,WAAW,CAACqB,CAAC,CAACC,IAAI,EAAEA,IAAI,CAAC,CAAC;IACnE,IAAI,CAACW,KAAK,EAAE,OAAOpB,SAAS;IAE5B,MAAMsB,OAA+B,GAAG,CAAC,CAAC;IAC1C,KAAK,MAAMC,KAAK,IAAIH,KAAK,CAACI,OAAO,EAAE;MACjCF,OAAO,CAACC,KAAK,CAACE,MAAM,CAAC,GAAGF,KAAK,CAACG,IAAI;IACpC;IACA,OAAOJ,OAAO;EAChB,CAAC;;EAED;AACF;AACA;EACE,MAAMK,YAAY,GAAGA,CACnBC,WAAoB,EACpBC,WAAuC,KAC3B;IACZ;IACA,IAAIC,KAAK,CAACC,OAAO,CAACH,WAAW,CAAC,EAAE;MAC9B,OAAOA,WAAW,CAACrB,GAAG,CAAEyB,IAAI,IAC1BL,YAAY,CAACK,IAAI,EAAE,CAAC,GAAGH,WAAW,EAAE,IAAI,CAAC,CAC3C,CAAC;IACH;;IAEA;IACA,IAAI,OAAOD,WAAW,KAAK,QAAQ,IAAIA,WAAW,KAAK,IAAI,EAAE;MAC3D,OAAOA,WAAW;IACpB;IAEA,MAAMK,OAAO,GAAGL,WAAsC;IACtD,MAAMM,MAAwB,GAAG,CAAC,CAAC;IACnC,MAAMC,aAAa,GAAG,IAAI7B,GAAG,CAAkB,CAAC;;IAEhD;IACA,MAAM8B,qBAA0C,GAAG,EAAE;IACrD,KAAK,MAAMC,KAAK,IAAInC,cAAc,EAAE;MAClC;MACA,IAAId,UAAU,CAACyC,WAAW,EAAEQ,KAAK,CAAC5B,IAAI,CAAC,EAAE;QACvC,MAAM6B,QAAQ,GAAGD,KAAK,CAAC5B,IAAI,CAACoB,WAAW,CAAC9B,MAAM,CAAC;QAC/C,IACE,CAAC,OAAOuC,QAAQ,KAAK,QAAQ,IAAI,OAAOA,QAAQ,KAAK,QAAQ,KAC7D,CAACF,qBAAqB,CAACG,QAAQ,CAACD,QAAQ,CAAC,EACzC;UACAF,qBAAqB,CAACvB,IAAI,CAACyB,QAAQ,CAAC;QACtC;MACF;IACF;;IAEA;IACA,KAAK,MAAME,GAAG,IAAIJ,qBAAqB,EAAE;MACvC,MAAMK,SAAS,GAAGD,GAAG,CAACE,QAAQ,CAAC,CAAC;MAChC,MAAMC,SAAS,GAAGV,OAAO,CAACQ,SAAS,CAAC;MACpC,IAAIE,SAAS,KAAK3C,SAAS,EAAE;MAE7B,MAAM4C,OAAO,GAAG,CAAC,GAAGf,WAAW,EAAEW,GAAG,CAAC;MAErC,IAAIK,cAAc,GAAG1B,eAAe,CAACyB,OAAO,CAAC;;MAE7C;MACA,IAAI,CAACC,cAAc,IAAIf,KAAK,CAACC,OAAO,CAACY,SAAS,CAAC,EAAE;QAC/CE,cAAc,GAAG1B,eAAe,CAAC,CAAC,GAAGyB,OAAO,EAAE,IAAI,CAAC,CAAC;MACtD;MAEAV,MAAM,CAACO,SAAS,CAAC,GAAG;QAClBf,IAAI,EAAEmB,cAAc,IAAIJ,SAAS;QACjCK,KAAK,EAAEnB,YAAY,CAACgB,SAAS,EAAEC,OAAO;MACxC,CAAC;MAEDT,aAAa,CAACY,GAAG,CAACP,GAAG,CAAC;IACxB;;IAEA;IACA,IAAIvC,0BAA0B,EAAE;MAC9B,KAAK,MAAM,CAACuC,GAAG,EAAEM,KAAK,CAAC,IAAI7B,MAAM,CAAC+B,OAAO,CAACf,OAAO,CAAC,EAAE;QAClD,IAAI,CAACE,aAAa,CAACc,GAAG,CAACT,GAAG,CAAC,EAAE;UAC3BN,MAAM,CAACM,GAAG,CAAC,GAAG;YACZd,IAAI,EAAEc,GAAG;YACTM,KAAK,EAAEA;UACT,CAAC;QACH;MACF;IACF;IAEA,OAAOZ,MAAM;EACf,CAAC;EAED,OAAOP,YAAY,CAAC/B,mBAAmB,EAAE,EAAE,CAAC;AAC9C,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,eAAesD,qBAAqBA,CAClCC,aAAqB,EACrBC,UAAiB,EACjBC,oBAAmC,EACnB;EAChB,MAAM;IAAEC;EAAgB,CAAC,GAAGvE,MAAM,CAACoE,aAAa,CAAC;EACjD,MAAMI,WAAW,GAAGzE,gBAAgB,CAACwE,eAAe,EAAEF,UAAU,CAAC;EAEjE,MAAMI,aAAa,GAAG,IAAIxE,aAAa,CAAC;IACtCyE,MAAM,EAAExE,MAAM;IACdyE,QAAQ,EAAE,MAAMxE,KAAK,CAACyE,WAAW,CAACJ,WAAW;EAC/C,CAAC,CAAC;EAEF,MAAM,CAACK,kBAAkB,EAAEC,gBAAgB,CAAC,GAAG,MAAMC,OAAO,CAACC,GAAG,CAAC,CAC/DP,aAAa,CAACQ,MAAM,CAACb,aAAa,CAAC,EACnCE,oBAAoB,CAACY,YAAY,CAAC,CAAC,CACpC,CAAC;EAEF,MAAM;IAAEC;EAAI,CAAC,GAAGN,kBAAkB,CAACO,OAAkC;EACrE,IAAI,EAAE,MAAM3E,gBAAgB,CAAC0E,GAAG,CAACE,GAAG,EAAEP,gBAAuB,CAAC,CAAC,EAAE;IAC/D,MAAMQ,OAAO,GAAI,kDAAiDR,gBAAgB,CAACS,GAAI,UAASJ,GAAG,CAACE,GAAG,CAACE,GAAI,EAAC;IAC7G/E,MAAM,CAACgF,GAAG,CAACjF,QAAQ,CAACkF,KAAK,EAAEH,OAAO,CAAC;IACnC,MAAM,IAAIhF,aAAa,CAACgF,OAAO,CAAC;EAClC;EAEA,OAAO,MAAMb,aAAa,CAACzE,MAAM,CAACU,wBAAwB,CAAC0D,aAAa,CAAC,CAAC;AAC5E;AAEA,OAAO,MAAMsB,6BAAsE,GACjF,MAAAA,CACEC,UAAU,EACVC,UAAU,EACVC,yBAAyB,EAAAC,IAAA,KAMtB;EAAA,IALH;IACEC,uBAAuB;IACvBjF,uBAAuB;IACvBI;EACF,CAAC,GAAA4E,IAAA;EAED,MAAME,OAAO,GAAG,MAAM7B,qBAAqB,CACzCyB,UAAU,EACVD,UAAU,CAACxD,IAAI,EACf4D,uBACF,CAAC;EAEDvF,MAAM,CAACgF,GAAG,CACRjF,QAAQ,CAAC0F,KAAK,EACb,uBAAsBC,IAAI,CAACC,SAAS,CAACH,OAAO,CAAE,EACjD,CAAC;EAED,MAAMpF,gBAAgB,GACpB+E,UAAU,CAACS,mCAAmC,CAACP,yBAAyB,CAAC;EAE3E,IAAI,CAACjF,gBAAgB,EAAE;IACrBJ,MAAM,CAACgF,GAAG,CACRjF,QAAQ,CAACkF,KAAK,EACb,gDAA+CI,yBAA0B,EAC5E,CAAC;IACD,MAAM,IAAIvF,aAAa,CAAC,6CAA6C,CAAC;EACxE;EAEA,MAAMO,mBAAmB,GAAI,MAAMmF,OAAO,CAACK,SAAS,CAACnG,MAAM,CAG1D;EAED,MAAMoG,gBAAgB,GAAG3F,oBAAoB,CAC3CC,gBAAgB,EAChBC,mBAAmB,EACnBC,uBAAuB,EACvBI,0BACF,CAAC;EAED,MAAMqF,QAAQ,GACZ,OAAO1F,mBAAmB,CAAC2F,GAAG,KAAK,QAAQ,GACvC,IAAIC,IAAI,CAAC5F,mBAAmB,CAAC2F,GAAG,GAAG,IAAI,CAAC,GACxCvF,SAAS;EAEf,IAAI,OAAOJ,mBAAmB,CAAC6F,GAAG,KAAK,QAAQ,EAAE;IAC/C,MAAM,IAAIpG,aAAa,CAAC,2CAA2C,CAAC;EACtE;EACA,MAAMqG,UAAU,GAAG,IAAIF,IAAI,CAAC5F,mBAAmB,CAAC6F,GAAG,GAAG,IAAI,CAAC;EAE3DlG,MAAM,CAACgF,GAAG,CACRjF,QAAQ,CAAC0F,KAAK,EACb,sBAAqBC,IAAI,CAACC,SAAS,CAACG,gBAAgB,CAAE,gBAAeC,QAAS,EACjF,CAAC;EAED,OAAO;IACLD,gBAAgB;IAChBK,UAAU;IACVJ;EACF,CAAC;AACH,CAAC"}
1
+ {"version":3,"names":["verify","verifyJwt","SDJwtInstance","digest","isPathEqual","isPrefixOf","IoWalletError","LogLevel","Logger","isSameThumbprint","fixLegacyCredentialSdJwt","verifyX509Chain","MissingX509CertsError","parseCredentialSdJwt","credentialConfig","parsedCredentialRaw","ignoreMissingAttributes","arguments","length","undefined","includeUndefinedAttributes","claimsMetadata","claims","missingPaths","rootKeysToVerify","Set","map","c","path","filter","p","rootKey","push","missing","join","received","Object","keys","getDisplayNames","match","find","nameMap","entry","display","locale","name","processLevel","currentData","currentPath","Array","isArray","item","dataObj","result","processedKeys","configKeysAtThisLevel","claim","nextPart","includes","key","stringKey","toString","dataValue","newPath","localizedNames","value","add","entries","has","sdJwtInstanceVerifier","data","signature","options","issuerKeys","clockTolerance","skewSeconds","verifyCredentialSdJwt","rawCredential","holderBindingContext","sdJwtInstance","hasher","verifier","verifiedCredential","holderBindingKey","Promise","all","getPublicKey","cnf","payload","jwk","message","kid","log","ERROR","decode","verifyAndParseCredentialSdJwt","issuerConf","credential","credentialConfigurationId","_ref","x509CertRoot","credentialCryptoContext","validateCertificateChain","decoded","DEBUG","JSON","stringify","_decoded$jwt","x5c","jwt","header","credential_configurations_supported","getClaims","parsedCredential","issuedAt","iat","Date","exp","expiration"],"sourceRoot":"../../../../../src","sources":["credential/issuance/common/06-verify-and-parse-credential.sdjwt.ts"],"mappings":"AAAA,SAEEA,MAAM,IAAIC,SAAS,QACd,6BAA6B;AACpC,SAA2CC,aAAa,QAAQ,cAAc;AAC9E,SAASC,MAAM,QAAQ,uBAAuB;AAE9C,SAASC,WAAW,EAAEC,UAAU,QAAQ,uBAAuB;AAC/D,SAASC,aAAa,QAAQ,uBAAuB;AACrD,SAASC,QAAQ,EAAEC,MAAM,QAAQ,wBAAwB;AACzD,SAASC,gBAAgB,QAAkB,oBAAoB;AAE/D,SAASC,wBAAwB,QAAQ,4BAA4B;AACrE,SAASC,eAAe,QAAQ,qBAAqB;AACrD,SAASC,qBAAqB,QAAQ,8BAA8B;AAMpE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMC,oBAAoB,GAAG,SAAAA,CAC3BC,gBAAgC,EAChCC,mBAA4C,EAGvB;EAAA,IAFrBC,uBAAgC,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,KAAK;EAAA,IACxCG,0BAAmC,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,KAAK;EAE3C,MAAMI,cAAc,GAAGP,gBAAgB,CAACQ,MAAM,IAAI,EAAE;;EAEpD;EACA,IAAI,CAACN,uBAAuB,EAAE;IAC5B,MAAMO,YAAsB,GAAG,EAAE;IACjC,MAAMC,gBAAgB,GAAG,IAAIC,GAAG,CAC9BJ,cAAc,CACXK,GAAG,CAAEC,CAAC,IAAKA,CAAC,CAACC,IAAI,CAAC,CAAC,CAAC,CAAC,CACrBC,MAAM,CAAEC,CAAC,IAAkB,OAAOA,CAAC,KAAK,QAAQ,CACrD,CAAC;IAED,KAAK,MAAMC,OAAO,IAAIP,gBAAgB,EAAE;MACtC,IAAI,EAAEO,OAAO,IAAIhB,mBAAmB,CAAC,EAAE;QACrCQ,YAAY,CAACS,IAAI,CAACD,OAAO,CAAC;MAC5B;IACF;IAEA,IAAIR,YAAY,CAACL,MAAM,GAAG,CAAC,EAAE;MAC3B,MAAMe,OAAO,GAAGV,YAAY,CAACW,IAAI,CAAC,IAAI,CAAC;MACvC,MAAMC,QAAQ,GAAGC,MAAM,CAACC,IAAI,CAACtB,mBAAmB,CAAC,CAACmB,IAAI,CAAC,IAAI,CAAC;MAC5D,MAAM,IAAI5B,aAAa,CACpB,4DAA2D2B,OAAQ,iBAAgBE,QAAS,GAC/F,CAAC;IACH;EACF;;EAEA;AACF;AACA;EACE,MAAMG,eAAe,GACnBV,IAAgC,IACO;IACvC,MAAMW,KAAK,GAAGlB,cAAc,CAACmB,IAAI,CAAEb,CAAC,IAAKvB,WAAW,CAACuB,CAAC,CAACC,IAAI,EAAEA,IAAI,CAAC,CAAC;IACnE,IAAI,CAACW,KAAK,EAAE,OAAOpB,SAAS;IAE5B,MAAMsB,OAA+B,GAAG,CAAC,CAAC;IAC1C,KAAK,MAAMC,KAAK,IAAIH,KAAK,CAACI,OAAO,EAAE;MACjCF,OAAO,CAACC,KAAK,CAACE,MAAM,CAAC,GAAGF,KAAK,CAACG,IAAI;IACpC;IACA,OAAOJ,OAAO;EAChB,CAAC;;EAED;AACF;AACA;EACE,MAAMK,YAAY,GAAGA,CACnBC,WAAoB,EACpBC,WAAuC,KAC3B;IACZ;IACA,IAAIC,KAAK,CAACC,OAAO,CAACH,WAAW,CAAC,EAAE;MAC9B,OAAOA,WAAW,CAACrB,GAAG,CAAEyB,IAAI,IAC1BL,YAAY,CAACK,IAAI,EAAE,CAAC,GAAGH,WAAW,EAAE,IAAI,CAAC,CAC3C,CAAC;IACH;;IAEA;IACA,IAAI,OAAOD,WAAW,KAAK,QAAQ,IAAIA,WAAW,KAAK,IAAI,EAAE;MAC3D,OAAOA,WAAW;IACpB;IAEA,MAAMK,OAAO,GAAGL,WAAsC;IACtD,MAAMM,MAAwB,GAAG,CAAC,CAAC;IACnC,MAAMC,aAAa,GAAG,IAAI7B,GAAG,CAAkB,CAAC;;IAEhD;IACA,MAAM8B,qBAA0C,GAAG,EAAE;IACrD,KAAK,MAAMC,KAAK,IAAInC,cAAc,EAAE;MAClC;MACA,IAAIhB,UAAU,CAAC2C,WAAW,EAAEQ,KAAK,CAAC5B,IAAI,CAAC,EAAE;QACvC,MAAM6B,QAAQ,GAAGD,KAAK,CAAC5B,IAAI,CAACoB,WAAW,CAAC9B,MAAM,CAAC;QAC/C,IACE,CAAC,OAAOuC,QAAQ,KAAK,QAAQ,IAAI,OAAOA,QAAQ,KAAK,QAAQ,KAC7D,CAACF,qBAAqB,CAACG,QAAQ,CAACD,QAAQ,CAAC,EACzC;UACAF,qBAAqB,CAACvB,IAAI,CAACyB,QAAQ,CAAC;QACtC;MACF;IACF;;IAEA;IACA,KAAK,MAAME,GAAG,IAAIJ,qBAAqB,EAAE;MACvC,MAAMK,SAAS,GAAGD,GAAG,CAACE,QAAQ,CAAC,CAAC;MAChC,MAAMC,SAAS,GAAGV,OAAO,CAACQ,SAAS,CAAC;MACpC,IAAIE,SAAS,KAAK3C,SAAS,EAAE;MAE7B,MAAM4C,OAAO,GAAG,CAAC,GAAGf,WAAW,EAAEW,GAAG,CAAC;MAErC,IAAIK,cAAc,GAAG1B,eAAe,CAACyB,OAAO,CAAC;;MAE7C;MACA,IAAI,CAACC,cAAc,IAAIf,KAAK,CAACC,OAAO,CAACY,SAAS,CAAC,EAAE;QAC/CE,cAAc,GAAG1B,eAAe,CAAC,CAAC,GAAGyB,OAAO,EAAE,IAAI,CAAC,CAAC;MACtD;MAEAV,MAAM,CAACO,SAAS,CAAC,GAAG;QAClBf,IAAI,EAAEmB,cAAc,IAAIJ,SAAS;QACjCK,KAAK,EAAEnB,YAAY,CAACgB,SAAS,EAAEC,OAAO;MACxC,CAAC;MAEDT,aAAa,CAACY,GAAG,CAACP,GAAG,CAAC;IACxB;;IAEA;IACA,IAAIvC,0BAA0B,EAAE;MAC9B,KAAK,MAAM,CAACuC,GAAG,EAAEM,KAAK,CAAC,IAAI7B,MAAM,CAAC+B,OAAO,CAACf,OAAO,CAAC,EAAE;QAClD,IAAI,CAACE,aAAa,CAACc,GAAG,CAACT,GAAG,CAAC,EAAE;UAC3BN,MAAM,CAACM,GAAG,CAAC,GAAG;YACZd,IAAI,EAAEc,GAAG;YACTM,KAAK,EAAEA;UACT,CAAC;QACH;MACF;IACF;IAEA,OAAOZ,MAAM;EACf,CAAC;EAED,OAAOP,YAAY,CAAC/B,mBAAmB,EAAE,EAAE,CAAC;AAC9C,CAAC;AAID;AACA;AACA;AACA;AACA;AACA,MAAMsD,qBAA4C,GAAG,MAAAA,CACnDC,IAAI,EACJC,SAAS,EACTC,OAAO,KACJ;EACH,IAAI,EAACA,OAAO,aAAPA,OAAO,eAAPA,OAAO,CAAEC,UAAU,GAAE;IACxB,OAAO,KAAK;EACd;EACA,IAAI;IACF,MAAMxE,SAAS,CAAE,GAAEqE,IAAK,IAAGC,SAAU,EAAC,EAAEC,OAAO,CAACC,UAAU,EAAE;MAC1DC,cAAc,EAAEF,OAAO,CAACG;IAC1B,CAAC,CAAC;IACF,OAAO,IAAI;EACb,CAAC,CAAC,MAAM;IACN,OAAO,KAAK;EACd;AACF,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,eAAeC,qBAAqBA,CAClCC,aAAqB,EACrBJ,UAAiB,EACjBK,oBAAmC,EACnB;EAChB,MAAMC,aAAa,GAAG,IAAI7E,aAAa,CAAC;IACtC8E,MAAM,EAAE7E,MAAM;IACd8E,QAAQ,EAAEZ;EACZ,CAAC,CAAC;EAEF,MAAM,CAACa,kBAAkB,EAAEC,gBAAgB,CAAC,GAAG,MAAMC,OAAO,CAACC,GAAG,CAAC,CAC/DN,aAAa,CAAC/E,MAAM,CAAC6E,aAAa,EAAE;IAAEJ,UAAU;IAAEE,WAAW,EAAE;EAAG,CAAC,CAAC,EACpEG,oBAAoB,CAACQ,YAAY,CAAC,CAAC,CACpC,CAAC;EAEF,MAAM;IAAEC;EAAI,CAAC,GAAGL,kBAAkB,CAACM,OAAkC;EACrE,IAAI,EAAE,MAAM/E,gBAAgB,CAAC8E,GAAG,CAACE,GAAG,EAAEN,gBAAuB,CAAC,CAAC,EAAE;IAC/D,MAAMO,OAAO,GAAI,kDAAiDP,gBAAgB,CAACQ,GAAI,UAASJ,GAAG,CAACE,GAAG,CAACE,GAAI,EAAC;IAC7GnF,MAAM,CAACoF,GAAG,CAACrF,QAAQ,CAACsF,KAAK,EAAEH,OAAO,CAAC;IACnC,MAAM,IAAIpF,aAAa,CAACoF,OAAO,CAAC;EAClC;EAEA,OAAO,MAAMX,aAAa,CAACe,MAAM,CAACpF,wBAAwB,CAACmE,aAAa,CAAC,CAAC;AAC5E;AAEA,OAAO,MAAMkB,6BAAsE,GACjF,MAAAA,CACEC,UAAU,EACVC,UAAU,EACVC,yBAAyB,EAAAC,IAAA,EAOzBC,YAAY,KACT;EAAA,IAPH;IACEC,uBAAuB;IACvBrF,uBAAuB;IACvBI,0BAA0B;IAC1BkF;EACF,CAAC,GAAAH,IAAA;EAGD,MAAMI,OAAO,GAAG,MAAM3B,qBAAqB,CACzCqB,UAAU,EACVD,UAAU,CAAC3D,IAAI,EACfgE,uBACF,CAAC;EAED7F,MAAM,CAACoF,GAAG,CACRrF,QAAQ,CAACiG,KAAK,EACb,uBAAsBC,IAAI,CAACC,SAAS,CAACH,OAAO,CAAE,EACjD,CAAC;EAED,IAAID,wBAAwB,EAAE;IAAA,IAAAK,YAAA;IAC5B,IAAI,CAACP,YAAY,EAAE;MACjB,MAAM,IAAI9F,aAAa,CAAC,sBAAsB,CAAC;IACjD;IACA,MAAMsG,GAAG,IAAAD,YAAA,GAAGJ,OAAO,CAACM,GAAG,cAAAF,YAAA,gBAAAA,YAAA,GAAXA,YAAA,CAAaG,MAAM,cAAAH,YAAA,uBAAnBA,YAAA,CAAqBC,GAA2B;IAC5D,IAAI,CAACA,GAAG,IAAI,CAAC3D,KAAK,CAACC,OAAO,CAAC0D,GAAG,CAAC,IAAIA,GAAG,CAAC1F,MAAM,KAAK,CAAC,EAAE;MACnD,MAAM,IAAIN,qBAAqB,CAAC,2BAA2B,CAAC;IAC9D;IACA,MAAMD,eAAe,CAACiG,GAAG,EAAER,YAAY,CAAC;EAC1C;EAEA,MAAMtF,gBAAgB,GACpBkF,UAAU,CAACe,mCAAmC,CAACb,yBAAyB,CAAC;EAE3E,IAAI,CAACpF,gBAAgB,EAAE;IACrBN,MAAM,CAACoF,GAAG,CACRrF,QAAQ,CAACsF,KAAK,EACb,gDAA+CK,yBAA0B,EAC5E,CAAC;IACD,MAAM,IAAI5F,aAAa,CAAC,6CAA6C,CAAC;EACxE;EAEA,MAAMS,mBAAmB,GAAI,MAAMwF,OAAO,CAACS,SAAS,CAAC7G,MAAM,CAG1D;EAED,MAAM8G,gBAAgB,GAAGpG,oBAAoB,CAC3CC,gBAAgB,EAChBC,mBAAmB,EACnBC,uBAAuB,EACvBI,0BACF,CAAC;EAED,MAAM8F,QAAQ,GACZ,OAAOnG,mBAAmB,CAACoG,GAAG,KAAK,QAAQ,GACvC,IAAIC,IAAI,CAACrG,mBAAmB,CAACoG,GAAG,GAAG,IAAI,CAAC,GACxChG,SAAS;EAEf,IAAI,OAAOJ,mBAAmB,CAACsG,GAAG,KAAK,QAAQ,EAAE;IAC/C,MAAM,IAAI/G,aAAa,CAAC,2CAA2C,CAAC;EACtE;EACA,MAAMgH,UAAU,GAAG,IAAIF,IAAI,CAACrG,mBAAmB,CAACsG,GAAG,GAAG,IAAI,CAAC;EAE3D7G,MAAM,CAACoF,GAAG,CACRrF,QAAQ,CAACiG,KAAK,EACb,sBAAqBC,IAAI,CAACC,SAAS,CAACO,gBAAgB,CAAE,gBAAeC,QAAS,EACjF,CAAC;EAED,OAAO;IACLD,gBAAgB;IAChBK,UAAU;IACVJ;EACF,CAAC;AACH,CAAC"}
package/lib/module/credential/issuance/mrtd-pop/02-init-challenge.js CHANGED
@@ -1,41 +1,54 @@
1
- import { v4 as uuidv4 } from "uuid";
2
- import { fetchMrtdPopInit } from "@pagopa/io-wallet-oauth2";
1
+ import { createClientAttestationPopJwt, fetchMrtdPopInit } from "@pagopa/io-wallet-oauth2";
3
2
  import { UnexpectedStatusCodeError as SdkUnexpectedStatusCodeError } from "@pagopa/io-wallet-utils";
4
- import { createPopToken } from "../../../utils/pop";
5
3
  import { Logger, LogLevel } from "../../../utils/logging";
6
- import * as WalletInstanceAttestation from "../../../wallet-instance-attestation/v1.0.0/utils"; // TODO: decouple from version 1.0.0
7
4
  import { IssuerResponseError, IssuerResponseErrorCodes, ResponseErrorBuilder } from "../../../utils/errors";
8
- import { createVerifyJwtFromJwks } from "../../../utils/callbacks";
9
- export const initChallenge = async (issuerConf, initUrl, mrtd_auth_session, mrtd_pop_jwt_nonce, context) => {
10
- const {
11
- appFetch = fetch,
12
- walletInstanceAttestation,
13
- wiaCryptoContext
14
- } = context;
15
- const iss = WalletInstanceAttestation.decode(walletInstanceAttestation).payload.cnf.jwk.kid;
16
- const signedWiaPoP = await createPopToken({
17
- jti: uuidv4(),
18
- aud: issuerConf.credential_issuer,
19
- iss
20
- }, wiaCryptoContext);
21
- const initResult = await fetchMrtdPopInit({
22
- popInitEndpoint: initUrl,
23
- mrtdAuthSession: mrtd_auth_session,
24
- mrtdPopJwtNonce: mrtd_pop_jwt_nonce,
25
- walletAttestation: walletInstanceAttestation,
26
- clientAttestationDPoP: signedWiaPoP,
27
- callbacks: {
28
- verifyJwt: createVerifyJwtFromJwks(issuerConf.keys),
29
- fetch: appFetch
30
- }
31
- }).catch(handleInitChallengeError);
32
- return {
33
- challenge: initResult.challenge,
34
- mrtd_pop_nonce: initResult.mrtdPopNonce,
35
- pop_verify_endpoint: initResult.popVerifyEndpoint,
36
- mrz: initResult.mrz
5
+ import { createSignJwtFromCryptoContext, createVerifyJwtFromJwks, partialCallbacks } from "../../../utils/callbacks";
6
+ /**
7
+ * Factory function to create `initChallenge` for MRTD PoP flow.
8
+ * The factory is needed to inject version specific SDK configuration.
9
+ * @param config Configuration object containing the IO Wallet SDK configuration
10
+ * @returns `initChallenge` function compliant with the public API
11
+ */
12
+ export function createInitChallenge(config) {
13
+ return async function initChallenge(issuerConf, initUrl, mrtd_auth_session, mrtd_pop_jwt_nonce, context) {
14
+ const {
15
+ appFetch = fetch,
16
+ walletInstanceAttestation,
17
+ wiaCryptoContext
18
+ } = context;
19
+ const clientAttestationDPoP = await createClientAttestationPopJwt({
20
+ config: config.sdkConfig,
21
+ callbacks: {
22
+ generateRandom: partialCallbacks.generateRandom,
23
+ signJwt: createSignJwtFromCryptoContext(wiaCryptoContext)
24
+ },
25
+ clientAttestation: walletInstanceAttestation,
26
+ authorizationServer: issuerConf.credential_issuer,
27
+ signer: {
28
+ method: "jwk",
29
+ alg: "ES256",
30
+ publicJwk: await wiaCryptoContext.getPublicKey()
31
+ }
32
+ });
33
+ const initResult = await fetchMrtdPopInit({
34
+ popInitEndpoint: initUrl,
35
+ mrtdAuthSession: mrtd_auth_session,
36
+ mrtdPopJwtNonce: mrtd_pop_jwt_nonce,
37
+ walletAttestation: walletInstanceAttestation,
38
+ clientAttestationDPoP,
39
+ callbacks: {
40
+ verifyJwt: createVerifyJwtFromJwks(issuerConf.keys),
41
+ fetch: appFetch
42
+ }
43
+ }).catch(handleInitChallengeError);
44
+ return {
45
+ challenge: initResult.challenge,
46
+ mrtd_pop_nonce: initResult.mrtdPopNonce,
47
+ pop_verify_endpoint: initResult.popVerifyEndpoint,
48
+ mrz: initResult.mrz
49
+ };
37
50
  };
38
- };
51
+ }
39
52
  const handleInitChallengeError = e => {
40
53
  Logger.log(LogLevel.ERROR, `Failed to get MRTD challenge: ${e}`);
41
54
  if (!(e instanceof SdkUnexpectedStatusCodeError)) {
package/lib/module/credential/issuance/mrtd-pop/02-init-challenge.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["v4","uuidv4","fetchMrtdPopInit","UnexpectedStatusCodeError","SdkUnexpectedStatusCodeError","createPopToken","Logger","LogLevel","WalletInstanceAttestation","IssuerResponseError","IssuerResponseErrorCodes","ResponseErrorBuilder","createVerifyJwtFromJwks","initChallenge","issuerConf","initUrl","mrtd_auth_session","mrtd_pop_jwt_nonce","context","appFetch","fetch","walletInstanceAttestation","wiaCryptoContext","iss","decode","payload","cnf","jwk","kid","signedWiaPoP","jti","aud","credential_issuer","initResult","popInitEndpoint","mrtdAuthSession","mrtdPopJwtNonce","walletAttestation","clientAttestationDPoP","callbacks","verifyJwt","keys","catch","handleInitChallengeError","challenge","mrtd_pop_nonce","mrtdPopNonce","pop_verify_endpoint","popVerifyEndpoint","mrz","e","log","ERROR","handle","code","MrtdChallengeInitRequestFailed","message","buildFrom"],"sourceRoot":"../../../../../src","sources":["credential/issuance/mrtd-pop/02-init-challenge.ts"],"mappings":"AAAA,SAASA,EAAE,IAAIC,MAAM,QAAQ,MAAM;AACnC,SAASC,gBAAgB,QAAQ,0BAA0B;AAC3D,SAASC,yBAAyB,IAAIC,4BAA4B,QAAQ,yBAAyB;AACnG,SAASC,cAAc,QAAQ,oBAAoB;AACnD,SAASC,MAAM,EAAEC,QAAQ,QAAQ,wBAAwB;AACzD,OAAO,KAAKC,yBAAyB,MAAM,mDAAmD,CAAC,CAAC;AAChG,SACEC,mBAAmB,EACnBC,wBAAwB,EACxBC,oBAAoB,QACf,uBAAuB;AAE9B,SAASC,uBAAuB,QAAQ,0BAA0B;AAElE,OAAO,MAAMC,aAA0C,GAAG,MAAAA,CACxDC,UAAU,EACVC,OAAO,EACPC,iBAAiB,EACjBC,kBAAkB,EAClBC,OAAO,KACJ;EACH,MAAM;IACJC,QAAQ,GAAGC,KAAK;IAChBC,yBAAyB;IACzBC;EACF,CAAC,GAAGJ,OAAO;EAEX,MAAMK,GAAG,GAAGf,yBAAyB,CAACgB,MAAM,CAACH,yBAAyB,CAAC,CACpEI,OAAO,CAACC,GAAG,CAACC,GAAG,CAACC,GAAG;EAEtB,MAAMC,YAAY,GAAG,MAAMxB,cAAc,CACvC;IACEyB,GAAG,EAAE7B,MAAM,CAAC,CAAC;IACb8B,GAAG,EAAEjB,UAAU,CAACkB,iBAAiB;IACjCT;EACF,CAAC,EACDD,gBACF,CAAC;EAED,MAAMW,UAAU,GAAG,MAAM/B,gBAAgB,CAAC;IACxCgC,eAAe,EAAEnB,OAAO;IACxBoB,eAAe,EAAEnB,iBAAiB;IAClCoB,eAAe,EAAEnB,kBAAkB;IACnCoB,iBAAiB,EAAEhB,yBAAyB;IAC5CiB,qBAAqB,EAAET,YAAY;IACnCU,SAAS,EAAE;MACTC,SAAS,EAAE5B,uBAAuB,CAACE,UAAU,CAAC2B,IAAI,CAAC;MACnDrB,KAAK,EAAED;IACT;EACF,CAAC,CAAC,CAACuB,KAAK,CAACC,wBAAwB,CAAC;EAElC,OAAO;IACLC,SAAS,EAAEX,UAAU,CAACW,SAAS;IAC/BC,cAAc,EAAEZ,UAAU,CAACa,YAAY;IACvCC,mBAAmB,EAAEd,UAAU,CAACe,iBAAiB;IACjDC,GAAG,EAAEhB,UAAU,CAACgB;EAClB,CAAC;AACH,CAAC;AAED,MAAMN,wBAAwB,GAAIO,CAAU,IAAK;EAC/C5C,MAAM,CAAC6C,GAAG,CAAC5C,QAAQ,CAAC6C,KAAK,EAAG,iCAAgCF,CAAE,EAAC,CAAC;EAEhE,IAAI,EAAEA,CAAC,YAAY9C,4BAA4B,CAAC,EAAE;IAChD,MAAM8C,CAAC;EACT;EAEA,MAAM,IAAIvC,oBAAoB,CAACF,mBAAmB,CAAC,CAChD4C,MAAM,CAAC,GAAG,EAAE;IACXC,IAAI,EAAE5C,wBAAwB,CAAC6C,8BAA8B;IAC7DC,OAAO,EAAE;EACX,CAAC,CAAC,CACDC,SAAS,CAACP,CAAC,CAAC;AACjB,CAAC"}
1
+ {"version":3,"names":["createClientAttestationPopJwt","fetchMrtdPopInit","UnexpectedStatusCodeError","SdkUnexpectedStatusCodeError","Logger","LogLevel","IssuerResponseError","IssuerResponseErrorCodes","ResponseErrorBuilder","createSignJwtFromCryptoContext","createVerifyJwtFromJwks","partialCallbacks","createInitChallenge","config","initChallenge","issuerConf","initUrl","mrtd_auth_session","mrtd_pop_jwt_nonce","context","appFetch","fetch","walletInstanceAttestation","wiaCryptoContext","clientAttestationDPoP","sdkConfig","callbacks","generateRandom","signJwt","clientAttestation","authorizationServer","credential_issuer","signer","method","alg","publicJwk","getPublicKey","initResult","popInitEndpoint","mrtdAuthSession","mrtdPopJwtNonce","walletAttestation","verifyJwt","keys","catch","handleInitChallengeError","challenge","mrtd_pop_nonce","mrtdPopNonce","pop_verify_endpoint","popVerifyEndpoint","mrz","e","log","ERROR","handle","code","MrtdChallengeInitRequestFailed","message","buildFrom"],"sourceRoot":"../../../../../src","sources":["credential/issuance/mrtd-pop/02-init-challenge.ts"],"mappings":"AAAA,SACEA,6BAA6B,EAC7BC,gBAAgB,QACX,0BAA0B;AACjC,SAEEC,yBAAyB,IAAIC,4BAA4B,QACpD,yBAAyB;AAChC,SAASC,MAAM,EAAEC,QAAQ,QAAQ,wBAAwB;AACzD,SACEC,mBAAmB,EACnBC,wBAAwB,EACxBC,oBAAoB,QACf,uBAAuB;AAE9B,SACEC,8BAA8B,EAC9BC,uBAAuB,EACvBC,gBAAgB,QACX,0BAA0B;AAMjC;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,SAASC,mBAAmBA,CACjCC,MAAc,EACe;EAC7B,OAAO,eAAeC,aAAaA,CACjCC,UAAU,EACVC,OAAO,EACPC,iBAAiB,EACjBC,kBAAkB,EAClBC,OAAO,EACP;IACA,MAAM;MACJC,QAAQ,GAAGC,KAAK;MAChBC,yBAAyB;MACzBC;IACF,CAAC,GAAGJ,OAAO;IAEX,MAAMK,qBAAqB,GAAG,MAAMxB,6BAA6B,CAAC;MAChEa,MAAM,EAAEA,MAAM,CAACY,SAAS;MACxBC,SAAS,EAAE;QACTC,cAAc,EAAEhB,gBAAgB,CAACgB,cAAc;QAC/CC,OAAO,EAAEnB,8BAA8B,CAACc,gBAAgB;MAC1D,CAAC;MACDM,iBAAiB,EAAEP,yBAAyB;MAC5CQ,mBAAmB,EAAEf,UAAU,CAACgB,iBAAiB;MACjDC,MAAM,EAAE;QACNC,MAAM,EAAE,KAAK;QACbC,GAAG,EAAE,OAAO;QACZC,SAAS,EAAE,MAAMZ,gBAAgB,CAACa,YAAY,CAAC;MACjD;IACF,CAAC,CAAC;IAEF,MAAMC,UAAU,GAAG,MAAMpC,gBAAgB,CAAC;MACxCqC,eAAe,EAAEtB,OAAO;MACxBuB,eAAe,EAAEtB,iBAAiB;MAClCuB,eAAe,EAAEtB,kBAAkB;MACnCuB,iBAAiB,EAAEnB,yBAAyB;MAC5CE,qBAAqB;MACrBE,SAAS,EAAE;QACTgB,SAAS,EAAEhC,uBAAuB,CAACK,UAAU,CAAC4B,IAAI,CAAC;QACnDtB,KAAK,EAAED;MACT;IACF,CAAC,CAAC,CAACwB,KAAK,CAACC,wBAAwB,CAAC;IAElC,OAAO;MACLC,SAAS,EAAET,UAAU,CAACS,SAAS;MAC/BC,cAAc,EAAEV,UAAU,CAACW,YAAY;MACvCC,mBAAmB,EAAEZ,UAAU,CAACa,iBAAiB;MACjDC,GAAG,EAAEd,UAAU,CAACc;IAClB,CAAC;EACH,CAAC;AACH;AAEA,MAAMN,wBAAwB,GAAIO,CAAU,IAAK;EAC/ChD,MAAM,CAACiD,GAAG,CAAChD,QAAQ,CAACiD,KAAK,EAAG,iCAAgCF,CAAE,EAAC,CAAC;EAEhE,IAAI,EAAEA,CAAC,YAAYjD,4BAA4B,CAAC,EAAE;IAChD,MAAMiD,CAAC;EACT;EAEA,MAAM,IAAI5C,oBAAoB,CAACF,mBAAmB,CAAC,CAChDiD,MAAM,CAAC,GAAG,EAAE;IACXC,IAAI,EAAEjD,wBAAwB,CAACkD,8BAA8B;IAC7DC,OAAO,EAAE;EACX,CAAC,CAAC,CACDC,SAAS,CAACP,CAAC,CAAC;AACjB,CAAC"}
package/lib/module/credential/issuance/mrtd-pop/03-validate-challenge.js CHANGED
@@ -1,53 +1,64 @@
1
1
  import { SignJWT } from "@pagopa/io-react-native-jwt";
2
- import { fetchMrtdPopVerify } from "@pagopa/io-wallet-oauth2";
3
- import { v4 as uuidv4 } from "uuid";
4
- import { createPopToken } from "../../../utils/pop";
5
- import * as WalletInstanceAttestation from "../../../wallet-instance-attestation/v1.0.0/utils"; // TODO: decouple from 1.0.0 version
2
+ import { createClientAttestationPopJwt, fetchMrtdPopVerify } from "@pagopa/io-wallet-oauth2";
6
3
  import { sdkUnexpectedStatusCodeToIssuerError } from "../../../utils/errors";
7
- import { partialCallbacks } from "../../../utils/callbacks";
8
- export const validateChallenge = async (issuerConf, verifyUrl, mrtd_auth_session, mrtd_pop_nonce, mrtd, ias, context) => {
9
- const {
10
- appFetch = fetch,
11
- walletInstanceAttestation,
12
- wiaCryptoContext
13
- } = context;
14
- const aud = issuerConf.credential_issuer;
15
- const iss = WalletInstanceAttestation.decode(walletInstanceAttestation).payload.cnf.jwk.kid;
16
- const signedWiaPoP = await createPopToken({
17
- jti: uuidv4(),
18
- aud,
19
- iss
20
- }, wiaCryptoContext);
21
- const {
22
- kid
23
- } = await wiaCryptoContext.getPublicKey();
24
- const mrtdValidationJwt = await new SignJWT(wiaCryptoContext).setProtectedHeader({
25
- typ: "mrtd-ias+jwt",
26
- kid
27
- }).setPayload({
28
- iss,
29
- aud,
30
- document_type: "cie",
31
- mrtd,
32
- ias
33
- }).setIssuedAt().setExpirationTime("5m").sign();
34
- const verifyResult = await fetchMrtdPopVerify({
35
- popVerifyEndpoint: verifyUrl,
36
- mrtdAuthSession: mrtd_auth_session,
37
- mrtdPopNonce: mrtd_pop_nonce,
38
- clientAttestationDPoP: signedWiaPoP,
39
- mrtdValidationJwt,
40
- walletAttestation: walletInstanceAttestation,
41
- callbacks: {
42
- fetch: appFetch,
43
- ...partialCallbacks
44
- }
45
- }).catch(sdkUnexpectedStatusCodeToIssuerError);
46
- return {
47
- redirect_uri: verifyResult.redirectUri,
48
- mrtd_val_pop_nonce: verifyResult.mrtdValPopNonce
4
+ import { createSignJwtFromCryptoContext, partialCallbacks } from "../../../utils/callbacks";
5
+ /**
6
+ * Factory function to create `validateChallenge` for MRTD PoP flow.
7
+ * The factory is needed to inject version specific SDK configuration.
8
+ * @param config Configuration object containing the IO Wallet SDK configuration
9
+ * @returns `validateChallenge` function compliant with the public API
10
+ */
11
+ export function createValidateChallenge(config) {
12
+ return async function validateChallenge(issuerConf, verifyUrl, mrtd_auth_session, mrtd_pop_nonce, mrtd, ias, context) {
13
+ const {
14
+ appFetch = fetch,
15
+ walletInstanceAttestation,
16
+ wiaCryptoContext
17
+ } = context;
18
+ const aud = issuerConf.credential_issuer;
19
+ const wiaPublicJwk = await wiaCryptoContext.getPublicKey();
20
+ const clientAttestationDPoP = await createClientAttestationPopJwt({
21
+ config: config.sdkConfig,
22
+ callbacks: {
23
+ generateRandom: partialCallbacks.generateRandom,
24
+ signJwt: createSignJwtFromCryptoContext(wiaCryptoContext)
25
+ },
26
+ clientAttestation: walletInstanceAttestation,
27
+ authorizationServer: aud,
28
+ signer: {
29
+ method: "jwk",
30
+ alg: "ES256",
31
+ publicJwk: wiaPublicJwk
32
+ }
33
+ });
34
+ const mrtdValidationJwt = await new SignJWT(wiaCryptoContext).setProtectedHeader({
35
+ typ: "mrtd-ias+jwt",
36
+ kid: wiaPublicJwk.kid
37
+ }).setPayload({
38
+ iss: wiaPublicJwk.kid,
39
+ aud,
40
+ document_type: "cie",
41
+ mrtd,
42
+ ias
43
+ }).setIssuedAt().setExpirationTime("5m").sign();
44
+ const verifyResult = await fetchMrtdPopVerify({
45
+ popVerifyEndpoint: verifyUrl,
46
+ mrtdAuthSession: mrtd_auth_session,
47
+ mrtdPopNonce: mrtd_pop_nonce,
48
+ clientAttestationDPoP,
49
+ mrtdValidationJwt,
50
+ walletAttestation: walletInstanceAttestation,
51
+ callbacks: {
52
+ fetch: appFetch,
53
+ ...partialCallbacks
54
+ }
55
+ }).catch(sdkUnexpectedStatusCodeToIssuerError);
56
+ return {
57
+ redirect_uri: verifyResult.redirectUri,
58
+ mrtd_val_pop_nonce: verifyResult.mrtdValPopNonce
59
+ };
49
60
  };
50
- };
61
+ }
51
62
  export const buildChallengeCallbackUrl = async (redirectUri, valPopNonce, authSession) => {
52
63
  const params = new URLSearchParams({
53
64
  mrtd_val_pop_nonce: valPopNonce,
package/lib/module/credential/issuance/mrtd-pop/03-validate-challenge.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["SignJWT","fetchMrtdPopVerify","v4","uuidv4","createPopToken","WalletInstanceAttestation","sdkUnexpectedStatusCodeToIssuerError","partialCallbacks","validateChallenge","issuerConf","verifyUrl","mrtd_auth_session","mrtd_pop_nonce","mrtd","ias","context","appFetch","fetch","walletInstanceAttestation","wiaCryptoContext","aud","credential_issuer","iss","decode","payload","cnf","jwk","kid","signedWiaPoP","jti","getPublicKey","mrtdValidationJwt","setProtectedHeader","typ","setPayload","document_type","setIssuedAt","setExpirationTime","sign","verifyResult","popVerifyEndpoint","mrtdAuthSession","mrtdPopNonce","clientAttestationDPoP","walletAttestation","callbacks","catch","redirect_uri","redirectUri","mrtd_val_pop_nonce","mrtdValPopNonce","buildChallengeCallbackUrl","valPopNonce","authSession","params","URLSearchParams","callbackUrl"],"sourceRoot":"../../../../../src","sources":["credential/issuance/mrtd-pop/03-validate-challenge.ts"],"mappings":"AAAA,SAASA,OAAO,QAAQ,6BAA6B;AACrD,SAASC,kBAAkB,QAAQ,0BAA0B;AAC7D,SAASC,EAAE,IAAIC,MAAM,QAAQ,MAAM;AACnC,SAASC,cAAc,QAAQ,oBAAoB;AACnD,OAAO,KAAKC,yBAAyB,MAAM,mDAAmD,CAAC,CAAC;AAChG,SAASC,oCAAoC,QAAQ,uBAAuB;AAC5E,SAASC,gBAAgB,QAAQ,0BAA0B;AAG3D,OAAO,MAAMC,iBAAkD,GAAG,MAAAA,CAChEC,UAAU,EACVC,SAAS,EACTC,iBAAiB,EACjBC,cAAc,EACdC,IAAI,EACJC,GAAG,EACHC,OAAO,KACJ;EACH,MAAM;IACJC,QAAQ,GAAGC,KAAK;IAChBC,yBAAyB;IACzBC;EACF,CAAC,GAAGJ,OAAO;EAEX,MAAMK,GAAG,GAAGX,UAAU,CAACY,iBAAiB;EACxC,MAAMC,GAAG,GAAGjB,yBAAyB,CAACkB,MAAM,CAACL,yBAAyB,CAAC,CACpEM,OAAO,CAACC,GAAG,CAACC,GAAG,CAACC,GAAG;EAEtB,MAAMC,YAAY,GAAG,MAAMxB,cAAc,CACvC;IACEyB,GAAG,EAAE1B,MAAM,CAAC,CAAC;IACbiB,GAAG;IACHE;EACF,CAAC,EACDH,gBACF,CAAC;EAED,MAAM;IAAEQ;EAAI,CAAC,GAAG,MAAMR,gBAAgB,CAACW,YAAY,CAAC,CAAC;EAErD,MAAMC,iBAAiB,GAAG,MAAM,IAAI/B,OAAO,CAACmB,gBAAgB,CAAC,CAC1Da,kBAAkB,CAAC;IAClBC,GAAG,EAAE,cAAc;IACnBN;EACF,CAAC,CAAC,CACDO,UAAU,CAAC;IACVZ,GAAG;IACHF,GAAG;IACHe,aAAa,EAAE,KAAK;IACpBtB,IAAI;IACJC;EACF,CAAC,CAAC,CACDsB,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,IAAI,CAAC,CAAC;EAET,MAAMC,YAAY,GAAG,MAAMtC,kBAAkB,CAAC;IAC5CuC,iBAAiB,EAAE9B,SAAS;IAC5B+B,eAAe,EAAE9B,iBAAiB;IAClC+B,YAAY,EAAE9B,cAAc;IAC5B+B,qBAAqB,EAAEf,YAAY;IACnCG,iBAAiB;IACjBa,iBAAiB,EAAE1B,yBAAyB;IAC5C2B,SAAS,EAAE;MACT5B,KAAK,EAAED,QAAQ;MACf,GAAGT;IACL;EACF,CAAC,CAAC,CAACuC,KAAK,CAACxC,oCAAoC,CAAC;EAE9C,OAAO;IACLyC,YAAY,EAAER,YAAY,CAACS,WAAW;IACtCC,kBAAkB,EAAEV,YAAY,CAACW;EACnC,CAAC;AACH,CAAC;AAED,OAAO,MAAMC,yBAAkE,GAC7E,MAAAA,CAAOH,WAAW,EAAEI,WAAW,EAAEC,WAAW,KAAK;EAC/C,MAAMC,MAAM,GAAG,IAAIC,eAAe,CAAC;IACjCN,kBAAkB,EAAEG,WAAW;IAC/BzC,iBAAiB,EAAE0C;EACrB,CAAC,CAAC;EAEF,MAAMG,WAAW,GAAI,GAAER,WAAY,IAAGM,MAAO,EAAC;EAC9C,OAAO;IAAEE;EAAY,CAAC;AACxB,CAAC"}
1
+ {"version":3,"names":["SignJWT","createClientAttestationPopJwt","fetchMrtdPopVerify","sdkUnexpectedStatusCodeToIssuerError","createSignJwtFromCryptoContext","partialCallbacks","createValidateChallenge","config","validateChallenge","issuerConf","verifyUrl","mrtd_auth_session","mrtd_pop_nonce","mrtd","ias","context","appFetch","fetch","walletInstanceAttestation","wiaCryptoContext","aud","credential_issuer","wiaPublicJwk","getPublicKey","clientAttestationDPoP","sdkConfig","callbacks","generateRandom","signJwt","clientAttestation","authorizationServer","signer","method","alg","publicJwk","mrtdValidationJwt","setProtectedHeader","typ","kid","setPayload","iss","document_type","setIssuedAt","setExpirationTime","sign","verifyResult","popVerifyEndpoint","mrtdAuthSession","mrtdPopNonce","walletAttestation","catch","redirect_uri","redirectUri","mrtd_val_pop_nonce","mrtdValPopNonce","buildChallengeCallbackUrl","valPopNonce","authSession","params","URLSearchParams","callbackUrl"],"sourceRoot":"../../../../../src","sources":["credential/issuance/mrtd-pop/03-validate-challenge.ts"],"mappings":"AAAA,SAASA,OAAO,QAAQ,6BAA6B;AACrD,SACEC,6BAA6B,EAC7BC,kBAAkB,QACb,0BAA0B;AAEjC,SAASC,oCAAoC,QAAQ,uBAAuB;AAC5E,SACEC,8BAA8B,EAC9BC,gBAAgB,QACX,0BAA0B;AAOjC;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,SAASC,uBAAuBA,CACrCC,MAAc,EACmB;EACjC,OAAO,eAAeC,iBAAiBA,CACrCC,UAAU,EACVC,SAAS,EACTC,iBAAiB,EACjBC,cAAc,EACdC,IAAI,EACJC,GAAG,EACHC,OAAO,EACP;IACA,MAAM;MACJC,QAAQ,GAAGC,KAAK;MAChBC,yBAAyB;MACzBC;IACF,CAAC,GAAGJ,OAAO;IAEX,MAAMK,GAAG,GAAGX,UAAU,CAACY,iBAAiB;IAExC,MAAMC,YAAY,GAAG,MAAMH,gBAAgB,CAACI,YAAY,CAAC,CAAC;IAE1D,MAAMC,qBAAqB,GAAG,MAAMvB,6BAA6B,CAAC;MAChEM,MAAM,EAAEA,MAAM,CAACkB,SAAS;MACxBC,SAAS,EAAE;QACTC,cAAc,EAAEtB,gBAAgB,CAACsB,cAAc;QAC/CC,OAAO,EAAExB,8BAA8B,CAACe,gBAAgB;MAC1D,CAAC;MACDU,iBAAiB,EAAEX,yBAAyB;MAC5CY,mBAAmB,EAAEV,GAAG;MACxBW,MAAM,EAAE;QACNC,MAAM,EAAE,KAAK;QACbC,GAAG,EAAE,OAAO;QACZC,SAAS,EAAEZ;MACb;IACF,CAAC,CAAC;IAEF,MAAMa,iBAAiB,GAAG,MAAM,IAAInC,OAAO,CAACmB,gBAAgB,CAAC,CAC1DiB,kBAAkB,CAAC;MAClBC,GAAG,EAAE,cAAc;MACnBC,GAAG,EAAEhB,YAAY,CAACgB;IACpB,CAAC,CAAC,CACDC,UAAU,CAAC;MACVC,GAAG,EAAElB,YAAY,CAACgB,GAAG;MACrBlB,GAAG;MACHqB,aAAa,EAAE,KAAK;MACpB5B,IAAI;MACJC;IACF,CAAC,CAAC,CACD4B,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,IAAI,CAAC,CAAC;IAET,MAAMC,YAAY,GAAG,MAAM3C,kBAAkB,CAAC;MAC5C4C,iBAAiB,EAAEpC,SAAS;MAC5BqC,eAAe,EAAEpC,iBAAiB;MAClCqC,YAAY,EAAEpC,cAAc;MAC5BY,qBAAqB;MACrBW,iBAAiB;MACjBc,iBAAiB,EAAE/B,yBAAyB;MAC5CQ,SAAS,EAAE;QACTT,KAAK,EAAED,QAAQ;QACf,GAAGX;MACL;IACF,CAAC,CAAC,CAAC6C,KAAK,CAAC/C,oCAAoC,CAAC;IAE9C,OAAO;MACLgD,YAAY,EAAEN,YAAY,CAACO,WAAW;MACtCC,kBAAkB,EAAER,YAAY,CAACS;IACnC,CAAC;EACH,CAAC;AACH;AAEA,OAAO,MAAMC,yBAAkE,GAC7E,MAAAA,CAAOH,WAAW,EAAEI,WAAW,EAAEC,WAAW,KAAK;EAC/C,MAAMC,MAAM,GAAG,IAAIC,eAAe,CAAC;IACjCN,kBAAkB,EAAEG,WAAW;IAC/B7C,iBAAiB,EAAE8C;EACrB,CAAC,CAAC;EAEF,MAAMG,WAAW,GAAI,GAAER,WAAY,IAAGM,MAAO,EAAC;EAC9C,OAAO;IAAEE;EAAY,CAAC;AACxB,CAAC"}
package/lib/module/credential/issuance/mrtd-pop/index.js CHANGED
@@ -1,10 +1,25 @@
1
+ import { sdkConfigV1_0, sdkConfigV1_3 } from "../../../utils/config";
1
2
  import { verifyAndParseChallengeInfo } from "./01-verify-and-parse-challenge-info";
2
- import { initChallenge } from "./02-init-challenge";
3
- import { validateChallenge, buildChallengeCallbackUrl } from "./03-validate-challenge";
4
- export const MRTDPoP = {
3
+ import { createInitChallenge } from "./02-init-challenge";
4
+ import { createValidateChallenge, buildChallengeCallbackUrl } from "./03-validate-challenge";
5
+ export const MRTDPoPv1_0 = {
5
6
  verifyAndParseChallengeInfo,
6
- initChallenge,
7
- validateChallenge,
7
+ initChallenge: createInitChallenge({
8
+ sdkConfig: sdkConfigV1_0
9
+ }),
10
+ validateChallenge: createValidateChallenge({
11
+ sdkConfig: sdkConfigV1_0
12
+ }),
13
+ buildChallengeCallbackUrl
14
+ };
15
+ export const MRTDPoPv1_3 = {
16
+ verifyAndParseChallengeInfo,
17
+ initChallenge: createInitChallenge({
18
+ sdkConfig: sdkConfigV1_3
19
+ }),
20
+ validateChallenge: createValidateChallenge({
21
+ sdkConfig: sdkConfigV1_3
22
+ }),
8
23
  buildChallengeCallbackUrl
9
24
  };
10
25
  //# sourceMappingURL=index.js.map
package/lib/module/credential/issuance/mrtd-pop/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["verifyAndParseChallengeInfo","initChallenge","validateChallenge","buildChallengeCallbackUrl","MRTDPoP"],"sourceRoot":"../../../../../src","sources":["credential/issuance/mrtd-pop/index.ts"],"mappings":"AACA,SAASA,2BAA2B,QAAQ,sCAAsC;AAClF,SAASC,aAAa,QAAQ,qBAAqB;AACnD,SACEC,iBAAiB,EACjBC,yBAAyB,QACpB,yBAAyB;AAEhC,OAAO,MAAMC,OAAmB,GAAG;EACjCJ,2BAA2B;EAC3BC,aAAa;EACbC,iBAAiB;EACjBC;AACF,CAAC"}
1
+ {"version":3,"names":["sdkConfigV1_0","sdkConfigV1_3","verifyAndParseChallengeInfo","createInitChallenge","createValidateChallenge","buildChallengeCallbackUrl","MRTDPoPv1_0","initChallenge","sdkConfig","validateChallenge","MRTDPoPv1_3"],"sourceRoot":"../../../../../src","sources":["credential/issuance/mrtd-pop/index.ts"],"mappings":"AAAA,SAASA,aAAa,EAAEC,aAAa,QAAQ,uBAAuB;AAEpE,SAASC,2BAA2B,QAAQ,sCAAsC;AAClF,SAASC,mBAAmB,QAAQ,qBAAqB;AACzD,SACEC,uBAAuB,EACvBC,yBAAyB,QACpB,yBAAyB;AAEhC,OAAO,MAAMC,WAAuB,GAAG;EACrCJ,2BAA2B;EAC3BK,aAAa,EAAEJ,mBAAmB,CAAC;IAAEK,SAAS,EAAER;EAAc,CAAC,CAAC;EAChES,iBAAiB,EAAEL,uBAAuB,CAAC;IAAEI,SAAS,EAAER;EAAc,CAAC,CAAC;EACxEK;AACF,CAAC;AAED,OAAO,MAAMK,WAAuB,GAAG;EACrCR,2BAA2B;EAC3BK,aAAa,EAAEJ,mBAAmB,CAAC;IAAEK,SAAS,EAAEP;EAAc,CAAC,CAAC;EAChEQ,iBAAiB,EAAEL,uBAAuB,CAAC;IAAEI,SAAS,EAAEP;EAAc,CAAC,CAAC;EACxEI;AACF,CAAC"}
package/lib/module/credential/issuance/v1.0.0/02-start-user-authorization.js CHANGED
@@ -2,7 +2,7 @@ import { generateRandomAlphaNumericString } from "../../../utils/misc";
2
2
  import { makeParRequest } from "../../../utils/par";
3
3
  import { LogLevel, Logger } from "../../../utils/logging";
4
4
  import { IoWalletError } from "../../../utils/errors";
5
- import { selectCredentialDefinition, selectResponseMode } from "../common/authorization";
5
+ import { selectCredentialDefinition, selectResponseMode } from "../common/02-start-user-authorization";
6
6
  export const startUserAuthorization = async (issuerConf, credentialIds, proof, ctx) => {
7
7
  const {
8
8
  wiaCryptoContext,
@@ -50,7 +50,8 @@ export const startUserAuthorization = async (issuerConf, credentialIds, proof, c
50
50
  issuerRequestUri,
51
51
  clientId,
52
52
  codeVerifier,
53
- credentialDefinition
53
+ credentialDefinition,
54
+ responseMode
54
55
  };
55
56
  };
56
57
  //# sourceMappingURL=02-start-user-authorization.js.map
package/lib/module/credential/issuance/v1.0.0/02-start-user-authorization.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["generateRandomAlphaNumericString","makeParRequest","LogLevel","Logger","IoWalletError","selectCredentialDefinition","selectResponseMode","startUserAuthorization","issuerConf","credentialIds","proof","ctx","wiaCryptoContext","walletInstanceAttestation","redirectUri","appFetch","fetch","clientId","getPublicKey","then","_","kid","log","ERROR","codeVerifier","parEndpoint","pushed_authorization_request_endpoint","aud","credential_issuer","responseMode","getPar","credentialDefinition","map","c","proofType","push","type","idphinting","idpHinting","challenge_method","challenge_redirect_uri","issuerRequestUri","authorizationDetails"],"sourceRoot":"../../../../../src","sources":["credential/issuance/v1.0.0/02-start-user-authorization.ts"],"mappings":"AAAA,SAASA,gCAAgC,QAAQ,qBAAqB;AACtE,SAASC,cAAc,QAAQ,oBAAoB;AACnD,SAASC,QAAQ,EAAEC,MAAM,QAAQ,wBAAwB;AACzD,SAASC,aAAa,QAAQ,uBAAuB;AAErD,SACEC,0BAA0B,EAC1BC,kBAAkB,QACb,yBAAyB;AAEhC,OAAO,MAAMC,sBAA6D,GACxE,MAAAA,CAAOC,UAAU,EAAEC,aAAa,EAAEC,KAAK,EAAEC,GAAG,KAAK;EAC/C,MAAM;IACJC,gBAAgB;IAChBC,yBAAyB;IACzBC,WAAW;IACXC,QAAQ,GAAGC;EACb,CAAC,GAAGL,GAAG;EAEP,MAAMM,QAAQ,GAAG,MAAML,gBAAgB,CAACM,YAAY,CAAC,CAAC,CAACC,IAAI,CAAEC,CAAC,IAAKA,CAAC,CAACC,GAAG,CAAC;EAEzE,IAAI,CAACJ,QAAQ,EAAE;IACbd,MAAM,CAACmB,GAAG,CACRpB,QAAQ,CAACqB,KAAK,EACb,kCAAiCN,QAAS,0BAC7C,CAAC;IACD,MAAM,IAAIb,aAAa,CAAC,qBAAqB,CAAC;EAChD;EACA,MAAMoB,YAAY,GAAGxB,gCAAgC,CAAC,EAAE,CAAC;EACzD,MAAMyB,WAAW,GAAGjB,UAAU,CAACkB,qCAAqC;EACpE,MAAMC,GAAG,GAAGnB,UAAU,CAACoB,iBAAiB;EACxC,MAAMC,YAAY,GAAGvB,kBAAkB,CAACE,UAAU,EAAEC,aAAa,CAAC;EAClE,MAAMqB,MAAM,GAAG7B,cAAc,CAAC;IAAEW,gBAAgB;IAAEG;EAAS,CAAC,CAAC;EAE7D,MAAMgB,oBAAoB,GAAGtB,aAAa,CAACuB,GAAG,CAAEC,CAAC,IAC/C5B,0BAA0B,CAACG,UAAU,EAAEyB,CAAC,CAC1C,CAAC;EAED,IAAIvB,KAAK,CAACwB,SAAS,KAAK,UAAU,EAAE;IAClC;AACN;AACA;AACA;AACA;AACA;IACMH,oBAAoB,CAACI,IAAI,CAAC;MACxBC,IAAI,EAAE,sBAAsB;MAC5BC,UAAU,EAAE3B,KAAK,CAAC4B,UAAU;MAC5BC,gBAAgB,EAAE,UAAU;MAC5BC,sBAAsB,EAAE1B;IAC1B,CAAC,CAAC;EACJ;EAEA,MAAM2B,gBAAgB,GAAG,MAAMX,MAAM,CACnCL,WAAW,EACXZ,yBAAyB,EACzB;IACEc,GAAG;IACHV,QAAQ;IACRO,YAAY;IACZV,WAAW;IACXe,YAAY;IACZa,oBAAoB,EAAEX;EACxB,CACF,CAAC;EAED,OAAO;IAAEU,gBAAgB;IAAExB,QAAQ;IAAEO,YAAY;IAAEO;EAAqB,CAAC;AAC3E,CAAC"}
1
+ {"version":3,"names":["generateRandomAlphaNumericString","makeParRequest","LogLevel","Logger","IoWalletError","selectCredentialDefinition","selectResponseMode","startUserAuthorization","issuerConf","credentialIds","proof","ctx","wiaCryptoContext","walletInstanceAttestation","redirectUri","appFetch","fetch","clientId","getPublicKey","then","_","kid","log","ERROR","codeVerifier","parEndpoint","pushed_authorization_request_endpoint","aud","credential_issuer","responseMode","getPar","credentialDefinition","map","c","proofType","push","type","idphinting","idpHinting","challenge_method","challenge_redirect_uri","issuerRequestUri","authorizationDetails"],"sourceRoot":"../../../../../src","sources":["credential/issuance/v1.0.0/02-start-user-authorization.ts"],"mappings":"AAAA,SAASA,gCAAgC,QAAQ,qBAAqB;AACtE,SAASC,cAAc,QAAQ,oBAAoB;AACnD,SAASC,QAAQ,EAAEC,MAAM,QAAQ,wBAAwB;AACzD,SAASC,aAAa,QAAQ,uBAAuB;AAErD,SACEC,0BAA0B,EAC1BC,kBAAkB,QACb,uCAAuC;AAE9C,OAAO,MAAMC,sBAA6D,GACxE,MAAAA,CAAOC,UAAU,EAAEC,aAAa,EAAEC,KAAK,EAAEC,GAAG,KAAK;EAC/C,MAAM;IACJC,gBAAgB;IAChBC,yBAAyB;IACzBC,WAAW;IACXC,QAAQ,GAAGC;EACb,CAAC,GAAGL,GAAG;EAEP,MAAMM,QAAQ,GAAG,MAAML,gBAAgB,CAACM,YAAY,CAAC,CAAC,CAACC,IAAI,CAAEC,CAAC,IAAKA,CAAC,CAACC,GAAG,CAAC;EAEzE,IAAI,CAACJ,QAAQ,EAAE;IACbd,MAAM,CAACmB,GAAG,CACRpB,QAAQ,CAACqB,KAAK,EACb,kCAAiCN,QAAS,0BAC7C,CAAC;IACD,MAAM,IAAIb,aAAa,CAAC,qBAAqB,CAAC;EAChD;EACA,MAAMoB,YAAY,GAAGxB,gCAAgC,CAAC,EAAE,CAAC;EACzD,MAAMyB,WAAW,GAAGjB,UAAU,CAACkB,qCAAqC;EACpE,MAAMC,GAAG,GAAGnB,UAAU,CAACoB,iBAAiB;EACxC,MAAMC,YAAY,GAAGvB,kBAAkB,CAACE,UAAU,EAAEC,aAAa,CAAC;EAClE,MAAMqB,MAAM,GAAG7B,cAAc,CAAC;IAAEW,gBAAgB;IAAEG;EAAS,CAAC,CAAC;EAE7D,MAAMgB,oBAAoB,GAAGtB,aAAa,CAACuB,GAAG,CAAEC,CAAC,IAC/C5B,0BAA0B,CAACG,UAAU,EAAEyB,CAAC,CAC1C,CAAC;EAED,IAAIvB,KAAK,CAACwB,SAAS,KAAK,UAAU,EAAE;IAClC;AACN;AACA;AACA;AACA;AACA;IACMH,oBAAoB,CAACI,IAAI,CAAC;MACxBC,IAAI,EAAE,sBAAsB;MAC5BC,UAAU,EAAE3B,KAAK,CAAC4B,UAAU;MAC5BC,gBAAgB,EAAE,UAAU;MAC5BC,sBAAsB,EAAE1B;IAC1B,CAAC,CAAC;EACJ;EAEA,MAAM2B,gBAAgB,GAAG,MAAMX,MAAM,CACnCL,WAAW,EACXZ,yBAAyB,EACzB;IACEc,GAAG;IACHV,QAAQ;IACRO,YAAY;IACZV,WAAW;IACXe,YAAY;IACZa,oBAAoB,EAAEX;EACxB,CACF,CAAC;EAED,OAAO;IACLU,gBAAgB;IAChBxB,QAAQ;IACRO,YAAY;IACZO,oBAAoB;IACpBF;EACF,CAAC;AACH,CAAC"}
package/lib/module/credential/issuance/v1.0.0/03-complete-user-authorization.js CHANGED
@@ -1,7 +1,7 @@
1
1
  import { AuthorizationChallengeResultShape, AuthorizationErrorShape, AuthorizationResultShape } from "../../../utils/auth";
2
2
  import { hasStatusOrThrow } from "../../../utils/misc";
3
3
  import parseUrl from "parse-url";
4
- import { IssuerResponseError, ValidationFailed } from "../../../utils/errors";
4
+ import { IssuerResponseError, UnimplementedFeatureError, ValidationFailed } from "../../../utils/errors";
5
5
  import { decode, SignJWT } from "@pagopa/io-react-native-jwt";
6
6
  import { ResponseUriResultShape } from "./types";
7
7
  import { getJwtFromFormPost } from "../../../utils/decoder";
@@ -39,11 +39,14 @@ export const buildAuthorizationUrl = async (issuerRequestUri, clientId, issuerCo
39
39
  authUrl
40
40
  };
41
41
  };
42
- export const completeUserAuthorizationWithQueryMode = async authRedirectUrl => {
42
+ export const completePidUserAuthorizationWithQueryMode = async authRedirectUrl => {
43
43
  Logger.log(LogLevel.DEBUG, `The requested credential is a PersonIdentificationData, completing the user authorization with query mode`);
44
44
  const query = parseUrl(authRedirectUrl).query;
45
45
  return parseAuthorizationResponse(query);
46
46
  };
47
+ export const completeEaaUserAuthorizationWithQueryMode = () => {
48
+ throw new UnimplementedFeatureError("completeEaaUserAuthorizationWithQueryMode", "1.0.0");
49
+ };
47
50
  export const getRequestedCredentialToBePresented = async function (issuerRequestUri, clientId, issuerConf) {
48
51
  let appFetch = arguments.length > 3 && arguments[3] !== undefined ? arguments[3] : fetch;
49
52
  Logger.log(LogLevel.DEBUG, `The requeste credential is not a PersonIdentificationData, requesting the credential to be presented`);
@@ -71,11 +74,10 @@ export const getRequestedCredentialToBePresented = async function (issuerRequest
71
74
  export const completeUserAuthorizationWithFormPostJwtMode = async (requestObject, _issuerConfig, pid, _ref) => {
72
75
  let {
73
76
  wiaCryptoContext,
74
- pidKeyTag,
75
77
  appFetch = fetch
76
78
  } = _ref;
77
79
  Logger.log(LogLevel.DEBUG, `The requeste credential is not a PersonIdentificationData, completing the user authorization with form_post.jwt mode`);
78
- const dcqlQueryResult = await RemotePresentationFlow.evaluateDcqlQuery(requestObject.dcql_query, [[pidKeyTag, pid]]);
80
+ const dcqlQueryResult = await RemotePresentationFlow.evaluateDcqlQuery(requestObject.dcql_query, [pid]);
79
81
  const authRequestObject = {
80
82
  nonce: requestObject.nonce,
81
83
  clientId: requestObject.client_id,
package/lib/module/credential/issuance/v1.0.0/03-complete-user-authorization.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["AuthorizationChallengeResultShape","AuthorizationErrorShape","AuthorizationResultShape","hasStatusOrThrow","parseUrl","IssuerResponseError","ValidationFailed","decode","SignJWT","ResponseUriResultShape","getJwtFromFormPost","AuthorizationError","AuthorizationIdpError","LogLevel","Logger","RawRequestObject","RemotePresentation","RemotePresentationFlow","continueUserAuthorizationWithMRTDPoPChallenge","authRedirectUrl","log","DEBUG","query","authResParsed","safeParse","success","authErr","ERROR","error","message","JSON","stringify","data","error_description","buildAuthorizationUrl","issuerRequestUri","clientId","issuerConf","idpHint","authzRequestEndpoint","authorization_endpoint","params","URLSearchParams","client_id","request_uri","append","authUrl","completeUserAuthorizationWithQueryMode","parseAuthorizationResponse","getRequestedCredentialToBePresented","appFetch","arguments","length","undefined","fetch","toString","requestObject","method","then","res","text","jws","reqObj","header","protectedHeader","payload","reason","completeUserAuthorizationWithFormPostJwtMode","_issuerConfig","pid","_ref","wiaCryptoContext","pidKeyTag","dcqlQueryResult","evaluateDcqlQuery","dcql_query","authRequestObject","nonce","responseUri","response_uri","remotePresentation","prepareRemotePresentations","authzResponsePayload","createAuthzResponsePayload","state","body","response","resUriRes","headers","reqUri","json","redirect_uri","cbRes","decodedJwt","authRes","_ref2","kid","getPublicKey","setProtectedHeader","typ","setPayload","vp_token","presentations","reduce","_ref3","credentialId","vpToken","setIssuedAt","setExpirationTime","sign"],"sourceRoot":"../../../../../src","sources":["credential/issuance/v1.0.0/03-complete-user-authorization.ts"],"mappings":"AAAA,SACEA,iCAAiC,EACjCC,uBAAuB,EACvBC,wBAAwB,QAEnB,qBAAqB;AAC5B,SAASC,gBAAgB,QAAQ,qBAAqB;AACtD,OAAOC,QAAQ,MAAM,WAAW;AAEhC,SAASC,mBAAmB,EAAEC,gBAAgB,QAAQ,uBAAuB;AAC7E,SACEC,MAAM,EACNC,OAAO,QAEF,6BAA6B;AACpC,SAASC,sBAAsB,QAAQ,SAAS;AAChD,SAASC,kBAAkB,QAAQ,wBAAwB;AAC3D,SAASC,kBAAkB,EAAEC,qBAAqB,QAAQ,kBAAkB;AAC5E,SAASC,QAAQ,EAAEC,MAAM,QAAQ,wBAAwB;AACzD,SAASC,gBAAgB,QAAQ,iCAAiC;AAClE,SAASC,kBAAkB,IAAIC,sBAAsB,QAAQ,2BAA2B;AAIxF,OAAO,MAAMC,6CAA2G,GACtH,MAAOC,eAAe,IAAK;EACzBL,MAAM,CAACM,GAAG,CACRP,QAAQ,CAACQ,KAAK,EACb,+HACH,CAAC;EACD,MAAMC,KAAK,GAAGlB,QAAQ,CAACe,eAAe,CAAC,CAACG,KAAK;EAE7C,MAAMC,aAAa,GAAGvB,iCAAiC,CAACwB,SAAS,CAACF,KAAK,CAAC;EACxE,IAAI,CAACC,aAAa,CAACE,OAAO,EAAE;IAC1B,MAAMC,OAAO,GAAGzB,uBAAuB,CAACuB,SAAS,CAACF,KAAK,CAAC;IACxD,IAAI,CAACI,OAAO,CAACD,OAAO,EAAE;MACpBX,MAAM,CAACM,GAAG,CACRP,QAAQ,CAACc,KAAK,EACb,mDAAkDJ,aAAa,CAACK,KAAK,CAACC,OAAQ,EACjF,CAAC;MACD,MAAM,IAAIlB,kBAAkB,CAACY,aAAa,CAACK,KAAK,CAACC,OAAO,CAAC,CAAC,CAAC;IAC7D;;IACAf,MAAM,CAACM,GAAG,CACRP,QAAQ,CAACc,KAAK,EACb,2CAA0CG,IAAI,CAACC,SAAS,CAACL,OAAO,CAAE,EACrE,CAAC;IACD,MAAM,IAAId,qBAAqB,CAC7Bc,OAAO,CAACM,IAAI,CAACJ,KAAK,EAClBF,OAAO,CAACM,IAAI,CAACC,iBACf,CAAC;EACH;EACA,OAAOV,aAAa,CAACS,IAAI;AAC3B,CAAC;AAEH,OAAO,MAAME,qBAA2D,GACtE,MAAAA,CAAOC,gBAAgB,EAAEC,QAAQ,EAAEC,UAAU,EAAEC,OAAO,KAAK;EACzD,MAAMC,oBAAoB,GAAGF,UAAU,CAACG,sBAAsB;EAE9D,MAAMC,MAAM,GAAG,IAAIC,eAAe,CAAC;IACjCC,SAAS,EAAEP,QAAQ;IACnBQ,WAAW,EAAET;EACf,CAAC,CAAC;EAEF,IAAIG,OAAO,EAAE;IACXG,MAAM,CAACI,MAAM,CAAC,SAAS,EAAEP,OAAO,CAAC;EACnC;EAEA,MAAMQ,OAAO,GAAI,GAAEP,oBAAqB,IAAGE,MAAO,EAAC;EAEnD,OAAO;IAAEK;EAAQ,CAAC;AACpB,CAAC;AAEH,OAAO,MAAMC,sCAA6F,GACxG,MAAO5B,eAAe,IAAK;EACzBL,MAAM,CAACM,GAAG,CACRP,QAAQ,CAACQ,KAAK,EACb,2GACH,CAAC;EACD,MAAMC,KAAK,GAAGlB,QAAQ,CAACe,eAAe,CAAC,CAACG,KAAK;EAE7C,OAAO0B,0BAA0B,CAAC1B,KAAK,CAAC;AAC1C,CAAC;AAEH,OAAO,MAAM2B,mCAAuF,GAClG,eAAAA,CAAOd,gBAAgB,EAAEC,QAAQ,EAAEC,UAAU,EAAuB;EAAA,IAArBa,QAAQ,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAGG,KAAK;EAC7DxC,MAAM,CAACM,GAAG,CACRP,QAAQ,CAACQ,KAAK,EACb,sGACH,CAAC;EACD,MAAMkB,oBAAoB,GAAGF,UAAU,CAACG,sBAAsB;EAC9D,MAAMC,MAAM,GAAG,IAAIC,eAAe,CAAC;IACjCC,SAAS,EAAEP,QAAQ;IACnBQ,WAAW,EAAET;EACf,CAAC,CAAC;EAEFrB,MAAM,CAACM,GAAG,CACRP,QAAQ,CAACQ,KAAK,EACb,oCAAmCkB,oBAAqB,IAAGE,MAAM,CAACc,QAAQ,CAAC,CAAE,EAChF,CAAC;EAED,MAAMC,aAAa,GAAG,MAAMN,QAAQ,CACjC,GAAEX,oBAAqB,IAAGE,MAAM,CAACc,QAAQ,CAAC,CAAE,EAAC,EAC9C;IAAEE,MAAM,EAAE;EAAM,CAClB,CAAC,CACEC,IAAI,CAACvD,gBAAgB,CAAC,GAAG,EAAEE,mBAAmB,CAAC,CAAC,CAChDqD,IAAI,CAAEC,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBF,IAAI,CAAEG,GAAG,IAAKtD,MAAM,CAACsD,GAAG,CAAC,CAAC,CAC1BH,IAAI,CAAEI,MAAM,IACX/C,gBAAgB,CAACS,SAAS,CAAC;IACzBuC,MAAM,EAAED,MAAM,CAACE,eAAe;IAC9BC,OAAO,EAAEH,MAAM,CAACG;EAClB,CAAC,CACH,CAAC;EAEH,IAAI,CAACT,aAAa,CAAC/B,OAAO,EAAE;IAC1BX,MAAM,CAACM,GAAG,CACRP,QAAQ,CAACc,KAAK,EACb,+CAA8C6B,aAAa,CAAC5B,KAAK,CAACC,OAAQ,EAC7E,CAAC;IACD,MAAM,IAAIvB,gBAAgB,CAAC;MACzBuB,OAAO,EAAE,kCAAkC;MAC3CqC,MAAM,EAAEV,aAAa,CAAC5B,KAAK,CAACC;IAC9B,CAAC,CAAC;EACJ;EACA,OAAO2B,aAAa,CAACxB,IAAI,CAACiC,OAAO;AACnC,CAAC;AAEH,OAAO,MAAME,4CAAyG,GACpH,MAAAA,CACEX,aAAa,EACbY,aAAa,EACbC,GAAG,EAAAC,IAAA,KAEA;EAAA,IADH;IAAEC,gBAAgB;IAAEC,SAAS;IAAEtB,QAAQ,GAAGI;EAAM,CAAC,GAAAgB,IAAA;EAEjDxD,MAAM,CAACM,GAAG,CACRP,QAAQ,CAACQ,KAAK,EACb,sHACH,CAAC;EAED,MAAMoD,eAAe,GAAG,MAAMxD,sBAAsB,CAACyD,iBAAiB,CACpElB,aAAa,CAACmB,UAAU,EACxB,CAAC,CAACH,SAAS,EAAEH,GAAG,CAAC,CACnB,CAAC;EAED,MAAMO,iBAAiB,GAAG;IACxBC,KAAK,EAAErB,aAAa,CAACqB,KAAK;IAC1BzC,QAAQ,EAAEoB,aAAa,CAACb,SAAS;IACjCmC,WAAW,EAAEtB,aAAa,CAACuB;EAC7B,CAAC;EAED,MAAMC,kBAAkB,GACtB,MAAM/D,sBAAsB,CAACgE,0BAA0B,CACrDR,eAAe,EACfG,iBACF,CAAC;EAEH,MAAMM,oBAAoB,GAAG,MAAMC,0BAA0B,CAAC;IAC5DC,KAAK,EAAE5B,aAAa,CAAC4B,KAAK;IAC1BJ,kBAAkB;IAClBT;EACF,CAAC,CAAC;EAEFzD,MAAM,CAACM,GAAG,CACRP,QAAQ,CAACQ,KAAK,EACb,2BAA0B6D,oBAAqB,EAClD,CAAC;;EAED;EACA;EACA;EACA;EACA;EACA;EACA;EACA;;EAEA,MAAMG,IAAI,GAAG,IAAI3C,eAAe,CAAC;IAC/B4C,QAAQ,EAAEJ;EACZ,CAAC,CAAC,CAAC3B,QAAQ,CAAC,CAAC;EAEb,MAAMgC,SAAS,GAAG,MAAMrC,QAAQ,CAACM,aAAa,CAACuB,YAAY,EAAE;IAC3DtB,MAAM,EAAE,MAAM;IACd+B,OAAO,EAAE;MACP,cAAc,EAAE;IAClB,CAAC;IACDH;EACF,CAAC,CAAC,CACC3B,IAAI,CAACvD,gBAAgB,CAAC,GAAG,EAAEE,mBAAmB,CAAC,CAAC,CAChDqD,IAAI,CAAE+B,MAAM,IAAKA,MAAM,CAACC,IAAI,CAAC,CAAC,CAAC;EAElC,MAAMZ,WAAW,GAAGrE,sBAAsB,CAACe,SAAS,CAAC+D,SAAS,CAAC;EAC/D,IAAI,CAACT,WAAW,CAACrD,OAAO,EAAE;IACxBX,MAAM,CAACM,GAAG,CACRP,QAAQ,CAACc,KAAK,EACb,4CAA2CmD,WAAW,CAAClD,KAAK,CAACC,OAAQ,EACxE,CAAC;IACD,MAAM,IAAIvB,gBAAgB,CAAC;MACzBuB,OAAO,EAAE,gCAAgC;MACzCqC,MAAM,EAAEY,WAAW,CAAClD,KAAK,CAACC;IAC5B,CAAC,CAAC;EACJ;EAEA,OAAO,MAAMqB,QAAQ,CAAC4B,WAAW,CAAC9C,IAAI,CAAC2D,YAAY,CAAC,CACjDjC,IAAI,CAACvD,gBAAgB,CAAC,GAAG,EAAEE,mBAAmB,CAAC,CAAC,CAChDqD,IAAI,CAAEC,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBF,IAAI,CAAChD,kBAAkB,CAAC,CACxBgD,IAAI,CAAEkC,KAAK,IAAK5C,0BAA0B,CAAC4C,KAAK,CAACC,UAAU,CAAC5B,OAAO,CAAC,CAAC;AAC1E,CAAC;;AAEH;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMjB,0BAA0B,GACrC8C,OAAgB,IACQ;EACxB,MAAMvE,aAAa,GAAGrB,wBAAwB,CAACsB,SAAS,CAACsE,OAAO,CAAC;EACjE,IAAI,CAACvE,aAAa,CAACE,OAAO,EAAE;IAC1B,MAAMC,OAAO,GAAGzB,uBAAuB,CAACuB,SAAS,CAACsE,OAAO,CAAC;IAC1D,IAAI,CAACpE,OAAO,CAACD,OAAO,EAAE;MACpBX,MAAM,CAACM,GAAG,CACRP,QAAQ,CAACc,KAAK,EACb,mDAAkDJ,aAAa,CAACK,KAAK,CAACC,OAAQ,EACjF,CAAC;MACD,MAAM,IAAIlB,kBAAkB,CAACY,aAAa,CAACK,KAAK,CAACC,OAAO,CAAC,CAAC,CAAC;IAC7D;;IACAf,MAAM,CAACM,GAAG,CACRP,QAAQ,CAACc,KAAK,EACb,2CAA0CG,IAAI,CAACC,SAAS,CAACL,OAAO,CAAE,EACrE,CAAC;IACD,MAAM,IAAId,qBAAqB,CAC7Bc,OAAO,CAACM,IAAI,CAACJ,KAAK,EAClBF,OAAO,CAACM,IAAI,CAACC,iBACf,CAAC;EACH;EACA,OAAOV,aAAa,CAACS,IAAI;AAC3B,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMmD,0BAA0B,GAAG,MAAAY,KAAA,IAQZ;EAAA,IARmB;IACxCX,KAAK;IACLJ,kBAAkB;IAClBT;EAKF,CAAC,GAAAwB,KAAA;EACC,MAAM;IAAEC;EAAI,CAAC,GAAG,MAAMzB,gBAAgB,CAAC0B,YAAY,CAAC,CAAC;EAErD,OAAO,IAAIzF,OAAO,CAAC+D,gBAAgB,CAAC,CACjC2B,kBAAkB,CAAC;IAClBC,GAAG,EAAE,KAAK;IACVH;EACF,CAAC,CAAC,CACDI,UAAU,CAAC;IACV;AACN;AACA;AACA;AACA;IACM,IAAIhB,KAAK,GAAG;MAAEA;IAAM,CAAC,GAAG,CAAC,CAAC,CAAC;IAC3BiB,QAAQ,EAAErB,kBAAkB,CAACsB,aAAa,CAACC,MAAM,CAC/C,CAACF,QAAQ,EAAAG,KAAA;MAAA,IAAE;QAAEC,YAAY;QAAEC;MAAQ,CAAC,GAAAF,KAAA;MAAA,OAAM;QACxC,GAAGH,QAAQ;QACX,CAACI,YAAY,GAAGC;MAClB,CAAC;IAAA,CAAC,EACF,CAAC,CACH;EACF,CAAC,CAAC,CACDC,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,IAAI,CAAC,CAAC;AACX,CAAC"}
1
+ {"version":3,"names":["AuthorizationChallengeResultShape","AuthorizationErrorShape","AuthorizationResultShape","hasStatusOrThrow","parseUrl","IssuerResponseError","UnimplementedFeatureError","ValidationFailed","decode","SignJWT","ResponseUriResultShape","getJwtFromFormPost","AuthorizationError","AuthorizationIdpError","LogLevel","Logger","RawRequestObject","RemotePresentation","RemotePresentationFlow","continueUserAuthorizationWithMRTDPoPChallenge","authRedirectUrl","log","DEBUG","query","authResParsed","safeParse","success","authErr","ERROR","error","message","JSON","stringify","data","error_description","buildAuthorizationUrl","issuerRequestUri","clientId","issuerConf","idpHint","authzRequestEndpoint","authorization_endpoint","params","URLSearchParams","client_id","request_uri","append","authUrl","completePidUserAuthorizationWithQueryMode","parseAuthorizationResponse","completeEaaUserAuthorizationWithQueryMode","getRequestedCredentialToBePresented","appFetch","arguments","length","undefined","fetch","toString","requestObject","method","then","res","text","jws","reqObj","header","protectedHeader","payload","reason","completeUserAuthorizationWithFormPostJwtMode","_issuerConfig","pid","_ref","wiaCryptoContext","dcqlQueryResult","evaluateDcqlQuery","dcql_query","authRequestObject","nonce","responseUri","response_uri","remotePresentation","prepareRemotePresentations","authzResponsePayload","createAuthzResponsePayload","state","body","response","resUriRes","headers","reqUri","json","redirect_uri","cbRes","decodedJwt","authRes","_ref2","kid","getPublicKey","setProtectedHeader","typ","setPayload","vp_token","presentations","reduce","_ref3","credentialId","vpToken","setIssuedAt","setExpirationTime","sign"],"sourceRoot":"../../../../../src","sources":["credential/issuance/v1.0.0/03-complete-user-authorization.ts"],"mappings":"AAAA,SACEA,iCAAiC,EACjCC,uBAAuB,EACvBC,wBAAwB,QAEnB,qBAAqB;AAC5B,SAASC,gBAAgB,QAAQ,qBAAqB;AACtD,OAAOC,QAAQ,MAAM,WAAW;AAEhC,SACEC,mBAAmB,EACnBC,yBAAyB,EACzBC,gBAAgB,QACX,uBAAuB;AAC9B,SACEC,MAAM,EACNC,OAAO,QAEF,6BAA6B;AACpC,SAASC,sBAAsB,QAAQ,SAAS;AAChD,SAASC,kBAAkB,QAAQ,wBAAwB;AAC3D,SAASC,kBAAkB,EAAEC,qBAAqB,QAAQ,kBAAkB;AAC5E,SAASC,QAAQ,EAAEC,MAAM,QAAQ,wBAAwB;AACzD,SAASC,gBAAgB,QAAQ,iCAAiC;AAClE,SAASC,kBAAkB,IAAIC,sBAAsB,QAAQ,2BAA2B;AAIxF,OAAO,MAAMC,6CAA2G,GACtH,MAAOC,eAAe,IAAK;EACzBL,MAAM,CAACM,GAAG,CACRP,QAAQ,CAACQ,KAAK,EACb,+HACH,CAAC;EACD,MAAMC,KAAK,GAAGnB,QAAQ,CAACgB,eAAe,CAAC,CAACG,KAAK;EAE7C,MAAMC,aAAa,GAAGxB,iCAAiC,CAACyB,SAAS,CAACF,KAAK,CAAC;EACxE,IAAI,CAACC,aAAa,CAACE,OAAO,EAAE;IAC1B,MAAMC,OAAO,GAAG1B,uBAAuB,CAACwB,SAAS,CAACF,KAAK,CAAC;IACxD,IAAI,CAACI,OAAO,CAACD,OAAO,EAAE;MACpBX,MAAM,CAACM,GAAG,CACRP,QAAQ,CAACc,KAAK,EACb,mDAAkDJ,aAAa,CAACK,KAAK,CAACC,OAAQ,EACjF,CAAC;MACD,MAAM,IAAIlB,kBAAkB,CAACY,aAAa,CAACK,KAAK,CAACC,OAAO,CAAC,CAAC,CAAC;IAC7D;;IACAf,MAAM,CAACM,GAAG,CACRP,QAAQ,CAACc,KAAK,EACb,2CAA0CG,IAAI,CAACC,SAAS,CAACL,OAAO,CAAE,EACrE,CAAC;IACD,MAAM,IAAId,qBAAqB,CAC7Bc,OAAO,CAACM,IAAI,CAACJ,KAAK,EAClBF,OAAO,CAACM,IAAI,CAACC,iBACf,CAAC;EACH;EACA,OAAOV,aAAa,CAACS,IAAI;AAC3B,CAAC;AAEH,OAAO,MAAME,qBAA2D,GACtE,MAAAA,CAAOC,gBAAgB,EAAEC,QAAQ,EAAEC,UAAU,EAAEC,OAAO,KAAK;EACzD,MAAMC,oBAAoB,GAAGF,UAAU,CAACG,sBAAsB;EAE9D,MAAMC,MAAM,GAAG,IAAIC,eAAe,CAAC;IACjCC,SAAS,EAAEP,QAAQ;IACnBQ,WAAW,EAAET;EACf,CAAC,CAAC;EAEF,IAAIG,OAAO,EAAE;IACXG,MAAM,CAACI,MAAM,CAAC,SAAS,EAAEP,OAAO,CAAC;EACnC;EAEA,MAAMQ,OAAO,GAAI,GAAEP,oBAAqB,IAAGE,MAAO,EAAC;EAEnD,OAAO;IAAEK;EAAQ,CAAC;AACpB,CAAC;AAEH,OAAO,MAAMC,yCAAmG,GAC9G,MAAO5B,eAAe,IAAK;EACzBL,MAAM,CAACM,GAAG,CACRP,QAAQ,CAACQ,KAAK,EACb,2GACH,CAAC;EACD,MAAMC,KAAK,GAAGnB,QAAQ,CAACgB,eAAe,CAAC,CAACG,KAAK;EAE7C,OAAO0B,0BAA0B,CAAC1B,KAAK,CAAC;AAC1C,CAAC;AAEH,OAAO,MAAM2B,yCAAmG,GAC9GA,CAAA,KAAM;EACJ,MAAM,IAAI5C,yBAAyB,CACjC,2CAA2C,EAC3C,OACF,CAAC;AACH,CAAC;AAEH,OAAO,MAAM6C,mCAAuF,GAClG,eAAAA,CAAOf,gBAAgB,EAAEC,QAAQ,EAAEC,UAAU,EAAuB;EAAA,IAArBc,QAAQ,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAGG,KAAK;EAC7DzC,MAAM,CAACM,GAAG,CACRP,QAAQ,CAACQ,KAAK,EACb,sGACH,CAAC;EACD,MAAMkB,oBAAoB,GAAGF,UAAU,CAACG,sBAAsB;EAC9D,MAAMC,MAAM,GAAG,IAAIC,eAAe,CAAC;IACjCC,SAAS,EAAEP,QAAQ;IACnBQ,WAAW,EAAET;EACf,CAAC,CAAC;EAEFrB,MAAM,CAACM,GAAG,CACRP,QAAQ,CAACQ,KAAK,EACb,oCAAmCkB,oBAAqB,IAAGE,MAAM,CAACe,QAAQ,CAAC,CAAE,EAChF,CAAC;EAED,MAAMC,aAAa,GAAG,MAAMN,QAAQ,CACjC,GAAEZ,oBAAqB,IAAGE,MAAM,CAACe,QAAQ,CAAC,CAAE,EAAC,EAC9C;IAAEE,MAAM,EAAE;EAAM,CAClB,CAAC,CACEC,IAAI,CAACzD,gBAAgB,CAAC,GAAG,EAAEE,mBAAmB,CAAC,CAAC,CAChDuD,IAAI,CAAEC,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBF,IAAI,CAAEG,GAAG,IAAKvD,MAAM,CAACuD,GAAG,CAAC,CAAC,CAC1BH,IAAI,CAAEI,MAAM,IACXhD,gBAAgB,CAACS,SAAS,CAAC;IACzBwC,MAAM,EAAED,MAAM,CAACE,eAAe;IAC9BC,OAAO,EAAEH,MAAM,CAACG;EAClB,CAAC,CACH,CAAC;EAEH,IAAI,CAACT,aAAa,CAAChC,OAAO,EAAE;IAC1BX,MAAM,CAACM,GAAG,CACRP,QAAQ,CAACc,KAAK,EACb,+CAA8C8B,aAAa,CAAC7B,KAAK,CAACC,OAAQ,EAC7E,CAAC;IACD,MAAM,IAAIvB,gBAAgB,CAAC;MACzBuB,OAAO,EAAE,kCAAkC;MAC3CsC,MAAM,EAAEV,aAAa,CAAC7B,KAAK,CAACC;IAC9B,CAAC,CAAC;EACJ;EACA,OAAO4B,aAAa,CAACzB,IAAI,CAACkC,OAAO;AACnC,CAAC;AAEH,OAAO,MAAME,4CAAyG,GACpH,MAAAA,CACEX,aAAa,EACbY,aAAa,EACbC,GAAG,EAAAC,IAAA,KAEA;EAAA,IADH;IAAEC,gBAAgB;IAAErB,QAAQ,GAAGI;EAAM,CAAC,GAAAgB,IAAA;EAEtCzD,MAAM,CAACM,GAAG,CACRP,QAAQ,CAACQ,KAAK,EACb,sHACH,CAAC;EAED,MAAMoD,eAAe,GAAG,MAAMxD,sBAAsB,CAACyD,iBAAiB,CACpEjB,aAAa,CAACkB,UAAU,EACxB,CAACL,GAAG,CACN,CAAC;EAED,MAAMM,iBAAiB,GAAG;IACxBC,KAAK,EAAEpB,aAAa,CAACoB,KAAK;IAC1BzC,QAAQ,EAAEqB,aAAa,CAACd,SAAS;IACjCmC,WAAW,EAAErB,aAAa,CAACsB;EAC7B,CAAC;EAED,MAAMC,kBAAkB,GACtB,MAAM/D,sBAAsB,CAACgE,0BAA0B,CACrDR,eAAe,EACfG,iBACF,CAAC;EAEH,MAAMM,oBAAoB,GAAG,MAAMC,0BAA0B,CAAC;IAC5DC,KAAK,EAAE3B,aAAa,CAAC2B,KAAK;IAC1BJ,kBAAkB;IAClBR;EACF,CAAC,CAAC;EAEF1D,MAAM,CAACM,GAAG,CACRP,QAAQ,CAACQ,KAAK,EACb,2BAA0B6D,oBAAqB,EAClD,CAAC;;EAED;EACA;EACA;EACA;EACA;EACA;EACA;EACA;;EAEA,MAAMG,IAAI,GAAG,IAAI3C,eAAe,CAAC;IAC/B4C,QAAQ,EAAEJ;EACZ,CAAC,CAAC,CAAC1B,QAAQ,CAAC,CAAC;EAEb,MAAM+B,SAAS,GAAG,MAAMpC,QAAQ,CAACM,aAAa,CAACsB,YAAY,EAAE;IAC3DrB,MAAM,EAAE,MAAM;IACd8B,OAAO,EAAE;MACP,cAAc,EAAE;IAClB,CAAC;IACDH;EACF,CAAC,CAAC,CACC1B,IAAI,CAACzD,gBAAgB,CAAC,GAAG,EAAEE,mBAAmB,CAAC,CAAC,CAChDuD,IAAI,CAAE8B,MAAM,IAAKA,MAAM,CAACC,IAAI,CAAC,CAAC,CAAC;EAElC,MAAMZ,WAAW,GAAGrE,sBAAsB,CAACe,SAAS,CAAC+D,SAAS,CAAC;EAC/D,IAAI,CAACT,WAAW,CAACrD,OAAO,EAAE;IACxBX,MAAM,CAACM,GAAG,CACRP,QAAQ,CAACc,KAAK,EACb,4CAA2CmD,WAAW,CAAClD,KAAK,CAACC,OAAQ,EACxE,CAAC;IACD,MAAM,IAAIvB,gBAAgB,CAAC;MACzBuB,OAAO,EAAE,gCAAgC;MACzCsC,MAAM,EAAEW,WAAW,CAAClD,KAAK,CAACC;IAC5B,CAAC,CAAC;EACJ;EAEA,OAAO,MAAMsB,QAAQ,CAAC2B,WAAW,CAAC9C,IAAI,CAAC2D,YAAY,CAAC,CACjDhC,IAAI,CAACzD,gBAAgB,CAAC,GAAG,EAAEE,mBAAmB,CAAC,CAAC,CAChDuD,IAAI,CAAEC,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBF,IAAI,CAACjD,kBAAkB,CAAC,CACxBiD,IAAI,CAAEiC,KAAK,IAAK5C,0BAA0B,CAAC4C,KAAK,CAACC,UAAU,CAAC3B,OAAO,CAAC,CAAC;AAC1E,CAAC;;AAEH;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMlB,0BAA0B,GACrC8C,OAAgB,IACQ;EACxB,MAAMvE,aAAa,GAAGtB,wBAAwB,CAACuB,SAAS,CAACsE,OAAO,CAAC;EACjE,IAAI,CAACvE,aAAa,CAACE,OAAO,EAAE;IAC1B,MAAMC,OAAO,GAAG1B,uBAAuB,CAACwB,SAAS,CAACsE,OAAO,CAAC;IAC1D,IAAI,CAACpE,OAAO,CAACD,OAAO,EAAE;MACpBX,MAAM,CAACM,GAAG,CACRP,QAAQ,CAACc,KAAK,EACb,mDAAkDJ,aAAa,CAACK,KAAK,CAACC,OAAQ,EACjF,CAAC;MACD,MAAM,IAAIlB,kBAAkB,CAACY,aAAa,CAACK,KAAK,CAACC,OAAO,CAAC,CAAC,CAAC;IAC7D;;IACAf,MAAM,CAACM,GAAG,CACRP,QAAQ,CAACc,KAAK,EACb,2CAA0CG,IAAI,CAACC,SAAS,CAACL,OAAO,CAAE,EACrE,CAAC;IACD,MAAM,IAAId,qBAAqB,CAC7Bc,OAAO,CAACM,IAAI,CAACJ,KAAK,EAClBF,OAAO,CAACM,IAAI,CAACC,iBACf,CAAC;EACH;EACA,OAAOV,aAAa,CAACS,IAAI;AAC3B,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMmD,0BAA0B,GAAG,MAAAY,KAAA,IAQZ;EAAA,IARmB;IACxCX,KAAK;IACLJ,kBAAkB;IAClBR;EAKF,CAAC,GAAAuB,KAAA;EACC,MAAM;IAAEC;EAAI,CAAC,GAAG,MAAMxB,gBAAgB,CAACyB,YAAY,CAAC,CAAC;EAErD,OAAO,IAAIzF,OAAO,CAACgE,gBAAgB,CAAC,CACjC0B,kBAAkB,CAAC;IAClBC,GAAG,EAAE,KAAK;IACVH;EACF,CAAC,CAAC,CACDI,UAAU,CAAC;IACV;AACN;AACA;AACA;AACA;IACM,IAAIhB,KAAK,GAAG;MAAEA;IAAM,CAAC,GAAG,CAAC,CAAC,CAAC;IAC3BiB,QAAQ,EAAErB,kBAAkB,CAACsB,aAAa,CAACC,MAAM,CAC/C,CAACF,QAAQ,EAAAG,KAAA;MAAA,IAAE;QAAEC,YAAY;QAAEC;MAAQ,CAAC,GAAAF,KAAA;MAAA,OAAM;QACxC,GAAGH,QAAQ;QACX,CAACI,YAAY,GAAGC;MAClB,CAAC;IAAA,CAAC,EACF,CAAC,CACH;EACF,CAAC,CAAC,CACDC,WAAW,CAAC,CAAC,CACbC,iBAAiB,CAAC,IAAI,CAAC,CACvBC,IAAI,CAAC,CAAC;AACX,CAAC"}